[Re: Abstract of proposed Internet Draft for Best Current Practice (please comment)]

• Previous message (by thread): [Re: Abstract of proposed Internet Draft for Best Current Practice (please comment)]
• Next message (by thread): 60 Hudson
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thank you Josh, please see inline comments which let me clarify points

On Thu, 06 Mar 2003 13:17:35 -0500, Joshua Smith wrote:

>is there a forthcoming section on criterium for demonstrating reformation
>by the sp and/or 'offending' user?  

The criterion is stated: no more complaints

>
>the proposal does not take in to account the global differences in sp
>business models or ideals.  are the same standards to be applied to
>developing countries, or will they have a less rigorous set of criteria,
>a la current environment policies?

The Internet is worldwide so the same behavioral standard should apply,
just as do the same technical standards.  An RFC-compliant SMTP
message is the same at every point on the compass


>
>if there were 1000 compromised nodes that took place in a ddos, would you
>accept the larger dos caused by blacklisting those networks/hosts?

The only get blacklisted until they fix their spew.  Could take a
couple of hours.  First step is RTFM which most don't.

 how
>long would the sp's be expected to shoulder the 'collateral damage'
>caused by the blacklisting (see first question)? 

They'd be expected to be blacklisted until they ceased being a
danger to the internet, just as dangerous planes aren't allowed to
take off until they pass the inspection checklist, and bad risks
can't borrow money until they develop sound financial behavior.
Same principle.

 suppose that the next
>day, 500 nodes took place in another ddos, the policy imposed dos becomes
>even larger.  a skillful hacker could potentially cause a larger, and
>longer lasting dos.
>
Sounds like a good reason to get going on the problem.


>legislating morality does not work (think of the 'drug war' in america).
>you cannot correct social ills with a purely technical solution.

Well I don't understand the relevance of the above comment. I propose
no legislation and indeed specifically state that legislation is
useless and unnecessary.  

I also say this is not a technical solution.  All technical solutions
will fail, always, because the spammers are as smart as the anti-
spammers but more motivated.  This is a behavioral solution.  It is
the only one that will work.  Everything else will fail.

Jeffrey Race

• Previous message (by thread): [Re: Abstract of proposed Internet Draft for Best Current Practice (please comment)]
• Next message (by thread): 60 Hudson
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]