[Air-l] Re: AUP (Acceptable Use Policy)

Bram Dov Abramson bda at bazu.org
Wed May 22 12:31:07 PDT 2002

jhuns at vt.edu:

>the sole problem, from my analysis of the wide variety of aup available
>from around the world, is that each governs part, but not all of the
>network after a certain point of plurality.  because of this, even
>though we can speak of an nsfnet aup, it may have been possible even
>that time to use nsfnet without being necessarily bound by that policy
>because of interconnections between networks

I think maybe this collapses two different things:

(1) When the NSFNET was the One True Backbone -- and governed "all of the 
network" -- networks could not interconnect to it and legitimately pass 
commercial traffic.  Some commercial traffic was passed of course but no 
network provider wished to connect to NSFNET as a business model.  This 
preserved a non-commercial character but stifled growth, and is why the 
NSFNET AUP was important in functional (organizational/institutional) terms 
although naturally yuo could find many individual traffic streams which 
didn't respect said AUP on a usage basis.

Some network providers saw a commercial opportunity in Internet though and 
created CIX.  CIX danced around NSFNET so that NSFNET no longer governed 
"all of the network", 1991.  Then NSFNET declared that it was no longer 
responsible for the whole backbone, only one of them, 1992, and got out of 
the way entirely, 1994.  So, between 1991 and 1994 the Internet 
progressively became a set of interconnected networks abiding by common 
standards instead of a hierarchical system.  By serving as the initial 
technical interface for non-NSFNET-AUP inteconnection, CIX was the turning 
point in the Internet's passage from a narrowly-used research network to a 
widely-used commercial network.

(2) Once the NSFNET replaced itself with 4 Network Access Points (NAPs), 
alongside CIX, and hence consecrated the Internet's 
many-interconnected-networks architecture, indeed the only relevant 
traditional AUPs became the Acceptable Use Policies that the majority of 
networks impose upon their users (the "wide variety of aup available from 
around the world" which you have analysed).

But note also a third element which maybe brings us back to where this 
discussion started:

(3) There continues as you know to be another, more diffuse AUP-like device 
that governs the Internet -- Internet standards.  Collectively, the 
Internet's corpus of RFCs (Requests for Comments) and, specifically, the 
BCPs (Best Current Practice documents) which award some of them special 
status, constitute today's version of the NSFNET AUP 
(rfc-editor.org).  Those who do not obey the RFCs open themselves to losing 

Like any policy document however enforcement of the RFCs/BCPs -- copyright 
still held, I think, by ISOC (isoc.org) -- is diffuse and somewhat 
inconsistent.  Especially so on the Internet where said enforcement is 
collaborative not centralised.  Hence non-compliance means, again, 
likelihood of less interoperability (outcomes of provider-by-provider 
decisions), not black-or-white on-net or off-net status.  Social sanctions 
not legal sanctions comprising governance whose institutional and informal 
materialisations are a quite valid research subject, as socio-legal 
scholars might chime in.

my C$0.02,

More information about the Air-L mailing list