5Internet Engineering Task Force (IETF) R. Cordier, Ed.
6Request for Comments: 9425 Linagora Vietnam
7Category: Standards Track June 2023
11 JSON Meta Application Protocol (JMAP) for Quotas
15 This document specifies a data model for handling quotas on accounts
16 with a server using the JSON Meta Application Protocol (JMAP).
20 This is an Internet Standards Track document.
22 This document is a product of the Internet Engineering Task Force
23 (IETF). It represents the consensus of the IETF community. It has
24 received public review and has been approved for publication by the
25 Internet Engineering Steering Group (IESG). Further information on
26 Internet Standards is available in Section 2 of RFC 7841.
28 Information about the current status of this document, any errata,
29 and how to provide feedback on it may be obtained at
30 https://www.rfc-editor.org/info/rfc9425.
34 Copyright (c) 2023 IETF Trust and the persons identified as the
35 document authors. All rights reserved.
37 This document is subject to BCP 78 and the IETF Trust's Legal
38 Provisions Relating to IETF Documents
39 (https://trustee.ietf.org/license-info) in effect on the date of
40 publication of this document. Please review these documents
41 carefully, as they describe your rights and restrictions with respect
42 to this document. Code Components extracted from this document must
43 include Revised BSD License text as described in Section 4.e of the
44 Trust Legal Provisions and are provided without warranty as described
45 in the Revised BSD License.
50 1.1. Notational Conventions
52 2. Addition to the Capabilities Object
53 2.1. urn:ietf:params:jmap:quota
54 3. Sub-types of the Quota Data Type
58 4.1. Properties of the Quota Object
62 4.5. Quota/queryChanges
65 5.2. Requesting Latest Quota Changes
67 7. IANA Considerations
68 7.1. JMAP Capability Registration for "quota"
69 7.2. JMAP Data Type Registration for "Quota"
70 8. Security Considerations
71 9. Normative References
77 The JSON Meta Application Protocol (JMAP) [RFC8620] is a generic
78 protocol for synchronizing data, such as mails, calendars, or
79 contacts between a client and a server. It is optimized for mobile
80 and web environments and aims to provide a consistent interface to
83 This specification defines a data model for handling quotas over
84 JMAP, allowing a user to obtain details about a certain quota.
86 This specification does not address quota administration, which
87 should be handled by other means.
891.1. Notational Conventions
91 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
92 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
93 "OPTIONAL" in this document are to be interpreted as described in
94 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
95 capitals, as shown here.
97 Type signatures, examples, and property descriptions in this document
98 follow the conventions established in Section 1.1 of [RFC8620]. Data
99 types defined in the core specification are also used in this
104 This document reuses the terminology from the core JMAP specification
105 established in Section 1.6 of [RFC8620].
107 The term "Quota" (when capitalized) is used to refer to the data type
108 defined in Section 4 and instance of that data type.
1102. Addition to the Capabilities Object
112 The capabilities object is returned as part of the JMAP Session
113 object; see [RFC8620], Section 2.
115 This document defines one additional capability URI.
1172.1. urn:ietf:params:jmap:quota
119 This represents support for the Quota data type and associated API
120 methods. Servers supporting this specification MUST add a property
121 called "urn:ietf:params:jmap:quota" to the capabilities object.
123 The value of this property is an empty object in both the JMAP
124 Session capabilities property and an account's accountCapabilities
1273. Sub-types of the Quota Data Type
129 There are two fields within the Quota data type, which have an
130 enumerated set of possible values. These are:
134 The Scope data type is used to represent the entities the quota
135 applies to. It is defined as a "String" with values from the
138 * account: The quota information applies to just the client's
141 * domain: The quota information applies to all accounts sharing this
144 * global: The quota information applies to all accounts belonging to
149 The ResourceType data type is used to act as a unit of measure for
150 the quota usage. It is defined as a "String" with values from the
153 * count: The quota is measured in a number of data type objects.
154 For example, a quota can have a limit of 50 "Mail" objects.
156 * octets: The quota is measured in size (in octets). For example, a
157 quota can have a limit of 25000 octets.
161 The Quota is an object that displays the limit set to an account
162 usage. It then shows as well the current usage in regard to that
1654.1. Properties of the Quota Object
167 The Quota object MUST contain the following fields:
171 The unique identifier for this object.
173 * resourceType: String
175 The resource type of the quota as defined in Section 3.2.
179 The current usage of the defined quota, using the "resourceType"
180 defined as unit of measure. Computation of this value is handled
183 * hardLimit: UnsignedInt
185 The hard limit set by this quota, using the "resourceType" defined
186 as unit of measure. Objects in scope may not be created or
187 updated if this limit is reached.
