summaryrefslogtreecommitdiff
path: root/imap
diff options
context:
space:
mode:
Diffstat (limited to 'imap')
-rw-r--r--imap/docs/README.rfc (renamed from imap/docs/rfc/README)4
-rw-r--r--imap/docs/rfc/rfc1732.txt283
-rw-r--r--imap/docs/rfc/rfc1733.txt171
-rw-r--r--imap/docs/rfc/rfc2061.txt171
-rw-r--r--imap/docs/rfc/rfc2062.txt451
-rw-r--r--imap/docs/rfc/rfc2087.txt283
-rw-r--r--imap/docs/rfc/rfc2088.txt115
-rw-r--r--imap/docs/rfc/rfc2177.txt227
-rw-r--r--imap/docs/rfc/rfc2180.txt787
-rw-r--r--imap/docs/rfc/rfc2193.txt507
-rw-r--r--imap/docs/rfc/rfc2195.txt283
-rw-r--r--imap/docs/rfc/rfc2221.txt283
-rw-r--r--imap/docs/rfc/rfc2342.txt563
-rw-r--r--imap/docs/rfc/rfc2683.txt1291
-rw-r--r--imap/docs/rfc/rfc2971.txt451
-rw-r--r--imap/docs/rfc/rfc3348.txt339
-rw-r--r--imap/docs/rfc/rfc3501.txt6052
-rw-r--r--imap/docs/rfc/rfc3502.txt395
-rw-r--r--imap/docs/rfc/rfc3503.txt507
-rw-r--r--imap/docs/rfc/rfc3516.txt451
-rw-r--r--imap/docs/rfc/rfc3656.txt1067
-rw-r--r--imap/docs/rfc/rfc3691.txt283
-rw-r--r--imap/docs/rfc/rfc4314.txt1515
-rw-r--r--imap/docs/rfc/rfc4315.txt451
-rw-r--r--imap/docs/rfc/rfc4422.txt1851
-rw-r--r--imap/docs/rfc/rfc4466.txt955
-rw-r--r--imap/docs/rfc/rfc4467.txt1011
-rw-r--r--imap/docs/rfc/rfc4468.txt787
-rw-r--r--imap/docs/rfc/rfc4469.txt731
-rw-r--r--imap/docs/rfc/rfc4505.txt507
-rw-r--r--imap/docs/rfc/rfc4549.txt1963
-rw-r--r--imap/docs/rfc/rfc4551.txt1403
-rw-r--r--imap/docs/rfc/rfc4616.txt619
-rw-r--r--imap/docs/rfc/rfc4731.txt451
-rw-r--r--imap/docs/rfc/rfc4752.txt563
-rw-r--r--imap/docs/rfc/rfc4790.txt1459
-rw-r--r--imap/docs/rfc/rfc4959.txt395
-rw-r--r--imap/docs/rfc/rfc4978.txt507
-rw-r--r--imap/docs/rfc/rfc5032.txt283
-rw-r--r--imap/docs/rfc/rfc5051.txt395
-rw-r--r--imap/docs/rfc/rfc5092.txt1795
-rw-r--r--imap/docs/rfc/rfc5161.txt395
-rw-r--r--imap/docs/rfc/rfc5162.txt1291
-rw-r--r--imap/docs/rfc/rfc5234.txt899
-rw-r--r--imap/src/osdep/unix/flocklnx.c2
45 files changed, 5 insertions, 35187 deletions
diff --git a/imap/docs/rfc/README b/imap/docs/README.rfc
index 550d8d20..d320a3bb 100644
--- a/imap/docs/rfc/README
+++ b/imap/docs/README.rfc
@@ -1,3 +1,7 @@
+This distribution used to contain a copy of RFCs that are relevant to the
+implementation of IMAP support in the c-client library. These have been
+removed, but the list of relevant RFCs is listed below.
+
The following documents are necessary to understand the syntax rules
most of the remaining documents. Note that some documents refer to
RFC 2234 which has been replaced by RFC 5234:
diff --git a/imap/docs/rfc/rfc1732.txt b/imap/docs/rfc/rfc1732.txt
deleted file mode 100644
index cfae89c0..00000000
--- a/imap/docs/rfc/rfc1732.txt
+++ /dev/null
@@ -1,283 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 1732 University of Washington
-Category: Informational December 1994
-
-
- IMAP4 COMPATIBILITY WITH IMAP2 AND IMAP2BIS
-
-
-Status of this Memo
-
- This memo provides information for the Internet community. This memo
- does not specify an Internet standard of any kind. Distribution of
- this memo is unlimited.
-
-Introduction
-
- This is a summary of hints and recommendations to enable an IMAP4
- implementation to interoperate with implementations that conform to
- earlier specifications. None of these hints and recommendations are
- required by the IMAP4 specification; implementors must decide for
- themselves whether they want their implementation to fail if it
- encounters old software.
-
- IMAP4 has been designed to be upwards compatible with earlier
- specifications. For the most part, IMAP4 facilities that were not in
- earlier specifications should be invisible to clients unless the
- client asks for the facility.
-
- In some cases, older servers may support some of the capabilities
- listed as being "new in IMAP4" as experimental extensions to the
- IMAP2 protocol described in RFC 1176.
-
- This information may not be complete; it reflects current knowledge
- of server and client implementations as well as "folklore" acquired
- in the evolution of the protocol.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin [Page 1]
-
-RFC 1732 IMAP4 - Compatibility December 1994
-
-
-IMAP4 client interoperability with old servers
-
- In general, a client should be able to discover whether an IMAP2
- server supports a facility by trial-and-error; if an attempt to use a
- facility generates a BAD response, the client can assume that the
- server does not support the facility.
-
- A quick way to check whether a server implementation supports the
- IMAP4 specification is to try the CAPABILITY command. An OK response
- that includes the IMAP4 capability value indicates a server that
- supports IMAP4; a BAD response or one without the IMAP4 capability
- value indicates an older server.
-
- The following is a list of facilities that are only in IMAP4, and
- suggestions for how new clients might interoperate with old servers:
-
- CAPABILITY command
- A BAD response to this command indicates that the server
- implements IMAP2 (or IMAP2bis) and not IMAP4.
-
- AUTHENTICATE command.
- Use the LOGIN command.
-
- LSUB and LIST commands
- Try the RFC 1176 FIND command.
-
- * in a sequence
- Use the number of messages in the mailbox from the EXISTS
- unsolicited response.
-
- SEARCH extensions (character set, additional criteria)
- Reformulate the search request using only the searching
- options listed in search_old in the IMAP4 grammar. This may
- entail doing multiple searches to achieve the desired
- results.
-
- BODYSTRUCTURE fetch data item
- Try to fetch the non-extensible BODY data item.
-
- body section number 0
- Fetch the entire message and extract the header.
-
- RFC822.HEADER.LINES and RFC822.HEADER.LINES.NOT fetch data items
- Use RFC822.HEADER and remove the unwanted information.
-
- BODY.PEEK[section], RFC822.PEEK, and RFC822.TEXT.PEEK fetch data
- items Use the corresponding non-PEEK versions and manually
- clear the \Seen flag as necessary.
-
-
-
-Crispin [Page 2]
-
-RFC 1732 IMAP4 - Compatibility December 1994
-
-
- UID fetch data item and the UID commands
- No equivalent capabilitity exists in older servers.
-
- FLAGS.SILENT, +FLAGS.SILENT, and -FLAGS.SILENT store data items
- Use the corresponding non-SILENT versions and ignore the
- untagged FETCH responses which com eback.
-
-
- The following IMAP4 facilities were introduced in the experimental
- IMAP2bis revisions to RFC-1176, and may be present in a server that
- does not support the CAPABILITY command:
-
- CREATE, DELETE, and RENAME commands
- To test whether these commands are present, try a CREATE
- INBOX command. If the response is NO, these commands are
- supported by the server. If the response is BAD, they are
- not. Older servers without the CREATE capability may sup-
- port implicit creation of a mailbox by a COPY command with a
- non-existant name as the destination.
-
- APPEND command
- To test whether this command is present, try to append a
- zero-length stream to a mailbox name that is known not to
- exist (or at least, highly unlikely to exist) on the remote
- system.
-
- SUBSCRIBE and UNSUBSCRIBE commands
- Try the form of these commands with the optional MAILBOX
- keyword.
-
- EXAMINE command
- Use the SELECT command instead.
-
- flags and internal date argument to APPEND command
- Try the APPEND without any flag list and internal date argu-
- ments.
-
- BODY, BODY[section], and FULL fetch data items
- Use RFC822.TEXT and ALL instead. Server does not support
- MIME.
-
- PARTIAL command
- Use the appropriate FETCH command and ignore the unwanted
- data.
-
-
- IMAP4 client implementations must accept all responses and data for-
- mats documented in the IMAP4 specification, including those labeled
-
-
-
-Crispin [Page 3]
-
-RFC 1732 IMAP4 - Compatibility December 1994
-
-
- as obsolete. This includes the COPY and STORE unsolicited responses
- and the old format of dates and times. In particular, client imple-
- mentations must not treat a date/time as a fixed format string; nor
- may they assume that the time begins at a particular octet.
-
- IMAP4 client implementations must not depend upon the presence of any
- server extensions that are not in the base IMAP4 specification.
-
- The experimental IMAP2bis version specified that the TRYCREATE spe-
- cial information token is sent as a separate unsolicited OK response
- instead of inside the NO response.
-
- The FIND BBOARDS, FIND ALL.BBOARDS, and BBOARD commands of RFC 1176
- are removed from IMAP4. There is no equivalent to the bboard com-
- mands, which provided a separate namespace with implicit restrictions
- on what may be done in that namespace.
-
- Older server implementations may automatically create the destination
- mailbox on COPY if that mailbox does not already exist. This was how
- a new mailbox was created in older specifications. If the server
- does not support the CREATE command (see above for how to test for
- this), it will probably create a mailbox on COPY.
-
- Older server implementations may not preserve flags or internal dates
- on COPY. Some server implementations may not permit the preservation
- of certain flags on COPY or their setting with APPEND as site policy.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin [Page 4]
-
-RFC 1732 IMAP4 - Compatibility December 1994
-
-
-IMAP4 server interoperability with old clients
-
- In general, there should be no interoperation problem between a
- server conforming to the IMAP4 specification and a well-written
- client that conforms to an earlier specification. Known problems are
- noted below:
-
- Poor wording in the description of the CHECK command in earlier
- specifications implied that a CHECK command is the way to get the
- current number of messages in the mailbox. This is incorrect. A
- CHECK command does not necessarily result in an EXISTS response.
- Clients must remember the most recent EXISTS value sent from the
- server, and should not generate unnecessary CHECK commands.
-
- An incompatibility exists with COPY in IMAP4. COPY in IMAP4
- servers does not automatically create the destination mailbox if
- that mailbox does not already exist. This may cause problems with
- old clients that expect automatic mailbox creation in COPY.
-
- The PREAUTH unsolicited response is new in IMAP4. It is highly
- unlikely that an old client would ever see this response.
-
- The format of dates and times has changed due to the impending end
- of the century. Clients that fail to accept a four-digit year or
- a signed four-digit timezone value will not work properly with
- IMAP4.
-
- An incompatibility exists with the use of "\" in quoted strings.
- This is best avoided by using literals instead of quoted strings
- if "\" or <"> is embedded in the string.
-
-Security Considerations
-
- Security issues are not discussed in this memo.
-
-Author's Address:
-
- Mark R. Crispin
- Networks and Distributed Computing, JE-30
- University of Washington
- Seattle, WA 98195
-
- Phone: (206) 543-5762
-
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-Crispin [Page 5]
-
diff --git a/imap/docs/rfc/rfc1733.txt b/imap/docs/rfc/rfc1733.txt
deleted file mode 100644
index 2ec385f0..00000000
--- a/imap/docs/rfc/rfc1733.txt
+++ /dev/null
@@ -1,171 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 1733 University of Washington
-Category: Informational December 1994
-
-
- DISTRIBUTED ELECTRONIC MAIL MODELS IN IMAP4
-
-
-Status of this Memo
-
- This memo provides information for the Internet community. This memo
- does not specify an Internet standard of any kind. Distribution of
- this memo is unlimited.
-
-
-Distributed Electronic Mail Models
-
- There are three fundamental models of client/server email: offline,
- online, and disconnected use. IMAP4 can be used in any one of these
- three models.
-
- The offline model is the most familiar form of client/server email
- today, and is used by protocols such as POP-3 (RFC 1225) and UUCP.
- In this model, a client application periodically connects to a
- server. It downloads all the pending messages to the client machine
- and deletes these from the server. Thereafter, all mail processing
- is local to the client. This model is store-and-forward; it moves
- mail on demand from an intermediate server (maildrop) to a single
- destination machine.
-
- The online model is most commonly used with remote filesystem
- protocols such as NFS. In this model, a client application
- manipulates mailbox data on a server machine. A connection to the
- server is maintained throughout the session. No mailbox data are
- kept on the client; the client retrieves data from the server as is
- needed. IMAP4 introduces a form of the online model that requires
- considerably less network bandwidth than a remote filesystem
- protocol, and provides the opportunity for using the server for CPU
- or I/O intensive functions such as parsing and searching.
-
- The disconnected use model is a hybrid of the offline and online
- models, and is used by protocols such as PCMAIL (RFC 1056). In this
- model, a client user downloads some set of messages from the server,
- manipulates them offline, then at some later time uploads the
- changes. The server remains the authoritative repository of the
- messages. The problems of synchronization (particularly when
- multiple clients are involved) are handled through the means of
- unique identifiers for each message.
-
-
-
-Crispin [Page 1]
-
-RFC 1733 IMAP4 - Model December 1994
-
-
- Each of these models have their own strengths and weaknesses:
-
- Feature Offline Online Disc
- ------- ------- ------ ----
- Can use multiple clients NO YES YES
- Minimum use of server connect time YES NO YES
- Minimum use of server resources YES NO NO
- Minimum use of client disk resources NO YES NO
- Multiple remote mailboxes NO YES YES
- Fast startup NO YES NO
- Mail processing when not online YES NO YES
-
- Although IMAP4 has its origins as a protocol designed to accommodate
- the online model, it can support the other two models as well. This
- makes possible the creation of clients that can be used in any of the
- three models. For example, a user may wish to switch between the
- online and disconnected models on a regular basis (e.g. owing to
- travel).
-
- IMAP4 is designed to transmit message data on demand, and to provide
- the facilities necessary for a client to decide what data it needs at
- any particular time. There is generally no need to do a wholesale
- transfer of an entire mailbox or even of the complete text of a
- message. This makes a difference in situations where the mailbox is
- large, or when the link to the server is slow.
-
- More specifically, IMAP4 supports server-based RFC 822 and MIME
- processing. With this information, it is possible for a client to
- determine in advance whether it wishes to retrieve a particular
- message or part of a message. For example, a user connected to an
- IMAP4 server via a dialup link can determine that a message has a
- 2000 byte text segment and a 40 megabyte video segment, and elect to
- fetch only the text segment.
-
- In IMAP4, the client/server relationship lasts only for the duration
- of the TCP connection. There is no registration of clients. Except
- for any unique identifiers used in disconnected use operation, the
- client initially has no knowledge of mailbox state and learns it from
- the IMAP4 server when a mailbox is selected. This initial transfer
- is minimal; the client requests additional state data as it needs.
-
- As noted above, the choice for the location of mailbox data depends
- upon the model chosen. The location of message state (e.g. whether
- or not a message has been read or answered) is also determined by the
- model, and is not necessarily the same as the location of the mailbox
- data. For example, in the online model message state can be co-
- located with mailbox data; it can also be located elsewhere (on the
- client or on a third agent) using unique identifiers to achieve
-
-
-
-Crispin [Page 2]
-
-RFC 1733 IMAP4 - Model December 1994
-
-
- common reference across sessions. The latter is particularly useful
- with a server that exports public data such as netnews and does not
- maintain per-user state.
-
- The IMAP4 protocol provides the generality to implement these
- different models. This is done by means of server and (especially)
- client configuration, and not by requiring changes to the protocol or
- the implementation of the protocol.
-
-
-Security Considerations
-
- Security issues are not discussed in this memo.
-
-
-Author's Address:
-
- Mark R. Crispin
- Networks and Distributed Computing, JE-30
- University of Washington
- Seattle, WA 98195
-
- Phone: (206) 543-5762
-
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin [Page 3]
-
diff --git a/imap/docs/rfc/rfc2061.txt b/imap/docs/rfc/rfc2061.txt
deleted file mode 100644
index 7cb02bb2..00000000
--- a/imap/docs/rfc/rfc2061.txt
+++ /dev/null
@@ -1,171 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 2061 University of Washington
-Category: Informational December 1996
-
-
- IMAP4 COMPATIBILITY WITH IMAP2BIS
-
-Status of this Memo
-
- This memo provides information for the Internet community. This memo
- does not specify an Internet standard of any kind. Distribution of
- this memo is unlimited.
-
-Introduction
-
- The Internet Message Access Protocol (IMAP) has been through several
- revisions and variants in its 10-year history. Many of these are
- either extinct or extremely rare; in particular, several undocumented
- variants and the variants described in RFC 1064, RFC 1176, and RFC
- 1203 fall into this category.
-
- One variant, IMAP2bis, is at the time of this writing very common and
- has been widely distributed with the Pine mailer. Unfortunately,
- there is no definite document describing IMAP2bis. This document is
- intended to be read along with RFC 1176 and the most recent IMAP4
- specification (RFC 2060) to assist implementors in creating an IMAP4
- implementation to interoperate with implementations that conform to
- earlier specifications. Nothing in this document is required by the
- IMAP4 specification; implementors must decide for themselves whether
- they want their implementation to fail if it encounters old software.
-
- At the time of this writing, IMAP4 has been updated from the version
- described in RFC 1730. An implementor who wishes to interoperate
- with both RFC 1730 and RFC 2060 should refer to both documents.
-
- This information is not complete; it reflects current knowledge of
- server and client implementations as well as "folklore" acquired in
- the evolution of the protocol. It is NOT a description of how to
- interoperate with all variants of IMAP, but rather with the old
- variant that is most likely to be encountered. For detailed
- information on interoperating with other old variants, refer to RFC
- 1732.
-
-IMAP4 client interoperability with IMAP2bis servers
-
- A quick way to check whether a server implementation supports the
- IMAP4 specification is to try the CAPABILITY command. An OK response
- will indicate which variant(s) of IMAP4 are supported by the server.
-
-
-
-Crispin Informational [Page 1]
-
-RFC 2061 IMAP4 Compatibility December 1996
-
-
- If the client does not find any of its known variant in the response,
- it should treat the server as IMAP2bis. A BAD response indicates an
- IMAP2bis or older server.
-
- Most IMAP4 facilities are in IMAP2bis. The following exceptions
- exist:
-
- CAPABILITY command
- The absense of this command indicates IMAP2bis (or older).
-
- AUTHENTICATE command.
- Use the LOGIN command.
-
- LSUB, SUBSCRIBE, and UNSUBSCRIBE commands
- No direct functional equivalent. IMAP2bis had a concept
- called "bboards" which is not in IMAP4. RFC 1176 supported
- these with the BBOARD and FIND BBOARDS commands. IMAP2bis
- augmented these with the FIND ALL.BBOARDS, SUBSCRIBE BBOARD,
- and UNSUBSCRIBE BBOARD commands. It is recommended that
- none of these commands be implemented in new software,
- including servers that support old clients.
-
- LIST command
- Use the command FIND ALL.MAILBOXES, which has a similar syn-
- tax and response to the FIND MAILBOXES command described in
- RFC 1176. The FIND MAILBOXES command is unlikely to produce
- useful information.
-
- * in a sequence
- Use the number of messages in the mailbox from the EXISTS
- unsolicited response.
-
- SEARCH extensions (character set, additional criteria)
- Reformulate the search request using only the RFC 1176 syn-
- tax. This may entail doing multiple searches to achieve the
- desired results.
-
- BODYSTRUCTURE fetch data item
- Use the non-extensible BODY data item.
-
- body sections HEADER, TEXT, MIME, HEADER.FIELDS, HEADER.FIELDS.NOT
- Use body section numbers only.
-
- BODY.PEEK[section]
- Use BODY[section] and manually clear the \Seen flag as
- necessary.
-
-
-
-
-
-Crispin Informational [Page 2]
-
-RFC 2061 IMAP4 Compatibility December 1996
-
-
- FLAGS.SILENT, +FLAGS.SILENT, and -FLAGS.SILENT store data items
- Use the corresponding non-SILENT versions and ignore the
- untagged FETCH responses which come back.
-
- UID fetch data item and the UID commands
- No functional equivalent.
-
- CLOSE command
- No functional equivalent.
-
-
- In IMAP2bis, the TRYCREATE special information token is sent as a
- separate unsolicited OK response instead of inside the NO response.
-
- IMAP2bis is ambiguous about whether or not flags or internal dates
- are preserved on COPY. It is impossible to know what behavior is
- supported by the server.
-
-IMAP4 server interoperability with IMAP2bis clients
-
- The only interoperability problem between an IMAP4 server and a
- well-written IMAP2bis client is an incompatibility with the use of
- "\" in quoted strings. This is best avoided by using literals
- instead of quoted strings if "\" or <"> is embedded in the string.
-
-Security Considerations
-
- Security issues are not discussed in this memo.
-
-Author's Address
-
- Mark R. Crispin
- Networks and Distributed Computing
- University of Washington
- 4545 15th Aveneue NE
- Seattle, WA 98105-4527
-
- Phone: (206) 543-5762
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Informational [Page 3]
-
diff --git a/imap/docs/rfc/rfc2062.txt b/imap/docs/rfc/rfc2062.txt
deleted file mode 100644
index 865d1dad..00000000
--- a/imap/docs/rfc/rfc2062.txt
+++ /dev/null
@@ -1,451 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 2062 University of Washington
-Category: Informational December 1996
-
-
- Internet Message Access Protocol - Obsolete Syntax
-
-Status of this Memo
-
- This memo provides information for the Internet community. This memo
- does not specify an Internet standard of any kind. Distribution of
- this memo is unlimited.
-
-Abstract
-
- This document describes obsolete syntax which may be encountered by
- IMAP4 implementations which deal with older versions of the Internet
- Mail Access Protocol. IMAP4 implementations MAY implement this
- syntax in order to maximize interoperability with older
- implementations.
-
- This document repeats information from earlier documents, most
- notably RFC 1176 and RFC 1730.
-
-Obsolete Commands and Fetch Data Items
-
- The following commands are OBSOLETE. It is NOT required to support
- any of these commands or fetch data items in new server
- implementations. These commands are documented here for the benefit
- of implementors who may wish to support them for compatibility with
- old client implementations.
-
- The section headings of these commands are intended to correspond
- with where they would be located in the main document if they were
- not obsoleted.
-
-6.3.OBS.1. FIND ALL.MAILBOXES Command
-
- Arguments: mailbox name with possible wildcards
-
- Data: untagged responses: MAILBOX
-
- Result: OK - find completed
- NO - find failure: can't list that name
- BAD - command unknown or arguments invalid
-
-
-
-
-
-
-Crispin Informational [Page 1]
-
-RFC 2062 IMAP4 Obsolete December 1996
-
-
- The FIND ALL.MAILBOXES command returns a subset of names from the
- complete set of all names available to the user. It returns zero
- or more untagged MAILBOX replies. The mailbox argument to FIND
- ALL.MAILBOXES is similar to that for LIST with an empty reference,
- except that the characters "%" and "?" match a single character.
-
- Example: C: A002 FIND ALL.MAILBOXES *
- S: * MAILBOX blurdybloop
- S: * MAILBOX INBOX
- S: A002 OK FIND ALL.MAILBOXES completed
-
-6.3.OBS.2. FIND MAILBOXES Command
-
- Arguments: mailbox name with possible wildcards
-
- Data: untagged responses: MAILBOX
-
- Result: OK - find completed
- NO - find failure: can't list that name
- BAD - command unknown or arguments invalid
-
- The FIND MAILBOXES command returns a subset of names from the set
- of names that the user has declared as being "active" or
- "subscribed". It returns zero or more untagged MAILBOX replies.
- The mailbox argument to FIND MAILBOXES is similar to that for LSUB
- with an empty reference, except that the characters "%" and "?"
- match a single character.
-
- Example: C: A002 FIND MAILBOXES *
- S: * MAILBOX blurdybloop
- S: * MAILBOX INBOX
- S: A002 OK FIND MAILBOXES completed
-
-6.3.OBS.3. SUBSCRIBE MAILBOX Command
-
- Arguments: mailbox name
-
- Data: no specific data for this command
-
- Result: OK - subscribe completed
- NO - subscribe failure: can't subscribe to that name
- BAD - command unknown or arguments invalid
-
- The SUBSCRIBE MAILBOX command is identical in effect to the
- SUBSCRIBE command. A server which implements this command must be
- able to distinguish between a SUBSCRIBE MAILBOX command and a
- SUBSCRIBE command with a mailbox name argument of "MAILBOX".
-
-
-
-
-Crispin Informational [Page 2]
-
-RFC 2062 IMAP4 Obsolete December 1996
-
-
- Example: C: A002 SUBSCRIBE MAILBOX #news.comp.mail.mime
- S: A002 OK SUBSCRIBE MAILBOX to #news.comp.mail.mime
- completed
- C: A003 SUBSCRIBE MAILBOX
- S: A003 OK SUBSCRIBE to MAILBOX completed
-
-
-6.3.OBS.4. UNSUBSCRIBE MAILBOX Command
-
- Arguments: mailbox name
-
- Data: no specific data for this command
-
- Result: OK - unsubscribe completed
- NO - unsubscribe failure: can't unsubscribe that name
- BAD - command unknown or arguments invalid
-
- The UNSUBSCRIBE MAILBOX command is identical in effect to the
- UNSUBSCRIBE command. A server which implements this command must
- be able to distinguish between a UNSUBSCRIBE MAILBOX command and
- an UNSUBSCRIBE command with a mailbox name argument of "MAILBOX".
-
- Example: C: A002 UNSUBSCRIBE MAILBOX #news.comp.mail.mime
- S: A002 OK UNSUBSCRIBE MAILBOX from #news.comp.mail.mime
- completed
- C: A003 UNSUBSCRIBE MAILBOX
- S: A003 OK UNSUBSCRIBE from MAILBOX completed
-
-6.4.OBS.1 PARTIAL Command
-
- Arguments: message sequence number
- message data item name
- position of first octet
- number of octets
-
- Data: untagged responses: FETCH
-
- Result: OK - partial completed
- NO - partial error: can't fetch that data
- BAD - command unknown or arguments invalid
-
- The PARTIAL command is equivalent to the associated FETCH command,
- with the added functionality that only the specified number of
- octets, beginning at the specified starting octet, are returned.
- Only a single message can be fetched at a time. The first octet
- of a message, and hence the minimum for the starting octet, is
- octet 1.
-
-
-
-
-Crispin Informational [Page 3]
-
-RFC 2062 IMAP4 Obsolete December 1996
-
-
- The following FETCH items are valid data for PARTIAL: RFC822,
- RFC822.HEADER, RFC822.TEXT, BODY[<section>], as well as any .PEEK
- forms of these.
-
- Any partial fetch that attempts to read beyond the end of the text
- is truncated as appropriate. If the starting octet is beyond the
- end of the text, an empty string is returned.
-
- The data are returned with the FETCH response. There is no
- indication of the range of the partial data in this response. It
- is not possible to stream multiple PARTIAL commands of the same
- data item without processing and synchronizing at each step, since
- streamed commands may be executed out of order.
-
- There is no requirement that partial fetches follow any sequence.
- For example, if a partial fetch of octets 1 through 10000 breaks
- in an awkward place for BASE64 decoding, it is permitted to
- continue with a partial fetch of 9987 through 19987, etc.
-
- The handling of the \Seen flag is the same as in the associated
- FETCH command.
-
- Example: C: A005 PARTIAL 4 RFC822 1 1024
- S: * 1 FETCH (RFC822 {1024}
- S: Return-Path: <gray@cac.washington.edu>
- S: ...
- S: ......... FLAGS (\Seen))
- S: A005 OK PARTIAL completed
-
-6.4.5.OBS.1 Obsolete FETCH Data Items
-
- The following FETCH data items are obsolete:
-
- BODY[<...>0] A body part number of 0 is the [RFC-822] header of
- the message. BODY[0] is functionally equivalent to
- BODY[HEADER], differing in the syntax of the
- resulting untagged FETCH data (BODY[0] is
- returned).
-
- RFC822.HEADER.LINES <header_list>
- Functionally equivalent to BODY.PEEK[HEADER.LINES
- <header_list>], differing in the syntax of the
- resulting untagged FETCH data (RFC822.HEADER is
- returned).
-
-
-
-
-
-
-
-Crispin Informational [Page 4]
-
-RFC 2062 IMAP4 Obsolete December 1996
-
-
- RFC822.HEADER.LINES.NOT <header_list>
- Functionally equivalent to
- BODY.PEEK[HEADER.LINES.NOT <header_list>],
- differing in the syntax of the resulting untagged
- FETCH data (RFC822.HEADER is returned).
-
- RFC822.PEEK Functionally equivalent to BODY.PEEK[], except for
- the syntax of the resulting untagged FETCH data
- (RFC822 is returned).
-
- RFC822.TEXT.PEEK
- Functionally equivalent to BODY.PEEK[TEXT], except
- for the syntax of the resulting untagged FETCH data
- (RFC822.TEXT is returned).
-
-Obsolete Responses
-
- The following responses are OBSOLETE. Except as noted below, these
- responses MUST NOT be transmitted by new server implementations.
- Client implementations SHOULD accept these responses.
-
- The section headings of these responses are intended to correspond
- with where they would be located in the main document if they were
- not obsoleted.
-
-7.2.OBS.1. MAILBOX Response
-
- Data: name
-
- The MAILBOX response MUST NOT be transmitted by server
- implementations except in response to the obsolete FIND MAILBOXES
- and FIND ALL.MAILBOXES commands. Client implementations that do
- not use these commands MAY ignore this response. It is documented
- here for the benefit of implementors who may wish to support it
- for compatibility with old client implementations.
-
- This response occurs as a result of the FIND MAILBOXES and FIND
- ALL.MAILBOXES commands. It returns a single name that matches the
- FIND specification. There are no attributes or hierarchy
- delimiter.
-
- Example: S: * MAILBOX blurdybloop
-
-
-
-
-
-
-
-
-
-Crispin Informational [Page 5]
-
-RFC 2062 IMAP4 Obsolete December 1996
-
-
-7.3.OBS.1. COPY Response
-
- Data: none
-
- The COPY response MUST NOT be transmitted by new server
- implementations. Client implementations MUST ignore the COPY
- response. It is documented here for the benefit of client
- implementors who may encounter this response from old server
- implementations.
-
- In some experimental versions of this protocol, this response was
- returned in response to a COPY command to indicate on a
- per-message basis that the message was copied successfully.
-
- Example: S: * 44 COPY
-
-7.3.OBS.2. STORE Response
-
- Data: message data
-
- The STORE response MUST NOT be transmitted by new server
- implementations. Client implementations MUST treat the STORE
- response as equivalent to the FETCH response. It is documented
- here for the benefit of client implementors who may encounter this
- response from old server implementations.
-
- In some experimental versions of this protocol, this response was
- returned instead of FETCH in response to a STORE command to report
- the new value of the flags.
-
- Example: S: * 69 STORE (FLAGS (\Deleted))
-
-Formal Syntax of Obsolete Commands and Responses
-
- Each obsolete syntax rule that is suffixed with "_old" is added to
- the corresponding name in the formal syntax. For example,
- command_auth_old adds the FIND command to command_auth.
-
- command_auth_old ::= find
-
- command_select_old
- ::= partial
-
- date_year_old ::= 2digit
- ;; (year - 1900)
-
- date_time_old ::= <"> date_day_fixed "-" date_month "-" date_year
- SPACE time "-" zone_name <">
-
-
-
-Crispin Informational [Page 6]
-
-RFC 2062 IMAP4 Obsolete December 1996
-
-
- find ::= "FIND" SPACE ["ALL."] "MAILBOXES" SPACE
- list_mailbox
-
- fetch_att_old ::= "RFC822.HEADER.LINES" [".NOT"] SPACE header_list /
- fetch_text_old
-
- fetch_text_old ::= "BODY" [".PEEK"] section_old /
- "RFC822" [".HEADER" / ".TEXT" [".PEEK"]]
-
- msg_data_old ::= "COPY" / ("STORE" SPACE msg_att)
-
- partial ::= "PARTIAL" SPACE nz_number SPACE fetch_text_old SPACE
- number SPACE number
-
- section_old ::= "[" (number ["." number]) "]"
-
- subscribe_old ::= "SUBSCRIBE" SPACE "MAILBOX" SPACE mailbox
-
- unsubscribe_old ::= "UNSUBSCRIBE" SPACE "MAILBOX" SPACE mailbox
-
- zone_name ::= "UT" / "GMT" / "Z" / ;; +0000
- "AST" / "EDT" / ;; -0400
- "EST" / "CDT" / ;; -0500
- "CST" / "MDT" / ;; -0600
- "MST" / "PDT" / ;; -0700
- "PST" / "YDT" / ;; -0800
- "YST" / "HDT" / ;; -0900
- "HST" / "BDT" / ;; -1000
- "BST" / ;; -1100
- "A" / "B" / "C" / "D" / "E" / "F" / ;; +1 to +6
- "G" / "H" / "I" / "K" / "L" / "M" / ;; +7 to +12
- "N" / "O" / "P" / "Q" / "R" / "S" / ;; -1 to -6
- "T" / "U" / "V" / "W" / "X" / "Y" ;; -7 to -12
-
-Security Considerations
-
- Security issues are not discussed in this memo.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Informational [Page 7]
-
-RFC 2062 IMAP4 Obsolete December 1996
-
-
-Author's Address
-
- Mark R. Crispin
- Networks and Distributed Computing
- University of Washington
- 4545 15th Aveneue NE
- Seattle, WA 98105-4527
-
- Phone: (206) 543-5762
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Informational [Page 8]
-
diff --git a/imap/docs/rfc/rfc2087.txt b/imap/docs/rfc/rfc2087.txt
deleted file mode 100644
index 1db5b57b..00000000
--- a/imap/docs/rfc/rfc2087.txt
+++ /dev/null
@@ -1,283 +0,0 @@
-
-
-
-
-
-
-Network Working Group J. Myers
-Request for Comments: 2087 Carnegie Mellon
-Category: Standards Track January 1997
-
-
- IMAP4 QUOTA extension
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-1. Abstract
-
- The QUOTA extension of the Internet Message Access Protocol [IMAP4]
- permits administrative limits on resource usage (quotas) to be
- manipulated through the IMAP protocol.
-
-Table of Contents
-
- 1. Abstract........................................... 1
- 2. Conventions Used in this Document.................. 1
- 3. Introduction and Overview.......................... 2
- 4. Commands........................................... 2
- 4.1. SETQUOTA Command................................... 2
- 4.2. GETQUOTA Command................................... 2
- 4.3. GETQUOTAROOT Command............................... 3
- 5. Responses.......................................... 3
- 5.1. QUOTA Response..................................... 3
- 5.2. QUOTAROOT Response................................. 4
- 6. Formal syntax...................................... 4
- 7. References......................................... 5
- 8. Security Considerations............................ 5
- 9. Author's Address................................... 5
-
-
-2. Conventions Used in this Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
-
-
-
-
-
-
-
-Myers Standards Track [Page 1]
-
-RFC 2087 QUOTA January 1997
-
-
-3. Introduction and Overview
-
- The QUOTA extension is present in any IMAP4 implementation which
- returns "QUOTA" as one of the supported capabilities to the
- CAPABILITY command.
-
- An IMAP4 server which supports the QUOTA capability may support
- limits on any number of resources. Each resource has an atom name
- and an implementation-defined interpretation which evaluates to an
- integer. Examples of such resources are:
-
- Name Interpretation
-
- STORAGE Sum of messages' RFC822.SIZE, in units of 1024 octets
- MESSAGE Number of messages
-
-
- Each mailbox has zero or more implementation-defined named "quota
- roots". Each quota root has zero or more resource limits. All
- mailboxes that share the same named quota root share the resource
- limits of the quota root.
-
- Quota root names do not necessarily have to match the names of
- existing mailboxes.
-
-4. Commands
-
-4.1. SETQUOTA Command
-
- Arguments: quota root
- list of resource limits
-
- Data: untagged responses: QUOTA
-
- Result: OK - setquota completed
- NO - setquota error: can't set that data
- BAD - command unknown or arguments invalid
-
- The SETQUOTA command takes the name of a mailbox quota root and a
- list of resource limits. The resource limits for the named quota root
- are changed to be the specified limits. Any previous resource limits
- for the named quota root are discarded.
-
- If the named quota root did not previously exist, an implementation
- may optionally create it and change the quota roots for any number of
- existing mailboxes in an implementation-defined manner.
-
-
-
-
-
-Myers Standards Track [Page 2]
-
-RFC 2087 QUOTA January 1997
-
-
- Example: C: A001 SETQUOTA "" (STORAGE 512)
- S: * QUOTA "" (STORAGE 10 512)
- S: A001 OK Setquota completed
-
-4.2. GETQUOTA Command
-
- Arguments: quota root
-
- Data: untagged responses: QUOTA
-
- Result: OK - getquota completed
- NO - getquota error: no such quota root, permission
- denied
- BAD - command unknown or arguments invalid
-
- The GETQUOTA command takes the name of a quota root and returns the
- quota root's resource usage and limits in an untagged QUOTA response.
-
- Example: C: A003 GETQUOTA ""
- S: * QUOTA "" (STORAGE 10 512)
- S: A003 OK Getquota completed
-
-4.3. GETQUOTAROOT Command
-
- Arguments: mailbox name
-
- Data: untagged responses: QUOTAROOT, QUOTA
-
- Result: OK - getquota completed
- NO - getquota error: no such mailbox, permission denied
- BAD - command unknown or arguments invalid
-
- The GETQUOTAROOT command takes the name of a mailbox and returns the
- list of quota roots for the mailbox in an untagged QUOTAROOT
- response. For each listed quota root, it also returns the quota
- root's resource usage and limits in an untagged QUOTA response.
-
- Example: C: A003 GETQUOTAROOT INBOX
- S: * QUOTAROOT INBOX ""
- S: * QUOTA "" (STORAGE 10 512)
- S: A003 OK Getquota completed
-
-
-
-
-
-
-
-
-
-
-Myers Standards Track [Page 3]
-
-RFC 2087 QUOTA January 1997
-
-
-5. Responses
-
-5.1. QUOTA Response
-
- Data: quota root name
- list of resource names, usages, and limits
-
- This response occurs as a result of a GETQUOTA or GETQUOTAROOT
- command. The first string is the name of the quota root for which
- this quota applies.
-
- The name is followed by a S-expression format list of the resource
- usage and limits of the quota root. The list contains zero or
- more triplets. Each triplet conatins a resource name, the current
- usage of the resource, and the resource limit.
-
- Resources not named in the list are not limited in the quota root.
- Thus, an empty list means there are no administrative resource
- limits in the quota root.
-
- Example: S: * QUOTA "" (STORAGE 10 512)
-
-5.2. QUOTAROOT Response
-
- Data: mailbox name
- zero or more quota root names
-
- This response occurs as a result of a GETQUOTAROOT command. The
- first string is the mailbox and the remaining strings are the
- names of the quota roots for the mailbox.
-
- Example: S: * QUOTAROOT INBOX ""
- S: * QUOTAROOT comp.mail.mime
-
-6. Formal syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) notation as specified in RFC 822 with one exception; the
- delimiter used with the "#" construct is a single space (SP) and not
- one or more commas.
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lower case characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
-
-
-
-
-
-Myers Standards Track [Page 4]
-
-RFC 2087 QUOTA January 1997
-
-
- getquota ::= "GETQUOTA" SP astring
-
- getquotaroot ::= "GETQUOTAROOT" SP astring
-
- quota_list ::= "(" #quota_resource ")"
-
- quota_resource ::= atom SP number SP number
-
- quota_response ::= "QUOTA" SP astring SP quota_list
-
- quotaroot_response
- ::= "QUOTAROOT" SP astring *(SP astring)
-
- setquota ::= "SETQUOTA" SP astring SP setquota_list
-
- setquota_list ::= "(" 0#setquota_resource ")"
-
- setquota_resource ::= atom SP number
-
-7. References
-
- [IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4",
- RFC 1730, University of Washington, December 1994.
-
- [RFC-822] Crocker, D., "Standard for the Format of ARPA Internet
- Text Messages", STD 11, RFC 822.
-
-8. Security Considerations
-
- Implementors should be careful to make sure the implementation of
- these commands does not violate the site's security policy. The
- resource usage of other users is likely to be considered confidential
- information and should not be divulged to unauthorized persons.
-
-9. Author's Address
-
- John G. Myers
- Carnegie-Mellon University
- 5000 Forbes Ave.
- Pittsburgh PA, 15213-3890
-
- EMail: jgm+@cmu.edu
-
-
-
-
-
-
-
-
-
-Myers Standards Track [Page 5]
-
diff --git a/imap/docs/rfc/rfc2088.txt b/imap/docs/rfc/rfc2088.txt
deleted file mode 100644
index f36cc764..00000000
--- a/imap/docs/rfc/rfc2088.txt
+++ /dev/null
@@ -1,115 +0,0 @@
-
-
-
-
-
-
-Network Working Group J. Myers
-Request for Comments: 2088 Carnegie Mellon
-Cateogry: Standards Track January 1997
-
-
- IMAP4 non-synchronizing literals
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-1. Abstract
-
- The Internet Message Access Protocol [IMAP4] contains the "literal"
- syntactic construct for communicating strings. When sending a
- literal from client to server, IMAP4 requires the client to wait for
- the server to send a command continuation request between sending the
- octet count and the string data. This document specifies an
- alternate form of literal which does not require this network round
- trip.
-
-2. Conventions Used in this Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
-3. Specification
-
- The non-synchronizing literal is added an alternate form of literal,
- and may appear in communication from client to server instead of the
- IMAP4 form of literal. The IMAP4 form of literal, used in
- communication from client to server, is referred to as a
- synchronizing literal.
-
- Non-synchronizing literals may be used with any IMAP4 server
- implementation which returns "LITERAL+" as one of the supported
- capabilities to the CAPABILITY command. If the server does not
- advertise the LITERAL+ capability, the client must use synchronizing
- literals instead.
-
- The non-synchronizing literal is distinguished from the original
- synchronizing literal by having a plus ('+') between the octet count
- and the closing brace ('}'). The server does not generate a command
- continuation request in response to a non-synchronizing literal, and
-
-
-
-Myers Standards Track [Page 1]
-
-RFC 2088 LITERAL January 1997
-
-
- clients are not required to wait before sending the octets of a non-
- synchronizing literal.
-
- The protocol receiver of an IMAP4 server must check the end of every
- received line for an open brace ('{') followed by an octet count, a
- plus ('+'), and a close brace ('}') immediately preceeding the CRLF.
- If it finds this sequence, it is the octet count of a non-
- synchronizing literal and the server MUST treat the specified number
- of following octets and the following line as part of the same
- command. A server MAY still process commands and reject errors on a
- line-by-line basis, as long as it checks for non-synchronizing
- literals at the end of each line.
-
- Example: C: A001 LOGIN {11+}
- C: FRED FOOBAR {7+}
- C: fat man
- S: A001 OK LOGIN completed
-
-4. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) notation as specified in [RFC-822] as modified by [IMAP4].
- Non-terminals referenced but not defined below are as defined by
- [IMAP4].
-
- literal ::= "{" number ["+"] "}" CRLF *CHAR8
- ;; Number represents the number of CHAR8 octets
-
-6. References
-
- [IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4",
- draft-crispin-imap-base-XX.txt, University of Washington, April 1996.
-
- [RFC-822] Crocker, D., "Standard for the Format of ARPA Internet Text
- Messages", STD 11, RFC 822.
-
-7. Security Considerations
-
- There are no known security issues with this extension.
-
-8. Author's Address
-
- John G. Myers
- Carnegie-Mellon University
- 5000 Forbes Ave.
- Pittsburgh PA, 15213-3890
-
- Email: jgm+@cmu.edu
-
-
-
-Myers Standards Track [Page 2]
-
diff --git a/imap/docs/rfc/rfc2177.txt b/imap/docs/rfc/rfc2177.txt
deleted file mode 100644
index c11c7654..00000000
--- a/imap/docs/rfc/rfc2177.txt
+++ /dev/null
@@ -1,227 +0,0 @@
-
-
-
-
-
-
-Network Working Group B. Leiba
-Request for Comments: 2177 IBM T.J. Watson Research Center
-Category: Standards Track June 1997
-
-
- IMAP4 IDLE command
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-1. Abstract
-
- The Internet Message Access Protocol [IMAP4] requires a client to
- poll the server for changes to the selected mailbox (new mail,
- deletions). It's often more desirable to have the server transmit
- updates to the client in real time. This allows a user to see new
- mail immediately. It also helps some real-time applications based on
- IMAP, which might otherwise need to poll extremely often (such as
- every few seconds). (While the spec actually does allow a server to
- push EXISTS responses aysynchronously, a client can't expect this
- behaviour and must poll.)
-
- This document specifies the syntax of an IDLE command, which will
- allow a client to tell the server that it's ready to accept such
- real-time updates.
-
-2. Conventions Used in this Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
- The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
- in this document are to be interpreted as described in RFC 2060
- [IMAP4].
-
-3. Specification
-
- IDLE Command
-
- Arguments: none
-
- Responses: continuation data will be requested; the client sends
- the continuation data "DONE" to end the command
-
-
-
-Leiba Standards Track [Page 1]
-
-RFC 2177 IMAP4 IDLE command June 1997
-
-
-
- Result: OK - IDLE completed after client sent "DONE"
- NO - failure: the server will not allow the IDLE
- command at this time
- BAD - command unknown or arguments invalid
-
- The IDLE command may be used with any IMAP4 server implementation
- that returns "IDLE" as one of the supported capabilities to the
- CAPABILITY command. If the server does not advertise the IDLE
- capability, the client MUST NOT use the IDLE command and must poll
- for mailbox updates. In particular, the client MUST continue to be
- able to accept unsolicited untagged responses to ANY command, as
- specified in the base IMAP specification.
-
- The IDLE command is sent from the client to the server when the
- client is ready to accept unsolicited mailbox update messages. The
- server requests a response to the IDLE command using the continuation
- ("+") response. The IDLE command remains active until the client
- responds to the continuation, and as long as an IDLE command is
- active, the server is now free to send untagged EXISTS, EXPUNGE, and
- other messages at any time.
-
- The IDLE command is terminated by the receipt of a "DONE"
- continuation from the client; such response satisfies the server's
- continuation request. At that point, the server MAY send any
- remaining queued untagged responses and then MUST immediately send
- the tagged response to the IDLE command and prepare to process other
- commands. As in the base specification, the processing of any new
- command may cause the sending of unsolicited untagged responses,
- subject to the ambiguity limitations. The client MUST NOT send a
- command while the server is waiting for the DONE, since the server
- will not be able to distinguish a command from a continuation.
-
- The server MAY consider a client inactive if it has an IDLE command
- running, and if such a server has an inactivity timeout it MAY log
- the client off implicitly at the end of its timeout period. Because
- of that, clients using IDLE are advised to terminate the IDLE and
- re-issue it at least every 29 minutes to avoid being logged off.
- This still allows a client to receive immediate mailbox updates even
- though it need only "poll" at half hour intervals.
-
-
-
-
-
-
-
-
-
-
-
-Leiba Standards Track [Page 2]
-
-RFC 2177 IMAP4 IDLE command June 1997
-
-
- Example: C: A001 SELECT INBOX
- S: * FLAGS (Deleted Seen)
- S: * 3 EXISTS
- S: * 0 RECENT
- S: * OK [UIDVALIDITY 1]
- S: A001 OK SELECT completed
- C: A002 IDLE
- S: + idling
- ...time passes; new mail arrives...
- S: * 4 EXISTS
- C: DONE
- S: A002 OK IDLE terminated
- ...another client expunges message 2 now...
- C: A003 FETCH 4 ALL
- S: * 4 FETCH (...)
- S: A003 OK FETCH completed
- C: A004 IDLE
- S: * 2 EXPUNGE
- S: * 3 EXISTS
- S: + idling
- ...time passes; another client expunges message 3...
- S: * 3 EXPUNGE
- S: * 2 EXISTS
- ...time passes; new mail arrives...
- S: * 3 EXISTS
- C: DONE
- S: A004 OK IDLE terminated
- C: A005 FETCH 3 ALL
- S: * 3 FETCH (...)
- S: A005 OK FETCH completed
- C: A006 IDLE
-
-4. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) notation as specified in [RFC-822] as modified by [IMAP4].
- Non-terminals referenced but not defined below are as defined by
- [IMAP4].
-
- command_auth ::= append / create / delete / examine / list / lsub /
- rename / select / status / subscribe / unsubscribe
- / idle
- ;; Valid only in Authenticated or Selected state
-
- idle ::= "IDLE" CRLF "DONE"
-
-
-
-
-
-
-Leiba Standards Track [Page 3]
-
-RFC 2177 IMAP4 IDLE command June 1997
-
-
-5. References
-
- [IMAP4] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, December 1996.
-
-6. Security Considerations
-
- There are no known security issues with this extension.
-
-7. Author's Address
-
- Barry Leiba
- IBM T.J. Watson Research Center
- 30 Saw Mill River Road
- Hawthorne, NY 10532
-
- Email: leiba@watson.ibm.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Leiba Standards Track [Page 4]
-
diff --git a/imap/docs/rfc/rfc2180.txt b/imap/docs/rfc/rfc2180.txt
deleted file mode 100644
index 57607002..00000000
--- a/imap/docs/rfc/rfc2180.txt
+++ /dev/null
@@ -1,787 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Gahrns
-Request for Comments: 2180 Microsoft
-Category: Informational July 1997
-
-
- IMAP4 Multi-Accessed Mailbox Practice
-
-Status of this Memo
-
- This memo provides information for the Internet community. This memo
- does not specify an Internet standard of any kind. Distribution of
- this memo is unlimited.
-
-1. Abstract
-
- IMAP4[RFC-2060] is rich client/server protocol that allows a client
- to access and manipulate electronic mail messages on a server.
- Within the protocol framework, it is possible to have differing
- results for particular client/server interactions. If a protocol does
- not allow for this, it is often unduly restrictive.
-
- For example, when multiple clients are accessing a mailbox and one
- attempts to delete the mailbox, an IMAP4 server may choose to
- implement a solution based upon server architectural constraints or
- individual preference.
-
- With this flexibility comes greater client responsibility. It is not
- sufficient for a client to be written based upon the behavior of a
- particular IMAP server. Rather the client must be based upon the
- behavior allowed by the protocol.
-
- By documenting common IMAP4 server practice for the case of
- simultaneous client access to a mailbox, we hope to ensure the widest
- amount of inter-operation between IMAP4 clients and servers.
-
- The behavior described in this document reflects the practice of some
- existing servers or behavior that the consensus of the IMAP mailing
- list has deemed to be reasonable. The behavior described within this
- document is believed to be [RFC-2060] compliant. However, this
- document is not meant to define IMAP4 compliance, nor is it an
- exhaustive list of valid IMAP4 behavior. [RFC-2060] must always be
- consulted to determine IMAP4 compliance, especially for server
- behavior not described within this document.
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 1]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-2. Conventions used in this document
-
- In examples,"C1:", "C2:" and "C3:" indicate lines sent by 3 different
- clients (client #1, client #2 and client #3) that are connected to a
- server. "S1:", "S2:" and "S3:" indicated lines sent by the server to
- client #1, client #2 and client #3 respectively.
-
- A shared mailbox, is a mailbox that can be used by multiple users.
-
- A multi-accessed mailbox, is a mailbox that has multiple clients
- simultaneously accessing it.
-
- A client is said to have accessed a mailbox after a successful SELECT
- or EXAMINE command.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC-2119].
-
-
-3. Deletion/Renaming of a multi-accessed mailbox
-
- If an external agent or multiple clients are accessing a mailbox,
- care must be taken when handling the deletion or renaming of the
- mailbox. Following are some strategies an IMAP server may choose to
- use when dealing with this situation.
-
-
-3.1. The server MAY fail the DELETE/RENAME command of a multi-accessed
- mailbox
-
- In some cases, this behavior may not be practical. For example, if a
- large number of clients are accessing a shared mailbox, the window in
- which no clients have the mailbox accessed may be small or non-
- existent, effectively rendering the mailbox undeletable or
- unrenamable.
-
- Example:
-
- <Client #1 and Client #2 have mailbox FOO accessed. Client #1 tries
- to DELETE the mailbox and is refused>
-
- C1: A001 DELETE FOO
- S1: A001 NO Mailbox FOO is in use by another user.
-
-
-
-
-
-
-
-Gahrns Informational [Page 2]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-3.2. The server MAY allow the DELETE command of a multi-accessed
- mailbox, but keep the information in the mailbox available for
- those clients that currently have access to the mailbox.
-
- When all clients have finished accessing the mailbox, it is
- permanently removed. For clients that do not already have access to
- the mailbox, the 'ghosted' mailbox would not be available. For
- example, it would not be returned to these clients in a subsequent
- LIST or LSUB command and would not be a valid mailbox argument to any
- other IMAP command until the reference count of clients accessing the
- mailbox reached 0.
-
- In some cases, this behavior may not be desirable. For example if
- someone created a mailbox with offensive or sensitive information,
- one might prefer to have the mailbox deleted and all access to the
- information contained within removed immediately, rather than
- continuing to allow access until the client closes the mailbox.
-
- Furthermore, this behavior, may prevent 'recycling' of the same
- mailbox name until all clients have finished accessing the original
- mailbox.
-
- Example:
-
- <Client #1 and Client #2 have mailbox FOO selected. Client #1 DELETEs
- mailbox FOO>
-
- C1: A001 DELETE FOO
- S1: A001 OK Mailbox FOO is deleted.
-
- <Client #2 is still able to operate on the deleted mailbox>
-
- C2: B001 STORE 1 +FLAGS (\Seen)
- S2: * 1 FETCH FLAGS (\Seen)
- S2: B001 OK STORE completed
-
- <Client #3 which did not have access to the mailbox prior to the
- deletion by client #1 does not have access to the mailbox>
-
- C3: C001 STATUS FOO (MESSAGES)
- S3: C001 NO Mailbox does not exist
-
- <Nor is client #3 able to create a mailbox with the name FOO, while
- the reference count is non zero>
-
- C3: C002 CREATE FOO
- S3: C002 NO Mailbox FOO is still in use. Try again later.
-
-
-
-
-Gahrns Informational [Page 3]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
- <Client #2 closes its access to the mailbox, no other clients have
- access to the mailbox FOO and reference count becomes 0>
-
- C2: B002 CLOSE
- S2: B002 OK CLOSE Completed
-
- <Now that the reference count on FOO has reached 0, the mailbox name
- can be recycled>
-
- C3: C003 CREATE FOO
- S3: C003 OK CREATE Completed
-
-
-3.3. The server MAY allow the DELETE/RENAME of a multi-accessed
- mailbox, but disconnect all other clients who have the mailbox
- accessed by sending a untagged BYE response.
-
- A server may often choose to disconnect clients in the DELETE case,
- but may choose to implement a "friendlier" method for the RENAME
- case.
-
- Example:
-
- <Client #1 and Client #2 have mailbox FOO accessed. Client #1 DELETEs
- the mailbox FOO>
-
- C1: A002 DELETE FOO
- S1: A002 OK DELETE completed.
-
- <Server disconnects all other users of the mailbox>
- S2: * BYE Mailbox FOO has been deleted.
-
-
-3.4. The server MAY allow the RENAME of a multi-accessed mailbox by
- simply changing the name attribute on the mailbox.
-
- Other clients that have access to the mailbox can continue issuing
- commands such as FETCH that do not reference the mailbox name.
- Clients would discover the renaming the next time they referred to
- the old mailbox name. Some servers MAY choose to include the
- [NEWNAME] response code in their tagged NO response to a command that
- contained the old mailbox name, as a hint to the client that the
- operation can succeed if the command is issued with the new mailbox
- name.
-
-
-
-
-
-
-
-Gahrns Informational [Page 4]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
- Example:
-
- <Client #1 and Client #2 have mailbox FOO accessed. Client #1 RENAMEs
- the mailbox.>
-
- C1: A001 RENAME FOO BAR
- S1: A001 OK RENAME completed.
-
- <Client #2 is still able to do operations that do not reference the
- mailbox name>
-
- C2: B001 FETCH 2:4 (FLAGS)
- S2: * 2 FETCH . . .
- S2: * 3 FETCH . . .
- S2: * 4 FETCH . . .
- S2: B001 OK FETCH completed
-
- <Client #2 is not able to do operations that reference the mailbox
- name>
-
- C2: B002 APPEND FOO {300} C2: Date: Mon, 7 Feb 1994
- 21:52:25 0800 (PST) C2: . . . S2: B002 NO [NEWNAME FOO
- BAR] Mailbox has been renamed
-
-
-4. Expunging of messages on a multi-accessed mailbox
-
- If an external agent or multiple clients are accessing a mailbox,
- care must be taken when handling the EXPUNGE of messages. Other
- clients accessing the mailbox may be in the midst of issuing a
- command that depends upon message sequence numbers. Because an
- EXPUNGE response can not be sent while responding to a FETCH, STORE
- or SEARCH command, it is not possible to immediately notify the
- client of the EXPUNGE. This can result in ambiguity if the client
- issues a FETCH, STORE or SEARCH operation on a message that has been
- EXPUNGED.
-
-
-4.1. Fetching of expunged messages
-
- Following are some strategies an IMAP server may choose to use when
- dealing with a FETCH command on expunged messages.
-
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 5]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
- Consider the following scenario:
-
- - Client #1 and Client #2 have mailbox FOO selected.
- - There are 7 messages in the mailbox.
- - Messages 4:7 are marked for deletion.
- - Client #1 issues an EXPUNGE, to expunge messages 4:7
-
-
-4.1.1. The server MAY allow the EXPUNGE of a multi-accessed mailbox but
- keep the messages available to satisfy subsequent FETCH commands
- until it is able to send an EXPUNGE response to each client.
-
- In some cases, the behavior of keeping "ghosted" messages may not be
- desirable. For example if a message contained offensive or sensitive
- information, one might prefer to instantaneously remove all access to
- the information, regardless of whether another client is in the midst
- of accessing it.
-
- Example: (Building upon the scenario outlined in 4.1.)
-
- <Client #2 is still able to access the expunged messages because the
- server has kept a 'ghosted' copy of the messages until it is able to
- notify client #2 of the EXPUNGE>
-
- C2: B001 FETCH 4:7 RFC822
- S2: * 4 FETCH RFC822 . . . (RFC822 info returned)
- S2: * 5 FETCH RFC822 . . . (RFC822 info returned)
- S2: * 6 FETCH RFC822 . . . (RFC822 info returned)
- S2: * 7 FETCH RFC822 . . . (RFC822 info returned)
- S2: B001 OK FETCH Completed
-
- <Client #2 issues a command where it can get notified of the EXPUNGE>
-
- C2: B002 NOOP
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 3 EXISTS
- S2: B002 OK NOOP Complete
-
- <Client #2 no longer has access to the expunged messages>
-
- C2: B003 FETCH 4:7 RFC822
- S2: B003 NO Messages 4:7 are no longer available.
-
-
-
-
-
-
-Gahrns Informational [Page 6]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-4.1.2 The server MAY allow the EXPUNGE of a multi-accessed mailbox,
- and on subsequent FETCH commands return FETCH responses only for
- non-expunged messages and a tagged NO.
-
- After receiving a tagged NO FETCH response, the client SHOULD issue a
- NOOP command so that it will be informed of any pending EXPUNGE
- responses. The client may then either reissue the failed FETCH
- command, or by examining the EXPUNGE response from the NOOP and the
- FETCH response from the FETCH, determine that the FETCH failed
- because of pending expunges.
-
- Example: (Building upon the scenario outlined in 4.1.)
-
- <Client #2 attempts to FETCH a mix of expunged and non-expunged
- messages. A FETCH response is returned only for then non-expunged
- messages along with a tagged NO>
-
- C2: B001 FETCH 3:5 ENVELOPE
- S2: * 3 FETCH ENVELOPE . . . (ENVELOPE info returned)
- S2: B001 NO Some of the requested messages no longer exist
-
- <Upon receiving a tagged NO FETCH response, Client #2 issues a NOOP
- to be informed of any pending EXPUNGE responses>
-
- C2: B002 NOOP
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 3 EXISTS
- S2: B002 OK NOOP Completed.
-
- <By receiving a FETCH response for message 3, and an EXPUNGE response
- that indicates messages 4:7 have been expunged, the client does not
- need to re-issue the FETCH>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 7]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-4.1.3 The server MAY allow the EXPUNGE of a multi-accessed mailbox, and
- on subsequent FETCH commands return the usual FETCH responses for
- non-expunged messages, "NIL FETCH Responses" for expunged
- messages, and a tagged OK response.
-
- If all of the messages in the subsequent FETCH command have been
- expunged, the server SHOULD return only a tagged NO. In this case,
- the client SHOULD issue a NOOP command so that it will be informed of
- any pending EXPUNGE responses. The client may then either reissue
- the failed FETCH command, or by examining the EXPUNGE response from
- the NOOP, determine that the FETCH failed because of pending
- expunges.
-
- "NIL FETCH responses" are a representation of empty data as
- appropriate for the FETCH argument specified.
-
- Example:
-
- * 1 FETCH (ENVELOPE (NIL NIL NIL NIL NIL NIL NIL NIL NIL NIL))
- * 1 FETCH (FLAGS ())
- * 1 FETCH (INTERNALDATE "00-Jan-0000 00:00:00 +0000")
- * 1 FETCH (RFC822 "")
- * 1 FETCH (RFC822.HEADER "")
- * 1 FETCH (RFC822.TEXT "")
- * 1 FETCH (RFC822.SIZE 0)
- * 1 FETCH (BODY ("TEXT" "PLAIN" NIL NIL NIL "7BIT" 0 0)
- * 1 FETCH (BODYSTRUCTURE ("TEXT" "PLAIN" NIL NIL NIL "7BIT" 0 0)
- * 1 FETCH (BODY[<section>] "")
- * 1 FETCH (BODY[<section>]<partial> "")
-
- In some cases, a client may not be able to distinguish between "NIL
- FETCH responses" received because a message was expunged and those
- received because the data actually was NIL. For example, a * 5
- FETCH (FLAGS ()) response could be received if no flags were set on
- message 5, or because message 5 was expunged. In a case of potential
- ambiguity, the client SHOULD issue a command such as NOOP to force
- the sending of the EXPUNGE responses to resolve any ambiguity.
-
- Example: (Building upon the scenario outlined in 4.1.)
-
- <Client #2 attempts to access a mix of expunged and non-expunged
- messages. Normal data is returned for non-expunged message, "NIL
- FETCH responses" are returned for expunged messages>
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 8]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
- C2: B002 FETCH 3:5 ENVELOPE
- S2: * 3 FETCH ENVELOPE . . . (ENVELOPE info returned)
- S2: * 4 FETCH ENVELOPE (NIL NIL NIL NIL NIL NIL NIL NIL
- NIL NIL)
- S2: * 5 FETCH ENVELOPE (NIL NIL NIL NIL NIL NIL NIL NIL
- NIL NIL)
- S2: B002 OK FETCH Completed
-
- <Client #2 attempts to FETCH only expunged messages and receives a
- tagged NO response>
-
- C2: B002 FETCH 4:7 ENVELOPE
- S2: B002 NO Messages 4:7 have been expunged.
-
-
-4.1.4 To avoid the situation altogether, the server MAY fail the
- EXPUNGE of a multi-accessed mailbox
-
- In some cases, this behavior may not be practical. For example, if a
- large number of clients are accessing a shared mailbox, the window in
- which no clients have the mailbox accessed may be small or non-
- existent, effectively rendering the message unexpungeable.
-
-
-4.2. Storing of expunged messages
-
- Following are some strategies an IMAP server may choose to use when
- dealing with a STORE command on expunged messages.
-
-
-4.2.1 If the ".SILENT" suffix is used, and the STORE completed
- successfully for all the non-expunged messages, the server SHOULD
- return a tagged OK.
-
- Example: (Building upon the scenario outlined in 4.1.)
-
- <Client #2 tries to silently STORE flags on expunged and non-
- expunged messages. The server sets the flags on the non-expunged
- messages and returns OK>
-
- C2: B001 STORE 1:7 +FLAGS.SILENT (\SEEN)
- S2: B001 OK
-
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 9]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-4.2.2. If the ".SILENT" suffix is not used, and only expunged messages
- are referenced, the server SHOULD return only a tagged NO.
-
- Example: (Building upon the scenario outlined in 4.1.)
-
- <Client #2 tries to STORE flags only on expunged messages>
-
- C2: B001 STORE 5:7 +FLAGS (\SEEN)
- S2: B001 NO Messages have been expunged
-
-
-4.2.3. If the ".SILENT" suffix is not used, and a mixture of expunged
- and non-expunged messages are referenced, the server MAY set the
- flags and return a FETCH response for the non-expunged messages
- along with a tagged NO.
-
- After receiving a tagged NO STORE response, the client SHOULD issue a
- NOOP command so that it will be informed of any pending EXPUNGE
- responses. The client may then either reissue the failed STORE
- command, or by examining the EXPUNGE responses from the NOOP and
- FETCH responses from the STORE, determine that the STORE failed
- because of pending expunges.
-
- Example: (Building upon the scenario outlined in 4.1.)
-
- <Client #2 tries to STORE flags on a mixture of expunged and non-
- expunged messages>
-
- C2: B001 STORE 1:7 +FLAGS (\SEEN)
- S2: * FETCH 1 FLAGS (\SEEN)
- S2: * FETCH 2 FLAGS (\SEEN)
- S2: * FETCH 3 FLAGS (\SEEN)
- S2: B001 NO Some of the messages no longer exist.
-
- C2: B002 NOOP
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 3 EXISTS
- S2: B002 OK NOOP Completed.
-
- <By receiving FETCH responses for messages 1:3, and an EXPUNGE
- response that indicates messages 4:7 have been expunged, the client
- does not need to re-issue the STORE>
-
-
-
-
-
-
-Gahrns Informational [Page 10]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-4.2.4. If the ".SILENT" suffix is not used, and a mixture of expunged
- and non-expunged messages are referenced, the server MAY return
- an untagged NO and not set any flags.
-
- After receiving a tagged NO STORE response, the client SHOULD issue a
- NOOP command so that it will be informed of any pending EXPUNGE
- responses. The client would then re-issue the STORE command after
- updating its message list per any EXPUNGE response.
-
- If a large number of clients are accessing a shared mailbox, the
- window in which there are no pending expunges may be small or non-
- existent, effectively disallowing a client from setting the flags on
- all messages at once.
-
- Example: (Building upon the scenario outlined in 4.1.)
-
- <Client #2 tries to STORE flags on a mixture of expunged and non-
- expunged messages>
-
- C2: B001 STORE 1:7 +FLAGS (\SEEN)
- S2: B001 NO Some of the messages no longer exist.
-
- <Client #2 issues a NOOP to be informed of the EXPUNGED messages>
-
- C2: B002 NOOP
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 4 EXPUNGE
- S2: * 3 EXISTS
- S2: B002 OK NOOP Completed.
-
- <Client #2 updates its message list and re-issues the STORE on only
- those messages that have not been expunged>
-
- C2: B003 STORE 1:3 +FLAGS (\SEEN) S2: * FETCH 1 FLAGS
- (\SEEN) S2: * FETCH 2 FLAGS (\SEEN) S2: * FETCH 3 FLAGS
- (\SEEN) S2: B003 OK STORE Completed
-
-
-4.3. Searching of expunged messages
-
- A server MAY simply not return a search response for messages that
- have been expunged and it has not been able to inform the client
- about. If a client was expecting a particular message to be returned
- in a search result, and it was not, the client SHOULD issue a NOOP
- command to see if the message was expunged by another client.
-
-
-
-
-Gahrns Informational [Page 11]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-4.4 Copying of expunged messages
-
- COPY is the only IMAP4 sequence number command that is safe to allow
- an EXPUNGE response on. This is because a client is not permitted to
- cascade several COPY commands together. A client is required to wait
- and confirm that the copy worked before issuing another one.
-
-4.4.1 The server MAY disallow the COPY of messages in a multi-access
- mailbox that contains expunged messages.
-
- Pending EXPUNGE response(s) MUST be returned to the COPY command.
-
- Example:
-
- C: A001 COPY 2,4,6,8 FRED
- S: * 4 EXPUNGE
- S: A001 NO COPY rejected, because some of the requested
- messages were expunged
-
- Note: Non of the above messages are copied because if a COPY command
- is unsuccessful, the server MUST restore the destination mailbox to
- its state before the COPY attempt.
-
-
-4.4.2 The server MAY allow the COPY of messages in a multi-access
- mailbox that contains expunged messages.
-
- Pending EXPUNGE response(s) MUST be returned to the COPY command.
- Messages that are copied are messages corresponding to sequence
- numbers before any EXPUNGE response.
-
- Example:
-
- C: A001 COPY 2,4,6,8 FRED
- S: * 3 EXPUNGE
- S: A001 OK COPY completed
-
- In the above example, the messages that are copied to FRED are
- messages 2,4,6,8 at the start of the COPY command. These are
- equivalent to messages 2,3,5,7 at the end of the COPY command. The
- EXPUNGE response can't take place until after the messages from the
- COPY command are identified (because of the "no expunge while no
- commands in progress" rule).
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 12]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
- Example:
-
- C: A001 COPY 2,4,6,8 FRED
- S: * 4 EXPUNGE
- S: A001 OK COPY completed
-
- In the above example, message 4 was copied before it was expunged,
- and MUST appear in the destination mailbox FRED.
-
-
-5. Security Considerations
-
- This document describes behavior of servers that use the IMAP4
- protocol, and as such, has the same security considerations as
- described in [RFC-2060].
-
- In particular, some described server behavior does not allow for the
- immediate deletion of information when a mailbox is accessed by
- multiple clients. This may be a consideration when dealing with
- sensitive information where immediate deletion would be preferred.
-
-
-6. References
-
- [RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, University of Washington, December 1996.
-
- [RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", RFC 2119, Harvard University, March 1997.
-
-
-7. Acknowledgments
-
- This document is the result of discussions on the IMAP4 mailing list
- and is meant to reflect consensus of this group. In particular,
- Raymond Cheng, Mark Crispin, Jim Evans, Erik Forsberg, Steve Hole,
- Mark Keasling, Barry Leiba, Syd Logan, John Mani, Pat Moran, Larry
- Osterman, Chris Newman, Bart Schaefer, Vladimir Vulovic, and Jack De
- Winter were active participants in this discussion or made
- suggestions to this document.
-
-
-
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 13]
-
-RFC 2180 IMAP4 Multi-Accessed Mailbox Practice July 1997
-
-
-8. Author's Address
-
- Mike Gahrns
- Microsoft
- One Microsoft Way
- Redmond, WA, 98072
-
- Phone: (206) 936-9833
- EMail: mikega@microsoft.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns Informational [Page 14]
-
diff --git a/imap/docs/rfc/rfc2193.txt b/imap/docs/rfc/rfc2193.txt
deleted file mode 100644
index 2fec58d7..00000000
--- a/imap/docs/rfc/rfc2193.txt
+++ /dev/null
@@ -1,507 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Gahrns
-Request for Comments: 2193 Microsoft
-Category: Standards Track September 1997
-
-
- IMAP4 Mailbox Referrals
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-1. Abstract
-
- When dealing with large amounts of users, messages and geographically
- dispersed IMAP4 [RFC-2060] servers, it is often desirable to
- distribute messages amongst different servers within an organization.
- For example an administrator may choose to store user's personal
- mailboxes on a local IMAP4 server, while storing shared mailboxes
- remotely on another server. This type of configuration is common
- when it is uneconomical to store all data centrally due to limited
- bandwidth or disk resources.
-
- Mailbox referrals allow clients to seamlessly access mailboxes that
- are distributed across several IMAP4 servers.
-
- A referral mechanism can provide efficiencies over the alternative
- "proxy method", in which the local IMAP4 server contacts the remote
- server on behalf of the client, and then transfers the data from the
- remote server to itself, and then on to the client. The referral
- mechanism's direct client connection to the remote server is often a
- more efficient use of bandwidth, and does not require the local
- server to impersonate the client when authenticating to the remote
- server.
-
-2. Conventions used in this document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
- A home server, is an IMAP4 server that contains the user's inbox.
-
- A remote mailbox is a mailbox that is not hosted on the user's home
- server.
-
-
-
-
-Gahrns Standards Track [Page 1]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
- A remote server is a server that contains remote mailboxes.
-
- A shared mailbox, is a mailbox that multiple users have access to.
-
- An IMAP mailbox referral is when the server directs the client to
- another IMAP mailbox.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC-2119].
-
-3. Introduction and Overview
-
- IMAP4 servers that support this extension MUST list the keyword
- MAILBOX-REFERRALS in their CAPABILITY response. No client action is
- needed to invoke the MAILBOX-REFERRALS capability in a server.
-
- A MAILBOX-REFERRALS capable IMAP4 server MUST NOT return referrals
- that result in a referrals loop.
-
- A referral response consists of a tagged NO response and a REFERRAL
- response code. The REFERRAL response code MUST contain as an
- argument a one or more valid URLs separated by a space as defined in
- [RFC-1738]. If a server replies with multiple URLs for a particular
- object, they MUST all be of the same type. In this case, the URL MUST
- be an IMAP URL as defined in [RFC-2192]. A client that supports the
- REFERRALS extension MUST be prepared for a URL of any type, but it
- need only be able to process IMAP URLs.
-
- A server MAY respond with multiple IMAP mailbox referrals if there is
- more than one replica of the mailbox. This allows the implementation
- of a load balancing or failover scheme. How a server keeps multiple
- replicas of a mailbox in sync is not addressed by this document.
-
- If the server has a preferred order in which the client should
- attempt to access the URLs, the preferred URL SHOULD be listed in the
- first, with the remaining URLs presented in descending order of
- preference. If multiple referrals are given for a mailbox, a server
- should be aware that there are synchronization issues for a client if
- the UIDVALIDITY of the referred mailboxes are different.
-
- An IMAP mailbox referral may be given in response to an IMAP command
- that specifies a mailbox as an argument.
-
-
-
-
-
-
-
-
-Gahrns Standards Track [Page 2]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
- Example:
-
- A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/REMOTE]Remote Mailbox
-
- NOTE: user;AUTH=* is specified as required by [RFC-2192] to avoid a
- client falling back to anonymous login.
-
- Remote mailboxes and their inferiors, that are accessible only via
- referrals SHOULD NOT appear in LIST and LSUB responses issued against
- the user's home server. They MUST appear in RLIST and RLSUB
- responses issued against the user's home server. Hierarchy referrals,
- in which a client would be required to connect to the remote server
- to issue a LIST to discover the inferiors of a mailbox are not
- addressed in this document.
-
- For example, if shared mailboxes were only accessible via referrals
- on a remote server, a RLIST "" "#SHARED/%" command would return the
- same response if issued against the user's home server or the remote
- server.
-
- Note: Mailboxes that are available on the user's home server do not
- need to be available on the remote server. In addition, there may be
- additional mailboxes available on the remote server, but they will
- not accessible to the client via referrals unless they appear in the
- LIST response to the RLIST command against the user's home server.
-
- A MAILBOX-REFERRALS capable client will issue the RLIST and RLSUB
- commands in lieu of LIST and LSUB. The RLIST and RLSUB commands
- behave identically to their LIST and LSUB counterparts, except remote
- mailboxes are returned in addition to local mailboxes in the LIST and
- LSUB responses. This avoids displaying to a non MAILBOX-REFERRALS
- enabled client inaccessible remote mailboxes.
-
-4.1. SELECT, EXAMINE, DELETE, SUBSCRIBE, UNSUBSCRIBE, STATUS and APPEND
- Referrals
-
- An IMAP4 server MAY respond to the SELECT, EXAMINE, DELETE,
- SUBSCRIBE, UNSUBSCRIBE, STATUS or APPEND command with one or more
- IMAP mailbox referrals to indicate to the client that the mailbox is
- hosted on a remote server.
-
- When a client processes an IMAP mailbox referral, it will open a new
- connection or use an existing connection to the remote server so that
- it is able to issue the commands necessary to process the remote
- mailbox.
-
-
-
-
-
-
-Gahrns Standards Track [Page 3]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
- Example: <IMAP4 connection to home server>
-
- C: A001 DELETE "SHARED/FOO"
- S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/FOO]
- Remote mailbox. Try SERVER2.
-
- <Client established a second connection to SERVER2 and
- issues the DELETE command on the referred mailbox>
-
- S: * OK IMAP4rev1 server ready
- C: B001 AUTHENTICATE KERBEROS_V4
- <authentication exchange>
- S: B001 OK user is authenticated
-
- C: B002 DELETE "SHARED/FOO"
- S: B002 OK DELETE completed
-
- Example: <IMAP4 connection to home server>
-
- C: A001 SELECT REMOTE
- S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/REMOTE
- IMAP://user;AUTH=*@SERVER3/REMOTE] Remote mailbox.
- Try SERVER2 or SERVER3.
-
- <Client opens second connection to remote server, and
- issues the commands needed to process the items in the
- remote mailbox>
-
- S: * OK IMAP4rev1 server ready
- C: B001 AUTHENTICATE KERBEROS_V4
- <authentication exchange>
- S: B001 OK user is authenticated
-
- C: B002 SELECT REMOTE
- S: * 12 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 10] Message 10 is first unseen
- S: * OK [UIDVALIDITY 123456789]
- S: * FLAGS (Answered Flagged Deleted Seen Draft)
- S: * OK [PERMANENTFLAGS (Answered Deleted Seen ]
- S: B002 OK [READ-WRITE] Selected completed
-
- C: B003 FETCH 10:12 RFC822
- S: * 10 FETCH . . .
- S: * 11 FETCH . . .
- S: * 12 FETCH . . .
- S: B003 OK FETCH Completed
-
-
-
-
-Gahrns Standards Track [Page 4]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
- <Client is finished processing the REMOTE mailbox and
- wants to process a mailbox on its home server>
-
- C: B004 LOGOUT
- S: * BYE IMAP4rev1 server logging out
- S: B004 OK LOGOUT Completed
-
- <Client continues with first connection>
-
- C: A002 SELECT INBOX
- S: * 16 EXISTS
- S: * 2 RECENT
- S: * OK [UNSEEN 10] Message 10 is first unseen
- S: * OK [UIDVALIDITY 123456789]
- S: * FLAGS (Answered Flagged Deleted Seen Draft)
- S: * OK [PERMANENTFLAGS (Answered Deleted Seen ]
- S: A002 OK [READ-WRITE] Selected completed
-
-4.2. CREATE Referrals
-
- An IMAP4 server MAY respond to the CREATE command with one or more
- IMAP mailbox referrals, if it wishes to direct the client to issue
- the CREATE against another server. The server can employ any means,
- such as examining the hierarchy of the specified mailbox name, in
- determining which server the mailbox should be created on.
-
- Example:
-
- C: A001 CREATE "SHARED/FOO"
- S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/FOO]
- Mailbox should be created on remote server
-
- Alternatively, because a home server is required to maintain a
- listing of referred remote mailboxes, a server MAY allow the creation
- of a mailbox that will ultimately reside on a remote server against
- the home server, and provide referrals on subsequent commands that
- manipulate the mailbox.
-
- Example:
-
- C: A001 CREATE "SHARED/FOO"
- S: A001 OK CREATE succeeded
-
- C: A002 SELECT "SHARED/FOO"
- S: A002 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/FOO]
- Remote mailbox. Try SERVER2
-
-
-
-
-
-Gahrns Standards Track [Page 5]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
-4.3. RENAME Referrals
-
- An IMAP4 server MAY respond to the RENAME command with one or more
- pairs of IMAP mailbox referrals. In each pair of IMAP mailbox
- referrals, the first one is an URL to the existing mailbox name and
- the second is an URL to the requested new mailbox name.
-
- If within an IMAP mailbox referral pair, the existing and new mailbox
- URLs are on different servers, the remote servers are unable to
- perform the RENAME operation. To achieve the same behavior of
- server RENAME, the client MAY issue the constituent CREATE, FETCH,
- APPEND, and DELETE commands against both servers.
-
- If within an IMAP mailbox referral pair, the existing and new mailbox
- URLs are on the same server it is an indication that the currently
- connected server is unable to perform the operation. The client can
- simply re-issue the RENAME command on the remote server.
-
- Example:
-
- C: A001 RENAME FOO BAR
- S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER1/FOO
- IMAP://user;AUTH=*@SERVER2/BAR] Unable to rename mailbox
- across servers
-
- Since the existing and new mailbox names are on different servers,
- the client would be required to make a connection to both servers and
- issue the constituent commands require to achieve the RENAME.
-
- Example:
-
- C: A001 RENAME FOO BAR
- S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/FOO
- IMAP://user;AUTH=*@SERVER2/BAR] Unable to rename mailbox
- located on SERVER2
-
- Since both the existing and new mailbox are on the same remote
- server, the client can simply make a connection to the remote server
- and re-issue the RENAME command.
-
-4.4. COPY Referrals
-
- An IMAP4 server MAY respond to the COPY command with one or more IMAP
- mailbox referrals. This indicates that the destination mailbox is on
- a remote server. To achieve the same behavior of a server COPY, the
- client MAY issue the constituent FETCH and APPEND commands against
- both servers.
-
-
-
-
-Gahrns Standards Track [Page 6]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
- Example:
-
- C: A001 COPY 1 "SHARED/STUFF"
- S: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/SHARED/STUFF]
- Unable to copy message(s) to SERVER2.
-
-5.1 RLIST command
-
- Arguments: reference name
- mailbox name with possible wildcards
-
- Responses: untagged responses: LIST
-
- Result: OK - RLIST Completed
- NO - RLIST Failure
- BAD - command unknown or arguments invalid
-
- The RLIST command behaves identically to its LIST counterpart, except
- remote mailboxes are returned in addition to local mailboxes in the
- LIST responses.
-
-5.2 RLSUB Command
-
- Arguments: reference name
- mailbox name with possible wildcards
-
- Responses: untagged responses: LSUB
-
- Result: OK - RLSUB Completed
- NO - RLSUB Failure
- BAD - command unknown or arguments invalid
-
- The RLSUB command behaves identically to its LSUB counterpart, except
- remote mailboxes are returned in addition to local mailboxes in the
- LSUB responses.
-
-6. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) as described in [ABNF].
-
- list_mailbox = <list_mailbox> as defined in [RFC-2060]
-
- mailbox = <mailbox> as defined in [RFC-2060]
-
- mailbox_referral = <tag> SPACE "NO" SPACE
- <referral_response_code> (text / text_mime2)
- ; See [RFC-2060] for <tag>, text and text_mime2 definition
-
-
-
-Gahrns Standards Track [Page 7]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
- referral_response_code = "[" "REFERRAL" 1*(SPACE <url>) "]"
- ; See [RFC-1738] for <url> definition
-
- rlist = "RLIST" SPACE mailbox SPACE list_mailbox
-
- rlsub = "RLSUB" SPACE mailbox SPACE list_mailbox
-
-6. Security Considerations
-
- The IMAP4 referral mechanism makes use of IMAP URLs, and as such,
- have the same security considerations as general internet URLs [RFC-
- 1738], and in particular IMAP URLs [RFC-2192].
-
- With the MAILBOX-REFERRALS capability, it is potentially easier to
- write a rogue server that injects a bogus referral response that
- directs a user to an incorrect mailbox. Although referrals reduce
- the effort to write such a server, the referral response makes
- detection of the intrusion easier.
-
-7. References
-
- [RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, University of Washington, December 1996.
-
- [RFC-2192], Newman, C., "IMAP URL Scheme", RFC 2192, Innosoft,
- September 1997.
-
- [RFC-1738], Berners-Lee, T., Masinter, L., and M. McCahill, "Uniform
- Resource Locators (URL)", RFC 1738, CERN, Xerox Corporation,
- University of Minnesota, December 1994.
-
- [RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", RFC 2119, Harvard University, March 1997.
-
- [ABNF], DRUMS working group, Dave Crocker Editor, "Augmented BNF for
- Syntax Specifications: ABNF", Work in Progress, Internet Mail
- Consortium, April 1997.
-
-8. Acknowledgments
-
- Many valuable suggestions were received from private discussions and
- the IMAP4 mailing list. In particular, Raymond Cheng, Mark Crispin,
- Mark Keasling, Chris Newman and Larry Osterman made significant
- contributions to this document.
-
-
-
-
-
-
-
-Gahrns Standards Track [Page 8]
-
-RFC 2193 IMAP4 Mailbox Referrals September 1997
-
-
-9. Author's Address
-
- Mike Gahrns
- Microsoft
- One Microsoft Way
- Redmond, WA, 98072
-
- Phone: (206) 936-9833
- EMail: mikega@microsoft.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns Standards Track [Page 9]
-
diff --git a/imap/docs/rfc/rfc2195.txt b/imap/docs/rfc/rfc2195.txt
deleted file mode 100644
index 4a2725bf..00000000
--- a/imap/docs/rfc/rfc2195.txt
+++ /dev/null
@@ -1,283 +0,0 @@
-
-
-
-
-
-
-Network Working Group J. Klensin
-Request for Comments: 2195 R. Catoe
-Category: Standards Track P. Krumviede
-Obsoletes: 2095 MCI
- September 1997
-
-
- IMAP/POP AUTHorize Extension for Simple Challenge/Response
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- While IMAP4 supports a number of strong authentication mechanisms as
- described in RFC 1731, it lacks any mechanism that neither passes
- cleartext, reusable passwords across the network nor requires either
- a significant security infrastructure or that the mail server update
- a mail-system-wide user authentication file on each mail access.
- This specification provides a simple challenge-response
- authentication protocol that is suitable for use with IMAP4. Since
- it utilizes Keyed-MD5 digests and does not require that the secret be
- stored in the clear on the server, it may also constitute an
- improvement on APOP for POP3 use as specified in RFC 1734.
-
-1. Introduction
-
- Existing Proposed Standards specify an AUTHENTICATE mechanism for the
- IMAP4 protocol [IMAP, IMAP-AUTH] and a parallel AUTH mechanism for
- the POP3 protocol [POP3-AUTH]. The AUTHENTICATE mechanism is
- intended to be extensible; the four methods specified in [IMAP-AUTH]
- are all fairly powerful and require some security infrastructure to
- support. The base POP3 specification [POP3] also contains a
- lightweight challenge-response mechanism called APOP. APOP is
- associated with most of the risks associated with such protocols: in
- particular, it requires that both the client and server machines have
- access to the shared secret in cleartext form. CRAM offers a method
- for avoiding such cleartext storage while retaining the algorithmic
- simplicity of APOP in using only MD5, though in a "keyed" method.
-
-
-
-
-
-
-
-Klensin, Catoe & Krumviede Standards Track [Page 1]
-
-RFC 2195 IMAP/POP AUTHorize Extension September 1997
-
-
- At present, IMAP [IMAP] lacks any facility corresponding to APOP.
- The only alternative to the strong mechanisms identified in [IMAP-
- AUTH] is a presumably cleartext username and password, supported
- through the LOGIN command in [IMAP]. This document describes a
- simple challenge-response mechanism, similar to APOP and PPP CHAP
- [PPP], that can be used with IMAP (and, in principle, with POP3).
-
- This mechanism also has the advantage over some possible alternatives
- of not requiring that the server maintain information about email
- "logins" on a per-login basis. While mechanisms that do require such
- per-login history records may offer enhanced security, protocols such
- as IMAP, which may have several connections between a given client
- and server open more or less simultaneous, may make their
- implementation particularly challenging.
-
-2. Challenge-Response Authentication Mechanism (CRAM)
-
- The authentication type associated with CRAM is "CRAM-MD5".
-
- The data encoded in the first ready response contains an
- presumptively arbitrary string of random digits, a timestamp, and the
- fully-qualified primary host name of the server. The syntax of the
- unencoded form must correspond to that of an RFC 822 'msg-id'
- [RFC822] as described in [POP3].
-
- The client makes note of the data and then responds with a string
- consisting of the user name, a space, and a 'digest'. The latter is
- computed by applying the keyed MD5 algorithm from [KEYED-MD5] where
- the key is a shared secret and the digested text is the timestamp
- (including angle-brackets).
-
- This shared secret is a string known only to the client and server.
- The `digest' parameter itself is a 16-octet value which is sent in
- hexadecimal format, using lower-case ASCII characters.
-
- When the server receives this client response, it verifies the digest
- provided. If the digest is correct, the server should consider the
- client authenticated and respond appropriately.
-
- Keyed MD5 is chosen for this application because of the greater
- security imparted to authentication of short messages. In addition,
- the use of the techniques described in [KEYED-MD5] for precomputation
- of intermediate results make it possible to avoid explicit cleartext
- storage of the shared secret on the server system by instead storing
- the intermediate results which are known as "contexts".
-
-
-
-
-
-
-Klensin, Catoe & Krumviede Standards Track [Page 2]
-
-RFC 2195 IMAP/POP AUTHorize Extension September 1997
-
-
- CRAM does not support a protection mechanism.
-
- Example:
-
- The examples in this document show the use of the CRAM mechanism with
- the IMAP4 AUTHENTICATE command [IMAP-AUTH]. The base64 encoding of
- the challenges and responses is part of the IMAP4 AUTHENTICATE
- command, not part of the CRAM specification itself.
-
- S: * OK IMAP4 Server
- C: A0001 AUTHENTICATE CRAM-MD5
- S: + PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+
- C: dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
- S: A0001 OK CRAM authentication successful
-
- In this example, the shared secret is the string
- 'tanstaaftanstaaf'. Hence, the Keyed MD5 digest is produced by
- calculating
-
- MD5((tanstaaftanstaaf XOR opad),
- MD5((tanstaaftanstaaf XOR ipad),
- <1896.697170952@postoffice.reston.mci.net>))
-
- where ipad and opad are as defined in the keyed-MD5 Work in
- Progress [KEYED-MD5] and the string shown in the challenge is the
- base64 encoding of <1896.697170952@postoffice.reston.mci.net>. The
- shared secret is null-padded to a length of 64 bytes. If the
- shared secret is longer than 64 bytes, the MD5 digest of the
- shared secret is used as a 16 byte input to the keyed MD5
- calculation.
-
- This produces a digest value (in hexadecimal) of
-
- b913a602c7eda7a495b4e6e7334d3890
-
- The user name is then prepended to it, forming
-
- tim b913a602c7eda7a495b4e6e7334d3890
-
- Which is then base64 encoded to meet the requirements of the IMAP4
- AUTHENTICATE command (or the similar POP3 AUTH command), yielding
-
- dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
-
-
-
-
-
-
-
-
-Klensin, Catoe & Krumviede Standards Track [Page 3]
-
-RFC 2195 IMAP/POP AUTHorize Extension September 1997
-
-
-3. References
-
- [CHAP] Lloyd, B., and W. Simpson, "PPP Authentication Protocols",
- RFC 1334, October 1992.
-
- [IMAP] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, University of Washington, December 1996.
-
- [IMAP-AUTH] Myers, J., "IMAP4 Authentication Mechanisms",
- RFC 1731, Carnegie Mellon, December 1994.
-
- [KEYED-MD5] Krawczyk, Bellare, Canetti, "HMAC: Keyed-Hashing for
- Message Authentication", RFC 2104, February 1997.
-
- [MD5] Rivest, R., "The MD5 Message Digest Algorithm",
- RFC 1321, MIT Laboratory for Computer Science, April 1992.
-
- [POP3] Myers, J., and M. Rose, "Post Office Protocol - Version 3",
- STD 53, RFC 1939, Carnegie Mellon, May 1996.
-
- [POP3-AUTH] Myers, J., "POP3 AUTHentication command", RFC 1734,
- Carnegie Mellon, December, 1994.
-
-4. Security Considerations
-
- It is conjectured that use of the CRAM authentication mechanism
- provides origin identification and replay protection for a session.
- Accordingly, a server that implements both a cleartext password
- command and this authentication type should not allow both methods of
- access for a given user.
-
- While the saving, on the server, of "contexts" (see section 2) is
- marginally better than saving the shared secrets in cleartext as is
- required by CHAP [CHAP] and APOP [POP3], it is not sufficient to
- protect the secrets if the server itself is compromised.
- Consequently, servers that store the secrets or contexts must both be
- protected to a level appropriate to the potential information value
- in user mailboxes and identities.
-
- As the length of the shared secret increases, so does the difficulty
- of deriving it.
-
- While there are now suggestions in the literature that the use of MD5
- and keyed MD5 in authentication procedures probably has a limited
- effective lifetime, the technique is now widely deployed and widely
- understood. It is believed that this general understanding may
- assist with the rapid replacement, by CRAM-MD5, of the current uses
- of permanent cleartext passwords in IMAP. This document has been
-
-
-
-Klensin, Catoe & Krumviede Standards Track [Page 4]
-
-RFC 2195 IMAP/POP AUTHorize Extension September 1997
-
-
- deliberately written to permit easy upgrading to use SHA (or whatever
- alternatives emerge) when they are considered to be widely available
- and adequately safe.
-
- Even with the use of CRAM, users are still vulnerable to active
- attacks. An example of an increasingly common active attack is 'TCP
- Session Hijacking' as described in CERT Advisory CA-95:01 [CERT95].
-
- See section 1 above for additional discussion.
-
-5. Acknowledgements
-
- This memo borrows ideas and some text liberally from [POP3] and
- [RFC-1731] and thanks are due the authors of those documents. Ran
- Atkinson made a number of valuable technical and editorial
- contributions to the document.
-
-6. Authors' Addresses
-
- John C. Klensin
- MCI Telecommunications
- 800 Boylston St, 7th floor
- Boston, MA 02199
- USA
-
- EMail: klensin@mci.net
- Phone: +1 617 960 1011
-
- Randy Catoe
- MCI Telecommunications
- 2100 Reston Parkway
- Reston, VA 22091
- USA
-
- EMail: randy@mci.net
- Phone: +1 703 715 7366
-
- Paul Krumviede
- MCI Telecommunications
- 2100 Reston Parkway
- Reston, VA 22091
- USA
-
- EMail: paul@mci.net
- Phone: +1 703 715 7251
-
-
-
-
-
-
-Klensin, Catoe & Krumviede Standards Track [Page 5]
-
diff --git a/imap/docs/rfc/rfc2221.txt b/imap/docs/rfc/rfc2221.txt
deleted file mode 100644
index 81d00620..00000000
--- a/imap/docs/rfc/rfc2221.txt
+++ /dev/null
@@ -1,283 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Gahrns
-Request for Comments: 2221 Microsoft
-Category: Standards Track October 1997
-
-
- IMAP4 Login Referrals
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (1997). All Rights Reserved.
-
-1. Abstract
-
- When dealing with large amounts of users and many IMAP4 [RFC-2060]
- servers, it is often necessary to move users from one IMAP4 server to
- another. For example, hardware failures or organizational changes
- may dictate such a move.
-
- Login referrals allow clients to transparently connect to an
- alternate IMAP4 server, if their home IMAP4 server has changed.
-
- A referral mechanism can provide efficiencies over the alternative
- 'proxy method', in which the local IMAP4 server contacts the remote
- server on behalf of the client, and then transfers the data from the
- remote server to itself, and then on to the client. The referral
- mechanism's direct client connection to the remote server is often a
- more efficient use of bandwidth, and does not require the local
- server to impersonate the client when authenticating to the remote
- server.
-
-2. Conventions used in this document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
- A home server, is an IMAP4 server that contains the user's inbox.
-
- A remote server is a server that contains remote mailboxes.
-
-
-
-
-
-Gahrns Standards Track [Page 1]
-
-RFC 2221 IMAP4 Login Referrals October 1997
-
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC-2119].
-
-3. Introduction and Overview
-
- IMAP4 servers that support this extension MUST list the keyword
- LOGIN-REFERRALS in their CAPABILITY response. No client action is
- needed to invoke the LOGIN-REFERRALS capability in a server.
-
- A LOGIN-REFERRALS capable IMAP4 server SHOULD NOT return a referral
- to a server that will return a referral. A client MUST NOT follow
- more than 10 levels of referral without consulting the user.
-
- A LOGIN-REFERRALS response code MUST contain as an argument a valid
- IMAP server URL as defined in [IMAP-URL].
-
- A home server referral consists of either a tagged NO or OK, or an
- untagged BYE response that contains a LOGIN-REFERRALS response code.
-
- Example: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/] Remote Server
-
- NOTE: user;AUTH=* is specified as required by [IMAP-URL] to avoid a
- client falling back to anonymous login.
-
-4. Home Server Referrals
-
- A home server referral may be returned in response to an AUTHENTICATE
- or LOGIN command, or it may appear in the connection startup banner.
- If a server returns a home server referral in a tagged NO response,
- that server does not contain any mailboxes that are accessible to the
- user. If a server returns a home server referral in a tagged OK
- response, it indicates that the user's personal mailboxes are
- elsewhere, but the server contains public mailboxes which are
- readable by the user. After receiving a home server referral, the
- client can not make any assumptions as to whether this was a
- permanent or temporary move of the user.
-
-4.1. LOGIN and AUTHENTICATE Referrals
-
- An IMAP4 server MAY respond to a LOGIN or AUTHENTICATE command with a
- home server referral if it wishes to direct the user to another IMAP4
- server.
-
- Example: C: A001 LOGIN MIKE PASSWORD
- S: A001 NO [REFERRAL IMAP://MIKE@SERVER2/] Specified user
- is invalid on this server. Try SERVER2.
-
-
-
-
-Gahrns Standards Track [Page 2]
-
-RFC 2221 IMAP4 Login Referrals October 1997
-
-
- Example: C: A001 LOGIN MATTHEW PASSWORD
- S: A001 OK [REFERRAL IMAP://MATTHEW@SERVER2/] Specified
- user's personal mailboxes located on Server2, but
- public mailboxes are available.
-
- Example: C: A001 AUTHENTICATE GSSAPI
- <authentication exchange>
- S: A001 NO [REFERRAL IMAP://user;AUTH=GSSAPI@SERVER2/]
- Specified user is invalid on this server. Try
- SERVER2.
-
-4.2. BYE at connection startup referral
-
- An IMAP4 server MAY respond with an untagged BYE and a REFERRAL
- response code that contains an IMAP URL to a home server if it is not
- willing to accept connections and wishes to direct the client to
- another IMAP4 server.
-
- Example: S: * BYE [REFERRAL IMAP://user;AUTH=*@SERVER2/] Server not
- accepting connections. Try SERVER2
-
-5. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) as described in [ABNF].
-
- This amends the "resp_text_code" element of the IMAP4 grammar
- described in [RFC-2060]
-
- resp_text_code =/ "REFERRAL" SPACE <imapurl>
- ; See [IMAP-URL] for definition of <imapurl>
- ; See [RFC-2060] for base definition of resp_text_code
-
-6. Security Considerations
-
- The IMAP4 login referral mechanism makes use of IMAP URLs, and as
- such, have the same security considerations as general internet URLs
- [RFC-1738], and in particular IMAP URLs [IMAP-URL].
-
- A server MUST NOT give a login referral if authentication for that
- user fails. This is to avoid revealing information about the user's
- account to an unauthorized user.
-
- With the LOGIN-REFERRALS capability, it is potentially easier to
- write a rogue 'password catching' server that collects login data and
- then refers the client to their actual IMAP4 server. Although
- referrals reduce the effort to write such a server, the referral
- response makes detection of the intrusion easier.
-
-
-
-Gahrns Standards Track [Page 3]
-
-RFC 2221 IMAP4 Login Referrals October 1997
-
-
-7. References
-
- [RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, December 1996.
-
- [IMAP-URL], Newman, C., "IMAP URL Scheme", RFC 2192, Innosoft,
- September 1997.
-
- [RFC-1738], Berners-Lee, T., Masinter, L. and M. McCahill, "Uniform
- Resource Locators (URL)", RFC 1738, December 1994.
-
- [RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", RFC 2119, March 1997.
-
- [ABNF], DRUMS working group, Dave Crocker Editor, "Augmented BNF for
- Syntax Specifications: ABNF", Work in Progress.
-
-8. Acknowledgments
-
- Many valuable suggestions were received from private discussions and
- the IMAP4 mailing list. In particular, Raymond Cheng, Mark Crispin,
- Mark Keasling Chris Newman and Larry Osterman made significant
- contributions to this document.
-
-9. Author's Address
-
- Mike Gahrns
- Microsoft
- One Microsoft Way
- Redmond, WA, 98072
-
- Phone: (206) 936-9833
- EMail: mikega@microsoft.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns Standards Track [Page 4]
-
-RFC 2221 IMAP4 Login Referrals October 1997
-
-
-10. Full Copyright Statement
-
- Copyright (C) The Internet Society (1997). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implmentation may be prepared, copied, published
- andand distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns Standards Track [Page 5]
-
diff --git a/imap/docs/rfc/rfc2342.txt b/imap/docs/rfc/rfc2342.txt
deleted file mode 100644
index 0926646d..00000000
--- a/imap/docs/rfc/rfc2342.txt
+++ /dev/null
@@ -1,563 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Gahrns
-Request for Comments: 2342 Microsoft
-Category: Standards Track C. Newman
- Innosoft
- May 1998
-
-
- IMAP4 Namespace
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (1998). All Rights Reserved.
-
-1. Abstract
-
- IMAP4 [RFC-2060] does not define a default server namespace. As a
- result, two common namespace models have evolved:
-
- The "Personal Mailbox" model, in which the default namespace that is
- presented consists of only the user's personal mailboxes. To access
- shared mailboxes, the user must use an escape mechanism to reach
- another namespace.
-
- The "Complete Hierarchy" model, in which the default namespace that
- is presented includes the user's personal mailboxes along with any
- other mailboxes they have access to.
-
- These two models, create difficulties for certain client operations.
- This document defines a NAMESPACE command that allows a client to
- discover the prefixes of namespaces used by a server for personal
- mailboxes, other users' mailboxes, and shared mailboxes. This allows
- a client to avoid much of the manual user configuration that is now
- necessary when mixing and matching IMAP4 clients and servers.
-
-2. Conventions used in this document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively. If such lines are wrapped without a new "C:" or
- "S:" label, then the wrapping is for editorial clarity and is not
- part of the command.
-
-
-
-Gahrns & Newman Standards Track [Page 1]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
- Personal Namespace: A namespace that the server considers within the
- personal scope of the authenticated user on a particular connection.
- Typically, only the authenticated user has access to mailboxes in
- their Personal Namespace. It is the part of the namespace that
- belongs to the user that is allocated for mailboxes. If an INBOX
- exists for a user, it MUST appear within the user's personal
- namespace. In the typical case, there SHOULD be only one Personal
- Namespace on a server.
-
- Other Users' Namespace: A namespace that consists of mailboxes from
- the Personal Namespaces of other users. To access mailboxes in the
- Other Users' Namespace, the currently authenticated user MUST be
- explicitly granted access rights. For example, it is common for a
- manager to grant to their secretary access rights to their mailbox.
- In the typical case, there SHOULD be only one Other Users' Namespace
- on a server.
-
- Shared Namespace: A namespace that consists of mailboxes that are
- intended to be shared amongst users and do not exist within a user's
- Personal Namespace.
-
- The namespaces a server uses MAY differ on a per-user basis.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC-2119].
-
-3. Introduction and Overview
-
- Clients often attempt to create mailboxes for such purposes as
- maintaining a record of sent messages (e.g. "Sent Mail") or
- temporarily saving messages being composed (e.g. "Drafts"). For
- these clients to inter-operate correctly with the variety of IMAP4
- servers available, the user must enter the prefix of the Personal
- Namespace used by the server. Using the NAMESPACE command, a client
- is able to automatically discover this prefix without manual user
- configuration.
-
- In addition, users are often required to manually enter the prefixes
- of various namespaces in order to view the mailboxes located there.
- For example, they might be required to enter the prefix of #shared to
- view the shared mailboxes namespace. The NAMESPACE command allows a
- client to automatically discover the namespaces that are available on
- a server. This allows a client to present the available namespaces to
- the user in what ever manner it deems appropriate. For example, a
-
-
-
-
-
-
-Gahrns & Newman Standards Track [Page 2]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
- client could choose to initially display only personal mailboxes, or
- it may choose to display the complete list of mailboxes available,
- and initially position the user at the root of their Personal
- Namespace.
-
- A server MAY choose to make available to the NAMESPACE command only a
- subset of the complete set of namespaces the server supports. To
- provide the ability to access these namespaces, a client SHOULD allow
- the user the ability to manually enter a namespace prefix.
-
-4. Requirements
-
- IMAP4 servers that support this extension MUST list the keyword
- NAMESPACE in their CAPABILITY response.
-
- The NAMESPACE command is valid in the Authenticated and Selected
- state.
-
-5. NAMESPACE Command
-
- Arguments: none
-
- Response: an untagged NAMESPACE response that contains the prefix
- and hierarchy delimiter to the server's Personal
- Namespace(s), Other Users' Namespace(s), and Shared
- Namespace(s) that the server wishes to expose. The
- response will contain a NIL for any namespace class
- that is not available. Namespace_Response_Extensions
- MAY be included in the response.
- Namespace_Response_Extensions which are not on the IETF
- standards track, MUST be prefixed with an "X-".
-
- Result: OK - Command completed
- NO - Error: Can't complete command
- BAD - argument invalid
-
- Example 5.1:
- ===========
-
- < A server that supports a single personal namespace. No leading
- prefix is used on personal mailboxes and "/" is the hierarchy
- delimiter.>
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("" "/")) NIL NIL
- S: A001 OK NAMESPACE command completed
-
-
-
-
-
-Gahrns & Newman Standards Track [Page 3]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
- Example 5.2:
- ===========
-
- < A user logged on anonymously to a server. No personal mailboxes
- are associated with the anonymous user and the user does not have
- access to the Other Users' Namespace. No prefix is required to
- access shared mailboxes and the hierarchy delimiter is "." >
-
- C: A001 NAMESPACE
- S: * NAMESPACE NIL NIL (("" "."))
- S: A001 OK NAMESPACE command completed
-
- Example 5.3:
- ===========
-
- < A server that contains a Personal Namespace and a single Shared
- Namespace. >
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("" "/")) NIL (("Public Folders/" "/"))
- S: A001 OK NAMESPACE command completed
-
- Example 5.4:
- ===========
-
- < A server that contains a Personal Namespace, Other Users'
- Namespace and multiple Shared Namespaces. Note that the hierarchy
- delimiter used within each namespace can be different. >
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("" "/")) (("~" "/")) (("#shared/" "/")
- ("#public/" "/")("#ftp/" "/")("#news." "."))
- S: A001 OK NAMESPACE command completed
-
- The prefix string allows a client to do things such as automatically
- creating personal mailboxes or LISTing all available mailboxes within
- a namespace.
-
- Example 5.5:
- ===========
-
- < A server that supports only the Personal Namespace, with a
- leading prefix of INBOX to personal mailboxes and a hierarchy
- delimiter of ".">
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("INBOX." ".")) NIL NIL
- S: A001 OK NAMESPACE command completed
-
-
-
-Gahrns & Newman Standards Track [Page 4]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
- < Automatically create a mailbox to store sent items.>
-
- C: A002 CREATE "INBOX.Sent Mail"
- S: A002 OK CREATE command completed
-
- Although typically a server will support only a single Personal
- Namespace, and a single Other User's Namespace, circumstances exist
- where there MAY be multiples of these, and a client MUST be prepared
- for them. If a client is configured such that it is required to
- create a certain mailbox, there can be circumstances where it is
- unclear which Personal Namespaces it should create the mailbox in.
- In these situations a client SHOULD let the user select which
- namespaces to create the mailbox in.
-
- Example 5.6:
- ===========
-
- < In this example, a server supports 2 Personal Namespaces. In
- addition to the regular Personal Namespace, the user has an
- additional personal namespace to allow access to mailboxes in an
- MH format mailstore. >
-
- < The client is configured to save a copy of all mail sent by the
- user into a mailbox called 'Sent Mail'. Furthermore, after a
- message is deleted from a mailbox, the client is configured to
- move that message to a mailbox called 'Deleted Items'.>
-
- < Note that this example demonstrates how some extension flags can
- be passed to further describe the #mh namespace. >
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("" "/")("#mh/" "/" "X-PARAM" ("FLAG1" "FLAG2")))
- NIL NIL
- S: A001 OK NAMESPACE command completed
-
- < It is desired to keep only one copy of sent mail. It is unclear
- which Personal Namespace the client should use to create the 'Sent
- Mail' mailbox. The user is prompted to select a namespace and
- only one 'Sent Mail' mailbox is created. >
-
- C: A002 CREATE "Sent Mail"
- S: A002 OK CREATE command completed
-
- < The client is designed so that it keeps two 'Deleted Items'
- mailboxes, one for each namespace. >
-
- C: A003 CREATE "Delete Items"
- S: A003 OK CREATE command completed
-
-
-
-Gahrns & Newman Standards Track [Page 5]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
- C: A004 CREATE "#mh/Deleted Items"
- S: A004 OK CREATE command completed
-
- The next level of hierarchy following the Other Users' Namespace
- prefix SHOULD consist of <username>, where <username> is a user name
- as per the IMAP4 LOGIN or AUTHENTICATE command.
-
- A client can construct a LIST command by appending a "%" to the Other
- Users' Namespace prefix to discover the Personal Namespaces of other
- users that are available to the currently authenticated user.
-
- In response to such a LIST command, a server SHOULD NOT return user
- names that have not granted access to their personal mailboxes to the
- user in question.
-
- A server MAY return a LIST response containing only the names of
- users that have explicitly granted access to the user in question.
-
- Alternatively, a server MAY return NO to such a LIST command,
- requiring that a user name be included with the Other Users'
- Namespace prefix before listing any other user's mailboxes.
-
- Example 5.7:
- ===========
-
- < A server that supports providing a list of other user's
- mailboxes that are accessible to the currently logged on user. >
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("" "/")) (("Other Users/" "/")) NIL
- S: A001 OK NAMESPACE command completed
-
- C: A002 LIST "" "Other Users/%"
- S: * LIST () "/" "Other Users/Mike"
- S: * LIST () "/" "Other Users/Karen"
- S: * LIST () "/" "Other Users/Matthew"
- S: * LIST () "/" "Other Users/Tesa"
- S: A002 OK LIST command completed
-
- Example 5.8:
- ===========
-
- < A server that does not support providing a list of other user's
- mailboxes that are accessible to the currently logged on user.
- The mailboxes are listable if the client includes the name of the
- other user with the Other Users' Namespace prefix. >
-
-
-
-
-
-Gahrns & Newman Standards Track [Page 6]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("" "/")) (("#Users/" "/")) NIL
- S: A001 OK NAMESPACE command completed
-
- < In this example, the currently logged on user has access to the
- Personal Namespace of user Mike, but the server chose to suppress
- this information in the LIST response. However, by appending the
- user name Mike (received through user input) to the Other Users'
- Namespace prefix, the client is able to get a listing of the
- personal mailboxes of user Mike. >
-
- C: A002 LIST "" "#Users/%"
- S: A002 NO The requested item could not be found.
-
- C: A003 LIST "" "#Users/Mike/%"
- S: * LIST () "/" "#Users/Mike/INBOX"
- S: * LIST () "/" "#Users/Mike/Foo"
- S: A003 OK LIST command completed.
-
- A prefix string might not contain a hierarchy delimiter, because
- in some cases it is not needed as part of the prefix.
-
- Example 5.9:
- ===========
-
- < A server that allows access to the Other Users' Namespace by
- prefixing the others' mailboxes with a '~' followed by <username>,
- where <username> is a user name as per the IMAP4 LOGIN or
- AUTHENTICATE command.>
-
- C: A001 NAMESPACE
- S: * NAMESPACE (("" "/")) (("~" "/")) NIL
- S: A001 OK NAMESPACE command completed
-
- < List the mailboxes for user mark >
-
- C: A002 LIST "" "~mark/%"
- S: * LIST () "/" "~mark/INBOX"
- S: * LIST () "/" "~mark/foo"
- S: A002 OK LIST command completed
-
- Historical convention has been to start all namespaces with the "#"
- character. Namespaces that include the "#" character are not IMAP
- URL [IMAP-URL] friendly requiring the "#" character to be represented
- as %23 when within URLs. As such, server implementers MAY instead
- consider using namespace prefixes that do not contain the "#"
- character.
-
-
-
-
-Gahrns & Newman Standards Track [Page 7]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
-6. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) as described in [ABNF].
-
- atom = <atom>
- ; <atom> as defined in [RFC-2060]
-
- Namespace = nil / "(" 1*( "(" string SP (<"> QUOTED_CHAR <"> /
- nil) *(Namespace_Response_Extension) ")" ) ")"
-
- Namespace_Command = "NAMESPACE"
-
- Namespace_Response_Extension = SP string SP "(" string *(SP string)
- ")"
-
- Namespace_Response = "*" SP "NAMESPACE" SP Namespace SP Namespace SP
- Namespace
-
- ; The first Namespace is the Personal Namespace(s)
- ; The second Namespace is the Other Users' Namespace(s)
- ; The third Namespace is the Shared Namespace(s)
-
- nil = <nil>
- ; <nil> as defined in [RFC-2060]
-
- QUOTED_CHAR = <QUOTED_CHAR>
- ; <QUOTED_CHAR> as defined in [RFC-2060]
-
- string = <string>
- ; <string> as defined in [RFC-2060]
- ; Note that the namespace prefix is to a mailbox and following
- ; IMAP4 convention, any international string in the NAMESPACE
- ; response MUST be of modified UTF-7 format as described in
- ; [RFC-2060].
-
-7. Security Considerations
-
- In response to a LIST command containing an argument of the Other
- Users' Namespace prefix, a server SHOULD NOT list users that have not
- granted list access to their personal mailboxes to the currently
- authenticated user. Providing such a list, could compromise security
- by potentially disclosing confidential information of who is located
- on the server, or providing a starting point of a list of user
- accounts to attack.
-
-
-
-
-
-
-Gahrns & Newman Standards Track [Page 8]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
-8. References
-
- [RFC-2060], Crispin, M., "Internet Message Access Protocol Version
- 4rev1", RFC 2060, December 1996.
-
- [RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [ABNF] Crocker, D., Editor, and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 2234, November 1997.
-
- [IMAP-URL], Newman, C., "IMAP URL Scheme", RFC 2192, September 1997.
-
-9. Acknowledgments
-
- Many people have participated in the discussion of IMAP namespaces on
- the IMAP mailing list. In particular, the authors would like to
- thank Mark Crispin for many of the concepts relating to the Personal
- Namespace and accessing the Personal Namespace of other users, Steve
- Hole for summarizing the two namespace models, John Myers and Jack De
- Winter for their work in a preceding effort trying to define a
- standardized personal namespace, and Larry Osterman for his review
- and collaboration on this document.
-
-11. Authors' Addresses
-
- Mike Gahrns
- Microsoft
- One Microsoft Way
- Redmond, WA, 98072, USA
-
- Phone: (425) 936-9833
- EMail: mikega@microsoft.com
-
-
- Chris Newman
- Innosoft International, Inc.
- 1050 East Garvey Ave. South
- West Covina, CA, 91790, USA
-
- EMail: chris.newman@innosoft.com
-
-
-
-
-
-
-
-
-
-
-Gahrns & Newman Standards Track [Page 9]
-
-RFC 2342 IMAP4 Namespace May 1998
-
-
-12. Full Copyright Statement
-
- Copyright (C) The Internet Society (1998). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns & Newman Standards Track [Page 10]
-
diff --git a/imap/docs/rfc/rfc2683.txt b/imap/docs/rfc/rfc2683.txt
deleted file mode 100644
index d92e3405..00000000
--- a/imap/docs/rfc/rfc2683.txt
+++ /dev/null
@@ -1,1291 +0,0 @@
-
-
-
-
-
-
-Network Working Group B. Leiba
-Request for Comments: 2683 IBM T.J. Watson Research Center
-Category: Informational September 1999
-
-
- IMAP4 Implementation Recommendations
-
-Status of this Memo
-
- This memo provides information for the Internet community. It does
- not specify an Internet standard of any kind. Distribution of this
- memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (1999). All Rights Reserved.
-
-1. Abstract
-
- The IMAP4 specification [RFC-2060] describes a rich protocol for use
- in building clients and servers for storage, retrieval, and
- manipulation of electronic mail. Because the protocol is so rich and
- has so many implementation choices, there are often trade-offs that
- must be made and issues that must be considered when designing such
- clients and servers. This document attempts to outline these issues
- and to make recommendations in order to make the end products as
- interoperable as possible.
-
-2. Conventions used in this document
-
- In examples, "C:" indicates lines sent by a client that is connected
- to a server. "S:" indicates lines sent by the server to the client.
-
- The words "must", "must not", "should", "should not", and "may" are
- used with specific meaning in this document; since their meaning is
- somewhat different from that specified in RFC 2119, we do not put
- them in all caps here. Their meaning is as follows:
-
- must -- This word means that the action described is necessary
- to ensure interoperability. The recommendation should
- not be ignored.
- must not -- This phrase means that the action described will be
- almost certain to hurt interoperability. The
- recommendation should not be ignored.
-
-
-
-
-
-
-
-Leiba Informational [Page 1]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- should -- This word means that the action described is strongly
- recommended and will enhance interoperability or
- usability. The recommendation should not be ignored
- without careful consideration.
- should not -- This phrase means that the action described is strongly
- recommended against, and might hurt interoperability or
- usability. The recommendation should not be ignored
- without careful consideration.
- may -- This word means that the action described is an
- acceptable implementation choice. No specific
- recommendation is implied; this word is used to point
- out a choice that might not be obvious, or to let
- implementors know what choices have been made by
- existing implementations.
-
-3. Interoperability Issues and Recommendations
-
-3.1. Accessibility
-
- This section describes the issues related to access to servers and
- server resources. Concerns here include data sharing and maintenance
- of client/server connections.
-
-3.1.1. Multiple Accesses of the Same Mailbox
-
- One strong point of IMAP4 is that, unlike POP3, it allows for
- multiple simultaneous access to a single mailbox. A user can, thus,
- read mail from a client at home while the client in the office is
- still connected; or the help desk staff can all work out of the same
- inbox, all seeing the same pool of questions. An important point
- about this capability, though is that NO SERVER IS GUARANTEED TO
- SUPPORT THIS. If you are selecting an IMAP server and this facility
- is important to you, be sure that the server you choose to install,
- in the configuration you choose to use, supports it.
-
- If you are designing a client, you must not assume that you can
- access the same mailbox more than once at a time. That means
-
- 1. you must handle gracefully the failure of a SELECT command if the
- server refuses the second SELECT,
- 2. you must handle reasonably the severing of your connection (see
- "Severed Connections", below) if the server chooses to allow the
- second SELECT by forcing the first off,
- 3. you must avoid making multiple connections to the same mailbox in
- your own client (for load balancing or other such reasons), and
- 4. you must avoid using the STATUS command on a mailbox that you have
- selected (with some server implementations the STATUS command has
- the same problems with multiple access as do the SELECT and
-
-
-
-Leiba Informational [Page 2]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- EXAMINE commands).
-
- A further note about STATUS: The STATUS command is sometimes used to
- check a non-selected mailbox for new mail. This mechanism must not
- be used to check for new mail in the selected mailbox; section 5.2 of
- [RFC-2060] specifically forbids this in its last paragraph. Further,
- since STATUS takes a mailbox name it is an independent operation, not
- operating on the selected mailbox. Because of this, the information
- it returns is not necessarily in synchronization with the selected
- mailbox state.
-
-3.1.2. Severed Connections
-
- The client/server connection may be severed for one of three reasons:
- the client severs the connection, the server severs the connection,
- or the connection is severed by outside forces beyond the control of
- the client and the server (a telephone line drops, for example).
- Clients and servers must both deal with these situations.
-
- When the client wants to sever a connection, it's usually because it
- has finished the work it needed to do on that connection. The client
- should send a LOGOUT command, wait for the tagged response, and then
- close the socket. But note that, while this is what's intended in
- the protocol design, there isn't universal agreement here. Some
- contend that sending the LOGOUT and waiting for the two responses
- (untagged BYE and tagged OK) is wasteful and unnecessary, and that
- the client can simply close the socket. The server should interpret
- the closed socket as a log out by the client. The counterargument is
- that it's useful from the standpoint of cleanup, problem
- determination, and the like, to have an explicit client log out,
- because otherwise there is no way for the server to tell the
- difference between "closed socket because of log out" and "closed
- socket because communication was disrupted". If there is a
- client/server interaction problem, a client which routinely
- terminates a session by breaking the connection without a LOGOUT will
- make it much more difficult to determine the problem.
-
- Because of this disagreement, server designers must be aware that
- some clients might close the socket without sending a LOGOUT. In any
- case, whether or not a LOGOUT was sent, the server should not
- implicitly expunge any messages from the selected mailbox. If a
- client wants the server to do so, it must send a CLOSE or EXPUNGE
- command explicitly.
-
- When the server wants to sever a connection it's usually due to an
- inactivity timeout or is because a situation has arisen that has
- changed the state of the mail store in a way that the server can not
- communicate to the client. The server should send an untagged BYE
-
-
-
-Leiba Informational [Page 3]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- response to the client and then close the socket. Sending an
- untagged BYE response before severing allows the server to send a
- human-readable explanation of the problem to the client, which the
- client may then log, display to the user, or both (see section 7.1.5
- of [RFC-2060]).
-
- Regarding inactivity timeouts, there is some controversy. Unlike
- POP, for which the design is for a client to connect, retrieve mail,
- and log out, IMAP's design encourages long-lived (and mostly
- inactive) client/server sessions. As the number of users grows, this
- can use up a lot of server resources, especially with clients that
- are designed to maintain sessions for mailboxes that the user has
- finished accessing. To alleviate this, a server may implement an
- inactivity timeout, unilaterally closing a session (after first
- sending an untagged BYE, as noted above). Some server operators have
- reported dramatic improvements in server performance after doing
- this. As specified in [RFC-2060], if such a timeout is done it must
- not be until at least 30 minutes of inactivity. The reason for this
- specification is to prevent clients from sending commands (such as
- NOOP) to the server at frequent intervals simply to avert a too-early
- timeout. If the client knows that the server may not time out the
- session for at least 30 minutes, then the client need not poll at
- intervals more frequent than, say, 25 minutes.
-
-3.2. Scaling
-
- IMAP4 has many features that allow for scalability, as mail stores
- become larger and more numerous. Large numbers of users, mailboxes,
- and messages, and very large messages require thought to handle
- efficiently. This document will not address the administrative
- issues involved in large numbers of users, but we will look at the
- other items.
-
-3.2.1. Flood Control
-
- There are three situations when a client can make a request that will
- result in a very large response - too large for the client reasonably
- to deal with: there are a great many mailboxes available, there are a
- great many messages in the selected mailbox, or there is a very large
- message part. The danger here is that the end user will be stuck
- waiting while the server sends (and the client processes) an enormous
- response. In all of these cases there are things a client can do to
- reduce that danger.
-
- There is also the case where a client can flood a server, by sending
- an arbitratily long command. We'll discuss that issue, too, in this
- section.
-
-
-
-
-Leiba Informational [Page 4]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
-3.2.1.1. Listing Mailboxes
-
- Some servers present Usenet newsgroups to IMAP users. Newsgroups,
- and other such hierarchical mailbox structures, can be very numerous
- but may have only a few entries at the top level of hierarchy. Also,
- some servers are built against mail stores that can, unbeknownst to
- the server, have circular hierarchies - that is, it's possible for
- "a/b/c/d" to resolve to the same file structure as "a", which would
- then mean that "a/b/c/d/b" is the same as "a/b", and the hierarchy
- will never end. The LIST response in this case will be unlimited.
-
- Clients that will have trouble with this are those that use
-
- C: 001 LIST "" *
-
- to determine the mailbox list. Because of this, clients should not
- use an unqualified "*" that way in the LIST command. A safer
- approach is to list each level of hierarchy individually, allowing
- the user to traverse the tree one limb at a time, thus:
-
- C: 001 LIST "" %
- S: * LIST () "/" Banana
- S: * LIST ...etc...
