abuse standards & consumer reports
Paul Vixie
vixie at vix.com
Sun Apr 11 18:01:27 UTC 2004
> > 1. there is no single and widely used abuse reporting format that can be
> > automated at both the victim and responding sides.
>
> I haven't been paying attention lately, but wasn't there an
> internet-draft on that a few years back?
several. see <http://www.ietf.org/html.charters/inch-charter.html>. INCH
isn't specifically designed for abuse but it's supposed to have an extensible
schema (or so i was told).
> > 2. there is no single, compelling, honest ethical standard like "the good
> > housekeeping seal of approval" in our industry.
>
> A consumers' union for the Internet? Didn't ISP/C have some activities
> along this line, once upon a time?
a "consumer's union" lookalike won't do it. individual endusers rarely
have choices about who they use for access -- they get it from a dwindling
selection of local dsl providers, or from their cable company. since they
aren't making buying decisions now, it wouldn't do any good to give them
reasons to choose one access provider over another.
where this matters is in the commercial sector, where there's an RFP process
for IP transit, or a contract process for BGP peering. to that end, what's
needed is something that these documents can refer to -- "member in good
standing of $FOO" or "complies with RFC $BAR" are examples. ISP/C wouldn't
have been a good example since the members of same who wanted to standardize
ethics were seen by the rest as moralistic whackos.
as i watch yahoo and others launch anti-spam crusades it pains me that if
they would simply have declared universal support of verified permission, and
set a date by which they would require it from their suppliers and BGP peers,
this would have further criminalized spam just by comparison. but since these
companies don't want the perceived costs of verifying permission, they're
stuck trying to criminalize "spam" when there is no difference, in principle,
between what "spammers" do and what "reputable companies" do. lazy-lazy-lazy.
--
Paul Vixie
More information about the NANOG
mailing list