Re: [VCARDDAV] ping? anybody out there?
Cyrus Daboo <cyrus@daboo.name> Fri, 09 November 2007 17:23 UTC
Return-path: <vcarddav-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IqXZh-00007I-9i; Fri, 09 Nov 2007 12:23:21 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IqXZf-000069-TG for vcarddav@ietf.org; Fri, 09 Nov 2007 12:23:19 -0500
Received: from piper.mulberrymail.com ([151.201.22.177] helo=mulberrymail.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IqXZb-0006Sc-W4 for vcarddav@ietf.org; Fri, 09 Nov 2007 12:23:19 -0500
Received: from caldav.corp.apple.com ([17.101.32.44]) (authenticated bits=0) by mulberrymail.com (8.13.6/8.13.6) with ESMTP id lA9HN4DD003409 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 9 Nov 2007 12:23:07 -0500
Date: Fri, 09 Nov 2007 12:22:59 -0500
From: Cyrus Daboo <cyrus@daboo.name>
To: Greg Stein <gstein@google.com>
Subject: Re: [VCARDDAV] ping? anybody out there?
Message-ID: <59FF0C1E22EA1A8F0C202297@caldav.corp.apple.com>
In-Reply-To: <9c791d0a0711081757p7b47bc3fw24e0a4a685287782@mail.gmail.com>
References: <9c791d0a0711081508y2691e61bsee8ba14da427f5b5@mail.gmail.com> <F08C4C549B459297558CF0CD@ninevah.local> <9c791d0a0711081757p7b47bc3fw24e0a4a685287782@mail.gmail.com>
X-Mailer: Mulberry/4.1.0a1 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=disabled version=3.1.1
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on piper.mulberrymail.com
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21bf7a2f1643ae0bf20c1e010766eb78
Cc: vcarddav@ietf.org
X-BeenThere: vcarddav@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "vCard and CardDAV Engineering List, potential WG" <vcarddav.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/vcarddav>
List-Post: <mailto:vcarddav@ietf.org>
List-Help: <mailto:vcarddav-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=subscribe>
Errors-To: vcarddav-bounces@ietf.org
Hi Greg, --On November 8, 2007 5:57:39 PM -0800 Greg Stein <gstein@google.com> wrote: >> Actually that wouldn't give you the same level of capability as the >> current query report which lets you query specific properties within the >> vCard > > RFC 3744, section 9.4 doesn't actually specify the search. The > vcarddav spec *could* do that, however. Thus, you could have do a > property search on the "vcard" property, with parameters saying "ADR" > and "sometext". This could be as simple as adding a new attribute to > the DAV:match element: > > <property-search> > <prop><vcard/></prop> > <match vcard-constraint="ADR">sometext</match> > </property-search> Right, but you will pretty much re-invent the current calendar query syntax for matching. Its also complicated by i18n issues and match type issues (e.g. an address completion operation really needs a "starts-with" match operation rather than a "contains" match). The other thing that the current spec gives is partial retrieval of the data. i.e. an email client doing address completion rally only cares about the full-name and email addresses - there is no point in it getting ADR or PHOTO properties (particularly as PHOTO could be large). Given hat address completion must be fast to match user expectations, minimizing the amount of data returned is critical. If you stuff the vCard into a property, you would have to invent some kind of partial retrieval mechanism for that. >> ... >> But how do you create your own contacts, as opposed to contacts already >> on > > A simple PUT and PROPPATCH, I'd think. So what happens in the case where two users want to maintain there own copies of a vCard for the same person, so that they can have their own notes or annotations? How would you identify those as separate for each user? Wouldn't you have to have some kind of per-user principal hierarchy so each could maintain their own? That's pretty much the same as each having their own address book. >> the system? e.g. I want to be able to add contact information for my wife >> on my corporate carddav server. Are you saying I have to create a >> principal first? I don't hink that is going to fly as a principal has a >> lot more significance on a webdav server than a simple contact. > > I don't see a problem with it. The server can define where that > principal goes. Local or pushed back into some kind of directory. I am extremely nervous about tying address creation to principal creation. Principals are tied to authentication/authorization in WebDAV. Having users able to create those themselves seems to me to be a layering violation - and a critical one given that principals have a significant role to play in the security of the system. Also, some systems do not make principal resources visible to users for security/privacy reasons (e.g. it can expose information about group membership etc). Those types of servers would not be able to support the principal-as-vcard model. > I can easily see the server representing the address