- S: 001 OK done
-
- and then
-
- C: 002 LIST "" Banana/%
- S: * LIST () "/" Banana/Apple
- S: * LIST ...etc...
- S: 002 OK done
-
- Using this technique the client's user interface can give the user
- full flexibility without choking on the voluminous reply to "LIST *".
-
- Of course, it is still possible that the reply to
-
- C: 005 LIST "" alt.fan.celebrity.%
-
- may be thousands of entries long, and there is, unfortunately,
- nothing the client can do to protect itself from that. This has not
- yet been a notable problem.
-
- Servers that may export circular hierarchies (any server that
- directly presents a UNIX file system, for instance) should limit the
- hierarchy depth to prevent unlimited LIST responses. A suggested
- depth limit is 20 hierarchy levels.
-
-
-
-
-Leiba Informational [Page 5]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
-3.2.1.2. Fetching the List of Messages
-
- When a client selects a mailbox, it is given a count, in the untagged
- EXISTS response, of the messages in the mailbox. This number can be
- very large. In such a case it might be unwise to use
-
- C: 004 FETCH 1:* ALL
-
- to populate the user's view of the mailbox. One good method to avoid
- problems with this is to batch the requests, thus:
-
- C: 004 FETCH 1:50 ALL
- S: * 1 FETCH ...etc...
- S: 004 OK done
- C: 005 FETCH 51:100 ALL
- S: * 51 FETCH ...etc...
- S: 005 OK done
- C: 006 FETCH 101:150 ALL
- ...etc...
-
- Using this method, another command, such as "FETCH 6 BODY[1]" can be
- inserted as necessary, and the client will not have its access to the
- server blocked by a storm of FETCH replies. (Such a method could be
- reversed to fetch the LAST 50 messages first, then the 50 prior to
- that, and so on.)
-
- As a smart extension of this, a well designed client, prepared for
- very large mailboxes, will not automatically fetch data for all
- messages AT ALL. Rather, the client will populate the user's view
- only as the user sees it, possibly pre-fetching selected information,
- and only fetching other information as the user scrolls to it. For
- example, to select only those messages beginning with the first
- unseen one:
-
- C: 003 SELECT INBOX
- S: * 10000 EXISTS
- S: * 80 RECENT
- S: * FLAGS (\Answered \Flagged \Deleted \Draft \Seen)
- S: * OK [UIDVALIDITY 824708485] UID validity status
- S: * OK [UNSEEN 9921] First unseen message
- S: 003 OK [READ-WRITE] SELECT completed
- C: 004 FETCH 9921:* ALL
- ... etc...
-
- If the server does not return an OK [UNSEEN] response, the client may
- use SEARCH UNSEEN to obtain that value.
-
-
-
-
-
-Leiba Informational [Page 6]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- This mechanism is good as a default presentation method, but only
- works well if the default message order is acceptable. A client may
- want to present various sort orders to the user (by subject, by date
- sent, by sender, and so on) and in that case (lacking a SORT
- extension on the server side) the client WILL have to retrieve all
- message descriptors. A client that provides this service should not
- do it by default and should inform the user of the costs of choosing
- this option for large mailboxes.
-
-3.2.1.3. Fetching a Large Body Part
-
- The issue here is similar to the one for a list of messages. In the
- BODYSTRUCTURE response the client knows the size, in bytes, of the
- body part it plans to fetch. Suppose this is a 70 MB video clip. The
- client can use partial fetches to retrieve the body part in pieces,
- avoiding the problem of an uninterruptible 70 MB literal coming back
- from the server:
-
- C: 022 FETCH 3 BODY[1]<0.20000>
- S: * 3 FETCH (FLAGS(\Seen) BODY[1]<0> {20000}
- S: ...data...)
- S: 022 OK done
- C: 023 FETCH 3 BODY[1]<20001.20000>
- S: * 3 FETCH (BODY[1]<20001> {20000}
- S: ...data...)
- S: 023 OK done
- C: 024 FETCH 3 BODY[1]<40001.20000>
- ...etc...
-
-3.2.1.4. BODYSTRUCTURE vs. Entire Messages
-
- Because FETCH BODYSTRUCTURE is necessary in order to determine the
- number of body parts, and, thus, whether a message has "attachments",
- clients often use FETCH FULL as their normal method of populating the
- user's view of a mailbox. The benefit is that the client can display
- a paperclip icon or some such indication along with the normal
- message summary. However, this comes at a significant cost with some
- server configurations. The parsing needed to generate the FETCH
- BODYSTRUCTURE response may be time-consuming compared with that
- needed for FETCH ENVELOPE. The client developer should consider this
- issue when deciding whether the ability to add a paperclip icon is
- worth the tradeoff in performance, especially with large mailboxes.
-
- Some clients, rather than using FETCH BODYSTRUCTURE, use FETCH BODY[]
- (or the equivalent FETCH RFC822) to retrieve the entire message.
- They then do the MIME parsing in the client. This may give the
- client slightly more flexibility in some areas (access, for instance,
- to header fields that aren't returned in the BODYSTRUCTURE and
-
-
-
-Leiba Informational [Page 7]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- ENVELOPE responses), but it can cause severe performance problems by
- forcing the transfer of all body parts when the user might only want
- to see some of them - a user logged on by modem and reading a small
- text message with a large ZIP file attached may prefer to read the
- text only and save the ZIP file for later. Therefore, a client
- should not normally retrieve entire messages and should retrieve
- message body parts selectively.
-
-3.2.1.5. Long Command Lines
-
- A client can wind up building a very long command line in an effort to
- try to be efficient about requesting information from a server. This
- can typically happen when a client builds a message set from selected
- messages and doesn't recognise that contiguous blocks of messages may
- be group in a range. Suppose a user selects all 10,000 messages in a
- large mailbox and then unselects message 287. The client could build
- that message set as "1:286,288:10000", but a client that doesn't
- handle that might try to enumerate each message individually and build
- "1,2,3,4, [and so on] ,9999,10000". Adding that to the fetch command
- results in a command line that's almost 49,000 octets long, and,
- clearly, one can construct a command line that's even longer.
-
- A client should limit the length of the command lines it generates to
- approximately 1000 octets (including all quoted strings but not
- including literals). If the client is unable to group things into
- ranges so that the command line is within that length, it should
- split the request into multiple commands. The client should use
- literals instead of long quoted strings, in order to keep the command
- length down.
-
- For its part, a server should allow for a command line of at least
- 8000 octets. This provides plenty of leeway for accepting reasonable
- length commands from clients. The server should send a BAD response
- to a command that does not end within the server's maximum accepted
- command length.
-
-3.2.2. Subscriptions
-
- The client isn't the only entity that can get flooded: the end user,
- too, may need some flood control. The IMAP4 protocol provides such
- control in the form of subscriptions. Most servers support the
- SUBSCRIBE, UNSUBSCRIBE, and LSUB commands, and many users choose to
- narrow down a large list of available mailboxes by subscribing to the
- ones that they usually want to see. Clients, with this in mind,
- should give the user a way to see only subscribed mailboxes. A
- client that never uses the LSUB command takes a significant usability
- feature away from the user. Of course, the client would not want to
- hide the LIST command completely; the user needs to have a way to
-
-
-
-Leiba Informational [Page 8]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- choose between LIST and LSUB. The usual way to do this is to provide
- a setting like "show which mailboxes?: [] all [] subscribed only".
-
-3.2.3. Searching
-
- IMAP SEARCH commands can become particularly troublesome (that is,
- slow) on mailboxes containing a large number of messages. So let's
- put a few things in perspective in that regard.
-
- The flag searches should be fast. The flag searches (ALL, [UN]SEEN,
- [UN]ANSWERED, [UN]DELETED, [UN]DRAFT, [UN]FLAGGED, NEW, OLD, RECENT)
- are known to be used by clients for the client's own use (for
- instance, some clients use "SEARCH UNSEEN" to find unseen mail and
- "SEARCH DELETED" to warn the user before expunging messages).
-
- Other searches, particularly the text searches (HEADER, TEXT, BODY)
- are initiated by the user, rather than by the client itself, and
- somewhat slower performance can be tolerated, since the user is aware
- that the search is being done (and is probably aware that it might be
- time-consuming). A smart server might use dynamic indexing to speed
- commonly used text searches.
-
- The client may allow other commands to be sent to the server while a
- SEARCH is in progress, but at the time of this writing there is
- little or no server support for parallel processing of multiple
- commands in the same session (and see "Multiple Accesses of the Same
- Mailbox" above for a description of the dangers of trying to work
- around this by doing your SEARCH in another session).
-
- Another word about text searches: some servers, built on database
- back-ends with indexed search capabilities, may return search results
- that do not match the IMAP spec's "case-insensitive substring"
- requirements. While these servers are in violation of the protocol,
- there is little harm in the violation as long as the search results
- are used only in response to a user's request. Still, developers of
- such servers should be aware that they ARE violating the protocol,
- should think carefully about that behaviour, and must be certain that
- their servers respond accurately to the flag searches for the reasons
- outlined above.
-
- In addition, servers should support CHARSET UTF-8 [UTF-8] in
- searches.
-
-
-
-
-
-
-
-
-
-Leiba Informational [Page 9]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
-3.3 Avoiding Invalid Requests
-
- IMAP4 provides ways for a server to tell a client in advance what is
- and isn't permitted in some circumstances. Clients should use these
- features to avoid sending requests that a well designed client would
- know to be invalid. This section explains this in more detail.
-
-3.3.1. The CAPABILITY Command
-
- All IMAP4 clients should use the CAPABILITY command to determine what
- version of IMAP and what optional features a server supports. The
- client should not send IMAP4rev1 commands and arguments to a server
- that does not advertize IMAP4rev1 in its CAPABILITY response.
- Similarly, the client should not send IMAP4 commands that no longer
- exist in IMAP4rev1 to a server that does not advertize IMAP4 in its
- CAPABILITY response. An IMAP4rev1 server is NOT required to support
- obsolete IMAP4 or IMAP2bis commands (though some do; do not let this
- fact lull you into thinking that it's valid to send such commands to
- an IMAP4rev1 server).
-
- A client should not send commands to probe for the existance of
- certain extensions. All standard and standards-track extensions
- include CAPABILITY tokens indicating their presense. All private and
- experimental extensions should do the same, and clients that take
- advantage of them should use the CAPABILITY response to determine
- whether they may be used or not.
-
-3.3.2. Don't Do What the Server Says You Can't
-
- In many cases, the server, in response to a command, will tell the
- client something about what can and can't be done with a particular
- mailbox. The client should pay attention to this information and
- should not try to do things that it's been told it can't do.
-
- Examples:
-
- * Do not try to SELECT a mailbox that has the \Noselect flag set.
- * Do not try to CREATE a sub-mailbox in a mailbox that has the
- \Noinferiors flag set.
- * Do not respond to a failing COPY or APPEND command by trying to
- CREATE the target mailbox if the server does not respond with a
- [TRYCREATE] response code.
- * Do not try to expunge a mailbox that has been selected with the
- [READ-ONLY] response code.
-
-
-
-
-
-
-
-Leiba Informational [Page 10]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
-3.4. Miscellaneous Protocol Considerations
-
- We describe here a number of important protocol-related issues, the
- misunderstanding of which has caused significant interoperability
- problems in IMAP4 implementations. One general item is that every
- implementer should be certain to take note of and to understand
- section 2.2.2 and the preamble to section 7 of the IMAP4rev1 spec
- [RFC-2060].
-
-3.4.1. Well Formed Protocol
-
- We cannot stress enough the importance of adhering strictly to the
- protocol grammar. The specification of the protocol is quite rigid;
- do not assume that you can insert blank space for "readability" if
- none is called for. Keep in mind that there are parsers out there
- that will crash if there are protocol errors. There are clients that
- will report every parser burp to the user. And in any case,
- information that cannot be parsed is information that is lost. Be
- careful in your protocol generation. And see "A Word About Testing",
- below.
-
- In particular, note that the string in the INTERNALDATE response is
- NOT an RFC-822 date string - that is, it is not in the same format as
- the first string in the ENVELOPE response. Since most clients will,
- in fact, accept an RFC-822 date string in the INTERNALDATE response,
- it's easy to miss this in your interoperability testing. But it will
- cause a problem with some client, so be sure to generate the correct
- string for this field.
-
-3.4.2. Special Characters
-
- Certain characters, currently the double-quote and the backslash, may
- not be sent as-is inside a quoted string. These characters must be
- preceded by the escape character if they are in a quoted string, or
- else the string must be sent as a literal. Both clients and servers
- must handle this, both on output (they must send these characters
- properly) and on input (they must be able to receive escaped
- characters in quoted strings). Example:
-
- C: 001 LIST "" %
- S: * LIST () "" INBOX
- S: * LIST () "\\" TEST
- S: * LIST () "\\" {12}
- S: "My" mailbox
- S: 001 OK done
- C: 002 LIST "" "\"My\" mailbox\\%"
- S: * LIST () "\\" {17}
- S: "My" mailbox\Junk
-
-
-
-Leiba Informational [Page 11]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- S: 002 OK done
-
- Note that in the example the server sent the hierarchy delimiter as
- an escaped character in the quoted string and sent the mailbox name
- containing imbedded double-quotes as a literal. The client used only
- quoted strings, escaping both the backslash and the double-quote
- characters.
-
- The CR and LF characters may be sent ONLY in literals; they are not
- allowed, even if escaped, inside quoted strings.
-
- And while we're talking about special characters: the IMAP spec, in
- the section titled "Mailbox International Naming Convention",
- describes how to encode mailbox names in modified UTF-7 [UTF-7 and
- RFC-2060]. Implementations must adhere to this in order to be
- interoperable in the international market, and servers should
- validate mailbox names sent by client and reject names that do not
- conform.
-
- As to special characters in userids and passwords: clients must not
- restrict what a user may type in for a userid or a password. The
- formal grammar specifies that these are "astrings", and an astring
- can be a literal. A literal, in turn can contain any 8-bit
- character, and clients must allow users to enter all 8-bit characters
- here, and must pass them, unchanged, to the server (being careful to
- send them as literals when necessary). In particular, some server
- configurations use "@" in user names, and some clients do not allow
- that character to be entered; this creates a severe interoperability
- problem.
-
-3.4.3. UIDs and UIDVALIDITY
-
- Servers that support existing back-end mail stores often have no good
- place to save UIDs for messages. Often the existing mail store will
- not have the concept of UIDs in the sense that IMAP has: strictly
- increasing, never re-issued, 32-bit integers. Some servers solve
- this by storing the UIDs in a place that's accessible to end users,
- allowing for the possibility that the users will delete them. Others
- solve it by re-assigning UIDs every time a mailbox is selected.
-
- The server should maintain UIDs permanently for all messages if it
- can. If that's not possible, the server must change the UIDVALIDITY
- value for the mailbox whenever any of the UIDs may have become
- invalid. Clients must recognize that the UIDVALIDITY has changed and
- must respond to that condition by throwing away any information that
- they have saved about UIDs in that mailbox. There have been many
- problems in this area when clients have failed to do this; in the
- worst case it will result in loss of mail when a client deletes the
-
-
-
-Leiba Informational [Page 12]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- wrong piece of mail by using a stale UID.
-
- It seems to be a common misunderstanding that "the UIDVALIDITY and
- the UID, taken together, form a 64-bit identifier that uniquely
- identifies a message on a server". This is absolutely NOT TRUE.
- There is no assurance that the UIDVALIDITY values of two mailboxes be
- different, so the UIDVALIDITY in no way identifies a mailbox. The
- ONLY purpose of UIDVALIDITY is, as its name indicates, to give the
- client a way to check the validity of the UIDs it has cached. While
- it is a valid implementation choice to put these values together to
- make a 64-bit identifier for the message, the important concept here
- is that UIDs are not unique between mailboxes; they are only unique
- WITHIN a given mailbox.
-
- Some server implementations have attempted to make UIDs unique across
- the entire server. This is inadvisable, in that it limits the life
- of UIDs unnecessarily. The UID is a 32-bit number and will run out
- in reasonably finite time if it's global across the server. If you
- assign UIDs sequentially in one mailbox, you will not have to start
- re-using them until you have had, at one time or another, 2**32
- different messages in that mailbox. In the global case, you will
- have to reuse them once you have had, at one time or another, 2**32
- different messages in the entire mail store. Suppose your server has
- around 8000 users registered (2**13). That gives an average of 2**19
- UIDs per user. Suppose each user gets 32 messages (2**5) per day.
- That gives you 2**14 days (16000+ days = about 45 years) before you
- run out. That may seem like enough, but multiply the usage just a
- little (a lot of spam, a lot of mailing list subscriptions, more
- users) and you limit yourself too much.
-
- What's worse is that if you have to wrap the UIDs, and, thus, you
- have to change UIDVALIDITY and invalidate the UIDs in the mailbox,
- you have to do it for EVERY mailbox in the system, since they all
- share the same UID pool. If you assign UIDs per mailbox and you have
- a problem, you only have to kill the UIDs for that one mailbox.
-
- Under extreme circumstances (and this is extreme, indeed), the server
- may have to invalidate UIDs while a mailbox is in use by a client -
- that is, the UIDs that the client knows about in its active mailbox
- are no longer valid. In that case, the server must immediately
- change the UIDVALIDITY and must communicate this to the client. The
- server may do this by sending an unsolicited UIDVALIDITY message, in
- the same form as in response to the SELECT command. Clients must be
- prepared to handle such a message and the possibly coincident failure
- of the command in process. For example:
-
-
-
-
-
-
-Leiba Informational [Page 13]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- C: 032 UID STORE 382 +Flags.silent \Deleted
- S: * OK [UIDVALIDITY 12345] New UIDVALIDITY value!
- S: 032 NO UID command rejected because UIDVALIDITY changed!
- C: ...invalidates local information and re-fetches...
- C: 033 FETCH 1:* UID
- ...etc...
-
- At the time of the writing of this document, the only server known to
- do this does so only under the following condition: the client
- selects INBOX, but there is not yet a physical INBOX file created.
- Nonetheless, the SELECT succeeds, exporting an empty INBOX with a
- temporary UIDVALIDITY of 1. While the INBOX remains selected, mail
- is delivered to the user, which creates the real INBOX file and
- assigns a permanent UIDVALIDITY (that is likely not to be 1). The
- server reports the change of UIDVALIDITY, but as there were no
- messages before, so no UIDs have actually changed, all the client
- must do is accept the change in UIDVALIDITY.
-
- Alternatively, a server may force the client to re-select the
- mailbox, at which time it will obtain a new UIDVALIDITY value. To do
- this, the server closes this client session (see "Severed
- Connections" above) and the client then reconnects and gets back in
- synch. Clients must be prepared for either of these behaviours.
-
- We do not know of, nor do we anticipate the future existance of, a
- server that changes UIDVALIDITY while there are existing messages,
- but clients must be prepared to handle this eventuality.
-
-3.4.4. FETCH Responses
-
- When a client asks for certain information in a FETCH command, the
- server may return the requested information in any order, not
- necessarily in the order that it was requested. Further, the server
- may return the information in separate FETCH responses and may also
- return information that was not explicitly requested (to reflect to
- the client changes in the state of the subject message). Some
- examples:
-
- C: 001 FETCH 1 UID FLAGS INTERNALDATE
- S: * 5 FETCH (FLAGS (\Deleted))
- S: * 1 FETCH (FLAGS (\Seen) INTERNALDATE "..." UID 345)
- S: 001 OK done
-
- (In this case, the responses are in a different order. Also, the
- server returned a flag update for message 5, which wasn't part of the
- client's request.)
-
-
-
-
-
-Leiba Informational [Page 14]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- C: 002 FETCH 2 UID FLAGS INTERNALDATE
- S: * 2 FETCH (INTERNALDATE "...")
- S: * 2 FETCH (UID 399)
- S: * 2 FETCH (FLAGS ())
- S: 002 OK done
-
- (In this case, the responses are in a different order and were
- returned in separate responses.)
-
- C: 003 FETCH 2 BODY[1]
- S: * 2 FETCH (FLAGS (\Seen) BODY[1] {14}
- S: Hello world!
- S: )
- S: 003 OK done
-
- (In this case, the FLAGS response was added by the server, since
- fetching the body part caused the server to set the \Seen flag.)
-
- Because of this characteristic a client must be ready to receive any
- FETCH response at any time and should use that information to update
- its local information about the message to which the FETCH response
- refers. A client must not assume that any FETCH responses will come
- in any particular order, or even that any will come at all. If after
- receiving the tagged response for a FETCH command the client finds
- that it did not get all of the information requested, the client
- should send a NOOP command to the server to ensure that the server
- has an opportunity to send any pending EXPUNGE responses to the
- client (see [RFC-2180]).
-
-3.4.5. RFC822.SIZE
-
- Some back-end mail stores keep the mail in a canonical form, rather
- than retaining the original MIME format of the messages. This means
- that the server must reassemble the message to produce a MIME stream
- when a client does a fetch such as RFC822 or BODY[], requesting the
- entire message. It also may mean that the server has no convenient
- way to know the RFC822.SIZE of the message. Often, such a server
- will actually have to build the MIME stream to compute the size, only
- to throw the stream away and report the size to the client.
-
- When this is the case, some servers have chosen to estimate the size,
- rather than to compute it precisely. Such an estimate allows the
- client to display an approximate size to the user and to use the
- estimate in flood control considerations (q.v.), but requires that
- the client not use the size for things such as allocation of buffers,
- because those buffers might then be too small to hold the actual MIME
- stream. Instead, a client should use the size that's returned in the
- literal when you fetch the data.
-
-
-
-Leiba Informational [Page 15]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- The protocol requires that the RFC822.SIZE value returned by the
- server be EXACT. Estimating the size is a protocol violation, and
- server designers must be aware that, despite the performance savings
- they might realize in using an estimate, this practice will cause
- some clients to fail in various ways. If possible, the server should
- compute the RFC822.SIZE for a particular message once, and then save
- it for later retrieval. If that's not possible, the server must
- compute the value exactly every time. Incorrect estimates do cause
- severe interoperability problems with some clients.
-
-3.4.6. Expunged Messages
-
- If the server allows multiple connections to the same mailbox, it is
- often possible for messages to be expunged in one client unbeknownst
- to another client. Since the server is not allowed to tell the
- client about these expunged messages in response to a FETCH command,
- the server may have to deal with the issue of how to return
- information about an expunged message. There was extensive
- discussion about this issue, and the results of that discussion are
- summarized in [RFC-2180]. See that reference for a detailed
- explanation and for recommendations.
-
-3.4.7. The Namespace Issue
-
- Namespaces are a very muddy area in IMAP4 implementation right now
- (see [NAMESPACE] for a proposal to clear the water a bit). Until the
- issue is resolved, the important thing for client developers to
- understand is that some servers provide access through IMAP to more
- than just the user's personal mailboxes, and, in fact, the user's
- personal mailboxes may be "hidden" somewhere in the user's default
- hierarchy. The client, therefore, should provide a setting wherein
- the user can specify a prefix to be used when accessing mailboxes. If
- the user's mailboxes are all in "~/mail/", for instance, then the
- user can put that string in the prefix. The client would then put
- the prefix in front of any name pattern in the LIST and LSUB
- commands:
-
- C: 001 LIST "" ~/mail/%
-
- (See also "Reference Names in the LIST Command" below.)
-
-3.4.8. Creating Special-Use Mailboxes
-
- It may seem at first that this is part of the namespace issue; it is
- not, and is only indirectly related to it. A number of clients like
- to create special-use mailboxes with particular names. Most
- commonly, clients with a "trash folder" model of message deletion
- want to create a mailbox with the name "Trash" or "Deleted". Some
-
-
-
-Leiba Informational [Page 16]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- clients want to create a "Drafts" mailbox, an "Outbox" mailbox, or a
- "Sent Mail" mailbox. And so on. There are two major
- interoperability problems with this practice:
-
- 1. different clients may use different names for mailboxes with
- similar functions (such as "Trash" and "Deleted"), or may manage
- the same mailboxes in different ways, causing problems if a user
- switches between clients and
- 2. there is no guarantee that the server will allow the creation of
- the desired mailbox.
-
- The client developer is, therefore, well advised to consider
- carefully the creation of any special-use mailboxes on the server,
- and, further, the client must not require such mailbox creation -
- that is, if you do decide to do this, you must handle gracefully the
- failure of the CREATE command and behave reasonably when your
- special-use mailboxes do not exist and can not be created.
-
- In addition, the client developer should provide a convenient way for
- the user to select the names for any special-use mailboxes, allowing
- the user to make these names the same in all clients used and to put
- them where the user wants them.
-
-3.4.9. Reference Names in the LIST Command
-
- Many implementers of both clients and servers are confused by the
- "reference name" on the LIST command. The reference name is intended
- to be used in much the way a "cd" (change directory) command is used
- on Unix, PC DOS, Windows, and OS/2 systems. That is, the mailbox
- name is interpreted in much the same way as a file of that name would
- be found if one had done a "cd" command into the directory specified
- by the reference name. For example, in Unix we have the following:
-
- > cd /u/jones/junk
- > vi banana [file is "/u/jones/junk/banana"]
- > vi stuff/banana [file is "/u/jones/junk/stuff/banana"]
- > vi /etc/hosts [file is "/etc/hosts"]
-
- In the past, there have been several interoperability problems with
- this. First, while some IMAP servers are built on Unix or PC file
- systems, many others are not, and the file system semantics do not
- make sense in those configurations. Second, while some IMAP servers
- expose the underlying file system to the clients, others allow access
- only to the user's personal mailboxes, or to some other limited set
- of files, making such file-system-like semantics less meaningful.
- Third, because the IMAP spec leaves the interpretation of the
- reference name as "implementation-dependent", in the past the various
- server implementations handled it in vastly differing ways.
-
-
-
-Leiba Informational [Page 17]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- The following recommendations are the result of significant
- operational experience, and are intended to maximize
- interoperability.
-
- Server implementations must implement the reference argument in a way
- that matches the intended "change directory" operation as closely as
- possible. As a minimum implementation, the reference argument may be
- prepended to the mailbox name (while suppressing double delimiters;
- see the next paragraph). Even servers that do not provide a way to
- break out of the current hierarchy (see "breakout facility" below)
- must provide a reasonable implementation of the reference argument,
- as described here, so that they will interoperate with clients that
- use it.
-
- Server implementations that prepend the reference argument to the
- mailbox name should insert a hierarchy delimiter between them, and
- must not insert a second if one is already present:
-
- C: A001 LIST ABC DEF
- S: * LIST () "/" ABC/DEF <=== should do this
- S: A001 OK done
-
- C: A002 LIST ABC/ /DEF
- S: * LIST () "/" ABC//DEF <=== must not do this
- S: A002 OK done
-
- On clients, the reference argument is chiefly used to implement a
- "breakout facility", wherein the user may directly access a mailbox
- outside the "current directory" hierarchy. Client implementations
- should have an operational mode that does not use the reference
- argument. This is to interoperate with older servers that did not
- implement the reference argument properly. While it's a good idea to
- give the user access to a breakout facility, clients that do not
- intend to do so should not use the reference argument at all.
-
- Client implementations should always place a trailing hierarchy
- delimiter on the reference argument. This is because some servers
- prepend the reference argument to the mailbox name without inserting
- a hierarchy delimiter, while others do insert a hierarchy delimiter
- if one is not already present. A client that puts the delimiter in
- will work with both varieties of server.
-
- Client implementations that implement a breakout facility should
- allow the user to choose whether or not to use a leading hierarchy
- delimiter on the mailbox argument. This is because the handling of a
- leading mailbox hierarchy delimiter also varies from server to
- server, and even between different mailstores on the same server. In
- some cases, a leading hierarchy delimiter means "discard the
-
-
-
-Leiba Informational [Page 18]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- reference argument" (implementing the intended breakout facility),
- thus:
-
- C: A001 LIST ABC/ /DEF
- S: * LIST () "/" /DEF
- S: A001 OK done
-
- In other cases, however, the two are catenated and the extra
- hierarchy delimiter is discarded, thus:
-
- C: A001 LIST ABC/ /DEF
- S: * LIST () "/" ABC/DEF
- S: A001 OK done
-
- Client implementations must not assume that the server supports a
- breakout facility, but may provide a way for the user to use one if
- it is available. Any breakout facility should be exported to the
- user interface. Note that there may be other "breakout" characters
- besides the hierarchy delimiter (for instance, UNIX filesystem
- servers are likely to use a leading "~" as well), and that their
- interpretation is server-dependent.
-
-3.4.10. Mailbox Hierarchy Delimiters
-
- The server's selection of what to use as a mailbox hierarchy
- delimiter is a difficult one, involving several issues: What
- characters do users expect to see? What characters can they enter
- for a hierarchy delimiter if it is desired (or required) that the
- user enter it? What character can be used for the hierarchy
- delimiter, noting that the chosen character can not otherwise be used
- in the mailbox name?
-
- Because some interfaces show users the hierarchy delimiters or allow
- users to enter qualified mailbox names containing them, server
- implementations should use delimiter characters that users generally
- expect to see as name separators. The most common characters used
- for this are "/" (as in Unix file names), "\" (as in OS/2 and Windows
- file names), and "." (as in news groups). There is little to choose
- among these apart from what users may expect or what is dictated by
- the underlying file system, if any. One consideration about using
- "\" is that it's also a special character in the IMAP protocol. While
- the use of other hierarchy delimiter characters is permissible, A
- DESIGNER IS WELL ADVISED TO STAY WITH ONE FROM THIS SET unless the
- server is intended for special purposes only. Implementers might be
- thinking about using characters such as "-", "_", ";", "&", "#", "@",
- and "!", but they should be aware of the surprise to the user as well
- as of the effect on URLs and other external specifications (since
- some of these characters have special meanings there). Also, a
-
-
-
-Leiba Informational [Page 19]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- server that uses "\" (and clients of such a server) must remember to
- escape that character in quoted strings or to send literals instead.
- Literals are recommended over escaped characters in quoted strings in
- order to maintain compatibility with older IMAP versions that did not
- allow escaped characters in quoted strings (but check the grammar to
- see where literals are allowed):
-
- C: 001 LIST "" {13}
- S: + send literal
- C: this\%\%\%\h*
- S: * LIST () "\\" {27}
- S: this\is\a\mailbox\hierarchy
- S: 001 OK LIST complete
-
- In any case, a server should not use normal alpha-numeric characters
- (such as "X" or "0") as delimiters; a user would be very surprised to
- find that "EXPENDITURES" actually represented a two-level hierarchy.
- And a server should not use characters that are non-printable or
- difficult or impossible to enter on a standard US keyboard. Control
- characters, box-drawing characters, and characters from non-US
- alphabets fit into this category. Their use presents
- interoperability problems that are best avoided.
-
- The UTF-7 encoding of mailbox names also raises questions about what
- to do with the hierarchy delimiters in encoded names: do we encode
- each hierarchy level and separate them with delimiters, or do we
- encode the fully qualified name, delimiters and all? The answer for
- IMAP is the former: encode each hierarchy level separately, and
- insert delimiters between. This makes it particularly important not
- to use as a hierarchy delimiter a character that might cause
- confusion with IMAP's modified UTF-7 [UTF-7 and RFC-2060] encoding.
-
- To repeat: a server should use "/", "\", or "." as its hierarchy
- delimiter. The use of any other character is likely to cause
- problems and is STRONGLY DISCOURAGED.
-
-3.4.11. ALERT Response Codes
-
- The protocol spec is very clear on the matter of what to do with
- ALERT response codes, and yet there are many clients that violate it
- so it needs to be said anyway: "The human-readable text contains a
- special alert that must be presented to the user in a fashion that
- calls the user's attention to the message." That should be clear
- enough, but I'll repeat it here: Clients must present ALERT text
- clearly to the user.
-
-
-
-
-
-
-Leiba Informational [Page 20]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
-3.4.12. Deleting Mailboxes
-
- The protocol does not guarantee that a client may delete a mailbox
- that is not empty, though on some servers it is permissible and is,
- in fact, much faster than the alternative or deleting all the
- messages from the client. If the client chooses to try to take
- advantage of this possibility it must be prepared to use the other
- method in the even that the more convenient one fails. Further, a
- client should not try to delete the mailbox that it has selected, but
- should first close that mailbox; some servers do not permit the
- deletion of the selected mailbox.
-
- That said, a server should permit the deletion of a non-empty
- mailbox; there's little reason to pass this work on to the client.
- Moreover, forbidding this prevents the deletion of a mailbox that for
- some reason can not be opened or expunged, leading to possible
- denial-of-service problems.
-
- Example:
-
- [User tells the client to delete mailbox BANANA, which is
- currently selected...]
- C: 008 CLOSE
- S: 008 OK done
- C: 009 DELETE BANANA
- S: 009 NO Delete failed; mailbox is not empty.
- C: 010 SELECT BANANA
- S: * ... untagged SELECT responses
- S: 010 OK done
- C: 011 STORE 1:* +FLAGS.SILENT \DELETED
- S: 011 OK done
- C: 012 CLOSE
- S: 012 OK done
- C: 013 DELETE BANANA
- S: 013 OK done
-
-3.5. A Word About Testing
-
- Since the whole point of IMAP is interoperability, and since
- interoperability can not be tested in a vacuum, the final
- recommendation of this treatise is, "Test against EVERYTHING." Test
- your client against every server you can get an account on. Test
- your server with every client you can get your hands on. Many
- clients make limited test versions available on the Web for the
- downloading. Many server owners will give serious client developers
- guest accounts for testing. Contact them and ask. NEVER assume that
- because your client works with one or two servers, or because your
- server does fine with one or two clients, you will interoperate well
-
-
-
-Leiba Informational [Page 21]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
- in general.
-
- In particular, in addition to everything else, be sure to test
- against the reference implementations: the PINE client, the
- University of Washington server, and the Cyrus server.
-
- See the following URLs on the web for more information here:
-
- IMAP Products and Sources: http://www.imap.org/products.html
- IMC MailConnect: http://www.imc.org/imc-mailconnect
-
-4. Security Considerations
-
- This document describes behaviour of clients and servers that use the
- IMAP4 protocol, and as such, has the same security considerations as
- described in [RFC-2060].
-
-5. References
-
- [RFC-2060] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, December 1996.
-
- [RFC-2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC-2180] Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice", RFC
- 2180, July 1997.
-
- [UTF-8] Yergeau, F., " UTF-8, a transformation format of Unicode
- and ISO 10646", RFC 2044, October 1996.
-
- [UTF-7] Goldsmith, D. and M. Davis, "UTF-7, a Mail-Safe
- Transformation Format of Unicode", RFC 2152, May 1997.
-
- [NAMESPACE] Gahrns, M. and C. Newman, "IMAP4 Namespace", Work in
- Progress.
-
-6. Author's Address
-
- Barry Leiba
- IBM T.J. Watson Research Center
- 30 Saw Mill River Road
- Hawthorne, NY 10532
-
- Phone: 1-914-784-7941
- EMail: leiba@watson.ibm.com
-
-
-
-
-
-Leiba Informational [Page 22]
-
-RFC 2683 IMAP4 Implementation Recommendations September 1999
-
-
-7. Full Copyright Statement
-
- Copyright (C) The Internet Society (1999). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Leiba Informational [Page 23]
-
diff --git a/imap/docs/rfc/rfc2971.txt b/imap/docs/rfc/rfc2971.txt
deleted file mode 100644
index 9e7264dc..00000000
--- a/imap/docs/rfc/rfc2971.txt
+++ /dev/null
@@ -1,451 +0,0 @@
-
-
-
-
-
-
-Network Working Group T. Showalter
-Request for Comments: 2971 Mirapoint, Inc.
-Category: Standards Track October 2000
-
-
- IMAP4 ID extension
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2000). All Rights Reserved.
-
-Abstract
-
- The ID extension to the Internet Message Access Protocol - Version
- 4rev1 (IMAP4rev1) protocol allows the server and client to exchange
- identification information on their implementation in order to make
- bug reports and usage statistics more complete.
-
-1. Introduction
-
- The IMAP4rev1 protocol described in [IMAP4rev1] provides a method for
- accessing remote mail stores, but it provides no facility to
- advertise what program a client or server uses to provide service.
- This makes it difficult for implementors to get complete bug reports
- from users, as it is frequently difficult to know what client or
- server is in use.
-
- Additionally, some sites may wish to assemble usage statistics based
- on what clients are used, but in an an environment where users are
- permitted to obtain and maintain their own clients this is difficult
- to accomplish.
-
- The ID command provides a facility to advertise information on what
- programs are being used along with contact information (should bugs
- ever occur).
-
-
-
-
-
-
-
-
-Showalter Standards Track [Page 1]
-
-RFC 2971 IMAP4 ID extension October 2000
-
-
-2. Conventions Used in this Document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [KEYWORDS].
-
- The conventions used in this document are the same as specified in
- [IMAP4rev1]. In examples, "C:" and "S:" indicate lines sent by the
- client and server respectively. Line breaks have been inserted for
- readability.
-
-3. Specification
-
- The sole purpose of the ID extension is to enable clients and servers
- to exchange information on their implementations for the purposes of
- statistical analysis and problem determination.
-
- This information is be submitted to a server by any client wishing to
- provide information for statistical purposes, provided the server
- advertises its willingness to take the information with the atom "ID"
- included in the list of capabilities returned by the CAPABILITY
- command.
-
- Implementations MUST NOT make operational changes based on the data
- sent as part of the ID command or response. The ID command is for
- human consumption only, and is not to be used in improving the
- performance of clients or servers.
-
- This includes, but is not limited to, the following:
-
- Servers MUST NOT attempt to work around client bugs by using
- information from the ID command. Clients MUST NOT attempt to work
- around server bugs based on the ID response.
-
- Servers MUST NOT provide features to a client or otherwise
- optimize for a particular client by using information from the ID
- command. Clients MUST NOT provide features to a server or
- otherwise optimize for a particular server based on the ID
- response.
-
- Servers MUST NOT deny access to or refuse service for a client
- based on information from the ID command. Clients MUST NOT refuse
- to operate or limit their operation with a server based on the ID
- response.
-
-
-
-
-
-
-
-Showalter Standards Track [Page 2]
-
-RFC 2971 IMAP4 ID extension October 2000
-
-
- Rationale: It is imperative that this extension not supplant IMAP's
- CAPABILITY mechanism with a ad-hoc approach where implementations
- guess each other's features based on who they claim to be.
-
- Implementations MUST NOT send false information in an ID command.
-
- Implementations MAY send less information than they have available or
- no information at all. Such behavior may be useful to preserve user
- privacy. See Security Considerations, section 7.
-
-3.1. ID Command
-
- Arguments: client parameter list or NIL
-
- Responses: OPTIONAL untagged response: ID
-
- Result: OK identification information accepted
- BAD command unknown or arguments invalid
-
- Implementation identification information is sent by the client with
- the ID command.
-
- This command is valid in any state.
-
- The information sent is in the form of a list of field/value pairs.
- Fields are permitted to be any IMAP4 string, and values are permitted
- to be any IMAP4 string or NIL. A value of NIL indicates that the
- client can not or will not specify this information. The client may
- also send NIL instead of the list, indicating that it wants to send
- no information, but would still accept a server response.
-
- The available fields are defined in section 3.3.
-
- Example: C: a023 ID ("name" "sodr" "version" "19.34" "vendor"
- "Pink Floyd Music Limited")
- S: * ID NIL
- S: a023 OK ID completed
-
-3.2. ID Response
-
- Contents: server parameter list
-
- In response to an ID command issued by the client, the server replies
- with a tagged response containing information on its implementation.
- The format is the same as the client list.
-
-
-
-
-
-
-Showalter Standards Track [Page 3]
-
-RFC 2971 IMAP4 ID extension October 2000
-
-
- Example: C: a042 ID NIL
- S: * ID ("name" "Cyrus" "version" "1.5" "os" "sunos"
- "os-version" "5.5" "support-url"
- "mailto:cyrus-bugs+@andrew.cmu.edu")
- S: a042 OK ID command completed
-
- A server MUST send a tagged ID response to an ID command. However, a
- server MAY send NIL in place of the list.
-
-3.3. Defined Field Values
-
- Any string may be sent as a field, but the following are defined to
- describe certain values that might be sent. Implementations are free
- to send none, any, or all of these. Strings are not case-sensitive.
- Field strings MUST NOT be longer than 30 octets. Value strings MUST
- NOT be longer than 1024 octets. Implementations MUST NOT send more
- than 30 field-value pairs.
-
- name Name of the program
- version Version number of the program
- os Name of the operating system
- os-version Version of the operating system
- vendor Vendor of the client/server
- support-url URL to contact for support
- address Postal address of contact/vendor
- date Date program was released, specified as a date-time
- in IMAP4rev1
- command Command used to start the program
- arguments Arguments supplied on the command line, if any
- if any
- environment Description of environment, i.e., UNIX environment
- variables or Windows registry settings
-
- Implementations MUST NOT use contact information to submit automatic
- bug reports. Implementations may include information from an ID
- response in a report automatically prepared, but are prohibited from
- sending the report without user authorization.
-
- It is preferable to find the name and version of the underlying
- operating system at runtime in cases where this is possible.
-
- Information sent via an ID response may violate user privacy. See
- Security Considerations, section 7.
-
- Implementations MUST NOT send the same field name more than once.
-
-
-
-
-
-
-Showalter Standards Track [Page 4]
-
-RFC 2971 IMAP4 ID extension October 2000
-
-
-4. Formal Syntax
-
- This syntax is intended to augment the grammar specified in
- [IMAP4rev1] in order to provide for the ID command. This
- specification uses the augmented Backus-Naur Form (BNF) notation as
- used in [IMAP4rev1].
-
- command_any ::= "CAPABILITY" / "LOGOUT" / "NOOP" / x_command / id
- ;; adds id command to command_any in [IMAP4rev1]
-
- id ::= "ID" SPACE id_params_list
-
- id_response ::= "ID" SPACE id_params_list
-
- id_params_list ::= "(" #(string SPACE nstring) ")" / nil
- ;; list of field value pairs
-
- response_data ::= "*" SPACE (resp_cond_state / resp_cond_bye /
- mailbox_data / message_data / capability_data / id_response)
-
-5. Use of the ID extension with Firewalls and Other Intermediaries
-
- There exist proxies, firewalls, and other intermediary systems that
- can intercept an IMAP session and make changes to the data exchanged
- in the session. Such intermediaries are not anticipated by the IMAP4
- protocol design and are not within the scope of the IMAP4 standard.
- However, in order for the ID command to be useful in the presence of
- such intermediaries, those intermediaries need to take special note
- of the ID command and response. In particular, if an intermediary
- changes any part of the IMAP session it must also change the ID
- command to advertise its presence.
-
- A firewall MAY act to block transmission of specific information
- fields in the ID command and response that it believes reveal
- information that could expose a security vulnerability. However, a
- firewall SHOULD NOT disable the extension, when present, entirely,
- and SHOULD NOT unconditionally remove either the client or server
- list.
-
- Finally, it should be noted that a firewall, when handling a
- CAPABILITY response, MUST NOT allow the names of extensions to be
- returned to the client that the firewall has no knowledge of.
-
-
-
-
-
-
-
-
-
-Showalter Standards Track [Page 5]
-
-RFC 2971 IMAP4 ID extension October 2000
-
-
-6. References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", RFC 2119, March 1997.
-
- [IMAP4rev1] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, October 1996.
-
- [RFC-822] Crocker, D., "Standard for the Format of ARPA Internet
- Text Messages", STD 11, RFC 822, August 1982.
-
-7. Security Considerations
-
- This extension has the danger of violating the privacy of users if
- misused. Clients and servers should notify users that they implement
- and enable the ID command.
-
- It is highly desirable that implementations provide a method of
- disabling ID support, perhaps by not sending ID at all, or by sending
- NIL as the argument to the ID command or response.
-
- Implementors must exercise extreme care in adding fields sent as part
- of an ID command or response. Some fields, including a processor ID
- number, Ethernet address, or other unique (or mostly unique)
- identifier allow tracking of users in ways that violate user privacy
- expectations.
-
- Having implementation information of a given client or server may
- make it easier for an attacker to gain unauthorized access due to
- security holes.
-
- Since this command includes arbitrary data and does not require the
- user to authenticate, server implementations are cautioned to guard
- against an attacker sending arbitrary garbage data in order to fill
- up the ID log. In particular, if a server naively logs each ID
- command to disk without inspecting it, an attacker can simply fire up
- thousands of connections and send a few kilobytes of random data.
- Servers have to guard against this. Methods include truncating
- abnormally large responses; collating responses by storing only a
- single copy, then keeping a counter of the number of times that
- response has been seen; keeping only particularly interesting parts
- of responses; and only logging responses of users who actually log
- in.
-
- Security is affected by firewalls which modify the IMAP protocol
- stream; see section 5, Use of the ID Extension with Firewalls and
- Other Intermediaries, for more information.
-
-
-
-
-Showalter Standards Track [Page 6]
-
-RFC 2971 IMAP4 ID extension October 2000
-
-
-8. Author's Address
-
- Tim Showalter
- Mirapoint, Inc.
- 909 Hermosa Ct.
- Sunnyvale, CA 94095
-
- EMail: tjs@mirapoint.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Showalter Standards Track [Page 7]
-
-RFC 2971 IMAP4 ID extension October 2000
-
-
-9. Full Copyright Statement
-
- Copyright (C) The Internet Society (2000). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Showalter Standards Track [Page 8]
-
diff --git a/imap/docs/rfc/rfc3348.txt b/imap/docs/rfc/rfc3348.txt
deleted file mode 100644
index 500871cc..00000000
--- a/imap/docs/rfc/rfc3348.txt
+++ /dev/null
@@ -1,339 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Gahrns
-Request for Comments: 3348 R. Cheng
-Category: Informational Microsoft
- July 2002
-
-
- The Internet Message Action Protocol (IMAP4)
- Child Mailbox Extension
-
-Status of this Memo
-
- This memo provides information for the Internet community. It does
- not specify an Internet standard of any kind. Distribution of this
- memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2002). All Rights Reserved.
-
-Abstract
-
- The Internet Message Action Protocol (IMAP4) CHILDREN extension
- provides a mechanism for a client to efficiently determine if a
- particular mailbox has children, without issuing a LIST "" * or a
- LIST "" % for each mailbox.
-
-1. Conventions used in this document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively. If such lines are wrapped without a new "C:" or
- "S:" label, then the wrapping is for editorial clarity and is not
- part of the command.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC-2119].
-
-2. Introduction and Overview
-
- Many IMAP4 [RFC-2060] clients present to the user a hierarchical view
- of the mailboxes that a user has access to. Rather than initially
- presenting to the user the entire mailbox hierarchy, it is often
- preferable to show to the user a collapsed outline list of the
- mailbox hierarchy (particularly if there is a large number of
- mailboxes). The user can then expand the collapsed outline hierarchy
- as needed. It is common to include within the collapsed hierarchy a
-
-
-
-
-
-Gahrns, et al. Informational [Page 1]
-
-RFC 3348 IMAP4 Child Mailbox Extension July 2002
-
-
- visual clue (such as a "+") to indicate that there are child
- mailboxes under a particular mailbox. When the visual clue is
- clicked the hierarchy list is expanded to show the child mailboxes.
-
- Several IMAP vendors implemented this proposal, and it is proposed to
- document this behavior and functionality as an Informational RFC.
-
- There is interest in addressing the general extensibility of the IMAP
- LIST command through an IMAP LIST Extension draft. Similar
- functionality to the \HasChildren and \HasNoChildren flags could be
- incorporated into this new LIST Extension. It is proposed that the
- more general LIST Extension draft proceed on the standards track with
- this proposal being relegated to informational status only.
-
- If the functionality of the \HasChildren and \HasNoChildren flags
- were incorporated into a more general LIST extension, this would have
- the advantage that a client could then have the opportunity to
- request whether or not the server should return this information.
- This would be an advantage over the current draft for servers where
- this information is expensive to compute, since the server would only
- need to compute the information when it knew that the client
- requesting the information was able to consume it.
-
-3. Requirements
-
- IMAP4 servers that support this extension MUST list the keyword
- CHILDREN in their CAPABILITY response.
-
- The CHILDREN extension defines two new attributes that MAY be
- returned within a LIST response.
-
- \HasChildren - The presence of this attribute indicates that the
- mailbox has child mailboxes.
-
- Servers SHOULD NOT return \HasChildren if child mailboxes exist, but
- none will be displayed to the current user in a LIST response (as
- should be the case where child mailboxes exist, but a client does not
- have permissions to access them.) In this case, \HasNoChildren
- SHOULD be used.
-
- In many cases, however, a server may not be able to efficiently
- compute whether a user has access to all child mailboxes, or multiple
- users may be accessing the same account and simultaneously changing
- the mailbox hierarchy. As such a client MUST be prepared to accept
- the \HasChildren attribute as a hint. That is, a mailbox MAY be
- flagged with the \HasChildren attribute, but no child mailboxes will
- appear in a subsequent LIST response.
-
-
-
-
-Gahrns, et al. Informational [Page 2]
-
-RFC 3348 IMAP4 Child Mailbox Extension July 2002
-
-
- Example 3.1:
- ============
-
- /*** Consider a server that has the following mailbox hierarchy:
-
- INBOX
- ITEM_1
- ITEM_1A
- ITEM_2
- TOP_SECRET
-
- Where INBOX, ITEM_1 and ITEM_2 are top level mailboxes. ITEM_1A is a
- child mailbox of ITEM_1 and TOP_SECRET is a child mailbox of ITEM_2
- that the currently logged on user does NOT have access to.
-
- Note that in this case, the server is not able to efficiently compute
- access rights to child mailboxes and responds with a \HasChildren
- attribute for mailbox ITEM_2, even though ITEM_2/TOP_SECRET does not
- appear in the list response. ***/
-
- C: A001 LIST "" *
- S: * LIST (\HasNoChildren) "/" INBOX
- S: * LIST (\HasChildren) "/" ITEM_1
- S: * LIST (\HasNoChildren) "/" ITEM_1/ITEM_1A
- S: * LIST (\HasChildren) "/" ITEM_2
- S: A001 OK LIST Completed
-
- \HasNoChildren - The presence of this attribute indicates that the
- mailbox has NO child mailboxes that are accessible to the currently
- authenticated user. If a mailbox has the \Noinferiors attribute, the
- \HasNoChildren attribute is redundant and SHOULD be omitted in the
- LIST response.
-
- In some instances a server that supports the CHILDREN extension MAY
- NOT be able to determine whether a mailbox has children. For example
- it may have difficulty determining whether there are child mailboxes
- when LISTing mailboxes while operating in a particular namespace.
-
- In these cases, a server MAY exclude both the \HasChildren and
- \HasNoChildren attributes in the LIST response. As such, a client
- can not make any assumptions about whether a mailbox has children
- based upon the absence of a single attribute.
-
- It is an error for the server to return both a \HasChildren and a
- \HasNoChildren attribute in a LIST response.
-
-
-
-
-
-
-Gahrns, et al. Informational [Page 3]
-
-RFC 3348 IMAP4 Child Mailbox Extension July 2002
-
-
- It is an error for the server to return both a \HasChildren and a
- \NoInferiors attribute in a LIST response.
-
- Note: the \HasNoChildren attribute should not be confused with the
- IMAP4 [RFC-2060] defined attribute \Noinferiors which indicates that
- no child mailboxes exist now and none can be created in the future.
-
- The \HasChildren and \HasNoChildren attributes might not be returned
- in response to a LSUB response. Many servers maintain a simple
- mailbox subscription list that is not updated when the underlying
- mailbox structure is changed. A client MUST NOT assume that
- hierarchy information will be maintained in the subscription list.
-
- RLIST is a command defined in [RFC-2193] that includes in a LIST
- response mailboxes that are accessible only via referral. That is, a
- client must explicitly issue an RLIST command to see a list of these
- mailboxes. Thus in the case where a mailbox has child mailboxes that
- are available only via referral, the mailboxes would appear as
- \HasNoChildren in response to the LIST command, and \HasChildren in
- response to the RLIST command.
-
-5. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) as described in [ABNF].
-
- Two new mailbox attributes are defined as flag_extensions to the
- IMAP4 mailbox_list response:
-
- HasChildren = "\HasChildren"
-
- HasNoChildren = "\HasNoChildren"
-
-6. Security Considerations
-
- This extension provides a client a more efficient means of
- determining whether a particular mailbox has children. If a mailbox
- has children, but the currently authenticated user does not have
- access to any of them, the server SHOULD respond with a
- \HasNoChildren attribute. In many cases, however, a server may not
- be able to efficiently compute whether a user has access to all child
- mailboxes. If such a server responds with a \HasChildren attribute,
- when in fact the currently authenticated user does not have access to
- any child mailboxes, potentially more information is conveyed about
- the mailbox than intended. A server designed with such levels of
- security in mind SHOULD NOT attach the \HasChildren attribute to a
- mailbox unless the server is certain that the user has access to at
- least one of the child mailboxes.
-
-
-
-Gahrns, et al. Informational [Page 4]
-
-RFC 3348 IMAP4 Child Mailbox Extension July 2002
-
-
-7. References
-
- [RFC-2060] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 2060, December 1996.
-
- [RFC-2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC-2234] Crocker, D. and P. Overell, Editors, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 2234, November 1997.
-
- [RFC-2193] Gahrns, M., "IMAP4 Mailbox Referrals", RFC 2193, September
- 1997.
-
-8. Acknowledgments
-
- The authors would like to thank the participants of several IMC Mail
- Connect events for their input when this idea was originally
- presented and refined.
-
-9. Author's Address
-
- Mike Gahrns
- Microsoft
- One Microsoft Way
- Redmond, WA, 98052
- Phone: (425) 936-9833
- EMail: mikega@microsoft.com
-
- Raymond Cheng
- Microsoft
- One Microsoft Way
- Redmond, WA, 98052
- Phone: (425) 703-4913
- EMail: raych@microsoft.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns, et al. Informational [Page 5]
-
-RFC 3348 IMAP4 Child Mailbox Extension July 2002
-
-
-10. Full Copyright Statement
-
- Copyright (C) The Internet Society (2002). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gahrns, et al. Informational [Page 6]
-
diff --git a/imap/docs/rfc/rfc3501.txt b/imap/docs/rfc/rfc3501.txt
deleted file mode 100644
index 6f470dd1..00000000
--- a/imap/docs/rfc/rfc3501.txt
+++ /dev/null
@@ -1,6052 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 3501 University of Washington
-Obsoletes: 2060 March 2003
-Category: Standards Track
-
-
- INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
-Abstract
-
- The Internet Message Access Protocol, Version 4rev1 (IMAP4rev1)
- allows a client to access and manipulate electronic mail messages on
- a server. IMAP4rev1 permits manipulation of mailboxes (remote
- message folders) in a way that is functionally equivalent to local
- folders. IMAP4rev1 also provides the capability for an offline
- client to resynchronize with the server.
-
- IMAP4rev1 includes operations for creating, deleting, and renaming
- mailboxes, checking for new messages, permanently removing messages,
- setting and clearing flags, RFC 2822 and RFC 2045 parsing, searching,
- and selective fetching of message attributes, texts, and portions
- thereof. Messages in IMAP4rev1 are accessed by the use of numbers.
- These numbers are either message sequence numbers or unique
- identifiers.
-
- IMAP4rev1 supports a single server. A mechanism for accessing
- configuration information to support multiple IMAP4rev1 servers is
- discussed in RFC 2244.
-
- IMAP4rev1 does not specify a means of posting mail; this function is
- handled by a mail transfer protocol such as RFC 2821.
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 1]
-
-RFC 3501 IMAPv4 March 2003
-
-
-Table of Contents
-
- IMAP4rev1 Protocol Specification ................................ 4
- 1. How to Read This Document ............................... 4
- 1.1. Organization of This Document ........................... 4
- 1.2. Conventions Used in This Document ....................... 4
- 1.3. Special Notes to Implementors ........................... 5
- 2. Protocol Overview ....................................... 6
- 2.1. Link Level .............................................. 6
- 2.2. Commands and Responses .................................. 6
- 2.2.1. Client Protocol Sender and Server Protocol Receiver ..... 6
- 2.2.2. Server Protocol Sender and Client Protocol Receiver ..... 7
- 2.3. Message Attributes ...................................... 8
- 2.3.1. Message Numbers ......................................... 8
- 2.3.1.1. Unique Identifier (UID) Message Attribute ....... 8
- 2.3.1.2. Message Sequence Number Message Attribute ....... 10
- 2.3.2. Flags Message Attribute ................................. 11
- 2.3.3. Internal Date Message Attribute ......................... 12
- 2.3.4. [RFC-2822] Size Message Attribute ....................... 12
- 2.3.5. Envelope Structure Message Attribute .................... 12
- 2.3.6. Body Structure Message Attribute ........................ 12
- 2.4. Message Texts ........................................... 13
- 3. State and Flow Diagram .................................. 13
- 3.1. Not Authenticated State ................................. 13
- 3.2. Authenticated State ..................................... 13
- 3.3. Selected State .......................................... 13
- 3.4. Logout State ............................................ 14
- 4. Data Formats ............................................ 16
- 4.1. Atom .................................................... 16
- 4.2. Number .................................................. 16
- 4.3. String .................................................. 16
- 4.3.1. 8-bit and Binary Strings ................................ 17
- 4.4. Parenthesized List ...................................... 17
- 4.5. NIL ..................................................... 17
- 5. Operational Considerations .............................. 18
- 5.1. Mailbox Naming .......................................... 18
- 5.1.1. Mailbox Hierarchy Naming ................................ 19
- 5.1.2. Mailbox Namespace Naming Convention ..................... 19
- 5.1.3. Mailbox International Naming Convention ................. 19
- 5.2. Mailbox Size and Message Status Updates ................. 21
- 5.3. Response when no Command in Progress .................... 21
- 5.4. Autologout Timer ........................................ 22
- 5.5. Multiple Commands in Progress ........................... 22
- 6. Client Commands ........................................ 23
- 6.1. Client Commands - Any State ............................ 24
- 6.1.1. CAPABILITY Command ..................................... 24
- 6.1.2. NOOP Command ........................................... 25
- 6.1.3. LOGOUT Command ......................................... 26
-
-
-
-Crispin Standards Track [Page 2]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 6.2. Client Commands - Not Authenticated State .............. 26
- 6.2.1. STARTTLS Command ....................................... 27
- 6.2.2. AUTHENTICATE Command ................................... 28
- 6.2.3. LOGIN Command .......................................... 30
- 6.3. Client Commands - Authenticated State .................. 31
- 6.3.1. SELECT Command ......................................... 32
- 6.3.2. EXAMINE Command ........................................ 34
- 6.3.3. CREATE Command ......................................... 34
- 6.3.4. DELETE Command ......................................... 35
- 6.3.5. RENAME Command ......................................... 37
- 6.3.6. SUBSCRIBE Command ...................................... 39
- 6.3.7. UNSUBSCRIBE Command .................................... 39
- 6.3.8. LIST Command ........................................... 40
- 6.3.9. LSUB Command ........................................... 43
- 6.3.10. STATUS Command ......................................... 44
- 6.3.11. APPEND Command ......................................... 46
- 6.4. Client Commands - Selected State ....................... 47
- 6.4.1. CHECK Command .......................................... 47
- 6.4.2. CLOSE Command .......................................... 48
- 6.4.3. EXPUNGE Command ........................................ 49
- 6.4.4. SEARCH Command ......................................... 49
- 6.4.5. FETCH Command .......................................... 54
- 6.4.6. STORE Command .......................................... 58
- 6.4.7. COPY Command ........................................... 59
- 6.4.8. UID Command ............................................ 60
- 6.5. Client Commands - Experimental/Expansion ............... 62
- 6.5.1. X<atom> Command ........................................ 62
- 7. Server Responses ....................................... 62
- 7.1. Server Responses - Status Responses .................... 63
- 7.1.1. OK Response ............................................ 65
- 7.1.2. NO Response ............................................ 66
- 7.1.3. BAD Response ........................................... 66
- 7.1.4. PREAUTH Response ....................................... 67
- 7.1.5. BYE Response ........................................... 67
- 7.2. Server Responses - Server and Mailbox Status ........... 68
- 7.2.1. CAPABILITY Response .................................... 68
- 7.2.2. LIST Response .......................................... 69
- 7.2.3. LSUB Response .......................................... 70
- 7.2.4 STATUS Response ........................................ 70
- 7.2.5. SEARCH Response ........................................ 71
- 7.2.6. FLAGS Response ......................................... 71
- 7.3. Server Responses - Mailbox Size ........................ 71
- 7.3.1. EXISTS Response ........................................ 71
- 7.3.2. RECENT Response ........................................ 72
- 7.4. Server Responses - Message Status ...................... 72
- 7.4.1. EXPUNGE Response ....................................... 72
- 7.4.2. FETCH Response ......................................... 73
- 7.5. Server Responses - Command Continuation Request ........ 79
-
-
-
-Crispin Standards Track [Page 3]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 8. Sample IMAP4rev1 connection ............................ 80
- 9. Formal Syntax .......................................... 81
- 10. Author's Note .......................................... 92
- 11. Security Considerations ................................ 92
- 11.1. STARTTLS Security Considerations ....................... 92
- 11.2. Other Security Considerations .......................... 93
- 12. IANA Considerations .................................... 94
- Appendices ..................................................... 95
- A. References ............................................. 95
- B. Changes from RFC 2060 .................................. 97
- C. Key Word Index ......................................... 103
- Author's Address ............................................... 107
- Full Copyright Statement ....................................... 108
-
-IMAP4rev1 Protocol Specification
-
-1. How to Read This Document
-
-1.1. Organization of This Document
-
- This document is written from the point of view of the implementor of
- an IMAP4rev1 client or server. Beyond the protocol overview in
- section 2, it is not optimized for someone trying to understand the
- operation of the protocol. The material in sections 3 through 5
- provides the general context and definitions with which IMAP4rev1
- operates.
-
- Sections 6, 7, and 9 describe the IMAP commands, responses, and
- syntax, respectively. The relationships among these are such that it
- is almost impossible to understand any of them separately. In
- particular, do not attempt to deduce command syntax from the command
- section alone; instead refer to the Formal Syntax section.
-
-1.2. Conventions Used in This Document
-
- "Conventions" are basic principles or procedures. Document
- conventions are noted in this section.
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "MAY", and "OPTIONAL" in this document are to
- be interpreted as described in [KEYWORDS].
-
- The word "can" (not "may") is used to refer to a possible
- circumstance or situation, as opposed to an optional facility of the
- protocol.
-
-
-
-Crispin Standards Track [Page 4]
-
-RFC 3501 IMAPv4 March 2003
-
-
- "User" is used to refer to a human user, whereas "client" refers to
- the software being run by the user.
-
- "Connection" refers to the entire sequence of client/server
- interaction from the initial establishment of the network connection
- until its termination.
-
- "Session" refers to the sequence of client/server interaction from
- the time that a mailbox is selected (SELECT or EXAMINE command) until
- the time that selection ends (SELECT or EXAMINE of another mailbox,
- CLOSE command, or connection termination).
-
- Characters are 7-bit US-ASCII unless otherwise specified. Other
- character sets are indicated using a "CHARSET", as described in
- [MIME-IMT] and defined in [CHARSET]. CHARSETs have important
- additional semantics in addition to defining character set; refer to
- these documents for more detail.
-
- There are several protocol conventions in IMAP. These refer to
- aspects of the specification which are not strictly part of the IMAP
- protocol, but reflect generally-accepted practice. Implementations
- need to be aware of these conventions, and avoid conflicts whether or
- not they implement the convention. For example, "&" may not be used
- as a hierarchy delimiter since it conflicts with the Mailbox
- International Naming Convention, and other uses of "&" in mailbox
- names are impacted as well.
-
-1.3. Special Notes to Implementors
-
- Implementors of the IMAP protocol are strongly encouraged to read the
- IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in
- conjunction with this document, to help understand the intricacies of
- this protocol and how best to build an interoperable product.
-
- IMAP4rev1 is designed to be upwards compatible from the [IMAP2] and
- unpublished IMAP2bis protocols. IMAP4rev1 is largely compatible with
- the IMAP4 protocol described in RFC 1730; the exception being in
- certain facilities added in RFC 1730 that proved problematic and were
- subsequently removed. In the course of the evolution of IMAP4rev1,
- some aspects in the earlier protocols have become obsolete. Obsolete
- commands, responses, and data formats which an IMAP4rev1
- implementation can encounter when used with an earlier implementation
- are described in [IMAP-OBSOLETE].
-
- Other compatibility issues with IMAP2bis, the most common variant of
- the earlier protocol, are discussed in [IMAP-COMPAT]. A full
- discussion of compatibility issues with rare (and presumed extinct)
-
-
-
-
-Crispin Standards Track [Page 5]
-
-RFC 3501 IMAPv4 March 2003
-
-
- variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is
- primarily of historical interest.
-
- IMAP was originally developed for the older [RFC-822] standard, and
- as a consequence several fetch items in IMAP incorporate "RFC822" in
- their name. With the exception of RFC822.SIZE, there are more modern
- replacements; for example, the modern version of RFC822.HEADER is
- BODY.PEEK[HEADER]. In all cases, "RFC822" should be interpreted as a
- reference to the updated [RFC-2822] standard.
-
-2. Protocol Overview
-
-2.1. Link Level
-
- The IMAP4rev1 protocol assumes a reliable data stream such as that
- provided by TCP. When TCP is used, an IMAP4rev1 server listens on
- port 143.
-
-2.2. Commands and Responses
-
- An IMAP4rev1 connection consists of the establishment of a
- client/server network connection, an initial greeting from the
- server, and client/server interactions. These client/server
- interactions consist of a client command, server data, and a server
- completion result response.
-
- All interactions transmitted by client and server are in the form of
- lines, that is, strings that end with a CRLF. The protocol receiver
- of an IMAP4rev1 client or server is either reading a line, or is
- reading a sequence of octets with a known count followed by a line.
-
-2.2.1. Client Protocol Sender and Server Protocol Receiver
-
- The client command begins an operation. Each client command is
- prefixed with an identifier (typically a short alphanumeric string,
- e.g., A0001, A0002, etc.) called a "tag". A different tag is
- generated by the client for each command.
-
- Clients MUST follow the syntax outlined in this specification
- strictly. It is a syntax error to send a command with missing or
- extraneous spaces or arguments.
-
- There are two cases in which a line from the client does not
- represent a complete command. In one case, a command argument is
- quoted with an octet count (see the description of literal in String
- under Data Formats); in the other case, the command arguments require
- server feedback (see the AUTHENTICATE command). In either case, the
-
-
-
-
-Crispin Standards Track [Page 6]
-
-RFC 3501 IMAPv4 March 2003
-
-
- server sends a command continuation request response if it is ready
- for the octets (if appropriate) and the remainder of the command.
- This response is prefixed with the token "+".
-
- Note: If instead, the server detected an error in the
- command, it sends a BAD completion response with a tag
- matching the command (as described below) to reject the
- command and prevent the client from sending any more of the
- command.
-
- It is also possible for the server to send a completion
- response for some other command (if multiple commands are
- in progress), or untagged data. In either case, the
- command continuation request is still pending; the client
- takes the appropriate action for the response, and reads
- another response from the server. In all cases, the client
- MUST send a complete command (including receiving all
- command continuation request responses and command
- continuations for the command) before initiating a new
- command.
-
- The protocol receiver of an IMAP4rev1 server reads a command line
- from the client, parses the command and its arguments, and transmits
- server data and a server command completion result response.
-
-2.2.2. Server Protocol Sender and Client Protocol Receiver
-
- Data transmitted by the server to the client and status responses
- that do not indicate command completion are prefixed with the token
- "*", and are called untagged responses.
-
- Server data MAY be sent as a result of a client command, or MAY be
- sent unilaterally by the server. There is no syntactic difference
- between server data that resulted from a specific command and server
- data that were sent unilaterally.
-
- The server completion result response indicates the success or
- failure of the operation. It is tagged with the same tag as the
- client command which began the operation. Thus, if more than one
- command is in progress, the tag in a server completion response
- identifies the command to which the response applies. There are
- three possible server completion responses: OK (indicating success),
- NO (indicating failure), or BAD (indicating a protocol error such as
- unrecognized command or command syntax error).
-
- Servers SHOULD enforce the syntax outlined in this specification
- strictly. Any client command with a protocol syntax error, including
- (but not limited to) missing or extraneous spaces or arguments,
-
-
-
-Crispin Standards Track [Page 7]
-
-RFC 3501 IMAPv4 March 2003
-
-
- SHOULD be rejected, and the client given a BAD server completion
- response.
-
- The protocol receiver of an IMAP4rev1 client reads a response line
- from the server. It then takes action on the response based upon the
- first token of the response, which can be a tag, a "*", or a "+".
-
- A client MUST be prepared to accept any server response at all times.
- This includes server data that was not requested. Server data SHOULD
- be recorded, so that the client can reference its recorded copy
- rather than sending a command to the server to request the data. In
- the case of certain server data, the data MUST be recorded.
-
- This topic is discussed in greater detail in the Server Responses
- section.
-
-2.3. Message Attributes
-
- In addition to message text, each message has several attributes
- associated with it. These attributes can be retrieved individually
- or in conjunction with other attributes or message texts.
-
-2.3.1. Message Numbers
-
- Messages in IMAP4rev1 are accessed by one of two numbers; the unique
- identifier or the message sequence number.
-
-
-2.3.1.1. Unique Identifier (UID) Message Attribute
-
- A 32-bit value assigned to each message, which when used with the
- unique identifier validity value (see below) forms a 64-bit value
- that MUST NOT refer to any other message in the mailbox or any
- subsequent mailbox with the same name forever. Unique identifiers
- are assigned in a strictly ascending fashion in the mailbox; as each
- message is added to the mailbox it is assigned a higher UID than the
- message(s) which were added previously. Unlike message sequence
- numbers, unique identifiers are not necessarily contiguous.
-
- The unique identifier of a message MUST NOT change during the
- session, and SHOULD NOT change between sessions. Any change of
- unique identifiers between sessions MUST be detectable using the
- UIDVALIDITY mechanism discussed below. Persistent unique identifiers
- are required for a client to resynchronize its state from a previous
- session with the server (e.g., disconnected or offline access
- clients); this is discussed further in [IMAP-DISC].
-
-
-
-
-
-Crispin Standards Track [Page 8]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Associated with every mailbox are two values which aid in unique
- identifier handling: the next unique identifier value and the unique
- identifier validity value.
-
- The next unique identifier value is the predicted value that will be
- assigned to a new message in the mailbox. Unless the unique
- identifier validity also changes (see below), the next unique
- identifier value MUST have the following two characteristics. First,
- the next unique identifier value MUST NOT change unless new messages
- are added to the mailbox; and second, the next unique identifier
- value MUST change whenever new messages are added to the mailbox,
- even if those new messages are subsequently expunged.
-
- Note: The next unique identifier value is intended to
- provide a means for a client to determine whether any
- messages have been delivered to the mailbox since the
- previous time it checked this value. It is not intended to
- provide any guarantee that any message will have this
- unique identifier. A client can only assume, at the time
- that it obtains the next unique identifier value, that
- messages arriving after that time will have a UID greater
- than or equal to that value.
-
- The unique identifier validity value is sent in a UIDVALIDITY
- response code in an OK untagged response at mailbox selection time.
- If unique identifiers from an earlier session fail to persist in this
- session, the unique identifier validity value MUST be greater than
- the one used in the earlier session.
-
- Note: Ideally, unique identifiers SHOULD persist at all
- times. Although this specification recognizes that failure
- to persist can be unavoidable in certain server
- environments, it STRONGLY ENCOURAGES message store
- implementation techniques that avoid this problem. For
- example:
-
- 1) Unique identifiers MUST be strictly ascending in the
- mailbox at all times. If the physical message store is
- re-ordered by a non-IMAP agent, this requires that the
- unique identifiers in the mailbox be regenerated, since
- the former unique identifiers are no longer strictly
- ascending as a result of the re-ordering.
-
- 2) If the message store has no mechanism to store unique
- identifiers, it must regenerate unique identifiers at
- each session, and each session must have a unique
- UIDVALIDITY value.
-
-
-
-
-Crispin Standards Track [Page 9]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 3) If the mailbox is deleted and a new mailbox with the
- same name is created at a later date, the server must
- either keep track of unique identifiers from the
- previous instance of the mailbox, or it must assign a
- new UIDVALIDITY value to the new instance of the
- mailbox. A good UIDVALIDITY value to use in this case
- is a 32-bit representation of the creation date/time of
- the mailbox. It is alright to use a constant such as
- 1, but only if it guaranteed that unique identifiers
- will never be reused, even in the case of a mailbox
- being deleted (or renamed) and a new mailbox by the
- same name created at some future time.
-
- 4) The combination of mailbox name, UIDVALIDITY, and UID
- must refer to a single immutable message on that server
- forever. In particular, the internal date, [RFC-2822]
- size, envelope, body structure, and message texts
- (RFC822, RFC822.HEADER, RFC822.TEXT, and all BODY[...]
- fetch data items) must never change. This does not
- include message numbers, nor does it include attributes
- that can be set by a STORE command (e.g., FLAGS).
-
-
-2.3.1.2. Message Sequence Number Message Attribute
-
- A relative position from 1 to the number of messages in the mailbox.
- This position MUST be ordered by ascending unique identifier. As
- each new message is added, it is assigned a message sequence number
- that is 1 higher than the number of messages in the mailbox before
- that new message was added.
-
- Message sequence numbers can be reassigned during the session. For
- example, when a message is permanently removed (expunged) from the
- mailbox, the message sequence number for all subsequent messages is
- decremented. The number of messages in the mailbox is also
- decremented. Similarly, a new message can be assigned a message
- sequence number that was once held by some other message prior to an
- expunge.
-
- In addition to accessing messages by relative position in the
- mailbox, message sequence numbers can be used in mathematical
- calculations. For example, if an untagged "11 EXISTS" is received,
- and previously an untagged "8 EXISTS" was received, three new
- messages have arrived with message sequence numbers of 9, 10, and 11.
- Another example, if message 287 in a 523 message mailbox has UID
- 12345, there are exactly 286 messages which have lesser UIDs and 236
- messages which have greater UIDs.
-
-
-
-
-Crispin Standards Track [Page 10]
-
-RFC 3501 IMAPv4 March 2003
-
-
-2.3.2. Flags Message Attribute
-
- A list of zero or more named tokens associated with the message. A
- flag is set by its addition to this list, and is cleared by its
- removal. There are two types of flags in IMAP4rev1. A flag of
- either type can be permanent or session-only.
-
- A system flag is a flag name that is pre-defined in this
- specification. All system flags begin with "\". Certain system
- flags (\Deleted and \Seen) have special semantics described
- elsewhere. The currently-defined system flags are:
-
- \Seen
- Message has been read
-
- \Answered
- Message has been answered
-
- \Flagged
- Message is "flagged" for urgent/special attention
-
- \Deleted
- Message is "deleted" for removal by later EXPUNGE
-
- \Draft
- Message has not completed composition (marked as a draft).
-
- \Recent
- Message is "recently" arrived in this mailbox. This session
- is the first session to have been notified about this
- message; if the session is read-write, subsequent sessions
- will not see \Recent set for this message. This flag can not
- be altered by the client.
-
- If it is not possible to determine whether or not this
- session is the first session to be notified about a message,
- then that message SHOULD be considered recent.
-
- If multiple connections have the same mailbox selected
- simultaneously, it is undefined which of these connections
- will see newly-arrived messages with \Recent set and which
- will see it without \Recent set.
-
- A keyword is defined by the server implementation. Keywords do not
- begin with "\". Servers MAY permit the client to define new keywords
- in the mailbox (see the description of the PERMANENTFLAGS response
- code for more information).
-
-
-
-
-Crispin Standards Track [Page 11]
-
-RFC 3501 IMAPv4 March 2003
-
-
- A flag can be permanent or session-only on a per-flag basis.
- Permanent flags are those which the client can add or remove from the
- message flags permanently; that is, concurrent and subsequent
- sessions will see any change in permanent flags. Changes to session
- flags are valid only in that session.
-
- Note: The \Recent system flag is a special case of a
- session flag. \Recent can not be used as an argument in a
- STORE or APPEND command, and thus can not be changed at
- all.
-
-2.3.3. Internal Date Message Attribute
-
- The internal date and time of the message on the server. This
- is not the date and time in the [RFC-2822] header, but rather a
- date and time which reflects when the message was received. In
- the case of messages delivered via [SMTP], this SHOULD be the
- date and time of final delivery of the message as defined by
- [SMTP]. In the case of messages delivered by the IMAP4rev1 COPY
- command, this SHOULD be the internal date and time of the source
- message. In the case of messages delivered by the IMAP4rev1
- APPEND command, this SHOULD be the date and time as specified in
- the APPEND command description. All other cases are
- implementation defined.
-
-2.3.4. [RFC-2822] Size Message Attribute
-
- The number of octets in the message, as expressed in [RFC-2822]
- format.
-
-2.3.5. Envelope Structure Message Attribute
-
- A parsed representation of the [RFC-2822] header of the message.
- Note that the IMAP Envelope structure is not the same as an
- [SMTP] envelope.
-
-2.3.6. Body Structure Message Attribute
-
- A parsed representation of the [MIME-IMB] body structure
- information of the message.
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 12]
-
-RFC 3501 IMAPv4 March 2003
-
-
-2.4. Message Texts
-
- In addition to being able to fetch the full [RFC-2822] text of a
- message, IMAP4rev1 permits the fetching of portions of the full
- message text. Specifically, it is possible to fetch the
- [RFC-2822] message header, [RFC-2822] message body, a [MIME-IMB]
- body part, or a [MIME-IMB] header.
-
-3. State and Flow Diagram
-
- Once the connection between client and server is established, an
- IMAP4rev1 connection is in one of four states. The initial
- state is identified in the server greeting. Most commands are
- only valid in certain states. It is a protocol error for the
- client to attempt a command while the connection is in an
- inappropriate state, and the server will respond with a BAD or
- NO (depending upon server implementation) command completion
- result.
-
-3.1. Not Authenticated State
-
- In the not authenticated state, the client MUST supply
- authentication credentials before most commands will be
- permitted. This state is entered when a connection starts
- unless the connection has been pre-authenticated.
-
-3.2. Authenticated State
-
- In the authenticated state, the client is authenticated and MUST
- select a mailbox to access before commands that affect messages
- will be permitted. This state is entered when a
- pre-authenticated connection starts, when acceptable
- authentication credentials have been provided, after an error in
- selecting a mailbox, or after a successful CLOSE command.
-
-3.3. Selected State
-
- In a selected state, a mailbox has been selected to access.
- This state is entered when a mailbox has been successfully
- selected.
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 13]
-
-RFC 3501 IMAPv4 March 2003
-
-
-3.4. Logout State
-
- In the logout state, the connection is being terminated. This
- state can be entered as a result of a client request (via the
- LOGOUT command) or by unilateral action on the part of either
- the client or server.
-
- If the client requests the logout state, the server MUST send an
- untagged BYE response and a tagged OK response to the LOGOUT
- command before the server closes the connection; and the client
- MUST read the tagged OK response to the LOGOUT command before
- the client closes the connection.
-
- A server MUST NOT unilaterally close the connection without
- sending an untagged BYE response that contains the reason for
- having done so. A client SHOULD NOT unilaterally close the
- connection, and instead SHOULD issue a LOGOUT command. If the
- server detects that the client has unilaterally closed the
- connection, the server MAY omit the untagged BYE response and
- simply close its connection.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 14]
-
-RFC 3501 IMAPv4 March 2003
-
-
- +----------------------+
- |connection established|
- +----------------------+
- ||
- \/
- +--------------------------------------+
- | server greeting |
- +--------------------------------------+
- || (1) || (2) || (3)
- \/ || ||
- +-----------------+ || ||
- |Not Authenticated| || ||
- +-----------------+ || ||
- || (7) || (4) || ||
- || \/ \/ ||
- || +----------------+ ||
- || | Authenticated |<=++ ||
- || +----------------+ || ||
- || || (7) || (5) || (6) ||
- || || \/ || ||
- || || +--------+ || ||
- || || |Selected|==++ ||
- || || +--------+ ||
- || || || (7) ||
- \/ \/ \/ \/
- +--------------------------------------+
- | Logout |
- +--------------------------------------+
- ||
- \/
- +-------------------------------+
- |both sides close the connection|
- +-------------------------------+
-
- (1) connection without pre-authentication (OK greeting)
- (2) pre-authenticated connection (PREAUTH greeting)
- (3) rejected connection (BYE greeting)
- (4) successful LOGIN or AUTHENTICATE command
- (5) successful SELECT or EXAMINE command
- (6) CLOSE command, or failed SELECT or EXAMINE command
- (7) LOGOUT command, server shutdown, or connection closed
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 15]
-
-RFC 3501 IMAPv4 March 2003
-
-
-4. Data Formats
-
- IMAP4rev1 uses textual commands and responses. Data in
- IMAP4rev1 can be in one of several forms: atom, number, string,
- parenthesized list, or NIL. Note that a particular data item
- may take more than one form; for example, a data item defined as
- using "astring" syntax may be either an atom or a string.
-
-4.1. Atom
-
- An atom consists of one or more non-special characters.
-
-4.2. Number
-
- A number consists of one or more digit characters, and
- represents a numeric value.
-
-4.3. String
-
- A string is in one of two forms: either literal or quoted
- string. The literal form is the general form of string. The
- quoted string form is an alternative that avoids the overhead of
- processing a literal at the cost of limitations of characters
- which may be used.
-
- A literal is a sequence of zero or more octets (including CR and
- LF), prefix-quoted with an octet count in the form of an open
- brace ("{"), the number of octets, close brace ("}"), and CRLF.
- In the case of literals transmitted from server to client, the
- CRLF is immediately followed by the octet data. In the case of
- literals transmitted from client to server, the client MUST wait
- to receive a command continuation request (described later in
- this document) before sending the octet data (and the remainder
- of the command).
-
- A quoted string is a sequence of zero or more 7-bit characters,
- excluding CR and LF, with double quote (<">) characters at each
- end.
-
- The empty string is represented as either "" (a quoted string
- with zero characters between double quotes) or as {0} followed
- by CRLF (a literal with an octet count of 0).
-
- Note: Even if the octet count is 0, a client transmitting a
- literal MUST wait to receive a command continuation request.
-
-
-
-
-
-
-Crispin Standards Track [Page 16]
-
-RFC 3501 IMAPv4 March 2003
-
-
-4.3.1. 8-bit and Binary Strings
-
- 8-bit textual and binary mail is supported through the use of a
- [MIME-IMB] content transfer encoding. IMAP4rev1 implementations MAY
- transmit 8-bit or multi-octet characters in literals, but SHOULD do
- so only when the [CHARSET] is identified.
-
- Although a BINARY body encoding is defined, unencoded binary strings
- are not permitted. A "binary string" is any string with NUL
- characters. Implementations MUST encode binary data into a textual
- form, such as BASE64, before transmitting the data. A string with an
- excessive amount of CTL characters MAY also be considered to be
- binary.
-
-4.4. Parenthesized List
-
- Data structures are represented as a "parenthesized list"; a sequence
- of data items, delimited by space, and bounded at each end by
- parentheses. A parenthesized list can contain other parenthesized
- lists, using multiple levels of parentheses to indicate nesting.
-
- The empty list is represented as () -- a parenthesized list with no
- members.
-
-4.5. NIL
-
- The special form "NIL" represents the non-existence of a particular
- data item that is represented as a string or parenthesized list, as
- distinct from the empty string "" or the empty parenthesized list ().
-
- Note: NIL is never used for any data item which takes the
- form of an atom. For example, a mailbox name of "NIL" is a
- mailbox named NIL as opposed to a non-existent mailbox
- name. This is because mailbox uses "astring" syntax which
- is an atom or a string. Conversely, an addr-name of NIL is
- a non-existent personal name, because addr-name uses
- "nstring" syntax which is NIL or a string, but never an
- atom.
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 17]
-
-RFC 3501 IMAPv4 March 2003
-
-
-5. Operational Considerations
-
- The following rules are listed here to ensure that all IMAP4rev1
- implementations interoperate properly.
-
-5.1. Mailbox Naming
-
- Mailbox names are 7-bit. Client implementations MUST NOT attempt to
- create 8-bit mailbox names, and SHOULD interpret any 8-bit mailbox
- names returned by LIST or LSUB as UTF-8. Server implementations
- SHOULD prohibit the creation of 8-bit mailbox names, and SHOULD NOT
- return 8-bit mailbox names in LIST or LSUB. See section 5.1.3 for
- more information on how to represent non-ASCII mailbox names.
-
- Note: 8-bit mailbox names were undefined in earlier
- versions of this protocol. Some sites used a local 8-bit
- character set to represent non-ASCII mailbox names. Such
- usage is not interoperable, and is now formally deprecated.
-
- The case-insensitive mailbox name INBOX is a special name reserved to
- mean "the primary mailbox for this user on this server". The
- interpretation of all other names is implementation-dependent.
-
- In particular, this specification takes no position on case
- sensitivity in non-INBOX mailbox names. Some server implementations
- are fully case-sensitive; others preserve case of a newly-created
- name but otherwise are case-insensitive; and yet others coerce names
- to a particular case. Client implementations MUST interact with any
- of these. If a server implementation interprets non-INBOX mailbox
- names as case-insensitive, it MUST treat names using the
- international naming convention specially as described in section
- 5.1.3.
-
- There are certain client considerations when creating a new mailbox
- name:
-
- 1) Any character which is one of the atom-specials (see the Formal
- Syntax) will require that the mailbox name be represented as a
- quoted string or literal.
-
- 2) CTL and other non-graphic characters are difficult to represent
- in a user interface and are best avoided.
-
- 3) Although the list-wildcard characters ("%" and "*") are valid
- in a mailbox name, it is difficult to use such mailbox names
- with the LIST and LSUB commands due to the conflict with
- wildcard interpretation.
-
-
-
-
-Crispin Standards Track [Page 18]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 4) Usually, a character (determined by the server implementation)
- is reserved to delimit levels of hierarchy.
-
- 5) Two characters, "#" and "&", have meanings by convention, and
- should be avoided except when used in that convention.
-
-5.1.1. Mailbox Hierarchy Naming
-
- If it is desired to export hierarchical mailbox names, mailbox names
- MUST be left-to-right hierarchical using a single character to
- separate levels of hierarchy. The same hierarchy separator character
- is used for all levels of hierarchy within a single name.
-
-5.1.2. Mailbox Namespace Naming Convention
-
- By convention, the first hierarchical element of any mailbox name
- which begins with "#" identifies the "namespace" of the remainder of
- the name. This makes it possible to disambiguate between different
- types of mailbox stores, each of which have their own namespaces.
-
- For example, implementations which offer access to USENET
- newsgroups MAY use the "#news" namespace to partition the
- USENET newsgroup namespace from that of other mailboxes.
- Thus, the comp.mail.misc newsgroup would have a mailbox
- name of "#news.comp.mail.misc", and the name
- "comp.mail.misc" can refer to a different object (e.g., a
- user's private mailbox).
-
-5.1.3. Mailbox International Naming Convention
-
- By convention, international mailbox names in IMAP4rev1 are specified
- using a modified version of the UTF-7 encoding described in [UTF-7].
- Modified UTF-7 may also be usable in servers that implement an
- earlier version of this protocol.
-
- In modified UTF-7, printable US-ASCII characters, except for "&",
- represent themselves; that is, characters with octet values 0x20-0x25
- and 0x27-0x7e. The character "&" (0x26) is represented by the
- two-octet sequence "&-".
-
- All other characters (octet values 0x00-0x1f and 0x7f-0xff) are
- represented in modified BASE64, with a further modification from
- [UTF-7] that "," is used instead of "/". Modified BASE64 MUST NOT be
- used to represent any printing US-ASCII character which can represent
- itself.
-
-
-
-
-
-
-Crispin Standards Track [Page 19]
-
-RFC 3501 IMAPv4 March 2003
-
-
- "&" is used to shift to modified BASE64 and "-" to shift back to
- US-ASCII. There is no implicit shift from BASE64 to US-ASCII, and
- null shifts ("-&" while in BASE64; note that "&-" while in US-ASCII
- means "&") are not permitted. However, all names start in US-ASCII,
- and MUST end in US-ASCII; that is, a name that ends with a non-ASCII
- ISO-10646 character MUST end with a "-").
-
- The purpose of these modifications is to correct the following
- problems with UTF-7:
-
- 1) UTF-7 uses the "+" character for shifting; this conflicts with
- the common use of "+" in mailbox names, in particular USENET
- newsgroup names.
-
- 2) UTF-7's encoding is BASE64 which uses the "/" character; this
- conflicts with the use of "/" as a popular hierarchy delimiter.
-
- 3) UTF-7 prohibits the unencoded usage of "\"; this conflicts with
- the use of "\" as a popular hierarchy delimiter.
-
- 4) UTF-7 prohibits the unencoded usage of "~"; this conflicts with
- the use of "~" in some servers as a home directory indicator.
-
- 5) UTF-7 permits multiple alternate forms to represent the same
- string; in particular, printable US-ASCII characters can be
- represented in encoded form.
-
- Although modified UTF-7 is a convention, it establishes certain
- requirements on server handling of any mailbox name with an
- embedded "&" character. In particular, server implementations
- MUST preserve the exact form of the modified BASE64 portion of a
- modified UTF-7 name and treat that text as case-sensitive, even if
- names are otherwise case-insensitive or case-folded.
-
- Server implementations SHOULD verify that any mailbox name with an
- embedded "&" character, used as an argument to CREATE, is: in the
- correctly modified UTF-7 syntax, has no superfluous shifts, and
- has no encoding in modified BASE64 of any printing US-ASCII
- character which can represent itself. However, client
- implementations MUST NOT depend upon the server doing this, and
- SHOULD NOT attempt to create a mailbox name with an embedded "&"
- character unless it complies with the modified UTF-7 syntax.
-
- Server implementations which export a mail store that does not
- follow the modified UTF-7 convention MUST convert to modified
- UTF-7 any mailbox name that contains either non-ASCII characters
- or the "&" character.
-
-
-
-
-Crispin Standards Track [Page 20]
-
-RFC 3501 IMAPv4 March 2003
-
-
- For example, here is a mailbox name which mixes English,
- Chinese, and Japanese text:
- ~peter/mail/&U,BTFw-/&ZeVnLIqe-
-
- For example, the string "&Jjo!" is not a valid mailbox
- name because it does not contain a shift to US-ASCII
- before the "!". The correct form is "&Jjo-!". The
- string "&U,BTFw-&ZeVnLIqe-" is not permitted because it
- contains a superfluous shift. The correct form is
- "&U,BTF2XlZyyKng-".
-
-5.2. Mailbox Size and Message Status Updates
-
- At any time, a server can send data that the client did not request.
- Sometimes, such behavior is REQUIRED. For example, agents other than
- the server MAY add messages to the mailbox (e.g., new message
- delivery), change the flags of the messages in the mailbox (e.g.,
- simultaneous access to the same mailbox by multiple agents), or even
- remove messages from the mailbox. A server MUST send mailbox size
- updates automatically if a mailbox size change is observed during the
- processing of a command. A server SHOULD send message flag updates
- automatically, without requiring the client to request such updates
- explicitly.
-
- Special rules exist for server notification of a client about the
- removal of messages to prevent synchronization errors; see the
- description of the EXPUNGE response for more detail. In particular,
- it is NOT permitted to send an EXISTS response that would reduce the
- number of messages in the mailbox; only the EXPUNGE response can do
- this.
-
- Regardless of what implementation decisions a client makes on
- remembering data from the server, a client implementation MUST record
- mailbox size updates. It MUST NOT assume that any command after the
- initial mailbox selection will return the size of the mailbox.
-
-5.3. Response when no Command in Progress
-
- Server implementations are permitted to send an untagged response
- (except for EXPUNGE) while there is no command in progress. Server
- implementations that send such responses MUST deal with flow control
- considerations. Specifically, they MUST either (1) verify that the
- size of the data does not exceed the underlying transport's available
- window size, or (2) use non-blocking writes.
-
-
-
-
-
-
-
-Crispin Standards Track [Page 21]
-
-RFC 3501 IMAPv4 March 2003
-
-
-5.4. Autologout Timer
-
- If a server has an inactivity autologout timer, the duration of that
- timer MUST be at least 30 minutes. The receipt of ANY command from
- the client during that interval SHOULD suffice to reset the
- autologout timer.
-
-5.5. Multiple Commands in Progress
-
- The client MAY send another command without waiting for the
- completion result response of a command, subject to ambiguity rules
- (see below) and flow control constraints on the underlying data
- stream. Similarly, a server MAY begin processing another command
- before processing the current command to completion, subject to
- ambiguity rules. However, any command continuation request responses
- and command continuations MUST be negotiated before any subsequent
- command is initiated.
-
- The exception is if an ambiguity would result because of a command
- that would affect the results of other commands. Clients MUST NOT
- send multiple commands without waiting if an ambiguity would result.
- If the server detects a possible ambiguity, it MUST execute commands
- to completion in the order given by the client.
-
- The most obvious example of ambiguity is when a command would affect
- the results of another command, e.g., a FETCH of a message's flags
- and a STORE of that same message's flags.
-
- A non-obvious ambiguity occurs with commands that permit an untagged
- EXPUNGE response (commands other than FETCH, STORE, and SEARCH),
- since an untagged EXPUNGE response can invalidate sequence numbers in
- a subsequent command. This is not a problem for FETCH, STORE, or
- SEARCH commands because servers are prohibited from sending EXPUNGE
- responses while any of those commands are in progress. Therefore, if
- the client sends any command other than FETCH, STORE, or SEARCH, it
- MUST wait for the completion result response before sending a command
- with message sequence numbers.
-
- Note: UID FETCH, UID STORE, and UID SEARCH are different
- commands from FETCH, STORE, and SEARCH. If the client
- sends a UID command, it must wait for a completion result
- response before sending a command with message sequence
- numbers.
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 22]
-
-RFC 3501 IMAPv4 March 2003
-
-
- For example, the following non-waiting command sequences are invalid:
-
- FETCH + NOOP + STORE
- STORE + COPY + FETCH
- COPY + COPY
- CHECK + FETCH
-
- The following are examples of valid non-waiting command sequences:
-
- FETCH + STORE + SEARCH + CHECK
- STORE + COPY + EXPUNGE
-
- UID SEARCH + UID SEARCH may be valid or invalid as a non-waiting
- command sequence, depending upon whether or not the second UID
- SEARCH contains message sequence numbers.
-
-6. Client Commands
-
- IMAP4rev1 commands are described in this section. Commands are
- organized by the state in which the command is permitted. Commands
- which are permitted in multiple states are listed in the minimum
- permitted state (for example, commands valid in authenticated and
- selected state are listed in the authenticated state commands).
-
- Command arguments, identified by "Arguments:" in the command
- descriptions below, are described by function, not by syntax. The
- precise syntax of command arguments is described in the Formal Syntax
- section.
-
- Some commands cause specific server responses to be returned; these
- are identified by "Responses:" in the command descriptions below.
- See the response descriptions in the Responses section for
- information on these responses, and the Formal Syntax section for the
- precise syntax of these responses. It is possible for server data to
- be transmitted as a result of any command. Thus, commands that do
- not specifically require server data specify "no specific responses
- for this command" instead of "none".
-
- The "Result:" in the command description refers to the possible
- tagged status responses to a command, and any special interpretation
- of these status responses.
-
- The state of a connection is only changed by successful commands
- which are documented as changing state. A rejected command (BAD
- response) never changes the state of the connection or of the
- selected mailbox. A failed command (NO response) generally does not
- change the state of the connection or of the selected mailbox; the
- exception being the SELECT and EXAMINE commands.
-
-
-
-Crispin Standards Track [Page 23]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.1. Client Commands - Any State
-
- The following commands are valid in any state: CAPABILITY, NOOP, and
- LOGOUT.
-
-6.1.1. CAPABILITY Command
-
- Arguments: none
-
- Responses: REQUIRED untagged response: CAPABILITY
-
- Result: OK - capability completed
- BAD - command unknown or arguments invalid
-
- The CAPABILITY command requests a listing of capabilities that the
- server supports. The server MUST send a single untagged
- CAPABILITY response with "IMAP4rev1" as one of the listed
- capabilities before the (tagged) OK response.
-
- A capability name which begins with "AUTH=" indicates that the
- server supports that particular authentication mechanism. All
- such names are, by definition, part of this specification. For
- example, the authorization capability for an experimental
- "blurdybloop" authenticator would be "AUTH=XBLURDYBLOOP" and not
- "XAUTH=BLURDYBLOOP" or "XAUTH=XBLURDYBLOOP".
-
- Other capability names refer to extensions, revisions, or
- amendments to this specification. See the documentation of the
- CAPABILITY response for additional information. No capabilities,
- beyond the base IMAP4rev1 set defined in this specification, are
- enabled without explicit client action to invoke the capability.
-
- Client and server implementations MUST implement the STARTTLS,
- LOGINDISABLED, and AUTH=PLAIN (described in [IMAP-TLS])
- capabilities. See the Security Considerations section for
- important information.
-
- See the section entitled "Client Commands -
- Experimental/Expansion" for information about the form of site or
- implementation-specific capabilities.
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 24]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Example: C: abcd CAPABILITY
- S: * CAPABILITY IMAP4rev1 STARTTLS AUTH=GSSAPI
- LOGINDISABLED
- S: abcd OK CAPABILITY completed
- C: efgh STARTTLS
- S: efgh OK STARTLS completed
- <TLS negotiation, further commands are under [TLS] layer>
- C: ijkl CAPABILITY
- S: * CAPABILITY IMAP4rev1 AUTH=GSSAPI AUTH=PLAIN
- S: ijkl OK CAPABILITY completed
-
-
-6.1.2. NOOP Command
-
- Arguments: none
-
- Responses: no specific responses for this command (but see below)
-
- Result: OK - noop completed
- BAD - command unknown or arguments invalid
-
- The NOOP command always succeeds. It does nothing.
-
- Since any command can return a status update as untagged data, the
- NOOP command can be used as a periodic poll for new messages or
- message status updates during a period of inactivity (this is the
- preferred method to do this). The NOOP command can also be used
- to reset any inactivity autologout timer on the server.
-
- Example: C: a002 NOOP
- S: a002 OK NOOP completed
- . . .
- C: a047 NOOP
- S: * 22 EXPUNGE
- S: * 23 EXISTS
- S: * 3 RECENT
- S: * 14 FETCH (FLAGS (\Seen \Deleted))
- S: a047 OK NOOP completed
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 25]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.1.3. LOGOUT Command
-
- Arguments: none
-
- Responses: REQUIRED untagged response: BYE
-
- Result: OK - logout completed
- BAD - command unknown or arguments invalid
-
- The LOGOUT command informs the server that the client is done with
- the connection. The server MUST send a BYE untagged response
- before the (tagged) OK response, and then close the network
- connection.
-
- Example: C: A023 LOGOUT
- S: * BYE IMAP4rev1 Server logging out
- S: A023 OK LOGOUT completed
- (Server and client then close the connection)
-
-6.2. Client Commands - Not Authenticated State
-
- In the not authenticated state, the AUTHENTICATE or LOGIN command
- establishes authentication and enters the authenticated state. The
- AUTHENTICATE command provides a general mechanism for a variety of
- authentication techniques, privacy protection, and integrity
- checking; whereas the LOGIN command uses a traditional user name and
- plaintext password pair and has no means of establishing privacy
- protection or integrity checking.
-
- The STARTTLS command is an alternate form of establishing session
- privacy protection and integrity checking, but does not establish
- authentication or enter the authenticated state.
-
- Server implementations MAY allow access to certain mailboxes without
- establishing authentication. This can be done by means of the
- ANONYMOUS [SASL] authenticator described in [ANONYMOUS]. An older
- convention is a LOGIN command using the userid "anonymous"; in this
- case, a password is required although the server may choose to accept
- any password. The restrictions placed on anonymous users are
- implementation-dependent.
-
- Once authenticated (including as anonymous), it is not possible to
- re-enter not authenticated state.
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 26]
-
-RFC 3501 IMAPv4 March 2003
-
-
- In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),
- the following commands are valid in the not authenticated state:
- STARTTLS, AUTHENTICATE and LOGIN. See the Security Considerations
- section for important information about these commands.
-
-6.2.1. STARTTLS Command
-
- Arguments: none
-
- Responses: no specific response for this command
-
- Result: OK - starttls completed, begin TLS negotiation
- BAD - command unknown or arguments invalid
-
- A [TLS] negotiation begins immediately after the CRLF at the end
- of the tagged OK response from the server. Once a client issues a
- STARTTLS command, it MUST NOT issue further commands until a
- server response is seen and the [TLS] negotiation is complete.
-
- The server remains in the non-authenticated state, even if client
- credentials are supplied during the [TLS] negotiation. This does
- not preclude an authentication mechanism such as EXTERNAL (defined
- in [SASL]) from using client identity determined by the [TLS]
- negotiation.
-
- Once [TLS] has been started, the client MUST discard cached
- information about server capabilities and SHOULD re-issue the
- CAPABILITY command. This is necessary to protect against man-in-
- the-middle attacks which alter the capabilities list prior to
- STARTTLS. The server MAY advertise different capabilities after
- STARTTLS.
-
- Example: C: a001 CAPABILITY
- S: * CAPABILITY IMAP4rev1 STARTTLS LOGINDISABLED
- S: a001 OK CAPABILITY completed
- C: a002 STARTTLS
- S: a002 OK Begin TLS negotiation now
- <TLS negotiation, further commands are under [TLS] layer>
- C: a003 CAPABILITY
- S: * CAPABILITY IMAP4rev1 AUTH=PLAIN
- S: a003 OK CAPABILITY completed
- C: a004 LOGIN joe password
- S: a004 OK LOGIN completed
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 27]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.2.2. AUTHENTICATE Command
-
- Arguments: authentication mechanism name
-
- Responses: continuation data can be requested
-
- Result: OK - authenticate completed, now in authenticated state
- NO - authenticate failure: unsupported authentication
- mechanism, credentials rejected
- BAD - command unknown or arguments invalid,
- authentication exchange cancelled
-
- The AUTHENTICATE command indicates a [SASL] authentication
- mechanism to the server. If the server supports the requested
- authentication mechanism, it performs an authentication protocol
- exchange to authenticate and identify the client. It MAY also
- negotiate an OPTIONAL security layer for subsequent protocol
- interactions. If the requested authentication mechanism is not
- supported, the server SHOULD reject the AUTHENTICATE command by
- sending a tagged NO response.
-
- The AUTHENTICATE command does not support the optional "initial
- response" feature of [SASL]. Section 5.1 of [SASL] specifies how
- to handle an authentication mechanism which uses an initial
- response.
-
- The service name specified by this protocol's profile of [SASL] is
- "imap".
-
- The authentication protocol exchange consists of a series of
- server challenges and client responses that are specific to the
- authentication mechanism. A server challenge consists of a
- command continuation request response with the "+" token followed
- by a BASE64 encoded string. The client response consists of a
- single line consisting of a BASE64 encoded string. If the client
- wishes to cancel an authentication exchange, it issues a line
- consisting of a single "*". If the server receives such a
- response, it MUST reject the AUTHENTICATE command by sending a
- tagged BAD response.
-
- If a security layer is negotiated through the [SASL]
- authentication exchange, it takes effect immediately following the
- CRLF that concludes the authentication exchange for the client,
- and the CRLF of the tagged OK response for the server.
-
- While client and server implementations MUST implement the
- AUTHENTICATE command itself, it is not required to implement any
- authentication mechanisms other than the PLAIN mechanism described
-
-
-
-Crispin Standards Track [Page 28]
-
-RFC 3501 IMAPv4 March 2003
-
-
- in [IMAP-TLS]. Also, an authentication mechanism is not required
- to support any security layers.
-
- Note: a server implementation MUST implement a
- configuration in which it does NOT permit any plaintext
- password mechanisms, unless either the STARTTLS command
- has been negotiated or some other mechanism that
- protects the session from password snooping has been
- provided. Server sites SHOULD NOT use any configuration
- which permits a plaintext password mechanism without
- such a protection mechanism against password snooping.
- Client and server implementations SHOULD implement
- additional [SASL] mechanisms that do not use plaintext
- passwords, such the GSSAPI mechanism described in [SASL]
- and/or the [DIGEST-MD5] mechanism.
-
- Servers and clients can support multiple authentication
- mechanisms. The server SHOULD list its supported authentication
- mechanisms in the response to the CAPABILITY command so that the
- client knows which authentication mechanisms to use.
-
- A server MAY include a CAPABILITY response code in the tagged OK
- response of a successful AUTHENTICATE command in order to send
- capabilities automatically. It is unnecessary for a client to
- send a separate CAPABILITY command if it recognizes these
- automatic capabilities. This should only be done if a security
- layer was not negotiated by the AUTHENTICATE command, because the
- tagged OK response as part of an AUTHENTICATE command is not
- protected by encryption/integrity checking. [SASL] requires the
- client to re-issue a CAPABILITY command in this case.
-
- If an AUTHENTICATE command fails with a NO response, the client
- MAY try another authentication mechanism by issuing another
- AUTHENTICATE command. It MAY also attempt to authenticate by
- using the LOGIN command (see section 6.2.3 for more detail). In
- other words, the client MAY request authentication types in
- decreasing order of preference, with the LOGIN command as a last
- resort.
-
- The authorization identity passed from the client to the server
- during the authentication exchange is interpreted by the server as
- the user name whose privileges the client is requesting.
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 29]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Example: S: * OK IMAP4rev1 Server
- C: A001 AUTHENTICATE GSSAPI
- S: +
- C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBw
- MFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0
- b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYW
- Mud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHA
- cS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJX
- AleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0y
- C/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknb
- I0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhi
- vd5zovQlFqQ2Wjc2+y46vKP/iXxWIuQJuDiisyXF0Y8+5GTpAL
- pHDc1/pIGmMIGjoAMCAQGigZsEgZg2on5mSuxoDHEA1w9bcW9n
- FdFxDKpdrQhVGVRDIzcCMCTzvUboqb5KjY1NJKJsfjRQiBYBdE
- NKfzK+g5DlV8nrw81uOcP8NOQCLR5XkoMHC0Dr/80ziQzbNqhx
- O6652Npft0LQwJvenwDI13YxpwOdMXzkWZN/XrEqOWp6GCgXTB
- vCyLWLlWnbaUkZdEYbKHBPjd8t/1x5Yg==
- S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMC
- AQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0
- uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg==
- C:
- S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHe
- ceP2CWY0SR0fAQAgAAQEBAQ=
- C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImP
- wkhbfa2QteAQAgAG1yYwE=
- S: A001 OK GSSAPI authentication successful
-
- Note: The line breaks within server challenges and client
- responses are for editorial clarity and are not in real
- authenticators.
-
-
-6.2.3. LOGIN Command
-
- Arguments: user name
- password
-
- Responses: no specific responses for this command
-
- Result: OK - login completed, now in authenticated state
- NO - login failure: user name or password rejected
- BAD - command unknown or arguments invalid
-
- The LOGIN command identifies the client to the server and carries
- the plaintext password authenticating this user.
-
-
-
-
-
-
-Crispin Standards Track [Page 30]
-
-RFC 3501 IMAPv4 March 2003
-
-
- A server MAY include a CAPABILITY response code in the tagged OK
- response to a successful LOGIN command in order to send
- capabilities automatically. It is unnecessary for a client to
- send a separate CAPABILITY command if it recognizes these
- automatic capabilities.
-
- Example: C: a001 LOGIN SMITH SESAME
- S: a001 OK LOGIN completed
-
- Note: Use of the LOGIN command over an insecure network
- (such as the Internet) is a security risk, because anyone
- monitoring network traffic can obtain plaintext passwords.
- The LOGIN command SHOULD NOT be used except as a last
- resort, and it is recommended that client implementations
- have a means to disable any automatic use of the LOGIN
- command.
-
- Unless either the STARTTLS command has been negotiated or
- some other mechanism that protects the session from
- password snooping has been provided, a server
- implementation MUST implement a configuration in which it
- advertises the LOGINDISABLED capability and does NOT permit
- the LOGIN command. Server sites SHOULD NOT use any
- configuration which permits the LOGIN command without such
- a protection mechanism against password snooping. A client
- implementation MUST NOT send a LOGIN command if the
- LOGINDISABLED capability is advertised.
-
-6.3. Client Commands - Authenticated State
-
- In the authenticated state, commands that manipulate mailboxes as
- atomic entities are permitted. Of these commands, the SELECT and
- EXAMINE commands will select a mailbox for access and enter the
- selected state.
-
- In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),
- the following commands are valid in the authenticated state: SELECT,
- EXAMINE, CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, LSUB,
- STATUS, and APPEND.
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 31]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.3.1. SELECT Command
-
- Arguments: mailbox name
-
- Responses: REQUIRED untagged responses: FLAGS, EXISTS, RECENT
- REQUIRED OK untagged responses: UNSEEN, PERMANENTFLAGS,
- UIDNEXT, UIDVALIDITY
-
- Result: OK - select completed, now in selected state
- NO - select failure, now in authenticated state: no
- such mailbox, can't access mailbox
- BAD - command unknown or arguments invalid
-
- The SELECT command selects a mailbox so that messages in the
- mailbox can be accessed. Before returning an OK to the client,
- the server MUST send the following untagged data to the client.
- Note that earlier versions of this protocol only required the
- FLAGS, EXISTS, and RECENT untagged data; consequently, client
- implementations SHOULD implement default behavior for missing data
- as discussed with the individual item.
-
- FLAGS Defined flags in the mailbox. See the description
- of the FLAGS response for more detail.
-
- <n> EXISTS The number of messages in the mailbox. See the
- description of the EXISTS response for more detail.
-
- <n> RECENT The number of messages with the \Recent flag set.
- See the description of the RECENT response for more
- detail.
-
- OK [UNSEEN <n>]
- The message sequence number of the first unseen
- message in the mailbox. If this is missing, the
- client can not make any assumptions about the first
- unseen message in the mailbox, and needs to issue a
- SEARCH command if it wants to find it.
-
- OK [PERMANENTFLAGS (<list of flags>)]
- A list of message flags that the client can change
- permanently. If this is missing, the client should
- assume that all flags can be changed permanently.
-
- OK [UIDNEXT <n>]
- The next unique identifier value. Refer to section
- 2.3.1.1 for more information. If this is missing,
- the client can not make any assumptions about the
- next unique identifier value.
-
-
-
-Crispin Standards Track [Page 32]
-
-RFC 3501 IMAPv4 March 2003
-
-
- OK [UIDVALIDITY <n>]
- The unique identifier validity value. Refer to
- section 2.3.1.1 for more information. If this is
- missing, the server does not support unique
- identifiers.
-
- Only one mailbox can be selected at a time in a connection;
- simultaneous access to multiple mailboxes requires multiple
- connections. The SELECT command automatically deselects any
- currently selected mailbox before attempting the new selection.
- Consequently, if a mailbox is selected and a SELECT command that
- fails is attempted, no mailbox is selected.
-
- If the client is permitted to modify the mailbox, the server
- SHOULD prefix the text of the tagged OK response with the
- "[READ-WRITE]" response code.
-
- If the client is not permitted to modify the mailbox but is
- permitted read access, the mailbox is selected as read-only, and
- the server MUST prefix the text of the tagged OK response to
- SELECT with the "[READ-ONLY]" response code. Read-only access
- through SELECT differs from the EXAMINE command in that certain
- read-only mailboxes MAY permit the change of permanent state on a
- per-user (as opposed to global) basis. Netnews messages marked in
- a server-based .newsrc file are an example of such per-user
- permanent state that can be modified with read-only mailboxes.
-
- Example: C: A142 SELECT INBOX
- S: * 172 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 4392] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
- S: A142 OK [READ-WRITE] SELECT completed
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 33]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.3.2. EXAMINE Command
-
- Arguments: mailbox name
-
- Responses: REQUIRED untagged responses: FLAGS, EXISTS, RECENT
- REQUIRED OK untagged responses: UNSEEN, PERMANENTFLAGS,
- UIDNEXT, UIDVALIDITY
-
- Result: OK - examine completed, now in selected state
- NO - examine failure, now in authenticated state: no
- such mailbox, can't access mailbox
- BAD - command unknown or arguments invalid
-
- The EXAMINE command is identical to SELECT and returns the same
- output; however, the selected mailbox is identified as read-only.
- No changes to the permanent state of the mailbox, including
- per-user state, are permitted; in particular, EXAMINE MUST NOT
- cause messages to lose the \Recent flag.
-
- The text of the tagged OK response to the EXAMINE command MUST
- begin with the "[READ-ONLY]" response code.
-
- Example: C: A932 EXAMINE blurdybloop
- S: * 17 EXISTS
- S: * 2 RECENT
- S: * OK [UNSEEN 8] Message 8 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 4392] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS ()] No permanent flags permitted
- S: A932 OK [READ-ONLY] EXAMINE completed
-
-
-6.3.3. CREATE Command
-
- Arguments: mailbox name
-
- Responses: no specific responses for this command
-
- Result: OK - create completed
- NO - create failure: can't create mailbox with that name
- BAD - command unknown or arguments invalid
-
- The CREATE command creates a mailbox with the given name. An OK
- response is returned only if a new mailbox with that name has been
- created. It is an error to attempt to create INBOX or a mailbox
- with a name that refers to an extant mailbox. Any error in
- creation will return a tagged NO response.
-
-
-
-Crispin Standards Track [Page 34]
-
-RFC 3501 IMAPv4 March 2003
-
-
- If the mailbox name is suffixed with the server's hierarchy
- separator character (as returned from the server by a LIST
- command), this is a declaration that the client intends to create
- mailbox names under this name in the hierarchy. Server
- implementations that do not require this declaration MUST ignore
- the declaration. In any case, the name created is without the
- trailing hierarchy delimiter.
-
- If the server's hierarchy separator character appears elsewhere in
- the name, the server SHOULD create any superior hierarchical names
- that are needed for the CREATE command to be successfully
- completed. In other words, an attempt to create "foo/bar/zap" on
- a server in which "/" is the hierarchy separator character SHOULD
- create foo/ and foo/bar/ if they do not already exist.
-
- If a new mailbox is created with the same name as a mailbox which
- was deleted, its unique identifiers MUST be greater than any
- unique identifiers used in the previous incarnation of the mailbox
- UNLESS the new incarnation has a different unique identifier
- validity value. See the description of the UID command for more
- detail.
-
- Example: C: A003 CREATE owatagusiam/
- S: A003 OK CREATE completed
- C: A004 CREATE owatagusiam/blurdybloop
- S: A004 OK CREATE completed
-
- Note: The interpretation of this example depends on whether
- "/" was returned as the hierarchy separator from LIST. If
- "/" is the hierarchy separator, a new level of hierarchy
- named "owatagusiam" with a member called "blurdybloop" is
- created. Otherwise, two mailboxes at the same hierarchy
- level are created.
-
-
-6.3.4. DELETE Command
-
- Arguments: mailbox name
-
- Responses: no specific responses for this command
-
- Result: OK - delete completed
- NO - delete failure: can't delete mailbox with that name
- BAD - command unknown or arguments invalid
-
-
-
-
-
-
-
-Crispin Standards Track [Page 35]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The DELETE command permanently removes the mailbox with the given
- name. A tagged OK response is returned only if the mailbox has
- been deleted. It is an error to attempt to delete INBOX or a
- mailbox name that does not exist.
-
- The DELETE command MUST NOT remove inferior hierarchical names.
- For example, if a mailbox "foo" has an inferior "foo.bar"
- (assuming "." is the hierarchy delimiter character), removing
- "foo" MUST NOT remove "foo.bar". It is an error to attempt to
- delete a name that has inferior hierarchical names and also has
- the \Noselect mailbox name attribute (see the description of the
- LIST response for more details).
-
- It is permitted to delete a name that has inferior hierarchical
- names and does not have the \Noselect mailbox name attribute. In
- this case, all messages in that mailbox are removed, and the name
- will acquire the \Noselect mailbox name attribute.
-
- The value of the highest-used unique identifier of the deleted
- mailbox MUST be preserved so that a new mailbox created with the
- same name will not reuse the identifiers of the former
- incarnation, UNLESS the new incarnation has a different unique
- identifier validity value. See the description of the UID command
- for more detail.
-
- Examples: C: A682 LIST "" *
- S: * LIST () "/" blurdybloop
- S: * LIST (\Noselect) "/" foo
- S: * LIST () "/" foo/bar
- S: A682 OK LIST completed
- C: A683 DELETE blurdybloop
- S: A683 OK DELETE completed
- C: A684 DELETE foo
- S: A684 NO Name "foo" has inferior hierarchical names
- C: A685 DELETE foo/bar
- S: A685 OK DELETE Completed
- C: A686 LIST "" *
- S: * LIST (\Noselect) "/" foo
- S: A686 OK LIST completed
- C: A687 DELETE foo
- S: A687 OK DELETE Completed
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 36]
-
-RFC 3501 IMAPv4 March 2003
-
-
- C: A82 LIST "" *
- S: * LIST () "." blurdybloop
- S: * LIST () "." foo
- S: * LIST () "." foo.bar
- S: A82 OK LIST completed
- C: A83 DELETE blurdybloop
- S: A83 OK DELETE completed
- C: A84 DELETE foo
- S: A84 OK DELETE Completed
- C: A85 LIST "" *
- S: * LIST () "." foo.bar
- S: A85 OK LIST completed
- C: A86 LIST "" %
- S: * LIST (\Noselect) "." foo
- S: A86 OK LIST completed
-
-
-6.3.5. RENAME Command
-
- Arguments: existing mailbox name
- new mailbox name
-
- Responses: no specific responses for this command
-
- Result: OK - rename completed
- NO - rename failure: can't rename mailbox with that name,
- can't rename to mailbox with that name
- BAD - command unknown or arguments invalid
-
- The RENAME command changes the name of a mailbox. A tagged OK
- response is returned only if the mailbox has been renamed. It is
- an error to attempt to rename from a mailbox name that does not
- exist or to a mailbox name that already exists. Any error in
- renaming will return a tagged NO response.
-
- If the name has inferior hierarchical names, then the inferior
- hierarchical names MUST also be renamed. For example, a rename of
- "foo" to "zap" will rename "foo/bar" (assuming "/" is the
- hierarchy delimiter character) to "zap/bar".
-
- If the server's hierarchy separator character appears in the name,
- the server SHOULD create any superior hierarchical names that are
- needed for the RENAME command to complete successfully. In other
- words, an attempt to rename "foo/bar/zap" to baz/rag/zowie on a
- server in which "/" is the hierarchy separator character SHOULD
- create baz/ and baz/rag/ if they do not already exist.
-
-
-
-
-
-Crispin Standards Track [Page 37]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The value of the highest-used unique identifier of the old mailbox
- name MUST be preserved so that a new mailbox created with the same
- name will not reuse the identifiers of the former incarnation,
- UNLESS the new incarnation has a different unique identifier
- validity value. See the description of the UID command for more
- detail.
-
- Renaming INBOX is permitted, and has special behavior. It moves
- all messages in INBOX to a new mailbox with the given name,
- leaving INBOX empty. If the server implementation supports
- inferior hierarchical names of INBOX, these are unaffected by a
- rename of INBOX.
-
- Examples: C: A682 LIST "" *
- S: * LIST () "/" blurdybloop
- S: * LIST (\Noselect) "/" foo
- S: * LIST () "/" foo/bar
- S: A682 OK LIST completed
- C: A683 RENAME blurdybloop sarasoop
- S: A683 OK RENAME completed
- C: A684 RENAME foo zowie
- S: A684 OK RENAME Completed
- C: A685 LIST "" *
- S: * LIST () "/" sarasoop
- S: * LIST (\Noselect) "/" zowie
- S: * LIST () "/" zowie/bar
- S: A685 OK LIST completed
-
- C: Z432 LIST "" *
- S: * LIST () "." INBOX
- S: * LIST () "." INBOX.bar
- S: Z432 OK LIST completed
- C: Z433 RENAME INBOX old-mail
- S: Z433 OK RENAME completed
- C: Z434 LIST "" *
- S: * LIST () "." INBOX
- S: * LIST () "." INBOX.bar
- S: * LIST () "." old-mail
- S: Z434 OK LIST completed
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 38]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.3.6. SUBSCRIBE Command
-
- Arguments: mailbox
-
- Responses: no specific responses for this command
-
- Result: OK - subscribe completed
- NO - subscribe failure: can't subscribe to that name
- BAD - command unknown or arguments invalid
-
- The SUBSCRIBE command adds the specified mailbox name to the
- server's set of "active" or "subscribed" mailboxes as returned by
- the LSUB command. This command returns a tagged OK response only
- if the subscription is successful.
-
- A server MAY validate the mailbox argument to SUBSCRIBE to verify
- that it exists. However, it MUST NOT unilaterally remove an
- existing mailbox name from the subscription list even if a mailbox
- by that name no longer exists.
-
- Note: This requirement is because a server site can
- choose to routinely remove a mailbox with a well-known
- name (e.g., "system-alerts") after its contents expire,
- with the intention of recreating it when new contents
- are appropriate.
-
-
- Example: C: A002 SUBSCRIBE #news.comp.mail.mime
- S: A002 OK SUBSCRIBE completed
-
-
-6.3.7. UNSUBSCRIBE Command
-
- Arguments: mailbox name
-
- Responses: no specific responses for this command
-
- Result: OK - unsubscribe completed
- NO - unsubscribe failure: can't unsubscribe that name
- BAD - command unknown or arguments invalid
-
- The UNSUBSCRIBE command removes the specified mailbox name from
- the server's set of "active" or "subscribed" mailboxes as returned
- by the LSUB command. This command returns a tagged OK response
- only if the unsubscription is successful.
-
- Example: C: A002 UNSUBSCRIBE #news.comp.mail.mime
- S: A002 OK UNSUBSCRIBE completed
-
-
-
-Crispin Standards Track [Page 39]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.3.8. LIST Command
-
- Arguments: reference name
- mailbox name with possible wildcards
-
- Responses: untagged responses: LIST
-
- Result: OK - list completed
- NO - list failure: can't list that reference or name
- BAD - command unknown or arguments invalid
-
- The LIST command returns a subset of names from the complete set
- of all names available to the client. Zero or more untagged LIST
- replies are returned, containing the name attributes, hierarchy
- delimiter, and name; see the description of the LIST reply for
- more detail.
-
- The LIST command SHOULD return its data quickly, without undue
- delay. For example, it SHOULD NOT go to excess trouble to
- calculate the \Marked or \Unmarked status or perform other
- processing; if each name requires 1 second of processing, then a
- list of 1200 names would take 20 minutes!
-
- An empty ("" string) reference name argument indicates that the
- mailbox name is interpreted as by SELECT. The returned mailbox
- names MUST match the supplied mailbox name pattern. A non-empty
- reference name argument is the name of a mailbox or a level of
- mailbox hierarchy, and indicates the context in which the mailbox
- name is interpreted.
-
- An empty ("" string) mailbox name argument is a special request to
- return the hierarchy delimiter and the root name of the name given
- in the reference. The value returned as the root MAY be the empty
- string if the reference is non-rooted or is an empty string. In
- all cases, a hierarchy delimiter (or NIL if there is no hierarchy)
- is returned. This permits a client to get the hierarchy delimiter
- (or find out that the mailbox names are flat) even when no
- mailboxes by that name currently exist.
-
- The reference and mailbox name arguments are interpreted into a
- canonical form that represents an unambiguous left-to-right
- hierarchy. The returned mailbox names will be in the interpreted
- form.
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 40]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Note: The interpretation of the reference argument is
- implementation-defined. It depends upon whether the
- server implementation has a concept of the "current
- working directory" and leading "break out characters",
- which override the current working directory.
-
- For example, on a server which exports a UNIX or NT
- filesystem, the reference argument contains the current
- working directory, and the mailbox name argument would
- contain the name as interpreted in the current working
- directory.
-
- If a server implementation has no concept of break out
- characters, the canonical form is normally the reference
- name appended with the mailbox name. Note that if the
- server implements the namespace convention (section
- 5.1.2), "#" is a break out character and must be treated
- as such.
-
- If the reference argument is not a level of mailbox
- hierarchy (that is, it is a \NoInferiors name), and/or
- the reference argument does not end with the hierarchy
- delimiter, it is implementation-dependent how this is
- interpreted. For example, a reference of "foo/bar" and
- mailbox name of "rag/baz" could be interpreted as
- "foo/bar/rag/baz", "foo/barrag/baz", or "foo/rag/baz".
- A client SHOULD NOT use such a reference argument except
- at the explicit request of the user. A hierarchical
- browser MUST NOT make any assumptions about server
- interpretation of the reference unless the reference is
- a level of mailbox hierarchy AND ends with the hierarchy
- delimiter.
-
- Any part of the reference argument that is included in the
- interpreted form SHOULD prefix the interpreted form. It SHOULD
- also be in the same form as the reference name argument. This
- rule permits the client to determine if the returned mailbox name
- is in the context of the reference argument, or if something about
- the mailbox argument overrode the reference argument. Without
- this rule, the client would have to have knowledge of the server's
- naming semantics including what characters are "breakouts" that
- override a naming context.
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 41]
-
-RFC 3501 IMAPv4 March 2003
-
-
- For example, here are some examples of how references
- and mailbox names might be interpreted on a UNIX-based
- server:
-
- Reference Mailbox Name Interpretation
- ------------ ------------ --------------
- ~smith/Mail/ foo.* ~smith/Mail/foo.*
- archive/ % archive/%
- #news. comp.mail.* #news.comp.mail.*
- ~smith/Mail/ /usr/doc/foo /usr/doc/foo
- archive/ ~fred/Mail/* ~fred/Mail/*
-
- The first three examples demonstrate interpretations in
- the context of the reference argument. Note that
- "~smith/Mail" SHOULD NOT be transformed into something
- like "/u2/users/smith/Mail", or it would be impossible
- for the client to determine that the interpretation was
- in the context of the reference.
-
- The character "*" is a wildcard, and matches zero or more
- characters at this position. The character "%" is similar to "*",
- but it does not match a hierarchy delimiter. If the "%" wildcard
- is the last character of a mailbox name argument, matching levels
- of hierarchy are also returned. If these levels of hierarchy are
- not also selectable mailboxes, they are returned with the
- \Noselect mailbox name attribute (see the description of the LIST
- response for more details).
-
- Server implementations are permitted to "hide" otherwise
- accessible mailboxes from the wildcard characters, by preventing
- certain characters or names from matching a wildcard in certain
- situations. For example, a UNIX-based server might restrict the
- interpretation of "*" so that an initial "/" character does not
- match.
-
- The special name INBOX is included in the output from LIST, if
- INBOX is supported by this server for this user and if the
- uppercase string "INBOX" matches the interpreted reference and
- mailbox name arguments with wildcards as described above. The
- criteria for omitting INBOX is whether SELECT INBOX will return
- failure; it is not relevant whether the user's real INBOX resides
- on this or some other server.
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 42]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Example: C: A101 LIST "" ""
- S: * LIST (\Noselect) "/" ""
- S: A101 OK LIST Completed
- C: A102 LIST #news.comp.mail.misc ""
- S: * LIST (\Noselect) "." #news.
- S: A102 OK LIST Completed
- C: A103 LIST /usr/staff/jones ""
- S: * LIST (\Noselect) "/" /
- S: A103 OK LIST Completed
- C: A202 LIST ~/Mail/ %
- S: * LIST (\Noselect) "/" ~/Mail/foo
- S: * LIST () "/" ~/Mail/meetings
- S: A202 OK LIST completed
-
-
-6.3.9. LSUB Command
-
- Arguments: reference name
- mailbox name with possible wildcards
-
- Responses: untagged responses: LSUB
-
- Result: OK - lsub completed
- NO - lsub failure: can't list that reference or name
- BAD - command unknown or arguments invalid
-
- The LSUB command returns a subset of names from the set of names
- that the user has declared as being "active" or "subscribed".
- Zero or more untagged LSUB replies are returned. The arguments to
- LSUB are in the same form as those for LIST.
-
- The returned untagged LSUB response MAY contain different mailbox
- flags from a LIST untagged response. If this should happen, the
- flags in the untagged LIST are considered more authoritative.
-
- A special situation occurs when using LSUB with the % wildcard.
- Consider what happens if "foo/bar" (with a hierarchy delimiter of
- "/") is subscribed but "foo" is not. A "%" wildcard to LSUB must
- return foo, not foo/bar, in the LSUB response, and it MUST be
- flagged with the \Noselect attribute.
-
- The server MUST NOT unilaterally remove an existing mailbox name
- from the subscription list even if a mailbox by that name no
- longer exists.
-
-
-
-
-
-
-
-Crispin Standards Track [Page 43]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Example: C: A002 LSUB "#news." "comp.mail.*"
- S: * LSUB () "." #news.comp.mail.mime
- S: * LSUB () "." #news.comp.mail.misc
- S: A002 OK LSUB completed
- C: A003 LSUB "#news." "comp.%"
- S: * LSUB (\NoSelect) "." #news.comp.mail
- S: A003 OK LSUB completed
-
-
-6.3.10. STATUS Command
-
- Arguments: mailbox name
- status data item names
-
- Responses: untagged responses: STATUS
-
- Result: OK - status completed
- NO - status failure: no status for that name
- BAD - command unknown or arguments invalid
-
- The STATUS command requests the status of the indicated mailbox.
- It does not change the currently selected mailbox, nor does it
- affect the state of any messages in the queried mailbox (in
- particular, STATUS MUST NOT cause messages to lose the \Recent
- flag).
-
- The STATUS command provides an alternative to opening a second
- IMAP4rev1 connection and doing an EXAMINE command on a mailbox to
- query that mailbox's status without deselecting the current
- mailbox in the first IMAP4rev1 connection.
-
- Unlike the LIST command, the STATUS command is not guaranteed to
- be fast in its response. Under certain circumstances, it can be
- quite slow. In some implementations, the server is obliged to
- open the mailbox read-only internally to obtain certain status
- information. Also unlike the LIST command, the STATUS command
- does not accept wildcards.
-
- Note: The STATUS command is intended to access the
- status of mailboxes other than the currently selected
- mailbox. Because the STATUS command can cause the
- mailbox to be opened internally, and because this
- information is available by other means on the selected
- mailbox, the STATUS command SHOULD NOT be used on the
- currently selected mailbox.
-
-
-
-
-
-
-Crispin Standards Track [Page 44]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The STATUS command MUST NOT be used as a "check for new
- messages in the selected mailbox" operation (refer to
- sections 7, 7.3.1, and 7.3.2 for more information about
- the proper method for new message checking).
-
- Because the STATUS command is not guaranteed to be fast
- in its results, clients SHOULD NOT expect to be able to
- issue many consecutive STATUS commands and obtain
- reasonable performance.
-
- The currently defined status data items that can be requested are:
-
- MESSAGES
- The number of messages in the mailbox.
-
- RECENT
- The number of messages with the \Recent flag set.
-
- UIDNEXT
- The next unique identifier value of the mailbox. Refer to
- section 2.3.1.1 for more information.
-
- UIDVALIDITY
- The unique identifier validity value of the mailbox. Refer to
- section 2.3.1.1 for more information.
-
- UNSEEN
- The number of messages which do not have the \Seen flag set.
-
-
- Example: C: A042 STATUS blurdybloop (UIDNEXT MESSAGES)
- S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292)
- S: A042 OK STATUS completed
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 45]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.3.11. APPEND Command
-
- Arguments: mailbox name
- OPTIONAL flag parenthesized list
- OPTIONAL date/time string
- message literal
-
- Responses: no specific responses for this command
-
- Result: OK - append completed
- NO - append error: can't append to that mailbox, error
- in flags or date/time or message text
- BAD - command unknown or arguments invalid
-
- The APPEND command appends the literal argument as a new message
- to the end of the specified destination mailbox. This argument
- SHOULD be in the format of an [RFC-2822] message. 8-bit
- characters are permitted in the message. A server implementation
- that is unable to preserve 8-bit data properly MUST be able to
- reversibly convert 8-bit APPEND data to 7-bit using a [MIME-IMB]
- content transfer encoding.
-
- Note: There MAY be exceptions, e.g., draft messages, in
- which required [RFC-2822] header lines are omitted in
- the message literal argument to APPEND. The full
- implications of doing so MUST be understood and
- carefully weighed.
-
- If a flag parenthesized list is specified, the flags SHOULD be set
- in the resulting message; otherwise, the flag list of the
- resulting message is set to empty by default. In either case, the
- Recent flag is also set.
-
- If a date-time is specified, the internal date SHOULD be set in
- the resulting message; otherwise, the internal date of the
- resulting message is set to the current date and time by default.
-
- If the append is unsuccessful for any reason, the mailbox MUST be
- restored to its state before the APPEND attempt; no partial
- appending is permitted.
-
- If the destination mailbox does not exist, a server MUST return an
- error, and MUST NOT automatically create the mailbox. Unless it
- is certain that the destination mailbox can not be created, the
- server MUST send the response code "[TRYCREATE]" as the prefix of
- the text of the tagged NO response. This gives a hint to the
- client that it can attempt a CREATE command and retry the APPEND
- if the CREATE is successful.
-
-
-
-Crispin Standards Track [Page 46]
-
-RFC 3501 IMAPv4 March 2003
-
-
- If the mailbox is currently selected, the normal new message
- actions SHOULD occur. Specifically, the server SHOULD notify the
- client immediately via an untagged EXISTS response. If the server
- does not do so, the client MAY issue a NOOP command (or failing
- that, a CHECK command) after one or more APPEND commands.
-
- Example: C: A003 APPEND saved-messages (\Seen) {310}
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@Blurdybloop.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.siam.edu
- C: Message-Id: <B27397-0100000@Blurdybloop.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C:
- S: A003 OK APPEND completed
-
- Note: The APPEND command is not used for message delivery,
- because it does not provide a mechanism to transfer [SMTP]
- envelope information.
-
-6.4. Client Commands - Selected State
-
- In the selected state, commands that manipulate messages in a mailbox
- are permitted.
-
- In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),
- and the authenticated state commands (SELECT, EXAMINE, CREATE,
- DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, LSUB, STATUS, and
- APPEND), the following commands are valid in the selected state:
- CHECK, CLOSE, EXPUNGE, SEARCH, FETCH, STORE, COPY, and UID.
-
-6.4.1. CHECK Command
-
- Arguments: none
-
- Responses: no specific responses for this command
-
- Result: OK - check completed
- BAD - command unknown or arguments invalid
-
- The CHECK command requests a checkpoint of the currently selected
- mailbox. A checkpoint refers to any implementation-dependent
- housekeeping associated with the mailbox (e.g., resolving the
- server's in-memory state of the mailbox with the state on its
-
-
-
-Crispin Standards Track [Page 47]
-
-RFC 3501 IMAPv4 March 2003
-
-
- disk) that is not normally executed as part of each command. A
- checkpoint MAY take a non-instantaneous amount of real time to
- complete. If a server implementation has no such housekeeping
- considerations, CHECK is equivalent to NOOP.
-
- There is no guarantee that an EXISTS untagged response will happen
- as a result of CHECK. NOOP, not CHECK, SHOULD be used for new
- message polling.
-
- Example: C: FXXZ CHECK
- S: FXXZ OK CHECK Completed
-
-
-6.4.2. CLOSE Command
-
- Arguments: none
-
- Responses: no specific responses for this command
-
- Result: OK - close completed, now in authenticated state
- BAD - command unknown or arguments invalid
-
- The CLOSE command permanently removes all messages that have the
- \Deleted flag set from the currently selected mailbox, and returns
- to the authenticated state from the selected state. No untagged
- EXPUNGE responses are sent.
-
- No messages are removed, and no error is given, if the mailbox is
- selected by an EXAMINE command or is otherwise selected read-only.
-
- Even if a mailbox is selected, a SELECT, EXAMINE, or LOGOUT
- command MAY be issued without previously issuing a CLOSE command.
- The SELECT, EXAMINE, and LOGOUT commands implicitly close the
- currently selected mailbox without doing an expunge. However,
- when many messages are deleted, a CLOSE-LOGOUT or CLOSE-SELECT
- sequence is considerably faster than an EXPUNGE-LOGOUT or
- EXPUNGE-SELECT because no untagged EXPUNGE responses (which the
- client would probably ignore) are sent.
-
- Example: C: A341 CLOSE
- S: A341 OK CLOSE completed
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 48]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.4.3. EXPUNGE Command
-
- Arguments: none
-
- Responses: untagged responses: EXPUNGE
-
- Result: OK - expunge completed
- NO - expunge failure: can't expunge (e.g., permission
- denied)
- BAD - command unknown or arguments invalid
-
- The EXPUNGE command permanently removes all messages that have the
- \Deleted flag set from the currently selected mailbox. Before
- returning an OK to the client, an untagged EXPUNGE response is
- sent for each message that is removed.
-
- Example: C: A202 EXPUNGE
- S: * 3 EXPUNGE
- S: * 3 EXPUNGE
- S: * 5 EXPUNGE
- S: * 8 EXPUNGE
- S: A202 OK EXPUNGE completed
-
- Note: In this example, messages 3, 4, 7, and 11 had the
- \Deleted flag set. See the description of the EXPUNGE
- response for further explanation.
-
-
-6.4.4. SEARCH Command
-
- Arguments: OPTIONAL [CHARSET] specification
- searching criteria (one or more)
-
- Responses: REQUIRED untagged response: SEARCH
-
- Result: OK - search completed
- NO - search error: can't search that [CHARSET] or
- criteria
- BAD - command unknown or arguments invalid
-
- The SEARCH command searches the mailbox for messages that match
- the given searching criteria. Searching criteria consist of one
- or more search keys. The untagged SEARCH response from the server
- contains a listing of message sequence numbers corresponding to
- those messages that match the searching criteria.
-
-
-
-
-
-
-Crispin Standards Track [Page 49]
-
-RFC 3501 IMAPv4 March 2003
-
-
- When multiple keys are specified, the result is the intersection
- (AND function) of all the messages that match those keys. For
- example, the criteria DELETED FROM "SMITH" SINCE 1-Feb-1994 refers
- to all deleted messages from Smith that were placed in the mailbox
- since February 1, 1994. A search key can also be a parenthesized
- list of one or more search keys (e.g., for use with the OR and NOT
- keys).
-
- Server implementations MAY exclude [MIME-IMB] body parts with
- terminal content media types other than TEXT and MESSAGE from
- consideration in SEARCH matching.
-
- The OPTIONAL [CHARSET] specification consists of the word
- "CHARSET" followed by a registered [CHARSET]. It indicates the
- [CHARSET] of the strings that appear in the search criteria.
- [MIME-IMB] content transfer encodings, and [MIME-HDRS] strings in
- [RFC-2822]/[MIME-IMB] headers, MUST be decoded before comparing
- text in a [CHARSET] other than US-ASCII. US-ASCII MUST be
- supported; other [CHARSET]s MAY be supported.
-
- If the server does not support the specified [CHARSET], it MUST
- return a tagged NO response (not a BAD). This response SHOULD
- contain the BADCHARSET response code, which MAY list the
- [CHARSET]s supported by the server.
-
- In all search keys that use strings, a message matches the key if
- the string is a substring of the field. The matching is
- case-insensitive.
-
- The defined search keys are as follows. Refer to the Formal
- Syntax section for the precise syntactic definitions of the
- arguments.
-
- <sequence set>
- Messages with message sequence numbers corresponding to the
- specified message sequence number set.
-
- ALL
- All messages in the mailbox; the default initial key for
- ANDing.
-
- ANSWERED
- Messages with the \Answered flag set.
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 50]
-
-RFC 3501 IMAPv4 March 2003
-
-
- BCC <string>
- Messages that contain the specified string in the envelope
- structure's BCC field.
-
- BEFORE <date>
- Messages whose internal date (disregarding time and timezone)
- is earlier than the specified date.
-
- BODY <string>
- Messages that contain the specified string in the body of the
- message.
-
- CC <string>
- Messages that contain the specified string in the envelope
- structure's CC field.
-
- DELETED
- Messages with the \Deleted flag set.
-
- DRAFT
- Messages with the \Draft flag set.
-
- FLAGGED
- Messages with the \Flagged flag set.
-
- FROM <string>
- Messages that contain the specified string in the envelope
- structure's FROM field.
-
- HEADER <field-name> <string>
- Messages that have a header with the specified field-name (as
- defined in [RFC-2822]) and that contains the specified string
- in the text of the header (what comes after the colon). If the
- string to search is zero-length, this matches all messages that
- have a header line with the specified field-name regardless of
- the contents.
-
- KEYWORD <flag>
- Messages with the specified keyword flag set.
-
- LARGER <n>
- Messages with an [RFC-2822] size larger than the specified
- number of octets.
-
- NEW
- Messages that have the \Recent flag set but not the \Seen flag.
- This is functionally equivalent to "(RECENT UNSEEN)".
-
-
-
-
-Crispin Standards Track [Page 51]
-
-RFC 3501 IMAPv4 March 2003
-
-
- NOT <search-key>
- Messages that do not match the specified search key.
-
- OLD
- Messages that do not have the \Recent flag set. This is
- functionally equivalent to "NOT RECENT" (as opposed to "NOT
- NEW").
-
- ON <date>
- Messages whose internal date (disregarding time and timezone)
- is within the specified date.
-
- OR <search-key1> <search-key2>
- Messages that match either search key.
-
- RECENT
- Messages that have the \Recent flag set.
-
- SEEN
- Messages that have the \Seen flag set.
-
- SENTBEFORE <date>
- Messages whose [RFC-2822] Date: header (disregarding time and
- timezone) is earlier than the specified date.
-
- SENTON <date>
- Messages whose [RFC-2822] Date: header (disregarding time and
- timezone) is within the specified date.
-
- SENTSINCE <date>
- Messages whose [RFC-2822] Date: header (disregarding time and
- timezone) is within or later than the specified date.
-
- SINCE <date>
- Messages whose internal date (disregarding time and timezone)
- is within or later than the specified date.
-
- SMALLER <n>
- Messages with an [RFC-2822] size smaller than the specified
- number of octets.
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 52]
-
-RFC 3501 IMAPv4 March 2003
-
-
- SUBJECT <string>
- Messages that contain the specified string in the envelope
- structure's SUBJECT field.
-
- TEXT <string>
- Messages that contain the specified string in the header or
- body of the message.
-
- TO <string>
- Messages that contain the specified string in the envelope
- structure's TO field.
-
- UID <sequence set>
- Messages with unique identifiers corresponding to the specified
- unique identifier set. Sequence set ranges are permitted.
-
- UNANSWERED
- Messages that do not have the \Answered flag set.
-
- UNDELETED
- Messages that do not have the \Deleted flag set.
-
- UNDRAFT
- Messages that do not have the \Draft flag set.
-
- UNFLAGGED
- Messages that do not have the \Flagged flag set.
-
- UNKEYWORD <flag>
- Messages that do not have the specified keyword flag set.
-
- UNSEEN
- Messages that do not have the \Seen flag set.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 53]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Example: C: A282 SEARCH FLAGGED SINCE 1-Feb-1994 NOT FROM "Smith"
- S: * SEARCH 2 84 882
- S: A282 OK SEARCH completed
- C: A283 SEARCH TEXT "string not in mailbox"
- S: * SEARCH
- S: A283 OK SEARCH completed
- C: A284 SEARCH CHARSET UTF-8 TEXT {6}
- C: XXXXXX
- S: * SEARCH 43
- S: A284 OK SEARCH completed
-
- Note: Since this document is restricted to 7-bit ASCII
- text, it is not possible to show actual UTF-8 data. The
- "XXXXXX" is a placeholder for what would be 6 octets of
- 8-bit data in an actual transaction.
-
-
-6.4.5. FETCH Command
-
- Arguments: sequence set
- message data item names or macro
-
- Responses: untagged responses: FETCH
-
- Result: OK - fetch completed
- NO - fetch error: can't fetch that data
- BAD - command unknown or arguments invalid
-
- The FETCH command retrieves data associated with a message in the
- mailbox. The data items to be fetched can be either a single atom
- or a parenthesized list.
-
- Most data items, identified in the formal syntax under the
- msg-att-static rule, are static and MUST NOT change for any
- particular message. Other data items, identified in the formal
- syntax under the msg-att-dynamic rule, MAY change, either as a
- result of a STORE command or due to external events.
-
- For example, if a client receives an ENVELOPE for a
- message when it already knows the envelope, it can
- safely ignore the newly transmitted envelope.
-
- There are three macros which specify commonly-used sets of data
- items, and can be used instead of data items. A macro must be
- used by itself, and not in conjunction with other macros or data
- items.
-
-
-
-
-
-Crispin Standards Track [Page 54]
-
-RFC 3501 IMAPv4 March 2003
-
-
- ALL
- Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE)
-
- FAST
- Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE)
-
- FULL
- Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE
- BODY)
-
- The currently defined data items that can be fetched are:
-
- BODY
- Non-extensible form of BODYSTRUCTURE.
-
- BODY[<section>]<<partial>>
- The text of a particular body section. The section
- specification is a set of zero or more part specifiers
- delimited by periods. A part specifier is either a part number
- or one of the following: HEADER, HEADER.FIELDS,
- HEADER.FIELDS.NOT, MIME, and TEXT. An empty section
- specification refers to the entire message, including the
- header.
-
- Every message has at least one part number. Non-[MIME-IMB]
- messages, and non-multipart [MIME-IMB] messages with no
- encapsulated message, only have a part 1.
-
- Multipart messages are assigned consecutive part numbers, as
- they occur in the message. If a particular part is of type
- message or multipart, its parts MUST be indicated by a period
- followed by the part number within that nested multipart part.
-
- A part of type MESSAGE/RFC822 also has nested part numbers,
- referring to parts of the MESSAGE part's body.
-
- The HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, and TEXT part
- specifiers can be the sole part specifier or can be prefixed by
- one or more numeric part specifiers, provided that the numeric
- part specifier refers to a part of type MESSAGE/RFC822. The
- MIME part specifier MUST be prefixed by one or more numeric
- part specifiers.
-
- The HEADER, HEADER.FIELDS, and HEADER.FIELDS.NOT part
- specifiers refer to the [RFC-2822] header of the message or of
- an encapsulated [MIME-IMT] MESSAGE/RFC822 message.
- HEADER.FIELDS and HEADER.FIELDS.NOT are followed by a list of
- field-name (as defined in [RFC-2822]) names, and return a
-
-
-
-Crispin Standards Track [Page 55]
-
-RFC 3501 IMAPv4 March 2003
-
-
- subset of the header. The subset returned by HEADER.FIELDS
- contains only those header fields with a field-name that
- matches one of the names in the list; similarly, the subset
- returned by HEADER.FIELDS.NOT contains only the header fields
- with a non-matching field-name. The field-matching is
- case-insensitive but otherwise exact. Subsetting does not
- exclude the [RFC-2822] delimiting blank line between the header
- and the body; the blank line is included in all header fetches,
- except in the case of a message which has no body and no blank
- line.
-
- The MIME part specifier refers to the [MIME-IMB] header for
- this part.
-
- The TEXT part specifier refers to the text body of the message,
- omitting the [RFC-2822] header.
-
- Here is an example of a complex message with some of its
- part specifiers:
-
- HEADER ([RFC-2822] header of the message)
- TEXT ([RFC-2822] text body of the message) MULTIPART/MIXED
- 1 TEXT/PLAIN
- 2 APPLICATION/OCTET-STREAM
- 3 MESSAGE/RFC822
- 3.HEADER ([RFC-2822] header of the message)
- 3.TEXT ([RFC-2822] text body of the message) MULTIPART/MIXED
- 3.1 TEXT/PLAIN
- 3.2 APPLICATION/OCTET-STREAM
- 4 MULTIPART/MIXED
- 4.1 IMAGE/GIF
- 4.1.MIME ([MIME-IMB] header for the IMAGE/GIF)
- 4.2 MESSAGE/RFC822
- 4.2.HEADER ([RFC-2822] header of the message)
- 4.2.TEXT ([RFC-2822] text body of the message) MULTIPART/MIXED
- 4.2.1 TEXT/PLAIN
- 4.2.2 MULTIPART/ALTERNATIVE
- 4.2.2.1 TEXT/PLAIN
- 4.2.2.2 TEXT/RICHTEXT
-
-
- It is possible to fetch a substring of the designated text.
- This is done by appending an open angle bracket ("<"), the
- octet position of the first desired octet, a period, the
- maximum number of octets desired, and a close angle bracket
- (">") to the part specifier. If the starting octet is beyond
- the end of the text, an empty string is returned.
-
-
-
-
-Crispin Standards Track [Page 56]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Any partial fetch that attempts to read beyond the end of the
- text is truncated as appropriate. A partial fetch that starts
- at octet 0 is returned as a partial fetch, even if this
- truncation happened.
-
- Note: This means that BODY[]<0.2048> of a 1500-octet message
- will return BODY[]<0> with a literal of size 1500, not
- BODY[].
-
- Note: A substring fetch of a HEADER.FIELDS or
- HEADER.FIELDS.NOT part specifier is calculated after
- subsetting the header.
-
- The \Seen flag is implicitly set; if this causes the flags to
- change, they SHOULD be included as part of the FETCH responses.
-
- BODY.PEEK[<section>]<<partial>>
- An alternate form of BODY[<section>] that does not implicitly
- set the \Seen flag.
-
- BODYSTRUCTURE
- The [MIME-IMB] body structure of the message. This is computed
- by the server by parsing the [MIME-IMB] header fields in the
- [RFC-2822] header and [MIME-IMB] headers.
-
- ENVELOPE
- The envelope structure of the message. This is computed by the
- server by parsing the [RFC-2822] header into the component
- parts, defaulting various fields as necessary.
-
- FLAGS
- The flags that are set for this message.
-
- INTERNALDATE
- The internal date of the message.
-
- RFC822
- Functionally equivalent to BODY[], differing in the syntax of
- the resulting untagged FETCH data (RFC822 is returned).
-
- RFC822.HEADER
- Functionally equivalent to BODY.PEEK[HEADER], differing in the
- syntax of the resulting untagged FETCH data (RFC822.HEADER is
- returned).
-
- RFC822.SIZE
- The [RFC-2822] size of the message.
-
-
-
-
-Crispin Standards Track [Page 57]
-
-RFC 3501 IMAPv4 March 2003
-
-
- RFC822.TEXT
- Functionally equivalent to BODY[TEXT], differing in the syntax
- of the resulting untagged FETCH data (RFC822.TEXT is returned).
-
- UID
- The unique identifier for the message.
-
-
- Example: C: A654 FETCH 2:4 (FLAGS BODY[HEADER.FIELDS (DATE FROM)])
- S: * 2 FETCH ....
- S: * 3 FETCH ....
- S: * 4 FETCH ....
- S: A654 OK FETCH completed
-
-
-6.4.6. STORE Command
-
- Arguments: sequence set
- message data item name
- value for message data item
-
- Responses: untagged responses: FETCH
-
- Result: OK - store completed
- NO - store error: can't store that data
- BAD - command unknown or arguments invalid
-
- The STORE command alters data associated with a message in the
- mailbox. Normally, STORE will return the updated value of the
- data with an untagged FETCH response. A suffix of ".SILENT" in
- the data item name prevents the untagged FETCH, and the server
- SHOULD assume that the client has determined the updated value
- itself or does not care about the updated value.
-
- Note: Regardless of whether or not the ".SILENT" suffix
- was used, the server SHOULD send an untagged FETCH
- response if a change to a message's flags from an
- external source is observed. The intent is that the
- status of the flags is determinate without a race
- condition.
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 58]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The currently defined data items that can be stored are:
-
- FLAGS <flag list>
- Replace the flags for the message (other than \Recent) with the
- argument. The new value of the flags is returned as if a FETCH
- of those flags was done.
-
- FLAGS.SILENT <flag list>
- Equivalent to FLAGS, but without returning a new value.
-
- +FLAGS <flag list>
- Add the argument to the flags for the message. The new value
- of the flags is returned as if a FETCH of those flags was done.
-
- +FLAGS.SILENT <flag list>
- Equivalent to +FLAGS, but without returning a new value.
-
- -FLAGS <flag list>
- Remove the argument from the flags for the message. The new
- value of the flags is returned as if a FETCH of those flags was
- done.
-
- -FLAGS.SILENT <flag list>
- Equivalent to -FLAGS, but without returning a new value.
-
-
- Example: C: A003 STORE 2:4 +FLAGS (\Deleted)
- S: * 2 FETCH (FLAGS (\Deleted \Seen))
- S: * 3 FETCH (FLAGS (\Deleted))
- S: * 4 FETCH (FLAGS (\Deleted \Flagged \Seen))
- S: A003 OK STORE completed
-
-
-6.4.7. COPY Command
-
- Arguments: sequence set
- mailbox name
-
- Responses: no specific responses for this command
-
- Result: OK - copy completed
- NO - copy error: can't copy those messages or to that
- name
- BAD - command unknown or arguments invalid
-
-
-
-
-
-
-
-Crispin Standards Track [Page 59]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The COPY command copies the specified message(s) to the end of the
- specified destination mailbox. The flags and internal date of the
- message(s) SHOULD be preserved, and the Recent flag SHOULD be set,
- in the copy.
-
- If the destination mailbox does not exist, a server SHOULD return
- an error. It SHOULD NOT automatically create the mailbox. Unless
- it is certain that the destination mailbox can not be created, the
- server MUST send the response code "[TRYCREATE]" as the prefix of
- the text of the tagged NO response. This gives a hint to the
- client that it can attempt a CREATE command and retry the COPY if
- the CREATE is successful.
-
- If the COPY command is unsuccessful for any reason, server
- implementations MUST restore the destination mailbox to its state
- before the COPY attempt.
-
- Example: C: A003 COPY 2:4 MEETING
- S: A003 OK COPY completed
-
-
-6.4.8. UID Command
-
- Arguments: command name
- command arguments
-
- Responses: untagged responses: FETCH, SEARCH
-
- Result: OK - UID command completed
- NO - UID command error
- BAD - command unknown or arguments invalid
-
- The UID command has two forms. In the first form, it takes as its
- arguments a COPY, FETCH, or STORE command with arguments
- appropriate for the associated command. However, the numbers in
- the sequence set argument are unique identifiers instead of
- message sequence numbers. Sequence set ranges are permitted, but
- there is no guarantee that unique identifiers will be contiguous.
-
- A non-existent unique identifier is ignored without any error
- message generated. Thus, it is possible for a UID FETCH command
- to return an OK without any data or a UID COPY or UID STORE to
- return an OK without performing any operations.
-
- In the second form, the UID command takes a SEARCH command with
- SEARCH command arguments. The interpretation of the arguments is
- the same as with SEARCH; however, the numbers returned in a SEARCH
- response for a UID SEARCH command are unique identifiers instead
-
-
-
-Crispin Standards Track [Page 60]
-
-RFC 3501 IMAPv4 March 2003
-
-
- of message sequence numbers. For example, the command UID SEARCH
- 1:100 UID 443:557 returns the unique identifiers corresponding to
- the intersection of two sequence sets, the message sequence number
- range 1:100 and the UID range 443:557.
-
- Note: in the above example, the UID range 443:557
- appears. The same comment about a non-existent unique
- identifier being ignored without any error message also
- applies here. Hence, even if neither UID 443 or 557
- exist, this range is valid and would include an existing
- UID 495.
-
- Also note that a UID range of 559:* always includes the
- UID of the last message in the mailbox, even if 559 is
- higher than any assigned UID value. This is because the
- contents of a range are independent of the order of the
- range endpoints. Thus, any UID range with * as one of
- the endpoints indicates at least one message (the
- message with the highest numbered UID), unless the
- mailbox is empty.
-
- The number after the "*" in an untagged FETCH response is always a
- message sequence number, not a unique identifier, even for a UID
- command response. However, server implementations MUST implicitly
- include the UID message data item as part of any FETCH response
- caused by a UID command, regardless of whether a UID was specified
- as a message data item to the FETCH.
-
-
- Note: The rule about including the UID message data item as part
- of a FETCH response primarily applies to the UID FETCH and UID
- STORE commands, including a UID FETCH command that does not
- include UID as a message data item. Although it is unlikely that
- the other UID commands will cause an untagged FETCH, this rule
- applies to these commands as well.
-
- Example: C: A999 UID FETCH 4827313:4828442 FLAGS
- S: * 23 FETCH (FLAGS (\Seen) UID 4827313)
- S: * 24 FETCH (FLAGS (\Seen) UID 4827943)
- S: * 25 FETCH (FLAGS (\Seen) UID 4828442)
- S: A999 OK UID FETCH completed
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 61]
-
-RFC 3501 IMAPv4 March 2003
-
-
-6.5. Client Commands - Experimental/Expansion
-
-
-6.5.1. X<atom> Command
-
- Arguments: implementation defined
-
- Responses: implementation defined
-
- Result: OK - command completed
- NO - failure
- BAD - command unknown or arguments invalid
-
- Any command prefixed with an X is an experimental command.
- Commands which are not part of this specification, a standard or
- standards-track revision of this specification, or an
- IESG-approved experimental protocol, MUST use the X prefix.
-
- Any added untagged responses issued by an experimental command
- MUST also be prefixed with an X. Server implementations MUST NOT
- send any such untagged responses, unless the client requested it
- by issuing the associated experimental command.
-
- Example: C: a441 CAPABILITY
- S: * CAPABILITY IMAP4rev1 XPIG-LATIN
- S: a441 OK CAPABILITY completed
- C: A442 XPIG-LATIN
- S: * XPIG-LATIN ow-nay eaking-spay ig-pay atin-lay
- S: A442 OK XPIG-LATIN ompleted-cay
-
-7. Server Responses
-
- Server responses are in three forms: status responses, server data,
- and command continuation request. The information contained in a
- server response, identified by "Contents:" in the response
- descriptions below, is described by function, not by syntax. The
- precise syntax of server responses is described in the Formal Syntax
- section.
-
- The client MUST be prepared to accept any response at all times.
-
- Status responses can be tagged or untagged. Tagged status responses
- indicate the completion result (OK, NO, or BAD status) of a client
- command, and have a tag matching the command.
-
- Some status responses, and all server data, are untagged. An
- untagged response is indicated by the token "*" instead of a tag.
- Untagged status responses indicate server greeting, or server status
-
-
-
-Crispin Standards Track [Page 62]
-
-RFC 3501 IMAPv4 March 2003
-
-
- that does not indicate the completion of a command (for example, an
- impending system shutdown alert). For historical reasons, untagged
- server data responses are also called "unsolicited data", although
- strictly speaking, only unilateral server data is truly
- "unsolicited".
-
- Certain server data MUST be recorded by the client when it is
- received; this is noted in the description of that data. Such data
- conveys critical information which affects the interpretation of all
- subsequent commands and responses (e.g., updates reflecting the
- creation or destruction of messages).
-
- Other server data SHOULD be recorded for later reference; if the
- client does not need to record the data, or if recording the data has
- no obvious purpose (e.g., a SEARCH response when no SEARCH command is
- in progress), the data SHOULD be ignored.
-
- An example of unilateral untagged server data occurs when the IMAP
- connection is in the selected state. In the selected state, the
- server checks the mailbox for new messages as part of command
- execution. Normally, this is part of the execution of every command;
- hence, a NOOP command suffices to check for new messages. If new
- messages are found, the server sends untagged EXISTS and RECENT
- responses reflecting the new size of the mailbox. Server
- implementations that offer multiple simultaneous access to the same
- mailbox SHOULD also send appropriate unilateral untagged FETCH and
- EXPUNGE responses if another agent changes the state of any message
- flags or expunges any messages.
-
- Command continuation request responses use the token "+" instead of a
- tag. These responses are sent by the server to indicate acceptance
- of an incomplete client command and readiness for the remainder of
- the command.
-
-7.1. Server Responses - Status Responses
-
- Status responses are OK, NO, BAD, PREAUTH and BYE. OK, NO, and BAD
- can be tagged or untagged. PREAUTH and BYE are always untagged.
-
- Status responses MAY include an OPTIONAL "response code". A response
- code consists of data inside square brackets in the form of an atom,
- possibly followed by a space and arguments. The response code
- contains additional information or status codes for client software
- beyond the OK/NO/BAD condition, and are defined when there is a
- specific action that a client can take based upon the additional
- information.
-
-
-
-
-
-Crispin Standards Track [Page 63]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The currently defined response codes are:
-
- ALERT
-
- The human-readable text contains a special alert that MUST be
- presented to the user in a fashion that calls the user's
- attention to the message.
-
- BADCHARSET
-
- Optionally followed by a parenthesized list of charsets. A
- SEARCH failed because the given charset is not supported by
- this implementation. If the optional list of charsets is
- given, this lists the charsets that are supported by this
- implementation.
-
- CAPABILITY
-
- Followed by a list of capabilities. This can appear in the
- initial OK or PREAUTH response to transmit an initial
- capabilities list. This makes it unnecessary for a client to
- send a separate CAPABILITY command if it recognizes this
- response.
-
- PARSE
-
- The human-readable text represents an error in parsing the
- [RFC-2822] header or [MIME-IMB] headers of a message in the
- mailbox.
-
- PERMANENTFLAGS
-
- Followed by a parenthesized list of flags, indicates which of
- the known flags the client can change permanently. Any flags
- that are in the FLAGS untagged response, but not the
- PERMANENTFLAGS list, can not be set permanently. If the client
- attempts to STORE a flag that is not in the PERMANENTFLAGS
- list, the server will either ignore the change or store the
- state change for the remainder of the current session only.
- The PERMANENTFLAGS list can also include the special flag \*,
- which indicates that it is possible to create new keywords by
- attempting to store those flags in the mailbox.
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 64]
-
-RFC 3501 IMAPv4 March 2003
-
-
- READ-ONLY
-
- The mailbox is selected read-only, or its access while selected
- has changed from read-write to read-only.
-
- READ-WRITE
-
- The mailbox is selected read-write, or its access while
- selected has changed from read-only to read-write.
-
- TRYCREATE
-
- An APPEND or COPY attempt is failing because the target mailbox
- does not exist (as opposed to some other reason). This is a
- hint to the client that the operation can succeed if the
- mailbox is first created by the CREATE command.
-
- UIDNEXT
-
- Followed by a decimal number, indicates the next unique
- identifier value. Refer to section 2.3.1.1 for more
- information.
-
- UIDVALIDITY
-
- Followed by a decimal number, indicates the unique identifier
- validity value. Refer to section 2.3.1.1 for more information.
-
- UNSEEN
-
- Followed by a decimal number, indicates the number of the first
- message without the \Seen flag set.
-
- Additional response codes defined by particular client or server
- implementations SHOULD be prefixed with an "X" until they are
- added to a revision of this protocol. Client implementations
- SHOULD ignore response codes that they do not recognize.
-
-7.1.1. OK Response
-
- Contents: OPTIONAL response code
- human-readable text
-
- The OK response indicates an information message from the server.
- When tagged, it indicates successful completion of the associated
- command. The human-readable text MAY be presented to the user as
- an information message. The untagged form indicates an
-
-
-
-
-Crispin Standards Track [Page 65]
-
-RFC 3501 IMAPv4 March 2003
-
-
- information-only message; the nature of the information MAY be
- indicated by a response code.
-
- The untagged form is also used as one of three possible greetings
- at connection startup. It indicates that the connection is not
- yet authenticated and that a LOGIN command is needed.
-
- Example: S: * OK IMAP4rev1 server ready
- C: A001 LOGIN fred blurdybloop
- S: * OK [ALERT] System shutdown in 10 minutes
- S: A001 OK LOGIN Completed
-
-
-7.1.2. NO Response
-
- Contents: OPTIONAL response code
- human-readable text
-
- The NO response indicates an operational error message from the
- server. When tagged, it indicates unsuccessful completion of the
- associated command. The untagged form indicates a warning; the
- command can still complete successfully. The human-readable text
- describes the condition.
-
- Example: C: A222 COPY 1:2 owatagusiam
- S: * NO Disk is 98% full, please delete unnecessary data
- S: A222 OK COPY completed
- C: A223 COPY 3:200 blurdybloop
- S: * NO Disk is 98% full, please delete unnecessary data
- S: * NO Disk is 99% full, please delete unnecessary data
- S: A223 NO COPY failed: disk is full
-
-
-7.1.3. BAD Response
-
- Contents: OPTIONAL response code
- human-readable text
-
- The BAD response indicates an error message from the server. When
- tagged, it reports a protocol-level error in the client's command;
- the tag indicates the command that caused the error. The untagged
- form indicates a protocol-level error for which the associated
- command can not be determined; it can also indicate an internal
- server failure. The human-readable text describes the condition.
-
-
-
-
-
-
-
-Crispin Standards Track [Page 66]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Example: C: ...very long command line...
- S: * BAD Command line too long
- C: ...empty line...
- S: * BAD Empty command line
- C: A443 EXPUNGE
- S: * BAD Disk crash, attempting salvage to a new disk!
- S: * OK Salvage successful, no data lost
- S: A443 OK Expunge completed
-
-
-7.1.4. PREAUTH Response
-
- Contents: OPTIONAL response code
- human-readable text
-
- The PREAUTH response is always untagged, and is one of three
- possible greetings at connection startup. It indicates that the
- connection has already been authenticated by external means; thus
- no LOGIN command is needed.
-
- Example: S: * PREAUTH IMAP4rev1 server logged in as Smith
-
-
-7.1.5. BYE Response
-
- Contents: OPTIONAL response code
- human-readable text
-
- The BYE response is always untagged, and indicates that the server
- is about to close the connection. The human-readable text MAY be
- displayed to the user in a status report by the client. The BYE
- response is sent under one of four conditions:
-
- 1) as part of a normal logout sequence. The server will close
- the connection after sending the tagged OK response to the
- LOGOUT command.
-
- 2) as a panic shutdown announcement. The server closes the
- connection immediately.
-
- 3) as an announcement of an inactivity autologout. The server
- closes the connection immediately.
-
- 4) as one of three possible greetings at connection startup,
- indicating that the server is not willing to accept a
- connection from this client. The server closes the
- connection immediately.
-
-
-
-
-Crispin Standards Track [Page 67]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The difference between a BYE that occurs as part of a normal
- LOGOUT sequence (the first case) and a BYE that occurs because of
- a failure (the other three cases) is that the connection closes
- immediately in the failure case. In all cases the client SHOULD
- continue to read response data from the server until the
- connection is closed; this will ensure that any pending untagged
- or completion responses are read and processed.
-
- Example: S: * BYE Autologout; idle for too long
-
-7.2. Server Responses - Server and Mailbox Status
-
- These responses are always untagged. This is how server and mailbox
- status data are transmitted from the server to the client. Many of
- these responses typically result from a command with the same name.
-
-7.2.1. CAPABILITY Response
-
- Contents: capability listing
-
- The CAPABILITY response occurs as a result of a CAPABILITY
- command. The capability listing contains a space-separated
- listing of capability names that the server supports. The
- capability listing MUST include the atom "IMAP4rev1".
-
- In addition, client and server implementations MUST implement the
- STARTTLS, LOGINDISABLED, and AUTH=PLAIN (described in [IMAP-TLS])
- capabilities. See the Security Considerations section for
- important information.
-
- A capability name which begins with "AUTH=" indicates that the
- server supports that particular authentication mechanism.
-
- The LOGINDISABLED capability indicates that the LOGIN command is
- disabled, and that the server will respond with a tagged NO
- response to any attempt to use the LOGIN command even if the user
- name and password are valid. An IMAP client MUST NOT issue the
- LOGIN command if the server advertises the LOGINDISABLED
- capability.
-
- Other capability names indicate that the server supports an
- extension, revision, or amendment to the IMAP4rev1 protocol.
- Server responses MUST conform to this document until the client
- issues a command that uses the associated capability.
-
- Capability names MUST either begin with "X" or be standard or
- standards-track IMAP4rev1 extensions, revisions, or amendments
- registered with IANA. A server MUST NOT offer unregistered or
-
-
-
-Crispin Standards Track [Page 68]
-
-RFC 3501 IMAPv4 March 2003
-
-
- non-standard capability names, unless such names are prefixed with
- an "X".
-
- Client implementations SHOULD NOT require any capability name
- other than "IMAP4rev1", and MUST ignore any unknown capability
- names.
-
- A server MAY send capabilities automatically, by using the
- CAPABILITY response code in the initial PREAUTH or OK responses,
- and by sending an updated CAPABILITY response code in the tagged
- OK response as part of a successful authentication. It is
- unnecessary for a client to send a separate CAPABILITY command if
- it recognizes these automatic capabilities.
-
- Example: S: * CAPABILITY IMAP4rev1 STARTTLS AUTH=GSSAPI XPIG-LATIN
-
-
-7.2.2. LIST Response
-
- Contents: name attributes
- hierarchy delimiter
- name
-
- The LIST response occurs as a result of a LIST command. It
- returns a single name that matches the LIST specification. There
- can be multiple LIST responses for a single LIST command.
-
- Four name attributes are defined:
-
- \Noinferiors
- It is not possible for any child levels of hierarchy to exist
- under this name; no child levels exist now and none can be
- created in the future.
-
- \Noselect
- It is not possible to use this name as a selectable mailbox.
-
- \Marked
- The mailbox has been marked "interesting" by the server; the
- mailbox probably contains messages that have been added since
- the last time the mailbox was selected.
-
- \Unmarked
- The mailbox does not contain any additional messages since the
- last time the mailbox was selected.
-
-
-
-
-
-
-Crispin Standards Track [Page 69]
-
-RFC 3501 IMAPv4 March 2003
-
-
- If it is not feasible for the server to determine whether or not
- the mailbox is "interesting", or if the name is a \Noselect name,
- the server SHOULD NOT send either \Marked or \Unmarked.
-
- The hierarchy delimiter is a character used to delimit levels of
- hierarchy in a mailbox name. A client can use it to create child
- mailboxes, and to search higher or lower levels of naming
- hierarchy. All children of a top-level hierarchy node MUST use
- the same separator character. A NIL hierarchy delimiter means
- that no hierarchy exists; the name is a "flat" name.
-
- The name represents an unambiguous left-to-right hierarchy, and
- MUST be valid for use as a reference in LIST and LSUB commands.
- Unless \Noselect is indicated, the name MUST also be valid as an
- argument for commands, such as SELECT, that accept mailbox names.
-
- Example: S: * LIST (\Noselect) "/" ~/Mail/foo
-
-
-7.2.3. LSUB Response
-
- Contents: name attributes
- hierarchy delimiter
- name
-
- The LSUB response occurs as a result of an LSUB command. It
- returns a single name that matches the LSUB specification. There
- can be multiple LSUB responses for a single LSUB command. The
- data is identical in format to the LIST response.
-
- Example: S: * LSUB () "." #news.comp.mail.misc
-
-
-7.2.4 STATUS Response
-
- Contents: name
- status parenthesized list
-
- The STATUS response occurs as a result of an STATUS command. It
- returns the mailbox name that matches the STATUS specification and
- the requested mailbox status information.
-
- Example: S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292)
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 70]
-
-RFC 3501 IMAPv4 March 2003
-
-
-7.2.5. SEARCH Response
-
- Contents: zero or more numbers
-
- The SEARCH response occurs as a result of a SEARCH or UID SEARCH
- command. The number(s) refer to those messages that match the
- search criteria. For SEARCH, these are message sequence numbers;
- for UID SEARCH, these are unique identifiers. Each number is
- delimited by a space.
-
- Example: S: * SEARCH 2 3 6
-
-
-7.2.6. FLAGS Response
-
- Contents: flag parenthesized list
-
- The FLAGS response occurs as a result of a SELECT or EXAMINE
- command. The flag parenthesized list identifies the flags (at a
- minimum, the system-defined flags) that are applicable for this
- mailbox. Flags other than the system flags can also exist,
- depending on server implementation.
-
- The update from the FLAGS response MUST be recorded by the client.
-
- Example: S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
-
-
-7.3. Server Responses - Mailbox Size
-
- These responses are always untagged. This is how changes in the size
- of the mailbox are transmitted from the server to the client.
- Immediately following the "*" token is a number that represents a
- message count.
-
-7.3.1. EXISTS Response
-
- Contents: none
-
- The EXISTS response reports the number of messages in the mailbox.
- This response occurs as a result of a SELECT or EXAMINE command,
- and if the size of the mailbox changes (e.g., new messages).
-
- The update from the EXISTS response MUST be recorded by the
- client.
-
- Example: S: * 23 EXISTS
-
-
-
-
-Crispin Standards Track [Page 71]
-
-RFC 3501 IMAPv4 March 2003
-
-
-7.3.2. RECENT Response
-
- Contents: none
-
- The RECENT response reports the number of messages with the
- \Recent flag set. This response occurs as a result of a SELECT or
- EXAMINE command, and if the size of the mailbox changes (e.g., new
- messages).
-
- Note: It is not guaranteed that the message sequence
- numbers of recent messages will be a contiguous range of
- the highest n messages in the mailbox (where n is the
- value reported by the RECENT response). Examples of
- situations in which this is not the case are: multiple
- clients having the same mailbox open (the first session
- to be notified will see it as recent, others will
- probably see it as non-recent), and when the mailbox is
- re-ordered by a non-IMAP agent.
-
- The only reliable way to identify recent messages is to
- look at message flags to see which have the \Recent flag
- set, or to do a SEARCH RECENT.
-
- The update from the RECENT response MUST be recorded by the
- client.
-
- Example: S: * 5 RECENT
-
-
-7.4. Server Responses - Message Status
-
- These responses are always untagged. This is how message data are
- transmitted from the server to the client, often as a result of a
- command with the same name. Immediately following the "*" token is a
- number that represents a message sequence number.
-
-7.4.1. EXPUNGE Response
-
- Contents: none
-
- The EXPUNGE response reports that the specified message sequence
- number has been permanently removed from the mailbox. The message
- sequence number for each successive message in the mailbox is
- immediately decremented by 1, and this decrement is reflected in
- message sequence numbers in subsequent responses (including other
- untagged EXPUNGE responses).
-
-
-
-
-
-Crispin Standards Track [Page 72]
-
-RFC 3501 IMAPv4 March 2003
-
-
- The EXPUNGE response also decrements the number of messages in the
- mailbox; it is not necessary to send an EXISTS response with the
- new value.
-
- As a result of the immediate decrement rule, message sequence
- numbers that appear in a set of successive EXPUNGE responses
- depend upon whether the messages are removed starting from lower
- numbers to higher numbers, or from higher numbers to lower
- numbers. For example, if the last 5 messages in a 9-message
- mailbox are expunged, a "lower to higher" server will send five
- untagged EXPUNGE responses for message sequence number 5, whereas
- a "higher to lower server" will send successive untagged EXPUNGE
- responses for message sequence numbers 9, 8, 7, 6, and 5.
-
- An EXPUNGE response MUST NOT be sent when no command is in
- progress, nor while responding to a FETCH, STORE, or SEARCH
- command. This rule is necessary to prevent a loss of
- synchronization of message sequence numbers between client and
- server. A command is not "in progress" until the complete command
- has been received; in particular, a command is not "in progress"
- during the negotiation of command continuation.
-
- Note: UID FETCH, UID STORE, and UID SEARCH are different
- commands from FETCH, STORE, and SEARCH. An EXPUNGE
- response MAY be sent during a UID command.
-
- The update from the EXPUNGE response MUST be recorded by the
- client.
-
- Example: S: * 44 EXPUNGE
-
-
-7.4.2. FETCH Response
-
- Contents: message data
-
- The FETCH response returns data about a message to the client.
- The data are pairs of data item names and their values in
- parentheses. This response occurs as the result of a FETCH or
- STORE command, as well as by unilateral server decision (e.g.,
- flag updates).
-
- The current data items are:
-
- BODY
- A form of BODYSTRUCTURE without extension data.
-
-
-
-
-
-Crispin Standards Track [Page 73]
-
-RFC 3501 IMAPv4 March 2003
-
-
- BODY[<section>]<<origin octet>>
- A string expressing the body contents of the specified section.
- The string SHOULD be interpreted by the client according to the
- content transfer encoding, body type, and subtype.
-
- If the origin octet is specified, this string is a substring of
- the entire body contents, starting at that origin octet. This
- means that BODY[]<0> MAY be truncated, but BODY[] is NEVER
- truncated.
-
- Note: The origin octet facility MUST NOT be used by a server
- in a FETCH response unless the client specifically requested
- it by means of a FETCH of a BODY[<section>]<<partial>> data
- item.
-
- 8-bit textual data is permitted if a [CHARSET] identifier is
- part of the body parameter parenthesized list for this section.
- Note that headers (part specifiers HEADER or MIME, or the
- header portion of a MESSAGE/RFC822 part), MUST be 7-bit; 8-bit
- characters are not permitted in headers. Note also that the
- [RFC-2822] delimiting blank line between the header and the
- body is not affected by header line subsetting; the blank line
- is always included as part of header data, except in the case
- of a message which has no body and no blank line.
-
- Non-textual data such as binary data MUST be transfer encoded
- into a textual form, such as BASE64, prior to being sent to the
- client. To derive the original binary data, the client MUST
- decode the transfer encoded string.
-
- BODYSTRUCTURE
- A parenthesized list that describes the [MIME-IMB] body
- structure of a message. This is computed by the server by
- parsing the [MIME-IMB] header fields, defaulting various fields
- as necessary.
-
- For example, a simple text message of 48 lines and 2279 octets
- can have a body structure of: ("TEXT" "PLAIN" ("CHARSET"
- "US-ASCII") NIL NIL "7BIT" 2279 48)
-
- Multiple parts are indicated by parenthesis nesting. Instead
- of a body type as the first element of the parenthesized list,
- there is a sequence of one or more nested body structures. The
- second element of the parenthesized list is the multipart
- subtype (mixed, digest, parallel, alternative, etc.).
-
-
-
-
-
-
-Crispin Standards Track [Page 74]
-
-RFC 3501 IMAPv4 March 2003
-
-
- For example, a two part message consisting of a text and a
- BASE64-encoded text attachment can have a body structure of:
- (("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 1152
- 23)("TEXT" "PLAIN" ("CHARSET" "US-ASCII" "NAME" "cc.diff")
- "<960723163407.20117h@cac.washington.edu>" "Compiler diff"
- "BASE64" 4554 73) "MIXED")
-
- Extension data follows the multipart subtype. Extension data
- is never returned with the BODY fetch, but can be returned with
- a BODYSTRUCTURE fetch. Extension data, if present, MUST be in
- the defined order. The extension data of a multipart body part
- are in the following order:
-
- body parameter parenthesized list
- A parenthesized list of attribute/value pairs [e.g., ("foo"
- "bar" "baz" "rag") where "bar" is the value of "foo", and
- "rag" is the value of "baz"] as defined in [MIME-IMB].
-
- body disposition
- A parenthesized list, consisting of a disposition type
- string, followed by a parenthesized list of disposition
- attribute/value pairs as defined in [DISPOSITION].
-
- body language
- A string or parenthesized list giving the body language
- value as defined in [LANGUAGE-TAGS].
-
- body location
- A string list giving the body content URI as defined in
- [LOCATION].
-
- Any following extension data are not yet defined in this
- version of the protocol. Such extension data can consist of
- zero or more NILs, strings, numbers, or potentially nested
- parenthesized lists of such data. Client implementations that
- do a BODYSTRUCTURE fetch MUST be prepared to accept such
- extension data. Server implementations MUST NOT send such
- extension data until it has been defined by a revision of this
- protocol.
-
- The basic fields of a non-multipart body part are in the
- following order:
-
- body type
- A string giving the content media type name as defined in
- [MIME-IMB].
-
-
-
-
-
-Crispin Standards Track [Page 75]
-
-RFC 3501 IMAPv4 March 2003
-
-
- body subtype
- A string giving the content subtype name as defined in
- [MIME-IMB].
-
- body parameter parenthesized list
- A parenthesized list of attribute/value pairs [e.g., ("foo"
- "bar" "baz" "rag") where "bar" is the value of "foo" and
- "rag" is the value of "baz"] as defined in [MIME-IMB].
-
- body id
- A string giving the content id as defined in [MIME-IMB].
-
- body description
- A string giving the content description as defined in
- [MIME-IMB].
-
- body encoding
- A string giving the content transfer encoding as defined in
- [MIME-IMB].
-
- body size
- A number giving the size of the body in octets. Note that
- this size is the size in its transfer encoding and not the
- resulting size after any decoding.
-
- A body type of type MESSAGE and subtype RFC822 contains,
- immediately after the basic fields, the envelope structure,
- body structure, and size in text lines of the encapsulated
- message.
-
- A body type of type TEXT contains, immediately after the basic
- fields, the size of the body in text lines. Note that this
- size is the size in its content transfer encoding and not the
- resulting size after any decoding.
-
- Extension data follows the basic fields and the type-specific
- fields listed above. Extension data is never returned with the
- BODY fetch, but can be returned with a BODYSTRUCTURE fetch.
- Extension data, if present, MUST be in the defined order.
-
- The extension data of a non-multipart body part are in the
- following order:
-
- body MD5
- A string giving the body MD5 value as defined in [MD5].
-
-
-
-
-
-
-Crispin Standards Track [Page 76]
-
-RFC 3501 IMAPv4 March 2003
-
-
- body disposition
- A parenthesized list with the same content and function as
- the body disposition for a multipart body part.
-
- body language
- A string or parenthesized list giving the body language
- value as defined in [LANGUAGE-TAGS].
-
- body location
- A string list giving the body content URI as defined in
- [LOCATION].
-
- Any following extension data are not yet defined in this
- version of the protocol, and would be as described above under
- multipart extension data.
-
- ENVELOPE
- A parenthesized list that describes the envelope structure of a
- message. This is computed by the server by parsing the
- [RFC-2822] header into the component parts, defaulting various
- fields as necessary.
-
- The fields of the envelope structure are in the following
- order: date, subject, from, sender, reply-to, to, cc, bcc,
- in-reply-to, and message-id. The date, subject, in-reply-to,
- and message-id fields are strings. The from, sender, reply-to,
- to, cc, and bcc fields are parenthesized lists of address
- structures.
-
- An address structure is a parenthesized list that describes an
- electronic mail address. The fields of an address structure
- are in the following order: personal name, [SMTP]
- at-domain-list (source route), mailbox name, and host name.
-
- [RFC-2822] group syntax is indicated by a special form of
- address structure in which the host name field is NIL. If the
- mailbox name field is also NIL, this is an end of group marker
- (semi-colon in RFC 822 syntax). If the mailbox name field is
- non-NIL, this is a start of group marker, and the mailbox name
- field holds the group name phrase.
-
- If the Date, Subject, In-Reply-To, and Message-ID header lines
- are absent in the [RFC-2822] header, the corresponding member
- of the envelope is NIL; if these header lines are present but
- empty the corresponding member of the envelope is the empty
- string.
-
-
-
-
-
-Crispin Standards Track [Page 77]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Note: some servers may return a NIL envelope member in the
- "present but empty" case. Clients SHOULD treat NIL and
- empty string as identical.
-
- Note: [RFC-2822] requires that all messages have a valid
- Date header. Therefore, the date member in the envelope can
- not be NIL or the empty string.
-
- Note: [RFC-2822] requires that the In-Reply-To and
- Message-ID headers, if present, have non-empty content.
- Therefore, the in-reply-to and message-id members in the
- envelope can not be the empty string.
-
- If the From, To, cc, and bcc header lines are absent in the
- [RFC-2822] header, or are present but empty, the corresponding
- member of the envelope is NIL.
-
- If the Sender or Reply-To lines are absent in the [RFC-2822]
- header, or are present but empty, the server sets the
- corresponding member of the envelope to be the same value as
- the from member (the client is not expected to know to do
- this).
-
- Note: [RFC-2822] requires that all messages have a valid
- From header. Therefore, the from, sender, and reply-to
- members in the envelope can not be NIL.
-
- FLAGS
- A parenthesized list of flags that are set for this message.
-
- INTERNALDATE
- A string representing the internal date of the message.
-
- RFC822
- Equivalent to BODY[].
-
- RFC822.HEADER
- Equivalent to BODY[HEADER]. Note that this did not result in
- \Seen being set, because RFC822.HEADER response data occurs as
- a result of a FETCH of RFC822.HEADER. BODY[HEADER] response
- data occurs as a result of a FETCH of BODY[HEADER] (which sets
- \Seen) or BODY.PEEK[HEADER] (which does not set \Seen).
-
- RFC822.SIZE
- A number expressing the [RFC-2822] size of the message.
-
-
-
-
-
-
-Crispin Standards Track [Page 78]
-
-RFC 3501 IMAPv4 March 2003
-
-
- RFC822.TEXT
- Equivalent to BODY[TEXT].
-
- UID
- A number expressing the unique identifier of the message.
-
-
- Example: S: * 23 FETCH (FLAGS (\Seen) RFC822.SIZE 44827)
-
-
-7.5. Server Responses - Command Continuation Request
-
- The command continuation request response is indicated by a "+" token
- instead of a tag. This form of response indicates that the server is
- ready to accept the continuation of a command from the client. The
- remainder of this response is a line of text.
-
- This response is used in the AUTHENTICATE command to transmit server
- data to the client, and request additional client data. This
- response is also used if an argument to any command is a literal.
-
- The client is not permitted to send the octets of the literal unless
- the server indicates that it is expected. This permits the server to
- process commands and reject errors on a line-by-line basis. The
- remainder of the command, including the CRLF that terminates a
- command, follows the octets of the literal. If there are any
- additional command arguments, the literal octets are followed by a
- space and those arguments.
-
- Example: C: A001 LOGIN {11}
- S: + Ready for additional command text
- C: FRED FOOBAR {7}
- S: + Ready for additional command text
- C: fat man
- S: A001 OK LOGIN completed
- C: A044 BLURDYBLOOP {102856}
- S: A044 BAD No such command as "BLURDYBLOOP"
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 79]
-
-RFC 3501 IMAPv4 March 2003
-
-
-8. Sample IMAP4rev1 connection
-
- The following is a transcript of an IMAP4rev1 connection. A long
- line in this sample is broken for editorial clarity.
-
-S: * OK IMAP4rev1 Service Ready
-C: a001 login mrc secret
-S: a001 OK LOGIN completed
-C: a002 select inbox
-S: * 18 EXISTS
-S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
-S: * 2 RECENT
-S: * OK [UNSEEN 17] Message 17 is the first unseen message
-S: * OK [UIDVALIDITY 3857529045] UIDs valid
-S: a002 OK [READ-WRITE] SELECT completed
-C: a003 fetch 12 full
-S: * 12 FETCH (FLAGS (\Seen) INTERNALDATE "17-Jul-1996 02:44:25 -0700"
- RFC822.SIZE 4286 ENVELOPE ("Wed, 17 Jul 1996 02:23:25 -0700 (PDT)"
- "IMAP4rev1 WG mtg summary and minutes"
- (("Terry Gray" NIL "gray" "cac.washington.edu"))
- (("Terry Gray" NIL "gray" "cac.washington.edu"))
- (("Terry Gray" NIL "gray" "cac.washington.edu"))
- ((NIL NIL "imap" "cac.washington.edu"))
- ((NIL NIL "minutes" "CNRI.Reston.VA.US")
- ("John Klensin" NIL "KLENSIN" "MIT.EDU")) NIL NIL
- "<B27397-0100000@cac.washington.edu>")
- BODY ("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 3028
- 92))
-S: a003 OK FETCH completed
-C: a004 fetch 12 body[header]
-S: * 12 FETCH (BODY[HEADER] {342}
-S: Date: Wed, 17 Jul 1996 02:23:25 -0700 (PDT)
-S: From: Terry Gray <gray@cac.washington.edu>
-S: Subject: IMAP4rev1 WG mtg summary and minutes
-S: To: imap@cac.washington.edu
-S: cc: minutes@CNRI.Reston.VA.US, John Klensin <KLENSIN@MIT.EDU>
-S: Message-Id: <B27397-0100000@cac.washington.edu>
-S: MIME-Version: 1.0
-S: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
-S:
-S: )
-S: a004 OK FETCH completed
-C: a005 store 12 +flags \deleted
-S: * 12 FETCH (FLAGS (\Seen \Deleted))
-S: a005 OK +FLAGS completed
-C: a006 logout
-S: * BYE IMAP4rev1 server terminating connection
-S: a006 OK LOGOUT completed
-
-
-
-Crispin Standards Track [Page 80]
-
-RFC 3501 IMAPv4 March 2003
-
-
-9. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF].
-
- In the case of alternative or optional rules in which a later rule
- overlaps an earlier rule, the rule which is listed earlier MUST take
- priority. For example, "\Seen" when parsed as a flag is the \Seen
- flag name and not a flag-extension, even though "\Seen" can be parsed
- as a flag-extension. Some, but not all, instances of this rule are
- noted below.
-
- Note: [ABNF] rules MUST be followed strictly; in
- particular:
-
- (1) Except as noted otherwise, all alphabetic characters
- are case-insensitive. The use of upper or lower case
- characters to define token strings is for editorial clarity
- only. Implementations MUST accept these strings in a
- case-insensitive fashion.
-
- (2) In all cases, SP refers to exactly one space. It is
- NOT permitted to substitute TAB, insert additional spaces,
- or otherwise treat SP as being equivalent to LWSP.
-
- (3) The ASCII NUL character, %x00, MUST NOT be used at any
- time.
-
-address = "(" addr-name SP addr-adl SP addr-mailbox SP
- addr-host ")"
-
-addr-adl = nstring
- ; Holds route from [RFC-2822] route-addr if
- ; non-NIL
-
-addr-host = nstring
- ; NIL indicates [RFC-2822] group syntax.
- ; Otherwise, holds [RFC-2822] domain name
-
-addr-mailbox = nstring
- ; NIL indicates end of [RFC-2822] group; if
- ; non-NIL and addr-host is NIL, holds
- ; [RFC-2822] group name.
- ; Otherwise, holds [RFC-2822] local-part
- ; after removing [RFC-2822] quoting
-
-
-
-
-
-
-Crispin Standards Track [Page 81]
-
-RFC 3501 IMAPv4 March 2003
-
-
-addr-name = nstring
- ; If non-NIL, holds phrase from [RFC-2822]
- ; mailbox after removing [RFC-2822] quoting
-
-append = "APPEND" SP mailbox [SP flag-list] [SP date-time] SP
- literal
-
-astring = 1*ASTRING-CHAR / string
-
-ASTRING-CHAR = ATOM-CHAR / resp-specials
-
-atom = 1*ATOM-CHAR
-
-ATOM-CHAR = <any CHAR except atom-specials>
-
-atom-specials = "(" / ")" / "{" / SP / CTL / list-wildcards /
- quoted-specials / resp-specials
-
-authenticate = "AUTHENTICATE" SP auth-type *(CRLF base64)
-
-auth-type = atom
- ; Defined by [SASL]
-
-base64 = *(4base64-char) [base64-terminal]
-
-base64-char = ALPHA / DIGIT / "+" / "/"
- ; Case-sensitive
-
-base64-terminal = (2base64-char "==") / (3base64-char "=")
-
-body = "(" (body-type-1part / body-type-mpart) ")"
-
-body-extension = nstring / number /
- "(" body-extension *(SP body-extension) ")"
- ; Future expansion. Client implementations
- ; MUST accept body-extension fields. Server
- ; implementations MUST NOT generate
- ; body-extension fields except as defined by
- ; future standard or standards-track
- ; revisions of this specification.
-
-body-ext-1part = body-fld-md5 [SP body-fld-dsp [SP body-fld-lang
- [SP body-fld-loc *(SP body-extension)]]]
- ; MUST NOT be returned on non-extensible
- ; "BODY" fetch
-
-
-
-
-
-
-Crispin Standards Track [Page 82]
-
-RFC 3501 IMAPv4 March 2003
-
-
-body-ext-mpart = body-fld-param [SP body-fld-dsp [SP body-fld-lang
- [SP body-fld-loc *(SP body-extension)]]]
- ; MUST NOT be returned on non-extensible
- ; "BODY" fetch
-
-body-fields = body-fld-param SP body-fld-id SP body-fld-desc SP
- body-fld-enc SP body-fld-octets
-
-body-fld-desc = nstring
-
-body-fld-dsp = "(" string SP body-fld-param ")" / nil
-
-body-fld-enc = (DQUOTE ("7BIT" / "8BIT" / "BINARY" / "BASE64"/
- "QUOTED-PRINTABLE") DQUOTE) / string
-
-body-fld-id = nstring
-
-body-fld-lang = nstring / "(" string *(SP string) ")"
-
-body-fld-loc = nstring
-
-body-fld-lines = number
-
-body-fld-md5 = nstring
-
-body-fld-octets = number
-
-body-fld-param = "(" string SP string *(SP string SP string) ")" / nil
-
-body-type-1part = (body-type-basic / body-type-msg / body-type-text)
- [SP body-ext-1part]
-
-body-type-basic = media-basic SP body-fields
- ; MESSAGE subtype MUST NOT be "RFC822"
-
-body-type-mpart = 1*body SP media-subtype
- [SP body-ext-mpart]
-
-body-type-msg = media-message SP body-fields SP envelope
- SP body SP body-fld-lines
-
-body-type-text = media-text SP body-fields SP body-fld-lines
-
-capability = ("AUTH=" auth-type) / atom
- ; New capabilities MUST begin with "X" or be
- ; registered with IANA as standard or
- ; standards-track
-
-
-
-
-Crispin Standards Track [Page 83]
-
-RFC 3501 IMAPv4 March 2003
-
-
-capability-data = "CAPABILITY" *(SP capability) SP "IMAP4rev1"
- *(SP capability)
- ; Servers MUST implement the STARTTLS, AUTH=PLAIN,
- ; and LOGINDISABLED capabilities
- ; Servers which offer RFC 1730 compatibility MUST
- ; list "IMAP4" as the first capability.
-
-CHAR8 = %x01-ff
- ; any OCTET except NUL, %x00
-
-command = tag SP (command-any / command-auth / command-nonauth /
- command-select) CRLF
- ; Modal based on state
-
-command-any = "CAPABILITY" / "LOGOUT" / "NOOP" / x-command
- ; Valid in all states
-
-command-auth = append / create / delete / examine / list / lsub /
- rename / select / status / subscribe / unsubscribe
- ; Valid only in Authenticated or Selected state
-
-command-nonauth = login / authenticate / "STARTTLS"
- ; Valid only when in Not Authenticated state
-
-command-select = "CHECK" / "CLOSE" / "EXPUNGE" / copy / fetch / store /
- uid / search
- ; Valid only when in Selected state
-
-continue-req = "+" SP (resp-text / base64) CRLF
-
-copy = "COPY" SP sequence-set SP mailbox
-
-create = "CREATE" SP mailbox
- ; Use of INBOX gives a NO error
-
-date = date-text / DQUOTE date-text DQUOTE
-
-date-day = 1*2DIGIT
- ; Day of month
-
-date-day-fixed = (SP DIGIT) / 2DIGIT
- ; Fixed-format version of date-day
-
-date-month = "Jan" / "Feb" / "Mar" / "Apr" / "May" / "Jun" /
- "Jul" / "Aug" / "Sep" / "Oct" / "Nov" / "Dec"
-
-date-text = date-day "-" date-month "-" date-year
-
-
-
-
-Crispin Standards Track [Page 84]
-
-RFC 3501 IMAPv4 March 2003
-
-
-date-year = 4DIGIT
-
-date-time = DQUOTE date-day-fixed "-" date-month "-" date-year
- SP time SP zone DQUOTE
-
-delete = "DELETE" SP mailbox
- ; Use of INBOX gives a NO error
-
-digit-nz = %x31-39
- ; 1-9
-
-envelope = "(" env-date SP env-subject SP env-from SP
- env-sender SP env-reply-to SP env-to SP env-cc SP
- env-bcc SP env-in-reply-to SP env-message-id ")"
-
-env-bcc = "(" 1*address ")" / nil
-
-env-cc = "(" 1*address ")" / nil
-
-env-date = nstring
-
-env-from = "(" 1*address ")" / nil
-
-env-in-reply-to = nstring
-
-env-message-id = nstring
-
-env-reply-to = "(" 1*address ")" / nil
-
-env-sender = "(" 1*address ")" / nil
-
-env-subject = nstring
-
-env-to = "(" 1*address ")" / nil
-
-examine = "EXAMINE" SP mailbox
-
-fetch = "FETCH" SP sequence-set SP ("ALL" / "FULL" / "FAST" /
- fetch-att / "(" fetch-att *(SP fetch-att) ")")
-
-fetch-att = "ENVELOPE" / "FLAGS" / "INTERNALDATE" /
- "RFC822" [".HEADER" / ".SIZE" / ".TEXT"] /
- "BODY" ["STRUCTURE"] / "UID" /
- "BODY" section ["<" number "." nz-number ">"] /
- "BODY.PEEK" section ["<" number "." nz-number ">"]
-
-
-
-
-
-
-Crispin Standards Track [Page 85]
-
-RFC 3501 IMAPv4 March 2003
-
-
-flag = "\Answered" / "\Flagged" / "\Deleted" /
- "\Seen" / "\Draft" / flag-keyword / flag-extension
- ; Does not include "\Recent"
-
-flag-extension = "\" atom
- ; Future expansion. Client implementations
- ; MUST accept flag-extension flags. Server
- ; implementations MUST NOT generate
- ; flag-extension flags except as defined by
- ; future standard or standards-track
- ; revisions of this specification.
-
-flag-fetch = flag / "\Recent"
-
-flag-keyword = atom
-
-flag-list = "(" [flag *(SP flag)] ")"
-
-flag-perm = flag / "\*"
-
-greeting = "*" SP (resp-cond-auth / resp-cond-bye) CRLF
-
-header-fld-name = astring
-
-header-list = "(" header-fld-name *(SP header-fld-name) ")"
-
-list = "LIST" SP mailbox SP list-mailbox
-
-list-mailbox = 1*list-char / string
-
-list-char = ATOM-CHAR / list-wildcards / resp-specials
-
-list-wildcards = "%" / "*"
-
-literal = "{" number "}" CRLF *CHAR8
- ; Number represents the number of CHAR8s
-
-login = "LOGIN" SP userid SP password
-
-lsub = "LSUB" SP mailbox SP list-mailbox
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 86]
-
-RFC 3501 IMAPv4 March 2003
-
-
-mailbox = "INBOX" / astring
- ; INBOX is case-insensitive. All case variants of
- ; INBOX (e.g., "iNbOx") MUST be interpreted as INBOX
- ; not as an astring. An astring which consists of
- ; the case-insensitive sequence "I" "N" "B" "O" "X"
- ; is considered to be INBOX and not an astring.
- ; Refer to section 5.1 for further
- ; semantic details of mailbox names.
-
-mailbox-data = "FLAGS" SP flag-list / "LIST" SP mailbox-list /
- "LSUB" SP mailbox-list / "SEARCH" *(SP nz-number) /
- "STATUS" SP mailbox SP "(" [status-att-list] ")" /
- number SP "EXISTS" / number SP "RECENT"
-
-mailbox-list = "(" [mbx-list-flags] ")" SP
- (DQUOTE QUOTED-CHAR DQUOTE / nil) SP mailbox
-
-mbx-list-flags = *(mbx-list-oflag SP) mbx-list-sflag
- *(SP mbx-list-oflag) /
- mbx-list-oflag *(SP mbx-list-oflag)
-
-mbx-list-oflag = "\Noinferiors" / flag-extension
- ; Other flags; multiple possible per LIST response
-
-mbx-list-sflag = "\Noselect" / "\Marked" / "\Unmarked"
- ; Selectability flags; only one per LIST response
-
-media-basic = ((DQUOTE ("APPLICATION" / "AUDIO" / "IMAGE" /
- "MESSAGE" / "VIDEO") DQUOTE) / string) SP
- media-subtype
- ; Defined in [MIME-IMT]
-
-media-message = DQUOTE "MESSAGE" DQUOTE SP DQUOTE "RFC822" DQUOTE
- ; Defined in [MIME-IMT]
-
-media-subtype = string
- ; Defined in [MIME-IMT]
-
-media-text = DQUOTE "TEXT" DQUOTE SP media-subtype
- ; Defined in [MIME-IMT]
-
-message-data = nz-number SP ("EXPUNGE" / ("FETCH" SP msg-att))
-
-msg-att = "(" (msg-att-dynamic / msg-att-static)
- *(SP (msg-att-dynamic / msg-att-static)) ")"
-
-msg-att-dynamic = "FLAGS" SP "(" [flag-fetch *(SP flag-fetch)] ")"
- ; MAY change for a message
-
-
-
-Crispin Standards Track [Page 87]
-
-RFC 3501 IMAPv4 March 2003
-
-
-msg-att-static = "ENVELOPE" SP envelope / "INTERNALDATE" SP date-time /
- "RFC822" [".HEADER" / ".TEXT"] SP nstring /
- "RFC822.SIZE" SP number /
- "BODY" ["STRUCTURE"] SP body /
- "BODY" section ["<" number ">"] SP nstring /
- "UID" SP uniqueid
- ; MUST NOT change for a message
-
-nil = "NIL"
-
-nstring = string / nil
-
-number = 1*DIGIT
- ; Unsigned 32-bit integer
- ; (0 <= n < 4,294,967,296)
-
-nz-number = digit-nz *DIGIT
- ; Non-zero unsigned 32-bit integer
- ; (0 < n < 4,294,967,296)
-
-password = astring
-
-quoted = DQUOTE *QUOTED-CHAR DQUOTE
-
-QUOTED-CHAR = <any TEXT-CHAR except quoted-specials> /
- "\" quoted-specials
-
-quoted-specials = DQUOTE / "\"
-
-rename = "RENAME" SP mailbox SP mailbox
- ; Use of INBOX as a destination gives a NO error
-
-response = *(continue-req / response-data) response-done
-
-response-data = "*" SP (resp-cond-state / resp-cond-bye /
- mailbox-data / message-data / capability-data) CRLF
-
-response-done = response-tagged / response-fatal
-
-response-fatal = "*" SP resp-cond-bye CRLF
- ; Server closes connection immediately
-
-response-tagged = tag SP resp-cond-state CRLF
-
-resp-cond-auth = ("OK" / "PREAUTH") SP resp-text
- ; Authentication condition
-
-
-
-
-
-Crispin Standards Track [Page 88]
-
-RFC 3501 IMAPv4 March 2003
-
-
-resp-cond-bye = "BYE" SP resp-text
-
-resp-cond-state = ("OK" / "NO" / "BAD") SP resp-text
- ; Status condition
-
-resp-specials = "]"
-
-resp-text = ["[" resp-text-code "]" SP] text
-
-resp-text-code = "ALERT" /
- "BADCHARSET" [SP "(" astring *(SP astring) ")" ] /
- capability-data / "PARSE" /
- "PERMANENTFLAGS" SP "("
- [flag-perm *(SP flag-perm)] ")" /
- "READ-ONLY" / "READ-WRITE" / "TRYCREATE" /
- "UIDNEXT" SP nz-number / "UIDVALIDITY" SP nz-number /
- "UNSEEN" SP nz-number /
- atom [SP 1*<any TEXT-CHAR except "]">]
-
-search = "SEARCH" [SP "CHARSET" SP astring] 1*(SP search-key)
- ; CHARSET argument to MUST be registered with IANA
-
-search-key = "ALL" / "ANSWERED" / "BCC" SP astring /
- "BEFORE" SP date / "BODY" SP astring /
- "CC" SP astring / "DELETED" / "FLAGGED" /
- "FROM" SP astring / "KEYWORD" SP flag-keyword /
- "NEW" / "OLD" / "ON" SP date / "RECENT" / "SEEN" /
- "SINCE" SP date / "SUBJECT" SP astring /
- "TEXT" SP astring / "TO" SP astring /
- "UNANSWERED" / "UNDELETED" / "UNFLAGGED" /
- "UNKEYWORD" SP flag-keyword / "UNSEEN" /
- ; Above this line were in [IMAP2]
- "DRAFT" / "HEADER" SP header-fld-name SP astring /
- "LARGER" SP number / "NOT" SP search-key /
- "OR" SP search-key SP search-key /
- "SENTBEFORE" SP date / "SENTON" SP date /
- "SENTSINCE" SP date / "SMALLER" SP number /
- "UID" SP sequence-set / "UNDRAFT" / sequence-set /
- "(" search-key *(SP search-key) ")"
-
-section = "[" [section-spec] "]"
-
-section-msgtext = "HEADER" / "HEADER.FIELDS" [".NOT"] SP header-list /
- "TEXT"
- ; top-level or MESSAGE/RFC822 part
-
-section-part = nz-number *("." nz-number)
- ; body part nesting
-
-
-
-Crispin Standards Track [Page 89]
-
-RFC 3501 IMAPv4 March 2003
-
-
-section-spec = section-msgtext / (section-part ["." section-text])
-
-section-text = section-msgtext / "MIME"
- ; text other than actual body part (headers, etc.)
-
-select = "SELECT" SP mailbox
-
-seq-number = nz-number / "*"
- ; message sequence number (COPY, FETCH, STORE
- ; commands) or unique identifier (UID COPY,
- ; UID FETCH, UID STORE commands).
- ; * represents the largest number in use. In
- ; the case of message sequence numbers, it is
- ; the number of messages in a non-empty mailbox.
- ; In the case of unique identifiers, it is the
- ; unique identifier of the last message in the
- ; mailbox or, if the mailbox is empty, the
- ; mailbox's current UIDNEXT value.
- ; The server should respond with a tagged BAD
- ; response to a command that uses a message
- ; sequence number greater than the number of
- ; messages in the selected mailbox. This
- ; includes "*" if the selected mailbox is empty.
-
-seq-range = seq-number ":" seq-number
- ; two seq-number values and all values between
- ; these two regardless of order.
- ; Example: 2:4 and 4:2 are equivalent and indicate
- ; values 2, 3, and 4.
- ; Example: a unique identifer sequence range of
- ; 3291:* includes the UID of the last message in
- ; the mailbox, even if that value is less than 3291.
-
-sequence-set = (seq-number / seq-range) *("," sequence-set)
- ; set of seq-number values, regardless of order.
- ; Servers MAY coalesce overlaps and/or execute the
- ; sequence in any order.
- ; Example: a message sequence number set of
- ; 2,4:7,9,12:* for a mailbox with 15 messages is
- ; equivalent to 2,4,5,6,7,9,12,13,14,15
- ; Example: a message sequence number set of *:4,5:7
- ; for a mailbox with 10 messages is equivalent to
- ; 10,9,8,7,6,5,4,5,6,7 and MAY be reordered and
- ; overlap coalesced to be 4,5,6,7,8,9,10.
-
-status = "STATUS" SP mailbox SP
- "(" status-att *(SP status-att) ")"
-
-
-
-
-Crispin Standards Track [Page 90]
-
-RFC 3501 IMAPv4 March 2003
-
-
-status-att = "MESSAGES" / "RECENT" / "UIDNEXT" / "UIDVALIDITY" /
- "UNSEEN"
-
-status-att-list = status-att SP number *(SP status-att SP number)
-
-store = "STORE" SP sequence-set SP store-att-flags
-
-store-att-flags = (["+" / "-"] "FLAGS" [".SILENT"]) SP
- (flag-list / (flag *(SP flag)))
-
-string = quoted / literal
-
-subscribe = "SUBSCRIBE" SP mailbox
-
-tag = 1*<any ASTRING-CHAR except "+">
-
-text = 1*TEXT-CHAR
-
-TEXT-CHAR = <any CHAR except CR and LF>
-
-time = 2DIGIT ":" 2DIGIT ":" 2DIGIT
- ; Hours minutes seconds
-
-uid = "UID" SP (copy / fetch / search / store)
- ; Unique identifiers used instead of message
- ; sequence numbers
-
-uniqueid = nz-number
- ; Strictly ascending
-
-unsubscribe = "UNSUBSCRIBE" SP mailbox
-
-userid = astring
-
-x-command = "X" atom <experimental command arguments>
-
-zone = ("+" / "-") 4DIGIT
- ; Signed four-digit value of hhmm representing
- ; hours and minutes east of Greenwich (that is,
- ; the amount that the given time differs from
- ; Universal Time). Subtracting the timezone
- ; from the given time will give the UT form.
- ; The Universal Time zone is "+0000".
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 91]
-
-RFC 3501 IMAPv4 March 2003
-
-
-10. Author's Note
-
- This document is a revision or rewrite of earlier documents, and
- supercedes the protocol specification in those documents: RFC 2060,
- RFC 1730, unpublished IMAP2bis.TXT document, RFC 1176, and RFC 1064.
-
-11. Security Considerations
-
- IMAP4rev1 protocol transactions, including electronic mail data, are
- sent in the clear over the network unless protection from snooping is
- negotiated. This can be accomplished either by the use of STARTTLS,
- negotiated privacy protection in the AUTHENTICATE command, or some
- other protection mechanism.
-
-11.1. STARTTLS Security Considerations
-
- The specification of the STARTTLS command and LOGINDISABLED
- capability in this document replaces that in [IMAP-TLS]. [IMAP-TLS]
- remains normative for the PLAIN [SASL] authenticator.
-
- IMAP client and server implementations MUST implement the
- TLS_RSA_WITH_RC4_128_MD5 [TLS] cipher suite, and SHOULD implement the
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA [TLS] cipher suite. This is
- important as it assures that any two compliant implementations can be
- configured to interoperate. All other cipher suites are OPTIONAL.
- Note that this is a change from section 2.1 of [IMAP-TLS].
-
- During the [TLS] negotiation, the client MUST check its understanding
- of the server hostname against the server's identity as presented in
- the server Certificate message, in order to prevent man-in-the-middle
- attacks. If the match fails, the client SHOULD either ask for
- explicit user confirmation, or terminate the connection and indicate
- that the server's identity is suspect. Matching is performed
- according to these rules:
-
- The client MUST use the server hostname it used to open the
- connection as the value to compare against the server name
- as expressed in the server certificate. The client MUST
- NOT use any form of the server hostname derived from an
- insecure remote source (e.g., insecure DNS lookup). CNAME
- canonicalization is not done.
-
- If a subjectAltName extension of type dNSName is present in
- the certificate, it SHOULD be used as the source of the
- server's identity.
-
- Matching is case-insensitive.
-
-
-
-
-Crispin Standards Track [Page 92]
-
-RFC 3501 IMAPv4 March 2003
-
-
- A "*" wildcard character MAY be used as the left-most name
- component in the certificate. For example, *.example.com
- would match a.example.com, foo.example.com, etc. but would
- not match example.com.
-
- If the certificate contains multiple names (e.g., more than
- one dNSName field), then a match with any one of the fields
- is considered acceptable.
-
- Both the client and server MUST check the result of the STARTTLS
- command and subsequent [TLS] negotiation to see whether acceptable
- authentication or privacy was achieved.
-
-11.2. Other Security Considerations
-
- A server error message for an AUTHENTICATE command which fails due to
- invalid credentials SHOULD NOT detail why the credentials are
- invalid.
-
- Use of the LOGIN command sends passwords in the clear. This can be
- avoided by using the AUTHENTICATE command with a [SASL] mechanism
- that does not use plaintext passwords, by first negotiating
- encryption via STARTTLS or some other protection mechanism.
-
- A server implementation MUST implement a configuration that, at the
- time of authentication, requires:
- (1) The STARTTLS command has been negotiated.
- OR
- (2) Some other mechanism that protects the session from password
- snooping has been provided.
- OR
- (3) The following measures are in place:
- (a) The LOGINDISABLED capability is advertised, and [SASL]
- mechanisms (such as PLAIN) using plaintext passwords are NOT
- advertised in the CAPABILITY list.
- AND
- (b) The LOGIN command returns an error even if the password is
- correct.
- AND
- (c) The AUTHENTICATE command returns an error with all [SASL]
- mechanisms that use plaintext passwords, even if the password
- is correct.
-
- A server error message for a failing LOGIN command SHOULD NOT specify
- that the user name, as opposed to the password, is invalid.
-
- A server SHOULD have mechanisms in place to limit or delay failed
- AUTHENTICATE/LOGIN attempts.
-
-
-
-Crispin Standards Track [Page 93]
-
-RFC 3501 IMAPv4 March 2003
-
-
- Additional security considerations are discussed in the section
- discussing the AUTHENTICATE and LOGIN commands.
-
-12. IANA Considerations
-
- IMAP4 capabilities are registered by publishing a standards track or
- IESG approved experimental RFC. The registry is currently located
- at:
-
- http://www.iana.org/assignments/imap4-capabilities
-
- As this specification revises the STARTTLS and LOGINDISABLED
- extensions previously defined in [IMAP-TLS], the registry will be
- updated accordingly.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 94]
-
-RFC 3501 IMAPv4 March 2003
-
-
-Appendices
-
-A. Normative References
-
- The following documents contain definitions or specifications that
- are necessary to understand this document properly:
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 2234,
- November 1997.
-
- [ANONYMOUS] Newman, C., "Anonymous SASL Mechanism", RFC
- 2245, November 1997.
-
- [CHARSET] Freed, N. and J. Postel, "IANA Character Set
- Registration Procedures", RFC 2978, October
- 2000.
-
- [DIGEST-MD5] Leach, P. and C. Newman, "Using Digest
- Authentication as a SASL Mechanism", RFC 2831,
- May 2000.
-
- [DISPOSITION] Troost, R., Dorner, S. and K. Moore,
- "Communicating Presentation Information in
- Internet Messages: The Content-Disposition
- Header", RFC 2183, August 1997.
-
- [IMAP-TLS] Newman, C., "Using TLS with IMAP, POP3 and
- ACAP", RFC 2595, June 1999.
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to
- Indicate Requirement Levels", BCP 14, RFC 2119,
- March 1997.
-
- [LANGUAGE-TAGS] Alvestrand, H., "Tags for the Identification of
- Languages", BCP 47, RFC 3066, January 2001.
-
- [LOCATION] Palme, J., Hopmann, A. and N. Shelness, "MIME
- Encapsulation of Aggregate Documents, such as
- HTML (MHTML)", RFC 2557, March 1999.
-
- [MD5] Myers, J. and M. Rose, "The Content-MD5 Header
- Field", RFC 1864, October 1995.
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 95]
-
-RFC 3501 IMAPv4 March 2003
-
-
- [MIME-HDRS] Moore, K., "MIME (Multipurpose Internet Mail
- Extensions) Part Three: Message Header
- Extensions for Non-ASCII Text", RFC 2047,
- November 1996.
-
- [MIME-IMB] Freed, N. and N. Borenstein, "MIME
- (Multipurpose Internet Mail Extensions) Part
- One: Format of Internet Message Bodies", RFC
- 2045, November 1996.
-
- [MIME-IMT] Freed, N. and N. Borenstein, "MIME
- (Multipurpose Internet Mail Extensions) Part
- Two: Media Types", RFC 2046, November 1996.
-
- [RFC-2822] Resnick, P., "Internet Message Format", RFC
- 2822, April 2001.
-
- [SASL] Myers, J., "Simple Authentication and Security
- Layer (SASL)", RFC 2222, October 1997.
-
- [TLS] Dierks, T. and C. Allen, "The TLS Protocol
- Version 1.0", RFC 2246, January 1999.
-
- [UTF-7] Goldsmith, D. and M. Davis, "UTF-7: A Mail-Safe
- Transformation Format of Unicode", RFC 2152,
- May 1997.
-
- The following documents describe quality-of-implementation issues
- that should be carefully considered when implementing this protocol:
-
- [IMAP-IMPLEMENTATION] Leiba, B., "IMAP Implementation
- Recommendations", RFC 2683, September 1999.
-
- [IMAP-MULTIACCESS] Gahrns, M., "IMAP4 Multi-Accessed Mailbox
- Practice", RFC 2180, July 1997.
-
-A.1 Informative References
-
- The following documents describe related protocols:
-
- [IMAP-DISC] Austein, R., "Synchronization Operations for
- Disconnected IMAP4 Clients", Work in Progress.
-
- [IMAP-MODEL] Crispin, M., "Distributed Electronic Mail
- Models in IMAP4", RFC 1733, December 1994.
-
-
-
-
-
-
-Crispin Standards Track [Page 96]
-
-RFC 3501 IMAPv4 March 2003
-
-
- [ACAP] Newman, C. and J. Myers, "ACAP -- Application
- Configuration Access Protocol", RFC 2244,
- November 1997.
-
- [SMTP] Klensin, J., "Simple Mail Transfer Protocol",
- STD 10, RFC 2821, April 2001.
-
- The following documents are historical or describe historical aspects
- of this protocol:
-
- [IMAP-COMPAT] Crispin, M., "IMAP4 Compatibility with
- IMAP2bis", RFC 2061, December 1996.
-
- [IMAP-HISTORICAL] Crispin, M., "IMAP4 Compatibility with IMAP2
- and IMAP2bis", RFC 1732, December 1994.
-
- [IMAP-OBSOLETE] Crispin, M., "Internet Message Access Protocol
- - Obsolete Syntax", RFC 2062, December 1996.
-
- [IMAP2] Crispin, M., "Interactive Mail Access Protocol
- - Version 2", RFC 1176, August 1990.
-
- [RFC-822] Crocker, D., "Standard for the Format of ARPA
- Internet Text Messages", STD 11, RFC 822,
- August 1982.
-
- [RFC-821] Postel, J., "Simple Mail Transfer Protocol",
- STD 10, RFC 821, August 1982.
-
-B. Changes from RFC 2060
-
- 1) Clarify description of unique identifiers and their semantics.
-
- 2) Fix the SELECT description to clarify that UIDVALIDITY is required
- in the SELECT and EXAMINE responses.
-
- 3) Added an example of a failing search.
-
- 4) Correct store-att-flags: "#flag" should be "1#flag".
-
- 5) Made search and section rules clearer.
-
- 6) Correct the STORE example.
-
- 7) Correct "BASE645" misspelling.
-
- 8) Remove extraneous close parenthesis in example of two-part message
- with text and BASE64 attachment.
-
-
-
-Crispin Standards Track [Page 97]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 9) Remove obsolete "MAILBOX" response from mailbox-data.
-
- 10) A spurious "<" in the rule for mailbox-data was removed.
-
- 11) Add CRLF to continue-req.
-
- 12) Specifically exclude "]" from the atom in resp-text-code.
-
- 13) Clarify that clients and servers should adhere strictly to the
- protocol syntax.
-
- 14) Emphasize in 5.2 that EXISTS can not be used to shrink a mailbox.
-
- 15) Add NEWNAME to resp-text-code.
-
- 16) Clarify that the empty string, not NIL, is used as arguments to
- LIST.
-
- 17) Clarify that NIL can be returned as a hierarchy delimiter for the
- empty string mailbox name argument if the mailbox namespace is flat.
-
- 18) Clarify that addr-mailbox and addr-name have RFC-2822 quoting
- removed.
-
- 19) Update UTF-7 reference.
-
- 20) Fix example in 6.3.11.
-
- 21) Clarify that non-existent UIDs are ignored.
-
- 22) Update DISPOSITION reference.
-
- 23) Expand state diagram.
-
- 24) Clarify that partial fetch responses are only returned in
- response to a partial fetch command.
-
- 25) Add UIDNEXT response code. Correct UIDVALIDITY definition
- reference.
-
- 26) Further clarification of "can" vs. "MAY".
-
- 27) Reference RFC-2119.
-
- 28) Clarify that superfluous shifts are not permitted in modified
- UTF-7.
-
- 29) Clarify that there are no implicit shifts in modified UTF-7.
-
-
-
-Crispin Standards Track [Page 98]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 30) Clarify that "INBOX" in a mailbox name is always INBOX, even if
- it is given as a string.
-
- 31) Add missing open parenthesis in media-basic grammar rule.
-
- 32) Correct attribute syntax in mailbox-data.
-
- 33) Add UIDNEXT to EXAMINE responses.
-
- 34) Clarify UNSEEN, PERMANENTFLAGS, UIDVALIDITY, and UIDNEXT
- responses in SELECT and EXAMINE. They are required now, but weren't
- in older versions.
-
- 35) Update references with RFC numbers.
-
- 36) Flush text-mime2.
-
- 37) Clarify that modified UTF-7 names must be case-sensitive and that
- violating the convention should be avoided.
-
- 38) Correct UID FETCH example.
-
- 39) Clarify UID FETCH, UID STORE, and UID SEARCH vs. untagged EXPUNGE
- responses.
-
- 40) Clarify the use of the word "convention".
-
- 41) Clarify that a command is not "in progress" until it has been
- fully received (specifically, that a command is not "in progress"
- during command continuation negotiation).
-
- 42) Clarify envelope defaulting.
-
- 43) Clarify that SP means one and only one space character.
-
- 44) Forbid silly states in LIST response.
-
- 45) Clarify that the ENVELOPE, INTERNALDATE, RFC822*, BODY*, and UID
- for a message is static.
-
- 46) Add BADCHARSET response code.
-
- 47) Update formal syntax to [ABNF] conventions.
-
- 48) Clarify trailing hierarchy delimiter in CREATE semantics.
-
- 49) Clarify that the "blank line" is the [RFC-2822] delimiting blank
- line.
-
-
-
-Crispin Standards Track [Page 99]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 50) Clarify that RENAME should also create hierarchy as needed for
- the command to complete.
-
- 51) Fix body-ext-mpart to not require language if disposition
- present.
-
- 52) Clarify the RFC822.HEADER response.
-
- 53) Correct missing space after charset astring in search.
-
- 54) Correct missing quote for BADCHARSET in resp-text-code.
-
- 55) Clarify that ALL, FAST, and FULL preclude any other data items
- appearing.
-
- 56) Clarify semantics of reference argument in LIST.
-
- 57) Clarify that a null string for SEARCH HEADER X-FOO means any
- message with a header line with a field-name of X-FOO regardless of
- the text of the header.
-
- 58) Specifically reserve 8-bit mailbox names for future use as UTF-8.
-
- 59) It is not an error for the client to store a flag that is not in
- the PERMANENTFLAGS list; however, the server will either ignore the
- change or make the change in the session only.
-
- 60) Correct/clarify the text regarding superfluous shifts.
-
- 61) Correct typographic errors in the "Changes" section.
-
- 62) Clarify that STATUS must not be used to check for new messages in
- the selected mailbox
-
- 63) Clarify LSUB behavior with "%" wildcard.
-
- 64) Change AUTHORIZATION to AUTHENTICATE in section 7.5.
-
- 65) Clarify description of multipart body type.
-
- 66) Clarify that STORE FLAGS does not affect \Recent.
-
- 67) Change "west" to "east" in description of timezone.
-
- 68) Clarify that commands which break command pipelining must wait
- for a completion result response.
-
- 69) Clarify that EXAMINE does not affect \Recent.
-
-
-
-Crispin Standards Track [Page 100]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 70) Make description of MIME structure consistent.
-
- 71) Clarify that date searches disregard the time and timezone of the
- INTERNALDATE or Date: header. In other words, "ON 13-APR-2000" means
- messages with an INTERNALDATE text which starts with "13-APR-2000",
- even if timezone differential from the local timezone is sufficient
- to move that INTERNALDATE into the previous or next day.
-
- 72) Clarify that the header fetches don't add a blank line if one
- isn't in the [RFC-2822] message.
-
- 73) Clarify (in discussion of UIDs) that messages are immutable.
-
- 74) Add an example of CHARSET searching.
-
- 75) Clarify in SEARCH that keywords are a type of flag.
-
- 76) Clarify the mandatory nature of the SELECT data responses.
-
- 77) Add optional CAPABILITY response code in the initial OK or
- PREAUTH.
-
- 78) Add note that server can send an untagged CAPABILITY command as
- part of the responses to AUTHENTICATE and LOGIN.
-
- 79) Remove statement about it being unnecessary to issue a CAPABILITY
- command more than once in a connection. That statement is no longer
- true.
-
- 80) Clarify that untagged EXPUNGE decrements the number of messages
- in the mailbox.
-
- 81) Fix definition of "body" (concatenation has tighter binding than
- alternation).
-
- 82) Add a new "Special Notes to Implementors" section with reference
- to [IMAP-IMPLEMENTATION].
-
- 83) Clarify that an untagged CAPABILITY response to an AUTHENTICATE
- command should only be done if a security layer was not negotiated.
-
- 84) Change the definition of atom to exclude "]". Update astring to
- include "]" for compatiblity with the past. Remove resp-text-atom.
-
- 85) Remove NEWNAME. It can't work because mailbox names can be
- literals and can include "]". Functionality can be addressed via
- referrals.
-
-
-
-
-Crispin Standards Track [Page 101]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 86) Move modified UTF-7 rationale in order to have more logical
- paragraph flow.
-
- 87) Clarify UID uniqueness guarantees with the use of MUST.
-
- 88) Note that clients should read response data until the connection
- is closed instead of immediately closing on a BYE.
-
- 89) Change RFC-822 references to RFC-2822.
-
- 90) Clarify that RFC-2822 should be followed instead of RFC-822.
-
- 91) Change recommendation of optional automatic capabilities in LOGIN
- and AUTHENTICATE to use the CAPABILITY response code in the tagged
- OK. This is more interoperable than an unsolicited untagged
- CAPABILITY response.
-
- 92) STARTTLS and AUTH=PLAIN are mandatory to implement; add
- recommendations for other [SASL] mechanisms.
-
- 93) Clarify that a "connection" (as opposed to "server" or "command")
- is in one of the four states.
-
- 94) Clarify that a failed or rejected command does not change state.
-
- 95) Split references between normative and informative.
-
- 96) Discuss authentication failure issues in security section.
-
- 97) Clarify that a data item is not necessarily of only one data
- type.
-
- 98) Clarify that sequence ranges are independent of order.
-
- 99) Change an example to clarify that superfluous shifts in
- Modified-UTF7 can not be fixed just by omitting the shift. The
- entire string must be recalculated.
-
- 100) Change Envelope Structure definition since [RFC-2822] uses
- "envelope" to refer to the [SMTP] envelope and not the envelope data
- that appears in the [RFC-2822] header.
-
- 101) Expand on RFC822.HEADER response data vs. BODY[HEADER].
-
- 102) Clarify Logout state semantics, change ASCII art.
-
- 103) Security changes to comply with IESG requirements.
-
-
-
-
-Crispin Standards Track [Page 102]
-
-RFC 3501 IMAPv4 March 2003
-
-
- 104) Add definition for body URI.
-
- 105) Break sequence range definition into three rules, with rewritten
- descriptions for each.
-
- 106) Move STARTTLS and LOGINDISABLED here from [IMAP-TLS].
-
- 107) Add IANA Considerations section.
-
- 108) Clarify valid client assumptions for new message UIDs vs.
- UIDNEXT.
-
- 109) Clarify that changes to permanentflags affect concurrent
- sessions as well as subsequent sessions.
-
- 110) Clarify that authenticated state can be entered by the CLOSE
- command.
-
- 111) Emphasize that SELECT and EXAMINE are the exceptions to the rule
- that a failing command does not change state.
-
- 112) Clarify that newly-appended messages have the Recent flag set.
-
- 113) Clarify that newly-copied messages SHOULD have the Recent flag
- set.
-
- 114) Clarify that UID commands always return the UID in FETCH
- responses.
-
-C. Key Word Index
-
- +FLAGS <flag list> (store command data item) ............... 59
- +FLAGS.SILENT <flag list> (store command data item) ........ 59
- -FLAGS <flag list> (store command data item) ............... 59
- -FLAGS.SILENT <flag list> (store command data item) ........ 59
- ALERT (response code) ...................................... 64
- ALL (fetch item) ........................................... 55
- ALL (search key) ........................................... 50
- ANSWERED (search key) ...................................... 50
- APPEND (command) ........................................... 45
- AUTHENTICATE (command) ..................................... 27
- BAD (response) ............................................. 66
- BADCHARSET (response code) ................................. 64
- BCC <string> (search key) .................................. 51
- BEFORE <date> (search key) ................................. 51
- BODY (fetch item) .......................................... 55
- BODY (fetch result) ........................................ 73
- BODY <string> (search key) ................................. 51
-
-
-
-Crispin Standards Track [Page 103]
-
-RFC 3501 IMAPv4 March 2003
-
-
- BODY.PEEK[<section>]<<partial>> (fetch item) ............... 57
- BODYSTRUCTURE (fetch item) ................................. 57
- BODYSTRUCTURE (fetch result) ............................... 74
- BODY[<section>]<<origin octet>> (fetch result) ............. 74
- BODY[<section>]<<partial>> (fetch item) .................... 55
- BYE (response) ............................................. 67
- Body Structure (message attribute) ......................... 12
- CAPABILITY (command) ....................................... 24
- CAPABILITY (response code) ................................. 64
- CAPABILITY (response) ...................................... 68
- CC <string> (search key) ................................... 51
- CHECK (command) ............................................ 47
- CLOSE (command) ............................................ 48
- COPY (command) ............................................. 59
- CREATE (command) ........................................... 34
- DELETE (command) ........................................... 35
- DELETED (search key) ....................................... 51
- DRAFT (search key) ......................................... 51
- ENVELOPE (fetch item) ...................................... 57
- ENVELOPE (fetch result) .................................... 77
- EXAMINE (command) .......................................... 33
- EXISTS (response) .......................................... 71
- EXPUNGE (command) .......................................... 48
- EXPUNGE (response) ......................................... 72
- Envelope Structure (message attribute) ..................... 12
- FAST (fetch item) .......................................... 55
- FETCH (command) ............................................ 54
- FETCH (response) ........................................... 73
- FLAGGED (search key) ....................................... 51
- FLAGS (fetch item) ......................................... 57
- FLAGS (fetch result) ....................................... 78
- FLAGS (response) ........................................... 71
- FLAGS <flag list> (store command data item) ................ 59
- FLAGS.SILENT <flag list> (store command data item) ......... 59
- FROM <string> (search key) ................................. 51
- FULL (fetch item) .......................................... 55
- Flags (message attribute) .................................. 11
- HEADER (part specifier) .................................... 55
- HEADER <field-name> <string> (search key) .................. 51
- HEADER.FIELDS <header-list> (part specifier) ............... 55
- HEADER.FIELDS.NOT <header-list> (part specifier) ........... 55
- INTERNALDATE (fetch item) .................................. 57
- INTERNALDATE (fetch result) ................................ 78
- Internal Date (message attribute) .......................... 12
- KEYWORD <flag> (search key) ................................ 51
- Keyword (type of flag) ..................................... 11
- LARGER <n> (search key) .................................... 51
- LIST (command) ............................................. 40
-
-
-
-Crispin Standards Track [Page 104]
-
-RFC 3501 IMAPv4 March 2003
-
-
- LIST (response) ............................................ 69
- LOGIN (command) ............................................ 30
- LOGOUT (command) ........................................... 25
- LSUB (command) ............................................. 43
- LSUB (response) ............................................ 70
- MAY (specification requirement term) ....................... 4
- MESSAGES (status item) ..................................... 45
- MIME (part specifier) ...................................... 56
- MUST (specification requirement term) ...................... 4
- MUST NOT (specification requirement term) .................. 4
- Message Sequence Number (message attribute) ................ 10
- NEW (search key) ........................................... 51
- NO (response) .............................................. 66
- NOOP (command) ............................................. 25
- NOT <search-key> (search key) .............................. 52
- OK (response) .............................................. 65
- OLD (search key) ........................................... 52
- ON <date> (search key) ..................................... 52
- OPTIONAL (specification requirement term) .................. 4
- OR <search-key1> <search-key2> (search key) ................ 52
- PARSE (response code) ...................................... 64
- PERMANENTFLAGS (response code) ............................. 64
- PREAUTH (response) ......................................... 67
- Permanent Flag (class of flag) ............................. 12
- READ-ONLY (response code) .................................. 65
- READ-WRITE (response code) ................................. 65
- RECENT (response) .......................................... 72
- RECENT (search key) ........................................ 52
- RECENT (status item) ....................................... 45
- RENAME (command) ........................................... 37
- REQUIRED (specification requirement term) .................. 4
- RFC822 (fetch item) ........................................ 57
- RFC822 (fetch result) ...................................... 78
- RFC822.HEADER (fetch item) ................................. 57
- RFC822.HEADER (fetch result) ............................... 78
- RFC822.SIZE (fetch item) ................................... 57
- RFC822.SIZE (fetch result) ................................. 78
- RFC822.TEXT (fetch item) ................................... 58
- RFC822.TEXT (fetch result) ................................. 79
- SEARCH (command) ........................................... 49
- SEARCH (response) .......................................... 71
- SEEN (search key) .......................................... 52
- SELECT (command) ........................................... 31
- SENTBEFORE <date> (search key) ............................. 52
- SENTON <date> (search key) ................................. 52
- SENTSINCE <date> (search key) .............................. 52
- SHOULD (specification requirement term) .................... 4
- SHOULD NOT (specification requirement term) ................ 4
-
-
-
-Crispin Standards Track [Page 105]
-
-RFC 3501 IMAPv4 March 2003
-
-
- SINCE <date> (search key) .................................. 52
- SMALLER <n> (search key) ................................... 52
- STARTTLS (command) ......................................... 27
- STATUS (command) ........................................... 44
- STATUS (response) .......................................... 70
- STORE (command) ............................................ 58
- SUBJECT <string> (search key) .............................. 53
- SUBSCRIBE (command) ........................................ 38
- Session Flag (class of flag) ............................... 12
- System Flag (type of flag) ................................. 11
- TEXT (part specifier) ...................................... 56
- TEXT <string> (search key) ................................. 53
- TO <string> (search key) ................................... 53
- TRYCREATE (response code) .................................. 65
- UID (command) .............................................. 60
- UID (fetch item) ........................................... 58
- UID (fetch result) ......................................... 79
- UID <sequence set> (search key) ............................ 53
- UIDNEXT (response code) .................................... 65
- UIDNEXT (status item) ...................................... 45
- UIDVALIDITY (response code) ................................ 65
- UIDVALIDITY (status item) .................................. 45
- UNANSWERED (search key) .................................... 53
- UNDELETED (search key) ..................................... 53
- UNDRAFT (search key) ....................................... 53
- UNFLAGGED (search key) ..................................... 53
- UNKEYWORD <flag> (search key) .............................. 53
- UNSEEN (response code) ..................................... 65
- UNSEEN (search key) ........................................ 53
- UNSEEN (status item) ....................................... 45
- UNSUBSCRIBE (command) ...................................... 39
- Unique Identifier (UID) (message attribute) ................ 8
- X<atom> (command) .......................................... 62
- [RFC-2822] Size (message attribute) ........................ 12
- \Answered (system flag) .................................... 11
- \Deleted (system flag) ..................................... 11
- \Draft (system flag) ....................................... 11
- \Flagged (system flag) ..................................... 11
- \Marked (mailbox name attribute) ........................... 69
- \Noinferiors (mailbox name attribute) ...................... 69
- \Noselect (mailbox name attribute) ......................... 69
- \Recent (system flag) ...................................... 11
- \Seen (system flag) ........................................ 11
- \Unmarked (mailbox name attribute) ......................... 69
-
-
-
-
-
-
-
-Crispin Standards Track [Page 106]
-
-RFC 3501 IMAPv4 March 2003
-
-
-Author's Address
-
- Mark R. Crispin
- Networks and Distributed Computing
- University of Washington
- 4545 15th Avenue NE
- Seattle, WA 98105-4527
-
- Phone: (206) 543-5762
-
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 107]
-
-RFC 3501 IMAPv4 March 2003
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns. v This
- document and the information contained herein is provided on an "AS
- IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
- FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
- LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL
- NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY
- OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 108]
-
-
diff --git a/imap/docs/rfc/rfc3502.txt b/imap/docs/rfc/rfc3502.txt
deleted file mode 100644
index f6b61a44..00000000
--- a/imap/docs/rfc/rfc3502.txt
+++ /dev/null
@@ -1,395 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 3502 University of Washington
-Category: Standards Track March 2003
-
-
- Internet Message Access Protocol (IMAP) - MULTIAPPEND Extension
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
-Abstract
-
- This document describes the multiappending extension to the Internet
- Message Access Protocol (IMAP) (RFC 3501). This extension provides
- substantial performance improvements for IMAP clients which upload
- multiple messages at a time to a mailbox on the server.
-
- A server which supports this extension indicates this with a
- capability name of "MULTIAPPEND".
-
-Terminology
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "MAY", and "OPTIONAL" in this document are to
- be interpreted as described in [KEYWORDS].
-
-Introduction
-
- The MULTIAPPEND extension permits uploading of multiple messages with
- a single command. When used in conjunction with the [LITERAL+]
- extension, the entire upload is accomplished in a single
- command/response round trip.
-
- A MULTIAPPEND APPEND operation is atomic; either all messages are
- successfully appended, or no messages are appended.
-
- In the base IMAP specification, each message must be appended in a
- separate command, and there is no mechanism to "unappend" messages if
- an error occurs while appending. Also, some mail stores may require
-
-
-
-Crispin Standards Track [Page 1]
-
-RFC 3502 IMAP MULTIAPPEND March 2003
-
-
- an expensive "open/lock + sync/unlock/close" operation as part of
- appending; this can be quite expensive if it must be done on a
- per-message basis.
-
- If the server supports both LITERAL+ and pipelining but not
- MULTIAPPEND, it may be possible to get some of the performance
- advantages of MULTIAPPEND by doing a pipelined "batch" append.
- However, it will not work as well as MULTIAPPEND for the following
- reasons:
-
- 1) Multiple APPEND commands, even as part of a pipelined batch,
- are non-atomic by definition. There is no way to revert the
- mailbox to the state before the batch append in the event of an
- error.
-
- 2) It may not be feasible for the server to coalesce pipelined
- APPEND operations so as to avoid the "open/lock +
- sync/unlock/close" overhead described above. In any case, such
- coalescing would be timing dependent and thus potentially
- unreliable. In particular, with traditional UNIX mailbox files,
- it is assumed that a lock is held only for a single atomic
- operation, and many applications disregard any lock that is
- older than 5 minutes.
-
- 3) If an error occurs, depending upon the nature of the error,
- it is possible for additional messages to be appended after the
- error. For example, the user wants to append 5 messages, but a
- disk quota error occurs with the third message because of its
- size. However, the fourth and fifth messages have already been
- sent in the pipeline, so the mailbox ends up with the first,
- second, fourth, and fifth messages of the batch appended.
-
-6.3.11. APPEND Command
-
- Arguments: mailbox name
- one or more messages to upload, specified as:
- OPTIONAL flag parenthesized list
- OPTIONAL date/time string
- message literal
-
- Data: no specific responses for this command
-
- Result: OK - append completed
- NO - append error: can't append to that mailbox, error
- in flags or date/time or message text,
- append cancelled
- BAD - command unknown or arguments invalid
-
-
-
-
-Crispin Standards Track [Page 2]
-
-RFC 3502 IMAP MULTIAPPEND March 2003
-
-
- The APPEND command appends the literal arguments as new messages
- to the end of the specified destination mailbox. This argument
- SHOULD be in the format of an [RFC-2822] message. 8-bit
- characters are permitted in the message. A server implementation
- that is unable to preserve 8-bit data properly MUST be able to
- reversibly convert 8-bit APPEND data to 7-bit using a [MIME-IMB]
- content transfer encoding.
-
- Note: There MAY be exceptions, e.g., draft messages, in
- which required [RFC-2822] header lines are omitted in the
- message literal argument to APPEND. The full implications
- of doing so MUST be understood and carefully weighed.
-
- If a flag parenthesized list is specified, the flags SHOULD be set
- in the resulting message; otherwise, the flag list of the
- resulting message is set empty by default.
-
- If a date-time is specified, the internal date SHOULD be set in
- the resulting message; otherwise, the internal date of the
- resulting message is set to the current date and time by default.
-
- A zero-length message literal argument is an error, and MUST
- return a NO. This can be used to cancel the append.
-
- If the append is unsuccessful for any reason (including being
- cancelled), the mailbox MUST be restored to its state before the
- APPEND attempt; no partial appending is permitted. The server MAY
- return an error before processing all the message arguments.
-
- If the destination mailbox does not exist, a server MUST return an
- error, and MUST NOT automatically create the mailbox. Unless it
- is certain that the destination mailbox can not be created, the
- server MUST send the response code "[TRYCREATE]" as the prefix of
- the text of the tagged NO response. This gives a hint to the
- client that it can attempt a CREATE command and retry the APPEND
- if the CREATE is successful.
-
- If the mailbox is currently selected, the normal new message
- actions SHOULD occur. Specifically, the server SHOULD notify the
- client immediately via an untagged EXISTS response. If the server
- does not do so, the client MAY issue a NOOP command (or failing
- that, a CHECK command) after one or more APPEND commands.
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 3]
-
-RFC 3502 IMAP MULTIAPPEND March 2003
-
-
- Example: C: A003 APPEND saved-messages (\Seen) {329}
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@Blurdybloop.example.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.example.net
- C: Message-Id: <B27397-0100000@Blurdybloop.example.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C: (\Seen) " 7-Feb-1994 22:43:04 -0800" {295}
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 22:43:04 -0800 (PST)
- C: From: Joe Mooch <mooch@OWaTaGu.example.net>
- C: Subject: Re: afternoon meeting
- C: To: foobar@blurdybloop.example.com
- C: Message-Id: <a0434793874930@OWaTaGu.example.net>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: 3:30 is fine with me.
- C:
- S: A003 OK APPEND completed
- C: A004 APPEND bogusname (\Flagged) {1023}
- S: A004 NO [TRYCREATE] No such mailbox as bogusname
- C: A005 APPEND test (\Flagged) {99}
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 2000 22:43:04 -0800 (PST)
- C: From: Fred Foobar <fred@example.com>
- C: Subject: hmm...
- C: {35403}
- S: A005 NO APPEND failed: Disk quota exceeded
-
- Note: The APPEND command is not used for message delivery,
- because it does not provide a mechanism to transfer [SMTP]
- envelope information.
-
-Modification to IMAP4rev1 Base Protocol Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF].
-
- append = "APPEND" SP mailbox 1*append-message
-
- append-message = [SP flag-list] [SP date-time] SP literal
-
-
-
-
-
-Crispin Standards Track [Page 4]
-
-RFC 3502 IMAP MULTIAPPEND March 2003
-
-
-MULTIAPPEND Interaction with UIDPLUS Extension
-
- Servers which support both MULTIAPPEND and [UIDPLUS] will have the
- "resp-code-apnd" rule modified as follows:
-
- resp-code-apnd = "APPENDUID" SP nz-number SP set
-
- That is, the APPENDUID response code returns as many UIDs as there
- were messages appended in the multiple append. The UIDs returned
- should be in the order the articles where appended. The message set
- may not contain extraneous UIDs or the symbol "*".
-
-Security Considerations
-
- The MULTIAPPEND extension does not raise any security considerations
- that are not present in the base [IMAP] protocol, and these issues
- are discussed in [IMAP]. Nevertheless, it is important to remember
- that IMAP4rev1 protocol transactions, including electronic mail data,
- are sent in the clear over the network unless protection from
- snooping is negotiated, either by the use of STARTTLS, privacy
- protection is negotiated in the AUTHENTICATE command, or some other
- protection mechanism is in effect.
-
-Normative References
-
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 2234, November 1997.
-
- [IMAP] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 3501, March 2003.
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [MIME-IMB] Freed, N. and N. Borenstein, "MIME (Multipurpose Internet
- Mail Extensions) Part One: Format of Internet Message
- Bodies", RFC 2045, November 1996.
-
- [RFC-2822] Resnick, P., "Internet Message Format", RFC 2822, April
- 2001.
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 5]
-
-RFC 3502 IMAP MULTIAPPEND March 2003
-
-
-Informative References
-
- [LITERAL+] Myers, J., "IMAP4 non-synchronizing literals", RFC 2088,
- January 1997.
-
- [UIDPLUS] Myers, J., "IMAP4 UIDPLUS extension", RFC 2359, June 1988.
-
- [SMTP] Klensin, J., Editor, "Simple Mail Transfer Protocol", RFC
- 2821, April 2001.
-
-Author's Address
-
- Mark R. Crispin
- Networks and Distributed Computing
- University of Washington
- 4545 15th Avenue NE
- Seattle, WA 98105-4527
-
- Phone: (206) 543-5762
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 6]
-
-RFC 3502 IMAP MULTIAPPEND March 2003
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 7]
-
diff --git a/imap/docs/rfc/rfc3503.txt b/imap/docs/rfc/rfc3503.txt
deleted file mode 100644
index 5b82fb08..00000000
--- a/imap/docs/rfc/rfc3503.txt
+++ /dev/null
@@ -1,507 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov
-Request for Comments: 3503 ACI Worldwide/MessagingDirect
-Category: Standards Track March 2003
-
-
- Message Disposition Notification (MDN) profile for
- Internet Message Access Protocol (IMAP)
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
-Abstract
-
- The Message Disposition Notification (MDN) facility defined in RFC
- 2298 provides a means by which a message can request that message
- processing by the recipient be acknowledged as well as a format to be
- used for such acknowledgements. However, it doesn't describe how
- multiple Mail User Agents (MUAs) should handle the generation of MDNs
- in an Internet Message Access Protocol (IMAP4) environment.
-
- This document describes how to handle MDNs in such an environment and
- provides guidelines for implementers of IMAP4 that want to add MDN
- support to their products.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 1]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
-Table of Contents
-
- 1. Conventions Used in this Document............................. 2
- 2. Introduction and Overview..................................... 2
- 3. Client behavior............................................... 3
- 3.1. Client behavior when receiving a message................. 5
- 3.2. Client behavior when copying a message................... 5
- 3.3. Client behavior when sending a message................... 5
- 3.4. Client behavior when saving a temporary message.......... 5
- 4. Server behavior............................................... 5
- 4.1. Server that supports arbitrary keywords.................. 5
- 4.2. Server that supports only $MDNSent keyword............... 5
- 4.3. Interaction with IMAP ACL extension...................... 6
- 5. Examples...................................................... 6
- 6. Security Considerations....................................... 7
- 7. Formal Syntax................................................. 7
- 8. Acknowledgments............................................... 7
- 9. Normative References.......................................... 8
- 10. Author's Address.............................................. 8
- 11. Full Copyright Statement...................................... 9
-
-1. Conventions Used in this Document
-
- "C:" and "S:" in examples show lines sent by the client and server
- respectively.
-
- The keywords "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in
- this document when typed in uppercase are to be interpreted as
- defined in "Key words for use in RFCs to Indicate Requirement Levels"
- [KEYWORDS].
-
-2. Introduction and Overview
-
- This memo defines an additional [IMAP4] mailbox keyword that allows
- multiple Mail User Agents (MUAs) to know if a requested receipt
- notification was sent.
-
- Message Disposition Notification [MDN] does not require any special
- support of IMAP in the case where a user has access to the mailstore
- from only one computer and is using a single MUA. In this case, the
- MUA behaves as described in [MDN], i.e., the MUA performs automatic
- processing and generates corresponding MDNs, it performs requested
- action and, with the user's permission, sends appropriate MDNs. The
- MUA will not send MDN twice because the MUA keeps track of sent
- notifications in a local configuration. However, that does not work
- when IMAP is used to access the same mailstore from different
- locations or is using different MUAs.
-
-
-
-
-Melnikov Standards Track [Page 2]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
- This document defines a new special purpose mailbox keyword $MDNSent
- that must be used by MUAs. It does not define any new command or
- response for IMAP, but describes a technique that MUAs should use to
- achieve interoperability.
-
- When a client opens a mailbox for the first time, it verifies that
- the server is capable of storing the $MDNSent keyword by examining
- the PERMANENTFLAGS response code. In order to support MDN in IMAP, a
- server MUST support either the $MDNSent keyword, or arbitrary message
- keywords.
-
-3. Client behavior
-
- The use of IMAP requires few additional steps in mail processing on
- the client side. The following timeline modifies the timeline found
- in Section 4 of [MDN].
-
- -- User composes message.
-
- -- User tells MUA to send message.
-
- -- MUA passes message to MSA (original recipient information passed
- along). MUA [optionally] saves message to a folder for sent mail
- with $MDNSent flag set.
-
- -- MSA sends message to MTA.
-
- -- Final MTA receives message.
-
- -- Final MTA delivers message to MUA (possibly generating DSN).
-
- -- MUA logs into IMAP server, opens mailbox, verifies if mailbox can
- store $MDNSent keyword by examining PERMANENTFLAGS response.
