view Side-By-Side changes
Network Working Group J. Miller Internet-Draft P. Saint-Andre Expires:April 23,May 4, 2003 Jabber Software FoundationOctober 23,November 03, 2002 XMPP Coredraft-miller-xmpp-core-01draft-miller-xmpp-core-02 Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire onApril 23,May 4, 2003. Copyright Notice Copyright (C) The Internet Society (2002). All Rights Reserved. Abstract This document describes the core features of the eXtensible Messaging and Presence Protocol (XMPP), which is used bynumerousthe servers, clients, and other applications thatare compatible withcomprise theopen-sourceJabberinstant messaging system.network. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 1] Internet-Draft XMPP CoreOctoberNovember 2002 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.2 Conventions Used in this Document . . . . . . . . . . . . . 4 1.3 Discussion Venue . . . . . . . . . . . . . . . . . . . . . . 4 1.4 Intellectual Property Notice . . . . . . . . . . . . . . . . 4 2. Generalized Architecture . . . . . . . . . . . . . . . . . . 5 2.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.3 Node . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.4 Service . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.4.1 Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.5 Network . . . . . . . . . . . . . . . . . . . . . . . . . . 6 3. Addressing Scheme . . . . . . . . . . . . . . . . . . . . . 8 3.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.2 Domain Identifier . . . . . . . . . . . . . . . . . . . . . 8 3.3 Node Identifier . . . . . . . . . . . . . . . . . . . . . . 8 3.4 Resource Identifier . . . . . . . . . . . . . . . . . . . . 9 3.5 URIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4. XML Streams . . . . . . . . . . . . . . . . . . . . . . . .1011 4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . .1011 4.2Scope . . .Restrictions . . . . . . . . . . . . . . . . . . . . . . . .1112 4.3Restrictions . . .Stream Attributes . . . . . . . . . . . . . . . . . . . . . 12 4.4Elements and AttributesNamespace Declarations . . . . . . . . . . . . . . . . . .12. 13 4.5 Stream Errors . . . . . . . . . . . . . . . . . . . . . . .1314 4.6 Example . . . . . . . . . . . . . . . . . . . . . . . . . .13 4.7 DTD14 5. Stream Authentication . . . . . . . . . . . . . . . . . . . 17 5.1 SASL Authentication . . . . . . . . .15 4.8 Schema. . . . . . . . . . . 17 5.1.1 Overview . . . . . . . . . . . . . . . .15 5. Stream Authentication. . . . . . . . . . 17 5.1.2 Example . . . . . . . . .17 5.1 SASL Authentication. . . . . . . . . . . . . . . . . 18 5.2 Dialback Authentication . . .17 5.1.1 Overview. . . . . . . . . . . . . . . 20 5.2.1 Dialback Protocol . . . . . . . . . . .17 5.1.2 Example. . . . . . . . . . 22 6. Core Data Elements . . . . . . . . . . . . . . . .18 5.1.3 DTD. . . . . 26 6.1 Overview . . . . . . . . . . . . . . . . . . . . . . .20 5.1.4 Schema. . . 26 6.2 Common Attributes . . . . . . . . . . . . . . . . . . . . . 26 6.2.1 to . . .20 5.2 Dialback Authentication. . . . . . . . . . . . . . . . . .21 5.2.1 Dialback Protocol. . . . . . . . 26 6.2.2 from . . . . . . . . . . . . .23 6. Common Data Elements. . . . . . . . . . . . . . . 26 6.2.3 id . . . . .27 6.1 Overview. . . . . . . . . . . . . . . . . . . . . . . . 26 6.2.4 type . .27 6.2 The Message Element. . . . . . . . . . . . . . . . . . . .27 6.2.1 Attributes. . . . . . 27 6.3 Message Chunks . . . . . . . . . . . . . . . . . . .27 6.2.2 Children. . . . 27 6.3.1 Types of Message . . . . . . . . . . . . . . . . . . . . . . 276.2.3 DTD . . . . . . .6.3.2 Children . . . . . . . . . . . . . . . . . . . . .28 6.2.4 Schema. . . . . 27 6.4 Presence Chunks . . . . . . . . . . . . . . . . . . . . . . 286.3 The6.4.1 Types of PresenceElement .. . . . . . . . . . . . . . . . . . .29 6.3.1 Attributes. . 28 6.4.2 Children . . . . . . . . . . . . . . . . . . . . . . .30 6.3.2 Children. . . 29 6.5 IQ Chunks . . . . . . . . . . . . . . . . . . . . . . .30 6.3.3 DTD. . 30 6.5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . .3230 Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 2] Internet-Draft XMPP CoreOctoberNovember 20026.3.4 Schema . .6.5.2 Types of IQ . . . . . . . . . . . . . . . . . . . . . . . . 30 6.5.3 Children .32 6.4 The IQ Element. . . . . . . . . . . . . . . . . . . . . . .33 6.4.1 Overview. . 31 6.6 Extended Namespaces . . . . . . . . . . . . . . . . . . . . 31 7. XML Usage within XMPP . . . .33 6.4.2 Attributes. . . . . . . . . . . . . . . 33 7.1 Overview . . . . . . . . . .34 6.4.3 Children. . . . . . . . . . . . . . . . 33 7.2 Namespaces . . . . . . . . . .35 6.4.4 DTD. . . . . . . . . . . . . . . 33 7.3 Validation . . . . . . . . . . . . .35 6.4.5 Schema. . . . . . . . . . . . 33 7.4 Character Encodings . . . . . . . . . . . . . . .35 7. XML Usage within XMPP. . . . . 34 7.5 Inclusion of Text Declaration . . . . . . . . . . . . . .37 7.1 Overview. 34 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . 35 9. Internationalization Considerations . . . . .37 7.2 Namespaces. . . . . . . 36 10. Security Considerations . . . . . . . . . . . . . . . . . . 377.3 Validation .10.1 Node-to-Host Communications . . . . . . . . . . . . . . . . 37 10.2 Host-to-Host Communications . . . . . . . .37 7.4 Extended Namespaces. . . . . . . . 37 10.3 Use of SASL . . . . . . . . . . . .38 7.5 Handling of Extended Namespaces. . . . . . . . . . . . 37 References . .38 7.6 Inclusion of Prolog. . . . . . . . . . . . . . . . . . . .38 8. Internationalization Considerations. . . 38 Authors' Addresses . . . . . . . . .39 8.1 Character Encodings. . . . . . . . . . . . 39 A. Standard Error Codes . . . . . . . .39 8.2 Language Declarations. . . . . . . . . . . . 40 B. Formal Definitions . . . . . . .39 9. IANA Considerations. . . . . . . . . . . . . . 42 B.1 streams namespace . . . . . .40 10. Security Considerations. . . . . . . . . . . . . . . 42 B.1.1 DTD . . .41 10.1 Node-to-Host Communications. . . . . . . . . . . . . . . .41 10.2 Host-to-Host Communications. . . . . . . . . 42 B.1.2 Schema . . . . . . .41 10.3 Use of SASL. . . . . . . . . . . . . . . . . . . . 42 B.2 sasl namespace . . . .41 References. . . . . . . . . . . . . . . . . . . 43 B.2.1 DTD . . . . . . .42 Authors' Addresses. . . . . . . . . . . . . . . . . . . . . 43A. Standard Error CodesB.2.2 Schema . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 B.3 jabber:client namespace . . . . . . . . . . . . . . . . . . 45 B.3.1 DTD . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 B.3.2 Schema . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 C. OpenPGP Usage . . . . . . . . . . . . . . . . . . . . . . . 50 C.1 Signing Presence . . . . . . . . . . . . . . . . . . . . . . 50 C.2 Encrypting Messages . . . . . . . . . . . . . . . . . . . . 51 Full Copyright Statement . . . . . . . . . . . . . . . . . .4653 Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 3] Internet-Draft XMPP CoreOctoberNovember 2002 1. Introduction 1.1 Overview The eXtensible Messaging and Presence Protocol (XMPP) is an open,XML-basedXML [1] protocol for near-real-time messaging and presence. Currently, there exist multiple implementations of the protocol, mostly offered under the name of Jabber. In addition, there are countless deployments of these implementations, which provide instant messaging (IM) and presence services at and among thousands of domains tomillions ofa user base that is estimated at over one million end users. The current document defines the core constituents of XMPP; XMPP IM [2] defines thespecific protocolsextensions necessary to provide basic instant messaging and presence functionalityarethat addresses the requirements defined inXMPP IM [2].RFC 2779 [3]. 1.2 Conventions Used in this Document The capitalized key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119[1].[4]. 1.3 Discussion Venue The authors welcome discussion and comments related to the topics presented in this document, preferably on the "xmppwg@jabber.org" mailing list (archives and subscription information are available at http://www.jabber.org/cgi-bin/mailman/listinfo/xmppwg/). 1.4 Intellectual Property Notice This document is in full compliance with all provisions of Section 10 of RFC 2026. Parts of this specification use the term "jabber" for identifyingURI schemes, namespaces,namespaces and other protocol syntax. Jabber[tm] is a registered trademark of Jabber, Inc. Jabber, Inc. grants permission to the IETF for use of the Jabber trademark in association with this specification and its successors, if any. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 4] Internet-Draft XMPP CoreOctoberNovember 2002 2. Generalized Architecture 2.1 Overview Although XMPP is not wedded to any specific network architecture, to this point it has usually been implemented via a typical client- server architecture, wherein a client utilizing XMPP accesses a server over a TCP[4][5] socket. While it can be helpful to keep that specific architecture in mind when seeking to understand XMPP, we have herein abstracted from any specific architecture and have described the architecture in a more generalized fashion. The following diagram provides a high-level overview of this generalized architecture (where "-" represents communications that use XMPP and "=" represents communications that use any other protocol). Connection Map S1 S2 \ / N1 - H1 - H2 - N3 / \ N2 - G1 = F1 = C1 The symbols are as follows: o N1, N2, N3--- Nodes on the Jabber network o H1, H2--- Hosts on the Jabber network o S1, S2--- Services that add functionality to a primary host o G1--- A gateway that translates between XMPP and the protocol(s) used on a foreign messaging network o F1--- A foreign messaging network o C1--- A client on a foreign messaging network 2.2 Host A host acts as an intelligent abstraction layer for XMPP communications. Its primaryresponsibility isresponsibilities are to manage connections from or sessions for other entities(authorized(in the form of XML streams to and from authorized nodes, trusted services, and other hosts) and to route appropriately-addressed XML data "chunks" amongsuch entities. Most XMPP-compliant (Jabber) hosts also assumeMiller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 5] Internet-Draft XMPP CoreOctoberNovember 2002 such entities over XML streams. Most XMPP-compliant hosts also assume responsibility for the storage of data that is used by nodes or services (e.g., the contact list for each IMuser, called a "roster");user); in this case, the XML data is processed directly by the host itself on behalf of the node or service and is not routed to another entity. 2.3 Node Most nodes connect directly to a host over a TCP socket and use XMPP to take full advantage of the functionality provided by a host and its associated services. (Clients on foreign messaging networksaremay also be part of the architecture, made accessable via a gateway to that network.) Multiple resources (e.g., devices or locations) MAY connect simultaneously to a host on behalf of each authorized node, with each resource connecting over a discrete TCP socket and differentiated by the resource identifier of a JID (Section 3) (e.g., node@host/home vs. node@host/work). The port assigned by the IANA[5][6] for connections between a Jabber node and a Jabber host is 5222. For further details about node-to-host communications for the purpose of instant messaging and presence, refer to XMPP IM [2]. 2.4 Service In addition to the basic functionality provided by a host, additional functionality is made possible by connecting trusted services to a host. Examples include multi-user chat (a.k.a. conferencing), real- time alert systems, custom authentication modules, database connectivity, and translation to foreign messaging protocols. There is no set port on which services communicate with hosts; this is left up to the administrator of the service or host. Communications between services and hosts are not defined in this document. 2.4.1 Gateway A gateway is a special-purpose service whose primary function is to translate XMPP into the protocol(s) of another messaging system, as well as to translate the return data back into XMPP. Examples are gateways to Internet Relay Chat (IRC), Short Message Service (SMS), SMTP, and foreign instant messaging networks such as Yahoo!, MSN, ICQ, and AIM. Communications between gateways and hosts, and between gateways and the foreign messaging system, are not defined in this document. 2.5 Network Because each host is identified by a network address (typically a DNS hostname) and because host-to-host communications are a simple extension of the node-to-host protocol, in practice the system Miller & Saint-Andre Expires May 4, 2003 [Page 6] Internet-Draft XMPP Core November 2002 consists of a network of hosts that inter-communicate. Thus node- a@host1 is able to exchange messages, presence, and other information with node-b@host2. This pattern is familiar from messaging protocolsMiller & Saint-Andre Expires April 23, 2003 [Page 6] Internet-Draft XMPP Core October 2002(such as SMTP) that make use of network addressing standards. The usual method for providing a connection between two hosts is to open a TCP socket on the IANA-assigned port 5269 and to negotiate a connection using the Dialback Protocol (Section5.2).5.2) as defined in this document. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 7] Internet-Draft XMPP CoreOctoberNovember 2002 3. Addressing Scheme 3.1 Overview Any entity that can be considered a network endpoint (i.e., an ID on the network) and that can communicate using XMPP is considered a Jabber Entity. All such entities are uniquely addressable in a form that is consistent withthe URI specification [11].RFC 2396 [7]. In particular, a valid Jabber Identifier (JID) contains a set of ordered elements formed of a domain identifier, node identifier, and resource identifier in the following format: [node@]domain[/resource]. All JIDs are based on the foregoing structure. The most common use of this structure is to identify an IM user, the host to which the user connects, and the user's active session or connection in the form of user@host/resource. However, other nodes are possible; for example,room-name@conference-service isa specific conference roomthatis offered by a multi-user chat service is addressed as room@service, where "room" is the name of the room and "service" is the hostname of the chat service. 3.2 Domain Identifier The domain identifier is the primary identifier and is the only required element of a JID (a simple domain identifier is a valid JID). It usually represents the network gateway or "primary" host to which other entities connect for XML routing and data management capabilities. However, the entity referenced by a domain identifier is not always a host, and may be a service that is addressed as a subdomain of a host and that provides functionality above and beyond the capabilities of a host(e.g., a(a multi-user chatservice orservice, a user directory, a gateway to a foreign messagingsystem).system, etc.). The domain identifier for every host or service that will communicate over a network SHOULD resolve to a Fully Qualified Domain Name, and a domain identifier SHOULD conform to RRC 952[6][8] and REF 1123[7].[9]. Specifically,ita domain identifier is case-insensitive 7-bit ASCII and is limited to 255 bytes. 3.3 Node Identifier The node identifier is an optional secondary identifier. It usually represents the entity requesting and using network access provided by the host (e.g., a client), although it can also represent other kinds of entities (e.g., a multi-user chat room associated with a conference service). The entity represented by a node identifier is addressed within the context of a specificdomain.domain (e.g., user@host). Node identifiers are restricted to 256 bytes. A node identifier may contain any Unicode character higher than #x20 with the exception ofthe following:Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 8] Internet-Draft XMPP CoreOctoberNovember 2002 the following: o #x22 (") o #x26 (&) o #x27 (') o #x3A (:) o #x3C (<) o #x3E (>) o #x40 (@) o #x7F (del) o #xFFFE (BOM) o #xFFFF (BOM) Case is preserved, but comparisons are made in case-normalized canonical form. 3.4 Resource Identifier The resource identifer is an optional third identifier. It represents a specific session, connection (e.g., a device or location), or object (e.g., a participant in a multi-user chat room) belonging to a node. A node may maintain multiple resources simultaneously. A resource identifier is restricted to 256 bytes in length. A resource identifier MAY include any Unicode character greater than #x20, except #xFFFE and #xFFFF; if the Unicode character is a valid XML character as defined in Section 2.2 ofthe XML 1.0 specification [8],[1], it MUST be suitably escaped for inclusion within an XML stream. Resource identifiers are case sensitive. 3.5 URIs Full conformance withRFC 2396 [11][7] would be valuable. This would most likely be effected through use ofthe 'im:' and 'pres:'an 'xmpp:' URIschemes, resulting in URIsscheme of theform "im:node@host" for exchanging instant messagesfollowing form: <xmpp>:[<node-identifier>@]<domain-identifier>[?<query>] At a minimum, the 'message' and"pres:node@host"'presence' query types would be defined, with the likely addition of query types forexchanging presence.'subscribe' (to Miller & Saint-Andre Expires May 4, 2003 [Page 9] Internet-Draft XMPP Core November 2002 manage a subscription to teh presence of another entity) and 'roster' (to manage the representation of another entity in one's contact list). However, the use of such URIs has not yet been standardized. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page9]10] Internet-Draft XMPP CoreOctoberNovember 2002 4. XML Streams 4.1 Overview Two fundamental concepts make possible the rapid, asynchronous exchange of relatively small payloads of structured information between presence-aware entities: XML streams and, as a result, discrete units of structured information that are referred to as "XML chunks". (Note: in this overview we use the example of communications between a node andhost,host; however XML streams are more generalized andaremay be used for communicationsbetween a wide range of entities [see Section 4.2].) On connectingamong hosts and services as well.) In order to connect to a host, a nodeinitiatesmust initiate an XML stream by sending aproperly namespaced <stream:stream> tag, and<stream> tag to thehost replies withhost, optionally preceded by asecondtext declaration specifying the XMLstream back toversion supported and thenode.character encoding. A compliant entity must accept any namespace prefix on the <stream/> element; however, for historical reasons some entities may accept only a 'stream' prefix, resulting in use of a <stream:stream/> element. The host should then reply with a second XML stream back to the node, again optionally preceded by a text declaration. Within the context of an XML stream, a senderis able to routemay send a discrete semantic unit of structured information to any recipient. This unit of structured information is a well-balanced XML chunk, such as a message, presence, or IQ chunk (a chunk of an XML document is said to bewell- balancedwell-balanced if it matches production [43] content ofXML 1.0 specification [8]).[1]). These chunks exist at the direct child level (depth=1) of the rootstream<stream/> element. The start of any XML chunk is unambiguously denoted by the element start tag at depth=1 (e.g.,<presence>)<presence>), and the end of any XML chunk is unambiguously denoted by the corresponding close tag at depth=1 (e.g., </presence>). Each XML chunk may contain child elements or CDATA sections as necessary in order to convey the desired information from the sender to the recipient. The session is closed at the node's request by sending a closing</stream:stream></stream> tag to the host. Thus a node's session with a host can be seen as two open-ended XML documents that are built up through the accumulation of the XML chunks that are sent over the course of the session (one from the node to the host and one from the host to thenode).node), and the root <stream/> element may be considered the document entity for those streams. In essence, then, an XML stream acts as an envelope for all the XML chunks sent during a session. We can represent this graphically as follows: Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page10]11] Internet-Draft XMPP CoreOctoberNovember 2002 |-------------------| |open stream<stream> | |-------------------| | <message to=''> | | <body/> | | </message> | |-------------------| | <presence to=''> | | <show/> | | </presence> | |-------------------| | <iq to=''> | | <query/> | | </iq> | |-------------------| |close stream</stream> | |-------------------| 4.2Scope XML streams function as containers for any XML chunks sent asynchronously between network endpoints. (We now generalize those endpoints by using the terms "initiating entity" and "receiving entity".) XML streams are used for the following types of communication: o Node to Host o Host to Host o Service to Host These usages are differentiated through the inclusion of a namespace declaration in the stream from the initiating entity, which is mirrored in the reply from the receiving entity: o For node-to-host (and by extension host-to-node communications), the namespace declaration is "jabber:client". o For host-to-host commmunications, the namespace declaration is "jabber:server". o There are two ways that a service and a host can communicate: * The service initiates communications to the host. In this case the namespace declaration is "jabber:component:accept" (since the host "accepts" communications from the service). Miller & Saint-Andre Expires April 23, 2003 [Page 11] Internet-Draft XMPP Core October 2002 * The host initiates communications to the service. In this case the namespace declaration is "jabber:component:connect" (since the host "connects" to the service). 4.3Restrictions XML streams are used to transport a subset of XML. Specifically, XML streams SHOULD NOT contain processing instructions, non-predefined entities (as defined in Section 4.6 ofthe XML 1.0 specification [8]),[1]), comments, or DTDs. Any such XML data SHOULD be ignored.4.4 Elements and4.3 Stream Attributes The attributes of the stream element are asfollows:follows (we now generalize the endpoints by using the terms "initiating entity" and "receiving entity"): o to--- The 'to' attributeis normallyshould be used only in the XML stream from the initiating entity to the receiving entity, andis setmust be set to the JID of the receiving entity.Normally there isThere should be no 'to' attribute set in the XML stream by which the receiving entity replies to the initiating entity; however, if a 'to' attribute is included, it SHOULD beignored.ignored by the receiving entity. o from--- The 'from' attributeis normallyshould be used only in the XML stream from the receiving entity to the initiating entity, andismust be set to the JID of the receiving entity granting access to the initiating entity.Normally there isThere should be no 'from' attribute on the XML stream sent from the initiating entity to the receiving entity; however, if a 'from' attribute is included, it SHOULD beignored.ignored by the receiving entity. o id--- The 'id' attributeis normallyshould be used only in the XML stream Miller & Saint-Andre Expires May 4, 2003 [Page 12] Internet-Draft XMPP Core November 2002 from the receiving entity to the initiating entity.ItThis attribute is a unique identifier created by the receiving entity to function as a session key for the initiating entity's session with the receiving entity.Normally there isThere should be no 'id' attribute on the XML stream sent from the initiating entity to the receiving entity; however, if an 'id' attribute is included, it SHOULD beignored.ignored by the receiving entity. We can summarize these values as follows: | initiating to receiving | receiving to initiating ------------------------------------------------------------ to | JID of receiver | ignored from | ignored | JID of receiver id | ignored | session key 4.4 Namespace Declarations The stream element may alsocontains the followingcontain namespaceMiller & Saint-Andre Expires April 23, 2003 [Page 12] Internet-Draft XMPP Core October 2002 declarations: o xmlns -declarations as defined in [11]. A stream namespace declaration is REQUIRED in both XML streams. A compliant entity must accept any namespace prefix on the <stream/> element; however, for historical reasons some entities may accept only a 'stream' prefix, resulting in use of a <stream:stream/> element as the stream root. The'xmlns'value of the stream namespace MUST be "http://etherx.jabber.org/streams". A default namespace declaration ('xmlns') is REQUIRED and is used in both XML streams in order to scope the allowable first-level children of the root stream element for both streams. This namespace declaration must be the same for the initiating stream and the responding stream so that both streams are scoped consistently.For allowable values of thisXML streams function as containers for any XML chunks sent asynchronously between network endpoints. It should be possible to scope an XML stream with any default namespace declaration,see Section 4.2. o xmlns:stream - The 'xmlns:stream' namespace declaration is REQUIRED in both XML streams. The value MUSTi.e., it should be"http:// etherx.jabber.org/streams". In additionpossible to send any properly-namespaced XML chunk over an XML stream. However, for historical reasons existing implementations will support only thecommon data elements (Section 6),following default namespaces: o jabber:client -- this default namespace is declared when the streamelement MAY also contain <stream:error/> asis used for communications between achild element signifying thatnode and astream-level error has occurred. 4.5 Stream Errors Errors may occur at the level ofhost o jabber:server -- this default namespace is declared when thestream. Examplesstream is used for communications between two hosts Miller & Saint-Andre Expires May 4, 2003 [Page 13] Internet-Draft XMPP Core November 2002 o jabber:component:accept or jabber:component:connect -- one of these default namespaces is declared when the stream is used for communications between a host and a trusted service This document addresses the jabber:client and jabber:server namespaces only (indeed these two namespaces have identical schemas). The jabber:component:* namespaces are outside the scope of this document. 4.5 Stream Errors The root stream element MAY contain an error child element (e.g., <stream:error/> if the stream namespace prefix is 'stream'). The error child is used to signify that a stream-level error has occurred. Examples include the sending of invalid XML, the shutdown of a host, an internal server error such as the shutdown of a session manager, and an attempt by a node to authenticate as the same resource that is currently connected. If an error occurs at the level of the stream, the entity (initiating entity or receiving entity) that detects the error should send a stream error to the other entity specifying why the streams are being closed and then send a closing</stream:stream></stream> tag. XML of the following form is sent within the context of an existing stream: <stream:stream ...> ... <stream:error> Error message (e.g., "Invalid XML") </stream:error> </stream:stream> 4.6 Example The following is a simple stream-based session of a node on a host (where the NODE lines are sent from the node to the host, and the HOST lines are sent from the host to the node): Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page13]14] Internet-Draft XMPP CoreOctoberNovember 2002 A simple session: NODE: <?xml version='1.0'?> <stream:stream to='host' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'> HOST: <?xml version='1.0'?> <stream:stream from='host' id='id_123456789' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'> NODE: <message from='node@host' to='receiving-ID'> NODE: <body>Watson come here, I need you!</body> NODE: </message> HOST: <message from='receiving-ID' to='node@host'> HOST: <body>I'm on my way!</body> HOST: </message> NODE: </stream:stream> HOST: </stream:stream> These are in actuality a sending stream and a receiving stream, which can be viewed a-chronologically as two XML documents: NODE: <?xml version='1.0'?> <stream:stream to='host' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'> NODE: <message from='node@host' to='receiving-ID'> NODE: <body>Watson come here, I need you!</body> NODE: </message> NODE: </stream:stream> HOST: <?xml version='1.0'?> <stream:stream from='host' id='id_123456789' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'> HOST: <message from='receiving-ID' to='node@host'> HOST: <body>I'm on my way!</body> HOST: </message> HOST: </stream:stream> Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page14]15] Internet-Draft XMPP CoreOctoberNovember 2002 A session gone bad: NODE: <?xml version='1.0'?> <stream:stream to='host' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'> HOST: <?xml version='1.0'?> <stream:stream from='host' id='id_123456789' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'> NODE: <message><body>Bad XML, no closing body tag!</message> HOST: <stream:error>Invalid XML</stream:error> HOST: </stream:stream>4.7 DTD <!ELEMENT stream (#PCDATA | error?)*> <!ATTLIST stream to CDATA #REQUIRED from CDATA #IMPLIED id CDATA #IMPLIED xml:lang CDATA #IMPLIED> <!ELEMENT error (#PCDATA)> 4.8 Schema Miller & Saint-Andre Expires April 23, 2003 [Page 15] Internet-Draft XMPP Core October 2002 <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://etherx.jabber.org/streams' xmlns='http://etherx.jabber.org/streams' elementFormDefault='qualified'> <xsd:element name='stream'> <xsd:complexType mixed='true'> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:choice> <xsd:any namespace='jabber:client' maxOccurs='1'/> <xsd:any namespace='jabber:component:accept' maxOccurs='1'/> <xsd:any namespace='jabber:component:connect' maxOccurs='1'/> <xsd:any namespace='jabber:server' maxOccurs='1'/> <xsd:any namespace='http://www.iana.org/assignments/sasl-mechanisms' maxOccurs='1'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> <xsd:attribute name='xml:lang' type='xsd:string' use='optional'/> </xsd:complexType> </xsd:element> <xsd:element name='error' type='xsd:string'/> </xsd:schema>Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 16] Internet-Draft XMPP CoreOctoberNovember 2002 5. Stream Authentication XMPP includes two methods for enforcing authentication at the level of XML streams. When one entity is already known to another (i.e., there is an existing trust relationship between the entities such as that established when a node registers with a host or an administrator configures a host to trust a service), the preferred method for authenticating streams between the two entities uses an XMPP adaptation of the Simple Authentication and Security Layer (SASL)[9].[10]. When there is no existing trust relationship between the two entities, such trust MAY be established based on existing trust in DNS; the authentication method used when two such entities are hosts is the server dialback protocol that is native to XMPP. Both of these methods are described in this section. 5.1 SASL Authentication 5.1.1 Overview The Simple Authentication and Security Layer (SASL) provides a generalized method for adding authentication support to connection- based protocols. XMPP uses a generic XML namespace profile for SASL that conforms to section 4 ("Profiling Requirements") ofRFC 2222 [9][10] (the namespace identifier for this protocol is http://www.iana.org/ assignments/sasl-mechanisms). If an entity (node, host, or service) is capable of authenticating by means of SASL, it MUST include the agreed-upon SASL namespace within the<stream:stream>opening root stream tag it uses to initiate communications. The following example shows the use of SASL in node authentication with a host, for which the steps involved are as follows:o Node1. The node requests SASL authentication by including the appropriate namespace declaration(xmlns:sasl='http://www.iana.org/ assignments/sasl-mechanisms')(xmlns:sasl='http:// www.iana.org/assignments/sasl-mechanisms') in the opening XML stream header sent to the host.o Host2. The host includes the xmlns:sasl namespace declaration in the XML stream header sent in reply to the node.o Host3. The host responds with a list of available SASL authentication mechanisms, each of which is a <mechanism/> element included as a child within a <mechanisms/> container elementwithin a <sasl:features/> elementthat is sent as a first-level child of the<stream:stream/>root <stream/> element.o Node4. The node selects a mechanism by sending a <sasl:auth/> element to the host; this element MAY optionally contain character data. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 17] Internet-Draft XMPP CoreOctoberNovember 2002o5. If necessary, the host challenges the node by sending a <sasl:challenge/> element to the node; this element MAY optionally contain character data.o Node6. The node responds to challenge by sending a <sasl:response/> element to the host; this element MAY optionally contain character data.o7. If necessary, the host sends more challenges and the node sends more responses. This series of challenge/response pairs continues until one of three things happens: oNodeThe node aborts the handshake by sending a <sasl:abort/> element to the host. oHostThe host reports failure by sending a <sasl:failure/> element to the node. oHostThe host reports success by sending a <sasl:success/> element to the node; this element MAY optionally contain character data. Any character data contained within these elements MUST be encoded using base64. 5.1.2 Example The following example shows the data flow for a node authenticating with a host using SASL. Step 1: Node initiates stream to host: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' xmlns:sasl='http://www.iana.org/assignments/sasl-mechanisms' to='capulet.com' version='1.0'> Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page 18] Internet-Draft XMPP CoreOctoberNovember 2002 Step 2: Host responds with a stream tag sent to the node: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' xmlns:sasl='http://www.iana.org/assignments/sasl-mechanisms' id='12345678' version='1.0'> Step 3: Host informs node of available authenticationmechanisms as well as support for TLS:mechanisms: <sasl:features> <mechanisms xmlns='http://www.iana.org/assignments/sasl-mechanisms'> <mechanism>DIGEST-MD5</mechanism> <mechanism>PLAIN</mechanism> </mechanisms> <starttls xmlns='http://www.ietf.org/rfc/rfc2246.txt'/> </sasl:features> Step 4: Node selects an authentication mechanism:<sasl:auth>DIGEST-MD5</sasl:auth><sasl:auth mechanism='DIGEST-MD5'/> Step 5: Host sends a challenge to the node: <sasl:challenge> cmVhbG09ImNhdGFjbHlzbS5jeCIsbm9uY2U9Ik9BNk1HOXRFUUdtMmhoIi xxb3A9ImF1dGgiLGNoYXJzZXQ9dXRmLTgsYWxnb3JpdGhtPW1kNS1zZXNz </sasl:challenge> Step 6: Node responds to the challenge: <sasl:response> dXNlcm5hbWU9InJvYiIscmVhbG09ImNhdGFjbHlzbS5jeCIsbm9uY2U9Ik 9BNk1HOXRFUUdtMmhoIixjbm9uY2U9Ik9BNk1IWGg2VnFUclJrIixuYz0w MDAwMDAwMSxxb3A9YXV0aCxkaWdlc3QtdXJpPSJqYWJiZXIvY2F0YWNseX NtLmN4IixyZXNwb25zZT1kMzg4ZGFkOTBkNGJiZDc2MGExNTIzMjFmMjE0 M2FmNyxjaGFyc2V0PXV0Zi04 </sasl:response>Miller & Saint-Andre Expires April 23, 2003 [Page 19] Internet-Draft XMPP Core October 2002Step 7: Host sends another challenge to the node: <sasl:challenge> cnNwYXV0aD1lYTQwZjYwMzM1YzQyN2I1NTI3Yjg0ZGJhYmNkZmZmZA== </sasl:challenge> Miller & Saint-Andre Expires May 4, 2003 [Page 19] Internet-Draft XMPP Core November 2002 Step 8: Node responds to the challenge: <sasl:response/> Step 9: Host informs node of successful authentication: <sasl:success/> Step 9 (alt): Host informs node of failed authentication: <sasl:failure/>5.1.3 DTD The DTD for the sasl: namespace is as follows: <!ELEMENT features ((mechanisms | starttls)*)> <!ELEMENT mechanisms (mechanism)*> <!ELEMENT mechanism (#PCDATA)> <!ELEMENT starttls (#PCDATA)> <!ELEMENT auth (#PCDATA)> <!ELEMENT challenge (#PCDATA)> <!ELEMENT response (#PCDATA)> <!ELEMENT abort (#PCDATA)> <!ELEMENT success (#PCDATA)> <!ELEMENT failure (#PCDATA)> 5.1.4 Schema Miller & Saint-Andre Expires April 23, 2003 [Page 20] Internet-Draft XMPP Core October 2002 <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://www.iana.org/assignments/sasl-mechanisms' xmlns='http://www.iana.org/assignments/sasl-mechanisms' elementFormDefault='qualified'> <xsd:element name='features'> <xsd:complexType> <xsd:choice> <xsd:element ref='mechanisms' minOccurs='0' maxOccurs='1'/> <xsd:element ref='starttls' minOccurs='0' maxOccurs='1'/> </xsd:choice> </xsd:complexType> </xsd:element> <xsd:element name='mechanisms'> <xsd:complexType> <xsd:sequence minOccurs='0' maxOccurs='unbounded'> <xsd:element ref='mechanism'/> </xsd:sequence> </xsd:complexType> </xsd:element> <xsd:element name='mechanism' type='xsd:string'/> <xsd:element name='starttls' type='xsd:string'/> <xsd:element name='auth' type='xsd:string'/> <xsd:element name='challenge' type='xsd:string'/> <xsd:element name='response' type='xsd:string'/> <xsd:element name='abort' type='xsd:string'/> <xsd:element name='success' type='xsd:string'/> <xsd:element name='failure' type='xsd:string'/> </xsd:schema>5.2 Dialback Authentication XMPP includes a protocol-level method for verifying that a connection between two hosts may be trusted. The method is called dialback and is used only within XML streams that are declared under the "jabber:server" namespace. The purpose of the dialback protocol is to make server spoofing more difficult, and thus to make it more difficult to forge XML chunks. Dialback is not intended as a mechanism for securing or encrypting the streams between servers, only for helping to prevent the spoofing of a hostname and the sending of false data from it. Dialback isMiller & Saint-Andre Expires April 23, 2003 [Page 21] Internet-Draft XMPP Core October 2002made possible by the existence of DNS, since one host can verify that another host which is connecting to it is authorized to represent a given host on the Jabber network. All DNS host resolutions must first resolve the host using an SRV[10][12] record of _jabber._tcp.host. If the SRV lookup fails, the fallback is a normal A lookup to determine the IP address, using the jabber-server port of 5269 assigned by the Internet Assigned Numbers Authority[5].