[gnso-rds-pdp-wg] On interoperation and policy (was Re: Contactability)

Wed Nov 29 21:05:13 UTC 2017

Yes, absolutely.

You (collectively) have no legal right to force me to accept traffic. And
if I were to block you due to abuse, there would be no appeal escalations
above me. No lawsuit has ever been won to force unblocking related to abuse.

To follow Dotzero's example, I'd like to note the following example. If you
use Tor to access any Cloudflare website, you can't. Why? If you have the
time to read lengthy back-and-forths, this is an excellent example of the
graveyard many of you insist on whistling past:

https://trac.torproject.org/projects/tor/ticket/18361

Summary of that ticket: A Tor representative states that Tor has problems
reaching Cloudflare due to hard captchas. A Cloudflare representative
states that this is because of abuse. The Tor community proceeds to plug
their ears and say lalalala, the Tor network is full of activists, and
definitely not hackers! Tor cherry picks some numbers from Akamai that
support their argument, calling Cloudflare's numbers unscientific, but
admits to no abuse issue. After that ticket concluded, Cloudflare
implemented optional blocking features against Tor. Tor had even appealed
to the media, trying to stop Cloudflare by making them look bad. Didn't
work. And, as of a few weeks ago, Tor is wholly blocked on Cloudflare,
because the Google captcha service blocked Tor too. Cloudflare hasn't
noticed this for weeks, but Tor is severely impacted and no one cares.

The lesson to learn here is that if you're trying to convince a network
operator that their abuse statistics from you are imaginary, they are still
going to block you, and they really won't care about your opinion or your
losses.

To further illustrate how much our values don't align, yet still affect
you, defenders also don't care about the well being of registrars/hosting
companies themselves. I've heard my colleagues speak about bankrupting
abuse friendly companies. To quote one unnamed colleague who actually did
bankrupt an abuse friendly company via network blocks, causing a customer
exodus: "They threatened to sue me... but they went bankrupt so fast they
couldn't pay their lawyers!", which was met with laughter and approval by
all. Nothing bad happened to him, and even if he were sued, his company
would protect him.

These are the attitudes that the gatekeepers of the largest global networks
have towards the hosting and domain industry. The same numbers youall want
to reject as "unscientific" are used to make decisions that bankrupt
companies in your industry. Keep whistling, if you want. ICANN won't save
you.

If you don't like this, you have several ways out. You can take steps to
collectively and materially reduce the volume of abuse, or you can give
private network owners the ability to block on a granular level. If you
want to eliminate WHOIS, then your bad customers and your good must
necessarily share the same fate. In much the same way that the good and bad
registrars share the same fate with their *.XYZ domains. This isn't
something that's up for debate- this is something that's going to happen.

On Wed, Nov 29, 2017 at 12:28 PM, Andrew Sullivan <ajs at anvilwalrusden.com>
wrote:

> Dear colleagues,
>
> On Wed, Nov 29, 2017 at 06:21:16PM +0100, Volker Greimann wrote:
> > suffice it to say that I do
> > not consider their publications evidence. "Domains seen" indeed...
> Ignoring
> > them is the better options unless they develop better methodologies _and_
> > start sharing them for peer examination.
>
> > Am 29.11.2017 um 18:03 schrieb allison nixon:
>
> > > Love them or hate them, you can't ignore them. If Spamhaus listed an IP
> > > range, that range would suffer severe connectivity issues across the
> > > entire Internet. When it comes to interoperability, Spamhaus's lists
> > > effectively matter more than ICANN's accreditation.
>
> I think that the above two snippets neatly describe the point I, at
> least, have been trying to make about the Internet's operational
> reality.
>
> Volker's assertion appears to be that the right thing according to the
> agreed-upon evaluation criteria is what ought to be guiding us.
>
> Allison's claim, however, is that there are operational realities on
> the Internet, and that operators are going to do whatever they do and
> that the ICANN community policies had better take those interests into
> account, or find that the policies are irrelevant.
>
> I would go further even than Allison does, because in my opinion she
> is describing the _design_ of the Internet: it's _inter_networking,
> and the only basis upon which it happens is the voluntary
> interoperation by operators.  On my network, I get to decide what I'm
> willing to accept.  That might not include everything on the Internet.
>
> Best regards,
>
> A
>
> --
> Andrew Sullivan
> ajs at anvilwalrusden.com
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>

-- 
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171129/57e2350c/attachment.html>