PATRIOT/USA technical problems, call to action

• Previous message (by thread): BGP noise tonight? (fwd)
• Next message (by thread): PATRIOT/USA civil liberties issues
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Democracy is not a spectator sport.

The US House (hr.2975 PATRIOT) and US Senate (s.1510 USA) have 
introduced bills that will cost ISPs a lot of money -- potentially tens 
of thousands of dollars -- even for small ISPs.

Unlike CALEA, there is no requirement that ISPs be reimbursed.

This happened because the legislators are clueless about technical 
requirements.  It is up to you to educate them!

With the bombing started, it is thought that the bills will be pushed 
through this week, without going through the normal committee review.

Each and every one of you MUST call your legislators, where you work and 
again where you live.  Call your Senator, and then call your 
Representative.  Do not send email, it won't get read soon enough!

Since Monday is a legal holiday of sorts, you may have to wait until 
Tuesday morning, but try on Monday anyway.

--

Urge your representatives in Congress to hold full hearings, and fix 
technical problems.

1. Call the White House switchboard at 202-224-3121, and ask to be 
connected to the office of your Congressional representative.
 -or-
   Look up the office numbers on the web at www.house.gov and 
www.senate.gov.

2. When you are put through, say "May I please speak to the staff member 
who is working on the anti-terrorism legislation?" If that person is not 
available to speak with you, say "May I please leave a message?"

3. Briefly explain that you work for an Internet Service Provider, and 
although you appreciate the efforts of your representative to address 
the challenges brought about by the September 11th tragedy, it would be 
a mistake to make any changes in the federal wiretap statute that do not 
respond to "the immediate threat of investigating or preventing 
terrorist acts."

--

If they want to talk details, here they are:

Both bills add "addressing" and "routing" to the list of activities that 
can be requested without a specific court order.  So, just like call 
setup for the phone companies, every single address that you assign, via 
DHCP or otherwise, and every ARP, RIP, OSPF, and BGP routing table 
change, must be recorded for posterity -- just in case any state or 
federal agents want to review it someday.  No time limits, and no 
statute of limitations.

Some lawyers read this to extend to tracking every URL accessed through 
your POPs, and every email To: and From: transmitted over your networks, 
since they both can be considered "addressing" and your activity 
"routing".

Obviously, the legislators don't quite understand what a dynamic 
packet connectionless Internet means!

--

My solution, after talking to several Representatives and Senators 
staffs, is to add clarification to the definitions section 3127: 

 (7) the term "addressing" means a numeric identifier that assists the 
delivery of electronic communications over a specific link, attached to 
the outermost encapsulation of the communication (but not including the 
contents of such communication).

 (8) the term "routing" means the numeric internetwork locator 
associated with a communication that facilitates its carriage between 
electronic communication services, contained within the internetwork 
communication encapsulation (but not including the contents of such 
communication).

--

As you can see, my solution means you can do it with standard tools, 
like tcpdump or snort, and unlike phone call setup, there's nothing in 
the definitions that indicates the information has to be recorded for 
future requests....

-- 
William Allen Simpson
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32

• Previous message (by thread): BGP noise tonight? (fwd)
• Next message (by thread): PATRIOT/USA civil liberties issues
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]