Internet Engineering Task Force D. Newman Internet-Draft N. Freed Intended status: Informational Sun Microsystems, Inc. Expires: March 20, 2009 September 16, 2008 Decrypted Content Attachment Flag for Internet Message Access Protocol (IMAP) draft-newman-imap-decaf-00.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on March 20, 2009. Abstract This document promulgates an Internet Message Access Protocol (IMAP) flag keyword which Mail User Agents (MUAs) may use to indicate that the decrypted content of an encrypted message contains one or more attachments. This document intentionally leaves undefined the definition of an "attachment" and is neutral as regards the message encryption system. This document also defines an IANA registry for IMAP flag keyword conventions. Newman & Freed Expires March 20, 2009 [Page 1] Internet-Draft DECAF for IMAP September 2008 Table of Contents 1. Conventions Used in this Document . . . . . . . . . . . . . . 3 2. Introduction and Overview . . . . . . . . . . . . . . . . . . 3 3. Client behavior . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Client behavior when receiving a message . . . . . . . . . 4 3.2. Client behavior when copying a message . . . . . . . . . . 4 3.3. Client behavior when sending a message . . . . . . . . . . 4 3.4. Client behavior when saving a temporary message . . . . . 4 4. Server Behavior . . . . . . . . . . . . . . . . . . . . . . . 4 4.1. Server that supports the creation of new flag keywords . . 4 4.2. Server that supports only the $DECAF flag keyword . . . . 5 4.3. Interaction with the IMAP ACL extension . . . . . . . . . 5 5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 9. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 7 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 10.1. Normative References . . . . . . . . . . . . . . . . . . . 8 10.2. Informative References . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8 Intellectual Property and Copyright Statements . . . . . . . . . . 10 Newman & Freed Expires March 20, 2009 [Page 2] Internet-Draft DECAF for IMAP September 2008 1. Conventions Used in this Document The "C:" and "S:" prefixes in examples indicate lines sent, respectively, by the client and server. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Introduction and Overview This document defines a new IMAP mailbox flag keyword [RFC3501] that aids Mail User Agents (MUAs) in determining if the decrypted content of an encrypted message contains attachments. This document does not define any new command or response for IMAP. A conforming MUA, which after decrypting all or part of a message and finding that the decrypted content contains one or more attachments, MAY store $DECAF IMAP flag keyword for the message. Subsequently and without again repeating the decryption, conforming MUAs MAY act upon the presence of the $DECAF flag keyword; e.g., by indicating that the message has an attachment when presenting a list of messages. The $DECAF flag keyword put forth in this document does not indicate that the message itself has attachments. Rather, it indicates that one or more encrypted portions of the message, when decrypted, contain attachments. This document does not define encrypted content, places no requirements on the format or structure of decrypted content, and does not define what constitutes an "attachment". These details are left to MUA implementors to determine as suits their needs. That said, MUAs SHOULD use the $DECAF flag keyword for message encryption formats in which the structure of the encrypted content cannot be determined without first decrypting the encrypted content. 3. Client behavior A MUA wishing to store $DECAF flag keyword should first verify that the IMAP mailbox in question can store the $DECAF flag keyword, either temporarily or permanently. This is done by opening the mailbox and examining the FLAGS and PERMANENTFLAGS responses for either the $DECAF keyword or an indication that arbitrary keywords may be created. Note that even if the $DECAF flag keyword cannot be stored Newman & Freed Expires March 20, 2009 [Page 3] Internet-Draft DECAF for IMAP September 2008 permanently, MUAs may still derive benefit from storing it temporarily. For example, an MUA which maintains minimal state. Indeed, some MUAs may only want to store $DECAF flag keyword temporarily thereby avoiding long term disclosure of the implied information. 3.1. Client behavior when receiving a message Upon receiving a message containing encrypted content, the MUA MAY store the $DECAF flag keyword for that message if it determines that, when decrypted, any of the encrypted content contains one or more attachments. The MUA SHOULD NOT clear the $DECAF flag keyword: it may have been stored by another MUA. 3.2. Client behavior when copying a message The client SHOULD verify that the $DECAF flag keyword is preserved on a COPY operation. Furthermore, when copying a message between servers with the APPEND command, the client SHOULD preserve the $DECAF flag keyword on the resulting copy of the message. 3.3. Client behavior when sending a message When saving a sent message to any folder, the client MAY store the $DECAF flag keyword provided that the saved message has one or more encrypted parts which, when decrypted, contain one or more attachments. 3.4. Client behavior when saving a temporary message When saving an unfinished message to any folder, the client MAY store the $DECAF flag provided that the unfinished message has one or more encrypted parts which, when decrypted, contain one or more attachments. 4. Server Behavior Server implementors seeking to support this specification MUST insure that their server complies with either Section 4.1 or Section 4.2. If the server also supports the IMAP ACL extension [RFC2086], it MUST also comply with Section 4.3. 