User-controlled notifications: Nōtifs

Jim Fenton <notifs@bluepopcorn.net>

1

Spring 2015 Update

What is a Nōtif?

• Nōtif : notification :: app : application

• Tell a user that something they’re interested in is happening or has happened

• Requested by the user

• Typically short

• Typically time-sensitive, perishable

2

What a Nōtif isn’t• Anything unsolicited

• correspondence

• spam

• Addressed by a human

• addresses are unsuitable for that

• Two-way

• Multihop

3

4

Notification examples• Emergency bulletins• Advertising / special

offers• Event invitations• Approval requests• Tech support• Password resets

• Fraud alerts (bank, etc.)• Alerts from

“things” (IoT)• Newsletter availability• Social media alerts• Burglar/fire alarms

5

Nōtifs Manifesto

• Users:• Should have control over what nōtifs they receive• Should be able to know that the nōtifs they receive are genuine• Should have control over if and how they are alerted when

nōtifs arrive• Should not have to reveal information about themselves just to

receive nōtifs• Notifiers:

• Should not have to guess whether nōtifs are being delivered• Should not have to employ intermediaries to get nōtifs delivered• Should be able to amend or delete nōtifs to keep them relevant

• Nōtifs:• Should expire and hide when no longer relevant

6

Nōtif characteristics• Opt-in

• Typically short

• Modifiable/deletable (best effort)

• Acknowledged delivery

• Domain-signed

• Encrypted in transit (use TLS)

• Priority tagged

• Expires at specified date/time

7

Notifiers

Agent

User endpoints

NotificationAgent

PhoneCallSMS,

App push

GrowlManagement,Authorization

NotificationsAuthorization TableRules

Bank EmergencyServices RetailersSocial Media Approval

RequestsCalendar

8

Notifiers• Typically not operated

by user• Opt-in by user through

authorization ceremony• May or may not know

much about the user

• Examples:• Emergency services• E-Commerce sites• Social media• Enterprise services• Reminders

9

Nōtif Agents• Operate on behalf of

user• Cloud-based• User-chosen,

decentralized• Store notifications for

retrieval by user• Manage authorizations

for user

• Alert user to specific notifications of particular interest or urgency

10

Nōtif Authorizations

• A record of a relationship between a notifier and a user

• Contains:• Notification address• Notifier’s domain• Description (provided/edited by user)• Max authorized priority• Tags• Flags (active, deleted, etc.)• Statistics (count, etc.)• Link to user (internal)

11

User endpoints• Push

• Mobile device app (push notification)

• SMS• Voice (telephone)• Desktop app• Email (!)

• Pull• Web interface• Mobile app (via API)

12

Typical Nōtif

{"header": {"to": “d28363d7-9d28-49f2-8d5b-b9c1cf989335@altmode.net:5342"}, "payload": “eyJhbGciOiAiUlMyNTYiLCAia2lkIjogInNoaW55In0. eyJvcmlndGltZSI6ICIyMDE1LTA0LTA0VDE2OjE3OjAwLjI0MjE4MVoiLCAicHJpb3JpdHkiOiA0LCAiZXhwaXJlcyI6ICIyMDE1LTA0LTA0VDE2OjE3OjAwLjI0MjE5M1oiLCAiYm9keSI6ICJJdCBpcyBub3cgMDk6MTcgYW5kIGFsbCBpcyB3ZWxsIiwgInN1YmplY3QiOiAiSXQgaXMgbm93IDA5OjE3In0. MVXxsqrqc6XQm2gkVgatmHC847JEBxg0eR4LSmsUsTpMAwWgZ7dKQ_Wk_QK0It0aibj4qVdnJbs1MY6IwV7rqJMsSbzuZ7n_QDn_OKjI2L_rPq9IsW7zEUtwf2T1J1j9yfWX0zmXwqSxdqnFHNcv49S7eDPrEhlvIMLtixHDOjk"}

Protected header

Unprotected header

Payload

Signature

Now in JWS format!

13

Protected Header

• Public key from DNS TXT record ala DKIM

• Algorithm must agree with that specified by key record

{"alg": “RS256", "kid": "shiny"}

Public key obtained from DNS:<kid>._domainkey.<notifier-domain>

Signing and hashing algorithms

14

Nōtif Body

• You can’t spoof what isn’t there:

• From address/domain (comes from authorization)

• To address (part of the envelope)

{"origtime": “2015-04-04T16:17:00.242181Z", "priority": 4, "expires": “2015-04-05T16:17:00.242193Z", "body": "It is now 09:17 and all is well”, "subject": "It is now 09:17"}

15

Nōtif Summary

16

Nōtif Detail

17

Authorization Summary

18

Authorization

19

Methods

20

Alert Rules

21

Current status• Prototype Nōtif agent up and running

• Linux/MongoDB/Go

• Prototype user/authorization/nōtif management

• Linux/MongoDB/Python/Django

• Notifier SDK (Python)

• Sample “clockwatcher” notifier running

22

To Be Done

• Open-source the code (when I’m reasonably happy with it)

• Write an API/Protocol Specification

• Mobile app

• Connectors: Generate notifs from legacy services

23