idnits 2.17.1 draft-stracke-calsch-crisp-01.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** The abstract seems to contain references ([CAP]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 96: '... A CRISP server MUST NOT accept any i...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 2000) is 8653 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-13) exists of draft-ietf-calsch-cap-03 -- Possible downref: Normative reference to a draft: ref. 'CAP' Summary: 8 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force J. Stracke 3 INTERNET DRAFT eCal 4 draft-stracke-calsch-crisp-01.txt August 2000 5 Expires: February 2001 7 CAP Realtime iTIP-based Scheduling Profile (CRISP) 9 1. Status of this Memo 11 This document is an Internet-Draft and is in full conformance with 12 all provisions of Section 10 of RFC2026. 14 Internet-Drafts are working documents of the Internet Engineering 15 Task Force (IETF), its areas, and its working groups. Note that 16 other groups may also distribute working documents as Internet- 17 Drafts. Internet-Drafts are draft documents valid for a maximum of 18 six months and may be updated, replaced, or obsoleted by other docu- 19 ments at any time. It is inappropriate to use Internet-Drafts as 20 reference material or to cite them other than as "work in progress." 22 The list of current Internet-Drafts can be accessed at 23 http://www.ietf.org/ietf/1id-abstracts.txt 25 The list of Internet-Draft Shadow Directories can be accessed at 26 http://www.ietf.org/shadow.html. 28 Distribution of this document is unlimited. Please send comments to 29 francis@ecal.com or to the ietf-calendar@imc.org discussion list 30 (subscription address ietf-calendar-request@imc.org; "SUBSCRIBE" or 31 "UNSUBSCRIBE" in the body). 33 2. Copyright Notice 35 Copyright (C) The Internet Society (2000). All Rights Reserved. 37 3. Abstract 39 This document sets forth a restricted profile of [CAP], one which 40 supports no operations beyond the scheduling functionality of [iTIP]. 41 The motivation is to permit use of CAP's real-time iTIP functionality 42 without exposing the calendar access functionality (which may require 43 stricter security controls than iTIP). 45 4. Introduction 47 [iTIP] defines a scheduling protocol based on exchanging specially 48 formatted [iCalendar] messages. iTIP is defined to be independent of 49 transport protocol. At present, there is one standard binding of 50 iTIP to a transport protocol, [iMIP], which carries iTIP messages in 51 email. This is a useful base level capability (email can reach vir- 52 tually any user on the Net), but can involve considerable latencies. 53 A real-time binding for iTIP would be useful; it would permit appli- 54 cation developers to give users better feedback on the progress of 55 the iTIP operations. 57 Since CAP includes full iTIP functionality, one option would be to 58 permit full access to CAP; to schedule an event with a remote user, 59 one would then make a CAP connection to their CS. The problem is 60 that such a connection may be considered a security risk in some 61 organizations; even though the CS has ACLs to prevent the client from 62 performing non-iTIP operations, it would be better if client simply 63 could not attempt such operations. (It's as if mail administrators 64 were told that an SMTP server outside the firewall had to include 65 IMAP functionality as well.) Thus, this document defines CRISP, a 66 profile of CAP, a subset which does not support non-iTIP operations. 68 This document does not specify the relationship between a CRISP 69 server and a (full-powered) CAP server. They may be implemented 70 together, with the CRISP server being nothing more than the CAP 71 server responding in CRISP mode (e.g., based on source IP address); 72 the CRISP server may act as a proxy for the CAP server (see Firewall 73 Application, below); the two servers may feed into the same database, 74 but not know about each other; or there may be no CAP server, only 75 the CRISP server, used for interdomain scheduling, but not for calen- 76 dar access. Or, of course, there may be other modes of operation. 77 These are implementation details, which do not need to be included in 78 a protocol spec. 80 5. Profile Definition 82 A CRISP server is a CAP server with the following capabilities: 84 * ITIPVERSION=1.0 85 * CAPVERSION=1.0 86 * CAR=NONE 87 * QUERYLEVEL=NONE 89 In addition, various AUTH capabilities are expected. Other capabili- 90 ties which apply to iTIP operations may be specified; e.g., MAXDATE 91 and MAXICALOBJECTSIZE. 93 Note that NONE is not a legal value for CAR or QUERYLEVEL in the cur- 94 rent draft of CAP. This will have to be resolved. 96 A CRISP server MUST NOT accept any iCalendar component which is not a 97 valid iTIP component. 99 6. Firewall Application 101 Clearly, it would be undesirable for an organization with a CAP 102 server to have a CRISP server implemented completely separately, but 103 having access to the same database. Such duplication would increase 104 development costs, maintenance costs, and security exposure. On the 105 other hand, it would be possible to build a CRISP server which han- 106 dles all operations by proxying them to the CAP server. Such a proxy 107 could be placed in the "no-man's-land" common in firewalls; the fire- 108 wall would permit CAP connections from the outside to the proxy, and 109 from the proxy to the internal CAP server. The proxy would review 110 all incoming iCalendar components and validate that they were legiti- 111 mate iTIP operations; no non-iTIP components would be forwarded to 112 the CAP server. Similarly, if necessary, the proxy might censor the 113 iTIP replies coming from the CAP server. 115 Naturally, this is not the only approach possible; this section is 116 merely illustrative. The CRISP client does not know or care how the 117 CRISP server gets at the underlying calendar store. 119 7. Security Considerations 121 The protocol defined in this document is a subset of [CAP], and 122 accordingly inherits all of CAP's security analysis. However, new 123 analysis does need to be done for the subset, especially since the 124 whole point of the subset is to address security concerns. 126 8. Author's Address: 128 John Stracke 129 Chief Scientist 130 eCal Corp. 131 Email: francis@ecal.com 133 9. References 135 [iTIP] Silverberg, Mansour, Dawson, Hopson, "iCalendar Transport- 136 Independent Interoperability Protocol (iTIP)", RFC 2446, November 137 1998 139 [iMIP] Dawson, Mansour, Silverberg, "iCalendar Message-Based Interop- 140 erability Protocol (iMIP)", RFC 2445, November 1998 142 [CAP] Mansour, Dawson, Royer, Taler, Hill, "Calendar Access Protocol 143 (CAP)", draft-ietf-calsch-cap-03.txt, July 2000. Work in progress. 145 [iCAL] Dawson, Stenerson, "Internet Calendaring and Scheduling Core 146 Object Specification (iCalendar)", RFC 2445, November 1998