North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Fwd: Re: Digital Island sponsors DoS attempt

  • From: James Thomason
  • Date: Fri Oct 26 02:57:01 2001

On 25 Oct 2001, Paul Vixie wrote:

> "everything not expressly forbidden is allowed" is a workable model for
> peering relationships and even transit relationships, but it only works
> within the context of a direct relationship of some kind.
> 
> in the case where the sender and receiver are communicating between one
> or many third parties, there is no direct relationship and thus no apriori
> terms of service to which the traffic must conform.  for this, we reverse the
> model: "everything not welcomed is forbidden" and thus create a prior 
> restraint problem which goes by the name "what, then, is implicitly
> welcome or unwelcome?"

Until there are standards and technology available to push subscriber
policy to the edge of the network and beyond, the subscriber has
explicitly accepted the overall terms and conditions by which the service
is to be provided.  Since peering agreements are typically "not forbidden
is allowed", subscribers too have adopted this policy by their express
consent to the service providers terms of service.  

Service providers stand on this high ground frequently when they deny
their subscribers access to particular hosts on the Internet for violations 
of "Acceptable Use" policies.   

When technology and standards are in place to enforce subscriber policy
globally, then we can both establish and charge for specific
subscriber terms and conditions.  This sounds pretty ludicrous, if not
dangerous.

> generally any traffic which unequally benefits the sender isn't welcome.
> ping traffic, even ping traffic which helps one network figure out how to
> best route traffic to another, still unequally benefits the sender.  one
> ought not, in my opinion, ever have to ask that such pings be stopped.

I am assuming in this discussion that when you refer to "benefit", you are
in fact refering to "financial benefit".  If this is the case I would be
forced to disagree.  Packets exchanged between parties that participate in
a Sender Keep All settlement relationship cannot be to the exclusive
benefit of a single party.  The parties have already agreed on settlement,
and thus are already getting compensated for the delivery of said packets. 
(This is of course true regardless of the settlement model.)

> another test for "welcome" is "if everybody did this, would the recipient
> be injured?" 

An interesting hypothesis, but it is seldom the case that the sender of
traffic knows the details of the recipients infrastructure. 

One-hundred-million clients attempting to access a news agency during a
crisis may certainly produce a denial of service, but this
was surely not the intent of the originator.

> smurf, ddos in general, and spam also classify well by this criteria.  it

Smurf and DDOS attacks are precisely that - attacks.  They are
intentionally initiated for the purpose of disrupting infrastructure or
service.  They are illegal.

Spam - and here we are again.  Since it is nearly universally accepted
that spam creates an unfair financial benefit for the spammer, then it
is safe to suggest that the cost arrangement should be completely
reversed.  This breaks most provider settlement relationships.  (This of
course, all ignoring the fact that spammers already break acceptable use
policies for their own providers.)

> *is* possible to know before initiating communication whether it's implicitly
> "welcome" by this standard, even if you have no direct relationship to the
> recipient whose terms and conditions would explicitly tell you the answer.

It is?  I am curious as to what exactly you are referring to.

Regards, 
James