Hope I'm not intruding here as I'm not affiliated in any way, but as a
network bod whose job is currently affected by these issues, I've been
following the discussion with interest.
John Martin wrote:
> >In both cases the ISP must be viewed as a third party, and in
> >security terms, a man in the middle.
>
> OK. That is the confusion. I was viewing the ISP as being in the same
> administrative domain, at least that is true for most dialup ISPs.
> In this case, the customer has a choice to change ISP if they don't
> like their policies.
I have to agree with Vernon on this one - the ISP *is* a third party, and
the "change your provider" argument isn't always appropriate.
Case in point: we offer a variety of HTTP-based services to our customers,
several of which require the assistance of some hand-made redirection hacks
to function properly. For certain of our customers - all of whom use the
same dialup ISP - these hacks consistently but mysteriously break. After
much scratching of heads over this, and having eliminated most other
Firewall-y/explicit client-side proxying issues, it's now looking
suspiciously like the problem stems from an interception-style proxy used by
the ISP in question (exact reason as yet unknown).
Now ideally, we'd like to get rid of our internal redirect hacking anyway,
but that isn't straightforward for other reasons. In the meantime, what are
we meant to do: tell our customers that it's a problem with their ISP, and
insist that they switch?
Doesn't really wash from a customer care perspective, does it?
J.
________________________________________________________________________
This message is sent in confidence for the addressee only.
It may contain legally privileged information. The contents are not to
be disclosed to anyone other than the addressee. Unauthorised recipients
are requested to preserve this confidentiality and to advise the sender
immediately of any error in transmission.
This archive was generated by hypermail 2b29 : Thu Nov 18 2004 - 11:21:28 MST