http://www.ciao.gov/Audit_Summit/SummitLibrary/3rdPtyLiab4Hackg.pdf From the article: My prediction is that courts will find liability against computer owners who negligently allow their computers to be a launching pad for attacks by hackers, terrorists and others. It's an area that's ripe for new law and you should be responsible for acting like a responsible computer owner. He goes on to say: I think that courts will begin to find computer owners responsible for their insecure systems connected to the Net. The legal standard will be "negligence" and that's the key to this being a reasonable doctrine. -----Original Message----- From: Bill Royds [mailto:broyds@home.com] Sent: Monday, June 11, 2001 7:34 AM To: dgillett@deepforest.org; Paul D. Robertson; firewalls@Lists.GNAC.NET Subject: RE: This is a must read document. It will freak you out And my suggestion is that this should be mandatory by having the liability for not doing it apply to the ISP who fails to apply a Best Practice. One can't enforce Internet protocols by law but one should be able to sue those who cause damage when they don't follow the protocol. -----Original Message----- From: firewalls-owner@Lists.GNAC.NET [mailto:firewalls-owner@Lists.GNAC.NET]On Behalf Of dgillett@deepforest.org Sent: Monday, June 11, 2001 05:00 To: Paul D. Robertson; firewalls@Lists.GNAC.NET Subject: RE: This is a must read document. It will freak you out We're in total agreement then. I just wanted to clarify that the egress filtering by ISPs has to be at the end-user portions of their networks, not (necessarily) the exits from their networks at peering points. David Gillett - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.]