IETF Logo Mail Archive

Re: [Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation

Dave Crocker <dcrocker@bbiw.net> Tue, 19 July 2022 19:40 UTC

Return-Path: <dcrocker@bbiw.net>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A827C06C3ED for <bimi@ietfa.amsl.com>; Tue, 19 Jul 2022 12:40:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.83
X-Spam-Level:
X-Spam-Status: No, score=-2.83 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bbiw.net header.b=C3GzBtV8; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=M0xQ0l5o
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 04aIJ1JDt9m2 for <bimi@ietfa.amsl.com>; Tue, 19 Jul 2022 12:40:13 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 057EBC157B4D for <bimi@ietf.org>; Tue, 19 Jul 2022 12:40:12 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 995C65C01AA; Tue, 19 Jul 2022 15:40:10 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 19 Jul 2022 15:40:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bbiw.net; h=cc :cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1658259610; x=1658346010; bh=jK0vUmHmHg B78EFBYF1+97oiBgwk5NaQg7cPgppoTFg=; b=C3GzBtV8AMMm4L4JUQIELvZR4K 30KuSQ7Px6+/YMTZlkIotYOnVEIf8huPaMbY9DaZUUmQNhJ4s1IuhqDTBuiZRbRd SlDZa0P2bpPXaL6aeKEMRN9a0HdAKXd0yBufmd3FpSIkLKkdTFupWCCvpBW6aHhj HXHIL+8LMAS6DO0apOpgXqAKrn/MvBJiQYIneYVNKTd1XULLJazPfs3cwseQW+Cu zcBlXqkQW34pOkcHFFi+DwAvbiuG2uu7HTAxkf8LI5NQ8tswaYmj4dte5WFOFE11 aZ0Fn53DWyJEN5XNxRwvhNxfdasfdT6YCwbceRVtXSRJd82sASWKnann6XCA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1658259610; x=1658346010; bh=jK0vUmHmHgB78EFBYF1+97oiBgwk 5NaQg7cPgppoTFg=; b=M0xQ0l5oMn0j39UMOmWB9jV+SbBWFOLtxKtfNxD4mYVX J18fBRh1IoOn6ZrPE+IJt/4PtnXfPrIR7lyxwOb3Q8/HDCmrhLuRFewWm4tVr5b0 O2NF4MV+6GpXEErkLymcIpEY+Yp9zMGpl5dc+l9zRWJU/3eThnXb/5B93vn/PIwx RoctqQT2TYuVoiZ22ZXhwatDcD6kJSPN/9I7yrHD2I052QIfakh/OZaK4H0GTTPt PD8znNcAuCei1lq84BNHU1GP7jU1TG8tbpstTMhWxAUEEf4x7mMEcFM3EoAHlb2O KszpdF8vlrZrxjmCWutecdFIh0P8adc9OjbsWPGDuA==
X-ME-Sender: <xms:mgjXYvtjQPikclMc8H-Ilv3bHc5LjgOP3U3uZH8rXPwzN2B_efS2MQ> <xme:mgjXYgcwmKq4-kQiTrnlglT8rPHme2T3Goha5xgJyK1QLZ51BgYXGuHXeiX71lzje awlqT_vzcfFtaWmRA>
X-ME-Received: <xmr:mgjXYiwVx60uPfN3xXm-g0_rUEU1X9lVerJhSXLB0ylnMAQEHaqnPujfN2s2Y8AV-pTCDTdm6UX5K2hN4H4WwJ6GJ_oadH8HEYKrwnu_>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrudeltddgudeflecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurheptgfkffggfgfuvfevfhfhohgjse grtderredtfeejnecuhfhrohhmpeffrghvvgcuvehrohgtkhgvrhcuoegutghrohgtkhgv rhessggsihifrdhnvghtqeenucggtffrrghtthgvrhhnpeetffffueegvdfhgeegudejvd euhffguddtvdeujeffudfgvddvkeejffeludeifeenucffohhmrghinhepsggsihifrdhn vghtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepug gtrhhotghkvghrsegssghifidrnhgvth
X-ME-Proxy: <xmx:mgjXYuP3PMxpajhGvzzrh4U7Bq5ZuyYkqM0mLWMWXW5hJX7_5VJ4SQ> <xmx:mgjXYv9BM1iYBW44FaFSp1JmoIjeW6FB4IbUydaN13xo4I49V4agFw> <xmx:mgjXYuXPGBWCeZ4wWjfMPUG6XlevPZg4njAQzBTPKnT6n79i29cNsQ> <xmx:mgjXYsEreZg1VUKSwgzkcg1vXNxe7A728lMg6REbnQRJZ-NyqBPFjQ>
