IETF Logo Mail Archive

Re: [Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation

Tim Hollebeek <tim.hollebeek@digicert.com> Tue, 19 July 2022 20:23 UTC

Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89137C13C53A for <bimi@ietfa.amsl.com>; Tue, 19 Jul 2022 13:23:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.69
X-Spam-Level:
X-Spam-Status: No, score=-2.69 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=digicert.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vttVmjzko3Lu for <bimi@ietfa.amsl.com>; Tue, 19 Jul 2022 13:23:44 -0700 (PDT)
Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2135.outbound.protection.outlook.com [40.107.102.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D474C13C536 for <bimi@ietf.org>; Tue, 19 Jul 2022 13:23:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O1r1PwwKK+mT5i04s+L7f6xKFMdsaqgyV3/6KdDmW55yCvGNCf0bhMsaGtIGN3/lQ4yzmuXo+zeEg1OSPUMM5BhHnYLkTXNAa4pBPjqGbNmxdcQe5SJA6To+xC9FoHyRqPTO4PYtVEF1FwVBWU8Gq5SljLQMpPRGe4PmKHHd8s56+KYmhO8eVASEKQUvwWL1ZRPi0VIpLJuKCG5L3hnfNNuJLNHjyBR6iZzCOmFqzHc0ZGWkyBhkB+Y/SAYeEHsUY/zggFuFXEKNKqk+HvAjzdZBu3C/botsZbapSyIYMJHqzUTOd50ffGDrsy52dcRq0jhqBWtGD5bnE7fluxqKaQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uWTqQNQEHRzoM5lWChSMYNx5+eMiNn1EOClOOfbVRxY=; b=UDd2f1a++assV5O05rKrJkwfY+fMqa3n5XpLJY9GFd3KMamTrb3lPEpIhUyU+vHn0EkyIVqxZVd3Ko3dxYOQYAA4+AtANlsKiXvfFmKwimE2P+3HlnxWO3iT21xC3TCFcBXGCg2lE2A6eeHZ7GzyEWOnU4OGfM0M0Qw86SOIbBhFDsJ59VHxglngtqmRkSQ4Vb2P6M0Pzrp8FlG+j/gsU+dLnLUmTYzFen8nuCVRxTm15nQhNrAkM+na6JCP+VzCil7tow9jIBBy/6K8qj/UxUbzyqLRDyzmzv2HTiNaM0VC0GNvvJSKqxE/tqkMau/CDpKxlB3+OzC8Ya+d3HwZFg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=digicert.com; dmarc=pass action=none header.from=digicert.com; dkim=pass header.d=digicert.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uWTqQNQEHRzoM5lWChSMYNx5+eMiNn1EOClOOfbVRxY=; b=YOgxGK56ILSMDvrWa3D3khfRnZyix660iuQfwWlui2y8WaSK+jr/eRgtKGAyeOZ/E/wkxy2gGLuDkw4e8mLfgsszS1905c+txEZvsI2GpSmRf7RCDA8joUP+3Wob0jxha+tmlAMWhgeLwBbgY4yVNkSxkqtCsJ3OOMXe7CNUkk1WhJxG+5r+Qqqqa1V1W76tmQAhG7aAyF+n2Aj+f1nbLWJY+sgxMQJo2cZE00SXKF7NF4pwmjYS8Rr0Fs0aDsTIFsYLF3IMQu+u6TEs13WySC8cRwiQzG8DhGF+tJw/UYIGcXfD5jySB5auGRabAg0oLOHru66JOPvoMhm73NJAKQ==
Received: from DM8PR14MB5237.namprd14.prod.outlook.com (2603:10b6:8:24::23) by CH2PR14MB3865.namprd14.prod.outlook.com (2603:10b6:610:63::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5438.19; Tue, 19 Jul 2022 20:23:41 +0000
Received: from DM8PR14MB5237.namprd14.prod.outlook.com ([fe80::84c6:ee5d:1c59:ea36]) by DM8PR14MB5237.namprd14.prod.outlook.com ([fe80::84c6:ee5d:1c59:ea36%5]) with mapi id 15.20.5438.023; Tue, 19 Jul 2022 20:23:41 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>, Scott Kitterman <sklist@kitterman.com>
