IETF Logo Mail Archive

Re: [Bimi] MUA Evaluation of BIMI

Ken O'Driscoll <ken@wemonitoremail.com> Tue, 15 March 2022 18:00 UTC

Return-Path: <ken@wemonitoremail.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B1143A1365 for <bimi@ietfa.amsl.com>; Tue, 15 Mar 2022 11:00:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.11
X-Spam-Level:
X-Spam-Status: No, score=-2.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wemonitoremail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CceJRc_QVAiC for <bimi@ietfa.amsl.com>; Tue, 15 Mar 2022 11:00:16 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on0708.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0d::708]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 562733A1350 for <bimi@ietf.org>; Tue, 15 Mar 2022 11:00:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=agg2B4IPWibEB/+4EVq2ex0S/WEwh30D9OLWhUsKWADTOfTZd4YPBEsOLwc4n3NyiCdWmtjVz09CkUKK7d8n7QWh47DdJ1rx927kc5U9qpTZFa8B/29pt4SewIdhf6xsXp1nkws6fcSpOh0XUByNNRG0RCRFEHkvfpSYdcO+ZHG5CIZGuBNIZygJVZe98JaxH67Y3KAPTLDZBLQeVOMJj51Gas93vh9TiMfYqWNLFEt2ZI+RhGv7PytmZIZAb5tUmAWsSbdnkd7qESslvoq1D0nQFUlkMQfQFnLiLB1MvM9MEuFjygHfLXp4ofu5Bq1vntH7WA+1nBwz7xRaTm8JVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=idFbDBvmxO25MPnFkMspv0OdOwvPTgFuyl1NN7po6fA=; b=M5PIjpp43emLFIacazzavtxwGrg+g+dpYlicDNpSSBIFNQ/snwjFqHQBTG7vNY3qOj/4SFOgMUCxwnxruUtVur2u1WM/5Nv9yfYdjgAJlRT4/vkbqqi6TLb+H0BtBDFGjHnqDZB/HSSAImbEgf6JlrF4RQFknk0R+KdmDt/ZHX8tuLUci+GDVPIm7ZwH1QT7EFUfKHoqM0hlt19VkSJqN8Jx7USh7jrHsEL7jrfxUPaGHLR3R7P772n0wbXGlWzjp9AdWhNxM9FnAK5sj7AZE5RKPX0qGWlV2NxW1sblvQDmP4hp/nlHy/10t7C6MmeJ3KLsfFl6qFgduL63GjC7bw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wemonitoremail.com; dmarc=pass action=none header.from=wemonitoremail.com; dkim=pass header.d=wemonitoremail.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wemonitoremail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=idFbDBvmxO25MPnFkMspv0OdOwvPTgFuyl1NN7po6fA=; b=ck3KyVkBHEkCKASLdPKgYWHEJShmYaENxAHnNURBrJB9GojJ1lBoISmJ9H5/FwsUzV+7vwWGy1lPSzK9U0AYW09aHkkv4S0bG3n1/iE8zySElrKGMoSkWXtHiKXcoJ+w0f/RChNXmrpIyfwS04WqcPF4kJQ0xzeEzihik1C4vAIsiD02ZO5j9v+MOi015Ok3ep3dfCvIldX8ThXTUQwMvVKr0YEgCsZQCfOjUDXakI9JdIaS+pGfztR0Ne0mosqkFADZ3BpCAElVxk6NLC214yoy9uMvmJ1xKvjwRUdujTqEJlB+MbN6w4F1+k+8yvQCL6TOu4HgkPark2VK3qjTsw==
Received: from VI1PR01MB7053.eurprd01.prod.exchangelabs.com (2603:10a6:800:19a::9) by PA4PR01MB7262.eurprd01.prod.exchangelabs.com (2603:10a6:102:fb::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5061.24; Tue, 15 Mar 2022 18:00:08 +0000
Received: from VI1PR01MB7053.eurprd01.prod.exchangelabs.com ([fe80::a049:e870:2872:dbd3]) by VI1PR01MB7053.eurprd01.prod.exchangelabs.com ([fe80::a049:e870:2872:dbd3%7]) with mapi id 15.20.5061.029; Tue, 15 Mar 2022 18:00:08 +0000
From: Ken O'Driscoll <ken@wemonitoremail.com>
To: "dcrocker@bbiw.net" <dcrocker@bbiw.net>, Trent Adams <tadams@proofpoint.com>, "Brotman, Alex" <Alex_Brotman@comcast.com>
CC: "bimi@ietf.org" <bimi@ietf.org>
Thread-Topic: [Bimi] MUA Evaluation of BIMI
Thread-Index: AQHYNakS7cBGBKKcikGTe1q57Bj1Vqy/BUnggABVaQCAAOT4gIAAZqSAgAAD5gCAAADPsA==
Date: Tue, 15 Mar 2022 18:00:08 +0000
Message-ID: <VI1PR01MB7053973E7BE66482A2E23E8EC7109@VI1PR01MB7053.eurprd01.prod.exchangelabs.com>
References: <7639D8E5-B8CA-48E6-B6F3-63BA091C3AC5@contoso.com> <VI1PR01MB7053B6AF625A5FFB2222F795C70F9@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <MN2PR11MB4351276056888F77815E220EF70F9@MN2PR11MB4351.namprd11.prod.outlook.com> <CB922168-3B56-488E-90DD-2591B064F9FF@proofpoint.com> <VI1PR01MB70533C10733D41443FD2A801C7109@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <a9fc90ba-7015-cf52-e433-6bf80ca26b0a@dcrocker.net>
In-Reply-To: <a9fc90ba-7015-cf52-e433-6bf80ca26b0a@dcrocker.net>
