Jonathan Schleifer wrote: > m 23.08.2008 um 00:20 schrieb Dirk Meyer: > >>> Woudln't that mean an attacker could chose the question and chose one >>> to which he knows the answer because it's not so secret? If an >>> attacker does that with both ends, he has won, because he selected >>> the >>> question. Correct me if I'm wrong. >> >> No correction, you are right. The riddle is a stupid idea. > > So we should go for SAS, I think.
SAS does not work for me when I use bots. It also reduces it to one way removing the option of X.509 certificates which is something I need. > Having a 32-bit SAS encoded with Mnemonics (like already suggested > here) really sounds like a great idea. Why not encode a key fingerprint with Mnemonics? Looks like the same to the user. Dirk -- BREAKFAST.COM halted... cereal port not responding!
