Lisa,In fact 'stream' does identify a class of users - it indicates that use of this URL is limited to a userid authorized as an application entity for the 'stream' application.
You can think of 'stream' as being analagous to the existing 'authuser' <access> identifier, which indicates that use of this URL is limited to IMAP sessions that are logged in as an authorized user. In the case of 'authuser' the set of users is "all authenticated users", whereas for 'stream' the set of users is that configured on the IMAP server as being associated with the 'stream' application.
Neil On 6 May 2009, at 00:37, Lisa Dusseault wrote:
Comment: The URLAUTH RFC says: "The URLAUTH component overrides the second purpose of the enc-user in the IMAP URI and by default permits the URI to be resolved by any user permitted by the <access> identifier."The 'stream' value doesn't seem to fit this definition, because 'stream' doesn't identify a user or a class of users. Since this draft is updating RFC5092, it would be appropriate (though a little obsessive) to update the definition given above with a new one.Since this has been discussed in LEMONADE where URLAUTH mostly originated, I'm making this a COMMENT and don't object to the approach taken.