IETF Logo Mail Archive

Re: [Bimi] Today's BoF

Wei Chuang <weihaw@google.com> Wed, 03 April 2019 14:02 UTC

Return-Path: <weihaw@google.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38E291200D6 for <bimi@ietfa.amsl.com>; Wed, 3 Apr 2019 07:02:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.6
X-Spam-Level:
X-Spam-Status: No, score=-15.6 tagged_above=-999 required=5 tests=[DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SrpUnZFK-6Yh for <bimi@ietfa.amsl.com>; Wed, 3 Apr 2019 07:02:25 -0700 (PDT)
Received: from mail-vs1-xe2e.google.com (mail-vs1-xe2e.google.com [IPv6:2607:f8b0:4864:20::e2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AED051200A2 for <bimi@ietf.org>; Wed, 3 Apr 2019 07:02:24 -0700 (PDT)
Received: by mail-vs1-xe2e.google.com with SMTP id g127so10030175vsd.6 for <bimi@ietf.org>; Wed, 03 Apr 2019 07:02:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6F/9P7VlXLI+NFnAKVMBXTjkrxyS/KA3eFL9ea3+LE0=; b=iLYeGUMSHjsH/H686I18Thut09xJysVJ86lX4yh4KXHtnrIXSEStQldC83/FbmyS92 WVG99ioFW3db4a5acKfh12bMyBMxL/JP3oVOgvDzkN3lCiufmVo3HqYwu3X5DkA/fm24 NJsNs9NkO4oZO0QKVBsqSkSVh8Trma/UfnLke6Tqcu1IkpYmbP0e4YxAZRD9NoVY1hUP vE6iYTgKi5kjc/zVVlNE1672jK1G2sPGKvo2EI96QIIzsIYpwpOzA1AOoRRpday6Waxw B9W4j8k1nVhybcxmoG8CWBPiCID99yjlKKZ4khewmBSEY/DphRKeENyTe44Zi0k8Qk3x wx3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6F/9P7VlXLI+NFnAKVMBXTjkrxyS/KA3eFL9ea3+LE0=; b=O5Jz/ToskdQDSoTIqHSwFFzBBmS7omV6+cAXkBmYazWsqXWjf9AY31pcJOrVBC0PO5 m97Ay9Ft/vhvhAv6p9TJEuLu4uvp7xGA/pk88FqL1uFEB/h8O52au4g0ZDcFwP/g21Bl 86dFpc8ShGlBLU7U5+SOuh8gUv8fugyH+ROyOATr1+DqStmDvQTG9xTELE+g9EKKuEyP 4kZDqG6hwkhYGh9tlb6d1831YHj/rCTvV7iEYpPk9wjH0elgJYanU1ckkBTFJVwD7w0/ A/SwTr9xxChjKU9lZe6205/gOP89AcB38f3QlQeqlx14uYgcfB14JIDpCbotoOsYVgdr d1dA==
X-Gm-Message-State: APjAAAW32nf1Ao2oYhI9c9H7WDzczjS6G11mrTS0FJruHnjl9ycZ+w0b LZNFZ4E73O4B7zAYoCtWshxcvJzsi9UaVCWsJAw/9A==
X-Google-Smtp-Source: APXvYqyPKKaqSyu+OuEDV8stU0QukYod1tB6mIE65JnSMCDO05RxuH5N7G2U/+le8/V9adtPaTMSan0J6odHoCxCBQc=
X-Received: by 2002:a67:e30a:: with SMTP id j10mr267029vsf.103.1554300143020; Wed, 03 Apr 2019 07:02:23 -0700 (PDT)
MIME-Version: 1.0
References: <20190402195409.7C6FA201144B7C@ary.qy> <6D3D29C7AE7A951D108A697E@PSB>
In-Reply-To: <6D3D29C7AE7A951D108A697E@PSB>
From: Wei Chuang <weihaw@google.com>
Date: Wed, 03 Apr 2019 07:02:07 -0700
Message-ID: <CAAFsWK0NxmmcGGQfp215FgQ-gtpk42GO2Jm-xf5TPj0aqMR1kg@mail.gmail.com>
To: John C Klensin <john-ietf@jck.com>
Cc: John Levine <johnl@taugh.com>, bimi@ietf.org
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000f37bfd0585a0b3e5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/EMJOJXIlo1j4DmgV39_9B0Hu_wg>
Subject: Re: [Bimi] Today's BoF
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2019 14:02:29 -0000

