Re: [Extra] draft-ietf-extra-imap4rev2-04 review

"Bron Gondwana" <brong@fastmailteam.com> Mon, 25 March 2019 17:14 UTC

Return-Path: <brong@fastmailteam.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4B901204F0 for <extra@ietfa.amsl.com>; Mon, 25 Mar 2019 10:14:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b=lFdc1lfz; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=wsb/qh1c
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4cTTAl8HnLVY for <extra@ietfa.amsl.com>; Mon, 25 Mar 2019 10:14:39 -0700 (PDT)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FE20120519 for <extra@ietf.org>; Mon, 25 Mar 2019 10:14:36 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 7EA134736 for <extra@ietf.org>; Mon, 25 Mar 2019 13:14:35 -0400 (EDT)
Received: from imap7 ([10.202.2.57]) by compute6.internal (MEProxy); Mon, 25 Mar 2019 13:14:35 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=mime-version:message-id:in-reply-to :references:date:from:to:subject:content-type; s=fm2; bh=w3TSu+L /4aKUGEoVw50NAk7DhlWq72agdM2BQQ1hPhQ=; b=lFdc1lfzIoKQD8Z8NLSghHf G3i2cd8fkawRLEVG2ZsBOhKwdjJNdaP7OYHO6+io3AzCnd9lWyb3zJTm0CkxqaWu UAAhzXg8vqfEX0AMtADiwHPWoLly87s5pLciNlRG+xUR6gMYtbFvxivV38q5nzm5 GJ43OsiJgAzXJ3ZrKPjkd/NknVyW48YQKO/4jW0BfP6tbTUdXdFM3sAsfXM9ywVd Ex9XkNw3AEj1QY+w5/wysF3JDx5yLesAJhX4hkAm5fjfDneKmA1keH74FVMJhinh xq0dw+Hn6+OWYI9J/bkSf4sF/EJQq+t8BalF5mU6Qweoiwi4275wn4QH+VCIrbg= =
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=w3TSu+ L/4aKUGEoVw50NAk7DhlWq72agdM2BQQ1hPhQ=; b=wsb/qh1cLfTKxMCSVhi9qd zLuJJPg/TOM2cYswQWWCkXfM7Wbu4GeIEunpyhrXakXI7kFvZ6yAZ23vUnr37DiX GKcHr9DmWrw0NAM4aI97CAW9x6HiY/ZHFJsSon+7LsR+3KjyG5FpG5xzUMCGkLek D+V/5uzl0QSPCy/UVS3y/+WzhNpMsyc+tzEgASzhjAlKtD7KziQXBc9D0ykZZArz /f52lPavwFv4TpSfA6y5VXeArAMazqRyRnTz7JMX7Th6l0kqyW9ktNi5meggYsGy A82RpG3En3eAcIOMBLOMRz2/AXHp4soBJ3QbMbCm58iQApvndSjaHx5Se1eQPKsA ==
X-ME-Sender: <xms:egyZXIyETPs8ZATP_ZH74QbkXXS7RyPFnnpHQBJnou32tgRj2Tg9Eg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrjeekgddutddtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsegrtd erreerredtnecuhfhrohhmpedfuehrohhnucfiohhnugifrghnrgdfuceosghrohhnghes fhgrshhtmhgrihhlthgvrghmrdgtohhmqeenucffohhmrghinhepihhmrghpfihikhhird horhhgnecurfgrrhgrmhepmhgrihhlfhhrohhmpegsrhhonhhgsehfrghsthhmrghilhht vggrmhdrtghomhenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:egyZXLSYQ9hIsaPTx1JcmiHg0g6SKVvNbwnOlXXQgizRkL-54E-8Ew> <xmx:egyZXClUkN18Ek_F4y3Rmrk9SJnVDwGzM7nyEE233SIrW_RIxCAZZA> <xmx:egyZXC7BTkuY04BMbkoEWPCWpUmdwuffSt6Fu7mh2os6ECBj2zipog> <xmx:ewyZXJuPZGim_DBO3P3jzMUbLPydYpmtNAOYroSf2auOimcJyOryeQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 812EB2062E; Mon, 25 Mar 2019 13:14:34 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.6-328-g40d9e92-fmstable-20190325v1
Mime-Version: 1.0
X-Me-Personality: 56629417
Message-Id: <aa824b61-e137-491e-b3ee-6ff8b92f35a0@www.fastmail.com>
In-Reply-To: <44234C00-7A5D-4B41-9E85-4CF839B48214@iki.fi>
References: <44234C00-7A5D-4B41-9E85-4CF839B48214@iki.fi>
Date: Mon, 25 Mar 2019 13:14:33 -0400
From: "Bron Gondwana" <brong@fastmailteam.com>
To: extra@ietf.org
Content-Type: multipart/alternative; boundary=985239e449b74787ae57cc2c33d8e228
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/MLt3Pp6BrW6h07zxBwSqCeC9Db8>
Subject: Re: [Extra] draft-ietf-extra-imap4rev2-04 review
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2019 17:14:48 -0000

