IMAP4 Access Control List (ACL) Extension
RFC 4314
Document Type RFC - Proposed Standard (December 2005; Errata)
Obsoletes RFC 2086
Last updated 2018-12-20
Stream IETF
Formats plain text pdf html bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4314 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Scott Hollenbeck
Send notices to lisa@osafoundation.org
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                        A. Melnikov
Request for Comments: 4314                                    Isode Ltd.
Obsoletes: 2086                                            December 2005
Category: Standards Track

               IMAP4 Access Control List (ACL) Extension

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   The Access Control List (ACL) extension (RFC 2086) of the Internet
   Message Access Protocol (IMAP) permits mailbox access control lists
   to be retrieved and manipulated through the IMAP protocol.

   This document is a revision of RFC 2086.  It defines several new
   access control rights and clarifies which rights are required for
   different IMAP commands.

Melnikov                    Standards Track                     [Page 1]
RFC 4314                        IMAP ACL                   December 2005

Table of Contents

   1. Introduction and Overview .......................................3
      1.1. Conventions Used in This Document ..........................3
   2. Access Control ..................................................3
      2.1. Standard Rights ............................................5
           2.1.1. Obsolete Rights .....................................5
      2.2. Rights Defined in RFC 2086 .................................8
   3. Access control management commands and responses ................8
      3.1. SETACL Command .............................................8
      3.2. DELETEACL Command ..........................................9
      3.3. GETACL Command ............................................10
      3.4. LISTRIGHTS Command ........................................10
      3.5. MYRIGHTS Command ..........................................11
      3.6. ACL Response ..............................................11
      3.7. LISTRIGHTS Response .......................................12
      3.8. MYRIGHTS Response .........................................12
   4. Rights Required to Perform Different IMAP4rev1 Commands ........12
   5. Other Considerations ...........................................17
      5.1. Additional Requirements and Implementation Notes ..........17
           5.1.1. Servers ............................................17
           5.1.2. Clients ............................................18
      5.2. Mapping of ACL Rights to READ-WRITE and READ-ONLY
           Response Codes ............................................19
   6. Security Considerations ........................................20
   7. Formal Syntax ..................................................21
   8. IANA Considerations ............................................22
   9. Internationalization Considerations ............................22
   Appendix A. Changes since RFC 2086 ................................23
   Appendix B. Compatibility with RFC 2086 ...........................24
   Appendix C. Known Deficiencies ....................................24
   Appendix D. Acknowledgements ......................................25
   Normative References ..............................................25
   Informative References ............................................25

Melnikov                    Standards Track                     [Page 2]
RFC 4314                        IMAP ACL                   December 2005

1.  Introduction and Overview

   The ACL (Access Control List) extension of the Internet Message
   Access Protocol [IMAP4] permits mailbox access control lists to be
   retrieved and manipulated through the IMAP protocol.

   This document is a revision of RFC 2086 [RFC2086].  It tries to
   clarify different ambiguities in RFC 2086, in particular, the use of
   UTF-8 [UTF-8] in access identifiers, which rights are required for
   different IMAP4 commands, and how READ-WRITE/READ-ONLY response codes
   are related to ACL.

1.1.  Conventions Used in This Document

   In examples, "C:" and "S:" indicate lines sent by the client and
   server respectively.

   In all examples "/" character is used as hierarchy separator.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [KEYWORDS].

   The phrase "ACL server" is just a shortcut for saying "IMAP server
   that supports ACL extension as defined in this document".

2.  Access Control

   The ACL extension is present in any IMAP4 implementation that returns
   "ACL" as one of the supported capabilities to the CAPABILITY command.
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools