[Extra] Roman Danyliw's Discuss on draft-ietf-extra-imap-fetch-preview-03: (with DISCUSS and COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 03 April 2019 20:23 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: extra@ietf.org
Delivered-To: extra@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id F3E5112011C; Wed, 3 Apr 2019 13:23:17 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-extra-imap-fetch-preview@ietf.org, Bron Gondwana <brong@fastmailteam.com>, extra-chairs@ietf.org, brong@fastmailteam.com, extra@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.94.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <155432299793.22684.17651098563381437965.idtracker@ietfa.amsl.com>
Date: Wed, 03 Apr 2019 13:23:17 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/cYq2uR088PXkU8WHr7LamnHXyIA>
Subject: [Extra] Roman Danyliw's Discuss on draft-ietf-extra-imap-fetch-preview-03: (with DISCUSS and COMMENT)
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2019 20:23:18 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-extra-imap-fetch-preview-03: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-extra-imap-fetch-preview/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- (1) Retention practices of cached previews Section 1 says “Using server generated previews allows global generation once per message, and then cached indefinitely”. Why cache indefinitely, especially if the source messages has been expunged? For privacy reasons, couldn’t this caching be consistent with the retention of the email. In Section 9, Security Considerations, there needs to be discussion of this retention too. Perhaps text like: “Implementations that pre-generate and store previews MUST ensure that the stored preview is also deleted when the corresponding mail message is expunged.” (2) Protection of previews at rest In Section 9, Security Considerations, there needs to be discussion about the potential sensitivity of these previews and the need to protect them. Perhaps text like: “Just as the messages they summarize, previews may contain sensitive information. When stored, these previews MUST be protected with equivalent authorization and confidentiality controls as the source message.” ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- (1) Use of RFC 2119 words Please consider if these proposed changes are appropriate uses of RFC 2119 key words: Section 2 s/As with all IMAP extension documents, the case used in writing IMAP protocol elements herein is chosen for editorial clarity, and implementations must pay attention to the numbered rules at the beginning of [RFC3501] Section 9./ As with all IMAP extension documents, the case used in writing IMAP protocol elements herein is chosen for editorial clarity, and implementations MUST pay attention to the numbered rules at the beginning of [RFC3501] Section 9./ Section 3.1 s/Alternately, the client may explicitly indicate which algorithm(s) should be used in a parenthesized list after the PREVIEW attribute containing the name of the algorithm./ Alternately, the client MAY explicitly indicate which algorithm(s) should be used in a parenthesized list after the PREVIEW attribute containing the name of the algorithm./ (2) Section 3.1, the paragraph “If no algorithm identifier is provided, the server decides …” discusses algorithm identifiers but their use hasn’t been introduced yet. I recommend swapping the order of this paragraph with the current third paragraph (“Alternative …”) as this is where algorithms are introduced. (3) Section 4.1. Duplicate word. s/to the the language/to the language/ (4) Section 4.1. Nit on word order. s/no human-readable text to generate preview information from/no human-readable text from which to generate preview information/ (5) Section 7. In the ABNF comments, consider using “[RFC6648]” instead of “RFC 6648”.
- [Extra] Roman Danyliw's Discuss on draft-ietf-ext… Roman Danyliw via Datatracker
- Re: [Extra] Roman Danyliw's Discuss on draft-ietf… Barry Leiba
- Re: [Extra] Roman Danyliw's Discuss on draft-ietf… Roman Danyliw
- Re: [Extra] Roman Danyliw's Discuss on draft-ietf… Alexey Melnikov
- Re: [Extra] Roman Danyliw's Discuss on draft-ietf… Michael Slusarz
- Re: [Extra] Roman Danyliw's Discuss on draft-ietf… Roman Danyliw
- Re: [Extra] Roman Danyliw's Discuss on draft-ietf… Michael Slusarz