' and
'' lines.
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
-- Looks like a reference, but probably isn't: '43' on line 830
-- Looks like a reference, but probably isn't: '3' on line 5078
** Obsolete normative reference: RFC 4234 (ref. 'ABNF') (Obsoleted by RFC
5234)
** Obsolete normative reference: RFC 2831 (ref. 'DIGEST-MD5') (Obsoleted by
RFC 6331)
** Obsolete normative reference: RFC 3490 (ref. 'IDNA') (Obsoleted by RFC
5890, RFC 5891)
** Obsolete normative reference: RFC 4646 (ref. 'LANGTAGS') (Obsoleted by
RFC 5646)
** Obsolete normative reference: RFC 3491 (ref. 'NAMEPREP') (Obsoleted by
RFC 5891)
** Obsolete normative reference: RFC 3454 (ref. 'STRINGPREP') (Obsoleted by
RFC 7564)
** Obsolete normative reference: RFC 793 (ref. 'TCP') (Obsoleted by RFC
9293)
** Obsolete normative reference: RFC 4346 (ref. 'TLS') (Obsoleted by RFC
5246)
-- Possible downref: Non-RFC (?) normative reference: ref. 'UCS2'
** Obsolete normative reference: RFC 3280 (ref. 'X509') (Obsoleted by RFC
5280)
-- Possible downref: Non-RFC (?) normative reference: ref. 'XML'
-- Possible downref: Non-RFC (?) normative reference: ref. 'XML-NAMES'
-- Obsolete informational reference (is this intentional?): RFC 2616 (ref.
'HTTP') (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234,
RFC 7235)
-- Obsolete informational reference (is this intentional?): RFC 2818 (ref.
'HTTP-TLS') (Obsoleted by RFC 9110)
-- Obsolete informational reference (is this intentional?): RFC 3501 (ref.
'IMAP') (Obsoleted by RFC 9051)
-- Obsolete informational reference (is this intentional?): RFC 3920
(Obsoleted by RFC 6120)
-- Obsolete informational reference (is this intentional?): RFC 3921
(Obsoleted by RFC 6121)
-- Obsolete informational reference (is this intentional?): RFC 2821 (ref.
'SMTP') (Obsoleted by RFC 5321)
-- Duplicate reference: RFC1035, mentioned in 'STD13', was also mentioned
in 'DNS'.
== Outdated reference: A later version (-08) exists of
draft-saintandre-rfc3921bis-03
Summary: 10 errors (**), 0 flaws (~~), 6 warnings (==), 20 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 Network Working Group P. Saint-Andre, Ed.
3 Internet-Draft XMPP Standards Foundation
4 Obsoletes: 3920 (if approved) October 5, 2007
5 Intended status: Standards Track
6 Expires: April 7, 2008
8 Extensible Messaging and Presence Protocol (XMPP): Core
9 draft-saintandre-rfc3920bis-04
11 Status of this Memo
13 By submitting this Internet-Draft, each author represents that any
14 applicable patent or other IPR claims of which he or she is aware
15 have been or will be disclosed, and any of which he or she becomes
16 aware will be disclosed, in accordance with Section 6 of BCP 79.
18 Internet-Drafts are working documents of the Internet Engineering
19 Task Force (IETF), its areas, and its working groups. Note that
20 other groups may also distribute working documents as Internet-
21 Drafts.
23 Internet-Drafts are draft documents valid for a maximum of six months
24 and may be updated, replaced, or obsoleted by other documents at any
25 time. It is inappropriate to use Internet-Drafts as reference
26 material or to cite them other than as "work in progress."
28 The list of current Internet-Drafts can be accessed at
29 http://www.ietf.org/ietf/1id-abstracts.txt.
31 The list of Internet-Draft Shadow Directories can be accessed at
32 http://www.ietf.org/shadow.html.
34 This Internet-Draft will expire on April 7, 2008.
36 Copyright Notice
38 Copyright (C) The IETF Trust (2007).
40 Abstract
42 This document defines the core features of the Extensible Messaging
43 and Presence Protocol (XMPP), a technology for streaming Extensible
44 Markup Language (XML) elements in order to exchange structured
45 information in close to real time between any two or more network-
46 aware entities. XMPP provides a generalized, extensible framework
47 for incrementally exchanging XML data, upon which a variety of
48 applications can be built. The framework includes methods for stream
49 setup and teardown, channel encryption, authentication of a client to
50 a server and of one server to another server, and primitives for
51 push-style messages, publication of network availability information
52 ("presence"), and request-response interactions between any two XMPP
53 entities. This document also specifies the format for XMPP
54 addresses, which are fully internationalizable.
56 This document obsoletes RFC 3920.
58 Table of Contents
60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 8
61 1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 8
62 1.2. Functional Summary . . . . . . . . . . . . . . . . . . . 9
63 1.3. Conventions . . . . . . . . . . . . . . . . . . . . . . 10
64 1.4. Discussion Venue . . . . . . . . . . . . . . . . . . . . 10
65 2. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 10
66 2.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 10
67 2.2. Server . . . . . . . . . . . . . . . . . . . . . . . . . 11
68 2.3. Client . . . . . . . . . . . . . . . . . . . . . . . . . 12
69 2.4. Network . . . . . . . . . . . . . . . . . . . . . . . . 12
70 3. Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . 12
71 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 12
72 3.2. Domain Identifier . . . . . . . . . . . . . . . . . . . 13
73 3.3. Node Identifier . . . . . . . . . . . . . . . . . . . . 14
74 3.4. Resource Identifier . . . . . . . . . . . . . . . . . . 15
75 3.5. Determination of Addresses . . . . . . . . . . . . . . . 15
76 4. TCP Binding . . . . . . . . . . . . . . . . . . . . . . . . . 16
77 4.1. Scope . . . . . . . . . . . . . . . . . . . . . . . . . 16
78 4.2. Hostname Resolution . . . . . . . . . . . . . . . . . . 16
79 4.3. Client-to-Server Communications . . . . . . . . . . . . 17
80 4.4. Server-to-Server Communications . . . . . . . . . . . . 17
81 4.5. Other Bindings . . . . . . . . . . . . . . . . . . . . . 17
82 5. XML Streams . . . . . . . . . . . . . . . . . . . . . . . . . 17
83 5.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 17
84 5.2. Stream Security . . . . . . . . . . . . . . . . . . . . 19
85 5.3. Stream Attributes . . . . . . . . . . . . . . . . . . . 20
86 5.3.1. from . . . . . . . . . . . . . . . . . . . . . . . . 20
87 5.3.2. to . . . . . . . . . . . . . . . . . . . . . . . . . 21
88 5.3.3. id . . . . . . . . . . . . . . . . . . . . . . . . . 22
89 5.3.4. xml:lang . . . . . . . . . . . . . . . . . . . . . . 23
90 5.3.5. version . . . . . . . . . . . . . . . . . . . . . . 24
91 5.3.6. Summary . . . . . . . . . . . . . . . . . . . . . . 25
92 5.4. Namespace Declarations . . . . . . . . . . . . . . . . . 25
93 5.5. Stream Features . . . . . . . . . . . . . . . . . . . . 26
94 5.6. Closing Streams . . . . . . . . . . . . . . . . . . . . 27
95 5.7. Reconnection . . . . . . . . . . . . . . . . . . . . . . 27
96 5.8. Stream Errors . . . . . . . . . . . . . . . . . . . . . 28
97 5.8.1. Rules . . . . . . . . . . . . . . . . . . . . . . . 28
98 5.8.1.1. Stream Errors Are Unrecoverable . . . . . . . . . 28
99 5.8.1.2. Stream Errors Can Occur During Setup . . . . . . 28
100 5.8.1.3. Stream Errors When the Host is Unspecified . . . 29
101 5.8.2. Syntax . . . . . . . . . . . . . . . . . . . . . . . 30
102 5.8.3. Defined Stream Error Conditions . . . . . . . . . . 31
103 5.8.3.1. bad-format . . . . . . . . . . . . . . . . . . . 31
104 5.8.3.2. bad-namespace-prefix . . . . . . . . . . . . . . 31
105 5.8.3.3. conflict . . . . . . . . . . . . . . . . . . . . 32
106 5.8.3.4. connection-timeout . . . . . . . . . . . . . . . 33
107 5.8.3.5. host-gone . . . . . . . . . . . . . . . . . . . . 33
108 5.8.3.6. host-unknown . . . . . . . . . . . . . . . . . . 34
109 5.8.3.7. improper-addressing . . . . . . . . . . . . . . . 35
110 5.8.3.8. internal-server-error . . . . . . . . . . . . . . 35
111 5.8.3.9. invalid-from . . . . . . . . . . . . . . . . . . 36
112 5.8.3.10. invalid-id . . . . . . . . . . . . . . . . . . . 36
113 5.8.3.11. invalid-namespace . . . . . . . . . . . . . . . . 37
114 5.8.3.12. invalid-xml . . . . . . . . . . . . . . . . . . . 37
115 5.8.3.13. not-authorized . . . . . . . . . . . . . . . . . 38
116 5.8.3.14. policy-violation . . . . . . . . . . . . . . . . 39
117 5.8.3.15. remote-connection-failed . . . . . . . . . . . . 40
118 5.8.3.16. resource-constraint . . . . . . . . . . . . . . . 40
119 5.8.3.17. restricted-xml . . . . . . . . . . . . . . . . . 41
120 5.8.3.18. see-other-host . . . . . . . . . . . . . . . . . 41
121 5.8.3.19. system-shutdown . . . . . . . . . . . . . . . . . 42
122 5.8.3.20. undefined-condition . . . . . . . . . . . . . . . 43
123 5.8.3.21. unsupported-encoding . . . . . . . . . . . . . . 43
124 5.8.3.22. unsupported-stanza-type . . . . . . . . . . . . . 44
125 5.8.3.23. unsupported-version . . . . . . . . . . . . . . . 44
126 5.8.3.24. xml-not-well-formed . . . . . . . . . . . . . . . 45
127 5.8.4. Application-Specific Conditions . . . . . . . . . . 46
128 5.9. Simplified Stream Examples . . . . . . . . . . . . . . . 46
129 6. STARTTLS Negotiation . . . . . . . . . . . . . . . . . . . . 48
130 6.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 49
131 6.2. Rules . . . . . . . . . . . . . . . . . . . . . . . . . 49
132 6.2.1. Data Formatting . . . . . . . . . . . . . . . . . . 49
133 6.2.2. Order of Negotiation . . . . . . . . . . . . . . . . 49
134 6.3. Process . . . . . . . . . . . . . . . . . . . . . . . . 49
135 6.3.1. Exchange of Stream Headers and Stream Features . . . 49
136 6.3.2. Initiation of STARTTLS Negotiation . . . . . . . . . 51
137 6.3.2.1. STARTTLS Command . . . . . . . . . . . . . . . . 51
138 6.3.2.2. Failure Case . . . . . . . . . . . . . . . . . . 51
139 6.3.2.3. Proceed Case . . . . . . . . . . . . . . . . . . 51
140 6.3.3. TLS Negotiation . . . . . . . . . . . . . . . . . . 52
141 6.3.3.1. Rules . . . . . . . . . . . . . . . . . . . . . . 52
142 6.3.3.2. TLS Failure . . . . . . . . . . . . . . . . . . . 52
143 6.3.3.3. TLS Success . . . . . . . . . . . . . . . . . . . 52
145 6.4. Representation of JIDs in Certificates . . . . . . . . . 54
146 6.4.1. Client Certificates . . . . . . . . . . . . . . . . 54
147 6.4.2. Server Certificates . . . . . . . . . . . . . . . . 54
148 6.4.3. ASN.1 Object Identifier . . . . . . . . . . . . . . 54
149 7. SASL Negotiation . . . . . . . . . . . . . . . . . . . . . . 55
150 7.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 55
151 7.2. Rules . . . . . . . . . . . . . . . . . . . . . . . . . 55
152 7.2.1. Data Formatting . . . . . . . . . . . . . . . . . . 55
153 7.2.2. Security Layers . . . . . . . . . . . . . . . . . . 56
154 7.2.3. Simple Usernames . . . . . . . . . . . . . . . . . . 56
155 7.2.4. Authorization Identities . . . . . . . . . . . . . . 56
156 7.3. Process . . . . . . . . . . . . . . . . . . . . . . . . 57
157 7.3.1. Exchange of Stream Headers and Stream Features . . . 57
158 7.3.2. Initiation . . . . . . . . . . . . . . . . . . . . . 59
159 7.3.3. Challenge-Response Sequence . . . . . . . . . . . . 59
160 7.3.4. Abort . . . . . . . . . . . . . . . . . . . . . . . 60
161 7.3.5. Failure . . . . . . . . . . . . . . . . . . . . . . 61
162 7.3.6. Success . . . . . . . . . . . . . . . . . . . . . . 61
163 7.4. SASL Definition . . . . . . . . . . . . . . . . . . . . 62
164 7.5. SASL Errors . . . . . . . . . . . . . . . . . . . . . . 63
165 7.5.1. aborted . . . . . . . . . . . . . . . . . . . . . . 63
166 7.5.2. incorrect-encoding . . . . . . . . . . . . . . . . . 63
167 7.5.3. invalid-authzid . . . . . . . . . . . . . . . . . . 64
168 7.5.4. invalid-mechanism . . . . . . . . . . . . . . . . . 64
169 7.5.5. malformed-request . . . . . . . . . . . . . . . . . 64
170 7.5.6. mechanism-too-weak . . . . . . . . . . . . . . . . . 65
171 7.5.7. not-authorized . . . . . . . . . . . . . . . . . . . 65
172 7.5.8. temporary-auth-failure . . . . . . . . . . . . . . . 65
173 8. Resource Binding . . . . . . . . . . . . . . . . . . . . . . 66
174 8.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 66
175 8.2. Advertising Support . . . . . . . . . . . . . . . . . . 66
176 8.3. Server-Generated Resource Identifier . . . . . . . . . . 67
177 8.3.1. Success Case . . . . . . . . . . . . . . . . . . . . 67
178 8.3.2. Error Case . . . . . . . . . . . . . . . . . . . . . 68
179 8.4. Client-Generated Resource Identifier . . . . . . . . . . 68
180 8.4.1. Success Case . . . . . . . . . . . . . . . . . . . . 68
181 8.4.2. Error Cases . . . . . . . . . . . . . . . . . . . . 69
182 8.4.2.1. Not Allowed . . . . . . . . . . . . . . . . . . . 69
183 8.4.2.2. Bad Request . . . . . . . . . . . . . . . . . . . 69
184 8.4.2.3. Conflict . . . . . . . . . . . . . . . . . . . . 69
185 8.5. Binding Multiple Resources . . . . . . . . . . . . . . . 70
186 8.5.1. Support . . . . . . . . . . . . . . . . . . . . . . 70
187 8.5.2. Binding an Additional Resource . . . . . . . . . . . 70
188 8.5.3. Unbinding a Resource . . . . . . . . . . . . . . . . 71
189 8.5.3.1. Success Case . . . . . . . . . . . . . . . . . . 71
190 8.5.3.2. Error Cases . . . . . . . . . . . . . . . . . . . 71
191 8.5.4. From Addresses . . . . . . . . . . . . . . . . . . . 72
192 9. XML Stanzas . . . . . . . . . . . . . . . . . . . . . . . . . 72
193 9.1. Common Attributes . . . . . . . . . . . . . . . . . . . 73
194 9.1.1. to . . . . . . . . . . . . . . . . . . . . . . . . . 73
195 9.1.1.1. Client-to-Server Streams . . . . . . . . . . . . 73
196 9.1.1.2. Server-to-Server Streams . . . . . . . . . . . . 73
197 9.1.2. from . . . . . . . . . . . . . . . . . . . . . . . . 74
198 9.1.2.1. Client-to-Server Streams . . . . . . . . . . . . 74
199 9.1.2.2. Server-to-Server Streams . . . . . . . . . . . . 75
200 9.1.3. id . . . . . . . . . . . . . . . . . . . . . . . . . 75
201 9.1.4. type . . . . . . . . . . . . . . . . . . . . . . . . 75
202 9.1.5. xml:lang . . . . . . . . . . . . . . . . . . . . . . 76
203 9.2. Basic Semantics . . . . . . . . . . . . . . . . . . . . 77
204 9.2.1. Message Semantics . . . . . . . . . . . . . . . . . 77
205 9.2.2. Presence Semantics . . . . . . . . . . . . . . . . . 77
206 9.2.3. IQ Semantics . . . . . . . . . . . . . . . . . . . . 77
207 9.3. Stanza Errors . . . . . . . . . . . . . . . . . . . . . 79
208 9.3.1. Rules . . . . . . . . . . . . . . . . . . . . . . . 79
209 9.3.2. Syntax . . . . . . . . . . . . . . . . . . . . . . . 79
210 9.3.3. Defined Conditions . . . . . . . . . . . . . . . . . 81
211 9.3.3.1. bad-request . . . . . . . . . . . . . . . . . . . 81
212 9.3.3.2. conflict . . . . . . . . . . . . . . . . . . . . 81
213 9.3.3.3. feature-not-implemented . . . . . . . . . . . . . 82
214 9.3.3.4. forbidden . . . . . . . . . . . . . . . . . . . . 82
215 9.3.3.5. gone . . . . . . . . . . . . . . . . . . . . . . 83
216 9.3.3.6. internal-server-error . . . . . . . . . . . . . . 83
217 9.3.3.7. item-not-found . . . . . . . . . . . . . . . . . 84
218 9.3.3.8. jid-malformed . . . . . . . . . . . . . . . . . . 84
219 9.3.3.9. not-acceptable . . . . . . . . . . . . . . . . . 85
220 9.3.3.10. not-allowed . . . . . . . . . . . . . . . . . . . 85
221 9.3.3.11. not-authorized . . . . . . . . . . . . . . . . . 85
222 9.3.3.12. not-modified . . . . . . . . . . . . . . . . . . 86
223 9.3.3.13. payment-required . . . . . . . . . . . . . . . . 87
224 9.3.3.14. recipient-unavailable . . . . . . . . . . . . . . 87
225 9.3.3.15. redirect . . . . . . . . . . . . . . . . . . . . 88
226 9.3.3.16. registration-required . . . . . . . . . . . . . . 88
227 9.3.3.17. remote-server-not-found . . . . . . . . . . . . . 89
228 9.3.3.18. remote-server-timeout . . . . . . . . . . . . . . 89
229 9.3.3.19. resource-constraint . . . . . . . . . . . . . . . 89
230 9.3.3.20. service-unavailable . . . . . . . . . . . . . . . 90
231 9.3.3.21. subscription-required . . . . . . . . . . . . . . 90
232 9.3.3.22. undefined-condition . . . . . . . . . . . . . . . 91
233 9.3.3.23. unexpected-request . . . . . . . . . . . . . . . 92
234 9.3.3.24. unknown-sender . . . . . . . . . . . . . . . . . 93
235 9.3.4. Application-Specific Conditions . . . . . . . . . . 93
236 9.4. Extended Content . . . . . . . . . . . . . . . . . . . . 94
237 10. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 95
238 10.1. Client-to-Server . . . . . . . . . . . . . . . . . . . . 95
239 10.1.1. TLS . . . . . . . . . . . . . . . . . . . . . . . . 96
240 10.1.2. SASL . . . . . . . . . . . . . . . . . . . . . . . . 97
241 10.1.3. Resource Binding . . . . . . . . . . . . . . . . . . 99
242 10.1.4. Stanza Exchange . . . . . . . . . . . . . . . . . . 100
243 10.1.5. Close . . . . . . . . . . . . . . . . . . . . . . . 100
244 10.2. Server-to-Server Examples . . . . . . . . . . . . . . . 101
245 10.2.1. TLS . . . . . . . . . . . . . . . . . . . . . . . . 101
246 10.2.2. SASL . . . . . . . . . . . . . . . . . . . . . . . . 103
247 10.2.3. Stanza Exchange . . . . . . . . . . . . . . . . . . 104
248 10.2.4. Close . . . . . . . . . . . . . . . . . . . . . . . 105
249 11. Server Rules for Processing XML Stanzas . . . . . . . . . . . 105
250 11.1. No 'to' Address . . . . . . . . . . . . . . . . . . . . 105
251 11.1.1. Overview . . . . . . . . . . . . . . . . . . . . . . 105
252 11.1.2. Message . . . . . . . . . . . . . . . . . . . . . . 106
253 11.1.3. Presence . . . . . . . . . . . . . . . . . . . . . . 106
254 11.1.4. IQ . . . . . . . . . . . . . . . . . . . . . . . . . 106
255 11.2. Local Domain . . . . . . . . . . . . . . . . . . . . . . 106
256 11.2.1. Mere Domain . . . . . . . . . . . . . . . . . . . . 106
257 11.2.2. Resource at Domain . . . . . . . . . . . . . . . . . 106
258 11.2.3. Node at Local Domain . . . . . . . . . . . . . . . . 107
259 11.3. Foreign Domain . . . . . . . . . . . . . . . . . . . . . 107
260 11.3.1. Existing Stream . . . . . . . . . . . . . . . . . . 107
261 11.3.2. No Existing Stream . . . . . . . . . . . . . . . . . 107
262 11.3.3. Error Handling . . . . . . . . . . . . . . . . . . . 108
263 12. XML Usage . . . . . . . . . . . . . . . . . . . . . . . . . . 108
264 12.1. Restrictions . . . . . . . . . . . . . . . . . . . . . . 108
265 12.2. XML Namespace Names and Prefixes . . . . . . . . . . . . 109
266 12.2.1. Streams Namespace . . . . . . . . . . . . . . . . . 109
267 12.2.2. Default Namespace . . . . . . . . . . . . . . . . . 109
268 12.2.3. Extended Namespaces . . . . . . . . . . . . . . . . 110
269 12.3. Validation . . . . . . . . . . . . . . . . . . . . . . . 112
270 12.4. Inclusion of Text Declaration . . . . . . . . . . . . . 112
271 12.5. Character Encoding . . . . . . . . . . . . . . . . . . . 112
272 12.6. White Space . . . . . . . . . . . . . . . . . . . . . . 112
273 13. Compliance Requirements . . . . . . . . . . . . . . . . . . . 112
274 13.1. Servers . . . . . . . . . . . . . . . . . . . . . . . . 113
275 13.2. Clients . . . . . . . . . . . . . . . . . . . . . . . . 113
276 14. Internationalization Considerations . . . . . . . . . . . . . 114
277 15. Security Considerations . . . . . . . . . . . . . . . . . . . 114
278 15.1. High Security . . . . . . . . . . . . . . . . . . . . . 114
279 15.2. Certificate Validation . . . . . . . . . . . . . . . . . 115
280 15.3. Client-to-Server Communication . . . . . . . . . . . . . 115
281 15.4. Server-to-Server Communication . . . . . . . . . . . . . 116
282 15.5. Order of Layers . . . . . . . . . . . . . . . . . . . . 116
283 15.6. Lack of SASL Channel Binding to TLS . . . . . . . . . . 117
284 15.7. Mandatory-to-Implement Technologies . . . . . . . . . . 117
285 15.8. Firewalls . . . . . . . . . . . . . . . . . . . . . . . 118
286 15.9. Use of base64 in SASL . . . . . . . . . . . . . . . . . 118
287 15.10. Stringprep Profiles . . . . . . . . . . . . . . . . . . 118
288 15.11. Address Spoofing . . . . . . . . . . . . . . . . . . . . 119
289 15.11.1. Address Forging . . . . . . . . . . . . . . . . . . 119
290 15.11.2. Address Mimicking . . . . . . . . . . . . . . . . . 119
291 15.12. Denial of Service . . . . . . . . . . . . . . . . . . . 121
292 15.13. Presence Leaks . . . . . . . . . . . . . . . . . . . . . 122
293 15.14. Directory Harvesting . . . . . . . . . . . . . . . . . . 122
294 16. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 122
295 16.1. XML Namespace Name for TLS Data . . . . . . . . . . . . 123
296 16.2. XML Namespace Name for SASL Data . . . . . . . . . . . . 123
297 16.3. XML Namespace Name for Stream Errors . . . . . . . . . . 123
298 16.4. XML Namespace Name for Resource Binding . . . . . . . . 123
299 16.5. XML Namespace Name for Stanza Errors . . . . . . . . . . 124
300 16.6. Nodeprep Profile of Stringprep . . . . . . . . . . . . . 124
301 16.7. Resourceprep Profile of Stringprep . . . . . . . . . . . 124
302 16.8. GSSAPI Service Name . . . . . . . . . . . . . . . . . . 125
303 16.9. Port Numbers . . . . . . . . . . . . . . . . . . . . . . 125
304 17. References . . . . . . . . . . . . . . . . . . . . . . . . . 125
305 17.1. Normative References . . . . . . . . . . . . . . . . . . 125
306 17.2. Informative References . . . . . . . . . . . . . . . . . 127
307 Appendix A. Nodeprep . . . . . . . . . . . . . . . . . . . . . . 130
308 A.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 130
309 A.2. Character Repertoire . . . . . . . . . . . . . . . . . . 131
310 A.3. Mapping . . . . . . . . . . . . . . . . . . . . . . . . 131
311 A.4. Normalization . . . . . . . . . . . . . . . . . . . . . 131
312 A.5. Prohibited Output . . . . . . . . . . . . . . . . . . . 131
313 A.6. Bidirectional Characters . . . . . . . . . . . . . . . . 132
314 Appendix B. Resourceprep . . . . . . . . . . . . . . . . . . . . 132
315 B.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 132
316 B.2. Character Repertoire . . . . . . . . . . . . . . . . . . 133
317 B.3. Mapping . . . . . . . . . . . . . . . . . . . . . . . . 133
318 B.4. Normalization . . . . . . . . . . . . . . . . . . . . . 133
319 B.5. Prohibited Output . . . . . . . . . . . . . . . . . . . 133
320 B.6. Bidirectional Characters . . . . . . . . . . . . . . . . 133
321 Appendix C. XML Schemas . . . . . . . . . . . . . . . . . . . . 133
322 C.1. Streams namespace . . . . . . . . . . . . . . . . . . . 134
323 C.2. Stream error namespace . . . . . . . . . . . . . . . . . 135
324 C.3. STARTTLS namespace . . . . . . . . . . . . . . . . . . . 137
325 C.4. SASL namespace . . . . . . . . . . . . . . . . . . . . . 137
326 C.5. Resource binding namespace . . . . . . . . . . . . . . . 139
327 C.6. Stanza error namespace . . . . . . . . . . . . . . . . . 141
328 Appendix D. Contact Addresses . . . . . . . . . . . . . . . . . 142
329 Appendix E. Account Provisioning . . . . . . . . . . . . . . . . 143
330 Appendix F. Differences From RFC 3920 . . . . . . . . . . . . . 143
331 Appendix G. Copying Conditions . . . . . . . . . . . . . . . . . 144
332 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
333 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 145
334 Intellectual Property and Copyright Statements . . . . . . . . . 146
336 1. Introduction
338 1.1. Overview
340 The Extensible Messaging and Presence Protocol (XMPP) is an
341 application profile of the Extensible Markup Language [XML] for
342 streaming XML data in close to real time between any two (or more)
343 network-aware entities. XMPP is typically used to exchange messages,
344 share presence information, and engage in structured request-response
345 interactions. The basic syntax and semantics of XMPP were developed
346 originally within the Jabber open-source community, mainly in 1999.
