Schneier: ISPs should bear security burden

• Previous message (by thread): Schneier: ISPs should bear security burden
• Next message (by thread): Schneier: ISPs should bear security burden
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <20050426.200918.11519.516537 at webmail04.lax.untd.com>, "Fergie (Paul
 Ferguson)" writes:
>
>
>I've been there -- I know how I feel about it -- but I'd love
>to know how ISP operations folk feel about this.
>
>Links here:
>http://www.vnunet.com/news/1162720
>

At a recent forum at Fordham Law School, Susan Crawford -- an attorney, 
not a network operator -- expressed it very well: "if we make ISPs into
police, we're all in the ghetto".

Bruce is a smart guy, and a good friend of mine, but he's not a network 
operator or architect.  There are a small number of times when 
operators can, should, and -- in a very few cases -- act, but those 
are rare.  The most obvious case is flooding attacks, since they represent 
an abuse of the network itself; operators also have responsibility for 
other pieces of the infrastructure they control, such as (many) name 
servers.

		--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb

• Previous message (by thread): Schneier: ISPs should bear security burden
• Next message (by thread): Schneier: ISPs should bear security burden
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]