RFC 2244
ACAP -- Application Configuration Access Protocol
7. Registration Procedures ACAP's usefulness comes from providing a structured storage model for all sorts of configuration data. However, for its potential to be achieved, it is important that the Internet community strives for the following goals:
(1) Standardization. It is very important to standardize dataset classes. The authors hope that ACAP achieves the success that SNMP has seen with the definition of numerous standards track MIBs. (2) Community Review. In the absence of standardization, it is important to get community review on a proposal to improve its engineering quality. Community review is strongly recommended prior to registration. The ACAP implementors mailing list <ietf-acap@andrew.cmu.edu> should be used for this purpose. (3) Registration. Registration serves a two-fold purpose. First it prevents use of the same name for different purposes, and second it provides a one-stop list which can be used to locate existing extensions or dataset classes to prevent duplicate work. The following registration templates may be used to register ACAP protocol elements with the Internet Assigned Numbers Authority (IANA). 7.1. ACAP Capabilities New ACAP capabilities MUST be registered prior to use. Careful consideration should be made before extending the protocol, as it can lead to complexity or interoperability problems. Review of proposals on the acap implementors mailing list is strongly encouraged prior to registration. To: iana@iana.org Subject: Registration of ACAP capability Capability name: Capability keyword: Capability arguments: Published Specification(s): (Optional, but strongly encouraged) Person and email address to contact for further information: 7.2. ACAP Response Codes ACAP response codes are registered on a first come, first served basis. Review of proposals on the acap implementors mailing list is strongly encouraged prior to registration.
To: iana@iana.org Subject: Registration of ACAP response code Response Code: Arguments (use ABNF to specify syntax): Purpose: Published Specification(s): (Optional, but strongly encouraged) Person and email address to contact for further information: 7.3. Dataset Classes A dataset class provides a core set of attributes for use in a specified hierarchy. It may also define rules for the dataset hierarchy underneath that class. Dataset class specifications must be standards track or IESG approved experimental RFCs. To: iana@iana.org Subject: Registration of ACAP dataset class Dataset class name/attribute prefix: Purpose: Published Specification(s): (Standards track or IESG approved experimental RFC) Person and email address to contact for further information: 7.4. Vendor Subtree Vendors may reserve a portion of the ACAP namespace for private use. Dataset class names beginning with "vendor.<company/product name>." are reserved for use by that company or product. In addition, all attribute names beginning with "vendor.<company/product name>." are reserved for use by that company or product once registered. Registration is on a first come, first served basis. Whenever possible, private attributes and dataset classes should be avoided in favor of improving interoperable dataset class definitions.
To: iana@iana.org Subject: Registration of ACAP vendor subtree Private Prefix: vendor.<company/product name>. Person and email address to contact for further information: (company names and addresses should be included when appropriate) 8. Formal Syntax The following syntax specification uses the augmented Backus-Naur Form (BNF) notation as specified in [ABNF]. This uses the ABNF core rules as specified in Appendix A of the ABNF specification [ABNF]. Except as noted otherwise, all alphabetic characters are case-insensitive. The use of upper or lower case characters to define token strings is for editorial clarity only. Implementations MUST accept these strings in a case-insensitive fashion. The "initial-greeting" rule below defines the initial ACAP greeting from the server. The "command" rule below defines the syntax for commands sent by the client. The "response" rule below defines the syntax for responses sent by the server. ATOM-CHAR = "!" / %x23-27 / %x2A-5B / %x5D-7A / %x7C-7E ;; Any CHAR except ATOM-SPECIALS ATOM-SPECIALS = "(" / ")" / "{" / SP / CTL / QUOTED-SPECIALS CHAR = %x01-7F DIGIT-NZ = %x31-39 ; non-zero digits ("1" - "9") QUOTED-CHAR = SAFE-UTF8-CHAR / "\" QUOTED-SPECIALS QUOTED-SPECIALS = <"> / "\" SAFE-CHAR = %x01-09 / %x0B-0C / %x0E-21 / %x23-5B / %x5D-7F ;; any TEXT-CHAR except QUOTED-SPECIALS SAFE-UTF8-CHAR = SAFE-CHAR / UTF8-2 / UTF8-3 / UTF8-4 / UTF8-5 / UTF8-6 TAG-CHAR = %x21 / %x23-27 / %x2C-5B / %x5D-7A / %x7C-7E ;; Any ATOM-CHAR except "*" or "+"
TEXT-CHAR = %x01-09 / %x0B-0C / %x0E-7F
;; any CHAR except CR and LF
TEXT-UTF8-CHAR = SAFE-UTF8-CHAR / QUOTED-SPECIALS
UTF8-1 = %x80-BF
UTF8-2 = %xC0-DF UTF8-1
UTF8-3 = %xE0-EF 2UTF8-1
UTF8-4 = %xF0-F7 3UTF8-1
UTF8-5 = %xF8-FB 4UTF8-1
UTF8-6 = %xFC-FD 5UTF8-1
UTF8-CHAR = TEXT-UTF8-CHAR / CR / LF
acl = "(" [acl-identrights *(SP acl-identrights)] ")"
*(SPACE acl-identrights)] ")"
acl-identifier = string-utf8
;; MUST NOT contain HTAB
acl-identrights = string-utf8
;; The identifier followed by a HTAB,
;; followed by the rights.
acl-delobject = "(" dataset SP attribute [SP entry-name] ")"
acl-object = "(" dataset [SP attribute [SP entry-name]] ")"
acl-rights = quoted
atom = ALPHA *1023ATOM-CHAR
attribute = string-utf8
;; dot-separated attribute name
;; MUST NOT contain "*" or "%"
attribute-store = attribute SP (value-nildef /
"(" 1*(metadata-write-q SP value-store) ")")
;; MUST NOT include the same metadata twice
auth-type = <"> auth-type-name <">
auth-type-name = iana-token
;; as defined in SASL [SASL]
command = tag SP (command-any / command-auth /
command-nonauth) CRLF
;; Modal based on state
command-authent = "AUTHENTICATE" SP auth-type
[SP string] *(CRLF string)
command-any = "NOOP" / command-lang / "LOGOUT" /
command-extend
command-auth = command-delacl / command-dsince /
command-freectx / command-getquota /
command-lrights / command-myrights /
command-search / command-setacl /
command-store
;; only valid in authenticated state
command-delacl = "DELETEACL" SP acl-delobject [SP acl-identifier]
command-dsince = "DELETEDSINCE" SP dataset SP time
command-extend = extend-token [SP extension-data]
command-freectx = "FREECONTEXT" SP context
command-getquota = "GETQUOTA" SP dataset
command-lang = "LANG" *(SP lang-tag)
command-lrights = "LISTRIGHTS" SP acl-object
command-myrights = "MYRIGHTS" SP acl-object
command-nonauth = command-authent
;; only valid in non-authenticated state
command-search = "SEARCH" SP (dataset / context)
*(SP search-modifier) SP search-criteria
;; MUST NOT include same search-modifier twice
command-setacl = "SETACL" SP acl-object SP acl-identifier
SP acl-rights
command-store = "STORE" SP store-entry-list
comparator = <"> comparator-name <">
comparator-name = ["+" / "-"] iana-token
context = string-utf8
;; MUST NOT begin with slash ("/")
dataset = string-utf8
;; slash-separated dataset name
;; begins with slash
entry = entry-name / entry-path
entry-name = string-utf8
;; entry name MUST NOT contain slash
;; MUST NOT begin with "."
