Why won't providers source-filter attacks? Simple.
marka at isc.org
Thu Feb 6 00:11:43 UTC 2014
In message <CABgOHgs0nEiTCQfOHM21cYwB5Z0PUpAnsWBqV=ppy4K24Zw5pQ at mail.gmail.com>
, Landon Stewart writes:
> Content-Type: text/plain; charset="ISO-8859-1"
> Content-Transfer-Encoding: quoted-printable
> On 4 February 2014 17:18, Mark Andrews <marka at isc.org> wrote:
> > > That would never fly, because it would put the politicians at odds with
> > > the telecom buddies that make huge political donations. Hard to throw
> > > someone in jail then hit them up for campaign money. What will
> > > probably happen is the same thing we do with everything else that might
> > > be used for evil purposes but where we don't want to tackle the real
> > > underlying problem -- just write a law banning something and hope the
> > > problem goes away.
> > No, you write a law requiring something, e.g. BCP 38 filtering by
> > ISPs, and you audit it. You also make the ISPs directors liable
> > for the impact that results from spoofed traffic from them.
> > Making it law puts all the ISP's in the country on a equal footing
> > with respect to implementation costs.
> This is a slippery slope if I've ever seen one. If we start having
> legislators making laws for how packets are served we are just begging for
> them to put their feet into all kinds of doors that we don't want them in.
Well when industries don't self regulate governments step in. This
industry is demonstratably incapble of regulating itself in this
area despite lots of evidence of the problems being caused for lots
of years. This has been DOCUMENTED BEST CURRENT PRACTICE for 13.5
years. Everybody else is having to deal the problems caused by
these bad actors.
Hell, I suspect you could send the directors to gaol or make them
pay a heavy fine today by properly examining the existing laws. A new
law would just make the problem more explicit.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG