npub1gk…utj70 on Nostr: I told you I wasn't done with BIMI yet. Part of the BIMI spec is that the SVG logos ...
I told you I wasn't done with BIMI yet. Part of the BIMI spec is that the SVG logos have to be compliant with a Relax NG schema that defines a secure subset of SVG. This does not look like a bad idea. You can easily validate SVGs against this profile with existing XML tools. Yet... if you don't do it, it doesn't help. I noticed that many BIMI certificates contained non-compliant SVGs
https://mailarchive.ietf.org/arch/msg/bimi/xzYRH72V2HE9xeUfXK_zUgYSI7k/Published at
2024-05-26 09:32:11Event JSON
{
"id": "900123fd56b905eb533a2249ebb184a9a8b5123a49a4ef1d590ad1cc16952081",
"pubkey": "45be03643b1b47c02f8c4bf8932009f10ffaead3770fb1a9a559f2155450723b",
"created_at": 1716715931,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/hanno/statuses/112506695288075050",
"activitypub"
]
],
"content": "I told you I wasn't done with BIMI yet. Part of the BIMI spec is that the SVG logos have to be compliant with a Relax NG schema that defines a secure subset of SVG. This does not look like a bad idea. You can easily validate SVGs against this profile with existing XML tools. Yet... if you don't do it, it doesn't help. I noticed that many BIMI certificates contained non-compliant SVGs https://mailarchive.ietf.org/arch/msg/bimi/xzYRH72V2HE9xeUfXK_zUgYSI7k/",
"sig": "4f3c4b19a60a46242a694085efdf54a221832520ac10ee41365f06aa5bb9714ebead1eed4de391b2ef58154848de387b1187d567786e2676847a47c5be83cf6c"
}
