idnits 2.17.1 draft-ietf-jmap-mdn-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([RFC8620], [RFC8098], [RFC8621]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 25, 2020) is 1373 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 JMAP R. Ouazana, Ed. 3 Internet-Draft Linagora 4 Intended status: Standards Track June 25, 2020 5 Expires: December 27, 2020 7 Handling Message Disposition Notification with JMAP 8 draft-ietf-jmap-mdn-12 10 Abstract 12 JMAP ([RFC8620] - JSON Meta Application Protocol) is a generic 13 protocol for synchronising data, such as mail, calendars or contacts, 14 between a client and a server. It is optimised for mobile and web 15 environments, and aims to provide a consistent interface to different 16 data types. 18 JMAP for Mail ([RFC8621] - The JSON Meta Application Protocol (JMAP) 19 for Mail) specifies a data model for synchronising email data with a 20 server using JMAP. Clients can use this to efficiently search, 21 access, organise, and send messages. 23 MDN are defined in [RFC8098] and are used as "read receipts", 24 "acknowledgements", or "receipt notifications". 26 MDN have a specific format that must be parsed or generated. The 27 goal of this document is to specify a data model for handling MDN 28 messages with a server using JMAP. 30 Status of This Memo 32 This Internet-Draft is submitted in full conformance with the 33 provisions of BCP 78 and BCP 79. 35 Internet-Drafts are working documents of the Internet Engineering 36 Task Force (IETF). Note that other groups may also distribute 37 working documents as Internet-Drafts. The list of current Internet- 38 Drafts is at https://datatracker.ietf.org/drafts/current/. 40 Internet-Drafts are draft documents valid for a maximum of six months 41 and may be updated, replaced, or obsoleted by other documents at any 42 time. It is inappropriate to use Internet-Drafts as reference 43 material or to cite them other than as "work in progress." 45 This Internet-Draft will expire on December 27, 2020. 47 Copyright Notice 49 Copyright (c) 2020 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents 54 (https://trustee.ietf.org/license-info) in effect on the date of 55 publication of this document. Please review these documents 56 carefully, as they describe your rights and restrictions with respect 57 to this document. Code Components extracted from this document must 58 include Simplified BSD License text as described in Section 4.e of 59 the Trust Legal Provisions and are provided without warranty as 60 described in the Simplified BSD License. 62 Table of Contents 64 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 65 1.1. Notational conventions . . . . . . . . . . . . . . . . . 3 66 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 67 1.3. Addition to the capabilities object . . . . . . . . . . . 4 68 2. MDN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 69 2.1. MDN/send . . . . . . . . . . . . . . . . . . . . . . . . 5 70 2.2. MDN/parse . . . . . . . . . . . . . . . . . . . . . . . . 7 71 3. Samples . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 72 3.1. Sending an MDN for a received email . . . . . . . . . . . 8 73 3.2. Asking for MDN when sending an email . . . . . . . . . . 9 74 3.3. Parsing a received MDN . . . . . . . . . . . . . . . . . 10 75 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 76 4.1. JMAP Capability Registration for "mdn" . . . . . . . . . 11 77 4.2. JMAP Error Codes Registry . . . . . . . . . . . . . . . . 12 78 4.2.1. mdnAlreadySent . . . . . . . . . . . . . . . . . . . 12 79 5. Security considerations . . . . . . . . . . . . . . . . . . . 12 80 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 81 6.1. Normative References . . . . . . . . . . . . . . . . . . 12 82 6.2. Informative References . . . . . . . . . . . . . . . . . 13 83 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 13 85 1. Introduction 87 JMAP ([RFC8620] - JSON Meta Application Protocol) is a generic 88 protocol for synchronising data, such as mail, calendars or contacts, 89 between a client and a server. It is optimised for mobile and web 90 environments, and aims to provide a consistent interface to different 91 data types. 93 JMAP for Mail ([RFC8621] - The JSON Meta Application Protocol (JMAP) 94 for Mail) specifies a data model for synchronising email data with a 95 server using JMAP. Clients can use this to efficiently search, 96 access, organise, and send messages. 98 MDN are defined in [RFC8098] and are used as "read receipts", 99 "acknowledgements", or "receipt notifications". 101 A client can have to deal with MDN in different ways: 103 1. When receiving an email, an MDN can be sent to the sender. This 104 specification defines an MDN/send method to cover this case. 106 2. When sending an email, an MDN can be requested. This must be 107 done with the help of a header, and is already specified by 108 [RFC8098] and can already be handled by [RFC8621] this way. 110 3. When receiving an MDN, the MDN could be related to an existing 111 sent mail. This is already covered by [RFC8621] in the 112 EmailSubmission object. Client might want to display detailed 113 information about a received MDN. This specification defines an 114 MDN/parse method to cover this case. 116 1.1. Notational conventions 118 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 119 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 120 "OPTIONAL" in this document are to be interpreted as described in BCP 121 14 [RFC2119] [RFC8174] when, and only when, they appear in all 122 capitals, as shown here. 124 Type signatures, examples and property descriptions in this document 125 follow the conventions established in section 1.1 of [RFC8620]. Data 126 types defined in the core specification are also used in this 127 document. 129 Servers MUST support all properties specified for the new data types 130 defined in this document. 132 1.2. Terminology 134 The same terminology is used in this document as in the core JMAP 135 specification. 137 Keywords being case insensitive in IMAP but JSON being case 138 sensitive, the "$mdnsent" keyword MUST always be used in lowercase. 140 1.3. Addition to the capabilities object 142 Capabilities are announced as part of the standard JMAP Session 143 resource; see [RFC8620], section 2. 145 The capability "urn:ietf:params:jmap:mdn" being present in the 146 "accountCapabilities" property of an account represents support for 147 the "MDN" data type, parsing MDN via the "MDN/parse" method, and 148 creating and sending MDN messages via the "MDN/send" method. Servers 149 that include the capability in one or more "accountCapabilities" 150 properties MUST also include the property in the "capabilities" 151 property. 153 The value of this "urn:ietf:params:jmap:mdn" property is an empty 154 object in the account's "accountCapabilities" property. 156 2. MDN 158 An *MDN* object has the following properties: 160 o forEmailId: "Id|null" Email Id of the received email this MDN is 161 relative to. This property MUST NOT be null for "MDN/send", but 162 may be null in the response from the "MDN/parse" method. 164 o subject: "String|null" Subject used as "Subject" header for this 165 MDN. 167 o textBody: "String|null" Human readable part of the MDN, as plain 168 text. 170 o includeOriginalMessage: "Boolean" (default: false). If "true", 171 the content of the original message will appear in the third 172 component of the multipart/report generated for the MDN. See 173 [RFC8098] for details and security considerations. 175 o reportingUA: "String|null" Name of the MUA creating this MDN. It 176 is used to build the MDN Report part of the MDN. 178 o disposition: "Disposition" Object containing the diverse MDN 179 disposition options. 181 o mdnGateway: "String|null" (server-set) Name of the gateway or MTA 182 that translated a foreign (non-Internet) message disposition 183 notification into this MDN. 185 o originalRecipient: "String|null" (server-set) Original recipient 186 address as specified by the sender of the message for which the 187 MDN is being issued. 189 o finalRecipient: "String|null" Recipient for which the MDN is being 190 issued. if set, it overrides the value that would be calculated 191 by the server from the Identity. 193 o originalMessageId: "String|null" (server-set) Message-ID (the 194 [RFC5322] header field, not the JMAP Id) of the message for which 195 the MDN is being issued. 197 o error: "String[]|null" (server-set) Additional information in the 198 form of text messages when the "error" disposition modifier 199 appears. 201 o extensionFields: "String[String]|null" Object where keys are 202 extension-field names and values are extension-field values. 204 A *Disposition* object has the following properties: 206 o actionMode: "String" This MUST be one of the following strings: 207 "manual-action" / "automatic-action" 209 o sendingMode: "String" This MUST be one of the following strings: 210 "mdn-sent-manually" / "mdn-sent-automatically" 212 o type: "String" This MUST be one of the following strings: 213 "deleted" / "dispatched" / "displayed" / "processed" 215 See [RFC8098] for the exact meaning of these different fields. These 216 fields are defined case insensitive in [RFC8098] but are case 217 sensitive in this RFC and MUST be converted to lowercase by "MDN/ 218 parse". 220 2.1. MDN/send 222 The MDN/send method sends an [RFC5322] message from an MDN object. 223 When calling this method the "using" property of the Request object 224 MUST contain the capabilities "urn:ietf:params:jmap:mdn" and 225 "urn:ietf:params:jmap:mail". The latter because of the implicit call 226 to Email/set and the use of Identities, described below. The method 227 takes the following arguments: 229 o accountId: "Id" The id of the account to use. 231 o identityId: "Id" The id of the Identity to associate with these 232 MDN. The server will use this identity to define the sender of 233 the MDN and to set the finalRecipient field. 235 o send: "Id[MDN]" A map of creation id (client specified) to MDN 236 objects. 238 o onSuccessUpdateEmail: "Id[PatchObject]|null" A map of id to an 239 object containing properties to update on the Email object 240 referenced by the "MDN/send" if the sending succeeds. This will 241 always be a backreference to the creation id (see example below in 242 Section 3.1). 244 The response has the following arguments: 246 o accountId: "Id" The id of the account used for the call. 248 o sent: "Id[MDN]|null" A map of creation id to MDN containing any 249 properties that were not set by the client. This includes any 250 properties that were omitted by the client and thus set to a 251 default by the server. This argument is null if no MDN objects 252 were successfully sent. 254 o notSent: "Id[SetError]|null" A map of the creation id to a 255 SetError object for each record that failed to be sent, or null if 256 all successful. 258 The following already registered SetError would mean: 260 o notFound: The reference Email Id cannot be found, or has no valid 261 "Disposition-Notification-To" header. 263 o forbidden: MDN/send would violate an ACL or other permissions 264 policy. 266 o forbiddenFrom: The user is not allowed to use the given 267 finalRecipient property. 269 o overQuota: MDN/send would exceed a server-defined limit on the 270 number or total size of sent MDN. It could include limitations on 271 sent emails. 273 o tooLarge: MDN/send would result in an MDN that exceeds a server- 274 defined limit for the maximum size of an MDN, or more generally on 275 emails. 277 o rateLimit: Too many MDN or emails have been created recently, and 278 a server-defined rate limit has been reached. It may work if 279 tried again later. 281 o invalidProperties: The record given is invalid in some way. 283 The following is a new SetError: 285 o mdnAlreadySent: The message has the "$mdnsent" keyword already 286 set. 288 If the accountId or identityId given cannot be found, the method call 289 is rejected with an "invalidArguments" error. 291 The client SHOULD NOT issue an MDN/send request if the message has 292 the "$mdnsent" keyword set. 294 When sending the MDN, the server is in charge of generating the 295 "originalRecipient", "finalRecipient" and "originalMessageId" fields 296 according to the [RFC8098] specification. 