Re: [secdir] Secdir last call review of draft-ietf-jmap-core-12

Barry Leiba <> Fri, 04 January 2019 00:31 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 61E5913139F; Thu, 3 Jan 2019 16:31:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8DfxrA0QpGJW; Thu, 3 Jan 2019 16:31:43 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3B276131392; Thu, 3 Jan 2019 16:31:43 -0800 (PST)
Received: by with SMTP id s22so28400127ioc.8; Thu, 03 Jan 2019 16:31:43 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/lHtNsfmhEuWLztp8kozShaHhIyxsp7bffxLLvOMEyM=; b=S7BWYxANcmhS/CwLz/AIt3d5h5NORzultpIMLvx04y956DvundqFt3yJwwl96vjHOZ /iEQnawqVUfVO7/e54HiGMOedbMtJyOpOPY3I1A1KF01d/gtSXevyRbve41uAVOsQjuy d2hN7hgpXRqZ6rSJ6Jpm+1bX6Nq6i9szMqGiHpnIx332GNEiPm/4+CjxDXBCLljFzPhI uu168QzrJryX1kF/OfJguDCKmbt150l/NZJOVLGK9BPNMQ/a8k+m2pIlmyXgw3FJej+M mK+nVqc3h0w4pIvzu5u/0HKlXtCHd9inbCa6cjqt3U62ABqyzPJod1q7KLFc/qrV3XMC fMiQ==
X-Gm-Message-State: AJcUukeITUI5fAYiyO86C0Wn3oFYtrVuTkufjD8qLPe4ro1+ihkd7zb6 4zOg20sqNbo+xqeEoc9yeM9bUonRYQtxyTGuLTjgtsIv
X-Google-Smtp-Source: ALg8bN47cmj+6JaA3NVDOxVCFEiyRVdPu1k07xUmsUnp6H0ieXZa+yexzHpHJGNm7/i1wiPS+4DE2Bab65DAkXg1eR4=
X-Received: by 2002:a6b:6814:: with SMTP id d20mr26970253ioc.76.1546561902248; Thu, 03 Jan 2019 16:31:42 -0800 (PST)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Barry Leiba <>
Date: Fri, 4 Jan 2019 08:31:31 +0800
Message-ID: <>
To: "Kurt Andersen (IETF)" <>
Cc: IETF JMAP Mailing List <>, Tero Kivinen <>,,
Content-Type: multipart/alternative; boundary="000000000000ce8899057e9700a4"
Archived-At: <>
Subject: Re: [secdir] Secdir last call review of draft-ietf-jmap-core-12
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 04 Jan 2019 00:31:46 -0000

I think that advice to use TLS whenever possible is the extent of what
makes sense to say here.

As to shared folders, that is neither “bad” nor “risky”: it’s necessary for
many use cases.  For example, IETF itself uses shared IMAP folders to serve
up our mailing lists.  Help desks will use a shared inbox for, say,, to allow multiple agents to handle questions and
complaints, while maintaining accountability (each agent has a separate
login, so their activity is tracked).


On Fri, Jan 4, 2019 at 1:21 AM Kurt Andersen (IETF) <>

> On Thu, Jan 3, 2019 at 4:04 AM Tero Kivinen <> wrote:
>> Reviewer: Tero Kivinen
>> Review result: Has Issues
>> This document also has quite a lot of privacy concerns which are not
>> addressed by it. For example email delivery and event notifications can
>> leak lots of information even to passive attackers.
> How is this any different than the risks present in current mechanisms
> (websockets, HTTP, MAPI, IMAP, etc.)? I don't see this as a new risk being
> introduced by the JMAP protocol.
> Of course sharing mailboxes between multiple users (one of the
>> examples given in 1.6.2), has lots of privacy issues.
> Again, this is not a new risk being introduced by JMAP. It seems unfair to
> saddle the JMAP protocol with the responsibility of documenting a
> comprehensive set of privacy and security risks for bad or risky behaviours
> that have been a wide part of common practice for decades.
> --Kurt Andersen