draft-ietf-calsify-rfc2447bis-11.txt   rfc6047.txt 
INTERNET-DRAFT A. Melnikov Internet Engineering Task Force (IETF) A. Melnikov, Ed.
Document: draft-ietf-calsify-rfc2447bis-11.txt Editor Request for Comments: 6047 Isode Ltd
Intended status: Standard Track September 10, 2010 Obsoletes: 2447 December 2010
Expires: March 2011 Category: Standards Track
ISSN: 2070-1721
iCalendar Message-Based Interoperability Protocol
(iMIP)
Status of this Memo iCalendar Message-Based Interoperability Protocol (iMIP)
This Internet-Draft is submitted to IETF in full conformance with the Abstract
provisions of BCP 78 and BCP 79. This document may contain material
from IETF Documents or IETF Contributions published or made publicly
available before November 10, 2008. The person(s) controlling the
copyright in some of this material may not have granted the IETF
Trust the right to allow modifications of such material outside the
IETF Standards Process. Without obtaining an adequate license from
the person(s) controlling the copyright in such materials, this
document may not be modified outside the IETF Standards Process, and
derivative works of it may not be created outside the IETF Standards
Process, except to format it for publication as an RFC or to
translate it into languages other than English.
Internet-Drafts are working documents of the Internet This document, "iCalendar Message-Based Interoperability Protocol
Engineering Task Force (IETF), its areas, and its (iMIP)", specifies a binding from the iCalendar Transport-independent
working groups. Note that other groups may also distribute Interoperability Protocol (iTIP) to Internet email-based transports.
working documents as Internet-Drafts. Calendaring entries defined by the iCalendar Object Model (iCalendar)
are wrapped using constructs from RFC 5322 and MIME (RFC 2045, RFC
2046, RFC 2047, and RFC 2049), and then transported over SMTP.
Internet-Drafts are draft documents valid for a maximum of Status of This Memo
six months and may be updated, replaced, or obsoleted by
other documents at any time. It is inappropriate to use
Internet-Drafts as reference material or to cite them other
than as "work in progress."
The list of current Internet-Drafts can be accessed at This is an Internet Standards Track document.
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at This document is a product of the Internet Engineering Task Force
http://www.ietf.org/shadow.html. (IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
A revised version of this draft document will be submitted to the RFC Information about the current status of this document, any errata,
editor as a Draft Standard for the Internet Community. Discussion and how to provide feedback on it may be obtained at
and suggestions for improvement are requested, and should be sent to http://www.rfc-editor.org/info/rfc6047.
the CALSIFY Mailing list <ietf-calsify@osafoundation.org>.
Distribution of this document is unlimited.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
skipping to change at page 2, line 15 skipping to change at page 1, line 47
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the BSD License. described in the Simplified BSD License.
Abstract
This document, iCalendar Message-Based Interoperability Protocol This document may contain material from IETF Documents or IETF
(iMIP), specifies a binding from the iCalendar Transport-independent Contributions published or made publicly available before November
Interoperability Protocol (iTIP) to Internet email-based transports. 10, 2008. The person(s) controlling the copyright in some of this
Calendaring entries defined by the iCalendar Object Model (iCalendar) material may not have granted the IETF Trust the right to allow
are wrapped using constructs from RFC 5322 and MIME (RFC 2045, RFC modifications of such material outside the IETF Standards Process.
2046, RFC 2047 and RFC 2049), and then transported over SMTP. Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents Table of Contents
1 INTRODUCTION........................................................2 1. Introduction ....................................................3
1.1 RELATED MEMOS ...................................................2 1.1. Related Memos ..............................................3
1.2 FORMATTING CONVENTIONS ..........................................3 1.2. Formatting Conventions .....................................3
1.3 TERMINOLOGY .....................................................4 1.3. Terminology ................................................4
2 MIME MESSAGE FORMAT BINDING.........................................4 2. MIME Message Format Binding .....................................4
2.1 MIME MEDIA TYPE .................................................4 2.1. MIME Media Type ............................................4
2.2 SECURITY ........................................................4 2.2. Security ...................................................5
2.2.1 Authorization ...............................................4 2.2.1. Authorization .......................................5
2.2.2 Authentication ..............................................5 2.2.2. Authentication ......................................5
2.2.3 Confidentiality .............................................5 2.2.3. Confidentiality .....................................5
2.3 EMAIL ADDRESSES .................................................5 2.3. Email Addresses ............................................6
2.4 CONTENT TYPE ....................................................5 2.4. Content-Type Header Field ..................................6
2.5 CONTENT-TRANSFER-ENCODING .......................................6 2.5. Content-Transfer-Encoding Header Field .....................7
2.6 CONTENT-DISPOSITION .............................................6 2.6. Content-Disposition Header Field ...........................8
3 SECURITY CONSIDERATIONS.............................................7 3. Security Considerations .........................................8
4 EXAMPLES............................................................8 4. Examples .......................................................11
4.1 SINGLE COMPONENT WITH AN ATTACH PROPERTY ........................8 4.1. Single Component with an ATTACH Property ..................11
4.2 USING MULTIPART ALTERNATIVE FOR LOW FIDELITY CLIENTS ............8 4.2. Using multipart/alternative for Low-Fidelity Clients ......11
4.3 SINGLE COMPONENT WITH AN ATTACH PROPERTY AND INLINE ATTACHMENT ..9 4.3. Single Component with an ATTACH Property and
4.4 MULTIPLE SIMILAR COMPONENTS ....................................10 Inline Attachment .........................................12
4.5 MULTIPLE MIXED COMPONENTS ......................................11 4.4. Multiple Similar Components ...............................14
4.6 DETAILED COMPONENTS WITH AN ATTACH PROPERTY ....................13 4.5. Multiple Mixed Components .................................15
5 RECOMMENDED PRACTICES..............................................14 4.6. Detailed Components with an ATTACH Property ...............16
5.1 USE OF CONTENT AND MESSAGE IDS .................................14 5. Recommended Practices ..........................................18
6 REFERENCES.........................................................15 5.1. Use of Content and Message IDs ............................18
7 EDITOR'S ADDRESSES.................................................16 6. IANA Considerations ............................................18
8 FULL COPYRIGHT STATEMENT...........................................XX 7. References .....................................................19
9 INTELLECTUAL PROPERTY..............................................XX 7.1. Normative References ......................................19
7.2. Informative References ....................................20
Appendix A. Changes since RFC 2447 ................................21
Appendix B. Acknowledgements ......................................22
1 Introduction 1. Introduction
This binding document provides the transport specific information This document provides the transport-specific information ("binding")
necessary to convey iCalendar Transport-independent Interoperability necessary to convey iCalendar Transport-independent Interoperability
Protocol (iTIP) [iTIP] over Internet email (using MIME) as defined in Protocol (iTIP) [iTIP] over Internet email (using MIME) as defined in
[RFC-5322] and [RFC-2045]. [RFC5322] and [RFC2045]. Therefore, this document defines the
iCalendar Message-Based Interoperability Protocol (iMIP).
1.1 Related Memos 1.1. Related Memos
Implementers will need to be familiar with several other memos that, Implementers will need to be familiar with several other memos that,
along with this memo, form a framework for Internet calendaring and along with this memo, form a framework for Internet calendaring and
scheduling standards. scheduling standards.
This document, [iMIP], specifies an Internet email binding for iTIP. This document specifies an Internet email binding for iTIP.
[iCAL] - specifies a core specification of objects, data types, [iCAL] specifies a core specification of objects, data types,
properties and property parameters; properties, and property parameters.
[iTIP] - specifies an interoperability protocol for scheduling [iTIP] specifies an interoperability protocol for scheduling between
between different implementations; different implementations.
This memo does not attempt to repeat the specification of concepts or This memo does not attempt to repeat the specification of concepts or
definitions from these other memos. Where possible, references are definitions from these other memos. Where possible, references are
made to the memo that provides for the specification of these made to the memo that provides for the specification of these
concepts or definitions. concepts or definitions.
1.2 Formatting Conventions 1.2. Formatting Conventions
The mechanisms defined in this memo are defined in prose. In order to The mechanisms defined in this memo are defined in prose. In order
refer to elements of the calendaring and scheduling model, core to refer to elements of the calendaring and scheduling model, core
object or interoperability protocol defined in [iCAL] and [iTIP] some object, or interoperability protocol defined in [iCAL] and [iTIP],
formatting conventions have been used. some formatting conventions have been used.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC-2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
Calendaring and scheduling roles are referred to in quoted-strings of Calendaring and scheduling roles are referred to in quoted strings of
text with the first character of each word in upper case. For text with the first character of each word in uppercase. For
example, "Organizer" refers to a role of a "Calendar User" within the example, "Organizer" refers to a role of a "Calendar User" within the
scheduling protocol defined by [iTIP]. scheduling protocol defined by [iTIP].
Calendar components defined by [iCAL] are referred to with Calendar components defined by [iCAL] are referred to with
capitalized, quoted-strings of text. All calendar components start capitalized, quoted strings of text. All calendar components start
with the letter "V". For example, "VEVENT" refers to the event with the letter "V". For example, "VEVENT" refers to the event
calendar component, "VTODO" refers to the to-do calendar component calendar component, "VTODO" refers to the to-do calendar component,
and "VJOURNAL" refers to the daily journal calendar component. and "VJOURNAL" refers to the daily journal calendar component.
Scheduling methods defined by [iTIP] are referred to with Scheduling methods defined by [iTIP] are referred to with
capitalized, quoted-strings of text. For example, "REQUEST" refers to capitalized, quoted strings of text. For example, "REQUEST" refers
the method for requesting a scheduling calendar component be created to the method for requesting a scheduling calendar component be
or modified, "REPLY" refers to the method a recipient of a request created or modified; "REPLY" refers to the method a recipient of a
uses to update their status with the "Organizer" of the calendar request uses to update their status with the "Organizer" of the
component. calendar component.
Properties defined by [iCAL] are referred to with capitalized, Properties defined by [iCAL] are referred to with capitalized, quoted
quoted-strings of text, followed by the word "property". For example, strings of text, followed by the word "property". For example,
"ATTENDEE" property refers to the iCalendar property used to convey "ATTENDEE" property refers to the iCalendar property used to convey
the calendar address of a calendar user. the calendar address of a "Calendar User".
Property parameters defined by [iCAL] are referred to with lower Property parameters defined by [iCAL] are referred to with lowercase,
case, quoted-strings of text, followed by the word "parameter". For quoted strings of text, followed by the word "parameter". For
example, "value" parameter refers to the iCalendar property parameter example, "value" parameter refers to the iCalendar property parameter
used to override the default data type for a property value. used to override the default data type for a property value.
1.3 Terminology 1.3. Terminology
The email terms used in this memo are defined in [RFC-5322] and The email terms used in this memo are defined in [RFC5322] and
[RFC-2045]. The calendaring and scheduling terms used in this memo [RFC2045]. The calendaring and scheduling terms used in this memo
are defined in [iCAL] and [iTIP]. are defined in [iCAL] and [iTIP].
2 MIME Message Format Binding 2. MIME Message Format Binding
This section defines the message binding to the MIME electronic mail This section defines the message binding to the MIME electronic mail
transport. transport.
The sections below refer to the "originator" and the "recipient" of The sections below refer to the "originator" and the "recipient" of
an iMIP message. In the case of a "request" method, the originator is an iMIP message. In the case of a "request" method, the originator
the "Organizer" and the recipient is an "Attendee" of the event. In is the "Organizer" and the recipient is an "Attendee" of the event.
the case of a "response" method, the originator is an "Attendee" and In the case of a "response" method, the originator is an "Attendee"
the recipient is the "Organizer" of the event. and the recipient is the "Organizer" of the event.
The [RFC-5322] "Reply-To" header field typically contains the email The [RFC5322] "Reply-To" header field typically contains the email
address of the originator of the scheduling message. However, this address of the originator of the scheduling message. However, this
cannot be guaranteed because the sender of the iMIP message might not cannot be guaranteed because the sender of the iMIP message might not
be the originator of the scheduling message and the sender's Mail be the originator of the scheduling message and the sender's "Mail
User Agent (MUA) might not enforce iMIP semantics by translating the User Agent" (MUA) might not enforce iMIP semantics by translating the
originator's address into the "Reply-To" email header field. originator's address into the "Reply-To" email header field.
2.1 MIME Media Type 2.1. MIME Media Type
A MIME entity containing content information formatted according to A MIME entity containing content information formatted according to
this document will be referenced as a "text/calendar" content type this document will be referenced as a "text/calendar" content type
[iCAL]. It is assumed that this content type will be transported [iCAL]. It is assumed that this content type will be transported
through a MIME electronic mail transport. through a MIME electronic mail transport.
2.2 Security 2.2. Security
This section addresses several aspects of security including This section addresses several aspects of security including
authentication, authorization and confidentiality. Authentication and authentication, authorization, and confidentiality. Authentication
confidentiality can be achieved using S/MIME [RFC-5750][RFC-5751], and confidentiality can be achieved using Secure/MIME (S/MIME)
which uses Security Multiparts framework for MIME [RFC-1847]. [RFC5750] [RFC5751], which uses the Security Multiparts framework for
MIME [RFC1847].
2.2.1 Authorization 2.2.1. Authorization
In [iTIP] messages, only the "Organizer" is authorized to modify or In iTIP messages [iTIP], only the "Organizer" is authorized to modify
cancel calendar entries she organizes. That is, spoof@xyz.example.net or cancel calendar entries she organizes. That is,
is not allowed to modify or cancel a meeting that was organized by spoof@xyz.example.net is not allowed to modify or cancel a meeting
a@example.com. Furthermore, only the respondent has the authorization that was organized by a@example.com. Furthermore, only the
to indicate their status to the "Organizer". That is, the "Organizer" respondent has the authorization to indicate their status to the
MUST ignore an [iTIP] message from spoof@xyz.example.net that "Organizer". That is, the "Organizer" MUST ignore an iTIP message
declines a meeting invitation for b@example.com. from spoof@xyz.example.net that declines a meeting invitation for
b@example.com.
Implementations of iMIP SHOULD verify the authenticity of the creator Implementations of iMIP SHOULD verify the authenticity of the creator
of an iCalendar object before taking any action. Methods for doing of an iCalendar object before taking any action. Methods for doing
this are presented later in this document. this are presented later in this document.
