Bounce Address Tag Validation Bounce Address Tag Validation Bounce - - PowerPoint PPT Presentation

bounce address tag validation bounce address tag
SMART_READER_LITE
LIVE PREVIEW

Bounce Address Tag Validation Bounce Address Tag Validation Bounce - - PowerPoint PPT Presentation

Oct 22, 2022 486 likes •554 views

Bounce Address Tag Validation Bounce Address Tag Validation Bounce Address Tag Validation (BATV) (BATV) (BATV) IETF IETF D. Crocker D. Crocker San Diego San Diego J. Levine J. Levine 2004 2004 Sam Silberman Sam Silberman Tony Finch

slide-1
SLIDE 1

Bounce Address Tag Validation (BATV) Bounce Address Tag Validation Bounce Address Tag Validation (BATV) (BATV)

  • D. Crocker

IETF

  • J. Levine

San Diego Sam Silberman 2004 Tony Finch

  • D. Crocker

IETF

  • J. Levine

San Diego Sam Silberman 2004 Tony Finch

slide-2
SLIDE 2
  • D. Crocker, Brandenburg InternetWorking

BATV, IETF San Diego 2004 2 2

BATV – Detecting forged MailFrom BATV BATV – – Detecting forged MailFrom Detecting forged MailFrom

  • Digital signature

Key based on RHS domain

  • Permit multiple schemes

(Sorry, but no choice)

  • Meta-syntax on LHS (local-part) for parameters

Permits finding mailbox without understanding sig

Hard limit of 64 bytes for total of local-part

  • Digital signature

Key based on RHS domain

  • Permit multiple schemes

(Sorry, but no choice)

  • Meta-syntax on LHS (local-part) for parameters

Permits finding mailbox without understanding sig

Hard limit of 64 bytes for total of local-part

mailbox@example.com mailbox@example.com →

→ → → → → → →

batv=m batv=mailbox ailbox/scheme/parms@example.com /scheme/parms@example.com

slide-3
SLIDE 3
  • D. Crocker, Brandenburg InternetWorking

BATV, IETF San Diego 2004 3 3

Bounce Address Evaluation Venues Bounce Address Evaluation Venues Bounce Address Evaluation Venues

MSA MSA MTA MTA MTA MTA MDA MDA MTA MTA MDA MDA MTA MTA Bounce Receipt Original Relay Bounce Generation

slide-4
SLIDE 4
  • D. Crocker, Brandenburg InternetWorking

BATV, IETF San Diego 2004 4 4

Base Scheme – PSB0 Base Scheme Base Scheme – – PSB0 PSB0

  • Private Signed Bounce zero

Detected invalid received bounces Interpreted only by issuer Limited replay protection

  • Private Signed Bounce zero

Detected invalid received bounces Interpreted only by issuer Limited replay protection

sig sig-

  • val

val = = key key-

  • id

id encrypt (<addr encrypt (<addr-

  • spec>, timestamp,

spec>, timestamp, random random-

  • string )

string )

slide-5
SLIDE 5
  • D. Crocker, Brandenburg InternetWorking

BATV, IETF San Diego 2004 5 5

Approach for Public Key Scheme Approach for Public Key Scheme Approach for Public Key Scheme

  • Based on content standard, when available
  • Use all of the mechanism, but tune

computation to MailFrom limitations

E.g., hash the signature into a short string.

  • Based on content standard, when available
  • Use all of the mechanism, but tune

computation to MailFrom limitations

E.g., hash the signature into a short string.