--- 1/draft-ietf-jmap-mdn-09.txt 2020-06-16 09:13:27.067340231 -0700 +++ 2/draft-ietf-jmap-mdn-10.txt 2020-06-16 09:13:27.095340943 -0700 @@ -1,40 +1,55 @@ JMAP R. Ouazana, Ed. Internet-Draft Linagora -Intended status: Standards Track April 30, 2020 -Expires: November 1, 2020 +Intended status: Standards Track June 16, 2020 +Expires: December 18, 2020 Handling Message Disposition Notification with JMAP - draft-ietf-jmap-mdn-09 + draft-ietf-jmap-mdn-10 Abstract - This document specifies a data model for handling [RFC8098] MDN + JMAP ([RFC8620] - JSON Meta Application Protocol) is a generic + protocol for synchronising data, such as mail, calendars or contacts, + between a client and a server. It is optimised for mobile and web + environments, and aims to provide a consistent interface to different + data types. + + JMAP for Mail ([RFC8621] - The JSON Meta Application Protocol (JMAP) + for Mail) specifies a data model for synchronising email data with a + server using JMAP. Clients can use this to efficiently search, + access, organise, and send messages. + + MDN are defined in [RFC8098] and are used as "read receipts", + "acknowledgements", or "receipt notifications". + + MDN have a specific format that must be parsed or generated. The + goal of this document is to specify a data model for handling MDN messages with a server using JMAP. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on November 1, 2020. + This Internet-Draft will expire on December 18, 2020. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -42,46 +57,51 @@ to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Notational conventions . . . . . . . . . . . . . . . . . 3 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 - 1.3. Addition to the capabilities object . . . . . . . . . . . 3 - 2. MDN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 + 1.3. Addition to the capabilities object . . . . . . . . . . . 4 + 2. MDN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1. MDN/send . . . . . . . . . . . . . . . . . . . . . . . . 5 - 2.2. MDN/parse . . . . . . . . . . . . . . . . . . . . . . . . 6 - 3. Samples . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 3.1. Sending an MDN for a received email . . . . . . . . . . . 7 + 2.2. MDN/parse . . . . . . . . . . . . . . . . . . . . . . . . 7 + 3. Samples . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 + 3.1. Sending an MDN for a received email . . . . . . . . . . . 8 3.2. Asking for MDN when sending an email . . . . . . . . . . 9 - 3.3. Parsing a received MDN . . . . . . . . . . . . . . . . . 9 - 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 + 3.3. Parsing a received MDN . . . . . . . . . . . . . . . . . 10 + 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 4.1. JMAP Capability Registration for "mdn" . . . . . . . . . 11 - 4.2. JMAP Error Codes Registry . . . . . . . . . . . . . . . . 11 - 4.2.1. mdnAlreadySent . . . . . . . . . . . . . . . . . . . 11 - 5. Security considerations . . . . . . . . . . . . . . . . . . . 11 - 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 - 6.1. Normative References . . . . . . . . . . . . . . . . . . 11 - 6.2. Informative References . . . . . . . . . . . . . . . . . 12 - Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 12 + 4.2. JMAP Error Codes Registry . . . . . . . . . . . . . . . . 12 + 4.2.1. mdnAlreadySent . . . . . . . . . . . . . . . . . . . 12 + 5. Security considerations . . . . . . . . . . . . . . . . . . . 12 + 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 + 6.1. Normative References . . . . . . . . . . . . . . . . . . 12 + 6.2. Informative References . . . . . . . . . . . . . . . . . 13 + Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 13 1. Introduction JMAP ([RFC8620] - JSON Meta Application Protocol) is a generic protocol for synchronising data, such as mail, calendars or contacts, between a client and a server. It is optimised for mobile and web environments, and aims to provide a consistent interface to different data types. + JMAP for Mail ([RFC8621] - The JSON Meta Application Protocol (JMAP) + for Mail) specifies a data model for synchronising email data with a + server using JMAP. Clients can use this to efficiently search, + access, organise, and send messages. + MDN are defined in [RFC8098] and are used as "read receipts", "acknowledgements", or "receipt notifications". A client can have to deal with MDN in different ways: 1. When receiving an email, an MDN can be sent to the sender. This specification defines an MDN/send method to cover this case. 2. When sending an email, an MDN can be requested. This must be done with the help of a header, and is already specified by @@ -115,40 +135,38 @@ specification. Keywords being case insensitive in IMAP but JSON being case sensitive, the "$mdnsent" keyword MUST always be used in lowercase. 