IETF Logo Mail Archive

[Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation

Trent Adams <tadams@proofpoint.com> Thu, 02 June 2022 18:27 UTC

Return-Path: <tadams@proofpoint.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B747FC14F74F for <bimi@ietfa.amsl.com>; Thu, 2 Jun 2022 11:27:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=proofpoint.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n_hELphGRR-O for <bimi@ietfa.amsl.com>; Thu, 2 Jun 2022 11:27:56 -0700 (PDT)
Received: from mx0a-00148503.pphosted.com (mx0a-00148503.pphosted.com [148.163.157.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A3C9C14F745 for <bimi@ietf.org>; Thu, 2 Jun 2022 11:27:55 -0700 (PDT)
Received: from pps.filterd (m0086145.ppops.net [127.0.0.1]) by mx0a-00148503.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 252IKDN2015107 for <bimi@ietf.org>; Thu, 2 Jun 2022 11:27:55 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proofpoint.com; h=from : to : subject : date : message-id : content-type : mime-version; s=corp-2019-08-07; bh=LcpxqmbaoM5qbVjyeF5EPb67+bs3ak3/odTOQcDCgjY=; b=RjLkUEtR53bAhBU5cWvj7g8U4rsJDN+TRonK15zh9zmBUs0PoKEBTHC5F91ns18xV/7U 0AJ7BKl/nlNyqSWe2g0ce1Gfbg5CNRymEPcUaEVqPd3jbnCfdsbCzLDFVHjwYMiq2RbB nK61pt90AwM/sHzyStrvR0NjxjAQZYDG5cuRA1tEFnjXvbm4vR/hg7JNdvP+MaBe1zaC utsZQS1+6PwfsvqgTuRHcFz5PpI/LiYEDAbTpCW1FDS6LSb0Da6k1XbUSpvImxHAbEUP /OpTx6oNEbz2Kceb0+ScNVnJ+M+MYM0+z2u1gDYw2uNObV6JjKA+124L1gC/+nwuYxXe lA==
Received: from lv-exch03.corp.proofpoint.com ([136.179.16.100]) by mx0a-00148503.pphosted.com (PPS) with ESMTPS id 3gbjqs9wek-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <bimi@ietf.org>; Thu, 02 Jun 2022 11:27:55 -0700
Received: from lv-exch06.corp.proofpoint.com (10.19.10.26) by lv-exch03.corp.proofpoint.com (10.19.10.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.27; Thu, 2 Jun 2022 11:27:54 -0700
Received: from lv-exch01.corp.proofpoint.com (10.94.30.37) by lv-exch06.corp.proofpoint.com (10.19.10.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.27; Thu, 2 Jun 2022 11:27:54 -0700
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (10.19.16.20) by lv-exch01.corp.proofpoint.com (10.94.30.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.27 via Frontend Transport; Thu, 2 Jun 2022 11:27:54 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gznNMCwVZ6exfCVpfY51j6l+A4MvXkkbcVGonm7BcXNpjOmdoU2h051foguaDrv6AlRpWU6Zgd8GYpw529inOylo7c1hfevTJNe6j074HVQ9AM1LxMs8s6Spu1Rrrgfzp4kaAdjB9suxPlp1iy46pyHx137F9KsRvX4OgmTkZ2jEp7dywrwZ3f0INubcd2CyWu+rTgCu82u2kSE5PbpI7Vz8yt433Y4U0q6Ei+QVBtJVD6OS+1m3/Mu1EtX/3vv5j2qmRzOZuIHu9j/a3FGu0f4uQFvJ79Q1WuDy/git4JRGqPghrbNKFiJNjx4VhqVSn7mOJo1E8NxD9C5714jvbQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LcpxqmbaoM5qbVjyeF5EPb67+bs3ak3/odTOQcDCgjY=; b=W1+/7A8sHEE2WhiwrcJ+3Y+UK+mDzuPD+bqfxbiD2I7Wk+jV2bN7aqFm2oFWsmxCK+02nGG8C/mDPrYQvpFRgA/ww7uJ0FQtd1YAspjOAZcHrp960MA7KELzikY9ZX15BdNQ3DDGI5gwY3pXBNkY0eBLGCJ4lmdX1ePKLMV3PxGQHwbnlKjwpZSw+TmcRfaenBLNF6rpkQEmb+eDQKq57Z+BykGb55qUuYDR4IDRJ1ZOBbBhKJUZY2RyXnCdun0TcmmTzuowy9v7jyYF0k9l5UQTtryNu2C5YlGCPOOopQ3Gf/P4ttH7n+4S8wKUt/XaSEpEOJqmfSd+NBh9BCU3Ag==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=proofpoint.com; dmarc=pass action=none header.from=proofpoint.com; dkim=pass header.d=proofpoint.com; arc=none
