Phorm and Cookies
Peter Fairbrother
ukcrypto at chiark.greenend.org.uk
Thu, 03 Apr 2008 10:29:06 +0100
James Firth wrote:
> If ISPs do block ports it is usually only inbound traffic, i.e. servers you
> run from home. It has been rumoured that outbound traffic has been
> intercepted for certain port numbers at the height of worm attacks such as
> Doom and Netsky.
>
> As far as I can tell, blocking traffic (i.e. refusing to pass messages)
> based on IP port numbers is completely legal. The ISP is choosing only to
> implement certain services, distinguishable by traffic information in the IP
> header.
I disagree. The port number is used by the server on the other end, not
the ISP, and the ISP has no business looking at it.
The only service which an ISP must provide is the message-passing
service - anything else is extra, and the rules which allow the ISP to
intercept in order to provide the message-passing service do not apply
to any other services.
-- Peter Fairbrother
>
> HOWEVER I sincerely hope that there are no ISPs who are surreptitiously
> redirecting outgoing DNS requests intended for third-party name servers and
> handling them internally. I know this is analogous to HTTP caching but
> caching is defined in the HTTP protocol and not in DNS.
>
> Anyone with any firm evidence of this would be welcome to pass to me or the
> list. I would be outraged.
>
>
>