Shane's message said that reliance on outside parties was a risk. I was pointing out that operators already are relying on outside parties. Whatever means they employ now to evaluate risk or legal impact, they are comfortable with outside parties.
If operators always consult their legal departments on deploying new features, then there is no need to advise them to consult their legal departments. Tutorials galore urging use of route filters (and drafts describing same) never find it necessary to add "and consult your legal department". Perhaps as you say, that is because operators always consult their legal departments. But if so, this is no different. --Sandy, speaking as regular ol' member ________________________________________ From: Danny McPherson [[email protected]] Sent: Thursday, November 08, 2012 7:40 AM To: sidr wg list; Murphy, Sandra Subject: Re: [sidr] additions and changes to agenda on Friday On Nov 8, 2012, at 6:25 AM, Murphy, Sandra wrote: > I doubt whether any of them have felt the need to carefully evaluate the > risks or consult their legal departments. And therein lies the disconnect! I think it'd be extremely naive to think that operators don't know, or care about, or evaluate the risks of the systems that enable their operations. If this weren't the case, many of those folks that have expressed concern here would not do so. Given that our services and businesses rely on these systems with varying levels of buffers, I assure you that _many [most] operators DO carefully evaluate the risks and consult their legal departments. This isn't simply a science project. > I don't think we want people asking ISPs that use IRRs why they run such a > risky operation. I think that's exactly what we want. That's the purpose of engineering and risk management, and why operators that operate commercial networks, care a whole lot when you introduce a new dependency. -danny _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
