SlideShare a Scribd company logo
1 of 33
Download to read offline
An Abuse-Resistant
Messaging Protocol
Jim Fenton

fenton@bluepopcorn.net
1
Problem
• Limits on abuse resistance of existing
general-purpose protocols
• Email, SMS, telephone
• Anti-abuse features run afoul of some use
cases
• Need to accept either collateral damage or
limits on protocol usage
2
Approach
• Migrate subset of messaging use cases
• New abuse-resistant protocol
• Focus on high value use cases
• Need value for both senders and
recipients to prompt migration
(migration is hard!)
3
Value
• Moving messaging to an abuse-resistant
protocol decreases fraud
• Messages sent using legacy protocols
eventually become “suspicious”
• Narrower protocol may also better serve
certain use cases
4
Proposed use case:
Notifications
5
6
Desired Characteristics
• Recipient:
• Opt-in only
• Prioritized
• Authenticated
• Expire or deleted
when not relevant
• Timely
• Unsubscribable
• Configurable “push"





• Sender:
• Receipt confirmation
• Intermediaries not
needed
• Possible with modest
originator, e.g. IoT
• Update or delete
7
What is a Nōtif?
• Nōtif : notification :: app : application
• Tell a user that something they’re
interested in is happening or has happened
• Requested by the user
• Typically time-sensitive, perishable
8
What a Nōtif isn’t
• Anything unsolicited
• correspondence
• spam
• Addressed by a human
• addresses are unsuitable for that
• Two-way
• Multihop
9
Nōtifs Manifesto
• Users:
• Should have control over what nōtifs they receive
• Should be able to know that the nōtifs they receive are genuine
• Should have control over if and how they are alerted when
nōtifs arrive
• Should not have to reveal information about themselves just to
receive nōtifs
• Notifiers:
• Should not have to guess whether nōtifs are being delivered
• Should not have to employ intermediaries to get nōtifs delivered
• Should be able to amend or delete nōtifs to keep them relevant
• Nōtifs:
• Should expire and hide when no longer relevant
10
Notifiers
Agent
User endpoints
Notification
Agent
Phone
CallSMS,
App push
Growl
Management,
Authorization
Notifications
Authorization Table
Rules
Bank Emergency
Services
RetailersSocial Media
Approval
Requests
Calendar
11
Notifiers
• Typically not operated
by user
• Opt-in by user through
authorization ceremony
• May or may not know
much about the user











• Examples:
• Emergency services
• E-Commerce sites
• Social media
• Enterprise services
• Reminders
• IoT sensors
12
Nōtif Agents
• Operate on behalf of
user
• Cloud-based
• User-chosen,
decentralized
• Store notifications for
retrieval by user
• Manage authorizations
for user
• Analogous to last-hop
MTA/MDA
• Alert user to specific
notifications of
particular interest or
urgency
13
User endpoints
• Push
• Mobile device app
(push notification)
• SMS
• Voice (telephone)
• Desktop app
• Email (!)









• Pull
• Web interface
• Email-like (IMAP)
• Mobile app (via future
API)
14
Nōtif Authorizations
• A record of a relationship between a notifier and a user

• Contains:
• Notification address
• Notifier’s domain
• Description (provided/edited by user)
• Max authorized priority
• Tags
• Flags (active, deleted, etc.)
• Statistics (count, etc.)
• Link to user (internal)
15
Authorizing
16
Authorizing - 2
17
Authorizing - 3
18
Nōtif Summary
19
Nōtif Detail
20
Nōtif (IMAP)
21
Authorization Summary
22
Authorization
23
Methods
24
Alert Rules
25
Current status
• Prototype Nōtif agent up and running
• Linux/PostgreSQL/Go
• Prototype user/authorization/nōtif management
• Linux/PostgreSQL/Python/Django
• Notifier SDK (Python)
• Sample “clockwatcher” notifier running
• Available on GitHub!
26
Under development
• Generate notifs from tweets
• IMAP gateway
• Connectors: Generate notifs from other
services
27
Backup Slides
28
Notification examples
• Emergency bulletins
• Advertising / special
offers
• Event invitations
• Approval requests
• Tech support
• Password resets







• Fraud alerts (bank, etc.)
• Alerts from
“things” (IoT)
• Newsletter availability
• Social media alerts
• Burglar/fire alarms
29
Nōtif characteristics
• Opt-in
• Typically short
• Modifiable/deletable (best effort)
• Acknowledged delivery
• Domain-signed
• Encrypted in transit (use TLS)
• Priority tagged
• Expires at specified date/time
30
Typical Nōtif
{"header": {"to": “d28363d7-9d28-49f2-8d5b-
b9c1cf989335@altmode.net:5342"},
"payload": “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogInNoaW55In0.
eyJvcmlndGltZSI6ICIyMDE1LTA0LTA0VDE2OjE3OjAwLjI0MjE4MVoiLC
AicHJpb3JpdHkiOiA0LCAiZXhwaXJlcyI6ICIyMDE1LTA0LTA0VDE2OjE3
OjAwLjI0MjE5M1oiLCAiYm9keSI6ICJJdCBpcyBub3cgMDk6MTcgYW5kIG
FsbCBpcyB3ZWxsIiwgInN1YmplY3QiOiAiSXQgaXMgbm93IDA5OjE3In0.
MVXxsqrqc6XQm2gkVgatmHC847JEBxg0eR4LSmsUsTpMAwWgZ7dKQ_Wk_Q
K0It0aibj4qVdnJbs1MY6IwV7rqJMsSbzuZ7n_QDn_OKjI2L_rPq9IsW7z
EUtwf2T1J1j9yfWX0zmXwqSxdqnFHNcv49S7eDPrEhlvIMLtixHDOjk"}
Protected header
Unprotected header
Payload
Signature
Now in JWS format!
31
Protected Header
• Public key from DNS TXT record ala DKIM
• Algorithm must agree with that specified by key
record
{"alg": “RS256",
"kid": "shiny"}
Public key obtained from DNS:
<kid>._domainkey.<notifier-domain>
Signing and hashing algorithms
32
Nōtif Body
• You can’t spoof what isn’t there:
• From address/domain (comes from
authorization)
• To address (part of the envelope)
{"origtime": “2015-04-04T16:17:00.242181Z",
"priority": 4,
"expires": “2015-04-05T16:17:00.242193Z",
"body": "It is now 09:17 and all is well”,
"subject": "It is now 09:17"}
33

More Related Content

Similar to Notifs 2018

Facebook immune system yao
Facebook immune system yaoFacebook immune system yao
Facebook immune system yaorenren-security
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks  - Ed Adams, President, Security InnovationWfh security risks  - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
Myths of validation
Myths of validationMyths of validation
Myths of validationJeff Thomas
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Sam Bowne
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsSam Bowne
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeterBen Rothke
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
Metrics Are Not Enough: Monitoring Apache Kafka and Streaming Applications
Metrics Are Not Enough: Monitoring Apache Kafka and Streaming ApplicationsMetrics Are Not Enough: Monitoring Apache Kafka and Streaming Applications
Metrics Are Not Enough: Monitoring Apache Kafka and Streaming Applicationsconfluent
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesDragos, Inc.
 
Securing Your Mobile Applications
Securing Your Mobile ApplicationsSecuring Your Mobile Applications
Securing Your Mobile ApplicationsGreg Patton
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacyPECB
 
Lannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksLannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksSecurity Bootcamp
 
Server log, monitoring and qo s platform of a messaging app
Server   log, monitoring and qo s platform of a messaging appServer   log, monitoring and qo s platform of a messaging app
Server log, monitoring and qo s platform of a messaging appZalo_app
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 

Similar to Notifs 2018 (20)

Facebook immune system yao
Facebook immune system yaoFacebook immune system yao
Facebook immune system yao
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks  - Ed Adams, President, Security InnovationWfh security risks  - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
Myths of validation
Myths of validationMyths of validation
Myths of validation
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM Operations
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2
 
Metrics Are Not Enough: Monitoring Apache Kafka and Streaming Applications
Metrics Are Not Enough: Monitoring Apache Kafka and Streaming ApplicationsMetrics Are Not Enough: Monitoring Apache Kafka and Streaming Applications
Metrics Are Not Enough: Monitoring Apache Kafka and Streaming Applications
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil Refineries
 
Securing Your Mobile Applications
Securing Your Mobile ApplicationsSecuring Your Mobile Applications
Securing Your Mobile Applications
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
 
Lannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksLannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber Attacks
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Server log, monitoring and qo s platform of a messaging app
Server   log, monitoring and qo s platform of a messaging appServer   log, monitoring and qo s platform of a messaging app
Server log, monitoring and qo s platform of a messaging app
 
Cloud security
Cloud securityCloud security
Cloud security
 
BlockChain-1.pptx
BlockChain-1.pptxBlockChain-1.pptx
BlockChain-1.pptx
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handling
 
DigitalKYC_Modules.pdf
DigitalKYC_Modules.pdfDigitalKYC_Modules.pdf
DigitalKYC_Modules.pdf
 

More from Jim Fenton

REQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsREQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsJim Fenton
 
User Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondUser Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondJim Fenton
 
User Authentication Overview
User Authentication OverviewUser Authentication Overview
User Authentication OverviewJim Fenton
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More UsableJim Fenton
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password RequirementsJim Fenton
 
Security Questions Considered Harmful
Security Questions Considered HarmfulSecurity Questions Considered Harmful
Security Questions Considered HarmfulJim Fenton
 
LOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest ProposalLOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest ProposalJim Fenton
 
IgnitePII2014 Nōtifs
IgnitePII2014 NōtifsIgnitePII2014 Nōtifs
IgnitePII2014 NōtifsJim Fenton
 
iBeacons: Security and Privacy?
iBeacons: Security and Privacy?iBeacons: Security and Privacy?
iBeacons: Security and Privacy?Jim Fenton
 
OneID Garage Door
OneID Garage DoorOneID Garage Door
OneID Garage DoorJim Fenton
 
Identity systems
Identity systemsIdentity systems
Identity systemsJim Fenton
 
Adapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICAdapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICJim Fenton
 

More from Jim Fenton (12)

REQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsREQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS Requirements
 
User Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondUser Authentication: Passwords and Beyond
User Authentication: Passwords and Beyond
 
User Authentication Overview
User Authentication OverviewUser Authentication Overview
User Authentication Overview
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More Usable
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password Requirements
 
Security Questions Considered Harmful
Security Questions Considered HarmfulSecurity Questions Considered Harmful
Security Questions Considered Harmful
 
LOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest ProposalLOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest Proposal
 
IgnitePII2014 Nōtifs
IgnitePII2014 NōtifsIgnitePII2014 Nōtifs
IgnitePII2014 Nōtifs
 
iBeacons: Security and Privacy?
iBeacons: Security and Privacy?iBeacons: Security and Privacy?
iBeacons: Security and Privacy?
 
OneID Garage Door
OneID Garage DoorOneID Garage Door
OneID Garage Door
 
Identity systems
Identity systemsIdentity systems
Identity systems
 
Adapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICAdapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTIC
 

Recently uploaded

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Recently uploaded (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

Notifs 2018

  • 1. An Abuse-Resistant Messaging Protocol Jim Fenton
 fenton@bluepopcorn.net 1
  • 2. Problem • Limits on abuse resistance of existing general-purpose protocols • Email, SMS, telephone • Anti-abuse features run afoul of some use cases • Need to accept either collateral damage or limits on protocol usage 2
  • 3. Approach • Migrate subset of messaging use cases • New abuse-resistant protocol • Focus on high value use cases • Need value for both senders and recipients to prompt migration (migration is hard!) 3
  • 4. Value • Moving messaging to an abuse-resistant protocol decreases fraud • Messages sent using legacy protocols eventually become “suspicious” • Narrower protocol may also better serve certain use cases 4
  • 6. 6
  • 7. Desired Characteristics • Recipient: • Opt-in only • Prioritized • Authenticated • Expire or deleted when not relevant • Timely • Unsubscribable • Configurable “push"
 
 
 • Sender: • Receipt confirmation • Intermediaries not needed • Possible with modest originator, e.g. IoT • Update or delete 7
  • 8. What is a Nōtif? • Nōtif : notification :: app : application • Tell a user that something they’re interested in is happening or has happened • Requested by the user • Typically time-sensitive, perishable 8
  • 9. What a Nōtif isn’t • Anything unsolicited • correspondence • spam • Addressed by a human • addresses are unsuitable for that • Two-way • Multihop 9
  • 10. Nōtifs Manifesto • Users: • Should have control over what nōtifs they receive • Should be able to know that the nōtifs they receive are genuine • Should have control over if and how they are alerted when nōtifs arrive • Should not have to reveal information about themselves just to receive nōtifs • Notifiers: • Should not have to guess whether nōtifs are being delivered • Should not have to employ intermediaries to get nōtifs delivered • Should be able to amend or delete nōtifs to keep them relevant • Nōtifs: • Should expire and hide when no longer relevant 10
  • 11. Notifiers Agent User endpoints Notification Agent Phone CallSMS, App push Growl Management, Authorization Notifications Authorization Table Rules Bank Emergency Services RetailersSocial Media Approval Requests Calendar 11
  • 12. Notifiers • Typically not operated by user • Opt-in by user through authorization ceremony • May or may not know much about the user
 