298 The client is expected to explicitly update each "Email" for which an 299 "MDN/send" has been invoked in order to set the "$mdnsent" keyword on 300 these emails. To ensure that, the server MUST reject an "MDN/send" 301 which does not result in setting the keyword "$mdnsent". Thus the 302 server MUST check that the "onSuccessUpdateEmail" property of the 303 method is correctly set to update this keyword. 305 2.2. MDN/parse 307 This method allows a client to parse blobs as [RFC5322] messages to 308 get MDN objects. This can be used to parse and get detailed 309 information about blobs referenced in the "mdnBlobIds" of the 310 EmailSubmission object, or any email the client could expect to be an 311 MDN. 313 The "forEmailId" property can be null or missing if the 314 "originalMessageId" property is missing, not referencing an existing 315 email or if the server cannot efficiently calculate the related email 316 (for example if several emails get the same "Message-Id" header). 318 The MDN/parse method takes the following arguments: 320 o accountId: "Id" The id of the account to use. 322 o blobIds: "Id[]" The ids of the blobs to parse. 324 The response has the following arguments: 326 o accountId: "Id" The id of the account used for the call. 328 o parsed: "Id[MDN]|null" A map of blob id to parsed MDN 329 representation for each successfully parsed blob, or null if none. 331 o notParsable: "Id[]|null" A list of ids given that corresponded to 332 blobs that could not be parsed as MDNs, or null if none. 334 o notFound: "Id[]|null" A list of blob ids given that could not be 335 found, or null if none. 337 The following additional errors may be returned instead of the MDN/ 338 parse response: 340 o requestTooLarge: The number of ids requested by the client exceeds 341 the maximum number the server is willing to process in a single 342 method call. 344 o invalidArguments: If the accountId given cannot be found, the MDN 345 parsing is rejected with an "invalidArguments" error. 347 3. Samples 349 3.1. Sending an MDN for a received email 351 A client can use the following request to send an MDN back to the 352 sender: 354 [[ "MDN/send", { 355 "accountId": "ue150411c", 356 "identityId": "I64588216", 357 "send": { 358 "k1546": { 359 "forEmailId": "Md45b47b4877521042cec0938", 360 "subject": "Read receipt for: World domination", 361 "textBody": "This receipt shows that the email has been 362 displayed on your recipient's computer. There is no 363 guaranty it has been read or understood.", 364 "reportingUA": "linagora.com; OpenPaaS", 365 "disposition": { 366 "actionMode": "manual-action", 367 "sendingMode": "mdn-sent-manually", 368 "type": "displayed" 369 } 370 "extension": { 371 "X-EXTENSION-EXAMPLE": "example.com" 372 } 373 } 374 }, 375 "onSuccessUpdateEmail": { 376 "#k1546": { 377 "keywords/$mdnsent": true 378 } 379 } 380 }, "0" ]] 382 If the email id matches an existing email without the "$mdnsent" 383 keyword, the server can answer: 385 [[ "MDN/send", { 386 "accountId": "ue150411c", 387 "sent": { 388 "k1546": { 389 "finalRecipient": "rfc822; john@example.com", 390 "originalMessageId": "<1521557867.2614.0.camel@apache.org>" 391 } 392 } 393 }, "0" ], 394 [ "Email/set", { 395 "accountId": "ue150411c", 396 "oldState": "23", 397 "newState": "42", 398 "updated": { 399 "Md45b47b4877521042cec0938": {} 400 } 401 }, "0" ]] 403 If the "$mdnsent" keyword has already been set, the server can answer 404 an error: 406 [[ "MDN/send", { 407 "accountId": "ue150411c", 408 "notSent": { 409 "k1546": { 410 "type": "mdnAlreadySent", 411 "description" : "$mdnsent keyword is already present" 412 } 413 } 414 }, "0" ]] 416 3.2. Asking for MDN when sending an email 418 This is done with the [RFC8621] "Email/set" "create" method. 420 [[ "Email/set", { 421 "accountId": "ue150411c", 422 "create": { 423 "k1546": { 424 "mailboxIds": { 425 "2ea1ca41b38e": true 426 }, 427 "keywords": { 428 "$seen": true, 429 "$draft": true 430 }, 431 "from": [{ 432 "name": "Joe Bloggs", 433 "email": "joe@example.com" 434 }], 435 "to": [{ 436 "name": "John", 437 "email": "john@example.com" 438 }], 439 "header:Disposition-Notification-To:asText": "joe@example.com", 440 "subject": "World domination", 441 ... 