Network Working Group J. Miller
Internet-Draft P. Saint-Andre
Expires: July 24, 2003 Jabber Software Foundation
January 23, 2003
XMPP Instant Messaging
draft-ietf-xmpp-im-01
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at http://
www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on July 24, 2003.
Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract
This document describes the specific extensions to and applications
of the eXtensible Messaging and Presence Protocol (XMPP) that are
necessary to create a basic instant messaging and presence
application.
Miller & Saint-Andre Expires July 24, 2003 [Page 1]
Internet-Draft XMPP Instant Messaging January 2003
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Requirements . . . . . . . . . . . . . . . . . . . . . . . . 4
1.4 Conventions Used in this Document . . . . . . . . . . . . . 4
1.5 Discussion Venue . . . . . . . . . . . . . . . . . . . . . . 5
1.6 Intellectual Property Notice . . . . . . . . . . . . . . . . 5
2. Authentication . . . . . . . . . . . . . . . . . . . . . . . 6
3. Authorizing a Resource . . . . . . . . . . . . . . . . . . . 7
4. Exchanging Messages . . . . . . . . . . . . . . . . . . . . 9
4.1 Specifying an Intended Recipient . . . . . . . . . . . . . . 9
4.2 Specifying a Message Type . . . . . . . . . . . . . . . . . 9
4.3 Specifying a Message Subject . . . . . . . . . . . . . . . . 10
4.4 Specifying a Message Thread . . . . . . . . . . . . . . . . 10
4.5 Specifying a Message Body . . . . . . . . . . . . . . . . . 11
4.6 Specifying Additional Information . . . . . . . . . . . . . 11
4.7 Message-Related Errors . . . . . . . . . . . . . . . . . . . 12
5. Exchanging Presence Information . . . . . . . . . . . . . . 13
5.1 Client and Server Responsibilities . . . . . . . . . . . . . 13
5.2 Sending Initial Presence . . . . . . . . . . . . . . . . . . 13
5.3 Specifying Availability Status . . . . . . . . . . . . . . . 14
5.4 Specifying Detailed Status Information . . . . . . . . . . . 14
5.5 Probing for Presence . . . . . . . . . . . . . . . . . . . . 14
5.6 Sending Final Presence . . . . . . . . . . . . . . . . . . . 14
5.7 Determining When a Contact Went Offline . . . . . . . . . . 15
6. Managing Subscriptions . . . . . . . . . . . . . . . . . . . 16
6.1 Requesting a Subscription . . . . . . . . . . . . . . . . . 16
6.2 Handling a Subscription Request . . . . . . . . . . . . . . 16
6.3 Cancelling a Subscription from Another Entity . . . . . . . 17
6.4 Unsubscribing from Another Entity's Presence . . . . . . . . 17
7. Blocking Communication . . . . . . . . . . . . . . . . . . . 18
7.1 Retrieving One's Privacy Lists . . . . . . . . . . . . . . . 18
7.2 Changing the Active List . . . . . . . . . . . . . . . . . . 19
7.3 Editing a Privacy List . . . . . . . . . . . . . . . . . . . 19
7.4 Removing a Privacy List . . . . . . . . . . . . . . . . . . 20
7.5 Blacklisted Entity Attempts to Communicate with User . . . . 20
8. Managing One's Roster . . . . . . . . . . . . . . . . . . . 22
8.1 Retrieving One's Roster on Login . . . . . . . . . . . . . . 22
8.2 Adding a Roster Item . . . . . . . . . . . . . . . . . . . . 23
8.3 Deleting a Roster Item . . . . . . . . . . . . . . . . . . . 24
9. Routing and Delivery Guidelines . . . . . . . . . . . . . . 26
10. Security Considerations . . . . . . . . . . . . . . . . . . 27
References . . . . . . . . . . . . . . . . . . . . . . . . . 28
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 28
A. Registration . . . . . . . . . . . . . . . . . . . . . . . . 29
A.1 Registration Data Flow . . . . . . . . . . . . . . . . . . . 29
Miller & Saint-Andre Expires July 24, 2003 [Page 2]
Internet-Draft XMPP Instant Messaging January 2003
A.2 Cancellation Data Flow . . . . . . . . . . . . . . . . . . . 31
B. Authentication Using jabber:iq:auth . . . . . . . . . . . . 32
C. vCards . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
C.1 Retrieving One's vCard . . . . . . . . . . . . . . . . . . . 34
C.2 Updating One's vCard . . . . . . . . . . . . . . . . . . . . 35
C.3 Viewing Another User's vCard . . . . . . . . . . . . . . . . 36
D. Formal Definitions . . . . . . . . . . . . . . . . . . . . . 37
D.1 jabber:iq:last . . . . . . . . . . . . . . . . . . . . . . . 37
D.1.1 DTD . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
D.1.2 Schema . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
D.2 jabber:iq:privacy . . . . . . . . . . . . . . . . . . . . . 37
D.2.1 DTD . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
D.2.2 Schema . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
D.3 jabber:iq:register . . . . . . . . . . . . . . . . . . . . . 39
D.3.1 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 39
D.3.2 DTD . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
D.3.3 Schema . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
D.4 jabber:iq:roster . . . . . . . . . . . . . . . . . . . . . . 42
D.4.1 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 42
D.4.2 DTD . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
D.4.3 Schema . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
D.5 vcard-temp . . . . . . . . . . . . . . . . . . . . . . . . . 44
E. Revision History . . . . . . . . . . . . . . . . . . . . . . 52
E.1 Changes from draft-miller-xmpp-im-02 . . . . . . . . . . . . 52
E.2 Changes from draft-miller-xmpp-im-02 . . . . . . . . . . . . 52
Full Copyright Statement . . . . . . . . . . . . . . . . . . 53
Miller & Saint-Andre Expires July 24, 2003 [Page 3]
Internet-Draft XMPP Instant Messaging January 2003
1. Introduction
1.1 Overview
The core features of the XMPP protocol are defined in XMPP Core [1].
These features, specifically XML streams and the 'jabber:client' and
'jabber:server' namespaces, provide the building blocks for many
types of near-real-time applications, which may be layered on top of
the core by sending XML stanzas that are scoped by specific XML
namespaces. This document describes the specific extensions to and
applications of XMPP Core that are used to create the basic
functionality expected of an instant messaging and presence
application as defined in RFC 2779 [2]. Extended namespaces for many
other functionality areas have been defined and continue to be
defined by the Jabber Software Foundation [3], including service
discovery, multi-user chat, search, remote procedure calls, data
gathering and forms submission, feature negotiation, message
composing events, message expiration, delayed delivery, and file
transfer; however, such functionality is not described herein because
it is not required by RFC 2779 [2].
1.2 Terminology
This document inherits the terminology defined in XMPP Core [1].
1.3 Requirements
For the purposes of this document, we stipulate that a basic instant
messaging and presence application needs to enable a user to perform
the following functionality by using a compliant client:
o Authenticate with a server
o Exchange messages with other users
o Exchange presence information with other users
o Manage subscriptions to and from other users
o Manage the items in the user's contact list (called a "roster")
1.4 Conventions Used in this Document
The capitalized key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in RFC
2119 [4].
Miller & Saint-Andre Expires July 24, 2003 [Page 4]
Internet-Draft XMPP Instant Messaging January 2003
1.5 Discussion Venue
The authors welcome discussion and comments related to the topics
presented in this document. The preferred forum is the
mailing list, for which archives and subscription
information are available at .
1.6 Intellectual Property Notice
This document is in full compliance with all provisions of Section 10
of RFC 2026. Parts of this specification use the term "jabber" for
identifying namespaces and other protocol syntax. Jabber[tm] is a
registered trademark of Jabber, Inc. Jabber, Inc. grants permission
to the IETF for use of the Jabber trademark in association with this
specification and its successors, if any.
Miller & Saint-Andre Expires July 24, 2003 [Page 5]
Internet-Draft XMPP Instant Messaging January 2003
2. Authentication
In order to gain access to the network of XMPP-compliant applications
and thus engage in standard IM functionality such as exchanging
messages and presence, a client must authenticate with a server.
If a client is capable of authenticating by means of SASL, it MUST
include a 'version' attribute (set to a value of "1.0") within the
opening element with which it initiated communications with
the server. The protocol describing how a client authenticates with
a server using SASL is defined XMPP Core [1].
Earlier iterations of the Jabber protocol contained a client-server
authentication protocol that was enforced after the stream was
negotiated; for the sake of completeness, this protocol, which uses
the 'jabber:iq:auth' namespace, is described non-normatively in
Authentication Using jabber:iq:auth (Appendix B).
Miller & Saint-Andre Expires July 24, 2003 [Page 6]
Internet-Draft XMPP Instant Messaging January 2003
3. Authorizing a Resource
Once a client has authenticated with a server using SASL, it MUST
define a resource that the server can associate with the connection
for purposes of authorization and addressing. This is necessary
because stanzas sent to or received from the server within the
context of an active session use a "full JID" (user@host/resource)
for addressing. Authorizing a resource is accomplished by means of
the 'jabber:iq:auth' namespace as described below.
