Hi folks,
Soon I will be posting -11. Below I am detailing the major changes in
the document, most of which were prompted by Chris Newman's review of
the document. And I will post a separate message(s) asking about some
remaining changes that were suggested.
1). Clarified that inactivity timeout can be shorter than 30 mins before
authentication.
2). Allowed characters in Sieve script names - I've changed the document
to use NET-Unicode (RFC 5198) with some extra restrictions. The
following characters are disallowed:
0000-001F; [CONTROL CHARACTERS]
007F; DELETE
0080-009F; [CONTROL CHARACTERS]
2028; LINE SEPARATOR
2029; PARAGRAPH SEPARATOR
Please let me know if this look reasonable.
3). Clarified script name length limit in Unicode characters and octets.
Clarified that the server MUST NOT truncate any name to its limit.
4). Described cases when AUTHENTICATE command can be pipelined with others.
5). Chris Newman pointed out that the document was missing text about
certificate verification after successful STARTTLS. I've cut & pasted
text from draft-hodges-server-ident-check-00.txt, however I've edited it
and hoping that my version is better.
6). Added user language advertisement to CAPABILITY.
7). Clarified that all human readable strings are encoded in UTF-8.
8). Added new response codes to disambiguate deletion of the active
script from deletion of a non existent script, new script name existing
in RENAMESCRIPT, etc.
9). Changed NOOP response to return the client token in a response code,
instead of the human readable portion of the response. This feels cleaner.
10). Extra text in the Security Considerations section talking about
information about user accounts that might be disclosed by various
response codes.
11). Various changes/fixes to ABNF, for example to show which commands
are valid in which states, which responses are valid for which commands,
etc.
12). Added a new requirement on clients to use SRV lookups to locate
ManageSieve servers.
13). Added UNAUTHENTICATE command, so that the same connection can be
reused by an administrative client that wants to manage scripts for
different users.