wasm-demo/demo/ermis-f/imap-protocol/cur/1600095124.22917.mbox:2,S

MBOX-Line: From dave at cridland.net  Wed Apr 11 03:51:51 2007
To: imap-protocol@u.washington.edu
From: Dave Cridland <dave@cridland.net>
Date: Fri Jun  8 12:34:39 2018
Subject: [Imap-protocol] ACL: GETACL and "always granted" rights
In-Reply-To: <1766087308.133811176240507094.JavaMail.root@dogfood.liquidsys.com>
References: <1766087308.133811176240507094.JavaMail.root@dogfood.liquidsys.com>
Message-ID: <6701.1176288711.978094@peirce.dave.cridland.net>

On Tue Apr 10 22:28:27 2007, Dan Karp wrote:
> If a user has rights that "will always be granted" on a mailbox 
> (e.g. that show up in the first rights set in a LISTRIGHTS untagged 
> response), is that user/rights pair to be listed in the GETACL 
> response on that mailbox?
> 
> 
In principle, that would be a reasonable reading of RFC4314, and you 
would not be non-compliant for doing so.

In practise, it might be silly under some circumstances.

The LISTRIGHTS response tells you two things - and note I'm 
deliberately using a different wording:

1) The groups of rights that may be granted to the identifier.

2) The set of inalienable rights the identifier implicitly has.

I'd personally say that you should examine *why* the identifiers have 
these implicit rights, and decide on that basis whether to include 
them in the ACL - and in some cases, whether to admit they have 
implicit rights in LISTRIGHTS.

I don't think you'd confuse clients by having a degree of discrepency 
between LISTRIGHTS and GETACL, but you might confuse clients by 
including entries in the ACL if they're not really needed. (For 
example, Thunderbird decides whether a mailbox is shared according to 
the contents of the ACL.)

Dave.
-- 
Dave Cridland - mailto:dave@cridland.net - xmpp:dwd@jabber.org
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade