[Bimi] Alternate proposal
John C Klensin <john-ietf@jck.com> Thu, 21 July 2022 02:16 UTC
Return-Path: <john-ietf@jck.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C085BC1EDA8E for <bimi@ietfa.amsl.com>; Wed, 20 Jul 2022 19:16:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GXojKR3uWVRw for <bimi@ietfa.amsl.com>; Wed, 20 Jul 2022 19:16:46 -0700 (PDT)
Received: from bsa2.jck.com (ns.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC50FC15A72F for <bimi@ietf.org>; Wed, 20 Jul 2022 19:16:45 -0700 (PDT)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1oELk4-000NEc-E1 for bimi@ietf.org; Wed, 20 Jul 2022 22:16:44 -0400
Date: Wed, 20 Jul 2022 22:16:37 -0400
From: John C Klensin <john-ietf@jck.com>
To: bimi@ietf.org
Message-ID: <3E050BDC62D7946860C5E1E6@PSB>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/LO-5DG1-qg0qspZxlOUL8T3evms>
Subject: [Bimi] Alternate proposal
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2022 02:16:48 -0000
As promised in my recent "Radical critique" note, a suggestion about a completely different way to approach the BIMI problem, one that would be far less complex and problematic. This is just an outline with many details left to be filled in -- my purpose in sending the note is to encourage people to think differently about the issues and see if there is interest in further discussion. Overview: Drop the idea of new mail header fields entirely. With them, drop the (slightly odd) uses of mechanisms intended to validate mail senders, header field integrity, etc., the requirement for MUAs to be "Affiliated" with MBPs, and for Mailboxes or Mailbox Providers to be special in any way. Also drop DNS dependencies connected with entirely different concepts. Instead, define a new MIME content-type, presumably something like Application/BIMI. If any trick supplemental information is needed, use parameters to the Content-type: header field. Probably that would give a typical message these day three body parts with content types respectively BIMI text/plain text/html If you really needed to, you could make BIMI multipart, but that would lose the advantages of the message looking perfectly reasonable to MUAs that were not BIMI-aware (see below). Make it as complicated as it needs to be (but not worse), including providing for relevant parts of the content to be digitally signed. From the discussions so far, I don't see any need for encryption, which makes things much less complex, but there is nothing in what I'm suggesting that would prevent it. MUAs who do not recognize the content type may generate warning messages to the user, but every MUA in the world with MIME support already has code for dealing with unrecognized content types. An MUA that does want to handle the content type presumably installs appropriate application code. Vendors who want to use BIMI could reasonably provide that code as a library or equivalent without getting involved with "affiliated". And, then, that content-type specific MUA extension or add-on provides for downloading whatever special (i.e., specific to BIMI) certificates the user wants to have available. My instinct at the moment would be to build validation on OpenPGP - most of the code that would be needed is readily available, many MUAs already have parts of it built-in, and so on. Especially if encryption is not needed, this is perfect web of trust stuff, with the MUA client needing to install only those keys locally that it obtains from the MSP and trusts. The certificates and keys would also be specific to BIMI, rather than shared with other applications, so things like expiration dates (and what to do with expired ones) could be per-MSP and tailored to the needs of BIMI, rather than compromises with the needs of other applications. The MBP would not need to be special in any way. And just exactly how to handle / display valid BIMIs would be a UI issue for the MUA, not more complexity that needed to be specified in the protocol. Would something along those lines make any sense at all? best, john
- [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Todd Herr
- Re: [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Trent Adams
- Re: [Bimi] Alternate proposal Ken O'Driscoll
- Re: [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Dave Crocker
- Re: [Bimi] Alternate proposal Dave Crocker
- Re: [Bimi] Alternate proposal Ken O'Driscoll
- Re: [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Brotman, Alex