4.1. Server that supports the creation of new flag keywords If a server supports the creation of new flag keywords, then no changes are required to the server to make it compatible with the extension described in this document. Newman & Freed Expires March 20, 2009 [Page 4] Internet-Draft DECAF for IMAP September 2008 4.2. Server that supports only the $DECAF flag keyword Servers that support only the $DECAF flag keyword SHOULD preserve it on the COPY operation. It is also expected that a server that supports SEARCH will also support SEARCH KEYWORD $DECAF. 4.3. Interaction with the IMAP ACL extension Any server that conforms to either Section 4.1 or Section 4.2 and also supports the IMAP ACL extension [RFC2086], SHOULD preserve the $DECAF flag keyword on COPY even if the client does not have the "w" ACL right. Note that the server MUST still check if the client has rights to perform the COPY operation on a message according to [RFC2086]. 5. Examples (1) MUA opens mailbox for the first time. (a) The server supports storing of arbitrary keywords C: A01 SELECT INBOX S: * FLAGS (\Flagged \Draft \Deleted \Seen) S: * OK [PERMANENTFLAGS (\Flagged \Draft \Deleted \Seen \*)] S: * 56 EXISTS S: * 0 RECENT S: * OK [UNSEEN 55] S: * OK [UIDVALIDITY 1078037321] S: * OK [UIDNEXT 198245] S: A01 OK [READ-WRITE] Completed (b) The server supports storing of the $DECAF flag keyword C: A01 SELECT INBOX S: * FLAGS (\Flagged \Draft \Deleted \Seen $DECAF) S: * OK [PERMANENTFLAGS (\Flagged \Draft \Deleted \Seen $DECAF)] S: * 56 EXISTS S: * 0 RECENT S: * OK [UNSEEN 55] S: * OK [UIDVALIDITY 1078037321] S: * OK [UIDNEXT 198245] S: A01 OK [READ-WRITE] Completed Newman & Freed Expires March 20, 2009 [Page 5] Internet-Draft DECAF for IMAP September 2008 (2) The MUA successfully stores the $DECAF flag keyword C: A02 STORE 4 +FLAGS ($DECAF) S: * 4 FETCH (FLAGS (\Seen $DECAF)) S: A02 OK Completed (3) The server refuses to store the $DECAF keyword C: A02 STORE 4 +FLAGS ($DECAF) S: A02 NO STORE failed : Too many keywords in mailbox 6. Acknowledgements Credit is due Alexey Melnikov whose [RFC3503] was emulated for this document. 7. IANA Considerations This document requests that IANA create and maintain a First Come First Served [RFC5226] registry for IMAP flag keywords. (1) The name of the registry is "IMAP Flag Keywords". (2) To register an IMAP flag keyword, the flag keyword name, a description of the flag keyword, and an owner or change controller MUST be specified. Optionally, a reference to a document describing the flag keyword MAY be provided. (3) The review process for the registry is First Come First Served as per [RFC5226]. (4) The name of each registered flag keyword MUST begin with the character "$" and MUST satisfy the IMAP flag-keyword syntax [RFC3501]. (5) The initial assignments for the registry are as follows: Newman & Freed Expires March 20, 2009 [Page 6] Internet-Draft DECAF for IMAP September 2008 1. Name: $MDNSent Description: Indicator that no MDN needs to be sent for the message. Owner/Change Controller: Alexey Melnikov Reference: RFC 3503 2. Name: $Forwarded Description: Indicator that the message has been resent to another email address, embedded within or attached to a new message. Owner/Change Controller: Stephen H. Maes Alexey Melnikov Reference: RFC 4550 3. Name: $DECAF Description: Indicator that an encrypted message contains attachments within its encrypted content. Owner/Change Controller: Ned Freed Dan Newman Reference: XXXX 8. Security Considerations Use of the $DECAF flag exposes information about the content of an encrypted message. Namely, when the $DECAF flag is stored, knowledge that the encrypted message contains one or more attachments becomes known to anyone with access to the mailbox regardless of whether or not they can decrypt the message itself. When the $DECAF flag is not stored, somewhat less information is revealed: it may not be stored because no conforming MUA has yet received and decrypted the message, or it may not be stored because the message indeed contains no attachments within its encrypted content. 9. Formal Syntax The following syntax specification uses the augmented Backus-Naur Form (BNF) notation as specified in [RFC5234]. Non-terminals referenced, but not defined below, are as defined by [RFC3501]. Except as noted otherwise, all alphabetic characters are case insensitive. The use of upper or lower case characters to define token strings is for editorial clarity only. Implementations MUST accept these strings in a case insensitive fashion. flag-keyword = "$DECAF" / other_keywords Newman & Freed Expires March 20, 2009 [Page 7] Internet-Draft DECAF for IMAP September 2008 other-keywords = atom 10. References 10.1. Normative References [RFC2086] Myers, J., "IMAP4 ACL extension", RFC 2086, January 1997. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1", RFC 3501, March 2003. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, January 2008. 10.2. Informative References [RFC3503] Melnikov, A., "Message Disposition Notification (MDN) profile for Internet Message Access Protocol (IMAP)", RFC 3503, March 2003. Authors' Addresses Dan Newman Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 US Email: dan.newman@sun.com Newman & Freed Expires March 20, 2009 [Page 8] Internet-Draft DECAF for IMAP September 2008 Ned Freed Sun Microsystems, Inc. 800 Royal Oaks Drive Monrovia, CA 91016 US Email: ned.freed@sun.com Newman & Freed Expires March 20, 2009 [Page 9] Internet-Draft DECAF for IMAP September 2008 Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Newman & Freed Expires March 20, 2009 [Page 10]