Barry Leiba

Last updated
Barry Leiba
Barry Leiba, 22 March 2021.jpg
Born1957
Education University of Florida, George Washington University
Occupation Computer Scientist
EmployerFuturewei Technologies
Known for e-mail, Internet standards
TitleDirector, Internet Standards

Barry Leiba (born 1957) is a computer scientist and software researcher. He retired from IBM's Thomas J. Watson Research Center in Hawthorne, New York in February 2009, and now works for FutureWei Technologies as a Director of Internet Standards. His work has focused for many years on electronic mail and anti-spam technology, on mobile computing and the Internet of things, and on Internet standards.

Contents

Work on e-mail and anti-spam technology

Leiba's interest in e-mail began in the early 1980s, with IBM's PROFS system, and with a proprietary e-mail system developed for an IBM customer. In the early 1990s he and his team at IBM Research developed an early implementation of an integrated multimedia e-mail system, called Ultimail, which became part of IBM's TCP/IP product for OS/2. The work on Ultimail led to development of the Internet Messaging Framework, [1] a toolkit for developing Internet-standards-compliant clients and servers. He was part of the team that developed the SpamGuru anti-spam engine [2] at IBM Research.

He has published a number of papers at the Collaboration, Electronic messaging, Anti-Abuse and Spam Conference, [3] and was a program chair for the conference in 2008 and 2010. [4]

Work on Internet standards

Leiba has been involved with the Internet Engineering Task Force (IETF) since the mid-1990s, working on e-mail-related standards, including IMAP, ACAP, updates to SMTP and the Internet message format, lemonade, the Sieve e-mail filtering language, internationalization in general and e-mail address internationalization in particular, and DKIM. He has chaired a number of working groups, including DKIM, [5] OAUTH, [6] CBOR, [7] and DMARC, [8] and served on the Internet Architecture Board from 2007 to 2009. He served on the Internet Engineering Steering Group as Applications Area Director from 2012 to 2016 and as Applications and Real-Time (ART) Area Director from 2019 to 2021, and is the IETF liaison to the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG). [9] He was appointed to the ICANN Security and Stability Advisory Committee (SSAC) [10] in 2018.

Other work

Leiba has also worked on IBM Research projects involving context awareness, [11] mobile and distributed computing, and computer security and access controls. He has been on the editorial board of the IEEE Computer Society's Internet Computing magazine [12] since January 2008, where he is currently serving as Associate Editor in Chief. In June 2022 he was elected to the Internet Society Board of Trustees.

Authored Requests For Comments (RFCs)

Related Research Articles

<span class="mw-page-title-main">Email</span> Mail sent using electronic means

Electronic mail is a method of transmitting and receiving messages using electronic devices. It was conceived in the late–20th century as the digital version of, or counterpart to, mail. Email is a ubiquitous and very widely used communication medium; in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries.

In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by RFC 9051.

The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.

An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by RFC 5322 and 6854. The term email address in this article refers to just the addr-spec in Section 3.4 of RFC 5322. The RFC defines address more broadly as either a mailbox or group. A mailbox value can be either a name-addr, which contains a display-name and addr-spec, or the more common addr-spec alone.

Sender Policy Framework (SPF) is an email authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain. This authentication only applies to the email sender listed in the "envelope from" field during the initial SMTP connection. If the email is bounced, a message is sent to this address, and for downstream transmission it typically appears in the "Return-Path" header. To authenticate the email address which is actually visible to recipients on the "From:" line, other technologies such as DMARC must be used. Forgery of this address is known as email spoofing, and is often used in phishing and email spam.

Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It decouples authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used in any application protocol that uses SASL. Authentication mechanisms can also support proxy authorization, a facility allowing one user to assume the identity of another. They can also provide a data security layer offering data integrity and data confidentiality services. DIGEST-MD5 provides an example of mechanisms which can provide a data-security layer. Application protocols that support SASL typically also support Transport Layer Security (TLS) to complement the services offered by SASL.

In email, a return receipt is an acknowledgment by the recipient's email client to the sender of receipt of an email message. What acknowledgment, if any, is sent by the recipient to the sender is dependent on the email software of the recipient.

Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the domain ownership of any message transfer agents (MTA) who participated in transferring and possibly modifying a message.

MARID was an IETF working group in the applications area tasked to propose standards for email authentication in 2004. The name is an acronym of MTA Authorization Records In DNS.

Sieve is a programming language that can be used for email filtering. It owes its creation to the CMU Cyrus Project, creators of Cyrus IMAP server.

In computing, Author Domain Signing Practices (ADSP) is an optional extension to the DKIM E-mail authentication scheme, whereby a domain can publish the signing practices it adopts when relaying mail on behalf of associated authors.

Push-IMAP, which is otherwise known as P-IMAP or Push extensions for Internet Message Access Protocol, is an email protocol designed as a faster way to synchronise a mobile device like a PDA or smartphone to an email server.

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email, a technique often used in phishing and email spam.

Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in business email compromise attacks, phishing email, email scams and other cyber threat activities.

Ned Freed was an IETF participant and Request for Comments author who contributed to a significant number of Internet Protocol standards, mostly related to email. He is best known as the co-inventor of email MIME attachments, with Nathaniel Borenstein.

A mailbox is the destination to which electronic mail messages are delivered. It is the equivalent of a letter box in the postal system.

The Abuse Reporting Format (ARF) also known as the Messaging Abuse Reporting Format (MARF) is a standard format for reporting spam via email.

SMTP Authentication, often abbreviated SMTP AUTH, is an extension of the Simple Mail Transfer Protocol (SMTP) whereby a client may log in using any authentication mechanism supported by the server. It is mainly used by submission servers, where authentication is mandatory.

The JSON Meta Application Protocol (JMAP) is a set of related open Internet Standard protocols for handling email. JMAP is implemented using JSON APIs over HTTP and has been developed as an alternative to IMAP/SMTP and proprietary email APIs such as Gmail and Outlook. Additional protocols and data models being built on top of the core of JMAP for handling contacts and calendar synchronization are meant to be potential replacements for CardDAV and CalDAV, and other support is currently in the works.

Murray S. Kucherawy is a computer scientist, mostly known for his work on email standardization and open source software.

References

  1. von Kanel, J. (1998). "IBM Systems Journal paper, "Internet Messaging Frameworks"". IBM Systems Journal. 37 (G321-0130). IBM Corporation: 4–18. doi:10.1147/sj.371.0004. Archived from the original on 2018-06-03. Retrieved 2019-11-30.
  2. "SpamGuru: An Enterprise Anti-Spam Filtering System (pdf)" (PDF). Conference on E-mail and Anti-Spam. 2004.[ permanent dead link ]
  3. "Collaboration, Electronic messaging, Anti-Abuse and Spam Conference". Archived from the original on 2007-05-20. Retrieved 2008-11-14.
  4. "Barry Leiba — Internet Messaging Technology". internetmessagingtechnology.org. Archived from the original on 2023-12-07. Retrieved 2023-11-20.
  5. "DKIM working group charter". Internet Engineering Task Force. Archived from the original on 2011-06-04. Retrieved 2010-03-05.
  6. "OAUTH working group charter". Internet Engineering Task Force. Archived from the original on 2011-08-05. Retrieved 2011-07-14.
  7. "CBOR working group charter". Internet Engineering Task Force.
  8. "DMARC working group charter". Internet Engineering Task Force.
  9. "Messaging Malware Mobile Anti-Abuse Working Group". M3AAWG. Archived from the original on 2021-09-13. Retrieved 2021-09-16.
  10. "ICANN Security and Stability Advisory Committee". Archived from the original on 2018-03-15. Retrieved 2018-03-14.
  11. "Pervasive Computing in Health Care: Smart Spaces and Enterprise Information Systems (pdf)" (PDF). MobiSys Workshop on Context Awareness. 2004. Archived (PDF) from the original on 2011-07-26. Retrieved 2009-02-28.
  12. "IEEE Internet Computing magazine". IEEE Computer Society. Archived from the original on 2008-11-13. Retrieved 2008-11-14.