Feedback-ID: i16d9478d:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 19 Jul 2022 15:40:09 -0400 (EDT)
Content-Type: multipart/alternative; boundary="------------QgAwJl00iNpc1opAZHHsiky0"
Message-ID: <60b46bf2-46cc-6269-88b5-bc879eadda25@bbiw.net>
Date: Tue, 19 Jul 2022 12:40:09 -0700
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0
Content-Language: en-US
To: Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>
Cc: bimi@ietf.org
References: <DE61AC51-4BC3-44FF-862D-7D8ADFB3BC29@proofpoint.com> <VI1PR01MB70538965904FD08A49F75C37C78C9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <11A2B052-A26C-4A9C-9D88-72B594DA1C59@proofpoint.com> <VI1PR01MB70537BA29DA1F456B858C17FC78C9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <6993E8B6-11A0-4AF3-A94E-044F880E56BC@proofpoint.com> <CAHej_8kjwtGE4rDrXfTpgThOD-jh7t0GK9EUnVjVZT_OJzzsvg@mail.gmail.com> <VI1PR01MB705353E36328899609DE2471C78C9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <12a85dfe-664f-d757-0fa2-81f17c8088c2@dcrocker.net> <4e9ab94e-8675-df70-3e4b-00edcedb266e@dcrocker.net> <5DE65D46-853F-4F61-ADA7-20CB5E7E6840@kitterman.com> <7f030278-3f9b-c8ea-f9eb-644f006cded9@dcrocker.net> <CC11EF68-1E27-41CD-AE2D-AC26DA261EAD@kitterman.com> <CAHej_8mNCTw0LpnWTBCpqZJhHQcDgrsC4truK1dD_-HbyVgsWA@mail.gmail.com> <90369013-6a44-0b6f-4345-53595695de30@dcrocker.net> <CAHej_8ksVcBZwMzNgzS6P6txJo42u36FD5W0-9dMt=DE6sYRUA@mail.gmail.com>
From: Dave Crocker <dcrocker@bbiw.net>
Organization: Brandenburg InternetWorking
In-Reply-To: <CAHej_8ksVcBZwMzNgzS6P6txJo42u36FD5W0-9dMt=DE6sYRUA@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/7peivr47fglrqT-bSo4rGTDRTEQ>
Subject: Re: [Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2022 19:40:17 -0000

On 7/19/2022 12:30 PM, Todd Herr wrote:
>
>   * What was the DMARC policy for the RFC5322.From domain at the time
>     the message was sent?
>   * What was the SPF record for the RFC5321.MailFrom domain at the
>     time the message was sent?
>   * Did a BIMI Assertion Record exist for the domain at the time the
>     message was sent?
>
> Put another way, is it ok to display the mark for the message now even 
> if it wasn't when it was received or even if it wasn't because BIMI 
> didn't exist for the domain at the time the message was received?


DMARC, DKIM and SPF (in this use) are strictly for authentication.  And 
the latter two were only designed for transit-time evaluation.  
(Arguably this also applies to DMARC.)

Moreover, they have nothing to do with trust of substance, other than a 
domain name.

Presumably authorization to use a BIMI mark is more than that, 
pertaining to some matter(s) of business and display trust.  That level 
of trust that presumably could be withdrawn after initial validation, 
even as domain name authorization remains.

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.23.0 | Report a Bug | By Email