Step 1: Client queries server regarding information that is still
required to begin a session:
juliet
Step 2: Server responds with the required fields (in this case, only
the username and authorized resource):
juliet
Step 3: Client sends name of authorized resource:
juliet
balcony
Step 4: Server informs client of successful session initiation:
Miller & Saint-Andre Expires July 24, 2003 [Page 7]
Internet-Draft XMPP Instant Messaging January 2003
Step 4 (alt): Server informs client of error encountered during
session initiation:
juliet
Bad Request (empty resource)
Miller & Saint-Andre Expires July 24, 2003 [Page 8]
Internet-Draft XMPP Instant Messaging January 2003
4. Exchanging Messages
Exchanging messages is a basic use of XMPP and is effected when a
user sends a message stanza to another user (or, more generally,
another entity).
4.1 Specifying an Intended Recipient
A client SHOULD specify an intended recipient for the message by
providing an appropriate JID in the 'to' attribute of the
element. Normally, the value of the 'to' attribute specifies an
entity other than the sending user (for exceptions, see the next
paragraph). The intended recipient MAY be any valid JID (e.g., a
user on the same server, a user on a different server, the server
itself, or another server).
If no 'to' address is specified, it is implied that the message is
addressed to the sending user itself (i.e., the user@host sending the
stanza); furthermore, a message explicitly or implicitly addressed to
the sending user itself is processed by the server on behalf of that
user. A message addressed to a specific connected resource
associated with the sending user is delivered to that user@host/
resource (which MAY be different from the connected resource that
generated the message).
4.2 Specifying a Message Type
As mentioned in XMPP Core [1], there are several defined types of
messages (specified by means of a 'type' attribute within the
element). In the context of an instant messaging
application, a client MAY include a message type in order to capture
the conversational context of the message, thus providing a hint
regarding presentation (e.g., in a GUI). If included, the 'type'
attribute SHOULD have one of the following values (any other value
MAY be ignored):
o chat -- The message is sent in the context of a one-to-one chat
conversation.
o groupchat -- The message is sent in the context of a multi-user
chat environment.
o headline -- The message is generated by an automated service that
delivers content (news, sports, market information, etc.).
o error - A message returned to a sender specifying an error
associated with a previous message sent by the sender (for a full
list of error messages, see XMPP Core [1])
Miller & Saint-Andre Expires July 24, 2003 [Page 9]
Internet-Draft XMPP Instant Messaging January 2003
4.3 Specifying a Message Subject
A message stanza MAY contain a child element specifying the subject
of the message. The subject MUST NOT contain mixed content.
A message with a subject:
Imploring
Wherefore art thou, Romeo?
4.4 Specifying a Message Thread
A message stanza MAY contain a child element specifying the thread of
the message for the purpose of tracking a conversation thread. The
content of the element is a random string that is generated
by the sender in accordance with the algorithm specified in XMPP Core
[1]; this string MAY be copied back to the sender in subsequent
replies. If included, the element MUST have no attributes
and MUST NOT contain mixed content.
Miller & Saint-Andre Expires July 24, 2003 [Page 10]
Internet-Draft XMPP Instant Messaging January 2003
A threaded conversation:
Art thou not Romeo, and a Montague?
e0ffe42b28561960c6b12b944a092794b9683a38
Neither, fair saint, if either thee dislike.
e0ffe42b28561960c6b12b944a092794b9683a38
How cam'st thou hither, tell me, and wherefore?
e0ffe42b28561960c6b12b944a092794b9683a38
4.5 Specifying a Message Body
A message stanza MAY (and often will) contain a child element
specifying the body of the message. The body MUST NOT contain mixed
content. If it is necessary to provide the message body in an
alternate form (e.g., encrypted using the public key infrastructure
or formatted using XHTML), the alternate form SHOULD be contained in
an appropriately-namespaced child of the message stanza other than
the element.
4.6 Specifying Additional Information
A message stanza MAY house an element containing content that extends
the meaning of the message (e.g., an encrypted form of the message
body). In common usage this child element is often the element
but MAY be any element, as long as the 'xmlns' namespace declaration
is something other than the streams namespace or the default
namespace; this extended namespace defines all elements contained
within the child element.
Miller & Saint-Andre Expires July 24, 2003 [Page 11]
Internet-Draft XMPP Instant Messaging January 2003
4.7 Message-Related Errors
If a message sent by a sender cannot be delivered, a server SHOULD
return that message to the sender in a message stanza of type "error"
along with an appropriate error message (for a list of error
messages, see XMPP Core [1]).
A message-related error:
Sleep dwell upon thine eyes
Sleep dwell upon thine eyes
No Such JID
An entity that receives a message stanza of type 'error' MUST NOT
respond to the stanza by sending a further message stanza of type
'error'; this helps to prevent looping.
Miller & Saint-Andre Expires July 24, 2003 [Page 12]
Internet-Draft XMPP Instant Messaging January 2003
5. Exchanging Presence Information
Exchanging presence information is made relatively straightforward
within XMPP by using presence stanzas. However, we see here a
contrast to the handling of messages: although a client MAY send
directed presence information to another entity, in general presence
information is sent from a client to a server and then broadcasted by
the server to any entities that are subscribed to the presence of the
sending entity. (Note: in the terminology of RFC 2778 [5], the only
watchers in XMPP are subscribers.)
5.1 Client and Server Responsibilities
When a client connects to a server, it SHOULD send an initial
presence stanza to the server to express default availability. This
presence stanza SHOULD have no type.
Upon receiving initial presence from a client, the server sends
presence probes from the bare JID (user@host) of the user to any
remote entities that are subscribed to the user's presence (as
represented in the user's roster) in order to determine if they are
available. (The remote server is responsible for responding to the
presence probe only when (1) the probing entity has been allowed to
access the probed entity's presence, e.g., by server rules or user
subscriptions, and (2) the probed entity is available; the probing
entity's server then informs the probing entity of the probed
entity's last known available presence, for all of the probed
entity's resources if applicable.)
Throughout the active session of a connected resource associated with
the client, the server is responsible for broadcasting any changes in
the availability status of the connected resource to the subscribed
entities that are available, so that such entities are apprised of
availability changes.
Finally, the server MUST notify all of the subscribed and available
entities when a connected resource becomes unavailable.
5.2 Sending Initial Presence
Upon authenticating, a client SHOULD send initial presence to its
server indicating that the connected resource is available for
communications. This presence stanza SHOULD have no type.
Initial presence sent from client to server:
Miller & Saint-Andre Expires July 24, 2003 [Page 13]
Internet-Draft XMPP Instant Messaging January 2003
5.3 Specifying Availability Status
A client MAY provide further information about its availability
status by using the element. As defined in XMPP Core [1],
the recognized values for the show element are "away", "chat", "xa",
and "dnd".
Availability status:
away
5.4 Specifying Detailed Status Information
In conjunction with the element, a client MAY provide
detailed status information by using the element. The
content of this element is a natural-language description of the
client's current availability status.
Detailed status information:
dnd
Busy fighting the Romans
5.5 Probing for Presence
A server MAY probe for the current presence of another entity. A
user or client SHOULD NOT send presence stanzas of type 'probe'.
5.6 Sending Final Presence
Upon ending its session with a server, a client SHOULD send a final
presence stanza that is explicitly of type unavailable.
Sending final presence to express unavailable state:
Optionally, final presence MAY contain one or more elements
specifying the reason why the user is no longer available.
Miller & Saint-Andre Expires July 24, 2003 [Page 14]
Internet-Draft XMPP Instant Messaging January 2003
5.7 Determining When a Contact Went Offline
The server SHOULD maintain a record of the time at which a user sent
final presence. An authorized subscriber to that user's presence MAY
determine the time of last activity by sending an IQ stanza to the
user's user@host address containing an empty element scoped
by the 'jabber:iq:last' namespace:
Requesting the last active time of a user:
The server MUST return an IQ stanza of type 'result' with the number
of seconds since the user was last active:
Returning the last active time of a user:
If the entity requesting the time of last activity is not an
authorized subscriber to the user's presence, the server MUST return
an IQ stanza of type 'error' with an error code of 403 (Forbidden):
Requester is forbidden to view the last active time of a user:
Forbidden
Miller & Saint-Andre Expires July 24, 2003 [Page 15]
Internet-Draft XMPP Instant Messaging January 2003
6. Managing Subscriptions
In order to protect the privacy of instant messaging users and any
other entities, presence and availability information is made
available only to other entities that the user has approved. When a
user has agreed that another entity may view its presence, the entity
is said to have a subscription to the user's presence information.
Note well that a subscription lasts across sessions; indeed, it lasts
until the subscriber unsubscribes or the subscribee cancels the
previously-granted subscription. Subscriptions are completed within
XMPP by sending presence stanzas containing specially-defined
attributes.
6.1 Requesting a Subscription
A request to subscribe to another entity's presence is made by
sending a presence stanza of type "subscribe".
Sending a subscription request:
6.2 Handling a Subscription Request
When a client receives a subscription request from another entity, it
MAY accept the request by sending a presence stanza of type
"subscribed" or decline the request by sending a presence stanza of
type "unsubscribed".
Accepting a subscription request:
Miller & Saint-Andre Expires July 24, 2003 [Page 16]
Internet-Draft XMPP Instant Messaging January 2003
Denying a presence subscription request:
6.3 Cancelling a Subscription from Another Entity
If a user would like to cancel a previously-granted subscription
request, it sends a presence stanza of type "unsubscribed".
Cancelling a previously granted subscription request:
6.4 Unsubscribing from Another Entity's Presence
If a user would like to unsubscribe from the presence of another
entity, it sends a presence stanza of type "unsubscribe".
