doc: add IMAP RFCs
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
This commit is contained in:
parent
efc4df1bd7
commit
5ecd557dfb
6
docs/rfcs/README.md
Normal file
6
docs/rfcs/README.md
Normal file
@ -0,0 +1,6 @@
|
||||
|
||||
All RFCs related to IMAP.
|
||||
|
||||
TODO:
|
||||
- rename the files to know what they are talking about.
|
||||
- Add a brief introduction here to introduce the most important RFCs.
|
339
docs/rfcs/rfc1731.txt
Normal file
339
docs/rfcs/rfc1731.txt
Normal file
@ -0,0 +1,339 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group J. Myers
|
||||
Request for Comments: 1731 Carnegie Mellon
|
||||
Category: Standards Track December 1994
|
||||
|
||||
|
||||
IMAP4 Authentication Mechanisms
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
|
||||
1. Introduction
|
||||
|
||||
The Internet Message Access Protocol, Version 4 [IMAP4] contains the
|
||||
AUTHENTICATE command, for identifying and authenticating a user to an
|
||||
IMAP4 server and for optionally negotiating a protection mechanism
|
||||
for subsequent protocol interactions. This document describes
|
||||
several authentication mechanisms for use by the IMAP4 AUTHENTICATE
|
||||
command.
|
||||
|
||||
|
||||
2. Kerberos version 4 authentication mechanism
|
||||
|
||||
The authentication type associated with Kerberos version 4 is
|
||||
"KERBEROS_V4".
|
||||
|
||||
The data encoded in the first ready response contains a random 32-bit
|
||||
number in network byte order. The client should respond with a
|
||||
Kerberos ticket and an authenticator for the principal
|
||||
"imap.hostname@realm", where "hostname" is the first component of the
|
||||
host name of the server with all letters in lower case and where
|
||||
"realm" is the Kerberos realm of the server. The encrypted checksum
|
||||
field included within the Kerberos authenticator should contain the
|
||||
server provided 32-bit number in network byte order.
|
||||
|
||||
Upon decrypting and verifying the ticket and authenticator, the
|
||||
server should verify that the contained checksum field equals the
|
||||
original server provided random 32-bit number. Should the
|
||||
verification be successful, the server must add one to the checksum
|
||||
and construct 8 octets of data, with the first four octets containing
|
||||
the incremented checksum in network byte order, the fifth octet
|
||||
containing a bit-mask specifying the protection mechanisms supported
|
||||
by the server, and the sixth through eighth octets containing, in
|
||||
|
||||
|
||||
|
||||
Myers [Page 1]
|
||||
|
||||
RFC 1731 IMAP4 Authentication Mechanisms December 1994
|
||||
|
||||
|
||||
network byte order, the maximum cipher-text buffer size the server is
|
||||
able to receive. The server must encrypt the 8 octets of data in the
|
||||
session key and issue that encrypted data in a second ready response.
|
||||
The client should consider the server authenticated if the first four
|
||||
octets the un-encrypted data is equal to one plus the checksum it
|
||||
previously sent.
|
||||
|
||||
The client must construct data with the first four octets containing
|
||||
the original server-issued checksum in network byte order, the fifth
|
||||
octet containing the bit-mask specifying the selected protection
|
||||
mechanism, the sixth through eighth octets containing in network byte
|
||||
order the maximum cipher-text buffer size the client is able to
|
||||
receive, and the following octets containing a user name string. The
|
||||
client must then append from one to eight octets so that the length
|
||||
of the data is a multiple of eight octets. The client must then PCBC
|
||||
encrypt the data with the session key and respond to the second ready
|
||||
response with the encrypted data. The server decrypts the data and
|
||||
verifies the contained checksum. The username field identifies the
|
||||
user for whom subsequent IMAP operations are to be performed; the
|
||||
server must verify that the principal identified in the Kerberos
|
||||
ticket is authorized to connect as that user. After these
|
||||
verifications, the authentication process is complete.
|
||||
|
||||
The protection mechanisms and their corresponding bit-masks are as
|
||||
follows:
|
||||
|
||||
1 No protection mechanism
|
||||
2 Integrity (krb_mk_safe) protection
|
||||
4 Privacy (krb_mk_priv) protection
|
||||
|
||||
|
||||
EXAMPLE: The following are two Kerberos version 4 login scenarios
|
||||
(note that the line breaks in the sample authenticators are for
|
||||
editorial clarity and are not in real authenticators)
|
||||
|
||||
S: * OK IMAP4 Server
|
||||
C: A001 AUTHENTICATE KERBEROS_V4
|
||||
S: + AmFYig==
|
||||
C: BAcAQU5EUkVXLkNNVS5FRFUAOCAsho84kLN3/IJmrMG+25a4DT
|
||||
+nZImJjnTNHJUtxAA+o0KPKfHEcAFs9a3CL5Oebe/ydHJUwYFd
|
||||
WwuQ1MWiy6IesKvjL5rL9WjXUb9MwT9bpObYLGOKi1Qh
|
||||
S: + or//EoAADZI=
|
||||
C: DiAF5A4gA+oOIALuBkAAmw==
|
||||
S: A001 OK Kerberos V4 authentication successful
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers [Page 2]
|
||||
|
||||
RFC 1731 IMAP4 Authentication Mechanisms December 1994
|
||||
|
||||
|
||||
S: * OK IMAP4 Server
|
||||
C: A001 AUTHENTICATE KERBEROS_V4
|
||||
S: + gcfgCA==
|
||||
C: BAcAQU5EUkVXLkNNVS5FRFUAOCAsho84kLN3/IJmrMG+25a4DT
|
||||
+nZImJjnTNHJUtxAA+o0KPKfHEcAFs9a3CL5Oebe/ydHJUwYFd
|
||||
WwuQ1MWiy6IesKvjL5rL9WjXUb9MwT9bpObYLGOKi1Qh
|
||||
S: A001 NO Kerberos V4 authentication failed
|
||||
|
||||
|
||||
3. GSSAPI authentication mechanism
|
||||
|
||||
The authentication type associated with all mechanisms employing the
|
||||
GSSAPI [RFC1508] is "GSSAPI".
|
||||
|
||||
The first ready response issued by the server contains no data. The
|
||||
client should call GSS_Init_sec_context, passing in 0 for
|
||||
input_context_handle (initially) and a targ_name equal to output_name
|
||||
from GSS_Import_Name called with input_name_type of NULL and
|
||||
input_name_string of "SERVICE:imap@hostname" where "hostname" is the
|
||||
fully qualified host name of the server with all letters in lower
|
||||
case. The client must then respond with the resulting output_token.
|
||||
If GSS_Init_sec_context returns GSS_CONTINUE_NEEDED, then the client
|
||||
should expect the server to issue a token in a subsequent ready
|
||||
response. The client must pass the token to another call to
|
||||
GSS_Init_sec_context.
|
||||
|
||||
If GSS_Init_sec_context returns GSS_COMPLETE, then the client should
|
||||
respond with any resulting output_token. If there is no
|
||||
output_token, the client should respond with no data. The client
|
||||
should then expect the server to issue a token in a subsequent ready
|
||||
response. The client should pass this token to GSS_Unseal and
|
||||
interpret the first octet of resulting cleartext as a bit-mask
|
||||
specifying the protection mechanisms supported by the server and the
|
||||
second through fourth octets as the maximum size output_message to
|
||||
send to the server. The client should construct data, with the first
|
||||
octet containing the bit-mask specifying the selected protection
|
||||
mechanism, the second through fourth octets containing in network
|
||||
byte order the maximum size output_message the client is able to
|
||||
receive, and the remaining octets containing a user name string. The
|
||||
client must pass the data to GSS_Seal with conf_flag set to FALSE,
|
||||
and respond with the generated output_message. The client can then
|
||||
consider the server authenticated.
|
||||
|
||||
The server must issue a ready response with no data and pass the
|
||||
resulting client supplied token to GSS_Accept_sec_context as
|
||||
input_token, setting acceptor_cred_handle to NULL (for "use default
|
||||
credentials"), and 0 for input_context_handle (initially). If
|
||||
GSS_Accept_sec_context returns GSS_CONTINUE_NEEDED, the server should
|
||||
|
||||
|
||||
|
||||
Myers [Page 3]
|
||||
|
||||
RFC 1731 IMAP4 Authentication Mechanisms December 1994
|
||||
|
||||
|
||||
return the generated output_token to the client in a ready response
|
||||
and pass the resulting client supplied token to another call to
|
||||
GSS_Accept_sec_context.
|
||||
|
||||
If GSS_Accept_sec_context returns GSS_COMPLETE, then if an
|
||||
output_token is returned, the server should return it to the client
|
||||
in a ready response and expect a reply from the client with no data.
|
||||
Whether or not an output_token was returned, the server then should
|
||||
then construct 4 octets of data, with the first octet containing a
|
||||
bit-mask specifying the protection mechanisms supported by the server
|
||||
and the second through fourth octets containing in network byte order
|
||||
the maximum size output_token the server is able to receive. The
|
||||
server must then pass the plaintext to GSS_Seal with conf_flag set to
|
||||
FALSE and issue the generated output_message to the client in a ready
|
||||
response. The server must then pass the resulting client supplied
|
||||
token to GSS_Unseal and interpret the first octet of resulting
|
||||
cleartext as the bit-mask for the selected protection mechanism, the
|
||||
second through fourth octets as the maximum size output_message to
|
||||
send to the client, and the remaining octets as the user name. Upon
|
||||
verifying the src_name is authorized to authenticate as the user
|
||||
name, The server should then consider the client authenticated.
|
||||
|
||||
The protection mechanisms and their corresponding bit-masks are as
|
||||
follows:
|
||||
|
||||
1 No protection mechanism
|
||||
2 Integrity protection.
|
||||
Sender calls GSS_Seal with conf_flag set to FALSE
|
||||
4 Privacy protection.
|
||||
Sender calls GSS_Seal with conf_flag set to TRUE
|
||||
|
||||
|
||||
4. S/Key authentication mechanism
|
||||
|
||||
The authentication type associated with S/Key [SKEY] is "SKEY".
|
||||
|
||||
The first ready response issued by the server contains no data. The
|
||||
client responds with the user name string.
|
||||
|
||||
The data encoded in the second ready response contains the decimal
|
||||
sequence number followed by a single space and the seed string for
|
||||
the indicated user. The client responds with the one-time-password,
|
||||
as either a 64-bit value in network byte order or encoded in the "six
|
||||
English words" format.
|
||||
|
||||
Upon successful verification of the one-time-password, the server
|
||||
should consider the client authenticated.
|
||||
|
||||
|
||||
|
||||
|
||||
Myers [Page 4]
|
||||
|
||||
RFC 1731 IMAP4 Authentication Mechanisms December 1994
|
||||
|
||||
|
||||
S/Key authentication does not provide for any protection mechanisms.
|
||||
|
||||
|
||||
EXAMPLE: The following are two S/Key login scenarios.
|
||||
|
||||
S: * OK IMAP4 Server
|
||||
C: A001 AUTHENTICATE SKEY
|
||||
S: +
|
||||
C: bW9yZ2Fu
|
||||
S: + OTUgUWE1ODMwOA==
|
||||
C: Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
|
||||
S: A001 OK S/Key authentication successful
|
||||
|
||||
|
||||
S: * OK IMAP4 Server
|
||||
C: A001 AUTHENTICATE SKEY
|
||||
S: +
|
||||
C: c21pdGg=
|
||||
S: + OTUgUWE1ODMwOA==
|
||||
C: BsAY3g4gBNo=
|
||||
S: A001 NO S/Key authentication failed
|
||||
|
||||
|
||||
5. References
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4",
|
||||
RFC 1730, University of Washington, December 1994.
|
||||
|
||||
[RFC1508] Linn, J., "Generic Security Service Application Program
|
||||
Interface", RFC 1508, Geer Zolot Associates, September 1993.
|
||||
|
||||
[SKEY] Haller, Neil M. "The S/Key One-Time Password System",
|
||||
Bellcore, Morristown, New Jersey, October 1993,
|
||||
thumper.bellcore.com:pub/nmh/docs/ISOC.symp.ps
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers [Page 5]
|
||||
|
||||
RFC 1731 IMAP4 Authentication Mechanisms December 1994
|
||||
|
||||
|
||||
6. Security Considerations
|
||||
|
||||
Security issues are discussed throughout this memo.
|
||||
|
||||
|
||||
7. Author's Address
|
||||
|
||||
John G. Myers
|
||||
Carnegie-Mellon University
|
||||
5000 Forbes Ave.
|
||||
Pittsburgh PA, 15213-3890
|
||||
|
||||
EMail: jgm+@cmu.edu
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers [Page 6]
|
||||
|
283
docs/rfcs/rfc1732.txt
Normal file
283
docs/rfcs/rfc1732.txt
Normal file
@ -0,0 +1,283 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Crispin
|
||||
Request for Comments: 1732 University of Washington
|
||||
Category: Informational December 1994
|
||||
|
||||
|
||||
IMAP4 COMPATIBILITY WITH IMAP2 AND IMAP2BIS
|
||||
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This memo provides information for the Internet community. This memo
|
||||
does not specify an Internet standard of any kind. Distribution of
|
||||
this memo is unlimited.
|
||||
|
||||
Introduction
|
||||
|
||||
This is a summary of hints and recommendations to enable an IMAP4
|
||||
implementation to interoperate with implementations that conform to
|
||||
earlier specifications. None of these hints and recommendations are
|
||||
required by the IMAP4 specification; implementors must decide for
|
||||
themselves whether they want their implementation to fail if it
|
||||
encounters old software.
|
||||
|
||||
IMAP4 has been designed to be upwards compatible with earlier
|
||||
specifications. For the most part, IMAP4 facilities that were not in
|
||||
earlier specifications should be invisible to clients unless the
|
||||
client asks for the facility.
|
||||
|
||||
In some cases, older servers may support some of the capabilities
|
||||
listed as being "new in IMAP4" as experimental extensions to the
|
||||
IMAP2 protocol described in RFC 1176.
|
||||
|
||||
This information may not be complete; it reflects current knowledge
|
||||
of server and client implementations as well as "folklore" acquired
|
||||
in the evolution of the protocol.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin [Page 1]
|
||||
|
||||
RFC 1732 IMAP4 - Compatibility December 1994
|
||||
|
||||
|
||||
IMAP4 client interoperability with old servers
|
||||
|
||||
In general, a client should be able to discover whether an IMAP2
|
||||
server supports a facility by trial-and-error; if an attempt to use a
|
||||
facility generates a BAD response, the client can assume that the
|
||||
server does not support the facility.
|
||||
|
||||
A quick way to check whether a server implementation supports the
|
||||
IMAP4 specification is to try the CAPABILITY command. An OK response
|
||||
that includes the IMAP4 capability value indicates a server that
|
||||
supports IMAP4; a BAD response or one without the IMAP4 capability
|
||||
value indicates an older server.
|
||||
|
||||
The following is a list of facilities that are only in IMAP4, and
|
||||
suggestions for how new clients might interoperate with old servers:
|
||||
|
||||
CAPABILITY command
|
||||
A BAD response to this command indicates that the server
|
||||
implements IMAP2 (or IMAP2bis) and not IMAP4.
|
||||
|
||||
AUTHENTICATE command.
|
||||
Use the LOGIN command.
|
||||
|
||||
LSUB and LIST commands
|
||||
Try the RFC 1176 FIND command.
|
||||
|
||||
* in a sequence
|
||||
Use the number of messages in the mailbox from the EXISTS
|
||||
unsolicited response.
|
||||
|
||||
SEARCH extensions (character set, additional criteria)
|
||||
Reformulate the search request using only the searching
|
||||
options listed in search_old in the IMAP4 grammar. This may
|
||||
entail doing multiple searches to achieve the desired
|
||||
results.
|
||||
|
||||
BODYSTRUCTURE fetch data item
|
||||
Try to fetch the non-extensible BODY data item.
|
||||
|
||||
body section number 0
|
||||
Fetch the entire message and extract the header.
|
||||
|
||||
RFC822.HEADER.LINES and RFC822.HEADER.LINES.NOT fetch data items
|
||||
Use RFC822.HEADER and remove the unwanted information.
|
||||
|
||||
BODY.PEEK[section], RFC822.PEEK, and RFC822.TEXT.PEEK fetch data
|
||||
items Use the corresponding non-PEEK versions and manually
|
||||
clear the \Seen flag as necessary.
|
||||
|
||||
|
||||
|
||||
Crispin [Page 2]
|
||||
|
||||
RFC 1732 IMAP4 - Compatibility December 1994
|
||||
|
||||
|
||||
UID fetch data item and the UID commands
|
||||
No equivalent capabilitity exists in older servers.
|
||||
|
||||
FLAGS.SILENT, +FLAGS.SILENT, and -FLAGS.SILENT store data items
|
||||
Use the corresponding non-SILENT versions and ignore the
|
||||
untagged FETCH responses which com eback.
|
||||
|
||||
|
||||
The following IMAP4 facilities were introduced in the experimental
|
||||
IMAP2bis revisions to RFC-1176, and may be present in a server that
|
||||
does not support the CAPABILITY command:
|
||||
|
||||
CREATE, DELETE, and RENAME commands
|
||||
To test whether these commands are present, try a CREATE
|
||||
INBOX command. If the response is NO, these commands are
|
||||
supported by the server. If the response is BAD, they are
|
||||
not. Older servers without the CREATE capability may sup-
|
||||
port implicit creation of a mailbox by a COPY command with a
|
||||
non-existant name as the destination.
|
||||
|
||||
APPEND command
|
||||
To test whether this command is present, try to append a
|
||||
zero-length stream to a mailbox name that is known not to
|
||||
exist (or at least, highly unlikely to exist) on the remote
|
||||
system.
|
||||
|
||||
SUBSCRIBE and UNSUBSCRIBE commands
|
||||
Try the form of these commands with the optional MAILBOX
|
||||
keyword.
|
||||
|
||||
EXAMINE command
|
||||
Use the SELECT command instead.
|
||||
|
||||
flags and internal date argument to APPEND command
|
||||
Try the APPEND without any flag list and internal date argu-
|
||||
ments.
|
||||
|
||||
BODY, BODY[section], and FULL fetch data items
|
||||
Use RFC822.TEXT and ALL instead. Server does not support
|
||||
MIME.
|
||||
|
||||
PARTIAL command
|
||||
Use the appropriate FETCH command and ignore the unwanted
|
||||
data.
|
||||
|
||||
|
||||
IMAP4 client implementations must accept all responses and data for-
|
||||
mats documented in the IMAP4 specification, including those labeled
|
||||
|
||||
|
||||
|
||||
Crispin [Page 3]
|
||||
|
||||
RFC 1732 IMAP4 - Compatibility December 1994
|
||||
|
||||
|
||||
as obsolete. This includes the COPY and STORE unsolicited responses
|
||||
and the old format of dates and times. In particular, client imple-
|
||||
mentations must not treat a date/time as a fixed format string; nor
|
||||
may they assume that the time begins at a particular octet.
|
||||
|
||||
IMAP4 client implementations must not depend upon the presence of any
|
||||
server extensions that are not in the base IMAP4 specification.
|
||||
|
||||
The experimental IMAP2bis version specified that the TRYCREATE spe-
|
||||
cial information token is sent as a separate unsolicited OK response
|
||||
instead of inside the NO response.
|
||||
|
||||
The FIND BBOARDS, FIND ALL.BBOARDS, and BBOARD commands of RFC 1176
|
||||
are removed from IMAP4. There is no equivalent to the bboard com-
|
||||
mands, which provided a separate namespace with implicit restrictions
|
||||
on what may be done in that namespace.
|
||||
|
||||
Older server implementations may automatically create the destination
|
||||
mailbox on COPY if that mailbox does not already exist. This was how
|
||||
a new mailbox was created in older specifications. If the server
|
||||
does not support the CREATE command (see above for how to test for
|
||||
this), it will probably create a mailbox on COPY.
|
||||
|
||||
Older server implementations may not preserve flags or internal dates
|
||||
on COPY. Some server implementations may not permit the preservation
|
||||
of certain flags on COPY or their setting with APPEND as site policy.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin [Page 4]
|
||||
|
||||
RFC 1732 IMAP4 - Compatibility December 1994
|
||||
|
||||
|
||||
IMAP4 server interoperability with old clients
|
||||
|
||||
In general, there should be no interoperation problem between a
|
||||
server conforming to the IMAP4 specification and a well-written
|
||||
client that conforms to an earlier specification. Known problems are
|
||||
noted below:
|
||||
|
||||
Poor wording in the description of the CHECK command in earlier
|
||||
specifications implied that a CHECK command is the way to get the
|
||||
current number of messages in the mailbox. This is incorrect. A
|
||||
CHECK command does not necessarily result in an EXISTS response.
|
||||
Clients must remember the most recent EXISTS value sent from the
|
||||
server, and should not generate unnecessary CHECK commands.
|
||||
|
||||
An incompatibility exists with COPY in IMAP4. COPY in IMAP4
|
||||
servers does not automatically create the destination mailbox if
|
||||
that mailbox does not already exist. This may cause problems with
|
||||
old clients that expect automatic mailbox creation in COPY.
|
||||
|
||||
The PREAUTH unsolicited response is new in IMAP4. It is highly
|
||||
unlikely that an old client would ever see this response.
|
||||
|
||||
The format of dates and times has changed due to the impending end
|
||||
of the century. Clients that fail to accept a four-digit year or
|
||||
a signed four-digit timezone value will not work properly with
|
||||
IMAP4.
|
||||
|
||||
An incompatibility exists with the use of "\" in quoted strings.
|
||||
This is best avoided by using literals instead of quoted strings
|
||||
if "\" or <"> is embedded in the string.
|
||||
|
||||
Security Considerations
|
||||
|
||||
Security issues are not discussed in this memo.
|
||||
|
||||
Author's Address:
|
||||
|
||||
Mark R. Crispin
|
||||
Networks and Distributed Computing, JE-30
|
||||
University of Washington
|
||||
Seattle, WA 98195
|
||||
|
||||
Phone: (206) 543-5762
|
||||
|
||||
EMail: MRC@CAC.Washington.EDU
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin [Page 5]
|
||||
|
171
docs/rfcs/rfc1733.txt
Normal file
171
docs/rfcs/rfc1733.txt
Normal file
@ -0,0 +1,171 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Crispin
|
||||
Request for Comments: 1733 University of Washington
|
||||
Category: Informational December 1994
|
||||
|
||||
|
||||
DISTRIBUTED ELECTRONIC MAIL MODELS IN IMAP4
|
||||
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This memo provides information for the Internet community. This memo
|
||||
does not specify an Internet standard of any kind. Distribution of
|
||||
this memo is unlimited.
|
||||
|
||||
|
||||
Distributed Electronic Mail Models
|
||||
|
||||
There are three fundamental models of client/server email: offline,
|
||||
online, and disconnected use. IMAP4 can be used in any one of these
|
||||
three models.
|
||||
|
||||
The offline model is the most familiar form of client/server email
|
||||
today, and is used by protocols such as POP-3 (RFC 1225) and UUCP.
|
||||
In this model, a client application periodically connects to a
|
||||
server. It downloads all the pending messages to the client machine
|
||||
and deletes these from the server. Thereafter, all mail processing
|
||||
is local to the client. This model is store-and-forward; it moves
|
||||
mail on demand from an intermediate server (maildrop) to a single
|
||||
destination machine.
|
||||
|
||||
The online model is most commonly used with remote filesystem
|
||||
protocols such as NFS. In this model, a client application
|
||||
manipulates mailbox data on a server machine. A connection to the
|
||||
server is maintained throughout the session. No mailbox data are
|
||||
kept on the client; the client retrieves data from the server as is
|
||||
needed. IMAP4 introduces a form of the online model that requires
|
||||
considerably less network bandwidth than a remote filesystem
|
||||
protocol, and provides the opportunity for using the server for CPU
|
||||
or I/O intensive functions such as parsing and searching.
|
||||
|
||||
The disconnected use model is a hybrid of the offline and online
|
||||
models, and is used by protocols such as PCMAIL (RFC 1056). In this
|
||||
model, a client user downloads some set of messages from the server,
|
||||
manipulates them offline, then at some later time uploads the
|
||||
changes. The server remains the authoritative repository of the
|
||||
messages. The problems of synchronization (particularly when
|
||||
multiple clients are involved) are handled through the means of
|
||||
unique identifiers for each message.
|
||||
|
||||
|
||||
|
||||
Crispin [Page 1]
|
||||
|
||||
RFC 1733 IMAP4 - Model December 1994
|
||||
|
||||
|
||||
Each of these models have their own strengths and weaknesses:
|
||||
|
||||
Feature Offline Online Disc
|
||||
------- ------- ------ ----
|
||||
Can use multiple clients NO YES YES
|
||||
Minimum use of server connect time YES NO YES
|
||||
Minimum use of server resources YES NO NO
|
||||
Minimum use of client disk resources NO YES NO
|
||||
Multiple remote mailboxes NO YES YES
|
||||
Fast startup NO YES NO
|
||||
Mail processing when not online YES NO YES
|
||||
|
||||
Although IMAP4 has its origins as a protocol designed to accommodate
|
||||
the online model, it can support the other two models as well. This
|
||||
makes possible the creation of clients that can be used in any of the
|
||||
three models. For example, a user may wish to switch between the
|
||||
online and disconnected models on a regular basis (e.g. owing to
|
||||
travel).
|
||||
|
||||
IMAP4 is designed to transmit message data on demand, and to provide
|
||||
the facilities necessary for a client to decide what data it needs at
|
||||
any particular time. There is generally no need to do a wholesale
|
||||
transfer of an entire mailbox or even of the complete text of a
|
||||
message. This makes a difference in situations where the mailbox is
|
||||
large, or when the link to the server is slow.
|
||||
|
||||
More specifically, IMAP4 supports server-based RFC 822 and MIME
|
||||
processing. With this information, it is possible for a client to
|
||||
determine in advance whether it wishes to retrieve a particular
|
||||
message or part of a message. For example, a user connected to an
|
||||
IMAP4 server via a dialup link can determine that a message has a
|
||||
2000 byte text segment and a 40 megabyte video segment, and elect to
|
||||
fetch only the text segment.
|
||||
|
||||
In IMAP4, the client/server relationship lasts only for the duration
|
||||
of the TCP connection. There is no registration of clients. Except
|
||||
for any unique identifiers used in disconnected use operation, the
|
||||
client initially has no knowledge of mailbox state and learns it from
|
||||
the IMAP4 server when a mailbox is selected. This initial transfer
|
||||
is minimal; the client requests additional state data as it needs.
|
||||
|
||||
As noted above, the choice for the location of mailbox data depends
|
||||
upon the model chosen. The location of message state (e.g. whether
|
||||
or not a message has been read or answered) is also determined by the
|
||||
model, and is not necessarily the same as the location of the mailbox
|
||||
data. For example, in the online model message state can be co-
|
||||
located with mailbox data; it can also be located elsewhere (on the
|
||||
client or on a third agent) using unique identifiers to achieve
|
||||
|
||||
|
||||
|
||||
Crispin [Page 2]
|
||||
|
||||
RFC 1733 IMAP4 - Model December 1994
|
||||
|
||||
|
||||
common reference across sessions. The latter is particularly useful
|
||||
with a server that exports public data such as netnews and does not
|
||||
maintain per-user state.
|
||||
|
||||
The IMAP4 protocol provides the generality to implement these
|
||||
different models. This is done by means of server and (especially)
|
||||
client configuration, and not by requiring changes to the protocol or
|
||||
the implementation of the protocol.
|
||||
|
||||
|
||||
Security Considerations
|
||||
|
||||
Security issues are not discussed in this memo.
|
||||
|
||||
|
||||
Author's Address:
|
||||
|
||||
Mark R. Crispin
|
||||
Networks and Distributed Computing, JE-30
|
||||
University of Washington
|
||||
Seattle, WA 98195
|
||||
|
||||
Phone: (206) 543-5762
|
||||
|
||||
EMail: MRC@CAC.Washington.EDU
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin [Page 3]
|
||||
|
1291
docs/rfcs/rfc1939.txt
Normal file
1291
docs/rfcs/rfc1939.txt
Normal file
File diff suppressed because it is too large
Load Diff
171
docs/rfcs/rfc2061.txt
Normal file
171
docs/rfcs/rfc2061.txt
Normal file
@ -0,0 +1,171 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Crispin
|
||||
Request for Comments: 2061 University of Washington
|
||||
Category: Informational December 1996
|
||||
|
||||
|
||||
IMAP4 COMPATIBILITY WITH IMAP2BIS
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This memo provides information for the Internet community. This memo
|
||||
does not specify an Internet standard of any kind. Distribution of
|
||||
this memo is unlimited.
|
||||
|
||||
Introduction
|
||||
|
||||
The Internet Message Access Protocol (IMAP) has been through several
|
||||
revisions and variants in its 10-year history. Many of these are
|
||||
either extinct or extremely rare; in particular, several undocumented
|
||||
variants and the variants described in RFC 1064, RFC 1176, and RFC
|
||||
1203 fall into this category.
|
||||
|
||||
One variant, IMAP2bis, is at the time of this writing very common and
|
||||
has been widely distributed with the Pine mailer. Unfortunately,
|
||||
there is no definite document describing IMAP2bis. This document is
|
||||
intended to be read along with RFC 1176 and the most recent IMAP4
|
||||
specification (RFC 2060) to assist implementors in creating an IMAP4
|
||||
implementation to interoperate with implementations that conform to
|
||||
earlier specifications. Nothing in this document is required by the
|
||||
IMAP4 specification; implementors must decide for themselves whether
|
||||
they want their implementation to fail if it encounters old software.
|
||||
|
||||
At the time of this writing, IMAP4 has been updated from the version
|
||||
described in RFC 1730. An implementor who wishes to interoperate
|
||||
with both RFC 1730 and RFC 2060 should refer to both documents.
|
||||
|
||||
This information is not complete; it reflects current knowledge of
|
||||
server and client implementations as well as "folklore" acquired in
|
||||
the evolution of the protocol. It is NOT a description of how to
|
||||
interoperate with all variants of IMAP, but rather with the old
|
||||
variant that is most likely to be encountered. For detailed
|
||||
information on interoperating with other old variants, refer to RFC
|
||||
1732.
|
||||
|
||||
IMAP4 client interoperability with IMAP2bis servers
|
||||
|
||||
A quick way to check whether a server implementation supports the
|
||||
IMAP4 specification is to try the CAPABILITY command. An OK response
|
||||
will indicate which variant(s) of IMAP4 are supported by the server.
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 1]
|
||||
|
||||
RFC 2061 IMAP4 Compatibility December 1996
|
||||
|
||||
|
||||
If the client does not find any of its known variant in the response,
|
||||
it should treat the server as IMAP2bis. A BAD response indicates an
|
||||
IMAP2bis or older server.
|
||||
|
||||
Most IMAP4 facilities are in IMAP2bis. The following exceptions
|
||||
exist:
|
||||
|
||||
CAPABILITY command
|
||||
The absense of this command indicates IMAP2bis (or older).
|
||||
|
||||
AUTHENTICATE command.
|
||||
Use the LOGIN command.
|
||||
|
||||
LSUB, SUBSCRIBE, and UNSUBSCRIBE commands
|
||||
No direct functional equivalent. IMAP2bis had a concept
|
||||
called "bboards" which is not in IMAP4. RFC 1176 supported
|
||||
these with the BBOARD and FIND BBOARDS commands. IMAP2bis
|
||||
augmented these with the FIND ALL.BBOARDS, SUBSCRIBE BBOARD,
|
||||
and UNSUBSCRIBE BBOARD commands. It is recommended that
|
||||
none of these commands be implemented in new software,
|
||||
including servers that support old clients.
|
||||
|
||||
LIST command
|
||||
Use the command FIND ALL.MAILBOXES, which has a similar syn-
|
||||
tax and response to the FIND MAILBOXES command described in
|
||||
RFC 1176. The FIND MAILBOXES command is unlikely to produce
|
||||
useful information.
|
||||
|
||||
* in a sequence
|
||||
Use the number of messages in the mailbox from the EXISTS
|
||||
unsolicited response.
|
||||
|
||||
SEARCH extensions (character set, additional criteria)
|
||||
Reformulate the search request using only the RFC 1176 syn-
|
||||
tax. This may entail doing multiple searches to achieve the
|
||||
desired results.
|
||||
|
||||
BODYSTRUCTURE fetch data item
|
||||
Use the non-extensible BODY data item.
|
||||
|
||||
body sections HEADER, TEXT, MIME, HEADER.FIELDS, HEADER.FIELDS.NOT
|
||||
Use body section numbers only.
|
||||
|
||||
BODY.PEEK[section]
|
||||
Use BODY[section] and manually clear the \Seen flag as
|
||||
necessary.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 2]
|
||||
|
||||
RFC 2061 IMAP4 Compatibility December 1996
|
||||
|
||||
|
||||
FLAGS.SILENT, +FLAGS.SILENT, and -FLAGS.SILENT store data items
|
||||
Use the corresponding non-SILENT versions and ignore the
|
||||
untagged FETCH responses which come back.
|
||||
|
||||
UID fetch data item and the UID commands
|
||||
No functional equivalent.
|
||||
|
||||
CLOSE command
|
||||
No functional equivalent.
|
||||
|
||||
|
||||
In IMAP2bis, the TRYCREATE special information token is sent as a
|
||||
separate unsolicited OK response instead of inside the NO response.
|
||||
|
||||
IMAP2bis is ambiguous about whether or not flags or internal dates
|
||||
are preserved on COPY. It is impossible to know what behavior is
|
||||
supported by the server.
|
||||
|
||||
IMAP4 server interoperability with IMAP2bis clients
|
||||
|
||||
The only interoperability problem between an IMAP4 server and a
|
||||
well-written IMAP2bis client is an incompatibility with the use of
|
||||
"\" in quoted strings. This is best avoided by using literals
|
||||
instead of quoted strings if "\" or <"> is embedded in the string.
|
||||
|
||||
Security Considerations
|
||||
|
||||
Security issues are not discussed in this memo.
|
||||
|
||||
Author's Address
|
||||
|
||||
Mark R. Crispin
|
||||
Networks and Distributed Computing
|
||||
University of Washington
|
||||
4545 15th Aveneue NE
|
||||
Seattle, WA 98105-4527
|
||||
|
||||
Phone: (206) 543-5762
|
||||
EMail: MRC@CAC.Washington.EDU
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 3]
|
||||
|
451
docs/rfcs/rfc2062.txt
Normal file
451
docs/rfcs/rfc2062.txt
Normal file
@ -0,0 +1,451 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Crispin
|
||||
Request for Comments: 2062 University of Washington
|
||||
Category: Informational December 1996
|
||||
|
||||
|
||||
Internet Message Access Protocol - Obsolete Syntax
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This memo provides information for the Internet community. This memo
|
||||
does not specify an Internet standard of any kind. Distribution of
|
||||
this memo is unlimited.
|
||||
|
||||
Abstract
|
||||
|
||||
This document describes obsolete syntax which may be encountered by
|
||||
IMAP4 implementations which deal with older versions of the Internet
|
||||
Mail Access Protocol. IMAP4 implementations MAY implement this
|
||||
syntax in order to maximize interoperability with older
|
||||
implementations.
|
||||
|
||||
This document repeats information from earlier documents, most
|
||||
notably RFC 1176 and RFC 1730.
|
||||
|
||||
Obsolete Commands and Fetch Data Items
|
||||
|
||||
The following commands are OBSOLETE. It is NOT required to support
|
||||
any of these commands or fetch data items in new server
|
||||
implementations. These commands are documented here for the benefit
|
||||
of implementors who may wish to support them for compatibility with
|
||||
old client implementations.
|
||||
|
||||
The section headings of these commands are intended to correspond
|
||||
with where they would be located in the main document if they were
|
||||
not obsoleted.
|
||||
|
||||
6.3.OBS.1. FIND ALL.MAILBOXES Command
|
||||
|
||||
Arguments: mailbox name with possible wildcards
|
||||
|
||||
Data: untagged responses: MAILBOX
|
||||
|
||||
Result: OK - find completed
|
||||
NO - find failure: can't list that name
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 1]
|
||||
|
||||
RFC 2062 IMAP4 Obsolete December 1996
|
||||
|
||||
|
||||
The FIND ALL.MAILBOXES command returns a subset of names from the
|
||||
complete set of all names available to the user. It returns zero
|
||||
or more untagged MAILBOX replies. The mailbox argument to FIND
|
||||
ALL.MAILBOXES is similar to that for LIST with an empty reference,
|
||||
except that the characters "%" and "?" match a single character.
|
||||
|
||||
Example: C: A002 FIND ALL.MAILBOXES *
|
||||
S: * MAILBOX blurdybloop
|
||||
S: * MAILBOX INBOX
|
||||
S: A002 OK FIND ALL.MAILBOXES completed
|
||||
|
||||
6.3.OBS.2. FIND MAILBOXES Command
|
||||
|
||||
Arguments: mailbox name with possible wildcards
|
||||
|
||||
Data: untagged responses: MAILBOX
|
||||
|
||||
Result: OK - find completed
|
||||
NO - find failure: can't list that name
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The FIND MAILBOXES command returns a subset of names from the set
|
||||
of names that the user has declared as being "active" or
|
||||
"subscribed". It returns zero or more untagged MAILBOX replies.
|
||||
The mailbox argument to FIND MAILBOXES is similar to that for LSUB
|
||||
with an empty reference, except that the characters "%" and "?"
|
||||
match a single character.
|
||||
|
||||
Example: C: A002 FIND MAILBOXES *
|
||||
S: * MAILBOX blurdybloop
|
||||
S: * MAILBOX INBOX
|
||||
S: A002 OK FIND MAILBOXES completed
|
||||
|
||||
6.3.OBS.3. SUBSCRIBE MAILBOX Command
|
||||
|
||||
Arguments: mailbox name
|
||||
|
||||
Data: no specific data for this command
|
||||
|
||||
Result: OK - subscribe completed
|
||||
NO - subscribe failure: can't subscribe to that name
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The SUBSCRIBE MAILBOX command is identical in effect to the
|
||||
SUBSCRIBE command. A server which implements this command must be
|
||||
able to distinguish between a SUBSCRIBE MAILBOX command and a
|
||||
SUBSCRIBE command with a mailbox name argument of "MAILBOX".
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 2]
|
||||
|
||||
RFC 2062 IMAP4 Obsolete December 1996
|
||||
|
||||
|
||||
Example: C: A002 SUBSCRIBE MAILBOX #news.comp.mail.mime
|
||||
S: A002 OK SUBSCRIBE MAILBOX to #news.comp.mail.mime
|
||||
completed
|
||||
C: A003 SUBSCRIBE MAILBOX
|
||||
S: A003 OK SUBSCRIBE to MAILBOX completed
|
||||
|
||||
|
||||
6.3.OBS.4. UNSUBSCRIBE MAILBOX Command
|
||||
|
||||
Arguments: mailbox name
|
||||
|
||||
Data: no specific data for this command
|
||||
|
||||
Result: OK - unsubscribe completed
|
||||
NO - unsubscribe failure: can't unsubscribe that name
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The UNSUBSCRIBE MAILBOX command is identical in effect to the
|
||||
UNSUBSCRIBE command. A server which implements this command must
|
||||
be able to distinguish between a UNSUBSCRIBE MAILBOX command and
|
||||
an UNSUBSCRIBE command with a mailbox name argument of "MAILBOX".
|
||||
|
||||
Example: C: A002 UNSUBSCRIBE MAILBOX #news.comp.mail.mime
|
||||
S: A002 OK UNSUBSCRIBE MAILBOX from #news.comp.mail.mime
|
||||
completed
|
||||
C: A003 UNSUBSCRIBE MAILBOX
|
||||
S: A003 OK UNSUBSCRIBE from MAILBOX completed
|
||||
|
||||
6.4.OBS.1 PARTIAL Command
|
||||
|
||||
Arguments: message sequence number
|
||||
message data item name
|
||||
position of first octet
|
||||
number of octets
|
||||
|
||||
Data: untagged responses: FETCH
|
||||
|
||||
Result: OK - partial completed
|
||||
NO - partial error: can't fetch that data
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The PARTIAL command is equivalent to the associated FETCH command,
|
||||
with the added functionality that only the specified number of
|
||||
octets, beginning at the specified starting octet, are returned.
|
||||
Only a single message can be fetched at a time. The first octet
|
||||
of a message, and hence the minimum for the starting octet, is
|
||||
octet 1.
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 3]
|
||||
|
||||
RFC 2062 IMAP4 Obsolete December 1996
|
||||
|
||||
|
||||
The following FETCH items are valid data for PARTIAL: RFC822,
|
||||
RFC822.HEADER, RFC822.TEXT, BODY[<section>], as well as any .PEEK
|
||||
forms of these.
|
||||
|
||||
Any partial fetch that attempts to read beyond the end of the text
|
||||
is truncated as appropriate. If the starting octet is beyond the
|
||||
end of the text, an empty string is returned.
|
||||
|
||||
The data are returned with the FETCH response. There is no
|
||||
indication of the range of the partial data in this response. It
|
||||
is not possible to stream multiple PARTIAL commands of the same
|
||||
data item without processing and synchronizing at each step, since
|
||||
streamed commands may be executed out of order.
|
||||
|
||||
There is no requirement that partial fetches follow any sequence.
|
||||
For example, if a partial fetch of octets 1 through 10000 breaks
|
||||
in an awkward place for BASE64 decoding, it is permitted to
|
||||
continue with a partial fetch of 9987 through 19987, etc.
|
||||
|
||||
The handling of the \Seen flag is the same as in the associated
|
||||
FETCH command.
|
||||
|
||||
Example: C: A005 PARTIAL 4 RFC822 1 1024
|
||||
S: * 1 FETCH (RFC822 {1024}
|
||||
S: Return-Path: <gray@cac.washington.edu>
|
||||
S: ...
|
||||
S: ......... FLAGS (\Seen))
|
||||
S: A005 OK PARTIAL completed
|
||||
|
||||
6.4.5.OBS.1 Obsolete FETCH Data Items
|
||||
|
||||
The following FETCH data items are obsolete:
|
||||
|
||||
BODY[<...>0] A body part number of 0 is the [RFC-822] header of
|
||||
the message. BODY[0] is functionally equivalent to
|
||||
BODY[HEADER], differing in the syntax of the
|
||||
resulting untagged FETCH data (BODY[0] is
|
||||
returned).
|
||||
|
||||
RFC822.HEADER.LINES <header_list>
|
||||
Functionally equivalent to BODY.PEEK[HEADER.LINES
|
||||
<header_list>], differing in the syntax of the
|
||||
resulting untagged FETCH data (RFC822.HEADER is
|
||||
returned).
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 4]
|
||||
|
||||
RFC 2062 IMAP4 Obsolete December 1996
|
||||
|
||||
|
||||
RFC822.HEADER.LINES.NOT <header_list>
|
||||
Functionally equivalent to
|
||||
BODY.PEEK[HEADER.LINES.NOT <header_list>],
|
||||
differing in the syntax of the resulting untagged
|
||||
FETCH data (RFC822.HEADER is returned).
|
||||
|
||||
RFC822.PEEK Functionally equivalent to BODY.PEEK[], except for
|
||||
the syntax of the resulting untagged FETCH data
|
||||
(RFC822 is returned).
|
||||
|
||||
RFC822.TEXT.PEEK
|
||||
Functionally equivalent to BODY.PEEK[TEXT], except
|
||||
for the syntax of the resulting untagged FETCH data
|
||||
(RFC822.TEXT is returned).
|
||||
|
||||
Obsolete Responses
|
||||
|
||||
The following responses are OBSOLETE. Except as noted below, these
|
||||
responses MUST NOT be transmitted by new server implementations.
|
||||
Client implementations SHOULD accept these responses.
|
||||
|
||||
The section headings of these responses are intended to correspond
|
||||
with where they would be located in the main document if they were
|
||||
not obsoleted.
|
||||
|
||||
7.2.OBS.1. MAILBOX Response
|
||||
|
||||
Data: name
|
||||
|
||||
The MAILBOX response MUST NOT be transmitted by server
|
||||
implementations except in response to the obsolete FIND MAILBOXES
|
||||
and FIND ALL.MAILBOXES commands. Client implementations that do
|
||||
not use these commands MAY ignore this response. It is documented
|
||||
here for the benefit of implementors who may wish to support it
|
||||
for compatibility with old client implementations.
|
||||
|
||||
This response occurs as a result of the FIND MAILBOXES and FIND
|
||||
ALL.MAILBOXES commands. It returns a single name that matches the
|
||||
FIND specification. There are no attributes or hierarchy
|
||||
delimiter.
|
||||
|
||||
Example: S: * MAILBOX blurdybloop
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 5]
|
||||
|
||||
RFC 2062 IMAP4 Obsolete December 1996
|
||||
|
||||
|
||||
7.3.OBS.1. COPY Response
|
||||
|
||||
Data: none
|
||||
|
||||
The COPY response MUST NOT be transmitted by new server
|
||||
implementations. Client implementations MUST ignore the COPY
|
||||
response. It is documented here for the benefit of client
|
||||
implementors who may encounter this response from old server
|
||||
implementations.
|
||||
|
||||
In some experimental versions of this protocol, this response was
|
||||
returned in response to a COPY command to indicate on a
|
||||
per-message basis that the message was copied successfully.
|
||||
|
||||
Example: S: * 44 COPY
|
||||
|
||||
7.3.OBS.2. STORE Response
|
||||
|
||||
Data: message data
|
||||
|
||||
The STORE response MUST NOT be transmitted by new server
|
||||
implementations. Client implementations MUST treat the STORE
|
||||
response as equivalent to the FETCH response. It is documented
|
||||
here for the benefit of client implementors who may encounter this
|
||||
response from old server implementations.
|
||||
|
||||
In some experimental versions of this protocol, this response was
|
||||
returned instead of FETCH in response to a STORE command to report
|
||||
the new value of the flags.
|
||||
|
||||
Example: S: * 69 STORE (FLAGS (\Deleted))
|
||||
|
||||
Formal Syntax of Obsolete Commands and Responses
|
||||
|
||||
Each obsolete syntax rule that is suffixed with "_old" is added to
|
||||
the corresponding name in the formal syntax. For example,
|
||||
command_auth_old adds the FIND command to command_auth.
|
||||
|
||||
command_auth_old ::= find
|
||||
|
||||
command_select_old
|
||||
::= partial
|
||||
|
||||
date_year_old ::= 2digit
|
||||
;; (year - 1900)
|
||||
|
||||
date_time_old ::= <"> date_day_fixed "-" date_month "-" date_year
|
||||
SPACE time "-" zone_name <">
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 6]
|
||||
|
||||
RFC 2062 IMAP4 Obsolete December 1996
|
||||
|
||||
|
||||
find ::= "FIND" SPACE ["ALL."] "MAILBOXES" SPACE
|
||||
list_mailbox
|
||||
|
||||
fetch_att_old ::= "RFC822.HEADER.LINES" [".NOT"] SPACE header_list /
|
||||
fetch_text_old
|
||||
|
||||
fetch_text_old ::= "BODY" [".PEEK"] section_old /
|
||||
"RFC822" [".HEADER" / ".TEXT" [".PEEK"]]
|
||||
|
||||
msg_data_old ::= "COPY" / ("STORE" SPACE msg_att)
|
||||
|
||||
partial ::= "PARTIAL" SPACE nz_number SPACE fetch_text_old SPACE
|
||||
number SPACE number
|
||||
|
||||
section_old ::= "[" (number ["." number]) "]"
|
||||
|
||||
subscribe_old ::= "SUBSCRIBE" SPACE "MAILBOX" SPACE mailbox
|
||||
|
||||
unsubscribe_old ::= "UNSUBSCRIBE" SPACE "MAILBOX" SPACE mailbox
|
||||
|
||||
zone_name ::= "UT" / "GMT" / "Z" / ;; +0000
|
||||
"AST" / "EDT" / ;; -0400
|
||||
"EST" / "CDT" / ;; -0500
|
||||
"CST" / "MDT" / ;; -0600
|
||||
"MST" / "PDT" / ;; -0700
|
||||
"PST" / "YDT" / ;; -0800
|
||||
"YST" / "HDT" / ;; -0900
|
||||
"HST" / "BDT" / ;; -1000
|
||||
"BST" / ;; -1100
|
||||
"A" / "B" / "C" / "D" / "E" / "F" / ;; +1 to +6
|
||||
"G" / "H" / "I" / "K" / "L" / "M" / ;; +7 to +12
|
||||
"N" / "O" / "P" / "Q" / "R" / "S" / ;; -1 to -6
|
||||
"T" / "U" / "V" / "W" / "X" / "Y" ;; -7 to -12
|
||||
|
||||
Security Considerations
|
||||
|
||||
Security issues are not discussed in this memo.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 7]
|
||||
|
||||
RFC 2062 IMAP4 Obsolete December 1996
|
||||
|
||||
|
||||
Author's Address
|
||||
|
||||
Mark R. Crispin
|
||||
Networks and Distributed Computing
|
||||
University of Washington
|
||||
4545 15th Aveneue NE
|
||||
Seattle, WA 98105-4527
|
||||
|
||||
Phone: (206) 543-5762
|
||||
EMail: MRC@CAC.Washington.EDU
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Informational [Page 8]
|
||||
|
451
docs/rfcs/rfc2086.txt
Normal file
451
docs/rfcs/rfc2086.txt
Normal file
@ -0,0 +1,451 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group J. Myers
|
||||
Request for Comments: 2086 Carnegie Mellon
|
||||
Category: Standards Track January 1997
|
||||
|
||||
|
||||
IMAP4 ACL extension
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
1. Abstract
|
||||
|
||||
The ACL extension of the Internet Message Access Protocol [IMAP4]
|
||||
permits access control lists to be manipulated through the IMAP
|
||||
protocol.
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Abstract............................................... 1
|
||||
2. Conventions Used in this Document...................... 1
|
||||
3. Introduction and Overview.............................. 2
|
||||
4. Commands............................................... 3
|
||||
4.1. SETACL................................................. 3
|
||||
4.2. DELETEACL.............................................. 4
|
||||
4.3. GETACL................................................. 4
|
||||
4.4. LISTRIGHTS............................................. 4
|
||||
4.5. MYRIGHTS............................................... 5
|
||||
5. Responses.............................................. 5
|
||||
5.1. ACL.................................................... 5
|
||||
5.2. LISTRIGHTS............................................. 6
|
||||
5.3. MYRIGHTS............................................... 6
|
||||
6. Formal Syntax.......................................... 6
|
||||
7. References............................................. 7
|
||||
8. Security Considerations................................ 7
|
||||
9. Author's Address....................................... 8
|
||||
|
||||
2. Conventions Used in this Document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 1]
|
||||
|
||||
RFC 2086 ACL extension January 1997
|
||||
|
||||
|
||||
3. Introduction and Overview
|
||||
|
||||
The ACL extension is present in any IMAP4 implementation which
|
||||
returns "ACL" as one of the supported capabilities to the CAPABILITY
|
||||
command.
|
||||
|
||||
An access control list is a set of <identifier,rights> pairs.
|
||||
|
||||
Identifier is a US-ASCII string. The identifier anyone is reserved
|
||||
to refer to the universal identity (all authentications, including
|
||||
anonymous). All user name strings accepted by the LOGIN or
|
||||
AUTHENTICATE commands to authenticate to the IMAP server are reserved
|
||||
as identifiers for the corresponding user. Identifiers starting with
|
||||
a dash ("-") are reserved for "negative rights", described below.
|
||||
All other identifier strings are interpreted in an implementation-
|
||||
defined manner.
|
||||
|
||||
Rights is a string listing a (possibly empty) set of alphanumeric
|
||||
characters, each character listing a set of operations which is being
|
||||
controlled. Letters are reserved for ``standard'' rights, listed
|
||||
below. The set of standard rights may only be extended by a
|
||||
standards-track document. Digits are reserved for implementation or
|
||||
site defined rights. The currently defined standard rights are:
|
||||
|
||||
l - lookup (mailbox is visible to LIST/LSUB commands)
|
||||
r - read (SELECT the mailbox, perform CHECK, FETCH, PARTIAL,
|
||||
SEARCH, COPY from mailbox)
|
||||
s - keep seen/unseen information across sessions (STORE SEEN flag)
|
||||
w - write (STORE flags other than SEEN and DELETED)
|
||||
i - insert (perform APPEND, COPY into mailbox)
|
||||
p - post (send mail to submission address for mailbox,
|
||||
not enforced by IMAP4 itself)
|
||||
c - create (CREATE new sub-mailboxes in any implementation-defined
|
||||
hierarchy)
|
||||
d - delete (STORE DELETED flag, perform EXPUNGE)
|
||||
a - administer (perform SETACL)
|
||||
|
||||
An implementation may tie rights together or may force rights to
|
||||
always or never be granted to particular identifiers. For example,
|
||||
in an implementation that uses unix mode bits, the rights "wisd" are
|
||||
tied, the "a" right is always granted to the owner of a mailbox and
|
||||
is never granted to another user. If rights are tied in an
|
||||
implementation, the implementation must be conservative in granting
|
||||
rights in response to SETACL commands--unless all rights in a tied
|
||||
set are specified, none of that set should be included in the ACL
|
||||
entry for that identifier. A client may discover the set of rights
|
||||
which may be granted to a given identifier in the ACL for a given
|
||||
mailbox by using the LISTRIGHTS command.
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 2]
|
||||
|
||||
RFC 2086 ACL extension January 1997
|
||||
|
||||
|
||||
It is possible for multiple identifiers in an access control list to
|
||||
apply to a given user (or other authentication identity). For
|
||||
example, an ACL may include rights to be granted to the identifier
|
||||
matching the user, one or more implementation-defined identifiers
|
||||
matching groups which include the user, and/or the identifier
|
||||
"anyone". How these rights are combined to determine the user's
|
||||
access is implementation-defined. An implementation may choose, for
|
||||
example, to use the union of the rights granted to the applicable
|
||||
identifiers. An implementation may instead choose, for example, to
|
||||
only use those rights granted to the most specific identifier present
|
||||
in the ACL. A client may determine the set of rights granted to the
|
||||
logged-in user for a given mailbox by using the MYRIGHTS command.
|
||||
|
||||
When an identifier in an ACL starts with a dash ("-"), that indicates
|
||||
that associated rights are to be removed from the identifier that is
|
||||
prefixed by the dash. For example, if the identifier "-fred" is
|
||||
granted the "w" right, that indicates that the "w" right is to be
|
||||
removed from users matching the identifier "fred". Implementations
|
||||
need not support having identifiers which start with a dash in ACLs.
|
||||
|
||||
4. Commands
|
||||
|
||||
4.1. SETACL
|
||||
|
||||
Arguments: mailbox name
|
||||
authentication identifier
|
||||
access right modification
|
||||
|
||||
Data: no specific data for this command
|
||||
|
||||
Result: OK - setacl completed
|
||||
NO - setacl failure: can't set acl
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The SETACL command changes the access control list on the
|
||||
specified mailbox so that the specified identifier is granted
|
||||
permissions as specified in the third argument.
|
||||
|
||||
The third argument is a string containing an optional plus ("+")
|
||||
or minus ("-") prefix, followed by zero or more rights characters.
|
||||
If the string starts with a plus, the following rights are added
|
||||
to any existing rights for the identifier. If the string starts
|
||||
with a minus, the following rights are removed from any existing
|
||||
rights for the identifier. If the string does not start with a
|
||||
plus or minus, the rights replace any existing rights for the
|
||||
identifier.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 3]
|
||||
|
||||
RFC 2086 ACL extension January 1997
|
||||
|
||||
|
||||
4.2. DELETEACL
|
||||
|
||||
Arguments: mailbox name
|
||||
authentication identifier
|
||||
|
||||
Data: no specific data for this command
|
||||
|
||||
Result: OK - deleteacl completed
|
||||
NO - deleteacl failure: can't delete acl
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The DELETEACL command removes any <identifier,rights> pair for the
|
||||
specified identifier from the access control list for the specified
|
||||
mailbox.
|
||||
|
||||
4.3. GETACL
|
||||
|
||||
Arguments: mailbox name
|
||||
|
||||
Data: untagged responses: ACL
|
||||
|
||||
Result: OK - getacl completed
|
||||
NO - getacl failure: can't get acl
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The GETACL command returns the access control list for mailbox in
|
||||
an untagged ACL reply.
|
||||
|
||||
Example: C: A002 GETACL INBOX
|
||||
S: * ACL INBOX Fred rwipslda
|
||||
S: A002 OK Getacl complete
|
||||
|
||||
4.4. LISTRIGHTS
|
||||
|
||||
Arguments: mailbox name
|
||||
authentication identifier
|
||||
|
||||
Data: untagged responses: LISTRIGHTS
|
||||
|
||||
Result: OK - listrights completed
|
||||
NO - listrights failure: can't get rights list
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The LISTRIGHTS command takes a mailbox name and an identifier and
|
||||
returns information about what rights may be granted to the identifier
|
||||
in the ACL for the mailbox.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 4]
|
||||
|
||||
RFC 2086 ACL extension January 1997
|
||||
|
||||
|
||||
Example: C: a001 LISTRIGHTS ~/Mail/saved smith
|
||||
S: * LISTRIGHTS ~/Mail/saved smith la r swicd
|
||||
S: a001 OK Listrights completed
|
||||
|
||||
|
||||
C: a005 LISTRIGHTS archive.imap anyone
|
||||
S: * LISTRIGHTS archive.imap anyone "" l r s w i p c d a
|
||||
0 1 2 3 4 5 6 7 8 9
|
||||
|
||||
4.5. MYRIGHTS
|
||||
|
||||
Arguments: mailbox name
|
||||
|
||||
Data: untagged responses: MYRIGHTS
|
||||
|
||||
Result: OK - myrights completed
|
||||
NO - myrights failure: can't get rights
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The MYRIGHTS command returns the set of rights that the user has
|
||||
to mailbox in an untagged MYRIGHTS reply.
|
||||
|
||||
Example: C: A003 MYRIGHTS INBOX
|
||||
S: * MYRIGHTS INBOX rwipslda
|
||||
S: A003 OK Myrights complete
|
||||
|
||||
5. Responses
|
||||
|
||||
5.1. ACL
|
||||
|
||||
Data: mailbox name
|
||||
zero or more identifier rights pairs
|
||||
|
||||
The ACL response occurs as a result of a GETACL command. The first
|
||||
string is the mailbox name for which this ACL applies. This is
|
||||
followed by zero or more pairs of strings, each pair contains the
|
||||
identifier for which the entry applies followed by the set of
|
||||
rights that the identifier has.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 5]
|
||||
|
||||
RFC 2086 ACL extension January 1997
|
||||
|
||||
|
||||
5.2. LISTRIGHTS
|
||||
|
||||
Data: mailbox name
|
||||
identifier
|
||||
required rights
|
||||
list of optional rights
|
||||
|
||||
The LISTRIGHTS response occurs as a result of a LISTRIGHTS
|
||||
command. The first two strings are the mailbox name and identifier
|
||||
for which this rights list applies. Following the identifier is a
|
||||
string containing the (possibly empty) set of rights the
|
||||
identifier will always be granted in the mailbox.
|
||||
|
||||
Following this are zero or more strings each containing a set of
|
||||
rights the identifier may be granted in the mailbox. Rights
|
||||
mentioned in the same string are tied together--either all must be
|
||||
granted to the identifier in the mailbox or none may be granted.
|
||||
|
||||
The same right may not be listed more than once in the LISTRIGHTS
|
||||
command.
|
||||
|
||||
5.3. MYRIGHTS
|
||||
|
||||
Data: mailbox name
|
||||
rights
|
||||
|
||||
The MYRIGHTS response occurs as a result of a MYRIGHTS command.
|
||||
The first string is the mailbox name for which these rights apply.
|
||||
The second string is the set of rights that the client has.
|
||||
|
||||
6. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) notation as specified in [RFC-822] as modified by [IMAP4].
|
||||
Non-terminals referenced but not defined below are as defined by
|
||||
[IMAP4].
|
||||
|
||||
Except as noted otherwise, all alphabetic characters are case-
|
||||
insensitive. The use of upper or lower case characters to define
|
||||
token strings is for editorial clarity only. Implementations MUST
|
||||
accept these strings in a case-insensitive fashion.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 6]
|
||||
|
||||
RFC 2086 ACL extension January 1997
|
||||
|
||||
|
||||
acl_data ::= "ACL" SPACE mailbox *(SPACE identifier SPACE
|
||||
rights)
|
||||
|
||||
deleteacl ::= "DELETEACL" SPACE mailbox SPACE identifier
|
||||
|
||||
getacl ::= "GETACL" SPACE mailbox
|
||||
|
||||
identifier ::= astring
|
||||
|
||||
listrights ::= "LISTRIGHTS" SPACE mailbox SPACE identifier
|
||||
|
||||
listrights_data ::= "LISTRIGHTS" SPACE mailbox SPACE identifier
|
||||
SPACE rights *(SPACE rights)
|
||||
|
||||
mod_rights ::= astring
|
||||
;; +rights to add, -rights to remove
|
||||
;; rights to replace
|
||||
|
||||
myrights ::= "MYRIGHTS" SPACE mailbox
|
||||
|
||||
myrights_data ::= "MYRIGHTS" SPACE mailbox SPACE rights
|
||||
|
||||
rights ::= astring
|
||||
|
||||
setacl ::= "SETACL" SPACE mailbox SPACE identifier
|
||||
SPACE mod_rights
|
||||
|
||||
7. References
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4",
|
||||
RFC 1730, University of Washington, December 1994.
|
||||
|
||||
[RFC-822] Crocker, D., "Standard for the Format of ARPA Internet Text
|
||||
Messages", STD 11, RFC 822.
|
||||
|
||||
8. Security Considerations
|
||||
|
||||
An implementation must make sure the ACL commands themselves do not
|
||||
give information about mailboxes with appropriately restricted ACL's.
|
||||
For example, a GETACL command on a mailbox for which the user has
|
||||
insufficient rights should not admit the mailbox exists, much less
|
||||
return the mailbox's ACL.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 7]
|
||||
|
||||
RFC 2086 ACL extension January 1997
|
||||
|
||||
|
||||
9. Author's Address
|
||||
|
||||
John G. Myers
|
||||
Carnegie-Mellon University
|
||||
5000 Forbes Ave.
|
||||
Pittsburgh PA, 15213-3890
|
||||
|
||||
Email: jgm+@cmu.edu
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 8]
|
||||
|
283
docs/rfcs/rfc2087.txt
Normal file
283
docs/rfcs/rfc2087.txt
Normal file
@ -0,0 +1,283 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group J. Myers
|
||||
Request for Comments: 2087 Carnegie Mellon
|
||||
Category: Standards Track January 1997
|
||||
|
||||
|
||||
IMAP4 QUOTA extension
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
1. Abstract
|
||||
|
||||
The QUOTA extension of the Internet Message Access Protocol [IMAP4]
|
||||
permits administrative limits on resource usage (quotas) to be
|
||||
manipulated through the IMAP protocol.
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Abstract........................................... 1
|
||||
2. Conventions Used in this Document.................. 1
|
||||
3. Introduction and Overview.......................... 2
|
||||
4. Commands........................................... 2
|
||||
4.1. SETQUOTA Command................................... 2
|
||||
4.2. GETQUOTA Command................................... 2
|
||||
4.3. GETQUOTAROOT Command............................... 3
|
||||
5. Responses.......................................... 3
|
||||
5.1. QUOTA Response..................................... 3
|
||||
5.2. QUOTAROOT Response................................. 4
|
||||
6. Formal syntax...................................... 4
|
||||
7. References......................................... 5
|
||||
8. Security Considerations............................ 5
|
||||
9. Author's Address................................... 5
|
||||
|
||||
|
||||
2. Conventions Used in this Document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 1]
|
||||
|
||||
RFC 2087 QUOTA January 1997
|
||||
|
||||
|
||||
3. Introduction and Overview
|
||||
|
||||
The QUOTA extension is present in any IMAP4 implementation which
|
||||
returns "QUOTA" as one of the supported capabilities to the
|
||||
CAPABILITY command.
|
||||
|
||||
An IMAP4 server which supports the QUOTA capability may support
|
||||
limits on any number of resources. Each resource has an atom name
|
||||
and an implementation-defined interpretation which evaluates to an
|
||||
integer. Examples of such resources are:
|
||||
|
||||
Name Interpretation
|
||||
|
||||
STORAGE Sum of messages' RFC822.SIZE, in units of 1024 octets
|
||||
MESSAGE Number of messages
|
||||
|
||||
|
||||
Each mailbox has zero or more implementation-defined named "quota
|
||||
roots". Each quota root has zero or more resource limits. All
|
||||
mailboxes that share the same named quota root share the resource
|
||||
limits of the quota root.
|
||||
|
||||
Quota root names do not necessarily have to match the names of
|
||||
existing mailboxes.
|
||||
|
||||
4. Commands
|
||||
|
||||
4.1. SETQUOTA Command
|
||||
|
||||
Arguments: quota root
|
||||
list of resource limits
|
||||
|
||||
Data: untagged responses: QUOTA
|
||||
|
||||
Result: OK - setquota completed
|
||||
NO - setquota error: can't set that data
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The SETQUOTA command takes the name of a mailbox quota root and a
|
||||
list of resource limits. The resource limits for the named quota root
|
||||
are changed to be the specified limits. Any previous resource limits
|
||||
for the named quota root are discarded.
|
||||
|
||||
If the named quota root did not previously exist, an implementation
|
||||
may optionally create it and change the quota roots for any number of
|
||||
existing mailboxes in an implementation-defined manner.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 2]
|
||||
|
||||
RFC 2087 QUOTA January 1997
|
||||
|
||||
|
||||
Example: C: A001 SETQUOTA "" (STORAGE 512)
|
||||
S: * QUOTA "" (STORAGE 10 512)
|
||||
S: A001 OK Setquota completed
|
||||
|
||||
4.2. GETQUOTA Command
|
||||
|
||||
Arguments: quota root
|
||||
|
||||
Data: untagged responses: QUOTA
|
||||
|
||||
Result: OK - getquota completed
|
||||
NO - getquota error: no such quota root, permission
|
||||
denied
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The GETQUOTA command takes the name of a quota root and returns the
|
||||
quota root's resource usage and limits in an untagged QUOTA response.
|
||||
|
||||
Example: C: A003 GETQUOTA ""
|
||||
S: * QUOTA "" (STORAGE 10 512)
|
||||
S: A003 OK Getquota completed
|
||||
|
||||
4.3. GETQUOTAROOT Command
|
||||
|
||||
Arguments: mailbox name
|
||||
|
||||
Data: untagged responses: QUOTAROOT, QUOTA
|
||||
|
||||
Result: OK - getquota completed
|
||||
NO - getquota error: no such mailbox, permission denied
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The GETQUOTAROOT command takes the name of a mailbox and returns the
|
||||
list of quota roots for the mailbox in an untagged QUOTAROOT
|
||||
response. For each listed quota root, it also returns the quota
|
||||
root's resource usage and limits in an untagged QUOTA response.
|
||||
|
||||
Example: C: A003 GETQUOTAROOT INBOX
|
||||
S: * QUOTAROOT INBOX ""
|
||||
S: * QUOTA "" (STORAGE 10 512)
|
||||
S: A003 OK Getquota completed
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 3]
|
||||
|
||||
RFC 2087 QUOTA January 1997
|
||||
|
||||
|
||||
5. Responses
|
||||
|
||||
5.1. QUOTA Response
|
||||
|
||||
Data: quota root name
|
||||
list of resource names, usages, and limits
|
||||
|
||||
This response occurs as a result of a GETQUOTA or GETQUOTAROOT
|
||||
command. The first string is the name of the quota root for which
|
||||
this quota applies.
|
||||
|
||||
The name is followed by a S-expression format list of the resource
|
||||
usage and limits of the quota root. The list contains zero or
|
||||
more triplets. Each triplet conatins a resource name, the current
|
||||
usage of the resource, and the resource limit.
|
||||
|
||||
Resources not named in the list are not limited in the quota root.
|
||||
Thus, an empty list means there are no administrative resource
|
||||
limits in the quota root.
|
||||
|
||||
Example: S: * QUOTA "" (STORAGE 10 512)
|
||||
|
||||
5.2. QUOTAROOT Response
|
||||
|
||||
Data: mailbox name
|
||||
zero or more quota root names
|
||||
|
||||
This response occurs as a result of a GETQUOTAROOT command. The
|
||||
first string is the mailbox and the remaining strings are the
|
||||
names of the quota roots for the mailbox.
|
||||
|
||||
Example: S: * QUOTAROOT INBOX ""
|
||||
S: * QUOTAROOT comp.mail.mime
|
||||
|
||||
6. Formal syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) notation as specified in RFC 822 with one exception; the
|
||||
delimiter used with the "#" construct is a single space (SP) and not
|
||||
one or more commas.
|
||||
|
||||
Except as noted otherwise, all alphabetic characters are case-
|
||||
insensitive. The use of upper or lower case characters to define
|
||||
token strings is for editorial clarity only. Implementations MUST
|
||||
accept these strings in a case-insensitive fashion.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 4]
|
||||
|
||||
RFC 2087 QUOTA January 1997
|
||||
|
||||
|
||||
getquota ::= "GETQUOTA" SP astring
|
||||
|
||||
getquotaroot ::= "GETQUOTAROOT" SP astring
|
||||
|
||||
quota_list ::= "(" #quota_resource ")"
|
||||
|
||||
quota_resource ::= atom SP number SP number
|
||||
|
||||
quota_response ::= "QUOTA" SP astring SP quota_list
|
||||
|
||||
quotaroot_response
|
||||
::= "QUOTAROOT" SP astring *(SP astring)
|
||||
|
||||
setquota ::= "SETQUOTA" SP astring SP setquota_list
|
||||
|
||||
setquota_list ::= "(" 0#setquota_resource ")"
|
||||
|
||||
setquota_resource ::= atom SP number
|
||||
|
||||
7. References
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4",
|
||||
RFC 1730, University of Washington, December 1994.
|
||||
|
||||
[RFC-822] Crocker, D., "Standard for the Format of ARPA Internet
|
||||
Text Messages", STD 11, RFC 822.
|
||||
|
||||
8. Security Considerations
|
||||
|
||||
Implementors should be careful to make sure the implementation of
|
||||
these commands does not violate the site's security policy. The
|
||||
resource usage of other users is likely to be considered confidential
|
||||
information and should not be divulged to unauthorized persons.
|
||||
|
||||
9. Author's Address
|
||||
|
||||
John G. Myers
|
||||
Carnegie-Mellon University
|
||||
5000 Forbes Ave.
|
||||
Pittsburgh PA, 15213-3890
|
||||
|
||||
EMail: jgm+@cmu.edu
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 5]
|
||||
|
115
docs/rfcs/rfc2088.txt
Normal file
115
docs/rfcs/rfc2088.txt
Normal file
@ -0,0 +1,115 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group J. Myers
|
||||
Request for Comments: 2088 Carnegie Mellon
|
||||
Cateogry: Standards Track January 1997
|
||||
|
||||
|
||||
IMAP4 non-synchronizing literals
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
1. Abstract
|
||||
|
||||
The Internet Message Access Protocol [IMAP4] contains the "literal"
|
||||
syntactic construct for communicating strings. When sending a
|
||||
literal from client to server, IMAP4 requires the client to wait for
|
||||
the server to send a command continuation request between sending the
|
||||
octet count and the string data. This document specifies an
|
||||
alternate form of literal which does not require this network round
|
||||
trip.
|
||||
|
||||
2. Conventions Used in this Document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
3. Specification
|
||||
|
||||
The non-synchronizing literal is added an alternate form of literal,
|
||||
and may appear in communication from client to server instead of the
|
||||
IMAP4 form of literal. The IMAP4 form of literal, used in
|
||||
communication from client to server, is referred to as a
|
||||
synchronizing literal.
|
||||
|
||||
Non-synchronizing literals may be used with any IMAP4 server
|
||||
implementation which returns "LITERAL+" as one of the supported
|
||||
capabilities to the CAPABILITY command. If the server does not
|
||||
advertise the LITERAL+ capability, the client must use synchronizing
|
||||
literals instead.
|
||||
|
||||
The non-synchronizing literal is distinguished from the original
|
||||
synchronizing literal by having a plus ('+') between the octet count
|
||||
and the closing brace ('}'). The server does not generate a command
|
||||
continuation request in response to a non-synchronizing literal, and
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 1]
|
||||
|
||||
RFC 2088 LITERAL January 1997
|
||||
|
||||
|
||||
clients are not required to wait before sending the octets of a non-
|
||||
synchronizing literal.
|
||||
|
||||
The protocol receiver of an IMAP4 server must check the end of every
|
||||
received line for an open brace ('{') followed by an octet count, a
|
||||
plus ('+'), and a close brace ('}') immediately preceeding the CRLF.
|
||||
If it finds this sequence, it is the octet count of a non-
|
||||
synchronizing literal and the server MUST treat the specified number
|
||||
of following octets and the following line as part of the same
|
||||
command. A server MAY still process commands and reject errors on a
|
||||
line-by-line basis, as long as it checks for non-synchronizing
|
||||
literals at the end of each line.
|
||||
|
||||
Example: C: A001 LOGIN {11+}
|
||||
C: FRED FOOBAR {7+}
|
||||
C: fat man
|
||||
S: A001 OK LOGIN completed
|
||||
|
||||
4. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) notation as specified in [RFC-822] as modified by [IMAP4].
|
||||
Non-terminals referenced but not defined below are as defined by
|
||||
[IMAP4].
|
||||
|
||||
literal ::= "{" number ["+"] "}" CRLF *CHAR8
|
||||
;; Number represents the number of CHAR8 octets
|
||||
|
||||
6. References
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4",
|
||||
draft-crispin-imap-base-XX.txt, University of Washington, April 1996.
|
||||
|
||||
[RFC-822] Crocker, D., "Standard for the Format of ARPA Internet Text
|
||||
Messages", STD 11, RFC 822.
|
||||
|
||||
7. Security Considerations
|
||||
|
||||
There are no known security issues with this extension.
|
||||
|
||||
8. Author's Address
|
||||
|
||||
John G. Myers
|
||||
Carnegie-Mellon University
|
||||
5000 Forbes Ave.
|
||||
Pittsburgh PA, 15213-3890
|
||||
|
||||
Email: jgm+@cmu.edu
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 2]
|
||||
|
283
docs/rfcs/rfc2095.txt
Normal file
283
docs/rfcs/rfc2095.txt
Normal file
@ -0,0 +1,283 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group J. Klensin
|
||||
Request for Comments: 2095 R. Catoe
|
||||
Category: Standards Track P. Krumviede
|
||||
MCI
|
||||
January 1997
|
||||
|
||||
|
||||
IMAP/POP AUTHorize Extension for Simple Challenge/Response
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Abstract
|
||||
|
||||
While IMAP4 supports a number of strong authentication mechanisms as
|
||||
described in RFC 1731, it lacks any mechanism that neither passes
|
||||
cleartext, reusable passwords across the network nor requires either
|
||||
a significant security infrastructure or that the mail server update
|
||||
a mail-system-wide user authentication file on each mail access.
|
||||
This specification provides a simple challenge-response
|
||||
authentication protocol that is suitable for use with IMAP4. Since
|
||||
it utilizes Keyed-MD5 digests and does not require that the secret be
|
||||
stored in the clear on the server, it may also constitute an
|
||||
improvement on APOP for POP3 use as specified in RFC 1734.
|
||||
|
||||
1. Introduction
|
||||
|
||||
Existing Proposed Standards specify an AUTHENTICATE mechanism for the
|
||||
IMAP4 protocol [IMAP, IMAP-AUTH] and a parallel AUTH mechanism for
|
||||
the POP3 protocol [POP3-AUTH]. The AUTHENTICATE mechanism is
|
||||
intended to be extensible; the four methods specified in [IMAP-AUTH]
|
||||
are all fairly powerful and require some security infrastructure to
|
||||
support. The base POP3 specification [POP3] also contains a
|
||||
lightweight challenge-response mechanism called APOP. APOP is
|
||||
associated with most of the risks associated with such protocols: in
|
||||
particular, it requires that both the client and server machines have
|
||||
access to the shared secret in cleartext form. CRAM offers a method
|
||||
for avoiding such cleartext storage while retaining the algorithmic
|
||||
simplicity of APOP in using only MD5, though in a "keyed" method.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 1]
|
||||
|
||||
RFC 2095 IMAP/POP AUTHorize Extension January 1997
|
||||
|
||||
|
||||
At present, IMAP [IMAP] lacks any facility corresponding to APOP.
|
||||
The only alternative to the strong mechanisms identified in [IMAP-
|
||||
AUTH] is a presumably cleartext username and password, supported
|
||||
through the LOGIN command in [IMAP]. This document describes a
|
||||
simple challenge-response mechanism, similar to APOP and PPP CHAP
|
||||
[PPP], that can be used with IMAP (and, in principle, with POP3).
|
||||
|
||||
This mechanism also has the advantage over some possible alternatives
|
||||
of not requiring that the server maintain information about email
|
||||
"logins" on a per-login basis. While mechanisms that do require such
|
||||
per-login history records may offer enhanced security, protocols such
|
||||
as IMAP, which may have several connections between a given client
|
||||
and server open more or less simultaneous, may make their
|
||||
implementation particularly challenging.
|
||||
|
||||
2. Challenge-Response Authentication Mechanism (CRAM)
|
||||
|
||||
The authentication type associated with CRAM is "CRAM-MD5".
|
||||
|
||||
The data encoded in the first ready response contains an
|
||||
presumptively arbitrary string of random digits, a timestamp, and the
|
||||
fully-qualified primary host name of the server. The syntax of the
|
||||
unencoded form must correspond to that of an RFC 822 'msg-id'
|
||||
[RFC822] as described in [POP3].
|
||||
|
||||
The client makes note of the data and then responds with a string
|
||||
consisting of the user name, a space, and a 'digest'. The latter is
|
||||
computed by applying the keyed MD5 algorithm from [KEYED-MD5] where
|
||||
the key is a shared secret and the digested text is the timestamp
|
||||
(including angle-brackets).
|
||||
|
||||
This shared secret is a string known only to the client and server.
|
||||
The `digest' parameter itself is a 16-octet value which is sent in
|
||||
hexadecimal format, using lower-case ASCII characters.
|
||||
|
||||
When the server receives this client response, it verifies the digest
|
||||
provided. If the digest is correct, the server should consider the
|
||||
client authenticated and respond appropriately.
|
||||
|
||||
Keyed MD5 is chosen for this application because of the greater
|
||||
security imparted to authentication of short messages. In addition,
|
||||
the use of the techniques described in [KEYED-MD5] for precomputation
|
||||
of intermediate results make it possible to avoid explicit cleartext
|
||||
storage of the shared secret on the server system by instead storing
|
||||
the intermediate results which are known as "contexts".
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 2]
|
||||
|
||||
RFC 2095 IMAP/POP AUTHorize Extension January 1997
|
||||
|
||||
|
||||
CRAM does not support a protection mechanism.
|
||||
|
||||
Example:
|
||||
|
||||
The examples in this document show the use of the CRAM mechanism with
|
||||
the IMAP4 AUTHENTICATE command [IMAP-AUTH]. The base64 encoding of
|
||||
the challenges and responses is part of the IMAP4 AUTHENTICATE
|
||||
command, not part of the CRAM specification itself.
|
||||
|
||||
S: * OK IMAP4 Server
|
||||
C: A0001 AUTHENTICATE CRAM-MD5
|
||||
S: + PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+
|
||||
C: dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
|
||||
S: A0001 OK CRAM authentication successful
|
||||
|
||||
In this example, the shared secret is the string
|
||||
'tanstaaftanstaaf'. Hence, the Keyed MD5 digest is produced by
|
||||
calculating
|
||||
|
||||
MD5((tanstaaftanstaaf XOR opad),
|
||||
MD5((tanstaaftanstaaf XOR ipad),
|
||||
<1896.697170952@postoffice.reston.mci.net>))
|
||||
|
||||
where ipad and opad are as defined in the keyed-MD5 Work in
|
||||
Progress [KEYED-MD5] and the string shown in the challenge is the
|
||||
base64 encoding of <1896.697170952@postoffice.reston.mci.net>. The
|
||||
shared secret is null-padded to a length of 64 bytes. If the
|
||||
shared secret is longer than 64 bytes, the MD5 digest of the
|
||||
shared secret is used as a 16 byte input to the keyed MD5
|
||||
calculation.
|
||||
|
||||
This produces a digest value (in hexadecimal) of
|
||||
|
||||
b913a602c7eda7a495b4e6e7334d3890
|
||||
|
||||
The user name is then prepended to it, forming
|
||||
|
||||
tim b913a602c7eda7a495b4e6e7334d3890
|
||||
|
||||
Which is then base64 encoded to meet the requirements of the IMAP4
|
||||
AUTHENTICATE command (or the similar POP3 AUTH command), yielding
|
||||
|
||||
dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 3]
|
||||
|
||||
RFC 2095 IMAP/POP AUTHorize Extension January 1997
|
||||
|
||||
|
||||
3. References
|
||||
|
||||
[CHAP] Lloyd, B., and W. Simpson, "PPP Authentication Protocols",
|
||||
RFC 1334, October 1992.
|
||||
|
||||
[IMAP] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, University of Washington, December 1996.
|
||||
|
||||
[IMAP-AUTH] Myers, J., "IMAP4 Authentication Mechanisms",
|
||||
RFC 1731, Carnegie Mellon, December 1994.
|
||||
|
||||
[KEYED-MD5] Krawczyk, H., "HMAC-MD5: Keyed-MD5 for Message
|
||||
Authentication", Work in Progess.
|
||||
|
||||
[MD5] Rivest, R., "The MD5 Message Digest Algorithm",
|
||||
RFC 1321, MIT Laboratory for Computer Science, April 1992.
|
||||
|
||||
[POP3] Myers, J., and M. Rose, "Post Office Protocol - Version 3",
|
||||
STD 53, RFC 1939, Carnegie Mellon, May 1996.
|
||||
|
||||
[POP3-AUTH] Myers, J., "POP3 AUTHentication command", RFC 1734,
|
||||
Carnegie Mellon, December, 1994.
|
||||
|
||||
4. Security Considerations
|
||||
|
||||
It is conjectured that use of the CRAM authentication mechanism
|
||||
provides origin identification and replay protection for a session.
|
||||
Accordingly, a server that implements both a cleartext password
|
||||
command and this authentication type should not allow both methods of
|
||||
access for a given user.
|
||||
|
||||
While the saving, on the server, of "contexts" (see section 2) is
|
||||
marginally better than saving the shared secrets in cleartext as is
|
||||
required by CHAP [CHAP] and APOP [POP3], it is not sufficient to
|
||||
protect the secrets if the server itself is compromised.
|
||||
Consequently, servers that store the secrets or contexts must both be
|
||||
protected to a level appropriate to the potential information value
|
||||
in user mailboxes and identities.
|
||||
|
||||
As the length of the shared secret increases, so does the difficulty
|
||||
of deriving it.
|
||||
|
||||
While there are now suggestions in the literature that the use of MD5
|
||||
and keyed MD5 in authentication procedures probably has a limited
|
||||
effective lifetime, the technique is now widely deployed and widely
|
||||
understood. It is believed that this general understanding may
|
||||
assist with the rapid replacement, by CRAM-MD5, of the current uses
|
||||
of permanent cleartext passwords in IMAP. This document has been
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 4]
|
||||
|
||||
RFC 2095 IMAP/POP AUTHorize Extension January 1997
|
||||
|
||||
|
||||
deliberately written to permit easy upgrading to use SHA (or whatever
|
||||
alternatives emerge) when they are considered to be widely available
|
||||
and adequately safe.
|
||||
|
||||
Even with the use of CRAM, users are still vulnerable to active
|
||||
attacks. An example of an increasingly common active attack is 'TCP
|
||||
Session Hijacking' as described in CERT Advisory CA-95:01 [CERT95].
|
||||
|
||||
See section 1 above for additional discussion.
|
||||
|
||||
5. Acknowledgements
|
||||
|
||||
This memo borrows ideas and some text liberally from [POP3] and
|
||||
[RFC-1731] and thanks are due the authors of those documents. Ran
|
||||
Atkinson made a number of valuable technical and editorial
|
||||
contributions to the document.
|
||||
|
||||
6. Authors' Addresses
|
||||
|
||||
John C. Klensin
|
||||
MCI Telecommunications
|
||||
800 Boylston St, 7th floor
|
||||
Boston, MA 02199
|
||||
USA
|
||||
|
||||
EMail: klensin@mci.net
|
||||
Phone: +1 617 960 1011
|
||||
|
||||
Randy Catoe
|
||||
MCI Telecommunications
|
||||
2100 Reston Parkway
|
||||
Reston, VA 22091
|
||||
USA
|
||||
|
||||
EMail: randy@mci.net
|
||||
Phone: +1 703 715 7366
|
||||
|
||||
Paul Krumviede
|
||||
MCI Telecommunications
|
||||
2100 Reston Parkway
|
||||
Reston, VA 22091
|
||||
USA
|
||||
|
||||
EMail: paul@mci.net
|
||||
Phone: +1 703 715 7251
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 5]
|
||||
|
227
docs/rfcs/rfc2177.txt
Normal file
227
docs/rfcs/rfc2177.txt
Normal file
@ -0,0 +1,227 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group B. Leiba
|
||||
Request for Comments: 2177 IBM T.J. Watson Research Center
|
||||
Category: Standards Track June 1997
|
||||
|
||||
|
||||
IMAP4 IDLE command
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
1. Abstract
|
||||
|
||||
The Internet Message Access Protocol [IMAP4] requires a client to
|
||||
poll the server for changes to the selected mailbox (new mail,
|
||||
deletions). It's often more desirable to have the server transmit
|
||||
updates to the client in real time. This allows a user to see new
|
||||
mail immediately. It also helps some real-time applications based on
|
||||
IMAP, which might otherwise need to poll extremely often (such as
|
||||
every few seconds). (While the spec actually does allow a server to
|
||||
push EXISTS responses aysynchronously, a client can't expect this
|
||||
behaviour and must poll.)
|
||||
|
||||
This document specifies the syntax of an IDLE command, which will
|
||||
allow a client to tell the server that it's ready to accept such
|
||||
real-time updates.
|
||||
|
||||
2. Conventions Used in this Document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
|
||||
in this document are to be interpreted as described in RFC 2060
|
||||
[IMAP4].
|
||||
|
||||
3. Specification
|
||||
|
||||
IDLE Command
|
||||
|
||||
Arguments: none
|
||||
|
||||
Responses: continuation data will be requested; the client sends
|
||||
the continuation data "DONE" to end the command
|
||||
|
||||
|
||||
|
||||
Leiba Standards Track [Page 1]
|
||||
|
||||
RFC 2177 IMAP4 IDLE command June 1997
|
||||
|
||||
|
||||
|
||||
Result: OK - IDLE completed after client sent "DONE"
|
||||
NO - failure: the server will not allow the IDLE
|
||||
command at this time
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The IDLE command may be used with any IMAP4 server implementation
|
||||
that returns "IDLE" as one of the supported capabilities to the
|
||||
CAPABILITY command. If the server does not advertise the IDLE
|
||||
capability, the client MUST NOT use the IDLE command and must poll
|
||||
for mailbox updates. In particular, the client MUST continue to be
|
||||
able to accept unsolicited untagged responses to ANY command, as
|
||||
specified in the base IMAP specification.
|
||||
|
||||
The IDLE command is sent from the client to the server when the
|
||||
client is ready to accept unsolicited mailbox update messages. The
|
||||
server requests a response to the IDLE command using the continuation
|
||||
("+") response. The IDLE command remains active until the client
|
||||
responds to the continuation, and as long as an IDLE command is
|
||||
active, the server is now free to send untagged EXISTS, EXPUNGE, and
|
||||
other messages at any time.
|
||||
|
||||
The IDLE command is terminated by the receipt of a "DONE"
|
||||
continuation from the client; such response satisfies the server's
|
||||
continuation request. At that point, the server MAY send any
|
||||
remaining queued untagged responses and then MUST immediately send
|
||||
the tagged response to the IDLE command and prepare to process other
|
||||
commands. As in the base specification, the processing of any new
|
||||
command may cause the sending of unsolicited untagged responses,
|
||||
subject to the ambiguity limitations. The client MUST NOT send a
|
||||
command while the server is waiting for the DONE, since the server
|
||||
will not be able to distinguish a command from a continuation.
|
||||
|
||||
The server MAY consider a client inactive if it has an IDLE command
|
||||
running, and if such a server has an inactivity timeout it MAY log
|
||||
the client off implicitly at the end of its timeout period. Because
|
||||
of that, clients using IDLE are advised to terminate the IDLE and
|
||||
re-issue it at least every 29 minutes to avoid being logged off.
|
||||
This still allows a client to receive immediate mailbox updates even
|
||||
though it need only "poll" at half hour intervals.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Leiba Standards Track [Page 2]
|
||||
|
||||
RFC 2177 IMAP4 IDLE command June 1997
|
||||
|
||||
|
||||
Example: C: A001 SELECT INBOX
|
||||
S: * FLAGS (Deleted Seen)
|
||||
S: * 3 EXISTS
|
||||
S: * 0 RECENT
|
||||
S: * OK [UIDVALIDITY 1]
|
||||
S: A001 OK SELECT completed
|
||||
C: A002 IDLE
|
||||
S: + idling
|
||||
...time passes; new mail arrives...
|
||||
S: * 4 EXISTS
|
||||
C: DONE
|
||||
S: A002 OK IDLE terminated
|
||||
...another client expunges message 2 now...
|
||||
C: A003 FETCH 4 ALL
|
||||
S: * 4 FETCH (...)
|
||||
S: A003 OK FETCH completed
|
||||
C: A004 IDLE
|
||||
S: * 2 EXPUNGE
|
||||
S: * 3 EXISTS
|
||||
S: + idling
|
||||
...time passes; another client expunges message 3...
|
||||
S: * 3 EXPUNGE
|
||||
S: * 2 EXISTS
|
||||
...time passes; new mail arrives...
|
||||
S: * 3 EXISTS
|
||||
C: DONE
|
||||
S: A004 OK IDLE terminated
|
||||
C: A005 FETCH 3 ALL
|
||||
S: * 3 FETCH (...)
|
||||
S: A005 OK FETCH completed
|
||||
C: A006 IDLE
|
||||
|
||||
4. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) notation as specified in [RFC-822] as modified by [IMAP4].
|
||||
Non-terminals referenced but not defined below are as defined by
|
||||
[IMAP4].
|
||||
|
||||
command_auth ::= append / create / delete / examine / list / lsub /
|
||||
rename / select / status / subscribe / unsubscribe
|
||||
/ idle
|
||||
;; Valid only in Authenticated or Selected state
|
||||
|
||||
idle ::= "IDLE" CRLF "DONE"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Leiba Standards Track [Page 3]
|
||||
|
||||
RFC 2177 IMAP4 IDLE command June 1997
|
||||
|
||||
|
||||
5. References
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, December 1996.
|
||||
|
||||
6. Security Considerations
|
||||
|
||||
There are no known security issues with this extension.
|
||||
|
||||
7. Author's Address
|
||||
|
||||
Barry Leiba
|
||||
IBM T.J. Watson Research Center
|
||||
30 Saw Mill River Road
|
||||
Hawthorne, NY 10532
|
||||
|
||||
Email: leiba@watson.ibm.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Leiba Standards Track [Page 4]
|
||||
|
787
docs/rfcs/rfc2180.txt
Normal file
787
docs/rfcs/rfc2180.txt
Normal file
@ -0,0 +1,787 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Gahrns
|
||||
Request for Comments: 2180 Microsoft
|
||||
Category: Informational July 1997
|
||||
|
||||
|
||||
IMAP4 Multi-Accessed Mailbox Practice
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This memo provides information for the Internet community. This memo
|
||||
does not specify an Internet standard of any kind. Distribution of
|
||||
this memo is unlimited.
|
||||
|
||||
1. Abstract
|
||||
|
||||
IMAP4[RFC-2060] is rich client/server protocol that allows a client
|
||||
to access and manipulate electronic mail messages on a server.
|
||||
Within the protocol framework, it is possible to have differing
|
||||
results for particular client/server interactions. If a protocol does
|
||||
not allow for this, it is often unduly restrictive.
|
||||
|
||||
For example, when multiple clients are accessing a mailbox and one
|
||||
attempts to delete the mailbox, an IMAP4 server may choose to
|
||||
implement a solution based upon server architectural constraints or
|
||||
individual preference.
|
||||
|
||||
With this flexibility comes greater client responsibility. It is not
|
||||
sufficient for a client to be written based upon the behavior of a
|
||||
particular IMAP server. Rather the client must be based upon the
|
||||
behavior allowed by the protocol.
|
||||
|
||||
By documenting common IMAP4 server practice for the case of
|
||||
simultaneous client access to a mailbox, we hope to ensure the widest
|
||||
amount of inter-operation between IMAP4 clients and servers.
|
||||
|
||||
The behavior described in this document reflects the practice of some
|
||||
existing servers or behavior that the consensus of the IMAP mailing
|
||||
list has deemed to be reasonable. The behavior described within this
|
||||
document is believed to be [RFC-2060] compliant. However, this
|
||||
document is not meant to define IMAP4 compliance, nor is it an
|
||||
exhaustive list of valid IMAP4 behavior. [RFC-2060] must always be
|
||||
consulted to determine IMAP4 compliance, especially for server
|
||||
behavior not described within this document.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 1]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
2. Conventions used in this document
|
||||
|
||||
In examples,"C1:", "C2:" and "C3:" indicate lines sent by 3 different
|
||||
clients (client #1, client #2 and client #3) that are connected to a
|
||||
server. "S1:", "S2:" and "S3:" indicated lines sent by the server to
|
||||
client #1, client #2 and client #3 respectively.
|
||||
|
||||
A shared mailbox, is a mailbox that can be used by multiple users.
|
||||
|
||||
A multi-accessed mailbox, is a mailbox that has multiple clients
|
||||
simultaneously accessing it.
|
||||
|
||||
A client is said to have accessed a mailbox after a successful SELECT
|
||||
or EXAMINE command.
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
|
||||
document are to be interpreted as described in [RFC-2119].
|
||||
|
||||
|
||||
3. Deletion/Renaming of a multi-accessed mailbox
|
||||
|
||||
If an external agent or multiple clients are accessing a mailbox,
|
||||
care must be taken when handling the deletion or renaming of the
|
||||
mailbox. Following are some strategies an IMAP server may choose to
|
||||
use when dealing with this situation.
|
||||
|
||||
|
||||
3.1. The server MAY fail the DELETE/RENAME command of a multi-accessed
|
||||
mailbox
|
||||
|
||||
In some cases, this behavior may not be practical. For example, if a
|
||||
large number of clients are accessing a shared mailbox, the window in
|
||||
which no clients have the mailbox accessed may be small or non-
|
||||
existent, effectively rendering the mailbox undeletable or
|
||||
unrenamable.
|
||||
|
||||
Example:
|
||||
|
||||
<Client #1 and Client #2 have mailbox FOO accessed. Client #1 tries
|
||||
to DELETE the mailbox and is refused>
|
||||
|
||||
C1: A001 DELETE FOO
|
||||
S1: A001 NO Mailbox FOO is in use by another user.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 2]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
3.2. The server MAY allow the DELETE command of a multi-accessed
|
||||
mailbox, but keep the information in the mailbox available for
|
||||
those clients that currently have access to the mailbox.
|
||||
|
||||
When all clients have finished accessing the mailbox, it is
|
||||
permanently removed. For clients that do not already have access to
|
||||
the mailbox, the 'ghosted' mailbox would not be available. For
|
||||
example, it would not be returned to these clients in a subsequent
|
||||
LIST or LSUB command and would not be a valid mailbox argument to any
|
||||
other IMAP command until the reference count of clients accessing the
|
||||
mailbox reached 0.
|
||||
|
||||
In some cases, this behavior may not be desirable. For example if
|
||||
someone created a mailbox with offensive or sensitive information,
|
||||
one might prefer to have the mailbox deleted and all access to the
|
||||
information contained within removed immediately, rather than
|
||||
continuing to allow access until the client closes the mailbox.
|
||||
|
||||
Furthermore, this behavior, may prevent 'recycling' of the same
|
||||
mailbox name until all clients have finished accessing the original
|
||||
mailbox.
|
||||
|
||||
Example:
|
||||
|
||||
<Client #1 and Client #2 have mailbox FOO selected. Client #1 DELETEs
|
||||
mailbox FOO>
|
||||
|
||||
C1: A001 DELETE FOO
|
||||
S1: A001 OK Mailbox FOO is deleted.
|
||||
|
||||
<Client #2 is still able to operate on the deleted mailbox>
|
||||
|
||||
C2: B001 STORE 1 +FLAGS (\Seen)
|
||||
S2: * 1 FETCH FLAGS (\Seen)
|
||||
S2: B001 OK STORE completed
|
||||
|
||||
<Client #3 which did not have access to the mailbox prior to the
|
||||
deletion by client #1 does not have access to the mailbox>
|
||||
|
||||
C3: C001 STATUS FOO (MESSAGES)
|
||||
S3: C001 NO Mailbox does not exist
|
||||
|
||||
<Nor is client #3 able to create a mailbox with the name FOO, while
|
||||
the reference count is non zero>
|
||||
|
||||
C3: C002 CREATE FOO
|
||||
S3: C002 NO Mailbox FOO is still in use. Try again later.
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 3]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
<Client #2 closes its access to the mailbox, no other clients have
|
||||
access to the mailbox FOO and reference count becomes 0>
|
||||
|
||||
C2: B002 CLOSE
|
||||
S2: B002 OK CLOSE Completed
|
||||
|
||||
<Now that the reference count on FOO has reached 0, the mailbox name
|
||||
can be recycled>
|
||||
|
||||
C3: C003 CREATE FOO
|
||||
S3: C003 OK CREATE Completed
|
||||
|
||||
|
||||
3.3. The server MAY allow the DELETE/RENAME of a multi-accessed
|
||||
mailbox, but disconnect all other clients who have the mailbox
|
||||
accessed by sending a untagged BYE response.
|
||||
|
||||
A server may often choose to disconnect clients in the DELETE case,
|
||||
but may choose to implement a "friendlier" method for the RENAME
|
||||
case.
|
||||
|
||||
Example:
|
||||
|
||||
<Client #1 and Client #2 have mailbox FOO accessed. Client #1 DELETEs
|
||||
the mailbox FOO>
|
||||
|
||||
C1: A002 DELETE FOO
|
||||
S1: A002 OK DELETE completed.
|
||||
|
||||
<Server disconnects all other users of the mailbox>
|
||||
S2: * BYE Mailbox FOO has been deleted.
|
||||
|
||||
|
||||
3.4. The server MAY allow the RENAME of a multi-accessed mailbox by
|
||||
simply changing the name attribute on the mailbox.
|
||||
|
||||
Other clients that have access to the mailbox can continue issuing
|
||||
commands such as FETCH that do not reference the mailbox name.
|
||||
Clients would discover the renaming the next time they referred to
|
||||
the old mailbox name. Some servers MAY choose to include the
|
||||
[NEWNAME] response code in their tagged NO response to a command that
|
||||
contained the old mailbox name, as a hint to the client that the
|
||||
operation can succeed if the command is issued with the new mailbox
|
||||
name.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 4]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
Example:
|
||||
|
||||
<Client #1 and Client #2 have mailbox FOO accessed. Client #1 RENAMEs
|
||||
the mailbox.>
|
||||
|
||||
C1: A001 RENAME FOO BAR
|
||||
S1: A001 OK RENAME completed.
|
||||
|
||||
<Client #2 is still able to do operations that do not reference the
|
||||
mailbox name>
|
||||
|
||||
C2: B001 FETCH 2:4 (FLAGS)
|
||||
S2: * 2 FETCH . . .
|
||||
S2: * 3 FETCH . . .
|
||||
S2: * 4 FETCH . . .
|
||||
S2: B001 OK FETCH completed
|
||||
|
||||
<Client #2 is not able to do operations that reference the mailbox
|
||||
name>
|
||||
|
||||
C2: B002 APPEND FOO {300} C2: Date: Mon, 7 Feb 1994
|
||||
21:52:25 0800 (PST) C2: . . . S2: B002 NO [NEWNAME FOO
|
||||
BAR] Mailbox has been renamed
|
||||
|
||||
|
||||
4. Expunging of messages on a multi-accessed mailbox
|
||||
|
||||
If an external agent or multiple clients are accessing a mailbox,
|
||||
care must be taken when handling the EXPUNGE of messages. Other
|
||||
clients accessing the mailbox may be in the midst of issuing a
|
||||
command that depends upon message sequence numbers. Because an
|
||||
EXPUNGE response can not be sent while responding to a FETCH, STORE
|
||||
or SEARCH command, it is not possible to immediately notify the
|
||||
client of the EXPUNGE. This can result in ambiguity if the client
|
||||
issues a FETCH, STORE or SEARCH operation on a message that has been
|
||||
EXPUNGED.
|
||||
|
||||
|
||||
4.1. Fetching of expunged messages
|
||||
|
||||
Following are some strategies an IMAP server may choose to use when
|
||||
dealing with a FETCH command on expunged messages.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 5]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
Consider the following scenario:
|
||||
|
||||
- Client #1 and Client #2 have mailbox FOO selected.
|
||||
- There are 7 messages in the mailbox.
|
||||
- Messages 4:7 are marked for deletion.
|
||||
- Client #1 issues an EXPUNGE, to expunge messages 4:7
|
||||
|
||||
|
||||
4.1.1. The server MAY allow the EXPUNGE of a multi-accessed mailbox but
|
||||
keep the messages available to satisfy subsequent FETCH commands
|
||||
until it is able to send an EXPUNGE response to each client.
|
||||
|
||||
In some cases, the behavior of keeping "ghosted" messages may not be
|
||||
desirable. For example if a message contained offensive or sensitive
|
||||
information, one might prefer to instantaneously remove all access to
|
||||
the information, regardless of whether another client is in the midst
|
||||
of accessing it.
|
||||
|
||||
Example: (Building upon the scenario outlined in 4.1.)
|
||||
|
||||
<Client #2 is still able to access the expunged messages because the
|
||||
server has kept a 'ghosted' copy of the messages until it is able to
|
||||
notify client #2 of the EXPUNGE>
|
||||
|
||||
C2: B001 FETCH 4:7 RFC822
|
||||
S2: * 4 FETCH RFC822 . . . (RFC822 info returned)
|
||||
S2: * 5 FETCH RFC822 . . . (RFC822 info returned)
|
||||
S2: * 6 FETCH RFC822 . . . (RFC822 info returned)
|
||||
S2: * 7 FETCH RFC822 . . . (RFC822 info returned)
|
||||
S2: B001 OK FETCH Completed
|
||||
|
||||
<Client #2 issues a command where it can get notified of the EXPUNGE>
|
||||
|
||||
C2: B002 NOOP
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 3 EXISTS
|
||||
S2: B002 OK NOOP Complete
|
||||
|
||||
<Client #2 no longer has access to the expunged messages>
|
||||
|
||||
C2: B003 FETCH 4:7 RFC822
|
||||
S2: B003 NO Messages 4:7 are no longer available.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 6]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
4.1.2 The server MAY allow the EXPUNGE of a multi-accessed mailbox,
|
||||
and on subsequent FETCH commands return FETCH responses only for
|
||||
non-expunged messages and a tagged NO.
|
||||
|
||||
After receiving a tagged NO FETCH response, the client SHOULD issue a
|
||||
NOOP command so that it will be informed of any pending EXPUNGE
|
||||
responses. The client may then either reissue the failed FETCH
|
||||
command, or by examining the EXPUNGE response from the NOOP and the
|
||||
FETCH response from the FETCH, determine that the FETCH failed
|
||||
because of pending expunges.
|
||||
|
||||
Example: (Building upon the scenario outlined in 4.1.)
|
||||
|
||||
<Client #2 attempts to FETCH a mix of expunged and non-expunged
|
||||
messages. A FETCH response is returned only for then non-expunged
|
||||
messages along with a tagged NO>
|
||||
|
||||
C2: B001 FETCH 3:5 ENVELOPE
|
||||
S2: * 3 FETCH ENVELOPE . . . (ENVELOPE info returned)
|
||||
S2: B001 NO Some of the requested messages no longer exist
|
||||
|
||||
<Upon receiving a tagged NO FETCH response, Client #2 issues a NOOP
|
||||
to be informed of any pending EXPUNGE responses>
|
||||
|
||||
C2: B002 NOOP
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 3 EXISTS
|
||||
S2: B002 OK NOOP Completed.
|
||||
|
||||
<By receiving a FETCH response for message 3, and an EXPUNGE response
|
||||
that indicates messages 4:7 have been expunged, the client does not
|
||||
need to re-issue the FETCH>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 7]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
4.1.3 The server MAY allow the EXPUNGE of a multi-accessed mailbox, and
|
||||
on subsequent FETCH commands return the usual FETCH responses for
|
||||
non-expunged messages, "NIL FETCH Responses" for expunged
|
||||
messages, and a tagged OK response.
|
||||
|
||||
If all of the messages in the subsequent FETCH command have been
|
||||
expunged, the server SHOULD return only a tagged NO. In this case,
|
||||
the client SHOULD issue a NOOP command so that it will be informed of
|
||||
any pending EXPUNGE responses. The client may then either reissue
|
||||
the failed FETCH command, or by examining the EXPUNGE response from
|
||||
the NOOP, determine that the FETCH failed because of pending
|
||||
expunges.
|
||||
|
||||
"NIL FETCH responses" are a representation of empty data as
|
||||
appropriate for the FETCH argument specified.
|
||||
|
||||
Example:
|
||||
|
||||
* 1 FETCH (ENVELOPE (NIL NIL NIL NIL NIL NIL NIL NIL NIL NIL))
|
||||
* 1 FETCH (FLAGS ())
|
||||
* 1 FETCH (INTERNALDATE "00-Jan-0000 00:00:00 +0000")
|
||||
* 1 FETCH (RFC822 "")
|
||||
* 1 FETCH (RFC822.HEADER "")
|
||||
* 1 FETCH (RFC822.TEXT "")
|
||||
* 1 FETCH (RFC822.SIZE 0)
|
||||
* 1 FETCH (BODY ("TEXT" "PLAIN" NIL NIL NIL "7BIT" 0 0)
|
||||
* 1 FETCH (BODYSTRUCTURE ("TEXT" "PLAIN" NIL NIL NIL "7BIT" 0 0)
|
||||
* 1 FETCH (BODY[<section>] "")
|
||||
* 1 FETCH (BODY[<section>]<partial> "")
|
||||
|
||||
In some cases, a client may not be able to distinguish between "NIL
|
||||
FETCH responses" received because a message was expunged and those
|
||||
received because the data actually was NIL. For example, a * 5
|
||||
FETCH (FLAGS ()) response could be received if no flags were set on
|
||||
message 5, or because message 5 was expunged. In a case of potential
|
||||
ambiguity, the client SHOULD issue a command such as NOOP to force
|
||||
the sending of the EXPUNGE responses to resolve any ambiguity.
|
||||
|
||||
Example: (Building upon the scenario outlined in 4.1.)
|
||||
|
||||
<Client #2 attempts to access a mix of expunged and non-expunged
|
||||
messages. Normal data is returned for non-expunged message, "NIL
|
||||
FETCH responses" are returned for expunged messages>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 8]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
C2: B002 FETCH 3:5 ENVELOPE
|
||||
S2: * 3 FETCH ENVELOPE . . . (ENVELOPE info returned)
|
||||
S2: * 4 FETCH ENVELOPE (NIL NIL NIL NIL NIL NIL NIL NIL
|
||||
NIL NIL)
|
||||
S2: * 5 FETCH ENVELOPE (NIL NIL NIL NIL NIL NIL NIL NIL
|
||||
NIL NIL)
|
||||
S2: B002 OK FETCH Completed
|
||||
|
||||
<Client #2 attempts to FETCH only expunged messages and receives a
|
||||
tagged NO response>
|
||||
|
||||
C2: B002 FETCH 4:7 ENVELOPE
|
||||
S2: B002 NO Messages 4:7 have been expunged.
|
||||
|
||||
|
||||
4.1.4 To avoid the situation altogether, the server MAY fail the
|
||||
EXPUNGE of a multi-accessed mailbox
|
||||
|
||||
In some cases, this behavior may not be practical. For example, if a
|
||||
large number of clients are accessing a shared mailbox, the window in
|
||||
which no clients have the mailbox accessed may be small or non-
|
||||
existent, effectively rendering the message unexpungeable.
|
||||
|
||||
|
||||
4.2. Storing of expunged messages
|
||||
|
||||
Following are some strategies an IMAP server may choose to use when
|
||||
dealing with a STORE command on expunged messages.
|
||||
|
||||
|
||||
4.2.1 If the ".SILENT" suffix is used, and the STORE completed
|
||||
successfully for all the non-expunged messages, the server SHOULD
|
||||
return a tagged OK.
|
||||
|
||||
Example: (Building upon the scenario outlined in 4.1.)
|
||||
|
||||
<Client #2 tries to silently STORE flags on expunged and non-
|
||||
expunged messages. The server sets the flags on the non-expunged
|
||||
messages and returns OK>
|
||||
|
||||
C2: B001 STORE 1:7 +FLAGS.SILENT (\SEEN)
|
||||
S2: B001 OK
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 9]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
4.2.2. If the ".SILENT" suffix is not used, and only expunged messages
|
||||
are referenced, the server SHOULD return only a tagged NO.
|
||||
|
||||
Example: (Building upon the scenario outlined in 4.1.)
|
||||
|
||||
<Client #2 tries to STORE flags only on expunged messages>
|
||||
|
||||
C2: B001 STORE 5:7 +FLAGS (\SEEN)
|
||||
S2: B001 NO Messages have been expunged
|
||||
|
||||
|
||||
4.2.3. If the ".SILENT" suffix is not used, and a mixture of expunged
|
||||
and non-expunged messages are referenced, the server MAY set the
|
||||
flags and return a FETCH response for the non-expunged messages
|
||||
along with a tagged NO.
|
||||
|
||||
After receiving a tagged NO STORE response, the client SHOULD issue a
|
||||
NOOP command so that it will be informed of any pending EXPUNGE
|
||||
responses. The client may then either reissue the failed STORE
|
||||
command, or by examining the EXPUNGE responses from the NOOP and
|
||||
FETCH responses from the STORE, determine that the STORE failed
|
||||
because of pending expunges.
|
||||
|
||||
Example: (Building upon the scenario outlined in 4.1.)
|
||||
|
||||
<Client #2 tries to STORE flags on a mixture of expunged and non-
|
||||
expunged messages>
|
||||
|
||||
C2: B001 STORE 1:7 +FLAGS (\SEEN)
|
||||
S2: * FETCH 1 FLAGS (\SEEN)
|
||||
S2: * FETCH 2 FLAGS (\SEEN)
|
||||
S2: * FETCH 3 FLAGS (\SEEN)
|
||||
S2: B001 NO Some of the messages no longer exist.
|
||||
|
||||
C2: B002 NOOP
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 3 EXISTS
|
||||
S2: B002 OK NOOP Completed.
|
||||
|
||||
<By receiving FETCH responses for messages 1:3, and an EXPUNGE
|
||||
response that indicates messages 4:7 have been expunged, the client
|
||||
does not need to re-issue the STORE>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 10]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
4.2.4. If the ".SILENT" suffix is not used, and a mixture of expunged
|
||||
and non-expunged messages are referenced, the server MAY return
|
||||
an untagged NO and not set any flags.
|
||||
|
||||
After receiving a tagged NO STORE response, the client SHOULD issue a
|
||||
NOOP command so that it will be informed of any pending EXPUNGE
|
||||
responses. The client would then re-issue the STORE command after
|
||||
updating its message list per any EXPUNGE response.
|
||||
|
||||
If a large number of clients are accessing a shared mailbox, the
|
||||
window in which there are no pending expunges may be small or non-
|
||||
existent, effectively disallowing a client from setting the flags on
|
||||
all messages at once.
|
||||
|
||||
Example: (Building upon the scenario outlined in 4.1.)
|
||||
|
||||
<Client #2 tries to STORE flags on a mixture of expunged and non-
|
||||
expunged messages>
|
||||
|
||||
C2: B001 STORE 1:7 +FLAGS (\SEEN)
|
||||
S2: B001 NO Some of the messages no longer exist.
|
||||
|
||||
<Client #2 issues a NOOP to be informed of the EXPUNGED messages>
|
||||
|
||||
C2: B002 NOOP
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 4 EXPUNGE
|
||||
S2: * 3 EXISTS
|
||||
S2: B002 OK NOOP Completed.
|
||||
|
||||
<Client #2 updates its message list and re-issues the STORE on only
|
||||
those messages that have not been expunged>
|
||||
|
||||
C2: B003 STORE 1:3 +FLAGS (\SEEN) S2: * FETCH 1 FLAGS
|
||||
(\SEEN) S2: * FETCH 2 FLAGS (\SEEN) S2: * FETCH 3 FLAGS
|
||||
(\SEEN) S2: B003 OK STORE Completed
|
||||
|
||||
|
||||
4.3. Searching of expunged messages
|
||||
|
||||
A server MAY simply not return a search response for messages that
|
||||
have been expunged and it has not been able to inform the client
|
||||
about. If a client was expecting a particular message to be returned
|
||||
in a search result, and it was not, the client SHOULD issue a NOOP
|
||||
command to see if the message was expunged by another client.
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 11]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
4.4 Copying of expunged messages
|
||||
|
||||
COPY is the only IMAP4 sequence number command that is safe to allow
|
||||
an EXPUNGE response on. This is because a client is not permitted to
|
||||
cascade several COPY commands together. A client is required to wait
|
||||
and confirm that the copy worked before issuing another one.
|
||||
|
||||
4.4.1 The server MAY disallow the COPY of messages in a multi-access
|
||||
mailbox that contains expunged messages.
|
||||
|
||||
Pending EXPUNGE response(s) MUST be returned to the COPY command.
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 COPY 2,4,6,8 FRED
|
||||
S: * 4 EXPUNGE
|
||||
S: A001 NO COPY rejected, because some of the requested
|
||||
messages were expunged
|
||||
|
||||
Note: Non of the above messages are copied because if a COPY command
|
||||
is unsuccessful, the server MUST restore the destination mailbox to
|
||||
its state before the COPY attempt.
|
||||
|
||||
|
||||
4.4.2 The server MAY allow the COPY of messages in a multi-access
|
||||
mailbox that contains expunged messages.
|
||||
|
||||
Pending EXPUNGE response(s) MUST be returned to the COPY command.
|
||||
Messages that are copied are messages corresponding to sequence
|
||||
numbers before any EXPUNGE response.
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 COPY 2,4,6,8 FRED
|
||||
S: * 3 EXPUNGE
|
||||
S: A001 OK COPY completed
|
||||
|
||||
In the above example, the messages that are copied to FRED are
|
||||
messages 2,4,6,8 at the start of the COPY command. These are
|
||||
equivalent to messages 2,3,5,7 at the end of the COPY command. The
|
||||
EXPUNGE response can't take place until after the messages from the
|
||||
COPY command are identified (because of the "no expunge while no
|
||||
commands in progress" rule).
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 12]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 COPY 2,4,6,8 FRED
|
||||
S: * 4 EXPUNGE
|
||||
S: A001 OK COPY completed
|
||||
|
||||
In the above example, message 4 was copied before it was expunged,
|
||||
and MUST appear in the destination mailbox FRED.
|
||||
|
||||
|
||||
5. Security Considerations
|
||||
|
||||
This document describes behavior of servers that use the IMAP4
|
||||
protocol, and as such, has the same security considerations as
|
||||
described in [RFC-2060].
|
||||
|
||||
In particular, some described server behavior does not allow for the
|
||||
immediate deletion of information when a mailbox is accessed by
|
||||
multiple clients. This may be a consideration when dealing with
|
||||
sensitive information where immediate deletion would be preferred.
|
||||
|
||||
|
||||
6. References
|
||||
|
||||
[RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, University of Washington, December 1996.
|
||||
|
||||
[RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", RFC 2119, Harvard University, March 1997.
|
||||
|
||||
|
||||
7. Acknowledgments
|
||||
|
||||
This document is the result of discussions on the IMAP4 mailing list
|
||||
and is meant to reflect consensus of this group. In particular,
|
||||
Raymond Cheng, Mark Crispin, Jim Evans, Erik Forsberg, Steve Hole,
|
||||
Mark Keasling, Barry Leiba, Syd Logan, John Mani, Pat Moran, Larry
|
||||
Osterman, Chris Newman, Bart Schaefer, Vladimir Vulovic, and Jack De
|
||||
Winter were active participants in this discussion or made
|
||||
suggestions to this document.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 13]
|
||||
|
||||
RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
|
||||
|
||||
|
||||
8. Author's Address
|
||||
|
||||
Mike Gahrns
|
||||
Microsoft
|
||||
One Microsoft Way
|
||||
Redmond, WA, 98072
|
||||
|
||||
Phone: (206) 936-9833
|
||||
EMail: mikega@microsoft.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Informational [Page 14]
|
||||
|
899
docs/rfcs/rfc2192.txt
Normal file
899
docs/rfcs/rfc2192.txt
Normal file
@ -0,0 +1,899 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group C. Newman
|
||||
Request for Comments: 2192 Innosoft
|
||||
Category: Standards Track September 1997
|
||||
|
||||
|
||||
IMAP URL Scheme
|
||||
|
||||
|
||||
Status of this memo
|
||||
|
||||
This document specifies an Internet standards track protocol for
|
||||
the Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is
|
||||
unlimited.
|
||||
|
||||
|
||||
Abstract
|
||||
|
||||
IMAP [IMAP4] is a rich protocol for accessing remote message
|
||||
stores. It provides an ideal mechanism for accessing public
|
||||
mailing list archives as well as private and shared message stores.
|
||||
This document defines a URL scheme for referencing objects on an
|
||||
IMAP server.
|
||||
|
||||
|
||||
1. Conventions used in this document
|
||||
|
||||
The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
|
||||
in this document are to be interpreted as defined in "Key words for
|
||||
use in RFCs to Indicate Requirement Levels" [KEYWORDS].
|
||||
|
||||
|
||||
2. IMAP scheme
|
||||
|
||||
The IMAP URL scheme is used to designate IMAP servers, mailboxes,
|
||||
messages, MIME bodies [MIME], and search programs on Internet hosts
|
||||
accessible using the IMAP protocol.
|
||||
|
||||
The IMAP URL follows the common Internet scheme syntax as defined
|
||||
in RFC 1738 [BASIC-URL] except that clear text passwords are not
|
||||
permitted. If :<port> is omitted, the port defaults to 143.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 1]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
An IMAP URL takes one of the following forms:
|
||||
|
||||
imap://<iserver>/
|
||||
imap://<iserver>/<enc_list_mailbox>;TYPE=<list_type>
|
||||
imap://<iserver>/<enc_mailbox>[uidvalidity][?<enc_search>]
|
||||
imap://<iserver>/<enc_mailbox>[uidvalidity]<iuid>[isection]
|
||||
|
||||
The first form is used to refer to an IMAP server, the second form
|
||||
refers to a list of mailboxes, the third form refers to the
|
||||
contents of a mailbox or a set of messages resulting from a search,
|
||||
and the final form refers to a specific message or message part.
|
||||
Note that the syntax here is informal. The authoritative formal
|
||||
syntax for IMAP URLs is defined in section 11.
|
||||
|
||||
|
||||
3. IMAP User Name and Authentication Mechanism
|
||||
|
||||
A user name and/or authentication mechanism may be supplied. They
|
||||
are used in the "LOGIN" or "AUTHENTICATE" commands after making the
|
||||
connection to the IMAP server. If no user name or authentication
|
||||
mechanism is supplied, the user name "anonymous" is used with the
|
||||
"LOGIN" command and the password is supplied as the Internet e-mail
|
||||
address of the end user accessing the resource. If the URL doesn't
|
||||
supply a user name, the program interpreting the IMAP URL SHOULD
|
||||
request one from the user if necessary.
|
||||
|
||||
An authentication mechanism can be expressed by adding
|
||||
";AUTH=<enc_auth_type>" to the end of the user name. When such an
|
||||
<enc_auth_type> is indicated, the client SHOULD request appropriate
|
||||
credentials from that mechanism and use the "AUTHENTICATE" command
|
||||
instead of the "LOGIN" command. If no user name is specified, one
|
||||
SHOULD be obtained from the mechanism or requested from the user as
|
||||
appropriate.
|
||||
|
||||
The string ";AUTH=*" indicates that the client SHOULD select an
|
||||
appropriate authentication mechanism. It MAY use any mechanism
|
||||
listed in the CAPABILITY command or use an out of band security
|
||||
service resulting in a PREAUTH connection. If no user name is
|
||||
specified and no appropriate authentication mechanisms are
|
||||
available, the client SHOULD fall back to anonymous login as
|
||||
described above. This allows a URL which grants read-write access
|
||||
to authorized users, and read-only anonymous access to other users.
|
||||
|
||||
If a user name is included with no authentication mechanism, then
|
||||
";AUTH=*" is assumed.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 2]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
Since URLs can easily come from untrusted sources, care must be
|
||||
taken when resolving a URL which requires or requests any sort of
|
||||
authentication. If authentication credentials are supplied to the
|
||||
wrong server, it may compromise the security of the user's account.
|
||||
The program resolving the URL should make sure it meets at least
|
||||
one of the following criteria in this case:
|
||||
|
||||
(1) The URL comes from a trusted source, such as a referral server
|
||||
which the client has validated and trusts according to site policy.
|
||||
Note that user entry of the URL may or may not count as a trusted
|
||||
source, depending on the experience level of the user and site
|
||||
policy.
|
||||
(2) Explicit local site policy permits the client to connect to the
|
||||
server in the URL. For example, if the client knows the site
|
||||
domain name, site policy may dictate that any hostname ending in
|
||||
that domain is trusted.
|
||||
(3) The user confirms that connecting to that domain name with the
|
||||
specified credentials and/or mechanism is permitted.
|
||||
(4) A mechanism is used which validates the server before passing
|
||||
potentially compromising client credentials.
|
||||
(5) An authentication mechanism is used which will not reveal
|
||||
information to the server which could be used to compromise future
|
||||
connections.
|
||||
|
||||
URLs which do not include a user name must be treated with extra
|
||||
care, since they are more likely to compromise the user's primary
|
||||
account. A URL containing ";AUTH=*" must also be treated with
|
||||
extra care since it might fall back on a weaker security mechanism.
|
||||
Finally, clients are discouraged from using a plain text password
|
||||
as a fallback with ";AUTH=*" unless the connection has strong
|
||||
encryption (e.g. a key length of greater than 56 bits).
|
||||
|
||||
A program interpreting IMAP URLs MAY cache open connections to an
|
||||
IMAP server for later re-use. If a URL contains a user name, only
|
||||
connections authenticated as that user may be re-used. If a URL
|
||||
does not contain a user name or authentication mechanism, then only
|
||||
an anonymous connection may be re-used. If a URL contains an
|
||||
authentication mechanism without a user name, then any non-
|
||||
anonymous connection may be re-used.
|
||||
|
||||
Note that if unsafe or reserved characters such as " " or ";" are
|
||||
present in the user name or authentication mechanism, they MUST be
|
||||
encoded as described in RFC 1738 [BASIC-URL].
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 3]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
4. IMAP server
|
||||
|
||||
An IMAP URL referring to an IMAP server has the following form:
|
||||
|
||||
imap://<iserver>/
|
||||
|
||||
A program interpreting this URL would issue the standard set of
|
||||
commands it uses to present a view of the contents of an IMAP
|
||||
server. This is likely to be semanticly equivalent to one of the
|
||||
following URLs:
|
||||
|
||||
imap://<iserver>/;TYPE=LIST
|
||||
imap://<iserver>/;TYPE=LSUB
|
||||
|
||||
The program interpreting this URL SHOULD use the LSUB form if it
|
||||
supports mailbox subscriptions.
|
||||
|
||||
|
||||
5. Lists of mailboxes
|
||||
|
||||
An IMAP URL referring to a list of mailboxes has the following
|
||||
form:
|
||||
|
||||
imap://<iserver>/<enc_list_mailbox>;TYPE=<list_type>
|
||||
|
||||
The <list_type> may be either "LIST" or "LSUB", and is case
|
||||
insensitive. The field ";TYPE=<list_type>" MUST be included.
|
||||
|
||||
The <enc_list_mailbox> is any argument suitable for the
|
||||
list_mailbox field of the IMAP [IMAP4] LIST or LSUB commands. The
|
||||
field <enc_list_mailbox> may be omitted, in which case the program
|
||||
interpreting the IMAP URL may use "*" or "%" as the
|
||||
<enc_list_mailbox>. The program SHOULD use "%" if it supports a
|
||||
hierarchical view, otherwise it SHOULD use "*".
|
||||
|
||||
Note that if unsafe or reserved characters such as " " or "%" are
|
||||
present in <enc_list_mailbox> they MUST be encoded as described in
|
||||
RFC 1738 [BASIC-URL]. If the character "/" is present in
|
||||
enc_list_mailbox, it SHOULD NOT be encoded.
|
||||
|
||||
|
||||
6. Lists of messages
|
||||
|
||||
An IMAP URL referring to a list of messages has the following form:
|
||||
|
||||
imap://<iserver>/<enc_mailbox>[uidvalidity][?<enc_search>]
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 4]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
The <enc_mailbox> field is used as the argument to the IMAP4
|
||||
"SELECT" command. Note that if unsafe or reserved characters such
|
||||
as " ", ";", or "?" are present in <enc_mailbox> they MUST be
|
||||
encoded as described in RFC 1738 [BASIC-URL]. If the character "/"
|
||||
is present in enc_mailbox, it SHOULD NOT be encoded.
|
||||
|
||||
The [uidvalidity] field is optional. If it is present, it MUST be
|
||||
the argument to the IMAP4 UIDVALIDITY status response at the time
|
||||
the URL was created. This SHOULD be used by the program
|
||||
interpreting the IMAP URL to determine if the URL is stale.
|
||||
|
||||
The [?<enc_search>] field is optional. If it is not present, the
|
||||
contents of the mailbox SHOULD be presented by the program
|
||||
interpreting the URL. If it is present, it SHOULD be used as the
|
||||
arguments following an IMAP4 SEARCH command with unsafe characters
|
||||
such as " " (which are likely to be present in the <enc_search>)
|
||||
encoded as described in RFC 1738 [BASIC-URL].
|
||||
|
||||
|
||||
7. A specific message or message part
|
||||
|
||||
An IMAP URL referring to a specific message or message part has the
|
||||
following form:
|
||||
|
||||
imap://<iserver>/<enc_mailbox>[uidvalidity]<iuid>[isection]
|
||||
|
||||
The <enc_mailbox> and [uidvalidity] are as defined above.
|
||||
|
||||
If [uidvalidity] is present in this form, it SHOULD be used by the
|
||||
program interpreting the URL to determine if the URL is stale.
|
||||
|
||||
The <iuid> refers to an IMAP4 message UID, and SHOULD be used as
|
||||
the <set> argument to the IMAP4 "UID FETCH" command.
|
||||
|
||||
The [isection] field is optional. If not present, the URL refers
|
||||
to the entire Internet message as returned by the IMAP command "UID
|
||||
FETCH <uid> BODY.PEEK[]". If present, the URL refers to the object
|
||||
returned by a "UID FETCH <uid> BODY.PEEK[<section>]" command. The
|
||||
type of the object may be determined with a "UID FETCH <uid>
|
||||
BODYSTRUCTURE" command and locating the appropriate part in the
|
||||
resulting BODYSTRUCTURE. Note that unsafe characters in [isection]
|
||||
MUST be encoded as described in [BASIC-URL].
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 5]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
8. Relative IMAP URLs
|
||||
|
||||
Relative IMAP URLs are permitted and are resolved according to the
|
||||
rules defined in RFC 1808 [REL-URL] with one exception. In IMAP
|
||||
URLs, parameters are treated as part of the normal path with
|
||||
respect to relative URL resolution. This is believed to be the
|
||||
behavior of the installed base and is likely to be documented in a
|
||||
future revision of the relative URL specification.
|
||||
|
||||
The following observations are also important:
|
||||
|
||||
The <iauth> grammar element is considered part of the user name for
|
||||
purposes of resolving relative IMAP URLs. This means that unless a
|
||||
new login/server specification is included in the relative URL, the
|
||||
authentication mechanism is inherited from a base IMAP URL.
|
||||
|
||||
URLs always use "/" as the hierarchy delimiter for the purpose of
|
||||
resolving paths in relative URLs. IMAP4 permits the use of any
|
||||
hierarchy delimiter in mailbox names. For this reason, relative
|
||||
mailbox paths will only work if the mailbox uses "/" as the
|
||||
hierarchy delimiter. Relative URLs may be used on mailboxes which
|
||||
use other delimiters, but in that case, the entire mailbox name
|
||||
MUST be specified in the relative URL or inherited as a whole from
|
||||
the base URL.
|
||||
|
||||
The base URL for a list of mailboxes or messages which was referred
|
||||
to by an IMAP URL is always the referring IMAP URL itself. The
|
||||
base URL for a message or message part which was referred to by an
|
||||
IMAP URL may be more complicated to determine. The program
|
||||
interpreting the relative URL will have to check the headers of the
|
||||
MIME entity and any enclosing MIME entities in order to locate the
|
||||
"Content-Base" and "Content-Location" headers. These headers are
|
||||
used to determine the base URL as defined in [HTTP]. For example,
|
||||
if the referring IMAP URL contains a "/;SECTION=1.2" parameter,
|
||||
then the MIME headers for section 1.2, for section 1, and for the
|
||||
enclosing message itself SHOULD be checked in that order for
|
||||
"Content-Base" or "Content-Location" headers.
|
||||
|
||||
|
||||
9. Multinational Considerations
|
||||
|
||||
IMAP4 [IMAP4] section 5.1.3 includes a convention for encoding
|
||||
non-US-ASCII characters in IMAP mailbox names. Because this
|
||||
convention is private to IMAP, it is necessary to convert IMAP's
|
||||
encoding to one that can be more easily interpreted by a URL
|
||||
display program. For this reason, IMAP's modified UTF-7 encoding
|
||||
for mailboxes MUST be converted to UTF-8 [UTF8]. Since 8-bit
|
||||
characters are not permitted in URLs, the UTF-8 characters are
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 6]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
encoded as required by the URL specification [BASIC-URL]. Sample
|
||||
code is included in Appendix A to demonstrate this conversion.
|
||||
|
||||
|
||||
10. Examples
|
||||
|
||||
The following examples demonstrate how an IMAP4 client program
|
||||
might translate various IMAP4 URLs into a series of IMAP4 commands.
|
||||
Commands sent from the client to the server are prefixed with "C:",
|
||||
and responses sent from the server to the client are prefixed with
|
||||
"S:".
|
||||
|
||||
The URL:
|
||||
|
||||
<imap://minbari.org/gray-council;UIDVALIDITY=385759045/;UID=20>
|
||||
|
||||
Results in the following client commands:
|
||||
|
||||
<connect to minbari.org, port 143>
|
||||
C: A001 LOGIN ANONYMOUS sheridan@babylon5.org
|
||||
C: A002 SELECT gray-council
|
||||
<client verifies the UIDVALIDITY matches>
|
||||
C: A003 UID FETCH 20 BODY.PEEK[]
|
||||
|
||||
The URL:
|
||||
|
||||
<imap://michael@minbari.org/users.*;type=list>
|
||||
|
||||
Results in the following client commands:
|
||||
|
||||
<client requests password from user>
|
||||
<connect to minbari.org imap server, activate strong encryption>
|
||||
C: A001 LOGIN MICHAEL zipper
|
||||
C: A002 LIST "" users.*
|
||||
|
||||
The URL:
|
||||
|
||||
<imap://psicorp.org/~peter/%E6%97%A5%E6%9C%AC%E8%AA%9E/
|
||||
%E5%8F%B0%E5%8C%97>
|
||||
|
||||
Results in the following client commands:
|
||||
|
||||
<connect to psicorp.org, port 143>
|
||||
C: A001 LOGIN ANONYMOUS bester@psycop.psicorp.org
|
||||
C: A002 SELECT ~peter/&ZeVnLIqe-/&U,BTFw-
|
||||
<commands the client uses for viewing the contents of a mailbox>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 7]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
The URL:
|
||||
|
||||
<imap://;AUTH=KERBEROS_V4@minbari.org/gray-council/;uid=20/
|
||||
;section=1.2>
|
||||
|
||||
Results in the following client commands:
|
||||
|
||||
<connect to minbari.org, port 143>
|
||||
C: A001 AUTHENTICATE KERBEROS_V4
|
||||
<authentication exchange>
|
||||
C: A002 SELECT gray-council
|
||||
C: A003 UID FETCH 20 BODY.PEEK[1.2]
|
||||
|
||||
If the following relative URL is located in that body part:
|
||||
|
||||
<;section=1.4>
|
||||
|
||||
This could result in the following client commands:
|
||||
|
||||
C: A004 UID FETCH 20 (BODY.PEEK[1.2.MIME]
|
||||
BODY.PEEK[1.MIME]
|
||||
BODY.PEEK[HEADER.FIELDS (Content-Base Content-Location)])
|
||||
<Client looks for Content-Base or Content-Location headers in
|
||||
result. If no such headers, then it does the following>
|
||||
C: A005 UID FETCH 20 BODY.PEEK[1.4]
|
||||
|
||||
The URL:
|
||||
|
||||
<imap://;AUTH=*@minbari.org/gray%20council?SUBJECT%20shadows>
|
||||
|
||||
Could result in the following:
|
||||
|
||||
<connect to minbari.org, port 143>
|
||||
C: A001 CAPABILITY
|
||||
S: * CAPABILITY IMAP4rev1 AUTH=GSSAPI
|
||||
S: A001 OK
|
||||
C: A002 AUTHENTICATE GSSAPI
|
||||
<authentication exchange>
|
||||
S: A002 OK user lennier authenticated
|
||||
C: A003 SELECT "gray council"
|
||||
...
|
||||
C: A004 SEARCH SUBJECT shadows
|
||||
S: * SEARCH 8 10 13 14 15 16
|
||||
S: A004 OK SEARCH completed
|
||||
C: A005 FETCH 8,10,13:16 ALL
|
||||
...
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 8]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
NOTE: In this final example, the client has implementation
|
||||
dependent choices. The authentication mechanism could be anything,
|
||||
including PREAUTH. And the final FETCH command could fetch more or
|
||||
less information about the messages, depending on what it wishes to
|
||||
display to the user.
|
||||
|
||||
|
||||
11. Security Considerations
|
||||
|
||||
Security considerations discussed in the IMAP specification [IMAP4]
|
||||
and the URL specification [BASIC-URL] are relevant. Security
|
||||
considerations related to authenticated URLs are discussed in
|
||||
section 3 of this document.
|
||||
|
||||
Many email clients store the plain text password for later use
|
||||
after logging into an IMAP server. Such clients MUST NOT use a
|
||||
stored password in response to an IMAP URL without explicit
|
||||
permission from the user to supply that password to the specified
|
||||
host name.
|
||||
|
||||
|
||||
12. ABNF for IMAP URL scheme
|
||||
|
||||
This uses ABNF as defined in RFC 822 [IMAIL]. Terminals from the
|
||||
BNF for IMAP [IMAP4] and URLs [BASIC-URL] are also used. Strings
|
||||
are not case sensitive and free insertion of linear-white-space is
|
||||
not permitted.
|
||||
|
||||
achar = uchar / "&" / "=" / "~"
|
||||
; see [BASIC-URL] for "uchar" definition
|
||||
|
||||
bchar = achar / ":" / "@" / "/"
|
||||
|
||||
enc_auth_type = 1*achar
|
||||
; encoded version of [IMAP-AUTH] "auth_type"
|
||||
|
||||
enc_list_mailbox = 1*bchar
|
||||
; encoded version of [IMAP4] "list_mailbox"
|
||||
|
||||
enc_mailbox = 1*bchar
|
||||
; encoded version of [IMAP4] "mailbox"
|
||||
|
||||
enc_search = 1*bchar
|
||||
; encoded version of search_program below
|
||||
|
||||
enc_section = 1*bchar
|
||||
; encoded version of section below
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 9]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
enc_user = 1*achar
|
||||
; encoded version of [IMAP4] "userid"
|
||||
|
||||
imapurl = "imap://" iserver "/" [ icommand ]
|
||||
|
||||
iauth = ";AUTH=" ( "*" / enc_auth_type )
|
||||
|
||||
icommand = imailboxlist / imessagelist / imessagepart
|
||||
|
||||
imailboxlist = [enc_list_mailbox] ";TYPE=" list_type
|
||||
|
||||
imessagelist = enc_mailbox [ "?" enc_search ] [uidvalidity]
|
||||
|
||||
imessagepart = enc_mailbox [uidvalidity] iuid [isection]
|
||||
|
||||
isection = "/;SECTION=" enc_section
|
||||
|
||||
iserver = [iuserauth "@"] hostport
|
||||
; See [BASIC-URL] for "hostport" definition
|
||||
|
||||
iuid = "/;UID=" nz_number
|
||||
; See [IMAP4] for "nz_number" definition
|
||||
|
||||
iuserauth = enc_user [iauth] / [enc_user] iauth
|
||||
|
||||
list_type = "LIST" / "LSUB"
|
||||
|
||||
search_program = ["CHARSET" SPACE astring SPACE]
|
||||
search_key *(SPACE search_key)
|
||||
; IMAP4 literals may not be used
|
||||
; See [IMAP4] for "astring" and "search_key"
|
||||
|
||||
section = section_text / (nz_number *["." nz_number]
|
||||
["." (section_text / "MIME")])
|
||||
; See [IMAP4] for "section_text" and "nz_number"
|
||||
|
||||
uidvalidity = ";UIDVALIDITY=" nz_number
|
||||
; See [IMAP4] for "nz_number" definition
|
||||
|
||||
13. References
|
||||
|
||||
[BASIC-URL] Berners-Lee, Masinter, McCahill, "Uniform Resource
|
||||
Locators (URL)", RFC 1738, CERN, Xerox Corporation, University of
|
||||
Minnesota, December 1994.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc1738.txt>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 10]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, University of Washington, December 1996.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc2060.txt>
|
||||
|
||||
[IMAP-AUTH] Myers, J., "IMAP4 Authentication Mechanism", RFC 1731,
|
||||
Carnegie-Mellon University, December 1994.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc1731.txt>
|
||||
|
||||
[HTTP] Fielding, Gettys, Mogul, Frystyk, Berners-Lee, "Hypertext
|
||||
Transfer Protocol -- HTTP/1.1", RFC 2068, UC Irvine, DEC, MIT/LCS,
|
||||
January 1997.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc2068.txt>
|
||||
|
||||
[IMAIL] Crocker, "Standard for the Format of ARPA Internet Text
|
||||
Messages", STD 11, RFC 822, University of Delaware, August 1982.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc822.txt>
|
||||
|
||||
[KEYWORDS] Bradner, "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", RFC 2119, Harvard University, March 1997.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc2119.txt>
|
||||
|
||||
[MIME] Freed, N., Borenstein, N., "Multipurpose Internet Mail
|
||||
Extensions", RFC 2045, Innosoft, First Virtual, November 1996.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc2045.txt>
|
||||
|
||||
[REL-URL] Fielding, "Relative Uniform Resource Locators", RFC 1808,
|
||||
UC Irvine, June 1995.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc1808.txt>
|
||||
|
||||
[UTF8] Yergeau, F. "UTF-8, a transformation format of Unicode and
|
||||
ISO 10646", RFC 2044, Alis Technologies, October 1996.
|
||||
|
||||
<ftp://ds.internic.net/rfc/rfc2044.txt>
|
||||
|
||||
14. Author's Address
|
||||
|
||||
Chris Newman
|
||||
Innosoft International, Inc.
|
||||
1050 Lakes Drive
|
||||
West Covina, CA 91790 USA
|
||||
EMail: chris.newman@innosoft.com
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 11]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
Appendix A. Sample code
|
||||
|
||||
Here is sample C source code to convert between URL paths and IMAP
|
||||
mailbox names, taking into account mapping between IMAP's modified UTF-7
|
||||
[IMAP4] and hex-encoded UTF-8 which is more appropriate for URLs. This
|
||||
code has not been rigorously tested nor does it necessarily behave
|
||||
reasonably with invalid input, but it should serve as a useful example.
|
||||
This code just converts the mailbox portion of the URL and does not deal
|
||||
with parameters, query or server components of the URL.
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
/* hexadecimal lookup table */
|
||||
static char hex[] = "0123456789ABCDEF";
|
||||
|
||||
/* URL unsafe printable characters */
|
||||
static char urlunsafe[] = " \"#%&+:;<=>?@[\\]^`{|}";
|
||||
|
||||
/* UTF7 modified base64 alphabet */
|
||||
static char base64chars[] =
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+,";
|
||||
#define UNDEFINED 64
|
||||
|
||||
/* UTF16 definitions */
|
||||
#define UTF16MASK 0x03FFUL
|
||||
#define UTF16SHIFT 10
|
||||
#define UTF16BASE 0x10000UL
|
||||
#define UTF16HIGHSTART 0xD800UL
|
||||
#define UTF16HIGHEND 0xDBFFUL
|
||||
#define UTF16LOSTART 0xDC00UL
|
||||
#define UTF16LOEND 0xDFFFUL
|
||||
|
||||
/* Convert an IMAP mailbox to a URL path
|
||||
* dst needs to have roughly 4 times the storage space of src
|
||||
* Hex encoding can triple the size of the input
|
||||
* UTF-7 can be slightly denser than UTF-8
|
||||
* (worst case: 8 octets UTF-7 becomes 9 octets UTF-8)
|
||||
*/
|
||||
void MailboxToURL(char *dst, char *src)
|
||||
{
|
||||
unsigned char c, i, bitcount;
|
||||
unsigned long ucs4, utf16, bitbuf;
|
||||
unsigned char base64[256], utf8[6];
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 12]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
/* initialize modified base64 decoding table */
|
||||
memset(base64, UNDEFINED, sizeof (base64));
|
||||
for (i = 0; i < sizeof (base64chars); ++i) {
|
||||
base64[base64chars[i]] = i;
|
||||
}
|
||||
|
||||
/* loop until end of string */
|
||||
while (*src != '\0') {
|
||||
c = *src++;
|
||||
/* deal with literal characters and &- */
|
||||
if (c != '&' || *src == '-') {
|
||||
if (c < ' ' || c > '~' || strchr(urlunsafe, c) != NULL) {
|
||||
/* hex encode if necessary */
|
||||
dst[0] = '%';
|
||||
dst[1] = hex[c >> 4];
|
||||
dst[2] = hex[c & 0x0f];
|
||||
dst += 3;
|
||||
} else {
|
||||
/* encode literally */
|
||||
*dst++ = c;
|
||||
}
|
||||
/* skip over the '-' if this is an &- sequence */
|
||||
if (c == '&') ++src;
|
||||
} else {
|
||||
/* convert modified UTF-7 -> UTF-16 -> UCS-4 -> UTF-8 -> HEX */
|
||||
bitbuf = 0;
|
||||
bitcount = 0;
|
||||
ucs4 = 0;
|
||||
while ((c = base64[(unsigned char) *src]) != UNDEFINED) {
|
||||
++src;
|
||||
bitbuf = (bitbuf << 6) | c;
|
||||
bitcount += 6;
|
||||
/* enough bits for a UTF-16 character? */
|
||||
if (bitcount >= 16) {
|
||||
bitcount -= 16;
|
||||
utf16 = (bitcount ? bitbuf >> bitcount
|
||||
: bitbuf) & 0xffff;
|
||||
/* convert UTF16 to UCS4 */
|
||||
if
|
||||
(utf16 >= UTF16HIGHSTART && utf16 <= UTF16HIGHEND) {
|
||||
ucs4 = (utf16 - UTF16HIGHSTART) << UTF16SHIFT;
|
||||
continue;
|
||||
} else if
|
||||
(utf16 >= UTF16LOSTART && utf16 <= UTF16LOEND) {
|
||||
ucs4 += utf16 - UTF16LOSTART + UTF16BASE;
|
||||
} else {
|
||||
ucs4 = utf16;
|
||||
}
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 13]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
/* convert UTF-16 range of UCS4 to UTF-8 */
|
||||
if (ucs4 <= 0x7fUL) {
|
||||
utf8[0] = ucs4;
|
||||
i = 1;
|
||||
} else if (ucs4 <= 0x7ffUL) {
|
||||
utf8[0] = 0xc0 | (ucs4 >> 6);
|
||||
utf8[1] = 0x80 | (ucs4 & 0x3f);
|
||||
i = 2;
|
||||
} else if (ucs4 <= 0xffffUL) {
|
||||
utf8[0] = 0xe0 | (ucs4 >> 12);
|
||||
utf8[1] = 0x80 | ((ucs4 >> 6) & 0x3f);
|
||||
utf8[2] = 0x80 | (ucs4 & 0x3f);
|
||||
i = 3;
|
||||
} else {
|
||||
utf8[0] = 0xf0 | (ucs4 >> 18);
|
||||
utf8[1] = 0x80 | ((ucs4 >> 12) & 0x3f);
|
||||
utf8[2] = 0x80 | ((ucs4 >> 6) & 0x3f);
|
||||
utf8[3] = 0x80 | (ucs4 & 0x3f);
|
||||
i = 4;
|
||||
}
|
||||
/* convert utf8 to hex */
|
||||
for (c = 0; c < i; ++c) {
|
||||
dst[0] = '%';
|
||||
dst[1] = hex[utf8[c] >> 4];
|
||||
dst[2] = hex[utf8[c] & 0x0f];
|
||||
dst += 3;
|
||||
}
|
||||
}
|
||||
}
|
||||
/* skip over trailing '-' in modified UTF-7 encoding */
|
||||
if (*src == '-') ++src;
|
||||
}
|
||||
}
|
||||
/* terminate destination string */
|
||||
*dst = '\0';
|
||||
}
|
||||
|
||||
/* Convert hex coded UTF-8 URL path to modified UTF-7 IMAP mailbox
|
||||
* dst should be about twice the length of src to deal with non-hex
|
||||
* coded URLs
|
||||
*/
|
||||
void URLtoMailbox(char *dst, char *src)
|
||||
{
|
||||
unsigned int utf8pos, utf8total, i, c, utf7mode, bitstogo, utf16flag;
|
||||
unsigned long ucs4, bitbuf;
|
||||
unsigned char hextab[256];
|
||||
|
||||
/* initialize hex lookup table */
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 14]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
memset(hextab, 0, sizeof (hextab));
|
||||
for (i = 0; i < sizeof (hex); ++i) {
|
||||
hextab[hex[i]] = i;
|
||||
if (isupper(hex[i])) hextab[tolower(hex[i])] = i;
|
||||
}
|
||||
|
||||
utf7mode = 0;
|
||||
utf8total = 0;
|
||||
bitstogo = 0;
|
||||
while ((c = *src) != '\0') {
|
||||
++src;
|
||||
/* undo hex-encoding */
|
||||
if (c == '%' && src[0] != '\0' && src[1] != '\0') {
|
||||
c = (hextab[src[0]] << 4) | hextab[src[1]];
|
||||
src += 2;
|
||||
}
|
||||
/* normal character? */
|
||||
if (c >= ' ' && c <= '~') {
|
||||
/* switch out of UTF-7 mode */
|
||||
if (utf7mode) {
|
||||
if (bitstogo) {
|
||||
*dst++ = base64chars[(bitbuf << (6 - bitstogo)) & 0x3F];
|
||||
}
|
||||
*dst++ = '-';
|
||||
utf7mode = 0;
|
||||
}
|
||||
*dst++ = c;
|
||||
/* encode '&' as '&-' */
|
||||
if (c == '&') {
|
||||
*dst++ = '-';
|
||||
}
|
||||
continue;
|
||||
}
|
||||
/* switch to UTF-7 mode */
|
||||
if (!utf7mode) {
|
||||
*dst++ = '&';
|
||||
utf7mode = 1;
|
||||
}
|
||||
/* Encode US-ASCII characters as themselves */
|
||||
if (c < 0x80) {
|
||||
ucs4 = c;
|
||||
utf8total = 1;
|
||||
} else if (utf8total) {
|
||||
/* save UTF8 bits into UCS4 */
|
||||
ucs4 = (ucs4 << 6) | (c & 0x3FUL);
|
||||
if (++utf8pos < utf8total) {
|
||||
continue;
|
||||
}
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 15]
|
||||
|
||||
RFC 2192 IMAP URL Scheme September 1997
|
||||
|
||||
|
||||
} else {
|
||||
utf8pos = 1;
|
||||
if (c < 0xE0) {
|
||||
utf8total = 2;
|
||||
ucs4 = c & 0x1F;
|
||||
} else if (c < 0xF0) {
|
||||
utf8total = 3;
|
||||
ucs4 = c & 0x0F;
|
||||
} else {
|
||||
/* NOTE: can't convert UTF8 sequences longer than 4 */
|
||||
utf8total = 4;
|
||||
ucs4 = c & 0x03;
|
||||
}
|
||||
continue;
|
||||
}
|
||||
/* loop to split ucs4 into two utf16 chars if necessary */
|
||||
utf8total = 0;
|
||||
do {
|
||||
if (ucs4 >= UTF16BASE) {
|
||||
ucs4 -= UTF16BASE;
|
||||
bitbuf = (bitbuf << 16) | ((ucs4 >> UTF16SHIFT)
|
||||
+ UTF16HIGHSTART);
|
||||
ucs4 = (ucs4 & UTF16MASK) + UTF16LOSTART;
|
||||
utf16flag = 1;
|
||||
} else {
|
||||
bitbuf = (bitbuf << 16) | ucs4;
|
||||
utf16flag = 0;
|
||||
}
|
||||
bitstogo += 16;
|
||||
/* spew out base64 */
|
||||
while (bitstogo >= 6) {
|
||||
bitstogo -= 6;
|
||||
*dst++ = base64chars[(bitstogo ? (bitbuf >> bitstogo)
|
||||
: bitbuf)
|
||||
& 0x3F];
|
||||
}
|
||||
} while (utf16flag);
|
||||
}
|
||||
/* if in UTF-7 mode, finish in ASCII */
|
||||
if (utf7mode) {
|
||||
if (bitstogo) {
|
||||
*dst++ = base64chars[(bitbuf << (6 - bitstogo)) & 0x3F];
|
||||
}
|
||||
*dst++ = '-';
|
||||
}
|
||||
/* tie off string */
|
||||
*dst = '\0';
|
||||
}
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 16]
|
||||
|
507
docs/rfcs/rfc2193.txt
Normal file
507
docs/rfcs/rfc2193.txt
Normal file
@ -0,0 +1,507 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Gahrns
|
||||
Request for Comments: 2193 Microsoft
|
||||
Category: Standards Track September 1997
|
||||
|
||||
|
||||
IMAP4 Mailbox Referrals
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
1. Abstract
|
||||
|
||||
When dealing with large amounts of users, messages and geographically
|
||||
dispersed IMAP4 [RFC-2060] servers, it is often desirable to
|
||||
distribute messages amongst different servers within an organization.
|
||||
For example an administrator may choose to store user's personal
|
||||
mailboxes on a local IMAP4 server, while storing shared mailboxes
|
||||
remotely on another server. This type of configuration is common
|
||||
when it is uneconomical to store all data centrally due to limited
|
||||
bandwidth or disk resources.
|
||||
|
||||
Mailbox referrals allow clients to seamlessly access mailboxes that
|
||||
are distributed across several IMAP4 servers.
|
||||
|
||||
A referral mechanism can provide efficiencies over the alternative
|
||||
"proxy method", in which the local IMAP4 server contacts the remote
|
||||
server on behalf of the client, and then transfers the data from the
|
||||
remote server to itself, and then on to the client. The referral
|
||||
mechanism's direct client connection to the remote server is often a
|
||||
more efficient use of bandwidth, and does not require the local
|
||||
server to impersonate the client when authenticating to the remote
|
||||
server.
|
||||
|
||||
2. Conventions used in this document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
A home server, is an IMAP4 server that contains the user's inbox.
|
||||
|
||||
A remote mailbox is a mailbox that is not hosted on the user's home
|
||||
server.
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 1]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
A remote server is a server that contains remote mailboxes.
|
||||
|
||||
A shared mailbox, is a mailbox that multiple users have access to.
|
||||
|
||||
An IMAP mailbox referral is when the server directs the client to
|
||||
another IMAP mailbox.
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
|
||||
document are to be interpreted as described in [RFC-2119].
|
||||
|
||||
3. Introduction and Overview
|
||||
|
||||
IMAP4 servers that support this extension MUST list the keyword
|
||||
MAILBOX-REFERRALS in their CAPABILITY response. No client action is
|
||||
needed to invoke the MAILBOX-REFERRALS capability in a server.
|
||||
|
||||
A MAILBOX-REFERRALS capable IMAP4 server MUST NOT return referrals
|
||||
that result in a referrals loop.
|
||||
|
||||
A referral response consists of a tagged NO response and a REFERRAL
|
||||
response code. The REFERRAL response code MUST contain as an
|
||||
argument a one or more valid URLs separated by a space as defined in
|
||||
[RFC-1738]. If a server replies with multiple URLs for a particular
|
||||
object, they MUST all be of the same type. In this case, the URL MUST
|
||||
be an IMAP URL as defined in [RFC-2192]. A client that supports the
|
||||
REFERRALS extension MUST be prepared for a URL of any type, but it
|
||||
need only be able to process IMAP URLs.
|
||||
|
||||
A server MAY respond with multiple IMAP mailbox referrals if there is
|
||||
more than one replica of the mailbox. This allows the implementation
|
||||
of a load balancing or failover scheme. How a server keeps multiple
|
||||
replicas of a mailbox in sync is not addressed by this document.
|
||||
|
||||
If the server has a preferred order in which the client should
|
||||
attempt to access the URLs, the preferred URL SHOULD be listed in the
|
||||
first, with the remaining URLs presented in descending order of
|
||||
preference. If multiple referrals are given for a mailbox, a server
|
||||
should be aware that there are synchronization issues for a client if
|
||||
the UIDVALIDITY of the referred mailboxes are different.
|
||||
|
||||
An IMAP mailbox referral may be given in response to an IMAP command
|
||||
that specifies a mailbox as an argument.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 2]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
Example:
|
||||
|
||||
A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/REMOTE]Remote Mailbox
|
||||
|
||||
NOTE: user;AUTH=* is specified as required by [RFC-2192] to avoid a
|
||||
client falling back to anonymous login.
|
||||
|
||||
Remote mailboxes and their inferiors, that are accessible only via
|
||||
referrals SHOULD NOT appear in LIST and LSUB responses issued against
|
||||
the user's home server. They MUST appear in RLIST and RLSUB
|
||||
responses issued against the user's home server. Hierarchy referrals,
|
||||
in which a client would be required to connect to the remote server
|
||||
to issue a LIST to discover the inferiors of a mailbox are not
|
||||
addressed in this document.
|
||||
|
||||
For example, if shared mailboxes were only accessible via referrals
|
||||
on a remote server, a RLIST "" "#SHARED/%" command would return the
|
||||
same response if issued against the user's home server or the remote
|
||||
server.
|
||||
|
||||
Note: Mailboxes that are available on the user's home server do not
|
||||
need to be available on the remote server. In addition, there may be
|
||||
additional mailboxes available on the remote server, but they will
|
||||
not accessible to the client via referrals unless they appear in the
|
||||
LIST response to the RLIST command against the user's home server.
|
||||
|
||||
A MAILBOX-REFERRALS capable client will issue the RLIST and RLSUB
|
||||
commands in lieu of LIST and LSUB. The RLIST and RLSUB commands
|
||||
behave identically to their LIST and LSUB counterparts, except remote
|
||||
mailboxes are returned in addition to local mailboxes in the LIST and
|
||||
LSUB responses. This avoids displaying to a non MAILBOX-REFERRALS
|
||||
enabled client inaccessible remote mailboxes.
|
||||
|
||||
4.1. SELECT, EXAMINE, DELETE, SUBSCRIBE, UNSUBSCRIBE, STATUS and APPEND
|
||||
Referrals
|
||||
|
||||
An IMAP4 server MAY respond to the SELECT, EXAMINE, DELETE,
|
||||
SUBSCRIBE, UNSUBSCRIBE, STATUS or APPEND command with one or more
|
||||
IMAP mailbox referrals to indicate to the client that the mailbox is
|
||||
hosted on a remote server.
|
||||
|
||||
When a client processes an IMAP mailbox referral, it will open a new
|
||||
connection or use an existing connection to the remote server so that
|
||||
it is able to issue the commands necessary to process the remote
|
||||
mailbox.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 3]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
Example: <IMAP4 connection to home server>
|
||||
|
||||
C: A001 DELETE "SHARED/FOO"
|
||||
S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/FOO]
|
||||
Remote mailbox. Try SERVER2.
|
||||
|
||||
<Client established a second connection to SERVER2 and
|
||||
issues the DELETE command on the referred mailbox>
|
||||
|
||||
S: * OK IMAP4rev1 server ready
|
||||
C: B001 AUTHENTICATE KERBEROS_V4
|
||||
<authentication exchange>
|
||||
S: B001 OK user is authenticated
|
||||
|
||||
C: B002 DELETE "SHARED/FOO"
|
||||
S: B002 OK DELETE completed
|
||||
|
||||
Example: <IMAP4 connection to home server>
|
||||
|
||||
C: A001 SELECT REMOTE
|
||||
S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/REMOTE
|
||||
IMAP://user;AUTH=*@SERVER3/REMOTE] Remote mailbox.
|
||||
Try SERVER2 or SERVER3.
|
||||
|
||||
<Client opens second connection to remote server, and
|
||||
issues the commands needed to process the items in the
|
||||
remote mailbox>
|
||||
|
||||
S: * OK IMAP4rev1 server ready
|
||||
C: B001 AUTHENTICATE KERBEROS_V4
|
||||
<authentication exchange>
|
||||
S: B001 OK user is authenticated
|
||||
|
||||
C: B002 SELECT REMOTE
|
||||
S: * 12 EXISTS
|
||||
S: * 1 RECENT
|
||||
S: * OK [UNSEEN 10] Message 10 is first unseen
|
||||
S: * OK [UIDVALIDITY 123456789]
|
||||
S: * FLAGS (Answered Flagged Deleted Seen Draft)
|
||||
S: * OK [PERMANENTFLAGS (Answered Deleted Seen ]
|
||||
S: B002 OK [READ-WRITE] Selected completed
|
||||
|
||||
C: B003 FETCH 10:12 RFC822
|
||||
S: * 10 FETCH . . .
|
||||
S: * 11 FETCH . . .
|
||||
S: * 12 FETCH . . .
|
||||
S: B003 OK FETCH Completed
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 4]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
<Client is finished processing the REMOTE mailbox and
|
||||
wants to process a mailbox on its home server>
|
||||
|
||||
C: B004 LOGOUT
|
||||
S: * BYE IMAP4rev1 server logging out
|
||||
S: B004 OK LOGOUT Completed
|
||||
|
||||
<Client continues with first connection>
|
||||
|
||||
C: A002 SELECT INBOX
|
||||
S: * 16 EXISTS
|
||||
S: * 2 RECENT
|
||||
S: * OK [UNSEEN 10] Message 10 is first unseen
|
||||
S: * OK [UIDVALIDITY 123456789]
|
||||
S: * FLAGS (Answered Flagged Deleted Seen Draft)
|
||||
S: * OK [PERMANENTFLAGS (Answered Deleted Seen ]
|
||||
S: A002 OK [READ-WRITE] Selected completed
|
||||
|
||||
4.2. CREATE Referrals
|
||||
|
||||
An IMAP4 server MAY respond to the CREATE command with one or more
|
||||
IMAP mailbox referrals, if it wishes to direct the client to issue
|
||||
the CREATE against another server. The server can employ any means,
|
||||
such as examining the hierarchy of the specified mailbox name, in
|
||||
determining which server the mailbox should be created on.
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 CREATE "SHARED/FOO"
|
||||
S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/FOO]
|
||||
Mailbox should be created on remote server
|
||||
|
||||
Alternatively, because a home server is required to maintain a
|
||||
listing of referred remote mailboxes, a server MAY allow the creation
|
||||
of a mailbox that will ultimately reside on a remote server against
|
||||
the home server, and provide referrals on subsequent commands that
|
||||
manipulate the mailbox.
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 CREATE "SHARED/FOO"
|
||||
S: A001 OK CREATE succeeded
|
||||
|
||||
C: A002 SELECT "SHARED/FOO"
|
||||
S: A002 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/FOO]
|
||||
Remote mailbox. Try SERVER2
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 5]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
4.3. RENAME Referrals
|
||||
|
||||
An IMAP4 server MAY respond to the RENAME command with one or more
|
||||
pairs of IMAP mailbox referrals. In each pair of IMAP mailbox
|
||||
referrals, the first one is an URL to the existing mailbox name and
|
||||
the second is an URL to the requested new mailbox name.
|
||||
|
||||
If within an IMAP mailbox referral pair, the existing and new mailbox
|
||||
URLs are on different servers, the remote servers are unable to
|
||||
perform the RENAME operation. To achieve the same behavior of
|
||||
server RENAME, the client MAY issue the constituent CREATE, FETCH,
|
||||
APPEND, and DELETE commands against both servers.
|
||||
|
||||
If within an IMAP mailbox referral pair, the existing and new mailbox
|
||||
URLs are on the same server it is an indication that the currently
|
||||
connected server is unable to perform the operation. The client can
|
||||
simply re-issue the RENAME command on the remote server.
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 RENAME FOO BAR
|
||||
S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER1/FOO
|
||||
IMAP://user;AUTH=*@SERVER2/BAR] Unable to rename mailbox
|
||||
across servers
|
||||
|
||||
Since the existing and new mailbox names are on different servers,
|
||||
the client would be required to make a connection to both servers and
|
||||
issue the constituent commands require to achieve the RENAME.
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 RENAME FOO BAR
|
||||
S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/FOO
|
||||
IMAP://user;AUTH=*@SERVER2/BAR] Unable to rename mailbox
|
||||
located on SERVER2
|
||||
|
||||
Since both the existing and new mailbox are on the same remote
|
||||
server, the client can simply make a connection to the remote server
|
||||
and re-issue the RENAME command.
|
||||
|
||||
4.4. COPY Referrals
|
||||
|
||||
An IMAP4 server MAY respond to the COPY command with one or more IMAP
|
||||
mailbox referrals. This indicates that the destination mailbox is on
|
||||
a remote server. To achieve the same behavior of a server COPY, the
|
||||
client MAY issue the constituent FETCH and APPEND commands against
|
||||
both servers.
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 6]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
Example:
|
||||
|
||||
C: A001 COPY 1 "SHARED/STUFF"
|
||||
S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/STUFF]
|
||||
Unable to copy message(s) to SERVER2.
|
||||
|
||||
5.1 RLIST command
|
||||
|
||||
Arguments: reference name
|
||||
mailbox name with possible wildcards
|
||||
|
||||
Responses: untagged responses: LIST
|
||||
|
||||
Result: OK - RLIST Completed
|
||||
NO - RLIST Failure
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The RLIST command behaves identically to its LIST counterpart, except
|
||||
remote mailboxes are returned in addition to local mailboxes in the
|
||||
LIST responses.
|
||||
|
||||
5.2 RLSUB Command
|
||||
|
||||
Arguments: reference name
|
||||
mailbox name with possible wildcards
|
||||
|
||||
Responses: untagged responses: LSUB
|
||||
|
||||
Result: OK - RLSUB Completed
|
||||
NO - RLSUB Failure
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The RLSUB command behaves identically to its LSUB counterpart, except
|
||||
remote mailboxes are returned in addition to local mailboxes in the
|
||||
LSUB responses.
|
||||
|
||||
6. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) as described in [ABNF].
|
||||
|
||||
list_mailbox = <list_mailbox> as defined in [RFC-2060]
|
||||
|
||||
mailbox = <mailbox> as defined in [RFC-2060]
|
||||
|
||||
mailbox_referral = <tag> SPACE "NO" SPACE
|
||||
<referral_response_code> (text / text_mime2)
|
||||
; See [RFC-2060] for <tag>, text and text_mime2 definition
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 7]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
referral_response_code = "[" "REFERRAL" 1*(SPACE <url>) "]"
|
||||
; See [RFC-1738] for <url> definition
|
||||
|
||||
rlist = "RLIST" SPACE mailbox SPACE list_mailbox
|
||||
|
||||
rlsub = "RLSUB" SPACE mailbox SPACE list_mailbox
|
||||
|
||||
6. Security Considerations
|
||||
|
||||
The IMAP4 referral mechanism makes use of IMAP URLs, and as such,
|
||||
have the same security considerations as general internet URLs [RFC-
|
||||
1738], and in particular IMAP URLs [RFC-2192].
|
||||
|
||||
With the MAILBOX-REFERRALS capability, it is potentially easier to
|
||||
write a rogue server that injects a bogus referral response that
|
||||
directs a user to an incorrect mailbox. Although referrals reduce
|
||||
the effort to write such a server, the referral response makes
|
||||
detection of the intrusion easier.
|
||||
|
||||
7. References
|
||||
|
||||
[RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, University of Washington, December 1996.
|
||||
|
||||
[RFC-2192], Newman, C., "IMAP URL Scheme", RFC 2192, Innosoft,
|
||||
September 1997.
|
||||
|
||||
[RFC-1738], Berners-Lee, T., Masinter, L., and M. McCahill, "Uniform
|
||||
Resource Locators (URL)", RFC 1738, CERN, Xerox Corporation,
|
||||
University of Minnesota, December 1994.
|
||||
|
||||
[RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", RFC 2119, Harvard University, March 1997.
|
||||
|
||||
[ABNF], DRUMS working group, Dave Crocker Editor, "Augmented BNF for
|
||||
Syntax Specifications: ABNF", Work in Progress, Internet Mail
|
||||
Consortium, April 1997.
|
||||
|
||||
8. Acknowledgments
|
||||
|
||||
Many valuable suggestions were received from private discussions and
|
||||
the IMAP4 mailing list. In particular, Raymond Cheng, Mark Crispin,
|
||||
Mark Keasling, Chris Newman and Larry Osterman made significant
|
||||
contributions to this document.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 8]
|
||||
|
||||
RFC 2193 IMAP4 Mailbox Referrals September 1997
|
||||
|
||||
|
||||
9. Author's Address
|
||||
|
||||
Mike Gahrns
|
||||
Microsoft
|
||||
One Microsoft Way
|
||||
Redmond, WA, 98072
|
||||
|
||||
Phone: (206) 936-9833
|
||||
EMail: mikega@microsoft.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 9]
|
||||
|
283
docs/rfcs/rfc2195.txt
Normal file
283
docs/rfcs/rfc2195.txt
Normal file
@ -0,0 +1,283 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group J. Klensin
|
||||
Request for Comments: 2195 R. Catoe
|
||||
Category: Standards Track P. Krumviede
|
||||
Obsoletes: 2095 MCI
|
||||
September 1997
|
||||
|
||||
|
||||
IMAP/POP AUTHorize Extension for Simple Challenge/Response
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Abstract
|
||||
|
||||
While IMAP4 supports a number of strong authentication mechanisms as
|
||||
described in RFC 1731, it lacks any mechanism that neither passes
|
||||
cleartext, reusable passwords across the network nor requires either
|
||||
a significant security infrastructure or that the mail server update
|
||||
a mail-system-wide user authentication file on each mail access.
|
||||
This specification provides a simple challenge-response
|
||||
authentication protocol that is suitable for use with IMAP4. Since
|
||||
it utilizes Keyed-MD5 digests and does not require that the secret be
|
||||
stored in the clear on the server, it may also constitute an
|
||||
improvement on APOP for POP3 use as specified in RFC 1734.
|
||||
|
||||
1. Introduction
|
||||
|
||||
Existing Proposed Standards specify an AUTHENTICATE mechanism for the
|
||||
IMAP4 protocol [IMAP, IMAP-AUTH] and a parallel AUTH mechanism for
|
||||
the POP3 protocol [POP3-AUTH]. The AUTHENTICATE mechanism is
|
||||
intended to be extensible; the four methods specified in [IMAP-AUTH]
|
||||
are all fairly powerful and require some security infrastructure to
|
||||
support. The base POP3 specification [POP3] also contains a
|
||||
lightweight challenge-response mechanism called APOP. APOP is
|
||||
associated with most of the risks associated with such protocols: in
|
||||
particular, it requires that both the client and server machines have
|
||||
access to the shared secret in cleartext form. CRAM offers a method
|
||||
for avoiding such cleartext storage while retaining the algorithmic
|
||||
simplicity of APOP in using only MD5, though in a "keyed" method.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 1]
|
||||
|
||||
RFC 2195 IMAP/POP AUTHorize Extension September 1997
|
||||
|
||||
|
||||
At present, IMAP [IMAP] lacks any facility corresponding to APOP.
|
||||
The only alternative to the strong mechanisms identified in [IMAP-
|
||||
AUTH] is a presumably cleartext username and password, supported
|
||||
through the LOGIN command in [IMAP]. This document describes a
|
||||
simple challenge-response mechanism, similar to APOP and PPP CHAP
|
||||
[PPP], that can be used with IMAP (and, in principle, with POP3).
|
||||
|
||||
This mechanism also has the advantage over some possible alternatives
|
||||
of not requiring that the server maintain information about email
|
||||
"logins" on a per-login basis. While mechanisms that do require such
|
||||
per-login history records may offer enhanced security, protocols such
|
||||
as IMAP, which may have several connections between a given client
|
||||
and server open more or less simultaneous, may make their
|
||||
implementation particularly challenging.
|
||||
|
||||
2. Challenge-Response Authentication Mechanism (CRAM)
|
||||
|
||||
The authentication type associated with CRAM is "CRAM-MD5".
|
||||
|
||||
The data encoded in the first ready response contains an
|
||||
presumptively arbitrary string of random digits, a timestamp, and the
|
||||
fully-qualified primary host name of the server. The syntax of the
|
||||
unencoded form must correspond to that of an RFC 822 'msg-id'
|
||||
[RFC822] as described in [POP3].
|
||||
|
||||
The client makes note of the data and then responds with a string
|
||||
consisting of the user name, a space, and a 'digest'. The latter is
|
||||
computed by applying the keyed MD5 algorithm from [KEYED-MD5] where
|
||||
the key is a shared secret and the digested text is the timestamp
|
||||
(including angle-brackets).
|
||||
|
||||
This shared secret is a string known only to the client and server.
|
||||
The `digest' parameter itself is a 16-octet value which is sent in
|
||||
hexadecimal format, using lower-case ASCII characters.
|
||||
|
||||
When the server receives this client response, it verifies the digest
|
||||
provided. If the digest is correct, the server should consider the
|
||||
client authenticated and respond appropriately.
|
||||
|
||||
Keyed MD5 is chosen for this application because of the greater
|
||||
security imparted to authentication of short messages. In addition,
|
||||
the use of the techniques described in [KEYED-MD5] for precomputation
|
||||
of intermediate results make it possible to avoid explicit cleartext
|
||||
storage of the shared secret on the server system by instead storing
|
||||
the intermediate results which are known as "contexts".
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 2]
|
||||
|
||||
RFC 2195 IMAP/POP AUTHorize Extension September 1997
|
||||
|
||||
|
||||
CRAM does not support a protection mechanism.
|
||||
|
||||
Example:
|
||||
|
||||
The examples in this document show the use of the CRAM mechanism with
|
||||
the IMAP4 AUTHENTICATE command [IMAP-AUTH]. The base64 encoding of
|
||||
the challenges and responses is part of the IMAP4 AUTHENTICATE
|
||||
command, not part of the CRAM specification itself.
|
||||
|
||||
S: * OK IMAP4 Server
|
||||
C: A0001 AUTHENTICATE CRAM-MD5
|
||||
S: + PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+
|
||||
C: dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
|
||||
S: A0001 OK CRAM authentication successful
|
||||
|
||||
In this example, the shared secret is the string
|
||||
'tanstaaftanstaaf'. Hence, the Keyed MD5 digest is produced by
|
||||
calculating
|
||||
|
||||
MD5((tanstaaftanstaaf XOR opad),
|
||||
MD5((tanstaaftanstaaf XOR ipad),
|
||||
<1896.697170952@postoffice.reston.mci.net>))
|
||||
|
||||
where ipad and opad are as defined in the keyed-MD5 Work in
|
||||
Progress [KEYED-MD5] and the string shown in the challenge is the
|
||||
base64 encoding of <1896.697170952@postoffice.reston.mci.net>. The
|
||||
shared secret is null-padded to a length of 64 bytes. If the
|
||||
shared secret is longer than 64 bytes, the MD5 digest of the
|
||||
shared secret is used as a 16 byte input to the keyed MD5
|
||||
calculation.
|
||||
|
||||
This produces a digest value (in hexadecimal) of
|
||||
|
||||
b913a602c7eda7a495b4e6e7334d3890
|
||||
|
||||
The user name is then prepended to it, forming
|
||||
|
||||
tim b913a602c7eda7a495b4e6e7334d3890
|
||||
|
||||
Which is then base64 encoded to meet the requirements of the IMAP4
|
||||
AUTHENTICATE command (or the similar POP3 AUTH command), yielding
|
||||
|
||||
dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 3]
|
||||
|
||||
RFC 2195 IMAP/POP AUTHorize Extension September 1997
|
||||
|
||||
|
||||
3. References
|
||||
|
||||
[CHAP] Lloyd, B., and W. Simpson, "PPP Authentication Protocols",
|
||||
RFC 1334, October 1992.
|
||||
|
||||
[IMAP] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, University of Washington, December 1996.
|
||||
|
||||
[IMAP-AUTH] Myers, J., "IMAP4 Authentication Mechanisms",
|
||||
RFC 1731, Carnegie Mellon, December 1994.
|
||||
|
||||
[KEYED-MD5] Krawczyk, Bellare, Canetti, "HMAC: Keyed-Hashing for
|
||||
Message Authentication", RFC 2104, February 1997.
|
||||
|
||||
[MD5] Rivest, R., "The MD5 Message Digest Algorithm",
|
||||
RFC 1321, MIT Laboratory for Computer Science, April 1992.
|
||||
|
||||
[POP3] Myers, J., and M. Rose, "Post Office Protocol - Version 3",
|
||||
STD 53, RFC 1939, Carnegie Mellon, May 1996.
|
||||
|
||||
[POP3-AUTH] Myers, J., "POP3 AUTHentication command", RFC 1734,
|
||||
Carnegie Mellon, December, 1994.
|
||||
|
||||
4. Security Considerations
|
||||
|
||||
It is conjectured that use of the CRAM authentication mechanism
|
||||
provides origin identification and replay protection for a session.
|
||||
Accordingly, a server that implements both a cleartext password
|
||||
command and this authentication type should not allow both methods of
|
||||
access for a given user.
|
||||
|
||||
While the saving, on the server, of "contexts" (see section 2) is
|
||||
marginally better than saving the shared secrets in cleartext as is
|
||||
required by CHAP [CHAP] and APOP [POP3], it is not sufficient to
|
||||
protect the secrets if the server itself is compromised.
|
||||
Consequently, servers that store the secrets or contexts must both be
|
||||
protected to a level appropriate to the potential information value
|
||||
in user mailboxes and identities.
|
||||
|
||||
As the length of the shared secret increases, so does the difficulty
|
||||
of deriving it.
|
||||
|
||||
While there are now suggestions in the literature that the use of MD5
|
||||
and keyed MD5 in authentication procedures probably has a limited
|
||||
effective lifetime, the technique is now widely deployed and widely
|
||||
understood. It is believed that this general understanding may
|
||||
assist with the rapid replacement, by CRAM-MD5, of the current uses
|
||||
of permanent cleartext passwords in IMAP. This document has been
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 4]
|
||||
|
||||
RFC 2195 IMAP/POP AUTHorize Extension September 1997
|
||||
|
||||
|
||||
deliberately written to permit easy upgrading to use SHA (or whatever
|
||||
alternatives emerge) when they are considered to be widely available
|
||||
and adequately safe.
|
||||
|
||||
Even with the use of CRAM, users are still vulnerable to active
|
||||
attacks. An example of an increasingly common active attack is 'TCP
|
||||
Session Hijacking' as described in CERT Advisory CA-95:01 [CERT95].
|
||||
|
||||
See section 1 above for additional discussion.
|
||||
|
||||
5. Acknowledgements
|
||||
|
||||
This memo borrows ideas and some text liberally from [POP3] and
|
||||
[RFC-1731] and thanks are due the authors of those documents. Ran
|
||||
Atkinson made a number of valuable technical and editorial
|
||||
contributions to the document.
|
||||
|
||||
6. Authors' Addresses
|
||||
|
||||
John C. Klensin
|
||||
MCI Telecommunications
|
||||
800 Boylston St, 7th floor
|
||||
Boston, MA 02199
|
||||
USA
|
||||
|
||||
EMail: klensin@mci.net
|
||||
Phone: +1 617 960 1011
|
||||
|
||||
Randy Catoe
|
||||
MCI Telecommunications
|
||||
2100 Reston Parkway
|
||||
Reston, VA 22091
|
||||
USA
|
||||
|
||||
EMail: randy@mci.net
|
||||
Phone: +1 703 715 7366
|
||||
|
||||
Paul Krumviede
|
||||
MCI Telecommunications
|
||||
2100 Reston Parkway
|
||||
Reston, VA 22091
|
||||
USA
|
||||
|
||||
EMail: paul@mci.net
|
||||
Phone: +1 703 715 7251
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Klensin, Catoe & Krumviede Standards Track [Page 5]
|
||||
|
283
docs/rfcs/rfc2221.txt
Normal file
283
docs/rfcs/rfc2221.txt
Normal file
@ -0,0 +1,283 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Gahrns
|
||||
Request for Comments: 2221 Microsoft
|
||||
Category: Standards Track October 1997
|
||||
|
||||
|
||||
IMAP4 Login Referrals
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (1997). All Rights Reserved.
|
||||
|
||||
1. Abstract
|
||||
|
||||
When dealing with large amounts of users and many IMAP4 [RFC-2060]
|
||||
servers, it is often necessary to move users from one IMAP4 server to
|
||||
another. For example, hardware failures or organizational changes
|
||||
may dictate such a move.
|
||||
|
||||
Login referrals allow clients to transparently connect to an
|
||||
alternate IMAP4 server, if their home IMAP4 server has changed.
|
||||
|
||||
A referral mechanism can provide efficiencies over the alternative
|
||||
'proxy method', in which the local IMAP4 server contacts the remote
|
||||
server on behalf of the client, and then transfers the data from the
|
||||
remote server to itself, and then on to the client. The referral
|
||||
mechanism's direct client connection to the remote server is often a
|
||||
more efficient use of bandwidth, and does not require the local
|
||||
server to impersonate the client when authenticating to the remote
|
||||
server.
|
||||
|
||||
2. Conventions used in this document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
A home server, is an IMAP4 server that contains the user's inbox.
|
||||
|
||||
A remote server is a server that contains remote mailboxes.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 1]
|
||||
|
||||
RFC 2221 IMAP4 Login Referrals October 1997
|
||||
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
|
||||
document are to be interpreted as described in [RFC-2119].
|
||||
|
||||
3. Introduction and Overview
|
||||
|
||||
IMAP4 servers that support this extension MUST list the keyword
|
||||
LOGIN-REFERRALS in their CAPABILITY response. No client action is
|
||||
needed to invoke the LOGIN-REFERRALS capability in a server.
|
||||
|
||||
A LOGIN-REFERRALS capable IMAP4 server SHOULD NOT return a referral
|
||||
to a server that will return a referral. A client MUST NOT follow
|
||||
more than 10 levels of referral without consulting the user.
|
||||
|
||||
A LOGIN-REFERRALS response code MUST contain as an argument a valid
|
||||
IMAP server URL as defined in [IMAP-URL].
|
||||
|
||||
A home server referral consists of either a tagged NO or OK, or an
|
||||
untagged BYE response that contains a LOGIN-REFERRALS response code.
|
||||
|
||||
Example: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/] Remote Server
|
||||
|
||||
NOTE: user;AUTH=* is specified as required by [IMAP-URL] to avoid a
|
||||
client falling back to anonymous login.
|
||||
|
||||
4. Home Server Referrals
|
||||
|
||||
A home server referral may be returned in response to an AUTHENTICATE
|
||||
or LOGIN command, or it may appear in the connection startup banner.
|
||||
If a server returns a home server referral in a tagged NO response,
|
||||
that server does not contain any mailboxes that are accessible to the
|
||||
user. If a server returns a home server referral in a tagged OK
|
||||
response, it indicates that the user's personal mailboxes are
|
||||
elsewhere, but the server contains public mailboxes which are
|
||||
readable by the user. After receiving a home server referral, the
|
||||
client can not make any assumptions as to whether this was a
|
||||
permanent or temporary move of the user.
|
||||
|
||||
4.1. LOGIN and AUTHENTICATE Referrals
|
||||
|
||||
An IMAP4 server MAY respond to a LOGIN or AUTHENTICATE command with a
|
||||
home server referral if it wishes to direct the user to another IMAP4
|
||||
server.
|
||||
|
||||
Example: C: A001 LOGIN MIKE PASSWORD
|
||||
S: A001 NO [REFERRAL IMAP://MIKE@SERVER2/] Specified user
|
||||
is invalid on this server. Try SERVER2.
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 2]
|
||||
|
||||
RFC 2221 IMAP4 Login Referrals October 1997
|
||||
|
||||
|
||||
Example: C: A001 LOGIN MATTHEW PASSWORD
|
||||
S: A001 OK [REFERRAL IMAP://MATTHEW@SERVER2/] Specified
|
||||
user's personal mailboxes located on Server2, but
|
||||
public mailboxes are available.
|
||||
|
||||
Example: C: A001 AUTHENTICATE GSSAPI
|
||||
<authentication exchange>
|
||||
S: A001 NO [REFERRAL IMAP://user;AUTH=GSSAPI@SERVER2/]
|
||||
Specified user is invalid on this server. Try
|
||||
SERVER2.
|
||||
|
||||
4.2. BYE at connection startup referral
|
||||
|
||||
An IMAP4 server MAY respond with an untagged BYE and a REFERRAL
|
||||
response code that contains an IMAP URL to a home server if it is not
|
||||
willing to accept connections and wishes to direct the client to
|
||||
another IMAP4 server.
|
||||
|
||||
Example: S: * BYE [REFERRAL IMAP://user;AUTH=*@SERVER2/] Server not
|
||||
accepting connections. Try SERVER2
|
||||
|
||||
5. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) as described in [ABNF].
|
||||
|
||||
This amends the "resp_text_code" element of the IMAP4 grammar
|
||||
described in [RFC-2060]
|
||||
|
||||
resp_text_code =/ "REFERRAL" SPACE <imapurl>
|
||||
; See [IMAP-URL] for definition of <imapurl>
|
||||
; See [RFC-2060] for base definition of resp_text_code
|
||||
|
||||
6. Security Considerations
|
||||
|
||||
The IMAP4 login referral mechanism makes use of IMAP URLs, and as
|
||||
such, have the same security considerations as general internet URLs
|
||||
[RFC-1738], and in particular IMAP URLs [IMAP-URL].
|
||||
|
||||
A server MUST NOT give a login referral if authentication for that
|
||||
user fails. This is to avoid revealing information about the user's
|
||||
account to an unauthorized user.
|
||||
|
||||
With the LOGIN-REFERRALS capability, it is potentially easier to
|
||||
write a rogue 'password catching' server that collects login data and
|
||||
then refers the client to their actual IMAP4 server. Although
|
||||
referrals reduce the effort to write such a server, the referral
|
||||
response makes detection of the intrusion easier.
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 3]
|
||||
|
||||
RFC 2221 IMAP4 Login Referrals October 1997
|
||||
|
||||
|
||||
7. References
|
||||
|
||||
[RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, December 1996.
|
||||
|
||||
[IMAP-URL], Newman, C., "IMAP URL Scheme", RFC 2192, Innosoft,
|
||||
September 1997.
|
||||
|
||||
[RFC-1738], Berners-Lee, T., Masinter, L. and M. McCahill, "Uniform
|
||||
Resource Locators (URL)", RFC 1738, December 1994.
|
||||
|
||||
[RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", RFC 2119, March 1997.
|
||||
|
||||
[ABNF], DRUMS working group, Dave Crocker Editor, "Augmented BNF for
|
||||
Syntax Specifications: ABNF", Work in Progress.
|
||||
|
||||
8. Acknowledgments
|
||||
|
||||
Many valuable suggestions were received from private discussions and
|
||||
the IMAP4 mailing list. In particular, Raymond Cheng, Mark Crispin,
|
||||
Mark Keasling Chris Newman and Larry Osterman made significant
|
||||
contributions to this document.
|
||||
|
||||
9. Author's Address
|
||||
|
||||
Mike Gahrns
|
||||
Microsoft
|
||||
One Microsoft Way
|
||||
Redmond, WA, 98072
|
||||
|
||||
Phone: (206) 936-9833
|
||||
EMail: mikega@microsoft.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 4]
|
||||
|
||||
RFC 2221 IMAP4 Login Referrals October 1997
|
||||
|
||||
|
||||
10. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (1997). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implmentation may be prepared, copied, published
|
||||
andand distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns Standards Track [Page 5]
|
||||
|
4035
docs/rfcs/rfc2244.txt
Normal file
4035
docs/rfcs/rfc2244.txt
Normal file
File diff suppressed because it is too large
Load Diff
563
docs/rfcs/rfc2342.txt
Normal file
563
docs/rfcs/rfc2342.txt
Normal file
@ -0,0 +1,563 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Gahrns
|
||||
Request for Comments: 2342 Microsoft
|
||||
Category: Standards Track C. Newman
|
||||
Innosoft
|
||||
May 1998
|
||||
|
||||
|
||||
IMAP4 Namespace
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (1998). All Rights Reserved.
|
||||
|
||||
1. Abstract
|
||||
|
||||
IMAP4 [RFC-2060] does not define a default server namespace. As a
|
||||
result, two common namespace models have evolved:
|
||||
|
||||
The "Personal Mailbox" model, in which the default namespace that is
|
||||
presented consists of only the user's personal mailboxes. To access
|
||||
shared mailboxes, the user must use an escape mechanism to reach
|
||||
another namespace.
|
||||
|
||||
The "Complete Hierarchy" model, in which the default namespace that
|
||||
is presented includes the user's personal mailboxes along with any
|
||||
other mailboxes they have access to.
|
||||
|
||||
These two models, create difficulties for certain client operations.
|
||||
This document defines a NAMESPACE command that allows a client to
|
||||
discover the prefixes of namespaces used by a server for personal
|
||||
mailboxes, other users' mailboxes, and shared mailboxes. This allows
|
||||
a client to avoid much of the manual user configuration that is now
|
||||
necessary when mixing and matching IMAP4 clients and servers.
|
||||
|
||||
2. Conventions used in this document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively. If such lines are wrapped without a new "C:" or
|
||||
"S:" label, then the wrapping is for editorial clarity and is not
|
||||
part of the command.
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 1]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
Personal Namespace: A namespace that the server considers within the
|
||||
personal scope of the authenticated user on a particular connection.
|
||||
Typically, only the authenticated user has access to mailboxes in
|
||||
their Personal Namespace. It is the part of the namespace that
|
||||
belongs to the user that is allocated for mailboxes. If an INBOX
|
||||
exists for a user, it MUST appear within the user's personal
|
||||
namespace. In the typical case, there SHOULD be only one Personal
|
||||
Namespace on a server.
|
||||
|
||||
Other Users' Namespace: A namespace that consists of mailboxes from
|
||||
the Personal Namespaces of other users. To access mailboxes in the
|
||||
Other Users' Namespace, the currently authenticated user MUST be
|
||||
explicitly granted access rights. For example, it is common for a
|
||||
manager to grant to their secretary access rights to their mailbox.
|
||||
In the typical case, there SHOULD be only one Other Users' Namespace
|
||||
on a server.
|
||||
|
||||
Shared Namespace: A namespace that consists of mailboxes that are
|
||||
intended to be shared amongst users and do not exist within a user's
|
||||
Personal Namespace.
|
||||
|
||||
The namespaces a server uses MAY differ on a per-user basis.
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
|
||||
document are to be interpreted as described in [RFC-2119].
|
||||
|
||||
3. Introduction and Overview
|
||||
|
||||
Clients often attempt to create mailboxes for such purposes as
|
||||
maintaining a record of sent messages (e.g. "Sent Mail") or
|
||||
temporarily saving messages being composed (e.g. "Drafts"). For
|
||||
these clients to inter-operate correctly with the variety of IMAP4
|
||||
servers available, the user must enter the prefix of the Personal
|
||||
Namespace used by the server. Using the NAMESPACE command, a client
|
||||
is able to automatically discover this prefix without manual user
|
||||
configuration.
|
||||
|
||||
In addition, users are often required to manually enter the prefixes
|
||||
of various namespaces in order to view the mailboxes located there.
|
||||
For example, they might be required to enter the prefix of #shared to
|
||||
view the shared mailboxes namespace. The NAMESPACE command allows a
|
||||
client to automatically discover the namespaces that are available on
|
||||
a server. This allows a client to present the available namespaces to
|
||||
the user in what ever manner it deems appropriate. For example, a
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 2]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
client could choose to initially display only personal mailboxes, or
|
||||
it may choose to display the complete list of mailboxes available,
|
||||
and initially position the user at the root of their Personal
|
||||
Namespace.
|
||||
|
||||
A server MAY choose to make available to the NAMESPACE command only a
|
||||
subset of the complete set of namespaces the server supports. To
|
||||
provide the ability to access these namespaces, a client SHOULD allow
|
||||
the user the ability to manually enter a namespace prefix.
|
||||
|
||||
4. Requirements
|
||||
|
||||
IMAP4 servers that support this extension MUST list the keyword
|
||||
NAMESPACE in their CAPABILITY response.
|
||||
|
||||
The NAMESPACE command is valid in the Authenticated and Selected
|
||||
state.
|
||||
|
||||
5. NAMESPACE Command
|
||||
|
||||
Arguments: none
|
||||
|
||||
Response: an untagged NAMESPACE response that contains the prefix
|
||||
and hierarchy delimiter to the server's Personal
|
||||
Namespace(s), Other Users' Namespace(s), and Shared
|
||||
Namespace(s) that the server wishes to expose. The
|
||||
response will contain a NIL for any namespace class
|
||||
that is not available. Namespace_Response_Extensions
|
||||
MAY be included in the response.
|
||||
Namespace_Response_Extensions which are not on the IETF
|
||||
standards track, MUST be prefixed with an "X-".
|
||||
|
||||
Result: OK - Command completed
|
||||
NO - Error: Can't complete command
|
||||
BAD - argument invalid
|
||||
|
||||
Example 5.1:
|
||||
===========
|
||||
|
||||
< A server that supports a single personal namespace. No leading
|
||||
prefix is used on personal mailboxes and "/" is the hierarchy
|
||||
delimiter.>
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("" "/")) NIL NIL
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 3]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
Example 5.2:
|
||||
===========
|
||||
|
||||
< A user logged on anonymously to a server. No personal mailboxes
|
||||
are associated with the anonymous user and the user does not have
|
||||
access to the Other Users' Namespace. No prefix is required to
|
||||
access shared mailboxes and the hierarchy delimiter is "." >
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE NIL NIL (("" "."))
