idnits 2.17.1 draft-freed-sieve-ihave-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 25, 2008) is 5600 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 3501 (Obsoleted by RFC 9051) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group N. Freed 3 Internet-Draft Sun Microsystems 4 Intended status: Standards Track December 25, 2008 5 Expires: June 28, 2009 7 Sieve Email Filtering: Ihave Extension 8 draft-freed-sieve-ihave-04 10 Status of this Memo 12 This Internet-Draft is submitted to IETF in full conformance with the 13 provisions of BCP 78 and BCP 79. 15 Internet-Drafts are working documents of the Internet Engineering 16 Task Force (IETF), its areas, and its working groups. Note that 17 other groups may also distribute working documents as Internet- 18 Drafts. 20 Internet-Drafts are draft documents valid for a maximum of six months 21 and may be updated, replaced, or obsoleted by other documents at any 22 time. It is inappropriate to use Internet-Drafts as reference 23 material or to cite them other than as "work in progress." 25 The list of current Internet-Drafts can be accessed at 26 http://www.ietf.org/ietf/1id-abstracts.txt. 28 The list of Internet-Draft Shadow Directories can be accessed at 29 http://www.ietf.org/shadow.html. 31 This Internet-Draft will expire on June 28, 2009. 33 Copyright Notice 35 Copyright (c) 2008 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. 45 Abstract 47 This document describes the "ihave" extension to the Sieve email 48 filtering language. The "ihave" extension provides a means to write 49 scripts that can take advantage of optional Sieve features but can 50 still run when those optional features are not available. The 51 extension also defines a new error control command intended to be 52 used to report situations where no combination of available 53 extensions satisfies the needs of the script. 55 Change History (to be removed prior to publication as an RFC) 57 Changed the comparator used in the ihave test from "i;ascii-casemap" 58 to "i;octet". 60 Updated the IANA registration template. 62 Simplified the semantics of ihave to be independent of block 63 structure. 65 Moved the environment extension to a separate document so the 66 standards status of the two extensions can be different. 68 Added error action. 70 Added some text to make the portability advantages of ihave clearer. 72 Added a note about the possibility that the argument to error uses 73 UTF-8 characters. 75 (from WGLC) Various editorial fixups. 77 (from WGLC) Incorporated the same short-circuit, left to right 78 requirements the variables extension imposes, because without it 79 invocation of the variables extension could potentially change the 80 meaning of ihave constructs in anyof or allof clauses. 82 (from WGLC) Added a resriction that ihave MUST NOT be used with any 83 extension that changes the underlying Sieve grammar. Hopefully there 84 won't be any such extensions, but better safe than sorry. 86 1. Introduction 88 Sieve [RFC5228] is a language for filtering email messages at or 89 around the time of final delivery. It is designed to be 90 implementable on either a mail client or mail server. It is suitable 91 for running on a mail server where users may not be allowed to 92 execute arbitrary programs, such as on black box Internet Message 93 Access Protocol [RFC3501] servers, as it has no user-controlled loops 94 or the ability to run external programs. 96 Various sieve extensions have already been defined, e.g., [RFC5229] 97 [RFC5230] [RFC5231] [RFC5232] [RFC5233] [RFC5235], and many more are 98 sure to be created over time. Sieve's require clause is used to 99 specify the extensions a particular sieve needs; an error results if 100 the script's require clause calls for an extension that isn't 101 available. This mechanism is sufficient in most situations. 102 However, there can be cases where a script may be able to take 103 advantage of an extension if it is available but can still operate if 104 it is not, possibly with some degradation of functionality. Cases 105 can also arise where a script would prefer one extension but can 106 employ a different one if the first one is not available. 108 The "ihave" extension provides a means to write scripts that make use 109 of extensions only when they are actually available. It defines a 110 new ihave test that takes a list of capability names as an argument 111 and succeeds if and only if all of those capabilities are present. 112 Additionally, specification of the "ihave" extension in the require 113 clause disables parse time checking of extension use in scripts; run- 114 time checking must be used instead. This makes it possible to write 115 portable scripts that can operate in multiple environments making 116 effective use of whatever extensions are available even though 117 differing sets of extensions are provided in different places. 119 The "ihave" extension also defines a new error control command. 120 Error causes script execution to terminate with the error message 121 given as the argument to the error control. 123 2. Conventions Used in this Document 125 "The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 126 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 127 document are to be interpreted as described in [RFC2119]. 129 The terms used to describe the various components of the Sieve 130 language are taken from Section 1.1 of [RFC5228]. 132 3. Capability Identifiers 134 The capability string associated with the extension defined in this 135 document is "ihave". 137 4. Ihave Test 139 Usage: ihave 140 The ihave test provides a means for Sieve scripts to test for the 141 existence of a given extension prior to actually using it. The 142 capabilities argument to ihave is the same as the similarly-named 143 argument to the require control statement: It specifies the names of 144 one or more Sieve extensions or comparators. The ihave test succeeds 145 if all the extensions specified in the capabilities list are 146 available to the script. 148 Unlike most Sieve tests, ihave accepts no match or comparator 149 arguments. The type of match for ihave is always ":is" and the 150 comparator is always "i;octet". 152 The strings in the capabilities list are constant strings in the 153 context of Sieve variables [RFC5229]. It is an error to pass a non- 154 constant string as an argument to ihave. 156 The Sieve base specification demands that all Sieve extensions used 157 in a given script be specified in the initial require control 158 statement. It is an error for a script to call for extensions the 159 interpreter doesn't support or to attempt to use extensions that have 160 not been listed in the script's require clause. Using ihave changes 161 Sieve interpreter behavior and the underlying requirements in the 162 following ways: 164 1. Use of a given extension is allowed subsequent to the successful 165 evaluation of an ihave test on that extension all the way to the 166 end of the script, even outside the block enclosed by the ihave 167 test. In other words, subsequent to a successful ihave things 168 operate just as if the extension had been specified in the 169 script's require clause. The extension cannot be used prior to 170 the evaluation of such a test and a runtime error MUST be 171 generated if such usage is attempted. However, subsequent use of 172 that extension may still need to be conditionally handled via an 173 ihave test to deal with the case where it is not supported. 175 2. Sieve interpreters normally have the option of checking extension 176 use at either parse time or execution time. The specification of 177 "ihave" in a script's require clause changes this behavior: 178 Scripts MUST either defer extension checking to run time or else 179 take the presence of ihave tests into account at parse time. 180 Note that since ihave can be used inside of anyof, allof, and not 181 tests full parse time checking of ihave may be very difficult to 182 implement. 184 3. Although it makes little sense to do so, an extension can be 185 specified in both the require control statement and in an ihave 186 test. If this is done and the extension has been implemented the 187 extension can be used anywhere in the script and an ihave test of 188 that extension will always return true. 190 4. The ihave test accepts a list of capabilities. The test fails 191 and none of the capabilities are enabled if any of the specified 192 capabilities are unavailable. 194 5. The Sieve base specification does not require that interpreters 195 evaluate arguments in any particular order or that test 196 evaluation be short-circuited. If ihave is enabled the 197 interpreter MUST short-circuit tests, i.e., not perform more 198 tests than necessary to find the result. Additionally, 199 evaluation order MUST be left to right if ihave is enabled. 201 The ihave extension is designed to be used with other extensions that 202 add tests, actions, comparators, or arguments. Implementations MUST 203 NOT allow it to be used with extensions that change the underlying 204 Sieve grammer or extensions like encoded-character [RFC5228] or 205 variables [RFC5229] that change how the content of Sieve scripts are 206 interpreted. The test MUST fail and the extension MUST NOT be 207 enabled if such usage is attempted. 209 5. Error Control 211 Usage: error 213 The error control causes script execution to terminate with a run- 214 time error. The message argument provides a text description of the 215 error condition that SHOULD be included in any generated report 216 regarding the error. Section 2.10.6 of [RFC5228] describes how run- 217 time errors are handled in Sieve. 219 Note that the message argument, like all Sieve strings, employs the 220 UTF-8 charset and can contain non-US-ASCII characters. This must be 221 taken into consideration when reporting script errors. 223 The error control is included as part of the ihave extension so that 224 it is unconditionally available to scripts using ihave. 226 6. Security Considerations 228 A potential security issue with Sieve scripts is that when a script 229 fails to run due to the lack of some extension it may fail to block 230 dangerous email. The ihave extension makes it possible to improve 231 script portability and generality, which may improve the overall 232 security provided by Sieve. 234 Script robustness aside, ihave is essentially a more flexible variant 235 of Sieve's existing require mechanism. As such, it does not add any 236 additional capabilities to a Sieve implementation that could create 237 security issues. Of course all of the security considerations given 238 in the base Sieve specification and in any extensions that are 239 employed are still relevant. 241 7. IANA Considerations 243 The following template specifies the IANA registration of the Sieve 244 extension specified in this document: 246 To: iana@iana.org 247 Subject: Registration of new Sieve extension 249 Capability name: ihave 250 Description: The "ihave" extension provides a means to write 251 scripts that make use of other extensions only 252 when they are actually available. 253 RFC number: RFC XXXX 254 Contact address: Sieve discussion list 256 8. References 258 8.1. Normative references 260 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 261 Requirement Levels", BCP 14, RFC 2119, March 1997. 263 [RFC5228] Guenther, P. and T. Showalter, "Sieve: An Email Filtering 264 Language", RFC 5228, January 2008. 266 8.2. Informative references 268 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 269 4rev1", RFC 3501, March 2003. 271 [RFC5229] Homme, K., "Sieve Email Filtering: Variables Extension", 272 RFC 5229, January 2008. 274 [RFC5230] Showalter, T. and N. Freed, "Sieve Email Filtering: 275 Vacation Extension", RFC 5230, January 2008. 277 [RFC5231] Segmuller, W. and B. Leiba, "Sieve Email Filtering: 278 Relational Extension", RFC 5231, January 2008. 280 [RFC5232] Melnikov, A., "Sieve Email Filtering: Imap4flags 281 Extension", RFC 5232, January 2008. 283 [RFC5233] Murchison, K., "Sieve Email Filtering: Subaddress 284 Extension", RFC 5233, January 2008. 286 [RFC5235] Daboo, C., "Sieve Email Filtering: Spamtest and Virustest 287 Extensions", RFC 5235, January 2008. 289 Appendix A. Acknowledgements 291 Stephan Bosch, Cyrus Daboo, Arnt Gulbrandsen, Andrew McKeon, and 292 Alexey Melnikov provided helpful suggestions and corrections. 294 Author's Address 296 Ned Freed 297 Sun Microsystems 298 800 Royal Oaks 299 Monrovia, CA 91016-6347 300 USA 302 Phone: +1 909 457 4293 303 Email: ned.freed@mrochek.com