Re: [Extra] Is this a plausible IMAP extension ?

Ned Freed <ned.freed@mrochek.com> Fri, 01 March 2019 23:31 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A94C130F90 for <extra@ietfa.amsl.com>; Fri, 1 Mar 2019 15:31:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mrochek.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Iv-U8CV8ncFC for <extra@ietfa.amsl.com>; Fri, 1 Mar 2019 15:31:26 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.218.59.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA83D130F89 for <extra@ietf.org>; Fri, 1 Mar 2019 15:31:26 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01R3SIVV553400RGHE@mauve.mrochek.com> for extra@ietf.org; Fri, 1 Mar 2019 15:26:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mrochek.com; s=201712; t=1551482782; bh=/pbqPlaYArHh0kdSMor/bgoaU3WWER8SfTgUx2lKIxE=; h=Cc:Date:From:Subject:In-reply-to:References:To:From; b=IWN7irJsrIW5Xa4YLbYSc2052wSrVaDOg/2dkAP9qzzOvuLjkHhTHIwShYYgPD5ul J1jL0jGIVy0ImM8cuOlgz0tHdCVJrcd/9QFk98S3bYENW/6bOgi74oAMJ/SPBjuqw3 gcY+s31K1tnqqk0ub2HNulemHnlQa6ZUuHoFMvFQ=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: TEXT/PLAIN; CHARSET=us-ascii
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01R3MU6TZ3HS00004L@mauve.mrochek.com>; Fri, 1 Mar 2019 15:26:20 -0800 (PST)
Cc: extra@ietf.org
Message-id: <01R3SIVTJAOS00004L@mauve.mrochek.com>
Date: Fri, 01 Mar 2019 15:03:38 -0800 (PST)
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Fri, 01 Mar 2019 14:48:55 -0800" <42ad5ccd33370657@orthanc.ca>
References: <alpine.OSX.2.21.1902262150050.14048@ary.local> <af25a165-ff24-41d4-810e-b00adf2092d5@beta.fastmail.com> <01R3P86JVOOM00004L@mauve.mrochek.com> <a05121fb-a105-458a-bd69-9d6c289860b2@www.fastmail.com> <20190228015702.5B252200F6CDEE@ary.local> <8ce7f4bf-805d-4fbe-8854-5381a4346b2a@gulbrandsen.priv.no> <20190228161213.D1442200F6FF92@ary.local> <01fd8d9e-fe47-453a-b4e0-f0a9d68ce43b@gulbrandsen.priv.no> <20190228211123.08E97200F73515@ary.local> <y1shk7tgwkXXGKyb6JpQGl3wBrXJSY0lcI9p8S10+Ws=.sha-256@antelope.email> <20190301001549.034DA200F759FD@ary.local> <AKMk6mFEu9kvnOxeceBB+vNAqqDJDq2Ha2enPbOCdtQ=.sha-256@antelope.email> <42ad5ccd33370657@orthanc.ca>
To: Lyndon Nerenberg <lyndon@orthanc.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/N-Z6vqkeokZvqVumpBIkw_ENv8E>
Subject: Re: [Extra] Is this a plausible IMAP extension ?
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2019 23:31:28 -0000

> Arnt Gulbrandsen writes:
> > So why not let the sender supply the logo by marking a body part, and
> > then specifying when and whether to use it? Why must the logo be
> > marked/inserted/supplied after the DKIM signature?

> How is this not just X-Logo, ala X-Face?  Neither are
> trustworthy in any sense, so why bother pretending?

It's different in that the logo, or reference to the logo, is covered by  the
message's DKIM signature. Which combined with DMARC tells you that the logo
displayed is bound to the From: domain.

The question is what value, if any, does that add. As I see it the big problem
is that nothing prevents goggle.com from signing a pointer to Google's logo.
Or a logo that looks very, very similar to Google's.

Until and unless BIMI offers a solution to this problem, I'm afraid I see very
little value here.

				Ned