Calendaring Extensions to WebDAV (CalDAV)ISAMET Inc.5001 Baum Blvd.Suite 650PittsburghPA15213USdaboo@isamet.comhttp://www.isamet.com/Oracle Corporation600 Blvd. de Maisonneuve WestSuite 1900MontrealQCH3A 3J2CAbernard.desruisseaux@oracle.comhttp://www.oracle.com/Open Source Application
Foundation2064 Edgewood Dr.Palo AltoCA94303USlisa@osafoundation.orghttp://www.osafoundation.org/
Applications
calschedcalschcaldavcalendarcalendaringschedulingwebdaviCaliCalendartext/calendarHTTP
This document specifies a set of methods, headers, message bodies,
properties, and reports that define calendar access extensions to
the WebDAV protocol. The new protocol elements are intended to make
WebDAV-based calendaring and scheduling an interoperable standard
that supports calendar access, calendar management,
calendar sharing, and calendar publishing.
The concept of using
HTTP and
WebDAV as a basis for a calendaring
server is by no means a new concept: it was discussed in the IETF CALSCH
working group as early as 1997 or 1998. Several companies have
implemented calendaring servers using HTTP PUT/GET to upload and
download
iCalendar objects, and using WebDAV
PROPFIND to get listings of resources. However, those
implementations do not interoperate because there are many small and
big decisions to be made in how to model calendaring data as WebDAV
resources, as well as how to implement required features that aren't
already part of WebDAV. This document proposes a standard way of
modeling calendar data in WebDAV, with additional features to make
calendar access work well.
Discussion of this Internet-Draft is taking place on the mailing list
<http://lists.osafoundation.org/mailman/listinfo/ietf-caldav>.The augmented BNF used by this document to describe protocol
elements is described in Section 2.1 of . Because this augmented BNF uses the
basic production rules provided in Section 2.2 of , those rules apply to this document as
well.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" in this document are to be interpreted as
described in .
The term "protected" is used in the Conformance field
of property definitions as defined in Section 1.4.2 of
RFC3253.When XML element types in the namespaces "DAV:" and
"urn:ietf:params:xml:ns:caldav" are referenced in this
document outside of the context of an XML fragment,
the string "DAV:" and "CALDAV:" will be prefixed to
the element type names respectively.Definitions of XML elements in this document use XML element
type declarations (as found in XML Document Type Declarations),
described in Section 3.2 of .
The namespace "urn:ietf:params:xml:ns:caldav" is reserved for
the XML elements defined in this specification, its revisions,
and related CalDAV specifications. It MUST NOT be used for
proprietary extensions.Note that the XML declarations used in this document are
incomplete, in that they do not include namespace information.
Thus, the reader MUST NOT use these declarations as the only
way to create valid CalDAV properties or to validate
CalDAV XML element type. Some of the declarations refer to XML
elements defined by WebDAV which use the "DAV:" namespace.
Wherever such elements appear, they are explicitly given the
"DAV:" prefix to help avoid confusion.Also note that some CalDAV XML element names are identical to
WebDAV XML element names, though their namespace differs. Care
must be taken not to confuse the two sets of names.A "precondition" of a method describes the state of the
server that must be true for that method to be performed.
A "postcondition" of a method describes the state of the
server that must be true after that method has been completed.
If a method precondition or postcondition for a request is
not satisfied, the response status of the request MUST be
either 403 (Forbidden) if the request should not be repeated
because it will always fail, or 409 (Conflict) if it is
expected that the user might be able to resolve the conflict
and resubmit the request.In order to allow better client handling of 403 and 409
responses, a distinct XML element type is associated with
each method precondition and postcondition of a request.
When a particular precondition is not satisfied or a
particular postcondition cannot be achieved, the appropriate
XML element MUST be returned as the child of a top-level
DAV:error element in the response body, unless otherwise
negotiated by the request. In a 207 Multi-Status response,
the DAV:error element would appear in the appropriate
DAV:responsedescription element.This section lists what functionality is required of a CalDAV
server. To advertise support for CalDAV, a server:
MUST support WebDAV Class 1.MUST support WebDAV ACL with
the privilege defined in of
this document.MUST support transport over TLS
as defined in RFC2818.MUST support strong ETags to support disconnected operations.MUST support all required calendaring REPORTs defined in this
document.MUST advertise calendaring REPORTs via the
DAV:supported-report-set property as defined in
Versioning Extensions to WebDAV.In addition, a server:
SHOULD support the MKCALENDAR method defined in
of this document.If a server supports the CalDAV features described in this
document, it MUST include "calendar-access" as a field in the DAV
response header from an OPTIONS request on any resource that
supports any calendar properties, reports, methods, or privilege.
A value of "calendar-access" in the DAV header MUST indicate
that the server supports all MUST level requirements and REQUIRED
features specified in this document.
In this example, the OPTIONS method returns the value
"calendar-access" in the DAV header of the response to
indicate that the "/home/bernard/calendars/" collection
may support properties, reports, methods, or privilege
defined in this specification.
One of the features which has made WebDAV a successful protocol
is its firm data model. This makes it a useful framework for
other applications such as calendaring. This specification
follows the same pattern by developing all features based
on a well-described data model. In the CalDAV data model, every VEVENT, VTODO, VJOURNAL, VTIMEZONE
and VFREEBUSY component is contained in an individual resource,
referred to as a "calendar object resource". Each calendar object
resource may be individually locked and have individual WebDAV
properties. These resources are placed into WebDAV collections
with a mostly-fixed structure.A CalDAV server is a calendaring-aware
engine combined with a WebDAV repository. A WebDAV
repository is a set of WebDAV collections, containing other
WebDAV resources, within a unified URL namespace. For
example, the repository "http://www.example.com/webdav/" may
contain WebDAV collections and resources, all of which have
URLs beginning with "http://www.example.com/webdav/". Note that
the root URL "http://www.example.com/" may not itself be a
WebDAV repository (for example, if the WebDAV support is
implemented through a servlet or other Web server
extension). A WebDAV repository MAY include calendar data in some parts of its URL
namespace, and non-calendaring data in other parts.A WebDAV repository can advertise itself as a CalDAV server
if it supports the functionality defined in this
specification at any point within the root of the
repository. That might mean that calendaring data is spread
throughout the repository and mixed with non-calendar data
in nearby collections (e.g., calendar data may be found in
/home/lisa/calendars/ as well as in /home/bernard/calendars/,
and non-calendar data in /home/lisa/contacts/). Or, it might
mean that calendar data can be found only in certain sections of
the repository (e.g., /calendar/). Calendaring
features are only required in the repository sections that
are or contain calendar object resources. So a repository
confining calendar data to the /calendar/ collection would
only need to support the CalDAV required features within
that collection.
The CalDAV server or repository is the canonical location
for calendar data and state information. Both CalDAV
servers and clients MUST ensure that the data is consistent
and compliant. Clients may submit requests to change data
or download data. Clients may store calendar objects
offline and attempt to synchronize at a later time.
However, clients MUST be prepared for calendar data on the
server to change between the time of last synchronization
and when attempting an update, as calendar collections may
be shared and accessible via multiple clients. HTTP ETags
and other features help this work.Recurrence is an important part of the data model because it
governs how many resources are expected to exist. This
specification models a recurring calendar component and its
recurrence exceptions as a single resource. In this model,
recurrence patterns, recurrence dates, exception dates, and
exception information are all part of the data in a single
calendar object resource. This model avoids problems of limiting
how many recurrence instances to store in the repository, how to
keep instances in synch with the recurring calendar component,
and how to link recurrence exceptions with the recurring calendar
component. It also results in less data to synchronize between
client and server, and makes it easier to make changes to all
recurrence instances or to a recurrence pattern. It makes it
easier to create a recurring calendar component, and easier
to delete all recurrence instances.
Clients are not forced to retrieve information about all recurrence
instances of a recurring component. The CALDAV:calendar-query and
CALDAV:calendar-multiget REPORTs defined in this document allow
clients to retrieve only recurrence instances that overlap a
given time range.
