Network Working Group M. Gahrns, Microsoft
R. Cheng, Microsoft
Internet Draft
Document: draft-gahrns-imap-child-mailbox-00.txt November 1997
IMAP4 Child Mailbox Extension
Status of this Memo
This document is an Internet Draft. Internet Drafts are working
documents of the Internet Engineering Task Force (IETF), its Areas,
and its Working Groups. Note that other groups may also distribute
working documents as Internet Drafts.
Internet Drafts are draft documents valid for a maximum of six
months. Internet Drafts may be updated, replaced, or obsoleted by
other documents at any time. It is not appropriate to use Internet
Drafts as reference material or to cite them other than as a
"working draft" or "work in progress".
To learn the current status of any Internet-Draft, please check the
1id-abstracts.txt listing contained in the Internet-Drafts Shadow
Directories on ds.internic.net, nic.nordu.net, ftp.isi.edu, or
munnari.oz.au.
A revised version of this draft document will be submitted to the
RFC editor as a Proposed Standard for the Internet Community.
Discussion and suggestions for improvement are requested. This
document will expire before June 1998. Distribution of this draft is
unlimited.
1. Abstract
Many IMAP4 [RFC-2060] clients present to the user a hierarchical
view of the mailboxes that a user has access to. Rather than
initially presenting to the user the entire mailbox hierarchy, it is
often preferable to show to the user a collapsed outline list of the
mailbox hierarchy (particularly if there is a large number of
mailboxes). The user can then expand the collapsed outline
hierarchy as needed. It is common to include within the collapsed
hierarchy a visual clue (such as a ''+'') to indicate that there are
child mailboxes under a particular mailbox. When the visual clue
is clicked the hierarchy list is expanded to show the child
mailboxes.
The CHILDREN extension provides a mechanism for a client to
efficiently determine if a particular mailbox has children, without
issuing a LIST '' * or a LIST '' % for each mailbox name.
Gahrns and Cheng 1
IMAP4 Child Mailbox Extension November 1997
2. Conventions used in this document
In examples, "C:" and "S:" indicate lines sent by the client and
server respectively. If such lines are wrapped without a new "C:"
or "S:" label, then the wrapping is for editorial clarity and is not
part of the command.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in [RFC-2119].
3. Requirements
IMAP4 servers that support this extension MUST list the keyword
CHILDREN in their CAPABILITY response.
The CHILDREN extension defines two new attributes that MAY be
returned within a LIST response:
\HasChildren - The presence of this attribute indicates that the
mailbox has child mailboxes.
A server SHOULD NOT set this attribute if there are child mailboxes,
and the user does not have permissions to access any of them. In
this case, \HasNoChildren SHOULD be used.
In many cases, however, a server may not be able to efficiently
compute whether a user has access to all child mailboxes. As such a
client MUST be prepared to accept the \HasChildren attribute as a
hint. That is, a mailbox MAY be flagged with the \HasChildren
attribute, but no child mailboxes will appear in the LIST response.
\HasNoChildren - The presence of this attribute indicates that the
mailbox has NO child mailboxes that are accessible to the currently
authenticated user.
Example 3.1:
============
< Consider a server that has the following mailbox hierarchy:
INBOX
ITEM_1
ITEM_1A
ITEM_2
TOP_SECRET
Gahrns and Cheng 2
IMAP4 Child Mailbox Extension November 1997
Where INBOX, ITEM_1 and ITEM_2 are top level mailboxes. ITEM_1A is
a child mailbox of ITEM_1 and TOP_SECRET is a child mailbox of
ITEM_2 that the currently logged on user does NOT have access to.
Note that in this case, the server is not able to efficiently
compute access rights to child mailboxes and responds with a
\HasChildren attribute for mailbox ITEM_2, even though
ITEM_2/TOP_SECRET does not appear in the list response. >
C: A001 LIST "" *
S: * LIST (\HasNoChildren) "/" INBOX
S: * LIST (\HasChildren) "/" ITEM_1
S: * LIST (\HasNoChildren) "/" ITEM_1/ITEM_1A
S: * LIST (\HasChildren) "/" ITEM_2
S: A001 OK LIST Completed
In some instances a server that supports the CHILDREN extension MAY
NOT be able to determine whether a mailbox has children. For
example it may have difficulty determining whether there are child
mailboxes when LISTing mailboxes while operating in a particular
namespace.
In these cases, a server MAY exclude both the \HasChildren and
\HasNoChildren attributes in the LIST response. As such, a client
can not make any assumptions about whether a mailbox has children
based upon the absence of a single attribute. It is an error for the
server to return both a \HasChildren and a \HasNoChildren attribute
in a LIST response.
Note: the \HasNoChildren attribute should not be confused with the
IMAP4 [RFC-2060] defined attribute \NoInferiors which indicates that
no child mailboxes exist now and none can be created in the future.
5. Formal Syntax
The following syntax specification uses the augmented Backus-Naur
Form (BNF) as described in [ABNF].
Two new mailbox attributes are defined as flag_extensions to the
IMAP4 mailbox_list response:
HasChildren = "\HasChildren"
HasNoChildren = "\HasNoChildren"
6. Security Considerations
This extension provides a client a more efficient means of
determining whether a particular mailbox has children. If a mailbox
Gahrns and Cheng 3
IMAP4 Child Mailbox Extension November 1997
has children, but the currently authenticated user does not have
access to any of them, the server SHOULD respond with a
\HasNoChildren attribute. In many cases, however, a server may not
be able to efficiently compute whether a user has access to all
child mailboxes. If such a server responds with a \HasChildren
attribute, when in fact the currently authenticated user does not
have access to any child mailboxes, potentially more information is
conveyed about the mailbox than intended. In most situations this
will not be a security concern, because if information regarding
whether a mailbox has children is considered sensitive, a user would
not be granted access to that mailbox in the first place.
7. References
[RFC-2060], Crispin, M., "Internet Message Access Protocol - Version
4rev1", RFC 2060, University of Washington, December 1996.
[RFC-2119], Bradner, S, "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, Harvard University, March 1997
[ABNF], DRUMS working group, Dave Crocker Editor, "Augmented BNF for
Syntax Specifications: ABNF", draft-drums-abnf-04.txt (work in
progress), Internet Mail Consortium, September 1997
8. Acknowledgments
The authors would like to thank the participants of the IMC Mail
Connect 3 event for their input when this idea was originally
presented.
9. Author's Address
Mike Gahrns
Microsoft
One Microsoft Way
Redmond, WA, 98072
Phone: (425) 936-9833
Email: mikega@microsoft.com
Raymond Cheng
Microsoft
One Microsoft Way
Redmond, WA, 98072
Phone: (425) 703-4913
Email: raych@microsoft.com
Gahrns and Cheng 4