On Mon, 2003-11-17 at 16:44, Damian Gerow wrote: > Thus spake David Maynor (dave@0dayspray.com) [17/11/03 17:30]: > > This would break things like NATed machines and such. > > Could you explain how, please? I think David was hinting at pooled NAT address. Image an internal network that gets NATed to addresses a.b.c.d.5 until a.b.c.d.12. Kinda like Gary's "ganged" proxies. The debates over using IP addresses, ports, TTLs and other connection based elements do come up from time to time. However, you are trying to authenticate/verify the user on the other end, not networking equipment in between. Logically you should check user elements (such as browser ID perhaps). Or wrap it in SSL, use hard to guess/brute session ID's and hope for the best.... like the rest if us :) Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part