It is a usual practice for companies providing access to the Internet and for companies providing content and services on the Internet to generate logs of access and activity. Some examples of how logs are used are: for debugging and troubleshooting, detection and monitoring of abuse, statistical analysis, demographic analysis, report generation and other general business purposes.
Sometimes an important aspect of activity logging is identifying a specific computer or user associated with a specific activity. For this reason, it is desirable to have a unique identifier associated with each computer. One identifier commonly used in the MAC address associated with an Ethernet interface on the computer. MAC addresses are 48-bit addresses, typically installed by the manufacturer of an Ethernet interface card and used as the source address of Ethernet packets. It is normally expected that 48-bit MAC addresses are globally unique, and thus useful as unique identifiers of specific computers.
However, some Ethernet interfaces can be altered by sophisticated users so that arbitrary MAC addresses can be used. This means that users equipped with such tools can reconfigure their Ethernet interface hardware, and therefore masquerade as any computer, which in some cases defeats the purpose of uniquely identifying each specific computer. What is needed is a mechanism to validate MAC addresses, so that computers can be unique identified, while preventing unauthorized persons from masquerading as those computers.