On Thu, 10 Jan 2008, Paul Ferguson wrote:
ISPs have really, really been absent from the discussion, for various
reasons.
Cool, ISPs get double damned in only 24 hours.
No matter what ISPs do or don't do, someone will think they are being
excessive or not doing enough.
ISPs have been active in the many security discussions and forums that
have existed over the last decade (and at least one forum I think is over
two decades old). Some forums are more open, other forums are more closed.
ISPs tend to be quiet in forums that mostly exist to shout at ISPs.
Likewise, LEA tend to be quiet in forums that shout at LEA, banks tend to
be quiet in forums that shout at banks, and so on.
On the other hand, if you listen carefully to what ISPs need, you can be
fairly effective working with ISPs. However there are practical limits
to what an ISP can do.
