IETF Logo Mail Archive

[Bimi] Thoughts about MUA/BIMI

"Brotman, Alex" <Alex_Brotman@comcast.com> Thu, 11 August 2022 14:21 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73191C14F607 for <bimi@ietfa.amsl.com>; Thu, 11 Aug 2022 07:21:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b=J9vnjM8A; dkim=pass (1024-bit key) header.d=comcastcorp.onmicrosoft.com header.b=Ct9qQWDi
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swHgJqCwoK0D for <bimi@ietfa.amsl.com>; Thu, 11 Aug 2022 07:21:17 -0700 (PDT)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A7BCC13CCFE for <bimi@ietf.org>; Thu, 11 Aug 2022 07:21:15 -0700 (PDT)
Received: from pps.filterd (m0156892.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27BD3peo019638 for <bimi@ietf.org>; Thu, 11 Aug 2022 10:21:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : content-type : mime-version; s=20190412; bh=UGsgqViXETJJj3P782QZ1yo279n5jcBV/SH+X5lNrCk=; b=J9vnjM8A2Ri1OvU4hESYIRZjbWY9JXRiXn5NaDZDuV5HgMfXjSp7b4kF21dTzy0lAIU2 JVyqbQHT/AzTyxPbXlPa2I6GWytG785fN8938NMheKH9z9HOuBT/lY1Vev8nxmw99SQi QVuH1cJoo/lutk08W+amq6hOv4fqNU/i6/xun+OtEK4yGxWL6aAarkKhf5cdpk+p9Ih0 hPNlqQ0/XH5/yPe/6YRx9NciLJYKDNtwaRj9y2KhSksjlRDTWVtpzKdCpa9HSNRhuxqo zBWCugNLJrGqLKyn91CTA1XAz8RFCQB+hlg2OAFVY4aW8bZv/sZtnN7KbfH8qUBiW1cE XQ==
Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2175.outbound.protection.outlook.com [104.47.57.175]) by mx0a-00143702.pphosted.com (PPS) with ESMTPS id 3hw2aw8q3p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <bimi@ietf.org>; Thu, 11 Aug 2022 10:21:14 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U5O//TkLqz0N0GL9Gb0x+FaYG0cwDAStsd1S+AcINsoscj0ToeD6zAs7NyZ/pZulhj27QbKmfVlLWu0eotuAdc4wmUm1s8Hoi6Ee8T0MS9kzKbNUClZHhfkLMYt5i5LwVkFBQvIiTmCzCn3u/W+W/dSLiL2yf1OSpz6ir/7LDIa8Mp8GM4RZYWNnsoisCgBQHZ2IDV2VcWDdNPPi4PijM9Ov2hBG5E0Fyhlbg/o7xaDNruFvGse3CXBodJu5lnbMzor1IYIVS9bUmO92zluaIR1w9pA7VtNidGHDWgvkOIgF9OJtxREIoEysrVjPsAGS7Zhs4VUuq2lzT2T/qhDysg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UGsgqViXETJJj3P782QZ1yo279n5jcBV/SH+X5lNrCk=; b=ksdhID4uGpM9VUCOcoF/avEPeyShvwfdagmhcHIksih42/rr/1C+JWm/jfvdkbJBE6e/SGh8f6ZZ96QmOhec8OgYGTVUI6KhFBJbsy53T86YPH2YEzAqhaIPgj/KGI3/jS0cUKyHSqHe6vgNGZ2Wl70uTtIHNktyxYiFOylT1+wDVY1PO2DHsDaKFNbKaucywhmoFoIeO+3ARnhoJ8FbYifFd5Uj0ZmEY58liifNL+c9tnmFw51LMZNl38vYph9VEP+YQQXj9FXzB03iKal17YPaZ8gaXsp57kvznRfkpR/xozNvgTggILhZvQIhnweQHwS8kTOwYj0gR32n8SxXlw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UGsgqViXETJJj3P782QZ1yo279n5jcBV/SH+X5lNrCk=; b=Ct9qQWDilWNua2Gu/feXFXIyeMjettIPd+sZK/sgwSG6rRZUXKjmZVPOsogjvcWqAd1kLa4enVC8NMDiCG2oyciXqNXacLUuCD2FxoAy8YQ8qVKwCnJIg/na4T6Q1m5OUmcinAikUgugnw7l94R+2UgP/GKsnCVw5qPYwQO/xyE=