*From: *John C Klensin <john-ietf@jck.com>
*Date: *Tue, Apr 2, 2019 at 2:03 PM
*To: *John Levine
*Cc: * <bimi@ietf.org>


>
> --On Tuesday, April 2, 2019 15:54 -0400 John Levine
> <johnl@taugh.com> wrote:
>
> > In article <DD71F5FAA85F312FDB5EF7E4@PSB> you write:
> >> ...  So someone comes
> >> along, someone who is clearly not BigCo, and obtains
> >> BigCo.evil (remember, all they need is ability to pay and an
> >> email address).   They have little trouble obtaining
> >> certificates in that name because, as far as the DNS
> >> environment is concerned, they legitimately hold it.
> >
> > Nobody is assuming that you can get a bimi cert (or whatever)
> > merely with a domain name similar to the target trademark.
>
> Understood.   However, unless just about every MUA in the world
> was upgraded to understand the difference between a bimi link
> and cert, I can't imagine a typical user being able to tell the
> difference between a bimi-blessed logo (or whatever) and the
> same logo presented via some other mechanism.
>

Those are really good points.  The main solution will be that the MUA has
to help the user navigate through the UI (and done carefully).


> If I correctly understood last week's discussion, bimi is
> dependent on mechanisms, including DKIM/SPF/DMARC that are,
> unless I'm missing something, dependent in turn on some
> assumptions about binding of the identity of a domain name
> holder with the domain name.   My point was one cannot push
> those assumptions very hard without running into questions of
> registrar integrity and what it means to own (or hold) a domain
> name.
>

Yes BIMI very much depends on the integrity of the DNS system, both at the
registrar level and the protocol.  The latter might be defended by DNSSEC.
If that's not to your liking and attacks like Route 53 are more common
place, we could use only DKIM/DMARC and require that the DKIM public key
align with the certificate's public key.  Regarding the former, agreed
that's issue.  If attacks like what Dave disclosed (DNSpionage), then we'll
need to depend less on DNS or at least detect the attack.  Again the just
mentioned DKIM/DMARC restriction can help.  This all said if we have
serious worries about DNS being authoritative, then a bigger issue is
outside of BIMI i.e. the domain based authentication system that's very
much deployed and used extensively by receivers.

-Wei


> And, before you tell me that, statistically, everyone is using
> web interfaces and MUAs don't count and/or that statistically
> everyone is using one of those gorilla systems so it is
> reasonable to ignore the deployment issues for the tiny minority
> of people who are left, I suggest that a corollary to those
> conclusions is that a code of common practices among said
> gorillas and an advertising campaign to try to convince people
> that they would much safer if they didn't communicate with, or
> accept mail from, anyone who was not using a gorilla system.  Of
> course that approach would have interesting antitrust
> implications, but that, statistically, has not be a problem yet,
> so why worry?  :-(
>
> >  I
> > gather that one of the gorillas accidentally made this mistake
> > in their informal logo collection system and a motivation for
> > bimi is to keep it from happening again.
>
> If one conbines that sentence with the "Nobody is assuming..."
> one above, then a motivation for bimi is to cure (or prevent)
> stupidity.  Perhaps it will work this time, but the track record
> of other efforts to apply such cures has not been good.
>
> > Of course this returns us to the major question of whether it's
> > possible to invent an effective system to check bimi
> > applications.  I could invent one that involved a staff of
> > trademark lawyers, but I don't think anyone outside the S&P
> > 500 would find that usable.
>
> Indeed.
>
> best,
>    john
>
> --
> bimi mailing list
> bimi@ietf.org
> https://www.ietf.org/mailman/listinfo/bimi
>

v2.23.0 | Report a Bug | By Email