[lemonade] AD review of draft-ietf-lemonade-convert-16.txt
Chris Newman <Chris.Newman@Sun.COM> Thu, 27 March 2008 19:44 UTC
Return-Path: <lemonade-bounces@ietf.org>
X-Original-To: ietfarch-lemonade-archive@core3.amsl.com
Delivered-To: ietfarch-lemonade-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B764E3A6ACE; Thu, 27 Mar 2008 12:44:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.972
X-Spam-Level:
X-Spam-Status: No, score=-100.972 tagged_above=-999 required=5 tests=[AWL=-1.134, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_64=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Ttht5VQrKfD; Thu, 27 Mar 2008 12:44:44 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 574593A6ADA; Thu, 27 Mar 2008 12:44:44 -0700 (PDT)
X-Original-To: lemonade@core3.amsl.com
Delivered-To: lemonade@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B7BDF3A6ADA for <lemonade@core3.amsl.com>; Thu, 27 Mar 2008 12:44:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MTBO-uplHEvB for <lemonade@core3.amsl.com>; Thu, 27 Mar 2008 12:44:42 -0700 (PDT)
Received: from sca-es-mail-1.sun.com (sca-es-mail-1.Sun.COM [192.18.43.132]) by core3.amsl.com (Postfix) with ESMTP id 73C963A6956 for <lemonade@ietf.org>; Thu, 27 Mar 2008 12:44:42 -0700 (PDT)
Received: from fe-sfbay-09.sun.com ([192.18.43.129]) by sca-es-mail-1.sun.com (8.13.7+Sun/8.12.9) with ESMTP id m2RJgMPw005218 for <lemonade@ietf.org>; Thu, 27 Mar 2008 12:42:22 -0700 (PDT)
Received: from conversion-daemon.fe-sfbay-09.sun.com by fe-sfbay-09.sun.com (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007)) id <0JYE00501M6P8F00@fe-sfbay-09.sun.com> (original mail from Chris.Newman@Sun.COM) for lemonade@ietf.org; Thu, 27 Mar 2008 12:42:22 -0700 (PDT)
Received: from [10.1.110.5] (75-142-59-194.static.mtpk.ca.charter.com [75.142.59.194]) by fe-sfbay-09.sun.com (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007)) with ESMTPSA id <0JYE00GLZMQH0X10@fe-sfbay-09.sun.com> for lemonade@ietf.org; Thu, 27 Mar 2008 12:42:19 -0700 (PDT)
Date: Thu, 27 Mar 2008 12:42:17 -0700
From: Chris Newman <Chris.Newman@Sun.COM>
To: lemonade@ietf.org
Message-id: <71E16C6BB38D6703CB5B24BA@446E7922C82D299DB29D899F>
MIME-version: 1.0
X-Mailer: Mulberry/4.0.8 (Mac OS X)
Content-disposition: inline
Subject: [lemonade] AD review of draft-ietf-lemonade-convert-16.txt
X-BeenThere: lemonade@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Enhancements to Internet email to support diverse service enivronments <lemonade.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/lemonade>, <mailto:lemonade-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:lemonade@ietf.org>
List-Help: <mailto:lemonade-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lemonade>, <mailto:lemonade-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: lemonade-bounces@ietf.org
Errors-To: lemonade-bounces@ietf.org
I would like the following issue addressed before IETF last call: --- Section 6 > suitable target media type. This document doesn't describe how the > server makes such a choice. For example, the server can know > characteristics of the device through a device description mechanism, > or it can have a prioritized list of MIME types based on how > widespread they are, how difficult their rendering is, etc. Note > that servers are REQUIRED to support "default conversion" requests. This mandates support for default conversions without setting any constraints or even clear expectations for what the default conversion will do. While I understand the need for default conversion (and suspect it may be the common case use for this extension if this deploys successfully), this gives the server too much room to do something stupid (such as the identity conversion) and in the process risks defeating the utility of this function through non-interoperability. This is not sufficient to create interoperable implementations. What's needed is a clear statement of the expectation for default conversions. The mechanism the server uses can then be measured against the expectation to determine the quality of the server implementation. But without stating the expectation, there are too many reasonable expectations and thus no way to measure the quality of a server implementation. Here are some examples of expectations you could set: * Reduce the size of converted parts to a minimum that remains useful for fast preview purposes * Convert the media types, charsets, codecs and other customizable parameters to the most standard or widely deployed options available in that media category. Minimize quality loss in this conversion. * Convert the media types, charsets, codecs and other customizable parameters to ones that maximize the rendering speed of the