CC: "bimi@ietf.org" <bimi@ietf.org>
Thread-Topic: [Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation
Thread-Index: AQHYecV2TEVhaQqTsUiVXTMz0mrfqa1/muGAgATOL4CAACTXkP//oDIAgABmu+D//58KgIAAex2AgAAUofyAABEMAIAAB8OAgAAGfQCAAV0pAIAAAQYAgAATBICAABHqkA==
Date: Tue, 19 Jul 2022 20:23:41 +0000
Message-ID: <DM8PR14MB5237459AC795AE826FDDA198838F9@DM8PR14MB5237.namprd14.prod.outlook.com>
References: <DE61AC51-4BC3-44FF-862D-7D8ADFB3BC29@proofpoint.com> <20CBD506-7E50-4161-ADE6-64614630B1B2@proofpoint.com> <CAHej_8kridbc322MDRpxfgd+8Y2yNacxTAtvr+HF=+wevdRQhw@mail.gmail.com> <VI1PR01MB70538965904FD08A49F75C37C78C9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <11A2B052-A26C-4A9C-9D88-72B594DA1C59@proofpoint.com> <VI1PR01MB70537BA29DA1F456B858C17FC78C9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <6993E8B6-11A0-4AF3-A94E-044F880E56BC@proofpoint.com> <CAHej_8kjwtGE4rDrXfTpgThOD-jh7t0GK9EUnVjVZT_OJzzsvg@mail.gmail.com> <VI1PR01MB705353E36328899609DE2471C78C9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <12a85dfe-664f-d757-0fa2-81f17c8088c2@dcrocker.net> <4e9ab94e-8675-df70-3e4b-00edcedb266e@dcrocker.net> <5DE65D46-853F-4F61-ADA7-20CB5E7E6840@kitterman.com> <7f030278-3f9b-c8ea-f9eb-644f006cded9@dcrocker.net> <CC11EF68-1E27-41CD-AE2D-AC26DA261EAD@kitterman.com> <CAHej_8mNCTw0LpnWTBCpqZJhHQcDgrsC4truK1dD_-HbyVgsWA@mail.gmail.com>
In-Reply-To: <CAHej_8mNCTw0LpnWTBCpqZJhHQcDgrsC4truK1dD_-HbyVgsWA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=digicert.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fecfd039-7957-42a1-0894-08da69c49272
x-ms-traffictypediagnostic: CH2PR14MB3865:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XvCzBwZ1H2PMC1p3xXPnr7NYtq4zkvbczugcXi+sR4+UaxDEK8NfSJJy0JkmtrG8N9xBNS78Z7nzSR4bT6hOjmsERSxpW+UjFNeda/LCUDGtkIKUDpY8ij46FNPrtIBBQJz2edl4u0/PDKMdAxM09y8J3WcqGGVRj5FsC31KtCFrElG7zoF5KQrAf0c15eo2fv1AjZSRstgVHRB2EazrHJn8V2nVVdt1Fde76+O8FlmLzJbh+ti77MORuzr3F9PBkDZYnOkDFYpyfw2INO72xLxPr/lfdn4A8u1fYT3dQwnZ7wnuuwybqZ4Bv7BGpsE2K4guY8yNPVCN+RkyADMVRh3T7NRHNxCXKXNueQ6aiHFsI3eQMiCST+C/E91132o+IiuAJSt7/9Z5NdxvatxxutU3TSx2/53+47jWekQwDLtLjodaPHDtd4fxkTn2IaWvI0QUnxszf6e9cA1uDkgrxap3b3gu75ic3NboVUsUSJUtmAiPsK83XI3wH0ItkN9E2Cbc0QsIbsemfJUdyQ8AgPCScfWznbcot6W7w2+sx7YhgnehOAsRLLQUGnwWssNVt9DTxJKA263e03LpbvK6K+AXuxIv3uYRyLl6QspD9rMB0U0TVGxEP5kxJ3Q60RwQa9A4ityyrXxOoERxt1dArCOxzJ9ogtE1CxTOAkC9cKfeRPixPp3etClKxtXLo6og6Qy9MTsnFhDdS/xJ++z1R8VM4FgkEJXaNW25sNsjPoCHmqoU0cI7BUJ57S32nSMhtDAcJYl9zllJKG9wXNcNH2pL5nRbxaEhEgTKAOKdD93kXjt/Fg5CzgTkrcoo3MqdtKTXumZkPV10w/nv7zX+2Q==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM8PR14MB5237.namprd14.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(346002)(136003)(366004)(376002)(396003)(39850400004)(316002)(122000001)(9686003)(83380400001)(110136005)(41300700001)(7696005)(966005)(2906002)(26005)(33656002)(71200400001)(6506007)(40140700001)(86362001)(38100700002)(166002)(38070700005)(66946007)(52536014)(186003)(66446008)(53546011)(8676002)(64756008)(66476007)(55016003)(4326008)(8936002)(478600001)(5660300002)(44832011)(66556008)(76116006); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: GGLdeAl84mw+izjBMI17e9Gy12qLxVnI+95Q9ajjHQmSJJbGpGlDfJSKgOCc66tR+cQd66vC8kAgEA7KOpJRtoKIac9IZZXgcTFAJHn9dRFz91t8bQt2+kj5iXd2fN3fkxnFaZ0Tvq959Nz50HUz+aOZ8Lj1iiB/+vkUNumYO7bmojME6p3kN1nJQbo/u5TKwTGk6uScpvXVR2DomCwdG0EYpryV1i92svGa5Eb1hIsRbJr+h6t+Ug1Dc46m4MfG83UhryyYtJKW2bsTwww+E4O6/15YIOB5BtYCXlatjWX+KMq33qwyW626tvbuoCQoK4djjpGL/Bgd41uhagXCXuT8dmzvktFPnxOstohz0ffJHiMz3N6DrUt1IXPdFCNmN0JhIWPYbnuxld4YtbI1yroErcYYX+fMCNbXeHvErhGbAW9/5+VsZq3AJ+U5YpRbiSCF1Jqbj7dkTPx/MN6gEEOlq/AwXFa2gXVdxRXGcoMC7ph+1cBS1pISEHiOBHQLJXGJTi7ymrkuqqIwiDx+C8pPStv0hnJv2FuMczc+YyTqqzBT5bvjaMRuS45OsfVEI/w6xLvSFuThJ85HlBWAqOyEy7UvTixqNjRada6oI4jrm256kYAE5TBQiNojNRHj7zzNe8NMGz+kKoiDOYGOcRS0nOzWITNUW7hjgvCof2NVwEUsCVKNtdLztlBD8Tg/LQM0TOMR86v+avzUnje3y75H1oPcKH8ADD+19L2gs/SrEo2J2FtGI2uBfUklu3EygjuGd1C22UMnIMg5dNMLyjYpIXEvoBMZQ8CrRStLvwIVeyN70BBo3jwj9cMwCjjo1lTuG165XNp2scAM/l6j8LU8t0jxCJubggFg3HgIQ+9poT/Cshcjpaj4cwdRLWHSsR4y4MUPcj57IgSOV/zsbZVHyq+EfeOw/8ApTFTR9WxYqpPhVlF8XlolWFzYc86xuQ8RxZdOscr16S2FCAdD6THqo8LRDKO7F+BC6X2NOTeG9l5RTqBqE0HIk54rjDPxk/V90rtp1DAOXsdF4dO4qV789GctdZg7/sxg77kObiiIIzUiAUdAdSmXfhifSzt1zDpB7fyvVd+6ObZEXO7w+4E+/BHU++rUksjyPnAkKzmGuc4XUCoz5VIGuUAVC2vCUR7/Mvj/8RlZkGvpWCaZs54mcWszM4YPSNRgREPQwMOePrjxB1DxlGHB8KKgb8serA3aVyYW6W3Q5PilSKu2q5AINLvse97rBclZSKztmforMrr248CsNkQkPZbK1wtecoGdV4UyaGDYX6jG5vdNeCvOg5Oo11IoqiRCcX8HAw0+FY2WSfAZlvOWjqrCpJuqlkc2PSQxOsMCJt0e7gJMLrc6lFvRKfdMKDeCeU3FBlY7W/0IZFPbxwhkce1b+7SuKex0APLgFddngNQSRneDPhG9erI4HmOOF4AoYvJVvytrv6KkZAs8DoxK2lVT0vyo1aBi2LLaD6/YXsmDjNKLw4QlGSU87Ov7DBj3hYI1XYGNDfCiTfEwRFXckzr5No5MXTJdblTKYX9kaYyuZBz6gWICmZklffKbCa3nOuMvST6Xa8aJQFVIW7/1Rv89DOyDEvwVzN4DYMXMg2hEvOA66g==
Content-Type: multipart/alternative; boundary="_000_DM8PR14MB5237459AC795AE826FDDA198838F9DM8PR14MB5237namp_"
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM8PR14MB5237.namprd14.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fecfd039-7957-42a1-0894-08da69c49272
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jul 2022 20:23:41.7174 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ko6Wt7LnR//EJdN5BZAeSFwYvPVIue/BOBk1xo+usz0BntAivSlpCaTadXgrzIGaVhqrA6n4nKMeU/pWa5GffWeU+osVIPAmhj4pvDjwvfg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR14MB3865
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/Ymx7ixMiDZsUjrtR5kM1iQYX5F0>
Subject: Re: [Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2022 20:23:48 -0000

