notifs update
TRANSCRIPT
What is a Nōtif?
• Nōtif : notification :: app : application
• Tell a user that something they’re interested in is happening or has happened
• Requested by the user
• Typically short
• Typically time-sensitive, perishable
2
What a Nōtif isn’t• Anything unsolicited
• correspondence
• spam
• Addressed by a human
• addresses are unsuitable for that
• Two-way
• Multihop
3
Notification examples• Emergency bulletins• Advertising / special
offers• Event invitations• Approval requests• Tech support• Password resets
• Fraud alerts (bank, etc.)• Alerts from
“things” (IoT)• Newsletter availability• Social media alerts• Burglar/fire alarms
5
Nōtifs Manifesto
• Users:• Should have control over what nōtifs they receive• Should be able to know that the nōtifs they receive are genuine• Should have control over if and how they are alerted when
nōtifs arrive• Should not have to reveal information about themselves just to
receive nōtifs• Notifiers:
• Should not have to guess whether nōtifs are being delivered• Should not have to employ intermediaries to get nōtifs delivered• Should be able to amend or delete nōtifs to keep them relevant
• Nōtifs:• Should expire and hide when no longer relevant
6
Nōtif characteristics• Opt-in
• Typically short
• Modifiable/deletable (best effort)
• Acknowledged delivery
• Domain-signed
• Encrypted in transit (use TLS)
• Priority tagged
• Expires at specified date/time
7
Notifiers
Agent
User endpoints
NotificationAgent
PhoneCallSMS,
App push
GrowlManagement,Authorization
NotificationsAuthorization TableRules
Bank EmergencyServices RetailersSocial Media Approval
RequestsCalendar
8
Notifiers• Typically not operated
by user• Opt-in by user through
authorization ceremony• May or may not know
much about the user
• Examples:• Emergency services• E-Commerce sites• Social media• Enterprise services• Reminders
9
Nōtif Agents• Operate on behalf of
user• Cloud-based• User-chosen,
decentralized• Store notifications for
retrieval by user• Manage authorizations
for user
• Alert user to specific notifications of particular interest or urgency
10
Nōtif Authorizations
• A record of a relationship between a notifier and a user
• Contains:• Notification address• Notifier’s domain• Description (provided/edited by user)• Max authorized priority• Tags• Flags (active, deleted, etc.)• Statistics (count, etc.)• Link to user (internal)
11
User endpoints• Push
• Mobile device app (push notification)
• SMS• Voice (telephone)• Desktop app• Email (!)
• Pull• Web interface• Mobile app (via API)
12
Typical Nōtif
{"header": {"to": “[email protected]:5342"}, "payload": “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogInNoaW55In0. eyJvcmlndGltZSI6ICIyMDE1LTA0LTA0VDE2OjE3OjAwLjI0MjE4MVoiLCAicHJpb3JpdHkiOiA0LCAiZXhwaXJlcyI6ICIyMDE1LTA0LTA0VDE2OjE3OjAwLjI0MjE5M1oiLCAiYm9keSI6ICJJdCBpcyBub3cgMDk6MTcgYW5kIGFsbCBpcyB3ZWxsIiwgInN1YmplY3QiOiAiSXQgaXMgbm93IDA5OjE3In0. MVXxsqrqc6XQm2gkVgatmHC847JEBxg0eR4LSmsUsTpMAwWgZ7dKQ_Wk_QK0It0aibj4qVdnJbs1MY6IwV7rqJMsSbzuZ7n_QDn_OKjI2L_rPq9IsW7zEUtwf2T1J1j9yfWX0zmXwqSxdqnFHNcv49S7eDPrEhlvIMLtixHDOjk"}
Protected header
Unprotected header
Payload
Signature
Now in JWS format!
13
Protected Header
• Public key from DNS TXT record ala DKIM
• Algorithm must agree with that specified by key record
{"alg": “RS256", "kid": "shiny"}
Public key obtained from DNS:<kid>._domainkey.<notifier-domain>
Signing and hashing algorithms
14
Nōtif Body
• You can’t spoof what isn’t there:
• From address/domain (comes from authorization)
• To address (part of the envelope)
{"origtime": “2015-04-04T16:17:00.242181Z", "priority": 4, "expires": “2015-04-05T16:17:00.242193Z", "body": "It is now 09:17 and all is well”, "subject": "It is now 09:17"}
15
Current status• Prototype Nōtif agent up and running
• Linux/MongoDB/Go
• Prototype user/authorization/nōtif management
• Linux/MongoDB/Python/Django
• Notifier SDK (Python)
• Sample “clockwatcher” notifier running
22