Network Working Group Arnt Gulbrandsen Internet-Draft Oryx Mail Systems GmbH Intended Status: Proposed Standard May 2007 The IMAP ENABLE Extension draft-gulbrandsen-imap-enable-02.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet- Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft expires in September 2007. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract Most IMAP extensions are used by the client when it wants to and the server supports to. However, a few extensions require the server to know whether a client supports that extension. The ENABLE extension allows an IMAP client to say which extensions it supports. Gulbrandsen Expires November 2007 [Page 1] Internet-draft May 2006 1. Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Formal syntax is defined by [RFC4234] as modified by [RFC3501]. Example lines prefaced by "C:" are sent by the client and ones prefaced by "S:" by the server. The five characters [...] means that something has been elided. 2. Overview CONSTORE ([RFC4551]), ANNOTATE ([ANNOTATE]) and some extensions under consideration at the moment use various commands to enable server extensions. (CONDSTORE uses a SELECT or FETCH parameter, and ANNOTATE uses a side effect of FETCH.) This extension adds a command, ENABLE, which enables such extensions without causing any other effect. An IMAP server which supports ENABLE advertises this by including the word ENABLE in its capability list. Most IMAP extensions do not require the client to enable the extension in any way. 3. The ENABLE Command Arguments: capability names Result: OK: Relevant capabilities enabled BAD: No arguments, or syntax error in an argument The ENABLE command takes a list of capability names, and requests the server to enable the named extensions. Once enabled using ENABLE, each extension remains active until the IMAP connection is closed. For each argument, the server does the following: - If the argument is not an extension known to the server, the server MUST ignore the argument. - If the argument is an extension known to the server, and it does not make sense to enable the extension in this way, the server MUST respond with BAD. Gulbrandsen Expires November 2007 [Page 2] Internet-draft May 2006 - If the argument is an extension is supported by the server and which needs to be enabled, the server MUST enable the extension for the duration of the connection. At present this applies only to CONDSTORE. Clients MUST only include extensions that need to be enabled in the server. At present CONDSTORE is the only such extension (ie. ENABLE CONDSTORE is an additional "Condstore enabling command" as defined in [RFC4551]). Future RFCs may add to this list. [Note to the RFC Editor: If the IMAP ANNOTATE document has been published already, ANNOTATE should be mentioned as well as CONDSTORE.] There are no limitations on pipelining ENABLE. For example, it is possible to send ENABLE and then immediately AUTHENTICATE. In this example, the client enables CONDSTORE: C: a ENABLE CONDSTORE S: a OK Conditional Store enabled In the next example, the client asks about the server capabilities, the server tells the client only what's usable prior to login, the client enables CONDSTORE and X-GOOD-IDEA, then it logs in. C: a CAPABILITY S: * CAPABILITY IMAP4rev1 AUTH=CRAM-MD5 AUTH=DIGEST-MD5 ID LITERAL+ ENABLE S: a OK foo C: b ENABLE CONDSTORE X-GOOD-IDEA S: b OK foo C: c LOGIN d e S: c OK foo C: d CAPABILITY S: * CAPABILITY IMAP4rev1 ID LITERAL+ CONDSTORE S: d OK foo After command b, the client does not know whether CONDSTORE and X- GOOD-IDEA are enabled. After command d, the client learns that the server supports CONDSTORE but not X-GOOD-IDEA, so it knows that CONDSTORE is enabled. 4. Formal Syntax The following syntax specification uses the Augmented Backus-Naur Form (ABNF) notation as specified in [RFC4234]. [RFC3501] defines the non-terminals "capability" and "command-any". Gulbrandsen Expires November 2007 [Page 3] Internet-draft May 2006 Except as noted otherwise, all alphabetic characters are case- insensitive. The use of upper or lower case characters to define token strings is for editorial clarity only. Implementations MUST accept these strings in a case-insensitive fashion. capability =/ "ENABLE" command-any =/ "ENABLE" 1*(SP capability) 5. Security considerations The ENABLE command may be executed before authentication, so it can be used by malevolent clients. Servers should parse and implement it with particular care. It is possible to use ENABLE to find out whether a server implements certain IMAP extensions. For example, if a server does not advertise IDLE (see [RFC2177]) in unauthenticated mode, an unauthenticated client can send ENABLE IDLE and use the response to find out whether the server supports IDLE. This is believed to be harmless, since the relevant extensions are necessarily not available to the client. 6. IANA considerations The IANA is requested to add ENABLE to the IMAP4 Capabilities Registry. [TO BE REMOVED: This registration should take place at the following location: http://www.iana.org/assignments/imap4-capabilities] 7. Credits The idea came from Randy Gellens. Alexey Melnikov thought it was a good idea. The author of this document typed it down and added the open issues section. 8. Normative References [RFC2119] Bradner, "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, Harvard University, March 1997. [RFC3501] Crispin, "Internet Message Access Protocol - Version 4rev1", RFC 3501, University of Washington, June 2003. Gulbrandsen Expires November 2007 [Page 4] Internet-draft May 2006 [RFC4234] Crocker, Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 4234, Brandenburg Internetworking, Demon Internet Ltd, October 2005. [RFC4551] Melnikov, Hole, "IMAP Extension for Conditional STORE Operation or Quick Flag Changes Resynchronization", RFC 4551, Isode Ltd., June 2006. 8. Informative References [RFC2177] Leiba, "IMAP4 IDLE Command", RFC 2177, IBM, June 1997. [ANNOTATE] Daboo, Gellens, "IMAP ANNOTATE Extension", draft-ietf- imapext-annotate, August 2006. 10. Author's Address Arnt Gulbrandsen Oryx Mail Systems GmbH Schweppermannstr. 8 D-81671 Muenchen Germany Fax: +49 89 4502 9758 Email: arnt@oryx.com Gulbrandsen Expires November 2007 [Page 5] Internet-draft May 2006 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org. Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Gulbrandsen Expires November 2007 [Page 6] Internet-draft May 2006 (RFC Editor: Please delete everything after this point) Open Issues None any more. It would be nice to have some text explaining that well-designed extensions don't need ENABLE, and why, but my attempts at such text have not come out well. Changes since -00 - The IANA asked me to specify the IANA registry exactly - Say "clients should only use ENABLE when it's really necessary" - Better abstract - Wording. - Refer to RFCs by number, not by topic. - Boilerplate updates - IETF Trust and so on. Changes since -01 - Specify that ENABLE ID is BAD, not ignorable. - Explicitly allow maximum pipelining. - Security implications. Gulbrandsen Expires November 2007 [Page 7]