IETF Logo Mail Archive

Re: [Tsv-art] Tsvart last call review of draft-ietf-jmap-core-12

"Bron Gondwana" <brong@fastmailteam.com> Sat, 29 December 2018 04:09 UTC

Return-Path: <brong@fastmailteam.com>
X-Original-To: tsv-art@ietfa.amsl.com
Delivered-To: tsv-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDCEE127B4C; Fri, 28 Dec 2018 20:09:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.973
X-Spam-Level:
X-Spam-Status: No, score=-1.973 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_HEADER_CTYPE_ONLY=0.717, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_MIME_MALF=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b=jkiIjJbU; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=ifBrCinm
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r3hZ8Ddx3TpH; Fri, 28 Dec 2018 20:09:37 -0800 (PST)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D43C124BF6; Fri, 28 Dec 2018 20:09:34 -0800 (PST)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 64F09DC2; Fri, 28 Dec 2018 23:09:33 -0500 (EST)
Received: from imap7 ([10.202.2.57]) by compute6.internal (MEProxy); Fri, 28 Dec 2018 23:09:33 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=message-id:in-reply-to:references:date:from :to:cc:subject:content-type; s=fm1; bh=EjnVuGrCUob0ayl1LVGCE9UTP KUcxEOOn4CqGHhcprE=; b=jkiIjJbUDgbHORNjAgJ/cpRjQNCL2kCZkmZf9UY0M E10TtvYjF27XSBh10CJEOTwaoDY6w/pTY8ItjZOYD3qAliIXXtIdWFUHfeSrgoEQ xCpZMxHJNuEejy0bCNyIBXbKbL62M7aUk7/nafaC7MRp1llOOgK932Cx/uUICmgj JicBttbXhQl/iRe24lalYbuX3Rpx5M0AHRgICBqwPEnVS2yvQucp7HsFq0DKm7u5 TJsDjUnXrP5uikiV/RDfgsFBJ+27TgQEYy2yQZTaM2mGCfx/+Gho5xHhSYAGibu0 R+FIdX/WTibIhvTsJH+dqYYxQPT+HHjplMTKRBl12Cm0g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:references:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=EjnVuGrCUob0ayl1L VGCE9UTPKUcxEOOn4CqGHhcprE=; b=ifBrCinmaBRjR6cTsL/HdQxDau/oDtieS O7cBgMLcw2mUcNgQuKM+qeQP9JfSmDupQpSl4FrsH/JjxM08/eLlhBFAjkHdCvcS YN5ugEyqcjfi06Grych7c67fjyN1O2p/7XSnpFua+YVNH1g2GGjnrbBfrW8faBNS EoYfLxj+lMi32YghIBCdy4FTg360UUOJ8/pXbAcJkQL4/r/0b4mzi3YbIpkUuPhv yjzlX004PItEcvkxAIGBMTFBZSpjr8hb1f/gotbR4OUnRq+7ILGdK7THWBaX7Kyd 7dUj4ZXYJGshdINT/n1gzvibxfXkjKwDxNqlf1atpTly3a9CaUMPQ==
X-ME-Sender: <xms:fPMmXLIWE08MBpGbxfkMSstEkkFWR971P27zNmcPwYvcgu2m5nGq_Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrtdejgdeivdculddtuddrgedtkedrtddtmd cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfkfgjfhffhffvufgtsegrtderreerredtnecuhfhrohhmpedfuehrohhn ucfiohhnugifrghnrgdfuceosghrohhnghesfhgrshhtmhgrihhlthgvrghmrdgtohhmqe enucffohhmrghinhephhhtthhpshdrohhnvgenucfrrghrrghmpehmrghilhhfrhhomhep sghrohhnghesfhgrshhtmhgrihhlthgvrghmrdgtohhmnecuvehluhhsthgvrhfuihiivg eptd
X-ME-Proxy: <xmx:fPMmXBi8Dv2cvpBzyxdmWh9ZQjAn18uM67g_JNQwj1KQcdZfwCMIHQ> <xmx:fPMmXM-n9iv8UmDVxGMqrrEPU08CClsUf3Qzh9qfKurxMIJLQaUkTw> <xmx:fPMmXHgYXhPIfjIWb93xXIvL1p67CuLwvgBINE7VQuTYVeXFTEjHEw> <xmx:fPMmXADftzvGdRoo-NYB0EAMZPHgknHl7sjZn_A3aO09aPv_DLOidQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 734E8202AD; Fri, 28 Dec 2018 23:09:32 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.5-714-g75bf9ad-fmstable-20181221v5
X-Me-Personality: 56629417
Message-Id: <7dbcbc19-a513-4d2a-80e5-0417d5f2685f@www.fastmail.com>
In-Reply-To: <154602184661.21654.7987714371574539114@ietfa.amsl.com>
References: <154602184661.21654.7987714371574539114@ietfa.amsl.com>
Date: Fri, 28 Dec 2018 23:09:31 -0500
From: Bron Gondwana <brong@fastmailteam.com>
To: tsv-art@ietf.org, Allison Mankin <allison.mankin@gmail.com>
Cc: jmap@ietf.org, draft-ietf-jmap-core.all@ietf.org, ietf@ietf.org
Content-Type: multipart/alternative; boundary="28d7fbdd0e714909bc2e27c9ad726ed9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/ewgGGQinPFZ8mrDNO5IxFSjRoEU>
Subject: Re: [Tsv-art] Tsvart last call review of draft-ietf-jmap-core-12
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Dec 2018 04:09:39 -0000