Calendar collections are manifested to clients as a WebDAV
resource collection, identified by a URL. A
calendar collection MUST report the DAV:collection and
CALDAV:calendar XML elements in the value of the
DAV:resourcetype property. The element type declaration
for CALDAV:calendar is:
A calendar collection contains calendar object resources that
represent iCalendar objects within a calendar. A calendar
collection may be created through provisioning (e.g.,
automatically created when a user's account is created), or
it may be created through MKCALENDAR (see
). This can be useful
for a user to create a second calendar (e.g., soccer
schedule) or for users to share a calendar (e.g., team
events or conference room). Note however that this document
doesn't define what extra calendar collections are for,
users must rely on non-standard cues to find out what a
calendar collection is for, or use the
CALDAV:calendar-description property defined
in to provide such a
cue.
Calendar collections MUST only contain calendar object
resources and collections that are not calendar collections.
Furthermore, collections contained in calendar collections
MUST NOT contain calendar collections. This specification
does not define how collections contained in calendar
collections are used and may relate to the calendar object
resources contained in the calendar collections.
Multiple calendar collections MAY be children of the same
collection.
This section defines properties that may be defined
on calendar collections.
calendar-description
urn:ietf:params:xml:ns:caldav
Provides a human-readable description of what this
calendar collection represents.
This property MAY be protected and SHOULD NOT be returned
by a PROPFIND allprop request (as defined in Section 12.14.1
of ). An xml:lang attribute
indicating the human language of the description SHOULD
be set for this property by clients or through server
provisioning. Servers MUST return any xml:lang attribute
if set for the property.
The CALDAV:calendar-description property MAY be defined on
any calendar collection. If present, the property contains
a description of the calendar collection that is suitable
for presentation to a user.
calendar-component-restriction-set
urn:ietf:params:xml:ns:caldav
Specifies the type of calendar
component types (e.g., VEVENT, VTODO, etc.) that
calendar object resources may contain in a calendar
collection.
This property MUST be protected and SHOULD NOT be returned
by a PROPFIND allprop request (as defined in Section 12.14.1
of ).
The CALDAV:calendar-component-restriction-set property
MAY be defined on any calendar collection to specify
restrictions on the calendar component types that calendar
object resources may contain in a calendar collection.
Since this property is protected it cannot be changed by
clients using a PROPPATCH request. However, clients can
initialize the value of this property when
creating a new calendar collection with MKCALENDAR.
The element <C:comp name="VTIMEZONE"> MUST only
be specified if support for calendar object resources
that only contains VTIMEZONE components is provided or
desired. Support for VTIMEZONE components in calendar
object resources that contain VEVENT or VTODO components
is always assumed.
calendar-restrictions
urn:ietf:params:xml:ns:caldav
Specifies restrictions on a
calendar collection.
This property MUST be protected and SHOULD NOT be returned
by a PROPFIND allprop request (as defined in Section 12.14.1
of ).
The CALDAV:calendar-restrictions property
MAY be defined on any calendar collection to specify
restrictions a CalDAV server may have on a calendar
collection. This property MAY be used to indicate the
media type supported for the calendar object resources
contained in a given calendar collection (e.g., iCalendar
version 2.0).
Calendar object resources contained in calendar collections MUST
NOT contain more than one type of calendar component (e.g., VEVENT,
VTODO, etc.) with the exception of VTIMEZONE components which
MUST be specified for each unique TZID parameter value specified
in the iCalendar object. For instance, a calendar object resource
can contain two VEVENT components and one VTIMEZONE component,
but it cannot contain one VEVENT component and one VTODO
component.
The UID property value of the calendar components contained in a
calendar object resource MUST be unique in the scope of the
calendar collection, and all its descendant collections, in
which the calendar object resource is contained.
Calendar components in a calendar collection that have
different UID property values MUST be stored in separate calendar
object resources.
Calendar components with the same UID property value, in a given
calendar collection, MUST be contained in the same calendar object
resource. This ensures that all components in a recurrence "set"
are contained in the same calendar object resource. In that case there
will be one component without a RECURRENCE-ID property (the
component that defines the recurrence pattern) and all the rest
will have that property (these are the recurrence exceptions).For example, given the following iCalendar object:
The VEVENT component with the UID value "1@example.com", would
be stored in its own calendar object resource. The two
VEVENT components with the UID value "2@example.com", which
represent a recurring event where one recurrence instance has
been overridden, would be stored in the same calendar object
resource.The creation of calendar collections and calendar object resources may
be initiated by either a CalDAV client or by the CalDAV server. For
example, a server might come preconfigured with a user's calendar
collection, or the CalDAV client might request the server to create a
new calendar collection for a given user. Servers might populate
events as calendar objects inside a calendar collection, or clients
might request the server to create events. Either way, both client and
server MUST comply with the requirements in this document, and MUST
understand objects appearing in calendar collections or according to
the data model defined here.
An HTTP request using the MKCALENDAR method creates a new calendar
collection resource. A server MAY restrict calendar collection
creation to particular collections.
Support for MKCALENDAR on the server is only RECOMMENDED and not
REQUIRED because some calendar stores only support one calendar
per user (or principal) and those are typically pre-created for
each account. However, servers and clients are strongly encouraged
to support MKCALENDAR whenever possible to allow users to create
multiple calendar collections to better help organize their data.
Clients SHOULD use the DAV:displayname property for a
human-readable name of the calendar. Clients can either
specify the value of the DAV:displayname property in the
request body of the MKCALENDAR request, or alternatively
issue a PROPPATCH request to change the DAV:displayname property
to the appropriate value immediately after issuing the
MKCALENDAR request. Clients SHOULD NOT set the DAV:displayname
property to be the same as any other calendar collection at the same
URI "level". When displaying calendar collections to users,
clients SHOULD check the DAV:displayname property and use that
value as the name of the calendar. In the event that the
DAV:displayname property is empty, the client MAY use the last
part of the calendar collection URI as the name.
If a MKCALENDAR request fails, the server state preceding the
request MUST be restored.
Marshalling:
If a request body is included, it MUST be a CALDAV:mkcalendar
XML element. Instruction processing MUST occur in the order
instructions are received (i.e., from top to bottom).
Instructions MUST either all be executed or none executed.
Thus if any error occurs during processing all executed
instructions MUST be undone and a proper error result
returned. Instruction processing details can be found in
the definition of the DAV:set instruction in section 12.13
of .
If a response body for a successful request is included, it MUST
be a CALDAV:mkcalendar-response XML element.
The response MUST include a Cache-Control:no-cache header.
Preconditions:
(DAV:resource-must-be-null): A resource MUST NOT exist
at the Request-URI.
(CALDAV:calendar-collection-location-ok): The
Request-URI MUST identify a location where a calendar
collection can be created.
(DAV:needs-privilege): The DAV:bind
privilege MUST be granted to the current user.
Postconditions:
(CALDAV:initialize-calendar-collection): A new
calendar collection exists at the Request-URI. The
DAV:resourcetype of the calendar collection MUST
contain both DAV:collection and CALDAV:calendar XML
elements.
The following are examples of response codes one would expect
to get in a response to a MKCALENDAR request. Note that this
list is by no mean exhaustive.
201 (Created) - The calendar collection resource was created
in its entirety.
207 (Multi-Status) - The calendar collection resource was
not created since one or more DAV:set instructions specified
in the request body could not be processed successfully. The
following are examples of response codes one would expect
to be used in a 207 (Multi-Status) response:
403 (Forbidden) - The client, for reasons the server
chooses not to specify, cannot alter one of the properties.
409 (Conflict) - The client has provided a value whose
semantics are not appropriate for the property. This
includes trying to set read-only properties.
424 (Failed Dependency) - The DAV:set instruction on the
specified resource would have succeeded if it were not for
the failure of another DAV:set instruction specified in the
request body.
423 (Locked) - The specified resource is locked and the
client either is not a lock owner or the lock type
requires a lock token to be submitted and the client did
not submit it.
507 (Insufficient Storage) - The server did not have
sufficient space to record the property.
403 (Forbidden) - This indicates at least one of two
conditions: 1) the server does not allow the creation of calendar
collections at the given location in its namespace, or 2) the
parent collection of the Request-URI exists but cannot accept
members.
405 (Method Not Allowed) - MKCALENDAR can only be executed
on a null resource.
409 (Conflict) - A collection cannot be made at the
Request-URI until one or more intermediate collections have been
created.
415 (Unsupported Media Type) - The server does not support
the request type of the body.
507 (Insufficient Storage) - The resource does not have
sufficient space to record the state of the resource after the
execution of this method.
This example creates a calendar collection called
/home/lisa/tasks/ on the server cal.example.com
with specific values for the properties
DAV:displayname, CALDAV:calendar-description and
CALDAV:calendar-component-restriction-set.
Clients typically populate calendar collections with calendar
object resources. The URL for each calendar object resource is
entirely arbitrary, and does not need to bear a specific
relationship (but might) to the calendar object resource's
subject, scheduled time, UID or other metadata. A new calendar
object resource must have a unique URL, otherwise the new
component would instead be an update to an existing calendar
object resource.When servers create new resources, it's not hard for the server to
choose a unique URL. It's slightly tougher for clients, because a
client might not want to examine all resources in the collection,
and might not want to lock the entire collection to ensure that a new
one isn't created with a name collision. However, there are http
features to mitigate this. If the client intends to create a new
non-collection resource, such as a new VEVENT, the client SHOULD
use the HTTP header "If-None-Match: *" on the PUT request. The
Request-URI on the PUT request MUST include the target
collection, where the resource is to be created, plus the name of
the resource in the last path segment. The last path segment could
be a random number, or it could be a sequence number, or a string
related to the object's SUMMARY property. No matter how the name
is chosen, the "If-None-Match" header ensures that the client
cannot overwrite an existing resource even if it has accidentally
chosen a duplicate resource name.
Servers SHOULD return an ETag header containing the actual ETag of
the newly created resource on a successful creation. The request to change an existing event is the same, but with a
specific ETag in the "If-Match" header, rather than the
"If-None-Match" header. As indicated in Section 3.10 of
RFC 2445, the URL of calendar
object resources containing (an arbitrary set of) calendaring
and scheduling information may be suffixed by ".ics", and the URL
of calendar object resources containing free or busy time
information may be suffixed by ".ifb".
Preconditions for PUT within calendar collections:
(CALDAV:uid-already-exists): The component UID chosen
is not unique and the client must choose another if it
attempts again.
(CALDAV:invalid-calendar-resource): The iCalendar
object syntax or structure was invalid. (Note that the
server MAY support upload formats other than iCalendar
but then the server MUST validate each component
uploaded according to the chosen format syntax.)
A CalDAV server MUST support WebDAV
ACL. WebDAV ACL provides a framework for an
extensible list of privileges on WebDAV collections and
ordinary resources. A CalDAV server MUST also support the
calendaring privilege defined in this section.Calendar users often wish to allow other users to see their
busy time information, without viewing the other details
of the calendar components (location, summary, attendees).
This allows a significant amount of privacy while still
allowing those other users to schedule meetings at times
when the calendar user is likely to be free. The CALDAV:read-free-busy privilege controls which calendar
collections and calendar object resources are examined when a
free-busy-query REPORT is run (see
). This privilege can be
granted on calendar collections or calendar object resources.
Servers MUST support this privilege on calendar collections and any
calendar object resources within those collections.
The CALDAV:read-free-busy privilege is aggregated in the
DAV:read privilege. Note that if an ACL grants the privilege
CALDAV:read-free-busy, the client may not expect to be
granted access to GET, HEAD, OPTIONS and PROPFIND.
In the WebDAV ACL standard, servers MUST support the
DAV:supported-privilege-set property to show which privileges are
abstract, which privileges are supported, how the privileges relate
to one another, and to provide text descriptions (particularly useful for
custom privileges). The relationships between privileges involves
showing which privilege is a subset or a superset of another privilege.
For example, because reading the ACL property is considered a more
specific privilege than the DAV:read privilege (a subset of the total
set of actions are allowed), it may be aggregated under the DAV:read
privilege. Although the list of supported privileges MAY vary
somewhat from server to server (the WebDAV ACL specification leaves
room for a fair amount of diversity in server implementations),
the following restriction MUST hold for a CalDAV server:
The server MUST support the CALDAV:read-free-busy
privilege. The CALDAV:read-free-busy privilege MUST be aggregated
under the DAV:read privilege, and the server MUST allow CALDAV:read-free-busy
to be granted without granting full read privilege.This is a partial example of how the
DAV:supported-privilege-set property could look on a
server supporting CalDAV. Note that aggregation is
shown in the structure of the DAV:supported-privilege
elements containing each other.This section defines additional properties for WebDAV principal
resources as defined in RFC3744.
calendar-home-set
urn:ietf:params:xml:ns:caldav
Identify the URL of any WebDAV collections that contains
calendar collections owned by the associated principal
resource.
This property MAY be protected and SHOULD NOT be returned
by a PROPFIND allprop request (as defined in Section 12.14.1
of ).
Support for this property is RECOMMENDED.
The CALDAV:calendar-home-set property is meant to allow
users to easily find the calendar collections owned by
the principal. Typically, users will group all the
calendar collections that they own under a common
collection. This property specify the URL of
collections that either are calendar collections or
ordinary collections that have child or descendant
calendar collections owned by the principal.
This section defines the reports which a CalDAV server MUST support on
calendar collections and calendar object resources.CalDAV servers MUST advertise support for those reports
with the DAV:supported-report-set property defined in
RFC3253.Some of these reports allow calendar data (from possibly
multiple resources) to be returned.The REPORT method (defined in Section 3.6 of
RFC3253) provides an
extensible mechanism for obtaining information about a resource.
Unlike the PROPFIND method, which returns the value of one or more
named properties, the REPORT method can involve more complex
processing. REPORT is valuable in cases where the server has access
to all of the information needed to perform the complex request (such
as a query), and where it would require multiple requests for the
client to retrieve the information needed to perform the same
request.A server that supports calendar-access MUST support the
DAV:expand-property report (defined in Section 3.8 of
RFC3253).
Servers MAY support the REPORTs defined in this specification
on non-calendar collections. In computing responses to the
REPORTs defined in this specification, servers MUST only
consider calendar object resources contained in calendar
collections, subject also to the value of the Depth request
header.
If these REPORTs are supported on ordinary collections the
server advertises the capability with the
DAV:supported-report-set property as already described.
Some of the reports defined in CalDAV can be targetted at calendar
object resources within a specific time range. To determine whether a
calendar object resource matches the time range filter element, the
start and end times for the particular type of object are determined
and then compared to the requested time range. If the start and end
overlap the requested time range, then the calendar object resource
matches the filter element. The rules defined in
for determining the actual start and end times of calendar components
MUST be used.
When such time range filtering is used, special consideration must
be given to recurring calendar components such as VEVENT and
VTODO components. The server MUST expand recurring items to determine
whether any one or more recurrence instances overlap the
requested time range. If any one instance overlaps the time
range, then the calendar object resource matches the filter
element.
In addition, CalDAV provides three ways to determine which
recurrence instances are returned from the recurrence set.
The three options are:
Return all the calendar components contained in the calendar
object resources. This includes the recurrence instance that
defines the recurrence pattern, referred to as the "master
instance", as well as the recurrence instances that define
exceptions to the recurrence pattern, referred to as the
"overriden instances". Because of the rules defined in
all recurrence instances of
a recurring component will always be in the same calendar
object resource.
Return the "master" instance and only the "overridden
instances" that overlap the specified time range.
This avoids the need for clients to process recurrence
instances outside of the time range they are interested in.
Return an "expanded" set of calendar components that
represent only those instances in the recurrence set that
overlap the specified time range. This avoids the need for
clients to do any recurrence processing themselves as the
server does the expansion for them and provides the list of
instances.
The CALDAV:calendar-query REPORT performs a search for all calendar
object resources that match a specified
search filter. The response of this report will contain all the WebDAV
properties and calendar object resource data specified in the
request. In the case of the CALDAV:calendar-data XML element, one can
explicitly specify the calendar components and properties that
should be returned in the calendar object resource data that matches
the search filter.
