Home page logo
/

nanog logo nanog mailing list archives

Re: Motion for a new POST NSF AUP
From: "William Allen Simpson" <bsimpson () morningstar com>
Date: Mon, 16 Oct 95 07:46:20 GMT

From: Tim Bass <bass () dune silkroad com>
a)    Unenforceable;
b)    Subject to abuse; and
c)    Virtually impossible to authenticate.

I disagree with all of these premises.

c) I have been working for years on authentication.  Many if not most
   PPP links are now authenticated.  We finally have a IETF Proposed
   Standard for IP authentication.

   Another suggestion was that SMTP headers always contain the IP
   address.  I've seen this in quite a few mailers already.  All we need
   is a slight modification to the SMTP Receipt standard.  This could be
   a Best Current Practice, quickly published!

b) Given some degree of authentication, I do not believe that abuse will
   be a serious problem.  Fake postings "on behalf" of other parties
   will be reasonably refutable.

   There is the problem of dial-in links and such where the ISP refuses
   to disclose who the perpetrator actually is, for "privacy" reasons.
   In that case, the message appears to be from the ISP.  If the ISP
   wishes to take responsibility, and protect the client, that is
   certainly the option of the ISP.  But it has a cost!

a) I have told folks how to enforce this on the IETF list (last year),
   and the DNS list more recently.  In the "Janet Dove" spam, here is
   what I replied to janetdove () infosat com:

        > Date: Fri, 08 Sep 1995 18:28:18 -0500
        > From: janetdove () infosat com (Janet Dove)
        > Subject: ===>> FREE 1 yr. Magazine Sub sent worldwide- 315+ Popular USA Titles
        > Newsgroups: 
info.ietf.isoc,info.ietf.njm,info.ietf.smtp,info.inet.access,info.isode,info.jethro-tull,info.labmgr,info.mach,info.mh.workers,info.nets,info.nsf.grants,info.nsfnet.cert,info.nsfnet.status,info.nupop,info.nysersnmp,info.osf,info.pem-

        Your spammed message was sent to multiple newsgroups and mailing lists.
        It cost the providers of the service several million US dollars to carry
        your spam.

        Please justify why this message pertains to the IETF or the Internet
        Society.

        My fee for use of my computers, line and time to read your message is
        $150 each.  Please remit $450 to:

          William Allen Simpson
          1384 Fontaine
          Madison Heights, Michigan  48071

        Payable within 30 days; compound interest at 2% per each successive 30
        days or fraction thereof.

        Please note that failure to remit timely payment may result in a class
        action suit on behalf of all parties spammed, including each such list
        and each individual subscriber.

   You may question whether this is enforceable?

   I assert that it is.  This is based on previous reported case history
   for unsolicited fax advertisements.  I understand (I am not a lawyer)
   that charging for actual losses to my property (cost of my personal
   equipment and time) is enforceable.

   In short, _money_ is what we are talking about here!


If we define a Post NSF AUP, then at least everyone who uses the Internet
will have had the opportunity to have read and understood what the current
Internet AUP describes.

I agree!  Or, if they don't read it and understand it: "ignorance is no
defense".

Bill.Simpson () um cc umich edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault