[Tech] [freenet-dev] Easier reference swapping
Michael Rogers
m.rogers at cs.ucl.ac.uk
Tue Mar 6 00:15:19 UTC 2007
Ian Clarke wrote:
> Not a bad idea, anyone see any problems with it?
It would be more secure to use a public key fingerprint instead of a
password - that way we only need to worry about active MITM, not
eavesdropping, and the ref can still be reasonably short (you could
trade off security against convenience by using a shorter fingerprint -
even 32 bits would be more secure than most passwords).
FWIW, Alliance refs are short base64 strings that seem to include the IP
address, port number and some kind of authentication token. Pretty
convenient for cutting and pasting.
Cheers,
Michael
More information about the Tech
mailing list