der Mouse wrote:
Responsibility, in the sense of accountability for (potential) abuse,
is a meatspace thing, not amentable to being part of a network
protocol, so at least _some_ of this must be done out-of-band with
respect to the protocol.
On thefreedictionary I read
Synonyms: responsible, answerable, liable, accountable, amenable
These adjectives share the meaning obliged to answer, as for one's
actions, to an authority that may impose a penalty for failure.
Because the IETF cannot even enforce protocol compliance, addressing
responsibility implies identifying an authority that has the power
of imposing some kind of penalty.
Providers MUST be held _directly_ accountable.
Right. But until this is fixed at the top, I see little hope it will
happen in the lower levels, except sporadically. (The places that do
do it are exceptional, and, in the cases where I'm in a position to
know why they do it, they do it not because they are held accountable
by whoever assigned the resources to them but because they are ethical
enough to feel a compulsion to do what's right even when they're _not_
overtly held accountable. While this mindset is common enough for us
to have words for it, it is not nearly common enough to save the net
from the disasters that governmental disconnect between authority and
responsibility leads to.)
I think we can safely withdraw the naive picture where carriers act
as authorities, and forget about the possibility that anything will
be eventually "fixed at the top", except for possible devout
beliefs. On this Earth, ethical mindsets are still powerful
intellectual tools that bring visions and may allow to plan for
decades. Although such planning usually results in optimization of
revenues in the long run, uncertainty about the future wreaks those
greedy and short-sighted behaviors that currently are the norm.
To cope with that, protocols need to introduce ad-hoc authorities
whenever responsibility is required. For mail, those may involve
DNSBLs, CAs, VBR vouchers, and similar kinds of independent
organizations. We are already relying on them, unofficially. For
increased cooperation, we better make that explicit.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg