[Gen-art] Gen-ART LC review of draft-ietf-imapapnd-appendlimit-extension-07

"Peter Yee" <peter@akayla.com> Sun, 27 December 2015 20:25 UTC

Return-Path: <peter@akayla.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C4521A3BA1; Sun, 27 Dec 2015 12:25:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.1
X-Spam-Level: ***
X-Spam-Status: No, score=3.1 tagged_above=-999 required=5 tests=[BAYES_50=0.8, MANGLED_LIST=2.3, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ub_ZyyC4gf8w; Sun, 27 Dec 2015 12:25:27 -0800 (PST)
Received: from p3plsmtpa12-03.prod.phx3.secureserver.net (p3plsmtpa12-03.prod.phx3.secureserver.net [68.178.252.232]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1CCAA1A3B9F; Sun, 27 Dec 2015 12:25:26 -0800 (PST)
Received: from spectre ([173.8.184.78]) by p3plsmtpa12-03.prod.phx3.secureserver.net with id ykRR1r0071huGat01kRSFZ; Sun, 27 Dec 2015 13:25:26 -0700
From: "Peter Yee" <peter@akayla.com>
To: <draft-ietf-imapapnd-appendlimit-extension-07.all@ietf.org>
Date: Sun, 27 Dec 2015 12:25:40 -0800
Message-ID: <027701d140e4$c1337070$439a5150$@akayla.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdFA1VDzdz6docfaSji0jIZtfzOAUw==
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/lTd60MDsOT_r2Ss3RX2Blel0UI8>
Cc: gen-art@ietf.org, ietf@ietf.org
Subject: [Gen-art] Gen-ART LC review of draft-ietf-imapapnd-appendlimit-extension-07
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Dec 2015 20:25:29 -0000

I am the assigned Gen-ART reviewer for this draft.  The General Area Review
Team (Gen-ART) reviews all IETF documents being processed by the IESG for
the IETF Chair.  Please treat these comments just like any other last call
comment.  For background on Gen-ART, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>

Document: draft-ietf-imapapnd-appendlimit-extension-07
Reviewer: Peter Yee
Review Date: December 27, 2015
IETF LC End Date: January 1, 2016
IESG Telechat date: TBD

Summary: This draft is basically ready for publication as a standards track
RFC, but has nits that should be fixed before publication. [Ready with nits]

The draft describes an extension to IMAP4v1 that allows a server to signal a
maximum message upload size limit.

Most of nits noted are linguistic, although there's a minor, repeated
mistake in the ABNF that's critical to fix.

Comments/Questions: 

Section 1, 2nd paragraph, 2nd sentence: the claim that this extension allows
a server to avoid processing overly large messages (or attachments) is only
true if a client implements and honors the extension.  A malicious client
could still upload large messages and cause the server to process the
message up to the point where it exceeds the server's limit.  While these
overly large uploads would not be saved to disk, the server would still have
to process them up to a point in order to determine that they should be
discarded and a TOOBIG response returned.  Other mechanisms would be needed
to fend off malicious clients that persist in such uploads.

Page 6, Section 6, 2nd full sentence: In light of the last paragraph of
section 5 indicating that the number is a fixed maximum value, how would
submitting a little too large message work?  Why is the server being lenient
here?

Major issues: None

Minor issues: None

Nits:

Page 1, Abstract, 1st sentence: change "mail" to "message".  Delete "of".

Page 2, Section 1, 1st paragraph, 1st sentence: change "mail" to "message".

Page 2, Section 1, 1st paragraph, 4th sentence: change "mail" to "message".
Change "attachment" to "attachments".

Page 2, Section 1, 2nd paragraph, 1st sentence: insert "a" before "maximum".
Insert "the" before "email".

Page 2, Section 1, 2nd paragraph, 2nd sentence: change "server side" to
"server-side".

Page 3, Section 2, 1st paragraph, 1st sentence: insert "the" before the
first "APPENDLIMIT".  Insert "the" before "authenticated".

Page 3, Section 2, 1st paragraph, last sentence: insert "An" at the
beginning of the sentence.

Page 3, Section 2, 1st paragraph after (a), 1st sentence: delete "the"
before "mailboxes".

Page 3, Section 2, 1st paragraph after (a), 2nd sentence: insert "the"
before "same".

Page 3, Section 2, 3rd paragraph after (b), 1st sentence: insert "an" before
"APPENDLIMIT".  Insert "a" before "STATUS".

Page 3, Section 2, 3rd paragraph after (b), 2nd sentence: change "New" to "A
new".  Change "mailbox specific" to "mailbox-specific".

Page 3, Section 2, 3rd paragraph after (b), 3rd sentence: insert "to" before
"section".  Insert "the" before "response".

Page 3, Section 2, last paragraph, 1st sentence: insert "An" at the
beginning of the sentence.  Delete "kind of".

Page 3, Section 2, last paragraph, 2nd sentence: insert "a" before "client".
Insert "the" before "advertised".

Page 3, Section 3, heading: change "Mailbox specific" to "Mailbox-specific".

Page 3, Section 3, 1st paragraph: insert "the" before "CAPABILITY".

Page 4, Section 3.1, 1st paragraph, 1st sentence: insert "a" before
"STATUS".

Page 4, Section 3.1, 1st paragraph, 2nd sentence: insert "An" before "IMAP".
Insert "a" before "STATUS".  Insert "an" before "APPENDLIMIT".  Change
"mailbox specific" to "mailbox-specific".

Page 4, Section 3.1, 1st paragraph, 3rd sentence: delete the comma.

Page 4, Section 3.2, 1st paragraph, 2nd sentence: delete the comma.

Page 5, Section 4, 1st paragraph, 1st sentence: insert "a" before "client".
Change "mail" to "message".  Change "to" to "for" before "that".  Insert
"the" before "server".

Page 5, Section 4, 1st paragraph, 2nd sentence: insert "to" before
"[RFC4469]".  Change "(4) to "4".

Page 5, Section 4, 2nd paragraph, 1st sentence: change "Client" to "A
client".  Insert "the" before "maximum".

Page 5, Section 4, 2nd paragraph, 2nd sentence: insert "to" before
"section".

Page 5, Section 5, ABNF: change "/=" to "=/" for the definitions of
"capability", "status-att", and "status-att-val".

Page 6, Section 8: append a comma after "Long".