Re: [Jmap] Roman Danyliw's No Objection on draft-ietf-jmap-sieve-20: (with COMMENT)
Roman Danyliw <rdd@cert.org> Thu, 04 April 2024 15:46 UTC
Return-Path: <rdd@cert.org>
X-Original-To: jmap@ietfa.amsl.com
Delivered-To: jmap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EBCEC151539; Thu, 4 Apr 2024 08:46:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dS1Mqbo5h_YR; Thu, 4 Apr 2024 08:46:27 -0700 (PDT)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0057.outbound.protection.office365.us [23.103.208.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6829C169427; Thu, 4 Apr 2024 08:46:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=ZZrEIQJ0E8e3H47U6rlX3PTYmDcEgAmZy4tAXmFsqXXIxcZo9oagYCZgPRVvc5hLh6K0ohq/ibTB6THsB/fVuefVPltPBK4+3SoTCM+jSCWkp0T6eoJLqJECAY0LOgRPFhSAAitc9Vc5BF/EkuZkoj2JLjAOtpZ5/CPVXjRJjP8CQvUIVlALfCBhYcX6QKqfHPXB5wLSNbQ7/stY0HirTX7n71jAiFzKJfwmlrSoPEjEnThcIZOYU8fO+hJ06KpEt6VQFv1adAxEjgYWgiQGMDbCYxZ13ucGWf1MmF3Eew6ONiGAJekDw6juKSZcT/6t2textvWGfvkEmOO4lq6x9A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=p4I2mcNP083DGpfRNtmJx/KWfVzLZyLI1XW+q25PonI=; b=K1fjrleUiqiKFDOnV9tU296J9ppkvFP3KgHijJi67m1RqL60U+CrZ/m/moxnKzmb/XdLAwYnnqjcS5/9pbsp6UEdKDgPmEjNZPbPG2/ANK3hl7xZgijQjFyNatRLmQdkT+7viluUpCUuN8GHWE4hzsTR4l+f4wD/C8f1FjhY/OdMXJgfJJAGJpLnYwdOMoAWpOMNJeaFU0l7WkkJkoOceEgdYXCubmvZN7tIqgxhY3sNEc15reEQdxTfkpS4BRXIKTy4v22IKo0jbpYCRzJQ23EwiywD4OnvhLQ/PnUyeLEi92TrVsfyb19YvTexTYPbNLFICLTaBV2YWXLPdlzhTA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p4I2mcNP083DGpfRNtmJx/KWfVzLZyLI1XW+q25PonI=; b=tpIbMHfX5jcb5VUujClieaptxrAbyh8qqPJ/hC6gRsEa1SXIYeoaZyF1R/NNX8sxghPJKDt9pYl0YMJq4Db41vxpoys1o1l5098vNhUKkkZYD4M7RqOn9P5qv9Yq9FLfYtDFfilyqLAiLtkLEPi/VtdyfgQu2kNezl/Zq7AcFoM=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1011.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Thu, 4 Apr 2024 15:46:24 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::acd1:6591:c445:e0b]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::acd1:6591:c445:e0b%5]) with mapi id 15.20.7409.042; Thu, 4 Apr 2024 15:46:24 +0000
From: Roman Danyliw <rdd@cert.org>
To: Ken Murchison <murch@fastmail.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-jmap-sieve@ietf.org" <draft-ietf-jmap-sieve@ietf.org>, "jmap-chairs@ietf.org" <jmap-chairs@ietf.org>, "jmap@ietf.org" <jmap@ietf.org>, "brong@fastmailteam.com" <brong@fastmailteam.com>
Thread-Topic: Roman Danyliw's No Objection on draft-ietf-jmap-sieve-20: (with COMMENT)
Thread-Index: AQHahWOma1L+ddQUT0SqBq1Q350b/7FYMhmAgAARi7A=
Date: Thu, 04 Apr 2024 15:46:24 +0000
Message-ID: <BN2P110MB11078365E3A256ED59622875DC3CA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <171210659281.27279.17657686568767225883@ietfa.amsl.com> <2f25251e-98e9-b945-2b31-6635aa4968d5@fastmail.com>
In-Reply-To: <2f25251e-98e9-b945-2b31-6635aa4968d5@fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1011:EE_
x-ms-office365-filtering-correlation-id: fc313cbb-9136-4ddc-db4b-08dc54be6220
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VJuINvyty/3WBPymE090HJB4UtWALHR5MI03k/2BkPajv1Lf2lqsZthM3zmYqm6B/y5S7iz+9IgiuTWXh7vxloE13hEhrSGMeGl7d+6thNovs/qmge2dGTBNy90eSW2ATi+7NJ5U17ss+VjEZ4pU1XACqVrc4g/Y+7Yvj0mVbui9FgQjMjk31bFEBJujNNSLq6ias7+YtQ1CfVboMg5mkYO2xGiTH4m6Kjt4jFAFSkuXM819kURpH9csBWGFhZbVeKkpRToupUz36Mmada6HkC7lkEy/jD4Ae7iGH9kRp32ynwmeae2wP/P0FnhS6GX0n7ljnLNMzQIiLS6gP363z3jKeTJ0eUw8gdi/WmdTArkA9kB/a/5mje4Isre89kxHh6AGiVZuNBRuA5shoPVBobKHQMchmhIeOhNksarPGBpU2EjYRZA4Bse3WVpRAvL+yQ11oj6Yy4l4mUwbYIl+SGe/dEaHurRWcl+7MXzp+lFNmiiLXEMbXU5oaOejJH3lAL+tmXLQwQ86gk8jRPsd3bLu+vSfcF0WdW5OMcVGOZK1p3aAFgGq8pazPrVcPuKeSS2uE4O1YKELSeQkQsBXmYKRidtnrjZrftSTSpRbv0cCi1fNK2gCtSXq9Hd8lq3ddh2RtANjk/wICOZ+mQsCabV1GEAh8iGnb+ElwDm6Fg8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(366007)(41320700004)(1800799015)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: YasSXmA7Nc1/NjJDdYYy5S0UHZ3hXSoS2kP4+kyaNUMz046SEN+B3P5vS+6RcAI+t9TOMC4X2ebxRuKpaE4DW+AJhcNcwvaW+cF2nyiUk4J0geETdQDs7b6Hdjhp/E6QdN4efRFY9PUa/Bpb4KepcvTw9644IP//ikYt1Fk3CZAegdovmR2P0JUJ9nTs6pFjtaihilDeDOOU/fznpFyNQ9RVaJVKLKBauWBZO1d/zLj93GpXCFgyXCuYN9VX2HIC0nuLg0+/JTXDfjpD0ylu/5KRtOE4Bdc6FptJ/r+zZN+KwJPMrnpIHknhM1uDlCHx5SuraclAXR6F5fsdhvViogYpQ6PQAo4Vj2y2ghJKkxlsXYGV6iRoS2wL16hGGTrL8n5k4S50PSND2V92FAT7/zv6T3pnfR0y7iqgrXQFU5qWLHffkEdYXam8DLtOgM05LcbkGmWvDJrwTio+fsEVmkZoYwYxE9OBAX7j7L1oYcf2Y2pEnIHqP+nZR42e83Qo2NtHGE1iBmQ0L1wyYCpYbTjIw/bIKoGHMSU1QLsNXgvtw4cHDZvGvLzMgylWKkxniyqbeo3oMnenO+RHGzrU800KF19TJXMDQlJvoYvWGD+1PLFi5PxIxLkX6YOCWjNa5OEQP1eme19SC0qK5MGiAiCjRi0Xg5d57YZKpzBcN4KePH3/Wldhu265Nxk4fgVVqftLpTikLEhItRJjMf2X6YTyMmYoDDnTQ6i58ovJJmyUFRF1EfHvdb0v2SpgAHIUvM7rMBYO6GNt/B4nYLFRCupPpRo9rBCmdg3wx/V/Doq2fVxRsQCEIRK0xl6aUjhVGMEiyMOaIZuudxl10orNWz+JZEELFmEE5LnNKvE7xFgRlASXzmyC3FBGVieMUSyZwo0F44uStlgiWJVfM5NlOwntemhnIvCgsPwLwtG44riNc/ebeDG6P6N7G+TRY24uUJuTyJJn/I8zRuF+d3vaArp5MCvVswRyzpaX1ktFLrN4e26lKoKkt+sEpZEkjhSfGGMAGBc/gFZJHE6K1KbWfD6jstnoQxB4mYWcxcXw4E/+M/VbRgEGhiUlWjdFYB8jdrUndIneE67VJ8B1v8MjjymB6yrEUEhHuu1n2e/ed23IXj+upOns3SBXPe6QwwSVhTk5VA1mYsed2zHnN31dC08Z+iz11ZsEl1XS06lYUd8tw9Gx9L0FJHSjtdgO+judexWhkUcFEWPlxQ5UzZYfOlrl8E3CM08rl0DveQvZzP3gCQ/hJzb5dECsVk4kxS0s12PM9tG+fGBiu0scc3or/yFYM7TDZKYvG8OZImkEPpwQTKkrYhx4p1B68T9XtBq6PustDO75FY5UynedHvT1tZiiUR7K7R59Ewb/Be+TDglkLAWBte/b8eXOJNz+TKPXrpIXPa2LA2go6uLlsANtlI16Cl3YMEKDJqd/ncg5PNkIJk2gyHWcUjs/i+h6STsVsmqhSFUX1ojA0CEPk+HPIHJE6agDLMNvZSCAf8EEgPA=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: fc313cbb-9136-4ddc-db4b-08dc54be6220
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Apr 2024 15:46:24.6030 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1011
Archived-At: <https://mailarchive.ietf.org/arch/msg/jmap/gI4H7cBDTLlpLFARCigHEXjv7ic>
Subject: Re: [Jmap] Roman Danyliw's No Objection on draft-ietf-jmap-sieve-20: (with COMMENT)
X-BeenThere: jmap@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: JSON Message Access Protocol <jmap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jmap>, <mailto:jmap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jmap/>
List-Post: <mailto:jmap@ietf.org>
List-Help: <mailto:jmap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jmap>, <mailto:jmap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 15:46:31 -0000
