| Internet-Draft | iMIP Email Header | October 2020 |
| Daboo | Expires 4 April 2021 | [Page] |
This document defines a new email message header to improve interoperability when the iCalendar Message-Based Interoperability Protocol (iMIP) is being used to send scheduling messages.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 4 April 2021.¶
Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
The iCalendar [RFC5545] specification defines a standard way to describe calendar data. The iTIP [RFC5546] specification defines a transport independent messaging protocol for scheduling messages based on iCalendar. The iMIP [RFC6047] specification defines how the iTIP protocol can be used over an email [RFC5322] transport by "attaching" iCalendar parts to an email message.¶
Whilst iMIP has been in use for quite some time, there continue to be problems with interoperability between different implementations. In particular, many implementations are sensitive to the exact "structure" of the email message parts. Some clients expect specific headers to be present, or to have specific values (e.g., a "Content-Disposition" header with a value "attachment"). What this means is that an iMIP message sent from one client to another often goes unrecognized as an iMIP message, and the calendar data is never processed as a scheduling message. In some cases, clients generate multiple iCalendar attachments, with different "Content-Type" header values in order to have a greater chance of their message being processed correctly.¶
This specification addresses these problems by introducing a new email message header that can be used by clients to clearly identify that an email message is in fact an iMIP message, as well as clearly identify which part within the email message corresponds to the iCalendar data to be processed as an iMIP message.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].¶
When a client generates an iMIP email message it includes an "iMIP-Content-ID" header field in the MIME part corresponding to the iCalendar data used for scheduling. There MUST be only one iCalendar part with that header present. The client then includes an "iMIP-Content-ID" header in the top-level email message headers, setting the value of that header to the value used for the "iMIP-Content-ID" header associated with the iCalendar data part.¶
A mail user agent that is capable of processing iMIP messages can do the following:¶
If an "iMIP-Content-ID" header is not present at the top-level of the message, then the client SHOULD look for the presence of that header in a message sub-part and apply the following rules:¶
The key benefit of this approach is that it allows mail user agents (and automated email processing/filtering systems like SIEVE [RFC5228]) to quickly and clearly identify incoming iMIP messages, without the need to do an in-depth examination of the MIME structure of the message to look for suitable iCalendar attachments. In addition, the presence of this header will not impact current processing of iMIP messages and thus provides a backwards compatible, incremental upgrade to a more reliable mechanism.¶
The "iMIP-Content-ID" header field is specified as follows using Augmented Backus-Naur Form [RFC5234], with additional terms from [RFC5322]:¶
imip-content-id = "iMIP-Content-ID:" msg-id¶
Email message security typically does not cover top-level message headers in signed or encrypted email data. It is therefore possible for an attacker to add, modify or remove an "iMIP-Content-ID" header in the top-level message headers. Such an attack can be mitigated by using a technology such as DomainKeys Identified Mail (DKIM) [RFC6376], and it is RECOMMENDED that the "iMIP-Content-ID" header be included as one of the signed header fields.¶
The IANA is asked to register the new header field, using the template as follows, in accordance with [RFC3864].¶
Thanks to the following for feedback: Ken Murchison.¶
This specification originated from discussions at a Calendaring and Scheduling Consortium interoperability event.¶
TBD¶