Phorm and Cookies

Mark Lomas ukcrypto at chiark.greenend.org.uk
Thu, 3 Apr 2008 11:37:13 +0100 

------=_Part_1268_5264529.1207219033386
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On 03/04/2008, james2@jfirth.net <james2@jfirth.net> wrote:
>
>
> On 03 April 2008 10:29, Peter Fairbrother wrote:
> > James Firth wrote:
> >
> > > If ISPs do block ports it is usually only inbound traffic, i.e.
> servers
> > you
> > > run from home.  It has been rumoured that outbound traffic has been
> > > intercepted for certain port numbers at the height of worm attacks
> such
> > as
> > > Doom and Netsky.
> > >
> > > As far as I can tell, blocking traffic (i.e. refusing to pass
> messages)
> > > based on IP port numbers is completely legal.  The ISP is choosing
> only
> > to
> > > implement certain services, distinguishable by traffic information in
> > the IP
> > > header.
> >
> > I disagree. The port number is used by the server on the other end, not
> > the ISP, and the ISP has no business looking at it.
> >
> > The only service which an ISP must provide is the message-passing
> > service - anything else is extra, and the rules which allow the ISP to
> > intercept in order to provide the message-passing service do not apply
> > to any other services.
> >
>
> Port numbers are completely analogous to service codes/service types in
> the
> telecommunications industry.  Internet Protocol (IP) is defines 2^16
> different service codes.  In fact Unix-like systems today still call their
> port definition file "services".
>
> Where is it stated that an ISP has to provide every one of these services?
>
> Since the port number is at the top of the packet alongside the
> destination
> address, and is defined as "destination port", the ISP is clearly allowed
> to
> inspect this information as part of routing traffic.
>
> If it's clear in the terms of service that users cannot access port 25
> (SMTP) of outside services then surely only competition law could be used
> to
> challenge this.
>
> James Firth


James gives a sensible example. There is nothing inherently wrong with an
ISP that
offers to route only HTTP and DNS traffic, although it may reduce the
customer base.

It is also reasonable for an ISP to provide different quality of service
guarantees for
different types of traffic. For example, it might offer specific latency and
jitter
guarantees for VoIP traffic. If its implementation were to route VoIP
traffic separately
from HTTP traffic that is legitimate since it is monitoring the port numbers
solely for
the purpose of providing the service.

    Mark

p.s. I doubt that competition law could force an ISP to route SMTP traffic.

------=_Part_1268_5264529.1207219033386
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

<br><br>
<div><span class="gmail_quote">On 03/04/2008, <b class="gmail_sendername"><a href="mailto:james2@jfirth.net">james2@jfirth.net</a></b> &lt;<a href="mailto:james2@jfirth.net">james2@jfirth.net</a>&gt; wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br>On 03 April 2008 10:29, Peter Fairbrother wrote:<br>&gt; James Firth wrote:<br>&gt;<br>&gt; &gt; If ISPs do block ports it is usually only inbound traffic, i.e. servers<br>
&gt; you<br>&gt; &gt; run from home.&nbsp;&nbsp;It has been rumoured that outbound traffic has been<br>&gt; &gt; intercepted for certain port numbers at the height of worm attacks such<br>&gt; as<br>&gt; &gt; Doom and Netsky.<br>&gt; &gt;<br>
&gt; &gt; As far as I can tell, blocking traffic (i.e. refusing to pass messages)<br>&gt; &gt; based on IP port numbers is completely legal.&nbsp;&nbsp;The ISP is choosing only<br>&gt; to<br>&gt; &gt; implement certain services, distinguishable by traffic information in<br>
&gt; the IP<br>&gt; &gt; header.<br>&gt;<br>&gt; I disagree. The port number is used by the server on the other end, not<br>&gt; the ISP, and the ISP has no business looking at it.<br>&gt;<br>&gt; The only service which an ISP must provide is the message-passing<br>
&gt; service - anything else is extra, and the rules which allow the ISP to<br>&gt; intercept in order to provide the message-passing service do not apply<br>&gt; to any other services.<br>&gt;<br><br>Port numbers are completely analogous to service codes/service types in the<br>
telecommunications industry.&nbsp;&nbsp;Internet Protocol (IP) is defines 2^16<br>different service codes.&nbsp;&nbsp;In fact Unix-like systems today still call their<br>port definition file &quot;services&quot;.<br><br>Where is it stated that an ISP has to provide every one of these services?<br>
<br>Since the port number is at the top of the packet alongside the destination<br>address, and is defined as &quot;destination port&quot;, the ISP is clearly allowed to<br>inspect this information as part of routing traffic.<br>
<br>If it&#39;s clear in the terms of service that users cannot access port 25<br>(SMTP) of outside services then surely only competition law could be used to<br>challenge this.<br><br>James Firth</blockquote>
<div>&nbsp;</div>
<div>James gives a sensible example. There is nothing inherently wrong with an ISP that</div>
<div>offers to route only HTTP and DNS traffic, although it may reduce the customer base.</div>
<div>&nbsp;</div>
<div>It is also reasonable for an ISP to provide different quality of service guarantees for</div>
<div>different types of traffic. For example, it might offer specific latency and jitter</div>
<div>guarantees for VoIP traffic. If its implementation were to route VoIP traffic separately</div>
<div>from HTTP traffic that is legitimate since it is monitoring the port numbers solely for</div>
<div>the purpose of providing the service.</div>
<div>&nbsp;</div>
<div>&nbsp;&nbsp;&nbsp; Mark</div>
<div>&nbsp;</div>
<div>p.s. I doubt that competition law could force an ISP to route SMTP traffic.</div><br>&nbsp;</div>

------=_Part_1268_5264529.1207219033386--