[32470] in North American Network Operators' Group
RE: ISPs as content-police or method-police
daemon@ATHENA.MIT.EDU (Mathew Butler)
Wed Nov 22 15:44:53 2000
Message-ID: <F062E72E4BA2D4119F1700B0D03D205F39D8@MAIL>
From: Mathew Butler <mbutler@tonbu.com>
To: 'Christian Kuhtz' <ck@arch.bellsouth.net>, nanog@merit.edu
Date: Wed, 22 Nov 2000 12:37:20 -0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C054C4.02BFA090"
Errors-To: owner-nanog-outgoing@merit.edu
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C054C4.02BFA090
Content-Type: text/plain;
charset="iso-8859-1"
About 2 years ago, when I got cable modem service from Cox@Home in Mesa, AZ,
I tried to go through their standard tech support channels to get filters
removed from my IP line. My request was bounced back and forth between
several places until I was told by a tech support manager that "there would
be no special-case configurations" -- meaning that the filters on my line
were never going to be removed.
I also found that it was -much- more possible to talk to someone with a clue
if I posed as someone on the global Internet, trying to use services which
were operationally impacting me (such as DNS and rDNS). When trying to get
something done at any NOC, -don't- say "I'm a customer of yours" at any
point in time, else you get transferred to the tech support lines and
nothing -ever- gets done.
(In the case I'm referring to, @home's rDNS service kept dying, and I ended
up having to keep calling their NOC and tell them that it was broken, from
the standpoint of someone who was doing log analysis on Apache logs, and
noticed a bunch of 'lame zone' errors from their servers in their IP blocks.
This issue also operationally impacted me being able to get to certain FTP
sites that required rDNS to resolve properly. Guess which way got the
problem fixed.)
-Mat Butler
-----Original Message-----
From: Christian Kuhtz [mailto:ck@arch.bellsouth.net]
Sent: Monday, November 20, 2000 9:36 AM
To: nanog@merit.edu
Subject: RE: ISPs as content-police or method-police
> >What doesn't make sense in that argument is why you couldn't just
> simply upsell the customer to a managed fw solution etc
> >if that's the concern.
>
> This doesn't work for a consumer broadband ISP,
> where the customers won't be upsold to anything and
> the average consumer just expects the network to be "safe".
Hmm. I disagree, and consumers with those expectations would be advised to
read their service agreements which they signed and accepted closely.
> >Educate them, and let them decide based on the education they received.
>
> Education does not work for a consumer ISP,
> whether broadband or dialup, due to scaling limits.
> Might or might not work for a lease-line business ISP.
Sure it does. Depends on what you consider education. I wasn't referring
to
a two hour class, but the type of discussion a sales rep has with their
customer when you sign up for service. Doesn't a regular cable sales rep
offer you HBO, Showtime etc packages when you sign up? Why not offer you a
no-charge filter service? (granted, I said upsell in my first post, perhaps
that was the wrong term).
I do not believe that by default, opt-out filtering is a good practice for
an
ISP.
> >Well, again, I don't believe in 'censoring' traffic by default.
>
> My perspective isn't about philosophy, but rather what
> is practical and sensible from a business perspective.
Quit splitting hairs.
I do not believe that by default, opt-out filtering is a practical and
sensible from a business perspective for an ISP. You may disagree, this is
a
free country last time I checked.
> >I wouldn't be so sure, particularly because of the legal exposure...
>
> The major consumer broadband ISPs have already
> discovered that their legal exposure would be higher
> if they did not filter a small number of protocols,
> than it is with filtering that small number of protocols,
> which is the current common case with consumer broadband
> ISPs today.
Pointers, background please. And how is that sold and presented to the
customer? What sort of legal ramifications have been discovered? How is
the
tech support role addressed?
> >> And as has been pointed out, you can ALWAYS punch a hole
> >> in the filter for customers who like to live risky,
> >> or they can find other ways to tunnel their packets.
> >
> >At SP scale? Think again.
>
> Filtering by default and punching holes upon request
> works fine for Media-One's cable modem service in the US
> Northeast, so that approach CAN work fine at a large-sized
> service provider scale (they are an existence proof).
Oh yeah? While I happen to use MediaOne (because I can't get anything else
where I live) and it seems to work most of the time, it is damn near
impossible to find anyone who has a clue about anything (or cares) thru the
tech support channels. And I don't consider spending 1.5hrs+ on hold to
speak
with a junior tech support person an accessible alternative.
I do know from my fw at home that no filtering whatsoever is done. In fact,
the service agreement clearly states that you're basically on your own.
If this is available (and accessible) in the northeast, consider yourself
*very* fortunate. If MediaOne (or my employer if I were be able to get
DSL)
were to start filtering traffic and gave me no reasonable way to opt-out or
customize, I would probably be a very dissatisfied customer. Currently,
some
of these support channels only work well if you don't need support.
> Different service providers might well make different
> business decisions, but lets not confuse a business decision
> with what is/isn't technically feasible. They aren't the
> same thing.
I don't think I said anything to that affect. Further, a less presumptious
stance would be appreciated.