Accept-Language: en-IE, en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=wemonitoremail.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e3cd64b6-dc06-46b7-08d7-08da06ada441
x-ms-traffictypediagnostic: PA4PR01MB7262:EE_
x-microsoft-antispam-prvs: <PA4PR01MB726230A92C5E1A9C498A1116C7109@PA4PR01MB7262.eurprd01.prod.exchangelabs.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: P7+419mFhmAWntkfEMabF8BGg6IEKeGCX8OGww8IjFd2rE7NM6K8PgE7UprHyh6DytMD/h6C9skYukbv/LdAVdmXLTU5C3Icbi5Ojs8deb52kunKkaVt74MKwZuBGRrfdDMcX5+u5RzVi0tlfqv5W223JpVhghwXktJBNkq7uKv+VoMPes11Zqt9UO/zWXwBq3vbUU/ghhbQDdZbgRdWbKAlHJ6DlHcJD+WyneBTXVZmrhktqqk7evXTAI0MNhe/iEjsnIQC0lo+hZFA8kChDJLDmnPQf7DMj4e38dpryWk53SFRTI+svi9Hztu/DcXTf+Sp52Jzk18uRrHaK9JVsGrPyoNd1Rgg/Wkp/on61K9MrVIDJ4FRV6WUcICS/AubNPrN/4F3TKEC9cqUBXBi/j9WQxyivisICuG1ovvqPWr5FpfBEYX12yRlchWE70O9ClYsc+9r33YmBOq+xpIALmJt3gYPHLwf46gO5+/ZScMbWf66PX/cmi3ACuTi5vhXw6XrFNez83iQAWommhFYiZfEg1TIYY7puqsQ+L+ShKnJsmOYErGtJtkU+DMm7clt2KG/GmyRWRVht0SD6pII317NzWgFA2U3n+zcAoD9b2lTpZeNLR6XQXhFnkDVLQU+Bg2Wh61lUOy9EkgAnfT3qe1zoSwvrNSTM7XVxZl44P04sRiB2hK6tmKanLRUwkHDh7Nm1kxba/wzbx7PxLBYUg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR01MB7053.eurprd01.prod.exchangelabs.com; PTR:; CAT:NONE; SFS:(13230001)(396003)(39830400003)(346002)(366004)(376002)(136003)(6506007)(508600001)(38070700005)(9686003)(7696005)(64756008)(86362001)(8676002)(71200400001)(66946007)(66556008)(66476007)(66446008)(76116006)(110136005)(316002)(83380400001)(38100700002)(53546011)(186003)(26005)(52536014)(4326008)(122000001)(5660300002)(55016003)(8936002)(2906002)(33656002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: qS7MIcrRXYeZZTby3e7liJVq3EPi/MoIJWfp8l7JjZSQHa22VfwI/HAYz8AdQKwXZhXCXFQ2JGvUDG3HRsqiawEvDzhMefM2MYx4M7LhM+jFH94uooLIoqgpwFeLNX+IDo4Z4XobsOgG2YLm/5xpOYgh0hC4x7fCaduRTFPDw1vKsfcPmesmhVl9TXKaFwoTZIYcQcSa/PFeAQUpPvtqjJj9cl3LPbvajH/yo8+2exAuh0XZYG3heckK/kZ/MlZJprm0N5snOnTBRtUUI4p53HzVox82R6/DofNb5hJM89CkjZEjkp7ZGoVi7ZeJhY/BGh7KWDlWIk4WWU+DpDzEyt6Nk5yxL1yBqKmGU90wba+WDHC8h9ii6gmVnySpAxbzqPubI0WHiT1aOlHJZC1S31Yca0cmLiR2qewSNxtRILUp3a9RgXVU2xXmx68ceK1yVEMbqzhvlsW5nFrmkwiNE3GIfUQ+djR21cuXnmkrhbGAeHKSxUkW3I4L4LdCtLgo0R75XI6kcrqZLuRx76OcTA6E5BrHwC2HD96y0i33V7QILbqtNqyUPcXi+prszhvwK3/Xz0nWekU2iXExHQjZhsdiWQIv4d8rXLL/OBJC1/ij+cQWQ/nfaZtLXjWXupkku+sr3YT3SRtSL9G/2HM+fzCVN77lrMOGcOanaCmGXvg/TQXWeY8VCWnczYIiBX2JvblSIe9Qkd69WvpK7gqJMnBbkYE6Hz8pWGbuJopifkyyhogIrjb9kFxiimPu2jpWmwgqAxGptrD+ysIMeqnw2ZWETGxnLsp6OpNMVmngV5nACFu6lbNQF1DrC011ELKccl8riNuZ2tww0/SukThRdOKkEG5mKGceE2LRmzbsEP65Hxv5K6eSliT6RGR12POkXxlS6vMvSfwUaweEjNArkyLxcJITR2pJu2MKmGe7zWxDgESRM4lQYkvp6jgweTFZTxK/lNiY/rxhvBjlscmIVLGJloE/jxo9XHbIDuMOB+Zx/zQYJPxHf+AroVl8WWBzyR+TuNceqMGHm/JWW0hyHTgnbA6mO7NWT2ayUxUDlkfvOmI5IRkMNZcExpStrezc4qQd0cYCxgDg8CcJGVE01e8Pryh3IedJhdSwvTkUqmSoD5BO8CfQ/WrbTt4T//SpfKiyO7mOV2uqwK1c3uPmUx+eJRTY7sMFYbNcpR2UBmmBe4x/u12JVPXUcE9aHRpSSo3CCIR4cb4uoNnTT20u7dqOKJgLGmrasZxLcz2FAeQDMuRu13ub+PSmFOmTxhkKV1qNTiwlmEM5SlrSyX6MDzyaOTY24b1wTRP0mmhxTIz74THYm8EL6mhZIupnQhZMZ+aqUOg54BNUdoLduSg/O7n7kaTU+NuwtfqszOlCtRyA9tCZGhSEJOUqsdHMSpqAW1QDQ1f0bBs3NVe0pvTXipTA8fKhSro9M9Imwq/FbnYSgYYtg1K+lF/UL9NfmuJO
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: wemonitoremail.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR01MB7053.eurprd01.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e3cd64b6-dc06-46b7-08d7-08da06ada441
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Mar 2022 18:00:08.0399 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a2b1d6fe-fc8b-4b7c-b9f1-d7b1ab3d23b3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Y1Su5HQF5HdrfdO7t6bFhyFc9/YGR6SXBRFkBHT29Ad5bzM9uQs505oijXq773yH5ixjZti2vpdHSfhn3AfmFA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4PR01MB7262
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/ZZM6MMp3EToG46SEtDpvSw9cMg0>
Subject: Re: [Bimi] MUA Evaluation of BIMI
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2022 18:00:22 -0000

> -----Original Message-----
> From: Dave Crocker <dhc@dcrocker.net>
> Sent: Tuesday 15 March 2022 16:36
> To: Ken O'Driscoll <ken@wemonitoremail.com>; Trent Adams
> <tadams@proofpoint.com>; Brotman, Alex <Alex_Brotman@comcast.com>
> Cc: bimi@ietf.org
> Subject: Re: [Bimi] MUA Evaluation of BIMI
> 
[...snip...]
> 
> DKIM can work fine in an MUA-based validation.  Obviously there is
> nothing wrong with doing validation at the MTA/MDA level, but the
> architecture is, really, an end-to-end design, which means supportable
> in the recipient's MUA.  A DMARC that relies on DKIM rather than SPF
> also does.
> 
> So, not, it is not (necessarily) the wrong place for the operation.

Sure, DKIM can be implemented in an MUA, but the accuracy of the results is architecture dependent. For example, if the architecture modifies inbound messages after DKIM is verified (e.g., puts an "External message" warning in) then while the A-R header is correct, the MUA-level DKIM validation will give a different answer. The MUA may correctly validate DKIM but that does not fully inform the user of anything useful regarding message authentication.

So yes, it's possible but with too many caveats to be useful to recommend in general, or in a specification. 

I believe the same goes, to a lesser degree, for MUA-level ARC validation of A-Rs. For example, there still isn't a clear path to determine if a given ARC header set is to be trusted. So, an MUA would have to implement some external mechanism to achieve that. Or the MUA could just trust the upstream MTA, which negates the need for ARC signing A-R headers in the first place.

> As for the receiving MTA lying, turn the issue around:  how can the MUA
> know that the field came from that specific, well-behaved, thoroughly
> compliant MDA or MTA.
> 
> Broadly, how is the chain of trust established sufficiently for the MUA
> to know that the A-R header field is to be trusted?

I'm actually not sure that they should be programmatically trusted by an MUA because there isn't an established reliable low-cost mechanism to do so. By that I mean, for example, even if the ARC trust issue was solved tomorrow, I doubt that a mobile phone based MUA is going undertake the resource cost of reliability implementing ARC validation for each message.

MUA level trust in headers should be based on user/implementor awareness of its limitations and risks. A spec. can do that. A spec. could even say that a TLS connection between the MUA and MTA is required. If you want chain of trust at MUA level, then use a PKI-based solution.

I believe the goal should be to avoid as much as possible some future MTA-level implementation with the hypothetical "Always_show_BIMI_logo_regardless = true;" configuration option. I think that best way to work towards that goal is for the specification to clearly articulate the conditions, limitations, and considerations for implementing BIMI at MUA level.

Ken.

v2.23.0 | Report a Bug | By Email