Re: [Extra] Is this a plausible IMAP extension ?

"Robert Mueller" <robm@fastmail.fm> Tue, 05 March 2019 03:14 UTC

Return-Path: <robm@fastmail.fm>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9571130EAA for <extra@ietfa.amsl.com>; Mon, 4 Mar 2019 19:14:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=ZaZNwZXr; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=CpJr+hpU
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bx3MlJT6J6vU for <extra@ietfa.amsl.com>; Mon, 4 Mar 2019 19:14:20 -0800 (PST)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5382127133 for <extra@ietf.org>; Mon, 4 Mar 2019 19:14:20 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id A9FD2379B for <extra@ietf.org>; Mon, 4 Mar 2019 22:14:19 -0500 (EST)
Received: from imap7 ([10.202.2.57]) by compute7.internal (MEProxy); Mon, 04 Mar 2019 22:14:19 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= message-id:in-reply-to:references:date:from:to:subject :content-type; s=fm2; bh=xtN/7gU0smJKHKzSnwvz7NJHAWs7uktxNQ4r9l6 94os=; b=ZaZNwZXr+ZrMdhEqVOOi8OmADMngK2WurCK7LEg/+eNC2rOOWvNTuDs a/xqnShoVriqH1wLEYOUSJ2QboGcuzqEiuexuxTr7ZcTt5gI3g/rGP3vm3U1AuoO h0oSvd5khZtku/l8nUhG6ZhVj4lght3/uE2h/KQpEyOg3hpoaIIb3k7zovnTLzOY rBwGkrMNivUUFOniLfCHjfSdZh7sbnJl3qPcKcOWn41RO1PGAK6JSVnyFcJqMIGO Tt4Vglv5bUe2zTdMIaQZ62ICkt8qbSSvv9Xp2T/NLf2FvKyHjjU9gMaslWHCMtNN xCr+b8BZAfARJRSXk8ZWtJ9AFA4Q+hA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:references:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=xtN/7gU0smJKHKzSn wvz7NJHAWs7uktxNQ4r9l694os=; b=CpJr+hpUruxcVa/4vZp7BHKXostxHPij1 SWigxjXL+Ets85tmjKzJWfyaSpXsPGbwSFsIT5HBeVZcTh/QngCJoZSo6EK6qZS8 Wp+38SvhenpoWV9PLB/G2XjT1G5uDstqK+3aR2mVkNzgE4Etttkn8wrlShZjrWtX /4gl6PFXNDqfo3WyVvVkkKF8EhhI1bPWyN9fswEHQLkGw0SiU53B7ky+7CQ6UXaz vowRNaO6Md4m8qxldv7EcZSha+FrnuPvzVbGmAnPvaGQ5kGN1rSNmTrVUVDRqAjp ZlgvzLN4QfZDPUDcB52d8b5QPZvi/oPUIEd88gj52JBYmV19/q2Gg==
X-ME-Sender: <xms:iul9XKci-mOfzqLJ6jXzMcM7enHl8PY0d83YUcVclz2t7HiszMJEKQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrfedvgdehjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfkfgjfhffhffvufgtsehttdertd erredtnecuhfhrohhmpedftfhosggvrhhtucfouhgvlhhlvghrfdcuoehrohgsmhesfhgr shhtmhgrihhlrdhfmheqnecuffhomhgrihhnpegvgigrmhhplhgvrdgtohhmpdhirghnrd hshhenucfrrghrrghmpehmrghilhhfrhhomheprhhosghmsehfrghsthhmrghilhdrfhhm necuvehluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:iul9XN6tI-7FEgSWm21mTPRQeufSQ62EsrEAjrGHvGo7X0me1akonA> <xmx:iul9XK28bz_UDxx2JNQTXIixqAx6_0vq2s1e0qKbkhbHk8MGSX1VVw> <xmx:iul9XADik2uVxprAfEIxDWpe59xLg33ZmAGJLBQaLYtPSnXf1MelQg> <xmx:i-l9XGBktFZJ0cbMq-1g7KV-txYH2A-6pA4BsZeN-WxH6G_7rX2n4w>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id CF5242032A; Mon, 4 Mar 2019 22:14:18 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.5-925-g644bf8c-fmstable-20190228v5
X-Me-Personality: 196
Message-Id: <068c924d-ac10-463c-a74b-a8e4973ec1a1@www.fastmail.com>
In-Reply-To: <alpine.OSX.2.21.1903030744250.13550@ary.local>
References: <01R3SIVTJAOS00004L@mauve.mrochek.com> <20190302153532.86AEF200F83ABF@ary.local> <01R3TJO31IL800004L@mauve.mrochek.com> <alpine.OSX.2.21.1903030744250.13550@ary.local>
Date: Mon, 04 Mar 2019 22:14:01 -0500
From: "Robert Mueller" <robm@fastmail.fm>
To: extra@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/qqN3Y21nImJgCAQPpOVgkvmyfzc>
Subject: Re: [Extra] Is this a plausible IMAP extension ?
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2019 03:14:23 -0000

> They're trying to invent third party validation services to attest that 
> logos A, B, and C can be used by domains X, Y, and Z, and then explain 
> why that will work better than EV certificates.

This seems to be a long term ongoing problem. Associating domains with real world entities so that systems or users can say "example.com is really associated with the company/brand XYZ corp that I know/trust in the real world".

This seems to require some sort of trusted authority/authorities to do the vetting process. On the surface, this doesn't seem a bad idea, but ends up with all sorts of problems. The real world is complex so you can end up with unexpected overlaps - https://stripe.ian.sh/ - which is I presume part of what caused EV certs to fall over.

(OT: is there any actual documentation anywhere on why all the browser makers appeared to move away from EV all at once significantly downplaying the UI?)

Is there any particular plan on how these third party validation services will work and avoid these sort of problems going forward? Is the idea just that they'll maintain a validated map of domain => logo(s), or will it be something more than that?

-- 
Rob Mueller
robm@fastmail.fm