347 In late 2002, the XMPP Working Group was chartered with developing an
348 adaptation of the core Jabber protocol that would be suitable as an
349 IETF instant messaging (IM) and presence technology. As a result of
350 work by the XMPP WG, [RFC3920] and [RFC3921] were published in
351 October 2004, representing the most complete definition of XMPP at
352 that time.
354 As a result of extensive implementation and deployment experience
355 with XMPP since 2004, as well as more formal interoperability testing
356 carried out under the auspices of the XMPP Standards Foundation
357 (XSF), this document reflects consensus from the XMPP developer
358 community regarding XMPP's core XML streaming technology. In
359 particular, this document incorporates the following backward-
360 compatible changes from RFC 3920:
362 o Corrections and errata
363 o Additional examples throughout
364 o Clarifications and more complete specification of matters that
365 were underspecified
366 o Modifications to reflect updated technologies for which XMPP is a
367 using protocol, e.g., Transport Layer Security (TLS) and the
368 Simple Authentication and Security Layer (SASL)
369 o Definition of several additional error conditions
370 o Addition of TLS plus SASL PLAIN as a mandatory-to-implement
371 technology
372 o Definition of optional support for multiple resources over the
373 same connection
374 o Removal of historical documentation for the server dialback
375 protocol from this specification to a separate specification
377 Therefore, this document defines the core features of XMPP 1.0 and
378 obsoletes RFC 3920.
380 Note: The XMPP extensions required to provide the basic instant
381 messaging and presence functionality defined in [IMP-REQS] are
382 specified in [XMPP-IM].
384 1.2. Functional Summary
386 This non-normative section provides a developer-friendly, functional
387 summary of XMPP; refer to the sections that follow for a normative
388 definition of XMPP.
390 The purpose of XMPP is to enable the exchange of relatively small
391 pieces of structured data (called "XML stanzas") over a network
392 between any two (or more) entities. XMPP is implemented using a
393 client-server architecture, wherein a client must connect to a server
394 in order to gain access to the network and thus be allowed to
395 exchange XML stanzas with other entities. The process whereby a
396 client connects to a server, exchanges XML stanzas, and ends the
397 connection is:
399 1. Determine the hostname and port at which to connect
400 2. Open a TCP connection
401 3. Open an XML stream
402 4. Complete TLS negotiation for channel encryption (recommended)
403 5. Complete SASL negotiation for authentication
404 6. Bind a resource to the stream
405 7. Exchange an unbounded number of XML stanzas with other entities
406 on the network
407 8. Close the XML stream
408 9. Close the TCP connection
410 In the sections following discussion of XMPP architecture and XMPP
411 addresses, this document specifies how clients connect to servers and
412 specifies the basic semantics of XML stanzas. However, this document
413 does not define the "payloads" of the XML stanzas that might be
414 exchanged once a connection is successfully established; instead,
415 definition of such semantics is provided by XMPP extensionsl. For
416 example, [XMPP-IM] defines extensions for basic instant messaging and
417 presence functionality. In addition, various specifications produced
418 in the XSF's XEP series [XEP-0001] define extensions for a wide range
419 of more advanced functionality.
421 Within the client-server architecture used by XMPP, one server may
422 optionally connect to another server to enable inter-domain or inter-
423 server communication. For this to happen, the two servers must
424 negotiate a connection between themselves and then exchange XML
425 stanzas; the process for doing so is:
427 1. Determine the hostname and port at which to connect
428 2. Open a TCP connection
429 3. Open an XML stream
430 4. Complete TLS negotiation for channel encryption (recommended)
431 5. Complete SASL negotiation for authentication
432 6. Exchange an unbounded number of XML stanzas both directly for the
433 servers and indirectly on behalf of entities associated with each
434 server (e.g., connected clients)
435 7. Close the XML stream
436 8. Close the TCP connection
438 Note: Depending on local service policies, a service may wish to use
439 the older server dialback protocol to provide weak identity
440 verification in cases where SASL negotiation would not result in
441 strong authentication (e.g., because the certificate presented by the
442 peer service during TLS negotiation is self-signed and thus provides
443 only weak identity); for details, see [XEP-0220].
445 1.3. Conventions
447 The following keywords are to be interpreted as described in [TERMS]:
448 "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD",
449 "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".
451 In examples, lines have been wrapped for improved readability,
452 "[...]" means elision, and the following prepended strings are used:
454 o C: = client
455 o E: = any XMPP entity
456 o I: = initiating entity
457 o P: = peer server
458 o R: = receiving entity
459 o S: = server
460 o S1: = server1
461 o S2: = server2
463 1.4. Discussion Venue
465 The editor welcomes discussion and comments related to the topics
466 presented in this document. The preferred forum is the
467 mailing list, for which archives and
468 subscription information are available at
469 <>.
471 2. Architecture
473 2.1. Overview
475 XMPP assumes a client-server architecture, wherein a client utilizing
476 XMPP accesses a server (normally over a [TCP] connection) and servers
477 can also communicate with each other over TCP connections.
479 A simplified architectural diagram for a typical deployment is shown
480 here, where the entities have the following significance:
482 o romeo@example.net -- an XMPP user.
483 o example.net -- an XMPP server.
484 o example.com -- an XMPP server.
485 o juliet@example.com -- an XMPP user.
487 example.net -------------------- example.com
488 | |
489 | |
490 romeo@example.net juliet@example.com
492 Note: Architectures that employ the syntax of XML stanzas (Section 9)
493 but that establish peer-to-peer connections directly between clients
494 using technologies based on [LINKLOCAL] have been deployed, but such
495 architectures are not XMPP and are best described as "XMPP-like"; for
496 details, see [XEP-0174].
498 2.2. Server
500 A SERVER is an entity whose primary responsibilities are to:
502 o Manage XML streams (Section 5) with local clients and deliver XML
503 stanzas (Section 9) to those clients over the negotiated XML
504 streams.
505 o Subject to local service policies on server-to-server
506 communication, manage XML streams (Section 5) with foreign servers
507 and route XML stanzas (Section 9) to those servers over the
508 negotiated XML streams.
510 Depending on the application, the secondary responsibilities of an
511 XMPP server may include:
513 o Storing XML data that is used by clients (e.g., contact lists for
514 users of XMPP-based instant messaging and presence applications);
515 in this case, the relevant XML stanza is handled directly by the
516 server itself on behalf of the client and is not routed to a
517 foreign server or delivered to a local entity.
518 o Hosting local services that also use XMPP as the basis for
519 communication but that provide additional functionality beyond
520 that defined in this document or in [XMPP-IM]; examples include
521 multi-user conferencing services as specified in [XEP-0045] and
522 publish-subscribe services as specified in [XEP-0060].
524 2.3. Client
526 A CLIENT is an entity that establiishes an XML stream with a server
527 by authenticating using the credentials of a local account and that
528 then completes resource binding (Section 8) in order to enable
529 delivery of XML stanzas via the server to the client. A client then
530 uses XMPP to communicate with its server, other clients, and any
531 other accessible entities on a network. Multiple clients may connect
532 simultaneously to a server on behalf of a local account, where each
533 client is differentiated by the resource identifier portion of an
534 XMPP address (e.g., vs. ), as
535 defined under Section 3 and Section 8. The RECOMMENDED port for TCP
536 connections between a client and a server is 5222, as registered with
537 the IANA (see Section 16.9).
539 2.4. Network
541 Because each server is identified by a network address and because
542 server-to-server communication is a straightforward extension of the
543 client-to-server protocol, in practice the system consists of a
544 network of servers that inter-communicate. Thus, for example,
545 is able to exchange messages, presence, and
546 other information with . This pattern is familiar
547 from messaging protocols (such as [SMTP]) that make use of network
548 addressing standards. Communication between any two servers is
549 OPTIONAL. If enabled, such communication SHOULD occur over XML
550 streams that are bound to [TCP] connections. The RECOMMENDED port
551 for TCP connections between servers is 5269, as registered with the
552 IANA (see Section 16.9).
554 3. Addresses
556 3.1. Overview
558 An ENTITY is anything that is network-addressable and that can
559 communicate using XMPP. For historical reasons, the native address
560 of an XMPP entity is called a JABBER IDENTIFIER or JID. A valid JID
561 contains a set of ordered elements formed of an XMPP domain
562 identifier, node identifier, and resource identifier.
564 The syntax for a JID is defined as follows using the Augmented
565 Backus-Naur Form as specified in [ABNF].
567 jid = [ node "@" ] domain [ "/" resource ]
568 node = 1*(nodepoint)
569 ; a "nodepoint" is a UTF-8 encoded Unicode code
570 ; point that satisfies the Nodeprep profile of
571 ; stringprep
572 domain = fqdn / address-literal / idnlabel
573 fqdn = (idnlabel 1*("." idnlabel))
574 ; an "idnlabel" is an internationalized label
575 ; as described in RFC 3490
576 address-literal = IPv4address / IPv6address
577 ; the "IPv4address" and "IPv6address" rules are
578 ; defined in Appendix B of RFC 3513
579 resource = 1*(resourcepoint)
580 ; a "resourcepoint" is a UTF-8 encoded Unicode
581 ; code point that satisfies the Resourceprep
582 ; profile of stringprep
584 All JIDs are based on the foregoing structure. One common use of
585 this structure is to identify a messaging and presence account, the
586 server that hosts the account, and a connected resource (e.g., a
587 specific device) in the form of . However,
588 node types other than clients are possible; for example, a specific
589 chat room offered by a multi-user conference service (see [XEP-0045])
590 could be addressed as (where "room" is the name of the
591 chat room and "service" is the hostname of the multi-user conference
592 service) and a specific occupant of such a room could be addressed as
593 (where "nick" is the occupant's room nickname).
594 Many other JID types are possible (e.g., could be a
595 server-side script or service).
597 Each allowable portion of a JID (node identifier, domain identifier,
598 and resource identifier) MUST NOT be more than 1023 bytes in length,
599 resulting in a maximum total size (including the '@' and '/'
600 separators) of 3071 bytes.
602 Note: While the format of a JID is consistent with [URI], an entity's
603 address on an XMPP network MUST be a JID (without a URI scheme) and
604 not a [URI] or [IRI] as specified in [XMPP-URI]; the latter
605 specification is provided only for use by non-XMPP applications.
607 3.2. Domain Identifier
609 The DOMAIN IDENTIFIER portion of a JID is that portion after the '@'
610 character (if any) and before the '/' character (if any); it is the
611 primary identifier and is the only REQUIRED element of a JID (a mere
612 domain identifier is a valid JID). Typically a domain identifier
613 identifies the "home" server to which clients connect for XML routing
614 and data management functionality. (Note: A single server may
615 service multiple domain identifiers, i.e., multiple local domains.)
616 However, it is not necessary for an XMPP domain identifier to
617 identify an entity that provides core XMPP server functionality
618 (e.g., a domain identifier may identity an entity such as a multi-
619 user conference service, a publish-subscribe service, or a user
620 directory).
622 The domain identifier for every server or service that will
623 communicate over a network SHOULD be a fully qualified domain name
624 (see [DNS]) but MAY be either an IPv4 or IPv6 address or a text label
625 (commonly called an "unqualified hostname") that is resolvable on a
626 local network. If the domain identifier includes a final character
627 considered to be a label separator (dot) by [IDNA] or [STD13], this
628 character MUST be stripped from the domain identifier before the JID
629 of which it is a part is used for the purpose of routing an XML
630 stanza, comparing against another JID, or constructing an [XMPP-URI];
631 in particular, the character should be stripped before any other
632 canonicalization steps are taken (such as application of the
633 [NAMEPREP] profile of [STRINGPREP] or completion of the ToASCII
634 operation as described in [IDNA]).
636 A domain identifier MUST be an "internationalized domain name" as
637 defined in [IDNA], that is, "a domain name in which every label is an
638 internationalized label". When preparing a text label (consisting of
639 a sequence of Unicode code points) for representation as an
640 internationalized label in the process of constructing an XMPP domain
641 identifier or comparing two XMPP domain identifiers, an application
642 MUST ensure that for each text label it is possible to apply without
643 failing the ToASCII operation specified in [IDNA] with the
644 UseSTD3ASCIIRules flag set (thus forbidding ASCII code points other
645 than letters, digits, and hyphens). If the ToASCII operation can be
646 applied without failing, then the label is an internationalized
647 label. An internationalized domain name (and therefore an XMPP
648 domain identifier) is constructed from its constituent
649 internationalized labels by following the rules specified in [IDNA].
650 (Note: The ToASCII operation includes application of the [NAMEPREP]
651 profile of [STRINGPREP] and encoding using the algorithm specified in
652 [PUNYCODE]; for details, see [IDNA].)
654 3.3. Node Identifier
656 The NODE IDENTIFIER portion of a JID is an optional secondary
657 identifier placed before the domain identifier and separated from the
658 latter by the '@' character. Typically a node identifier uniquely
659 identifies the entity requesting and using network access provided by
660 a server (i.e., a local account), although it can also represent
661 other kinds of entities (e.g., a chat room associated with a multi-
662 user conference service). The entity represented by an XMPP node
663 identifier is addressed within the context of a specific domain.
664 When the domain is an XMPP server and the entity is a local account
665 on the server, the resulting address (of the form ) is
666 called a BARE JID.
668 A node identifier MUST be formatted such that the Nodeprep profile of
669 [STRINGPREP] can be applied without failing (see Appendix A). Before
670 comparing two node identifiers, an application MUST first apply the
671 Nodeprep profile to each identifier.
673 3.4. Resource Identifier
675 The RESOURCE IDENTIFIER portion of a JID is an optional tertiary
676 identifier placed after the domain identifier and separated from the
677 latter by the '/' character. A resource identifier may modify either
678 a address or a mere address. Typically a
679 resource identifier uniquely identifies a specific connection (e.g.,
680 a device or location) or object (e.g., a participant in a multi-user
681 conference room) belonging to the entity associated with an XMPP node
682 identifier at a local domain. XMPP entities SHOULD consider resource
683 identifiers to be opaque strings and SHOULD NOT impute meaning to any
684 given resource identifier. A resource identifier is negotiated
685 between a client and a server during resource binding (Section 8),
686 after which the entity is referred to as a CONNECTED RESOURCE and its
687 address (of the form ) is referred to as a FULL
688 JID. An entity MAY maintain multiple connected resources
689 simultaneously, with each connected resource differentiated by a
690 distinct resource identifier.
692 A resource identifier MUST be formatted such that the Resourceprep
693 profile of [STRINGPREP] can be applied without failing (see
694 Appendix B). Before comparing two resource identifiers, an
695 application MUST first apply the Resourceprep profile to each
696 identifier.
698 3.5. Determination of Addresses
700 After SASL negotiation (Section 7) and, if appropriate, resource
701 binding (Section 8), the receiving entity for a stream MUST determine
702 the initiating entity's JID.
704 For server-to-server communication, the initiating entity's JID
705 SHOULD be the authorization identity (as defined by [SASL]), either
706 (1) as directly communicated by the initiating entity during SASL
707 negotiation (Section 7) or (2) as derived from the authentication
708 identity if no authorization identity was specified during SASL
709 negotiation (Section 7).
711 For client-to-server communication, the client's bare JID
712 () SHOULD be the authorization identity (as defined by
713 [SASL]), either (1) as directly communicated by the initiating entity
714 during SASL negotiation (Section 7) or (2) as derived from the
715 authentication identity if no authorization identity was specified
716 during SASL negotiation (Section 7). The resource identifier portion
717 of the full JID () SHOULD be the resource
718 identifier negotiated by the client and server during resource
719 binding (Section 8).
721 The receiving entity MUST ensure that the resulting JID (including
722 node identifier, domain identifier, resource identifier, and
723 separator characters) conforms to the rules and formats defined
724 earlier in this section; to meet this restriction, the receiving
725 entity may need to replace the JID sent by the initiating entity with
726 the canonicalized JID as determined by the receiving entity.
728 4. TCP Binding
730 4.1. Scope
732 As XMPP is defined in this specification, an initiating entity
733 (client or server) MUST open a Transmission Control Protocol [TCP]
734 connection at the receiving entity (server) before it negotiates XML
735 streams with the receiving entity. The rules specified in the
736 following sections apply to the TCP binding.
738 4.2. Hostname Resolution
740 Before opening the TCP connection, the initiating entity first MUST
741 resolve the Domain Name System (DNS) hostname associated with the
742 receiving entity and determine the appropriate TCP port for
743 communication with the receiving entity. The process is:
745 1. Attempt to resolve the hostname using a [DNS-SRV] Service of
746 "xmpp-client" (for client-to-server connections) or "xmpp-server"
747 (for server-to-server connections) and Proto of "tcp", resulting
748 in resource records such as "_xmpp-client._tcp.example.com." or
749 "_xmpp-server._tcp.example.com.". The result of the SRV lookup
750 will be one or more combinations of a port and hostname; the
751 initiating entity MUST resolve one of the hostnames in order to
752 determine an IP address at which to connect.
753 2. If the SRV lookup fails, the fallback SHOULD be a normal IPv4 or
754 [IPv6] address record resolution to determine the IP address,
755 where the port used is the "xmpp-client" port of 5222 for client-
756 to-server connections or the "xmpp-server" port 5269 for server-
757 to-server connections.
759 3. For client-to-server connections, the fallback MAY be a [DNS-TXT]
760 lookup for alternative connection methods, for example as
761 described in [XEP-0156].
763 4.3. Client-to-Server Communications
765 Because a client is subordinate to a server and therefore a client
766 authenticates to the server but the server does not authenticate to
767 the client, it is necessary to have only one TCP connection between
768 client and server. Thus the server MUST allow the client to share a
769 single TCP connection for XML stanzas sent from client to server and
770 from server to client (i.e., the inital stream and response stream as
771 specified under Section 5).
773 4.4. Server-to-Server Communications
775 Because two servers are peers and therefore each peer must
776 authenticate with the other, the servers MUST use two TCP
777 connections: one for XML stanzas sent from the first server to the
778 second server and another (initiated by the second server) for XML
779 stanzas from the second server to the first server.
781 This rule applies only to XML stanzas (Section 9). Therefore during
782 STARTTLS negotiation (Section 6) and SASL negotiation (Section 7) the
783 servers would use one TCP connection, but after stream setup that TCP
784 connection would be used only for the initiating server to send XML
785 stanzas to the receiving server. In order for the receiving server
786 to send XML stanzas to the initiating server, the receiving server
787 would need to reverse the roles and negotiate an XML stream from the
788 receiving server to the initiating server.
790 4.5. Other Bindings
792 There is no necessary coupling of an XML stream to a TCP connection.
793 For example, two entities could connect to each other via another
794 transport, such as [HTTP] as specified in [XEP-0124] and [XEP-0206].
795 However, this specification defines a binding of XMPP to TCP only.
797 5. XML Streams
799 5.1. Overview
801 Two fundamental concepts make possible the rapid, asynchronous
802 exchange of relatively small payloads of structured information
803 between presence-aware entities: XML streams and XML stanzas. These
804 terms are defined as follows.
806 Definition of XML Stream: An XML STREAM is a container for the
807 exchange of XML elements between any two entities over a network.
808 The start of an XML stream is denoted unambiguously by an opening
809 STREAM HEADER (i.e., an XML tag with appropriate
810 attributes and namespace declarations), while the end of the XML
811 stream is denoted unambiguously by a closing XML tag.
812 During the life of the stream, the entity that initiated it can
813 send an unbounded number of XML elements over the stream, either
814 elements used to negotiate the stream (e.g., to complete TLS
815 negotiation (Section 6) or SASL negotiation (Section 7)) or XML
816 stanzas. The INITIAL STREAM is negotiated from the initiating
817 entity (typically a client or server) to the receiving entity
818 (typically a server), and can be seen as corresponding to the
819 initiating entity's "connection" or "session" with the receiving
820 entity. The initial stream enables unidirectional communication
821 from the initiating entity to the receiving entity; in order to
822 enable information exchange from the receiving entity to the
823 initiating entity, the receiving entity MUST negotiate a stream in
824 the opposite direction (the RESPONSE STREAM).
