Internet Engineering Task Force (IETF) K. Murchison Request for Comments: 8440 B. Gondwana Category: Standards Track FastMail ISSN: 2070-1721 August 2018
IMAP4 Extension for Returning MYRIGHTS Information in Extended LIST
This document defines an extension to the Internet Message Access Protocol (IMAP) LIST command that allows the client to request the set of rights that the logged-in user has been granted on mailboxes, along with other information typically returned by the LIST command.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.
Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
IMAP [RFC3501] clients typically fetch the set of rights granted on mailboxes so they can expose the allowed functionality to the logged- in user. In order to do that, the client is forced to issue a LIST or LSUB command to list all available mailboxes, followed by a MYRIGHTS command for each mailbox found. This document defines an extension to the to IMAP LIST command that is identified by the capability string "LIST-MYRIGHTS". The LIST-MYRIGHTS extension allows the client to request the set of rights that the logged-in user has been granted on mailboxes, along with other information typically returned by the LIST command.
In examples, "C:" indicates lines sent by a client that is connected to a server. "S:" indicates lines sent by the server to the client.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
[RFC4314] defines the MYRIGHTS command, which is used by an IMAP client to determine the set of rights that the logged-in user has been granted on a given mailbox. Frequently, a client will have to look up the rights for some or all of the mailboxes returned by the
Murchison & Gondwana Standards Track [Page 2]
RFC 8440 IMAP LIST-MYRIGHTS August 2018
LIST command. Doing so in multiple MYRIGHTS commands wastes bandwidth and can degrade performance if the client does not pipeline the requests.
This document extends the LIST command with a new "MYRIGHTS" return option [RFC5258] that allows the client to request all of the desired information in a single command. For each listable mailbox matching the list pattern and selection options, the server MUST return an untagged LIST response and SHOULD also return an untagged MYRIGHTS response containing the set of rights granted to the logged-in user. The ordering of the responses is significant only in that the server MUST NOT send a MYRIGHTS response for a given mailbox before it sends the LIST response for that mailbox.
If the server is unable to look up the set of rights for a given mailbox, it does not send the MYRIGHTS reply for that mailbox.
Client authors ought to note that generating the MYRIGHTS responses for a large number of mailboxes may be an expensive operation for the server. Clients SHOULD use a suitable match pattern and/or selection option to limit the set of mailboxes returned to only those in whose rights they are interested.
In addition to the security considerations described in [RFC4314], this extension makes it a bit easier for clients to overload the server by requesting MYRIGHTS information for a large number of mailboxes. However, as noted in the introduction, existing clients already try to do that by generating a large number of MYRIGHTS commands for each mailbox in which they are interested. While performing MYRIGHTS information retrieval for big lists of mailboxes, a server implementation needs to make sure that it can still serve other IMAP connections and yield execution to other connections, when necessary.
This document is based largely on [RFC5819]. The authors would like to thank the authors of that document for providing both inspiration and some borrowed text for this document. The authors would also like to thank Barry Leiba for contributing his ideas and support for writing this specification.
Kenneth Murchison FastMail Pty Ltd. Level 2, 114 William Street Melbourne, VIC 3000 Australia
Bron Gondwana FastMail Pty Ltd. Level 2, 114 William Street Melbourne, VIC 3000 Australia