| < draft-ietf-tzdist-caldav-timezone-ref-04.txt | draft-ietf-tzdist-caldav-timezone-ref-05.txt > | |||
|---|---|---|---|---|
| Network Working Group C. Daboo | Network Working Group C. Daboo | |||
| Internet-Draft Apple | Internet-Draft Apple | |||
| Updates: 4791 (if approved) August 31, 2015 | Updates: 4791 (if approved) October 13, 2015 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: March 3, 2016 | Expires: April 15, 2016 | |||
| CalDAV: Time Zones by Reference | CalDAV: Time Zones by Reference | |||
| draft-ietf-tzdist-caldav-timezone-ref-04 | draft-ietf-tzdist-caldav-timezone-ref-05 | |||
| Abstract | Abstract | |||
| This document defines an extension to the CalDAV calendar access | This document defines an update to the CalDAV calendar access | |||
| protocol (RFC 4791) to allow clients and servers to exchange | protocol (RFC 4791) to allow clients and servers to exchange | |||
| iCalendar data without the need to send full time zone data. | iCalendar data without the need to send full time zone data. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on March 3, 2016. | This Internet-Draft will expire on April 15, 2016. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2015 IETF Trust and the persons identified as the | Copyright (c) 2015 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 21 ¶ | skipping to change at page 2, line 21 ¶ | |||
| 4. New Client Behavior . . . . . . . . . . . . . . . . . . . . . 7 | 4. New Client Behavior . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 5. New WebDAV Properties . . . . . . . . . . . . . . . . . . . . 8 | 5. New WebDAV Properties . . . . . . . . . . . . . . . . . . . . 8 | |||
| 5.1. CALDAV:timezone-service-set . . . . . . . . . . . . . . . 8 | 5.1. CALDAV:timezone-service-set . . . . . . . . . . . . . . . 8 | |||
| 5.2. CALDAV:calendar-timezone-id . . . . . . . . . . . . . . . 8 | 5.2. CALDAV:calendar-timezone-id . . . . . . . . . . . . . . . 8 | |||
| 6. XML Element Definitions . . . . . . . . . . . . . . . . . . . 9 | 6. XML Element Definitions . . . . . . . . . . . . . . . . . . . 9 | |||
| 6.1. CALDAV:calendar-query XML Element . . . . . . . . . . . . 9 | 6.1. CALDAV:calendar-query XML Element . . . . . . . . . . . . 9 | |||
| 6.2. CALDAV:timezone-id XML Element . . . . . . . . . . . . . 9 | 6.2. CALDAV:timezone-id XML Element . . . . . . . . . . . . . 9 | |||
| 7. Additional Message Header Fields . . . . . . . . . . . . . . 10 | 7. Additional Message Header Fields . . . . . . . . . . . . . . 10 | |||
| 7.1. CalDAV-Timezones Request Header Field . . . . . . . . . . 10 | 7.1. CalDAV-Timezones Request Header Field . . . . . . . . . . 10 | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 10 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 10 | |||
| 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 | 9. Privacy Considerations . . . . . . . . . . . . . . . . . . . 10 | |||
| 9.1. CalDAV-Timezones . . . . . . . . . . . . . . . . . . . . 10 | 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11 | 10.1. CalDAV-Timezones . . . . . . . . . . . . . . . . . . . . 11 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 | 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . 11 | 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . 12 | 12.1. Normative References . . . . . . . . . . . . . . . . . . 11 | |||
| 12.2. Informative References . . . . . . . . . . . . . . . . . 12 | ||||
| Appendix A. Change History (To be removed by RFC Editor before | Appendix A. Change History (To be removed by RFC Editor before | |||
| publication) . . . . . . . . . . . . . . . . . . . . 12 | publication) . . . . . . . . . . . . . . . . . . . . 12 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 13 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
| 1. Introduction | 1. Introduction | |||
| The CalDAV [RFC4791] Calendar Access protocol allows clients to | The CalDAV [RFC4791] Calendar Access protocol allows clients to | |||
| access calendar data stored on a server in the iCalendar [RFC5545] | access calendar data stored on a server in the iCalendar [RFC5545] | |||
| data format. In iCalendar, calendar data that uses local time in any | data format. In iCalendar, calendar data that uses local time in any | |||
| of its date and/or time values is specified as a date-time value in | of its date and/or time values is specified as a date-time value in | |||
| combination with a time zone identifier ("TZID" property parameter). | combination with a time zone identifier ("TZID" property parameter). | |||
| The time zone identifier refers to a time zone definition (a | The time zone identifier refers to a time zone definition (a | |||
| "VTIMEZONE" component) that has all of the rules required to | "VTIMEZONE" component) that has all of the rules required to | |||
| skipping to change at page 6, line 6 ¶ | skipping to change at page 6, line 6 ¶ | |||
| standard time zone to a standard time zone definition that | standard time zone to a standard time zone definition that | |||
| accurately matches the one supplied by the client. In doing so, | accurately matches the one supplied by the client. In doing so, | |||
| servers will need to re-write the iCalendar data to make use of | servers will need to re-write the iCalendar data to make use of | |||
| the new standard time zone identifier chosen by the mapping | the new standard time zone identifier chosen by the mapping | |||
| procedure. Any subsequent request to fetch the calendar data | procedure. Any subsequent request to fetch the calendar data | |||
| would see the new time zone identifier in the calendar data. | would see the new time zone identifier in the calendar data. | |||
| Note there is one important situation where this re-mapping is | Note there is one important situation where this re-mapping is | |||
| not appropriate: an attendee's copy of an event. In that case | not appropriate: an attendee's copy of an event. In that case | |||
| the original time zone definition needs to be preserved as the | the original time zone definition needs to be preserved as the | |||
| organizer's calendar user agent will expect to see that in any | organizer's calendar user agent will expect to see that in any | |||
| iTIP replies sent by the attendee. | iTIP [RFC5546] replies sent by the attendee. | |||
| 3.1.5. Support Time Zone Identifiers in WebDAV Properties | 3.1.5. Support of Time Zone Identifiers in WebDAV Properties | |||
| CalDAV defines a CALDAV:calendar-timezone WebDAV property that is | CalDAV defines a CALDAV:calendar-timezone WebDAV property that is | |||
| used by clients to set a default time zone for the server to use when | used by clients to set a default time zone for the server to use when | |||
| doing time-based queries on calendar data (see Section 5.3.2 of | doing time-based queries on calendar data (see Section 5.3.2 of | |||
| [RFC4791]). The content of that WebDAV property is an iCalendar | [RFC4791]). The content of that WebDAV property is an iCalendar | |||
| "VTIMEZONE" component. This specification defines a new | "VTIMEZONE" component. This specification defines a new | |||
| CALDAV:calendar-timezone-id WebDAV property that allows the default | CALDAV:calendar-timezone-id WebDAV property that allows the default | |||
| time zone to be set via its time zone identifier, rather than | time zone to be set via its time zone identifier, rather than | |||
| providing the full "VTIMEZONE" component (see Section 5.2). This | providing the full "VTIMEZONE" component (see Section 5.2). This | |||
| WebDAV property MUST be present on all resources that also support | WebDAV property MUST be present on all resources that also support | |||
| skipping to change at page 6, line 37 ¶ | skipping to change at page 6, line 37 ¶ | |||
| return the full "VTIMEZONE" data for that time zone in the | return the full "VTIMEZONE" data for that time zone in the | |||
| CALDAV:calendar-timezone WebDAV property. | CALDAV:calendar-timezone WebDAV property. | |||
| If a client attempts to update the CALDAV:calendar-timezone-id with a | If a client attempts to update the CALDAV:calendar-timezone-id with a | |||
| value that does not correspond to a time zone that is known to the | value that does not correspond to a time zone that is known to the | |||
| server, the server MUST reject the property update using a | server, the server MUST reject the property update using a | |||
| CALDAV:valid-timezone pre-condition error. In such cases, clients | CALDAV:valid-timezone pre-condition error. In such cases, clients | |||
| MAY repeat the request using the CALDAV:calendar-timezone instead, | MAY repeat the request using the CALDAV:calendar-timezone instead, | |||
| and provide the full iCalendar data for the time zone being set. | and provide the full iCalendar data for the time zone being set. | |||
| 3.1.6. Support Time Zone Identifiers in CALDAV:calendar-query REPORT | 3.1.6. Support of Time Zone Identifiers in CALDAV:calendar-query REPORT | |||
| CalDAV calendar query reports support a CALDAV:timezone XML element | CalDAV calendar query reports support a CALDAV:timezone XML element | |||
| that is used by clients to set a specific time zone for the server to | that is used by clients to set a specific time zone for the server to | |||
| use when doing time-based queries on calendar data (see Sections 7.3 | use when doing time-based queries on calendar data (see Sections 7.3 | |||
| and 9.8 of [RFC4791]). The content of that XML element is an | and 9.8 of [RFC4791]). The content of that XML element is an | |||
| iCalendar "VTIMEZONE" component. This specification defines a new | iCalendar "VTIMEZONE" component. This specification defines a new | |||
| CALDAV:timezone-id XML element, that can be used as an alternative to | CALDAV:timezone-id XML element, that can be used as an alternative to | |||
| the CALDAV:timezone XML element, that allows a specific time zone to | the CALDAV:timezone XML element, that allows a specific time zone to | |||
| be set via its time zone identifier, rather than providing the full | be set via its time zone identifier, rather than providing the full | |||
| "VTIMEZONE" component (see Section 6.2). Servers MUST support | "VTIMEZONE" component (see Section 6.2). Servers MUST support | |||
| skipping to change at page 7, line 37 ¶ | skipping to change at page 7, line 37 ¶ | |||
| 2. Clients can include an HTTP "CalDAV-Timezones" request header | 2. Clients can include an HTTP "CalDAV-Timezones" request header | |||
| field with a value of "T" to ensure that the CalDAV server does | field with a value of "T" to ensure that the CalDAV server does | |||
| include all "VTIMEZONE" components in any iCalendar data returned | include all "VTIMEZONE" components in any iCalendar data returned | |||
| in a response (see Section 3.1.3). | in a response (see Section 3.1.3). | |||
| 3. Clients can expect servers not to include standard time zone | 3. Clients can expect servers not to include standard time zone | |||
| definitions in any iCalendar data they receive from the server, | definitions in any iCalendar data they receive from the server, | |||
| if there is no "CalDAV-Timezones" request header field in the | if there is no "CalDAV-Timezones" request header field in the | |||
| HTTP request. Clients MUST retrieve standard time zone | HTTP request. Clients MUST retrieve standard time zone | |||
| definitions from the set of time zone distribution servers | definitions either from its own cache of standard time zones, or | |||
| advertised by the CalDAV server (see Section 3.1.2), or a known. | from the set of time zone distribution servers advertised by the | |||
| CalDAV server (see Section 3.1.2). | ||||
| 4. Clients SHOULD remove standard time zone definitions from | 4. Clients SHOULD remove standard time zone definitions from | |||
| iCalendar data they send to the server, provided the | iCalendar data they send to the server, provided the | |||
| corresponding time zone identifier is one available on any of the | corresponding time zone identifier is one available on any of the | |||
| server's advertised time zone distribution servers (see | server's advertised time zone distribution servers (see | |||
| Section 3.1.2). | Section 3.1.2). | |||
| 5. Clients MUST send time zone definitions in iCalendar data for any | 5. Clients MUST send time zone definitions in iCalendar data for any | |||
| time zone identifiers not available via any of the server's | time zone identifiers not available via any of the server's | |||
| advertised time zone distribution servers. Clients MUST be | advertised time zone distribution servers. Clients MUST be | |||
| skipping to change at page 10, line 35 ¶ | skipping to change at page 10, line 35 ¶ | |||
| data returned, the value "F" indicates that it does not. | data returned, the value "F" indicates that it does not. | |||
| CalDAV-Timezones = "T" / "F" | CalDAV-Timezones = "T" / "F" | |||
| Example: | Example: | |||
| CalDAV-Timezones: F | CalDAV-Timezones: F | |||
| 8. Security Considerations | 8. Security Considerations | |||
| This specification does not introduce any new security concerns | This specifications adds Time Zone Data Distribution Service | |||
| beyond those addressed in CalDAV [RFC4791] and iCalendar [RFC5545]. | [I-D.ietf-tzdist-service] servers into the overall calendaring and | |||
| scheduling client/server architecture, as a critical component, and | ||||
| thus adds a new vector of attack against such systems. As such, | ||||
| administrators of CalDAV servers SHOULD ensure that any advertised | ||||
| time zone distribution servers are protected by a level of security | ||||
| commensurate with all the other components in the system. | ||||
| 9. IANA Considerations | Beyond the above point, this specification does not introduce any new | |||
| security concerns beyond those addressed in CalDAV [RFC4791], | ||||
| iCalendar [RFC5545], and the Time Zone Data Distribution Service | ||||
| [I-D.ietf-tzdist-service]. | ||||
| 9. Privacy Considerations | ||||
| The privacy recommendations in Section 9 of the Time Zone Data | ||||
| Distribution Service [I-D.ietf-tzdist-service] specification SHOULD | ||||
| be used to ensure that details of clients' interactions with CalDAV | ||||
| servers are not exposed to potential network observers. Note that | ||||
| since events can be delivered to a calendar user from an outside | ||||
| source (e.g., using iTIP [RFC5546]), and an attacker could create a | ||||
| calendar event with, e.g., a fake or lesser-used time zone identifier | ||||
| that could be used to monitor the calendar user's activity and | ||||
| interaction with others, this specification increases the importance | ||||
| of using the mitigations of privacy issues discussed in | ||||
| [I-D.ietf-tzdist-service]. | ||||
| 10. IANA Considerations | ||||
| The message header field below should be added to the Permanent | The message header field below should be added to the Permanent | |||
| Message Header Field Registry (see [RFC3864]). | Message Header Field Registry (see [RFC3864]). | |||
| 9.1. CalDAV-Timezones | 10.1. CalDAV-Timezones | |||
| Header field name: CalDAV-Timezones | Header field name: CalDAV-Timezones | |||
| Applicable protocol: http | Applicable protocol: http | |||
| Status: standard | Status: standard | |||
| Author/Change controller: IETF | Author/Change controller: IETF | |||
| Specification document(s): this specification (Section 7.1) | Specification document(s): this specification (Section 7.1) | |||
| Related information: none | Related information: none | |||
| 10. Acknowledgments | 11. Acknowledgments | |||
| Thanks to Mike Douglass, Andrew McMillan, and Ken Murchison. This | Thanks to Mike Douglass, Andrew McMillan, and Ken Murchison. This | |||
| specification came about via discussions at the Calendaring and | specification came about via discussions at the Calendaring and | |||
| Scheduling Consortium. | Scheduling Consortium. | |||
| 11. References | 12. References | |||
| 11.1. Normative References | 12.1. Normative References | |||
| [I-D.ietf-tzdist-service] | [I-D.ietf-tzdist-service] | |||
| Douglass, M. and C. Daboo, "Time Zone Data Distribution | Douglass, M. and C. Daboo, "Time Zone Data Distribution | |||
| Service", draft-ietf-tzdist-service-11 (work in progress), | Service", draft-ietf-tzdist-service-11 (work in progress), | |||
| July 2015. | July 2015. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ | Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ | |||
| RFC2119, March 1997, | RFC2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | <http://www.rfc-editor.org/info/rfc2119>. | |||
| skipping to change at page 12, line 5 ¶ | skipping to change at page 12, line 29 ¶ | |||
| [RFC5545] Desruisseaux, B., Ed., "Internet Calendaring and | [RFC5545] Desruisseaux, B., Ed., "Internet Calendaring and | |||
| Scheduling Core Object Specification (iCalendar)", RFC | Scheduling Core Object Specification (iCalendar)", RFC | |||
| 5545, DOI 10.17487/RFC5545, September 2009, | 5545, DOI 10.17487/RFC5545, September 2009, | |||
| <http://www.rfc-editor.org/info/rfc5545>. | <http://www.rfc-editor.org/info/rfc5545>. | |||
| [RFC6638] Daboo, C. and B. Desruisseaux, "Scheduling Extensions to | [RFC6638] Daboo, C. and B. Desruisseaux, "Scheduling Extensions to | |||
| CalDAV", RFC 6638, DOI 10.17487/RFC6638, June 2012, | CalDAV", RFC 6638, DOI 10.17487/RFC6638, June 2012, | |||
| <http://www.rfc-editor.org/info/rfc6638>. | <http://www.rfc-editor.org/info/rfc6638>. | |||
| 11.2. Informative References | 12.2. Informative References | |||
| [RFC5546] Daboo, C., Ed., "iCalendar Transport-Independent | [RFC5546] Daboo, C., Ed., "iCalendar Transport-Independent | |||
| Interoperability Protocol (iTIP)", RFC 5546, DOI 10.17487/ | Interoperability Protocol (iTIP)", RFC 5546, DOI 10.17487/ | |||
| RFC5546, December 2009, | RFC5546, December 2009, | |||
| <http://www.rfc-editor.org/info/rfc5546>. | <http://www.rfc-editor.org/info/rfc5546>. | |||
| [RFC6047] Melnikov, A., Ed., "iCalendar Message-Based | [RFC6047] Melnikov, A., Ed., "iCalendar Message-Based | |||
| Interoperability Protocol (iMIP)", RFC 6047, DOI 10.17487/ | Interoperability Protocol (iMIP)", RFC 6047, DOI 10.17487/ | |||
| RFC6047, December 2010, | RFC6047, December 2010, | |||
| <http://www.rfc-editor.org/info/rfc6047>. | <http://www.rfc-editor.org/info/rfc6047>. | |||
| [RFC6557] Lear, E. and P. Eggert, "Procedures for Maintaining the | [RFC6557] Lear, E. and P. Eggert, "Procedures for Maintaining the | |||
| Time Zone Database", BCP 175, RFC 6557, DOI 10.17487/ | Time Zone Database", BCP 175, RFC 6557, DOI 10.17487/ | |||
| RFC6557, February 2012, | RFC6557, February 2012, | |||
| <http://www.rfc-editor.org/info/rfc6557>. | <http://www.rfc-editor.org/info/rfc6557>. | |||
| Appendix A. Change History (To be removed by RFC Editor before | Appendix A. Change History (To be removed by RFC Editor before | |||
| publication) | publication) | |||
| Changes in -05: | ||||
| 1. IESG Review: abstract now says "updates" instead of "extends". | ||||
| 2. IESG Review: 3.1.5, 3.1.6 section title tweaks. | ||||
| 3. IESG Review: add tzdist reference in Security Considerations. | ||||
| 4. IESG Review: fixed truncated sentence in bullet #3 in Section 4. | ||||
| 5. IESG Review: added privacy considerations section that references | ||||
| the corresponding tzdist service section. | ||||
| 6. IESG Review: added text to security considerations section to | ||||
| indicate tzdist servers need to be protected as well as the | ||||
| caldav server. | ||||
| Changes in -04: | Changes in -04: | |||
| 1. AD Review: added Updates 4791 | 1. AD Review: added Updates 4791 | |||
| 2. AD Review: reworded first bullet of Section 4 to indicate clients | 2. AD Review: reworded first bullet of Section 4 to indicate clients | |||
| have a choice of where to locate time zones | have a choice of where to locate time zones | |||
| 3. AD Review: added text about server providing an admin config | 3. AD Review: added text about server providing an admin config | |||
| option to override new default behavior | option to override new default behavior | |||
| End of changes. 20 change blocks. | ||||
| 25 lines changed or deleted | 69 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||