It's an interesting idea - tokenize the keys. Don't some WAP clients
do that now? I know my router has a button on it & if I click the
button on my router and my PC at the same time, they auto-find each other.

The problem that I see is that WASTE is built on Trust and Privacy. If
all you needed to connect to a mesh was a token, it would reduce both
considerably.

The easiest way to get newbies on a mesh is to give them a
"boostrapped" WASTE client. By Bootstrapped, I mean it has all the
public keys needed to connect to the mesh pre-loaded. They still have
to give their public key to someone on the inside, but this is the
trust step in action - external confirmation that the person you're
connecting to is who they say they are before you accept their key.

Then all they need is the address to connect to.

1. Get boostrapped client.
2. Generate public key / give public key to "server" node.
3. Be accepted to the mesh, connect.

I believe there's an out of date bootstrapped client here in the Yahoo
group - I can update it with the latest key list.

--- In waste-discuss@yahoogroups.com, Michael Rogers <m.rogers@...> wrote:
>
> gratemyl wrote:
> > I think, the way WASTE is currently made, it can be difficult to get
> > more users - all the key stuff is too difficult for some users.
>
> Agreed - it should be possible to exchange just the key fingerprint
> instead of the whole key. When you connect to the peer you can download
> the key and check it matches the fingerprint before proceeding.
>
> > Maybe we could have an alternate waste without keys, or with
default keys?
>
> Not sure I agree with this - default keys would harm security, but it's
> possible to be secure without intimidating new users.
>
> It would be useful if the software displayed a short string containing
> the IP address, port and key fingerprint - something like
> 123.45.67.8:1234/jdhfg3q247ogk43ugi3qgb984h - that would contain
> everything your friends needed to connect to your peer.
>
> Cheers,
> Michael
>