In a separate thread, under Yakov's suggestion, the solution part of
this discussion is now probably moving on to the closed ASRG list
(with open archive) as posted in
I'd like to now address the other part of Yakov's reply below, or
"Why not keep the old design if we can get back to the old assumption?"
Yakov Shafranovich wrote:
Ed Gerck wrote:
The *possibility* of spam is due to an Internet design based on an
honor system for the end points. The model being that the connection
was less trusted than the end points. Access to the end points was
granted under an honor system and usage rules were enforceable.
Reality showed that the model was upside down for commercial operation.
The end points cannot be controlled and are in fact less trusted than
the connection. Anyone can connect to the network. There is no honor
system. Usage rules are not enforceable -- users can hide and change
their end points.
The original design relied on the human assumption that someone would
enforce the rules. In a commercial world, for some reason or another,
the network operators either cannot or do not want to enforce the rules.
If the network operators are able to enforce usage rules, that can make
a difference without resorting to any changes in the underlying
I is simply not possible to go back to the old assumption. We cannot
effectively limit any particular user to NOT use the Internet. True, ISPs
and the law can chase the guy round but he can run, he can hide and he
can change his end point at will.
How about network operators being able to enforce rules, as you suggest
above, could that make a difference *without* resorting to any changes
in the underlying architecture? Well, as you yourself wrote today in
another thread, no. I share your concerns:
My concern with your approach is with the fact that SPs can employ such
measures against someone else without proof, simply cutting off
connectivity for some stupid reason and blaming it on not handling abuse
reports. What about ISPs erring on the side of caution and cutting off
an entire netblock? Is there a provision for an accused "pollutor" to
appeal the decision against the SP that is employing the practice? These
are some of the questions that come up off-hand, I will be more than
happy to discuss the entire document in detail with you off-list.
Even in the real world, while there are consequences for actions, there
are numerous checks and balances that make sure that the right person is
actually punished for the actions that he or she actually did. This is
why we have courts, appeals, clemency, etc. to mention a few. The same
checks and balances must be applied in any similar mechanisms in the
Internet arena. The problem is that these checks and balances make the
process slower. This is where we move away from the technical issues and
into the human ones, and this is where its gets very heated and political.
It is thus a rather weak argument to talk about "actions that have consequences"
in terms of a technical solution that the IETF can pursue to save the old
design based on an enforceable honor system. The consequences would need to
be arbitrated and we know how long, ineffective and expensive that can be.
We can't go back to the explicit trust present in the early Internet. As
Stef has mentioned, the DARPA Internet was more like a network than a
network of networks. The Internet has no staff or sysadmin that would
approve/remove users and enforce rules.
The solution to spam lies squarely in the IETF hands. We need an Internet
design where the end points are less trusted than the connection. The opposite
of what we have today. Only then, IMHO, can we have those kind of solutions
that the IETF can take on in order to really reduce the problem.
Of course, updating the Internet design to fit its current operating conditions
is useful not only to stop spam. Social engineering and spoofing attacks
also rely on the old honor system where users are trusted. "Trust no one"
should be the initial state under the new Internet paradigm.