book as a bunch > of records. *Some* of those records point to the "canonical" location > of all directory-based prinicpals. Some are free-floating records > which do not include that pointer. These principals' canonical > location is the address book itself (sort of "detached", you might > say). > >> That said, I think its not unreasonable to have either a vcard attribute >> on principals that contains the contact data for that principal, or for >> the server to maintain a special address book populated with vcards for >> all principals on the system (we would then have a property somewhere >> pointing > Though I think Julian has issues with putting stuff into the resource > body. Or maybe that was just an issue with surfacing that data as > *both* a body and a property. Maybe Julian can elaborate. The body is problematic because some servers may treat principal resources as collections (the Apple CalDAV server does that because we have per-user principals defined below the main principals that are used for setting up calendar delegate/proxy access). I think my preference right now is this: define a <my-vcard> property on principal resources. That will contain a single href pointing to a vcard resource. That resource could be one in a "system" address book that mirrors the "directory" used to back the principals. Or it could point to the principal itself, if the principal resource contains the vCard data. We could then have a <principal-addressbook> property defined on all resources (similar to <principal-collection-set>) that defines the location (or locations) of an addressbook collection containing the vcards of the principals. That could point to the "system" address book, or it could point to the principal collection itself if the body of principals is the vCard. What this means is that clients may have to do two queries depending on what it is doing. One query on the personal address books and one on the principal-address book. >> Ah. Access control. > In the absence of access control, I'd recommend a label property and > being able to search that. IIRC, Outlook uses the label-style system > (but man... it's been a while; anybody?). I know Google is pretty > label-happy in our products, but it doesn't appear we can do that for > contacts (well, maybe our groups could be seen as a label). You're in luck! vCard defines the CATEGORIES property that can easily be used for labelling/tagging and can be queried as a vCard property value. >> Yes it is possible to get by with a single address book and manage the >> ACLs indepdently on each contact, but that is a lot more work for >> clients and harder for users. > > Agreed. I could easily see a departmental or company address book, > separate from your personal work abook, separate from your > personal/home abook. Yes, this is an important use case. Whilst you could tag/label (as you suggest) managing ACLs means doing that on a per-resource basis. One of the things being discussed a lot right now in Calconnect's CalDAV technical committee is an approach using groups that tries to minimize the number of times a client has to use ACL. The calendar proxy/delegate approach I discussed above does just that - in fact the client never has to use ACL - instead all it does is change group membership in certain principals to make another user a delegate. >> > The last part is about synchronization. I think the vcarddav spec >> > shouldn't deal with it at all, and just use things like the (draft) >> > "getctag" property and/or the draft synchronization protocol. >> >> The synchronization stuff is no longer in the spec. > > Cool. In favor of your other draft, I presume? Yes. There were a few comments on the sync spec a while back, but I am afraid I have been too busy to follow up on those. My goal is to get carddav (and the extended MKCOl draft I also have) out before Monday and try to get consensus on those towards moving to IETF last call. Then it will be time to concentrate on protocol optimization elements such as the sync spec and also the PATCH spec (we'll need to define a good diff format optimized for iCalendar/vCard style data to make that work well for us in the presence of the partial retrieval mode we have for the data in CalDAV and CardDAV). -- Cyrus Daboo _______________________________________________ VCARDDAV mailing list VCARDDAV@ietf.org https://www1.ietf.org/mailman/listinfo/vcarddav
- [VCARDDAV] ping? anybody out there? Greg Stein
- Re: [VCARDDAV] ping? anybody out there? Cyrus Daboo
- Re: [VCARDDAV] ping? anybody out there? Greg Stein
- Re: [VCARDDAV] ping? anybody out there? Julian Reschke
- Re: [VCARDDAV] ping? anybody out there? Cyrus Daboo
- Re: [VCARDDAV] ping? anybody out there? Cyrus Daboo
- Re: [VCARDDAV] ping? anybody out there? Julian Reschke
- Re: [VCARDDAV] ping? anybody out there? Cyrus Daboo
- Re: [VCARDDAV] ping? anybody out there? Julian Reschke