Re: [Extra] Is this a plausible IMAP extension ?

Ned Freed <ned.freed@mrochek.com> Wed, 27 February 2019 17:35 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BF46131029 for <extra@ietfa.amsl.com>; Wed, 27 Feb 2019 09:35:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.208
X-Spam-Level:
X-Spam-Status: No, score=-1.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RDNS_NONE=0.793, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mrochek.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M1LivVoiwGJL for <extra@ietfa.amsl.com>; Wed, 27 Feb 2019 09:35:10 -0800 (PST)
Received: from mauve.mrochek.com (unknown [66.159.242.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27606130FE9 for <extra@ietf.org>; Wed, 27 Feb 2019 09:35:10 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01R3PE1J8A1S00OVQ8@mauve.mrochek.com> for extra@ietf.org; Wed, 27 Feb 2019 09:35:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mrochek.com; s=201712; t=1551288901; bh=yFRgfExc7N23cwRGkUZoJ8/WGu0rfqLecziW7LQZtIk=; h=Cc:Date:From:Subject:In-reply-to:References:To:From; b=bKBLyJMI6rfJMPW/w4oZoyck1cmoOJmXZ6Qoc6LmPePPS/Wa1CZq4ZaQoWlmGDEaz H3CvVt+A4K3HFM61Kp5d6JvVb6UK8fR+oUeFr3MbVrjiYRgqoB6JYBMzpEbZiAcL68 nuB0WWmls0D2ff3/2oHtefYvZTrDODFfvnAXrE3w=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: TEXT/PLAIN; CHARSET=us-ascii; Format=flowed
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01R3MU6TZ3HS00004L@mauve.mrochek.com>; Wed, 27 Feb 2019 06:45:20 -0800 (PST)
Cc: extra@ietf.org
Message-id: <01R3P846CX8A00004L@mauve.mrochek.com>
Date: Wed, 27 Feb 2019 06:32:27 -0800 (PST)
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Tue, 26 Feb 2019 22:06:36 -0500" <alpine.OSX.2.21.1902262150050.14048@ary.local>
References: <alpine.OSX.2.21.1902262150050.14048@ary.local>
To: "John R. Levine" <johnl@iecc.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/CxR1G7Sg_KpwgnhwPVFwiR0EI0E>
Subject: Re: [Extra] Is this a plausible IMAP extension ?
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 17:35:11 -0000

> There is this thing called BIMI that is being debated elsewhere in the
> IETF.  Leaving aside for the moment the issue of whether it's a good idea
> in the first place, it invents an IMAP feature that seems dodgy to me.

That's not all that's dodgy here.

> When an MTA that supports BIMI delivers a message into the mailstore, it
> adds a header that tells MUAs where to find a logo to show next to the
> message.  (Think of it as x-face for corporations.)  Since bad people
> could phish victims with their own header with a misleading image, BIMI
> invents a new IMAP flag that only the delivery MTA can set on messages
> where it has added a virtuous header.  An MUA can test it to decide
> whether to show the logo.  Other IMAP or POP clients can't set the flag,
> but it presumably stays with the message if it's moved from one folder to
> another.

First, this sounds to me like a layering violation (addition of message content
after delivery) trying to sneak it's way in by pretending to be some sort of
trace information. And since we have the ability to annotate messages, the
first question that needs to be asked is why this isn't being done in the
obvious way by simply annotating the message?

My guess is the answer to that is something along the lines of, "Mumble mumble
not all servers/clients support mumble mumble headers are cheap to fetch
mumble", but really, we're in the process of launching a major new protocol in
the client access space, and surely if there ever was a time to get the
facilities people need in place, it's now.

Second, the issue of who gets to set this information exists independent
of how the information is stored or how access control to that information
is implemented - although I do note that annotations have a rich set of
access control features ready to hand that could be brought to bear here.

And that model seems a bit bizarre to me. Why is the MTA necessarily the agent
with the definitive take on the right logo to attach? Does the MTA never ever
ever make mistakes in selecting a logo? Is the MTA invulnerable to attack? Does
the logo never change after the fact? 

These questions, and many others, need to be answered before we even start
to talk about how to implement this.

				Ned