Unsubscribing from an entity's presence:
Miller & Saint-Andre Expires July 24, 2003 [Page 17]
Internet-Draft XMPP Instant Messaging January 2003
7. Blocking Communication
Most instant messaging systems have found it necessary to implement
some method for users to block communications from specific other
users (this is also required by section 2.3.5 of RFC 2779 [2]). In
XMPP this is done using the 'jabber:iq:privacy' namespace by managing
one's privacy lists (also called "zebra lists" since they are
flexible combinations of blacklists and whitelists).
7.1 Retrieving One's Privacy Lists
Client requests privacy lists from server:
Server sends privacy lists to client:
In this example, the user has three lists: (1) 'public', which allows
communications from everyone except one specific entity; (2)
'private', which allows communications only from contacts who have a
bi-directional subscription with the user; and (3) 'special', which
allows communications only from three specific entities. The active
list currently being applied by the server is the 'private' list.
Miller & Saint-Andre Expires July 24, 2003 [Page 18]
Internet-Draft XMPP Instant Messaging January 2003
7.2 Changing the Active List
In order to change the active list currently being applied by the
server, the user MUST send an IQ stanza of type 'set' with a
element scoped by the 'jabber:iq:privacy' namespace that contains an
empty child element possessing a 'name' attribute whose
value is set to the desired list name.
Client requests change of active list:
Server acknowledges success of active list change:
7.3 Editing a Privacy List
In order to edit a privacy list, the user MUST send an IQ stanza of
type 'set' with a element scoped by the 'jabber:iq:privacy'
namespace that contains one or more
child elements possessing
a 'name' attribute whose value is set to the list name the user would
like to edit. Each
element MUST contain one or more
elements, which specify the user's desired changes to the list by
including all elements in the list (not the "delta"); the same
protocol is used to create a new list.
Client edits a privacy list:
Miller & Saint-Andre Expires July 24, 2003 [Page 19]
Internet-Draft XMPP Instant Messaging January 2003
Server acknowledges success of list edit:
In this example, the user has added one additional entity to the
"blacklist" portion of this privacy list.
7.4 Removing a Privacy List
In order to remove a privacy list, the user MUST send an IQ stanza of
type 'set' with a element scoped by the 'jabber:iq:privacy'
namespace that contains one or more empty
child elements
possessing a 'name' attribute whose value is set to the list name the
user would like to remove.
Client removes a privacy list:
Server acknowledges success of list removal:
7.5 Blacklisted Entity Attempts to Communicate with User
If a blacklisted entity attempts to communicate with the user, the
user's server MUST return an error of type 405 (Not Allowed) to the
sending entity.
Blacklisted entity attempts communication:
Have at thee, coward!
Miller & Saint-Andre Expires July 24, 2003 [Page 20]
Internet-Draft XMPP Instant Messaging January 2003
Server returns error to blacklisted entity:
Have at thee, coward!
Not Allowed
Miller & Saint-Andre Expires July 24, 2003 [Page 21]
Internet-Draft XMPP Instant Messaging January 2003
8. Managing One's Roster
One's list of contacts is called a roster. A roster is stored by the
server so that a user may access roster information from any
connected resource.
8.1 Retrieving One's Roster on Login
Upon connecting to the server, a client MAY request the roster
(however, because receiving the roster may not be desirable for all
resources, e.g., a connection with limited bandwidth, the client's
request for the roster is OPTIONAL).
Client requests current roster from server:
Client receives roster from the server:
-
Friends
-
Friends
Miller & Saint-Andre Expires July 24, 2003 [Page 22]
Internet-Draft XMPP Instant Messaging January 2003
8.2 Adding a Roster Item
At any time, a user MAY add an item to his or her roster.
Client adds a new item:
-
Servants
The server is responsible for updating the roster information in
persistent storage, and also for pushing that change out to all
connected resources for the user using an IQ stanza of type "set".
This enables all connected resources to remain in sync with the
server-based roster information.
Miller & Saint-Andre Expires July 24, 2003 [Page 23]
Internet-Draft XMPP Instant Messaging January 2003
Server replies with an IQ result to the sending resource and pushes
the updated roster information to all connected resources:
-
Servants
-
Servants
Updating an existing roster item (e.g., changing the Group) is done
in teh same way as adding a new roster item, by sending the roster
item in an IQ set to the server.
8.3 Deleting a Roster Item
At any time, a user MAY delete an item from its roster by doing an IQ
set and making sure that the value of the 'subscription' attribute is
"remove" (a compliant server SHOULD ignore any other values of the
'subscription' attribute).
Miller & Saint-Andre Expires July 24, 2003 [Page 24]
Internet-Draft XMPP Instant Messaging January 2003
Client removes a item:
-
Servants
As with adding a roster item, when deleting a roster item the server
is responsible for updating the roster information in persistent
storage, and also for pushing that change out to all connected
resources for the user using an IQ stanza of type "set".
