Subject: Re: net.terrorism Date: Tue, 09 Jan 2001 04:37:37 -0800 From: Paul A Vixie <vixie@mfnx.net> [...] why are we discussing this on nanog?
Well, it sounds like an operational issue. As described in the original post, a group is disrupting Internet connectivity to some destinations to achieve certain policy objectives. This has a number of adverse implications. o Policy-based "disconnectivity", like any other source of connectivity problems, makes the Internet appear less reliable and less predictable to the end user. Only a relatively sophisticated end user can differentiate broken connectivity caused by policies from other sources of connectivity problems. Adding yet another cause of difficult-to-diagnose connectivity problems hardly seems like a good thing. o Whatever the official marketing literature may say, the effectiveness of routing-based disconnectivity is generally based to a large extent on inflicting pain on third parties. That is, if the policy-based disconnectivity causes enough pain to enough people, then the originating network or ISP will have an incentive ("be forced") to remove the activity that violates the policy. This basic strategy hardly seems like a good thing. o Policy-based disconnectivity techniques would appear to set a bad precedent. That is, this activity tends to legitimize the use by ISPs of black-hole routing to enforce various acceptable use policies. To the extent that the network community endorses black-hole routing as an acceptable tool for enforcing anti-spam policies, the technique is more likely to be applied in the enforcement of other policies. For example, French courts could conceivably decree a policy-based disconnectivity solution to protect users in France from auction sites selling Nazi memorabilia (i.e., Yahoo). (After all, if the technique is acceptable for relatively minor social ills like spam, then surely it is acceptable to use it for more significant social problems). German courts could conceivably require German ISPs to black-hole foreign "hate" sites. (By the way, I believe that a number of prominent organizations have taken stands against the filtering based on content of certain foreign sites by some totalitarian countries. I don't think these organizations are are saying that it is wrong to filter based on political content, but OK to filter on, for example, less-political content such as spam. ) I believe that legitimizing the use of "disconnectivity" techniques (whether they are routing-based or filter-based and whether they are "voluntary" [voluntary to whom?] or mandatory) to further policy objectives is a really bad thing. It is not altogether obvious to me that the cure is not worse than the disease in this case. -tjs