On Mon, Mar 25, 2019, at 23:05, Timo Sirainen wrote:
> I see this was already in RFC 3501, but this "MUST be greater" has commonly been violated by servers. I think it should say "MUST be different". This is mainly because RENAME commonly doesn't change UIDVALIDITY, so:
> 
> RENAME mailbox-with-uidvalidity2 mailbox-with-uidvalidity2b
> RENAME mailbox-with-uidvalidity1 mailbox-with-uidvalidity2
> 
> Would result in mailbox-with-uidvalidity2 shrinking UIDVALIDITY from 2 to 1.

So the risk here is that you need to be very careful that you don't THEN rename back to '2' again ever, or a client that's been away for a long enough time can come back and find a reused UID. This is why "must always be greater" is a safer than "must not be any value which has ever been seen by a client in the past". Note I say "seen by a client" rather than "used" since the guarantees are only per client :)

> > A server MUST NOT unilaterally close the connection without sending
> > an untagged BYE response that contains the reason for having done so.
> 
> Also already in RFC 3501, but this MUST NOT has to be violated sometimes. For example otherwise it would allow client to FETCH a large message and keep reading it very very slowly over days, and server wouldn't be allowed to disconnect it, because it can't send BYE in the middle of the large mail literal.

Yeah, plus middleware proxies. This is clearly bogus.

> > 4.5. NIL
> 
> This is pretty easy to get wrong. It would help to have some examples of NIL and "NIL" in astring and nstring and what they mean. Like:
> 
> * LIST () "/" NIL
> is equivalent to:
> * LIST () "/" "NIL"
> 
> but
> 
> * FETCH 1 (BODY[1] NIL)
> is not equivalent to:
> * FETCH 1 (BODY[1] "NIL")

Agree that clarifying NIL behaviour would be great. The magicness of NIL and lack of quoting requirement on atoms is one of the horror cases of IMAP parsing.

> > 5.1. Mailbox Naming
> 
> > servers MAY accept a de-normalized UTF-8 mailbox name and convert it to Net-Unicode prior to mailbox creation).
> and:
> > Some server implementations
> > are fully case-sensitive in ASCII range; others preserve case of a
> > newly-created name but otherwise are case-insensitive; and yet others
> > coerce names to a particular case.
> 
> This seems rather difficult from client's point of view. It CREATEs a mailbox, but the client can't find it anymore because it changed. Seems to me it would be less strange if the server simply failed the CREATE entirely.
> 
> If this is allowed for CREATE, is such conversion done for SELECT/EXAMINE/APPEND as well? What about LIST "" <non-normalized name> - would it return the normalized name?
> 
> > A.1. Mailbox International Naming Convention
> > 
> > By convention, international mailbox names in IMAP4rev2 are specified
> > using a modified version of the UTF-7 encoding described in [UTF-7].
> 
> This chapter needs removal or rewrite.
> 
> > 6.2.2. AUTHENTICATE Command
> > 
> 
> > Client and server
> > implementations SHOULD implement additional [SASL] mechanisms that
> > do not use plaintext passwords, such the GSSAPI mechanism
> > described in [SASL] and/or the [DIGEST-MD5] mechanism.
> 
> I don't think we should be recommending DIGEST-MD5 anymore. Maybe SCRAM-SHA-256 instead?
> 
> > 6.3.9. LIST Command
> > 
> 
> > Note: The interpretation of the reference argument is
> > implementation-defined. It depends upon whether the server
> > implementation has a concept of the "current working directory"
> > and leading "break out characters", which override the current
> > working directory.
> 
> 
> Is there really any point in having the reference argument anymore? We could just require clients to use "" for it and simplify the protocol a lot?

This I would also agree with :) The Cyrus server just concatenates the two, pretty much.

> > 6.3.10. LSUB Command
> > 
> > A special situation occurs when using LSUB with the % wildcard.
> > Consider what happens if "foo/bar" (with a hierarchy delimiter of
> > "/") is subscribed but "foo" is not. A "%" wildcard to LSUB must
> > return foo, not foo/bar, in the LSUB response, and it MUST be flagged
> > with the \Noselect attribute.
> > 
> > 6. Possibly fold in the following extensions/RFC: Base LIST-
> > EXTENDED syntax plus deprecate LSUB (replace it with LIST
> > \Subscribed) minus the requirement to support multiple list
> > patterns, STATUS-in-LIST, SEARCHRES, BINARY (only the FETCH
> > changes on leaf body part and make APPEND related ones optional.
> > See the mailing list discussion) - done.
> 
> I think at the very least we could remove the \Noselect kludge and return \Nonexistent instead.

