IETF Logo Mail Archive

[mailmaint] Re: draft-ietf-mailmaint-messageflag-mailboxattribute-09 ietf last call Secdir review

Daniel Eggert <deggert@apple.com> Tue, 21 October 2025 12:53 UTC

Return-Path: <deggert@apple.com>
X-Original-To: mailmaint@mail2.ietf.org
Delivered-To: mailmaint@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7E6FD79788B5 for <mailmaint@mail2.ietf.org>; Tue, 21 Oct 2025 05:53:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.795
X-Spam-Level:
X-Spam-Status: No, score=-2.795 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iX_d2s_hBrRm for <mailmaint@mail2.ietf.org>; Tue, 21 Oct 2025 05:53:40 -0700 (PDT)
Received: from hfd-mx02.apple.com (hfd-mx02.apple.com [17.132.100.1]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 5DE647978838 for <mailmaint@ietf.org>; Tue, 21 Oct 2025 05:53:15 -0700 (PDT)
Received: from am11p01nt-mtap02.apple.com (am11p01nt-mtap02.apple.com [100.85.69.166]) by am11p01nt-mxp02.apple.com (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21 2025)) with ESMTPS id <0T4H1GEJCFSKJ100@am11p01nt-mxp02.apple.com> for mailmaint@ietf.org; Tue, 21 Oct 2025 12:53:08 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.80.40 definitions=2025-10-21_01,2025-10-13_01,2025-03-28_01
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=cc : content-type : date : from : in-reply-to : message-id : mime-version : references : subject : to; s=20180706; bh=5CySd6KQDz8UPQ6XK7eHanFEZPxtV8/m4+xCKCwXfRA=; b=JxSx1hBBvOW9ETROFfepG0USObKbUGwqXUcHGyIr/qERnj7Kd5tuPYfk3smZcqEyVRT7 bK6fw0tAA00ZahwHOLxpneP1dG6eZo4zYWRc59sZavEVw8Lmmrra959odNO5hYORRlCG 7H/JHE5qKqv9YQLLMuTEPrsmjdlGqk9w5GRsHflInRJpCGNePgZxg51gmhmg/thp/3o0 pWQdpb80Fshs33FSaGLddX0IJKOdp4yxqyEELS4JwlHxREYN1MSGCMWH9ZvlS2QORbxO 85FhE32w9uLYi7hcazZcrb7+tXI/VFGI+mx8U/3j0PX3EeyjXOk/bzq+wgdDkqIgnoy8 YQ==
Received: from vb11p01nt-mmpp04.apple.com (vb11p01nt-mmpp04.apple.com [100.84.70.83]) by am11p01nt-mtap02.apple.com (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21 2025)) with ESMTPS id <0T4H18CU9FSK0T10@am11p01nt-mtap02.apple.com>; Tue, 21 Oct 2025 12:53:08 +0000 (GMT)
Received: from process_milters-daemon.vb11p01nt-mmpp04.apple.com by vb11p01nt-mmpp04.apple.com (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21 2025)) id <0T4H1OM00F8ZVL00@vb11p01nt-mmpp04.apple.com>; Tue, 21 Oct 2025 12:53:08 +0000 (GMT)
X-Va-A:
X-Va-T-CD: 81ca60fce39c2560b6c4a7e5841f9b8f
X-Va-E-CD: 8daa0ec07cbbd3103a824fdd2cf3caa3
X-Va-R-CD: ef8df5cbefcedf4f4ddfb5e6e958901b
X-Va-ID: 998bcdd6-af84-4bf8-888f-dc502c96665d
X-Va-CD: 0
X-V-A:
X-V-T-CD: 81ca60fce39c2560b6c4a7e5841f9b8f
X-V-E-CD: 8daa0ec07cbbd3103a824fdd2cf3caa3
X-V-R-CD: ef8df5cbefcedf4f4ddfb5e6e958901b
X-V-ID: fff9f7d7-4663-410f-957e-6258b8e0ba6f
X-V-CD: 0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.80.40 definitions=2025-10-21_01,2025-10-13_01,2025-03-28_01
Received: from smtpclient.apple (deggert.euro.apple.com [17.77.188.10]) by vb11p01nt-mmpp04.apple.com (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21 2025)) with ESMTPSA id <0T4H1OI0TFSJZI00@vb11p01nt-mmpp04.apple.com>; Tue, 21 Oct 2025 12:53:07 +0000 (GMT)
From: Daniel Eggert <deggert@apple.com>
Message-id: <D2B32C99-83B2-4B4C-838C-B05654015CE7@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_D36507C7-661E-4E65-862D-F2EBAA24A8B5"
MIME-version: 1.0 (Mac OS X Mail 16.0 \(3864.100.1.1.5\))
Date: Tue, 21 Oct 2025 14:52:57 +0200
In-reply-to: <MN2PR17MB4031005617775C0067729696CDE0A@MN2PR17MB4031.namprd17.prod.outlook.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
References: <175976772713.3748263.11334202467965472980@dt-datatracker-6c6cdf7f94-h6rnn> <f12ba38f-55a3-47fe-8721-f48c5bd5929c@dogfoodapp.fastmail.com> <8886511E-E32F-4B1E-A889-40586BD53396@apple.com> <MN2PR17MB4031005617775C0067729696CDE0A@MN2PR17MB4031.namprd17.prod.outlook.com>
X-Mailer: Apple Mail (2.3864.100.1.1.5)
Message-ID-Hash: RDQSOD5WJYRXC7RBHNHJDWMQH2MGERN3
X-Message-ID-Hash: RDQSOD5WJYRXC7RBHNHJDWMQH2MGERN3
X-MailFrom: deggert@apple.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Neil Jenkins <neilj@fastmailteam.com>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-mailmaint-messageflag-mailboxattribute.all@ietf.org" <draft-ietf-mailmaint-messageflag-mailboxattribute.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, Mail Maintenance WG <mailmaint@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [mailmaint] Re: draft-ietf-mailmaint-messageflag-mailboxattribute-09 ietf last call Secdir review
List-Id: Mail Maintenance <mailmaint.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/mailmaint/mXRAIInNnG-GiocX1vZbVBKeGJE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mailmaint>
List-Help: <mailto:mailmaint-request@ietf.org?subject=help>
List-Owner: <mailto:mailmaint-owner@ietf.org>
List-Post: <mailto:mailmaint@ietf.org>
List-Subscribe: <mailto:mailmaint-join@ietf.org>
List-Unsubscribe: <mailto:mailmaint-leave@ietf.org>

