Re: [Bimi] (non)desire for bimi

[Thede Loder <thede@skyelogicworks.com>]

> On Feb 17, 2019, at 21:50, Dave Crocker <dhc@dcrocker.net> wrote:
> 
> On 2/17/2019 5:55 PM, Thede Loder wrote:
>> If end users treat messages with or without logos exactly the same, through what means will end users be made worse off or less safe when BIMI-sourced logos are widely used?
> 
> 
> Thede,
> 
> This line of logic implies that the only valid argument against doing a standard is demonstrable proof that it will do harm.

Which line of logic (or form of logic) lets you derive that implication?   

Even if we assume that the premise is true (end users treat messages exactly the same), and if we agree that this implies end users will not be made worse off through their own choices as a consequence, it says nothing of other mechanisms through which users might be made worse off (or better off).  (If A implies B, it does not hold that not A implies not B.  The contrapositive does hold).  

Under the logic rules that I am familiar with, your proposed implication is not what is implied (nor am I implying it).  


I asked the question to help move the discussion forward.  Maybe we can agree on some things.  

If people believe that end users treat messages with and without logos exactly the same, then we could potentially move on from considering the positive or negative implications of end user-mediated choices.  End user choices can neither be a cause of improvement nor a cause of worsening.  

On the other hand, and given that end user security and safety is really really important, it might not be the wisest thing to assume away end-user mediated choices as a potential factor of change in outcomes.  

If we let in the possibility that changes in choices could exist and may make users worse off, we have to let in the possibility that end-user choices may be a means through which we can make users better off.  One cannot have it both ways.  

My personal opinion is that we need to leave open the possibility, because to do otherwise violates the engineering practice of ‘fail-safe’.  

(That said, none of BIMI’s proponents are arguing that end users' choices resulting from the display of logos will be a primary or substantive cause of improvement in outcomes.  No one is saying that this mechanism should even be considered for reasons other than for its potential to reduce safety.  If you see language in the documentation asserting otherwise, please bring it to the group’s attention )   


The other reason I asked the question above was to motivate disclosure of additional objections to BIMI.  “BIMI won’t do what its designers think it will do” does not seem like a reasonable justification for disqualify it, even if it were true.  Let’s begin to consider the other issues.  

> Besides that basic flaw in the implied foundation of your question, others have noted a variety of concerns both larger strategic opportunity cost and narrow, increased security exposures, and, of course, plausible misuse.
> 
> There is also the concern for the cost of doing a standard; they are extremely expensive.



What I hear from the above as additional concerns are: 

A) larger strategic opportunity costs
B) narrow, increased security exposures 
C) plausable misuse
D) extremely expense of doing a standard 


Can you elaborate on A?  Help us understand these costs.  

Can you provide examples for B and C so that we can begin a discussion of mitigation strategies?    

Regarding D, let’s begin a larger discussion of costs.  Given your experience, where do you see the costs in doing a standard?  


Thede



> d/
> 
> -- 
> Dave Crocker
> Brandenburg InternetWorking
> bbiw.net


—
Thede Loder
Managing Director, Skye Logicworks LLC
E: thede@skyelogicworks.com
M: +1-415-420-8615