idnits 2.17.1 

draft-stracke-calsch-crisp-00.txt:
  ** The Abstract section seems to be numbered


  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** The document seems to lack a 1id_guidelines paragraph about 6 months
     document validity -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an Introduction section.

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.

  ** The abstract seems to contain references ([CAP]), which it shouldn't. 
     Please replace those with straight textual mentions of the documents in
     question.

  ** The document seems to lack a both a reference to RFC 2119 and the
     recommended RFC 2119 boilerplate, even if it appears to use RFC 2119
     keywords. 

     RFC 2119 keyword, line 84: '...  A CRISP server MUST NOT accept any i...'


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (August 2000) is 8656 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Outdated reference: A later version (-13) exists of
     draft-ietf-calsch-cap-03

  -- Possible downref: Normative reference to a draft: ref. 'CAP' 


     Summary: 8 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Internet Engineering Task Force                     J. Stracke
3	INTERNET DRAFT                                            eCal
4	draft-stracke-calsch-crisp-00.txt                  August 2000
5	                                        Expires: February 2001

7	           CAP Realtime iTIP-based Scheduling Profile (CRISP)

9	1.  Status of this Memo

11	   This document is an Internet-Draft and is in full conformance with
12	   all provisions of Section 10 of RFC2026.

14	   Internet-Drafts are working documents of the Internet Engineering
15	   Task Force (IETF), its areas, and its working groups.  Note that
16	   other groups may also distribute working documents as Internet-
17	   Drafts.  Internet-Drafts are draft documents valid for a maximum of
18	   six months and may be updated, replaced, or obsoleted by other docu-
19	   ments at any time.  It is inappropriate to use Internet-Drafts as
20	   reference material or to cite them other than as "work in progress."

22	   The list of current Internet-Drafts can be accessed at
23	   http://www.ietf.org/ietf/1id-abstracts.txt

25	   The list of Internet-Draft Shadow Directories can be accessed at
26	   http://www.ietf.org/shadow.html.

28	   Distribution of this document is unlimited. Please send comments to
29	   francis@ecal.com or to the ietf-calendar@imc.org discussion list
30	   (subscription address ietf-calendar-request@imc.org; "SUBSCRIBE" or
31	   "UNSUBSCRIBE" in the body).

33	2.  Copyright Notice

35	   Copyright (C) The Internet Society (2000).  All Rights Reserved.

37	3.  Abstract

39	   This document sets forth a restricted profile of [CAP], one which
40	   supports no operations beyond the scheduling functionality of [iTIP].
41	   The motivation is to permit use of CAP's real-time iTIP functionality
42	   without exposing the calendar access functionality (which may require
43	   stricter security controls than iTIP).

45	4.  Introduction

47	   [iTIP] defines a scheduling protocol based on exchanging specially
48	   formatted [iCalendar] messages.  iTIP is defined to be independent of
49	   transport protocol.  At present, there is one standard binding of
50	   iTIP to a transport protocol, [iMIP], which carries iTIP messages in
51	   email.  This is a useful base level capability (email can reach vir-
52	   tually any user on the Net), but can involve considerable latencies.
53	   A real-time binding for iTIP would be useful; it would permit appli-
54	   cation developers to give users better feedback on the progress of
55	   the iTIP operations.

57	   Since CAP includes full iTIP functionality, one option would be to
58	   permit full access to CAP; to schedule an event with a remote user,
59	   one would then make a CAP connection to their CS.  The problem is
60	   that such a connection may be considered a security risk in some
61	   organizations; even though the CS has ACLs to prevent the client from
62	   performing non-iTIP operations, it would be better if client simply
63	   could not attempt such operations.  (It's as if mail administrators
64	   were told that an SMTP server outside the firewall had to include
65	   IMAP functionality as well.)  Thus, this document defines a profile
66	   of CAP, a subset which does not support non-iTIP operations.

68	5.  Profile Definition

70	   A CRISP server is a CAP server with the following capabilities:

72	      * ITIPVERSION=1.0
73	      * CAPVERSION=1.0
74	      * CAR=NONE
75	      * QUERYLEVEL=NONE

77	   In addition, various AUTH capabilities are expected.  Other capabili-
78	   ties which apply to iTIP operations may be specified; e.g., MAXDATE
79	   and MAXICALOBJECTSIZE.

81	   Note that NONE is not a legal value for CAR or QUERYLEVEL in the cur-
82	   rent draft of CAP.  This will have to be resolved.

84	   A CRISP server MUST NOT accept any iCalendar component which is not a
85	   valid iTIP component.

87	6.  Firewall Application

89	   Clearly, it would be undesirable for an organization with a CAP
90	   server to have a CRISP server implemented completely separately, but
91	   having access to the same database.  Such duplication would increase
92	   development costs, maintenance costs, and security exposure.  On the
93	   other hand, it would be possible to build a CRISP server which han-
94	   dles all operations by proxying them to the CAP server.  Such a proxy
95	   could be placed in the "no-man's-land" common in firewalls; the fire-
96	   wall would permit CAP connections from the outside to the proxy, and
97	   from the proxy to the internal CAP server.  The proxy would review
98	   all incoming iCalendar components and validate that they were legiti-
99	   mate iTIP operations; no non-iTIP components would be forwarded to
100	   the CAP server.  Similarly, if necessary, the proxy might censor the
101	   iTIP replies coming from the CAP server.

103	7.  Security Considerations

105	   The protocol defined in this document is a subset of [CAP], and
106	   accordingly inherits all of CAP's security analysis.  However, new
107	   analysis does need to be done for the subset, especially since the
108	   whole point of the subset is to address security concerns.

110	8.  Author's Address:

112	   John Stracke
113	   Chief Scientist
114	   eCal Corp.
115	   Email: francis@ecal.com

117	9.  References

119	   [iTIP] Silverberg, Mansour, Dawson, Hopson, "iCalendar Transport-
120	   Independent Interoperability Protocol (iTIP)", RFC 2446, November
121	   1998

123	   [iMIP] Dawson, Mansour, Silverberg, "iCalendar Message-Based Interop-
124	   erability Protocol (iMIP)", RFC 2445, November 1998

126	   [CAP] Mansour, Dawson, Royer, Taler, Hill, "Calendar Access Protocol
127	   (CAP)", draft-ietf-calsch-cap-03.txt, July 2000.  Work in progress.

129	   [iCAL] Dawson, Stenerson, "Internet Calendaring and Scheduling Core
130	   Object Specification (iCalendar)", RFC 2445, November 1998