IETF Logo Mail Archive

Re: [Bimi] MUA Evaluation of BIMI

"Brotman, Alex" <Alex_Brotman@comcast.com> Wed, 16 March 2022 15:24 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D20433A18FB; Wed, 16 Mar 2022 08:24:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SBVivYhWWbTZ; Wed, 16 Mar 2022 08:24:52 -0700 (PDT)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEBF13A18FA; Wed, 16 Mar 2022 08:24:51 -0700 (PDT)
Received: from pps.filterd (m0156894.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 22GF3lZ2015566; Wed, 16 Mar 2022 11:24:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=20190412; bh=v01D/RRwCHsaBR2dPGa6WvuW0X5ktTOW1TIxRTAGP00=; b=Dxhuk9vkN0PGGv7skOPzBbe7y2e6Z7o/33VeoZYdXp8RHUjxnTrIG4xU5uvBOc6zmdF8 MVzuZAiNvRnQUn+1u5LnsQ5eh5LrdB88aM2NonuKs7FPyb1da3FmgCjW0niNo5Hht2/7 jyUI13PfEqy1XbsHx4BYr8YweiNxabkqJnu1az7+n00fJ6zkdmVxTLvxfRVwWml06Kyg p3xcC6TXLeuHAYw4PM0CxUvJ5KEehH1KAWJx4pML8vhHgqD74Ex0Enfq5xzofwptyQAG w2kPH4766v3lcppXVRxyqCEX3OJmwZNsUvx8HkYYIIVaxk2PY4d85R1gsCAfLTNqcIZ5 DQ==
Received: from pacdcexop02.cable.comcast.com (dlppfpt-as-1p.slb.comcast.com [96.99.226.135]) by mx0b-00143702.pphosted.com (PPS) with ESMTPS id 3eu4mh5c53-16 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 16 Mar 2022 11:24:43 -0400
Received: from PACDCEXOP04.cable.comcast.com (24.40.1.151) by PACDCEXOP02.cable.comcast.com (24.40.1.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Wed, 16 Mar 2022 11:24:36 -0400
Received: from pacdcexedge02.cable.comcast.com (68.87.38.198) by PACDCEXOP04.cable.comcast.com (24.40.1.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.15 via Frontend Transport; Wed, 16 Mar 2022 11:24:36 -0400
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.173) by webmail.comcast.com (68.87.38.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Wed, 16 Mar 2022 11:24:27 -0400
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by CY4PR11MB1384.namprd11.prod.outlook.com (2603:10b6:903:2c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5061.26; Wed, 16 Mar 2022 15:24:24 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::15bd:e7ac:d4e:f01f]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::15bd:e7ac:d4e:f01f%6]) with mapi id 15.20.5081.015; Wed, 16 Mar 2022 15:24:24 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: "dcrocker@bbiw.net" <dcrocker@bbiw.net>, Ken O'Driscoll <ken=40wemonitoremail.com@dmarc.ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Jakub Olexa <jakub=40mailkit.com@dmarc.ietf.org>
CC: "bimi@ietf.org" <bimi@ietf.org>
Thread-Topic: [Bimi] MUA Evaluation of BIMI
Thread-Index: AQHYNakS7cBGBKKcikGTe1q57Bj1Vqy/BUnggABVaQCAAOT4gIAAjqgAgAASRgCAAAbcrIAABSUAgAE58LA=
Date: Wed, 16 Mar 2022 15:24:24 +0000
Message-ID: <MN2PR11MB4351832ACD2F68404D87275FF7119@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <7639D8E5-B8CA-48E6-B6F3-63BA091C3AC5@contoso.com> <VI1PR01MB7053B6AF625A5FFB2222F795C70F9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <MN2PR11MB4351276056888F77815E220EF70F9@MN2PR11MB4351.namprd11.prod.outlook.com> <CB922168-3B56-488E-90DD-2591B064F9FF@proofpoint.com> <0aba2ca2-d499-0f88-c490-cc83eb493760@mailkit.com> <1b843c81-c991-ebb2-0e34-e390c72558a1@cs.tcd.ie> <VI1PR01MB705346874D4A8DE24ADC4592C7109@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <4acc48ec-bb89-826b-00fa-e1003d880b04@dcrocker.net>
In-Reply-To: <4acc48ec-bb89-826b-00fa-e1003d880b04@dcrocker.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2c484812-60df-4d7b-c9e2-08da07610d59
x-ms-traffictypediagnostic: CY4PR11MB1384:EE_
x-microsoft-antispam-prvs: <CY4PR11MB13845A994740D8C8DD83B04BF7119@CY4PR11MB1384.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bKghuVIi2amQNBB4JOJ7AlIOz7eHKehbLSBo+ZP/b582EgGQ5UcOa4Q1Pz4XkrJ9sgej0qUVadiRMPaTNwqtx1eiu7np6CTIWCqA8+jOLtmCLZ6zPCewb262Xt1g1D0pNjgyaab/dzYBIkMLxMmaKHRGj5PoWpGzSO7wqalOWgqwoRHlLOGeQB0gKoRpR6A5CRipbAdlEBJ/YQ7b6w52mvyZYhgTutkPznUFkyyvhMzUw/kbVC9Sqs1bXRWTe+GTLYzJPZ3lYzSl/bSscNa0v9V/XfWHYLiEga62YPCfKWDxE9E8ABBDeb60xMglMjEHjnvLHNGEXJ0HC8hjn1rgY2zEM07s0WxYAa5LmLHDGYNzoUo6ojD4JnhXx7622wbOKhU2n7BkKOyUkzXmH5Pq5OD5qHE/XneBsnPLEGp1GDr6/luK+O+i1pV5mgDmXbe7U0y3ngNOChWE5qMeVfMRG0u3M5/MJP7G47ivDgvSsFw2jlFbGo5sOgLWcnod3Pic7VcLm7sFzr3f7pXfVLdchxPBKXTs55QmL2KY441I8xUmUEasdALZw36gMcxRp5PwO7ehrQclXwgAGpqpGkY7mqEoEqiPxkCjsbyZYYjHPb17Ytgd7edDL1ktSXmVPrmh01gsTRrCoel9UvfrSf6fYnnSqSRn6C0/FkPW1skyVGkhOJwchd0nv06WvnfcTIbJlYs+DJ3Gb99sWRPAyjXgNSvlXuX6XIqRc9sFGIUEG4BHrGQisfQPB6TVeB9B+6v9UmCB9U8TM+q2igQMljLF3ItvevET/BBLAzKsLs9uTWk=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(4326008)(66446008)(8676002)(64756008)(122000001)(66556008)(38100700002)(83380400001)(9686003)(53546011)(186003)(86362001)(66574015)(7696005)(6506007)(55016003)(66946007)(76116006)(38070700005)(110136005)(316002)(2906002)(33656002)(82960400001)(66476007)(8936002)(52536014)(966005)(5660300002)(71200400001)(508600001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: w0rVP9Pqsw2EnVbYmlk1F8l0IWsKWm1ruzdSX82H9NxZs9dx2sIwFeLspwukNGlpYY+tp5U0sgoG1UWSc4LNXIFe7uuo7bqKjkeLVCjQWaz9KAsRMqKaABpGUxuACJJdBG7kcwGs0HPfKYylUwmt+pw4+/tgCcGz1q+C5zIoTQZqGZvhulXkywH9BhK38GF+raYf34gR6r6NLUI9yC7Hg4ZINpEXNXzJrjTneED673X091fBvI4PB71jxICtZ+unDu4rjUfuzzC6wrOls+rg8M8sA0+YLvAOHdP3BNUOo1RJjNxl57hufhshhZJQLPj9dGhdWG/rg1640rvoXfkmJLK1GNebnuvhU+tZ1bLLPj4uI+JC6gmVDlCGQ20PS8Uh1HfINqGQdk1tkCJlaiTBxT/CRgkn++WM3siB5dfevqNrssFZLul++iWRPat1iVmaE/uJ9HYF7fpy3L83FbPFLX7cDiar0WgA7FkyYsfivBMn+uiuISbvxFx1hAZblo/YT5WqdtN8E+H1w9+dPHUJW2ZdJuqBAMZLHv1M2gITNo409zaDI5VNI7oxeUV/dAF/OSFJPuSgk3Rp1Fc+3