Last Call Review of draft-ietf-extra-sieve-special-use-04

Request Review of draft-ietf-extra-sieve-special-use
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-12-20
Requested 2018-12-06
Authors Stephan Bosch
Draft last updated 2018-12-17
Completed reviews Genart Last Call review of -04 by Meral Shirazipour (diff)
Secdir Last Call review of -04 by Stephen Farrell (diff)
Opsdir Last Call review of -04 by Shwetha Bhandari (diff)
Assignment Reviewer Stephen Farrell
State Completed
Review review-ietf-extra-sieve-special-use-04-secdir-lc-farrell-2018-12-17
Reviewed rev. 04 (document currently at 05)
Review result Ready
Review completed: 2018-12-17


As stated in the draft I see no new security issues here, given that SIEVE already includes the ability to deliver messages and create mailboxes.

A non-security comment, that you should feel free to ignore: as a mail user it is irritating to have multiple folders (that may or may  not have a  "special-use" attribute associated with 'em) created by multiple MUAs and into which messages can be deposited in a manner that's unpredictable to me as a user . I understand that this spec is already trying to help with that, by reducing the likelihood that such redundant folders get created. But I already have a bunch of those folders, so while this is likely the wrong place for such text, I'd have been happier if the guidance for what to do when there's >1 matching special-use mailbox had been more deterministic, even when the SIEVE-supplied default one doesn't exist. For example, if you'd been able to say to sort the matching folders in some way and then pick the first that'd be better I think, but maybe there are reasons why you can't do that in SIEVE. (I'd be even happier if someone was working on specs/tooling to help merge all those folders somehow, but that's definitely out of scope here.)