A server implementation SHOULD cancel any existing presence
subscriptions when a roster item is removed.
Miller & Saint-Andre Expires July 24, 2003 [Page 25]
Internet-Draft XMPP Instant Messaging January 2003
9. Routing and Delivery Guidelines
XML stanzas that are not handled directly by a server (e.g., for the
purpose of data storage or rebroadcasting) are routed or delivered to
the intended recipient of the stanza as represented by a JID in the
'to' attribute. The following rules apply:
o If the JID contains a resource identifier (to="user@host/
resource"), the stanza is delivered first to the resource that
exactly matches the resource identifier.
o If the JID contains a resource identifier and there are no
matching resources, but there are other connected resources
associated with the user, then message stanzas are further
processed as if no resource is specified (see next item). For all
tther stanzas, the server should return them to the sender with a
type of "error" and an appropriate error code (503) and message.
o If the JID contains only a user@host and there is at least one
connected resource available for the user, the server should
deliver the stanza to an appropriate resource based on the
availability state, priority, and connect time of the connected
resource(s). (Existing XMPP implementations contain some
hardcoded rules, based on and most recent connection
time, for the routing of such stanzas. A more flexible approach
to routing would be desirable.)
o If the JID contains only a user@host and there are no connected
resources available for the user (e.g., an IM user is offline),
the server MAY choose to store the stanza (usually only message
and presence subscription stanzas) on behalf of the user and
deliver the stanza when a resource becomes available for that
user. If offline storage is not enabled, the server MUST return a
404 ("Not Found") error to the sender.
Miller & Saint-Andre Expires July 24, 2003 [Page 26]
Internet-Draft XMPP Instant Messaging January 2003
10. Security Considerations
For security considerations, refer to the relevant section of XMPP
Core [1].
Miller & Saint-Andre Expires July 24, 2003 [Page 27]
Internet-Draft XMPP Instant Messaging January 2003
References
[1] Miller, J. and P. Saint-Andre, "XMPP Core (draft-ietf-xmpp-core-
01, work in progress)", January 2003.
[2] Day, M., Aggarwal, S., Mohr, G. and J. Vincent, "A Model for
Presence and Instant Messaging", RFC 2779, February 2000,
.
[3] Jabber Software Foundation, "Jabber Software Foundation", August
2001, .
[4] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[5] Day, M., Rosenberg, J. and H. Sugano, "A Model for Presence and
Instant Messaging", RFC 2778, February 2000, .
[6] Dawson, F. and T. Howes, "vCard MIME Directory Profile", RFC
2426, September 1998.
Authors' Addresses
Jeremie Miller
Jabber Software Foundation
1899 Wynkoop Street, Suite 600
Denver, CO 80202
US
EMail: jeremie@jabber.org
URI: http://www.jabber.org/people/jer.php
Peter Saint-Andre
Jabber Software Foundation
1899 Wynkoop Street, Suite 600
Denver, CO 80202
US
EMail: stpeter@jabber.org
URI: http://www.jabber.org/people/stpeter.php
Miller & Saint-Andre Expires July 24, 2003 [Page 28]
Internet-Draft XMPP Instant Messaging January 2003
Appendix A. Registration
This section is provided for informational purposes only and is not
normative.
Registering with a server is necessary in order for a user to engage
in any desired functionality by means of a client. Certainly such
registration MAY (and frequently does) occur outside the context of
an instant messaging and presence application. However, XMPP also
enables a user to register with a server within the context of an IM
system. This functionality is enabled by sending and receiving IQ
stanzas in a request-response pattern, where the IQ stanzas contain
elements in the 'jabber:iq:register' namespace. Because in-
band registration is not required by RFC 2779 or any XMPP-specific
requirements, this section is non-normative.
A.1 Registration Data Flow
Step 1: Client queries server regarding information that is required
in order to register:
Step 2: Server responds with the required registration fields:
Choose a username and password to register with this service.
Note: the client is REQUIRED to provide information for all of the
elements (other than ) contained in the IQ result.
(Note also that the XML stanza shown above does not include a 'to'
attribute, since the connected socket does not yet have an account.)
Miller & Saint-Andre Expires July 24, 2003 [Page 29]
Internet-Draft XMPP Instant Messaging January 2003
Step 3: Client provides required information:
juliet@capulet.com
R0m30
juliet
Step 4: Server informs client of successful registration:
Step 4 (alt 1): Server informs client of failed registration
(required field not provided):
juliet@capulet.com
R0m30
Not Acceptable
Miller & Saint-Andre Expires July 24, 2003 [Page 30]
Internet-Draft XMPP Instant Messaging January 2003
Step 4 (alt 2): Client is already registered:
juliet@capulet.com
R0m30
juliet
Bad Request
A.2 Cancellation Data Flow
The 'jabber:iq:register' namespace also makes it possible for a user
to cancel a registration with a server by sending a element
as shown below.
