[Jmap] Re: Artart telechat review of draft-ietf-jmap-contacts-09

Neil Jenkins <neilj@fastmailteam.com> Fri, 07 June 2024 01:51 UTC

Return-Path: <neilj@fastmailteam.com>
X-Original-To: jmap@ietfa.amsl.com
Delivered-To: jmap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39E4DC180B5B; Thu, 6 Jun 2024 18:51:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.797
X-Spam-Level:
X-Spam-Status: No, score=-2.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b="gPluRIYq"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="C5R5bYg4"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h3-AJh1SndqI; Thu, 6 Jun 2024 18:51:18 -0700 (PDT)
Received: from fout7-smtp.messagingengine.com (fout7-smtp.messagingengine.com [103.168.172.150]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56D24C17C8B0; Thu, 6 Jun 2024 18:51:18 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfout.nyi.internal (Postfix) with ESMTP id 8C6161380119; Thu, 6 Jun 2024 21:51:17 -0400 (EDT)
Received: from imap43 ([10.202.2.93]) by compute5.internal (MEProxy); Thu, 06 Jun 2024 21:51:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=cc:cc:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm2; t=1717725077; x=1717811477; bh=gWVWXK+SuJkEAH/5vCUxLt9nbRfoEEnytgGNAddI0W0=; b= gPluRIYq1IFqbnBEBHV8B1fSLyxOsSLssJSHhSjJtk6Se7AATPRUSVTOA9Efk1Fv rFsVdW0O+Iahjb662b8DbnE8s/UlbhgkN1Tqnj7H3JqsoP3FQU8aW/50XO6rSqNN Jl4Paqf2184gFOEl2bljwV973XsgOnuv5BRsBm8l4QdB3IW4cmtd45mgfxuMyn9O IONgnVcPEtuZDNqLr56Pq2mh8mp92n6ukhRbbeahGe3Fgu+CJwvkk9Q2v/DXoQ78 wT+JYBLvHQnAESURkVuCNh+3d4xJF1Ys6DUtxRhbC4hX6qV/W7XciEfMS5hN6PkT QNoD+OcT/mph1m61nDJD4Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1717725077; x=1717811477; bh=gWVWXK+SuJkEAH/5vCUxLt9nbRfo EEnytgGNAddI0W0=; b=C5R5bYg4tv+AgxN58hgOEYav5TSapsb4DBKtv/dAHQqL h8BnVoVk/w6qPs5lv8Fq7VZ9fjPpwiVxNEfBLYEQxt3IyP+MIaM/QqV8VyIalCio S+AnKjo5Wer6N5PoJkhC424rwB2S8/izX8YYgvuA57N8dAL4Ftlimxxhxzlai1iJ XFu4YIJXX+LxUqrB6aKPivXIg7ByVdqzmctNflgYu/0Uy7JkeAkWk5h1/SDux1ES vi6RtlyTgr/Agq7Lc3HyTvl90KRb7sNEOnAgOJQcmRuOssUakKgTs/2LdTqET4MX dy80KW5tMlwxTAhm9xjeqlYZyi6OAysR3/pZiH+VOA==
X-ME-Sender: <xms:lWdiZrKJv-P02qoDGNzGqWXZC7U6Tx6VcDunlMuU9BgAxP-duceiiw> <xme:lWdiZvKoUaJq4U952mFq82ajkGrhvBMkAbApq8PgjNrXjMCDHcGpNWNkVCgva4tnC oSm6BmgQiPK5A>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrvdelledgheduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvfevufgtsegrtderreerreejnecuhfhrohhmpedfpfgv ihhlucflvghnkhhinhhsfdcuoehnvghilhhjsehfrghsthhmrghilhhtvggrmhdrtghomh eqnecuggftrfgrthhtvghrnhepudegjeekudeftdefgeeftefhkeetieevhfffjefggfff veegheejveevvefhhefhnecuffhomhgrihhnpehrfhgtqdgvughithhorhdrohhrghdpuh hnihgtohguvgdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgr ihhlfhhrohhmpehnvghilhhjsehfrghsthhmrghilhhtvggrmhdrtghomh
X-ME-Proxy: <xmx:lWdiZjuzBg2AVdyEgEkd1NU4jiPLeq71LjLb7uDDk00b5WDICW07TA> <xmx:lWdiZka-KDpAc0oo49t6SruKwkxnDIdZq7QDAXVRJAmougWaornA0A> <xmx:lWdiZiasF7dwGvSjiQ59PPGvaNVLrFKilkmYyuaaMOqeLzWnn6M0BA> <xmx:lWdiZoAMrWGVbc0KcGnNkqOuBhrNYPnJDcXtRT8f20mnAB4pPWf8zQ> <xmx:lWdiZpWt0uSHctrq-kBYDjXf0K58u1-H2FDj9r49FHZ6srYH38ohiMKO>
Feedback-ID: ibc614277:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 224862D4007D; Thu, 6 Jun 2024 21:51:17 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.11.0-alpha0-515-g87b2bad5a-fm-20240604.001-g87b2bad5
MIME-Version: 1.0
Message-Id: <9fc4a3f9-86d7-47c6-ac00-302d05a99adc@dogfoodapp.fastmail.com>
In-Reply-To: <171605695839.29495.8129547067232508808@ietfa.amsl.com>
References: <171605695839.29495.8129547067232508808@ietfa.amsl.com>
Date: Fri, 07 Jun 2024 11:51:16 +1000
From: Neil Jenkins <neilj@fastmailteam.com>
To: Tim Bray <tbray@textuality.com>, art@ietf.org
Content-Type: multipart/alternative; boundary="c3fc1951eb10467387dd82fd49d4936b"
Message-ID-Hash: AZWY66XMHJOCCCAR5ILCJYZG6PPMMRTW
X-Message-ID-Hash: AZWY66XMHJOCCCAR5ILCJYZG6PPMMRTW
X-MailFrom: neilj@fastmailteam.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-jmap.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-jmap-contacts.all@ietf.org, IETF JMAP Mailing List <jmap@ietf.org>, last-call@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Jmap] Re: Artart telechat review of draft-ietf-jmap-contacts-09
List-Id: JSON Message Access Protocol <jmap.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/jmap/ud8Gng5maj_GbKTnJVbkQLQoswc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jmap>
List-Help: <mailto:jmap-request@ietf.org?subject=help>
List-Owner: <mailto:jmap-owner@ietf.org>
List-Post: <mailto:jmap@ietf.org>
List-Subscribe: <mailto:jmap-join@ietf.org>
List-Unsubscribe: <mailto:jmap-leave@ietf.org>

