Presentation is loading. Please wait.

Presentation is loading. Please wait.

X-ASVP Technical Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 22, 2007.

Published byCameron Powers Modified over 8 years ago

Similar presentations

Presentation on theme: "X-ASVP Technical Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 22, 2007."— Presentation transcript:

1 X-ASVP Technical Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 22, 2007

2 Agenda Authentication Issues resolved by X-ASVP What the X-ASVP protocol does X-ASVP Approach X-ASVP Process flow URL “search path” algorithm Meta-document example What the protocol does not do Implementation resources

3 Issues resolved by X-ASVP SMTP does not include sender authentication Does not require modification to end-user interface – Current “add-on” authentication systems require end users to send e-mail from a specific SMTP server. – Multiple authentication systems are in use: SPF (RFC 4408), Sender-ID (RFC 4406), DKIM (RFC 4871) – IETF approved experimental RFC’s 4405, 4406, 4407, 4408 for SPF and Sender-ID for a two year period

4 What the protocol does Defines a “search-path” for finding a meta- document associated to an e-mail address Defines syntax for meta-document entities Defines syntax for X-ASVP mail header Provides a framework for Level 1 extensions to the protocol

5 X-ASVP Approach X-ASVP Algorithm produces 3 URL’s for any e-mail address (domain, tld, global) Authentication is accomplished by the sender visiting the recipient’s web server Recipient meta-document can contain multiple items: – Do Not E-mail Registry preference ( UCE ) – Authentication token (Level 1: ASVP-WEB) – Public Key (asymmetric encryption – PGP )

6 X-ASVP Process Flow Recipient posts an X-ASVP meta-document Sender collects recipient preferences from the posted meta-document (uses setting applicable to desired SMTP transaction ) – Bulk mail ( “legal” senders will follow UCE setting) – ASVP-WEB ( “token” included in mail header ) – PGP ( public key available on meta-document )

7

8 X-ASVP URL Algorithm Goals: Distributed, Redundant, Universal Hosts: 1. the domain, 2. top level domain, 3. global Rules: 1. All alpha converted to uppercase, 2. non-alpha numeric converted to underscore Example: John.Public1@foo.comJohn.Public1@foo.com – http://x-asvp.foo.com/FOO_COM/JOHN_PUBLIC1.HTM – http://www.x-asvp.com/FOO_COM/JOHN_PUBLIC1.HTM – http://www.x-asvp.info/COM/FOO_COM/JOHN_PUBLIC1.HTM

9 Meta-document example Token for Level 1 “ASVP-WEB” extension Do Not E-mail “Registration” Asymmetric encryption public key

10 Solution Data Flow

11 What the protocol does NOT do Does not limit the data that can be placed on a meta- document (syntax includes the container ) Does not limit extensions within the Level 1 method Does not define the algorithm for creating Level 1 data fields (for example, the “ASVP-WEB” token) Does not define the algorithm for verification of tokens

12 Implementation Resources ISP Implementation Details ( http://x-asvp.org/_pub/draft/HOWTO/ ) http://x-asvp.org/_pub/draft/HOWTO/ – DNS entry (x-asvp.domain.tld) – Web server virtual host – Meta-document generator script (example on committee website) – UCE setting (syntax available on committee website) Individual Implementation Details – Individuals can join the X-ASVP committee – Member TLD providers will host meta-documents for members of the committee

Download ppt "X-ASVP Technical Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 22, 2007."

Similar presentations

Draft-ietf-eai-mailinglist-00.txt Mailing Lists and Internationalized Addresses IETF66 Montreal – July 11, 2006 Edmon Chung, Afilias

Draft-ietf-eai-mailinglist-00.txt Mailing Lists and Internationalized Addresses IETF66 Montreal – July 11, 2006 Edmon Chung, Afilias
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
DNSSEC & Email Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.

DNSSEC & Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
IPv6: The Future of the Internet? July 27th, 1999 Auug.

IPv6: The Future of the Internet? July 27th, 1999 Auug.
© UPU 2014 – All rights reserved Mitigating online risk for postal e-services.

© UPU 2014 – All rights reserved Mitigating online risk for postal e-services.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.
Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.
Chapter 29 Structure of Computer Names Domain Names Within an Organization The DNS Client-Server Model The DNS Server Hierarchy Resolving a Name Optimization.

Chapter 29 Structure of Computer Names Domain Names Within an Organization The DNS Client-Server Model The DNS Server Hierarchy Resolving a Name Optimization.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Cornell CS502 Web Basics and Protocols CS 502 – 20020129 Carl Lagoze Acks to McCracken Syracuse Univ.

Cornell CS502 Web Basics and Protocols CS 502 – Carl Lagoze Acks to McCracken Syracuse Univ.
1 Enhancing Email Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.

1 Enhancing Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.
Technion – Israel Institute of Technology Department of Electrical Engineering Software Lab Remote Mailbox based on.NET technology Michael and Eugene Shamis.

Technion – Israel Institute of Technology Department of Electrical Engineering Software Lab Remote Mailbox based on.NET technology Michael and Eugene Shamis.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.

1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
CORDRA Philip V.W. Dodds March 2004. The “Problem Space” The SCORM framework specifies how to develop and deploy content objects that can be shared and.

CORDRA Philip V.W. Dodds March The “Problem Space” The SCORM framework specifies how to develop and deploy content objects that can be shared and.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.

Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Similar presentations

Ads by Google