media on a display device appropriate for that media type. * Convert the media types, charsets, codecs and other customizable parameters to ones that can be rendered by a device without the need for any patent licenses. * Based on out-of-band information about the client device, convert the media to types the device is likely to support and display successfully while removing any unnecessary detail that exceeds the capabilities of the device (e.g. scaling images to just fit on the device's screen). When out-of-band device information is unavailable, assume a default device with the following characteristics: ... The characteristics of the default device may be adjusted by server configuration. I'd also feel more comfortable if there was an optional way for the client to inform the server of its identity (e.g., RFC 2971 with the constraint about server interpretation lifted for this one purpose and perhaps a device-id tag added). --- The following issues fall into the "last call comment" category and if you want to enter IETF last call without addressing these, that's fine. But I recommend addressing some of these with a revision prior to IETF last call to reduce last call controversy. High-level comments: * As a matter of technical architecture, I would prefer that we had a generic data conversions service and hooked it into IMAP via URLAUTH, rather than making IMAP itself more complex. If the IESG is doing their job correctly, this should be raised as an issue during IESG review and I will need a response to provide the IESG in the event this question comes up. * The IETF has a standards track protocol (OPES, RFC 4037) designed so that servers can call-out for conversions. While there is no requirement to implement IMAP Convert using OPES, it is one valid implementation technique and an informative reference would be nice. Further, if IMAP convert is implemented via a protocol call-out mechanism, I would like implementer feedback on whether OPES is a good fit for that usage. * The Lemonade charter mandates that the CONNEG framework will used if content negotiation is needed. IMAP CONVERT performs content negotiation using a different negotiation framework, but it leverages the media-features registry from CONNEG. After consultation with the former area director responsible for the lemonade charter is my understanding that the primary purpose of that line in the charter was to prevent creation of a new media feature vocabulary. As a result, my judgement is that the document just barely passes the bar set by the charter. However, I am open to input on whether my interpretation of the charter is correct. Detailed comments: Section 3 > The CONVERT extension does not address conversion during streaming > of attachments. This is an odd statement because there's no context to understand it within the document (there is within the WG charter, but we can't assume readers will have read the charter). If you're going to say this, say why and provide an informative reference to the document or documents that can provide this functionality (for example, a combination of IMAP URLAUTH and extensions for RTSP session negotiation could provide streaming functionality). Section 5.1 The document does not state which IMAP states (Authenticated, Selected) the conversions command is made available. At a minimum, I see no reason it should be available in unauthenticated state and it would be best from a security perspective if it was not permitted during that state. Also, the document does not include a section for the "CONVERSIONS" untagged response as is traditional in IMAP documents. Was this omission intentional? Section 6 I find the name "BODYPARTSTRUCTURE" misleading as the result does not in fact reflect the structure of the body part. I suggest "CONVERTEDSTRUCTURE" as an alternative. > The UID CONVERT command is different from the CONVERT command in the > same way as the UID FETCH command is different from the FETCH > command: Note RFC 3501 section 7.4.1 describes another difference between FETCH and UID FETCH that applies to CONVERT and UID CONVERT. > Comments embedded like this SHOULD be preserved during > conversion, but MAY be removed entirely. This "SHOULD" and "MAY" are contradictory. I suggest re-wording. Section 8.2: > No destination MIME type may be specified with BODY[HEADER], > BODY[section.HEADER], or BODY[section.MIME]. It is important the > encoded words be left as encoded words as to do otherwise may alter > the semantics of structured headers. Has there been a discussion of support for message/global-headers as a target media type here? That might actually be an interesting poor-man's approach to EAI compatibility. I'm not saying it's something