191 The "Scope" of this quota as defined in Section 3.1.
195 The name of the quota. Useful for managing quotas and using
196 queries for searching.
200 A list of all the type names as defined in the "JMAP Types Names"
201 registry (e.g., Email, Calendar, etc.) to which this quota
202 applies. This allows the quotas to be assigned to distinct or
205 The server MUST filter out any types for which the client did not
206 request the associated capability in the "using" section of the
207 request. Further, the server MUST NOT return Quota objects for
208 which there are no types recognized by the client.
210 The Quota object MAY contain the following fields:
212 * warnLimit: UnsignedInt|null
214 The warn limit set by this quota, using the "resourceType" defined
215 as unit of measure. It can be used to send a warning to an entity
216 about to reach the hard limit soon, but with no action taken yet.
217 If set, it SHOULD be lower than the "softLimit" (if present and
218 different from null) and the "hardLimit".
220 * softLimit: UnsignedInt|null
222 The soft limit set by this quota, using the "resourceType" defined
223 as unit of measure. It can be used to still allow some operations
224 but refuse some others. What is allowed or not is up to the
225 server. For example, it could be used for blocking outgoing
226 events of an entity (sending emails, creating calendar events,
227 etc.) while still receiving incoming events (receiving emails,
228 receiving calendars events, etc.). If set, it SHOULD be higher
229 than the "warnLimit" (if present and different from null) but
230 lower than the "hardLimit".
232 * description: String|null
234 Arbitrary, free, human-readable description of this quota. It
235 might be used to explain where the different limits come from and
236 explain the entities and data types this quota applies to. The
237 description MUST be encoded in UTF-8 [RFC3629] as described in
238 [RFC8620], Section 1.5, and selected based on an Accept-Language
239 header in the request (as defined in [RFC9110], Section 12.5.4) or
240 out-of-band information about the user's language or locale.
242 The following JMAP methods are supported.
246 Standard "/get" method as described in [RFC8620], Section 5.1. The
247 _id_'s argument may be "null" to fetch all quotas of the account at
248 once, as demonstrated in Section 5.1.
252 Standard "/changes" method as described in [RFC8620], Section 5.2,
253 but with one extra argument in the response:
255 * updatedProperties: String[]|null
257 If only the "used" Quota property has changed since the old state,
258 this will be a list containing only that property. If the server
259 is unable to tell if only "used" has changed, it MUST be null.
261 Since "used" frequently changes, but other properties are generally
262 only changed rarely, the server can help the client optimize data
263 transfer by keeping track of changes to quota usage separate from
264 other state changes. The updatedProperties array may be used
265 directly via a back-reference in a subsequent Quota/get call in the
266 same request, so only these properties are returned if nothing else
269 Servers MAY decide to add other properties to the list that they
270 judge to be changing frequently.
272 This method's usage is demonstrated in Section 5.2.
276 This is a standard "/query" method as described in [RFC8620],
279 A FilterCondition object has the following properties, any of which
280 may be included or omitted:
284 The Quota _name_ property contains the given string.
288 The Quota _scope_ property must match the given value exactly.
290 * resourceType: String
292 The Quota _resourceType_ property must match the given value
297 The Quota _types_ property contains the given value.
299 A Quota object matches the FilterCondition if, and only if, all the
300 given conditions match. If zero properties are specified, it is
301 automatically true for all objects.
303 The following Quota properties MUST be supported for sorting:
3094.5. Quota/queryChanges
311 This is a standard "/queryChanges" method as described in [RFC8620],
318 Request fetching all quotas related to an account:
321 "accountId": "u33084183",
328 "accountId": "u33084183",
331 "id": "2a06df0d-9865-4e74-a92f-74dcc814270e",
332 "resourceType": "count",
338 "name": "bob@example.com",
339 "description": "Personal account usage. When the soft limit is
340 reached, the user is not allowed to send mails or
341 create contacts and calendar events anymore.",
342 "types" : [ "Mail", "Calendar", "Contact" ]
344 "id": "3b06df0e-3761-4s74-a92f-74dcc963501x",
345 "resourceType": "octets",
3515.2. Requesting Latest Quota Changes
353 Request fetching the changes for a specific quota:
355 [[ "Quota/changes", {
356 "accountId": "u33084183",
357 "sinceState": "78540",
361 "accountId": "u33084183",
364 "name": "Quota/changes",
369 "name": "Quota/changes",
370 "path": "/updatedProperties"
376 [[ "Quota/changes", {
377 "accountId": "u33084183",
380 "hasMoreChanges": false,
381 "updatedProperties": ["used"],
383 "updated": ["2a06df0d-9865-4e74-a92f-74dcc814270e"],
387 "accountId": "u33084183",
390 "id": "2a06df0d-9865-4e74-a92f-74dcc814270e",
398 Servers MUST support the JMAP push mechanisms, as specified in
399 [RFC8620], Section 7, to allow clients to receive notifications when
400 the state changes for the Quota type defined in this specification.
