[LINK] The rallies???

[Danny Yee]

Glen hits a key issue on the head: scaling.

I doubt any of the companies pushing filtering products and claiming
marvels for them have any experience with deployments larger than a
school, or perhaps a large company.  ISP backbones are on an entirely
different scale, both in topological complexity - where do you put the
filtering devices? - and bandwidth.

Some of the other issues also scale poorly.  If there is overblocking
by a school or company, that won't cause terrible harm to a business
that gets blocked accidentally - it will only affect a small number
of customers, and those customers won't necessarily expect to be
able to do business in a study/work setting anyway.  An accidental
Australian-Internet-wide block, on the other hand, could destroy an
online business serving Australian markets.

So a government mandated national blacklist needs much better
accountability and stronger review mechanisms than organisation-level
filtering systems.  But the ACMA blacklist is actually less transparent
and less accountable than many of the commercial filtering blacklists!

Any latency or bandwidth degradation from filtering is also easier
to cater for at a school or company level.  A small organisation
can know what its critical traffic is and have that bypass the
filter, for example, or simply know that they have no critical
communications.  A backbone-level filter is going to have to know
which of its connections are, or could potentially be, used in
performance-critical operations.  Are hospitals going to be able to
apply for exemptions from filtering on the grounds that they might be
carrying out telesurgery?  How would such an exemption system work?
Deploying any kind of robust quality-of-service system for IP is
still an unsolved problem!

Danny.

Glen Turner wrote:
>  From a design point of view it's a useless number.
	.
	.