IETF Logo Mail Archive

Re: [Bimi] Alternate proposal

Trent Adams <tadams@proofpoint.com> Thu, 21 July 2022 18:43 UTC

Return-Path: <tadams@proofpoint.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4395FC16ECD3; Thu, 21 Jul 2022 11:43:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=proofpoint.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5SlT0zVOKoJL; Thu, 21 Jul 2022 11:43:41 -0700 (PDT)
Received: from mx0a-00148503.pphosted.com (mx0a-00148503.pphosted.com [148.163.157.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27922C16ECD1; Thu, 21 Jul 2022 11:43:40 -0700 (PDT)
Received: from pps.filterd (m0162103.ppops.net [127.0.0.1]) by mx0a-00148503.pphosted.com (8.17.1.9/8.17.1.9) with ESMTP id 26LIV0PY023566; Thu, 21 Jul 2022 11:43:39 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proofpoint.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=corp-2019-08-07; bh=aANk0a+YFKf3O1rhtGiwdyuyb3KsfFSKCYiHllwDH00=; b=x8Z3JAN9n243NMUaEj1KGZ1svsVptzarggPsz3nDlIEMa85ghh1QEjzOUYCrUJIu65RM uviKDNAesRurgduXiUcJ4aoJ1PUm2peu98mWSR7wHjtU6SF2W46Eks1oW5yXrUy/RHls VqQyRhld4kYXUrvy1HUf4J9WKMDeNGyMj8Ch1crOjVvx+Ps226jQmoVeGGIpCkqho5dX ThhOGKNEbdM3qF7OO8Qk8ODpoI2W3QE6PHHu46WRitFB2GHRPdFkKVa/u5OI1rwRCXyH IahvJxjD3Sqbm5BWLgJBaEnh0B3BCtgeXyYSaj0+HpvmSPEFoMKtCSyED4o9GhDzrYmc VQ==
Received: from lv-exch01.corp.proofpoint.com ([136.179.16.100]) by mx0a-00148503.pphosted.com (PPS) with ESMTPS id 3hfaqsg1tm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 21 Jul 2022 11:43:38 -0700 (PDT)
Received: from lv-exch04.corp.proofpoint.com (10.19.10.24) by lv-exch01.corp.proofpoint.com (10.94.30.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.27; Thu, 21 Jul 2022 11:43:38 -0700
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (10.19.16.20) by lv-exch04.corp.proofpoint.com (10.19.10.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.27 via Frontend Transport; Thu, 21 Jul 2022 11:43:38 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QWHF5YIogDuvsOc5RRkhmHn1jRq6485UVgBW8DbBjI4SAcCP1fF7B3EzherNXAO8t94zQz+MQ3o5AEAvRE4ZC270pLnKX9YZLYs4HAAzwiixUVRKpRktA5SfysT7jodllH+e5UcSPdAHGHo5zTpwan5TYtApf32yYyKZK1RXUX5j5pUd3Axz5Ka6eOWbG3gAQ1Kzd+1eb4ALNDXsEX+2gpQxvjRBv4CuhkcIWnpzp+y0jEDms6GJFE6WkCad8SrxyxJDttjK38PZNW/dWylD69NvE2PtPm3WSCEAbdMza+1HfZS9q7kPy/qk2sXTd0I/ldTJxg5Uk+BZp4ke1LNXxQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rzhFnQHj/RhKAV8MSs1Sixb71ssUjKPL/px5nvO816o=; b=DZmQ8Ib5Fi8KXbnIT7iEyrQWFVqS8MErIgv3A4JOnMT23XqHOYaOcWMMtNJ/YgvoA3nUli6W4+hiaHC6H4NgfsMItCbpW8EhF1Z32BSiAaIxQtqlMtTJOJG6UonqTfavzH06NdJzB7Aq0+GB3CZKfLa3nPZFe9v7/NkvMaZuErrblZOp9zKRZCLo0Lkanki5fsWc24rrOB7Y17H2tgiOZ4KuTP/NxKg2ANUBa0/vkru9aCz0sqcQZhYoUbyNteLYb9DPi4UIoXnZSjMRx8PJUV4KHKf+0BjuldmQ5OwAkJUCWAmUZqYlQbk6s2JU0OEJtx3RlKPgGDS82z1ZJx0auA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=proofpoint.com; dmarc=pass action=none header.from=proofpoint.com; dkim=pass header.d=proofpoint.com; arc=none
Received: from CH2PR12MB5001.namprd12.prod.outlook.com (2603:10b6:610:61::18) by DM5PR12MB1148.namprd12.prod.outlook.com (2603:10b6:3:74::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5438.17; Thu, 21 Jul 2022 18:43:36 +0000
Received: from CH2PR12MB5001.namprd12.prod.outlook.com ([fe80::8486:6785:8b73:f57e]) by CH2PR12MB5001.namprd12.prod.outlook.com ([fe80::8486:6785:8b73:f57e%8]) with mapi id 15.20.5438.020; Thu, 21 Jul 2022 18:43:36 +0000
From: Trent Adams <tadams@proofpoint.com>
To: John C Klensin <john-ietf@jck.com>, Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>, "bimi@ietf.org" <bimi@ietf.org>
Thread-Topic: [Bimi] Alternate proposal
Thread-Index: AQHYnKf04b1AUy76jEm+kv7WlCxG+K2I9sCAgAAp6YD//6UCgA==
Date: Thu, 21 Jul 2022 18:43:36 +0000
Message-ID: <083ADECC-EFC8-4AD1-9DA0-6AAF08342330@proofpoint.com>
References: <3E050BDC62D7946860C5E1E6@PSB> <CAHej_8nHgAVWNLDk11j4gY+KxY+e=gcAAzJHryWXELQoY+65Ww@mail.gmail.com> <E5ADBB85022B6D97DDC8AE7C@PSB>
In-Reply-To: <E5ADBB85022B6D97DDC8AE7C@PSB>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.63.22070801
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 776d5e41-7275-4916-b4a0-08da6b48ebad
x-ms-traffictypediagnostic: DM5PR12MB1148:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VtiSIpJJm+LOg+JBJxRvLfr6bE1InEkL2tx9Ju5owPULjxOqE0uc93Vhs2p+Rp+wec6QGmKDcGstH1MOFD4kWeGL3/zh8WVr1NBIv7spvUCtdYqsW3wn96IA4yDc/03mFp6mbYkaxN20Z6bCM7iBb0zRYc+LnuIOZ3e4RN60f3afTGEoiDDuHIU55J1vwOFLLrUKvJ+zjRzVApvz6Ah9E3PZ7cLq5D1ki+x3ohKSShMwuIdeWh9j6RkvEcyFda5NrlX01vlYkIC1p/jvTW/tmH9eGEJxYnIJgBgbW8NX9YRCXOc4GLyYieoXdRN//fZhgK8fJd+6ERZyD07rsfxiP8PsbFhDvEc9pt95n8K6G/XWP5/0zzsG7dgGDsLDJ0CDi/OwW6+OSdz6RhcKuqHUuLDWDhCy4zxjcN8ScezXCIsuhoFo03kGVU3GYqsj4smWofwCykSB8MgIq7ttPQCo0rUkMhGlkGSYyyho86WZC82xc5rKAO9+J9uGGAqzwL7FUJJt0yDo0khFKXvqjWYTu3z2PMov3kuJiA10SQaP3LtztEKoa/Wv8v7xDF2MxVPAJvY946bAXaZWYVhnT8A4RqLZN8V/T9epJ4J+jApcfE64ZEyaCeDJp3sh3Adevvzn9aBS5MrtI8vmw8OfINZwd9CzmmbUXuWK1p6tutm3BNVxr2XULqzeAxUH9GUdEtdn6MQCSbWf8SBjWiv0zj2WvNLwNpfjm9bcSyZY9bCvjCBXPn8Z1SncLFLjSxPrDosODaf5A8FSjgJqyJNjlWE+aMUqLACUTLvIfxKpa7oQqt3TxSLtoM6nguBQpfwGAWOVkJxHT/pyl1nFpnl2wYDovUAAPxBRzpJyCDyDCwCpQMk7+YKC/aCgnYFMCelP+1bKIKRLCnFtkw38IaJRUGeo7A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR12MB5001.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(346002)(39860400002)(136003)(366004)(376002)(396003)(316002)(122000001)(186003)(66476007)(6486002)(38100700002)(86362001)(110136005)(2616005)(6506007)(6512007)(53546011)(64756008)(478600001)(66556008)(8936002)(83380400001)(66446008)(71200400001)(66946007)(166002)(91956017)(8676002)(76116006)(38070700005)(41300700001)(2906002)(33656002)(966005)(5660300002)(36756003)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: TrKodL9vQJ0nM6TDPfee6vw8Fk8D6LtgPdEBPhI+OsQSH+WZzI5/K9Dp22mdJOQKsnDDEGgv1psQ0Bamqs3VXfcQlm+3FvEgXaKS6NNQraVGeWFCA9XLknDu7AB1rblCdZVv9WBYUxiAV/Bw2tOQ/+g8BAFIqc/jTlBZJ+wxga3kFdca3ske9PXaC+O63FflOmX7Onk1z/uV9zwMph29x3yrEh3iQo5GFy2E20Vvb5MWwnhFZ2lHQigKCVVWFKPpk3CM48g6fO6L7pjTORm6xoWDPzDVjenwGeOSQ/u9EwBPStqtSVmfeW3HO41SJwKAxXBuxBngAmUIoG9B4P43G0i6IKHOrrVFRICJFBIsqCTCruayssShYeJjQR97bj9RMI0u0DxBOYlCIW9AX/50OLEnikCfYQsR17SqPl6ykB8u5aoMQe28L86yqP9Obk6DINRdoSZyMotR9qq3lVjSdBAEtfdo2XmV/K1fjouzVPaeIXvUfiNEbaDQZUH2Bl0Kfx263vqC7iARtx6j3+tzqJzBDbgbjN/edvUCSDvSqfDeJXcNfzrT4IDRNsZwtaf7HS8a/IhZea+njAmycatG555KoMge/D/Eh6Ia9mnA2lSIVRkFac1prEIalRkHSvU62jH8zYKI6PVKjKIbi31HXyH0Y50ndI9y3VVfOVvQjgBYQ509ECaKmmp7WR/p7T0dIFHLlIgTQMAohGU9SHeMURPaHm8R1D411CnHmw1g/uOI0qIldLXNawUALfeWxukXpFzJeGX9NfmlWtKilM+4hjA9ivCz57yQRqQcHVRUAfyTLmvvshd2pSZwTZuCUktvhbdR/nAWo6vtmRfH/Kw0GdOCO4al8CHrDNgXW0XaRKsEGbWOnatizIz2BTb6wfXo5TnvJise1FFEODFrdAdt8mrDlKsufGh59fPuBQTbVvbqP2U+TSYkn/UPy+Ad/S3ode32Jk+cMr9vJrzBae+fSwfCUkjLwo5aofVDAnm/paTixXteQcK+wxwPKPc/1NkeHYuUHb0rcyVBHGlZFcT390/XZfjNkxArstKqgbuciVQzw/jevXE9/IPGkimgrlQ+mc8mqr4J6EVxogBCquDA10PhaTfiD21RBtjtaRVb+Y8j3rbIOvoJyBPd+m589UoA8RjjrksMGmi13gV1xeOMeJRl75G3aWFY9xCAnLpjFjJczVXAUFtOjTiJVkpSiEEcct7+gzXgG83ungTvOwqI5sfn6dghTaf2UTYUUGy2Dh7KSAaQznVesgz7tG1A7roEhT6XbnuFPuOebPrdwItQX8IZMgg1uuFsph4FDKJWK1uVtQ9UPeFZ3qEVluTIcQcaNkinTgWU+VLvj+3FC9VQCJZ2AsNb7C3jZiPmWOvyZUnI59c5zWOqcRNeOHjBWDZRIDhvMshElulAHIszbIzh7wo06WSed+Dsl09OQt1JJFtOnsNqSv9aMAmuIXW7LMc+1CpSHscILuPvcxQMuUCSr4lsa8+sPO8Dm3w8KjmDH3G/kH/ogmy4zfjJob6I91grnS/wxKsPcu/LZb/AbQfs3mA967rf7s+jMnNvOA1twGfunjIEA0QxQhoq7mfS1AdqxdmXr63+9dkhnxx79OM03sm81tg2ulPYFF3ivT0JLEF0BYH8TYw/0geuk8ghkc0DGYv93cQMwufRFU2PYDJ2fw==
Content-Type: multipart/alternative; boundary="_000_083ADECCEFC84AD19DA06AAF08342330proofpointcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB5001.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 776d5e41-7275-4916-b4a0-08da6b48ebad
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jul 2022 18:43:36.1881 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46785c73-1c32-414b-86bc-fae0377cab01
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: e68xNYOETtxcToDR3D8or5zPJh33a6v4qYf1ox+WHIq2NkK2ckCB3KCYrQyTrfyPPQRZR6wITk8qNhWu/6RLLA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1148
X-OriginatorOrg: proofpoint.com
X-PassedThroughOnPremises: Yes
X-Proofpoint-GUID: wFCMKT3PM_cv1IeWvX_nK4jDwL3BNl1X
X-Proofpoint-ORIG-GUID: wFCMKT3PM_cv1IeWvX_nK4jDwL3BNl1X
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.64.514 definitions=2022-06-17_15,2022-06-17_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 priorityscore=1501 suspectscore=0 clxscore=1011 lowpriorityscore=0 bulkscore=0 phishscore=0 impostorscore=0 mlxlogscore=999 mlxscore=0 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2204280000 definitions=main-2207210075
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/I6KhkR8QvA3u4AJXVDXrfOolsg4>
Subject: Re: [Bimi] Alternate proposal
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2022 18:43:45 -0000

For what it's worth - I agree with John's assessment.  And that's precisely why I think we need to have all conversations about BIMI on this open discussion list.  We need the visibility and input from all stakeholders in order to have a truly effective discussion.

So... that being said... I'd suggest that we redouble our efforts to review the feedback so far and discuss what's next.  I know that I sparked the most recent conversational thread with questions about the MUA role in BIMI evaluation (a known trouble point)... and I honestly think that the conversation has been a productive one.  It's not always smooth sailing, but that's to be expected.

In short... I'd like to avoid unnecessary balkanization of the effort.  For my part, I'd like to see if we can address the suggestions of John and others so far and see where it can lead the work.

My $0.02,
Trent


From: bimi <bimi-bounces@ietf.org> on behalf of John C Klensin <john-ietf@jck.com>
Date: Thursday, July 21, 2022 at 12:10 PM
To: Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>, "bimi@ietf.org" <bimi@ietf.org>
Subject: Re: [Bimi] Alternate proposal

--On Thursday, July 21, 2022 11:39 -0400 Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org> wrote: > On Wed, Jul 20, 2022 at 10:16 PM John C Klensin > <john-ietf@jck.com> wrote: > >> As promised in my recent "Radical






--On Thursday, July 21, 2022 11:39 -0400 Todd Herr

<todd.herr=40valimail.com@dmarc.ietf.org> wrote:



> On Wed, Jul 20, 2022 at 10:16 PM John C Klensin

> <john-ietf@jck.com> wrote:

>

>> As promised in my recent "Radical critique" note, a suggestion

>> about a completely different way to approach the BIMI problem,

>> one that would be far less complex and problematic.  This is

>> just an outline with many details left to be filled in -- my

>> purpose in sending the note is to encourage people to think

>> differently about the issues and see if there is interest in

>> further discussion.