that has to be done, but cross-WG issues do need to be evaluated during IESG review so I'd like some discussion of this topic before IESG review. > returned for the exactly the same conversion in the same IMAP XXX > A response to a CONVERT command containing the BODYPARTSTRUCTURE data > item MUST return a BODYPARTSTRUCTURE data item (in the CONVERTED > response) before any other data items for the same body part. This is an odd requirement and to me violates the principle of least astonishment. I believe it's also the first time we've required an IMAP server to re-order the response data items. I'd be a lot more comfortable with a requirement that in the event BODYPARTSTRUCTURE is listed prior to BINARY for the same part in the request that it MUST also be listed first in the response. That achieves the same goal (clients can be sure to get it first if they want it first) without mandating the server re-order response data items. Section 8.3 > request). The return value MUST be exact and MUST NOT change > during a duration of an IMAP "session". This allows a client I'm not sure such a strict "MUST NOT change" is a good idea. One case where it may change is if the message is expunged from underneath the client. I think clients need the ability to handle a change to an error (or 0/NIL) in the event the part is removed and saying so (preferably with an example) is likely helpful to interoperability. > Note for client implementors: client authors are cautioned that this > might be an expensive operation for some server implementations. > Needlessly issuing this request could result in degraded performance > due to servers having to calculate the value every time the request > is issued. For that reason it is not a good idea to needlessly > request BINARY.SIZE and use it in a UI to allow a user to chose > between multiple conversions. While advice along these lines is needed, this seems a bit off to me as it places constraints on UIs which we have no business making and needlessly makes a value judgement about client implementation models. Perhaps something more like this would be better: Note for client implementors: client authors are cautioned that this might be an expensive operation for some server implementations. Requesting BINARY.SIZE for a large number of converted body parts or for multiple conversions of the same part can result in slow performance and/or excessive server load and is discouraged. Clients should consider implementation approaches that limit this request to only the most necessary cases and are encouraged to test the performance impact of BINARY.SIZE with multiple server implementations. Section 8.4: AVAILABLECONVERSIONS Unlike the "CONVERSIONS" command, this response item provides no way to determine support for features beyond the media type itself. I want to verify that this is acceptable to the WG as it seems an unusual restriction to me. I also find myself somewhat dubious of the utility of this feature. Section 10 > convert-err-descript = string > ; Human readable text explaining the conversion error Please state the charset for this, and if its value may be modified by the LANGUAGE command. Section 12 1st paragraph -- another mitigation is for the client to authenticate the server using a mutual authentication mechanism and integrity layer and trust the server not to provide dangerous content. 3rd paragraph -- an appropriate mitigation is to log the client authentication identity for append and/or convert operations so administrative measures can be applied to the situation. 4th paragraph -- I would recommend deleting this. Convert doesn't alter the nature of the spam threat in any way. If you want to note the spam threat, include a reference to one or more of the BCPs on the topic. - Chris _______________________________________________ lemonade mailing list lemonade@ietf.org https://www.ietf.org/mailman/listinfo/lemonade Supplemental Web Site: http://www.standardstrack.com/ietf/lemonade
- [lemonade] AD review of draft-ietf-lemonade-conve… Chris Newman
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Neil Cook
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Alexey Melnikov
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Alexey Melnikov
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Alexey Melnikov
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Alexey Melnikov
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Chris Newman
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Alexey Melnikov
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Alexey Melnikov
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Cyrus Daboo
- Re: [lemonade] AD review of draft-ietf-lemonade-c… Alexey Melnikov