[RFC-1847] Message flow in iTIP supports someone working on behalf of [RFC1847] message flow in iTIP supports someone working on behalf of
a "Calendar User" through use of the "sent-by" parameter that is a "Calendar User" through use of the "sent-by" parameter that is
associated with the "ATTENDEE" and "ORGANIZER" properties. However, associated with the "ATTENDEE" and "ORGANIZER" properties. However,
there is no mechanism to verify whether or not a "Calendar User" has there is no mechanism to verify whether or not a "Calendar User" has
authorized someone to work on their behalf. It is left to authorized someone to work on their behalf. It is left to
implementations to provide mechanisms for the "Calendar Users" to implementations to provide mechanisms for the "Calendar Users" to
make that decision. make that decision.
2.2.2 Authentication 2.2.2. Authentication
Authentication MUST be performed using S/MIME [RFC-5750][RFC-5751]. Authentication MUST be performed using S/MIME [RFC5750] [RFC5751].
Authentication is possible only on messages that have been signed. Authentication is possible only on messages that have been signed.
Unauthenticated messages (i.e., unsigned messages) may not be Unauthenticated messages (i.e., unsigned messages) may not be
trusted. trusted.
2.2.3 Confidentiality 2.2.3. Confidentiality
To ensure confidentiality using iMIP implementations SHOULD utilize To ensure confidentiality using iMIP, implementations SHOULD utilize
encryption specified in S/MIME [RFC-5750][RFC-5751]. iMIP does not encryption specified in S/MIME [RFC5750] [RFC5751]. iMIP does not
restrict a "Calendar User Agent" (CUA) from forwarding iCalendar restrict a "Calendar User Agent" (CUA) from forwarding iCalendar
objects to other users or agents. objects to other users or agents.
2.3 Email Addresses 2.3. Email Addresses
The calendar address specified within the "ORGANIZER" and "ATTENDEE" The calendar address specified within the "ORGANIZER" and "ATTENDEE"
properties in an iCalendar object send using iMIP MUST be a proper properties in an iCalendar object sent using iMIP MUST be a proper
"mailto:" [MAILTO] URI specification for the corresponding "mailto:" [MAILTO] URI specification for the corresponding
"Organizer" or "Attendee" of the "VEVENT" or "VTODO". "Organizer" or "Attendee" of the "VEVENT" or "VTODO".
Because [iTIP] does not preclude "Attendees" from forwarding Because [iTIP] does not preclude "Attendees" from forwarding
"VEVENTS" or "VTODOS" to others, the [RFC-5322] "Sender" value may "VEVENT"s or "VTODO"s to others, the [RFC5322] "Sender" value may not
not equal that of the "Organizer". Additionally, the "Organizer" or equal that of the "Organizer". Additionally, the "Organizer" or
"Attendee" cannot be reliably inferred by the [RFC-5322] "Sender" or "Attendee" cannot be reliably inferred by the [RFC5322] "Sender" or
"Reply-to" header field values of an iMIP message. The relevant "Reply-To" header field values of an iMIP message. The relevant
address MUST be ascertained by opening the "text/calendar" MIME body address MUST be ascertained by opening the "text/calendar" MIME body
part and examining the "ATTENDEE" and "ORGANIZER" properties. part and examining the "ATTENDEE" and "ORGANIZER" properties.
2.4 Content-Type Header Field 2.4. Content-Type Header Field
A MIME body part containing content information that conforms to this A MIME body part containing content information that conforms to this
document MUST have an [RFC-2045] "Content-Type" value of document MUST have an [RFC2045] "Content-Type" value of
"text/calendar". The [RFC-2045] "Content-Type" header field MUST also "text/calendar". The [RFC2045] "Content-Type" header field MUST also
include the type MIME parameter "method". The value MUST be the same include the MIME parameter "method". The value MUST be the same
(ignoring case) as the value of the "METHOD" property within the (ignoring case) as the value of the "METHOD" property within the
iCalendar object. iCalendar object.
Note 1: A MIME message containing multiple iCalendar objects with Note 1: A MIME message containing multiple iCalendar objects with
different method values MUST be further encapsulated with a different "method" values MUST be further encapsulated with a
"multipart/mixed" MIME entity [RFC-2046]. This will allow each of the "multipart/mixed" MIME entity [RFC2046]. This will allow each of
iCalendar objects to be encapsulated within their own "text/calendar" the iCalendar objects to be encapsulated within their own
MIME entity. "text/calendar" MIME entity.
Note 2: A MIME body part of "text/calendar" "Content-Type" that lacks Note 2: A MIME body part with a "Content-Type" value of
the "method" parameter is not considered to be an iMIP body part and "text/calendar" that lacks the "method" parameter is not
thus is not subject to the requirements specified in this document. considered to be an iMIP body part and thus is not subject to the
requirements specified in this document.
Note that according to [iCAL] the default character set for iCalendar Note that according to [iCAL] the default character set for iCalendar
objects is UTF-8 [UTF-8]. However the default character set for a objects is UTF-8 [UTF-8]. However, the default character set for a
"text/*" MIME entity according to [RFC-2046] is US-ASCII. Thus a "text/*" MIME entity according to [RFC2046] is US-ASCII. Thus, a
"charset" MIME parameter MUST be present if the iCalendar object "charset" MIME parameter MUST be present if the iCalendar object
contains characters that can't be represented in US-ASCII character contains characters that can't be represented in the US-ASCII
set and, as specified in [iCAL], it MUST have the value "UTF-8". character set and, as specified in [iCAL], it MUST have the value
"UTF-8".
The optional "component" MIME parameter defines the iCalendar The optional "component" MIME parameter defines the iCalendar
component type contained within the iCalendar object. component type contained within the iCalendar object.
The following is an example of this header field with a value that The following is an example of this header field with a value that
indicates an event message. indicates an event message.
Content-Type: text/calendar; method=request; charset=UTF-8; Content-Type: text/calendar; method=REQUEST; charset=UTF-8;
component=vevent component=vevent
The "text/calendar" content type allows for the scheduling message The "text/calendar" content type allows for the scheduling message
type to be included in a MIME message with other content information type to be included in a MIME message with other content information
(i.e., "multipart/mixed") or included in a MIME message with a clear- (i.e., "multipart/mixed") or included in a MIME message with a clear-
text, human-readable form of the scheduling message (i.e., text, human-readable form of the scheduling message (i.e.,
"multipart/alternative" [RFC-2046]). "multipart/alternative" [RFC2046]).
In order to permit the information in the scheduling message to be In order to permit the information in the scheduling message to be
understood by MIME user agents (UA) that do not support the understood by MIME User Agents (UAs) that do not support the
"text/calendar" content type, scheduling messages SHOULD be sent with "text/calendar" content type, scheduling messages SHOULD be sent with
an alternative, human-readable form of the information. an alternative, human-readable form of the information.
Note that "multipart/alternative" MUST NOT be used to represent two Note that "multipart/alternative" MUST NOT be used to represent two
slightly different iCalendar objects, for example two VEVENT with slightly different iCalendar objects, for example, two "VEVENT"s with
alternative starting times. alternative starting times.
CUAs can use other MIME parameters of the Content-Type header field, CUAs can use other MIME parameters of the "Content-Type" header
as well as a language specified in the Content-Language header field field, as well as a language specified in the Content-Language header
[RFC-3282], to pick a "text/calendar" part for processing if a field [RFC3282], to pick a "text/calendar" part for processing if a
"multipart/alternative" MIME message contains more than one "multipart/alternative" MIME message contains more than one
"text/calendar" part. "text/calendar" part.
Any receiving UA compliant with this specification MUST be able to Any receiving UA compliant with this specification MUST be able to
process "text/calendar" body parts enclosed within "multipart/*". process "text/calendar" body parts enclosed within "multipart/*".
Note that a "multipart/mixed" MIME message can include multiple Note that a "multipart/mixed" MIME message can include multiple
"text/calendar" components. The receiving UA MUST be able to process "text/calendar" components. The receiving UA MUST be able to process
all of them. all of them.
2.5 Content-Transfer-Encoding Header Field 2.5. Content-Transfer-Encoding Header Field
Unless iMIP message is transported over 8-bit clean transport (such Unless an iMIP message is transported over 8-bit clean transport
as SMTP [8BITMIME]), a transfer encoding such as quoted-printable or (such as SMTP [8BITMIME]), a transfer encoding such as quoted-
base64 [RFC-2045] MUST be used for iCalendar objects containing any printable or base64 [RFC2045] MUST be used for iCalendar objects
characters that can't be represented in the US-ASCII character set. containing any characters that can't be represented in the US-ASCII
For example: character set. For example:
From: user1@example.com From: user1@example.com
To: user2@example.com To: user2@example.com
Subject: Phone Conference Subject: Phone Conference
Mime-Version: 1.0 Mime-Version: 1.0
Date: Wed, 07 May 2008 21:30:25 +0400 Date: Wed, 07 May 2008 21:30:25 +0400
Message-ID: <4821E731.5040506@laptop1.example.com> Message-ID: <4821E731.5040506@laptop1.example.com>
Content-Type: text/calendar; method=REQUEST; charset=UTF-8 Content-Type: text/calendar; method=REQUEST; charset=UTF-8
Content-Transfer-Encoding: quoted-printable Content-Transfer-Encoding: quoted-printable
skipping to change at page 8, line 49 skipping to change at page 8, line 35
SUMMARY:Phone call to discuss your last visit SUMMARY:Phone call to discuss your last visit
DESCRIPTION:=D1=82=D1=8B =D0=BA=D0=B0=D0=BA - =D0=B4=D0=BE=D0= DESCRIPTION:=D1=82=D1=8B =D0=BA=D0=B0=D0=BA - =D0=B4=D0=BE=D0=
=B2=D0=BE=D0=BB=D0=B5=D0=BD =D0=BF=D0=BE=D0=B5=D0=B7=D0=B4=D0=BA=D0 =B2=D0=BE=D0=BB=D0=B5=D0=BD =D0=BF=D0=BE=D0=B5=D0=B7=D0=B4=D0=BA=D0
=BE=D0=B9? =BE=D0=B9?
UID:calsvr.example.com-8739701987387998 UID:calsvr.example.com-8739701987387998
SEQUENCE:0 SEQUENCE:0
STATUS:TENTATIVE STATUS:TENTATIVE
END:VEVENT END:VEVENT
END:VCALENDAR END:VCALENDAR
2.6 Content-Disposition Header Field 2.6. Content-Disposition Header Field
Implementations MAY include a "Content-Disposition" header field to Implementations MAY include a "Content-Disposition" header field to
define a file name for an iCalendar object. However, the handling of define a file name for an iCalendar object. However, the handling of
a MIME part MUST be based on its [RFC-2045] "Content-Type" and not on a MIME part MUST be based on its [RFC2045] "Content-Type" and not on
the extension specified in the "Content-Disposition", as different the extension specified in the "Content-Disposition", as different
email malware is known to trick User Agents into misinterpreting email malware is known to trick User Agents into misinterpreting
content of messages by specifying a file extension in the Content- content of messages by specifying a file extension in the Content-
Disposition header field that doesn't correspond to the value of Disposition header field that doesn't correspond to the value of the
Content-Type header field. "Content-Type" header field.
3 Security Considerations 3. Security Considerations
The security threats that applications must address when implementing The security threats that applications must address when implementing
iTIP are detailed in [iTIP]. In particular two spoofing threats are iTIP are detailed in [iTIP]. In particular, two spoofing threats are
identified in [iTIP]: Spoofing the "Organizer", and Spoofing an identified in Section 6.1 of [iTIP]: spoofing the "Organizer", and
"Attendee". To address these threats, the originator of an iCalendar spoofing an "Attendee". To address these threats, the originator of
object must be authenticated by a recipient. Once authenticated, a an iCalendar object must be authenticated by a recipient. Once
determination can be made as to whether or not the originator is authenticated, a determination can be made as to whether or not the
authorized to perform the requested operation. Compliant applications originator is authorized to perform the requested operation.
MUST support signing and encrypting text/calendar body parts using a Compliant applications MUST support signing and encrypting
mechanism based on S/MIME [RFC-5750][RFC-5751] in order to facilitate "text/calendar" body parts using a mechanism based on S/MIME
the authentication of the originator of the iCalendar object (see [RFC5750] [RFC5751] in order to facilitate the authentication of the
Section 2.2.2 and 2.2.3). The steps for processing a signed iMIP originator of the iCalendar object (see Sections 2.2.2 and 2.2.3).
message are described below: The steps for processing a signed iMIP message are described below:
1. Using S/MIME, determine who signed the text/calendar body part 1. Using S/MIME, determine who signed the "text/calendar" body part
containing the iCalendar object. This is the "signer". (Note that containing the iCalendar object. This is the "signer". (Note
the email address of the signer MUST be specified in the rfc822Name that the email address of the signer MUST be specified in the
field of the subject alternative name extension of the signer rfc822Name field of the "subject alternative name" extension of
certificate, as specified in [RFC-5280], Section 4.1.2.6.) Note that the signer certificate, as specified in [RFC5280],
the signer is not necessarily the person sending an e-mail message Section 4.1.2.6.) Note that the signer is not necessarily the
since an e-mail message can be forwarded. person sending an e-mail message, since an e-mail message can be
forwarded.
2. Correlate the signer to either an "ATTENDEE" property or to the 2. Correlate the signer to either an "ATTENDEE" property or to the
"ORGANIZER" property in the iCalendar object, based on the method and "ORGANIZER" property in the iCalendar object, based on the method
the calendar component specified in the iCalendar object, as defined and the calendar component specified in the iCalendar object, as
in Section 1.4 of [iTIP]. If the signer cannot be correlated to an defined in Section 1.4 of [iTIP]. If the signer cannot be
"ATTENDEE"/"ORGANIZER" property, then actively warn the user correlated to an "ATTENDEE"/"ORGANIZER" property, then actively
controlling the calendar user agent that the iCalendar object is warn the user controlling the "Calendar User Agent" that the
untrusted and encourage the user to ignore the message, but give iCalendar object is untrusted, and encourage the user to ignore
advanced users the option to (a) view the certificate of the signer the message, but give advanced users the option to (a) view the
and the entire certificate chain (if any) in order to help decide if certificate of the signer and the entire certificate chain (if
the signer should be trusted to send the message, and then (b) allow any) in order to help decide if the signer should be trusted to
CUA to accept and process the iCalendar object. send the message, and then (b) allow the CUA to accept and process
the iCalendar object.
3. Determine whether or not the "ATTENDEE"/"ORGANIZER" is authorized 3. Determine whether or not the "ATTENDEE"/"ORGANIZER" is authorized
to perform the operation as defined by [iTIP]. If the conditions are to perform the operation as defined by [iTIP]. If the conditions
not met, ignore the message. are not met, ignore the message.
4. If all the above conditions are met, the message can be processed. 4. If all the above conditions are met, the message can be processed.
S/MIME signing also protects against malicious changes in transit. S/MIME signing also protects against malicious changes to messages in
transit.
If calendar confidentiality is required by the sender, signed iMIP If calendar confidentiality is required by the sender, signed iMIP
messages SHOULD be encrypted by a mechanism based on S/MIME messages SHOULD be encrypted by a mechanism based on S/MIME [RFC5750]
[RFC-5750][RFC-5751]. If iMIP is used within a single ADMD [RFC5751]. If iMIP is used within a single ADministrative Management
(Administrative Domain) [RFC5598], SMTP STARTTLS [SMTP-TLS] (together Domain (ADMD) [RFC5598], SMTP STARTTLS [SMTP-TLS] (together with
with STARTTLS in IMAP/POP [IMAP-POP-TLS]) MAY alternatively be used STARTTLS in IMAP/POP [IMAP-POP-TLS]) MAY alternatively be used to
to provide calendar confidentiality. provide calendar confidentiality.
Once a signed and/or encrypted iMIP message is received and Once a signed and/or encrypted iMIP message is received and
successfully verified (as detailed above) by a CUA, the CUA SHOULD successfully verified (as detailed above) by a CUA, the CUA SHOULD
remember whether the sender of the message is using signing and/or remember whether the sender of the message is using signing and/or
encrypting. If an unsigned iMIP message is received from the same encrypting. If an unsigned iMIP message is received from the same
sender later on, the receiving CUA SHOULD warn the receiving user sender later on, the receiving CUA SHOULD warn the receiving user
about a possible man-in-the-middle attack and SHOULD ignore the about a possible man-in-the-middle attack and SHOULD ignore the
message, unless explicitly overridden by the user. message, unless explicitly overridden by the user.
Implementations MAY provide means for users to disable signing and Implementations MAY provide means for users to disable signing and
encrypting. encrypting.
It is possible to receive iMIP messages sent by someone working on It is possible to receive iMIP messages sent by someone working on
behalf of another "Calendar User". This is determined by examining behalf of another "Calendar User". This is determined by examining
the "sent-by" parameter in the relevant "ORGANIZER" or "ATTENDEE" the "sent-by" parameter in the relevant "ORGANIZER" or "ATTENDEE"
property. [iCAL] and [iTIP] provide no mechanism to verify that a property. [iCAL] and [iTIP] provide no mechanism to verify that a
"Calendar User" has authorized someone else to work on their behalf. "Calendar User" has authorized someone else to work on their behalf.
To address this security issue, implementations MUST provide To address this security issue, implementations MUST provide
mechanisms for the "Calendar Users" to make that decision before mechanisms for the "Calendar Users" to make that decision before
applying changes from someone working on behalf of a "Calendar User". applying changes from someone working on behalf of a "Calendar User".
One way to achieve this is to reject iMIP messages sent by users One way to achieve this is to reject iMIP messages sent by users
other than the "ORGANIZER" or the "ATTENDEE"s. Alternatively, the other than the "ORGANIZER" or the "ATTENDEE"s. Alternatively, the
receiver could have a list of trusted <sent-by, organizer> proxies in receiver could have a list of trusted <sent-by, organizer> proxies in
its local security policy. And yet another way is to prompt the user its local security policy. And yet another way is to prompt the user
for confirmation. for confirmation.
iMIP based calendaring is frequently deployed within a single ADMD, iMIP-based calendaring is frequently deployed within a single ADMD,
with boundary filtering employed to restrict email calendaring flows with boundary filtering employed to restrict email calendaring flows
to be inside the ADMD. This can help in minimizing malicious changes to be inside the ADMD. This can help in minimizing malicious changes
to calendaring messages in transit, as well as in making to calendaring messages in transit, as well as in making
authorization decisions less risky. authorization decisions less risky.
A security consideration associated with use of Content-Disposition A security consideration associated with the use of the Content-
header field is described in section 2.6. Disposition header field is described in Section 2.6.
Use of S/MIME makes Security Considerations discussed in Use of S/MIME makes the security considerations discussed in
[RFC-5750][RFC-5751] relevant to this document. For additional [RFC5750] [RFC5751] relevant to this document. For additional
Security Considerations regarding certificate and CRL verification security considerations regarding certificate and Certificate
please see [RFC-5280]. Revocation List (CRL) verification, please see [RFC5280].
4 Examples 4. Examples
4.1 Single Component With An ATTACH Property 4.1. Single Component with an ATTACH Property
This minimal message shows how an iCalendar object references an This minimal message shows how an iCalendar object references an
attachment. The attachment is accessible via its URL. attachment. The attachment is accessible via its URL.
From: sman@netscape.example.com From: sman@netscape.example.com
To: stevesil@microsoft.example.com To: stevesil@microsoft.example.com
Subject: Phone Conference Subject: Phone Conference
Mime-Version: 1.0 Mime-Version: 1.0
Content-Type: text/calendar; method=REQUEST; charset=US-ASCII Content-Type: text/calendar; method=REQUEST; charset=US-ASCII
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit
BEGIN:VCALENDAR BEGIN:VCALENDAR
PRODID:-//Example/ExampleCalendarClient//EN PRODID:-//Example/ExampleCalendarClient//EN
skipping to change at page 12, line 38 skipping to change at page 11, line 38
DTSTART:19970701T210000Z DTSTART:19970701T210000Z
DTEND:19970701T230000Z DTEND:19970701T230000Z
SUMMARY:Phone Conference SUMMARY:Phone Conference
DESCRIPTION:Please review the attached document. DESCRIPTION:Please review the attached document.
UID:calsvr.example.com-873970198738777 UID:calsvr.example.com-873970198738777
ATTACH:ftp://ftp.bar.example.com/pub/docs/foo.doc ATTACH:ftp://ftp.bar.example.com/pub/docs/foo.doc
STATUS:CONFIRMED STATUS:CONFIRMED
END:VEVENT END:VEVENT
END:VCALENDAR END:VCALENDAR
4.2 Using Multipart Alternative for Low Fidelity Clients 4.2. Using multipart/alternative for Low-Fidelity Clients
This example shows how a client can emit a multipart message that This example shows how a client can emit a multipart message that
includes both a plain text version as well as the full iCalendar includes both a plain text version and the full iCalendar object.
object. Clients that do not support text/calendar will still be Clients that do not support "text/calendar" will still be capable of
capable of rendering the plain text representation. rendering the plain text representation.
From: foo1@example.com From: foo1@example.com
To: foo2@example.com To: foo2@example.com
Subject: Phone Conference Subject: Phone Conference
Mime-Version: 1.0 Mime-Version: 1.0
Content-Type: multipart/alternative;boundary="01BD3665.3AF0D360" Content-Type: multipart/alternative; boundary="01BD3665.3AF0D360"
--01BD3665.3AF0D360 --01BD3665.3AF0D360
Content-Type: text/plain;charset=us-ascii Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit
This is an alternative representation of a TEXT/CALENDAR MIME Object This is an alternative representation of a "text/calendar"
MIME object.
When: 7/1/1997 10:00AM PDT - 7/1/97 10:30AM PDT When: 7/1/1997 10:00AM PDT - 7/1/97 10:30AM PDT
Where: Where:
Organizer: foo1@example.com Organizer: foo1@example.com
Summary: Phone Conference Summary: Phone Conference
--01BD3665.3AF0D360 --01BD3665.3AF0D360
Content-Type: text/calendar; method=REQUEST; charset=US-ASCII Content-Type: text/calendar; method=REQUEST; charset=US-ASCII
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit
BEGIN:VCALENDAR BEGIN:VCALENDAR
skipping to change at page 13, line 36 skipping to change at page 12, line 47
DTEND:19970701T173000Z DTEND:19970701T173000Z
SUMMARY:Phone Conference SUMMARY:Phone Conference
UID:calsvr.example.com-8739701987387771 UID:calsvr.example.com-8739701987387771
SEQUENCE:0 SEQUENCE:0
STATUS:CONFIRMED STATUS:CONFIRMED
END:VEVENT END:VEVENT
END:VCALENDAR END:VCALENDAR
--01BD3665.3AF0D360 --01BD3665.3AF0D360
4.3 Single Component With An ATTACH Property 4.3. Single Component with an ATTACH Property and Inline Attachment
This example shows how a message containing an iCalendar object This example shows how a message containing an iCalendar object
references an attached document. The reference is made using a references an attached document. The reference is made using a
Content-id (CID). Thus, the iCalendar object and the document are Content-ID (CID). Thus, the iCalendar object and the document are
packaged in a multipart/related encapsulation. packaged in a "multipart/related" encapsulation.
From: foo1@example.com From: foo1@example.com
To: foo2@example.com To: foo2@example.com
Subject: Phone Conference Subject: Phone Conference
Mime-Version: 1.0 Mime-Version: 1.0
Content-Type: multipart/related; boundary="boundary-example-1" Content-Type: multipart/related; boundary="boundary-example-1"
--boundary-example-1 --boundary-example-1
Content-Type: text/calendar; method=REQUEST; charset=US-ASCII Content-Type: text/calendar; method=REQUEST; charset=US-ASCII
skipping to change at page 14, line 38 skipping to change at page 14, line 5
Content-Transfer-Encoding: base64 Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="FieldReport.doc" Content-Disposition: inline; filename="FieldReport.doc"
Content-ID: <123456789@example.com> Content-ID: <123456789@example.com>
0M8R4KGxGuEAAAAAAAAAAAAAAAAAAAAAPgADAP7/CQAGAAAAAAAAAAABAAAARAAAAAAA 0M8R4KGxGuEAAAAAAAAAAAAAAAAAAAAAPgADAP7/CQAGAAAAAAAAAAABAAAARAAAAAAA
AAAAEAAAQAAAAAEAAAD+////AAAAAEUAAAD///////////////////////////////// AAAAEAAAQAAAAAEAAAD+////AAAAAEUAAAD/////////////////////////////////
... ...
--boundary-example-1-- --boundary-example-1--
4.4 Multiple Similar Components 4.4. Multiple Similar Components
Multiple iCalendar components of the same type can be included in the Multiple iCalendar components of the same type can be included in the
iCalendar object when the METHOD is the same for each component. iCalendar object when the "METHOD" is the same for each component.
From: foo1@example.com From: foo1@example.com
To: foo2@example.com To: foo2@example.com
Subject: Summer Company Holidays Subject: Summer Company Holidays
Mime-Version: 1.0 Mime-Version: 1.0
Content-Type: text/calendar; method=PUBLISH; charset=US-ASCII Content-Type: text/calendar; method=PUBLISH; charset=US-ASCII
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="event.ics" Content-Disposition: attachment; filename="event.ics"
BEGIN:VCALENDAR BEGIN:VCALENDAR
PRODID:-//Example/ExampleCalendarClient//EN PRODID:-//Example/ExampleCalendarClient//EN
METHOD:PUBLISH METHOD:PUBLISH
VERSION:2.0 VERSION:2.0
BEGIN:VEVENT BEGIN:VEVENT
ORGANIZER:MAILTO:FOO1@EXAMPLE.COM ORGANIZER:mailto:foo1@example.com
DTSTAMP:19970611T150000Z DTSTAMP:19970611T150000Z
DTSTART:19970701T150000Z DTSTART:19970701T150000Z
DTEND:19970701T230000Z DTEND:19970701T230000Z
SUMMARY:Company Picnic SUMMARY:Company Picnic
DESCRIPTION:Food and drink will be provided DESCRIPTION:Food and drink will be provided
UID:CALSVR.EXAMPLE.COM-873970198738777-1 UID:calsvr.example.com-873970198738777-1
SEQUENCE:0 SEQUENCE:0
STATUS:CONFIRMED STATUS:CONFIRMED
END:VEVENT END:VEVENT
BEGIN:VEVENT BEGIN:VEVENT
ORGANIZER:MAILTO:FOO1@EXAMPLE.COM ORGANIZER:mailto:foo1@example.com
DTSTAMP:19970611T190000Z DTSTAMP:19970611T190000Z
DTSTART:19970715T150000Z DTSTART:19970715T150000Z
DTEND:19970715T230000Z DTEND:19970715T230000Z
SUMMARY:Company Bowling Tournament SUMMARY:Company Bowling Tournament
DESCRIPTION:We have 10 lanes reserved DESCRIPTION:We have 10 lanes reserved
UID:CALSVR.EXAMPLE.COM-873970198738777-2 UID:calsvr.example.com-873970198738777-2
SEQUENCE:0 SEQUENCE:0
STATUS:CONFIRMED STATUS:CONFIRMED
END:VEVENT END:VEVENT
END:VCALENDAR END:VCALENDAR
4.5 Multiple Mixed Components 4.5. Multiple Mixed Components
Different component types must be encapsulated in separate iCalendar Different component types must be encapsulated in separate iCalendar
objects. objects.
From: foo1@example.com From: foo1@example.com
To: foo2@example.com To: foo2@example.com
Subject: Phone Conference Subject: Phone Conference
Mime-Version: 1.0 Mime-Version: 1.0
Content-Type: multipart/mixed;boundary="--FEE3790DC7E35189CA67CE2C" Content-Type: multipart/mixed;
boundary="--FEE3790DC7E35189CA67CE2C"
This is a multi-part message in MIME format. This is a multi-part message in MIME format.
----FEE3790DC7E35189CA67CE2C ----FEE3790DC7E35189CA67CE2C
Content-Type: text/calendar; method=REQUEST; charset=US-ASCII Content-Type: text/calendar; method=REQUEST; charset=US-ASCII
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="event1.ics" Content-Disposition: attachment; filename="event1.ics"
BEGIN:VCALENDAR BEGIN:VCALENDAR
PRODID:-//Example/ExampleCalendarClient//EN PRODID:-//Example/ExampleCalendarClient//EN
METHOD:REQUEST METHOD:REQUEST
VERSION:2.0 VERSION:2.0
BEGIN:VEVENT BEGIN:VEVENT
ORGANIZER:mailto:foo1@example.com ORGANIZER:mailto:foo1@example.com
ATTENDEE;ROLE=CHAIR;PARTSTAT=ACCEPTED:mailto:foo1@example.com ATTENDEE;ROLE=CHAIR;PARTSTAT=ACCEPTED:mailto:foo1@example.com
ATTENDEE;RSVP=YES;CUTYPE=INDIVIDUAL:mailto:foo2@example.com ATTENDEE;RSVP=YES;CUTYPE=INDIVIDUAL:mailto:foo2@example.com
DTSTAMP:19970611T190000Z DTSTAMP:19970611T190000Z
DTSTART:19970701T210000Z DTSTART:19970701T210000Z
skipping to change at page 17, line 5 skipping to change at page 16, line 28
SUMMARY:Phone Conference SUMMARY:Phone Conference
DESCRIPTION:Discuss a new location for the company picnic DESCRIPTION:Discuss a new location for the company picnic
UID:calsvr.example.com-td-8739701987387773 UID:calsvr.example.com-td-8739701987387773
SEQUENCE:0 SEQUENCE:0
STATUS:NEEDS-ACTION STATUS:NEEDS-ACTION
END:VEVENT END:VEVENT
END:VCALENDAR END:VCALENDAR
----FEE3790DC7E35189CA67CE2C ----FEE3790DC7E35189CA67CE2C
4.6 Detailed Components With An ATTACH Property 4.6. Detailed Components with an ATTACH Property
This example shows the format of a message containing a group meeting This example shows the format of a message containing a group meeting
between three individuals. The multipart/related encapsulation is between three individuals. The "multipart/related" encapsulation is
used because the iCalendar object contains an ATTACH property that used because the iCalendar object contains an ATTACH property that
uses a CID to reference the attachment. uses a CID to reference the attachment.
From: foo1@example.com From: foo1@example.com
MIME-Version: 1.0 MIME-Version: 1.0
To: foo2@example.com,foo3@example.com To: foo2@example.com,foo3@example.com
Subject: REQUEST - Phone Conference Subject: REQUEST - Phone Conference
Content-Type: multipart/related;boundary="--FEE3790DC7E35189CA67CE2C" Content-Type: multipart/related;
boundary="--FEE3790DC7E35189CA67CE2C"
----FEE3790DC7E35189CA67CE2C ----FEE3790DC7E35189CA67CE2C
Content-Type: multipart/alternative; Content-Type: multipart/alternative;
boundary="--00FEE3790DC7E35189CA67CE2C00" boundary="--00FEE3790DC7E35189CA67CE2C00"
----00FEE3790DC7E35189CA67CE2C00 ----00FEE3790DC7E35189CA67CE2C00
Content-Type: text/plain; charset=us-ascii Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit
When: 7/1/1997 10:00PM PDT- 7/1/97 10:30 PM PDT When: 7/1/1997 10:00PM PDT - 7/1/97 10:30 PM PDT
Where: Where:
Organizer: foo1@example.com Organizer: foo1@example.com
Summary: Let's discuss the attached document Summary: Let's discuss the attached document
----00FEE3790DC7E35189CA67CE2C00 ----00FEE3790DC7E35189CA67CE2C00
Content-Type: text/calendar; method=REQUEST; charset=US-ASCII; Content-Type: text/calendar; method=REQUEST; charset=US-ASCII;
Component=vevent Component=vevent
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="event.ics" Content-Disposition: attachment; filename="event.ics"
skipping to change at page 18, line 25 skipping to change at page 18, line 18
Content-ID: <calsvr.example.com-12345aaa> Content-ID: <calsvr.example.com-12345aaa>
R0lGODdhTAQZAJEAAFVVVd3d3e4AAP///ywAAAAATAQZAAAC/5yPOSLhD6OctNqLs94Xq R0lGODdhTAQZAJEAAFVVVd3d3e4AAP///ywAAAAATAQZAAAC/5yPOSLhD6OctNqLs94Xq
AG4kiW5omm6sq27gvH8kzX9o1y+s73/g8MCofEovGITCoxKMbyCR16cNSq9YrNarfcrvd AG4kiW5omm6sq27gvH8kzX9o1y+s73/g8MCofEovGITCoxKMbyCR16cNSq9YrNarfcrvd
riIH5LL5jE6rxc3G+v2cguf0uv2Oz+v38L7/DxgoOKjURnjIIbe3yNjo+AgZWYVIWWl5i riIH5LL5jE6rxc3G+v2cguf0uv2Oz+v38L7/DxgoOKjURnjIIbe3yNjo+AgZWYVIWWl5i
ZnJY6J ZnJY6J
... ...
----FEE3790DC7E35189CA67CE2C ----FEE3790DC7E35189CA67CE2C
5 Recommended Practices 5. Recommended Practices
This section outlines a series of recommended practices when using a This section outlines a series of recommended practices when using a
messaging transport to exchange iCalendar objects. messaging transport to exchange iCalendar objects.
5.1 Use of Content and Message IDs 5.1. Use of Content and Message IDs
The [iCAL] specification makes frequent use of the URI for data types The [iCAL] specification makes frequent use of the URI for data types
in properties such as "DESCRIPTION", "ATTACH", "CONTACT" and others. in properties such as "DESCRIPTION", "ATTACH", "CONTACT", and others.
Two forms of URIs are Message ID (MID) and Content ID (CID). These Two forms of URIs are the Message ID (MID) and the Content-ID (CID).
are defined in [RFC-2392]. Although [RFC-2392] allows referencing These are defined in [RFC2392]. Although [RFC2392] allows
messages or MIME body parts in other MIME entities or stores, it is referencing messages or MIME body parts in other MIME entities or
strongly RECOMMENDED that iMIP implementations include all referenced stores, it is strongly RECOMMENDED that iMIP implementations include
messages and body parts in a single MIME entity. Simply put, if an all referenced messages and body parts in a single MIME entity.
iCalendar object contains CID or MID references to other messages or Simply put, if an iCalendar object contains CID or MID references to
body parts, implementations should ensure that these messages and/or other messages or body parts, implementations should ensure that
body parts are transmitted with the iCalendar object. If they are these messages and/or body parts are transmitted with the iCalendar
not, there is no guarantee that the receiving CUA will have the object. If they are not, there is no guarantee that the receiving
access or the authorization to view those objects. CUA will have the access or the authorization to view those objects.
6 IANA Considerations
Registration of text/calendar MIME Media Type is done in [iCal].
This document doesn't require any additional actions from IANA.
7 References
7.1 Normative References 6. IANA Considerations
[iCAL] Desruisseaux, B., (Ed.), "Internet Calendaring and The "text/calendar" MIME media type was registered in [iCAL].
Scheduling Core Object Specification (iCalendar)", RFC 5545.
[iTIP] Daboo, C., "iCalendar Transport-Independent 7. References
Interoperability Protocol (iTIP)", RFC 5546.
[RFC-5322] Resnick, P., "Internet Message Format", RFC 5322, October 7.1. Normative References
2008.
[MAILTO] Hoffmann, P., Masinter, L., and J. Zawinski, "The mailto URL [iCAL] Desruisseaux, B., Ed., "Internet Calendaring and
scheme", RFC 2368, June 1998. Scheduling Core Object Specification (iCalendar)",
RFC 5545, September 2009.
[RFC-1847] Galvin, J., Murphy, S., Crocker, S. and N. Freed, [iTIP] Daboo, C., Ed., "iCalendar Transport-Independent
"Security Multiparts for MIME: Multipart/Signed and Interoperability Protocol (iTIP)", RFC 5546, December
Multipart/Encrypted", RFC 1847, October 1995. 2009.
[RFC-2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322,
Extensions (MIME) - Part One: Format of Internet Message Bodies", RFC October 2008.
2045, November 1996.
[RFC-2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail [MAILTO] Duerst, M., Masinter, L., and J. Zawinski, "The 'mailto'
Extensions (MIME) - Part Two: Media Types", RFC 2046, November 1996. URI Scheme", RFC 6068, October 2010.
[RFC-2392] Levinson, E., "Content-ID and Message-ID Uniform Resource [RFC1847] Galvin, J., Murphy, S., Crocker, S., and N. Freed,
Locators", RFC 2392, August 1998. "Security Multiparts for MIME: Multipart/Signed and
Multipart/Encrypted", RFC 1847, October 1995.
[RFC-2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Requirement Levels", BCP 14, RFC 2119, March 1997. Extensions (MIME) Part One: Format of Internet Message
Bodies", RFC 2045, November 1996.
[UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO 10646", [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
STD 63, RFC 3629, November 2003. Extensions (MIME) Part Two: Media Types", RFC 2046,
November 1996.
[SMTP-TLS] Hoffman, P., "SMTP Service Extension for Secure SMTP over [RFC2392] Levinson, E., "Content-ID and Message-ID Uniform Resource
Transport Layer Security", RFC 3207, February 2002. Locators", RFC 2392, August 1998.
[IMAP-POP-TLS] Newman, C., "Using TLS with IMAP, POP3 and ACAP", RFC [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
2595, June 1999. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC-5750] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
Mail Extensions (S/MIME) Version 3.2 Certificate Handling", RFC 5750, 10646", STD 63, RFC 3629, November 2003.
January 2010.
[RFC-5751] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet [SMTP-TLS] Hoffman, P., "SMTP Service Extension for Secure SMTP over
Mail Extensions (S/MIME) Version 3.2 Message Specification", RFC Transport Layer Security", RFC 3207, February 2002.
5751, January 2010.
[RFC-5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., [IMAP-POP-TLS]
Housley, R. and W. Polk, "Internet X.509 Public Key Infrastructure Newman, C., "Using TLS with IMAP, POP3 and ACAP",
Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, RFC 2595, June 1999.
May 2008.
7.2 Informative References [RFC5750] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet
Mail Extensions (S/MIME) Version 3.2 Certificate
Handling", RFC 5750, January 2010.
[8BITMIME] Klensin, J., Freed, N., Rose, M., Stefferud, E., and D. [RFC5751] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet
Crocker, "SMTP Service Extension for 8bit-MIMEtransport", RFC 1652, Mail Extensions (S/MIME) Version 3.2 Message
July 1994. Specification", RFC 5751, January 2010.
[RFC5598] Crocker, D., "Internet Mail Architecture", RFC 5598, [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
July 2009. Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation
List (CRL) Profile", RFC 5280, May 2008.
[RFC-3282] Alvestrand, H., "Content Language Headers", RFC 3282, May 7.2. Informative References
2002.
8 Authors' Addresses [8BITMIME] Klensin, J., Freed, N., Rose, M., Stefferud, E., and D.
Crocker, "SMTP Service Extension for 8bit-MIMEtransport",
RFC 1652, July 1994.
Alexey Melnikov (editor) [RFC5598] Crocker, D., "Internet Mail Architecture", RFC 5598, July
Isode Ltd 2009.
5 Castle Business Village
36 Station Road
Hampton, Middlesex TW12 2BX
UK
Email: Alexey.Melnikov@isode.com [RFC3282] Alvestrand, H., "Content Language Headers", RFC 3282, May
2002.
Appendix A. Changes since RFC 2447. Appendix A. Changes since RFC 2447
Updated references. Split them into Normative and Informative. Updated references. Split them into Normative and Informative.
Updated examples to use example.com/example.net domains. Updated examples to use example.com/example.net domains.
Corrected usage of RFC 2119 language. Corrected usage of RFC 2119 language.
Clarified that charset=UTF-8 is required, unless the calendar can be Clarified that charset=UTF-8 is required, unless the calendar can be
entirely represented in US-ASCII. entirely represented in US-ASCII.
Clarified that 7-bit content transfer encodings should be used unless Clarified that 7-bit content transfer encodings should be used unless
the calendar object is known to be transferred over 8-bit clean the calendar object is known to be transferred over 8-bit clean
transport. transport.
Clarified that file extension specified in the Content-Disposition Clarified that file extension specified in the Content-Disposition
header field is not to be used to override the Content-Type MIME header field is not to be used to override the "Content-Type" MIME
type. type.
Disallow use of "multipart/alternative" for slightly different Disallowed use of "multipart/alternative" for slightly different
representations of the same calendar. representations of the same calendar.
Clarified handling of the "method" MIME parameter of the "Content- Clarified handling of the "method" MIME parameter of the "Content-
Type" header field. Type" header field.
Clarified that in an iMIP message an ORGANIZER/ATTENDEE property Clarified that in an iMIP message an ORGANIZER/ATTENDEE property
contains a mailto: URI. contains a mailto: URI.
Fixed examples with ATTENDEE property to use "CUTYPE=" instead of Fixed examples with ATTENDEE property to use "CUTYPE=" instead of
"TYPE=". "TYPE=".
Clarified that message integrity/confidentiality should be achieved Clarified that message integrity/confidentiality should be achieved
using S/MIME. using S/MIME.
Additional examples. Provided additional examples.
Improved Security Considerations section.
Multiple editorial changes to different sections of the document. Improved the Security Considerations section.
Appendix B. Acknowledgements Made multiple editorial changes to different sections of the
document.
<<RFC Editor: feel free to move this section elsewhere.>> Appendix B. Acknowledgements
The editor of this document wish to thank Frank Dawson, Steve Mansour The editor of this document wishes to thank Frank Dawson, Steve
and Steve Silverberg, the original authors of RFC 2447, as well as Mansour, and Steve Silverberg, the original authors of RFC 2447, as
the following individuals who have participated in the drafting, well as the following individuals who have participated in the
review and discussion of this memo: drafting, review, and discussion of this memo:
Reinhold Kainhofer, Cyrus Daboo, Bernard Desruisseaux, Eliot Lear, Reinhold Kainhofer, Cyrus Daboo, Bernard Desruisseaux, Eliot Lear,
Peter Saint-Andre. and Peter Saint-Andre.
Author's Address
Alexey Melnikov (editor)
Isode Ltd
5 Castle Business Village
36 Station Road
Hampton, Middlesex TW12 2BX
UK
EMail: Alexey.Melnikov@isode.com
 End of changes. 142 change blocks. 
342 lines changed or deleted 338 lines changed or added

This html diff was produced by rfcdiff 1.40. The latest version is available from http://tools.ietf.org/tools/rfcdiff/