QMkHhn4QoNXmtNV4PXWn1XfqNdqYiN+nwrg9+5e66qJdCTEsbmawyZOlaYXyzMAimy4YxELX7kIZ5PwNUA5EtQsk4UmLQeFf22+PdprwUqijtc5U/huZasF5v1hK/LQ0Fy9Ktkqml2DK3v8bxUAVM7ruHoCcb6SkTVVhS3e7v6jp/ahnQKzsp2FTdWzRCiofpZ2wXmTmtXM8X2bfoIsesQSWJ7HkuEQJsmQ6lhxrHZAiNCjutQ6Ceod6/jSNp0ngrvx45/DZvW78IO9VDoXTW2qMmRi2m5dnvREpsvJwe6P7BAP2qESzNDvyaymMuNAjmpavhkjq46WK6CpbiSv7mbPO58ptM7pwJ6kqj9EIrVxGEVD7VKPeW1uAZG4tv9atSVXg43c9ndxPgAaD5DozB7A8myf7zPNntqoRznhLfOBqgGDauVzdkY4S/41pOzkufrGOtateFrW3mJLigs9eGWaD0O/BqTrX4Nxgv3DU53kxdyL5URO/K7TFX0M9P8VAgqMZPit4Lzp0qjAgpuebOwDVljZCasLxMRNdUVzBAJ6AnGoPiPgkrYmV9W36M8zjv6IJXf++PVlLMq3k5A3FLgCX1UCFgWHsBABjJzp+FHfpmUKMdqJXi5E7zRSRQpJZtONXUlXKklUWezCk98Q8cJU9LLlP9rPkv+SotQwFghLXVSR3OvkYRlukgiBoPoXGdoZCGH2Dkyq+d8+dzRQ8EQc4/eo85bvXR3UdP61p0WWahV+wFr7pgtQjLcC0Axrhds3Z34X8HN68SyuJ/jaM6MNFRs9ZHrw0i6HoeNA9FQo+vgI7fzfYi3QKFroL/ddqRO7R/iVW8pf7ZZbemr4jxjb4GROSs4F0BR5l4XSfgSDB/UGCCEbxtIDNmm7FixntzFYGUjwFxt9QE5cgleeNvX0+q4qxVdpuiam7a9lsfCbEIGeDTuis1uBUgZcY6z4FbIr4Q==
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LV7XmS2QBJdmeaUE5c0kiqOg8il4mmnjR95aJQiWuwuQFfuLWPA8WH7LurQf1EqoBYpoUEH+OpY1965yhzscl7KrVQ07sR5WgZYk8izCSICTFg6l/Snze2rPuOXmDtO853SJPo/GmSFEHLQTc1L20TY+uqXYOhaIha7+SOrRUcvwYSWdwBQqmbwevVPtXwP7lXW7KU5c9U8gO448cYnCeyiLlEzZsfRJSRWRBNyJsKGjMggJoSdsi1yvNBzCfF4mOYFoxpjWNjFhQVUDe7XFVI/0g4IkzrQyLQ+1E/+G/fMRIENHnOzX2Nyxa7iGdNLXnqRonbli8IUidQqo77vd+Q==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sQKhB+WKoQzBCbjH2tPgcE31Un7brIUH9p2VYvLXSXo=; b=lR5tevNnMxh/ojuGL46MIU+n/7cd9w2BkphNudMdMWWdaHIGQ9O5VnUZTzOi0OakgnWQI38So1m3H6otskmiFfNsUHMlnR5cHS/4IhYaWNWrlVqEF+5M4w+6kE8ffl6VK1I2Antcq42GlbO9dB8DLWvt9cN5coQmzC8/m4HMWfDHxvgTCzOGWFQmidpGwwUchNxum1tsxRwVvZtMI1McIfr0Gc7DcJSpdOlP5jYxmpNHJyCzCwOPcs5cHmi8+Bp1y5lOPbvkNeYDxlmQHsna/cl6SXFyeKKT9Cc1IBI9yYwBAU+g+RtNVZvGWvOsJMccK+L2GgGJgE1POgjYyayeIg==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 2c484812-60df-4d7b-c9e2-08da07610d59
x-ms-exchange-crosstenant-originalarrivaltime: 16 Mar 2022 15:24:24.2775 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: KpZatxEau7pC/pUIOyLZdmGzufiIHdnKHiBNNKt5UHvUMvl/p5N5fVYdDQEOnmGmWlPHZYEhrtdekc8FgTroZrFI1nnlM1LPQiby3m/SnqI=
x-ms-exchange-transport-crosstenantheadersstamped: CY4PR11MB1384
x-originatororg: comcast.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward AAETWX
X-Proofpoint-ORIG-GUID: Zj8kuUAT0WvB5SGU8j8F_i6fp1fwKXjA
X-Proofpoint-GUID: Zj8kuUAT0WvB5SGU8j8F_i6fp1fwKXjA
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.850,Hydra:6.0.425,FMLib:17.11.64.514 definitions=2022-03-16_06,2022-03-15_01,2022-02-23_01
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/XCl8JsTQ2T0IqhZv0NzKqY1Rtyw>
Subject: Re: [Bimi] MUA Evaluation of BIMI
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2022 15:24:58 -0000