4027. IANA Considerations
4047.1. JMAP Capability Registration for "quota"
406 IANA has registered the "quota" JMAP Capability as follows:
408 Capability Name: urn:ietf:params:jmap:quota
414 Change Controller: IETF
416 Security and Privacy Considerations: RFC 9425, Section 8
4187.2. JMAP Data Type Registration for "Quota"
420 IANA has registered the "Quota" Data Type as follows:
424 Can Reference Blobs: No
426 Can Use for State Change: Yes
428 Capability: urn:ietf:params:jmap:quota
4328. Security Considerations
434 All security considerations of JMAP [RFC8620] apply to this
437 Implementors should be careful to make sure the implementation of the
438 extension specified in this document does not violate the site's
439 security policy. The resource usage of other users is likely to be
440 considered confidential information and should not be divulged to
441 unauthorized persons.
443 As for any resource shared across users (for example, a quota with
444 the "domain" or "global" scope), a user that can consume the resource
445 can affect the resources available to the other users. For example,
446 a user could spam themselves with events and make the shared resource
447 hit the limit and unusable for others (implementors could mitigate
448 that with some rate-limiting implementation on the server).
450 Also, revealing domain and global quota counts to all users may cause
451 privacy leakage of other sensitive data, or at least the existence of
452 other sensitive data. For example, some users are part of a private
453 list belonging to the server, so they shouldn't know how many users
454 are in there. However, by comparing the quota count before and after
455 sending a message to the list, it could reveal the number of people
456 of the list, as the domain or global quota count would go up by the
457 number of people subscribed. In order to limit those attacks, quotas
458 with "domain" or "global" scope SHOULD only be visible to server
459 administrators and not to general users.
4619. Normative References
463 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
464 Requirement Levels", BCP 14, RFC 2119,
465 DOI 10.17487/RFC2119, March 1997,
466 <https://www.rfc-editor.org/info/rfc2119>.
468 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
469 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November
470 2003, <https://www.rfc-editor.org/info/rfc3629>.
472 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
473 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
474 May 2017, <https://www.rfc-editor.org/info/rfc8174>.
476 [RFC8620] Jenkins, N. and C. Newman, "The JSON Meta Application
477 Protocol (JMAP)", RFC 8620, DOI 10.17487/RFC8620, July
478 2019, <https://www.rfc-editor.org/info/rfc8620>.
480 [RFC9007] Ouazana, R., Ed., "Handling Message Disposition
481 Notification with the JSON Meta Application Protocol
482 (JMAP)", RFC 9007, DOI 10.17487/RFC9007, March 2021,
483 <https://www.rfc-editor.org/info/rfc9007>.
485 [RFC9110] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
486 Ed., "HTTP Semantics", STD 97, RFC 9110,
487 DOI 10.17487/RFC9110, June 2022,
488 <https://www.rfc-editor.org/info/rfc9110>.
492 Thank you to Michael Bailly, who co-wrote the first draft version of
493 this document, before deciding to turn to other matters.
495 Thank you to Benoit Tellier for his constant help and support on
496 writing this document.
498 Thank you to Raphael Ouazana for sharing his own experience on how to
499 write an RFC after finalizing his own document: [RFC9007].
501 Thank you to Bron Gondwana, Neil Jenkins, Alexey Melnikov, Joris
502 Baum, and the people from the IETF JMAP working group in general, who
503 helped with extensive discussions, reviews, and feedback.
505 Thank you to the people in the IETF organization, who took the time
506 to read, understand, comment, and give great feedback in the last
511 René Cordier (editor)
517 Email: rcordier@linagora.com
518 URI: https://linagora.vn