There's a simple, non-invasive way to
determine the IP address of an AOL client, which I've been
looking into recently: use SSL sign-on. Make the login links go to
https://secure.wikimedia.org, and
redirect them back when they're logged in. SSL requests skip the proxy cluster. We
would store the
IP address at login in the session, and then continue to use that IP address for the user
after they
return to the unsecured part of the site. And of course there are security benefits for
all users.
This would mean requiring that AOL users log in before edit. Sad, but more open than many
proposed
solutions.
While we're at it, why not have everyone sign in securely? If the
technology is in place to allow this, we should take advantage of it.