Re: [pop3ext] UIDL response to CAPA command

Bill Shannon <bill.shannon@oracle.com> Sun, 18 November 2012 02:46 UTC

Return-Path: <bill.shannon@oracle.com>
X-Original-To: pop3ext@ietfa.amsl.com
Delivered-To: pop3ext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97E0C21F860E for <pop3ext@ietfa.amsl.com>; Sat, 17 Nov 2012 18:46:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.046
X-Spam-Level:
X-Spam-Status: No, score=-6.046 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MXQDXPw9kqH2 for <pop3ext@ietfa.amsl.com>; Sat, 17 Nov 2012 18:46:27 -0800 (PST)
Received: from brmea-mail-1.sun.com (brmea-mail-1.Sun.COM [192.18.98.31]) by ietfa.amsl.com (Postfix) with ESMTP id 8F18F21F84D3 for <pop3ext@ietf.org>; Sat, 17 Nov 2012 18:46:27 -0800 (PST)
Received: from brmsunmail2-central.uk.sun.com ([10.79.11.29]) by brmea-mail-1.sun.com (8.13.6+Sun/8.12.9) with ESMTP id qAI2kPFt016991; Sun, 18 Nov 2012 02:46:25 GMT
Received: from nissan.sfbay.sun.com (dhcp-amer-vpn-adc-anyconnect-10-154-158-73.vpn.oracle.com [10.154.158.73]) by brmsunmail2-central.uk.sun.com (8.14.4+Sun/8.14.4/ENSMAIL,v2.4) with ESMTP id qAI2kN5f017568; Sun, 18 Nov 2012 02:46:23 GMT
Received: from [192.168.0.4] (vostro [192.168.0.4]) by nissan.sfbay.sun.com (8.14.4+Sun/8.14.4) with ESMTP id qAI2jloB004673; Sat, 17 Nov 2012 18:45:47 -0800 (PST)
Message-ID: <50A84C12.1060308@oracle.com>
Date: Sat, 17 Nov 2012 18:46:42 -0800
From: Bill Shannon <bill.shannon@oracle.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:16.0) Gecko/20121011 Thunderbird/16.0.1
MIME-Version: 1.0
To: Randall Gellens <randy@qti.qualcomm.com>
References: <50A409B1.9020702@oracle.com> <196CBE3CC7222C8957041F15@dhcp-amer-vpn-rmdc-anyconnect-10-159-123-100 .vpn.oracle.com> <50A42344.6080502@oracle.com> <p0624060bccccdd31ec74@[99.111.97.136]> <50A7449C.9070904@oracle.com> <p06240610ccccf8b75ff1@[99.111.97.136]>
In-Reply-To: <p06240610ccccf8b75ff1@[99.111.97.136]>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: Chris Newman <chris.newman@oracle.com>, pop3ext@ietf.org
Subject: Re: [pop3ext] UIDL response to CAPA command
X-BeenThere: pop3ext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion of extensions and updates to Post Office Protocol \(POP3\)" <pop3ext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pop3ext>, <mailto:pop3ext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pop3ext>
List-Post: <mailto:pop3ext@ietf.org>
List-Help: <mailto:pop3ext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pop3ext>, <mailto:pop3ext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Nov 2012 02:46:28 -0000

Thanks, Randall, now it's clear.

I guess I was reading "Announced states" / "both" as it *may* be
announced in both states, not it *must* be announced in both states.
Especially since the text seems to have explicit rules for lots of
other cases, but not for this case.

