Add local BIMI validation to show favicons for domains signing the logo using a Mark Certificate

Some minimal BIMI support was already added in https://github.com/lieser/dkim_verifier/issues/242. It relies on the MTA to write the BIMI result inside the Authentication-Results header.

However many mail providers do not yet support BIMI and won't write a BIMI result in the Authentication-Results header. For this it would be good if the add-on could do a local BIMI validation.

Note that we explicitly don't want to support self-asserted logos and will require the logo to be signed using a Mark Certificate (MC).
A longer explanation on why can be found in https://github.com/lieser/dkim_verifier/issues/417#issuecomment-1853049199, and an explanation of the different types in https://bimigroup.org/understanding-bimi-certificate-types/.

Some additional links:
- Website for BIMI: https://bimigroup.org/
  - https://bimigroup.org/supporting-documents/
  - https://bimigroup.org/vmc-issuers/
- Latest RFC draft of BIMI: https://datatracker.ietf.org/doc/draft-brand-indicators-for-message-identification/
- Latest RFC draft for *Fetch and Validation of Verified Mark Certificates*: https://datatracker.ietf.org/doc/html/draft-fetch-validation-vmc-wchuang

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add local BIMI validation to show favicons for domains signing the logo using a Mark Certificate #543

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Add local BIMI validation to show favicons for domains signing the logo using a Mark Certificate #543

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions