IETF Logo Mail Archive

[Bimi] SVG P/S Feedback

"Brotman, Alex" <Alex_Brotman@comcast.com> Fri, 28 August 2020 12:57 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DF373A0B8A for <bimi@ietfa.amsl.com>; Fri, 28 Aug 2020 05:57:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b=fu7dfJgn; dkim=pass (2048-bit key) header.d=comcast.com header.b=CCirRjY6; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=comcastcorp.onmicrosoft.com header.b=HjIoIiGc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hfUg5IX3gk6C for <bimi@ietfa.amsl.com>; Fri, 28 Aug 2020 05:57:25 -0700 (PDT)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E623D3A0B88 for <bimi@ietf.org>; Fri, 28 Aug 2020 05:57:24 -0700 (PDT)
Received: from pps.filterd (m0156895.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 07SCsEbH009825 for <bimi@ietf.org>; Fri, 28 Aug 2020 08:57:24 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : cc : subject : date : message-id : content-type : content-transfer-encoding : mime-version; s=20190412; bh=ucYYT/gypC11TD1j4lMLJA51+3plz/2lHEtrKXJOENw=; b=fu7dfJgnd6TSsAgpwuA8g3+/Jf+mN/nbIpgUJBgDmGn7EejbT6a1T+8i/RTgkXuf9hey zyt9jC3heI++UzegMCLMTujQlBJH1Cs+Pn3w1BgBbkFcQ/wjr0MUmr/F9KyCS0dS1Y2M rqkg42P3kGQ/QGAUolmCJvHI9aXQ0xfUJ02Ux0CWFw/Y3IYp8ws/8hm8SJBn4mfUdHvk Px2mIKFcl8PoUQm8qpfljBy3ci2YgtZSkUZygxQyGeVlk0k7flCTpv85nkuBSPs65U3O d6k+jDm7+H44D4/L2f7fIas09WN4dqoMfIATo523Psq4xUFvFduFmeSKmuvZkpCke7sR Cg==
Received: from pacdcmhout02.cable.comcast.com (pacdcmhout02.cable.comcast.com [68.87.96.15]) by mx0b-00143702.pphosted.com with ESMTP id 332xdn8m4q-23 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <bimi@ietf.org>; Fri, 28 Aug 2020 08:57:23 -0400
DKIM-Signature: v=1; a=rsa-sha256; d=comcast.com; s=20190412; c=relaxed/simple; q=dns/txt; i=@comcast.com; t=1598619443; x=2462533043; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=+L35DFA58bgBCXbM0yp0XF0fz29p/rVz9+TXAIdsiLQ=; b=CCirRjY6u0Uky4KF5Wu7uFxnSfU3nZHvfdXuEanL6qd8Z2NariJdczPifle5S5LQ 79mR0zJMVOZwLFhsAHZpiOQuv0ClCvq9ELhMEgl1Ox0PlxXcD5LTZagO+xrCpb9j 8ZwbUdRrvuRcoC60Ds7AOa3W+IEZPxmz+Bt6/V6ZaWFHSQHmyzrdEudA0bKT+H38 JPrI+joORYrcA7wqW/dTobhws/OdUyECbrH35UqyChdwMkQvMkpYrV9XV3KQAvvD 4SKDoMO4PUxBd276usjFKTlRIDQY3eBAvLBOc58KEVehOM07yU5jujFnu43MD6k2 Di+JNwQYej5W5lIvG4XFZA==;
X-AuditID: 4457600f-f0fff70000005543-8f-5f48ff33b946
Received: from PACDCEX54.cable.comcast.com (cas-umc02.ndceast.pa.bo.comcast.net [68.87.34.28]) (using TLS with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client did not present a certificate) by pacdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id 99.1E.21827.33FF84F5; Fri, 28 Aug 2020 08:57:23 -0400 (EDT)
Received: from PACDCEX47.cable.comcast.com (24.40.2.146) by PACDCEX54.cable.comcast.com (24.40.2.153) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 28 Aug 2020 08:57:23 -0400
Received: from PACDCEXEDGE01.cable.comcast.com (76.96.78.71) by PACDCEX47.cable.comcast.com (24.40.2.146) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 28 Aug 2020 08:57:23 -0400
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.36.56) by webmail.comcast.com (76.96.78.71) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 28 Aug 2020 08:57:21 -0400