825 Definition of XML Stanza: An XML STANZA is a discrete semantic unit
826 of structured information that is sent from one entity to another
827 over an XML stream. An XML stanza is the basic unit of meaning in
828 XMPP. An XML stanza exists at the direct child level of the root
829 element and is said to be well-balanced if it matches
830 the production [43] content of [XML]. The start of any XML stanza
831 is denoted unambiguously by the element start tag at depth=1 of
832 the XML stream (e.g., ), and the end of any XML stanza
833 is denoted unambiguously by the corresponding close tag at depth=1
834 (e.g., ); a server MUST NOT process a partial stanza
835 and MUST NOT attach meaning to the transmission timing of any part
836 of a stanza (before receipt of the close tag). The only XML
837 stanzas defined herein are the , , and
838 elements qualified by the default namespace for the stream, as
839 described under Section 9; an XML element sent for the purpose of
840 TLS negotiation (Section 6) or SASL negotiation (Section 7) is not
841 considered to be an XML stanza. An XML stanza MAY contain child
842 elements (with accompanying attributes, elements, and XML
843 character data) as necessary in order to convey the desired
844 information, which MAY be qualified by any XML namespace (see
845 [XML-NAMES] as well as Section 9.4 herein).
847 Consider the example of a client's connection to a server. In order
848 to connect to a server, a client MUST initiate an XML stream by
849 sending a stream header to the server, optionally preceded by a text
850 declaration specifying the XML version and the character encoding
851 supported (see Section 12.4 and Section 12.5). Subject to local
852 policies and service provisioning, the server SHOULD then reply with
853 a second XML stream back to the client, again optionally preceded by
854 a text declaration. Once the client has completed SASL negotiation
855 (Section 7) and resource binding (Section 8), the client MAY send an
856 unbounded number of XML stanzas over the stream. When the client
857 desires to close the stream, it simply sends a closing tag
858 to the server (see Section 5.6).
860 In essence, then, an XML stream acts as an envelope for all the XML
861 stanzas sent during a connection. We can represent this in a
862 simplistic fashion as follows.
864 +--------------------+
865 | |
866 |--------------------|
867 | |
868 | |
869 | |
870 |--------------------|
871 | |
872 | |
873 | |
874 |--------------------|
875 | |
876 | |
877 | |
878 |--------------------|
879 | |
880 | |
881 | |
882 |--------------------|
883 | [ ... ] |
884 |--------------------|
885 | |
886 +--------------------+
888 Note: Those who are accustomed to thinking of XML in a document-
889 centric manner may wish to view a client's connection to a server as
890 consisting of two open-ended XML documents: one from the client to
891 the server and one from the server to the client. From this
892 perspective, the root element can be considered the
893 document entity for each "document", and the two "documents" are
894 built up through the accumulation of XML stanzas sent over the two
895 XML streams. However, this perspective is a convenience only; XMPP
896 does not deal in documents but in XML streams and XML stanzas.
898 5.2. Stream Security
900 For the purpose of stream security, both Transport Layer Security
901 (see Section 6) and the Simple Authentication and Security Layer (see
902 Section 7) are mandatory to implement.
904 When negotiating XML streams in XMPP 1.0, TLS SHOULD be used as
905 defined under Section 6 and SASL MUST be used as defined under
906 Section 7. The initial stream and the response stream MUST be
907 secured separately, although security in both directions MAY be
908 established via mechanisms that provide mutual authentication.
910 The initiating entity SHOULD NOT attempt to send XML stanzas
911 (Section 9) over the stream before the stream has been authenticated.
912 However, if it does attempt to do so, the receiving entity MUST NOT
913 accept such stanzas and MUST return a stream error
914 and then terminate both the XML stream and the underlying TCP
915 connection. Note: This applies to XML stanzas only (i.e.,
916 , , and elements qualified by the default
917 namespace) and not to XML elements used for stream negotiation (e.g.,
918 elements used to complete TLS negotiation (Section 6) or SASL
919 negotiation (Section 7)).
921 5.3. Stream Attributes
923 The attributes of the root element are as follows.
925 5.3.1. from
927 In client-to-server communication, the 'from' attribute SHOULD be
928 included in the initial stream header and (if included) MUST be set
929 to the account name (i.e., bare JID = ) of the entity
930 controlling the client.
932 C:
933
941 In server-to-server communication, the 'from' attribute SHOULD be
942 included in the initial stream header and (if included) MUST be set
943 to a hostname serviced by the initiating entity.
945 P:
946
954 In both client-to-server and server-to-server communications, the
955 'from' attribute MUST be included in the response stream header and
956 MUST be set to a hostname serviced by the receiving entity that is
957 granting access to the initiating entity.
959 S:
960
969 Note: Each entity MUST verify the identity of the other entity before
970 exchanging XML stanzas with it (see Section 15.3 and Section 15.4).
972 5.3.2. to
974 In both client-to-server and server-to-server communications, the
975 'to' attribute SHOULD be included in the initial stream header and
976 (if included) MUST be set to a hostname serviced by the receiving
977 entity.
979 C:
980
988 In client-to-server communication, if the client included a 'from'
989 address in the initial stream header then the server SHOULD include a
990 'to' attribute in the response stream header and (if included) MUST
991 set the 'to' attribute to the bare JID specified in the 'from'
992 attribute of the initial stream header.
994 S:
995
1004 In server-to-server communication, if the initiating entity included
1005 a 'from' address in the initial stream header then the receiving
1006 entity SHOULD include a 'to' attribute in the response stream header
1007 and (if included) MUST set the 'to' attribute to the hostname
1008 specified in the 'from' attribute of the initial stream header.
1010 S:
1011
1020 Note: Each entity MUST verify the identity of the other entity before
1021 exchanging XML stanzas with it (see Section 15.3 and Section 15.4).
1023 5.3.3. id
1025 There SHOULD NOT be an 'id' attribute in the initial stream header;
1026 however, if an 'id' attribute is included, it SHOULD be silently
1027 ignored by the receiving entity.
1029 C:
1030
1038 The 'id' attribute MUST be included in the response XML stream
1039 header. This attribute is a unique identifier created by the
1040 receiving entity to function as a identifier for the initiating
1041 entity's two streams with the receiving entity, and MUST be unique
1042 within the receiving application (normally a server).
1044 S:
1045
1054 Note: The stream ID may be security-critical and therefore MUST be
1055 both unpredictable and nonrepeating (see [RANDOM] for recommendations
1056 regarding randomness for security purposes).
1058 5.3.4. xml:lang
1060 An 'xml:lang' attribute (as defined in Section 2.12 of [XML]) SHOULD
1061 be included in the initial stream header to specify the default
1062 language of any human-readable XML character data it sends over that
1063 stream.
1065 C:
1066
1074 If the attribute is included, the receiving entity SHOULD remember
1075 that value as the default for both the initial stream and the
1076 response stream; if the attribute is not included, the receiving
1077 entity SHOULD use a configurable default value for both streams,
1078 which it MUST communicate in the response stream header.
1080 S:
1081
1090 For all stanzas sent over the initial stream, if the initiating
1091 entity does not include an 'xml:lang' attribute, the receiving entity
1092 SHOULD apply the default value; if the initiating entity does include
1093 an 'xml:lang' attribute, the receiving entity MUST NOT modify or
1094 delete it (see also Section 9.1.5). The value of the 'xml:lang'
1095 attribute MUST conform to the NMTOKEN datatype (as defined in Section
1096 2.3 of [XML]) and MUST conform to the format defined in [LANGTAGS].
1098 5.3.5. version
1100 The presence of the version attribute set to a value of at least
1101 "1.0" signals support for the stream-related protocols (including
1102 stream features) defined in this specification.
1104 The version of XMPP specified herein is "1.0"; in particular, XMPP
1105 1.0 encapsulates the stream-related protocols (TLS negotiation
1106 (Section 6), SASL negotiation (Section 7), and stream errors
1107 (Section 5.8)), as well as the basic semantics of the three defined
1108 XML stanza types ( , , and ).
1110 The numbering scheme for XMPP versions is ".". The
1111 major and minor numbers MUST be treated as separate integers and each
1112 number MAY be incremented higher than a single digit. Thus, "XMPP
1113 2.4" would be a lower version than "XMPP 2.13", which in turn would
1114 be lower than "XMPP 12.3". Leading zeros (e.g., "XMPP 6.01") MUST be
1115 ignored by recipients and MUST NOT be sent.
1117 The major version number should be incremented only if the stream and
1118 stanza formats or required actions have changed so dramatically that
1119 an older version entity would not be able to interoperate with a
1120 newer version entity if it simply ignored the elements and attributes
1121 it did not understand and took the actions specified in the older
1122 specification.
1124 The minor version number should be incremented only if significant
1125 new capabilities have been added to the core protocol (e.g., a newly
1126 defined value of the 'type' attribute for message, presence, or IQ
1127 stanzas). The minor version number MUST be ignored by an entity with
1128 a smaller minor version number, but MAY be used for informational
1129 purposes by the entity with the larger minor version number (e.g.,
1130 the entity with the larger minor version number would simply note
1131 that its correspondent would not be able to understand that value of
1132 the 'type' attribute and therefore would not send it).
1134 The following rules apply to the generation and handling of the
1135 'version' attribute within stream headers:
1137 1. The initiating entity MUST set the value of the 'version'
1138 attribute in the initial stream header to the highest version
1139 number it supports (e.g., if the highest version number it
1140 supports is that defined in this specification, it MUST set the
1141 value to "1.0").
1142 2. The receiving entity MUST set the value of the 'version'
1143 attribute in the response stream header to either the value
1144 supplied by the initiating entity or the highest version number
1145 supported by the receiving entity, whichever is lower. The
1146 receiving entity MUST perform a numeric comparison on the major
1147 and minor version numbers, not a string match on
1148 ".".
1149 3. If the version number included in the response stream header is
1150 at least one major version lower than the version number included
1151 in the initial stream header and newer version entities cannot
1152 interoperate with older version entities as described, the
1153 initiating entity SHOULD generate an
1154 stream error and terminate the XML stream and underlying TCP
1155 connection.
1156 4. If either entity receives a stream header with no 'version'
1157 attribute, the entity MUST consider the version supported by the
1158 other entity to be "0.9" and SHOULD NOT include a 'version'
1159 attribute in the response stream header.
1161 5.3.6. Summary
1163 We can summarize the attributes of the root element as
1164 follows.
1166 +----------+--------------------------+-------------------------+
1167 | | initiating to receiving | receiving to initiating |
1168 +----------+--------------------------+-------------------------+
1169 | to | JID of receiver | JID of initiator |
1170 | from | JID of initiator | JID of receiver |
1171 | id | silently ignored | stream identifier |
1172 | xml:lang | default language | default language |
1173 | version | XMPP 1.0+ supported | XMPP 1.0+ supported |
1174 +----------+--------------------------+-------------------------+
1176 Note: The attributes of the root element are not prepended
1177 by a 'stream:' prefix because, in accordance with Section 5.3 of
1178 [XML-NAMES], the default namespace does not apply to attribute names.
1180 5.4. Namespace Declarations
1182 The stream element MUST possess both a streams namespace declaration
1183 and a default namespace declaration (as "namespace declaration" is
1184 defined in [XML-NAMES]). For detailed information regarding the
1185 streams namespace and default namespace, see Section 12.2.
1187 5.5. Stream Features
1189 If the initiating entity includes the 'version' attribute set to a
1190 value of at least "1.0" in the initial stream header, after sending
1191 the response stream header the receiving entity MUST send a
1192 child element (prefixed by the streams namespace prefix)
1193 to the initiating entity in order to announce any stream-level
1194 features that can be negotiated (or capabilities that otherwise need
1195 to be advertised).
1197 S:
1198
1206 S:
1207
1208
1209
1210
1212 Stream features are used mainly to advertise TLS negotiation
1213 (Section 6), SASL negotiation (Section 7), and resource binding
1214 (Section 8); however, stream features also can be used to advertise
1215 features associated with various XMPP extensions. If an entity does
1216 not understand or support a feature, it SHOULD silently ignore the
1217 associated feature.
1219 If one or more security features (e.g., TLS and SASL) need to be
1220 successfully negotiated before a non-security-related feature (e.g.,
1221 resource binding) can be offered, the non-security-related feature
1222 SHOULD NOT be included in the stream features that are advertised
1223 before the relevant security features have been negotiated.
1225 If a feature must be negotiated before the initiating entity may
1226 proceed, that feature SHOULD include a child element.
1228 If there are no features to be advertised (e.g., in the stream reset
1229 initiated after successful SASL negotiation for a server-to-server
1230 connection, or after resource binding for a client-to-server stream)
1231 then the receiving entity MUST include an empty
1232 element after sending a response stream header.
1234 S:
1235
1243 S:
1245 5.6. Closing Streams
1247 At any time after XML streams have been negotiated between two
1248 entities, either entity MAY close its stream to the other entity in
1249 the absence of a stream error by sending a closing stream tag:
1251 C:
1253 The entity that sends the closing stream tag SHOULD wait for the
1254 other entity to also close its stream:
1256 S:
1258 However, the entity that sends the first closing stream tag MAY
1259 consider both streams to be void if the other entity does not send
1260 its closing stream tag within a reasonable amount of time (where the
1261 definition of "reasonable" is left up to the implementation or
1262 deployment).
1264 After an entity sends a closing stream tag, it MUST NOT send further
1265 data over that stream.
1267 After the entity that sent the first closing stream tag receives a
1268 reciprocal closing stream tag from the other entity, it MUST
1269 terminate the underlying TCP connection or connections.
1271 Note: Closing of XML streams is handled differently in the case of a
1272 stream error; see Section 5.8.1.1.
1274 5.7. Reconnection
1276 It can happen that an XMPP server goes offline while servicing
1277 connections from local clients and from other servers. Because the
1278 number of such connections can be quite large, the reconnection
1279 algorithm employed by entities that seek to reconnect can have a
1280 significant impact on software and network performance. The
1281 following guidelines are RECOMMENDED:
1283 o The time to live (TTL) specified in Domain Name System records
1284 SHOULD be honored, even if DNS results are cached; if the TTL has
1285 not expired, an entity that seeks to reconnect SHOULD NOT re-
1286 resolve the server hostname before reconnecting.
1287 o The time that expires before an entity first seeks to reconnect
1288 SHOULD be randomized (e.g., so that all clients do not attempt to
1289 reconnect 30 seconds after being disconnected).
1290 o If the first reconnection attempt does not succeed, an entity
1291 SHOULD back off exponentially on the time between subsequent
1292 reconnection attempts.
1294 5.8. Stream Errors
1296 The root stream element MAY contain an child element that is
1297 prefixed by the streams namespace prefix. The error child shall be
1298 sent by a compliant entity if it perceives that a stream-level error
1299 has occurred.
1301 5.8.1. Rules
1303 The following rules apply to stream-level errors.
1305 5.8.1.1. Stream Errors Are Unrecoverable
1307 Stream-level errors are unrecoverable. Therefore, if an error occurs
1308 at the level of the stream, the entity that detects the error MUST
1309 send a stream error to the other entity, send a closing
1310 tag, and immediately terminate the underlying TCP connection.
1312 C:
1314 S:
1315
1317
1318
1320 5.8.1.2. Stream Errors Can Occur During Setup
1322 If the error occurs while the stream is being set up, the receiving
1323 entity MUST still send the opening tag, include the
1324 element as a child of the stream element, send the closing
1325 tag, and immediately terminate the underlying TCP connection.
1327 C:
1328
1336 S:
1337
1346
1348
1349
1351 5.8.1.3. Stream Errors When the Host is Unspecified
1353 If the initiating entity provides no 'to' attribute or provides an
1354 unknown host in the 'to' attribute and the error occurs during stream
1355 setup, the receiving entity SHOULD provide its authoritative hostname
1356 in the 'from' attribute of the stream header sent before termination.
1358 C:
1359
1366 S:
1367
1375
1376
1378
1379
1381 5.8.2. Syntax
1383 The syntax for stream errors is as follows, where "defined-condition"
1384 is a placeholder for one of the conditions defined under
1385 Section 5.8.3.
1387
1388
1389 [
1391 [ ... descriptive text ... ]
1392 ]
1393 [application-specific condition element]
1394
1396 The element:
1398 o MUST contain a child element corresponding to one of the defined
1399 stream error conditions (Section 5.8.3); this element MUST be
1400 qualified by the 'urn:ietf:params:xml:ns:xmpp-streams' namespace.
1401 o MAY contain a child element containing XML character data
1402 that describes the error in more detail; this element MUST be
1403 qualified by the 'urn:ietf:params:xml:ns:xmpp-streams' namespace
1404 and SHOULD possess an 'xml:lang' attribute specifying the natural
1405 language of the XML character data.
1407 o MAY contain a child element for an application-specific error
1408 condition; this element MUST be qualified by an application-
1409 defined namespace, and its structure is defined by that namespace
1410 (see Section 5.8.4).
1412 The element is OPTIONAL. If included, it SHOULD be used only
1413 to provide descriptive or diagnostic information that supplements the
1414 meaning of a defined condition or application-specific condition. It
1415 SHOULD NOT be interpreted programmatically by an application. It
1416 SHOULD NOT be used as the error message presented to a human user,
1417 but MAY be shown in addition to the error message associated with the
1418 included condition element or elements.
1420 5.8.3. Defined Stream Error Conditions
1422 The following stream-level error conditions are defined.
1424 5.8.3.1. bad-format
1426 The entity has sent XML that cannot be processed.
1428 (In the following example, the client sends an XMPP message that is
1429 not well-formed XML.)
1431 C:
1432 No closing body tag!
1433
1435 S:
1436
1438
1439
1441 This error MAY be used instead of the more specific XML-related
1442 errors, such as , , , , and . However,
1444 the more specific errors are preferred.
1446 5.8.3.2. bad-namespace-prefix
1448 The entity has sent a namespace prefix that is unsupported, or has
1449 sent no namespace prefix on an element that requires such a prefix
1450 (see Section 12.2).
1452 (In the following example, the client specifies a namespace prefix of
1453 "foobar" for the XML streams namespace.)
1454 C:
1455
1462 S:
1463
1471
1472
1474
1475
1477 5.8.3.3. conflict
1479 The server is either (1) closing the existing stream for this entity
1480 because a new stream has been initiated that conflicts with the
1481 existing stream, or (2) is refusing a new stream for this entity
1482 because allowing the new stream would conflict with an existing
1483 stream (e.g., because the server allows only a certain number of
1484 connections from the same IP address).
1486 C:
1487
1494 S:
1495
1503
1504
1506
1507
1509 5.8.3.4. connection-timeout
1511 The entity has not generated any traffic over the stream for some
1512 period of time (configurable according to a local service policy) and
1513 therefore the connection is being dropped.
1515 P:
1516
1518
1519
1521 5.8.3.5. host-gone
1523 The value of the 'to' attribute provided in the initial stream header
1524 corresponds to a hostname that is no longer hosted by the receiving
1525 entity.
1527 (In the following example, the peer specifies a 'to' address of
1528 "foo.example.com" when connecting to the "example.com" server, but
1529 the server no longer hosts a service at that address.)
1530 P:
1531
1538 S:
1539
1547
1548
1550
1551
1553 5.8.3.6. host-unknown
1555 The value of the 'to' attribute provided by in the initial stream
1556 header does not correspond to a hostname that is hosted by the
1557 receiving entity.
1559 (In the following example, the peer specifies a 'to' address of
1560 "example.org" when connecting to the "example.com" server, but the
1561 server knows nothing of that address.)
1562 P:
1563
1570 S:
1571
1579
1580
1582
1583
1585 5.8.3.7. improper-addressing
1587 A stanza sent between two servers lacks a 'to' or 'from' attribute
1588 (or the attribute has no value).
1590 (In the following example, the peer sends a stanza without a 'to'
1591 address.)
1593 P:
1594 Wherefore art thou?
1595
1597 S:
1598
1600
1601
1603 5.8.3.8. internal-server-error
1605 The server has experienced a misconfiguration or an otherwise-
1606 undefined internal error that prevents it from servicing the stream.
1608 S:
1609
1611
1612
1614 5.8.3.9. invalid-from
1616 The JID or hostname provided in a 'from' address does not match an
1617 authorized JID or validated domain negotiated between servers via
1618 SASL, or between a client and a server via authentication and
1619 resource binding.
1621 (In the following example, a peer that has authenticated only as
1622 "example.net" attempts to send a stanza from an address at
1623 "example.org".)
1625 P:
1626 Neither, fair saint, if either thee dislike.
1627
1629 S:
1630
1632
1633
1635 5.8.3.10. invalid-id
1637 The stream ID or server dialback ID is invalid or does not match an
1638 ID previously provided.
1640 (In the following example, the server dialback ID is invalid; see
1641 [XEP-0220].)
1643 P:
1649 S:
1650
1652
1653
1655 5.8.3.11. invalid-namespace
1657 The streams namespace name is something other than
1658 "http://etherx.jabber.org/streams" (see Section 12.2).
1660 (In the following example, the client specifies a streams namespace
1661 of 'http://wrong.namespace.example.org/' instead of the correct
1662 namespace of "http://etherx.jabber.org/streams".)
1664 C:
1665
1672 S:
1673
1681
1682
1684
1685
1687 5.8.3.12. invalid-xml
1689 The entity has sent invalid XML over the stream to a server that
1690 performs validation (see Section 12.3).
1692 (In the following example, the peer attempts to send an IQ stanza of
1693 type "subscribe" but there is no such value for the 'type'
1694 attribute.)
1695 P:
1699
1700
1702 S:
1703
1705
1706
1708 5.8.3.13. not-authorized
1710 The entity has attempted to send XML stanzas before the stream has
1711 been authenticated, or otherwise is not authorized to perform an
1712 action related to stream negotiation; the receiving entity MUST NOT
1713 process the offending stanza before sending the stream error.
1715 (In the following example, the client attempts to send XML stanzas
1716 before authenticating with the server.)
1717 C:
1718
1725 S:
1726
1736 Wherefore art thou?
1737
1739 S:
1740
1742
1743
1745 5.8.3.14. policy-violation
1747 The entity has violated some local service policy (e.g., the stanza
1748 exceeds a configured size limit); the server MAY choose to specify
1749 the policy in the element or an application-specific
1750 condition element.
1752 (In the following example, the client sends an XMPP message that is
1753 too large according to the server's local service policy.)
1755 C:
1756 [ ... the-emacs-manual ... ]
1757
1759 S:
1760
1762
1764 S:
1766 5.8.3.15. remote-connection-failed
1768 The server is unable to properly connect to a remote entity that is
1769 required for authentication or authorization.
1771 C:
1772
1779 S:
1780
1788
1789
1791
1792
1794 5.8.3.16. resource-constraint
1796 The server lacks the system resources necessary to service the
1797 stream.
1799 C:
1800
1807 S:
1808
1816
1817
1819
1820
1822 5.8.3.17. restricted-xml
1824 The entity has attempted to send restricted XML features such as a
1825 comment, processing instruction, DTD, entity reference, or unescaped
1826 character (see Section 12.1).
1828 (In the following example, the client sends an XMPP message
1829 containing an XML comment.)
1831 C:
1832
1833 This message has no subject.
1834
1836 S:
1837
1839
1840
1842 5.8.3.18. see-other-host
1844 The server will not provide service to the initiating entity but is
1845 redirecting traffic to another host; the XML character data of the
1846 element returned by the server SHOULD specify the
1847 alternate hostname or IP address at which to connect, which SHOULD be
1848 a valid domain identifier but may also include a port number; if no
1849 port is specified, the initiating entity SHOULD perform a [DNS-SRV]
1850 lookup on the provided domain identifier but MAY assume that it can
1851 connect to that domain identifier at the standard XMPP ports (i.e.,
1852 5222 for client-to-server connections and 5269 for server-to-server
1853 connections).
1855 C:
1856
1863 S:
1864
1872
1873
1875 xmpp.example.com:9090
1876
1877
1878
1880 5.8.3.19. system-shutdown
1882 The server is being shut down and all active streams are being
1883 closed.
1885 S:
1886
1888
1889
1891 5.8.3.20. undefined-condition
1893 The error condition is not one of those defined by the other
1894 conditions in this list; this error condition SHOULD be used only in
1895 conjunction with an application-specific condition.
1897 S:
1898
1900
1901
1902
1904 5.8.3.21. unsupported-encoding
1906 The initiating entity has encoded the stream in an encoding that is
1907 not supported by the server (see Section 12.5).
1909 (In the following example, the client attempts to encode data using
1910 UTF-16 instead of UTF-8.)
1912 C:
1913
1920 S:
1921
1930
1932
1933
1935 5.8.3.22. unsupported-stanza-type
1937 The initiating entity has sent a first-level child of the stream that
1938 is not supported by the server or consistent with the default
1939 namespace.
1941 (In the following example, the client attempts to send an XML stanza
1942 of when the default namespace is "jabber:client".)
1944 C:
1945
1946 -
1947
1948 Soliloquy
1949
1950 To be, or not to be: that is the question:
1951 Whether 'tis nobler in the mind to suffer
1952 The slings and arrows of outrageous fortune,
1953 Or to take arms against a sea of troubles,
1954 And by opposing end them?
1955
1956
1958 tag:denmark.lit,2003:entry-32397
1959 2003-12-13T18:30:02Z
1960 2003-12-13T18:30:02Z
1961
1962
1963
1964
1966 S:
1967
1969
1970
1972 5.8.3.23. unsupported-version
1974 The value of the 'version' attribute provided by the initiating
1975 entity in the stream header specifies a version of XMPP that is not
1976 supported by the server; the server MAY specify the version(s) it
1977 supports in the element.
1979 (In the following example, the client specifies an XMPP version of
1980 "11.0" but the server supports only version "1.0" and "1.1".)
1981 C:
1982
1989 S:
1990
1999
2001
2002 1.0, 1.1
2003
2004
2005
2007 5.8.3.24. xml-not-well-formed
2009 The initiating entity has sent XML that is not well-formed as defined
2010 by [XML].
2012 (In the following example, the client sends an XMPP message that is
2013 not well-formed XML.)
2015 C:
2016 No closing body tag!
2017
2019 S:
2020
2022
2023
2025 5.8.4. Application-Specific Conditions
2027 As noted, an application MAY provide application-specific stream
2028 error information by including a properly-namespaced child in the
2029 error element. The application-specific element SHOULD supplement or
2030 further qualify a defined element. Thus the element will
2031 contain two or three child elements:
2033 C:
2034
2035 My keyboard layout is:
2037 QWERTYUIOP{}|
2038 ASDFGHJKL:"
2039 ZXCVBNM<>?
2040
2041
2043 S:
2044
2046
2047 Some special application diagnostic information!
2048
2049
2050
2051
2053 5.9. Simplified Stream Examples
2055 This section contains two simplified examples of a stream-based
2056 connection of a client on a server; these examples are included for
2057 the purpose of illustrating the concepts introduced thus far.
2059 A basic connection:
2061 C:
2062
2071
2080 [ ... channel encryption ... ]
2082 [ ... authentication ... ]
2084 [ ... resource binding ... ]
2086 C:
2089 Art thou not Romeo, and a Montague?
2090
2092 S:
2095 Neither, fair saint, if either thee dislike.
2096
2098 C:
2100 S:
2101 A connection gone bad:
2103 C:
2104
2112 S:
2113
2122 [ ... channel encryption ... ]
2124 [ ... authentication ... ]
2126 [ ... resource binding ... ]
2128 C:
2131 No closing body tag!
2132
2134 S:
2135
2137
2138
2140 More detailed examples are provided under Section 10.
2142 6. STARTTLS Negotiation
2143 6.1. Overview
2145 XMPP includes a method for securing the stream from tampering and
2146 eavesdropping. This channel encryption method makes use of the
2147 Transport Layer Security [TLS] protocol, specifically a "STARTTLS"
2148 extension that is modelled after similar extensions for the [IMAP],
2149 [POP3], and [ACAP] protocols as described in [USINGTLS]. The XML
2150 namespace name for the STARTTLS extension is
2151 'urn:ietf:params:xml:ns:xmpp-tls'.
2153 Support for STARTTLS is REQUIRED in XMPP client and server
2154 implementations. An administrator of a given deployment may require
2155 the use of TLS for client-to-server communication, server-to-server
2156 communication, or both. A deployed client should use TLS to secure
2157 its stream with a server prior to attempting the completion of SASL
2158 negotiation (Section 7), and deployed servers should use TLS between
2159 two domains for the purpose of securing server-to-server
2160 communication.
2162 6.2. Rules
2164 6.2.1. Data Formatting
2166 The entities MUST NOT send any white space characters (matching
2167 production [3] content of [XML]) within the root stream element as
2168 separators between elements (any white space characters shown in the
2169 STARTTLS examples provided in this document are included only for the
2170 sake of readability); this prohibition helps to ensure proper
2171 security layer byte precision.
2173 6.2.2. Order of Negotiation
2175 If the initiating entity chooses to use TLS, STARTTLS negotiation
2176 MUST be completed before proceeding to SASL negotiation (Section 7);
2177 this order of negotiation is required to help safeguard
2178 authentication information sent during SASL negotiation, as well as
2179 to make it possible to base the use of the SASL EXTERNAL mechanism on
2180 a certificate (or other credentials) provided during prior TLS
2181 negotiation.
2183 6.3. Process
2185 6.3.1. Exchange of Stream Headers and Stream Features
2187 The initiating entity resolves the hostname of the receiving entity
2188 as specified under Section 4, opens a TCP connection to the
2189 advertised port at the resolved IP address, and sends an initial
2190 stream header to the receiving entity; if the initiating entity is
2191 capable of STARTTLS negotiation, it MUST include the 'version'
2192 attribute set to a value of at least "1.0" in the initial stream
2193 header.
2195 I:
2203 The receiving entity MUST send a response stream header to the
2204 initiating entity over the TCP connection opened by the initiating
2205 entity; if the receiving entity is capable of STARTTLS negotiation,
2206 it MUST include the 'version' attribute set to a value of at least
2207 "1.0" in the response stream header.
2209 R: element (qualified by the
2220 'urn:ietf:params:xml:ns:xmpp-tls' namespace) to indicate that the
2221 receiving entity supports STARTTLS negotiation.
2223 R:
2224
2225
2227 If the receiving entity requires the use of STARTTLS, it SHOULD
2228 include an empty element as a child of the
2229 element.
2231 R:
2232
2233
2234
2235
2237 6.3.2. Initiation of STARTTLS Negotiation
2239 6.3.2.1. STARTTLS Command
2241 In order to begin the STARTTLS negotiation, the initiating entity
2242 issues the STARTTLS command (i.e., a element qualified by
2243 the 'urn:ietf:params:xml:ns:xmpp-tls' namespace) to instruct the
2244 receiving entity that it wishes to begin a STARTTLS negotiation to
2245 secure the stream.
2247 I:
2249 The receiving entity MUST reply with either a element
2250 (proceed case) or a element (failure case) qualified by
2251 the 'urn:ietf:params:xml:ns:xmpp-tls' namespace.
2253 6.3.2.2. Failure Case
2255 If the failure case occurs, the receiving entity MUST return a
2256 element qualified by the 'urn:ietf:params:xml:ns:xmpp-tls'
2257 namespace, terminate the XML stream, and terminate the underlying TCP
2258 connection. Causes for the failure case include but are not limited
2259 to:
2261 1. The initiating entity has sent a malformed STARTTLS command.
2262 2. The receiving entity does not offer STARTTLS negotiation either
2263 temporarily or permanently.
2264 3. The receiving entity cannot complete STARTTLS negotiation because
2265 of an internal error.
2267 R:
2269 R:
2271 If the failure case occurs, the initiating entity MAY attempt to
2272 reconnect as explained under Section 5.7.
2274 6.3.2.3. Proceed Case
2276 If the proceed case occurs, the receiving entity MUST return a
2277 element qualified by the 'urn:ietf:params:xml:ns:xmpp-tls'
2278 namespace.
2280 R:
2282 The receiving entity MUST consider the TLS negotiation to have begun
2283 immediately after sending the closing '>' character of the
2284 element to the initiating entity. The initiating entity MUST
2285 consider the TLS negotiation to have begun immediately after
2286 receiving the closing '>' character of the element from
2287 the receiving entity.
2289 The entities now proceed to TLS negotiation as explained in the next
2290 section.
2292 6.3.3. TLS Negotiation
2294 6.3.3.1. Rules
2296 In order to complete TLS negotiation over the TCP connection, the
2297 entities MUST follow the process defined in [TLS].
2299 The following rules apply:
2301 1. The entities MUST NOT send any further XML data until the TLS
2302 negotiation has either failed or succeeded.
2303 2. If the receiving entity presents a certificate during TLS
2304 negotiation, the initiating entity MUST validate the certificate
2305 in order to determine if the TLS negotiation shall succeed (see
2306 Section 15.2 regarding certificate validation procedures).
2307 Specifically, the certificate MUST be checked against the
2308 hostname as provided by the initiating entity (e.g., a user), not
2309 the hostname as resolved via the Domain Name System; e.g., if the
2310 user specifies a hostname of "example.net" but a [DNS-SRV] lookup
2311 returns "xmpp.example.net", the certificate MUST be checked as
2312 "example.net". See Section 6.4 for information about the
2313 representation of XMPP addresses in certificates.
2315 Note: See Section 15.7 regarding ciphers that MUST be supported for
2316 TLS; naturally, other ciphers MAY be supported as well.
2318 6.3.3.2. TLS Failure
2320 If the TLS negotiation results in failure, the receiving entity MUST
2321 terminate the TCP connection.
2323 The receiving entity MUST NOT send a closing tag before
2324 terminating the TCP connection, since the receiving entity and
2325 initiating entity MUST consider the original stream to be closed upon
2326 failure of the TLS negotiation.
2328 6.3.3.3. TLS Success
2330 If the TLS negotiation is successful, then the entities MUST proceed
2331 as follows.
2333 1. The receiving entity MUST discard any knowledge obtained in an
2334 insecure manner from the initiating entity before TLS took
2335 effect.
2336 2. The initiating entity MUST discard any knowledge obtained in an
2337 insecure manner from the receiving entity before TLS took effect.
2338 3. The initiating entity MUST send a new initial stream header to
2339 the receiving entity over the secured TCP connection.
2341 I:
2349 Note: The initiating entity MUST NOT send a closing tag
2350 before sending the initial stream header, since the receiving
2351 entity and initiating entity MUST consider the original stream to
2352 be closed upon success of the TLS negotiation.
2353 4. The receiving entity MUST respond with a response stream header.
2355 R:
2370
2371 EXTERNAL
2372 DIGEST-MD5
2373 PLAIN
2374
2375
2376
2378 6.4. Representation of JIDs in Certificates
2380 TLS negotiation is commonly based on a digital certificate presented
2381 by the receiving entity (or, in the case of mutual authentication,
2382 both the receiving entity and the initiating entity).
2384 6.4.1. Client Certificates
2386 In a certificate to be presented by an XMPP client, it is RECOMMENDED
2387 for the certificate to include one or more JIDs associated with an
2388 XMPP user. If included, a JID MUST be represented as a UTF8String
2389 within an otherName entity inside the subjectAltName, using the
2390 [ASN.1] Object Identifier "id-on-xmppAddr" specified under
2391 Section 6.4.3.
2393 6.4.2. Server Certificates
2395 In a certificate to be presented by an XMPP server, it is RECOMMENDED
2396 for the certificate to include one or more JIDs associated with
2397 domains serviced at the server. If included, the following
2398 representation is RECOMMENDED:
2400 1. A JID MUST be represented as a subjectAltName extension of type
2401 dNSName. This dNSName MAY contain the wildcard character '*',
2402 which applies only to the left-most domain name component or
2403 component fragment and is considered to match any single
2404 component or component fragment (e.g., *.example.com matches
2405 foo.example.com but not bar.foo.example.com, and im*.example.net
2406 matches im1.example.net and im2.example.net but not
2407 chat.example.net).
2408 2. A JID SHOULD be represented as a UTF8String within an otherName
2409 entity inside the subjectAltName, using the [ASN.1] Object
2410 Identifier "id-on-xmppAddr" specified under Section 6.4.3.
2412 6.4.3. ASN.1 Object Identifier
2414 The [ASN.1] Object Identifier "id-on-xmppAddr" is defined as follows.
2416 id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
2417 dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
2419 id-on OBJECT IDENTIFIER ::= { id-pkix 8 } -- other name forms
2421 id-on-xmppAddr OBJECT IDENTIFIER ::= { id-on 5 }
2423 XmppAddr ::= UTF8String
2425 As an alternative to the "id-on-xmppAddr" notation, this Object
2426 Identifier MAY be represented in dotted display format (i.e.,
2427 "1.3.6.1.5.5.7.8.5") or in the Uniform Resource Name notation
2428 specified in [URN-OID] (i.e., "urn:oid:1.3.6.1.5.5.7.8.5").
2430 Thus for example the JID "juliet@example.com" as included in a
2431 certificate could be formatted in any of the following three ways:
2433 id-on-xmppAddr:
2434 subjectAltName=otherName:id-on-xmppAddr;UTF8:juliet@example.com
2435 dotted display format:
2436 subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:juliet@example.com
2437 URN notation: subjectAltName=otherName:urn:oid:
2438 1.3.6.1.5.5.7.8.5;UTF8:juliet@example.com
2440 7. SASL Negotiation
2442 7.1. Overview
2444 XMPP includes a method for authenticating a stream by means of an
2445 XMPP-specific profile of the Simple Authentication and Security Layer
2446 protocol (see [SASL]). SASL provides a generalized method for adding
2447 authentication support to connection-based protocols, and XMPP uses
2448 an XML namespace profile of SASL that conforms to the profiling
2449 requirements of [SASL].
2451 Support for SASL negotiation is REQUIRED in XMPP client and server
2452 implementations.
2454 7.2. Rules
2456 7.2.1. Data Formatting
2458 The following formatting rules apply to the data sent during SASL
2459 negotiation:
2461 1. The entities MUST NOT send any white space characters (matching
2462 production [3] content of [XML]) within the root stream element
2463 as separators between elements (any white space characters shown
2464 in the SASL examples provided in this document are included for
2465 the sake of readability only); this prohibition helps to ensure
2466 proper security layer byte precision.
2467 2. Any XML character data contained within the XML elements MUST be
2468 encoded using base64, where the encoding adheres to the
2469 definition in Section 4 of [BASE64] and where the padding bits
2470 are set to zero.
2472 7.2.2. Security Layers
2474 Upon successful SASL negotiation that involves negotiation of a
2475 security layer, the initiating entity MUST discard any knowledge
2476 obtained from the receiving entity that was not obtained via the SASL
2477 negotiation.
2479 Upon successful SASL negotiation that involves negotiation of a
2480 security layer, the receiving entity MUST discard any knowledge
2481 obtained from the initiating entity that was not obtained via the
2482 SASL negotiation. The receiving entity SHOULD also include an
2483 updated list of SASL mechanisms with the stream features so that the
2484 initiating entity is able to detect any changes to the list of
2485 mechanisms supported by the receiving entity.
2487 7.2.3. Simple Usernames
2489 Provision of a "simple username" may be supported by the selected
2490 SASL mechanism (e.g., this is supported by the DIGEST-MD5 and CRAM-
2491 MD5 mechanisms but not by the EXTERNAL and GSSAPI mechanisms). The
2492 simple username provided during authentication SHOULD be as follows:
2494 Client-to-server communication: The initiating entity's registered
2495 account name, i.e., user name or node name as contained in an XMPP
2496 node identifier. The simple username MUST adhere to the Nodeprep
2497 (Appendix A) profile of [STRINGPREP].
2498 Server-to-server communication: The initiating entity's sending
2499 domain, i.e., IP address or fully qualified domain name as
2500 contained in an XMPP domain identifier. The simple username MUST
2501 adhere to the [NAMEPREP] profile of [STRINGPREP].
2503 7.2.4. Authorization Identities
2505 If the initiating entity wishes to act on behalf of another entity
2506 and the selected SASL mechanism supports transmission of an
2507 authorization identity, the initiating entity MUST provide an
2508 authorization identity during SASL negotiation. If the initiating
2509 entity does not wish to act on behalf of another entity, it MUST NOT
2510 provide an authorization identity. As specified in [SASL], the
2511 initiating entity MUST NOT provide an authorization identity unless
2512 the authorization identity is different from the default
2513 authorization identity derived from the authentication identity. If
2514 provided, the value of the authorization identity MUST be of the form
2515 (i.e., an XMPP domain identifier only) for servers and of
2516 the form (i.e., node identifier and domain identifier)
2517 for clients.
2519 7.3. Process
2521 The process for SASL negotiation is as follows.
2523 7.3.1. Exchange of Stream Headers and Stream Features
2525 If SASL negotiation follows successful STARTTLS negotation
2526 (Section 6), then the SASL negotiation occurs over the existing
2527 stream. If not, the initiating entity resolves the hostname of the
2528 receiving entity as specified under Section 4, opens a TCP connection
2529 to the advertised port at the resolved IP address, and sends an
2530 initial stream header to the receiving entity; if the initiating
2531 entity is capable of STARTTLS negotiation, it MUST include the
2532 'version' attribute set to a value of at least "1.0" in the initial
2533 stream header.
2535 I:
2543 The receiving entity MUST send a response stream header to the
2544 initiating entity; if the receiving entity is capable of SASL
2545 negotiation, it MUST include the 'version' attribute set to a value
2546 of at least "1.0" in the response stream header.
2548 R: element (qualified by the
2560 'urn:ietf:params:xml:ns:xmpp-sasl' namespace) that contains one
2561 child element for each authentication mechanism the
2562 receiving entity offers to the initiating entity. The order of
2563 elements in the XML indicates the preference order of
2564 the SASL mechanisms according to the receiving entity.
2566 R:
2567
2568 EXTERNAL
2569 DIGEST-MD5
2570 PLAIN
2571
2572
2574 Note: If the initiating entity presents a valid certificate during
2575 prior TLS negotiation, the receiving entity SHOULD offer the SASL
2576 EXTERNAL mechanism to the initiating entity during SASL negotiation
2577 (refer to [SASL]) and SHOULD prefer that mechanism. However, the
2578 EXTERNAL mechanism MAY be offered under other circumstances as well.
2580 Note: If TLS negotiation (Section 6) needs to be completed before a
2581 particular authentication mechanism may be used, the receiving entity
2582 MUST NOT provide that mechanism in the list of available SASL
2583 authentication mechanisms prior to TLS negotiation.
2585 Note: See Section 15.7 regarding mechanisms that MUST be supported;
2586 naturally, other SASL mechanisms MAY be supported as well (best
2587 practices for the use of several SASL mechanisms in the context of
2588 XMPP are described in [XEP-0175] and [XEP-0178]).
2590 If successful SASL negotiation is required for interaction with the
2591 receiving entity, the receiving entity SHOULD signal that fact by
2592 including a element as a child of the
2593 element.
2595 R:
2596
2597 EXTERNAL
2598 DIGEST-MD5
2599 PLAIN
2600
2601
2602
2604 Note: As formally specified in the XML schema for the
2605 'urn:ietf:params:xml:ns:xmpp-sasl' namespace, the receiving entity
2606 MAY include an application-specific child element inside the
2607 element in order to provide information that may be
2608 needed by the initiating in order to complete successful SASL
2609 negotiation using one or more of the offered mechanisms; however, the
2610 syntax and semantics of any such element are out of scope for this
2611 specification.
2613 7.3.2. Initiation
2615 In order to begin the SASL negotiation, the initiating entity sends
2616 an element qualified by the
2617 'urn:ietf:params:xml:ns:xmpp-sasl' namespace and includes an
2618 appropriate value for the 'mechanism' attribute. This element MAY
2619 contain XML character data (in SASL terminology, the "initial
2620 response") if the mechanism supports or requires it; if the
2621 initiating entity needs to send a zero-length initial response, it
2622 MUST transmit the response as a single equals sign character ("="),
2623 which indicates that the response is present but contains no data.
2625 I: =
2628 7.3.3. Challenge-Response Sequence
2630 If necessary, the receiving entity challenges the initiating entity
2631 by sending a element qualified by the
2632 'urn:ietf:params:xml:ns:xmpp-sasl' namespace; this element MAY
2633 contain XML character data (which MUST be generated in accordance
2634 with the definition of the SASL mechanism chosen by the initiating
2635 entity).
2637 R:
2638 cmVhbG09ImV4YW1wbGUuY29tIixub25jZT0iT0E2TUc5dEVRR20yaGgiLHFvcD0i
2639 YXV0aCIsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3MK
2640
2642 The decoded challenge is:
2644 realm="example.com",nonce="OA6MG9tEQGm2hh",
2645 qop="auth",charset=utf-8,algorithm=md5-sess
2647 Note: If the receiving entity does not specify a 'realm' value, the
2648 initiating entity MUST default it to the domain identifier portion of
2649 the receiving entity's JID.
2651 The initiating entity responds to the challenge by sending a
2652 element qualified by the
2653 'urn:ietf:params:xml:ns:xmpp-sasl' namespace; this element MAY
2654 contain XML character data (which MUST be generated in accordance
2655 with the definition of the SASL mechanism chosen by the initiating
2656 entity).
2658 I:
2659 dXNlcm5hbWU9Imp1bGlldCIscmVhbG09ImV4YW1wbGUuY29tIixub25jZT0iT0E2
2660 TUc5dEVRR20yaGgiLGNub25jZT0iT0E2TUhYaDZWcVRyUmsiLG5jPTAwMDAwMDAx
2661 LHFvcD1hdXRoLGRpZ2VzdC11cmk9InhtcHAvZXhhbXBsZS5jb20iLHJlc3BvbnNl
2662 PWQzODhkYWQ5MGQ0YmJkNzYwYTE1MjMyMWYyMTQzYWY3LGNoYXJzZXQ9dXRmLTgK
2663
2665 The decoded response is:
2667 username="juliet",realm="example.com",
2668 nonce="OA6MG9tEQGm2hh",cnonce="OA6MHXh6VqTrRk",
2669 nc=00000001,qop=auth,digest-uri="xmpp/example.com",
2670 response=d388dad90d4bbd760a152321f2143af7,charset=utf-8
2672 If necessary, the receiving entity sends more challenges and the
2673 initiating entity sends more responses.
2675 This series of challenge/response pairs continues until one of three
2676 things happens:
2678 o The initiating entity aborts the handshake.
2679 o The receiving entity reports failure of the handshake.
2680 o The receiving entity reports success of the handshake.
2682 These scenarios are described in the following sections.
2684 7.3.4. Abort
2686 The initiating entity aborts the handshake by sending an
2687 element qualified by the 'urn:ietf:params:xml:ns:xmpp-sasl'
2688 namespace.
2690 I:
2692 Upon receiving an element, the receiving entity MUST return
2693 an element qualified by the
2694 'urn:ietf:params:xml:ns:xmpp-sasl' namespace.
2696 R:
2698 The receiving entity SHOULD allow a configurable but reasonable
2699 number of retries (at least 2 and no more than 5); this enables the
2700 initiating entity (e.g., an end-user client) to tolerate incorrectly-
2701 provided credentials (e.g., a mistyped password) without being forced
2702 to reconnect.
2704 If the initiating entity exceeds the number of retries, the receiving
2705 entity MUST return a stream error (which SHOULD be ) and terminate the TCP connection.
