RE: [Off Topic] Need review for POP3 extension mechanism

From owner-ietf-pop3ext Thu Mar 12 13:10:45 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA22995 for ietf-pop3ext-bks; Thu, 12 Mar 1998 13:10:45 -0800 (PST) Received: from cypress.nwnet.net (cypress.nwnet.net [192.80.13.56]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA22991 for ; Thu, 12 Mar 1998 13:10:43 -0800 (PST) Received: from cypress.nwnet.net (localhost [127.0.0.1]) by cypress.nwnet.net (970819888) with ESMTP id NAA20701; Thu, 12 Mar 1998 13:08:56 -0800 (PST) Message-Id: <199803122108.NAA20701@cypress.nwnet.net> To: randy@Qualcomm.Com cc: ietf-pop3ext@imc.org From: Tom Killalea Subject: comments on draft-gellens-pop3ext-02.txt MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <20698.889736935.1@cypress.nwnet.net> Date: Thu, 12 Mar 1998 13:08:56 -0800 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Congratulations on a very welcome draft. Suggestions below. >1. Introduction > > Because one of the most important features of POP3 is its > simplicity, it is not desirable to have a lot of extensions. > However, some extensions are necessary (such as ones that provide > improved security [POP-AUTH]), some are very desirable in certain > situations, and a means for discovering server behavior is needed. Because one of the most important features of POP3 is its simplicity, it is desirable that extensions be few in number. However, some extensions are necessary (such as ones that provide improved security [POP-AUTH]), while others are very desirable in certain situations. In either case a means for discovering server behavior is needed. >4. Parameter and Response Lengths > > This specification increases the length restrictions on commands > and parameters imposed by RFC 1939. > > The maximum length of a command is increased from 45 characters (4 > character command, single space, 40 character argument) to 255 > octets. I think such a fundamental change, if it's really needed, would belong in a revision of 1939 rather than in the extension mechanism document. >5. The CAPA Command > > The POP3 CAPA command returns a list of capabilities supported by > the POP3 server. It is available in both the AUTHORIZATION and > TRANSACTION states. Additional capabilities MAY become available > in the TRANSACTION state, but all capabilities listed in the > AUTHORIZATION state MUST also be available. If a capability > available in the TRANSACTION state is not available in the > AUTHORIZATION state, this MUST be stated in the capabilities > description. I'm uncomfortable with the advertisement of TRANSACTION state-only capabilities while still in the AUTHORIZATION state. My concern is that potential attackers could use the information gleaned (including but not limited to IMPLEMENTATION information) to zone in on servers running vulnerable implementations, servers that implement XTND XMIT and are potential UBE injection points, etc. Maybe I'm paranoid (okay, I am), but I think it would be worthwhile to have two distinct commands, say CAPA and CAPT, for advertising supported capabilities available in the AUTHORIZATION and TRANSACTION states respectively. > Section 3 describes the CAPA response using [ABNF]. When a > capability response describes an optional command, the > is usually, but is not required to be, identical to the command > keyword. CAPA response tags are case-insensitive. the SHOULD be identical to the command keyword. > S: IMPLEMENTATION "Shlemazle Plotz v302" Have I seen this before, Laurence ? :-) >6. Initial Set of Capabilities > Note that there is no APOP capability, even though APOP is an > optional command in [POP3]. Clients discover server support of > APOP by the presence in the greeting banner of an initial challenge > enclosed in angle brackets ("<>"). Therefore, an APOP capability > would introduce two ways for a server to announce the same thing. I think that having two ways to announce the same thing is a lesser sin than returning an incomplete list with a dependence on another mechanism to complete the list. >6.4. LOGIN-DELAY capability > > CAPA tag: > LOGIN-DELAY > > Arguments: > minimum seconds between logins > > authentication will be accepted. Clients which permit the user > to configure a mail check interval can use this capability to > determine the minimum permissible interval. Servers which to configure a mail check interval SHOULD use this capability to determine the minimum permissible interval. Servers which >7. Future Extensions to POP3 > > Capabilities beginning with the letter "X" are reserved for > experimental non-standard extensions and their use is discouraged. > All other capabilities MUST be defined in a standards track or IESG > approved experimental RFC. Given recent discussion on the GRIP WG list (grip-wg@uu.net) arising from draft-ietf-grip-hansen-xtnd-00.txt (which despite the name is *not* a draft sanctioned by that group) does it make sense to explicitly discourage/deprecate XTND XMIT and indicate why it's a bad idea ? >8. Extended POP3 Response Codes > > POP3 is currently only capable of indicating success or failure to > most commands. Unfortunately, clients often need to know more > information about the cause of a failure in order to gracefully > recover. This is especially important in response to a failed > login (there are widely-deployed clients which attempt to decode > the error text of a PASS command result, to try and distinguish > between "unable to get maildrop lock" and "bad login"). > This specification amends the POP3 standard to permit an optional > response code, enclosed in square brackets, at the beginning of the > human readable text portion of an "+OK" or "-ERR" response. This is very welcome. >10. Security Considerations > > A capability list can reveal information about the server's > authentication capabilities which can be used to determine if > certain attacks will be successful. As I said above, full capabilities disclosure should be restricted until the TRANSACTION state is entered. >12. Full Copyright Statement > > Copyright (C) The Internet Society 1998. All Rights Reserved. > > This document and translations of it may be copied and furnished to > others, and derivative works that comment on or otherwise explain > it or assist in its implmentation may be prepared, copied, implementation Cheers, Tom. -- Tom Killalea (425) 649-7417 Verio Northwest tomk@nw.verio.net From owner-ietf-pop3ext Thu Mar 12 17:21:24 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id RAA24971 for ietf-pop3ext-bks; Thu, 12 Mar 1998 17:21:24 -0800 (PST) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id RAA24967 for ; Thu, 12 Mar 1998 17:21:23 -0800 (PST) Received: from [129.46.137.174] (llundblade-mac.qualcomm.com [129.46.137.174]) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id RAA12763; Thu, 12 Mar 1998 17:20:24 -0800 (PST) X-Sender: llundbla@nala.qualcomm.com Message-Id: In-Reply-To: <199803122108.NAA20701@cypress.nwnet.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 12 Mar 1998 17:03:51 -0800 To: Tom Killalea From: Laurence Lundblade Subject: Re: comments on draft-gellens-pop3ext-02.txt Cc: Randy Gellens , ietf-pop3ext@imc.org Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 1:08 PM -0800 3/12/98, Tom Killalea wrote: > >>5. The CAPA Command >> >> The POP3 CAPA command returns a list of capabilities supported by >> the POP3 server. It is available in both the AUTHORIZATION and >> TRANSACTION states. Additional capabilities MAY become available >> in the TRANSACTION state, but all capabilities listed in the >> AUTHORIZATION state MUST also be available. If a capability >> available in the TRANSACTION state is not available in the >> AUTHORIZATION state, this MUST be stated in the capabilities >> description. > >I'm uncomfortable with the advertisement of TRANSACTION state-only >capabilities while still in the AUTHORIZATION state. > >My concern is that potential attackers could use the information gleaned >(including but not limited to IMPLEMENTATION information) to zone in on >servers running vulnerable implementations, servers that implement XTND >XMIT and are potential UBE injection points, etc. > >Maybe I'm paranoid (okay, I am), but I think it would be worthwhile to >have two distinct commands, say CAPA and CAPT, for advertising supported >capabilities available in the AUTHORIZATION and TRANSACTION states >respectively. There's nothing that requires advertisement in the AUTHORIZATION state. How about listing this as a security concern? In the interest of simplicity, I was hoping only clients looking for particular TRANSACTION state extensions would have to do the second look up. > >> Section 3 describes the CAPA response using [ABNF]. When a >> capability response describes an optional command, the >> is usually, but is not required to be, identical to the command >> keyword. CAPA response tags are case-insensitive. > >the SHOULD be identical to the command >keyword. > >> S: IMPLEMENTATION "Shlemazle Plotz v302" > >Have I seen this before, Laurence ? :-) It wasn't me despite previous geographic associations :-) > >>6. Initial Set of Capabilities > >> Note that there is no APOP capability, even though APOP is an >> optional command in [POP3]. Clients discover server support of >> APOP by the presence in the greeting banner of an initial challenge >> enclosed in angle brackets ("<>"). Therefore, an APOP capability >> would introduce two ways for a server to announce the same thing. > >I think that having two ways to announce the same thing is a lesser sin >than returning an incomplete list with a dependence on another >mechanism to complete the list. Would be OK with me. I kind of agree with Chris who suggested taking it out though. It's more code and complexity if the APOP options is advertised and their's no cookie in the banner. You have to parse the cookie before the options anyway. I can't think of any reason to have the cookie without advertising APOP. LL From owner-ietf-pop3ext Thu Mar 12 17:42:16 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id RAA25105 for ietf-pop3ext-bks; Thu, 12 Mar 1998 17:42:16 -0800 (PST) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id RAA25101 for ; Thu, 12 Mar 1998 17:42:15 -0800 (PST) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id RAA15064; Thu, 12 Mar 1998 17:41:17 -0800 (PST) Message-Id: In-Reply-To: <199803122108.NAA20701@cypress.nwnet.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Mailer: Eudora Pro 4.0 for Macintosh Date: Thu, 12 Mar 1998 17:40:28 -0800 To: Tom Killalea From: Randall Gellens Subject: Re: comments on draft-gellens-pop3ext-02.txt Cc: ietf-pop3ext@imc.org Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Thanks for your comments, Tom. > However, some extensions are necessary (such as ones that provide > improved security [POP-AUTH]), while others are very desirable in > certain situations. In either case a means for discovering server > behavior is needed. Thanks for the wording suggestions. >> The maximum length of a command is increased from 45 characters (4 >> character command, single space, 40 character argument) to 255 >> octets. > >I think such a fundamental change, if it's really needed, would belong in >a revision of 1939 rather than in the extension mechanism document. I don't think so; if a server supports CAPA it must also support commands up to 255 octets; if it doesn't support CAPA, it can be limited to 45. SMTP extensions routinely increase the maximum length of various commands. >I'm uncomfortable with the advertisement of TRANSACTION state-only >capabilities while still in the AUTHORIZATION state. The draft says that a server can have capabilities which are not visible unless the CAPA command is issued in TRANSACTION state, as long as this is stated in the description of the capability, that is, in the RFC which documents it. This way clients which don't care about any auth-invisible caps don't have to issue two CAPA commands. Clients pretty much have to issue a CAPA in auth, so they can learn which auth mechanisms the server supports. >My concern is that potential attackers could use the information gleaned >(including but not limited to IMPLEMENTATION information) to zone in on >servers running vulnerable implementations, servers that implement XTND >XMIT and are potential UBE injection points, etc. This is an old debate (putting implementation info in the banner exposes holes) and I really don't want to get into it. I think the draft allows server writers to come down on either side, and client writers have the tools to cope. >the SHOULD be identical to the command >keyword. OK. SHOULD it is. >> S: IMPLEMENTATION "Shlemazle Plotz v302" > >Have I seen this before, Laurence ? :-) Just my attempt at being cute. A shlemazle server probably will plotz. >> Note that there is no APOP capability, even though APOP is an >> optional command in [POP3]. Clients discover server support of >> APOP by the presence in the greeting banner of an initial challenge >> enclosed in angle brackets ("<>"). Therefore, an APOP capability >> would introduce two ways for a server to announce the same thing. > >I think that having two ways to announce the same thing is a lesser sin >than returning an incomplete list with a dependence on another >mechanism to complete the list. APOP is really an outdated mechanism. SASL is the way to go, and that uses CAPA tags. I think APOP interoperates OK now; there is a way to announce it that works. I can't see client writers changing their ACAP code to look at CAPA tags instead. >to configure a mail check interval SHOULD use this capability to >determine the minimum permissible interval. Servers which OK, I'm happy with a SHOULD here. >Given recent discussion on the GRIP WG list (grip-wg@uu.net) arising >from draft-ietf-grip-hansen-xtnd-00.txt (which despite the name is *not* >a draft sanctioned by that group) does it make sense to explicitly >discourage/deprecate XTND XMIT and indicate why it's a bad idea ? (Do you mean the discussion a few weeks ago, or has there been new stuff that I missed?) I really don't want to get into XTND XMIT. I don't think any mention of it belongs in this draft. Some ISPs love it, lots of IETF people hate it. The "X" mechanism allows it without taking a stand. From owner-ietf-pop3ext Fri Mar 13 10:48:47 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id KAA15795 for ietf-pop3ext-bks; Fri, 13 Mar 1998 10:48:47 -0800 (PST) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id KAA15791 for ; Fri, 13 Mar 1998 10:48:46 -0800 (PST) Received: from [129.46.137.174] (llundblade-mac.qualcomm.com [129.46.137.174]) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id KAA25650 for ; Fri, 13 Mar 1998 10:47:53 -0800 (PST) X-Sender: llundbla@nala.qualcomm.com Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Fri, 13 Mar 1998 10:37:07 -0800 To: ietf-pop3ext@imc.org From: Laurence Lundblade Subject: LMOS Sender: owner-ietf-pop3ext@imc.org Precedence: bulk I'm having trouble designing sensible UI for the three values for new, top'd and retr'd. While it's likely that new and top'd will have the same value, you still have to design sensible UI for when they're not. So about about LMOS-fully-fetched, and LMOS-not-fully-fetched? Then require new and top'd messages to be considered as not-fully-fetched. LL From owner-ietf-pop3ext Fri Mar 13 12:19:41 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id MAA16777 for ietf-pop3ext-bks; Fri, 13 Mar 1998 12:19:41 -0800 (PST) Received: from adept.qualcomm.com (adept.qualcomm.com [129.46.2.41]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id MAA16773 for ; Fri, 13 Mar 1998 12:19:40 -0800 (PST) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by adept.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id MAA27186; Fri, 13 Mar 1998 12:18:23 -0800 (PST) Message-Id: In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Mailer: Eudora Pro 4.0 for Macintosh Date: Fri, 13 Mar 1998 12:00:56 -0800 To: Laurence Lundblade From: Randall Gellens Subject: Re: LMOS Cc: ietf-pop3ext@imc.org Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 10:37 AM -0800 3/13/98, Laurence Lundblade wrote: >I'm having trouble designing sensible UI for the three values for new, >top'd and retr'd. While it's likely that new and top'd will have the same >value, you still have to design sensible UI for when they're not. So about >about LMOS-fully-fetched, and LMOS-not-fully-fetched? Then require new and >top'd messages to be considered as not-fully-fetched. But a TOPped message might really be fully-fetched. At RFC 1939 warns, if a server is implementing some form of message expiration, users might start using TOP in lieu of of RETR as a way around the policy. As a result, some sites might have a policy that treats TOP and RETR as "seen". The current draft recommends that there be only two categories of messages, and allows TOP to be placed in either. We could make this a SHOULD. From owner-ietf-pop3ext Thu Mar 19 13:54:52 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA03473 for ietf-pop3ext-bks; Thu, 19 Mar 1998 13:54:52 -0800 (PST) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA03469 for ; Thu, 19 Mar 1998 13:54:51 -0800 (PST) Received: from elwood.innosoft.com ("port 50118"@ELWOOD.INNOSOFT.COM) by INNOSOFT.COM (PMDF V5.1-10 #8694) with SMTP id <01IUUPNQGWD28Y5DFR@INNOSOFT.COM> for ietf-pop3ext@imc.org; Thu, 19 Mar 1998 13:52:32 PST Date: Thu, 19 Mar 1998 13:54:20 -0800 (PST) From: Chris Newman Subject: Re: comments on draft-gellens-pop3ext-02.txt In-reply-to: <199803122108.NAA20701@cypress.nwnet.net> To: Tom Killalea Cc: ietf-pop3ext@imc.org Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Originator-Info: login-id=chris; server=THOR.INNOSOFT.COM Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On Thu, 12 Mar 1998, Tom Killalea wrote: > > Note that there is no APOP capability, even though APOP is an > > optional command in [POP3]. Clients discover server support of > > APOP by the presence in the greeting banner of an initial challenge > > enclosed in angle brackets ("<>"). Therefore, an APOP capability > > would introduce two ways for a server to announce the same thing. > > I think that having two ways to announce the same thing is a lesser sin > than returning an incomplete list with a dependence on another > mechanism to complete the list. I disagree. Having two ways to announce a capability introduces a "Silly State" (see draft-newman-protocol-design-01.txt). What does an APOP client do if APOP is in the capability list, but there's no challenge in the greeting banner? The fact is it can't do anything because APOP isn't supported. That means looking for "APOP" in the capability list is meaningless even if we did add it. Human readability comes second to correct design, and while human readability would dictate a complete list of capabilities, correct design dictates otherwise. > Given recent discussion on the GRIP WG list (grip-wg@uu.net) arising > from draft-ietf-grip-hansen-xtnd-00.txt (which despite the name is *not* > a draft sanctioned by that group) does it make sense to explicitly > discourage/deprecate XTND XMIT and indicate why it's a bad idea ? The draft says enough about this in the "Future Extensions to POP3" section. It makes it quite clear that extensions which duplicate capabilities supplied by IMAP or SMTP are strongly discouraged. Since "XTND XMIT" duplicates SMTP functionality (defectively to bat), it is therefore strongly discouraged and there's no way it could ever be standardized. - Chris From owner-ietf-pop3ext Thu Mar 19 15:51:30 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id PAA04375 for ietf-pop3ext-bks; Thu, 19 Mar 1998 15:51:30 -0800 (PST) Received: from strato-fe0.ultra.net (strato-fe0.ultra.net [146.115.8.190]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id PAA04371 for ; Thu, 19 Mar 1998 15:51:29 -0800 (PST) Received: from dangermouse (d4.dial-14.mbo.ma.ultra.net [146.115.100.68]) by strato-fe0.ultra.net (8.8.8/ult.n14767) with SMTP id SAA09835 for ; Thu, 19 Mar 1998 18:51:06 -0500 (EST) Message-Id: <3.0.1.32.19980319184857.00b55e00@no3.superb.net> X-Sender: blighty@no3.superb.net X-Mailer: Windows Eudora Light Version 3.0.1 (32) Date: Thu, 19 Mar 1998 18:48:57 -0500 To: ietf-pop3ext@imc.org From: Steve Atkins Subject: Re: comments on draft-gellens-pop3ext-02.txt In-Reply-To: References: <199803122108.NAA20701@cypress.nwnet.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Chris newman wrote: >On Thu, 12 Mar 1998, Tom Killalea wrote: > >> Given recent discussion on the GRIP WG list (grip-wg@uu.net) arising >> from draft-ietf-grip-hansen-xtnd-00.txt (which despite the name is *not* >> a draft sanctioned by that group) does it make sense to explicitly >> discourage/deprecate XTND XMIT and indicate why it's a bad idea ? > >The draft says enough about this in the "Future Extensions to POP3" >section. It makes it quite clear that extensions which duplicate >capabilities supplied by IMAP or SMTP are strongly discouraged. Since >"XTND XMIT" duplicates SMTP functionality (defectively to bat), it >is therefore strongly discouraged and there's no way it could ever be >standardized. That's exactly why I'm lurking here... It's quite clear (to me, anyway) that XTND XMIT doesn't duplicate SMTP functionality (SMTP doesn't usually have sender authentication). Whilst fixing SMTP to require authentication would be ideal that's a lot less likely to happen than standardising a POP3 or IMAP send extension. (Not neccesarily using XTND XMIT type protocol - as you say, it's broken). I get the impression that this has been 'discussed' at length somewhere before - if someone could point me at an archive, or give me the gist of the argument I'd appreciate it. Cheers, Steve -- -- Steve Atkins -- steve@blighty.com From owner-ietf-pop3ext Thu Mar 19 16:17:28 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id QAA04550 for ietf-pop3ext-bks; Thu, 19 Mar 1998 16:17:28 -0800 (PST) Received: from apprentice.qualcomm.com (apprentice.qualcomm.com [129.46.2.86]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id QAA04546 for ; Thu, 19 Mar 1998 16:17:27 -0800 (PST) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by apprentice.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id QAA29061; Thu, 19 Mar 1998 16:16:48 -0800 (PST) Message-Id: In-Reply-To: <3.0.1.32.19980319184857.00b55e00@no3.superb.net> References: <199803122108.NAA20701@cypress.nwnet.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Mailer: Eudora Pro 4.0 for Macintosh Date: Thu, 19 Mar 1998 16:08:20 -0800 To: Steve Atkins From: Randall Gellens Subject: Re: comments on draft-gellens-pop3ext-02.txt Cc: ietf-pop3ext@imc.org Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 6:48 PM -0500 3/19/98, Steve Atkins wrote: >Whilst fixing SMTP to require authentication would be ideal that's >a lot less likely to happen than standardising a POP3 or IMAP send >extension. (Not neccesarily using XTND XMIT type protocol - as you say, >it's broken). I disagree; there is a proposal for an AUTH command in SMTP (using SASL) and I haven't heard any objections to it. From owner-ietf-pop3ext Fri Mar 20 10:20:14 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id KAA24367 for ietf-pop3ext-bks; Fri, 20 Mar 1998 10:20:14 -0800 (PST) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id KAA24363 for ; Fri, 20 Mar 1998 10:20:13 -0800 (PST) Received: from localhost (llundbla@localhost) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with SMTP id KAA08967; Fri, 20 Mar 1998 10:19:52 -0800 (PST) Date: Fri, 20 Mar 1998 10:19:52 -0800 (PST) From: Laurence Lundblade To: Steve Atkins cc: ietf-pop3ext@imc.org Subject: Re: comments on draft-gellens-pop3ext-02.txt In-Reply-To: <3.0.1.32.19980319184857.00b55e00@no3.superb.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Not sure where this was discussed but you're right it was :-) Whatever anyone thinks about XTND XMIT, I think discussion about it should be decoupled from the POP extension mechanism. The current draft certainly does not absolutey preclude it or anything like it even though it discourages it. Given that the language is only a suggestion that it will be hard to get such a thing through the IESG I would hope this isn't a problem. LL On Thu, 19 Mar 1998, Steve Atkins wrote: > Chris newman wrote: > >On Thu, 12 Mar 1998, Tom Killalea wrote: > > > >> Given recent discussion on the GRIP WG list (grip-wg@uu.net) arising > >> from draft-ietf-grip-hansen-xtnd-00.txt (which despite the name is *not* > >> a draft sanctioned by that group) does it make sense to explicitly > >> discourage/deprecate XTND XMIT and indicate why it's a bad idea ? > > > >The draft says enough about this in the "Future Extensions to POP3" > >section. It makes it quite clear that extensions which duplicate > >capabilities supplied by IMAP or SMTP are strongly discouraged. Since > >"XTND XMIT" duplicates SMTP functionality (defectively to bat), it > >is therefore strongly discouraged and there's no way it could ever be > >standardized. > > That's exactly why I'm lurking here... > > It's quite clear (to me, anyway) that XTND XMIT doesn't duplicate > SMTP functionality (SMTP doesn't usually have sender authentication). > > Whilst fixing SMTP to require authentication would be ideal that's > a lot less likely to happen than standardising a POP3 or IMAP send > extension. (Not neccesarily using XTND XMIT type protocol - as you say, > it's broken). > > I get the impression that this has been 'discussed' at length somewhere > before - if someone could point me at an archive, or give me the gist > of the argument I'd appreciate it. > > Cheers, > Steve > -- > -- Steve Atkins -- steve@blighty.com > > From owner-ietf-pop3ext Wed May 20 23:23:12 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id XAA13766 for ietf-pop3ext-bks; Wed, 20 May 1998 23:23:12 -0700 (PDT) Received: from mailhost.dircon.co.uk (mailhost.dircon.co.uk [194.112.50.75]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id XAA13754 for ; Wed, 20 May 1998 23:23:11 -0700 (PDT) From: postmaster@Blue_Server.equisys.com Received: from Blue_Server.equisys.com (equisys.dircon.co.uk [194.112.44.68]) by mailhost.dircon.co.uk (8.8.8/8.8.7) with ESMTP id HAA13068 for ; Thu, 21 May 1998 07:26:47 +0100 (BST) Received: (from Administrator@localhost) by Blue_Server.equisys.com (8.6.9/8.6.9) id HAA00511; Thu, 21 May 1998 07:31:24 GMT Date: Thu, 21 May 1998 07:31:24 GMT Message-Id: <199805210731.HAA00511@Blue_Server.equisys.com> To: ietf-pop3ext@imc.org Subject: Non Delivery Report X-Mailer: MailNet 4.10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Your Message To: Huw Charles postmaster Subject: Re: Mail collection Was not delivered for the following reasons: Delivery failed to MS:postmaster. Reason: 1 (transfer impossible) diagnostic: 0 (OR name (Email address) unrecognized). MSEXCH:MSExchangeMTA:MSX1:EMERALD. Original message body follows... POP received a message that does not appear to be for this site: Return-Path: Received: (from root@localhost) by popmail.dircon.co.uk (8.8.5/8.8.7) id AAA10561 for equisys; Thu, 21 May 1998 00:04:58 +0100 (BST) Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by popmail.dircon.co.uk (8.8.5/8.8.7) with ESMTP id AAA10533; Thu, 21 May 1998 00:04:56 +0100 (BST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id PAA01746 for ietf-fax-bks; Wed, 20 May 1998 15:41:57 -0700 (PDT) Received: from spot.cs.utk.edu (SPOT.CS.UTK.EDU [128.169.92.189]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id PAA01742 for ; Wed, 20 May 1998 15:41:56 -0700 (PDT) Received: from spot.cs.utk.edu by spot.cs.utk.edu with ESMTP (cf v2.11c-UTK) id SAA29464; Wed, 20 May 1998 18:45:30 -0400 (EDT) Message-Id: <199805202245.SAA29464@spot.cs.utk.edu> X-URI: http://www.cs.utk.edu/~moore/ From: Keith Moore To: George.Pajari@Faximum.COM (George Pajari) cc: moore@cs.utk.edu (Keith Moore), GK@ACM.ORG, IETF-FAX@imc.org, moore@cs.utk.edu Subject: Re: Mail collection reply-to: ietf-pop3ext@imc.org In-reply-to: Your message of "Wed, 20 May 1998 15:34:24 PDT." <199805202234.PAA14190@eclipse.faximum.com> Date: Wed, 20 May 1998 18:45:29 -0400 Sender: owner-ietf-fax@imc.org Precedence: bulk X-Envelope-To: X-UIDL: 0d29d9ca1ce1314426497086bc722de9 > According to Keith Moore: > > If on the other hand, we can do some careful tweaking to POP to let > > it support confirmation of transfer and relaying of envelope information, > > and if ISPs offer the tweaked version of POP rather than what we have > > now, (which are admittedly big IFs) then we can keep mail reliability from > > degrading. > > Obviously I'm missing something here but it would seem to me that the > effort of persuading ISPs to offer tweaked POP (and to get MUA software > developers to support tweaked POP, etc. down the food chain) would seem > isomorphic to the problem of getting them all to use > "SMTP+TURN+authentication" maybe, maybe not. It depends on whether "supporting tweaked POP" is seen as adding significant overhead. It also depends on whether the ISP thinks it can make more money by refusing to support tweaked POP, and offering an SMTP+TURN service. > And if the two problems are equally difficult, isn't pushing > "SMTP+TURN+authentication" better for all? The question is whether the two are equally difficult. > Of course, we might have to rename "SMTP+TURN+authentication" POP4 > (POPng anyone?) in order to fool the masses into adopting it. It seems the > only difference between selling POP+tweaks vs. SMTP+TURN+etc. is the name, > n'est-ce-pas? it's probably easier to tweak POP to transfer mail reliably, than to tweak SMTP to allow it to read messages. Keith p.s. since discussion of POP extensions probably doesn't belong on this list, I suggest that further discussion of these issues be held on ietf-pop3ext@imc.org Received: (from Administrator@localhost) by Blue_Server.equisys.com (8.6.9/8.6.9) id AAA00613 for postmaster; Thu, 21 May 1998 00:10:30 GMT Date: Thu, 21 May 1998 00:10:30 GMT From: ietf-pop3ext@imc.org Message-Id: <199805210010.AAA00613@Blue_Server.equisys.com> Apparently-To: postmaster From owner-ietf-pop3ext Wed May 20 23:23:21 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id XAA13812 for ietf-pop3ext-bks; Wed, 20 May 1998 23:23:21 -0700 (PDT) Received: from mailhost.dircon.co.uk (mailhost.dircon.co.uk [194.112.50.75]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id XAA13802 for ; Wed, 20 May 1998 23:23:20 -0700 (PDT) From: postmaster@Blue_Server.equisys.com Received: from Blue_Server.equisys.com (equisys.dircon.co.uk [194.112.44.68]) by mailhost.dircon.co.uk (8.8.8/8.8.7) with ESMTP id HAA13076 for ; Thu, 21 May 1998 07:27:01 +0100 (BST) Received: (from Administrator@localhost) by Blue_Server.equisys.com (8.6.9/8.6.9) id HAA00575; Thu, 21 May 1998 07:31:36 GMT Date: Thu, 21 May 1998 07:31:36 GMT Message-Id: <199805210731.HAA00575@Blue_Server.equisys.com> To: ietf-pop3ext@imc.org Subject: Non Delivery Report X-Mailer: MailNet 4.10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Your Message To: Huw Charles postmaster Subject: Re: Mail collection Was not delivered for the following reasons: Delivery failed to MS:postmaster. Reason: 1 (transfer impossible) diagnostic: 0 (OR name (Email address) unrecognized). MSEXCH:MSExchangeMTA:MSX1:EMERALD. Original message body follows... POP received a message that does not appear to be for this site: Return-Path: Received: (from root@localhost) by popmail.dircon.co.uk (8.8.5/8.8.7) id AAA10571 for equisys; Thu, 21 May 1998 00:04:59 +0100 (BST) Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by popmail.dircon.co.uk (8.8.5/8.8.7) with ESMTP id AAA10533; Thu, 21 May 1998 00:04:56 +0100 (BST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id PAA01746 for ietf-fax-bks; Wed, 20 May 1998 15:41:57 -0700 (PDT) Received: from spot.cs.utk.edu (SPOT.CS.UTK.EDU [128.169.92.189]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id PAA01742 for ; Wed, 20 May 1998 15:41:56 -0700 (PDT) Received: from spot.cs.utk.edu by spot.cs.utk.edu with ESMTP (cf v2.11c-UTK) id SAA29464; Wed, 20 May 1998 18:45:30 -0400 (EDT) Message-Id: <199805202245.SAA29464@spot.cs.utk.edu> X-URI: http://www.cs.utk.edu/~moore/ From: Keith Moore To: George.Pajari@Faximum.COM (George Pajari) cc: moore@cs.utk.edu (Keith Moore), GK@ACM.ORG, IETF-FAX@imc.org, moore@cs.utk.edu Subject: Re: Mail collection reply-to: ietf-pop3ext@imc.org In-reply-to: Your message of "Wed, 20 May 1998 15:34:24 PDT." <199805202234.PAA14190@eclipse.faximum.com> Date: Wed, 20 May 1998 18:45:29 -0400 Sender: owner-ietf-fax@imc.org Precedence: bulk X-Envelope-To: X-UIDL: a65aa2b0c4b4a89ee79fe33ddf1de3cc Status: U > According to Keith Moore: > > If on the other hand, we can do some careful tweaking to POP to let > > it support confirmation of transfer and relaying of envelope information, > > and if ISPs offer the tweaked version of POP rather than what we have > > now, (which are admittedly big IFs) then we can keep mail reliability from > > degrading. > > Obviously I'm missing something here but it would seem to me that the > effort of persuading ISPs to offer tweaked POP (and to get MUA software > developers to support tweaked POP, etc. down the food chain) would seem > isomorphic to the problem of getting them all to use > "SMTP+TURN+authentication" maybe, maybe not. It depends on whether "supporting tweaked POP" is seen as adding significant overhead. It also depends on whether the ISP thinks it can make more money by refusing to support tweaked POP, and offering an SMTP+TURN service. > And if the two problems are equally difficult, isn't pushing > "SMTP+TURN+authentication" better for all? The question is whether the two are equally difficult. > Of course, we might have to rename "SMTP+TURN+authentication" POP4 > (POPng anyone?) in order to fool the masses into adopting it. It seems the > only difference between selling POP+tweaks vs. SMTP+TURN+etc. is the name, > n'est-ce-pas? it's probably easier to tweak POP to transfer mail reliably, than to tweak SMTP to allow it to read messages. Keith p.s. since discussion of POP extensions probably doesn't belong on this list, I suggest that further discussion of these issues be held on ietf-pop3ext@imc.org Received: (from Administrator@localhost) by Blue_Server.equisys.com (8.6.9/8.6.9) id AAA00584 for postmaster; Thu, 21 May 1998 00:10:43 GMT Date: Thu, 21 May 1998 00:10:43 GMT From: ietf-pop3ext@imc.org Message-Id: <199805210010.AAA00584@Blue_Server.equisys.com> Apparently-To: postmaster From owner-ietf-pop3ext Wed Jul 8 18:30:06 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA19988 for ietf-pop3ext-bks; Wed, 8 Jul 1998 18:30:06 -0700 (PDT) Received: from spot.cs.utk.edu (SPOT.CS.UTK.EDU [128.169.92.189]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA19983; Wed, 8 Jul 1998 18:30:05 -0700 (PDT) Received: from spot.cs.utk.edu by spot.cs.utk.edu with ESMTP (cf v2.11c-UTK) id VAA28119; Wed, 8 Jul 1998 21:30:01 -0400 (EDT) Message-Id: <199807090130.VAA28119@spot.cs.utk.edu> X-URI: http://www.cs.utk.edu/~moore/ X-PGP-Key: 2F07A741 ; 78 15 8E 8B C0 06 5D D1 BC 08 05 7F 42 81 7E 90 To: drums@cs.utk.edu, ietf-smtp@imc.org Subject: [Off Topic] Need review for POP3 extension mechanism cc: moore@cs.utk.edu, ietf-pop3ext@imc.org From: Keith Moore Reply-To: ietf-pop3ext@imc.org Date: Wed, 08 Jul 1998 21:30:01 -0400 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk I apologize for an off-topic posting. Please send replies to ietf-pop3ext@imc.org, not to the drums or ietf-smtp lists. On May 18, a Last Call was issued on for document draft-gellens-pop3ext-05.txt , for Proposed Standard status. Nobody has commented on the document. I am reluctant to recommend that IESG approve this document without more evidence of support. So I'm asking for more review... Should the document be adopted as is? Does it need more wordsmithing? Are all of these capabilities needed? Are all of the capabilities defined with sufficient precision? Should the document be standards track or should it be Informational or Experimental? Should the extension mechanism be separated from (and perhaps a different status from) the extensions themselves? If the document is approved for Proposed, should all of the proposed extensions be included? Or should some of the extensions be moved to a separate Informational or Experimental? Which ones? In the absence of more community input, my recommendation would be to direct the authors to remove all of the capabilities from this document, except those which are already defined in standards-track documents. Additional capabilities could be defined in a separate experimental or informational RFC. thanks! Keith Moore APPS co-AD From owner-ietf-pop3ext Thu Jul 9 09:26:44 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA11100 for ietf-pop3ext-bks; Thu, 9 Jul 1998 09:26:44 -0700 (PDT) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA11096 for ; Thu, 9 Jul 1998 09:26:43 -0700 (PDT) Received: from elwood.innosoft.com ("port 60319"@ELWOOD.INNOSOFT.COM) by INNOSOFT.COM (PMDF V5.1-11 #U3049) with SMTP id <01IZ6WZRRM2A99DOLZ@INNOSOFT.COM> for ietf-pop3ext@imc.org; Thu, 9 Jul 1998 09:25:51 PDT Date: Thu, 09 Jul 1998 09:27:08 -0700 (PDT) From: Chris Newman Subject: Re: [Off Topic] Need review for POP3 extension mechanism In-reply-to: <199807090130.VAA28119@spot.cs.utk.edu> To: ietf-pop3ext@imc.org Cc: moore@cs.utk.edu Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Originator-Info: login-id=chris; server=THOR.INNOSOFT.COM Sender: owner-ietf-pop3ext@imc.org Precedence: bulk As one of the co-authors, I'll take a crack at your questions. On Wed, 8 Jul 1998, Keith Moore wrote: > Should the document be adopted as is? Does it need more wordsmithing? I have already implemented to the current spec (including all the capabilities listed). The only wordsmithing issue that might be a concern is how strongly the "lots of POP extensions are undesirable" wording should be. It's pretty strong now in that it gives cause to reject any extension which overlaps SMTP or IMAP functionality. I'd consider it a friendly amendment to make that language even stronger (although I don't know about my co-authors). > Are all of these capabilities needed? All of the capabilities (with the exception of IMPLEMENTATION) reflect functional variations in deployed POP servers which would function more smoothly if the client knew about them. So I'd say yes. > Are all of the capabilities defined with sufficient precision? I think so. But a proposed standard doesn't have to be perfect. > Should the document be standards track or should it be Informational or > Experimental? I think there are three extensions which together demand the capability command for POP3. The SASL AUTH command (RFC 1734), the STARTTLS extension (draft-newman-tls-imappop-04.txt), and the LANG command (which hasn't been written yet). I expect these to be popular down the road, and the last thing I'd want is for POP clients to have to probe for each of these individually. Further, since I want draft-newman-tls-imappop-04.txt on the standards track, I'll simply rip the POP STARTTLS extension out of that spec if the POP extensions draft doesn't go standards track. Then the industry will use the "pops" port for POP+TLS. The IMAP WG determined that probing for commands just wasn't a good plan after months of debate. So we should either forbid the addition of any extensions to POP3 (including those necessary for internationalization and TLS support), or we bite the bullet and put this on the standards track. > In the absence of more community input, my recommendation would be to direct > the authors to remove all of the capabilities from this document, except those > which are already defined in standards-track documents. Additional capabilities > could be defined in a separate experimental or informational RFC. Ok, here's what we have: TOP -- RFC 1939, section 7 USER -- RFC 1939, section 7 UIDL -- RFC 1939, section 7 SASL -- RFC 1734 EXPIRE -- RFC 1939, section 8 second bullet item. In fact just announcing this standards-track server behavior potentially resolves the problem described in paragraph containing "may be confusing to the user community." The "LOGIN-DELAY" option is based on a feature deployed in several servers including Innosoft's and CMU Cyrus pop3d which only allows people to login with a certain frequency to improve server scaling and reduce load. Unfortunately, this creates a user confusion scenario when setting the "mail check interval" since the POP client can only discover the interval by annoying trial & error. Without such a feature, some users will check mail every 5 seconds or worse. Imagine trying to scale a POP server with that setting on all the clients. The "PIPELINING" option is identical to the one in ESMTP, for similar reasons. I think this is a no-brainer. I could care less about the "IMPLEMENTATION" capability. The only other issue is the response codes which I believe are justified both because of their successful addition to IMAP2, and because clients are currently doing strcmp()s on the returned error strings which is neither internationalizable nor interoperable. - Chris From owner-ietf-pop3ext Thu Jul 9 12:27:44 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA12491 for ietf-pop3ext-bks; Thu, 9 Jul 1998 12:27:44 -0700 (PDT) Received: from gw3.octel.com (gw3.octel.com [148.147.1.15]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA12487 for ; Thu, 9 Jul 1998 12:27:42 -0700 (PDT) Received: from curly.eng.octel.com (curly.eng.octel.com [148.147.200.26]) by gw3.octel.com (8.8.8/8.8.8) with ESMTP id MAA09872 for ; Thu, 9 Jul 1998 12:27:18 -0700 (PDT) Received: from buzz.ons.octel.com (buzz.ons.octel.com [155.184.13.4]) by curly.eng.octel.com (8.6.12/8.6.12) with ESMTP id MAA03261 for ; Thu, 9 Jul 1998 12:27:17 -0700 Received: from ex-ons0.ons.octel.com (exchange [155.184.13.159]) by buzz.ons.octel.com (8.8.6/8.8.6) with ESMTP id OAA15123 for ; Thu, 9 Jul 1998 14:27:14 -0500 (CDT) Received: by exchange.ons.octel.com with Internet Mail Service (5.5.1960.3) id <3MSRZHYD>; Thu, 9 Jul 1998 14:26:06 -0500 Message-ID: <6B57F36F4FF9D111B30A0008C7F4133711EC91@exdal1.ons.octel.com> From: "Vaudreuil, Greg M (Greg)" To: ietf-pop3ext@imc.org Subject: RE: [Off Topic] Need review for POP3 extension mechanism Date: Thu, 9 Jul 1998 14:24:39 -0500 X-Mailer: Internet Mail Service (5.5.1960.3) Sender: owner-ietf-pop3ext@imc.org Precedence: bulk I will take a look at this document. Maybe it was just me, but I do not recall having seen the last call announcement.... Greg V. > ---------- > From: Keith Moore[SMTP:moore@cs.utk.edu] > Reply To: ietf-pop3ext@imc.org > Sent: Wednesday, July 08, 1998 8:30 PM > To: drums@cs.utk.edu; ietf-smtp@imc.org > Cc: moore@cs.utk.edu; ietf-pop3ext@imc.org > Subject: [Off Topic] Need review for POP3 extension mechanism > > I apologize for an off-topic posting. > Please send replies to ietf-pop3ext@imc.org, not to the drums or ietf-smtp > lists. > > On May 18, a Last Call was issued on for document > draft-gellens-pop3ext-05.txt , > for Proposed Standard status. Nobody has commented on the document. I am > > reluctant to recommend that IESG approve this document without more > evidence > of support. > > So I'm asking for more review... > > Should the document be adopted as is? Does it need more wordsmithing? > Are all of these capabilities needed? > Are all of the capabilities defined with sufficient precision? > > Should the document be standards track or should it be Informational or > Experimental? > > Should the extension mechanism be separated from (and perhaps a different > status from) the extensions themselves? > > If the document is approved for Proposed, should all of the proposed > extensions > be included? Or should some of the extensions be moved to a separate > Informational or Experimental? Which ones? > > In the absence of more community input, my recommendation would be to > direct > the authors to remove all of the capabilities from this document, except > those > which are already defined in standards-track documents. Additional > capabilities > could be defined in a separate experimental or informational RFC. > > thanks! > > Keith Moore > APPS co-AD > From owner-ietf-pop3ext Thu Jul 9 14:51:42 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA13882 for ietf-pop3ext-bks; Thu, 9 Jul 1998 14:51:42 -0700 (PDT) Received: from houdini.qualcomm.com (houdini.qualcomm.com [129.46.2.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA13878 for ; Thu, 9 Jul 1998 14:51:41 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by houdini.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id OAA12736 for ; Thu, 9 Jul 1998 14:51:12 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <199807090130.VAA28119@spot.cs.utk.edu> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Thu, 9 Jul 1998 14:38:50 -0700 To: ietf-pop3ext@imc.org From: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk In addition to Chris' response, I'd like to add that the document has gone through some pretty major feature cuts, in response to comments on this list, in private email, and in person at IETF meetings. Every capability or response code which was at all controversial was removed, and the language of the extension mechanism itself was tightened up a lot. Of course, I welcome additional review, but I think this is ready for Proposed. From owner-ietf-pop3ext Fri Jul 10 04:05:17 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id EAA03520 for ietf-pop3ext-bks; Fri, 10 Jul 1998 04:05:17 -0700 (PDT) Received: from doom.qualcomm.co.nz (doom.qualcomm.co.nz [203.97.157.3]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id EAA03515 for ; Fri, 10 Jul 1998 04:05:05 -0700 (PDT) Received: from [203.97.157.3] (203.97.157.3) by doom.qualcomm.co.nz with ESMTP (Eudora Internet Mail Server 2.2b1); Fri, 10 Jul 1998 23:05:20 +1200 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: glenn@mail.qualcomm.co.nz Message-Id: In-Reply-To: <199807090130.VAA28119@spot.cs.utk.edu> Date: Fri, 10 Jul 1998 23:05:10 +1200 To: ietf-pop3ext@imc.org From: Glenn Anderson Subject: Re: [Off Topic] Need review for POP3 extension mechanism Sender: owner-ietf-pop3ext@imc.org Precedence: bulk >Should the document be adopted as is? Does it need more wordsmithing? >Are all of these capabilities needed? I have already implemented CAPA to advertise support for TOP, USER, PIPELINING, EXPIRE, and UIDL in the server I work on. SASL and LOGIN-DELAY I can see the use of, but IMPLEMENTATION is not something I personally would bother implementing. >Are all of the capabilities defined with sufficient precision? I found the definitions more than sufficient. >Should the document be standards track or should it be Informational or >Experimental? I would like to see it be standards track. I think this is no longer experimental, and would benefit from later review in the standards track process, rather than being a one off informational. >Should the extension mechanism be separated from (and perhaps a different >status from) the extensions themselves? > >If the document is approved for Proposed, should all of the proposed >extensions >be included? Or should some of the extensions be moved to a separate >Informational or Experimental? Which ones? > >In the absence of more community input, my recommendation would be to direct >the authors to remove all of the capabilities from this document, except >those >which are already defined in standards-track documents. Additional >capabilities >could be defined in a separate experimental or informational RFC. The extensions that are not already defined in standards-track documents (LOGIN-DELAY and PIPELINING with POP3) and the extended POP3 response codes deal with current practices or issues, so I think they should stay. Glenn. From owner-ietf-pop3ext Fri Jul 10 07:38:14 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA05080 for ietf-pop3ext-bks; Fri, 10 Jul 1998 07:38:14 -0700 (PDT) Received: from rembrandt.esys.ca (0@rembrandt.esys.ca [198.161.92.18]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id HAA05076 for ; Fri, 10 Jul 1998 07:38:13 -0700 (PDT) Received: from gallileo.esys.ca (gallileo.esys.ca [198.161.92.85]) by rembrandt.esys.ca (2.0.4-beta-1/SMS 2.0.4-beta-1) with ESMTP id IAA13965 for ; Fri, 10 Jul 1998 08:38:20 -0600 From: Steve Hole Date: Fri, 10 Jul 1998 08:37:05 -0600 To: ietf-pop3ext@imc.org Subject: Re: [Off Topic] Need review for POP3 extension mechanism In-Reply-To: <199807090130.VAA28119@spot.cs.utk.edu> References: <199807090130.VAA28119@spot.cs.utk.edu> Message-ID: X-Mailer: Simeon for Win32 Version Mercury a9 Build (12) MIME-Version: 1.0 Content-Type: Text/PLAIN; CHARSET=US-ASCII Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On Wed, 08 Jul 1998 21:30:01 -0400 Keith Moore wrote: > Does it need more wordsmithing? The wording seems fine to me. Certainly good enough to implement against. > Are all of these capabilities needed? I think that you will find individuals that support all of the capabilities listed. I personally believe that most of them are useful, and many of them are indepensable. > Are all of the capabilities defined with sufficient precision? Yes. There are some conflicts though I think. See below on the discussion of the SASL support. > Should the document be standards track or should it be Informational or > Experimental? The document should definitely be standards track. Certain "optional" features like UIDL and TOP are unwieldly at best to implement without a capability probe. Perhaps it is because we were an IMAP4 mailer first (and therefore use to CAPABILITY), I *really* found I missed it in POP3. > Should the extension mechanism be separated from (and perhaps a different > status from) the extensions themselves? I don't know. If it wasn't late in the process, I would say that the capabilities that reflect policy behaviour should be outside; leaving only those capabilities that reflect optional standard behaviour ie. UIDL, TOP etc. I also wasn't sure about the AUTH capability support. It is a wonderful idea -- one that I am certainly used to in IMAP, ACAP, and SMTP AUTH. The only thing is that John's update to the POP3 AUTH extension defines a probe function (AUTH with no arguments) for listing available server mechanisms. Perhaps there has been discussion on removing the probe (going back to the RFC1734 behaviour) in favour of the capability response. As it is, there are two ways to get the same information. I'm not sure if this is a problem or not. I'm not sure which to implement in my client. > If the document is approved for Proposed, should all of the proposed extensions > be included? Or should some of the extensions be moved to a separate > Informational or Experimental? Which ones? Unless they are private extensions, they should not be informational. It does not make sense to me that you would even do an informational document for an extension that you expect to get interoperability between multiple implementors on. It would be wise to set the policy right up front that extensions go on the standards track, at least as experimental. They can always be punted later if nobody finds them interesting enough to implement and deploy. Cheers. --- Steve Hole The Esys Corporation Mailto:Steve.Hole@esys.ca Phone:403-424-4922 From owner-ietf-pop3ext Fri Jul 10 12:56:19 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA07242 for ietf-pop3ext-bks; Fri, 10 Jul 1998 12:56:19 -0700 (PDT) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA07238 for ; Fri, 10 Jul 1998 12:56:18 -0700 (PDT) Received: from elwood.innosoft.com ("port 35558"@ELWOOD.INNOSOFT.COM) by INNOSOFT.COM (PMDF V5.1-11 #U3049) with SMTP id <01IZ8IMUAEE099DSO5@INNOSOFT.COM> for ietf-pop3ext@imc.org; Fri, 10 Jul 1998 12:56:09 PDT Date: Fri, 10 Jul 1998 12:57:26 -0700 (PDT) From: Chris Newman Subject: Re: [Off Topic] Need review for POP3 extension mechanism In-reply-to: To: Steve Hole Cc: ietf-pop3ext@imc.org Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Originator-Info: login-id=chris; server=THOR.INNOSOFT.COM Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On Fri, 10 Jul 1998, Steve Hole wrote: > I also wasn't sure about the AUTH capability support. It is a wonderful > idea -- one that I am certainly used to in IMAP, ACAP, and SMTP AUTH. The > only thing is that John's update to the POP3 AUTH extension defines a probe > function (AUTH with no arguments) for listing available server mechanisms. > Perhaps there has been discussion on removing the probe (going back to the > RFC1734 behaviour) in favour of the capability response. As it is, there > are two ways to get the same information. I'm not sure if this is a problem > or not. I'm not sure which to implement in my client. There was a long discussion on this issue a few months ago which I believe came to the rough concensus that most would prefer a slow migration to the capability list, so that clients only have to do one kind of feature probe. The current draft of the POP3 STARTTLS support requires that CAPA be implemented. That way, one doesn't have to probe for STARTTLS, then probe for SASL AUTH mechanisms, then probe for each optional command separately. As for what to do in a server or client, the server code I wrote does both the SASL list in the capabilities and the list in response to "AUTH" with no arguments in John's draft. That's not hard to do. On the client side, I'd suggest using AUTH with no arguments if you're using the non-standard LOGIN or NTLM mechanisms since I believe those were deployed by one vendor with whom some clients may wish to interoperate. Otherwise, I'd rely on the SASL capability response, presuming it doesn't get cut from this proposal. - Chris From owner-ietf-pop3ext Fri Jul 10 15:25:57 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA08358 for ietf-pop3ext-bks; Fri, 10 Jul 1998 15:25:57 -0700 (PDT) Received: from dragon (ppp1215.glas.apc.org [194.154.81.161]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA08352 for ; Fri, 10 Jul 1998 15:25:53 -0700 (PDT) Received: FROM demo.ru ([194.154.81.161]) BY dragon.cs.msu.su (Baikonur Mail Server) WITH ESMTP; 11 Jul 1998 02:27:16 +0300 Message-ID: <35A69543.42E82E0B@demo.ru> Date: Sat, 11 Jul 1998 02:27:16 +0400 From: Alexey Melnikov Organization: Epsylon Technologies X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: Re: [Off Topic] Need review for POP3 extension mechanism References: <199807090130.VAA28119@spot.cs.utk.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Sorry for delay. I forgot about Last Call, my fault. Keith Moore wrote: > I apologize for an off-topic posting. > Please send replies to ietf-pop3ext@imc.org, not to the drums or ietf-smtp lists. > > On May 18, a Last Call was issued on for document draft-gellens-pop3ext-05.txt , > for Proposed Standard status. Nobody has commented on the document. I am > reluctant to recommend that IESG approve this document without more evidence > of support. > > So I'm asking for more review... > > Should the document be adopted as is? Does it need more wordsmithing? May be only only few comments/questions... Section 6.3 Discussion: [skipped]. The SASL capability indicates that the AUTH command is available and that it supports an optional base64 encoded second argument for an initial client response as described in the SASL specification. Why outline the existence of the second base64-encoded parameters? Are you trying to correct AUTH RFC? Section 6.4 Standard commands affected: USER APOP AUTH Discussion: The LOGIN-DELAY capability includes an integer argument which indicates the number of seconds after an "+OK" response to a PASS, APOP, or AUTH command before another authentication will be accepted. Clients which permit the user May be I have paranoia, but PASS command is affected by LOGIN-DELAY also. Section 8.1 LOGIN-DELAY This occurs on an -ERR response to an AUTH, USER, PASS or APOP command and indicates that the user has logged in recently and will not be allowed to login again until the login delay period has expired. I don't like servers that says "-ERR user not known" to USER command. I think that LOGIN-DELAY response to USER command may server as a hint for attack on server. I propose to forbid server answer "-ERR [LOGIN-DELAY n]" to the USER command. Last question : why authors decided to change syntax for IMPLEMENTATION from IMPLEMENTATION "Shlemazle Plotz v302" to IMPLEMENTATION Shlemazle-Plotz-v302 > Are all of these capabilities needed? Yes, because client should know about their existence to operate correctly with different servers and to provide with service. > Are all of the capabilities defined with sufficient precision? I think that descriptions are precise enough. > Should the document be standards track or should it be Informational or > Experimental? I would like to see it on Standard track, to insure interoperability (as other list members wrote). > Should the extension mechanism be separated from (and perhaps a different > status from) the extensions themselves? I agree with Chris Newman. So nothing else I can add. Chris Newman wrote: > > Are all of these capabilities needed? > > All of the capabilities (with the exception of IMPLEMENTATION) reflect > functional variations in deployed POP servers which would function more > smoothly if the client knew about them. So I'd say yes. I agree. About IMPLEMENTATION : to be frank IMPLEMENTATION servers for logging/debugging purposes only. I don't see other use. IMPLEMENTATION requires 1 line of code to implement, so I think we don't need to discuss it. Best regards, Alexey Melnikov ------------------------------------------ SMTP/POP3/IMAP4/ACAP servers creation team "ACAP Explorer" client Imap Development Kit (my own product) Epsylon Technologies, Russia http://www.demo.ru ------------------------------------------ P.S. I've implemented in my server TOP, USER, PIPELINING, EXPIRE, UIDL and IMPLEMENTATION. And I have plans to implement SASL (CRAM-MD5) and LOGIN-DELAY as well. Has anybody client that support current draft? (Or I have to write it myself :-)) From owner-ietf-pop3ext Fri Jul 10 16:32:53 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA09370 for ietf-pop3ext-bks; Fri, 10 Jul 1998 16:32:53 -0700 (PDT) Received: from frobozz.qualcomm.com (frobozz.qualcomm.com [129.46.174.26]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA09366 for ; Fri, 10 Jul 1998 16:32:51 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by frobozz.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id QAA11701; Fri, 10 Jul 1998 16:32:27 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <35A69543.42E82E0B@demo.ru> References: <199807090130.VAA28119@spot.cs.utk.edu> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Fri, 10 Jul 1998 16:29:02 -0700 To: Alexey Melnikov From: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: ietf-pop3ext@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Thanks for your comments, Alexey. At 3:27 PM -0700 7/10/98, Alexey Melnikov wrote: >PASS command is affected by LOGIN-DELAY also. Yes, this is a (minor) error and should be fixed. >I think that LOGIN-DELAY response to USER command may server as a >hint for attack on server. I propose to forbid server answer "-ERR >[LOGIN-DELAY n]" to the USER command. It would be good to add text suggesting that servers not send LOGIN-DELAY in response to a USER command, and noting why, but I'm not sure we need to forbid it. >Last question : why authors decided to change syntax for IMPLEMENTATION from >IMPLEMENTATION "Shlemazle Plotz v302" >to >IMPLEMENTATION Shlemazle-Plotz-v302 The POP protocol doesn't have the concept of a quoted string; responses are a series of space-delimited tokens. The IMPLEMENTATION capability was corrected to reflect this, and text was added to point out that if the parameter is supposed to be a single token, to make sure there are no embedded spaces. (Of course, since IMPLEMENTATION is only for logging, it doesn't really matter.) I don't think these corrections are serious enough for a new version of the draft and a new last call; they may be minor enough for the RFC editor to make, as provided for, or they can be corrected later. From owner-ietf-pop3ext Sun Jul 12 02:37:29 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id CAA17766 for ietf-pop3ext-bks; Sun, 12 Jul 1998 02:37:29 -0700 (PDT) Received: from info.dsv.su.se (info.dsv.su.se [130.237.161.221]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id CAA17752; Sun, 12 Jul 1998 02:36:43 -0700 (PDT) Received: from [130.237.150.138] (jph1.dsv.su.se [130.237.150.138]) by info.dsv.su.se (8.8.8/8.8.8) with ESMTP id LAA09126; Sun, 12 Jul 1998 11:37:02 +0200 (MET DST) X-Sender: jpalme@mail.dsv.su.se (Unverified) Message-Id: In-Reply-To: <199807090130.VAA28119@spot.cs.utk.edu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Sun, 12 Jul 1998 11:35:46 +0200 To: ietf-pop3ext@imc.org, IETF mail extensions mailing list From: Jacob Palme Subject: Re: [Off Topic] Need review for POP3 extension mechanism Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 03.30 +0200 98-07-09, Keith Moore wrote: > On May 18, a Last Call was issued on for document >draft-gellens-pop3ext-05.txt , > for Proposed Standard status. Nobody has commented on the document. I am > reluctant to recommend that IESG approve this document without more evidence > of support. I have read the document and have some comments. I am not a POP expert and have no personal experience of implementing POP. I suggest that at the end of the description of each capability is added a new subheader "Specified in". For those capabilities which have been described in other IETF standards, this subheader should give an explicit reference to this standard. For thos capabilities, which have not been described in other IETF standards, this subheader could contain the phrase "This standard". Chapter 4, second paragraph, I suggest add information of whether CRLF is included in these 255 octets or not. The way I understand the specification, two new interactions between clients and server are needed, started with the CAPA command, one before authorization and one afterwards. Interactions usually incur delays. Is this really necessary? One might compare with the EHLO command in SMTP, which does not incur any additional interactions, since it replaces the HELO interaction. USER capability: "although they may not be available to all users": I suggest this is specified more clearly. To which users are they available and not available? My guess, from reading the text, is that users are split into three categories: (a) Users who may issue USER and PASS (b) Users who may not issue USER and PASS, but which can use some kind of mechanism for general retrieval of public messages (c) Users who may not use this POP server at all The above is only my guess, the standard should specify what it means! PIPELINING capability: Keith has indicated that maybe the new capabilities should not be described here but in a separate document. I have no general comment on this, but I think the PIPELINING capability is important, and do not want any delay in making it into a standard. EXPIRE capability: Days after what? Days after the arrival of the message into the POP mailbox? Days after last user connection to the POP server? Chapter 7: "Clients MUST NOT require the precense of any extension for basic functionality". I do not like this at all. Certainly, it should be permitted for a company to supply its users with clients which will refuse to work without requiring authorization! Such clients would increase security against certain kinds of attacks, and it is unreasonable that such clients are forbidden. Chapter 9: "IANA considerations". Any specification of new IANA registries must contain more information, such as the procedure for IANA to employ in accepting new items into the registry. See "draft-iesg-iana-considerations-04.txt". I am not a member of the ietf-pop3ext@imc.org, so please copy any replies to this message, which I should see, either to me personally or to the mailext@imc.org mailing list. (It is reasonable that discussion in the final stage of IESG approval of a new standard is widened to a more general ist, like the mailext list. Since the mailext IETF wg stopped operation, discussion in that list will not cause problem to ongoing standards work in the same list.) ------------------------------------------------------------------------ Jacob Palme (Stockholm University and KTH) for more info see URL: http://www.dsv.su.se/~jpalme Temporary summer phone No. +46-8-664 77 48 not +46-8-16 16 67 From owner-ietf-pop3ext Mon Jul 13 08:08:55 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA12051 for ietf-pop3ext-bks; Mon, 13 Jul 1998 08:08:55 -0700 (PDT) Received: from dragon (ppp1550.glas.apc.org [195.218.251.38]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id IAA12047 for ; Mon, 13 Jul 1998 08:08:46 -0700 (PDT) Received: FROM demo.ru ([127.0.0.1]) BY dragon.cs.msu.su (Baikonur Mail Server) WITH ESMTP; 13 Jul 1998 18:58:16 +0300 Message-ID: <35AA2088.31FD8511@demo.ru> Date: Mon, 13 Jul 1998 18:58:16 +0400 From: Alexey Melnikov Organization: Epsylon Technologies X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: Randall Gellens CC: ietf-pop3ext@imc.org Subject: Re: [Off Topic] Need review for POP3 extension mechanism References: <199807090130.VAA28119@spot.cs.utk.edu> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Randall Gellens wrote: > Thanks for your comments, Alexey. > > At 3:27 PM -0700 7/10/98, Alexey Melnikov wrote: > > >PASS command is affected by LOGIN-DELAY also. > > Yes, this is a (minor) error and should be fixed. > > >I think that LOGIN-DELAY response to USER command may server as a > >hint for attack on server. I propose to forbid server answer "-ERR > >[LOGIN-DELAY n]" to the USER command. > > It would be good to add text suggesting that servers not send > LOGIN-DELAY in response to a USER command, and noting why, but I'm not > sure we need to forbid it. I think it is acceptable. > >Last question : why authors decided to change syntax for IMPLEMENTATION from > >IMPLEMENTATION "Shlemazle Plotz v302" > >to > >IMPLEMENTATION Shlemazle-Plotz-v302 > > The POP protocol doesn't have the concept of a quoted string; responses > are a series of space-delimited tokens. The IMPLEMENTATION capability > was corrected to reflect this, and text was added to point out that if > the parameter is supposed to be a single token, to make sure there are > no embedded spaces. (Of course, since IMPLEMENTATION is only for > logging, it doesn't really matter.) > > I don't think these corrections are serious enough for a new version of > the draft and a new last call; they may be minor enough for the RFC > editor to make, as provided for, or they can be corrected later. I agree, no need for a new version of the draft. Personally - I would like to see "Pop3 extension" draft as standard as soon as possible. Regards, Alexey Melnikov ------------------------------------------ SMTP/POP3/IMAP4/ACAP servers creation team "ACAP Explorer" client Imap Development Kit (my own product) Epsylon Technologies, Russia http://www.demo.ru ------------------------------------------ From owner-ietf-pop3ext Mon Jul 13 09:50:59 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA12777 for ietf-pop3ext-bks; Mon, 13 Jul 1998 09:50:59 -0700 (PDT) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA12773; Mon, 13 Jul 1998 09:50:58 -0700 (PDT) Received: from elwood.innosoft.com ("port 37814"@ELWOOD.INNOSOFT.COM) by INNOSOFT.COM (PMDF V5.1-11 #U3049) with SMTP id <01IZCJ1NBOEQ99DUJH@INNOSOFT.COM>; Mon, 13 Jul 1998 09:51:16 PDT Date: Mon, 13 Jul 1998 09:52:32 -0700 (PDT) From: Chris Newman Subject: Re: [Off Topic] Need review for POP3 extension mechanism In-reply-to: To: Jacob Palme Cc: ietf-pop3ext@imc.org, IETF mail extensions mailing list Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Originator-Info: login-id=chris; server=THOR.INNOSOFT.COM Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On Sun, 12 Jul 1998, Jacob Palme wrote: > I suggest that at the end of the description of each > capability is added a new subheader "Specified in". For > those capabilities which have been described in other IETF > standards, this subheader should give an explicit reference > to this standard. For thos capabilities, which have not > been described in other IETF standards, this subheader > could contain the phrase "This standard". That's a reasonable suggestion. If Randy does "a revision reflecting comments received during last call", then this would be useful. > Chapter 4, second paragraph, I suggest add information of > whether CRLF is included in these 255 octets or not. Good point. > The way I understand the specification, two new > interactions between clients and server are needed, started > with the CAPA command, one before authorization and one > afterwards. Interactions usually incur delays. Is this > really necessary? One might compare with the EHLO command > in SMTP, which does not incur any additional interactions, > since it replaces the HELO interaction. A reasonable issue. But realize there is no equivalent to HELO in POP3. The only other place to put the capability list would be in the greeting line which is already overloaded with the APOP challenge. On the other hand, without the CAPA command, one would have to do an extra round-trip to probe for each capability one wanted to use. If we add TLS to POP3, that would be up to two round-trips before login and four afterwards. Knocking that down to one before and one afterwards is an improvement, and with piplining, the round-trip after login can be eliminated -- with the result of this being no more expensive than ESMTP EHLO. I think you've just made a good argument for why this should be standardized :-) > USER capability: "although they may not be available to all > users": I suggest this is specified more clearly. To which > users are they available and not available? My guess, from > reading the text, is that users are split into three > categories: > > (a) Users who may issue USER and PASS > > (c) Users who may not use this POP server at all > > The above is only my guess, the standard should specify > what it means! It's an issue of security policy. A site may determine that some subset of users aren't allowed to use clear text passwords and have to use APOP or AUTH instead. I don't think the current wording is particularly troublesome, there are several reasonable interopretations none of which result in an interoperability problem. > (b) Users who may not issue USER and PASS, but which can > use some kind of mechanism for general retrieval of public > messages FYI, POP3 has no such mechanism and probably never will given that's an IMAP feature. > EXPIRE capability: Days after what? Days after the arrival > of the message into the POP mailbox? Days after last user > connection to the POP server? Since it says "indicates the minimum server retention period, in days, for messages on the server", that would mean EXPIRE is: min(days after arrival, days after retrieval) which the example describes in some detail. There was a lot of discussion behind EXPIRE, and trying to express server policy with more precision simply results in too much complexity. EXPIRE has just enough information for a client to know what it has to do (0 = disallow "leave mail on server", NEVER = "leave mail on server" is fine, something else = consult user about leave mail on server). > Chapter 7: "Clients MUST NOT require the precense of any > extension for basic functionality". I do not like this at > all. Certainly, it should be permitted for a company to > supply its users with clients which will refuse to work > without requiring authorization! Such clients would > increase security against certain kinds of attacks, and it > is unreasonable that such clients are forbidden. Good point. POP3 is a strange beast since there is no mandatory-to-implement authentication mechanism (which makes clear text mandatory to implement implicitly), thus one has to require an authentication command to function since anonymous POP3 is worthless. I propose: Clients MUST NOT require the presence of any extension or optional feature for basic functionality, with the exception of the authentication commands (APOP, AUTH and USER/PASS). > Chapter 9: "IANA considerations". Any specification of new > IANA registries must contain more information, such as the > procedure for IANA to employ in accepting new items into > the registry. See "draft-iesg-iana-considerations-04.txt". It already identifies the procedure as "IESG approval" for POP3 capabilities and "Specification Required" for response codes. What more is necessary? We certainly can't make a normative reference to an Internet draft. - Chris From owner-ietf-pop3ext Mon Jul 13 15:22:52 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA15464 for ietf-pop3ext-bks; Mon, 13 Jul 1998 15:22:52 -0700 (PDT) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA15460 for ; Mon, 13 Jul 1998 15:22:51 -0700 (PDT) Received: from [129.46.137.174] (llundblade-mac.qualcomm.com [129.46.137.174]) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id PAA15036; Mon, 13 Jul 1998 15:22:45 -0700 (PDT) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: lgl@randy-nt4.qualcomm.com Message-Id: In-Reply-To: References: <199807090130.VAA28119@spot.cs.utk.edu> <199807090130.VAA28119@spot.cs.utk.edu> Date: Mon, 13 Jul 1998 15:17:04 -0700 To: ietf-pop3ext@imc.org, Keith Moore From: Laurence Lundblade Subject: Re: [Off Topic] Need review for POP3 extension mechanism Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 8:37 AM -0600 7/10/98, Steve Hole wrote: > >The document should definitely be standards track. Certain "optional" >features like UIDL and TOP are unwieldly at best to implement without a >capability probe. Perhaps it is because we were an IMAP4 mailer first >(and therefore use to CAPABILITY), I *really* found I missed it in POP3. > If some one needs a concrete reason why probing is a problem, here's one: If you do a TOP command and you get back -ERR you don't know if that paritcular TOP command failed because the message wasn't available, or because the TOP command isn't implemented. LL From owner-ietf-pop3ext Mon Jul 13 15:23:54 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA15480 for ietf-pop3ext-bks; Mon, 13 Jul 1998 15:23:54 -0700 (PDT) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA15469; Mon, 13 Jul 1998 15:23:26 -0700 (PDT) Received: from [129.46.137.174] (llundblade-mac.qualcomm.com [129.46.137.174]) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id PAA15020; Mon, 13 Jul 1998 15:22:41 -0700 (PDT) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: lgl@randy-nt4.qualcomm.com Message-Id: In-Reply-To: References: <199807090130.VAA28119@spot.cs.utk.edu> Date: Mon, 13 Jul 1998 15:09:37 -0700 To: Jacob Palme From: Laurence Lundblade Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: ietf-pop3ext@imc.org, IETF mail extensions mailing list Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 11:35 AM +0200 7/12/98, Jacob Palme wrote: > >The way I understand the specification, two new >interactions between clients and server are needed, started >with the CAPA command, one before authorization and one >afterwards. Interactions usually incur delays. Is this >really necessary? One might compare with the EHLO command >in SMTP, which does not incur any additional interactions, >since it replaces the HELO interaction. > In addition to Chris's comment, two CAPA commands are not always needed. You only need two if the extension you're interested in is documented to possibly occur after authorization. LL From owner-ietf-pop3ext Wed Jul 15 17:34:23 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA25398 for ietf-pop3ext-bks; Wed, 15 Jul 1998 17:34:23 -0700 (PDT) Received: from houdini.qualcomm.com (houdini.qualcomm.com [129.46.2.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id RAA25394 for ; Wed, 15 Jul 1998 17:34:21 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by houdini.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id RAA29230; Wed, 15 Jul 1998 17:33:57 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <199807090130.VAA28119@spot.cs.utk.edu> <199807090130.VAA28119@spot.cs.utk.edu> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Wed, 15 Jul 1998 17:32:43 -0700 To: Steve Hole From: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: ietf-pop3ext@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 7:37 AM -0700 7/10/98, Steve Hole wrote: >I also wasn't sure about the AUTH capability support. It is a wonderful >idea -- one that I am certainly used to in IMAP, ACAP, and SMTP AUTH. The >only thing is that John's update to the POP3 AUTH extension defines a probe >function (AUTH with no arguments) for listing available server mechanisms. >Perhaps there has been discussion on removing the probe (going back to the >RFC1734 behaviour) in favour of the capability response. As it is, there >are two ways to get the same information. I'm not sure if this is a problem >or not. I'm not sure which to implement in my client. This issue came up in discussions on John's draft, and the general consensus (as I recall it) was that new clients should only implement the CAPA mechanism, and new servers should implement both, so that they support both new CAPA clients and any clients which have already implemented the empty-AUTH mechanism. From owner-ietf-pop3ext Wed Jul 15 18:21:07 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA25678 for ietf-pop3ext-bks; Wed, 15 Jul 1998 18:21:07 -0700 (PDT) Received: from mail.hethmon.com (mail.hethmon.com [208.147.156.6]) by mail.proper.com (8.8.8/8.8.5) with SMTP id SAA25674 for ; Wed, 15 Jul 1998 18:21:05 -0700 (PDT) Received: from mail.hethmon.com (mail.hethmon.com [208.147.156.6] ) by mail.hethmon.com (Hethmon Brothers Smtpd) ; Wed, 15 Jul 1998 21:25:32 -0400 Message-Id: <199807152125.3235110.6@mail.hethmon.com> Received: from sambo.hethmon.com by mail.hethmon.com (Hethmon Brothers Pop3d) ; Wed, 15 Jul 1998 21:25:31 -0400 To: ietf-pop3ext@imc.org X-Mailer: Post Road Mailer for OS/2 (Green Edition Ver 3.0) Date: Wed, 15 Jul 1998 21:21:32 -0400 From: Paul Hethmon Reply-To: Paul Hethmon Subject: Re: [Off Topic] Need review for POP3 extension mechanism Sender: owner-ietf-pop3ext@imc.org Precedence: bulk ** Reply to note from Keith Moore Wed, 08 Jul 1998 21:30:01 -0400 Here are my thoughts: > On May 18, a Last Call was issued on for document draft-gellens-pop3ext-05.txt , > for Proposed Standard status. Nobody has commented on the document. I am > reluctant to recommend that IESG approve this document without more evidence > of support. > > So I'm asking for more review... > > Should the document be adopted as is? Does it need more wordsmithing? A quick reading didn't leave me any questions about it. It seemed to be easily comprehended. > Are all of these capabilities needed? I can see use for it to a certain extent. I haven't had many requests from my customers for extensions and/or capabilities of this nature though I already support all of the 1939 optional commands. > Are all of the capabilities defined with sufficient precision? Yes. > Should the document be standards track or should it be Informational or > Experimental? If it's going to be anything, it should be standards track. With standard status, it's dead at the starting gate. I would likely implement it if it went Informational, not likely if Experimental. > Should the extension mechanism be separated from (and perhaps a different > status from) the extensions themselves? No. I'd leave them in. I see the extensions as not quite extensions to the protocol but more refinements. As the document said, it's not the intent to turn POP3 into IMAP. In this light, it would be better for implementors to have the gathered into one spot. TOP, USER, and UIDL are already in 1939, so no need to separate them out. SASL is in 2222 so it's documented. The other commands are more of an informational nature than operational. Defining them here seems a good thing in that we shouldn't expect many if any further extensions to POP3. > If the document is approved for Proposed, should all of the proposed extensions > be included? Or should some of the extensions be moved to a separate > Informational or Experimental? Which ones? I would keep them together and in the standards track. > In the absence of more community input, my recommendation would be to direct > the authors to remove all of the capabilities from this document, except those > which are already defined in standards-track documents. Additional capabilities > could be defined in a separate experimental or informational RFC. Paul ------------------------------------------------------------------------- Paul Hethmon phethmon@hethmon.com Inet.Mail Internet Mail Server http://www.hethmon.com ------------------------------------------------------------------------- Author "Illustrated Guide to HTTP" http://www.manning.com/Hethmon?882 ------------------------------------------------------------------------- Warpstock -- Tune In! & Warp Out! -- http://www.warpstock.org cc: Keith Moore From owner-ietf-pop3ext Thu Jul 16 07:05:54 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA10146 for ietf-pop3ext-bks; Thu, 16 Jul 1998 07:05:54 -0700 (PDT) Received: from monet.esys.ca (monet.esys.ca [198.161.92.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id HAA10142 for ; Thu, 16 Jul 1998 07:05:53 -0700 (PDT) Received: from gallileo.esys.ca (gallileo.esys.ca [198.161.92.85]) by monet.esys.ca (2.0.4-beta-2/SMS 2.0.4-devel) with ESMTP id IAA27304; Thu, 16 Jul 1998 08:05:47 -0600 (MDT) Message-Id: <199807161405.IAA27304@monet.esys.ca> From: Steve Hole Date: Thu, 16 Jul 1998 08:04:25 -0600 To: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: ietf-pop3ext@imc.org In-Reply-To: References: <199807090130.VAA28119@spot.cs.utk.edu> <199807090130.VAA28119@spot.cs.utk.edu> Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Message-ID: Priority: NORMAL X-Mailer: Simeon for Win32 Version Mercury a9 Build (12) MIME-Version: 1.0 Content-Type: Multipart/signed; BOUNDARY=Part9807160804.F; protocol="application/pgp-signature"; micalg=pgp-sha1 --Part9807160804.F Content-Type: Text/PLAIN; CHARSET=US-ASCII On Wed, 15 Jul 1998 17:32:43 -0700 Randall Gellens wrote: > At 7:37 AM -0700 7/10/98, Steve Hole wrote: > > >I also wasn't sure about the AUTH capability support. It is a wonderful > >idea -- one that I am certainly used to in IMAP, ACAP, and SMTP AUTH. The > >only thing is that John's update to the POP3 AUTH extension defines a probe > >function (AUTH with no arguments) for listing available server mechanisms. > >Perhaps there has been discussion on removing the probe (going back to the > >RFC1734 behaviour) in favour of the capability response. As it is, there > >are two ways to get the same information. I'm not sure if this is a problem > >or not. I'm not sure which to implement in my client. > > This issue came up in discussions on John's draft, and the general > consensus (as I recall it) was that new clients should only implement > the CAPA mechanism, and new servers should implement both, so that they > support both new CAPA clients and any clients which have already > implemented the empty-AUTH mechanism. Hmm ... that works as long as all servers that support AUTH also support CAPA. I presume that it was the concensus of the group that there were no servers that supported AUTH without supporting CAPA as well. I do know that the current Cyrus server release supports AUTH but not CAPA. That's why I raised the issue. I have implemented both in the client and do the probe because I know of at least one deployed POP3 server that does it. I think that we need to pick one way or the other and make both documents agree on the choice. There can't be that many implementations yet. This would force any server implementations of AUTH to do the right thing (yet to be defined). As long as both go to Proposed in agreement, we should be able to get consistent implementations. Am I worrying over nothing? What other implementations, client or server, are their of AUTH and/or CAPA? Cheers. --- Steve Hole The Esys Corporation Mailto:Steve.Hole@esys.ca Phone:403-424-4922 --Part9807160804.F Content-Type: Application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.1.1 (C) 1997 Pretty Good Privacy, Inc. (Diffie-Helman/DSS-only version) iQA/AwUBNa4Iati5Jj9Fn5KMEQL85ACgxq0Kg7FKaxRHQVH79a92+YX3/BMAn1CG CZUtzdF0PLy4SVdKuMKsQYK0 =/6hC -----END PGP SIGNATURE----- --Part9807160804.F-- From owner-ietf-pop3ext Thu Jul 16 10:26:29 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA11933 for ietf-pop3ext-bks; Thu, 16 Jul 1998 10:26:29 -0700 (PDT) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA11929 for ; Thu, 16 Jul 1998 10:26:27 -0700 (PDT) Received: from [129.46.137.174] (llundblade-mac.qualcomm.com [129.46.137.174]) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id KAA12008; Thu, 16 Jul 1998 10:26:03 -0700 (PDT) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: lgl@randy-nt4.qualcomm.com Message-Id: In-Reply-To: References: <199807090130.VAA28119@spot.cs.utk.edu> <199807090130.VAA28119@spot.cs.utk.edu> Date: Thu, 16 Jul 1998 10:04:41 -0700 To: Randall Gellens From: Laurence Lundblade Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: Steve Hole , ietf-pop3ext@imc.org Sender: owner-ietf-pop3ext@imc.org Precedence: bulk What Randy says below was my recollection too, but Steve has pointed out a problem with this. Seems as long as there are clients that support only AUTH and servers that support only AUTH we'll have to continue to implement both AUTH and CAPA probing in both clients and servers for a while. (All the more reason to get this on the standards track :-) Implementing both for the servers is dead simple trivial. The client is a little more work and introduces an additional RTT if CAPA fails, but I don't think there are any major difficulties. There are far far worse attrocities in standards these days, and I don't think there's anything we can do about it anyway. LL At 5:32 PM -0700 7/15/98, Randall Gellens wrote: >At 7:37 AM -0700 7/10/98, Steve Hole wrote: > >>I also wasn't sure about the AUTH capability support. It is a wonderful >>idea -- one that I am certainly used to in IMAP, ACAP, and SMTP AUTH. The >>only thing is that John's update to the POP3 AUTH extension defines a probe >>function (AUTH with no arguments) for listing available server mechanisms. >>Perhaps there has been discussion on removing the probe (going back to the >>RFC1734 behaviour) in favour of the capability response. As it is, there >>are two ways to get the same information. I'm not sure if this is a problem >>or not. I'm not sure which to implement in my client. > >This issue came up in discussions on John's draft, and the general >consensus (as I recall it) was that new clients should only implement >the CAPA mechanism, and new servers should implement both, so that they >support both new CAPA clients and any clients which have already >implemented the empty-AUTH mechanism. From owner-ietf-pop3ext Thu Jul 16 18:00:50 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA15577 for ietf-pop3ext-bks; Thu, 16 Jul 1998 18:00:50 -0700 (PDT) Received: from warlock.qualcomm.com (warlock.qualcomm.com [129.46.52.129]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA15573 for ; Thu, 16 Jul 1998 18:00:49 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by warlock.qualcomm.com (8.8.5/1.4/8.7.2/1.13) with ESMTP id RAA06358; Thu, 16 Jul 1998 17:58:20 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <199807090130.VAA28119@spot.cs.utk.edu> <199807090130.VAA28119@spot.cs.utk.edu> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Thu, 16 Jul 1998 17:54:32 -0700 To: Laurence Lundblade From: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: Randall Gellens , Steve Hole , ietf-pop3ext@imc.org, John Gardiner Myers Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk I apologize for the excessive quoting, but I added John Myers to the cc list and don't know if he's seen this thread or not. Since the POP Extensions draft references RFC 1734, which does not use the empty auth command as a probe, I don't think we need to say anything about that. I think John's update should include advice on supporting both CAPA and the empty auth command, in clients and servers, as Laurence suggests. At 10:04 AM -0700 7/16/98, Laurence Lundblade wrote: >What Randy says below was my recollection too, but Steve has pointed out a >problem with this. Seems as long as there are clients that support only >AUTH and servers that support only AUTH we'll have to continue to implement >both AUTH and CAPA probing in both clients and servers for a while. (All >the more reason to get this on the standards track :-) > >Implementing both for the servers is dead simple trivial. The client is a >little more work and introduces an additional RTT if CAPA fails, but I >don't think there are any major difficulties. There are far far worse >attrocities in standards these days, and I don't think there's anything we >can do about it anyway. > >LL > > >At 5:32 PM -0700 7/15/98, Randall Gellens wrote: >>At 7:37 AM -0700 7/10/98, Steve Hole wrote: >> >>>I also wasn't sure about the AUTH capability support. It is a wonderful >>>idea -- one that I am certainly used to in IMAP, ACAP, and SMTP AUTH. The >>>only thing is that John's update to the POP3 AUTH extension defines a probe >>>function (AUTH with no arguments) for listing available server mechanisms. >>>Perhaps there has been discussion on removing the probe (going back to the >>>RFC1734 behaviour) in favour of the capability response. As it is, there >>>are two ways to get the same information. I'm not sure if this is >>>a problem >>>or not. I'm not sure which to implement in my client. >> >>This issue came up in discussions on John's draft, and the general >>consensus (as I recall it) was that new clients should only implement >>the CAPA mechanism, and new servers should implement both, so that they >>support both new CAPA clients and any clients which have already >>implemented the empty-AUTH mechanism. -- Randall Gellens Opinions are personal; facts are suspect; I speak for myself only -------------- Randomly-selected tag: --------------- My friends, no matter how rough the road may be, we can and we will, never, never surrender to what is right --Vice President Dan Quayle, in a speech to the Christian Coalition From owner-ietf-pop3ext Thu Jul 16 18:14:57 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA15728 for ietf-pop3ext-bks; Thu, 16 Jul 1998 18:14:57 -0700 (PDT) Received: from houdini.qualcomm.com (houdini.qualcomm.com [129.46.2.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA15724 for ; Thu, 16 Jul 1998 18:14:54 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by houdini.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id SAA20686; Thu, 16 Jul 1998 18:14:55 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <35A69543.42E82E0B@demo.ru> References: <199807090130.VAA28119@spot.cs.utk.edu> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Thu, 16 Jul 1998 18:06:19 -0700 To: Alexey Melnikov From: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: ietf-pop3ext@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 3:27 PM -0700 7/10/98, Alexey Melnikov wrote: >Section 6.3 > > Discussion: > [skipped]. > The SASL capability indicates that the AUTH command is available and > that it supports an optional base64 encoded second argument for > an initial client response as described in the SASL > specification. > >Why outline the existence of the second base64-encoded parameters? Sorry, Alexey, I neglected to answer this in my previous reply. RFC 1734 doesn't specify an optional second parameter. RFC 2222 does mention it, but does not say it should be base64 encoded; it talks about binary tokens. Because POP is not a binary protocol, it makes sense to specify that the parameter (initial response) be base64 encoded. From owner-ietf-pop3ext Fri Jul 17 07:16:07 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA00990 for ietf-pop3ext-bks; Fri, 17 Jul 1998 07:16:07 -0700 (PDT) Received: from att.com (kcgw2.att.com [192.128.133.152]) by mail.proper.com (8.8.8/8.8.5) with SMTP id HAA00986 for ; Fri, 17 Jul 1998 07:16:06 -0700 (PDT) Received: by kcgw2.att.com; Fri Jul 17 08:48 CDT 1998 Received: from dns.maillennium.att.com (dns.maillennium.att.com [135.25.114.99]) by kcig2.att.att.com (AT&T/GW-1.0) with ESMTP id JAA08924 for ; Fri, 17 Jul 1998 09:08:17 -0500 (CDT) Received: from hansen.bl-els.att.com by maillennium.att.com (inetlab) with SMTP id <19980717140854un10478231e>; Fri, 17 Jul 1998 14:08:54 +0000 Message-ID: <35AF5B59.20984366@att.com> Date: Fri, 17 Jul 1998 10:10:33 -0400 From: Tony Hansen Organization: AT&T Laboratories X-Mailer: Mozilla 4.01 [en] (Win95; I) MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: any comments on draft-hansen-pop3-xtndext-00.txt? X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Any comments on draft-hansen-pop3-xtndext-00.txt? I've included the abstract below. It was published in June as part of work for the GRIP WG, but I forgot to mention it in the pop3ext mailing list. Tony Hansen, tony@att.com ==== 1. Abstract This Internet Draft describes some extensions to the Post Office Protocol [POP3] and are described here for historical purposes. The status of this Internet Draft will be Historic. [XTND] describes a mechanism to extend the POP3 protocol, called XTND. Two extensions which have been implemented on some server implementations are XTND XMIT and XTND XLST; this memo describes these exten- sions. New implementations of POP3 clients and servers are not expected to implement these extensions; other mechanisms should be used instead. For example, [SMTP] should be used instead of XTND XMIT for sending email. If authentication is needed for sending email, then the proposed [ESMTP] [AUTH] extension should be used. From owner-ietf-pop3ext Fri Jul 17 10:55:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA02691 for ietf-pop3ext-bks; Fri, 17 Jul 1998 10:55:48 -0700 (PDT) Received: from adept.qualcomm.com (adept.qualcomm.com [129.46.2.41]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA02687 for ; Fri, 17 Jul 1998 10:55:47 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by adept.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id KAA22595; Fri, 17 Jul 1998 10:56:01 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <35AF5B59.20984366@att.com> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Fri, 17 Jul 1998 10:54:31 -0700 To: Tony Hansen From: Randall Gellens Subject: Re: any comments on draft-hansen-pop3-xtndext-00.txt? Cc: ietf-pop3ext@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 7:10 AM -0700 7/17/98, Tony Hansen wrote: >Any comments on draft-hansen-pop3-xtndext-00.txt? It seems quite reasonable to me. My only comment would be on section 2: >recipients MUST NOT see a Bcc: header listing anyone > except possibly that recipient. My understanding is that it is an acceptable, but less common, implementation choice to allow Bcc recipients to see each other; that is, the message text sent to Bcc recipients MAY include a Bcc header listing all Bcc recipients. RFC 822 says: 4.5.3. BCC / RESENT-BCC This field contains the identity of additional recipients of the message. The contents of this field are not included in copies of the message sent to the primary and secondary reci- pients. Some systems may choose to include the text of the "Bcc" field only in the author(s)'s copy, while others may also include it in the text sent to all those indicated in the "Bcc" list. From owner-ietf-pop3ext Fri Jul 17 14:37:19 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA04214 for ietf-pop3ext-bks; Fri, 17 Jul 1998 14:37:19 -0700 (PDT) Received: from dragon (ppp1166.glas.apc.org [194.154.81.112]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA04210 for ; Fri, 17 Jul 1998 14:37:15 -0700 (PDT) Received: FROM demo.ru ([194.154.81.112]) BY dragon.cs.msu.su (Baikonur Mail Server) WITH ESMTP; 18 Jul 1998 01:38:04 +0300 Message-ID: <35AFC43C.28A91CAA@demo.ru> Date: Sat, 18 Jul 1998 01:38:04 +0400 From: Alexey Melnikov Organization: Epsylon Technologies X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: Re: [Off Topic] Need review for POP3 extension mechanism References: <199807090130.VAA28119@spot.cs.utk.edu> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Randall Gellens wrote: > At 3:27 PM -0700 7/10/98, Alexey Melnikov wrote: > > >Section 6.3 > > > > Discussion: > > [skipped]. > > The SASL capability indicates that the AUTH command is available and > > that it supports an optional base64 encoded second argument for > > an initial client response as described in the SASL > > specification. > > > >Why outline the existence of the second base64-encoded parameters? > > Sorry, Alexey, I neglected to answer this in my previous reply. > > RFC 1734 doesn't specify an optional second parameter. RFC 2222 does > mention it, but does not say it should be base64 encoded; it talks > about binary tokens. Because POP is not a binary protocol, it makes > sense to specify that the parameter (initial response) be base64 > encoded. I understand and agree. Nevertheless I think that updated (if any) version of RFC 1734 should mention this. Cheers, Alexey Melnikov ------------------------------------------ SMTP/POP3/IMAP4/ACAP servers creation team "ACAP Explorer" client Imap Development Kit (my own product) Epsylon Technologies, Russia http://www.demo.ru ------------------------------------------ From owner-ietf-pop3ext Fri Jul 17 16:04:53 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA04823 for ietf-pop3ext-bks; Fri, 17 Jul 1998 16:04:53 -0700 (PDT) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA04819 for ; Fri, 17 Jul 1998 16:04:52 -0700 (PDT) Received: from elwood.innosoft.com ("port 46160"@ELWOOD.INNOSOFT.COM) by INNOSOFT.COM (PMDF V5.1-11 #U3049) with SMTP id <01IZIH8TEWF699E0HA@INNOSOFT.COM> for ietf-pop3ext@imc.org; Fri, 17 Jul 1998 16:04:32 PDT Date: Fri, 17 Jul 1998 16:05:46 -0700 (PDT) From: Chris Newman Subject: Re: any comments on draft-hansen-pop3-xtndext-00.txt? In-reply-to: <35AF5B59.20984366@att.com> To: Tony Hansen Cc: ietf-pop3ext@imc.org Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Originator-Info: login-id=chris; server=THOR.INNOSOFT.COM Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On Fri, 17 Jul 1998, Tony Hansen wrote: > Any comments on draft-hansen-pop3-xtndext-00.txt? I've included the > abstract below. It was published in June as part of work for the GRIP > WG, but I forgot to mention it in the pop3ext mailing list. I just skimmed it. It would be worth mentioning that XTND XLST is obsoleted by the HEADER.FIELDS facility in IMAP4rev1 (RFC 2060). Also, I'd appreciate it if the document wasn't full justified and hypenated -- it makes plain text hard to read. If you're using nroff, try the ".ad l" and ".hy 0" options. Note that I still maintain it would be a mistake to publish this spec prior to the publication of the SMTP AUTH extension. Hopefully that won't be too long as SMTP AUTH has completed last call and is awaiting an IESG ruling. - Chris From owner-ietf-pop3ext Mon Jul 20 16:18:18 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA18415 for ietf-pop3ext-bks; Mon, 20 Jul 1998 16:18:18 -0700 (PDT) Received: from mysa.qualcomm.com (mysa.qualcomm.com [129.46.52.23]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA18411 for ; Mon, 20 Jul 1998 16:18:15 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by mysa.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id QAA03713; Mon, 20 Jul 1998 16:17:42 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <35AF5B59.20984366@att.com> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Mon, 20 Jul 1998 16:13:23 -0700 To: Chris Newman From: Randall Gellens Subject: Re: any comments on draft-hansen-pop3-xtndext-00.txt? Cc: Tony Hansen , ietf-pop3ext@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 4:05 PM -0700 7/17/98, Chris Newman wrote: >I just skimmed it. It would be worth mentioning that XTND XLST is >obsoleted by the HEADER.FIELDS facility in IMAP4rev1 (RFC 2060). I'm not sure "obsoleted by" is the right wording, since IMAP has not obsoleted POP; not yet anyway. Perhaps "XTND XLST was designed to provide functionality similar to that now available in IMAP4rev1 (RFC 2060) by the HEADER.FIELDS facility". >Note that I still maintain it would be a mistake to publish this spec >prior to the publication of the SMTP AUTH extension. Hopefully that won't >be too long as SMTP AUTH has completed last call and is awaiting an IESG >ruling. I agree; I'd prefer that this was held until SMTP AUTH (and maybe the Submit BCP) are out. From owner-ietf-pop3ext Tue Jul 21 21:17:50 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id VAA11175 for ietf-pop3ext-bks; Tue, 21 Jul 1998 21:17:50 -0700 (PDT) Received: from yuri.exchange.microsoft.com (yuri.exchange.microsoft.com [131.107.88.54]) by mail.proper.com (8.8.8/8.8.5) with SMTP id VAA11171; Tue, 21 Jul 1998 21:17:49 -0700 (PDT) Received: by yuri.exchange.microsoft.com with Internet Mail Service (5.5.2232.9) id ; Tue, 21 Jul 1998 21:18:24 -0700 Message-ID: <2FBF98FC7852CF11912A0000000000010B37E591@DINO> From: "Mike Gahrns (Exchange)" To: "'ietf-pop3ext@imc.org'" , drums@cs.utk.edu, ietf-smtp@imc.org Subject: RE: [Off Topic] Need review for POP3 extension mechanism Date: Tue, 21 Jul 1998 21:18:19 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2232.9) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BDB527.C46A0970" Sender: owner-ietf-pop3ext@imc.org Precedence: bulk This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BDB527.C46A0970 Content-Type: text/plain; charset="iso-8859-1" I apologize for such a late response, but i have been out of the office for the last few weeks. I agree with the others who view this as being a useful draft, and second the motion that it should go as proposed instead of informational or experimental. Although the list has not had a lot of dicussion on it, I know Randy has been discussing this with various people at venues like the ietf, so it has been getting review. My biggest concern was the former LMOS setting allowed for expiration settings to be based on the command used to acccess the msg, which Randy has addressed with the new EXPIRE setting. I do have one minor concern regarding the current wording of the EXPIRE setting. The draft states: "If the expiration policy might differ per user (that is, the EXPIRE argument might change after authentication), the server MUST announce in the AUTHENTICATION state the smallest value which might be used. The server should announce the more accurate value in the TRANSACTION state. It is unclear to me whether the intent of this is to force the server to keep track of the smallest setting a user currently has set, or if it is for the server to annouce the smallest value that an administrator could conceivably set for a particular user. If the intent is the former, than this will be problematic for servers that are not tightly coupled with their directory, as it effectively forces the server to scan a list of all user settings at each log on time. I'll talk to Randy to get clarification, and perhaps come up with some clarification wording in regards to this. Another minor nit is the wording: "If the authentication step negotiates an integrity protection layer, the client SHOULD reissue the CAPA command after authenticating to check for active down-negotiation attacks." I'd like to see the wording changed to something like: "The client SHOULD reissue the CAPA command after authenticating to check for active down-negotiation attacks and to get any per user capability settings." -----Original Message----- From: Keith Moore [mailto:moore@cs.utk.edu] Sent: Wednesday, July 08, 1998 6:30 PM To: drums@cs.utk.edu; ietf-smtp@imc.org Cc: moore@cs.utk.edu; ietf-pop3ext@imc.org Subject: [Off Topic] Need review for POP3 extension mechanism I apologize for an off-topic posting. Please send replies to ietf-pop3ext@imc.org, not to the drums or ietf-smtp lists. On May 18, a Last Call was issued on for document draft-gellens-pop3ext-05.txt , for Proposed Standard status. Nobody has commented on the document. I am reluctant to recommend that IESG approve this document without more evidence of support. So I'm asking for more review... Should the document be adopted as is? Does it need more wordsmithing? Are all of these capabilities needed? Are all of the capabilities defined with sufficient precision? Should the document be standards track or should it be Informational or Experimental? Should the extension mechanism be separated from (and perhaps a different status from) the extensions themselves? If the document is approved for Proposed, should all of the proposed extensions be included? Or should some of the extensions be moved to a separate Informational or Experimental? Which ones? In the absence of more community input, my recommendation would be to direct the authors to remove all of the capabilities from this document, except those which are already defined in standards-track documents. Additional capabilities could be defined in a separate experimental or informational RFC. thanks! Keith Moore APPS co-AD ------_=_NextPart_001_01BDB527.C46A0970 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: [Off Topic] Need review for POP3 extension mechanism

