[Outages-discussion] Hypothetical: isolating a single AS from the world?

[Bill Woodcock]

> On Apr 26, 2022, at 1:10 AM, Matthew Petach <matt at petach.org> wrote:
> The legal aspect only comes into play when you try to convince multiple commercial providers to act in concert to enforce a single policy with respect to the target network.
> The Sherman Act in the US, for example, explicitly forbids this: ""[e]very contract, combination in the form of trust or otherwise, or conspiracy, in restraint of trade or commerce." This targets two or more distinct enterprises acting together in a way that harms third parties." -- https://en.wikipedia.org/wiki/United_States_antitrust_law#Cartels_and_collusion
> 
> As long as every other BGP speaking entity comes to the decision *independently*, there's no legal edict against it.

Note that the way banks do this is through the use of third-party “credit scoring agencies.”  Each bank looks to the three credit scoring agencies, and then makes an independent decision.  And the three credit scoring agencies each use a theoretically-different secret sauce to produce their scores.  Which just magically come out about the same.

The credit scoring agencies are careful to say “this is just a number” and not recommend any course of action with respect to the number.

In our world, there are multiple malware intelligence feeds, each of which has a different methodology.  Network operators subscribe to multiple intelligence feeds, and then each make their own decision about what to block.

                                -Bill

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20220426/10077987/attachment.sig>