entry-path = string-utf8
;; slash-separated path to entry
;; begins with slash
entry-relative = string-utf8
;; potentially relative path to entry
extend-token = atom
;; MUST be defined by a standards track or
;; IESG approved experimental protocol extension
extension-data = extension-item *(SP extension-item)
extension-item = extend-token / string / number /
"(" [extension-data] ")"
iana-token = atom
;; MUST be registered with IANA
initial-greeting = "*" SP "ACAP" *(SP "(" init-capability ")") CRLF
init-capability = init-cap-context / init-cap-extend /
init-cap-implem / init-cap-sasl
init-cap-context = "CONTEXTLIMIT" SP string
init-cap-extend = iana-token [SP string-list]
init-cap-implem = "IMPLEMENTATION" SP string
init-cap-sasl = "SASL" SP string-list
lang-tag = <"> Language-Tag <">
;; Language-Tag rule is defined in [LANG-TAGS]
literal = "{" number [ "+" ] "}" CRLF *OCTET
;; The number represents the number of octets
;; MUST be literal-utf8 except for values
literal-utf8 = "{" number [ "+" ] "}" CRLF *UTF8-CHAR
;; The number represents the number of octets
;; not the number of characters
metadata = attribute [ "(" metadata-type-list ")" ]
;; attribute MAY end in "*" as wildcard.
metadata-list = metadata *(SP metadata)
metadata-type = "attribute" / "myrights" / "size" /
"count" / metadata-write
metadata-type-q = <"> metadata-type <">
metadata-type-list = metadata-type-q *(SP metadata-type-q)
metadata-write = "value" / "acl"
metadata-write-q = <"> metadata-write <">
nil = "NIL"
number = *DIGIT
;; A 32-bit unsigned number.
;; (0 <= n < 4,294,967,296)
nz-number = DIGIT-NZ *DIGIT
;; A 32-bit unsigned non-zero number.
;; (0 < n < 4,294,967,296)
position = number
;; "0" if context is not enumerated
;; otherwise this is non-zero
quota-limit = number
quota-usage = number
quoted = <"> *QUOTED-CHAR <">
;; limited to 1024 octets between the <">s
response = response-addto / response-alert / response-bye /
response-change / response-cont /
response-deleted / response-done /
response-entry / response-extend /
response-listr / response-lang /
response-mtimei / response-mtimeu /
response-myright / response-quota /
response-refer / response-remove / response-stat
response-addto = "*" SP "ADDTO" SP context SP entry-name
SP position SP return-data-list
response-alert = "*" SP "ALERT" SP resp-body CRLF
;; Client MUST display alert text to user
response-bye = "*" SP "BYE" SP resp-body CRLF
;; Server will disconnect condition
response-change = "*" SP "CHANGE" SP context SP entry-name
SP position SP position SP return-data-list
response-cont = "+" SP string
response-deleted = tag SP "DELETED" SP entry-name
response-done = tag SP resp-cond-state CRLF
response-entry = tag SP "ENTRY" SP entry SP return-data-list
response-extend = (tag / "*") SP extend-token [SP extension-data]
response-lang = "*" SP "LANG" SP lang-tag 1*(SP comparator)
response-listr = tag SP "LISTRIGHTS" SP acl-rights
*(SP acl-rights)
response-mtimei = tag SP "MODTIME" SP time
response-mtimeu = "*" SP "MODTIME" SP context SP time
response-myright = tag SP "MYRIGHTS" SP acl-rights
response-quota = "*" SP "QUOTA" SP dataset SP quota-limit
SP quota-usage [SP extension-data]
response-refer = tag SP "REFER" SP dataset
1*(SP <"> url-relative <">)
response-remove = "*" SP "REMOVEFROM" SP context SP
entry-name SP position
response-stat = "*" SP resp-cond-state CRLF
resp-body = ["(" resp-code ")" SP] quoted
resp-code = "AUTH-TOO-WEAK" / "ENCRYPT-NEEDED" /
resp-code-inval / resp-code-mod /
resp-code-noexist / resp-code-perm / "QUOTA" /
resp-code-refer / resp-code-sasl /
resp-code-toomany / "TOOOLD" /
"TRANSITION-NEEDED" / "TRYFREECONTEXT" /
"TRYLATER" / "WAYTOOMANY" / resp-code-ext
resp-code-ext = iana-token [SP extension-data]
;; unknown codes MUST be tolerated by the client
resp-code-inval = "INVALID" 1*(SP entry-path SP attribute)
resp-code-mod = "MODIFIED" SP entry-path
resp-code-noexist = "NOEXIST" SP dataset
resp-code-perm = "PERMISSION" SP acl-object