2708 7.3.5. Failure
2710 The receiving entity reports failure of the handshake by sending a
2711 element qualified by the
2712 'urn:ietf:params:xml:ns:xmpp-sasl' namespace (the particular cause of
2713 failure SHOULD be communicated in an appropriate child element of the
2714 element as defined under Section 7.5).
2716 R:
2717
2718
2720 If the failure case occurs, the receiving entity SHOULD allow a
2721 configurable but reasonable number of retries (at least 2 and no more
2722 than 5); this enables the initiating entity (e.g., an end-user
2723 client) to tolerate incorrectly-provided credentials (e.g., a
2724 mistyped password) without being forced to reconnect.
2726 If the initiating entity exceeds the number of retries, the receiving
2727 entity MUST return a stream error (which SHOULD be ) and terminate the TCP connection.
2730 7.3.6. Success
2732 The receiving entity reports success of the handshake by sending a
2733 element qualified by the
2734 'urn:ietf:params:xml:ns:xmpp-sasl' namespace; this element MAY
2735 contain XML character data (in SASL terminology, "additional data
2736 with success") if required by the chosen SASL mechanism; if the
2737 receiving entity needs to send additional data of zero length, it
2738 MUST transmit the data as a single equals sign character ("=").
2740 R:
2741 cnNwYXV0aD1lYTQwZjYwMzM1YzQyN2I1NTI3Yjg0ZGJhYmNkZmZmZAo=
2742
2744 The decoded value for subsequent authentication is:
2746 rspauth=ea40f60335c427b5527b84dbabcdfffd
2748 Upon receiving the element, the initiating entity MUST
2749 initiate a new stream over the existing TCP connection by sending an
2750 initial stream header to the receiving entity.
2752 I: tag
2761 before sending the initial stream header, since the receiving entity
2762 and initiating entity MUST consider the original stream to be closed
2763 upon sending or receiving the element.
2765 Upon receiving the initial stream header from the initiating entity,
2766 the receiving entity MUST respond by sending a response XML stream
2767 header to the initiating entity.
2769 R:
2778 The receiving entity MUST also send stream features, containing any
2779 further available features or containing no features (via an empty
2780 element); any such additional features not defined herein
2781 MUST be defined by the relevant extension to XMPP.
2783 R:
2784
2785
2786
2787
2789 7.4. SASL Definition
2791 The profiling requirements of [SASL] require that the following
2792 information be supplied by a protocol definition:
2794 service name: "xmpp"
2795 initiation sequence: After the initiating entity provides an opening
2796 XML stream header and the receiving entity replies in kind, the
2797 receiving entity provides a list of acceptable authentication
2798 methods. The initiating entity chooses one method from the list
2799 and sends it to the receiving entity as the value of the
2800 'mechanism' attribute possessed by an element, optionally
2801 including an initial response to avoid a round trip.
2802 exchange sequence: Challenges and responses are carried through the
2803 exchange of elements from receiving entity to
2804 initiating entity and elements from initiating entity
2805 to receiving entity. The receiving entity reports failure by
2806 sending a element and success by sending a
2807 element; the initiating entity aborts the exchange by sending an
2808 element. Upon successful negotiation, both sides
2809 consider the original XML stream to be closed and new stream
2810 headers are sent by both entities.
2811 security layer negotiation: The security layer takes effect
2812 immediately after sending the closing '>' character of the
2813 element for the receiving entity, and immediately after
2814 receiving the closing '>' character of the element for
2815 the initiating entity. The order of layers is first [TCP], then
2816 [TLS], then [SASL], then XMPP.
2817 use of the authorization identity: The authorization identity may be
2818 used in XMPP to denote the non-default of a client
2819 or the sending of a server; an empty string is equivalent
2820 to an absent authorization identity.
2822 7.5. SASL Errors
2824 The following SASL-related error conditions are defined.
2826 7.5.1. aborted
2828 The receiving entity acknowledges an element sent by the
2829 initiating entity; sent in reply to the element.
2831 I:
2833 R:
2834
2835
2837 7.5.2. incorrect-encoding
2839 The data provided by the initiating entity could not be processed
2840 because the [BASE64] encoding is incorrect (e.g., because the
2841 encoding does not adhere to the definition in Section 4 of [BASE64]);
2842 sent in reply to a element or an element with
2843 initial response data.
2845 I: [ ... ]
2848 R:
2849
2850
2852 7.5.3. invalid-authzid
2854 The authzid provided by the initiating entity is invalid, either
2855 because it is incorrectly formatted or because the initiating entity
2856 does not have permissions to authorize that ID; sent in reply to a
2857 element or an element with initial response data.
2859 I:
2860 [ ... ]
2861
2863 R:
2864
2865
2867 7.5.4. invalid-mechanism
2869 The initiating entity did not provide a mechanism or requested a
2870 mechanism that is not supported by the receiving entity; sent in
2871 reply to an element.
2873 I:
2876 R:
2877
2878
2880 7.5.5. malformed-request
2882 The request is malformed (e.g., the element includes an
2883 initial response but the mechanism does not allow that); sent in
2884 reply to an , , , or element.
2886 I: [ ... ]
2889 R:
2890
2891
2893 7.5.6. mechanism-too-weak
2895 The mechanism requested by the initiating entity is weaker than
2896 server policy permits for that initiating entity; sent in reply to an
2897 element (with or without initial response data) or a
2898 element.
2900 I:
2903 R:
2904
2905
2907 7.5.7. not-authorized
2909 The authentication failed because the initiating entity did not
2910 provide proper credentials; sent in reply to a element or
2911 an element with initial response data.
2913 I:
2914 [ ... ]
2915
2917 R:
2918
2919
2921 Note: This error condition includes but is not limited to the case of
2922 incorrect credentials or an unknown username. In order to discourage
2923 directory harvest attacks, no differentiation is made between
2924 incorrect credentials and an unknown username.
2926 7.5.8. temporary-auth-failure
2928 The authentication failed because of a temporary error condition
2929 within the receiving entity, and the initiating entity should try
2930 again later; sent in reply to an element or a
2931 element.
2933 I:
2934 [ ... ]
2935
2937 R:
2938
2939
2941 8. Resource Binding
2943 8.1. Overview
2945 After a client authenticates with a server, it MUST bind a specific
2946 resource to the stream so that the server can properly address the
2947 client (see Section 3). That is, there MUST be an XMPP resource
2948 identifier associated with the bare JID () of the
2949 client, with the result that the address for use over that stream is
2950 a full JID of the form . This ensures that the
2951 server can deliver XML stanzas to and receive XML stanzas from the
2952 client (see Section 11). After binding a resource to the stream, the
2953 client is referred to as a connected resource.
2955 If, before completing the resource binding step, the client attempts
2956 to send an outbound XML stanza (i.e., a stanza not directed to the
2957 server itself or to the client's own account), the server MUST NOT
2958 process the stanza and SHOULD return a stream error
2959 to the client.
2961 Support for resource binding is REQUIRED in XMPP client and server
2962 implementations.
2964 8.2. Advertising Support
2966 Upon sending a response stream header to the client after successful
2967 SASL negotiation, the server MUST include a element qualified
2968 by the 'urn:ietf:params:xml:ns:xmpp-bind' namespace in the stream
2969 features it presents to the client; this element SHOULD
2970 include an empty element to explicitly indicate that
2971 resource binding must be completed at this stage of the stream
2972 negotiation process. (Note: The server SHOULD NOT include the
2973 resource binding stream feature until after successful SASL
2974 negotiation.)
2976 S:
2985 S:
2986
2987
2988
2990
2992 Upon being so informed that resource binding is required, the client
2993 MUST bind a resource to the stream as described in the following
2994 sections.
2996 8.3. Server-Generated Resource Identifier
2998 A server that supports resource binding MUST be able to generate an
2999 XMPP resource identifier on behalf of a client. The resource
3000 identifier generated by the server MUST at a minimum be unique among
3001 the connected resources for that and SHOULD be random
3002 since the resource identifier may be security-critical. It is
3003 RECOMMENDED that the server-generated resource identifier be a
3004 Universally Unique Identifier (UUID), for which the format specified
3005 in [UUID] is RECOMMENDED.
3007 It is RECOMMENDED for the client to ask its server to generate an
3008 appropriate resource identifier on its behalf, rather than generating
3009 a resource on its own and requesting that the server accept the
3010 client-generated resource identifer.
3012 8.3.1. Success Case
3014 A client requests a server-generated resource identifier by sending
3015 an IQ stanza of type "set" (see Section 9.2.3) containing an empty
3016 element qualified by the 'urn:ietf:params:xml:ns:xmpp-bind'
3017 namespace.
3019 C:
3020
3021
3023 Once the server has generated an XMPP resource identifier for the
3024 client, it MUST return an IQ stanza of type "result" to the client,
3025 which MUST include a child element that specifies the full JID
3026 for the connected resource as determined by the server.
3028 S:
3029
3030
3031 juliet@example.com/4db06f06-1ea4-11dc-aca3-000bcd821bfb
3032
3033
3034
3036 8.3.2. Error Case
3038 It is possible that the client is not allowed to bind a resource to
3039 the stream (e.g., because the node or user has reached a limit on the
3040 number of connected resources allowed). In this case, the server
3041 MUST return a stanza error to the client.
3043 S:
3044
3045
3046
3047
3049 8.4. Client-Generated Resource Identifier
3051 A client MAY attempt to specify the resource identifier on its own
3052 rather than asking the server to generate a resource identifier on
3053 its behalf.
3055 8.4.1. Success Case
3057 A client asks its server to accept a client-generated resource
3058 identifier by sending an IQ stanza of type "set" containing a
3059 element with a child element containing non-zero-length
3060 XML character data.
3062 C:
3063
3064 balcony
3065
3066
3068 The server MAY accept the resource identifier provided by the client,
3069 in which case it returns an IQ stanza of type "result" to the client,
3070 including a child element that specifies the full JID for the
3071 connected resource.
3073 S:
3074
3075 juliet@example.com/balcony
3076
3077
3079 However, the server MAY instead override the client-generated
3080 resource identifier and generate a resource identifier on behalf of
3081 the client, as shown in the previous section.
3083 8.4.2. Error Cases
3085 When a client attempts to set its own XMPP resource identifier during
3086 resource binding, the following stanza error conditions are possible:
3088 o The client is not allowed to bind a resource to the stream (e.g.,
3089 because the node or user has reached a limit on the number of
3090 connected resources allowed).
3091 o The provided resource identifier cannot be processed by the
3092 server, e.g. because it is not in accordance with the Resourceprep
3093 (Appendix B) profile of [STRINGPREP]).
3094 o The provided resource identifier is already in use but the server
3095 does not allow binding of multiple connected resources with the
3096 same identifier.
3098 8.4.2.1. Not Allowed
3100 If the client is not allowed to bind a resource to the stream, the
3101 server MUST return a error.
3103 S:
3104
3105
3106
3107
3109 8.4.2.2. Bad Request
3111 If the provided resource identifier cannot be processed by the
3112 server, the server MAY return a error (but SHOULD
3113 instead apply the Resourceprep (Appendix B) profile of [STRINGPREP]
3114 or otherwise process the resource identifier so that it is in
3115 conformance).
3117 S:
3118
3119
3120
3121
3123 8.4.2.3. Conflict
3125 If there is already a connected resource of the same name, the server
3126 MUST do one of the following:
3128 1. Not accept the resource identifier provided by the client but
3129 instead override it with an XMPP resource identifier that the
3130 server generates.
3132 2. Terminate the current resource and allow the newly-requested
3133 resource.
3134 3. Disallow the newly-requested resource and maintain the current
3135 resource.
3137 Which of these the server does is up to the implementation, although
3138 it is RECOMMENDED to implement case #1.
3140 In case #2, the server MUST send a stream error to the
3141 current resource, terminate the XML stream and underlying TCP
3142 connection for the current resource, and return an IQ stanza of type
3143 "result" (indicating success) to the newly-requested resource.
3145 In case #3, the server MUST send a stanza error to the
3146 newly-requested resource but maintain the XML stream for that
3147 connection so that the newly-requested resource has an opportunity to
3148 negotiate a non-conflicting resource identifier before sending
3149 another request for resource binding.
3151 8.5. Binding Multiple Resources
3153 A server MAY support binding of multiple resources to the same
3154 stream. This functionality is desirable in certain environments
3155 (e.g., for devices that are unable to open more than one TCP
3156 connection or when a machine runs a local XMPP client daemon that is
3157 used by multiple applications).
3159 8.5.1. Support
3161 If a server supports binding of multiple resources to a stream, it
3162 MUST enable a client to unbind resources. A server that supports
3163 unbinding MUST also support binding of multiple resources. Thus a
3164 client can discover whether a server supports binding of multiple
3165 resources by determining if the server advertises a stream feature of
3166 , as follows.
3168 S:
3169
3170
3171
3172
3173
3175 8.5.2. Binding an Additional Resource
3177 A connected client binds an additional resource by following the
3178 protocol for binding of the original resource, i.e., by sending an IQ
3179 stanza of type "set" containing a element qualified by the
3180 'urn:ietf:params:xml:ns:xmpp-bind' namespace (either empty to request
3181 server generation of the resource identifier or containing a
3182 element with XML character data to request client
3183 generation of the resource identifier).
3185 8.5.3. Unbinding a Resource
3187 8.5.3.1. Success Case
3189 A client unbinds a resource by sending an IQ stanza of type "set"
3190 containing an element qualified by the
3191 'urn:ietf:params:xml:ns:xmpp-bind' namespace, which in turn contains
3192 a child element of whose XML character data specifies the
3193 resource to be unbound:
3195 C:
3196
3197 someresource
3198
3199
3201 If no error occurs, the server MUST unbind the resource and no longer
3202 accept stanzas whose 'from' address specifies the full JID associated
3203 with that resource.
3205 S:
3207 When a client unbinds the only resource associated with the stream,
3208 the server SHOULD close the stream and terminate the TCP connection.
3210 S:
3212 S:
3214 8.5.3.2. Error Cases
3216 8.5.3.2.1. Unbind Not Supported
3218 If the server does not understand the element, it MUST
3219 return a stanza error, which SHOULD be or .
3222 S:
3223
3224
3225
3226
3228 8.5.3.2.2. No Such Resource
3230 If there is no such resource for that stream, the server MUST return
3231 an error of .
3233 S:
3234
3235
3236
3237
3239 8.5.4. From Addresses
3241 When a client binds multiple resources to the same stream, proper
3242 management of 'from' addresses is imperative. In particular, a
3243 client MUST specify a 'from' address on every stanza it sends over a
3244 stream to which it has bound multiple resources, where the 'from'
3245 address is the full JID () associated with
3246 the relevant resource. If a client does not specify a 'from' address
3247 on a stanza it sends over a stream to which it has bound multiple
3248 resources, the server MUST return the stanza to the client with an
3249 stanza error.
3251 C:
3252 Wherefore art thou?
3253
3255 S:
3257 Wherefore art thou?
3258
3259
3260
3261
3263 Naturally, the rules regarding validation of asserted 'from'
3264 addresses still apply (see Section 11).
3266 9. XML Stanzas
3268 After a client has connected to a server or two servers have
3269 connected to each other, either party can send XML stanzas over the
3270 negotiated stream. Three kinds of XML stanza are defined for the
3271 'jabber:client' and 'jabber:server' namespaces: ,
3272 , and . In addition, there are five common
3273 attributes for these stanza types. These common attributes, as well
3274 as the basic semantics of the three stanza types, are defined herein;
3275 more detailed information regarding the syntax of XML stanzas for
3276 instant messaging and presence applications is provided in [XMPP-IM],
3277 and for other applications in the relevant XMPP extension
3278 specifications.
3280 An XML stanza is the basic unit of meaning in XMPP. A server MUST
3281 NOT process a partial stanza and a server MUST NOT attach meaning to
3282 the transmission timing of any child element within a stanza.
3284 Support for the XML stanza syntax and semantics defined herein is
3285 REQUIRED in XMPP client and server implementations.
3287 9.1. Common Attributes
3289 The following five attributes are common to message, presence, and IQ
3290 stanzas.
3292 9.1.1. to
3294 The 'to' attribute specifies the JID of the intended recipient for
3295 the stanza.
3297
3298 Art thou not Romeo, and a Montague?
3299
3301 For information about server processing of inbound and outbound XML
3302 stanzas based on the nature of the 'to' address, refer to Section 11.
3304 9.1.1.1. Client-to-Server Streams
3306 The following rules apply to the 'to' attribute in the context of XML
3307 streams qualified by the 'jabber:client' namespace (i.e., client-to-
3308 server streams).
3310 1. A stanza with a specific intended recipient MUST possess a 'to'
3311 attribute.
3312 2. A stanza sent from a client to a server for direct processing by
3313 the server (e.g., presence sent to the server for broadcasting to
3314 other entities) SHOULD NOT possess a 'to' attribute.
3316 9.1.1.2. Server-to-Server Streams
3318 The following rules apply to the 'to' attribute in the context of XML
3319 streams qualified by the 'jabber:server' namespace (i.e., server-to-
3320 server streams).
3322 1. A stanza MUST possess a 'to' attribute; if a server receives a
3323 stanza that does not meet this restriction, it MUST generate an
3324 stream error and terminate both the XML
3325 stream and the underlying TCP connection with the offending
3326 server.
3328 9.1.2. from
3330 The 'from' attribute specifies the JID of the sender.
3332
3334 Art thou not Romeo, and a Montague?
3335
3337 9.1.2.1. Client-to-Server Streams
3339 The following rules apply to the 'from' attribute in the context of
3340 XML streams qualified by the 'jabber:client' namespace (i.e., client-
3341 to-server streams).
3343 1. When the server receives an XML stanza from a client and the
3344 stanza does not include a 'from' attribute, the server MUST add a
3345 'from' attribute to the stanza, where the value of the 'from'
3346 attribute is the full JID () determined by
3347 the server for the connected resource that generated the stanza
3348 (see Section 3.5), or the bare JID () in the case of
3349 subscription-related presence stanzas (see [XMPP-IM]); the only
3350 exception to this rule occurs when multiple resources are bound
3351 to the same stream as described under Section 8.5.
3352 2. When the server receives an XML stanza from a client and the
3353 stanza includes a 'from' attribute, the server MUST either (a)
3354 validate that the value of the 'from' attribute provided by the
3355 client is that of a connected resource for the associated entity
3356 or (b) override the provided 'from' attribute by adding a 'from'
3357 attribute as specified under Rule #1.
3358 3. When the server generates a stanza from the server for delivery
3359 to the client on behalf of the account of the connected client
3360 (e.g., in the context of data storage services provided by the
3361 server on behalf of the client), the stanza MUST either (a) not
3362 include a 'from' attribute or (b) include a 'from' attribute
3363 whose value is the account's bare JID ().
3364 4. When the server generates a stanza from the server itself for
3365 delivery to the client, the stanza MUST include a 'from'
3366 attribute whose value is the mere domain () of the
3367 server.
3369 5. A server MUST NOT send to the client a stanza without a 'from'
3370 attribute if the stanza was not generated by the server (e.g., if
3371 it was generated by another client or another server); therefore,
3372 when a client receives a stanza that does not include a 'from'
3373 attribute, it MUST assume that the stanza is from the server to
3374 which the client is connected.
3376 9.1.2.2. Server-to-Server Streams
3378 The following rules apply to the 'from' attribute in the context of
3379 XML streams qualified by the 'jabber:server' namespace (i.e., server-
3380 to-server streams).
3382 1. A stanza MUST possess a 'from' attribute; if a server receives a
3383 stanza that does not meet this restriction, it MUST generate an
3384 stream error and terminate the underlying
3385 TCP connection.
3386 2. The domain identifier portion of the JID contained in the 'from'
3387 attribute MUST match the hostname of the sending server (or any
3388 validated domain thereof) as communicated in the SASL negotiation
3389 (see Section 7), server dialback (see [XEP-0220], or similar
3390 means; if a server receives a stanza that does not meet this
3391 restriction, it MUST generate an stream error and
3392 terminate the underlying TCP connection.
3394 Enforcement of these rules helps to prevent a denial of service
3395 attack launched from a rogue server.
3397 9.1.3. id
3399 The 'id' attribute MAY be used by a sending entity for internal
3400 tracking of stanzas that it sends and receives (especially for
3401 tracking the request-response interaction inherent in the semantics
3402 of IQ stanzas). The value of the 'id' attribute MAY be unique
3403 globally, within a domain, or within a stream. The semantics of IQ
3404 stanzas impose additional restrictions; see Section 9.2.3.
3406 9.1.4. type
3408 The 'type' attribute specifies the purpose or context of the message,
3409 presence, or IQ stanza. The particular allowable values for the
3410 'type' attribute vary depending on whether the stanza is a message,
3411 presence, or IQ stanza. The defined values for message and presence
3412 stanzas are specific to instant messaging and presence applications
3413 and therefore are specified in [XMPP-IM], whereas the values for IQ
3414 stanzas specify the role of an IQ stanza in a structured request-
3415 response exchange and thus are specified under Section 9.2.3. The
3416 only 'type' value common to all three stanzas is "error"; see
3417 Section 9.3.
3419 9.1.5. xml:lang
3421 A stanza SHOULD possess an 'xml:lang' attribute (as defined in
3422 Section 2.12 of [XML]) if the stanza contains XML character data that
3423 is intended to be presented to a human user (as explained in
3424 [CHARSET], "internationalization is for humans"). The value of the
3425 'xml:lang' attribute specifies the default language of any such
3426 human-readable XML character data.
3428
3429 dnd
3430 Wooing Juliet
3431
3433 The value of the 'xml:lang' attribute MAY be overridden by the 'xml:
3434 lang' attribute of a specific child element.
3436
3437 dnd
3438 Wooing Juliet
3439 Dvořím se Julii
3440
3448 dnd
3449 Wooing Juliet
3450
3452 S:
3455 dnd
3456 Wooing Juliet
3457
3459 If an inbound stanza received received by a client or server does not
3460 possess an 'xml:lang' attribute, an implementation MUST assume that
3461 the default language is that specified for the stream as defined
3462 under Section 5.3.
3464 The value of the 'xml:lang' attribute MUST conform to the NMTOKEN
3465 datatype (as defined in Section 2.3 of [XML]) and MUST conform to the
3466 format defined in [LANGTAGS].
3468 A server MUST NOT modify or delete 'xml:lang' attributes on stanzas
3469 it receives from other entities.
3471 9.2. Basic Semantics
3473 9.2.1. Message Semantics
3475 The stanza can be seen as a "push" mechanism whereby one
3476 entity pushes information to another entity, similar to the
3477 communications that occur in a system such as email. All message
3478 stanzas SHOULD possess a 'to' attribute that specifies the intended
3479 recipient of the message; upon receiving such a stanza, a server
3480 SHOULD route or deliver it to the intended recipient (see Section 11
3481 for general routing and delivery rules related to XML stanzas).
3483 9.2.2. Presence Semantics
3485 The stanza can be seen as a specialized broadcast or
3486 "publish-subscribe" mechanism, whereby multiple entities receive
3487 information about an entity to which they have subscribed (in this
3488 case, network availability information). In general, a publishing
3489 entity (client) SHOULD send a presence stanza with no 'to' attribute,
3490 in which case the server to which the entity is connected SHOULD
3491 broadcast or multiplex that stanza to all subscribing entities.
3492 However, a publishing entity MAY also send a presence stanza with a
3493 'to' attribute, in which case the server SHOULD route or deliver that
3494 stanza to the intended recipient. See Section 11 for general routing
3495 and delivery rules related to XML stanzas, and [XMPP-IM] for rules
3496 specific to presence applications.
