Know the client can send a signed packet encrypted with the server public key for the server to verify.
Nice to be creative, but the problem with udp is that their is no bi-directional handshakes. Which means that you are just generating a udp packet. Packet sniffers really are wonderful things. People would be able to look at the output of one, see you send a single udp packet and then connect. They would just duplicate that packet to open up the port.
Now, take your idea, send a udp packet, be ready to receive one in return from the server(firewall issues?) and then send one back.
Slashdot Mirror
Know the client can send a signed packet encrypted with the server public key for the server to verify.
Nice to be creative, but the problem with udp is that their is no bi-directional handshakes. Which means that you are just generating a udp packet. Packet sniffers really are wonderful things. People would be able to look at the output of one, see you send a single udp packet and then connect. They would just duplicate that packet to open up the port.
Now, take your idea, send a udp packet, be ready to receive one in return from the server(firewall issues?) and then send one back.