[119089] in North American Network Operators' Group
RE: Congress may require ISPs to block fraud sites H.R.3817
daemon@ATHENA.MIT.EDU (Jonathan Brashear)
Fri Nov 6 10:55:16 2009
From: Jonathan Brashear <Jonathan.Brashear@hq.speakeasy.net>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Fri, 6 Nov 2009 07:52:09 -0800
In-Reply-To: <75cb24520911060747x3556e01tbb80be8c9e0d58b3@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Correct me if I'm wrong, but isn't there an RFC(2142 if memory serves) that=
states filtering certain email addresses(like abuse@, noc@, support@) isn'=
t allowed? I understand your point, but it seems sending it to /dev/null o=
nly opens another set of problems for you down the road.
Network Engineer, JNCIS-M
> 214-981-1954 (office)=20
> 214-642-4075 (cell)
> jbrashear@hq.speakeasy.net=20
http://www.speakeasy.net
-----Original Message-----
From: Christopher Morrow [mailto:morrowc.lists@gmail.com]=20
Sent: Friday, November 06, 2009 9:47 AM
To: Valdis.Kletnieks@vt.edu
Cc: nanog@nanog.org
Subject: Re: Congress may require ISPs to block fraud sites H.R.3817
On Thu, Nov 5, 2009 at 5:56 PM, <Valdis.Kletnieks@vt.edu> wrote:
> On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
>> Did I miss a thread on this? Has anyone looked at this yet?
>
>> `(2) INTERNET SERVICE PROVIDERS- Any Internet service provider that, on
>> or through a system or network controlled or operated by the Internet
>> service provider, transmits, routes, provides connections for, or stores
>> any material containing any misrepresentation of the kind prohibited in
>> paragraph (1) shall be liable for any damages caused thereby, including
>> damages suffered by SIPC, if the Internet service provider--
>
> "routes" sounds the most dangerous part there. =A0Does this mean that if
> we have a BGP peering session with somebody, we need to filter it?
>
> Fortunately, there's the conditions:
>
>> `(A) has actual knowledge that the material contains a misrepresentation
>> of the kind prohibited in paragraph (1), or
>
>> `(B) in the absence of actual knowledge, is aware of facts or
>> circumstances from which it is apparent that the material contains a
>> misrepresentation of the kind prohibited in paragraph (1), and
>
>> upon obtaining such knowledge or awareness, fails to act expeditiously
>> to remove, or disable access to, the material.
>
> So the big players that just provide bandwidth to the smaller players are
> mostly off the hook - AS701 has no reason to be aware that some website i=
n
> Tortuga is in violation (which raises an intresting point - what if the
> site *is* offshore?)
mail to: abuse@uu.net
Subject: Fraud through your network
Hi! someone in tortuga on ip address 1.2.3.4 which I accessed through
your network is fraudulently claiming to be the state-bank-of-elbonia.
Just though you should know! Also, I think that HR3817 expects you'll
now stop this from happening!
-concerned-internet-user
oops, now they have actual knowledge... I suppose this is a good
reason though to:
vi /etc/aliases ->
abuse: /dev/null
so, is this bill helping? or hurting? :(
>
> And the immediate usptreams will fail to obtain knowledge or awareness of
> their customer's actions, the same way they always have.
>
> Move along, nothing to see.. ;)
to my mind this is the exact same set of problems that the PA state
anti-CP law brought forth...
-chris
