Home page logo

nanog logo nanog mailing list archives

Re: Motion for a new POST NSF AUP
From: Justin Newton <justin () rainbow dgsys com>
Date: Tue, 17 Oct 1995 05:10:41 -0400 (EDT)

The only question that I have is what does this do to your position as a 
"common carrier like" organization?  It weakens it horrendously.  I wish 
that it didn't, and when I start my ISP up, Jan 1st (as opposed to the 
one I am working for now), I will have an AUP, but just be aware, it 
/does/ weaken your position as a "common carrier like" organization.  It 
is at that point that you should start to seriously consider removing 
binaries groups and other things, and finding a way to act immediately on 
things like someone saying that one of your users violated a copyright 
law or the like.  I am not advocating one way or the other, just saying 
that you should stand to one side of the road or the other, not the middle.

I plan to stand on the side where I can have an AUP, and plan to have my 
lawyer make a fair number of decisions on things like what do I do when 
someone tells me a user has violated copyright, etc etc.  I also plan to 
purchase news services from someone else in the beginning so that I am 
not a news distributor, I am only giving people a way to view it (News 
will never be stored on my systems).  Maybe when the water gets a little 
less rocky I'll start using my own news server.  Those decisions are 
mine, not yours, you can of course make your own.  I made mine after 
hours of consultation with my lawyer, as well as talking to several other 
lawyers.  You should do the same.

On Sun, 15 Oct 1995, Tim Bass wrote:

John Curran and I are in total agreement on John's premise that any
Post NSF AUP is either a) unenforceable or b) subject to abuse. I suggest
that for the moment, that we agree with John that any AUP is both:

a)    Unenforceable;
b)    Subject to abuse; and
c)    Virtually impossible to authenticate.

Giving the above, the question still remains and the original motion is still
valid for this reason.

If we define a Post NSF AUP, then at least everyone who uses the Internet
will have had the opportunity to have read and understood what the current
Internet AUP describes.

It is possible that having a clearly defined AUP will not stop spam and
other unacceptable uses of the net, and clearly an AUP is not enforceable
( and for IP security reasons should not be enforced without absolute
authentication as John correctly points out).

On the other hand, having a clearly defined AUP may discourage potential
spammers and child pornographers, etc.  (not that we consider spammers
and child pornography peddlers in the same vein..).  Also, having a 
clearly defined Internet AUP will send a signal to the news media and
government officials that the providers of Internet services are 
capable of formulating policy in an area that, without self-regulation,
has a strong potential to continue degenerating.

Is a self-formulated Post NSF AUP, without enforcement, still a good idea?

The answer, I suggest, is not obvious, but a debate on the subject 
does have considerable merit, given the events of the past week or so.


| Tim Bass                           | #include<campfire.h>                | 
| Principal Network Systems Engineer |       for(beer=100;beer>1;beer++){  |
| The Silk Road Group, Ltd.          |           take_one_down();          |
|                                    |           pass_it_around();         |
| http://www.silkroad.com/           |       }                             |
|                                    |  back_to_work(); /*never reached */ | 

Justin Newton           * You have to change just to stay caught up.
Vice President/         *       
System Administrator    * 
Digital Gateway Systems * 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]