1.3. Addition to the capabilities object Capabilities are announced as part of the standard JMAP Session resource; see [RFC8620], section 2. - Support for the "MDN" data type and the "MDN/parse" method are - represented by the capability "urn:ietf:params:jmap:mdn" being - present in the "capabilities" property. The capability - "urn:ietf:params:jmap:mdn" being present in the "accountCapabilities" - property of an account represents support for creating and sending - MDN messages via the "MDN/send" method. Servers that include the - capability in one or more "accountCapabilities" properties MUST also - include the property in the "capabilities" property. + The capability "urn:ietf:params:jmap:mdn" being present in the + "accountCapabilities" property of an account represents support for + the "MDN" data type, parsing MDN via the "MDN/parse" method, and + creating and sending MDN messages via the "MDN/send" method. Servers + that include the capability in one or more "accountCapabilities" + properties MUST also include the property in the "capabilities" + property. The value of this "urn:ietf:params:jmap:mdn" property is an empty - object in both the JMAP session "capabilities" property and an - account's "accountCapabilities" property. + object in the account's "accountCapabilities" property. 2. MDN An *MDN* object has the following properties: o forEmailId: "Id|null" Email Id of the received email this MDN is - relative to. This argument can only be null when the MDN object - is a server response for the "MDN/parse" method. + relative to. This property MUST NOT be null for "MDN/send", but + may be null in the response from the "MDN/parse" method. o subject: "String|null" Subject used as "Subject" header for this MDN. o textBody: "String|null" Human readable part of the MDN, as plain text. o includeOriginalMessage: "Boolean" (default: false). If "true", the content of the original message will appear in the third component of the multipart/report generated for the MDN. See @@ -161,132 +179,147 @@ disposition options. o mdnGateway: "String|null" (server-set) Name of the gateway or MTA that translated a foreign (non-Internet) message disposition notification into this MDN. o originalRecipient: "String|null" (server-set) Original recipient address as specified by the sender of the message for which the MDN is being issued. - o finalRecipient: "String" (server-set) Recipient for which the MDN - is being issued. + o finalRecipient: "String|null" Recipient for which the MDN is being + issued. if set, it overrides the value that would be calculated + by the server from the Identity. o originalMessageId: "String|null" (server-set) Message-ID (the [RFC5322] header field, not the JMAP Id) of the message for which the MDN is being issued. o error: "String[]|null" (server-set) Additional information in the form of text messages when the "error" disposition modifier appears. o extensionFields: "String[String]|null" (server-set) Object where keys are extension-field names and values are extension-field values. A *Disposition* object has the following properties: o actionMode: "String" This MUST be one of the following strings: "manual-action" / "automatic-action" o sendingMode: "String" This MUST be one of the following strings: - "MDN-sent-manually" / "MDN-sent-automatically" + "mdn-sent-manually" / "mdn-sent-automatically" o type: "String" This MUST be one of the following strings: "deleted" / "dispatched" / "displayed" / "processed" - See [RFC8098] for the exact meaning of these different fields. + See [RFC8098] for the exact meaning of these different fields. These + fields are defined case insensitive in [RFC8098] but are case + sensitive in this RFC and MUST be converted to lowercase by "MDN/ + parse". 2.1. MDN/send The MDN/send method sends an [RFC5322] message from an MDN object. When calling this method the "using" property of the Request object MUST contain the capabilities "urn:ietf:params:jmap:mdn" and "urn:ietf:params:jmap:mail". The latter because of the implicit call to Email/set and the use of Identities, described below. The method takes the following arguments: o accountId: "Id" The id of the account to use. o identityId: "Id" The id of the Identity to associate with these MDN. The server will use this identity to define the sender of the MDN and to set the finalRecipient field. o send: "Id[MDN]" A map of creation id (client specified) to MDN objects. + o onSuccessUpdateEmail: "Id[PatchObject]|null" A map of creation id + to an object containing properties to update on the Email object + referenced by the "MDN/send" if the sending succeeds. + The response has the following arguments: o accountId: "Id" The id of the account used for the call. o sent: "Id[MDN]|null" A map of creation id to MDN containing any properties that were not set by the client. This includes any properties that were omitted by the client and thus set to a default by the server. This argument is null if no MDN objects were successfully sent. - o notSent: "Id[MDNError]|null" A map of the creation id to an - MDNError object for each record that failed to be sent, or null if + o notSent: "Id[SetError]|null" A map of the creation id to a + SetError object for each record that failed to be sent, or null if all successful. - The following MDNError types are defined: - - o mdnAlreadySent: The message has the "$mdnsent" keyword already - set. + The following already registered SetError would mean: o notFound: The reference Email Id cannot be found, or has no valid "Disposition-Notification-To" header. o forbidden: MDN/send would violate an ACL or other permissions policy. + o forbiddenFrom: The user is not allowed to use the given + finalRecipient property. + o overQuota: MDN/send would exceed a server-defined limit on the number or total size of sent MDN. It could include limitations on sent emails. o tooLarge: MDN/send would result in an MDN that exceeds a server- defined limit for the maximum size of an MDN, or more generally on emails. o rateLimit: Too many MDN or emails have been created recently, and a server-defined rate limit has been reached. It may work if tried again later. o invalidProperties: The record given is invalid in some way. - If the Account Id or Identity id given cannot be found, the MDN - sending is rejected with an "invalidProperties" error. + The following is a new SetError: + + o mdnAlreadySent: The message has the "$mdnsent" keyword already + set. + + If the accountId or identityId given cannot be found, the method call + is rejected with an "invalidArguments" error. The client SHOULD NOT issue an MDN/send request if the message has the "$mdnsent" keyword set. When sending the MDN, the server is in charge of generating the "originalRecipient", "finalRecipient" and "originalMessageId" fields according to the [RFC8098] specification. - After all items in the "MDN/send" invocation have been processed, a - single implicit "Email/set" call MUST be made to set the "$mdnsent" - keyword on "Email" objects referenced by "MDN" objects that have been - successfully created (see [RFC3503] for more details). The response - to this MUST be returned after the "MDN/send" response. + The client is expected to explicitly update each "Email" for which an + "MDN/send" has been invoked in order to set the "$mdnsent" keyword on + these emails. To ensure that, the server MUST reject an "MDN/send" + which does not result in setting the keyword "$mdnsent". Thus the + server MUST check that the "onSuccessUpdateEmail" property of the + method is correctly set to update this keyword. 2.2. MDN/parse This method allows a client to parse blobs as [RFC5322] messages to get MDN objects. This can be used to parse and get detailed information about blobs referenced in the "mdnBlobIds" of the EmailSubmission object, or any email the client could expect to be an MDN. The "forEmailId" property can be null or missing if the - "originalMessageId" property is missing or not referencing an - existing email. + "originalMessageId" property is missing, not referencing an existing + email or if the server cannot efficiently calculate the related email + (for example if several emails get the same "Message-Id" header). The MDN/parse method takes the following arguments: o accountId: "Id" The id of the account to use. o blobIds: "Id[]" The ids of the blobs to parse. The response has the following arguments: o accountId: "Id" The id of the account used for the call. @@ -300,22 +333,22 @@ o notFound: "Id[]|null" A list of blob ids given that could not be found, or null if none. The following additional errors may be returned instead of the MDN/ parse response: o requestTooLarge: The number of ids requested by the client exceeds the maximum number the server is willing to process in a single method call. - o invalidProperties: If the Account Id given cannot be found, the - MDN parsing is rejected with an "invalidProperties" error. + o invalidArguments: If the accountId given cannot be found, the MDN + parsing is rejected with an "invalidArguments" error. 3. Samples 3.1. Sending an MDN for a received email A client can use the following request to send an MDN back to the sender: [[ "MDN/send", { "accountId": "ue150411c", @@ -323,24 +356,29 @@ "send": { "k1546": { "forEmailId": "Md45b47b4877521042cec0938", "subject": "Read receipt for: World domination", "textBody": "This receipt shows that the email has been displayed on your recipient's computer. There is no guaranty it has been read or understood.", "reportingUA": "linagora.com; OpenPaaS", "disposition": { "actionMode": "manual-action", - "sendingMode": "MDN-sent-manually", + "sendingMode": "mdn-sent-manually", "type": "displayed" } } + }, + "onSuccessUpdateEmail": { + "#k1546": { + "keywords/$mdnsent": true + } } }, "0" ]] If the email id matches an existing email without the "$mdnsent" keyword, the server can answer: [[ "MDN/send", { "accountId": "ue150411c", "sent": { "k1546": { @@ -424,21 +462,21 @@ "parsed": { "0f9f65ab-dc7b-4146-850f-6e4881093965": { "forEmailId": "Md45b47b4877521042cec0938", "subject": "Read receipt for: World domination", "textBody": "This receipt shows that the email has been displayed on your recipient's computer. There is no guaranty it has been read or understood.", "reportingUA": "linagora.com; OpenPaaS", "disposition": { "actionMode": "manual-action", - "sendingMode": "MDN-sent-manually", + "sendingMode": "mdn-sent-manually", "type": "displayed" } "finalRecipient": "rfc822; john@example.com", "originalMessageId": "<1521557867.2614.0.camel@apache.org>" } } }, "0" ]] In case of a not found blobId, the server would respond: @@ -486,20 +524,26 @@ Reference: This document, Section 2.1 Description: The message has the "$mdnsent" keyword already set. The client MUST NOT try again to send an MDN for this message. 5. Security considerations The same considerations regarding MDN (see [RFC8098] and [RFC3503]) apply to this document. + In order to enforce trust regarding the relation between the user + sending an email and the identity of this user, the server SHOULD + validate in conformance to the provided Identity that the user is + permitted to use the finalRecipient value and return a forbiddenFrom + error if not. + 6. References 6.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC3503] Melnikov, A., "Message Disposition Notification (MDN)