The format of this report is modeled on the PROPFIND
method. The request and response bodies of
the CALDAV:calendar-query report use XML elements that
are also used by PROPFIND. In
particular the request can include XML elements to request
WebDAV properties to be returned. When that occurs the
response should follow the same behavior as PROPFIND with
respect to the DAV:multistatus response elements used to
return specific property results. For instance, a request
to retrieve the value of a property which does not exist
is an error and MUST be noted with a response XML element
which contains a 404 (Not Found) status value. Support for the CALDAV:calendar-query REPORT is REQUIRED.
Marshalling:
The request body MUST be a CALDAV:calendar-query XML
element as defined in .
The response body for a successful request MUST be a
DAV:multistatus XML element (i.e., the response uses the
same format as the response for PROPFIND). In the case
where there are no response elements, the returned
DAV:multistatus XML element is empty.
The response body for a successful CALDAV:calendar-query
REPORT request MUST contain a DAV:response element
for each iCalendar object that matched the search
filter. Calendar data is being returned in the
CALDAV:calendar-data XML element inside the
DAV:propstat XML element.
Preconditions:
None.
Postconditions:
(DAV:number-of-matches-within-limits): The number of matching
calendar object resources must fall within server-specific,
predefined limits. For example, this condition might be
triggered if a search specification would cause the return
of an extremely large number of responses.
In this example, the client requests the server to
return specific components and properties of the VEVENT
components that overlap the time range from September
2nd, 2004 at 00:00:00 am UTC to September 3rd, 2004 at
00:00:00 am UTC. In addition the DAV:getetag
property is also requested and returned as part of the
response. Note that the third calendar object returned is a
recurring event whose first instance lies outside of the requested
time range, but whose second instance does overlap the time range.
In this example, the client requests the server to
return VEVENT components that overlap the time range
from June 1st, 2005 at 00:00:00 am UTC to June 9th, 2005
at 00:00:00 am UTC. Use of the CALDAV:limit-recurrence-set
element causes the server to only return overridden
recurrence instances that overlap the time range specified
in that element.
Assuming that only the following recurring VEVENT components
contains recurrence instances scheduled to overlap the
specified time range:
The server will omit to return the calendar component
describing the recurrence instance scheduled on June 15, 2005
in its response to the client.
In this example, the client requests the server to
return VEVENT components that overlap the time range
from June 1st, 2005 at 00:00:00 am UTC to June 9th, 2005
at 00:00:00 am UTC and to return recurring calendar
components expanded into individual recurrence instance
calendar components. Use of the CALDAV:expand-recurrence-set
element causes the server to only return overridden recurrence
instances that overlap the time range specified in that element.
Assuming that only the following recurring VEVENT components
contains recurrence instances scheduled to overlap the
specified time range:
The server will return the recurring calendar component
expanded into two recurrence instances omitting the
recurrence instance scheduled on June 15, 2005 given
that it does not overlap the specified time range for
the expansion of the recurrence set.
In this example, the client requests the server to
return the VTODO components that have an alarm trigger
scheduled in the specified time range. In this example, the client requests the server to
return the VEVENT component that has the UID property
set to "20041121-FEEBDAED@foo.org". In this example, the client requests the server to
return the VEVENT components that have the ATTENDEE
property with the value "mailto:bernard@example.com" and
for which the PARTSTAT parameter is set to
"NEEDS-ACTION". In this example, the client requests the server to
return all VEVENT components. The CALDAV:calendar-multiget REPORT is used to retrieve specific
calendar object resources from within a collection, if the
Request-URI is a collection, or to retrieve a specific
calendar object resource, if the Request-URI is a calendar
object resource. This report is similar to the
CALDAV:calendar-query REPORT (see ), except that it takes a list of
DAV:href elements instead of a CALDAV:filter element to determine
which calendar object resources to return.Support for the calendar-multiget REPORT is REQUIRED.
Marshalling:
The request body MUST be a CALDAV:calendar-multiget
XML element (see ,
which MUST contain at least one DAV:href XML element,
and one optional CALDAV:calendar-data element as defined
in . If the
Request-URI is a collection resource, then the DAV:href
elements MUST refer to resources within that collection,
and they MAY refer to resources at any depth within the
collection. As a result the "Depth" header MUST be
ignored by the server and SHOULD NOT be sent by the
client. If the Request-URI refers to a non-collection
resource, then there MUST be a single DAV:href element
that is equal to the Request-URI.
The response body for a successful request MUST be a
DAV:multistatus XML element. In the case where there are no
response elements, the returned DAV:multistatus XML element
is empty.
The response body for a successful CALDAV:calendar-multiget
REPORT request MUST contain a DAV:response element
for each calendar object resource referenced by the
provided set of DAV:href elements. Calendar data is
being returned in the CALDAV:calendar-data element
inside the DAV:prop element.
In the case of an error accessing any of the provided
DAV:href resources, the server MUST return the appropriate
error status code in the DAV:status element of the
corresponding DAV:response element.Preconditions:
None.
Postconditions:
None.
In this example, the client requests the server to
return specific properties of the VEVENT components
referenced by specific URIs. In addition the
DAV:getetag property is also requested and returned as
part of the response. Note that in this example, the
resource at
http://cal.example.com/home/bernard/calendar/mtg1.ics
does not exist, resulting in an error status response. The CALDAV:free-busy-query REPORT generates a VFREEBUSY component
containing free busy information for all relevant calendar
components within calendar collections which have the
CALDAV:read-free-busy or DAV:read privilege granted for the
current user.Only VEVENT components, without a TRANSP property or with the
TRANSP property set to a value other than "TRANSPARENT", and
VFREEBUSY components are used to generate the free busy time
information.Support for the CALDAV:free-busy-query REPORT is REQUIRED.Marshalling:
The request body MUST be a CALDAV:free-busy-query XML
element (see , which
MUST contain at least one CALDAV:time-range XML element,
as defined in .The response body for a successful request MUST be a
DAV:multistatus XML element. In the case where there are
no response elements, the returned DAV:multistatus XML element
is empty.The response body for a successful CALDAV:free-busy-query REPORT
request MUST contains a DAV:response element for each calendar
collection for which free-busy information has been computed.
Each DAV:response element contains a single
CALDAV:calendar-data XML element as defined in
. The
CALDAV:calendar-data XML element MUST contain an iCalendar
object with a single VFREEBUSY component, with zero or more
FREEBUSY property values that describe the busy time intervals
for the calendar object resources being targeted, and with other
properties set according to the rules of iCalendar. This report
only returns busy time information. Applications desiring free
time information MUST infer this from available busy time
information.
When the Request-URI for a CALDAV:free-busy-query REPORT is a
calendar collection, the free-busy data is implicitly
determined from the calendar object resources containing VEVENT
and VFREEBUSY components
within the calendar collection, irrespective of the value of any
Depth header included in the REPORT request. Only calendar object
resources containing VEVENT or VFREEBUSY components that
have the CALDAV:read-free-busy privilege granted to the
current user will be computed in the response.When the Request-URI for a CALDAV:free-busy-query REPORT is a
non-calendar collection, the scope of the report is
governed by the value of the Depth header in the request as
follows:
Depth: 0 - an empty VFREEBUSY
component will be returned as there is no valid calendar
data to be scanned on the collection.Depth: 1 - free-busy data for any calendar collections
immediately within the target collection is returned.Depth: infinity - free-busy data for all calendar
collections within any sub-collections of the target
collection is returned.Note that as per the requirements of
the server MUST expand any recurring items to determine whether any instances
contribute to the free busy information in the requested time range.Preconditions:
None.
Postconditions:
(DAV:number-of-matches-within-limits): The number of matching
calendar object resources must fall within server-specific,
predefined limits. For example, this condition might be
triggered if a search specification would cause the return
of an extremely large number of responses.
