[freenet-dev] What we are really after was Re: Short refs was Re: alternative to #freenet-refs
Michael Rogers
m.rogers at cs.ucl.ac.uk
Fri Nov 16 15:10:05 UTC 2007
Matthew Toseland wrote:
> Could be bundled with a copy of the node on a USB key.
This is a great idea - it could also be exchanged over IM etc.
> http://en.wikipedia.org/wiki/Secure_remote_password_protocol
This looks very cool, but you just know people will send the password by
email or IM. I've spent most of the day trying to exchange a password
with someone who doesn't have encrypted email, so I know how strong the
temptation is. ;-)
Public key fingerprints are much more secure, even if you chop them down
to 16 bytes to make them easier to exchange.
Cheers,
Michael
More information about the Devl
mailing list