[Jmap] Re: Orie Steele's Discuss on draft-ietf-jmap-contacts-09: (with DISCUSS and COMMENT)

Neil Jenkins <neilj@fastmailteam.com> Fri, 07 June 2024 01:25 UTC

Return-Path: <neilj@fastmailteam.com>
X-Original-To: jmap@ietfa.amsl.com
Delivered-To: jmap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96E4BC1840D3; Thu, 6 Jun 2024 18:25:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b="rkKUzrB7"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="BfU9+i9G"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id esomxEUubiPi; Thu, 6 Jun 2024 18:25:42 -0700 (PDT)
Received: from fout6-smtp.messagingengine.com (fout6-smtp.messagingengine.com [103.168.172.149]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B62B0C17C8B0; Thu, 6 Jun 2024 18:25:41 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfout.nyi.internal (Postfix) with ESMTP id 1312613801BF; Thu, 6 Jun 2024 21:25:41 -0400 (EDT)
Received: from imap43 ([10.202.2.93]) by compute5.internal (MEProxy); Thu, 06 Jun 2024 21:25:41 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=cc:cc:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm2; t=1717723541; x=1717809941; bh=eQIBW4++OsbN146J9EkPVQSH29wVxW7jaLjMn64BRVI=; b= rkKUzrB7vm3RxyvUpm0au4YaCyryz8ZWJpCpFAtx4NULdHR0uqytn0fKvf6Zw2Db MV4L6PLYDeTUic7cZwgmPIkSTk3bIR5UYVk/FMSAkYyW+0GolH0f8Wzly2FDS8y2 kTGGRrD8D0VkvRNEUxPQjTho9gekgtisJ6oAFcrezcNqFMdmfhnTsbUMg+oRkzN/ UVtpj/z+uvDHFBEa5B/WMXJE10RhYjMJXxGi3wzwfa+5mSzih16l/Yy4mLVZ9rKa iBqMUQRFVGrWgcx2f3fdOJk1c3WRKRrM8+iKik8lbDS5kR8QsB1ny0MyFSHHWWOj WKmho++aEAZW7dunYwxKqQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1717723541; x=1717809941; bh=eQIBW4++OsbN146J9EkPVQSH29wV xW7jaLjMn64BRVI=; b=BfU9+i9GL8YdUV7t1AHFbzZVTC7MZzGRJPeH2Rt9qJyN hOU+6N2X/wI2C5XooOMrxOxunnBpMfYq73Nj3hWF/NRw8SljMye+xMv0ro2wAy55 L+pIxpTaHbGv1CdPElCBX5RPGltJEoF/7znevBKFEirpHMrpwJK/uy3j0CStLkVC pbgcV/4xfav2Pokhck6FEElJSGQ0FPNNGJB6ojglZ2uK/4+uFrPy8JvDl4X0A8uC rC6GI/w1r1NYjszLZ05g/Odeh4gnRKhpIYv1yVuqRSIxQwc+CyBLMlkirzr/rM5+ NTvBXtQf4bFPcgb4hsl71aN6nVxxHArodLXYQkLR6Q==
X-ME-Sender: <xms:lGFiZh9RBM0xqdkWQjEsiXlNWQZYkrBG94AYXQvMs7LMdQ5Ca6VAJg> <xme:lGFiZluAQh6hMRHX2Tx82jQw82dlHuCFHGCqzKm6uJGKcIBtjQX13kEFiiA8be6Wp E7r92zIM681kg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrvdelledggeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvfevufgtsegrtderreerreejnecuhfhrohhmpedfpfgv ihhlucflvghnkhhinhhsfdcuoehnvghilhhjsehfrghsthhmrghilhhtvggrmhdrtghomh eqnecuggftrfgrthhtvghrnhepudejueetteeuhfffkeehhfehfeeiiefggfeljeevhfei udekvddthfetieeigfeinecuffhomhgrihhnpehrfhgtqdgvughithhorhdrohhrghenuc evlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehnvghilhhj sehfrghsthhmrghilhhtvggrmhdrtghomh
X-ME-Proxy: <xmx:lGFiZvDA5tYRRA7ma7lXzEsl-4MltKIqYwDAbjEZlzercaK1GgZ_3Q> <xmx:lGFiZlcyuxObbHNBRyXMdq7YK2IpdascXEZ_jsJlDNRXqesVwlFT5A> <xmx:lGFiZmNdZqw-Pqj9T6TBmTb_Dsh30Wv9cuV15wpydiXHuHN3lR8jVQ> <xmx:lGFiZnlRp9FbA61TGQbQkUrlvBorJ6V4rB7vpTapt3IVk8wOzvb6nw> <xmx:lWFiZt3DWuQzRBkNrAFbrBqsiMKrX8BrHqqgncdEdz4Kgwc_okocb2se>
Feedback-ID: ibc614277:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 2622C2D4007D; Thu, 6 Jun 2024 21:25:40 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.11.0-alpha0-515-g87b2bad5a-fm-20240604.001-g87b2bad5
MIME-Version: 1.0
Message-Id: <35c6be7f-6657-49b3-ad5d-df1426f127f6@dogfoodapp.fastmail.com>
In-Reply-To: <171682238908.27674.17300307340575218749@ietfa.amsl.com>
References: <171682238908.27674.17300307340575218749@ietfa.amsl.com>
Date: Fri, 07 Jun 2024 11:24:53 +1000
From: Neil Jenkins <neilj@fastmailteam.com>
To: Orie Steele <orie@transmute.industries>, iesg <iesg@ietf.org>
Content-Type: multipart/alternative; boundary="d8af3ea9c1f94af6929ca999e5517a61"
Message-ID-Hash: SBNK64M733IPVZYYGGB7GBADISDKTXQV
X-Message-ID-Hash: SBNK64M733IPVZYYGGB7GBADISDKTXQV
X-MailFrom: neilj@fastmailteam.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-jmap.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-jmap-contacts@ietf.org, jmap-chairs@ietf.org, IETF JMAP Mailing List <jmap@ietf.org>, Jim Fenton <fenton@bluepopcorn.net>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Jmap] Re: Orie Steele's Discuss on draft-ietf-jmap-contacts-09: (with DISCUSS and COMMENT)
List-Id: JSON Message Access Protocol <jmap.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/jmap/dgp8IHTciV6XYJW47GGNIAt-zM8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jmap>
List-Help: <mailto:jmap-request@ietf.org?subject=help>
List-Owner: <mailto:jmap-owner@ietf.org>
List-Post: <mailto:jmap@ietf.org>
List-Subscribe: <mailto:jmap-join@ietf.org>
List-Unsubscribe: <mailto:jmap-leave@ietf.org>

