> > Thinking out loud here, plenty of room for all to chime in. The key > differences, if there are any, between IETF and NANOG and her sisters, and > between IETF and IRTF, are: Nanog should not be compared to the IETF. Nanog is a forum that has promoted ignorance of the law or perhaps even tolerance of illegal activity, and specifically promotes misinformation of network operators with respect to the Electronic Communications and Privacy Act (ECPA) and Computer Fraud and Abuse Act (CFAA). Nanog does this by selective suppression of discussion on the subject and the suppression of participation of anyone who would refute the notion that the ECPA only applies to "common carriers". Merit and Nanog describe themselves as "educational". The failure to educate Network Operators on the legal aspects of their profession is, in my opinion, nothing less than reprehensible. Quite obviously, there are legal aspects to internet service operation just as there are legal aspects to business. No reputable business school would fail to provide adequate courses in business law, or fail to discuss the legal aspects of business with students. Nanog claims to be an educational organization, yet it fails to live up to any reasonable standard of education, and goes further with its selective suppression. The selective suppression reveals an agenda of misinformation that goes beyond simply not educating. Over the years, I have done extensive research on the ECPA, and the CFAA. I have employed lawyers on the subject, and have supporting documents such as legal, uptodate copies of the statutes, the House and Senate reports on the ECPA and the CFAA, and the Model Criminal Code, as well as an extensive library of case law. While the House and Senate reports on the ECPA speak extensivly about Email and Remote Computing Services, many people on Nanog have posted that the ECPA does not apply to ISPs. Yet despite having all this information, Susan Harris has asked me not to refute those people who claim that the ECPA does not apply to ISPs or Email. In January of 2000, Susan Harris asked me (only me) to stop posting on the subject, in reference to a specific incident. She didn't want me to refute people on the topic. She did not make any requests of anyone else to stop, and the "bashing" continued for two or three days, until news reported that law enforcement acted in a way that vindicated what I was saying. After I posted this vindication, which came after several days of bashing in which I did not participate, she removed my posting privileges. Actually being right on concrete issues is not something that is respected on Nanog. My posts were also informative, respectful, and well supported with citations. Supposing this were off-topic, it would be appropriate to ask everyone to stop. But of course, it isn't any more off-topic for Network operators to learn about the ECPA than it is for business school candidates to learn about business law. While Nanog did have a DOJ person speak in October, 2000, that presentation has been wildly misquoted, and it barely addressed the civil aspect of the ECPA. The CFAA was not discussed. False information is still posted on Nanog on the topic, which has been brought up by others. And the topic is clearly of interest to network operators, because it keeps coming up. For example, I was not allowed to correct claims made in June 2002 by Steve Bellovin that "what you say is correct for *telephone* companies, but not ISPs.". Bellovin attributes this statement to the DOJ presentation. But the DOJ presentation does not in fact say that. Though I concede that it is easy to take the slides out of context, this goes well beyond that. Bellovin makes other mistakes to give the impression that only common carriers need be concerned with the ECPA. Bellovin also uses claims of "discussions with prosecutors" to substantiate his claims. But his claims are refuted by the statute text, the Congressional Reports, and the case law. Unfortunately, few are familar with that material allowed to post. Some of the material is obscure and costs money to obtain. So I am limited to privately emailing information to the people who posted the original questions. Others, perhaps interested in the topic, but who didn't post, are misled. So Nanog is quite a bit different from the IETF, and, in my opinion, should not be associated with or compared to the IETF. Actually being right on concrete issues is something that carries no weight with Nanog, but it does carry weight with the IETF. Dean Anderson CEO Av8 Internet, Inc