The Internet Email to Support Diverse Service Environments (Lemonade) Profile
draft-ietf-lemonade-profile-bis-12

[Ballot discuss]
This is a discuss-discuss.  I will clear or revise to make it actionable after the call.

(1) I was wondering why the following SHOULD from 4550 was removed from the security
considerations in this version:

  Lemonade clients SHOULD use TLS-protected IMAP and mail submission
  channels when using BURL-based message submission to protect the
  URLAUTH token from interception.

(2) The Lemonade Message Delivery Agent is optional, but seems to be a significant
enhancement in the architecture.  However, [SIEVE] is never referenced or discussed in
the security considerations.  Is this an oversight, or does the wg believe that introducing
the message delivery agent does not impact the security considerations?  (If it does have
impact, a sentence or two and a pointer to [SIEVE] in section 10 would probably suffice.)

[Ballot comment]
Shouldn't this document update 4469 and 4467 since it adds a new capability (URL-PARTIAL)
to the CATENATE and URLAUTH extensions?

I also think the definition of the new URL-PARTIAL capability should be added to the
replacement for section 12 (summary of changes wrt 4550).

[Ballot comment]
Good work. Its nice to see an explanation how to use existing
protocol components to deal with the limits of a particular
environment.

I would have voted Yes on this if it weren't for the fact that
I'm not sufficiently familiar with all parts of the protocol
set to say for sure that you didn't miss anything.

[Ballot comment]
The 2nd paragraph of Section 7 says:
  >
  > Note that the explicit usage of [SUBMIT] means that when opening a
  > connection to the submission server, clients MUST do so using port
  > 587 unless explicitly configured to use an alternate port [RFC5068].
  > If the TCP connection to the submission server fails to open using
  > port 587, the client MAY then immediately retry using a different
  > port, such as 25.  See [SUBMIT] information on why using port 25 is
  > likely to fail depending on the current location of the client, and
  > may result in a failure code during the SMTP transaction.
  >
  It is unclear to me if this is a new MUST requirement or if it is
  intended to be clarification od one that is already in [SUBMIT].
  Please add text to clear this up.

[Ballot discuss]
This document will obsolete RFC 4550.  Please add a summary of the
  changes between this document and RFC 4550.  (Section 12 does not
  provide what I am seeking, and it should be removed prior to
  publication as an RFC.)

[Ballot comment]
Hannes Tschofenig's SecDir review identified a couple of places that
would benefit from some clarification of the text, and provided
editorial comments that should be taken into acccount.

[Ballot comment]
INTRODUCTION, paragraph 2:
>                          The Lemonade Profile

  Title doesn't describe the content. Title of RFC4550 was much clearer.
  Suggest to use it.

IANA questions/comments:

- In the text of the document (Section 5.9 and 5.10) you specify
the registration of IMAP Keywords, but no such keyword registry
exists. What, if anything, should IANA do with these apparent
registration requests?

Upon approval of this document, IANA will make the following
assignment in the "Internet Message Access Protocol (IMAP) 4
Capabilities" registry at
http://www.iana.org/assignments/imap4-capabilities

Capability Name Reference
-------------------------- ------------------
URL-PARTIAL [RFC-lemonade-profile-bis-11]

We understand the above to be the only IANA Action for this document.

    (1.a) Who is the Document Shepherd for this document? Has the
          Document Shepherd personally reviewed this version of the
          document and, in particular, does he or she believe this
          version is ready for forwarding to the IESG for publication?

Glenn Parsons is the Document Shepherd.

Glenn has reviewed the document and made a number of editorial comments
that the editors will update in the next version.  Once these are
incorporated, he believes the document is ready for publication.

    (1.b) Has the document had adequate review both from key WG members
          and from key non-WG members? Does the Document Shepherd have
          any concerns about the depth or breadth of the reviews that
          have been performed?

This document is the culmination of a multi-year effort with numerous WG
and non-WG members engaged, including folks from the OMA MEM group.  The
reviews have been thorough and have resulted in numerous changes to this
document in its lifetime.

    (1.c) Does the Document Shepherd have concerns that the document
          needs more review from a particular or broader perspective,
          e.g., security, operational complexity, someone familiar with
          AAA, internationalization or XML?

This document focuses on mobile email and the group has solicited input
on security, on operational issues from OMA, as well as client and
server vendor views.  As a result broad review has happened.

    (1.d) Does the Document Shepherd have any specific concerns or
          issues with this document that the Responsible Area Director
          and/or the IESG should be aware of? For example, perhaps he
          or she is uncomfortable with certain parts of the document, or

          has concerns whether there really is a need for it. In any
          event, if the WG has discussed those issues and has indicated
          that it still wishes to advance the document, detail those
          concerns here. Has an IPR disclosure related to this document
          been filed? If so, please include a reference to the
          disclosure and summarize the WG discussion and conclusion on
          this issue.

There are no issues.

    (1.e) How solid is the WG consensus behind this document? Does it
          represent the strong concurrence of a few individuals, with
          others being silent, or does the WG as a whole understand and
          agree with it?

The is the summative conclusive document that the LEMONADE WG has been
working towards.  The entire WG is behind this document.

    (1.f) Has anyone threatened an appeal or otherwise indicated extreme

          discontent? If so, please summarise the areas of conflict in
          separate email messages to the Responsible Area Director. (It
          should be in a separate email because this questionnaire is
          entered into the ID Tracker.)

There have be no threats to the WG chairs.

    (1.g) Has the Document Shepherd personally verified that the
          document satisfies all ID nits? (See
          http://www.ietf.org/ID-Checklist.html and
          http://tools.ietf.org/tools/idnits/). Boilerplate checks are
          not enough; this check needs to be thorough. Has the document
          met all formal review criteria it needs to, such as the MIB
          Doctor, media type and URI type reviews?

The document has been checked.  There are no major issues, only minor
issues were noted (e.g., referring to IDs that have since become RFCs)
and the editor has are already made these changes in the editor's draft
of the next version. 

    (1.h) Has the document split its references into normative and
          informative? Are there normative references to documents that
          are not ready for advancement or are otherwise in an unclear
          state? If such normative references exist, what is the
          strategy for their completion? Are there normative references
          that are downward references, as described in [RFC3967]? If
          so, list these downward references to support the Area
          Director in the Last Call procedure for them [RFC3967].

The references are split.  There are no downward references.

    (1.i) Has the Document Shepherd verified that the document IANA
          consideration section exists and is consistent with the body
          of the document? If the document specifies protocol
          extensions, are reservations requested in appropriate IANA
          registries? Are the IANA registries clearly identified? If
          the document creates a new registry, does it define the
          proposed initial contents of the registry and an allocation
          procedure for future registrations? Does it suggest a
          reasonable name for the new registry? See [RFC5226]. If the
          document describes an Expert Review process has Shepherd
          conferred with the Responsible Area Director so that the IESG
          can appoint the needed Expert during the IESG Evaluation?

The IANA considerations are consistent with the document and should be
sufficient for IANA to implement.

    (1.j) Has the Document Shepherd verified that sections of the
          document that are written in a formal language, such as XML
          code, BNF rules, MIB definitions, etc., validate correctly in
          an automated checker?

There is no formal language in this document.

    (1.k) The IESG approval announcement includes a Document
          Announcement Write-Up. Please provide such a Document
          Announcement Write-Up? Recent examples can be found in the
          "Action" announcements for approved documents. The approval
          announcement contains the following sections:


          Technical Summary

  This document describes a profile (a set of required
extensions,
  restrictions and usage modes) of the IMAP and mail submission
  protocols.  This profile allows clients (especially mobile
clients that are
  constrained in memory, bandwidth, processing power, or other
areas)
  to efficiently use IMAP and Submission to access and submit
mail.
  This includes the ability to forward received mail without
needing to
  download and upload the mail, to optimize submission and to
  efficiently resynchronize in case of loss of connectivity
with the
  server.  The Lemonade profile relies upon several extensions
to IMAP and Mail
  Submission protocols.


          Working Group Summary
   
          There is WG consensus to publish this document.
           
          Document Quality
 
          This document has been through significant review by mail
client and server vendors, often based on issues with implementing the
profile, that has resulted in modified base documents and as a result
modifications in this profile.  In addition, the LEMONADE WG has had a
liaison relationship with OMA MEM that has resulted in a vetting of the
features to ensure that the profile is operationally useful.  The final
document is a result of a significant effort to ensure that the mobile
email requirements are efficiently realized by Internet Mail.