Randall Gellens wrote on 11/17/2012 12:23 AM:
> Hi Bill,
> 
> At 12:02 AM -0800 11/17/12, Bill Shannon wrote:
> 
>>  Sorry, I couldn't tell if you were agreeing with Chris or not.
> 
> My apologies.  I agree with Chris.  Sorry for not being clear.
> 
>>
>>  I understand how it works for capabilities that have parameters.
>>
>>  What I don't understand is what the rules are for capabilities that
>>  don't have parameters.
> 
> The capability description indicates in which states the capability is announced.
> 
>>
>>  Let's try the simple yes or no question...
>>
>>  Does RFC 2449 allow the UIDL capability to be missing from a CAPA
>>  response before authentication, but included in a CAPA response
>>  after authentication?
> 
> No.  The description for it says it is announced in both states.
> 
>>
>>  The spec says:
>>
>>     Capabilities available in the AUTHORIZATION state MUST be announced
>>     in both states.
>>
>>  UIDL is not available in the AUTHORIZATION state, only the TRANSACTION
>>  state, so the above doesn't apply.
> 
> The UIDL capability is announced in both states.  The UIDL command is only
> available in TRANSACTION state.
> 
>>
>>  UIDL has no arguments, so all the rules about arguments don't apply.
>>
>>  Are there other rules in the spec that I'm missing?
> 
> Let me know if what I've said is unclear or ambiguous.
> 
>>
>>
>>  Randall Gellens wrote on 11/16/2012 10:36 PM:
>>>  At 3:03 PM -0800 11/14/12, Bill Shannon wrote:
>>>
>>>>   Well, that was my initial reading as well, and I'd be happy with that
>>>>   interpretation, but the spec says:
>>>>
>>>>      If a capability is announced in both states, but the argument might
>>>>      differ after authentication, this possibility MUST be stated in the
>>>>      capability description.
>>>>
>>>>      (These requirements allow a client to issue only one CAPA command if
>>>>      it does not use any TRANSACTION-only capabilities, or any
>>>>      capabilities whose values may differ after authentication.)
>>>>
>>>>   Note that it talks about "arguments" or "values", not about whether
>>>>   the capability itself might be present or not.
>>>
>>>  The wording about arguments and values applies to those capabilities that are
>>>  announced in both states.   The text is saying that the client has to be
>>> able to
>>>  know if a capability that it wants to use might only be announced after
>>>  authenticating, or if it is announced before authenticating, if it might have
>>>  different parameters after authenticating.  If so, it needs to issue a second
>>>  CAPA after authenticating, but if not, it can perhaps save a round-trip and
>>>  pipeline other commands right after authenticating.
>>>
>>>  A quick check of the IANA registry at
>>>
>>> http://www.iana.org/assignments/pop3-extension-mechanism/pop3-extension-mechanism.xml
>>>
>>>  shows only two capabilities whose parameters may differ: LOGIN-DELAY and EXPIRE
>>>  (which makes sense since these express server policy that may very well differ
>>>  per user).  I don't see any capabilities listed that are only announced in
>>>  TRANSACTION state, although IMPLEMENTATION is allowed to be (but of course no
>>>  client behavior is affected).
>>>
>>>
>>>>   It's that ambiguity that caused me to ask, just to be sure...
>>>
>>>  Sorry if the wording seemed ambiguous.  The intent is to group together for
>>>  special notice two kinds of capabilities: those that are only announced in
>>>  TRANSACTION state and those that are announced in both AUTHENTICATION and
>>>  TRANSACTION but whose parameters may differ between the states.
>>>
>>>
>>>>
>>>>   Chris Newman wrote on 11/14/12 14:02:
>>>>>   Section 6.8 says:
>>>>>
>>>>>   Announced states / possible differences:
>>>>>   both / no
>>>>>
>>>>>   So it looks like you're not allowed by RFC 2994's CAPA registration for UIDL
>>>>>   advertisement to change after authentication.
>>>>>
>>>>>           - Chris
>>>>>
>>>>>   --On November 14, 2012 13:14:25 -0800 Bill Shannon <bill.shannon@oracle.com>
>>>>>  wrote:
>>>>>>   Does RFC 2994 allow the UIDL capability to be missing from a CAPA
>>>>>>   response before authentication, but included in a CAPA response
>>>>>>   after authentication?
>>   >>>
>>>>
>>>>   _______________________________________________
>>>>   pop3ext mailing list
>>>>   pop3ext@ietf.org
>>>>   https://www.ietf.org/mailman/listinfo/pop3ext
>>>
>>>
>>>
>>>
>>
>>  _______________________________________________
>>  pop3ext mailing list
>>  pop3ext@ietf.org
>>  https://www.ietf.org/mailman/listinfo/pop3ext
> 
>