Cisco Blogs

Cisco Blog > High Tech Policy

Everybody’s Talking About…Blogs

ATW – The Alliance of Technology and Women – is holding a panel session on blogging on Thursday, March 23rd in Foster City, CA with some area bloggers to chat about their experiences with blogging at large and small companies, service business and non profits. Please come, won’t you?Panelists include: yours truly; – Robin D. Stavisky, Managing Partner of New Venture Marketing (Moderator) at; – Paul Rosenfeld, General Manager for QuickBooks Online Edition at; – Tara Hunt, Marketing Director, (Panelist) at; and – Britt Bravo at (the leading blog and conference for women “to pursue exposure, education, and community”),, her personal blog, Have Fun * Do Good, and All may attend…for a nominal fee…the particulars are here: Date and time: Thursday, March 23, 2006, 5:30 -8:30 PMLocation: Applera, 200 (room 2A) Lincoln Centre Drive, Foster City, CA 94404Registration:For online registration, go to: The advanced registration is $10 for members and $25 for non-members (add an extra $5 for registrations at the door).

Cisco “Net Neutrality” Position

Net Neutrality has been a hot topic in technology circles, so I thought you would be interested in Cisco’s position. Here it is:Net NeutralityConnectivity Principles and Consumer ChoiceCisco has long supported an open and innovative Internet. Many of the Internet’s benefits come from its open nature and the ability of anyone to develop new and innovative devices and services that connect to it. Such innovation has created entirely new industries and has fostered competitive markets in Internet applications and equipment. Recognizing these advantages, Cisco helped produce the High Tech Broadband Coalition’s”Connectivity Principles” in 2003, which were embodied in the FCC’s Policy Statement of 2005. The Connectivity Principles and FCC Policy protect consumers with information and the ability to use the Internet in an open fashion. Cisco continues to support these principles:1. Broadband Internet access consumers should have access to their choice of legal Internet content within the bandwidth limits and quality of service of their service plan. 2. Broadband Internet access consumers should be able to run applications of their choice, within the bandwidth limits and quality of service of their service plans, as long as they do not harm the provider’s network.3. Consumers should be permitted to attach any devices they choose to their broadband Internet access connection at the consumer’s premises, so long as they operate within the bandwidth limits and quality of service of their service plans and do not harm the provider’s network or enable theft of services.4. Consumers should receive meaningful information regarding their broadband Internet access service plans.Network ManagementInnovation inside the network is just as important as innovation in services and devices connected to the Internet. As the Internet becomes better, faster and more integral to our economy and personal lives, it is necessary for broadband Internet access providers to use innovative technology to manage their networks to provide quality of service and new features and services to meet evolving consumer needs. Cisco supports the use of network management tools by Internet access providers to improve the Internet experience as long as there is no anticompetitive effect. Specifically, Cisco supports:- Broadband Internet access service providers should remain free to engage in pro-competitive network management techniques to alleviate congestion, ameliorate capacity constraints, and enable new services. – Broadband Internet access service providers should remain free to offer additional services to supplement broadband Internet access, including bandwidth tiers, quality of service, security, anti-virus and anti-spam services, network management services, as well as to enter into commercially negotiated agreements with unaffiliated parties for the provision of such additional services.Regulate Only if Problems Occur, Not Before In recent years, telecommunications regulation has had a difficult time keeping up with changes in technology and markets. Imposing specific network neutrality rules now to address hypothetical problems would only compound the problem. Rather, the FCC has taken the appropriate path by setting forth principles and indicating that it will take enforcement action in the event that problems arise. At present, there is no indication of any significant violations of the Connectivity Principles by broadband Internet access providers. Cisco therefore supports case-by-case FCC action only if and when it is faced with a specific complaint with respect to the Connectivity Principles or related anticompetitive behavior.

