On 8/30/06, Simetrical Simetrical+wikitech@gmail.com wrote:
On 8/30/06, Gregory Maxwell gmaxwell@gmail.com wrote:
It can be easily configured so that anyone with access to the secret has privileged access to the server and, already, anyone with privileged access to the server could be logging IPs.
Yes, but again, there's no good reason to allow anyone without privileged access to the server to see the IPs in the first place, encoded or not, so why bother encoding them for storage? *If* you're going to allow people to view the connections the way AOL did, you may as well assign arbitrary numbers (say, chronologically) rather than some encoded form of the IP, since that's easier to implement *and* more secure, if only marginally.
It's not easier to impliment numbering IPs, actually. Hashing is memoryless.
The reason to use it for storage is the above mentioned paranoia about being able to make sure things are not retained too long....
It's all a silly and pointless argument in my view, and it's really off topic for this list.