Onion Information

Page Clicks: 0

First Seen: 03/11/2024

Last Indexed: 10/21/2024

Domain Index Total: 190

Everything about Brand Indicators for Message Identification ( BIMI ) feels so half-baked. Lukewarm take: BIMI should mandate DMARC with DKIM and just ignore SPF . It could also require supporting TLS 1.3+. After all, one of the stated goals of BIMI was to increase adoption of better email standards like DMARC . This could have entirely prevented recent spoofing issues . Putting the HTTPS URL of an SVG icon in a new DNS TXT record to associate a whole domain with a logo makes no sense. Several better standards exist for associating a user@domain with an image, allowing different logos for different emails at the same domain. Webfinger and Libravatar come to mind. Hell, even its special SVG Tiny Portable/Secure standard could be simplified further. usvg can convert nearly any SVG to a tiny subset of the SVG Tiny P/S standard while preserving their appearance. Of course, none of this is too relevant to the BIMI group. The real purpose of BIMI was always to give certificate authorities a new source of income after their losses from Let’s Encrypt’s (lack of) pricing, the rise of ACME-based automation, and browsers’ deprecation of EV features.