Hi Ken! Thanks for these proposed edits. They address my feedback. Roman > -----Original Message----- > From: iesg <iesg-bounces@ietf.org> On Behalf Of Ken Murchison > Sent: Thursday, April 4, 2024 10:43 AM > To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org> > Cc: draft-ietf-jmap-sieve@ietf.org; jmap-chairs@ietf.org; jmap@ietf.org; > brong@fastmailteam.com > Subject: Re: Roman Danyliw's No Objection on draft-ietf-jmap-sieve-20: (with > COMMENT) > > Warning: External Sender - do not click links or open attachments unless you > recognize the sender and know the content is safe. > > > Hi Roman, > > Thanks for the review. Responses inline. > > > On 4/2/24 9:09 PM, Roman Danyliw via Datatracker wrote: > > Roman Danyliw has entered the following ballot position for > > draft-ietf-jmap-sieve-20: No Objection > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut > > this introductory paragraph, however.) > > > > > > Please refer to > > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-posi > > tions/ for more information about how to handle DISCUSS and COMMENT > > positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-jmap-sieve/ > > > > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > Thank you to Ines Robles for the GENART review. > > > > ** Section 1.2.1 > > > > The maximum length, in (UTF-8) octets, allowed for the name of a > > SieveScript. For compatibility with ManageSieve, this MUST be at > > least 512 (up to 128 Unicode characters). > > > > What’s a “(UTF-8) octet” as opposed to just a “octet”? > > > I removed "(UTF-8)" since all of JMAP is UTF-8. > > > > ** Section 2.1 > > For > > compatibility with ManageSieve, servers MUST reject names that > > contain control characters > > > > What is the definition of “control characters”? Recommend either > > citing Section 1.6 of RFC5804 or repeating the guidance here. > > > I have listed the prohibited characters per your suggestion. > > > > ** Section 2.4 > > If the id is either illegal or nonexistent, it MUST be ignored and > > the currently active SieveScript (if any) will remain as such. > > > > Is an “illegal” id the same as “invalid”? That might be clearer. > > > I changed "illegal" to "invalid" as suggested. > > > > ** Section 2.6 and 5. The SieveScript validation would appear to > > require the serve to parse and validate the provided SieveScript. > > Section 5 cites the security considerations of RFC5804 and RFC8620. > > The latter has Section 8.4 which discusses the considerations for JSON > > processing. Is there an equivalent for a Sieve script (which is not JSON). > > > I added the following paragraph: > > Additionally, implementations MUST treat Sieve script content > as untrusted data. As such, script parsers MUST fail gracefully > in the face of syntactically invalid or malicious content and > MUST be prepared to deal with resource exhaustion (E.g., > allocation of enormous strings, lists, or command blocks). > > -- > Kenneth Murchison > Senior Software Developer > Fastmail US LLC
- [Jmap] Roman Danyliw's No Objection on draft-ietf… Roman Danyliw via Datatracker
- Re: [Jmap] Roman Danyliw's No Objection on draft-… Ken Murchison
- Re: [Jmap] Roman Danyliw's No Objection on draft-… Roman Danyliw