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
Example 5.3:
|
||||
===========
|
||||
|
||||
< A server that contains a Personal Namespace and a single Shared
|
||||
Namespace. >
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("" "/")) NIL (("Public Folders/" "/"))
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
Example 5.4:
|
||||
===========
|
||||
|
||||
< A server that contains a Personal Namespace, Other Users'
|
||||
Namespace and multiple Shared Namespaces. Note that the hierarchy
|
||||
delimiter used within each namespace can be different. >
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("" "/")) (("~" "/")) (("#shared/" "/")
|
||||
("#public/" "/")("#ftp/" "/")("#news." "."))
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
The prefix string allows a client to do things such as automatically
|
||||
creating personal mailboxes or LISTing all available mailboxes within
|
||||
a namespace.
|
||||
|
||||
Example 5.5:
|
||||
===========
|
||||
|
||||
< A server that supports only the Personal Namespace, with a
|
||||
leading prefix of INBOX to personal mailboxes and a hierarchy
|
||||
delimiter of ".">
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("INBOX." ".")) NIL NIL
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 4]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
< Automatically create a mailbox to store sent items.>
|
||||
|
||||
C: A002 CREATE "INBOX.Sent Mail"
|
||||
S: A002 OK CREATE command completed
|
||||
|
||||
Although typically a server will support only a single Personal
|
||||
Namespace, and a single Other User's Namespace, circumstances exist
|
||||
where there MAY be multiples of these, and a client MUST be prepared
|
||||
for them. If a client is configured such that it is required to
|
||||
create a certain mailbox, there can be circumstances where it is
|
||||
unclear which Personal Namespaces it should create the mailbox in.
|
||||
In these situations a client SHOULD let the user select which
|
||||
namespaces to create the mailbox in.
|
||||
|
||||
Example 5.6:
|
||||
===========
|
||||
|
||||
< In this example, a server supports 2 Personal Namespaces. In
|
||||
addition to the regular Personal Namespace, the user has an
|
||||
additional personal namespace to allow access to mailboxes in an
|
||||
MH format mailstore. >
|
||||
|
||||
< The client is configured to save a copy of all mail sent by the
|
||||
user into a mailbox called 'Sent Mail'. Furthermore, after a
|
||||
message is deleted from a mailbox, the client is configured to
|
||||
move that message to a mailbox called 'Deleted Items'.>
|
||||
|
||||
< Note that this example demonstrates how some extension flags can
|
||||
be passed to further describe the #mh namespace. >
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("" "/")("#mh/" "/" "X-PARAM" ("FLAG1" "FLAG2")))
|
||||
NIL NIL
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
< It is desired to keep only one copy of sent mail. It is unclear
|
||||
which Personal Namespace the client should use to create the 'Sent
|
||||
Mail' mailbox. The user is prompted to select a namespace and
|
||||
only one 'Sent Mail' mailbox is created. >
|
||||
|
||||
C: A002 CREATE "Sent Mail"
|
||||
S: A002 OK CREATE command completed
|
||||
|
||||
< The client is designed so that it keeps two 'Deleted Items'
|
||||
mailboxes, one for each namespace. >
|
||||
|
||||
C: A003 CREATE "Delete Items"
|
||||
S: A003 OK CREATE command completed
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 5]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
C: A004 CREATE "#mh/Deleted Items"
|
||||
S: A004 OK CREATE command completed
|
||||
|
||||
The next level of hierarchy following the Other Users' Namespace
|
||||
prefix SHOULD consist of <username>, where <username> is a user name
|
||||
as per the IMAP4 LOGIN or AUTHENTICATE command.
|
||||
|
||||
A client can construct a LIST command by appending a "%" to the Other
|
||||
Users' Namespace prefix to discover the Personal Namespaces of other
|
||||
users that are available to the currently authenticated user.
|
||||
|
||||
In response to such a LIST command, a server SHOULD NOT return user
|
||||
names that have not granted access to their personal mailboxes to the
|
||||
user in question.
|
||||
|
||||
A server MAY return a LIST response containing only the names of
|
||||
users that have explicitly granted access to the user in question.
|
||||
|
||||
Alternatively, a server MAY return NO to such a LIST command,
|
||||
requiring that a user name be included with the Other Users'
|
||||
Namespace prefix before listing any other user's mailboxes.
|
||||
|
||||
Example 5.7:
|
||||
===========
|
||||
|
||||
< A server that supports providing a list of other user's
|
||||
mailboxes that are accessible to the currently logged on user. >
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("" "/")) (("Other Users/" "/")) NIL
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
C: A002 LIST "" "Other Users/%"
|
||||
S: * LIST () "/" "Other Users/Mike"
|
||||
S: * LIST () "/" "Other Users/Karen"
|
||||
S: * LIST () "/" "Other Users/Matthew"
|
||||
S: * LIST () "/" "Other Users/Tesa"
|
||||
S: A002 OK LIST command completed
|
||||
|
||||
Example 5.8:
|
||||
===========
|
||||
|
||||
< A server that does not support providing a list of other user's
|
||||
mailboxes that are accessible to the currently logged on user.
|
||||
The mailboxes are listable if the client includes the name of the
|
||||
other user with the Other Users' Namespace prefix. >
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 6]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("" "/")) (("#Users/" "/")) NIL
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
< In this example, the currently logged on user has access to the
|
||||
Personal Namespace of user Mike, but the server chose to suppress
|
||||
this information in the LIST response. However, by appending the
|
||||
user name Mike (received through user input) to the Other Users'
|
||||
Namespace prefix, the client is able to get a listing of the
|
||||
personal mailboxes of user Mike. >
|
||||
|
||||
C: A002 LIST "" "#Users/%"
|
||||
S: A002 NO The requested item could not be found.
|
||||
|
||||
C: A003 LIST "" "#Users/Mike/%"
|
||||
S: * LIST () "/" "#Users/Mike/INBOX"
|
||||
S: * LIST () "/" "#Users/Mike/Foo"
|
||||
S: A003 OK LIST command completed.
|
||||
|
||||
A prefix string might not contain a hierarchy delimiter, because
|
||||
in some cases it is not needed as part of the prefix.
|
||||
|
||||
Example 5.9:
|
||||
===========
|
||||
|
||||
< A server that allows access to the Other Users' Namespace by
|
||||
prefixing the others' mailboxes with a '~' followed by <username>,
|
||||
where <username> is a user name as per the IMAP4 LOGIN or
|
||||
AUTHENTICATE command.>
|
||||
|
||||
C: A001 NAMESPACE
|
||||
S: * NAMESPACE (("" "/")) (("~" "/")) NIL
|
||||
S: A001 OK NAMESPACE command completed
|
||||
|
||||
< List the mailboxes for user mark >
|
||||
|
||||
C: A002 LIST "" "~mark/%"
|
||||
S: * LIST () "/" "~mark/INBOX"
|
||||
S: * LIST () "/" "~mark/foo"
|
||||
S: A002 OK LIST command completed
|
||||
|
||||
Historical convention has been to start all namespaces with the "#"
|
||||
character. Namespaces that include the "#" character are not IMAP
|
||||
URL [IMAP-URL] friendly requiring the "#" character to be represented
|
||||
as %23 when within URLs. As such, server implementers MAY instead
|
||||
consider using namespace prefixes that do not contain the "#"
|
||||
character.
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 7]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
6. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) as described in [ABNF].
|
||||
|
||||
atom = <atom>
|
||||
; <atom> as defined in [RFC-2060]
|
||||
|
||||
Namespace = nil / "(" 1*( "(" string SP (<"> QUOTED_CHAR <"> /
|
||||
nil) *(Namespace_Response_Extension) ")" ) ")"
|
||||
|
||||
Namespace_Command = "NAMESPACE"
|
||||
|
||||
Namespace_Response_Extension = SP string SP "(" string *(SP string)
|
||||
")"
|
||||
|
||||
Namespace_Response = "*" SP "NAMESPACE" SP Namespace SP Namespace SP
|
||||
Namespace
|
||||
|
||||
; The first Namespace is the Personal Namespace(s)
|
||||
; The second Namespace is the Other Users' Namespace(s)
|
||||
; The third Namespace is the Shared Namespace(s)
|
||||
|
||||
nil = <nil>
|
||||
; <nil> as defined in [RFC-2060]
|
||||
|
||||
QUOTED_CHAR = <QUOTED_CHAR>
|
||||
; <QUOTED_CHAR> as defined in [RFC-2060]
|
||||
|
||||
string = <string>
|
||||
; <string> as defined in [RFC-2060]
|
||||
; Note that the namespace prefix is to a mailbox and following
|
||||
; IMAP4 convention, any international string in the NAMESPACE
|
||||
; response MUST be of modified UTF-7 format as described in
|
||||
; [RFC-2060].
|
||||
|
||||
7. Security Considerations
|
||||
|
||||
In response to a LIST command containing an argument of the Other
|
||||
Users' Namespace prefix, a server SHOULD NOT list users that have not
|
||||
granted list access to their personal mailboxes to the currently
|
||||
authenticated user. Providing such a list, could compromise security
|
||||
by potentially disclosing confidential information of who is located
|
||||
on the server, or providing a starting point of a list of user
|
||||
accounts to attack.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 8]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
8. References
|
||||
|
||||
[RFC-2060], Crispin, M., "Internet Message Access Protocol Version
|
||||
4rev1", RFC 2060, December 1996.
|
||||
|
||||
[RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[ABNF] Crocker, D., Editor, and P. Overell, "Augmented BNF for Syntax
|
||||
Specifications: ABNF", RFC 2234, November 1997.
|
||||
|
||||
[IMAP-URL], Newman, C., "IMAP URL Scheme", RFC 2192, September 1997.
|
||||
|
||||
9. Acknowledgments
|
||||
|
||||
Many people have participated in the discussion of IMAP namespaces on
|
||||
the IMAP mailing list. In particular, the authors would like to
|
||||
thank Mark Crispin for many of the concepts relating to the Personal
|
||||
Namespace and accessing the Personal Namespace of other users, Steve
|
||||
Hole for summarizing the two namespace models, John Myers and Jack De
|
||||
Winter for their work in a preceding effort trying to define a
|
||||
standardized personal namespace, and Larry Osterman for his review
|
||||
and collaboration on this document.
|
||||
|
||||
11. Authors' Addresses
|
||||
|
||||
Mike Gahrns
|
||||
Microsoft
|
||||
One Microsoft Way
|
||||
Redmond, WA, 98072, USA
|
||||
|
||||
Phone: (425) 936-9833
|
||||
EMail: mikega@microsoft.com
|
||||
|
||||
|
||||
Chris Newman
|
||||
Innosoft International, Inc.
|
||||
1050 East Garvey Ave. South
|
||||
West Covina, CA, 91790, USA
|
||||
|
||||
EMail: chris.newman@innosoft.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 9]
|
||||
|
||||
RFC 2342 IMAP4 Namespace May 1998
|
||||
|
||||
|
||||
12. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (1998). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns & Newman Standards Track [Page 10]
|
||||
|
339
docs/rfcs/rfc2359.txt
Normal file
339
docs/rfcs/rfc2359.txt
Normal file
@ -0,0 +1,339 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group J. Myers
|
||||
Request for Comments: 2359 Netscape Communications
|
||||
Category: Standards Track June 1998
|
||||
|
||||
|
||||
IMAP4 UIDPLUS extension
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (1998). All Rights Reserved.
|
||||
|
||||
IESG NOTE
|
||||
|
||||
The IMAP extension described here assumes a particular means of using
|
||||
IMAP to support disconnected operation. However, this means of
|
||||
supporting disconnected operation is not yet documented. Also, there
|
||||
are multiple theories about how best to do disconnected operation in
|
||||
IMAP, and as yet, there is no consensus on which one should be
|
||||
adopted as a standard.
|
||||
|
||||
This document is being approved as a Proposed Standard because it
|
||||
does not appear to have technical flaws in itelf. However, approval
|
||||
of this document as a Proposed Standard should not be considered an
|
||||
IETF endorsement of any particular means of doing disconnected
|
||||
operation in IMAP.
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Abstract .............................................. 2
|
||||
2. Conventions Used in this Document ..................... 2
|
||||
3. Introduction and Overview ............................. 2
|
||||
4. Features .............................................. 2
|
||||
4.1. UID EXPUNGE Command ................................... 2
|
||||
4.2. APPENDUID response code ............................... 3
|
||||
4.3. COPYUID response code ................................. 4
|
||||
5. Formal Syntax ......................................... 4
|
||||
6. References ............................................ 4
|
||||
7. Security Considerations ............................... 5
|
||||
8. Author's Address ...................................... 5
|
||||
9. Full Copyright Statement .............................. 6
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 1]
|
||||
|
||||
RFC 2359 IMAP4 UIDPLUS extension June 1998
|
||||
|
||||
|
||||
1. Abstract
|
||||
|
||||
The UIDPLUS extension of the Internet Message Access Protocol [IMAP4]
|
||||
provides a set of features intended to reduce the amount of time and
|
||||
resources used by some client operations. The features in UIDPLUS
|
||||
are primarily intended for disconnected-use clients.
|
||||
|
||||
2. Conventions Used in this Document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
|
||||
in this document are to be interpreted as defined in "Key words for
|
||||
use in RFCs to Indicate Requirement Levels" [KEYWORDS].
|
||||
|
||||
3. Introduction and Overview
|
||||
|
||||
The UIDPLUS extension is present in any IMAP4 server implementation
|
||||
which returns "UIDPLUS" as one of the supported capabilities to the
|
||||
CAPABILITY command. The UIDPLUS extension contains one additional
|
||||
command and additional data returned with successful APPEND and COPY
|
||||
commands.
|
||||
|
||||
Clients that wish to use the new command in UIDPLUS must of course
|
||||
first test for the presence of the extension by issuing a CAPABILITY
|
||||
command. Each of the features in UIDPLUS are optimizations; clients
|
||||
can provide the same functionality, albeit more slowly, by using
|
||||
commands in the base protocol. With each feature, this document
|
||||
recommends a fallback approach to take when the UIDPLUS extension is
|
||||
not supported by the server.
|
||||
|
||||
4. Features
|
||||
|
||||
4.1. UID EXPUNGE Command
|
||||
|
||||
Arguments: message set
|
||||
|
||||
Data: untagged responses: EXPUNGE
|
||||
|
||||
Result: OK - expunge completed
|
||||
NO - expunge failure (e.g. permission denied)
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 2]
|
||||
|
||||
RFC 2359 IMAP4 UIDPLUS extension June 1998
|
||||
|
||||
|
||||
The UID EXPUNGE command permanently removes from the currently
|
||||
selected mailbox all messages that both have the \Deleted flag set
|
||||
and have a UID that is included in the specified message set. If
|
||||
a message either does not have the \Deleted flag set or is has a
|
||||
UID that is not included in the specified message set, it is not
|
||||
affected.
|
||||
|
||||
This command may be used to ensure that a replayed EXPUNGE command
|
||||
does not remove any messages that have been marked as \Deleted
|
||||
between the time that the user requested the expunge operation and
|
||||
the time the server processes the command.
|
||||
|
||||
If the server does not support the UIDPLUS capability, the client
|
||||
should fall back to using the STORE command to temporarily remove
|
||||
the \Deleted flag from messages it does not want to remove. The
|
||||
client could alternatively fall back to using the EXPUNGE command,
|
||||
risking the unintended removal of some messages.
|
||||
|
||||
Example: C: A003 UID EXPUNGE 3000:3002
|
||||
S: * 3 EXPUNGE
|
||||
S: * 3 EXPUNGE
|
||||
S: * 3 EXPUNGE
|
||||
S: A003 OK UID EXPUNGE completed
|
||||
|
||||
4.2. APPENDUID response code
|
||||
|
||||
Successful APPEND commands return an APPENDUID response code in the
|
||||
tagged OK response. The APPENDUID response code contains as
|
||||
arguments the UIDVALIDITY of the destination mailbox and the UID
|
||||
assigned to the appended message.
|
||||
|
||||
If the server does not support the UIDPLUS capability, the client can
|
||||
only discover this information by selecting the destination mailbox
|
||||
and issuing FETCH commands.
|
||||
|
||||
Example: C: A003 APPEND saved-messages (\Seen) {310}
|
||||
C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
|
||||
C: From: Fred Foobar <foobar@Blurdybloop.COM>
|
||||
C: Subject: afternoon meeting
|
||||
C: To: mooch@owatagu.siam.edu
|
||||
C: Message-Id: <B27397-0100000@Blurdybloop.COM>
|
||||
C: MIME-Version: 1.0
|
||||
C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
|
||||
C:
|
||||
C: Hello Joe, do you think we can meet at 3:30 tomorrow?
|
||||
C:
|
||||
S: A003 OK [APPENDUID 38505 3955] APPEND completed
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 3]
|
||||
|
||||
RFC 2359 IMAP4 UIDPLUS extension June 1998
|
||||
|
||||
|
||||
4.3. COPYUID response code
|
||||
|
||||
Successful COPY and UID COPY commands return a COPYUID response code
|
||||
in the tagged OK response whenever at least one message was copied.
|
||||
The COPYUID response code contains as an argument the UIDVALIDITY of
|
||||
the appended-to mailbox, a message set containing the UIDs of the
|
||||
messages copied to the destination mailbox, in the order they were
|
||||
copied, and a message containing the UIDs assigned to the copied
|
||||
messages, in the order they were assigned. Neither of the message
|
||||
sets may contain extraneous UIDs or the symbol '*'.
|
||||
|
||||
If the server does not support the UIDPLUS capability, the client can
|
||||
only discover this information by selecting the destination mailbox
|
||||
and issuing FETCH commands.
|
||||
|
||||
Example: C: A003 COPY 2:4 MEETING
|
||||
S: A003 OK [COPYUID 38505 304,319:320 3956:3958] Done
|
||||
C: A003 UID COPY 305:310 MEETING
|
||||
S: A003 OK Done
|
||||
|
||||
5. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) notation as specified in [RFC-822] as modified by [IMAP4].
|
||||
Non-terminals referenced but not defined below are as defined by
|
||||
[IMAP4].
|
||||
|
||||
Except as noted otherwise, all alphabetic characters are case-
|
||||
insensitive. The use of upper or lower case characters to define
|
||||
token strings is for editorial clarity only. Implementations MUST
|
||||
accept these strings in a case-insensitive fashion.
|
||||
|
||||
resp_code_apnd ::= "APPENDUID" SPACE nz_number SPACE uniqueid
|
||||
|
||||
resp_code_copy ::= "COPYUID" SPACE nz_number SPACE set SPACE set
|
||||
|
||||
uid_expunge ::= "UID" SPACE "EXPUNGE" SPACE set
|
||||
|
||||
6. References
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol -
|
||||
Version 4rev1", RFC 2060, December 1996.
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[RFC-822] Crocker, D., "Standard for the Format of ARPA Internet
|
||||
Text Messages", STD 11, RFC 822, August 1982.
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 4]
|
||||
|
||||
RFC 2359 IMAP4 UIDPLUS extension June 1998
|
||||
|
||||
|
||||
7. Security Considerations
|
||||
|
||||
There are no known security issues with this extension.
|
||||
|
||||
8. Author's Address
|
||||
|
||||
John Gardiner Myers
|
||||
Netscape Communications
|
||||
501 East Middlefield Road
|
||||
Mail Stop MV-029
|
||||
Mountain View, CA 94043
|
||||
|
||||
EMail: jgmyers@netscape.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 5]
|
||||
|
||||
RFC 2359 IMAP4 UIDPLUS extension June 1998
|
||||
|
||||
|
||||
9. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (1998). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Myers Standards Track [Page 6]
|
||||
|
843
docs/rfcs/rfc2595.txt
Normal file
843
docs/rfcs/rfc2595.txt
Normal file
@ -0,0 +1,843 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group C. Newman
|
||||
Request for Comments: 2595 Innosoft
|
||||
Category: Standards Track June 1999
|
||||
|
||||
|
||||
Using TLS with IMAP, POP3 and ACAP
|
||||
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (1999). All Rights Reserved.
|
||||
|
||||
1. Motivation
|
||||
|
||||
The TLS protocol (formerly known as SSL) provides a way to secure an
|
||||
application protocol from tampering and eavesdropping. The option of
|
||||
using such security is desirable for IMAP, POP and ACAP due to common
|
||||
connection eavesdropping and hijacking attacks [AUTH]. Although
|
||||
advanced SASL authentication mechanisms can provide a lightweight
|
||||
version of this service, TLS is complimentary to simple
|
||||
authentication-only SASL mechanisms or deployed clear-text password
|
||||
login commands.
|
||||
|
||||
Many sites have a high investment in authentication infrastructure
|
||||
(e.g., a large database of a one-way-function applied to user
|
||||
passwords), so a privacy layer which is not tightly bound to user
|
||||
authentication can protect against network eavesdropping attacks
|
||||
without requiring a new authentication infrastructure and/or forcing
|
||||
all users to change their password. Recognizing that such sites will
|
||||
desire simple password authentication in combination with TLS
|
||||
encryption, this specification defines the PLAIN SASL mechanism for
|
||||
use with protocols which lack a simple password authentication
|
||||
command such as ACAP and SMTP. (Note there is a separate RFC for the
|
||||
STARTTLS command in SMTP [SMTPTLS].)
|
||||
|
||||
There is a strong desire in the IETF to eliminate the transmission of
|
||||
clear-text passwords over unencrypted channels. While SASL can be
|
||||
used for this purpose, TLS provides an additional tool with different
|
||||
deployability characteristics. A server supporting both TLS with
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 1]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
simple passwords and a challenge/response SASL mechanism is likely to
|
||||
interoperate with a wide variety of clients without resorting to
|
||||
unencrypted clear-text passwords.
|
||||
|
||||
The STARTTLS command rectifies a number of the problems with using a
|
||||
separate port for a "secure" protocol variant. Some of these are
|
||||
mentioned in section 7.
|
||||
|
||||
1.1. Conventions Used in this Document
|
||||
|
||||
The key words "REQUIRED", "MUST", "MUST NOT", "SHOULD", "SHOULD NOT",
|
||||
"MAY", and "OPTIONAL" in this document are to be interpreted as
|
||||
described in "Key words for use in RFCs to Indicate Requirement
|
||||
Levels" [KEYWORDS].
|
||||
|
||||
Terms related to authentication are defined in "On Internet
|
||||
Authentication" [AUTH].
|
||||
|
||||
Formal syntax is defined using ABNF [ABNF].
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively.
|
||||
|
||||
2. Basic Interoperability and Security Requirements
|
||||
|
||||
The following requirements apply to all implementations of the
|
||||
STARTTLS extension for IMAP, POP3 and ACAP.
|
||||
|
||||
2.1. Cipher Suite Requirements
|
||||
|
||||
Implementation of the TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA [TLS] cipher
|
||||
suite is REQUIRED. This is important as it assures that any two
|
||||
compliant implementations can be configured to interoperate.
|
||||
|
||||
All other cipher suites are OPTIONAL.
|
||||
|
||||
2.2. Privacy Operational Mode Security Requirements
|
||||
|
||||
Both clients and servers SHOULD have a privacy operational mode which
|
||||
refuses authentication unless successful activation of an encryption
|
||||
layer (such as that provided by TLS) occurs prior to or at the time
|
||||
of authentication and which will terminate the connection if that
|
||||
encryption layer is deactivated. Implementations are encouraged to
|
||||
have flexability with respect to the minimal encryption strength or
|
||||
cipher suites permitted. A minimalist approach to this
|
||||
recommendation would be an operational mode where the
|
||||
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA cipher suite is mandatory prior to
|
||||
permitting authentication.
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 2]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
Clients MAY have an operational mode which uses encryption only when
|
||||
it is advertised by the server, but authentication continues
|
||||
regardless. For backwards compatibility, servers SHOULD have an
|
||||
operational mode where only the authentication mechanisms required by
|
||||
the relevant base protocol specification are needed to successfully
|
||||
authenticate.
|
||||
|
||||
2.3. Clear-Text Password Requirements
|
||||
|
||||
Clients and servers which implement STARTTLS MUST be configurable to
|
||||
refuse all clear-text login commands or mechanisms (including both
|
||||
standards-track and nonstandard mechanisms) unless an encryption
|
||||
layer of adequate strength is active. Servers which allow
|
||||
unencrypted clear-text logins SHOULD be configurable to refuse
|
||||
clear-text logins both for the entire server, and on a per-user
|
||||
basis.
|
||||
|
||||
2.4. Server Identity Check
|
||||
|
||||
During the TLS negotiation, the client MUST check its understanding
|
||||
of the server hostname against the server's identity as presented in
|
||||
the server Certificate message, in order to prevent man-in-the-middle
|
||||
attacks. Matching is performed according to these rules:
|
||||
|
||||
- The client MUST use the server hostname it used to open the
|
||||
connection as the value to compare against the server name as
|
||||
expressed in the server certificate. The client MUST NOT use any
|
||||
form of the server hostname derived from an insecure remote source
|
||||
(e.g., insecure DNS lookup). CNAME canonicalization is not done.
|
||||
|
||||
- If a subjectAltName extension of type dNSName is present in the
|
||||
certificate, it SHOULD be used as the source of the server's
|
||||
identity.
|
||||
|
||||
- Matching is case-insensitive.
|
||||
|
||||
- A "*" wildcard character MAY be used as the left-most name
|
||||
component in the certificate. For example, *.example.com would
|
||||
match a.example.com, foo.example.com, etc. but would not match
|
||||
example.com.
|
||||
|
||||
- If the certificate contains multiple names (e.g. more than one
|
||||
dNSName field), then a match with any one of the fields is
|
||||
considered acceptable.
|
||||
|
||||
If the match fails, the client SHOULD either ask for explicit user
|
||||
confirmation, or terminate the connection and indicate the server's
|
||||
identity is suspect.
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 3]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
2.5. TLS Security Policy Check
|
||||
|
||||
Both the client and server MUST check the result of the STARTTLS
|
||||
command and subsequent TLS negotiation to see whether acceptable
|
||||
authentication or privacy was achieved. Ignoring this step
|
||||
completely invalidates using TLS for security. The decision about
|
||||
whether acceptable authentication or privacy was achieved is made
|
||||
locally, is implementation-dependent, and is beyond the scope of this
|
||||
document.
|
||||
|
||||
3. IMAP STARTTLS extension
|
||||
|
||||
When the TLS extension is present in IMAP, "STARTTLS" is listed as a
|
||||
capability in response to the CAPABILITY command. This extension
|
||||
adds a single command, "STARTTLS" to the IMAP protocol which is used
|
||||
to begin a TLS negotiation.
|
||||
|
||||
3.1. STARTTLS Command
|
||||
|
||||
Arguments: none
|
||||
|
||||
Responses: no specific responses for this command
|
||||
|
||||
Result: OK - begin TLS negotiation
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
A TLS negotiation begins immediately after the CRLF at the end of
|
||||
the tagged OK response from the server. Once a client issues a
|
||||
STARTTLS command, it MUST NOT issue further commands until a
|
||||
server response is seen and the TLS negotiation is complete.
|
||||
|
||||
The STARTTLS command is only valid in non-authenticated state.
|
||||
The server remains in non-authenticated state, even if client
|
||||
credentials are supplied during the TLS negotiation. The SASL
|
||||
[SASL] EXTERNAL mechanism MAY be used to authenticate once TLS
|
||||
client credentials are successfully exchanged, but servers
|
||||
supporting the STARTTLS command are not required to support the
|
||||
EXTERNAL mechanism.
|
||||
|
||||
Once TLS has been started, the client MUST discard cached
|
||||
information about server capabilities and SHOULD re-issue the
|
||||
CAPABILITY command. This is necessary to protect against
|
||||
man-in-the-middle attacks which alter the capabilities list prior
|
||||
to STARTTLS. The server MAY advertise different capabilities
|
||||
after STARTTLS.
|
||||
|
||||
The formal syntax for IMAP is amended as follows:
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 4]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
command_any =/ "STARTTLS"
|
||||
|
||||
Example: C: a001 CAPABILITY
|
||||
S: * CAPABILITY IMAP4rev1 STARTTLS LOGINDISABLED
|
||||
S: a001 OK CAPABILITY completed
|
||||
C: a002 STARTTLS
|
||||
S: a002 OK Begin TLS negotiation now
|
||||
<TLS negotiation, further commands are under TLS layer>
|
||||
C: a003 CAPABILITY
|
||||
S: * CAPABILITY IMAP4rev1 AUTH=EXTERNAL
|
||||
S: a003 OK CAPABILITY completed
|
||||
C: a004 LOGIN joe password
|
||||
S: a004 OK LOGIN completed
|
||||
|
||||
3.2. IMAP LOGINDISABLED capability
|
||||
|
||||
The current IMAP protocol specification (RFC 2060) requires the
|
||||
implementation of the LOGIN command which uses clear-text passwords.
|
||||
Many sites may choose to disable this command unless encryption is
|
||||
active for security reasons. An IMAP server MAY advertise that the
|
||||
LOGIN command is disabled by including the LOGINDISABLED capability
|
||||
in the capability response. Such a server will respond with a tagged
|
||||
"NO" response to any attempt to use the LOGIN command.
|
||||
|
||||
An IMAP server which implements STARTTLS MUST implement support for
|
||||
the LOGINDISABLED capability on unencrypted connections.
|
||||
|
||||
An IMAP client which complies with this specification MUST NOT issue
|
||||
the LOGIN command if this capability is present.
|
||||
|
||||
This capability is useful to prevent clients compliant with this
|
||||
specification from sending an unencrypted password in an environment
|
||||
subject to passive attacks. It has no impact on an environment
|
||||
subject to active attacks as a man-in-the-middle attacker can remove
|
||||
this capability. Therefore this does not relieve clients of the need
|
||||
to follow the privacy mode recommendation in section 2.2.
|
||||
|
||||
Servers advertising this capability will fail to interoperate with
|
||||
many existing compliant IMAP clients and will be unable to prevent
|
||||
those clients from disclosing the user's password.
|
||||
|
||||
4. POP3 STARTTLS extension
|
||||
|
||||
The POP3 STARTTLS extension adds the STLS command to POP3 servers.
|
||||
If this is implemented, the POP3 extension mechanism [POP3EXT] MUST
|
||||
also be implemented to avoid the need for client probing of multiple
|
||||
commands. The capability name "STLS" indicates this command is
|
||||
present and permitted in the current state.
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 5]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
STLS
|
||||
|
||||
Arguments: none
|
||||
|
||||
Restrictions:
|
||||
Only permitted in AUTHORIZATION state.
|
||||
|
||||
Discussion:
|
||||
A TLS negotiation begins immediately after the CRLF at the
|
||||
end of the +OK response from the server. A -ERR response
|
||||
MAY result if a security layer is already active. Once a
|
||||
client issues a STLS command, it MUST NOT issue further
|
||||
commands until a server response is seen and the TLS
|
||||
negotiation is complete.
|
||||
|
||||
The STLS command is only permitted in AUTHORIZATION state
|
||||
and the server remains in AUTHORIZATION state, even if
|
||||
client credentials are supplied during the TLS negotiation.
|
||||
The AUTH command [POP-AUTH] with the EXTERNAL mechanism
|
||||
[SASL] MAY be used to authenticate once TLS client
|
||||
credentials are successfully exchanged, but servers
|
||||
supporting the STLS command are not required to support the
|
||||
EXTERNAL mechanism.
|
||||
|
||||
Once TLS has been started, the client MUST discard cached
|
||||
information about server capabilities and SHOULD re-issue
|
||||
the CAPA command. This is necessary to protect against
|
||||
man-in-the-middle attacks which alter the capabilities list
|
||||
prior to STLS. The server MAY advertise different
|
||||
capabilities after STLS.
|
||||
|
||||
Possible Responses:
|
||||
+OK -ERR
|
||||
|
||||
Examples:
|
||||
C: STLS
|
||||
S: +OK Begin TLS negotiation
|
||||
<TLS negotiation, further commands are under TLS layer>
|
||||
...
|
||||
C: STLS
|
||||
S: -ERR Command not permitted when TLS active
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 6]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
5. ACAP STARTTLS extension
|
||||
|
||||
When the TLS extension is present in ACAP, "STARTTLS" is listed as a
|
||||
capability in the ACAP greeting. No arguments to this capability are
|
||||
defined at this time. This extension adds a single command,
|
||||
"STARTTLS" to the ACAP protocol which is used to begin a TLS
|
||||
negotiation.
|
||||
|
||||
5.1. STARTTLS Command
|
||||
|
||||
Arguments: none
|
||||
|
||||
Responses: no specific responses for this command
|
||||
|
||||
Result: OK - begin TLS negotiation
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
A TLS negotiation begins immediately after the CRLF at the end of
|
||||
the tagged OK response from the server. Once a client issues a
|
||||
STARTTLS command, it MUST NOT issue further commands until a
|
||||
server response is seen and the TLS negotiation is complete.
|
||||
|
||||
The STARTTLS command is only valid in non-authenticated state.
|
||||
The server remains in non-authenticated state, even if client
|
||||
credentials are supplied during the TLS negotiation. The SASL
|
||||
[SASL] EXTERNAL mechanism MAY be used to authenticate once TLS
|
||||
client credentials are successfully exchanged, but servers
|
||||
supporting the STARTTLS command are not required to support the
|
||||
EXTERNAL mechanism.
|
||||
|
||||
After the TLS layer is established, the server MUST re-issue an
|
||||
untagged ACAP greeting. This is necessary to protect against
|
||||
man-in-the-middle attacks which alter the capabilities list prior
|
||||
to STARTTLS. The client MUST discard cached capability
|
||||
information and replace it with the information from the new ACAP
|
||||
greeting. The server MAY advertise different capabilities after
|
||||
STARTTLS.
|
||||
|
||||
The formal syntax for ACAP is amended as follows:
|
||||
|
||||
command_any =/ "STARTTLS"
|
||||
|
||||
Example: S: * ACAP (SASL "CRAM-MD5") (STARTTLS)
|
||||
C: a002 STARTTLS
|
||||
S: a002 OK "Begin TLS negotiation now"
|
||||
<TLS negotiation, further commands are under TLS layer>
|
||||
S: * ACAP (SASL "CRAM-MD5" "PLAIN" "EXTERNAL")
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 7]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
6. PLAIN SASL mechanism
|
||||
|
||||
Clear-text passwords are simple, interoperate with almost all
|
||||
existing operating system authentication databases, and are useful
|
||||
for a smooth transition to a more secure password-based
|
||||
authentication mechanism. The drawback is that they are unacceptable
|
||||
for use over an unencrypted network connection.
|
||||
|
||||
This defines the "PLAIN" SASL mechanism for use with ACAP and other
|
||||
protocols with no clear-text login command. The PLAIN SASL mechanism
|
||||
MUST NOT be advertised or used unless a strong encryption layer (such
|
||||
as the provided by TLS) is active or backwards compatibility dictates
|
||||
otherwise.
|
||||
|
||||
The mechanism consists of a single message from the client to the
|
||||
server. The client sends the authorization identity (identity to
|
||||
login as), followed by a US-ASCII NUL character, followed by the
|
||||
authentication identity (identity whose password will be used),
|
||||
followed by a US-ASCII NUL character, followed by the clear-text
|
||||
password. The client may leave the authorization identity empty to
|
||||
indicate that it is the same as the authentication identity.
|
||||
|
||||
The server will verify the authentication identity and password with
|
||||
the system authentication database and verify that the authentication
|
||||
credentials permit the client to login as the authorization identity.
|
||||
If both steps succeed, the user is logged in.
|
||||
|
||||
The server MAY also use the password to initialize any new
|
||||
authentication database, such as one suitable for CRAM-MD5
|
||||
[CRAM-MD5].
|
||||
|
||||
Non-US-ASCII characters are permitted as long as they are represented
|
||||
in UTF-8 [UTF-8]. Use of non-visible characters or characters which
|
||||
a user may be unable to enter on some keyboards is discouraged.
|
||||
|
||||
The formal grammar for the client message using Augmented BNF [ABNF]
|
||||
follows.
|
||||
|
||||
message = [authorize-id] NUL authenticate-id NUL password
|
||||
authenticate-id = 1*UTF8-SAFE ; MUST accept up to 255 octets
|
||||
authorize-id = 1*UTF8-SAFE ; MUST accept up to 255 octets
|
||||
password = 1*UTF8-SAFE ; MUST accept up to 255 octets
|
||||
NUL = %x00
|
||||
UTF8-SAFE = %x01-09 / %x0B-0C / %x0E-7F / UTF8-2 /
|
||||
UTF8-3 / UTF8-4 / UTF8-5 / UTF8-6
|
||||
UTF8-1 = %x80-BF
|
||||
UTF8-2 = %xC0-DF UTF8-1
|
||||
UTF8-3 = %xE0-EF 2UTF8-1
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 8]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
UTF8-4 = %xF0-F7 3UTF8-1
|
||||
UTF8-5 = %xF8-FB 4UTF8-1
|
||||
UTF8-6 = %xFC-FD 5UTF8-1
|
||||
|
||||
Here is an example of how this might be used to initialize a CRAM-MD5
|
||||
authentication database for ACAP:
|
||||
|
||||
Example: S: * ACAP (SASL "CRAM-MD5") (STARTTLS)
|
||||
C: a001 AUTHENTICATE "CRAM-MD5"
|
||||
S: + "<1896.697170952@postoffice.reston.mci.net>"
|
||||
C: "tim b913a602c7eda7a495b4e6e7334d3890"
|
||||
S: a001 NO (TRANSITION-NEEDED)
|
||||
"Please change your password, or use TLS to login"
|
||||
C: a002 STARTTLS
|
||||
S: a002 OK "Begin TLS negotiation now"
|
||||
<TLS negotiation, further commands are under TLS layer>
|
||||
S: * ACAP (SASL "CRAM-MD5" "PLAIN" "EXTERNAL")
|
||||
C: a003 AUTHENTICATE "PLAIN" {21+}
|
||||
C: <NUL>tim<NUL>tanstaaftanstaaf
|
||||
S: a003 OK CRAM-MD5 password initialized
|
||||
|
||||
Note: In this example, <NUL> represents a single ASCII NUL octet.
|
||||
|
||||
7. imaps and pop3s ports
|
||||
|
||||
Separate "imaps" and "pop3s" ports were registered for use with SSL.
|
||||
Use of these ports is discouraged in favor of the STARTTLS or STLS
|
||||
commands.
|
||||
|
||||
A number of problems have been observed with separate ports for
|
||||
"secure" variants of protocols. This is an attempt to enumerate some
|
||||
of those problems.
|
||||
|
||||
- Separate ports lead to a separate URL scheme which intrudes into
|
||||
the user interface in inappropriate ways. For example, many web
|
||||
pages use language like "click here if your browser supports SSL."
|
||||
This is a decision the browser is often more capable of making than
|
||||
the user.
|
||||
|
||||
- Separate ports imply a model of either "secure" or "not secure."
|
||||
This can be misleading in a number of ways. First, the "secure"
|
||||
port may not in fact be acceptably secure as an export-crippled
|
||||
cipher suite might be in use. This can mislead users into a false
|
||||
sense of security. Second, the normal port might in fact be
|
||||
secured by using a SASL mechanism which includes a security layer.
|
||||
Thus the separate port distinction makes the complex topic of
|
||||
security policy even more confusing. One common result of this
|
||||
confusion is that firewall administrators are often misled into
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 9]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
permitting the "secure" port and blocking the standard port. This
|
||||
could be a poor choice given the common use of SSL with a 40-bit
|
||||
key encryption layer and plain-text password authentication is less
|
||||
secure than strong SASL mechanisms such as GSSAPI with Kerberos 5.
|
||||
|
||||
- Use of separate ports for SSL has caused clients to implement only
|
||||
two security policies: use SSL or don't use SSL. The desirable
|
||||
security policy "use TLS when available" would be cumbersome with
|
||||
the separate port model, but is simple with STARTTLS.
|
||||
|
||||
- Port numbers are a limited resource. While they are not yet in
|
||||
short supply, it is unwise to set a precedent that could double (or
|
||||
worse) the speed of their consumption.
|
||||
|
||||
|
||||
8. IANA Considerations
|
||||
|
||||
This constitutes registration of the "STARTTLS" and "LOGINDISABLED"
|
||||
IMAP capabilities as required by section 7.2.1 of RFC 2060 [IMAP].
|
||||
|
||||
The registration for the POP3 "STLS" capability follows:
|
||||
|
||||
CAPA tag: STLS
|
||||
Arguments: none
|
||||
Added commands: STLS
|
||||
Standard commands affected: May enable USER/PASS as a side-effect.
|
||||
CAPA command SHOULD be re-issued after successful completion.
|
||||
Announced states/Valid states: AUTHORIZATION state only.
|
||||
Specification reference: this memo
|
||||
|
||||
The registration for the ACAP "STARTTLS" capability follows:
|
||||
|
||||
Capability name: STARTTLS
|
||||
Capability keyword: STARTTLS
|
||||
Capability arguments: none
|
||||
Published Specification(s): this memo
|
||||
Person and email address for further information:
|
||||
see author's address section below
|
||||
|
||||
The registration for the PLAIN SASL mechanism follows:
|
||||
|
||||
SASL mechanism name: PLAIN
|
||||
Security Considerations: See section 9 of this memo
|
||||
Published specification: this memo
|
||||
Person & email address to contact for further information:
|
||||
see author's address section below
|
||||
Intended usage: COMMON
|
||||
Author/Change controller: see author's address section below
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 10]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
9. Security Considerations
|
||||
|
||||
TLS only provides protection for data sent over a network connection.
|
||||
Messages transferred over IMAP or POP3 are still available to server
|
||||
administrators and usually subject to eavesdropping, tampering and
|
||||
forgery when transmitted through SMTP or NNTP. TLS is no substitute
|
||||
for an end-to-end message security mechanism using MIME security
|
||||
multiparts [MIME-SEC].
|
||||
|
||||
A man-in-the-middle attacker can remove STARTTLS from the capability
|
||||
list or generate a failure response to the STARTTLS command. In
|
||||
order to detect such an attack, clients SHOULD warn the user when
|
||||
session privacy is not active and/or be configurable to refuse to
|
||||
proceed without an acceptable level of security.
|
||||
|
||||
A man-in-the-middle attacker can always cause a down-negotiation to
|
||||
the weakest authentication mechanism or cipher suite available. For
|
||||
this reason, implementations SHOULD be configurable to refuse weak
|
||||
mechanisms or cipher suites.
|
||||
|
||||
Any protocol interactions prior to the TLS handshake are performed in
|
||||
the clear and can be modified by a man-in-the-middle attacker. For
|
||||
this reason, clients MUST discard cached information about server
|
||||
capabilities advertised prior to the start of the TLS handshake.
|
||||
|
||||
Clients are encouraged to clearly indicate when the level of
|
||||
encryption active is known to be vulnerable to attack using modern
|
||||
hardware (such as encryption keys with 56 bits of entropy or less).
|
||||
|
||||
The LOGINDISABLED IMAP capability (discussed in section 3.2) only
|
||||
reduces the potential for passive attacks, it provides no protection
|
||||
against active attacks. The responsibility remains with the client
|
||||
to avoid sending a password over a vulnerable channel.
|
||||
|
||||
The PLAIN mechanism relies on the TLS encryption layer for security.
|
||||
When used without TLS, it is vulnerable to a common network
|
||||
eavesdropping attack. Therefore PLAIN MUST NOT be advertised or used
|
||||
unless a suitable TLS encryption layer is active or backwards
|
||||
compatibility dictates otherwise.
|
||||
|
||||
When the PLAIN mechanism is used, the server gains the ability to
|
||||
impersonate the user to all services with the same password
|
||||
regardless of any encryption provided by TLS or other network privacy
|
||||
mechanisms. While many other authentication mechanisms have similar
|
||||
weaknesses, stronger SASL mechanisms such as Kerberos address this
|
||||
issue. Clients are encouraged to have an operational mode where all
|
||||
mechanisms which are likely to reveal the user's password to the
|
||||
server are disabled.
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 11]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
The security considerations for TLS apply to STARTTLS and the
|
||||
security considerations for SASL apply to the PLAIN mechanism.
|
||||
Additional security requirements are discussed in section 2.
|
||||
|
||||
10. References
|
||||
|
||||
[ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
|
||||
Specifications: ABNF", RFC 2234, November 1997.
|
||||
|
||||
[ACAP] Newman, C. and J. Myers, "ACAP -- Application
|
||||
Configuration Access Protocol", RFC 2244, November 1997.
|
||||
|
||||
[AUTH] Haller, N. and R. Atkinson, "On Internet Authentication",
|
||||
RFC 1704, October 1994.
|
||||
|
||||
[CRAM-MD5] Klensin, J., Catoe, R. and P. Krumviede, "IMAP/POP
|
||||
AUTHorize Extension for Simple Challenge/Response", RFC
|
||||
2195, September 1997.
|
||||
|
||||
[IMAP] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, December 1996.
