In article <10309.2406.30280@avi.netaxs.com> Pete Kruckenberg wrote: : One of the criticisms of the change relative to this group : is that the previous stronger wording for the network : operator industry was watered down. Instead of : expecting/demanding/mandating that the industry collaborate : on network security (creating an ISAC and other measures), : the latest draft simply recommends that the industry : consider these measures. : Is there anything happening with collaborative security : policy and remediation in the industry? Has any effort : showed progress towards an effective ISAC or similar? Can : networks realistically collaborate on security, or do the : political and operational barriers not justify the effort? : Pete. Anything should of an action plan involving money or regulation is a very weak policy. Suggestions have never had much of an effect on Internet operators. I guess the real question is: What is going to happen over the next few years to get the infrastructure of the Internet to be more robust? I don't see market forces doing it. I don't suggest that the government use regulation, either. Perhaps the Feds (and maybe states) could use their purchasing power to effect change. Short of that, or regulation, the I don't see how the serious issues we have with the 'net will get resolved. I suppose that the "problem" is likely that people don't understand what a nice actually well-written worm could/would do if it were targeted at the infrastructure. Avi