Re: [Extra] Is this a plausible IMAP extension ?

"John Levine" <johnl@taugh.com> Sat, 02 March 2019 15:35 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB5B4130E30 for <extra@ietfa.amsl.com>; Sat, 2 Mar 2019 07:35:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=Z6MZmlmF; dkim=pass (1536-bit key) header.d=taugh.com header.b=IUd58a3C
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwSQVCMYQRPA for <extra@ietfa.amsl.com>; Sat, 2 Mar 2019 07:35:36 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6EB8F130E2B for <extra@ietf.org>; Sat, 2 Mar 2019 07:35:36 -0800 (PST)
Received: (qmail 46192 invoked from network); 2 Mar 2019 15:35:34 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=b46c.5c7aa2c6.k1903; bh=UmmNwMH/qP7ysotrUMgYDAUkSwfGWkwy5JzHz0ZyXDE=; b=Z6MZmlmFLWOtK6b4HuHB8gp3C99R9XfP6iI/ShNuxgW8PYpaIpXAPX9hGGNOHDZu00YnQcMCoCJAxmaA7twWq7NC6v9lTShrcmDF06/elGmv1EiWPqSg4m8kq8wb+aBWtk2GAQhbsj1sVWnsEGhTL/Tc+EKRmGnozT1YnRs1QTjDquVSY+hcXhpRqKKXua1scZm17rLUurLeuFst4+0UvXWuvdn7QgoedTy54rJ3V5TJdKzU6UAYcHdjp8DH9bei
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=b46c.5c7aa2c6.k1903; bh=UmmNwMH/qP7ysotrUMgYDAUkSwfGWkwy5JzHz0ZyXDE=; b=IUd58a3CFCGHX708lC+LrBNl4D0YByFgwDYP7mmebjAt9fFXQMsB6bIUXlTCn6bZFNYUosG3u+tWkUo5Som8t+hkt8syrlOHcjyhLnrftxo4/fdPHOvQGGjKgS8KYjEvnUZF/C4bgz4smgcl4NdGw9pVHD6kjpeeyx2LGDrC3bsu8H6rLL1APi5ISzoXYx3nq1EXJarw3oVYhWZCwyGuLR+E3BBF1tbS+wVzbH2fpHijGezW39NEMAeCynpLqdHq
Received: from ary.local ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 02 Mar 2019 15:35:33 -0000
Received: by ary.local (Postfix, from userid 501) id 86AEF200F83ABF; Sun, 3 Mar 2019 00:35:31 +0900 (JST)
Date: 3 Mar 2019 00:35:31 +0900
Message-Id: <20190302153532.86AEF200F83ABF@ary.local>
From: "John Levine" <johnl@taugh.com>
To: extra@ietf.org
Cc: ned.freed@mrochek.com
In-Reply-To: <01R3SIVTJAOS00004L@mauve.mrochek.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/tZRRpvj_NGpiklFGRuAQhaBHhUY>
Subject: Re: [Extra] Is this a plausible IMAP extension ?
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Mar 2019 15:35:39 -0000

In article <01R3SIVTJAOS00004L@mauve.mrochek.com> you write:
>The question is what value, if any, does that add. As I see it the big problem
>is that nothing prevents goggle.com from signing a pointer to Google's logo.
>Or a logo that looks very, very similar to Google's.
>
>Until and unless BIMI offers a solution to this problem, I'm afraid I see very
>little value here.

That's where we came in, the recipient MTA validates the logo, adds a
header pointing to the validated logo, and adds a magic IMAP flag to
say that it's done so.

I'm not saying that's a particularly good way to do it, but it's not
like they haven't thought about it.  There's also the mess of how in
the real world you determine whether the owner of a domain should be
using any particular logo.

R's,
John

PS: there's some urgency here since the big gorillas are showing
sender logos now and not doing a wonderful job of it.