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by BL1PR11MB5463.namprd11.prod.outlook.com (2603:10b6:208:315::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.15; Thu, 11 Aug 2022 14:21:11 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::948b:4532:30e:30b2]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::948b:4532:30e:30b2%6]) with mapi id 15.20.5504.020; Thu, 11 Aug 2022 14:21:11 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: "BIMI (IETF) (bimi@ietf.org)" <bimi@ietf.org>
Thread-Topic: Thoughts about MUA/BIMI
Thread-Index: Adis8vne4ga3cFFaQe65dqT0tt7sOw==
Date: Thu, 11 Aug 2022 14:21:11 +0000
Message-ID: <MN2PR11MB435138DB4A7161A506B8CD25F7649@MN2PR11MB4351.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dbf7d44c-56b1-48a7-a094-08da7ba4bdc6
x-ms-traffictypediagnostic: BL1PR11MB5463:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ExJ/3sLJoCsZj7zf2PrlowLgS2v62Vm+haiUNc1CFq9O0tKMGDzhyiHZDNsxgd82KlB9ebeO/hEjstk6U40y8bVrrtipTTYG2W7nV4M08WntxgDRlCaSrtZa675BC1OtkGqQi6/Rd03kEBckdTf8b9PAbKh6nlYhBVe4XI7OZCOHwR+JqmjknDjODXHZmhFiJatDcRLM/UQQga45ENd7mEdnJMeQ4II4iX67B+sYq0+L5fP7eUgp7X2eT9C9QGOShlm4YzuOLyQ7hdxuYoD1XGe3NeO79/qbM5DHKWCaeRYz4Ek6C5ReB8Qqy+XO99Z0pn5CDCYy9LW8EsJ1uW6j5yQ365Q+sVEKxlbCnfzkNQVJEwwFC9oVOV87YNX6fmPLvcwj0P1xMX6JeN+zsi6H3ldLpNA/plRUgktkH2l22VUOuBnL8meyzPw/AqnUWuCkc87OSfvddDyJu+3+vxnjJ78HSdNriEk32xWR0hjZztb4QuCCoVSkc/DkMYrMVZ36641vYiHQ7IX4YBKqEvVsPHGHC9FE+8XO9Zr6IjgL6Qj1/hyQ/0WoC/eemUAZOrHmJ6eFEWXJVxIfhVpRPQne7zxoGco0vo3SKF00ZnnsfmNIAm1c04UhAtLsDy8RMsowUdiq2FwNMbBtIaOLp1xl9s9jUk146EnCs0RJQBFVAzwLrNKQI/iM2dVq3Oarhb0ZIBS2oTaYgvIamto0DMTQqUglV/bGQmDjEfRa13vo2Jin49pJTHG8fjSD1c+E06xdFjKbhljMyMC7dm0ObskTWW2gKOLCm66mKdQWk0EaewEN7Nr/QJalSqkYIgES/43Y
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(39860400002)(136003)(366004)(376002)(346002)(396003)(84050400002)(8936002)(8676002)(83380400001)(52536014)(66476007)(64756008)(76116006)(66446008)(122000001)(66946007)(186003)(86362001)(55016003)(6916009)(66556008)(478600001)(71200400001)(33656002)(82960400001)(9686003)(316002)(38070700005)(3480700007)(41300700001)(5660300002)(6506007)(2906002)(38100700002)(7696005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: aX0lA4apFBdpR4IA7HpgxmfQtgo5GQqsO6c5FtNWB4Y0NTM+I6N6Ees/y7+83AKmzC61GEhSltpIwXZfVU0z+P1tKWEbECT7ihAFJXYDMv6Y1359nxqhvVytA/lTsYJcVeghjNafJgv/9e65kX0afsRlhWDiTNgZUZ1RtLXqcDZX3vG6hbQKLyC4JsvQkIsS2I1+6CP1i9tHjRHTfpqMEgd2zA73cTXzyX/f1KubROqgDQ8OkGwwfCaa4zZtqn04AfXd9kGJsqMX+HDdNSd2Wj/0JGVfzJM36PzSUTLrcmZYlrq9ue6Fxhu8T+SsFvlkbXFEqN12XfE98Cd1sWnPbrxg0o9H/39TTLBiGKOdoC9fXfkOamSpB3FM9BDYETX9eXDzRBw8mTBe/QBGRT1pJcIwozN3bmcpvF8799pGzz3Ku3wY8mXz60zOIsV7Ey5Lg/5d4Jwem9xPe4UITtEEJ8u5w+YMCG8jMltrH09rQYRrFuEgRt2TtV/L6HjUNTLm0cw2MYfe2IYRnj8BMq61Nqs6aUfrm0wRmkxb6oyErNY1zHV2F1DVX30NSdnoIUvPRAHtF9fH3K8Ve9bIQEBngHrAPKPHrC5U9iAmwH6agBI1M7UJpKMUGYIlKm0xcjpIPBokS7+i+c7CMUqAIPOfKv3DzM314WloTS8zEWhcrvdHii4+/nkTOZkBF8YhwRtfmoLsk+M7mqgTuPrr7T5hh4rBbbzlk9aRTN27es9zd/dc1UTebUlP/MbPvJgWNWQI8GxbrLp046WH2kUT/xWxQr11QX2Ypk9vKbryWHNDNTbxQYO44jU+CFpE9Y66egn1QANd3nV1L6/uz+ksrDvHjbZOa8aPkz2ZufWElr4Oh8YqHTnCd46Fim7V4H81aiFxhVKhO9FkDuPcDUpjAG3ehFMoPo5NMiYOivgTJHyb9j+dlEpNANWZo52SbzrqmY68AYEJ3Qj0luQoDn6yyORL9T01I57722q06abCOgBmda5JY8kH9KJjmxjUkNuypgA5gT7T0CR1DkU+5gfT8m2P+M9XVa4JT+GibBOaMuZ0rJc3cxHThFexHXd51Gkt3MMMZz1L2TDbx8TSFJBU8vFTX91hGdHCGn5rgrR6rz1/6Xb6QNt8weDX+NA/2V2n8MDiqOWPpECNqsgQRQGcA6uwqpEO8K2J4YGy+vU6OvcBmqdd0ga8mNjuFZBq7QH+w7IlZ9TYot18cxb2iH5phNQ7YMHy94CM4nFMOR438sT9mPrjMtfCAHtkYkwMUI8WaRkSLExQXJGxOmDJiAhS8gNzOI3guayxDlYRo7fyAYBafvy567moa18RyMms0gvSxWtI1d/U5+UYtYIFm71OXLP+MxbYKmGkjrwXihvBiqtOvZfec3N4YFsjdJn0uGSQLaRvXKHSj2/qS2/FPkgB694prjnfjK91ul6y7AFXXpedYYFglo9KIPIn944K7LpMDuXmlJHMcWkKxktvWMGTy5yODyp3CecX8D/chtIevnhsk/NNumMavwSShyfB0tHbFIjtjR2hH9ohdjP2hFftprzm092QiP1qCcZYYcj7GYuvLUslo1tHYtvTd3gugOZI/idHtqAH99ugUtAtFfs3NzvAdkYqm5z2BKmBKXUZ4LHDosdLpao2hnHO9nnWak5/uQZbhUDRac34I4THc/o1Vxx8DA==
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB435138DB4A7161A506B8CD25F7649MN2PR11MB4351namp_"
MIME-Version: 1.0
X-OriginatorOrg: comcast.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4351.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: dbf7d44c-56b1-48a7-a094-08da7ba4bdc6
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Aug 2022 14:21:11.4485 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 1OwyGWdCa1aJ2a/vZGl29HQOBF0yW7OXVFBceiZ0Je5CfzW0l4pcg3qH6nyvvUD1zUtyfeT6Aylpa+n69oBLn9L1yYycuw+JJAoBpRz9Qfc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR11MB5463
X-Proofpoint-GUID: kmnc_DQgu6gycEawdLVA1SaB4IeZw7qx
X-Proofpoint-ORIG-GUID: kmnc_DQgu6gycEawdLVA1SaB4IeZw7qx
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-11_11,2022-08-11_01,2022-06-22_01
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/QKWANOzwYAK9gSwAtcCbIw-TNe4>
Subject: [Bimi] Thoughts about MUA/BIMI
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2022 14:21:21 -0000