[6]. Note that the method used to generate and verify the keys used in the dialback protocol must take into account the hostnames being used, along with a secret known only by the receiving host and the random id per stream. Generating unique but verifiable keys is important to prevent common man-in-the-middle attacks and host spoofing. In the description that follows we use the following terminology: o Originating Host--- the host that is attempting to establish a connection between the two hosts o Receiving Host--- the host that is trying to authenticate that the Originating Host represents the Jabber host which it claims to be o Authoritative Host--- the host which is given when a DNS lookup is Miller & Saint-Andre Expires May 4, 2003 [Page 20] Internet-Draft XMPP Core November 2002 performed on the name that the Originating Host initially gave; for simple environments this will be the Originating Host, but it could be a separate machine in the Originating Host's network The following is a brief summary of the order of events in dialback: 1. Originating Host establishes a connection to Receiving Host. 2. Originating Host sends a 'key' value over the connection to Receiving Host. 3. Receiving Host establishes a connection to Authoritative Host. 4. Receiving Host sends the same 'key' value to Authoritative Host. 5. Authoritative Host replies that key is valid or invalid. 6. Receiving Host tells Originating Host whether it is authenticated or not. We can represent this flow of events graphically as follows: Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page22]21] Internet-Draft XMPP CoreOctoberNovember 2002 Originating Receiving Host Host ----------- --------- | | | establish connection | | ----------------------> | | | | send stream header | | ----------------------> | | | | establish connection | | <---------------------- | | | | send stream header | | <---------------------- | | | Authoritative | send dialback key | Host | ----------------------> | ------------- | | | | establish connection | | ----------------------> | | | | send stream header | | ----------------------> | | | | send stream header | | <---------------------- | | | | send dialback key | | ----------------------> | | | | validate dialback key | | <---------------------- | | | report dialback result | | <---------------------- | | | 5.2.1 Dialback Protocol The traffic sent between the hosts is as follows: 1. Originating Host establishes connection to Receiving Host 2. Originating Host sends a stream header to Receiving Host (the 'to' and 'from' attributes are not required): Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page23]22] Internet-Draft XMPP CoreOctoberNovember 2002 <stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:server' xmlns:db='jabber:server:dialback'> Note: the value of the xmlns:db namespace declaration indicates to Receiving Host that the Originating Host supports dialback. 3. Receiving Host sends a stream header back to Originating Host (the 'to' and 'from' attributes are not required): <stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:server' xmlns:db='jabber:server:dialback' id='457F9224A0...'> 4. Originating Host sends a dialback key to Receiving Host: <db:result to='Receiving Host' from='Originating Host'> 98AF014EDC0... </db:result> Note: this key is not examined by Receiving Host, since the Receiving Host does not keep information about Originating Host between sessions. 5. Receiving Host now establishes a connection back to Originating Host, getting the Authoritative Host. 6. Receiving Host sends Authoritative Host a stream header (the 'to' and 'from' attributes are not required): <stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:server' xmlns:db='jabber:server:dialback'> 7. Authoritative Host sends Receiving Host a stream header: <stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:server' xmlns:db='jabber:server:dialback' id='1251A342B...'> Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page24]23] Internet-Draft XMPP CoreOctoberNovember 2002 8. Receiving Host sends Authoritative Host a chunk indicating it wants Authoritative Host to verify a key: <db:verify from='Receiving Host' to='Originating Host' id='457F9224A0...'> 98AF014EDC0... </db:verify> Note: passed here are the hostnames, the original identifier from Receiving Host's stream header to Originating Host in step 2, and the key Originating Host gave Receiving Host in step 3. Based on this information and shared secret information within the 'Originating Host' network, the key is verified. Any verifiable method can be used to generate the key. 9. Authoritative Host sends a chunk back to Receiving Host indicating whether the key was valid or invalid: <db:result from='Originating Host' to='Receiving Host' type='valid' id='457F9224A0...'/> or <db:result from='Originating Host' to='Receiving Host' type='invalid' id='457F9224A0...'/> 10. Receiving Host informs Originating Host of the result: <db:result from='Receiving Host' to='Originating Host' type='valid'/> Note: At this point the connection has either been validated via a type='valid', or reported as invalid. Once the connection is validated, data can be sent by the Originating Host and read by the Receiving Host; before that, all data chunks sent to Receiving Host SHOULD be dropped. As a final guard against domain spoofing, the Receiving Host MUST verify that all XML chunks received from the Originating Host include a 'from' Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page25]24] Internet-Draft XMPP CoreOctoberNovember 2002 attribute and that from address of each chunk includes the validated domain. In addition, all XML chunks of type message, presence, and IQ MUST include a 'to' attribute. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page26]25] Internet-Draft XMPP CoreOctoberNovember 2002 6.CommonCore Data Elements 6.1 Overview Thecommoncore data elements for XMPP communications are <message/>, <presence/>, and <iq/>. These data elements are sent as direct (depth=1) children of the root<stream:stream/> element. 6.2 The Message Element This section describes the valid attributes<stream/> element andchild elementsare scoped by one of themessage element. 6.2.1default namespaces identified in Section 4.4. 6.2 Common AttributesA message chunk may possess the following attributes: oFour attributes are common to- Specifiesmessage, presence, and IQ chunks. These are defined below. 6.2.1 to The 'to' attribute specifies the JID of the intended recipientoffor themessagechunk.oA chunk SHOULD possess a 'to' attribute. A chunk sent from- Specifies the sender of the message chunk. o id - An optional unique identifiera node to a host for handling by that host (e.g., presence sent to thepurpose of tracking messages.host for broadcasting to other entities) MAY legitimately lack a 'to' attribute. 6.2.2 from Thesender'from' attribute specifies the JID of themessagesender. A node MUST NOT include a 'from' attribute on the chunks it sends to a host; if a host receives a chunksets thisfrom a node and the chunk possesses a 'from' attribute,which MAY be returned in any replies. o type - An optional specificationit must ignore the value of theconversational context'from' attribute. A host MUST stamp chunks received from a node with the user@host/resource (full JID) of themessage. For detailed information aboutconnected resource that generated themain usechunk. A host MUST include a 'from' attribute on chunks it routes to other hosts. The domain identifier ofthis attribute, see XMPP IM [2]. Ifthe JID contained in the 'from' attribute MUST match the hostname of the host as communicated in the dialback negotiation (or apreviously-sent message cannotsubdomain thereof). 6.2.3 id The optional 'id' attribute may beprocessedused to track chunks sent and received. The 'id' attribute is generated by the sender. An 'id' attribute included in an IQ request of type "get" ordelivered, a host"set" SHOULDreturn that messagebe returned to the sender ina message of type="error" that contains an <error/> child. o xml:lang - An optional specificationany IQ response of type "result" or "error" generated by thelanguage associated with any text contained inrecipient of themessage chunk. 6.2.2 Childrenrequest. A recipient of a message or presence chunk MAYcontain zero or one of each of the following child elements (which may not contain mixed content): o body - The textual contents of the message; normally included but not required. The <body/> element MUST NOT have any attributes. o subject - The subject of the message. The <subject/> element MUST NOT have any attributes. o thread - A random stringreturn that 'id' in any replies, but isgenerated by the sender and thatnot required to do so. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page27]26] Internet-Draft XMPP CoreOctoberNovember 2002MAY be copied back in replies; it is used for tracking a conversation thread.6.2.4 type The<thread/> element MUST NOT have any attributes. o error - If'type' attribute specifies detailed information about themessage ispurpose or context oftype="error",the<message/>message, presence, or IQ chunk. The particular allowable values for the 'type' attribute vary depending on whether the chunkMUST include an <error/> child, which in turn MUST haveis a'code' attribute correspondingmessage, presence, or IQ, and thus are specified in the following sections. 6.3 Message Chunks Message chunks in the 'jabber:client' or 'jabber:server' namespace are used toone"push" information to another entity. Common uses in the context of instant messaging include single messages, messages sent in thestandard error codes (Appendix A)context of a chat conversation, messages sent in the context of a multi-user chat room, headlines, andMAY also contain PCDATA corresponding toerrors. These messages types are identified more fully below. 6.3.1 Types of Message The 'type' attribute of anatural-language descriptionmessage chunk is optional and specifies the conversational context of theerror. As previously described under extended namespaces (Section 7.4),message. The sending of a message chunkMAY also contain any properly-namespaced child element (other thanwithout a 'type' attribute signals that thecommon data elements, stream elements, or defined children thereof). 