Bounce Address Tag Validation BATV D Crocker IETF
Bounce Address Tag Validation (BATV) D. Crocker IETF J. Levine San Diego Sam Silberman 2004 Tony Finch MASS BOF D. Crocker, Brandenburg Internet. Working BATV, IETF San Diego 2004
BATV – Detecting forged Mail. From ] Digital signature X ] Key based on RHS domain Permit multiple schemes (Sorry, but no choice) ] Meta-syntax on LHS (local-part) for parameters X X Permits finding mailbox without understanding sig Hard limit of 64 bytes for total of local-part mailbox@example. com batv=mailbox/scheme/parms@example. com D. Crocker, Brandenburg Internet. Working 2 BATV, IETF San Diego 2004
Bounce Address Evaluation Venues Bounce Generation Bounce Receipt MSA MDA MTA Original Relay MTA D. Crocker, Brandenburg Internet. Working MTA 3 MTA BATV, IETF San Diego 2004
Base Scheme – PSB 0 ] Private Signed Bounce zero X X X Detected invalid received bounces Interpreted only by issuer Limited replay protection sig-val = key-id encrypt (<addr-spec>, timestamp, random-string ) D. Crocker, Brandenburg Internet. Working 4 BATV, IETF San Diego 2004
Approach for Public Key Scheme ] Detect at time of bounce generation, or earlier ] Based on content standard, when available ] Use all of the mechanism, but tune computation to Mail. From limitations X E. g. , hash the signature into a short string. D. Crocker, Brandenburg Internet. Working 5 BATV, IETF San Diego 2004
- Slides: 5