| < draft-ietf-extra-imap4rev2-19.txt | draft-ietf-extra-imap4rev2-20.txt > | |||
|---|---|---|---|---|
| Network Working Group A. Melnikov, Ed. | Network Working Group A. Melnikov, Ed. | |||
| Internet-Draft Isode Ltd | Internet-Draft Isode Ltd | |||
| Obsoletes: 3501 (if approved) B. Leiba, Ed. | Obsoletes: 3501 (if approved) B. Leiba, Ed. | |||
| Intended status: Standards Track Futurewei Technologies | Intended status: Standards Track Futurewei Technologies | |||
| Expires: April 30, 2021 October 27, 2020 | Expires: April 30, 2021 October 27, 2020 | |||
| Internet Message Access Protocol (IMAP) - Version 4rev2 | Internet Message Access Protocol (IMAP) - Version 4rev2 | |||
| draft-ietf-extra-imap4rev2-19 | draft-ietf-extra-imap4rev2-20 | |||
| Abstract | Abstract | |||
| The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) | The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) | |||
| allows a client to access and manipulate electronic mail messages on | allows a client to access and manipulate electronic mail messages on | |||
| a server. IMAP4rev2 permits manipulation of mailboxes (remote | a server. IMAP4rev2 permits manipulation of mailboxes (remote | |||
| message folders) in a way that is functionally equivalent to local | message folders) in a way that is functionally equivalent to local | |||
| folders. IMAP4rev2 also provides the capability for an offline | folders. IMAP4rev2 also provides the capability for an offline | |||
| client to resynchronize with the server. | client to resynchronize with the server. | |||
| IMAP4rev2 includes operations for creating, deleting, and renaming | IMAP4rev2 includes operations for creating, deleting, and renaming | |||
| mailboxes, checking for new messages, permanently removing messages, | mailboxes, checking for new messages, permanently removing messages, | |||
| setting and clearing flags, RFC 5322, RFC 2045 and RFC 2231 parsing, | setting and clearing flags, RFC 5322, RFC 2045 and RFC 2231 parsing, | |||
| searching, and selective fetching of message attributes, texts, and | searching, and selective fetching of message attributes, texts, and | |||
| portions thereof. Messages in IMAP4rev2 are accessed by the use of | portions thereof. Messages in IMAP4rev2 are accessed by the use of | |||
| numbers. These numbers are either message sequence numbers or unique | numbers. These numbers are either message sequence numbers or unique | |||
| identifiers. | identifiers. | |||
| IMAP4rev2 does not specify a means of posting mail; this function is | IMAP4rev2 does not specify a means of posting mail; this function is | |||
| handled by a mail submission protocol such as RFC 6409. | handled by a mail submission protocol such as the one specified in | |||
| RFC 6409. | ||||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| skipping to change at page 143, line 44 ¶ | skipping to change at page 143, line 44 ¶ | |||
| sent in the clear over the network unless protection from snooping is | sent in the clear over the network unless protection from snooping is | |||
| negotiated. This can be accomplished either by the use of IMAPS | negotiated. This can be accomplished either by the use of IMAPS | |||
| service, STARTTLS command, negotiated privacy protection in the | service, STARTTLS command, negotiated privacy protection in the | |||
| AUTHENTICATE command, or some other protection mechanism. | AUTHENTICATE command, or some other protection mechanism. | |||
| 11.1. STARTTLS Security Considerations | 11.1. STARTTLS Security Considerations | |||
| IMAP client and server implementations MUST comply with relevant TLS | IMAP client and server implementations MUST comply with relevant TLS | |||
| recommendations from [RFC8314]. | recommendations from [RFC8314]. | |||
| Clients and servers MUST implement TLS 1.2 or newer. Use of TLS 1.3 | Clients and servers MUST implement TLS 1.2 [TLS-1.2] or newer. Use | |||
| [TLS-1.3] is RECOMMENDED. However [TLS-1.2] MAY be used. | of TLS 1.3 [TLS-1.3] is RECOMMENDED. TLS 1.2 may be used only in | |||
| cases where the other party has not yet implemented TLS 1.3. | ||||
| Additionally, when using TLS 1.2, IMAP implementations MUST implement | Additionally, when using TLS 1.2, IMAP implementations MUST implement | |||
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite, and SHOULD | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite, and SHOULD | |||
| implement the TLS_RSA_WITH_AES_128_CBC_SHA [TLS-1.2] cipher suite. | implement the TLS_RSA_WITH_AES_128_CBC_SHA [TLS-1.2] cipher suite. | |||
| This is important as it assures that any two compliant | This is important as it assures that any two compliant | |||
| implementations can be configured to interoperate. Other TLS cipher | implementations can be configured to interoperate. Other TLS cipher | |||
| suites recommended in RFC 7525 are RECOMMENDED: | suites recommended in RFC 7525 are RECOMMENDED: | |||
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |||
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and | |||
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are | |||
| OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS]. | OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS]. | |||
| The list of mandatory-to-implement TLS 1.3 cipher suites is described | The list of mandatory-to-implement TLS 1.3 cipher suites is described | |||
| in Section 9.1 of [TLS-1.3]. | in Section 9.1 of [TLS-1.3]. | |||
| During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check | During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check | |||
| its understanding of the server hostname against the server's | its understanding of the server hostname against the server's | |||
| End of changes. 4 change blocks. | ||||
| 5 lines changed or deleted | 6 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||