<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [gnso-ff-pdp-may08] Definition V4.2: concern about "consumer-grade"
- To: Wendy Seltzer <wendy@xxxxxxxxxxx>
- Subject: Re: [gnso-ff-pdp-may08] Definition V4.2: concern about "consumer-grade"
- From: Eric Brunner-Williams <ebw@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 01 Aug 2008 12:12:31 -0400
Wendy,
I agree. Anecdotally, the overwhelming bulk of our customers (registrars
and registries) use commercial hosting, however, where ISPs offer static
addresses, or where well-known techniques are used to provide usably
stable name-to-address mappings, there is no reason why registrars or
registries should increase the cost to registrants beyond their ISP
access cost and their own self-hosted web hosting.
I for one used both ISP provisioned static (/29 and smaller) and
cable-provider dynamic for address provisioning for web servers, its not
inherently "a bad thing".
Further, using AS as determinative is vastly less accurate to the root
problem than using if-MS-then-NO as a gating mechanism, regardless of
how much corporate chrome there is on the AS and its commercial
operations. Since I don't think people want to go down the
if-MS-then-obvious-conclusion path, the AS-is-guilty false equivalent
should be dismissed.
Eric
Wendy Seltzer wrote:
RLVaughn wrote:
...
This wide dispersion of network nodes into a large number of consumer
grade networks is symptomatic of fast flux nets and is the type of
routing to which I refer. I have not witnessed CDN spread into
consumer-grade autonomous systems. Even if routing is not in ICANN's
scope, the presence of routing into consumer-networks seems worthy of
a bullet in our symptom list.
[ Perhaps a sub-bullet to:]
*uses a variety of techniques to achieve volatility including:
[following]
o (rapid) modification of IP addresses for malicious ...
o disperses network nodes across a wide number of consumer
grade autonomous systems.
[I would, in fact, consider this new bullet as a prerequisite for
fast flux]
...
I see that use of consumer-grade ASs may be a frequent symptom of
malicious fast-flux, but we should take care not to encourage
discrimination against consumers' use of their Internet connections.
For example, the Tor network has many users who are intentionally making
their machines available on what I think would be classified as
"consumer-grade" ASs, as for instance on this list of public exit nodes:
<http://cassandra.eecs.harvard.edu/cgi-bin/exit.py>
I don't want this group to follow the anti-spam pattern, of making
consumer Internet connections less equal peers because some of them are
subject to abuse.
Thanks,
--Wendy
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|