I apologize for such a late response, but i have been = out of the office for the last few weeks.

I agree with the others who view this as being a = useful draft, and second the motion that it should go as proposed = instead of informational or experimental.

Although the list has not had a lot of dicussion on = it, I know Randy has been discussing this with various people at venues = like the ietf, so it has been getting review. My biggest concern = was the former LMOS setting allowed for expiration settings to be based = on the command used to acccess the msg, which Randy has addressed with = the new EXPIRE setting.

I do have one minor concern regarding the current = wording of the EXPIRE setting.

The draft states:
"If the expiration policy might differ per user = (that is, the EXPIRE argument might change after authentication), the = server MUST announce in the AUTHENTICATION state the smallest value = which might be used. The server should announce the more accurate = value in the TRANSACTION state.

It is unclear to me whether the intent of this is to = force the server to keep track of the smallest setting a user currently = has set, or if it is for the server to annouce the smallest value that = an administrator could conceivably set for a particular user. If = the intent is the former, than this will be problematic for servers = that are not tightly coupled with their directory, as it effectively = forces the server to scan a list of all user settings at each log on = time.

I'll talk to Randy to get clarification, and perhaps = come up with some clarification wording in regards to this.

Another minor nit is the wording:
"If the authentication step negotiates an = integrity protection layer, the client SHOULD reissue the CAPA command = after authenticating to check for active down-negotiation = attacks."

I'd like to see the wording changed to something = like:
"The client SHOULD reissue the CAPA command = after authenticating to check for active down-negotiation attacks and = to get any per user capability settings."

-----Original Message-----
From: Keith Moore [mailto:moore@cs.utk.edu]
Sent: Wednesday, July 08, 1998 6:30 PM
To: drums@cs.utk.edu; ietf-smtp@imc.org
Cc: moore@cs.utk.edu; ietf-pop3ext@imc.org
Subject: [Off Topic] Need review for POP3 extension = mechanism

I apologize for an off-topic posting.
Please send replies to ietf-pop3ext@imc.org, not to = the drums or ietf-smtp lists.

On May 18, a Last Call was issued on for document = draft-gellens-pop3ext-05.txt ,
for Proposed Standard status. Nobody has = commented on the document. I am
reluctant to recommend that IESG approve this = document without more evidence
of support.

So I'm asking for more review...

Should the document be adopted as is? Does it = need more wordsmithing?
Are all of these capabilities needed?
Are all of the capabilities defined with sufficient = precision?

Should the document be standards track or should it = be Informational or
Experimental?

Should the extension mechanism be separated from (and = perhaps a different
status from) the extensions themselves?

If the document is approved for Proposed, should all = of the proposed extensions
be included? Or should some of the extensions = be moved to a separate
Informational or Experimental? Which = ones?

In the absence of more community input, my = recommendation would be to direct
the authors to remove all of the capabilities from = this document, except those
which are already defined in standards-track = documents. Additional capabilities
could be defined in a separate experimental or = informational RFC.

thanks!