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by MN2PR11MB4584.namprd11.prod.outlook.com (2603:10b6:208:264::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3305.25; Fri, 28 Aug 2020 12:57:20 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::ad13:1343:ce8c:d2f]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::ad13:1343:ce8c:d2f%7]) with mapi id 15.20.3326.023; Fri, 28 Aug 2020 12:57:20 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: "rfc-interest@rfc-editor.org" <rfc-interest@rfc-editor.org>
CC: "BIMI (IETF) (bimi@ietf.org)" <bimi@ietf.org>
Thread-Topic: SVG P/S Feedback
Thread-Index: AdZ9Okv+69BoULslTL+Cfd/XcqlzFQ==
Date: Fri, 28 Aug 2020 12:57:20 +0000
Message-ID: <MN2PR11MB4351CC443B406196C3953D1BF7520@MN2PR11MB4351.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: rfc-editor.org; dkim=none (message not signed) header.d=none; rfc-editor.org; dmarc=none action=none header.from=comcast.com;
x-originating-ip: [2601:43:101:380:40d1:a125:18b6:dd0c]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f48b6456-2b1e-4568-120f-08d84b51e684
x-ms-traffictypediagnostic: MN2PR11MB4584:
x-microsoft-antispam-prvs: <MN2PR11MB458491C8EBE98029E957FA5FF7520@MN2PR11MB4584.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Pj/LMd6v7slTVoTtBxsO3t7psYYc1YnSx55N037FmpBX7vG7abvaGsb0H4eeRr/3M9OA5BlWtAGPHTEaPaZmCQrhQfWvWjyObLQIEJunz9/5LnJnTCAKLxMgJ7snfT2WHau0eTt+shQZ3ojOOs4+NY0BBHKdyXhU/i4g/k7WGTdVJ3sPWtzxIhuugA02oDBRYJ1qFxG/r6gp1QloTkbW7puODwKnu91eqZiFB71SKy4P8DJ4QvkTpQ6L1kIVaCFUd30VxbwfeXexA774PCUdOkARlrJeT6i7EDgMLjUuCt4xWNRI4elMphMN09zCAQ9uvO735gd0xc/Gsr+3y6RhaBkEUgvwFfrbHSIQAwkZRzRVoWtWe1j6Eh4+qadIiCVO5ldDQQY/hlhCjIXZViZydg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(39860400002)(366004)(136003)(376002)(346002)(2906002)(3480700007)(5660300002)(7696005)(55016002)(4744005)(9686003)(478600001)(8676002)(316002)(64756008)(71200400001)(66556008)(76116006)(86362001)(8936002)(33656002)(4326008)(6916009)(83380400001)(52536014)(6506007)(186003)(66446008)(66946007)(66476007)(966005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: +N7Hml5km56rxGvqcjYvqpA7uZ0rxDpf5Zb3gcO/t6k6YDeHssGuOwTD5FIU3R3SxAhCpDnupYS+EmNZUIAgc9tC4Fy1YKybevUATjzfshe0n2fNCumIgif29RLmhdH3sww7ZW4kuAJjs1bMTpJrDJViASj8jdQmxXUFXbn7DtHdfG3fP5Kq37dycR68nYzo2T1S5/YMe/Aap3tMd6R/oMpKw2jOeB2OUwgb30J21DFQUrwpxw0YXY/5G2ezfrFqCtg9qo/09gVN62J12PPqdC110ViVJQXP2La7hknL7Xf4NfBg10lUJ43LZxR4/LQtipQachiqs0Lr8H87GKD/7v2y7LtSp6qPkcsWrwqnCA+ObaOZLql38XvdRKLe+GTXc43vOyfIpg4uEizDSICZTdtO0cHfmR/BdrEBEHzesrg1E10PI8jc/uGbACbET966l4s4XpKi4IiSCvsJ4o1QUwrjD8rAUuA5ydvGAItpAzEgV4gz0KorWktaq09b8QkC2m5UT7VqzTgzH5jnrquowZLrrvzmX7BLxrQBui6Lz4Nln7d3qEJJt+HKmne6JolYUroXz3JEktal6jgo7FJG+xN73MSxoejX4jWk8JTcIrDOC36CxHwmQ2rMhBS7lmu3d3w6cKJL7CoALZRfKxOt1Qfetdwr+1OF7taf1SutMbOaQ6DLqaaejztaMocEOBRIMTm48f+i6P2O3EO8HUb5cg==