 
 
 
 
 • Examples: • Emergency services • E-Commerce sites • Social media • Enterprise services • Reminders • IoT sensors 12
  • 13. Nōtif Agents • Operate on behalf of user • Cloud-based • User-chosen, decentralized • Store notifications for retrieval by user • Manage authorizations for user • Analogous to last-hop MTA/MDA • Alert user to specific notifications of particular interest or urgency 13
  • 14. User endpoints • Push • Mobile device app (push notification) • SMS • Voice (telephone) • Desktop app • Email (!)
 
 
 
 
 • Pull • Web interface • Email-like (IMAP) • Mobile app (via future API) 14
  • 15. Nōtif Authorizations • A record of a relationship between a notifier and a user
 • Contains: • Notification address • Notifier’s domain • Description (provided/edited by user) • Max authorized priority • Tags • Flags (active, deleted, etc.) • Statistics (count, etc.) • Link to user (internal) 15
  • 26. Current status • Prototype Nōtif agent up and running • Linux/PostgreSQL/Go • Prototype user/authorization/nōtif management • Linux/PostgreSQL/Python/Django • Notifier SDK (Python) • Sample “clockwatcher” notifier running • Available on GitHub! 26
  • 27. Under development • Generate notifs from tweets • IMAP gateway • Connectors: Generate notifs from other services 27
  • 29. Notification examples • Emergency bulletins • Advertising / special offers • Event invitations • Approval requests • Tech support • Password resets
 
 
 
 • Fraud alerts (bank, etc.) • Alerts from “things” (IoT) • Newsletter availability • Social media alerts • Burglar/fire alarms 29
  • 30. Nōtif characteristics • Opt-in • Typically short • Modifiable/deletable (best effort) • Acknowledged delivery • Domain-signed • Encrypted in transit (use TLS) • Priority tagged • Expires at specified date/time 30
  • 31. Typical Nōtif {"header": {"to": “d28363d7-9d28-49f2-8d5b- b9c1cf989335@altmode.net:5342"}, "payload": “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogInNoaW55In0. eyJvcmlndGltZSI6ICIyMDE1LTA0LTA0VDE2OjE3OjAwLjI0MjE4MVoiLC AicHJpb3JpdHkiOiA0LCAiZXhwaXJlcyI6ICIyMDE1LTA0LTA0VDE2OjE3 OjAwLjI0MjE5M1oiLCAiYm9keSI6ICJJdCBpcyBub3cgMDk6MTcgYW5kIG FsbCBpcyB3ZWxsIiwgInN1YmplY3QiOiAiSXQgaXMgbm93IDA5OjE3In0. MVXxsqrqc6XQm2gkVgatmHC847JEBxg0eR4LSmsUsTpMAwWgZ7dKQ_Wk_Q K0It0aibj4qVdnJbs1MY6IwV7rqJMsSbzuZ7n_QDn_OKjI2L_rPq9IsW7z EUtwf2T1J1j9yfWX0zmXwqSxdqnFHNcv49S7eDPrEhlvIMLtixHDOjk"} Protected header Unprotected header Payload Signature Now in JWS format! 31
  • 32. Protected Header • Public key from DNS TXT record ala DKIM • Algorithm must agree with that specified by key record {"alg": “RS256", "kid": "shiny"} Public key obtained from DNS: <kid>._domainkey.<notifier-domain> Signing and hashing algorithms 32
  • 33. Nōtif Body • You can’t spoof what isn’t there: • From address/domain (comes from authorization) • To address (part of the envelope) {"origtime": “2015-04-04T16:17:00.242181Z", "priority": 4, "expires": “2015-04-05T16:17:00.242193Z", "body": "It is now 09:17 and all is well”, "subject": "It is now 09:17"} 33