Received: from CH2PR12MB5001.namprd12.prod.outlook.com (2603:10b6:610:61::18) by CY4PR1201MB0008.namprd12.prod.outlook.com (2603:10b6:903:d5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.13; Thu, 2 Jun 2022 18:27:46 +0000
Received: from CH2PR12MB5001.namprd12.prod.outlook.com ([fe80::8127:1f4c:f2b4:5035]) by CH2PR12MB5001.namprd12.prod.outlook.com ([fe80::8127:1f4c:f2b4:5035%7]) with mapi id 15.20.5314.013; Thu, 2 Jun 2022 18:27:46 +0000
From: Trent Adams <tadams@proofpoint.com>
To: "bimi@ietf.org" <bimi@ietf.org>
Thread-Topic: Proposal to Clarify Role of MUA in BIMI Evaluation
Thread-Index: AQHYdq50R2Dq4f9Y6E62aplkKwml7g==
Date: Thu, 02 Jun 2022 18:27:46 +0000
Message-ID: <19A20440-86D7-4910-A8D5-AE6CE5EDC48F@proofpoint.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.61.22050700
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a08f0ec5-13f0-4699-6177-08da44c5973d
x-ms-traffictypediagnostic: CY4PR1201MB0008:EE_
x-microsoft-antispam-prvs: <CY4PR1201MB00082033FFF2006298A95CF2B3DE9@CY4PR1201MB0008.namprd12.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bXp9lP56aAS2QShKILM4oLKRHVQ3O3EtrL2jl6OdvfOCPgx5Jmy8mkFJVE/0iua2Km7EJd+N7Qx8CHCcaJB8kBwLhGv0nLjchJO98xR2iFl7JIQ5GHkYMBh0J8+Hgegoaw3jVKTUCqlmh0G6eChUHuYtu7Fz2M53wb45whS0Sm2E+Ge/25rD4i8puTBr6OcLqz3GXL5+TsR4fSflHDKRIiZWdagQyxO9IyiboAeEmAcr4OcAkXAFb1+wDNqeTVGti0CIxpv/H11l+bbA00uee1SrkWju8wyuTMq6JIU3McZ+9fvBAN/M0FFjjGvt5AD72aaUtwxOEEw6gJnyDzCiA2h+1rWVEAXThOCRI3bqlHL75iXaQLbV5jyJV2WVXCV3/CWgxlWhHts6QqrXvE3Y7Qvy3s537Xg0ocMGzJqTZoNdKmi4OJEnFBEvwLDrqUDfvYV6Nd/wJjpKPWu1xzb8iCG8k8CecpskYP/AZY7wjdVq8k/O5tx+ThYJYlYCTGyU0e0C6tYuCOnWCWe7rYnCd0/0HGc3PT6Oj/LvdLn9fSzq5fy7BE85WEpX7fPIApaIHp9R+qEr3euH/OkA6HZiKtAXxxRkOCZWWXmTdswhyaVFrNVVaVl8ZmlkzY/2gljAAOGVhyd4Cl+6HwYrXv71pozk7YOBYcRTHKK/4ObAw7Heu8FIKtEkBUS9zMG3MQ9I2T/JdmQCIUJ6YxxNUbuOA2axg9CXHw51TwNjSqqrzKFtBVaTAy/nVBqVqwmBuxLluwuDq1SdWIVD3DvpH5ZMOrc9hjwqng3X2VoRXYbDzM36OKKK24jg7N4EwT8KcCODpk/kQUg45yM8O8ep6NWtOQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR12MB5001.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(2616005)(38070700005)(38100700002)(2906002)(186003)(6916009)(66556008)(66476007)(66446008)(66946007)(64756008)(91956017)(76116006)(8676002)(316002)(36756003)(83380400001)(8936002)(966005)(71200400001)(6506007)(33656002)(508600001)(45080400002)(5660300002)(6486002)(122000001)(6512007)(86362001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: FyKlTG7XnWZJbtEH8NDIwQFuogWZJxG7EGy00+sb7bsQHOqejgf1ti6kuA4R3AzILgG3lABotg90SsYkY2/2w06Wke3Q1XsO9gbRc7G7jUYNg9u6QNcROvs0krRWp9lSVcLVGww7Q81Pq0cwvdw1gGAWsHIPtPJX45zW0cigpAUQD+iH5gBb/p+tdLshKwmV5oNPejc3eV+h1lnsG4GSkEefuWLmzTz5NZDAxRTrbspTU96jYwwkY52i2godinRhjlMT3QjbrAquqmB8wy+X7C4/UQHQCm0SQhOnKZiY31pSxACTOIjUrfZQgagC8PW2O5IHbnXO/gZglToXeExphB1w2Bvp1Kv1FE3j3mEiJV/lYxmOubaBfr0YDsOJHvAiE9gWHGhAGt9EoA71y+YwiCLdC81JI5uhir8+PAFgxUe7CAYxK4geGxWk6/Agpg04td7gZgF9sVxSqWa4mnnIvGvWiyErXqYlXSONKcDZsnXZTGdFPaG+bYA+CZXIke4XcvtUASHYP8Y0wGTWP4G1EnCYLgmrAGpY36PEyxI7B9J7BW7B3JxTZJo+G0cBG+Dm1tNuZZ6HWUZ2HGO3O6VxI8UNT+RsSb8et9Jnh02Gmb+RnyPyf7gbE4HQSrPulJZJjNVutZ8zaljdYvtfkTiozUhtkVOkMTdUPbwgO3tQ2NiCfJyK/tKeBGZyJQXtyyBtcaQkvGkYKeAhkgEpF8/DGk2Qyfaruioxn/VqyKsTMz3RbAST6p3hwNZo7T4Zlhk/9SEQi7otN+IdPwd/pt4ksP0B9lLUzJ0ExoRkL0ny2CGFGi4vJSWFNp/ZMV0ir0RZHrDJLo6vmg6BgKRIaE42oh0wn5baToUfWvglJIdxQa54KAukNCbnJcIhHR3NOL8yT6S21fYg+bc1JRcfHYD0LIA7kYeYZ2AyfXPN9sKuvZ0SAvDa7rY1fZABoejSGc7t88nsU8PRTAtiJOx/Rdvlgc3BeO8crAyd2Lq9RejM34x+teJBn4siEWNSGq/rrURX0Q/aqVryI3W3pqA5iSRb2Waot2YglYpSd4/djwOPHLgV5nvcqN6t2a/LNNtnnxJk6IfoQROCyz2+/gwEnAaQXIKw8mYOJ4FAAkL1R4+zxJliZl0aAkZH4wbwg14rKOxJve11NNLMpI/KEp3nftADn9pRfPLuV70yqUHApyGBiLPg3PjGwyGEgQ22WO3XCrijcWbox3GPlWI91GvocCGdx0xKpq8TcA+SpVydi7SHQYd+1v0APmEKrVqW8wFqtYWSIVOApNPSPA6FtHeL8pwUrYeQoQh//qLCbjdbzokk827iz3fjsvhl+reCzdZKJqiK2e6XIC/sXDWt6C8VEpxLcvwB4al2IPk119ILBPs3FGXViDO7SpygI3hGOiveBuxuRuyhfBBXcNyMelpii79gm8HAZPhx7xsuPN04Evh/JZYgcUWIJCythNDTXwxjl80LV1FiB9LISs1NmxXBDYr+ESgWR7mhhlnexiHKgdJRVoikCyTI1uoKJ8cVSjgNuxixgBXegI3BYrjzomTEsRpO3yMrct8KyG+upvlGkbTMpI38KJH6Z//Dq3I2lwFDKKKG3ysNkLJyoaYBX4J+ZSmF9xbHobkzJkgdULk9pjIVGN2hqaKjMqioWirrcsADd7PeFnKErEMuxsBl0yA+/70uguIX813GeCGJTypYbyas2+KSAkfqWL6qRRj4aG3tYlgaiOx67n12F5+zSbqrOG2wKVuZu2cTvwzVWFlf6YvNUXg4HKzOOSxJapqcWI0bBMW6Hc31saUn
x-ms-exchange-antispam-messagedata-1: JWdsHL05xs7NcUQxuNqO6ub+CeLwjMukazI=
Content-Type: multipart/alternative; boundary="_000_19A2044086D74910A8D5AE6CE5EDC48Fproofpointcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB5001.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a08f0ec5-13f0-4699-6177-08da44c5973d
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2022 18:27:46.2818 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46785c73-1c32-414b-86bc-fae0377cab01
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cMezdR1HsT1NKkFPsV5Te1VywYDC4rVCPL2ecUMPFgSXI27LmuJ1TV4Mg8yj3GRvvxd79T+Nil8Q6y/fFNRiug==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1201MB0008
X-PassedThroughOnPremises: Yes
X-OriginatorOrg: proofpoint.com
X-Proofpoint-GUID: czFrV4tUreWM7ouAMoUdv_9vGG8A9A9A
X-Proofpoint-ORIG-GUID: czFrV4tUreWM7ouAMoUdv_9vGG8A9A9A
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.517,FMLib:17.11.64.514 definitions=2022-06-02_05,2022-06-02_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 clxscore=1011 mlxlogscore=873 spamscore=0 mlxscore=0 suspectscore=0 priorityscore=1501 impostorscore=0 phishscore=0 bulkscore=0 adultscore=0 malwarescore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2204290000 definitions=main-2206020077
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/MMl0ay_AhX8Lk5hBN74h-hVv2BI>
Subject: [Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jun 2022 18:27:59 -0000

