With all of the focus on DDoS attacks lately, complaints of poor contact availability, etc., I began thinking again about an idea I had. If this has been attempted before (and apparently failed), my apologies, but it seems like this could be workable and desirable. Let's say we create a non-profit organization ("Association of Responsible Internet Providers", for example), and loosely certify ISP's and other access providers (including companies and universities -- anyone that provides 'Net access to a group of people) as being "responsible" in that they have working, 24-hour emergency contacts, have taken steps to eliminate or curb abuse of their services (such as filtering), and perhaps any of a dozen other conditions that one might assume any "responsible" provider will comply with (including, say, a public anti-spam policy and an aggressive policy to ensure exposed systems are up to date with patches and security fixes). Any member of this organization presumably would have taken all necessary steps to ensure that they will be cooperative and available for investigations (such as spoofed IP tracing), and generally will make every effort to place the good of the Internet first. If we can publicize the organization, and get it through to customers and ISP's alike that such a certification is desirable, people will begin demanding that their own providers be members. Would there be any interest in such an organization? Dues, if any, would be just enough to keep a modest staff (volunteers at first?) up with applications and periodic compliancy checks where possible. We'd also need to figure out what precisely would be required of members, keeping in mind that some conditions could change in a relatively small amount of time as new types of Internet threats evolve. It's been suggested that lesser ISP's with little funds to spare for extras like security and responsibility will be unable to comply with terms like these. Would it be fair to prevent them from joining such an organization? I personally think it would be quite fair, but it's an issue that might need a bit of further probing. Comments? David -- == David Nesting WL7RO Fastolfe davidat_private http://fastolfe.net/ ==
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:24 PDT