From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc3656.txt | 1067 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1067 insertions(+) create mode 100644 doc/rfc/rfc3656.txt (limited to 'doc/rfc/rfc3656.txt') diff --git a/doc/rfc/rfc3656.txt b/doc/rfc/rfc3656.txt new file mode 100644 index 0000000..6c0ab5b --- /dev/null +++ b/doc/rfc/rfc3656.txt @@ -0,0 +1,1067 @@ + + + + + + +Network Working Group R. Siemborski +Request for Comments: 3656 Carnegie Mellon University +Category: Experimental December 2003 + + + The Mailbox Update (MUPDATE) + Distributed Mailbox Database Protocol + +Status of this Memo + + This memo defines an Experimental Protocol for the Internet + community. It does not specify an Internet standard of any kind. + Discussion and suggestions for improvement are requested. + Distribution of this memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2003). All Rights Reserved. + +Abstract + + As the demand for high-performance mail delivery agents increases, it + becomes apparent that single-machine solutions are inadequate to the + task, both because of capacity limits and that the failure of the + single machine means a loss of mail delivery for all users. It is + preferable to allow many machines to share the responsibility of mail + delivery. + + The Mailbox Update (MUPDATE) protocol allows a group of Internet + Message Access Protocol (IMAP) or Post Office Protocol - Version 3 + (POP3) servers to function with a unified mailbox namespace. This + document is intended to serve as a reference guide to that protocol. + + + + + + + + + + + + + + + + + + + +Siemborski Experimental [Page 1] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +Table of Contents + + 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 + 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 3 + 2.1. Atoms . . . . . . . . . . . . . . . . . . . . . . . . . 4 + 2.2. Strings . . . . . . . . . . . . . . . . . . . . . . . . 4 + 3. Server Responses . . . . . . . . . . . . . . . . . . . . . . 4 + 3.1. Response: OK . . . . . . . . . . . . . . . . . . . . . 5 + 3.2. Response: NO . . . . . . . . . . . . . . . . . . . . . 5 + 3.3. Response: BAD . . . . . . . . . . . . . . . . . . . . . 5 + 3.4. Response: BYE . . . . . . . . . . . . . . . . . . . . . 6 + 3.5. Response: RESERVE . . . . . . . . . . . . . . . . . . . 6 + 3.6. Response: MAILBOX . . . . . . . . . . . . . . . . . . . 6 + 3.7. Response: DELETE . . . . . . . . . . . . . . . . . . . 7 + 3.8. Server Capability Response. . . . . . . . . . . . . . . 7 + 4. Client Commands . . . . . . . . . . . . . . . . . . . . . . . 8 + 4.1. Command: ACTIVATE . . . . . . . . . . . . . . . . . . . 8 + 4.2. Command: AUTHENTICATE . . . . . . . . . . . . . . . . . 8 + 4.3. Command: DEACTIVATE . . . . . . . . . . . . . . . . . . 9 + 4.4. Command: DELETE . . . . . . . . . . . . . . . . . . . . 9 + 4.5. Command: FIND . . . . . . . . . . . . . . . . . . . . . 9 + 4.6. Command: LIST . . . . . . . . . . . . . . . . . . . . . 10 + 4.7. Command: LOGOUT . . . . . . . . . . . . . . . . . . . . 10 + 4.8. Command: NOOP . . . . . . . . . . . . . . . . . . . . . 10 + 4.9. Command: RESERVE. . . . . . . . . . . . . . . . . . . . 10 + 4.10. Command: STARTTLS . . . . . . . . . . . . . . . . . . . 11 + 4.11. Command: UPDATE . . . . . . . . . . . . . . . . . . . . 12 + 5. MUPDATE Formal Syntax . . . . . . . . . . . . . . . . . . . . 12 + 6. MUPDATE URL Scheme. . . . . . . . . . . . . . . . . . . . . . 14 + 6.1. MUPDATE URL Scheme Registration Form. . . . . . . . . . 14 + 7. Security Considerations . . . . . . . . . . . . . . . . . . . 15 + 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 + 9. Intellectual Property Rights. . . . . . . . . . . . . . . . . 16 + 10. References. . . . . . . . . . . . . . . . . . . . . . . . . . 17 + 10.1. Normative References. . . . . . . . . . . . . . . . . . 17 + 10.2. Informative References. . . . . . . . . . . . . . . . . 17 + 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 18 + 12. Author's Address. . . . . . . . . . . . . . . . . . . . . . . 18 + 13. Full Copyright Statement. . . . . . . . . . . . . . . . . . . 19 + + + + + + + + + + + + +Siemborski Experimental [Page 2] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +1. Introduction + + In order to support an architecture where there are multiple [IMAP, + POP3] servers sharing a common mailbox database, it is necessary to + be able to provide atomic mailbox operations, as well as offer + sufficient guarantees about database consistency. + + The primary goal of the MUPDATE protocol is to be simple to implement + yet allow for database consistency between participants. + + The key words "MUST, "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT", + "RECOMMENDED", and "MAY" in this document are to be interpreted as + defined in BCP 14, RFC 2119 [KEYWORDS]. + + In examples, "C:" and "S:" indicate lines sent by the client and + server respectively. + +2. Protocol Overview + + The MUPDATE protocol assumes a reliable data stream such as a TCP + network connection. IANA has registered port 3905 with a short name + of "mupdate" for this purpose. + + In the current implementation of the MUPDATE protocol there are three + types of participants: a single master server, slave (or replica) + servers, and clients. The master server maintains an authoritative + copy of the mailbox database. Slave servers connect to the MUPDATE + master server as clients, and function as replicas from the point of + view of end clients. End clients may connect to either the master or + any slave and perform searches against the database, however + operations that change the database can only be performed against the + master. For the purposes of protocol discussion we will consider a + slave's connection to the master identical to that of any other + client. + + After connection, all commands from a client to server must have an + associated unique tag which is an alphanumeric string. Commands MAY + be pipelined from the client to the server (that is, the client need + not wait for the response before sending the next command). The + server MUST execute the commands in the order they were received, + however. + + If the server supports an inactivity login timeout, it MUST be at + least 15 minutes. + + + + + + + +Siemborski Experimental [Page 3] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + MUPDATE uses data formats similar to those used in [ACAP]. That is, + atoms and strings. All commands and tags in the protocol are + transmitted as atoms. All other data is considered to a string, and + must be quoted or transmitted as a literal. + + Outside of a literal, both clients and servers MUST support line + lengths of at least 1024 octets (including the trailing CR and LF + characters). If a line of a longer length must be transmitted, + implementations MUST make use of literals to do so. + +2.1. Atoms + + An atom consists of one or more alphanumeric characters. Atoms MUST + be less than 15 octets in length. + +2.2. Strings + + As in [ACAP], a string may be either literal or a quoted string. A + literal is a sequence of zero or more octets (including CR and LF), + prefix-quoted with an octet count in the form of an open brace ("{"), + the number of octets, an optional plus sign to indicate that the data + follows immediately (a non-synchronized literal), a close brace + ("}"), and a CRLF sequence. If the plus sign is omitted (a + synchronized literal), then the receiving side MUST send a "+ go + ahead" response, and the sending side MUST wait for this response. + Servers MUST support literals of atleast 4096 octets. + + Strings that are sent from server to client SHOULD NOT be in the + synchronized literal format. + + A quoted string is a sequence of zero or more 7-bit characters, + excluding CR, LF, and the double quote (<">), with double quote + characters at each end. + + The empty string is represented as either "" (a quoted string with + zero characters between double quotes) or as {0} followed by CRLF (a + literal with an octet count of 0). + +3. Server Responses + + Every client command in the MUPDATE protocol may receive one or more + tagged responses from the server. Each response is preceded by the + same tag as the command that elicited the response from the server. + + + + + + + + +Siemborski Experimental [Page 4] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +3.1. Response: OK + + A tagged OK response indicates that the operation completed + successfully. There is a mandatory implementation-defined string + after the OK response. This response also indicates the beginning of + the streaming update mode when given in response to an UPDATE + command. + + Example: + +C: N01 NOOP +S: N01 OK "NOOP Complete" + +3.2. Response: NO + + A tagged NO response indicates that the operation was explicitly + denied by the server or otherwise failed. There is a mandatory + implementation-defined string after the NO response that SHOULD + explain the reason for denial. + + Example: + +C: A01 AUTHENTICATE "PLAIN" +S: A01 NO "PLAIN is not a supported SASL mechanism" + +3.3. Response: BAD + + A tagged BAD response indicates that the command from the client + could not be parsed or understood. There is a mandatory + implementation-defined string after the BAD response to provide + additional information about the error. Note that untagged BAD + responses are allowed if it is unclear what the tag for a given + command is (for example, if a blank line is received by the mupdate + server, it can generate an untagged BAD response). In the case of an + untagged response, the tag should be replaced with a "*". + + Example: + +C: C01 SELECT "INBOX" +S: C01 BAD "This is not an IMAP server" +C: +S: * BAD "Need Command" + + + + + + + + + +Siemborski Experimental [Page 5] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +3.4. Response: BYE + + A tagged BYE response indicates that the server has decided to close + the connection. There is a mandatory implementation-defined string + after the BYE response that SHOULD explain the reason for closing the + connection. The server MUST close the connection immediately after + transmitting the BYE response. + + Example: + +C: L01 LOGOUT +S: L01 BYE "User Logged Out" + +3.5. Response: RESERVE + + A tagged RESERVE response may only be given in response to a FIND, + LIST, or UPDATE command. It includes two parameters: the name of the + mailbox that is being reserved (in mUTF-7 encoding, as specified in + [IMAP]) and a location string whose contents is defined by the + clients that are using the database, though it is RECOMMENDED that + the format of this string be the hostname of the server which is + storing the mailbox. + + This response indicates that the given name is no longer available in + the namespace, though it does not indicate that the given mailbox is + available to clients at the current time. + + Example: + +S: U01 RESERVE "internet.bugtraq" "mail2.example.org" + +3.6. Response: MAILBOX + + A tagged MAILBOX response may only be given in response to a FIND, + LIST, or UPDATE command. It includes three parameters: the name of + the mailbox, a location string (as with RESERVE), and a client- + defined string that specifies the IMAP ACL [IMAP-ACL] of the mailbox. + This message indicates that the given mailbox is ready to be accessed + by clients. + + Example: + +S: U01 MAILBOX "internet.bugtraq" "mail2.example.org" "anyone rls" + + + + + + + + +Siemborski Experimental [Page 6] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +3.7. Response: DELETE + + A tagged DELETE response may only be given in response to an UPDATE + command, and MUST NOT be given before the OK response to the UPDATE + command is given. It contains a single parameter, that of the + mailbox that should be deleted from the slave's database. This + response indicates that the given mailbox no longer exists in the + namespace of the database, and may be given for any mailbox name, + active, reserved, or nonexistent. (Though implementations SHOULD NOT + issue DELETE responses for nonexistent mailboxes). + + Example: + +S: U01 DELETE "user.rjs3.sent-mail-jan-2002" + +3.8. Server Capability Response + + Upon connection of the client to the server, and directly following a + successful STARTTLS command, the server MUST issue a capabilities + banner, of the following format: + + The banner MUST contain a line that begins with "* AUTH" and contain + a space-separated list of SASL mechanisms that the server will accept + for authentication. The mechanism names are transmitted as atoms. + Servers MAY advertise no available mechanisms (to indicate that + STARTTLS must be completed before authentication may occur). If + STARTTLS is not supported by the server, then the line MUST contain + at least one mechanism. + + If the banner is being issued without a TLS layer, and the server + supports the STARTTLS command, the banner MUST contain the line "* + STARTTLS". If the banner is being issued under a TLS layer (or the + server does not support STARTTLS), the banner MUST NOT contain this + line. + + The last line of the banner MUST start with "* OK MUPDATE" and be + followed by four strings: the server's hostname, an implementation- + defined string giving the name of the implementation, an + implementation-defined string giving the version of the + implementation, and a string that indicates if the server is a master + or a slave. The master/slave indication MUST be either "(master)" or + an MUPDATE URL that defines where the master can be contacted. + + Any unrecognized responses before the "* OK MUPDATE" response MUST be + ignored by the client. + + + + + + +Siemborski Experimental [Page 7] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + Example: + +S: * AUTH KERBEROS_V4 GSSAPI +S: * STARTTLS +S: * OK MUPDATE "mupdate.example.org" "Cyrus" "v2.1.2" "(master)" + +4. Client Commands + + The following are valid commands that a client may send to the + MUPDATE server: AUTHENTICATE, ACTIVATE, DEACTIVATE, DELETE, FIND, + LIST, LOGOUT, NOOP, RESERVE, STARTTLS, and UPDATE. + + Before a successful AUTHENTICATE command has occurred, the server + MUST NOT accept any commands except for AUTHENTICATE, STARTTLS, and + LOGOUT (and SHOULD reply with a NO response for all other commands). + +4.1. Command: ACTIVATE + + The ACTIVATE command has 3 parameters: the mailbox name, its + location, and its ACL. This command MUST NOT not be issued to a + slave server. + + This command can also be used to update the ACL or location + information of a mailbox. Note that it is not a requirement for a + mailbox to be reserved (or even exist in the database) for an + ACTIVATE command to succeed, implementations MUST allow this behavior + as it facilitates synchronization of the database with the current + state of the mailboxes. + +4.2. Command: AUTHENTICATE + + The AUTHENTICATE command initiates a [SASL] negotiation session + between the client and the server. It has two parameters. The first + parameter is mandatory, and is a string indicating the desired [SASL] + mechanism. The second is a string containing an optional BASE64 + encoded (as defined in section 6.8 of [MIME]) client first send. + + All of the remaining SASL blobs that are sent MUST be sent across the + wire must be in BASE64 encoded format, and followed by a CR and LF + combination. They MUST NOT be encoded as strings. + + Clients may cancel authentication by sending a * followed by a CR and + LF. + + The [SASL] service name for the MUPDATE protocol is "mupdate". + Implementations are REQUIRED to implement the GSSAPI [SASL] + mechanism, though they SHOULD implement as many mechanisms as + possible. + + + +Siemborski Experimental [Page 8] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + If a security layer is negotiated, it should be used directly + following the CR and LF combination at the end of the server's OK + response (i.e., beginning with the client's next command) Only one + successful AUTHENTICATE command may be issued per session. + +4.3. Command: DEACTIVATE + + The DEACTIVATE command takes two parameters, the mailbox name and + location data. The mailbox MUST already exist and be activated on + the MUPDATE server. If the server responds OK, then the mailbox name + has been moved to the RESERVE state. If the server responds NO, then + the mailbox name has not been moved (for example, the mailbox was not + already active). Any ACL information that is known about the mailbox + MAY be lost when a DEACTIVATE succeeds. This command MUST NOT be + issued to a slave. + + Example: + +C: A01 DEACTIVATE "user.rjs3.new" "mail3.example.org!u4" +S: A01 OK "Mailbox Reserved." + +4.4. Command: DELETE + + The DELETE command takes only a single parameter, the mailbox name to + be removed from the database's namespace. The server SHOULD give a + NO response if the mailbox does not exist. This command MUST NOT be + issued to a slave server. + +4.5. Command: FIND + + The FIND command takes a single parameter, a mailbox name. The + server then responds with the current record for the given mailbox, + if any, and an OK response. + + Example (mailbox does not exist): + +C: F01 FIND "user.rjs3.xyzzy" +S: F01 OK "Search Complete" + + Example (mailbox is reserved): + +C: F01 FIND "user.rjs3" +S: F01 RESERVE "user.rjs3" "mail4.example.org" +S: F01 OK "Search Complete" + + + + + + + +Siemborski Experimental [Page 9] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +4.6. Command: LIST + + The LIST command is similar to running FIND across the entire + database. The LIST command takes a single optional parameter, which + is a prefix to try to match against the location field of the + records. Without the parameter, LIST returns every record in the + database. + + For each mailbox that matches, either a MAILBOX or a RESERVE response + (as applicable) is sent to the client. When all responses are + complete, an OK response is issued. + + Example: + +C: L01 LIST +S: L01 RESERVE "user.rjs3" "mail4.example.org!u2" +S: L01 MAILBOX "user.leg" "mail2.example.org!u1" "leg lrswipcda" +S: L01 OK "List Complete" +C: L02 LIST "mail4.example.org!" +S: L02 RESERVE "user.rjs3" "mail4.example.org!u2" +S: L02 OK "List Complete" + +4.7. Command: LOGOUT + + The LOGOUT command tells the server to close the connection. Its + only valid response is the BYE response. The LOGOUT command takes no + parameters. + +4.8. Command: NOOP + + The NOOP command takes no parameters. Provided the client is + authenticated, its only acceptable response is an OK. Any idle + timeouts that the server may have on the connection SHOULD be reset + upon receipt of this