Keith Moore
APPS co-AD

------_=_NextPart_001_01BDB527.C46A0970-- From owner-ietf-pop3ext Wed Jul 22 12:12:11 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA27464 for ietf-pop3ext-bks; Wed, 22 Jul 1998 12:12:11 -0700 (PDT) Received: from odd.qualcomm.com (odd.qualcomm.com [129.46.2.48]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA27452; Wed, 22 Jul 1998 12:11:42 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by odd.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id MAA20867; Wed, 22 Jul 1998 12:12:09 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <2FBF98FC7852CF11912A0000000000010B37E591@DINO> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Wed, 22 Jul 1998 12:08:00 -0700 To: "Mike Gahrns (Exchange)" From: Randall Gellens Subject: RE: [Off Topic] Need review for POP3 extension mechanism Cc: "'ietf-pop3ext@imc.org'" , drums@cs.utk.edu, ietf-smtp@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 9:18 PM -0700 7/21/98, Mike Gahrns (Exchange) wrote: >I do have one minor concern regarding the current wording of the >EXPIRE setting. > >The draft states: >"If the expiration policy might differ per user (that is, the EXPIRE >argument might change after authentication), the server MUST announce >in the AUTHENTICATION state the smallest value which might be used. >The server should announce the more accurate value in the TRANSACTION >state. > >It is unclear to me whether the intent of this is to force the server >to keep track of the smallest setting a user currently has set, or if >it is for the server to annouce the smallest value that an >administrator could conceivably set for a particular user. If the >intent is the former, than this will be problematic for servers that >are not tightly coupled with their directory, as it effectively forces >the server to scan a list of all user settings at each log on time. The intent is to let the client know that the server does permit mail to be left on the server, and to present a value which is the smallest which might be set for the user. This could be the smallest value currently in use for any user (so only one value per server), or even the smallest value which the server permits to be set for any user. This way a client can decide (because the user has told the client to leave mail on the server for a larger number of days) if it needs to reissue CAPA after authenticating and/or warn the user. >Another minor nit is the wording: >"If the authentication step negotiates an integrity protection layer, >the client SHOULD reissue the CAPA command after authenticating to >check for active down-negotiation attacks." > >I'd like to see the wording changed to something like: >"The client SHOULD reissue the CAPA command after authenticating to >check for active down-negotiation attacks and to get any per user >capability settings." The intent is to not require clients to issue two CAPA commands. The client pretty much has to issue one before authenticating, to learn which SASL mechanisms are supported, but doesn't have to issue on afterwards, unless the first CAPA reveals that the server supports some capabilities whose parameters might change after authentication, and the client needs the most accurate values (it might be able to use the more general ones), or the client wants to check for down-negotiation attacks. A simple client that only uses a few basic SASL mechanisms, for example, and only needs to know if the server supports TOP, UIDL, and allows mail to be left on the server, doesn't need to issue two CAPAs. (A client which only uses plaintext or APOP could issue only one CAPA, after authenticating.) From owner-ietf-pop3ext Wed Jul 22 20:43:20 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id UAA00852 for ietf-pop3ext-bks; Wed, 22 Jul 1998 20:43:20 -0700 (PDT) Received: from tide03.microsoft.com (firewall-user@tide03.microsoft.com [131.107.3.13]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id UAA00842; Wed, 22 Jul 1998 20:42:55 -0700 (PDT) Received: by tide03.microsoft.com; id UAA17039; Wed, 22 Jul 1998 20:43:45 -0700 (PDT) Received: from unknown(157.54.17.74) by tide03.microsoft.com via smap (V3.1) id xma017036; Wed, 22 Jul 98 20:43:44 -0700 Received: from red-01-imc.dns.microsoft.com ([157.54.1.197]) by imail2.microsoft.com (8.7.3/8.7.1) with ESMTP id UAA28977; Wed, 22 Jul 1998 20:53:56 -0700 (PDT) Received: from popdog.exchange.microsoft.com (POPDOG [172.30.236.242]) by red-01-imc.dns.microsoft.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2232.9) id PKF6X2L1; Wed, 22 Jul 1998 20:43:44 -0700 Received: from mikega9 (mikega9.dns.microsoft.com [157.59.255.141]) by popdog.exchange.microsoft.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2232.9) id 37DWQA4C; Wed, 22 Jul 1998 20:43:49 -0700 Message-ID: <000501bdb5ec$89900bb0$8dff3b9d@mikega9.dns.microsoft.com> From: "Mike Gahrns" To: "Randall Gellens" Cc: , , Subject: Re: [Off Topic] Need review for POP3 extension mechanism Date: Wed, 22 Jul 1998 20:46:55 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk *** within >At 9:18 PM -0700 7/21/98, Mike Gahrns (Exchange) wrote: > >>I do have one minor concern regarding the current wording of the >>EXPIRE setting. >> >>The draft states: >>"If the expiration policy might differ per user (that is, the EXPIRE >>argument might change after authentication), the server MUST announce >>in the AUTHENTICATION state the smallest value which might be used. >>The server should announce the more accurate value in the TRANSACTION >>state. >> >>It is unclear to me whether the intent of this is to force the server >>to keep track of the smallest setting a user currently has set, or if >>it is for the server to annouce the smallest value that an >>administrator could conceivably set for a particular user. If the >>intent is the former, than this will be problematic for servers that >>are not tightly coupled with their directory, as it effectively forces >>the server to scan a list of all user settings at each log on time. > >The intent is to let the client know that the server does permit mail >to be left on the server, and to present a value which is the smallest >which might be set for the user. This could be the smallest value >currently in use for any user (so only one value per server), or even >the smallest value which the server permits to be set for any user. *** If it is the smallest value which the server permits to be set for any user, I am happy with it. Would it be possible for you to update the draft with the above paragraph? If I had the question, I am sure others will... The more precise we are now with things, will save us interoperability grief later and it really is just a minor clarification so we won't need to worry about another last call. (The smallest value currently in use by any user on a server is problematic for us, but we do not have any objections if other servers want to present this value if they can easily calculate it) This should not pose any interop problems either. Basically, if a client wants to get the accurate setting, they need to re-issue the CAPA command after authenticating, so i do not really think it matters too much what was presented in the unauthenticated state. Having said that, perhaps a better solution would be to define another arguement called "USER". If a client does a CAPA and gets an EXPIRE USER, in the unauthenticated state, it knows that the server supports per user expiry settings. It explicitly informs the user when they need to re-issue the CAPA command after authentication due to per user options. >This way a client can decide (because the user has told the client to >leave mail on the server for a larger number of days) if it needs to >reissue CAPA after authenticating and/or warn the user. *** this is assuming that the client ui has something that allows the user to specify the number of days to leave mail on the server. I believe some clients just have a "leave mail on server" option. In this case, I guess the client will always need to reissue the CAPA command after authentication. The interop problem I see is the following: The client is running against a server where expiry is set on a per user setting. Let's say the server allows the admin to specify per user expiry settings. For the client that is logged on, the per user expiry is set to 30. However, on the server he is running against, there is a user who has expiry set to 15. Or it is a server, where the lowest expiry setting is not available, so the server reports what the theoretical minimum it can be set to, lets say 1. Unless things are spelled out explicitly within your draft, I can see a client issueing only a single CAPA before authentication. Without it doing another CAPA after authentication, the client would be spitting out bogus warnings for the user saying "your messages will be deleted from the server after 15 days" when really the setting is for 30 days. Being really explicit in the draft will ensure that client writers don't make that mistake. > > >>Another minor nit is the wording: >>"If the authentication step negotiates an integrity protection layer, >>the client SHOULD reissue the CAPA command after authenticating to >>check for active down-negotiation attacks." >> >>I'd like to see the wording changed to something like: >>"The client SHOULD reissue the CAPA command after authenticating to >>check for active down-negotiation attacks and to get any per user >>capability settings." > >The intent is to not require clients to issue two CAPA commands. The >client pretty much has to issue one before authenticating, to learn >which SASL mechanisms are supported, but doesn't have to issue on >afterwards, unless the first CAPA reveals that the server supports some >capabilities whose parameters might change after authentication, and >the client needs the most accurate values (it might be able to use the >more general ones), or the client wants to check for down-negotiation >attacks. *** Agreed. The point I was making is that it does not hurt to call out in the doc the need to recheck parameters that might change after authentication. The wording you have only mentions down negotiation attacks. A simple client that only uses a few basic SASL mechanisms, >for example, and only needs to know if the server supports TOP, UIDL, >and allows mail to be left on the server, doesn't need to issue two >CAPAs. (A client which only uses plaintext or APOP could issue only >one CAPA, after authenticating.) Agreed. And perhaps this adds more fuel to returning USER when there are per user settings. From owner-ietf-pop3ext Thu Jul 23 12:01:22 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA17031 for ietf-pop3ext-bks; Thu, 23 Jul 1998 12:01:22 -0700 (PDT) Received: from apprentice.qualcomm.com (apprentice.qualcomm.com [129.46.2.86]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA17006 for ; Thu, 23 Jul 1998 11:58:51 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by apprentice.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id LAA20346; Thu, 23 Jul 1998 11:59:17 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <000501bdb5ec$89900bb0$8dff3b9d@mikega9.dns.microsoft.com> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Thu, 23 Jul 1998 11:52:14 -0700 To: "Mike Gahrns" From: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 8:46 PM -0700 7/22/98, Mike Gahrns wrote: >>>I do have one minor concern regarding the current wording of the >>>EXPIRE setting. >>The intent is to let the client know that the server does permit mail >>to be left on the server, and to present a value which is the smallest >>which might be set for the user. This could be the smallest value >>currently in use for any user (so only one value per server), or even >>the smallest value which the server permits to be set for any user. >*** If it is the smallest value which the server permits to be set for any >user, I am happy with it. >Would it be possible for you to update the draft with the above paragraph? I will modify the draft to clarify this. >Having said that, perhaps a better solution would be to define another >arguement called "USER". >If a client does a CAPA and gets an EXPIRE USER, in the unauthenticated >state, it knows that the server supports per user expiry settings. It >explicitly informs the user when they need to re-issue the CAPA command >after authentication due to per user options. I'm not sure the added complexity would buy us anything useful. The EXPIRE setting can only be a rough guide to the user, never accurate (without some complex per-message expiration warning mechanism). Even if the server presents the currently accurate value for a specific user, that value could change, the user doesn't know how long the message has already been on the server, and some servers could change the expiration period after the user has seen the message. So I think the most that can be usefully done with a simple mechanism is to handle the no-LMOS and indefinite-LMOS states, and for everything else, inform the user, especially if the user tries to set the client's LMOS setting to a value within some threshold of what the server's reported EXPIRE value. >The interop problem I see is the following: >The client is running against a server where expiry is set on a per user >setting. Let's say the server allows the admin to specify per user expiry >settings. For the client that is logged on, the per user expiry is set to >30. However, on the server he is running against, there is a user who has >expiry set to 15. Or it is a server, where the lowest expiry setting is not >available, so the server reports what the theoretical minimum it can be set >to, lets say 1. >Unless things are spelled out explicitly within your draft, I can see a >client issueing only a single CAPA before authentication. Without it doing >another CAPA after authentication, the client would be spitting out bogus >warnings for the user saying "your messages will be deleted from the server >after 15 days" when really the setting is for 30 days. Being really >explicit in the draft will ensure that client writers don't make that >mistake. If a client tries to give warnings at that level of precision, I think it will often be wrong, unless the server doesn't start the expire clock until the client has been informed of the presence of the message. >>>Another minor nit is the wording: >>>"If the authentication step negotiates an integrity protection layer, >>>the client SHOULD reissue the CAPA command after authenticating to >>>check for active down-negotiation attacks." >>> >>>I'd like to see the wording changed to something like: >>>"The client SHOULD reissue the CAPA command after authenticating to >>>check for active down-negotiation attacks and to get any per user >>>capability settings." >> >>The intent is to not require clients to issue two CAPA commands. The >>client pretty much has to issue one before authenticating, to learn >>which SASL mechanisms are supported, but doesn't have to issue on >>afterwards, unless the first CAPA reveals that the server supports some >>capabilities whose parameters might change after authentication, and >>the client needs the most accurate values (it might be able to use the >>more general ones), or the client wants to check for down-negotiation >>attacks. >*** Agreed. The point I was making is that it does not hurt to call out in >the doc the need to recheck parameters that might change after >authentication. The wording you have only mentions down negotiation >attacks. I will try and clarify the text, to indicate that some clients may wish to check for other parameter changes. -- Randall Gellens Opinions are personal; facts are suspect; I speak for myself only --Chair, Californians for higher taxes, worse government, poorer schools, unsafe water, and more crime.-- -------------- Randomly-selected tag: --------------- Think of your family tonight. Try to crawl home after the computer crashes. From owner-ietf-pop3ext Thu Jul 23 12:45:46 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA17240 for ietf-pop3ext-bks; Thu, 23 Jul 1998 12:45:46 -0700 (PDT) Received: from rembrandt.esys.ca (0@rembrandt.esys.ca [198.161.92.18]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA17236 for ; Thu, 23 Jul 1998 12:45:45 -0700 (PDT) Received: from warhol.esys.ca (warhol.esys.ca [198.161.92.20]) by rembrandt.esys.ca (2.0.4-beta-1/SMS 2.0.4-beta-1) with ESMTP id NAA07539; Thu, 23 Jul 1998 13:46:40 -0600 From: Lyndon Nerenberg Date: Thu, 23 Jul 1998 13:46:39 -0600 To: Randall Gellens Subject: EXPIRE Cc: ietf-pop3ext@imc.org, Mike Gahrns In-Reply-To: References: <000501bdb5ec$89900bb0$8dff3b9d@mikega9.dns.microsoft.com> Message-ID: X-Mailer: Simeon for Aix Motif Version Mercury a8 Build (11) MIME-Version: 1.0 Content-Type: Text/PLAIN; CHARSET=US-ASCII Sender: owner-ietf-pop3ext@imc.org Precedence: bulk > I'm not sure the added complexity would buy us anything useful. The > EXPIRE setting can only be a rough guide to the user, never accurate > (without some complex per-message expiration warning mechanism). Even > if the server presents the currently accurate value for a specific > user, that value could change, the user doesn't know how long the > message has already been on the server, and some servers could change > the expiration period after the user has seen the message. And for those exact reasons I oppose including EXPIRE. At best the information it provides is of marginal utility, and in practice, any incorrect/invalid data returned by EXPIRE will most likely result in lost mail. The only way I will support EXPIRE is if the protocol spec *requires* the server to enforce the value it advertised to a client (i.e. if on day n you say EXPIRE 30, and on day n+1 you say EXPIRE 2, any operations I performed on day n must continue to work within the constraints of the EXPIRE 30 information you gave me). If you cannot guarantee the semantics of operations based on EXPIRE data it doesn't belong in the protocol. --lyndon From owner-ietf-pop3ext Thu Jul 23 14:16:34 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA17800 for ietf-pop3ext-bks; Thu, 23 Jul 1998 14:16:34 -0700 (PDT) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA17796 for ; Thu, 23 Jul 1998 14:16:31 -0700 (PDT) Received: from elwood.innosoft.com ("port 56195"@ELWOOD.INNOSOFT.COM) by INNOSOFT.COM (PMDF V5.1-11 #U3049) with SMTP id <01IZQR86OEPM99E6S3@INNOSOFT.COM> for ietf-pop3ext@imc.org; Thu, 23 Jul 1998 14:16:41 PDT Date: Thu, 23 Jul 1998 14:17:53 -0700 (PDT) From: Chris Newman Subject: Re: EXPIRE In-reply-to: To: Lyndon Nerenberg Cc: Randall Gellens , ietf-pop3ext@imc.org, Mike Gahrns Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Originator-Info: login-id=chris; server=THOR.INNOSOFT.COM Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On Thu, 23 Jul 1998, Lyndon Nerenberg wrote: > And for those exact reasons I oppose including EXPIRE. At best the information > it provides is of marginal utility, and in practice, any incorrect/invalid > data returned by EXPIRE will most likely result in lost mail. The only way I > will support EXPIRE is if the protocol spec *requires* the server to enforce > the value it advertised to a client (i.e. if on day n you say EXPIRE 30, and > on day n+1 you say EXPIRE 2, any operations I performed on day n must continue > to work within the constraints of the EXPIRE 30 information you gave me). If > you cannot guarantee the semantics of operations based on EXPIRE data it > doesn't belong in the protocol. A sysadmin can always change policy regardless of what any standard says. I really wish you had complained during the past year this proposal has been refined. It's really frustrating to get lots of review on a proposal, get it near complete, then go back to the drawing board as complaints spring out of the woodwork. If we want to ratchet down one level of complexity from EXPIRE, the next would be an "AUTODELE" capability which indicates that RETR and/or TOP cause an implicit DELE. - Chris From owner-ietf-pop3ext Thu Jul 23 14:55:53 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA17976 for ietf-pop3ext-bks; Thu, 23 Jul 1998 14:55:53 -0700 (PDT) Received: from dragon (ppp1666.glas.apc.org [195.218.251.154]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA17972 for ; Thu, 23 Jul 1998 14:55:47 -0700 (PDT) Received: FROM demo.ru ([195.218.251.154]) BY dragon.cs.msu.su (Baikonur Mail Server) WITH ESMTP; 24 Jul 1998 01:58:05 +0300 Message-ID: <35B7B1EC.448882AC@demo.ru> Date: Fri, 24 Jul 1998 01:58:04 +0400 From: Alexey Melnikov Organization: Epsylon Technologies X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: Re: [Off Topic] Need review for POP3 extension mechanism References: Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Randall Gellens wrote: > At 8:46 PM -0700 7/22/98, Mike Gahrns wrote: > > >Having said that, perhaps a better solution would be to define another > >arguement called "USER". > >If a client does a CAPA and gets an EXPIRE USER, in the unauthenticated > >state, it knows that the server supports per user expiry settings. It > >explicitly informs the user when they need to re-issue the CAPA command > >after authentication due to per user options. > > I'm not sure the added complexity would buy us anything useful. The > EXPIRE setting can only be a rough guide to the user, never accurate > (without some complex per-message expiration warning mechanism). Even > if the server presents the currently accurate value for a specific > user, that value could change, the user doesn't know how long the > message has already been on the server, and some servers could change > the expiration period after the user has seen the message. So I think > the most that can be usefully done with a simple mechanism is to handle > the no-LMOS and indefinite-LMOS states, and for everything else, inform > the user, especially if the user tries to set the client's LMOS setting > to a value within some threshold of what the server's reported EXPIRE > value. Imagine, for example, that server calculates the minimal EXPIRE value for all users and returns it in the unauthenticated state. Let user A have EXPIRE value equal to 0 and user B has EXPIRE >0 (5 for example). Described server will return EXPIRE 0 in unauthenticated state, but it will not be the truth for user B. I think that something like EXPIRE USER will help to solve such problem. One question about EXPIRE 0 : Am I right that all messages will be deleted after QUIT command. What happens if client disconnects without QUIT? How client can prevent messages from being deleted? Cheers, Alexey Melnikov ------------------------------------------ SMTP/POP3/IMAP4/ACAP servers creation team "ACAP Explorer" client Imap Development Kit (my own product) Epsylon Technologies, Russia http://www.demo.ru ------------------------------------------ From owner-ietf-pop3ext Thu Jul 23 15:14:08 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA18055 for ietf-pop3ext-bks; Thu, 23 Jul 1998 15:14:08 -0700 (PDT) Received: from frobozz.qualcomm.com (frobozz.qualcomm.com [129.46.174.26]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA18051 for ; Thu, 23 Jul 1998 15:14:07 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by frobozz.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id PAA02304; Thu, 23 Jul 1998 15:14:17 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <000501bdb5ec$89900bb0$8dff3b9d@mikega9.dns.microsoft.com> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Thu, 23 Jul 1998 15:02:25 -0700 To: Lyndon Nerenberg From: Randall Gellens Subject: Re: EXPIRE Cc: Randall Gellens , ietf-pop3ext@imc.org, Mike Gahrns Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 12:46 PM -0700 7/23/98, Lyndon Nerenberg wrote: >> I'm not sure the added complexity would buy us anything useful. The >> EXPIRE setting can only be a rough guide to the user, never accurate >> (without some complex per-message expiration warning mechanism). Even >> if the server presents the currently accurate value for a specific >> user, that value could change, the user doesn't know how long the >> message has already been on the server, and some servers could change >> the expiration period after the user has seen the message. > >And for those exact reasons I oppose including EXPIRE. At best the >information >it provides is of marginal utility, and in practice, any incorrect/invalid >data returned by EXPIRE will most likely result in lost mail. The only way I >will support EXPIRE is if the protocol spec *requires* the server to enforce >the value it advertised to a client (i.e. if on day n you say EXPIRE 30, and >on day n+1 you say EXPIRE 2, any operations I performed on day n must >continue >to work within the constraints of the EXPIRE 30 information you gave me). If >you cannot guarantee the semantics of operations based on EXPIRE data it >doesn't belong in the protocol. EXPIRE doesn't cause lost mail. Currently, POP servers are operated in one of three modes: users are permitted to leave mail on the server indefinitely (perhaps subject to maildrop size limits); users are not permitted to leave mail on the server at all; or users are permitted to leave mail on the server for some period of time, either from arrival on the server or first notice to the client, and perhaps subject to earlier or later deletion based on user action (TOP, RETR). Currently, there is no standardized, interoperable way to inform users of the server's operating mode. With the EXPIRE capability, the server can inform the client as to which of the three modes is in force, and additionally offer some guidance regarding the time period for the third mode. This guidance should not be used for anything more specific than warnings for setting client LMOS days. I think this is a big improvement over the current situation. It causes no harm, and it improves things. Earlier versions of the draft had more three different EXPIRE capabilities, based on message status. There was consensus that this was too complex, that something simpler was needed. Please keep in mind that this is POP, not IMAP. This is primarily a download-and-delete-from-server model. Leaving mail on the server is generally used to allow mail to be downloaded to multiple clients. POP is not intended to be a generalized mail retention and access protocol. If a user leaves mail on the server and deletes it from a client, expecting to be able to download it again later, then mail might be lost. This is a misuse of POP. The EXPIRE capability does not make this any more likely. -- Randall Gellens Opinions are personal; facts are suspect; I speak for myself only --Chair, Californians for higher taxes, worse government, poorer schools, unsafe water, and more crime.-- -------------- Randomly-selected tag: --------------- Things get worse under pressure. From owner-ietf-pop3ext Thu Jul 23 15:29:47 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA18167 for ietf-pop3ext-bks; Thu, 23 Jul 1998 15:29:47 -0700 (PDT) Received: from apprentice.qualcomm.com (apprentice.qualcomm.com [129.46.2.86]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA18163 for ; Thu, 23 Jul 1998 15:29:43 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by apprentice.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id PAA16800; Thu, 23 Jul 1998 15:29:13 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <35B7B1EC.448882AC@demo.ru> References: X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Thu, 23 Jul 1998 15:22:59 -0700 To: Alexey Melnikov From: Randall Gellens Subject: Re: [Off Topic] Need review for POP3 extension mechanism Cc: ietf-pop3ext@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 2:58 PM -0700 7/23/98, Alexey Melnikov wrote: >Imagine, for example, that server calculates the minimal EXPIRE value for all >users and returns it in the unauthenticated state. Let user A have >EXPIRE value >equal to 0 and user B has EXPIRE >0 (5 for example). Described server >will return >EXPIRE 0 in unauthenticated state, but it will not be the truth for user B. >I think that something like EXPIRE USER will help to solve such problem. If user B's client does not do another CAPA after authenticating, it might issue a warning if user B has LMOS set, something like "Warning: your mail server might delete messages immediately". I don't like the idea of CAPA returning EXPIRE USER, because that forces the client to reissue CAPA after authenticating. I could see perhaps adding USER as an extra token after the value parameter (EXPIRE 5 USER) to indicate that the value might be inaccurate. But remember we're talking POP, not IMAP, here. We want to keep things simple. How many servers are going to be operating in a mode such that there is a number-of-days-per-user expiration policy, which for some users is 0 (immediate deletion) and for others is something else? Is it worth cluttering the protocol to be able to do something slightly better in those few cases? >One question about EXPIRE 0 : Am I right that all messages will be >deleted after >QUIT command. What happens if client disconnects without QUIT? How client can >prevent messages from being deleted? EXPIRE 0 means the server MAY delete messages immediately after QUIT. In actual practice, I would expect message expiration to happen later in most cases, such as overnight. The QUIT issue is really no-win. If we say that servers can't delete unless the client sends a QUIT, clients will simply not send QUIT (many don't anyway). And why should EXPIRE 0 be different from EXPIRE 1 or EXPIRE 30? There are widely-deployed servers today which delete messages after a DELE has been received for them, even if the client does not send QUIT before the connection closes, even though this is a clear violation of POP3. Since there are always edge cases, maybe we should cut EXPIRE from the draft, which means we live with the status quo, at least until a replacement draft advances. I tend to think that would be worse, because we simply aren't going to be able to solve 100% of the expiration cases without complexity that doesn't belong in POP. But if the consensus is that that's better, I'll do it. From owner-ietf-pop3ext Thu Jul 23 15:30:38 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA18186 for ietf-pop3ext-bks; Thu, 23 Jul 1998 15:30:38 -0700 (PDT) Received: from apprentice.qualcomm.com (apprentice.qualcomm.com [129.46.2.86]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA18182 for ; Thu, 23 Jul 1998 15:30:36 -0700 (PDT) Received: from [129.46.136.131] (randy-mac.qualcomm.com [129.46.136.131]) by apprentice.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id PAA16827; Thu, 23 Jul 1998 15:29:18 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: References: X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Thu, 23 Jul 1998 15:22:47 -0700 To: Chris Newman From: Randall Gellens Subject: Re: EXPIRE Cc: Lyndon Nerenberg , Randall Gellens , ietf-pop3ext@imc.org, Mike Gahrns Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 2:17 PM -0700 7/23/98, Chris Newman wrote: >A sysadmin can always change policy regardless of what any standard says. >I really wish you had complained during the past year this proposal has >been refined. It's really frustrating to get lots of review on a >proposal, get it near complete, then go back to the drawing board as >complaints spring out of the woodwork. I agree, especially for edge cases that we really can't solve and remain simple. >If we want to ratchet down one level of complexity from EXPIRE, the next >would be an "AUTODELE" capability which indicates that RETR and/or TOP >cause an implicit DELE. That doesn't allow a server to advertise that it expires unseen messages. From owner-ietf-pop3ext Thu Jul 23 15:56:20 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA18337 for ietf-pop3ext-bks; Thu, 23 Jul 1998 15:56:20 -0700 (PDT) Received: from tide03.microsoft.com (firewall-user@tide03.microsoft.com [131.107.3.13]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA18333 for ; Thu, 23 Jul 1998 15:56:19 -0700 (PDT) Received: by tide03.microsoft.com; id PAA12595; Thu, 23 Jul 1998 15:56:52 -0700 (PDT) Received: from unknown(157.54.17.74) by tide03.microsoft.com via smap (V3.1) id xma012588; Thu, 23 Jul 98 15:56:41 -0700 Received: from red-01-imc.dns.microsoft.com ([157.54.1.197]) by imail2.microsoft.com (8.7.3/8.7.1) with ESMTP id QAA19620; Thu, 23 Jul 1998 16:06:53 -0700 (PDT) Received: from popdog.exchange.microsoft.com (POPDOG [172.30.236.242]) by red-01-imc.dns.microsoft.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2232.9) id PKF6X7S1; Thu, 23 Jul 1998 15:56:42 -0700 Received: from mikega9 (mikega9.dns.microsoft.com [157.59.255.141]) by popdog.exchange.microsoft.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2232.9) id 37DWQLZL; Thu, 23 Jul 1998 15:56:44 -0700 Message-ID: <000801bdb68d$97814f80$8dff3b9d@mikega9.dns.microsoft.com> From: "Mike Gahrns" To: "Alexey Melnikov" , "Randall Gellens" Cc: Subject: Re: [Off Topic] Need review for POP3 extension mechanism Date: Thu, 23 Jul 1998 15:59:48 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk *** within >At 2:58 PM -0700 7/23/98, Alexey Melnikov wrote: > >>Imagine, for example, that server calculates the minimal EXPIRE value for all >>users and returns it in the unauthenticated state. Let user A have >>EXPIRE value >>equal to 0 and user B has EXPIRE >0 (5 for example). Described server >>will return >>EXPIRE 0 in unauthenticated state, but it will not be the truth for user B. >>I think that something like EXPIRE USER will help to solve such problem. > >If user B's client does not do another CAPA after authenticating, it >might issue a warning if user B has LMOS set, something like "Warning: >your mail server might delete messages immediately". *** I did not mean to open a rat's nest here. I thought the idea of EXPIRE USER off the top my head and I was sitting on the fence as to whether I should even mention it... The comments about over engineering things and adding complexity are always valid concerns, and I am happy with EXPIRE the way it is. The area, that I thought that could be improved was adding clarification text so that everyone knew EXACTLY how it would work. I think it needs to be made really clear how it works with per user settings, and that the client needs to reissue CAPA after authentication. With the text Randy will be adding, I am happy with the draft. Alexey also brings up a good point on EXPIRE 0. Clarification text and the example Alexy brings up below should also be added to the spec. As to Chris's comments, I agree that we don't want re-open and redesign the whole spec. I apologize for the late comments, and really all I was looking for was looking for was more clarification text so that it was crystal clear exactly how everything worked. I did not mean to start re-engineering thigns. With clarifications added, I am happy with the doc, and think it is ready for it to go to proposed standard. It is something we are interested in implementing. >> >Since there are always edge cases, maybe we should cut EXPIRE from the >draft, which means we live with the status quo, at least until a >replacement draft advances. I tend to think that would be worse, *** I think EXPIRE should stay. The doc just needed to be more explicit explaining how it worked. From owner-ietf-pop3ext Fri Jul 24 14:27:39 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA14437 for ietf-pop3ext-bks; Fri, 24 Jul 1998 14:27:39 -0700 (PDT) Received: from dragon (ppp1663.glas.apc.org [195.218.251.151]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA14430 for ; Fri, 24 Jul 1998 14:27:33 -0700 (PDT) Received: FROM demo.ru ([195.218.251.151]) BY dragon.cs.msu.su (Baikonur Mail Server) WITH ESMTP; 25 Jul 1998 01:25:10 +0300 Message-ID: <35B8FBB4.2435CCAE@demo.ru> Date: Sat, 25 Jul 1998 01:25:08 +0400 From: Alexey Melnikov Organization: Epsylon Technologies X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: Randall Gellens CC: ietf-pop3ext@imc.org Subject: Re: [Off Topic] Need review for POP3 extension mechanism References: Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Randall Gellens wrote: > At 2:58 PM -0700 7/23/98, Alexey Melnikov wrote: > > >Imagine, for example, that server calculates the minimal EXPIRE value for all > >users and returns it in the unauthenticated state. Let user A have > >EXPIRE value > >equal to 0 and user B has EXPIRE >0 (5 for example). Described server > >will return > >EXPIRE 0 in unauthenticated state, but it will not be the truth for user B. > >I think that something like EXPIRE USER will help to solve such problem. > > If user B's client does not do another CAPA after authenticating, it > might issue a warning if user B has LMOS set, something like "Warning: > your mail server might delete messages immediately". > > I don't like the idea of CAPA returning EXPIRE USER, because that > forces the client to reissue CAPA after authenticating. I could see > perhaps adding USER as an extra token after the value parameter (EXPIRE > 5 USER) to indicate that the value might be inaccurate. But remember > we're talking POP, not IMAP, here. We want to keep things simple. How > many servers are going to be operating in a mode such that there is a > number-of-days-per-user expiration policy, which for some users is 0 > (immediate deletion) and for others is something else? Is it worth > cluttering the protocol to be able to do something slightly better in > those few cases? I don't want to make things more complex, I just want to make them good from the beginning (i.e. not to redesign them later). Personally I am happy with EXPIRE 0, EXPIRE 1 (everything non zero), EXPIRE NEVER, EXPIRE USER. Extra token is a good way to go. > There are widely-deployed servers today which delete messages after a > DELE has been received for them, even if the client does not send QUIT > before the connection closes, even though this is a clear violation of > POP3. > > Since there are always edge cases, maybe we should cut EXPIRE from the > draft, which means we live with the status quo, at least until a > replacement draft advances. I tend to think that would be worse, > because we simply aren't going to be able to solve 100% of the > expiration cases without complexity that doesn't belong in POP. But if > the consensus is that that's better, I'll do it. I agree with Mike : EXPIRE should stay. However I don't mind to place it in a separate document. One more comment : I think it is good idea to add more text about how EXPIRE value is calculated (What Chris wrote before), because it is not obvious for readers, that didn't take a look at the previous versions of POP3ext draft. Regards, Alexey Melnikov ------------------------------------------ SMTP/POP3/IMAP4/ACAP servers creation team "ACAP Explorer" client Imap Development Kit (my own product) Epsylon Technologies, Russia http://www.demo.ru ------------------------------------------ From owner-ietf-pop3ext Fri Jul 24 14:27:33 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA14429 for ietf-pop3ext-bks; Fri, 24 Jul 1998 14:27:33 -0700 (PDT) Received: from dragon (ppp1663.glas.apc.org [195.218.251.151]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA14425 for ; Fri, 24 Jul 1998 14:27:28 -0700 (PDT) Received: FROM demo.ru ([195.218.251.151]) BY dragon.cs.msu.su (Baikonur Mail Server) WITH ESMTP; 25 Jul 1998 01:25:44 +0300 Message-ID: <35B8FBD8.656D4763@demo.ru> Date: Sat, 25 Jul 1998 01:25:44 +0400 From: Alexey Melnikov Organization: Epsylon Technologies X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: Randall Gellens CC: ietf-pop3ext@imc.org Subject: Lost mail with EXPIRE 0 (was Re: [Off Topic] Need review for POP3 extension mechanism) References: Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Randall Gellens wrote: > >One question about EXPIRE 0 : Am I right that all messages will be > >deleted after > >QUIT command. What happens if client disconnects without QUIT? How client can > >prevent messages from being deleted? > > EXPIRE 0 means the server MAY delete messages immediately after QUIT. > In actual practice, I would expect message expiration to happen later > in most cases, such as overnight. The QUIT issue is really no-win. If > we say that servers can't delete unless the client sends a QUIT, > clients will simply not send QUIT (many don't anyway). And why should > EXPIRE 0 be different from EXPIRE 1 or EXPIRE 30? Here I see a problem. If server will clear mailbox unconditionally when EXPIRE value is zero (i.e. server will delete even unseen message) it must not advertise EXPIRE 0. Let's see what may happen otherwise. Client connects to server using dial-up TCP/IP connection. Client opens mailbox, starts to download mail, but unexpectedly ISP hangs up modem connection. Server discovers that connection is lost and deletes mail. [I ask to forgive my extreme examples, I have mathematical background :-)] Regards, Alexey Melnikov ------------------------------------------ SMTP/POP3/IMAP4/ACAP servers creation team "ACAP Explorer" client Imap Development Kit (my own product) Epsylon Technologies, Russia http://www.demo.ru ------------------------------------------ From owner-ietf-pop3ext Fri Jul 24 14:44:57 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA14524 for ietf-pop3ext-bks; Fri, 24 Jul 1998 14:44:57 -0700 (PDT) Received: from tide03.microsoft.com (firewall-user@tide03.microsoft.com [131.107.3.13]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA14520 for ; Fri, 24 Jul 1998 14:44:56 -0700 (PDT) Received: by tide03.microsoft.com; id OAA05130; Fri, 24 Jul 1998 14:45:46 -0700 (PDT) Received: from unknown(157.54.17.74) by tide03.microsoft.com via smap (V3.1) id xma005126; Fri, 24 Jul 98 14:45:22 -0700 Received: from red-01-imc.dns.microsoft.com ([157.54.1.197]) by imail2.microsoft.com (8.7.3/8.7.1) with ESMTP id OAA08398; Fri, 24 Jul 1998 14:55:35 -0700 (PDT) Received: from popdog.exchange.microsoft.com (POPDOG [172.30.236.242]) by red-01-imc.dns.microsoft.