120 likes | 235 Views
X-ASVP Technical Overview. eXtensible Anti-spam Verification Protocol. X-ASVP Committee Technical Working Group July 22, 2007. Agenda. Authentication Issues resolved by X-ASVP What the X-ASVP protocol does X-ASVP Approach X-ASVP Process flow URL “search path” algorithm
E N D
X-ASVP Technical Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 22, 2007
Agenda • Authentication Issues resolved by X-ASVP • What the X-ASVP protocol does • X-ASVP Approach • X-ASVP Process flow • URL “search path” algorithm • Meta-document example • What the protocol does not do • Implementation resources
Issues resolved by X-ASVP • SMTP does not include sender authentication • Does not require modification to end-user interface • Current “add-on” authentication systems require end users to send e-mail from a specific SMTP server. • Multiple authentication systems are in use: SPF (RFC 4408), Sender-ID (RFC 4406), DKIM (RFC 4871) • IETF approved experimental RFC’s 4405, 4406, 4407, 4408 for SPF and Sender-ID for a two year period
What the protocol does • Defines a “search-path” for finding a meta-document associated to an e-mail address • Defines syntax for meta-document entities • Defines syntax for X-ASVP mail header • Provides a framework for Level 1 extensions to the protocol
X-ASVP Approach • X-ASVP Algorithm produces 3 URL’s for any e-mail address (domain, tld, global) • Authentication is accomplished by the sender visiting the recipient’s web server • Recipient meta-document can contain multiple items: • Do Not E-mail Registry preference ( UCE ) • Authentication token (Level 1: ASVP-WEB) • Public Key (asymmetric encryption – PGP )
X-ASVP Process Flow • Recipient posts an X-ASVP meta-document • Sender collects recipient preferences from the posted meta-document (uses setting applicable to desired SMTP transaction ) • Bulk mail ( “legal” senders will follow UCE setting) • ASVP-WEB ( “token” included in mail header ) • PGP ( public key available on meta-document )
X-ASVP URL Algorithm • Goals: Distributed, Redundant, Universal • Hosts: 1. the domain, 2. top level domain, 3. global • Rules: 1. All alpha converted to uppercase, 2. non-alpha numeric converted to underscore • Example: John.Public1@foo.com • http://x-asvp.foo.com/FOO_COM/JOHN_PUBLIC1.HTM • http://www.x-asvp.com/FOO_COM/JOHN_PUBLIC1.HTM • http://www.x-asvp.info/COM/FOO_COM/JOHN_PUBLIC1.HTM
Meta-document example Token for Level 1 “ASVP-WEB” extension Do Not E-mail “Registration” Asymmetric encryption public key
What the protocol does NOT do • Does not limit the data that can be placed on a meta-document (syntax includes the <P> container ) • Does not limit extensions within the Level 1 method • Does not define the algorithm for creating Level 1 data fields (for example, the “ASVP-WEB” token) • Does not define the algorithm for verification of tokens
Implementation Resources • ISP Implementation Details (http://x-asvp.org/_pub/draft/HOWTO/ ) • DNS entry (x-asvp.domain.tld) • Web server virtual host • Meta-document generator script (example on committee website) • UCE setting (syntax available on committee website) • Individual Implementation Details • Individuals can join the X-ASVP committee • Member TLD providers will host meta-documents for members of the committee