command. + + If this command is issued after an UPDATE command has been issued, + then the OK response also indicates that all pending database updates + have been sent to the client. That is, the slave can guarantee that + its local database is up to date as of a certain time by issuing a + NOOP and waiting for the OK. The OK MUST NOT return until all + updates that were pending at the time of the NOOP have been sent. + +4.9. Command: RESERVE + + The RESERVE command takes two parameters (just like the RESERVE + response), the mailbox name to reserve and location data. If the + server responds OK, then the mailbox name has been reserved. If the + server responds NO, then the mailbox name has not been reserved (for + + + +Siemborski Experimental [Page 10] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + example, another server has reserved it already). This command MUST + NOT be issued to a slave. + + The typical sequence for mailbox creation is: + +C: R01 RESERVE "user.rjs3.new" "mail3.example.org!u4" +S: R01 OK "Mailbox Reserved." + +C: A01 ACTIVATE "user.rjs3.new" "mail3.example.org!u4" "rjs3 lrswipcda" +S: A01 OK "Mailbox Activated." + +4.10. Command: STARTTLS + + The STARTTLS command requests the commencement of a [TLS] + negotiation. The negotiation begins immediately after the CRLF in + the OK response. After a client issues a STARTTLS command, it MUST + NOT issue further commands until a server response is seen and the + [TLS] negotiation is complete. + + The STARTTLS command is only valid in non-authenticated state. The + server remains in non-authenticated state, even if client credentials + are supplied during the [TLS] negotiation. The [SASL] EXTERNAL + mechanism MAY be used to authenticate once [TLS] client credentials + are successfully exchanged. Note that servers are not required to + support the EXTERNAL mechanism. + + After the [TLS] layer is established, the server MUST re-issue the + initial response banner (see Section 3.8). This is necessary to + protect against man-in-the-middle attacks which alter the + capabilities list prior to STARTTLS, as well as to advertise any new + SASL mechanisms (or other capabilities) that may be available under + the layer. The client MUST discard cached capability information and + replace it with the new information. + + After the a successful STARTTLS command, the server SHOULD return a + NO response to additional STARTTLS commands. + + Servers MAY choose to not implement STARTTLS. In this case, they + MUST NOT advertise STARTTLS in their capabilities banner, and SHOULD + return a BAD response to the STARTTLS command, if it is issued. + + Example: + +C: S01 STARTTLS +S: S01 OK "Begin TLS negotiation now" + +S: * AUTH KERBEROS_V4 GSSAPI PLAIN +S: * OK MUPDATE "mupdate.example.org" "Cyrus" "v2.1.2" "(master)" + + + +Siemborski Experimental [Page 11] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +4.11. Command: UPDATE + + The UPDATE command is how a slave initializes an update stream from + the master (though it is also valid to issue this command to a + slave). In response to the command, the server returns a list of all + mailboxes in its database (the same results as a parameterless LIST + command) followed by an OK response. From this point forward, + whenever an update occurs to the master database, it MUST stream the + update to the slave within 30 seconds. That is, it will send + RESERVE, MAILBOX, or DELETE responses as they are applicable. + + After a client has issued an UPDATE command, it may only issue NOOP + and LOGOUT commands for the remainder of the session. + + Example: + +C: U01 UPDATE +S: U01 MAILBOX "user.leg" "mail2.example.org!u1" "leg lrswipcda" +S: U01 MAILBOX "user.rjs3" "mail3.example.org!u4" "rjs3 lrswipcda" +S: U01 RESERVE "internet.bugtraq" "mail1.example.org!u5" "anyone lrs" +S: U01 OK "Streaming Begins" + +S: U01 RESERVE "user.leg.new" "mail2.example.org!u1" + +S: U01 MAILBOX "user.leg.new" "mail2.example.org!u1" "leg lrswipcda" + +C: N01 NOOP +S: U01 DELETE "user.leg.new" +S: N01 OK "NOOP Complete" + +5. MUPDATE Formal Syntax + + The following syntax specification uses the Augmented Backus-Naur + Form (ABNF) notation as specified in [ABNF]. This uses the ABNF core + rules as specified in Appendix A of [ABNF]. + + Except as noted otherwise, all alphabetic characters are case- + insensitive. The use of upper or lower case characters to define + token strings is for editorial clarity only. Implementations MUST + accept these strings in a case-insensitive fashion. + + Note that this specification also uses some terminals from section 8 + of [ACAP]. + + cmd-activate = "ACTIVATE" SP string SP string SP string + + cmd-authenticate = "AUTHENTICATE" SP sasl-mech [ SP string ] + + + +Siemborski Experimental [Page 12] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + cmd-delete = "DELETE" SP string + + cmd-find = "FIND" SP string + + cmd-list = "LIST" [ SP string ] + + cmd-logout = "LOGOUT" + + cmd-noop = "NOOP" + + cmd-reserve = "RESERVE" SP string SP string + + cmd-starttls = "STARTTLS" + + cmd-update = "UPDATE" + + command = tag SP command-type CRLF + + command-type = cmd-activate / cmd-authenticate / cmd-delete / + cmd-find / cmd-list / cmd-logout / cmd-noop / + cmd-reserve / cmd-starttls / cmd-update + + response = tag SP response-type CRLF + + response-type = rsp-ok / rsp-no / rsp-bad / rsp-bye / rsp-mailbox / + rsp-reserve / rsp-delete + + rsp-bad = "BAD" SP string + + rsp-bye = "BYE" SP string + + rsp-mailbox = "MAILBOX" SP string SP string SP string + + rsp-no = "NO" SP string + + rsp-ok = "OK" SP string + + rsp-reserve = "RESERVE" SP string SP string + + rsp-delete = "DELETE" SP string + + sasl-mech = 1*ATOM-CHAR + ; ATOM-CHAR is defined in [ACAP] + + string = quoted / literal + ; quoted and literal are defined in [ACAP] + + + + + +Siemborski Experimental [Page 13] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + tag = 1*ATOM-CHAR + ; ATOM-CHAR is defined in [ACAP] + +6. MUPDATE URL Scheme + + This document defines the a URL scheme for the purposes of + referencing MUPDATE resources, according to the requirements in + [RFC2717]. This includes both MUPDATE servers as a whole, along with + individual mailbox entries on a given MUPDATE server. + + There is no MIME type associated with these resources. It is + intended that a URL consumer would either retrieve the MUPDATE record + in question, or simply connect to the MUPDATE server running on the + specified host. Note that the consumer will need to have + authentication credentials for the specified host. + + The MUPDATE URL scheme is similar to the IMAP URL scheme [IMAP-URL]. + However, it only takes one of two possible forms: + + mupdate:/// + mupdate:/// + + The first form refers to a MUPDATE server as a whole, the second form + indicates both the server and a mailbox to run a FIND against once + authenticated to the server. Note that part of may include + username and authentication information along with a hostname and + port. + +6.1. MUPDATE URL Scheme Registration Form + + URL scheme name: "mupdate" + + URL scheme syntax: + + This defines the MUPDATE URL Scheme in [ABNF]. Terminals from the + BNF of IMAP URLs [IMAP-URL] are also used. + + mupdateurl = "mupdate://" iserver "/" [ enc_mailbox ] + ; iserver and enc_mailbox are as defined in [IMAP-URL] + + Character encoding considerations: + + Identical to those described in [IMAP-URL] for the appropriate + terminals. + + + + + + + +Siemborski Experimental [Page 14] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + Intended Usage: + + The form of the URL without an associated mailbox is intended to + designate a MUPDATE server only. If a mailbox name is included in + the URL, then the consumer is expected to execute a FIND command + for that mailbox on the specified server. + + Applications and/or protocols which use this URL scheme name: + + The protocol described in this document. + + Interoperability Considerations: + + None. + + Security Considerations: + + Users of the MUPDATE URL Scheme should review the security + considerations that are discussed in [IMAP-URL]. In particular, + the consequences of including authentication mechanism information + in a URL should be reviewed. + + Relevant Publications: + + This document and [IMAP-URL]. + + Author, Change Controller, and Contact for Further Information: + + Author of this document. + +7. Security Considerations + + While no unauthenticated users may make modifications or even perform + searches on the database, it is important to note that this + specification assumes no protections of any type for authenticated + users. + + All authenticated users have complete access to the database. For + this reason it is important to ensure that accounts that are making + use of the database are well secured. + + A more secure deployment might have all read only access go through a + slave, and only have accounts which need write access use the master. + This has the disadvantage of a marginally longer time for updates to + reach the clients. + + + + + + +Siemborski Experimental [Page 15] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + + The protocol assumes that all authenticated users are cooperating to + maintain atomic operations. Therefore, all new mailboxes SHOULD be + RESERVEd before they are ACTIVATEd, despite the