Network Working GroupC. Daboo
Internet-DraftISAMET
Intended status: InformationalB. Desruisseaux
Expires: November 25, 2005Oracle
L. Dusseault
OSAF
May 24, 2005

Calendaring Extensions to WebDAV (CalDAV)

Status of this Memo

By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress”.

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on November 25, 2005.

Copyright Notice

Copyright © The Internet Society (2005). All Rights Reserved.

Abstract

This document specifies a set of methods, headers, message bodies, properties, and reports that define calendar access extensions to the WebDAV protocol. The new protocol elements are intended to make WebDAV-based calendaring and scheduling an interoperable standard that supports single-user calendar access, calendar sharing, and calendar publishing.



1. Introduction

The concept of using HTTP [4] and WebDAV [3] as a basis for a calendaring server is by no means a new concept: it was discussed in the IETF CALSCH working group as early as 1997 or 1998. Several companies have implemented calendaring servers using HTTP PUT/GET to upload and download iCalendar [2] objects, and using WebDAV PROPFIND to get listings of resources. However, those implementations do not interoperate because there are many small and big decisions to be made in how to model calendaring data as WebDAV resources, as well as how to implement required features that aren't already part of WebDAV. This document is therefore intended to propose a standard way of modeling calendar data in WebDAV, plus some additional features to make calendar access work well.

Discussion of this Internet-Draft is being done on the mailing list <http://lists.osafoundation.org/mailman/listinfo/ietf-caldav>.

1.1. XML Namespaces

Definitions of XML elements in this document use XML element type declarations (as found in XML Document Type Declarations), described in Section 3.2 of [8].

The namespace "urn:ietf:params:xml:ns:caldav" is reserved for the XML elements defined in this specification, or in other Standards Track IETF RFCs written to extend CalDAV. It MUST NOT be used for proprietary extensions.

Note that the XML declarations used in this document are incomplete, in that they do not include namespace information. Thus, the reader MUST NOT use these declarations as the only way to create valid CalDAV properties or to validate CalDAV XML element type. Some of the declarations refer to XML elements defined by WebDAV which use the "DAV:" namespace. Wherever such elements appear, they are explicitly given the "DAV:" prefix to help avoid confusion.

Also note that some CalDAV XML element names are identical to WebDAV XML element names, though their namespace differs. Care MUST be taken not to confuse the two sets of names.

1.2. Notational Conventions

The augmented BNF used by this document to describe protocol elements is described in Section 2.1 of [4]. Because this augmented BNF uses the basic production rules provided in Section 2.2 of [4], those rules apply to this document as well.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [1].

When XML element types in the namespaces "DAV:" and "urn:ietf:params:xml:ns:caldav" are referenced in this document outside of the context of an XML fragment, the string "DAV:" and "CALDAV:" will be prefixed to the element types respectively.

1.3. Method Preconditions and Postconditions

A "precondition" of a method describes the state of the server that must be true for that method to be performed. A "postcondition" of a method describes the state of the server that must be true after that method has been completed. If a method precondition or postcondition for a request is not satisfied, the response status of the request MUST be either 403 (Forbidden) if the request should not be repeated because it will always fail, or 409 (Conflict) if it is expected that the user might be able to resolve the conflict and resubmit the request.

In order to allow better client handling of 403 and 409 responses, a distinct XML element type is associated with each method precondition and postcondition of a request. When a particular precondition is not satisfied or a particular postcondition cannot be achieved, the appropriate XML element MUST be returned as the child of a top-level DAV:error element in the response body, unless otherwise negotiated by the request. In a 207 Multi-Status response, the DAV:error element would appear in the appropriate DAV:responsedescription element.


2. CalDAV Requirements Overview

This section lists what functionality is required of a CalDAV server. To advertise support for CalDAV, a server:

In addition, a server:


3. Calendaring Data Model

One of the features which has made WebDAV a successful protocol is its firm data model. This makes it a useful framework for other applications such as calendaring. This specification attempts to follow the same pattern by developing all new features based on a well-described data model.

In the CalDAV data model, every iCalendar VEVENT, VJOURNAL, VTODO and VFREEBUSY component is stored as an individual HTTP/WebDAV resource. That means each calendar resource may be individually locked and have individual WebDAV properties. These resources are placed into WebDAV collections with a mostly-fixed structure.

3.1. Calendar Server

A CalDAV server is a calendaring-aware engine combined with a WebDAV repository. A WebDAV repository is a set of WebDAV collections, containing other WebDAV resources, within a unified URL namespace. For example, the repository "http://example.org/webdav/" may contain WebDAV collections and resources, all of which have URLs beginning with "http://example.org/webdav/". Note that the root URL "http://example.org/" may not itself be a WebDAV repository (for example, if the WebDAV support is implemented through a servlet or other Web server extension).

A WebDAV repository MAY include calendar data in some parts of its URL namespace, and non-calendaring data in other parts.

A WebDAV repository may advertise itself as a CalDAV server if it supports the functionality defined in this specification at any point within the root of the repository. That might mean that calendaring data is spread throughout the repository and mixed with non-calendar data in nearby collections (e.g., calendar data may be found in /lisa/calendar/ as well as in /bernard/calendar/, and non-calendar data in /lisa/contacts/). Or, it might mean that calendar data can be found only in certain sections of the repository (e.g., /calendars/user/). Calendaring features are only required in the repository sections that are or contain calendaring objects. So a repository confining calendar data to the /caldav/ collection would only need to support the CalDAV required features within that collection.

The CalDAV server or repository is the canonical location for calendar data and state information. Both CalDAV servers and clients MUST ensure that the data is consistent and compliant. Clients may submit requests to change data or download data. Clients may store calendar objects offline and attempt to synchronize at a later time. However, clients MUST be prepared for calendar data on the server to change between the time of last synchronization and when attempting an update, as calendar collections may be shared and accessible via multiple clients. HTTP ETags and other tools help this work.

3.2. Recurrence and the Data Model

Recurrence is an important part of the data model because it governs how many resources are expected to exist. This proposal models a recurring resource and its recurrence exceptions as a single WebDAV resource. In this model, recurrence patterns, recurrence dates, exception dates, and exception information are all part of the data in a single master event. This decision avoids problems of limiting how many recurrence instances to store in the repository, how to keep instances in synch with the master, and how to link recurrence exceptions with the master. It also results in less data to synchronize between client and server, and makes it easier to make changes to all recurrences or to a recurrence pattern. It makes it easier to create a recurring component, and easier to delete all recurrences.

Clients are not forced to retrieve information about all recurrence instances of a recurring component. The CALDAV:calendar-query REPORT defined in this document allow clients to retrieve only the recurrence instances that occurs in a given time range.


4. New Resource Types

CalDAV defines the following new resource types for use in WebDAV repositories holding calendar data.

4.1. Calendar Collection

Calendar collections are manifested to clients as a WebDAV resource collection, identified by a URL. A calendar collection MUST have a non-empty DAV:displayname property (defined in Section 13.2 of RFC2518 [3]), and a DAV:resourcetype property (defined in Section 13.9 of RFC2518 [3]). Additionally, a calendar collection MUST report the DAV:collection and CALDAV:calendar XML elements in the value of the DAV:resourcetype property. The element type declaration for CALDAV:calendar is:

<!ELEMENT calendar EMPTY>
            

A calendar collection contains resources that represent the iCalendar objects within a calendar. A calendar collection may be created through provisioning (e.g., automatically created when a user's account is created), or it may be created through MKCALENDAR. This can be useful for a user to create a second calendar (e.g., soccer schedule) or for users to share a calendar (e.g., team events or conference room). Note however that this document doesn't define what extra calendar collections are for, users must rely on non-standard cues to find out what a calendar collection is for, or use the CALDAV:calendar-description property defined in Section 6.1 to provide such a cue.

Calendar collections MUST NOT contain other calendar collections. Multiple calendar collections MAY be children of the same WebDAV collection.

A calendar collection MAY contain additional collections and non-collection resources of types not defined here. How such items are used is not defined by this specification. However, additional collections contained in a calendar collection MUST NOT contain calendar collections.

4.2. Calendar Resources Restrictions in Calendar Collections

Calendar resources contained in calendar collections MUST NOT contain more than one type of calendar component (e.g., VEVENT, VTODO, etc.) with the exception of VTIMEZONE components which MUST be specified for each unique TZID parameter value specified in the iCalendar object. For instance, a calendar resource may contain two VEVENT components and one VTIMEZONE component, but it may not contain one VEVENT component and one VTODO component.

Calendar resources that contain more than one calendar components of the same type (e.g., VEVENT), with the exception of VTIMEZONE components, are REQUIRED to have the same UID property value. For instance, a calendar resource with two VEVENT components MUST specify the same UID property value in the two VEVENT components. One of the two VEVENT components could define the recurrence rule of an event, and the other one could define an exception to the same event.

Calendar components with the same UID property value, in a given calendar collection, MUST be contained in the same calendar resource. All the recurrence instances of the same recurring calendar component, that is, calendar components with the same UID property value but with different RECURRENCE-ID property value MUST be contained in the same calendar resource.

The UID property value of the calendar components contained in a calendar resource MUST be unique in the scope of the calendar collection, and all its descendant collections, in which the calendar resource is contained.

For example, given the following iCalendar object:

BEGIN:VCALENDAR
CALSCALE:GREGORIAN 
PRODID:-//Example, Inc.\, Inc.//Example App//EN
VERSION:2.0 
BEGIN:VEVENT
UID:1@example.com
SUMMARY:One-off Meeting 
DTSTAMP:20041210T183904Z
DTSTART:20041207T120000Z 
DTEND:20041207T130000Z
END:VEVENT
BEGIN:VEVENT 
UID:2@example.com
SUMMARY:Weekly Meeting 
DTSTAMP:20041210T183838Z
DTSTART:20041206T120000Z 
DTEND:20041206T130000Z
RRULE:FREQ=WEEKLY
END:VEVENT 
BEGIN:VEVENT
UID:2@example.com 
RECURRENCE-ID:20041213T120000Z
DTSTAMP:20041210T183838Z 
DTSTART:20041213T130000Z
END:VEVENT
END:VCALENDAR 
          

The VEVENT component with the UID value "1@example.com", would need to be stored in its own calendar resource. The two VEVENT components with the UID value "2@example.com", which represent a recurring event where one recurrence instance has been overridden, would need to be stored in the same calendar resource.


5. Creating Resources

The creation of calendar collections and calendar resources may be initiated by either a CalDAV client or by the CalDAV server. For example, a server might come preconfigured with a user's calendar collection, or the CalDAV client might request the server to create a new calendar collection for a given user. Servers might populate events as calendar objects inside a calendar collection, or clients might request the server to create events. Either way, both client and server MUST comply with the requirements in this document, and MUST understand objects appearing in calendar collections or according to the data model defined here.

5.1. MKCALENDAR Method

A MKCALENDAR request creates a new calendar collection resource. A server MAY restrict calendar collection creation to particular collections, but a client can determine the location of these collections from a CALDAV:calendar-collection-set OPTIONS request (see Section 5.2.2).

Support for MKCALENDAR on the server is OPTIONAL because some calendar stores only support one calendar per user (or principal) and those are typically pre-created for each account. However, servers and clients are strongly encouraged to support MKCALENDAR whenever possible to allow users to create multiple calendar collections to better help organize their data.

Clients SHOULD use the DAV:displayname property for a human-readable name of the calendar. This requires the clients to issue a PROPPATCH request to change the DAV:displayname property to the appropriate value immediately after issuing the MKCALENDAR request. When displaying calendar collections to users, clients SHOULD check the DAV:displayname property and use that value as the name of the calendar. In the event that the DAV:displayname property is empty, the client MAY use the last part of the calendar-collection URI as the name.

If a MKCALENDAR request fails, the server state preceding the request MUST be restored.

Marshalling:

  • If a request body is included, it MUST be a CALDAV:mkcalendar XML element.
    <!ELEMENT mkcalendar ANY>
    
  • If a response body for a successful request is included, it MUST be a CALDAV:mkcalendar-response XML element.
    <!ELEMENT mkcalendar-response ANY>
    
  • The response MUST include a Cache-Control:no-cache header.

Preconditions:

  • (DAV:resource-must-be-null): A resource MUST NOT exist at the Request-URI.
  • (CALDAV:calendar-collection-location-ok): The Request-URI MUST identify a location where a calendar collection can be created.
  • (CALDAV:insufficient-privilege): The DAV:bind privilege MUST be granted to the current authenticated user.

Postconditions:

  • (CALDAV:initialize-calendar-collection): A new calendar collection exists at the Request-URI. The DAV:resourcetype of the calendar collection MUST be DAV:collection. Additionally, a calendar collection MUST report the CALDAV:calendar XML element in the value of the DAV:resourcetype property.

5.1.1. Status Codes

201 (Created) - The calendar collection resource was created in its entirety.

403 (Forbidden) - This indicates at least one of two conditions: 1) the server does not allow the creation of calendar collections at the given location in its namespace, or 2) the parent collection of the Request-URI exists but cannot accept members.

405 (Method Not Allowed) - MKCALENDAR can only be executed on a null resource.

409 (Conflict) - A collection cannot be made at the Request-URI until one or more intermediate collections have been created.

415 (Unsupported Media Type)- The server does not support the request type of the body.

507 (Insufficient Storage) - The resource does not have sufficient space to record the state of the resource after the execution of this method.

5.1.2. Example - MKCALENDAR

>> Request <<

MKCALENDAR /calendars/user/lisa/ HTTP/1.1
Host: cal.example.com
Content-Length: 0
    

>> Response <<

HTTP/1.1 201 Created
Date: Fri, 22 Oct 2004 12:17:08 GMT 
Content-Length: 0
Cache-Control: no-cache
    

In this example, a new calendar collection is created at http://cal.example.com/calendars/user/lisa/

5.2. Additional OPTIONS Semantics

5.2.1. Capability Discovery

If the server supports the calendar-access feature, it MUST include "calendar-access" as a field in the DAV response header from an OPTIONS request on any resource that supports any calendar properties, reports, or methods. A value of "calendar-access" in the DAV header MUST indicate that the server supports all MUST level requirements and REQUIRED features specified in this document.

5.2.1.1. Example: Using OPTIONS for the Discovery of Support for CalDAV

>> Request <<

OPTIONS /calendars/users/ HTTP/1.1
Host: cal.example.com

>> Response <<

HTTP/1.1 200 OK
Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE
Allow: MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, REPORT
Allow: MKCALENDAR, ACL
DAV: 1, 2, access-control, calendar-access
Content-Length: 0

In this example, the OPTIONS response indicates that the server supports CalDAV in this namespace, therefore the '/calendars/users/' collection may be used as a parent for calendar collections as the MKCALENDAR method is available, and as a possible target for REPORT requests for calendaring reports.

5.2.2. CALDAV:calendar-collection-set OPTIONS request

A CALDAV:calendar-collection-set element MAY be included in the request body to identify collections that may contain calendar collection resources.

Additional Marshalling:

  • If an XML request body is included, it MUST be a DAV:options XML element.
      <!ELEMENT options ANY>
      ANY value: A sequence of elements with at most one
      calendar-collection-set element.
              
  • If an XML response body for a successful request is included, it MUST be a DAV:options-response XML element.
      <!ELEMENT options-response ANY>
      ANY value: A sequence of elements with at most one
      calendar-collection-set element.
    
      <!ELEMENT calendar-collection-set (href*)>
              
  • If CALDAV:calendar-collection-set is included in the request body, the response body for a successful request MUST contain a CALDAV:calendar-collection-set element identifying collections that may contain calendar collections. An identified collection MAY be the root collection of a tree of collections, all of which may contain calendar collections. Since different servers can control different parts of the URL namespace, different resources on the same host MAY have different CALDAV:calendar-collection-set values. The identified collections MAY be located on different hosts from the resource.

5.2.3. CALDAV:current-user-calendar-collection-set OPTIONS request

A CALDAV:current-user-calendar-collection-set element MAY be included in the request body to identify the calendar collections owned by the current authenticated user.