I think, all nits have been addressed in the latest -11 revision.

/Daniel



> Den 7. okt. 2025 kl. 16.49 skrev Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org>:
> 
> Thanks and nerd-sniping appreciation for the color flags 😊
> 
> As for my comments in section 4, I meant group all those items with no sub-sub sections at the top, and then those with sub-items.  So this:
>       $notify, $muted, $followed, $autosent, $imported, $istrusted, $maskedemail, $new and then memos, attachment, subscription
> 
> Also consider putting everything in alphabetical order (sec 5 becomes memos snoozed scheduled), sec 4 becomes (autosent followed istrusted etc…)
> 
> From: Daniel Eggert <deggert@apple.com>
> Date: Tuesday, October 7, 2025 at 2:52 AM
> To: Neil Jenkins <neilj@fastmailteam.com>
> Cc: Salz, Rich <rsalz@akamai.com>, secdir@ietf.org <secdir@ietf.org>, draft-ietf-mailmaint-messageflag-mailboxattribute.all@ietf.org <draft-ietf-mailmaint-messageflag-mailboxattribute.all@ietf.org>, last-call@ietf.org <last-call@ietf.org>, Mail Maintenance WG <mailmaint@ietf.org>
> Subject: Re: draft-ietf-mailmaint-messageflag-mailboxattribute-09 ietf last call Secdir review
> 
> This Message Is From an External Sender
> This message came from outside your organization.
>  
> I’ve uploaded revision 10 that addresses this feedback.
> 
> /Daniel
> 
> 
> Den 7. okt. 2025 kl. 12.45 skrev Neil Jenkins <neilj@fastmailteam.com>:
> 
> On Tue, 7 Oct 2025, at 03:22, Rich Salz via Datatracker wrote:
> Why three bits for `MailFlagN` instead of a single digit?
> 
> The main answer is "we're documenting existing practice". :) But just to clarify a little more, keywords are just present or not, so can only represent a single bit. So for 8 colours you could have 8 different keywords, but this has two problems:
> You could have two conflicting keywords present at the same time, which doesn't make sense (e.g., it's red + blue).
> Servers may limit the number of different keywords you can set, so the fewer the better for compatibility.
> I'm presuming this is why it was originally designed as it is (but again, we're just documenting it at this point).
> 
> Does the ordering of the keywords in Section 4 match some other IMAP documents?
> 
> No, it doesn't.
> 
> I would find it easier to read all the simple definitions together, and then
> the related words (memo, attachment, subscription).
> 
> I'm not sure I understand what you mean by "all the simple definitions together", sorry.
> 
> Sec 4.9: "verified with complete confidence". Please strike the word complete. 
> In fact, as a security person, I strongly suggest removing almost all
> absolutism from this section: "absolute certainty," "strong signal," etc.
> 
> Sure, these words are redundant, although it doesn't change the semantics of what the document is saying. (But I see your point — nothing can be completely confident with security…)
> 
> Sec 7 should probably mention that use and interpretation of these keywords,
> depends on the client/user ability to trust the IMAP server, and/or also refer
> to the security considerations in RFC 9051.
> 
> Sure, that sounds reasonable — Daniel, do you want to update as I think you've been editing it more recently?
> 
> Cheers,
> Neil.
> 
> -- 
> mailmaint mailing list -- mailmaint@ietf.org
> To unsubscribe send an email to mailmaint-leave@ietf.org

v2.46.0 | Report a Bug | By Email | System Status