The US government has betrayed the Internet. We need to take it

Joe Greco jgreco at
Fri Sep 6 18:02:37 UTC 2013

> The problem being is when you do have a provider that appears to be 
> secure
> and out of reach, think lavabit, that provider will not survive for 
> long.
> The CALEA requirements, and Patriot Act provisions will force them into
> compliance.
> There only options are to:
> Disobey the law, unacceptable in my opinion
> Close down services, noble but I need to eat and you probably want to 
> keep getting email
> Compromise your principles and obey the law, the path often choosen.

Actually it might not be so horrible if the law was rewritten to be
more reasonable, and then on top of that if the executive branch would
stop inventing new definitions for words used in the law.

However, we shouldn't rely on either of those two things.

But the other big giant fail here is that we, as the engineers who have
built all this stuff, have made it exceedingly easy for users to "just
sign up with Gmail" and have totally failed at providing easy alternatives
for the average person to use.  That includes building intelligent, secure,
and easy-to-use security into MIME and email, and extends to policies by
ISP's designed to make it difficult to run your own server/services, and
winds up with software authors who totally fail at creating usable server
implementations.  And that's just a broad brush.  There are more failings
than that.

Reducing or eliminating the third party involvement in operating services 
would severely impact the ability to perform the sorts of blanket 
surveillance that we've seen.

There's no technically valid reason that my mother couldn't host and run
her own e-mail server on her home Internet connection.  Except that she
doesn't have a fixed IP.  And there's no software that would make it 
trivial for her to do so (there are honorable mentions, but really this
has got to be nearly as easy as plug-and-go).  

The Internet was designed as an any node to any node system.  The
insertion of ISP mail servers as an intermediate step made lots of sense
back in the days of shell and dialup.  It makes a little less sense now.

But the community is extremely resistant to change.  Certainly Gmail has
no incentive to suggest that people go run their own mail server.  And
we've created enough other roadblocks that it isn't likely to happen.  Sigh.

... JG
Joe Greco - Network Services - Milwaukee, WI -
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

More information about the NANOG mailing list