In this example, the client requests the server to
return free-busy information on the calendar collection
/home/bernard/calendar/, between 9:00 AM and 5:00 PM on 2nd
September 2004. The server responds indicating three
busy time intervals of one hour, two hours and 30 minutes
during the course of the time interval being examined.There are a number of actions clients can take which will be legal
(the server will not return errors) but which can degrade interoperability
with other client implementations accessing the same data. For example,
a recurrence rule could be replaced with a set of recurrence dates,
a single recurring event could be replaced with a set of independent
resources to represent each recurrence, or the start/end time values can
be translated from the original timezone to another timezone. Although
these are iCalendar interoperability best practices and not limited
only to CalDAV usage, interoperability problems are likely to be more
evident in CalDAV use cases. WebDAV already provides functionality required to synchronize a
collection or set of collections, make changes offline, and a
simple way to resolve conflicts when reconnected. Strong ETags
are the key to making this work, but these are not required of
all WebDAV servers. Since offline functionality is more
important to Calendar applications than to other WebDAV
applications, CalDAV servers MUST support strong ETags. The reports provided in CalDAV can be used by clients to
optimize their performance in terms of network
bandwidth usage, and resource consumption on the local
client machine. Both of those issues are certainly
major considerations for mobile or handheld devices
with limited capacity, but they are also relevant to
desktop client applications in cases where the
calendar collections contain large amounts of data.Typically clients present calendar data to users in
views that span a finite time interval, so whenever
possible clients should only retrieve calendar items
from the server using CALDAV:calendar-query report combined
with a time-range element to limit the scope of
returned items to just those needed to populate the
current view.Typically in a calendar, historical data (events, to-dos
etc. that have completed prior to the current date) do
not change, though they may be deleted. As a result, a
client can speed up the synchronization process by only
considering data for the present time and the future
up to a reasonable limit (e.g., one week, one month). If
the user then tries to examine a portion of the
calendar outside of the range that has been
synchronized, the client can perform another
synchronization operation on the new time interval being
examined. This "just-in-time" synchronization can
minimize bandwidth for common user interaction
behaviors.If a client wants to support calendar data
synchronization, as opposed to downloading calendar
data each time it is needed, it needs to cache the
component resources URI and ETag along with the
actual calendar data. Whilst the URI remains static for
the lifetime of the component, the ETag will change
with each successive change to the component data. Thus
to synchronize a local data cache with the server, the
client can first fetch the URI/ETag pairs for the time
interval being considered, and compare those results with
the cached data. Any cached component whose ETag
differs from that on the server needs to be
synchronized.In order to properly detect the changes between the
server and client data, the client will need to keep a
record of which items have been created, changed or
deleted since the last synchronization operation so
that it can reconcile those changes with the data on
the server.An example of how to do that would be the following:
The client issues a
CALDAV:calendar-query REPORT request for a specific time
range, and asks for only the DAV:getetag property to be
returned:
The client then uses the results to
determine which components have changed, been created
or deleted on the server and how those relate to
locally cached components that may have changed, been
created or deleted. If the client determines that there
are items on the server that need to be fetched, the
client issues a CALDAV:calendar-multiget report to fetch the
actual data: Clients may not need all the properties in a calendar
component when presenting information to the user. Since
some property data can be large (e.g., ATTACH or
ATTENDEE lists) clients can choose to ignore those by
only requesting the specific items it knows it will use,
through use of the CALDAV:calendar-data XML element in the
relevant reports.However, if a client needs to make a change to a component,
it can only change the entire component data via a PUT
request. There is no way to incrementally make a change to
a set of properties within a calendar component resource.
As a result the client will have to cache the entire set of
properties on a resource that is being changed.WebDAV locks can be used to prevent two clients modifying the
same resource from either overwriting each others' changes
(though that problem can also be solved by using ETags) and
also to prevent the user from making changes that will conflict
with another set of changes. In a multi-user calendar system, the calendar
client could lock an event while the user is editing the event,
and unlock the event when the user finishes or cancels. Locks
can also be used to prevent changes while data is being
reorganized. For example, a calendar client might lock two
calendar collections prior to moving a bunch of calendar
resources from one to another.
Clients may request a lock timeout period that is appropriate
to the use case. When the user explicitly decides to reserve
a resource and prevent other changes, a long timeout might be
appropriate, but in cases when the client automatically decides
to lock the resource the timeout should be short (and the client
can always refresh the lock should it need to). A short lock
timeout means that if the client is unable to remove the lock,
the other calendar users aren't prevented from making changes.Much of the time a calendar client (or agent) will discover
a new calendar's location by being provided directly with the
URL. E.g. a user will type his or her own calendar location into
client configuration information, or cut and paste a URL from
email into the calendar application. The client need only confirm
that the URL points to a resource which is a calendar. The client
may also be able to browse WebDAV collections to find calendar
collections.The choice of HTTP URLs means that calendar object resources are
backward compatible with existing software, but does have the
disadvantage that existing software does not usually know to look at
the OPTIONS response to that URL to determine what can be done with it.
This is somewhat of a barrier for WebDAV usage as well as with CalDAV
usage. This specification does not offer a way through this other than
making the information available in the OPTIONS response should this
be requested.For calendar sharing and scheduling use cases, one might wish to
find the calendar belonging to another user. If the other user has
a calendar in the same repository, that calendar can be found by using the
principal namespace required by WebDAV ACL support. For other cases,
the authors have no universal solution but implementors can consider
whether to use vCard or LDAP standards together with calendar attributes.
CalDAV clients MAY create attachments in calendar components either
as inline or external. This section contains some guidelines on
creating and managing attachments.
CalDAV clients MUST support inline attachments as specified in
the iCalendar format. All CalDAV servers MUST support inline
attachments, so clients can rely on being able to create
attachments this way. On the other hand, inline attachments
have some drawbacks:
Servers MAY impose limitations on the size of iCalendar
components (i.e., refusing PUT requests of very large
components).
Servers MAY impose storage quota limitations on calendar
collections [REF: WebDAV Quota]
Any change to a component containing an attachment requires
the entire attachment to be re-uploaded.
Clients synchronizing a changed component have to download
the entire component even if the attachment is unchanged.
CalDAV clients MUST support external attachments: if the
client access any calendar component it MUST be capable of
also accessing the external attachment if one exists (subject
to virus checking or other security considerations). An
external attachment could be:
In a collection in the calendar collection containing
the component
Somewhere else in the same repository that hosts the
calendar collection
On an HTTP of FTP server elsewhere.
CalDAV servers MAY support the MKCOL method to create
sub-collections inside calendar collections. A sub-collection
of a calendar collection MUST be able to contain any kind of
resource, subject to access and quota control. Some CalDAV
servers won't allow sub-collections inside calendar collections,
and it may be possible on such a server to discover other
locations where attachments can be stored.
Clients are entirely responsible for maintaining reference
consistency with components that link to external attachments.
A client deleting a component with an external attachment
might therefore also delete the attachment if that's
appropriate, however appropriateness can be very hard to
determine. A new component might easily reference some
pre-existing Web resource which is intended to have
independent existence from the CalDAV component (the
"attachment" could be a major proposal to be discussed
in a meeting, for instance). Best practices will probably
emerge and should probably be documented but for now clients
should be wary of engaging in aggressive "cleanup" of external
attachments. A client could involve the user in making
decisions about removing unreferenced documents, or a client
could be conservative in only deleting attachments it had
created.
Also, clients are responsible for consistency of permissions
when using external attachments. One reason for servers to
support the storage of attachments within sub-collections of
calendar collections is that ACL inheritance might make it
easier to grant the same permissions to attachments that are
granted on the calendar. Otherwise, it can be very difficult
to keep permissions synchronized. With attachments stored on
separate repositories, it can be impossible to keep permissions
consistent -- the two repositories may not support the same
permissions or have the same set of principals. Some systems
have used tickets or other anonymous access control mechanisms
to provide partially satisfactory solutions to these kinds of
problems.
Note that all CalDAV calendar collections (including those
which the user might treat as public or group calendars) can
contain alarm information on events and todos. Users can
synchronize a calendar between multiple devices and decide
to have alarms execute on a different device than the device
that created the alarm. Not all VALARM types are completely
interoperable (e.g., those which name a sound file to play).
When an alarm has action AUDIO, and the client is configured
to execute the alarm, the client SHOULD play the suggested
sound if it's available or play another sound, but SHOULD NOT
rewrite the alarm just to replace the suggested sound with
a sound that's locally available.
Similarly with action DISPLAY, if a client is configured to
execute the alarm then it SHOULD execute a display alarm by
displaying either according to the suggested description or
some reasonable replacement, but SHOULD NOT rewrite the alarm
for its own convenience.
When an alarm has action EMAIL, if the client is incapable of
sending email, it SHOULD ignore the alarm but MUST continue
to synchronize the alarm itself.
This specification makes no recommendations about executing
action PROCEDURE alarms except to note that clients are
advised to take care to avoid creating security holes by
executing these.
Non-interoperable alarm information (e.g., should somebody define
a color to be used in a display alarm) should be put in custom
properties inside the VALARM component in order to keep the basic
alarm usable on all devices.
Clients that allow offline changes to a calendar MUST synchronize
the alarm data that already exists in the calendar collection.
Clients MAY execute alarms that are downloaded in this fashion,
possibly based on user preference. If a client is only doing
read operations on a calendar and there is no risk of losing
alarm information, then the client MAY discard alarm information.
This specification makes no attempt to provide multi-user alarms
on group calendars or to find out who an alarm is intended for.
Addressing those issues might require extensions to iCalendar,
for example to store alarms per-user or indicate which user a
VALARM was intended for. In the meantime, clients might maximize
interoperability by generally not uploading alarm information to
public, group or resource calendars.
calendar-query
urn:ietf:params:xml:ns:caldavDefines a report for querying
calendar dataSee .calendar-data
urn:ietf:params:xml:ns:caldavUsed to define which parts
of a calendar component object should be
returned by the report that uses this
element.When used in a request,
the CALDAV:calendar-data element specifies the
iCalendar components and properties to be
returned in the iCalendar objects part of the
response. If this element doesn't contain any
CALDAV:comp element, iCalendar objects will be
returned with all their components and
properties.When used inside a
response, the CALDAV:calendar-data element contains
an iCalendar object that matched the search
filter specified in the request.comp
urn:ietf:params:xml:ns:caldavDefines which component
types to returnThe name value is a
calendar component name (e.g., "VEVENT")NOTE: The CALDAV:prop and CALDAV:allprop elements used
here have the same name as elements defined in WebDAV.
However, the elements used here have the
"urn:ietf:params:xml:ns:caldav" namespace, as
opposed to the "DAV:" namespace used for elements
defined in WebDAV.allcomp
urn:ietf:params:xml:ns:caldavSpecifies that all
components shall be returnedThis element can
be used when the client wants all types
of components returned by a report.allprop
urn:ietf:params:xml:ns:caldavSpecifies that all
properties shall be returned.This element can
be used when the client wants all
properties of components returned by a
report.NOTE: The CALDAV:allprop element defined here has the
same name as the DAV:allprop element defined in
WebDAV. However, the CALDAV:allprop element defined
here uses the "urn:ietf:params:xml:ns:caldav"
namespace, as opposed to the "DAV:" namespace
used for the DAV:allprop element defined in
WebDAV.prop
urn:ietf:params:xml:ns:caldavDefines which
properties to return in the
response.The "name"
attribute specifies the name of the
calendar property to return (e.g.,
"ATTENDEE"). The "novalue" attribute
can be used by clients to request that
the actual value of the property not be
returned (if the "novalue" attribute is
set to "yes"). In that case the server
will return just the iCalendar property
name and any iCalendar parameters and a
trailing ":" without the subsequent
value data.
NOTE: The CALDAV:prop element defined here has the
same name as the DAV:prop element defined in
WebDAV. However, the CALDAV:prop element defined
here uses the "urn:ietf:params:xml:ns:caldav"
namespace, as opposed to the "DAV:" namespace
used for the DAV:prop element defined in
WebDAV. expand-recurrence-set
urn:ietf:params:xml:ns:caldavForces the server to
expand recurring components into separate
instances.The
CALDAV:expand-recurrence-set element specifies
that recurring components shall be returned
as individual components with no recurrence
properties (i.e., EXDATE, EXRULE, RDATE and
RRULE). The required "start" and "end"
attributes contain iCalendar format
DATE-TIME (always specified in UTC) or DATE
values that define the time interval over
which the recurrence expansion should take
place. The start value is inclusive and the
end value is exclusive of the interval as per
iCalendar DTSTART and DTEND properties. The
server MUST return only those expanded
components whose time interval intersects
the interval specified by the start and end
attributes.
limit-recurrence-set
urn:ietf:params:xml:ns:caldav
Specifies a time range to limit the set of recurrence
instances returned by the server.
The CALDAV:limit-recurrence-set XML element specifies
that a server MUST only return information about the
recurrence instances whose scheduled time intersect a
specified time range for a given calendaring REPORT
request. The required "start" and "end" attributes
specify DATE or DATE-TIME iCalendar values in UTC that
defines the actual time range. The server MUST use the
same logic as defined for CALDAV:time-range to determine
if a recurrence instance intersect a given time range.
filter
urn:ietf:params:xml:ns:caldavDetermines which matching
components are returned.The "filter" element
specifies the search filter used to match
components that should be returned by a
report.comp-filter
urn:ietf:params:xml:ns:caldavLimits the search to
only the chosen component types.The "name" attribute
is a calendar component type (e.g.,
"VEVENT"). When this element is present,
the server should only return a component
if it matches the filter, which is to say:
prop-filter
urn:ietf:params:xml:ns:caldavLimits the search to
specific properties.The "name" attribute
MUST contain an iCalendar property name
(e.g., "ATTENDEE"). When the CALDAV:prop-filter
executes, a property matches if:
param-filter
urn:ietf:params:xml:ns:caldavLimits the search to
specific parameters.The "param-filter"
element limits the search result to the set
of resources containing properties with
parameters that meet the parameter filter
rules. When this filter executes, a
parameter matches if: is-defined
urn:ietf:params:xml:ns:caldavCauses a search to match
a resource if a component type, property or
parameter name exists.The CALDAV:is-defined
XML element limits the filter to resources
where the named component, property or
parameter is defined.text-match
urn:ietf:params:xml:ns:caldavSpecifies a substring
match on a property or parameter value.The specified text
is used for a substring match against the
property or parameter value specified in a
report. The "caseless" attribute indicates
whether the match is case-sensitive (value
set to "no") or case-insensitive (value set
to "yes"). The default value is
server-specified. Caseless matching SHOULD
be implemented as defined in section 5.18
of the Unicode Standard ().
Support for the "caseless" attribute is
optional. A server should respond with a
status of 422 if it is used but cannot be
supported.time-range
urn:ietf:params:xml:ns:caldavSpecifies a time interval
for testing components against.The CALDAV:time-range
element allows for a single time range to
be defined, in order to limit all the
results of the search to the set of
resources that contain a component which
overlap that time range. The value of
the "start" and "end" attributes MUST
follow the syntax of the DATE or DATE-TIME
iCalendar value type, with any time
specified in UTC.
While the "start" and "end" attributes are
not required to allow time ranges opened at
one end, at least one of them MUST be specified
in the CALDAV:time-range element.
We need to clarify the logic when the DTSTART, DTEND,
DURATION, or DUE properties are not defined in the
calendar component.
A VEVENT component overlaps a given
time-range if: A VTODO component overlaps a given
time-range if: A VJOURNAL component overlaps a given
time-range if: A VALARM component overlaps a given
time-range if: Any property of value type DATE-TIME or
DATE (e.g., DTSTAMP) will match a given
time-range if: calendar-multiget
urn:ietf:params:xml:ns:caldavCalDAV report used to retrieve
specific calendar component items via their
URIs.See .free-busy-query
urn:ietf:params:xml:ns:caldavCalDAV report used to generate a
VFREEBUSY to determine busy time over a specific
set of time ranges.See .
HTTP protocol transactions are sent in the clear over the
network unless protection from snooping is negotiated. This
can be accomplished by use of TLS as defined in
RFC2818.
In particular, HTTP Basic authentication MUST NOT be used
unless TLS is in effect.
Servers MUST take adequate precautions to ensure malicious
clients cannot consume excessive server resources (CPU, memory,
disk, etc.) through carefully crafted reports. For example, a
client could upload an event with a recurrence rule that
specifies a recurring event occurring every second for the next
100 years which would result in approximately 3 x 10^9
instances! A report that asks for recurrences to be expanded
over that range would likely constitute a denial-of-service
attack on the server.
We should make an explicit reference to the security
considerations mentionned in iCalendar, iTIP and iMIP.
In addition to the namespaces defined by RFC2518 for XML elements, this document
uses a URN to describe a new XML namespace conforming to a
registry mechanism described in RFC3688. All other IANA considerations
mentioned in RFC2518 also apply
to this document.Registration request for the CalDAV namespace: URI: urn:ietf:params:xml:ns:caldav Registrant Contact: See the "Author's Address" section of
this document. XML: None. Namespace URIs do not represent an XML
specification. The authors would like to thank the following individuals
for contributing their ideas and support for writing this
specification: Michael Arick, Mario Bonin, Chris Bryant,
Scott Carr, Mike Douglass, Helge Hess, Dan Mosedale,
Kervin L. Pierre, Julian F. Reschke, Mike Shaver,
Simon Vaillancourt, and Jim Whitehead.
The authors would also like to thank the Calendaring and
Scheduling Consortium for advice with this specification,
and for organizing interoperability testing events to help
refine it.
Key words for use in RFCs to Indicate Requirement LevelsHarvard University1350 Mass. Ave.CambridgeMA 02138- +1 617 495 3864sob@harvard.edu
General
keyword
In many standards track documents several words are used to signify
the requirements in the specification. These words are often
capitalized. This document defines these words as they should be
interpreted in IETF documents. Authors who follow these guidelines
should incorporate this phrase near the beginning of their document:
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
RFC 2119.
Note that the force of these words is modified by the requirement
level of the document in which they are used.
The TLS Protocol Version 1.0Certicomtdierks@certicom.comCerticomcallen@certicom.comThis document specifies Version 1.0 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.Internet Calendaring and Scheduling Core Object Specification (iCalendar)Lotus Development Corporation6544 Battleford DriveRaleighNC27613-3502USA+1-919-676-9515+1-919-676-9564Frank_Dawson@Lotus.comhttp://home.earthlink.net/~fdawsonMicrosoft CorporationOne Microsoft WayRedmondWA98052-6399USA+1-425-936-5522+1-425-936-7329deriks@Microsoft.com
Applications
calendaringschedulingPIM
There is a clear need to provide and deploy interoperable calendaring
and scheduling services for the Internet. Current group scheduling
and Personal Information Management (PIM) products are being extended
for use across the Internet, today, in proprietary ways. This memo
has been defined to provide the definition of a common format for
openly exchanging calendaring and scheduling information across the
Internet.
This memo is formatted as a registration for a MIME media type per
. However, the format in this memo is equally applicable
for use outside of a MIME message content type.
The proposed media type value is 'text/calendar'. This string would
label a media type containing calendaring and scheduling information
encoded as text characters formatted in a manner outlined below.
This MIME media type provides a standard content type for capturing
calendar event, to-do and journal entry information. It also can be
used to convey free/busy time information. The content type is
suitable as a MIME message entity that can be transferred over MIME
based email systems, using HTTP or some other Internet transport. In
addition, the content type is useful as an object for interactions
between desktop applications using the operating system clipboard,
drag/drop or file systems capabilities.
This memo is based on the earlier work of the vCalendar specification
for the exchange of personal calendaring and scheduling information.
In order to avoid confusion with this referenced work, this memo is
to be known as the iCalendar specification.
This memo defines the format for specifying iCalendar object methods.
An iCalendar object method is a set of usage constraints for the
iCalendar object. For example, these methods might define scheduling
messages that request an event be scheduled, reply to an event
request, send a cancellation notice for an event, modify or replace
the definition of an event, provide a counter proposal for an
original event request, delegate an event request to another
individual, request free or busy time, reply to a free or busy time
request, or provide similar scheduling messages for a to-do or
journal entry calendar component. The iCalendar Transport-indendent
Interoperability Protocol (iTIP) defined in is one such
scheduling protocol.
HTTP Extensions for Distributed Authoring -- WEBDAVMicrosoft CorporationOne Microsoft WayRedmondWA98052-6399yarong@microsoft.comDept. Of Information and Computer Science,
University of California, IrvineIrvineCA92697-3425ejw@ics.uci.eduNetscape685 East Middlefield RoadMountain ViewCA94043asad@netscape.comNovell1555 N. Technology WayM/S ORM F111OremUT84097-2399srcarter@novell.comNovell1555 N. Technology WayM/S ORM F111OremUT84097-2399dcjensen@novell.com
This document specifies a set of methods, headers, and content-types
ancillary to HTTP/1.1 for the management of resource properties,
creation and management of resource collections, namespace
manipulation, and resource locking (collision avoidance).
Hypertext Transfer Protocol -- HTTP/1.1Department of Information and Computer ScienceUniversity of California, IrvineIrvineCA92697-3425+1(949)824-1715fielding@ics.uci.eduWorld Wide Web ConsortiumMIT Laboratory for Computer Science, NE43-356545 Technology SquareCambridgeMA02139+1(617)258-8682jg@w3.orgCompaq Computer CorporationWestern Research Laboratory250 University AvenuePalo AltoCA94305mogul@wrl.dec.comWorld Wide Web ConsortiumMIT Laboratory for Computer Science, NE43-356545 Technology SquareCambridgeMA02139+1(617)258-8682frystyk@w3.orgXerox CorporationMIT Laboratory for Computer Science, NE43-3563333 Coyote Hill RoadPalo AltoCA94034masinter@parc.xerox.comMicrosoft Corporation1 Microsoft WayRedmondWA98052paulle@microsoft.comWorld Wide Web ConsortiumMIT Laboratory for Computer Science, NE43-356545 Technology SquareCambridgeMA02139+1(617)258-8682timbl@w3.org
The Hypertext Transfer Protocol (HTTP) is an application-level
protocol for distributed, collaborative, hypermedia information
systems. It is a generic, stateless, protocol which can be used for
many tasks beyond its use for hypertext, such as name servers and
distributed object management systems, through extension of its
request methods, error codes and headers . A feature of HTTP is
the typing and negotiation of data representation, allowing systems
to be built independently of the data being transferred.
HTTP has been in use by the World-Wide Web global information
initiative since 1990. This specification defines the protocol
referred to as "HTTP/1.1", and is an update to RFC 2068 .
HTTP Over TLSThis memo describes how to use Transport Layer Security (TLS) to secure Hypertext Transfer Protocol (HTTP) connections over the Internet. This memo provides information for the Internet community. Versioning Extensions to WebDAV (Web Distributed Authoring and Versioning)Rational Software20 Maguire RoadLexingtonMA02421USgeoffrey.clemm@rational.comIBM3039 CornwallisResearch Triangle ParkNC27709USjamsden@us.ibm.comIBMHursley ParkWinchesterS021 2JNUKtim_ellison@uk.ibm.comMicrosoftOne Microsoft WayRedmondWA90852USckaler@microsoft.comUC Santa Cruz, Dept. of Computer Science1156 High StreetSanta CruzCA95064USejw@cse.ucsc.edu
This document specifies a set of methods, headers, and resource types
that define the WebDAV (Web Distributed Authoring and Versioning)
versioning extensions to the HTTP/1.1 protocol. WebDAV versioning
will minimize the complexity of clients that are capable of
interoperating with a variety of versioning repository managers, to
facilitate widespread deployment of applications capable of utilizing
the WebDAV Versioning services. WebDAV versioning includes automatic
versioning for versioning-unaware clients, version history
management, workspace management, baseline management, activity
management, and URL namespace versioning.
The IETF XML RegistryThis document describes an IANA maintained registry for IETF standards which use Extensible Markup Language (XML) related items such as Namespaces, Document Type Declarations (DTDs), Schemas, and Resource Description Framework (RDF) Schemas. Web Distributed Authoring and Versioning (WebDAV) Access Control ProtocolIBM20 Maguire RoadLexingtonMA02421geoffrey.clemm@us.ibm.comgreenbytes GmbHSalzmannstrasse 152MuensterNW48159Germanyjulian.reschke@greenbytes.deOracle Corporation500 Oracle ParkwayRedwood ShoresCA94065eric.sedlar@oracle.comU.C. Santa Cruz, Dept. of Computer Science1156 High StreetSanta CruzCA95064ejw@cse.ucsc.edu
This document specifies a set of methods, headers, message bodies,
properties, and reports that define Access Control extensions to the
WebDAV Distributed Authoring Protocol. This protocol permits a client to
read and modify access control lists that instruct a server whether to
allow or deny operations upon a resource (such as HyperText Transfer
Protocol (HTTP) method invocations) by a given principal. A lightweight
representation of principals as Web resources supports integration of a
wide range of user management repositories. Search operations allow
discovery and manipulation of principals using human names.