Likewise this would simplify the Cyrus server... though again the problem is that if you want to remain backwards compatible is just increases the complexity of the server cases.

> > 6.3.11. NAMESPACE Command
> > 
> 
> > If a client is configured such that it is required to
> > create a certain mailbox, there can be circumstances where it is
> > unclear which Personal Namespaces it should create the mailbox in.
> > In these situations a client SHOULD let the user select which
> > namespaces to create the mailbox in.
> 
> Is any client ever going to actually implement this? Maybe just change it to say to use the first personal namespace?

There's a bug in Thunderbird where it creates in whatever namespace the mailbox name is a prefix of, which leads to it trying to create "Other Folders/Other" when the user types "Other". Ouch. Fricking namespaces.

On the other hand, SHOULD is still not a requirement, and most servers only have one personal namespace, so I'm pretty meh about this.

> > 6.4.1. CHECK Command
> 
> Time to drop this command?
> 
> > 6.4.5. SEARCH Command
> > 
> 
> > In all search keys that use strings, a message matches the key if the
> > string is a substring of the associated text.
> > 11. Allow word-based searching (as per Chris Newman)?

There's already FUZZY.

> Yes, I think we can't require substring matching anymore, since there's no practical way of implementing it efficiently for large installations. And many servers no longer support it.
> 
> > 6.4.6. FETCH Command
> > 
> 
> > ALL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE)
> > 
> > FAST Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE)
> > 
> > FULL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE
> > BODY)
> 
> Time to simplify and drop all macros?

I would be fine with dropping macros.

> > BINARY[<section-binary>]<<partial>>
> > BODY[<section>]<<partial>>
> > 
> > The \Seen flag is implicitly set; if this causes the flags to
> > change, they SHOULD be included as part of the FETCH responses.
> 
> Time to simplify and require .PEEK versions? The auto-\Seen flag has just caused unnecessary complications.

Particularly since it's the default - I'd love to ditch the auto-\Seen, because right now in Cyrus it's done with an exclusive lock regardless of whether it finds anything to change... for sure that's acutally a silly idea and I _should_ have implemented it as an up-front scan followed by only exclusively locking if there was something to change.

(I'm pretty sure the auto-foo is done first so the modseq bump is returned in the fetch response)

> > 6.4.10. UID Command
> > Responses: untagged responses: FETCH, ESEARCH
> 
> EXPUNGEs can also be returned by UID EXPUNGE.
> 
> > 7.4.2. FETCH Response
> > 
> 
> > RFC822 Functionally equivalent to BODY[], differing in the syntax of
> > the resulting untagged FETCH data (RFC822 is returned).
> > 
> > RFC822.HEADER Functionally equivalent to BODY.PEEK[HEADER],
> > differing in the syntax of the resulting untagged FETCH data
> > (RFC822.HEADER is returned).
> > 
> > RFC822.TEXT Functionally equivalent to BODY[TEXT], differing in the
> > syntax of the resulting untagged FETCH data (RFC822.TEXT is
> > returned).
> 
> Time to simplify and drop support for these?

I'd have to update all my client code :p But yeah, besides it's an old name...

> > CAPABILITY Followed by a list of capabilities. This can appear in
> > the initial OK or PREAUTH response to transmit an initial
> > capabilities list. This makes it unnecessary for a client to send
> > a separate CAPABILITY command if it recognizes this response.
> 
> Could also mention that it is often sent in LOGIN or AUTHENTICATE tagged reply.
> 
> > 6.3.11. NAMESPACE Command
> > 7.2.5. NAMESPACE Response
> 
> These are talking about "Namespace_Response_Extensions" but it's not explained anywhere. I've no idea what that is.
> 
> There are also some old imap-list discussions I had gathered in https://www.imapwiki.org/Specs/Rfc3501Problems - I think the relevant ones are:
> 
> * LIST reply should never mix namespace separators. Different namespaces can have different separators, but in that case LIST shouldn't be listing those namespaces without explicitly being asked to.
> * Except INBOX is special and can have a different separator from others (I wouldn't mind dropping this though)
> * Should FLAGS / PERMANENTFLAGS be sent after a new keyword is created within the session
> * SEARCH TEXT includes searching MIME headers, while SEARCH BODY doesn't


--
 Bron Gondwana, CEO, FastMail Pty Ltd
 brong@fastmailteam.com