Hi Orie,

Thank you for your review.

> ### UID vs UUID
> 
> I suggest the following clarifications:
> 
> Add "UID" to your terminology since it is not defined in RFC8620.
> 
> Something like:
> 
> ```
> UID:
> : A unique identifier. UUID as defined RFC9562 is RECOMMENDED, but for backward
> compatibility it MAY be a free-text value, see RFC9553 Section 2.1.9 for
> details. ```
> 
> Then instead of:
> 
> ```
> 309        *  *id*: Id (immutable; server-set)
> 310           The id of the ContactCard.  The id uniquely identifies a
> 311           ContactCard with a particular "uid" within a particular account.
> ```
> 
> Consider this alternative text:
> 
> """
> The id of the ContactCard. The id MUST be a UID as defined in Section 1.2 of
> this document. """

This is not actually what the document is saying. The "uid" is a globally unique identifier for a card, defined in the JSContact spec <https://www.rfc-editor.org/rfc/rfc9553.html#name-uid>. It is a property of the data. When accessed over JMAP, each card will get an "id", which may be completely different (and not necessarily a UUID) that is used to identify it over the JMAP protocol.

JMAP has the concept of an Account. Modifications within an account are transactional, and certain data consistency rules can be enforced. (You may have access to multiple accounts from a single login, e.g. if someone is sharing data with you).

