| < draft-ietf-extra-imap4rev2-26.txt | draft-ietf-extra-imap4rev2-27.txt > | |||
|---|---|---|---|---|
| Network Working Group A. Melnikov, Ed. | Network Working Group A. Melnikov, Ed. | |||
| Internet-Draft Isode Ltd | Internet-Draft Isode Ltd | |||
| Obsoletes: 3501 (if approved) B. Leiba, Ed. | Obsoletes: 3501 (if approved) B. Leiba, Ed. | |||
| Intended status: Standards Track Futurewei Technologies | Intended status: Standards Track Futurewei Technologies | |||
| Expires: July 28, 2021 January 24, 2021 | Expires: August 6, 2021 February 2, 2021 | |||
| Internet Message Access Protocol (IMAP) - Version 4rev2 | Internet Message Access Protocol (IMAP) - Version 4rev2 | |||
| draft-ietf-extra-imap4rev2-26 | draft-ietf-extra-imap4rev2-27 | |||
| Abstract | Abstract | |||
| The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) | The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) | |||
| allows a client to access and manipulate electronic mail messages on | allows a client to access and manipulate electronic mail messages on | |||
| a server. IMAP4rev2 permits manipulation of mailboxes (remote | a server. IMAP4rev2 permits manipulation of mailboxes (remote | |||
| message folders) in a way that is functionally equivalent to local | message folders) in a way that is functionally equivalent to local | |||
| folders. IMAP4rev2 also provides the capability for an offline | folders. IMAP4rev2 also provides the capability for an offline | |||
| client to resynchronize with the server. | client to resynchronize with the server. | |||
| skipping to change at page 1, line 48 ¶ | skipping to change at page 1, line 48 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on July 28, 2021. | This Internet-Draft will expire on August 6, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 32 ¶ | skipping to change at page 3, line 32 ¶ | |||
| 5.5. Multiple Commands in Progress (Command Pipelining) . . . 24 | 5.5. Multiple Commands in Progress (Command Pipelining) . . . 24 | |||
| 6. Client Commands . . . . . . . . . . . . . . . . . . . . . . . 25 | 6. Client Commands . . . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 6.1. Client Commands - Any State . . . . . . . . . . . . . . . 26 | 6.1. Client Commands - Any State . . . . . . . . . . . . . . . 26 | |||
| 6.1.1. CAPABILITY Command . . . . . . . . . . . . . . . . . 26 | 6.1.1. CAPABILITY Command . . . . . . . . . . . . . . . . . 26 | |||
| 6.1.2. NOOP Command . . . . . . . . . . . . . . . . . . . . 27 | 6.1.2. NOOP Command . . . . . . . . . . . . . . . . . . . . 27 | |||
| 6.1.3. LOGOUT Command . . . . . . . . . . . . . . . . . . . 27 | 6.1.3. LOGOUT Command . . . . . . . . . . . . . . . . . . . 27 | |||
| 6.2. Client Commands - Not Authenticated State . . . . . . . . 28 | 6.2. Client Commands - Not Authenticated State . . . . . . . . 28 | |||
| 6.2.1. STARTTLS Command . . . . . . . . . . . . . . . . . . 28 | 6.2.1. STARTTLS Command . . . . . . . . . . . . . . . . . . 28 | |||
| 6.2.2. AUTHENTICATE Command . . . . . . . . . . . . . . . . 30 | 6.2.2. AUTHENTICATE Command . . . . . . . . . . . . . . . . 30 | |||
| 6.2.3. LOGIN Command . . . . . . . . . . . . . . . . . . . . 33 | 6.2.3. LOGIN Command . . . . . . . . . . . . . . . . . . . . 33 | |||
| 6.3. Client Commands - Authenticated State . . . . . . . . . . 33 | 6.3. Client Commands - Authenticated State . . . . . . . . . . 34 | |||
| 6.3.1. ENABLE Command . . . . . . . . . . . . . . . . . . . 34 | 6.3.1. ENABLE Command . . . . . . . . . . . . . . . . . . . 34 | |||
| 6.3.2. SELECT Command . . . . . . . . . . . . . . . . . . . 36 | 6.3.2. SELECT Command . . . . . . . . . . . . . . . . . . . 36 | |||
| 6.3.3. EXAMINE Command . . . . . . . . . . . . . . . . . . . 38 | 6.3.3. EXAMINE Command . . . . . . . . . . . . . . . . . . . 38 | |||
| 6.3.4. CREATE Command . . . . . . . . . . . . . . . . . . . 39 | 6.3.4. CREATE Command . . . . . . . . . . . . . . . . . . . 39 | |||
| 6.3.5. DELETE Command . . . . . . . . . . . . . . . . . . . 40 | 6.3.5. DELETE Command . . . . . . . . . . . . . . . . . . . 40 | |||
| 6.3.6. RENAME Command . . . . . . . . . . . . . . . . . . . 42 | 6.3.6. RENAME Command . . . . . . . . . . . . . . . . . . . 42 | |||
| 6.3.7. SUBSCRIBE Command . . . . . . . . . . . . . . . . . . 44 | 6.3.7. SUBSCRIBE Command . . . . . . . . . . . . . . . . . . 44 | |||
| 6.3.8. UNSUBSCRIBE Command . . . . . . . . . . . . . . . . . 45 | 6.3.8. UNSUBSCRIBE Command . . . . . . . . . . . . . . . . . 45 | |||
| 6.3.9. LIST Command . . . . . . . . . . . . . . . . . . . . 45 | 6.3.9. LIST Command . . . . . . . . . . . . . . . . . . . . 45 | |||
| 6.3.10. NAMESPACE Command . . . . . . . . . . . . . . . . . . 64 | 6.3.10. NAMESPACE Command . . . . . . . . . . . . . . . . . . 64 | |||
| skipping to change at page 4, line 34 ¶ | skipping to change at page 4, line 34 ¶ | |||
| 7.3.5. FLAGS Response . . . . . . . . . . . . . . . . . . . 117 | 7.3.5. FLAGS Response . . . . . . . . . . . . . . . . . . . 117 | |||
| 7.4. Server Responses - Mailbox Size . . . . . . . . . . . . . 118 | 7.4. Server Responses - Mailbox Size . . . . . . . . . . . . . 118 | |||
| 7.4.1. EXISTS Response . . . . . . . . . . . . . . . . . . . 118 | 7.4.1. EXISTS Response . . . . . . . . . . . . . . . . . . . 118 | |||
| 7.5. Server Responses - Message Status . . . . . . . . . . . . 118 | 7.5. Server Responses - Message Status . . . . . . . . . . . . 118 | |||
| 7.5.1. EXPUNGE Response . . . . . . . . . . . . . . . . . . 118 | 7.5.1. EXPUNGE Response . . . . . . . . . . . . . . . . . . 118 | |||
| 7.5.2. FETCH Response . . . . . . . . . . . . . . . . . . . 119 | 7.5.2. FETCH Response . . . . . . . . . . . . . . . . . . . 119 | |||
| 7.6. Server Responses - Command Continuation Request . . . . . 125 | 7.6. Server Responses - Command Continuation Request . . . . . 125 | |||
| 8. Sample IMAP4rev2 connection . . . . . . . . . . . . . . . . . 126 | 8. Sample IMAP4rev2 connection . . . . . . . . . . . . . . . . . 126 | |||
| 9. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 127 | 9. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 127 | |||
| 10. Author's Note . . . . . . . . . . . . . . . . . . . . . . . . 145 | 10. Author's Note . . . . . . . . . . . . . . . . . . . . . . . . 145 | |||
| 11. Security Considerations . . . . . . . . . . . . . . . . . . . 146 | 11. Security Considerations . . . . . . . . . . . . . . . . . . . 145 | |||
| 11.1. TLS related Security Considerations . . . . . . . . . . 146 | 11.1. TLS related Security Considerations . . . . . . . . . . 145 | |||
| 11.2. STARTTLS command versa use of Implicit TLS port . . . . 146 | 11.2. STARTTLS command versa use of Implicit TLS port . . . . 146 | |||
| 11.3. Client handling of unsolicited responses not suitable | 11.3. Client handling of unsolicited responses not suitable | |||
| for the current connection state . . . . . . . . . . . . 147 | for the current connection state . . . . . . . . . . . . 146 | |||
| 11.4. COPYUID and APPENDUID response codes . . . . . . . . . . 147 | 11.4. COPYUID and APPENDUID response codes . . . . . . . . . . 147 | |||
| 11.5. LIST command and Other Users' namespace . . . . . . . . 148 | 11.5. LIST command and Other Users' namespace . . . . . . . . 147 | |||
| 11.6. Other Security Considerations . . . . . . . . . . . . . 148 | 11.6. Other Security Considerations . . . . . . . . . . . . . 147 | |||
| 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 149 | 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 148 | |||
| 12.1. Updates to IMAP4 Capabilities registry . . . . . . . . . 149 | 12.1. Updates to IMAP4 Capabilities registry . . . . . . . . . 149 | |||
| 12.2. GSSAPI/SASL service name . . . . . . . . . . . . . . . . 149 | 12.2. GSSAPI/SASL service name . . . . . . . . . . . . . . . . 149 | |||
| 12.3. LIST Selection Options, LIST Return Options, LIST | 12.3. LIST Selection Options, LIST Return Options, LIST | |||
| extended data items . . . . . . . . . . . . . . . . . . 150 | extended data items . . . . . . . . . . . . . . . . . . 149 | |||
| 12.4. IMAP Mailbox Name Attributes and IMAP Response Codes . . 150 | 12.4. IMAP Mailbox Name Attributes and IMAP Response Codes . . 150 | |||
| 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 150 | 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 150 | |||
| 13.1. Normative References . . . . . . . . . . . . . . . . . . 150 | 13.1. Normative References . . . . . . . . . . . . . . . . . . 150 | |||
| 13.2. Informative References (related protocols) . . . . . . . 153 | 13.2. Informative References (related protocols) . . . . . . . 153 | |||
| 13.3. Informative References (historical aspects of IMAP and | 13.3. Informative References (historical aspects of IMAP and | |||
| related protocols) . . . . . . . . . . . . . . . . . . . 156 | related protocols) . . . . . . . . . . . . . . . . . . . 155 | |||
| Appendix A. Backward compatibility with IMAP4rev1 . . . . . . . 156 | Appendix A. Backward compatibility with IMAP4rev1 . . . . . . . 156 | |||
