Network Working Group                              M. Gahrns, Microsoft
                                                    R. Cheng, Microsoft
Internet Draft
Document: draft-gahrns-imap-child-mailbox-00.txt          November 1997


                          IMAP4 Child Mailbox Extension


Status of this Memo

   This document is an Internet Draft.  Internet Drafts are working
   documents of the Internet Engineering Task Force (IETF), its Areas,
   and its Working Groups.  Note that other groups may also distribute
   working documents as Internet Drafts.

   Internet Drafts are draft documents valid for a maximum of six
   months.  Internet Drafts may be updated, replaced, or obsoleted by
   other documents at any time.  It is not appropriate to use Internet
   Drafts as reference material or to cite them other than as a
   "working draft" or "work in progress".

   To learn the current status of any Internet-Draft, please check the
   1id-abstracts.txt listing contained in the Internet-Drafts Shadow
   Directories on ds.internic.net, nic.nordu.net, ftp.isi.edu, or
   munnari.oz.au.

   A revised version of this draft document will be submitted to the
   RFC editor as a Proposed Standard for the Internet Community.
   Discussion and suggestions for improvement are requested.  This
   document will expire before June 1998. Distribution of this draft is
   unlimited.


1. Abstract

   Many IMAP4 [RFC-2060] clients present to the user a hierarchical
   view of the mailboxes that a user has access to.  Rather than
   initially presenting to the user the entire mailbox hierarchy, it is
   often preferable to show to the user a collapsed outline list of the
   mailbox hierarchy (particularly if there is a large number of
   mailboxes).  The user can then expand the collapsed outline
   hierarchy as needed.  It is common to include within the collapsed
   hierarchy a visual clue (such as a ''+'') to indicate that there are
   child mailboxes under a particular mailbox.   When the visual clue
   is clicked the hierarchy list is expanded to show the child
   mailboxes.

   The CHILDREN extension provides a mechanism for a client to
   efficiently determine if a particular mailbox has children, without
   issuing a LIST '' * or a LIST '' % for each mailbox name.




Gahrns and Cheng                                                     1

                    IMAP4 Child Mailbox Extension       November 1997



2. Conventions used in this document

   In examples, "C:" and "S:" indicate lines sent by the client and
   server respectively.   If such lines are wrapped without a new "C:"
   or "S:" label, then the wrapping is for editorial clarity and is not
   part of the command.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and "OPTIONAL" in
   this document are to be interpreted as described in [RFC-2119].


3. Requirements

   IMAP4 servers that support this extension MUST list the keyword
   CHILDREN in their CAPABILITY response.

   The CHILDREN extension defines two new attributes that MAY be
   returned within a LIST response:

   \HasChildren - The presence of this attribute indicates that the
   mailbox has child mailboxes.

   A server SHOULD NOT set this attribute if there are child mailboxes,
   and the user does not have permissions to access any of them. In
   this case, \HasNoChildren SHOULD be used.

   In many cases, however, a server may not be able to efficiently
   compute whether a user has access to all child mailboxes.  As such a
   client MUST be prepared to accept the \HasChildren attribute as a
   hint. That is, a mailbox MAY be flagged with the \HasChildren
   attribute, but no child mailboxes will appear in the LIST response.


   \HasNoChildren - The presence of this attribute indicates that the
   mailbox has NO child mailboxes that are accessible to the currently
   authenticated user.


   Example 3.1:
   ============

   < Consider a server that has the following mailbox hierarchy:

   INBOX
   ITEM_1
      ITEM_1A
   ITEM_2
      TOP_SECRET




Gahrns and Cheng                                                     2

                    IMAP4 Child Mailbox Extension       November 1997


   Where INBOX, ITEM_1 and ITEM_2 are top level mailboxes.  ITEM_1A is
   a child mailbox of ITEM_1 and TOP_SECRET is a child mailbox of
   ITEM_2 that the currently logged on user does NOT have access to.

   Note that in this case, the server is not able to efficiently
   compute access rights to child mailboxes and responds with a
   \HasChildren attribute for mailbox ITEM_2, even though
   ITEM_2/TOP_SECRET does not appear in the list response. >


   C: A001 LIST "" *
   S: * LIST (\HasNoChildren) "/" INBOX
   S: * LIST (\HasChildren) "/" ITEM_1
   S: * LIST (\HasNoChildren) "/" ITEM_1/ITEM_1A
   S: * LIST (\HasChildren) "/" ITEM_2
   S: A001 OK LIST Completed

   In some instances a server that supports the CHILDREN extension MAY
   NOT be able to determine whether a mailbox has children.  For
   example it may have difficulty determining whether there are child
   mailboxes when LISTing mailboxes while operating in a particular
   namespace.

   In these cases, a server MAY exclude both the \HasChildren and
   \HasNoChildren attributes in the LIST response.  As such, a client
   can not make any assumptions about whether a mailbox has children
   based upon the absence of a single attribute. It is an error for the
   server to return both a \HasChildren and a \HasNoChildren attribute
   in a LIST response.


   Note: the \HasNoChildren attribute should not be confused with the
   IMAP4 [RFC-2060] defined attribute \NoInferiors which indicates that
   no child mailboxes exist now and none can be created in the future.


5. Formal Syntax

   The following syntax specification uses the augmented Backus-Naur
   Form (BNF) as described in [ABNF].

   Two new mailbox attributes are defined as flag_extensions to the
   IMAP4 mailbox_list response:

   HasChildren = "\HasChildren"

   HasNoChildren = "\HasNoChildren"


6. Security Considerations

   This extension provides a client a more efficient means of
   determining whether a particular mailbox has children.  If a mailbox

Gahrns and Cheng                                                     3

                    IMAP4 Child Mailbox Extension       November 1997


   has children, but the currently authenticated user does not have
   access to any of them, the server SHOULD respond with a
   \HasNoChildren attribute.  In many cases, however, a server may not
   be able to efficiently compute whether a user has access to all
   child mailboxes.  If such a server responds with a \HasChildren
   attribute, when in fact the currently authenticated user does not
   have access to any child mailboxes, potentially more information is
   conveyed about the mailbox than intended.   In most situations this
   will not be a security concern, because if information regarding
   whether a mailbox has children is considered sensitive, a user would
   not be granted access to that mailbox in the first place.


7. References

   [RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
   4rev1", RFC 2060, University of Washington, December 1996.

   [RFC-2119], Bradner, S, "Key words for use in RFCs to Indicate
   Requirement Levels", RFC 2119, Harvard University, March 1997

   [ABNF], DRUMS working group, Dave Crocker Editor, "Augmented BNF for
   Syntax Specifications: ABNF", draft-drums-abnf-04.txt (work in
   progress), Internet Mail Consortium, September 1997


8.  Acknowledgments

   The authors would like to thank the participants of the IMC Mail
   Connect 3 event for their input when this idea was originally
   presented.


9. Author's Address

   Mike Gahrns
   Microsoft
   One Microsoft Way
   Redmond, WA, 98072

   Phone: (425) 936-9833
   Email: mikega@microsoft.com

   Raymond Cheng
   Microsoft
   One Microsoft Way
   Redmond, WA, 98072

   Phone: (425) 703-4913
   Email: raych@microsoft.com




Gahrns and Cheng                                                     4