IMT

Barry Leiba

Internet Messaging Technology

 
Internet Standards Manager, Huawei Technologies

Barry I’m a computer software researcher, working as Internet Standards Manager for Huawei Technologies.

I spend most of my time on e-mail and antispam technology and Internet security, and on standards development in those areas. I also try to keep a finger or two in context services technology, aiming to better connect users to important (non-spam) messages while avoiding inundation by unimportant or annoying ones. For more detail, see the sections below.

I am on the editorial board for IEEE Internet Computing magazine, and I edit the Standards and Expanding the Global Internet departments of the magazine.

I was a program chair for the 2010 Collaboration, Electronic messaging, Anti-Abuse and Spam Conference (CEAS), and have been a program chair and on the program committee during the other years of the conference.

I retired from IBM in 2009 as a Senior Technical Staff Member at IBM’s Thomas J. Watson Research center.

Internet Standards

I am working with the Internet Engineering Task Force (IETF) on several applications- and security-related standards. I have been selected as Applications Area Director, on the Internet Engineering Steering Group (IESG), and I will begin serving in that capacity in March 2012. I served on the Internet Architecture Board (IAB) from 2007 to 2009, and I participate in the Security Directorate and the Applications Area Directorate. I’m active in the following IETF working groups:

  • Open Authentication (OAuth) is standardizing a protocol initially developed by social-networking web sites to allow their users to provide authentication credentials so that the sites can work together on behalf of the user without compromising the user's actual login identity. I am a chair of the OAuth working group.
  • Messaging Abuse Reporting Format (marf) is chartered to standardize a format for abuse reports (reports of spam, phishing, malware, and other sorts of unwanted messages) that can be automatically processed. The work is based on a format that has been in use experimentally, with good results; standardizing it will allow it to be more widely deployed. This group will work with other standards-related bodies, such as MAAWG (the Messaging Anti-Abuse Working Group) and OMA (Open Mobile Alliance). I am a chair of the MARF working group.
  • The Applications Area Working Group (appsawg) is a place for people to bring good ideas that are appropriate for the IETF Applications Area, but for which there is no active working group covering the topic. The working group will help with items that might otherwise have been individual submissions, with a goal of getting broader review and comment than would happen for individual submissions. I am a chair of this working group.
  • Sieve Mail Filtering Language (sieve), a language for writing portable email filters. This working group is updating the existing Sieve standard, and is standardizing a number of useful extensions to it, including one specifically for spam filtering.
  • Email Address Internationalization (eai). This working group has developed an experimental proto-standard for allowing international characters (including non-Western scripts, such as Hebrew and Chinese) in email addresses and email headers. The group will now move versions of those experimental documents to the standards track.
  • vCard and CardDAV (vcarddav). This working group is updating the vCard specification, along with a parallel XML schema, and is developing an address book access protocol, CardDAV, based on WebDAV.
  • Hypertext Transfer Protocol Bis (httpbis). There’s a need to update and clarify the HTTP standard, in light of implementation experience and extensions that have been developed. The goal of this working group is to make those updates and clarifications, and to document implementation experience.
  • Constrained RESTful Environments (core). Targeting applications such as building automation and sensor networks, this working group is developing protocols for application environments constrained by power and memory limitations, processor speeds, and so on. The protocols are being built on REpresentational State Transfer architectural concepts.
  • Web Security (websec). This working group is addressing web security issues other than authentication (that’s a much larger issue that needs to be handled separately), starting by developing a problem statement and survey of what the specific issues are, and moving toward standard solutions. The solutions will aim to deal with such things as cross-site-scripting attacks, clickjacking, and man-in-the-middle attacks.

    • Completed working groups:
  • DomainKeys Identified Mail (DKIM) developed a standard for having the originating domain digitally sign email messages to make it harder to spoof the originating address. I chaired the DKIM working group.
  • Message Organization (morg) took on a list of IMAP extensions related to sorting, threading, and searching — extensions to help users find and organize messages. I was a chair of the MORG working group, which finished its work closed in March 2011.
  • Virtual World Region Agent Protocol (vwrap) aimed at solving one part of a complex whole, making a first effort at standardizing some virtual-world protocols. The proposed protocol allows portions of worlds, called regions, to appear as seamless units, allowing avatars to move among regions that are separately implemented. In the end, some of the main proponents had job changes, and the effort never resulted in any standards. I was a chair of the VWRAP working group.
  • Calendaring and Scheduling Standards Simplification (calsify). This working group made some major revisions of the calendaring and scheduling standards. The iCalendar standard was updated, and the related standards were revised with an eye toward greater interoperability.
  • Internationalized Domain Names in Applications (Revised) (idnabis). This working group ended its work, updating the 2003 IDNA specification to the current version of Unicode. It made the IETF specification independent of specific Unicode versions. It also made other changes to IDNA to fix problems and cover things that were missed in the first pass.
  • Enhancements to Internet email to support diverse service environments (lemonade). The name of this working group used to be a fanciful acronym for License to Enhance Messaging Oriented Network Access for Diverse Endpoints, but that full name was long ago dropped. The goal of the lemonade group was to standardize changes to email protocols to enable more efficient operation on mobile phones, PDAs, kiosks, and other devices with varying capabilities and varying levels of network connectivity. The group’s work is now done, and the working group has been closed.
  • Internet Message Access Protocol Extension (imapext). Internet Message Access Protocol (IMAP) is one of the two Internet-standard protocols used for email access and retrieval (the other is POP3). The imapext working group standardized some useful extensions to IMAP, ended its work, and has been closed.

AntiSpam Technology

During my last few years in IBM Research, we developed more effective antispam techniques, some of which have made their way into IBM’s Lotus software products, and some into the product line from IBM Internet Security Systems. US patent 7,475,118 covers some of this work.

Context Services Technology

In Context Services, closely connected to pervasive/ubiquitous computing work, we emphasized three areas:

For the messages themselves, we tied together e-mail, instant messaging, alerts, calendar alarms, and other similar things that can broadly be grouped into the category of “messaging”. It’s obvious that if you’ve defined e-mail from your boss to be “important”, you want to be informed quickly about new e-mail from your boss. But also, if you’ve set your calendar to give you an alarm ten minutes before an important meeting, it does little good if that alarm pops up on your desktop computer when you’re not in your office. That alarm is a “message” too, and we’ll handle it as one.

For connecting you, we handle your desktop and laptop computers, of course, but we also handle a variety of wireless/handheld devices, including cell phones (through SMS), BlackBerry(tm) handhelds, personal digital assistants (PDAs) connected through wireless modems, and other similar devices.

For winnowing important messages from the chaff of all the unimportant ones, we used advanced filtering technology that takes into account general user preferences, specific targeted filters, and user context.

User context refers to information obtained dynamically about where the user is, what she’s doing, and how she’s relating to the people around her. Is the user at home, at work, in a public place? On vacation? In a meeting? Seeing a Broadway show? Has she specified that she’s not to be disturbed? Will she be available for interruption in 30 minutes, or not for 3 hours? Is she out of town? Returning tomorrow, or not for two weeks?

All this information can be used both in the filtering, to change the definition of what “important” means (perhaps mail from my boss is important, but not if I’m on vacation unless it’s marked “urgent”), and in the delivery, deciding how to deliver a message at a particular time (if I’m at home, don’t sent alerts to my desktop computer in the office; if I’m at a show, don’t ring my cell phone).

Much of our work was focused on the context information — obtaining it, using it effectively, securing it to protect the user’s privacy. US patent 7,496,585 covers some of this work.