[e2e] disintermediation?

Fred Baker fred at cisco.com
Sat Oct 13 14:21:08 PDT 2001 

At 07:11 AM 10/13/2001, Micah Beck wrote:
>I am looking for a word to describe the principle that an ISP is not 
>responsible for the data that flows across its network as long as it does 
>not make any non-technical decisions regarding the handling of that data.

We're not helping you very much with your initial question.

Any decision that an ISP makes about my traffic is going to be technical in 
at least its application. ISPs inspect and change traffic in any number of 
ways: they

  - decrement the TTL in an IP header,
  - add control lines to SMTP mailgrams,
  - interpret mailing list names into long lists of more specific email names,
  - apply ingress filter policies of various kinds
         "you may not spoof source addresses",
         "you may not encrypt your data using IPSEC",
         "you may not use IP Loose Source Routes"...

These are all technical policies; they may or may not have a technical 
motivation. Decrementing an IP TTL, for example, implements a policy 
decision to correctly implement IP forwarding. Reverse Path Forwarding 
Checks are a defensive measure that I wish was more common, to deal with 
address spoofing. Keeping IPSEC VPNs off its network is a business policy 
of a certain cable ISP; if you're doing that, they want you to purchase 
service from a different business unit of theirs.

Lynne's CheapISP, which inserts its own advertisements in passing traffic, 
is also applying a policy. It may be illegal in some jurisdictions. Legal 
or not, it raises a list of questions about whether a user of that service 
can be assured that it is in fact getting the content s/he requested. I 
have long thought that the simplest way to build the Great Firewall of 
China would be to offer a service proxy that translates email and web pages 
between English and Chinese...

So I would argue that an ISP is responsible for the policies it contracts, 
policies it enforces, and the technical implementation of those policies, 
and not responsible for policies that it neither contracts nor enforces 
(except to the extent that someone determines that it should have, which is 
another question). At the end of the day, I think that's what you were 
trying to say, was it not?

I'm not enough of a lawyer to know what word has that meaning. I should 
expect, however, that there is one, as the concept that "one is responsible 
for what one agrees to" is fundamental to contract law. Maybe one of the 
lawyers on the list can tell us what that word is.

More information about the end2end-interest mailing list