rfc9670.original.xml   rfc9670.xml 
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="UTF-8"?>
<rfc version="3" ipr="trust200902" docName="draft-ietf-jmap-sharing-09" submissi
onType="IETF" category="std" xml:lang="en" xmlns:xi="http://www.w3.org/2001/XInc
lude" indexInclude="true" consensus="true" updates="8620">
<front> <!-- pre-edited by ST 04/19/24 -->
<title abbrev="JMAP Sharing">JMAP Sharing</title>
<seriesInfo value="draft-ietf-jmap-sharing-09" stream="IETF" status="standard" n <!-- draft submitted in xml v3 -->
ame="Internet-Draft"></seriesInfo>
<author role="editor" initials="N.M." surname="Jenkins" fullname="Neil Jenkins"> <!DOCTYPE rfc [
<!ENTITY nbsp "&#160;">
<!ENTITY zwsp "&#8203;">
<!ENTITY nbhy "&#8209;">
<!ENTITY wj "&#8288;">
]>
<rfc version="3" ipr="trust200902" docName="draft-ietf-jmap-sharing-09" number="
9670" submissionType="IETF" category="std" xml:lang="en" xmlns:xi="http://www.w3
.org/2001/XInclude" tocInclude="true" consensus="true" updates="8620" obsoletes=
"" symRefs="true" sortRefs="true">
<front>
<!-- [rfced] Please note that the title of the document has been
updated as follows:
Abbreviations have been expanded per Section 3.6 of RFC 7322 ("RFC
Style Guide"). Please review.
Original:
JMAP Sharing
Current:
JSON Meta Application Protocol (JMAP) Sharing
-->
<title abbrev="JMAP Sharing">JSON Meta Application Protocol (JMAP) Sharing</
title>
<seriesInfo name="RFC" value="9670"/>
<author role="editor" initials="N." surname="Jenkins" fullname="Neil Jenkins
">
<organization>Fastmail</organization> <organization>Fastmail</organization>
<address> <address>
<postal> <postal>
<street>PO Box 234, Collins St West</street> <street>PO Box 234, Collins St West</street>
<city>Melbourne</city> <city>Melbourne</city>
<code>VIC 8007</code> <region>VIC</region>
<code>8007</code>
<country>Australia</country> <country>Australia</country>
</postal> </postal>
<email>neilj@fastmailteam.com</email> <email>neilj@fastmailteam.com</email>
<uri>https://www.fastmail.com</uri> <uri>https://www.fastmail.com</uri>
</address> </address>
</author> </author>
<date year="2024" month="April" day="18"></date> <date year="2024" month="October"/>
<area>Applications</area> <area>ART</area>
<workgroup>JMAP</workgroup> <workgroup>jmap</workgroup>
<keyword>JMAP</keyword> <keyword>JMAP</keyword>
<keyword>JSON</keyword> <keyword>JSON</keyword>
<keyword>sharing</keyword> <keyword>sharing</keyword>
<abstract> <abstract>
<t>This document specifies a data model for sharing data between users using JMA P. Future documents can reference this document when defining data types to supp ort a consistent model of sharing.</t> <t>This document specifies a data model for sharing data between users using the JSON Meta Application Protocol (JMAP). Future documents can reference this docu ment when defining data types to support a consistent model of sharing.</t>
</abstract> </abstract>
</front> </front>
<middle> <middle>
<section anchor="introduction"><name>Introduction</name> <section anchor="introduction"><name>Introduction</name>
<t>JMAP (<xref target="RFC8620"></xref> JSON Meta Application Protocol) is a gen <t>The JSON Meta Application Protocol (JMAP) <xref target="RFC8620"/> is a gener
eric protocol for synchronizing data, such as mail, calendars or contacts, betwe ic protocol for synchronizing data, such as mail, calendars, or contacts, betwee
en a client and a server. It is optimized for mobile and web environments, and p n a client and a server. It is optimized for mobile and web environments and pro
rovides a consistent interface to query, read, and modify different data types, vides a consistent interface to query, read, and modify different data types, in
including comprehensive error handling.</t> cluding comprehensive error handling.</t>
<t>This specification defines a data model to represent entities in a collaborat <t>This specification defines a data model to represent entities in a collaborat
ive environment, and a framework for sharing data between them that can be used ive environment and a framework for sharing data between them that can be used t
to provide a consistent sharing model for different data types. It does not defi o provide a consistent sharing model for different data types. It does not defin
ne <em>what</em> may be shared, or the granularity of permissions, as this will e <em>what</em> may be shared or the granularity of permissions, as this will de
depend on the data in question.</t> pend on the data in question.</t>
<section anchor="notational-conventions"><name>Notational Conventions</name> <section anchor="notational-conventions"><name>Notational Conventions</name>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
"SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this d <t>
ocument are to be interpreted as described in BCP 14 <xref target="RFC2119"></xr The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQU
ef> <xref target="RFC8174"></xref> when, and only when, they appear in all capit IRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
als, as shown here.</t> NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>
RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to
be interpreted as
described in BCP&nbsp;14 <xref target="RFC2119"/> <xref target="RFC8174"/>
when, and only when, they appear in all capitals, as shown here.
</t>
<t>Type signatures, examples, and property descriptions in this document follow the conventions established in <xref target="RFC8620" section="1.1" sectionForma t="of"></xref>. Data types defined in the core specification are also used in t his document.</t> <t>Type signatures, examples, and property descriptions in this document follow the conventions established in <xref target="RFC8620" section="1.1" sectionForma t="of"></xref>. Data types defined in the core specification are also used in t his document.</t>
<t>Examples of API exchanges only show the methodCalls array of the Request obje ct or the methodResponses array of the Response object. For compactness, the res t of the Request/Response object is omitted.</t> <t>Examples of API exchanges only show the methodCalls array of the Request obje ct or the methodResponses array of the Response object. For compactness, the res t of the Request/Response object is omitted.</t>
</section> </section>
<section anchor="terminology"><name>Terminology</name> <section anchor="terminology"><name>Terminology</name>
<t>The same terminology is used in this document as in the core JMAP specificati <t>The same terminology is used in this document as in the core JMAP specificati
on, see <xref target="RFC8620" section="1.6" sectionFormat="comma"></xref>.</t> on. See <xref target="RFC8620" section="1.6" sectionFormat="comma"></xref>.</t>
<t>The terms Principal, and ShareNotification (with these specific capitalizatio <t>The terms "Principal" and "ShareNotification" (with this specific capitalizat
ns) are used to refer to the data types defined in this document and instances o ion) are used to refer to the data types defined in this document and instances
f those data types.</t> of those data types.</t>
</section> </section>
<section anchor="data-model-overview"><name>Data Model Overview</name> <section anchor="data-model-overview"><name>Data Model Overview</name>
<t>A Principal (see <xref target="principals"/>) represents an individual, team, or resource (e.g., a room or projector). The object contains information about the entity being represented, such as a name, description, and time zone. It may also hold domain-specific information. A Principal may be associated with zero or more Accounts (see <xref target="RFC8620" section="1.6.2" sectionFormat="comm a"></xref>) containing data belonging to the Principal. Managing the set of Prin cipals within a system is out of scope for this specification, as it is highly d omain specific. It is likely to map directly from a directory service or other u ser management system.</t> <t>A Principal (see <xref target="principals"/>) represents an individual, team, or resource (e.g., a room or projector). The object contains information about the entity being represented, such as a name, description, and time zone. It may also hold domain-specific information. A Principal may be associated with zero or more Accounts (see <xref target="RFC8620" section="1.6.2" sectionFormat="comm a"></xref>) containing data belonging to the Principal. Managing the set of Prin cipals within a system is out of scope for this specification, as it is highly d omain specific. It is likely to map directly from a directory service or other u ser management system.</t>
<t>Data types may allow users to share data with others by assigning permissions to Principals. When a user's permissions are changed, a ShareNotification objec t is created for them so a client can inform the user of the changes.</t> <t>Data types may allow users to share data with others by assigning permissions to Principals. When a user's permissions are changed, a ShareNotification objec t is created for them so a client can inform the user of the changes.</t>
</section> </section>
<section anchor="subscriptions"><name>Subscribing to Shared Data</name> <section anchor="subscriptions"><name>Subscribing to Shared Data</name>
<t>Permissions determine whether a user <em>may</em> access data, but not whethe <t>Permissions determine whether a user <em>may</em> access data but not whether
r they <em>want</em> to. Some shared data is of equal importance as the user's o they <em>want</em> to. Some shared data is of equal importance as the user's ow
wn, while other data is just there should the user wish to explicitly go find it n, while other data is just there should the user wish to explicitly go find it.
