[Bimi] Alternate proposal
John C Klensin <john-ietf@jck.com> Thu, 21 July 2022 02:16 UTC
Return-Path: <john-ietf@jck.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C085BC1EDA8E for <bimi@ietfa.amsl.com>; Wed, 20 Jul 2022 19:16:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GXojKR3uWVRw for <bimi@ietfa.amsl.com>; Wed, 20 Jul 2022 19:16:46 -0700 (PDT)
Received: from bsa2.jck.com (ns.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC50FC15A72F for <bimi@ietf.org>; Wed, 20 Jul 2022 19:16:45 -0700 (PDT)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1oELk4-000NEc-E1 for bimi@ietf.org; Wed, 20 Jul 2022 22:16:44 -0400
Date: Wed, 20 Jul 2022 22:16:37 -0400
From: John C Klensin <john-ietf@jck.com>
To: bimi@ietf.org
Message-ID: <3E050BDC62D7946860C5E1E6@PSB>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/LO-5DG1-qg0qspZxlOUL8T3evms>
Subject: [Bimi] Alternate proposal
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2022 02:16:48 -0000
As promised in my recent "Radical critique" note, a suggestion
about a completely different way to approach the BIMI problem,
one that would be far less complex and problematic. This is
just an outline with many details left to be filled in -- my
purpose in sending the note is to encourage people to think
differently about the issues and see if there is interest in
further discussion.
Overview:
Drop the idea of new mail header fields entirely. With them,
drop the (slightly odd) uses of mechanisms intended to validate
mail senders, header field integrity, etc., the requirement for
MUAs to be "Affiliated" with MBPs, and for Mailboxes or Mailbox
Providers to be special in any way. Also drop DNS dependencies
connected with entirely different concepts.
Instead, define a new MIME content-type, presumably something
like Application/BIMI. If any trick supplemental information is
needed, use parameters to the Content-type: header field.
Probably that would give a typical message these day three body
parts with content types respectively
BIMI
text/plain
text/html
If you really needed to, you could make BIMI multipart, but that
would lose the advantages of the message looking perfectly
reasonable to MUAs that were not BIMI-aware (see below).
Make it as complicated as it needs to be (but not worse),
including providing for relevant parts of the content to be
digitally signed. From the discussions so far, I don't see any
need for encryption, which makes things much less complex, but
there is nothing in what I'm suggesting that would prevent it.
MUAs who do not recognize the content type may generate warning
messages to the user, but every MUA in the world with MIME
support already has code for dealing with unrecognized content
types.
An MUA that does want to handle the content type presumably
installs appropriate application code. Vendors who want to use
BIMI could reasonably provide that code as a library or
equivalent without getting involved with "affiliated". And,
then, that content-type specific MUA extension or add-on
provides for downloading whatever special (i.e., specific to
BIMI) certificates the user wants to have available. My
instinct at the moment would be to build validation on OpenPGP -
most of the code that would be needed is readily available, many
MUAs already have parts of it built-in, and so on. Especially
if encryption is not needed, this is perfect web of trust stuff,
with the MUA client needing to install only those keys locally
that it obtains from the MSP and trusts. The certificates and
keys would also be specific to BIMI, rather than shared with
other applications, so things like expiration dates (and what to
do with expired ones) could be per-MSP and tailored to the needs
of BIMI, rather than compromises with the needs of other
applications.
The MBP would not need to be special in any way. And just
exactly how to handle / display valid BIMIs would be a UI issue
for the MUA, not more complexity that needed to be specified in
the protocol.
Would something along those lines make any sense at all?
best,
john
- [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Todd Herr
- Re: [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Trent Adams
- Re: [Bimi] Alternate proposal Ken O'Driscoll
- Re: [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Dave Crocker
- Re: [Bimi] Alternate proposal Dave Crocker
- Re: [Bimi] Alternate proposal Ken O'Driscoll
- Re: [Bimi] Alternate proposal John C Klensin
- Re: [Bimi] Alternate proposal Brotman, Alex