I do believe that an opt-in approach is the better one, rather than opt-out.
Cheers,
Chris
--
Christian Kuhtz <ck@arch.bellsouth.net> -wk, <ck@gnu.org> -hm
Sr. Architect, Engineering & Architecture, BellSouth.net, Atlanta, GA, U.S.
"I speak for myself only."
------_=_NextPart_001_01C054C4.02BFA090
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>RE: ISPs as content-police or method-police </TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=3D2>About 2 years ago, when I got cable modem service =
from Cox@Home in Mesa, AZ, I tried to go through their standard tech =
support channels to get filters removed from my IP line. My =
request was bounced back and forth between several places until I was =
told by a tech support manager that "there would be no =
special-case configurations" -- meaning that the filters on my =
line were never going to be removed.</FONT></P>
<P><FONT SIZE=3D2>I also found that it was -much- more possible to talk =
to someone with a clue if I posed as someone on the global Internet, =
trying to use services which were operationally impacting me (such as =
DNS and rDNS). When trying to get something done at any NOC, =
-don't- say "I'm a customer of yours" at any point in time, =
else you get transferred to the tech support lines and nothing -ever- =
gets done.</FONT></P>
<P><FONT SIZE=3D2>(In the case I'm referring to, @home's rDNS service =
kept dying, and I ended up having to keep calling their NOC and tell =
them that it was broken, from the standpoint of someone who was doing =
log analysis on Apache logs, and noticed a bunch of 'lame zone' errors =
from their servers in their IP blocks. This issue also =
operationally impacted me being able to get to certain FTP sites that =
required rDNS to resolve properly. Guess which way got the =
problem fixed.)</FONT></P>
<P><FONT SIZE=3D2>-Mat Butler</FONT>
</P>
<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: Christian Kuhtz [<A =
HREF=3D"mailto:ck@arch.bellsouth.net">mailto:ck@arch.bellsouth.net</A>]<=
/FONT>
<BR><FONT SIZE=3D2>Sent: Monday, November 20, 2000 9:36 AM</FONT>
<BR><FONT SIZE=3D2>To: nanog@merit.edu</FONT>
<BR><FONT SIZE=3D2>Subject: RE: ISPs as content-police or method-police =
</FONT>
</P>
<BR>
<BR>
<P><FONT SIZE=3D2>> >What doesn't make sense in that argument is =
why you couldn't just</FONT>
<BR><FONT SIZE=3D2>> simply upsell the customer to a managed fw =
solution etc</FONT>
<BR><FONT SIZE=3D2>> >if that's the concern.</FONT>
<BR><FONT SIZE=3D2>></FONT>
<BR><FONT SIZE=3D2>> =
This doesn't work for a consumer broadband ISP,</FONT>
<BR><FONT SIZE=3D2>> where the customers won't be upsold to anything =
and</FONT>
<BR><FONT SIZE=3D2>> the average consumer just expects the network =
to be "safe".</FONT>
</P>
<P><FONT SIZE=3D2>Hmm. I disagree, and consumers with those =
expectations would be advised to</FONT>
<BR><FONT SIZE=3D2>read their service agreements which they signed and =
accepted closely.</FONT>
</P>
<P><FONT SIZE=3D2>> >Educate them, and let them decide based on =
the education they received.</FONT>
<BR><FONT SIZE=3D2>></FONT>
<BR><FONT SIZE=3D2>> =
Education does not work for a consumer ISP,</FONT>
<BR><FONT SIZE=3D2>> whether broadband or dialup, due to scaling =
limits.</FONT>
<BR><FONT SIZE=3D2>> Might or might not work for a lease-line =
business ISP.</FONT>
</P>
<P><FONT SIZE=3D2>Sure it does. Depends on what you consider =
education. I wasn't referring to</FONT>
<BR><FONT SIZE=3D2>a two hour class, but the type of discussion a sales =
rep has with their</FONT>
<BR><FONT SIZE=3D2>customer when you sign up for service. Doesn't =
a regular cable sales rep</FONT>
<BR><FONT SIZE=3D2>offer you HBO, Showtime etc packages when you sign =
up? Why not offer you a</FONT>
<BR><FONT SIZE=3D2>no-charge filter service? (granted, I said =
upsell in my first post, perhaps</FONT>
<BR><FONT SIZE=3D2>that was the wrong term).</FONT>
</P>
<P><FONT SIZE=3D2>I do not believe that by default, opt-out filtering =
is a good practice for an</FONT>
<BR><FONT SIZE=3D2>ISP.</FONT>
</P>
<P><FONT SIZE=3D2>> >Well, again, I don't believe in 'censoring' =
traffic by default.</FONT>
<BR><FONT SIZE=3D2>></FONT>
<BR><FONT SIZE=3D2>> =
My perspective isn't about philosophy, but rather what</FONT>
