Presentation is loading. Please wait.

Presentation is loading. Please wait.

X-ASVP Executive Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 25, 2007.

Published byByron Owen Modified over 8 years ago

Similar presentations

Presentation on theme: "X-ASVP Executive Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 25, 2007."— Presentation transcript:

1 X-ASVP Executive Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 25, 2007

2 Agenda Uses for X-ASVP How X-ASVP works X-ASVP Process flow URL “search path” algorithm Meta-document example Implementation Overhead

3 Uses for X-ASVP Distributed Do Not E-mail Registry – Indicate “opt-out” as defined in CAN-SPAM Act – Would give ISP’s new legal standing and toolset to pursue spammers Public Key Infrastructure – Would be a common location to post public keys Authentication token (Level 1: ASVP-WEB) – Could be used to enforce authentication to a web server prior to accepting e-mail

4 How X-ASVP works Defines a set of web addresses associated to an e- mail address – One at the domain of the e-mail address – One at the host “www.x-asvp” in the same top level domain (.com,.net,.org, etc. ) as the e-mail addresswww.x-asvp – One at the protocol committee’s website www.x-asvp.infowww.x-asvp.info Defines syntax for posting user information at one (or more) of the above web addresses.

5 X-ASVP Process Flow Recipient posts an X-ASVP “meta- document” E-mail sender collects recipient preferences from the posted meta-document – Bulk mail ( “legal” senders will respect UCE setting; those who don’t violate CAN-SPAM ) – PGP ( public key available on meta-document ) – ASVP-WEB ( “token” included in mail header )

6

7 X-ASVP URL Algorithm Goals: Distributed, Redundant, Universal Hosts: 1. the domain, 2. top level domain, 3. global Rules: 1. All alpha converted to uppercase, 2. non-alpha numeric converted to underscore Example: John.Public1@foo.comJohn.Public1@foo.com – http://x-asvp.foo.com/FOO_COM/JOHN_PUBLIC1.HTM – http://www.x-asvp.com/FOO_COM/JOHN_PUBLIC1.HTM – http://www.x-asvp.info/COM/FOO_COM/JOHN_PUBLIC1.HTM

8 Meta-document example Token for Level 1 “ASVP-WEB” extension Do Not E-mail “Registration” Asymmetric encryption public key

9 Solution Data Flow

10 Implementation Overhead For an ISP or Enterprise that already runs a web server, implementation can be trivial – DNS record (CNAME) for “x-asvp” host – Virtual Host on existing web server – Generic page script (example on x-asvp.org ) http://x-asvp.org/_pub/draft/HOWTO/

11 Benefit of “trivial” implementation Equivalent to posting “No Trespassing” on your Inbox. – If recognized as equivalent to listing in “National Do Not E- mail Registry”, then enforcement provisions of CAN-SPAM apply. Spammers don’t know whether or not you’re filtering on the ASVP-WEB token provided. – New anti-spam toolset 1. IP address trail available when tokens are collected. 2. CGI script logic easier to implement (for token generation) than sender host verification at MTA.

Download ppt "X-ASVP Executive Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 25, 2007."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
CGI & HTML forms -05-. CGI Common Gateway Interface  A web server is only a pipe between user-agents  and content – it does not generate content.

CGI & HTML forms CGI Common Gateway Interface  A web server is only a pipe between user-agents  and content – it does not generate content.
© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.

© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
An Overview of the Law on Spam Anti-Spam Research Group San Francisco, CA March 20, 2003 Jon Praed Internet Law Group

An Overview of the Law on Spam Anti-Spam Research Group San Francisco, CA March 20, 2003 Jon Praed Internet Law Group
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
----Presented by Di Xu 17.12.2010.  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.
The Application Layer Chapter 7. Where are we now?

The Application Layer Chapter 7. Where are we now?
1 Enhancing Email Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.

1 Enhancing Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
Domains and Hosting Randolph Technical Career Center Bobby Erwin.

Domains and Hosting Randolph Technical Career Center Bobby Erwin.
Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.

Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Email Basics Dayton Metro Library Place photo here August 10, 2015.

Basics Dayton Metro Library Place photo here August 10, 2015.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
A global, public network of computer networks. The largest computer network in the world. Computer Network A collection of computing devices connected.

A global, public network of computer networks. The largest computer network in the world. Computer Network A collection of computing devices connected.
Review of Last Session Search Engine Optimisation (SEO) Search Engine Optimisation (SEO) You can fine-tune your site so that the search engines notice.

Review of Last Session Search Engine Optimisation (SEO) Search Engine Optimisation (SEO) You can fine-tune your site so that the search engines notice.

Similar presentations

Ads by Google