--- 1/draft-ietf-extra-imap-fetch-preview-04.txt	2019-04-28 22:13:13.129828185 -0700
+++ 2/draft-ietf-extra-imap-fetch-preview-05.txt	2019-04-28 22:13:13.157828892 -0700
@@ -1,18 +1,18 @@
 
 EXTRA                                                         M. Slusarz
 Internet-Draft                                         Open-Xchange Inc.
-Intended status: Standards Track                          April 24, 2019
-Expires: October 26, 2019
+Intended status: Standards Track                          April 28, 2019
+Expires: October 30, 2019
 
               IMAP4 Extension: Message Preview Generation
-                 draft-ietf-extra-imap-fetch-preview-04
+                 draft-ietf-extra-imap-fetch-preview-05
 
 Abstract
 
    This document specifies an Internet Message Access Protocol (IMAP)
    protocol extension allowing a client to request a server-generated
    abbreviated representation of message data useful as a contextual
    preview of the entire message.
 
 Status of This Memo
 
@@ -22,21 +22,21 @@
    Internet-Drafts are working documents of the Internet Engineering
    Task Force (IETF).  Note that other groups may also distribute
    working documents as Internet-Drafts.  The list of current Internet-
    Drafts is at https://datatracker.ietf.org/drafts/current/.
 
    Internet-Drafts are draft documents valid for a maximum of six months
    and may be updated, replaced, or obsoleted by other documents at any
    time.  It is inappropriate to use Internet-Drafts as reference
    material or to cite them other than as "work in progress."
 
-   This Internet-Draft will expire on October 26, 2019.
+   This Internet-Draft will expire on October 30, 2019.
 
 Copyright Notice
 
    Copyright (c) 2019 IETF Trust and the persons identified as the
    document authors.  All rights reserved.
 
    This document is subject to BCP 78 and the IETF Trust's Legal
    Provisions Relating to IETF Documents
    (https://trustee.ietf.org/license-info) in effect on the date of
    publication of this document.  Please review these documents
@@ -101,24 +101,24 @@
    will likely strip the markup tags to obtain textual content.
    However, without fetching the entire content of the part, there is no
    way to guarantee that sufficient non-tag content will exist unless
    either 1) the entire part is retrieved or 2) an additional partial
    FETCH is executed when the client determines that it does not possess
    sufficient data from a previous partial FETCH to display an adequate
    representation of the preview.
 
    Finally, server generation allows caching in a centralized location.
    Using server-generated previews allows global generation once per
-   message, and then cached indefinitely.  Retrieval of message data may
-   be expensive within a server, for example, so a server can be
-   configured to reduce its storage retrieval load by pre-generating
-   preview data.
+   message, and then cached for the retention period of the source
+   message.  Retrieval of message data may be expensive within a server,
+   for example, so a server can be configured to reduce its storage
+   retrieval load by pre-generating preview data.
 
    A server indicates support for this extension by listing one or more
    capability names consisting of "PREVIEW=" followed by a supported
    preview algorithm name.  This format provides for future upwards-
    compatible extensions and/or the ability to use locally-defined
    preview algorithms.
 
 2.  Conventions Used In This Document
 
    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
@@ -417,23 +417,24 @@
    Implementation of this extension might enable denial-of-service
    attacks against server resources, due to excessive memory or CPU
    usage during preview generation or increased storage usage if preview
    results are stored on the server after generation.  Servers MAY limit
    the resources that preview generation uses.  In order to mitigate
    such attacks, servers SHOULD log the client authentication identity
    on FETCH PREVIEW operations in order to facilitate tracking of
    abusive clients.
 
    Just as the messages they summarize, preview data may contain
-   sensitive information.  If stored permanently, these previews MUST be
-   protected with equivalent authorization and confidentiality controls
-   as the source message.
+   sensitive information.  If generated preview data is stored on the
+   server, e.g. for caching purposes, these previews MUST be protected
+   with equivalent authorization and confidentiality controls as the
+   source message.
 
 10.  References
 
 10.1.  Normative References
 
    [RFC2046]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
               Extensions (MIME) Part Two: Media Types", RFC 2046,
               DOI 10.17487/RFC2046, November 1996,
               <https://www.rfc-editor.org/info/rfc2046>.
 
@@ -580,20 +581,25 @@
    o  Add normative reference for text/plain
 
    o  Add warning regarding buffers and multiple octet preview
       characters
 
    o  Clarify how to handle preview data return when using an explicit
       algorithm list
 
    o  Various editorial fixes
 
+   Changes from draft-ietf-extra-imap-fetch-preview-04:
+
+   o  Make clear that preview caching is tied to retention period of the
+      source message
+
 Acknowledgments
 
    The author would like to thank the following people for their
    comments and contributions to this document: Stephan Bosch, Bron
    Gondwana, Teemu Huovila, Steffen Lehmann, Alexey Melnikov, Chris
    Newman, Jeff Sipek, Timo Sirainen, Steffen Templin, and Aki Tuomi.
 
 Author's Address
 
    Michael M. Slusarz