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[MIME-SEC] Galvin, J., Murphy, S., Crocker, S. and N. Freed,
|
||||
"Security Multiparts for MIME: Multipart/Signed and
|
||||
Multipart/Encrypted", RFC 1847, October 1995.
|
||||
|
||||
[POP3] Myers, J. and M. Rose, "Post Office Protocol - Version 3",
|
||||
STD 53, RFC 1939, May 1996.
|
||||
|
||||
[POP3EXT] Gellens, R., Newman, C. and L. Lundblade, "POP3 Extension
|
||||
Mechanism", RFC 2449, November 1998.
|
||||
|
||||
[POP-AUTH] Myers, J., "POP3 AUTHentication command", RFC 1734,
|
||||
December 1994.
|
||||
|
||||
[SASL] Myers, J., "Simple Authentication and Security Layer
|
||||
(SASL)", RFC 2222, October 1997.
|
||||
|
||||
[SMTPTLS] Hoffman, P., "SMTP Service Extension for Secure SMTP over
|
||||
TLS", RFC 2487, January 1999.
|
||||
|
||||
[TLS] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
|
||||
RFC 2246, January 1999.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 12]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
[UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
|
||||
10646", RFC 2279, January 1998.
|
||||
|
||||
|
||||
11. Author's Address
|
||||
|
||||
Chris Newman
|
||||
Innosoft International, Inc.
|
||||
1050 Lakes Drive
|
||||
West Covina, CA 91790 USA
|
||||
|
||||
EMail: chris.newman@innosoft.com
|
||||
|
||||
|
||||
A. Appendix -- Compliance Checklist
|
||||
|
||||
An implementation is not compliant if it fails to satisfy one or more
|
||||
of the MUST requirements for the protocols it implements. An
|
||||
implementation that satisfies all the MUST and all the SHOULD
|
||||
requirements for its protocols is said to be "unconditionally
|
||||
compliant"; one that satisfies all the MUST requirements but not all
|
||||
the SHOULD requirements for its protocols is said to be
|
||||
"conditionally compliant".
|
||||
|
||||
Rules Section
|
||||
----- -------
|
||||
Mandatory-to-implement Cipher Suite 2.1
|
||||
SHOULD have mode where encryption required 2.2
|
||||
server SHOULD have mode where TLS not required 2.2
|
||||
MUST be configurable to refuse all clear-text login
|
||||
commands or mechanisms 2.3
|
||||
server SHOULD be configurable to refuse clear-text
|
||||
login commands on entire server and on per-user basis 2.3
|
||||
client MUST check server identity 2.4
|
||||
client MUST use hostname used to open connection 2.4
|
||||
client MUST NOT use hostname from insecure remote lookup 2.4
|
||||
client SHOULD support subjectAltName of dNSName type 2.4
|
||||
client SHOULD ask for confirmation or terminate on fail 2.4
|
||||
MUST check result of STARTTLS for acceptable privacy 2.5
|
||||
client MUST NOT issue commands after STARTTLS
|
||||
until server response and negotiation done 3.1,4,5.1
|
||||
client MUST discard cached information 3.1,4,5.1,9
|
||||
client SHOULD re-issue CAPABILITY/CAPA command 3.1,4
|
||||
IMAP server with STARTTLS MUST implement LOGINDISABLED 3.2
|
||||
IMAP client MUST NOT issue LOGIN if LOGINDISABLED 3.2
|
||||
POP server MUST implement POP3 extensions 4
|
||||
ACAP server MUST re-issue ACAP greeting 5.1
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 13]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
client SHOULD warn when session privacy not active and/or
|
||||
refuse to proceed without acceptable security level 9
|
||||
SHOULD be configurable to refuse weak mechanisms or
|
||||
cipher suites 9
|
||||
|
||||
The PLAIN mechanism is an optional part of this specification.
|
||||
However if it is implemented the following rules apply:
|
||||
|
||||
Rules Section
|
||||
----- -------
|
||||
MUST NOT use PLAIN unless strong encryption active
|
||||
or backwards compatibility dictates otherwise 6,9
|
||||
MUST use UTF-8 encoding for characters in PLAIN 6
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 14]
|
||||
|
||||
RFC 2595 Using TLS with IMAP, POP3 and ACAP June 1999
|
||||
|
||||
|
||||
Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (1999). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Newman Standards Track [Page 15]
|
||||
|
1291
docs/rfcs/rfc2683.txt
Normal file
1291
docs/rfcs/rfc2683.txt
Normal file
File diff suppressed because it is too large
Load Diff
4427
docs/rfcs/rfc2821.txt
Normal file
4427
docs/rfcs/rfc2821.txt
Normal file
File diff suppressed because it is too large
Load Diff
451
docs/rfcs/rfc2971.txt
Normal file
451
docs/rfcs/rfc2971.txt
Normal file
@ -0,0 +1,451 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group T. Showalter
|
||||
Request for Comments: 2971 Mirapoint, Inc.
|
||||
Category: Standards Track October 2000
|
||||
|
||||
|
||||
IMAP4 ID extension
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2000). All Rights Reserved.
|
||||
|
||||
Abstract
|
||||
|
||||
The ID extension to the Internet Message Access Protocol - Version
|
||||
4rev1 (IMAP4rev1) protocol allows the server and client to exchange
|
||||
identification information on their implementation in order to make
|
||||
bug reports and usage statistics more complete.
|
||||
|
||||
1. Introduction
|
||||
|
||||
The IMAP4rev1 protocol described in [IMAP4rev1] provides a method for
|
||||
accessing remote mail stores, but it provides no facility to
|
||||
advertise what program a client or server uses to provide service.
|
||||
This makes it difficult for implementors to get complete bug reports
|
||||
from users, as it is frequently difficult to know what client or
|
||||
server is in use.
|
||||
|
||||
Additionally, some sites may wish to assemble usage statistics based
|
||||
on what clients are used, but in an an environment where users are
|
||||
permitted to obtain and maintain their own clients this is difficult
|
||||
to accomplish.
|
||||
|
||||
The ID command provides a facility to advertise information on what
|
||||
programs are being used along with contact information (should bugs
|
||||
ever occur).
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 1]
|
||||
|
||||
RFC 2971 IMAP4 ID extension October 2000
|
||||
|
||||
|
||||
2. Conventions Used in this Document
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
|
||||
document are to be interpreted as described in [KEYWORDS].
|
||||
|
||||
The conventions used in this document are the same as specified in
|
||||
[IMAP4rev1]. In examples, "C:" and "S:" indicate lines sent by the
|
||||
client and server respectively. Line breaks have been inserted for
|
||||
readability.
|
||||
|
||||
3. Specification
|
||||
|
||||
The sole purpose of the ID extension is to enable clients and servers
|
||||
to exchange information on their implementations for the purposes of
|
||||
statistical analysis and problem determination.
|
||||
|
||||
This information is be submitted to a server by any client wishing to
|
||||
provide information for statistical purposes, provided the server
|
||||
advertises its willingness to take the information with the atom "ID"
|
||||
included in the list of capabilities returned by the CAPABILITY
|
||||
command.
|
||||
|
||||
Implementations MUST NOT make operational changes based on the data
|
||||
sent as part of the ID command or response. The ID command is for
|
||||
human consumption only, and is not to be used in improving the
|
||||
performance of clients or servers.
|
||||
|
||||
This includes, but is not limited to, the following:
|
||||
|
||||
Servers MUST NOT attempt to work around client bugs by using
|
||||
information from the ID command. Clients MUST NOT attempt to work
|
||||
around server bugs based on the ID response.
|
||||
|
||||
Servers MUST NOT provide features to a client or otherwise
|
||||
optimize for a particular client by using information from the ID
|
||||
command. Clients MUST NOT provide features to a server or
|
||||
otherwise optimize for a particular server based on the ID
|
||||
response.
|
||||
|
||||
Servers MUST NOT deny access to or refuse service for a client
|
||||
based on information from the ID command. Clients MUST NOT refuse
|
||||
to operate or limit their operation with a server based on the ID
|
||||
response.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 2]
|
||||
|
||||
RFC 2971 IMAP4 ID extension October 2000
|
||||
|
||||
|
||||
Rationale: It is imperative that this extension not supplant IMAP's
|
||||
CAPABILITY mechanism with a ad-hoc approach where implementations
|
||||
guess each other's features based on who they claim to be.
|
||||
|
||||
Implementations MUST NOT send false information in an ID command.
|
||||
|
||||
Implementations MAY send less information than they have available or
|
||||
no information at all. Such behavior may be useful to preserve user
|
||||
privacy. See Security Considerations, section 7.
|
||||
|
||||
3.1. ID Command
|
||||
|
||||
Arguments: client parameter list or NIL
|
||||
|
||||
Responses: OPTIONAL untagged response: ID
|
||||
|
||||
Result: OK identification information accepted
|
||||
BAD command unknown or arguments invalid
|
||||
|
||||
Implementation identification information is sent by the client with
|
||||
the ID command.
|
||||
|
||||
This command is valid in any state.
|
||||
|
||||
The information sent is in the form of a list of field/value pairs.
|
||||
Fields are permitted to be any IMAP4 string, and values are permitted
|
||||
to be any IMAP4 string or NIL. A value of NIL indicates that the
|
||||
client can not or will not specify this information. The client may
|
||||
also send NIL instead of the list, indicating that it wants to send
|
||||
no information, but would still accept a server response.
|
||||
|
||||
The available fields are defined in section 3.3.
|
||||
|
||||
Example: C: a023 ID ("name" "sodr" "version" "19.34" "vendor"
|
||||
"Pink Floyd Music Limited")
|
||||
S: * ID NIL
|
||||
S: a023 OK ID completed
|
||||
|
||||
3.2. ID Response
|
||||
|
||||
Contents: server parameter list
|
||||
|
||||
In response to an ID command issued by the client, the server replies
|
||||
with a tagged response containing information on its implementation.
|
||||
The format is the same as the client list.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 3]
|
||||
|
||||
RFC 2971 IMAP4 ID extension October 2000
|
||||
|
||||
|
||||
Example: C: a042 ID NIL
|
||||
S: * ID ("name" "Cyrus" "version" "1.5" "os" "sunos"
|
||||
"os-version" "5.5" "support-url"
|
||||
"mailto:cyrus-bugs+@andrew.cmu.edu")
|
||||
S: a042 OK ID command completed
|
||||
|
||||
A server MUST send a tagged ID response to an ID command. However, a
|
||||
server MAY send NIL in place of the list.
|
||||
|
||||
3.3. Defined Field Values
|
||||
|
||||
Any string may be sent as a field, but the following are defined to
|
||||
describe certain values that might be sent. Implementations are free
|
||||
to send none, any, or all of these. Strings are not case-sensitive.
|
||||
Field strings MUST NOT be longer than 30 octets. Value strings MUST
|
||||
NOT be longer than 1024 octets. Implementations MUST NOT send more
|
||||
than 30 field-value pairs.
|
||||
|
||||
name Name of the program
|
||||
version Version number of the program
|
||||
os Name of the operating system
|
||||
os-version Version of the operating system
|
||||
vendor Vendor of the client/server
|
||||
support-url URL to contact for support
|
||||
address Postal address of contact/vendor
|
||||
date Date program was released, specified as a date-time
|
||||
in IMAP4rev1
|
||||
command Command used to start the program
|
||||
arguments Arguments supplied on the command line, if any
|
||||
if any
|
||||
environment Description of environment, i.e., UNIX environment
|
||||
variables or Windows registry settings
|
||||
|
||||
Implementations MUST NOT use contact information to submit automatic
|
||||
bug reports. Implementations may include information from an ID
|
||||
response in a report automatically prepared, but are prohibited from
|
||||
sending the report without user authorization.
|
||||
|
||||
It is preferable to find the name and version of the underlying
|
||||
operating system at runtime in cases where this is possible.
|
||||
|
||||
Information sent via an ID response may violate user privacy. See
|
||||
Security Considerations, section 7.
|
||||
|
||||
Implementations MUST NOT send the same field name more than once.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 4]
|
||||
|
||||
RFC 2971 IMAP4 ID extension October 2000
|
||||
|
||||
|
||||
4. Formal Syntax
|
||||
|
||||
This syntax is intended to augment the grammar specified in
|
||||
[IMAP4rev1] in order to provide for the ID command. This
|
||||
specification uses the augmented Backus-Naur Form (BNF) notation as
|
||||
used in [IMAP4rev1].
|
||||
|
||||
command_any ::= "CAPABILITY" / "LOGOUT" / "NOOP" / x_command / id
|
||||
;; adds id command to command_any in [IMAP4rev1]
|
||||
|
||||
id ::= "ID" SPACE id_params_list
|
||||
|
||||
id_response ::= "ID" SPACE id_params_list
|
||||
|
||||
id_params_list ::= "(" #(string SPACE nstring) ")" / nil
|
||||
;; list of field value pairs
|
||||
|
||||
response_data ::= "*" SPACE (resp_cond_state / resp_cond_bye /
|
||||
mailbox_data / message_data / capability_data / id_response)
|
||||
|
||||
5. Use of the ID extension with Firewalls and Other Intermediaries
|
||||
|
||||
There exist proxies, firewalls, and other intermediary systems that
|
||||
can intercept an IMAP session and make changes to the data exchanged
|
||||
in the session. Such intermediaries are not anticipated by the IMAP4
|
||||
protocol design and are not within the scope of the IMAP4 standard.
|
||||
However, in order for the ID command to be useful in the presence of
|
||||
such intermediaries, those intermediaries need to take special note
|
||||
of the ID command and response. In particular, if an intermediary
|
||||
changes any part of the IMAP session it must also change the ID
|
||||
command to advertise its presence.
|
||||
|
||||
A firewall MAY act to block transmission of specific information
|
||||
fields in the ID command and response that it believes reveal
|
||||
information that could expose a security vulnerability. However, a
|
||||
firewall SHOULD NOT disable the extension, when present, entirely,
|
||||
and SHOULD NOT unconditionally remove either the client or server
|
||||
list.
|
||||
|
||||
Finally, it should be noted that a firewall, when handling a
|
||||
CAPABILITY response, MUST NOT allow the names of extensions to be
|
||||
returned to the client that the firewall has no knowledge of.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 5]
|
||||
|
||||
RFC 2971 IMAP4 ID extension October 2000
|
||||
|
||||
|
||||
6. References
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", RFC 2119, March 1997.
|
||||
|
||||
[IMAP4rev1] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, October 1996.
|
||||
|
||||
[RFC-822] Crocker, D., "Standard for the Format of ARPA Internet
|
||||
Text Messages", STD 11, RFC 822, August 1982.
|
||||
|
||||
7. Security Considerations
|
||||
|
||||
This extension has the danger of violating the privacy of users if
|
||||
misused. Clients and servers should notify users that they implement
|
||||
and enable the ID command.
|
||||
|
||||
It is highly desirable that implementations provide a method of
|
||||
disabling ID support, perhaps by not sending ID at all, or by sending
|
||||
NIL as the argument to the ID command or response.
|
||||
|
||||
Implementors must exercise extreme care in adding fields sent as part
|
||||
of an ID command or response. Some fields, including a processor ID
|
||||
number, Ethernet address, or other unique (or mostly unique)
|
||||
identifier allow tracking of users in ways that violate user privacy
|
||||
expectations.
|
||||
|
||||
Having implementation information of a given client or server may
|
||||
make it easier for an attacker to gain unauthorized access due to
|
||||
security holes.
|
||||
|
||||
Since this command includes arbitrary data and does not require the
|
||||
user to authenticate, server implementations are cautioned to guard
|
||||
against an attacker sending arbitrary garbage data in order to fill
|
||||
up the ID log. In particular, if a server naively logs each ID
|
||||
command to disk without inspecting it, an attacker can simply fire up
|
||||
thousands of connections and send a few kilobytes of random data.
|
||||
Servers have to guard against this. Methods include truncating
|
||||
abnormally large responses; collating responses by storing only a
|
||||
single copy, then keeping a counter of the number of times that
|
||||
response has been seen; keeping only particularly interesting parts
|
||||
of responses; and only logging responses of users who actually log
|
||||
in.
|
||||
|
||||
Security is affected by firewalls which modify the IMAP protocol
|
||||
stream; see section 5, Use of the ID Extension with Firewalls and
|
||||
Other Intermediaries, for more information.
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 6]
|
||||
|
||||
RFC 2971 IMAP4 ID extension October 2000
|
||||
|
||||
|
||||
8. Author's Address
|
||||
|
||||
Tim Showalter
|
||||
Mirapoint, Inc.
|
||||
909 Hermosa Ct.
|
||||
Sunnyvale, CA 94095
|
||||
|
||||
EMail: tjs@mirapoint.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 7]
|
||||
|
||||
RFC 2971 IMAP4 ID extension October 2000
|
||||
|
||||
|
||||
9. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2000). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Showalter Standards Track [Page 8]
|
||||
|
2019
docs/rfcs/rfc3028.txt
Normal file
2019
docs/rfcs/rfc3028.txt
Normal file
File diff suppressed because it is too large
Load Diff
339
docs/rfcs/rfc3348.txt
Normal file
339
docs/rfcs/rfc3348.txt
Normal file
@ -0,0 +1,339 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Gahrns
|
||||
Request for Comments: 3348 R. Cheng
|
||||
Category: Informational Microsoft
|
||||
July 2002
|
||||
|
||||
|
||||
The Internet Message Action Protocol (IMAP4)
|
||||
Child Mailbox Extension
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This memo provides information for the Internet community. It does
|
||||
not specify an Internet standard of any kind. Distribution of this
|
||||
memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2002). All Rights Reserved.
|
||||
|
||||
Abstract
|
||||
|
||||
The Internet Message Action Protocol (IMAP4) CHILDREN extension
|
||||
provides a mechanism for a client to efficiently determine if a
|
||||
particular mailbox has children, without issuing a LIST "" * or a
|
||||
LIST "" % for each mailbox.
|
||||
|
||||
1. Conventions used in this document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server respectively. If such lines are wrapped without a new "C:" or
|
||||
"S:" label, then the wrapping is for editorial clarity and is not
|
||||
part of the command.
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
|
||||
document are to be interpreted as described in [RFC-2119].
|
||||
|
||||
2. Introduction and Overview
|
||||
|
||||
Many IMAP4 [RFC-2060] clients present to the user a hierarchical view
|
||||
of the mailboxes that a user has access to. Rather than initially
|
||||
presenting to the user the entire mailbox hierarchy, it is often
|
||||
preferable to show to the user a collapsed outline list of the
|
||||
mailbox hierarchy (particularly if there is a large number of
|
||||
mailboxes). The user can then expand the collapsed outline hierarchy
|
||||
as needed. It is common to include within the collapsed hierarchy a
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns, et al. Informational [Page 1]
|
||||
|
||||
RFC 3348 IMAP4 Child Mailbox Extension July 2002
|
||||
|
||||
|
||||
visual clue (such as a "+") to indicate that there are child
|
||||
mailboxes under a particular mailbox. When the visual clue is
|
||||
clicked the hierarchy list is expanded to show the child mailboxes.
|
||||
|
||||
Several IMAP vendors implemented this proposal, and it is proposed to
|
||||
document this behavior and functionality as an Informational RFC.
|
||||
|
||||
There is interest in addressing the general extensibility of the IMAP
|
||||
LIST command through an IMAP LIST Extension draft. Similar
|
||||
functionality to the \HasChildren and \HasNoChildren flags could be
|
||||
incorporated into this new LIST Extension. It is proposed that the
|
||||
more general LIST Extension draft proceed on the standards track with
|
||||
this proposal being relegated to informational status only.
|
||||
|
||||
If the functionality of the \HasChildren and \HasNoChildren flags
|
||||
were incorporated into a more general LIST extension, this would have
|
||||
the advantage that a client could then have the opportunity to
|
||||
request whether or not the server should return this information.
|
||||
This would be an advantage over the current draft for servers where
|
||||
this information is expensive to compute, since the server would only
|
||||
need to compute the information when it knew that the client
|
||||
requesting the information was able to consume it.
|
||||
|
||||
3. Requirements
|
||||
|
||||
IMAP4 servers that support this extension MUST list the keyword
|
||||
CHILDREN in their CAPABILITY response.
|
||||
|
||||
The CHILDREN extension defines two new attributes that MAY be
|
||||
returned within a LIST response.
|
||||
|
||||
\HasChildren - The presence of this attribute indicates that the
|
||||
mailbox has child mailboxes.
|
||||
|
||||
Servers SHOULD NOT return \HasChildren if child mailboxes exist, but
|
||||
none will be displayed to the current user in a LIST response (as
|
||||
should be the case where child mailboxes exist, but a client does not
|
||||
have permissions to access them.) In this case, \HasNoChildren
|
||||
SHOULD be used.
|
||||
|
||||
In many cases, however, a server may not be able to efficiently
|
||||
compute whether a user has access to all child mailboxes, or multiple
|
||||
users may be accessing the same account and simultaneously changing
|
||||
the mailbox hierarchy. As such a client MUST be prepared to accept
|
||||
the \HasChildren attribute as a hint. That is, a mailbox MAY be
|
||||
flagged with the \HasChildren attribute, but no child mailboxes will
|
||||
appear in a subsequent LIST response.
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns, et al. Informational [Page 2]
|
||||
|
||||
RFC 3348 IMAP4 Child Mailbox Extension July 2002
|
||||
|
||||
|
||||
Example 3.1:
|
||||
============
|
||||
|
||||
/*** Consider a server that has the following mailbox hierarchy:
|
||||
|
||||
INBOX
|
||||
ITEM_1
|
||||
ITEM_1A
|
||||
ITEM_2
|
||||
TOP_SECRET
|
||||
|
||||
Where INBOX, ITEM_1 and ITEM_2 are top level mailboxes. ITEM_1A is a
|
||||
child mailbox of ITEM_1 and TOP_SECRET is a child mailbox of ITEM_2
|
||||
that the currently logged on user does NOT have access to.
|
||||
|
||||
Note that in this case, the server is not able to efficiently compute
|
||||
access rights to child mailboxes and responds with a \HasChildren
|
||||
attribute for mailbox ITEM_2, even though ITEM_2/TOP_SECRET does not
|
||||
appear in the list response. ***/
|
||||
|
||||
C: A001 LIST "" *
|
||||
S: * LIST (\HasNoChildren) "/" INBOX
|
||||
S: * LIST (\HasChildren) "/" ITEM_1
|
||||
S: * LIST (\HasNoChildren) "/" ITEM_1/ITEM_1A
|
||||
S: * LIST (\HasChildren) "/" ITEM_2
|
||||
S: A001 OK LIST Completed
|
||||
|
||||
\HasNoChildren - The presence of this attribute indicates that the
|
||||
mailbox has NO child mailboxes that are accessible to the currently
|
||||
authenticated user. If a mailbox has the \Noinferiors attribute, the
|
||||
\HasNoChildren attribute is redundant and SHOULD be omitted in the
|
||||
LIST response.
|
||||
|
||||
In some instances a server that supports the CHILDREN extension MAY
|
||||
NOT be able to determine whether a mailbox has children. For example
|
||||
it may have difficulty determining whether there are child mailboxes
|
||||
when LISTing mailboxes while operating in a particular namespace.
|
||||
|
||||
In these cases, a server MAY exclude both the \HasChildren and
|
||||
\HasNoChildren attributes in the LIST response. As such, a client
|
||||
can not make any assumptions about whether a mailbox has children
|
||||
based upon the absence of a single attribute.
|
||||
|
||||
It is an error for the server to return both a \HasChildren and a
|
||||
\HasNoChildren attribute in a LIST response.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns, et al. Informational [Page 3]
|
||||
|
||||
RFC 3348 IMAP4 Child Mailbox Extension July 2002
|
||||
|
||||
|
||||
It is an error for the server to return both a \HasChildren and a
|
||||
\NoInferiors attribute in a LIST response.
|
||||
|
||||
Note: the \HasNoChildren attribute should not be confused with the
|
||||
IMAP4 [RFC-2060] defined attribute \Noinferiors which indicates that
|
||||
no child mailboxes exist now and none can be created in the future.
|
||||
|
||||
The \HasChildren and \HasNoChildren attributes might not be returned
|
||||
in response to a LSUB response. Many servers maintain a simple
|
||||
mailbox subscription list that is not updated when the underlying
|
||||
mailbox structure is changed. A client MUST NOT assume that
|
||||
hierarchy information will be maintained in the subscription list.
|
||||
|
||||
RLIST is a command defined in [RFC-2193] that includes in a LIST
|
||||
response mailboxes that are accessible only via referral. That is, a
|
||||
client must explicitly issue an RLIST command to see a list of these
|
||||
mailboxes. Thus in the case where a mailbox has child mailboxes that
|
||||
are available only via referral, the mailboxes would appear as
|
||||
\HasNoChildren in response to the LIST command, and \HasChildren in
|
||||
response to the RLIST command.
|
||||
|
||||
5. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) as described in [ABNF].
|
||||
|
||||
Two new mailbox attributes are defined as flag_extensions to the
|
||||
IMAP4 mailbox_list response:
|
||||
|
||||
HasChildren = "\HasChildren"
|
||||
|
||||
HasNoChildren = "\HasNoChildren"
|
||||
|
||||
6. Security Considerations
|
||||
|
||||
This extension provides a client a more efficient means of
|
||||
determining whether a particular mailbox has children. If a mailbox
|
||||
has children, but the currently authenticated user does not have
|
||||
access to any of them, the server SHOULD respond with a
|
||||
\HasNoChildren attribute. In many cases, however, a server may not
|
||||
be able to efficiently compute whether a user has access to all child
|
||||
mailboxes. If such a server responds with a \HasChildren attribute,
|
||||
when in fact the currently authenticated user does not have access to
|
||||
any child mailboxes, potentially more information is conveyed about
|
||||
the mailbox than intended. A server designed with such levels of
|
||||
security in mind SHOULD NOT attach the \HasChildren attribute to a
|
||||
mailbox unless the server is certain that the user has access to at
|
||||
least one of the child mailboxes.
|
||||
|
||||
|
||||
|
||||
Gahrns, et al. Informational [Page 4]
|
||||
|
||||
RFC 3348 IMAP4 Child Mailbox Extension July 2002
|
||||
|
||||
|
||||
7. References
|
||||
|
||||
[RFC-2060] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 2060, December 1996.
|
||||
|
||||
[RFC-2119] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[RFC-2234] Crocker, D. and P. Overell, Editors, "Augmented BNF for
|
||||
Syntax Specifications: ABNF", RFC 2234, November 1997.
|
||||
|
||||
[RFC-2193] Gahrns, M., "IMAP4 Mailbox Referrals", RFC 2193, September
|
||||
1997.
|
||||
|
||||
8. Acknowledgments
|
||||
|
||||
The authors would like to thank the participants of several IMC Mail
|
||||
Connect events for their input when this idea was originally
|
||||
presented and refined.
|
||||
|
||||
9. Author's Address
|
||||
|
||||
Mike Gahrns
|
||||
Microsoft
|
||||
One Microsoft Way
|
||||
Redmond, WA, 98052
|
||||
Phone: (425) 936-9833
|
||||
EMail: mikega@microsoft.com
|
||||
|
||||
Raymond Cheng
|
||||
Microsoft
|
||||
One Microsoft Way
|
||||
Redmond, WA, 98052
|
||||
Phone: (425) 703-4913
|
||||
EMail: raych@microsoft.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns, et al. Informational [Page 5]
|
||||
|
||||
RFC 3348 IMAP4 Child Mailbox Extension July 2002
|
||||
|
||||
|
||||
10. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2002). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Gahrns, et al. Informational [Page 6]
|
||||
|
6051
docs/rfcs/rfc3501.txt
Normal file
6051
docs/rfcs/rfc3501.txt
Normal file
File diff suppressed because it is too large
Load Diff
395
docs/rfcs/rfc3502.txt
Normal file
395
docs/rfcs/rfc3502.txt
Normal file
@ -0,0 +1,395 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Crispin
|
||||
Request for Comments: 3502 University of Washington
|
||||
Category: Standards Track March 2003
|
||||
|
||||
|
||||
Internet Message Access Protocol (IMAP) - MULTIAPPEND Extension
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2003). All Rights Reserved.
|
||||
|
||||
Abstract
|
||||
|
||||
This document describes the multiappending extension to the Internet
|
||||
Message Access Protocol (IMAP) (RFC 3501). This extension provides
|
||||
substantial performance improvements for IMAP clients which upload
|
||||
multiple messages at a time to a mailbox on the server.
|
||||
|
||||
A server which supports this extension indicates this with a
|
||||
capability name of "MULTIAPPEND".
|
||||
|
||||
Terminology
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "MAY", and "OPTIONAL" in this document are to
|
||||
be interpreted as described in [KEYWORDS].
|
||||
|
||||
Introduction
|
||||
|
||||
The MULTIAPPEND extension permits uploading of multiple messages with
|
||||
a single command. When used in conjunction with the [LITERAL+]
|
||||
extension, the entire upload is accomplished in a single
|
||||
command/response round trip.
|
||||
|
||||
A MULTIAPPEND APPEND operation is atomic; either all messages are
|
||||
successfully appended, or no messages are appended.
|
||||
|
||||
In the base IMAP specification, each message must be appended in a
|
||||
separate command, and there is no mechanism to "unappend" messages if
|
||||
an error occurs while appending. Also, some mail stores may require
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 1]
|
||||
|
||||
RFC 3502 IMAP MULTIAPPEND March 2003
|
||||
|
||||
|
||||
an expensive "open/lock + sync/unlock/close" operation as part of
|
||||
appending; this can be quite expensive if it must be done on a
|
||||
per-message basis.
|
||||
|
||||
If the server supports both LITERAL+ and pipelining but not
|
||||
MULTIAPPEND, it may be possible to get some of the performance
|
||||
advantages of MULTIAPPEND by doing a pipelined "batch" append.
|
||||
However, it will not work as well as MULTIAPPEND for the following
|
||||
reasons:
|
||||
|
||||
1) Multiple APPEND commands, even as part of a pipelined batch,
|
||||
are non-atomic by definition. There is no way to revert the
|
||||
mailbox to the state before the batch append in the event of an
|
||||
error.
|
||||
|
||||
2) It may not be feasible for the server to coalesce pipelined
|
||||
APPEND operations so as to avoid the "open/lock +
|
||||
sync/unlock/close" overhead described above. In any case, such
|
||||
coalescing would be timing dependent and thus potentially
|
||||
unreliable. In particular, with traditional UNIX mailbox files,
|
||||
it is assumed that a lock is held only for a single atomic
|
||||
operation, and many applications disregard any lock that is
|
||||
older than 5 minutes.
|
||||
|
||||
3) If an error occurs, depending upon the nature of the error,
|
||||
it is possible for additional messages to be appended after the
|
||||
error. For example, the user wants to append 5 messages, but a
|
||||
disk quota error occurs with the third message because of its
|
||||
size. However, the fourth and fifth messages have already been
|
||||
sent in the pipeline, so the mailbox ends up with the first,
|
||||
second, fourth, and fifth messages of the batch appended.
|
||||
|
||||
6.3.11. APPEND Command
|
||||
|
||||
Arguments: mailbox name
|
||||
one or more messages to upload, specified as:
|
||||
OPTIONAL flag parenthesized list
|
||||
OPTIONAL date/time string
|
||||
message literal
|
||||
|
||||
Data: no specific responses for this command
|
||||
|
||||
Result: OK - append completed
|
||||
NO - append error: can't append to that mailbox, error
|
||||
in flags or date/time or message text,
|
||||
append cancelled
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 2]
|
||||
|
||||
RFC 3502 IMAP MULTIAPPEND March 2003
|
||||
|
||||
|
||||
The APPEND command appends the literal arguments as new messages
|
||||
to the end of the specified destination mailbox. This argument
|
||||
SHOULD be in the format of an [RFC-2822] message. 8-bit
|
||||
characters are permitted in the message. A server implementation
|
||||
that is unable to preserve 8-bit data properly MUST be able to
|
||||
reversibly convert 8-bit APPEND data to 7-bit using a [MIME-IMB]
|
||||
content transfer encoding.
|
||||
|
||||
Note: There MAY be exceptions, e.g., draft messages, in
|
||||
which required [RFC-2822] header lines are omitted in the
|
||||
message literal argument to APPEND. The full implications
|
||||
of doing so MUST be understood and carefully weighed.
|
||||
|
||||
If a flag parenthesized list is specified, the flags SHOULD be set
|
||||
in the resulting message; otherwise, the flag list of the
|
||||
resulting message is set empty by default.
|
||||
|
||||
If a date-time is specified, the internal date SHOULD be set in
|
||||
the resulting message; otherwise, the internal date of the
|
||||
resulting message is set to the current date and time by default.
|
||||
|
||||
A zero-length message literal argument is an error, and MUST
|
||||
return a NO. This can be used to cancel the append.
|
||||
|
||||
If the append is unsuccessful for any reason (including being
|
||||
cancelled), the mailbox MUST be restored to its state before the
|
||||
APPEND attempt; no partial appending is permitted. The server MAY
|
||||
return an error before processing all the message arguments.
|
||||
|
||||
If the destination mailbox does not exist, a server MUST return an
|
||||
error, and MUST NOT automatically create the mailbox. Unless it
|
||||
is certain that the destination mailbox can not be created, the
|
||||
server MUST send the response code "[TRYCREATE]" as the prefix of
|
||||
the text of the tagged NO response. This gives a hint to the
|
||||
client that it can attempt a CREATE command and retry the APPEND
|
||||
if the CREATE is successful.
|
||||
|
||||
If the mailbox is currently selected, the normal new message
|
||||
actions SHOULD occur. Specifically, the server SHOULD notify the
|
||||
client immediately via an untagged EXISTS response. If the server
|
||||
does not do so, the client MAY issue a NOOP command (or failing
|
||||
that, a CHECK command) after one or more APPEND commands.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 3]
|
||||
|
||||
RFC 3502 IMAP MULTIAPPEND March 2003
|
||||
|
||||
|
||||
Example: C: A003 APPEND saved-messages (\Seen) {329}
|
||||
S: + Ready for literal data
|
||||
C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
|
||||
C: From: Fred Foobar <foobar@Blurdybloop.example.COM>
|
||||
C: Subject: afternoon meeting
|
||||
C: To: mooch@owatagu.example.net
|
||||
C: Message-Id: <B27397-0100000@Blurdybloop.example.COM>
|
||||
C: MIME-Version: 1.0
|
||||
C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
|
||||
C:
|
||||
C: Hello Joe, do you think we can meet at 3:30 tomorrow?
|
||||
C: (\Seen) " 7-Feb-1994 22:43:04 -0800" {295}
|
||||
S: + Ready for literal data
|
||||
C: Date: Mon, 7 Feb 1994 22:43:04 -0800 (PST)
|
||||
C: From: Joe Mooch <mooch@OWaTaGu.example.net>
|
||||
C: Subject: Re: afternoon meeting
|
||||
C: To: foobar@blurdybloop.example.com
|
||||
C: Message-Id: <a0434793874930@OWaTaGu.example.net>
|
||||
C: MIME-Version: 1.0
|
||||
C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
|
||||
C:
|
||||
C: 3:30 is fine with me.
|
||||
C:
|
||||
S: A003 OK APPEND completed
|
||||
C: A004 APPEND bogusname (\Flagged) {1023}
|
||||
S: A004 NO [TRYCREATE] No such mailbox as bogusname
|
||||
C: A005 APPEND test (\Flagged) {99}
|
||||
S: + Ready for literal data
|
||||
C: Date: Mon, 7 Feb 2000 22:43:04 -0800 (PST)
|
||||
C: From: Fred Foobar <fred@example.com>
|
||||
C: Subject: hmm...
|
||||
C: {35403}
|
||||
S: A005 NO APPEND failed: Disk quota exceeded
|
||||
|
||||
Note: The APPEND command is not used for message delivery,
|
||||
because it does not provide a mechanism to transfer [SMTP]
|
||||
envelope information.
|
||||
|
||||
Modification to IMAP4rev1 Base Protocol Formal Syntax
|
||||
|
||||
The following syntax specification uses the Augmented Backus-Naur
|
||||
Form (ABNF) notation as specified in [ABNF].
|
||||
|
||||
append = "APPEND" SP mailbox 1*append-message
|
||||
|
||||
append-message = [SP flag-list] [SP date-time] SP literal
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 4]
|
||||
|
||||
RFC 3502 IMAP MULTIAPPEND March 2003
|
||||
|
||||
|
||||
MULTIAPPEND Interaction with UIDPLUS Extension
|
||||
|
||||
Servers which support both MULTIAPPEND and [UIDPLUS] will have the
|
||||
"resp-code-apnd" rule modified as follows:
|
||||
|
||||
resp-code-apnd = "APPENDUID" SP nz-number SP set
|
||||
|
||||
That is, the APPENDUID response code returns as many UIDs as there
|
||||
were messages appended in the multiple append. The UIDs returned
|
||||
should be in the order the articles where appended. The message set
|
||||
may not contain extraneous UIDs or the symbol "*".
|
||||
|
||||
Security Considerations
|
||||
|
||||
The MULTIAPPEND extension does not raise any security considerations
|
||||
that are not present in the base [IMAP] protocol, and these issues
|
||||
are discussed in [IMAP]. Nevertheless, it is important to remember
|
||||
that IMAP4rev1 protocol transactions, including electronic mail data,
|
||||
are sent in the clear over the network unless protection from
|
||||
snooping is negotiated, either by the use of STARTTLS, privacy
|
||||
protection is negotiated in the AUTHENTICATE command, or some other
|
||||
protection mechanism is in effect.
|
||||
|
||||
Normative References
|
||||
|
||||
[ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
|
||||
Specifications: ABNF", RFC 2234, November 1997.
|
||||
|
||||
[IMAP] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 3501, March 2003.
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[MIME-IMB] Freed, N. and N. Borenstein, "MIME (Multipurpose Internet
|
||||
Mail Extensions) Part One: Format of Internet Message
|
||||
Bodies", RFC 2045, November 1996.
|
||||
|
||||
[RFC-2822] Resnick, P., "Internet Message Format", RFC 2822, April
|
||||
2001.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 5]
|
||||
|
||||
RFC 3502 IMAP MULTIAPPEND March 2003
|
||||
|
||||
|
||||
Informative References
|
||||
|
||||
[LITERAL+] Myers, J., "IMAP4 non-synchronizing literals", RFC 2088,
|
||||
January 1997.
|
||||
|
||||
[UIDPLUS] Myers, J., "IMAP4 UIDPLUS extension", RFC 2359, June 1988.
|
||||
|
||||
[SMTP] Klensin, J., Editor, "Simple Mail Transfer Protocol", RFC
|
||||
2821, April 2001.
|
||||
|
||||
Author's Address
|
||||
|
||||
Mark R. Crispin
|
||||
Networks and Distributed Computing
|
||||
University of Washington
|
||||
4545 15th Avenue NE
|
||||
Seattle, WA 98105-4527
|
||||
|
||||
Phone: (206) 543-5762
|
||||
EMail: MRC@CAC.Washington.EDU
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 6]
|
||||
|
||||
RFC 3502 IMAP MULTIAPPEND March 2003
|
||||
|
||||
|
||||
Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2003). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 7]
|
||||
|
507
docs/rfcs/rfc3503.txt
Normal file
507
docs/rfcs/rfc3503.txt
Normal file
@ -0,0 +1,507 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group A. Melnikov
|
||||
Request for Comments: 3503 ACI Worldwide/MessagingDirect
|
||||
Category: Standards Track March 2003
|
||||
|
||||
|
||||
Message Disposition Notification (MDN) profile for
|
||||
Internet Message Access Protocol (IMAP)
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2003). All Rights Reserved.
|
||||
|
||||
Abstract
|
||||
|
||||
The Message Disposition Notification (MDN) facility defined in RFC
|
||||
2298 provides a means by which a message can request that message
|
||||
processing by the recipient be acknowledged as well as a format to be
|
||||
used for such acknowledgements. However, it doesn't describe how
|
||||
multiple Mail User Agents (MUAs) should handle the generation of MDNs
|
||||
in an Internet Message Access Protocol (IMAP4) environment.
|
||||
|
||||
This document describes how to handle MDNs in such an environment and
|
||||
provides guidelines for implementers of IMAP4 that want to add MDN
|
||||
support to their products.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 1]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Conventions Used in this Document............................. 2
|
||||
2. Introduction and Overview..................................... 2
|
||||
3. Client behavior............................................... 3
|
||||
3.1. Client behavior when receiving a message................. 5
|
||||
3.2. Client behavior when copying a message................... 5
|
||||
3.3. Client behavior when sending a message................... 5
|
||||
3.4. Client behavior when saving a temporary message.......... 5
|
||||
4. Server behavior............................................... 5
|
||||
4.1. Server that supports arbitrary keywords.................. 5
|
||||
4.2. Server that supports only $MDNSent keyword............... 5
|
||||
4.3. Interaction with IMAP ACL extension...................... 6
|
||||
5. Examples...................................................... 6
|
||||
6. Security Considerations....................................... 7
|
||||
7. Formal Syntax................................................. 7
|
||||
8. Acknowledgments............................................... 7
|
||||
9. Normative References.......................................... 8
|
||||
10. Author's Address.............................................. 8
|
||||
11. Full Copyright Statement...................................... 9
|
||||
|
||||
1. Conventions Used in this Document
|
||||
|
||||
"C:" and "S:" in examples show lines sent by the client and server
|
||||
respectively.
|
||||
|
||||
The keywords "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in
|
||||
this document when typed in uppercase are to be interpreted as
|
||||
defined in "Key words for use in RFCs to Indicate Requirement Levels"
|
||||
[KEYWORDS].
|
||||
|
||||
2. Introduction and Overview
|
||||
|
||||
This memo defines an additional [IMAP4] mailbox keyword that allows
|
||||
multiple Mail User Agents (MUAs) to know if a requested receipt
|
||||
notification was sent.
|
||||
|
||||
Message Disposition Notification [MDN] does not require any special
|
||||
support of IMAP in the case where a user has access to the mailstore
|
||||
from only one computer and is using a single MUA. In this case, the
|
||||
MUA behaves as described in [MDN], i.e., the MUA performs automatic
|
||||
processing and generates corresponding MDNs, it performs requested
|
||||
action and, with the user's permission, sends appropriate MDNs. The
|
||||
MUA will not send MDN twice because the MUA keeps track of sent
|
||||
notifications in a local configuration. However, that does not work
|
||||
when IMAP is used to access the same mailstore from different
|
||||
locations or is using different MUAs.
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 2]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
This document defines a new special purpose mailbox keyword $MDNSent
|
||||
that must be used by MUAs. It does not define any new command or
|
||||
response for IMAP, but describes a technique that MUAs should use to
|
||||
achieve interoperability.
|
||||
|
||||
When a client opens a mailbox for the first time, it verifies that
|
||||
the server is capable of storing the $MDNSent keyword by examining
|
||||
the PERMANENTFLAGS response code. In order to support MDN in IMAP, a
|
||||
server MUST support either the $MDNSent keyword, or arbitrary message
|
||||
keywords.
|
||||
|
||||
3. Client behavior
|
||||
|
||||
The use of IMAP requires few additional steps in mail processing on
|
||||
the client side. The following timeline modifies the timeline found
|
||||
in Section 4 of [MDN].
|
||||
|
||||
-- User composes message.
|
||||
|
||||
-- User tells MUA to send message.
|
||||
|
||||
-- MUA passes message to MSA (original recipient information passed
|
||||
along). MUA [optionally] saves message to a folder for sent mail
|
||||
with $MDNSent flag set.
|
||||
|
||||
-- MSA sends message to MTA.
|
||||
|
||||
-- Final MTA receives message.
|
||||
|
||||
-- Final MTA delivers message to MUA (possibly generating DSN).
|
||||
|
||||
-- MUA logs into IMAP server, opens mailbox, verifies if mailbox can
|
||||
store $MDNSent keyword by examining PERMANENTFLAGS response.
|
||||
|
||||
-- MUA performs automatic processing and generates corresponding MDNs
|
||||
("dispatched", "processed", "deleted", "denied" or "failed"
|
||||
disposition type with "automatic-action" and "MDN-sent-
|
||||
automatically" disposition modes) for messages that do not have
|
||||
$MDNSent keyword, or \Draft flag set. (*)
|
||||
|
||||
-- MUA sets the $MDNSent keyword for every message that required an
|
||||
automatic MDN to be sent, whether or not the MDN was sent.
|
||||
|
||||
-- MUA displays a list of messages to user.
|
||||
|
||||
-- User selects a message and requests that some action be performed
|
||||
on it.
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 3]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
-- MUA performs requested action and, with user's permission, sends
|
||||
appropriate MDN ("displayed", "dispatched", "processed",
|
||||
"deleted", "denied" or "failed" disposition type with "manual-
|
||||
action" and "MDN-sent-manually" or "MDN-sent-automatically"
|
||||
disposition mode). If the generated MDN is saved to a mailbox
|
||||
with the APPEND command, the client MUST specify the $MDNSent
|
||||
keyword in the APPEND.
|
||||
|
||||
-- MUA sets the $MDNSent keyword for all messages for which the user
|
||||
confirmed the dispatching of disposition (or was explicitly
|
||||
prohibited to do so).
|
||||
|
||||
-- User possibly performs other actions on message, but no further
|
||||
MDNs are generated.
|
||||
|
||||
(*) Note: MUA MUST NOT use \Recent flag as an indicator that it
|
||||
should send MDN, because according to [IMAP4], "If multiple
|
||||
connections have the same mailbox selected simultaneously, it is
|
||||
undefined which of these connections will see newly-arrived
|
||||
messages with \Recent set and which will see it without \Recent
|
||||
set". Thus, using \Recent as an indicator will cause
|
||||
unpredictable client behavior with different IMAP4 servers.
|
||||
However, the client MAY use \Seen flag as one of the indicators
|
||||
that MDN must not be sent. The client MUST NOT use any other
|
||||
standard flags, like \Draft or \Answered, to indicate that MDN
|
||||
was previously sent, because they have different well known
|
||||
meaning. In any case, in the presence of the $MDNSent keyword,
|
||||
the client MUST ignore all other flags or keywords for the
|
||||
purpose of generating an MDN and MUST NOT send the MDN.
|
||||
|
||||
When the client opens a mailbox for the first time, it must verify
|
||||
that the server supports the $MDNSent keyword, or arbitrary message
|
||||
keywords by examining PERMANENTFLAGS response code.
|
||||
|
||||
The client MUST NOT try to set the $MDNSent keyword if the server is
|
||||
incapable of storing it permanently.
|
||||
|
||||
The client MUST be prepared to receive NO from the server as the
|
||||
result of STORE $MDNSent when the server advertises the support of
|
||||
storing arbitrary keywords, because the server may limit the number
|
||||
of message keywords it can store in a particular mailbox. A client
|
||||
SHOULD NOT send MDN if it fails to store the $MDNSent keyword.
|
||||
|
||||
Once the $MDNSent keyword is set, it MUST NOT be unset by a client.
|
||||
The client MAY set the $MDNSent keyword when a user denies sending
|
||||
the notification. This prohibits all other MUAs from sending MDN for
|
||||
this message.