Step 1: Client sends request to unregister:
Step 2: Server informs client of successful unregistration:
Miller & Saint-Andre Expires July 24, 2003 [Page 31]
Internet-Draft XMPP Instant Messaging January 2003
Appendix B. Authentication Using jabber:iq:auth
This section is provided for informational purposes only and is not
normative.
The 'jabber:iq:auth' namespace provides two things: (1) a way for a
client to authenticate with a server and (2) a way to define an
authorized resource representing a specific connection or session.
The following is the data flow for a complete example of
authentication and authorization with a server using the
'jabber:iq:auth' namespace.
Step 1: Client queries server regarding information that is required
in order to authenticate:
juliet
Step 2: Server responds with the required authentication fields:
juliet
Step 3: Client sends authentication information (encrypted password):
juliet
64d60e40febe09264c52bc9cbddd5dd1147fae97
balcony
Step 4: Server informs client of successful authentication:
Miller & Saint-Andre Expires July 24, 2003 [Page 32]
Internet-Draft XMPP Instant Messaging January 2003
Step 4 (alt): Server informs client of failed authentication:
juliet
64d60e40febe09264c5wrongpassword2bc9cbddd5dd1147fae97
balcony
Unauthorized
The algorithm for generating digest passwords is as follows:
1. Concatenate the Stream ID received from the server with the
password.
2. Hash the concatenated string according to the SHA1 algorithm.
3. Ensure that the hash output is in hexidecimal format, not binary
or base64).
4. Convert the hash output to all lowercase characters.
Miller & Saint-Andre Expires July 24, 2003 [Page 33]
Internet-Draft XMPP Instant Messaging January 2003
Appendix C. vCards
This section is provided for informational purposes only and is not
normative.
Sections 3.1.3 and 4.1.4 of RFC 2779 [2] require that it be possible
to retrieve non-IM contact information for other users (e.g.,
telephone number or email address). An XML representation of the
vCard specification defined in RFC 2426 [6] is in common use within
the Jabber community to provide such information. For the sake of
completeness, this section describes that protocol. This section is
non-normative.
The basic functionality is for a user to store and retrieve an XML
representation of his or her vCard using the data storage
capabilities native to all existing Jabber server implementations.
This is done by sending an of type "set" (storage) or "get"
(retrieval) to one's Jabber server containing a child scoped
by the 'vcard-temp' namespace, with the element containing
the actual vCard-XML elements as defined by the vCard-XML DTD. Other
users may then view one's vCard information. (There is currently no
access control over who may view vCard information.)
C.1 Retrieving One's vCard
A user may retrieve his or her own vCard by sending XML of the
following form to his or her own JID:
The server must then return the vCard to the user:
Peter Saint-Andre
Saint-Andre
Peter
stpeter
http://www.jabber.org/people/stpeter.php
Miller & Saint-Andre Expires July 24, 2003 [Page 34]
Internet-Draft XMPP Instant Messaging January 2003
1966-08-06
Jabber Software Foundation
Executive Director
Patron Saint
303-308-3282
Suite 600
1899 Wynkoop Street
Denver
CO
80202
USA
303-555-1212
Denver
CO
80209
USA
stpeter@jabber.org
stpeter@jabber.org
More information about me is located on my
personal website: http://www.saint-andre.com/
C.2 Updating One's vCard
A user may update his or her vCard by sending an IQ of type "set" to
the server, following the format in the previous use case.
If a user attempts to perform an IQ set on another user's vCard, the
server must return a 403 "Forbidden" error.
Miller & Saint-Andre Expires July 24, 2003 [Page 35]
Internet-Draft XMPP Instant Messaging January 2003
C.3 Viewing Another User's vCard
A user may view another user's vCard by sending an IQ of type "get"
to the other user's bare JID. A compliant server must return the
vCard to the requestor and not forward the IQ to the requestee's
connected resource.