6.2.3 DTD <!ELEMENTmessage(( body? | subject? | thread? | error? | (#PCDATA) )*)> <!ATTLISTchunk is a single message. However, the 'type' attribute may also have one of the following values: o chat -- The messageto CDATA #IMPLIED from CDATA #IMPLIED id CDATA #IMPLIED type ( normal |is sent in the context of a one-to-one chat|conversation. o groupchat|-- The message is sent in the context of a multi-user chat environment. o headline|-- The message is generated by an automated service that delivers content (news, sports, market information, etc.). o error) #IMPLIED xml:lang CDATA #IMPLIED > <!ELEMENT body (#PCDATA)> <!ELEMENT subject (#PCDATA)> <!ELEMENT thread (#PCDATA)> <!ELEMENT- A message returned to a sender specifying an error(#PCDATA)> <!ATTLISTassociated with a previous message sent by the sender (for a full list of errorcode CDATA #REQUIRED> 6.2.4 Schema <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://www.jabber.org/protocol' xmlns='http://www.jabber.org/protocol' elementFormDefault='qualified'> <xsd:element name='message'> <xsd:complexType mixed='true'> <xsd:choice> <xsd:element ref='body' minOccurs='0' maxOccurs='1'/>messages, see error codes (Appendix A)) For detailed information about these message types, refer to XMPP IM [2]. 6.3.2 Children If a message chunk in the 'jabber:client' or 'jabber:server' namespace has no 'type' attribute or has a 'type' attribute with a value of "chat", "groupchat", or "headline", it MAY contain zero or one of each of the following child elements (which MUST NOT contain mixed content): Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page28]27] Internet-Draft XMPP CoreOctoberNovember 2002<xsd:element ref='subject' minOccurs='0' maxOccurs='1'/> <xsd:element ref='thread' minOccurs='0' maxOccurs='1'/> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> <xsd:attribute name='type' use='optional' default='normal'> <xsd:simpleType> <xsd:restriction base='xsd:NCName'> <xsd:enumeration value='normal'/> <xsd:enumeration value='chat'/> <xsd:enumeration value='groupchat'/> <xsd:enumeration value='headline'/> <xsd:enumeration value='error'/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name='xml:lang' type='xsd:string' use='optional'/> </xsd:complexType> </xsd:element> <xsd:element name='body' type='xsd:string'/> <xsd:element name='subject' type='xsd:string'/> <xsd:element name='thread' type='xsd:string'/> <xsd:element name='error'> <xsd:complexType> <xsd:attribute name='code' type='xsd:nonNegativeInteger' use='required'/> </xsd:complexType> </xsd:element> </xsd:schema> 6.3o body -- ThePresence Elementtextual contents of the message; normally included but not required. The <body/> element MUST NOT have any attributes. o subject -- The subject of the message. The <subject/> element MUST NOT have any attributes. o thread -- A random string that is generated by the sender and that MAY be copied back in replies; it is used for tracking a conversation thread. The<presence/><thread/> element MUST NOT have any attributes. If the message chunk is of type "error", it MUST include an <error/> child, which in turn MUST possess a 'code' attribute corresponding to one of the standard error codes (Appendix A) and MAY also contain PCDATA corresponding to a natural-language description of the error. An <error/> child MUST NOT be included if the chunk type is anything other than "error". As described under extended namespaces (Section 6.6), a message chunk MAY also contain any properly-namespaced child element (other than the core data elements, stream elements, or defined children thereof). 6.4 Presence Chunks Presence chunks are used in the 'jabber:client' or 'jabber:server' namespace to express an entity's current availability status (offline or online, along with various sub-states of the latter) and to communicate that status to other entities.It isThey are also used to negotiate and manage subscriptions to the presence of other entities.Miller & Saint-Andre Expires April 23, 2003 [Page 29] Internet-Draft XMPP Core October 2002 6.3.1 Attributes A6.4.1 Types of Presence The 'type' attribute of a presence chunkMAY possess the following attributes: o to - Specifies the intended recipient of theis optional. A presence chunk(if any). o from - Specifiesthat does not have a 'type' attribute is used to signal that the senderof the presence chunk. o id - A unique identifieris online and available for communication. If included, thepurpose'type' attribute specifies the availability state oftracking presence. The sender of the presence chunk sets this attribute, which may be returned in any replies. o type - Describestheavailability state,sender, a request to manage a subscriptionrequest, presence request, or error. No 'type' attribute,to another entity's presence, a request for another entity's current presence, orinclusion ofan error related to atype not specified here, implies that the resource is available.previously-sent presence chunk. Thetype SHOULD be'type' attribute may have one of thefollowing: *following values: o unavailable--- Signals that the entity is no longer available for communication.*o subscribe--- The sender wishes to subscribe to the recipient's presence.*Miller & Saint-Andre Expires May 4, 2003 [Page 28] Internet-Draft XMPP Core November 2002 o subscribed--- The sender has allowed the recipient to receive their presence.*o unsubscribe--- A notification that an entity is unsubscribing from another entity's presence.*o unsubscribed--- The subscription request has been denied or a previously-granted subscription has been cancelled.*o probe--- A request for an entity's current presence.*o error--- An error has occurred regarding processing or delivery of a previously-sent presence chunk.o xml:lang - An optional specification ofInformation about thelanguage associated with any text containedsubscription model used within XMPP may be found inthe presence chunk. 6.3.2[2]. 6.4.2 ChildrenAIf a presence chunkmaypossesses no 'type' attribute, it MAY contain zero or one of each of the following childelements:elements (for historical reasons the <status/> child MAY be sent in a presence chunk of type "subscribe"): o show--- Describes the availability status of an entity or specificMiller & Saint-Andre Expires April 23, 2003 [Page 30] Internet-Draft XMPP Core October 2002resource. The value SHOULD be one of the following (values other than these fourare typicallyMAY be ignored; additional availability typescouldshould be defined through a properly-namespaced child element of the presence chunk): * away- Entity-- The entity or resource is temporarily away. * chat- Entity-- The entity or resource isfree to chat.actively interested in chatting. * xa- Entity-- The entity or resource is away for an extended period (xa = "eXtended Away"). * dnd- Entity-- The entity or resource is busy (dnd = "Do Not Disturb"). o status--- An optional natural-language description of availability status. Normally used in conjunction with the show element to provide a detailed description of an availability state (e.g., "In a meeting"). o priority--- A non-negative integer representing the priority level of the connected resource, with zero as the lowest priority.o error -Miller & Saint-Andre Expires May 4, 2003 [Page 29] Internet-Draft XMPP Core November 2002 If the presence chunk is oftype="error", the <presence/> chunktype "error", it MUST include an <error/> child, which in turn MUSThavepossess a 'code' attribute corresponding to one of the standard error codes (Appendix A) and MAY also contain PCDATA corresponding to a natural-language description of the error. An <error/> child MUST NOT be included if the chunk type is anything other than "error". Aspreviouslydescribed under extended namespaces (Section7.4),6.6), a presence chunk MAY also contain any properly-namespaced child element (other than thecommoncore data elements, stream elements, or defined children thereof).Miller & Saint-Andre Expires April 23, 2003 [Page 31] Internet-Draft XMPP Core October 2002 6.3.3 DTD <!ELEMENT presence (( show? | status? | priority? | error? )*)> <!ATTLIST presence to CDATA #IMPLIED from CDATA #IMPLIED id CDATA #IMPLIED type ( subscribe | subscribed | unsubscribe | unsubscribed | unavailable | error ) #IMPLIED xml:lang CDATA #IMPLIED > <!ELEMENT show (#PCDATA)> <!ELEMENT status (#PCDATA)> <!ELEMENT priority (#PCDATA)> <!ELEMENT error (#PCDATA)> <!ATTLIST error code CDATA #REQUIRED> 6.3.4 Schema <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://www.jabber.org/protocol' xmlns='http://www.jabber.org/protocol' elementFormDefault='qualified'> <xsd:element name='presence'> <xsd:complexType> <xsd:choice> <xsd:element ref='show' minOccurs='0' maxOccurs='1'/> <xsd:element ref='status' minOccurs='0' maxOccurs='1'/> <xsd:element ref='priority' minOccurs='0' maxOccurs='1'/> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> <xsd:attribute name='type' use='optional'> <xsd:simpleType> <xsd:restriction base='xsd:string'> <xsd:enumeration value='unavailable'/> Miller & Saint-Andre Expires April 23, 2003 [Page 32] Internet-Draft XMPP Core October 2002 <xsd:enumeration value='subscribe'/> <xsd:enumeration value='subscribed'/> <xsd:enumeration value='unsubscribe'/> <xsd:enumeration value='unsubscribed'/> <xsd:enumeration value='error'/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name='xml:lang' type='xsd:string' use='optional'/> </xsd:complexType> </xsd:element> <xsd:element name='show'> <xsd:simpleType> <xsd:restriction base='xsd:string'> <xsd:enumeration value='away'/> <xsd:enumeration value='chat'/> <xsd:enumeration value='xa'/> <xsd:enumeration value='dnd'/> </xsd:restriction> </xsd:simpleType> </xsd:element> <xsd:element name='status' type='xsd:string'/> <xsd:element name='priority' type='xsd:nonNegativeInteger'/> <xsd:element name='error'> <xsd:complexType> <xsd:attribute name='code' type='xsd:nonNegativeInteger' use='required'/> </xsd:complexType> </xsd:element> </xsd:schema> 6.4 The6.5 IQElement 6.4.1Chunks 6.5.1 Overview Info/Query, or IQ, is a simple request-response mechanism. Just as HTTP is a request-response medium, IQ chunks in theiq element enables'jabber:client' or 'jabber:server' namespace enable an entity to make a request of, and receive a response from, another entity. The data content of the request and response is defined by the namespace declaration of a direct child element of the iq element. Most IQ interactions follow a common pattern of structured data exchange such as get/result or set/result:Miller & Saint-Andre Expires April 23, 2003 [Page 33] Internet-Draft XMPP Core October 2002Requesting Responding Entity Entity ---------- ---------- | | | <iq type="get"> | | ---------------------> | | | | <iq type="result"> | | <--------------------- | | | | <iq type="set"> | | ---------------------> | | | | <iq type="result"> | | <--------------------- | | |6.4.2 Attributes An IQ chunk MAY possess the following attributes: o to - Specifies the intended recipient of the IQ chunk. o from - Specifies the sender6.5.2 Types oftheIQchunk. o id - An optional unique identifier for the purpose of tracking the request-response interaction.Thesender'type' attribute ofthean IQ chunksets this attribute, which may be returned in any replies. o type -is REQUIRED. Therequired'type' attribute specifies a distinct step within a request-response Miller & Saint-Andre Expires May 4, 2003 [Page 30] Internet-Draft XMPP Core November 2002 interaction. The value SHOULD be one of the following (all other valuesareMAY be ignored):*o get--- The chunk is a request for information.*o set--- The chunkcontains data intended to provideprovides required data,setsets new values, orreplacereplaces existing values.*o result--- The chunk is a response to a successful get or set request.