Network Working Group K. Toyoda, MGCS Internet Draft D. Crocker, Brandenburg draft-ietf-fax-esmtp-conneg-03.txt July 2002 Expires: January 2003 SMTP Service Extension for Content Negotiation STATUS OF THIS MEMO This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. COPYRIGHT NOTICE Copyright (C) The Internet Society (2001). All Rights Reserved. ABSTRACT This document defines a content negotiation service extension for SMTP [ESMTP1, ESMTP2] whereby an SMTP client may request information about content capabilities of the target device or system that is serviced by an SMTP server. The SMTP server may report the target's content capabilities back to the client. This process emulates a classic facsimile start-of- session capabilities negotiation, although it can be used for a broad range of email-based scenarios. This service extension is primarily intended for "direct", one-hop, originator/recipient SMTP transfers, although relayed scenarios through multiple SMTP servers are permitted. 1. INTRODUCTION When a data source and a receiver have interactive access to each other, the receiver often informs the source of its capabilities, to permit optimized performance or functionality for the interaction. Classic telephone-based facsimile is an example, as are voice over IP and ESMTP among Internet applications. The store-and-forward nature of Internet mail is usually assumed to preclude such capabilities exchanges. However direct email-based interactions are possible with proper configuration of the email originator and recipient servers, such as over an intranet. This document defines an SMTP-based service extension [ESMTP1, ESMTP2] for content negotiation, whereby an SMTP client may request information about content capabilities of the target device or system that is serviced by an SMTP server. The SMTP server may report the target's content capabilities back to the client. This process emulates a classic facsimile start-of-session capabilities negotiation, although it may be used for any email- based service. This extension is primarily intended for "direct" SMTP transfers, although relayed scenarios are permitted through a series of SMTP servers. 2. CONVENTIONS In examples, "C:" and "S:" indicate lines sent by the client and server respectively. The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in this document are to be interpreted as defined in "Key words for use in RFCs to Indicate Requirement Levels" [KEYWORDS]. 3. CONTENT NEGOTIATION SERVICE EXTENSION (1) The name of the SMTP service extension is "Content_Negotiation" (2) The EHLO keyword value associated with this extension is "CONNEG" (3) A parameter using the keyword "CONNEG" is added to the RCPT command (4) The server responds with a report of the content capabilities of the device or system that embodies the target RCPT address. 4. CONNEG PARAMETER TO RCPT 4.1 Parameter Keyword: CONNEG Argument: REQUIRED The client requires support for the capability. If the target does not support the CONNEG parameter, the target MUST reject the RCPT command with a 504 reply. If the target can not support the capability due to a temporary problem, it MUST reject the RCPT command with a 404 reply. OPTIONAL The client requests the target to use the capability. If the target can not support the capability at this time, the target MUST process the address and message as if the requested CONNEG capabilities had not been specified. If the argument does not exist, the default is "REQUIRED". When a capability is REQUIRED by the client but can not currently be supported by the target, an error response will have significant performance impact to overall SMTP processing. Use of the OPTIONAL parameter will ensure high SMTP performance. 4.2 Client Action: If the server issued a 250-CONNEG, as part of its EHLO response for the current session, the client MAY issue the CONNEG parameter with RCPT. If the client issues the CONNEG parameter with RCPT, then it MUST honor the capabilities specified in the CONNEG RCPT reply, and transform data that is sent, so that the server can accept the data. The client SHOULD transform the data to the "highest" level of capability of the server. If the server rejects the RCPT command with a 404 reply, the client may later reissue the RCPT with the CONNEG parameter in a different SMTP session. If the server returns an EHLO 250 code without CONNEG capabilities, the client MUST NOT issue a CONNEG parameter with