3498 9.2.3. IQ Semantics
3500 Info/Query, or IQ, is a request-response mechanism, similar in some
3501 ways to [HTTP]. The semantics of IQ enable an entity to make a
3502 request of, and receive a response from, another entity. The data
3503 content of the request and response is defined by the schema or other
3504 structural definition associated with the XML namespace that
3505 qualifies the direct child element of the IQ element (see
3506 Section 9.4), and the interaction is tracked by the requesting entity
3507 through use of the 'id' attribute. Thus, IQ interactions follow a
3508 common pattern of structured data exchange such as get/result or set/
3509 result (although an error may be returned in reply to a request if
3510 appropriate):
3512 Requesting Responding
3513 Entity Entity
3514 ---------- ----------
3515 | |
3516 | |
3517 | [ ... payload ... ] |
3518 | |
3519 | -------------------------> |
3520 | |
3521 | |
3522 | [ ... payload ... ] |
3523 | |
3524 | <------------------------- |
3525 | |
3526 | |
3527 | [ ... payload ... ] |
3528 | |
3529 | -------------------------> |
3530 | |
3531 | |
3532 | [ ... condition ... ] |
3533 | |
3534 | <------------------------- |
3535 | |
3537 In order to enforce these semantics, the following rules apply:
3539 1. The 'id' attribute is REQUIRED for IQ stanzas.
3540 2. The 'type' attribute is REQUIRED for IQ stanzas. The value MUST
3541 be one of the following:
3542 * get -- The stanza is a request for information or
3543 requirements.
3544 * set -- The stanza provides required data, sets new values, or
3545 replaces existing values.
3546 * result -- The stanza is a response to a successful get or set
3547 request.
3548 * error -- An error has occurred regarding processing or
3549 delivery of a previously-sent get or set request (see
3550 Section 9.3).
3551 3. An entity that receives an IQ request of type "get" or "set" MUST
3552 reply with an IQ response of type "result" or "error". The
3553 response MUST preserve the 'id' attribute of the request.
3554 4. An entity that receives a stanza of type "result" or "error" MUST
3555 NOT respond to the stanza by sending a further IQ response of
3556 type "result" or "error"; however, the requesting entity MAY send
3557 another request (e.g., an IQ of type "set" in order to provide
3558 required information discovered through a get/result pair).
3560 5. An IQ stanza of type "get" or "set" MUST contain one and only one
3561 child element, which specifies the semantics of the particular
3562 request.
3563 6. An IQ stanza of type "result" MUST include zero or one child
3564 elements.
3565 7. An IQ stanza of type "error" MAY include the child element
3566 contained in the associated "get" or "set" and MUST include an
3567 child; for details, see Section 9.3.
3569 9.3. Stanza Errors
3571 Stanza-related errors are handled in a manner similar to stream
3572 errors (Section 5.8). Unlike stream errors, stanza errors are
3573 recoverable; therefore they do not result in termination of the XML
3574 stream and underlying TCP connection. Instead, the entity that
3575 discovers the error condition returns an ERROR STANZA to the sender,
3576 i.e., a stanza of the same kind (message, presence, or IQ) whose
3577 'type' attribute is set to a value of "error" and which contains an
3578 child element that specifies the error condition. The
3579 specified error condition provides a hint regarding actions that the
3580 sender can take to remedy the error.
3582 9.3.1. Rules
3584 The following rules apply to stanza errors:
3586 1. The receiving or processing entity that detects an error
3587 condition in relation to a stanza SHOULD return an error stanza
3588 (and MUST do so for IQ stanzas).
3589 2. The entity that generates an error stanza MAY include the
3590 original XML sent so that the sender can inspect and, if
3591 necessary, correct the XML before attempting to resend.
3592 3. An error stanza MUST contain an child element.
3593 4. An child MUST NOT be included if the 'type' attribute
3594 has a value other than "error" (or if there is no 'type'
3595 attribute).
3596 5. An entity that receives an error stanza MUST NOT respond to the
3597 stanza with a further error stanza; this helps to prevent
3598 looping.
3600 9.3.2. Syntax
3602 The syntax for stanza-related errors is:
3604
3605 [OPTIONAL to include sender XML here]
3606
3607
3608 [
3610 OPTIONAL descriptive text
3611 ]
3612 [OPTIONAL application-specific condition element]
3613
3614
3616 The "stanza-kind" MUST be one of message, presence, or iq.
3618 The "error-type MUST be one of the following:
3620 o cancel -- do not retry (the error cannot be remedied)
3621 o continue -- proceed (the condition was only a warning)
3622 o modify -- retry after changing the data sent
3623 o auth -- retry after providing credentials
3624 o wait -- retry after waiting (the error is temporary)
3626 The element:
3628 o MUST contain a child element corresponding to one of the stanza
3629 error conditions defined under Section 9.3.3; this element MUST be
3630 qualified by the 'urn:ietf:params:xml:ns:xmpp-stanzas' namespace.
3631 o MAY contain a child element containing XML character data
3632 that describes the error in more detail; this element MUST be
3633 qualified by the 'urn:ietf:params:xml:ns:xmpp-stanzas' namespace
3634 and SHOULD possess an 'xml:lang' attribute specifying the natural
3635 language of the XML character data.
3636 o MAY contain a child element for an application-specific error
3637 condition; this element MUST be qualified by an application-
3638 specific namespace that defines the syntax and semantics of the
3639 element.
3641 Note: The element is OPTIONAL. If included, it SHOULD be
3642 used only to provide descriptive or diagnostic information that
3643 supplements the meaning of a defined condition or application-
3644 specific condition. It SHOULD NOT be interpreted programmatically by
3645 an application. It SHOULD NOT be used as the error message presented
3646 to a user, but MAY be shown in addition to the error message
3647 associated with the included condition element (or elements).
3649 9.3.3. Defined Conditions
3651 The following conditions are defined for use in stanza errors.
3653 9.3.3.1. bad-request
3655 The sender has sent a stanza containing XML that does not conform to
3656 the appropriate schema or that cannot be processed (e.g., an IQ
3657 stanza that includes an unrecognized value of the 'type' attribute);
3658 the associated error type SHOULD be "modify".
3660 C:
3664
3665
3667 S:
3671
3672
3673
3674
3676 9.3.3.2. conflict
3678 Access cannot be granted because an existing resource exists with the
3679 same name or address; the associated error type SHOULD be "cancel".
3681 C:
3682
3683 balcony
3684
3685
3687 S:
3688
3689
3690
3691
3693 9.3.3.3. feature-not-implemented
3695 The feature represented in the XML stanza is not implemented by the
3696 intended recipient or an intermediate server and therefore the stanza
3697 cannot be processed; the associated error type SHOULD be "cancel" or
3698 "modify".
3700 C:
3704
3705
3706
3707
3709 E:
3713
3714
3716
3719
3720
3722 9.3.3.4. forbidden
3724 The requesting entity does not possess the required permissions to
3725 perform the action; the associated error type SHOULD be "auth".
3727 C:
3730
3731
3733 E:
3737
3738
3739
3740
3742 9.3.3.5. gone
3744 The recipient or server can no longer be contacted at this address
3745 (the error stanza MAY contain a new address in the XML character data
3746 of the element); the associated error type SHOULD be "cancel"
3747 or "modify".
3749 C:
3752
3753
3755 E:
3759
3760
3761 conference.example.com
3762
3763
3764
3766 9.3.3.6. internal-server-error
3768 The server could not process the stanza because of a misconfiguration
3769 or an otherwise-undefined internal server error; the associated error
3770 type SHOULD be "wait" or "cancel".
3772 C:
3775
3776
3778 E:
3782
3783
3785
3786
3788 9.3.3.7. item-not-found
3790 The addressed JID or item requested cannot be found; the associated
3791 error type SHOULD be "cancel" or "modify".
3793 C:
3794
3795 someresource
3796
3797
3799 S:
3800
3801
3802
3803
3805 Note: An application MUST NOT return this error if doing so would
3806 provide information about the intended recipient's network
3807 availability to an entity that is not authorized to know such
3808 information; instead it SHOULD return a error.
3810 9.3.3.8. jid-malformed
3812 The sending entity has provided or communicated an XMPP address
3813 (e.g., a value of the 'to' attribute) or aspect thereof (e.g., an
3814 XMPP resource identifier) that does not adhere to the syntax defined
3815 under Section 3; the associated error type SHOULD be "modify".
3817 C:
3820
3821
3823 E:
3827
3828
3830
3831
3833 9.3.3.9. not-acceptable
3835 The recipient or server understands the request but is refusing to
3836 process it because it does not meet criteria defined by the recipient
3837 or server (e.g., a local policy regarding stanza size limits or
3838 acceptable words in messages); the associated error type SHOULD be
3839 "modify".
3841 C:
3842 [ ... the-emacs-manual ... ]
3843
3845 S:
3846
3847
3849
3850
3852 9.3.3.10. not-allowed
3854 The recipient or server does not allow any entity to perform the
3855 action (e.g., sending to entities at a blacklisted domain); the
3856 associated error type SHOULD be "cancel".
3858 C:
3861
3862
3864 E:
3867
3868
3869
3870
3872 9.3.3.11. not-authorized
3874 The sender must provide proper credentials before being allowed to
3875 perform the action, or has provided improper credentials; the
3876 associated error type SHOULD be "auth".
3878 C:
3881
3882
3884 E:
3887
3888
3889
3890
3892 9.3.3.12. not-modified
3894 The item requested has not changed since it was last requested; the
3895 associated error type SHOULD be "continue".
3897 C:
3900
3901
3902
3903 some-long-opaque-string
3904
3905
3906
3907
3909 S:
3912
3913
3914
3915 some-long-opaque-string
3916
3917
3918
3919
3920
3921
3922
3924 9.3.3.13. payment-required
3926 The requesting entity is not authorized to access the requested
3927 service because payment is required; the associated error type SHOULD
3928 be "auth".
3930 C:
3934
3935
3936
3937
3939 E:
3943
3944
3946
3947
3949 9.3.3.14. recipient-unavailable
3951 The intended recipient is temporarily unavailable; the associated
3952 error type SHOULD be "wait".
3954 C:
3957
3958
3960 E:
3963
3964
3966
3967
3969 Note: An application MUST NOT return this error if doing so would
3970 provide information about the intended recipient's network
3971 availability to an entity that is not authorized to know such
3972 information; instead it SHOULD return a error.
3974 9.3.3.15. redirect
3976 The recipient or server is redirecting requests for this information
3977 to another entity, typically in a temporary fashion; the associated
3978 error type SHOULD be "modify" and the error stanza SHOULD contain the
3979 alternate address (which SHOULD be a valid JID) in the XML character
3980 data of the element.
3982 C:
3985
3986
3988 E:
3992
3993
3994 characters@conference.example.org
3995
3996
3997
3999 9.3.3.16. registration-required
4001 The requesting entity is not authorized to access the requested
4002 service because prior registration is required; the associated error
4003 type SHOULD be "auth".
4005 C:
4008
4009
4011 E:
4014
4015
4017
4018
4020 9.3.3.17. remote-server-not-found
4022 A remote server or service specified as part or all of the JID of the
4023 intended recipient does not exist; the associated error type SHOULD
4024 be "cancel".
4026 C:
4029
4030
4032 E:
4035
4036
4038
4039
4041 9.3.3.18. remote-server-timeout
4043 A remote server or service specified as part or all of the JID of the
4044 intended recipient (or required to fulfill a request) could not be
4045 contacted within a reasonable amount of time; the associated error
4046 type SHOULD be "wait".
4048 C:
4051
4052
4054 E:
4057
4058
4060
4061
4063 9.3.3.19. resource-constraint
4065 The server or recipient lacks the system resources necessary to
4066 service the request; the associated error type SHOULD be "wait".
4068 C:
4072
4073
4074
4075
4077 E:
4081
4082
4084
4085
4087 9.3.3.20. service-unavailable
4089 The server or recipient does not currently provide the requested
4090 service; the associated error type SHOULD be "cancel".
4092 C:
4094 Hello?
4095
4097 S:
4099
4100
4102
4103
4105 An application SHOULD return a error instead
4106 of or if sending one of
4107 the latter errors would provide information about the intended
4108 recipient's network availability to an entity that is not authorized
4109 to know such information.
4111 9.3.3.21. subscription-required
4113 The requesting entity is not authorized to access the requested
4114 service because a prior subscription is required; the associated
4115 error type SHOULD be "auth".
4117 C: help
4121
4123 E:
4127
4128
4130
4131
4133 9.3.3.22. undefined-condition
4135 The error condition is not one of those defined by the other
4136 conditions in this list; any error type may be associated with this
4137 condition, and it SHOULD be used only in conjunction with an
4138 application-specific condition.
4140 C:
4144 My lord, dispatch; read o'er these articles.
4145
4146
4149
4151 S:
4155
4159
4162
4163
4164
4166
4167
4170
4171
4172
4174 9.3.3.23. unexpected-request
4176 The recipient or server understood the request but was not expecting
4177 it at this time (e.g., the request was out of order); the associated
4178 error type SHOULD be "wait" or "modify".
4180 C:
4184
4185
4188
4189
4191 E:
4195
4196
4198
4200
4201
4203 9.3.3.24. unknown-sender
4205 The stanza 'from' address specified by a connected client is not
4206 valid for the stream (e.g., the stanza does not include a 'from'
4207 address when multiple resources are bound to the stream as described
4208 under Section 8.5.4); the associated error type SHOULD be "modify".
4210 C:
4211 Wherefore art thou?
4212
4214 S:
4216 Wherefore art thou?
4217
4218
4219
4220
4222 9.3.4. Application-Specific Conditions
4224 As noted, an application MAY provide application-specific stanza
4225 error information by including a properly-namespaced child in the
4226 error element. The application-specific element SHOULD supplement or
4227 further qualify a defined element. Thus, the element will
4228 contain two or three child elements:
4230
4231
4232
4233
4234
4235
4237
4238
4239
4241
4243 [ ... application-specific information ... ]
4244
4245
4246
4247
4249 9.4. Extended Content
4251 While the message, presence, and IQ stanzas provide basic semantics
4252 for messaging, availability, and request-response interactions, XMPP
4253 uses XML namespaces (see [XML-NAMES] to extend the basic stanza
4254 syntax for the purpose of providing additional functionality. Thus a
4255 message or presence stanza MAY contain one or more optional child
4256 elements specifying content that extends the meaning of the message
4257 (e.g., an XHTML-formatted version of the message body as described in
4258 [XEP-0071]), and an IQ stanza of type "get" or "set" MUST contain one
4259 such child element. This child element MAY have any name and MUST
4260 possess a namespace declaration (other than "jabber:client", "jabber:
4261 server", or "http://etherx.jabber.org/streams") that defines all data
4262 contained within the child element. Such a child element is said to
4263 be EXTENDED CONTENT and its namespace name is said to be an EXTENDED
4264 NAMESPACE.
4266 Support for any given extended namespace is OPTIONAL on the part of
4267 any implementation. If an entity does not understand such a
4268 namespace, the entity's expected behavior depends on whether the
4269 entity is (1) the recipient or (2) an entity that is routing the
4270 stanza to the recipient.
4272 Recipient: If a recipient receives a stanza that contains a child
4273 element it does not understand, it SHOULD silently ignore that
4274 particular XML data, i.e., it SHOULD not process it or present it
4275 to a user or associated application (if any). In particular:
4276 * If an entity receives a message or presence stanza that
4277 contains XML data qualified by a namespace it does not
4278 understand, the portion of the stanza that qualified by the
4279 unknown namespace SHOULD be ignored.
4280 * If an entity receives a message stanza whose only child element
4281 is qualified by a namespace it does not understand, it MUST
4282 ignore the entire stanza.
4283 * If an entity receives an IQ stanza of type "get" or "set"
4284 containing a child element qualified by a namespace it does not
4285 understand, the entity SHOULD return an IQ stanza of type
4286 "error" with an error condition of .
4287 Router: If a routing entity (typically a server) handles a stanza
4288 that contains a child element it does not understand, it SHOULD
4289 ignore the associated XML data by routing or delivering it
4290 untouched to the recipient.
4292 10. Examples
4294 10.1. Client-to-Server
4296 The following examples show the XMPP data flow for a client
4297 negotiating an XML stream with a server, exchanging XML stanzas, and
4298 closing the negotiated stream. The server is "example.com", the
4299 server requires use of TLS, the client authenticates via the SASL
4300 DIGEST-MD5 mechanism as "juliet@example.com", and the client binds a
4301 server-generated resource to the stream. It is assumed that before
4302 sending the initial stream header, the client has already resolved an
4303 SRV record of _xmpp-client._tcp.example.com and has opened a TCP
4304 connection to the advertised port at the resolved IP address.
4306 Note: The alternate steps shown are provided only to illustrate the
4307 protocol for failure cases; they are not exhaustive and would not
4308 necessarily be triggered by the data sent in the examples.
4310 10.1.1. TLS
4312 Step 1: Client initiates stream to server:
4314 C:
4322 Step 2: Server responds by sending a response stream header to
4323 client:
4325 S:
4338
4339
4340
4341
4343 Step 4: Client sends STARTTLS command to server:
4345 C:
4347 Step 5: Server informs client that it is allowed to proceed:
4349 S:
4351 Step 5 (alt): Server informs client that TLS negotiation has failed
4352 and closes both XML stream and TCP connection:
4354 S:
4356 S:
4357 Step 6: Client and server attempt to complete TLS negotiation over
4358 the existing TCP connection (see [TLS] for details).
4360 Step 7: If TLS negotiation is successful, client initiates a new
4361 stream to server:
4363 C:
4371 Step 7 (alt): If TLS negotiation is unsuccessful, server closes TCP
4372 connection.
4374 10.1.2. SASL
4376 Step 8: Server responds by sending a stream header to client along
4377 with any available stream features:
4379 S:
4389
4390 DIGEST-MD5
4391 PLAIN
4392
4393
4394
4396 Step 9: Client selects an authentication mechanism, in this case
4397 [DIGEST-MD5] with an empty authorization identity ("="):
4399 C: =
4402 Step 10: Server sends a [BASE64] encoded challenge to client:
4404 S:
4405 cmVhbG09ImV4YW1wbGUuY29tIixub25jZT0iT0E2TUc5dEVRR20yaGgiLHFvcD0i
4406 YXV0aCIsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3MK
4407
4409 The decoded challenge is:
4411 realm="example.com",nonce="OA6MG9tEQGm2hh",
4412 qop="auth",charset=utf-8,algorithm=md5-sess
4414 Step 10 (alt): Server returns error to client:
4416 S:
4417
4418
4420 S:
4422 Step 11: Client sends a [BASE64] encoded response to the challenge:
4424 C:
4425 dXNlcm5hbWU9Imp1bGlldCIscmVhbG09ImV4YW1wbGUuY29tIixub25jZT0iT0E2
4426 TUc5dEVRR20yaGgiLGNub25jZT0iT0E2TUhYaDZWcVRyUmsiLG5jPTAwMDAwMDAx
4427 LHFvcD1hdXRoLGRpZ2VzdC11cmk9InhtcHAvZXhhbXBsZS5jb20iLHJlc3BvbnNl
4428 PWQzODhkYWQ5MGQ0YmJkNzYwYTE1MjMyMWYyMTQzYWY3LGNoYXJzZXQ9dXRmLTgK
4429
4431 The decoded response is:
4433 username="juliet",realm="example.com",
4434 nonce="OA6MG9tEQGm2hh",cnonce="OA6MHXh6VqTrRk",
4435 nc=00000001,qop=auth,digest-uri="xmpp/example.com",
4436 response=d388dad90d4bbd760a152321f2143af7,charset=utf-8
4438 Step 12: Server informs client of success and includes [BASE64]
4439 encoded value for subsequent authentication:
4441 S:
4442 cnNwYXV0aD1lYTQwZjYwMzM1YzQyN2I1NTI3Yjg0ZGJhYmNkZmZmZAo=
4443
4445 The decoded value for subsequent authentication is:
4447 rspauth=ea40f60335c427b5527b84dbabcdfffd
4448 Step 12 (alt): Server returns error to client:
4450 S:
4451
4452
4454 Step 13: Client initiates a new stream to server:
4456 C:
4478 S:
4479
4480
4481
4482
4483
4485 Upon being so informed that resource binding is required, the client
4486 MUST bind a resource to the stream; here we assume that the client
4487 asks the server to generate a resource identifier on its behalf.
4489 Step 15: Client binds a resource:
4491 C:
4492
4493
4495 Step 16: Server generates resource identifier and informs client of
4496 successful resource binding:
4498 S:
4499
4500
4501 juliet@example.com/4db06f06-1ea4-11dc-aca3-000bcd821bfb
4502
4503
4504
4506 10.1.4. Stanza Exchange
4508 Now the client is allowed to send XML stanzas over the negotiated
4509 stream.
4511 C:
4515 Art thou not Romeo, and a Montague?
4516
4518 If necessary, sender's server negotiates XML streams with intended
4519 recipient's server (see Section 10.2).
4521 The intended recipient replies and the message is delivered to the
4522 client.
4524 E:
4528 Neither, fair saint, if either thee dislike.
4529
4531 The client may send and receive an unbounded number of subsequent XML
4532 stanzas over the stream.
4534 10.1.5. Close
4536 Desiring to send no further messages, the client closes the stream.
4538 C:
4540 Consistent with the recommended stream closing handshake, server
4541 closes stream as well:
4543 S:
4545 Client now terminates the underlying TCP connection.
4547 10.2. Server-to-Server Examples
4549 The following examples show the data flow for a server negotiating an
4550 XML stream with another server, exchanging XML stanzas, and closing
4551 the negotiated stream. The initiating server ("Server1") is
4552 example.com; the receiving server ("Server2") is example.net and it
4553 requires use of TLS; example.com presents a certificate and
4554 authenticates via the SASL EXTERNAL mechanism. It is assumed that
4555 before sending the initial stream header, Server1 has already
4556 resolved an SRV record of _xmpp-server._tcp.example.net and has
4557 opened a TCP connection to the advertised port at the resolved IP
4558 address.
4560 Note: The alternate steps shown are provided only to illustrate the
4561 protocol for failure cases; they are not exhaustive and would not
4562 necessarily be triggered by the data sent in the examples.
4564 10.2.1. TLS
4566 Step 1: Server1 initiates stream to Server2:
4568 S1:
4575 Step 2: Server2 responds by sending a response stream header to
4576 Server1:
4578 S2:
4586 Step 3: Server2 sends stream features to Server1:
4588 S2:
4589
4590
4591
4592
4594 Step 4: Server1 sends the STARTTLS command to Server2:
4596 S1:
4598 Step 5: Server2 informs Server1 that it is allowed to proceed:
4600 S2:
4602 Step 5 (alt): Server2 informs Server1 that TLS negotiation has failed
4603 and closes stream:
4605 S2:
4607 S2:
4609 Step 6: Server1 and Server2 attempt to complete TLS negotiation via
4610 TCP.
4612 Step 7: If TLS negotiation is successful, Server1 initiates a new
4613 stream to Server2:
4615 S1:
4622 Step 7 (alt): If TLS negotiation is unsuccessful, Server2 closes TCP
4623 connection.
4625 10.2.2. SASL
4627 Step 8: Server2 sends a response stream header to Server1 along with
4628 available stream features (including a preference for the SASL
4629 EXTERNAL mechanism):
4631 S2:
4639 S2:
4640
4641 EXTERNAL
4642 DIGEST-MD5
4643
4644
4645
4647 Step 9: Server1 selects the EXTERNAL mechanism, in this case with an
4648 authorization identity encoded according to [BASE64]:
4650 S1: ZXhhbXBsZS5jb20K
4653 The decoded authorization identity is "example.com".
4655 Step 10: Server2 determines that the authorization identity provided
4656 by Server1 matches the information in the presented certificate and
4657 therefore returns success:
4659 S2:
4661 Step 11 (alt): Server2 informs Server1 of failed authentication:
4663 S2:
4664
4665
4667 S2:
4668 Step 12: Server1 initiates a new stream to Server2:
4670 S1:
4677 Step 13: Server2 responds by sending a stream header to Server1 along
4678 with any additional features (or, in this case, an empty features
4679 element):
4681 S2:
4689 S2:
4691 10.2.3. Stanza Exchange
4693 Now Server1 is allowed to send XML stanzas to Server2 over the
4694 negotiated stream; here we assume that the transferred stanzas are
4695 those shown earlier for client-to-server communication.
