On Fri, 26 Feb 1999, Bob Allisat wrote:

How about this astro... FCN, in protecting the privacy of it's law-abiding clients, keeps all information provided PRIVATE and CONFIDENTIAL. As per our Terms of Service. In the event of the rare abuse of our services those aflicted contact the appropriate authorities who, in term, begin investigating like they would any other complaint from the public. If the need arises they seek a court order for information which is otherwise confidential. The investigation continues to what is, hopefully, an appropriate conclusion. All with public oversight, civilian control and legal safeguards.

How utopian. The only problem with that argument is that stopping a DOS attack does not require that a provider to divulge confidential information about a customer anyways... Unless of course, someone is trying to bring legal action after the fact, which is normally accompanied by the court orders, subpoenas, etc that you cherish so much. Maybe I'm just doing something extraordinary, but if someone calls me up and says, "I'm seeing a massive smurf attack originating from X.Y.Z.A and we see that you own X.Y.Z.A-X.Y.Z.F. Can you verify and take action according to your AUP/TOS?", I can't think of why I would need to divulge client info to accede to that request.. I can just verify the veracity of the accuser's info, and take action. I'm just not following your logic, do you think that if someone calls and says "X.Y.Z.A is (insert DOS)ing me!", you must reply, "Oh yes, it's company XYZ.Net, they are so naughty!" Tim ---------------------------------------------------- Timothy M. Wolfe | Why surf when you can Sail? tim@clipper.net | Join Oregon's Premier Sr. Network Engineer | Wireless Internet Provider! ClipperNet Corporation | http://www.clipper.net/ ----------------------------------------------------