Additional Marshalling:

  • If an XML request body is included, it MUST be a DAV:options XML element.
      <!ELEMENT options ANY>
      ANY value: A sequence of elements with at most one
      current-user-calendar-collection-set element.
              
  • If an XML response body for a successful request is included, it MUST be a DAV:options-response XML element.
      <!ELEMENT options-response ANY>
      ANY value: A sequence of elements with at most one
      current-user-calendar-collection-set element.
    
      <!ELEMENT current-user-calendar-collection-set (href*)>
              
  • If CALDAV:current-user-calendar-collection-set is included in the request body, the response body for a successful request MUST contain a CALDAV:current-user-calendar-collection-set element identifying calendar collections owned by the current authenticated user.

5.2.4. Example - OPTIONS

>> Request <<

OPTIONS /caldav-root/ HTTP/1.1
Host: cal.example.com
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<D:options xmlns:D="DAV:">
  <C:calendar-collection-set
    xmlns:C="urn:ietf:params:xml:ns:caldav"/>
</D:options>

>> Response <<

HTTP/1.1 200 OK
DAV: 1, calendar-access
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<D:options-response xmlns:D="DAV:">
  <C:calendar-collection-set
    xmlns:C="urn:ietf:params:xml:ns:caldav">
    <D:href>http://cal.example.com/calendars/user/</D:href>
    <D:href>http://cal.example.com/calendars/public/</D:href>
  </C:calendar-collection-set>
</D:options-response>

In this example, the server indicates that it provides Class 1 DAV support and calendar-access support. In addition, the server indicates the requested locations of the calendar collection resources. Naturally, the server may also have done an authentication step (not shown) to ensure this operation was allowed.

5.3. Creating calendar resources

Clients typically populate calendar collections with calendar resources. The URL for each calendar resource is entirely arbitrary, and does not need to bear a specific relationship (but might) to the calendar resource's subject, scheduled time, UID or other metadata. A new calendar resource must have a new URL, otherwise the new component would instead be an update to an existing calendar resource.

When servers create new resources, it's not hard for the server to choose a unique URL. It's slightly tougher for clients, because a client might not want to examine all resources in the collection, and might not want to lock the entire collection to ensure that a new one isn't created with a name collision. However, there are tools to mitigate this. If the client intends to create a new non-collection resource, such as a new VEVENT, the client SHOULD use the HTTP header "If-None-Match: *" on the PUT request. The Request-URI on the PUT request MUST include the target collection, where the resource is to be created, plus the name of the resource in the last path segment. The last path segment could be a random number, or it could be a sequence number, or a string related to the object's 'summary' property. No matter how the name is chosen, the "If-None-Match" header ensures that the client cannot overwrite an existing resource even if it has accidentally chosen a duplicate resource name.

Servers SHOULD return an ETag header containing the actual ETag of the newly created resource on a successful creation.

>> Request <<

PUT /lisa/calendar/newevent.ics HTTP/1.1
If-None-Match: *
Host: cal.example.com
Content-Type: text/calendar
Content-Length: xxx

BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Example Corp.//CalDAV Client//EN
BEGIN:VEVENT
UID:20010712T182145Z-123401@example.com
DTSTART:20010714T170000Z
DTEND:20010715T035959Z
SUMMARY:Bastille Day Party
END:VEVENT
END:VCALENDAR

>> Response <<

HTTP/1.1 201 Created
Date: Thu, 02 Sep 2004 16:53:32 GMT
Content-Length: 0
ETag: "123456789-000-111"

The request to change an existing event is the same, but with a specific ETag in the "If-Match" header, rather than the "If-None-Match" header.

As indicated in Section 3.10 of RFC 2445 [2], the URL of calendar resources containing (an arbitrary set of) calendaring and scheduling information may be suffixed by ".ics", and the URL of calendar resources containing free or busy time information may be suffixed by ".ifb".

Preconditions for PUT within calendar collections:

  • (CALDAV:uid-already-exists): The component UID chosen is not unique and the client must choose another if it attempts again.
  • (CALDAV:invalid-calendar-resource): The iCalendar object syntax or structure was invalid. (Note that the server MAY support upload formats other than iCalendar but then the server MUST validate each component uploaded according to the chosen format syntax.)

6. Calendaring Properties

This specification defines new properties for WebDAV resources. Calendar access properties may be retrieved just like other WebDAV properties, using the PROPFIND method.

A DAV:allprop PROPFIND request SHOULD NOT return any of the properties defined in this section.

6.1. CALDAV:calendar-description Property

Name:
calendar-description
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Provides a description for the resource that is suitable for presentation to a user.
Description:
The CALDAV:calendar-description property MAY be defined on all calendar collection resources. If present, the property contains a description of the resource that is suitable for presentation layer.
  <!ELEMENT calendar-description (#PCDATA) >
          

7. Calendaring Access Control

7.1. Calendaring Privileges

A CalDAV server MUST support WebDAV ACL [7]. WebDAV ACL provides a framework for an extensible list of privileges on WebDAV collections and ordinary resources. A CalDAV server MUST also support the calendaring privilege defined in this section.

7.1.1. CALDAV:view-free-busy Privilege

Calendar users often wish to allow other users to see their free-busy time intervals, without viewing the other details of the calendar components (location, subject, attendees). This allows a significant amount of privacy while still allowing those other users to schedule meetings at times when the calendar user is likely to be free.

The CALDAV:view-free-busy privilege controls access to view the start times and end times of free and busy time intervals. This privilege may be granted on an entire calendar collection. It may also make sense to grant this privilege on individual calendar resources (in which case the time allocated to those calendar resources would show up as free in the free-busy rollup to an unauthorized viewer), but a server MAY forbid the CALDAV:view-free-busy privilege from being used on individual calendar resources. A CalDAV server MUST support the CALDAV:view-free-busy privilege on calendar collections.

  <!ELEMENT view-free-busy EMPTY>
            

The CALDAV:view-free-busy privilege is aggregated in the DAV:read privilege. Clients can discover support for various privileges using the DAV:supported-privilege-set property defined in RFC3744 [7].

7.1.2. Privilege aggregation and the DAV:supported-privilege-set property

In the WebDAV ACL standard, servers MUST support the DAV:supported-privilege-set property to show which privileges are abstract, which privileges are supported, how the privileges relate to another, and to provide text descriptions (particularly useful for custom privileges). The relationships between privileges involves showing which privilege is a subset or a superset of another privilege. For example, because reading the ACL property is considered a more specific privilege than the DAV:read privilege (a subset of the total set of actions are allowed), it is aggregated under the DAV:read privilege. Although the list of supported privileges MAY vary somewhat from server to server (the WebDAV ACL specification leaves room for a fair amount of diversity in server implementations), some relationships MUST hold for a CalDAV server:

  • The server MUST support the CALDAV:view-free-busy privilege. The CALDAV:view-free-busy privilege MUST be non-abstract, and MUST be aggregated under the DAV:read privilege.
7.1.2.1. Partial example of DAV:supported-privilege-set property

This is a partial example of how the DAV:supported-privilege-set property could look on a server supporting CalDAV. Note that aggregation is shown in the structure of the DAV:supported-privilege elements containing each other.

<D:supported-privilege-set xmlns:D="DAV:"
      xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:supported-privilege>
    <D:privilege><D:all/></D:privilege>
    <D:abstract/>
    <D:description xml:lang="en">Any operation
    </D:description>
    <D:supported-privilege>
      <D:privilege><D:read/></D:privilege>
      <D:description xml:lang="en">Read any object
      </D:description>
      <D:supported-privilege>
        <D:privilege><D:read-acl/></D:privilege>
        <D:description xml:lang="en">Read ACL
        </D:description>
      </D:supported-privilege>
      <D:supported-privilege>
        <D:privilege><D:read-current-user-privilege-set/>
        </D:privilege>
        <D:description xml:lang="en">Read current user privilege 
        set</D:description>
      </D:supported-privilege>
      <D:supported-privilege>
        <D:privilege>
          <C:view-free-busy/>
        </D:privilege>
        <D:description xml:lang="en">View free-busy rollup
        </D:description>
      </D:supported-privilege>
    </D:supported-privilege>
    <D:supported-privilege>
      <D:privilege><D:write/></D:privilege>
      <D:description xml:lang="en">Write any object</D:description>
    ... 
  </D:supported-privilege>
</D:supported-privilege-set>

7.2. Additional Principal Properties

This section defines a new property for WebDAV principal resources as defined in RFC3744 [7].