*o error--- An error has occurred regarding processing or delivery of a previously-sent get or set.o xml:lang -6.5.3 Children Anoptional specification of the language associated with any text contained in theIQchunk. Miller & Saint-Andre Expires April 23, 2003 [Page 34] Internet-Draft XMPP Core October 2002 6.4.3 Children In the strictest terms, the iq elementchunk contains no children in the 'jabber:client' or 'jabber:server' namespace since it is a vessel for XML in another namespace. Aspreviouslydescribed under extended namespaces (Section7.4),6.6), an IQ chunk MAY contain any properly-namespaced child element (other than thecommoncore data elements, stream elements, or defined children thereof). If the IQ chunk is oftype="error", the <iq/> chunktype "error", it MUST include an<error/ ><error/> child, which in turn MUSThavepossess a 'code' attribute corresponding to one of the standard error codes (Appendix A) and MAY also contain PCDATA corresponding to a natural-language description of the error.6.4.4 DTD <!ELEMENT iq ( error | (#PCDATA) )*> <!ATTLIST iq to CDATA #IMPLIED from CDATA #IMPLIED id CDATA #IMPLIEDAn <error/> child MUST NOT be included if the chunk type( get | set | result | error ) #REQUIRED xml:lang CDATA #IMPLIED > <!ELEMENT error (#PCDATA)> <!ATTLIST error code CDATA #REQUIRED> 6.4.5 Schema <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://www.jabber.org/protocol' xmlns='http://www.jabber.org/protocol' elementFormDefault='qualified'> <xsd:element name='iq'> <xsd:complexType mixed='true'> <xsd:choice> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> Miller & Saint-Andre Expires April 23, 2003 [Page 35] Internet-Draft XMPP Core October 2002 <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> <xsd:attribute name='type' use='required'> <xsd:simpleType> <xsd:restriction base='xsd:string'> <xsd:enumeration value='get'/> <xsd:enumeration value='set'/> <xsd:enumeration value='result'/> <xsd:enumeration value='error'/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name='xml:lang' type='xsd:string' use='optional'/> </xsd:complexType> </xsd:element> <xsd:element name='error'> <xsd:complexType> <xsd:attribute name='code' type='xsd:nonNegativeInteger' use='required'/> </xsd:complexType> </xsd:element> </xsd:schema> Miller & Saint-Andre Expires April 23, 2003 [Page 36] Internet-Draft XMPP Core October 2002 7. XML Usage within XMPP 7.1 Overview In essence, XMPPis anything other than "error". 6.6 Extended Namespaces While the coreconsists of three interrelated parts: 1. XML streams (Section 4), whichdata elements defined in this document provide astateful meansbasic level of functionality fortransporting data in an asynchronous manner from one entitymessaging and presence, XMPP uses XML namespaces toanother 2. stream authentication using SASL authentication (Section 5.1) orextend thedialback protocol (Section 5.2) 3. commoncore data elements(Section 6) (message, presence, and iq), which provide a frameworkforcommunications between entities XML [8] is used to define each of these protocols, as described in detail inthefollowing sections. In addition, XMPP contains protocol extensions (such as extended namespaces)purpose of providing additional functionality. Thus a message, presence, or IQ chunk may house one or more optional child elements containing content thataddressextends thespecific functionality required to create a basic instant messaging and presence application; these non- core protocol extensions are defined in XMPP IM [2]. 7.2 Namespaces XML Namespaces [12] are used within all XMPP-compliant XML to create strict boundaries of data ownership. The basic functionmeaning ofnamespaces is to separate different vocabulariesthe message (e.g., an encrypted form ofXML elements that are structurally mixed together. Ensuring that XMPP-compliant XML is namespace-aware enables any XML tothe message body as described in Appendix C). This child element MAY bestructurally mixed withanydataelementwithin XMPP. This feature is relied upon frequently within XMPP to separate(other than theXML that is processed by different services. Additionally, XMPP is more strict aboutcore data elements, stream elements, or defined children thereof). The child element MUST possess an 'xmlns' namespaceprefixesdeclaration (other than theXMLstream namespacespecification requires. 7.3 Validation A host is not responsible for validatingand theXML elements forwarded to a node; an implementation MAY choose to provide only validated data elements but is not REQUIRED to do so. Nodes and services SHOULD NOT rely on the ability to send data which does not conform to the schemas, and SHOULD ignore any non-conformant elements or attributes on the incoming XML stream. Miller & Saint-Andre Expires April 23, 2003 [Page 37] Internet-Draft XMPP Core October 2002 7.4 Extended Namespaces While the common data elements defined in this document provide a basic level of functionality for messaging and presence, XMPP uses XML namespaces to extend the common data elements for the purpose of providing additional functionality. Thus a message, presence, or iq element may house an optional element containing content that extends the meaning of the message (e.g., an encrypted form of the message body). In XMPP usage this child element is often the <x/> element (in message and presence chunks) or the <query/> element (in IQ chunks), but it MAY be any element (other than the common data elements, stream elements, or defined children thereof). The child element MUST possess an 'xmlns' namespace declaration (other than those defined for XML streams)default namespace) that defines all data contained within the child element.Note that the extended namespaces accepted by the Jabber Software Foundation [13] all begin with the string 'jabber:x' or 'jabber:iq' (e.g., jabber:iq:register). 7.5 Handling of Extended NamespacesSupport for any given extendednamespacesnamespace is OPTIONAL on the part of any implementation. If an entity does not understand such achild element or itsMiller & Saint-Andre Expires May 4, 2003 [Page 31] Internet-Draft XMPP Core November 2002 namespace, it must ignore the associated XML data. If an entity receives an IQ chunk in a namespace it does not understand, the entity SHOULD return an IQ chunk of type "error" with an error element of code 400 (bad request). If an entity receives a message or presence chunk that contains XML data in an extended namespace it does not understand, the portion of the chunk that is in the unknown namespace SHOULD be ignored. If an entity receives a message chunk without a <body/> element butwithcontaining only a child element bound by a namespace it does not understand, it MUST ignore that chunk.7.6 Inclusion of Prolog The prolog to an XML document is not a processing instruction. Applications MAY send a prolog. Applications MUST follow the rules in [12] concerning the circumstances in which a prolog is included.Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page38]32] Internet-Draft XMPP CoreOctoberNovember 20028. Internationalization Considerations 8.1 Character Encodings Software implementing7. XMLstreams MUST support the UTF-8 and UTF-16 encodings for received data. Software MUST NOT attempt to use any other encoding for transmitted data. The encodingsUsage within XMPP 7.1 Overview In essence, XMPP core consists ofthe transmit and receivethree interrelated parts: 1. XML streamsare independent. Software may select either UTF- 8 or UTF-16(Section 4), which provide a stateful means for transporting data in an asynchronous manner from one entity to another 2. stream authentication using SASL authentication (Section 5.1) or thetransmitted stream,dialback protocol (Section 5.2) 3. core data elements (Section 6) (message, presence, andshould deduce the encodingiq), which provide a framework for communications between entities XML [1] is used to define each ofthe received streamthese protocols, as described in[12]. 8.2 Language Declarations Message, presence, and IQ chunks sent over XML streams may contain textdetail inmany different languages. Therefore it is important to explicitly identifythelanguage in use. This is done usingfollowing sections. In addition, XMPP contains protocol extensions (such as extended namespaces) that address thexml:lang attribute describedspecific functionality required to create a basic instant messaging and presence application; these non- core protocol extensions are defined in[8].XMPP IM [2]. 7.2 Namespaces XML Namespaces [11] are used within all XMPP-compliant XML to create strict boundaries of data ownership. Thefollowing rules applybasic function of namespaces is touseseparate different vocabularies ofthe xml:attribute onXMLstreams andelements that are structurally mixed together. Ensuring that XMPP-compliant XML is namespace-aware enables any XMLchunks. o A node SHOULD include an xml:lang declaration on the stream:stream it initiatestoa host, denoting the node's default (preferred) language. o If the host detects an xml:lang declaration onbe structurally mixed with any data element within XMPP. This feature is relied upon frequently within XMPP to separate thestream:stream from a node, it SHOULD remember that value. o If a host does not receive an xml:lang from a node, it SHOULD have a configurable default localeXML thatit remembers instead. o For all chunks, if the node does not send an xml:lang attribute onis processed by different services. Mainly for historical reasons, theroot tagdefault namespace for XMPP data chunks MUST be one of thepacket,namespaces identified in Section 4.4. Additionally, XMPP is more strict about namespace prefixes than theserver SHOULD apply its remembered value. o IfXML namespace specification requires. 7.3 Validation A host is not responsible for validating the XML elements forwarded to anode does sendnode; anxml:lang attribute on a chunk, the server MUSTimplementation MAY choose to provide only validated data elements but is NOTmodify or delete it. o A hostREQUIRED to do so. Nodes and services SHOULDinclude an xml:lang declarationNOT rely on thestream:stream withability to send data whichit repliesdoes not conform toa node, denotingthehost's default (preferred) language. Miller & Saint-Andre Expires April 23, 2003 [Page 39] Internet-Draft XMPP Core October 2002 9. IANA Considerations The IANA registers "jabber-client"schemas, and"jabber-server" as GSS-API [16] service names, as specified in Section 6.1.1.SHOULD ignore any non-conformant elements or attributes on the incoming XML stream. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page40]33] Internet-Draft XMPP CoreOctoberNovember 200210. Security Considerations 10.1 Node-to-Host Communications The SASL protocol for authenticating7.4 Character Encodings Software implementing XML streamsnegotiated between a node and a host (defined under Section 5.1 above) provides a reliable mechanismMUST support the UTF-8 and UTF-16 encodings forvalidating that a node connecting to a host is who it claimsreceived data. Software MUST NOT attempt tobe. 10.2 Host-to-Host Communications It is OPTIONAL foruse anygiven host to communicate withotherhosts, and host-to-host communications MAY be disabled by the administrator of any given deployment. If two hosts would like to enable communications between themselves, they MUST form a relationshipencoding for transmitted data. The encodings oftrust at some level,the transmit and receive streams are independent. Software may select eitherbased on trust in DNSUTF- 8 orbased on a pre-existing trust relationship (e.g., through exchange of certificates). If two hosts have a pre-existing trust relationship, they MAY use SASL Authentication (Section 5.1)UTF-16 for thepurposetransmitted stream, and should deduce the encoding ofauthenticating each other. If they do not havethe received stream as described in [1]. 7.5 Inclusion of Text Declaration An application MAY send apre-existing relationship, theytext declaration. Applications MUSTusefollow theDialback Protocol (Section 5.2),rules in [1] concerning the circumstances in whichprovidesareliable mechanism for preventing the spoofing of hosts. 10.3 Use of SASL Although service provisioningtext declaration isa policy matter, at a minimum, all implementations must provide: for authentication: the SASL DIGEST-MD5 mechanism Further, node implementations may choose to offer MIME-based security services providing message integrityincluded. Miller & Saint-Andre Expires May 4, 2003 [Page 34] Internet-Draft XMPP Core November 2002 8. IANA Considerations The IANA registers "jabber-client" andconfidentiality, such"jabber-server" asOpenPGPGSS-API [14]or S/MIME [15].service names, as specified in Section 6.1.1. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page41]35] Internet-Draft XMPP CoreOctoberNovember 2002References [1] Bradner, S., "Key words for use in RFCs9. Internationalization Considerations o A node SHOULD include an xml:lang declaration on the stream:stream it initiates toIndicate Requirement Levels", BCP 14, RFC 2119, March 1997. [2] Miller, J. and P. Saint-Andre, "XMPP Instant Messaging (draft- miller-jabber-xmpp-im-00, work in progress)", June 2002. [3] Postel, J., "Simple Mail Transfer Protocol", STD 10, RFC 821, August 1982. [4] Universitya host, denoting the node's default (preferred) language. o If the host detects an xml:lang declaration on the stream:stream from a node, it SHOULD remember that value. o If a host does not receive an xml:lang from a node, it SHOULD have a configurable default locale that it remembers instead. o For all chunks, if the node does not send an xml:lang attribute on the root tag ofSouthern California, "Transmission Control Protocol", RFC 793, September 1981, <http://www.ietf.org/rfc/ rfc0793.txt>. [5] Internet Assigned Numbers Authority, "Internet Assigned Numbers Authority", January 1998, <http://www.iana.org/>. [6] Harrenstien, K., Stahl, M. and E. Feinler, "DoD Internetthe packet, the server SHOULD apply its remembered value. o If a node does send an xml:lang attribute on a chunk, the server MUST NOT modify or delete it. o A hosttable specification", RFC 952, October 1985. [7] Braden, R., "RequirementsSHOULD include an xml:lang declaration on the stream:stream with which it replies to a node, denoting the host's default (preferred) language. Miller & Saint-Andre Expires May 4, 2003 [Page 36] Internet-Draft XMPP Core November 2002 10. Security Considerations 10.1 Node-to-Host Communications The SASL protocol forInternet Hosts - Applicationauthenticating XML streams negotiated between a node andSupport", STD 3, RFC 1123, October 1989. [8]a host (defined under Section 5.1 above) provides a reliable mechanism for validating that a node connecting to a host is who it claims to be. The IP address and method of access of nodes MUST NOT be made available by a host, nor are any connections other than the original host connection required. This helps protect the node's host from direct attack or identification by third parties. End-to-end encryption of message bodies and presence status information MAY be effected through use of OpenPGP [13]; for details, see Appendix C. 10.2 Host-to-Host Communications It is OPTIONAL for any given host to communicate with other hosts, and host-to-host communications MAY be disabled by the administrator of any given deployment. If two hosts would like to enable communications between themselves, they MUST form a relationship of trust at some level, either based on trust in DNS or based on a pre-existing trust relationship (e.g., through exchange of certificates). If two hosts have a pre-existing trust relationship, they MAY use SASL Authentication (Section 5.1) for the purpose of authenticating each other. If they do not have a pre-existing relationship, they MUST use the Dialback Protocol (Section 5.2), which provides a reliable mechanism for preventing the spoofing of hosts. 10.3 Use of SASL Although service provisioning is a policy matter, at a minimum, all implementations MUST provide the SASL DIGEST-MD5 mechanism for authentication. Miller & Saint-Andre Expires May 4, 2003 [Page 37] Internet-Draft XMPP Core November 2002 References [1] World Wide Web Consortium, "Extensible Markup Language (XML) 1.0 (Second Edition)", W3C xml, October 2000, <http:// www.w3.org/TR/2000/REC-xml-20001006>.[9] Myers, J., "Simple Authentication and Security Layer (SASL)", RFC 2222, October 1997. [10] Gulbrandsen, A.[2] Miller, J. and P.Vixie, "A DNS RR for specifying the locationSaint-Andre, "XMPP Instant Messaging (draft- miller-xmpp-im-02, work in progress)", November 2002. [3] Day, M., Aggarwal, S., Mohr, G. and J. Vincent, "A Model for Presence and Instant Messaging", RFC 2779, February 2000, <http://www.ietf.org/rfc/rfc2779.txt>. [4] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [5] University ofservices (DNS SRV)",Southern California, "Transmission Control Protocol", RFC2052, October 1996. [11]793, September 1981, <http://www.ietf.org/rfc/ rfc0793.txt>. [6] Internet Assigned Numbers Authority, "Internet Assigned Numbers Authority", January 1998, <http://www.iana.org/>. [7] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource Identifiers (URI): Generic Syntax", RFC 2396, August 1998, <http://www.ietf.org/rfc/rfc2396.txt>.[12][8] Harrenstien, K., Stahl, M. and E. Feinler, "DoD Internet host table specification", RFC 952, October 1985. [9] Braden, R., "Requirements for Internet Hosts - Application and Support", STD 3, RFC 1123, October 1989. [10] Myers, J., "Simple Authentication and Security Layer (SASL)", RFC 2222, October 1997. [11] World Wide Web Consortium, "Namespaces in XML", W3C xml-names, January 1999, <http://www.w3.org/TR/1999/REC-xml-names- 19990114/>. [12] Gulbrandsen, A. and P. Vixie, "A DNS RR for specifying the location of services (DNS SRV)", RFC 2052, October 1996. [13]Jabber Software Foundation, "Jabber Software Foundation", August 2001, <http://www.jabber.org/>. [14]Elkins, M., Del Torto, D., Levien, R. and T. Roessler, "MIME Security with OpenPGP", RFC 3156, August 2001. [14] Linn, J., "Generic Security Service Application Program Interface, Version 2", RFC 2078, January 1997. Miller & Saint-Andre Expires May 4, 2003 [Page 38] Internet-Draft XMPP Core November 2002 Authors' Addresses Jeremie Miller Jabber Software Foundation 1899 Wynkoop Street, Suite 600 Denver, CO 80202 US EMail: jeremie@jabber.org URI: http://www.jabber.org/people/jer.php Peter Saint-Andre Jabber Software Foundation 1899 Wynkoop Street, Suite 600 Denver, CO 80202 US EMail: stpeter@jabber.org URI: http://www.jabber.org/people/stpeter.php Miller & Saint-Andre Expires May 4, 2003 [Page 39] Internet-Draft XMPP Core November 2002 Appendix A. Standard Error Codes A standard error element is used for failed processing of XML chunks. This element is a child of the failed chunk and MUST include a 'code' attribute corresponding to one of the following error codes. o 302 (Redirect) - Whereas HTTP contains eight different codes for redirection, XMPP contains only one (which is intended to stand for any redirection error). However, code 302 is being reserved for future functionality and is not implemented at this time. o 400 (Bad Request) - Code 400 is used to inform a sender that a request could not be understood by the recipient. This might be generated when, for example, an entity sends a message that does not have a 'to' attribute. o 401 (Unauthorized) - Code 401 is used to inform nodes that they have provided incorrect authorization information, e.g., an incorrect password or unknown username when attempting to authenticate with a host. o 402 (Payment Required) - Code 402 is being reserved for future use. o 403 (Forbidden) - Code 403 is used to inform an entity that the its request was understood but that the recipient is refusing to fulfill it, e.g., if a node attempts to set information associated with another node. o 404 (Not Found) - Code 404 is used to inform a sender that no recipient was found matching the JID to which an XML chunk was sent, e.g., if a sender has attempted to send a message to a JID that does not exist. (Note: if the host of the intended recipient cannot be reached, an error code from the 500 series must be sent). o 405 (Not Allowed) - Code 405 is used when the action requested is not allowed for the JID identified by the 'from' address, e.g., if a node attempts to set the time or version of a host. o 406 (Not Acceptable) - Code 406 is used when an XML chunk is for some reason not acceptable to a host or other entity. This might be generated when, for example, a node attempts to register with a host using an empty password. o 407 (Registration Required) - Code 407 is used when a message or request is sent to a service that requires prior registration, e.g., if a node attempts to send a message through a gateway to a Miller & Saint-Andre Expires May 4, 2003 [Page 40] Internet-Draft XMPP Core November 2002 foreign messaging system without having first registered with that gateway. o 408 (Request Timeout) - Code 408 is returned when a recipient does not produce a response within the time that the sender was prepared to wait. o 500 (Internal Server Error) - Code 500 is used when a host or service encounters an unexpected condition which prevents it from handling an XML chunk from a sender, e.g., if an authentication request is not handled by a host because the password could not be retrieved. o 501 (Not Implemented) - Code 501 is used when the recipient does not support the functionality being requested by a sender, e.g., if a node attempts to register with a host that does not allow registration. o 502 (Remote Server Error) - Code 502 is used when delivery of an XML chunk fails because of an inability to reach the intended remote host or service, e.g., because a remote host's hostname could not be resolved. o 503 (Service Unavailable) - Code 503 is used when a sender requests a service that a recipient is temporarily unable to offer. o 504 (Remote Server Timeout) - Code 504 is used when attempts to contact a remote host timeout, e.g., if an incorrect hostname is specified. Miller & Saint-Andre Expires May 4, 2003 [Page 41] Internet-Draft XMPP Core November 2002 Appendix B. Formal Definitions B.1 streams namespace B.1.1 DTD <?xml version='1.0' encoding='UTF-8'?> <!ELEMENT stream (#PCDATA | error?)*> <!ATTLIST stream to CDATA #REQUIRED from CDATA #IMPLIED id CDATA #IMPLIED> <!ELEMENT error (#PCDATA)> B.1.2 Schema Miller & Saint-Andre Expires May 4, 2003 [Page 42] Internet-Draft XMPP Core November 2002 <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://etherx.jabber.org/streams' xmlns='http://etherx.jabber.org/streams' elementFormDefault='qualified'> <xsd:element name='stream'> <xsd:complexType mixed='true'> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:choice> <xsd:any namespace='jabber:client' maxOccurs='1'/> <xsd:any namespace='jabber:component:accept' maxOccurs='1'/> <xsd:any namespace='jabber:component:connect' maxOccurs='1'/> <xsd:any namespace='jabber:server' maxOccurs='1'/> <xsd:any namespace='http://www.iana.org/assignments/sasl-mechanisms' maxOccurs='1'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> </xsd:complexType> </xsd:element> <xsd:element name='error' type='xsd:string'/> </xsd:schema> B.2 sasl namespace B.2.1 DTD The DTD for the sasl: namespace is as follows: Miller & Saint-Andre Expires May 4, 2003 [Page 43] Internet-Draft XMPP Core November 2002 <?xml version='1.0' encoding='UTF-8'?> <!ELEMENT mechanisms (mechanism)*> <!ELEMENT mechanism (#PCDATA)> <!ATTLIST mechanism name CDATA #REQUIRED> <!ELEMENT auth (#PCDATA)> <!ATTLIST auth name CDATA #REQUIRED> <!ELEMENT challenge (#PCDATA)> <!ELEMENT response (#PCDATA)> <!ELEMENT abort (#PCDATA)> <!ELEMENT success (#PCDATA)> <!ELEMENT failure (#PCDATA)> B.2.2 Schema Miller & Saint-Andre Expires May 4, 2003 [Page 44] Internet-Draft XMPP Core November 2002 <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://www.iana.org/assignments/sasl-mechanisms' xmlns='http://www.iana.org/assignments/sasl-mechanisms' elementFormDefault='qualified'> <xsd:element name='mechanisms'> <xsd:complexType> <xsd:sequence minOccurs='0' maxOccurs='unbounded'> <xsd:element ref='mechanism'/> </xsd:sequence> </xsd:complexType> </xsd:element> <xsd:element name='mechanism'> <xsd:complexType mixed='true'> <xsd:attribute name='name' type='xsd:string' use='optional'/> </xsd:complexType> </xsd:element> <xsd:element name='auth'> <xsd:complexType mixed='true'> <xsd:attribute name='name' type='xsd:string' use='optional'/> </xsd:complexType> </xsd:element> <xsd:element name='challenge' type='xsd:string'/> <xsd:element name='response' type='xsd:string'/> <xsd:element name='abort' type='xsd:string'/> <xsd:element name='success' type='xsd:string'/> <xsd:element name='failure' type='xsd:string'/> </xsd:schema> B.3 jabber:client namespace Note: the formal definition for the 'jabber:server' namespace is identical to that for the 'jabber:client' namespace. B.3.1 DTD <?xml version='1.0' encoding='UTF-8'?> <!ELEMENT message (( body? | subject? | thread? | error? | (#PCDATA) )*)> <!ATTLIST message to CDATA #IMPLIED Miller & Saint-Andre Expires May 4, 2003 [Page 45] Internet-Draft XMPP Core November 2002 from CDATA #IMPLIED id CDATA #IMPLIED type ( chat | groupchat | headline | error ) #IMPLIED > <!ELEMENT body (#PCDATA)> <!ELEMENT subject (#PCDATA)> <!ELEMENT thread (#PCDATA)> <!ELEMENT presence (( show? | status? | priority? | error? )*)> <!ATTLIST presence to CDATA #IMPLIED from CDATA #IMPLIED id CDATA #IMPLIED type ( subscribe | subscribed | unsubscribe | unsubscribed | unavailable | error ) #IMPLIED > <!ELEMENT show (#PCDATA)> <!ELEMENT status (#PCDATA)> <!ELEMENT priority (#PCDATA)> <!ELEMENT iq ( error | (#PCDATA) )*> <!ATTLIST iq to CDATA #IMPLIED from CDATA #IMPLIED id CDATA #IMPLIED type ( get | set | result | error ) #REQUIRED > <!ELEMENT error (#PCDATA)> <!ATTLIST error code CDATA #REQUIRED> B.3.2 Schema <?xml version='1.0' encoding='UTF-8'?