In thinking more about the MUA proposal, we are trying to find a solution for the case where an unaffiliated[1] MUA would like to be able to either independently validate message authentication details (to support DMARC), or rely upon the validation process from the MBP.



Consider we have two primary goals (in short form):



  1.  Drive DMARC adoption
  2.  Associate an image with properly authenticated messages



Again, we also may need to define how independent an MUA can be in the situation when there is an unaffiliated MUA in use by the recipient.  We can attempt to have the MUA be completely independent as it relates to DMARC/BIMI, or we can use the hints the MBP may be able to provide.  If we don't feel that either can be done in a reasonable manner where authentication checks can be relied upon, I'm not sure it's ideal for the MUA to display these associated images.



If we look at the first, where the MUA acts independently, we have the potential for a few methods by which it may be able to validate the message authentication details.  I'm going to pretend that the current issue of DKIM Replay Attacks is not a factor here, though I realize that may impact any decisions we make.



  1.  DKIM - The MUA could attempt to validate the DKIM signature on its own.  Presuming nothing has altered the message in transit, this is plausible.  This is only half of DMARC, and I don't think it's ideal to try to allow the MUA to understand which IP/host delivered the message (via Received headers) to the provider to evaluate SPF.  This does require the MBP not mangle the message as it passes through.
  2.  ARC - This requires the participation of the receiving MBP, as well as any intermediary. This could allow the MUA to validate the chain, and use those details to determine if DMARC has passed.  This requires a much deeper adoption of ARC than currently exists.



If this were to happen, the MUA may (and probably should) choose to ignore any existing BIMI headers that are normally created by the MBP.  If the MBP is not BIMI-aware, and not removing existing BIMI-related headers, it should not be expected that the MUA could rely on them in the situations above.  Additionally, does something need to happen to "timebox" the MUA from trying to validate all messages, even those prior to the arrival of BIMI, and the publishing of the BIMI records for the associated sender?  Should a message from "example.com' from 2017 receive a logo (assuming all of other validation lines up)?



There are other options, though it will require more participation from the MBP.  It seems that we cannot expect the MBP to store information about the message in any metadata outside of the message itself.  If we consider the case of an unaffiliated MUA, it seems as though the MBP needs some way to convey information in a reasonable manner which can be reasonably trusted/verified.



  1.  Assume the MBP is DMARC-aware, but does not directly support BIMI evaluation.  Could the MBP sign (a la DKIM) the A-R header so that the MUA could utilize that header as its evaluation.  There may need to be some signal in the A-R header that demonstrates it was the final hop (or at least which hop it was?).  This could allow the MUA to utilize SPF/DKIM/(ARC)/DMARC results as provided by the MBP instead of performing its own validation. Though, the MUA will need to ensure the signed header is legitimate.
  2.  The MBP is BIMI-aware and wants to convey its results to an unaffiliated MUA.  The MBP does the required tests, and signs the BIMI-Location or BIMI-Indicator headers.  This would allow the MUA to utilize BIMI in an independent fashion.



In the cases above, the MUA is dependent on the MBP, though that is the best place to perform the message authentication.  In this case, the risk of a web bug is probably greater as the MUA will likely be directly fetching the SVG from the remote site.



Looking for thoughts from others.  Thanks for your time.





[1] Unaffiliated MUA in this case means one that is not tightly coupled to the MBP.  Examples of an "affiliated" client may be the Gmail or Yahoo web/mobile client that are used to attach to those respective mail systems.  The unaffiliated MUA would likely be the one that the user chooses on their own, and has no direct relationship with the MBP.



--

Alex Brotman

Sr. Engineer, Anti-Abuse & Messaging Policy

Comcast

v2.23.0 | Report a Bug | By Email