Thanks Todd.  I think that is the right perspective.

I’m a bit concerned about the discussion of attempting to perform the checks at any other time, and I’m even more concerned about what seems to be assertions that it’s ok if the quality of the checks “degrades over time” as if this were a natural or unavoidable state.  I think everything possible should be done to avoid that outcome.

Over in LAMPS, we’re spending a lot of time dealing with the fallout from similar issues being inadequately addressed in the past with secure email, causing exactly the phenomenon described here, where over time things just degrade.  It’s very confusing to end users, and negatively impacts confidence in the entire system when things change with time, seemingly for no reason.

-Tim

From: bimi <bimi-bounces@ietf.org> On Behalf Of Todd Herr
Sent: Tuesday, July 19, 2022 3:15 PM
To: Scott Kitterman <sklist@kitterman.com>
Cc: bimi@ietf.org
Subject: Re: [Bimi] Proposal to Clarify Role of MUA in BIMI Evaluation

On Tue, Jul 19, 2022 at 2:07 PM Scott Kitterman <sklist@kitterman.com<mailto:sklist@kitterman.com>> wrote:
On July 19, 2022 6:03:10 PM UTC, Dave Crocker <dhc@dcrocker.net<mailto:dhc@dcrocker.net>> wrote:

>Considering your comments a bit further, it appears you are suggesting that BIMI does not need to validate at the time of display.

Maybe.  I won't claim to have been following the details closely enough to have an opinion.  For underlying authentication methods, such as DKIM, I think it's critical to evaluate them at the time of receipt and store the results.  That might also be true of Bimi, but I don't know.

To me, BIMI's reliance on DMARC passing (and being at something other than p=none) means that the condition at time of message receipt is the only one that matters. The current version of the draft specification even discusses a method for recording results - https://datatracker.ietf.org/doc/html/draft-brand-indicators-for-message-identification#section-7.7 - and those results could theoretically be relied on by an MUA at display time, assuming that the MUA has reason to trust the recorded results.

--
Todd Herr | Technical Director, Standards and Ecosystem
e: todd.herr@valimail.com<mailto:todd.herr@valimail.com>
m: 703.220.4153
[https://hosted-packages.s3-us-west-1.amazonaws.com/Valimail+Logo.png]

This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.

v2.23.0 | Report a Bug | By Email