Structured Email: Use cases

Introduction This document is currently structured in the following sections:

Existing use cases, which are already in use by vendors.
Sharing use cases, which relate to sharing functions of other communication tools such as social networks and instant messaging tools.
Transactional use cases, which address (semi-)formal interactions carried out via email messages.
Email-specific use cases that are specfic to the email domain as such.

Each use case includes a small informal note about privacy and trust levels. A final section points to related use cases which are addressed by particular RFCs.

Conventions Used in This Document The terms "message" and "email message" refer to "electronic mail messages" or "emails" as specified in . The term "Message User Agent" (MUA) denotes an email client application as per . The terms "machine-readable data" and "structured data" are used in contrast to "human-readable" messages and denote information expressed "in a structured format (..) which can be consumed by another program using consistent processing logic" . The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Existing use cases The following use cases are currently supported by one or more of the email providers which support in email (see also ).

Orders and invoices Related to the general topic of online shopping, the types Order, Invoice, and ParcelDelivery can be used throughout the purchasing lifecycle. Indicators:

Privacy level: high (orders and invoices may expose senstivite data; even the mere sender/shop may be sensitive in some cases)
Trust level: high (fake orders or invoices may pose serious threats)

Promotions Some vendors support arrays of structured data which are aggregated to show promotional offers to end users. These arrays contain a set of products (images), a discount or coupon code and vendor information. Indicators:

Privacy level: medium (promotions may be personalized based on user's interest or past transactions)
Trust level: low (just normal SPAM)

Reservations Various types of reservations can be processed by some email providers and tools. These include types for transport (Bus-, CarRental-, Flight-, and TrainReservation), HotelReservation, RestaurantReservation and a generic EventReservation type. Indicators:

Privacy level: high (exposes potential whereabouts of the user)
Trust level: high (fake reservations may pose serious threats)

Sharing use cases

Geolocation Location sharing is common action supported by many instant messaging tools. The current best practice to share locations in email messages would probably be to share URLs/deep links to online map services. Indicators:

Privacy level: high (exposes whereabouts of the user)
Trust level: low (no strong case for abuse?)

Media Media and content such as news articles, books, cooking recipes, films, or music albums are commonly shared by users. Many websites contain corresponding "share buttons". The particular "share by email" feature either launches an email send form or a MUA using a "mailto:" () URL. In both cases, email messages will typically contain a plain website URL pointing to the shared media item. The recipient needs to switch from her MUA to the web browser and find out manually, what kind of content has been shared. Indicators:

Privacy level: low-medium (may expose interest in senstive topics as assume by the person sending sharing the content)
Trust level: low (no strong case for abuse?)

Newsletters Newsletters can be considered as a special conduit for sharing information between a newsletter editor and a larger audience. They often feature media and content or products. Structured data might ease the further sharing or processing of individual pieces of information. Indicators:

Privacy level: low (as long as a newsletter is not personalized, the mere content does not convey more than the newsletter sending address; private unsubscribe links might be a side aspect)
Trust level: low (no strong case for abuse?)

Products and services Similar to media and content, users may share or recommend certain products and services, which may result in a later purchase or reservation (see first section). Indicators:

Privacy level: low-medium (may expose interest in senstive topics as assume by the person sending sharing the content)
Trust level: low (no strong case for abuse?)

Public events While (corporate) meeting scheduling is a common use case based on email (see Message Scheduling below), public events are not supported similarly well. There are efforts to extend the current event data model for this use case (), which allow to embed into calendar data. Structured email might complement and improve this use case. Indicators:

Privacy level: low-medium (may expose interest in senstive topics as assume by the person sending sharing the content)
Trust level: low (no strong case for abuse?)

Transactional use cases

Formal interaction Email messages are often used for formal requests sent to government organizations or business. Users may intiate such requests by composing a free-form email message in their MUA or use a so-called "contact form" on a website, which in many cases will generate an email based on the form's content. Such contact forms are however a major source of email abuse, since the recipient will technically send an email to itself, based on whatever data was entered into the form. Structured email could provide means which make such formal contact more efficient and trustworthy. Indicators:

Privacy level: high (may depend on use case, though)
Trust level: high (due to interaction)

Mail-in-APIs Various tools such as ticket systems or mailinglist management software allow for controled vocabulary (such as "UNSUBSCRIBE") in reply messages to trigger certain functionality. Structured email could help to formalize and improve such use cases, so that they allow for easier interaction. Indicators:

