[ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK

Philip Smith pfs at cisco.com
Thu Nov 14 04:02:39 EST 2002 

At 13:38 14/11/2002 +0700, Dr. Jeffrey Race wrote:
>On Thu, 14 Nov 2002 15:14:00 +1000, Philip Smith wrote:
> >What does spam have to do with the bodies allocating address space?
>
>I didn't raise the subject.  List members were whining about the
>pollution of IP addresses, as though (as Dickens wrote of the French
>Revolution) "it were the only harvest ever known under the skies
>that had not been sown--as if nothing had ever been done, or omitted
>to be done, that had led to it"

I know, we're way of the original topic. Spam is a rat hole sadly, but 
thankfully nothing to do with the RIRs.

>If your company rents a postbox and allows its employees to
>use it for fraud, the postal inspectors will shut the box, and possibly
>launch a criminal prosecution against you.

They may do where you live. In most places, if a company's employees use 
company resources for fraudulent purposes, the company solves the problem 
involving authorities as appropriate. I hadn't noticed the RIRs or ICANN 
being given the power of arrest.

>I apologize for the inclarity; I mean allowing allocated space to be
>used to commit fraud, theft of service and the like.

I get back to the question. What has this got to do with the RIRs? I don't 
live in a police state (you might do ;-), so unless we are considering 
inviting the governments to run the internet and magically stop all this 
spam, we need to work with the distributed trust model we have built over 
the last decade or so.

>Yes, in fact that is the SOP, but some ISPs intentionally profit from
>these criminal activities, and until they are threatened, they will
>continue to profit.   Same idea as the UUNet/WorldCom accounting
>frauds.   Nothing happened to the criminals at the top of the organization
>for a long time.  If the regulators had been doing their jobs the
>accounting frauds would have been much smaller in impact.

Won't comment on this. I only come back to analogy - should the people who 
are printing the US$ notes that these people are using fraudulently be held 
responsible for stopping them. Interesting concept.

>And by the way, the irony is that UUNet/MCI are one of the biggest
>profiteers, if not the biggest, on spam.

I don't think UUNET care what is in the packets they carry - they see 
traffic, they carry traffic. It's not a carrier's business to go snooping 
inside packets. Law enforcement may want to look inside packets - but 
that's their job.

>(Meaning: if you are not willing to act against abuse
>of IP address space, don't whine in public newsgroups about its
>pollution, which is the predictable consequence when the policeman
>are asleep.)

Well, I come back to an earlier point. The only reason that IP address 
space does get misused is that some ISPs don't check that their customers 
are using legitimate address space. The ISP Security BOF at the last NANOG 
covered this in significant detail.

philip
--

More information about the ARIN-PPML mailing list