by teddyh on 9/29/2024, 7:57:31 PM
by irq-1 on 9/29/2024, 8:11:54 PM
Brand Indicators for Message Identification (BIMI)
by technion on 9/30/2024, 6:49:04 AM
I've read Google's announcement and I'm not sure why it's a Google announcement, the BIMI group published this change here:
https://bimigroup.org/announcing-common-mark-certificates/
But that document seems unfinished. It refers to there still being requirements to get a CMC, at at this time it tells you to go refer to a PDF where those requirements are documented. But that PDF is the old VMC documentation.
by ajonit on 9/30/2024, 12:31:01 PM
BIMI needs an LetsEncrypt equivalent of VMC to take-off. It's prohibitively expensive for small businesses.
by throwaway2016a on 9/30/2024, 3:13:59 PM
Perhaps I'm missing it but where do you actually buy and/or generate a CMC? I can't find any information on it.
Personally VCM is far too expensive for me at this time which is the only reason I haven't gotten one. But I certainly realize that putting a cost barrier to entry makes it less accessible to bad actors.
by Am4TIfIsER0ppos on 9/30/2024, 8:52:41 AM
Emojis are an abomination in email subjects and authors but now you want to deliberately add more colors and corporate branding. Fuck you google. Good thing I say as far away from the web interface as possible. Too bad thunderbird renders emojis in color.
So, where a VMC was equivalent to an EV X.509 certificate, CMC is basically a normal certificate. I guess nobody wanted to buy VMCs, just like with EVs. But the mere existence of CMCs now lowers the value of a BIMI logo; if almost anybody can get a CMC, the logo can not be trusted. Might as well use X-Face, which is free.
(BIMI is still a tracking pixel in every mail, BTW.)
Previously: <https://news.ycombinator.com/item?id=40873830>, <https://news.ycombinator.com/item?id=32717105>, <https://news.ycombinator.com/item?id=28196403>