. Clients will often want to differentiate the two. For example, a company may s Clients will often want to differentiate the two. For example, a company may sh
hare mailing list archives for all departments with all employees, but a user ma are mailing list archives for all departments with all employees, but a user may
y only generally be interested in the few they belong to. They would have <em>pe only generally be interested in the few they belong to. They would have <em>per
rmission</em> to access many mailboxes, but can <em>subscribe</em> to just the o mission</em> to access many mailboxes but can <em>subscribe</em> to just the one
nes they care about. The client would provide separate interfaces for reading ma s they care about. The client would provide separate interfaces for reading mail
il in subscribed mailboxes and browsing all mailboxes they have permission to ac in subscribed mailboxes and browsing all mailboxes they have permission to acce
cess in order to manage which they are subscribed to.</t> ss in order to manage those that they are subscribed to.</t>
<t>The JMAP Session object (see <xref target="RFC8620" section="2" sectionFormat <t>The JMAP Session object (see <xref target="RFC8620" section="2" sectionFormat
="comma"></xref>) is defined to include an object in the <tt>accounts</tt> prope ="comma"></xref>) is defined to include an object in the <tt>accounts</tt> prope
rty for every account that the user has access to. Collaborative systems may sha rty for every account that the user has access to. Collaborative systems may sha
re data between a very large number of Principals, most of which the user does n re data between a very large number of Principals, most of which the user does n
ot care about day-to-day. For servers implementing this specification, the Sessi ot care about day to day. For servers implementing this specification, the Sessi
on object <bcp14>MUST</bcp14> only include Accounts where either the user is sub on object <bcp14>MUST</bcp14> only include Accounts where either the user is sub
scribed to at least one record (see <xref target="RFC8620" section="1.6.3" secti scribed to at least one record (see <xref target="RFC8620" section="1.6.3" secti
onFormat="comma"></xref>) in the account, or the account belongs to the user. St onFormat="comma"></xref>) in the account or the account belongs to the user. Sta
ateChange events (<xref target="RFC8620" section="7.1" sectionFormat="comma"></x teChange events (<xref target="RFC8620" section="7.1" sectionFormat="comma"></xr
ref>) for changes to data <bcp14>SHOULD</bcp14> only be sent for data the user h ef>) for changes to data <bcp14>SHOULD</bcp14> only be sent for data the user ha
as subscribed to and <bcp14>MUST NOT</bcp14> be sent for any account where the u s subscribed to and <bcp14>MUST NOT</bcp14> be sent for any account where the us
ser is not subscribed to any records in the account, except where that account b er is not subscribed to any records in the account, except where that account be
elongs to the user.</t> longs to the user.</t>
<t>The server <bcp14>MAY</bcp14> reject the user's attempt to subscribe to some resources even if they have permission to access them (e.g., a calendar represen ting a location).</t> <t>The server <bcp14>MAY</bcp14> reject the user's attempt to subscribe to some resources even if they have permission to access them (e.g., a calendar represen ting a location).</t>
<t>A user can query the set of Principals they have access to with "Principal/qu ery" (see <xref target="principal-query"/>). The Principal object will contain a n Account object for all accounts where the user has permission to access data f or that Principal, even if they are not yet subscribed.</t> <t>A user can query the set of Principals they have access to with "Principal/qu ery" (see <xref target="principal-query"/>). The Principal object will contain a n Account object for all accounts where the user has permission to access data f or that Principal, even if they are not yet subscribed.</t>
</section> </section>
<section anchor="addition-to-the-capabilities-object"><name>Addition to the Capa bilities Object</name> <section anchor="addition-to-the-capabilities-object"><name>Addition to the Capa bilities Object</name>
<t>The capabilities object is returned as part of the JMAP Session object; see < xref target="RFC8620" section="2" sectionFormat="comma"></xref>. This document d efines two additional capability URIs.</t> <t>The capabilities object is returned as part of the JMAP Session object; see < xref target="RFC8620" section="2" sectionFormat="comma"></xref>. This document d efines two additional capability URIs.</t>
<section anchor="urn-ietf-params-jmap-principals"><name>urn:ietf:params:jmap:pri ncipals</name> <section anchor="urn-ietf-params-jmap-principals"><name>urn:ietf:params:jmap:pri ncipals</name>
<t>The <tt>urn:ietf:params:jmap:principals</tt> capability represents support fo r the Principal and ShareNotification data types and associated API methods.</t> <t>The <tt>urn:ietf:params:jmap:principals</tt> capability represents support fo r the Principal and ShareNotification data types and associated API methods.</t>
<t>The value of this property in the JMAP Session capabilities property is an em pty object.</t> <t>The value of this property in the JMAP Session capabilities property is an em pty object.</t>
<t>The value of this property in an accounts accountCapabilities property is an object that <bcp14>MUST</bcp14> contain the following information on server cap abilities and permissions for that account:</t> <t>The value of this property in an account's accountCapabilities property is an object that <bcp14>MUST</bcp14> contain the following information on server cap abilities and permissions for that account:</t>
<ul spacing="compact"> <ul spacing="compact">
<li><t><strong>currentUserPrincipalId</strong>: <tt>Id|null</tt></t> <li><t><strong>currentUserPrincipalId</strong>: <tt>Id|null</tt></t>
<t>The id of the Principal in this account that corresponds to the user fetching this object, if any.</t></li> <t>The id of the Principal in this account that corresponds to the user fetching this object, if any.</t></li>
</ul> </ul>
</section> </section>
<section anchor="urn-ietf-params-jmap-principals-owner"><name>urn:ietf:params:jm ap:principals:owner</name> <section anchor="urn-ietf-params-jmap-principals-owner"><name>urn:ietf:params:jm ap:principals:owner</name>
<t>The URI <tt>urn:ietf:params:jmap:principals:owner</tt> is solely used as a ke <t>The URI <tt>urn:ietf:params:jmap:principals:owner</tt> is solely used as a ke
y in an account’s accountCapabilities property. It does not appear in the JMAP S y in an account's accountCapabilities property. It does not appear in the JMAP S
ession capabilities support is indicated by the <tt>urn:ietf:params:jmap:princ ession capabilities -- support is indicated by the <tt>urn:ietf:params:jmap:prin
ipals</tt> URI being present in the session capabilities.</t> cipals</tt> URI being present in the session capabilities.</t>
<t>If <tt>urn:ietf:params:jmap:principals:owner</tt> is a key in an account’s ac <t>If the <tt>urn:ietf:params:jmap:principals:owner</tt> is a key in an account'
countCapabilities, that account (and data therein) is owned by a Principal. Some s accountCapabilities, that account (and the data therein) is owned by a Princip
accounts may not be owned by a Principal (e.g., the account that contains the d al. Some accounts may not be owned by a Principal (e.g., the account that contai
ata for the Principals themselves), in which case this property is omitted.</t> ns the data for the Principals themselves), in which case this property is omitt
ed.</t>
<t>The value of this property is an object with the following properties:</t> <t>The value of this property is an object with the following properties:</t>
<ul spacing="compact"> <!--[rfced] Formatting of lists.
Throughout the document, each list uses <ul> (with bullets) and the
<strong> element, which adds asterisks around the terms and makes the
.txt file hard to read. To avoid this, we formatted the lists using
<dl> with the descriptions starting on a new line. This way, we were
able to retain the normal spacing and <strong> elements in all output
files, including the HTML and PDF files, and the .txt file is easier
to read.
Otherwise, another option would be to format the lists using <ul> with
the descriptions on a new line, but "compact" spacing has to be used
to avoid an extra line of space between the term and the
description. With <ul>, you can choose to use bullets and no <strong>
element (option A) or no bullets with the <strong> element (option B).
Note that if you opt to not use <strong>, there will be no bolding in
the output files (which includes the HTML and PDF files). Please
review and let us know if the current formatting is acceptable or if
you prefer option A or B.
One example from Section 1.5.2.
Current:
Format in the .txt file using <dl>, normal spacing, and the
<strong> element:
*accountIdForPrincipal*: Id
The id of an account with the urn:ietf:params:jmap:principals
capability that contains the corresponding Principal object.
*principalId*:Id
The id of the Principal that owns this account.
Perhaps A:
Format in the .txt file using <ul> with bullets, compact spacing,
and no <strong> element:
* accountIdForPrincipal: Id
The id of an account with the urn:ietf:params:jmap:principals
capability that contains the corresponding Principal object.
* principalId: Id
The id of the Principal that owns this account.
Or
Perhaps B:
Format in the .txt file using <ul> with no bullets, compact spacing,
and the <strong> element:
*accountIdForPrincipal*: Id
The id of an account with the urn:ietf:params:jmap:principals
capability that contains the corresponding Principal object.
*principalId*: Id
The id of the Principal that owns this account.
-->
<dl spacing="normal" newline="true">
<dt><strong>accountIdForPrincipal</strong>: <tt>Id</tt></dt><dd>
The id of an account with the <tt>urn:ietf:params:jmap:principals</tt>
capability that contains the corresponding Principal object.</dd>
<dt><strong>principalId</strong>:<tt>Id</tt></dt><dd> The id of the Principal th
at owns this account.</dd>
</dl>
<!--NOTE: original format-->
<!--<ul spacing="compact" empty="true">
<li><t><strong>accountIdForPrincipal</strong>: <tt>Id</tt></t> <li><t><strong>accountIdForPrincipal</strong>: <tt>Id</tt></t>
<t>The id of an account with the <tt>urn:ietf:params:jmap:principals</tt> <t>The id of an account with the <tt>urn:ietf:params:jmap:principals</tt>
capability that contains the corresponding Principal object.</t></li> capability that contains the corresponding Principal object.</t></li>
<li><t><strong>principalId</strong>: <tt>Id</tt></t> <li><t><strong>principalId</strong>: <tt>Id</tt></t>
<t>The id of the Principal that owns this account.</t></li> <t>The id of the Principal that owns this account.</t></li>
</ul> </ul>
-->
</section> </section>
</section> </section>
</section> </section>
<section anchor="principals"><name>Principals</name> <section anchor="principals"><name>Principals</name>
<t>A Principal represents an individual, group, location (e.g., a room), resourc <t>A Principal represents an individual, a group, a location (e.g., a room), a r
e (e.g., a projector) or other entity in a collaborative environment. Sharing in esource (e.g., a projector), or another entity in a collaborative environment. S
JMAP is generally configured by assigning rights to certain data within an acco haring in JMAP is generally configured by assigning rights to certain data withi
unt to other Principals. For example, a user may assign permission to read their n an account to other Principals. For example, a user may assign permission to r
calendar to a Principal representing another user or their team.</t> ead their calendar to a Principal representing another user or their team.</t>
<t>In a shared environment such as a workplace, a user may have access to a larg <t>In a shared environment, such as a workplace, a user may have access to a lar
e number of Principals.</t> ge number of Principals.</t>
<t>In most systems, the user will have access to a single Account containing Pri <t>In most systems, the user will have access to a single Account containing Pri
ncipal objects. In some situations, for example when aggregating data from diffe ncipal objects. In some situations, for example, when aggregating data from diff
rent places, there may be multiple Accounts containing Principal objects.</t> erent places, there may be multiple Accounts containing Principal objects.</t>
<t>A <strong>Principal</strong> object has the following properties:</t> <t>A <strong>Principal</strong> object has the following properties:</t>
<!--[rfced] Section 2. Should the links to the IANA Time Zone Database
and "JMAP Data Types" registry perhaps be citations with
corresponding entries in the Informative Reference section as
shown below?
Current (.txt file):
*timeZone*: String|null
The time zone for this Principal, if known. If not null, the
value MUST be a time zone name from the IANA Time Zone Database
(TZDB) (https://www.iana.org/time-zones).
*objectType*: String (immutable; server-set)
The name of the data type for the object whose permissions have
changed, as registered in the IANA "JMAP Data Types" registry
(https://www.iana.org/assignments/jmap/), e.g., "Calendar" or
"Mailbox".
Perhaps:
*timeZone*: String|null
The time zone for this Principal, if known. If not null, the
value MUST be a time zone name from the IANA Time Zone Database
[IANA-TZDB].
*objectType*: String (immutable; server-set)
The name of the data type for the object whose permissions have
changed, as registered in the IANA "JMAP Data Types" registry
[IANA-JMAP], e.g., "Calendar" or "Mailbox".
Informative Reference Entries:
[IANA-TZDB] IANA, "Time Zone Database",
<https://www.iana.org/time-zones>.
[IANA-JMAP] IANA, "JMAP Data Types",
<https://www.iana.org/assignments/jmap>.
-->
<dl spacing="normal" newline="true">
<dt><strong>id</strong>: <tt>Id</tt> (immutable; server-set)</dt>
<dd>The id of the Principal.</dd>
<dt><strong>type</strong>: <tt>String</tt></dt>
<dd><t>This <bcp14>MUST</bcp14> be one of the following values:</t>
<ul spacing="compact"> <ul spacing="compact">
<li><tt>individual</tt>: This represents a single person.</li>
<li><tt>group</tt>: This represents a group of other Principals.</li>
<li><tt>resource</tt>: This represents some resource, e.g., a projector.</li>
<li><tt>location</tt>: This represents a location.</li>
<li><tt>other</tt>: This represents some other undefined Principal.</li>
</ul></dd>
<dt><strong>name</strong>: <tt>String</tt></dt>
<dd>The name of the Principal, e.g., "Jane Doe" or "Room 4B".</dd>
<dt><strong>description</strong>: <tt>String|null</tt></dt>
<dd>A longer description of the Principal, for example, details about the facili
ties of a resource, or null if no description is available.</dd>
<dt><strong>email</strong>: <tt>String|null</tt></dt>
<dd>An email address for the Principal, or null if no email is available. If giv
en, the value <bcp14>MUST</bcp14> conform to the "addr-spec" syntax, as defined
in <xref target="RFC5322" section="3.4.1" sectionFormat="comma" />.</dd>
<dt><strong>timeZone</strong>: <tt>String|null</tt></dt>
<dd>The time zone for this Principal, if known. If not null, the value <bcp14>MU
ST</bcp14> be a time zone name from the IANA Time Zone Database <eref target="ht
tps://www.iana.org/time-zones">(TZDB)</eref>.</dd>
<dt><strong>capabilities</strong>: <tt>String[Object]</tt> (server-set)</dt>
<dd>A map of JMAP capability URIs to domain-specific information about the Princ
ipal in relation to that capability, as defined in the document that registered
the capability.</dd>
<dt><strong>accounts</strong>: <tt>Id[Account]|null</tt> (server-set)</dt>
<dd>A map of account id to Account object for each JMAP Account containing data
for this Principal that the user has access to, or null if none.</dd>
</dl>
<!--NOTE: original format-->
<!--<ul spacing="compact">
<li><t><strong>id</strong>: <tt>Id</tt> (immutable; server-set)</t> <li><t><strong>id</strong>: <tt>Id</tt> (immutable; server-set)</t>
<t>The id of the Principal.</t></li> <t>The id of the Principal.</t></li>
<li><t><strong>type</strong>: <tt>String</tt></t> <li><t><strong>type</strong>: <tt>String</tt></t>
<t>This <bcp14>MUST</bcp14> be one of the following values:</t> <t>This <bcp14>MUST</bcp14> be one of the following values:</t>
<ul spacing="compact"> <ul spacing="compact">
<li><tt>individual</tt>: This represents a single person.</li> <li><tt>individual</tt>: This represents a single person.</li>
<li><tt>group</tt>: This represents a group of other Principals.</li> <li><tt>group</tt>: This represents a group of other Principals.</li>
<li><tt>resource</tt>: This represents some resource, e.g., a projector.</li> <li><tt>resource</tt>: This represents some resource, e.g., a projector.</li>
<li><tt>location</tt>: This represents a location.</li> <li><tt>location</tt>: This represents a location.</li>
<li><tt>other</tt>: This represents some other undefined Principal.</li> <li><tt>other</tt>: This represents some other undefined Principal.</li>
</ul></li> </ul></li>
<li><t><strong>name</strong>: <tt>String</tt></t> <li><t><strong>name</strong>: <tt>String</tt></t>
<t>The name of the Principal, e.g., "Jane Doe", or "Room 4B".</t></li> <t>The name of the Principal, e.g., "Jane Doe" or "Room 4B".</t></li>
<li><t><strong>description</strong>: <tt>String|null</tt></t> <li><t><strong>description</strong>: <tt>String|null</tt></t>
<t>A longer description of the Principal, for example details about the faciliti es of a resource, or null if no description available.</t></li> <t>A longer description of the Principal, for example, details about the facilit ies of a resource, or null if no description is available.</t></li>
<li><t><strong>email</strong>: <tt>String|null</tt></t> <li><t><strong>email</strong>: <tt>String|null</tt></t>
<t>An email address for the Principal, or null if no email is available. If give n, the value MUST conform to the "addr-spec" syntax, as defined in <xref target= "RFC5322" section="3.4.1" sectionFormat="comma" />.</t></li> <t>An email address for the Principal, or null if no email is available. If give n, the value <bcp14>MUST</bcp14> conform to the "addr-spec" syntax, as defined i n <xref target="RFC5322" section="3.4.1" sectionFormat="comma" />.</t></li>
<li><t><strong>timeZone</strong>: <tt>String|null</tt></t> <li><t><strong>timeZone</strong>: <tt>String|null</tt></t>
<t>The time zone for this Principal, if known. If not null, the value <bcp14>MUS T</bcp14> be a time zone name from the IANA Time Zone Database <eref target="htt ps://www.iana.org/time-zones">TZDB</eref>.</t></li> <t>The time zone for this Principal, if known. If not null, the value <bcp14>MUS T</bcp14> be a time zone name from the IANA Time Zone Database <eref target="htt ps://www.iana.org/time-zones">(TZDB)</eref>.</t></li>
<li><t><strong>capabilities</strong>: <tt>String[Object]</tt> (server-set)</t> <li><t><strong>capabilities</strong>: <tt>String[Object]</tt> (server-set)</t>
<t>A map of JMAP capability URIs to domain specific information about the Princi pal in relation to that capability, as defined in the document that registered t he capability.</t></li> <t>A map of JMAP capability URIs to domain-specific information about the Princi pal in relation to that capability, as defined in the document that registered t he capability.</t></li>
<li><t><strong>accounts</strong>: <tt>Id[Account]|null</tt> (server-set)</t> <li><t><strong>accounts</strong>: <tt>Id[Account]|null</tt> (server-set)</t>
<t>A map of account id to Account object for each JMAP Account containing data <t>A map of account id to Account object for each JMAP Account containing data
for this Principal that the user has access to, or null if none.</t></li> for this Principal that the user has access to, or null if none.</t></li>
</ul> </ul>-->
<section anchor="principal-get"><name>Principal/get</name> <section anchor="principal-get"><name>Principal/get</name>
<t>This is a standard "/get" method as described in <xref target="RFC8620" secti on="5.1" sectionFormat="comma"></xref>.</t> <t>This is a standard "/get" method as described in <xref target="RFC8620" secti on="5.1" sectionFormat="comma"></xref>.</t>
</section> </section>
<section anchor="principal-changes"><name>Principal/changes</name> <section anchor="principal-changes"><name>Principal/changes</name>
<t>This is a standard "/changes" method as described in <xref target="RFC8620" s <t>This is a standard "/changes" method as described in <xref target="RFC8620" s
ection="5.2" sectionFormat="comma"></xref>. Note: implementations backed by an e ection="5.2" sectionFormat="comma"></xref>.</t>
xternal directory may be unable to calculate changes. In this case, they will al
ways return a "cannotCalculateChanges" error as described in the core JMAP speci <!--[rfced] Sections 2.2 and 2.5. FYI: We enclosed the "Notes" (two
fication.</t> instances) in the aside element. It is defined as "a container
for content that is semantically less important or tangential to
the content that surrounds it"
(https://authors.ietf.org/en/rfcxml-vocabulary#aside).
If this is not desired, please let us know.
-->
<aside><t>Note: Implementations backed by an external directory may be unable to
calculate changes. In this case, they will always return a "cannotCalculateChan
ges" error as described in the core JMAP specification.</t></aside>
</section> </section>
<section anchor="principal-set"><name>Principal/set</name> <section anchor="principal-set"><name>Principal/set</name>
<t>This is a standard "/set" method as described in <xref target="RFC8620" secti on="5.3" sectionFormat="comma"></xref>.</t> <t>This is a standard "/set" method as described in <xref target="RFC8620" secti on="5.3" sectionFormat="comma"></xref>.</t>
<t>Managing Principals is likely tied to a directory service or some other vendo <t>Managing Principals is likely tied to a directory service or some other vendo
r-specific solution. This management may occur out-of-band, or via an additional r-specific solution. This management may occur out of band or via an additional
capability defined elsewhere. Allowing direct user modification of properties h capability defined elsewhere. Allowing direct user modification of properties ha
as security considerations, as noted in <xref target="security-considerations" / s security considerations, as noted in <xref target="security-considerations" />
>. Servers MUST reject any change it doesn’t allow with a <tt>forbidden</tt> Set . A server <bcp14>MUST</bcp14> reject any change it doesn't allow with a <tt>for
Error.</t> bidden</tt> SetError.</t>
<t>Where a server does support changes via this API, it <bcp14>SHOULD</bcp14> al <t>Where a server does support changes via this API, it <bcp14>SHOULD</bcp14> al
low an update to the "name", "description" and "timeZone" properties of the Prin low an update to the "name", "description", and "timeZone" properties of the Pri
cipal with the same id as the "currentUserPrincipalId" in the Account capabiliti ncipal with the same id as the "currentUserPrincipalId" in the Account capabilit
es. This allows the user to update their own details.</t> ies. This allows the user to update their own details.</t>
</section> </section>
<section anchor="principal-query"><name>Principal/query</name> <section anchor="principal-query"><name>Principal/query</name>
<t>This is a standard "/query" method as described in <xref target="RFC8620" sec tion="5.5" sectionFormat="comma"></xref></t> <t>This is a standard "/query" method as described in <xref target="RFC8620" sec tion="5.5" sectionFormat="comma"></xref>.</t>
<section anchor="filtering"><name>Filtering</name> <section anchor="filtering"><name>Filtering</name>
<t>A <strong>FilterCondition</strong> object has the following properties, all o f which are optional:</t> <t>A <strong>FilterCondition</strong> object has the following properties, all o f which are optional:</t>
<ul spacing="compact"> <dl spacing="normal" newline="true">
<dt><strong>accountIds</strong>: <tt>String[]</tt></dt>
<dd>A list of account ids. The Principal matches if any of the ids in this list
are keys in the Principal's "accounts" property (i.e., if any of the account ids
belong to the Principal).</dd>
<dt><strong>email</strong>: <tt>String</tt></dt>
<dd>The email property of the Principal contains the given string.</dd>
<dt><strong>name</strong>: <tt>String</tt></dt>
<dd>The name property of the Principal contains the given string.</dd>
<dt><strong>text</strong> <tt>String</tt></dt>
<dd>The name, email, or description property of the Principal contains the given
string.</dd>
<dt><strong>type</strong>: <tt>String</tt></dt>
<dd>The type must be exactly as given to match the condition.</dd>
<dt><strong>timeZone</strong>: <tt>String</tt></dt>
<dd>The timeZone must be exactly as given to match the condition.</dd>
</dl>
<!--NOTE: original formatting-->
<!--<ul spacing="compact">
<li><t><strong>accountIds</strong>: <tt>String[]</tt></t> <li><t><strong>accountIds</strong>: <tt>String[]</tt></t>
<t>A list of account ids. The Principal matches if any of the ids in this list a re keys in the Principal's "accounts" property (i.e., if any of the account ids belong to the Principal).</t></li> <t>A list of account ids. The Principal matches if any of the ids in this list a re keys in the Principal's "accounts" property (i.e., if any of the account ids belong to the Principal).</t></li>
<li><t><strong>email</strong>: <tt>String</tt></t> <li><t><strong>email</strong>: <tt>String</tt></t>
<t>The email property of the Principal contains the given string.</t></li> <t>The email property of the Principal contains the given string.</t></li>
<li><t><strong>name</strong>: <tt>String</tt></t> <li><t><strong>name</strong>: <tt>String</tt></t>
<t>The name property of the Principal contains the given string.</t></li> <t>The name property of the Principal contains the given string.</t></li>
<li><t><strong>text</strong> <tt>String</tt></t> <li><t><strong>text</strong> <tt>String</tt></t>
<t>The name, email, or description property of the Principal contains the given string.</t></li> <t>The name, email, or description property of the Principal contains the given string.</t></li>
<li><t><strong>type</strong>: <tt>String</tt></t> <li><t><strong>type</strong>: <tt>String</tt></t>
<t>The type must be exactly as given to match the condition.</t></li> <t>The type must be exactly as given to match the condition.</t></li>
<li><t><strong>timeZone</strong>: <tt>String</tt></t> <li><t><strong>timeZone</strong>: <tt>String</tt></t>
<t>The timeZone must be exactly as given to match the condition.</t></li> <t>The timeZone must be exactly as given to match the condition.</t></li>
</ul> </ul>
-->
<t>All given conditions in the FilterCondition object must match for the Princip al to match.</t> <t>All given conditions in the FilterCondition object must match for the Princip al to match.</t>
<t>Text matches for "contains" SHOULD be simple substring matches.</t> <t>Text matches for "contains" <bcp14>SHOULD</bcp14> be simple substring matches .</t>
</section> </section>
</section> </section>
<section anchor="principal-querychanges"><name>Principal/queryChanges</name> <section anchor="principal-querychanges"><name>Principal/queryChanges</name>
<t>This is a standard "/queryChanges" method as described in <xref target="RFC86 <t>This is a standard "/queryChanges" method as described in <xref target="RFC86
20" section="5.6" sectionFormat="comma"></xref>. Note: implementations backed by 20" section="5.6" sectionFormat="comma"></xref>.</t>
an external directory may be unable to calculate changes. In this case, they wi <aside><t>Note: Implementations backed by an external directory may be unable to
ll always return a "cannotCalculateChanges" error as described in the core JMAP calculate changes. In this case, they will always return a "cannotCalculateChan
specification.</t> ges" error as described in the core JMAP specification.</t></aside>
</section> </section>
</section> </section>
<!-- [rfced] We have a couple of questions regarding "ShareNotification":
A) Section 3 has the title "Share Notifications" (with a space) while the
information that follows uses "ShareNotification" (no space). Should we update
the title to no space (e.g., "ShareNotifications")?
B) We see ShareNotification with <tt> tags, <strong> tags, and no tags.
How may we update for consistency?
ShareNotification
<tt>ShareNotification</tt>
<strong>ShareNotification</strong>
-->
<section anchor="share-notifications"><name>Share Notifications</name> <section anchor="share-notifications"><name>Share Notifications</name>
<t>The ShareNotification data type records when the user's permissions to access <t>The ShareNotification data type records when the user's permissions to access
a shared object changes. ShareNotification are only created by the server; user a shared object changes. ShareNotifications are only created by the server; use
s cannot create them explicitly. Notifications are stored in the same Account as rs cannot create them explicitly. Notifications are stored in the same Account a
the Principals.</t> s the Principals.</t>
<t>Clients may present the list of notifications to the user and allow them to d <t>Clients may present the list of notifications to the user and allow the user
ismiss them. To dismiss a notification you use a standard "/set" call to destroy to dismiss them. To dismiss a notification, use a standard "/set" call to destro
it.</t> y it.</t>
<t>The server <bcp14>SHOULD</bcp14> create a ShareNotification whenever the user <t>The server <bcp14>SHOULD</bcp14> create a ShareNotification whenever the user
's permissions change on an object. It <bcp14>MAY</bcp14> choose not to create a 's permissions change on an object. It <bcp14>MAY</bcp14> choose not to create a
notification for permission changes to a group Principal, even if the user is i notification for permission changes to a group Principal, even if the user is i
n the group, if this is more likely to be overwhelming than helpful, or would cr n the group, if this is more likely to be overwhelming than helpful, or if it wo
eate excessive notifications within the system.</t> uld create excessive notifications within the system.</t>
<section anchor="auto-deletion-of-notifications"><name>Auto-deletion of Notifica tions</name> <section anchor="auto-deletion-of-notifications"><name>Auto-Deletion of Notifica tions</name>
<t>The server <bcp14>MAY</bcp14> limit the maximum number of notifications it wi ll store for a user. When the limit is reached, any new notification will cause the previously oldest notification to be automatically deleted.</t> <t>The server <bcp14>MAY</bcp14> limit the maximum number of notifications it wi ll store for a user. When the limit is reached, any new notification will cause the previously oldest notification to be automatically deleted.</t>
<t>The server <bcp14>MAY</bcp14> coalesce notifications if appropriate, or remov e notifications that it deems are no longer relevant or after a certain period o f time.</t> <t>The server <bcp14>MAY</bcp14> coalesce notifications if appropriate or remove notifications after a certain period of time or that it deems are no longer rel evant.</t>
</section> </section>
<section anchor="object-properties"><name>Object Properties</name> <section anchor="object-properties"><name>Object Properties</name>
<t>The <strong>ShareNotification</strong> object has the following properties:</ t> <t>The <strong>ShareNotification</strong> object has the following properties:</ t>
<dl spacing="normal" newline="true">
<dt><strong>id</strong>: <tt>String</tt> (immutable; server-set)</dt>
<dd>The id of the ShareNotification.</dd>
<dt><strong>created</strong>: <tt>UTCDate</tt> (immutable; server-set)</dt>
<dd>The time this notification was created.</dd>
<dt><strong>changedBy</strong>: <tt>Entity</tt> (immutable; server-set)</dt>
<dd><t>Who made the change.</t>
<ul spacing="compact"> <ul spacing="compact">
<li><t><strong>name</strong>: <tt>String</tt></t>
<t>The name of the entity who made the change.</t></li>
<li><t><strong>email</strong>: <tt>String|null</tt></t>
<t>The email of the entity who made the change, or null if no email is available
.</t></li>
<li><t><strong>principalId</strong>: <tt>Id|null</tt></t>
<t>The id of the Principal corresponding to the entity who made the change, or n
ull if no associated Principal.</t></li>
</ul></dd>
<dt><strong>objectType</strong>: <tt>String</tt> (immutable; server-set)</dt>
<dd>The name of the data type for the object whose permissions have changed, as
registered in the <eref target="https://www.iana.org/assignments/jmap/">IANA "JM
AP Data Types" registry</eref>, e.g., "Calendar" or "Mailbox".</dd>
<dt><strong>objectAccountId</strong>: <tt>Id</tt> (immutable; server-set)</dt>
<dd>The id of the account where this object exists.</dd>
<dt><strong>objectId</strong>: <tt>Id</tt> (immutable; server-set)</dt>
<dd>The id of the object that this notification is about.</dd>
<dt><strong>oldRights</strong>: <tt>String[Boolean]|null</tt> (immutable; server
-set)</dt>
<dd>The "myRights" property of the object for the user before the change.</dd>
<dt><strong>newRights</strong>: <tt>String[Boolean]|null</tt> (immutable; server
-set)</dt>
<dd>The "myRights" property of the object for the user after the change.</dd>
<dt><strong>name</strong>: <tt>String</tt> (immutable; server-set)</dt>
<dd>The name of the object at the time the notification was made. Determining th
e name will depend on the data type in question. For example, it might be the "t
itle" property of a CalendarEvent or the "name" of a Mailbox. The name is to sho
w users who have had their access rights to the object removed what it is that t
hey can no longer access.
