On Wed, 2005-04-27 at 13:39 -0400, Steven M. Bellovin wrote: <snip>
At a recent forum at Fordham Law School, Susan Crawford -- an attorney, not a network operator -- expressed it very well: "if we make ISPs into police, we're all in the ghetto".
Bruce is a smart guy, and a good friend of mine, but he's not a network operator or architect. There are a small number of times when operators can, should, and -- in a very few cases -- act, but those are rare. The most obvious case is flooding attacks, since they represent an abuse of the network itself; operators also have responsibility for other pieces of the infrastructure they control, such as (many) name servers.
Internet service providers should ensure protective strategies do not harm hapless consumers. While an ISP's protective obligations easily include Domain Name and routing services, few systems withstand unfettered abuse or tampering. Should a provider expect active cooperation from others granted access to their networks? The strength of the Internet is dependent upon cooperation and policy enforcement. While an egalitarian view would insist all be granted equal access, a response to abuse should be considered, even when only guarding essential services. What is a reasonable threshold before a provider "rarely" acts? You listed only one, a flood attack. -Doug