[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BCP38 - Internet Death Penalty

On Tue, Mar 26, 2013 at 6:43 PM, Jay Ashworth <jra at baylink.com> wrote:

> ----- Original Message -----
>> From: "Mark Andrews" <marka at isc.org>
>> If you are with a ISP that does not practice BCP 38 are you willing
>> to risk your neck that you won't be subject to a "aiding and abetting"
>> charge? All of us here know that spoofing address like this is a
>> criminal activity. We are all experts in the field and the courts
>> apply higher standards to us than they do to Joe Blogs. We know
>> machines get compromised. We know how to block spoofed traffic
>> from compromised machines.
> Careful: source address spoofing, like using a name you don't have on your
> driver license *is not inherently a crime*.  *Fraudulent behaviour which
> is advanced thereby* makes it an additional crime.
> SAS is sometimes necessary for testing.

An argument could be made that "...fraud is fraud, is fraud, is
fraud..." and should vigorously discouraged.  :-)

- ferg

"Fergie", a.k.a. Paul Ferguson