Guest Blogger Jim Fenton: “Mail Authentication as a Peephole”

This entry is from guest blogger Jim Fenton. Fenton is a Distinguished Engineer in the Security Technology Group at Cisco. Even though Cisco isn’t an e-mail vendor, it’s beneficial to users of the Internet (and therefore strategic to Cisco) to improve the accountability for Internet messages. That’s the reason that Cisco has been active in co-developing and standardizing DomainKeys Identified Mail (DKIM), an e-mail authentication technology based on cryptographic signatures. The new DKIM Working Group will hold its first meetings at the IETF meeting in Dallas March 20-24.The question many people ask, and one of the hurdles in getting the working group chartered, is,”What good is e-mail authentication, anyway? It won’t stop spam and phishing!” Indeed it won’t; spammers and phishers will sign their own messages, most likely using throw-away e-mail domains they register for a single use. The same is true for other methods of e-mail authentication, such as Sender ID Framework and SPF. In fact, many spammers were early adopters of SPF, and I expect that they will be early DKIM adopters as well.The similarity that works well for me is that of a peephole in your front door or hotel room door. When there’s a knock at the door, you look out. If you recognize the person and it’s a friend, you open the door and let them in. If it’s someone who looks sinister (or a landshark!) then you don’t. If it’s someone you just don’t recognize, you use additional means of identification: perhaps you ask them via an intercom who they are and what their business is. Do peepholes unambiguously identify everyone? No. The same is true for e-mail authentication. This is not a problem with peepholes or e-mail authentication, but simply that they aren’t intended to be used in a vacuum.This is a policy blog, so what’s the policy angle on this? In the same sense that governments shouldn’t mandate the authentication of callers at your front door, they shouldn’t mandate e-mail authentication (and especially the use of specific technologies). It’s entirely reasonable to advocate the use of authentication technologies, much as they do in recommending the use of peepholes. To push the metaphor further, just as peepholes, intercoms, and video cameras all may have a role in authenticating callers, the various e-mail authentication technologies all provide some information that may be useful to the recipient, and two or more technologies may be used together. It should be up to the recipient what forms of authentication they use. Callers (message senders) will quickly learn what they need to do in order to be recognized.

Navel Gazing 2.0 – “Blogging Fever: Catch it!”

In one of our first entries on this blog over a year ago, I mentioned that “this Internet thing seems to really be taking off…” Blogging, it seems, is no different. Today, you may have read about Wal-Mart’s efforts to engage bloggers in The New York Times to help with their PR efforts.I also just came across this quote from Silicon Valley U.S. Representative Anna Eshoo (D-Palo Alto) in today’s National Journal’s Technology Daily People column that I thought was interesting enough to pass along. She is quoted as saying: “If Thomas Paine was alive today, he wouldn’t be a radical pamphleteer; he’d be a blogger at” High praise for the blogosphere, indeed.To be sure, the blogosphere can be a cacophonous place, but with originality, substance and consistency a blog can be be very effective tool for getting your message to your audience.

Cisco Q&A on China and Censorship

I wanted to bring your attention to a Q&A that is posted on Cisco’s external website on the issue of China and censorship. I have posted the Q&A here, but you can also access it at News@Cisco site at: Chandler, Cisco SVP and General Counsel, Talks About Censorship in ChinaMarch 1, 2006 On February 15th, Mark Chandler, Cisco’s senior vice president and general counsel, testified before a U.S. House of Representatives International Relations subcommittee on the issue of censorship in China. The title of the hearing was “The Internet in China: A Tool for Freedom or Suppression?” and full written testimony of Mr. Chandler and others can be accessed on the subcommittee website at: sat down with Mr. Chandler after his Washington trip to get his view of how the hearing went as well as other top questions on our mind.How did you think the hearing went?Mark Chandler: Obviously there are many conflicting viewpoints on the issue of technology and China, so I was glad we had the chance to testify and help set the record straight on how Cisco conducts business in China. It was important to provide clarity around what we do and what we do not do. We provide the same equipment worldwide that we provide in China. We have never partnered with the Chinese government to help them censor content, nor have we altered equipment for the Chinese government for the purposes of censorship. I hope that message got through at the hearing.There are still allegations that you have altered your equipment for the purposes of censorship. Why do you think that is?Mark Chandler: I think the allegations likely stem from a misunderstanding of thefunctionality of our equipment and, unfortunately, inaccurate claims made about Cisco’s actions in China. Cisco has not and does not design products for the purpose of political censorship.The equipment we sell in China is the same equipment we sell worldwide. We have not designed, marketed or altered equipment for the Chinese government. The filtering capabilities of all Internet routing equipment, necessary for protection against viruses, spam and denial of service attacks, can be used to block access to sites for political reasons, anywhere in the world.What are your views with regards to political censorship?Mark Chandler: Cisco strongly supports free expression on the Internet.At the hearing, you were asked if you were ashamed of doing business in China. Are you?Mark Chandler: We are proud of the impact of the Internet around the world, including in China. We entered the Chinese market in 1994 and since then the number of Chinese accessing the Internet has grown from 80,000 to over 110 million. We know that we have contributed to that growth.How does your equipment function?Mark Chandler: Cisco supplies equipment that provides network access – anytime, anywhere access to the Internet. The features that a library or parent may use to block chat rooms or unsavory sites, however, can also be used to block political content. Cisco has no control over this as we don’t manage networks. If the company you work for doesn’t want you to access, say, at work because it isn’t productive or isn’t work related, well, they could configure their network to do that. These capabilities are the same worldwide and function, primarily, for network security – for example, blocking sites that may have viruses. They also function as a way to block sites not deemed appropriate by the network owner.Could you disable those features when selling to China or other countries that may censor the Internet?Mark Chandler: Because of threats to networks around the world, there is no feasible way to disable those capabilities that may be used to block access for political reasons. Networks cannot function without network management and security protection capabilities. Otherwise, network administrators couldn’t protect us against hackers who want to try to shut down the Internet or steal personal information. Companies couldn’t stop employees from illegally downloading copyrighted music or videos or from accessing computer viruses. Libraries and parents couldn’t control access to pornography.These generic features are available from all major manufacturers, including at least a dozen U.S., Canadian, European and Chinese companies. While I cannot speak to the many other U.S. and foreign companies who have been cited as providing these functions to the Chinese authorities, these capabilities in Cisco’s equipment are “off the shelf” – their designated uses are appropriate and essential.There has been a suggestion that routers such as the ones Cisco sells should be configured so words like “democracy” and “freedom” cannot be blocked. Is that possible?Mark Chandler: That is certainly a well-meaning idea but likely would be met by great opposition by anyone who wanted to block unsavory content. For example, if that proposal was implemented, those who distribute pornography could get aroundrestrictions merely by putting “democracy” or “freedom” in their website name. And,further, the functionality that provides the means to limit access is available from numerous non U.S. vendors around the world.Has Cisco broken any laws in doing business in China?Mark Chandler: Cisco’s policy is strict compliance with all U.S. government laws and regulations which prohibit the sale of our products to certain destinations and users, or to those who resell to prohibited users.Some have alleged that Cisco’s equipment is designed to help Chinese law enforcement conduct surveillance or censorship activities. Does China sell equipment to the Chinese police to support surveillance and censorship activities?Mark Chandler: Cisco sells data networking equipment around the world, including to law enforcement. Sales of equipment to law enforcement agencies in China are strictly controlled by the U.S. Government under the Foreign Relations Authorization Act, and Cisco’s policy is strict compliance with those rules. While data networking equipment can be used for any type of available data, including written, audio or video data, Cisco does not sell the equipment in a manner that is customized in any way for Chinese law enforcement to conduct surveillance activities.There is currently a bill before Congress that would restrict what technology can be sold to China. What are your thoughts on the legislation?Mark Chandler: I would expect that there would be a great deal of debate over such legislation. There would be many who would oppose it on the grounds that it would actually reduce free expression. If countries were encouraged to build their own Internet because we were not willing to engage and sell them the equipment that is readily available elsewhere in the world then that outcome would be very unfortunate.The power of the Internet to expand free expression depends on there being one global Internet. Policies which promote the balkanization of the Internet – even inadvertently – will undermine rather than support the many projects which help users evade censorship.