[Top] [All Lists]

Comments about draft-martin-managesieve-00.txt

2000-02-05 01:18:47
1.1.  Changes

   Changes since 00

   -dropped syncronized literals. added HAVESPACE command

The ABNF grammar still allows synchronizing literals. Update grammar or
leave it (see HAVESPACE comment)

1.6.  Script Names

   Sieve script names may contain any valid UTF8 characters, but ***names
   must be at least one character long***. ...
When one reads the draft for the first time it is not clear why you have
such restriction.
It is better to explain that empty name has different semantics when
SETACTIVE is used.

2.  Commands

   The following commands are valid. Prior to successful authentication
Typo in LOGOUT

2.1.  AUTHENTICATE Command


   The service name specified by this protocol's profile of SASL is
   "imap" since implementations are generally tied to an IMAP

I object because the service name is an element used in several SASL
mechanisms (at least KERBEROS_V4, GSSAPI & DIGEST-MD5)

   [SASL-ANON]. SASL mechanisms which use plaintext passwords
   (including the PLAIN mechanism [PLAIN]) MUST NOT be used unless a
   security layer is active or backwards compatibility dictates other

I don't see the case of "backward compatibility" for the protocol. The
situation is different from POP3/IMAP4 where PLAIN is widely deployed.

2.2.  STARTTLS Command

How client/server should behave if TLS negotiation fails?
There was some discussions in TLS Mailing List
(<ietf-tls(_at_)lists(_dot_)consensus(_dot_)com>) regarding TLS and SMTP.

2.5.  HAVESPACE Command

        String - name
        Number - size

   The HAVESPACE command is used to query the server for available
   space. Clients specifiy the name wished to save the script as and
   it's size in octets.

Why do you want to pass name to HAVESPACE, i.e. does it make any
difference whether name is the name of an existing script or  not?

Also, we was discussing HAVESPACE with Lyndon and he pointed out that
there is a race condition in using HAVESPACE (imagine two clients wants
to store script for the same user. There is enough space for any of them
but not for both).

I prefer IMAP approach: use synchronizing literals in PUTSCRIPT. If
server respond '+ ...', then it will accept the script,
otherwise it will return NO.

2.6.  PUTSCRIPT Command

        String - Script name
        String - Script content

   The PUTSCRIPT command is used by the client to submit a Sieve script
   to the server.

   If the script already exists upon success the old script will be
   overwritten. The old script MUST NOT be overwritten if PUTSCRIPT
   fails in any way.

I suggest adding "A script of the empty length erases script from the
server" (i.e. it will not show up in LISTSCRIPTS anymore)

3.  Formal Syntax


   response-authenticate = *(string CRLF / response-okno / 

I think response-authenticate should look like:

response-authenticate = *(string CRLF) (response-okno /

i.e. any number of string CRLF followed by OK or NO


What do you think about adding response codes for various failures?