Given that context, I have rewritten the description to be clearer I hope:
 • *id*: `Id` (immutable; server-set)
The id of the ContactCard. The id property MAY be different to the ContactCard's "uid" property (as defined in RFC9553, Section 2.1.9 <https://www.rfc-editor.org/rfc/rfc9553.html#name-uid>). However, there MUST NOT be more than one ContactCard with the same "uid" in an Account.
> Later:
> 
> ```
> 371        *  *uid*: String
> 372           A card must have this string exactly as its uid to match.
> ```
> 
> "id" or "uid" ?

This is meant to be "uid". You don't need to do a query to find a record if you have its id, you can just just get it directly. I have updated this (and all the other filter properties) to reference the appropriate section of the JSContact spec to make this clearer.

> ### Whats a "data: URI"
> 
> ```
> 326        When returning ContactCards, any Media with a data: URI SHOULD return
> ```
> 
> Please add a reference to RFC2397.

Yes, done.

> ### Intended Use: Reserved
> 
> ```
> 748     7.5.3.  blobId
> 
> 750        Property Name: blobId
> 
> 752        Property Type: Not applicable
> 
> 754        Property Context: Media
> 
> 756        Intended Use: Reserved
> 
> 758        Since Version: 1.0
> 759        Change Controller: IETF
> ```
> 
> The current registry contains no "Reserved" entries, and RFC8620 does not
> define "reserved".
> 
> What does "Reserved" mean?

These registrations are for the JSContact properties registry, not a JMAP registry — the "reserved" use is defined in RFC9553, Section 3.3 <https://www.rfc-editor.org/rfc/rfc9553.html#name-registry-policy-and-change->. I have added an RFC reference here to make this more obvious.

> ## Comments
> 
> ### AddressBook description string length
> 
> ```
> 173        *  *description*: String|null (default: null)
> 
> 175           An optional longer-form description of the AddressBook, to provide
> 176           context in shared environments where users need more than just the
> 177           name.
> ```
> 
> Is there an octet limit for this field (and all other string fields), or a
> least a max length recommendation?

No. The server always has the right to reject an update as too large, but across all the JMAP data types there are a lot of fields and generally we haven't mandated particular limits, except where it's particularly important the string is short.

> ### Enumerations vs Booleans
> 
> ```
> 229        An *AddressBookRights* object has the following properties:
> 
> 231        *  *mayRead*: Boolean
> 232           The user may fetch the ContactCards in this AddressBook.
> 233        *  *mayWrite*: Boolean
> 234           The user may create, modify or destroy all ContactCards in this
> 235           AddressBook, or move them to or from this AddressBook.
> 236        *  *mayAdmin*: Boolean
> 237           The user may modify the "shareWith" property for this AddressBook.
> 238        *  *mayDelete*: Boolean
> 239           The user may delete the AddressBook itself.
> ```
> 
> Later:
> 
> ```
> 564                "addressBookIds": {
> 565                  "062adcfa-105d-455c-bc60-6db68b69c3f3": true
> 566                },
> ```
> 
> I wonder why these are not modeled as:
> 
> ```
> "<className>Ids": [<id or uid>]
> ```
> 
> Perhaps the object syntax is used to anticipate extension?

The object syntax is more amenable to patching — with JMAP you generally send efficient patches to update an object rather than the whole thing. This format is used to model sets throughout JMAP APIs for this reason.

> ### Access Control Policy
> 
> ```
> 282        The "shareWith" property may only be set by users that have the
> 283        mayAdmin right.  When modifying the shareWith property, the user
> 284        cannot give a right to a principal if the principal did not already
> 285        have that right and the user making the change also does not have
> 286        that right.  Any attempt to do so MUST be rejected with a forbidden
> 287        SetError.
> ```
> 
> This is discretionary access control? Consider a citation and an example that
> is not `"shareWith": null,` in Section 4.1.

I've added a sharee to one of the address books in the example section.

Cheers,
Neil.