> > We decided to keep this because I read that some webmail clients are
> > planning to support BIMI without checking for certificates, or,
> > perhaps, also displaying a little lock icon in the corner of the
> > sender's BIMI-style logo image where certification is verified.
>
> This is exactly what I have in mind for my client, thanks for publishing your
> logo in an easily accessible and standard way :)
Excellent!
If you need me to send some test messages, please don't hesitate to
reach out -- I'll be happy to send a few, or a few dozen, as you
need, and from a few different domains so you can see what different
logos look like in an Inbox folder.
> Groetjes,
> Louis
>
>
> Op woensdag 10 januari 2024 om 21:58, schreef Randolf Richardson, Postmaster
> via
> mailop <[email protected]>:
>
> > We looked into it and publish our own default BIMI record even
> > though we didn't pay the enormous amount money required to one of two
> > Certificate Authorities.
> >
> > If anyone is curious to see what the record looks, use this command:
> >
> > dig txt default._bimi.inter-corporate.com
> >
> > The results should include:
> >
> > ;; ANSWER SECTION:
> > default._bimi.inter-corporate.com. 3600 IN TXT
> > "v=BIMI1; l=https://www.inter-corporate.com/images/logo60bimi-iccns.svg
> > [https://www.inter-corporate.com/images/logo60bimi-iccns.svg]; a=;"
> >
> > It basically just links to an SVG version of the logo from our main
> > web site (which is also in the same DNS zone).
> >
> > Note: The "a=" portion normally includes a URI to what's called the
> > "VMC/Assertion record" in the form of a typical .pem file. Ours is
> > blank because we don't have the needed file for this.
> >
> > We decided to keep this because I read that some webmail clients are
> > planning to support BIMI without checking for certificates, or,
> > perhaps, also displaying a little lock icon in the corner of the
> > sender's BIMI-style logo image where certification is verified.
> >
> > The BIMI Group provides an online checking tool that displays our
> > logo (just search for "inter-corporate.com" to see ours):
> >
> > BIMI LookUp & Generator :: Check compliance w/ BIMI standards
> > https://www.bimigroup.org/bimi-generator/
> > [https://www.bimigroup.org/bimi-generator/]
> >
> > Our logo is shown near the end of the report, and for ours there's
> > an indication that we comply, but there's also this warning:
> >
> > "Note: While your BIMI record is compliant, it doesn't include a
> > Verified Mark Certificate that may be required by some mailbox
> > providers."
> >
> > What's missing from BIMI in its current form? The option for mail
> > server oparators to use the same TLS certificates that we're already
> > using for our mail servers (and web servers, and FTP servers, etc.).
> >
> > It makes less sense to me to involve a different CA just for one
> > tiny little image because then that's more technology that has to be
> > administered, managed, troubleshooted, implemented, etc., and paid
> > for separately. For eMail systems that host mlutiple domains and
> > clients, BIMI is not an attractive option in its current state.
> >
> > If BIMI is to be taken as an open standard, then it needs to embrace
> > openness so that the TLS certificates issued by all CAs (including
> > commercial and free CAs {e.g., Let's Encrypt}) can contribute to BIMI
> > gaining wider adoption.
> >
> > The "must be a Registered Trademark" requirement is too expensive
> > for a lot of small businesses. A copyrighted logo is already
> > sufficient to provide legal protections in many scenarios (depending
> > on jurisdiction, etc.), so the bar is too high as it is -- DMCA
> > violation notices should be taken seriously regardless of whether the
> > intellectual property (such as an organization's logo) is protected
> > under copyright, servicemark, or trademark property mechanisms.
> >
> > Another problem with limiting the scope of intellectual property
> > protection to a Registered Trademark is that trademark applications
> > can also be rejected even though a logo is already copyrighted, and
> > the reasons can vary based on a variety of factors, including
> > different jurisdictional regulations, local and/or national laws that
> > limit free expression, cultural sensitivity policies, delays due to
> > fraudulent disputes submitted by intellectual property trolls, etc.
> >
> > Also: How does BIMI intend to resolve valid Registered Trademarks
> > from two different countires that look almost the same? Is there a
> > mechanism that will only allow BIMI logos to be displayed in cerrtain
> > countries where said Registered Trademark is protected? Will there
> > be enforcement to make sure all vendors adhere to implementing BIMI
> > correctly in this manner? Or, if a Registered Trademark is only
> > registered in one country, will vendors still be able to display it
> > in other countries? Or will the source be the determining factor (in
> > which case, what reliable solution does BIMI propose for a company
> > using service provider in some other country to deliver their eMail)?
> >
> > Keeping things simpler, open, and lowering the bar to be more
> > inclusive are, in my opinion, some of the more important factors in
> > BIMI's future success. Otherwise, it just looks like an attempt to
> > make money (which is how at least some people who've looked into it
> > seem to perceive it at present).
> >
> > (If BIMI doesn't lower the bar, then perhaps someone will be
> > motivated to create an alternative standard that is simpler, open,
> > and more inclusive.)
> >
> > > Hi mailops,
> > >
> > > I am new here because I want to collect some opinion.
> > >
> > > Many bigger mailers are blogging about BIMI.
> > > As far as I see its exclusively for brands.
> > > It has 2 big barriers for entry:
> > > - Expensive bespoke cert oids
> > > - Registered trademark logos
> > >
> > > As from my perspective of independent mailing between humans: I fear this
> > might be not just a carrot for doing DMARC, but also making independent
> > mailers less credible in the UX of mainstream mailer users.
> > >
> > > Do you have input on how non-marketing mailers deal with this?
> > > Because obviously its for brand-logos, as in marketing mails. Not for
> > > user 2
> > user.
> > > How will common platforms show user2user?
> > > Will they use platform logos? No logos?
> > >
> > > It seems infeasible to do the logo-ing per user.
> > >
> > > Can we influence the mailing world to use the standard differently?
> > > Like accepting BIMI logos only depending on valid bog standard cert and
> > DMARC, boycotting the moneygrab scheme?
> > >
> > > Its also may be yet another reader-engagement tracker. Why do those things
> > always have to be out of band.
> > >
> > > I wish y'all a happy new year and good mailing weathers!
> > >
> > > Olga
> > > _______________________________________________
> > > mailop mailing list
> > > [email protected] [[email protected]]
> > > https://list.mailop.org/listinfo/mailop
> > [https://list.mailop.org/listinfo/mailop]
> >
> > --
> > Postmaster - [email protected] [[email protected]]
> > Randolf Richardson, CNA - [email protected]
> > [[email protected]]
> > Inter-Corporate Computer & Network Services, Inc.
> > Vancouver, British Columbia, Canada
> > https://www.inter-corporate.com/ [https://www.inter-corporate.com/]
> >
> > _______________________________________________
> > mailop mailing list
> > [email protected] [[email protected]]
> > https://list.mailop.org/listinfo/mailop
> > [https://list.mailop.org/listinfo/mailop]
--
Postmaster - [email protected]
Randolf Richardson, CNA - [email protected]
Inter-Corporate Computer & Network Services, Inc.
Vancouver, British Columbia, Canada
https://www.inter-corporate.com/
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
