What doesn't make sense in that argument is why you couldn't just simply upsell the customer to a managed fw solution etc if that's the concern.
This doesn't work for a consumer broadband ISP, where the customers won't be upsold to anything and the average consumer just expects the network to be "safe".
Hmm. I disagree, and consumers with those expectations would be advised to read their service agreements which they signed and accepted closely.
Educate them, and let them decide based on the education they received.
Education does not work for a consumer ISP, whether broadband or dialup, due to scaling limits. Might or might not work for a lease-line business ISP.
Sure it does. Depends on what you consider education. I wasn't referring to a two hour class, but the type of discussion a sales rep has with their customer when you sign up for service. Doesn't a regular cable sales rep offer you HBO, Showtime etc packages when you sign up? Why not offer you a no-charge filter service? (granted, I said upsell in my first post, perhaps that was the wrong term). I do not believe that by default, opt-out filtering is a good practice for an ISP.
Well, again, I don't believe in 'censoring' traffic by default.
My perspective isn't about philosophy, but rather what is practical and sensible from a business perspective.
Quit splitting hairs. I do not believe that by default, opt-out filtering is a practical and sensible from a business perspective for an ISP. You may disagree, this is a free country last time I checked.
I wouldn't be so sure, particularly because of the legal exposure...
The major consumer broadband ISPs have already discovered that their legal exposure would be higher if they did not filter a small number of protocols, than it is with filtering that small number of protocols, which is the current common case with consumer broadband ISPs today.
Pointers, background please. And how is that sold and presented to the customer? What sort of legal ramifications have been discovered? How is the tech support role addressed?
And as has been pointed out, you can ALWAYS punch a hole in the filter for customers who like to live risky, or they can find other ways to tunnel their packets.
At SP scale? Think again.
Filtering by default and punching holes upon request works fine for Media-One's cable modem service in the US Northeast, so that approach CAN work fine at a large-sized service provider scale (they are an existence proof).
Oh yeah? While I happen to use MediaOne (because I can't get anything else where I live) and it seems to work most of the time, it is damn near impossible to find anyone who has a clue about anything (or cares) thru the tech support channels. And I don't consider spending 1.5hrs+ on hold to speak with a junior tech support person an accessible alternative. I do know from my fw at home that no filtering whatsoever is done. In fact, the service agreement clearly states that you're basically on your own. If this is available (and accessible) in the northeast, consider yourself *very* fortunate. If MediaOne (or my employer if I were be able to get DSL) were to start filtering traffic and gave me no reasonable way to opt-out or customize, I would probably be a very dissatisfied customer. Currently, some of these support channels only work well if you don't need support.
Different service providers might well make different business decisions, but lets not confuse a business decision with what is/isn't technically feasible. They aren't the same thing.
I don't think I said anything to that affect. Further, a less presumptious stance would be appreciated. I do believe that an opt-in approach is the better one, rather than opt-out. Cheers, Chris -- Christian Kuhtz <ck@arch.bellsouth.net> -wk, <ck@gnu.org> -hm Sr. Architect, Engineering & Architecture, BellSouth.net, Atlanta, GA, U.S. "I speak for myself only."