Presentation to Internet Identity Workshop on Nōtifs, a concept currently under development for allowing users to subscribe to and manage notifications from services they use. For more information on Nōtifs, see my blog post at: https://altmode.wordpress.com/2014/10/28/introducing-notifs-user-controlled-notifications/

1. User-controlled
notifications: Nōtifs
Jim Fenton
<notifs@bluepopcorn.net>
Tuesday, October 28, 14

2. Tuesday, October 28, 14

3. What is a Nōtif?
• Tell a user that something they’re
interested in is happening or has happened
• Requested by the user
• Typically short
• Typically time-sensitive, perishable
Tuesday, October 28, 14

4. What a Nōtif isn’t
• Anything unsolicited -- correspondence,
spam
• Addressed by a human -- addresses are
unsuitable for that
• Two-way
• Multihop
Tuesday, October 28, 14

5. Notification examples
• Emergency bulletins
• Advertising / special
offers
• Event invitations
• Approval requests
• Tech support
• Password resets
• Fraud alerts (bank, etc.)
• Alerts from
“things” (IoT)
• Newsletter availability
• Social media alerts
Tuesday, October 28, 14

6. Nōtif characteristics
• Opt-in
• Typically short
• Modifiable/deletable
(best effort)
• Acknowledged delivery
• Domain-signed
• Encrypted in transit
• Urgency and category
tagged
• Expires at specified date/
time
Tuesday, October 28, 14

7. Notifiers
Agent
User endpoints
Services Social Media Retailers Approval
Notification
Agent
Phone
SMS, Call
App push
Growl
Management,
Authorization
Notifications
Authorization Table
Rules
Bank Emergency
Calendar Requests
Tuesday, October 28, 14

8. Notifiers
• Typically not operated
by user
• Opt-in by user through
authorization ceremony
• May or may not know
much about the user
• Examples:
• Emergency services
• E-Commerce sites
• Social media
• Enterprise services
• Reminders
Tuesday, October 28, 14

9. Notification Agents
• Operate on behalf of
user
• Cloud-based
• User-chosen,
decentralized
• Store notifications for
retrieval by user
• Manage authorizations
for user
• Push selected
notifications to selected
user endpoints
Tuesday, October 28, 14

10. User endpoints
• Push
• Mobile device app
(push notification)
• SMS
• Voice (telephone)
• Desktop app
• Email (!)
• Pull
• Web interface
• Mobile app (via API)
Tuesday, October 28, 14

11. Typical Nōtif
{"origtime": "2014-10-26T22:06:13.462484Z",
"to": "A2074808-969A-4772-90DB-312D020C6039@altmode.net:5342",
"category": 2,
"priority": 2,
"expiration": "2014-11-25T22:06:13.462484Z"
"subject": "Suspicious account activity",
"body": "Your ATM card was just used at an ATM in Elbonia.",
"selector": "shiny",
"signature": "NBzZ7k/
hiK1e5pIqVXDF82P2zICjl2qia9kV0L77uUXYXg0Lvyhk3Dj4oDqwlCsBUOKI3FTViDIwp
2zdmgQVsKlptvMKHOGm0Oun/YZ/UoRzqB2smJd+7K8JFbNMWvRn/3qx
+K96F5BFn3XLngpMKx7HuSqIYKmzwCtsUmnEMx8="}
Tuesday, October 28, 14

12. Authorization
Tuesday, October 28, 14

13. Outgoing Methods
Tuesday, October 28, 14

14. Outgoing Rules
Very preliminary for now...
Tuesday, October 28, 14

15. Current status
• Prototype Notif agent up and running
• Linux/MongoDB/Go
• Implementing signature verification and SMS
outgoing
• Prototype user/authorization/notif management
• Linux/MongoDB/Python/Django
• Notifier SDK (Python)
Tuesday, October 28, 14

16. To Be Done
• Authorization UX
• Open-source the code (when I’m
reasonably happy with it)
• Write an API/Protocol Specification
• Mobile app
• Connectors: Generate notifs from legacy
services
Tuesday, October 28, 14