On Mon, Oct 05, 2009 at 03:55:02PM -0700, Owen DeLong wrote:
On Oct 5, 2009, at 11:23 AM, Barry Shein wrote:
Perhaps someone has said this but a potential implementation problem in the US are anti-trust regulations. Sure, they may come around to seeing it your way since the intent is so good but then again "we all decided to get together and blacklist customers who..." is not a great elevator pitch to an attorney-general no matter how good the intent.
That's not what is being discussed from my understanding.
From my understanding, the intent is to share names of known abusers and data necessary to help in tracking DDOS.
I don't believe that any ISP is expected to necessarily take any particular action determined by the group with respect to the list of names they are given.
I do think that it is reasonable to have an agreement among an industry organization or collaboration which states that ISPs which determine that abuse is being sourced from one of their customers (either through their own processes or by notification from another participant) should be expected to take the necessary steps to mitigate that abuse from exiting said ISPs autonomous system.
In a way, this is kind of like stores keeping a list of bad check writers. The whole information sharing thing can get more than a little touchy from a legal perspective. Then again, an independant database could also be viewed as a sort of internet credit agency. Stuff in a name, get a score back and certain flags and make your judgement based on that. "I'm sorry, I can't give you an email account. Your internet-karma rating came back below our minimum levels." -Wayne --- Wayne Bouchard web@typo.org Network Dude http://www.typo.org/~web/