ietf-mta-filters
[Top] [All Lists]

Re: [Fwd: Re: [secdir] secdir review of draft-ietf-sieve-notify-mailto-07.txt]

2008-03-26 09:16:33

Folks, Cyrus and I as chairs need more feedback on whether SHOULDs need to be changed to MUSTs. See my forwarded reply.

Alexey Melnikov wrote:

Subject:
Re: [secdir] secdir review of draft-ietf-sieve-notify-mailto-07.txt
From:
Alexey Melnikov <alexey(_dot_)melnikov(_at_)isode(_dot_)com>
Date:
Wed, 26 Mar 2008 13:04:19 +0000
To:
Hannes Tschofenig <Hannes(_dot_)Tschofenig(_at_)gmx(_dot_)net>

To:
Hannes Tschofenig <Hannes(_dot_)Tschofenig(_at_)gmx(_dot_)net>
CC:
secdir(_at_)mit(_dot_)edu, michael(_dot_)haardt(_at_)freenet(_dot_)ag, Cyrus Daboo <cyrus(_at_)daboo(_dot_)name>, Lisa Dusseault <lisa(_at_)osafoundation(_dot_)org>


Hi Hannes,
Below are my opinions as a Sieve WG participant and not as the Sieve WG chair:

Hannes Tschofenig wrote:
[...]

  o  The "To:" header field and the envelope recipient(s) of the
     notification message SHOULD be set to the address(es) specified in
     the URI (including any URI headers where the hname is "to").

This could be a MUST as well. Otherwise you might want to say to what it is set in other cases.
Indeed.

  o  The "Subject:" field of the notification message MUST contain the
     value defined by the :message notify tag, as described in
     [Notify].  If there is no :message tag and there is a "subject"
     header on the URI, then that value SHOULD be used.  If that is
     also absent, the subject SHOULD be retained from the triggering
     message.  Note that Sieve [Variables] can be used to advantage
     here, as shown in the example in Section 3.


Shouldn't the last SHOULD be a MUST? There do not seem to be too many other useful choices.

Agreed. The only other choice I can think of is an implementation defined string. I am not sure it is a good choice, but if it is, it should be explicitly listed.

Actually I think that both SHOULDs should be MUSTs.
I am just imagining a support person trying to argue with a customer about why a particular notification email had wrong subject, when the "subject" URI header was specified.

  o  The "From:" header field of the notification message SHOULD be set
     to the value of the ":from" parameter to the notify action, if one
     is specified, has email address syntax and is valid according to
     the implementation specific security checks (see Section 3.3 of
     [Notify]).  If ":from" is not specified or is not valid, the
     "From:" header field of the notification message SHOULD be set
     either to the envelope "to" field from the triggering message, as
     used by Sieve, or to a fixed email address (so it "comes from the
     notification system"), at the discretion of the implementation.
     This may not be overridden by a "from" URI header, and any such
     URI header MUST be ignored.

  o  If the envelope sender of the triggering message is empty, the
     envelope sender of the notification message MUST be empty as well,
     to avoid message loops.  Otherwise, the envelope sender of the
     notification message SHOULD be set to the value of the ":from"
     parameter to the notify action, if one is specified, has email
     address syntax and is valid according to the implementation
     specific security checks (see Section 3.3 of [Notify]).  If
     ":from" is not specified or is not valid, the envelope sender of
     the notification message SHOULD be set either to the envelope "to"
     field from the triggering message, as used by Sieve, or to a fixed
     email address (so it "comes from the notification system"), at the
     discretion of the implementation.  This may not be overridden by a
     "from" URI header, and any such URI header MUST be ignored.


For these two paragraphs the same question applies; why a SHOULD instead of a MUST

I also think the SHOULDs should be MUSTs here.

I think "address ... is valid according to the implementation specific security checks" already provides enough leeway to implementations if they want not to use a particular :from value.

The part that reads:

     If ":from" is not specified or is not valid, the envelope sender of
     the notification message SHOULD be set either to the envelope "to"
     field from the triggering message, as used by Sieve, or to a fixed
     email address (so it "comes from the notification system"), at the
     discretion of the implementation.

already list all possible alternatives, so I don't think it is a SHOULD either.