7.2.1. CALDAV:calendar-URL Property

Name:
calendar-URL
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Identify the URL of any calendar collections owned by the associated principal resource.
Description:
 
  <!ELEMENT calendar-URL (DAV:href*) >
          

Support for this property is RECOMMENDED.


8. Calendaring Reports

This section defines the reports which a CalDAV server MUST support on calendar collections and calendar resources.

CalDAV servers MUST advertise support for those reports with the DAV:supported-report-set property defined in DeltaV [5].

Some of these reports allow calendar data (from possibly multiple resources) to be returned. Clients SHOULD request the DAV:getetag property whenever executing reports that return calendar data, to ensure that any local cache used for synchronization is kept up to date with the latest changes on the server

8.1. REPORT Method

The REPORT method (defined in Section 3.6 of RFC3253 [5]) provides an extensible mechanism for obtaining information about a resource. Unlike the PROPFIND method, which returns the value of one or more named properties, the REPORT method can involve more complex processing. REPORT is valuable in cases where the server has access to all of the information needed to perform the complex request (such as a query), and where it would require multiple requests for the client to retrieve the information needed to perform the same request.

A server that supports calendar-access MUST support the DAV:expand-property report (defined in Section 3.8 of RFC3253 [5]).

8.2. Reports on collections containing calendar collections

A WebDAV collection which contains one or more calendar collections is not a new type of resource, but it may support these new REPORT. If so, then the REPORT is expected to have the semantics of including information from all the calendar data contained in the collection, and its children, recursively. These collections may contain more than only calendar related resources. It's up to the server, if it supports this REPORT on a normal WebDAV collection, to find calendar resources and decide what to do with non-calendar resources and whether those may also appear in the collection or its children.

If these reports are supported on ordinary collections the server advertises the capability with the DAV:supported-report-set property as already described.

8.3. CALDAV:calendar-query Report

The CALDAV:calendar-query REPORT performs a search for all calendar resources (e.g., iCalendar objects) that match a specified search filter. The response of this report will contain all the WebDAV properties and calendar resource data specified in the request. In the case of the CALDAV:calendar-data XML element, one can explicitly specify the calendar components and properties that should be returned in the calendar resource data that matches the search filter.

The format of this report is modeled on the PROPFIND method. The request and response bodies of the CALDAV:calendar-query report use XML elements that are also used by PROPFIND. In particular the request can include XML elements to request WebDAV properties to be returned. When that occurs the response should follow the same behavior as PROPFIND with respect to the DAV:multistatus response elements used to return specific property results. For instance, a request to retrieve the value of a property which does not exist is an error and MUST be noted with a response XML element which contains a 404 (Not Found) status value.

Support for the calendar-query REPORT is REQUIRED.

Marshalling:

  • The request body MUST be a CALDAV:calendar-query XML element as defined in Section 10.1.
  • The response body for a successful request MUST be a DAV:multistatus XML element (i.e., the response uses the same format as the response for PROPFIND). In the case where there are no response elements, the returned multistatus XML element is empty.
  • The response body for a successful calendar-query REPORT request MUST contain a DAV:response element for each iCalendar object that matched the search filter. The declaration of the DAV:response element from Section 12.9.1 of RFC2518 [3] has been modified as follow to allow the CALDAV:calendar-data element within the DAV:response element, see Section 10.5

[rfc.comment.1: We need to define the role of the Depth request header when applied to a collection resource. We need to specify preconditions and postconditions. (e.g., DAV:number-of-matches-within-limits). --desruisseaux]

8.3.1. Example: Partial retrieval of events by time range

In this example, the client requests the server to return specific components and properties of the VEVENT components that overlap the time range from September 2nd, 2004 at 00:00:00 am UTC to September 2nd, 2004 at 11:59:59 pm UTC. In addition the DAV:getetag property is also requested and returned as part of the response.

>> Request <<

REPORT /bernard/calendar/ HTTP/1.1
Host: cal.example.com
Depth: 1
Content-Type: text/xml
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<C:calendar-query xmlns:D="DAV:"
                  xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:prop>
    <D:getetag/>
  </D:prop>
  <C:calendar-data>
    <C:comp name="VCALENDAR">
      <C:allprop/>
      <C:comp name="VEVENT">
        <C:prop name="X-ABC-GUID"/>
        <C:prop name="UID"/>
        <C:prop name="DTSTART"/>
        <C:prop name="DTEND"/>
        <C:prop name="DURATION"/>
        <C:prop name="EXDATE"/>
        <C:prop name="EXRULE"/>
        <C:prop name="RDATE"/>
        <C:prop name="RRULE"/>
        <C:prop name="LOCATION"/>
        <C:prop name="SUMMARY"/>
      </C:comp>
      <C:comp name="VTIMEZONE">
        <C:allprop/>
        <C:allcomp/>
      </C:comp>
    </C:comp> 
  </C:calendar-data>
  <C:filter>
    <C:comp-filter name="VCALENDAR">
      <C:comp-filter name="VEVENT">
        <C:time-range start="20040902T000000Z"
                      end="20040902T235959Z"/>
      </C:comp-filter>
    </C:comp-filter>
  </C:filter>
</C:calendar-query>
      

>> Response <<

HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<D:multistatus xmlns:D="DAV:"
               xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:response>
    <D:href
>http://cal.example.com/bernard/calendar/ev102.ics</D:href>
    <D:propstat>
      <D:prop>
        <D:getetag>"23ba4d-ff11fb"</D:getetag>
      </D:prop>
      <D:status>HTTP/1.1 200 OK</D:status>
    </D:propstat>
    <C:calendar-data>BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Example Corp.//CalDAV Client//EN
BEGIN:VEVENT
DTSTART:20040902T100000Z
DTEND:20040902T120000Z
SUMMARY:Design meeting
UID:34222-232@example.com
X-ABC-GUID:E1CX4zp-0005Ld-21@example.com
END:VEVENT
END:VCALENDAR
    </C:calendar-data>
  </D:response>
  <D:response>
    <D:href
>http://cal.example.com/bernard/calendar/mtg103.ics</D:href>
    <D:propstat>
      <D:prop>
        <D:getetag>"ff11fb-23ba4d"</D:getetag>
      </D:prop>
      <D:status>HTTP/1.1 200 OK</D:status>
    </D:propstat>
    <C:calendar-data>BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Example Corp.//CalDAV Client//EN
BEGIN:VEVENT
DTSTART:20040902T130000Z
DTEND:20040902T150000Z
SUMMARY:Design meeting - Part II
UID:63409-868@example.com
X-ABC-GUID:E1CX5Dr-0007ym-Hz@example.com
END:VEVENT
END:VCALENDAR
    </C:calendar-data>
  </D:response>
</D:multistatus>
      

8.3.2. Example: Retrieval of todos by alarm time range

In this example, the client requests the server to return the VTODO components that have an alarm trigger scheduled in the specified time range.

>> Request <<

REPORT /bernard/calendar/ HTTP/1.1
Host: cal.example.com
Depth: 1
Content-Type: text/xml
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<C:calendar-query xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:prop xmlns:D="DAV:">
    <D:getetag/>
  </D:prop>
  <C:calendar-data/>
  <C:filter>
    <C:comp-filter name="VCALENDAR">
      <C:comp-filter name="VTODO">
        <C:comp-filter name="VALARM">
          <C:time-range start="20041121T000000Z"
                        end="20041121T235959Z"/>
        </C:comp-filter>
      </C:comp-filter>
    </C:comp-filter>
  </C:filter>
</C:calendar-query>
      

8.3.3. Example: Retrieval of event by UID

In this example, the client requests the server to return the VEVENT component that has the UID property set to "20041121-FEEBDAED@foo.org".

>> Request <<

REPORT /bernard/calendar/ HTTP/1.1
Host: cal.example.com
Depth: 1
Content-Type: text/xml
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<C:calendar-query xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:prop xmlns:D="DAV:">
    <D:getetag/>
  </D:prop>
  <C:calendar-data/>
  <C:filter>
    <C:comp-filter name="VCALENDAR">
      <C:comp-filter name="VEVENT">
        <C:prop-filter name="UID">
          <C:text-match
             caseless="no">20041121-FEEBDAED@foo.org</C:text-match>
        </C:prop-filter>
      </C:comp-filter>
    </C:comp-filter>
  </C:filter>
</C:calendar-query>
      

8.3.4. Example: Retrieval of events by participation status

In this example, the client requests the server to return the VEVENT components that have the ATTENDEE property with the value "mailto:jsmith@example.org" and for which the PARTSTAT parameter is set to "NEEDS-ACTION".

>> Request <<

REPORT /bernard/calendar/ HTTP/1.1
Host: cal.example.com
Depth: 1
Content-Type: text/xml
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<C:calendar-query xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:prop xmlns:D="DAV:">
    <D:getetag/>
  </D:prop>
  <C:calendar-data/>
  <C:filter>
    <C:comp-filter name="VCALENDAR">
      <C:comp-filter name="VEVENT">
        <C:prop-filter name="ATTENDEE"/>
          <C:text-match
             caseless="yes">mailto:jsmith@foo.org</C:text-match>
          <C:param-filter name="PARTSTAT"/>
            <C:text-match caseless="no">NEEDS-ACTION</C:text-match>
          </C:param-filter>
        </C:prop-filter>
      </C:comp-filter>
    </C:comp-filter>
  </C:filter>
</C:calendar-query>
      

8.3.5. Example: Retrieval of events only

In this example, the client requests the server to return all VEVENT components.

>> Request <<

  REPORT /bernard/calendar/ HTTP/1.1
  Host: cal.example.com
  Depth: 1
  Content-Type: text/xml
  Content-Length: xxxx

  <?xml version="1.0" encoding="utf-8" ?>
  <C:calendar-query xmlns:C="urn:ietf:params:xml:ns:caldav">
    <D:prop xmlns:D="DAV:">
      <D:getetag/>
    </D:prop>
    <C:calendar-data/>
    <C:filter>
      <C:comp-filter name="VCALENDAR">
        <C:comp-filter name="VEVENT">
          <C:is-defined/>
        </C:comp-filter>
      </C:comp-filter>
    </C:filter>
  </C:calendar-query>
      

8.4. CALDAV:calendar-multiget Report

The CALDAV:calendar-multiget REPORT is used to retrieve specific calendar resources from within a collection, if the Request-URI is a collection, or to retrieve a specific calendar resource, if the Request-URI is a calendar resource. This report is similar to the CALDAV:calendar-query REPORT (see Section 8.3), except that it takes a list of DAV:href elements instead of a CALDAV:filter element to determine which calendar resources to return.

Support for the calendar-multiget REPORT is REQUIRED.

Marshalling:

  • The request body MUST be a CALDAV:calendar-multiget XML element (see Section 10.6, which MUST contain at least one DAV:href XML element, and one optional CALDAV:calendar-data element as defined in Section 10.2. If the Request-URI is a collection resource, then the DAV:href elements MUST refer to resources within that collection, and they MAY refer to resources at any depth within the collection. As a result the "Depth" header MUST be ignored by the server and SHOULD NOT be sent by the client. If the Request-URI refers to a non-collection resource, then there MUST be a single DAV:href element that is equal to the Request-URI.
  • The response body for a successful request MUST be a DAV:multistatus XML element. In the case where there are no response elements, the returned multistatus XML element is empty.
  • The response body for a successful CALDAV:calendar-multiget REPORT request MUST contain a DAV:response element for each calendar resource referenced by the provided set of DAV:href elements. The DAV:response element is as defined in Section 10.5.
  • In the case of an error accessing any of the provided DAV:href resources, the server MUST return the appropriate error status code in the DAV:status element of the corresponding DAV:response element.

8.4.1. Example: CALDAV:calendar-multiget Report

In this example, the client requests the server to return specific properties of the VEVENT components references by specific URIs. In addition the DAV:getetag property is also requested and returned as part of the response. Note that in this example, the resource at http://cal.example.com/bernard/calendar/mtg1.ics does not exist, resulting in an error status response.

>> Request <<

REPORT /bernard/calendar/ HTTP/1.1
Host: cal.example.com
Content-Type: text/xml
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<C:calendar-multiget xmlns:D="DAV:"
                     xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:prop>
    <D:getetag/>
  </D:prop>
  <C:calendar-data>
    <C:comp name="VCALENDAR">
      <C:allprop/>
      <C:comp name="VEVENT">
        <C:prop name="UID"/>
        <C:prop name="DTSTART"/>
        <C:prop name="DTEND"/>
        <C:prop name="DURATION"/>
        <C:prop name="EXDATE"/>
        <C:prop name="EXRULE"/>
        <C:prop name="RDATE"/>
        <C:prop name="RRULE"/>
        <C:prop name="LOCATION"/>
        <C:prop name="SUMMARY"/>
      </C:comp>
      <C:comp name="VTIMEZONE">
        <C:allprop/>
        <C:allcomp/>
      </C:comp>
    </C:comp> 
  </C:calendar-data>
  <D:href>http://cal.example.com/bernard/calendar/ev102.ics</D:href>
  <D:href>http://cal.example.com/bernard/calendar/mtg1.ics</D:href>
</C:calendar-multiget>
      

>> Response <<

HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<D:multistatus xmlns:D="DAV:"
               xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:response>
<D:href>http://cal.example.com/bernard/calendar/ev102.ics</D:href>
    <D:propstat>
      <D:prop>
        <D:getetag>"23ba4d-ff11fb"</D:getetag>
      </D:prop>
      <D:status>HTTP/1.1 200 OK</D:status>
    </D:propstat>
    <C:calendar-data>BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Example Corp.//CalDAV Client//EN
BEGIN:VEVENT
DTSTART:20040902T100000Z
DTEND:20040902T120000Z
SUMMARY:Design meeting
UID:34222-232@example.com
END:VEVENT
END:VCALENDAR
    </C:calendar-data>
  </D:response>
  <D:response>
    <D:href>http://cal.example.com/bernard/calendar/mtg1.ics</D:href>
    <D:status>HTTP/1.1 404 Resource not found</D:status>
  </D:response>
</D:multistatus>
      

8.5. CALDAV:free-busy-query Report

The CALDAV:free-busy-query REPORT generates an iCalendar VFREEBUSY component containing free busy information for all relevant components within calendar collections which have the CALDAV:view-free-busy or DAV:read privilege granted for the current authenticated user.

Only the VEVENT components, with the TRANSP property set to a value different from "TRANSPARENT", and the VFREEBUSY components will be considered to generate the free busy time information.

Support for the CALDAV:free-busy-query REPORT is REQUIRED.

Marshalling:

  • The request body MUST be a CALDAV:free-busy-query XML element (see Section 10.7, which MUST contain at least one CALDAV:time-range XML element, as defined in Section 10.4.
  • The response body for a successful request MUST be a DAV:multistatus XML element. In the case where there are no response elements, the returned multistatus XML element is empty.
  • The response body for a successful CALDAV:free-busy-query REPORT request MUST contains a DAV:response element for each calendar collection for which free-busy information has been computed. Each DAV:response element contains a single CALDAV:calendar-data XML element as defined in Section 10.2. The CALDAV:calendar-data XML element MUST contain an iCalendar object with a single VFREEBUSY component, with zero or more FREEBUSY property values that describe the busy time intervals for the calendar resources being targeted, and with other properties set according to the rules of iCalendar. This report only returns busy time information. Applications desiring free time information MUST infer this from available busy time information.

When the Request-URI for a CALDAV:free-busy-query REPORT is a calendar collection, the free-busy data is implicitly determined from the "text/calendar" VEVENT resources within the calendar collection, irrespective of the value of any Depth header included in the REPORT request. Only calendar resources containing VEVENT or VFREEBUSY components that have the CALDAV:view-free-busy privilege granted to the current authenticated user will be computed in the response.