Hi Allison,

The blob deliberately isn't validated at upload time, so that it can be used by any Foo/import function or referenced in the generation of a later object of any type. For example I uploaded a PDF file as a blob:

Content-Length: 312597
Content-Type: application/pdf

And my server returned the details I gave:

{
 "expires":"2018-12-30T03:57:18Z",
 "type":"application/pdf",
 "size":312597,
 "blobId":"Gb5eb763ad75e77101226181e01bb5c20f6aaf412",
 "accountId":"uac7641b2"
}

But that type field isn't saved on the server at all, it's just there in the response (as can be seen in the "Downloading" section, where "type" must be included in the request URL pattern and filled by the client)

When that blob gets later used as an email attachment, the interpretation of the blob is given by the client as part of the bodyStructure (see the draft-ietf-jmap-mail document for how Email/set uses uses blobs as part of email creation if you're interested):

{
 "blobId":"Gb5eb763ad75e77101226181e01bb5c20f6aaf412",
 "cid":null,
 "disposition":"attachment",
 "name":"certificate.pdf",
 "size":312597,
 "type":"application/pdf"
}

And then the server uses that to generate an appropriate representation of the object that's being created:

--fa073057ee4b4ff58e7209f66d32cd7a
Content-Disposition: attachment;filename="certificate.pdf"
Content-Type: application/pdf; name="certificate.pdf"
Content-Transfer-Encoding: BASE64

[...]
--fa073057ee4b4ff58e7209f66d32cd7a--

Cheers,

Bron.

On Sat, Dec 29, 2018, at 05:30, Allison Mankin wrote:
> Reviewer: Allison Mankin
> Review result: Ready
> 
> This document has been reviewed as part of the transport area review team's
> ongoing effort to review key IETF documents. These comments were written
> primarily for the transport area directors, but are copied to the document's
> authors and WG to allow them to address any issues raised and also to the IETF
> discussion list for information.
> 
> When done at the time of IETF Last Call, the authors should consider this
> review as part of the last-call comments they receive. Please always CC
> tsv-art@ietf.org if you reply to or forward this review.
> 
> This standards track specification is in good shape from a transport point of
> view. Topics considered in this assessment were its discovery mechanism, its
> support of tools for denial of service and rate control issues on both the
> server and clients side, its ordering and data flow for the allowed disparate
> client endpoints, and its transport mapping, which is mandatory HTTPS.
> 
> One question that is referred to other areas is what recommendations would be
> given (or what spec referenced) for validation of uploaded blob objects (it
> looks like the flow control for these is fine).
> 
> 

--
 Bron Gondwana, CEO, FastMail Pty Ltd
 brong@fastmailteam.com

v2.23.0 | Report a Bug | By Email