fact that the + protocol does not require this, and it is therefore possible for a + set of participants which do not obey the provided locking to create + an inconsistent database. RESERVEing the mailbox first is not + required to perform an activate because this behavior simplifies + synchronization with the actual location of the mailboxes. + +8. IANA Considerations + + The IANA has assigned TCP port number 3905 to "mupdate". + + The IANA has registered a URL scheme for the MUPDATE protocol, as + defined in section 6.1 of this document. + + IANA has registered a GSSAPI service name of "mupdate" for the + MUPDATE protocol in the registry maintained at: + + http://www.iana.org/assignments/gssapi-service-names + +9. Intellectual Property Rights + + The IETF takes no position regarding the validity or scope of any + intellectual property or other rights that might be claimed to + pertain to the implementation or use of the technology described in + this document or the extent to which any license under such rights + might or might not be available; neither does it represent that it + has made any effort to identify any such rights. Information on the + IETF's procedures with respect to rights in standards-track and + standards-related documentation can be found in BCP-11. Copies of + claims of rights made available for publication and any assurances of + licenses to be made available, or the result of an attempt made to + obtain a general license or permission for the use of such + proprietary rights by implementors or users of this specification can + be obtained from the IETF Secretariat. + + The IETF invites any interested party to bring to its attention any + copyrights, patents or patent applications, or other proprietary + rights which may cover technology that may be required to practice + this standard. Please address the information to the IETF Executive + Director. + + + + + + + + + +Siemborski Experimental [Page 16] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +10. References + +10.1. Normative References + + [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate + Requirement Levels", BCP 14, RFC 2119, March 1997. + + [IMAP] Crispin, M., "Internet Message Access Protocol - Version + 4", RFC 3501, March 2003. + + [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for + Syntax Specifications: ABNF", RFC 2234, November 1997. + + [MIME] Freed, N. and N. Bornstein, "Multipurpose Internet Mail + Extensions (MIME) Part One: Format of Internet Message + Bodies", RFC 2045, November 1996. + + [IMAP-ACL] Myers, J., "IMAP4 ACL extension", RFC 2086, January 1997. + + [SASL] Myers, J., "Simple Authentication and Security Layer + (SASL)", RFC 2222, October 1997. + + [IMAP-URL] Newman, C., "IMAP URL Scheme", RFC 2192, September 1997. + + [ACAP] Newman, C. and J. Myers, "ACAP -- Application + Configuration Access Protocol", RFC 2244, November 1997. + + [TLS] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", + RFC 2246, January 1999. + +10.2. Informative References + + [POP3] Myers, J. and M. Rose, "Post Office Protocol - Version + 3", STD 53, RFC 1939, May 1996. + + [RFC2717] Petke, R. and I. King, "Registration Procedures for URL + Scheme Names", BCP 35, RFC 2717, November 1999. + + + + + + + + + + + + + + +Siemborski Experimental [Page 17] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +11. Acknowledgments + + Lawrence Greenfield and Ken Murchison, for a great deal of input on + both the protocol and the text of the documents. + +12. Author's Address + + Robert Siemborski + Carnegie Mellon, Andrew Systems Group + Cyert Hall 207 + 5000 Forbes Avenue + Pittsburgh, PA 15213 + + Phone: (412) 268-7456 + EMail: rjs3+@andrew.cmu.edu + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Siemborski Experimental [Page 18] + +RFC 3656 MUPDATE Distributed Mailbox Database Protocol December 2003 + + +13. Full Copyright Statement + + Copyright (C) The Internet Society (2003). All Rights Reserved. + + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph are + included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assignees. + + This document and the information contained herein is provided on an + "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING + TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING + BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION + HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF + MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Acknowledgement + + Funding for the RFC Editor function is currently provided by the + Internet Society. + + + + + + + + + + + + + + + + + + + +Siemborski Experimental [Page 19] + -- cgit v1.2.3