| A.1. Mailbox International Naming Convention for compatibility | A.1. Mailbox International Naming Convention for compatibility | |||
| with IMAP4rev1 . . . . . . . . . . . . . . . . . . . . . 157 | with IMAP4rev1 . . . . . . . . . . . . . . . . . . . . . 157 | |||
| Appendix B. Backward compatibility with BINARY extension . . . . 159 | Appendix B. Backward compatibility with BINARY extension . . . . 158 | |||
| Appendix C. Backward compatibility with LIST-EXTENDED extension 159 | Appendix C. Backward compatibility with LIST-EXTENDED extension 159 | |||
| Appendix D. 63 bit body part and message sizes . . . . . . . . . 159 | Appendix D. 63 bit body part and message sizes . . . . . . . . . 159 | |||
| Appendix E. Changes from RFC 3501 / IMAP4rev1 . . . . . . . . . 159 | Appendix E. Changes from RFC 3501 / IMAP4rev1 . . . . . . . . . 159 | |||
| Appendix F. Other Recommended IMAP Extensions . . . . . . . . . 161 | Appendix F. Other Recommended IMAP Extensions . . . . . . . . . 161 | |||
| Appendix G. Acknowledgement . . . . . . . . . . . . . . . . . . 162 | Appendix G. Acknowledgement . . . . . . . . . . . . . . . . . . 162 | |||
| Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 | Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 168 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 167 | |||
| 1. How to Read This Document | 1. How to Read This Document | |||
| 1.1. Organization of This Document | 1.1. Organization of This Document | |||
| This document is written from the point of view of the implementor of | This document is written from the point of view of the implementor of | |||
| an IMAP4rev2 client or server. Beyond the protocol overview in | an IMAP4rev2 client or server. Beyond the protocol overview in | |||
| section 2, it is not optimized for someone trying to understand the | section 2, it is not optimized for someone trying to understand the | |||
| operation of the protocol. The material in sections 3 through 5 | operation of the protocol. The material in sections 3 through 5 | |||
| provides the general context and definitions with which IMAP4rev2 | provides the general context and definitions with which IMAP4rev2 | |||
| skipping to change at page 6, line 46 ¶ | skipping to change at page 6, line 46 ¶ | |||
| International Naming Convention, and other uses of "&" in mailbox | International Naming Convention, and other uses of "&" in mailbox | |||
| names are impacted as well. | names are impacted as well. | |||
| 1.3. Special Notes to Implementors | 1.3. Special Notes to Implementors | |||
| Implementors of the IMAP protocol are strongly encouraged to read the | Implementors of the IMAP protocol are strongly encouraged to read the | |||
| IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in | IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in | |||
| conjunction with this document, to help understand the intricacies of | conjunction with this document, to help understand the intricacies of | |||
| this protocol and how best to build an interoperable product. | this protocol and how best to build an interoperable product. | |||
| IMAP4rev2 is designed to be upwards compatible from the IMAP4rev1, | IMAP4rev2 is designed to be upwards compatible from the IMAP4rev1 | |||
| the [IMAP2] and unpublished IMAP2bis protocols. IMAP4rev2 is largely | [RFC3501], the [IMAP2] and unpublished IMAP2bis [IMAP2BIS] protocols. | |||
| compatible with the IMAP4rev1 protocol described in RFC 3501 and the | IMAP4rev2 is largely compatible with the IMAP4rev1 protocol described | |||
| IMAP4 protocol described in RFC 1730; the exception being in certain | in RFC 3501 and the IMAP4 protocol described in RFC 1730; the | |||
| facilities added in RFC 1730 and RFC 3501 that proved problematic and | exception being in certain facilities added in RFC 1730 and RFC 3501 | |||
| were subsequently removed or replaced by better alternatives. In the | that proved problematic and were subsequently removed or replaced by | |||
| course of the evolution of IMAP4rev2, some aspects in the earlier | better alternatives. In the course of the evolution of IMAP4rev2, | |||
| protocols have become obsolete. Obsolete commands, responses, and | some aspects in the earlier protocols have become obsolete. Obsolete | |||
| data formats which an IMAP4rev2 implementation can encounter when | commands, responses, and data formats which an IMAP4rev2 | |||
| used with an earlier implementation are described in Appendix E, | implementation can encounter when used with an earlier implementation | |||
| Appendix A and [IMAP-OBSOLETE]. IMAP4rev2 supports 63bit body part | are described in Appendix E, Appendix A and [IMAP-OBSOLETE]. | |||
| and message sizes. IMAP4rev2 compatibility with BINARY and LIST- | IMAP4rev2 supports 63bit body part and message sizes. IMAP4rev2 | |||
| EXTENDED IMAP extensions are described in Appendix B and Appendix C | compatibility with BINARY and LIST-EXTENDED IMAP extensions are | |||
| respectively. | described in Appendix B and Appendix C respectively. | |||
| Other compatibility issues with IMAP2bis, the most common variant of | Other compatibility issues with IMAP2bis, the most common variant of | |||
| the earlier protocol, are discussed in [IMAP-COMPAT]. A full | the earlier protocol, are discussed in [IMAP-COMPAT]. A full | |||
| discussion of compatibility issues with rare (and presumed extinct) | discussion of compatibility issues with rare (and presumed extinct) | |||
| variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is | variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is | |||
| primarily of historical interest. | primarily of historical interest. | |||
| IMAP was originally developed for the older [RFC-822] standard, and | IMAP was originally developed for the older [RFC-822] standard, and | |||
| as a consequence several fetch items in IMAP incorporate "RFC822" in | as a consequence several fetch items in IMAP incorporate "RFC822" in | |||
| their name. In all cases, "RFC822" should be interpreted as a | their name. In all cases, "RFC822" should be interpreted as a | |||
| skipping to change at page 9, line 36 ¶ | skipping to change at page 9, line 36 ¶ | |||
| 2.3. Message Attributes | 2.3. Message Attributes | |||
| In addition to message text, each message has several attributes | In addition to message text, each message has several attributes | |||
| associated with it. These attributes can be retrieved individually | associated with it. These attributes can be retrieved individually | |||
| or in conjunction with other attributes or message texts. | or in conjunction with other attributes or message texts. | |||
| 2.3.1. Message Numbers | 2.3.1. Message Numbers | |||
| Messages in IMAP4rev2 are accessed by one of two numbers; the unique | Messages in IMAP4rev2 are accessed by one of two numbers; the unique | |||
| identifier or the message sequence number. | identifier (UID) or the message sequence number. | |||
| 2.3.1.1. Unique Identifier (UID) Message Attribute | 2.3.1.1. Unique Identifier (UID) Message Attribute | |||
| A UID is an unsigned non-zero 32-bit value assigned to each message, | A UID is an unsigned non-zero 32-bit value assigned to each message, | |||
| which when used with the unique identifier validity value (see below) | which when used with the unique identifier validity value (see below) | |||
| forms a 64-bit value that MUST NOT refer to any other message in the | forms a 64-bit value that MUST NOT refer to any other message in the | |||
| mailbox or any subsequent mailbox with the same name forever. Unique | mailbox or any subsequent mailbox with the same name forever. Unique | |||
| identifiers are assigned in a strictly ascending fashion in the | identifiers are assigned in a strictly ascending fashion in the | |||
| mailbox; as each message is added to the mailbox it is assigned a | mailbox; as each message is added to the mailbox it is assigned a | |||
| higher UID than the message(s) which were added previously. Unlike | higher UID than the message(s) which were added previously. Unlike | |||
| skipping to change at page 11, line 23 ¶ | skipping to change at page 11, line 23 ¶ | |||
| 3. If the mailbox is deleted/renamed and a new mailbox with the | 3. If the mailbox is deleted/renamed and a new mailbox with the | |||
| same name is created at a later date, the server must either | same name is created at a later date, the server must either | |||
| keep track of unique identifiers from the previous instance of | keep track of unique identifiers from the previous instance of | |||
| the mailbox, or it must assign a new UIDVALIDITY value to the | the mailbox, or it must assign a new UIDVALIDITY value to the | |||
| new instance of the mailbox. | new instance of the mailbox. | |||
| 4. The combination of mailbox name, UIDVALIDITY, and UID must | 4. The combination of mailbox name, UIDVALIDITY, and UID must | |||
| refer to a single immutable (or expunged) message on that | refer to a single immutable (or expunged) message on that | |||
| server forever. In particular, the internal date, [RFC-5322] | server forever. In particular, the internal date, [RFC-5322] | |||
| size, envelope, body structure, and message texts (all | size, envelope, body structure, and message texts (all | |||
| BODY[...] fetch data items) must never change. This does not | BODY[...] fetch data items) MUST never change. This does not | |||
| include message numbers, nor does it include attributes that | include message numbers, nor does it include attributes that | |||
| can be set by a STORE command (e.g., FLAGS). When a message | can be set by a STORE command (e.g., FLAGS). When a message | |||
| is expunged, its UID MUST NOT be reused under the same | is expunged, its UID MUST NOT be reused under the same | |||
| UIDVALIDITY value. | UIDVALIDITY value. | |||
| 2.3.1.2. Message Sequence Number Message Attribute | 2.3.1.2. Message Sequence Number Message Attribute | |||
| A Message Sequence Number is a relative position from 1 to the number | A Message Sequence Number is a relative position from 1 to the number | |||
| of messages in the mailbox. This position MUST be ordered by | of messages in the mailbox. This position MUST be ordered by | |||
| ascending unique identifier. As each new message is added, it is | ascending unique identifier. As each new message is added, it is | |||
| skipping to change at page 13, line 36 ¶ | skipping to change at page 13, line 36 ¶ | |||
| junk filtering applied, including setting the $Junk flag and | junk filtering applied, including setting the $Junk flag and | |||
| placing in the \Junk special-use mailbox (see Section 7.3.1) if | placing in the \Junk special-use mailbox (see Section 7.3.1) if | |||
| available. | available. | |||
| If both the $Phishing flag and the $Junk flag are set, the user | If both the $Phishing flag and the $Junk flag are set, the user | |||
| agent should display an additional warning message to the user. | agent should display an additional warning message to the user. | |||
| Additionally the user agent may display a warning when clicking on | Additionally the user agent may display a warning when clicking on | |||
| any hyperlinks within the message. | any hyperlinks within the message. | |||
| The requirement for both $Phishing and $Junk to be set before a | The requirement for both $Phishing and $Junk to be set before a | |||
| user agent displays a warning is for better backwards | user agent displays a warning is for better backwards | |||
| compatibility with existing clients that understand the $Junk flag | compatibility with existing clients that understand the $Junk flag | |||
| but not the $Phishing flag. This so that when an unextended | but not the $Phishing flag. This is so that when an unextended | |||
| client removes the $Junk flag, an extended client will also show | client removes the $Junk flag, an extended client will also show | |||
| the correct state. See [IMAP-KEYWORDS-REG] for more information. | the correct state. See [IMAP-KEYWORDS-REG] for more information. | |||
| $Junk and $NotJunk are mutually exclusive. If more than one of them | $Junk and $NotJunk are mutually exclusive. If more than one of them | |||
| is set for a message, the client MUST treat this as if none of them | is set for a message, the client MUST treat this as if none of them | |||
| is set and SHOULD unset both of them on the IMAP server. | is set and SHOULD unset both of them on the IMAP server. | |||
| Other registered keywords can be found in the "IMAP and JMAP | Other registered keywords can be found in the "IMAP and JMAP | |||
| Keywords" registry [IMAP-KEYWORDS-REG]. New keywords SHOULD be | Keywords" registry [IMAP-KEYWORDS-REG]. New keywords SHOULD be | |||
| registered in this registry using the procedure specified in | registered in this registry using the procedure specified in | |||
| skipping to change at page 17, line 22 ¶ | skipping to change at page 17, line 22 ¶ | |||
| 4.1. Atom | 4.1. Atom | |||
| An atom consists of one or more non-special characters. | An atom consists of one or more non-special characters. | |||
| 4.1.1. Sequence set and UID set | 4.1.1. Sequence set and UID set | |||
| A set of messages can be referenced by a sequence set containing | A set of messages can be referenced by a sequence set containing | |||
| either message sequence numbers or unique identifiers. See Section 9 | either message sequence numbers or unique identifiers. See Section 9 | |||
| for details. Sequence sets can contain ranges (e.g. "5:50"), an | for details. Sequence sets can contain ranges (e.g. "5:50"), an | |||
| enumeration of specific message/UID numbers, a special symbol "*", or | enumeration of specific message sequence numbers/unique identifiers, | |||
| a combination of the above. | a special symbol "*", or a combination of the above. Note that a | |||
| sequence set never mixes message sequence numbers and unique | ||||
| identifiers in the same representation. | ||||
| A "UID set" is similar to the sequence set of unique identifiers; | A "UID set" is similar to the sequence set of unique identifiers; | |||
| however, the "*" value for a sequence number is not permitted. | however, the "*" value for a sequence number is not permitted. | |||
| 4.2. Number | 4.2. Number | |||
| A number consists of one or more digit characters, and represents a | A number consists of one or more digit characters, and represents a | |||
| numeric value. | numeric value. | |||
| 4.3. String | 4.3. String | |||
| A string is in one of three forms: synchonizing literal, non- | A string is in one of three forms: synchronizing literal, non- | |||
| synchronizing literal or quoted string. The synchronizing literal | synchronizing literal or quoted string. The synchronizing literal | |||
| form is the general form of string. The non-synchronizing literal | form is the general form of string. The non-synchronizing literal | |||
| form is also the general form, but has length limitation. The quoted | form is also the general form, but has length limitation. The quoted | |||
| string form is an alternative that avoids the overhead of processing | string form is an alternative that avoids the overhead of processing | |||
| a literal at the cost of limitations of characters which may be used. | a literal at the cost of limitations of characters which may be used. | |||
| When the distinction between synchronizing and non-synchronizing | When the distinction between synchronizing and non-synchronizing | |||
| literals is not important, this document just uses the term | literals is not important, this document just uses the term | |||
| "literal". | "literal". | |||
| skipping to change at page 22, line 11 ¶ | skipping to change at page 22, line 11 ¶ | |||
| their Personal Namespace. It is the part of the namespace that | their Personal Namespace. It is the part of the namespace that | |||
| belongs to the user that is allocated for mailboxes. If an INBOX | belongs to the user that is allocated for mailboxes. If an INBOX | |||
| exists for a user, it MUST appear within the user's personal | exists for a user, it MUST appear within the user's personal | |||
| namespace. In the typical case, there SHOULD be only one Personal | namespace. In the typical case, there SHOULD be only one Personal | |||
| Namespace per user on a server. | Namespace per user on a server. | |||
| Other Users' Namespace: A namespace that consists of mailboxes from | Other Users' Namespace: A namespace that consists of mailboxes from | |||
| the Personal Namespaces of other users. To access mailboxes in the | the Personal Namespaces of other users. To access mailboxes in the | |||
| Other Users' Namespace, the currently authenticated user MUST be | Other Users' Namespace, the currently authenticated user MUST be | |||
| explicitly granted access rights. For example, it is common for a | explicitly granted access rights. For example, it is common for a | |||
| manager to grant to their secretary access rights to their mailbox. | manager to grant to their administrative support staff access rights | |||
| In the typical case, there SHOULD be only one Other Users' Namespace | to their mailbox. In the typical case, there SHOULD be only one | |||
| per user on a server. | Other Users' Namespace per user on a server. | |||
| Shared Namespace: A namespace that consists of mailboxes that are | Shared Namespace: A namespace that consists of mailboxes that are | |||
| intended to be shared amongst users and do not exist within a user's | intended to be shared amongst users and do not exist within a user's | |||
| Personal Namespace. | Personal Namespace. | |||
| The namespaces a server uses MAY differ on a per-user basis. | The namespaces a server uses MAY differ on a per-user basis. | |||
| 5.1.2.1. Historic Mailbox Namespace Naming Convention | 5.1.2.1. Historic Mailbox Namespace Naming Convention | |||
| By convention, the first hierarchical element of any mailbox name | By convention, the first hierarchical element of any mailbox name | |||
| skipping to change at page 32, line 22 ¶ | skipping to change at page 32, line 22 ¶ | |||
| try another authentication mechanism by issuing another AUTHENTICATE | try another authentication mechanism by issuing another AUTHENTICATE | |||
| command. It MAY also attempt to authenticate by using the LOGIN | command. It MAY also attempt to authenticate by using the LOGIN | |||
| command (see Section 6.2.3 for more detail). In other words, the | command (see Section 6.2.3 for more detail). In other words, the | |||
| client MAY request authentication types in decreasing order of | client MAY request authentication types in decreasing order of | |||
| preference, with the LOGIN command as a last resort. | preference, with the LOGIN command as a last resort. | |||
| The authorization identity passed from the client to the server | The authorization identity passed from the client to the server | |||
| during the authentication exchange is interpreted by the server as | during the authentication exchange is interpreted by the server as | |||
| the user name whose privileges the client is requesting. | the user name whose privileges the client is requesting. | |||
| Example: S: * OK IMAP4rev2 Server | Example: S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI] | |||
| Capabilities | ||||
| C: A001 AUTHENTICATE GSSAPI | C: A001 AUTHENTICATE GSSAPI | |||
| S: + | S: + | |||
| C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBw | C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBw | |||
| MFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0 | MFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0 | |||
| b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYW | b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYW | |||
| Mud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHA | Mud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHA | |||
| cS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJX | cS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJX | |||
| AleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0y | AleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0y | |||
| C/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknb | C/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknb | |||
| I0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhi | I0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhi | |||
| skipping to change at page 32, line 49 ¶ | skipping to change at page 33, line 5 ¶ | |||
| S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMC | S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMC | |||
| AQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0 | AQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0 | |||
| uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg== | uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg== | |||
| C: | C: | |||
| S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHe | S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHe | |||
| ceP2CWY0SR0fAQAgAAQEBAQ= | ceP2CWY0SR0fAQAgAAQEBAQ= | |||
| C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImP | C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImP | |||
| wkhbfa2QteAQAgAG1yYwE= | wkhbfa2QteAQAgAG1yYwE= | |||
| S: A001 OK GSSAPI authentication successful | S: A001 OK GSSAPI authentication successful | |||
| The following example demonstrates use of initial response | ||||
| Example: | ||||
| S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI | ||||
| LOGINDISABLED] Server ready | ||||
| C: A01 STARTTLS | ||||
| S: A01 OK STARTLS completed | ||||
| <TLS negotiation, further commands are under [TLS] layer> | ||||
| C: A02 CAPABILITY | ||||
| S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN | ||||
| S: A02 OK CAPABILITY completed | ||||
| C: A01 AUTHENTICATE PLAIN dGVzdAB0ZXN0AHRlc3Q= | ||||
| S: A001 OK Success (tls protection) | ||||
| Note: The line breaks within server challenges and client responses | Note: The line breaks within server challenges and client responses | |||
| are for editorial clarity and are not in real authenticators. | are for editorial clarity and are not in real authenticators. | |||
| 6.2.3. LOGIN Command | 6.2.3. LOGIN Command | |||
| Arguments: user name | Arguments: user name | |||
| password | password | |||
| Responses: no specific responses for this command | Responses: no specific responses for this command | |||
| skipping to change at page 46, line 22 ¶ | skipping to change at page 46, line 22 ¶ | |||
| name | name | |||
| BAD - command unknown or arguments invalid | BAD - command unknown or arguments invalid | |||
| The LIST command returns a subset of mailbox names from the complete | The LIST command returns a subset of mailbox names from the complete | |||
| set of all mailbox names available to the client. Zero or more | set of all mailbox names available to the client. Zero or more | |||
| untagged LIST responses are returned, containing the name attributes, | untagged LIST responses are returned, containing the name attributes, | |||
| hierarchy delimiter, name, and possible extension information; see | hierarchy delimiter, name, and possible extension information; see | |||
| the description of the LIST response (Section 7.3.1) for more detail. | the description of the LIST response (Section 7.3.1) for more detail. | |||
| The LIST command SHOULD return its data quickly, without undue delay. | The LIST command SHOULD return its data quickly, without undue delay. | |||
| For example, it SHOULD NOT go to excess trouble to calculate the | For example, it should not go to excess trouble to calculate the | |||
| \Marked or \Unmarked status or perform other processing; if each name | \Marked or \Unmarked status or perform other processing; if each name | |||
| requires 1 second of processing, then a list of 1200 names would take | requires 1 second of processing, then a list of 1200 names would take | |||
| 20 minutes! | 20 minutes! | |||
| The extended LIST command, originally introduced in [RFC5258], | The extended LIST command, originally introduced in [RFC5258], | |||
| provides capabilities beyond that of the original IMAP LIST command. | provides capabilities beyond that of the original IMAP LIST command. | |||
| The extended syntax is being used if one or more of the following | The extended syntax is being used if one or more of the following | |||
| conditions is true: | conditions is true: | |||
| 1. if the first word after the command name begins with a | 1. if the first word after the command name begins with a | |||
| skipping to change at page 52, line 45 ¶ | skipping to change at page 52, line 45 ¶ | |||
| B. The mailbox name doesn't satisfy the selection criteria, but | B. The mailbox name doesn't satisfy the selection criteria, but | |||
| it has at least one descendant mailbox name that satisfies | it has at least one descendant mailbox name that satisfies | |||
| the selection criteria and that doesn't match the canonical | the selection criteria and that doesn't match the canonical | |||
| LIST pattern. | LIST pattern. | |||
| For more information on this case, see the CHILDINFO extended | For more information on this case, see the CHILDINFO extended | |||
| data item described in Section 6.3.9.6. Note that the | data item described in Section 6.3.9.6. Note that the | |||
| CHILDINFO extended data item can only be returned when the | CHILDINFO extended data item can only be returned when the | |||
| RECURSIVEMATCH selection option is specified. | RECURSIVEMATCH selection option is specified. | |||
| 3. Attributes returned in the same LIST response must be treated | 3. Attributes returned in the same LIST response are treated | |||
| additively. For example, the following response | additively. For example, the following response | |||
| S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" | S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" | |||
| means that the "Fruit/Peach" mailbox doesn't exist, but it is | means that the "Fruit/Peach" mailbox doesn't exist, but it is | |||
| subscribed. | subscribed. | |||
| 6.3.9.4. Additional LIST-related Requirements on Clients | 6.3.9.4. Additional LIST-related Requirements on Clients | |||
| All clients MUST treat a LIST attribute with a stronger meaning as | All clients MUST treat a LIST attribute with a stronger meaning as | |||
| skipping to change at page 107, line 4 ¶ | skipping to change at page 107, line 4 ¶ | |||
| There is no need for a server that included the special flag \* | There is no need for a server that included the special flag \* | |||
| to return a new PERMANENTFLAGS response code when a new keyword | to return a new PERMANENTFLAGS response code when a new keyword | |||
| was successfully set on a message upon client request. However | was successfully set on a message upon client request. However | |||
| if the server has a limit on the number of different keywords | if the server has a limit on the number of different keywords | |||
| that can be stored in a mailbox and that limit is reached, the | that can be stored in a mailbox and that limit is reached, the | |||
| server MUST send a new PERMANENTFLAGS response code without the | server MUST send a new PERMANENTFLAGS response code without the | |||
| special flag \*. | special flag \*. | |||
| PRIVACYREQUIRED | PRIVACYREQUIRED | |||
| The operation is not permitted due to a lack of privacy. If | The operation is not permitted due to a lack of data | |||
| Transport Layer Security (TLS) is not in use, the client could | confidentiality. If Transport Layer Security (TLS) is not in | |||
| try STARTTLS (see Section 6.2.1) or alternatively reconnect to | use, the client could try STARTTLS (see Section 6.2.1) or | |||
| Implicit TLS port, and then repeat the operation. | alternatively reconnect on Implicit TLS port, and then repeat | |||
| the operation. | ||||
| C: d login "fred" "foo" | C: d login "fred" "foo" | |||
| S: d NO [PRIVACYREQUIRED] Connection offers no privacy | S: d NO [PRIVACYREQUIRED] Connection offers no privacy | |||
| C: d select inbox | C: d select inbox | |||
| S: d NO [PRIVACYREQUIRED] Connection offers no privacy | S: d NO [PRIVACYREQUIRED] Connection offers no privacy | |||
| READ-ONLY | READ-ONLY | |||
| The mailbox is selected read-only, or its access while selected | The mailbox is selected read-only, or its access while selected | |||
| skipping to change at page 126, line 16 ¶ | skipping to change at page 126, line 16 ¶ | |||
| S: + Ready for additional command text | S: + Ready for additional command text | |||
| C: FRED FOOBAR {7} | C: FRED FOOBAR {7} | |||
| S: + Ready for additional command text | S: + Ready for additional command text | |||
| C: fat man | C: fat man | |||
| S: A001 OK LOGIN completed | S: A001 OK LOGIN completed | |||
| C: A044 BLURDYBLOOP {102856} | C: A044 BLURDYBLOOP {102856} | |||
| S: A044 BAD No such command as "BLURDYBLOOP" | S: A044 BAD No such command as "BLURDYBLOOP" | |||
| 8. Sample IMAP4rev2 connection | 8. Sample IMAP4rev2 connection | |||
| The following is a transcript of an IMAP4rev2 connection. A long | The following is a transcript of an IMAP4rev2 connection on a non TLS | |||
| line in this sample is broken for editorial clarity. | port. A long line in this sample is broken for editorial clarity. | |||
| S: * OK IMAP4rev2 Service Ready | S: * OK [CAPABILITY STARTTLS AUTH=SCRAM-SHA-256 LOGINDISABLED | |||
| C: a001 login mrc secret | IMAP4rev2] IMAP4rev2 Service Ready | |||
| S: a001 OK LOGIN completed | C: a000 starttls | |||
| S: a000 OK Proceed with TLS negotiation | ||||
| <TLS negotiation> | ||||
| C: A001 AUTHENTICATE SCRAM-SHA-256 | ||||
| biwsbj11c2VyLHI9ck9wck5HZndFYmVSV2diTkVrcU8= | ||||
| S: + cj1yT3ByTkdmd0ViZVJXZ2JORWtxTyVodllEcFdVYTJSYVRDQWZ1eEZJbGopaE5s | ||||
| RiRrMCxzPVcyMlphSjBTTlk3c29Fc1VFamI2Z1E9PSxpPTQwOTYNCg== | ||||
| C: Yz1iaXdzLHI9ck9wck5HZndFYmVSV2diTkVrcU8laHZZRHBXVWEyUmFUQ0FmdXhG | ||||
| SWxqKWhObEYkazAscD1kSHpiWmFwV0lrNGpVaE4rVXRlOXl0YWc5empmTUhnc3Ft | ||||
| bWl6N0FuZFZRPQ== | ||||
| S: + dj02cnJpVFJCaTIzV3BSUi93dHVwK21NaFVaVW4vZEI1bkxUSlJzamw5NUc0PQ== | ||||
| C: | ||||
| S: A001 OK SCRAM-SHA-256 authentication successful | ||||
| C: babc ENABLE IMAP4rev2 | ||||
| S: * ENABLED IMAP4rev2 | ||||
| S: babc OK Some capabilities enabled | ||||
| C: a002 select inbox | C: a002 select inbox | |||
| S: * 18 EXISTS | S: * 18 EXISTS | |||
| S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) | S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) | |||
| S: * OK [UIDVALIDITY 3857529045] UIDs valid | S: * OK [UIDVALIDITY 3857529045] UIDs valid | |||
| S: * LIST () "/" INBOX ("OLDNAME" ("inbox")) | S: * LIST () "/" INBOX ("OLDNAME" ("inbox")) | |||
| S: a002 OK [READ-WRITE] SELECT completed | S: a002 OK [READ-WRITE] SELECT completed | |||
| C: a003 fetch 12 full | C: a003 fetch 12 full | |||
| S: * 12 FETCH (FLAGS (\Seen) INTERNALDATE "17-Jul-1996 02:44:25 -0700" | S: * 12 FETCH (FLAGS (\Seen) INTERNALDATE "17-Jul-1996 02:44:25 -0700" | |||
| RFC822.SIZE 4286 ENVELOPE ("Wed, 17 Jul 1996 02:23:25 -0700 (PDT)" | RFC822.SIZE 4286 ENVELOPE ("Wed, 17 Jul 1996 02:23:25 -0700 (PDT)" | |||
| "IMAP4rev2 WG mtg summary and minutes" | "IMAP4rev2 WG mtg summary and minutes" | |||
| skipping to change at page 146, line 8 ¶ | skipping to change at page 145, line 34 ¶ | |||
| 10. Author's Note | 10. Author's Note | |||
| This document is a revision or rewrite of earlier documents, and | This document is a revision or rewrite of earlier documents, and | |||
| supercedes the protocol specification in those documents: RFC 3501, | supercedes the protocol specification in those documents: RFC 3501, | |||
| RFC 2060, RFC 1730, unpublished IMAP2bis.TXT document, RFC 1176, and | RFC 2060, RFC 1730, unpublished IMAP2bis.TXT document, RFC 1176, and | |||
| RFC 1064. | RFC 1064. | |||
| 11. Security Considerations | 11. Security Considerations | |||
| IMAP4rev2 protocol transactions, including electronic mail data, are | IMAP4rev2 protocol transactions, including electronic mail data, are | |||
| sent in the clear over the network unless protection from snooping is | sent in the clear over the network exposing them to possible | |||
| negotiated. This can be accomplished either by the use of Implicit | eavesdropping and manipulation unless protection is negotiated. This | |||
| TLS port, STARTTLS command, negotiated privacy protection in the | can be accomplished either by the use of Implicit TLS port, STARTTLS | |||
| AUTHENTICATE command, or some other protection mechanism. | command, negotiated privacy protection in the AUTHENTICATE command, | |||
| or some other protection mechanism. | ||||
| 11.1. TLS related Security Considerations | 11.1. TLS related Security Considerations | |||
| This section applies to both use of STARTTLS command and Implicit TLS | This section applies to both use of STARTTLS command and Implicit TLS | |||
| port. | port. | |||
| IMAP client and server implementations MUST comply with relevant TLS | IMAP client and server implementations MUST comply with relevant TLS | |||
| recommendations from [RFC8314]. | recommendations from [RFC8314]. | |||
| Clients and servers MUST implement TLS 1.2 [TLS-1.2] or newer. Use | Clients and servers MUST implement TLS 1.2 [TLS-1.2] or newer. Use | |||
| of TLS 1.3 [TLS-1.3] is RECOMMENDED. TLS 1.2 may be used only in | of TLS 1.3 [TLS-1.3] is RECOMMENDED. TLS 1.2 may be used only in | |||
| cases where the other party has not yet implemented TLS 1.3. | cases where the other party has not yet implemented TLS 1.3. | |||
| Additionally, when using TLS 1.2, IMAP implementations MUST implement | Additionally, when using TLS 1.2, IMAP implementations MUST implement | |||
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite. This is | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite. This is | |||
| important as it assures that any two compliant implementations can be | important as it assures that any two compliant implementations can be | |||
| configured to interoperate. Other TLS cipher suites recommended in | configured to interoperate. Other TLS cipher suites recommended in | |||
| RFC 7525 are RECOMMENDED: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, | RFC 7525 [RFC7525] are RECOMMENDED: | |||
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, | ||||
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and | |||
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are | |||
| OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS]. | OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS]. | |||
| The list of mandatory-to-implement TLS 1.3 cipher suites is described | The list of mandatory-to-implement TLS 1.3 cipher suites is described | |||
| in Section 9.1 of [TLS-1.3]. | in Section 9.1 of [TLS-1.3]. | |||
| During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check | During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check | |||
| its understanding of the server hostname against the server's | its understanding of the server hostname against the server's | |||
| identity as presented in the server Certificate message, in order to | identity as presented in the server Certificate message, in order to | |||
| prevent man-in-the-middle attacks. This procedure is described in | prevent on-path attackers attempting to masquerade as the server. | |||
| [RFC7817]. | This procedure is described in [RFC7817]. | |||
| Both the client and server MUST check the result of the STARTTLS | Both the client and server MUST check the result of the STARTTLS | |||
| command and subsequent TLS ([TLS-1.3][TLS-1.2]) negotiation to see | command and subsequent TLS ([TLS-1.3][TLS-1.2]) negotiation to see | |||
| whether acceptable authentication and/or privacy was achieved. | whether acceptable authentication and/or privacy was achieved. | |||
| 11.2. STARTTLS command versa use of Implicit TLS port | 11.2. STARTTLS command versa use of Implicit TLS port | |||
| For maximum backward compatibility clients MUST implement both TLS | For maximum backward compatibility clients MUST implement both TLS | |||
| negotiation on implicit TLS port and TLS negotiation using STARTTLS | negotiation on implicit TLS port and TLS negotiation using STARTTLS | |||
| command. | command. | |||
| Servers MUST implement TLS negotiation on implicit TLS port and | Servers MUST implement TLS negotiation on implicit TLS port and | |||
| SHOULD implement STARTTLS command on cleartext port. | SHOULD implement STARTTLS command on cleartext port. | |||
| Some site/firewall maintainers insist on TLS site-wide and prefer not | Some site/firewall maintainers insist on TLS site-wide and prefer not | |||
| to rely on a configuration option in each higher-level protocol. For | to rely on a configuration option in each higher-level protocol. For | |||
| this reason, IMAP4rev2 clients SHOULD try both ports 993 and 143 (and | this reason, IMAP4rev2 clients SHOULD try both ports 993 and 143 (and | |||
| both IPv4 and IPv6) concurrently by default, unless overriden by | both IPv4 and IPv6) concurrently by default, unless overridden by | |||
| either user configuration or DNS SRV records [RFC6186]. Note that if | either user configuration or DNS SRV records [RFC6186]. Note that if | |||
| a server answers on both ports, it MUST allow STARTTLS command on | a server answers on both ports, it MUST allow STARTTLS command on | |||
| port 143. | port 143. | |||
| 11.3. Client handling of unsolicited responses not suitable for the | 11.3. Client handling of unsolicited responses not suitable for the | |||
| current connection state | current connection state | |||
| Cleartext mail transmission (whether caused by firewall configuration | Cleartext mail transmission (whether caused by firewall configuration | |||
| errors that result in TLS stripping or weak security policies in | errors that result in TLS stripping or weak security policies in | |||
| email clients that choose not to negotiate TLS in the first place) | email clients that choose not to negotiate TLS in the first place) | |||
| can enable injection of responses that can confuse or even cause | can enable injection of responses that can confuse or even cause | |||
| crashes in email clients. The following measures are recommended to | crashes in email clients. The following measures are recommended to | |||
| minimize damage from them. | minimize damage from them. | |||
| See Section 7.1.4 for special security considerations related to | See Section 7.1.4 for special security considerations related to | |||
| PREAUTH response. | PREAUTH response. | |||
| Many server responses and response codes are only meaningful in | Many server responses and response codes are only meaningful in | |||
| authenticated or even selected state. However, nothing prevents a | authenticated or even selected state. However, nothing prevents a | |||
| server (or a man-in-the-middle attacker) from sending such invalid | server (or an on-path attacker) from sending such invalid | |||
| responses in cleartext before STARTTLS/AUTHENTICATE commands are | responses in cleartext before STARTTLS/AUTHENTICATE commands are | |||
| issued. Before authentication clients SHOULD ignore any responses | issued. Before authentication clients SHOULD ignore any responses | |||
| other than CAPABILITY and server status responses (Section 7.1), | other than CAPABILITY and server status responses (Section 7.1), | |||
| as well as any response codes other than CAPABILITY. Client | as well as any response codes other than CAPABILITY. Client | |||
| SHOULD ignore the ALERT response code until after TLS has been | SHOULD ignore the ALERT response code until after TLS has been | |||
| successfully negotiated (whether using STARTTLS or TLS negotiation | successfully negotiated (whether using STARTTLS or TLS negotiation | |||
| on implicit TLS port). Unless explicitly allowed by an IMAP | on implicit TLS port). Unless explicitly allowed by an IMAP | |||
| extension, when not in selected state clients MUST ignore | extension, when not in selected state clients MUST ignore | |||
| responses/response codes related to message and mailbox status | responses/response codes related to message and mailbox status | |||
| such as FLAGS, EXIST, EXPUNGE and FETCH. | such as FLAGS, EXIST, EXPUNGE and FETCH. | |||
| skipping to change at page 150, line 51 ¶ | skipping to change at page 150, line 33 ¶ | |||
| Protocol version 4 - LIST Command Extensions", RFC 5258, | Protocol version 4 - LIST Command Extensions", RFC 5258, | |||
| DOI 10.17487/RFC5258, June 2008, | DOI 10.17487/RFC5258, June 2008, | |||
| <https://www.rfc-editor.org/info/rfc5258>. | <https://www.rfc-editor.org/info/rfc5258>. | |||
| [RFC5788] Melnikov, A. and D. Cridland, "IMAP4 Keyword Registry", | [RFC5788] Melnikov, A. and D. Cridland, "IMAP4 Keyword Registry", | |||
| RFC 5788, DOI 10.17487/RFC5788, March 2010, | RFC 5788, DOI 10.17487/RFC5788, March 2010, | |||
| <https://www.rfc-editor.org/info/rfc5788>. | <https://www.rfc-editor.org/info/rfc5788>. | |||
| [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax | [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax | |||
| Specifications: ABNF", STD 68, RFC 5234, January 2008, | Specifications: ABNF", STD 68, RFC 5234, January 2008, | |||
| <http://www.rfc-editor.org/info/rfc5234>. | <https://www.rfc-editor.org/info/rfc5234>. | |||
| [ANONYMOUS] | [ANONYMOUS] | |||
| Zeilenga, K., "Anonymous Simple Authentication and | Zeilenga, K., "Anonymous Simple Authentication and | |||
| Security Layer (SASL) Mechanism", RFC 4505, June 2006, | Security Layer (SASL) Mechanism", RFC 4505, June 2006, | |||
| <http://www.rfc-editor.org/info/rfc4505>. | <https://www.rfc-editor.org/info/rfc4505>. | |||
| [CHARSET] Freed, N. and J. Postel, "IANA Charset Registration | [CHARSET] Freed, N. and J. Postel, "IANA Charset Registration | |||
| Procedures", BCP 19, RFC 2978, October 2000, | Procedures", BCP 19, RFC 2978, October 2000, | |||
| <http://www.rfc-editor.org/info/rfc2978>. | <https://www.rfc-editor.org/info/rfc2978>. | |||
| [SCRAM-SHA-256] | [SCRAM-SHA-256] | |||
| Hansen, T., "SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple | Hansen, T., "SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple | |||
| Authentication and Security Layer (SASL) Mechanisms", | Authentication and Security Layer (SASL) Mechanisms", | |||
| RFC 7677, DOI 10.17487/RFC7677, November 2015, | RFC 7677, DOI 10.17487/RFC7677, November 2015, | |||
| <https://www.rfc-editor.org/info/rfc7677>. | <https://www.rfc-editor.org/info/rfc7677>. | |||
| [DISPOSITION] | [DISPOSITION] | |||
| Troost, R., Dorner, S., and K. Moore, Ed., "Communicating | Troost, R., Dorner, S., and K. Moore, Ed., "Communicating | |||
| Presentation Information in Internet Messages: The | Presentation Information in Internet Messages: The | |||
| Content-Disposition Header Field", RFC 2183, August 1997, | Content-Disposition Header Field", RFC 2183, August 1997, | |||
| <http://www.rfc-editor.org/info/rfc2183>. | <https://www.rfc-editor.org/info/rfc2183>. | |||
| [PLAIN] Zeilenga, K., Ed., "The PLAIN Simple Authentication and | [PLAIN] Zeilenga, K., Ed., "The PLAIN Simple Authentication and | |||
| Security Layer (SASL) Mechanism", RFC 4616, August 2006, | Security Layer (SASL) Mechanism", RFC 4616, August 2006, | |||
| <http://www.rfc-editor.org/info/rfc4616>. | <https://www.rfc-editor.org/info/rfc4616>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [LANGUAGE-TAGS] | [LANGUAGE-TAGS] | |||
| Alvestrand, H., "Content Language Headers", RFC 3282, May | Alvestrand, H., "Content Language Headers", RFC 3282, May | |||
| 2002, <http://www.rfc-editor.org/info/rfc3282>. | 2002, <https://www.rfc-editor.org/info/rfc3282>. | |||
| [LOCATION] | [LOCATION] | |||
| Palme, J., Hopmann, A., and N. Shelness, "MIME | Palme, J., Hopmann, A., and N. Shelness, "MIME | |||
| Encapsulation of Aggregate Documents, such as HTML | Encapsulation of Aggregate Documents, such as HTML | |||
| (MHTML)", RFC 2557, March 1999, | (MHTML)", RFC 2557, March 1999, | |||
| <http://www.rfc-editor.org/info/rfc2557>. | <https://www.rfc-editor.org/info/rfc2557>. | |||
| [MD5] Myers, J. and M. Rose, "The Content-MD5 Header Field", | [MD5] Myers, J. and M. Rose, "The Content-MD5 Header Field", | |||
| RFC 1864, October 1995, | RFC 1864, October 1995, | |||
| <http://www.rfc-editor.org/info/rfc1864>. | <https://www.rfc-editor.org/info/rfc1864>. | |||
| [MIME-HDRS] | [MIME-HDRS] | |||
| Moore, K., "MIME (Multipurpose Internet Mail Extensions) | Moore, K., "MIME (Multipurpose Internet Mail Extensions) | |||
| Part Three: Message Header Extensions for Non-ASCII Text", | Part Three: Message Header Extensions for Non-ASCII Text", | |||
| RFC 2047, November 1996, | RFC 2047, November 1996, | |||
| <http://www.rfc-editor.org/info/rfc2047>. | <https://www.rfc-editor.org/info/rfc2047>. | |||
| [MIME-IMB] | [MIME-IMB] | |||
| Freed, N. and N. Borenstein, "Multipurpose Internet Mail | Freed, N. and N. Borenstein, "Multipurpose Internet Mail | |||
| Extensions (MIME) Part One: Format of Internet Message | Extensions (MIME) Part One: Format of Internet Message | |||
| Bodies", RFC 2045, November 1996, | Bodies", RFC 2045, November 1996, | |||
| <http://www.rfc-editor.org/info/rfc2045>. | <https://www.rfc-editor.org/info/rfc2045>. | |||
| [MIME-IMT] | [MIME-IMT] | |||
| Freed, N. and N. Borenstein, "Multipurpose Internet Mail | Freed, N. and N. Borenstein, "Multipurpose Internet Mail | |||
| Extensions (MIME) Part Two: Media Types", RFC 2046, | Extensions (MIME) Part Two: Media Types", RFC 2046, | |||
| November 1996, <http://www.rfc-editor.org/info/rfc2046>. | November 1996, <https://www.rfc-editor.org/info/rfc2046>. | |||
| [RFC2231] Freed, N. and K. Moore, "MIME Parameter Value and Encoded | [RFC2231] Freed, N. and K. Moore, "MIME Parameter Value and Encoded | |||
| Word Extensions: Character Sets, Languages, and | Word Extensions: Character Sets, Languages, and | |||
| Continuations", RFC 2231, DOI 10.17487/RFC2231, November | Continuations", RFC 2231, DOI 10.17487/RFC2231, November | |||
| 1997, <https://www.rfc-editor.org/info/rfc2231>. | 1997, <https://www.rfc-editor.org/info/rfc2231>. | |||
| [RFC-5322] | [RFC-5322] | |||
| Resnick, P., Ed., "Internet Message Format", RFC 5322, | Resnick, P., Ed., "Internet Message Format", RFC 5322, | |||
| October 2008, <http://www.rfc-editor.org/info/rfc5322>. | October 2008, <https://www.rfc-editor.org/info/rfc5322>. | |||
| [SASL] Melnikov, A., Ed. and K. Zeilenga, Ed., "Simple | [SASL] Melnikov, A., Ed. and K. Zeilenga, Ed., "Simple | |||
| Authentication and Security Layer (SASL)", RFC 4422, June | Authentication and Security Layer (SASL)", RFC 4422, June | |||
| 2006, <http://www.rfc-editor.org/info/rfc4422>. | 2006, <https://www.rfc-editor.org/info/rfc4422>. | |||
| [TLS-1.2] Dierks, T. and E. Rescorla, "The Transport Layer Security | [TLS-1.2] Dierks, T. and E. Rescorla, "The Transport Layer Security | |||
| (TLS) Protocol Version 1.2", RFC 5246, August 2008, | (TLS) Protocol Version 1.2", RFC 5246, August 2008, | |||
| <http://www.rfc-editor.org/info/rfc5246>. | <https://www.rfc-editor.org/info/rfc5246>. | |||
| [TLS-1.3] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [TLS-1.3] Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | |||
| <https://www.rfc-editor.org/info/rfc8446>. | <https://www.rfc-editor.org/info/rfc8446>. | |||
| [UTF-7] Goldsmith, D. and M. Davis, "UTF-7 A Mail-Safe | [UTF-7] Goldsmith, D. and M. Davis, "UTF-7 A Mail-Safe | |||
| Transformation Format of Unicode", RFC 2152, May 1997, | Transformation Format of Unicode", RFC 2152, May 1997, | |||
| <http://www.rfc-editor.org/info/rfc2152>. | <https://www.rfc-editor.org/info/rfc2152>. | |||
| [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO | [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO | |||
| 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November | 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November | |||
| 2003, <http://www.rfc-editor.org/info/rfc3629>. | 2003, <https://www.rfc-editor.org/info/rfc3629>. | |||
| [MULTIAPPEND] | [MULTIAPPEND] | |||
| Crispin, M., "Internet Message Access Protocol (IMAP) - | Crispin, M., "Internet Message Access Protocol (IMAP) - | |||
| MULTIAPPEND Extension", RFC 3502, March 2003, | MULTIAPPEND Extension", RFC 3502, March 2003, | |||
| <http://www.rfc-editor.org/info/rfc3502>. | <https://www.rfc-editor.org/info/rfc3502>. | |||
| [NET-UNICODE] | [NET-UNICODE] | |||
| Klensin, J. and M. Padlipsky, "Unicode Format for Network | Klensin, J. and M. Padlipsky, "Unicode Format for Network | |||
| Interchange", RFC 5198, DOI 10.17487/RFC5198, March 2008, | Interchange", RFC 5198, DOI 10.17487/RFC5198, March 2008, | |||
| <https://www.rfc-editor.org/info/rfc5198>. | <https://www.rfc-editor.org/info/rfc5198>. | |||
| [I18N-HDRS] | [I18N-HDRS] | |||
| Yang, A., Steele, S., and N. Freed, "Internationalized | Yang, A., Steele, S., and N. Freed, "Internationalized | |||
| Email Headers", RFC 6532, DOI 10.17487/RFC6532, February | Email Headers", RFC 6532, DOI 10.17487/RFC6532, February | |||
| 2012, <https://www.rfc-editor.org/info/rfc6532>. | 2012, <https://www.rfc-editor.org/info/rfc6532>. | |||
| [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data | [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data | |||
| Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, | Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, | |||
| <https://www.rfc-editor.org/info/rfc4648>. | <https://www.rfc-editor.org/info/rfc4648>. | |||
| [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, | ||||
| "Recommendations for Secure Use of Transport Layer | ||||
| Security (TLS) and Datagram Transport Layer Security | ||||
| (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May | ||||
| 2015, <https://www.rfc-editor.org/info/rfc7525>. | ||||
| [RFC7817] Melnikov, A., "Updated Transport Layer Security (TLS) | [RFC7817] Melnikov, A., "Updated Transport Layer Security (TLS) | |||
| Server Identity Check Procedure for Email-Related | Server Identity Check Procedure for Email-Related | |||
| Protocols", RFC 7817, DOI 10.17487/RFC7817, March 2016, | Protocols", RFC 7817, DOI 10.17487/RFC7817, March 2016, | |||
| <https://www.rfc-editor.org/info/rfc7817>. | <https://www.rfc-editor.org/info/rfc7817>. | |||
| [RFC8098] Hansen, T., Ed. and A. Melnikov, Ed., "Message Disposition | [RFC8098] Hansen, T., Ed. and A. Melnikov, Ed., "Message Disposition | |||
| Notification", STD 85, RFC 8098, DOI 10.17487/RFC8098, | Notification", STD 85, RFC 8098, DOI 10.17487/RFC8098, | |||
| February 2017, <https://www.rfc-editor.org/info/rfc8098>. | February 2017, <https://www.rfc-editor.org/info/rfc8098>. | |||
| [RFC8314] Moore, K. and C. Newman, "Cleartext Considered Obsolete: | [RFC8314] Moore, K. and C. Newman, "Cleartext Considered Obsolete: | |||
| Use of Transport Layer Security (TLS) for Email Submission | Use of Transport Layer Security (TLS) for Email Submission | |||
| and Access", RFC 8314, DOI 10.17487/RFC8314, January 2018, | and Access", RFC 8314, DOI 10.17487/RFC8314, January 2018, | |||
| <https://www.rfc-editor.org/info/rfc8314>. | <https://www.rfc-editor.org/info/rfc8314>. | |||
| [IMAP-IMPLEMENTATION] | [IMAP-IMPLEMENTATION] | |||
| Leiba, B., "IMAP4 Implementation Recommendations", | Leiba, B., "IMAP4 Implementation Recommendations", | |||
| RFC 2683, September 1999, | RFC 2683, September 1999, | |||
| <http://www.rfc-editor.org/info/rfc2683>. | <https://www.rfc-editor.org/info/rfc2683>. | |||
| [IMAP-MULTIACCESS] | [IMAP-MULTIACCESS] | |||
| Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice", | Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice", | |||
| RFC 2180, July 1997, | RFC 2180, July 1997, | |||
| <http://www.rfc-editor.org/info/rfc2180>. | <https://www.rfc-editor.org/info/rfc2180>. | |||
| 13.2. Informative References (related protocols) | 13.2. Informative References (related protocols) | |||
| [CERT-555316] | [CERT-555316] | |||
| CERT, "Vulnerability Note VU#555316: STARTTLS plaintext | CERT, "Vulnerability Note VU#555316: STARTTLS plaintext | |||
| command injection vulnerability", September 2011, | command injection vulnerability", September 2011, | |||
| <https://www.kb.cert.org/vuls/id/555316>. | <https://www.kb.cert.org/vuls/id/555316>. | |||
| [RFC2193] Gahrns, M., "IMAP4 Mailbox Referrals", RFC 2193, | [RFC2193] Gahrns, M., "IMAP4 Mailbox Referrals", RFC 2193, | |||
| DOI 10.17487/RFC2193, September 1997, | DOI 10.17487/RFC2193, September 1997, | |||
| skipping to change at page 154, line 45 ¶ | skipping to change at page 154, line 36 ¶ | |||
| DOI 10.17487/RFC6186, March 2011, | DOI 10.17487/RFC6186, March 2011, | |||
| <https://www.rfc-editor.org/info/rfc6186>. | <https://www.rfc-editor.org/info/rfc6186>. | |||
| [RFC7888] Melnikov, A., Ed., "IMAP4 Non-synchronizing Literals", | [RFC7888] Melnikov, A., Ed., "IMAP4 Non-synchronizing Literals", | |||
| RFC 7888, DOI 10.17487/RFC7888, May 2016, | RFC 7888, DOI 10.17487/RFC7888, May 2016, | |||
| <https://www.rfc-editor.org/info/rfc7888>. | <https://www.rfc-editor.org/info/rfc7888>. | |||
| [IMAP-DISC] | [IMAP-DISC] | |||
| Melnikov, A., Ed., "Synchronization Operations for | Melnikov, A., Ed., "Synchronization Operations for | |||
| Disconnected IMAP4 Clients", RFC 4549, June 2006, | Disconnected IMAP4 Clients", RFC 4549, June 2006, | |||
| <http://www.rfc-editor.org/info/rfc4549>. | <https://www.rfc-editor.org/info/rfc4549>. | |||
| [IMAP-I18N] | [IMAP-I18N] | |||
| Newman, C., Gulbrandsen, A., and A. Melnikov, "Internet | Newman, C., Gulbrandsen, A., and A. Melnikov, "Internet | |||
| Message Access Protocol Internationalization", RFC 5255, | Message Access Protocol Internationalization", RFC 5255, | |||
| DOI 10.17487/RFC5255, June 2008, | DOI 10.17487/RFC5255, June 2008, | |||
| <http://www.rfc-editor.org/info/rfc5255>. | <https://www.rfc-editor.org/info/rfc5255>. | |||
| [IMAP-MODEL] | [IMAP-MODEL] | |||
| Crispin, M., "Distributed Electronic Mail Models in | Crispin, M., "Distributed Electronic Mail Models in | |||
| IMAP4", RFC 1733, December 1994, | IMAP4", RFC 1733, December 1994, | |||
| <http://www.rfc-editor.org/info/rfc1733>. | <https://www.rfc-editor.org/info/rfc1733>. | |||
| [IMAP-UTF-8] | [IMAP-UTF-8] | |||
| Resnick, P., Ed., Newman, C., Ed., and S. Shen, Ed., "IMAP | Resnick, P., Ed., Newman, C., Ed., and S. Shen, Ed., "IMAP | |||
| Support for UTF-8", RFC 6855, DOI 10.17487/RFC6855, March | Support for UTF-8", RFC 6855, DOI 10.17487/RFC6855, March | |||
| 2013, <http://www.rfc-editor.org/info/rfc6855>. | 2013, <https://www.rfc-editor.org/info/rfc6855>. | |||
| [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, | [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, | |||
| October 2008, <http://www.rfc-editor.org/info/rfc5321>. | October 2008, <https://www.rfc-editor.org/info/rfc5321>. | |||
| [RFC3516] Nerenberg, L., "IMAP4 Binary Content Extension", RFC 3516, | [RFC3516] Nerenberg, L., "IMAP4 Binary Content Extension", RFC 3516, | |||
| DOI 10.17487/RFC3516, April 2003, | DOI 10.17487/RFC3516, April 2003, | |||
| <https://www.rfc-editor.org/info/rfc3516>. | <https://www.rfc-editor.org/info/rfc3516>. | |||
| [RFC4314] Melnikov, A., "IMAP4 Access Control List (ACL) Extension", | [RFC4314] Melnikov, A., "IMAP4 Access Control List (ACL) Extension", | |||
| RFC 4314, December 2005, | RFC 4314, December 2005, | |||
| <http://www.rfc-editor.org/info/rfc4314>. | <https://www.rfc-editor.org/info/rfc4314>. | |||
| [RFC2087] Myers, J., "IMAP4 QUOTA extension", RFC 2087, January | [RFC2087] Myers, J., "IMAP4 QUOTA extension", RFC 2087, January | |||
| 1997, <http://www.rfc-editor.org/info/rfc2087>. | 1997, <https://www.rfc-editor.org/info/rfc2087>. | |||
| [IMAP-URL] | [IMAP-URL] | |||
| Melnikov, A., Ed. and C. Newman, "IMAP URL Scheme", | Melnikov, A., Ed. and C. Newman, "IMAP URL Scheme", | |||
| RFC 5092, DOI 10.17487/RFC5092, November 2007, | RFC 5092, DOI 10.17487/RFC5092, November 2007, | |||
| <http://www.rfc-editor.org/info/rfc5092>. | <https://www.rfc-editor.org/info/rfc5092>. | |||
| [IMAP-KEYWORDS-REG] | [IMAP-KEYWORDS-REG] | |||
| IANA, "IMAP and JMAP Keywords", December 2009, | IANA, "IMAP and JMAP Keywords", December 2009, | |||
| <https://www.iana.org/assignments/imap-jmap-keywords/imap- | <https://www.iana.org/assignments/imap-jmap-keywords/imap- | |||
| jmap-keywords.xhtml>. | jmap-keywords.xhtml>. | |||
| [IMAP-MAILBOX-NAME-ATTRS-REG] | [IMAP-MAILBOX-NAME-ATTRS-REG] | |||
| IANA, "IMAP Mailbox Name Attributes", June 2018, | IANA, "IMAP Mailbox Name Attributes", June 2018, | |||
| <https://www.iana.org/assignments/imap-mailbox-name- | <https://www.iana.org/assignments/imap-mailbox-name- | |||
| attributes/imap-mailbox-name-attributes.xhtml>. | attributes/imap-mailbox-name-attributes.xhtml>. | |||
| skipping to change at page 156, line 15 ¶ | skipping to change at page 155, line 49 ¶ | |||
| 13.3. Informative References (historical aspects of IMAP and related | 13.3. Informative References (historical aspects of IMAP and related | |||
| protocols) | protocols) | |||
| [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION | [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION | |||
| 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, | 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, | |||
| <https://www.rfc-editor.org/info/rfc3501>. | <https://www.rfc-editor.org/info/rfc3501>. | |||
| [IMAP-COMPAT] | [IMAP-COMPAT] | |||
| Crispin, M., "IMAP4 Compatibility with IMAP2bis", | Crispin, M., "IMAP4 Compatibility with IMAP2bis", | |||
| RFC 2061, December 1996, | RFC 2061, December 1996, | |||
| <http://www.rfc-editor.org/info/rfc2061>. | <https://www.rfc-editor.org/info/rfc2061>. | |||
| [IMAP-HISTORICAL] | [IMAP-HISTORICAL] | |||
| Crispin, M., "IMAP4 Compatibility with IMAP2 and | Crispin, M., "IMAP4 Compatibility with IMAP2 and | |||
| IMAP2bis", RFC 1732, December 1994, | IMAP2bis", RFC 1732, December 1994, | |||
| <http://www.rfc-editor.org/info/rfc1732>. | <https://www.rfc-editor.org/info/rfc1732>. | |||
| [IMAP2BIS] | ||||
| Crispin, M., "INTERACTIVE MAIL ACCESS PROTOCOL - VERSION | ||||
| 2bis", draft-ietf-imap-imap2bis-02 (work in progress), | ||||
| October 1993, <https://www.ietf.org/archive/id/draft-ietf- | ||||
| imap-imap2bis-02.txt>. | ||||
| [IMAP-OBSOLETE] | [IMAP-OBSOLETE] | |||
| Crispin, M., "Internet Message Access Protocol - Obsolete | Crispin, M., "Internet Message Access Protocol - Obsolete | |||
| Syntax", RFC 2062, December 1996, | Syntax", RFC 2062, December 1996, | |||
| <http://www.rfc-editor.org/info/rfc2062>. | <https://www.rfc-editor.org/info/rfc2062>. | |||
| [IMAP2] Crispin, M., "Interactive Mail Access Protocol: Version | [IMAP2] Crispin, M., "Interactive Mail Access Protocol: Version | |||
| 2", RFC 1176, August 1990, | 2", RFC 1176, August 1990, | |||
| <http://www.rfc-editor.org/info/rfc1176>. | <https://www.rfc-editor.org/info/rfc1176>. | |||
| [RFC-822] Crocker, D., "STANDARD FOR THE FORMAT OF ARPA INTERNET | [RFC-822] Crocker, D., "STANDARD FOR THE FORMAT OF ARPA INTERNET | |||
| TEXT MESSAGES", STD 11, RFC 822, August 1982, | TEXT MESSAGES", STD 11, RFC 822, August 1982, | |||
| <http://www.rfc-editor.org/info/rfc822>. | <https://www.rfc-editor.org/info/rfc822>. | |||
| [IMAP-TLS] | [IMAP-TLS] | |||
| Newman, C., "Using TLS with IMAP, POP3 and ACAP", | Newman, C., "Using TLS with IMAP, POP3 and ACAP", | |||
| RFC 2595, June 1999, | RFC 2595, June 1999, | |||
| <http://www.rfc-editor.org/info/rfc2595>. | <https://www.rfc-editor.org/info/rfc2595>. | |||
| Appendix A. Backward compatibility with IMAP4rev1 | Appendix A. Backward compatibility with IMAP4rev1 | |||
| An implementation that wants to remain compatible with IMAP4rev1 can | An implementation that wants to remain compatible with IMAP4rev1 can | |||
| advertise both IMAP4rev1 and IMAP4rev2 in its CAPABILITY response/ | advertise both IMAP4rev1 and IMAP4rev2 in its CAPABILITY response/ | |||
| response code. While some IMAP4rev1 responses were removed in | response code. While some IMAP4rev1 responses were removed in | |||
| IMAP4rev2, their presence will not break IMAP4rev2-only clients. | IMAP4rev2, their presence will not break IMAP4rev2-only clients. | |||
| If both IMAP4rev1 and IMAP4rev2 are advertised, an IMAP client that | If both IMAP4rev1 and IMAP4rev2 are advertised, an IMAP client that | |||
| wants to use IMAP4rev2 MUST issue an "ENABLE IMAP4rev2" command. | wants to use IMAP4rev2 MUST issue an "ENABLE IMAP4rev2" command. | |||
| skipping to change at page 162, line 23 ¶ | skipping to change at page 162, line 16 ¶ | |||
| Earlier versions of this document were edited by Mark Crispin. | Earlier versions of this document were edited by Mark Crispin. | |||
| Sadly, he is no longer available to help with this work. Editors of | Sadly, he is no longer available to help with this work. Editors of | |||
| this revisions are hoping that Mark would have approved. | this revisions are hoping that Mark would have approved. | |||
| Chris Newman has contributed text on I18N and use of UTF-8 in | Chris Newman has contributed text on I18N and use of UTF-8 in | |||
| messages and mailbox names. | messages and mailbox names. | |||
| Thank you to Tony Hansen for helping with the index generation. | Thank you to Tony Hansen for helping with the index generation. | |||
| Thank you to Murray Kucherawy, Timo Sirainen, Bron Gondwana, Stephan | Thank you to Murray Kucherawy, Timo Sirainen, Bron Gondwana, Stephan | |||
| Bosch, Robert Sparks, Arnt Gulbrandsen and Daniel Migault for | Bosch, Robert Sparks, Arnt Gulbrandsen, Daniel Migault, Roman Danyliw | |||
| extensive feedback. | and Eric Vyncke for extensive feedback. | |||
| This document incorporates text from RFC 4315 (by Mark Crispin), RFC | This document incorporates text from RFC 4315 (by Mark Crispin), RFC | |||
| 4466 (by Cyrus Daboo), RFC 4731 (by Dave Cridland), RFC 5161 (by Arnt | 4466 (by Cyrus Daboo), RFC 4731 (by Dave Cridland), RFC 5161 (by Arnt | |||
| Gulbrandsen), RFC 5465 (by Arnt Gulbrandsen and Curtis King), RFC | Gulbrandsen), RFC 5465 (by Arnt Gulbrandsen and Curtis King), RFC | |||
| 5530 (by Arnt Gulbrandsen), RFC 5819 (by Timo Sirainen), RFC 6154 (by | 5530 (by Arnt Gulbrandsen), RFC 5819 (by Timo Sirainen), RFC 6154 (by | |||
| Jamie Nicolson), RFC 8438 (by Stephan Bosch) so work done by authors/ | Jamie Nicolson), RFC 8438 (by Stephan Bosch) so work done by authors/ | |||
| editors of these documents is appreciated. Note that editors of this | editors of these documents is appreciated. Note that editors of this | |||
| document were redacted from the above list. | document were redacted from the above list. | |||
| The CHILDREN return option was originally proposed by Mike Gahrns and | The CHILDREN return option was originally proposed by Mike Gahrns and | |||
| End of changes. 65 change blocks. | ||||
| 93 lines changed or deleted | 140 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||