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GWqgG/0aB1GRQijvjb+XXqpVam0CBfnVPkcsYRFRuSWz0TrePfIVO/Wlld8hmd0lelfWetusck2uWU7aSrkr7iQU+HWXRut9WoENOnU9bVFpB1pQWHRzeSnuDXWywwi4bCI4GikaTlm6X/zFO8W3mzTuu7zOAj6OrL82NXaLFGW+wN/w1aV7w9Jze9GhP37DSz+A6AmA/ERAMlCNHxJhLKwcckmwoCFUp5dQar8VYSuWNvU8gSqyIHIaGaAgr/duCRxt/zDgvad59kbOXDxz3pV/4dC/8j098rWvvfW3fG/S7XumSF9Uso8Wws3HZ1tJs6fxEISh/esK/gETRamr3A==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xc/6mkHJ8ZwlTbZg50bNUwHaGFZqPjbVMza+2A9foKU=; b=Y/paz8RJBqQctUnDt58PRjIrqWshyrbaEPPkiZeX5GQgrNeqFdCwJRaHRhG4t7rdmoWZcwNnrod1fYYo8+Dx5CGZvw45G9jNSSfyZYEe4sMJTQrbd0lViwUvaECIlgOfa9tOqiU00hLByqHcjCh/XCRzztbGWGotawZECt/c4XeCqc3BYz+IaiGbGOb2ayXgUXjSlARP9CL6kh1seL7Pe/9B6vwosA2yJv9RsoiXpQNfZZzd+u69T4BDWpKR/ObohoyKm4k2Ztwx2VmK96d7aEbGKAa5vL/rfQsPvtUu/BPOLo9FgAvYw6AhQkyRsovW3aR+tHsNqXxjzsyx20w4bA==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xc/6mkHJ8ZwlTbZg50bNUwHaGFZqPjbVMza+2A9foKU=; b=HjIoIiGcfwo6NYh0rkpcl60/s0pB9ILzXHYqSHyG9VfUa4x02dJnYZKrLf6C6+Oxczev6+pmm5BEUEvrp7IeJADWOPcKfuRoH8Vk6RSooTTEpQJtuysUTN8WoBNhDWF0pLOkJmJMcyWnhYzMKu/gFvK5qIH0TWrvdOXdmx/xxaI=
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: f48b6456-2b1e-4568-120f-08d84b51e684
x-ms-exchange-crosstenant-originalarrivaltime: 28 Aug 2020 12:57:20.2885 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: DDXwEXPnwiLw450CA+0+2Z/Xt+AD5jUZHPh97iTmVqEVeOdEAnydKBn3Cx0bdObazj6irOoyF4TK5ssF16F9F7vr1yGtwwqTCi9svlC1Pc8=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4584
x-originatororg: comcast.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrLIsWRmVeSWpSXmKPExsXiEq4ko2v83yPe4OZZTYvmc/sZLQ4eb2Bz YPJYsuQnk0dD2zHWAKYoLpuU1JzMstQifbsErow3Cz+xFfxnq3i65SV7A+MV1i5GTg4JAROJ 9/9eMYPYQgJHmCR6jnp2MXIB2bsYJda2v2OHcK4yShxpP8gK4RxllNi14gUzhLOUSeJ84xM2 COcBo8Tb89vBhrEJGEi8unSQBcQWEbCXOPf5N5jNLGAosXfmPzBbWEBSom3PYVaIGjmJiwv/ MEHYehL7dl0Eq2ERUJX4vucv2ExegRiJif9WgsUZBcQkvp9awwQxU1zi1pP5TBAPCUgs2XOe GcIWlXj5+B/Y2YwC0xglbsxfAVVkLjH1x2QWCFtW4tL8bkYI21di5rtNUDVaEhPWb4KKZ0u8 m7wEKq4mceNNB9QCOYlVvQ+h5shIPLixHRwSEgK7mSVmXbsF5Xxklrjy8goThPOHVeJBZwfQ WA4gR0Xi36HKCYxGs5B8AWHrSCzY/YkNwtaWWLbwNfMscAgISpyc+YRlASPLKkZuMws9C3M9 SzM9Q9NNjOBEkcC/g/HodI9DjAIcjEo8vLmfPOKFWBPLiitzDzFKcDArifC+PuoeL8SbklhZ lVqUH19UmpNafIhRmoNFSZy3/+qLOCGB9MSS1OzU1ILUIpgsEwenVAOjVyx7JsMx/rj3l3c3 7Nh4qN38lcuVAxesbe64Ou53T533eVe+sd3MmYX9ZUvjp6eUBx77uHiK6OPESce4zOa/PF7u srzmvo/+spj9z2t38hUujtirOf2TnoCpw8RLanYKk7njPnZOq1/7uGbme6cD76dHifb2BG4y kFGZVvPvgF/Xbu5+6aMvlFiKMxINtZiLihMB1dmpQRADAAA=
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-08-28_08:2020-08-28, 2020-08-28 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/YB7RcHooyU3-V23YEYAJaEExH4g>
Subject: [Bimi] SVG P/S Feedback
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2020 12:57:26 -0000

Hello,

[Apologies for the cross-posting]

As part of a separate project, we wanted to create a smaller SVG profile[1].  It is based on SVG Tiny 1.2, with several components removed.  The goal is to try to keep the document self-contained, remove animations, and generally more portable and secure (hence P/S).  Personally, I've been curious if we should be trying to create a new baseProfile as we've specified, given that it may behoove a developer to only target this subset of Tiny features, reducing footprint and attack surface.  We also welcome feedback about the text and font elements that we've permitted in the draft, and their security implications.

We thank you for any advice or feedback you can provide.

[1] https://datatracker.ietf.org/doc/draft-svg-tiny-ps-abrotman/

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

v2.23.0 | Report a Bug | By Email