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2232.9) id PKF6715M; Fri, 24 Jul 1998 14:45:22 -0700 Received: from MIKEGA9 ([157.59.255.141]) by popdog.exchange.microsoft.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2232.9) id 37DWQYV1; Fri, 24 Jul 1998 14:45:34 -0700 Message-ID: <000901bdb74c$c62df4e0$8dff3b9d@mikega9.dns.microsoft.com> From: "Mike Gahrns" To: "Alexey Melnikov" , "Randall Gellens" Cc: Subject: Re: Lost mail with EXPIRE 0 (was Re: [Off Topic] Need review for POP3 extension mechanism) Date: Fri, 24 Jul 1998 14:48:20 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Alexey wrote: >> EXPIRE 0 means the server MAY delete messages immediately after QUIT. >> In actual practice, I would expect message expiration to happen later >> in most cases, such as overnight. The QUIT issue is really no-win. If >> we say that servers can't delete unless the client sends a QUIT, >> clients will simply not send QUIT (many don't anyway). And why should >> EXPIRE 0 be different from EXPIRE 1 or EXPIRE 30? > >Here I see a problem. >If server will clear mailbox unconditionally when EXPIRE value is zero (i.e. >server will delete even unseen message) it must not advertise EXPIRE 0. >Let's see what may happen otherwise. Client connects to server using dial-up >TCP/IP connection. Client opens mailbox, starts to download mail, but unexpectedly >ISP hangs up modem connection. >Server discovers that connection is lost and deletes mail. *** I assumed that if the setting was EXPIRE 0, then the server would only delete the mail after a message was succesfully downloaded with a RETR. Assuming that this was Randy's intent, then this could be easily addressed with another line of text in the document. This is a good case that Alexey brings up, and think it should be mentioned in the draft. From owner-ietf-pop3ext Mon Jul 27 14:42:44 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA06243 for ietf-pop3ext-bks; Mon, 27 Jul 1998 14:42:44 -0700 (PDT) Received: from houdini.qualcomm.com (houdini.qualcomm.com [129.46.2.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA06239 for ; Mon, 27 Jul 1998 14:42:42 -0700 (PDT) Received: from [129.46.219.133] (randy-mac.qualcomm.com [129.46.219.133]) by houdini.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id OAA13670; Mon, 27 Jul 1998 14:43:41 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <000901bdb74c$c62df4e0$8dff3b9d@mikega9.dns.microsoft.com> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Mon, 27 Jul 1998 14:40:15 -0700 To: "Mike Gahrns" From: Randall Gellens Subject: Re: Lost mail with EXPIRE 0 (was Re: [Off Topic] Need review for POP3 extension mechanism) Cc: "Alexey Melnikov" , "Randall Gellens" , Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 2:48 PM -0700 7/24/98, Mike Gahrns wrote: >I assumed that if the setting was EXPIRE 0, then the server would only >delete the mail after a message was succesfully downloaded with a RETR. >Assuming that this was Randy's intent, then this could be easily addressed >with another line of text in the document. This is a good case that Alexey >brings up, and think it should be mentioned in the draft. I agree. From owner-ietf-pop3ext Tue Aug 4 18:34:55 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA12451 for ietf-pop3ext-bks; Tue, 4 Aug 1998 18:34:55 -0700 (PDT) Received: from apprentice.qualcomm.com (apprentice.qualcomm.com [129.46.2.86]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA12447 for ; Tue, 4 Aug 1998 18:34:54 -0700 (PDT) Received: from [129.46.219.133] (randy-mac.qualcomm.com [129.46.219.133]) by apprentice.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id SAA23491 for ; Tue, 4 Aug 1998 18:36:41 -0700 (PDT) Mime-Version: 1.0 Message-Id: X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Tue, 4 Aug 1998 18:25:43 -0700 To: ietf-pop3ext@imc.org From: Randall Gellens Subject: draft-gellens-pop3ext-07.txt Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Version -07 of the POP3 Extensions draft was just sent in; it should be posted soon. If anyone wants it before then, let me know and I'll send a copy by email. From owner-ietf-pop3ext Tue Aug 18 12:02:30 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA04990 for ietf-pop3ext-bks; Tue, 18 Aug 1998 12:02:30 -0700 (PDT) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA04986 for ; Tue, 18 Aug 1998 12:02:28 -0700 (PDT) Received: from elwood.innosoft.com ("port 37779"@ELWOOD.INNOSOFT.COM) by INNOSOFT.COM (PMDF V5.1-12 #U3049) with SMTP id <01J0QY6P8RK48WWEDL@INNOSOFT.COM> for ietf-pop3ext@imc.org; Tue, 18 Aug 1998 12:04:03 PDT Date: Tue, 18 Aug 1998 12:05:07 -0700 (PDT) From: Chris Newman Subject: mailrev BOF To: ietf-pop3ext@imc.org Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Originator-Info: login-id=chris; server=THOR.INNOSOFT.COM Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Here is a BOF which should interest participants on this mailing list. The pop3 extensions proposal and POP3 SASL revision are on the agenda for brief review and a sense of rough concensus. ---- Review of Short Mail-related Extension Proposals (mailrev) Thursday, August 27 at 0900-1130 ================================ Chair: Chris Newman Timekeeper: volunteer needed who is willing to cut people off Note Taker: volunteer needed DESCRIPTION: Thare are a number of short mail-related individual submissions which appear not to require the review of a full working group, but would benefit from some review and a sense of rough concensus. Each draft on the agenda will be allocated a fixed (and enforced) time limit for a brief presentation and technical debate. At the end of the time limit, the rough concensus of the room will be measured to see if the draft in question should go standards track expediously, standards track with revisions, experimental, punt to WG, defer or discourage. The success of this effort is likely to depend on the number of participants who read the drafts in advance. Most of these drafts are short. Draft authors are requested to prepare one overhead transparency to summarize their proposals. Some of the drafts listed below could get IESG approval prior to the BOF, in which case they will be dropped from the agenda. The purpose of including drafts in last call on the list is that if they're not approved by the time the BOF occurs, then the BOF may give review feedback to ADs which could help speed approval. Gzip tar file of documents on agenda: AGENDA: Time Limit Presenter Pages Draft Title intro 5 Chair review 8 Gunnar Lindburg 21 draft-lindberg-anti-spam-mta-04.txt! concensus 2 Chair review 10 Randy Gellens 14 draft-gellens-submit-11.txt! concensus 2 Chair review 5 John Myers 6 draft-myers-sasl-pop3-05.txt concensus 2 Chair review 5 Randy Gellens 17 draft-gellens-pop3ext-07.txt! concensus 2 Chair review 8 Jacob Palme 14? draft-ietf-mailext-new-fields-13.txt! concensus 2 Chair review 5 Chris Newman 6 draft-newman-msgheader-originfo-05.txt! concensus 2 Chair review 8 Jacob Palme 16? draft-ietf-drums-MHRegistry-03.txt concensus 2 Chair review 8 Randy Gellens 8 draft-gellens-on-demand-05.txt concensus 2 Chair review 5 Ned Freed 7 draft-freed-gatesec-02.txt concensus 2 Chair review 5 L. Lundblade 4 draft-lundblade-1pass-mult-alt-01.txt concensus 2 Chair review 8 Chris Newman 10 draft-newman-auth-resp-00.txt concensus 2 Chair review 5 Ned Freed 10 draft-newman-deliver-00.txt concensus 2 Chair review 3 Chris Newman 4 draft-newman-mime-cdisp-metadata-01.txt concensus 2 Chair review 5 Ned Freed 11 draft-freed-bsmtp-01.txt concensus 2 Chair review 5 Randy Gellens 7 draft-gellens-format-00.txt concensus 2 Chair conclude 15 Chair What's missing from mail standards that IETF could do next? ! - document is in last call ? - document lacks page numbers, estimate included From owner-ietf-pop3ext Tue Aug 18 15:17:06 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA06489 for ietf-pop3ext-bks; Tue, 18 Aug 1998 15:17:06 -0700 (PDT) Received: from upm.edu.my (scc.upm.edu.my [202.184.17.1]) by mail.proper.com (8.8.8/8.8.5) with SMTP id PAA06485 for ; Tue, 18 Aug 1998 15:17:05 -0700 (PDT) Received: from inet.upm.edu.my by scc.upm.edu.my (5.x/SMI-SVR4) id AA07190; Wed, 19 Aug 1998 06:21:19 -0800 Received: from admin.upm.edu.my by inet.upm.edu.my (5.x/SMI-SVR4) id AA16260; Wed, 19 Aug 1998 06:20:13 -0800 Received: from dcrocker by admin.upm.edu.my (SMI-8.6/SMI-SVR4) id GAA28666; Wed, 19 Aug 1998 06:19:49 -0800 Message-Id: <199808191419.GAA28666@admin.upm.edu.my> X-Sender: dcrocker@mail.bayarea.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1.0.44 (Beta) Date: Tue, 18 Aug 1998 14:58:35 -0700 To: Chris Newman From: Dave Crocker Subject: Re: mailrev BOF Cc: ietf-pop3ext@imc.org In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 12:05 PM 8/18/98 -0700, Chris Newman wrote: >Thursday, August 27 at 0900-1130 Damn. That's directly opposite the fax-over-email working group. tsk. tsk. >Timekeeper: volunteer needed who is willing to cut people off at the knees? d/ _________________________________________________________________________ Dave CROCKER Tel: +1 408 246 8253 BRANDENBURG CONSULTING Tel: +60 19 3299 445 675 Spruce Drive P. O. Box 296, UPM Sunnyvale, CA 94086 www.brandenburg.com Serdang, Selangor 43400 United States Fax: +1 408 273 6464 Malaysia From owner-ietf-pop3ext Tue Aug 18 21:14:43 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id VAA08739 for ietf-pop3ext-bks; Tue, 18 Aug 1998 21:14:43 -0700 (PDT) Received: from doggate.exchange.microsoft.com (doggate.exchange.microsoft.com [131.107.88.55]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id VAA08735 for ; Tue, 18 Aug 1998 21:14:43 -0700 (PDT) Received: by doggate.exchange.microsoft.com with Internet Mail Service (5.5.2232.9) id ; Tue, 18 Aug 1998 21:17:51 -0700 Message-ID: <2FBF98FC7852CF11912A0000000000010C992515@DINO> From: "Mike Gahrns (Exchange)" To: "'Randall Gellens'" , ietf-pop3ext@imc.org Subject: RE: draft-gellens-pop3ext-07.txt Date: Tue, 18 Aug 1998 21:17:42 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2232.9) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-ietf-pop3ext@imc.org Precedence: bulk a minor comment on draft-07 Seems that LOGIN-DELAY is a parameter that one might reasonably want to set on a per-user basis. e.g. The common users might have a setting of 600 seconds, but the executives might be allowed to poll every minute. I know that we have a class of users that demand to get "instant" notification of messages arriving. Thus, under "possible differences" for LOGIN-DELAY, you might want to change no to yes, and then add the spiel you have under "EXPIRE" about if the server has a per-user setting. e.g. it SHOULD announce the more accurate version is in the transaction state and append the USER token to the LOGIN-DELAY. The server should advertise maximum possible Login delay in the AUTHORIZATION state. The UIDL parameter may also fall in this category. I have heard that some servers don't allow the UIDL command, because they don't want to have clients leave mail on the server. The ability to leave mail on the server, certainly could be a reasonable per-user setting. Using just EXPIRE 0 to indicate the client is not permitted to leave mail on the server won't work in this case won't work, because you'd be falsing advertising that the server supported UIDL. That said, unlike EXPIRE, where we currently have a per-user settings in our server, we do not have a per-user setting for LOGIN-DELAY and UIDL. Thus I don't feel strongly about the above. Since the doc is already structured for the per-user setting case of EXPIRE, it seemed that it would be simple to treat LOGIN-DELAY and UIDL similiarly to EXPIRE without really adding any more complexity to the doc. I thought I would throw the comment out to the list, since I could see these as being reasonable per-user settings. I definitely do not intend this to re-open the doc and re-start the design of it. If you feel that these would be reasonable per-user settings, then it may be worth doing a minor change to note that they might be. I do not want to open a pandora's box of new changes to the draft, so pls limit any comments as to whether it is reasonable that these two parameters might be settable per-user. -----Original Message----- From: Randall Gellens [mailto:randy@Qualcomm.Com] Sent: Tuesday, August 04, 1998 6:26 PM To: ietf-pop3ext@imc.org Subject: draft-gellens-pop3ext-07.txt Version -07 of the POP3 Extensions draft was just sent in; it should be posted soon. If anyone wants it before then, let me know and I'll send a copy by email. From owner-ietf-pop3ext Wed Aug 19 11:03:18 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA00781 for ietf-pop3ext-bks; Wed, 19 Aug 1998 11:03:18 -0700 (PDT) Received: from illyana.qualcomm.com (illyana.qualcomm.com [129.46.2.83]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA00777 for ; Wed, 19 Aug 1998 11:03:16 -0700 (PDT) Received: from [129.46.219.133] (randy-mac.qualcomm.com [129.46.219.133]) by illyana.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id LAA02505; Wed, 19 Aug 1998 11:06:17 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <2FBF98FC7852CF11912A0000000000010C992515@DINO> X-Mailer: QUALCOMM Eudora Pro v4.1 for Macintosh Date: Wed, 19 Aug 1998 10:56:27 -0700 To: "Mike Gahrns (Exchange)" , "'Randall Gellens'" , ietf-pop3ext@imc.org From: Randall Gellens Subject: RE: draft-gellens-pop3ext-07.txt Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Random-Signature-Tag: v1.0a10 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk At 9:17 PM -0700 8/18/98, Mike Gahrns (Exchange) wrote: >The UIDL parameter may also fall in this category. I have heard that some >servers don't allow the UIDL command, because they don't want to have >clients leave mail on the server. If a site doesn't want users to leave mail on the server, disabling UIDL is a pretty crude way of doing it. It also makes it harder for clients to properly download and delete mail in the case of an aborted session. That said, I don't have strong feelings either way on per-user UIDL and LOGIN-DELAY. From owner-ietf-pop3ext Sat Dec 5 16:44:05 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA16815 for ietf-pop3ext-bks; Sat, 5 Dec 1998 16:44:05 -0800 (PST) Received: from Krill.EHSco.com (inetserv@[209.31.7.48]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA16809 for ; Sat, 5 Dec 1998 16:44:00 -0800 (PST) Received: from ehsco.com (Ferret.EHSco.com [209.31.7.45]) by Krill.EHSco.com (Netscape Messaging Server 3.5) with ESMTP id AAA1D97 for ; Sat, 5 Dec 1998 16:49:13 -0800 Message-ID: <3669D470.5473E385@ehsco.com> Date: Sat, 05 Dec 1998 16:48:49 -0800 From: "Eric A. Hall" Organization: EHS Company X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: Vendors implementing RFC 2449 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Are there any shipping products that currently support RFC 2449? Thanks -- Eric A. Hall ehall@ehsco.com +1-650-685-0557 http://www.ehsco.com From owner-ietf-pop3ext Sat Dec 5 20:37:28 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id UAA18016 for ietf-pop3ext-bks; Sat, 5 Dec 1998 20:37:28 -0800 (PST) Received: from hexen.qualcomm.co.nz (hexen.qualcomm.co.nz [203.97.157.3]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id UAA18012 for ; Sat, 5 Dec 1998 20:37:26 -0800 (PST) Received: from [203.97.157.3] (203.97.157.3) by hexen.qualcomm.co.nz with ESMTP (Eudora Internet Mail Server 2.2.1b1); Sun, 6 Dec 1998 17:43:07 +1300 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Sender: glenn@qualcomm.co.nz@mail.qualcomm.co.nz Message-Id: In-Reply-To: <3669D470.5473E385@ehsco.com> Date: Sun, 6 Dec 1998 17:42:58 +1300 To: ietf-pop3ext@imc.org From: Glenn Anderson Subject: Re: Vendors implementing RFC 2449 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk > Are there any shipping products that currently support RFC 2449? Eudora Internet Mail Server 1.3 and 2.2. Glenn. _____________________________________________________________ Glenn Anderson glenn@qualcomm.co.nz Macintosh Internet Programmer Phone (mobile) +64 25 518661 Eudora Internet Mail Server: http://eudora.qualcomm.com/eims/ From owner-ietf-pop3ext Sun Dec 6 14:56:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA28011 for ietf-pop3ext-bks; Sun, 6 Dec 1998 14:56:48 -0800 (PST) Received: from rembrandt.esys.ca (0@rembrandt.esys.ca [198.161.92.18]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA28007 for ; Sun, 6 Dec 1998 14:56:47 -0800 (PST) Received: from execmail.com (zappa.esys.ca [198.161.92.28]) by rembrandt.esys.ca (2.0.4/SMS 2.0.4) with ESMTP id QAA25886; Sun, 6 Dec 1998 16:02:07 -0700 Message-Id: <199812062302.QAA25886@rembrandt.esys.ca> Date: Sun, 6 Dec 1998 16:02:04 -0700 From: Lyndon Nerenberg Subject: Re: Vendors implementing RFC 2449 To: ehall@ehsco.com cc: ietf-pop3ext@imc.org In-Reply-To: <3669D470.5473E385@ehsco.com> MIME-Version: 1.0 Content-Type: TEXT/plain; CHARSET=US-ASCII Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On 5 Dec, Eric A. Hall wrote: > Are there any shipping products that currently support RFC 2449? Execmail server release 2.1 has full support (including SASL PLAIN, CRAM-MD5, and KERBEROS_V4). The production release hits the streets in a week or two. -- Finger lyndon@execmail.com for PGP key. http://www.execmail.com/ From owner-ietf-pop3ext Tue Dec 8 11:38:12 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA25979 for ietf-pop3ext-bks; Tue, 8 Dec 1998 11:38:12 -0800 (PST) Received: from nala.qualcomm.com (nala.qualcomm.com [129.46.50.44]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA25975 for ; Tue, 8 Dec 1998 11:38:12 -0800 (PST) Received: from [129.46.219.101] (llundblade-mac.qualcomm.com [129.46.219.101]) by nala.qualcomm.com (8.8.5/1.4/8.7.2/1.14) with ESMTP id LAA04053; Tue, 8 Dec 1998 11:43:05 -0800 (PST) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Sender: lgl@hotsun.qualcomm.com Message-Id: In-Reply-To: <3669D470.5473E385@ehsco.com> Date: Tue, 8 Dec 1998 11:42:03 -0800 To: "Eric A. Hall" From: Laurence Lundblade Subject: Re: Vendors implementing RFC 2449 Cc: ietf-pop3ext@imc.org Sender: owner-ietf-pop3ext@imc.org Precedence: bulk Qpopper 3.0 should be out by the end of the year/month and supports it. LL At 4:48 PM -0800 12/5/98, Eric A. Hall wrote: > Are there any shipping products that currently support RFC 2449? > > Thanks > > -- > Eric A. Hall ehall@ehsco.com > +1-650-685-0557 http://www.ehsco.com From owner-ietf-pop3ext Mon Dec 14 16:30:20 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA04161 for ietf-pop3ext-bks; Mon, 14 Dec 1998 16:30:20 -0800 (PST) Received: from THOR.INNOSOFT.COM (SYSTEM@THOR.INNOSOFT.COM [192.160.253.66]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA04157 for ; Mon, 14 Dec 1998 16:30:18 -0800 (PST) Received: from elvira.innosoft.com ([192.160.253.135]) by INNOSOFT.COM (PMDF V5.2-29 #30494) with ESMTPS id <01J5BY44FXXS8ZE1ZD@INNOSOFT.COM> for ietf-pop3ext@imc.org; Mon, 14 Dec 1998 14:42:41 PST Received: from elwood.innosoft.com (ELWOOD.INNOSOFT.COM [192.160.253.235]) by elvira.innosoft.com (PMDF V5.2-29 #13579) with SMTP id <0F3Z009838CWTB@elvira.innosoft.com> for ietf-pop3ext@imc.org; Mon, 14 Dec 1998 14:41:21 -0800 (PST) Date: Mon, 14 Dec 1998 14:42:43 -0800 (PST) From: Chris Newman Subject: Re: Vendors implementing RFC 2449 In-reply-to: <3669D470.5473E385@ehsco.com> Originator-info: login-id=chris; server=THOR.INNOSOFT.COM To: "Eric A. Hall" Cc: ietf-pop3ext@imc.org Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Content-transfer-encoding: 7BIT Sender: owner-ietf-pop3ext@imc.org Precedence: bulk On Sat, 5 Dec 1998, Eric A. Hall wrote: > Are there any shipping products that currently support RFC 2449? It is implemented in the shipping version of PMDF 5.2's POP server. I haven't done interoperability testing yet, but would be interested. - Chris From owner-ietf-pop3ext Fri Jan 15 09:56:19 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23752 for ietf-pop3ext-bks; Fri, 15 Jan 1999 08:44:17 -0800 (PST) Received: (from phoffman@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23732; Fri, 15 Jan 1999 08:44:13 -0800 (PST) Date: Fri, 15 Jan 1999 08:44:13 -0800 (PST) Message-Id: <199901151644.IAA23732@mail.proper.com> From: List Manager of ietf-pop3ext To: ietf-pop3ext@imc.org Subject: How to be removed from this list Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Greetings again. Occasionally, people will sign up for a mailing list and forget how to be removed. This message is a reminder for those folks. First off, when you subscribe to a mailing list, you almost always get a first message from the list owner telling you about the mailing list, and explaining how to unsubscribe. It is always a good idea to keep those messages, since you never know when you will need to unsubscribe. This is particularly useful when you change email addresses, because it is difficult to unsubscribe from a list after you have a different mailing address. In the case of this list, the method to unsubscribe is to send a message to: ietf-pop3ext-request@imc.org with the single word: unsubscribe in the body of the message. This is the same as it always has been. To make this easier for you, I have crafted this message so that you should be able to simply reply to this message, and the reply address should be ietf-pop3ext-request@imc.org (although some mail clients screw this up...). Remove everything from the body of the reply, and put in the single word: unsubscribe If you have tried this method, and the mailing list software won't let you unsubscribe, it is probably because your address has changed. In that case, please send a message to subs@imc.org stating which list (or lists) you want to unsubscribe from, and what you think your previous address was. There is a human (that's me!) who will then try to take care of your request, often within a few days. --Paul Hoffman, Director --Internet Mail Consortium From owner-ietf-pop3ext Thu Feb 18 11:13:57 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA09468 for ietf-pop3ext-bks; Thu, 18 Feb 1999 11:13:57 -0800 (PST) Received: from alms1.fw.att.com (alms1.att.com [192.128.167.146]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA09461 for ; Thu, 18 Feb 1999 11:13:56 -0800 (PST) Received: from dns.maillennium.att.com ([135.25.114.99]) by alms1.fw.att.com (AT&T/IPNS/GW-1.0) with ESMTP id OAA18896 for ; Thu, 18 Feb 1999 14:17:54 -0500 (EST) Received: from att.com (hansenpc.bl-els.att.com[135.25.111.58](may be forged)) by maillennium.att.com (labmail) with SMTP id <19990218191810un128871eue>; Thu, 18 Feb 1999 19:18:10 +0000 Message-ID: <36CC6600.5D173F20@att.com> Date: Thu, 18 Feb 1999 14:12:00 -0500 From: Tony Hansen Reply-To: tony@att.com Organization: AT&T Laboratories X-Mailer: Mozilla 4.07 [en] (Win98; I) MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: unknown POP verbs: XSENDER and GURL Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Does anyone know what the POP3 verbs "GURL" and "XSENDER #" are. They are showing up in our pop logs. Tony Hansen tony@att.com From owner-ietf-pop3ext Mon Sep 13 11:23:36 1999 Received: by mail.proper.com (8.9.3/8.9.3) id LAA08667 for ietf-pop3ext-bks; Mon, 13 Sep 1999 11:23:36 -0700 (PDT) Received: from jade. ([164.124.96.60]) by mail.proper.com (8.9.3/8.9.3) with SMTP id LAA08493; Mon, 13 Sep 1999 11:21:59 -0700 (PDT) From: searchers@freeola.com Received: from 164.124.96.60 by jade. (SMI-8.6/SMI-SVR4) id DAA15226; Tue, 14 Sep 1999 03:09:15 +0900 Message-Id: <199909131809.DAA15226@jade.> To: Friend@public.com Date: Mon, 13 Sep 99 18:21:07 EST Subject: Missing Links Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Want to find your missing links ? Want to get more Web Site traffic ? Want the Secrets of the search Engines ? Webmaster Free Business Links has them all. Check it out on : http://209.234.163.159/ Webmaster Free Business Links ++++ Sender & Remove Instructions ++++ Free Business Links Bevere Close Worcester Tel 121 643 2448 ++++++++++++++++++++++++++++++++++++ To get removed from our email list please go to http://www.domainname.com/cleanlist.html ++++++++++++++++++++++++++++++++++++ From owner-ietf-pop3ext Thu Dec 16 15:21:48 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id PAA20189 for ietf-pop3ext-bks; Thu, 16 Dec 1999 15:21:48 -0800 (PST) Received: from enterprise.home (IDENT:root@sdu169-200.ppp.algonet.se [195.163.200.169]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id PAA20184 for ; Thu, 16 Dec 1999 15:21:45 -0800 (PST) Received: from rundegren.com (IDENT:sarek@localhost.localdomain [127.0.0.1]) by enterprise.home (8.9.3/8.9.3) with ESMTP id AAA01533; Fri, 17 Dec 1999 00:23:24 +0100 Message-ID: <3859746C.3228F180@rundegren.com> Date: Fri, 17 Dec 1999 00:23:24 +0100 From: Anders Rundegren X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.12-20 i686) X-Accept-Language: en MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: POP3 "resume download" extension Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I've had some thoughts about an extension to POP3 that will let you resume a download of an interrupted transfer. These days people tend to send each other messages with large attachment, 2-3Mb is not that uncommon. Many clients connecting to their ISP, or even the ISP itself, have their modems improperly setup which causes a flaky phoneline, resulting in a premature disconnect. At present, these messages will have to be re-downloaded from scratch taking a lot of unnecessary bandwidth from the ISP, not to mention resources within the system itself. Since a majority of the ISPs today are still using POP3, as opposed to IMAP (mostly due to the reduced diskspace required when serving a huge numbers of users), I think this might be a good idea. I've spent the last week discussing and developing the idea with a few people, and they are all backing up the idea. I now felt it was time to take it to this group in order to get a response from a larger group. We all came to the conslusion that by giving the RETR command a second argument specifying the offset of where to start downloading would probably be the best idea. Also, there was a discussion on wheather an octet range, (a third argument, specifying where the end of the download should take place) would be appropriate now that we see a lot more portable internet devices where bandwidth is scarce. A breakdown on savings: 1) Less consumption of bandwidth 2) Less resources used on the servers 3) ISPs wishing to have this feature will not be forced to deploy an IMAP server Not to mention happier users getting their files faster and cheaper (in Sweden, and most other countries in Europe, flatrates are just a mere dream). // Anders Rundegren From owner-ietf-pop3ext Thu Dec 16 15:19:40 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id PAA20147 for ietf-pop3ext-bks; Thu, 16 Dec 1999 15:19:40 -0800 (PST) Received: from enterprise.home (IDENT:root@sdu169-200.ppp.algonet.se [195.163.200.169]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id PAA20143 for ; Thu, 16 Dec 1999 15:19:36 -0800 (PST) Received: from rundegren.com (IDENT:sarek@localhost.localdomain [127.0.0.1]) by enterprise.home (8.9.3/8.9.3) with ESMTP id AAA01533; Fri, 17 Dec 1999 00:23:24 +0100 Message-ID: <3859746C.3228F180@rundegren.com> Date: Fri, 17 Dec 1999 00:23:24 +0100 From: Anders Rundegren X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.12-20 i686) X-Accept-Language: en MIME-Version: 1.0 To: ietf-pop3ext@imc.org Subject: POP3 "resume download" extension Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I've had some thoughts about an extension to POP3 that will let you resume a download of an interrupted transfer. These days people tend to send each other messages with large attachment, 2-3Mb is not that uncommon. Many clients connecting to their ISP, or even the ISP itself, have their modems improperly setup which causes a flaky phoneline, resulting in a premature disconnect. At present, these messages will have to be re-downloaded from scratch taking a lot of unnecessary bandwidth from the ISP, not to mention resources within the system itself. Since a majority of the ISPs today are still using POP3, as opposed to IMAP (mostly due to the reduced diskspace required when serving a huge numbers of users), I think this might be a good idea. I've spent the last week discussing and developing the idea with a few people, and they are all backing up the idea. I now felt it was time to take it to this group in order to get a response from a larger group. We all came to the conslusion that by giving the RETR command a second argument specifying the offset of where to start downloading would probably be the best idea. Also, there was a discussion on wheather an octet range, (a third argument, specifying where the end of the download should take place) would be appropriate now that we see a lot more portable internet devices where bandwidth is scarce. A breakdown on savings: 1) Less consumption of bandwidth 2) Less resources used on the servers 3) ISPs wishing to have this feature will not be forced to deploy an IMAP server Not to mention happier users getting their files faster and cheaper (in Sweden, and most other countries in Europe, flatrates are just a mere dream). // Anders Rundegren From owner-ietf-pop3ext Thu Dec 16 16:02:56 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id QAA20838 for ietf-pop3ext-bks; Thu, 16 Dec 1999 16:02:56 -0800 (PST) Received: from demo.esys.ca (demo.esys.ca [207.167.22.130]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id QAA20829 for ; Thu, 16 Dec 1999 16:02:54 -0800 (PST) Received: from messagingdirect.com (2-018-edm.dial.worldgate.ca [207.167.2.18]) by demo.esys.ca (2.0.4/SMS 2.0.4-beta-5) with ESMTP id RAA06648; Thu, 16 Dec 1999 17:06:16 -0700 Message-ID: <38597DC0.E4AD59B9@messagingdirect.com> Date: Thu, 16 Dec 1999 17:03:12 -0700 From: Alexey Melnikov X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Anders Rundegren CC: ietf-pop3ext@imc.org Subject: Re: POP3 "resume download" extension References: <3859746C.3228F180@rundegren.com> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Anders Rundegren wrote: > > I've had some thoughts about an extension to POP3 that will let you > resume a download of an interrupted transfer. These days people tend to > send each other messages with large attachment, 2-3Mb is not that > uncommon. Many clients connecting to their ISP, or even the ISP itself, > have their modems improperly setup which causes a flaky phoneline, > resulting in a premature disconnect. ... I understand the reasons for proposing such extension, but the functionality is already in IMAP4 protocol. My question is : do you want to make IMAP4 from POP3? Alexey From owner-ietf-pop3ext Thu Dec 16 17:09:08 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id RAA21918 for ietf-pop3ext-bks; Thu, 16 Dec 1999 17:09:08 -0800 (PST) Received: from enterprise.home (IDENT:root@sdu166-203.ppp.algonet.se [195.163.203.166]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id RAA21913 for ; Thu, 16 Dec 1999 17:09:05 -0800 (PST) Received: from rundegren.com (IDENT:sarek@localhost.localdomain [127.0.0.1]) by enterprise.home (8.9.3/8.9.3) with ESMTP id CAA00676; Fri, 17 Dec 1999 02:12:39 +0100 Message-ID: <38598E07.1230EA61@rundegren.com> Date: Fri, 17 Dec 1999 02:12:39 +0100 From: Anders Rundegren X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.12-20 i686) X-Accept-Language: en MIME-Version: 1.0 To: Alexey Melnikov CC: ietf-pop3ext@imc.org Subject: Re: POP3 "resume download" extension References: <3859746C.3228F180@rundegren.com> <38597DC0.E4AD59B9@messagingdirect.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: > Anders Rundegren wrote: > > > > I've had some thoughts about an extension to POP3 that will let you > > resume a download of an interrupted transfer. These days people tend to > > send each other messages with large attachment, 2-3Mb is not that > > uncommon. Many clients connecting to their ISP, or even the ISP itself, > > have their modems improperly setup which causes a flaky phoneline, > > resulting in a premature disconnect. > ... > > I understand the reasons for proposing such extension, but the > functionality is already in IMAP4 protocol. My question is : do you want > to make IMAP4 from POP3? > > Alexey Not at all, this feature wouldn't break POP3's download-and-delete model, it doesn't change any states on the server either. It's in its own simplicity just an extension to the RETR command. I don't think adding this feature would make POP3 close in on the IMAP model. // Anders From owner-ietf-pop3ext Thu Dec 16 21:19:46 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id VAA18042 for ietf-pop3ext-bks; Thu, 16 Dec 1999 21:19:46 -0800 (PST) Received: from ns.hyd.rampnet.com ([208.247.183.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id VAA18038 for ; Thu, 16 Dec 1999 21:19:41 -0800 (PST) Received: from ns.hyd.rampnet.com ([208.247.183.98]) by ns.hyd.rampnet.com (8.8.7/8.8.5) with ESMTP id KAA00694; Fri, 17 Dec 1999 10:43:15 +0530 Message-ID: <385A12D2.3BDD279E@rampnet.com> Date: Fri, 17 Dec 1999 05:09:14 +0000 From: "R.Srinivasan" Reply-To: vrs@rampnet.com Organization: Ramp Network (p) Ltd X-Mailer: Mozilla 4.7 [en] (Win95; I) X-Accept-Language: en MIME-Version: 1.0 To: Anders Rundegren CC: "ietf-pop3ext@imc.org" Subject: Re: POP3 "resume download" extension References: <3859746C.3228F180@rundegren.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Anders Rundegren wrote: > I've had some thoughts about an extension to POP3 that will let you > resume a download of an interrupted transfer. These days people tend to > send each other messages with large attachment, 2-3Mb is not that > uncommon. Many clients connecting to their ISP, or even the ISP itself, > have their modems improperly setup which causes a flaky phoneline, > resulting in a premature disconnect. > > At present, these messages will have to be re-downloaded from scratch > taking a lot of unnecessary bandwidth from the ISP, not to mention > resources within the system itself. Since a majority of the ISPs today > are still using POP3, as opposed to IMAP (mostly due to the reduced > diskspace required when serving a huge numbers of users), I think this > might be a good idea. > > I've spent the last week discussing and developing the idea with a few > people, and they are all backing up the idea. I now felt it was time to > take it to this group in order to get a response from a larger group. > > We all came to the conslusion that by giving the RETR command a second > argument specifying the offset of where to start downloading would > probably be the best idea. Also, there was a discussion on wheather an > octet range, (a third argument, specifying where the end of the download > should take place) would be appropriate now that we see a lot more > portable internet devices where bandwidth is scarce. > > A breakdown on savings: > > 1) Less consumption of bandwidth > 2) Less resources used on the servers > 3) ISPs wishing to have this feature will not be forced to deploy an > IMAP server > > Not to mention happier users getting their files faster and cheaper (in > Sweden, and most other countries in Europe, flatrates are just a mere > dream). > > // Anders Rundegren Yes, i guess this would be a good idea to have this option in POP3. I agree with Anders that it would not be like IMAP4. Probably i guess we should go ahead and propose this feature. Srinivasan From owner-ietf-pop3ext Thu Dec 16 22:19:22 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id WAA21461 for ietf-pop3ext-bks; Thu, 16 Dec 1999 22:19:22 -0800 (PST) Received: from astro.cs.utk.edu (ASTRO.CS.UTK.EDU [128.169.93.168]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id WAA21457 for ; Thu, 16 Dec 1999 22:19:21 -0800 (PST) Received: from astro.cs.utk.edu (LOCALHOST [127.0.0.1]) by astro.cs.utk.edu (cf 8.9.3) with ESMTP id BAA02584; Fri, 17 Dec 1999 01:22:26 -0500 (EST) Message-Id: <199912170622.BAA02584@astro.cs.utk.edu> X-URI: http://www.cs.utk.edu/~moore/ From: Keith Moore To: vrs@rampnet.com cc: Anders Rundegren , "ietf-pop3ext@imc.org" Subject: Re: POP3 "resume download" extension In-reply-to: Your message of "Fri, 17 Dec 1999 05:09:14 GMT." <385A12D2.3BDD279E@rampnet.com> X-SUBJECT-MSG-FROM: "R.Srinivasan" Date: Fri, 17 Dec 1999 01:22:26 -0500 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: fwiw, a lot of folks are likely to push back on defining any new extension to pop. there is a feeling that two mail access protocols are too many, and that new effort should be invested into imap rather than pop. but that doesn't mean you shouldn't try, just be aware that you may get some pushback, perhaps enough that it doesn't fly. if you do define an extension for partial message retrieval I think it should allow partial message retrieval (e.g. byte count) rather than just resume. that way, you don't have to drop a connection to get the server to stop sending you a message. I also suspect it should be a different command rather than an extension to RETR - with the latter approach my guess is you're likely to run into some compatibility problems with old servers. but something like PRET