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 4]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
3.1. Client behavior when receiving a message
|
||||
|
||||
The client MUST NOT send MDN if a message has the $MDNSent keyword
|
||||
set. It also MUST NOT send MDN if a message has \Draft flag, because
|
||||
some clients use this flag to mark a message as incomplete.
|
||||
|
||||
See the timeline in section 3 for details on client behavior when
|
||||
receiving a message.
|
||||
|
||||
3.2. Client behavior when copying a message
|
||||
|
||||
The client SHOULD verify that $MDNSent is preserved on a COPY
|
||||
operation. Furthermore, when a message is copied between servers
|
||||
with the APPEND command, the client MUST set the $MDNSent keyword
|
||||
correctly.
|
||||
|
||||
3.3. Client behavior when sending a message
|
||||
|
||||
When saving a sent message to any folder, the client MUST set the
|
||||
$MDNSent keyword to prevent another client from sending MDN for the
|
||||
message.
|
||||
|
||||
3.4. Client behavior when saving a temporary message
|
||||
|
||||
When saving an unfinished message to any folder client MUST set
|
||||
$MDNSent keyword to prevent another client from sending MDN for the
|
||||
message.
|
||||
|
||||
4. Server behavior
|
||||
|
||||
Server implementors that want to follow this specification must
|
||||
insure that their server complies with either section 4.1 or section
|
||||
4.2. If the server also supports the IMAP [ACL] extension, it MUST
|
||||
also comply with the section 4.3.
|
||||
|
||||
4.1. Server that supports arbitrary keywords
|
||||
|
||||
No changes are required from the server to make it compatible with
|
||||
the extension described in this document if it supports arbitrary
|
||||
keywords.
|
||||
|
||||
4.2. Server that supports only $MDNSent keyword
|
||||
|
||||
Servers that support only the $MDNSent keyword MUST preserve it on
|
||||
the COPY operation. It is also expected that a server that supports
|
||||
SEARCH <flag> will also support the SEARCH KEYWORD $MDNSent.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 5]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
4.3. Interaction with IMAP ACL extension
|
||||
|
||||
Any server that conforms to either 4.1 or 4.2 and also supports the
|
||||
IMAP [ACL] extension, SHOULD preserve the $MDNSent keyword on COPY
|
||||
even if the client does not have 'w' right. This will prevent the
|
||||
generation of a duplicated MDN for the same message. Note that the
|
||||
server MUST still check if the client has rights to perform the COPY
|
||||
operation on a message according to [ACL].
|
||||
|
||||
5. Examples
|
||||
|
||||
1) MUA opens mailbox for the first time.
|
||||
|
||||
a) The server supports storing of arbitrary keywords
|
||||
|
||||
C: a100 select INBOX
|
||||
S: * FLAGS (\Flagged \Draft \Deleted \Seen)
|
||||
S: * OK [PERMANENTFLAGS (\Flagged \Draft \Deleted \Seen \*)]
|
||||
S: * 5 EXISTS
|
||||
S: * 3 RECENT
|
||||
S: * OK [UIDVALIDITY 894294713]
|
||||
S: a100 OK [READ-WRITE] Completed
|
||||
|
||||
b) The server supports storing of the $MDNSent keyword
|
||||
|
||||
C: a100 select INBOX
|
||||
S: * FLAGS (\Flagged \Draft \Deleted \Seen $MDNSent)
|
||||
S: * OK [PERMANENTFLAGS (\Flagged \Draft \Deleted \Seen $MDNSent)]
|
||||
S: * 5 EXISTS
|
||||
S: * 3 RECENT
|
||||
S: * OK [UIDVALIDITY 894294713]
|
||||
S: a100 OK [READ-WRITE] Completed
|
||||
|
||||
2) The MUA successfully sets the $MDNSent keyword
|
||||
|
||||
C: a200 STORE 4 +FLAGS ($MDNSent)
|
||||
S: * 4 FETCH (FLAGS (\Flagged \Seen $MDNSent))
|
||||
S: * FLAGS ($MDNSent \Flagged \Deleted \Draft \Seen)
|
||||
S: * OK [PERMANENTFLAGS ($MDNSent \Flagged \Deleted \Draft \Seen \*)]
|
||||
S: a200 OK STORE completed
|
||||
|
||||
3) The server refuses to store the $MDNSent keyword
|
||||
|
||||
C: a200 STORE 4 +FLAGS ($MDNSent)
|
||||
S: a200 NO STORE failed : no space left to store $MDNSent keyword
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 6]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
4) All clients and servers MUST treat the $MDNSent keyword as case
|
||||
insensitive in all operations, as stated in [IMAP].
|
||||
|
||||
C: a300 FETCH 1:* FLAGS
|
||||
S: * 1 FETCH (FLAGS (\Seen))
|
||||
S: * 2 FETCH (FLAGS (\Answered \Seen $MdnSENt))
|
||||
S: * 3 FETCH (FLAGS ())
|
||||
S: * 4 FETCH (FLAGS (\Flagged \Seen $MdnSENT))
|
||||
S: * 5 FETCH (FLAGS ($MDNSent))
|
||||
S: * 6 FETCH (FLAGS (\Recent))
|
||||
S: a300 OK FETCH completed
|
||||
C: a400 SEARCH KEYWORDS $mdnsent
|
||||
S: * SEARCH 2 4 5
|
||||
S: a400 OK SEARCH completed
|
||||
|
||||
6. Security Considerations
|
||||
|
||||
There are no known security issues with this extension, not found in
|
||||
[MDN] and/or [IMAP4].
|
||||
|
||||
Section 4.3 changes ACL checking requirements on an IMAP server that
|
||||
implements IMAP [ACL] extension.
|
||||
|
||||
7. Formal Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (BNF) notation as specified in [RFC-822], as modified by
|
||||
[IMAP4]. Non-terminals referenced, but not defined below, are as
|
||||
defined by [IMAP4].
|
||||
|
||||
Except as noted otherwise, all alphabetic characters are case-
|
||||
insensitive. The use of upper or lower case characters to define
|
||||
token strings is for editorial clarity only. Implementations MUST
|
||||
accept these strings in a case-insensitive fashion.
|
||||
|
||||
flag_keyword ::= "$MDNSent" / other_keywords
|
||||
|
||||
other_keywords ::= atom
|
||||
|
||||
8. Acknowledgments
|
||||
|
||||
This document is the product of discussions that took place on the
|
||||
IMAP mailing list. Special gratitude to Cyrus Daboo and Randall
|
||||
Gellens for reviewing the document.
|
||||
|
||||
Thank you to my father who as he has helped to make me what I am. I
|
||||
miss you terribly.
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 7]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
9. Normative References
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[MDN] Fajman, R., "An Extensible Message Format for Message
|
||||
Disposition Notifications", RFC 2298, March 1998.
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 3501, March 2003.
|
||||
|
||||
[ACL] Myers, J., "IMAP4 ACL extension", RFC 2086, January 1997.
|
||||
|
||||
10. Author's Address
|
||||
|
||||
Alexey Melnikov
|
||||
ACI Worldwide/MessagingDirect
|
||||
59 Clarendon Road
|
||||
Watford, Hertfordshire
|
||||
United Kingdom, WD17 1FQ
|
||||
|
||||
Phone: +44 1923 81 2877
|
||||
EMail: mel@messagingdirect.com
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 8]
|
||||
|
||||
RFC 3503 MDN profile for IMAP March 2003
|
||||
|
||||
|
||||
11. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2003). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 9]
|
||||
|
451
docs/rfcs/rfc3516.txt
Normal file
451
docs/rfcs/rfc3516.txt
Normal file
@ -0,0 +1,451 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group L. Nerenberg
|
||||
Request for Comments: 3516 Orthanc Systems
|
||||
Category: Standards Track April 2003
|
||||
|
||||
|
||||
IMAP4 Binary Content Extension
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2003). All Rights Reserved.
|
||||
|
||||
Abstract
|
||||
|
||||
This memo defines the Binary extension to the Internet Message Access
|
||||
Protocol (IMAP4). It provides a mechanism for IMAP4 clients and
|
||||
servers to exchange message body data without using a MIME content-
|
||||
transfer-encoding.
|
||||
|
||||
1. Conventions Used in this Document
|
||||
|
||||
The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
|
||||
in this document are to be interpreted as described in [KEYWORD].
|
||||
|
||||
The abbreviation "CTE" means content-transfer-encoding.
|
||||
|
||||
2. Introduction
|
||||
|
||||
The MIME extensions to Internet messaging allow for the transmission
|
||||
of non-textual (binary) message content [MIME-IMB]. Since the
|
||||
traditional transports for messaging are not always capable of
|
||||
passing binary data transparently, MIME provides encoding schemes
|
||||
that allow binary content to be transmitted over transports that are
|
||||
not otherwise able to do so.
|
||||
|
||||
The overhead of MIME-encoding this content can be considerable in
|
||||
some contexts (e.g., slow radio links, streaming multimedia).
|
||||
Reducing the overhead associated with CTE schemes such as base64
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 1]
|
||||
|
||||
RFC 3516 IMAP4 Binary Content Extension April 2003
|
||||
|
||||
|
||||
can give a noticeable reduction in resource consumption. The Binary
|
||||
extension lets the server perform CTE decoding prior to transmitting
|
||||
message data to the client.
|
||||
|
||||
3. Content-Transfer-Encoding Considerations
|
||||
|
||||
Every IMAP4 body section has a MIME content-transfer-encoding.
|
||||
(Those without an explicit Content-Transfer-Encoding header are
|
||||
implicitly labeled as "7bit" content.) In the terminology of [MIME-
|
||||
IMB], the CTE specifies both a decoding algorithm and the domain of
|
||||
the decoded data. In this memo, "decoding" refers to the CTE
|
||||
decoding step described in [MIME-IMB].
|
||||
|
||||
Certain CTEs use an identity encoding transformation. For these CTEs
|
||||
there is no decoding required, however the domain of the underlying
|
||||
data may not be expressible in the IMAP4 protocol (e.g., MIME
|
||||
"binary" content containing NUL octets). To accommodate these cases
|
||||
the Binary extension introduces a new type of literal protocol
|
||||
element that is fully eight bit transparent.
|
||||
|
||||
Thus, server processing of the FETCH BINARY command involves two
|
||||
logical steps:
|
||||
|
||||
1) perform any CTE-related decoding
|
||||
|
||||
2) determine the domain of the decoded data
|
||||
|
||||
Step 2 is necessary to determine which protocol element should be
|
||||
used to transmit the decoded data. (See FETCH Response Extensions
|
||||
for further details.)
|
||||
|
||||
4. Framework for the IMAP4 Binary Extension
|
||||
|
||||
This memo defines the following extensions to [IMAP4rev1].
|
||||
|
||||
4.1. CAPABILITY Identification
|
||||
|
||||
IMAP4 servers that support this extension MUST include "BINARY" in
|
||||
the response list to the CAPABILITY command.
|
||||
|
||||
4.2. FETCH Command Extensions
|
||||
|
||||
This extension defines three new FETCH command data items.
|
||||
|
||||
BINARY<section-binary>[<partial>]
|
||||
|
||||
Requests that the specified section be transmitted after
|
||||
performing CTE-related decoding.
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 2]
|
||||
|
||||
RFC 3516 IMAP4 Binary Content Extension April 2003
|
||||
|
||||
|
||||
The <partial> argument, if present, requests that a subset of
|
||||
the data be returned. The semantics of a partial FETCH BINARY
|
||||
command are the same as for a partial FETCH BODY command, with
|
||||
the exception that the <partial> arguments refer to the DECODED
|
||||
section data.
|
||||
|
||||
BINARY.PEEK<section-binary>[<partial>]
|
||||
|
||||
An alternate form of FETCH BINARY that does not implicitly set
|
||||
the \Seen flag.
|
||||
|
||||
BINARY.SIZE<section-binary>
|
||||
|
||||
Requests the decoded size of the section (i.e., the size to
|
||||
expect in response to the corresponding FETCH BINARY request).
|
||||
|
||||
Note: client authors are cautioned that this might be an
|
||||
expensive operation for some server implementations.
|
||||
Needlessly issuing this request could result in degraded
|
||||
performance due to servers having to calculate the value every
|
||||
time the request is issued.
|
||||
|
||||
4.3. FETCH Response Extensions
|
||||
|
||||
This extension defines two new FETCH response data items.
|
||||
|
||||
BINARY<section-binary>[<<number>>]
|
||||
|
||||
An <nstring> or <literal8> expressing the content of the
|
||||
specified section after removing any CTE-related encoding. If
|
||||
<number> is present it refers to the offset within the DECODED
|
||||
section data.
|
||||
|
||||
If the domain of the decoded data is "8bit" and the data does
|
||||
not contain the NUL octet, the server SHOULD return the data in
|
||||
a <string> instead of a <literal8>; this allows the client to
|
||||
determine if the "8bit" data contains the NUL octet without
|
||||
having to explicitly scan the data stream for for NULs.
|
||||
|
||||
If the server does not know how to decode the section's CTE, it
|
||||
MUST fail the request and issue a "NO" response that contains
|
||||
the "UNKNOWN-CTE" extended response code.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 3]
|
||||
|
||||
RFC 3516 IMAP4 Binary Content Extension April 2003
|
||||
|
||||
|
||||
BINARY.SIZE<section-binary>
|
||||
|
||||
The size of the section after removing any CTE-related
|
||||
encoding. The value returned MUST match the size of the
|
||||
<nstring> or <literal8> that will be returned by the
|
||||
corresponding FETCH BINARY request.
|
||||
|
||||
If the server does not know how to decode the section's CTE, it
|
||||
MUST fail the request and issue a "NO" response that contains
|
||||
the "UNKNOWN-CTE" extended response code.
|
||||
|
||||
4.4. APPEND Command Extensions
|
||||
|
||||
The APPEND command is extended to allow the client to append data
|
||||
containing NULs by using the <literal8> syntax. The server MAY
|
||||
modify the CTE of the appended data, however any such transformation
|
||||
MUST NOT result in a loss of data.
|
||||
|
||||
If the destination mailbox does not support the storage of binary
|
||||
content, the server MUST fail the request and issue a "NO" response
|
||||
that contains the "UNKNOWN-CTE" extended response code.
|
||||
|
||||
5. MIME Encoded Headers
|
||||
|
||||
[MIME-MHE] defines an encoding that allows for non-US-ASCII text in
|
||||
message headers. This encoding is not the same as the content-
|
||||
transfer-encoding applied to message bodies, and the decoding
|
||||
transformations described in this memo do not apply to [MIME-MHE]
|
||||
encoded header text. A server MUST NOT perform any conversion of
|
||||
[MIME-MHE] encoded header text in response to any binary FETCH or
|
||||
APPEND request.
|
||||
|
||||
6. Implementation Considerations
|
||||
|
||||
Messaging clients and servers have been notoriously lax in their
|
||||
adherence to the Internet CRLF convention for terminating lines of
|
||||
textual data in Internet protocols. When sending data using the
|
||||
Binary extension, servers MUST ensure that textual line-oriented
|
||||
sections are always transmitted using the IMAP4 CRLF line termination
|
||||
syntax, regardless of the underlying storage representation of the
|
||||
data on the server.
|
||||
|
||||
A server may choose to store message body binary content in a non-
|
||||
encoded format. Regardless of the internal storage representation
|
||||
used, the server MUST issue BODYSTRUCTURE responses that describe the
|
||||
message as though the binary-encoded sections are encoded in a CTE
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 4]
|
||||
|
||||
RFC 3516 IMAP4 Binary Content Extension April 2003
|
||||
|
||||
|
||||
acceptable to the IMAP4 base specification. Furthermore, the results
|
||||
of a FETCH BODY MUST return the message body content in the format
|
||||
described by the corresponding FETCH BODYSTRUCTURE response.
|
||||
|
||||
While the server is allowed to modify the CTE of APPENDed <literal8>
|
||||
data, this should only be done when it is absolutely necessary.
|
||||
Gratuitous encoding changes will render useless most cryptographic
|
||||
operations that have been performed on the message.
|
||||
|
||||
This extension provides an optimization that is useful in certain
|
||||
specific situations. It does not absolve clients from providing
|
||||
basic functionality (content transfer decoding) that should be
|
||||
available in all messaging clients. Clients supporting this
|
||||
extension SHOULD be prepared to perform their own CTE decoding
|
||||
operations.
|
||||
|
||||
7. Formal Protocol Syntax
|
||||
|
||||
The following syntax specification uses the augmented Backus-Naur
|
||||
Form (ABNF) notation as used in [ABNF], and incorporates by reference
|
||||
the Core Rules defined in that document.
|
||||
|
||||
This syntax augments the grammar specified in [IMAP4rev1].
|
||||
|
||||
append =/ "APPEND" SP mailbox [SP flag-list]
|
||||
[SP date-time] SP literal8
|
||||
|
||||
fetch-att =/ "BINARY" [".PEEK"] section-binary [partial]
|
||||
/ "BINARY.SIZE" section-binary
|
||||
|
||||
literal8 = "~{" number "}" CRLF *OCTET
|
||||
; <number> represents the number of OCTETs
|
||||
; in the response string.
|
||||
|
||||
msg-att-static =/ "BINARY" section-binary SP (nstring / literal8)
|
||||
/ "BINARY.SIZE" section-binary SP number
|
||||
|
||||
partial = "<" number "." nz-number ">"
|
||||
|
||||
resp-text-code =/ "UNKNOWN-CTE"
|
||||
|
||||
section-binary = "[" [section-part] "]"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 5]
|
||||
|
||||
RFC 3516 IMAP4 Binary Content Extension April 2003
|
||||
|
||||
|
||||
8. Normative References
|
||||
|
||||
[ABNF] Crocker, D., Editor, and P. Overell, "Augmented BNF for
|
||||
Syntax Specifications: ABNF", RFC 2234, November 1997.
|
||||
|
||||
[IMAP4rev1] Crispin, M., "Internet Message Access Protocol Version
|
||||
4rev1", RFC 3501, March 2003.
|
||||
|
||||
[KEYWORD] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[MIME-IMB] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
|
||||
Extensions (MIME) Part One: Format of Internet Message
|
||||
Bodies", RFC 2045, November 1996.
|
||||
|
||||
[MIME-MHE] Moore, K., "MIME (Multipurpose Internet Mail Extensions)
|
||||
Part Three: Message Header Extensions for Non-ASCII
|
||||
Text", RFC 2047, November 1996.
|
||||
|
||||
9. Security Considerations
|
||||
|
||||
There are no known additional security issues with this extension
|
||||
beyond those described in the base protocol described in [IMAP4rev1].
|
||||
|
||||
10. Intellectual Property
|
||||
|
||||
The IETF takes no position regarding the validity or scope of any
|
||||
intellectual property or other rights that might be claimed to
|
||||
pertain to the implementation or use of the technology described in
|
||||
this document or the extent to which any license under such rights
|
||||
might or might not be available; neither does it represent that it
|
||||
has made any effort to identify any such rights. Information on the
|
||||
IETF's procedures with respect to rights in standards-track and
|
||||
standards-related documentation can be found in BCP-11. Copies of
|
||||
claims of rights made available for publication and any assurances of
|
||||
licenses to be made available, or the result of an attempt made to
|
||||
obtain a general license or permission for the use of such
|
||||
proprietary rights by implementors or users of this specification can
|
||||
be obtained from the IETF Secretariat.
|
||||
|
||||
The IETF invites any interested party to bring to its attention any
|
||||
copyrights, patents or patent applications, or other proprietary
|
||||
rights which may cover technology that may be required to practice
|
||||
this standard. Please address the information to the IETF Executive
|
||||
Director.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 6]
|
||||
|
||||
RFC 3516 IMAP4 Binary Content Extension April 2003
|
||||
|
||||
|
||||
11. Author's Address
|
||||
|
||||
Lyndon Nerenberg
|
||||
Orthanc Systems
|
||||
1606 - 10770 Winterburn Road
|
||||
Edmonton, Alberta
|
||||
Canada T5S 1T6
|
||||
|
||||
EMail: lyndon@orthanc.ab.ca
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 7]
|
||||
|
||||
RFC 3516 IMAP4 Binary Content Extension April 2003
|
||||
|
||||
|
||||
12. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2003). All Rights Reserved.
|
||||
|
||||
This document and translations of it may be copied and furnished to
|
||||
others, and derivative works that comment on or otherwise explain it
|
||||
or assist in its implementation may be prepared, copied, published
|
||||
and distributed, in whole or in part, without restriction of any
|
||||
kind, provided that the above copyright notice and this paragraph are
|
||||
included on all such copies and derivative works. However, this
|
||||
document itself may not be modified in any way, such as by removing
|
||||
the copyright notice or references to the Internet Society or other
|
||||
Internet organizations, except as needed for the purpose of
|
||||
developing Internet standards in which case the procedures for
|
||||
copyrights defined in the Internet Standards process must be
|
||||
followed, or as required to translate it into languages other than
|
||||
English.
|
||||
|
||||
The limited permissions granted above are perpetual and will not be
|
||||
revoked by the Internet Society or its successors or assigns.
|
||||
|
||||
This document and the information contained herein is provided on an
|
||||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Nerenberg Standards Track [Page 8]
|
||||
|
1067
docs/rfcs/rfc3656.txt
Normal file
1067
docs/rfcs/rfc3656.txt
Normal file
File diff suppressed because it is too large
Load Diff
283
docs/rfcs/rfc3691.txt
Normal file
283
docs/rfcs/rfc3691.txt
Normal file
@ -0,0 +1,283 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group A. Melnikov
|
||||
Request for Comments: 3691 Isode Ltd.
|
||||
Category: Standards Track February 2004
|
||||
|
||||
|
||||
Internet Message Access Protocol (IMAP) UNSELECT command
|
||||
|
||||
Status of this Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2004). All Rights Reserved.
|
||||
|
||||
Abstract
|
||||
|
||||
This document defines an UNSELECT command that can be used to close
|
||||
the current mailbox in an Internet Message Access Protocol - version
|
||||
4 (IMAP4) session without expunging it. Certain types of IMAP
|
||||
clients need to release resources associated with the selected
|
||||
mailbox without selecting a different mailbox. While IMAP4 provides
|
||||
this functionality (via a SELECT command with a nonexistent mailbox
|
||||
name or reselecting the same mailbox with EXAMINE command), a more
|
||||
clean solution is desirable.
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
|
||||
2. UNSELECT command . . . . . . . . . . . . . . . . . . . . . . . 2
|
||||
3. Security Considerations. . . . . . . . . . . . . . . . . . . . 3
|
||||
4. Formal Syntax. . . . . . . . . . . . . . . . . . . . . . . . . 3
|
||||
5. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 3
|
||||
6. Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . . 3
|
||||
7. Normative References . . . . . . . . . . . . . . . . . . . . . 4
|
||||
8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 4
|
||||
9. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 5
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 1]
|
||||
|
||||
RFC 3691 IMAP UNSELECT command February 2004
|
||||
|
||||
|
||||
1. Introduction
|
||||
|
||||
Certain types of IMAP clients need to release resources associated
|
||||
with the selected mailbox without selecting a different mailbox.
|
||||
While [IMAP4] provides this functionality (via a SELECT command with
|
||||
a nonexistent mailbox name or reselecting the same mailbox with
|
||||
EXAMINE command), a more clean solution is desirable.
|
||||
|
||||
[IMAP4] defines the CLOSE command that closes the selected mailbox as
|
||||
well as permanently removes all messages with the \Deleted flag set.
|
||||
|
||||
However [IMAP4] lacks a command that simply closes the mailbox
|
||||
without expunging it. This document defines the UNSELECT command for
|
||||
this purpose.
|
||||
|
||||
A server which supports this extension indicates this with a
|
||||
capability name of "UNSELECT".
|
||||
|
||||
"C:" and "S:" in examples show lines sent by the client and server
|
||||
respectively.
|
||||
|
||||
The keywords "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in
|
||||
this document when typed in uppercase are to be interpreted as
|
||||
defined in "Key words for use in RFCs to Indicate Requirement Levels"
|
||||
[KEYWORDS].
|
||||
|
||||
2. UNSELECT Command
|
||||
|
||||
Arguments: none
|
||||
|
||||
Responses: no specific responses for this command
|
||||
|
||||
Result: OK - unselect completed, now in authenticated state
|
||||
BAD - no mailbox selected, or argument supplied but
|
||||
none permitted
|
||||
|
||||
The UNSELECT command frees server's resources associated with the
|
||||
selected mailbox and returns the server to the authenticated
|
||||
state. This command performs the same actions as CLOSE, except
|
||||
that no messages are permanently removed from the currently
|
||||
selected mailbox.
|
||||
|
||||
Example: C: A341 UNSELECT
|
||||
S: A341 OK Unselect completed
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 2]
|
||||
|
||||
RFC 3691 IMAP UNSELECT command February 2004
|
||||
|
||||
|
||||
3. Security Considerations
|
||||
|
||||
It is believed that this extension doesn't raise any additional
|
||||
security concerns not already discussed in [IMAP4].
|
||||
|
||||
4. Formal Syntax
|
||||
|
||||
The following syntax specification uses the Augmented Backus-Naur
|
||||
Form (ABNF) notation as specified in [ABNF]. Non-terminals
|
||||
referenced but not defined below are as defined by [IMAP4].
|
||||
|
||||
Except as noted otherwise, all alphabetic characters are case-
|
||||
insensitive. The use of upper or lower case characters to define
|
||||
token strings is for editorial clarity only. Implementations MUST
|
||||
accept these strings in a case-insensitive fashion.
|
||||
|
||||
command-select /= "UNSELECT"
|
||||
|
||||
5. IANA Considerations
|
||||
|
||||
IMAP4 capabilities are registered by publishing a standards track or
|
||||
IESG approved experimental RFC. The registry is currently located
|
||||
at:
|
||||
|
||||
http://www.iana.org/assignments/imap4-capabilities
|
||||
|
||||
This document defines the UNSELECT IMAP capabilities. IANA has added
|
||||
this capability to the registry.
|
||||
|
||||
6. Acknowledgments
|
||||
|
||||
UNSELECT command was originally implemented by Tim Showalter in Cyrus
|
||||
IMAP server.
|
||||
|
||||
Also, the author of the document would like to thank Vladimir Butenko
|
||||
and Mark Crispin for reminding that UNSELECT has to be documented.
|
||||
Also thanks to Simon Josefsson for pointing out that there are
|
||||
multiple ways to implement UNSELECT.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 3]
|
||||
|
||||
RFC 3691 IMAP UNSELECT command February 2004
|
||||
|
||||
|
||||
7. Normative References
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version
|
||||
4rev1", RFC 3501, March 2003.
|
||||
|
||||
[ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
|
||||
Specifications: ABNF", RFC 2234, November 1997.
|
||||
|
||||
8. Author's Address
|
||||
|
||||
Alexey Melnikov
|
||||
Isode Limited
|
||||
5 Castle Business Village
|
||||
Hampton, Middlesex TW12 2BX
|
||||
|
||||
EMail: Alexey.Melnikov@isode.com
|
||||
URI: http://www.melnikov.ca/
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 4]
|
||||
|
||||
RFC 3691 IMAP UNSELECT command February 2004
|
||||
|
||||
|
||||
9. Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2004). This document is subject
|
||||
to the rights, licenses and restrictions contained in BCP 78 and
|
||||
except as set forth therein, the authors retain all their rights.
|
||||
|
||||
This document and the information contained herein are provided on an
|
||||
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
|
||||
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE
|
||||
INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
|
||||
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Intellectual Property
|
||||
|
||||
The IETF takes no position regarding the validity or scope of any
|
||||
Intellectual Property Rights or other rights that might be claimed
|
||||
to pertain to the implementation or use of the technology
|
||||
described in this document or the extent to which any license
|
||||
under such rights might or might not be available; nor does it
|
||||
represent that it has made any independent effort to identify any
|
||||
such rights. Information on the procedures with respect to
|
||||
rights in RFC documents can be found in BCP 78 and BCP 79.
|
||||
|
||||
Copies of IPR disclosures made to the IETF Secretariat and any
|
||||
assurances of licenses to be made available, or the result of an
|
||||
attempt made to obtain a general license or permission for the use
|
||||
of such proprietary rights by implementers or users of this
|
||||
specification can be obtained from the IETF on-line IPR repository
|
||||
at http://www.ietf.org/ipr.
|
||||
|
||||
The IETF invites any interested party to bring to its attention
|
||||
any copyrights, patents or patent applications, or other
|
||||
proprietary rights that may cover technology that may be required
|
||||
to implement this standard. Please address the information to the
|
||||
IETF at ietf-ipr@ietf.org.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov Standards Track [Page 5]
|
||||
|
1515
docs/rfcs/rfc4314.txt
Normal file
1515
docs/rfcs/rfc4314.txt
Normal file
File diff suppressed because it is too large
Load Diff
451
docs/rfcs/rfc4315.txt
Normal file
451
docs/rfcs/rfc4315.txt
Normal file
@ -0,0 +1,451 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group M. Crispin
|
||||
Request for Comments: 4315 December 2005
|
||||
Obsoletes: 2359
|
||||
Category: Standards Track
|
||||
|
||||
|
||||
Internet Message Access Protocol (IMAP) - UIDPLUS extension
|
||||
|
||||
Status of This Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2005).
|
||||
|
||||
Abstract
|
||||
|
||||
The UIDPLUS extension of the Internet Message Access Protocol (IMAP)
|
||||
provides a set of features intended to reduce the amount of time and
|
||||
resources used by some client operations. The features in UIDPLUS
|
||||
are primarily intended for disconnected-use clients.
|
||||
|
||||
1. Introduction and Overview
|
||||
|
||||
The UIDPLUS extension is present in any IMAP server implementation
|
||||
that returns "UIDPLUS" as one of the supported capabilities to the
|
||||
CAPABILITY command.
|
||||
|
||||
The UIDPLUS extension defines an additional command. In addition,
|
||||
this document recommends new status response codes in IMAP that
|
||||
SHOULD be returned by all server implementations, regardless of
|
||||
whether or not the UIDPLUS extension is implemented.
|
||||
|
||||
The added facilities of the features in UIDPLUS are optimizations;
|
||||
clients can provide equivalent functionality, albeit less
|
||||
efficiently, by using facilities in the base protocol.
|
||||
|
||||
1.1. Conventions Used in This Document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server, respectively.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 1]
|
||||
|
||||
RFC 4315 IMAP - UIDPLUS Extension December 2005
|
||||
|
||||
|
||||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||||
"SHOULD", "SHOULD NOT", "MAY", and "OPTIONAL" in this document are to
|
||||
be interpreted as described in [KEYWORDS].
|
||||
|
||||
A "UID set" is similar to the [IMAP] sequence set; however, the "*"
|
||||
value for a sequence number is not permitted.
|
||||
|
||||
2. Additional Commands
|
||||
|
||||
The following command definition is an extension to [IMAP] section
|
||||
6.4.
|
||||
|
||||
2.1. UID EXPUNGE Command
|
||||
|
||||
Arguments: sequence set
|
||||
|
||||
Data: untagged responses: EXPUNGE
|
||||
|
||||
Result: OK - expunge completed
|
||||
NO - expunge failure (e.g., permission denied)
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The UID EXPUNGE command permanently removes all messages that both
|
||||
have the \Deleted flag set and have a UID that is included in the
|
||||
specified sequence set from the currently selected mailbox. If a
|
||||
message either does not have the \Deleted flag set or has a UID
|
||||
that is not included in the specified sequence set, it is not
|
||||
affected.
|
||||
|
||||
This command is particularly useful for disconnected use clients.
|
||||
By using UID EXPUNGE instead of EXPUNGE when resynchronizing with
|
||||
the server, the client can ensure that it does not inadvertantly
|
||||
remove any messages that have been marked as \Deleted by other
|
||||
clients between the time that the client was last connected and
|
||||
the time the client resynchronizes.
|
||||
|
||||
If the server does not support the UIDPLUS capability, the client
|
||||
should fall back to using the STORE command to temporarily remove
|
||||
the \Deleted flag from messages it does not want to remove, then
|
||||
issuing the EXPUNGE command. Finally, the client should use the
|
||||
STORE command to restore the \Deleted flag on the messages in
|
||||
which it was temporarily removed.
|
||||
|
||||
Alternatively, the client may fall back to using just the EXPUNGE
|
||||
command, risking the unintended removal of some messages.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 2]
|
||||
|
||||
RFC 4315 IMAP - UIDPLUS Extension December 2005
|
||||
|
||||
|
||||
Example: C: A003 UID EXPUNGE 3000:3002
|
||||
S: * 3 EXPUNGE
|
||||
S: * 3 EXPUNGE
|
||||
S: * 3 EXPUNGE
|
||||
S: A003 OK UID EXPUNGE completed
|
||||
|
||||
3. Additional Response Codes
|
||||
|
||||
The following response codes are extensions to the response codes
|
||||
defined in [IMAP] section 7.1. With limited exceptions, discussed
|
||||
below, server implementations that advertise the UIDPLUS extension
|
||||
SHOULD return these response codes.
|
||||
|
||||
In the case of a mailbox that has permissions set so that the client
|
||||
can COPY or APPEND to the mailbox, but not SELECT or EXAMINE it, the
|
||||
server SHOULD NOT send an APPENDUID or COPYUID response code as it
|
||||
would disclose information about the mailbox.
|
||||
|
||||
In the case of a mailbox that has UIDNOTSTICKY status (as defined
|
||||
below), the server MAY omit the APPENDUID or COPYUID response code as
|
||||
it is not meaningful.
|
||||
|
||||
If the server does not return the APPENDUID or COPYUID response
|
||||
codes, the client can discover this information by selecting the
|
||||
destination mailbox. The location of messages placed in the
|
||||
destination mailbox by COPY or APPEND can be determined by using
|
||||
FETCH and/or SEARCH commands (e.g., for Message-ID or some unique
|
||||
marker placed in the message in an APPEND).
|
||||
|
||||
APPENDUID
|
||||
|
||||
Followed by the UIDVALIDITY of the destination mailbox and the UID
|
||||
assigned to the appended message in the destination mailbox,
|
||||
indicates that the message has been appended to the destination
|
||||
mailbox with that UID.
|
||||
|
||||
If the server also supports the [MULTIAPPEND] extension, and if
|
||||
multiple messages were appended in the APPEND command, then the
|
||||
second value is a UID set containing the UIDs assigned to the
|
||||
appended messages, in the order they were transmitted in the
|
||||
APPEND command. This UID set may not contain extraneous UIDs or
|
||||
the symbol "*".
|
||||
|
||||
Note: the UID set form of the APPENDUID response code MUST NOT
|
||||
be used if only a single message was appended. In particular,
|
||||
a server MUST NOT send a range such as 123:123. This is
|
||||
because a client that does not support [MULTIAPPEND] expects
|
||||
only a single UID and not a UID set.
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 3]
|
||||
|
||||
RFC 4315 IMAP - UIDPLUS Extension December 2005
|
||||
|
||||
|
||||
UIDs are assigned in strictly ascending order in the mailbox
|
||||
(refer to [IMAP], section 2.3.1.1) and UID ranges are as in
|
||||
[IMAP]; in particular, note that a range of 12:10 is exactly
|
||||
equivalent to 10:12 and refers to the sequence 10,11,12.
|
||||
|
||||
This response code is returned in a tagged OK response to the
|
||||
APPEND command.
|
||||
|
||||
COPYUID
|
||||
|
||||
Followed by the UIDVALIDITY of the destination mailbox, a UID set
|
||||
containing the UIDs of the message(s) in the source mailbox that
|
||||
were copied to the destination mailbox and containing the UIDs
|
||||
assigned to the copied message(s) in the destination mailbox,
|
||||
indicates that the message(s) have been copied to the destination
|
||||
mailbox with the stated UID(s).
|
||||
|
||||
The source UID set is in the order the message(s) were copied; the
|
||||
destination UID set corresponds to the source UID set and is in
|
||||
the same order. Neither of the UID sets may contain extraneous
|
||||
UIDs or the symbol "*".
|
||||
|
||||
UIDs are assigned in strictly ascending order in the mailbox
|
||||
(refer to [IMAP], section 2.3.1.1) and UID ranges are as in
|
||||
[IMAP]; in particular, note that a range of 12:10 is exactly
|
||||
equivalent to 10:12 and refers to the sequence 10,11,12.
|
||||
|
||||
This response code is returned in a tagged OK response to the COPY
|
||||
command.
|
||||
|
||||
UIDNOTSTICKY
|
||||
|
||||
The selected mailbox is supported by a mail store that does not
|
||||
support persistent UIDs; that is, UIDVALIDITY will be different
|
||||
each time the mailbox is selected. Consequently, APPEND or COPY
|
||||
to this mailbox will not return an APPENDUID or COPYUID response
|
||||
code.
|
||||
|
||||
This response code is returned in an untagged NO response to the
|
||||
SELECT command.
|
||||
|
||||
Note: servers SHOULD NOT have any UIDNOTSTICKY mail stores.
|
||||
This facility exists to support legacy mail stores in which it
|
||||
is technically infeasible to support persistent UIDs. This
|
||||
should be avoided when designing new mail stores.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 4]
|
||||
|
||||
RFC 4315 IMAP - UIDPLUS Extension December 2005
|
||||
|
||||
|
||||
Example: C: A003 APPEND saved-messages (\Seen) {297}
|
||||
C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
|
||||
C: From: Fred Foobar <foobar@example.com>
|
||||
C: Subject: afternoon meeting
|
||||
C: To: mooch@example.com
|
||||
C: Message-Id: <B27397-0100000@example.com>
|
||||
C: MIME-Version: 1.0
|
||||
C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
|
||||
C:
|
||||
C: Hello Joe, do you think we can meet at 3:30 tomorrow?
|
||||
C:
|
||||
S: A003 OK [APPENDUID 38505 3955] APPEND completed
|
||||
C: A004 COPY 2:4 meeting
|
||||
S: A004 OK [COPYUID 38505 304,319:320 3956:3958] Done
|
||||
C: A005 UID COPY 305:310 meeting
|
||||
S: A005 OK No matching messages, so nothing copied
|
||||
C: A006 COPY 2 funny
|
||||
S: A006 OK Done
|
||||
C: A007 SELECT funny
|
||||
S: * 1 EXISTS
|
||||
S: * 1 RECENT
|
||||
S: * OK [UNSEEN 1] Message 1 is first unseen
|
||||
S: * OK [UIDVALIDITY 3857529045] Validity session-only
|
||||
S: * OK [UIDNEXT 2] Predicted next UID
|
||||
S: * NO [UIDNOTSTICKY] Non-persistent UIDs
|
||||
S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
|
||||
S: * OK [PERMANENTFLAGS (\Deleted \Seen)] Limited
|
||||
S: A007 OK [READ-WRITE] SELECT completed
|
||||
|
||||
In this example, A003 and A004 demonstrate successful appending and
|
||||
copying to a mailbox that returns the UIDs assigned to the messages.
|
||||
A005 is an example in which no messages were copied; this is because
|
||||
in A003, we see that message 2 had UID 304, and message 3 had UID
|
||||
319; therefore, UIDs 305 through 310 do not exist (refer to section
|
||||
2.3.1.1 of [IMAP] for further explanation). A006 is an example of a
|
||||
message being copied that did not return a COPYUID; and, as expected,
|
||||
A007 shows that the mail store containing that mailbox does not
|
||||
support persistent UIDs.
|
||||
|
||||
4. Formal Syntax
|
||||
|
||||
Formal syntax is defined using ABNF [ABNF], which extends the ABNF
|
||||
rules defined in [IMAP]. The IMAP4 ABNF should be imported before
|
||||
attempting to validate these rules.
|
||||
|
||||
append-uid = uniqueid
|
||||
|
||||
capability =/ "UIDPLUS"
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 5]
|
||||
|
||||
RFC 4315 IMAP - UIDPLUS Extension December 2005
|
||||
|
||||
|
||||
command-select =/ uid-expunge
|
||||
|
||||
resp-code-apnd = "APPENDUID" SP nz-number SP append-uid
|
||||
|
||||
resp-code-copy = "COPYUID" SP nz-number SP uid-set SP uid-set
|
||||
|
||||
resp-text-code =/ resp-code-apnd / resp-code-copy / "UIDNOTSTICKY"
|
||||
; incorporated before the expansion rule of
|
||||
; atom [SP 1*<any TEXT-CHAR except "]">]
|
||||
; that appears in [IMAP]
|
||||
|
||||
uid-expunge = "UID" SP "EXPUNGE" SP sequence-set
|
||||
|
||||
uid-set = (uniqueid / uid-range) *("," uid-set)
|
||||
|
||||
uid-range = (uniqueid ":" uniqueid)
|
||||
; two uniqueid values and all values
|
||||
; between these two regards of order.
|
||||
; Example: 2:4 and 4:2 are equivalent.
|
||||
|
||||
Servers that support [MULTIAPPEND] will have the following extension
|
||||
to the above rules:
|
||||
|
||||
append-uid =/ uid-set
|
||||
; only permitted if client uses [MULTIAPPEND]
|
||||
; to append multiple messages.
|
||||
|
||||
5. Security Considerations
|
||||
|
||||
The COPYUID and APPENDUID response codes return information about the
|
||||
mailbox, which may be considered sensitive if the mailbox has
|
||||
permissions set that permit the client to COPY or APPEND to the
|
||||
mailbox, but not SELECT or EXAMINE it.
|
||||
|
||||
Consequently, these response codes SHOULD NOT be issued if the client
|
||||
does not have access to SELECT or EXAMINE the mailbox.
|
||||
|
||||
6. IANA Considerations
|
||||
|
||||
This document constitutes registration of the UIDPLUS capability in
|
||||
the imap4-capabilities registry, replacing [RFC2359].
|
||||
|
||||
7. Normative References
|
||||
|
||||
[ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
|
||||
Specifications: ABNF", RFC 4234, October 2005.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 6]
|
||||
|
||||
RFC 4315 IMAP - UIDPLUS Extension December 2005
|
||||
|
||||
|
||||
[IMAP] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL -
|
||||
VERSION 4rev1", RFC 3501, March 2003.
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[MULTIAPPEND] Crispin, M., "Internet Message Access Protocol (IMAP) -
|
||||
MULTIAPPEND Extension", RFC 3502, March 2003.
|
||||
|
||||
8. Informative References
|
||||
|
||||
[RFC2359] Myers, J., "IMAP4 UIDPLUS extension", RFC 2359, June
|
||||
1998.
|
||||
|
||||
9. Changes from RFC 2359
|
||||
|
||||
This document obsoletes [RFC2359]. However, it is based upon that
|
||||
document, and takes substantial text from it (albeit with numerous
|
||||
clarifications in wording).
|
||||
|
||||
[RFC2359] implied that a server must always return COPYUID/APPENDUID
|
||||
data; thus suggesting that in such cases the server should return
|
||||
arbitrary data if the destination mailbox did not support persistent
|
||||
UIDs. This document adds the UIDNOTSTICKY response code to indicate
|
||||
that a mailbox does not support persistent UIDs, and stipulates that
|
||||
a UIDPLUS server does not return COPYUID/APPENDUID data when the COPY
|
||||
(or APPEND) destination mailbox has UIDNOTSTICKY status.
|
||||
|
||||
Author's Address
|
||||
|
||||
Mark R. Crispin
|
||||
Networks and Distributed Computing
|
||||
University of Washington
|
||||
4545 15th Avenue NE
|
||||
Seattle, WA 98105-4527
|
||||
|
||||
Phone: (206) 543-5762
|
||||
EMail: MRC@CAC.Washington.EDU
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 7]
|
||||
|
||||
RFC 4315 IMAP - UIDPLUS Extension December 2005
|
||||
|
||||
|
||||
Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2005).
|
||||
|
||||
This document is subject to the rights, licenses and restrictions
|
||||
contained in BCP 78, and except as set forth therein, the authors
|
||||
retain all their rights.
|
||||
|
||||
This document and the information contained herein are provided on an
|
||||
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
|
||||
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
|
||||
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
|
||||
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
|
||||
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Intellectual Property
|
||||
|
||||
The IETF takes no position regarding the validity or scope of any
|
||||
Intellectual Property Rights or other rights that might be claimed to
|
||||
pertain to the implementation or use of the technology described in
|
||||
this document or the extent to which any license under such rights
|
||||
might or might not be available; nor does it represent that it has
|
||||
made any independent effort to identify any such rights. Information
|
||||
on the procedures with respect to rights in RFC documents can be
|
||||
found in BCP 78 and BCP 79.
|
||||
|
||||
Copies of IPR disclosures made to the IETF Secretariat and any
|
||||
assurances of licenses to be made available, or the result of an
|
||||
attempt made to obtain a general license or permission for the use of
|
||||
such proprietary rights by implementers or users of this
|
||||
specification can be obtained from the IETF on-line IPR repository at
|
||||
http://www.ietf.org/ipr.
|
||||
|
||||
The IETF invites any interested party to bring to its attention any
|
||||
copyrights, patents or patent applications, or other proprietary
|
||||
rights that may cover technology that may be required to implement
|
||||
this standard. Please address the information to the IETF at ietf-
|
||||
ipr@ietf.org.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is currently provided by the
|
||||
Internet Society.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Crispin Standards Track [Page 8]
|
||||
|
955
docs/rfcs/rfc4466.txt
Normal file
955
docs/rfcs/rfc4466.txt
Normal file
@ -0,0 +1,955 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group A. Melnikov
|
||||
Request for Comments: 4466 Isode Ltd.
|
||||
Updates: 2088, 2342, 3501, 3502, 3516 C. Daboo
|
||||
Category: Standards Track April 2006
|
||||
|
||||
|
||||
Collected Extensions to IMAP4 ABNF
|
||||
|
||||
Status of This Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2006).
|
||||
|
||||
Abstract
|
||||
|
||||
Over the years, many documents from IMAPEXT and LEMONADE working
|
||||
groups, as well as many individual documents, have added syntactic
|
||||
extensions to many base IMAP commands described in RFC 3501. For
|
||||
ease of reference, this document collects most of such ABNF changes
|
||||
in one place.
|
||||
|
||||
This document also suggests a set of standard patterns for adding
|
||||
options and extensions to several existing IMAP commands defined in
|
||||
RFC 3501. The patterns provide for compatibility between existing
|
||||
and future extensions.
|
||||
|
||||
This document updates ABNF in RFCs 2088, 2342, 3501, 3502, and 3516.
|
||||
It also includes part of the errata to RFC 3501. This document
|
||||
doesn't specify any semantic changes to the listed RFCs.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 1]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Introduction ....................................................2
|
||||
1.1. Purpose of This Document ...................................2
|
||||
1.2. Conventions Used in This Document ..........................3
|
||||
2. IMAP ABNF Extensions ............................................3
|
||||
2.1. Optional Parameters with the SELECT/EXAMINE Commands .......3
|
||||
2.2. Extended CREATE Command ....................................4
|
||||
2.3. Extended RENAME Command ....................................5
|
||||
2.4. Extensions to FETCH and UID FETCH Commands .................6
|
||||
2.5. Extensions to STORE and UID STORE Commands .................6
|
||||
2.6. Extensions to SEARCH Command ...............................7
|
||||
2.6.1. Extended SEARCH Command .............................7
|
||||
2.6.2. ESEARCH untagged response ...........................8
|
||||
2.7. Extensions to APPEND Command ...............................8
|
||||
3. Formal Syntax ...................................................9
|
||||
4. Security Considerations ........................................14
|
||||
5. Normative References ...........................................15
|
||||
6. Acknowledgements ...............................................15
|
||||
|
||||
1. Introduction
|
||||
|
||||
1.1. Purpose of This Document
|
||||
|
||||
This document serves several purposes:
|
||||
|
||||
1. rationalize and generalize ABNF for some existing IMAP
|
||||
extensions;
|
||||
2. collect the ABNF in one place in order to minimize cross
|
||||
references between documents;
|
||||
3. define building blocks for future extensions so that they can
|
||||
be used together in a compatible way.
|
||||
|
||||
It is expected that a future revision of this document will be
|
||||
incorporated into a revision of RFC 3501.
|
||||
|
||||
This document updates ABNF in RFCs 2088, 2342, 3501, 3502, and 3516.
|
||||
It also includes part of the errata to RFC 3501. This document
|
||||
doesn't specify any semantic changes to the listed RFCs.
|
||||
|
||||
The ABNF in section 6 of RFC 2342 got rewritten to conform to the
|
||||
ABNF syntax as defined in RFC 4234 and to reference new non-terminals
|
||||
from RFC 3501. It was also restructured to allow for better
|
||||
readability. There were no changes "on the wire".
|
||||
|
||||
Section 2 extends ABNF for SELECT, EXAMINE, CREATE, RENAME, FETCH/UID
|
||||
FETCH, STORE/UID STORE, SEARCH, and APPEND commands in a consistent
|
||||
manner. Extensions to all the commands but APPEND have the same
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 2]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
structure. Extensibility for the APPEND command was done slightly
|
||||
differently in order to preserve backward compatibility with existing
|
||||
extensions.
|
||||
|
||||
Section 2 also defines a new ESEARCH response, whose purpose is to
|
||||
define a better version of the SEARCH response defined in RFC 3501.
|
||||
|
||||
Section 3 defines the collected ABNF that replaces pieces of ABNF in
|
||||
the aforementioned RFCs. The collected ABNF got generalized to allow
|
||||
for easier future extensibility.
|
||||
|
||||
1.2. Conventions Used in This Document
|
||||
|
||||
In examples, "C:" and "S:" indicate lines sent by the client and
|
||||
server, respectively.
|
||||
|
||||
The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
|
||||
in this document are to be interpreted as defined in "Key words for
|
||||
use in RFCs to Indicate Requirement Levels" [KEYWORDS].
|
||||
|
||||
2. IMAP ABNF Extensions
|
||||
|
||||
This section is not normative. It provides some background on the
|
||||
intended use of different extensions and it gives some guidance about
|
||||
how future extensions should extend the described commands.
|
||||
|
||||
2.1. Optional Parameters with the SELECT/EXAMINE Commands
|
||||
|
||||
This document adds the ability to include one or more parameters with
|
||||
the IMAP SELECT (section 6.3.1 of [IMAP4]) or EXAMINE (section 6.3.2
|
||||
of [IMAP4]) commands, to turn on or off certain standard behaviors,
|
||||
or to add new optional behaviors required for a particular extension.
|
||||
|
||||
There are two possible modes of operation:
|
||||
|
||||
o A global state change where a single use of the optional parameter
|
||||
will affect the session state from that time on, irrespective of
|
||||
subsequent SELECT/EXAMINE commands.
|
||||
|
||||
o A per-mailbox state change that will affect the session only for
|
||||
the duration of the new selected state. A subsequent
|
||||
SELECT/EXAMINE without the optional parameter will cancel its
|
||||
effect for the newly selected mailbox.
|
||||
|
||||
Optional parameters to the SELECT or EXAMINE commands are added as a
|
||||
parenthesized list of attribute/value pairs, and appear after the
|
||||
mailbox name in the standard SELECT or EXAMINE command. The order of
|
||||
individual parameters is arbitrary. A parameter value is optional
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 3]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
and may consist of atoms, strings, or lists in a specific order. If
|
||||
the parameter value is present, it always appears in parentheses (*).
|
||||
Any parameter not defined by extensions that the server supports must
|
||||
be rejected with a BAD response.
|
||||
|
||||
Example:
|
||||
|
||||
C: a SELECT INBOX (ANNOTATE)
|
||||
S: ...
|
||||
S: a OK SELECT complete
|
||||
|
||||
In the above example, a single parameter is used with the SELECT
|
||||
command.
|
||||
|
||||
Example:
|
||||
|
||||
C: a EXAMINE INBOX (ANNOTATE RESPONSES ("UID Responses")
|
||||
CONDSTORE)
|
||||
S: ...
|
||||
S: a OK EXAMINE complete
|
||||
|
||||
In the above example, three parameters are used with the EXAMINE
|
||||
command. The second parameter consists of two items: an atom
|
||||
"RESPONSES" followed by a quoted string.
|
||||
|
||||
Example:
|
||||
|
||||
C: a SELECT INBOX (BLURDYBLOOP)
|
||||
S: a BAD Unknown parameter in SELECT command
|
||||
|
||||
In the above example, a parameter not supported by the server is
|
||||
used. This results in the BAD response from the server.
|
||||
|
||||
(*) - if a parameter has a mandatory value, which can always be
|
||||
represented as a number or a sequence-set, the parameter value does
|
||||
not need the enclosing (). See ABNF for more details.
|
||||
|
||||
2.2. Extended CREATE Command
|
||||
|
||||
Arguments: mailbox name
|
||||
OPTIONAL list of CREATE parameters
|
||||
|
||||
Responses: no specific responses for this command
|
||||
|
||||
Result: OK - create completed
|
||||
NO - create failure: cannot create mailbox with
|
||||
that name
|
||||
BAD - argument(s) invalid
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 4]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
This document adds the ability to include one or more parameters with
|
||||
the IMAP CREATE command (see section 6.3.3 of [IMAP4]), to turn on or
|
||||
off certain standard behaviors, or to add new optional behaviors
|
||||
required for a particular extension. No CREATE parameters are
|
||||
defined in this document.
|
||||
|
||||
Optional parameters to the CREATE command are added as a
|
||||
parenthesized list of attribute/value pairs after the mailbox name.
|
||||
The order of individual parameters is arbitrary. A parameter value
|
||||
is optional and may consist of atoms, strings, or lists in a specific
|
||||
order. If the parameter value is present, it always appears in
|
||||
parentheses (*). Any parameter not defined by extensions that the
|
||||
server supports must be rejected with a BAD response.
|
||||
|
||||
(*) - if a parameter has a mandatory value, which can always be
|
||||
represented as a number or a sequence-set, the parameter value does
|
||||
not need the enclosing (). See ABNF for more details.
|
||||
|
||||
2.3. Extended RENAME Command
|
||||
|
||||
Arguments: existing mailbox name
|
||||
new mailbox name
|
||||
OPTIONAL list of RENAME parameters
|
||||
|
||||
Responses: no specific responses for this command
|
||||
|
||||
Result: OK - rename completed
|
||||
NO - rename failure: cannot rename mailbox with
|
||||
that name, cannot rename to mailbox with
|
||||
that name, etc.
|
||||
BAD - argument(s) invalid
|
||||
|
||||
This document adds the ability to include one or more parameters with
|
||||
the IMAP RENAME command (see section 6.3.5 of [IMAP4]), to turn on or
|
||||
off certain standard behaviors, or to add new optional behaviors
|
||||
required for a particular extension. No RENAME parameters are
|
||||
defined in this document.
|
||||
|
||||
Optional parameters to the RENAME command are added as a
|
||||
parenthesized list of attribute/value pairs after the new mailbox
|
||||
name. The order of individual parameters is arbitrary. A parameter
|
||||
value is optional and may consist of atoms, strings, or lists in a
|
||||
specific order. If the parameter value is present, it always appears
|
||||
in parentheses (*). Any parameter not defined by extensions that the
|
||||
server supports must be rejected with a BAD response.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 5]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
(*) - if a parameter has a mandatory value, which can always be
|
||||
represented as a number or a sequence-set, the parameter value does
|
||||
not need the enclosing (). See ABNF for more details.
|
||||
|
||||
2.4. Extensions to FETCH and UID FETCH Commands
|
||||
|
||||
Arguments: sequence set
|
||||
message data item names or macro
|
||||
OPTIONAL fetch modifiers
|
||||
|
||||
Responses: untagged responses: FETCH
|
||||
|
||||
Result: OK - fetch completed
|
||||
NO - fetch error: cannot fetch that data
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
This document extends the syntax of the FETCH and UID FETCH commands
|
||||
(see section 6.4.5 of [IMAP4]) to include optional FETCH modifiers.
|
||||
No fetch modifiers are defined in this document.
|
||||
|
||||
The order of individual modifiers is arbitrary. Each modifier is an
|
||||
attribute/value pair. A modifier value is optional and may consist
|
||||
of atoms and/or strings and/or lists in a specific order. If the
|
||||
modifier value is present, it always appears in parentheses (*). Any
|
||||
modifiers not defined by extensions that the server supports must be
|
||||
rejected with a BAD response.
|
||||
|
||||
(*) - if a modifier has a mandatory value, which can always be
|
||||
represented as a number or a sequence-set, the modifier value does
|
||||
not need the enclosing (). See ABNF for more details.
|
||||
|
||||
2.5. Extensions to STORE and UID STORE Commands
|
||||
|
||||
Arguments: message set
|
||||
OPTIONAL store modifiers
|
||||
message data item name
|
||||
value for message data item
|
||||
|
||||
Responses: untagged responses: FETCH
|
||||
|
||||
Result: OK - store completed
|
||||
NO - store error: cannot store that data
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
This document extends the syntax of the STORE and UID STORE commands
|
||||
(see section 6.4.6 of [IMAP4]) to include optional STORE modifiers.
|
||||
No store modifiers are defined in this document.