Hi Tim,

Thank you for your review.

On Sun, 19 May 2024, at 04:29, Tim Bray via Datatracker wrote:
> 1. There is a reference to "control characters" without any citation, and the
> definition is not as obvious as one might think. A good reference is [UNICODE]
> section 23.1, which may be summarized as "65 code points in the ranges
> U+0000-U+001F ("C0 Controls") and U+0080-U+009F (“C1 Controls”), plus U+007F,
> "DEL" 
> 
> 2. This section might benefit from a reference to RFC9413, which has a
> thorough discussion of dealing with input data that is invalid for some reason.
> 
> 3. There are 3 options when receiving a message with invalid characters: delete
> them, replace them (Unicode provides U+FFFD for this purpose), or reject the
> message. The draft mentions two of these but not the replacement option. Is it
> never appropriate in the JMAP context?

Right, this is also a valid option. I have updated the Internationalisation Considerations section to read:

Experience has shown that unrestricted use of Unicode can lead to problems such as inconsistent rendering, users reading text and interpreting it differently than intended, and unexpected results when copying text from one location to another. Servers MAY choose to mitigate this by restricting the set of characters allowed in otherwise unconstrained String fields. The FreeformClass, as documented in [RFC8264 <https://www.rfc-editor.org/rfc/rfc8264>], Section 4.3 might be a good starting point for this.

Attempts to set a value containing code points outside of the permissible set can be handled in a few ways by the server. The server could choose to strip the forbidden characters, or replace them with U+FFFD (the Unicode replacement character), and store the resulting string. This is likely to be appropriate for non-printable characters — such as the "Control Codes" defined in [UNICODE <http://www.unicode.org/versions/latest/>] Section 23.1, excluding newline (U+000A), carriage return (U+000D), and tab (U+0009) — which can end up in data accidentally due to copy-and-paste issues, but are invisible to the end user. JMAP allows the server to transform data on create/update, as long as any changed properties are returned to the client in the /set response, so it knows what has changed, as per [RFC8620 <https://www.rfc-editor.org/rfc/rfc8620.html>], Section 5.3. Alternatively, the server MAY just reject the create/update with an invalidProperties SetError.

Cheers,
Neil.