"> I do not think it is appropriate for ISPs to have to prove or demonstrate the > legitimacy of their customer base"
Here is the exact point of contention and the point where I think people disagree. ISPs are the **first** line of defense against malware and badware. They are the ones closest to the customer and best able to "whack-a-mole". For those ISPs that do cater to a high proportion of bad actors, I quite rightly want them to demonstrate their legitimacy. By peering with them, there is a trust relationship formed... if there is a question that goes right to the heart of that trust, they ought to answer it, otherwise they ought to be de-peered as well. On Mon, Sep 8, 2008 at 1:25 PM, Matthew Petach <[EMAIL PROTECTED]> wrote: > On 9/8/08, Gadi Evron <[EMAIL PROTECTED]> wrote: >> On Sun, 7 Sep 2008, InterCage - Russ wrote: >> Thank you Russ. That is a great step in the right direction dropping this >> one client. It is appreciated, although it's just one bad apple on a big >> tree. >> >> However, I don't want to pick on you, so let's reframe the subject: >> >> > What do you suggest for the next move? >> > >> >> Well, perhaps you can share any information with us on a legitimate client >> you have? > > I do not think it is appropriate for ISPs to have to prove or demonstrate the > legitimacy of their customer base. As a legitimate customer of an ISP, I > would be *highly* incensed if my privacy were to be violated simply to > provide "proof" that the ISP had legitimate clients. > > The notion of "innocent until proven guilty" I think is a much better model > for > us to work with. If you find clear miscreants, and have data to back it up, > then a call for cleaning up the miscreants is somewhat acceptable, though > I worry that we may descend into a witch hunt if this is taken too far to the > extreme. However, a call to "prove your innocence" is entirely uncalled for, > and opens ISPs up to being caught on the horns of a very nasty dillemma; > either to maintain their customer's privacy, and be labelled as an evil, > nasty, > non-cooperative provider that must therefore be guilty, by their very dint of > failure to prove their innocence; or, reveal their law-abiding, > legitimate client > information, and and then quickly lose those clients when they realize their > records are no longer considered private at that ISP. > > If you have proof of clients engaging in illegal practices, then it is > appropriate > to go after those clients. But leave the legitimate clients alone. > > *putting down his pitchfork and torch, and walking away from the mob* > > Matt > >