The server should then return the other user's vCard to the
requestor:
JeremieMiller
Jeremie
Miller
jer
jeremie@jabber.org
jer@jabber.org
Miller & Saint-Andre Expires July 24, 2003 [Page 36]
Internet-Draft XMPP Instant Messaging January 2003
Appendix D. Formal Definitions
D.1 jabber:iq:last
D.1.1 DTD
D.1.2 Schema
D.2 jabber:iq:privacy
Miller & Saint-Andre Expires July 24, 2003 [Page 37]
Internet-Draft XMPP Instant Messaging January 2003
D.2.1 DTD
D.2.2 Schema
Miller & Saint-Andre Expires July 24, 2003 [Page 38]
Internet-Draft XMPP Instant Messaging January 2003
D.3 jabber:iq:register
D.3.1 Children
While numerous fields are available for use in the
'jabber:iq:register' namespace, only those fields (other than
) sent from the server in an IQ result are REQUIRED in
order to register. The following are the allowable children of a
element scoped by the 'jabber:iq:register' namespace:
o instructions
Miller & Saint-Andre Expires July 24, 2003 [Page 39]
Internet-Draft XMPP Instant Messaging January 2003
o username
o password
o name
o email
o address
o city
o state
o zip
o phone
o url
o date
o misc
o text
o remove - request to unregister (sent only in an IQ set)
Miller & Saint-Andre Expires July 24, 2003 [Page 40]
Internet-Draft XMPP Instant Messaging January 2003
D.3.2 DTD
D.3.3 Schema
Miller & Saint-Andre Expires July 24, 2003 [Page 41]
Internet-Draft XMPP Instant Messaging January 2003
D.4 jabber:iq:roster
D.4.1 Children
A element scoped by the 'jabber:iq:roster' namespace MAY
contain zero or more elements. An item element MAY contain
the following attributes:
o jid - A REQUIRED attribute that contains the complete JID of the
contact that this item represents
o name - An OPTIONAL attribute that contains a natural-language name
for the contact
o subscription - An OPTIONAL attribute that captures the current
status of the subscription related to this item. Should be one of
the following (all other values are ignored):
* none - no subscription.
* from - this entity has a subscription to the contact.
Miller & Saint-Andre Expires July 24, 2003 [Page 42]
Internet-Draft XMPP Instant Messaging January 2003
* to - the contact has a subscription to this entity.
* both - subscription is both to and from.
* remove - item is to be removed.
o ask - An OPTIONAL attribute specifying the current status of a
request to this contact. Should be one of the following (all
other values are ignored):
* subscribe - this entity is asking to subscribe to that
contact's presence.
* unsubscribe - this entity is asking unsubscribe from that
contact's presence.
An element MAY contain zero or more instances of the
following element:
o group - Natural-language name of a user-specified group for the
purpose of categorizing contacts into groups.
D.4.2 DTD
D.4.3 Schema
Miller & Saint-Andre Expires July 24, 2003 [Page 43]
Internet-Draft XMPP Instant Messaging January 2003
D.5 vcard-temp
The following DTD is a slightly modified version of that contained in
the second vCard-XML Internet-Draft authored by Frank Dawson. The
only modifications were to add the JABBERID and DESC elements.
Miller & Saint-Andre Expires July 24, 2003 [Page 44]
Internet-Draft XMPP Instant Messaging January 2003
Miller & Saint-Andre Expires July 24, 2003 [Page 46]
Internet-Draft XMPP Instant Messaging January 2003
Miller & Saint-Andre Expires July 24, 2003 [Page 48]
Internet-Draft XMPP Instant Messaging January 2003
Miller & Saint-Andre Expires July 24, 2003 [Page 49]
Internet-Draft XMPP Instant Messaging January 2003
Miller & Saint-Andre Expires July 24, 2003 [Page 50]
Internet-Draft XMPP Instant Messaging January 2003
Miller & Saint-Andre Expires July 24, 2003 [Page 51]
Internet-Draft XMPP Instant Messaging January 2003
Appendix E. Revision History
Note to RFC editor: please remove this entire appendix, and the
corresponding entries in the table of contents, prior to publication.
E.1 Changes from draft-miller-xmpp-im-02
o Moved registration and authentication via jabber:iq:auth to non-
normative appendices.
o Changed initial presence stanza from MUST be empty to SHOULD be
empty.
o Specified that user or clients should not send presence stanzas of
type 'probe'.
o Specified the algorithm for digest passwords.
E.2 Changes from draft-miller-xmpp-im-02
o Added information about the 'jabber:iq:last' protocol to meet the
requirement defined in section 3.2.4 of RFC 2779.
o Added information about the 'jabber:iq:privacy' protocol to meet
the requirement defined in section 2.3.5 of RFC 2779.
o Added information about the vCard XML protocol to meet the
requirement defined in sections 3.1.3 and 4.1.4 of RFC 2779.
o Changed the material describing authentication (but not resource
authorization) with 'jabber:iq:auth' to non-normative.
o Noted that the only watchers are subscribers.
o Nomenclature changes: (1) from "chunks" to "stanzas"; (2) from
"host" to "server"; (3) from "node" to "client" or "user" (as
appropriate).
Miller & Saint-Andre Expires July 24, 2003 [Page 52]
Internet-Draft XMPP Instant Messaging January 2003
Full Copyright Statement
Copyright (C) The Internet Society (2003). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Miller & Saint-Andre Expires July 24, 2003 [Page 53]