442 } 443 } 444 }, "0" ]] 446 Note the specified "Disposition-Notification-To" header indicating 447 where to send MDN back (usually the sender of the email). 449 3.3. Parsing a received MDN 451 The client issues a parse request: 453 [[ "MDN/parse", { 454 "accountId": "ue150411c", 455 "blobIds: [ "0f9f65ab-dc7b-4146-850f-6e4881093965" ] 456 }, "0" ]] 458 The server responds: 460 [[ "MDN/parse", { 461 "accountId": "ue150411c", 462 "parsed": { 463 "0f9f65ab-dc7b-4146-850f-6e4881093965": { 464 "forEmailId": "Md45b47b4877521042cec0938", 465 "subject": "Read receipt for: World domination", 466 "textBody": "This receipt shows that the email has been 467 displayed on your recipient's computer. There is no 468 guaranty it has been read or understood.", 469 "reportingUA": "linagora.com; OpenPaaS", 470 "disposition": { 471 "actionMode": "manual-action", 472 "sendingMode": "mdn-sent-manually", 473 "type": "displayed" 474 } 475 "finalRecipient": "rfc822; john@example.com", 476 "originalMessageId": "<1521557867.2614.0.camel@apache.org>" 477 } 478 } 479 }, "0" ]] 481 In case of a not found blobId, the server would respond: 483 [[ "MDN/parse", { 484 "accountId": "ue150411c", 485 "notFound": [ "0f9f65ab-dc7b-4146-850f-6e4881093965" ] 486 }, "0" ]] 488 If the blobId has been found but is not parsable, the server would 489 respond: 491 [[ "MDN/parse", { 492 "accountId": "ue150411c", 493 "notParsable": [ "0f9f65ab-dc7b-4146-850f-6e4881093965" ] 494 }, "0" ]] 496 4. IANA Considerations 498 4.1. JMAP Capability Registration for "mdn" 500 IANA will register the "mdn" JMAP Capability as follows: 502 Capability Name: "urn:ietf:params:jmap:mdn" 504 Specification document: this document 506 Intended use: common 507 Change Controller: IETF 509 Security and privacy considerations: this document, section 5. 511 4.2. JMAP Error Codes Registry 513 The following subsection register one new error code in the "JMAP 514 Error Codes" registry, as defined in [RFC8620]. 516 4.2.1. mdnAlreadySent 518 JMAP Error Code: mdnAlreadySent 520 Intended use: common 522 Change controller: IETF 524 Reference: This document, Section 2.1 526 Description: The message has the "$mdnsent" keyword already set. The 527 client MUST NOT try again to send an MDN for this message. 529 5. Security considerations 531 The same considerations regarding MDN (see [RFC8098] and [RFC3503]) 532 apply to this document. 534 In order to enforce trust regarding the relation between the user 535 sending an email and the identity of this user, the server SHOULD 536 validate in conformance to the provided Identity that the user is 537 permitted to use the finalRecipient value and return a forbiddenFrom 538 error if not. 540 6. References 542 6.1. Normative References 544 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 545 Requirement Levels", BCP 14, RFC 2119, 546 DOI 10.17487/RFC2119, March 1997, 547 . 549 [RFC3503] Melnikov, A., "Message Disposition Notification (MDN) 550 profile for Internet Message Access Protocol (IMAP)", 551 RFC 3503, DOI 10.17487/RFC3503, March 2003, 552 . 554 [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, 555 DOI 10.17487/RFC5322, October 2008, 556 . 558 [RFC8098] Hansen, T., Ed. and A. Melnikov, Ed., "Message Disposition 559 Notification", STD 85, RFC 8098, DOI 10.17487/RFC8098, 560 February 2017, . 562 [RFC8620] Jenkins, N. and C. Newman, "The JSON Meta Application 563 Protocol (JMAP)", RFC 8620, DOI 10.17487/RFC8620, July 564 2019, . 566 [RFC8621] Jenkins, N. and C. Newman, "The JSON Meta Application 567 Protocol (JMAP) for Mail", RFC 8621, DOI 10.17487/RFC8621, 568 August 2019, . 570 6.2. Informative References 572 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 573 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 574 May 2017, . 576 Author's Address 578 Raphael Ouazana (editor) 579 Linagora 580 100 Terrasse Boieldieu - Tour Franklin 581 Paris - La Defense CEDEX 92042 582 France 584 Email: rouazana@linagora.com 585 URI: https://www.linagora.com