ietf
[Top] [All Lists]

Re: VIRUS WARNING

2000-05-07 11:20:02
but sooner or later folks are going to be held liable for poor engineering
or poor implementation of networking software, just like folks today can be
held liable for poor engineering or implementation of bridges or buildings.

This discussion is highly relevant to the IETF list, if we
discuss the problems and how to overcome them, and avoid
the never-ending platform war discussions.

At the IETF meeting in December 1999, the issue was
discussed whether IETF should support changes in protocols
which would make it easier to find villains committing
crime on the net. This was discussed in a large plenary
meeting, with about a thousand people present. A very large
majority, something like 95 or 98 percent of those present,
voted against this. I was one of the few who voted yes.

Well, I was there, and I question the validity of your assessment of what was
going on. While it is true that there was a clear concensus opposed to adding
wiretapping facilities in the RAVEN sense, it was by no means 95-98 percent.

And even more important, this wasn't a vote about mechanisms that would make it
easier to find people who distribute viruses. Wiretapping has little if
anything to do with tracking down people who distribute virusus.

All of you who voted against designing Internet protocols
so as to help police finding the villain of criminal
net-behavour: Have you not changed your mind?

On wiretapping, no I haven't. Nor have I changed my mind about viruss.
But again, one of these has almost nothing to do with the other. The scope
of the question asked was very narrowly drawn. You're reading a lot more
into the question that was there.

Should we not
try to find and prosecute the people distributing viruses?

Of course we should. But again, this is a matter of having a useful security
infrastructure on the net, not wiretapping. I suspect that if you asked the
same group of people who voted against wiretapping how they felt about security
infrastructure you'd get a _very_ different response.

Should we not redesign the Internet, so that this becomes
easier, for example by doing more logging in the routers,
so that you can go back and check from where something
illegal came.

And once again you're switching topics. The issue of tracing traffic is quite
different from wiretapping and quite different from having the  tools to track
virus distribution end to end. These are three separate matters.

Or do you mean that this is impossible,
because the villains will just get more clever and learn to
cheat such procedures?

Your message is now so confused that there's no way I can answer this sensibly.

                                Ned



<Prev in Thread] Current Thread [Next in Thread>