<BR><FONT SIZE=3D2>> is practical and sensible from a business =
perspective.</FONT>
</P>
<P><FONT SIZE=3D2>Quit splitting hairs.</FONT>
</P>
<P><FONT SIZE=3D2>I do not believe that by default, opt-out filtering =
is a practical and</FONT>
<BR><FONT SIZE=3D2>sensible from a business perspective for an =
ISP. You may disagree, this is a</FONT>
<BR><FONT SIZE=3D2>free country last time I checked.</FONT>
</P>
<P><FONT SIZE=3D2>> >I wouldn't be so sure, particularly because =
of the legal exposure...</FONT>
<BR><FONT SIZE=3D2>></FONT>
<BR><FONT SIZE=3D2>> =
The major consumer broadband ISPs have already</FONT>
<BR><FONT SIZE=3D2>> discovered that their legal exposure would be =
higher</FONT>
<BR><FONT SIZE=3D2>> if they did not filter a small number of =
protocols,</FONT>
<BR><FONT SIZE=3D2>> than it is with filtering that small number of =
protocols,</FONT>
<BR><FONT SIZE=3D2>> which is the current common case with consumer =
broadband</FONT>
<BR><FONT SIZE=3D2>> ISPs today.</FONT>
</P>
<P><FONT SIZE=3D2>Pointers, background please. And how is that =
sold and presented to the</FONT>
<BR><FONT SIZE=3D2>customer? What sort of legal ramifications =
have been discovered? How is the</FONT>
<BR><FONT SIZE=3D2>tech support role addressed?</FONT>
</P>
<P><FONT SIZE=3D2>> >> And as has been pointed out, you can =
ALWAYS punch a hole</FONT>
<BR><FONT SIZE=3D2>> >> in the filter for customers who like =
to live risky,</FONT>
<BR><FONT SIZE=3D2>> >> or they can find other ways to tunnel =
their packets.</FONT>
<BR><FONT SIZE=3D2>> ></FONT>
<BR><FONT SIZE=3D2>> >At SP scale? Think again.</FONT>
<BR><FONT SIZE=3D2>></FONT>
<BR><FONT SIZE=3D2>> =
Filtering by default and punching holes upon request</FONT>
<BR><FONT SIZE=3D2>> works fine for Media-One's cable modem service =
in the US</FONT>
<BR><FONT SIZE=3D2>> Northeast, so that approach CAN work fine at a =
large-sized</FONT>
<BR><FONT SIZE=3D2>> service provider scale (they are an existence =
proof).</FONT>
</P>
<P><FONT SIZE=3D2>Oh yeah? While I happen to use MediaOne =
(because I can't get anything else</FONT>
<BR><FONT SIZE=3D2>where I live) and it seems to work most of the time, =
it is damn near</FONT>
<BR><FONT SIZE=3D2>impossible to find anyone who has a clue about =
anything (or cares) thru the</FONT>
<BR><FONT SIZE=3D2>tech support channels. And I don't consider =
spending 1.5hrs+ on hold to speak</FONT>
<BR><FONT SIZE=3D2>with a junior tech support person an accessible =
alternative.</FONT>
</P>
<P><FONT SIZE=3D2>I do know from my fw at home that no filtering =
whatsoever is done. In fact,</FONT>
<BR><FONT SIZE=3D2>the service agreement clearly states that you're =
basically on your own.</FONT>
</P>
<P><FONT SIZE=3D2>If this is available (and accessible) in the =
northeast, consider yourself</FONT>
<BR><FONT SIZE=3D2>*very* fortunate. If MediaOne (or my =
employer if I were be able to get DSL)</FONT>
<BR><FONT SIZE=3D2>were to start filtering traffic and gave me no =
reasonable way to opt-out or</FONT>
<BR><FONT SIZE=3D2>customize, I would probably be a very dissatisfied =
customer. Currently, some</FONT>
<BR><FONT SIZE=3D2>of these support channels only work well if you =
don't need support.</FONT>
</P>
<P><FONT SIZE=3D2>> =
Different service providers might well make different</FONT>
<BR><FONT SIZE=3D2>> business decisions, but lets not confuse a busin=
ess decision</FONT>
<BR><FONT SIZE=3D2>> with what is/isn't technically feasible. =
They aren't the</FONT>
<BR><FONT SIZE=3D2>> same thing.</FONT>
</P>
<P><FONT SIZE=3D2>I don't think I said anything to that affect. =
Further, a less presumptious</FONT>
<BR><FONT SIZE=3D2>stance would be appreciated.</FONT>
</P>
<P><FONT SIZE=3D2>I do believe that an opt-in approach is the better =
one, rather than opt-out.</FONT>
</P>
<P><FONT SIZE=3D2>Cheers,</FONT>
<BR><FONT SIZE=3D2>Chris</FONT>
</P>
<P><FONT SIZE=3D2>--</FONT>
<BR><FONT SIZE=3D2>Christian Kuhtz <ck@arch.bellsouth.net> -wk, =
<ck@gnu.org> -hm</FONT>
<BR><FONT SIZE=3D2>Sr. Architect, Engineering & Architecture, =
BellSouth.net, Atlanta, GA, U.S.</FONT>
<BR><FONT SIZE=3D2>"I speak for myself only."</FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C054C4.02BFA090--
