Re: [Bimi] Today's BoF

Wei Chuang <weihaw@google.com> Wed, 03 April 2019 12:55 UTC

Return-Path: <weihaw@google.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFF92120327 for <bimi@ietfa.amsl.com>; Wed, 3 Apr 2019 05:55:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Level:
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wRcUSLhB6tXz for <bimi@ietfa.amsl.com>; Wed, 3 Apr 2019 05:55:00 -0700 (PDT)
Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2B5E1201DB for <bimi@ietf.org>; Wed, 3 Apr 2019 05:54:59 -0700 (PDT)
Received: by mail-ua1-x92f.google.com with SMTP id l22so1702292uao.8 for <bimi@ietf.org>; Wed, 03 Apr 2019 05:54:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qtzRmPRNffrjtdJ3p/veh5SgNa4Fk8edqs2NB+W16p8=; b=rFz9wkNoJCipZdWhNHDtVSiqlhezMLXw0viIP/4IBBR7hrcH6skuLEJ/awvZtSHHZJ gtJ+BTKHRHWYeMNSnG5VEYVNapNWqwv9xbaOiumarFsI+Kv/h7t/txgw5YLOWfQi+hrh 9H69iRgaUS1AqkPF6876WFPMS/PB6rw8xwLPJAJBADkgD4OGlhMXZSz+stVOuwAim/kY Xw2zAV1x1nI1MSQoTAJNifJR6UqMidRKD9Hsg1duh4KXhDb6egr22J2Hr5y0hCH4YySW AzBRrPUCCo7ljAC9wn+nb1Scnez3xRw/5vBBo+n9vSSq1c7dNbUqeoAC5R+QRAkKe7M2 czmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qtzRmPRNffrjtdJ3p/veh5SgNa4Fk8edqs2NB+W16p8=; b=rEq1JUvZBpjCCLWgTV2KYJscyB91APFKgVv4VSVWYSRgOIVaoWpJ0tLAjPcqFvdThA ggeFvd6ZLlM01e5n9VXPJqInLEBHmEpoET9Scw5UZNvQbvlUw2vxQ2KwwugZok4ot/1H Jj2xRs5+gT+h0RygIfo2sla+PuI70z0OgIYPjcJNslxghh+mvMYhzTPsySMeOO8JM6+X BUfDodFfQ407JPSfDyzQM9TPQLeL47evh90Y0/1ZnK4t82VjBJ65rO7o6h0f04neVHj0 AUXjM3QlydeTajjCGFd4cI4h9lMjxvtK7HTWmsTrsq4xJVrrP7mJnH+FzZ3bL9v7ok8B M2Xw==
X-Gm-Message-State: APjAAAVdALZFUf/b7YrpjWJd7MNEmp8nj1y0GSdn/ZGBWeAEudOB9Cz9 01BGhtP9W1toesdhVMEix+lfrq+lvzSkyZoet0QvRBBi5BIDoA==
X-Google-Smtp-Source: APXvYqxlyiSIpYlZNss4Q43FvHYSoeY/ycK+v/Lg2pVSRaQ147Q6k0NMwQTfBHD9T6xZvplMEU64S8P0nSL+wamAK6M=
X-Received: by 2002:a9f:3fce:: with SMTP id m14mr43997165uaj.96.1554296098088; Wed, 03 Apr 2019 05:54:58 -0700 (PDT)
MIME-Version: 1.0
References: <309EBD4AD64BE436663E721D@PSB> <CAAFsWK3uhFfeEt34wRJRQen1YVK4uNo=nxJoaGc4m84Y1J+ctQ@mail.gmail.com> <f4544345-bf26-a6fa-8697-e3b9e2ed8a51@dcrocker.net> <CAAFsWK1oQJzCG2HrwJDQVBp+cyaDCwMXpN51bZRcxb0Km9XTXQ@mail.gmail.com> <094f20b3-1c4f-b5e7-76f8-d683a4b3d991@dcrocker.net>
In-Reply-To: <094f20b3-1c4f-b5e7-76f8-d683a4b3d991@dcrocker.net>
From: Wei Chuang <weihaw@google.com>
Date: Wed, 03 Apr 2019 05:54:40 -0700
Message-ID: <CAAFsWK1Mu5yD7uLVU=wv6pE12WCeweAz4ssebgwT_QQ0sqHqyQ@mail.gmail.com>
To: Dave Crocker <dcrocker@bbiw.net>
Cc: bimi@ietf.org
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000dbd00105859fc2f7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/nJw75BJ3tC0ToPCb2tou0wm8UfM>
Subject: Re: [Bimi] Today's BoF
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2019 12:55:04 -0000

*From: *Dave Crocker <dhc@dcrocker.net>
*Date: *Tue, Apr 2, 2019 at 8:09 AM
*To: *Wei Chuang
*Cc: * <bimi@ietf.org>

On 4/1/2019 9:44 AM, Wei Chuang wrote:
> >     And any effort to use 'validated' logos at scale has no history,
> where
> >     the challenges in doing that have been well- and often-cited.
> >
> >
> > Agreed these are significant risks.  What's done to mitigate this is to
> > map this on to the existing registered trademark system, and leverage
> > those precedents.
>
>
> Wei,
>
> I'll cite the anecdote I keep telling, about an interaction on a
> pre-ICANN committee, where the WIPO representative -- an attorney, of
> course(*) -- said that there were discussions underway for resolving
> international issues regarding trademark.  This would have made Internet
> domain name disputes much, much simpler.
>
> Then he acknowledged that the discussions had been underway for 100
> years, with no immediate resolution in sight.  That was 20 years ago and
> I haven't heard that they have yet produced a solution.
>
> So forgive me, but I believe that "the existing registered trademark
> system" does not handle the kind of problem created by Bimi.  Not even
> close.  To the extent that you believe it will -- and will do it at
> scale -- there needs to be very careful documentation of how that will
> work at a systems level.
>
> More broadly, and while it's a non-trivial amount of work, I'm finding
> myself forced to suggest that Bimi advocates produce a life-cycle
> scenario document, that shows all aspects of administration and use of
> Bimi, including problem handling, from first actions to last.
>

There's some documentation of those considerations for VMC in its security
perspective draft.  Section 2.5 in particular has thoughts about registered
trademarks and jurisdiction consideration, and 2.7 suggests when not to
display a logo:
https://tools.ietf.org/html/draft-chuang-ietf-bimi-security-perspectives-00#section-2.5
You can see validation details from the perspective of the CA/MVA in the
VMC Guidelines document in Section 3:
https://docs.google.com/document/d/10IzxkdrveDazBAvTvOUa9uCIDBwMkdmluwHEcbja42w/edit?usp=sharing

But I agree we should do more to spell out a life cycle flow perhaps as an
extension to the perspectives draft.

-Wei


>
> This will permit people to evaluate Bimi holistically.
>
>
> d/
>
>
> (*) It's probably worth offering some contrast about his participation:
> He was also the person on the committee that proposed the model for
> dispute resolution (UDRP) that ICANN adopted and still uses.
>
> --
> Dave Crocker
> Brandenburg InternetWorking
> bbiw.net
>