idnits 2.17.1 draft-melnikov-imap-capabilities-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC3501, but the abstract doesn't seem to directly say this. It does mention RFC3501 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC3501, updated by this document, for RFC5378 checks: 1997-09-12) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 11, 2015) is 3059 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3501 (Obsoleted by RFC 9051) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Melnikov 3 Internet-Draft Isode Ltd 4 Updates: 3501 (if approved) December 11, 2015 5 Intended status: Standards Track 6 Expires: June 13, 2016 8 Clarification on IMAP CAPABILITY command behaviour 9 draft-melnikov-imap-capabilities-00 11 Abstract 13 This document clarifies how IMAP (RFC 3501) server implementations 14 should handle CAPABILITY command. 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on June 13, 2016. 33 Copyright Notice 35 Copyright (c) 2015 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 51 2. Conventions Used in This Document . . . . . . . . . . . . . . 2 52 3. Clarification on CAPABILITY response/response code . . . . . 2 53 4. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 55 6. Security Considerations . . . . . . . . . . . . . . . . . . . 3 56 7. Normative References . . . . . . . . . . . . . . . . . . . . 3 57 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 4 58 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 4 60 1. Introduction 62 This document clarifies how IMAP [RFC3501] server implementations 63 should respond to CAPABILITY command or what they should return in 64 CAPABILITY response code at different points in IMAP connection. 65 This document updates RFC 3501. 67 A CAPABILITY response or CAPABILITY response codes return a listing 68 of capabilities that the server supports. RFC 3501 didn't specify 69 whether advertised capabilities can change over time and, if they 70 can, at which points in IMAP connection. This document clarifies 71 that. 73 2. Conventions Used in This Document 75 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 76 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 77 document are to be interpreted as described in [RFC2119]. 79 The term "IMAP connection" or just "connection" is as specified in 80 [RFC3501]. 82 3. Clarification on CAPABILITY response/response code 84 Two successive CAPABILITY commands (with no commands in between them) 85 MUST return the same list of capabilities. 87 The list of capabilities is generally static, but it can change at 2 88 points in IMAP connection ("security state change points"): after a 89 successful STARTTLS command and after a successful LOGIN or 90 AUTHENTICATE command. () The list of capabilities MUST NOT change at 91 any other points. 93 With a small number of exceptions, capabilities can't be removed, 94 they can only be added or their parameters might change. Once a 95 capability is announced, it can't be taken away in a subsequent 96 CAPABILITY response, except for a few very limited cases. For 97 example, after STARTTLS command is successful, the STARTTLS 98 capability doesn't need to be advertised (but it is not an error if 99 it is). 101 Capabilities that include parameter(s) can change their parameters at 102 security state change points. The later parameter(s) replace any 103 previously announced parameters. 105 A CAPABILITY response code can contain the same information as a 106 CAPABILITY response. Some implementations only return capabilities 107 that apply in non-authenticated state before authentication and only 108 capabilities that apply in authenticated/selected state after 109 authentication. 111 4. Examples 113 TBD. One example: after STARTTLS, AUTH=PLAIN and/or AUTH=EXTERNAL 114 can be advertised. 116 Second example: Show changing APPENDLIMIT parameter after 117 authentication. 119 5. IANA Considerations 121 This document doesn't require any action from IANA. 123 6. Security Considerations 125 TBD 127 7. Normative References 129 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 130 Requirement Levels", BCP 14, RFC 2119, 131 DOI 10.17487/RFC2119, March 1997, 132 . 134 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 135 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, 136 . 138 Appendix A. Acknowledgements 140 TBD. 142 Author's Address 144 Alexey Melnikov 145 Isode Ltd 146 14 Castle Mews 147 Hampton, Middlesex TW12 2NP 148 UK 150 EMail: Alexey.Melnikov@isode.com