Last Call Review of draft-ietf-imapapnd-appendlimit-extension-07
review-ietf-imapapnd-appendlimit-extension-07-genart-lc-yee-2015-12-27-00

Request Review of draft-ietf-imapapnd-appendlimit-extension
Requested rev. no specific revision (document currently at 10)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2016-01-01
Requested 2015-12-18
Draft last updated 2015-12-27
Completed reviews Genart Last Call review of -07 by Peter Yee (diff)
Secdir Last Call review of -07 by Paul Wouters (diff)
Opsdir Last Call review of -07 by Sarah Banks (diff)
Assignment Reviewer Peter Yee
State Completed
Review review-ietf-imapapnd-appendlimit-extension-07-genart-lc-yee-2015-12-27
Reviewed rev. 07 (document currently at 10)
Review result Ready with Nits
Review completed: 2015-12-27

Review
review-ietf-imapapnd-appendlimit-extension-07-genart-lc-yee-2015-12-27

I am the assigned Gen-ART reviewer for this draft.  The General Area Review
Team (Gen-ART) reviews all IETF documents being processed by the IESG for
the IETF Chair.  Please treat these comments just like any other last call
comment.  For background on Gen-ART, please see the FAQ at
<

http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>

Document: draft-ietf-imapapnd-appendlimit-extension-07
Reviewer: Peter Yee
Review Date: December 27, 2015
IETF LC End Date: January 1, 2016
IESG Telechat date: TBD

Summary: This draft is basically ready for publication as a standards track
RFC, but has nits that should be fixed before publication. [Ready with nits]

The draft describes an extension to IMAP4v1 that allows a server to signal a
maximum message upload size limit.

Most of nits noted are linguistic, although there's a minor, repeated
mistake in the ABNF that's critical to fix.

Comments/Questions: 

Section 1, 2nd paragraph, 2nd sentence: the claim that this extension allows
a server to avoid processing overly large messages (or attachments) is only
true if a client implements and honors the extension.  A malicious client
could still upload large messages and cause the server to process the
message up to the point where it exceeds the server's limit.  While these
overly large uploads would not be saved to disk, the server would still have
to process them up to a point in order to determine that they should be
discarded and a TOOBIG response returned.  Other mechanisms would be needed
to fend off malicious clients that persist in such uploads.

Page 6, Section 6, 2nd full sentence: In light of the last paragraph of
section 5 indicating that the number is a fixed maximum value, how would
submitting a little too large message work?  Why is the server being lenient
here?

Major issues: None

Minor issues: None

Nits:

Page 1, Abstract, 1st sentence: change "mail" to "message".  Delete "of".

Page 2, Section 1, 1st paragraph, 1st sentence: change "mail" to "message".

Page 2, Section 1, 1st paragraph, 4th sentence: change "mail" to "message".
Change "attachment" to "attachments".

Page 2, Section 1, 2nd paragraph, 1st sentence: insert "a" before "maximum".
Insert "the" before "email".

Page 2, Section 1, 2nd paragraph, 2nd sentence: change "server side" to
"server-side".

Page 3, Section 2, 1st paragraph, 1st sentence: insert "the" before the
first "APPENDLIMIT".  Insert "the" before "authenticated".

Page 3, Section 2, 1st paragraph, last sentence: insert "An" at the
beginning of the sentence.

Page 3, Section 2, 1st paragraph after (a), 1st sentence: delete "the"
before "mailboxes".

Page 3, Section 2, 1st paragraph after (a), 2nd sentence: insert "the"
before "same".

Page 3, Section 2, 3rd paragraph after (b), 1st sentence: insert "an" before
"APPENDLIMIT".  Insert "a" before "STATUS".

Page 3, Section 2, 3rd paragraph after (b), 2nd sentence: change "New" to "A
new".  Change "mailbox specific" to "mailbox-specific".

Page 3, Section 2, 3rd paragraph after (b), 3rd sentence: insert "to" before
"section".  Insert "the" before "response".

Page 3, Section 2, last paragraph, 1st sentence: insert "An" at the
beginning of the sentence.  Delete "kind of".

Page 3, Section 2, last paragraph, 2nd sentence: insert "a" before "client".
Insert "the" before "advertised".

Page 3, Section 3, heading: change "Mailbox specific" to "Mailbox-specific".

Page 3, Section 3, 1st paragraph: insert "the" before "CAPABILITY".

Page 4, Section 3.1, 1st paragraph, 1st sentence: insert "a" before
"STATUS".

Page 4, Section 3.1, 1st paragraph, 2nd sentence: insert "An" before "IMAP".
Insert "a" before "STATUS".  Insert "an" before "APPENDLIMIT".  Change
"mailbox specific" to "mailbox-specific".

Page 4, Section 3.1, 1st paragraph, 3rd sentence: delete the comma.

Page 4, Section 3.2, 1st paragraph, 2nd sentence: delete the comma.

Page 5, Section 4, 1st paragraph, 1st sentence: insert "a" before "client".
Change "mail" to "message".  Change "to" to "for" before "that".  Insert
"the" before "server".

Page 5, Section 4, 1st paragraph, 2nd sentence: insert "to" before
"[RFC4469]".  Change "(4) to "4".

Page 5, Section 4, 2nd paragraph, 1st sentence: change "Client" to "A
client".  Insert "the" before "maximum".

Page 5, Section 4, 2nd paragraph, 2nd sentence: insert "to" before
"section".

Page 5, Section 5, ABNF: change "/=" to "=/" for the definitions of
"capability", "status-att", and "status-att-val".

Page 6, Section 8: append a comma after "Long".