</dd>
</dl>
<!--NOTE: original format-->
<!--<ul spacing="compact">
<li><t><strong>id</strong>: <tt>String</tt> (immutable; server-set)</t> <li><t><strong>id</strong>: <tt>String</tt> (immutable; server-set)</t>
<t>The id of the ShareNotification.</t></li> <t>The id of the ShareNotification.</t></li>
<li><t><strong>created</strong>: <tt>UTCDate</tt> (immutable; server-set)</t> <li><t><strong>created</strong>: <tt>UTCDate</tt> (immutable; server-set)</t>
<t>The time this notification was created.</t></li> <t>The time this notification was created.</t></li>
<li><t><strong>changedBy</strong>: <tt>Entity</tt> (immutable; server-set)</t> <li><t><strong>changedBy</strong>: <tt>Entity</tt> (immutable; server-set)</t>
<t>Who made the change.</t> <t>Who made the change.</t>
<ul spacing="compact"> <ul spacing="compact">
<li><t><strong>name</strong>: <tt>String</tt></t> <li><t><strong>name</strong>: <tt>String</tt></t>
<t>The name of the entity who made the change.</t></li> <t>The name of the entity who made the change.</t></li>
<li><t><strong>email</strong>: <tt>String|null</tt></t> <li><t><strong>email</strong>: <tt>String|null</tt></t>
<t>The email of the entity who made the change, or null if no email is available .</t></li> <t>The email of the entity who made the change, or null if no email is available .</t></li>
<li><t><strong>principalId</strong>: <tt>Id|null</tt></t> <li><t><strong>principalId</strong>: <tt>Id|null</tt></t>
<t>The id of the Principal corresponding to the entity who made the change, or n ull if no associated Principal.</t></li> <t>The id of the Principal corresponding to the entity who made the change, or n ull if no associated Principal.</t></li>
</ul></li> </ul></li>
<li><t><strong>objectType</strong>: <tt>String</tt> (immutable; server-set)</t> <li><t><strong>objectType</strong>: <tt>String</tt> (immutable; server-set)</t>
<t>The name of the data type for the object whose permissions have changed, as r egistered in the <eref target="https://www.iana.org/assignments/jmap/jmap.xhtml# jmap-data-types">IANA JMAP Data Types registry</eref>. e.g., "Calendar" or "Mail box".</t></li> <t>The name of the data type for the object whose permissions have changed, as r egistered in the <eref target="https://www.iana.org/assignments/jmap/jmap.xhtml# jmap-data-types">IANA "JMAP Data Types" registry</eref>, e.g., "Calendar" or "Ma ilbox".</t></li>
<li><t><strong>objectAccountId</strong>: <tt>Id</tt> (immutable; server-set)</t> <li><t><strong>objectAccountId</strong>: <tt>Id</tt> (immutable; server-set)</t>
<t>The id of the account where this object exists.</t></li> <t>The id of the account where this object exists.</t></li>
<li><t><strong>objectId</strong>: <tt>Id</tt> (immutable; server-set)</t> <li><t><strong>objectId</strong>: <tt>Id</tt> (immutable; server-set)</t>
<t>The id of the object that this notification is about.</t></li> <t>The id of the object that this notification is about.</t></li>
<li><t><strong>oldRights</strong>: <tt>String[Boolean]|null</tt> (immutable; ser ver-set)</t> <li><t><strong>oldRights</strong>: <tt>String[Boolean]|null</tt> (immutable; ser ver-set)</t>
<t>The "myRights" property of the object for the user before the change.</t></li > <t>The "myRights" property of the object for the user before the change.</t></li >
<li><t><strong>newRights</strong>: <tt>String[Boolean]|null</tt> (immutable; ser ver-set)</t> <li><t><strong>newRights</strong>: <tt>String[Boolean]|null</tt> (immutable; ser ver-set)</t>
<t>The "myRights" property of the object for the user after the change.</t></li> <t>The "myRights" property of the object for the user after the change.</t></li>
<li><t><strong>name</strong>: <tt>String</tt> (immutable; server-set)</t> <li><t><strong>name</strong>: <tt>String</tt> (immutable; server-set)</t>
<t>The name of the object at the time the notification was made. Determining the name will depend on the data type in question. For example, it might be the "ti tle" property of a CalendarEvent or the "name" of a Mailbox. The name is to show to users who have had their access rights to the object removed, so that these users know what it is they can no longer access.</t></li> <t>The name of the object at the time the notification was made. Determining the name will depend on the data type in question. For example, it might be the "ti tle" property of a CalendarEvent or the "name" of a Mailbox. The name is to show to users who have had their access rights to the object removed, so that these users know what it is they can no longer access.</t></li>
</ul> </ul>
-->
</section> </section>
<section anchor="sharenotification-get"><name>ShareNotification/get</name> <section anchor="sharenotification-get"><name>ShareNotification/get</name>
<t>This is a standard "/get" method as described in <xref target="RFC8620" secti on="5.1" sectionFormat="comma"></xref>.</t> <t>This is a standard "/get" method as described in <xref target="RFC8620" secti on="5.1" sectionFormat="comma"></xref>.</t>
</section> </section>
<section anchor="sharenotification-changes"><name>ShareNotification/changes</nam e> <section anchor="sharenotification-changes"><name>ShareNotification/changes</nam e>
<t>This is a standard "/changes" method as described in <xref target="RFC8620" s ection="5.2" sectionFormat="comma"></xref>.</t> <t>This is a standard "/changes" method as described in <xref target="RFC8620" s ection="5.2" sectionFormat="comma"></xref>.</t>
</section> </section>
skipping to change at line 234 skipping to change at line 474
<t>Only destroy is supported; any attempt to create/update <bcp14>MUST</bcp14> b e rejected with a <t>Only destroy is supported; any attempt to create/update <bcp14>MUST</bcp14> b e rejected with a
<tt>forbidden</tt> SetError.</t> <tt>forbidden</tt> SetError.</t>
</section> </section>
<section anchor="sharenotification-query"><name>ShareNotification/query</name> <section anchor="sharenotification-query"><name>ShareNotification/query</name>
<t>This is a standard "/query" method as described in <xref target="RFC8620" sec tion="5.5" sectionFormat="comma"></xref>.</t> <t>This is a standard "/query" method as described in <xref target="RFC8620" sec tion="5.5" sectionFormat="comma"></xref>.</t>
<section anchor="filtering-1"><name>Filtering</name> <section anchor="filtering-1"><name>Filtering</name>
<t>A <strong>FilterCondition</strong> object has the following properties, all o f which are optional:</t> <t>A <strong>FilterCondition</strong> object has the following properties, all o f which are optional:</t>
<ul spacing="compact"> <dl spacing="normal" newline="true">
<dt><strong>after</strong>: <tt>UTCDate|null</tt></dt>
<dd>The creation date must be on or after this date to match the condition.</dd>
<dt><strong>before</strong>: <tt>UTCDate|null</tt></dt>
<dd>The creation date must be before this date to match the condition.</dd>
<dt><strong>objectType</strong>: <tt>String</tt></dt>
<dd>The objectType value must be identical to the given value to match the condi
tion.</dd>
<dt><strong>objectAccountId</strong>: <tt>Id</tt></dt>
<dd>The objectAccountId value must be identical to the given value to match the
condition.</dd>
</dl>
<!-- NOTE: original format-->
<!--<ul spacing="compact">
<li><t><strong>after</strong>: <tt>UTCDate|null</tt></t> <li><t><strong>after</strong>: <tt>UTCDate|null</tt></t>
<t>The creation date must be on or after this date to match the condition.</t></ li> <t>The creation date must be on or after this date to match the condition.</t></ li>
<li><t><strong>before</strong>: <tt>UTCDate|null</tt></t> <li><t><strong>before</strong>: <tt>UTCDate|null</tt></t>
<t>The creation date must be before this date to match the condition.</t></li> <t>The creation date must be before this date to match the condition.</t></li>
<li><t><strong>objectType</strong>: <tt>String</tt></t> <li><t><strong>objectType</strong>: <tt>String</tt></t>
<t>The objectType value must be identical to the given value to match the condit ion.</t></li> <t>The objectType value must be identical to the given value to match the condit ion.</t></li>
<li><t><strong>objectAccountId</strong>: <tt>Id</tt></t> <li><t><strong>objectAccountId</strong>: <tt>Id</tt></t>
<t>The objectAccountId value must be identical to the given value to match the c ondition.</t></li> <t>The objectAccountId value must be identical to the given value to match the c ondition.</t></li>
</ul> </ul>
-->
<t>All given conditions in the FilterCondition object must match for the ShareNo tification to match.</t> <t>All given conditions in the FilterCondition object must match for the ShareNo tification to match.</t>
</section> </section>
<section anchor="sorting"><name>Sorting</name> <section anchor="sorting"><name>Sorting</name>
<t>The "created" property <bcp14>MUST</bcp14> be supported for sorting.</t> <t>The "created" property <bcp14>MUST</bcp14> be supported for sorting.</t>
</section> </section>
</section> </section>
<section anchor="sharenotification-querychanges"><name>ShareNotification/queryCh anges</name> <section anchor="sharenotification-querychanges"><name>ShareNotification/queryCh anges</name>
<t>This is a standard "/queryChanges" method as described in <xref target="RFC86 20" section="5.6" sectionFormat="comma"></xref>.</t> <t>This is a standard "/queryChanges" method as described in <xref target="RFC86 20" section="5.6" sectionFormat="comma"></xref>.</t>
</section> </section>
</section> </section>
<section anchor="framework-for-shared-data"><name>Framework for Shared Data</nam e> <section anchor="framework-for-shared-data"><name>Framework for Shared Data</nam e>
<t>Shareable data types <bcp14>MUST</bcp14> define the following three propertie s:</t> <t>Shareable data types <bcp14>MUST</bcp14> define the following three propertie s:</t>
<ul spacing="compact"> <dl spacing="normal" newline="true">
<dt><strong>isSubscribed</strong>: <tt>Boolean</tt></dt>
<dd>The value "true" indicates that the user wishes to subscribe to see this dat
a. The value "false" indicates that the user does not wish to subscribe to see t
his data. The initial value for this property when data is shared by another use
r is implementation dependent, although data types may give advice on appropriat
e defaults.</dd>
<dt><strong>myRights</strong>: <tt>String[Boolean]</tt></dt>
<dd>The set of permissions the user currently has. Appropriate permissions are d
omain specific and must be defined per data type. Each key is the name of a perm
ission defined for that data type. The value for the key is "true" if the user h
as the permission or "false" if they do not.</dd>
<dt><strong>shareWith</strong>: <tt>Id[String[Boolean]]|null</tt></dt>
<dd><t>The value of this property is null if the data is not shared with anyone.
Otherwise, it is a map where each key is the id of a Principal with which this
data is shared, and the value associated with that key is the rights to give tha
t Principal, in the same format as the <tt>myRights</tt> property. The account i
d for the Principal id can be found in the capabilities of the Account this obje
ct is in (see <xref target="urn-ietf-params-jmap-principals-owner"/>).</t>
<t>Users with appropriate permission may set this property to modify who the dat
a is shared with. The Principal that owns the account that this data is in <bcp1
4>MUST NOT</bcp14> be in the set of sharees since the owner's rights are implici
t.</t></dd>
</dl>
<!--NOTE: original format-->
<!--<ul spacing="compact">
<li><t><strong>isSubscribed</strong>: <tt>Boolean</tt></t> <li><t><strong>isSubscribed</strong>: <tt>Boolean</tt></t>
<t>> The value true indicates the user wishes to subscribe to see this data. The value false indicates the user does not wish to subscribe to see this data. The initial value for this property when data is shared by another user is implemen tation dependent, although data types may give advice on appropriate defaults.</ t></li> <t>The value "true" indicates the user wishes to subscribe to see this data. The value "false" indicates the user does not wish to subscribe to see this data. T he initial value for this property when data is shared by another user is implem entation dependent, although data types may give advice on appropriate defaults. </t></li>
<li><t><strong>myRights</strong>: <tt>String[Boolean]</tt></t> <li><t><strong>myRights</strong>: <tt>String[Boolean]</tt></t>
<t>The set of permissions the user currently has. Appropriate permissions are do main specific and must be defined per data type. Each key is the name of a permi ssion defined for that data type. The value for the key is <tt>true</tt> if the user has the permission, or <tt>false</tt> if they do not.</t></li> <t>The set of permissions the user currently has. Appropriate permissions are do main specific and must be defined per data type. Each key is the name of a permi ssion defined for that data type. The value for the key is true if the user has the permission or false if they do not.</t></li>
<li><t><strong>shareWith</strong>: <tt>Id[String[Boolean]]|null</tt></t> <li><t><strong>shareWith</strong>: <tt>Id[String[Boolean]]|null</tt></t>
<t>The value of this property is null if the data is not shared with anyone. Oth erwise, it is a map where each key is the id of a Principal with which this data is shared, and the value associated with that key is the rights to give that Pr incipal, in the same format as the <tt>myRights</tt> property. The account id fo r the Principal id can be found in the capabilities of the Account this object i s in (see <xref target="urn-ietf-params-jmap-principals-owner"/>). </t> <t>The value of this property is null if the data is not shared with anyone. Oth erwise, it is a map where each key is the id of a Principal with which this data is shared, and the value associated with that key is the rights to give that Pr incipal, in the same format as the <tt>myRights</tt> property. The account id fo r the Principal id can be found in the capabilities of the Account this object i s in (see <xref target="urn-ietf-params-jmap-principals-owner"/>). </t>
<t>Users with appropriate permission may set this property to modify who the dat <t>Users with appropriate permission may set this property to modify who the dat
a is shared with. The Principal that owns the account this data is in <bcp14>MUS a is shared with. The Principal that owns the account that this data is in <bcp1
T NOT</bcp14> be in the set of sharees since the owner's rights are implicit.</t 4>MUST NOT</bcp14> be in the set of sharees since the owner's rights are implici
></li> t.</t></li>
</ul> </ul>-->
<section anchor="example"><name>Example</name> <section anchor="example"><name>Example</name>
<t>Suppose we are designing a data model for a very simple todo list. There is a Todo data type representing a single item to do, each of which belongs to a sin gle TodoList. The specification makes the lists shareable by referencing this do cument and defining the common properties.</t> <t>Suppose we are designing a data model for a very simple todo list. There is a Todo data type representing a single item to do, each of which belongs to a sin gle TodoList. The specification makes the lists shareable by referencing this do cument and defining the common properties.</t>
<t>First it would define a set of domain-specific rights. For example, a TodoLis tRights object may have the following properties:</t> <t>First, it would define a set of domain-specific rights. For example, a TodoLi stRights object may have the following properties:</t>
<ul spacing="compact"> <dl spacing="normal" newline="true">
<dt><strong>mayRead</strong>: <tt>Boolean</tt></dt>
<dd>The user may fetch this TodoList and any Todos that belong to this TodoList.
</dd>
<dt><strong>mayWrite</strong>: <tt>Boolean</tt></dt>
<dd>The user may create, update, or destroy Todos that belong to this TodoList a
nd may change the "name" property of this TodoList.</dd>
<dt><strong>mayAdmin</strong>: <tt>Boolean</tt></dt>
<dd>The user may see and modify the "myRights" property of this TodoList and may
destroy this TodoList.</dd>
</dl>
<!--NOTE: original format-->
<!--<ul spacing="compact">
<li><t><strong>mayRead</strong>: <tt>Boolean</tt></t> <li><t><strong>mayRead</strong>: <tt>Boolean</tt></t>
<t>The user may fetch this TodoList, and any Todos that belong to this TodoList. </t></li> <t>The user may fetch this TodoList and any Todos that belong to this TodoList.< /t></li>
<li><t><strong>mayWrite</strong>: <tt>Boolean</tt></t> <li><t><strong>mayWrite</strong>: <tt>Boolean</tt></t>
<t>The user may create, update, or destroy Todos that belong to this TodoList, a nd may change the "name" property of this TodoList.</t></li> <t>The user may create, update, or destroy Todos that belong to this TodoList an d may change the "name" property of this TodoList.</t></li>
<li><t><strong>mayAdmin</strong>: <tt>Boolean</tt></t> <li><t><strong>mayAdmin</strong>: <tt>Boolean</tt></t>
<t>The user may see and modify the "myRights" property of this TodoList, and may destroy this TodoList.</t></li> <t>The user may see and modify the "myRights" property of this TodoList and may destroy this TodoList.</t></li>
</ul> </ul>
-->
<!--[rfced] Are the three common properties that this sentence refers
to the ones that are explained directly above (i.e., mayRead,
mayWrite, and mayAdmin)? If not, please clarify. If so, may we
update the sentence to include "described above" as shown below?
Original:
Then in the TodoList data type, we would include the three common
properties, in addition to any type-specific properties (like "name"
in this case):
Perhaps:
Then in the TodoList data type, we would include the three common
properties described above, in addition to any type-specific
properties (like "name" in this case):
-->
<t>Then in the TodoList data type, we would include the three common properties, in addition to any type-specific properties (like "name" in this case):</t> <t>Then in the TodoList data type, we would include the three common properties, in addition to any type-specific properties (like "name" in this case):</t>
<ul spacing="compact"> <dl spacing="normal" newline="true">
<dt><strong>id</strong>: <tt>Id</tt> (immutable; server-set)</dt>
<dd>The id of the object.</dd>
<dt><strong>name</strong>: <tt>String</tt></dt>
<dd>A name for this list of todos.</dd>
<dt><strong>isSubscribed</strong>: <tt>Boolean</tt></dt>
<dd>True if the user has indicated they wish to see this list. If false, clients
should not display this todo list with the user's other lists but should provid
e a means for users to see and subscribe to all lists that have been shared with
them.</dd>
<dt><strong>myRights</strong>: <tt>TodoListRights</tt></dt>
<dd>The set of permissions the user currently has for this todo list.</dd>
<dt><strong>shareWith</strong>: <tt>Id[TodoListRights]|null</tt></dt>
<!--[rfced] Section 4.1. Would it be correct to say that the
id-to-rights map is "given to the Principal" (instead of
"to give that Principal") as shown below?
Original:
*shareWith*: Id[TodoListRights]|null
A map of Principal id to rights to give that Principal, or null if
not shared with anyone or the user does not have the "mayAdmin"
right for this list.
Perhaps:
*shareWith*: Id[TodoListRights]|null
A Principal id-to-rights map given to the Principal, or null if
not shared with anyone or if the user does not have the "mayAdmin"
right for this list.
-->
<dd>A map of Principal id to rights to give that Principal, or <tt>null</tt> if
not shared with anyone or the user does not have the "mayAdmin" right for this l
ist. Users with the "mayAdmin" right may set this property to modify who the dat
a is shared with. The Principal that owns the account that this data is in <bcp1
4>MUST NOT</bcp14> be in the set of sharees; their rights are implicit.</dd>
</dl>
<!--NOTE: original format-->
<!--<ul spacing="compact">
<li><t><strong>id</strong>: <tt>Id</tt> (immutable; server-set)</t> <li><t><strong>id</strong>: <tt>Id</tt> (immutable; server-set)</t>
<t>The id of the object.</t></li> <t>The id of the object.</t></li>
<li><t><strong>name</strong>: <tt>String</tt></t> <li><t><strong>name</strong>: <tt>String</tt></t>
<t>A name for this list of todos.</t></li> <t>A name for this list of todos.</t></li>
<li><t><strong>isSubscribed</strong>: <tt>Boolean</tt></t> <li><t><strong>isSubscribed</strong>: <tt>Boolean</tt></t>
<t>True if the user has indicated they wish to see this list. If false, clients should not display this todo list with the user's other lists, but should provid e a means for users to see and subscribe to all lists that have been shared with them.</t></li> <t>True if the user has indicated they wish to see this list. If false, clients should not display this todo list with the user's other lists but should provide a means for users to see and subscribe to all lists that have been shared with them.</t></li>
<li><t><strong>myRights</strong>: <tt>TodoListRights</tt></t> <li><t><strong>myRights</strong>: <tt>TodoListRights</tt></t>
<t>The set of permissions the user currently has for this todo list.</t></li> <t>The set of permissions the user currently has for this todo list.</t></li>
<li><t><strong>shareWith</strong>: <tt>Id[TodoListRights]|null</tt></t> <li><t><strong>shareWith</strong>: <tt>Id[TodoListRights]|null</tt></t>
<t>A map of Principal id to rights to give that Principal, or <tt>null</tt> if n ot shared with anyone or the user does not have the "mayAdmin" right for this li st. Users with the "mayAdmin" right may set this property to modify who the data is shared with. The Principal that owns the account this data is in <bcp14>MUST NOT</bcp14> be in the set of sharees; their rights are implicit.</t></li> <t>A map of Principal id to rights to give that Principal, or <tt>null</tt> if n ot shared with anyone or the user does not have the "mayAdmin" right for this li st. Users with the "mayAdmin" right may set this property to modify who the data is shared with. The Principal that owns the account that this data is in <bcp14 >MUST NOT</bcp14> be in the set of sharees; their rights are implicit.</t></li>
</ul> </ul>
-->
<t>We would define a new Principal capability with two properties:</t> <t>We would also define a new Principal capability with two properties:</t>
<ul spacing="compact">
<dl spacing="normal" newline="true">
<dt><strong>accountId</strong>: <tt>Id|null</tt></dt>
<dd>The accountId containing the todo data for this Principal, if it has been sh
ared with the requesting user.</dd>
<dt><strong>mayShareWith</strong>: <tt>Boolean</tt></dt>
<dd>The user may add this Principal as a sharee of a todo list.</dd>
</dl>
<!--NOTE: original format-->
<!--<ul spacing="compact">
<li><t><strong>accountId</strong>: <tt>Id|null</tt></t> <li><t><strong>accountId</strong>: <tt>Id|null</tt></t>
<t>The accountId containing the todo data for this Principal, if it has been sha red with the requesting user.</t></li> <t>The accountId containing the todo data for this Principal, if it has been sha red with the requesting user.</t></li>
<li><t><strong>mayShareWith</strong>: <tt>Boolean</tt></t> <li><t><strong>mayShareWith</strong>: <tt>Boolean</tt></t>
<t>May the user add this Principal as a sharee of a todo list?</t></li> <t>The user may add this Principal as a sharee of a todo list.</t></li>
</ul> </ul>
-->
<t>A client wishing to let the user configure sharing would look at the account <!--[rfced] Section 4.1. Figures 1-4 do not have titles. If you would
capabilities for the Account containing the user's Todo data, and find the "urn: like to include titles, please provide the text.
ietf:params:jmap:principals:owner" property, as per <xref target="urn-ietf-param -->
s-jmap-principals-owner"></xref>. For example, the JMAP Session object might con
tain:</t>
<figure><artwork> <t>A client wishing to let the user configure sharing would look at the account
capabilities for the Account containing the user's Todo data and find the "urn:i
etf:params:jmap:principals:owner" property, as per <xref target="urn-ietf-params
-jmap-principals-owner"></xref>. For example, the JMAP Session object might cont
ain:</t>
<figure>
<sourcecode type="json">
{ {
"accounts": { "accounts": {
"u12345678": { "u12345678": {
"name": "jane.doe@example.com", "name": "jane.doe@example.com",
"isPersonal": true, "isPersonal": true,
"isReadOnly": false, "isReadOnly": false,
"accountCapabilities": { "accountCapabilities": {
"urn:com.example:jmap:todo": {}, "urn:com.example:jmap:todo": {},
"urn:ietf:params:jmap:principals:owner": { "urn:ietf:params:jmap:principals:owner": {
"accountIdForPrincipal": "u33084183", "accountIdForPrincipal": "u33084183",
"principalId": "P105aga511jaa" "principalId": "P105aga511jaa"
} }
} }
}, },
... ...
}, },
... ...
} }</sourcecode>
</artwork></figure> </figure>
<t>From this it now knows which account has the Principal data, and can fetch th <!--[rfced] Section 4.1. Does "it" refer to the "client" in this
e list of Principals to offer the user to share the list with, making an API req sentence? Please let us know if we may rephrase the text as shown
uest like this:</t> below for clarity.
<figure><artwork> Original:
From this it now knows which account has the Principal data, and can
fetch the list of Principals to offer the user to share the list
with, making an API request like this:
Perhaps:
From this, the client now knows which account has the Principal data,
and it can fetch the list of Principals and offer to share it with
the user by making an API request like this:
-->
<t>From this, it now knows which account has the Principal data and can fetch th
e list of Principals to offer the user to share the list with, making an API req
uest like this:</t>
<figure>
<sourcecode type="json">
[[ "Principal/get", { [[ "Principal/get", {
"accountId": "u33084183", "accountId": "u33084183",
"ids": null "ids": null
}, "0" ]] }, "0" ]]</sourcecode>
</artwork></figure> </figure>
<t>Here's an example response (where Joe Bloggs is another user that this user c <!--[rfced] Section 4.1. May we update "but who has not" to "even
ould share their todo list with, but who has not shared any data in their own ac though Joe has not" as shown below? Please let us know if the
count with this user): suggested update provides clarity or if you prefer otherwise.
Original:
Here's an example response (where Joe Bloggs is another user that
this user could share their todo list with, but who has not shared
any data in their own account with this user):
Perhaps:
Here's an example response (where "Joe Bloggs" is another user who
this user could share their todo list with, even though Joe has not
shared any data from its account):
-->
<t>Here's an example response (where "Joe Bloggs" is another user that this user
could share their todo list with, but who has not shared any data in their own
account with this user):
</t> </t>
<figure><artwork> <figure>
<sourcecode type="json">
[[ "Principal/get", { [[ "Principal/get", {
"accountId": "u33084183", "accountId": "u33084183",
"state": "7b8eff5zz", "state": "7b8eff5zz",
"list": [{ "list": [{
"id": "P2342fnddd20", "id": "P2342fnddd20",
"type": "individual", "type": "individual",
"name": "Joe Bloggs", "name": "Joe Bloggs",
"description": null, "description": null,
"email": "joe.bloggs@example.com", "email": "joe.bloggs@example.com",
"timeZone": "Australia/Melbourne", "timeZone": "Australia/Melbourne",
skipping to change at line 367 skipping to change at line 733
} }
}, },
"accounts": null "accounts": null
}, { }, {
"id": "P674pp24095qo49pr", "id": "P674pp24095qo49pr",
"name": "Board room", "name": "Board room",
"type": "location", "type": "location",
... ...
}, ... ], }, ... ],
"notFound": [] "notFound": []
}, "0" ]] }, "0" ]]</sourcecode>
</artwork></figure> </figure>
<t>A todo list can be shared with Joe Bloggs by updating its shareWith property, as in this example request:</t> <t>A todo list can be shared with "Joe Bloggs" by updating its shareWith propert y, as in this example request:</t>
<figure><artwork> <figure>
<sourcecode type="json">
[[ "TodoList/set", { [[ "TodoList/set", {
"accountId": "u12345678", "accountId": "u12345678",
"update": { "update": {
"tl01n231": { "tl01n231": {
"shareWith": { "shareWith": {
"P2342fnddd20": { "P2342fnddd20": {
"mayRead": true, "mayRead": true,
"mayWrite": true, "mayWrite": true,
"mayAdmin": false "mayAdmin": false
} }
} }
} }
} }
}, "0" ]] }, "0" ]]</sourcecode>
</artwork></figure> </figure>
</section> </section>
</section> </section>
<section><name>Internationalisation Considerations</name> <section><name>Internationalization Considerations</name>
<t>Experience has shown that unrestricted use of Unicode can lead to problems su <t>Experience has shown that unrestricted use of Unicode can lead to problems su
ch as inconsistent rendering, users reading text and interpreting it differently ch as inconsistent rendering, users reading text and interpreting it differently
than intended, and unexpected results when copying text from one location to an than intended, and unexpected results when copying text from one location to an
other. Servers MAY choose to mitigate this by restricting the set of characters other. Servers <bcp14>MAY</bcp14> choose to mitigate this by restricting the set
allowed in otherwise unconstrained <tt>String</tt> fields. The FreeformClass, as of characters allowed in otherwise unconstrained <tt>String</tt> fields. The Fr
documented in <xref target="RFC8264" section="4.3" sectionFormat="comma" /> mig eeformClass, as documented in <xref target="RFC8264" section="4.3" sectionFormat
ht be a good starting point for this.</t> ="comma" />, might be a good starting point for this.</t>
<t>Attempts to set a value containing code points outside of the permissible set <t>Attempts to set a value containing code points outside of the permissible set
can be handled in a few ways by the server. The first option is to simply strip can be handled in a few ways by the server. The first option is to simply strip
the forbidden characters and store the resulting string. This is likely to be a the forbidden characters and store the resulting string. This is likely to be a
ppropriate for control characters for example, where they can end up in data acc ppropriate for control characters, for example, where they can end up in data ac
identally due to copy-and-paste issues, and are probably invisible to the end us cidentally due to copy-and-paste issues and are probably invisible to the end us
er. JMAP allows the server to transform data on create/update, as long as any ch er. JMAP allows the server to transform data on create/update, as long as any ch
anged properties are returned to the client in the <tt>/set</tt> response, so it anged properties are returned to the client in the <tt>/set</tt> response so it
knows what has changed, as per <xref target="RFC8620" section="5.3" sectionForm knows what has changed, as per <xref target="RFC8620" section="5.3" sectionForma
at="comma" />. Alternatively, the server MAY just reject the create/update with t="comma" />. Alternatively, the server <bcp14>MAY</bcp14> just reject the creat
an <tt>invalidProperties</tt> SetError.</t> e/update with an <tt>invalidProperties</tt> SetError.</t>
</section> </section>
<section anchor="security-considerations"><name>Security Considerations</name> <section anchor="security-considerations"><name>Security Considerations</name>
<t>All security considerations of JMAP <xref target="RFC8620"></xref> apply to t his specification. Additional considerations are detailed below.</t> <t>All security considerations of JMAP <xref target="RFC8620"></xref> apply to t his specification. Additional considerations are detailed below.</t>
<section anchor="spoofing"><name>Spoofing</name> <section anchor="spoofing"><name>Spoofing</name>
<t>Allowing users to edit their own Principal's name (and, to a lesser extent, e mail, description, or type) could allow a user to change their Principal to look like another user in the system, potentially tricking others into sharing priva te data with them. Servers may choose to forbid this, and <bcp14>SHOULD</bcp14> keep logs of such changes to provide an audit trail.</t> <t>Allowing users to edit their own Principal's name (and, to a lesser extent, e mail, description, or type) could allow a user to change their Principal to look like another user in the system, potentially tricking others into sharing priva te data with them. Servers may choose to forbid this and <bcp14>SHOULD</bcp14> k eep logs of such changes to provide an audit trail.</t>
<t>Note that simply forbidding the use of a name already in the system is insuff icient protection, as a malicious user could still change their name to somethin g easily confused with the existing name by using trivial misspellings or visual ly similar Unicode characters.</t> <t>Note that simply forbidding the use of a name already in the system is insuff icient protection, as a malicious user could still change their name to somethin g easily confused with the existing name by using trivial misspellings or visual ly similar Unicode characters.</t>
</section> </section>
<section anchor="unnoticed-sharing"><name>Unnoticed Sharing</name> <section anchor="unnoticed-sharing"><name>Unnoticed Sharing</name>
<t>Sharing data with another user allows someone to turn a transitory account co mpromise (e.g., brief access to an unlocked or logged-in client) into a persiste nt compromise (by setting up sharing with a user that is controlled by the attac ker). This can be mitigated by requiring further authorisation for configuring s haring, or sending notifications to the sharer via another channel whenever a ne w sharee is added.</t> <t>Sharing data with another user allows someone to turn a transitory account co mpromise (e.g., brief access to an unlocked or logged-in client) into a persiste nt compromise (by setting up sharing with a user that is controlled by the attac ker). This can be mitigated by requiring further authorization for configuring s haring or sending notifications to the sharer via another channel whenever a new sharee is added.</t>
</section> </section>
<section anchor="dos"><name>Denial of Service</name> <section anchor="dos"><name>Denial of Service</name>
<t>By creating many changes to the sharing status of objects, a user can cause m any ShareNotifications to be generated, which could lead to resource exhaustion. Servers can mitigate this by coalescing multiple changes to the same object int o a single notification, limiting the maximum number of notifications it stores per user, and/or rate limiting the changes to sharing permissions in the first p lace. Automatically deleting older notifications after reaching a limit can mean the user is not made aware of a sharing change, which can itself be a security issue. For this reason, it is better to coalesce changes and use other mitigatio n strategies.</t> <t>By creating many changes to the sharing status of objects, a user can cause m any ShareNotifications to be generated, which could lead to resource exhaustion. Servers can mitigate this by coalescing multiple changes to the same object int o a single notification, limiting the maximum number of notifications it stores per user and/or rate-limiting the changes to sharing permissions in the first pl ace. Automatically deleting older notifications after reaching a limit can mean the user is not made aware of a sharing change, which can itself be a security i ssue. For this reason, it is better to coalesce changes and use other mitigation strategies.</t>
</section> </section>
<section anchor="unauthorised-principals"><name>Unauthorised Principals</name> <section anchor="unauthorised-principals"><name>Unauthorized Principals</name>
<t>The set of Principals within a shared environment <bcp14>MUST</bcp14> be stri ctly controlled. If adding a new Principal is open to the public, risks include: </t> <t>The set of Principals within a shared environment <bcp14>MUST</bcp14> be stri ctly controlled. If adding a new Principal is open to the public, risks include: </t>
<ul spacing="compact"> <ul spacing="compact">
<li>An increased risk of a user accidentally sharing data with an unintended per son.</li> <li>An increased risk of a user accidentally sharing data with an unintended per son.</li>
<li>An attacker may share unwanted or offensive information with the user.</li> <li>An attacker sharing unwanted or offensive information with the user.</li>
<li>An attacker may share items with spam content in the names in order to gener <li>An attacker sharing items with spam content in the names in order to generat
ate ShareNotification objects, which are likely to be prominently displayed to t e ShareNotification objects, which are likely to be prominently displayed to the
he sharee.</li> sharee.</li>
</ul> </ul>
</section> </section>
</section> </section>
<section anchor="iana-considerations"><name>IANA Considerations</name> <section anchor="iana-considerations"><name>IANA Considerations</name>
<!--[rfced] IANA Considerations (Section 7)
Please review all of the IANA-related updates carefully and
let us know if any further updates are needed.
FYI: In Sections 7.1-7.4, note that we made the registrations match IANA's
registrations at https://www.iana.org/assignments/jmap/.
-->
<section anchor="jmap-capability-registration-for-principals"><name>JMAP Capabil ity Registration for "principals"</name> <section anchor="jmap-capability-registration-for-principals"><name>JMAP Capabil ity Registration for "principals"</name>
<t>IANA will register the "principals" JMAP Capability as follows:</t> <t>IANA has registered the "principals" JMAP Capability in the "JMAP Capabilitie
<t>Capability Name: <tt>urn:ietf:params:jmap:principals</tt></t> s" registry as follows:</t>
<t>Specification document: this document</t> <dl newline="false" spacing="compact">
<t>Intended use: common</t> <dt>Capability Name:</dt> <dd><tt>urn:ietf:params:jmap:principals</tt></dd>
<t>Change Controller: IETF</t> <dt>Intended Use:</dt> <dd>common</dd>
<t>Security and privacy considerations: this document, <xref target="security-co <dt>Change Controller:</dt> <dd>IETF</dd>
nsiderations" /></t> <dt>Security and Privacy Considerations:</dt> <dd>RFC 9670, <xref target="secu
rity-considerations" /></dd>
<dt>Reference:</dt> <dd>RFC 9670</dd>
</dl>
</section> </section>
<section anchor="jmap-capability-registration-for-principals-owner"><name>JMAP C apability Registration for "principals:owner"</name> <section anchor="jmap-capability-registration-for-principals-owner"><name>JMAP C apability Registration for "principals:owner"</name>
<t>IANA will register the "principals:owner" JMAP Capability as follows:</t> <t>IANA has registered the "principals:owner" JMAP Capability in the "JMAP Capab
<t>Capability Name: <tt>urn:ietf:params:jmap:principals:owner</tt></t> ilities" registry as follows:</t>
<t>Specification document: this document</t> <dl newline="false" spacing="compact">
<t>Intended use: common</t> <dt>Capability Name:</dt> <dd><tt>urn:ietf:params:jmap:principals:owner</tt></
<t>Change Controller: IETF</t> dd>
<t>Security and privacy considerations: this document, <xref target="security-co <dt>Intended Use:</dt> <dd>common</dd>
nsiderations" /></t> <dt>Change Controller:</dt> <dd>IETF</dd>
<dt>Security and Privacy Considerations:</dt> <dd>RFC 9670, <xref target="secu
rity-considerations" /></dd>
<dt>Reference:</dt> <dd>RFC 9670</dd>
</dl>
</section> </section>
<section anchor="jmap-data-type-registration-for-principal"><name>JMAP Data Type Registration for "Principal"</name> <section anchor="jmap-data-type-registration-for-principal"><name>JMAP Data Type Registration for "Principal"</name>
<t>IANA will register the "Principal" JMAP Data Type as follows:</t> <t>IANA has registered the "Principal" JMAP Data Type in the "JMAP Data Types" r
<t>Type Name: <tt>Principal</tt></t> egistry as follows:</t>
<t>Can reference blobs: no</t> <dl newline="false" spacing="compact">
<t>Can Use for State Change: yes</t> <dt>Type Name:</dt> <dd><tt>Principal</tt></dd>
<t>Capability: <tt>urn:ietf:params:jmap:principals</tt></t> <dt>Can Reference Blobs:</dt> <dd>No</dd>
<t>Specification document: this document</t> <dt>Can Use for State Change:</dt> <dd>Yes</dd>
<dt>Capability:</dt> <dd><tt>urn:ietf:params:jmap:principals</tt></dd>
<dt>Reference:</dt> <dd>RFC 9670</dd>
</dl>
</section> </section>
<section anchor="jmap-data-type-registration-for-sharenotification"><name>JMAP D ata Type Registration for "ShareNotification"</name> <section anchor="jmap-data-type-registration-for-sharenotification"><name>JMAP D ata Type Registration for "ShareNotification"</name>
<t>IANA will register the "ShareNotification" JMAP Data Type as follows:</t> <t>IANA has registered the "ShareNotification" JMAP Data Type in the "JMAP Data
<t>Type Name: <tt>ShareNotification</tt></t> Types" registry as follows:</t>
<t>Can reference blobs: no</t> <dl newline="false" spacing="compact">
<t>Can Use for State Change: yes</t> <dt>Type Name:</dt> <dd><tt>ShareNotification</tt></dd>
<t>Capability: <tt>urn:ietf:params:jmap:principals</tt></t> <dt>Can Reference Blobs:</dt> <dd>No</dd>
<t>Specification document: this document</t> <dt>Can Use for State Change:</dt> <dd>Yes</dd>
<dt>Capability:</dt> <dd><tt>urn:ietf:params:jmap:principals</tt></dd>
<dt>Reference:</dt> <dd>RFC 9670</dd>
</dl>
</section> </section>
</section> </section>
</middle> </middle>
<back> <back>
<references>
<name>References</name>
<references><name>Normative References</name> <references><name>Normative References</name>
<xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119. <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"
xml"/> />
<xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5322. <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5322.xml"
xml"/> />
<xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174. <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"
xml"/> />
<xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8620. <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8620.xml"
xml"/> />
</references> </references>
<references><name>Informative References</name> <references><name>Informative References</name>
<xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8264. <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8264.xml"
xml"/> />
<!--NOTE: IANA reference entry below in case the authors decide to use it instea
d
of the URL in the running text.
<reference anchor="IANA-TZDB"
target="https://www.iana.org/time-zones">
<front>
<title>Time Zone Database</title>
<author>
<organization>IANA</organization>
</author>
<date/>
</front>
</reference>
-->
</references>
</references> </references>
</back> </back>
<!-- [rfced] The files below list terms enclosed in <tt>, <em>, and <strong>,
respectively, in this document. Please review to ensure the usage of
these attributes is correct and consistent. Let us know if any updates
are needed.
https://www.rfc-editor.org/authors/rfc9670-TT.txt
https://www.rfc-editor.org/authors/rfc9670-EM.txt
https://www.rfc-editor.org/authors/rfc9670-ST.txt
Specifically, please review the following terms that appear both inside and
outside of <tt> tags and sometimes <strong> tags:
Accounts vs. accounts vs. <tt>accounts</tt>
forbidden vs. <tt>forbidden</tt>
group vs. <tt>group</tt>
ID vs. id vs. <tt>Id</tt>
individual vs. <tt>individual</tt>
location vs. <tt>location</tt>
myRights vs. <tt>myRights</tt> vs. <strong>myRights</strong>
null vs. <tt>null</tt>
<tt>other</tt>
Principal vs. <tt>Principal</tt>
TodoListRights vs. <tt>TodoListRights</tt>
-->
<!-- [rfced] For the terms related to "todo", we spotted several variations of
capitalization and formatting. Please review and let us know if/how we can make
these consistent. Should the lowercase forms of "todo" perhaps be capital?
todo list
TodoList
TodoList data type
Todo data type
Todo data vs. todo data
Todos vs. todos
-->
<!-- [rfced] FYI - we updated the artwork elements to sourcecode with the type
set to "json". Please review the XML file to ensure correctness.
Note that the current list of preferred values for "type" is listed at
<https://www.rfc-editor.org/materials/sourcecode-types.txt>. It is
also acceptable to leave the "type" attribute not set.
-->
<!-- [rfced] Please review the "Inclusive Language" portion of the online
Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language>
and let us know if any changes are needed. Updates of this nature typically
result in more precise language, which is helpful for readers.
Note that our script did not flag any words in particular, but this should
still be reviewed as a best practice.
-->
</rfc> </rfc>
 End of changes. 84 change blocks. 
229 lines changed or deleted 741 lines changed or added

This html diff was produced by rfcdiff 1.48.