RCPT. 4.3 Server Action: If the client specifies "CONNEG=REQUIRED" in the RCPT, but the server does not support the CONNEG parameter, the server MUST reject the RCPT command with a 504 reply. If the server supports the CONNEG parameter, but can not return the recepient's capability temporarily, the server MUST reject the RCPT command with a 404 reply. For example, if the server gets the capability information from a directory, but its connection is offline, the server MUST reject the RCPT command with a 404 reply. If the client specifies "CONNEG=OPTIONAL" in the RCPT, but the server does not support the CONNEG parameter or can not return the recipient's capability temporarily, the server MUST process the address and message as if the requested CONNEG capabilities had not been specified. Regardless of the value of the parameter, if the server does support the CONNEG parameter and the address is acceptable, then it MUST issue a 250 reply, followed by the capabilities of the server that is specified by the RCPT address. Successful responses to CONNEG RCPT requests will always be multiple SMTP lines. The first line is the normal RCPT response, and subsequent lines beginning with the exact string "250-CONNEG " and "250 CONNEG " are the CONNEG responses. The last line begins with "250 CONNEG ". If the SMTP server supports ENHANCEDSTATUSCODES [RFC1893], the response strings for a success are "250-2.1.5 CONNEG " and "250 2.1.5 CONNEG ". The response strings for indicating a permanent failure are "504-5.3.3 CONNEG " and "504 5.3.3 CONNEG ". The response strings for a temporary failure are "404-4.3.3 CONNEG " and "404 4.3.3 CONNEG ". All CONNEG-capable clients and CONNEG-capable servers MUST be able to successfully process CONNEG lines that are up to 512 characters long, as required by RFC2821. If the length of CONNEG lines is greater than 512 characters, the server MUST insert line breaks and make next CONNEG line. The contents of the capability listing MUST conform to [RFC2506], [RFC2533], and MAY be used to emulate services, such as the facsimile start-of-session capabilities negotiation as described in "Content Feature Schema for Internet Fax". [RFC2879] 5. SYNTAX The syntax for a "Command with CONNEG" and "Reply", using the ABNF notation of [RFC2234], is: Command with "CONNEG": "RCPT TO:" ("" / "" / Forward-Path) (SP "CONNEG=" ("REQUIRED" / "OPTIONAL") CRLF domain = <> Forward-Path = <> Reply: initial-reply *conneg-reply final-reply initial-reply = reply-code "-" [ status-code ] [text] CRLF ; text is usually intended for human users. conneg-reply = reply-code "-" [ status-code " " ] "CONNEG " capability CRLF final-reply = reply-code " " [ status-code ] CRLF reply-code = 250 / 504 / 404 status code = 2.1.5 / 5.3.3 / 4.3.3 text = 1* capability = <> 6. EXAMPLE An example of ESMTP sequence with successful RCPT response 1 S: 220 ifax1.jp IFAX 2 C: EHLO ifax1.jp 3 S: 250-ifax1.jp 4 S: 250-DSN 5 S: 250 CONNEG 6 C: MAIL FROM: 7 S: 250 sender ok 8 C: RCPT TO: CONNEG = REQUIRED 9 S: 250- recipient ok 10 S: 250 CONNEG (&(image-file-structure=TIFF-minimal) 11 S: (MRC-mode=0)(color=Binary)(|(&(dpi=204) 12 S: (dpi-xyratio=[204/98,204/196]) )(&(dpi=200) 13 S: (dpi-xyratio=[200/100,1]) )(&(dpi=400) 14 S: (dpi-xyratio=1) ) )(|(image-coding=[MH,MR,MMR]) 15 S: (&(image-coding=JBIG)(image-coding-constraint=JBIG-T85) 16 S: (JBIG-stripe-size=128) ) )(paper-size=[letter,A4,B4]) 17 S: (ua-media=stationery) ) 18 C: DATA 19 S: 354 okay, send data 20 C: <> 21 S: 250 message accepted 22 C: QUIT 23 S: 221 goodbye Note that line 9 is terminated with CRLF, but lines 10 through 16 are not terminated by CRLF -- they are only shown wrapped in this document for clarity. The next line that has a CRLF is line 17. An example of successful RCPT response when the length of capability is greater than 512 characters. S: 250-2.1.5 recipient ok S: 250-2.1.5 CONNEG (&(image-file-structure=TIFF-minimal) ... S: 250-2.1.5 CONNEG ..... S: 250 2.1.5 CONNEG (color=Binary) An example of successful RCPT response when CONNEG-capable server supports ENHANCEDSTATUSCODES. 1 S: 250-2.1.5 recipient ok 2 S: 250 2.1.5 CONNEG (&(image-file-structure=TIFF-minimal) 3 S: (MRC-mode=0)(color=Binary)(|(&(dpi=204) 4 S: (dpi-xyratio=[204/98,204/196]) )(&(dpi=200) 5 S: (dpi-xyratio=[200/100,1]) )(&(dpi=400) 6 S: (dpi-xyratio=1) ) )(|(image-coding=[MH,MR,MMR]) 7 S: (&(image-coding=JBIG)(image-coding-constraint=JBIG-T85) 8 S: (JBIG-stripe-size=128) ) )(paper-size=[letter,A4,B4]) 9 S: (ua-media=stationery) ) Note that line 1 is terminated with CRLF, but lines 2 through 9 are not terminated by CRLF -- they are only shown wrapped in this document for clarity. An example of ESMTP sequence with permanent failure RCPT response. S: 220 ifax1.jp IFAX C: EHLO ifax1.jp S: 250-ifax1.jp S: 250-DSN S: 250 CONNEG C: MAIL FROM: S: 250 sender ok C: RCPT TO: CONNEG=REQUIRED S: 504 conneg permanent failure C: QUIT S: 221 goodbye An example of an ESMTP sequence with temporary failure RCPT response when the value of parameter is "REQUIRED": S: 220 ifax1.jp IFAX C: EHLO ifax1.jp S: 250-ifax1.jp S: 250-DSN S: 250 CONNEG C: MAIL FROM: S: 250 sender ok C: RCPT TO: CONNEG=REQUIRED S: 404 conneg temporary failure C: QUIT S: 221 goodbye . . . retry according to implementation An example of an ESMTP sequence with temporary failure RCPT response when the value of parameter is "OPTIONAL": S: 220 ifax1.jp IFAX C: EHLO ifax1.jp S: 250-ifax1.jp S: 250-DSN S: 250 CONNEG C: MAIL FROM: S: 250 sender ok C: RCPT TO: CONNEG=OPTIONAL S: 250 recipient ok C: DATA S: 354 okay, send data C: <> S: 250 message accepted C: QUIT S: 221 goodbye 7. IANA CONSIDERATIONS On publication of this document by the RFC Editor, the IANA shall register the Content_Negotiation ESMTP extension defined in section 3. 8. SECURITY CONSIDERATIONS This ESMTP option calls for a respondent to disclose its capabilities. Mechanisms for determining the requestor's authenticated identity are outside the scope of this specification. It is intended that this mechanism permit disclosure of public information; hence there is no particular need for security measures. However there is nothing to prevent disclosure of sensitive information that should receive restricted distribution. It is, therefore, the responsibility of the disclosing ESMTP server to determine whether additional security measures should be applied to the use of this ESMTP option. A man-in-the-middle attack might change the capabilities reported for a given recipient. For example: Suppose the sender knows the recipient has the ability to view color documents so they mark some things in red in what is otherwise a black and white document. But someone interferes with the returned capabilities, indicating that the recipient only supports black and white. The document is duly downgraded, with the result that the recipient doesn't see what the sender marked. An indirect exposure can occur when the report of a capability implies use of specific software. If that software is known to have security weaknesses, the capabilities report effectively advertises the associated opportunity to exploit the security weakness. For target SMTP servers that require security mechanisms to be in force at the start of the session, the target SHOULD refrain from including the CONNEG parameter in an EHLO response until the requisite security mechanisms are in force. 9. ACKNOWLEDGEMENTS Graham Klyne provided useful suggestions to an earlier draft. 10 REFERENCES 10.1 Normative references [ESMTP1] Klensin, J., Freed, N., Rose, M., Stefferud, E. and D. Crocker, "SMTP Service Extensions", RFC 1869, November 1995 [ESMTP2] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821, April 2001. [RFC1893] Vaudreuil, G., "Enhanced Mail System Status Codes", RFC 1893, January 1996. [RFC2234] Crocker, D. and P. Overell, Eds., "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, November 1997. [RFC2506] Holtman, K., Mutz, A. and T. Hardie, "Media Feature Tag Registration Procedure", RFC 2506, March 1999. [RFC2533] Klyne, G., "A syntax for describing media feature sets", RFC 2533, March 1999. 10.2 Non-normative references [RFC2534] Masinter, L., Holtman, K., Mutz, A. and D. Wing, " Media Features for Display, Print, and Fax", RFC 2534, March 1999. [RFC2879] McIntyre, L. and G. Klyne, "Content Feature Schema for Internet Fax", RFC 2531, August 2000 [RFC2305] Toyoda, K., Ohno, H., Murai, J. and D. Wing, "A Simple Mode of Facsimile Using Internet Mail", RFC 2305, March 1998. 11. AUTHORS' ADDRESSES Kiyoshi Toyoda Matsushita Graphic Communication Systems,Inc 2-3-8 Shimomeguro, Meguro-Ku Tokyo 153 JAPAN +81.3.5434.7161 ktoyoda@rdmg.mgcs.mei.co.jp Dave Crocker Brandenburg InternetWorking 675 Spruce Drive Sunnyvale, CA 94086 USA +1.408.246.8253 dcrocker@brandenburg.com 12. FULL COPYRIGHT STATEMENT Copyright (C) The Internet Society (2002). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.