When the Request-URI for a CALDAV:free-busy-query REPORT is a non-calendar collection, the scope of the report is governed by the value of the Depth header in the request as follows:

  • 'Depth: 0' - an empty VFREEBUSY component will be returned as there is no valid calendar data to be scanned on the collection.
  • 'Depth: 1' - free-busy data for any calendar collections immediately within the target collection is returned.
  • 'Depth: infinity' - free-busy data for all calendar collections within any sub-collections of the target collection is returned.

8.5.1. Example: CALDAV:free-busy-query Report

In this example, the client requests the server to return free-busy information on the calendar collection /bernard/calendar/, between 9:00 AM and 5:00 PM on 2nd September 2004. The server responds indicating three busy time intervals of one hour, two hours and 30 minutes during the course of the time interval being examined.

>> Request <<

REPORT /bernard/calendar/ HTTP/1.1
Host: cal.example.com
Depth: 1
Content-Type: text/xml
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<C:free-busy-query xmlns:C="urn:ietf:params:xml:ns:caldav">
  <C:time-range start="20040902T090000Z"
                  end="20040902T170000Z"/>
</C:free-busy-query>
      

>> Response <<

HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx

<?xml version="1.0" encoding="utf-8" ?>
<D:multistatus xmlns:D="DAV:"
               xmlns:C="urn:ietf:params:xml:ns:caldav">
  <D:response>
    <D:href>http://cal.example.com/bernard/calendar/</D:href>
    <D:status>HTTP/1.1 200 OK</D:status>
    <C:calendar-data>BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Example Corp.//CalDAV Client//EN
BEGIN:VFREEBUSY
DTSTAMP:20050125T090000Z
DTSTART:20040902T090000Z
DTEND:20040902T170000Z
FREEBUSY:20040902T090000Z/PT1H,
 20040902T120000Z/PT2H,
 20040902T160000Z/PT30M
END:VFREEBUSY 
END:VCALENDAR
</C:calendar-data>
  </D:response>
</D:multistatus>
      

9. Guidelines

9.1. Client-to-client Interoperability

There are a number of actions clients can take which will be legal (the server will not return errors) but which can degrade interoperability with other client implementations accessing the same data. For example, a recurrence rule could be replaced with a set of recurrence dates, a single recurring event could be replaced with a set of independent resources to represent each recurrence, or the start/end time values can be translated from the original timezone to another timezone. Although these are iCalendar interoperability best practices and not limited only to CalDAV usage, interoperability problems are likely to be more evident in CalDAV use cases.

9.2. Sychronization Operations

WebDAV already provides functionality required to synchronize a collection or set of collections, make changes offline, and a simple way to resolve conflicts when reconnected. Strong ETags are the key to making this work, but these are not required of all WebDAV servers. Since offline functionality is more important to Calendar applications than to other WebDAV applications, CalDAV servers MUST support strong ETags.

9.2.1. Use of Reports

9.2.1.1. Restrict the Time Range

The reports provided in CalDAV can be used by clients to optimize their performance in terms of network bandwidth usage, and resource consumption on the local client machine. Both of those issues are certainly major considerations for mobile or handheld devices with limited capacity, but they are also relevant to desktop client applications in cases where the calendar collections contain large amounts of data.

Typically clients present calendar data to users in views that span a finite time interval, so whenever possible clients should only retrieve calendar items from the server using CALDAV:calendar-query report combined with a time-range element to limit the scope of returned items to just those needed to populate the current view.

9.2.1.2. Synchronize by Time Range

Typically in a calendar, historical data (events, to-dos etc that have completed prior to the current date) do not change, though they may be deleted. As a result, a client can speed up the synchronization process by only considering data for the present time and the future up to a reasonable limit (e.g., one week, one month). If the user then tries to examine a portion of the calendar outside of the range that has been synchronized, the client can perform another synchronization operation on the new time interval being examined. This 'just-in-time' synchronization can minimize bandwidth for common user interaction behaviors.

9.2.1.3. Synchronization Process

If a client wants to support calendar data synchronization, as opposed to downloading calendar data each time it is needed, it needs to cache the component resources URI and ETag along with the actual calendar data. Whilst the URI remains static for the lifetime of the component, the ETag will change with each successive change to the component data. Thus to synchronize a local data cache with the server, the client can first fetch the URI/ETag pairs for the time interval being considered, and compare those results with the cached data. Any cached component whose ETag differs from that on the server needs to be synchronized.

In order to properly detect the changes between the server and client data, the client will need to keep a record of which items have been created, changed or deleted since the last synchronization operation so that it can reconcile those changes with the data on the server.

An example of how to do that would be the following:

  • The client issues a CALDAV:calendar-query REPORT request for a specific time range, and asks for only the DAV:getetag property to be returned:
      
    REPORT /bernard/calendar/ HTTP/1.1
    Host: cal.example.com
    Depth: 1
    Content-Type: text/xml
    Content-Length: xxxx
    
    <?xml version="1.0" encoding="utf-8" ?>
    <C:calendar-query xmlns:D="DAV:"
                      xmlns:C="urn:ietf:params:xml:ns:caldav">
     <D:prop>
       <D:getetag/>
     </D:prop>
     <C:filter>
       <C:comp-filter name="VCALENDAR">
         <C:comp-filter name="VEVENT">
           <C:time-range start="20040902T000000Z"
                         end="20040902T235959Z"/>
         </C:comp-filter>
       </C:comp-filter>
     </C:filter>
    </C:calendar-query>
    
  • The client then uses the results to determine which components have changed, been created or deleted on the server and how those relate to locally cached components that may have changed, been created or deleted. If the client determines that there are items on the server that need to be fetched, the client issues a CALDAV:calendar-multiget report to fetch the actual data:
      
    REPORT /bernard/calendar/ HTTP/1.1
    Host: cal.example.com
    Depth: 1
    Content-Type: text/xml
    Content-Length: xxxx
    
    <?xml version="1.0" encoding="utf-8" ?>
    <C:calendar-multiget xmlns:D="DAV:"
                         xmlns:C="urn:ietf:params:xml:ns:caldav">
     <D:prop>
       <D:getetag/>
     </D:prop>
     <C:calendar-data>
       <C:comp name="VCALENDAR">
       <C:allprop/>
       <C:comp name="VEVENT">
         <C:prop name="UID"/>
         <C:prop name="DTSTART"/>
         <C:prop name="DTEND"/>
         <C:prop name="DURATION"/>
         <C:prop name="EXDATE"/>
         <C:prop name="EXRULE"/>
         <C:prop name="RDATE"/>
         <C:prop name="RRULE"/>
         <C:prop name="LOCATION"/>
         <C:prop name="SUMMARY"/>
       </C:comp>
       <C:comp name="VTIMEZONE">
         <C:allprop/>
         <C:allcomp/>
       </C:comp>
       </C:comp>
     </C:calendar-data>
     <D:href>http://cal.example.com/bernard/calendar/evt1.ics</D:href>
     <D:href>http://cal.example.com/bernard/calendar/mtg1.ics</D:href>
    </C:calendar-multiget>
          

9.2.2. Restrict the Properties Returned

Clients may not need all the properties in a calendar component when presenting information to the user. Since some property data can be large (e.g., 'ATTACH' or 'ATTENDEE' lists) clients can choose to ignore those by only requesting the specific items it knows it will use, through use of the CALDAV:calendar-data XML element in the relevant reports.

However, if a client needs to make a change to a component, it can only change the entire component data via a PUT request. There is no way to incrementally make a change to a set of properties within a calendar component resource. As a result the client will have to cache the entire set of properties on a resource that is being changed.

9.3. Use of Locking

WebDAV locks can be used to prevent two clients modifying the same resource from either overwriting each others' changes (though that problem can also be solved by using ETags) and also to prevent the user from making changes that will conflict with another set of changes. In a multi-user calendar system, the calendar client could lock an event while the user is editing the event, and unlock the event when the user finishes or cancels. Locks can also be used to prevent changes while data is being reorganized. For example, a calendar client might lock two calendar collections prior to moving a bunch of calendar resources from one to another.

Clients may request a lock timeout period that is appropriate to the use case. When the user explicitly decides to reserve a resource and prevent other changes, a long timeout might be appropriate, but in cases when the client automatically decides to lock the resource the timeout should be short (and the client can always refresh the lock should it need to). A short lock timeout means that if the client is unable to remove the lock, the other calendar users aren't prevented from making changes.

9.4. Finding calendars

Much of the time a calendar client (or agent) will discover a new calendar's location by being provided directly with the URL. E.g. a user will type his or her own calendar location into client configuration information, or cut and paste a URL from email into the calendar application. The client need only confirm that the URL points to a resource which is a calendar. The client may also be able to browse WebDAV collections to find calendar collections.

The choice of HTTP URLs means that calendar resources are backward compatible with existing software, but does have the disadvantage that existing software does not usually know to look at the OPTIONS response to that URL to determine what can be done with it. This is somewhat of a barrier for WebDAV usage as well as with CalDAV usage. This specification does not offer a way through this other than making the information available in the OPTIONS response should this be requested.

For calendar sharing and scheduling use cases, one might wish to find the calendar belonging to another user. If the other user has a calendar in the same repository, that calendar can be found by using the principal namespace required by WebDAV ACL support. For other cases, the authors have no universal solution but implementors can consider whether to use vCard [11] or LDAP [10] standards together with calendar attributes [12].


10. XML Element Definitions

10.1. CALDAV:calendar-query XML Element

Name:
calendar-query
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Defines a report for querying calendar data
Description
See Section 8.3.
<!ELEMENT calendar-query (DAV:allprop | DAV:propname | DAV:prop)?
                         calendar-data? filter>
    

10.2. CALDAV:calendar-data XML Element

Name:
calendar-data
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Used to define which parts of a calendar component object should be returned by the report that uses this element.
Description:
When used in a request, the CALDAV:calendar-data element specifies the iCalendar components and properties to be returned in the iCalendar objects part of the response. If this element doesn't contain any CALDAV:comp element, iCalendar objects will be returned with all their components and properties.
Value:
When used inside a response, the CALDAV:calendar-data element contains an iCalendar object that matched the search filter specified in the request.
<!ELEMENT calendar-data ((comp?, expand-recurrence-set?) |
              #PCDATA)?>

<!ATTLIST calendar-data return-content-type CDATA
                "text/calendar">
    

10.2.1. CALDAV:comp XML Element

Name:
comp
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Defines which component types to return
Description:
The name value is an iCalendar component name (e.g., "VEVENT")

NOTE: The CALDAV:prop and CALDAV:allprop elements used here have the same name as elements defined in WebDAV. However, the elements used here have the "urn:ietf:params:xml:ns:caldav" namespace, as opposed to the "DAV:" namespace used for elements defined in WebDAV.

<!ELEMENT comp ((allcomp, (allprop | prop*)) |
                 (comp*, (allprop | prop*)))>

<!ATTLIST comp name CDATA #REQUIRED>
    

10.2.2. CALDAV:allcomp XML Element

Name:
allcomp
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Specifies that all components shall be returned
Description:
This element can be used when the client wants all types of components returned by a report.
<!ELEMENT allcomp EMPTY>
    

10.2.3. CALDAV:allprop XML Element

Name:
allprop
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Specifies that all properties shall be returned.
Description:
This element can be used when the client wants all properties of components returned by a report.

NOTE: The 'allprop' element defined here has the same name as the 'allprop' element defined in WebDAV. However, the 'allprop' element defined here uses the "urn:ietf:params:xml:ns:caldav" namespace, as opposed to the "DAV:" namespace used for the 'allprop' element defined in WebDAV.

<!ELEMENT allprop EMPTY>
    

10.2.4. CALDAV:prop XML Element

Name:
prop
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Defines which properties to return in the response.
Description:
The "name" attribute specifies the name of the iCalendar property to return (e.g., "ATTENDEE"). The "novalue" attribute can be used by clients to request that the actual value of the property not be returned (if the "novalue" attribute is set to "yes"). In that case the server will return just the iCalendar property name and any iCalendar parameters and a trailing ":" without the subsequent value data.

NOTE: The 'prop' element defined here has the same name as the 'prop' element defined in WebDAV. However, the 'prop' element defined here uses the "urn:ietf:params:xml:ns:caldav" namespace, as opposed to the "DAV:" namespace used for the 'prop' element defined in WebDAV.

<!ELEMENT prop EMPTY>
    
<!ATTLIST prop name CDATA #REQUIRED
               novalue (yes|no) "no">
    

10.2.5. CALDAV:expand-recurrence-set XML Element

Name:
expand-recurrence-set
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Forces the server to expand recurring components into separate instances.
Description:
The expand-recurrence-set element specifies that recurring components shall be returned as multiple components with no recurrence properties (i.e., EXDATE, EXRULE, RDATE and RRULE). The required "start" and "end" attributes contain iCalendar format DATE-TIME (always specified in UTC) or DATE values that define the time interval over which the recurrence expansion should take place. The start value is inclusive and the end value is exclusive of the interval as per iCalendar DTSTART and DTEND properties. The server MUST return only those expanded components whose time interval intersects the interval specified by the start and end attributes.
<!ELEMENT expand-recurrence-set EMPTY>
<!ATTLIST expand-recurrence-set start CDATA #REQUIRED
                                end CDATA #REQUIRED>
    

10.3. CALDAV:filter XML Element

Name:
filter
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Determines which matching components are returned.
Description:
The "filter" element specifies the search filter used to match components that should be returned by a report.
<!ELEMENT filter comp-filter>
    

10.3.1. CALDAV:comp-filter XML Element

Name:
comp-filter
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Limits the search to only the chosen component types.
Description:
The "name" attribute is an iCalendar component type (e.g., "VEVENT"). When this element is present, the server should only return a component if it matches the filter, which is to say:
("no is-defined element" OR "is-defined matches") AND
("no time-range element" OR "time-range matches") AND
("no sub-component filter" OR "all sub-component filters match") AND
("no property filter elements" OR "all property filters match")
      
<!ELEMENT comp-filter (is-defined | time-range)?
                      comp-filter* prop-filter*>

<!ATTLIST comp-filter name CDATA #REQUIRED>
    

10.3.2. CALDAV:prop-filter XML Element

Name:
prop-filter
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Limits the search to specific properties.
Description:
The "name" attribute MUST contain an iCalendar property name (e.g., "ATTENDEE"). When the 'prop-filter' executes, a property matches if:
("no is-defined element" OR "is-defined matches") AND
("no time-range element" OR "time-range matches") AND
("no text match element" OR "text-match matches") AND
("no parameter filter elements" OR "all parameter filters match")
      
<!ELEMENT prop-filter (is-defined | time-range | text-match)?
                        param-filter*>
   
<!ATTLIST prop-filter name CDATA #REQUIRED>
    

10.3.3. CALDAV:param-filter XML Element

Name:
param-filter
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Limits the search to specific parameters.
Description:
The "param-filter" element limits the search result to the set of resources containing properties with parameters that meet the parameter filter rules. When this filter executes, a parameter matches if:
("is-defined matches" OR "text-match matches")
      
<!ELEMENT param-filter (is-defined | text-match) >
   
<!ATTLIST param-filter name CDATA #REQUIRED>
    

10.3.4. CALDAV:is-defined XML Element

Name:
is-defined
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Causes a search to match a resource if a component type, property or parameter name exists.
Description:
The CALDAV:is-defined XML element limits the filter to resources where the named component, property or parameter is defined.
<!ELEMENT is-defined EMPTY>
    

10.3.5. CALDAV:text-match XML Element

Name:
text-match
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Specifies a substring match on a property or parameter value.
Description:
The specified text is used for a substring match against the property or parameter value specified in a report. The "caseless" attribute indicates whether the match is case-sensitive (value set to "no") or case-insensitive (value set to "yes"). The default value is server-specified. Caseless matching SHOULD be implemented as defined in section 5.18 of the Unicode Standard ([9]). Support for the "caseless" attribute is optional. A server should respond with a status of 422 if it is used but cannot be supported.
<!ELEMENT text-match #PCDATA>

