On Tue, 26 Feb 2008, Tomas L. Byrnes wrote:
(first quoting Dave Pooser -- quote order changed by scg)
At the risk of being a stereotypical American liberal, I'll
point out two significant reasons flying is safer than it
used to be in the US are Federal regulation and post-accident
lawsuits. If there were an organization like the FAA that had
the power to "ground" AS17557 until their network engineers
completed a week's refresher course, there'd be significantly
better change management techniques in play. If YouTube were
currently suing Pakistani Telecom for eighty-seven gazillion
dollars-- and were widely considered a lock to win their
lawsuit-- suddenly a whole lot of other ISPs would magically
find the training budget to make sure THEIR engineers didn't
expose THEM to that sort of liability.
Since the US has no jurisdiction over 17557, other than for the US govt.
to force ISPs to refuse to accept any advertisements with 17557 or any
other AS that didn't meet some regulatory requirements in the path, how
would you propose that the regulatory environment you envision work?
American Airlines isn't the right straw-man here, Pakistan International
Airlines is. The only reason THEY meet anyone else's standards is that
they wouldn't be allowed to use the airspace or land if they didn't.
I sent Tomas some private mail complaining about some of the things he was
posting yesterday, but I think Dave's posting was spot on and Tomas's
follow-up is adding an important point.
As far as I can piece together from what's been reported and argued here,
there were three responsible parties: The Pakistani Government who
ordered YouTube blocked, Pakistan Telecom who implemented a lawful order
but overshot their government's jurisdiction, and PCCW who accepted the
announcements and passed them on to the world.
From a technical perspective, this is pretty cut and dried. Networks
should be careful what they announce, but sometimes aren't. Upstream
providers should be careful what they accept, but sometimes aren't.
Systems and policies to improve filtering sometimes cause more problems
than they solve, especially when relying on a central source for
authentication, and those costs are borne by the party trying to be
responsible. Intentional leaks are harder to guard against than
unintentional ones. Those hit hard by route leaks generally aren't the
party responsible for the leak, so incentives to be careful are lacking.
But this case also brings up a bunch of interesting policy and legal
questions, which I'm less or not at all qualified to answer.
This was a legally required routing announcement in Pakistan, and there
was presumably a desire that other Pakistani ISPs be able to see the
announcement. What if any responsibility do those following a lawful
order have to keep the results of that order from being seen outside of
their government's jurisdiction?
What legal responsibility did PCCW have here, and in what countries?
Given that they've got network infrastructure in the United States and
around the world, they're presumably vulnerable to lawsuits in the US and
elsewhere if Hong Kong law isn't sufficient.
How will Google respond? Route leaks happen from time to time. Usually
they're of relatively little consequence, and people clean them up and get
back to work. I don't know how much revenue YouTube brings in over the
course of a couple of hours, but it wouldn't surprise me if they could
claim to have lost millions of dollars. PCCW has deep pockets, and Google
has lots of lawyers. Will Google sue? If not, will it be because they
think they don't have a case, because they value other relationships they
have with PCCW, or because they're worried about establishing a precedent
that would make them liable for their own engineers' errors?
If Google did sue, would that lead to some BGP certification requirements
for ISPs to get liability insurance? If such an insurance requirement
didn't affect ISPs like Pakistan Telecom, would having it become a
requirement for the international ISPs that tend to provide international
transit be sufficient?
(And then, of course, the really scary questions: What would such a
certification process look like, and how many of us would be able to
pass?)
-Steve