[161796] in North American Network Operators' Group
Re: BCP38 - Internet Death Penalty
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Wed Mar 27 00:22:13 2013
In-Reply-To: <10071844.11080.1364348618832.JavaMail.root@benjamin.baylink.com>
Date: Tue, 26 Mar 2013 18:54:28 -0700
From: Paul Ferguson <fergdawgster@gmail.com>
To: Jay Ashworth <jra@baylink.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Mar 26, 2013 at 6:43 PM, Jay Ashworth <jra@baylink.com> wrote:
> ----- Original Message -----
>> From: "Mark Andrews" <marka@isc.org>
>
>> If you are with a ISP that does not practice BCP 38 are you willing
>> to risk your neck that you won't be subject to a "aiding and abetting"
>> charge? All of us here know that spoofing address like this is a
>> criminal activity. We are all experts in the field and the courts
>> apply higher standards to us than they do to Joe Blogs. We know
>> machines get compromised. We know how to block spoofed traffic
>> from compromised machines.
>
> Careful: source address spoofing, like using a name you don't have on your
> driver license *is not inherently a crime*. *Fraudulent behaviour which
> is advanced thereby* makes it an additional crime.
>
> SAS is sometimes necessary for testing.
>
An argument could be made that "...fraud is fraud, is fraud, is
fraud..." and should vigorously discouraged. :-)
- ferg
--
"Fergie", a.k.a. Paul Ferguson
fergdawgster(at)gmail.com