(PRET = "partial retrieve") where is not a byte offset but a cookie that is returned from a previous PRET command (if you want to resume here, use this cookie in the next PRET command)...that would allow for different back-end representations. only problem is it doesn't work well for pipelining - you can't send request #N until you've received response #N-1 - but maybe someone will think of something. Keith From owner-ietf-pop3ext Fri Dec 17 00:14:48 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id AAA28604 for ietf-pop3ext-bks; Fri, 17 Dec 1999 00:14:48 -0800 (PST) Received: from demo.esys.ca (demo.esys.ca [207.167.22.130]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id AAA28599 for ; Fri, 17 Dec 1999 00:14:46 -0800 (PST) Received: from messagingdirect.com (2-109-edm.dial.worldgate.ca [207.167.2.109]) by demo.esys.ca (2.0.4/SMS 2.0.4-beta-5) with ESMTP id BAA07884; Fri, 17 Dec 1999 01:18:34 -0700 Message-ID: <3859F120.434073C2@messagingdirect.com> Date: Fri, 17 Dec 1999 01:15:28 -0700 From: Alexey Melnikov X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: vrs@rampnet.com CC: anders@rundegren.com, ietf-pop3ext@imc.org Subject: Re: POP3 "resume download" extension References: <3859746C.3228F180@rundegren.com> <385A12D2.3BDD279E@rampnet.com> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: > Yes, i guess this would be a good idea to have this option in POP3. I agree > with Anders that it would not be like IMAP4. Probably i guess we should go ahead > and propose this feature. Don't get me wrong : I agree that proposed extension is useful. (And it would be dead easy to implement the extended RETR in our server, for example.) I just concerned about adding too much advanced functionality to POP3. IMAP community spent several years convincing client writers to do this right. You have to convince POP3 server and client writers that they must add such functionality to their products. Alexey From owner-ietf-pop3ext Fri Dec 17 06:01:05 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id GAA07237 for ietf-pop3ext-bks; Fri, 17 Dec 1999 06:01:05 -0800 (PST) Received: from smtp-a.capu.net (IDENT:root@smtp-a.capu.net [205.177.76.122]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id GAA07233 for ; Fri, 17 Dec 1999 06:01:03 -0800 (PST) Received: from ieca.com (mva-aa-119.capu.net [207.226.159.119]) by smtp-a.capu.net (8.9.3/8.9.3) with ESMTP id JAA10573; Fri, 17 Dec 1999 09:04:46 -0500 Message-ID: <3859B650.BDB07B0C@ieca.com> Date: Fri, 17 Dec 1999 19:04:32 +0500 From: "Bonatti, Chris" Organization: IECA, Inc. X-Mailer: Mozilla 4.51 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: Keith Moore , Anders Rundegren , Alexey Melnikov CC: "ietf-pop3ext@imc.org" Subject: Re: POP3 "resume download" extension References: <199912170622.BAA02584@astro.cs.utk.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Anders Rundegren wrote: > Not at all, this feature wouldn't break POP3's download-and-delete > model, it doesn't change any states on the server either. It's in its > own simplicity just an extension to the RETR command. I don't think > adding this feature would make POP3 close in on the IMAP model. > Anders, I agree that this would be a very useful and simple extension. I would support it's definition. Later, Keith Moore wrote: > if you do define an extension for partial message retrieval I think it > should allow partial message retrieval (e.g. byte count) rather than > just resume. that way, you don't have to drop a connection to > get the server to stop sending you a message. I also suspect it should > be a different command rather than an extension to RETR - with the latter > approach my guess is you're likely to run into some compatibility problems > with old servers. > Keith, This also sounds okay, but it certainly could complicate deployment. What would the benefit be if the assumption (for a large message) is a binary attachment? Half a message just wouldn't do anybody much good. Later still, Alexey Melnikov wrote: > IMAP community spent several years convincing client writers to do this > right. You have to convince POP3 server and client writers that they > must add such functionality to their products. > Alexey, Yes, this is likely to be necessary, but it will either sell or it won't. I don't think that should be a barrier to *defining* the extension. Our servers are full of RFCs and drafts that went nowhere in the final analysis. Personally, I think that this will sell. It provides a measure of "robustness" in a simple package, and there is a great interest in buying stronger, better, etc. Chris --------------------------------------------------------------- | International Electronic Communication Analysts, Inc. | | Christopher D. Bonatti 15309 Turkey Foot Road | | Principal Engineer Darnestown, Md 20878-3640 | | bonattic@ieca.com Tel: 301-208-2349 Fax: 301-208-2379 | --------------------------------------------------------------- From owner-ietf-pop3ext Fri Dec 17 06:07:50 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id GAA07360 for ietf-pop3ext-bks; Fri, 17 Dec 1999 06:07:50 -0800 (PST) Received: from astro.cs.utk.edu (ASTRO.CS.UTK.EDU [128.169.93.168]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id GAA07356 for ; Fri, 17 Dec 1999 06:07:49 -0800 (PST) Received: from astro.cs.utk.edu (LOCALHOST [127.0.0.1]) by astro.cs.utk.edu (cf 8.9.3) with ESMTP id JAA18906; Fri, 17 Dec 1999 09:10:43 -0500 (EST) Message-Id: <199912171410.JAA18906@astro.cs.utk.edu> X-URI: http://www.cs.utk.edu/~moore/ From: Keith Moore To: "Bonatti, Chris" cc: Keith Moore , Anders Rundegren , Alexey Melnikov , "ietf-pop3ext@imc.org" Subject: Re: POP3 "resume download" extension In-reply-to: Your message of "Fri, 17 Dec 1999 19:04:32 +0500." <3859B650.BDB07B0C@ieca.com> Date: Fri, 17 Dec 1999 09:10:43 -0500 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: > > if you do define an extension for partial message retrieval I think it > > should allow partial message retrieval (e.g. byte count) rather than > > just resume. that way, you don't have to drop a connection to > > get the server to stop sending you a message. I also suspect it should > > be a different command rather than an extension to RETR - with the latter > > approach my guess is you're likely to run into some compatibility problems > > with old servers. > > > > Keith, > > This also sounds okay, but it certainly could complicate deployment. What > would the benefit be if the assumption (for a large message) is a binary > attachment? Half a message just wouldn't do anybody much good. what I had in mind was being able to download a message in chunks with a fairly easy way for the client to say 'stop sending any more chunks'. having the client close and reopen the connection is slow and wasteful. so if the client can ask for (say) the first 50k, then the second 50k, etc. and the user wants to stop downloading after a few seconds, then all the client has to do is stop asking for more chunks. but it seems like you do want to be able to pipeline it. Keith From owner-ietf-pop3ext Fri Dec 17 06:28:36 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id GAA07661 for ietf-pop3ext-bks; Fri, 17 Dec 1999 06:28:36 -0800 (PST) Received: from smtp-a.capu.net (IDENT:root@smtp-a.capu.net [205.177.76.122]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id GAA07657 for ; Fri, 17 Dec 1999 06:28:34 -0800 (PST) Received: from ieca.com (mva-aa-033.capu.net [207.226.159.33]) by smtp-a.capu.net (8.9.3/8.9.3) with ESMTP id JAA11050; Fri, 17 Dec 1999 09:32:26 -0500 Message-ID: <3859BCD9.D41719E7@ieca.com> Date: Fri, 17 Dec 1999 19:32:26 +0500 From: "Bonatti, Chris" Organization: IECA, Inc. X-Mailer: Mozilla 4.51 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: Keith Moore CC: "ietf-pop3ext@imc.org" Subject: Re: POP3 "resume download" extension References: <199912171410.JAA18906@astro.cs.utk.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Keith Moore wrote: > what I had in mind was being able to download a message in chunks with a > fairly easy way for the client to say 'stop sending any more chunks'. > having the client close and reopen the connection is slow and wasteful. > so if the client can ask for (say) the first 50k, then the second 50k, > etc. and the user wants to stop downloading after a few seconds, then > all the client has to do is stop asking for more chunks. but it seems > like you do want to be able to pipeline it. > Yes, I see what you mean. I agree that punting the connection seems inefficient. You could also do such a thing as a RETR extension, but it would be sufficiently incompatible that it wouldn't really be any different from a separate command. Pipelining this sounds hard. It would be cleaner to check the size of the messages before beginning the RETR, thereby deciding what exceed your threshold. However, I suspect that a user wouldn't always see it that way. Sometimes you end up on a clogged channel or a slow connection that you don't expect. So we need to look at the problem strictly from the user abort point of view. Thinking about pipelining, though, how does this sound: POP3 is normally a half-duplex-like dialog. Suppose we allow an allowed a received command sequence (like maybe "!NEXT") to queue an interrupt of the download at the next chunk. This would require the server to at least nominally *listen* while sending, but since it would not have to process it until the next chunk-boundary was reached the listening would not be too onerous. How difficult would something like this be to implement? Chris From owner-ietf-pop3ext Fri Dec 17 07:03:27 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id HAA08196 for ietf-pop3ext-bks; Fri, 17 Dec 1999 07:03:27 -0800 (PST) Received: from astro.cs.utk.edu (ASTRO.CS.UTK.EDU [128.169.93.168]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id HAA08192 for ; Fri, 17 Dec 1999 07:03:26 -0800 (PST) Received: from astro.cs.utk.edu (LOCALHOST [127.0.0.1]) by astro.cs.utk.edu (cf 8.9.3) with ESMTP id KAA19276; Fri, 17 Dec 1999 10:06:22 -0500 (EST) Message-Id: <199912171506.KAA19276@astro.cs.utk.edu> X-URI: http://www.cs.utk.edu/~moore/ From: Keith Moore To: "Bonatti, Chris" cc: Keith Moore , "ietf-pop3ext@imc.org" Subject: Re: POP3 "resume download" extension In-reply-to: Your message of "Fri, 17 Dec 1999 19:32:26 +0500." <3859BCD9.D41719E7@ieca.com> Date: Fri, 17 Dec 1999 10:06:22 -0500 Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: > Thinking about pipelining, though, how does this sound: POP3 is normally a > half-duplex-like dialog. Suppose we allow an allowed a received command > sequence (like maybe "!NEXT") to queue an interrupt of the download at > the next chunk. If you're suggesting that servers do out-of-order command processing, I don't think that's the way to go. The goal of pipelining chunk requests is to get maximum download speed while still having an early abort capability. Say a client is trying to download a 1MB message in 100K chunks. If it has to get the response from each chunk request before asking for the next the next chunk, there's a round-trip delay after every chunk which could take as long as downloading 100K of data. So having partial retrieve could make the overall download take twice as long. OTOH, if the client can queue ahead several PRET requests then it can make sure that there is always a request outstanding in the server's queue...so there is no waiting. but it can still abort a download within the time it takes for the server to deal with the number of queued-ahead requests ... which is much better than waiting for the entire message and (if tuned right) also better than closing and reopening the connection. maybe what is needed are two "special cookies" for PRET: cookie # means "start at beginning of message" cookie @ means "continue transfer following the last PRET" however, this adds some state to the server. what happens if a client is displaying multiple messages from the same server in different windows, and the user keeps scrolling the windows around? the client (having initially only downloaded enough of each message to display the first page or two of each) might then want to interleave PRETs from one message with PRETs from another. Keith Keith From owner-ietf-pop3ext Fri Dec 17 08:02:45 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id IAA09232 for ietf-pop3ext-bks; Fri, 17 Dec 1999 08:02:45 -0800 (PST) Received: from smtp-a.capu.net (IDENT:root@smtp-a.capu.net [205.177.76.122]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id IAA09228 for ; Fri, 17 Dec 1999 08:02:43 -0800 (PST) Received: from ieca.com (mva-aa-029.capu.net [207.226.159.29]) by smtp-a.capu.net (8.9.3/8.9.3) with ESMTP id LAA16035; Fri, 17 Dec 1999 11:06:35 -0500 Message-ID: <3859D2E4.2B02DDA9@ieca.com> Date: Fri, 17 Dec 1999 21:06:28 +0500 From: "Bonatti, Chris" Organization: IECA, Inc. X-Mailer: Mozilla 4.51 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: Keith Moore CC: "ietf-pop3ext@imc.org" Subject: Re: POP3 "resume download" extension References: <199912171506.KAA19276@astro.cs.utk.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Keith Moore wrote: > > Thinking about pipelining, though, how does this sound: POP3 is normally a > > half-duplex-like dialog. Suppose we allow an allowed a received command > > sequence (like maybe "!NEXT") to queue an interrupt of the download at > > the next chunk. > > If you're suggesting that servers do out-of-order command processing, > I don't think that's the way to go. > No, I didn't really mean out-of-order command processing. What I meant is that there would be a recurring state at the end of every chunk in which the server checks to see whether it has received an "interrupt" command. If it has, it could skip to the start of the next message. If it hasn't, it would continue with the next chunk. This approach has the advantage that both the client and server need do nothing at all if the download is to continue. I just don't know how hard the "listenening" is for most server implementations. Chris From owner-ietf-pop3ext Fri Dec 17 09:48:56 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id JAA10959 for ietf-pop3ext-bks; Fri, 17 Dec 1999 09:48:56 -0800 (PST) Received: from jittlov.qualcomm.com (jittlov.qualcomm.com [129.46.50.79]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id JAA10955 for ; Fri, 17 Dec 1999 09:48:54 -0800 (PST) Received: from lombok (llundbla.qualcomm.com [129.46.219.60]) by jittlov.qualcomm.com (8.8.5/1.4/8.7.2/1.15) with ESMTP id JAA01864; Fri, 17 Dec 1999 09:52:25 -0800 (PST) Message-Id: <4.2.2.19991217095326.00c04230@hotsun.qualcomm.com> X-Sender: lgl@hotsun.qualcomm.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Fri, 17 Dec 1999 09:59:41 -0800 To: Alexey Melnikov , Anders Rundegren From: Laurence Lundblade Subject: Re: POP3 "resume download" extension Cc: ietf-pop3ext@imc.org In-Reply-To: <38597DC0.E4AD59B9@messagingdirect.com> References: <3859746C.3228F180@rundegren.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: At 05:03 PM 12/16/99 -0700, Alexey Melnikov wrote: >I understand the reasons for proposing such extension, but the >functionality is already in IMAP4 protocol. My question is : do you want >to make IMAP4 from POP3? > >Alexey We clearly don't want to make POP3 into IMAP4 for many many reasons :-) One thing Chris Newman and myself were discussing a bit was a profile of IMAP that just supported the features needed to do off-line mode in IMAP. The idea is that these servers would address the problems ISP's have with deploying full IMAP (performance and resource issues, and complexity for set up, the end user and customer support). Then we could create a pop extension that means "don't use POP, offline IMAP supported at port XXX" and make the transition seamless for the user. LL From owner-ietf-pop3ext Fri Dec 17 10:03:02 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id KAA11177 for ietf-pop3ext-bks; Fri, 17 Dec 1999 10:03:02 -0800 (PST) Received: from demo.esys.ca (demo.esys.ca [207.167.22.130]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id KAA11173 for ; Fri, 17 Dec 1999 10:03:01 -0800 (PST) Received: from messagingdirect.com (dhcp198-53.esys.ca [198.161.92.53]) by demo.esys.ca (2.0.4/SMS 2.0.4-beta-5) with ESMTP id LAA08561; Fri, 17 Dec 1999 11:06:46 -0700 Message-ID: <385A7AFD.A8B6718B@messagingdirect.com> Date: Fri, 17 Dec 1999 11:03:42 -0700 From: Alexey Melnikov X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Laurence Lundblade CC: ietf-pop3ext@imc.org Subject: Re: POP3 "resume download" extension References: <3859746C.3228F180@rundegren.com> <4.2.2.19991217095326.00c04230@hotsun.qualcomm.com> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-ietf-pop3ext@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Laurence Lundblade wrote: > We clearly don't want to make POP3 into IMAP4 for many many reasons :-) > > One thing Chris Newman and myself were discussing a bit was a profile of > IMAP that just supported the features needed to do off-line mode in IMAP. > The idea is that these servers would address the problems ISP's have with > deploying full IMAP (performance and resource issues, and complexity for > set up, the end user and customer support). I will vote in favour of this proposal! > Then we could create a pop extension that means "don't use POP, offline > IMAP supported at port XXX" and make the transition seamless for the user. Alexey From owner-ietf-pop3ext Fri Dec 17 10:05:35 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id KAA11202 for ietf-pop3ext-bks; Fri, 17 Dec 1999 10:05:35 -0800 (PST) Received: from astro.cs.utk.edu (ASTRO.CS.UTK.EDU [128.169.93.168]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id KAA11198 for