So it seems clear we need some way to validate the results of the MTA authentication evaluation, presuming they divulge those results into the headers of the message.  Trent suggested ARC, and while that should do that, it may not be ideal given adoption, and perhaps creating an additional barrier.

What if we were instead to say something along the lines of:

The MUA MAY decide to evaluate the authentication results of a message, and then optionally display the associated logo as appropriate.  In order to do so, the MUA MUST be able to validate a header containing the authentication results in the same message. It SHOULD be preferred to utilize the ARC-Results head where possible, and a fallback MAY be a DKIM signature created by the receiving system where the d= MUST be the same as the 5321 Domain used for the recipient and MUST cover the Authentication-Results header created by the receiving system.

My thought is that DKIM is more widely understood and deployed than ARC, and if we need some method to ensure the validity of those MTA-provided results, they should be equally useful.  That needs wordsmithing, but thought I'd pass it along.

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

> -----Original Message-----
> From: bimi <bimi-bounces@ietf.org> On Behalf Of Dave Crocker
> Sent: Tuesday, March 15, 2022 4:34 PM
> To: Ken O'Driscoll <ken=40wemonitoremail.com@dmarc.ietf.org>; Stephen
> Farrell <stephen.farrell@cs.tcd.ie>; Jakub Olexa
> <jakub=40mailkit.com@dmarc.ietf.org>
> Cc: bimi@ietf.org
> Subject: Re: [Bimi] MUA Evaluation of BIMI
>
> On 3/15/2022 1:27 PM, Ken O'Driscoll wrote:
> > Independent MUAs are going to implement BIMI regardless. Telling them
> > that they can't in the specification isn't the solution. All that'll
> > ends up doing is turn BIMI into a Gravatar.
> >
> > The spec. needs to articulate how they can do so, what the risks are,
> > and how to do it properly.
>
>
> Exactly.
>
> If an email feature for an end user cannot be implemented in their
> independent MUA, that's a pretty serious limitation, at Internet scale.
>
> If there are basic requirements to the distributed implementation that limit
> what portion is 'allowed' in the MUA, that needs to be justified and
> documented clearly.
>
> d/
>
> ps. fears about encouraging/discouraging something, other than through the
> usual normative language, moves into the realm of mass psychology, which is
> considerably beyond the scope of most Internet technical specification
> groups' competence.
>
> --
> Dave Crocker
> Brandenburg InternetWorking
> bbiw.net
>
> --
> bimi mailing list
> bimi@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/bimi__
> ;!!CQl3mcHX2A!Vh3DCZZUfdB9r0L7LxwLfQUJ8Muv-p_NmKRRL6tT_S-
> Rwqh4rpLY_lfE2eckcHfbfr6NHrs$

v2.23.0 | Report a Bug | By Email