>>

>> [snip]

>>

>> Would something along those lines make any sense at all?

>>

>

> I can't answer your question, but I do know that there is

> already running code for BIMI, written against the draft spec

> as it currently exists.

>

> It would be up to the implementers to decide if they're

> willing to scrap their currently running code and start over

> with something new.



Todd,



<rant>

My very first task when I became Apps AD a very long time ago

was to explain to what were, then, some very significant

implementers that, while the IETF could not prevent them from

implementing on the basis of an I-D, they had no right to

complain if the IETF's work evolved in a different direction.

Many things have changed in the last (nearly) 30 years, but I

think that, if the IETF is going to remain meaningful as a

standards body, the underlying theme has to be preserved.

Nothing prevents a group of implementers from getting together,

doing whatever they want to do, writing a description of it up,

and posting that as an I-D.  However, if they want IETF

endorsement for what they are doing (or have done), that implies

seeking community consensus that what they are doing is worth

doing, that it is the right way to do it and, presumably, a good

faith intent to accept that consensus, whatever it might turn

out to be.



The oft-cited "running code" principle was never intended to

imply "we did this together, we implemented it, it works in our

controlled and cooperating environments, so the IETF has to

accept and standardize it".  If things ever reach that point,

one has to wonder what the point of the IETF would be: the ISE

is perfectly capable of publishing documents of the flavor of

"ABC Company's Way To Do X" and "XYZ Consortium's Way to Do Y"

documents and has a long history of doing so.  Because those

documents are explanatory and descriptive, not normative and

with claims of community consensus, getting them published is

normally much quicker and far less painful than getting the IETF

to agree.

</rant>



So, what I have seen here, in addition to many suggestions about

improving editorial and terminology quality, are multiple

concerns about functionality and interoperability.  Many of them

have been raised by people with several decades of experience

trying to make email work in an interoperable way, a few of whom

even having had reputations of having almost never agreed about

anything over that period.  Nothing makes them (us)

authoritative but the concerns, especially those based on prior

bad experiences, should probably be taken seriously.



And not only have those concerns been raised, but I believe I

have seen several exchanges in which someone (other than me) has

made a point, gotten a message in response, and pointed out that

the message did not respond to the original point  (sometimes

with more than one iteration on the same point/issue).



With the understanding that I believe the authors and

implementers are sincerely interested in moving this work

through the IETF and getting IETF input and consensus and have

seen no evidence to the contrary so far (even though I think

there have been some communications difficulties), my two notes

were prompted by a pair of questions: (1) whether there is

actually growing agreement that hard questions (not just

questions about fine-tuning) are being asked, and should be

asked, about the proposals and their operation and

applicability, and (2) whether, if and when we reach the point

that a radically different approach == perhaps one based on MIME

facilities rather than mail header fields-- seems to be in

order, that is possible to consider going in that direction?  If

the answer to the first question is "no", then I hope someone

will help persuade me, possibly offline so as to not waste time

on the list.   If the answer to the second is "no", then I

suggest starting to recast the documents as "this is what it is

and how we do it" descriptions rather than specifications to be

processed in the IETF.



Those, of course, are just personal suggestions: I claim no

authority here, just that I think it has gotten to be time to

ask the questions.



   best,

     john





--

bimi mailing list

bimi@ietf.org

https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/bimi__;!!ORgEfCBsr282Fw!uuANg5bLiKQquUjZ55P1eDJEyycLqGfcKNV9peswRJBw9pfpstRCSPQoF08oGvTR-4hdCeG3K6i64zmKyA$

v2.23.0 | Report a Bug | By Email