North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Open, anonymous services and dealing with abuse

  • From: Sean Donelan
  • Date: Mon Feb 16 13:01:00 2004

On Mon, 16 Feb 2004, Daniel Reed wrote:
> On 2004-02-15T17:33-0500, Sean Donelan wrote:
> ) The unfortunate fact is lots of people like to operate open, anonymous
> ) services and then expect other people to clean up after them.
> )
> ) Why don't IRC operators require authentication of their users?
> ) Why don't SMTP operators require authentication of their users?
> Why don't HTTP operators require authentication of their users? If I'm
> researching testicular cancer on the web, that may involve web sites, IRC
> support channels, or mailing lists.

If you have a read-write HTTP web site (i.e. send e-mail through web,
write web blogs, etc), why don't you have authentication before permiting
users to write?  This includes news web sites which let you "forward"
stories by entering arbitrary addresses.  mailfrom.cgi and friends is as
much of a problem.

If you want to tell everyone in the world about your new and improved
cure for testicular cancer available for the low low price of $119 by
sending continious messages on unauthenticated IRC channels, mailing
lists and web blogs why should the ISP pierce the veil of anonymitity the
IRC operator, mailing list operator, web blog operator wanted?

The operator of the anonymous service should deal with the consequences
of maintaining that anonymitity.  ISPs authenticated their users.  But
that doesn't mean it is the ISP's responsibility to track down users of
anonymous services everytime there is a problem.

> This isn't the plot to next summer's killer Sci-Fi horror movie; this is
> what we are dealing with on the Internet today. In either case, the long-
> term public interest would probably be served more by funding agencies to
> track down and stop the spread of the pathogen.

Restuarant operators are responsible for the safe preparation of the food
they serve and the cleanliness of their resturants.  It is not up to the
highway department to prevent sick people from visiting your restuarant
or to monitor the trucks transporting food on the highway.

If you want the ISP (highway department) to control it, expect them to
set up inspection points on the roads they control and disrupt all
traffic.  If you don't want ISPs doing this, don't ask them to enforce
things they shouldn't be doing.