IETF Logo Mail Archive

Re: [Bimi] Bimi Goals (was: Re: Thoughts about MUA/BIMI)

John C Klensin <john-ietf@jck.com> Fri, 12 August 2022 23:32 UTC

Return-Path: <john-ietf@jck.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1068C14F74A; Fri, 12 Aug 2022 16:32:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wdrX7ObRoidB; Fri, 12 Aug 2022 16:32:34 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA21AC14F730; Fri, 12 Aug 2022 16:32:33 -0700 (PDT)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1oMe8m-000MeG-CC; Fri, 12 Aug 2022 19:32:32 -0400
Date: Fri, 12 Aug 2022 19:32:26 -0400
From: John C Klensin <john-ietf@jck.com>
To: dcrocker@bbiw.net, "Brotman, Alex" <Alex_Brotman=40comcast.com@dmarc.ietf.org>, "BIMI (IETF) (bimi@ietf.org)" <bimi@ietf.org>
Message-ID: <855F7EF3C667C16D854FED94@PSB>
In-Reply-To: <ce92084e-9002-7c36-0d26-744dc86b0995@dcrocker.net>
References: <MN2PR11MB435138DB4A7161A506B8CD25F7649@MN2PR11MB4351.namprd11.prod.outlook.com> <ea58765e-c46a-8f29-8af6-3373db343c27@dcrocker.net> <MN2PR11MB4351D981953EFD96C3E4A301F7679@MN2PR11MB4351.namprd11.prod.outlook.com> <494098D0C7B06400A7C08303@PSB> <MN2PR11MB43510121C7EBC6197AD3A2ADF7679@MN2PR11MB4351.namprd11.prod.outlook.com> <ce92084e-9002-7c36-0d26-744dc86b0995@dcrocker.net>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/TWbylEJNPTshr6H5bO2yBKK1VvM>
Subject: Re: [Bimi] Bimi Goals (was: Re: Thoughts about MUA/BIMI)
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Aug 2022 23:32:34 -0000

--On Friday, August 12, 2022 14:40 -0700 Dave Crocker
<dhc@dcrocker.net> wrote:

> On 8/12/2022 10:58 AM, Brotman, Alex wrote:
>> My apologies, I was not trying to suggest that other options
>> cannot be considered.  I was noting how the document/spec is
>> currently designed, and that both goals are important
>> (perhaps independently).  It's entirely possible that we
>> could alter the method to work as you'd suggested a few weeks
>> ago, and the independent MBP can impose their own
>> restrictions which could include any manner of things
>> including DMARC.
> 
> Alex,
> 
> Your note seems to suggest the idea of parallel mechanisms, as
> alternatives.  In my experience, those don't work.  It was,
> in fact, a hallmark of the excessive complexity created in
> some/many of the OSI specifications.
> 
> If you don't mean that, then I'm not clear what you mean,
> concretely.
> 
> Note that while some of my posting(s) today do cite inherent
> limitations of basing Bimi on DMARC, et al,  at least one
> other posting discusses an add-on, for interacting with
> unaffiliated MUAs, that does not require any changes in the
> existing DMARC dependency.
> 
> The larger point I've raised is, really, not a new one,
> although apparently came up fairly recently in Bimi
> discussion:  Namely the need to carefully consider the larger
> operational context that is to be supported and development of
> very -- very -- clear understanding of the needs of that
> context and the reasons for excluding any plausible cases,
> including threats, operational challenges, semantic challenges
> -- such as loss of rights to use of the image -- etc.
> 
> One can easily imagine making a set of choices that only suit
> a very limited set of platform providers.  In business terms,
> narrowing the market segment to be served is hardly unusual.
> 
> But to the extent that this work is being done in public --
> and especially since the discussion here is hosted on an IETF
> platform -- the lack of clarity about those choices should be
> remedied, IMO.

Alex,

Just for clarification, while Dave is approaching the issues
differently than I am and consequently is identifying and
explaining different issues (or versions of them), I am in
almost complete agreement with what he wrote below. Stepping a
bit aside from the technical issues, I would put special
emphasis on his last two paragraphs above.  If the goal is to
design a system that will work well for a limited set of
platform (or other providers) then things get much easier for
those providers but this is, for multiple reasons, the wrong
place to be holding the conversation.  By contrast, if you want
to open it up to a broad range of providers and have the
conversation here, most, if not all, of the issues and
alternatives that Dave, myself, and others have brought up,
especially those that reduce changes to working protocols or
otherwise reduce complexity, deserve careful attention.

best,
   john

v2.23.0 | Report a Bug | By Email