resp-code-refer = "REFER" 1*(SP <"> url-relative <">)
resp-code-sasl = "SASL" SP string
resp-code-toomany = "TOOMANY" SP nz-number
resp-cond-state = ("OK" / "NO" / "BAD") SP resp-body
;; Status condition
return-attr-list = "(" return-metalist *(SP return-metalist) ")"
;; occurs when "*" in RETURN pattern on SEARCH
return-data = return-metadata / return-metalist /
return-attr-list
return-data-list = return-data *(SP return-data)
return-metalist = "(" return-metadata *(SP return-metadata) ")"
;; occurs when multiple metadata items requested
return-metadata = nil / string / value-list / acl
searchkey-equal = "EQUAL" SP attribute SP comparator SP value-nil
searchkey-comp = "COMPARE" SP attribute SP comparator SP value
searchkey-prefix = "PREFIX" SP attribute SP comparator SP value
searchkey-range = "RANGE" SP nz-number SP nz-number SP time
searchkey-strict = "COMPARESTRICT" SP attribute SP comparator
SP value
searchkey-substr = "SUBSTRING" SP attribute SP comparator SP value
searchmod-depth = "DEPTH" SP number
searchmod-hard = "HARDLIMIT" SP nz-number
searchmod-limit = "LIMIT" SP number SP number
searchmod-make = "MAKECONTEXT" [SP "ENUMERATE"]
[SP "NOTIFY"] SP context
searchmod-ninh = "NOINHERIT"
searchmod-return = "RETURN" SP "(" [metadata-list] ")"
searchmod-sort = "SORT" SP "(" sort-list ")"
search-criteria = "ALL" / searchkey-equal / searchkey-comp /
searchkey-strict / searchkey-range /
searchkey-prefix / searchkey-substr /
"NOT" SP search-criteria /
"OR" SP search-criteria SP search-criteria /
"AND" SP search-criteria SP search-criteria
search-modifier = searchmod-depth / searchmod-hard /
searchmod-limit / searchmod-make /
searchmod-ninh / searchmod-return /
searchmod-sort
sort-list = sort-item *(SP sort-item)
sort-item = attribute SP comparator
store-entry = "(" entry-path *(SP store-modifier)
*(SP attribute-store) ")"
;; MUST NOT include same store-modifier twice
;; MUST NOT include same attribute twice
store-entry-list = store-entry *(SP store-entry)
;; MUST NOT include same entry twice
store-modifier = store-mod-unchang / store-mod-nocreate
store-mod-nocreate = "NOCREATE"
store-mod-unchang = "UNCHANGEDSINCE" SP time
string = quoted / literal
string-list = string *(SP string)
string-utf8 = quoted / literal-utf8
tag = 1*32TAG-CHAR
time = <"> time-year time-month time-day time-hour
time-minute time-second time-subsecond <">
;; Timestamp in UTC
time-day = 2DIGIT ;; 01-31
time-hour = 2DIGIT ;; 00-23
time-minute = 2DIGIT ;; 00-59
time-month = 2DIGIT ;; 01-12
time-second = 2DIGIT ;; 00-60
time-subsecond = *DIGIT
time-year = 4DIGIT
value = string
value-list = "(" [value *(SP value)] ")"
value-nil = value / nil
value-nildef = value-nil / "DEFAULT"
value-store = value-nildef / value-list / acl
url-acap = "acap://" url-server "/" url-enc-entry
[url-filter] [url-extension]
;; url-enc-entry interpreted relative to "/"
url-attr-list = url-enc-attr *("&" url-enc-attr)
url-auth = ";AUTH=" ("*" / url-enc-auth)
url-achar = uchar / "&" / "=" / "~"
;; See RFC 1738 for definition of "uchar"
url-char = uchar / "=" / "~" / ":" / "@" / "/"
;; See RFC 1738 for definition of "uchar"
url-enc-attr = 1*url-char
;; encoded version of attribute name
url-enc-auth = 1*url-achar
;; encoded version of auth-type-name above
url-enc-entry = 1*url-char
;; encoded version of entry-relative above
url-enc-user = *url-achar
;; encoded version of login userid
url-extension = *("?" 1*url-char)
url-filter = "?" url-attr-list
url-relative = url-acap / [url-enc-entry] [url-filter]
;; url-enc-entry is relative to base URL
url-server = [url-enc-user [url-auth] "@"] hostport
;; See RFC 1738 for definition of "hostport"
9. Multi-lingual Considerations
The IAB charset workshop [IAB-CHARSET] came to a number of
conclusions which influenced the design of ACAP. The decision to use
UTF-8 as the character encoding scheme was based on that work. The
LANG command to negotiate a language for error messages is also
included.