-
- -- MUA performs automatic processing and generates corresponding MDNs
- ("dispatched", "processed", "deleted", "denied" or "failed"
- disposition type with "automatic-action" and "MDN-sent-
- automatically" disposition modes) for messages that do not have
- $MDNSent keyword, or \Draft flag set. (*)
-
- -- MUA sets the $MDNSent keyword for every message that required an
- automatic MDN to be sent, whether or not the MDN was sent.
-
- -- MUA displays a list of messages to user.
-
- -- User selects a message and requests that some action be performed
- on it.
-
-
-
-
-Melnikov Standards Track [Page 3]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
- -- MUA performs requested action and, with user's permission, sends
- appropriate MDN ("displayed", "dispatched", "processed",
- "deleted", "denied" or "failed" disposition type with "manual-
- action" and "MDN-sent-manually" or "MDN-sent-automatically"
- disposition mode). If the generated MDN is saved to a mailbox
- with the APPEND command, the client MUST specify the $MDNSent
- keyword in the APPEND.
-
- -- MUA sets the $MDNSent keyword for all messages for which the user
- confirmed the dispatching of disposition (or was explicitly
- prohibited to do so).
-
- -- User possibly performs other actions on message, but no further
- MDNs are generated.
-
- (*) Note: MUA MUST NOT use \Recent flag as an indicator that it
- should send MDN, because according to [IMAP4], "If multiple
- connections have the same mailbox selected simultaneously, it is
- undefined which of these connections will see newly-arrived
- messages with \Recent set and which will see it without \Recent
- set". Thus, using \Recent as an indicator will cause
- unpredictable client behavior with different IMAP4 servers.
- However, the client MAY use \Seen flag as one of the indicators
- that MDN must not be sent. The client MUST NOT use any other
- standard flags, like \Draft or \Answered, to indicate that MDN
- was previously sent, because they have different well known
- meaning. In any case, in the presence of the $MDNSent keyword,
- the client MUST ignore all other flags or keywords for the
- purpose of generating an MDN and MUST NOT send the MDN.
-
- When the client opens a mailbox for the first time, it must verify
- that the server supports the $MDNSent keyword, or arbitrary message
- keywords by examining PERMANENTFLAGS response code.
-
- The client MUST NOT try to set the $MDNSent keyword if the server is
- incapable of storing it permanently.
-
- The client MUST be prepared to receive NO from the server as the
- result of STORE $MDNSent when the server advertises the support of
- storing arbitrary keywords, because the server may limit the number
- of message keywords it can store in a particular mailbox. A client
- SHOULD NOT send MDN if it fails to store the $MDNSent keyword.
-
- Once the $MDNSent keyword is set, it MUST NOT be unset by a client.
- The client MAY set the $MDNSent keyword when a user denies sending
- the notification. This prohibits all other MUAs from sending MDN for
- this message.
-
-
-
-
-Melnikov Standards Track [Page 4]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
-3.1. Client behavior when receiving a message
-
- The client MUST NOT send MDN if a message has the $MDNSent keyword
- set. It also MUST NOT send MDN if a message has \Draft flag, because
- some clients use this flag to mark a message as incomplete.
-
- See the timeline in section 3 for details on client behavior when
- receiving a message.
-
-3.2. Client behavior when copying a message
-
- The client SHOULD verify that $MDNSent is preserved on a COPY
- operation. Furthermore, when a message is copied between servers
- with the APPEND command, the client MUST set the $MDNSent keyword
- correctly.
-
-3.3. Client behavior when sending a message
-
- When saving a sent message to any folder, the client MUST set the
- $MDNSent keyword to prevent another client from sending MDN for the
- message.
-
-3.4. Client behavior when saving a temporary message
-
- When saving an unfinished message to any folder client MUST set
- $MDNSent keyword to prevent another client from sending MDN for the
- message.
-
-4. Server behavior
-
- Server implementors that want to follow this specification must
- insure that their server complies with either section 4.1 or section
- 4.2. If the server also supports the IMAP [ACL] extension, it MUST
- also comply with the section 4.3.
-
-4.1. Server that supports arbitrary keywords
-
- No changes are required from the server to make it compatible with
- the extension described in this document if it supports arbitrary
- keywords.
-
-4.2. Server that supports only $MDNSent keyword
-
- Servers that support only the $MDNSent keyword MUST preserve it on
- the COPY operation. It is also expected that a server that supports
- SEARCH <flag> will also support the SEARCH KEYWORD $MDNSent.
-
-
-
-
-
-Melnikov Standards Track [Page 5]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
-4.3. Interaction with IMAP ACL extension
-
- Any server that conforms to either 4.1 or 4.2 and also supports the
- IMAP [ACL] extension, SHOULD preserve the $MDNSent keyword on COPY
- even if the client does not have 'w' right. This will prevent the
- generation of a duplicated MDN for the same message. Note that the
- server MUST still check if the client has rights to perform the COPY
- operation on a message according to [ACL].
-
-5. Examples
-
- 1) MUA opens mailbox for the first time.
-
- a) The server supports storing of arbitrary keywords
-
- C: a100 select INBOX
- S: * FLAGS (\Flagged \Draft \Deleted \Seen)
- S: * OK [PERMANENTFLAGS (\Flagged \Draft \Deleted \Seen \*)]
- S: * 5 EXISTS
- S: * 3 RECENT
- S: * OK [UIDVALIDITY 894294713]
- S: a100 OK [READ-WRITE] Completed
-
- b) The server supports storing of the $MDNSent keyword
-
- C: a100 select INBOX
- S: * FLAGS (\Flagged \Draft \Deleted \Seen $MDNSent)
- S: * OK [PERMANENTFLAGS (\Flagged \Draft \Deleted \Seen $MDNSent)]
- S: * 5 EXISTS
- S: * 3 RECENT
- S: * OK [UIDVALIDITY 894294713]
- S: a100 OK [READ-WRITE] Completed
-
- 2) The MUA successfully sets the $MDNSent keyword
-
- C: a200 STORE 4 +FLAGS ($MDNSent)
- S: * 4 FETCH (FLAGS (\Flagged \Seen $MDNSent))
- S: * FLAGS ($MDNSent \Flagged \Deleted \Draft \Seen)
- S: * OK [PERMANENTFLAGS ($MDNSent \Flagged \Deleted \Draft \Seen \*)]
- S: a200 OK STORE completed
-
- 3) The server refuses to store the $MDNSent keyword
-
- C: a200 STORE 4 +FLAGS ($MDNSent)
- S: a200 NO STORE failed : no space left to store $MDNSent keyword
-
-
-
-
-
-
-Melnikov Standards Track [Page 6]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
- 4) All clients and servers MUST treat the $MDNSent keyword as case
- insensitive in all operations, as stated in [IMAP].
-
- C: a300 FETCH 1:* FLAGS
- S: * 1 FETCH (FLAGS (\Seen))
- S: * 2 FETCH (FLAGS (\Answered \Seen $MdnSENt))
- S: * 3 FETCH (FLAGS ())
- S: * 4 FETCH (FLAGS (\Flagged \Seen $MdnSENT))
- S: * 5 FETCH (FLAGS ($MDNSent))
- S: * 6 FETCH (FLAGS (\Recent))
- S: a300 OK FETCH completed
- C: a400 SEARCH KEYWORDS $mdnsent
- S: * SEARCH 2 4 5
- S: a400 OK SEARCH completed
-
-6. Security Considerations
-
- There are no known security issues with this extension, not found in
- [MDN] and/or [IMAP4].
-
- Section 4.3 changes ACL checking requirements on an IMAP server that
- implements IMAP [ACL] extension.
-
-7. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) notation as specified in [RFC-822], as modified by
- [IMAP4]. Non-terminals referenced, but not defined below, are as
- defined by [IMAP4].
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lower case characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- flag_keyword ::= "$MDNSent" / other_keywords
-
- other_keywords ::= atom
-
-8. Acknowledgments
-
- This document is the product of discussions that took place on the
- IMAP mailing list. Special gratitude to Cyrus Daboo and Randall
- Gellens for reviewing the document.
-
- Thank you to my father who as he has helped to make me what I am. I
- miss you terribly.
-
-
-
-
-Melnikov Standards Track [Page 7]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
-9. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [MDN] Fajman, R., "An Extensible Message Format for Message
- Disposition Notifications", RFC 2298, March 1998.
-
- [IMAP4] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 3501, March 2003.
-
- [ACL] Myers, J., "IMAP4 ACL extension", RFC 2086, January 1997.
-
-10. Author's Address
-
- Alexey Melnikov
- ACI Worldwide/MessagingDirect
- 59 Clarendon Road
- Watford, Hertfordshire
- United Kingdom, WD17 1FQ
-
- Phone: +44 1923 81 2877
- EMail: mel@messagingdirect.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 8]
-
-RFC 3503 MDN profile for IMAP March 2003
-
-
-11. Full Copyright Statement
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 9]
-
diff --git a/imap/docs/rfc/rfc3516.txt b/imap/docs/rfc/rfc3516.txt
deleted file mode 100644
index 4d021975..00000000
--- a/imap/docs/rfc/rfc3516.txt
+++ /dev/null
@@ -1,451 +0,0 @@
-
-
-
-
-
-
-Network Working Group L. Nerenberg
-Request for Comments: 3516 Orthanc Systems
-Category: Standards Track April 2003
-
-
- IMAP4 Binary Content Extension
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
-Abstract
-
- This memo defines the Binary extension to the Internet Message Access
- Protocol (IMAP4). It provides a mechanism for IMAP4 clients and
- servers to exchange message body data without using a MIME content-
- transfer-encoding.
-
-1. Conventions Used in this Document
-
- The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
- in this document are to be interpreted as described in [KEYWORD].
-
- The abbreviation "CTE" means content-transfer-encoding.
-
-2. Introduction
-
- The MIME extensions to Internet messaging allow for the transmission
- of non-textual (binary) message content [MIME-IMB]. Since the
- traditional transports for messaging are not always capable of
- passing binary data transparently, MIME provides encoding schemes
- that allow binary content to be transmitted over transports that are
- not otherwise able to do so.
-
- The overhead of MIME-encoding this content can be considerable in
- some contexts (e.g., slow radio links, streaming multimedia).
- Reducing the overhead associated with CTE schemes such as base64
-
-
-
-
-
-
-Nerenberg Standards Track [Page 1]
-
-RFC 3516 IMAP4 Binary Content Extension April 2003
-
-
- can give a noticeable reduction in resource consumption. The Binary
- extension lets the server perform CTE decoding prior to transmitting
- message data to the client.
-
-3. Content-Transfer-Encoding Considerations
-
- Every IMAP4 body section has a MIME content-transfer-encoding.
- (Those without an explicit Content-Transfer-Encoding header are
- implicitly labeled as "7bit" content.) In the terminology of [MIME-
- IMB], the CTE specifies both a decoding algorithm and the domain of
- the decoded data. In this memo, "decoding" refers to the CTE
- decoding step described in [MIME-IMB].
-
- Certain CTEs use an identity encoding transformation. For these CTEs
- there is no decoding required, however the domain of the underlying
- data may not be expressible in the IMAP4 protocol (e.g., MIME
- "binary" content containing NUL octets). To accommodate these cases
- the Binary extension introduces a new type of literal protocol
- element that is fully eight bit transparent.
-
- Thus, server processing of the FETCH BINARY command involves two
- logical steps:
-
- 1) perform any CTE-related decoding
-
- 2) determine the domain of the decoded data
-
- Step 2 is necessary to determine which protocol element should be
- used to transmit the decoded data. (See FETCH Response Extensions
- for further details.)
-
-4. Framework for the IMAP4 Binary Extension
-
- This memo defines the following extensions to [IMAP4rev1].
-
-4.1. CAPABILITY Identification
-
- IMAP4 servers that support this extension MUST include "BINARY" in
- the response list to the CAPABILITY command.
-
-4.2. FETCH Command Extensions
-
- This extension defines three new FETCH command data items.
-
- BINARY<section-binary>[<partial>]
-
- Requests that the specified section be transmitted after
- performing CTE-related decoding.
-
-
-
-Nerenberg Standards Track [Page 2]
-
-RFC 3516 IMAP4 Binary Content Extension April 2003
-
-
- The <partial> argument, if present, requests that a subset of
- the data be returned. The semantics of a partial FETCH BINARY
- command are the same as for a partial FETCH BODY command, with
- the exception that the <partial> arguments refer to the DECODED
- section data.
-
- BINARY.PEEK<section-binary>[<partial>]
-
- An alternate form of FETCH BINARY that does not implicitly set
- the \Seen flag.
-
- BINARY.SIZE<section-binary>
-
- Requests the decoded size of the section (i.e., the size to
- expect in response to the corresponding FETCH BINARY request).
-
- Note: client authors are cautioned that this might be an
- expensive operation for some server implementations.
- Needlessly issuing this request could result in degraded
- performance due to servers having to calculate the value every
- time the request is issued.
-
-4.3. FETCH Response Extensions
-
- This extension defines two new FETCH response data items.
-
- BINARY<section-binary>[<<number>>]
-
- An <nstring> or <literal8> expressing the content of the
- specified section after removing any CTE-related encoding. If
- <number> is present it refers to the offset within the DECODED
- section data.
-
- If the domain of the decoded data is "8bit" and the data does
- not contain the NUL octet, the server SHOULD return the data in
- a <string> instead of a <literal8>; this allows the client to
- determine if the "8bit" data contains the NUL octet without
- having to explicitly scan the data stream for for NULs.
-
- If the server does not know how to decode the section's CTE, it
- MUST fail the request and issue a "NO" response that contains
- the "UNKNOWN-CTE" extended response code.
-
-
-
-
-
-
-
-
-
-Nerenberg Standards Track [Page 3]
-
-RFC 3516 IMAP4 Binary Content Extension April 2003
-
-
- BINARY.SIZE<section-binary>
-
- The size of the section after removing any CTE-related
- encoding. The value returned MUST match the size of the
- <nstring> or <literal8> that will be returned by the
- corresponding FETCH BINARY request.
-
- If the server does not know how to decode the section's CTE, it
- MUST fail the request and issue a "NO" response that contains
- the "UNKNOWN-CTE" extended response code.
-
-4.4. APPEND Command Extensions
-
- The APPEND command is extended to allow the client to append data
- containing NULs by using the <literal8> syntax. The server MAY
- modify the CTE of the appended data, however any such transformation
- MUST NOT result in a loss of data.
-
- If the destination mailbox does not support the storage of binary
- content, the server MUST fail the request and issue a "NO" response
- that contains the "UNKNOWN-CTE" extended response code.
-
-5. MIME Encoded Headers
-
- [MIME-MHE] defines an encoding that allows for non-US-ASCII text in
- message headers. This encoding is not the same as the content-
- transfer-encoding applied to message bodies, and the decoding
- transformations described in this memo do not apply to [MIME-MHE]
- encoded header text. A server MUST NOT perform any conversion of
- [MIME-MHE] encoded header text in response to any binary FETCH or
- APPEND request.
-
-6. Implementation Considerations
-
- Messaging clients and servers have been notoriously lax in their
- adherence to the Internet CRLF convention for terminating lines of
- textual data in Internet protocols. When sending data using the
- Binary extension, servers MUST ensure that textual line-oriented
- sections are always transmitted using the IMAP4 CRLF line termination
- syntax, regardless of the underlying storage representation of the
- data on the server.
-
- A server may choose to store message body binary content in a non-
- encoded format. Regardless of the internal storage representation
- used, the server MUST issue BODYSTRUCTURE responses that describe the
- message as though the binary-encoded sections are encoded in a CTE
-
-
-
-
-
-Nerenberg Standards Track [Page 4]
-
-RFC 3516 IMAP4 Binary Content Extension April 2003
-
-
- acceptable to the IMAP4 base specification. Furthermore, the results
- of a FETCH BODY MUST return the message body content in the format
- described by the corresponding FETCH BODYSTRUCTURE response.
-
- While the server is allowed to modify the CTE of APPENDed <literal8>
- data, this should only be done when it is absolutely necessary.
- Gratuitous encoding changes will render useless most cryptographic
- operations that have been performed on the message.
-
- This extension provides an optimization that is useful in certain
- specific situations. It does not absolve clients from providing
- basic functionality (content transfer decoding) that should be
- available in all messaging clients. Clients supporting this
- extension SHOULD be prepared to perform their own CTE decoding
- operations.
-
-7. Formal Protocol Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (ABNF) notation as used in [ABNF], and incorporates by reference
- the Core Rules defined in that document.
-
- This syntax augments the grammar specified in [IMAP4rev1].
-
- append =/ "APPEND" SP mailbox [SP flag-list]
- [SP date-time] SP literal8
-
- fetch-att =/ "BINARY" [".PEEK"] section-binary [partial]
- / "BINARY.SIZE" section-binary
-
- literal8 = "~{" number "}" CRLF *OCTET
- ; <number> represents the number of OCTETs
- ; in the response string.
-
- msg-att-static =/ "BINARY" section-binary SP (nstring / literal8)
- / "BINARY.SIZE" section-binary SP number
-
- partial = "<" number "." nz-number ">"
-
- resp-text-code =/ "UNKNOWN-CTE"
-
- section-binary = "[" [section-part] "]"
-
-
-
-
-
-
-
-
-
-Nerenberg Standards Track [Page 5]
-
-RFC 3516 IMAP4 Binary Content Extension April 2003
-
-
-8. Normative References
-
- [ABNF] Crocker, D., Editor, and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 2234, November 1997.
-
- [IMAP4rev1] Crispin, M., "Internet Message Access Protocol Version
- 4rev1", RFC 3501, March 2003.
-
- [KEYWORD] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [MIME-IMB] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
- Extensions (MIME) Part One: Format of Internet Message
- Bodies", RFC 2045, November 1996.
-
- [MIME-MHE] Moore, K., "MIME (Multipurpose Internet Mail Extensions)
- Part Three: Message Header Extensions for Non-ASCII
- Text", RFC 2047, November 1996.
-
-9. Security Considerations
-
- There are no known additional security issues with this extension
- beyond those described in the base protocol described in [IMAP4rev1].
-
-10. Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- intellectual property or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; neither does it represent that it
- has made any effort to identify any such rights. Information on the
- IETF's procedures with respect to rights in standards-track and
- standards-related documentation can be found in BCP-11. Copies of
- claims of rights made available for publication and any assurances of
- licenses to be made available, or the result of an attempt made to
- obtain a general license or permission for the use of such
- proprietary rights by implementors or users of this specification can
- be obtained from the IETF Secretariat.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights which may cover technology that may be required to practice
- this standard. Please address the information to the IETF Executive
- Director.
-
-
-
-
-
-
-Nerenberg Standards Track [Page 6]
-
-RFC 3516 IMAP4 Binary Content Extension April 2003
-
-
-11. Author's Address
-
- Lyndon Nerenberg
- Orthanc Systems
- 1606 - 10770 Winterburn Road
- Edmonton, Alberta
- Canada T5S 1T6
-
- EMail: lyndon@orthanc.ab.ca
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Nerenberg Standards Track [Page 7]
-
-RFC 3516 IMAP4 Binary Content Extension April 2003
-
-
-12. Full Copyright Statement
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assigns.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Nerenberg Standards Track [Page 8]
-
diff --git a/imap/docs/rfc/rfc3656.txt b/imap/docs/rfc/rfc3656.txt
deleted file mode 100644
index 6c0ab5b1..00000000
--- a/imap/docs/rfc/rfc3656.txt
+++ /dev/null
@@ -1,1067 +0,0 @@
-
-
-
-
-
-
-Network Working Group R. Siemborski
-Request for Comments: 3656 Carnegie Mellon University
-Category: Experimental December 2003
-
-
- The Mailbox Update (MUPDATE)
- Distributed Mailbox Database Protocol
-
-Status of this Memo
-
- This memo defines an Experimental Protocol for the Internet
- community. It does not specify an Internet standard of any kind.
- Discussion and suggestions for improvement are requested.
- Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
-Abstract
-
- As the demand for high-performance mail delivery agents increases, it
- becomes apparent that single-machine solutions are inadequate to the
- task, both because of capacity limits and that the failure of the
- single machine means a loss of mail delivery for all users. It is
- preferable to allow many machines to share the responsibility of mail
- delivery.
-
- The Mailbox Update (MUPDATE) protocol allows a group of Internet
- Message Access Protocol (IMAP) or Post Office Protocol - Version 3
- (POP3) servers to function with a unified mailbox namespace. This
- document is intended to serve as a reference guide to that protocol.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 1]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-Table of Contents
-
- 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
- 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 3
- 2.1. Atoms . . . . . . . . . . . . . . . . . . . . . . . . . 4
- 2.2. Strings . . . . . . . . . . . . . . . . . . . . . . . . 4
- 3. Server Responses . . . . . . . . . . . . . . . . . . . . . . 4
- 3.1. Response: OK . . . . . . . . . . . . . . . . . . . . . 5
- 3.2. Response: NO . . . . . . . . . . . . . . . . . . . . . 5
- 3.3. Response: BAD . . . . . . . . . . . . . . . . . . . . . 5
- 3.4. Response: BYE . . . . . . . . . . . . . . . . . . . . . 6
- 3.5. Response: RESERVE . . . . . . . . . . . . . . . . . . . 6
- 3.6. Response: MAILBOX . . . . . . . . . . . . . . . . . . . 6
- 3.7. Response: DELETE . . . . . . . . . . . . . . . . . . . 7
- 3.8. Server Capability Response. . . . . . . . . . . . . . . 7
- 4. Client Commands . . . . . . . . . . . . . . . . . . . . . . . 8
- 4.1. Command: ACTIVATE . . . . . . . . . . . . . . . . . . . 8
- 4.2. Command: AUTHENTICATE . . . . . . . . . . . . . . . . . 8
- 4.3. Command: DEACTIVATE . . . . . . . . . . . . . . . . . . 9
- 4.4. Command: DELETE . . . . . . . . . . . . . . . . . . . . 9
- 4.5. Command: FIND . . . . . . . . . . . . . . . . . . . . . 9
- 4.6. Command: LIST . . . . . . . . . . . . . . . . . . . . . 10
- 4.7. Command: LOGOUT . . . . . . . . . . . . . . . . . . . . 10
- 4.8. Command: NOOP . . . . . . . . . . . . . . . . . . . . . 10
- 4.9. Command: RESERVE. . . . . . . . . . . . . . . . . . . . 10
- 4.10. Command: STARTTLS . . . . . . . . . . . . . . . . . . . 11
- 4.11. Command: UPDATE . . . . . . . . . . . . . . . . . . . . 12
- 5. MUPDATE Formal Syntax . . . . . . . . . . . . . . . . . . . . 12
- 6. MUPDATE URL Scheme. . . . . . . . . . . . . . . . . . . . . . 14
- 6.1. MUPDATE URL Scheme Registration Form. . . . . . . . . . 14
- 7. Security Considerations . . . . . . . . . . . . . . . . . . . 15
- 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
- 9. Intellectual Property Rights. . . . . . . . . . . . . . . . . 16
- 10. References. . . . . . . . . . . . . . . . . . . . . . . . . . 17
- 10.1. Normative References. . . . . . . . . . . . . . . . . . 17
- 10.2. Informative References. . . . . . . . . . . . . . . . . 17
- 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 18
- 12. Author's Address. . . . . . . . . . . . . . . . . . . . . . . 18
- 13. Full Copyright Statement. . . . . . . . . . . . . . . . . . . 19
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 2]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-1. Introduction
-
- In order to support an architecture where there are multiple [IMAP,
- POP3] servers sharing a common mailbox database, it is necessary to
- be able to provide atomic mailbox operations, as well as offer
- sufficient guarantees about database consistency.
-
- The primary goal of the MUPDATE protocol is to be simple to implement
- yet allow for database consistency between participants.
-
- The key words "MUST, "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
- "RECOMMENDED", and "MAY" in this document are to be interpreted as
- defined in BCP 14, RFC 2119 [KEYWORDS].
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
-2. Protocol Overview
-
- The MUPDATE protocol assumes a reliable data stream such as a TCP
- network connection. IANA has registered port 3905 with a short name
- of "mupdate" for this purpose.
-
- In the current implementation of the MUPDATE protocol there are three
- types of participants: a single master server, slave (or replica)
- servers, and clients. The master server maintains an authoritative
- copy of the mailbox database. Slave servers connect to the MUPDATE
- master server as clients, and function as replicas from the point of
- view of end clients. End clients may connect to either the master or
- any slave and perform searches against the database, however
- operations that change the database can only be performed against the
- master. For the purposes of protocol discussion we will consider a
- slave's connection to the master identical to that of any other
- client.
-
- After connection, all commands from a client to server must have an
- associated unique tag which is an alphanumeric string. Commands MAY
- be pipelined from the client to the server (that is, the client need
- not wait for the response before sending the next command). The
- server MUST execute the commands in the order they were received,
- however.
-
- If the server supports an inactivity login timeout, it MUST be at
- least 15 minutes.
-
-
-
-
-
-
-
-Siemborski Experimental [Page 3]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- MUPDATE uses data formats similar to those used in [ACAP]. That is,
- atoms and strings. All commands and tags in the protocol are
- transmitted as atoms. All other data is considered to a string, and
- must be quoted or transmitted as a literal.
-
- Outside of a literal, both clients and servers MUST support line
- lengths of at least 1024 octets (including the trailing CR and LF
- characters). If a line of a longer length must be transmitted,
- implementations MUST make use of literals to do so.
-
-2.1. Atoms
-
- An atom consists of one or more alphanumeric characters. Atoms MUST
- be less than 15 octets in length.
-
-2.2. Strings
-
- As in [ACAP], a string may be either literal or a quoted string. A
- literal is a sequence of zero or more octets (including CR and LF),
- prefix-quoted with an octet count in the form of an open brace ("{"),
- the number of octets, an optional plus sign to indicate that the data
- follows immediately (a non-synchronized literal), a close brace
- ("}"), and a CRLF sequence. If the plus sign is omitted (a
- synchronized literal), then the receiving side MUST send a "+ go
- ahead" response, and the sending side MUST wait for this response.
- Servers MUST support literals of atleast 4096 octets.
-
- Strings that are sent from server to client SHOULD NOT be in the
- synchronized literal format.
-
- A quoted string is a sequence of zero or more 7-bit characters,
- excluding CR, LF, and the double quote (<">), with double quote
- characters at each end.
-
- The empty string is represented as either "" (a quoted string with
- zero characters between double quotes) or as {0} followed by CRLF (a
- literal with an octet count of 0).
-
-3. Server Responses
-
- Every client command in the MUPDATE protocol may receive one or more
- tagged responses from the server. Each response is preceded by the
- same tag as the command that elicited the response from the server.
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 4]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-3.1. Response: OK
-
- A tagged OK response indicates that the operation completed
- successfully. There is a mandatory implementation-defined string
- after the OK response. This response also indicates the beginning of
- the streaming update mode when given in response to an UPDATE
- command.
-
- Example:
-
-C: N01 NOOP
-S: N01 OK "NOOP Complete"
-
-3.2. Response: NO
-
- A tagged NO response indicates that the operation was explicitly
- denied by the server or otherwise failed. There is a mandatory
- implementation-defined string after the NO response that SHOULD
- explain the reason for denial.
-
- Example:
-
-C: A01 AUTHENTICATE "PLAIN"
-S: A01 NO "PLAIN is not a supported SASL mechanism"
-
-3.3. Response: BAD
-
- A tagged BAD response indicates that the command from the client
- could not be parsed or understood. There is a mandatory
- implementation-defined string after the BAD response to provide
- additional information about the error. Note that untagged BAD
- responses are allowed if it is unclear what the tag for a given
- command is (for example, if a blank line is received by the mupdate
- server, it can generate an untagged BAD response). In the case of an
- untagged response, the tag should be replaced with a "*".
-
- Example:
-
-C: C01 SELECT "INBOX"
-S: C01 BAD "This is not an IMAP server"
-C:
-S: * BAD "Need Command"
-
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 5]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-3.4. Response: BYE
-
- A tagged BYE response indicates that the server has decided to close
- the connection. There is a mandatory implementation-defined string
- after the BYE response that SHOULD explain the reason for closing the
- connection. The server MUST close the connection immediately after
- transmitting the BYE response.
-
- Example:
-
-C: L01 LOGOUT
-S: L01 BYE "User Logged Out"
-
-3.5. Response: RESERVE
-
- A tagged RESERVE response may only be given in response to a FIND,
- LIST, or UPDATE command. It includes two parameters: the name of the
- mailbox that is being reserved (in mUTF-7 encoding, as specified in
- [IMAP]) and a location string whose contents is defined by the
- clients that are using the database, though it is RECOMMENDED that
- the format of this string be the hostname of the server which is
- storing the mailbox.
-
- This response indicates that the given name is no longer available in
- the namespace, though it does not indicate that the given mailbox is
- available to clients at the current time.
-
- Example:
-
-S: U01 RESERVE "internet.bugtraq" "mail2.example.org"
-
-3.6. Response: MAILBOX
-
- A tagged MAILBOX response may only be given in response to a FIND,
- LIST, or UPDATE command. It includes three parameters: the name of
- the mailbox, a location string (as with RESERVE), and a client-
- defined string that specifies the IMAP ACL [IMAP-ACL] of the mailbox.
- This message indicates that the given mailbox is ready to be accessed
- by clients.
-
- Example:
-
-S: U01 MAILBOX "internet.bugtraq" "mail2.example.org" "anyone rls"
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 6]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-3.7. Response: DELETE
-
- A tagged DELETE response may only be given in response to an UPDATE
- command, and MUST NOT be given before the OK response to the UPDATE
- command is given. It contains a single parameter, that of the
- mailbox that should be deleted from the slave's database. This
- response indicates that the given mailbox no longer exists in the
- namespace of the database, and may be given for any mailbox name,
- active, reserved, or nonexistent. (Though implementations SHOULD NOT
- issue DELETE responses for nonexistent mailboxes).
-
- Example:
-
-S: U01 DELETE "user.rjs3.sent-mail-jan-2002"
-
-3.8. Server Capability Response
-
- Upon connection of the client to the server, and directly following a
- successful STARTTLS command, the server MUST issue a capabilities
- banner, of the following format:
-
- The banner MUST contain a line that begins with "* AUTH" and contain
- a space-separated list of SASL mechanisms that the server will accept
- for authentication. The mechanism names are transmitted as atoms.
- Servers MAY advertise no available mechanisms (to indicate that
- STARTTLS must be completed before authentication may occur). If
- STARTTLS is not supported by the server, then the line MUST contain
- at least one mechanism.
-
- If the banner is being issued without a TLS layer, and the server
- supports the STARTTLS command, the banner MUST contain the line "*
- STARTTLS". If the banner is being issued under a TLS layer (or the
- server does not support STARTTLS), the banner MUST NOT contain this
- line.
-
- The last line of the banner MUST start with "* OK MUPDATE" and be
- followed by four strings: the server's hostname, an implementation-
- defined string giving the name of the implementation, an
- implementation-defined string giving the version of the
- implementation, and a string that indicates if the server is a master
- or a slave. The master/slave indication MUST be either "(master)" or
- an MUPDATE URL that defines where the master can be contacted.
-
- Any unrecognized responses before the "* OK MUPDATE" response MUST be
- ignored by the client.
-
-
-
-
-
-
-Siemborski Experimental [Page 7]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- Example:
-
-S: * AUTH KERBEROS_V4 GSSAPI
-S: * STARTTLS
-S: * OK MUPDATE "mupdate.example.org" "Cyrus" "v2.1.2" "(master)"
-
-4. Client Commands
-
- The following are valid commands that a client may send to the
- MUPDATE server: AUTHENTICATE, ACTIVATE, DEACTIVATE, DELETE, FIND,
- LIST, LOGOUT, NOOP, RESERVE, STARTTLS, and UPDATE.
-
- Before a successful AUTHENTICATE command has occurred, the server
- MUST NOT accept any commands except for AUTHENTICATE, STARTTLS, and
- LOGOUT (and SHOULD reply with a NO response for all other commands).
-
-4.1. Command: ACTIVATE
-
- The ACTIVATE command has 3 parameters: the mailbox name, its
- location, and its ACL. This command MUST NOT not be issued to a
- slave server.
-
- This command can also be used to update the ACL or location
- information of a mailbox. Note that it is not a requirement for a
- mailbox to be reserved (or even exist in the database) for an
- ACTIVATE command to succeed, implementations MUST allow this behavior
- as it facilitates synchronization of the database with the current
- state of the mailboxes.
-
-4.2. Command: AUTHENTICATE
-
- The AUTHENTICATE command initiates a [SASL] negotiation session
- between the client and the server. It has two parameters. The first
- parameter is mandatory, and is a string indicating the desired [SASL]
- mechanism. The second is a string containing an optional BASE64
- encoded (as defined in section 6.8 of [MIME]) client first send.
-
- All of the remaining SASL blobs that are sent MUST be sent across the
- wire must be in BASE64 encoded format, and followed by a CR and LF
- combination. They MUST NOT be encoded as strings.
-
- Clients may cancel authentication by sending a * followed by a CR and
- LF.
-
- The [SASL] service name for the MUPDATE protocol is "mupdate".
- Implementations are REQUIRED to implement the GSSAPI [SASL]
- mechanism, though they SHOULD implement as many mechanisms as
- possible.
-
-
-
-Siemborski Experimental [Page 8]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- If a security layer is negotiated, it should be used directly
- following the CR and LF combination at the end of the server's OK
- response (i.e., beginning with the client's next command) Only one
- successful AUTHENTICATE command may be issued per session.
-
-4.3. Command: DEACTIVATE
-
- The DEACTIVATE command takes two parameters, the mailbox name and
- location data. The mailbox MUST already exist and be activated on
- the MUPDATE server. If the server responds OK, then the mailbox name
- has been moved to the RESERVE state. If the server responds NO, then
- the mailbox name has not been moved (for example, the mailbox was not
- already active). Any ACL information that is known about the mailbox
- MAY be lost when a DEACTIVATE succeeds. This command MUST NOT be
- issued to a slave.
-
- Example:
-
-C: A01 DEACTIVATE "user.rjs3.new" "mail3.example.org!u4"
-S: A01 OK "Mailbox Reserved."
-
-4.4. Command: DELETE
-
- The DELETE command takes only a single parameter, the mailbox name to
- be removed from the database's namespace. The server SHOULD give a
- NO response if the mailbox does not exist. This command MUST NOT be
- issued to a slave server.
-
-4.5. Command: FIND
-
- The FIND command takes a single parameter, a mailbox name. The
- server then responds with the current record for the given mailbox,
- if any, and an OK response.
-
- Example (mailbox does not exist):
-
-C: F01 FIND "user.rjs3.xyzzy"
-S: F01 OK "Search Complete"
-
- Example (mailbox is reserved):
-
-C: F01 FIND "user.rjs3"
-S: F01 RESERVE "user.rjs3" "mail4.example.org"
-S: F01 OK "Search Complete"
-
-
-
-
-
-
-
-Siemborski Experimental [Page 9]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-4.6. Command: LIST
-
- The LIST command is similar to running FIND across the entire
- database. The LIST command takes a single optional parameter, which
- is a prefix to try to match against the location field of the
- records. Without the parameter, LIST returns every record in the
- database.
-
- For each mailbox that matches, either a MAILBOX or a RESERVE response
- (as applicable) is sent to the client. When all responses are
- complete, an OK response is issued.
-
- Example:
-
-C: L01 LIST
-S: L01 RESERVE "user.rjs3" "mail4.example.org!u2"
-S: L01 MAILBOX "user.leg" "mail2.example.org!u1" "leg lrswipcda"
-S: L01 OK "List Complete"
-C: L02 LIST "mail4.example.org!"
-S: L02 RESERVE "user.rjs3" "mail4.example.org!u2"
-S: L02 OK "List Complete"
-
-4.7. Command: LOGOUT
-
- The LOGOUT command tells the server to close the connection. Its
- only valid response is the BYE response. The LOGOUT command takes no
- parameters.
-
-4.8. Command: NOOP
-
- The NOOP command takes no parameters. Provided the client is
- authenticated, its only acceptable response is an OK. Any idle
- timeouts that the server may have on the connection SHOULD be reset
- upon receipt of this command.
-
- If this command is issued after an UPDATE command has been issued,
- then the OK response also indicates that all pending database updates
- have been sent to the client. That is, the slave can guarantee that
- its local database is up to date as of a certain time by issuing a
- NOOP and waiting for the OK. The OK MUST NOT return until all
- updates that were pending at the time of the NOOP have been sent.
-
-4.9. Command: RESERVE
-
- The RESERVE command takes two parameters (just like the RESERVE
- response), the mailbox name to reserve and location data. If the
- server responds OK, then the mailbox name has been reserved. If the
- server responds NO, then the mailbox name has not been reserved (for
-
-
-
-Siemborski Experimental [Page 10]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- example, another server has reserved it already). This command MUST
- NOT be issued to a slave.
-
- The typical sequence for mailbox creation is:
-
-C: R01 RESERVE "user.rjs3.new" "mail3.example.org!u4"
-S: R01 OK "Mailbox Reserved."
-<client does local mailbox create operations>
-C: A01 ACTIVATE "user.rjs3.new" "mail3.example.org!u4" "rjs3 lrswipcda"
-S: A01 OK "Mailbox Activated."
-
-4.10. Command: STARTTLS
-
- The STARTTLS command requests the commencement of a [TLS]
- negotiation. The negotiation begins immediately after the CRLF in
- the OK response. After a client issues a STARTTLS command, it MUST
- NOT issue further commands until a server response is seen and the
- [TLS] negotiation is complete.
-
- The STARTTLS command is only valid in non-authenticated state. The
- server remains in non-authenticated state, even if client credentials
- are supplied during the [TLS] negotiation. The [SASL] EXTERNAL
- mechanism MAY be used to authenticate once [TLS] client credentials
- are successfully exchanged. Note that servers are not required to
- support the EXTERNAL mechanism.
-
- After the [TLS] layer is established, the server MUST re-issue the
- initial response banner (see Section 3.8). This is necessary to
- protect against man-in-the-middle attacks which alter the
- capabilities list prior to STARTTLS, as well as to advertise any new
- SASL mechanisms (or other capabilities) that may be available under
- the layer. The client MUST discard cached capability information and
- replace it with the new information.
-
- After the a successful STARTTLS command, the server SHOULD return a
- NO response to additional STARTTLS commands.
-
- Servers MAY choose to not implement STARTTLS. In this case, they
- MUST NOT advertise STARTTLS in their capabilities banner, and SHOULD
- return a BAD response to the STARTTLS command, if it is issued.
-
- Example:
-
-C: S01 STARTTLS
-S: S01 OK "Begin TLS negotiation now"
-<TLS negotiation, further commands are under TLS layer>
-S: * AUTH KERBEROS_V4 GSSAPI PLAIN
-S: * OK MUPDATE "mupdate.example.org" "Cyrus" "v2.1.2" "(master)"
-
-
-
-Siemborski Experimental [Page 11]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-4.11. Command: UPDATE
-
- The UPDATE command is how a slave initializes an update stream from
- the master (though it is also valid to issue this command to a
- slave). In response to the command, the server returns a list of all
- mailboxes in its database (the same results as a parameterless LIST
- command) followed by an OK response. From this point forward,
- whenever an update occurs to the master database, it MUST stream the
- update to the slave within 30 seconds. That is, it will send
- RESERVE, MAILBOX, or DELETE responses as they are applicable.
-
- After a client has issued an UPDATE command, it may only issue NOOP
- and LOGOUT commands for the remainder of the session.
-
- Example:
-
-C: U01 UPDATE
-S: U01 MAILBOX "user.leg" "mail2.example.org!u1" "leg lrswipcda"
-S: U01 MAILBOX "user.rjs3" "mail3.example.org!u4" "rjs3 lrswipcda"
-S: U01 RESERVE "internet.bugtraq" "mail1.example.org!u5" "anyone lrs"
-S: U01 OK "Streaming Begins"
-<some time goes by, and another client creates a new mailbox>
-S: U01 RESERVE "user.leg.new" "mail2.example.org!u1"
-<some more time passes, and the create succeeds>
-S: U01 MAILBOX "user.leg.new" "mail2.example.org!u1" "leg lrswipcda"
-<much more time passes, and the slave decides to send a NOOP to reset
-its inactivity timer>
-C: N01 NOOP
-S: U01 DELETE "user.leg.new"
-S: N01 OK "NOOP Complete"
-
-5. MUPDATE Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF]. This uses the ABNF core
- rules as specified in Appendix A of [ABNF].
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lower case characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- Note that this specification also uses some terminals from section 8
- of [ACAP].
-
- cmd-activate = "ACTIVATE" SP string SP string SP string
-
- cmd-authenticate = "AUTHENTICATE" SP sasl-mech [ SP string ]
-
-
-
-Siemborski Experimental [Page 12]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- cmd-delete = "DELETE" SP string
-
- cmd-find = "FIND" SP string
-
- cmd-list = "LIST" [ SP string ]
-
- cmd-logout = "LOGOUT"
-
- cmd-noop = "NOOP"
-
- cmd-reserve = "RESERVE" SP string SP string
-
- cmd-starttls = "STARTTLS"
-
- cmd-update = "UPDATE"
-
- command = tag SP command-type CRLF
-
- command-type = cmd-activate / cmd-authenticate / cmd-delete /
- cmd-find / cmd-list / cmd-logout / cmd-noop /
- cmd-reserve / cmd-starttls / cmd-update
-
- response = tag SP response-type CRLF
-
- response-type = rsp-ok / rsp-no / rsp-bad / rsp-bye / rsp-mailbox /
- rsp-reserve / rsp-delete
-
- rsp-bad = "BAD" SP string
-
- rsp-bye = "BYE" SP string
-
- rsp-mailbox = "MAILBOX" SP string SP string SP string
-
- rsp-no = "NO" SP string
-
- rsp-ok = "OK" SP string
-
- rsp-reserve = "RESERVE" SP string SP string
-
- rsp-delete = "DELETE" SP string
-
- sasl-mech = 1*ATOM-CHAR
- ; ATOM-CHAR is defined in [ACAP]
-
- string = quoted / literal
- ; quoted and literal are defined in [ACAP]
-
-
-
-
-
-Siemborski Experimental [Page 13]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- tag = 1*ATOM-CHAR
- ; ATOM-CHAR is defined in [ACAP]
-
-6. MUPDATE URL Scheme
-
- This document defines the a URL scheme for the purposes of
- referencing MUPDATE resources, according to the requirements in
- [RFC2717]. This includes both MUPDATE servers as a whole, along with
- individual mailbox entries on a given MUPDATE server.
-
- There is no MIME type associated with these resources. It is
- intended that a URL consumer would either retrieve the MUPDATE record
- in question, or simply connect to the MUPDATE server running on the
- specified host. Note that the consumer will need to have
- authentication credentials for the specified host.
-
- The MUPDATE URL scheme is similar to the IMAP URL scheme [IMAP-URL].
- However, it only takes one of two possible forms:
-
- mupdate://<iserver>/
- mupdate://<iserver>/<mailbox>
-
- The first form refers to a MUPDATE server as a whole, the second form
- indicates both the server and a mailbox to run a FIND against once
- authenticated to the server. Note that part of <iserver> may include
- username and authentication information along with a hostname and
- port.
-
-6.1. MUPDATE URL Scheme Registration Form
-
- URL scheme name: "mupdate"
-
- URL scheme syntax:
-
- This defines the MUPDATE URL Scheme in [ABNF]. Terminals from the
- BNF of IMAP URLs [IMAP-URL] are also used.
-
- mupdateurl = "mupdate://" iserver "/" [ enc_mailbox ]
- ; iserver and enc_mailbox are as defined in [IMAP-URL]
-
- Character encoding considerations:
-
- Identical to those described in [IMAP-URL] for the appropriate
- terminals.
-
-
-
-
-
-
-
-Siemborski Experimental [Page 14]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- Intended Usage:
-
- The form of the URL without an associated mailbox is intended to
- designate a MUPDATE server only. If a mailbox name is included in
- the URL, then the consumer is expected to execute a FIND command
- for that mailbox on the specified server.
-
- Applications and/or protocols which use this URL scheme name:
-
- The protocol described in this document.
-
- Interoperability Considerations:
-
- None.
-
- Security Considerations:
-
- Users of the MUPDATE URL Scheme should review the security
- considerations that are discussed in [IMAP-URL]. In particular,
- the consequences of including authentication mechanism information
- in a URL should be reviewed.
-
- Relevant Publications:
-
- This document and [IMAP-URL].
-
- Author, Change Controller, and Contact for Further Information:
-
- Author of this document.
-
-7. Security Considerations
-
- While no unauthenticated users may make modifications or even perform
- searches on the database, it is important to note that this
- specification assumes no protections of any type for authenticated
- users.
-
- All authenticated users have complete access to the database. For
- this reason it is important to ensure that accounts that are making
- use of the database are well secured.
-
- A more secure deployment might have all read only access go through a
- slave, and only have accounts which need write access use the master.
- This has the disadvantage of a marginally longer time for updates to
- reach the clients.
-
-
-
-
-
-
-Siemborski Experimental [Page 15]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
- The protocol assumes that all authenticated users are cooperating to
- maintain atomic operations. Therefore, all new mailboxes SHOULD be
- RESERVEd before they are ACTIVATEd, despite the fact that the
- protocol does not require this, and it is therefore possible for a
- set of participants which do not obey the provided locking to create
- an inconsistent database. RESERVEing the mailbox first is not
- required to perform an activate because this behavior simplifies
- synchronization with the actual location of the mailboxes.
-
-8. IANA Considerations
-
- The IANA has assigned TCP port number 3905 to "mupdate".
-
- The IANA has registered a URL scheme for the MUPDATE protocol, as
- defined in section 6.1 of this document.
-
- IANA has registered a GSSAPI service name of "mupdate" for the
- MUPDATE protocol in the registry maintained at:
-
- http://www.iana.org/assignments/gssapi-service-names
-
-9. Intellectual Property Rights
-
- The IETF takes no position regarding the validity or scope of any
- intellectual property or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; neither does it represent that it
- has made any effort to identify any such rights. Information on the
- IETF's procedures with respect to rights in standards-track and
- standards-related documentation can be found in BCP-11. Copies of
- claims of rights made available for publication and any assurances of
- licenses to be made available, or the result of an attempt made to
- obtain a general license or permission for the use of such
- proprietary rights by implementors or users of this specification can
- be obtained from the IETF Secretariat.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights which may cover technology that may be required to practice
- this standard. Please address the information to the IETF Executive
- Director.
-
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 16]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-10. References
-
-10.1. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [IMAP] Crispin, M., "Internet Message Access Protocol - Version
- 4", RFC 3501, March 2003.
-
- [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 2234, November 1997.
-
- [MIME] Freed, N. and N. Bornstein, "Multipurpose Internet Mail
- Extensions (MIME) Part One: Format of Internet Message
- Bodies", RFC 2045, November 1996.
-
- [IMAP-ACL] Myers, J., "IMAP4 ACL extension", RFC 2086, January 1997.
-
- [SASL] Myers, J., "Simple Authentication and Security Layer
- (SASL)", RFC 2222, October 1997.
-
- [IMAP-URL] Newman, C., "IMAP URL Scheme", RFC 2192, September 1997.
-
- [ACAP] Newman, C. and J. Myers, "ACAP -- Application
- Configuration Access Protocol", RFC 2244, November 1997.
-
- [TLS] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
- RFC 2246, January 1999.
-
-10.2. Informative References
-
- [POP3] Myers, J. and M. Rose, "Post Office Protocol - Version
- 3", STD 53, RFC 1939, May 1996.
-
- [RFC2717] Petke, R. and I. King, "Registration Procedures for URL
- Scheme Names", BCP 35, RFC 2717, November 1999.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 17]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-11. Acknowledgments
-
- Lawrence Greenfield and Ken Murchison, for a great deal of input on
- both the protocol and the text of the documents.
-
-12. Author's Address
-
- Robert Siemborski
- Carnegie Mellon, Andrew Systems Group
- Cyert Hall 207
- 5000 Forbes Avenue
- Pittsburgh, PA 15213
-
- Phone: (412) 268-7456
- EMail: rjs3+@andrew.cmu.edu
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 18]
-
-RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003
-
-
-13. Full Copyright Statement
-
- Copyright (C) The Internet Society (2003). All Rights Reserved.
-
- This document and translations of it may be copied and furnished to
- others, and derivative works that comment on or otherwise explain it
- or assist in its implementation may be prepared, copied, published
- and distributed, in whole or in part, without restriction of any
- kind, provided that the above copyright notice and this paragraph are
- included on all such copies and derivative works. However, this
- document itself may not be modified in any way, such as by removing
- the copyright notice or references to the Internet Society or other
- Internet organizations, except as needed for the purpose of
- developing Internet standards in which case the procedures for
- copyrights defined in the Internet Standards process must be
- followed, or as required to translate it into languages other than
- English.
-
- The limited permissions granted above are perpetual and will not be
- revoked by the Internet Society or its successors or assignees.
-
- This document and the information contained herein is provided on an
- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski Experimental [Page 19]
-
diff --git a/imap/docs/rfc/rfc3691.txt b/imap/docs/rfc/rfc3691.txt
deleted file mode 100644
index 2f4e9b44..00000000
--- a/imap/docs/rfc/rfc3691.txt
+++ /dev/null
@@ -1,283 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov
-Request for Comments: 3691 Isode Ltd.
-Category: Standards Track February 2004
-
-
- Internet Message Access Protocol (IMAP) UNSELECT command
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2004). All Rights Reserved.
-
-Abstract
-
- This document defines an UNSELECT command that can be used to close
- the current mailbox in an Internet Message Access Protocol - version
- 4 (IMAP4) session without expunging it. Certain types of IMAP
- clients need to release resources associated with the selected
- mailbox without selecting a different mailbox. While IMAP4 provides
- this functionality (via a SELECT command with a nonexistent mailbox
- name or reselecting the same mailbox with EXAMINE command), a more
- clean solution is desirable.
-
-Table of Contents
-
- 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
- 2. UNSELECT command . . . . . . . . . . . . . . . . . . . . . . . 2
- 3. Security Considerations. . . . . . . . . . . . . . . . . . . . 3
- 4. Formal Syntax. . . . . . . . . . . . . . . . . . . . . . . . . 3
- 5. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 3
- 6. Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . . 3
- 7. Normative References . . . . . . . . . . . . . . . . . . . . . 4
- 8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 4
- 9. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 5
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 1]
-
-RFC 3691 IMAP UNSELECT command February 2004
-
-
-1. Introduction
-
- Certain types of IMAP clients need to release resources associated
- with the selected mailbox without selecting a different mailbox.
- While [IMAP4] provides this functionality (via a SELECT command with
- a nonexistent mailbox name or reselecting the same mailbox with
- EXAMINE command), a more clean solution is desirable.
-
- [IMAP4] defines the CLOSE command that closes the selected mailbox as
- well as permanently removes all messages with the \Deleted flag set.
-
- However [IMAP4] lacks a command that simply closes the mailbox
- without expunging it. This document defines the UNSELECT command for
- this purpose.
-
- A server which supports this extension indicates this with a
- capability name of "UNSELECT".
-
- "C:" and "S:" in examples show lines sent by the client and server
- respectively.
-
- The keywords "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in
- this document when typed in uppercase are to be interpreted as
- defined in "Key words for use in RFCs to Indicate Requirement Levels"
- [KEYWORDS].
-
-2. UNSELECT Command
-
- Arguments: none
-
- Responses: no specific responses for this command
-
- Result: OK - unselect completed, now in authenticated state
- BAD - no mailbox selected, or argument supplied but
- none permitted
-
- The UNSELECT command frees server's resources associated with the
- selected mailbox and returns the server to the authenticated
- state. This command performs the same actions as CLOSE, except
- that no messages are permanently removed from the currently
- selected mailbox.
-
- Example: C: A341 UNSELECT
- S: A341 OK Unselect completed
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 2]
-
-RFC 3691 IMAP UNSELECT command February 2004
-
-
-3. Security Considerations
-
- It is believed that this extension doesn't raise any additional
- security concerns not already discussed in [IMAP4].
-
-4. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF]. Non-terminals
- referenced but not defined below are as defined by [IMAP4].
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lower case characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- command-select /= "UNSELECT"
-
-5. IANA Considerations
-
- IMAP4 capabilities are registered by publishing a standards track or
- IESG approved experimental RFC. The registry is currently located
- at:
-
- http://www.iana.org/assignments/imap4-capabilities
-
- This document defines the UNSELECT IMAP capabilities. IANA has added
- this capability to the registry.
-
-6. Acknowledgments
-
- UNSELECT command was originally implemented by Tim Showalter in Cyrus
- IMAP server.
-
- Also, the author of the document would like to thank Vladimir Butenko
- and Mark Crispin for reminding that UNSELECT has to be documented.
- Also thanks to Simon Josefsson for pointing out that there are
- multiple ways to implement UNSELECT.
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 3]
-
-RFC 3691 IMAP UNSELECT command February 2004
-
-
-7. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [IMAP4] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 3501, March 2003.
-
- [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 2234, November 1997.
-
-8. Author's Address
-
- Alexey Melnikov
- Isode Limited
- 5 Castle Business Village
- Hampton, Middlesex TW12 2BX
-
- EMail: Alexey.Melnikov@isode.com
- URI: http://www.melnikov.ca/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 4]
-
-RFC 3691 IMAP UNSELECT command February 2004
-
-
-9. Full Copyright Statement
-
- Copyright (C) The Internet Society (2004). This document is subject
- to the rights, licenses and restrictions contained in BCP 78 and
- except as set forth therein, the authors retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
- REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE
- INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR
- IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed
- to pertain to the implementation or use of the technology
- described in this document or the extent to which any license
- under such rights might or might not be available; nor does it
- represent that it has made any independent effort to identify any
- such rights. Information on the procedures with respect to
- rights in RFC documents can be found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use
- of such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository
- at http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention
- any copyrights, patents or patent applications, or other
- proprietary rights that may cover technology that may be required
- to implement this standard. Please address the information to the
- IETF at ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 5]
-
diff --git a/imap/docs/rfc/rfc4314.txt b/imap/docs/rfc/rfc4314.txt
deleted file mode 100644
index e73a56f2..00000000
--- a/imap/docs/rfc/rfc4314.txt
+++ /dev/null
@@ -1,1515 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov
-Request for Comments: 4314 Isode Ltd.
-Obsoletes: 2086 December 2005
-Category: Standards Track
-
-
- IMAP4 Access Control List (ACL) Extension
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2005).
-
-Abstract
-
- The Access Control List (ACL) extension (RFC 2086) of the Internet
- Message Access Protocol (IMAP) permits mailbox access control lists
- to be retrieved and manipulated through the IMAP protocol.
-
- This document is a revision of RFC 2086. It defines several new
- access control rights and clarifies which rights are required for
- different IMAP commands.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 1]
-
-RFC 4314 IMAP ACL December 2005
-
-
-Table of Contents
-
- 1. Introduction and Overview .......................................3
- 1.1. Conventions Used in This Document ..........................3
- 2. Access Control ..................................................3
- 2.1. Standard Rights ............................................5
- 2.1.1. Obsolete Rights .....................................5
- 2.2. Rights Defined in RFC 2086 .................................8
- 3. Access control management commands and responses ................8
- 3.1. SETACL Command .............................................8
- 3.2. DELETEACL Command ..........................................9
- 3.3. GETACL Command ............................................10
- 3.4. LISTRIGHTS Command ........................................10
- 3.5. MYRIGHTS Command ..........................................11
- 3.6. ACL Response ..............................................11
- 3.7. LISTRIGHTS Response .......................................12
- 3.8. MYRIGHTS Response .........................................12
- 4. Rights Required to Perform Different IMAP4rev1 Commands ........12
- 5. Other Considerations ...........................................17
- 5.1. Additional Requirements and Implementation Notes ..........17
- 5.1.1. Servers ............................................17
- 5.1.2. Clients ............................................18
- 5.2. Mapping of ACL Rights to READ-WRITE and READ-ONLY
- Response Codes ............................................19
- 6. Security Considerations ........................................20
- 7. Formal Syntax ..................................................21
- 8. IANA Considerations ............................................22
- 9. Internationalization Considerations ............................22
- Appendix A. Changes since RFC 2086 ................................23
- Appendix B. Compatibility with RFC 2086 ...........................24
- Appendix C. Known Deficiencies ....................................24
- Appendix D. Acknowledgements ......................................25
- Normative References ..............................................25
- Informative References ............................................25
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 2]
-
-RFC 4314 IMAP ACL December 2005
-
-
-1. Introduction and Overview
-
- The ACL (Access Control List) extension of the Internet Message
- Access Protocol [IMAP4] permits mailbox access control lists to be
- retrieved and manipulated through the IMAP protocol.
-
- This document is a revision of RFC 2086 [RFC2086]. It tries to
- clarify different ambiguities in RFC 2086, in particular, the use of
- UTF-8 [UTF-8] in access identifiers, which rights are required for
- different IMAP4 commands, and how READ-WRITE/READ-ONLY response codes
- are related to ACL.
-
-1.1. Conventions Used in This Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively.
-
- In all examples "/" character is used as hierarchy separator.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in RFC 2119 [KEYWORDS].
-
- The phrase "ACL server" is just a shortcut for saying "IMAP server
- that supports ACL extension as defined in this document".
-
-2. Access Control
-
- The ACL extension is present in any IMAP4 implementation that returns
- "ACL" as one of the supported capabilities to the CAPABILITY command.
-
- A server implementation conformant to this document MUST also return
- rights (see below) not defined in Section 2.2 in the "RIGHTS="
- capability.
-
- An access control list is a set of <access identifier,rights> pairs.
- An ACL applies to a mailbox name.
-
- Access identifier (or just "identifier") is a UTF-8 [UTF-8] string.
- The identifier "anyone" is reserved to refer to the universal
- identity (all authentications, including anonymous). All user name
- strings accepted by the LOGIN or AUTHENTICATE commands to
- authenticate to the IMAP server are reserved as identifiers for the
- corresponding users. Identifiers starting with a dash ("-") are
- reserved for "negative rights", described below. All other
- identifier strings are interpreted in an implementation-defined
- manner.
-
-
-
-
-Melnikov Standards Track [Page 3]
-
-RFC 4314 IMAP ACL December 2005
-
-
- Rights is a string listing a (possibly empty) set of alphanumeric
- characters, each character listing a set of operations that is being
- controlled. Lowercase letters are reserved for "standard" rights,
- listed in Section 2.1. (Note that for compatibility with deployed
- clients and servers uppercase rights are not allowed.) The set of
- standard rights can only be extended by a standards-track document.
- Digits are reserved for implementation- or site-defined rights.
-
- An implementation MAY tie rights together or MAY force rights to
- always or never be granted to particular identifiers. For example,
- in an implementation that uses UNIX mode bits, the rights "swite" are
- tied, the "a" right is always granted to the owner of a mailbox and
- is never granted to another user. If rights are tied in an
- implementation, the implementation must be conservative in granting
- rights in response to SETACL commands--unless all rights in a tied
- set are specified, none of that set should be included in the ACL
- entry for that identifier. A client can discover the set of rights
- that may be granted to a given identifier in the ACL for a given
- mailbox name by using the LISTRIGHTS command.
-
- It is possible for multiple identifiers in an access control list to
- apply to a given user. For example, an ACL may include rights to be
- granted to the identifier matching the user, one or more
- implementation-defined identifiers matching groups that include the
- user, and/or the identifier "anyone". How these rights are combined
- to determine the user's access is implementation defined. An
- implementation may choose, for example, to use the union of the
- rights granted to the applicable identifiers. An implementation may
- instead choose, for example, to use only those rights granted to the
- most specific identifier present in the ACL. A client can determine
- the set of rights granted to the logged-in user for a given mailbox
- name by using the MYRIGHTS command.
-
- When an identifier in an ACL starts with a dash ("-"), that indicates
- that associated rights are to be removed from the identifier prefixed
- by the dash. This is referred to as a "negative right". This
- differs from DELETEACL in that a negative right is added to the ACL
- and is a part of the calculation of the rights.
-
- Let's assume that an identifier "fred" refers to a user with login
- "fred". If the identifier "-fred" is granted the "w" right, that
- indicates that the "w" right is to be removed from users matching the
- identifier "fred", even though the user "fred" might have the "w"
- right as a consequence of some other identifier in the ACL. A
- DELETEACL of "fred" simply deletes the identifier "fred" from the
- ACL; it does not affect any rights that the user "fred" may get from
- another entry in the ACL, in particular it doesn't affect rights
- granted to the identifier "-fred".
-
-
-
-Melnikov Standards Track [Page 4]
-
-RFC 4314 IMAP ACL December 2005
-
-
- Server implementations are not required to support "negative right"
- identifiers.
-
-2.1. Standard Rights
-
- The currently defined standard rights are (note that the list below
- doesn't list all commands that use a particular right):
-
- l - lookup (mailbox is visible to LIST/LSUB commands, SUBSCRIBE
- mailbox)
- r - read (SELECT the mailbox, perform STATUS)
- s - keep seen/unseen information across sessions (set or clear
- \SEEN flag via STORE, also set \SEEN during APPEND/COPY/
- FETCH BODY[...])
- w - write (set or clear flags other than \SEEN and \DELETED via
- STORE, also set them during APPEND/COPY)
- i - insert (perform APPEND, COPY into mailbox)
- p - post (send mail to submission address for mailbox,
- not enforced by IMAP4 itself)
- k - create mailboxes (CREATE new sub-mailboxes in any
- implementation-defined hierarchy, parent mailbox for the new
- mailbox name in RENAME)
- x - delete mailbox (DELETE mailbox, old mailbox name in RENAME)
- t - delete messages (set or clear \DELETED flag via STORE, set
- \DELETED flag during APPEND/COPY)
- e - perform EXPUNGE and expunge as a part of CLOSE
- a - administer (perform SETACL/DELETEACL/GETACL/LISTRIGHTS)
-
-2.1.1. Obsolete Rights
-
- Due to ambiguity in RFC 2086, some existing RFC 2086 server
- implementations use the "c" right to control the DELETE command.
- Others chose to use the "d" right to control the DELETE command. For
- the former group, let's define the "create" right as union of the "k"
- and "x" rights, and the "delete" right as union of the "e" and "t"
- rights. For the latter group, let's define the "create" rights as a
- synonym to the "k" right, and the "delete" right as union of the "e",
- "t", and "x" rights.
-
- For compatibility with RFC 2086, this section defines two virtual
- rights "d" and "c".
-
- If a client includes the "d" right in a rights list, then it MUST be
- treated as if the client had included every member of the "delete"
- right. (It is not an error for a client to specify both the "d"
- right and one or more members of the "delete" right, but the effect
- is no different than if just the "d" right or all members of the
- "delete" right had been specified.)
-
-
-
-Melnikov Standards Track [Page 5]
-
-RFC 4314 IMAP ACL December 2005
-
-
- When any of the "delete" member rights is set in a list of rights,
- the server MUST also include the "d" right when returning the list in
- a MYRIGHTS or ACL response. This is to enable older clients
- conforming to RFC 2086 to work with newer servers. (*)
-
- Example: C: A001 SeTacl INBOX/Drafts David lrswida
- S: A001 OK Setacl complete
-
- The client has specified the "d" right in the SETACL command above
- and it expands to "et" on the server:
-
- C: A002 getacl INBOX/Drafts
- S: * ACL INBOX Fred rwipslxcetda David lrswideta
- S: A002 OK Getacl complete
-
- If the identifier specified in the LISTRIGHTS command can be granted
- any of the "delete" member rights on a mailbox, then the server MUST
- include the "d" right in the corresponding LISTRIGHTS response. (*)
- If the member rights aren't tied to non-member rights, then the "d"
- right is returned by itself in the LISTRIGHTS response. If any of
- the member rights needs to be tied to one (or more) non-member right,
- then the "d" right and all of the member rights need to be tied to
- the same non-member right(s) (**).
-
- If a client includes the "c" right in a rights list, then it MUST be
- treated as if the client had included every member of the "create"
- right. (It is not an error for a client to specify both the "c"
- right and one or more members of the "create" right, but the effect
- is no different than if just the "c" right or all members of the
- "create" right had been specified.)
-
- When any of the "create" member rights is set in a list of rights,
- the server MUST also include the "c" right when returning the list in
- a MYRIGHTS or ACL response. This is to enable older clients
- conforming to RFC 2086 to work with newer servers. (*)
-
- Example: C: A003 Setacl INBOX/Drafts Byron lrswikda
- S: A001 OK Setacl complete
- C: A002 getAcl INBOX/Drafts
- S: * ACL INBOX Fred rwipslxcetda Byron lrswikcdeta
- S: A002 OK Getacl complete
-
- The client has specified the "d" right in the SETACL command above
- and it expands to "et" on the server: As the client has specified the
- "k" right (which is a member of the "c" right), the server also
- returns the "c" right.
-
-
-
-
-
-Melnikov Standards Track [Page 6]
-
-RFC 4314 IMAP ACL December 2005
-
-
- If the identifier specified in the LISTRIGHTS command can be granted
- any of the "create" member rights on a mailbox, then the server MUST
- include the "c" right in the corresponding LISTRIGHTS response. (*)
- If the member rights aren't tied to non-member rights, then the "c"
- right is returned by itself in the LISTRIGHTS response. If any of
- the member rights needs to be tied to one (or more) non-member right,
- then the "c" right and all of the member rights need to be tied to
- the same non-member right(s) (**).
-
- Example: The server that ties the rights as follows:
-
- lr s w i p k x t
-
- and c=k
-
- will return:
-
- S: * LISTRIGHTS archive/imap anyone ""
- lr s w i p k x t c d
-
- Example: The server that ties the rights as follows:
-
- lr s w i p k xte
-
- and c=k
-
- will return:
-
- S: * LISTRIGHTS archive/imap anyone ""
- lr s w i p k xte c d
-
- Example: The server that ties the rights as follows:
-
- lr s w i p k x te
-
- and c=k
-
- will return:
-
- S: * LISTRIGHTS archive/imap anyone ""
- lr s w i p k c x te d
-
- Example: The server that ties the rights as follows:
-
- lr swte i p k x
-
- and c=kx
-
-
-
-
-Melnikov Standards Track [Page 7]
-
-RFC 4314 IMAP ACL December 2005
-
-
- will return:
-
- S: * LISTRIGHTS archive/imap anyone ""
- lr swted i p k x c
-
- (*) Clients conforming to this document MUST ignore the virtual "d"
- and "c" rights in MYRIGHTS, ACL, and LISTRIGHTS responses.
-
- (**) The IMAPEXT Working Group has debated this issue in great length
- and after reviewing existing ACL implementations concluded that
- this is a reasonable restriction.
-
-2.2. Rights Defined in RFC 2086
-
- The "RIGHTS=" capability MUST NOT include any of the rights defined
- in RFC 2086: "l", "r", "s", "w", "i", "p", "a", "c", "d", and the
- digits ("0" .. "9").
-
-3. Access control management commands and responses
-
- Servers, when processing a command that has an identifier as a
- parameter (i.e., any of SETACL, DELETEACL, and LISTRIGHTS commands),
- SHOULD first prepare the received identifier using "SASLprep" profile
- [SASLprep] of the "stringprep" algorithm [Stringprep]. If the
- preparation of the identifier fails or results in an empty string,
- the server MUST refuse to perform the command with a BAD response.
- Note that Section 6 recommends additional identifier's verification
- steps.
-
-3.1. SETACL Command
-
- Arguments: mailbox name
- identifier
- access right modification
-
- Data: no specific data for this command
-
- Result: OK - setacl completed
- NO - setacl failure: can't set acl
- BAD - arguments invalid
-
- The SETACL command changes the access control list on the specified
- mailbox so that the specified identifier is granted permissions as
- specified in the third argument.
-
- The third argument is a string containing an optional plus ("+") or
- minus ("-") prefix, followed by zero or more rights characters. If
- the string starts with a plus, the following rights are added to any
-
-
-
-Melnikov Standards Track [Page 8]
-
-RFC 4314 IMAP ACL December 2005
-
-
- existing rights for the identifier. If the string starts with a
- minus, the following rights are removed from any existing rights for
- the identifier. If the string does not start with a plus or minus,
- the rights replace any existing rights for the identifier.
-
- Note that an unrecognized right MUST cause the command to return the
- BAD response. In particular, the server MUST NOT silently ignore
- unrecognized rights.
-
- Example: C: A001 GETACL INBOX/Drafts
- S: * ACL INBOX/Drafts Fred rwipslxetad Chris lrswi
- S: A001 OK Getacl complete
- C: A002 SETACL INBOX/Drafts Chris +cda
- S: A002 OK Setacl complete
- C: A003 GETACL INBOX/Drafts
- S: * ACL INBOX/Drafts Fred rwipslxetad Chris lrswicdakxet
- S: A003 OK Getacl complete
-
-
- C: A035 SETACL INBOX/Drafts John lrQswicda
- S: A035 BAD Uppercase rights are not allowed
-
-
- C: A036 SETACL INBOX/Drafts John lrqswicda
- S: A036 BAD The q right is not supported
-
-3.2. DELETEACL Command
-
- Arguments: mailbox name
- identifier
-
- Data: no specific data for this command
-
- Result: OK - deleteacl completed
- NO - deleteacl failure: can't delete acl
- BAD - arguments invalid
-
- The DELETEACL command removes any <identifier,rights> pair for the
- specified identifier from the access control list for the specified
- mailbox.
-
- Example: C: B001 getacl INBOX
- S: * ACL INBOX Fred rwipslxetad -Fred wetd $team w
- S: B001 OK Getacl complete
- C: B002 DeleteAcl INBOX Fred
- S: B002 OK Deleteacl complete
-
-
-
-
-
-Melnikov Standards Track [Page 9]
-
-RFC 4314 IMAP ACL December 2005
-
-
- C: B003 GETACL INBOX
- S: * ACL INBOX -Fred wetd $team w
- S: B003 OK Getacl complete
-
-3.3. GETACL Command
-
- Arguments: mailbox name
-
- Data: untagged responses: ACL
-
- Result: OK - getacl completed
- NO - getacl failure: can't get acl
- BAD - arguments invalid
-
- The GETACL command returns the access control list for mailbox in an
- untagged ACL response.
-
- Some implementations MAY permit multiple forms of an identifier to
- reference the same IMAP account. Usually, such implementations will
- have a canonical form that is stored internally. An ACL response
- caused by a GETACL command MAY include a canonicalized form of the
- identifier that might be different from the one used in the
- corresponding SETACL command.
-
- Example: C: A002 GETACL INBOX
- S: * ACL INBOX Fred rwipsldexta
- S: A002 OK Getacl complete
-
-3.4. LISTRIGHTS Command
-
- Arguments: mailbox name
- identifier
-
- Data: untagged responses: LISTRIGHTS
-
- Result: OK - listrights completed
- NO - listrights failure: can't get rights list
- BAD - arguments invalid
-
- The LISTRIGHTS command takes a mailbox name and an identifier and
- returns information about what rights can be granted to the
- identifier in the ACL for the mailbox.
-
- Some implementations MAY permit multiple forms of an identifier to
- reference the same IMAP account. Usually, such implementations will
- have a canonical form that is stored internally. A LISTRIGHTS
-
-
-
-
-
-Melnikov Standards Track [Page 10]
-
-RFC 4314 IMAP ACL December 2005
-
-
- response caused by a LISTRIGHTS command MUST always return the same
- form of an identifier as specified by the client. This is to allow
- the client to correlate the response with the command.
-
- Example: C: a001 LISTRIGHTS ~/Mail/saved smith
- S: * LISTRIGHTS ~/Mail/saved smith la r swicdkxte
- S: a001 OK Listrights completed
-
- Example: C: a005 listrights archive/imap anyone
- S: * LISTRIGHTS archive.imap anyone ""
- l r s w i p k x t e c d a 0 1 2 3 4 5 6 7 8 9
- S: a005 Listrights successful
-
-3.5. MYRIGHTS Command
-
- Arguments: mailbox name
-
- Data: untagged responses: MYRIGHTS
-
- Result: OK - myrights completed
- NO - myrights failure: can't get rights
- BAD - arguments invalid
-
- The MYRIGHTS command returns the set of rights that the user has to
- mailbox in an untagged MYRIGHTS reply.
-
- Example: C: A003 MYRIGHTS INBOX
- S: * MYRIGHTS INBOX rwiptsldaex
- S: A003 OK Myrights complete
-
-3.6. ACL Response
-
- Data: mailbox name
- zero or more identifier rights pairs
-
- The ACL response occurs as a result of a GETACL command. The first
- string is the mailbox name for which this ACL applies. This is
- followed by zero or more pairs of strings; each pair contains the
- identifier for which the entry applies followed by the set of rights
- that the identifier has.
-
- Section 2.1.1 details additional server requirements related to
- handling of the virtual "d" and "c" rights.
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 11]
-
-RFC 4314 IMAP ACL December 2005
-
-
-3.7. LISTRIGHTS Response
-
- Data: mailbox name
- identifier
- required rights
- list of optional rights
-
- The LISTRIGHTS response occurs as a result of a LISTRIGHTS command.
- The first two strings are the mailbox name and identifier for which
- this rights list applies. Following the identifier is a string
- containing the (possibly empty) set of rights the identifier will
- always be granted in the mailbox.
-
- Following this are zero or more strings each containing a set of
- rights the identifier can be granted in the mailbox. Rights
- mentioned in the same string are tied together. The server MUST
- either grant all tied rights to the identifier in the mailbox or
- grant none. Section 2.1.1 details additional server requirements
- related to handling of the virtual "d" and "c" rights.
-
- The same right MUST NOT be listed more than once in the LISTRIGHTS
- command.
-
-3.8. MYRIGHTS Response
-
- Data: mailbox name
- rights
-
- The MYRIGHTS response occurs as a result of a MYRIGHTS command. The
- first string is the mailbox name for which these rights apply. The
- second string is the set of rights that the client has.
-
- Section 2.1.1 details additional server requirements related to
- handling of the virtual "d" and "c" rights.
-
-4. Rights Required to Perform Different IMAP4rev1 Commands
-
- Before executing a command, an ACL-compliant server MUST check which
- rights are required to perform it. This section groups command by
- functions they perform and list the rights required. It also gives
- the detailed description of any special processing required.
-
- For the purpose of this section the UID counterpart of a command is
- considered to be the same command, e.g., both UID COPY and COPY
- commands require the same set of rights.
-
-
-
-
-
-
-Melnikov Standards Track [Page 12]
-
-RFC 4314 IMAP ACL December 2005
-
-
- The table below summarizes different rights or their combinations
- that are required in order to perform different IMAP operations. As
- it is not always possible to express complex right checking and
- interactions, the description after the table should be used as the
- primary reference.
-
- +-------------------+---+---+---+---+---+---+---+---+---+---+---+---+
- |Operations\Rights | l | r | s | w | i | k | x | t | e | a |Any|Non|
- +-------------------+---+---+---+---+---+---+---+---+---+---+---+---+
- | commands in authenticated state |
- +-------------------------------------------------------------------+
- | LIST | + | | | | | | | | | | | |
- | SUBSCRIBE | * | | | | | | | | | | | * |
- | UNSUBSCRIBE | | | | | | | | | | | | + |
- | LSUB | * | | | | | | | | | | | * |
- |CREATE (for parent)| | | | | | + | | | | | | |
- | DELETE | | ? | | | | | + | ? | ? | | | |
- | RENAME | | | | | | + | + | | | | | |
- | SELECT/EXAMINE | | + | | | | | | | | | | |
- | STATUS | | + | | | | | | | | | | |
- | SETACL/DELETEACL | | | | | | | | | | + | | |
- | GETACL/LISTRIGHTS | | | | | | | | | | + | | |
- | MYRIGHTS | | | | | | | | | | | + | |
- | APPEND | | | ? | ? | + | | | ? | | | | |
- +-------------------------------------------------------------------+
- | commands in selected state |
- +-------------------------------------------------------------------+
- | COPY | | | ? | ? | + | | | ? | | | | |
- | EXPUNGE | | | | | | | | | + | | | |
- | CLOSE | | | | | | | | | ? | | | |
- | FETCH | | | ? | | | | | | | | | |
- | STORE flags | | | ? | ? | | | | ? | | | | |
- +-------------------+---+---+---+---+---+---+---+---+---+---+---+---+
-
- Note: for all commands in the selected state, the "r" is implied,
- because it is required to SELECT/EXAMINE a mailbox. Servers are not
- required to check presence of the "r" right once a mailbox is
- successfully selected.
-
- Legend:
- + - The right is required
- * - Only one of the rights marked with * is required
- (see description below)
- ? - The right is OPTIONAL (see description below)
- "Any" - at least one of the "l", "r", "i", "k", "x", "a" rights is
- required
- "Non" - No rights required to perform the command
-
-
-
-
-Melnikov Standards Track [Page 13]
-
-RFC 4314 IMAP ACL December 2005
-
-
- Listing and subscribing/unsubscribing mailboxes:
- LIST - "l" right is required. However, unlike other commands
- (e.g., SELECT) the server MUST NOT return a NO response if it
- can't list a mailbox.
- Note that if the user has "l" right to a mailbox "A/B", but not to
- its parent mailbox "A", the LIST command should behave as if the
- mailbox "A" doesn't exist, for example:
-
- C: A777 LIST "" *
- S: * LIST (\NoInferiors) "/" "A/B"
- S: * LIST () "/" "C"
- S: * LIST (\NoInferiors) "/" "C/D"
- S: A777 OK LIST completed
-
-
- SUBSCRIBE - "l" right is required only if the server checks for
- mailbox existence when performing SUBSCRIBE.
-
- UNSUBSCRIBE - no rights required to perform this operation.
-
- LSUB - "l" right is required only if the server checks for mailbox
- existence when performing SUBSCRIBE. However, unlike other
- commands (e.g., SELECT) the server MUST NOT return a NO response
- if it can't list a subscribed mailbox.
-
- Mailbox management:
- CREATE - "k" right on a nearest existing parent mailbox. When a
- new mailbox is created, it SHOULD inherit the ACL from the parent
- mailbox (if one exists) in the defined hierarchy.
-
- DELETE - "x" right on the mailbox. Note that some servers don't
- allow to delete a non-empty mailbox. If this is the case, the
- user would also need "r", "e", and "t" rights, in order to open
- the mailbox and empty it.
-
- The DELETE command MUST delete the ACL associated with the deleted
- mailbox.
-
- RENAME - Moving a mailbox from one parent to another requires the
- "x" right on the mailbox itself and the "k" right for the new
- parent. For example, if the user wants to rename the mailbox
- named "A/B/C" to "D/E", the user must have the "x" right for the
- mailbox "A/B/C" and the "k" right for the mailbox "D".
- The RENAME command SHOULD NOT change the ACLs on the renamed
- mailbox and submailboxes.
-
-
-
-
-
-
-Melnikov Standards Track [Page 14]
-
-RFC 4314 IMAP ACL December 2005
-
-
- Copying or appending messages:
- Before performing a COPY/APPEND command, the server MUST check if
- the user has "i" right for the target mailbox. If the user
- doesn't have "i" right, the operation fails. Otherwise for each
- copied/appended message the server MUST check if the user has
- "t" right - when the message has \Deleted flag set
- "s" right - when the message has \Seen flag set
- "w" right - for all other message flags.
- Only when the user has a particular right are the corresponding
- flags stored for the newly created message. The server MUST NOT
- fail a COPY/APPEND if the user has no rights to set a particular
- flag.
-
- Example: C: A003 MYRIGHTS TargetMailbox
- S: * MYRIGHTS TargetMailbox rwis
- S: A003 OK Myrights complete
-
- C: A004 FETCH 1:3 (FLAGS)
- S: * 1 FETCH (FLAGS (\Draft \Deleted)
- S: * 2 FETCH (FLAGS (\Answered)
- S: * 3 FETCH (FLAGS ($Forwarded \Seen)
- S: A004 OK Fetch Completed
-
- C: A005 COPY 1:3 TargetMailbox
- S: A005 OK Copy completed
-
- C: A006 SELECT TargetMailbox
- ...
- S: A006 Select Completed
-
- Let's assume that the copied messages received message numbers
- 77:79.
-
- C: A007 FETCH 77:79 (FLAGS)
- S: * 77 FETCH (FLAGS (\Draft))
- S: * 78 FETCH (FLAGS (\Answered))
- S: * 79 FETCH (FLAGS ($Forwarded \Seen))
- S: A007 OK Fetch Completed
-
- \Deleted flag was lost on COPY, as the user has no "t" right in
- the target mailbox.
- If the MYRIGHTS command with the tag A003 would have returned:
-
- S: * MYRIGHTS TargetMailbox rsti
-
- the response from the FETCH with the tag A007 would have been:
-
- C: A007 FETCH 77:79 (FLAGS)
-
-
-
-Melnikov Standards Track [Page 15]
-
-RFC 4314 IMAP ACL December 2005
-
-
- S: * 77 FETCH (FLAGS (\Deleted))
- S: * 78 FETCH (FLAGS ())
- S: * 79 FETCH (FLAGS (\Seen))
- S: A007 OK Fetch Completed
-
- In the latter case, \Answered, $Forwarded, and \Draft flags were
- lost on COPY, as the user has no "w" right in the target mailbox.
-
- Expunging the selected mailbox:
- EXPUNGE - "e" right on the selected mailbox.
-
- CLOSE - "e" right on the selected mailbox. If the server is
- unable to expunge the mailbox because the user doesn't have the
- "e" right, the server MUST ignore the expunge request, close the
- mailbox, and return the tagged OK response.
-
- Fetch information about a mailbox and its messages:
- SELECT/EXAMINE/STATUS - "r" right on the mailbox.
-
- FETCH - A FETCH request that implies setting \Seen flag MUST NOT
- set it, if the current user doesn't have "s" right.
-
- Changing flags:
- STORE - the server MUST check if the user has
- "t" right - when the user modifies \Deleted flag
- "s" right - when the user modifies \Seen flag
- "w" right - for all other message flags.
- STORE operation SHOULD NOT fail if the user has rights to modify
- at least one flag specified in the STORE, as the tagged NO
- response to a STORE command is not handled very well by deployed
- clients.
-
- Changing ACLs:
- SETACL/DELETEACL - "a" right on the mailbox.
-
- Reading ACLs:
- GETACL - "a" right on the mailbox.
-
- MYRIGHTS - any of the following rights is required to perform the
- operation: "l", "r", "i", "k", "x", "a".
-
- LISTRIGHTS - "a" right on the mailbox.
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 16]
-
-RFC 4314 IMAP ACL December 2005
-
-
-5. Other Considerations
-
-5.1. Additional Requirements and Implementation Notes
-
-5.1.1. Servers
-
- This document defines an additional capability that is used to
- announce the list of extra rights (excluding the ones defined in RFC
- 2086) supported by the server. The set of rights MUST include "t",
- "e", "x", and "k". Note that the extra rights can appear in any
- order.
-
- Example: C: 1 capability
- S: * CAPABILITY IMAP4REV1 STARTTLS LITERAL+
- ACL RIGHTS=texk
- S: 1 OK completed
-
- Any server implementing an ACL extension MUST accurately reflect the
- current user's rights in FLAGS and PERMANENTFLAGS responses.
-
- Example: C: A142 SELECT INBOX
- S: * 172 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 4392] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Seen \Answered \Flagged \*)] L
- S: A142 OK [READ-WRITE] SELECT completed
- C: A143 MYRIGHTS INBOX
- S: * MYRIGHTS INBOX lrwis
- S: A143 OK completed
-
- Note that in order to get better performance the client MAY pipeline
- SELECT and MYRIGHTS commands:
-
- C: A142 SELECT INBOX
- C: A143 MYRIGHTS INBOX
- S: * 172 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 4392] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Seen \Answered \Flagged \*)] L
- S: A142 OK [READ-WRITE] SELECT completed
- S: * MYRIGHTS INBOX lrwis
- S: A143 OK completed
-
-
-
-Melnikov Standards Track [Page 17]
-
-RFC 4314 IMAP ACL December 2005
-
-
- Servers MAY cache the rights a user has on a mailbox when the mailbox
- is selected, so that if a client's rights on a mailbox are changed
- with SETACL or DELETEACL, commands specific to the selected state
- (e.g., STORE, EXPUNGE) might not reflect the changed rights until the
- mailbox is re-selected. If the server checks the rights on each
- command, then it SHOULD send FLAGS and PERMANENTFLAGS responses if
- they have changed. If such server detects that the user no longer
- has read access to the mailbox, it MAY send an untagged BYE response
- and close connection. It MAY also refuse to execute all commands
- specific to the selected state until the mailbox is closed; however,
- server implementors should note that most clients don't handle NO
- responses very well.
-
- An ACL server MAY modify one or more ACLs for one or more identifiers
- as a side effect of modifying the ACL specified in a
- SETACL/DELETEACL. If the server does that, it MUST send untagged ACL
- response(s) to notify the client about the changes made.
-
- An ACL server implementation MUST treat received ACL modification
- commands as a possible ambiguity with respect to subsequent commands
- affected by the ACL, as described in Section 5.5 of [IMAP4]. Hence a
- pipeline SETACL + MYRIGHTS is an ambiguity with respect to the
- server, meaning that the server must execute the SETACL command to
- completion before the MYRIGHTS. However, clients are permitted to
- send such a pipeline.
-
-5.1.2. Clients
-
- The following requirement is put on clients in order to allow for
- future extensibility. A client implementation that allows a user to
- read and update ACLs MUST preserve unrecognized rights that it
- doesn't allow the user to change. That is, if the client
-
- 1) can read ACLs
- and
- 2) can update ACLs
- but
- 3) doesn't allow the user to change the rights the client doesn't
- recognize, then it MUST preserve unrecognized rights.
-
- Otherwise the client could risk unintentionally removing permissions
- it doesn't understand.
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 18]
-
-RFC 4314 IMAP ACL December 2005
-
-
-5.2. Mapping of ACL Rights to READ-WRITE and READ-ONLY Response Codes
-
- A particular ACL server implementation MAY allow "shared multiuser
- access" to some mailboxes. "Shared multiuser access" to a mailbox
- means that multiple different users are able to access the same
- mailbox, if they have proper access rights. "Shared multiuser
- access" to the mailbox doesn't mean that the ACL for the mailbox is
- currently set to allow access by multiple users. Let's denote a
- "shared multiuser write access" as a "shared multiuser access" when a
- user can be granted flag modification rights (any of "w", "s", or
- "t").
-
- Section 4 describes which rights are required for modifying different
- flags.
-
- If the ACL server implements some flags as shared for a mailbox
- (i.e., the ACL for the mailbox MAY be set up so that changes to those
- flags are visible to another user), let's call the set of rights
- associated with these flags (as described in Section 4) for that
- mailbox collectively as "shared flag rights". Note that the "shared
- flag rights" set MAY be different for different mailboxes.
-
- If the server doesn't support "shared multiuser write access" to a
- mailbox or doesn't implement shared flags on the mailbox, "shared
- flag rights" for the mailbox is defined to be the empty set.
-
- Example 1: Mailbox "banan" allows "shared multiuser write access" and
- implements flags \Deleted, \Answered, and $MDNSent as
- shared flags. "Shared flag rights" for the mailbox "banan"
- is a set containing flags "t" (because system flag
- \Deleted requires "t" right) and "w" (because both
- \Answered and $MDNSent require "w" right).
-
- Example 2: Mailbox "apple" allows "shared multiuser write access" and
- implements \Seen system flag as shared flag. "Shared flag
- rights" for the mailbox "apple" contains "s" right
- because system flag \Seen requires "s" right.
-
- Example 3: Mailbox "pear" allows "shared multiuser write access" and
- implements flags \Seen, \Draft as shared flags. "Shared
- flag rights" for the mailbox "apple" is a set containing
- flags "s" (because system flag \Seen requires "s" right)
- and "w" (because system flag \Draft requires "w" right).
-
- The server MUST include a READ-ONLY response code in the tagged OK
- response to a SELECT command if none of the following rights is
- granted to the current user:
-
-
-
-
-Melnikov Standards Track [Page 19]
-
-RFC 4314 IMAP ACL December 2005
-
-
- "i", "e", and "shared flag rights"(***).
-
- The server SHOULD include a READ-WRITE response code in the tagged OK
- response if at least one of the "i", "e", or "shared flag
- rights"(***) is granted to the current user.
-
- (***) Note that a future extension to this document can extend the
- list of rights that causes the server to return the READ-WRITE
- response code.
-
- Example 1 (continued): The user that has "lrs" rights for the mailbox
- "banan". The server returns READ-ONLY
- response code on SELECT, as none of "iewt"
- rights is granted to the user.
-
- Example 2 (continued): The user that has "rit" rights for the mailbox
- "apple". The server returns READ-WRITE
- response code on SELECT, as the user has "i"
- right.
-
- Example 3 (continued): The user that has "rset" rights for the
- mailbox "pear". The server returns READ-WRITE
- response code on SELECT, as the user has "e"
- and "s" rights.
-
-6. Security Considerations
-
- An implementation MUST make sure the ACL commands themselves do not
- give information about mailboxes with appropriately restricted ACLs.
- For example, when a user agent executes a GETACL command on a mailbox
- that the user has no permission to LIST, the server would respond to
- that request with the same error that would be used if the mailbox
- did not exist, thus revealing no existence information, much less the
- mailbox's ACL.
-
- IMAP clients implementing ACL that are able to modify ACLs SHOULD
- warn a user that wants to give full access (or even just the "a"
- right) to the special identifier "anyone".
-
- This document relies on [SASLprep] to describe steps required to
- perform identifier canonicalization (preparation). The preparation
- algorithm in SASLprep was specifically designed such that its output
- is canonical, and it is well-formed. However, due to an anomaly
- [PR29] in the specification of Unicode normalization, canonical
- equivalence is not guaranteed for a select few character sequences.
- Identifiers prepared with SASLprep can be stored and returned by an
- ACL server. The anomaly affects ACL manipulation and evaluation of
- identifiers containing the selected character sequences. These
-
-
-
-Melnikov Standards Track [Page 20]
-
-RFC 4314 IMAP ACL December 2005
-
-
- sequences, however, do not appear in well-formed text. In order to
- address this problem, an ACL server MAY reject identifiers containing
- sequences described in [PR29] by sending the tagged BAD response.
- This is in addition to the requirement to reject identifiers that
- fail SASLprep preparation as described in Section 3.
-
- Other security considerations described in [IMAP4] are relevant to
- this document. In particular, ACL information is sent in the clear
- over the network unless confidentiality protection is negotiated.
-
- This can be accomplished either by the use of STARTTLS, negotiated
- privacy protection in the AUTHENTICATE command, or some other
- protection mechanism.
-
-7. Formal Syntax
-
- Formal syntax is defined using ABNF [ABNF], extending the ABNF rules
- in Section 9 of [IMAP4]. Elements not defined here can be found in
- [ABNF] and [IMAP4].
-
- Except as noted otherwise, all alphabetic characters are case
- insensitive. The use of uppercase or lowercase characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- LOWER-ALPHA = %x61-7A ;; a-z
-
- acl-data = "ACL" SP mailbox *(SP identifier SP
- rights)
-
- capability =/ rights-capa
- ;;capability is defined in [IMAP4]
-
- command-auth =/ setacl / deleteacl / getacl /
- listrights / myrights
- ;;command-auth is defined in [IMAP4]
-
- deleteacl = "DELETEACL" SP mailbox SP identifier
-
- getacl = "GETACL" SP mailbox
-
- identifier = astring
-
- listrights = "LISTRIGHTS" SP mailbox SP identifier
-
- listrights-data = "LISTRIGHTS" SP mailbox SP identifier
- SP rights *(SP rights)
-
-
-
-
-Melnikov Standards Track [Page 21]
-
-RFC 4314 IMAP ACL December 2005
-
-
- mailbox-data =/ acl-data / listrights-data / myrights-data
- ;;mailbox-data is defined in [IMAP4]
-
- mod-rights = astring
- ;; +rights to add, -rights to remove
- ;; rights to replace
-
- myrights = "MYRIGHTS" SP mailbox
-
- myrights-data = "MYRIGHTS" SP mailbox SP rights
-
- new-rights = 1*LOWER-ALPHA
- ;; MUST include "t", "e", "x", and "k".
- ;; MUST NOT include standard rights listed
- ;; in section 2.2
-
- rights = astring
- ;; only lowercase ASCII letters and digits
- ;; are allowed.
-
- rights-capa = "RIGHTS=" new-rights
- ;; RIGHTS=... capability
-
- setacl = "SETACL" SP mailbox SP identifier
- SP mod-rights
-
-8. IANA Considerations
-
- IMAP4 capabilities are registered by publishing a standards-track or
- IESG-approved experimental RFC. The registry is currently located
- at:
-
- http://www.iana.org/assignments/imap4-capabilities
-
- This document defines the RIGHTS= IMAP capability. IANA has added
- this capability to the registry.
-
-9. Internationalization Considerations
-
- Section 3 states requirements on servers regarding
- internationalization of identifiers.
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 22]
-
-RFC 4314 IMAP ACL December 2005
-
-
-Appendix A. Changes since RFC 2086
-
- 1. Changed the charset of "identifier" from US-ASCII to UTF-8.
- 2. Specified that mailbox deletion is controlled by the "x" right
- and EXPUNGE is controlled by the "e" right.
- 3. Added the "t" right that controls STORE \Deleted. Redefined the
- "d" right to be a macro for "e", "t", and possibly "x".
- 4. Added the "k" right that controls CREATE. Redefined the "c"
- right to be a macro for "k" and possibly "x".
- 5. Specified that the "a" right also controls DELETEACL.
- 6. Specified that the "r" right also controls STATUS.
- 7. Removed the requirement to check the "r" right for CHECK, SEARCH
- and FETCH, as this is required for SELECT/EXAMINE to be
- successful.
- 8. LISTRIGHTS requires the "a" right on the mailbox (same as
- SETACL).
- 9. Deleted "PARTIAL", this is a deprecated feature of RFC 1730.
- 10. Specified that the "w" right controls setting flags other than
- \Seen and \Deleted on APPEND. Also specified that the "s" right
- controls the \Seen flag and that the "t" right controls the
- \Deleted flag.
- 11. Specified that SUBSCRIBE is NOT allowed with the "r" right.
- 12. Specified that the "l" right controls SUBSCRIBE.
- 13. GETACL is NOT allowed with the "r" right, even though there are
- several implementations that allows that. If a user only has
- "r" right, GETACL can disclose information about identifiers
- existing on the mail system.
- 14. Clarified that RENAME requires the "k" right for the new parent
- and the "x" right for the old name.
- 15. Added new section that describes which rights are required
- and/or checked when performing various IMAP commands.
- 16. Added mail client security considerations when dealing with
- special identifier "anyone".
- 17. Clarified that negative rights are not the same as DELETEACL.
- 18. Added "Compatibility with RFC 2086" section.
- 19. Added section about mapping of ACL rights to READ-WRITE and
- READ-ONLY response codes.
- 20. Changed BNF to ABNF.
- 21. Added "Implementation Notes" section.
- 22. Updated "References" section.
- 23. Added more examples.
- 24. Clarified when the virtual "c" and "d" rights are returned in
- ACL, MYRIGHTS, and LISTRIGHTS responses.
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 23]
-
-RFC 4314 IMAP ACL December 2005
-
-
-Appendix B. Compatibility with RFC 2086
-
- This non-normative section gives guidelines as to how an existing RFC
- 2086 server implementation may be updated to comply with this
- document.
-
- This document splits the "d" right into several new different rights:
- "t", "e", and possibly "x" (see Section 2.1.1 for more details). The
- "d" right remains for backward-compatibility, but it is a virtual
- right. There are two approaches for RFC 2086 server implementors to
- handle the "d" right and the new rights that have replaced it:
-
- a. Tie "t", "e" (and possibly "x) together - almost no changes.
- b. Implement separate "x", "t" and "e". Return the "d" right in a
- MYRIGHTS response or an ACL response containing ACL information
- when any of the "t", "e" (and "x") is granted.
-
- In a similar manner this document splits the "c" right into several
- new different rights: "k" and possibly "x" (see Section 2.1.1 for
- more details). The "c" right remains for backwards-compatibility but
- it is a virtual right. Again, RFC 2086 server implementors can
- choose to tie rights or to implement separate rights, as described
- above.
-
- Also check Sections 5.1.1 and 5.1.2, as well as Appendix A, to see
- other changes required. Server implementors should check which
- rights are required to invoke different IMAP4 commands as described
- in Section 4.
-
-Appendix C. Known Deficiencies
-
- This specification has some known deficiencies including:
-
- 1. This is inadequate to provide complete read-write access to
- mailboxes protected by Unix-style rights bits because there is no
- equivalent to "chown" and "chgrp" commands nor is there a good
- way to discover such limitations are present.
- 2. Because this extension leaves the specific semantics of how
- rights are combined by the server as implementation defined, the
- ability to build a user-friendly interface is limited.
- 3. Users, groups, and special identifiers (e.g., anyone) exist in
- the same namespace.
-
- The work-in-progress "ACL2" extension is intended to redesign this
- extension to address these deficiencies without the constraint of
- backward-compatibility and may eventually supercede this facility.
-
-
-
-
-
-Melnikov Standards Track [Page 24]
-
-RFC 4314 IMAP ACL December 2005
-
-
- However, RFC 2086 is deployed in multiple implementations so this
- intermediate step, which fixes the straightforward deficiencies in a
- backward-compatible fashion, is considered worthwhile.
-
-Appendix D. Acknowledgements
-
- This document is a revision of RFC 2086 written by John G. Myers.
-
- Editor appreciates comments received from Mark Crispin, Chris Newman,
- Cyrus Daboo, John G. Myers, Dave Cridland, Ken Murchison, Steve Hole,
- Vladimir Butenko, Larry Greenfield, Robert Siemborski, Harrie
- Hazewinkel, Philip Guenther, Brian Candler, Curtis King, Lyndon
- Nerenberg, Lisa Dusseault, Arnt Gulbrandsen, and other participants
- of the IMAPEXT working group.
-
-Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
- 10646", STD 63, RFC 3629, November 2003.
-
- [Stringprep] Hoffman, P. and M. Blanchet, "Preparation of
- Internationalized Strings ("stringprep")", RFC 3454,
- December 2002.
-
- [SASLprep] Zeilenga, K., "SASLprep: Stringprep Profile for User
- Names and Passwords", RFC 4013, February 2005.
-
-Informative References
-
- [RFC2086] Myers, J., "IMAP4 ACL extension", RFC 2086,
- January 1997.
-
- [PR29] "Public Review Issue #29: Normalization Issue",
- February 2004,
- <http://www.unicode.org/review/pr-29.html>.
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 25]
-
-RFC 4314 IMAP ACL December 2005
-
-
-Author's Address
-
- Alexey Melnikov
- Isode Ltd.
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex TW12 2BX
- GB
-
- EMail: alexey.melnikov@isode.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 26]
-
-RFC 4314 IMAP ACL December 2005
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2005).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at ietf-
- ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 27]
-
diff --git a/imap/docs/rfc/rfc4315.txt b/imap/docs/rfc/rfc4315.txt
deleted file mode 100644
index c026f422..00000000
--- a/imap/docs/rfc/rfc4315.txt
+++ /dev/null
@@ -1,451 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 4315 December 2005
-Obsoletes: 2359
-Category: Standards Track
-
-
- Internet Message Access Protocol (IMAP) - UIDPLUS extension
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2005).
-
-Abstract
-
- The UIDPLUS extension of the Internet Message Access Protocol (IMAP)
- provides a set of features intended to reduce the amount of time and
- resources used by some client operations. The features in UIDPLUS
- are primarily intended for disconnected-use clients.
-
-1. Introduction and Overview
-
- The UIDPLUS extension is present in any IMAP server implementation
- that returns "UIDPLUS" as one of the supported capabilities to the
- CAPABILITY command.
-
- The UIDPLUS extension defines an additional command. In addition,
- this document recommends new status response codes in IMAP that
- SHOULD be returned by all server implementations, regardless of
- whether or not the UIDPLUS extension is implemented.
-
- The added facilities of the features in UIDPLUS are optimizations;
- clients can provide equivalent functionality, albeit less
- efficiently, by using facilities in the base protocol.
-
-1.1. Conventions Used in This Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively.
-
-
-
-
-
-Crispin Standards Track [Page 1]
-
-RFC 4315 IMAP - UIDPLUS Extension December 2005
-
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "MAY", and "OPTIONAL" in this document are to
- be interpreted as described in [KEYWORDS].
-
- A "UID set" is similar to the [IMAP] sequence set; however, the "*"
- value for a sequence number is not permitted.
-
-2. Additional Commands
-
- The following command definition is an extension to [IMAP] section
- 6.4.
-
-2.1. UID EXPUNGE Command
-
- Arguments: sequence set
-
- Data: untagged responses: EXPUNGE
-
- Result: OK - expunge completed
- NO - expunge failure (e.g., permission denied)
- BAD - command unknown or arguments invalid
-
- The UID EXPUNGE command permanently removes all messages that both
- have the \Deleted flag set and have a UID that is included in the
- specified sequence set from the currently selected mailbox. If a
- message either does not have the \Deleted flag set or has a UID
- that is not included in the specified sequence set, it is not
- affected.
-
- This command is particularly useful for disconnected use clients.
- By using UID EXPUNGE instead of EXPUNGE when resynchronizing with
- the server, the client can ensure that it does not inadvertantly
- remove any messages that have been marked as \Deleted by other
- clients between the time that the client was last connected and
- the time the client resynchronizes.
-
- If the server does not support the UIDPLUS capability, the client
- should fall back to using the STORE command to temporarily remove
- the \Deleted flag from messages it does not want to remove, then
- issuing the EXPUNGE command. Finally, the client should use the
- STORE command to restore the \Deleted flag on the messages in
- which it was temporarily removed.
-
- Alternatively, the client may fall back to using just the EXPUNGE
- command, risking the unintended removal of some messages.
-
-
-
-
-
-
-Crispin Standards Track [Page 2]
-
-RFC 4315 IMAP - UIDPLUS Extension December 2005
-
-
- Example: C: A003 UID EXPUNGE 3000:3002
- S: * 3 EXPUNGE
- S: * 3 EXPUNGE
- S: * 3 EXPUNGE
- S: A003 OK UID EXPUNGE completed
-
-3. Additional Response Codes
-
- The following response codes are extensions to the response codes
- defined in [IMAP] section 7.1. With limited exceptions, discussed
- below, server implementations that advertise the UIDPLUS extension
- SHOULD return these response codes.
-
- In the case of a mailbox that has permissions set so that the client
- can COPY or APPEND to the mailbox, but not SELECT or EXAMINE it, the
- server SHOULD NOT send an APPENDUID or COPYUID response code as it
- would disclose information about the mailbox.
-
- In the case of a mailbox that has UIDNOTSTICKY status (as defined
- below), the server MAY omit the APPENDUID or COPYUID response code as
- it is not meaningful.
-
- If the server does not return the APPENDUID or COPYUID response
- codes, the client can discover this information by selecting the
- destination mailbox. The location of messages placed in the
- destination mailbox by COPY or APPEND can be determined by using
- FETCH and/or SEARCH commands (e.g., for Message-ID or some unique
- marker placed in the message in an APPEND).
-
- APPENDUID
-
- Followed by the UIDVALIDITY of the destination mailbox and the UID
- assigned to the appended message in the destination mailbox,
- indicates that the message has been appended to the destination
- mailbox with that UID.
-
- If the server also supports the [MULTIAPPEND] extension, and if
- multiple messages were appended in the APPEND command, then the
- second value is a UID set containing the UIDs assigned to the
- appended messages, in the order they were transmitted in the
- APPEND command. This UID set may not contain extraneous UIDs or
- the symbol "*".
-
- Note: the UID set form of the APPENDUID response code MUST NOT
- be used if only a single message was appended. In particular,
- a server MUST NOT send a range such as 123:123. This is
- because a client that does not support [MULTIAPPEND] expects
- only a single UID and not a UID set.
-
-
-
-Crispin Standards Track [Page 3]
-
-RFC 4315 IMAP - UIDPLUS Extension December 2005
-
-
- UIDs are assigned in strictly ascending order in the mailbox
- (refer to [IMAP], section 2.3.1.1) and UID ranges are as in
- [IMAP]; in particular, note that a range of 12:10 is exactly
- equivalent to 10:12 and refers to the sequence 10,11,12.
-
- This response code is returned in a tagged OK response to the
- APPEND command.
-
- COPYUID
-
- Followed by the UIDVALIDITY of the destination mailbox, a UID set
- containing the UIDs of the message(s) in the source mailbox that
- were copied to the destination mailbox and containing the UIDs
- assigned to the copied message(s) in the destination mailbox,
- indicates that the message(s) have been copied to the destination
- mailbox with the stated UID(s).
-
- The source UID set is in the order the message(s) were copied; the
- destination UID set corresponds to the source UID set and is in
- the same order. Neither of the UID sets may contain extraneous
- UIDs or the symbol "*".
-
- UIDs are assigned in strictly ascending order in the mailbox
- (refer to [IMAP], section 2.3.1.1) and UID ranges are as in
- [IMAP]; in particular, note that a range of 12:10 is exactly
- equivalent to 10:12 and refers to the sequence 10,11,12.
-
- This response code is returned in a tagged OK response to the COPY
- command.
-
- UIDNOTSTICKY
-
- The selected mailbox is supported by a mail store that does not
- support persistent UIDs; that is, UIDVALIDITY will be different
- each time the mailbox is selected. Consequently, APPEND or COPY
- to this mailbox will not return an APPENDUID or COPYUID response
- code.
-
- This response code is returned in an untagged NO response to the
- SELECT command.
-
- Note: servers SHOULD NOT have any UIDNOTSTICKY mail stores.
- This facility exists to support legacy mail stores in which it
- is technically infeasible to support persistent UIDs. This
- should be avoided when designing new mail stores.
-
-
-
-
-
-
-Crispin Standards Track [Page 4]
-
-RFC 4315 IMAP - UIDPLUS Extension December 2005
-
-
- Example: C: A003 APPEND saved-messages (\Seen) {297}
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@example.com>
- C: Subject: afternoon meeting
- C: To: mooch@example.com
- C: Message-Id: <B27397-0100000@example.com>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C:
- S: A003 OK [APPENDUID 38505 3955] APPEND completed
- C: A004 COPY 2:4 meeting
- S: A004 OK [COPYUID 38505 304,319:320 3956:3958] Done
- C: A005 UID COPY 305:310 meeting
- S: A005 OK No matching messages, so nothing copied
- C: A006 COPY 2 funny
- S: A006 OK Done
- C: A007 SELECT funny
- S: * 1 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 1] Message 1 is first unseen
- S: * OK [UIDVALIDITY 3857529045] Validity session-only
- S: * OK [UIDNEXT 2] Predicted next UID
- S: * NO [UIDNOTSTICKY] Non-persistent UIDs
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Deleted \Seen)] Limited
- S: A007 OK [READ-WRITE] SELECT completed
-
- In this example, A003 and A004 demonstrate successful appending and
- copying to a mailbox that returns the UIDs assigned to the messages.
- A005 is an example in which no messages were copied; this is because
- in A003, we see that message 2 had UID 304, and message 3 had UID
- 319; therefore, UIDs 305 through 310 do not exist (refer to section
- 2.3.1.1 of [IMAP] for further explanation). A006 is an example of a
- message being copied that did not return a COPYUID; and, as expected,
- A007 shows that the mail store containing that mailbox does not
- support persistent UIDs.
-
-4. Formal Syntax
-
- Formal syntax is defined using ABNF [ABNF], which extends the ABNF
- rules defined in [IMAP]. The IMAP4 ABNF should be imported before
- attempting to validate these rules.
-
- append-uid = uniqueid
-
- capability =/ "UIDPLUS"
-
-
-
-Crispin Standards Track [Page 5]
-
-RFC 4315 IMAP - UIDPLUS Extension December 2005
-
-
- command-select =/ uid-expunge
-
- resp-code-apnd = "APPENDUID" SP nz-number SP append-uid
-
- resp-code-copy = "COPYUID" SP nz-number SP uid-set SP uid-set
-
- resp-text-code =/ resp-code-apnd / resp-code-copy / "UIDNOTSTICKY"
- ; incorporated before the expansion rule of
- ; atom [SP 1*<any TEXT-CHAR except "]">]
- ; that appears in [IMAP]
-
- uid-expunge = "UID" SP "EXPUNGE" SP sequence-set
-
- uid-set = (uniqueid / uid-range) *("," uid-set)
-
- uid-range = (uniqueid ":" uniqueid)
- ; two uniqueid values and all values
- ; between these two regards of order.
- ; Example: 2:4 and 4:2 are equivalent.
-
- Servers that support [MULTIAPPEND] will have the following extension
- to the above rules:
-
- append-uid =/ uid-set
- ; only permitted if client uses [MULTIAPPEND]
- ; to append multiple messages.
-
-5. Security Considerations
-
- The COPYUID and APPENDUID response codes return information about the
- mailbox, which may be considered sensitive if the mailbox has
- permissions set that permit the client to COPY or APPEND to the
- mailbox, but not SELECT or EXAMINE it.
-
- Consequently, these response codes SHOULD NOT be issued if the client
- does not have access to SELECT or EXAMINE the mailbox.
-
-6. IANA Considerations
-
- This document constitutes registration of the UIDPLUS capability in
- the imap4-capabilities registry, replacing [RFC2359].
-
-7. Normative References
-
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
-
-
-
-
-Crispin Standards Track [Page 6]
-
-RFC 4315 IMAP - UIDPLUS Extension December 2005
-
-
- [IMAP] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL -
- VERSION 4rev1", RFC 3501, March 2003.
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [MULTIAPPEND] Crispin, M., "Internet Message Access Protocol (IMAP) -
- MULTIAPPEND Extension", RFC 3502, March 2003.
-
-8. Informative References
-
- [RFC2359] Myers, J., "IMAP4 UIDPLUS extension", RFC 2359, June
- 1998.
-
-9. Changes from RFC 2359
-
- This document obsoletes [RFC2359]. However, it is based upon that
- document, and takes substantial text from it (albeit with numerous
- clarifications in wording).
-
- [RFC2359] implied that a server must always return COPYUID/APPENDUID
- data; thus suggesting that in such cases the server should return
- arbitrary data if the destination mailbox did not support persistent
- UIDs. This document adds the UIDNOTSTICKY response code to indicate
- that a mailbox does not support persistent UIDs, and stipulates that
- a UIDPLUS server does not return COPYUID/APPENDUID data when the COPY
- (or APPEND) destination mailbox has UIDNOTSTICKY status.
-
-Author's Address
-
- Mark R. Crispin
- Networks and Distributed Computing
- University of Washington
- 4545 15th Avenue NE
- Seattle, WA 98105-4527
-
- Phone: (206) 543-5762
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 7]
-
-RFC 4315 IMAP - UIDPLUS Extension December 2005
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2005).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at ietf-
- ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-Crispin Standards Track [Page 8]
-
diff --git a/imap/docs/rfc/rfc4422.txt b/imap/docs/rfc/rfc4422.txt
deleted file mode 100644
index 049fa8c5..00000000
--- a/imap/docs/rfc/rfc4422.txt
+++ /dev/null
@@ -1,1851 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov, Ed.
-Request for Comments: 4422 Isode Limited
-Obsoletes: 2222 K. Zeilenga, Ed.
-Category: Standards Track OpenLDAP Foundation
- June 2006
-
-
- Simple Authentication and Security Layer (SASL)
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- The Simple Authentication and Security Layer (SASL) is a framework
- for providing authentication and data security services in
- connection-oriented protocols via replaceable mechanisms. It
- provides a structured interface between protocols and mechanisms.
- The resulting framework allows new protocols to reuse existing
- mechanisms and allows old protocols to make use of new mechanisms.
- The framework also provides a protocol for securing subsequent
- protocol exchanges within a data security layer.
-
- This document describes how a SASL mechanism is structured, describes
- how protocols include support for SASL, and defines the protocol for
- carrying a data security layer over a connection. In addition, this
- document defines one SASL mechanism, the EXTERNAL mechanism.
-
- This document obsoletes RFC 2222.
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 1]
-
-RFC 4422 SASL June 2006
-
-
-Table of Contents
-
- 1. Introduction ....................................................3
- 1.1. Document Audiences .........................................4
- 1.2. Relationship to Other Documents ............................4
- 1.3. Conventions ................................................5
- 2. Identity Concepts ...............................................5
- 3. The Authentication Exchange .....................................6
- 3.1. Mechanism Naming ...........................................8
- 3.2. Mechanism Negotiation ......................................9
- 3.3. Request Authentication Exchange ............................9
- 3.4. Challenges and Responses ...................................9
- 3.4.1. Authorization Identity String ......................10
- 3.5. Aborting Authentication Exchanges .........................10
- 3.6. Authentication Outcome ....................................11
- 3.7. Security Layers ...........................................12
- 3.8. Multiple Authentications ..................................12
- 4. Protocol Requirements ..........................................13
- 5. Mechanism Requirements .........................................16
- 6. Security Considerations ........................................18
- 6.1. Active Attacks ............................................19
- 6.1.1. Hijack Attacks .....................................19
- 6.1.2. Downgrade Attacks ..................................19
- 6.1.3. Replay Attacks .....................................20
- 6.1.4. Truncation Attacks .................................20
- 6.1.5. Other Active Attacks ...............................20
- 6.2. Passive Attacks ...........................................20
- 6.3. Re-keying .................................................21
- 6.4. Other Considerations ......................................21
- 7. IANA Considerations ............................................22
- 7.1. SASL Mechanism Registry ...................................22
- 7.2. Registration Changes ......................................26
- 8. References .....................................................26
- 8.1. Normative References ......................................26
- 8.2. Informative References ....................................27
- 9. Acknowledgements ...............................................28
- Appendix A. The SASL EXTERNAL Mechanism ..........................29
- A.1. EXTERNAL Technical Specification ..........................29
- A.2. SASL EXTERNAL Examples ....................................30
- A.3. Security Considerations ...................................31
- Appendix B. Changes since RFC 2222 ...............................31
-
-
-
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 2]
-
-RFC 4422 SASL June 2006
-
-
-1. Introduction
-
- The Simple Authentication and Security Layer (SASL) is a framework
- for providing authentication and data security services in
- connection-oriented protocols via replaceable mechanisms. SASL
- provides a structured interface between protocols and mechanisms.
- SASL also provides a protocol for securing subsequent protocol
- exchanges within a data security layer. The data security layer can
- provide data integrity, data confidentiality, and other services.
-
- SASL's design is intended to allow new protocols to reuse existing
- mechanisms without requiring redesign of the mechanisms and allows
- existing protocols to make use of new mechanisms without redesign of
- protocols.
-
- SASL is conceptually a framework that provides an abstraction layer
- between protocols and mechanisms as illustrated in the following
- diagram.
-
- SMTP LDAP XMPP Other protocols ...
- \ | | /
- \ | | /
- SASL abstraction layer
- / | | \
- / | | \
- EXTERNAL GSSAPI PLAIN Other mechanisms ...
-
- It is through the interfaces of this abstraction layer that the
- framework allows any protocol to utilize any mechanism. While this
- layer does generally hide the particulars of protocols from
- mechanisms and the particulars of mechanisms from protocols, this
- layer does not generally hide the particulars of mechanisms from
- protocol implementations. For example, different mechanisms require
- different information to operate, some of them use password-based
- authentication, some of then require realm information, others make
- use of Kerberos tickets, certificates, etc. Also, in order to
- perform authorization, server implementations generally have to
- implement identity mapping between authentication identities, whose
- form is mechanism specific, and authorization identities, whose form
- is application protocol specific. Section 2 discusses identity
- concepts.
-
- It is possible to design and implement this framework in ways that do
- abstract away particulars of similar mechanisms. Such a framework
- implementation, as well as mechanisms implementations, could be
- designed not only to be shared by multiple implementations of a
- particular protocol but to be shared by implementations of multiple
- protocols.
-
-
-
-Melnikov & Zeilenga Standards Track [Page 3]
-
-RFC 4422 SASL June 2006
-
-
- The framework incorporates interfaces with both protocols and
- mechanisms in which authentication exchanges are carried out.
- Section 3 discusses SASL authentication exchanges.
-
- To use SASL, each protocol (amongst other items) provides a method
- for identifying which mechanism is to be used, a method for exchange
- of mechanism-specific server-challenges and client-responses, and a
- method for communicating the outcome of the authentication exchange.
- Section 4 discusses SASL protocol requirements.
-
- Each SASL mechanism defines (amongst other items) a series of
- server-challenges and client-responses that provide authentication
- services and negotiate data security services. Section 5 discusses
- SASL mechanism requirements.
-
- Section 6 discusses security considerations. Section 7 discusses
- IANA considerations. Appendix A defines the SASL EXTERNAL mechanism.
-
-1.1. Document Audiences
-
- This document is written to serve several different audiences:
-
- - protocol designers using this specification to support
- authentication in their protocol,
-
- - mechanism designers that define new SASL mechanisms, and
-
- - implementors of clients or servers for those protocols that
- support SASL.
-
- While the document organization is intended to allow readers to focus
- on details relevant to their engineering, readers are encouraged to
- read and understand all aspects of this document.
-
-1.2. Relationship to Other Documents
-
- This document obsoletes RFC 2222. It replaces all portions of RFC
- 2222 excepting sections 7.1 (the KERBEROS_IV mechanism), 7.2 (the
- GSSAPI mechanism), 7.3 (the SKEY mechanism). The KERBEROS_IV and
- SKEY mechanisms are now viewed as obsolete and their specifications
- provided in RFC 2222 are Historic. The GSSAPI mechanism is now
- separately specified [SASL-GSSAPI].
-
- Appendix B provides a summary of changes since RFC 2222.
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 4]
-
-RFC 4422 SASL June 2006
-
-
-1.3. Conventions
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in BCP 14 [RFC2119].
-
- Character names in this document use the notation for code points and
- names from the Unicode Standard [Unicode]. For example, the letter
- "a" may be represented as either <U+0061> or <LATIN SMALL LETTER A>.
-
- Note: a glossary of terms used in Unicode can be found in [Glossary].
- Information on the Unicode character encoding model can be found in
- [CharModel].
-
- In examples, "C:" and "S:" indicate lines of data to be sent by the
- client and server, respectively. Lines have been wrapped for
- improved readability.
-
-2. Identity Concepts
-
- In practice, authentication and authorization may involve multiple
- identities, possibly in different forms (simple username, Kerberos
- principal, X.500 Distinguished Name, etc.), possibly with different
- representations (e.g., ABNF-described UTF-8 encoded Unicode character
- string, BER-encoded Distinguished Name). While technical
- specifications often prescribe both the identity form and
- representation used on the network, different identity forms and/or
- representations may be (and often are) used within implementations.
- How identities of different forms relate to each other is, generally,
- a local matter. In addition, the forms and representations used
- within an implementation are a local matter.
-
- However, conceptually, the SASL framework involves two identities:
-
- 1) an identity associated with the authentication credentials
- (termed the authentication identity), and
-
- 2) an identity to act as (termed the authorization identity).
-
- SASL mechanism specifications describe the credential form(s) (e.g.,
- X.509 certificates, Kerberos tickets, simple username/password) used
- to authenticate the client, including (where appropriate) the syntax
- and semantics of authentication identities carried in the
- credentials. SASL protocol specifications describe the identity
- form(s) used in authorization and, in particular, prescribe the
- syntax and semantics of the authorization identity character string
- to be transferred by mechanisms.
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 5]
-
-RFC 4422 SASL June 2006
-
-
- The client provides its credentials (which include or imply an
- authentication identity) and, optionally, a character string
- representing the requested authorization identity as part of the SASL
- exchange. When this character string is omitted or empty, the client
- is requesting to act as the identity associated with the credentials
- (e.g., the user is requesting to act as the authentication identity).
-
- The server is responsible for verifying the client's credentials and
- verifying that the identity it associates with the client's
- credentials (e.g., the authentication identity) is allowed to act as
- the authorization identity. A SASL exchange fails if either (or
- both) of these verifications fails. (The SASL exchange may fail for
- other reasons, such as service authorization failure.)
-
- However, the precise form(s) of the authentication identities (used
- within the server in its verifications, or otherwise) and the precise
- form(s) of the authorization identities (used in making authorization
- decisions, or otherwise) are beyond the scope of SASL and this
- specification. In some circumstances, the precise identity forms
- used in some context outside of the SASL exchange may be dictated by
- other specifications. For instance, an identity assumption
- authorization (proxy authorization) policy specification may dictate
- how authentication and authorization identities are represented in
- policy statements.
-
-3. The Authentication Exchange
-
- Each authentication exchange consists of a message from the client to
- the server requesting authentication via a particular mechanism,
- followed by one or more pairs of challenges from the server and
- responses from the client, followed by a message from the server
- indicating the outcome of the authentication exchange. (Note:
- exchanges may also be aborted as discussed in Section 3.5.)
-
- The following illustration provides a high-level overview of an
- authentication exchange.
-
- C: Request authentication exchange
- S: Initial challenge
- C: Initial response
- <additional challenge/response messages>
- S: Outcome of authentication exchange
-
- If the outcome is successful and a security layer was negotiated,
- this layer is then installed (see Section 3.7). This also applies to
- the following illustrations.
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 6]
-
-RFC 4422 SASL June 2006
-
-
- Some mechanisms specify that the first data sent in the
- authentication exchange is from the client to the server. Protocols
- may provide an optional initial response field in the request message
- to carry this data. Where the mechanism specifies that the first
- data sent in the exchange is from the client to the server, the
- protocol provides an optional initial response field, and the client
- uses this field, the exchange is shortened by one round-trip:
-
- C: Request authentication exchange + Initial response
- <additional challenge/response messages>
- S: Outcome of authentication exchange
-
- Where the mechanism specifies that the first data sent in the
- exchange is from the client to the server and this field is
- unavailable or unused, the client request is followed by an empty
- challenge.
-
- C: Request authentication exchange
- S: Empty Challenge
- C: Initial Response
- <additional challenge/response messages>
- S: Outcome of authentication exchange
-
- Should a client include an initial response in its request where the
- mechanism does not allow the client to send data first, the
- authentication exchange fails.
-
- Some mechanisms specify that the server is to send additional data to
- the client when indicating a successful outcome. Protocols may
- provide an optional additional data field in the outcome message to
- carry this data. Where the mechanism specifies that the server is to
- return additional data with the successful outcome, the protocol
- provides an optional additional data field in the outcome message,
- and the server uses this field, the exchange is shortened by one
- round-trip:
-
- C: Request authentication exchange
- S: Initial challenge
- C: Initial response
- <additional challenge/response messages>
- S: Outcome of authentication exchange with
- additional data with success
-
- Where the mechanism specifies that the server is to return additional
- data to the client with a successful outcome and this field is
- unavailable or unused, the additional data is sent as a challenge
- whose response is empty. After receiving this response, the server
- then indicates the successful outcome.
-
-
-
-Melnikov & Zeilenga Standards Track [Page 7]
-
-RFC 4422 SASL June 2006
-
-
- C: Request authentication exchange
- S: Initial challenge
- C: Initial response
- <additional challenge/response messages>
- S: Additional data challenge
- C: Empty Response
- S: Outcome of authentication exchange
-
- Where mechanisms specify that the first data sent in the exchange is
- from the client to the server and additional data is sent to the
- client along with indicating a successful outcome, and the protocol
- provides fields supporting both, then the exchange takes two fewer
- round-trips:
-
- C: Request authentication exchange + Initial response
- <additional challenge/response messages>
- S: Outcome of authentication exchange
- with additional data with success
-
- instead of:
-
- C: Request authentication exchange
- S: Empty Challenge
- C: Initial Response
- <additional challenge/response messages>
- S: Additional data challenge
- C: Empty Response
- S: Outcome of authentication exchange
-
-3.1. Mechanism Naming
-
- SASL mechanisms are named by character strings, from 1 to 20
- characters in length, consisting of ASCII [ASCII] uppercase letters,
- digits, hyphens, and/or underscores. In the following Augmented
- Backus-Naur Form (ABNF) [RFC4234] grammar, the <sasl-mech> production
- defines the syntax of a SASL mechanism name.
-
- sasl-mech = 1*20mech-char
- mech-char = UPPER-ALPHA / DIGIT / HYPHEN / UNDERSCORE
- ; mech-char is restricted to A-Z (uppercase only), 0-9, -, and _
- ; from ASCII character set.
-
- UPPER-ALPHA = %x41-5A ; A-Z (uppercase only)
- DIGIT = %x30-39 ; 0-9
- HYPHEN = %x2D ; hyphen (-)
- UNDERSCORE = %x5F ; underscore (_)
-
- SASL mechanism names are registered as discussed in Section 7.1.
-
-
-
-Melnikov & Zeilenga Standards Track [Page 8]
-
-RFC 4422 SASL June 2006
-
-
-3.2. Mechanism Negotiation
-
- Mechanism negotiation is protocol specific.
-
- Commonly, a protocol will specify that the server advertises
- supported and available mechanisms to the client via some facility
- provided by the protocol, and the client will then select the "best"
- mechanism from this list that it supports and finds suitable.
-
- Note that the mechanism negotiation is not protected by the
- subsequent authentication exchange and hence is subject to downgrade
- attacks if not protected by other means.
-
- To detect downgrade attacks, a protocol can allow the client to
- discover available mechanisms subsequent to the authentication
- exchange and installation of data security layers with at least data
- integrity protection. This allows the client to detect changes to
- the list of mechanisms supported by the server.
-
-3.3. Request Authentication Exchange
-
- The authentication exchange is initiated by the client by requesting
- authentication via a mechanism it specifies. The client sends a
- message that contains the name of the mechanism to the server. The
- particulars of the message are protocol specific.
-
- Note that the name of the mechanism is not protected by the
- mechanism, and hence is subject to alteration by an attacker if not
- integrity protected by other means.
-
- Where the mechanism is defined to allow the client to send data
- first, and the protocol's request message includes an optional
- initial response field, the client may include the response to the
- initial challenge in the authentication request message.
-
-3.4. Challenges and Responses
-
- The authentication exchange involves one or more pairs of server-
- challenges and client-responses, the particulars of which are
- mechanism specific. These challenges and responses are enclosed in
- protocol messages, the particulars of which are protocol specific.
-
- Through these challenges and responses, the mechanism may:
-
- - authenticate the client to the server,
-
- - authenticate the server to the client,
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 9]
-
-RFC 4422 SASL June 2006
-
-
- - transfer an authorization identity string,
-
- - negotiate a security layer, and
-
- - provide other services.
-
- The negotiation of the security layer may involve negotiation of the
- security services to be provided in the layer, how these services
- will be provided, and negotiation of a maximum cipher-text buffer
- size each side is able to receive in the layer (see Section 3.6).
-
- After receiving an authentication request or any client response, the
- server may issue a challenge, abort the exchange, or indicate the
- outcome of an exchange. After receiving a challenge, a client
- mechanism may issue a response or abort the exchange.
-
-3.4.1. Authorization Identity String
-
- The authorization identity string is a sequence of zero or more
- Unicode [Unicode] characters, excluding the NUL (U+0000) character,
- representing the identity to act as.
-
- If the authorization identity string is absent, the client is
- requesting to act as the identity the server associates with the
- client's credentials. An empty string is equivalent to an absent
- authorization identity.
-
- A non-empty authorization identity string indicates that the client
- wishes to act as the identity represented by the string. In this
- case, the form of identity represented by the string, as well as the
- precise syntax and semantics of the string, is protocol specific.
-
- While the character encoding schema used to transfer the
- authorization identity string in the authentication exchange is
- mechanism specific, mechanisms are expected to be capable of carrying
- the entire Unicode repertoire (with the exception of the NUL
- character).
-
-3.5. Aborting Authentication Exchanges
-
- A client or server may desire to abort an authentication exchange if
- it is unwilling or unable to continue (or enter into).
-
- A client may abort the authentication exchange by sending a message,
- the particulars of which are protocol specific, to the server,
- indicating that the exchange is aborted. The server may be required
- by the protocol to return a message in response to the client's abort
- message.
-
-
-
-Melnikov & Zeilenga Standards Track [Page 10]
-
-RFC 4422 SASL June 2006
-
-
- Likewise, a server may abort the authentication exchange by sending a
- message, the particulars of which are protocol specific, to the
- client, indicating that the exchange is aborted.
-
-3.6. Authentication Outcome
-
- At the conclusion of the authentication exchange, the server sends a
- message, the particulars of which are protocol specific, to the
- client indicating the outcome of the exchange.
-
- The outcome is not successful if
-
- - the authentication exchange failed for any reason,
-
- - the client's credentials could not be verified,
-
- - the server cannot associate an identity with the client's
- credentials,
-
- - the client-provided authorization identity string is malformed,
-
- - the identity associated with the client's credentials is not
- authorized to act as the requested authorization identity,
-
- - the negotiated security layer (or lack thereof) is not
- suitable, or
-
- - the server is not willing to provide service to the client for
- any reason.
-
- The protocol may include an optional additional data field in this
- outcome message. This field can only include additional data when
- the outcome is successful.
-
- If the outcome is successful and a security layer was negotiated,
- this layer is then installed. If the outcome is unsuccessful, or a
- security layer was not negotiated, any existing security is left in
- place.
-
- The outcome message provided by the server can provide a way for the
- client to distinguish between errors that are best dealt with by re-
- prompting the user for her credentials, errors that are best dealt
- with by telling the user to try again later, and errors where the
- user must contact a system administrator for resolution (see the SYS
- and AUTH POP Response Codes [RFC3206] specification for an example).
- This distinction is particularly useful during scheduled server
- maintenance periods as it reduces support costs. It is also
- important that the server can be configured such that the outcome
-
-
-
-Melnikov & Zeilenga Standards Track [Page 11]
-
-RFC 4422 SASL June 2006
-
-
- message will not distinguish between a valid user with invalid
- credentials and an invalid user.
-
-3.7. Security Layers
-
- SASL mechanisms may offer a wide range of services in security
- layers. Typical services include data integrity and data
- confidentiality. SASL mechanisms that do not provide a security
- layer are treated as negotiating no security layer.
-
- If use of a security layer is negotiated in the authentication
- protocol exchange, the layer is installed by the server after
- indicating the outcome of the authentication exchange and installed
- by the client upon receipt of the outcome indication. In both cases,
- the layer is installed before transfer of further protocol data. The
- precise position upon which the layer takes effect in the protocol
- data stream is protocol specific.
-
- Once the security layer is in effect in the protocol data stream, it
- remains in effect until either a subsequently negotiated security
- layer is installed or the underlying transport connection is closed.
-
- When in effect, the security layer processes protocol data into
- buffers of protected data. If at any time the security layer is
- unable or unwilling to continue producing buffers protecting protocol
- data, the underlying transport connection MUST be closed. If the
- security layer is not able to decode a received buffer, the
- underlying connection MUST be closed. In both cases, the underlying
- transport connection SHOULD be closed gracefully.
-
- Each buffer of protected data is transferred over the underlying
- transport connection as a sequence of octets prepended with a four-
- octet field in network byte order that represents the length of the
- buffer. The length of the protected data buffer MUST be no larger
- than the maximum size that the other side expects. Upon the receipt
- of a length field whose value is greater than the maximum size, the
- receiver SHOULD close the connection, as this might be a sign of an
- attack.
-
- The maximum size that each side expects is fixed by the mechanism,
- either through negotiation or by its specification.
-
-3.8. Multiple Authentications
-
- Unless explicitly permitted in the protocol (as stated in the
- protocol's technical specification), only one successful SASL
- authentication exchange may occur in a protocol session. In this
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 12]
-
-RFC 4422 SASL June 2006
-
-
- case, once an authentication exchange has successfully completed,
- further attempts to initiate an authentication exchange fail.
-
- Where multiple successful SASL authentication exchanges are permitted
- in the protocol, then in no case may multiple SASL security layers be
- simultaneously in effect. If a security layer is in effect and a
- subsequent SASL negotiation selects a second security layer, then the
- second security layer replaces the first. If a security layer is in
- effect and a subsequent SASL negotiation selects no security layer,
- the original security layer remains in effect.
-
- Where multiple successful SASL negotiations are permitted in the
- protocol, the effect of a failed SASL authentication exchange upon
- the previously established authentication and authorization state is
- protocol specific. The protocol's technical specification should be
- consulted to determine whether the previous authentication and
- authorization state remains in force, or changed to an anonymous
- state, or otherwise was affected. Regardless of the protocol-
- specific effect upon previously established authentication and
- authorization state, the previously negotiated security layer remains
- in effect.
-
-4. Protocol Requirements
-
- In order for a protocol to offer SASL services, its specification
- MUST supply the following information:
-
- 1) A service name, to be selected from registry of "service" elements
- for the Generic Security Service Application Program Interface
- (GSSAPI) host-based service name form, as described in Section 4.1
- of [RFC2743]. Note that this registry is shared by all GSSAPI and
- SASL mechanisms.
-
- 2) Detail any mechanism negotiation facility that the protocol
- provides (see Section 3.2).
-
- A protocol SHOULD specify a facility through which the client may
- discover, both before initiation of the SASL exchange and after
- installing security layers negotiated by the exchange, the names
- of the SASL mechanisms that the server makes available to the
- client. The latter is important to allow the client to detect
- downgrade attacks. This facility is typically provided through
- the protocol's extensions or capabilities discovery facility.
-
- 3) Definition of the messages necessary for authentication exchange,
- including the following:
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 13]
-
-RFC 4422 SASL June 2006
-
-
- a) A message to initiate the authentication exchange (see Section
- 3.3).
-
- This message MUST contain a field for carrying the name of the
- mechanism selected by the client.
-
- This message SHOULD contain an optional field for carrying an
- initial response. If the message is defined with this field,
- the specification MUST describe how messages with an empty
- initial response are distinguished from messages with no
- initial response. This field MUST be capable of carrying
- arbitrary sequences of octets (including zero-length sequences
- and sequences containing zero-valued octets).
-
- b) Messages to transfer server challenges and client responses
- (see Section 3.4).
-
- Each of these messages MUST be capable of carrying arbitrary
- sequences of octets (including zero-length sequences and
- sequences containing zero-valued octets).
-
- c) A message to indicate the outcome of the authentication
- exchange (see Section 3.6).
-
- This message SHOULD contain an optional field for carrying
- additional data with a successful outcome. If the message is
- defined with this field, the specification MUST describe how
- messages with an empty additional data are distinguished from
- messages with no additional data. This field MUST be capable
- of carrying arbitrary sequences of octets (including zero-
- length sequences and sequences containing zero-valued octets).
-
- 4) Prescribe the syntax and semantics of non-empty authorization
- identity strings (see Section 3.4.1).
-
- In order to avoid interoperability problems due to differing
- normalizations, the protocol specification MUST detail precisely
- how and where (client or server) non-empty authorization identity
- strings are prepared, including all normalizations, for comparison
- and other applicable functions to ensure proper function.
-
- Specifications are encouraged to prescribe use of existing
- authorization identity forms as well as existing string
- representations, such as simple user names [RFC4013].
-
- Where the specification does not precisely prescribe how
- identities in SASL relate to identities used elsewhere in the
- protocol, for instance, in access control policy statements, it
-
-
-
-Melnikov & Zeilenga Standards Track [Page 14]
-
-RFC 4422 SASL June 2006
-
-
- may be appropriate for the protocol to provide a facility by which
- the client can discover information (such as the representation of
- the identity used in making access control decisions) about
- established identities for these uses.
-
- 5) Detail any facility the protocol provides that allows the client
- and/or server to abort authentication exchange (see Section 3.5).
-
- Protocols that support multiple authentications typically allow a
- client to abort an ongoing authentication exchange by initiating a
- new authentication exchange. Protocols that do not support
- multiple authentications may require the client to close the
- connection and start over to abort an ongoing authentication
- exchange.
-
- Protocols typically allow the server to abort ongoing
- authentication exchanges by returning a non-successful outcome
- message.
-
- 6) Identify precisely where newly negotiated security layers start to
- take effect, in both directions (see Section 3.7).
-
- Typically, specifications require security layers to start taking
- effect on the first octet following the outcome message in data
- being sent by the server and on the first octet sent after receipt
- of the outcome message in data being sent by the client.
-
- 7) If the protocol supports other layered security services, such as
- Transport Layer Security (TLS) [RFC4346], the specification MUST
- prescribe the order in which security layers are applied to
- protocol data.
-
- For instance, where a protocol supports both TLS and SASL security
- layers, the specification could prescribe any of the following:
-
- a) SASL security layer is always applied first to data being sent
- and, hence, applied last to received data,
-
- b) SASL security layer is always applied last to data being sent
- and, hence, applied first to received data,
-
- c) Layers are applied in the order in which they were installed,
-
- d) Layers are applied in the reverse order in which they were
- installed, or
-
- e) Both TLS and SASL security layers cannot be installed.
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 15]
-
-RFC 4422 SASL June 2006
-
-
- 8) Indicate whether the protocol supports multiple authentications
- (see Section 3.8). If so, the protocol MUST detail the effect a
- failed SASL authentication exchange will have upon a previously
- established authentication and authorization state.
-
- Protocol specifications SHOULD avoid stating implementation
- requirements that would hinder replacement of applicable mechanisms.
- In general, protocol specifications SHOULD be mechanism neutral.
- There are a number of reasonable exceptions to this recommendation,
- including
-
- - detailing how credentials (which are mechanism specific) are
- managed in the protocol,
-
- - detailing how authentication identities (which are mechanism
- specific) and authorization identities (which are protocol
- specific) relate to each other, and
-
- - detailing which mechanisms are applicable to the protocol.
-
-5. Mechanism Requirements
-
- SASL mechanism specifications MUST supply the following information:
-
- 1) The name of the mechanism (see Section 3.1). This name MUST be
- registered as discussed in Section 7.1.
-
- 2) A definition of the server-challenges and client-responses of the
- authentication exchange, as well as the following:
-
- a) An indication of whether the mechanism is client-first,
- variable, or server-first. If a SASL mechanism is defined as
- client-first and the client does not send an initial response
- in the authentication request, then the first server challenge
- MUST be empty (the EXTERNAL mechanism is an example of this
- case). If a SASL mechanism is defined as variable, then the
- specification needs to state how the server behaves when the
- initial client response in the authentication request is
- omitted (the DIGEST-MD5 mechanism [DIGEST-MD5] is an example of
- this case). If a SASL mechanism is defined as server-first,
- then the client MUST NOT send an initial client response in the
- authentication request (the CRAM-MD5 mechanism [CRAM-MD5] is an
- example of this case).
-
- b) An indication of whether the server is expected to provide
- additional data when indicating a successful outcome. If so,
- if the server sends the additional data as a challenge, the
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 16]
-
-RFC 4422 SASL June 2006
-
-
- specification MUST indicate that the response to this challenge
- is an empty response.
-
- SASL mechanisms SHOULD be designed to minimize the number of
- challenges and responses necessary to complete the exchange.
-
- 3) An indication of whether the mechanism is capable of transferring
- authorization identity strings (see Section 3.4.1). While some
- legacy mechanisms are incapable of transmitting an authorization
- identity (which means that for these mechanisms, the authorization
- identity is always the empty string), newly defined mechanisms
- SHOULD be capable of transferring authorization identity strings.
- The mechanism SHOULD NOT be capable of transferring both no
- authorization identity string and an empty authorization identity.
-
- Mechanisms that are capable of transferring an authorization
- identity string MUST be capable of transferring arbitrary non-
- empty sequences of Unicode characters, excluding those that
- contain the NUL (U+0000) character. Mechanisms SHOULD use the
- UTF-8 [RFC3629] transformation format. The specification MUST
- detail how any Unicode code points special to the mechanism that
- might appear in the authorization identity string are escaped to
- avoid ambiguity during decoding of the authorization identity
- string. Typically, mechanisms that have special characters
- require these special characters to be escaped or encoded in the
- character string (after encoding it in a particular Unicode
- transformation format) using a data encoding scheme such as Base64
- [RFC3548].
-
- 4) The specification MUST detail whether the mechanism offers a
- security layer. If the mechanism does, the specification MUST
- detail the security and other services offered in the layer as
- well as how these services are to be implemented.
-
- 5) If the underlying cryptographic technology used by a mechanism
- supports data integrity, then the mechanism specification MUST
- integrity protect the transmission of an authorization identity
- and the negotiation of the security layer.
-
- SASL mechanisms SHOULD be protocol neutral.
-
- SASL mechanisms SHOULD reuse existing credential and identity forms,
- as well as associated syntaxes and semantics.
-
- SASL mechanisms SHOULD use the UTF-8 transformation format [RFC3629]
- for encoding Unicode [Unicode] code points for transfer.
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 17]
-
-RFC 4422 SASL June 2006
-
-
- In order to avoid interoperability problems due to differing
- normalizations, when a mechanism calls for character data (other than
- the authorization identity string) to be used as input to a
- cryptographic and/or comparison function, the specification MUST
- detail precisely how and where (client or server) the character data
- is to be prepared, including all normalizations, for input into the
- function to ensure proper operation.
-
- For simple user names and/or passwords in authentication credentials,
- SASLprep [RFC4013] (a profile of the StringPrep [RFC3454] preparation
- algorithm), SHOULD be specified as the preparation algorithm.
-
- The mechanism SHOULD NOT use the authorization identity string in
- generation of any long-term cryptographic keys or hashes as there is
- no requirement that the authorization identity string be canonical.
- Long-term, here, means a term longer than the duration of the
- authentication exchange in which they were generated. That is, as
- different clients (of the same or different protocol) may provide
- different authorization identity strings that are semantically
- equivalent, use of authorization identity strings in generation of
- cryptographic keys and hashes will likely lead to interoperability
- and other problems.
-
-6. Security Considerations
-
- Security issues are discussed throughout this memo.
-
- Many existing SASL mechanisms do not provide adequate protection
- against passive attacks, let alone active attacks, in the
- authentication exchange. Many existing SASL mechanisms do not offer
- security layers. It is hoped that future SASL mechanisms will
- provide strong protection against passive and active attacks in the
- authentication exchange, as well as security layers with strong basic
- data security features (e.g., data integrity and data
- confidentiality) services. It is also hoped that future mechanisms
- will provide more advanced data security services like re-keying (see
- Section 6.3).
-
- Regardless, the SASL framework is susceptible to downgrade attacks.
- Section 6.1.2 offers a variety of approaches for preventing or
- detecting these attacks. In some cases, it is appropriate to use
- data integrity protective services external to SASL (e.g., TLS) to
- protect against downgrade attacks in SASL. Use of external
- protective security services is also important when the mechanisms
- available do not themselves offer adequate integrity and/or
- confidentiality protection of the authentication exchange and/or
- protocol data.
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 18]
-
-RFC 4422 SASL June 2006
-
-
-6.1. Active Attacks
-
-6.1.1. Hijack Attacks
-
- When the client selects a SASL security layer with at least integrity
- protection, this protection serves as a counter-measure against an
- active attacker hijacking the connection and modifying protocol data
- sent after establishment of the security layer. Implementations
- SHOULD close the connection when the security services in a SASL
- security layer report protocol data report lack of data integrity.
-
-6.1.2. Downgrade Attacks
-
- It is important that any security-sensitive protocol negotiations be
- performed after installation of a security layer with data integrity
- protection. Protocols should be designed such that negotiations
- performed prior to this installation should be revalidated after
- installation is complete. Negotiation of the SASL mechanism is
- security sensitive.
-
- When a client negotiates the authentication mechanism with the server
- and/or other security features, it is possible for an active attacker
- to cause a party to use the least secure security services available.
- For instance, an attacker can modify the server-advertised mechanism
- list or can modify the client-advertised security feature list within
- a mechanism response. To protect against this sort of attack,
- implementations SHOULD NOT advertise mechanisms and/or features that
- cannot meet their minimum security requirements, SHOULD NOT enter
- into or continue authentication exchanges that cannot meet their
- minimum security requirements, and SHOULD verify that completed
- authentication exchanges result in security services that meet their
- minimum security requirements. Note that each endpoint needs to
- independently verify that its security requirements are met.
-
- In order to detect downgrade attacks to the least (or less) secure
- mechanism supported, the client can discover the SASL mechanisms that
- the server makes available both before the SASL authentication
- exchange and after the negotiated SASL security layer (with at least
- data integrity protection) has been installed through the protocol's
- mechanism discovery facility. If the client finds that the
- integrity-protected list (the list obtained after the security layer
- was installed) contains a stronger mechanism than those in the
- previously obtained list, the client should assume that the
- previously obtained list was modified by an attacker and SHOULD close
- the underlying transport connection.
-
- The client's initiation of the SASL exchange, including the selection
- of a SASL mechanism, is done in the clear and may be modified by an
-
-
-
-Melnikov & Zeilenga Standards Track [Page 19]
-
-RFC 4422 SASL June 2006
-
-
- active attacker. It is important for any new SASL mechanisms to be
- designed such that an active attacker cannot obtain an authentication
- with weaker security properties by modifying the SASL mechanism name
- and/or the challenges and responses.
-
- Multi-level negotiation of security features is prone to downgrade
- attack. Protocol designers should avoid offering higher-level
- negotiation of security features in protocols (e.g., above SASL
- mechanism negotiation) and mechanism designers should avoid lower-
- level negotiation of security features in mechanisms (e.g., below
- SASL mechanism negotiation).
-
-6.1.3. Replay Attacks
-
- Some mechanisms may be subject to replay attacks unless protected by
- external data security services (e.g., TLS).
-
-6.1.4. Truncation Attacks
-
- Most existing SASL security layers do not themselves offer protection
- against truncation attack. In a truncation attack, the active
- attacker causes the protocol session to be closed, causing a
- truncation of the possibly integrity-protected data stream that leads
- to behavior of one or both the protocol peers that inappropriately
- benefits the attacker. Truncation attacks are fairly easy to defend
- against in connection-oriented application-level protocols. A
- protocol can defend against these attacks by ensuring that each
- information exchange has a clear final result and that each protocol
- session has a graceful closure mechanism, and that these are
- integrity protected.
-
-6.1.5. Other Active Attacks
-
- When use of a security layer is negotiated by the authentication
- protocol exchange, the receiver SHOULD handle gracefully any
- protected data buffer larger than the defined/negotiated maximal
- size. In particular, it MUST NOT blindly allocate the amount of
- memory specified in the buffer size field, as this might cause the
- "out of memory" condition. If the receiver detects a large block, it
- SHOULD close the connection.
-
-6.2. Passive Attacks
-
- Many mechanisms are subject to various passive attacks, including
- simple eavesdropping of unprotected credential information as well as
- online and offline dictionary attacks of protected credential
- information.
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 20]
-
-RFC 4422 SASL June 2006
-
-
-6.3. Re-keying
-
- The secure or administratively permitted lifetimes of SASL
- mechanisms' security layers are finite. Cryptographic keys weaken as
- they are used and as time passes; the more time and/or cipher-text
- that a cryptanalyst has after the first use of the a key, the easier
- it is for the cryptanalyst to mount attacks on the key.
-
- Administrative limits on a security layer's lifetime may take the
- form of time limits expressed in X.509 certificates, in Kerberos V
- tickets, or in directories, and are often desired. In practice, one
- likely effect of administrative lifetime limits is that applications
- may find that security layers stop working in the middle of
- application protocol operation, such as, perhaps, during large data
- transfers. As the result of this, the connection will be closed (see
- Section 3.7), which will result in an unpleasant user experience.
-
- Re-keying (key renegotiation process) is a way of addressing the
- weakening of cryptographic keys. The SASL framework does not itself
- provide for re-keying; SASL mechanisms may. Designers of future SASL
- mechanisms should consider providing re-keying services.
-
- Implementations that wish to re-key SASL security layers where the
- mechanism does not provide for re-keying SHOULD reauthenticate the
- same IDs and replace the expired or soon-to-expire security layers.
- This approach requires support for reauthentication in the
- application protocols (see Section 3.8).
-
-6.4. Other Considerations
-
- Protocol designers and implementors should understand the security
- considerations of mechanisms so they may select mechanisms that are
- applicable to their needs.
-
- Distributed server implementations need to be careful in how they
- trust other parties. In particular, authentication secrets should
- only be disclosed to other parties that are trusted to manage and use
- those secrets in a manner acceptable to the disclosing party.
- Applications using SASL assume that SASL security layers providing
- data confidentiality are secure even when an attacker chooses the
- text to be protected by the security layer. Similarly, applications
- assume that the SASL security layer is secure even if the attacker
- can manipulate the cipher-text output of the security layer. New
- SASL mechanisms are expected to meet these assumptions.
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 21]
-
-RFC 4422 SASL June 2006
-
-
- Unicode security considerations [UTR36] apply to authorization
- identity strings, as well as UTF-8 [RFC3629] security considerations
- where UTF-8 is used. SASLprep [RFC4013] and StringPrep [RFC3454]
- security considerations also apply where used.
-
-7. IANA Considerations
-
-7.1. SASL Mechanism Registry
-
- The SASL mechanism registry is maintained by IANA. The registry is
- currently available at <http://www.iana.org/assignments/sasl-
- mechanisms>.
-
- The purpose of this registry is not only to ensure uniqueness of
- values used to name SASL mechanisms, but also to provide a definitive
- reference to technical specifications detailing each SASL mechanism
- available for use on the Internet.
-
- There is no naming convention for SASL mechanisms; any name that
- conforms to the syntax of a SASL mechanism name can be registered.
-
- The procedure detailed in Section 7.1.1 is to be used for
- registration of a value naming a specific individual mechanism.
-
- The procedure detailed in Section 7.1.2 is to be used for
- registration of a value naming a family of related mechanisms.
-
- Comments may be included in the registry as discussed in Section
- 7.1.3 and may be changed as discussed in Section 7.1.4.
-
- The SASL mechanism registry has been updated to reflect that this
- document provides the definitive technical specification for SASL and
- that this section provides the registration procedures for this
- registry.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 22]
-
-RFC 4422 SASL June 2006
-
-
-7.1.1. Mechanism Name Registration Procedure
-
- IANA will register new SASL mechanism names on a First Come First
- Served basis, as defined in BCP 26 [RFC2434]. IANA has the right to
- reject obviously bogus registration requests, but will perform no
- review of claims made in the registration form.
-
- Registration of a SASL mechanism is requested by filling in the
- following template:
-
- Subject: Registration of SASL mechanism X
-
- SASL mechanism name (or prefix for the family):
-
- Security considerations:
-
- Published specification (recommended):
-
- Person & email address to contact for further information:
-
- Intended usage: (One of COMMON, LIMITED USE, or OBSOLETE)
-
- Owner/Change controller:
-
- Note: (Any other information that the author deems relevant may be
- added here.)
-
- and sending it via electronic mail to IANA at <iana@iana.org>.
-
- While this registration procedure does not require expert review,
- authors of SASL mechanisms are encouraged to seek community review
- and comment whenever that is feasible. Authors may seek community
- review by posting a specification of their proposed mechanism as an
- Internet-Draft. SASL mechanisms intended for widespread use should
- be standardized through the normal IETF process, when appropriate.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 23]
-
-RFC 4422 SASL June 2006
-
-
-7.1.2. Family Name Registration Procedure
-
- As noted above, there is no general naming convention for SASL
- mechanisms. However, specifications may reserve a portion of the
- SASL mechanism namespace for a set of related SASL mechanisms, a
- "family" of SASL mechanisms. Each family of SASL mechanisms is
- identified by a unique prefix, such as X-. Registration of new SASL
- mechanism family names requires expert review as defined in BCP 26
- [RFC2434].
-
- Registration of a SASL family name is requested by filling in the
- following template:
-
- Subject: Registration of SASL mechanism family X
-
- SASL family name (or prefix for the family):
-
- Security considerations:
-
- Published specification (recommended):
-
- Person & email address to contact for further information:
-
- Intended usage: (One of COMMON, LIMITED USE, or OBSOLETE)
-
- Owner/Change controller:
-
- Note: (Any other information that the author deems relevant may be
- added here.)
-
- and sending it via electronic mail to the IETF SASL mailing list at
- <ietf-sasl@imc.org> and carbon copying IANA at <iana@iana.org>.
- After allowing two weeks for community input on the IETF SASL mailing
- list, the expert will determine the appropriateness of the
- registration request and either approve or disapprove the request
- with notice to the requestor, the mailing list, and IANA.
-
- The review should focus on the appropriateness of the requested
- family name for the proposed use and the appropriateness of the
- proposed naming and registration plan for existing and future
- mechanism names in the family. The scope of this request review may
- entail consideration of relevant aspects of any provided technical
- specification, such as their IANA Considerations section. However,
- this review is narrowly focused on the appropriateness of the
- requested registration and not on the overall soundness of any
- provided technical specification.
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 24]
-
-RFC 4422 SASL June 2006
-
-
- Authors are encouraged to pursue community review by posting the
- technical specification as an Internet-Draft and soliciting comment
- by posting to appropriate IETF mailing lists.
-
-7.1.3. Comments on SASL Mechanism Registrations
-
- Comments on a registered SASL mechanism/family should first be sent
- to the "owner" of the mechanism/family and/or to the <ietf-
- sasl@imc.org> mailing list.
-
- Submitters of comments may, after a reasonable attempt to contact the
- owner, request IANA to attach their comment to the SASL mechanism
- registration itself by sending mail to <iana@iana.org>. At IANA's
- sole discretion, IANA may attach the comment to the SASL mechanism's
- registration.
-
-7.1.4. Change Control
-
- Once a SASL mechanism registration has been published by IANA, the
- author may request a change to its definition. The change request
- follows the same procedure as the registration request.
-
- The owner of a SASL mechanism may pass responsibility for the SASL
- mechanism to another person or agency by informing IANA; this can be
- done without discussion or review.
-
- The IESG may reassign responsibility for a SASL mechanism. The most
- common case of this will be to enable changes to be made to
- mechanisms where the author of the registration has died, has moved
- out of contact, or is otherwise unable to make changes that are
- important to the community.
-
- SASL mechanism registrations may not be deleted; mechanisms that are
- no longer believed appropriate for use can be declared OBSOLETE by a
- change to their "intended usage" field; such SASL mechanisms will be
- clearly marked in the lists published by IANA.
-
- The IESG is considered to be the owner of all SASL mechanisms that
- are on the IETF standards track.
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 25]
-
-RFC 4422 SASL June 2006
-
-
-7.2. Registration Changes
-
- The IANA has updated the SASL mechanisms registry as follows:
-
- 1) Changed the "Intended usage" of the KERBEROS_V4 and SKEY mechanism
- registrations to OBSOLETE.
-
- 2) Changed the "Published specification" of the EXTERNAL mechanism to
- this document as indicated below:
-
- Subject: Updated Registration of SASL mechanism EXTERNAL
- Family of SASL mechanisms: NO
- SASL mechanism name: EXTERNAL
- Security considerations: See A.3 of RFC 4422
- Published specification (optional, recommended): RFC 4422
- Person & email address to contact for further information:
- Alexey Melnikov <Alexey.Melnikov@isode.com>
- Intended usage: COMMON
- Owner/Change controller: IESG <iesg@ietf.org>
- Note: Updates existing entry for EXTERNAL
-
-8. References
-
-8.1. Normative References
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC2244] Newman, C. and J. G. Myers, "ACAP -- Application
- Configuration Access Protocol", RFC 2244, November
- 1997.
-
- [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing
- an IANA Considerations Section in RFCs", BCP 26, RFC
- 2434, October 1998.
-
- [RFC2743] Linn, J., "Generic Security Service Application Program
- Interface Version 2, Update 1", RFC 2743, January 2000.
-
- [RFC3454] Hoffman, P. and M. Blanchet, "Preparation of
- Internationalized Strings ("stringprep")", RFC 3454,
- December 2002.
-
- [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
- 10646", STD 63, RFC 3629, November 2003.
-
- [RFC4013] Zeilenga, K., "SASLprep: Stringprep Profile for User
- Names and Passwords", RFC 4013, February 2005.
-
-
-
-Melnikov & Zeilenga Standards Track [Page 26]
-
-RFC 4422 SASL June 2006
-
-
- [RFC4234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [ASCII] Coded Character Set--7-bit American Standard Code for
- Information Interchange, ANSI X3.4-1986.
-
- [Unicode] The Unicode Consortium, "The Unicode Standard, Version
- 3.2.0" is defined by "The Unicode Standard, Version
- 3.0" (Reading, MA, Addison-Wesley, 2000. ISBN 0-201-
- 61633-5), as amended by the "Unicode Standard Annex
- #27: Unicode 3.1"
- (http://www.unicode.org/reports/tr27/) and by the
- "Unicode Standard Annex #28: Unicode 3.2"
- (http://www.unicode.org/reports/tr28/).
-
- [CharModel] Whistler, K. and M. Davis, "Unicode Technical Report
- #17, Character Encoding Model", UTR17,
- <http://www.unicode.org/unicode/reports/tr17/>, August
- 2000.
-
- [Glossary] The Unicode Consortium, "Unicode Glossary",
- <http://www.unicode.org/glossary/>.
-
-8.2. Informative References
-
- [RFC3206] Gellens, R., "The SYS and AUTH POP Response Codes", RFC
- 3206, February 2002.
-
- [RFC3548] Josefsson, S., "The Base16, Base32, and Base64 Data
- Encodings", RFC 3548, July 2003.
-
- [RFC4301] Kent, S. and K. Seo, "Security Architecture for the
- Internet Protocol", RFC 4301, December 2005.
-
- [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer
- Security (TLS) Protocol Version 1.1", RFC 4346, April
- 2006.
-
- [SASL-GSSAPI] Melnikov, A. (Editor), "The Kerberos V5 ("GSSAPI") SASL
- Mechanism", Work in Progress, May 2006.
-
- [UTR36] Davis, M., "(Draft) Unicode Technical Report #36,
- Character Encoding Model", UTR17,
- <http://www.unicode.org/unicode/reports/tr36/>,
- February 2005.
-
- [CRAM-MD5] Nerenberg, L., "The CRAM-MD5 SASL Mechanism", Work in
- Progress.
-
-
-
-Melnikov & Zeilenga Standards Track [Page 27]
-
-RFC 4422 SASL June 2006
-
-
- [DIGEST-MD5] Leach, P., C. Newman, and A. Melnikov, "Using Digest
- Authentication as a SASL Mechanism", Work in Progress,
- March 2006.
-
-9. Acknowledgements
-
- This document is a revision of RFC 2222 written by John Myers.
-
- This revision is a product of the IETF Simple Authentication and
- Security Layer (SASL) Working Group.
-
- The following individuals contributed significantly to this revision:
- Abhijit Menon-Sen, Hallvard Furuseth, Jeffrey Hutzelman, John Myers,
- Luke Howard, Magnus Nystrom, Nicolas Williams, Peter Saint-Andre, RL
- 'Bob' Morgan, Rob Siemborski, Sam Hartman, Simon Josefsson, Tim
- Alsop, and Tony Hansen.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 28]
-
-RFC 4422 SASL June 2006
-
-
-Appendix A. The SASL EXTERNAL Mechanism
-
- This appendix is normative.
-
- The EXTERNAL mechanism allows a client to request the server to use
- credentials established by means external to the mechanism to
- authenticate the client. The external means may be, for instance, IP
- Security [RFC4301] or TLS [RFC4346] services. In absence of some a
- priori agreement between the client and the server, the client cannot
- make any assumption as to what external means the server has used to
- obtain the client's credentials, nor make an assumption as to the
- form of credentials. For example, the client cannot assume that the
- server will use the credentials the client has established via TLS.
-
-A.1. EXTERNAL Technical Specification
-
- The name of this mechanism is "EXTERNAL".
-
- The mechanism does not provide a security layer.
-
- The mechanism is capable of transferring an authorization identity
- string. If empty, the client is requesting to act as the identity
- the server has associated with the client's credentials. If non-
- empty, the client is requesting to act as the identity represented by
- the string.
-
- The client is expected to send data first in the authentication
- exchange. Where the client does not provide an initial response data
- in its request to initiate the authentication exchange, the server is
- to respond to the request with an empty initial challenge and then
- the client is to provide its initial response.
-
- The client sends the initial response containing the UTF-8 [RFC3629]
- encoding of the requested authorization identity string. This
- response is non-empty when the client is requesting to act as the
- identity represented by the (non-empty) string. This response is
- empty when the client is requesting to act as the identity the server
- associated with its authentication credentials.
-
- The syntax of the initial response is specified as a value of the
- <extern-initial-resp> production detailed below using the Augmented
- Backus-Naur Form (ABNF) [RFC4234] notation.
-
- external-initial-resp = authz-id-string
- authz-id-string = *( UTF8-char-no-nul )
- UTF8-char-no-nul = UTF8-1-no-nul / UTF8-2 / UTF8-3 / UTF8-4
- UTF8-1-no-nul = %x01-7F
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 29]
-
-RFC 4422 SASL June 2006
-
-
- where the <UTF8-2>, <UTF8-3>, and <UTF8-4> productions are as defined
- in [RFC3629].
-
- There are no additional challenges and responses.
-
- Hence, the server is to return the outcome of the authentication
- exchange.
-
- The exchange fails if
-
- - the client has not established its credentials via external means,
-
- - the client's credentials are inadequate,
-
- - the client provided an empty authorization identity string and the
- server is unwilling or unable to associate an authorization
- identity with the client's credentials,
-
- - the client provided a non-empty authorization identity string that
- is invalid per the syntax requirements of the applicable
- application protocol specification,
-
- - the client provided a non-empty authorization identity string
- representing an identity that the client is not allowed to act as,
- or
-
- - the server is unwilling or unable to provide service to the client
- for any other reason.
-
- Otherwise the exchange is successful. When indicating a successful
- outcome, additional data is not provided.
-
-A.2. SASL EXTERNAL Examples
-
- This section provides examples of EXTERNAL authentication exchanges.
- The examples are intended to help the readers understand the above
- text. The examples are not definitive. The Application
- Configuration Access Protocol (ACAP) [RFC2244] is used in the
- examples.
-
- The first example shows use of EXTERNAL with an empty authorization
- identity. In this example, the initial response is not sent in the
- client's request to initiate the authentication exchange.
-
- S: * ACAP (SASL "DIGEST-MD5")
- C: a001 STARTTLS
- S: a001 OK "Begin TLS negotiation now"
- <TLS negotiation, further commands are under TLS layer>
-
-
-
-Melnikov & Zeilenga Standards Track [Page 30]
-
-RFC 4422 SASL June 2006
-
-
- S: * ACAP (SASL "DIGEST-MD5" "EXTERNAL")
- C: a002 AUTHENTICATE "EXTERNAL"
- S: + ""
- C: + ""
- S: a002 OK "Authenticated"
-
- The second example shows use of EXTERNAL with an authorization
- identity of "fred@example.com". In this example, the initial
- response is sent with the client's request to initiate the
- authentication exchange. This saves a round-trip.
-
- S: * ACAP (SASL "DIGEST-MD5")
- C: a001 STARTTLS
- S: a001 OK "Begin TLS negotiation now"
- <TLS negotiation, further commands are under TLS layer>
- S: * ACAP (SASL "DIGEST-MD5" "EXTERNAL")
- C: a002 AUTHENTICATE "EXTERNAL" {16+}
- C: fred@example.com
- S: a002 NO "Cannot assume requested authorization identity"
-
-A.3. Security Considerations
-
- The EXTERNAL mechanism provides no security protection; it is
- vulnerable to spoofing by either client or server, active attack, and
- eavesdropping. It should only be used when adequate security
- services have been established.
-
-Appendix B. Changes since RFC 2222
-
- This appendix is non-normative.
-
- The material in RFC 2222 was significantly rewritten in the
- production of this document.
-
- RFC 2222, by not stating that the authorization identity string was a
- string of Unicode characters, let alone character data, implied that
- the authorization identity string was a string of octets.
-
- - The authorization identity string is now defined as a string of
- Unicode characters. The NUL (U+0000) character is prohibited.
- While protocol specifications are responsible for defining the
- authorization identity form, as well as the Unicode string syntax
- and related semantics, mechanism specifications are responsible
- for defining how the Unicode string is carried in the
- authentication exchange.
-
- - Deleted "If so, when the client does not send data first, the
- initial challenge MUST be specified as being an empty challenge."
-
-
-
-Melnikov & Zeilenga Standards Track [Page 31]
-
-RFC 4422 SASL June 2006
-
-
- The following technical change was made to the EXTERNAL mechanism:
-
- - The authorization identity string is to be UTF-8 encoded.
-
- Note that protocol and mechanism specification requirements have
- been significantly tightened. Existing protocol and mechanism
- specifications will need to be updated to meet these requirements.
-
-Editors' Addresses
-
- Alexey Melnikov
- Isode Limited
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex,
- TW12 2BX, United Kingdom
-
- EMail: Alexey.Melnikov@isode.com
- URI: http://www.melnikov.ca/
-
-
- Kurt D. Zeilenga
- OpenLDAP Foundation
-
- EMail: Kurt@OpenLDAP.org
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 32]
-
-RFC 4422 SASL June 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Melnikov & Zeilenga Standards Track [Page 33]
-
diff --git a/imap/docs/rfc/rfc4466.txt b/imap/docs/rfc/rfc4466.txt
deleted file mode 100644
index dfde1685..00000000
--- a/imap/docs/rfc/rfc4466.txt
+++ /dev/null
@@ -1,955 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov
-Request for Comments: 4466 Isode Ltd.
-Updates: 2088, 2342, 3501, 3502, 3516 C. Daboo
-Category: Standards Track April 2006
-
-
- Collected Extensions to IMAP4 ABNF
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- Over the years, many documents from IMAPEXT and LEMONADE working
- groups, as well as many individual documents, have added syntactic
- extensions to many base IMAP commands described in RFC 3501. For
- ease of reference, this document collects most of such ABNF changes
- in one place.
-
- This document also suggests a set of standard patterns for adding
- options and extensions to several existing IMAP commands defined in
- RFC 3501. The patterns provide for compatibility between existing
- and future extensions.
-
- This document updates ABNF in RFCs 2088, 2342, 3501, 3502, and 3516.
- It also includes part of the errata to RFC 3501. This document
- doesn't specify any semantic changes to the listed RFCs.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 1]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
-Table of Contents
-
- 1. Introduction ....................................................2
- 1.1. Purpose of This Document ...................................2
- 1.2. Conventions Used in This Document ..........................3
- 2. IMAP ABNF Extensions ............................................3
- 2.1. Optional Parameters with the SELECT/EXAMINE Commands .......3
- 2.2. Extended CREATE Command ....................................4
- 2.3. Extended RENAME Command ....................................5
- 2.4. Extensions to FETCH and UID FETCH Commands .................6
- 2.5. Extensions to STORE and UID STORE Commands .................6
- 2.6. Extensions to SEARCH Command ...............................7
- 2.6.1. Extended SEARCH Command .............................7
- 2.6.2. ESEARCH untagged response ...........................8
- 2.7. Extensions to APPEND Command ...............................8
- 3. Formal Syntax ...................................................9
- 4. Security Considerations ........................................14
- 5. Normative References ...........................................15
- 6. Acknowledgements ...............................................15
-
-1. Introduction
-
-1.1. Purpose of This Document
-
- This document serves several purposes:
-
- 1. rationalize and generalize ABNF for some existing IMAP
- extensions;
- 2. collect the ABNF in one place in order to minimize cross
- references between documents;
- 3. define building blocks for future extensions so that they can
- be used together in a compatible way.
-
- It is expected that a future revision of this document will be
- incorporated into a revision of RFC 3501.
-
- This document updates ABNF in RFCs 2088, 2342, 3501, 3502, and 3516.
- It also includes part of the errata to RFC 3501. This document
- doesn't specify any semantic changes to the listed RFCs.
-
- The ABNF in section 6 of RFC 2342 got rewritten to conform to the
- ABNF syntax as defined in RFC 4234 and to reference new non-terminals
- from RFC 3501. It was also restructured to allow for better
- readability. There were no changes "on the wire".
-
- Section 2 extends ABNF for SELECT, EXAMINE, CREATE, RENAME, FETCH/UID
- FETCH, STORE/UID STORE, SEARCH, and APPEND commands in a consistent
- manner. Extensions to all the commands but APPEND have the same
-
-
-
-Melnikov & Daboo Standards Track [Page 2]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- structure. Extensibility for the APPEND command was done slightly
- differently in order to preserve backward compatibility with existing
- extensions.
-
- Section 2 also defines a new ESEARCH response, whose purpose is to
- define a better version of the SEARCH response defined in RFC 3501.
-
- Section 3 defines the collected ABNF that replaces pieces of ABNF in
- the aforementioned RFCs. The collected ABNF got generalized to allow
- for easier future extensibility.
-
-1.2. Conventions Used in This Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively.
-
- The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
- in this document are to be interpreted as defined in "Key words for
- use in RFCs to Indicate Requirement Levels" [KEYWORDS].
-
-2. IMAP ABNF Extensions
-
- This section is not normative. It provides some background on the
- intended use of different extensions and it gives some guidance about
- how future extensions should extend the described commands.
-
-2.1. Optional Parameters with the SELECT/EXAMINE Commands
-
- This document adds the ability to include one or more parameters with
- the IMAP SELECT (section 6.3.1 of [IMAP4]) or EXAMINE (section 6.3.2
- of [IMAP4]) commands, to turn on or off certain standard behaviors,
- or to add new optional behaviors required for a particular extension.
-
- There are two possible modes of operation:
-
- o A global state change where a single use of the optional parameter
- will affect the session state from that time on, irrespective of
- subsequent SELECT/EXAMINE commands.
-
- o A per-mailbox state change that will affect the session only for
- the duration of the new selected state. A subsequent
- SELECT/EXAMINE without the optional parameter will cancel its
- effect for the newly selected mailbox.
-
- Optional parameters to the SELECT or EXAMINE commands are added as a
- parenthesized list of attribute/value pairs, and appear after the
- mailbox name in the standard SELECT or EXAMINE command. The order of
- individual parameters is arbitrary. A parameter value is optional
-
-
-
-Melnikov & Daboo Standards Track [Page 3]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- and may consist of atoms, strings, or lists in a specific order. If
- the parameter value is present, it always appears in parentheses (*).
- Any parameter not defined by extensions that the server supports must
- be rejected with a BAD response.
-
- Example:
-
- C: a SELECT INBOX (ANNOTATE)
- S: ...
- S: a OK SELECT complete
-
- In the above example, a single parameter is used with the SELECT
- command.
-
- Example:
-
- C: a EXAMINE INBOX (ANNOTATE RESPONSES ("UID Responses")
- CONDSTORE)
- S: ...
- S: a OK EXAMINE complete
-
- In the above example, three parameters are used with the EXAMINE
- command. The second parameter consists of two items: an atom
- "RESPONSES" followed by a quoted string.
-
- Example:
-
- C: a SELECT INBOX (BLURDYBLOOP)
- S: a BAD Unknown parameter in SELECT command
-
- In the above example, a parameter not supported by the server is
- used. This results in the BAD response from the server.
-
- (*) - if a parameter has a mandatory value, which can always be
- represented as a number or a sequence-set, the parameter value does
- not need the enclosing (). See ABNF for more details.
-
-2.2. Extended CREATE Command
-
- Arguments: mailbox name
- OPTIONAL list of CREATE parameters
-
- Responses: no specific responses for this command
-
- Result: OK - create completed
- NO - create failure: cannot create mailbox with
- that name
- BAD - argument(s) invalid
-
-
-
-Melnikov & Daboo Standards Track [Page 4]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- This document adds the ability to include one or more parameters with
- the IMAP CREATE command (see section 6.3.3 of [IMAP4]), to turn on or
- off certain standard behaviors, or to add new optional behaviors
- required for a particular extension. No CREATE parameters are
- defined in this document.
-
- Optional parameters to the CREATE command are added as a
- parenthesized list of attribute/value pairs after the mailbox name.
- The order of individual parameters is arbitrary. A parameter value
- is optional and may consist of atoms, strings, or lists in a specific
- order. If the parameter value is present, it always appears in
- parentheses (*). Any parameter not defined by extensions that the
- server supports must be rejected with a BAD response.
-
- (*) - if a parameter has a mandatory value, which can always be
- represented as a number or a sequence-set, the parameter value does
- not need the enclosing (). See ABNF for more details.
-
-2.3. Extended RENAME Command
-
- Arguments: existing mailbox name
- new mailbox name
- OPTIONAL list of RENAME parameters
-
- Responses: no specific responses for this command
-
- Result: OK - rename completed
- NO - rename failure: cannot rename mailbox with
- that name, cannot rename to mailbox with
- that name, etc.
- BAD - argument(s) invalid
-
- This document adds the ability to include one or more parameters with
- the IMAP RENAME command (see section 6.3.5 of [IMAP4]), to turn on or
- off certain standard behaviors, or to add new optional behaviors
- required for a particular extension. No RENAME parameters are
- defined in this document.
-
- Optional parameters to the RENAME command are added as a
- parenthesized list of attribute/value pairs after the new mailbox
- name. The order of individual parameters is arbitrary. A parameter
- value is optional and may consist of atoms, strings, or lists in a
- specific order. If the parameter value is present, it always appears
- in parentheses (*). Any parameter not defined by extensions that the
- server supports must be rejected with a BAD response.
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 5]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- (*) - if a parameter has a mandatory value, which can always be
- represented as a number or a sequence-set, the parameter value does
- not need the enclosing (). See ABNF for more details.
-
-2.4. Extensions to FETCH and UID FETCH Commands
-
- Arguments: sequence set
- message data item names or macro
- OPTIONAL fetch modifiers
-
- Responses: untagged responses: FETCH
-
- Result: OK - fetch completed
- NO - fetch error: cannot fetch that data
- BAD - command unknown or arguments invalid
-
- This document extends the syntax of the FETCH and UID FETCH commands
- (see section 6.4.5 of [IMAP4]) to include optional FETCH modifiers.
- No fetch modifiers are defined in this document.
-
- The order of individual modifiers is arbitrary. Each modifier is an
- attribute/value pair. A modifier value is optional and may consist
- of atoms and/or strings and/or lists in a specific order. If the
- modifier value is present, it always appears in parentheses (*). Any
- modifiers not defined by extensions that the server supports must be
- rejected with a BAD response.
-
- (*) - if a modifier has a mandatory value, which can always be
- represented as a number or a sequence-set, the modifier value does
- not need the enclosing (). See ABNF for more details.
-
-2.5. Extensions to STORE and UID STORE Commands
-
- Arguments: message set
- OPTIONAL store modifiers
- message data item name
- value for message data item
-
- Responses: untagged responses: FETCH
-
- Result: OK - store completed
- NO - store error: cannot store that data
- BAD - command unknown or arguments invalid
-
- This document extends the syntax of the STORE and UID STORE commands
- (see section 6.4.6 of [IMAP4]) to include optional STORE modifiers.
- No store modifiers are defined in this document.
-
-
-
-
-Melnikov & Daboo Standards Track [Page 6]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- The order of individual modifiers is arbitrary. Each modifier is an
- attribute/value pair. A modifier value is optional and may consist
- of atoms and/or strings and/or lists in a specific order. If the
- modifier value is present, it always appears in parentheses (*). Any
- modifiers not defined by extensions that the server supports must be
- rejected with a BAD response.
-
- (*) - if a modifier has a mandatory value, which can always be
- represented as a number or a sequence-set, the modifier value does
- not need the enclosing (). See ABNF for more details.
-
-2.6. Extensions to SEARCH Command
-
-2.6.1. Extended SEARCH Command
-
- Arguments: OPTIONAL result specifier
- OPTIONAL [CHARSET] specification
- searching criteria (one or more)
-
- Responses: REQUIRED untagged response: SEARCH (*)
-
- Result: OK - search completed
- NO - search error: cannot search that [CHARSET] or
- criteria
- BAD - command unknown or arguments invalid
-
- This section updates definition of the SEARCH command described in
- section 6.4.4 of [IMAP4].
-
- The SEARCH command is extended to allow for result options. This
- document does not define any result options.
-
- The order of individual options is arbitrary. Individual options may
- contain parameters enclosed in parentheses (**). If an option has
- parameters, they consist of atoms and/or strings and/or lists in a
- specific order. Any options not defined by extensions that the
- server supports must be rejected with a BAD response.
-
- (*) - An extension to the SEARCH command may require another untagged
- response, or no untagged response to be returned. Section 2.6.2
- defines a new ESEARCH untagged response that replaces the SEARCH
- untagged response. Note that for a given extended SEARCH command the
- SEARCH and ESEARCH responses SHOULD be mutually exclusive, i.e., only
- one of them should be returned.
-
- (**) - if an option has a mandatory parameter, which can always be
- represented as a number or a sequence-set, the option parameter does
- not need the enclosing (). See ABNF for more details.
-
-
-
-Melnikov & Daboo Standards Track [Page 7]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
-2.6.2. ESEARCH untagged response
-
- Contents: one or more search-return-data pairs
-
- The ESEARCH response SHOULD be sent as a result of an extended SEARCH
- or UID SEARCH command specified in section 2.6.1.
-
- The ESEARCH response starts with an optional search correlator. If
- it is missing, then the response was not caused by a particular IMAP
- command, whereas if it is present, it contains the tag of the command
- that caused the response to be returned.
-
- The search correlator is followed by an optional UID indicator. If
- this indicator is present, all data in the ESEARCH response refers to
- UIDs, otherwise all returned data refers to message numbers.
-
- The rest of the ESEARCH response contains one or more search data
- pairs. Each pair starts with unique return item name, followed by a
- space and the corresponding data. Search data pairs may be returned
- in any order. Unless specified otherwise by an extension, any return
- item name SHOULD appear only once in an ESEARCH response.
-
- Example: S: * ESEARCH UID COUNT 5 ALL 4:19,21,28
-
- Example: S: * ESEARCH (TAG "a567") UID COUNT 5 ALL 4:19,21,28
-
- Example: S: * ESEARCH COUNT 5 ALL 1:17,21
-
-2.7. Extensions to APPEND Command
-
- The IMAP BINARY extension [BINARY] extends the APPEND command to
- allow a client to append data containing NULs by using the <literal8>
- syntax. The ABNF was rewritten to allow for easier extensibility by
- IMAP extensions. This document hasn't specified any semantical
- changes to the [BINARY] extension.
-
- In addition, the non-terminal "literal8" defined in [BINARY] got
- extended to allow for non-synchronizing literals if both [BINARY] and
- [LITERAL+] extensions are supported by the server.
-
- The IMAP MULTIAPPEND extension [MULTIAPPEND] extends the APPEND
- command to allow a client to append multiple messages atomically.
- This document defines a common syntax for the APPEND command that
- takes into consideration syntactic extensions defined by both
- [BINARY] and [MULTIAPPEND] extensions.
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 8]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
-3. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF].
-
- Non-terminals referenced but not defined below are as defined by
- [IMAP4].
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of uppercase or lowercase characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- append = "APPEND" SP mailbox 1*append-message
- ;; only a single append-message may appear
- ;; if MULTIAPPEND [MULTIAPPEND] capability
- ;; is not present
-
- append-message = append-opts SP append-data
-
- append-ext = append-ext-name SP append-ext-value
- ;; This non-terminal define extensions to
- ;; to message metadata.
-
- append-ext-name = tagged-ext-label
-
- append-ext-value= tagged-ext-val
- ;; This non-terminal shows recommended syntax
- ;; for future extensions.
-
-
- append-data = literal / literal8 / append-data-ext
-
- append-data-ext = tagged-ext
- ;; This non-terminal shows recommended syntax
- ;; for future extensions,
- ;; i.e., a mandatory label followed
- ;; by parameters.
-
- append-opts = [SP flag-list] [SP date-time] *(SP append-ext)
- ;; message metadata
-
- charset = atom / quoted
- ;; Exact syntax is defined in [CHARSET].
-
- create = "CREATE" SP mailbox
- [create-params]
- ;; Use of INBOX gives a NO error.
-
-
-
-Melnikov & Daboo Standards Track [Page 9]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- create-params = SP "(" create-param *( SP create-param) ")"
-
- create-param-name = tagged-ext-label
-
- create-param = create-param-name [SP create-param-value]
-
- create-param-value= tagged-ext-val
- ;; This non-terminal shows recommended syntax
- ;; for future extensions.
-
-
- esearch-response = "ESEARCH" [search-correlator] [SP "UID"]
- *(SP search-return-data)
- ;; Note that SEARCH and ESEARCH responses
- ;; SHOULD be mutually exclusive,
- ;; i.e., only one of the response types
- ;; should be
- ;; returned as a result of a command.
-
-
- examine = "EXAMINE" SP mailbox [select-params]
- ;; modifies the original IMAP EXAMINE command
- ;; to accept optional parameters
-
- fetch = "FETCH" SP sequence-set SP ("ALL" / "FULL" /
- "FAST" / fetch-att /
- "(" fetch-att *(SP fetch-att) ")")
- [fetch-modifiers]
- ;; modifies the original IMAP4 FETCH command to
- ;; accept optional modifiers
-
- fetch-modifiers = SP "(" fetch-modifier *(SP fetch-modifier) ")"
-
- fetch-modifier = fetch-modifier-name [ SP fetch-modif-params ]
-
- fetch-modif-params = tagged-ext-val
- ;; This non-terminal shows recommended syntax
- ;; for future extensions.
-
- fetch-modifier-name = tagged-ext-label
-
- literal8 = "~{" number ["+"] "}" CRLF *OCTET
- ;; A string that might contain NULs.
- ;; <number> represents the number of OCTETs
- ;; in the response string.
- ;; The "+" is only allowed when both LITERAL+ and
- ;; BINARY extensions are supported by the server.
-
-
-
-
-Melnikov & Daboo Standards Track [Page 10]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- mailbox-data =/ Namespace-Response /
- esearch-response
-
- Namespace = nil / "(" 1*Namespace-Descr ")"
-
- Namespace-Command = "NAMESPACE"
-
- Namespace-Descr = "(" string SP
- (DQUOTE QUOTED-CHAR DQUOTE / nil)
- *(Namespace-Response-Extension) ")"
-
- Namespace-Response-Extension = SP string SP
- "(" string *(SP string) ")"
-
- Namespace-Response = "NAMESPACE" SP Namespace
- SP Namespace SP Namespace
- ;; This response is currently only allowed
- ;; if the IMAP server supports [NAMESPACE].
- ;; The first Namespace is the Personal Namespace(s)
- ;; The second Namespace is the Other Users' Namespace(s)
- ;; The third Namespace is the Shared Namespace(s)
-
- rename = "RENAME" SP mailbox SP mailbox
- [rename-params]
- ;; Use of INBOX as a destination gives
- ;; a NO error, unless rename-params
- ;; is not empty.
-
- rename-params = SP "(" rename-param *( SP rename-param) ")"
-
- rename-param = rename-param-name [SP rename-param-value]
-
- rename-param-name = tagged-ext-label
-
- rename-param-value= tagged-ext-val
- ;; This non-terminal shows recommended syntax
- ;; for future extensions.
-
-
- response-data = "*" SP response-payload CRLF
-
- response-payload= resp-cond-state / resp-cond-bye /
- mailbox-data / message-data / capability-data
-
- search = "SEARCH" [search-return-opts]
- SP search-program
-
- search-correlator = SP "(" "TAG" SP tag-string ")"
-
-
-
-Melnikov & Daboo Standards Track [Page 11]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- search-program = ["CHARSET" SP charset SP]
- search-key *(SP search-key)
- ;; CHARSET argument to SEARCH MUST be
- ;; registered with IANA.
-
- search-return-data = search-modifier-name SP search-return-value
- ;; Note that not every SEARCH return option
- ;; is required to have the corresponding
- ;; ESEARCH return data.
-
- search-return-opts = SP "RETURN" SP "(" [search-return-opt
- *(SP search-return-opt)] ")"
-
- search-return-opt = search-modifier-name [SP search-mod-params]
-
- search-return-value = tagged-ext-val
- ;; Data for the returned search option.
- ;; A single "nz-number"/"number" value
- ;; can be returned as an atom (i.e., without
- ;; quoting). A sequence-set can be returned
- ;; as an atom as well.
-
- search-modifier-name = tagged-ext-label
-
- search-mod-params = tagged-ext-val
- ;; This non-terminal shows recommended syntax
- ;; for future extensions.
-
-
- select = "SELECT" SP mailbox [select-params]
- ;; modifies the original IMAP SELECT command to
- ;; accept optional parameters
-
- select-params = SP "(" select-param *(SP select-param) ")"
-
- select-param = select-param-name [SP select-param-value]
- ;; a parameter to SELECT may contain one or
- ;; more atoms and/or strings and/or lists.
-
- select-param-name= tagged-ext-label
-
- select-param-value= tagged-ext-val
- ;; This non-terminal shows recommended syntax
- ;; for future extensions.
-
-
- status-att-list = status-att-val *(SP status-att-val)
- ;; Redefines status-att-list from RFC 3501.
-
-
-
-Melnikov & Daboo Standards Track [Page 12]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- ;; status-att-val is defined in RFC 3501 errata
-
- status-att-val = ("MESSAGES" SP number) /
- ("RECENT" SP number) /
- ("UIDNEXT" SP nz-number) /
- ("UIDVALIDITY" SP nz-number) /
- ("UNSEEN" SP number)
- ;; Extensions to the STATUS responses
- ;; should extend this production.
- ;; Extensions should use the generic
- ;; syntax defined by tagged-ext.
-
- store = "STORE" SP sequence-set [store-modifiers]
- SP store-att-flags
- ;; extend [IMAP4] STORE command syntax
- ;; to allow for optional store-modifiers
-
- store-modifiers = SP "(" store-modifier *(SP store-modifier)
- ")"
-
- store-modifier = store-modifier-name [SP store-modif-params]
-
- store-modif-params = tagged-ext-val
- ;; This non-terminal shows recommended syntax
- ;; for future extensions.
-
- store-modifier-name = tagged-ext-label
-
- tag-string = string
- ;; tag of the command that caused
- ;; the ESEARCH response, sent as
- ;; a string.
-
- tagged-ext = tagged-ext-label SP tagged-ext-val
- ;; recommended overarching syntax for
- ;; extensions
-
- tagged-ext-label = tagged-label-fchar *tagged-label-char
- ;; Is a valid RFC 3501 "atom".
-
- tagged-label-fchar = ALPHA / "-" / "_" / "."
-
- tagged-label-char = tagged-label-fchar / DIGIT / ":"
-
-
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 13]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
- tagged-ext-comp = astring /
- tagged-ext-comp *(SP tagged-ext-comp) /
- "(" tagged-ext-comp ")"
- ;; Extensions that follow this general
- ;; syntax should use nstring instead of
- ;; astring when appropriate in the context
- ;; of the extension.
- ;; Note that a message set or a "number"
- ;; can always be represented as an "atom".
- ;; An URL should be represented as
- ;; a "quoted" string.
-
- tagged-ext-simple = sequence-set / number
-
- tagged-ext-val = tagged-ext-simple /
- "(" [tagged-ext-comp] ")"
-
-4. Security Considerations
-
- This document updates ABNF in RFCs 2088, 2342, 3501, 3502, and 3516.
- The updated documents must be consulted for security considerations
- for the extensions that they define.
-
- As a protocol gets more complex, parser bugs become more common
- including buffer overflow, denial of service, and other common
- security coding errors. To the extent that this document makes the
- parser more complex, it makes this situation worse. To the extent
- that this document makes the parser more consistent and thus simpler,
- the situation is improved. The impact will depend on how many
- deployed IMAP extensions are consistent with this document.
- Implementers are encouraged to take care of these issues when
- extending existing implementations. Future IMAP extensions should
- strive for consistency and simplicity to the greatest extent
- possible.
-
- Extensions to IMAP commands that are permitted in NOT AUTHENTICATED
- state are more sensitive to these security issues due to the larger
- possible attacker community prior to authentication, and the fact
- that some IMAP servers run with elevated privileges in that state.
- This document does not extend any commands permitted in NOT
- AUTHENTICATED state. Future IMAP extensions to commands permitted in
- NOT AUTHENTICATED state should favor simplicity over consistency or
- extensibility.
-
-
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 14]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
-5. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL -
- VERSION 4rev1", RFC 3501, March 2003.
-
- [ABNF] Crocker, D., Ed., and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 4234, October 2005.
-
- [CHARSET] Freed, N. and J. Postel, "IANA Charset Registration
- Procedures", BCP 19, RFC 2978, October 2000.
-
- [MULTIAPPEND] Crispin, M., "Internet Message Access Protocol (IMAP) -
- MULTIAPPEND Extension", RFC 3502, March 2003.
-
- [NAMESPACE] Gahrns, M. and C. Newman, "IMAP4 Namespace", RFC 2342,
- May 1998.
-
- [LITERAL+] Myers, J., "IMAP4 non-synchronizing literals", RFC
- 2088, January 1997.
-
- [BINARY] Nerenberg, L., "IMAP4 Binary Content Extension", RFC
- 3516, April 2003.
-
-6. Acknowledgements
-
- This documents is based on ideas proposed by Pete Resnick, Mark
- Crispin, Ken Murchison, Philip Guenther, Randall Gellens, and Lyndon
- Nerenberg.
-
- However, all errors and omissions must be attributed to the authors
- of the document.
-
- Thanks to Philip Guenther, Dave Cridland, Mark Crispin, Chris Newman,
- Elwyn Davies, and Barry Leiba for comments and corrections.
-
- literal8 syntax was taken from RFC 3516.
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 15]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
-Authors' Addresses
-
- Alexey Melnikov
- Isode Limited
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex, TW12 2BX
- UK
-
- EMail: Alexey.Melnikov@isode.com
-
-
- Cyrus Daboo
-
- EMail: cyrus@daboo.name
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 16]
-
-RFC 4466 Collected Extensions to IMAP4 ABNF April 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Melnikov & Daboo Standards Track [Page 17]
-
diff --git a/imap/docs/rfc/rfc4467.txt b/imap/docs/rfc/rfc4467.txt
deleted file mode 100644
index 83b6516a..00000000
--- a/imap/docs/rfc/rfc4467.txt
+++ /dev/null
@@ -1,1011 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 4467 University of Washington
-Updates: 3501 May 2006
-Category: Standards Track
-
-
- Internet Message Access Protocol (IMAP) - URLAUTH Extension
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- This document describes the URLAUTH extension to the Internet Message
- Access Protocol (IMAP) (RFC 3501) and the IMAP URL Scheme (IMAPURL)
- (RFC 2192). This extension provides a means by which an IMAP client
- can use URLs carrying authorization to access limited message data on
- the IMAP server.
-
- An IMAP server that supports this extension indicates this with a
- capability name of "URLAUTH".
-
-1. Introduction
-
- In [IMAPURL], a URL of the form imap://fred@example.com/INBOX/;uid=20
- requires authorization as userid "fred". However, [IMAPURL] implies
- that it only supports authentication and confuses the concepts of
- authentication and authorization.
-
- The URLAUTH extension defines an authorization mechanism for IMAP
- URLs to replace [IMAPURL]'s authentication-only mechanism. URLAUTH
- conveys authorization in the URL string itself and reuses a portion
- of the syntax of the [IMAPURL] authentication mechanism to convey the
- authorization identity (which also defines the default namespace in
- [IMAP]).
-
- The URLAUTH extension provides a means by which an authorized user of
- an IMAP server can create URLAUTH-authorized IMAP URLs. A URLAUTH-
- authorized URL conveys authorization (not authentication) to the data
-
-
-
-Crispin Standards Track [Page 1]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
- addressed by that URL. This URL can be used in another IMAP session
- to access specific content on the IMAP server, without otherwise
- providing authorization to any other data (such as other data in the
- mailbox specified in the URL) owned by the authorizing user.
-
- Conceptually, a URLAUTH-authorized URL can be thought of as a "pawn
- ticket" that carries no authentication information and can be
- redeemed by whomever presents it. However, unlike a pawn ticket,
- URLAUTH has optional mechanisms to restrict the usage of a URLAUTH-
- authorized URL. Using these mechanisms, URLAUTH-authorized URLs can
- be usable by:
-
- . anonymous (the "pawn ticket" model)
- . authenticated users only
- . a specific authenticated user only
- . message submission acting on behalf of a specific user only
-
- There is also a mechanism for expiration.
-
- A URLAUTH-authorized URL can be used in the argument to the BURL
- command in message composition, as described in [BURL], for such
- purposes as allowing a client (with limited memory or other
- resources) to submit a message forward or to resend from an IMAP
- mailbox without requiring the client to fetch that message data.
-
- The URLAUTH is generated using an authorization mechanism name and an
- authorization token, which is generated using a secret mailbox access
- key. An IMAP client can request that the server generate and assign
- a new mailbox access key (thus effectively revoking all current URLs
- using URLAUTH with the old mailbox access key) but cannot set the
- mailbox access key to a key of its own choosing.
-
-1.1. Conventions Used in this Document
-
- The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
- in this document are to be interpreted as defined in [KEYWORDS].
-
- The formal syntax uses the Augmented Backus-Naur Form (ABNF) notation
- including the core rules defined in Appendix A of [ABNF].
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively. If a single "C:" or "S:" label applies to
- multiple lines, then the line breaks between those lines are for
- editorial clarity only and are not part of the actual protocol
- exchange.
-
-
-
-
-
-
-Crispin Standards Track [Page 2]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-2. Concepts
-
-2.1. URLAUTH
-
- The URLAUTH is a component, appended at the end of a URL, that
- conveys authorization to access the data addressed by that URL. It
- contains an authorized access identifier, an authorization mechanism
- name, and an authorization token. The authorization token is
- generated from the URL, the authorized access identifier, the
- authorization mechanism name, and a mailbox access key.
-
-2.2. Mailbox Access Key
-
- The mailbox access key is a random string with at least 128 bits of
- entropy. It is generated by software (not by the human user) and
- MUST be unpredictable.
-
- Each user has a table of mailboxes and an associated mailbox access
- key for each mailbox. Consequently, the mailbox access key is per-
- user and per-mailbox. In other words, two users sharing the same
- mailbox each have a different mailbox access key for that mailbox,
- and each mailbox accessed by a single user also has a different
- mailbox access key.
-
-2.3. Authorized Access Identifier
-
- The authorized access identifier restricts use of the URLAUTH
- authorized URL to certain users authorized on the server, as
- described in section 3.
-
-2.4. Authorization Mechanism
-
- The authorization mechanism is the algorithm by which the URLAUTH is
- generated and subsequently verified, using the mailbox access key.
-
-2.4.1. INTERNAL Authorization Mechanism
-
- This specification defines the INTERNAL mechanism, which uses a token
- generation algorithm of the server's choosing and does not involve
- disclosure of the mailbox access key to the client.
-
- Note: The token generation algorithm chosen by the server
- implementation should be modern and reasonably secure. At the
- time of the writing of this document, an [HMAC] such as HMAC-SHA1
- is recommended.
-
-
-
-
-
-
-Crispin Standards Track [Page 3]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
- If it becomes necessary to change the token generation algorithm
- of the INTERNAL mechanism (e.g., because an attack against the
- current algorithm has been discovered), all currently existing
- URLAUTH-authorized URLs are invalidated by the change in
- algorithm. Since this would be an unpleasant surprise to
- applications that depend upon the validity of a URLAUTH-authorized
- URL, and there is no good way to do a bulk update of existing
- deployed URLs, it is best to avoid this situation by using a
- secure algorithm as opposed to one that is "good enough".
-
- Server implementations SHOULD consider the possibility of changing
- the algorithm. In some cases, it may be desirable to implement
- the change of algorithm in a way that newly-generated tokens use
- the new algorithm, but that for a limited period of time tokens
- using either the new or old algorithm can be validated.
- Consequently, the server SHOULD incorporate some means of
- identifying the token generation algorithm within the token.
-
- Although this specification is extensible for other mechanisms, none
- are defined in this document. In addition to the mechanism name
- itself, other mechanisms may have mechanism-specific data, which is
- to be interpreted according to the definition of that mechanism.
-
-2.5. Authorization Token
-
- The authorization token is a deterministic string of at least 128
- bits that an entity with knowledge of the secret mailbox access key
- and URL authorization mechanism can use to verify the URL.
-
-3. IMAP URL Extensions
-
- [IMAPURL] is extended by allowing the addition of
- ";EXPIRE=<datetime>" and ";URLAUTH=<access>:<mech>:<token>" to IMAP
- URLs that refer to a specific message or message parts.
-
- The URLAUTH is comprised of ";URLAUTH=<access>:<mech>:<token>" and
- MUST be at the end of the URL.
-
- URLAUTH does not apply to, and MUST NOT be used with, any IMAP URL
- that refers to an entire IMAP server, a list of mailboxes, an entire
- IMAP mailbox, or IMAP search results.
-
- When ";EXPIRE=<datetime>" is used, this indicates the latest date and
- time that the URL is valid. After that date and time, the URL has
- expired, and server implementations MUST reject the URL. If
- ";EXPIRE=<datetime>" is not used, the URL has no expiration, but
- still can be revoked as discussed below.
-
-
-
-
-Crispin Standards Track [Page 4]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
- The URLAUTH takes the form ";URLAUTH=<access>:<mech>:<token>". It is
- composed of three parts. The <access> portion provides the
- authorized access identifiers, which may constrain the operations and
- users that are permitted to use this URL. The <mech> portion
- provides the authorization mechanism used by the IMAP server to
- generate the authorization token that follows. The <token> portion
- provides the authorization token.
-
- The "submit+" access identifier prefix, followed by a userid,
- indicates that only a userid authorized as a message submission
- entity on behalf of the specified userid is permitted to use this
- URL. The IMAP server does not validate the specified userid but does
- validate that the IMAP session has an authorization identity that is
- authorized as a message submission entity. The authorized message
- submission entity MUST validate the userid prior to contacting the
- IMAP server.
-
- The "user+" access identifier prefix, followed by a userid, indicates
- that use of this URL is limited to IMAP sessions that are logged in
- as the specified userid (that is, have authorization identity as that
- userid).
-
- Note: If a SASL mechanism that provides both authorization and
- authentication identifiers is used to authenticate to the IMAP
- server, the "user+" access identifier MUST match the authorization
- identifier.
-
- The "authuser" access identifier indicates that use of this URL is
- limited to IMAP sessions that are logged in as an authorized user
- (that is, have authorization identity as an authorized user) of that
- IMAP server. Use of this URL is prohibited to anonymous IMAP
- sessions.
-
- The "anonymous" access identifier indicates that use of this URL is
- not restricted by session authorization identity; that is, any IMAP
- session in authenticated or selected state (as defined in [IMAP]),
- including anonymous sessions, may issue a URLFETCH using this URL.
-
- The authorization token is represented as an ASCII-encoded
- hexadecimal string, which is used to authorize the URL. The length
- and the calculation of the authorization token depends upon the
- mechanism used; but, in all cases, the authorization token is at
- least 128 bits (and therefore at least 32 hexadecimal digits).
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 5]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-4. Discussion of URLAUTH Authorization Issues
-
- In [IMAPURL], the userid before the "@" in the URL has two purposes:
-
- 1) It provides context for user-specific mailbox paths such as
- "INBOX".
-
- 2) It specifies that resolution of the URL requires logging in as
- that user and limits use of that URL to only that user.
-
- An obvious limitation of using the same field for both purposes is
- that the URL can only be resolved by the mailbox owner.
-
- URLAUTH overrides the second purpose of the userid in the IMAP URL
- and by default permits the URL to be resolved by any user permitted
- by the access identifier.
-
- The "user+<userid>" access identifier limits resolution of that URL
- to a particular userid, whereas the "submit+<userid>" access
- identifier is more general and simply requires that the session be
- authorized by a user that has been granted a "submit" role within the
- authentication system. Use of either of these access identifiers
- makes it impossible for an attacker, spying on the session, to use
- the same URL, either directly or by submission to a message
- submission entity.
-
- The "authuser" and "anonymous" access identifiers do not have this
- level of protection and should be used with caution. These access
- identifiers are primarily useful for public export of data from an
- IMAP server, without requiring that it be copied to a web or
- anonymous FTP server. Refer to the Security Considerations for more
- details.
-
-5. Generation of URLAUTH-Authorized URLs
-
- A URLAUTH-authorized URL is generated from an initial URL as follows:
-
- An initial URL is built, ending with ";URLAUTH=<access>" but without
- the ":<mech>:<token>" components. An authorization mechanism is
- selected and used to calculate the authorization token, with the
- initial URL as the data and a secret known to the IMAP server as the
- key. The URLAUTH-authorized URL is generated by taking the initial
- URL and appending ":", the URL authorization mechanism name, ":", and
- the ASCII-encoded hexadecimal representation of the authorization
- token.
-
-
-
-
-
-
-Crispin Standards Track [Page 6]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
- Note: ASCII-encoded hexadecimal is used instead of BASE64 because
- a BASE64 representation may have "=" padding characters, which
- would be problematic in a URL.
-
- In the INTERNAL mechanism, the mailbox access key for that mailbox is
- the secret known to the IMAP server, and a server-selected algorithm
- is used as described in section 2.4.1.
-
-6. Validation of URLAUTH-authorized URLs
-
- A URLAUTH-authorized URL is validated as follows:
-
- The URL is split at the ":" that separates "<access>" from
- "<mech>:<token>" in the ";URLAUTH=<access>:<mech>:<token>" portion of
- the URL. The "<mech>:<token>" portion is first parsed and saved as
- the authorization mechanism and the authorization token. The URL is
- truncated, discarding the ":" described above, to create a "rump URL"
- (the URL minus the ":" and the "<mech>:<token>" portion). The rump
- URL is then analyzed to identify the mailbox.
-
- If the mailbox cannot be identified, an authorization token is
- calculated on the rump URL, using random "plausible" keys (selected
- by the server) as needed, before returning a validation failure.
- This prevents timing attacks aimed at identifying mailbox names.
-
- If the mailbox can be identified, the authorization token is
- calculated on the rump URL and a secret known to the IMAP server
- using the given URL authorization mechanism. Validation is
- successful if, and only if, the calculated authorization token for
- that mechanism matches the authorization token supplied in
- ";URLAUTH=<access>:<mech>:<token>".
-
- Removal of the ":<mech>:<token>" portion of the URL MUST be the only
- operation applied to the URLAUTH-authorized URL to get the rump URL.
- In particular, URL percent escape decoding and case-folding
- (including to the domain part of the URL) MUST NOT occur.
-
- In the INTERNAL mechanism, the mailbox access key for that mailbox is
- used as the secret known to the IMAP server, and the same server-
- selected algorithm used for generating URLs is used to calculate the
- authorization token for verification.
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 7]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-7. Additional Commands
-
- These commands are extensions to the [IMAP] base protocol.
-
- The section headings of these commands are intended to correspond
- with where they would be located in the base protocol document if
- they were part of that document.
-
-BASE.6.3.RESETKEY. RESETKEY Command
-
- Arguments: optional mailbox name
- optional mechanism name(s)
-
- Responses: none other than in result
-
- Result: OK - RESETKEY completed, URLMECH containing new data
- NO - RESETKEY error: can't change key of that mailbox
- BAD - command unknown or arguments invalid
-
- The RESETKEY command has two forms.
-
- The first form accepts a mailbox name as an argument and generates a
- new mailbox access key for the given mailbox in the user's mailbox
- access key table, replacing any previous mailbox access key (and
- revoking any URLs that were authorized with a URLAUTH using that key)
- in that table. By default, the mailbox access key is generated for
- the INTERNAL mechanism; other mechanisms can be specified with the
- optional mechanism argument.
-
- The second form, with no arguments, removes all mailbox access keys
- in the user's mailbox access key table, revoking all URLs currently
- authorized using URLAUTH by the user.
-
- Any current IMAP session logged in as the user that has the mailbox
- selected will receive an untagged OK response with the URLMECH status
- response code (see section BASE.7.1.URLMECH for more details about
- the URLMECH status response code).
-
- Example:
-
- C: a31 RESETKEY
- S: a31 OK All keys removed
- C: a32 RESETKEY INBOX
- S: a32 OK [URLMECH INTERNAL] mechs
- C: a33 RESETKEY INBOX XSAMPLE
- S: a33 OK [URLMECH INTERNAL XSAMPLE=P34OKhO7VEkCbsiYY8rGEg==] done
-
-
-
-
-
-Crispin Standards Track [Page 8]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-BASE.6.3.GENURLAUTH. GENURLAUTH Command
-
- Argument: one or more URL/mechanism pairs
-
- Response: untagged response: GENURLAUTH
-
- Result: OK - GENURLAUTH completed
- NO - GENURLAUTH error: can't generate a URLAUTH
- BAD - command unknown or arguments invalid
-
- The GENURLAUTH command requests that the server generate a URLAUTH-
- authorized URL for each of the given URLs using the given URL
- authorization mechanism.
-
- The server MUST validate each supplied URL as follows:
-
- (1) The mailbox component of the URL MUST refer to an existing
- mailbox.
-
- (2) The server component of the URL MUST contain a valid userid
- that identifies the owner of the mailbox access key table that
- will be used to generate the URLAUTH-authorized URL. As a
- consequence, the iserver rule of [IMAPURL] is modified so that
- iuserauth is mandatory.
-
- Note: the server component of the URL is generally the
- logged in userid and server. If not, then the logged in
- userid and server MUST have owner-type access to the
- mailbox access key table owned by the userid and server
- indicated by the server component of the URL.
-
- (3) There is a valid access identifier that, in the case of
- "submit+" and "user+", will contain a valid userid. This
- userid is not necessarily the same as the owner userid
- described in (2).
-
- (4) The server MAY also verify that the iuid and/or isection
- components (if present) are valid.
-
- If any of the above checks fail, the server MUST return a tagged BAD
- response with the following exception. If an invalid userid is
- supplied as the mailbox access key owner and/or as part of the access
- identifier, the server MAY issue a tagged OK response with a
- generated mailbox key that always fails validation when used with a
- URLFETCH command. This exception prevents an attacker from
- validating userids.
-
-
-
-
-
-Crispin Standards Track [Page 9]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
- If there is currently no mailbox access key for the given mailbox in
- the owner's mailbox access key table, one is automatically generated.
- That is, it is not necessary to use RESETKEY prior to first-time use
- of GENURLAUTH.
-
- If the command is successful, a GENURLAUTH response code is returned
- listing the requested URLs as URLAUTH-authorized URLs.
-
- Examples:
-
- C: a775 GENURLAUTH "imap://joe@example.com/INBOX/;uid=20/
- ;section=1.2" INTERNAL
- S: a775 BAD missing access identifier in supplied URL
- C: a776 GENURLAUTH "imap://example.com/Shared/;uid=20/
- ;section=1.2;urlauth=submit+fred" INTERNAL
- S: a776 BAD missing owner username in supplied URL
- C: a777 GENURLAUTH "imap://joe@example.com/INBOX/;uid=20/
- ;section=1.2;urlauth=submit+fred" INTERNAL
- S: * GENURLAUTH "imap://joe@example.com/INBOX/;uid=20/;section=1.2
- ;urlauth=submit+fred:internal:91354a473744909de610943775f92038"
- S: a777 OK GENURLAUTH completed
-
-BASE.6.3.URLFETCH. URLFETCH Command
-
- Argument: one or more URLs
-
- Response: untagged response: URLFETCH
-
- Result: OK - urlfetch completed
- NO - urlfetch failed due to server internal error
- BAD - command unknown or arguments invalid
-
- The URLFETCH command requests that the server return the text data
- associated with the specified IMAP URLs, as described in [IMAPURL]
- and extended by this document. The data is returned for all
- validated URLs, regardless of whether or not the session would
- otherwise be able to access the mailbox containing that data via
- SELECT or EXAMINE.
-
- Note: This command does not require that the URL refer to the
- selected mailbox; nor does it require that any mailbox be
- selected. It also does not in any way interfere with any selected
- mailbox.
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 10]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
- The URLFETCH command effectively executes with the access of the
- userid in the server component of the URL (which is generally the
- userid that issued the GENURLAUTH). By itself, the URLAUTH does NOT
- grant access to the data; once validated, it grants whatever access
- to the data is held by the userid in the server component of the URL.
- That access may have changed since the GENURLAUTH was done.
-
- The URLFETCH command MUST return an untagged URLFETCH response and a
- tagged OK response to any URLFETCH command that is syntactically
- valid. A NO response indicates a server internal failure that may be
- resolved on later retry.
-
- Note: The possibility of a NO response is to accommodate
- implementations that would otherwise have to issue an untagged BYE
- with a fatal error due to an inability to respond to a valid
- request. In an ideal world, a server SHOULD NOT issue a NO
- response.
-
- The server MUST return NIL for any IMAP URL that references an entire
- IMAP server, a list of mailboxes, an entire IMAP mailbox, or IMAP
- search results.
-
- Example:
-
- Note: For clarity, this example uses the LOGIN command, which
- SHOULD NOT be used over a non-encrypted communication path.
-
- This example is of a submit server, obtaining a message segment
- for a message that it has already validated was submitted by
- "fred".
-
- S: * OK [CAPABILITY IMAP4REV1 URLAUTH] example.com IMAP server
- C: a001 LOGIN submitserver secret
- S: a001 OK submitserver logged in
- C: a002 URLFETCH "imap://joe@example.com/INBOX/;uid=20/
- ;section=1.2;urlauth=submit+fred:internal
- :91354a473744909de610943775f92038"
- S: * URLFETCH "imap://joe@example.com/INBOX/;uid=20/;section=1.2
- ;urlauth=submit+fred:internal
- :91354a473744909de610943775f92038" {28}
- S: Si vis pacem, para bellum.
- S:
- S: a002 OK URLFETCH completed
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 11]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-8. Additional Responses
-
- These responses are extensions to the [IMAP] base protocol.
-
- The section headings of these responses are intended to correspond
- with where they would be located in the base protocol document if
- they were part of that document.
-
-BASE.7.1.URLMECH. URLMECH Status Response Code
-
- The URLMECH status response code is followed by a list of URL
- authorization mechanism names. Mechanism names other than INTERNAL
- may be appended with an "=" and BASE64-encoded form of mechanism-
- specific data.
-
- This status response code is returned in an untagged OK response in
- response to a RESETKEY, SELECT, or EXAMINE command. In the case of
- the RESETKEY command, this status response code can be sent in the
- tagged OK response instead of requiring a separate untagged OK
- response.
-
- Example:
-
- C: a33 RESETKEY INBOX XSAMPLE
- S: a33 OK [URLMECH INTERNAL XSAMPLE=P34OKhO7VEkCbsiYY8rGEg==] done
-
- In this example, the server supports the INTERNAL mechanism and an
- experimental mechanism called XSAMPLE, which also holds some
- mechanism-specific data (the name "XSAMPLE" is for illustrative
- purposes only).
-
-BASE.7.4.GENURLAUTH. GENURLAUTH Response
-
- Contents: One or more URLs
-
- The GENURLAUTH response returns the URLAUTH-authorized URL(s)
- requested by a GENURLAUTH command.
-
- Example:
-
- C: a777 GENURLAUTH "imap://joe@example.com/INBOX/;uid=20/
- ;section=1.2;urlauth=submit+fred" INTERNAL
- S: * GENURLAUTH "imap://joe@example.com/INBOX/;uid=20/;section=1.2
- ;urlauth=submit+fred:internal:91354a473744909de610943775f92038"
- S: a777 OK GENURLAUTH completed
-
-
-
-
-
-
-Crispin Standards Track [Page 12]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-BASE.7.4.URLFETCH. URLFETCH Response
-
- Contents: One or more URL/nstring pairs
-
- The URLFETCH response returns the message text data associated with
- one or more IMAP URLs, as described in [IMAPURL] and extended by this
- document. This response occurs as the result of a URLFETCH command.
-
- The returned data string is NIL if the URL is invalid for any reason
- (including validation failure). If the URL is valid, but the IMAP
- fetch of the body part returned NIL (this should not happen), the
- returned data string should be the empty string ("") and not NIL.
-
- Note: This command does not require that the URL refer to the
- selected mailbox; nor does it require that any mailbox be
- selected. It also does not in any way interfere with any selected
- mailbox.
-
- Example:
-
- C: a002 URLFETCH "imap://joe@example.com/INBOX/;uid=20/
- ;section=1.2;urlauth=submit+fred:internal
- :91354a473744909de610943775f92038"
- S: * URLFETCH "imap://joe@example.com/INBOX/;uid=20/;section=1.2
- ;urlauth=submit+fred:internal
- :91354a473744909de610943775f92038" {28}
- S: Si vis pacem, para bellum.
- S:
- S: a002 OK URLFETCH completed
-
-9. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF].
-
- The following modifications are made to the Formal Syntax in [IMAP]:
-
-resetkey = "RESETKEY" [SP mailbox *(SP mechanism)]
-
-capability =/ "URLAUTH"
-
-command-auth =/ resetkey / genurlauth / urlfetch
-
-resp-text-code =/ "URLMECH" SP "INTERNAL" *(SP mechanism ["=" base64])
-
-genurlauth = "GENURLAUTH" 1*(SP url-rump SP mechanism)
-
-genurlauth-data = "*" SP "GENURLAUTH" 1*(SP url-full)
-
-
-
-Crispin Standards Track [Page 13]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-url-full = astring
- ; contains authimapurlfull as defined below
-
-url-rump = astring
- ; contains authimapurlrump as defined below
-
-urlfetch = "URLFETCH" 1*(SP url-full)
-
-urlfetch-data = "*" SP "URLFETCH" 1*(SP url-full SP nstring)
-
- The following extensions are made to the Formal Syntax in [IMAPURL]:
-
-authimapurl = "imap://" enc-user [iauth] "@" hostport "/"
- imessagepart
- ; replaces "imapurl" and "iserver" rules for
- ; URLAUTH authorized URLs
-
-authimapurlfull = authimapurl iurlauth
-
-authimapurlrump = authimapurl iurlauth-rump
-
-enc-urlauth = 32*HEXDIG
-
-enc-user = 1*achar
- ; same as "enc_user" in RFC 2192
-
-iurlauth = iurlauth-rump ":" mechanism ":" enc-urlauth
-
-iurlauth-rump = [expire] ";URLAUTH=" access
-
-access = ("submit+" enc-user) / ("user+" enc-user) /
- "authuser" / "anonymous"
-
-expire = ";EXPIRE=" date-time
- ; date-time defined in [DATETIME]
-
-mechanism = "INTERNAL" / 1*(ALPHA / DIGIT / "-" / ".")
- ; case-insensitive
- ; new mechanisms MUST be registered with IANA
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 14]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-10. Security Considerations
-
- Security considerations are discussed throughout this memo.
-
- The mailbox access key SHOULD have at least 128 bits of entropy
- (refer to [RANDOM] for more details) and MUST be unpredictable.
-
- The server implementation of the INTERNAL mechanism SHOULD consider
- the possibility of needing to change the token generation algorithm,
- and SHOULD incorporate some means of identifying the token generation
- algorithm within the token.
-
- The URLMECH status response code may expose sensitive data in the
- mechanism-specific data for mechanisms other than INTERNAL. A server
- implementation MUST implement a configuration that will not return a
- URLMECH status response code unless some mechanism is provided that
- protects the session from snooping, such as a TLS or SASL security
- layer that provides confidentiality protection.
-
- The calculation of an authorization token with a "plausible" key if
- the mailbox can not be identified is necessary to avoid attacks in
- which the server is probed to see if a particular mailbox exists on
- the server by measuring the amount of time taken to reject a known
- bad name versus some other name.
-
- To protect against a computational denial-of-service attack, a server
- MAY impose progressively longer delays on multiple URL requests that
- fail validation.
-
- The decision to use the "authuser" access identifier should be made
- with caution. An "authuser" access identifier can be used by any
- authorized user of the IMAP server; therefore, use of this access
- identifier should be limited to content that may be disclosed to any
- authorized user of the IMAP server.
-
- The decision to use the "anonymous" access identifier should be made
- with extreme caution. An "anonymous" access identifier can be used
- by anyone; therefore, use of this access identifier should be limited
- to content that may be disclosed to anyone. Many IMAP servers do not
- permit anonymous access; in this case, the "anonymous" access
- identifier is equivalent to "authuser", but this MUST NOT be relied
- upon.
-
- Although this specification does not prohibit the theoretical
- capability to generate a URL with a server component other than the
- logged in userid and server, this capability should only be provided
-
-
-
-
-
-Crispin Standards Track [Page 15]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
- when the logged in userid/server has been authorized as equivalent to
- the server component userid/server, or otherwise has access to that
- userid/server mailbox access key table.
-
-11. IANA Considerations
-
- This document constitutes registration of the URLAUTH capability in
- the imap4-capabilities registry.
-
- URLAUTH authorization mechanisms are registered by publishing a
- standards track or IESG-approved experimental RFC. The registry is
- currently located at:
-
-http://www.iana.org/assignments/urlauth-authorization-mechanism-registry
-
- This registry is case-insensitive.
-
- This document constitutes registration of the INTERNAL URLAUTH
- authorization mechanism.
-
- IMAP URLAUTH Authorization Mechanism Registry
-
- Mechanism Name Reference
- -------------- ---------
- INTERNAL [RFC4467]
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 16]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-12. Normative References
-
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [BURL] Newman, C., "Message Submission BURL Extension", RFC 4468,
- May 2006.
-
- [DATETIME] Klyne, G. and C. Newman, "Date and Time on the Internet:
- Timestamps", RFC 3339, July 2002.
-
- [IMAP] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 3501, March 2003.
-
- [IMAPURL] Newman, C., "IMAP URL Scheme", RFC 2192, September 1997.
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
-13. Informative References
-
- [HMAC] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
- Hashing for Message Authentication", RFC 2104, February
- 1997.
-
- [RANDOM] Eastlake, D., 3rd, Schiller, J., and S. Crocker,
- "Randomness Requirements for Security", BCP 106, RFC 4086,
- June 2005.
-
-Author's Address
-
- Mark R. Crispin
- Networks and Distributed Computing
- University of Washington
- 4545 15th Avenue NE
- Seattle, WA 98105-4527
-
- Phone: (206) 543-5762
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 17]
-
-RFC 4467 IMAP - URLAUTH Extension May 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Crispin Standards Track [Page 18]
-
diff --git a/imap/docs/rfc/rfc4468.txt b/imap/docs/rfc/rfc4468.txt
deleted file mode 100644
index b16dcb4e..00000000
--- a/imap/docs/rfc/rfc4468.txt
+++ /dev/null
@@ -1,787 +0,0 @@
-
-
-
-
-
-
-Network Working Group C. Newman
-Request for Comments: 4468 Sun Microsystems
-Updates: 3463 May 2006
-Category: Standards Track
-
-
- Message Submission BURL Extension
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- The submission profile of Simple Mail Transfer Protocol (SMTP)
- provides a standard way for an email client to submit a complete
- message for delivery. This specification extends the submission
- profile by adding a new BURL command that can be used to fetch
- submission data from an Internet Message Access Protocol (IMAP)
- server. This permits a mail client to inject content from an IMAP
- server into the SMTP infrastructure without downloading it to the
- client and uploading it back to the server.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Newman Standards Track [Page 1]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
-Table of Contents
-
- 1. Introduction ....................................................2
- 2. Conventions Used in This Document ...............................2
- 3. BURL Submission Extension .......................................3
- 3.1. SMTP Submission Extension Registration .....................3
- 3.2. BURL Transaction ...........................................3
- 3.3. The BURL IMAP Options ......................................4
- 3.4. Examples ...................................................5
- 3.5. Formal Syntax ..............................................6
- 4. 8-Bit and Binary ................................................7
- 5. Updates to RFC 3463 .............................................7
- 6. Response Codes ..................................................7
- 7. IANA Considerations .............................................9
- 8. Security Considerations .........................................9
- 9. References .....................................................11
- 9.1. Normative References ......................................11
- 9.2. Informative References ....................................12
- Appendix A. Acknowledgements .....................................13
-
-1. Introduction
-
- This specification defines an extension to the standard Message
- Submission [RFC4409] protocol to permit data to be fetched from an
- IMAP server at message submission time. This MAY be used in
- conjunction with the CHUNKING [RFC3030] mechanism so that chunks of
- the message can come from an external IMAP server. This provides the
- ability to forward an email message without first downloading it to
- the client.
-
-2. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
- in this document are to be interpreted as defined in "Key words for
- use in RFCs to Indicate Requirement Levels" [RFC2119].
-
- The formal syntax uses the Augmented Backus-Naur Form (ABNF)
- [RFC4234] notation including the core rules defined in Appendix B of
- RFC 4234.
-
-
-
-
-
-
-
-
-
-
-
-
-Newman Standards Track [Page 2]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
-3. BURL Submission Extension
-
- This section defines the BURL submission extension.
-
-3.1. SMTP Submission Extension Registration
-
- 1. The name of this submission extension is "BURL". This extends
- the Message Submission protocol on port 587 and MUST NOT be
- advertised by a regular SMTP [RFC2821] server on port 25 that
- acts as a relay for incoming mail from other SMTP relays.
-
- 2. The EHLO keyword value associated with the extension is "BURL".
-
- 3. The BURL EHLO keyword will have zero or more arguments. The only
- argument defined at this time is the "imap" argument, which MUST
- be present in order to use IMAP URLs with BURL. Clients MUST
- ignore other arguments after the BURL EHLO keyword unless they
- are defined by a subsequent IETF standards track specification.
- The arguments that appear after the BURL EHLO keyword may change
- subsequent to the use of SMTP AUTH [RFC2554], so a server that
- advertises BURL with no arguments prior to authentication
- indicates that BURL is supported but authentication is required
- to use it.
-
- 4. This extension adds the BURL SMTP verb. This verb is used as a
- replacement for the DATA command and is only permitted during a
- mail transaction after at least one successful RCPT TO.
-
-3.2. BURL Transaction
-
- A simple BURL transaction will consist of MAIL FROM, one or more RCPT
- TO headers, and a BURL command with the "LAST" tag. The BURL command
- will include an IMAP URL pointing to a fully formed message ready for
- injection into the SMTP infrastructure. If PIPELINING [RFC2920] is
- advertised, the client MAY send the entire transaction in one round
- trip. If no valid RCPT TO address is supplied, the BURL command will
- simply fail, and no resolution of the BURL URL argument will be
- performed. If at least one valid RCPT TO address is supplied, then
- the BURL URL argument will be resolved before the server responds to
- the command.
-
- A more sophisticated BURL transaction MAY occur when the server also
- advertises CHUNKING [RFC3030]. In this case, the BURL and BDAT
- commands may be interleaved until one of them terminates the
- transaction with the "LAST" argument. If PIPELINING [RFC2920] is
- also advertised, then the client may pipeline the entire transaction
- in one round-trip. However, it MUST wait for the results of the
- "LAST" BDAT or BURL command prior to initiating a new transaction.
-
-
-
-Newman Standards Track [Page 3]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
- The BURL command directs the server to fetch the data object to which
- the URL refers and include it in the message. If the URL fetch
- fails, the server will fail the entire transaction.
-
-3.3. The BURL IMAP Options
-
- When "imap" is present in the space-separated list of arguments
- following the BURL EHLO keyword, it indicates that the BURL command
- supports the URLAUTH [RFC4467] extended form of IMAP URLs [RFC2192]
- and that the submit server is configured with the necessary
- credentials to resolve "urlauth=submit+" IMAP URLs for the submit
- server's domain.
-
- Subsequent to a successful SMTP AUTH command, the submission server
- MAY indicate a prearranged trust relationship with a specific IMAP
- server by including a BURL EHLO keyword argument of the form
- "imap://imap.example.com". In this case, the submission server will
- permit a regular IMAP URL referring to messages or parts of messages
- on imap.example.com that the user who authenticated to the submit
- server can access. Note that this form does not imply that the
- submit server supports URLAUTH URLs; the submit server must advertise
- both "imap" and "imap://imap.example.com" to indicate support for
- both extended and non-extended URL forms.
-
- When the submit server connects to the IMAP server, it acts as an
- IMAP client and thus is subject to both the mandatory-to-implement
- IMAP capabilities in Section 6.1.1 of RFC 3501, and the security
- considerations in Section 11 of RFC 3501. Specifically, this
- requires that the submit server implement a configuration that uses
- STARTTLS followed by SASL PLAIN [SASL-PLAIN] to authenticate to the
- IMAP server.
-
- When the submit server resolves a URLAUTH IMAP URL, it uses submit
- server credentials when authenticating to the IMAP server. The
- authentication identity and password used for submit credentials MUST
- be configurable. The string "submit" is suggested as a default value
- for the authentication identity, with no default for the password.
- Typically, the authorization identity is empty in this case; thus the
- IMAP server will derive the authorization identity from the
- authentication identity. If the IMAP URL uses the "submit+" access
- identifier prefix, the submit server MUST refuse the BURL command
- unless the userid in the URL's <access> token matches the submit
- client's authorization identity.
-
- When the submit server resolves a regular IMAP URL, it uses the
- submit client's authorization identity when authenticating to the
- IMAP server. If both the submit client and the submit server's
- embedded IMAP client use SASL PLAIN (or the equivalent), the submit
-
-
-
-Newman Standards Track [Page 4]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
- server SHOULD forward the client's credentials if and only if the
- submit server knows that the IMAP server is in the same
- administrative domain. If the submit server supports SASL mechanisms
- other than PLAIN, it MUST implement a configuration in which the
- submit server's embedded IMAP client uses STARTTLS and SASL PLAIN
- with the submit server's authentication identity and password (for
- the respective IMAP server) and the submit client's authorization
- identity.
-
-3.4. Examples
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively. If a single "C:" or "S:" label applies to
- multiple lines, then the line breaks between those lines are for
- editorial clarity only and are not part of the actual protocol
- exchange.
-
- Two successful submissions (without and with pipelining) follow:
-
- <SSL/TLS encryption layer negotiated>
- C: EHLO potter.example.com
- S: 250-owlry.example.com
- S: 250-8BITMIME
- S: 250-BURL imap
- S: 250-AUTH PLAIN
- S: 250-DSN
- S: 250 ENHANCEDSTATUSCODES
- C: AUTH PLAIN aGFycnkAaGFycnkAYWNjaW8=
- S: 235 2.7.0 PLAIN authentication successful.
- C: MAIL FROM:<harry@gryffindor.example.com>
- S: 250 2.5.0 Address Ok.
- C: RCPT TO:<ron@gryffindor.example.com>
- S: 250 2.1.5 ron@gryffindor.example.com OK.
- C: BURL imap://harry@gryffindor.example.com/outbox
- ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
- :internal:91354a473744909de610943775f92038 LAST
- S: 250 2.5.0 Ok.
-
- <SSL/TLS encryption layer negotiated>
- C: EHLO potter.example.com
- S: 250-owlry.example.com
- S: 250-8BITMIME
- S: 250-PIPELINING
- S: 250-BURL imap
- S: 250-AUTH PLAIN
- S: 250-DSN
- S: 250 ENHANCEDSTATUSCODES
- C: AUTH PLAIN aGFycnkAaGFycnkAYWNjaW8=
-
-
-
-Newman Standards Track [Page 5]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
- C: MAIL FROM:<harry@gryffindor.example.com>
- C: RCPT TO:<ron@gryffindor.example.com>
- C: BURL imap://harry@gryffindor.example.com/outbox
- ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
- :internal:91354a473744909de610943775f92038 LAST
- S: 235 2.7.0 PLAIN authentication successful.
- S: 250 2.5.0 Address Ok.
- S: 250 2.1.5 ron@gryffindor.example.com OK.
- S: 250 2.5.0 Ok.
-
- Note that PIPELINING of the AUTH command is only permitted if the
- selected mechanism can be completed in one round trip, a client
- initial response is provided, and no SASL security layer is
- negotiated. This is possible for PLAIN and EXTERNAL, but not for
- most other SASL mechanisms.
-
- Some examples of failure cases:
-
- C: MAIL FROM:<harry@gryffindor.example.com>
- C: RCPT TO:<malfoy@slitherin.example.com>
- C: BURL imap://harry@gryffindor.example.com/outbox
- ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
- :internal:91354a473744909de610943775f92038 LAST
- S: 250 2.5.0 Address Ok.
- S: 550 5.7.1 Relaying not allowed: malfoy@slitherin.example.com
- S: 554 5.5.0 No recipients have been specified.
-
- C: MAIL FROM:<harry@gryffindor.example.com>
- C: RCPT TO:<ron@gryffindor.example.com>
- C: BURL imap://harry@gryffindor.example.com/outbox
- ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
- :internal:71354a473744909de610943775f92038 LAST
- S: 250 2.5.0 Address Ok.
- S: 250 2.1.5 ron@gryffindor.example.com OK.
- S: 554 5.7.0 IMAP URL authorization failed
-
-3.5. Formal Syntax
-
- The following syntax specification inherits ABNF [RFC4234] and
- Uniform Resource Identifiers [RFC3986].
-
- burl-param = "imap" / ("imap://" authority)
- ; parameter to BURL EHLO keyword
-
- burl-cmd = "BURL" SP absolute-URI [SP end-marker] CRLF
-
- end-marker = "LAST"
-
-
-
-
-Newman Standards Track [Page 6]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
-4. 8-Bit and Binary
-
- A submit server that advertises BURL MUST also advertise 8BITMIME
- [RFC1652] and perform the down conversion described in that
- specification on the resulting complete message if 8-bit data is
- received with the BURL command and passed to a 7-bit server. If the
- URL argument to BURL refers to binary data, then the submit server
- MAY refuse the command or down convert as described in Binary SMTP
- [RFC3030].
-
- The Submit server MAY refuse to accept a BURL command or combination
- of BURL and BDAT commands that result in un-encoded 8-bit data in
- mail or MIME [RFC2045] headers. Alternatively, the server MAY accept
- such data and down convert to MIME header encoding [RFC2047].
-
-5. Updates to RFC 3463
-
- SMTP or Submit servers that advertise ENHANCEDSTATUSCODES [RFC2034]
- use enhanced status codes defined in RFC 3463 [RFC3463]. The BURL
- extension introduces new error cases that that RFC did not consider.
- The following additional enhanced status codes are defined by this
- specification:
-
- X.6.6 Message content not available
-
- The message content could not be fetched from a remote system.
- This may be useful as a permanent or persistent temporary
- notification.
-
- X.7.8 Trust relationship required
-
- The submission server requires a configured trust relationship
- with a third-party server in order to access the message content.
-
-6. Response Codes
-
- This section includes example response codes to the BURL command.
- Other text may be used with the same response codes. This list is
- not exhaustive, and BURL clients MUST tolerate any valid SMTP
- response code. Most of these examples include the appropriate
- enhanced status code [RFC3463].
-
- 554 5.5.0 No recipients have been specified
-
- This response code occurs when BURL is used (for example, with
- PIPELINING) and all RCPT TOs failed.
-
-
-
-
-
-Newman Standards Track [Page 7]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
- 503 5.5.0 Valid RCPT TO required before BURL
-
- This response code is an alternative to the previous one when BURL
- is used (for example, with PIPELINING) and all RCPT TOs failed.
-
- 554 5.6.3 Conversion required but not supported
-
- This response code occurs when the URL points to binary data and
- the implementation does not support down conversion to base64.
- This can also be used if the URL points to message data with 8-bit
- content in headers and the server does not down convert such
- content.
-
- 554 5.3.4 Message too big for system
-
- The message (subsequent to URL resolution) is larger than the
- per-message size limit for this server.
-
- 554 5.7.8 URL resolution requires trust relationship
-
- The submit server does not have a trust relationship with the IMAP
- server specified in the URL argument to BURL.
-
- 552 5.2.2 Mailbox full
-
- The recipient is local, the submit server supports direct
- delivery, and the recipient has exceeded his quota and any grace
- period for delivery attempts.
-
- 554 5.6.6 IMAP URL resolution failed
-
- The IMAP URLFETCH command returned an error or no data.
-
- 250 2.5.0 Waiting for additional BURL or BDAT commands
-
- A BURL command without the "LAST" modifier was sent. The URL for
- this BURL command was successfully resolved, but the content will
- not necessarily be committed to persistent storage until the rest
- of the message content is collected. For example, a Unix server
- may have written the content to a queue file buffer, but may not
- yet have performed an fsync() operation. If the server loses
- power, the content can still be lost.
-
- 451 4.4.1 IMAP server unavailable
-
- The connection to the IMAP server to resolve the URL failed.
-
-
-
-
-
-Newman Standards Track [Page 8]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
- 250 2.5.0 Ok.
-
- The URL was successfully resolved, and the complete message data
- has been committed to persistent storage.
-
- 250 2.6.4 MIME header conversion with loss performed
-
- The URL pointed to message data that included mail or MIME headers
- with 8-bit data. This data was converted to MIME header encoding
- [RFC2047], but the submit server may not have correctly guessed
- the unlabeled character set.
-
-7. IANA Considerations
-
- The "BURL" SMTP extension as described in Section 3 has been
- registered. This registration has been marked for use by message
- submission [RFC4409] only in the registry.
-
-8. Security Considerations
-
- Modern SMTP submission servers often include content-based security
- and denial-of-service defense mechanisms such as virus filtering,
- size limits, server-generated signatures, spam filtering, etc.
- Implementations of BURL should fetch the URL content prior to
- application of such content-based mechanisms in order to preserve
- their function.
-
- Clients that generate unsolicited bulk email or email with viruses
- could use this mechanism to compensate for a slow link between the
- client and submit server. In particular, this mechanism would make
- it feasible for a programmable cell phone or other device on a slow
- link to become a significant source of unsolicited bulk email and/or
- viruses. This makes it more important for submit server vendors
- implementing BURL to have auditing and/or defenses against such
- denial-of-service attacks including mandatory authentication, logging
- that associates unique client identifiers with mail transactions,
- limits on reuse of the same IMAP URL, rate limits, recipient count
- limits, and content filters.
-
- Transfer of the URLAUTH [RFC4467] form of IMAP URLs in the clear can
- expose the authorization token to network eavesdroppers.
- Implementations that support such URLs can address this issue by
- using a strong confidentiality protection mechanism. For example,
- the SMTP STARTTLS [RFC3207] and the IMAP STARTTLS [RFC3501]
- extensions, in combination with a configuration setting that requires
- their use with such IMAP URLs, would address this concern.
-
-
-
-
-
-Newman Standards Track [Page 9]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
- Use of a prearranged trust relationship between a submit server and a
- specific IMAP server introduces security considerations. A
- compromise of the submit server should not automatically compromise
- all accounts on the IMAP server, so trust relationships involving
- super-user proxy credentials are strongly discouraged. A system that
- requires the submit server to authenticate to the IMAP server with
- submit credentials and subsequently requires a URLAUTH URL to fetch
- any content addresses this concern. A trusted third party model for
- proxy credentials (such as that provided by Kerberos 5 [RFC4120])
- would also suffice.
-
- When a client uses SMTP STARTTLS to send a BURL command that
- references non-public information, there is a user expectation that
- the entire message content will be treated confidentially. To
- address this expectation, the message submission server SHOULD use
- STARTTLS or a mechanism providing equivalent data confidentiality
- when fetching the content referenced by that URL.
-
- A legitimate user of a submit server may try to compromise other
- accounts on the server by providing an IMAP URLAUTH URL that points
- to a server under that user's control that is designed to undermine
- the security of the submit server. For this reason, the IMAP client
- code that the submit server uses must be robust with respect to
- arbitrary input sizes (including large IMAP literals) and arbitrary
- delays from the IMAP server. Requiring a prearranged trust
- relationship between a submit server and the IMAP server also
- addresses this concern.
-
- An authorized user of the submit server could set up a fraudulent
- IMAP server and pass a URL for that server to the submit server. The
- submit server might then contact the fraudulent IMAP server to
- authenticate with submit credentials and fetch content. There are
- several ways to mitigate this potential attack. A submit server that
- only uses submit credentials with a fixed set of trusted IMAP servers
- will not be vulnerable to exposure of those credentials. A submit
- server can treat the IMAP server as untrusted and include defenses
- for buffer overflows, denial-of-service slowdowns, and other
- potential attacks. Finally, because authentication is required to
- use BURL, it is possible to keep a secure audit trail and use that to
- detect and punish the offending party.
-
-
-
-
-
-
-
-
-
-
-
-Newman Standards Track [Page 10]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
-9. References
-
-9.1. Normative References
-
- [RFC1652] Klensin, J., Freed, N., Rose, M., Stefferud, E., and D.
- Crocker, "SMTP Service Extension for
- 8bit-MIMEtransport", RFC 1652, July 1994.
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC2192] Newman, C., "IMAP URL Scheme", RFC 2192,
- September 1997.
-
- [RFC2554] Myers, J., "SMTP Service Extension for Authentication",
- RFC 2554, March 1999.
-
- [RFC2821] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821,
- April 2001.
-
- [RFC3207] Hoffman, P., "SMTP Service Extension for Secure SMTP
- over Transport Layer Security", RFC 3207,
- February 2002.
-
- [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL -
- VERSION 4rev1", RFC 3501, March 2003.
-
- [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter,
- "Uniform Resource Identifier (URI): Generic Syntax",
- STD 66, RFC 3986, January 2005.
-
- [RFC4234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [RFC4409] Gellens, R. and J. Klensin, "Message Submission for
- Mail", RFC 4409, April 2006.
-
- [RFC4467] Crispin, M., "Internet Message Access Protocol (IMAP) -
- URLAUTH Extension", RFC 4467, May 2006.
-
-
-
-
-
-
-
-
-
-
-
-
-Newman Standards Track [Page 11]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
-9.2. Informative References
-
- [RFC2034] Freed, N., "SMTP Service Extension for Returning
- Enhanced Error Codes", RFC 2034, October 1996.
-
- [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet
- Mail Extensions (MIME) Part One: Format of Internet
- Message Bodies", RFC 2045, November 1996.
-
- [RFC2047] Moore, K., "MIME (Multipurpose Internet Mail
- Extensions) Part Three: Message Header Extensions for
- Non-ASCII Text", RFC 2047, November 1996.
-
- [RFC2920] Freed, N., "SMTP Service Extension for Command
- Pipelining", STD 60, RFC 2920, September 2000.
-
- [RFC3030] Vaudreuil, G., "SMTP Service Extensions for
- Transmission of Large and Binary MIME Messages",
- RFC 3030, December 2000.
-
- [RFC3463] Vaudreuil, G., "Enhanced Mail System Status Codes",
- RFC 3463, January 2003.
-
- [RFC4120] Neuman, C., Yu, T., Hartman, S., and K. Raeburn, "The
- Kerberos Network Authentication Service (V5)", RFC
- 4120, July 2005.
-
- [SASL-PLAIN] Zeilenga, K., "The Plain SASL Mechanism", Work in
- Progress, March 2005.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Newman Standards Track [Page 12]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
-Appendix A. Acknowledgements
-
- This document is a product of the lemonade WG. Many thanks are due
- to all the participants of that working group for their input. Mark
- Crispin was instrumental in the conception of this mechanism. Thanks
- to Randall Gellens, Alexey Melnikov, Sam Hartman, Ned Freed, Dave
- Cridland, Peter Coates, and Mark Crispin for review comments on the
- document. Thanks to the RFC Editor for correcting the author's
- grammar mistakes. Thanks to Ted Hardie, Randall Gellens, Mark
- Crispin, Pete Resnick, and Greg Vaudreuil for extremely interesting
- debates comparing this proposal and alternatives. Thanks to the
- lemonade WG chairs Eric Burger and Glenn Parsons for concluding the
- debate at the correct time and making sure this document got
- completed.
-
-Author's Address
-
- Chris Newman
- Sun Microsystems
- 3401 Centrelake Dr., Suite 410
- Ontario, CA 91761
- US
-
- EMail: chris.newman@sun.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Newman Standards Track [Page 13]
-
-RFC 4468 Message Submission BURL Extension May 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Newman Standards Track [Page 14]
-
diff --git a/imap/docs/rfc/rfc4469.txt b/imap/docs/rfc/rfc4469.txt
deleted file mode 100644
index da365514..00000000
--- a/imap/docs/rfc/rfc4469.txt
+++ /dev/null
@@ -1,731 +0,0 @@
-
-
-
-
-
-
-Network Working Group P. Resnick
-Request for Comments: 4469 QUALCOMM Incorporated
-Updates: 3501, 3502 April 2006
-Category: Standards Track
-
-
- Internet Message Access Protocol (IMAP) CATENATE Extension
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- The CATENATE extension to the Internet Message Access Protocol (IMAP)
- extends the APPEND command to allow clients to create messages on the
- IMAP server that may contain a combination of new data along with
- parts of (or entire) messages already on the server. Using this
- extension, the client can catenate parts of an already existing
- message onto a new message without having to first download the data
- and then upload it back to the server.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 1]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-1. Introduction
-
- The CATENATE extension to the Internet Message Access Protocol (IMAP)
- [1] allows the client to create a message on the server that can
- include the text of messages (or parts of messages) that already
- exist on the server without having to FETCH them and APPEND them back
- to the server. The CATENATE extension extends the APPEND command so
- that, instead of a single message literal, the command can take as
- arguments any combination of message literals (as described in IMAP
- [1]) and message URLs (as described in the IMAP URL Scheme [2]
- specification). The server takes all the pieces and catenates them
- into the output message. The CATENATE extension can also coexist
- with the MULTIAPPEND extension [3] to APPEND multiple messages in a
- single command.
-
- There are some obvious uses for the CATENATE extension. The
- motivating use case was to provide a way for a resource-constrained
- client to compose a message for subsequent submission that contains
- data that already exists in that client's IMAP store. Because the
- client does not have to download and re-upload potentially large
- message parts, bandwidth and processing limitations do not have as
- much impact. In addition, since the client can create a message in
- its own IMAP store, the command also addresses the desire of the
- client to archive a copy of a sent message without having to upload
- the message twice. (Mechanisms for sending the message are outside
- the scope of this document.)
-
- The extended APPEND command can also be used to copy parts of a
- message to another mailbox for archival purposes while getting rid of
- undesired parts. In environments where server storage is limited, a
- client could get rid of large message parts by copying over only the
- necessary parts and then deleting the original message. The
- mechanism could also be used to add data to a message (such as
- prepending message header fields) or to include other data by making
- a copy of the original and catenating the new data.
-
-2. The CATENATE Capability
-
- A server that supports this extension returns "CATENATE" as one of
- the responses to the CAPABILITY command.
-
-
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 2]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-3. The APPEND Command
-
- Arguments: mailbox name
- (The following can be repeated in the presence of the
- MULTIAPPEND extension [3])
- OPTIONAL flag parenthesized list
- OPTIONAL date/time string
- a single message literal or one or more message parts to
- catenate, specified as:
- message literal
- or
- message (or message part) URL
-
- Responses: OPTIONAL NO responses: BADURL, TOOBIG
-
- Result: OK - append completed
- NO - append error: can't append to that mailbox, error
- in flags or date/time or message text, or can't
- fetch that data
- BAD - command unknown or arguments invalid
-
- The APPEND command concatenates all the message parts and appends
- them as a new message to the end of the specified mailbox. The
- parenthesized flag list and date/time string set the flags and the
- internal date, respectively, as described in IMAP [1]. The
- subsequent command parameters specify the message parts that are
- appended sequentially to the output message.
-
- If the original form of APPEND is used, a message literal follows the
- optional flag list and date/time string, which is appended as
- described in IMAP [1]. If the extended form is used, "CATENATE" and
- a parenthesized list of message literals and message URLs follows,
- each of which is appended to the new message. If a message literal
- is specified (indicated by "TEXT"), the octets following the count
- are appended. If a message URL is specified (indicated by "URL"),
- the octets of the body part pointed to by that URL are appended, as
- if the literal returned in a FETCH BODY response were put in place of
- the message part specifier. The APPEND command does not cause the
- \Seen flag to be set for any catenated body part. The APPEND command
- does not change the selected mailbox.
-
- In the extended APPEND command, the string following "URL" is an IMAP
- URL [2] and is interpreted according to the rules of [2]. The
- present document only describes the behavior of the command using
- IMAP URLs that refer to specific messages or message parts on the
- current IMAP server from the current authenticated IMAP session.
- Because of that, only relative IMAP message or message part URLs
- (i.e., those having no scheme or <iserver>) are used. The base URL
-
-
-
-Resnick Standards Track [Page 3]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
- for evaluating the relative URL is considered "imap://user@server/",
- where "user" is the user name of the currently authenticated user and
- "server" is the domain name of the current server. When in the
- selected state, the base URL is considered
- "imap://user@server/mailbox", where "mailbox" is the encoded name of
- the currently selected mailbox. Additionally, since the APPEND
- command is valid in the authenticated state of an IMAP session, no
- further LOGIN or AUTHENTICATE command is performed for URLs specified
- in the extended APPEND command.
-
- Note: Use of an absolute IMAP URL or any URL that refers to
- anything other than a message or message part from the current
- authenticated IMAP session is outside the scope of this document
- and would require an extension to this specification, and a server
- implementing only this specification would return NO to such a
- request.
-
- The client is responsible for making sure that the catenated message
- is in the format of an Internet Message Format (RFC 2822) [4] or
- Multipurpose Internet Mail Extension (MIME) [5] message. In
- particular, when a URL is catenated, the server copies octets,
- unchanged, from the indicated message or message part to the
- catenated message. It does no data conversion (e.g., MIME transfer
- encodings) nor any verification that the data is appropriate for the
- MIME part of the message into which it is inserted. The client is
- also responsible for inserting appropriate MIME boundaries between
- body parts, and writing MIME Content-Type and Content-Transfer-
- Encoding lines as needed in the appropriate places.
-
- Responses behave just as the original APPEND command described in
- IMAP [1]. If the server implements the IMAP UIDPLUS extension [6],
- it will also return an APPENDUID response code in the tagged OK
- response. Two response codes are provided in Section 4 that can be
- used in the tagged NO response if the APPEND command fails.
-
-4. Response Codes
-
- When a APPEND command fails, it may return a response code that
- describes a reason for the failure.
-
-4.1. BADURL Response
-
- The BADURL response code is returned if the APPEND fails to process
- one of the specified URLs. Possible reasons for this are bad URL
- syntax, unrecognized URL schema, invalid message UID, or invalid body
- part. The BADURL response code contains the first URL specified as a
- parameter to the APPEND command that has caused the operation to
- fail.
-
-
-
-Resnick Standards Track [Page 4]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-4.2. TOOBIG Response
-
- The TOOBIG response code is returned if the resulting message will
- exceed the 4-GB IMAP message limit. This might happen, for example,
- if the client specifies 3 URLs for 2-GB messages. Note that even if
- the server doesn't return TOOBIG, it still has to be defensive
- against misbehaving or malicious clients that try to construct a
- message over the 4-GB limit. The server may also wish to return the
- TOOBIG response code if the resulting message exceeds a server-
- specific message size limit.
-
-5. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) [7] notation. Elements not defined here can be found in
- the formal syntax of the ABNF [7], IMAP [1], and IMAP ABNF extensions
- [8] specifications. Note that capability and resp-text-code are
- extended from the IMAP [1] specification and append-data is extended
- from the IMAP ABNF extensions [8] specification.
-
- append-data =/ "CATENATE" SP "(" cat-part *(SP cat-part) ")"
-
- cat-part = text-literal / url
-
- text-literal = "TEXT" SP literal
-
- url = "URL" SP astring
-
- resp-text-code =/ toobig-response-code / badurl-response-code
-
- toobig-response-code = "TOOBIG"
-
- badurl-response-code = "BADURL" SP url-resp-text
-
- url-resp-text = 1*(%x01-09 /
- %x0B-0C /
- %x0E-5B /
- %x5D-FE) ; Any TEXT-CHAR except "]"
-
- capability =/ "CATENATE"
-
- The astring in the definition of url and the url-resp-text in the
- definition of badurl-response-code each contain an imapurl as defined
- by [2].
-
-
-
-
-
-
-
-Resnick Standards Track [Page 5]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-6. Acknowledgements
-
- Thanks to the members of the LEMONADE working group for their input.
- Special thanks to Alexey Melnikov for the examples.
-
-7. Security Considerations
-
- The CATENATE extension does not raise any security considerations
- that are not present for the base protocol or in the use of IMAP
- URLs, and these issues are discussed in the IMAP [1] and IMAP URL [2]
- documents.
-
-8. IANA Considerations
-
- IMAP4 capabilities are registered by publishing a standards track or
- IESG approved experimental RFC. The registry is currently located at
- <http://www.iana.org/assignments/imap4-capabilities>. This document
- defines the CATENATE IMAP capability. The IANA has added this
- capability to the registry.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 6]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-Appendix A. Examples
-
- Lines not starting with "C: " or "S: " are continuations of the
- previous lines.
-
- The original message in examples 1 and 2 below (UID = 20) has the
- following structure:
-
-
- multipart/mixed MIME message with two body parts:
-
- 1. text/plain
-
- 2. application/x-zip-compressed
-
- Example 1: The following example demonstrates how a CATENATE client
- can replace an attachment in a draft message, without the need to
- download it to the client and upload it back.
-
- C: A003 APPEND Drafts (\Seen \Draft $MDNSent) CATENATE
- (URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;section=HEADER"
- TEXT {42}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050907
- C: URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;section=1.MIME"
- URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;section=1" TEXT {42}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050907
- C: URL "/Drafts;UIDVALIDITY=385759045/;UID=30" TEXT {44}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050907--
- C: )
- S: A003 OK catenate append completed
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 7]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
- Example 2: The following example demonstrates how the CATENATE
- extension can be used to replace edited text in a draft message, as
- well as header fields for the top level message part (e.g., Subject
- has changed). The previous version of the draft is marked as
- \Deleted. Note that the server also supports the UIDPLUS extension,
- so the APPENDUID response code is returned in the successful OK
- response to the APPEND command.
-
- C: A003 APPEND Drafts (\Seen \Draft $MDNSent) CATENATE (TEXT {738}
- S: + Ready for literal data
- C: Return-Path: <bar@example.org>
- C: Received: from [127.0.0.2]
- C: by rufus.example.org via TCP (internal) with ESMTPA;
- C: Thu, 11 Nov 2004 16:57:07 +0000
- C: Message-ID: <419399E1.6000505@example.org>
- C: Date: Thu, 12 Nov 2004 16:57:05 +0000
- C: From: Bob Ar <bar@example.org>
- C: X-Accept-Language: en-us, en
- C: MIME-Version: 1.0
- C: To: foo@example.net
- C: Subject: About our holiday trip
- C: Content-Type: multipart/mixed;
- C: boundary="------------030308070208000400050907"
- C:
- C: --------------030308070208000400050907
- C: Content-Type: text/plain; charset=us-ascii; format=flowed
- C: Content-Transfer-Encoding: 7bit
- C:
- C: Our travel agent has sent the updated schedule.
- C:
- C: Cheers,
- C: Bob
- C: --------------030308070208000400050907
- C: URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;Section=2.MIME"
- URL "/Drafts;UIDVALIDITY=385759045/;UID=20/;Section=2" TEXT {44}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050907--
- C: )
- S: A003 OK [APPENDUID 385759045 45] append Completed
- C: A004 UID STORE 20 +FLAGS.SILENT (\Deleted)
- S: A004 OK STORE completed
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 8]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
- Example 3: The following example demonstrates how the CATENATE
- extension can be used to strip attachments. Below, a PowerPoint
- attachment was replaced by a small text part explaining that the
- attachment was stripped.
-
- C: A003 APPEND Drafts (\Seen \Draft $MDNSent) CATENATE
- (URL "/Drafts;UIDVALIDITY=385759045/;UID=21/;section=HEADER"
- TEXT {42}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050903
- C: URL "/Drafts;UIDVALIDITY=385759045/;UID=21/;section=1.MIME"
- URL "/Drafts;UIDVALIDITY=385759045/;UID=21/;section=1" TEXT {255}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050903
- C: Content-type: text/plain; charset="us-ascii"
- C: Content-transfer-encoding: 7bit
- C:
- C: This body part contained a Power Point presentation that was
- C: deleted upon your request.
- C: --------------030308070208000400050903--
- C: )
- S: A003 OK append Completed
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 9]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
- Example 4: The following example demonstrates a failed APPEND
- command. The server returns the BADURL response code to indicate
- that one of the provided URLs is invalid. This example also
- demonstrates how the CATENATE extension can be used to construct a
- digest of several messages.
-
- C: A003 APPEND Sent (\Seen $MDNSent) CATENATE (TEXT {541}
- S: + Ready for literal data
- C: Return-Path: <foo@example.org>
- C: Received: from [127.0.0.2]
- C: by rufus.example.org via TCP (internal) with ESMTPA;
- C: Thu, 11 Nov 2004 16:57:07 +0000
- C: Message-ID: <419399E1.6000505@example.org>
- C: Date: Thu, 21 Nov 2004 16:57:05 +0000
- C: From: Farren Oo <foo@example.org>
- C: X-Accept-Language: en-us, en
- C: MIME-Version: 1.0
- C: To: bar@example.org
- C: Subject: Digest of the mailing list for today
- C: Content-Type: multipart/digest;
- C: boundary="------------030308070208000400050904"
- C:
- C: --------------030308070208000400050904
- C: URL "/INBOX;UIDVALIDITY=785799047/;UID=11467" TEXT {42}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050904
- C: URL "/INBOX;UIDVALIDITY=785799047/;UID=113330/;section=1.5.9"
- TEXT {42}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050904
- C: URL "/INBOX;UIDVALIDITY=785799047/;UID=11916" TEXT {44}
- S: + Ready for literal data
- C:
- C: --------------030308070208000400050904--
- C: )
- S: A003 NO [BADURL "/INBOX;UIDVALIDITY=785799047/;UID=113330;
- section=1.5.9"] CATENATE append has failed, one message expunged
-
- Note that the server could have validated the URLs as they were
- received and therefore could have returned the tagged NO response
- with BADURL response-code in place of any continuation request after
- the URL was received.
-
-
-
-
-
-
-
-Resnick Standards Track [Page 10]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-9. Normative References
-
- [1] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1",
- RFC 3501, March 2003.
-
- [2] Newman, C., "IMAP URL Scheme", RFC 2192, September 1997.
-
- [3] Crispin, M., "Internet Message Access Protocol (IMAP) -
- MULTIAPPEND Extension", RFC 3502, March 2003.
-
- [4] Resnick, P., "Internet Message Format", RFC 2822, April 2001.
-
- [5] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
- Extensions (MIME) Part One: Format of Internet Message Bodies",
- RFC 2045, November 1996.
-
- [6] Crispin, M., "Internet Message Access Protocol (IMAP) - UIDPLUS
- extension", RFC 4315, December 2005.
-
- [7] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [8] Melnikov, A. and C. Daboo, "Collected Extensions to IMAP4 ABNF",
- RFC 4466, April 2006.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 11]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-Author's Address
-
- Peter W. Resnick
- QUALCOMM Incorporated
- 5775 Morehouse Drive
- San Diego, CA 92121-1714
- US
-
- Phone: +1 858 651 4478
- EMail: presnick@qualcomm.com
- URI: http://www.qualcomm.com/~presnick/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Resnick Standards Track [Page 12]
-
-RFC 4469 IMAP CATENATE Extension April 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Resnick Standards Track [Page 13]
-
diff --git a/imap/docs/rfc/rfc4505.txt b/imap/docs/rfc/rfc4505.txt
deleted file mode 100644
index 6b8a4a11..00000000
--- a/imap/docs/rfc/rfc4505.txt
+++ /dev/null
@@ -1,507 +0,0 @@
-
-
-
-
-
-
-Network Working Group K. Zeilenga, Ed.
-Request for Comments: 4505 OpenLDAP Foundation
-Obsoletes: 2245 June 2006
-Category: Standards Track
-
-
- Anonymous Simple Authentication and Security Layer (SASL) Mechanism
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- On the Internet, it is common practice to permit anonymous access to
- various services. Traditionally, this has been done with a plain-
- text password mechanism using "anonymous" as the user name and using
- optional trace information, such as an email address, as the
- password. As plain-text login commands are not permitted in new IETF
- protocols, a new way to provide anonymous login is needed within the
- context of the Simple Authentication and Security Layer (SASL)
- framework.
-
-1. Introduction
-
- This document defines an anonymous mechanism for the Simple
- Authentication and Security Layer ([SASL]) framework. The name
- associated with this mechanism is "ANONYMOUS".
-
- Unlike many other SASL mechanisms, whose purpose is to authenticate
- and identify the user to a server, the purpose of this SASL mechanism
- is to allow the user to gain access to services or resources without
- requiring the user to establish or otherwise disclose their identity
- to the server. That is, this mechanism provides an anonymous login
- method.
-
- This mechanism does not provide a security layer.
-
- This document replaces RFC 2245. Changes since RFC 2245 are detailed
- in Appendix A.
-
-
-
-Zeilenga Standards Track [Page 1]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
-2. The Anonymous Mechanism
-
- The mechanism consists of a single message from the client to the
- server. The client may include in this message trace information in
- the form of a string of [UTF-8]-encoded [Unicode] characters prepared
- in accordance with [StringPrep] and the "trace" stringprep profile
- defined in Section 3 of this document. The trace information, which
- has no semantical value, should take one of two forms: an Internet
- email address, or an opaque string that does not contain the '@'
- (U+0040) character and that can be interpreted by the system
- administrator of the client's domain. For privacy reasons, an
- Internet email address or other information identifying the user
- should only be used with permission from the user.
-
- A server that permits anonymous access will announce support for the
- ANONYMOUS mechanism and allow anyone to log in using that mechanism,
- usually with restricted access.
-
- A formal grammar for the client message using Augmented BNF [ABNF] is
- provided below as a tool for understanding this technical
- specification.
-
- message = [ email / token ]
- ;; to be prepared in accordance with Section 3
-
- UTF1 = %x00-3F / %x41-7F ;; less '@' (U+0040)
- UTF2 = %xC2-DF UTF0
- UTF3 = %xE0 %xA0-BF UTF0 / %xE1-EC 2(UTF0) /
- %xED %x80-9F UTF0 / %xEE-EF 2(UTF0)
- UTF4 = %xF0 %x90-BF 2(UTF0) / %xF1-F3 3(UTF0) /
- %xF4 %x80-8F 2(UTF0)
- UTF0 = %x80-BF
-
- TCHAR = UTF1 / UTF2 / UTF3 / UTF4
- ;; any UTF-8 encoded Unicode character
- ;; except '@' (U+0040)
-
- email = addr-spec
- ;; as defined in [IMAIL]
-
- token = 1*255TCHAR
-
- Note to implementors:
- The <token> production is restricted to 255 UTF-8-encoded Unicode
- characters. As the encoding of a characters uses a sequence of 1
- to 4 octets, a token may be as long as 1020 octets.
-
-
-
-
-
-Zeilenga Standards Track [Page 2]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
-3. The "trace" Profile of "Stringprep"
-
- This section defines the "trace" profile of [StringPrep]. This
- profile is designed for use with the SASL ANONYMOUS Mechanism.
- Specifically, the client is to prepare the <message> production in
- accordance with this profile.
-
- The character repertoire of this profile is Unicode 3.2 [Unicode].
-
- No mapping is required by this profile.
-
- No Unicode normalization is required by this profile.
-
- The list of unassigned code points for this profile is that provided
- in Appendix A of [StringPrep]. Unassigned code points are not
- prohibited.
-
- Characters from the following tables of [StringPrep] are prohibited:
-
- - C.2.1 (ASCII control characters)
- - C.2.2 (Non-ASCII control characters)
- - C.3 (Private use characters)
- - C.4 (Non-character code points)
- - C.5 (Surrogate codes)
- - C.6 (Inappropriate for plain text)
- - C.8 (Change display properties are deprecated)
- - C.9 (Tagging characters)
-
- No additional characters are prohibited.
-
- This profile requires bidirectional character checking per Section 6
- of [StringPrep].
-
-4. Example
-
- Here is a sample ANONYMOUS login between an IMAP client and server.
- In this example, "C:" and "S:" indicate lines sent by the client and
- server, respectively. If such lines are wrapped without a new "C:"
- or "S:" label, then the wrapping is for editorial clarity and is not
- part of the command.
-
- Note that this example uses the IMAP profile [IMAP4] of SASL. The
- base64 encoding of challenges and responses as well as the "+ "
- preceding the responses are part of the IMAP4 profile, not part of
- SASL itself. Additionally, protocols with SASL profiles permitting
- an initial client response will be able to avoid the extra round trip
- below (the server response with an empty "+ ").
-
-
-
-
-Zeilenga Standards Track [Page 3]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
- In this example, the trace information is "sirhc".
-
- S: * OK IMAP4 server ready
- C: A001 CAPABILITY
- S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=DIGEST-MD5 AUTH=ANONYMOUS
- S: A001 OK done
- C: A002 AUTHENTICATE ANONYMOUS
- S: +
- C: c2lyaGM=
- S: A003 OK Welcome, trace information has been logged.
-
-5. Security Considerations
-
- The ANONYMOUS mechanism grants access to services and/or resources by
- anyone. For this reason, it should be disabled by default so that
- the administrator can make an explicit decision to enable it.
-
- If the anonymous user has any write privileges, a denial-of-service
- attack is possible by filling up all available space. This can be
- prevented by disabling all write access by anonymous users.
-
- If anonymous users have read and write access to the same area, the
- server can be used as a communication mechanism to exchange
- information anonymously. Servers that accept anonymous submissions
- should implement the common "drop box" model, which forbids anonymous
- read access to the area where anonymous submissions are accepted.
-
- If the anonymous user can run many expensive operations (e.g., an
- IMAP SEARCH BODY command), this could enable a denial-of-service
- attack. Servers are encouraged to reduce the priority of anonymous
- users or limit their resource usage.
-
- While servers may impose a limit on the number of anonymous users,
- note that such limits enable denial-of-service attacks and should be
- used with caution.
-
- The trace information is not authenticated, so it can be falsified.
- This can be used as an attempt to get someone else in trouble for
- access to questionable information. Administrators investigating
- abuse need to realize that this trace information may be falsified.
-
- A client that uses the user's correct email address as trace
- information without explicit permission may violate that user's
- privacy. Anyone who accesses an anonymous archive on a sensitive
- subject (e.g., sexual abuse) likely has strong privacy needs.
- Clients should not send the email address without the explicit
- permission of the user and should offer the option of supplying no
- trace information, thus only exposing the source IP address and time.
-
-
-
-Zeilenga Standards Track [Page 4]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
- Anonymous proxy servers could enhance this privacy but would have to
- consider the resulting potential denial-of-service attacks.
-
- Anonymous connections are susceptible to man-in-the-middle attacks
- that view or alter the data transferred. Clients and servers are
- encouraged to support external data security services.
-
- Protocols that fail to require an explicit anonymous login are more
- susceptible to break-ins given certain common implementation
- techniques. Specifically, Unix servers that offer user login may
- initially start up as root and switch to the appropriate user id
- after an explicit login command. Normally, such servers refuse all
- data access commands prior to explicit login and may enter a
- restricted security environment (e.g., the Unix chroot(2) function)
- for anonymous users. If anonymous access is not explicitly
- requested, the entire data access machinery is exposed to external
- security attacks without the chance for explicit protective measures.
- Protocols that offer restricted data access should not allow
- anonymous data access without an explicit login step.
-
- General [SASL] security considerations apply to this mechanism.
-
- [StringPrep] security considerations and [Unicode] security
- considerations discussed in [StringPrep] apply to this mechanism.
- [UTF-8] security considerations also apply.
-
-6. IANA Considerations
-
- The SASL Mechanism registry [IANA-SASL] entry for the ANONYMOUS
- mechanism has been updated by the IANA to reflect that this document
- now provides its technical specification.
-
- To: iana@iana.org
- Subject: Updated Registration of SASL mechanism ANONYMOUS
-
- SASL mechanism name: ANONYMOUS
- Security considerations: See RFC 4505.
- Published specification (optional, recommended): RFC 4505
- Person & email address to contact for further information:
- Kurt Zeilenga <Kurt@OpenLDAP.org>
- Chris Newman <Chris.Newman@sun.com>
- Intended usage: COMMON
- Author/Change controller: IESG <iesg@ietf.org>
- Note: Updates existing entry for ANONYMOUS
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 5]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
- The [StringPrep] profile "trace", first defined in this RFC, has been
- registered:
-
- To: iana@iana.org
- Subject: Initial Registration of Stringprep "trace" profile
-
- Stringprep profile: trace
- Published specification: RFC 4505
- Person & email address to contact for further information:
- Kurt Zeilenga <kurt@openldap.org>
-
-7. Acknowledgement
-
- This document is a revision of RFC 2245 by Chris Newman. Portions of
- the grammar defined in Section 1 were borrowed from RFC 3629 by
- Francois Yergeau.
-
- This document is a product of the IETF SASL WG.
-
-8. Normative References
-
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [IMAIL] Resnick, P., "Internet Message Format", RFC 2822, April
- 2001.
-
- [SASL] Melnikov, A., Ed. and K. Zeilenga, Ed., "Simple
- Authentication and Security Layer (SASL)", RFC 4422,
- June 2006.
-
- [StringPrep] Hoffman, P. and M. Blanchet, "Preparation of
- Internationalized Strings ('stringprep')", RFC 3454,
- December 2002.
-
- [Unicode] The Unicode Consortium, "The Unicode Standard, Version
- 3.2.0" is defined by "The Unicode Standard, Version 3.0"
- (Reading, MA, Addison-Wesley, 2000. ISBN 0-201-61633-5),
- as amended by the "Unicode Standard Annex #27: Unicode
- 3.1" (http://www.unicode.org/reports/tr27/) and by the
- "Unicode Standard Annex #28: Unicode 3.2"
- (http://www.unicode.org/reports/tr28/).
-
- [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
- 10646", RFC 3629 (also STD 63), November 2003.
-
-
-
-
-
-
-Zeilenga Standards Track [Page 6]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
-9. Informative References
-
- [IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [IANA-SASL] IANA, "SIMPLE AUTHENTICATION AND SECURITY LAYER (SASL)
- MECHANISMS", <http://www.iana.org/assignments/sasl-
- mechanisms>.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 7]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
-Appendix A. Changes since RFC 2245
-
- This appendix is non-normative.
-
- RFC 2245 allows the client to include optional trace information in
- the form of a human readable string. RFC 2245 restricted this string
- to US-ASCII. As the Internet is international, this document uses a
- string restricted to UTF-8 encoded Unicode characters. A
- "stringprep" profile is defined to precisely define which Unicode
- characters are allowed in this string. While the string remains
- restricted to 255 characters, the encoded length of each character
- may now range from 1 to 4 octets.
-
- Additionally, a number of editorial changes were made.
-
-Editor's Address
-
- Kurt D. Zeilenga
- OpenLDAP Foundation
-
- EMail: Kurt@OpenLDAP.org
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 8]
-
-RFC 4505 Anonymous SASL Mechanism June 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 9]
-
diff --git a/imap/docs/rfc/rfc4549.txt b/imap/docs/rfc/rfc4549.txt
deleted file mode 100644
index 8430ee10..00000000
--- a/imap/docs/rfc/rfc4549.txt
+++ /dev/null
@@ -1,1963 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov, Ed.
-Request for Comments: 4549 Isode Ltd.
-Category: Informational June 2006
-
-
- Synchronization Operations for Disconnected IMAP4 Clients
-
-Status of This Memo
-
- This memo provides information for the Internet community. It does
- not specify an Internet standard of any kind. Distribution of this
- memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- This document attempts to address some of the issues involved in
- building a disconnected IMAP4 client. In particular, it deals with
- the issues of what might be called the "driver" portion of the
- synchronization tool: the portion of the code responsible for issuing
- the correct set of IMAP4 commands to synchronize the disconnected
- client in the way that is most likely to make the human who uses the
- disconnected client happy.
-
- This note describes different strategies that can be used by
- disconnected clients and shows how to use IMAP protocol in order to
- minimize the time of the synchronization process.
-
- This note also lists IMAP extensions that a server should implement
- in order to provide better synchronization facilities to disconnected
- clients.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Informational [Page 1]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
-Table of Contents
-
- 1. Introduction ....................................................3
- 1.1. Conventions Used in This Document ..........................3
- 2. Design Principles ...............................................3
- 3. Overall Picture of Synchronization ..............................4
- 4. Mailbox Synchronization Steps and Strategies ....................7
- 4.1. Checking UID Validity ......................................7
- 4.2. Synchronizing Local Changes with the Server ................8
- 4.2.1. Uploading Messages to the Mailbox ...................8
- 4.2.2. Optimizing "move" and "copy" Operations .............9
- 4.2.3. Replaying Local Flag Changes .......................14
- 4.2.4. Processing Mailbox Compression (EXPUNGE) Requests ..15
- 4.2.5. Closing a Mailbox ..................................17
- 4.3. Details of "Normal" Synchronization of a Single Mailbox ...18
- 4.3.1. Discovering New Messages and Changes to Old
- Messages ...........................................18
- 4.3.2. Searching for "Interesting" Messages. ..............20
- 4.3.3. Populating Cache with "Interesting" Messages. ......21
- 4.3.4. User-Initiated Synchronization .....................22
- 4.4. Special Case: Descriptor-Only Synchronization .............22
- 4.5. Special Case: Fast New-Only Synchronization ...............23
- 4.6. Special Case: Blind FETCH .................................23
- 5. Implementation Considerations ..................................24
- 5.1. Error Recovery during Playback ............................26
- 5.2. Quality of Implementation Issues ..........................28
- 5.3. Optimizations .............................................28
- 6. IMAP Extensions That May Help ..................................30
- 6.1. CONDSTORE Extension .......................................30
- 7. Security Considerations ........................................33
- 8. References .....................................................33
- 8.1. Normative References ......................................33
- 8.2. Informative References ....................................34
- 9. Acknowledgements ...............................................34
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Informational [Page 2]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
-1. Introduction
-
- Several recommendations presented in this document are generally
- applicable to all types of IMAP clients. However, this document
- tries to concentrate on disconnected mail clients [IMAP-MODEL]. It
- also suggests some IMAP extensions* that should be implemented by
- IMAP servers in order to make the life of disconnected clients
- easier. In particular, the [UIDPLUS] extension was specifically
- designed to streamline certain disconnected operations, like
- expunging, uploading, and copying messages (see Sections 4.2.1,
- 4.2.2.1, and 4.2.4).
-
- Readers of this document are also strongly advised to read RFC 2683
- [RFC2683].
-
- * Note that the functionality provided by the base IMAP protocol
- [IMAP4] is sufficient to perform basic synchronization.
-
-1.1. Conventions Used in This Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively. Long lines in examples are broken for
- editorial clarity.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in RFC 2119 [KEYWORDS].
-
- Let's call an IMAP command idempotent if the result of executing the
- command twice sequentially is the same as the result of executing the
- command just once.
-
-2. Design Principles
-
- All mailbox state or content information stored on the disconnected
- client should be viewed strictly as a cache of the state of the
- server. The "master" state remains on the server, just as it would
- with an interactive IMAP4 client. The one exception to this rule is
- that information about the state of the disconnected client's cache
- (the state includes flag changes while offline and during scheduled
- message uploads) remains on the disconnected client: that is, the
- IMAP4 server is not responsible for remembering the state of the
- disconnected IMAP4 client.
-
- We assume that a disconnected client is a client that, for whatever
- reason, wants to minimize the length of time that it is "on the
- phone" to the IMAP4 server. Often this will be because the client is
- using a dialup connection, possibly with very low bandwidth, but
-
-
-
-Melnikov Informational [Page 3]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- sometimes it might just be that the human is in a hurry to catch an
- airplane, or some other event beyond our control. Whatever the
- reason, we assume that we must make efficient use of the network
- connection, both in the usual sense (not generating spurious traffic)
- and in the sense that we would prefer not to have the connection
- sitting idle while the client and/or the server is performing
- strictly local computation or I/O. Another, perhaps simpler way of
- stating this is that we assume that network connections are
- "expensive".
-
- Practical experience with disconnected mail systems has shown that
- there is no single synchronization strategy that is appropriate for
- all cases. Different humans have different preferences, and the same
- human's preference will vary depending both on external circumstance
- (how much of a hurry the human is in today) and on the value that the
- human places on the messages being transferred. The point here is
- that there is no way that the synchronization program can guess
- exactly what the human wants to do, so the human will have to provide
- some guidance.
-
- Taken together, the preceding two principles lead to the conclusion
- that the synchronization program must make its decisions based on
- some kind of guidance provided by the human, by selecting the
- appropriate options in the user interface or through some sort of
- configuration file. Almost certainly, it should not pause for I/O
- with the human in the middle of the synchronization process. The
- human will almost certainly have several different configurations for
- the synchronization program, for different circumstances.
-
- Since a disconnected client has no way of knowing what changes might
- have occurred to the mailbox while it was disconnected, message
- numbers are not useful to a disconnected client. All disconnected
- client operations should be performed using UIDs, so that the client
- can be sure that it and the server are talking about the same
- messages during the synchronization process.
-
-3. Overall Picture of Synchronization
-
- The basic strategy for synchronization is outlined below. Note that
- the real strategy may vary from one application to another or may
- depend on a synchronization mode.
-
- a) Process any "actions" that were pending on the client that were
- not associated with any mailbox. (In particular sending messages
- composed offline with SMTP. This is not part of IMAP
- synchronization, but it is mentioned here for completeness.)
-
-
-
-
-
-Melnikov Informational [Page 4]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- b) Fetch the current list of "interesting" mailboxes. (The
- disconnected client should allow the user to skip this step
- completely.)
-
- c) "Client-to-server synchronization": for each IMAP "action" that
- was pending on the client, do the following:
-
- 1) If the action implies opening a new mailbox (any operation that
- operates on messages), open the mailbox. Check its UID
- validity value (see Section 4.1 for more details) returned in
- the UIDVALIDITY response code. If the UIDVALIDITY value
- returned by the server differs, the client MUST empty the local
- cache of the mailbox and remove any pending "actions" that
- refer to UIDs in that mailbox (and consider them failed). Note
- that this doesn't affect actions performed on client-generated
- fake UIDs (see Section 5).
-
- 2) Perform the action. If the action is to delete a mailbox
- (DELETE), make sure that the mailbox is closed first (see also
- Section 3.4.12 of [RFC2683]).
-
- d) "Server-to-client synchronization": for each mailbox that requires
- synchronization, do the following:
-
- 1) Check the mailbox UIDVALIDITY (see Section 4.1 for more
- details) with SELECT/EXAMINE/STATUS.
-
- If UIDVALIDITY value returned by the server differs, the client
- MUST
-
- * empty the local cache of that mailbox;
- * remove any pending "actions" that refer to UIDs in that
- mailbox and consider them failed; and
- * skip step 2-II.
-
- 2) Fetch the current "descriptors";
-
- I) Discover new messages.
-
- II) Discover changes to old messages.
-
- 3) Fetch the bodies of any "interesting" messages that the client
- doesn't already have.
-
- e) Close all open mailboxes not required for further operations (if
- staying online) or disconnect all open connections (if going
- offline).
-
-
-
-
-Melnikov Informational [Page 5]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- Terms used:
-
- "Actions" are queued requests that were made by the human to the
- client's Mail User Agent (MUA) software while the client was
- disconnected.
-
- We define "descriptors" as a set of IMAP4 FETCH data items.
- Conceptually, a message's descriptor is that set of information that
- allows the synchronization program to decide what protocol actions
- are necessary to bring the local cache to the desired state for this
- message; since this decision is really up to the human, this
- information probably includes at least a few header fields intended
- for human consumption. Exactly what will constitute a descriptor
- depends on the client implementation. At a minimum, the descriptor
- contains the message's UID and FLAGS. Other likely candidates are
- the RFC822.SIZE, RFC822.HEADER, BODYSTRUCTURE, or ENVELOPE data
- items.
-
- Comments:
-
- 1) The list of actions should be ordered. For example, if the human
- deletes message A1 in mailbox A, then expunges mailbox A, and then
- deletes message A2 in mailbox A, the human will expect that
- message A1 is gone and that message A2 is still present but is now
- deleted.
-
- By processing all the actions before proceeding with
- synchronization, we avoid having to compensate for the local MUA's
- changes to the server's state. That is, once we have processed
- all the pending actions, the steps that the client must take to
- synchronize itself will be the same no matter where the changes to
- the server's state originated.
-
- 2) Steps a and b can be performed in parallel. Alternatively, step a
- can be performed after d.
-
- 3) On step b, the set of "interesting" mailboxes pretty much has to
- be determined by the human. What mailboxes belong to this set may
- vary between different IMAP4 sessions with the same server,
- client, and human. An interesting mailbox can be a mailbox
- returned by LSUB command (see Section 6.3.9 of [IMAP4]). The
- special mailbox "INBOX" SHOULD be in the default set of mailboxes
- that the client considers interesting. However, providing the
- ability to ignore INBOX for a particular session or client may be
- valuable for some mail filtering strategies.
-
-
-
-
-
-
-Melnikov Informational [Page 6]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- 4) On step d-2-II, the client also finds out about changes to the
- flags of messages that the client already has in its local cache,
- and about messages in the local cache that no longer exist on the
- server (i.e., messages that have been expunged).
-
- 5) "Interesting" messages are those messages that the synchronization
- program thinks the human wants to have cached locally, based on
- the configuration and the data retrieved in step b.
-
- 6) A disconnected IMAP client is a special case of an IMAP client, so
- it MUST be able to handle any "unexpected" unsolicited responses,
- like EXISTS and EXPUNGE, at any time. The disconnected client MAY
- ignore EXPUNGE response during "client-to-server" synchronization
- phase (step c).
-
- The rest of this discussion will focus primarily on the
- synchronization issues for a single mailbox.
-
-4. Mailbox Synchronization Steps and Strategies
-
-4.1. Checking UID Validity
-
- The "UID validity" of a mailbox is a number returned in an
- UIDVALIDITY response code in an OK untagged response at mailbox
- selection time. The UID validity value changes between sessions when
- UIDs fail to persist between sessions.
-
- Whenever the client selects a mailbox, the client must compare the
- returned UID validity value with the value stored in the local cache.
- If the UID validity values differ, the UIDs in the client's cache are
- no longer valid. The client MUST then empty the local cache of that
- mailbox and remove any pending "actions" that refer to UIDs in that
- mailbox. The client MAY also issue a warning to the human. The
- client MUST NOT cancel any scheduled uploads (i.e., APPENDs) for the
- mailbox.
-
- Note that UIDVALIDITY is not only returned on a mailbox selection.
- The COPYUID and APPENDUID response codes defined in the [UIDPLUS]
- extension (see also 4.2.2) and the UIDVALIDITY STATUS response data
- item also contain a UIDVALIDITY value for some other mailbox. The
- client SHOULD behave as described in the previous paragraph (but it
- should act on the other mailbox's cache), no matter how it obtained
- the UIDVALIDITY value.
-
-
-
-
-
-
-
-
-Melnikov Informational [Page 7]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
-4.2. Synchronizing Local Changes with the Server
-
-4.2.1. Uploading Messages to the Mailbox
-
- Two of the most common examples of operations resulting in message
- uploads are:
-
- 1) Saving a draft message
-
- 2) Copying a message between remote mailboxes on two different IMAP
- servers or a local mailbox and a remote mailbox.
-
- Message upload is performed with the APPEND command. A message
- scheduled to be uploaded has no UID associated with it, as all UIDs
- are assigned by the server. The APPEND command will effectively
- associate a UID with the uploaded message that can be stored in the
- local cache for future reference. However, [IMAP4] doesn't describe
- a simple mechanism to discover the message UID by just performing the
- APPEND command. In order to discover the UID, the client can do one
- of the following:
-
- 1) Remove the uploaded message from cache. Then, use the mechanism
- described in 4.3 to fetch the information about the uploaded
- message as if it had been uploaded by some other client.
-
- 2) Try to fetch header information as described in 4.2.2 in order to
- find a message that corresponds to the uploaded message. One
- strategy for doing this is described in 4.2.2.
-
- Case 1 describes a not particularly smart client.
-
- C: A003 APPEND Drafts (\Seen $MDNSent) {310}
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@blt.example.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.siam.edu
- C: Message-Id: <B27397-0100000@blt.example.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C:
- S: A003 OK APPEND Completed
-
- Fortunately, there is a simpler way to discover the message UID in
- the presence of the [UIDPLUS] extension:
-
-
-
-
-Melnikov Informational [Page 8]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- C: A003 APPEND Drafts (\Seen $MDNSent) {310}
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@blt.example.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.siam.edu
- C: Message-Id: <B27397-0100000@blt.example.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C:
- S: A003 OK [APPENDUID 1022843275 77712] APPEND completed
-
- The UID of the appended message is the second parameter of APPENDUID
- response code.
-
-4.2.2. Optimizing "move" and "copy" Operations
-
- Practical experience with IMAP and other mailbox access protocols
- that support multiple mailboxes suggests that moving a message from
- one mailbox to another is an extremely common operation.
-
-4.2.2.1. Moving a Message between Two Mailboxes on the Same Server
-
- In IMAP4, a "move" operation between two mailboxes on the same server
- is really a combination of a COPY operation and a STORE +FLAGS
- (\Deleted) operation. This makes good protocol sense for IMAP, but
- it leaves a simple-minded disconnected client in the silly position
- of deleting and possibly expunging its cached copy of a message, then
- fetching an identical copy via the network.
-
- However, the presence of the UIDPLUS extension in the server can
- help:
-
- C: A001 UID COPY 567,414 "Interesting Messages"
- S: A001 OK [COPYUID 1022843275 414,567 5:6] Completed
-
- This tells the client that the message with UID 414 in the current
- mailbox was successfully copied to the mailbox "Interesting Messages"
- and was given the UID 5, and that the message with UID 567 was given
- the UID 6.
-
- In the absence of UIDPLUS extension support in the server, the
- following trick can be used. By including the Message-ID: header and
- the INTERNALDATE data item as part of the descriptor, the client can
- check the descriptor of a "new" message against messages that are
- already in its cache and avoid fetching the extra copy. Of course,
-
-
-
-Melnikov Informational [Page 9]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- it's possible that the cost of checking to see if the message is
- already in the local cache may exceed the cost of just fetching it,
- so this technique should not be used blindly. If the MUA implements
- a "move" command, it makes special provisions to use this technique
- when it knows that a copy/delete sequence is the result of a "move"
- command.
-
- Note that servers are not required (although they are strongly
- encouraged with "SHOULD language") to preserve INTERNALDATE when
- copying messages.
-
- Also note that since it's theoretically possible for this algorithm
- to find the wrong message (given sufficiently malignant Message-ID
- headers), implementers should provide a way to disable this
- optimization, both permanently and on a message-by-message basis.
-
- Example 1: Copying a message in the absence of UIDPLUS extension.
-
- At some point in time the client has fetched the source message and
- some information was cached:
-
- C: C021 UID FETCH <uids> (BODY.PEEK[] INTERNALDATE FLAGS)
- ...
- S: * 27 FETCH (UID 123 INTERNALDATE "31-May-2002 05:26:59 -0600"
- FLAGS (\Draft $MDNSent) BODY[] {1036}
- S: ...
- S: Message-Id: <20040903110856.22a127cd@chardonnay>
- S: ...
- S: ...message body...
- S: )
- ...
- S: C021 OK fetch completed
-
- Later on, the client decides to copy the message:
-
- C: C035 UID COPY 123 "Interesting Messages"
- S: C035 OK Completed
-
- As the server hasn't provided the COPYUID response code, the client
- tries the optimization described above:
-
- C: C036 SELECT "Interesting Messages"
- ...
- C: C037 UID SEARCH ON 31-May-2002 HEADER
- "Message-Id" "20040903110856.22a127cd@chardonnay"
- S: SEARCH 12368
- S: C037 OK completed
-
-
-
-
-Melnikov Informational [Page 10]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- Note that if the server has returned multiple UIDs in the SEARCH
- response, the client MUST NOT use any of the returned UID.
-
-4.2.2.2. Moving a Message from a Remote Mailbox to a Local
-
- Moving a message from a remote mailbox to a local is done with FETCH
- (that includes FLAGS and INTERNALDATE) followed by UID STORE <uid>
- +FLAGS.SILENT (\Deleted):
-
- C: A003 UID FETCH 123 (BODY.PEEK[] INTERNALDATE FLAGS)
- S: * 27 FETCH (UID 123 INTERNALDATE "31-May-2002 05:26:59 -0600"
- FLAGS (\Seen $MDNSent) BODY[]
- S: ...message body...
- S: )
- S: A003 OK UID FETCH completed
- C: A004 UID STORE <uid> +FLAGS.SILENT (\Deleted)
- S: A004 STORE completed
-
- Note that there is no reason to fetch the message during
- synchronization if it's already in the client's cache. Also, the
- client SHOULD preserve delivery date in the local cache.
-
-4.2.2.3. Moving a Message from a Local Mailbox to a Remote
-
- Moving a message from a local mailbox to a remote is done with
- APPEND:
-
- C: A003 APPEND Drafts (\Seen $MDNSent) "31-May-2002 05:26:59 -0600"
- {310}
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@blt.example.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.siam.edu
- C: Message-Id: <B27397-0100000@blt.example.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C:
- S: A003 OK [APPENDUID 1022843275 77712] completed
-
- The client SHOULD specify the delivery date from the local cache in
- the APPEND.
-
- If the [LITERAL+] extension is available, the client can save a
- round-trip*:
-
-
-
-
-Melnikov Informational [Page 11]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- C: A003 APPEND Drafts (\Seen $MDNSent) "31-May-2002 05:26:59 -0600"
- {310+}
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@blt.example.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.siam.edu
- C: Message-Id: <B27397-0100000@blt.example.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C:
- S: A003 OK [APPENDUID 1022843275 77712] completed
-
- * Note that there is a risk that the server will reject the message
- due to its size. If this happens, the client will waste bandwidth
- transferring the whole message. If the client wouldn't have used
- the LITERAL+, this could have been avoided:
-
- C: A003 APPEND Drafts (\Seen $MDNSent) "31-May-2004 05:26:59 -0600"
- {16777215}
- S: A003 NO Sorry, message is too big
-
-4.2.2.4. Moving a Message between Two Mailboxes on Different Servers
-
- Moving a message between two mailbox on two different servers is a
- combination of the operations described in 4.2.2.2 followed by the
- operations described in 4.2.2.3.
-
-4.2.2.5. Uploading Multiple Messages to a Remote Mailbox with
- MULTIAPPEND
-
- When there is a need to upload multiple messages to a remote mailbox
- (e.g., as per 4.2.2.3), the presence of certain IMAP extensions may
- significantly improve performance. One of them is [MULTIAPPEND].
-
- For some mail stores, opening a mailbox for appending might be
- expensive. [MULTIAPPEND] tells the server to open the mailbox once
- (instead of opening and closing it "n" times per "n" messages to be
- uploaded) and to keep it open while a group of messages is being
- uploaded to the server.
-
- Also, if the server supports both [MULTIAPPEND] and [LITERAL+]
- extensions, the entire upload is accomplished in a single
- command/response round-trip.
-
-
-
-
-
-
-Melnikov Informational [Page 12]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- Note: Client implementers should be aware that [MULTIAPPEND] performs
- append of multiple messages atomically. This means, for example, if
- there is not enough space to save "n"-th message (or the message has
- invalid structure and is rejected by the server) after successful
- upload of "n-1" messages, the whole upload operation fails, and no
- message will be saved in the mailbox. Although this behavior might
- be desirable in certain situations, it might not be what you want.
- Otherwise, the client should use the regular APPEND command (Section
- 4.2.2.3), possibly utilizing the [LITERAL+] extension. See also
- Section 5.1 for discussions about error recovery.
-
- Note: MULTIAPPEND can be used together with the UIDPLUS extension in
- a way similar to what was described in Section 4.2.1. [MULTIAPPEND]
- extends the syntax of the APPENDUID response code to allow for
- multiple message UIDs in the second parameter.
-
- Example 2:
-
- This example demonstrates the use of MULTIAPPEND together with
- UIDPLUS (synchronization points where the client waits for
- confirmations from the server are marked with "<--->"):
-
- C: A003 APPEND Jan-2002 (\Seen $MDNSent) "31-May-2002 05:26:59 -0600"
- {310}
- <--->
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@blt.example.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.siam.edu
- C: Message-Id: <B27397-0100000@blt.example.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C: (\Seen) " 1-Jun-2002 22:43:04 -0800" {286}
- <--->
- S: + Ready for literal data
- C: Date: Mon, 7 Feb 1994 22:43:04 -0800 (PST)
- C: From: Joe Mooch <mooch@OWaTaGu.siam.EDU>
- C: Subject: Re: afternoon meeting
- C: To: foobar@blt.example.com
- C: Message-Id: <a0434793874930@OWaTaGu.siam.EDU>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: 3:30 is fine with me.
- C:
-
-
-
-Melnikov Informational [Page 13]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- S: A003 OK [APPENDUID 1022843275 77712,77713] completed
-
- The upload takes 3 round-trips.
-
- Example 3:
-
- In this example, Example 2 was modified for the case when the server
- supports MULTIAPPEND, LITERAL+, and UIDPLUS. The upload takes only 1
- round-trip.
-
- C: A003 APPEND Jan-2002 (\Seen $MDNSent) "31-May-2002 05:26:59 -0600"
- {310+}
- C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
- C: From: Fred Foobar <foobar@blt.example.COM>
- C: Subject: afternoon meeting
- C: To: mooch@owatagu.siam.edu
- C: Message-Id: <B27397-0100000@blt.example.COM>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: Hello Joe, do you think we can meet at 3:30 tomorrow?
- C: (\Seen) " 1-Jun-2002 22:43:04 -0800" {286+}
- C: Date: Mon, 7 Feb 1994 22:43:04 -0800 (PST)
- C: From: Joe Mooch <mooch@OWaTaGu.siam.EDU>
- C: Subject: Re: afternoon meeting
- C: To: foobar@blt.example.com
- C: Message-Id: <a0434793874930@OWaTaGu.siam.EDU>
- C: MIME-Version: 1.0
- C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
- C:
- C: 3:30 is fine with me.
- C:
- S: A003 OK [APPENDUID 1022843275 77712,77713] completed
-
-4.2.3. Replaying Local Flag Changes
-
- The disconnected client uses the STORE command to synchronize local
- flag state with the server. The disconnected client SHOULD use
- +FLAGS.SILENT or -FLAGS.SILENT in order to set or unset flags
- modified by the user while offline. The FLAGS form MUST NOT be used,
- as there is a risk that this will overwrite flags on the server that
- have been changed by some other client.
-
- Example 4:
-
- For the message with UID 15, the disconnected client stores the
- following flags \Seen and $Highest. The flags were modified on the
- server by some other client: \Seen, \Answered, and $Highest. While
-
-
-
-Melnikov Informational [Page 14]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- offline, the user requested that the $Highest flags be removed and
- that the \Deleted flag be added. The flag synchronization sequence
- for the message should look like:
-
- C: A001 UID STORE 15 +FLAGS.SILENT (\Deleted)
- S: A001 STORE completed
- C: A002 UID STORE 15 -FLAGS.SILENT ($Highest)
- S: A002 STORE completed
-
- If the disconnected client is able to store an additional binary
- state information (or a piece of information that can take a value
- from a predefined set of values) in the local cache of an IMAP
- mailbox or in a local mailbox (e.g., message priority), and if the
- server supports storing of arbitrary keywords, the client MUST use
- keywords to store this state on the server.
-
- Example 5:
-
- Imagine a speculative mail client that can mark a message as one of
- work-related ($Work), personal ($Personal), or spam ($Spam). In
- order to mark a message as personal, the client issues:
-
- C: A001 UID STORE 15 +FLAGS.SILENT ($Personal)
- S: A001 STORE completed
- C: A002 UID STORE 15 -FLAGS.SILENT ($Work $Spam)
- S: A002 STORE completed
-
- In order to mark the message as not work, not personal and not spam,
- the client issues:
-
- C: A003 UID STORE 15 -FLAGS.SILENT ($Personal $Work $Spam)
- S: A003 STORE completed
-
-4.2.4. Processing Mailbox Compression (EXPUNGE) Requests
-
- A naive disconnected client implementation that supports compressing
- a mailbox while offline may decide to issue an EXPUNGE command to the
- server in order to expunge messages marked \Deleted. The problem
- with this command during synchronization is that it permanently
- erases all messages with the \Deleted flag set, i.e., even those
- messages that were marked as \Deleted on the server while the user
- was offline. Doing this might result in an unpleasant surprise for
- the user.
-
- Fortunately the [UIDPLUS] extension can help in this case as well.
- The extension introduces UID EXPUNGE command, that, unlike EXPUNGE,
- takes a UID set parameter, that lists UIDs of all messages that can
- be expunged. When processing this command the server erases only
-
-
-
-Melnikov Informational [Page 15]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- messages with \Deleted flag listed in the UID list. Thus, messages
- not listed in the UID set will not be expunged even if they have the
- \Deleted flag set.
-
- Example 6:
-
- While the user was offline, 3 messages with UIDs 7, 27, and 65 were
- marked \Deleted when the user requested to compress the open mailbox.
- Another client marked a message \Deleted on the server (UID 34).
- During synchronization, the disconnected client issues:
-
- C: A001 UID EXPUNGE 7,27,65
- S: * ... EXPUNGE
- S: * ... EXPUNGE
- S: * ... EXPUNGE
- S: A001 UID EXPUNGE completed
-
- If another client issues UID SEARCH DELETED command (to find all
- messages with the \Deleted flag) before and after the UID EXPUNGE, it
- will get:
-
- Before:
-
- C: B001 UID SEARCH DELETED
- S: * SEARCH 65 34 27 7
- S: B001 UID SEARCH completed
-
- After:
-
- C: B002 UID SEARCH DELETED
- S: * SEARCH 34
- S: B002 UID SEARCH completed
-
- In the absence of the [UIDPLUS] extension, the following sequence of
- commands can be used as an approximation. Note: It's possible for
- another client to mark additional messages as deleted while this
- sequence is being performed. In this case, these additional messages
- will be expunged as well.
-
- 1) Find all messages marked \Deleted on the server.
-
- C: A001 UID SEARCH DELETED
- S: * SEARCH 65 34 27 7
- S: A001 UID SEARCH completed
-
- 2) Find all messages that must not be erased (for the previous
- example the list will consist of the message with UID 34).
-
-
-
-
-Melnikov Informational [Page 16]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- 3) Temporarily remove \Deleted flag on all messages found in step 2.
-
- C: A002 UID STORE 34 -FLAGS.SILENT (\Deleted)
- S: A002 UID STORE completed
-
- 4) Expunge the mailbox.
-
- C: A003 EXPUNGE
- S: * 20 EXPUNGE
- S: * 7 EXPUNGE
- S: * 1 EXPUNGE
- S: A003 EXPUNGE completed
-
- Here, the message with UID 7 has message number 1, with UID 27 has
- message number 7, and with UID 65 has message number 20.
-
- 5) Restore \Deleted flag on all messages found when performing step
- 2.
-
- C: A004 UID STORE 34 +FLAGS.SILENT (\Deleted)
- S: A004 UID STORE completed
-
-4.2.5. Closing a Mailbox
-
- When the disconnected client has to close a mailbox, it should not
- use the CLOSE command, because CLOSE does a silent EXPUNGE. (Section
- 4.2.4 explains why EXPUNGE should not be used by a disconnected
- client.) It is safe to use CLOSE only if the mailbox was opened with
- EXAMINE.
-
- If the mailbox was opened with SELECT, the client can use one of the
- following commands to implicitly close the mailbox and prevent the
- silent expunge:
-
- 1) UNSELECT - This is a command described in [UNSELECT] that works as
- CLOSE, but doesn't cause the silent EXPUNGE. This command is
- supported by the server if it reports UNSELECT in its CAPABILITY
- list.
-
- 2) SELECT <another_mailbox> - SELECT causes implicit CLOSE without
- EXPUNGE.
-
- 3) If the client intends to issue LOGOUT after closing the mailbox,
- it may just issue LOGOUT, because LOGOUT causes implicit CLOSE
- without EXPUNGE as well.
-
- 4) SELECT <non_existing_mailbox> - If the client knows a mailbox that
- doesn't exist or can't be selected, it MAY SELECT it.
-
-
-
-Melnikov Informational [Page 17]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- If the client opened the mailbox with SELECT and just wants to avoid
- implicit EXPUNGE without closing the mailbox, it may also use the
- following:
-
- 5) EXAMINE <mailbox> - Reselect the same mailbox in read-only mode.
-
-4.3. Details of "Normal" Synchronization of a Single Mailbox
-
- The most common form of synchronization is where the human trusts the
- integrity of the client's copy of the state of a particular mailbox
- and simply wants to bring the client's cache up to date so that it
- accurately reflects the mailbox's current state on the server.
-
-4.3.1. Discovering New Messages and Changes to Old Messages
-
- Let <lastseenuid> represent the highest UID that the client knows
- about in this mailbox. Since UIDs are allocated in strictly
- ascending order, this is simply the UID of the last message in the
- mailbox that the client knows about. Let <lastseenuid+1> represent
- <lastseenuid>'s UID plus one. Let <descriptors> represent a list
- consisting of all the FETCH data item items that the implementation
- considers part of the descriptor; at a minimum this is just the FLAGS
- data item, but it usually also includes BODYSTRUCTURE and
- RFC822.SIZE. At this step, <descriptors> SHOULD NOT include RFC822.
-
- With no further information, the client can issue the following two
- commands:
-
- tag1 UID FETCH <lastseenuid+1>:* <descriptors>
- tag2 UID FETCH 1:<lastseenuid> FLAGS
-
- The first command will request some information about "new" messages
- (i.e., messages received by the server since the last
- synchronization). It will also allow the client to build a message
- number to UID map (only for new messages). The second command allows
- the client to
-
- 1) update cached flags for old messages;
-
- 2) find out which old messages got expunged; and
-
- 3) build a mapping between message numbers and UIDs (for old
- messages).
-
- The order here is significant. We want the server to start returning
- the list of new message descriptors as fast as it can, so that the
- client can start issuing more FETCH commands, so we start out by
- asking for the descriptors of all the messages we know the client
-
-
-
-Melnikov Informational [Page 18]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- cannot possibly have cached yet. The second command fetches the
- information we need to determine what changes may have occurred to
- messages that the client already has cached. Note that the former
- command should only be issued if the UIDNEXT value cached by the
- client differs from the one returned by the server. Once the client
- has issued these two commands, there's nothing more the client can do
- with this mailbox until the responses to the first command start
- arriving. A clever synchronization program might use this time to
- fetch its local cache state from disk or to start the process of
- synchronizing another mailbox.
-
- The following is an example of the first FETCH:
-
- C: A011 UID fetch 131:* (FLAGS BODYSTRUCTURE INTERNALDATE
- RFC822.SIZE)
-
- Note 1: The first FETCH may result in the server's sending a huge
- volume of data. A smart disconnected client should use message
- ranges (see also Section 3.2.1.2 of [RFC2683]), so that the user is
- able to execute a different operation between fetching information
- for a group of new messages.
-
- Example 7:
-
- Knowing the new UIDNEXT returned by the server on SELECT or EXAMINE
- (<uidnext>), the client can split the UID range
- <lastseenuid+1>:<uidnext> into groups, e.g., 100 messages. After
- that, the client can issue:
-
- C: A011 UID fetch <lastseenuid+1>:<lastseenuid+100>
- (FLAGS BODYSTRUCTURE INTERNALDATE RFC822.SIZE)
- ...
- C: A012 UID fetch <lastseenuid+101>:<lastseenuid+200>
- (FLAGS BODYSTRUCTURE INTERNALDATE RFC822.SIZE)
- ...
- ...
- C: A0FF UID fetch <lastseenuid+901>:<uidnext>
- (FLAGS BODYSTRUCTURE INTERNALDATE RFC822.SIZE)
-
- Note that unless a SEARCH command is issued, it is impossible to
- determine how many messages will fall into a subrange, as UIDs are
- not necessarily contiguous.
-
- Note 2: The client SHOULD ignore any unsolicited EXPUNGE responses
- received during the first FETCH command. EXPUNGE responses contain
- message numbers that are useless to a client that doesn't have the
- message-number-to-UID translation table.
-
-
-
-
-Melnikov Informational [Page 19]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- The second FETCH command will result in zero or more untagged fetch
- responses. Each response will have a corresponding UID FETCH data
- item. All messages that didn't have a matching untagged FETCH
- response MUST be removed from the local cache.
-
- For example, if the <lastseenuid> had a value 15000 and the local
- cache contained 3 messages with the UIDs 12, 777, and 14999,
- respectively, then after receiving the following responses from the
- server, the client must remove the message with UID 14999 from its
- local cache.
-
- S: * 1 FETCH (UID 12 FLAGS (\Seen))
- S: * 2 FETCH (UID 777 FLAGS (\Answered \Deleted))
-
- Note 3: If the client is not interested in flag changes (i.e., the
- client only wants to know which old messages are still on the
- server), the second FETCH command can be substituted with:
-
- tag2 UID SEARCH UID 1:<lastseenuid>
-
- This command will generate less traffic. However, an implementor
- should be aware that in order to build the mapping table from message
- numbers to UIDs, the output of the SEARCH command MUST be sorted
- first, because there is no requirement for a server to return UIDs in
- SEARCH response in any particular order.
-
-4.3.2. Searching for "Interesting" Messages.
-
- This step is performed entirely on the client (from the information
- received in the step described in 4.3.1), entirely on the server, or
- on some combination of both. The decision on what is an
- "interesting" message is up to the client software and the human.
- One easy criterion that should probably be implemented in any client
- is whether the message is "too big" for automatic retrieval, where
- "too big" is a parameter defined in the client's configuration.
-
- Another commonly used criterion is the age of a message. For
- example, the client may choose to download only messages received in
- the last week (in this case, <date> would be today's date minus 7
- days):
-
- tag3 UID SEARCH UID <uidset> SINCE <date>
-
- Keep in mind that a date search disregards time and time zone. The
- client can avoid doing this search if it specified INTERNALDATE in
- <descriptors> on the step described in 4.3.1. If the client did, it
- can perform the local search on its message cache.
-
-
-
-
-Melnikov Informational [Page 20]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- At this step, the client also decides what kind of information about
- a particular message to fetch from the server. In particular, even
- for a message that is considered "too big", the client MAY choose to
- fetch some part(s) of it. For example, if the message is a
- multipart/mixed containing a text part and a MPEG attachment, there
- is no reason for the client not to fetch the text part. The decision
- of which part should or should not be fetched can be based on the
- information received in the BODYSTRUCTURE FETCH response data item
- (i.e., if BODYSTRUCTURE was included in <descriptors> on the step
- described in 4.3.1).
-
-4.3.3. Populating Cache with "Interesting" Messages.
-
- Once the client has found out which messages are "interesting", it
- can start issuing appropriate FETCH commands for "interesting"
- messages or parts thereof.
-
- Note that fetching a message into the disconnected client's local
- cache does NOT imply that the human has (or even will) read the
- message. Thus, the synchronization program for a disconnected client
- should always be careful to use the .PEEK variants of the FETCH data
- items that implicitly set the \Seen flag.
-
- Once the last descriptor has arrived and the last FETCH command has
- been issued, the client simply needs to process the incoming fetch
- items and use them to update the local message cache.
-
- In order to avoid deadlock problems, the client must give processing
- of received messages priority over issuing new FETCH commands during
- this synchronization process. This may necessitate temporary local
- queuing of FETCH requests that cannot be issued without causing a
- deadlock. In order to achieve the best use of the "expensive"
- network connection, the client will almost certainly need to pay
- careful attention to any flow-control information that it can obtain
- from the underlying transport connection (usually a TCP connection).
-
- Note: The requirement stated in the previous paragraph might result
- in an unpleasant user experience, if followed blindly. For example,
- the user might be unwilling to wait for the client to finish
- synchronization before starting to process the user's requests. A
- smart disconnected client should allow the user to perform requested
- operations in between IMAP commands that are part of the
- synchronization process. See also Note 1 in Section 4.3.1.
-
-
-
-
-
-
-
-
-Melnikov Informational [Page 21]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- Example 8:
-
- After fetching a message BODYSTRUCTURE, the client discovers a
- complex MIME message. Then, it decides to fetch MIME headers of the
- nested MIME messages and some body parts.
-
- C: A011 UID fetch 11 (BODYSTRUCTURE)
- S: ...
- C: A012 UID fetch 11 (BODY[HEADER] BODY[1.MIME] BODY[1.1.MIME]
- BODY[1.2.MIME] BODY[2.MIME] BODY[3.MIME] BODY[4.MIME]
- BODY[5.MIME] BODY[6.MIME] BODY[7.MIME] BODY[8.MIME] BODY[9.MIME]
- BODY[10.MIME] BODY[11.MIME] BODY[12.MIME] BODY[13.MIME]
- BODY[14.MIME] BODY[15.MIME] BODY[16.MIME] BODY[17.MIME]
- BODY[18.MIME] BODY[19.MIME] BODY[20.MIME] BODY[21.MIME])
- S: ...
- C: A013 UID fetch 11 (BODY[1.1] BODY[1.2])
- S: ...
- C: A014 UID fetch 11 (BODY[3] BODY[4] BODY[5] BODY[6] BODY[7] BODY[8]
- BODY[9] BODY[10] BODY[11] BODY[13] BODY[14] BODY[15] BODY[16]
- BODY[21])
- S: ...
-
-4.3.4. User-Initiated Synchronization
-
- After the client has finished the main synchronization process as
- described in Sections 4.3.1-4.3.3, the user may optionally request
- additional synchronization steps while the client is still online.
- This is not any different from the process described in Sections
- 4.3.2 and 4.3.3.
-
- Typical examples are:
-
- 1) fetch all messages selected in UI.
- 2) fetch all messages marked as \Flagged on the server.
-
-4.4. Special Case: Descriptor-Only Synchronization
-
- For some mailboxes, fetching the descriptors might be the entire
- synchronization step. Practical experience with IMAP has shown that
- a certain class of mailboxes (e.g., "archival" mailboxes) are used
- primarily for long-term storage of important messages that the human
- wants to have instantly available on demand but does not want
- cluttering up the disconnected client's cache at any other time.
- Messages in this kind of mailbox would be fetched exclusively by
- explicit actions queued by the local MUA. Thus, the only
- synchronization desirable on this kind of mailbox is fetching enough
- descriptor information for the user to be able to identify messages
- for subsequent download.
-
-
-
-Melnikov Informational [Page 22]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- Special mailboxes that receive messages from a high volume, low
- priority mailing list might also be in this category, at least when
- the human is in a hurry.
-
-4.5. Special Case: Fast New-Only Synchronization
-
- In some cases, the human might be in such a hurry that he or she
- doesn't care about changes to old messages, just about new messages.
- In this case, the client can skip the UID FETCH command that obtains
- the flags and UIDs for old messages (1:<lastseenuid>).
-
-4.6. Special Case: Blind FETCH
-
- In some cases, the human may know (for whatever reason) that he or
- she always wants to fetch any new messages in a particular mailbox,
- unconditionally. In this case, the client can just fetch the
- messages themselves, rather than just the descriptors, by using a
- command like:
-
- tag1 UID FETCH <lastseenuid+1>:* (FLAGS BODY.PEEK[])
-
- Note that this example ignores the fact that the messages can be
- arbitrary long. The disconnected client MUST always check for
- message size before downloading, unless explicitly told otherwise. A
- well-behaved client should instead use something like the following:
-
- 1) Issue "tag1 UID FETCH <lastseenuid+1>:* (FLAGS RFC822.SIZE)".
-
- 2) From the message sizes returned in step 1, construct UID set
- <required_messages>.
-
- 3) Issue "tag2 UID FETCH <required_messages> (BODY.PEEK[])".
-
- or
-
- 1) Issue "tag1 UID FETCH <lastseenuid+1>:* (FLAGS)".
-
- 2) Construct UID set <old_uids> from the responses of step 1.
-
- 3) Issue "tag2 SEARCH UID <old_uids> SMALLER <message_limit>".
- Construct UID set <required_messages> from the result of the
- SEARCH command.
-
- 4) Issue "tag3 UID FETCH <required_messages> (BODY.PEEK[])".
-
-
-
-
-
-
-
-Melnikov Informational [Page 23]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- or
-
- 1) Issue "tag1 UID FETCH <lastseenuid+1>:* (FLAGS
- BODY.PEEK[]<0.<length>>)", where <length> should be replaced with
- the maximal message size the client is willing to download.
-
- Note: In response to such a command, the server will only return
- partial data if the message is longer than <length>. It will
- return the full message data for any message whose size is smaller
- than or equal to <length>. In the former case, the client will
- not be able to extract the full MIME structure of the message from
- the truncated data, so the client should include BODYSTRUCTURE in
- the UID FETCH command as well.
-
-5. Implementation Considerations
-
- Below are listed some common implementation pitfalls that should be
- considered when implementing a disconnected client.
-
- 1) Implementing fake UIDs on the client.
-
- A message scheduled to be uploaded has no UID, as UIDs are
- selected by the server. The client may implement fake UIDs
- internally in order to reference not-yet-uploaded messages in
- further operations. (For example, a message could be scheduled to
- be uploaded, but subsequently marked as deleted or copied to
- another mailbox). Here, the client MUST NOT under any
- circumstances send these fake UIDs to the server. Also, client
- implementers should be reminded that according to [IMAP4] a UID is
- a 32-bit unsigned integer excluding 0. So, both 4294967295 and
- 2147483648 are valid UIDs, and 0 and -1 are both invalid. Some
- disconnected mail clients have been known to send negative numbers
- (e.g., "-1") as message UIDs to servers during synchronization.
-
- Situation 1: The user starts composing a new message, edits it,
- saves it, continues to edit it, and saves it again.
-
- A disconnected client may record in its replay log (log of
- operations to be replayed on the server during synchronization)
- the sequence of operations as shown below. For the purpose of
- this situation, we assume that all draft messages are stored in
- the mailbox called Drafts on an IMAP server. We will also use the
- following conventions: <old_uid> is the UID of the intermediate
- version of the draft when it was saved for the first time. This
- is a fake UID generated on the client. <new_uid> is the UID of
- the final version of the draft. This is another fake UID
- generated on the client.
-
-
-
-
-Melnikov Informational [Page 24]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- 1) APPEND Drafts (\Seen $MDNSent \Drafts) {<nnn>}
- ...first version of the message follows...
-
- 2) APPEND Drafts (\Seen $MDNSent \Drafts) {<mmm>}
- ...final version of the message follows...
-
- 3) STORE <old_uid> +FLAGS (\Deleted)
-
- Step 1 corresponds to the first attempt to save the draft message,
- step 2 corresponds to the second attempt to save the draft
- message, and step 3 deletes the first version of the draft message
- saved in step 1.
-
- A naive disconnected client may send the command in step 3 without
- replacing the fake client generated <old_uid> with the value
- returned by the server in step 1. A server will probably reject
- this command, which will make the client believe that the
- synchronization sequence has failed.
-
- 2) Section 5.1 discusses common implementation errors related to
- error recovery during playback.
-
- 3) Don't assume that the disconnected client is the only client used
- by the user.
-
- Situation 2: Some clients may use the \Deleted flag as an
- indicator that the message should not appear in the user's view.
- Usage of the \Deleted flag for this purpose is not safe, as other
- clients (e.g., online clients) might EXPUNGE the mailbox at any
- time.
-
- 4) Beware of data dependencies between synchronization operations.
-
- It might be very tempting for a client writer to perform some
- optimizations on the playback log. Such optimizations might
- include removing redundant operations (for example, see
- optimization 2 in Section 5.3), or their reordering.
-
- It is not always safe to reorder or remove redundant operations
- during synchronization because some operations may have
- dependencies (as Situation 3 demonstrates). So, if in doubt,
- don't do this.
-
- Situation 3: The user copies a message out of a mailbox and then
- deletes the mailbox.
-
-
-
-
-
-
-Melnikov Informational [Page 25]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- C: A001 SELECT Old-Mail
- S: ...
- C: A002 UID COPY 111 ToDo
- S: A002 OK [COPYUID 1022843345 111 94] Copy completed
- ...
- C: A015 CLOSE
- S: A015 OK Completed
- C: A016 DELETE Old-Mail
- S: A016 OK Mailbox deletion completed successfully
-
- If the client performs DELETE (tag A016) first and COPY (tag A002)
- second, then the COPY fails. Also, the message that the user so
- carefully copied into another mailbox has been lost.
-
-5.1. Error Recovery during Playback
-
- Error recovery during synchronization is one of the trickiest parts
- to get right. Below, we will discuss certain error conditions and
- suggest possible choices for handling them.
-
- 1) Lost connection to the server.
-
- The client MUST remember the current position in the playback
- (replay) log and replay it starting from the interrupted operation
- (the last command issued by the client, but not acknowledged by
- the server) the next time it successfully connects to the same
- server. If the connection was lost while executing a non-
- idempotent IMAP command (see the definition in Section 1), then
- when the client is reconnected, it MUST make sure that the
- interrupted command was indeed not executed. If it wasn't
- executed, the client must restart playback from the interrupted
- command, otherwise from the following command.
-
- Upon reconnect, care must be taken in order to properly reapply
- logical operations that are represented by multiple IMAP commands,
- e.g., UID EXPUNGE emulation when UID EXPUNGE is not supported by
- the server (see Section 4.2.4).
-
- Once the client detects that the connection to the server was
- lost, it MUST stop replaying its log. There are existing
- disconnected clients that, to the great annoyance of users, pop up
- an error dialog for each and every playback operation that fails.
-
- 2) Copying/appending messages to a mailbox that doesn't exist. (The
- server advertises this condition by sending the TRYCREATE response
- code in the tagged NO response to the APPEND or COPY command.)
-
-
-
-
-
-Melnikov Informational [Page 26]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- The user should be advised about the situation and be given one of
- the following choices:
-
- a) Try to recreate a mailbox.
- b) Copy/upload messages to another mailbox.
- c) Skip copy/upload.
- d) Abort replay.
-
- 3) Copying messages from a mailbox that doesn't exist, or renaming or
- getting/changing ACLs [ACL] on a mailbox that doesn't exist:
-
- a) Skip operation.
- b) Abort replay.
-
- 4) Deleting mailboxes or deleting/expunging messages that no longer
- exist.
-
- This is actually is not an error and should be ignored by the
- client.
-
- 5) Performing operations on messages that no longer exist.
-
- a) Skip operation.
- b) Abort replay.
-
- In the case of changing flags on an expunged message, the client
- should silently ignore the error.
-
- Note 1: Several synchronization operations map to multiple IMAP
- commands (for example, "move" described in 4.2.2). The client must
- guarantee atomicity of each such multistep operation. For example,
- when performing a "move" between two mailboxes on the same server, if
- the server is unable to copy messages, the client MUST NOT attempt to
- set the \Deleted flag on the messages being copied, let alone expunge
- them. However, the client MAY consider that move operation to have
- succeeded even if the server was unable to set the \Deleted flag on
- copied messages.
-
- Note 2: Many synchronization operations have data dependencies. A
- failed operation must cause all dependent operations to fail as well.
- The client should check this and MUST NOT try to perform all
- dependent operations blindly (unless the user corrected the original
- problem). For example, a message may be scheduled to be appended to
- a mailbox on the server and later on the appended message may be
- copied to another mailbox. If the APPEND operation fails, the client
- must not attempt to COPY the failed message later on. (See also
- Section 5, Situation 3).
-
-
-
-
-Melnikov Informational [Page 27]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
-5.2. Quality of Implementation Issues
-
- Below, some quality of implementation issues are listed for
- disconnected clients. They will help to write a disconnected client
- that works correctly, performs synchronization as quickly as possible
- (and thus can make the user happier as well as save her some money),
- and minimizes the server load:
-
- 1) Don't lose information.
-
- No matter how smart your client is in other areas, if it loses
- information, users will get very upset.
-
- 2) Don't do work unless explicitly asked. Be flexible. Ask all
- questions BEFORE starting synchronization, if possible.
-
- 3) Minimize traffic.
-
- The client MUST NOT issue a command if the client already received
- the required information from the server.
-
- The client MUST make use of UIDPLUS extension if it is supported
- by the server.
-
- See also optimization 1 in Section 5.3.
-
- 4) Minimize the number of round-trips.
-
- Round-trips kill performance, especially on links with high
- latency. Sections 4.2.2.5 and 5.2 give some advice on how to
- minimize the number of round-trips.
-
- See also optimization 1 in Section 5.3.
-
-5.3. Optimizations
-
- Some useful optimizations are described in this section. A
- disconnected client that supports the recommendations listed below
- will give the user a more pleasant experience.
-
- 1) The initial OK or PREAUTH responses may contain the CAPABILITY
- response code as described in Section 7.1 of [IMAP4]. This
- response code gives the same information as returned by the
- CAPABILITY command*. A disconnected client that pays attention to
- this response code can avoid sending CAPABILITY command and will
- save a round-trip.
-
-
-
-
-
-Melnikov Informational [Page 28]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- * Note: Some servers report in the CAPABILITY response code
- extensions that are only relevant in unauthenticated state or in
- all states. Such servers usually send another CAPABILITY
- response code upon successful authentication using LOGIN or
- AUTHENTICATE command (that negotiates no security layer; see
- Section 6.2.2 of [IMAP4]). The CAPABILITY response code sent
- upon successful LOGIN/AUTHENTICATE might be different from the
- CAPABILITY response code in the initial OK response, as
- extensions only relevant for unauthenticated state will not be
- advertised, and some additional extensions available only in
- authenticated and/or selected state will be.
-
- Example 9:
-
- S: * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS
- AUTH=DIGEST-MD5 AUTH=SRP] imap.example.com ready
- C: 2 authenticate DIGEST-MD5
- S: 2 OK [CAPABILITY IMAP4REV1 IDLE NAMESPACE MAILBOX-REFERRALS SCAN
- SORT THREAD=REFERENCES THREAD=ORDEREDSUBJECT MULTIAPPEND]
- User authenticated (no layer)
-
- 2) An advanced disconnected client may choose to optimize its replay
- log. For example, there might be some operations that are
- redundant (the list is not complete):
-
- a) an EXPUNGE followed by another EXPUNGE or CLOSE;
- b) changing flags (other than the \Deleted flag) on a message that
- gets immediately expunged;
- c) opening and closing the same mailbox.
-
- When optimizing, be careful about data dependencies between commands.
- For example, if the client is wishing to optimize (see case b, above)
-
- tag1 UID STORE <uid1> +FLAGS (\Deleted)
- ...
- tag2 UID STORE <uid1> +FLAGS (\Flagged)
- ...
- tag3 UID COPY <uid1> "Backup"
- ...
- tag4 UID EXPUNGE <uid1>
-
- it can't remove the second UID STORE command because the message is
- being copied before it gets expunged.
-
- In general, it might be a good idea to keep mailboxes open during
- synchronization (see case c above), if possible. This can be more
- easily achieved in conjunction with optimization 3 described below.
-
-
-
-
-Melnikov Informational [Page 29]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- 3) Perform some synchronization steps in parallel, if possible.
-
- Several synchronization steps don't depend on each other and thus
- can be performed in parallel. Because the server machine is
- usually more powerful than the client machine and can perform some
- operations in parallel, this may speed up the total time of
- synchronization.
-
- In order to achieve such parallelization, the client will have to
- open more than one connection to the same server. Client writers
- should not forget about non-trivial cost associated with
- establishing a TCP connection and performing an authentication.
- The disconnected client MUST NOT use one connection per mailbox.
- In most cases, it is sufficient to have two connections. The
- disconnected client SHOULD avoid selecting the same mailbox in
- more than one connection; see Section 3.1.1 of [RFC2683] for more
- details.
-
- Any mailbox synchronization MUST start with checking the
- UIDVALIDITY as described in Section 4.1 of this document. The
- client MAY use STATUS command to check UID Validity of a non-
- selected mailbox. This is preferable to opening many connections
- to the same server to perform synchronization of multiple
- mailboxes simultaneously. As described in Section 5.3.10 of
- [IMAP4], this SHOULD NOT be used on the selected mailbox.
-
-6. IMAP Extensions That May Help
-
- The following extensions can save traffic and/or the number of
- round-trips:
-
- 1) The use of [UIDPLUS] is discussed in Sections 4.1, 4.2.1, 4.2.2.1
- and 4.2.4.
-
- 2) The use of the MULTIAPPEND and LITERAL+ extensions for uploading
- messages is discussed in Section 4.2.2.5.
-
- 3) Use the CONDSTORE extension (see Section 6.1) for quick flag
- resynchronization.
-
-6.1. CONDSTORE Extension
-
- An advanced disconnected mail client should use the [CONDSTORE]
- extension when it is supported by the server. The client must cache
- the value from HIGHESTMODSEQ OK response code received on mailbox
- opening and update it whenever the server sends MODSEQ FETCH data
- items.
-
-
-
-
-Melnikov Informational [Page 30]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- If the client receives NOMODSEQ OK untagged response instead of
- HIGHESTMODSEQ, it MUST remove the last known HIGHESTMODSEQ value from
- its cache and follow the more general instructions in Section 3.
-
- When the client opens the mailbox for synchronization, it first
- compares UIDVALIDITY as described in step d-1 in Section 3. If the
- cached UIDVALIDITY value matches the one returned by the server, the
- client MUST compare the cached value of HIGHESTMODSEQ with the one
- returned by the server. If the cached HIGHESTMODSEQ value also
- matches the one returned by the server, then the client MUST NOT
- fetch flags for cached messages, as they hasn't changed. If the
- value on the server is higher than the cached one, the client MAY use
- "SEARCH MODSEQ <cached-value>" to find all messages with flags
- changed since the last time the client was online and had the mailbox
- opened. Alternatively, the client MAY use "FETCH 1:* (FLAGS)
- (CHANGEDSINCE <cached-value>)". The latter operation combines
- searching for changed messages and fetching new information.
-
- In all cases, the client still needs to fetch information about new
- messages (if requested by the user) as well as discover which
- messages have been expunged.
-
- Step d ("Server-to-client synchronization") in Section 4 in the
- presence of the CONDSTORE extension is amended as follows:
-
- d) "Server-to-client synchronization" - For each mailbox that
- requires synchronization, do the following:
-
- 1a) Check the mailbox UIDVALIDITY (see section 4.1 for more
- details) with SELECT/EXAMINE/STATUS.
-
- If the UIDVALIDITY value returned by the server differs, the
- client MUST
-
- * empty the local cache of that mailbox;
- * "forget" the cached HIGHESTMODSEQ value for the mailbox;
- * remove any pending "actions" that refer to UIDs in that
- mailbox (note that this doesn't affect actions performed on
- client-generated fake UIDs; see Section 5); and
- * skip steps 1b and 2-II;
-
- 1b) Check the mailbox HIGHESTMODSEQ. If the cached value is the
- same as the one returned by the server, skip fetching message
- flags on step 2-II, i.e., the client only has to find out
- which messages got expunged.
-
-
-
-
-
-
-Melnikov Informational [Page 31]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- 2) Fetch the current "descriptors".
-
- I) Discover new messages.
-
- II) Discover changes to old messages and flags for new messages
- using
- "FETCH 1:* (FLAGS) (CHANGEDSINCE <cached-value>)" or
- "SEARCH MODSEQ <cached-value>".
-
- Discover expunged messages; for example, using
- "UID SEARCH 1:<lastseenuid>". (All messages not returned
- in this command are expunged.)
-
- 3) Fetch the bodies of any "interesting" messages that the client
- doesn't already have.
-
- Example 10:
-
- The UIDVALIDITY value is the same, but the HIGHESTMODSEQ value
- has changed on the server while the client was offline.
-
- C: A142 SELECT INBOX
- S: * 172 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 201] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
- S: * OK [HIGHESTMODSEQ 20010715194045007]
- S: A142 OK [READ-WRITE] SELECT completed
-
- After that, either:
-
- C: A143 UID FETCH 1:* (FLAGS) (CHANGEDSINCE 20010715194032001)
- S: * 2 FETCH (UID 6 MODSEQ (20010715205008000) FLAGS (\Deleted))
- S: * 5 FETCH (UID 9 MODSEQ (20010715195517000) FLAGS ($NoJunk
- $AutoJunk $MDNSent))
- ...
- S: A143 OK FETCH completed
-
- or:
-
-
-
-
-
-
-
-
-
-Melnikov Informational [Page 32]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
- C: A143 UID SEARCH MODSEQ 20010715194032001 UID 1:20
- S: * SEARCH 6 9 11 12 18 19 20 23 (MODSEQ 20010917162500)
- S: A143 OK Search complete
- C: A144 UID SEARCH 1:20
- S: * SEARCH 6 9 ...
- S: A144 OK FETCH completed
-
-7. Security Considerations
-
- It is believed that this document does not raise any new security
- concerns that are not already present in the base [IMAP4] protocol,
- and these issues are discussed in [IMAP4]. Additional security
- considerations may be found in different extensions mentioned in this
- document; in particular, in [UIDPLUS], [LITERAL+], [CONDSTORE],
- [MULTIAPPEND], and [UNSELECT].
-
- Implementers are also reminded about the importance of thorough
- testing.
-
-8. References
-
-8.1. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL -
- VERSION 4rev1", RFC 3501, March 2003.
-
- [UIDPLUS] Crispin, M., "Internet Message Access Protocol (IMAP) -
- UIDPLUS extension", RFC 4315, December 2005.
-
- [LITERAL+] Myers, J., "IMAP4 non-synchronizing literals", RFC
- 2088, January 1997.
-
- [CONDSTORE] Melnikov, A. and S. Hole, "IMAP Extension for
- Conditional STORE Operation or Quick Flag Changes
- Resynchronization", RFC 4551, June 2006.
-
- [MULTIAPPEND] Crispin, M., "Internet Message Access Protocol (IMAP) -
- MULTIAPPEND Extension", RFC 3502, March 2003.
-
- [UNSELECT] Melnikov, A., "Internet Message Access Protocol (IMAP)
- UNSELECT command", RFC 3691, February 2004.
-
- [RFC2683] Leiba, B., "IMAP4 Implementation Recommendations", RFC
- 2683, September 1999.
-
-
-
-
-Melnikov Informational [Page 33]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
-8.2. Informative References
-
- [ACL] Melnikov, A., "IMAP4 Access Control List (ACL)
- Extension", RFC 4314, December 2005.
-
- [IMAP-MODEL] Crispin, M., "Distributed Electronic Mail Models in
- IMAP4", RFC 1733, December 1994.
-
-9. Acknowledgements
-
- This document is based on version 01 of the text written by Rob
- Austein in November 1994.
-
- The editor appreciates comments posted by Mark Crispin to the IMAP
- mailing list and the comments/corrections/ideas received from Grant
- Baillie, Cyrus Daboo, John G. Myers, Chris Newman, and Timo Sirainen.
-
- The editor would also like to thank the developers of Netscape
- Messenger and Mozilla mail clients for providing examples of
- disconnected mail clients that served as a base for many
- recommendations in this document.
-
-Editor's Address
-
- Alexey Melnikov
- Isode Limited
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex
- TW12 2BX
- United Kingdom
-
- Phone: +44 77 53759732
- EMail: alexey.melnikov@isode.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Informational [Page 34]
-
-RFC 4549 Synch Ops for Disconnected IMAP4 Clients June 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Melnikov Informational [Page 35]
-
diff --git a/imap/docs/rfc/rfc4551.txt b/imap/docs/rfc/rfc4551.txt
deleted file mode 100644
index 894b5109..00000000
--- a/imap/docs/rfc/rfc4551.txt
+++ /dev/null
@@ -1,1403 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov
-Request for Comments: 4551 Isode Ltd.
-Updates: 3501 S. Hole
-Category: Standards Track ACI WorldWide/MessagingDirect
- June 2006
-
-
- IMAP Extension for Conditional STORE Operation
- or Quick Flag Changes Resynchronization
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- Often, multiple IMAP (RFC 3501) clients need to coordinate changes to
- a common IMAP mailbox. Examples include different clients working on
- behalf of the same user, and multiple users accessing shared
- mailboxes. These clients need a mechanism to synchronize state
- changes for messages within the mailbox. They must be able to
- guarantee that only one client can change message state (e.g.,
- message flags) at any time. An example of such an application is use
- of an IMAP mailbox as a message queue with multiple dequeueing
- clients.
-
- The Conditional Store facility provides a protected update mechanism
- for message state information that can detect and resolve conflicts
- between multiple writing mail clients.
-
- The Conditional Store facility also allows a client to quickly
- resynchronize mailbox flag changes.
-
- This document defines an extension to IMAP (RFC 3501).
-
-
-
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 1]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
-Table of Contents
-
- 1. Introduction and Overview ................................. 3
- 2. Conventions Used in This Document ......................... 5
- 3. IMAP Protocol Changes ..................................... 6
- 3.1. New OK untagged responses for SELECT and EXAMINE ......... 6
- 3.1.1. HIGHESTMODSEQ response code ............................ 6
- 3.1.2. NOMODSEQ response code ................................. 7
- 3.2. STORE and UID STORE Commands ............................. 7
- 3.3 FETCH and UID FETCH Commands ..............................13
- 3.3.1. CHANGEDSINCE FETCH modifier ............................13
- 3.3.2. MODSEQ message data item in FETCH Command ..............14
- 3.4. MODSEQ search criterion in SEARCH ........................16
- 3.5. Modified SEARCH untagged response ........................17
- 3.6. HIGHESTMODSEQ status data items ..........................17
- 3.7. CONDSTORE parameter to SELECT and EXAMINE ................18
- 3.8. Additional quality of implementation issues ..............18
- 4. Formal Syntax .............................................19
- 5. Server implementation considerations ......................21
- 6. Security Considerations ...................................22
- 7. IANA Considerations .......................................22
- 8. References ................................................23
- 8.1. Normative References .....................................23
- 8.2. Informative References ...................................23
- 9. Acknowledgements ..........................................23
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 2]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
-1. Introduction and Overview
-
- The Conditional STORE extension is present in any IMAP4
- implementation that returns "CONDSTORE" as one of the supported
- capabilities in the CAPABILITY command response.
-
- An IMAP server that supports this extension MUST associate a positive
- unsigned 64-bit value called a modification sequence (mod-sequence)
- with every IMAP message. This is an opaque value updated by the
- server whenever a metadata item is modified. The server MUST
- guarantee that each STORE command performed on the same mailbox
- (including simultaneous stores to different metadata items from
- different connections) will get a different mod-sequence value.
- Also, for any two successful STORE operations performed in the same
- session on the same mailbox, the mod-sequence of the second completed
- operation MUST be greater than the mod-sequence of the first
- completed. Note that the latter rule disallows the use of the system
- clock as a mod-sequence, because if system time changes (e.g., an NTP
- [NTP] client adjusting the time), the next generated value might be
- less than the previous one.
-
- Mod-sequences allow a client that supports the CONDSTORE extension to
- determine if a message metadata has changed since some known moment.
- Whenever the state of a flag changes (i.e., the flag is added where
- previously it wasn't set, or the flag is removed and before it was
- set) the value of the modification sequence for the message MUST be
- updated. Adding the flag when it is already present or removing when
- it is not present SHOULD NOT change the mod-sequence.
-
- When a message is appended to a mailbox (via the IMAP APPEND command,
- COPY to the mailbox, or using an external mechanism) the server
- generates a new modification sequence that is higher than the highest
- modification sequence of all messages in the mailbox and assigns it
- to the appended message.
-
- The server MAY store separate (per-message) modification sequence
- values for different metadata items. If the server does so, per-
- message mod-sequence is the highest mod-sequence of all metadata
- items for the specified message.
-
- The server that supports this extension is not required to be able to
- store mod-sequences for every available mailbox. Section 3.1.2
- describes how the server may act if a particular mailbox doesn't
- support the persistent storage of mod-sequences.
-
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 3]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- This extension makes the following changes to the IMAP4 protocol:
-
- a) adds UNCHANGEDSINCE STORE modifier.
-
- b) adds the MODIFIED response code which should be used with an OK
- response to the STORE command. (It can also be used in a NO
- response.)
-
- c) adds a new MODSEQ message data item for use with the FETCH
- command.
-
- d) adds CHANGEDSINCE FETCH modifier.
-
- e) adds a new MODSEQ search criterion.
-
- f) extends the syntax of untagged SEARCH responses to include
- mod-sequence.
-
- g) adds new OK untagged responses for the SELECT and EXAMINE
- commands.
-
- h) defines an additional parameter to SELECT/EXAMINE commands.
-
- i) adds the HIGHESTMODSEQ status data item to the STATUS command.
-
- A client supporting CONDSTORE extension indicates its willingness to
- receive mod-sequence updates in all untagged FETCH responses by
- issuing:
-
- - a SELECT or EXAMINE command with the CONDSTORE parameter,
- - a STATUS (HIGHESTMODSEQ) command,
- - a FETCH or SEARCH command that includes the MODSEQ message data
- item,
- - a FETCH command with the CHANGEDSINCE modifier, or
- - a STORE command with the UNCHANGEDSINCE modifier.
-
- The server MUST include mod-sequence data in all subsequent untagged
- FETCH responses (until the connection is closed), whether they were
- caused by a regular STORE, a STORE with UNCHANGEDSINCE modifier, or
- an external agent.
-
- This document uses the term "CONDSTORE-aware client" to refer to a
- client that announces its willingness to receive mod-sequence updates
- as described above. The term "CONDSTORE enabling command" will refer
- any of the commands listed above. A future extension to this
- document may extend the list of CONDSTORE enabling commands. A first
- CONDSTORE enabling command executed in the session MUST cause the
-
-
-
-
-Melnikov & Hole Standards Track [Page 4]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- server to return HIGHESTMODSEQ (Section 3.1.1) unless the server has
- sent NOMODSEQ (Section 3.1.2) response code when the currently
- selected mailbox was selected.
-
- The rest of this document describes the protocol changes more
- rigorously.
-
-2. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in RFC 2119 [KEYWORDS].
-
- In examples, lines beginning with "S:" are sent by the IMAP server,
- and lines beginning with "C:" are sent by the client. Line breaks
- may appear in example commands solely for editorial clarity; when
- present in the actual message, they are represented by "CRLF".
-
- Formal syntax is defined using ABNF [ABNF].
-
- The term "metadata" or "metadata item" is used throughout this
- document. It refers to any system or user-defined keyword. Future
- documents may extend "metadata" to include other dynamic message
- data.
-
- Some IMAP mailboxes are private, accessible only to the owning user.
- Other mailboxes are not, either because the owner has set an Access
- Control List [ACL] that permits access by other users, or because it
- is a shared mailbox. Let's call a metadata item "shared" for the
- mailbox if any changes to the metadata items are persistent and
- visible to all other users accessing the mailbox. Otherwise, the
- metadata item is called "private". Note that private metadata items
- are still visible to all sessions accessing the mailbox as the same
- user. Also note that different mailboxes may have different metadata
- items as shared.
-
- See Section 1 for the definition of a "CONDSTORE-aware client" and a
- "CONDSTORE enabling command".
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 5]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
-3. IMAP Protocol Changes
-
-3.1. New OK Untagged Responses for SELECT and EXAMINE
-
- This document adds two new response codes, HIGHESTMODSEQ and
- NOMODSEQ. One of those response codes MUST be returned in the OK
- untagged response for a successful SELECT/EXAMINE command.
-
- When opening a mailbox, the server must check if the mailbox supports
- the persistent storage of mod-sequences. If the mailbox supports the
- persistent storage of mod-sequences and the mailbox open operation
- succeeds, the server MUST send the OK untagged response including
- HIGHESTMODSEQ response code. If the persistent storage for the
- mailbox is not supported, the server MUST send the OK untagged
- response including NOMODSEQ response code instead.
-
-3.1.1. HIGHESTMODSEQ Response Code
-
- This document adds a new response code that is returned in the OK
- untagged response for the SELECT and EXAMINE commands. A server
- supporting the persistent storage of mod-sequences for the mailbox
- MUST send the OK untagged response including HIGHESTMODSEQ response
- code with every successful SELECT or EXAMINE command:
-
- OK [HIGHESTMODSEQ <mod-sequence-value>]
-
- where <mod-sequence-value> is the highest mod-sequence value of
- all messages in the mailbox. When the server changes UIDVALIDITY
- for a mailbox, it doesn't have to keep the same HIGHESTMODSEQ for
- the mailbox.
-
- A disconnected client can use the value of HIGHESTMODSEQ to check if
- it has to refetch metadata from the server. If the UIDVALIDITY value
- has changed for the selected mailbox, the client MUST delete the
- cached value of HIGHESTMODSEQ. If UIDVALIDITY for the mailbox is the
- same, and if the HIGHESTMODSEQ value stored in the client's cache is
- less than the value returned by the server, then some metadata items
- on the server have changed since the last synchronization, and the
- client needs to update its cache. The client MAY use SEARCH MODSEQ
- (Section 3.4) to find out exactly which metadata items have changed.
- Alternatively, the client MAY issue FETCH with the CHANGEDSINCE
- modifier (Section 3.3.1) in order to fetch data for all messages that
- have metadata items changed since some known modification sequence.
-
- Example 1:
-
- C: A142 SELECT INBOX
- S: * 172 EXISTS
-
-
-
-Melnikov & Hole Standards Track [Page 6]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 4392] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
- S: * OK [HIGHESTMODSEQ 715194045007]
- S: A142 OK [READ-WRITE] SELECT completed
-
-3.1.2. NOMODSEQ Response Code
-
- A server that doesn't support the persistent storage of mod-sequences
- for the mailbox MUST send the OK untagged response including NOMODSEQ
- response code with every successful SELECT or EXAMINE command. A
- server that returned NOMODSEQ response code for a mailbox, which
- subsequently receives one of the following commands while the mailbox
- is selected:
-
- - a FETCH command with the CHANGEDSINCE modifier,
- - a FETCH or SEARCH command that includes the MODSEQ message data
- item, or
- - a STORE command with the UNCHANGEDSINCE modifier
-
- MUST reject any such command with the tagged BAD response.
-
- Example 2:
-
- C: A142 SELECT INBOX
- S: * 172 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 4392] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
- S: * OK [NOMODSEQ] Sorry, this mailbox format doesn't support
- modsequences
- S: A142 OK [READ-WRITE] SELECT completed
-
-3.2. STORE and UID STORE Commands
-
- This document defines the following STORE modifier (see Section 2.5
- of [IMAPABNF]):
-
- UNCHANGEDSINCE <mod-sequence>
-
- For each message specified in the message set, the server performs
- the following. If the mod-sequence of any metadata item of the
-
-
-
-Melnikov & Hole Standards Track [Page 7]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- message is equal or less than the specified UNCHANGEDSINCE value,
- then the requested operation (as described by the message data
- item) is performed. If the operation is successful, the server
- MUST update the mod-sequence attribute of the message. An
- untagged FETCH response MUST be sent, even if the .SILENT suffix
- is specified, and the response MUST include the MODSEQ message
- data item. This is required to update the client's cache with the
- correct mod-sequence values. See Section 3.3.2 for more details.
-
- However, if the mod-sequence of any metadata item of the message
- is greater than the specified UNCHANGEDSINCE value, then the
- requested operation MUST NOT be performed. In this case, the
- mod-sequence attribute of the message is not updated, and the
- message number (or unique identifier in the case of the UID STORE
- command) is added to the list of messages that failed the
- UNCHANGESINCE test.
-
- When the server finished performing the operation on all the
- messages in the message set, it checks for a non-empty list of
- messages that failed the UNCHANGESINCE test. If this list is
- non-empty, the server MUST return in the tagged response a
- MODIFIED response code. The MODIFIED response code includes the
- message set (for STORE) or set of UIDs (for UID STORE) of all
- messages that failed the UNCHANGESINCE test.
-
- Example 3:
-
- All messages pass the UNCHANGESINCE test.
-
- C: a103 UID STORE 6,4,8 (UNCHANGEDSINCE 12121230045)
- +FLAGS.SILENT (\Deleted)
- S: * 1 FETCH (UID 4 MODSEQ (12121231000))
- S: * 2 FETCH (UID 6 MODSEQ (12121230852))
- S: * 4 FETCH (UID 8 MODSEQ (12121130956))
- S: a103 OK Conditional Store completed
-
- Example 4:
-
- C: a104 STORE * (UNCHANGEDSINCE 12121230045) +FLAGS.SILENT
- (\Deleted $Processed)
- S: * 50 FETCH (MODSEQ (12111230047))
- S: a104 OK Store (conditional) completed
-
- Example 5:
-
- C: c101 STORE 1 (UNCHANGEDSINCE 12121230045) -FLAGS.SILENT
- (\Deleted)
- S: * OK [HIGHESTMODSEQ 12111230047]
-
-
-
-Melnikov & Hole Standards Track [Page 8]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- S: * 50 FETCH (MODSEQ (12111230048))
- S: c101 OK Store (conditional) completed
-
- HIGHESTMODSEQ response code was sent by the server presumably
- because this was the first CONDSTORE enabling command.
-
- Example 6:
-
- In spite of the failure of the conditional STORE operation for
- message 7, the server continues to process the conditional STORE
- in order to find all messages that fail the test.
-
- C: d105 STORE 7,5,9 (UNCHANGEDSINCE 320162338)
- +FLAGS.SILENT (\Deleted)
- S: * 5 FETCH (MODSEQ (320162350))
- S: d105 OK [MODIFIED 7,9] Conditional STORE failed
-
- Example 7:
-
- Same as above, but the server follows the SHOULD recommendation in
- Section 6.4.6 of [IMAP4].
-
- C: d105 STORE 7,5,9 (UNCHANGEDSINCE 320162338)
- +FLAGS.SILENT (\Deleted)
- S: * 7 FETCH (MODSEQ (320162342) FLAGS (\Seen \Deleted))
- S: * 5 FETCH (MODSEQ (320162350))
- S: * 9 FETCH (MODSEQ (320162349) FLAGS (\Answered))
- S: d105 OK [MODIFIED 7,9] Conditional STORE failed
-
- Use of UNCHANGEDSINCE with a modification sequence of 0 always
- fails if the metadata item exists. A system flag MUST always be
- considered existent, whether it was set or not.
-
- Example 8:
-
- C: a102 STORE 12 (UNCHANGEDSINCE 0)
- +FLAGS.SILENT ($MDNSent)
- S: a102 OK [MODIFIED 12] Conditional STORE failed
-
- The client has tested the presence of the $MDNSent user-defined
- keyword.
-
- Note: A client trying to make an atomic change to the state of a
- particular metadata item (or a set of metadata items) should be
- prepared to deal with the case when the server returns the MODIFIED
- response code if the state of the metadata item being watched hasn't
- changed (but the state of some other metadata item has). This is
- necessary, because some servers don't store separate mod-sequences
-
-
-
-Melnikov & Hole Standards Track [Page 9]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- for different metadata items. However, a server implementation
- SHOULD avoid generating spurious MODIFIED responses for +FLAGS/-FLAGS
- STORE operations, even when the server stores a single mod-sequence
- per message. Section 5 describes how this can be achieved.
-
- Unless the server has included an unsolicited FETCH to update
- client's knowledge about messages that have failed the UNCHANGEDSINCE
- test, upon receipt of the MODIFIED response code, the client SHOULD
- try to figure out if the required metadata items have indeed changed
- by issuing FETCH or NOOP command. It is RECOMMENDED that the server
- avoids the need for the client to do that by sending an unsolicited
- FETCH response (Examples 9 and 10).
-
- If the required metadata items haven't changed, the client SHOULD
- retry the command with the new mod-sequence. The client SHOULD allow
- for a configurable but reasonable number of retries (at least 2).
-
- Example 9:
-
- In the example below, the server returns the MODIFIED response
- code without sending information describing why the STORE
- UNCHANGEDSINCE operation has failed.
-
- C: a106 STORE 100:150 (UNCHANGEDSINCE 212030000000)
- +FLAGS.SILENT ($Processed)
- S: * 100 FETCH (MODSEQ (303181230852))
- S: * 102 FETCH (MODSEQ (303181230852))
- ...
- S: * 150 FETCH (MODSEQ (303181230852))
- S: a106 OK [MODIFIED 101] Conditional STORE failed
-
- The flag $Processed was set on the message 101...
-
- C: a107 NOOP
- S: * 101 FETCH (MODSEQ (303011130956) FLAGS ($Processed))
- S: a107 OK
-
- Or the flag hasn't changed, but another has (note that this server
- behaviour is discouraged. Server implementers should also see
- Section 5)...
-
- C: b107 NOOP
- S: * 101 FETCH (MODSEQ (303011130956) FLAGS (\Deleted \Answered))
- S: b107 OK
-
- ...and the client retries the operation for the message 101 with
- the updated UNCHANGEDSINCE value
-
-
-
-
-Melnikov & Hole Standards Track [Page 10]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- C: b108 STORE 101 (UNCHANGEDSINCE 303011130956)
- +FLAGS.SILENT ($Processed)
- S: * 101 FETCH (MODSEQ (303181230852))
- S: b108 OK Conditional Store completed
-
- Example 10:
-
- Same as above, but the server avoids the need for the client to
- poll for changes.
-
- The flag $Processed was set on the message 101 by another
- client...
-
- C: a106 STORE 100:150 (UNCHANGEDSINCE 212030000000)
- +FLAGS.SILENT ($Processed)
- S: * 100 FETCH (MODSEQ (303181230852))
- S: * 101 FETCH (MODSEQ (303011130956) FLAGS ($Processed))
- S: * 102 FETCH (MODSEQ (303181230852))
- ...
- S: * 150 FETCH (MODSEQ (303181230852))
- S: a106 OK [MODIFIED 101] Conditional STORE failed
-
- Or the flag hasn't changed, but another has (note that this server
- behaviour is discouraged. Server implementers should also see
- Section 5)...
-
- C: a106 STORE 100:150 (UNCHANGEDSINCE 212030000000)
- +FLAGS.SILENT ($Processed)
- S: * 100 FETCH (MODSEQ (303181230852))
- S: * 101 FETCH (MODSEQ (303011130956) FLAGS (\Deleted \Answered))
- S: * 102 FETCH (MODSEQ (303181230852))
- ...
- S: * 150 FETCH (MODSEQ (303181230852))
- S: a106 OK [MODIFIED 101] Conditional STORE failed
-
- ...and the client retries the operation for the message 101 with
- the updated UNCHANGEDSINCE value
-
- C: b108 STORE 101 (UNCHANGEDSINCE 303011130956)
- +FLAGS.SILENT ($Processed)
- S: * 101 FETCH (MODSEQ (303181230852))
- S: b108 OK Conditional Store completed
-
- Or the flag hasn't changed, but another has (nice server
- behaviour. Server implementers should also see Section 5)...
-
- C: a106 STORE 100:150 (UNCHANGEDSINCE 212030000000)
- +FLAGS.SILENT ($Processed)
-
-
-
-Melnikov & Hole Standards Track [Page 11]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- S: * 100 FETCH (MODSEQ (303181230852))
- S: * 101 FETCH (MODSEQ (303011130956) FLAGS ($Processed \Deleted
- \Answered))
- S: * 102 FETCH (MODSEQ (303181230852))
- ...
- S: * 150 FETCH (MODSEQ (303181230852))
- S: a106 OK Conditional STORE completed
-
- Example 11:
-
- The following example is based on the example from the Section
- 4.2.3 of [RFC-2180] and demonstrates that the MODIFIED response
- code may be also returned in the tagged NO response.
-
- Client tries to conditionally STORE flags on a mixture of expunged
- and non-expunged messages; one message fails the UNCHANGEDSINCE
- test.
-
- C: B001 STORE 1:7 (UNCHANGEDSINCE 320172338) +FLAGS (\SEEN)
- S: * 1 FETCH (MODSEQ (320172342) FLAGS (\SEEN))
- S: * 3 FETCH (MODSEQ (320172342) FLAGS (\SEEN))
- S: B001 NO [MODIFIED 2] Some of the messages no longer exist.
-
- C: B002 NOOP
- S: * 4 EXPUNGE
- S: * 4 EXPUNGE
- S: * 4 EXPUNGE
- S: * 4 EXPUNGE
- S: * 2 FETCH (MODSEQ (320172340) FLAGS (\Deleted \Answered))
- S: B002 OK NOOP Completed.
-
- By receiving FETCH responses for messages 1 and 3, and EXPUNGE
- responses that indicate that messages 4 through 7 have been
- expunged, the client retries the operation only for the message 2.
- The updated UNCHANGEDSINCE value is used.
-
- C: b003 STORE 2 (UNCHANGEDSINCE 320172340) +FLAGS (\Seen)
- S: * 2 FETCH (MODSEQ (320180050))
- S: b003 OK Conditional Store completed
-
- Note: If a message is specified multiple times in the message set,
- and the server doesn't internally eliminate duplicates from the
- message set, it MUST NOT fail the conditional STORE operation for the
- second (or subsequent) occurrence of the message if the operation
- completed successfully for the first occurrence. For example, if the
- client specifies:
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 12]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- e105 STORE 7,3:9 (UNCHANGEDSINCE 12121230045)
- +FLAGS.SILENT (\Deleted)
-
- the server must not fail the operation for message 7 as part of
- processing "3:9" if it succeeded when message 7 was processed the
- first time.
-
- Once the client specified the UNCHANGEDSINCE modifier in a STORE
- command, the server MUST include the MODSEQ fetch response data items
- in all subsequent unsolicited FETCH responses.
-
- This document also changes the behaviour of the server when it has
- performed a STORE or UID STORE command and the UNCHANGEDSINCE
- modifier is not specified. If the operation is successful for a
- message, the server MUST update the mod-sequence attribute of the
- message. The server is REQUIRED to include the mod-sequence value
- whenever it decides to send the unsolicited FETCH response to all
- CONDSTORE-aware clients that have opened the mailbox containing the
- message.
-
- Server implementers should also see Section 3.8 for additional
- quality of implementation issues related to the STORE command.
-
-3.3. FETCH and UID FETCH Commands
-
-3.3.1. CHANGEDSINCE FETCH Modifier
-
- This document defines the following FETCH modifier (see Section 2.4
- of [IMAPABNF]):
-
- CHANGEDSINCE <mod-sequence>
-
- CHANGEDSINCE FETCH modifier allows to create a further subset of
- the list of messages described by sequence set. The information
- described by message data items is only returned for messages that
- have mod-sequence bigger than <mod-sequence>.
-
- When CHANGEDSINCE FETCH modifier is specified, it implicitly adds
- MODSEQ FETCH message data item (Section 3.3.2).
-
- Example 12:
-
- C: s100 UID FETCH 1:* (FLAGS) (CHANGEDSINCE 12345)
- S: * 1 FETCH (UID 4 MODSEQ (65402) FLAGS (\Seen))
- S: * 2 FETCH (UID 6 MODSEQ (75403) FLAGS (\Deleted))
- S: * 4 FETCH (UID 8 MODSEQ (29738) FLAGS ($NoJunk $AutoJunk
- $MDNSent))
- S: s100 OK FETCH completed
-
-
-
-Melnikov & Hole Standards Track [Page 13]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
-3.3.2. MODSEQ Message Data Item in FETCH Command
-
- This extension adds a MODSEQ message data item to the FETCH command.
- The MODSEQ message data item allows clients to retrieve mod-sequence
- values for a range of messages in the currently selected mailbox.
-
- Once the client specified the MODSEQ message data item in a FETCH
- request, the server MUST include the MODSEQ fetch response data items
- in all subsequent unsolicited FETCH responses.
-
- Syntax: MODSEQ
-
- The MODSEQ message data item causes the server to return MODSEQ
- fetch response data items.
-
- Syntax: MODSEQ ( <permsg-modsequence> )
-
- MODSEQ response data items contain per-message mod-sequences.
-
- The MODSEQ response data item is returned if the client issued
- FETCH with MODSEQ message data item. It also allows the server to
- notify the client about mod-sequence changes caused by conditional
- STOREs (Section 3.2) and/or changes caused by external sources.
-
- Example 13:
-
- C: a FETCH 1:3 (MODSEQ)
- S: * 1 FETCH (MODSEQ (624140003))
- S: * 2 FETCH (MODSEQ (624140007))
- S: * 3 FETCH (MODSEQ (624140005))
- S: a OK Fetch complete
-
- In this example, the client requests per-message mod-sequences for
- a set of messages.
-
- When a flag for a message is modified in a different session, the
- server sends an unsolicited FETCH response containing the mod-
- sequence for the message.
-
- Example 14:
-
- (Session 1, authenticated as a user "alex"). The user adds a
- shared flag \Deleted:
-
- C: A142 SELECT INBOX
- ...
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Answered \Deleted \Seen \*)] Limited
-
-
-
-Melnikov & Hole Standards Track [Page 14]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- ...
-
- C: A160 STORE 7 +FLAGS.SILENT (\Deleted)
- S: * 7 FETCH (MODSEQ (2121231000))
- S: A160 OK Store completed
-
- (Session 2, also authenticated as the user "alex"). Any changes
- to flags are always reported to all sessions authenticated as the
- same user as in the session 1.
-
- C: C180 NOOP
- S: * 7 FETCH (FLAGS (\Deleted \Answered) MODSEQ (12121231000))
- S: C180 OK Noop completed
-
- (Session 3, authenticated as a user "andrew"). As \Deleted is a
- shared flag, changes in session 1 are also reported in session 3:
-
- C: D210 NOOP
- S: * 7 FETCH (FLAGS (\Deleted \Answered) MODSEQ (12121231000))
- S: D210 OK Noop completed
-
- The user modifies a private flag \Seen in session 1...
-
- C: A240 STORE 7 +FLAGS.SILENT (\Seen)
- S: * 7 FETCH (MODSEQ (12121231777))
- S: A240 OK Store completed
-
- ...which is only reported in session 2...
-
- C: C270 NOOP
- S: * 7 FETCH (FLAGS (\Deleted \Answered \Seen) MODSEQ
- (12121231777))
- S: C270 OK Noop completed
-
- ...but not in session 3.
-
- C: D300 NOOP
- S: D300 OK Noop completed
-
- And finally, the user removes flags \Answered (shared) and \Seen
- (private) in session 1.
-
- C: A330 STORE 7 -FLAGS.SILENT (\Answered \Seen)
- S: * 7 FETCH (MODSEQ (12121245160))
- S: A330 OK Store completed
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 15]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- Both changes are reported in the session 2...
-
- C: C360 NOOP
- S: * 7 FETCH (FLAGS (\Deleted) MODSEQ (12121245160))
- S: C360 OK Noop completed
-
- ...and only changes to shared flags are reported in session 3.
-
- C: D390 NOOP
- S: * 7 FETCH (FLAGS (\Deleted) MODSEQ (12121245160))
- S: D390 OK Noop completed
-
- Server implementers should also see Section 3.8 for additional
- quality of implementation issues related to the FETCH command.
-
-3.4. MODSEQ Search Criterion in SEARCH
-
- The MODSEQ criterion for the SEARCH command allows a client to search
- for the metadata items that were modified since a specified moment.
-
- Syntax: MODSEQ [<entry-name> <entry-type-req>] <mod-sequence-valzer>
-
- Messages that have modification values that are equal to or
- greater than <mod-sequence-valzer>. This allows a client, for
- example, to find out which messages contain metadata items that
- have changed since the last time it updated its disconnected
- cache. The client may also specify <entry-name> (name of metadata
- item) and <entry-type-req> (type of metadata item) before
- <mod-sequence-valzer>. <entry-type-req> can be one of "shared",
- "priv" (private), or "all". The latter means that the server
- should use the biggest value among "priv" and "shared" mod-
- sequences for the metadata item. If the server doesn't store
- internally separate mod-sequences for different metadata items, it
- MUST ignore <entry-name> and <entry-type-req>. Otherwise, the
- server should use them to narrow down the search.
-
- For a flag <flagname>, the corresponding <entry-name> has a form
- "/flags/<flagname>" as defined in [IMAPABNF]. Note that the
- leading "\" character that denotes a system flag has to be escaped
- as per Section 4.3 of [IMAP4], as the <entry-name> uses syntax for
- quoted strings.
-
- If client specifies a MODSEQ criterion in a SEARCH command and the
- server returns a non-empty SEARCH result, the server MUST also append
- (to the end of the untagged SEARCH response) the highest mod-sequence
- for all messages being returned. See also Section 3.5.
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 16]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- Example 15:
-
- C: a SEARCH MODSEQ "/flags/\\draft" all 620162338
- S: * SEARCH 2 5 6 7 11 12 18 19 20 23 (MODSEQ 917162500)
- S: a OK Search complete
-
- In the above example, the message numbers of any messages
- containing the string "IMAP4" in the "value" attribute of the
- "/comment" entry and having a mod-sequence equal to or greater
- than 620162338 for the "\Draft" flag are returned in the search
- results.
-
- Example 16:
-
- C: t SEARCH OR NOT MODSEQ 720162338 LARGER 50000
- S: * SEARCH
- S: t OK Search complete, nothing found
-
-3.5. Modified SEARCH Untagged Response
-
- Data: zero or more numbers
- mod-sequence value (omitted if no match)
-
- This document extends syntax of the untagged SEARCH response to
- include the highest mod-sequence for all messages being returned.
-
- If a client specifies a MODSEQ criterion in a SEARCH (or UID SEARCH)
- command and the server returns a non-empty SEARCH result, the server
- MUST also append (to the end of the untagged SEARCH response) the
- highest mod-sequence for all messages being returned. See Section
- 3.4 for examples.
-
-3.6. HIGHESTMODSEQ Status Data Items
-
- This document defines a new status data item:
-
- HIGHESTMODSEQ
-
- The highest mod-sequence value of all messages in the mailbox.
- This is the same value that is returned by the server in the
- HIGHESTMODSEQ response code in an OK untagged response (see
- Section 3.1.1). If the server doesn't support the persistent
- storage of mod-sequences for the mailbox (see Section 3.1.2), the
- server MUST return 0 as the value of HIGHESTMODSEQ status data
- item.
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 17]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- Example 17:
-
- C: A042 STATUS blurdybloop (UIDNEXT MESSAGES HIGHESTMODSEQ)
- S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292
- HIGHESTMODSEQ 7011231777)
- S: A042 OK STATUS completed
-
-3.7. CONDSTORE Parameter to SELECT and EXAMINE
-
- The CONDSTORE extension defines a single optional select parameter,
- "CONDSTORE", which tells the server that it MUST include the MODSEQ
- fetch response data items in all subsequent unsolicited FETCH
- responses.
-
- The CONDSTORE parameter to SELECT/EXAMINE helps avoid a race
- condition that might arise when one or more metadata items are
- modified in another session after the server has sent the
- HIGHESTMODSEQ response code and before the client was able to issue a
- CONDSTORE enabling command.
-
- Example 18:
-
- C: A142 SELECT INBOX (CONDSTORE)
- S: * 172 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 4392] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
- S: * OK [HIGHESTMODSEQ 715194045007]
- S: A142 OK [READ-WRITE] SELECT completed, CONDSTORE is now enabled
-
-3.8. Additional Quality-of-Implementation Issues
-
- Server implementations should follow the following rule, which
- applies to any successfully completed STORE/UID STORE (with and
- without UNCHANGEDSINCE modifier), as well as to a FETCH command that
- implicitly sets \Seen flag:
-
- Adding the flag when it is already present or removing when it is
- not present SHOULD NOT change the mod-sequence.
-
- This will prevent spurious client synchronization requests.
-
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 18]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- However, note that client implementers MUST NOT rely on this server
- behavior. A client can't distinguish between the case when a server
- has violated the SHOULD mentioned above, and that when one or more
- clients set and unset (or unset and set) the flag in another session.
-
-4. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) [ABNF] notation. Elements not defined here can be found
- in the formal syntax of the ABNF [ABNF], IMAP [IMAP4], and IMAP ABNF
- extensions [IMAPABNF] specifications.
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper- or lowercase characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- capability =/ "CONDSTORE"
-
- status-att =/ "HIGHESTMODSEQ"
- ;; extends non-terminal defined in RFC 3501.
-
- status-att-val =/ "HIGHESTMODSEQ" SP mod-sequence-valzer
- ;; extends non-terminal defined in [IMAPABNF].
- ;; Value 0 denotes that the mailbox doesn't
- ;; support persistent mod-sequences
- ;; as described in Section 3.1.2
-
- store-modifier =/ "UNCHANGEDSINCE" SP mod-sequence-valzer
- ;; Only a single "UNCHANGEDSINCE" may be
- ;; specified in a STORE operation
-
- fetch-modifier =/ chgsince-fetch-mod
- ;; conforms to the generic "fetch-modifier"
- ;; syntax defined in [IMAPABNF].
-
- chgsince-fetch-mod = "CHANGEDSINCE" SP mod-sequence-value
- ;; CHANGEDSINCE FETCH modifier conforms to
- ;; the fetch-modifier syntax
-
- fetch-att =/ fetch-mod-sequence
- ;; modifies original IMAP4 fetch-att
-
- fetch-mod-sequence = "MODSEQ"
-
- fetch-mod-resp = "MODSEQ" SP "(" permsg-modsequence ")"
-
- msg-att-dynamic =/ fetch-mod-resp
-
-
-
-Melnikov & Hole Standards Track [Page 19]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- search-key =/ search-modsequence
- ;; modifies original IMAP4 search-key
- ;;
- ;; This change applies to all commands
- ;; referencing this non-terminal, in
- ;; particular SEARCH.
-
- search-modsequence = "MODSEQ" [search-modseq-ext] SP
- mod-sequence-valzer
-
- search-modseq-ext = SP entry-name SP entry-type-req
-
- resp-text-code =/ "HIGHESTMODSEQ" SP mod-sequence-value /
- "NOMODSEQ" /
- "MODIFIED" SP set
-
- entry-name = entry-flag-name
-
- entry-flag-name = DQUOTE "/flags/" attr-flag DQUOTE
- ;; each system or user defined flag <flag>
- ;; is mapped to "/flags/<flag>".
- ;;
- ;; <entry-flag-name> follows the escape rules
- ;; used by "quoted" string as described in
- ;; Section 4.3 of [IMAP4], e.g., for the flag
- ;; \Seen the corresponding <entry-name> is
- ;; "/flags/\\seen", and for the flag
- ;; $MDNSent, the corresponding <entry-name>
- ;; is "/flags/$mdnsent".
-
- entry-type-resp = "priv" / "shared"
- ;; metadata item type
-
- entry-type-req = entry-type-resp / "all"
- ;; perform SEARCH operation on private
- ;; metadata item, shared metadata item or both
-
- permsg-modsequence = mod-sequence-value
- ;; per message mod-sequence
-
- mod-sequence-value = 1*DIGIT
- ;; Positive unsigned 64-bit integer
- ;; (mod-sequence)
- ;; (1 <= n < 18,446,744,073,709,551,615)
-
- mod-sequence-valzer = "0" / mod-sequence-value
-
- search-sort-mod-seq = "(" "MODSEQ" SP mod-sequence-value ")"
-
-
-
-Melnikov & Hole Standards Track [Page 20]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- select-param =/ condstore-param
- ;; conforms to the generic "select-param"
- ;; non-terminal syntax defined in [IMAPABNF].
-
- condstore-param = "CONDSTORE"
-
- mailbox-data =/ "SEARCH" [1*(SP nz-number) SP
- search-sort-mod-seq]
-
- attr-flag = "\\Answered" / "\\Flagged" / "\\Deleted" /
- "\\Seen" / "\\Draft" / attr-flag-keyword /
- attr-flag-extension
- ;; Does not include "\\Recent"
-
- attr-flag-extension = "\\" atom
- ;; Future expansion. Client implementations
- ;; MUST accept flag-extension flags. Server
- ;; implementations MUST NOT generate
- ;; flag-extension flags except as defined by
- ;; future standard or standards-track
- ;; revisions of [IMAP4].
-
- attr-flag-keyword = atom
-
-5. Server Implementation Considerations
-
- This section describes how a server implementation that doesn't store
- separate per-metadata mod-sequences for different metadata items can
- avoid sending the MODIFIED response to any of the following
- conditional STORE operations:
-
- +FLAGS
- -FLAGS
- +FLAGS.SILENT
- -FLAGS.SILENT
-
- Note that the optimization described in this section can't be
- performed in case of a conditional STORE FLAGS operation.
-
- Let's use the following example. The client has issued
-
- C: a106 STORE 100:150 (UNCHANGEDSINCE 212030000000)
- +FLAGS.SILENT ($Processed)
-
- When the server receives the command and parses it successfully, it
- iterates through the message set and tries to execute the conditional
- STORE command for each message.
-
-
-
-
-Melnikov & Hole Standards Track [Page 21]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
- Each server internally works as a client, i.e., it has to cache the
- current state of all IMAP flags as it is known to the client. In
- order to report flag changes to the client, the server compares the
- cached values with the values in its database for IMAP flags.
-
- Imagine that another client has changed the state of a flag \Deleted
- on the message 101 and that the change updated the mod-sequence for
- the message. The server knows that the mod-sequence for the mailbox
- has changed; however, it also knows that:
-
- a) the client is not interested in \Deleted flag, as it hasn't
- included it in +FLAGS.SILENT operation; and
-
- b) the state of the flag $Processed hasn't changed (the server can
- determine this by comparing cached flag state with the state of
- the flag in the database).
-
- Therefore, the server doesn't have to report MODIFIED to the client.
- Instead, the server may set $Processed flag, update the mod-sequence
- for the message 101 once again and send an untagged FETCH response
- with new mod-sequence and flags:
-
- S: * 101 FETCH (MODSEQ (303011130956)
- FLAGS ($Processed \Deleted \Answered))
-
- See also Section 3.8 for additional quality-of-implementation issues.
-
-6. Security Considerations
-
- It is believed that the Conditional STORE extension doesn't raise any
- new security concerns that are not already discussed in [IMAP4].
- However, the availability of this extension may make it possible for
- IMAP4 to be used in critical applications it could not be used for
- previously, making correct IMAP server implementation and operation
- even more important.
-
-7. IANA Considerations
-
- IMAP4 capabilities are registered by publishing a standards track or
- IESG approved experimental RFC. The registry is currently located
- at:
-
- http://www.iana.org/assignments/imap4-capabilities
-
- This document defines the CONDSTORE IMAP capability. IANA has added
- it to the registry accordingly.
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 22]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
-8. References
-
-8.1. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [IMAPABNF] Melnikov, A. and C. Daboo, "Collected Extensions to IMAP4
- ABNF", RFC 4466, April 2006.
-
-8.2. Informative References
-
- [ACAP] Newman, C. and J. Myers, "ACAP -- Application
- Configuration Access Protocol", RFC 2244, November 1997.
-
- [ACL] Melnikov, A., "IMAP4 Access Control List (ACL) Extension",
- RFC 4314, December 2005.
-
- [ANN] Daboo, C. and R. Gellens, "IMAP ANNOTATE Extension", Work
- in Progress, March 2006.
-
- [NTP] Mills, D., "Network Time Protocol (Version 3)
- Specification, Implementation and Analysis", RFC 1305,
- March 1992.
-
- [RFC-2180] Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice", RFC
- 2180, July 1997.
-
-9. Acknowledgements
-
- Some text was borrowed from "IMAP ANNOTATE Extension" [ANN] by
- Randall Gellens and Cyrus Daboo and from "ACAP -- Application
- Configuration Access Protocol" [ACAP] by Chris Newman and John Myers.
-
- Many thanks to Randall Gellens for his thorough review of the
- document.
-
- The authors also acknowledge the feedback provided by Cyrus Daboo,
- Larry Greenfield, Chris Newman, Harrie Hazewinkel, Arnt Gulbrandsen,
- Timo Sirainen, Mark Crispin, Ned Freed, Ken Murchison, and Dave
- Cridland.
-
-
-
-
-Melnikov & Hole Standards Track [Page 23]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
-Authors' Addresses
-
- Alexey Melnikov
- Isode Limited
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex
- TW12 2BX,
- United Kingdom
-
- EMail: Alexey.Melnikov@isode.com
-
-
- Steve Hole
- ACI WorldWide/MessagingDirect
- #1807, 10088 102 Ave
- Edmonton, AB
- T5J 2Z1
- Canada
-
- EMail: Steve.Hole@messagingdirect.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 24]
-
-RFC 4551 IMAP Extension for Conditional STORE June 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Melnikov & Hole Standards Track [Page 25]
-
diff --git a/imap/docs/rfc/rfc4616.txt b/imap/docs/rfc/rfc4616.txt
deleted file mode 100644
index 991189d5..00000000
--- a/imap/docs/rfc/rfc4616.txt
+++ /dev/null
@@ -1,619 +0,0 @@
-
-
-
-
-
-
-Network Working Group K. Zeilenga, Ed.
-Request for Comments: 4616 OpenLDAP Foundation
-Updates: 2595 August 2006
-Category: Standards Track
-
-
- The PLAIN Simple Authentication and Security Layer (SASL) Mechanism
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
-Abstract
-
- This document defines a simple clear-text user/password Simple
- Authentication and Security Layer (SASL) mechanism called the PLAIN
- mechanism. The PLAIN mechanism is intended to be used, in
- combination with data confidentiality services provided by a lower
- layer, in protocols that lack a simple password authentication
- command.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 1]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
-1. Introduction
-
- Clear-text, multiple-use passwords are simple, interoperate with
- almost all existing operating system authentication databases, and
- are useful for a smooth transition to a more secure password-based
- authentication mechanism. The drawback is that they are unacceptable
- for use over network connections where data confidentiality is not
- ensured.
-
- This document defines the PLAIN Simple Authentication and Security
- Layer ([SASL]) mechanism for use in protocols with no clear-text
- login command (e.g., [ACAP] or [SMTP-AUTH]). This document updates
- RFC 2595, replacing Section 6. Changes since RFC 2595 are detailed
- in Appendix A.
-
- The name associated with this mechanism is "PLAIN".
-
- The PLAIN SASL mechanism does not provide a security layer.
-
- The PLAIN mechanism should not be used without adequate data security
- protection as this mechanism affords no integrity or confidentiality
- protections itself. The mechanism is intended to be used with data
- security protections provided by application-layer protocol,
- generally through its use of Transport Layer Security ([TLS])
- services.
-
- By default, implementations SHOULD advertise and make use of the
- PLAIN mechanism only when adequate data security services are in
- place. Specifications for IETF protocols that indicate that this
- mechanism is an applicable authentication mechanism MUST mandate that
- implementations support an strong data security service, such as TLS.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [Keywords].
-
-2. PLAIN SASL Mechanism
-
- The mechanism consists of a single message, a string of [UTF-8]
- encoded [Unicode] characters, from the client to the server. The
- client presents the authorization identity (identity to act as),
- followed by a NUL (U+0000) character, followed by the authentication
- identity (identity whose password will be used), followed by a NUL
- (U+0000) character, followed by the clear-text password. As with
- other SASL mechanisms, the client does not provide an authorization
- identity when it wishes the server to derive an identity from the
- credentials and use that as the authorization identity.
-
-
-
-
-Zeilenga Standards Track [Page 2]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- The formal grammar for the client message using Augmented BNF [ABNF]
- follows.
-
- message = [authzid] UTF8NUL authcid UTF8NUL passwd
- authcid = 1*SAFE ; MUST accept up to 255 octets
- authzid = 1*SAFE ; MUST accept up to 255 octets
- passwd = 1*SAFE ; MUST accept up to 255 octets
- UTF8NUL = %x00 ; UTF-8 encoded NUL character
-
- SAFE = UTF1 / UTF2 / UTF3 / UTF4
- ;; any UTF-8 encoded Unicode character except NUL
-
- UTF1 = %x01-7F ;; except NUL
- UTF2 = %xC2-DF UTF0
- UTF3 = %xE0 %xA0-BF UTF0 / %xE1-EC 2(UTF0) /
- %xED %x80-9F UTF0 / %xEE-EF 2(UTF0)
- UTF4 = %xF0 %x90-BF 2(UTF0) / %xF1-F3 3(UTF0) /
- %xF4 %x80-8F 2(UTF0)
- UTF0 = %x80-BF
-
- The authorization identity (authzid), authentication identity
- (authcid), password (passwd), and NUL character deliminators SHALL be
- transferred as [UTF-8] encoded strings of [Unicode] characters. As
- the NUL (U+0000) character is used as a deliminator, the NUL (U+0000)
- character MUST NOT appear in authzid, authcid, or passwd productions.
-
- The form of the authzid production is specific to the application-
- level protocol's SASL profile [SASL]. The authcid and passwd
- productions are form-free. Use of non-visible characters or
- characters that a user may be unable to enter on some keyboards is
- discouraged.
-
- Servers MUST be capable of accepting authzid, authcid, and passwd
- productions up to and including 255 octets. It is noted that the
- UTF-8 encoding of a Unicode character may be as long as 4 octets.
-
- Upon receipt of the message, the server will verify the presented (in
- the message) authentication identity (authcid) and password (passwd)
- with the system authentication database, and it will verify that the
- authentication credentials permit the client to act as the (presented
- or derived) authorization identity (authzid). If both steps succeed,
- the user is authenticated.
-
- The presented authentication identity and password strings, as well
- as the database authentication identity and password strings, are to
- be prepared before being used in the verification process. The
- [SASLPrep] profile of the [StringPrep] algorithm is the RECOMMENDED
- preparation algorithm. The SASLprep preparation algorithm is
-
-
-
-Zeilenga Standards Track [Page 3]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- recommended to improve the likelihood that comparisons behave in an
- expected manner. The SASLprep preparation algorithm is not mandatory
- so as to allow the server to employ other preparation algorithms
- (including none) when appropriate. For instance, use of a different
- preparation algorithm may be necessary for the server to interoperate
- with an external system.
-
- When preparing the presented strings using [SASLPrep], the presented
- strings are to be treated as "query" strings (Section 7 of
- [StringPrep]) and hence unassigned code points are allowed to appear
- in their prepared output. When preparing the database strings using
- [SASLPrep], the database strings are to be treated as "stored"
- strings (Section 7 of [StringPrep]) and hence unassigned code points
- are prohibited from appearing in their prepared output.
-
- Regardless of the preparation algorithm used, if the output of a
- non-invertible function (e.g., hash) of the expected string is
- stored, the string MUST be prepared before input to that function.
-
- Regardless of the preparation algorithm used, if preparation fails or
- results in an empty string, verification SHALL fail.
-
- When no authorization identity is provided, the server derives an
- authorization identity from the prepared representation of the
- provided authentication identity string. This ensures that the
- derivation of different representations of the authentication
- identity produces the same authorization identity.
-
- The server MAY use the credentials to initialize any new
- authentication database, such as one suitable for [CRAM-MD5] or
- [DIGEST-MD5].
-
-3. Pseudo-Code
-
- This section provides pseudo-code illustrating the verification
- process (using hashed passwords and the SASLprep preparation
- function) discussed above. This section is not definitive.
-
- boolean Verify(string authzid, string authcid, string passwd) {
- string pAuthcid = SASLprep(authcid, true); # prepare authcid
- string pPasswd = SASLprep(passwd, true); # prepare passwd
- if (pAuthcid == NULL || pPasswd == NULL) {
- return false; # preparation failed
- }
- if (pAuthcid == "" || pPasswd == "") {
- return false; # empty prepared string
- }
-
-
-
-
-Zeilenga Standards Track [Page 4]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- storedHash = FetchPasswordHash(pAuthcid);
- if (storedHash == NULL || storedHash == "") {
- return false; # error or unknown authcid
- }
-
- if (!Compare(storedHash, Hash(pPasswd))) {
- return false; # incorrect password
- }
-
- if (authzid == NULL ) {
- authzid = DeriveAuthzid(pAuthcid);
- if (authzid == NULL || authzid == "") {
- return false; # could not derive authzid
- }
- }
-
- if (!Authorize(pAuthcid, authzid)) {
- return false; # not authorized
- }
-
- return true;
- }
-
- The second parameter of the SASLprep function, when true, indicates
- that unassigned code points are allowed in the input. When the
- SASLprep function is called to prepare the password prior to
- computing the stored hash, the second parameter would be false.
-
- The second parameter provided to the Authorize function is not
- prepared by this code. The application-level SASL profile should be
- consulted to determine what, if any, preparation is necessary.
-
- Note that the DeriveAuthzid and Authorize functions (whether
- implemented as one function or two, whether designed in a manner in
- which these functions or whether the mechanism implementation can be
- reused elsewhere) require knowledge and understanding of mechanism
- and the application-level protocol specification and/or
- implementation details to implement.
-
- Note that the Authorize function outcome is clearly dependent on
- details of the local authorization model and policy. Both functions
- may be dependent on other factors as well.
-
-
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 5]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
-4. Examples
-
- This section provides examples of PLAIN authentication exchanges.
- The examples are intended to help the readers understand the above
- text. The examples are not definitive.
-
- "C:" and "S:" indicate lines sent by the client and server,
- respectively. "<NUL>" represents a single NUL (U+0000) character.
- The Application Configuration Access Protocol ([ACAP]) is used in the
- examples.
-
- The first example shows how the PLAIN mechanism might be used for
- user authentication.
-
- S: * ACAP (SASL "CRAM-MD5") (STARTTLS)
- C: a001 STARTTLS
- S: a001 OK "Begin TLS negotiation now"
- <TLS negotiation, further commands are under TLS layer>
- S: * ACAP (SASL "CRAM-MD5" "PLAIN")
- C: a002 AUTHENTICATE "PLAIN"
- S: + ""
- C: {21}
- C: <NUL>tim<NUL>tanstaaftanstaaf
- S: a002 OK "Authenticated"
-
- The second example shows how the PLAIN mechanism might be used to
- attempt to assume the identity of another user. In this example, the
- server rejects the request. Also, this example makes use of the
- protocol optional initial response capability to eliminate a round-
- trip.
-
- S: * ACAP (SASL "CRAM-MD5") (STARTTLS)
- C: a001 STARTTLS
- S: a001 OK "Begin TLS negotiation now"
- <TLS negotiation, further commands are under TLS layer>
- S: * ACAP (SASL "CRAM-MD5" "PLAIN")
- C: a002 AUTHENTICATE "PLAIN" {20+}
- C: Ursel<NUL>Kurt<NUL>xipj3plmq
- S: a002 NO "Not authorized to requested authorization identity"
-
-5. Security Considerations
-
- As the PLAIN mechanism itself provided no integrity or
- confidentiality protections, it should not be used without adequate
- external data security protection, such as TLS services provided by
- many application-layer protocols. By default, implementations SHOULD
- NOT advertise and SHOULD NOT make use of the PLAIN mechanism unless
- adequate data security services are in place.
-
-
-
-Zeilenga Standards Track [Page 6]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- When the PLAIN mechanism is used, the server gains the ability to
- impersonate the user to all services with the same password
- regardless of any encryption provided by TLS or other confidentiality
- protection mechanisms. Whereas many other authentication mechanisms
- have similar weaknesses, stronger SASL mechanisms address this issue.
- Clients are encouraged to have an operational mode where all
- mechanisms that are likely to reveal the user's password to the
- server are disabled.
-
- General [SASL] security considerations apply to this mechanism.
-
- Unicode, [UTF-8], and [StringPrep] security considerations also
- apply.
-
-6. IANA Considerations
-
- The SASL Mechanism registry [IANA-SASL] entry for the PLAIN mechanism
- has been updated by the IANA to reflect that this document now
- provides its technical specification.
-
- To: iana@iana.org
- Subject: Updated Registration of SASL mechanism PLAIN
-
- SASL mechanism name: PLAIN
- Security considerations: See RFC 4616.
- Published specification (optional, recommended): RFC 4616
- Person & email address to contact for further information:
- Kurt Zeilenga <kurt@openldap.org>
- IETF SASL WG <ietf-sasl@imc.org>
- Intended usage: COMMON
- Author/Change controller: IESG <iesg@ietf.org>
- Note: Updates existing entry for PLAIN
-
-7. Acknowledgements
-
- This document is a revision of RFC 2595 by Chris Newman. Portions of
- the grammar defined in Section 2 were borrowed from [UTF-8] by
- Francois Yergeau.
-
- This document is a product of the IETF Simple Authentication and
- Security Layer (SASL) Working Group.
-
-
-
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 7]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
-8. Normative References
-
- [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 4234, October 2005.
-
- [Keywords] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [SASL] Melnikov, A., Ed., and K. Zeilenga, Ed., "Simple
- Authentication and Security Layer (SASL)", RFC 4422,
- June 2006.
-
- [SASLPrep] Zeilenga, K., "SASLprep: Stringprep Profile for User
- Names and Passwords", RFC 4013, February 2005.
-
- [StringPrep] Hoffman, P. and M. Blanchet, "Preparation of
- Internationalized Strings ("stringprep")", RFC 3454,
- December 2002.
-
- [Unicode] The Unicode Consortium, "The Unicode Standard, Version
- 3.2.0" is defined by "The Unicode Standard, Version
- 3.0" (Reading, MA, Addison-Wesley, 2000. ISBN 0-201-
- 61633-5), as amended by the "Unicode Standard Annex
- #27: Unicode 3.1"
- (http://www.unicode.org/reports/tr27/) and by the
- "Unicode Standard Annex #28: Unicode 3.2"
- (http://www.unicode.org/reports/tr28/).
-
- [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
- 10646", STD 63, RFC 3629, November 2003.
-
- [TLS] Dierks, T. and E. Rescorla, "The Transport Layer
- Security (TLS) Protocol Version 1.1", RFC 4346, April
- 2006.
-
-9. Informative References
-
- [ACAP] Newman, C. and J. Myers, "ACAP -- Application
- Configuration Access Protocol", RFC 2244, November
- 1997.
-
- [CRAM-MD5] Nerenberg, L., Ed., "The CRAM-MD5 SASL Mechanism", Work
- in Progress, June 2006.
-
- [DIGEST-MD5] Melnikov, A., Ed., "Using Digest Authentication as a
- SASL Mechanism", Work in Progress, June 2006.
-
-
-
-
-
-Zeilenga Standards Track [Page 8]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- [IANA-SASL] IANA, "SIMPLE AUTHENTICATION AND SECURITY LAYER (SASL)
- MECHANISMS",
- <http://www.iana.org/assignments/sasl-mechanisms>.
-
- [SMTP-AUTH] Myers, J., "SMTP Service Extension for Authentication",
- RFC 2554, March 1999.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 9]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
-Appendix A. Changes since RFC 2595
-
- This appendix is non-normative.
-
- This document replaces Section 6 of RFC 2595.
-
- The specification details how the server is to compare client-
- provided character strings with stored character strings.
-
- The ABNF grammar was updated. In particular, the grammar now allows
- LINE FEED (U+000A) and CARRIAGE RETURN (U+000D) characters in the
- authzid, authcid, passwd productions. However, whether these control
- characters may be used depends on the string preparation rules
- applicable to the production. For passwd and authcid productions,
- control characters are prohibited. For authzid, one must consult the
- application-level SASL profile. This change allows PLAIN to carry
- all possible authorization identity strings allowed in SASL.
-
- Pseudo-code was added.
-
- The example section was expanded to illustrate more features of the
- PLAIN mechanism.
-
-Editor's Address
-
- Kurt D. Zeilenga
- OpenLDAP Foundation
-
- EMail: Kurt@OpenLDAP.org
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 10]
-
-RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
-Zeilenga Standards Track [Page 11]
-
diff --git a/imap/docs/rfc/rfc4731.txt b/imap/docs/rfc/rfc4731.txt
deleted file mode 100644
index 8c4869aa..00000000
--- a/imap/docs/rfc/rfc4731.txt
+++ /dev/null
@@ -1,451 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov
-Request for Comments: 4731 Isode Ltd
-Category: Standards Track D. Cridland
- Inventure Systems Ltd
- November 2006
-
-
- IMAP4 Extension to SEARCH Command for Controlling
- What Kind of Information Is Returned
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The IETF Trust (2006).
-
-Abstract
-
- This document extends IMAP (RFC 3501) SEARCH and UID SEARCH commands
- with several result options, which can control what kind of
- information is returned. The following result options are defined:
- minimal value, maximal value, all found messages, and number of found
- messages.
-
-Table of Contents
-
- 1. Introduction ....................................................2
- 2. Conventions Used in This Document ...............................2
- 3. IMAP Protocol Changes ...........................................2
- 3.1. New SEARCH/UID SEARCH Result Options .......................2
- 3.2. Interaction with CONDSTORE extension .......................4
- 4. Formal Syntax ...................................................5
- 5. Security Considerations .........................................6
- 6. IANA Considerations .............................................6
- 7. Normative References ............................................6
- 8. Acknowledgments .................................................6
-
-
-
-
-
-
-
-
-
-Melnikov & Cridland Standards Track [Page 1]
-
-RFC 4731 IMAP4 Extension to SEARCH November 2006
-
-
-1. Introduction
-
- [IMAPABNF] extended SEARCH and UID SEARCH commands with result
- specifiers (also known as result options), which can control what
- kind of information is returned.
-
- A server advertising the ESEARCH capability supports the following
- result options: minimal value, maximal value, all found messages,
- and number of found messages. These result options allow clients to
- get SEARCH results in more convenient forms, while also saving
- bandwidth required to transport the results, for example, by finding
- the first unseen message or returning the number of unseen or deleted
- messages. Also, when a single MIN or a single MAX result option is
- specified, servers can optimize execution of SEARCHes.
-
-2. Conventions Used in This Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in RFC 2119 [KEYWORDS].
-
-3. IMAP Protocol Changes
-
-3.1. New SEARCH/UID SEARCH Result Options
-
- The SEARCH/UID SEARCH commands are extended to allow for the
- following result options:
-
- MIN
- Return the lowest message number/UID that satisfies the SEARCH
- criteria.
-
- If the SEARCH results in no matches, the server MUST NOT
- include the MIN result option in the ESEARCH response; however,
- it still MUST send the ESEARCH response.
-
- MAX
- Return the highest message number/UID that satisfies the SEARCH
- criteria.
-
- If the SEARCH results in no matches, the server MUST NOT
- include the MAX result option in the ESEARCH response; however,
- it still MUST send the ESEARCH response.
-
-
-
-
-
-Melnikov & Cridland Standards Track [Page 2]
-
-RFC 4731 IMAP4 Extension to SEARCH November 2006
-
-
- ALL
- Return all message numbers/UIDs that satisfy the SEARCH
- criteria. Unlike regular (unextended) SEARCH, the messages are
- always returned using the sequence-set syntax. A sequence-set
- representation may be more compact and can be used as is in a
- subsequent command that accepts sequence-set. Note, the client
- MUST NOT assume that messages/UIDs will be listed in any
- particular order.
-
- If the SEARCH results in no matches, the server MUST NOT
- include the ALL result option in the ESEARCH response; however,
- it still MUST send the ESEARCH response.
-
- COUNT
- Return number of the messages that satisfy the SEARCH criteria.
- This result option MUST always be included in the ESEARCH
- response.
-
- If one or more result options described above are specified, the
- extended SEARCH command MUST return a single ESEARCH response
- [IMAPABNF], instead of the SEARCH response.
-
- An extended UID SEARCH command MUST cause an ESEARCH response with
- the UID indicator present.
-
- Note that future extensions to this document can allow servers to
- return multiple ESEARCH responses for a single extended SEARCH
- command. These extensions will have to describe how results from
- multiple ESEARCH responses are to be amalgamated.
-
- If the list of result options is empty, that requests the server to
- return an ESEARCH response instead of the SEARCH response. This is
- equivalent to "(ALL)".
-
- Example: C: A282 SEARCH RETURN (MIN COUNT) FLAGGED
- SINCE 1-Feb-1994 NOT FROM "Smith"
- S: * ESEARCH (TAG "A282") MIN 2 COUNT 3
- S: A282 OK SEARCH completed
-
- Example: C: A283 SEARCH RETURN () FLAGGED
- SINCE 1-Feb-1994 NOT FROM "Smith"
- S: * ESEARCH (TAG "A283") ALL 2,10:11
- S: A283 OK SEARCH completed
-
- The following example demonstrates finding the first unseen message
- as returned in the UNSEEN response code on a successful SELECT
- command:
-
-
-
-
-Melnikov & Cridland Standards Track [Page 3]
-
-RFC 4731 IMAP4 Extension to SEARCH November 2006
-
-
- Example: C: A284 SEARCH RETURN (MIN) UNSEEN
- S: * ESEARCH (TAG "A284") MIN 4
- S: A284 OK SEARCH completed
-
- The following example demonstrates that if the ESEARCH UID indicator
- is present, all data in the ESEARCH response is referring to UIDs;
- for example, the MIN result specifier will be followed by a UID.
-
- Example: C: A285 UID SEARCH RETURN (MIN MAX) 1:5000
- S: * ESEARCH (TAG "A285") UID MIN 7 MAX 3800
- S: A285 OK SEARCH completed
-
- The following example demonstrates returning the number of deleted
- messages:
-
- Example: C: A286 SEARCH RETURN (COUNT) DELETED
- S: * ESEARCH (TAG "A286") COUNT 15
- S: A286 OK SEARCH completed
-
-3.2. Interaction with CONDSTORE extension
-
- When the server supports both the ESEARCH and the CONDSTORE
- [CONDSTORE] extension, and the client requests one or more result
- option described in section 3.1 together with the MODSEQ search
- criterion in the same SEARCH/UID SEARCH command, then the server MUST
- return the ESEARCH response containing the MODSEQ result option
- (described in the following paragraph) instead of the extended SEARCH
- response described in section 3.5 of [CONDSTORE].
-
- If the SEARCH/UID SEARCH command contained a single MIN or MAX result
- option, the MODSEQ result option contains the mod-sequence for the
- found message. If the SEARCH/UID SEARCH command contained both MIN
- and MAX result options and no ALL/COUNT option, the MODSEQ result
- option contains the highest mod-sequence for the two returned
- messages. Otherwise the MODSEQ result option contains the highest
- mod-sequence for all messages being returned.
-
- Example: The following example demonstrates how Example 15 from
- [CONDSTORE] would look in the presence of one or more result option:
-
- C: a1 SEARCH RETURN (MIN) MODSEQ "/flags/\\draft"
- all 620162338
- S: * ESEARCH (TAG "a1") MIN 2 MODSEQ 917162488
- S: a1 OK Search complete
-
- C: a2 SEARCH RETURN (MAX) MODSEQ "/flags/\\draft"
- all 620162338
- S: * ESEARCH (TAG "a2") MAX 23 MODSEQ 907162321
-
-
-
-Melnikov & Cridland Standards Track [Page 4]
-
-RFC 4731 IMAP4 Extension to SEARCH November 2006
-
-
- S: a2 OK Search complete
-
- C: a3 SEARCH RETURN (MIN MAX) MODSEQ "/flags/\\draft"
- all 620162338
- S: * ESEARCH (TAG "a3") MIN 2 MAX 23 MODSEQ 917162488
- S: a3 OK Search complete
-
- C: a4 SEARCH RETURN (MIN COUNT) MODSEQ "/flags/\\draft"
- all 620162338
- S: * ESEARCH (TAG "a4") MIN 2 COUNT 10 MODSEQ 917162500
- S: a4 OK Search complete
-
-4. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF].
-
- Non-terminals referenced but not defined below are as defined by
- [IMAP4], [CONDSTORE], or [IMAPABNF].
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lowercase characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- capability =/ "ESEARCH"
-
- search-return-data = "MIN" SP nz-number /
- "MAX" SP nz-number /
- "ALL" SP sequence-set /
- "COUNT" SP number
- ;; conforms to the generic
- ;; search-return-data syntax defined
- ;; in [IMAPABNF]
-
- search-return-opt = "MIN" / "MAX" / "ALL" / "COUNT"
- ;; conforms to generic search-return-opt
- ;; syntax defined in [IMAPABNF]
-
- When the CONDSTORE [CONDSTORE] IMAP extension is also supported,
- the ABNF is updated as follows:
-
- search-return-data =/ "MODSEQ" SP mod-sequence-value
- ;; mod-sequence-value is defined
- ;; in [CONDSTORE]
-
-
-
-
-
-
-Melnikov & Cridland Standards Track [Page 5]
-
-RFC 4731 IMAP4 Extension to SEARCH November 2006
-
-
-5. Security Considerations
-
- In the general case, the IMAP SEARCH/UID SEARCH commands can be CPU
- and/or IO intensive, and are seen by some as a potential attack point
- for denial of service attacks, so some sites/implementations even
- disable them entirely. This is quite unfortunate, as SEARCH command
- is one of the best examples demonstrating IMAP advantage over POP3.
-
- The ALL and COUNT return options don't change how SEARCH is working
- internally; they only change how information about found messages is
- returned. MIN and MAX SEARCH result options described in this
- document can lighten the load on IMAP servers that choose to optimize
- SEARCHes containing only one or both of them.
-
- It is believed that this extension doesn't raise any additional
- security concerns not already discussed in [IMAP4].
-
-6. IANA Considerations
-
- IMAP4 capabilities are registered by publishing a standards track RFC
- or an IESG-approved experimental RFC. The registry is currently
- located at <http://www.iana.org/assignments/imap4-capabilities>.
-
- This document defines the ESEARCH IMAP capability, which IANA added
- to the registry.
-
-7. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [ABNF] Crocker, D. (Ed.) and P. Overell , "Augmented BNF for
- Syntax Specifications: ABNF", RFC 4234, October 2005.
-
- [IMAPABNF] Melnikov, A. and C. Daboo, "Collected Extensions to IMAP4
- ABNF", RFC 4466, April 2006..
-
- [CONDSTORE] Melnikov, A. and S. Hole, "IMAP Extension for Conditional
- STORE", RFC 4551, June 2006.
-
-8. Acknowledgments
-
- Thanks to Michael Wener, Arnt Gulbrandsen, Cyrus Daboo, Mark Crispin,
- and Pete Maclean for comments and corrections.
-
-
-
-
-Melnikov & Cridland Standards Track [Page 6]
-
-RFC 4731 IMAP4 Extension to SEARCH November 2006
-
-
-Authors' Addresses
-
- Alexey Melnikov
- Isode Limited
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex, TW12 2BX
- UK
-
- EMail: Alexey.Melnikov@isode.com
-
-
- Dave A. Cridland
- Inventure Systems Limited
-
- EMail: dave.cridland@inventuresystems.co.uk
- URL: http://invsys.co.uk/dave/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Cridland Standards Track [Page 7]
-
-RFC 4731 IMAP4 Extension to SEARCH November 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST,
- AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES,
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
- THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY
- IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR
- PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-Melnikov & Cridland Standards Track [Page 8]
-
diff --git a/imap/docs/rfc/rfc4752.txt b/imap/docs/rfc/rfc4752.txt
deleted file mode 100644
index bfd8e30b..00000000
--- a/imap/docs/rfc/rfc4752.txt
+++ /dev/null
@@ -1,563 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov, Ed.
-Request for Comments: 4752 Isode
-Obsoletes: 2222 November 2006
-Category: Standards Track
-
-
- The Kerberos V5 ("GSSAPI")
- Simple Authentication and Security Layer (SASL) Mechanism
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The IETF Trust (2006).
-
-Abstract
-
- The Simple Authentication and Security Layer (SASL) is a framework
- for adding authentication support to connection-based protocols.
- This document describes the method for using the Generic Security
- Service Application Program Interface (GSS-API) Kerberos V5 in the
- SASL.
-
- This document replaces Section 7.2 of RFC 2222, the definition of the
- "GSSAPI" SASL mechanism. This document, together with RFC 4422,
- obsoletes RFC 2222.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 1]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
-Table of Contents
-
- 1. Introduction ....................................................2
- 1.1. Relationship to Other Documents ............................2
- 2. Conventions Used in This Document ...............................2
- 3. Kerberos V5 GSS-API Mechanism ...................................2
- 3.1. Client Side of Authentication Protocol Exchange ............3
- 3.2. Server Side of Authentication Protocol Exchange ............4
- 3.3. Security Layer .............................................6
- 4. IANA Considerations .............................................7
- 5. Security Considerations .........................................7
- 6. Acknowledgements ................................................8
- 7. Changes since RFC 2222 ..........................................8
- 8. References ......................................................8
- 8.1. Normative References .......................................8
- 8.2. Informative References .....................................9
-
-1. Introduction
-
- This specification documents currently deployed Simple Authentication
- and Security Layer (SASL [SASL]) mechanism supporting the Kerberos V5
- [KERBEROS] Generic Security Service Application Program Interface
- ([GSS-API]) mechanism [RFC4121]. The authentication sequence is
- described in Section 3. Note that the described authentication
- sequence has known limitations, in particular, it lacks channel
- bindings and the number of round-trips required to complete
- authentication exchange is not minimal. SASL WG is working on a
- separate document that should address these limitations.
-
-1.1. Relationship to Other Documents
-
- This document, together with RFC 4422, obsoletes RFC 2222 in its
- entirety. This document replaces Section 7.2 of RFC 2222. The
- remainder is obsoleted as detailed in Section 1.2 of RFC 4422.
-
-2. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
- in this document are to be interpreted as defined in "Key words for
- use in RFCs to Indicate Requirement Levels" [KEYWORDS].
-
-3. Kerberos V5 GSS-API Mechanism
-
- The SASL mechanism name for the Kerberos V5 GSS-API mechanism
- [RFC4121] is "GSSAPI". Though known as the SASL GSSAPI mechanism,
- the mechanism is specifically tied to Kerberos V5 and GSS-API's
- Kerberos V5 mechanism.
-
-
-
-
-Melnikov Standards Track [Page 2]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
- The GSSAPI SASL mechanism is a "client goes first" SASL mechanism;
- i.e., it starts with the client sending a "response" created as
- described in the following section.
-
- The implementation MAY set any GSS-API flags or arguments not
- mentioned in this specification as is necessary for the
- implementation to enforce its security policy.
-
- Note that major status codes returned by GSS_Init_sec_context() or
- GSS_Accept_sec_context() other than GSS_S_COMPLETE or
- GSS_S_CONTINUE_NEEDED cause authentication failure. Major status
- codes returned by GSS_Unwrap() other than GSS_S_COMPLETE (without any
- additional supplementary status codes) cause authentication and/or
- security layer failure.
-
-3.1. Client Side of Authentication Protocol Exchange
-
- The client calls GSS_Init_sec_context, passing in
- input_context_handle of 0 (initially), mech_type of the Kerberos V5
- GSS-API mechanism [KRB5GSS], chan_binding of NULL, and targ_name
- equal to output_name from GSS_Import_Name called with input_name_type
- of GSS_C_NT_HOSTBASED_SERVICE (*) and input_name_string of
- "service@hostname" where "service" is the service name specified in
- the protocol's profile, and "hostname" is the fully qualified host
- name of the server. When calling the GSS_Init_sec_context, the
- client MUST pass the integ_req_flag of TRUE (**). If the client will
- be requesting a security layer, it MUST also supply to the
- GSS_Init_sec_context a mutual_req_flag of TRUE, and a
- sequence_req_flag of TRUE. If the client will be requesting a
- security layer providing confidentiality protection, it MUST also
- supply to the GSS_Init_sec_context a conf_req_flag of TRUE. The
- client then responds with the resulting output_token. If
- GSS_Init_sec_context returns GSS_S_CONTINUE_NEEDED, then the client
- should expect the server to issue a token in a subsequent challenge.
- The client must pass the token to another call to
- GSS_Init_sec_context, repeating the actions in this paragraph.
-
- (*) Clients MAY use name types other than GSS_C_NT_HOSTBASED_SERVICE
- to import servers' acceptor names, but only when they have a priori
- knowledge that the servers support alternate name types. Otherwise
- clients MUST use GSS_C_NT_HOSTBASED_SERVICE for importing acceptor
- names.
-
- (**) Note that RFC 2222 [RFC2222] implementations will not work with
- GSS-API implementations that require integ_req_flag to be true. No
- implementations of RFC 1964 [KRB5GSS] or RFC 4121 [RFC4121] that
- require integ_req_flag to be true are believed to exist and it is
- expected that any future update to [RFC4121] will require that
-
-
-
-Melnikov Standards Track [Page 3]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
- integrity be available even in not explicitly requested by the
- application.
-
- When GSS_Init_sec_context returns GSS_S_COMPLETE, the client examines
- the context to ensure that it provides a level of protection
- permitted by the client's security policy. In particular, if the
- integ_avail flag is not set in the context, then no security layer
- can be offered or accepted.
-
- If the conf_avail flag is not set in the context, then no security
- layer with confidentiality can be offered or accepted. If the
- context is acceptable, the client takes the following actions: If the
- last call to GSS_Init_sec_context returned an output_token, then the
- client responds with the output_token, otherwise the client responds
- with no data. The client should then expect the server to issue a
- token in a subsequent challenge. The client passes this token to
- GSS_Unwrap and interprets the first octet of resulting cleartext as a
- bit-mask specifying the security layers supported by the server and
- the second through fourth octets as the maximum size output_message
- the server is able to receive (in network byte order). If the
- resulting cleartext is not 4 octets long, the client fails the
- negotiation. The client verifies that the server maximum buffer is 0
- if the server does not advertise support for any security layer.
-
- The client then constructs data, with the first octet containing the
- bit-mask specifying the selected security layer, the second through
- fourth octets containing in network byte order the maximum size
- output_message the client is able to receive (which MUST be 0 if the
- client does not support any security layer), and the remaining octets
- containing the UTF-8 [UTF8] encoded authorization identity.
- (Implementation note: The authorization identity is not terminated
- with the zero-valued (%x00) octet (e.g., the UTF-8 encoding of the
- NUL (U+0000) character)). The client passes the data to GSS_Wrap
- with conf_flag set to FALSE and responds with the generated
- output_message. The client can then consider the server
- authenticated.
-
-3.2. Server Side of Authentication Protocol Exchange
-
- A server MUST NOT advertise support for the "GSSAPI" SASL mechanism
- described in this document unless it has acceptor credential for the
- Kerberos V GSS-API mechanism [KRB5GSS].
-
- The server passes the initial client response to
- GSS_Accept_sec_context as input_token, setting input_context_handle
- to 0 (initially), chan_binding of NULL, and a suitable
- acceptor_cred_handle (see below). If GSS_Accept_sec_context returns
- GSS_S_CONTINUE_NEEDED, the server returns the generated output_token
-
-
-
-Melnikov Standards Track [Page 4]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
- to the client in challenge and passes the resulting response to
- another call to GSS_Accept_sec_context, repeating the actions in this
- paragraph.
-
- Servers SHOULD use a credential obtained by calling GSS_Acquire_cred
- or GSS_Add_cred for the GSS_C_NO_NAME desired_name and the Object
- Identifier (OID) of the Kerberos V5 GSS-API mechanism [KRB5GSS](*).
- Servers MAY use GSS_C_NO_CREDENTIAL as an acceptor credential handle.
- Servers MAY use a credential obtained by calling GSS_Acquire_cred or
- GSS_Add_cred for the server's principal name(s) (**) and the Kerberos
- V5 GSS-API mechanism [KRB5GSS].
-
- (*) Unlike GSS_Add_cred the GSS_Acquire_cred uses an OID set of GSS-
- API mechanism as an input parameter. The OID set can be created by
- using GSS_Create_empty_OID_set and GSS_Add_OID_set_member. It can be
- freed by calling the GSS_Release_oid_set.
-
-
- (**) Use of server's principal names having
- GSS_C_NT_HOSTBASED_SERVICE name type and "service@hostname" format,
- where "service" is the service name specified in the protocol's
- profile, and "hostname" is the fully qualified host name of the
- server, is RECOMMENDED. The server name is generated by calling
- GSS_Import_name with input_name_type of GSS_C_NT_HOSTBASED_SERVICE
- and input_name_string of "service@hostname".
-
- Upon successful establishment of the security context (i.e.,
- GSS_Accept_sec_context returns GSS_S_COMPLETE), the server SHOULD
- verify that the negotiated GSS-API mechanism is indeed Kerberos V5
- [KRB5GSS]. This is done by examining the value of the mech_type
- parameter returned from the GSS_Accept_sec_context call. If the
- value differs, SASL authentication MUST be aborted.
-
- Upon successful establishment of the security context and if the
- server used GSS_C_NO_NAME/GSS_C_NO_CREDENTIAL to create acceptor
- credential handle, the server SHOULD also check using the
- GSS_Inquire_context that the target_name used by the client matches
- either
-
- - the GSS_C_NT_HOSTBASED_SERVICE "service@hostname" name syntax,
- where "service" is the service name specified in the application
- protocol's profile,
-
- or
-
- - the GSS_KRB5_NT_PRINCIPAL_NAME [KRB5GSS] name syntax for a two-
- component principal where the first component matches the service
- name specified in the application protocol's profile.
-
-
-
-Melnikov Standards Track [Page 5]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
- When GSS_Accept_sec_context returns GSS_S_COMPLETE, the server
- examines the context to ensure that it provides a level of protection
- permitted by the server's security policy. In particular, if the
- integ_avail flag is not set in the context, then no security layer
- can be offered or accepted. If the conf_avail flag is not set in the
- context, then no security layer with confidentiality can be offered
- or accepted.
-
- If the context is acceptable, the server takes the following actions:
- If the last call to GSS_Accept_sec_context returned an output_token,
- the server returns it to the client in a challenge and expects a
- reply from the client with no data. Whether or not an output_token
- was returned (and after receipt of any response from the client to
- such an output_token), the server then constructs 4 octets of data,
- with the first octet containing a bit-mask specifying the security
- layers supported by the server and the second through fourth octets
- containing in network byte order the maximum size output_token the
- server is able to receive (which MUST be 0 if the server does not
- support any security layer). The server must then pass the plaintext
- to GSS_Wrap with conf_flag set to FALSE and issue the generated
- output_message to the client in a challenge.
-
- The server must then pass the resulting response to GSS_Unwrap and
- interpret the first octet of resulting cleartext as the bit-mask for
- the selected security layer, the second through fourth octets as the
- maximum size output_message the client is able to receive (in network
- byte order), and the remaining octets as the authorization identity.
- The server verifies that the client has selected a security layer
- that was offered and that the client maximum buffer is 0 if no
- security layer was chosen. The server must verify that the src_name
- is authorized to act as the authorization identity. After these
- verifications, the authentication process is complete. The server is
- not expected to return any additional data with the success
- indicator.
-
-3.3. Security Layer
-
- The security layers and their corresponding bit-masks are as follows:
-
- 1 No security layer
- 2 Integrity protection.
- Sender calls GSS_Wrap with conf_flag set to FALSE
- 4 Confidentiality protection.
- Sender calls GSS_Wrap with conf_flag set to TRUE
-
- Other bit-masks may be defined in the future; bits that are not
- understood must be negotiated off.
-
-
-
-
-Melnikov Standards Track [Page 6]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
- When decoding any received data with GSS_Unwrap, the major_status
- other than the GSS_S_COMPLETE MUST be treated as a fatal error.
-
- Note that SASL negotiates the maximum size of the output_message to
- send. Implementations can use the GSS_Wrap_size_limit call to
- determine the corresponding maximum size input_message.
-
-4. IANA Considerations
-
- IANA modified the existing registration for "GSSAPI" as follows:
-
- Family of SASL mechanisms: NO
-
- SASL mechanism name: GSSAPI
-
- Security considerations: See Section 5 of RFC 4752
-
- Published specification: RFC 4752
-
- Person & email address to contact for further information:
- Alexey Melnikov <Alexey.Melnikov@isode.com>
-
- Intended usage: COMMON
-
- Owner/Change controller: iesg@ietf.org
-
- Additional information: This mechanism is for the Kerberos V5
- mechanism of GSS-API.
-
-5. Security Considerations
-
- Security issues are discussed throughout this memo.
-
- When constructing the input_name_string, the client SHOULD NOT
- canonicalize the server's fully qualified domain name using an
- insecure or untrusted directory service.
-
- For compatibility with deployed software, this document requires that
- the chan_binding (channel bindings) parameter to GSS_Init_sec_context
- and GSS_Accept_sec_context be NULL, hence disallowing use of GSS-API
- support for channel bindings. GSS-API channel bindings in SASL is
- expected to be supported via a new GSS-API family of SASL mechanisms
- (to be introduced in a future document).
-
- Additional security considerations are in the [SASL] and [GSS-API]
- specifications. Additional security considerations for the GSS-API
- mechanism can be found in [KRB5GSS] and [KERBEROS].
-
-
-
-
-Melnikov Standards Track [Page 7]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
-6. Acknowledgements
-
- This document replaces Section 7.2 of RFC 2222 [RFC2222] by John G.
- Myers. He also contributed significantly to this revision.
-
- Lawrence Greenfield converted text of this document to the XML
- format.
-
- Contributions of many members of the SASL mailing list are gratefully
- acknowledged, in particular comments from Chris Newman, Nicolas
- Williams, Jeffrey Hutzelman, Sam Hartman, Mark Crispin, and Martin
- Rex.
-
-7. Changes since RFC 2222
-
- RFC 2078 [RFC2078] specifies the version of GSS-API used by RFC 2222
- [RFC2222], which provided the original version of this specification.
- That version of GSS-API did not provide the integ_integ_avail flag as
- an input to GSS_Init_sec_context. Instead, integrity was always
- requested. RFC 4422 [SASL] requires that when possible, the security
- layer negotiation be integrity protected. To meet this requirement
- and as part of moving from RFC 2078 [RFC2078] to RFC 2743 [GSS-API],
- this specification requires that clients request integrity from
- GSS_Init_sec_context so they can use GSS_Wrap to protect the security
- layer negotiation. This specification does not require that the
- mechanism offer the integrity security layer, simply that the
- security layer negotiation be wrapped.
-
-8. References
-
-8.1. Normative References
-
- [GSS-API] Linn, J., "Generic Security Service Application Program
- Interface Version 2, Update 1", RFC 2743, January 2000.
-
- [KERBEROS] Neuman, C., Yu, T., Hartman, S., and K. Raeburn, "The
- Kerberos Network Authentication Service (V5)", RFC 4120,
- July 2005.
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [KRB5GSS] Linn, J., "The Kerberos Version 5 GSS-API Mechanism", RFC
- 1964, June 1996.
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 8]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
- [RFC4121] Zhu, L., Jaganathan, K., and S. Hartman, "The Kerberos
- Version 5 Generic Security Service Application Program
- Interface (GSS-API) Mechanism: Version 2", RFC 4121, July
- 2005.
-
- [SASL] Melnikov, A. and K. Zeilenga, "Simple Authentication and
- Security Layer (SASL)", RFC 4422, June 2006.
-
- [UTF8] Yergeau, F., "UTF-8, a transformation format of ISO
- 10646", STD 63, RFC 3629, November 2003.
-
-8.2. Informative References
-
- [RFC2078] Linn, J., "Generic Security Service Application Program
- Interface, Version 2", RFC 2078, January 1997.
-
- [RFC2222] Myers, J., "Simple Authentication and Security Layer
- (SASL)", RFC 2222, October 1997.
-
-Editor's Address
-
- Alexey Melnikov
- Isode Limited
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex TW12 2BX
- UK
-
- EMail: Alexey.Melnikov@isode.com
- URI: http://www.melnikov.ca/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov Standards Track [Page 9]
-
-RFC 4752 SASL GSSAPI Mechanism November 2006
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST,
- AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES,
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
- THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY
- IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR
- PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-Melnikov Standards Track [Page 10]
-
diff --git a/imap/docs/rfc/rfc4790.txt b/imap/docs/rfc/rfc4790.txt
deleted file mode 100644
index d58191c0..00000000
--- a/imap/docs/rfc/rfc4790.txt
+++ /dev/null
@@ -1,1459 +0,0 @@
-
-
-
-
-
-
-Network Working Group C. Newman
-Request for Comments: 4790 Sun Microsystems
-Category: Standards Track M. Duerst
- Aoyama Gakuin University
- A. Gulbrandsen
- Oryx
- March 2007
-
-
- Internet Application Protocol Collation Registry
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The IETF Trust (2007).
-
-Abstract
-
- Many Internet application protocols include string-based lookup,
- searching, or sorting operations. However, the problem space for
- searching and sorting international strings is large, not fully
- explored, and is outside the area of expertise for the Internet
- Engineering Task Force (IETF). Rather than attempt to solve such a
- large problem, this specification creates an abstraction framework so
- that application protocols can precisely identify a comparison
- function, and the repertoire of comparison functions can be extended
- in the future.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 1]
-
-RFC 4790 Collation Registry March 2007
-
-
-Table of Contents
-
- 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
- 1.1. Conventions Used in This Document . . . . . . . . . . . . 4
- 2. Collation Definition and Purpose . . . . . . . . . . . . . . . 4
- 2.1. Definition . . . . . . . . . . . . . . . . . . . . . . . . 4
- 2.2. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . 4
- 2.3. Some Other Terms Used in this Document . . . . . . . . . . 5
- 2.4. Sort Keys . . . . . . . . . . . . . . . . . . . . . . . . 5
- 3. Collation Identifier Syntax . . . . . . . . . . . . . . . . . 6
- 3.1. Basic Syntax . . . . . . . . . . . . . . . . . . . . . . . 6
- 3.2. Wildcards . . . . . . . . . . . . . . . . . . . . . . . . 6
- 3.3. Ordering Direction . . . . . . . . . . . . . . . . . . . . 7
- 3.4. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
- 3.5. Naming Guidelines . . . . . . . . . . . . . . . . . . . . 7
- 4. Collation Specification Requirements . . . . . . . . . . . . . 8
- 4.1. Collation/Server Interface . . . . . . . . . . . . . . . . 8
- 4.2. Operations Supported . . . . . . . . . . . . . . . . . . . 8
- 4.2.1. Validity . . . . . . . . . . . . . . . . . . . . . . . 9
- 4.2.2. Equality . . . . . . . . . . . . . . . . . . . . . . . 9
- 4.2.3. Substring . . . . . . . . . . . . . . . . . . . . . . 9
- 4.2.4. Ordering . . . . . . . . . . . . . . . . . . . . . . . 10
- 4.3. Sort Keys . . . . . . . . . . . . . . . . . . . . . . . . 10
- 4.4. Use of Lookup Tables . . . . . . . . . . . . . . . . . . . 11
- 5. Application Protocol Requirements . . . . . . . . . . . . . . 11
- 5.1. Character Encoding . . . . . . . . . . . . . . . . . . . . 11
- 5.2. Operations . . . . . . . . . . . . . . . . . . . . . . . . 11
- 5.3. Wildcards . . . . . . . . . . . . . . . . . . . . . . . . 12
- 5.4. String Comparison . . . . . . . . . . . . . . . . . . . . 12
- 5.5. Disconnected Clients . . . . . . . . . . . . . . . . . . . 12
- 5.6. Error Codes . . . . . . . . . . . . . . . . . . . . . . . 13
- 5.7. Octet Collation . . . . . . . . . . . . . . . . . . . . . 13
- 6. Use by Existing Protocols . . . . . . . . . . . . . . . . . . 13
- 7. Collation Registration . . . . . . . . . . . . . . . . . . . . 14
- 7.1. Collation Registration Procedure . . . . . . . . . . . . . 14
- 7.2. Collation Registration Format . . . . . . . . . . . . . . 15
- 7.2.1. Registration Template . . . . . . . . . . . . . . . . 15
- 7.2.2. The Collation Element . . . . . . . . . . . . . . . . 15
- 7.2.3. The Identifier Element . . . . . . . . . . . . . . . . 16
- 7.2.4. The Title Element . . . . . . . . . . . . . . . . . . 16
- 7.2.5. The Operations Element . . . . . . . . . . . . . . . . 16
- 7.2.6. The Specification Element . . . . . . . . . . . . . . 16
- 7.2.7. The Submitter Element . . . . . . . . . . . . . . . . 16
- 7.2.8. The Owner Element . . . . . . . . . . . . . . . . . . 16
- 7.2.9. The Version Element . . . . . . . . . . . . . . . . . 17
- 7.2.10. The Variable Element . . . . . . . . . . . . . . . . . 17
- 7.3. Structure of Collation Registry . . . . . . . . . . . . . 17
- 7.4. Example Initial Registry Summary . . . . . . . . . . . . . 18
-
-
-
-Newman, et al. Standards Track [Page 2]
-
-RFC 4790 Collation Registry March 2007
-
-
- 8. Guidelines for Expert Reviewer . . . . . . . . . . . . . . . . 18
- 9. Initial Collations . . . . . . . . . . . . . . . . . . . . . . 19
- 9.1. ASCII Numeric Collation . . . . . . . . . . . . . . . . . 20
- 9.1.1. ASCII Numeric Collation Description . . . . . . . . . 20
- 9.1.2. ASCII Numeric Collation Registration . . . . . . . . . 20
- 9.2. ASCII Casemap Collation . . . . . . . . . . . . . . . . . 21
- 9.2.1. ASCII Casemap Collation Description . . . . . . . . . 21
- 9.2.2. ASCII Casemap Collation Registration . . . . . . . . . 22
- 9.3. Octet Collation . . . . . . . . . . . . . . . . . . . . . 22
- 9.3.1. Octet Collation Description . . . . . . . . . . . . . 22
- 9.3.2. Octet Collation Registration . . . . . . . . . . . . . 23
- 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
- 11. Security Considerations . . . . . . . . . . . . . . . . . . . 23
- 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23
- 13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 24
- 13.1. Normative References . . . . . . . . . . . . . . . . . . . 24
- 13.2. Informative References . . . . . . . . . . . . . . . . . . 24
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 3]
-
-RFC 4790 Collation Registry March 2007
-
-
-1. Introduction
-
- The Application Configuration Access Protocol ACAP [11] specification
- introduced the concept of a comparator (which we call collation in
- this document), but failed to create an IANA registry. With the
- introduction of stringprep [6] and the Unicode Collation Algorithm
- [7], it is now time to create that registry and populate it with some
- initial values appropriate for an international community. This
- specification replaces and generalizes the definition of a comparator
- in ACAP, and creates a collation registry.
-
-1.1. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
- in this document are to be interpreted as defined in "Key words for
- use in RFCs to Indicate Requirement Levels" [1].
-
- The attribute syntax specifications use the Augmented Backus-Naur
- Form (ABNF) [2] notation, including the core rules defined in
- Appendix A. The ABNF production "Language-tag" is imported from
- Language Tags [5] and "reg-name" from URI: Generic Syntax [4].
-
-2. Collation Definition and Purpose
-
-2.1. Definition
-
- A collation is a named function which takes two arbitrary length
- strings as input and can be used to perform one or more of three
- basic comparison operations: equality test, substring match, and
- ordering test.
-
-2.2. Purpose
-
- Collations are an abstraction for comparison functions so that these
- comparison functions can be used in multiple protocols. The details
- of a particular comparison operation can be specified by someone with
- appropriate expertise, independent of the application protocols that
- use that collation. This is similar to the way a charset [13]
- separates the details of octet to character mapping from a protocol
- specification, such as MIME [9], or the way SASL [10] separates the
- details of an authentication mechanism from a protocol specification,
- such as ACAP [11].
-
-
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 4]
-
-RFC 4790 Collation Registry March 2007
-
-
- Here is a small diagram to help illustrate the value of this
- abstraction:
-
- +-------------------+ +-----------------+
- | IMAP i18n SEARCH |--+ | Basic |
- +-------------------+ | +--| Collation Spec |
- | | +-----------------+
- +-------------------+ | +-------------+ | +-----------------+
- | ACAP i18n SEARCH |--+--| Collation |--+--| A stringprep |
- +-------------------+ | | Registry | | | Collation Spec |
- | +-------------+ | +-----------------+
- +-------------------+ | | +-----------------+
- | ...other protocol |--+ | | locale-specific |
- +-------------------+ +--| Collation Spec |
- +-----------------+
-
- Thus IMAP, ACAP, and future application protocols with international
- search capability simply specify how to interface to the collation
- registry instead of each protocol specification having to specify all
- the collations it supports.
-
-2.3. Some Other Terms Used in this Document
-
- The terms client, server, and protocol are used in somewhat unusual
- senses.
-
- Client means a user, or a program acting directly on behalf of a
- user. This may be a mail reader acting as an IMAP client, or it may
- be an interactive shell, where the user can type protocol commands/
- requests directly, or it may be a script or program written by the
- user.
-
- Server means a program that performs services requested by the
- client. This may be a traditional server such as an HTTP server, or
- it may be a Sieve [14] interpreter running a Sieve script written by
- a user. A server needs to use the operations provided by collations
- in order to fulfill the client's requests.
-
- The protocol describes how the client tells the server what it wants
- done, and (if applicable) how the server tells the client about the
- results. IMAP is a protocol by this definition, and so is the Sieve
- language.
-
-2.4. Sort Keys
-
- One component of a collation is a transformation, which turns a
- string into a sort key, which is then used while sorting.
-
-
-
-
-Newman, et al. Standards Track [Page 5]
-
-RFC 4790 Collation Registry March 2007
-
-
- The transformation can range from an identity mapping (e.g., the
- i;octet collation Section 9.3) to a mapping that makes the string
- unreadable to a human.
-
- This is an implementation detail of collations or servers. A
- protocol SHOULD NOT expose it to clients, since some collations leave
- the sort key's format up to the implementation, and current
- conformant implementations are known to use different formats.
-
-3. Collation Identifier Syntax
-
-3.1. Basic Syntax
-
- The collation identifier itself is a single US-ASCII string. The
- identifier MUST NOT be longer than 254 characters, and obeys the
- following grammar:
-
- collation-char = ALPHA / DIGIT / "-" / ";" / "=" / "."
-
- collation-id = collation-prefix ";" collation-core-name
- *collation-arg
-
- collation-scope = Language-tag / "vnd-" reg-name
-
- collation-core-name = ALPHA *( ALPHA / DIGIT / "-" )
-
- collation-arg = ";" ALPHA *( ALPHA / DIGIT ) "="
- 1*( ALPHA / DIGIT / "." )
-
-
- Note: the ABNF production "Language-tag" is imported from Language
- Tags [5] and "reg-name" from URI: Generic Syntax [4].
-
- There is a special identifier called "default". For protocols that
- have a default collation, "default" refers to that collation. For
- other protocols, the identifier "default" MUST match no collations,
- and servers SHOULD treat it in the same way as they treat nonexistent
- collations.
-
-3.2. Wildcards
-
- The string a client uses to select a collation MAY contain one or
- more wildcard ("*") characters that match zero or more collation-
- chars. Wildcard characters MUST NOT be adjacent. If the wildcard
- string matches multiple collations, the server SHOULD attempt to
- select a widely useful collation in preference to a narrowly useful
- one.
-
-
-
-
-Newman, et al. Standards Track [Page 6]
-
-RFC 4790 Collation Registry March 2007
-
-
- collation-wild = ("*" / (ALPHA ["*"])) *(collation-char ["*"])
- ; MUST NOT exceed 254 characters total
-
-3.3. Ordering Direction
-
- When used as a protocol element for ordering, the collation
- identifier MAY be prefixed by either "+" or "-" to explicitly specify
- an ordering direction. "+" has no effect on the ordering operation,
- while "-" inverts the result of the ordering operation. In general,
- collation-order is used when a client requests a collation, and
- collation-selected is used when the server informs the client of the
- selected collation.
-
- collation-selected = ["+" / "-"] collation-id
-
- collation-order = ["+" / "-"] collation-wild
-
-3.4. URIs
-
- Some protocols are designed to use URIs [4] to refer to collations
- rather than simple tokens. A special section of the IANA URL space
- is reserved for such usage. The "collation-uri" form is used to
- refer to a specific named collation (the collation registration may
- not actually be present). The "collation-auri" form is an abstract
- name for an ordering, a collation pattern or a vendor private
- collator.
-
- collation-uri = "http://www.iana.org/assignments/collation/"
- collation-id ".xml"
-
- collation-auri = ( "http://www.iana.org/assignments/collation/"
- collation-order ".xml" ) / other-uri
-
- other-uri = <absoluteURI>
- ; excluding the IANA collation namespace.
-
-3.5. Naming Guidelines
-
- While this specification makes no absolute requirements on the
- structure of collation identifiers, naming consistency is important,
- so the following initial guidelines are provided.
-
- Collation identifiers with an international audience typically begin
- with "i;". Collation identifiers intended for a particular language
- or locale typically begin with a language tag [5] followed by a ";".
- After the first ";" is normally the name of the general collation
- algorithm, followed by a series of algorithm modifications separated
- by the ";" delimiter. Parameterized modifications will use "=" to
-
-
-
-Newman, et al. Standards Track [Page 7]
-
-RFC 4790 Collation Registry March 2007
-
-
- delimit the parameter from the value. The version numbers of any
- lookup tables used by the algorithm SHOULD be present as
- parameterized modifications.
-
- Collation identifiers of the form *;vnd-hostname;* are reserved for
- vendor-specific collations created by the owner of the hostname
- following the "vnd-" prefix (e.g., vnd-example.com for the vendor
- example.com). Registration of such collations (or the name space as
- a whole), with intended use of the "Vendor", is encouraged when a
- public specification or open-source implementation is available, but
- is not required.
-
-4. Collation Specification Requirements
-
-4.1. Collation/Server Interface
-
- The collation itself defines what it operates on. Most collations
- are expected to operate on character strings. The i;octet
- (Section 9.3) collation operates on octet strings. The i;ascii-
- numeric (Section 9.1) operation operates on numbers.
-
- This specification defines the collation interface in terms of octet
- strings. However, implementations may choose to use character
- strings instead. Such implementations may not be able to implement
- e.g., i;octet. Since i;octet is not currently mandatory to implement
- for any protocol, this should not be a problem.
-
-4.2. Operations Supported
-
- A collation specification MUST state which of the three basic
- operations are supported (equality, substring, ordering) and how to
- perform each of the supported operations on any two input character
- strings, including empty strings. Collations must be deterministic,
- i.e., given a collation with a specific identifier, and any two fixed
- input strings, the result MUST be the same for the same operation.
-
- In general, collation operations should behave as their names
- suggest. While a collation may be new, the operations are not, so
- the new collation's operations should be similar to those of older
- collations. For example, a date/time collation should not provide a
- "substring" operation that would morph IMAP substring SEARCH into
- e.g., a date-range search.
-
- A non-obvious consequence of the rules for each collation operation
- is that, for any single collation, either none or all of the
- operations can return "undefined". For example, it is not possible
- to have an equality operation that never returns "undefined", and a
- substring operation that occasionally does.
-
-
-
-Newman, et al. Standards Track [Page 8]
-
-RFC 4790 Collation Registry March 2007
-
-
-4.2.1. Validity
-
- The validity test takes one string as argument. It returns valid if
- its input string is a valid input to the collation's other
- operations, and invalid if not. (In other words, a string is valid
- if it is equal to itself according to the collation's equality
- operation.)
-
- The validity test is provided by all collations. It MUST NOT be
- listed separately in the collation registration.
-
-4.2.2. Equality
-
- The equality test always returns "match" or "no-match" when it is
- supplied valid input, and MAY return "undefined" if one or both input
- strings are not valid.
-
- The equality test MUST be reflexive and symmetric. For valid input,
- it MUST be transitive.
-
- If a collation provides either a substring or an ordering test, it
- MUST also provide an equality test. The substring and/or ordering
- tests MUST be consistent with the equality test.
-
- The return values of the equality test are called "match", "no-match"
- and "undefined" in this document.
-
-4.2.3. Substring
-
- The substring matching operation determines if the first string is a
- substring of the second string, i.e., if one or more substrings of
- the second string is equal to the first, as defined by the
- collation's equality operation.
-
- A collation that supports substring matching will automatically
- support two special cases of substring matching: prefix and suffix
- matching, if those special cases are supported by the application
- protocol. It returns "match" or "no-match" when it is supplied valid
- input and returns "undefined" when supplied invalid input.
-
- Application protocols MAY return position information for substring
- matches. If this is done, the position information SHOULD include
- both the starting offset and the ending offset for each match. This
- is important because more sophisticated collations can match strings
- of unequal length (for example, a pre-composed accented character can
- match a decomposed accented character). In general, overlapping
- matches SHOULD be reported (as when "ana" occurs twice within
- "banana"), although there are cases where a collation may decide not
-
-
-
-Newman, et al. Standards Track [Page 9]
-
-RFC 4790 Collation Registry March 2007
-
-
- to. For example, in a collation which treats all whitespace
- sequences as identical, the substring operation could be defined such
- that " 1 " (SP "1" SP) is reported just once within " 1 " (SP SP
- "1" SP SP), not four times (SP SP "1" SP, SP "1" SP, SP "1" SP SP and
- SP SP "1" SP SP), since the four matches are, in a sense, the same
- match.
-
- A string is a substring of itself. The empty string is a substring
- of all strings.
-
- Note that the substring operation of some collations can match
- strings of unequal length. For example, a pre-composed accented
- character can match a decomposed accented character. The Unicode
- Collation Algorithm [7] discusses this in more detail.
-
- The return values of the substring operation are called "match", "no-
- match", and "undefined" in this document.
-
-4.2.4. Ordering
-
- The ordering operation determines how two strings are ordered. It
- MUST be reflexive. For valid input, it MUST be transitive and
- trichotomous.
-
- Ordering returns "less" if the first string is listed before the
- second string, according to the collation; "greater", if the second
- string is listed before the first string; and "equal", if the two
- strings are equal, as defined by the collation's equality operation.
- If one or both strings are invalid, the result of ordering is
- "undefined".
-
- When the collation is used with a "+" prefix, the behavior is the
- same as when used with no prefix. When the collation is used with a
- "-" prefix, the result of the ordering operation of the collation
- MUST be reversed.
-
- The return values of the ordering operation are called "less",
- "equal", "greater", and "undefined" in this document.
-
-4.3. Sort Keys
-
- A collation specification SHOULD describe the internal transformation
- algorithm to generate sort keys. This algorithm can be applied to
- individual strings, and the result can be stored to potentially
- optimize future comparison operations. A collation MAY specify that
- the sort key is generated by the identity function. The sort key may
- have no meaning to a human. The sort key may not be valid input to
- the collation.
-
-
-
-Newman, et al. Standards Track [Page 10]
-
-RFC 4790 Collation Registry March 2007
-
-
-4.4. Use of Lookup Tables
-
- Some collations use customizable lookup tables, e.g., because the
- tables depend on locale, and may be modified after shipping the
- software. Collations that use more than one customizable lookup
- table in a documented format MUST assign numbers to the tables they
- use. This permits an application protocol command to access the
- tables used by a server collation, so that clients and servers use
- the same tables.
-
-5. Application Protocol Requirements
-
- This section describes the requirements and issues that an
- application protocol needs to consider if it offers searching,
- substring matching and/or sorting, and permits the use of characters
- outside the US-ASCII charset.
-
-5.1. Character Encoding
-
- The protocol specification has to make sure that it is clear on which
- characters (rather than just octets) the collations are used. This
- can be done by specifying the protocol itself in terms of characters
- (e.g., in the case of a query language), by specifying a single
- character encoding for the protocol (e.g., UTF-8 [3]), or by
- carefully describing the relevant issues of character encoding
- labeling and conversion. In the later case, details to consider
- include how to handle unknown charsets, any charsets that are
- mandatory-to-implement, any issues with byte-order that might apply,
- and any transfer encodings that need to be supported.
-
-5.2. Operations
-
- The protocol must specify which of the operations defined in this
- specification (equality matching, substring matching, and ordering)
- can be invoked in the protocol, and how they are invoked. There may
- be more than one way to invoke an operation.
-
- The protocol MUST provide a mechanism for the client to select the
- collation to use with equality matching, substring matching, and
- ordering.
-
- If a protocol needs a total ordering and the collation chosen does
- not provide it because the ordering operation returns "undefined" at
- least once, the recommended fallback is to sort all invalid strings
- after the valid ones, and use i;octet to order the invalid strings.
-
- Although the collation's substring function provides a list of
- matches, a protocol need not provide all that to the client. It may
-
-
-
-Newman, et al. Standards Track [Page 11]
-
-RFC 4790 Collation Registry March 2007
-
-
- provide only the first matching substring, or even just the
- information that the substring search matched. In this way,
- collations can be used with protocols that are defined such that "x
- is a substring of y" returns true-false.
-
- If the protocol provides positional information for the results of a
- substring match, that positional information SHOULD fully specify the
- substring(s) in the result that matches, independent of the length of
- the search string. For example, returning both the starting and
- ending offset of the match would suffice, as would the starting
- offset and a length. Returning just the starting offset is not
- acceptable. This rule is necessary because advanced collations can
- treat strings of different lengths as equal (for example, pre-
- composed and decomposed accented characters).
-
-5.3. Wildcards
-
- The protocol MUST specify whether it allows the use of wildcards in
- collation identifiers. If the protocol allows wildcards, then:
- The protocol MUST specify how comparisons behave in the absence of
- explicit collation negotiation, or when a collation of "default"
- is requested. The protocol MAY specify that the default collation
- used in such circumstances is sensitive to server configuration.
-
- The protocol SHOULD provide a way to list available collations
- matching a given wildcard pattern, or patterns.
-
-5.4. String Comparison
-
- If a protocol compares strings in any nontrivial way, using a
- collation may be appropriate. As an example, many protocols use
- case-independent strings. In many cases, a simple ASCII mapping to
- upper/lower case works well. In other cases, it may be better to use
- a specifiable collation; for example, so that a server can treat "i"
- and "I" as equivalent in Italy, and different in Turkey (Turkish also
- has a dotted upper-case" I" and a dotless lower-case "i").
-
- Protocol designers should consider, in each case, whether to use a
- specifiable collation. Keywords often have other needs than user
- variables, and search arguments may be different again.
-
-5.5. Disconnected Clients
-
- If the protocol supports disconnected clients, and a collation is
- used that can use configurable tables (e.g., to support
- locale-specific extensions), then the client may not be able to
- reproduce the server's collation operations while offline.
-
-
-
-
-Newman, et al. Standards Track [Page 12]
-
-RFC 4790 Collation Registry March 2007
-
-
- A mechanism to download such tables has been discussed. Such a
- mechanism is not included in the present specification, since the
- problem is not yet well understood.
-
-5.6. Error Codes
-
- The protocol specification should consider assigning protocol error
- codes for the following circumstances:
-
- o The client requests the use of a collation by identifier or
- pattern, but no implemented collation matches that pattern.
-
- o The client attempts to use a collation for an operation that is
- not supported by that collation -- for example, attempting to use
- the "i;ascii-numeric" collation for substring matching.
-
- o The client uses an equality or substring matching collation, and
- the result is an error. It may be appropriate to distinguish
- between the two input strings, particularly when one is supplied
- by the client and the other is stored by the server. It might
- also be appropriate to distinguish the specific case of an invalid
- UTF-8 string.
-
-5.7. Octet Collation
-
- The i;octet (Section 9.3) collation is only usable with protocols
- based on octet-strings. Clients and servers MUST NOT use i;octet
- with other protocols.
-
- If the protocol permits the use of collations with data structures
- other than strings, the protocol MUST describe the default behavior
- for a collation with those data structures.
-
-6. Use by Existing Protocols
-
- This section is informative.
-
- Both ACAP [11] and Sieve [14] are standards track specifications that
- used collations prior to the creation of this specification and
- registry. Those standards do not meet all the application protocol
- requirements described in Section 5.
-
- These protocols allow the use of the i;octet (Section 9.3) collation
- working directly on UTF-8 data, as used in these protocols.
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 13]
-
-RFC 4790 Collation Registry March 2007
-
-
- In Sieve, all matches are either true or false. Accordingly, Sieve
- servers must treat "undefined" and "no-match" results of the equality
- and substring operations as false, and only "match" as true.
-
- In ACAP and Sieve, there are no invalid strings. In this document's
- terms, invalid strings sort after valid strings.
-
- IMAP [15] also collates, although that is explicit only when the
- COMPARATOR [17] extension is used. The built-in IMAP substring
- operation and the ordering provided by the SORT [16] extension may
- not meet the requirements made in this document.
-
- Other protocols may be in a similar position.
-
- In IMAP, the default collation is i;ascii-casemap, because its
- operations are understood to match IMAP's built-in operations.
-
-7. Collation Registration
-
-7.1. Collation Registration Procedure
-
- The IETF will create a mailing list, collation@ietf.org, which can be
- used for public discussion of collation proposals prior to
- registration. Use of the mailing list is strongly encouraged. The
- IESG will appoint a designated expert who will monitor the
- collation@ietf.org mailing list and review registrations.
-
- The registration procedure begins when a completed registration
- template is sent to iana@iana.org and collation@ietf.org. The
- designated expert is expected to tell IANA and the submitter of the
- registration within two weeks whether the registration is approved,
- approved with minor changes, or rejected with cause. When a
- registration is rejected with cause, it can be re-submitted if the
- concerns listed in the cause are addressed. Decisions made by the
- designated expert can be appealed to the IESG Applications Area
- Director, then to the IESG. They follow the normal appeals procedure
- for IESG decisions.
-
- Collation registrations in a standards track, BCP, or IESG-approved
- experimental RFC are owned by the IETF, and changes to the
- registration follow normal procedures for updating such documents.
- Collation registrations in other RFCs are owned by the RFC author(s).
- Other collation registrations are owned by the individual(s) listed
- in the contact field of the registration, and IANA will preserve this
- information.
-
- If the registration is a change of an existing collation, it MUST be
- approved by the owner. In the event the owner cannot be contacted
-
-
-
-Newman, et al. Standards Track [Page 14]
-
-RFC 4790 Collation Registry March 2007
-
-
- for a period of one month, and the designated expert deems the change
- necessary, the IESG MAY re-assign ownership to an appropriate party.
-
-7.2. Collation Registration Format
-
- Registration of a collation is done by sending a well-formed XML
- document to collation@ietf.org and iana@iana.org.
-
-7.2.1. Registration Template
-
- Here is a template for the registration:
-
- <?xml version='1.0'?>
- <!DOCTYPE collation SYSTEM 'collationreg.dtd'>
- <collation rfc="YYYY" scope="global" intendedUse="common">
- <identifier>collation identifier</identifier>
- <title>technical title for collation</title>
- <operations>equality order substring</operations>
- <specification>specification reference</specification>
- <owner>email address of owner or IETF</owner>
- <submitter>email address of submitter</submitter>
- <version>1</version>
- </collation>
-
-7.2.2. The Collation Element
-
- The root of the registration document MUST be a <collation> element.
- The collation element contains the other elements in the
- registration, which are described in the following sub-subsections,
- in the order given here.
-
- The <collation> element MAY include an "rfc=" attribute if the
- specification is in an RFC. The "rfc=" attribute gives only the
- number of the RFC, without any prefix, such as "RFC", or suffix, such
- as ".txt".
-
- The <collation> element MUST include a "scope=" attribute, which MUST
- have one of the values "global", "local", or "other".
-
- The <collation> element MUST include an "intendedUse=" attribute,
- which must have one of the values "common", "limited", "vendor", or
- "deprecated". Collation specifications intended for "common" use are
- expected to reference standards from standards bodies with
- significant experience dealing with the details of international
- character sets.
-
- Be aware that future revisions of this specification may add
- additional function types, as well as additional XML attributes,
-
-
-
-Newman, et al. Standards Track [Page 15]
-
-RFC 4790 Collation Registry March 2007
-
-
- values, and elements. Any system that automatically parses these XML
- documents MUST take this into account to preserve future
- compatibility.
-
-7.2.3. The Identifier Element
-
- The <identifier> element gives the precise identifier of the
- collation, e.g., i;ascii-casemap. The <identifier> element is
- mandatory.
-
-7.2.4. The Title Element
-
- The <title> element gives the title of the collation. The <title>
- element is mandatory.
-
-7.2.5. The Operations Element
-
- The <operations> element lists which of the three operations
- ("equality", "order" or "substring") the collation provides,
- separated by single spaces. The <operations> element is mandatory.
-
-7.2.6. The Specification Element
-
- The <specification> element describes where to find the
- specification. The <specification> element is mandatory. It MAY
- have a URI attribute. There may be more than one <specification>
- element, in which case, they together form the specification.
-
- If it is discovered that parts of a collation specification conflict,
- a new revision of the collation is necessary, and the
- collation@ietf.org mailing list should be notified.
-
-7.2.7. The Submitter Element
-
- The <submitter> element provides an RFC 2822 [12] email address for
- the person who submitted the registration. It is optional if the
- <owner> element contains an email address.
-
- There may be more than one <submitter> element.
-
-7.2.8. The Owner Element
-
- The <owner> element contains either the four letters "IETF" or an
- email address of the owner of the registration. The <owner> element
- is mandatory. There may be more than one <owner> element. If so,
- all owners are equal. Each owner can speak for all.
-
-
-
-
-
-Newman, et al. Standards Track [Page 16]
-
-RFC 4790 Collation Registry March 2007
-
-
-7.2.9. The Version Element
-
- The <version> element MUST be included when the registration is
- likely to be revised, or has been revised in such a way that the
- results change for one or more input strings. The <version> element
- is optional.
-
-7.2.10. The Variable Element
-
- The <variable> element specifies an optional variable to control the
- collation's behaviour, for example whether it is case sensitive. The
- <variable> element is optional. When <variable> is used, it must
- contain <name> and <default> elements, and it may contain one or more
- <value> elements.
-
-7.2.10.1. The Name Element
-
- The <name> element specifies the name value of a variable. The
- <name> element is mandatory.
-
-7.2.10.2. The Default Element
-
- The <default> element specifies the default value of a variable. The
- <default> element is mandatory.
-
-7.2.10.3. The Value Element
-
- The <value> element specifies a legal value of a variable. The
- <value> element is optional. If one or more <value> elements are
- present, only those values are legal. If none are, then the
- variable's legal values do not form an enumerated set, and the rules
- MUST be specified in an RFC accompanying the registration.
-
-7.3. Structure of Collation Registry
-
- Once the registration is approved, IANA will store each XML
- registration document in a URL of the form
- http://www.iana.org/assignments/collation/collation-id.xml, where
- collation-id is the content of the identifier element in the
- registration. Both the submitter and the designated expert are
- responsible for verifying that the XML is well-formed. The
- registration document should avoid using new elements. If any are
- necessary, it is important to be consistent with other registrations.
-
- IANA will also maintain a text summary of the registry under the name
- http://www.iana.org/assignments/collation/collation-index.html. This
- summary is divided into four sections. The first section is for
- collations intended for common use. This section is intended for
-
-
-
-Newman, et al. Standards Track [Page 17]
-
-RFC 4790 Collation Registry March 2007
-
-
- collation registrations published in IESG-approved RFCs, or for
- locally scoped collations from the primary standards body for that
- locale. The designated expert is encouraged to reject collation
- registrations with an intended use of "common" if the expert believes
- it should be "limited", as it is desirable to keep the number of
- "common" registrations small and of high quality. The second section
- is reserved for limited-use collations. The third section is
- reserved for registered vendor-specific collations. The final
- section is reserved for deprecated collations.
-
-7.4. Example Initial Registry Summary
-
- The following is an example of how IANA might structure the initial
- registry summary.html file:
-
- Collation Functions Scope Reference
- --------- --------- ----- ---------
- Common Use Collations:
- i;ascii-casemap e, o, s Local [RFC 4790]
-
- Limited Use Collations:
- i;octet e, o, s Other [RFC 4790]
- i;ascii-numeric e, o Other [RFC 4790]
-
- Vendor Collations:
-
- Deprecated Collations:
-
-
- References
- ----------
- [RFC 4790] Newman, C., Duerst, M., Gulbrandsen, A., "Internet
- Application Protocol Collation Registry", RFC 4790,
- Sun Microsystems, March 2007.
-
-8. Guidelines for Expert Reviewer
-
- The expert reviewer appointed by the IESG has fairly broad latitude
- for this registry. While a number of collations are expected
- (particularly customizations of the UCA for localized use), an
- explosion of collations (particularly common-use collations) is not
- desirable for widespread interoperability. However, it is important
- for the expert reviewer to provide cause when rejecting a
- registration, and, when possible, to describe corrective action to
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 18]
-
-RFC 4790 Collation Registry March 2007
-
-
- permit the registration to proceed. The following table includes
- some example reasons to reject a registration with cause:
-
- o The registration is not a well-formed XML document.
-
- o The registration has an intended use of "common", but there is no
- evidence the collation will be widely deployed, so it should be
- listed as "limited".
-
- o The registration has an intended use of "common", but it is
- redundant with the functionality of a previously registered
- "common" collation.
-
- o The registration has an intended use of "common", but the
- specification is not detailed enough to allow interoperable
- implementations by others.
-
- o The collation identifier fails to precisely identify the version
- numbers of relevant tables to use.
-
- o The registration fails to meet one of the "MUST" requirements in
- Section 4.
-
- o The collation identifier fails to meet the syntax in Section 3.
-
- o The collation specification referenced in the registration is
- vague or has optional features without a clear behavior specified.
-
- o The referenced specification does not adequately address security
- considerations specific to that collation.
-
- o The registration's operations are needlessly different from those
- of traditional operations.
-
- o The registration's XML is needlessly different from that of
- already registered collations.
-
-9. Initial Collations
-
- This section registers the three collations that were originally
- defined in [11], and are implemented in most [14] engines. Some of
- the behavior of these collations is perhaps not ideal, such as
- i;ascii-casemap accepting non-ASCII input. Compatibility with widely
- deployed code was judged more important than fixing the collations.
- Some of the aspects of these collations are necessary to maintain
- compatibility with widely deployed code.
-
-
-
-
-
-Newman, et al. Standards Track [Page 19]
-
-RFC 4790 Collation Registry March 2007
-
-
-9.1. ASCII Numeric Collation
-
-9.1.1. ASCII Numeric Collation Description
-
- The "i;ascii-numeric" collation is a simple collation intended for
- use with arbitrarily-sized, unsigned decimal integer numbers stored
- as octet strings. US-ASCII digits (0x30 to 0x39) represent digits of
- the numbers. Before converting from string to integer, the input
- string is truncated at the first non-digit character. All input is
- valid; strings that do not start with a digit represent positive
- infinity.
-
- The collation supports equality and ordering, but does not support
- the substring operation.
-
- The equality operation returns "match" if the two strings represent
- the same number (i.e., leading zeroes and trailing non-digits are
- disregarded), and "no-match" if the two strings represent different
- numbers.
-
- The ordering operation returns "less" if the first string represents
- a smaller number than the second, "equal" if they represent the same
- number, and "greater" if the first string represents a larger number
- than the second.
-
- Some examples: "0" is less than "1", and "1" is less than
- "4294967298". "4294967298", "04294967298", and "4294967298b" are all
- equal. "04294967298" is less than "". "", "x", and "y" are equal.
-
-9.1.2. ASCII Numeric Collation Registration
-
- <?xml version='1.0'?>
- <!DOCTYPE collation SYSTEM 'collationreg.dtd'>
- <collation rfc="4790" scope="other" intendedUse="limited">
- <identifier>i;ascii-numeric</identifier>
- <title>ASCII Numeric</title>
- <operations>equality order</operations>
- <specification>RFC 4790</specification>
- <owner>IETF</owner>
- <submitter>chris.newman@sun.com</submitter>
- </collation>
-
-
-
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 20]
-
-RFC 4790 Collation Registry March 2007
-
-
-9.2. ASCII Casemap Collation
-
-9.2.1. ASCII Casemap Collation Description
-
- The "i;ascii-casemap" collation is a simple collation that operates
- on octet strings and treats US-ASCII letters case-insensitively. It
- provides equality, substring, and ordering operations. All input is
- valid. Note that letters outside ASCII are not treated case-
- insensitively.
-
- Its equality, ordering, and substring operations are as for i;octet,
- except that at first, the lower-case letters (octet values 97-122) in
- each input string are changed to upper case (octet values 65-90).
-
- Care should be taken when using OS-supplied functions to implement
- this collation, as it is not locale sensitive. Functions, such as
- strcasecmp and toupper, are sometimes locale sensitive, and may
- inappropriately map lower-case letters other than a-z to upper case.
-
- The i;ascii-casemap collation is well-suited for use with many
- Internet protocols and computer languages. Use with natural language
- is often inappropriate; even though the collation apparently supports
- languages such as Swahili and English, in real-world use, it tends to
- mis-sort a number of types of string:
-
- o people and place names containing non-ASCII,
-
- o words such as "naive" (if spelled with an accent, the accented
- character could push the word to the wrong spot in a sorted list),
-
- o names such as "Lloyd" (which, in Welsh, sorts after "Lyon", unlike
- in English),
-
- o strings containing euro and pound sterling symbols, quotation
- marks other than '"', dashes/hyphens, etc.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 21]
-
-RFC 4790 Collation Registry March 2007
-
-
-9.2.2. ASCII Casemap Collation Registration
-
- <?xml version='1.0'?>
- <!DOCTYPE collation SYSTEM 'collationreg.dtd'>
- <collation rfc="4790" scope="local" intendedUse="common">
- <identifier>i;ascii-casemap</identifier>
- <title>ASCII Casemap</title>
- <operations>equality order substring</operations>
- <specification>RFC 4790</specification>
- <owner>IETF</owner>
- <submitter>chris.newman@sun.com</submitter>
- </collation>
-
-9.3. Octet Collation
-
-9.3.1. Octet Collation Description
-
- The "i;octet" collation is a simple and fast collation intended for
- use on binary octet strings rather than on character data. Protocols
- that want to make this collation available have to do so by
- explicitly allowing it. If not explicitly allowed, it MUST NOT be
- used. It never returns an "undefined" result. It provides equality,
- substring, and ordering operations.
-
- The ordering algorithm is as follows:
-
- 1. If both strings are the empty string, return the result "equal".
-
- 2. If the first string is empty and the second is not, return the
- result "less".
-
- 3. If the second string is empty and the first is not, return the
- result "greater".
-
- 4. If both strings begin with the same octet value, remove the first
- octet from both strings and repeat this algorithm from step 1.
-
- 5. If the unsigned value (0 to 255) of the first octet of the first
- string is less than the unsigned value of the first octet of the
- second string, then return "less".
-
- 6. If this step is reached, return "greater".
-
- This algorithm is roughly equivalent to the C library function
- memcmp, with appropriate length checks added.
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 22]
-
-RFC 4790 Collation Registry March 2007
-
-
- The matching operation returns "match" if the sorting algorithm would
- return "equal". Otherwise, the matching operation returns "no-
- match".
-
- The substring operation returns "match" if the first string is the
- empty string, or if there exists a substring of the second string of
- length equal to the length of the first string, which would result in
- a "match" result from the equality function. Otherwise, the
- substring operation returns "no-match".
-
-9.3.2. Octet Collation Registration
-
- This collation is defined with intendedUse="limited" because it can
- only be used by protocols that explicitly allow it.
-
- <?xml version='1.0'?>
- <!DOCTYPE collation SYSTEM 'collationreg.dtd'>
- <collation rfc="4790" scope="global" intendedUse="limited">
- <identifier>i;octet</identifier>
- <title>Octet</title>
- <operations>equality order substring</operations>
- <specification>RFC 4790</specification>
- <owner>IETF</owner>
- <submitter>chris.newman@sun.com</submitter>
- </collation>
-
-10. IANA Considerations
-
- Section 7 defines how to register collations with IANA. Section 9
- defines a list of predefined collations that have been registered
- with IANA.
-
-11. Security Considerations
-
- Collations will normally be used with UTF-8 strings. Thus, the
- security considerations for UTF-8 [3], stringprep [6], and Unicode
- TR-36 [8] also apply, and are normative to this specification.
-
-12. Acknowledgements
-
- The authors want to thank all who have contributed to this document,
- including Brian Carpenter, John Cowan, Dave Cridland, Mark Davis,
- Spencer Dawkins, Lisa Dusseault, Lars Eggert, Frank Ellermann, Philip
- Guenther, Tony Hansen, Ted Hardie, Sam Hartman, Kjetil Torgrim Homme,
- Michael Kay, John Klensin, Alexey Melnikov, Jim Melton, and Abhijit
- Menon-Sen.
-
-
-
-
-
-Newman, et al. Standards Track [Page 23]
-
-RFC 4790 Collation Registry March 2007
-
-
-13. References
-
-13.1. Normative References
-
- [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
- Levels", BCP 14, RFC 2119, March 1997.
-
- [2] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [3] Yergeau, F., "UTF-8, a transformation format of ISO 10646",
- STD 63, RFC 3629, November 2003.
-
- [4] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
- Resource Identifier (URI): Generic Syntax", RFC 3986,
- January 2005.
-
- [5] Phillips, A. and M. Davis, "Tags for Identifying Languages",
- BCP 47, RFC 4646, September 2006.
-
- [6] Hoffman, P. and M. Blanchet, "Preparation of Internationalized
- Strings ("stringprep")", RFC 3454, December 2002.
-
- [7] Davis, M. and K. Whistler, "Unicode Collation Algorithm version
- 14", May 2005,
- <http://www.unicode.org/reports/tr10/tr10-14.html>.
-
- [8] Davis, M. and M. Suignard, "Unicode Security Considerations",
- February 2006, <http://www.unicode.org/reports/tr36/>.
-
-13.2. Informative References
-
- [9] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
- Extensions (MIME) Part One: Format of Internet Message Bodies",
- RFC 2045, November 1996.
-
- [10] Melnikov, A., "Simple Authentication and Security Layer
- (SASL)", RFC 4422, June 2006.
-
- [11] Newman, C. and J. Myers, "ACAP -- Application Configuration
- Access Protocol", RFC 2244, November 1997.
-
- [12] Resnick, P., "Internet Message Format", RFC 2822, April 2001.
-
- [13] Freed, N. and J. Postel, "IANA Charset Registration
- Procedures", BCP 19, RFC 2978, October 2000.
-
-
-
-
-
-Newman, et al. Standards Track [Page 24]
-
-RFC 4790 Collation Registry March 2007
-
-
- [14] Showalter, T., "Sieve: A Mail Filtering Language", RFC 3028,
- January 2001.
-
- [15] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 3501, March 2003.
-
- [16] Crispin, M. and K. Murchison, "Internet Message Access Protocol
- - Sort and Thread Extensions", Work in Progress, May 2004.
-
- [17] Newman, C. and A. Gulbrandsen, "Internet Message Access
- Protocol Internationalization", Work in Progress, January 2006.
-
-Authors' Addresses
-
- Chris Newman
- Sun Microsystems
- 1050 Lakes Drive
- West Covina, CA 91790
- USA
-
- EMail: chris.newman@sun.com
-
-
- Martin Duerst
- Aoyama Gakuin University
- 5-10-1 Fuchinobe
- Sagamihara, Kanagawa 229-8558
- Japan
-
- Phone: +81 42 759 6329
- Fax: +81 42 759 6495
- EMail: duerst@it.aoyama.ac.jp
- URI: http://www.sw.it.aoyama.ac.jp/D%C3%BCrst/
-
- Note: Please write "Duerst" with u-umlaut wherever possible, for
- example as "D&#252;rst" in XML and HTML.
-
-
- Arnt Gulbrandsen
- Oryx Mail Systems GmbH
- Schweppermannstr. 8
- 81671 Munich
- Germany
-
- Fax: +49 89 4502 9758
- EMail: arnt@oryx.com
- URI: http://www.oryx.com/arnt/
-
-
-
-
-Newman, et al. Standards Track [Page 25]
-
-RFC 4790 Collation Registry March 2007
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2007).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-Newman, et al. Standards Track [Page 26]
-
diff --git a/imap/docs/rfc/rfc4959.txt b/imap/docs/rfc/rfc4959.txt
deleted file mode 100644
index 3df18354..00000000
--- a/imap/docs/rfc/rfc4959.txt
+++ /dev/null
@@ -1,395 +0,0 @@
-
-
-
-
-
-
-Network Working Group R. Siemborski
-Request for Comments: 4959 Google, Inc.
-Category: Standards Track A. Gulbrandsen
- Oryx Mail Systems GmbH
- September 2007
-
-
- IMAP Extension for Simple Authentication and Security Layer (SASL)
- Initial Client Response
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- To date, the Internet Message Access Protocol (IMAP) has used a
- Simple Authentication and Security Layer (SASL) profile which always
- required at least one complete round trip for an authentication, as
- it did not support an initial client response argument. This
- additional round trip at the beginning of the session is undesirable,
- especially when round-trip costs are high.
-
- This document defines an extension to IMAP which allows clients and
- servers to avoid this round trip by allowing an initial client
- response argument to the IMAP AUTHENTICATE command.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski & Gulbrandsen Standards Track [Page 1]
-
-RFC 4959 IMAP Ext for SASL Initial Client Response September 2007
-
-
-1. Introduction
-
- The SASL initial client response extension is present in any IMAP
- [RFC3501] server implementation which returns "SASL-IR" as one of the
- supported capabilities in its CAPABILITY response.
-
- Servers which support this extension will accept an optional initial
- client response with the AUTHENTICATE command for any SASL [RFC4422]
- mechanisms which support it.
-
-2. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC2119].
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively.
-
- Formal syntax is defined by [RFC4234] as extended by [RFC3501].
-
-3. IMAP Changes to the IMAP AUTHENTICATE Command
-
- This extension adds an optional second argument to the AUTHENTICATE
- command that is defined in Section 6.2.2 of [RFC3501]. If this
- second argument is present, it represents the contents of the
- "initial client response" defined in Section 5.1 of [RFC4422].
-
- As with any other client response, this initial client response MUST
- be encoded as defined in Section 4 of [RFC4648]. It also MUST be
- transmitted outside of a quoted string or literal. To send a zero-
- length initial response, the client MUST send a single pad character
- ("="). This indicates that the response is present, but is a zero-
- length string.
-
- When decoding the BASE64 [RFC4648] data in the initial client
- response, decoding errors MUST be treated as IMAP [RFC3501] would
- handle them in any normal SASL client response. In particular, the
- server should check for any characters not explicitly allowed by the
- BASE64 alphabet, as well as any sequence of BASE64 characters that
- contains the pad character ('=') anywhere other than the end of the
- string (e.g., "=AAA" and "AAA=BBB" are not allowed).
-
- If the client uses an initial response with a SASL mechanism that
- does not support an initial response, the server MUST reject the
- command with a tagged BAD response.
-
-
-
-
-
-Siemborski & Gulbrandsen Standards Track [Page 2]
-
-RFC 4959 IMAP Ext for SASL Initial Client Response September 2007
-
-
- Note: support and use of the initial client response is optional for
- both clients and servers. Servers that implement this extension MUST
- support clients that omit the initial client response, and clients
- that implement this extension MUST NOT send an initial client
- response to servers that do not advertise the SASL-IR capability. In
- such a situation, clients MUST fall back to an IMAP [RFC3501]
- compatible mode.
-
- If either the client or the server do not support the SASL-IR
- capability, a mechanism which uses an initial client response is
- negotiated using the challenge/response exchange described in
- [RFC3501], with an initial zero-length server challenge.
-
-4. Examples
-
- The following is an example authentication using the PLAIN (see
- [RFC4616]) SASL mechanism (under a TLS protection layer, see
- [RFC4346]) and an initial client response:
-
- ... client connects to server and negotiates a TLS
- protection layer ...
- C: C01 CAPABILITY
- S: * CAPABILITY IMAP4rev1 SASL-IR AUTH=PLAIN
- S: C01 OK Completed
- C: A01 AUTHENTICATE PLAIN dGVzdAB0ZXN0AHRlc3Q=
- S: A01 OK Success (tls protection)
-
- Note that even when a server supports this extension, the following
- negotiation (which does not use the initial response) is still valid
- and MUST be supported by the server:
-
- ... client connects to server and negotiates a TLS
- protection layer ...
- C: C01 CAPABILITY
- S: * CAPABILITY IMAP4rev1 SASL-IR AUTH=PLAIN
- S: C01 OK Completed
- C: A01 AUTHENTICATE PLAIN
- (note that there is a space following the "+" in the
- following line)
- S: +
- C: dGVzdAB0ZXN0AHRlc3Q=
- S: A01 OK Success (tls protection)
-
- The following is an example authentication using the SASL EXTERNAL
- mechanism (defined in [RFC4422]) under a TLS protection layer (see
- [RFC4346]) and an empty initial client response:
-
-
-
-
-
-Siemborski & Gulbrandsen Standards Track [Page 3]
-
-RFC 4959 IMAP Ext for SASL Initial Client Response September 2007
-
-
- ... client connects to server and negotiates a TLS
- protection layer ...
- C: C01 CAPABILITY
- S: * CAPABILITY IMAP4rev1 SASL-IR AUTH=PLAIN AUTH=EXTERNAL
- S: C01 OK Completed
- C: A01 AUTHENTICATE EXTERNAL =
- S: A01 OK Success (tls protection)
-
- This is in contrast with the handling of such a situation when an
- initial response is omitted:
-
- ... client connects to server and negotiates a TLS protection
- layer ...
- C: C01 CAPABILITY
- S: * CAPABILITY IMAP4rev1 SASL-IR AUTH=PLAIN AUTH=EXTERNAL
- S: C01 OK Completed
- C: A01 AUTHENTICATE EXTERNAL
- (note that there is a space following the "+" in the
- following line)
- S: +
- C:
- S: A01 OK Success (tls protection)
-
-5. IANA Considerations
-
- The IANA has added SASL-IR to the IMAP4 Capabilities Registry.
-
-6. Security Considerations
-
- The extension defined in this document is subject to many of the
- Security Considerations defined in [RFC3501] and [RFC4422].
-
- Server implementations MUST treat the omission of an initial client
- response from the AUTHENTICATE command as defined by [RFC3501] (as if
- this extension did not exist).
-
- Although [RFC3501] has no express line length limitations, some
- implementations choose to enforce them anyway. Such implementations
- MUST be aware that the addition of the initial response parameter to
- AUTHENTICATE may increase the maximum line length that IMAP parsers
- may expect to support. Server implementations MUST be able to
- receive the largest possible initial client response that their
- supported mechanisms might receive.
-
-
-
-
-
-
-
-
-Siemborski & Gulbrandsen Standards Track [Page 4]
-
-RFC 4959 IMAP Ext for SASL Initial Client Response September 2007
-
-
-7. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form [RFC4234] notation. [RFC3501] defines the non-terminals
- capability, auth-type, and base64.
-
- capability =/ "SASL-IR"
-
- authenticate = "AUTHENTICATE" SP auth-type [SP (base64 / "=")]
- *(CRLF base64)
- ;;redefine AUTHENTICATE from [RFC3501]
-
-8. Acknowledgments
-
- The authors would like to acknowledge the contributions of Ken
- Murchison and Mark Crispin, along with the rest of the IMAPEXT
- Working Group for their assistance in reviewing this document.
-
- Alexey Melnikov and Cyrus Daboo also had some early discussions about
- this extension.
-
-9. References
-
-9.1. Normative References
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [RFC4234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
- [RFC4422] Melnikov, A. and K. Zeilenga, "Simple Authentication and
- Security Layer (SASL)", RFC 4422, June 2006.
-
- [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
- Encodings", RFC 4648, October 2006.
-
-9.2. Informative References
-
- [RFC4616] Zeilenga, K., "The PLAIN Simple Authentication and
- Security Layer (SASL) Mechanism", RFC 4616, August 2006.
-
- [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security
- (TLS) Protocol Version 1.1", RFC 4346, April 2006.
-
-
-
-
-Siemborski & Gulbrandsen Standards Track [Page 5]
-
-RFC 4959 IMAP Ext for SASL Initial Client Response September 2007
-
-
-Authors' Addresses
-
- Robert Siemborski
- Google, Inc.
- 1600 Ampitheatre Parkway
- Mountain View, CA 94043
-
- Phone: +1 650 623 6925
- EMail: robsiemb@google.com
-
-
- Arnt Gulbrandsen
- Oryx Mail Systems GmbH
- Schweppermannstr. 8
- D-81671 Muenchen
- Germany
-
- EMail: arnt@oryx.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski & Gulbrandsen Standards Track [Page 6]
-
-RFC 4959 IMAP Ext for SASL Initial Client Response September 2007
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2007).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Siemborski & Gulbrandsen Standards Track [Page 7]
-
diff --git a/imap/docs/rfc/rfc4978.txt b/imap/docs/rfc/rfc4978.txt
deleted file mode 100644
index 14b56b6e..00000000
--- a/imap/docs/rfc/rfc4978.txt
+++ /dev/null
@@ -1,507 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Gulbrandsen
-Request for Comments: 4978 Oryx Mail Systems GmbH
-Category: Standards Track August 2007
-
-
- The IMAP COMPRESS Extension
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- The COMPRESS extension allows an IMAP connection to be effectively
- and efficiently compressed.
-
- Table of Contents
-
- 1. Introduction and Overview .......................................2
- 2. Conventions Used in This Document ...............................2
- 3. The COMPRESS Command ............................................3
- 4. Compression Efficiency ..........................................4
- 5. Formal Syntax ...................................................6
- 6. Security Considerations .........................................6
- 7. IANA Considerations .............................................6
- 8. Acknowledgements ................................................7
- 9. References ......................................................7
- 9.1. Normative References .......................................7
- 9.2. Informative References .....................................7
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gulbrandsen Standards Track [Page 1]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
-1. Introduction and Overview
-
- A server which supports the COMPRESS extension indicates this with
- one or more capability names consisting of "COMPRESS=" followed by a
- supported compression algorithm name as described in this document.
-
- The goal of COMPRESS is to reduce the bandwidth usage of IMAP.
-
- Compared to PPP compression (see [RFC1962]) and modem-based
- compression (see [MNP] and [V42BIS]), COMPRESS offers much better
- compression efficiency. COMPRESS can be used together with Transport
- Security Layer (TLS) [RFC4346], Simple Authentication and Security
- layer (SASL) encryption, Virtual Private Networks (VPNs), etc.
- Compared to TLS compression [RFC3749], COMPRESS has the following
- (dis)advantages:
-
- - COMPRESS can be implemented easily both by IMAP servers and
- clients.
-
- - IMAP COMPRESS benefits from an intimate knowledge of the IMAP
- protocol's state machine, allowing for dynamic and aggressive
- optimization of the underlying compression algorithm's parameters.
-
- - When the TLS layer implements compression, any protocol using that
- layer can transparently benefit from that compression (e.g., SMTP
- and IMAP). COMPRESS is specific to IMAP.
-
- In order to increase interoperation, it is desirable to have as few
- different compression algorithms as possible, so this document
- specifies only one. The DEFLATE algorithm (defined in [RFC1951]) is
- standard, widely available and fairly efficient, so it is the only
- algorithm defined by this document.
-
- In order to increase interoperation, IMAP servers that advertise this
- extension SHOULD also advertise the TLS DEFLATE compression mechanism
- as defined in [RFC3749]. IMAP clients MAY use either COMPRESS or TLS
- compression, however, if the client and server support both, it is
- RECOMMENDED that the client choose TLS compression.
-
- The extension adds one new command (COMPRESS) and no new responses.
-
-2. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC2119].
-
- Formal syntax is defined by [RFC4234] as modified by [RFC3501].
-
-
-
-Gulbrandsen Standards Track [Page 2]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
- In the examples, "C:" and "S:" indicate lines sent by the client and
- server respectively. "[...]" denotes elision.
-
-3. The COMPRESS Command
-
- Arguments: Name of compression mechanism: "DEFLATE".
-
- Responses: None
-
- Result: OK The server will compress its responses and expects the
- client to compress its commands.
- NO Compression is already active via another layer.
- BAD Command unknown, invalid or unknown argument, or COMPRESS
- already active.
-
- The COMPRESS command instructs the server to use the named
- compression mechanism ("DEFLATE" is the only one defined) for all
- commands and/or responses after COMPRESS.
-
- The client MUST NOT send any further commands until it has seen the
- result of COMPRESS. If the response was OK, the client MUST compress
- starting with the first command after COMPRESS. If the server
- response was BAD or NO, the client MUST NOT turn on compression.
-
- If the server responds NO because it knows that the same mechanism is
- active already (e.g., because TLS has negotiated the same mechanism),
- it MUST send COMPRESSIONACTIVE as resp-text-code (see [RFC3501],
- Section 7.1), and the resp-text SHOULD say which layer compresses.
-
- If the server issues an OK response, the server MUST compress
- starting immediately after the CRLF which ends the tagged OK
- response. (Responses issued by the server before the OK response
- will, of course, still be uncompressed.) If the server issues a BAD
- or NO response, the server MUST NOT turn on compression.
-
- For DEFLATE (as for many other compression mechanisms), the
- compressor can trade speed against quality. When decompressing there
- isn't much of a tradeoff. Consequently, the client and server are
- both free to pick the best reasonable rate of compression for the
- data they send.
-
- When COMPRESS is combined with TLS (see [RFC4346]) or SASL (see
- [RFC4422]) security layers, the sending order of the three extensions
- MUST be first COMPRESS, then SASL, and finally TLS. That is, before
- data is transmitted it is first compressed. Second, if a SASL
- security layer has been negotiated, the compressed data is then
- signed and/or encrypted accordingly. Third, if a TLS security layer
- has been negotiated, the data from the previous step is signed and/or
-
-
-
-Gulbrandsen Standards Track [Page 3]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
- encrypted accordingly. When receiving data, the processing order
- MUST be reversed. This ensures that before sending, data is
- compressed before it is encrypted, independent of the order in which
- the client issues COMPRESS, AUTHENTICATE, and STARTTLS.
-
- The following example illustrates how commands and responses are
- compressed during a simple login sequence:
-
- S: * OK [CAPABILITY IMAP4REV1 STARTTLS COMPRESS=DEFLATE]
- C: a starttls
- S: a OK TLS active
-
- From this point on, everything is encrypted.
-
- C: b login arnt tnra
- S: b OK Logged in as arnt
- C: c compress deflate
- S: d OK DEFLATE active
-
- From this point on, everything is compressed before being
- encrypted.
-
- The following example demonstrates how a server may refuse to
- compress twice:
-
- S: * OK [CAPABILITY IMAP4REV1 STARTTLS COMPRESS=DEFLATE]
- [...]
- C: c compress deflate
- S: c NO [COMPRESSIONACTIVE] DEFLATE active via TLS
-
-4. Compression Efficiency
-
- This section is informative, not normative.
-
- IMAP poses some unusual problems for a compression layer.
-
- Upstream is fairly simple. Most IMAP clients send the same few
- commands again and again, so any compression algorithm that can
- exploit repetition works efficiently. The APPEND command is an
- exception; clients that send many APPEND commands may want to
- surround large literals with flushes in the same way as is
- recommended for servers later in this section.
-
- Downstream has the unusual property that several kinds of data are
- sent, confusing all dictionary-based compression algorithms.
-
-
-
-
-
-
-Gulbrandsen Standards Track [Page 4]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
- One type is IMAP responses. These are highly compressible; zlib
- using its least CPU-intensive setting compresses typical responses to
- 25-40% of their original size.
-
- Another type is email headers. These are equally compressible, and
- benefit from using the same dictionary as the IMAP responses.
-
- A third type is email body text. Text is usually fairly short and
- includes much ASCII, so the same compression dictionary will do a
- good job here, too. When multiple messages in the same thread are
- read at the same time, quoted lines etc. can often be compressed
- almost to zero.
-
- Finally, attachments (non-text email bodies) are transmitted, either
- in binary form or encoded with base-64.
-
- When attachments are retrieved in binary form, DEFLATE may be able to
- compress them, but the format of the attachment is usually not IMAP-
- like, so the dictionary built while compressing IMAP does not help.
- The compressor has to adapt its dictionary from IMAP to the
- attachment's format, and then back. A few file formats aren't
- compressible at all using deflate, e.g., .gz, .zip, and .jpg files.
-
- When attachments are retrieved in base-64 form, the same problems
- apply, but the base-64 encoding adds another problem. 8-bit
- compression algorithms such as deflate work well on 8-bit file
- formats, however base-64 turns a file into something resembling 6-bit
- bytes, hiding most of the 8-bit file format from the compressor.
-
- When using the zlib library (see [RFC1951]), the functions
- deflateInit2(), deflate(), inflateInit2(), and inflate() suffice to
- implement this extension. The windowBits value must be in the range
- -8 to -15, or else deflateInit2() uses the wrong format.
- deflateParams() can be used to improve compression rate and resource
- use. The Z_FULL_FLUSH argument to deflate() can be used to clear the
- dictionary (the receiving peer does not need to do anything).
-
- A client can improve downstream compression by implementing BINARY
- (defined in [RFC3516]) and using FETCH BINARY instead of FETCH BODY.
- In the author's experience, the improvement ranges from 5% to 40%
- depending on the attachment being downloaded.
-
- A server can improve downstream compression if it hints to the
- compressor that the data type is about to change strongly, e.g., by
- sending a Z_FULL_FLUSH at the start and end of large non-text
- literals (before and after '*CHAR8' in the definition of literal in
- RFC 3501, page 86). Small literals are best left alone. A possible
- boundary is 5k.
-
-
-
-Gulbrandsen Standards Track [Page 5]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
- A server can improve the CPU efficiency both of the server and the
- client if it adjusts the compression level (e.g., using the
- deflateParams() function in zlib) at these points, to avoid trying to
- compress incompressible attachments. A very simple strategy is to
- change the level to 0 at the start of a literal provided the first
- two bytes are either 0x1F 0x8B (as in deflate-compressed files) or
- 0xFF 0xD8 (JPEG), and to keep it at 1-5 the rest of the time. More
- complex strategies are possible.
-
-5. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [RFC4234]. This syntax augments
- the grammar specified in [RFC3501]. [RFC4234] defines SP and
- [RFC3501] defines command-auth, capability, and resp-text-code.
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lower case characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- command-auth =/ compress
-
- compress = "COMPRESS" SP algorithm
-
- capability =/ "COMPRESS=" algorithm
- ;; multiple COMPRESS capabilities allowed
-
- algorithm = "DEFLATE"
-
- resp-text-code =/ "COMPRESSIONACTIVE"
-
- Note that due the syntax of capability names, future algorithm names
- must be atoms.
-
-6. Security Considerations
-
- As for TLS compression [RFC3749].
-
-7. IANA Considerations
-
- The IANA has added COMPRESS=DEFLATE to the list of IMAP capabilities.
-
-
-
-
-
-
-
-
-
-Gulbrandsen Standards Track [Page 6]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
-8. Acknowledgements
-
- Eric Burger, Dave Cridland, Tony Finch, Ned Freed, Philip Guenther,
- Randall Gellens, Tony Hansen, Cullen Jennings, Stephane Maes, Alexey
- Melnikov, Lyndon Nerenberg, and Zoltan Ordogh have all helped with
- this document.
-
- The author would also like to thank various people in the rooms at
- meetings, whose help is real, but not reflected in the author's
- mailbox.
-
-9. References
-
-9.1. Normative References
-
- [RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification
- version 1.3", RFC 1951, May 1996.
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [RFC4234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
-9.2. Informative References
-
- [RFC1962] Rand, D., "The PPP Compression Control Protocol (CCP)",
- RFC 1962, June 1996.
-
- [RFC3516] Nerenberg, L., "IMAP4 Binary Content Extension", RFC 3516,
- April 2003.
-
- [RFC3749] Hollenbeck, S., "Transport Layer Security Protocol
- Compression Methods", RFC 3749, May 2004.
-
- [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security
- (TLS) Protocol Version 1.1", RFC 4346, April 2006.
-
- [RFC4422] Melnikov, A. and K. Zeilenga, "Simple Authentication and
- Security Layer (SASL)", RFC 4422, June 2006.
-
- [V42BIS] ITU, "V.42bis: Data compression procedures for data
- circuit-terminating equipment (DCE) using error correction
- procedures", http://www.itu.int/rec/T-REC-V.42bis, January
- 1990.
-
-
-
-Gulbrandsen Standards Track [Page 7]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
- [MNP] Gilbert Held, "The Complete Modem Reference", Second
- Edition, Wiley Professional Computing, ISBN 0-471-00852-4,
- May 1994.
-
-Author's Address
-
- Arnt Gulbrandsen
- Oryx Mail Systems GmbH
- Schweppermannstr. 8
- D-81671 Muenchen
- Germany
-
- Fax: +49 89 4502 9758
- EMail: arnt@oryx.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gulbrandsen Standards Track [Page 8]
-
-RFC 4978 The IMAP COMPRESS Extension August 2007
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2007).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Gulbrandsen Standards Track [Page 9]
-
diff --git a/imap/docs/rfc/rfc5032.txt b/imap/docs/rfc/rfc5032.txt
deleted file mode 100644
index f8e48953..00000000
--- a/imap/docs/rfc/rfc5032.txt
+++ /dev/null
@@ -1,283 +0,0 @@
-
-
-
-
-
-
-Network Working Group E. Burger, Ed.
-Request for Comments: 5032 BEA Systems, Inc.
-Updates: 3501 September 2007
-Category: Standards Track
-
-
- WITHIN Search Extension to the IMAP Protocol
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- This document describes the WITHIN extension to IMAP SEARCH. IMAP
- SEARCH returns messages whose internal date is within or outside a
- specified interval. The mechanism described here, OLDER and YOUNGER,
- differs from BEFORE and SINCE in that the client specifies an
- interval, rather than a date. WITHIN is useful for persistent
- searches where either the device does not have the capacity to
- perform the search at regular intervals or the network is of limited
- bandwidth and thus there is a desire to reduce network traffic from
- sending repeated requests and redundant responses.
-
-1. Introduction
-
- This extension exposes two new search keys, OLDER and YOUNGER, each
- of which takes a non-zero integer argument corresponding to a time
- interval in seconds. The server calculates the time of interest by
- subtracting the time interval the client presents from the current
- date and time of the server. The server then either returns messages
- older or younger than the resultant time and date, depending on the
- search key used.
-
-1.1. Conventions Used in This Document
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server, respectively.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in RFC 2119 [RFC2119].
-
-
-
-
-
-Burger Standards Track [Page 1]
-
-RFC 5032 Search Within September 2007
-
-
- When describing the general syntax, we omit some definitions, as RFC
- 3501 [RFC3501] defines them.
-
-2. Protocol Operation
-
- An IMAP4 server that supports the capability described here MUST
- return "WITHIN" as one of the server supported capabilities in the
- CAPABILITY command.
-
- For both the OLDER and YOUNGER search keys, the server calculates a
- target date and time by subtracting the interval, specified in
- seconds, from the current date and time of the server. The server
- then compares the target time with the INTERNALDATE of the message,
- as specified in IMAP [RFC3501]. For OLDER, messages match if the
- INTERNALDATE is less recent than or equal to the target time. For
- YOUNGER, messages match if the INTERNALDATE is more recent than or
- equal to the target time.
-
- Both OLDER and YOUNGER searches always result in exact matching, to
- the resolution of a second. However, if one is doing a dynamic
- evaluation, for example, in a context [CONTEXT], one needs to be
- aware that the server might perform the evaluation periodically.
- Thus, the server may delay the updates. Clients MUST be aware that
- dynamic search results may not reflect the current state of the
- mailbox. If the client needs a search result that reflects the
- current state of the mailbox, we RECOMMEND that the client issue a
- new search.
-
-3. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation. Elements not defined here can be found in the
- formal syntax of ABNF [RFC4234] and IMAP [RFC3501].
-
- This document extends RFC 3501 [RFC3501] with two new search keys:
- OLDER <interval> and YOUNGER <interval>.
-
- search-key =/ ( "OLDER" / "YOUNGER" ) SP nz-number
- ; search-key defined in RFC 3501
-
-4. Example
-
- C: a1 SEARCH UNSEEN YOUNGER 259200
- S: a1 * SEARCH 4 8 15 16 23 42
-
- Search for all unseen messages within the past 3 days, or 259200
- seconds, according to the server's current time.
-
-
-
-
-Burger Standards Track [Page 2]
-
-RFC 5032 Search Within September 2007
-
-
-5. Security Considerations
-
- The WITHIN extension does not raise any security considerations that
- are not present in the base protocol. Considerations are the same as
- for IMAP [RFC3501].
-
-6. IANA Considerations
-
- Per the IMAP RFC [RFC3501], registration of a new IMAP capability in
- the IMAP Capability registry requires the publication of a standards-
- track RFC or an IESG approved experimental RFC. The registry is
- currently located at
- <http://www.iana.org/assignments/imap4-capabilities>. This
- standards-track document defines the WITHIN IMAP capability. IANA
- has added this extension to the IANA IMAP Capability registry.
-
-7. References
-
-7.1. Normative References
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", RFC 2119, BCP 14, March 1997.
-
- [RFC3501] Crispin, M., "Internet Message Access Protocol - Version
- 4rev1", RFC 3501, March 2003.
-
- [RFC4234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", RFC 4234, October 2005.
-
-7.2. Informative References
-
- [CONTEXT] Melnikov, D. and C. King, "Contexts for IMAP4", Work
- in Progress, May 2006.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Burger Standards Track [Page 3]
-
-RFC 5032 Search Within September 2007
-
-
-Appendix A. Contributors
-
- Stephane Maes and Ray Cromwell wrote the original version of this
- document as part of P-IMAP, as well as the first versions for the
- IETF. From an attribution perspective, they are clearly authors.
-
-Appendix B. Acknowledgements
-
- The authors want to thank all who have contributed key insight and
- who have extensively reviewed and discussed the concepts of LPSEARCH.
- They also thank the authors of its early introduction in P-IMAP.
-
- We also want to give a special thanks to Arnt Gilbrandsen, Ken
- Murchison, Zoltan Ordogh, and most especially Dave Cridland for their
- review and suggestions. A special thank you goes to Alexey Melnikov
- for his choice submission of text.
-
-Author's Address
-
- Eric W. Burger (editor)
- BEA Systems, Inc.
- USA
-
- EMail: eric.burger@bea.com
- URI: http://www.standardstrack.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Burger Standards Track [Page 4]
-
-RFC 5032 Search Within September 2007
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2007).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Burger Standards Track [Page 5]
-
diff --git a/imap/docs/rfc/rfc5051.txt b/imap/docs/rfc/rfc5051.txt
deleted file mode 100644
index 0a4479ca..00000000
--- a/imap/docs/rfc/rfc5051.txt
+++ /dev/null
@@ -1,395 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Crispin
-Request for Comments: 5051 University of Washington
-Category: Standards Track October 2007
-
-
- i;unicode-casemap - Simple Unicode Collation Algorithm
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- This document describes "i;unicode-casemap", a simple case-
- insensitive collation for Unicode strings. It provides equality,
- substring, and ordering operations.
-
-1. Introduction
-
- The "i;ascii-casemap" collation described in [COMPARATOR] is quite
- simple to implement and provides case-independent comparisons for the
- 26 Latin alphabetics. It is specified as the default and/or baseline
- comparator in some application protocols, e.g., [IMAP-SORT].
-
- However, the "i;ascii-casemap" collation does not produce
- satisfactory results with non-ASCII characters. It is possible, with
- a modest extension, to provide a more sophisticated collation with
- greater multilingual applicability than "i;ascii-casemap". This
- extension provides case-independent comparisons for a much greater
- number of characters. It also collates characters with diacriticals
- with the non-diacritical character forms.
-
- This collation, "i;unicode-casemap", is intended to be an alternative
- to, and preferred over, "i;ascii-casemap". It does not replace the
- "i;basic" collation described in [BASIC].
-
-2. Unicode Casemap Collation Description
-
- The "i;unicode-casemap" collation is a simple collation which is
- case-insensitive in its treatment of characters. It provides
- equality, substring, and ordering operations. The validity test
- operation returns "valid" for any input.
-
-
-
-
-
-Crispin Standards Track [Page 1]
-
-RFC 5051 i;unicode-casemap October 2007
-
-
- This collation allows strings in arbitrary (and mixed) character
- sets, as long as the character set for each string is identified and
- it is possible to convert the string to Unicode. Strings which have
- an unidentified character set and/or cannot be converted to Unicode
- are not rejected, but are treated as binary.
-
- Each input string is prepared by converting it to a "titlecased
- canonicalized UTF-8" string according to the following steps, using
- UnicodeData.txt ([UNICODE-DATA]):
-
- (1) A Unicode codepoint is obtained from the input string.
-
- (a) If the input string is in a known charset that can be
- converted to Unicode, a sequence in the string's charset
- is read and checked for validity according to the rules of
- that charset. If the sequence is valid, it is converted
- to a Unicode codepoint. Note that for input strings in
- UTF-8, the UTF-8 sequence must be valid according to the
- rules of [UTF-8]; e.g., overlong UTF-8 sequences are
- invalid.
-
- (b) If the input string is in an unknown charset, or an
- invalid sequence occurs in step (1)(a), conversion ceases.
- No further preparation is performed, and any partial
- preparation results are discarded. The original string is
- used unchanged with the i;octet comparator.
-
- (2) The following steps, using UnicodeData.txt ([UNICODE-DATA]),
- are performed on the resulting codepoint from step (1)(a).
-
- (a) If the codepoint has a titlecase property in
- UnicodeData.txt (this is normally the same as the
- uppercase property), the codepoint is converted to the
- codepoints in the titlecase property.
-
- (b) If the resulting codepoint from (2)(a) has a decomposition
- property of any type in UnicodeData.txt, the codepoint is
- converted to the codepoints in the decomposition property.
- This step is recursively applied to each of the resulting
- codepoints until no more decomposition is possible
- (effectively Normalization Form KD).
-
- Example: codepoint U+01C4 (LATIN CAPITAL LETTER DZ WITH CARON)
- has a titlecase property of U+01C5 (LATIN CAPITAL LETTER D
- WITH SMALL LETTER Z WITH CARON). Codepoint U+01C5 has a
- decomposition property of U+0044 (LATIN CAPITAL LETTER D)
- U+017E (LATIN SMALL LETTER Z WITH CARON). U+017E has a
- decomposition property of U+007A (LATIN SMALL LETTER Z) U+030c
-
-
-
-Crispin Standards Track [Page 2]
-
-RFC 5051 i;unicode-casemap October 2007
-
-
- (COMBINING CARON). Neither U+0044, U+007A, nor U+030C have
- any decomposition properties. Therefore, U+01C4 is converted
- to U+0044 U+007A U+030C by this step.
-
- (3) The resulting codepoint(s) from step (2) is/are appended, in
- UTF-8 format, to the "titlecased canonicalized UTF-8" string.
-
- (4) Repeat from step (1) until there is no more data in the input
- string.
-
- Following the above preparation process on each string, the equality,
- ordering, and substring operations are as for i;octet.
-
- It is permitted to use an alternative implementation of the above
- preparation process if it produces the same results. For example, it
- may be more convenient for an implementation to convert all input
- strings to a sequence of UTF-16 or UTF-32 values prior to performing
- any of the step (2) actions. Similarly, if all input strings are (or
- are convertible to) Unicode, it may be possible to use UTF-32 as an
- alternative to UTF-8 in step (3).
-
- Note: UTF-16 is unsuitable as an alternative to UTF-8 in step (3),
- because UTF-16 surrogates will cause i;octet to collate codepoints
- U+E0000 through U+FFFF after non-BMP codepoints.
-
- This collation is not locale sensitive. Consequently, care should be
- taken when using OS-supplied functions to implement this collation.
- Functions such as strcasecmp and toupper are sometimes locale
- sensitive and may inconsistently casemap letters.
-
- The i;unicode-casemap collation is well suited to use with many
- Internet protocols and computer languages. Use with natural language
- is often inappropriate; even though the collation apparently supports
- languages such as Swahili and English, in real-world use it tends to
- mis-sort a number of types of string:
-
- o people and place names containing scripts that are not collated
- according to "alphabetical order".
- o words with characters that have diacriticals. However,
- i;unicode-casemap generally does a better job than i;ascii-casemap
- for most (but not all) languages. For example, German umlaut
- letters will sort correctly, but some Scandinavian letters will
- not.
- o names such as "Lloyd" (which in Welsh sorts after "Lyon", unlike
- in English),
- o strings containing other non-letter symbols; e.g., euro and pound
- sterling symbols, quotation marks other than '"', dashes/hyphens,
- etc.
-
-
-
-Crispin Standards Track [Page 3]
-
-RFC 5051 i;unicode-casemap October 2007
-
-
-3. Unicode Casemap Collation Registration
-
- <?xml version='1.0'?>
- <!DOCTYPE collation SYSTEM 'collationreg.dtd'>
- <collation rfc="5051" scope="global" intendedUse="common">
- <identifier>i;unicode-casemap</identifier>
- <title>Unicode Casemap</title>
- <operations>equality order substring</operations>
- <specification>RFC 5051</specification>
- <owner>IETF</owner>
- <submitter>mrc@cac.washington.edu</submitter>
- </collation>
-
-4. Security Considerations
-
- The security considerations for [UTF-8], [STRINGPREP], and [UNICODE-
- SECURITY] apply and are normative to this specification.
-
- The results from this comparator will vary depending upon the
- implementation for several reasons. Implementations MUST consider
- whether these possibilities are a problem for their use case:
-
- 1) New characters added in Unicode may have decomposition or
- titlecase properties that will not be known to an implementation
- based upon an older revision of Unicode. This impacts step (2).
-
- 2) Step (2)(b) defines a subset of Normalization Form KD (NFKD) that
- does not require normalization of out-of-order diacriticals.
- However, an implementation MAY use an NFKD library routine that
- does such normalization. This impacts step (2)(b) and possibly
- also step (1)(a), and is an issue only with ill-formed UTF-8
- input.
-
- 3) The set of charsets handled in step (1)(a) is open-ended. UTF-8
- (and, by extension, US-ASCII) are the only mandatory-to-implement
- charsets. This impacts step (1)(a).
-
- Implementations SHOULD, as far as feasible, support all the
- charsets they are likely to encounter in the input data, in order
- to avoid poor collation caused by the fall through to the (1)(b)
- rule.
-
- 4) Other charsets may have revisions which add new characters that
- are not known to an implementation based upon an older revision.
- This impacts step (1)(a) and possibly also step (1)(b).
-
-
-
-
-
-
-Crispin Standards Track [Page 4]
-
-RFC 5051 i;unicode-casemap October 2007
-
-
- An attacker may create input that is ill-formed or in an unknown
- charset, with the intention of impacting the results of this
- comparator or exploiting other parts of the system which process this
- input in different ways. Note, however, that even well-formed data
- in a known charset can impact the result of this comparator in
- unexpected ways. For example, an attacker can substitute U+0041
- (LATIN CAPITAL LETTER A) with U+0391 (GREEK CAPITAL LETTER ALPHA) or
- U+0410 (CYRILLIC CAPITAL LETTER A) in the intention of causing a
- non-match of strings which visually appear the same and/or causing
- the string to appear elsewhere in a sort.
-
-5. IANA Considerations
-
- The i;unicode-casemap collation defined in section 2 has been added
- to the registry of collations defined in [COMPARATOR].
-
-6. Normative References
-
- [COMPARATOR] Newman, C., Duerst, M., and A. Gulbrandsen,
- "Internet Application Protocol Collation
- Registry", RFC 4790, February 2007.
-
- [STRINGPREP] Hoffman, P. and M. Blanchet, "Preparation of
- Internationalized Strings ("stringprep")", RFC
- 3454, December 2002.
-
- [UTF-8] Yergeau, F., "UTF-8, a transformation format of
- ISO 10646", STD 63, RFC 3629, November 2003.
-
- [UNICODE-DATA] <http://www.unicode.org/Public/UNIDATA/
- UnicodeData.txt>
-
- Although the UnicodeData.txt file referenced
- here is part of the Unicode standard, it is
- subject to change as new characters are added
- to Unicode and errors are corrected in Unicode
- revisions. As a result, it may be less stable
- than might otherwise be implied by the
- standards status of this specification.
-
- [UNICODE-SECURITY] Davis, M. and M. Suignard, "Unicode Security
- Considerations", February 2006,
- <http://www.unicode.org/reports/tr36/>.
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 5]
-
-RFC 5051 i;unicode-casemap October 2007
-
-
-7. Informative References
-
- [BASIC] Newman, C., Duerst, M., and A. Gulbrandsen,
- "i;basic - the Unicode Collation Algorithm",
- Work in Progress, March 2007.
-
- [IMAP-SORT] Crispin, M. and K. Murchison, "Internet Message
- Access Protocol - SORT and THREAD Extensions",
- Work in Progress, September 2007.
-
-Author's Address
-
- Mark R. Crispin
- Networks and Distributed Computing
- University of Washington
- 4545 15th Avenue NE
- Seattle, WA 98105-4527
-
- Phone: +1 (206) 543-5762
- EMail: MRC@CAC.Washington.EDU
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 6]
-
-RFC 5051 i;unicode-casemap October 2007
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2007).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Crispin Standards Track [Page 7]
-
diff --git a/imap/docs/rfc/rfc5092.txt b/imap/docs/rfc/rfc5092.txt
deleted file mode 100644
index ab87f350..00000000
--- a/imap/docs/rfc/rfc5092.txt
+++ /dev/null
@@ -1,1795 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov, Ed.
-Request for Comments: 5092 Isode Ltd.
-Obsoletes: 2192 C. Newman
-Updates: 4467 Sun Microsystems
-Category: Standards Track November 2007
-
-
- IMAP URL Scheme
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- IMAP (RFC 3501) is a rich protocol for accessing remote message
- stores. It provides an ideal mechanism for accessing public mailing
- list archives as well as private and shared message stores. This
- document defines a URL scheme for referencing objects on an IMAP
- server.
-
- This document obsoletes RFC 2192. It also updates RFC 4467.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 1]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-Table of Contents
-
- 1. Introduction ....................................................2
- 2. Conventions Used in This Document ...............................3
- 3. IMAP userinfo Component (iuserinfo) .............................4
- 3.1. IMAP Mailbox Naming Scope ..................................4
- 3.2. IMAP User Name and Authentication Mechanism ................4
- 3.3. Limitations of enc-user ....................................6
- 4. IMAP Server .....................................................7
- 5. Lists of Messages ...............................................7
- 6. A Specific Message or Message Part ..............................8
- 6.1. URLAUTH Authorized URL .....................................9
- 6.1.1. Concepts ............................................9
- 6.1.1.1. URLAUTH ....................................9
- 6.1.1.2. Mailbox Access Key .........................9
- 6.1.1.3. Authorized Access Identifier ...............9
- 6.1.1.4. Authorization Mechanism ...................10
- 6.1.1.5. Authorization Token .......................10
- 6.1.2. URLAUTH Extensions to IMAP URL .....................10
- 7. Relative IMAP URLs .............................................11
- 7.1. absolute-path References ..................................12
- 7.2. relative-path References ..................................12
- 8. Internationalization Considerations ............................13
- 9. Examples .......................................................13
- 9.1. Examples of Relative URLs .................................16
- 10. Security Considerations .......................................16
- 10.1. Security Considerations Specific to URLAUTH Authorized
- URL ......................................................17
- 11. ABNF for IMAP URL Scheme ......................................17
- 12. IANA Considerations ...........................................21
- 12.1. IANA Registration of imap: URI Scheme ....................21
- 13. References ....................................................22
- 13.1. Normative References .....................................22
- 13.2. Informative References ...................................23
- Appendix A. Sample Code............................................24
- Appendix B. List of Changes since RFC 2192.........................30
- Appendix C. List of Changes since RFC 4467.........................31
- Appendix D. Acknowledgments........................................31
-
-1. Introduction
-
- The IMAP URL scheme is used to designate IMAP servers, mailboxes,
- messages, MIME bodies [MIME], and search programs on Internet hosts
- accessible using the IMAP protocol over TCP.
-
- The IMAP URL follows the common Internet scheme syntax as defined in
- [URI-GEN]. If :<port> is omitted, the port defaults to 143 (as
- defined in Section 2.1 of [IMAP4]).
-
-
-
-Melnikov & Newman Standards Track [Page 2]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- An absolute IMAP URL takes one of the following forms:
-
- imap://<iserver>[/]
-
- imap://<iserver>/<enc-mailbox>[<uidvalidity>][?<enc-search>]
-
- imap://<iserver>/<enc-mailbox>[<uidvalidity>]<iuid>
- [<isection>][<ipartial>][<iurlauth>]
-
- The first form is used to refer to an IMAP server (see Section 4),
- the second form refers to the contents of a mailbox or a set of
- messages resulting from a search (see Section 5), and the final form
- refers to a specific message or message part, and possibly a byte
- range in that part (see Section 6). If [URLAUTH] extension is
- supported, then the final form can have the <iurlauth> component (see
- Section 6.1 for more details).
-
- The <iserver> component common to all types of absolute IMAP URLs has
- the following syntax expressed in ABNF [ABNF]:
-
- [iuserinfo "@"] host [ ":" port ]
-
- The <iserver> component is the same as "authority" defined in
- [URI-GEN]. The syntax and uses of the <iuserinfo> ("IMAP userinfo
- component") are described in detail in Section 3. The syntax of
- <host> and <port> is described in [URI-GEN].
-
-2. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in RFC 2119 [KEYWORDS].
-
- This document references many productions from [URI-GEN]. When the
- document needs to emphasize IMAP URI-specific differences from [URI-
- GEN] (i.e., for parts of IMAP URIs that have more restricted syntax
- than generic URIs), it uses a non-terminal i<foo> to define an IMAP-
- specific version of the non-terminal <foo> from [URI-GEN].
-
- Note that the ABNF syntax shown in Section 11 is normative. Sections
- 2-6 may use a less formal syntax that does not necessarily match the
- normative ABNF shown in Section 11. If there are any differences
- between the syntax shown in Sections 2-6 and Section 11, then the
- syntax shown in Section 11 must be treated as authoritative. Non-
- syntax requirements included in Sections 2-6 are, of course,
- normative.
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 3]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-3. IMAP userinfo Component (iuserinfo)
-
- The <iuserinfo> component conforms to the generic syntax of
- <userinfo> defined in [URI-GEN]. It has the following syntax
- expressed in ABNF [ABNF]:
-
- enc-user [iauth] / [enc-user] iauth
-
- The meaning of the different parts is described in subsections of
- this section.
-
-3.1. IMAP Mailbox Naming Scope
-
- The "enc-user" part of the "iuserinfo" component, if present, denotes
- mailbox naming scope. If it is absent, the IMAP URL can only
- reference mailboxes with globally unique names, i.e., mailboxes with
- names that don't change depending on the user the client
- authenticated as to the IMAP server. Note that not all IMAP
- implementations support globally unique names.
-
- For example, a personal mailbox described by the following URL
- <imap://michael@example.org/INBOX> is most likely different from a
- personal mailbox described by <imap://bester@example.org/INBOX>, even
- though both URLs use the same mailbox name.
-
-3.2. IMAP User Name and Authentication Mechanism
-
- The userinfo component (see [URI-GEN]) of an IMAP URI may contain an
- IMAP user name (a.k.a. authorization identity [SASL], "enc-user")
- and/or an authentication mechanism. (Note that the "enc-user" also
- defines a mailbox naming scope as described in Section 3.1). The
- IMAP user name and the authentication mechanism are used in the
- "LOGIN" or "AUTHENTICATE" commands after making the connection to the
- IMAP server.
-
- If no user name and no authentication mechanism are supplied, the
- client MUST authenticate as anonymous to the server. If the server
- advertises AUTH=ANONYMOUS IMAP capability, the client MUST use the
- AUTHENTICATE command with ANONYMOUS [ANONYMOUS] SASL mechanism. If
- SASL ANONYMOUS is not available, the (case-insensitive) user name
- "anonymous" is used with the "LOGIN" command and the Internet email
- address of the end user accessing the resource is supplied as the
- password. The latter option is given in order to provide for
- interoperability with deployed servers.
-
- Note that, as described in RFC 3501, the "LOGIN" command MUST NOT be
- used when the IMAP server advertises the LOGINDISABLED capability.
-
-
-
-
-Melnikov & Newman Standards Track [Page 4]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- An authentication mechanism (as used by the IMAP AUTHENTICATE
- command) can be expressed by adding ";AUTH=<enc-auth-type>" to the
- end of the user name in an IMAP URL. When such an <enc-auth-type> is
- indicated, the client SHOULD request appropriate credentials from
- that mechanism and use the "AUTHENTICATE" command instead of the
- "LOGIN" command. If no user name is specified, one MUST be obtained
- from the mechanism or requested from the user/configuration as
- appropriate.
-
- The string ";AUTH=*" indicates that the client SHOULD select an
- appropriate authentication mechanism. (Though the '*' character in
- this usage is not strictly a delimiter, it is being treated like a
- sub-delim [URI-GEN] in this instance. It MUST NOT be percent-encoded
- in this usage, as ";AUTH=%2A" will not match this production.) It
- MAY use any mechanism listed in the response to the CAPABILITY
- command (or CAPABILITY response code) or use an out-of-band security
- service resulting in a PREAUTH connection. If no user name is
- specified and no appropriate authentication mechanisms are available,
- the client SHOULD fall back to anonymous login as described above.
- The behavior prescribed in this section allows a URL that grants
- read-write access to authorized users and read-only anonymous access
- to other users.
-
- If a user name is included with no authentication mechanism, then
- ";AUTH=*" is assumed.
-
- Clients must take care when resolving a URL that requires or requests
- any sort of authentication, since URLs can easily come from untrusted
- sources. Supplying authentication credentials to the wrong server
- may compromise the security of the user's account; therefore, the
- program resolving the URL should meet at least one of the following
- criteria in this case:
-
- 1) The URL comes from a trusted source, such as a referral server
- that the client has validated and trusts according to site policy.
- Note that user entry of the URL may or may not count as a trusted
- source, depending on the experience level of the user and site
- policy.
-
- 2) Explicit local site policy permits the client to connect to the
- server in the URL. For example, a company example.com may have a
- site policy to trust all IMAP server names ending in example.com,
- whereas such a policy would be unwise for example.edu where random
- students can set up IMAP servers.
-
- 3) The user confirms that connecting to that domain name with the
- specified credentials and/or mechanism is permitted. For example,
- when using "LOGIN" or SASL PLAIN with Transport Layer Security
-
-
-
-Melnikov & Newman Standards Track [Page 5]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- (TLS), the IMAP URL client presents a dialog box "Is it OK to send
- your password to server "example.com"? Please be aware the owners
- of example.com will be able to reuse your password to connect to
- other servers on your behalf".
-
- 4) A mechanism is used that validates the server before passing
- potentially compromising client credentials. For example, a site
- has a designated TLS certificate used to certify site-trusted IMAP
- server certificates, and this has been configured explicitly into
- the IMAP URL client. Another example is use of a Simple
- Authentication and Security Layer (SASL) mechanism such as
- DIGEST-MD5 [DIGEST-MD5], which supports mutual authentication.
-
- 5) An authentication mechanism is used that will not reveal any
- information to the server that could be used to compromise future
- connections. Examples are SASL ANONYMOUS [ANONYMOUS] or GSSAPI
- [GSSAPI].
-
- URLs that do not include a user name but include an authentication
- mechanism (";AUTH=<mech>") must be treated with extra care, since for
- some <mech>s they are more likely to compromise the user's primary
- account. A URL containing ";AUTH=*" must also be treated with extra
- care since it might fall back on a weaker security mechanism.
- Finally, clients are discouraged from using a plaintext password as a
- fallback with ";AUTH=*" unless the connection has strong encryption.
-
- A program interpreting IMAP URLs MAY cache open connections to an
- IMAP server for later reuse. If a URL contains a user name, only
- connections authenticated as that user may be reused. If a URL does
- not contain a user name or authentication mechanism, then only an
- anonymous connection may be reused.
-
- Note that if unsafe or reserved characters such as " " (space) or ";"
- are present in the user name or authentication mechanism, they MUST
- be percent-encoded as described in [URI-GEN].
-
-3.3. Limitations of enc-user
-
- As per Sections 3.1 and 3.2 of this document, the IMAP URI enc-user
- has two purposes:
-
- 1) It provides context for user-specific mailbox paths such as
- "INBOX" (Section 3.1).
-
- 2) It specifies that resolution of the URL requires logging in as
- that user and limits use of that URL to only that user (Section
- 3.2).
-
-
-
-
-Melnikov & Newman Standards Track [Page 6]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- An obvious limitation of using the same field for both purposes is
- that the URL can be resolved only by the mailbox owner. In order to
- avoid this restriction, implementations should use globally unique
- mailbox names (see Section 3.1) whenever possible.
-
- Note: There is currently no general way in IMAP of learning a
- globally unique name for a mailbox. However, by looking at the
- NAMESPACE [NAMESPACE] command result, it is possible to determine
- whether or not a mailbox name is globally unique.
-
- The URLAUTH component overrides the second purpose of the enc-user in
- the IMAP URI and by default permits the URI to be resolved by any
- user permitted by the <access> identifier. URLAUTH and <access>
- identifier are described in Section 6.1.
-
-4. IMAP Server
-
- An IMAP URL referring to an IMAP server has the following form:
-
- imap://<iserver>[/]
-
- This URL type is frequently used to describe a location of an IMAP
- server, both in referrals and in configuration. It may optionally
- contain the <iuserinfo> component (see Sections 3 and 11). A program
- interpreting this URL would issue the standard set of commands it
- uses to present a view of the content of the IMAP server, as visible
- to the user described by the "enc-user" part of the <iuserinfo>
- component, if the "enc-user" part is specified.
-
-5. Lists of Messages
-
- An IMAP URL referring to a list of messages has the following form:
-
- imap://<iserver>/<enc-mailbox>[<uidvalidity>][?<enc-search>]
-
- The <enc-mailbox> field is used as the argument to the IMAP4 "SELECT"
- or "EXAMINE" command. Note that if unsafe or reserved characters
- such as " " (space), ";", or "?" are present in <enc-mailbox>, they
- MUST be percent-encoded as described in [URI-GEN].
-
- The <uidvalidity> field is optional. If it is present, it MUST be
- the same as the value of IMAP4 UIDVALIDITY response code at the time
- the URL was created. This MUST be used by the program interpreting
- the IMAP URL to determine if the URL is stale. If the IMAP URL is
- stale, then the program should behave as if the corresponding mailbox
- doesn't exist.
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 7]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- Note that the <uidvalidity> field is a modifier to the <enc-mailbox>,
- i.e., it is considered a part of the last "component" (as used in
- [URI-GEN]) of the <enc-mailbox>. This is significant during relative
- URI resolution.
-
- The "?<enc-search>" field is optional. If it is not present, the
- program interpreting the URL will present the entire content of the
- mailbox.
-
- If the "?<enc-search>" field is present, the program interpreting the
- URL should use the contents of this field as arguments following an
- IMAP4 SEARCH command. These arguments are likely to contain unsafe
- characters such as " " (space) (which are likely to be present in the
- <enc-search>). If unsafe characters are present, they MUST be
- percent-encoded as described in [URI-GEN].
-
- Note that quoted strings and non-synchronizing literals [LITERAL+]
- are allowed in the <enc-search> content; however, synchronizing
- literals are not allowed, as their presence would effectively mean
- that the agent interpreting IMAP URLs needs to parse an <enc-search>
- content, find all synchronizing literals, and perform proper command
- continuation request handling (see Sections 4.3 and 7 of [IMAP4]).
-
-6. A Specific Message or Message Part
-
- An IMAP URL referring to a specific message or message part has the
- following form:
-
- imap://<iserver>/<enc-mailbox>[<uidvalidity>]<iuid>
- [<isection>][<ipartial>][<iurlauth>]
-
- The <enc-mailbox> and [uidvalidity] are as defined in Section 5
- above.
-
- If <uidvalidity> is present in this form, it SHOULD be used by the
- program interpreting the URL to determine if the URL is stale.
-
- The <iuid> refers to an IMAP4 message Unique Identifier (UID), and it
- SHOULD be used as the <set> argument to the IMAP4 "UID FETCH"
- command.
-
- The <isection> field is optional. If not present, the URL refers to
- the entire Internet message as returned by the IMAP command "UID
- FETCH <uid> BODY.PEEK[]". If present, the URL refers to the object
- returned by a "UID FETCH <uid> BODY.PEEK[<section>]" command. The
- type of the object may be determined by using a "UID FETCH <uid>
- BODYSTRUCTURE" command and locating the appropriate part in the
-
-
-
-
-Melnikov & Newman Standards Track [Page 8]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- resulting BODYSTRUCTURE. Note that unsafe characters in [isection]
- MUST be percent-encoded as described in [URI-GEN].
-
- The <ipartial> field is optional. If present, it effectively appends
- "<<partial-range>>" to the end of the UID FETCH BODY.PEEK[<section>]
- command constructed as described in the previous paragraph. In other
- words, it allows the client to request a byte range of the
- message/message part.
-
- The <iurlauth> field is described in detail in Section 6.1.
-
-6.1. URLAUTH Authorized URL
-
- URLAUTH authorized URLs are only supported by an IMAP server
- advertising the URLAUTH IMAP capability [URLAUTH].
-
-6.1.1. Concepts
-
-6.1.1.1. URLAUTH
-
- URLAUTH is a component, appended at the end of a URL, that conveys
- authorization to access the data addressed by that URL. It contains
- an authorized access identifier, an authorization mechanism name, and
- an authorization token. The authorization token is generated from
- the URL, the authorized access identifier, authorization mechanism
- name, and a mailbox access key.
-
- Note: This specification only allows for the URLAUTH component in
- IMAP URLs describing a message or its part.
-
-6.1.1.2. Mailbox Access Key
-
- The mailbox access key is an unpredictable, random string. To ensure
- unpredictability, the random string with at least 128 bits of entropy
- is generated by software or hardware (not by the human user).
-
- Each user has a table of mailboxes and an associated mailbox access
- key for each mailbox. Consequently, the mailbox access key is per-
- user and per-mailbox. In other words, two users sharing the same
- mailbox each have a different mailbox access key for that mailbox,
- and each mailbox accessed by a single user also has a different
- mailbox access key.
-
-6.1.1.3. Authorized Access Identifier
-
- The authorized <access> identifier restricts use of the URLAUTH
- authorized URL to certain users authorized on the server, as
- described in Section 6.1.2.
-
-
-
-Melnikov & Newman Standards Track [Page 9]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-6.1.1.4. Authorization Mechanism
-
- The authorization mechanism is the algorithm by which the URLAUTH is
- generated and subsequently verified, using the mailbox access key.
-
-6.1.1.5. Authorization Token
-
- The authorization token is a deterministic string of at least 128
- bits that an entity with knowledge of the secret mailbox access key
- and URL authorization mechanism can use to verify the URL.
-
-6.1.2. URLAUTH Extensions to IMAP URL
-
- A specific message or message part IMAP URL can optionally contain
- ";EXPIRE=<datetime>" and/or ";URLAUTH=<access>:<mech>:<token>".
-
- When ";EXPIRE=<datetime>" is used, this indicates the latest date and
- time that the URL is valid. After that date and time, the URL has
- expired and server implementations MUST reject the URL. If
- ";EXPIRE=<datetime>" is not used, the URL has no expiration, but can
- still be revoked using the RESETKEY command [URLAUTH].
-
- The URLAUTH takes the form ";URLAUTH=<access>:<mech>:<token>", and it
- MUST be at the end of the URL. It is composed of three parts. The
- <access> portion provides the authorized access identifiers that may
- constrain the operations and users that are permitted to use this
- URL. The <mech> portion provides the authorization mechanism used by
- the IMAP server to generate the authorization token that follows.
- The <token> portion provides the authorization token, which can be
- generated using the GENURLAUTH command [URLAUTH].
-
- The "submit+" <access> identifier prefix, followed by a userid,
- indicates that only a userid authorized as a message submission
- entity on behalf of the specified userid is permitted to use this
- URL. The IMAP server does not validate the specified userid but does
- validate that the IMAP session has an authorization identity that is
- authorized as a message submission entity. The authorized message
- submission entity MUST validate the userid prior to contacting the
- IMAP server.
-
- The "user+" <access> identifier prefix, followed by a userid,
- indicates that use of this URL is limited to IMAP sessions that are
- logged in as the specified userid (that is, have authorization
- identity as that userid).
-
- Note: If a SASL mechanism that provides both authorization and
- authentication identifiers is used to authenticate to the IMAP
- server, the "user+" <access> identifier MUST match the
-
-
-
-Melnikov & Newman Standards Track [Page 10]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- authorization identifier. If the SASL mechanism can't transport
- the authorization identifier, the "user+" <access> identifier MUST
- match the authorization identifier derived from the authentication
- identifier (see [SASL]).
-
- The "authuser" <access> identifier indicates that use of this URL is
- limited to authenticated IMAP sessions that are logged in as any
- non-anonymous user (that is, have authorization identity as a non-
- anonymous user) of that IMAP server. To restate this: use of this
- type of URL is prohibited to anonymous IMAP sessions, i.e., any
- URLFETCH command containing this type of URL issued in an anonymous
- session MUST return NIL in the URLFETCH response.
-
- The "anonymous" <access> identifier indicates that use of this URL is
- not restricted by session authorization identity; that is, any IMAP
- session in authenticated or selected state (as defined in [IMAP4]),
- including anonymous sessions, may issue a URLFETCH [URLAUTH] using
- this URL.
-
- The authorization token is represented as an ASCII-encoded
- hexadecimal string, which is used to authorize the URL. The length
- and the calculation of the authorization token depend upon the
- mechanism used, but in all cases, the authorization token is at least
- 128 bits (and therefore at least 32 hexadecimal digits).
-
- Example:
-
- <imap://joe@example.com/INBOX/;uid=20/;section=1.2;urlauth=
- submit+fred:internal:91354a473744909de610943775f92038>
-
-7. Relative IMAP URLs
-
- Relative IMAP URLs are permitted and are resolved according to the
- rules defined in [URI-GEN]. In particular, in IMAP URLs parameters
- (such as ";uid=" or ";section=") are treated as part of the normal
- path with respect to relative URL resolution.
-
- [URI-GEN] defines four forms of relative URLs: <inetwork-path>,
- <iabsolute-path>, <irelative-path>, and <ipath-empty>. Their syntax
- is defined in Section 11.
-
- A relative reference that begins with two slash characters is termed
- a network-path reference (<inetwork-path>); such references are
- rarely used, because in most cases they can be replaced with an
- equivalent absolute URL. A relative reference that begins with a
- single slash character is termed an absolute-path reference
- (<iabsolute-path>; see also Section 7.1). A relative reference that
- does not begin with a slash character is termed a relative-path
-
-
-
-Melnikov & Newman Standards Track [Page 11]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- reference (<irelative-path>; see also Section 7.2). The final form
- is <ipath-empty>, which is "same-document reference" (see Section 4.4
- of [URI-GEN]).
-
- The following observations about relative URLs are important:
-
- The <iauth> grammar element (which is a part of <iuserinfo>, which
- is, in turn, a part of <iserver>; see Section 3) is considered part
- of the user name for purposes of resolving relative IMAP URLs. This
- means that unless a new user name/server specification is included in
- the relative URL, the authentication mechanism is inherited from the
- base IMAP URL.
-
- URLs always use "/" as the hierarchy delimiter for the purpose of
- resolving paths in relative URLs. IMAP4 permits the use of any
- hierarchy delimiter in mailbox names. For this reason, relative
- mailbox paths will only work if the mailbox uses "/" as the hierarchy
- delimiter. Relative URLs may be used on mailboxes that use other
- delimiters, but in that case, the entire mailbox name MUST be
- specified in the relative URL or inherited as a whole from the base
- URL.
-
- If an IMAP server allows for mailbox names starting with "./" or
- "../", ending with "/." or "/..", or containing sequences "/../" or
- "/./", then such mailbox names MUST be percent-encoded as described
- in [URI-GEN]. Otherwise, they would be misinterpreted as dot-
- segments (see Section 3.3 of [URI-GEN]), which are processed
- specially during the relative path resolution process.
-
-7.1. absolute-path References
-
- A relative reference that begins with a single slash character is
- termed an absolute-path reference (see Section 4.2 of [URI-GEN]). If
- an IMAP server permits mailbox names with a leading "/", then the
- leading "/" MUST be percent-encoded as described in [URI-GEN].
- Otherwise, the produced absolute-path reference URI will be
- misinterpreted as a network-path reference [URI-GEN] described by the
- <inetwork-path> non-terminal.
-
-7.2. relative-path References
-
- A relative reference that does not begin with a slash character is
- termed a relative-path reference [URI-GEN]. Implementations MUST NOT
- generate or accept relative-path IMAP references.
-
- See also Section 4.2 of [URI-GEN] for restrictions on relative-path
- references.
-
-
-
-
-Melnikov & Newman Standards Track [Page 12]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-8. Internationalization Considerations
-
- IMAP4, Section 5.1.3 [IMAP4] includes a convention for encoding non-
- US-ASCII characters in IMAP mailbox names. Because this convention
- is private to IMAP, it is necessary to convert IMAP's encoding to one
- that can be more easily interpreted by a URL display program. For
- this reason, IMAP's modified UTF-7 encoding for mailboxes MUST be
- converted to UTF-8 [UTF-8]. Since 8-bit octets are not permitted in
- URLs, the UTF-8 octets are percent-encoded as required by the URL
- specification [URI-GEN], Section 2.1. Sample code is included in
- Appendix A to demonstrate this conversion.
-
- IMAP user names are UTF-8 strings and MUST be percent-encoded as
- required by the URL specification [URI-GEN], Section 2.1.
-
- Also note that IMAP SEARCH criteria can contain non-US-ASCII
- characters. 8-bit octets in those strings MUST be percent-encoded as
- required by the URL specification [URI-GEN], Section 2.1.
-
-9. Examples
-
- The following examples demonstrate how an IMAP4 client program might
- translate various IMAP4 URLs into a series of IMAP4 commands.
- Commands sent from the client to the server are prefixed with "C:",
- and responses sent from the server to the client are prefixed with
- "S:".
-
- The URL:
-
- <imap://minbari.example.org/gray-council;UIDVALIDITY=385759045/;
- UID=20/;PARTIAL=0.1024>
-
- may result in the following client commands and server responses:
-
- <connect to minbari.example.org, port 143>
- S: * OK [CAPABILITY IMAP4rev1 STARTTLS AUTH=ANONYMOUS] Welcome
- C: A001 AUTHENTICATE ANONYMOUS
- S: +
- C: c2hlcmlkYW5AYmFieWxvbjUuZXhhbXBsZS5vcmc=
- S: A001 OK Welcome sheridan@babylon5.example.org
- C: A002 SELECT gray-council
- <client verifies the UIDVALIDITY matches>
- C: A003 UID FETCH 20 BODY.PEEK[]<0.1024>
-
- The URL:
-
- <imap://psicorp.example.org/~peter/%E6%97%A5%E6%9C%AC%E8%AA%9E/
- %E5%8F%B0%E5%8C%97>
-
-
-
-Melnikov & Newman Standards Track [Page 13]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- may result in the following client commands:
-
- <connect to psicorp.example.org, port 143>
- S: * OK [CAPABILITY IMAP4rev1 STARTTLS AUTH=CRAM-MD5] Welcome
- C: A001 LOGIN ANONYMOUS bester@psycop.psicorp.example.org
- C: A002 SELECT ~peter/&ZeVnLIqe-/&U,BTFw-
- <commands the client uses for viewing the contents of
- the mailbox>
-
- The URL:
-
- <imap://;AUTH=GSSAPI@minbari.example.org/gray-council/;uid=20/
- ;section=1.2>
-
- may result in the following client commands:
-
- <connect to minbari.example.org, port 143>
- S: * OK Greetings
- C: A000 CAPABILITY
- S: * CAPABILITY IMAP4rev1 STARTTLS AUTH=GSSAPI
- S: A000 OK
- C: A001 AUTHENTICATE GSSAPI
- <authentication exchange>
- C: A002 SELECT gray-council
- C: A003 UID FETCH 20 BODY.PEEK[1.2]
-
- If the following relative URL is located in that body part:
-
- <;section=1.4>
-
- this could result in the following client commands:
-
- C: A004 UID FETCH 20 (BODY.PEEK[1.2.MIME]
- BODY.PEEK[1.MIME]
- BODY.PEEK[HEADER.FIELDS (Content-Location)])
- <Client looks for Content-Location headers in
- result. If no such headers, then it does the following>
- C: A005 UID FETCH 20 BODY.PEEK[1.4]
-
- The URL:
-
- <imap://;AUTH=*@minbari.example.org/gray%20council?
- SUBJECT%20shadows>
-
-
-
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 14]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- could result in the following:
-
- <connect to minbari.example.org, port 143>
- S: * OK Welcome
- C: A001 CAPABILITY
- S: * CAPABILITY IMAP4rev1 AUTH=DIGEST-MD5
- S: A001 OK
- C: A002 AUTHENTICATE DIGEST-MD5
- <authentication exchange>
- S: A002 OK user lennier authenticated
- C: A003 SELECT "gray council"
- ...
- C: A004 SEARCH SUBJECT shadows
- S: * SEARCH 8 10 13 14 15 16
- S: A004 OK SEARCH completed
- C: A005 FETCH 8,10,13:16 ALL
- ...
-
- In the example above, the client has implementation-dependent
- choices. The authentication mechanism could be anything, including
- PREAUTH. The final FETCH command could fetch more or less
- information about the messages, depending on what it wishes to
- display to the user.
-
- The URL:
-
- <imap://john;AUTH=*@minbari.example.org/babylon5/personel?
- charset%20UTF-8%20SUBJECT%20%7B14+%7D%0D%0A%D0%98%D0%B2%
- D0%B0%D0%BD%D0%BE%D0%B2%D0%B0>
-
- shows that 8-bit data can be sent using non-synchronizing literals
- [LITERAL+]. This could result in the following:
-
- <connect to minbari.example.org, port 143>
- S: * OK Hi there
- C: A001 CAPABILITY
- S: * CAPABILITY IMAP4rev1 LITERAL+ AUTH=DIGEST-MD5
- S: A001 OK
- C: A002 AUTHENTICATE DIGEST-MD5
- <authentication exchange>
- S: A002 OK user john authenticated
- C: A003 SELECT babylon5/personel
- ...
- C: A004 SEARCH CHARSET UTF-8 SUBJECT {14+}
- C: XXXXXXXXXXXXXX
- S: * SEARCH 7 10 12
- S: A004 OK SEARCH completed
- C: A005 FETCH 7,10,12 ALL
-
-
-
-Melnikov & Newman Standards Track [Page 15]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- ...
-
- where XXXXXXXXXXXXXX is 14 bytes of UTF-8 encoded data as specified
- in the URL above.
-
-9.1. Examples of Relative URLs
-
- The following absolute-path reference
-
- </foo/;UID=20/..>
-
- is the same as
-
- </foo>
-
- That is, both of them reference the mailbox "foo" located on the IMAP
- server described by the corresponding Base URI.
-
- The following relative-path reference
-
- <;UID=20>
-
- references a message with UID in the mailbox specified by the Base
- URI.
-
- The following edge case example demonstrates that the ;UIDVALIDITY=
- modifier is a part of the mailbox name as far as relative URI
- resolution is concerned:
-
- <..;UIDVALIDITY=385759045/;UID=20>
-
- In this example, ".." is not a dot-segment [URI-GEN].
-
-10. Security Considerations
-
- Security considerations discussed in the IMAP specification [IMAP4]
- and the URI specification [URI-GEN] are relevant. Security
- considerations related to authenticated URLs are discussed in Section
- 3.2 of this document.
-
- Many email clients store the plaintext password for later use after
- logging into an IMAP server. Such clients MUST NOT use a stored
- password in response to an IMAP URL without explicit permission from
- the user to supply that password to the specified host name.
-
- Clients resolving IMAP URLs that wish to achieve data confidentiality
- and/or integrity SHOULD use the STARTTLS command (if supported by the
-
-
-
-
-Melnikov & Newman Standards Track [Page 16]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- server) before starting authentication, or use a SASL mechanism, such
- as GSSAPI, that provides a confidentiality security layer.
-
-10.1. Security Consideration Specific to URLAUTH Authorized URL
-
- The "user+<userid>" <access> identifier limits resolution of that URL
- to a particular userid, whereas the "submit+<userid>" <access>
- identifier is more general and simply requires that the session be
- authorized by a user that has been granted a "submit" role within the
- authentication system. Use of either of these mechanisms limits the
- scope of the URL. An attacker who cannot authenticate using the
- appropriate credentials cannot make use of the URL.
-
- The "authuser" and "anonymous" <access> identifiers do not have this
- level of protection. These access identifiers are primarily useful
- for public export of data from an IMAP server, without requiring that
- it be copied to a web or anonymous FTP server.
-
- The decision to use the "authuser" <access> identifier should be made
- with caution. An "authuser" <access> identifier can be used by any
- authorized user of the IMAP server; therefore, use of this access
- identifier should be limited to content that may be disclosed to any
- authorized user of the IMAP server.
-
- The decision to use the "anonymous" <access> identifier should be
- made with extreme caution. An "anonymous" <access> identifier can be
- used by anyone; therefore, use of this access identifier should be
- limited to content that may be disclosed to anyone.
-
-11. ABNF for IMAP URL Scheme
-
- Formal syntax is defined using ABNF [ABNF], extending the ABNF rules
- in Section 9 of [IMAP4]. Elements not defined here can be found in
- [ABNF], [IMAP4], [IMAPABNF], or [URI-GEN]. Strings are not case
- sensitive, and free insertion of linear white space is not permitted.
-
- sub-delims-sh = "!" / "$" / "'" / "(" / ")" /
- "*" / "+" / ","
- ;; Same as [URI-GEN] sub-delims,
- ;; but without ";", "&" and "=".
-
- uchar = unreserved / sub-delims-sh / pct-encoded
-
- achar = uchar / "&" / "="
- ;; Same as [URI-GEN] 'unreserved / sub-delims /
- ;; pct-encoded', but ";" is disallowed.
-
- bchar = achar / ":" / "@" / "/"
-
-
-
-Melnikov & Newman Standards Track [Page 17]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- enc-auth-type = 1*achar
- ; %-encoded version of [IMAP4] "auth-type"
-
- enc-mailbox = 1*bchar
- ; %-encoded version of [IMAP4] "mailbox"
-
- enc-search = 1*bchar
- ; %-encoded version of [IMAPABNF]
- ; "search-program". Note that IMAP4
- ; literals may not be used in
- ; a "search-program", i.e., only
- ; quoted or non-synchronizing
- ; literals (if the server supports
- ; LITERAL+ [LITERAL+]) are allowed.
-
- enc-section = 1*bchar
- ; %-encoded version of [IMAP4] "section-spec"
-
- enc-user = 1*achar
- ; %-encoded version of [IMAP4] authorization
- ; identity or "userid".
-
- imapurl = "imap://" iserver ipath-query
- ; Defines an absolute IMAP URL
-
- ipath-query = ["/" [ icommand ]]
- ; Corresponds to "path-abempty [ "?" query ]"
- ; in [URI-GEN]
-
- Generic syntax for relative URLs is defined in Section 4.2 of
- [URI-GEN]. For ease of implementation, the relative IMAP URL syntax
- is defined below:
-
- imapurl-rel = inetwork-path
-
- / iabsolute-path
- / irelative-path
- / ipath-empty
-
- inetwork-path = "//" iserver ipath-query
- ; Corresponds to '"//" authority path-abempty
- ; [ "?" query ]' in [URI-GEN]
-
- iabsolute-path = "/" [ icommand ]
- ; icommand, if present, MUST NOT start with '/'.
- ;
- ; Corresponds to 'path-absolute [ "?" query ]'
- ; in [URI-GEN]
-
-
-
-Melnikov & Newman Standards Track [Page 18]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- irelative-path = imessagelist /
- imsg-or-part
- ; Corresponds to 'path-noscheme [ "?" query ]'
- ; in [URI-GEN]
-
- imsg-or-part = ( imailbox-ref "/" iuid-only ["/" isection-only]
- ["/" ipartial-only] ) /
- ( iuid-only ["/" isection-only]
- ["/" ipartial-only] ) /
- ( isection-only ["/" ipartial-only] ) /
- ipartial-only
-
- ipath-empty = 0<pchar>
- ; Zero characters.
- ; The same-document reference.
-
- The following three rules are only used in the presence of the IMAP
- [URLAUTH] extension:
-
- authimapurl = "imap://" iserver "/" imessagepart
- ; Same as "imapurl" when "[icommand]" is
- ; "imessagepart"
-
- authimapurlfull = authimapurl iurlauth
- ; Same as "imapurl" when "[icommand]" is
- ; "imessagepart iurlauth"
-
- authimapurlrump = authimapurl iurlauth-rump
-
-
- enc-urlauth = 32*HEXDIG
-
- iurlauth = iurlauth-rump iua-verifier
-
- iua-verifier = ":" uauth-mechanism ":" enc-urlauth
-
- iurlauth-rump = [expire] ";URLAUTH=" access
-
- access = ("submit+" enc-user) / ("user+" enc-user) /
- "authuser" / "anonymous"
-
- expire = ";EXPIRE=" date-time
- ; date-time is defined in [DATETIME]
-
- uauth-mechanism = "INTERNAL" / 1*(ALPHA / DIGIT / "-" / ".")
- ; Case-insensitive.
- ; New mechanisms MUST be registered with IANA.
-
-
-
-
-Melnikov & Newman Standards Track [Page 19]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- iauth = ";AUTH=" ( "*" / enc-auth-type )
-
- icommand = imessagelist /
- imessagepart [iurlauth]
-
- imailbox-ref = enc-mailbox [uidvalidity]
-
- imessagelist = imailbox-ref [ "?" enc-search ]
- ; "enc-search" is [URI-GEN] "query".
-
- imessagepart = imailbox-ref iuid [isection] [ipartial]
-
- ipartial = "/" ipartial-only
-
- ipartial-only = ";PARTIAL=" partial-range
-
- isection = "/" isection-only
-
- isection-only = ";SECTION=" enc-section
-
- iserver = [iuserinfo "@"] host [ ":" port ]
- ; This is the same as "authority" defined
- ; in [URI-GEN]. See [URI-GEN] for "host"
- ; and "port" definitions.
-
- iuid = "/" iuid-only
-
- iuid-only = ";UID=" nz-number
- ; See [IMAP4] for "nz-number" definition
-
- iuserinfo = enc-user [iauth] / [enc-user] iauth
- ; conforms to the generic syntax of
- ; "userinfo" as defined in [URI-GEN].
-
- partial-range = number ["." nz-number]
- ; partial FETCH. The first number is
- ; the offset of the first byte,
- ; the second number is the length of
- ; the fragment.
-
- uidvalidity = ";UIDVALIDITY=" nz-number
- ; See [IMAP4] for "nz-number" definition
-
-
-
-
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 20]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-12. IANA Considerations
-
- IANA has updated the "imap" definition in the "Uniform Resource
- Identifier scheme registry" to point to this document.
-
- The registration template (as per [URI-REG]) is specified in Section
- 12.1 of this document.
-
-12.1. IANA Registration of imap: URI Scheme
-
- This section provides the information required to register the imap:
- URI scheme.
-
- URI scheme name: imap
-
- Status: permanent
-
- URI scheme syntax:
-
- See Section 11 of [RFC5092].
-
- URI scheme semantics:
-
- The imap: URI scheme is used to designate IMAP servers, mailboxes,
- messages, MIME bodies [MIME] and their parts, and search programs
- on Internet hosts accessible using the IMAP protocol.
-
- There is no MIME type associated with this URI.
-
- Encoding considerations:
-
- See Section 8 of [RFC5092].
-
- Applications/protocols that use this URI scheme name:
-
- The imap: URI is intended to be used by applications that might
- need access to an IMAP mailstore. Such applications may include
- (but are not limited to) IMAP-capable web browsers; IMAP clients
- that wish to access a mailbox, message, or edit a message on the
- server using [CATENATE]; [SUBMIT] clients and servers that are
- requested to assemble a complete message on submission using
- [BURL].
-
- Interoperability considerations:
-
- A widely deployed IMAP client Netscape Mail (and possibly
- Mozilla/Thunderbird/Seamonkey) uses a different imap: scheme
- internally.
-
-
-
-Melnikov & Newman Standards Track [Page 21]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- Security considerations:
-
- See Security Considerations (Section 10) of [RFC5092].
-
- Contact:
-
- Alexey Melnikov <alexey.melnikov@isode.com>
-
- Author/Change controller:
-
- IESG
-
- References:
-
- [RFC5092] and [IMAP4].
-
-13. References
-
-13.1. Normative References
-
- [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [IMAP4] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [IMAPABNF] Melnikov, A. and C. Daboo, "Collected Extensions to
- IMAP4 ABNF", RFC 4466, April 2006.
-
- [ABNF] Crocker, D., Ed., and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 4234, October 2005.
-
- [MIME] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
- Extensions (MIME) Part One: Format of Internet Message
- Bodies", RFC 2045, November 1996.
-
- [URI-GEN] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
- Resource Identifier (URI): Generic Syntax", STD 66, RFC
- 3986, January 2005.
-
- [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
- 10646", STD 63, RFC 3629, November 2003.
-
- [NAMESPACE] Gahrns, M. and C. Newman, "IMAP4 Namespace", RFC 2342,
- May 1998.
-
- [LITERAL+] Myers, J., "IMAP4 non-synchronizing literals", RFC 2088,
- January 1997.
-
-
-
-Melnikov & Newman Standards Track [Page 22]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- [ANONYMOUS] Zeilenga, K., "Anonymous Simple Authentication and
- Security Layer (SASL) Mechanism", RFC 4505, June 2006.
-
- [DATETIME] Klyne, G. and C. Newman, "Date and Time on the Internet:
- Timestamps", RFC 3339, July 2002.
-
- [URLAUTH] Crispin, M., "Internet Message Access Protocol (IMAP) -
- URLAUTH Extension", RFC 4467, May 2006.
-
-13.2. Informative References
-
- [SUBMIT] Gellens, R. and J. Klensin, "Message Submission for
- Mail", RFC 4409, April 2006.
-
- [BURL] Newman, C., "Message Submission BURL Extension", RFC
- 4468, May 2006.
-
- [CATENATE] Resnick, P., "Internet Message Access Protocol (IMAP)
- CATENATE Extension", RFC 4469, April 2006.
-
- [SASL] Melnikov, A., Ed., and K. Zeilenga, Ed., "Simple
- Authentication and Security Layer (SASL)", RFC 4422,
- June 2006.
-
- [GSSAPI] Melnikov, A., Ed., "The Kerberos V5 ("GSSAPI") Simple
- Authentication and Security Layer (SASL) Mechanism", RFC
- 4752, November 2006.
-
- [DIGEST-MD5] Leach, P. and C. Newman, "Using Digest Authentication as
- a SASL Mechanism", RFC 2831, May 2000.
-
- [URI-REG] Hansen, T., Hardie, T., and L. Masinter, "Guidelines and
- Registration Procedures for New URI Schemes", BCP 115,
- RFC 4395, February 2006.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 23]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-Appendix A. Sample Code
-
- Here is sample C source code to convert between URL paths and IMAP
- mailbox names, taking into account mapping between IMAP's modified
- UTF-7 [IMAP4] and hex-encoded UTF-8, which is more appropriate for
- URLs. This code has not been rigorously tested nor does it
- necessarily behave reasonably with invalid input, but it should serve
- as a useful example. This code just converts the mailbox portion of
- the URL and does not deal with parameters, query, or server
- components of the URL.
-
-/* Copyright (C) The IETF Trust (2007). This version of
- sample C code is part of RFC XXXX; see the RFC itself
- for full legal notices.
-
- Regarding this sample C code (or any portion of it), the authors
- make no guarantees and are not responsible for any damage
- resulting from its use. The authors grant irrevocable permission
- to anyone to use, modify, and distribute it in any way that does
- not diminish the rights of anyone else to use, modify, and
- distribute it, provided that redistributed derivative works do
- not contain misleading author or version information.
-
- Derivative works need not be licensed under similar terms.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-/* hexadecimal lookup table */
-static const char hex[] = "0123456789ABCDEF";
-
-#define XX 127
-/*
- * Table for decoding hexadecimal in %encoding
- */
-static const char index_hex[256] = {
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,XX,XX, XX,XX,XX,XX,
- XX,10,11,12, 13,14,15,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,10,11,12, 13,14,15,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
-
-
-
-Melnikov & Newman Standards Track [Page 24]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
- XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX, XX,XX,XX,XX,
-};
-#define HEXCHAR(c) (index_hex[(unsigned char)(c)])
-
-/* "gen-delims" excluding "/" but including "%" */
-#define GENERAL_DELIMS_NO_SLASH ":?#[]@" "%"
-
-/* "gen-delims" (excluding "/", but including "%")
- plus subset of "sub-delims" */
-#define GENERAL_UNSAFE_NO_SLASH GENERAL_DELIMS_NO_SLASH ";&=+"
-#define OTHER_UNSAFE " \"<>\\^`{|}"
-
-/* URL unsafe printable characters */
-static const char mailbox_url_unsafe[] = GENERAL_UNSAFE_NO_SLASH
- OTHER_UNSAFE;
-
-/* UTF7 modified base64 alphabet */
-static const char base64chars[] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+,";
-
-#define UNDEFINED 64
-
-/* UTF16 definitions */
-#define UTF16MASK 0x03FFUL
-#define UTF16SHIFT 10
-#define UTF16BASE 0x10000UL
-#define UTF16HIGHSTART 0xD800UL
-#define UTF16HIGHEND 0xDBFFUL
-#define UTF16LOSTART 0xDC00UL
-#define UTF16LOEND 0xDFFFUL
-
-/* Convert an IMAP mailbox to a URL path
- * dst needs to have roughly 4 times the storage space of src
- * Hex encoding can triple the size of the input
- * UTF-7 can be slightly denser than UTF-8
- * (worst case: 8 octets UTF-7 becomes 9 octets UTF-8)
- */
-void MailboxToURL(char *dst, char *src)
-{
- unsigned char c, i, bitcount;
- unsigned long ucs4, utf16, bitbuf;
- unsigned char base64[256], utf8[6];
-
- /* initialize modified base64 decoding table */
-
-
-
-Melnikov & Newman Standards Track [Page 25]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- memset(base64, UNDEFINED, sizeof (base64));
- for (i = 0; i < sizeof (base64chars); ++i) {
- base64[(int) base64chars[i]] = i;
- }
-
- /* loop until end of string */
- while (*src != '\0') {
- c = *src++;
- /* deal with literal characters and &- */
- if (c != '&' || *src == '-') {
- /* NB: There are no "URL safe" characters after the '~' */
- if (c < ' ' || c > '~' ||
- strchr(mailbox_url_unsafe, c) != NULL) {
- /* hex encode if necessary */
- dst[0] = '%';
- dst[1] = hex[c >> 4];
- dst[2] = hex[c & 0x0f];
- dst += 3;
- } else {
- /* encode literally */
- *dst++ = c;
- }
- /* skip over the '-' if this is an &- sequence */
- if (c == '&') ++src;
-
- } else {
- /* convert modified UTF-7 -> UTF-16 -> UCS-4 -> UTF-8 -> HEX */
- bitbuf = 0;
- bitcount = 0;
- ucs4 = 0;
- while ((c = base64[(unsigned char) *src]) != UNDEFINED) {
- ++src;
- bitbuf = (bitbuf << 6) | c;
- bitcount += 6;
- /* enough bits for a UTF-16 character? */
- if (bitcount >= 16) {
- bitcount -= 16;
- utf16 = (bitcount ? bitbuf >> bitcount
- : bitbuf) & 0xffff;
- /* convert UTF16 to UCS4 */
- if
- (utf16 >= UTF16HIGHSTART && utf16 <= UTF16HIGHEND) {
- ucs4 = (utf16 - UTF16HIGHSTART) << UTF16SHIFT;
- continue;
- } else if
- (utf16 >= UTF16LOSTART && utf16 <= UTF16LOEND) {
- ucs4 += utf16 - UTF16LOSTART + UTF16BASE;
- } else {
-
-
-
-Melnikov & Newman Standards Track [Page 26]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- ucs4 = utf16;
- }
- /* convert UTF-16 range of UCS4 to UTF-8 */
- if (ucs4 <= 0x7fUL) {
- utf8[0] = (unsigned char) ucs4;
- i = 1;
- } else if (ucs4 <= 0x7ffUL) {
- utf8[0] = 0xc0 | (unsigned char) (ucs4 >> 6);
- utf8[1] = 0x80 | (unsigned char) (ucs4 & 0x3f);
- i = 2;
- } else if (ucs4 <= 0xffffUL) {
- utf8[0] = 0xe0 | (unsigned char) (ucs4 >> 12);
- utf8[1] = 0x80 | (unsigned char) ((ucs4 >> 6) & 0x3f);
- utf8[2] = 0x80 | (unsigned char) (ucs4 & 0x3f);
- i = 3;
- } else {
- utf8[0] = 0xf0 | (unsigned char) (ucs4 >> 18);
- utf8[1] = 0x80 | (unsigned char) ((ucs4 >> 12) & 0x3f);
- utf8[2] = 0x80 | (unsigned char) ((ucs4 >> 6) & 0x3f);
- utf8[3] = 0x80 | (unsigned char) (ucs4 & 0x3f);
- i = 4;
- }
- /* convert utf8 to hex */
- for (c = 0; c < i; ++c) {
- dst[0] = '%';
- dst[1] = hex[utf8[c] >> 4];
- dst[2] = hex[utf8[c] & 0x0f];
- dst += 3;
- }
- }
- }
- /* skip over trailing '-' in modified UTF-7 encoding */
- if (*src == '-') ++src;
- }
- }
- /* terminate destination string */
- *dst = '\0';
-}
-
-/* Convert hex coded UTF-8 URL path to modified UTF-7 IMAP mailbox
- * dst should be about twice the length of src to deal with non-hex
- * coded URLs
- */
-int URLtoMailbox(char *dst, char *src)
-{
- unsigned int utf8pos = 0;
- unsigned int utf8total, i, c, utf7mode, bitstogo, utf16flag;
- unsigned long ucs4 = 0, bitbuf = 0;
-
-
-
-Melnikov & Newman Standards Track [Page 27]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- utf7mode = 0; /* is the output UTF7 currently in base64 mode? */
- utf8total = 0; /* how many octets is the current input UTF-8 char;
- 0 == between characters */
- bitstogo = 0; /* bits that need to be encoded into base64; if
- bitstogo != 0 then utf7mode == 1 */
- while ((c = (unsigned char)*src) != '\0') {
- ++src;
- /* undo hex-encoding */
- if (c == '%' && src[0] != '\0' && src[1] != '\0') {
- c = HEXCHAR(src[0]);
- i = HEXCHAR(src[1]);
- if (c == XX || i == XX) {
- return 0;
- } else {
- c = (char)((c << 4) | i);
- }
- src += 2;
- }
- /* normal character? */
- if (c >= ' ' && c <= '~') {
- /* switch out of UTF-7 mode */
- if (utf7mode) {
- if (bitstogo) {
- *dst++ = base64chars[(bitbuf << (6 - bitstogo)) & 0x3F];
- }
- *dst++ = '-';
- utf7mode = 0;
- bitstogo = bitbuf = 0;
- }
- *dst++ = c;
- /* encode '&' as '&-' */
- if (c == '&') {
- *dst++ = '-';
- }
- continue;
- }
- /* switch to UTF-7 mode */
- if (!utf7mode) {
- *dst++ = '&';
- utf7mode = 1;
- }
- /* Encode US-ASCII characters as themselves */
- if (c < 0x80) {
- ucs4 = c;
- utf8total = 1;
- } else if (utf8total) {
- /* this is a subsequent octet of a multi-octet character */
- /* save UTF8 bits into UCS4 */
-
-
-
-Melnikov & Newman Standards Track [Page 28]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- ucs4 = (ucs4 << 6) | (c & 0x3FUL);
- if (++utf8pos < utf8total) {
- continue;
- }
- } else {
- /* this is the first octet of a multi-octet character */
- utf8pos = 1;
- if (c < 0xE0) {
- utf8total = 2;
- ucs4 = c & 0x1F;
- } else if (c < 0xF0) {
- utf8total = 3;
- ucs4 = c & 0x0F;
- } else {
- /* NOTE: can't convert UTF8 sequences longer than 4 */
- utf8total = 4;
- ucs4 = c & 0x03;
- }
- continue;
- }
- /* Finished with UTF-8 character. Make sure it isn't an
- overlong sequence. If it is, return failure. */
- if ((ucs4 < 0x80 && utf8total > 1) ||
- (ucs4 < 0x0800 && utf8total > 2) ||
- (ucs4 < 0x00010000 && utf8total > 3) ||
- (ucs4 < 0x00200000 && utf8total > 4) ||
- (ucs4 < 0x04000000 && utf8total > 5) ||
- (ucs4 < 0x80000000 && utf8total > 6)) {
- return 0;
- }
- /* loop to split ucs4 into two utf16 chars if necessary */
- utf8total = 0;
- do {
- if (ucs4 >= UTF16BASE) {
- ucs4 -= UTF16BASE;
- bitbuf = (bitbuf << 16) | ((ucs4 >> UTF16SHIFT)
- + UTF16HIGHSTART);
- ucs4 = (ucs4 & UTF16MASK) + UTF16LOSTART;
- utf16flag = 1;
- } else {
- bitbuf = (bitbuf << 16) | ucs4;
- utf16flag = 0;
- }
- bitstogo += 16;
- /* spew out base64 */
- while (bitstogo >= 6) {
- bitstogo -= 6;
- *dst++ = base64chars[(bitstogo ? (bitbuf >> bitstogo)
-
-
-
-Melnikov & Newman Standards Track [Page 29]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
- : bitbuf)
- & 0x3F];
- }
- } while (utf16flag);
- }
- /* if in UTF-7 mode, finish in ASCII */
- if (utf7mode) {
- if (bitstogo) {
- *dst++ = base64chars[(bitbuf << (6 - bitstogo)) & 0x3F];
- }
- *dst++ = '-';
- }
- /* tie off string */
- *dst = '\0';
- return 1;
-}
-
-Appendix B. List of Changes since RFC 2192
-
- Updated boilerplate, list of editor's, etc.
- Updated references.
- Updated ABNF not to use _, to use SP instead of SPACE, etc.
- Updated example domains to use example.org.
- Fixed ABNF error in "imessagelist" non-terminal.
- Updated ABNF, due to changes in RFC 3501, RFC 4466, and RFC 3986.
- Renamed "iuserauth" non-terminal to <iuserinfo>.
- Clarified that the userinfo component describes both authorization
- identity and mailbox naming scope.
- Allow for non-synchronizing literals in "enc-search".
- Added "ipartial" specifier that denotes a partial FETCH.
- Moved URLAUTH text from RFC 4467 to this document.
- Updated ABNF for the whole server to allow missing trailing "/"
- (e.g., "imap://imap.example.com" is now valid and is the same as
- "imap://imap.example.com/").
- Clarified how relative-path references are constructed.
- Added more examples demonstrating relative-path references.
- Added rules for relative URLs and restructured ABNF as the result.
- Removed text on use of relative URLs in MHTML.
- Added examples demonstrating security considerations when resolving
- URLs.
- Recommend usage of STARTTLS/SASL security layer to protect
- confidential data.
- Removed some advices about connection reuse that were incorrect.
- Removed URLs referencing a list of mailboxes, as this feature
- hasn't seen any deployments.
- Clarified that user name "anonymous" is case-insensitive.
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 30]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-Appendix C. List of Changes since RFC 4467
-
- Renamed <mechanism> to <uauth-mechanism>. Restructured ABNF.
-
-Appendix D. Acknowledgments
-
- Text describing URLAUTH was lifted from [URLAUTH] by Mark Crispin.
-
- Stephane H. Maes contributed some ideas to this document; he also
- co-edited early versions of this document.
-
- The editors would like to thank Mark Crispin, Ken Murchison, Ted
- Hardie, Zoltan Ordogh, Dave Cridland, Kjetil Torgrim Homme, Lisa
- Dusseault, Spencer Dawkins, Filip Navara, Shawn M. Emery, Sam
- Hartman, Russ Housley, and Lars Eggert for the time they devoted to
- reviewing this document and/or for the comments received.
-
-Authors' Addresses
-
- Chris Newman (Author/Editor)
- Sun Microsystems
- 3401 Centrelake Dr., Suite 410
- Ontario, CA 91761
- EMail: chris.newman@sun.com
-
- Alexey Melnikov (Editor)
- Isode Limited
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex
- TW12 2BX, UK
- EMail: Alexey.Melnikov@isode.com
- URI: http://www.melnikov.ca/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 31]
-
-RFC 5092 IMAP URL Scheme November 2007
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2007).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov & Newman Standards Track [Page 32]
-
diff --git a/imap/docs/rfc/rfc5161.txt b/imap/docs/rfc/rfc5161.txt
deleted file mode 100644
index 13bbbf74..00000000
--- a/imap/docs/rfc/rfc5161.txt
+++ /dev/null
@@ -1,395 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Gulbrandsen, Ed.
-Request for Comments: 5161 Oryx Mail Systems GmbH
-Category: Standards Track A. Melnikov, Ed.
- Isode Limited
- March 2008
-
-
- The IMAP ENABLE Extension
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- Most IMAP extensions are used by the client when it wants to and the
- server supports it. However, a few extensions require the server to
- know whether a client supports that extension. The ENABLE extension
- allows an IMAP client to say which extensions it supports.
-
-1. Overview
-
- Several IMAP extensions allow the server to return unsolicited
- responses specific to these extensions in certain circumstances.
- However, servers cannot send those unsolicited responses until they
- know that the clients support such extensions and thus won't choke on
- the extension response data.
-
- Up until now, extensions have typically stated that a server cannot
- send the unsolicited responses until after the client has used a
- command with the extension data (i.e., at that point the server knows
- the client is aware of the extension). CONDSTORE ([RFC4551]),
- ANNOTATE ([ANNOTATE]), and some extensions under consideration at the
- moment use various commands to enable server extensions. For
- example, CONDSTORE uses a SELECT or FETCH parameter, and ANNOTATE
- uses a side effect of FETCH.
-
- The ENABLE extension provides an explicit indication from the client
- that it supports particular extensions. This is done using a new
- ENABLE command.
-
- An IMAP server that supports ENABLE advertises this by including the
- word ENABLE in its capability list.
-
-
-
-
-Gulbrandsen & Melnikov Standards Track [Page 1]
-
-RFC 5161 The IMAP ENABLE Extension March 2008
-
-
- Most IMAP extensions do not require the client to enable the
- extension in any way.
-
-2. Conventions Used in This Document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC2119].
-
- Formal syntax is defined by [RFC5234] and [RFC3501].
-
- Example lines prefaced by "C:" are sent by the client and ones
- prefaced by "S:" by the server. The five characters [...] means that
- something has been elided.
-
-3. Protocol Changes
-
-3.1. The ENABLE Command
-
- Arguments: capability names
-
- Result: OK: Relevant capabilities enabled
- BAD: No arguments, or syntax error in an argument
-
- The ENABLE command takes a list of capability names, and requests the
- server to enable the named extensions. Once enabled using ENABLE,
- each extension remains active until the IMAP connection is closed.
- For each argument, the server does the following:
-
- - If the argument is not an extension known to the server, the server
- MUST ignore the argument.
-
- - If the argument is an extension known to the server, and it is not
- specifically permitted to be enabled using ENABLE, the server MUST
- ignore the argument. (Note that knowing about an extension doesn't
- necessarily imply supporting that extension.)
-
- - If the argument is an extension that is supported by the server and
- that needs to be enabled, the server MUST enable the extension for
- the duration of the connection. At present, this applies only to
- CONDSTORE ([RFC4551]). Note that once an extension is enabled,
- there is no way to disable it.
-
- If the ENABLE command is successful, the server MUST send an untagged
- ENABLED response (see Section 3.2).
-
-
-
-
-
-
-Gulbrandsen & Melnikov Standards Track [Page 2]
-
-RFC 5161 The IMAP ENABLE Extension March 2008
-
-
- Clients SHOULD only include extensions that need to be enabled by the
- server. At the time of publication, CONDSTORE is the only such
- extension (i.e., ENABLE CONDSTORE is an additional "CONDSTORE
- enabling command" as defined in [RFC4551]). Future RFCs may add to
- this list.
-
- The ENABLE command is only valid in the authenticated state (see
- [RFC3501]), before any mailbox is selected. Clients MUST NOT issue
- ENABLE once they SELECT/EXAMINE a mailbox; however, server
- implementations don't have to check that no mailbox is selected or
- was previously selected during the duration of a connection.
-
- The ENABLE command can be issued multiple times in a session. It is
- additive; i.e., "ENABLE a b", followed by "ENABLE c" is the same as a
- single command "ENABLE a b c". When multiple ENABLE commands are
- issued, each corresponding ENABLED response SHOULD only contain
- extensions enabled by the corresponding ENABLE command.
-
- There are no limitations on pipelining ENABLE. For example, it is
- possible to send ENABLE and then immediately SELECT, or a LOGIN
- immediately followed by ENABLE.
-
- The server MUST NOT change the CAPABILITY list as a result of
- executing ENABLE; i.e., a CAPABILITY command issued right after an
- ENABLE command MUST list the same capabilities as a CAPABILITY
- command issued before the ENABLE command. This is demonstrated in
- the following example:
-
- C: t1 CAPABILITY
- S: * CAPABILITY IMAP4rev1 ID LITERAL+ ENABLE X-GOOD-IDEA
- S: t1 OK foo
- C: t2 ENABLE CONDSTORE X-GOOD-IDEA
- S: * ENABLED X-GOOD-IDEA
- S: t2 OK foo
- C: t3 CAPABILITY
- S: * CAPABILITY IMAP4rev1 ID LITERAL+ ENABLE X-GOOD-IDEA
- S: t3 OK foo again
-
- In the following example, the client enables CONDSTORE:
-
- C: a1 ENABLE CONDSTORE
- S: * ENABLED CONDSTORE
- S: a1 OK Conditional Store enabled
-
-
-
-
-
-
-
-
-Gulbrandsen & Melnikov Standards Track [Page 3]
-
-RFC 5161 The IMAP ENABLE Extension March 2008
-
-
-3.2. The ENABLED Response
-
- Contents: capability listing
-
- The ENABLED response occurs as a result of an ENABLE command. The
- capability listing contains a space-separated listing of capability
- names that the server supports and that were successfully enabled.
- The ENABLED response may contain no capabilities, which means that no
- extensions listed by the client were successfully enabled.
-
-3.3. Note to Designers of Extensions That May Use the ENABLE Command
-
- Designers of IMAP extensions are discouraged from creating extensions
- that require ENABLE unless there is no good alternative design.
- Specifically, extensions that cause potentially incompatible behavior
- changes to deployed server responses (and thus benefit from ENABLE)
- have a higher complexity cost than extensions that do not.
-
-4. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [RFC5234] including the core
- rules in Appendix B.1. [RFC3501] defines the non-terminals
- "capability" and "command-any".
-
- Except as noted otherwise, all alphabetic characters are
- case-insensitive. The use of upper or lower case characters to
- define token strings is for editorial clarity only. Implementations
- MUST accept these strings in a case-insensitive fashion.
-
- capability =/ "ENABLE"
-
- command-any =/ "ENABLE" 1*(SP capability)
-
- response-data =/ "*" SP enable-data CRLF
-
- enable-data = "ENABLED" *(SP capability)
-
-5. Security Considerations
-
- It is believed that this extension doesn't add any security
- considerations that are not already present in the base IMAP protocol
- [RFC3501].
-
-6. IANA Considerations
-
- The IANA has added ENABLE to the IMAP4 Capabilities Registry.
-
-
-
-
-Gulbrandsen & Melnikov Standards Track [Page 4]
-
-RFC 5161 The IMAP ENABLE Extension March 2008
-
-
-7. Acknowledgments
-
- The editors would like to thank Randy Gellens, Chris Newman, Peter
- Coates, Dave Cridland, Mark Crispin, Ned Freed, Dan Karp, Cyrus
- Daboo, Ken Murchison, and Eric Burger for comments and corrections.
- However, this doesn't necessarily mean that they endorse this
- extension, agree with all details, or are responsible for errors
- introduced by the editors.
-
-8. Normative References
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [RFC5234] Crocker, D., Ed., and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", STD 68, RFC 5234, January
- 2008.
-
- [RFC4551] Melnikov, A. and S. Hole, "IMAP Extension for Conditional
- STORE Operation or Quick Flag Changes Resynchronization",
- RFC 4551, June 2006.
-
-9. Informative References
-
- [ANNOTATE] Daboo, C. and R. Gellens, "IMAP ANNOTATE Extension", Work
- in Progress, August 2006.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gulbrandsen & Melnikov Standards Track [Page 5]
-
-RFC 5161 The IMAP ENABLE Extension March 2008
-
-
-Editors' Addresses
-
- Arnt Gulbrandsen
- Oryx Mail Systems GmbH
- Schweppermannstr. 8
- D-81671 Muenchen
- Germany
-
- Fax: +49 89 4502 9758
- EMail: arnt@oryx.com
-
-
- Alexey Melnikov
- Isode Ltd
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex TW12 2BX
- UK
-
- EMail: Alexey.Melnikov@isode.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Gulbrandsen & Melnikov Standards Track [Page 6]
-
-RFC 5161 The IMAP ENABLE Extension March 2008
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2008).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Gulbrandsen & Melnikov Standards Track [Page 7]
-
diff --git a/imap/docs/rfc/rfc5162.txt b/imap/docs/rfc/rfc5162.txt
deleted file mode 100644
index 305c54fb..00000000
--- a/imap/docs/rfc/rfc5162.txt
+++ /dev/null
@@ -1,1291 +0,0 @@
-
-
-
-
-
-
-Network Working Group A. Melnikov
-Request for Comments: 5162 D. Cridland
-Category: Standards Track Isode Ltd
- C. Wilson
- Nokia
- March 2008
-
-
- IMAP4 Extensions for Quick Mailbox Resynchronization
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- This document defines an IMAP4 extension, which gives an IMAP client
- the ability to quickly resynchronize any previously opened mailbox as
- part of the SELECT command, without the need for server-side state or
- additional client round-trips. This extension also introduces a new
- response that allows for a more compact representation of a list of
- expunged messages (and always includes the Unique Identifiers (UIDs)
- expunged).
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 1]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
-Table of Contents
-
- 1. Introduction and Overview . . . . . . . . . . . . . . . . . . 2
- 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 4
- 3. IMAP Protocol Changes . . . . . . . . . . . . . . . . . . . . 4
- 3.1. QRESYNC Parameter to SELECT/EXAMINE . . . . . . . . . . . 4
- 3.2. VANISHED UID FETCH Modifier . . . . . . . . . . . . . . . 8
- 3.3. EXPUNGE Command . . . . . . . . . . . . . . . . . . . . . 10
- 3.4. CLOSE Command . . . . . . . . . . . . . . . . . . . . . . 11
- 3.5. UID EXPUNGE Command . . . . . . . . . . . . . . . . . . . 11
- 3.6. VANISHED Response . . . . . . . . . . . . . . . . . . . . 12
- 3.7. CLOSED Response Code . . . . . . . . . . . . . . . . . . . 15
- 4. Server Implementation Considerations . . . . . . . . . . . . . 15
- 4.1. Server Implementations That Don't Store Extra State . . . 15
- 4.2. Server Implementations Storing Minimal State . . . . . . . 16
- 4.3. Additional State Required on the Server . . . . . . . . . 16
- 5. Updated Synchronization Sequence . . . . . . . . . . . . . . . 17
- 6. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 19
- 7. Security Considerations . . . . . . . . . . . . . . . . . . . 20
- 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21
- 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 21
- 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21
- 10.1. Normative References . . . . . . . . . . . . . . . . . . . 21
- 10.2. Informative References . . . . . . . . . . . . . . . . . . 22
-
-1. Introduction and Overview
-
- The [CONDSTORE] extension gives a disconnected client the ability to
- quickly resynchronize IMAP flag changes for previously seen messages.
- This can be done using the CHANGEDSINCE FETCH modifier once a mailbox
- is opened. In order for the client to discover which messages have
- been expunged, the client still has to issue a UID FETCH or a UID
- SEARCH command. This document defines an extension to [CONDSTORE]
- that allows a reconnecting client to perform full resynchronization,
- including discovery of expunged messages, in a single round-trip.
- This extension also introduces a new response, VANISHED, that allows
- for a more compact representation of a list of expunged messages.
-
- This extension can be useful for mobile clients that can experience
- frequent disconnects caused by environmental factors (battery life,
- signal strength, etc.). Such clients need a way to quickly reconnect
- to the IMAP server, while minimizing delay experienced by the user as
- well as the amount of traffic (and hence the expense) generated by
- resynchronization.
-
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 2]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- By extending the SELECT command to perform the additional
- resynchronization, this also allows clients to reduce concurrent
- connections to the IMAP server held purely for the sake of avoiding
- the resynchronization.
-
- The quick resync IMAP extension is present if an IMAP4 server returns
- "QRESYNC" as one of the supported capabilities to the CAPABILITY
- command.
-
- Servers supporting this extension MUST implement and advertise
- support for the [ENABLE] IMAP extension. Also, the presence of the
- "QRESYNC" capability implies support for the [CONDSTORE] IMAP
- extension even if the CONDSTORE capability isn't advertised. A
- server compliant with this specification is REQUIREd to support
- "ENABLE QRESYNC" and "ENABLE QRESYNC CONDSTORE" (which are "CONDSTORE
- enabling commands", as defined in [CONDSTORE], and have identical
- results), but there is no requirement for a compliant server to
- support "ENABLE CONDSTORE" by itself. The "ENABLE QRESYNC"/"ENABLE
- QRESYNC CONDSTORE" command also tells the server that it SHOULD start
- sending VANISHED responses (see Section 3.6) instead of EXPUNGE
- responses. This change remains in effect until the connection is
- closed.
-
- For compatibility with clients that only support the [CONDSTORE] IMAP
- extension, servers SHOULD advertise CONDSTORE in the CAPABILITY
- response as well.
-
- A client making use of this extension MUST issue "ENABLE QRESYNC"
- once it is authenticated. A server MUST respond with a tagged BAD
- response if the QRESYNC parameter to the SELECT/EXAMINE command or
- the VANISHED UID FETCH modifier is specified and the client hasn't
- issued "ENABLE QRESYNC" in the current connection.
-
- This document puts additional requirements on a server implementing
- the [CONDSTORE] extension. Each mailbox that supports persistent
- storage of mod-sequences, i.e., for which the server has sent a
- HIGHESTMODSEQ untagged OK response code on a successful SELECT/
- EXAMINE, MUST increment the per-mailbox mod-sequence when one or more
- messages are expunged due to EXPUNGE, UID EXPUNGE or CLOSE; the
- server MUST associate the incremented mod-sequence with the UIDs of
- the expunged messages.
-
- A client that supports CONDSTORE but not this extension might
- resynchronize a mailbox and discover that its HIGHESTMODSEQ has
- increased from the value cached by the client. If the increase is
- only due to messages having been expunged since the client last
- synchronized, the client is likely to send a FETCH ... CHANGEDSINCE
- command that returns no data. Thus, a client that supports CONDSTORE
-
-
-
-Melnikov, et al. Standards Track [Page 3]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- but not this extension might incur a penalty of an unneeded round-
- trip when resynchronizing some mailboxes (those that have had
- messages expunged but no flag changes since the last
- synchronization).
-
- This extra round-trip is only incurred by clients that support
- CONDSTORE but not this extension, and only when a mailbox has had
- messages expunged but no flag changes to non-expunged messages.
- Since CONDSTORE is a relatively new extension, it is thought likely
- that clients that support it will also support this extension.
-
-2. Requirements Notation
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC2119].
-
- In examples, "C:" and "S:" indicate lines sent by the client and
- server respectively. If a single "C:" or "S:" label applies to
- multiple lines, then the line breaks between those lines are for
- editorial clarity only and are not part of the actual protocol
- exchange. The five characters [...] means that something has been
- elided.
-
- Understanding of the IMAP message sequence numbers and UIDs and the
- EXPUNGE response [RFC3501] is essential when reading this document.
-
-3. IMAP Protocol Changes
-
-3.1. QRESYNC Parameter to SELECT/EXAMINE
-
- The Quick Resynchronization parameter to SELECT/EXAMINE commands has
- four arguments:
-
- o the last known UIDVALIDITY,
-
- o the last known modification sequence,
-
- o the optional set of known UIDs, and
-
- o an optional parenthesized list of known sequence ranges and their
- corresponding UIDs.
-
- A server MUST respond with a tagged BAD response if the Quick
- Resynchronization parameter to SELECT/EXAMINE command is specified
- and the client hasn't issued "ENABLE QRESYNC" in the current
- connection.
-
-
-
-
-Melnikov, et al. Standards Track [Page 4]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- Before opening the specified mailbox, the server verifies all
- arguments for syntactic validity. If any parameter is not
- syntactically valid, the server returns the tagged BAD response, and
- the mailbox remains unselected. Once the check is done, the server
- opens the mailbox as if no SELECT/EXAMINE parameters are specified
- (this is subject to processing of other parameters as defined in
- other extensions). In particular this means that the server MUST
- send all untagged responses as specified in Sections 6.3.1 and 6.3.2
- of [RFC3501].
-
- After that, the server checks the UIDVALIDITY value provided by the
- client. If the provided UIDVALIDITY doesn't match the UIDVALIDITY
- for the mailbox being opened, then the server MUST ignore the
- remaining parameters and behave as if no dynamic message data
- changed. The client can discover this situation by comparing the
- UIDVALIDITY value returned by the server. This behavior allows the
- client not to synchronize the mailbox or decide on the best
- synchronization strategy.
-
- Example: Attempting to resynchronize INBOX, but the provided
- UIDVALIDITY parameter doesn't match the current UIDVALIDITY
- value.
-
- C: A02 SELECT INBOX (QRESYNC (67890007 20050715194045000
- 41,43:211,214:541))
- S: * 464 EXISTS
- S: * 3 RECENT
- S: * OK [UIDVALIDITY 3857529045] UIDVALIDITY
- S: * OK [UIDNEXT 550] Predicted next UID
- S: * OK [HIGHESTMODSEQ 90060128194045007]
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
- S: * OK [PERMANENTFLAGS (\Answered \Flagged \Draft
- \Deleted \Seen \*)] Permanent flags
- S: A02 OK [READ-WRITE] Sorry, UIDVALIDITY mismatch
-
- Modification Sequence and UID Parameters:
-
- A server that doesn't support the persistent storage of mod-sequences
- for the mailbox MUST send the OK untagged response including the
- NOMODSEQ response code with every successful SELECT or EXAMINE
- command, as described in [CONDSTORE]. Such a server doesn't need to
- remember mod-sequences for expunged messages in the mailbox. It MUST
- ignore the remaining parameters and behave as if no dynamic message
- data changed.
-
- If the provided UIDVALIDITY matches that of the selected mailbox, the
- server then checks the last known modification sequence.
-
-
-
-Melnikov, et al. Standards Track [Page 5]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- The server sends the client any pending flag changes (using FETCH
- responses that MUST contain UIDs) and expunges those that have
- occurred in this mailbox since the provided modification sequence.
-
- If the list of known UIDs was also provided, the server should only
- report flag changes and expunges for the specified messages. If the
- client did not provide the list of UIDs, the server acts as if the
- client has specified "1:<maxuid>", where <maxuid> is the mailbox's
- UIDNEXT value minus 1. If the mailbox is empty and never had any
- messages in it, then lack of the list of UIDs is interpreted as an
- empty set of UIDs.
-
- Thus, the client can process just these pending events and need not
- perform a full resynchronization. Without the message sequence
- number matching information, the result of this step is semantically
- equivalent to the client issuing:
- tag1 UID FETCH "known-uids" (FLAGS) (CHANGEDSINCE
- "mod-sequence-value" VANISHED)
-
- Example:
- C: A03 SELECT INBOX (QRESYNC (67890007
- 90060115194045000 41,43:211,214:541))
- S: * OK [CLOSED]
- S: * 314 EXISTS
- S: * 15 RECENT
- S: * OK [UIDVALIDITY 67890007] UIDVALIDITY
- S: * OK [UIDNEXT 567] Predicted next UID
- S: * OK [HIGHESTMODSEQ 90060115205545359]
- S: * OK [UNSEEN 7] There are some unseen messages in the mailbox
- S: * FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
- S: * OK [PERMANENTFLAGS (\Answered \Flagged \Draft
- \Deleted \Seen \*)] Permanent flags
- S: * VANISHED (EARLIER) 41,43:116,118,120:211,214:540
- S: * 49 FETCH (UID 117 FLAGS (\Seen \Answered) MODSEQ
- (90060115194045001))
- S: * 50 FETCH (UID 119 FLAGS (\Draft $MDNSent) MODSEQ
- (90060115194045308))
- S: ...
- S: * 100 FETCH (UID 541 FLAGS (\Seen $Forwarded) MODSEQ
- (90060115194045001))
- S: A03 OK [READ-WRITE] mailbox selected
-
- Message sequence match data:
-
- A client MAY provide a parenthesized list of a message sequence set
- and the corresponding UID sets. Both MUST be provided in ascending
- order. The server uses this data to restrict the range for which it
- provides expunged message information.
-
-
-
-Melnikov, et al. Standards Track [Page 6]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- Conceptually, the client provides a small sample of sequence numbers
- for which it knows the corresponding UIDs. The server then compares
- each sequence number and UID pair the client provides with the
- current state of the mailbox. If a pair matches, then the client
- knows of any expunges up to, and including, the message, and thus
- will not include that range in the VANISHED response, even if the
- "mod-sequence-value" provided by the client is too old for the server
- to have data of when those messages were expunged.
-
- Thus, if the Nth message number in the first set in the list is 4,
- and the Nth UID in the second set in the list is 8, and the mailbox's
- fourth message has UID 8, then no UIDs equal to or less than 8 are
- present in the VANISHED response. If the (N+1)th message number is
- 12, and the (N+1)th UID is 24, and the (N+1)th message in the mailbox
- has UID 25, then the lowest UID included in the VANISHED response
- would be 9.
-
- In the following two examples, the server is unable to remember
- expunges at all, and only UIDs with messages divisible by three are
- present in the mailbox. In the first example, the client does not
- use the fourth parameter; in the second, it provides it. This
- example is somewhat extreme, but shows that judicious usage of the
- sequence match data can save a substantial amount of bandwidth.
-
- Example:
- C: A04 SELECT INBOX (QRESYNC (67890007
- 90060115194045000 1:29997))
- S: * 10003 EXISTS
- S: * 5 RECENT
- S: * OK [UIDVALIDITY 67890007] UIDVALIDITY
- S: * OK [UIDNEXT 30013] Predicted next UID
- S: * OK [HIGHESTMODSEQ 90060115205545359]
- S: * OK [UNSEEN 7] There are some unseen messages in the mailbox
- S: * FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
- S: * OK [PERMANENTFLAGS (\Answered \Flagged \Draft
- \Deleted \Seen \*)] Permanent flags
- S: * VANISHED (EARLIER) 1:2,4:5,7:8,10:11,13:14 [...]
- 29998:29999,30001:30002,30004:30005,30007:30008
- S: * 9889 FETCH (UID 29667 FLAGS (\Seen \Answered) MODSEQ
- (90060115194045027))
- S: * 9890 FETCH (UID 29670 FLAGS (\Draft $MDNSent) MODSEQ
- (90060115194045028))
- S: ...
- S: * 9999 FETCH (UID 29997 FLAGS (\Seen $Forwarded) MODSEQ
- (90060115194045031))
- S: A04 OK [READ-WRITE] mailbox selected
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 7]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- Example:
- C: B04 SELECT INBOX (QRESYNC (67890007
- 90060115194045000 1:29997 (5000,7500,9000,9990:9999 15000,
- 22500,27000,29970,29973,29976,29979,29982,29985,29988,29991,
- 29994,29997)))
- S: * 10003 EXISTS
- S: * 5 RECENT
- S: * OK [UIDVALIDITY 67890007] UIDVALIDITY
- S: * OK [UIDNEXT 30013] Predicted next UID
- S: * OK [HIGHESTMODSEQ 90060115205545359]
- S: * OK [UNSEEN 7] There are some unseen messages in the mailbox
- S: * FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
- S: * OK [PERMANENTFLAGS (\Answered \Flagged \Draft
- \Deleted \Seen \*)] Permanent flags
- S: * VANISHED (EARLIER) 29998:29999,30001:30002,30004:30005,30007:
- 30008
- S: * 9889 FETCH (UID 29667 FLAGS (\Seen \Answered) MODSEQ
- (90060115194045027))
- S: * 9890 FETCH (UID 29670 FLAGS (\Draft $MDNSent) MODSEQ
- (90060115194045028))
- S: ...
- S: * 9999 FETCH (UID 29997 FLAGS (\Seen $Forwarded) MODSEQ
- (90060115194045031))
- S: B04 OK [READ-WRITE] mailbox selected
-
-3.2. VANISHED UID FETCH Modifier
-
- [IMAPABNF] has extended the syntax of the FETCH and UID FETCH
- commands to include an optional FETCH modifier. This document
- defines a new UID FETCH modifier: VANISHED.
-
- Note, that the VANISHED UID FETCH modifier is NOT allowed with a
- FETCH command. The server MUST return a tagged BAD response if this
- response is specified as a modifier to the FETCH command.
-
- A server MUST respond with a tagged BAD response if the VANISHED UID
- FETCH modifier is specified and the client hasn't issued "ENABLE
- QRESYNC" in the current connection.
-
- The VANISHED UID FETCH modifier MUST only be specified together with
- the CHANGEDSINCE UID FETCH modifier.
-
- The VANISHED UID FETCH modifier instructs the server to report those
- messages from the UID set parameter that have been expunged and whose
- associated mod-sequence is larger than the specified mod-sequence.
- That is, the client requests to be informed of messages from the
- specified set that were expunged since the specified mod-sequence.
- Note that the mod-sequence(s) associated with these messages were
-
-
-
-Melnikov, et al. Standards Track [Page 8]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- updated when the messages were expunged (as described above). The
- expunged messages are reported using the VANISHED response as
- described in Section 3.6, which MUST contain the EARLIER tag. Any
- VANISHED (EARLIER) responses MUST be returned before any FETCH
- responses, as otherwise the client might get confused about how
- message numbers map to UIDs.
-
- Note: A server that receives a mod-sequence smaller than <minmodseq>,
- where <minmodseq> is the value of the smallest expunged mod-sequence
- it remembers minus one, MUST behave as if it was requested to report
- all expunged messages from the provided UID set parameter.
-
- Example 1: Without the VANISHED UID FETCH modifier, a CONDSTORE-aware
- client [CONDSTORE] needs to issue separate commands to learn of flag
- changes and expunged messages since the last synchronization:
-
- C: s100 UID FETCH 300:500 (FLAGS) (CHANGEDSINCE 12345)
- S: * 1 FETCH (UID 404 MODSEQ (65402) FLAGS (\Seen))
- S: * 2 FETCH (UID 406 MODSEQ (75403) FLAGS (\Deleted))
- S: * 4 FETCH (UID 408 MODSEQ (29738) FLAGS ($NoJunk
- $AutoJunk $MDNSent))
- S: s100 OK FETCH completed
- C: s101 UID SEARCH 300:500
- S: * SEARCH 404 406 407 408 410 412
- S: s101 OK search completed
-
- Where 300 and 500 are the lowest and highest UIDs from client's
- cache. The second SEARCH response tells the client that the messages
- with UIDs 407, 410, and 412 are still present, but their flags
- haven't changed since the specified modification sequence.
-
- Using the VANISHED UID FETCH modifier, it is sufficient to issue only
- a single command:
-
- C: s100 UID FETCH 300:500 (FLAGS) (CHANGEDSINCE 12345
- VANISHED)
- S: * VANISHED (EARLIER) 300:310,405,411
- S: * 1 FETCH (UID 404 MODSEQ (65402) FLAGS (\Seen))
- S: * 2 FETCH (UID 406 MODSEQ (75403) FLAGS (\Deleted))
- S: * 4 FETCH (UID 408 MODSEQ (29738) FLAGS ($NoJunk
- $AutoJunk $MDNSent))
- S: s100 OK FETCH completed
-
-
-
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 9]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
-3.3. EXPUNGE Command
-
- Arguments: none
-
- Responses: untagged responses: EXPUNGE or VANISHED
-
- Result: OK - expunge completed
- NO - expunge failure: can't expunge (e.g., permission denied)
- BAD - command unknown or arguments invalid
-
- This section updates the definition of the EXPUNGE command described
- in Section 6.4.3 of [RFC3501].
-
- The EXPUNGE command permanently removes all messages that have the
- \Deleted flag set from the currently selected mailbox. Before
- returning an OK to the client, those messages that are removed are
- reported using a VANISHED response or EXPUNGE responses.
-
- If the server is capable of storing modification sequences for the
- selected mailbox, it MUST increment the per-mailbox mod-sequence if
- at least one message was permanently removed due to the execution of
- the EXPUNGE command. For each permanently removed message, the
- server MUST remember the incremented mod-sequence and corresponding
- UID. If at least one message got expunged, the server MUST send the
- updated per-mailbox modification sequence using the HIGHESTMODSEQ
- response code (defined in [CONDSTORE]) in the tagged OK response.
-
- Example: C: A202 EXPUNGE
- S: * 3 EXPUNGE
- S: * 3 EXPUNGE
- S: * 5 EXPUNGE
- S: * 8 EXPUNGE
- S: A202 OK [HIGHESTMODSEQ 20010715194045319] expunged
-
- Note: In this example, messages 3, 4, 7, and 11 had the \Deleted flag
- set. The first "* 3 EXPUNGE" reports message # 3 as expunged. The
- second "* 3 EXPUNGE" reports message # 4 as expunged (the message
- number got decremented due to the previous EXPUNGE response). See
- the description of the EXPUNGE response in [RFC3501] for further
- explanation.
-
- Note that if the server chooses to always send VANISHED responses
- instead of EXPUNGE responses, the previous example might look like
- this:
-
- Example: C: B202 EXPUNGE
- S: * VANISHED 405,407,410,425
- S: B202 OK [HIGHESTMODSEQ 20010715194045319] expunged
-
-
-
-Melnikov, et al. Standards Track [Page 10]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- Here messages with message numbers 3, 4, 7, and 11 have respective
- UIDs 405, 407, 410, and 425.
-
-3.4. CLOSE Command
-
- Arguments: none
-
- Responses: no specific responses for this command
-
- Result: OK - close completed, now in authenticated state
- BAD - command unknown or arguments invalid
-
- This section updates the definition of the CLOSE command described in
- Section 6.4.2 of [RFC3501].
-
- The CLOSE command permanently removes all messages that have the
- \Deleted flag set from the currently selected mailbox, and returns to
- the authenticated state from the selected state. No untagged EXPUNGE
- (or VANISHED) responses are sent.
-
- If the server is capable of storing modification sequences for the
- selected mailbox, it MUST increment the per-mailbox mod-sequence if
- at least one message was permanently removed due to the execution of
- the CLOSE command. For each permanently removed message, the server
- MUST remember the incremented mod-sequence and corresponding UID. If
- at least one message got expunged, the server MUST send the updated
- per-mailbox modification sequence using the HIGHESTMODSEQ response
- code (defined in [CONDSTORE]) in the tagged OK response.
-
- Example: C: A202 CLOSE
- S: A202 OK [HIGHESTMODSEQ 20010715194045319] done
-
-3.5. UID EXPUNGE Command
-
- Arguments: message set
-
- Responses: untagged responses: EXPUNGE or VANISHED
-
- Result: OK - expunge completed
- NO - expunge failure: can't expunge (e.g., permission denied)
- BAD - command unknown or arguments invalid
-
- This section updates the definition of the UID EXPUNGE command
- described in Section 2.1 of [UIDPLUS]. Servers that implement both
- [UIDPLUS] and QRESYNC extensions must implement UID EXPUNGE as
- described in this section.
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 11]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- The UID EXPUNGE command permanently removes from the currently
- selected mailbox all messages that both have the \Deleted flag set
- and have a UID that is included in the specified message set. If a
- message either does not have the \Deleted flag set or has a UID that
- is not included in the specified message set, it is not affected.
-
- This command is particularly useful for disconnected mode clients.
- By using UID EXPUNGE instead of EXPUNGE when resynchronizing with the
- server, the client can avoid inadvertently removing any messages that
- have been marked as \Deleted by other clients between the time that
- the client was last connected and the time the client resynchronizes.
-
- Before returning an OK to the client, those messages that are removed
- are reported using a VANISHED response or EXPUNGE responses.
-
- If the server is capable of storing modification sequences for the
- selected mailbox, it MUST increment the per-mailbox mod-sequence if
- at least one message was permanently removed due to the execution of
- the UID EXPUNGE command. For each permanently removed message, the
- server MUST remember the incremented mod-sequence and corresponding
- UID. If at least one message got expunged, the server MUST send the
- updated per-mailbox modification sequence using the HIGHESTMODSEQ
- response code (defined in [CONDSTORE]) in the tagged OK response.
-
- Example: C: . UID EXPUNGE 3000:3002
- S: * 3 EXPUNGE
- S: * 3 EXPUNGE
- S: * 3 EXPUNGE
- S: . OK [HIGHESTMODSEQ 20010715194045319] Ok
-
- Note: In this example, at least messages with message numbers 3, 4,
- and 5 (UIDs 3000 to 3002) had the \Deleted flag set. The first "* 3
- EXPUNGE" reports message # 3 as expunged. The second "* 3 EXPUNGE"
- reports message # 4 as expunged (the message number got decremented
- due to the previous EXPUNGE response). See the description of the
- EXPUNGE response in [RFC3501] for further explanation.
-
-3.6. VANISHED Response
-
- Contents: an optional EARLIER tag
-
- list of UIDs
-
- The VANISHED response reports that the specified UIDs have been
- permanently removed from the mailbox. This response is similar to
- the EXPUNGE response [RFC3501]; however, it can return information
- about multiple messages, and it returns UIDs instead of message
-
-
-
-
-Melnikov, et al. Standards Track [Page 12]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- numbers. The first benefit saves bandwidth, while the second is more
- convenient for clients that only use UIDs to access the IMAP server.
-
- The VANISHED response has the same restrictions on when it can be
- sent as does the EXPUNGE response (see below).
-
- The VANISHED response has two forms. The first form contains the
- EARLIER tag, which signifies that the response was caused by a UID
- FETCH (VANISHED) or a SELECT/EXAMINE (QRESYNC) command. This
- response is sent if the UID set parameter to the UID FETCH (VANISHED)
- command includes UIDs of messages that are no longer in the mailbox.
- When the client sees a VANISHED EARLIER response, it MUST NOT
- decrement message sequence numbers for each successive message in the
- mailbox.
-
- The second form doesn't contain the EARLIER tag and is described
- below. Once a client has issued "ENABLE QRESYNC", the server SHOULD
- use the VANISHED response without the EARLIER tag instead of the
- EXPUNGE response. The server SHOULD continue using VANISHED in lieu
- of EXPUNGE for the duration of the connection. In particular, this
- affects the EXPUNGE [RFC3501] and UID EXPUNGE [UIDPLUS] commands, as
- well as messages expunged in other connections. Such a VANISHED
- response MUST NOT contain the EARLIER tag.
-
- A VANISHED response sent because of an EXPUNGE or UID EXPUNGE command
- or because messages were expunged in other connections (i.e., the
- VANISHED response without the EARLIER tag) also decrements the number
- of messages in the mailbox; it is not necessary for the server to
- send an EXISTS response with the new value. It also decrements
- message sequence numbers for each successive message in the mailbox
- (see the example at the end of this section). Note that a VANISHED
- response caused by EXPUNGE, UID EXPUNGE, or messages expunged in
- other connections SHOULD only contain UIDs for messages expunged
- since the last VANISHED/EXPUNGE response sent for the currently
- opened mailbox or since the mailbox was opened. That is, servers
- SHOULD NOT send UIDs for previously expunged messages, unless
- explicitly requested to do so by the UID FETCH (VANISHED) command.
-
- Note that client implementors must take care to properly decrement
- the number of messages in the mailbox even if a server violates this
- last SHOULD or repeats the same UID multiple times in the returned
- UID set. In general, this means that a client using this extension
- should either avoid using message numbers entirely, or have a
- complete mapping of UIDs to message sequence numbers for the selected
- mailbox.
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 13]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- Because clients handle the two different forms of the VANISHED
- response differently, servers MUST NOT report UIDs resulting from a
- UID FETCH (VANISHED) or a SELECT/EXAMINE (QRESYNC) in the same
- VANISHED response as UIDs of messages expunged now (i.e., messages
- expunged in other connections). Instead, the server MUST send
- separate VANISHED responses: one with the EARLIER tag and one
- without.
-
- A VANISHED response MUST NOT be sent when no command is in progress,
- nor while responding to a FETCH, STORE, or SEARCH command. This rule
- is necessary to prevent a loss of synchronization of message sequence
- numbers between client and server. A command is not "in progress"
- until the complete command has been received; in particular, a
- command is not "in progress" during the negotiation of command
- continuation.
-
- Note: UID FETCH, UID STORE, and UID SEARCH are different commands
- from FETCH, STORE, and SEARCH. A VANISHED response MAY be sent
- during a UID command. However, the VANISHED response MUST NOT be
- sent during a UID SEARCH command that contains message numbers in the
- search criteria.
-
- The update from the VANISHED response MUST be recorded by the client.
-
- Example: Let's assume that there is the following mapping between
- message numbers and UIDs in the currently selected mailbox (here "X"
- marks messages with the \Deleted flag set, and "x" represents UIDs
- which are not relevant for the example):
-
- Message numbers: 1 2 3 4 5 6 7 8 9 10 11
- UIDs: x 504 505 507 508 x 510 x x x 625
- \Deleted messages: X X X X
-
- In the presence of the extension defined in this document:
-
- C: A202 EXPUNGE
- S: * VANISHED 505,507,510,625
- S: A202 OK EXPUNGE completed
-
- Without the QRESYNC extension, the same example might look like:
-
- C: A202 EXPUNGE
- S: * 3 EXPUNGE
- S: * 3 EXPUNGE
- S: * 5 EXPUNGE
- S: * 8 EXPUNGE
- S: A202 OK EXPUNGE completed
-
-
-
-
-Melnikov, et al. Standards Track [Page 14]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- (Continuing previous example) If subsequently messages with UIDs 504
- and 508 got marked as \Deleted:
-
- C: A210 EXPUNGE
- S: * VANISHED 504,508
- S: A210 OK EXPUNGE completed
-
- i.e., the last VANISHED response only contains UIDs of messages
- expunged since the previous VANISHED response.
-
-3.7. CLOSED Response Code
-
- The CLOSED response code has no parameters. A server implementing
- the extension defined in this document MUST return the CLOSED
- response code when the currently selected mailbox is closed
- implicitly using the SELECT/EXAMINE command on another mailbox. The
- CLOSED response code serves as a boundary between responses for the
- previously opened mailbox (which was closed) and the newly selected
- mailbox: all responses before the CLOSED response code relate to the
- mailbox that was closed, and all subsequent responses relate to the
- newly opened mailbox.
-
- There is no need to return the CLOSED response code on completion of
- the CLOSE or the UNSELECT [UNSELECT] command (or similar) whose
- purpose is to close the currently selected mailbox without opening a
- new one.
-
-4. Server Implementation Considerations
-
- This section describes a minimalist implementation, a moderate
- implementation, and an example of a full implementation.
-
-4.1. Server Implementations That Don't Store Extra State
-
- Strictly speaking, a server implementation that doesn't remember mod-
- sequences associated with expunged messages can be considered
- compliant with this specification. Such implementations return all
- expunged messages specified in the UID set of the UID FETCH
- (VANISHED) command every time, without paying attention to the
- specified CHANGEDSINCE mod-sequence. Such implementations are
- discouraged, as they can end up returning VANISHED responses that are
- bigger than the result of a UID SEARCH command for the same UID set.
-
- Clients that use the message sequence match data can reduce the scope
- of this VANISHED response substantially in the typical case where
- expunges have not happened, or happen only toward the end of the
- mailbox.
-
-
-
-
-Melnikov, et al. Standards Track [Page 15]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
-4.2. Server Implementations Storing Minimal State
-
- A server that stores the HIGHESTMODSEQ value at the time of the last
- EXPUNGE can omit the VANISHED response when a client provides a
- MODSEQ value that is equal to, or higher than, the current value of
- this datum, that is, when there have been no EXPUNGEs.
-
- A client providing message sequence match data can reduce the scope
- as above. In the case where there have been no expunges, the server
- can ignore this data.
-
-4.3. Additional State Required on the Server
-
- When compared to the [CONDSTORE] extension, this extension requires
- servers to store additional state associated with expunged messages.
- Note that implementations are not required to store this state in
- persistent storage; however, use of persistent storage is advisable.
-
- One possible way to correctly implement the extension described in
- this document is to store a queue of <UID set, mod-sequence> pairs.
- <UID set> can be represented as a sequence of <min UID, max UID>
- pairs.
-
- When messages are expunged, one or more entries are added to the
- queue tail.
-
- When the server receives a request to return messages expunged since
- a given mod-sequence, it will search the queue from the tail (i.e.,
- going from the highest expunged mod-sequence to the lowest) until it
- sees the first record with a mod-sequence less than or equal to the
- given mod-sequence or it reaches the head of the queue.
-
- Note that indefinitely storing information about expunged messages
- can cause storage and related problems for an implementation. In the
- worst case, this could result in almost 64Gb of storage for each IMAP
- mailbox. For example, consider an implementation that stores <min
- UID, max UID, mod-sequence> triples for each range of messages
- expunged at the same time. Each triple requires 16 octets: 4 octets
- for each of the two UIDs, and 8 octets for the mod-sequence. Assume
- that there is a mailbox containing a single message with a UID of
- 2**32-1 (the maximum possible UID value), where messages had
- previously existed with UIDs starting at 1, and have been expunged
- one at a time. For this mailbox alone, storage is required for the
- triples <1, 1, modseq1>, <2, 2, modseq2>, ..., <2**32-2, 2**32-2,
- modseq4294967294>.
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 16]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- Hence, implementations are encouraged to adopt strategies to protect
- against such storage problems, such as limiting the size of the queue
- used to store mod-sequences for expunged messages and "expiring"
- older records when this limit is reached. When the selected
- implementation-specific queue limit is reached, the oldest record(s)
- are deleted from the queue (note that such records are located at the
- queue head). For all such "expired" records, the server needs to
- store a single mod-sequence, which is the highest mod-sequence for
- all "expired" expunged messages.
-
- Note that if the client provides the message sequence match data,
- this can heavily reduce the data cost of sending a complete set of
- missing UIDs; thus, reducing the problems for clients if a server is
- unable to persist much of this queue. If the queue contains data
- back to the requested mod-sequence, this data can be ignored.
-
- Also, note that if the UIDVALIDITY of the mailbox changes or if the
- mailbox is deleted, then any state associated with expunged messages
- doesn't need to be preserved and SHOULD be deleted.
-
-5. Updated Synchronization Sequence
-
- This section updates the description of optimized synchronization in
- Section 6.1 of the [IMAP-DISC].
-
- An advanced disconnected mail client should use the QRESYNC and
- [CONDSTORE] extensions when they are supported by the server. The
- client uses the value from the HIGHESTMODSEQ OK response code
- received on mailbox opening to determine if it needs to
- resynchronize. Once the synchronization is complete, it MUST cache
- the received value (unless the mailbox UIDVALIDITY value has changed;
- see below). The client MUST update its copy of the HIGHESTMODSEQ
- value whenever the server sends a subsequent HIGHESTMODSEQ OK
- response code.
-
- After completing a full synchronization, the client MUST also take
- note of any unsolicited MODSEQ FETCH data items received from the
- server. Whenever the client receives a tagged response to a command,
- it calculates the highest value among all MODSEQ FETCH data items
- received since the last tagged response. If this value is bigger
- than the client's copy of the HIGHESTMODSEQ value, then the client
- MUST use this value as its new HIGHESTMODSEQ value.
-
- Note: It is not safe to update the client's copy of the HIGHESTMODSEQ
- value with a MODSEQ FETCH data item value as soon as it is received
- because servers are not required to send MODSEQ FETCH data items in
- increasing modseqence order. This can lead to the client missing
- some changes in case of connectivity loss.
-
-
-
-Melnikov, et al. Standards Track [Page 17]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- When opening the mailbox for synchronization, the client uses the
- QRESYNC parameter to the SELECT/EXAMINE command. The QRESYNC
- parameter is followed by the UIDVALIDITY and mailbox HIGHESTMODSEQ
- values, as known to the client. It can be optionally followed by the
- set of UIDs, for example, if the client is only interested in partial
- synchronization of the mailbox. The client may also transmit a list
- containing its knowledge of message numbers.
-
- If the SELECT/EXAMINE command is successful, the client compares
- UIDVALIDITY as described in step d)1) in Section 3 of the
- [IMAP-DISC]. If the cached UIDVALIDITY value matches the one
- returned by the server and the server also returns the HIGHESTMODSEQ
- response code, then the server reports expunged messages and returns
- flag changes for all messages specified by the client in the UID set
- parameter (or for all messages in the mailbox, if the client omitted
- the UID set parameter). At this point, the client is synchronized,
- except for maybe the new messages.
-
- If upon a successful SELECT/EXAMINE (QRESYNC) command the client
- receives a NOMODSEQ OK untagged response (instead of the
- HIGHESTMODSEQ response code), it MUST remove the last known
- HIGHESTMODSEQ value from its cache and follow the more general
- instructions in Section 3 of the [IMAP-DISC].
-
- At this point, the client is in sync with the server regarding old
- messages. This client can now fetch information about new messages
- (if requested by the user).
-
- Step d) ("Server-to-client synchronization") in Section 4 of the
- [IMAP-DISC] in the presence of the QRESYNC & CONDSTORE extensions is
- amended as follows:
-
- d) "Server-to-client synchronization" -- for each mailbox that
- requires synchronization, do the following:
-
- 1a) Check the mailbox UIDVALIDITY (see Section 4.1 of the [IMAP-DISC]
- for more details) after issuing SELECT/EXAMINE (QRESYNC) command.
-
- If the UIDVALIDITY value returned by the server differs, the
- client MUST
-
- * empty the local cache of that mailbox;
-
- * "forget" the cached HIGHESTMODSEQ value for the mailbox;
-
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 18]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- * remove any pending "actions" which refer to UIDs in that
- mailbox. Note, this doesn't affect actions performed on
- client generated fake UIDs (see Section 5 of the
- [IMAP-DISC]);
-
- 2) Fetch the current "descriptors";
-
- I) Discover new messages.
-
- 3) Fetch the bodies of any "interesting" messages that the client
- doesn't already have.
-
- Example: The UIDVALIDITY value is the same, but the HIGHESTMODSEQ
- value has changed on the server while the client was
- offline:
-
- C: A142 SELECT INBOX (QRESYNC (3857529045 20010715194032001 1:198))
- S: * 172 EXISTS
- S: * 1 RECENT
- S: * OK [UNSEEN 12] Message 12 is first unseen
- S: * OK [UIDVALIDITY 3857529045] UIDs valid
- S: * OK [UIDNEXT 201] Predicted next UID
- S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
- S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
- S: * OK [HIGHESTMODSEQ 20010715194045007]
- S: * VANISHED (EARLIER) 1:5,7:8,10:15
- S: * 2 FETCH (UID 6 MODSEQ (20010715205008000)
- FLAGS (\Deleted))
- S: * 5 FETCH (UID 9 MODSEQ (20010715195517000)
- FLAGS ($NoJunk $AutoJunk $MDNSent))
- ...
- S: A142 OK [READ-WRITE] SELECT completed
-
-6. Formal Syntax
-
- The following syntax specification uses the Augmented Backus-Naur
- Form (ABNF) notation as specified in [ABNF].
-
- Non-terminals referenced but not defined below are as defined by
- [RFC3501], [CONDSTORE], or [IMAPABNF].
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lower case characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 19]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
- capability =/ "QRESYNC"
-
- select-param = "QRESYNC" SP "(" uidvalidity SP
- mod-sequence-value [SP known-uids]
- [SP seq-match-data] ")"
- ;; conforms to the generic select-param
- ;; syntax defined in [IMAPABNF]
-
- seq-match-data = "(" known-sequence-set SP known-uid-set ")"
-
- uidvalidity = nz-number
-
- known-uids = sequence-set
- ;; sequence of UIDs, "*" is not allowed
-
- known-sequence-set = sequence-set
- ;; set of message numbers corresponding to
- ;; the UIDs in known-uid-set, in ascending order.
- ;; * is not allowed.
-
- known-uid-set = sequence-set
- ;; set of UIDs corresponding to the messages in
- ;; known-sequence-set, in ascending order.
- ;; * is not allowed.
-
- message-data =/ expunged-resp
-
- expunged-resp = "VANISHED" [SP "(EARLIER)"] SP known-uids
-
- rexpunges-fetch-mod = "VANISHED"
- ;; VANISHED UID FETCH modifier conforms
- ;; to the fetch-modifier syntax
- ;; defined in [IMAPABNF]. It is only
- ;; allowed in the UID FETCH command.
-
- resp-text-code =/ "CLOSED"
-
-7. Security Considerations
-
- As always, it is important to thoroughly test clients and servers
- implementing this extension, as it changes how the server reports
- expunged messages to the client.
-
- Security considerations relevant to [CONDSTORE] are relevant to this
- extension.
-
- This document doesn't raise any new security concerns not already
- raised by [CONDSTORE] or [RFC3501].
-
-
-
-Melnikov, et al. Standards Track [Page 20]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
-8. IANA Considerations
-
- IMAP4 capabilities are registered by publishing a standards track or
- IESG approved experimental RFC. The registry is currently located
- at:
-
- http://www.iana.org/assignments/imap4-capabilities
-
- This document defines the QRESYNC IMAP capability. IANA has added
- this capability to the registry.
-
-9. Acknowledgments
-
- Thanks to Steve Hole, Cyrus Daboo, and Michael Wener for encouraging
- creation of this document.
-
- Valuable comments, both in agreement and in dissent, were received
- from Timo Sirainen, Michael Wener, Randall Gellens, Arnt Gulbrandsen,
- Chris Newman, Peter Coates, Mark Crispin, Elwyn Davies, Dan Karp,
- Eric Rescorla, and Mike Zraly.
-
- This document takes substantial text from [RFC3501] by Mark Crispin.
-
-10. References
-
-10.1. Normative References
-
- [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
- Specifications: ABNF", STD 68, RFC 5234, January 2008.
-
- [CONDSTORE] Melnikov, A. and S. Hole, "IMAP Extension for
- Conditional STORE Operation or Quick Flag Changes
- Resynchronization", RFC 4551, June 2006.
-
- [ENABLE] Gulbrandsen, A., Ed. and A. Melnikov, Ed., "The IMAP
- ENABLE Extension", RFC 5161, March 2008.
-
- [IMAPABNF] Melnikov, A. and C. Daboo, "Collected Extensions to
- IMAP4 ABNF", RFC 4466, April 2006.
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
- 4rev1", RFC 3501, March 2003.
-
- [UIDPLUS] Crispin, M., "Internet Message Access Protocol (IMAP) -
- UIDPLUS extension", RFC 4315, December 2005.
-
-
-
-Melnikov, et al. Standards Track [Page 21]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
-10.2. Informative References
-
- [IMAP-DISC] Melnikov, A., Ed., "Synchronization Operations For
- Disconnected Imap4 Clients", RFC 4549, June 2006.
-
- [UNSELECT] Melnikov, A., "Internet Message Access Protocol (IMAP)
- UNSELECT command", RFC 3691, February 2004.
-
-Authors' Addresses
-
- Alexey Melnikov
- Isode Ltd
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex TW12 2BX
- UK
-
- EMail: Alexey.Melnikov@isode.com
-
-
- Dave Cridland
- Isode Ltd
- 5 Castle Business Village
- 36 Station Road
- Hampton, Middlesex TW12 2BX
- UK
-
- EMail: dave.cridland@isode.com
-
-
- Corby Wilson
- Nokia
- 5 Wayside Rd.
- Burlington, MA 01803
- USA
-
- EMail: corby@computer.org
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 22]
-
-RFC 5162 IMAP Quick Mailbox Resync March 2008
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2008).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Melnikov, et al. Standards Track [Page 23]
-
diff --git a/imap/docs/rfc/rfc5234.txt b/imap/docs/rfc/rfc5234.txt
deleted file mode 100644
index 42bb44ca..00000000
--- a/imap/docs/rfc/rfc5234.txt
+++ /dev/null
@@ -1,899 +0,0 @@
-
-
-
-
-
-
-Network Working Group D. Crocker, Ed.
-Request for Comments: 5234 Brandenburg InternetWorking
-STD: 68 P. Overell
-Obsoletes: 4234 THUS plc.
-Category: Standards Track January 2008
-
-
- Augmented BNF for Syntax Specifications: ABNF
-
-Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Abstract
-
- Internet technical specifications often need to define a formal
- syntax. Over the years, a modified version of Backus-Naur Form
- (BNF), called Augmented BNF (ABNF), has been popular among many
- Internet specifications. The current specification documents ABNF.
- It balances compactness and simplicity with reasonable
- representational power. The differences between standard BNF and
- ABNF involve naming rules, repetition, alternatives, order-
- independence, and value ranges. This specification also supplies
- additional rule definitions and encoding for a core lexical analyzer
- of the type common to several Internet specifications.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 1]
-
-RFC 5234 ABNF January 2008
-
-
-Table of Contents
-
- 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
- 2. Rule Definition . . . . . . . . . . . . . . . . . . . . . . . 3
- 2.1. Rule Naming . . . . . . . . . . . . . . . . . . . . . . . 3
- 2.2. Rule Form . . . . . . . . . . . . . . . . . . . . . . . . 4
- 2.3. Terminal Values . . . . . . . . . . . . . . . . . . . . . 4
- 2.4. External Encodings . . . . . . . . . . . . . . . . . . . . 6
- 3. Operators . . . . . . . . . . . . . . . . . . . . . . . . . . 6
- 3.1. Concatenation: Rule1 Rule2 . . . . . . . . . . . . . . . 6
- 3.2. Alternatives: Rule1 / Rule2 . . . . . . . . . . . . . . . 7
- 3.3. Incremental Alternatives: Rule1 =/ Rule2 . . . . . . . . . 7
- 3.4. Value Range Alternatives: %c##-## . . . . . . . . . . . . 8
- 3.5. Sequence Group: (Rule1 Rule2) . . . . . . . . . . . . . . 8
- 3.6. Variable Repetition: *Rule . . . . . . . . . . . . . . . 9
- 3.7. Specific Repetition: nRule . . . . . . . . . . . . . . . 9
- 3.8. Optional Sequence: [RULE] . . . . . . . . . . . . . . . . 9
- 3.9. Comment: ; Comment . . . . . . . . . . . . . . . . . . . 9
- 3.10. Operator Precedence . . . . . . . . . . . . . . . . . . . 10
- 4. ABNF Definition of ABNF . . . . . . . . . . . . . . . . . . . 10
- 5. Security Considerations . . . . . . . . . . . . . . . . . . . 12
- 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
- 6.1. Normative References . . . . . . . . . . . . . . . . . . . 12
- 6.2. Informative References . . . . . . . . . . . . . . . . . . 12
- Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 13
- Appendix B. Core ABNF of ABNF . . . . . . . . . . . . . . . . . . 13
- B.1. Core Rules . . . . . . . . . . . . . . . . . . . . . . . . 13
- B.2. Common Encoding . . . . . . . . . . . . . . . . . . . . . 15
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 2]
-
-RFC 5234 ABNF January 2008
-
-
-1. Introduction
-
- Internet technical specifications often need to define a formal
- syntax and are free to employ whatever notation their authors deem
- useful. Over the years, a modified version of Backus-Naur Form
- (BNF), called Augmented BNF (ABNF), has been popular among many
- Internet specifications. It balances compactness and simplicity with
- reasonable representational power. In the early days of the Arpanet,
- each specification contained its own definition of ABNF. This
- included the email specifications, [RFC733] and then [RFC822], which
- came to be the common citations for defining ABNF. The current
- document separates those definitions to permit selective reference.
- Predictably, it also provides some modifications and enhancements.
-
- The differences between standard BNF and ABNF involve naming rules,
- repetition, alternatives, order-independence, and value ranges.
- Appendix B supplies rule definitions and encoding for a core lexical
- analyzer of the type common to several Internet specifications. It
- is provided as a convenience and is otherwise separate from the meta
- language defined in the body of this document, and separate from its
- formal status.
-
-2. Rule Definition
-
-2.1. Rule Naming
-
- The name of a rule is simply the name itself, that is, a sequence of
- characters, beginning with an alphabetic character, and followed by a
- combination of alphabetics, digits, and hyphens (dashes).
-
- NOTE:
-
- Rule names are case insensitive.
-
- The names <rulename>, <Rulename>, <RULENAME>, and <rUlENamE> all
- refer to the same rule.
-
- Unlike original BNF, angle brackets ("<", ">") are not required.
- However, angle brackets may be used around a rule name whenever their
- presence facilitates in discerning the use of a rule name. This is
- typically restricted to rule name references in free-form prose, or
- to distinguish partial rules that combine into a string not separated
- by white space, such as shown in the discussion about repetition,
- below.
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 3]
-
-RFC 5234 ABNF January 2008
-
-
-2.2. Rule Form
-
- A rule is defined by the following sequence:
-
- name = elements crlf
-
- where <name> is the name of the rule, <elements> is one or more rule
- names or terminal specifications, and <crlf> is the end-of-line
- indicator (carriage return followed by line feed). The equal sign
- separates the name from the definition of the rule. The elements
- form a sequence of one or more rule names and/or value definitions,
- combined according to the various operators defined in this document,
- such as alternative and repetition.
-
- For visual ease, rule definitions are left aligned. When a rule
- requires multiple lines, the continuation lines are indented. The
- left alignment and indentation are relative to the first lines of the
- ABNF rules and need not match the left margin of the document.
-
-2.3. Terminal Values
-
- Rules resolve into a string of terminal values, sometimes called
- characters. In ABNF, a character is merely a non-negative integer.
- In certain contexts, a specific mapping (encoding) of values into a
- character set (such as ASCII) will be specified.
-
- Terminals are specified by one or more numeric characters, with the
- base interpretation of those characters indicated explicitly. The
- following bases are currently defined:
-
- b = binary
-
- d = decimal
-
- x = hexadecimal
-
- Hence:
-
- CR = %d13
-
- CR = %x0D
-
- respectively specify the decimal and hexadecimal representation of
- [US-ASCII] for carriage return.
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 4]
-
-RFC 5234 ABNF January 2008
-
-
- A concatenated string of such values is specified compactly, using a
- period (".") to indicate a separation of characters within that
- value. Hence:
-
- CRLF = %d13.10
-
- ABNF permits the specification of literal text strings directly,
- enclosed in quotation marks. Hence:
-
- command = "command string"
-
- Literal text strings are interpreted as a concatenated set of
- printable characters.
-
- NOTE:
-
- ABNF strings are case insensitive and the character set for these
- strings is US-ASCII.
-
- Hence:
-
- rulename = "abc"
-
- and:
-
- rulename = "aBc"
-
- will match "abc", "Abc", "aBc", "abC", "ABc", "aBC", "AbC", and
- "ABC".
-
- To specify a rule that is case sensitive, specify the characters
- individually.
-
- For example:
-
- rulename = %d97 %d98 %d99
-
- or
-
- rulename = %d97.98.99
-
- will match only the string that comprises only the lowercase
- characters, abc.
-
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 5]
-
-RFC 5234 ABNF January 2008
-
-
-2.4. External Encodings
-
- External representations of terminal value characters will vary
- according to constraints in the storage or transmission environment.
- Hence, the same ABNF-based grammar may have multiple external
- encodings, such as one for a 7-bit US-ASCII environment, another for
- a binary octet environment, and still a different one when 16-bit
- Unicode is used. Encoding details are beyond the scope of ABNF,
- although Appendix B provides definitions for a 7-bit US-ASCII
- environment as has been common to much of the Internet.
-
- By separating external encoding from the syntax, it is intended that
- alternate encoding environments can be used for the same syntax.
-
-3. Operators
-
-3.1. Concatenation: Rule1 Rule2
-
- A rule can define a simple, ordered string of values (i.e., a
- concatenation of contiguous characters) by listing a sequence of rule
- names. For example:
-
- foo = %x61 ; a
-
- bar = %x62 ; b
-
- mumble = foo bar foo
-
- So that the rule <mumble> matches the lowercase string "aba".
-
- Linear white space: Concatenation is at the core of the ABNF parsing
- model. A string of contiguous characters (values) is parsed
- according to the rules defined in ABNF. For Internet specifications,
- there is some history of permitting linear white space (space and
- horizontal tab) to be freely and implicitly interspersed around major
- constructs, such as delimiting special characters or atomic strings.
-
- NOTE:
-
- This specification for ABNF does not provide for implicit
- specification of linear white space.
-
- Any grammar that wishes to permit linear white space around
- delimiters or string segments must specify it explicitly. It is
- often useful to provide for such white space in "core" rules that are
- then used variously among higher-level rules. The "core" rules might
- be formed into a lexical analyzer or simply be part of the main
- ruleset.
-
-
-
-Crocker & Overell Standards Track [Page 6]
-
-RFC 5234 ABNF January 2008
-
-
-3.2. Alternatives: Rule1 / Rule2
-
- Elements separated by a forward slash ("/") are alternatives.
- Therefore,
-
- foo / bar
-
- will accept <foo> or <bar>.
-
- NOTE:
-
- A quoted string containing alphabetic characters is a special form
- for specifying alternative characters and is interpreted as a non-
- terminal representing the set of combinatorial strings with the
- contained characters, in the specified order but with any mixture
- of upper- and lowercase.
-
-3.3. Incremental Alternatives: Rule1 =/ Rule2
-
- It is sometimes convenient to specify a list of alternatives in
- fragments. That is, an initial rule may match one or more
- alternatives, with later rule definitions adding to the set of
- alternatives. This is particularly useful for otherwise independent
- specifications that derive from the same parent ruleset, such as
- often occurs with parameter lists. ABNF permits this incremental
- definition through the construct:
-
- oldrule =/ additional-alternatives
-
- So that the ruleset
-
- ruleset = alt1 / alt2
-
- ruleset =/ alt3
-
- ruleset =/ alt4 / alt5
-
- is the same as specifying
-
- ruleset = alt1 / alt2 / alt3 / alt4 / alt5
-
-
-
-
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 7]
-
-RFC 5234 ABNF January 2008
-
-
-3.4. Value Range Alternatives: %c##-##
-
- A range of alternative numeric values can be specified compactly,
- using a dash ("-") to indicate the range of alternative values.
- Hence:
-
- DIGIT = %x30-39
-
- is equivalent to:
-
- DIGIT = "0" / "1" / "2" / "3" / "4" / "5" / "6" /
-
- "7" / "8" / "9"
-
- Concatenated numeric values and numeric value ranges cannot be
- specified in the same string. A numeric value may use the dotted
- notation for concatenation or it may use the dash notation to specify
- one value range. Hence, to specify one printable character between
- end-of-line sequences, the specification could be:
-
- char-line = %x0D.0A %x20-7E %x0D.0A
-
-3.5. Sequence Group: (Rule1 Rule2)
-
- Elements enclosed in parentheses are treated as a single element,
- whose contents are strictly ordered. Thus,
-
- elem (foo / bar) blat
-
- matches (elem foo blat) or (elem bar blat), and
-
- elem foo / bar blat
-
- matches (elem foo) or (bar blat).
-
- NOTE:
-
- It is strongly advised that grouping notation be used, rather than
- relying on the proper reading of "bare" alternations, when
- alternatives consist of multiple rule names or literals.
-
- Hence, it is recommended that the following form be used:
-
- (elem foo) / (bar blat)
-
- It will avoid misinterpretation by casual readers.
-
-
-
-
-
-Crocker & Overell Standards Track [Page 8]
-
-RFC 5234 ABNF January 2008
-
-
- The sequence group notation is also used within free text to set off
- an element sequence from the prose.
-
-3.6. Variable Repetition: *Rule
-
- The operator "*" preceding an element indicates repetition. The full
- form is:
-
- <a>*<b>element
-
- where <a> and <b> are optional decimal values, indicating at least
- <a> and at most <b> occurrences of the element.
-
- Default values are 0 and infinity so that *<element> allows any
- number, including zero; 1*<element> requires at least one;
- 3*3<element> allows exactly 3; and 1*2<element> allows one or two.
-
-3.7. Specific Repetition: nRule
-
- A rule of the form:
-
- <n>element
-
- is equivalent to
-
- <n>*<n>element
-
- That is, exactly <n> occurrences of <element>. Thus, 2DIGIT is a
- 2-digit number, and 3ALPHA is a string of three alphabetic
- characters.
-
-3.8. Optional Sequence: [RULE]
-
- Square brackets enclose an optional element sequence:
-
- [foo bar]
-
- is equivalent to
-
- *1(foo bar).
-
-3.9. Comment: ; Comment
-
- A semicolon starts a comment that continues to the end of line. This
- is a simple way of including useful notes in parallel with the
- specifications.
-
-
-
-
-
-Crocker & Overell Standards Track [Page 9]
-
-RFC 5234 ABNF January 2008
-
-
-3.10. Operator Precedence
-
- The various mechanisms described above have the following precedence,
- from highest (binding tightest) at the top, to lowest (loosest) at
- the bottom:
-
- Rule name, prose-val, Terminal value
-
- Comment
-
- Value range
-
- Repetition
-
- Grouping, Optional
-
- Concatenation
-
- Alternative
-
- Use of the alternative operator, freely mixed with concatenations,
- can be confusing.
-
- Again, it is recommended that the grouping operator be used to
- make explicit concatenation groups.
-
-4. ABNF Definition of ABNF
-
- NOTES:
-
- 1. This syntax requires a formatting of rules that is relatively
- strict. Hence, the version of a ruleset included in a
- specification might need preprocessing to ensure that it can
- be interpreted by an ABNF parser.
-
- 2. This syntax uses the rules provided in Appendix B.
-
-
- rulelist = 1*( rule / (*c-wsp c-nl) )
-
- rule = rulename defined-as elements c-nl
- ; continues if next line starts
- ; with white space
-
- rulename = ALPHA *(ALPHA / DIGIT / "-")
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 10]
-
-RFC 5234 ABNF January 2008
-
-
- defined-as = *c-wsp ("=" / "=/") *c-wsp
- ; basic rules definition and
- ; incremental alternatives
-
- elements = alternation *c-wsp
-
- c-wsp = WSP / (c-nl WSP)
-
- c-nl = comment / CRLF
- ; comment or newline
-
- comment = ";" *(WSP / VCHAR) CRLF
-
- alternation = concatenation
- *(*c-wsp "/" *c-wsp concatenation)
-
- concatenation = repetition *(1*c-wsp repetition)
-
- repetition = [repeat] element
-
- repeat = 1*DIGIT / (*DIGIT "*" *DIGIT)
-
- element = rulename / group / option /
- char-val / num-val / prose-val
-
- group = "(" *c-wsp alternation *c-wsp ")"
-
- option = "[" *c-wsp alternation *c-wsp "]"
-
- char-val = DQUOTE *(%x20-21 / %x23-7E) DQUOTE
- ; quoted string of SP and VCHAR
- ; without DQUOTE
-
- num-val = "%" (bin-val / dec-val / hex-val)
-
- bin-val = "b" 1*BIT
- [ 1*("." 1*BIT) / ("-" 1*BIT) ]
- ; series of concatenated bit values
- ; or single ONEOF range
-
- dec-val = "d" 1*DIGIT
- [ 1*("." 1*DIGIT) / ("-" 1*DIGIT) ]
-
- hex-val = "x" 1*HEXDIG
- [ 1*("." 1*HEXDIG) / ("-" 1*HEXDIG) ]
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 11]
-
-RFC 5234 ABNF January 2008
-
-
- prose-val = "<" *(%x20-3D / %x3F-7E) ">"
- ; bracketed string of SP and VCHAR
- ; without angles
- ; prose description, to be used as
- ; last resort
-
-5. Security Considerations
-
- Security is truly believed to be irrelevant to this document.
-
-6. References
-
-6.1. Normative References
-
- [US-ASCII] American National Standards Institute, "Coded Character
- Set -- 7-bit American Standard Code for Information
- Interchange", ANSI X3.4, 1986.
-
-6.2. Informative References
-
- [RFC733] Crocker, D., Vittal, J., Pogran, K., and D. Henderson,
- "Standard for the format of ARPA network text messages",
- RFC 733, November 1977.
-
- [RFC822] Crocker, D., "Standard for the format of ARPA Internet
- text messages", STD 11, RFC 822, August 1982.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 12]
-
-RFC 5234 ABNF January 2008
-
-
-Appendix A. Acknowledgements
-
- The syntax for ABNF was originally specified in RFC 733. Ken L.
- Harrenstien, of SRI International, was responsible for re-coding the
- BNF into an Augmented BNF that makes the representation smaller and
- easier to understand.
-
- This recent project began as a simple effort to cull out the portion
- of RFC 822 that has been repeatedly cited by non-email specification
- writers, namely the description of Augmented BNF. Rather than simply
- and blindly converting the existing text into a separate document,
- the working group chose to give careful consideration to the
- deficiencies, as well as benefits, of the existing specification and
- related specifications made available over the last 15 years, and
- therefore to pursue enhancement. This turned the project into
- something rather more ambitious than was first intended.
- Interestingly, the result is not massively different from that
- original, although decisions, such as removing the list notation,
- came as a surprise.
-
- This "separated" version of the specification was part of the DRUMS
- working group, with significant contributions from Jerome Abela,
- Harald Alvestrand, Robert Elz, Roger Fajman, Aviva Garrett, Tom
- Harsch, Dan Kohn, Bill McQuillan, Keith Moore, Chris Newman, Pete
- Resnick, and Henning Schulzrinne.
-
- Julian Reschke warrants a special thanks for converting the Draft
- Standard version to XML source form.
-
-Appendix B. Core ABNF of ABNF
-
- This appendix contains some basic rules that are in common use.
- Basic rules are in uppercase. Note that these rules are only valid
- for ABNF encoded in 7-bit ASCII or in characters sets that are a
- superset of 7-bit ASCII.
-
-B.1. Core Rules
-
- Certain basic rules are in uppercase, such as SP, HTAB, CRLF, DIGIT,
- ALPHA, etc.
-
- ALPHA = %x41-5A / %x61-7A ; A-Z / a-z
-
- BIT = "0" / "1"
-
- CHAR = %x01-7F
- ; any 7-bit US-ASCII character,
- ; excluding NUL
-
-
-
-Crocker & Overell Standards Track [Page 13]
-
-RFC 5234 ABNF January 2008
-
-
- CR = %x0D
- ; carriage return
-
- CRLF = CR LF
- ; Internet standard newline
-
- CTL = %x00-1F / %x7F
- ; controls
-
- DIGIT = %x30-39
- ; 0-9
-
- DQUOTE = %x22
- ; " (Double Quote)
-
- HEXDIG = DIGIT / "A" / "B" / "C" / "D" / "E" / "F"
-
- HTAB = %x09
- ; horizontal tab
-
- LF = %x0A
- ; linefeed
-
- LWSP = *(WSP / CRLF WSP)
- ; Use of this linear-white-space rule
- ; permits lines containing only white
- ; space that are no longer legal in
- ; mail headers and have caused
- ; interoperability problems in other
- ; contexts.
- ; Do not use when defining mail
- ; headers and use with caution in
- ; other contexts.
-
- OCTET = %x00-FF
- ; 8 bits of data
-
- SP = %x20
-
- VCHAR = %x21-7E
- ; visible (printing) characters
-
- WSP = SP / HTAB
- ; white space
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 14]
-
-RFC 5234 ABNF January 2008
-
-
-B.2. Common Encoding
-
- Externally, data are represented as "network virtual ASCII" (namely,
- 7-bit US-ASCII in an 8-bit field), with the high (8th) bit set to
- zero. A string of values is in "network byte order", in which the
- higher-valued bytes are represented on the left-hand side and are
- sent over the network first.
-
-Authors' Addresses
-
- Dave Crocker (editor)
- Brandenburg InternetWorking
- 675 Spruce Dr.
- Sunnyvale, CA 94086
- US
-
- Phone: +1.408.246.8253
- EMail: dcrocker@bbiw.net
-
-
- Paul Overell
- THUS plc.
- 1/2 Berkeley Square,
- 99 Berkeley Street
- Glasgow G3 7HR
- UK
-
- EMail: paul.overell@thus.net
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 15]
-
-RFC 5234 ABNF January 2008
-
-
-Full Copyright Statement
-
- Copyright (C) The IETF Trust (2008).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Crocker & Overell Standards Track [Page 16]
-
diff --git a/imap/src/osdep/unix/flocklnx.c b/imap/src/osdep/unix/flocklnx.c
index ca0112ac..06940b8d 100644
--- a/imap/src/osdep/unix/flocklnx.c
+++ b/imap/src/osdep/unix/flocklnx.c
@@ -57,7 +57,7 @@ int safe_flock (int fd,int op)
case ENOLCK: /* lock table is full */
sprintf (tmp,"File locking failure: %s",strerror (errno));
mm_log (tmp,WARN); /* give the user a warning of what happened */
- if (!logged++) syslog (LOG_ERR,tmp);
+ if (!logged++) syslog (LOG_ERR,"%s",tmp);
/* return failure if non-blocking lock */
if (op & LOCK_NB) return -1;
sleep (5); /* slow down in case it loops */