Extensible Markup Language (XML) 1.0 (Third Edition)Textuality and Netscapetbray@textuality.comMicrosoftjeanpa@microsoft.comUniversity of Illinois at Chicago and Text Encoding Initiativecmsmcq@uic.eduSun Microsystemseve.maler@east.sun.comfrancois@yergeau.comThe Unicode Standard - Version 4.0The Unicode ConsortiumISBN 0321185781Lightweight Directory Access Protocol (v3)Critical Angle Inc.4815 W Braker Lane #502-385AustinTX 78759USA+1 512 372-3160M.Wahl@critical-angle.comNetscape Communications Corp.501 E. Middlefield Rd.MS MV068Mountain ViewCA 94043USA+1 650 937-3419howes@netscape.comIsode LimitedThe DomeThe SquareRichmondTW9 1DTUK+44-181-332-9091S.Kille@isode.com
Applications
LDAPITU directory service protocoldirectorylightweight directory access protocol
This RFC contained boilerplate in this section which has been moved
to the RFC2223-compliant unnumbered section "Status of this Memo."
This document describes a directory access protocol that provides
both read and update access. Update access requires secure
authentication, but this document does not mandate implementation of
any satisfactory authentication mechanisms.
In accordance with RFC 2026, section 4.4.1, this specification is
being approved by IESG as a Proposed Standard despite this
limitation, for the following reasons:
a. to encourage implementation and interoperability testing of
these protocols (with or without update access) before they
are deployed, and
b. to encourage deployment and use of these protocols in read-only
applications. (e.g. applications where LDAPv3 is used as
a query language for directories which are updated by some
secure mechanism other than LDAP), and
c. to avoid delaying the advancement and deployment of other Internet
standards-track protocols which require the ability to query, but
not update, LDAPv3 directory servers.
Readers are hereby warned that until mandatory authentication
mechanisms are standardized, clients and servers written according to
this specification which make use of update functionality are
UNLIKELY TO INTEROPERATE, or MAY INTEROPERATE ONLY IF AUTHENTICATION
IS REDUCED TO AN UNACCEPTABLY WEAK LEVEL.
Implementors are hereby discouraged from deploying LDAPv3 clients or
servers which implement the update functionality, until a Proposed
Standard for mandatory authentication in LDAPv3 has been approved and
published as an RFC.
vCard MIME Directory ProfileLotus Development Corporation6544 Battleford DriveRaleighNC 27613USA+1-919-676-9515frank_dawson@lotus.comNetscape Communications Corp.501 East Middlefield Rd.Mountain ViewCA 94041USA+1.415.937.3419howes@netscape.com
Applications
MIMEaudiocontent-typedirectorymultipurpose internet mail extensions
This memo defines the profile of the MIME Content-Type for
directory information for a white-pages person object, based on a
vCard electronic business card. The profile definition is independent
of any particular directory service or protocol. The profile is
defined for representing and exchanging a variety of information
about an individual (e.g., formatted and structured name and delivery
addresses, email address, multiple telephone numbers, photograph,
logo, audio clips, etc.). The directory information used by this
profile is based on the attributes for the person object defined in
the X.520 and X.521 directory services recommendations. The profile
also provides the method for including a representation of a
white-pages directory entry within the MIME Content-Type defined by
the document.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY" and "OPTIONAL" in this
document are to be interpreted as described in .
Calendar Attributes for vCard and LDAPXpertSite.ComISOCORLotusWhen scheduling a calendar entity, such as an event, it is a prerequisite that an organizer has the calendar address of each attendee that will be invited to the event. Additionally, access to an attendee's current "busy time" provides an a priori indication of whether the attendee will be free to participate in the event.In order to meet these challenges, a calendar user agent (CUA) needs a mechanism to locate (URI) individual user's calendar and free/busy time.This memo defines three mechanisms for obtaining a URI to a user's calendar and free/busy time. These include:
- Manual transfer of the information;
- Personal data exchange using the vCard format; and
- Directory lookup using the LDAP protocol.The following table extend the WebDAV Method Privilege Table
specified in Appendix B of WebDAV ACL.
METHODPRIVILEGESMKCALENDARDAV:bindREPORTDAV:read or CALDAV:read-free-busy
(on all referenced resources)Removed statement that said that client SHOULD
always request DAV:getetag in calendar REPORTs.Removed redefiniton of DAV:response.Removed XML elements CALDAV:calendar-data-only.Removed resource type CALDAV:calendar-home.Moved the CALDAV:calendar-data element in the
DAV:prop element in requests, and in the
DAV:propstat element in responses.Further defined the request body of MKCALENDAR to
allow clients to set properties at calendar
collection creation time.Renamed CALDAV:calendar-home-URL to
CALDAV:calendar-home-setClarified the fact that calendar collections
may only contain calendar object resources and
ordinary collections.Clarified that calendar REPORTs should only be
applied to calendar object resources contained
in calendar collections.Changed the CALDAV:calendar-component-restriction-set
and CALDAV:calendar-restriction properties to always
be protected.Changed to use existing postcondition
DAV:needs-privileges instead of a new
CALDAV:insufficient-privilege postcondition.Added example for limit-recurrence-set.Added example for expand-recurrence-set.Moved CALDAV:calendar-address-set in the
calendar-schedule draft and renamed it to
CALDAV:calendar-user-address-set.Added guidelines on attachments and alarms.Various editorial changes.Added properties calendar-restrictions and
calendar-component-restriction-set on calendar
collections.Added properties calendar-home-URL and
calendar-address-set on principal resources.Removed property calendar-URL on principal
resources.Added pre- and postconditions to reports.Added new XML elements calendar-data-only and
limit-recurrent-set.Modified calendar-data XML element to support
the attributes content-type and version.Reorganised sections 3, 4, 5 & 6 into two sections and
re-ordered sub-sections.Added comment about client not setting a duplicate
displayname.Removed three CalDAV OPTIONS requests.Changed "authenticated user" to "user" in various places.Rewrote section on calendar object resource restrictions for
better clarity.Reworded section "Recurrence and the Data Model".Removed timezone collection feature.Removed ability for a server to return the
Location header on a successful PUT request.Clarified restrictions on calendar object resources contained in
calendar collections.Added preconditions on PUT in calendar collections.Added informative "Guidelines" section, with information
on locking and how to find calendar collections.Moved "Sychronization Operations" section in the
"Guidelines" section.Removed a lot of non-normative text.Removed property promotion/demotion requirements.Removed calendar-owner and cal-scale properties.Removed 'ical' prefix/text from element names.Relaxed WebDAV Class 2 (locking) requirement to a MAY.Relaxed MKCALENDAR requirement to a SHOULD.Moved the XML Namespace section in the Introduction.Added CALDAV: prefix to CalDAV XML elements in the text.Added CALDAV:calendar-multiget report.Added CALDAV:free-busy-query report.Added CALDAV:calendar-description property.Changed CALDAV:calendar-query-result element name to
CALDAV:calendar-dataAdded description and examples of handling timezones.Added mandatory "start" and "end" attributes to the
CALDAV:expand-recurrence-set element.Added three CalDAV OPTIONS requests.Grouped XML Element declarations in a separate section.Added a note about the HTTP Location response
header.Added report calendar-query.Removed reports calendar-property-search and
calendar-time-range.Removed section on CalDAV and timezones.Added requirement to return ETag on creation.Revised data model to remove sub-collections from
calendar collection.Added informative references section.Removed dependencies on DASL.Removed Calendar Containers (simplification that
doesn't seem to remove much functionality)Added MKCALENDAR to create calendars and all
sub-collectionsAdded cal-scale property to calendarsBasically still adding major sections of content: Defined new field values to the OPTIONS
"DAV:" response headerAdded new resource
propertiesAdded new principal propertiesAdded new SCHEDULE method and related headersAdded new privileges for schedulingAdded section on privileges for calendaring,
extending WebDAV ACL privilege setDefined what to do with unrecognized properties in
the bodies of iCalendar events, with respect to
property promotion/demotion