Privacy level: low (may depend on use case, though)
Trust level: high (due to interaction)

Multi-factor authentication Email is often used as an additional "factor" in multi-factor authentication. Services will send a message to the pre-registered address which users will need to confirm in order to complete a log-in process or similar transactions. Such messages will typically contain a code and/or a link (URL) to a website. Indicators:

Privacy level: high (security-related; howerver, typically short-lived)
Trust level: high (inherently security-related)

Sign-up messages Email is a major form of digital communication with third parties and services they offer. The beginning of such interaction is often some form of "sign-up" or "welcome" message. Structured data could allow MUAs and downstream tools to help users keep track and manage services they have subscribed to. Indicators:

Privacy level: high (may expose senstivite data; even the mere sender may be sensitive in some cases)
Trust level: high (starting point of trust relationship)

Status notifications Various software systems use email message to notify users about certain updates and status changes. In many cases, users may want to respond with a comment, confirmation, or similar actions. These kind of actions currently involve URLs, which often results in a web browser launched out of the MUA. Structured email could help provide a more seamless and direct user interaction in those cases. Indicators:

Privacy level: high (depends on particular use case)
Trust level: high (may be abused for phishing attempts)

Email-specific use cases This section presents a number of use cases which are specfic to the email domain as such and/or relate to core features of MUAs.

MUA configuration Mobile devices can allow special messages for over-the-air (OTA) configuration updates. In a similar fashion, structured email could be used for (re-)configuring MUA settings. Indicators:

Privacy level: low (rather technical information)
Trust level: high

Reactions Social networks and instant messaging tools allow for various forms of low-level instant reactions, such as "liking", "thumbs up", "heart", or "smiley". A simple variant for usage in email messages has been proposed in . Some vendors have also implemented similar solutions, which are however mainly designed for usage within the vendor's own platform (, ). Indicators:

Privacy level: low (reaction by itself does not carry much information)
Trust level: low

Structured email signature Email signatures are a commonly used feature of MUAs which allow users to append contact details or information about upcoming events to email messages. They may also be a legal obligation in some settings. There are no standards for such signatures beyond the separator "-- " used in text/plain body parts, which stems from Usenet practice . With a similar intention, some MUAs allow to append vCard () files to outgoing messages. Indicators:

Privacy level: low (considering there is a human-language signature anyway)
Trust level: low (peripheral content only)

Structured vacation notice So called "vacation notices" or "out-of-office replies" are automated messages which are sent in response to incoming messages if a recipient is absent or otherwise unable to respond. Those messages typically include instructions for the sender (when to retry or whom to contact instead). MUAs can currently hardly assist in dealing with such messages, as they are mainly based on human-language. Indicators:

Privacy level: medium (many users chose to widely autoreply vacation notices)
Trust level: medium (some imaginable attack vector)

Use cases specified by RFCs Specific structured formats for email messages have been employed for a number of specific use cases in the past. Semantics and interactions of these messages have been captured in individual RFCS

Message scheduling Message scheduling is probably the most widely use form of interaction with email messages, which is not mainly based on writing text. Due to the iCalendar Message-Based Interoperability Protocol (iMIP; [RFC6047), certain well-defined messages can be sent between calendaring software in order to deal with meeting invitations. While mainly focused on private/business meetings, the use case of public events is less well supported in these workflows (see also discussion above).

Modeling guidance This (work in progress) section collects general modeling guidance for discussing and drafting new use cases.

Reusing concepts Concepts from existing vocabularies such as [SchemaOrg] should be reused whenever possible. If smaller extension or improvements are required, editors might want to discuss improvements with respective vocabulary maintainers.

Describing data, not action Modeling should focus on describing data itself and not prescribe its use unless this is an inherent part of the modeling (such as in the case of a potentialAction property. E.g., codes for multi-factor authentication might be rather shared as a ConfirmationCodeconcept, than `CopyToClipBoard.

Considering privacy and trust Modeling should consider privacy and trust implications of sharing underlying data. Such information could guide senders and receivers in taking appropriate action to ensure responsible data processing.

Security considerations Some security considerations are discussed inline.

Privacy considerations Some privacy considerations are discussed inline.

IANA Considerations This document has no IANA actions at this time.