httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Mearns <mearn...@gmail.com>
Subject Re: [users@httpd]
Date Wed, 11 Nov 2009 03:42:59 GMT
On Tue, Nov 10, 2009 at 10:29 PM, Stephen Love <stephenlove@juno.com> wrote:
> Ok, now we're getting somewhere... just ENOUGH to eliminate the path
> inbetween... I'd just like to ask APACHE for a unique signature of the
> machine sending the message to compare it against others. Nothing more,
> nothing less.
>
>
> See us online at http://www.LOVEnCompany.com.
>

Well, see my most recent message, but just to summarize, apache can't
uniquely identify the end machine on it's own, all it has is what that
machine send to it, which is IP packet, which contains the TCP packet,
which contains the HTTP packet, none of which include (on their own) a
unique identifier for the end machine. The best you can do with just
these protocols is generate a unique id, send it to the client, and
ask them to send it back. You can do this using cookies, or by
encoding the id in the URL. But either way, you're relying on the end
user to cooperate (i.e., send back the same identifier). If you're
looking for something that they can't reasonably fake or alter without
your knowing, you'll need a crypto protocol like TLS (again, see my
last message).

-Brian

-- 
Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://keys.gnupg.net

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message