Section 3.4.5 of the IAB charset workshop report states that there
should be a way to identify the natural language for human readable
strings. Several promising proposals have been made for use within
ACAP, but no clear consensus on a single method is apparent at this
stage. The following rules are likely to permit the addition of
multi-lingual support in the future:
(1) A work in progress called Multi-Lingual String Format (MLSF) proposes a layer on top of UTF-8 which uses otherwise illegal UTF-8 sequences to store language tags. In order to permit its addition to a future version of this standard, client-side UTF-8 interpreters MUST be able to silently ignore illegal multi-byte UTF-8 characters, and treat illegal single-byte UTF-8 characters as end of string markers. Servers, for the time being, MUST be able to silently accept illegal UTF-8 characters, except in attribute names and entry names. Clients MUST NOT send illegal UTF-8 characters to the server unless a future standard changes this rule. (2) There is a proposal to add language tags to Unicode. To support this, servers MUST be able to store UTF-8 characters of up to 20 bits of data. (3) The metadata item "language" is reserved for future use. 10. Security Considerations The AUTHENTICATE command uses SASL [SASL] to provide basic authentication, authorization, integrity and privacy services. This is described in section 6.3.1. When the CRAM-MD5 mechanism is used, the security considerations for the CRAM-MD5 SASL mechanism [CRAM-MD5] apply. The CRAM-MD5 mechanism is also susceptible to passive dictionary attacks. This means that if an authentication session is recorded by a passive observer, that observer can try common passwords through the CRAM-MD5 mechanism and see if the results match. This attack is reduced by using hard to guess passwords. Sites are encouraged to educate users and have the password change service test candidate passwords against a dictionary. ACAP implementations of CRAM-MD5 SHOULD permit passwords of at least 64 characters in length. ACAP protocol transactions are susceptible to passive observers or man in the middle attacks which alter the data, unless the optional encryption and integrity services of the AUTHENTICATE command are enabled, or an external security mechanism is used for protection. It may be useful to allow configuration of both clients and servers to refuse to transfer sensitive information in the absence of strong encryption. ACAP access control lists provide fine grained authorization for access to attributes. A number of related security issues are described in section 3.5. ACAP URLs have the same security considerations as IMAP URLs [IMAP-URL].