<!ATTLIST text-match caseless (yes|no)>    
    

10.4. CALDAV:time-range XML Element

Name:
time-range
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
Specifies a time interval for testing components against.
Description:
The CALDAV:time-range element allows for a single time range to be defined, in order to limit all the results of the search to the set of resources that contain a component which falls into that time range. The value of the "start" and "end" attributes MUST follow the syntax of the DATE or DATE-TIME iCalendar value type, with any time specified in UTC.
A VEVENT component falls in a given time-range if:
(DTSTART <= start AND DTEND > start) OR
(DTSTART <= start AND DTSTART+DURATION > start) OR
(DTSTART >= start AND DTSTART < end) OR
(DTEND   > start AND DTEND <= end)
      
A VTODO component falls in a given time-range if:
(DTSTART <= start AND DUE >= start) OR
(DTSTART <= start AND DTSTART+DURATION > start) OR
(DTSTART >= start AND DTSTART < end) OR
(DUE     >= start AND DUE < end)
      
A VJOURNAL component falls in a given time-range if:
DTSTART >= start AND DTSTART < end
      
A VALARM component falls in a given time-range if:
trigger-time >= start AND trigger-time < end
      
Any property of value type DATE-TIME or DATE (e.g., DTSTAMP) will match a given time-range if:
value >= start AND value < end
      
<!ELEMENT time-range EMPTY>
    
<!ATTLIST time-range start CDATA
                     end CDATA>  
    

10.5. DAV:response XML Element

Name:
response
Namespace:
DAV:
Purpose:
Response that includes calendar data.
Description:
Modifies the standard WebDAV response element to include calendar data in the response if required by the report type.
<!ELEMENT DAV:response (DAV:href,
                        ((DAV:href*, DAV:status)|(DAV:propstat+)),
                        calendar-data?,
                        DAV:responsedescription?) >
    

10.6. CALDAV:calendar-multiget XML Element

Name:
calendar-multiget
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
CalDAV report used to retrieve specific calendar component items via their URIs.
Description:
See Section 8.4.
<!ELEMENT calendar-multiget (DAV:allprop | DAV:propname | DAV:prop)?
                        calendar-data? DAV:href+>
    

10.7. CALDAV:free-busy-query XML Element

Name:
free-busy-query
Namespace:
urn:ietf:params:xml:ns:caldav
Purpose:
CalDAV report used to generate a VFREEBUSY to determine busy time over a specific set of time ranges.
Description:
See Section 8.5.
<!ELEMENT free-busy-query time-range+ >
    

11. Internationalization Considerations


12. Security Considerations

12.1. Authentication of Clients

CalDAV relies on HTTP authentication to authenticate users to the server. As a result the security considerations for use of HTTP authentication also apply to CalDAV. In particular, the HTTP Basic authentication method MUST NOT be used without adequate transport layer security.

12.2. Denial of Service

Servers MUST take adequate precautions to ensure malicious clients cannot consume excessive server resources (CPU, memory, disk, etc.) through carefully crafted reports. For example, a client could upload an event with a recurrence rule that specifies a recurring event occurring every second for the next 100 years which would result in approximately 3 x 10^9 instances! A report that asks for recurrences to be expanded over that range would likely constitute a denial-of-service attack on the server.

[rfc.comment.2: We should make an explicit reference to the security considerations mentionned in iCalendar, iTIP and iMIP. We should also specify if there is any semantic defined in CalDAV for the iCalendar property CLASS (access classification). --desruisseaux]


13. IANA Consideration

In addition to the namespaces defined by RFC2518 [3] for XML elements, this document uses a URN to describe a new XML namespace conforming to a registry mechanism described in RFC3688 [6]. All other IANA considerations mentioned in RFC2518 [3] also apply to this document.

13.1. Namespace Registration

Registration request for the CalDAV namespace:

URI: urn:ietf:params:xml:ns:caldav

Registrant Contact: See the "Author's Address" section of this document.

XML: None. Namespace URIs do not represent an XML specification.


14. Acknowledgements

The authors would like to thank the following individuals for contributing their ideas and support for writing this specification: Michael Arick, Mario Bonin, Scott Carr, Mike Douglass, Helge Hess, Dan Mosedale, Julian F. Reschke, Mike Shaver, Simon Vaillancourt, and Jim Whitehead.

The authors would also like to thank the Calendaring and Scheduling Consortium for advice with this specification, and for organizing interoperability testing events to help refine it.


15. References

15.2. Informative References

[10]
Wahl, M., Howes, T., and S. Kille, “Lightweight Directory Access Protocol (v3)”, RFC 2251, December 1997.
[11]
Dawson, F. and T. Howes, “vCard MIME Directory Profile”, RFC 2426, September 1998.
[12]
Small, T., Hennessy, D., and F. Dawson, “Calendar Attributes for vCard and LDAP”, RFC 2739, January 2000.

Appendix A. CalDAV Method Privilege Table (Normative)

The following table extend the WebDAV Method Privilege Table specified in Appendix B of WebDAV ACL [7].

METHODPRIVILEGES
MKCALENDARDAV:bind
REPORTDAV:read or CALDAV:view-free-busy (on all referenced resources)

Appendix B. Changes

B.1. Changes in -06

  1. Reworded section "Recurrence and the Data Model".
  2. Removed timezone collection feature.
  3. Removed ability for a server to return the Location header on a successful PUT request.
  4. Clarified restrictions on calendar resources contained in calendar collections.
  5. Added preconditions on PUT in calendar collections.
  6. Added informative "Guidelines" section, with information on locking and how to find calendar collections.
  7. Moved "Sychronization Operations" section in the "Guidelines" section.

B.2. Changes in -05

  1. Removed a lot of non-normative text.
  2. Removed property promotion/demotion requirements.
  3. Removed calendar-owner and cal-scale properties.
  4. Removed 'ical' prefix/text from element names.
  5. Relaxed WebDAV Class 2 (locking) requirement to a MAY.
  6. Relaxed MKCALENDAR requirement to a SHOULD.
  7. Moved the XML Namespace section in the Introduction.
  8. Added CALDAV: prefix to CalDAV XML elements in the text.
  9. Added CALDAV:calendar-multiget report.
  10. Added CALDAV:free-busy-query report.
  11. Added CALDAV:calendar-description property.
  12. Changed CALDAV:calendar-query-result element name to CALDAV:calendar-data
  13. Added description and examples of handling timezones.
  14. Added mandatory "start" and "end" attributes to the CALDAV:expand-recurrence-set element.
  15. Added three CalDAV OPTIONS requests.
  16. Grouped XML Element declarations in a separate section.

B.3. Changes in -04

  1. Added a note about the HTTP Location response header.
  2. Added report calendar-query.
  3. Removed reports calendar-property-search and calendar-time-range.
  4. Removed section on CalDAV and timezones.
  5. Added requirement to return ETag on creation.
  6. Revised data model to remove sub-collections from calendar collection.
  7. Added informative references section.
  8. Removed dependencies on DASL.

B.4. Changes in -03

  1. Removed Calendar Containers (simplification that doesn't seem to remove much functionality)
  2. Added MKCALENDAR to create calendars and all sub-collections
  3. Added cal-scale property to calendars

B.5. Changes in -02

Basically still adding major sections of content:

  1. Defined new field values to the OPTIONS "DAV:" response header
  2. Added new resource properties
  3. Added new principal properties
  4. Added new SCHEDULE method and related headers
  5. Added new privileges for scheduling

B.6. Changes in -01

  1. Added section on privileges for calendaring, extending WebDAV ACL privilege set
  2. Defined what to do with unrecognized properties in the bodies of iCalendar events, with respect to property promotion/demotion

Authors' Addresses

Cyrus Daboo
ISAMET Inc.
5001 Baum Blvd.
Suite 650
Pittsburgh, PA 15213
US
EMail: daboo@isamet.com
URI: http://www.isamet.com/
Bernard Desruisseaux
Oracle Corporation
600 Blvd. de Maisonneuve West
10th Floor
Montreal, QC H3A 3J2
CA
EMail: bernard.desruisseaux@oracle.com
URI: http://www.oracle.com/
Lisa Dusseault
Open Source Application Foundation
2064 Edgewood Dr.
Palo Alto, CA 94303
US
EMail: lisa@osafoundation.org
URI: http://www.osafoundation.org/

Full Copyright Statement

Copyright © The Internet Society (2005).

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

This document and the information contained herein are provided on an “AS IS” basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.