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 6]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
The order of individual modifiers is arbitrary. Each modifier is an
|
||||
attribute/value pair. A modifier value is optional and may consist
|
||||
of atoms and/or strings and/or lists in a specific order. If the
|
||||
modifier value is present, it always appears in parentheses (*). Any
|
||||
modifiers not defined by extensions that the server supports must be
|
||||
rejected with a BAD response.
|
||||
|
||||
(*) - if a modifier has a mandatory value, which can always be
|
||||
represented as a number or a sequence-set, the modifier value does
|
||||
not need the enclosing (). See ABNF for more details.
|
||||
|
||||
2.6. Extensions to SEARCH Command
|
||||
|
||||
2.6.1. Extended SEARCH Command
|
||||
|
||||
Arguments: OPTIONAL result specifier
|
||||
OPTIONAL [CHARSET] specification
|
||||
searching criteria (one or more)
|
||||
|
||||
Responses: REQUIRED untagged response: SEARCH (*)
|
||||
|
||||
Result: OK - search completed
|
||||
NO - search error: cannot search that [CHARSET] or
|
||||
criteria
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
This section updates definition of the SEARCH command described in
|
||||
section 6.4.4 of [IMAP4].
|
||||
|
||||
The SEARCH command is extended to allow for result options. This
|
||||
document does not define any result options.
|
||||
|
||||
The order of individual options is arbitrary. Individual options may
|
||||
contain parameters enclosed in parentheses (**). If an option has
|
||||
parameters, they consist of atoms and/or strings and/or lists in a
|
||||
specific order. Any options not defined by extensions that the
|
||||
server supports must be rejected with a BAD response.
|
||||
|
||||
(*) - An extension to the SEARCH command may require another untagged
|
||||
response, or no untagged response to be returned. Section 2.6.2
|
||||
defines a new ESEARCH untagged response that replaces the SEARCH
|
||||
untagged response. Note that for a given extended SEARCH command the
|
||||
SEARCH and ESEARCH responses SHOULD be mutually exclusive, i.e., only
|
||||
one of them should be returned.
|
||||
|
||||
(**) - if an option has a mandatory parameter, which can always be
|
||||
represented as a number or a sequence-set, the option parameter does
|
||||
not need the enclosing (). See ABNF for more details.
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 7]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
2.6.2. ESEARCH untagged response
|
||||
|
||||
Contents: one or more search-return-data pairs
|
||||
|
||||
The ESEARCH response SHOULD be sent as a result of an extended SEARCH
|
||||
or UID SEARCH command specified in section 2.6.1.
|
||||
|
||||
The ESEARCH response starts with an optional search correlator. If
|
||||
it is missing, then the response was not caused by a particular IMAP
|
||||
command, whereas if it is present, it contains the tag of the command
|
||||
that caused the response to be returned.
|
||||
|
||||
The search correlator is followed by an optional UID indicator. If
|
||||
this indicator is present, all data in the ESEARCH response refers to
|
||||
UIDs, otherwise all returned data refers to message numbers.
|
||||
|
||||
The rest of the ESEARCH response contains one or more search data
|
||||
pairs. Each pair starts with unique return item name, followed by a
|
||||
space and the corresponding data. Search data pairs may be returned
|
||||
in any order. Unless specified otherwise by an extension, any return
|
||||
item name SHOULD appear only once in an ESEARCH response.
|
||||
|
||||
Example: S: * ESEARCH UID COUNT 5 ALL 4:19,21,28
|
||||
|
||||
Example: S: * ESEARCH (TAG "a567") UID COUNT 5 ALL 4:19,21,28
|
||||
|
||||
Example: S: * ESEARCH COUNT 5 ALL 1:17,21
|
||||
|
||||
2.7. Extensions to APPEND Command
|
||||
|
||||
The IMAP BINARY extension [BINARY] extends the APPEND command to
|
||||
allow a client to append data containing NULs by using the <literal8>
|
||||
syntax. The ABNF was rewritten to allow for easier extensibility by
|
||||
IMAP extensions. This document hasn't specified any semantical
|
||||
changes to the [BINARY] extension.
|
||||
|
||||
In addition, the non-terminal "literal8" defined in [BINARY] got
|
||||
extended to allow for non-synchronizing literals if both [BINARY] and
|
||||
[LITERAL+] extensions are supported by the server.
|
||||
|
||||
The IMAP MULTIAPPEND extension [MULTIAPPEND] extends the APPEND
|
||||
command to allow a client to append multiple messages atomically.
|
||||
This document defines a common syntax for the APPEND command that
|
||||
takes into consideration syntactic extensions defined by both
|
||||
[BINARY] and [MULTIAPPEND] extensions.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 8]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
3. Formal Syntax
|
||||
|
||||
The following syntax specification uses the Augmented Backus-Naur
|
||||
Form (ABNF) notation as specified in [ABNF].
|
||||
|
||||
Non-terminals referenced but not defined below are as defined by
|
||||
[IMAP4].
|
||||
|
||||
Except as noted otherwise, all alphabetic characters are case-
|
||||
insensitive. The use of uppercase or lowercase characters to define
|
||||
token strings is for editorial clarity only. Implementations MUST
|
||||
accept these strings in a case-insensitive fashion.
|
||||
|
||||
append = "APPEND" SP mailbox 1*append-message
|
||||
;; only a single append-message may appear
|
||||
;; if MULTIAPPEND [MULTIAPPEND] capability
|
||||
;; is not present
|
||||
|
||||
append-message = append-opts SP append-data
|
||||
|
||||
append-ext = append-ext-name SP append-ext-value
|
||||
;; This non-terminal define extensions to
|
||||
;; to message metadata.
|
||||
|
||||
append-ext-name = tagged-ext-label
|
||||
|
||||
append-ext-value= tagged-ext-val
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions.
|
||||
|
||||
|
||||
append-data = literal / literal8 / append-data-ext
|
||||
|
||||
append-data-ext = tagged-ext
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions,
|
||||
;; i.e., a mandatory label followed
|
||||
;; by parameters.
|
||||
|
||||
append-opts = [SP flag-list] [SP date-time] *(SP append-ext)
|
||||
;; message metadata
|
||||
|
||||
charset = atom / quoted
|
||||
;; Exact syntax is defined in [CHARSET].
|
||||
|
||||
create = "CREATE" SP mailbox
|
||||
[create-params]
|
||||
;; Use of INBOX gives a NO error.
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 9]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
create-params = SP "(" create-param *( SP create-param) ")"
|
||||
|
||||
create-param-name = tagged-ext-label
|
||||
|
||||
create-param = create-param-name [SP create-param-value]
|
||||
|
||||
create-param-value= tagged-ext-val
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions.
|
||||
|
||||
|
||||
esearch-response = "ESEARCH" [search-correlator] [SP "UID"]
|
||||
*(SP search-return-data)
|
||||
;; Note that SEARCH and ESEARCH responses
|
||||
;; SHOULD be mutually exclusive,
|
||||
;; i.e., only one of the response types
|
||||
;; should be
|
||||
;; returned as a result of a command.
|
||||
|
||||
|
||||
examine = "EXAMINE" SP mailbox [select-params]
|
||||
;; modifies the original IMAP EXAMINE command
|
||||
;; to accept optional parameters
|
||||
|
||||
fetch = "FETCH" SP sequence-set SP ("ALL" / "FULL" /
|
||||
"FAST" / fetch-att /
|
||||
"(" fetch-att *(SP fetch-att) ")")
|
||||
[fetch-modifiers]
|
||||
;; modifies the original IMAP4 FETCH command to
|
||||
;; accept optional modifiers
|
||||
|
||||
fetch-modifiers = SP "(" fetch-modifier *(SP fetch-modifier) ")"
|
||||
|
||||
fetch-modifier = fetch-modifier-name [ SP fetch-modif-params ]
|
||||
|
||||
fetch-modif-params = tagged-ext-val
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions.
|
||||
|
||||
fetch-modifier-name = tagged-ext-label
|
||||
|
||||
literal8 = "~{" number ["+"] "}" CRLF *OCTET
|
||||
;; A string that might contain NULs.
|
||||
;; <number> represents the number of OCTETs
|
||||
;; in the response string.
|
||||
;; The "+" is only allowed when both LITERAL+ and
|
||||
;; BINARY extensions are supported by the server.
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 10]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
mailbox-data =/ Namespace-Response /
|
||||
esearch-response
|
||||
|
||||
Namespace = nil / "(" 1*Namespace-Descr ")"
|
||||
|
||||
Namespace-Command = "NAMESPACE"
|
||||
|
||||
Namespace-Descr = "(" string SP
|
||||
(DQUOTE QUOTED-CHAR DQUOTE / nil)
|
||||
*(Namespace-Response-Extension) ")"
|
||||
|
||||
Namespace-Response-Extension = SP string SP
|
||||
"(" string *(SP string) ")"
|
||||
|
||||
Namespace-Response = "NAMESPACE" SP Namespace
|
||||
SP Namespace SP Namespace
|
||||
;; This response is currently only allowed
|
||||
;; if the IMAP server supports [NAMESPACE].
|
||||
;; The first Namespace is the Personal Namespace(s)
|
||||
;; The second Namespace is the Other Users' Namespace(s)
|
||||
;; The third Namespace is the Shared Namespace(s)
|
||||
|
||||
rename = "RENAME" SP mailbox SP mailbox
|
||||
[rename-params]
|
||||
;; Use of INBOX as a destination gives
|
||||
;; a NO error, unless rename-params
|
||||
;; is not empty.
|
||||
|
||||
rename-params = SP "(" rename-param *( SP rename-param) ")"
|
||||
|
||||
rename-param = rename-param-name [SP rename-param-value]
|
||||
|
||||
rename-param-name = tagged-ext-label
|
||||
|
||||
rename-param-value= tagged-ext-val
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions.
|
||||
|
||||
|
||||
response-data = "*" SP response-payload CRLF
|
||||
|
||||
response-payload= resp-cond-state / resp-cond-bye /
|
||||
mailbox-data / message-data / capability-data
|
||||
|
||||
search = "SEARCH" [search-return-opts]
|
||||
SP search-program
|
||||
|
||||
search-correlator = SP "(" "TAG" SP tag-string ")"
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 11]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
search-program = ["CHARSET" SP charset SP]
|
||||
search-key *(SP search-key)
|
||||
;; CHARSET argument to SEARCH MUST be
|
||||
;; registered with IANA.
|
||||
|
||||
search-return-data = search-modifier-name SP search-return-value
|
||||
;; Note that not every SEARCH return option
|
||||
;; is required to have the corresponding
|
||||
;; ESEARCH return data.
|
||||
|
||||
search-return-opts = SP "RETURN" SP "(" [search-return-opt
|
||||
*(SP search-return-opt)] ")"
|
||||
|
||||
search-return-opt = search-modifier-name [SP search-mod-params]
|
||||
|
||||
search-return-value = tagged-ext-val
|
||||
;; Data for the returned search option.
|
||||
;; A single "nz-number"/"number" value
|
||||
;; can be returned as an atom (i.e., without
|
||||
;; quoting). A sequence-set can be returned
|
||||
;; as an atom as well.
|
||||
|
||||
search-modifier-name = tagged-ext-label
|
||||
|
||||
search-mod-params = tagged-ext-val
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions.
|
||||
|
||||
|
||||
select = "SELECT" SP mailbox [select-params]
|
||||
;; modifies the original IMAP SELECT command to
|
||||
;; accept optional parameters
|
||||
|
||||
select-params = SP "(" select-param *(SP select-param) ")"
|
||||
|
||||
select-param = select-param-name [SP select-param-value]
|
||||
;; a parameter to SELECT may contain one or
|
||||
;; more atoms and/or strings and/or lists.
|
||||
|
||||
select-param-name= tagged-ext-label
|
||||
|
||||
select-param-value= tagged-ext-val
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions.
|
||||
|
||||
|
||||
status-att-list = status-att-val *(SP status-att-val)
|
||||
;; Redefines status-att-list from RFC 3501.
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 12]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
;; status-att-val is defined in RFC 3501 errata
|
||||
|
||||
status-att-val = ("MESSAGES" SP number) /
|
||||
("RECENT" SP number) /
|
||||
("UIDNEXT" SP nz-number) /
|
||||
("UIDVALIDITY" SP nz-number) /
|
||||
("UNSEEN" SP number)
|
||||
;; Extensions to the STATUS responses
|
||||
;; should extend this production.
|
||||
;; Extensions should use the generic
|
||||
;; syntax defined by tagged-ext.
|
||||
|
||||
store = "STORE" SP sequence-set [store-modifiers]
|
||||
SP store-att-flags
|
||||
;; extend [IMAP4] STORE command syntax
|
||||
;; to allow for optional store-modifiers
|
||||
|
||||
store-modifiers = SP "(" store-modifier *(SP store-modifier)
|
||||
")"
|
||||
|
||||
store-modifier = store-modifier-name [SP store-modif-params]
|
||||
|
||||
store-modif-params = tagged-ext-val
|
||||
;; This non-terminal shows recommended syntax
|
||||
;; for future extensions.
|
||||
|
||||
store-modifier-name = tagged-ext-label
|
||||
|
||||
tag-string = string
|
||||
;; tag of the command that caused
|
||||
;; the ESEARCH response, sent as
|
||||
;; a string.
|
||||
|
||||
tagged-ext = tagged-ext-label SP tagged-ext-val
|
||||
;; recommended overarching syntax for
|
||||
;; extensions
|
||||
|
||||
tagged-ext-label = tagged-label-fchar *tagged-label-char
|
||||
;; Is a valid RFC 3501 "atom".
|
||||
|
||||
tagged-label-fchar = ALPHA / "-" / "_" / "."
|
||||
|
||||
tagged-label-char = tagged-label-fchar / DIGIT / ":"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 13]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
tagged-ext-comp = astring /
|
||||
tagged-ext-comp *(SP tagged-ext-comp) /
|
||||
"(" tagged-ext-comp ")"
|
||||
;; Extensions that follow this general
|
||||
;; syntax should use nstring instead of
|
||||
;; astring when appropriate in the context
|
||||
;; of the extension.
|
||||
;; Note that a message set or a "number"
|
||||
;; can always be represented as an "atom".
|
||||
;; An URL should be represented as
|
||||
;; a "quoted" string.
|
||||
|
||||
tagged-ext-simple = sequence-set / number
|
||||
|
||||
tagged-ext-val = tagged-ext-simple /
|
||||
"(" [tagged-ext-comp] ")"
|
||||
|
||||
4. Security Considerations
|
||||
|
||||
This document updates ABNF in RFCs 2088, 2342, 3501, 3502, and 3516.
|
||||
The updated documents must be consulted for security considerations
|
||||
for the extensions that they define.
|
||||
|
||||
As a protocol gets more complex, parser bugs become more common
|
||||
including buffer overflow, denial of service, and other common
|
||||
security coding errors. To the extent that this document makes the
|
||||
parser more complex, it makes this situation worse. To the extent
|
||||
that this document makes the parser more consistent and thus simpler,
|
||||
the situation is improved. The impact will depend on how many
|
||||
deployed IMAP extensions are consistent with this document.
|
||||
Implementers are encouraged to take care of these issues when
|
||||
extending existing implementations. Future IMAP extensions should
|
||||
strive for consistency and simplicity to the greatest extent
|
||||
possible.
|
||||
|
||||
Extensions to IMAP commands that are permitted in NOT AUTHENTICATED
|
||||
state are more sensitive to these security issues due to the larger
|
||||
possible attacker community prior to authentication, and the fact
|
||||
that some IMAP servers run with elevated privileges in that state.
|
||||
This document does not extend any commands permitted in NOT
|
||||
AUTHENTICATED state. Future IMAP extensions to commands permitted in
|
||||
NOT AUTHENTICATED state should favor simplicity over consistency or
|
||||
extensibility.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 14]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
5. Normative References
|
||||
|
||||
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||||
|
||||
[IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL -
|
||||
VERSION 4rev1", RFC 3501, March 2003.
|
||||
|
||||
[ABNF] Crocker, D., Ed., and P. Overell, "Augmented BNF for
|
||||
Syntax Specifications: ABNF", RFC 4234, October 2005.
|
||||
|
||||
[CHARSET] Freed, N. and J. Postel, "IANA Charset Registration
|
||||
Procedures", BCP 19, RFC 2978, October 2000.
|
||||
|
||||
[MULTIAPPEND] Crispin, M., "Internet Message Access Protocol (IMAP) -
|
||||
MULTIAPPEND Extension", RFC 3502, March 2003.
|
||||
|
||||
[NAMESPACE] Gahrns, M. and C. Newman, "IMAP4 Namespace", RFC 2342,
|
||||
May 1998.
|
||||
|
||||
[LITERAL+] Myers, J., "IMAP4 non-synchronizing literals", RFC
|
||||
2088, January 1997.
|
||||
|
||||
[BINARY] Nerenberg, L., "IMAP4 Binary Content Extension", RFC
|
||||
3516, April 2003.
|
||||
|
||||
6. Acknowledgements
|
||||
|
||||
This documents is based on ideas proposed by Pete Resnick, Mark
|
||||
Crispin, Ken Murchison, Philip Guenther, Randall Gellens, and Lyndon
|
||||
Nerenberg.
|
||||
|
||||
However, all errors and omissions must be attributed to the authors
|
||||
of the document.
|
||||
|
||||
Thanks to Philip Guenther, Dave Cridland, Mark Crispin, Chris Newman,
|
||||
Elwyn Davies, and Barry Leiba for comments and corrections.
|
||||
|
||||
literal8 syntax was taken from RFC 3516.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 15]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
Authors' Addresses
|
||||
|
||||
Alexey Melnikov
|
||||
Isode Limited
|
||||
5 Castle Business Village
|
||||
36 Station Road
|
||||
Hampton, Middlesex, TW12 2BX
|
||||
UK
|
||||
|
||||
EMail: Alexey.Melnikov@isode.com
|
||||
|
||||
|
||||
Cyrus Daboo
|
||||
|
||||
EMail: cyrus@daboo.name
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 16]
|
||||
|
||||
RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
|
||||
|
||||
|
||||
Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2006).
|
||||
|
||||
This document is subject to the rights, licenses and restrictions
|
||||
contained in BCP 78, and except as set forth therein, the authors
|
||||
retain all their rights.
|
||||
|
||||
This document and the information contained herein are provided on an
|
||||
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
|
||||
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
|
||||
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
|
||||
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
|
||||
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Intellectual Property
|
||||
|
||||
The IETF takes no position regarding the validity or scope of any
|
||||
Intellectual Property Rights or other rights that might be claimed to
|
||||
pertain to the implementation or use of the technology described in
|
||||
this document or the extent to which any license under such rights
|
||||
might or might not be available; nor does it represent that it has
|
||||
made any independent effort to identify any such rights. Information
|
||||
on the procedures with respect to rights in RFC documents can be
|
||||
found in BCP 78 and BCP 79.
|
||||
|
||||
Copies of IPR disclosures made to the IETF Secretariat and any
|
||||
assurances of licenses to be made available, or the result of an
|
||||
attempt made to obtain a general license or permission for the use of
|
||||
such proprietary rights by implementers or users of this
|
||||
specification can be obtained from the IETF on-line IPR repository at
|
||||
http://www.ietf.org/ipr.
|
||||
|
||||
The IETF invites any interested party to bring to its attention any
|
||||
copyrights, patents or patent applications, or other proprietary
|
||||
rights that may cover technology that may be required to implement
|
||||
this standard. Please address the information to the IETF at
|
||||
ietf-ipr@ietf.org.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is provided by the IETF
|
||||
Administrative Support Activity (IASA).
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Melnikov & Daboo Standards Track [Page 17]
|
||||
|
1011
docs/rfcs/rfc4467.txt
Normal file
1011
docs/rfcs/rfc4467.txt
Normal file
File diff suppressed because it is too large
Load Diff
731
docs/rfcs/rfc4469.txt
Normal file
731
docs/rfcs/rfc4469.txt
Normal file
@ -0,0 +1,731 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Network Working Group P. Resnick
|
||||
Request for Comments: 4469 QUALCOMM Incorporated
|
||||
Updates: 3501, 3502 April 2006
|
||||
Category: Standards Track
|
||||
|
||||
|
||||
Internet Message Access Protocol (IMAP) CATENATE Extension
|
||||
|
||||
Status of This Memo
|
||||
|
||||
This document specifies an Internet standards track protocol for the
|
||||
Internet community, and requests discussion and suggestions for
|
||||
improvements. Please refer to the current edition of the "Internet
|
||||
Official Protocol Standards" (STD 1) for the standardization state
|
||||
and status of this protocol. Distribution of this memo is unlimited.
|
||||
|
||||
Copyright Notice
|
||||
|
||||
Copyright (C) The Internet Society (2006).
|
||||
|
||||
Abstract
|
||||
|
||||
The CATENATE extension to the Internet Message Access Protocol (IMAP)
|
||||
extends the APPEND command to allow clients to create messages on the
|
||||
IMAP server that may contain a combination of new data along with
|
||||
parts of (or entire) messages already on the server. Using this
|
||||
extension, the client can catenate parts of an already existing
|
||||
message onto a new message without having to first download the data
|
||||
and then upload it back to the server.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 1]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
1. Introduction
|
||||
|
||||
The CATENATE extension to the Internet Message Access Protocol (IMAP)
|
||||
[1] allows the client to create a message on the server that can
|
||||
include the text of messages (or parts of messages) that already
|
||||
exist on the server without having to FETCH them and APPEND them back
|
||||
to the server. The CATENATE extension extends the APPEND command so
|
||||
that, instead of a single message literal, the command can take as
|
||||
arguments any combination of message literals (as described in IMAP
|
||||
[1]) and message URLs (as described in the IMAP URL Scheme [2]
|
||||
specification). The server takes all the pieces and catenates them
|
||||
into the output message. The CATENATE extension can also coexist
|
||||
with the MULTIAPPEND extension [3] to APPEND multiple messages in a
|
||||
single command.
|
||||
|
||||
There are some obvious uses for the CATENATE extension. The
|
||||
motivating use case was to provide a way for a resource-constrained
|
||||
client to compose a message for subsequent submission that contains
|
||||
data that already exists in that client's IMAP store. Because the
|
||||
client does not have to download and re-upload potentially large
|
||||
message parts, bandwidth and processing limitations do not have as
|
||||
much impact. In addition, since the client can create a message in
|
||||
its own IMAP store, the command also addresses the desire of the
|
||||
client to archive a copy of a sent message without having to upload
|
||||
the message twice. (Mechanisms for sending the message are outside
|
||||
the scope of this document.)
|
||||
|
||||
The extended APPEND command can also be used to copy parts of a
|
||||
message to another mailbox for archival purposes while getting rid of
|
||||
undesired parts. In environments where server storage is limited, a
|
||||
client could get rid of large message parts by copying over only the
|
||||
necessary parts and then deleting the original message. The
|
||||
mechanism could also be used to add data to a message (such as
|
||||
prepending message header fields) or to include other data by making
|
||||
a copy of the original and catenating the new data.
|
||||
|
||||
2. The CATENATE Capability
|
||||
|
||||
A server that supports this extension returns "CATENATE" as one of
|
||||
the responses to the CAPABILITY command.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 2]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
3. The APPEND Command
|
||||
|
||||
Arguments: mailbox name
|
||||
(The following can be repeated in the presence of the
|
||||
MULTIAPPEND extension [3])
|
||||
OPTIONAL flag parenthesized list
|
||||
OPTIONAL date/time string
|
||||
a single message literal or one or more message parts to
|
||||
catenate, specified as:
|
||||
message literal
|
||||
or
|
||||
message (or message part) URL
|
||||
|
||||
Responses: OPTIONAL NO responses: BADURL, TOOBIG
|
||||
|
||||
Result: OK - append completed
|
||||
NO - append error: can't append to that mailbox, error
|
||||
in flags or date/time or message text, or can't
|
||||
fetch that data
|
||||
BAD - command unknown or arguments invalid
|
||||
|
||||
The APPEND command concatenates all the message parts and appends
|
||||
them as a new message to the end of the specified mailbox. The
|
||||
parenthesized flag list and date/time string set the flags and the
|
||||
internal date, respectively, as described in IMAP [1]. The
|
||||
subsequent command parameters specify the message parts that are
|
||||
appended sequentially to the output message.
|
||||
|
||||
If the original form of APPEND is used, a message literal follows the
|
||||
optional flag list and date/time string, which is appended as
|
||||
described in IMAP [1]. If the extended form is used, "CATENATE" and
|
||||
a parenthesized list of message literals and message URLs follows,
|
||||
each of which is appended to the new message. If a message literal
|
||||
is specified (indicated by "TEXT"), the octets following the count
|
||||
are appended. If a message URL is specified (indicated by "URL"),
|
||||
the octets of the body part pointed to by that URL are appended, as
|
||||
if the literal returned in a FETCH BODY response were put in place of
|
||||
the message part specifier. The APPEND command does not cause the
|
||||
\Seen flag to be set for any catenated body part. The APPEND command
|
||||
does not change the selected mailbox.
|
||||
|
||||
In the extended APPEND command, the string following "URL" is an IMAP
|
||||
URL [2] and is interpreted according to the rules of [2]. The
|
||||
present document only describes the behavior of the command using
|
||||
IMAP URLs that refer to specific messages or message parts on the
|
||||
current IMAP server from the current authenticated IMAP session.
|
||||
Because of that, only relative IMAP message or message part URLs
|
||||
(i.e., those having no scheme or <iserver>) are used. The base URL
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 3]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
for evaluating the relative URL is considered "imap://user@server/",
|
||||
where "user" is the user name of the currently authenticated user and
|
||||
"server" is the domain name of the current server. When in the
|
||||
selected state, the base URL is considered
|
||||
"imap://user@server/mailbox", where "mailbox" is the encoded name of
|
||||
the currently selected mailbox. Additionally, since the APPEND
|
||||
command is valid in the authenticated state of an IMAP session, no
|
||||
further LOGIN or AUTHENTICATE command is performed for URLs specified
|
||||
in the extended APPEND command.
|
||||
|
||||
Note: Use of an absolute IMAP URL or any URL that refers to
|
||||
anything other than a message or message part from the current
|
||||
authenticated IMAP session is outside the scope of this document
|
||||
and would require an extension to this specification, and a server
|
||||
implementing only this specification would return NO to such a
|
||||
request.
|
||||
|
||||
The client is responsible for making sure that the catenated message
|
||||
is in the format of an Internet Message Format (RFC 2822) [4] or
|
||||
Multipurpose Internet Mail Extension (MIME) [5] message. In
|
||||
particular, when a URL is catenated, the server copies octets,
|
||||
unchanged, from the indicated message or message part to the
|
||||
catenated message. It does no data conversion (e.g., MIME transfer
|
||||
encodings) nor any verification that the data is appropriate for the
|
||||
MIME part of the message into which it is inserted. The client is
|
||||
also responsible for inserting appropriate MIME boundaries between
|
||||
body parts, and writing MIME Content-Type and Content-Transfer-
|
||||
Encoding lines as needed in the appropriate places.
|
||||
|
||||
Responses behave just as the original APPEND command described in
|
||||
IMAP [1]. If the server implements the IMAP UIDPLUS extension [6],
|
||||
it will also return an APPENDUID response code in the tagged OK
|
||||
response. Two response codes are provided in Section 4 that can be
|
||||
used in the tagged NO response if the APPEND command fails.
|
||||
|
||||
4. Response Codes
|
||||
|
||||
When a APPEND command fails, it may return a response code that
|
||||
describes a reason for the failure.
|
||||
|
||||
4.1. BADURL Response
|
||||
|
||||
The BADURL response code is returned if the APPEND fails to process
|
||||
one of the specified URLs. Possible reasons for this are bad URL
|
||||
syntax, unrecognized URL schema, invalid message UID, or invalid body
|
||||
part. The BADURL response code contains the first URL specified as a
|
||||
parameter to the APPEND command that has caused the operation to
|
||||
fail.
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 4]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
4.2. TOOBIG Response
|
||||
|
||||
The TOOBIG response code is returned if the resulting message will
|
||||
exceed the 4-GB IMAP message limit. This might happen, for example,
|
||||
if the client specifies 3 URLs for 2-GB messages. Note that even if
|
||||
the server doesn't return TOOBIG, it still has to be defensive
|
||||
against misbehaving or malicious clients that try to construct a
|
||||
message over the 4-GB limit. The server may also wish to return the
|
||||
TOOBIG response code if the resulting message exceeds a server-
|
||||
specific message size limit.
|
||||
|
||||
5. Formal Syntax
|
||||
|
||||
The following syntax specification uses the Augmented Backus-Naur
|
||||
Form (ABNF) [7] notation. Elements not defined here can be found in
|
||||
the formal syntax of the ABNF [7], IMAP [1], and IMAP ABNF extensions
|
||||
[8] specifications. Note that capability and resp-text-code are
|
||||
extended from the IMAP [1] specification and append-data is extended
|
||||
from the IMAP ABNF extensions [8] specification.
|
||||
|
||||
append-data =/ "CATENATE" SP "(" cat-part *(SP cat-part) ")"
|
||||
|
||||
cat-part = text-literal / url
|
||||
|
||||
text-literal = "TEXT" SP literal
|
||||
|
||||
url = "URL" SP astring
|
||||
|
||||
resp-text-code =/ toobig-response-code / badurl-response-code
|
||||
|
||||
toobig-response-code = "TOOBIG"
|
||||
|
||||
badurl-response-code = "BADURL" SP url-resp-text
|
||||
|
||||
url-resp-text = 1*(%x01-09 /
|
||||
%x0B-0C /
|
||||
%x0E-5B /
|
||||
%x5D-FE) ; Any TEXT-CHAR except "]"
|
||||
|
||||
capability =/ "CATENATE"
|
||||
|
||||
The astring in the definition of url and the url-resp-text in the
|
||||
definition of badurl-response-code each contain an imapurl as defined
|
||||
by [2].
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 5]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
6. Acknowledgements
|
||||
|
||||
Thanks to the members of the LEMONADE working group for their input.
|
||||
Special thanks to Alexey Melnikov for the examples.
|
||||
|
||||
7. Security Considerations
|
||||
|
||||
The CATENATE extension does not raise any security considerations
|
||||
that are not present for the base protocol or in the use of IMAP
|
||||
URLs, and these issues are discussed in the IMAP [1] and IMAP URL [2]
|
||||
documents.
|
||||
|
||||
8. IANA Considerations
|
||||
|
||||
IMAP4 capabilities are registered by publishing a standards track or
|
||||
IESG approved experimental RFC. The registry is currently located at
|
||||
<http://www.iana.org/assignments/imap4-capabilities>. This document
|
||||
defines the CATENATE IMAP capability. The IANA has added this
|
||||
capability to the registry.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 6]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
Appendix A. Examples
|
||||
|
||||
Lines not starting with "C: " or "S: " are continuations of the
|
||||
previous lines.
|
||||
|
||||
The original message in examples 1 and 2 below (UID = 20) has the
|
||||
following structure:
|
||||
|
||||
|
||||
multipart/mixed MIME message with two body parts:
|
||||
|
||||
1. text/plain
|
||||
|
||||
2. application/x-zip-compressed
|
||||
|
||||
Example 1: The following example demonstrates how a CATENATE client
|
||||
can replace an attachment in a draft message, without the need to
|
||||
download it to the client and upload it back.
|
||||
|
||||
C: A003 APPEND Drafts (\Seen \Draft $MDNSent) CATENATE
|
||||
(URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;section=HEADER"
|
||||
TEXT {42}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050907
|
||||
C: URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;section=1.MIME"
|
||||
URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;section=1" TEXT {42}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050907
|
||||
C: URL "/Drafts;UIDVALIDITY=385759045/;UID=30" TEXT {44}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050907--
|
||||
C: )
|
||||
S: A003 OK catenate append completed
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 7]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
Example 2: The following example demonstrates how the CATENATE
|
||||
extension can be used to replace edited text in a draft message, as
|
||||
well as header fields for the top level message part (e.g., Subject
|
||||
has changed). The previous version of the draft is marked as
|
||||
\Deleted. Note that the server also supports the UIDPLUS extension,
|
||||
so the APPENDUID response code is returned in the successful OK
|
||||
response to the APPEND command.
|
||||
|
||||
C: A003 APPEND Drafts (\Seen \Draft $MDNSent) CATENATE (TEXT {738}
|
||||
S: + Ready for literal data
|
||||
C: Return-Path: <bar@example.org>
|
||||
C: Received: from [127.0.0.2]
|
||||
C: by rufus.example.org via TCP (internal) with ESMTPA;
|
||||
C: Thu, 11 Nov 2004 16:57:07 +0000
|
||||
C: Message-ID: <419399E1.6000505@example.org>
|
||||
C: Date: Thu, 12 Nov 2004 16:57:05 +0000
|
||||
C: From: Bob Ar <bar@example.org>
|
||||
C: X-Accept-Language: en-us, en
|
||||
C: MIME-Version: 1.0
|
||||
C: To: foo@example.net
|
||||
C: Subject: About our holiday trip
|
||||
C: Content-Type: multipart/mixed;
|
||||
C: boundary="------------030308070208000400050907"
|
||||
C:
|
||||
C: --------------030308070208000400050907
|
||||
C: Content-Type: text/plain; charset=us-ascii; format=flowed
|
||||
C: Content-Transfer-Encoding: 7bit
|
||||
C:
|
||||
C: Our travel agent has sent the updated schedule.
|
||||
C:
|
||||
C: Cheers,
|
||||
C: Bob
|
||||
C: --------------030308070208000400050907
|
||||
C: URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;Section=2.MIME"
|
||||
URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;Section=2" TEXT {44}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050907--
|
||||
C: )
|
||||
S: A003 OK [APPENDUID 385759045 45] append Completed
|
||||
C: A004 UID STORE 20 +FLAGS.SILENT (\Deleted)
|
||||
S: A004 OK STORE completed
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 8]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
Example 3: The following example demonstrates how the CATENATE
|
||||
extension can be used to strip attachments. Below, a PowerPoint
|
||||
attachment was replaced by a small text part explaining that the
|
||||
attachment was stripped.
|
||||
|
||||
C: A003 APPEND Drafts (\Seen \Draft $MDNSent) CATENATE
|
||||
(URL "/Drafts;UIDVALIDITY=385759045/;UID=21/;section=HEADER"
|
||||
TEXT {42}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050903
|
||||
C: URL "/Drafts;UIDVALIDITY=385759045/;UID=21/;section=1.MIME"
|
||||
URL "/Drafts;UIDVALIDITY=385759045/;UID=21/;section=1" TEXT {255}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050903
|
||||
C: Content-type: text/plain; charset="us-ascii"
|
||||
C: Content-transfer-encoding: 7bit
|
||||
C:
|
||||
C: This body part contained a Power Point presentation that was
|
||||
C: deleted upon your request.
|
||||
C: --------------030308070208000400050903--
|
||||
C: )
|
||||
S: A003 OK append Completed
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 9]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
Example 4: The following example demonstrates a failed APPEND
|
||||
command. The server returns the BADURL response code to indicate
|
||||
that one of the provided URLs is invalid. This example also
|
||||
demonstrates how the CATENATE extension can be used to construct a
|
||||
digest of several messages.
|
||||
|
||||
C: A003 APPEND Sent (\Seen $MDNSent) CATENATE (TEXT {541}
|
||||
S: + Ready for literal data
|
||||
C: Return-Path: <foo@example.org>
|
||||
C: Received: from [127.0.0.2]
|
||||
C: by rufus.example.org via TCP (internal) with ESMTPA;
|
||||
C: Thu, 11 Nov 2004 16:57:07 +0000
|
||||
C: Message-ID: <419399E1.6000505@example.org>
|
||||
C: Date: Thu, 21 Nov 2004 16:57:05 +0000
|
||||
C: From: Farren Oo <foo@example.org>
|
||||
C: X-Accept-Language: en-us, en
|
||||
C: MIME-Version: 1.0
|
||||
C: To: bar@example.org
|
||||
C: Subject: Digest of the mailing list for today
|
||||
C: Content-Type: multipart/digest;
|
||||
C: boundary="------------030308070208000400050904"
|
||||
C:
|
||||
C: --------------030308070208000400050904
|
||||
C: URL "/INBOX;UIDVALIDITY=785799047/;UID=11467" TEXT {42}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050904
|
||||
C: URL "/INBOX;UIDVALIDITY=785799047/;UID=113330/;section=1.5.9"
|
||||
TEXT {42}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050904
|
||||
C: URL "/INBOX;UIDVALIDITY=785799047/;UID=11916" TEXT {44}
|
||||
S: + Ready for literal data
|
||||
C:
|
||||
C: --------------030308070208000400050904--
|
||||
C: )
|
||||
S: A003 NO [BADURL "/INBOX;UIDVALIDITY=785799047/;UID=113330;
|
||||
section=1.5.9"] CATENATE append has failed, one message expunged
|
||||
|
||||
Note that the server could have validated the URLs as they were
|
||||
received and therefore could have returned the tagged NO response
|
||||
with BADURL response-code in place of any continuation request after
|
||||
the URL was received.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 10]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
9. Normative References
|
||||
|
||||
[1] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1",
|
||||
RFC 3501, March 2003.
|
||||
|
||||
[2] Newman, C., "IMAP URL Scheme", RFC 2192, September 1997.
|
||||
|
||||
[3] Crispin, M., "Internet Message Access Protocol (IMAP) -
|
||||
MULTIAPPEND Extension", RFC 3502, March 2003.
|
||||
|
||||
[4] Resnick, P., "Internet Message Format", RFC 2822, April 2001.
|
||||
|
||||
[5] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
|
||||
Extensions (MIME) Part One: Format of Internet Message Bodies",
|
||||
RFC 2045, November 1996.
|
||||
|
||||
[6] Crispin, M., "Internet Message Access Protocol (IMAP) - UIDPLUS
|
||||
extension", RFC 4315, December 2005.
|
||||
|
||||
[7] Crocker, D. and P. Overell, "Augmented BNF for Syntax
|
||||
Specifications: ABNF", RFC 4234, October 2005.
|
||||
|
||||
[8] Melnikov, A. and C. Daboo, "Collected Extensions to IMAP4 ABNF",
|
||||
RFC 4466, April 2006.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 11]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
Author's Address
|
||||
|
||||
Peter W. Resnick
|
||||
QUALCOMM Incorporated
|
||||
5775 Morehouse Drive
|
||||
San Diego, CA 92121-1714
|
||||
US
|
||||
|
||||
Phone: +1 858 651 4478
|
||||
EMail: presnick@qualcomm.com
|
||||
URI: http://www.qualcomm.com/~presnick/
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 12]
|
||||
|
||||
RFC 4469 IMAP CATENATE Extension April 2006
|
||||
|
||||
|
||||
Full Copyright Statement
|
||||
|
||||
Copyright (C) The Internet Society (2006).
|
||||
|
||||
This document is subject to the rights, licenses and restrictions
|
||||
contained in BCP 78, and except as set forth therein, the authors
|
||||
retain all their rights.
|
||||
|
||||
This document and the information contained herein are provided on an
|
||||
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
|
||||
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
|
||||
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
|
||||
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
|
||||
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
Intellectual Property
|
||||
|
||||
The IETF takes no position regarding the validity or scope of any
|
||||
Intellectual Property Rights or other rights that might be claimed to
|
||||
pertain to the implementation or use of the technology described in
|
||||
this document or the extent to which any license under such rights
|
||||
might or might not be available; nor does it represent that it has
|
||||
made any independent effort to identify any such rights. Information
|
||||
on the procedures with respect to rights in RFC documents can be
|
||||
found in BCP 78 and BCP 79.
|
||||
|
||||
Copies of IPR disclosures made to the IETF Secretariat and any
|
||||
assurances of licenses to be made available, or the result of an
|
||||
attempt made to obtain a general license or permission for the use of
|
||||
such proprietary rights by implementers or users of this
|
||||
specification can be obtained from the IETF on-line IPR repository at
|
||||
http://www.ietf.org/ipr.
|
||||
|
||||
The IETF invites any interested party to bring to its attention any
|
||||
copyrights, patents or patent applications, or other proprietary
|
||||
rights that may cover technology that may be required to implement
|
||||
this standard. Please address the information to the IETF at
|
||||
ietf-ipr@ietf.org.
|
||||
|
||||
Acknowledgement
|
||||
|
||||
Funding for the RFC Editor function is provided by the IETF
|
||||
Administrative Support Activity (IASA).
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Resnick Standards Track [Page 13]
|
||||
|
1963
docs/rfcs/rfc4549.txt
Normal file
1963
docs/rfcs/rfc4549.txt
Normal file
File diff suppressed because it is too large
Load Diff
1403
docs/rfcs/rfc4551.txt
Normal file
1403
docs/rfcs/rfc4551.txt
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
x
Reference in New Issue
Block a user