Markus Stumpf <maex-lists-spam-ietf-asrg(_at_)Space(_dot_)Net> wrote:
There are two possible and effective points where to filter, they don't
need to be disjoint
a) at the borders of the ISP
b) at he gate to the customer
The cost factor is high for endusers and small companies. With customers
complaining about unacceptable costs for 20 USD DSL flatrates it may be
hard to argue: you have to buy a firewall of vendor X and pay 3000 USD
else you won't get access.
Then the ISP can filter any traffic which attacks the network
infrastructure.
I am working at an ISP. Our contracts with our customers say that we
deliver Internet from our borders to the gate at the customer and vice
versa.
We cannot start blocking ports as we like. We can't even block spamming
hosts on our customer mailstores - unless they serverly damage operating
of that mailstores.
Then your AUP and/or contracts need to change.
Your business model involves saving your customers money by allowing
them to attack me. You then say there's nothing you can do about it,
because the contract *you* wrote & signed with the customer, prevents
you from holding them responsible for their behaviour.
It's a cute trick, but it's evil.
See the LMAP discussion paper. The failure to account for *my*
costs means that your business model appears to be profitable, when it
really isn't.
The problem is that spammers have exactly the same business model,
and we already know it's unethical.
I can't see what is ethical with censorship.
Did I SAY "censorship"? I don't see why you're creating a straw
man.
This is why I put the rant about "free speech" into the first draft
of the LMAP discussion document. Your customers "free speech" is
bullshit when you're forcing *me* to pay for it.
If you hold your customers responsible for their behaviour, it's not
censorship, and there is no impact on "free speech". Go back & read
the rants about "free speech" in the document. They're very apropos.
According to our contract they have free and uncensored access to
the Internet.
I understand how that's nice, in an ideal world. The problem is
you're confusing "censorship" with "quality control". You're
confusing "censorship" with "self-protection". Your freedom to swing
your fist ends where my face begins. It's not a difficult concept.
Preventing your customers from sending forged messages which attack
the network infrastructure isn't censorship. e.g. Most customers
could probably forge ICMP "destination unreachable" messages, for your
routers, web servers, etc., and drop them off of the net. The only
reason you don't filter them is because it's difficult to do so.
If your customers *were* forging such messages about your hosts,
you'd learn quickly to either filter them, or to drop them as
customers. Complaints about "censorship" quickly become irrelevant
when it's your ass on the line, and your pocket paying for their
abusive behaviour.
And what if your customers were forging messages about *me*? Would
your contract prevent you from blocking that traffic, because you give
"uncensored" access to the net? Why is your network so much more
important than mine? Why shouldn't I claim the same thing about my
idiot customers who are attacking you?
Why can't we *both* cooperate, to be responsible netizens?
I don't understand what the problem is.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg