From: John C Klensin [mailto:john-ietf(_at_)jck(_dot_)com]
--On Monday, 05 March, 2007 09:15 -0800 "Hallam-Baker, Phillip"
While I have disagreed with many of the other things Phillip
has said in this thread, I am in complete agreement with this
one and taken much the same position for some time. Indeed,
I have long suspected that the highest-leverage remedy for
many spam and malware issues would start with considering
ISPs who supply SOHO and, even more important, residential,
connections without supplying or requiring such firewalls at
the boundary to be liable for the damage that results.
Quite, the technical part of my proposal is essentially a generalization of the
emergent principle of port 25 blocking. While people were doing this before
SUBMIT was proposed the SUBMIT proposal made it possible to do so without
negative impact on legitimate users.
How do we establish the political coalition necessary to act? There is clearly
additional discussion necessary within the IETF community to achieve a measure
of consensus. I agree that the IETF list is not the place for that.
We need more than just consensus in the IETF though. We need to convince the
ISPs to act who in turn must persuade the vendors of SOHO routers. The ISPs
have leverage, they write RFPs. The ISPs and others discuss this type of issue
in forums such as MAAWG. The institutional issue is how to present an IETF
consensus to such fora.
This need does not seem to be anticipated in the IETF constitution. The body
with the closest mandate would appear to be the IAB.
Ietf mailing list