> <xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema' targetNamespace='http://www.jabber.org/protocol' xmlns='http://www.jabber.org/protocol' elementFormDefault='qualified'> <xsd:element name='message'> <xsd:complexType mixed='true'> <xsd:choice> Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page42]46] Internet-Draft XMPP CoreOctoberNovember 2002[15] Ramsdell, B., "S/MIME Version 3 Message Specification", RFC 2633, June 1999. [16] Linn, J., "Generic Security Service Application Program Interface, Version 2", RFC 2078, January 1997. [17] Day, M., Rosenberg, J. and H. Sugano, "A Model for Presence and Instant Messaging", RFC 2778, February 2000, <http:// www.ietf.org/rfc/rfc2778.txt>. [18] Day, M., Aggarwal, S., Mohr, G. and J. Vincent, "A Model for Presence and Instant Messaging", RFC 2779, February 2000, <http://www.ietf.org/rfc/rfc2779.txt>. Authors' Addresses Jeremie<xsd:element ref='body' minOccurs='0' maxOccurs='1'/> <xsd:element ref='subject' minOccurs='0' maxOccurs='1'/> <xsd:element ref='thread' minOccurs='0' maxOccurs='1'/> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> <xsd:attribute name='type' use='optional' default='normal'> <xsd:simpleType> <xsd:restriction base='xsd:NCName'> <xsd:enumeration value='normal'/> <xsd:enumeration value='chat'/> <xsd:enumeration value='groupchat'/> <xsd:enumeration value='headline'/> <xsd:enumeration value='error'/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:complexType> </xsd:element> <xsd:element name='body' type='xsd:string'/> <xsd:element name='subject' type='xsd:string'/> <xsd:element name='thread' type='xsd:string'/> <xsd:element name='presence'> <xsd:complexType> <xsd:choice> <xsd:element ref='show' minOccurs='0' maxOccurs='1'/> <xsd:element ref='status' minOccurs='0' maxOccurs='1'/> <xsd:element ref='priority' minOccurs='0' maxOccurs='1'/> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> <xsd:attribute name='type' use='optional'> MillerJabber Software Foundation 1899 Wynkoop Street, Suite 600 Denver, CO 80202 US EMail: jeremie@jabber.org URI: http://www.jabber.org/ Peter& Saint-AndreJabber Software Foundation 1899 Wynkoop Street, Suite 600 Denver, CO 80202 US EMail: stpeter@jabber.org URI: http://www.jabber.org/Expires May 4, 2003 [Page 47] Internet-Draft XMPP Core November 2002 <xsd:simpleType> <xsd:restriction base='xsd:string'> <xsd:enumeration value='unavailable'/> <xsd:enumeration value='subscribe'/> <xsd:enumeration value='subscribed'/> <xsd:enumeration value='unsubscribe'/> <xsd:enumeration value='unsubscribed'/> <xsd:enumeration value='error'/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:complexType> </xsd:element> <xsd:element name='show'> <xsd:simpleType> <xsd:restriction base='xsd:string'> <xsd:enumeration value='away'/> <xsd:enumeration value='chat'/> <xsd:enumeration value='xa'/> <xsd:enumeration value='dnd'/> </xsd:restriction> </xsd:simpleType> </xsd:element> <xsd:element name='status' type='xsd:string'/> <xsd:element name='priority' type='xsd:nonNegativeInteger'/> <xsd:element name='iq'> <xsd:complexType mixed='true'> <xsd:choice> <xsd:element ref='error' minOccurs='0' maxOccurs='1'/> <xsd:any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> </xsd:choice> <xsd:attribute name='to' type='xsd:string' use='optional'/> <xsd:attribute name='from' type='xsd:string' use='optional'/> <xsd:attribute name='id' type='xsd:string' use='optional'/> <xsd:attribute name='type' use='required'> <xsd:simpleType> <xsd:restriction base='xsd:string'> <xsd:enumeration value='get'/> <xsd:enumeration value='set'/> <xsd:enumeration value='result'/> <xsd:enumeration value='error'/> Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page43]48] Internet-Draft XMPP CoreOctoberNovember 2002Appendix A. Standard Error Codes A standard error element is used for failed processing of XML chunks. This element is a child of the failed element and MUST include a 'code' attribute corresponding to one of the following error codes. o 302 (Redirect) - Whereas the HTTP spec contains eight different codes for redirection, XMPP contains only one (which is intended to stand for any redirection error). However, code 302 is being reserved for future functionality and is not implemented at this time. o 400 (Bad Request) - Code 400 is used to inform a sender that a request could not be understood by the recipient. This might be generated when, for example, an entity sends a message that does not have a 'to' attribute, or when a node attempts to authenticate without sending a username. o 401 (Unauthorized) - Code 401 is used to inform nodes that they have provided incorrect authorization information, e.g., an incorrect password or unknown username when attempting to authenticate with a host. o 402 (Payment Required) - Code 402</xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:complexType> </xsd:element> <xsd:element name='error'> <xsd:complexType> <xsd:attribute name='code' type='xsd:nonNegativeInteger' use='required'/> </xsd:complexType> </xsd:element> </xsd:schema> Miller & Saint-Andre Expires May 4, 2003 [Page 49] Internet-Draft XMPP Core November 2002 Appendix C. OpenPGP Usage This section isbeing reserved for future usenon-normative. It describes an end-to-end encryption andis notsigning method currently in useat this time. o 403 (Forbidden) - Code 403 is used to inform an entity that the its request was understood but thatwithin therecipientJabber community. It isrefusing to fulfill it, e.g., ifnot recommended as anode attempts to set information (e.g., preferencescomplete solution for encrypting streams orprofile information) associated with another node. o 404 (Not Found) - Code 404for guaranteeing the privacy of messages or presence. When this method isused to inform a sender that noused, replay attacks are possible on presence chunks and also on messages for which the recipientwas found matchingis not mentioned in theJID to which an XML chunk was sent, e.g., if a sender has attempted to send amessageto a JID that does not exist. (Note: ifbody. Key exchange may rely on thehostweb ofthe intended recipient cannot be reached, an error code from the 500 series will be sent). o 405 (Not Allowed) - Code 405 istrust model usedwhenon theaction requestedOpenPGP keys network. There isnot allowed for the JID identified by the 'from' address, e.g., if a node attemptsno method toset the timecheck a fingerprint orversionownership of ahost. o 406 (Not Acceptable) - Code 406key other than checking the user IDs on a key. All operations described herein may be completed using standard OpenPGP software. All program output isusedUS-ASCII armored output with the headers removed, which allows for straightforward encapsulation of the program output directly in XML chunks. It is assumed that all keys are exchanged using OpenPGP key servers; for example, the key of another user may be retrieved automatically whenan XMLa signed presence chunk isfor some reason not acceptable to a host or other entity. This might be generated when, for example,received from that user. C.1 Signing Presence Signing enables anode attemptssender toregister withverify that they sent ahost using an empty password. o 407 (Registration Required) - Code 407 is used whencertain block of text. As applied within the Jabber community, the <status/> child of amessage or Miller & Saint-Andre Expires April 23, 2003 [Page 44] Internet-Draft XMPP Core October 2002 requestpresence chunk is signed and sentto a service thatas extended presence information in the 'jabber:x:signed' namespace. Because signing requiresprior registration, e.g., if a node attempts to sendamessage throughblock of text, agateway tosigned presence chunk MUST contain aforeign messaging system without having first registered with<status/> child element thatgateway. o 408 (Request Timeout) - Code 408isreturned when a recipient does not produce a response within the time thatnon-empty (i.e., contains text. When signing presence, the senderwas prepared to wait. o 500 (Internal Server Error) - Code 500 is used when a host or service encounters an unexpected conditionMUST use the private key whichprevents it from handling an XML chunk from a sender, e.g., if an authentication requestisnot handled by a hostthe same KeyID as the one they wish to use for encrypted messages. This is because there is no feature negotiation related to message encryption; thepassword could not be retrievedonly indicator that another user encrypts is orif password storage fails when a node attempts to register with a host. o 501 (Not Implemented) - Code 501her messages isused whenthat one receives signed presence chunks from that user. As shown in therecipient does not supportfollowing example, thefunctionality being requested by a sender, e.g., if a node sends an authentication requestonly presence information thatdoes not containis signed is theelements defined by at least oneCDATA of theaccepted authentication methods or when<status> element. Miller & Saint-Andre Expires May 4, 2003 [Page 50] Internet-Draft XMPP Core November 2002 <presence from='romeo@montague.net/orchard' to='juliet@capulet.com/balcony'> <status>Online</status> <x xmlns='jabber:x:signed'> iQA/AwUBOjU5dnol3d88qZ77EQI2JACfRngLJ045brNnaCX78ykKNUZaTIoAoPHI 2uJxPMGR73EBIvEpcv0LRSy+ =45f8 </x> </presence> C.2 Encrypting Messages Encryption enables the sender to encrypt anode attemptsmessage sent toregister withahost that does not allow registration. o 502 (Remote Server Error) - Code 502specific recipient. This isused when delivery of an XML chunk fails because of an inability to reachaccomplished by sending theintended remote host or service. Specific examplesencrypted form ofwhy this code is generated include a failure to connect totheremote host or resolve its hostname. o 503 (Service Unavailable) - Code 503CDATA from the <body/> child in second child that isused whenscoped by the 'jabber:x:encrypted' namespace. Because asender requestsblock of text is necessary, the message chunk MUST contain aservice<body/> child element thata recipientiscurrently unable to handle, usually for temporary reasons, e.g., if a sender attemptsnon-empty (i.e., that contains some CDATA text). It is considered polite tosendinclude a messageto a<body/> informing the recipient thatis offline buttherecipient's host is not running an offlinemessagestorage service. o 504 (Remote Server Timeout) - Code 504is encrypted. The public key usedwhen attempts to contact a remote host timeout, e.g.,for message encryption should match the KeyID used for signing presence. The actual data that is encrypted is what would be the CDATA of the <body> element ifan incorrect hostnamethe message were not encrypted. Miller & Saint-Andre Expires May 4, 2003 [Page 51] Internet-Draft XMPP Core November 2002 <message from='juliet@capulet.com/balcony' to='romeo@montague.net/orchard'> <body>This message isspecified.encrypted.</body> <x xmlns='jabber:x:encrypted'> qANQR1DBwU4DX7jmYZnncmUQB/9KuKBddzQH+tZ1ZywKK0yHKnq57kWq+RFtQdCJ WpdWpR0uQsuJe7+vh3NWn59/gTc5MDlX8dS9p0ovStmNcyLhxVgmqS8ZKhsblVeu IpQ0JgavABqibJolc3BKrVtVV1igKiX/N7Pi8RtY1K18toaMDhdEfhBRzO/XB0+P AQhYlRjNacGcslkhXqNjK5Va4tuOAPy2n1Q8UUrHbUd0g+xJ9Bm0G0LZXyvCWyKH kuNEHFQiLuCY6Iv0myq6iX6tjuHehZlFSh80b5BVV9tNLwNR5Eqz1klxMhoghJOA w7R61cCPt8KSd8Vcl8K+StqOMZ5wkhosVjUqvEu8uJ9RupdpB/4m9E3gOQZCBsmq OsX4/jJhn2wIsfYYWdqkbNKnuYoKCnwrlmn6I+wX72p0R8tTv8peNCwK9bEtL/XS mhn4bCxoUkCITv3k8a+Jdvbov9ucduKSFuCBq4/l0fpHmPhHQjkFofxmaWJveFfF 619NXyYyCfoLTmWk2AaTHVCjtKdf1WmwcTa0vFfk8BuFHkdah6kJJiJ7w/yNwa/E O6CMymuZTr/LpcKKWrWCt+SErxqmq8ekPI8h7oNwMxZBYAa7OJ1rXWKNgL9pDtNI 824Mf0mXj7q5N1eMHvX1QEoKLAda/Ae3TTEevOyeUK1DEgvxfM2KRZ11RzU+XtIE My/bJk7EycAw8P/QKyeNlO1fxP58VEd6Gb8NCPqKOYn/LKh1O+c20ZNVEPFM4bNV XA4hB4UtFF7Ao8kpdlrUqdKyw4lEtnmdemYQ6+iIIVPEarWl9PxOMY90KAnZrSAq bt9uRY/1rPgelRaWblMKvxgpRO8++Y8VjdEyGgMOXxOiE851Ve72ftGzkSxDH8mW TgY3pf2aATmBp3lagQ1COkGS/xupovT5AQPA3RzbCxDvc6s6eGYKmVVQVj5vmSj1 WULad5MB9KT1DzCm6FOSy063nWGBYYMWiejRvGLpo1j4eAnj0qOt7rTWmgv3RkYF Oin0vDOhW7aC =CvnG </x> </message> Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page45]52] Internet-Draft XMPP CoreOctoberNovember 2002 Full Copyright Statement Copyright (C) The Internet Society (2002). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Miller & Saint-Andre ExpiresApril 23,May 4, 2003 [Page46]53] ----