Time Zone Data Distribution Service

Abstract: This document defines a time zone data distribution service that allows reliable, secure, and fast delivery of time zone data and leap-second rules to client systems such as calendaring and scheduling applications or operating systems.

“…A new time zone data distribution service protocol [RFC7808] is available that allows iCalendar applications to retrieve these standard time zone definitions in a timely and accurate fashion, instead of relying on possibly infrequent system updates of time zone data that frequently result in mismatched calendar data and thus missed meetings between calendar users. Another benefit of the time zone data distribution service is that it provides a single "reference" for standard time zone data that CalDAV clients and servers can make use of to "agree" on standard time zone definitions, and thus eliminate the need to exchange the data for those.…”

“…[RFC7808] that provide data for the set of time zones known to the server and expected to be used by clients. A CalDAV server advertises the set of time zone distribution services it makes use of via a CALDAV:timezone-serviceset WebDAV property (see Section 5.1) defined on calendar home collections.…”

“…When making use of the time zone data distribution services advertised by a CalDAV server, clients MUST follow all the requirements of the time zone data distribution service protocol [RFC7808], taking care to refresh time zone data in a timely fashion.…”

“…CalDAV-Timezones = "T" / "F" Besides the above point, this specification does not introduce any new security concerns beyond those addressed in CalDAV [RFC4791], iCalendar [RFC5545], and the time zone data distribution service [RFC7808].…”

“…The privacy recommendations in Section 9 of the time zone data distribution service specification [RFC7808] SHOULD be used to ensure that details of clients' interactions with CalDAV servers are not exposed to potential network observers. Note that since events can be delivered to a calendar user from an outside source (e.g., using iTIP [RFC5546]), and an attacker could create a calendar event with, e.g., a time zone identifier that is fake or rarely used and that could be used to monitor the calendar user's activity and interaction with others, this specification increases the importance of using the mitigations of privacy issues discussed in [RFC7808].…”

Calendaring Extensions to WebDAV (CalDAV): Time Zones by Reference

“…A new time zone data distribution service protocol [RFC7808] is available that allows iCalendar applications to retrieve these standard time zone definitions in a timely and accurate fashion, instead of relying on possibly infrequent system updates of time zone data that frequently result in mismatched calendar data and thus missed meetings between calendar users. Another benefit of the time zone data distribution service is that it provides a single "reference" for standard time zone data that CalDAV clients and servers can make use of to "agree" on standard time zone definitions, and thus eliminate the need to exchange the data for those.…”

“…[RFC7808] that provide data for the set of time zones known to the server and expected to be used by clients. A CalDAV server advertises the set of time zone distribution services it makes use of via a CALDAV:timezone-serviceset WebDAV property (see Section 5.1) defined on calendar home collections.…”

“…When making use of the time zone data distribution services advertised by a CalDAV server, clients MUST follow all the requirements of the time zone data distribution service protocol [RFC7808], taking care to refresh time zone data in a timely fashion.…”

“…CalDAV-Timezones = "T" / "F" Besides the above point, this specification does not introduce any new security concerns beyond those addressed in CalDAV [RFC4791], iCalendar [RFC5545], and the time zone data distribution service [RFC7808].…”

“…The privacy recommendations in Section 9 of the time zone data distribution service specification [RFC7808] SHOULD be used to ensure that details of clients' interactions with CalDAV servers are not exposed to potential network observers. Note that since events can be delivered to a calendar user from an outside source (e.g., using iTIP [RFC5546]), and an attacker could create a calendar event with, e.g., a time zone identifier that is fake or rarely used and that could be used to monitor the calendar user's activity and interaction with others, this specification increases the importance of using the mitigations of privacy issues discussed in [RFC7808].…”

Calendaring Extensions to WebDAV (CalDAV): Time Zones by Reference

What time is it