I am just following up and checking if I should expect an update before the telechat. Yours, Daniel ________________________________________ From: secdir <secdir-bounces@xxxxxxxx> on behalf of Daniel Migault <daniel.migault=40ericsson.com@xxxxxxxxxxxxxx> Sent: Thursday, October 19, 2023 5:46 PM To: Arnt Gulbrandsen; Daniel Migault via Datatracker Cc: secdir@xxxxxxxx; draft-ietf-extra-jmapaccess.all@xxxxxxxx; extra@xxxxxxxx; last-call@xxxxxxxx Subject: Re: [secdir] [Extra] Secdir last call review of draft-ietf-extra-jmapaccess-04 -----Original Message----- From: Arnt Gulbrandsen <arnt@xxxxxxxxxxxxxxxxxxx> Sent: October 19, 2023 10:05 AM To: Daniel Migault via Datatracker <noreply@xxxxxxxx> Cc: secdir@xxxxxxxx; draft-ietf-extra-jmapaccess.all@xxxxxxxx; extra@xxxxxxxx; last-call@xxxxxxxx; Daniel Migault <daniel.migault@xxxxxxxxxxxx> Subject: Re: [Extra] Secdir last call review of draft-ietf-extra-jmapaccess-04 Arnt Gulbrandsen writes: > The two each do their own authentication. What JMAPACCESS says is that > based on the IMAP authentication performed by the client, it's clear > that if the client has JMAP client capability, then it's also able > authenticate via JMAP and will in that case have access to the same > mail and mailboxes. Maybe I should extend one of the examples to include JMAP authentication... <mglt> Or simply say that the client authenticates itself to the JMAP server - just to make it clear it cannot access JMAP based on the authentication performed on the IMAP server. </mglt> Arnt _______________________________________________ secdir mailing list secdir@xxxxxxxx https://www.ietf.org/mailman/listinfo/secdir wiki: https://trac.ietf.org/trac/sec/wiki/SecDirReview -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
