draft-ietf-extra-imap4rev2-19.txt   draft-ietf-extra-imap4rev2-20.txt 
Network Working Group A. Melnikov, Ed. Network Working Group A. Melnikov, Ed.
Internet-Draft Isode Ltd Internet-Draft Isode Ltd
Obsoletes: 3501 (if approved) B. Leiba, Ed. Obsoletes: 3501 (if approved) B. Leiba, Ed.
Intended status: Standards Track Futurewei Technologies Intended status: Standards Track Futurewei Technologies
Expires: April 30, 2021 October 27, 2020 Expires: April 30, 2021 October 27, 2020
Internet Message Access Protocol (IMAP) - Version 4rev2 Internet Message Access Protocol (IMAP) - Version 4rev2
draft-ietf-extra-imap4rev2-19 draft-ietf-extra-imap4rev2-20
Abstract Abstract
The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2)
allows a client to access and manipulate electronic mail messages on allows a client to access and manipulate electronic mail messages on
a server. IMAP4rev2 permits manipulation of mailboxes (remote a server. IMAP4rev2 permits manipulation of mailboxes (remote
message folders) in a way that is functionally equivalent to local message folders) in a way that is functionally equivalent to local
folders. IMAP4rev2 also provides the capability for an offline folders. IMAP4rev2 also provides the capability for an offline
client to resynchronize with the server. client to resynchronize with the server.
IMAP4rev2 includes operations for creating, deleting, and renaming IMAP4rev2 includes operations for creating, deleting, and renaming
mailboxes, checking for new messages, permanently removing messages, mailboxes, checking for new messages, permanently removing messages,
setting and clearing flags, RFC 5322, RFC 2045 and RFC 2231 parsing, setting and clearing flags, RFC 5322, RFC 2045 and RFC 2231 parsing,
searching, and selective fetching of message attributes, texts, and searching, and selective fetching of message attributes, texts, and
portions thereof. Messages in IMAP4rev2 are accessed by the use of portions thereof. Messages in IMAP4rev2 are accessed by the use of
numbers. These numbers are either message sequence numbers or unique numbers. These numbers are either message sequence numbers or unique
identifiers. identifiers.
IMAP4rev2 does not specify a means of posting mail; this function is IMAP4rev2 does not specify a means of posting mail; this function is
handled by a mail submission protocol such as RFC 6409. handled by a mail submission protocol such as the one specified in
RFC 6409.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
skipping to change at page 143, line 44 skipping to change at page 143, line 44
sent in the clear over the network unless protection from snooping is sent in the clear over the network unless protection from snooping is
negotiated. This can be accomplished either by the use of IMAPS negotiated. This can be accomplished either by the use of IMAPS
service, STARTTLS command, negotiated privacy protection in the service, STARTTLS command, negotiated privacy protection in the
AUTHENTICATE command, or some other protection mechanism. AUTHENTICATE command, or some other protection mechanism.
11.1. STARTTLS Security Considerations 11.1. STARTTLS Security Considerations
IMAP client and server implementations MUST comply with relevant TLS IMAP client and server implementations MUST comply with relevant TLS
recommendations from [RFC8314]. recommendations from [RFC8314].
Clients and servers MUST implement TLS 1.2 or newer. Use of TLS 1.3 Clients and servers MUST implement TLS 1.2 [TLS-1.2] or newer. Use
[TLS-1.3] is RECOMMENDED. However [TLS-1.2] MAY be used. of TLS 1.3 [TLS-1.3] is RECOMMENDED. TLS 1.2 may be used only in
cases where the other party has not yet implemented TLS 1.3.
Additionally, when using TLS 1.2, IMAP implementations MUST implement Additionally, when using TLS 1.2, IMAP implementations MUST implement
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite, and SHOULD TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite, and SHOULD
implement the TLS_RSA_WITH_AES_128_CBC_SHA [TLS-1.2] cipher suite. implement the TLS_RSA_WITH_AES_128_CBC_SHA [TLS-1.2] cipher suite.
This is important as it assures that any two compliant This is important as it assures that any two compliant
implementations can be configured to interoperate. Other TLS cipher implementations can be configured to interoperate. Other TLS cipher
suites recommended in RFC 7525 are RECOMMENDED: suites recommended in RFC 7525 are RECOMMENDED:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are
OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS]. OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS].
The list of mandatory-to-implement TLS 1.3 cipher suites is described The list of mandatory-to-implement TLS 1.3 cipher suites is described
in Section 9.1 of [TLS-1.3]. in Section 9.1 of [TLS-1.3].
During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check
its understanding of the server hostname against the server's its understanding of the server hostname against the server's
 End of changes. 4 change blocks. 
5 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/