nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Schneier: ISPs should bear security burden

From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Wed, 27 Apr 2005 13:39:26 -0400

In message <20050426.200918.11519.516537 () webmail04 lax untd com>, "Fergie (Paul
 Ferguson)" writes:



I've been there -- I know how I feel about it -- but I'd love
to know how ISP operations folk feel about this.

Links here:
http://www.vnunet.com/news/1162720



At a recent forum at Fordham Law School, Susan Crawford -- an attorney, 
not a network operator -- expressed it very well: "if we make ISPs into
police, we're all in the ghetto".

Bruce is a smart guy, and a good friend of mine, but he's not a network 
operator or architect.  There are a small number of times when 
operators can, should, and -- in a very few cases -- act, but those 
are rare.  The most obvious case is flooding attacks, since they represent 
an abuse of the network itself; operators also have responsibility for 
other pieces of the infrastructure they control, such as (many) name 
servers.

                --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Previous By Date Next
Previous By Thread Next

Current thread: