idnits 2.17.1 draft-ietf-extra-imap-fetch-preview-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 29, 2020) is 1338 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3501 (Obsoleted by RFC 9051) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 EXTRA M. Slusarz 3 Internet-Draft Open-Xchange Inc. 4 Intended status: Standards Track July 29, 2020 5 Expires: January 30, 2021 7 IMAP4 Extension: Message Preview Generation 8 draft-ietf-extra-imap-fetch-preview-09 10 Abstract 12 This document specifies an Internet Message Access Protocol (IMAP) 13 protocol extension allowing a client to request a server-generated 14 abbreviated text representation of message data useful as a 15 contextual preview of the entire message. 17 Status of This Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF). Note that other groups may also distribute 24 working documents as Internet-Drafts. The list of current Internet- 25 Drafts is at https://datatracker.ietf.org/drafts/current/. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 This Internet-Draft will expire on January 30, 2021. 34 Copyright Notice 36 Copyright (c) 2020 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (https://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with respect 44 to this document. Code Components extracted from this document must 45 include Simplified BSD License text as described in Section 4.e of 46 the Trust Legal Provisions and are provided without warranty as 47 described in the Simplified BSD License. 49 Table of Contents 51 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 52 2. Conventions Used In This Document . . . . . . . . . . . . . . 3 53 3. FETCH Data Item . . . . . . . . . . . . . . . . . . . . . . . 4 54 3.1. Command . . . . . . . . . . . . . . . . . . . . . . . . . 4 55 3.2. Response . . . . . . . . . . . . . . . . . . . . . . . . 4 56 3.3. Preview Text Format . . . . . . . . . . . . . . . . . . . 5 57 4. LAZY Priority Modifier . . . . . . . . . . . . . . . . . . . 5 58 4.1. LAZY . . . . . . . . . . . . . . . . . . . . . . . . . . 5 59 4.2. Client Implementation Advice . . . . . . . . . . . . . . 6 60 5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 6 61 6. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 8 62 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 63 8. Security Considerations . . . . . . . . . . . . . . . . . . . 9 64 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 65 9.1. Normative References . . . . . . . . . . . . . . . . . . 9 66 9.2. Informative References . . . . . . . . . . . . . . . . . 10 67 Appendix A. Change History (To be removed by RFC Editor before 68 publication) . . . . . . . . . . . . . . . . . . . . 10 69 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 13 70 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 13 72 1. Introduction 74 Many modern mail clients display small extracts of the body text as 75 an aid to allow a user to quickly decide whether they are interested 76 in viewing the full message contents. Mail clients implementing the 77 Internet Message Access Protocol [RFC3501] would benefit from a 78 standardized, consistent way to generate these brief textual previews 79 of messages. 81 Generation of a preview on the server has several benefits. First, 82 it allows consistent representation of previews across all clients. 83 This standardized display can reduce user confusion when using 84 multiple clients, as abbreviated message representations in clients 85 will show identical message contents. 87 Second, server-side preview generation is more efficient. A client- 88 based algorithm needs to issue, at a minimum, a FETCH BODYSTRUCTURE 89 command in order to determine which MIME [RFC2045] body part(s) 90 should be represented in the preview. Subsequently, at least one 91 FETCH BODY command may be needed to retrieve body data used in 92 preview generation. These FETCH commands cannot be pipelined since 93 the BODYSTRUCTURE query must be parsed on the client before the list 94 of parts to be retrieved via the BODY command(s) can be determined. 96 Additionally, it may be difficult to predict the amount of body data 97 that must be retrieved to adequately represent the part via a 98 preview, therefore requiring inefficient fetching of excessive data 99 in order to account for this uncertainty. For example, a preview 100 algorithm to display data contained in a text/html [RFC2854] part 101 will likely strip the markup tags to obtain textual content. 102 However, without fetching the entire content of the part, there is no 103 way to guarantee that sufficient non-tag content will exist unless 104 either 1) the entire part is retrieved or 2) an additional partial 105 FETCH is executed when the client determines that it does not possess 106 sufficient data from a previous partial FETCH to display an adequate 107 representation of the preview. 109 Finally, server generation allows caching in a centralized location. 110 Using server-generated previews allows global generation once per 111 message, and then cached for the retention period of the source 112 message. Retrieval of message data may be expensive within a server, 113 for example, so a server can be configured to reduce its storage 114 retrieval load by pre-generating preview data. 116 A server indicates support for this extension via the "PREVIEW" 117 capability name. 119 2. Conventions Used In This Document 121 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 122 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 123 "OPTIONAL" in this document are to be interpreted as described in BCP 124 14 [RFC2119] [RFC8174] when, and only when, they appear in all 125 capitals, as shown here. 127 "User" is used to refer to a human user, whereas "client" refers to 128 the software being run by the user. 130 In examples, "C:" and "S:" indicate lines sent by the client and 131 server respectively. If a single "C:" or "S:" label applies to 132 multiple lines, then the line breaks between those lines are for 133 editorial clarity only and are not part of the actual protocol 134 exchange. 136 As with all IMAP extension documents, the case used in writing IMAP 137 protocol elements herein is chosen for editorial clarity, and 138 implementations must pay attention to the numbered rules at the 139 beginning of [RFC3501] Section 9. 141 3. FETCH Data Item 143 3.1. Command 145 To retrieve a preview for a message, the "PREVIEW" FETCH attribute is 146 used when issuing a FETCH command. 148 3.2. Response 150 The server returns a variable-length string that is the generated 151 preview for that message. 153 Example: Retrieving preview information in a SELECTed mailbox 155 C: A1 FETCH 1 (PREVIEW) 156 S: * 1 FETCH (PREVIEW "Preview text!") 157 S: A1 OK FETCH complete. 159 A server SHOULD strive to generate the same string for a given 160 message for each request. However, since previews are understood to 161 be an approximation of the message data and not a canonical view of 162 its contents, a client MUST NOT assume that a message preview is 163 immutable for a given message. This relaxed requirement permits a 164 server to offer previews as an option without requiring potentially 165 burdensome storage and/or processing requirements to guarantee 166 immutability for a use case that does not require this strictness. 167 For example, the underlying IMAP server may change due to a system 168 software upgrade; an account's state information may be retained in 169 the migration but the new server may generate different PREVIEW text 170 than the old server. 172 It is possible that the server has determined that no meaningful 173 preview text can be generated for a particular message, and that 174 decision won't change later. Examples of this involve encrypted 175 messages, content types the server does not support previews of, and 176 other situations where the server is not able to extract information 177 for a preview. In such cases, the server MUST return a zero-length 178 string. Clients SHOULD NOT send another FETCH for a preview for such 179 messages. (As discussed previously, preview data is not immutable so 180 there is chance that at some point in the future the server would be 181 able to generate meaningful text. However, this scenario is expected 182 to be rare so a client should not continually send out requests to 183 try to capture this infrequent occurrence.) 185 If the LAZY modifier is used, the server MAY return NIL for the 186 preview response, indicating that preview generation could not be 187 completed without causing undue delay. A server MUST NOT return NIL 188 to a FETCH PREVIEW request made without the LAZY modifier. 190 3.3. Preview Text Format 192 The generated preview text MUST be treated as text/plain [RFC2046] 193 media type data by the client. 195 The generated string MUST NOT be content transfer encoded and MUST be 196 encoded in UTF-8 [RFC3629]. The server SHOULD remove any formatting 197 markup and do whatever processing might be useful in rendering the 198 preview as plain text. 200 For purposes of this section, a "preview character" is defined as a 201 single UCS character encoded in UTF-8. Note: a single preview 202 character may compromise multiple octets, so any buffers implemented 203 to conform to the string limitations identified in this document 204 should be sized to prevent possible overflow errors. 206 The server SHOULD limit the length of the preview text to 200 preview 207 characters. This length should provide sufficient data to generally 208 support both various languages (and their different average word 209 lengths) and diverse client display size requirements. 211 The server MUST NOT output preview text longer than 256 preview 212 characters. 214 If the preview is not generated based on the body content of the 215 message, and the LANGUAGE [RFC5255] extension is supported by the 216 server, the preview text SHOULD be generated according to the 217 language rules that apply to human-readable text. For example, a 218 message that consists of a single image MIME part has no human- 219 readable text from which to generate preview information. Instead, 220 the server may wish to output a description that the message contains 221 an image and describe some attributes of the image, such as image 222 format, size, and filename. This descriptive text is not a product 223 of the message body itself but is rather auto-generated data by the 224 server, and should thus use the rules defined for human-generated 225 text described in the LANGUAGE extension (if supported on the 226 server). 228 4. LAZY Priority Modifier 230 4.1. LAZY 232 The LAZY modifier directs the server to return the preview 233 representation only if that data can be returned without undue delay 234 to the client. 236 If this modifier is used, and the server is unable to return preview 237 data without undue delay, the server MUST return NIL as the preview 238 response. 240 The LAZY modifier MUST be implemented by any server that supports the 241 PREVIEW extension. 243 4.2. Client Implementation Advice 245 Upon opening a mailbox, a client generally performs a FETCH of 246 message details in order to create a listing to present to the user 247 (e.g. ENVELOPE data). Using this extension, a client may want to 248 additional display preview information as part of this listing. 249 Quickly providing the base mailbox listing, with basic message 250 details, is the primary goal of this command as this is required to 251 allow the user to begin interacting with the mailbox. Preview data 252 is likely to be of secondary importance; it provides useful context, 253 but it is not necessary to perform message actions. A client can 254 load unavailable previews in the background and display them 255 asynchronously to the user as the preview data is provided by the 256 server. 258 In this scenario, the client would add the PREVIEW data item, with 259 the LAZY modifier, to the list of FETCH items needed to generate the 260 mailbox listing. This allows the server to advantageously return 261 preview data without blocking the primary goal of quickly returning 262 the basic message details used to generate the mailbox listing. 264 Once this initial FETCH is complete, the client can then issue FETCH 265 requests, without the LAZY modifier, to load the preview data for the 266 messages in which preview data was not returned. It is RECOMMENDED 267 that these FETCH requests be issued in small batches, e.g. 50 268 messages per FETCH command, since preview generation may be expensive 269 and a single large request may exceed server resource limits. 271 See Example 2 for an implementation of this strategy. 273 A client SHOULD NOT continually issue LAZY PREVIEW FETCH commands in 274 a selected mailbox as the server is under no requirement to return 275 preview information for this command, which could lead to an 276 unnecessary waste of system and network resources. 278 5. Examples 279 Example 1: Requesting PREVIEW without LAZY modifier. 281 C: A1 CAPABILITY 282 S: * CAPABILITY IMAP4rev1 PREVIEW 283 S: A1 OK Capability command completed. 284 [...a mailbox is SELECTed...] 285 C: A2 FETCH 1 (RFC822.SIZE PREVIEW) 286 S: * 1 FETCH (RFC822.SIZE 5647 PREVIEW {200} 287 S: Lorem ipsum dolor sit amet, consectetur adipiscing elit. 288 S: Curabitur aliquam turpis et ante dictum, et pulvinar dui congue. 289 S: Maecenas hendrerit, lorem non imperdiet pellentesque, nulla 290 S: ligula nullam 291 S: ) 292 S: A2 OK FETCH complete. 294 Example 2: Requesting PREVIEW with LAZY modifier, to obtain previews 295 during initial mailbox listing if readily available; otherwise, load 296 previews in background. 298 C: D1 FETCH 1:4 (ENVELOPE PREVIEW (LAZY)) 299 S: * 1 FETCH (ENVELOPE ("Wed, 25 Oct 2017 15:03:11 +0000" [...]) 300 PREVIEW "Preview text for message 1.") 301 S: * 2 FETCH (PREVIEW "" ENVELOPE 302 ("Thu, 26 Oct 2017 12:17:23 +0000" [...])) 303 S: * 3 FETCH (ENVELOPE ("Fri, 27 Oct 2017 22:19:21 +0000" [...]) 304 PREVIEW NIL) 305 S: * 4 FETCH (ENVELOPE ("Sat, 28 Oct 2017 07:11:18 +0000" [...]) 306 PREVIEW NIL) 307 S: D1 OK FETCH completed. 308 [...Client has preview for message 1 and knows that message 2 has 309 a preview that is empty; only need to request preview of 310 messages 3 & 4 (e.g. in background)...] 311 C: D2 FETCH 3:4 (PREVIEW) 312 S: * 3 FETCH (PREVIEW {30} 313 S: Message data from message 3. 314 S: ) 315 S: * 4 FETCH (PREVIEW "Message 4 preview") 316 S: D2 OK Fetch completed. 318 Example 3: Retrieve preview information for search results within a 319 single mailbox. Use SEARCHRES [RFC5182] extension to save a round- 320 trip. 322 C: E1 CAPABILITY 323 S: * CAPABILITY IMAP4rev1 PREVIEW SEARCHRES 324 S: E1 OK Capability command completed. 325 [...a mailbox is SELECTed...] 326 C: E2 SEARCH RETURN (SAVE) FROM "FOO" 327 C: E3 FETCH $ (UID PREVIEW (LAZY)) 328 S: E2 OK SEARCH completed. 329 S: * 5 FETCH (UID 13 PREVIEW "Preview!") 330 S: * 9 FETCH (UID 23 PREVIEW NIL) 331 S: E3 OK FETCH completed. 332 [...Retrieve message 9 preview in background...] 333 C: E4 UID FETCH 23 (PREVIEW) 334 S: * 9 FETCH (UID 23 PREVIEW "Another preview!") 335 S: E4 OK FETCH completed. 337 6. Formal Syntax 339 The following syntax specification uses the augmented Backus-Naur 340 Form (BNF) as described in ABNF [RFC5234]. It includes definitions 341 from IMAP [RFC3501]. 343 capability =/ "PREVIEW" 345 fetch-att =/ "PREVIEW" [SP "(" preview-mod *(SP 346 preview-mod) ")"] 348 msg-att-dynamic =/ "PREVIEW" SP nstring 350 preview-mod = "LAZY" 352 7. IANA Considerations 354 IMAP4 [RFC3501] capabilities are registered by publishing a standards 355 track or IESG-approved experimental RFC. The registry is currently 356 located at: 358 http://www.iana.org/assignments/imap-capabilities 360 This document requests that IANA adds the "PREVIEW" capability to the 361 IMAP4 [RFC3501] capabilities registry. 363 8. Security Considerations 365 Implementation of this extension might enable denial-of-service 366 attacks against server resources, due to excessive memory or CPU 367 usage during preview generation or increased storage usage if preview 368 results are stored on the server after generation. Servers MAY limit 369 the resources that preview generation uses. In order to mitigate 370 such attacks, servers SHOULD log the client authentication identity 371 on FETCH PREVIEW operations in order to facilitate tracking of 372 abusive clients. 374 Just as the messages they summarize, preview data may contain 375 sensitive information. If generated preview data is stored on the 376 server, e.g. for caching purposes, these previews MUST be protected 377 with equivalent authorization and confidentiality controls as the 378 source message. 380 9. References 382 9.1. Normative References 384 [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 385 Extensions (MIME) Part Two: Media Types", RFC 2046, 386 DOI 10.17487/RFC2046, November 1996, 387 . 389 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 390 Requirement Levels", BCP 14, RFC 2119, 391 DOI 10.17487/RFC2119, March 1997, 392 . 394 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 395 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, 396 . 398 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 399 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November 400 2003, . 402 [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 403 Specifications: ABNF", STD 68, RFC 5234, 404 DOI 10.17487/RFC5234, January 2008, 405 . 407 [RFC5255] Newman, C., Gulbrandsen, A., and A. Melnikov, "Internet 408 Message Access Protocol Internationalization", RFC 5255, 409 DOI 10.17487/RFC5255, June 2008, 410 . 412 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 413 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 414 May 2017, . 416 9.2. Informative References 418 [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 419 Extensions (MIME) Part One: Format of Internet Message 420 Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996, 421 . 423 [RFC2854] Connolly, D. and L. Masinter, "The 'text/html' Media 424 Type", RFC 2854, DOI 10.17487/RFC2854, June 2000, 425 . 427 [RFC5182] Melnikov, A., "IMAP Extension for Referencing the Last 428 SEARCH Result", RFC 5182, DOI 10.17487/RFC5182, March 429 2008, . 431 Appendix A. Change History (To be removed by RFC Editor before 432 publication) 434 Changes from draft-slusarz-imap-fetch-snippet-00: 436 o Added standardized language to Section 2 regarding IMAP ABNF 437 conventions 439 o Changed draft name to draft-ietf-extra-imap-fetch-snippet-## 441 Changes from draft-ietf-extra-imap-fetch-snippet-00: 443 o Changed nomenclature from "snippet" to "preview" 445 o Changed draft name to draft-ietf-extra-imap-fetch-preview-## 447 o Update to RFC 8174 boilerplate 449 o Updated length requirements for PREVIEW=FUZZY 451 o Added preview-atom ABNF to limit use of "=" character 453 o UTF-8 is a normative reference 455 o Clarify that characters for purpose of length limitations are 456 defined as UCS characters as encoded by UTF-8 458 o Fix some incorrect literal lengths in examples 459 Changes from draft-ietf-extra-imap-fetch-preview-00: 461 o Updated postal address 463 o Added example to FETCH response section 465 o Added example on how LANGUAGE extension may influence preview 466 generation 468 o Added recommendation that only one LAZY FETCH be executed for a 469 message per mailbox 471 o Added request to create algorithm and modifier registries 473 o Added requirement that algorithm and modifier names conform to RFC 474 6648 476 o Added DoS attack info to security considerations 478 o Distinguish between NIL response and zero-length string 480 o Don't use deprecated "X-" convention in example 482 o Spelling and nits 484 Changes from draft-ietf-extra-imap-fetch-preview-01: 486 o Fix capability ABNF 488 o Removed CAPABILITY string for examples where it did not add 489 valuable context 491 o Altered preview data in examples to cover a variety of potential 492 server return scenarios 494 o Added "SHOULD be registered" language to algorithm names and 495 priority modifiers 497 Changes from draft-ietf-extra-imap-fetch-preview-02: 499 o Move Acknowledgments to un-numbered appendix 501 o Improved abstract text 503 o Consistently use "priority modifiers" instead of "modifiers" 505 o Update example to conform with RFC 3501 UID FETCH requirements 506 Changes from draft-ietf-extra-imap-fetch-preview-03: 508 o Remove preview modifier registry request 510 o Improve instructions for registration of algorithms 512 o Add storage information to security considerations 514 o Clarify parsing of algorithm list in FETCH command 516 o Clarify difference between NIL response and zero-length string 518 o Add normative reference for text/plain 520 o Add warning regarding buffers and multiple octet preview 521 characters 523 o Clarify how to handle preview data return when using an explicit 524 algorithm list 526 o Various editorial fixes 528 Changes from draft-ietf-extra-imap-fetch-preview-04: 530 o Make clear that preview caching is tied to retention period of the 531 source message 533 Changes from draft-ietf-extra-imap-fetch-preview-05: 535 o Clarify "zero-length string" preview data vs. NIL preview data 537 o MIME data -> media type 539 o Capability registration should not include the algorithm name 541 o Give example of how PREVIEW data might change over time 543 Changes from draft-ietf-extra-imap-fetch-preview-06: 545 o Change algorithm names to media types 547 o FUZZY algorithm changed to text/imap-fetch-preview 549 o Remove server broadcast of PREVIEW algorithm extensions from 550 capability 552 o Default, fallback algorithm in absence of client selection now 553 MUST be text/imap-fetch-preview 555 o LAZY modifier should work on default algorithm if no specific 556 algorithm is provided as an argument 558 Changes from draft-ietf-extra-imap-fetch-preview-07: 560 o Remove algorithm selection; PREVIEW always returns text in format 561 defined in Section 3.3 563 Changes from draft-ietf-extra-imap-fetch-preview-08: 565 o FETCH PREVIEW without LAZY modifier MUST NOT return NIL 567 o Improve client implementation advice for LAZY modifier 569 Acknowledgments 571 The author would like to thank the following people for their 572 comments and contributions to this document: Stephan Bosch, Bron 573 Gondwana, Teemu Huovila, Neil Jenkins, Steffen Lehmann, Barry Leiba, 574 Alexey Melnikov, Chris Newman, Pete Resnick, Jeff Sipek, Timo 575 Sirainen, Steffen Templin, and Aki Tuomi. 577 Author's Address 579 Michael M. Slusarz 580 Open-Xchange Inc. 581 530 Lytton Avenue 582 Palo Alto, California 94301 583 US 585 Email: michael.slusarz@open-xchange.com