Having reviewed the conversational threads on the topic, I believe we've reached a reasonable consensus on how to clarify the role of MUAs in evaluating BIMI.  Here's where I think we landed:


  *   MUAs affiliated with MBPs can (typically) rely upon the authentication and BIMI evaluation performed by the MBPs.
  *   MUAs unaffiliated with MBPs from which they retrieve email shouldn't rely upon the BIMI evaluation performed by the MBPs.
  *   There are some methods (e.g. DKIM verification + DMARC alignment) that could enable an MUA to locally authenticate email and evaluate BIMI.

The following suggested update to "Section 4.1 MUA Obligations" (renaming it "Role of the MUA in BIMI Evaluation") attempts to describe the situation:

-----
Section 4.1. Role of the MUA in BIMI Evaluation

An MUA displaying BIMI indicators SHOULD rely on the authentication and BIMI evaluation performed by an affiliated MBP, or the MUA MAY perform the required verification using the information contained within the email.  MUAs affiliated with an MBP SHOULD rely upon the evaluation performed by the email evaluated by MBP by using the BIMI-Location header inserted by the MTA.  MUAs that are not affiliated with the MBP from which they retrieve the email MUST perform their own evaluation.  For example, the MUA MAY verify an intact DKIM signature and use the result to validate DMARC alignment prior to evaluating BIMI.  An MUA SHOULD NOT rely on the Authentication-Results or BIMI-Indicator headers inserted into the email by MTAs that the MUA cannot verify to be authentic.

When evaluating BIMI, the MUA SHOULD make a best-effort attempt to adhere to the Domain Owner's published BIMI policy. It is understood, however, that MUAs have final control over the user interface published to their end users, and MAY use alternate Indicators than those specified in the BIMI Assertion Record or display no Indicator at all.
-----

Similarly, it might make sense to also add the following to the "Security Considerations" section:

-----
Some MUAs can retrieve email from multiple MBPs, some of which are affiliated with the MUA, others are not.  In some cases, the MUA may be affiliated with an MBP that evaluates BIMI while the MUA may also retrieve email from another unaffiliated MBP that may or may not evaluate BIMI.  While the MUA may leverage the BIMI-Indicator header inserted by the affiliated MBP, the MUA should not rely on the same header inserted by unaffiliated MBPs.  There is a risk that an MBP may be inserting headers that are malicious in nature or are the result of verification procedures the MUA finds less than adequate.  For example, an MUA may not know if the MBP strips wayward headers during initial evaluation upon receipt, potentially leaving errant BIMI-Indicator headers in place.
-----
How does this proposed update sit with folks?

- Trent

--
J. Trent Adams
Director, Ecosystem Security
Proofpoint

tadams@proofpoint.com
https://www.linkedin.com/in/jtrentadams

v2.23.0 | Report a Bug | By Email