ACAP clients are encouraged to consider the security problems involved with a lab computer situation. Specifically, a client cache of ACAP configuration information MUST NOT allow access by an unauthorized user. One way to assure this is for an ACAP client to be able to completely flush any non-public cached configuration data when a user leaves. As laptop computers can be easily stolen and a cache of configuration data may contain sensitive information, a disconnected mode ACAP client may wish to encrypt and password protect cached configuration information. 11. Acknowledgments Many thanks to the follow people who have contributed to ACAP over the past four years: Wallace Colyer, Mark Crispin, Jack DeWinter, Rob Earhart, Ned Freed, Randy Gellens, Terry Gray, J. S. Greenfield, Steve Dorner, Steve Hole, Steve Hubert, Dave Roberts, Bart Schaefer, Matt Wall and other participants of the IETF ACAP working group. 12. Authors' Addresses Chris Newman Innosoft International, Inc. 1050 Lakes Drive West Covina, CA 91790 USA Email: chris.newman@innosoft.com John Gardiner Myers Netscape Communications 501 East Middlefield Road Mail Stop MV-029 Mountain View, CA 94043 Email: jgmyers@netscape.com
Appendices A. References [ABNF] Crocker, Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, Internet Mail Consortium, Demon Internet Ltd, November 1997. <ftp://ds.internic.net/rfc/rfc2234.txt> [BASIC-URL] Berners-Lee, Masinter, McCahill, "Uniform Resource Locators (URL)", RFC 1738, CERN, Xerox Coproration, University of Minnesota, December 1994. <ftp://ds.internic.net/rfc/rfc1738.txt> [CHARSET-LANG-POLICY] Alvestrand, "IETF Policy on Character Sets and Languages", work in progress. [CRAM-MD5] Klensin, Catoe, Krumviede, "IMAP/POP AUTHorize Extension for Simple Challenge/Response", RFC 2195, MCI, September 1997. <ftp://ds.internic.net/rfc/rfc2195.txt> [IAB-CHARSET] Weider, Preston, Simonsen, Alvestrand, Atkinson, Crispin, Svanberg, "The Report of the IAB Character Set Workshop held 29 February - 1 March, 1996", RFC 2130, April 1997. <ftp://ds.internic.net/rfc/rfc2130.txt> [IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4rev1", RFC 2060, University of Washington, December 1996. <ftp://ds.internic.net/rfc/rfc2060.txt> [IMAP-ACL] Myers, J., "IMAP4 ACL extension", RFC 2086, Carnegie Mellon, January 1997. <ftp://ds.internic.net/rfc/rfc2086.txt> [IMAP-URL] Newman, "IMAP URL Scheme", RFC 2192, Innosoft, July 1997. <ftp://ds.internic.net/rfc/rfc2192.txt> [ISO-10646] ISO/IEC 10646-1:1993(E) "Information Technology-- Universal Multiple-octet Coded Character Set (UCS)." See also amendments 1 through 7, plus editorial corrections.
[ISO-C] "Programming languages -- C", ISO/IEC 9899:1990, International Organization for Standardization. This is effectively the same as ANSI C standard X3.159-1989. [KEYWORDS] Bradner, "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, Harvard University, March 1997. <ftp://ds.internic.net/rfc/rfc2119.txt> [LANG-TAGS] Alvestrand, H., "Tags for the Identification of Languages", RFC 1766. <ftp://ds.internic.net/rfc/rfc1766.txt> [REL-URL] Fielding, "Relative Uniform Resource Locators", RFC 1808, UC Irvine, June 1995. <ftp://ds.internic.net/rfc/rfc1808.txt> [SASL] Myers, J., "Simple Authentication and Security Layer (SASL)", RFC 2222, Netscape Communications, October 1997. <ftp://ds.internic.net/rfc/rfc2222.txt> [SASL-ANON] Newman, C., "Anonymous SASL Mechanism", RFC 2245, November 1997. [UNICODE-2] The Unicode Consortium, "The Unicode Standard, Version 2.0", Addison-Wesley, 1996. ISBN 0-201-48345-9. [US-ASCII] "USA Standard Code for Information Interchange," X3.4. American National Standards Institute: New York (1968). [UTF8] Yergeau, F. "UTF-8, a transformation format of Unicode and ISO 10646", RFC 2044, Alis Technologies, October 1996. <ftp://ds.internic.net/rfc/rfc2044.txt>
B. ACAP Keyword Index ACAP (untagged response) ................................... 26 ADDTO (untagged response) .................................. 40 ALERT (untagged response) .................................. 31 ALL (search keyword) ....................................... 36 AND (search keyword) ....................................... 36 AUTH-TOO-WEAK (response code) .............................. 19 AUTHENTICATE (command) ..................................... 31 BAD (response) ............................................. 30 BYE (untagged response) .................................... 30 CHANGE (untagged response) ................................. 41 COMPARE (search keyword) ................................... 36 COMPARESTRICT (search keyword) ............................. 36 CONTEXTLIMIT (ACAP capability) ............................. 27 DELETEACL (command) ........................................ 46 DELETED (intermediate response) ............................ 45 DELETEDSINCE (command) ..................................... 45 DEPTH (search modifier) .................................... 34 ENCRYPT-NEEDED (response code) ............................. 19 ENTRY (intermediate response) .............................. 37 EQUAL (search keyword) ..................................... 37 FREECONTEXT (command) ...................................... 39 GETQUOTA (command) ......................................... 48 HARDLIMIT (search modifier) ................................ 34 IMPLEMENTATION (ACAP capability) ........................... 27 INVALID (response code) .................................... 19 LANG (command) ............................................. 28 LANG (intermediate response) ............................... 28 LIMIT (search modifier) .................................... 34 LISTRIGHTS (command) ....................................... 47 LISTRIGHTS (intermediate response) ......................... 48 LOGOUT (command) ........................................... 29 MAKECONTEXT (search modifier) .............................. 34 MODIFIED (response code) ................................... 19 MODTIME (intermediate response) ............................ 38 MODTIME (untagged response) ................................ 42 MYRIGHTS (command) ......................................... 47 MYRIGHTS (intermediate response) ........................... 47 NO (response) .............................................. 29 NOCREATE (store modifier) .................................. 44 NOEXIST (response code) .................................... 19 NOINHERIT (search modifier) ................................ 35 NOOP (command) ............................................. 27 NOT (search keyword) ....................................... 37 OK (response) .............................................. 29 OR (search keyword) ........................................ 37 PERMISSION (response code) ................................. 19
PREFIX (search keyword) .................................... 37
QUOTA (response code) ...................................... 19
QUOTA (untagged response) .................................. 49
RANGE (search keyword) ..................................... 37
REFER (intermediate response) .............................. 38
REFER (response code) ...................................... 19
REMOVEFROM (untagged response) ............................. 41
RETURN (search modifier) ................................... 35
SASL (ACAP capability) ..................................... 27
SASL (response code) ....................................... 20
SEARCH (command) ........................................... 33
SETACL (command) ........................................... 46
SORT (search modifier) ..................................... 36
STORE (command) ............................................ 42
SUBSTRING (search keyword) ................................. 37
TOOMANY (response code) .................................... 20
TOOOLD (response code) ..................................... 20
TRANSITION-NEEDED (response code) .......................... 20
TRYFREECONTEXT (response code) ............................. 20
TRYLATER (response code) ................................... 20
UNCHANGEDSINCE (store modifier) ............................ 44
UPDATECONTEXT (command) .................................... 40
WAYTOOMANY (response code) ................................. 20
acl (attribute metadata) ................................... 12
anyone (ACL identifier) .................................... 17
attribute (attribute metadata) ............................. 12
dataset.acl (dataset attribute) ............................ 24
dataset.acl.<attribute> (dataset attribute) ................ 24
dataset.inherit (dataset attribute) ........................ 24
entry (predefined attribute) ............................... 11
i;ascii-casemap (comparator) ............................... 16
i;ascii-numeric (comparator) ............................... 16
i;octet (comparator) ....................................... 16
modtime (predefined attribute) ............................. 11
myrights (attribute metadata) .............................. 12
size (attribute metadata) .................................. 13
subdataset (predefined attribute) .......................... 11
value (attribute metadata) ................................. 13
C. Full Copyright Statement Copyright (C) The Internet Society 1997. All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.