4697 Server1 sends XML stanza to Server2:
4699 S1:
4702 Art thou not Romeo, and a Montague?
4703
4705 The intended recipient replies and the message is delivered from
4706 Server2 to Server1.
4708 Server2 sends XML stanza to Server1:
4710 S2:
4713 Neither, fair saint, if either thee dislike.
4714
4716 10.2.4. Close
4718 Desiring to send no further messages, Server1 closes the stream. (In
4719 practice, the stream would most likely remain open for some time,
4720 since Server1 and Server2 do not immediately know if the stream will
4721 be needed for further communication.)
4723 S1:
4725 Consistent with the recommended stream closing handshake, Server2
4726 closes stream as well:
4728 S2:
4730 Server1 now terminates the underlying TCP connection.
4732 11. Server Rules for Processing XML Stanzas
4734 An XMPP server MUST ensure in-order processing of XML stanzas between
4735 any two entities. This includes stanzas sent by a client to its
4736 server for direct processing by the server (e.g., in-order processing
4737 of a roster get and initial presence as described in [XMPP-IM]).
4739 Beyond the requirement for in-order processing, each server
4740 implementation will contain its own logic for processing stanzas it
4741 receives. Such logic determines whether the server needs to ROUTE a
4742 given stanza to another domain, DELIVER it to a local entity
4743 (typically a connected client associated with a local account), or
4744 HANDLE it directly within the server itself. The following rules
4745 apply.
4747 Note: Particular XMPP applications MAY specify delivery rules that
4748 modify or supplement the following rules; for example, a set of
4749 delivery rules for instant messaging and presence applications is
4750 defined in [XMPP-IM].
4752 11.1. No 'to' Address
4754 11.1.1. Overview
4756 If the stanza possesses no 'to' attribute, the server SHOULD handle
4757 it directly on behalf of the entity that sent it. Because all
4758 stanzas received from other servers MUST possess a 'to' attribute,
4759 this rule applies only to stanzas received from a local entity (such
4760 as a client) that is connected to the server.
4762 11.1.2. Message
4764 If the server receives a message stanza with no 'to' attribute, it
4765 SHOULD handle it directly, which may include returning an error to
4766 the sending entity.
4768 11.1.3. Presence
4770 If the server receives a presence stanza with no 'to' attribute, it
4771 SHOULD broadcast it to the entities that are subscribed to the
4772 sending entity's presence, if applicable (the semantics of presence
4773 broadcast for presence applications are defined in [XMPP-IM]).
4775 11.1.4. IQ
4777 If the server receives an IQ stanza of type "get" or "set" with no
4778 'to' attribute, it MUST do the following:
4780 1. If it understands the namespace that qualifies the content of the
4781 stanza, it MUST either handle the stanza directly on behalf of
4782 sending entity (where the meaning of "handle" is determined by
4783 the semantics of the qualifying namespace) or return an
4784 appropriate error to the sending entity.
4785 2. If it does not understand the namespace that qualifies the
4786 content of the stanza, it MUST return an error to the sending
4787 entity, which SHOULD be .
4789 11.2. Local Domain
4791 If the hostname of the domain identifier portion of the JID contained
4792 in the 'to' attribute matches one of the configured hostnames of the
4793 server itself, the server MUST first determine if the hostname is
4794 serviced by the server or by a specialized local service. If the
4795 latter, the server MUST route the stanza to that service. If the
4796 former, the server MUST proceed as follows.
4798 11.2.1. Mere Domain
4800 If the JID contained in the 'to' attribute is of the form ,
4801 then the server MUST either handle the stanza as appropriate for the
4802 stanza kind or return an error stanza to the sender.
4804 11.2.2. Resource at Domain
4806 If the JID contained in the 'to' attribute is of the form , then the server MUST either handle the stanza as
4808 appropriate for the stanza kind or return an error stanza to the
4809 sender.
4811 11.2.3. Node at Local Domain
4813 If the JID contained in the 'to' attribute is of the form
4814 (bare JID) or (full JID), then
4815 the server SHOULD deliver the stanza to the intended recipient. The
4816 following rules apply:
4818 1. If the JID contains an XMPP resource identifier (i.e., is of the
4819 form ) and there exists a connected
4820 resource that exactly matches the full JID, the recipient's
4821 server SHOULD deliver the stanza to that connection.
4822 2. If the JID contains an XMPP resource identifier and there exists
4823 no connected resource that exactly matches the full JID, the
4824 recipient's server SHOULD return a stanza
4825 error to the sender.
4826 3. If the JID is of the form and there exists at least
4827 one connected resource for the node, the recipient's server
4828 SHOULD deliver the stanza to at least one of the connected
4829 resources if the stanza is a message or presence stanza and
4830 SHOULD handle it directly on behalf of the node if the stanza is
4831 an IQ stanza.
4833 Note: More detailed rules in the context of instant messaging and
4834 presence applications are provided in [XMPP-IM].
4836 11.3. Foreign Domain
4838 If the hostname of the domain identifier portion of the JID contained
4839 in the 'to' attribute does not match one of the configured hostnames
4840 of the server itself, the server SHOULD attempt to route the stanza
4841 to the foreign domain (subject to local service provisioning and
4842 security policies regarding inter-domain communication, since such
4843 communication is optional for any given deployment). There are two
4844 possible cases.
4846 11.3.1. Existing Stream
4848 If a server-to-server stream already exists between the two domains,
4849 the sender's server shall attempt to route the stanza to the
4850 authoritative server for the foreign domain over the existing stream.
4852 11.3.2. No Existing Stream
4854 If there exists no server-to-server stream between the two domains,
4855 the sender's server shall proceed as follows:
4857 1. Resolve the hostname of the foreign domain (as defined under
4858 Section 15.4).
4859 2. Negotiate a server-to-server stream between the two domains (as
4860 defined under Section 6 and Section 7).
4861 3. Route the stanza to the authoritative server for the foreign
4862 domain over the newly-established stream.
4864 11.3.3. Error Handling
4866 If routing to the intended recipient's server is unsuccessful, the
4867 sender's server MUST return an error to the sender, which SHOULD be
4868 if resolution of the foreign domain is
4869 unsuccessful and if resolution succeeds but
4870 streams cannot be negotiated.
4872 If stream negotiation with the intended recipient's server is
4873 successful but the foreign server cannot deliver the stanza to the
4874 recipient, the foreign server shall return an error to the sender by
4875 way of the sender's server.
4877 12. XML Usage
4879 12.1. Restrictions
4881 The Extensible Messaging and Presence Protocol (XMPP) defines a class
4882 of data objects called XML streams as well as the behavior of
4883 computer programs that process XML streams. XMPP is an application
4884 profile of the Extensible Markup Language [XML], and a complete XML
4885 stream (including start and end stream tags) is a conforming XML
4886 document.
4888 However, XMPP does not deal with XML documents but with XML streams.
4889 Because XMPP does not require the parsing of arbitrary and complete
4890 XML documents, there is no requirement that XMPP needs to support the
4891 full feature set of [XML]. In particular, the following features of
4892 XML are prohibited in XMPP:
4894 o comments (as defined in Section 2.5 of [XML])
4895 o processing instructions (Section 2.6 therein)
4896 o internal or external DTD subsets (Section 2.8 therein)
4897 o internal or external entity references (Section 4.2 therein) with
4898 the exception of predefined entities (Section 4.6 therein)
4899 o character data or attribute values containing unescaped characters
4900 that map to the predefined entities (Section 4.6 therein); such
4901 characters MUST be escaped
4903 An XMPP implementation MUST behave as follow with regard to these
4904 features:
4906 1. An XMPP implementation MUST NOT inject characters matching such
4907 features into an XML stream.
4908 2. If an XMPP implementation receives characters matching such
4909 features over an XML stream, it MUST return a stream error, which
4910 SHOULD be but MAY be .
4912 12.2. XML Namespace Names and Prefixes
4914 XML namespaces (see [XML-NAMES]) are used within XMPP streams to
4915 create strict boundaries of data ownership. The basic function of
4916 namespaces is to separate different vocabularies of XML elements that
4917 are structurally mixed together. Ensuring that XMPP streams are
4918 namespace-aware enables any allowable XML to be structurally mixed
4919 with any data element within XMPP. XMPP-specific rules for XML
4920 namespace names and prefixes are defined in the following
4921 subsections.
4923 12.2.1. Streams Namespace
4925 A streams namespace declaration is REQUIRED in all XML stream headers
4926 and the name of the streams namespace MUST be
4927 'http://etherx.jabber.org/streams'. If this rule is violated, the
4928 entity that receives the offending stream header MUST return a stream
4929 error to the sending entity, which SHOULD be but
4930 MAY be .
4932 The element names of the element and its and
4933 children MUST be qualified by the streams namespace prefix
4934 in all instances. If this rule is violated, the entity that receives
4935 the offending element MUST return a stream error to the sending
4936 entity, which SHOULD be .
4938 An implementation SHOULD generate only the 'stream:' prefix for these
4939 elements, and for historical reasons MAY accept only the 'stream:'
4940 prefix. If an entity receives a stream header with a streams
4941 namespace prefix it does not accept, it MUST return a stream error to
4942 the sending entity, which SHOULD be but MAY
4943 be .
4945 12.2.2. Default Namespace
4947 A default namespace declaration is REQUIRED and defines the allowable
4948 first-level children of the root stream element. This namespace
4949 declaration MUST be the same for the initial stream and the response
4950 stream so that both streams are qualified consistently. The default
4951 namespace declaration applies to the stream and all first-level child
4952 element sent within a stream unless explicitly qualified by the
4953 streams namespace or another namespace).
4955 A server implementation MUST support the following two default
4956 namespaces (for historical reasons, an implementation MAY support
4957 only these two default namespaces):
4959 o jabber:client -- this default namespace is declared when the
4960 stream is used for communication between a client and a server
4961 o jabber:server -- this default namespace is declared when the
4962 stream is used for communication between two servers
4964 A client implementation MUST support the 'jabber:client' default
4965 namespace, and for historical reasons MAY support only that default
4966 namespace.
4968 If an implementation accepts a stream that is qualified by the
4969 'jabber:client' or 'jabber:server' namespace, it MUST support the
4970 common attributes (Section 9.1) and basic semantics (Section 9.2) of
4971 all three core stanza types (message, presence, and IQ).
4973 An implementation MUST NOT generate namespace prefixes for elements
4974 qualified by the default namespace if the default namespace is
4975 'jabber:client' or 'jabber:server'.
4977 Note: The 'jabber:client' and 'jabber:server' namespaces are nearly
4978 identical but are used in different contexts (client-to-server
4979 communication for 'jabber:client' and server-to-server communication
4980 for 'jabber:server'). The only difference between the two is that
4981 the 'to' and 'from' attributes are OPTIONAL on stanzas sent over XML
4982 streams qualified by the 'jabber:client' namespace, whereas they are
4983 REQUIRED on stanzas sent over XML streams qualified by the 'jabber:
4984 server' namespace.
4986 An implementation MAY support a default namespace other than "jabber:
4987 client" or "jabber:server". However, because such namespaces would
4988 define applications other than XMPP, they are to be defined in
4989 separate specifications.
4991 12.2.3. Extended Namespaces
4993 An EXTENDED NAMESPACE is an XML namespace that qualifies extended
4994 content as defined under Section 9.4. For example, in the following
4995 stanza, the extended namespace is 'jabber:iq:roster':
4997
5000
5001
5003 An XML stanza MAY contain XML data qualified by more than one
5004 extended namespace, either at the direct child level of the stanza
5005 (for presence and message stanzas) or in any mix of levels (for all
5006 stanzas).
5008
5009
5012
5013 sha1-hash-of-image
5014
5015
5017
5018 Hello?
5019
5020
5021 Hello?
5022
5023
5024
5026
5029
5030
5031 some-long-opaque-string
5032
5033
5034
5036 An implementation SHOULD NOT generate namespace prefixes for elements
5037 qualified by content (as opposed to stream) namespaces other than the
5038 default namespace. However, if included, the namespace declarations
5039 for those prefixes MUST be included on the stanza root or a child
5040 thereof, not at the level of the stream element (this helps to ensure
5041 that any such namespace declaration is routed and delivered with the
5042 stanza, instead of assumed from the stream).
5044 12.3. Validation
5046 A server is not responsible for ensuring that XML data delivered to a
5047 client or routed to another server is valid, in accorfdance with the
5048 definition of "valid" provided in Section 2.8 of [XML]. An
5049 implementation MAY choose to provide only validated data, but such
5050 behavior is OPTIONAL. A client SHOULD NOT rely on the ability to
5051 send data that does not conform to the schemas, and SHOULD ignore any
5052 non-conformant elements or attributes on the incoming XML stream.
5054 Note: The terms "valid" and "well-formed" are distinct in XML. All
5055 XMPP data MUST be well-formed, in accordance with the definition of
5056 "well-formed" provided in Section 2.1 of [XML].
5058 12.4. Inclusion of Text Declaration
5060 Implementations SHOULD send a text declaration before sending a
5061 stream header. Applications MUST follow the rules provided in [XML]
5062 regarding the circumstances under which a text declaration is
5063 included.
5065 12.5. Character Encoding
5067 Implementations MUST support the UTF-8 transformation of Universal
5068 Character Set [UCS2] characters, as required by [CHARSET] and defined
5069 in [UTF-8]. Implementations MUST NOT attempt to use any other
5070 encoding. If one party to an XML stream detects that the other party
5071 has attempted to send XML data with an encoding other than UTF-8, it
5072 MUST return a stream error, which SHOULD be .
5074 12.6. White Space
5076 Except where explicitly disallowed (e.g., during TLS negotiation
5077 (Section 6) and SASL negotiation (Section 7)), either entity MAY send
5078 white space characters (matching production [3] content of [XML])
5079 within the root stream element as separators between XML stanzas or
5080 between any other first-level elements sent over the stream; one
5081 common use for sending such white space characters is to check the
5082 viability of the underlying TCP connection after a period of
5083 inactivity.
5085 13. Compliance Requirements
5087 This section summarizes the specific aspects of the Extensible
5088 Messaging and Presence Protocol that MUST be supported by servers and
5089 clients in order to be considered compliant implementations, as well
5090 as additional protocol aspects that SHOULD be supported. For
5091 compliance purposes, we draw a distinction between core protocols
5092 (which MUST be supported by any server or client, regardless of the
5093 specific application) and instant messaging and presence protocols
5094 (which MUST be supported only by instant messaging and presence
5095 applications built on top of the core protocols). Compliance
5096 requirements that apply to all servers and clients are specified in
5097 this section; compliance requirements for instant messaging and
5098 presence applications are specified in the corresponding section of
5099 [XMPP-IM].
5101 13.1. Servers
5103 A server MUST support the following core protocols in order to be
5104 considered compliant:
5106 o Conformance with [IDNA] for domain identifiers, the Nodeprep
5107 (Appendix A) profile of [STRINGPREP] for node identifiers, and the
5108 Resourceprep (Appendix B) profile of [STRINGPREP] for resource
5109 identifiers, as well as enforcement thereof for clients that
5110 authenticate with the server
5111 o XML streams (Section 5), including TLS negotiation (Section 6),
5112 SASL negotiation (Section 7), and Resource Binding (Section 8)
5113 o The basic semantics of the three defined stanza types (i.e.,
5114 , , and )
5115 o Generation (and, where appropriate, handling) of error syntax and
5116 semantics related to streams, TLS, SASL, and XML stanzas
5118 For backward compatibility with the large deployed base of XMPP
5119 servers, server developers are advised to implement the server
5120 dialback protocol first specified in [RFC3920] and now documented in
5121 [XEP-0220], since that protocol is widely used for weak identity
5122 verification of peer servers in the absence of domain certificates.
5124 13.2. Clients
5126 A client MUST support the following core protocols in order to be
5127 considered compliant:
5129 o XML streams (Section 5), including TLS negotiation (Section 6),
5130 SASL negotiation (Section 7), and Resource Binding (Section 8)
5131 o The basic semantics of the three defined stanza types (i.e.,
5132 , , and )
5133 o Handling (and, where appropriate, generation) of error syntax and
5134 semantics related to streams, TLS, SASL, and XML stanzas
5136 In addition, a client SHOULD support the following core protocols:
5138 o Conformance with [IDNA] for domain identifiers, the Nodeprep
5139 (Appendix A) profile of [STRINGPREP] for node identifiers, and the
5140 Resourceprep (Appendix B) profile of [STRINGPREP] for resource
5141 identifiers.
5143 14. Internationalization Considerations
5145 As specified under Section 12.5, XML streams MUST be encoded in
5146 UTF-8.
5148 As specified under Section 5.3, an XML stream SHOULD include an 'xml:
5149 lang' attribute specifying the default language for any XML character
5150 data that is intended to be presented to a human user. As specified
5151 under Section 9.1.5, an XML stanza SHOULD include an 'xml:lang'
5152 attribute if the stanza contains XML character data that is intended
5153 to be presented to a human user. A server SHOULD apply the default
5154 'xml:lang' attribute to stanzas it routes or delivers on behalf of
5155 connected entities, and MUST NOT modify or delete 'xml:lang'
5156 attributes on stanzas it receives from other entities.
5158 As specified under Section 3, a server MUST support and enforce
5159 [IDNA] for domain identifiers, the Nodeprep (Appendix A) profile of
5160 [STRINGPREP] for node identifiers, and the Resourceprep (Appendix B)
5161 profile of [STRINGPREP] for resource identifiers; this enables XMPP
5162 addresses to include a wide variety of Unicode characters outside the
5163 US-ASCII range.
5165 15. Security Considerations
5167 15.1. High Security
5169 For the purposes of XMPP communication (client-to-server and server-
5170 to-server), the term "high security" refers to the use of security
5171 technologies that provide both mutual authentication and integrity
5172 checking; in particular, when using certificate-based authentication
5173 to provide high security, a chain-of-trust SHOULD be established out-
5174 of-band, although a shared certification authority signing
5175 certificates could allow a previously unknown certificate to
5176 establish trust in-band. See Section 15.2 regarding certificate
5177 validation procedures.
5179 Implementations MUST support high security. Service provisioning
5180 should use high security, subject to local security policies.
5182 15.2. Certificate Validation
5184 When an XMPP peer communicates with another peer securely, it MUST
5185 validate the peer's certificate. There are three possible cases:
5187 Case #1: The peer contains an End Entity certificate that appears to
5188 be certified by a chain of certificates terminating in a trust
5189 anchor (as described in Section 6.1 of [X509]).
5190 Case #2: The peer certificate is certified by a Certificate
5191 Authority not known to the validating peer.
5192 Case #3: The peer certificate is self-signed.
5194 In Case #1, the validating peer MUST do one of two things:
5195 1. Verify the peer certificate according to the rules of [X509].
5196 The certificate SHOULD then be checked against the expected
5197 identity of the peer following the rules described in [HTTP-TLS],
5198 except that if present an [ASN.1] Object Identifier of "id-on-
5199 xmppAddr" (represented as a UTF8String in an otherName entity
5200 inside the subjectAltName) MUST be used as the identity. If one
5201 of these checks fails, user-oriented clients MUST either notify
5202 the user (clients MAY give the user the opportunity to continue
5203 with the connection anyway) or terminate the connection with a
5204 bad certificate error. Automated clients SHOULD terminate the
5205 connection (with a bad certificate error) and log the error to an
5206 appropriate audit log. Automated clients MAY provide a
5207 configuration setting that disables this check, but MUST provide
5208 a setting that enables it.
5209 2. The peer SHOULD show the certificate to a user for approval,
5210 including the entire certificate chain. The peer MUST cache the
5211 certificate (or some non-forgeable representation such as a
5212 hash). In future connections, the peer MUST verify that the same
5213 certificate was presented and MUST notify the user if it has
5214 changed.
5216 In Case #2 and Case #3, implementations SHOULD act as in Rule #2 for
5217 Case #1.
5219 15.3. Client-to-Server Communication
5221 A compliant client implementation MUST support both TLS and SASL for
5222 connections to a server.
5224 The TLS protocol for encrypting XML streams (defined under Section 6)
5225 provides a reliable mechanism for helping to ensure the
5226 confidentiality and data integrity of data exchanged between two
5227 entities.
5229 The SASL protocol for authenticating XML streams (defined under
5230 Section 7) provides a reliable mechanism for validating that a client
5231 connecting to a server is who it claims to be.
5233 Client-to-server communication MUST NOT proceed until the DNS
5234 hostname asserted by the server has been resolved as specified under
5235 Section 4. If there is a mismatch between the hostname to which a
5236 client attempted to connect (e.g., "example.net") and the hostname to
5237 which the client actually connects (e.g., "xmpp.example.net"), the
5238 client MUST warn a human user about the mismatch and the human user
5239 MUST approve the connection before the client proceeds; however, the
5240 client MAY also allow the user to add the presented hostname to a
5241 configured set of accepted hostnames in order to expedite future
5242 connections.
5244 A client's IP address and method of access MUST NOT be made public by
5245 a server, nor are any connections other than the original server
5246 connection required. This helps to protect the client's server from
5247 direct attack or identification by third parties.
5249 15.4. Server-to-Server Communication
5251 A compliant server implementation MUST support both TLS and SASL for
5252 inter-domain communication.
5254 Because service provisioning is a matter of policy, it is optional
5255 for any given domain to communicate with other domains, and server-
5256 to-server communication may be disabled by the administrator of any
5257 given deployment. If a particular domain enables inter-domain
5258 communication, it should enable high security.
5260 Administrators may want to require use of SASL for server-to-server
5261 communication in order to ensure both authentication and
5262 confidentiality (e.g., on an organization's private network).
5263 Compliant implementations SHOULD support SASL for this purpose.
5265 Server-to-server communication MUST NOT proceed until the DNS
5266 hostnames asserted by both servers have been resolved as specified
5267 under Section 4.
5269 15.5. Order of Layers
5271 The order of layers in which protocols MUST be stacked is:
5273 1. TCP
5274 2. TLS
5275 3. SASL
5276 4. XMPP
5278 The rationale for this order is that [TCP] is the base connection
5279 layer used by all of the protocols stacked on top of TCP, [TLS] is
5280 often provided at the operating system layer, [SASL] is often
5281 provided at the application layer, and XMPP is the application
5282 itself.
5284 15.6. Lack of SASL Channel Binding to TLS
5286 The SASL framework itself does not provide a method for binding SASL
5287 authentication to a security layer providing confidentiality and
5288 integrity protection that was negotiated at a lower layer. Some SASL
5289 mechanisms provide such a binding. However, if a SASL mechanism does
5290 not provide such a binding, then the mechanism cannot provide a way
5291 to verify that the source and destination end points to which the
5292 lower layer's security is bound are equivalent to the end points that
5293 SASL is authenticating; furthermore, if the end points are not
5294 identical, then the lower layer's security cannot be trusted to
5295 protect data transmitted between the SASL-authenticated entities. In
5296 such a situation, a SASL security layer SHOULD be negotiated that
5297 effectively ignores the presence of the lower-layer security.
5299 15.7. Mandatory-to-Implement Technologies
5301 At a minimum, all implementations MUST support the following
5302 mechanisms:
5304 for authentication only: the SASL [DIGEST-MD5] mechanism
5305 for confidentiality only: TLS (using the
5306 TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher)
5307 for both authentication and confidentiality: TLS plus SASL PLAIN for
5308 password-based authentication or TLS plus SASL EXTERNAL for non-
5309 password-based authentication (using the
5310 TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher supporting peer certificates)
5312 Naturally, implementations MAY support other ciphers with TLS and MAY
5313 support other SASL mechanisms.
5315 Note: The use of TLS plus SASL plain for replaces the SASL DIGEST-MD5
5316 mechanism as XMPP's mandatory-to-implement password-based
5317 authentication mechanism. Implementations are encouraged to continue
5318 supporting the SASL DIGEST-MD5 mechanism as specified in
5319 [DIGEST-MD5].
5321 15.8. Firewalls
5323 Communication using XMPP normally occurs over TCP connections on port
5324 5222 (client-to-server) or port 5269 (server-to-server), as
5325 registered with the IANA (see Section 16). Use of these well-known
5326 ports allows administrators to easily enable or disable XMPP activity
5327 through existing and commonly-deployed firewalls.
5329 15.9. Use of base64 in SASL
5331 Both the client and the server MUST verify any base64 data received
5332 during SASL negotiation (Section 7). An implementation MUST reject
5333 (not ignore) any characters that are not explicitly allowed by the
5334 base64 alphabet; this helps to guard against creation of a covert
5335 channel that could be used to "leak" information. An implementation
5336 MUST NOT break on invalid input and MUST reject any sequence of
5337 base64 characters containing the pad ('=') character if that
5338 character is included as something other than the last character of
5339 the data (e.g., "=AAA" or "BBBB=CCC"); this helps to guard against
5340 buffer overflow attacks and other attacks on the implementation.
5341 While base 64 encoding visually hides otherwise easily recognized
5342 information (such as passwords), it does not provide any
5343 computational confidentiality. All uses of base 64 encoding MUST
5344 follow the definition in Section 4 of [BASE64] and padding bits MUST
5345 be set to zero.
5347 15.10. Stringprep Profiles
5349 XMPP makes use of the [NAMEPREP] profile of [STRINGPREP] for
5350 processing of domain identifiers; for security considerations related
5351 to Nameprep, refer to the appropriate section of [NAMEPREP].
5353 In addition, XMPP defines two profiles of [STRINGPREP]: Nodeprep
5354 (Appendix A) for node identifiers and Resourceprep (Appendix B) for
5355 resource identifiers.
5357 The Unicode and ISO/IEC 10646 repertoires have many characters that
5358 look similar. In many cases, users of security protocols might do
5359 visual matching, such as when comparing the names of trusted third
5360 parties. Because it is impossible to map similar-looking characters
5361 without a great deal of context (such as knowing the fonts used)
5362 stringprep does nothing to map similar-looking characters together,
5363 nor to prohibit some characters because they look like others.
5365 A node identifier can be employed as one part of an entity's address
5366 in XMPP. One common usage is as the username of an instant messaging
5367 user; another is as the name of a multi-user conference room; many
5368 other kinds of entities could use node identifiers as part of their
5369 addresses. The security of such services could be compromised based
5370 on different interpretations of the internationalized node
5371 identifier; for example, a user entering a single internationalized
5372 node identifier could access another user's account information, or a
5373 user could gain access to a hidden or otherwise restricted chat room
5374 or service.
5376 A resource identifier can be employed as one part of an entity's
5377 address in XMPP. One common usage is as the name for an instant
5378 messaging user's connected resource; another is as the nickname of a
5379 user in a multi-user conference room; many other kinds of entities
5380 could use resource identifiers as part of their addresses. The
5381 security of such services could be compromised based on different
5382 interpretations of the internationalized resource identifier; for
5383 example, a user could attempt to initiate multiple connections with
5384 the same name, or a user could send a message to someone other than
5385 the intended recipient in a multi-user conference room.
5387 15.11. Address Spoofing
5389 As discussed in [XEP-0165], there are two forms of address spoofing:
5390 forging and mimicking.
5392 15.11.1. Address Forging
5394 In the context of XMPP technologies, address forging occurs when an
5395 entity is able to generate an XML stanza whose 'from' address does
5396 not correspond to the account credentials with which the entity
5397 authenticated onto the network (or an authorization identity provided
5398 during SASL negotiation (Section 7)). For example, address forging
5399 occurs if an entity that authenticated as "juliet@example.com" is
5400 able to send XML stanzas from "nurse@example.com" or
5401 "romeo@example.net".
5403 Address forging is difficult in XMPP systems, given the requirement
5404 for sending servers to stamp 'from' addresses and for receiving
5405 servers to verify sending domains via server-to-server
5406 authentication. However, address forging is not impossible, since a
5407 rogue server could forge JIDs at the sending domain by ignoring the
5408 stamping requirement. A rogue server could even forge JIDs at other
5409 domains by means of a DNS poisoning attack if [DNSSEC] is not used.
5410 This specification does not define methods for discovering or
5411 counteracting such rogue servers.
5413 15.11.2. Address Mimicking
5415 Address mimicking occus when an entity provides legitimate
5416 authentication credentials for and sends XML stanzas from an account
5417 whose JID appears to a human user to be the same as another JID. For
5418 example, in some XMPP clients the address "paypa1@example.org"
5419 (spelled with the number one as the final character of the node
5420 identifier) may appear to be the same as "paypal@example.org (spelled
5421 with the lower-case version of the letter "L"), especially on casual
5422 visual inspection; this phenomenon is sometimes called "typejacking".
5423 A more sophisticated example of address mimicking might involve the
5424 use of characters from outside the US-ASCII range, such as the
5425 Cherokee characters U+13DA U+13A2 U+13B5 U+13AC U+13A2 U+13AC U+13D2
5426 instead of the US-ASCII characters "STPETER".
5428 In some examples of address mimicking, it is unlikely that the
5429 average user could tell the difference between the real JID and the
5430 fake JID. (Naturally, there is no way to distinguish with full
5431 certainty which is the fake JID and which is the real JID; in some
5432 communication contexts, the JID with Cherokee characters may be the
5433 real JID and the JID with US-ASCII characters may thus appear to be
5434 the fake JID.) Because JIDs can contain almost any Unicode
5435 character, it may be relatively easy to mimic some JIDs in XMPP
5436 systems. The possibility of address mimicking introduces security
5437 vulnerabilities of the kind that have also plagued the World Wide
5438 Web, specifically the phenomenon known as phishing.
5440 Mimicked addresses that involve characters from only one character
5441 set or from the character set typically employed by a particular user
5442 are not easy to combat (e.g., the simple typejacking attack
5443 previously described, which relies on a surface similarity between
5444 the characters "1" and "l" in some presentations). However, mimicked
5445 addresses that involve characters from more than one character set,
5446 or from a character set not typically employed by a particular user,
5447 can be mitigated somewhat through intelligent presentation. In
5448 particular, every human user of an XMPP technology presumably has a
5449 preferred language (or, in some cases, a small set of preferred
5450 languages), which an XMPP application SHOULD gather either explicitly
5451 from the user or implicitly via the operating system of the user's
5452 device. Furthermore, every language has a range (or a small set of
5453 ranges) of characters normally used to represent that language in
5454 textual form. Therefore, an XMPP application SHOULD warn the user
5455 when presenting a JID that uses characters outside the normal range
5456 of the user's preferred language(s). This recommendation is not
5457 intended to discourage communication across language communities;
5458 instead, it recognizes the existence of such language communities and
5459 encourages due caution when presenting unfamiliar character sets to
5460 human users.
5462 For more detailed recommendations regarding prevention of address
5463 mimicking in XMPP systems, refer to [XEP-0165].
5465 15.12. Denial of Service
5467 [DOS] defines denial of service as follows:
5469 A Denial-of-Service (DoS) attack is an attack in which one or more
5470 machines target a victim and attempt to prevent the victim from
5471 doing useful work. The victim can be a network server, client or
5472 router, a network link or an entire network, an individual
5473 Internet user or a company doing business using the Internet, an
5474 Internet Service Provider (ISP), country, or any combination of or
5475 variant on these.
5477 [XEP-0205] provides a detailed discussion of potential denial of
5478 service attacks against XMPP systems and best practices for
5479 preventing such attacks. The recommendations include:
5481 1. A server implementation SHOULD enable a server administrator to
5482 limit the number of TCP connections that it will accept from a
5483 given IP address at any one time. If an entity attempts to
5484 connect but the maximum number of TCP connections has been
5485 reached, the receiving server MUST NOT allow the new connection
5486 to proceed.
5487 2. A server implementation SHOULD enable a server administrator to
5488 limit the number of TCP connection attempts that it will accept
5489 from a given IP address in a given time period. (While it is
5490 possible to limit the number of connections at the TCP layer
5491 rather than at the XMPP application layer, care must be taken in
5492 doing so since limits at the TCP layer might result in an
5493 inability to access non-XMPP services.) If an entity attempts to
5494 connect but the maximum number of connections has been reached,
5495 the receiving server MUST NOT allow the new connection to
5496 proceed.
5497 3. A server MUST NOT process XML stanzas from clients that have not
5498 yet provided appropriate authentication credentials and MUST NOT
5499 process XML stanzas from peer servers whose identity it has not
5500 either authenticated via SASL.
5501 4. A server implementation SHOULD enable a server administrator to
5502 limit the number of connected resources it will allow an account
5503 to bind at any one time. If a client attempts to bind a resource
5504 but it has already reached the configured number of allowable
5505 resources, the receiving server MUST return a
5506 stanza error.
5507 5. A server implementation SHOULD enable a server administrator to
5508 limit the size of stanzas it will accept from a connected client
5509 or peer server. If a connected resource or peer server sends a
5510 stanza that violates the upper limit, the receiving server SHOULD
5511 NOT process the stanza and instead SHOULD return a
5512 stanza error. Alternatively (e.g., if the sender has sent an
5513 egregiously large stanza), the server MAY instead return a
5514 stream error.
5515 6. A server implementation SHOULD enable a server administrator to
5516 limit the number of XML stanzas that a connected client may send
5517 to distinct recipients within a given time period. If a
5518 connected client sends too many stanzas to distinct recipients in
5519 a given time period, the receiving server SHOULD NOT process the
5520 stanza and instead SHOULD return an stanza
5521 error.
5522 7. A server implementation SHOULD enable a server administrator to
5523 limit the amount of bandwidth it will allow a connected client or
5524 peer server to use in a given time period.
5525 8. A server implementation SHOULD enable a server administrator to
5526 limit the types of stanzas (based on the extended content
5527 "payload") that it will allow a connected resource or peer server
5528 send over an active connection. Such limits and restrictions are
5529 a matter of deployment policy.
5531 For more detailed recommendations regarding denial of service attacks
5532 in XMPP systems, refer to [XEP-0205].
5534 15.13. Presence Leaks
5536 One of the core aspects of XMPP is presence, i.e., widespread
5537 information about the network availability of XMPP entities.
5538 Although presence is discussed more fully in [XMPP-IM], it is
5539 important to note that an XMPP server MUST NOT disclose an entity's
5540 presence to entities that are not authorized to know that information
5541 (such a disclosure is called a "presence leak"). In particular at
5542 the core XMPP level, real-time addressing and network availability is
5543 associated with a specific connected resource; therefore, any
5544 disclosure of a connected resource's full JID comprises a presence
5545 leak. To help prevent such a presence leak, a server MUST NOT return
5546 different stanza errors if a potential attacker sends XML stanzas to
5547 the entity's bare JID () or full JID
5548 ().
5550 15.14. Directory Harvesting
5552 To help prevent directory harvesting attacks, a server MUST NOT
5553 return different stanza errors if a potential attacker sends XML
5554 stanzas to an existing entity or a nonexistent entity. The stanza
5555 error returned in both cases SHOULD be .
5557 16. IANA Considerations
5559 The following sections update the registrations provided in
5561 [RFC3920].
5563 16.1. XML Namespace Name for TLS Data
5565 A URN sub-namespace for STARTTLS negotiation data in the Extensible
5566 Messaging and Presence Protocol (XMPP) is defined as follows. (This
5567 namespace name adheres to the format defined in [XML-REG].)
5569 URI: urn:ietf:params:xml:ns:xmpp-tls
5570 Specification: XXXX
5571 Description: This is the XML namespace name for STARTTLS negotiation
5572 data in the Extensible Messaging and Presence Protocol (XMPP) as
5573 defined by XXXX.
5574 Registrant Contact: IETF, XMPP Working Group,
5576 16.2. XML Namespace Name for SASL Data
5578 A URN sub-namespace for SASL negotiation data in the Extensible
5579 Messaging and Presence Protocol (XMPP) is defined as follows. (This
5580 namespace name adheres to the format defined in [XML-REG].)
5582 URI: urn:ietf:params:xml:ns:xmpp-sasl
5583 Specification: XXXX
5584 Description: This is the XML namespace name for SASL negotiation
5585 data in the Extensible Messaging and Presence Protocol (XMPP) as
5586 defined by XXXX.
5587 Registrant Contact: IETF, XMPP Working Group,
5589 16.3. XML Namespace Name for Stream Errors
5591 A URN sub-namespace for stream error data in the Extensible Messaging
5592 and Presence Protocol (XMPP) is defined as follows. (This namespace
5593 name adheres to the format defined in [XML-REG].)
5595 URI: urn:ietf:params:xml:ns:xmpp-streams
5596 Specification: XXXX
5597 Description: This is the XML namespace name for stream error data in
5598 the Extensible Messaging and Presence Protocol (XMPP) as defined
5599 by XXXX.
5600 Registrant Contact: IETF, XMPP Working Group,
5602 16.4. XML Namespace Name for Resource Binding
5604 A URN sub-namespace for resource binding in the Extensible Messaging
5605 and Presence Protocol (XMPP) is defined as follows. (This namespace
5606 name adheres to the format defined in [XML-REG].)
5607 URI: urn:ietf:params:xml:ns:xmpp-bind
5608 Specification: XXXX
5609 Description: This is the XML namespace name for resource binding in
5610 the Extensible Messaging and Presence Protocol (XMPP) as defined
5611 by XXXX.
5612 Registrant Contact: IETF, XMPP Working Group,
5614 16.5. XML Namespace Name for Stanza Errors
5616 A URN sub-namespace for stanza error data in the Extensible Messaging
5617 and Presence Protocol (XMPP) is defined as follows. (This namespace
5618 name adheres to the format defined in [XML-REG].)
5620 URI: urn:ietf:params:xml:ns:xmpp-stanzas
5621 Specification: XXXX
5622 Description: This is the XML namespace name for stanza error data in
5623 the Extensible Messaging and Presence Protocol (XMPP) as defined
5624 by XXXX.
5625 Registrant Contact: IETF, XMPP Working Group,
5627 16.6. Nodeprep Profile of Stringprep
5629 The Nodeprep profile of stringprep is defined under Nodeprep
5630 (Appendix A). The IANA has registered Nodeprep in the stringprep
5631 profile registry.
5633 Name of this profile:
5635 Nodeprep
5637 RFC in which the profile is defined:
5639 XXXX
5641 Indicator whether or not this is the newest version of the profile:
5643 This is the first version of Nodeprep
5645 16.7. Resourceprep Profile of Stringprep
5647 The Resourceprep profile of stringprep is defined under Resourceprep
5648 (Appendix B). The IANA has registered Resourceprep in the stringprep
5649 profile registry.
5651 Name of this profile:
5653 Resourceprep
5655 RFC in which the profile is defined:
5657 XXXX
5659 Indicator whether or not this is the newest version of the profile:
5661 This is the first version of Resourceprep
5663 16.8. GSSAPI Service Name
5665 The IANA has registered "xmpp" as a GSSAPI [GSS-API] service name, as
5666 defined under Section 7.4.
5668 16.9. Port Numbers
5670 The IANA has registered "xmpp-client" and "xmpp-server" as keywords
5671 for [TCP] ports 5222 and 5269 respectively.
5673 These ports SHOULD be used for client-to-server and server-to-server
5674 communications respectively, but other ports MAY be used.
5676 17. References
5678 17.1. Normative References
5680 [ABNF] Crocker, D. and P. Overell, "Augmented BNF for Syntax
5681 Specifications: ABNF", RFC 4234, October 2005.
5683 [BASE64] Josefsson, S., "The Base16, Base32, and Base64 Data
5684 Encodings", RFC 4648, October 2006.
5686 [CHARSET] Alvestrand, H., "IETF Policy on Character Sets and
5687 Languages", BCP 18, RFC 2277, January 1998.
5689 [DIGEST-MD5]
5690 Leach, P. and C. Newman, "Using Digest Authentication as a
5691 SASL Mechanism", RFC 2831, May 2000.
5693 [DNS-SRV] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
5694 specifying the location of services (DNS SRV)", RFC 2782,
5695 February 2000.
5697 [DNS] Mockapetris, P., "Domain names - implementation and
5698 specification", STD 13, RFC 1035, November 1987.
5700 [IDNA] Faltstrom, P., Hoffman, P., and A. Costello,
5701 "Internationalizing Domain Names in Applications (IDNA)",
5702 RFC 3490, March 2003.
5704 [IPv6] Hinden, R. and S. Deering, "IP Version 6 Addressing
5705 Architecture", RFC 4291, February 2006.
5707 [LANGTAGS]
5708 Phillips, A. and M. Davis, "Tags for Identifying
5709 Languages", BCP 47, RFC 4646, September 2006.
5711 [NAMEPREP]
5712 Hoffman, P. and M. Blanchet, "Nameprep: A Stringprep
5713 Profile for Internationalized Domain Names (IDN)",
5714 RFC 3491, March 2003.
5716 [RANDOM] Eastlake, D., Schiller, J., and S. Crocker, "Randomness
5717 Requirements for Security", BCP 106, RFC 4086, June 2005.
5719 [SASL] Melnikov, A. and K. Zeilenga, "Simple Authentication and
5720 Security Layer (SASL)", RFC 4422, June 2006.
5722 [STRINGPREP]
5723 Hoffman, P. and M. Blanchet, "Preparation of
5724 Internationalized Strings ("stringprep")", RFC 3454,
5725 December 2002.
5727 [TCP] Postel, J., "Transmission Control Protocol", STD 7,
5728 RFC 793, September 1981.
5730 [TERMS] Bradner, S., "Key words for use in RFCs to Indicate
5731 Requirement Levels", BCP 14, RFC 2119, March 1997.
5733 [TLS] Dierks, T. and E. Rescorla, "The Transport Layer Security
5734 (TLS) Protocol Version 1.1", RFC 4346, April 2006.
5736 [UCS2] International Organization for Standardization,
5737 "Information Technology - Universal Multiple-octet coded
5738 Character Set (UCS) - Amendment 2: UCS Transformation
5739 Format 8 (UTF-8)", ISO Standard 10646-1 Addendum 2,
5740 October 1996.
5742 [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
5743 10646", STD 63, RFC 3629, November 2003.
5745 [UUID] Leach, P., Mealling, M., and R. Salz, "A Universally
5746 Unique IDentifier (UUID) URN Namespace", RFC 4122,
5747 July 2005.
5749 [X509] Housley, R., Polk, W., Ford, W., and D. Solo, "Internet
5750 X.509 Public Key Infrastructure Certificate and
5751 Certificate Revocation List (CRL) Profile", RFC 3280,
5752 April 2002.
5754 [XML] Paoli, J., Maler, E., Sperberg-McQueen, C., Yergeau, F.,
5755 and T. Bray, "Extensible Markup Language (XML) 1.0 (Fourth
5756 Edition)", World Wide Web Consortium Recommendation REC-
5757 xml-20060816, August 2006,
5758 .
5760 [XML-NAMES]
5761 Bray, T., Hollander, D., and A. Layman, "Namespaces in
5762 XML", W3C REC-xml-names, January 1999,
5763 .
5765 17.2. Informative References
5767 [ACAP] Newman, C. and J. Myers, "ACAP -- Application
5768 Configuration Access Protocol", RFC 2244, November 1997.
5770 [ASN.1] CCITT, "Recommendation X.208: Specification of Abstract
5771 Syntax Notation One (ASN.1)", 1988.
5773 [DNSSEC] Arends, R., Austein, R., Larson, M., Massey, D., and S.
5774 Rose, "DNS Security Introduction and Requirements",
5775 RFC 4033, March 2005.
5777 [DNS-TXT] Rosenbaum, R., "Using the Domain Name System To Store
5778 Arbitrary String Attributes", RFC 1464, May 1993.
5780 [DOS] Handley, M., Rescorla, E., and IAB, "Internet Denial-of-
5781 Service Considerations", RFC 4732, December 2006.
5783 [GSS-API] Linn, J., "Generic Security Service Application Program
5784 Interface Version 2, Update 1", RFC 2743, January 2000.
5786 [HTTP] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
5787 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
5788 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
5790 [HTTP-TLS]
5791 Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.
5793 [IMAP] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
5794 4rev1", RFC 3501, March 2003.
5796 [IMP-REQS]
5797 Day, M., Aggarwal, S., and J. Vincent, "Instant Messaging
5798 / Presence Protocol Requirements", RFC 2779,
5799 February 2000.
5801 [IRI] Duerst, M. and M. Suignard, "Internationalized Resource
5802 Identifiers (IRIs)", RFC 3987, January 2005.
5804 [LINKLOCAL]
5805 Cheshire, S., Aboba, B., and E. Guttman, "Dynamic
5806 Configuration of IPv4 Link-Local Addresses", RFC 3927,
5807 May 2005.
5809 [MAILBOXES]
5810 Crocker, D., "MAILBOX NAMES FOR COMMON SERVICES, ROLES AND
5811 FUNCTIONS", RFC 2142, May 1997.
5813 [POP3] Myers, J. and M. Rose, "Post Office Protocol - Version 3",
5814 STD 53, RFC 1939, May 1996.
5816 [PUNYCODE]
5817 Costello, A., "Punycode: A Bootstring encoding of Unicode
5818 for Internationalized Domain Names in Applications
5819 (IDNA)", RFC 3492, March 2003.
5821 [RFC3920] Saint-Andre, P., Ed., "Extensible Messaging and Presence
5822 Protocol (XMPP): Core", RFC 3920, October 2004.
5824 [RFC3921] Saint-Andre, P., Ed., "Extensible Messaging and Presence
5825 Protocol (XMPP): Instant Messaging and Presence",
5826 RFC 3921, October 2004.
5828 [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821,
5829 April 2001.
5831 [STD13] Mockapetris, P., "Domain names - implementation and
5832 specification", STD 13, RFC 1035, November 1987.
5834 [URI] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
5835 Resource Identifier (URI): Generic Syntax", STD 66,
5836 RFC 3986, January 2005.
5838 [URN-OID] Mealling, M., "A URN Namespace of Object Identifiers",
5839 RFC 3061, February 2001.
5841 [USINGTLS]
5842 Newman, C., "Using TLS with IMAP, POP3 and ACAP",
5843 RFC 2595, June 1999.
5845 [XEP-0001]
5846 Saint-Andre, P., "XMPP Extension Protocols", XSF XEP 0001,
5847 December 2006.
5849 [XEP-0045]
5850 Saint-Andre, P., "Multi-User Chat", XSF XEP 0045,
5851 April 2007.
5853 [XEP-0060]
5854 Millard, P., Saint-Andre, P., and R. Meijer, "Publish-
5855 Subscribe", XSF XEP 0060, September 2007.
5857 [XEP-0071]
5858 Saint-Andre, P., "XHTML-IM", XSF XEP 0071, August 2007.
5860 [XEP-0077]
5861 Saint-Andre, P., "In-Band Registration", XSF XEP 0077,
5862 January 2006.
5864 [XEP-0124]
5865 Paterson, I., Smith, D., and P. Saint-Andre,
5866 "Bidirectional-streams Over Synchronous HTTP (BOSH)", XSF
5867 XEP 0124, February 2007.
5869 [XEP-0156]
5870 Hildebrand, J. and P. Saint-Andre, "Discovering
5871 Alternative XMPP Connection Methods", XSF XEP 0156,
5872 June 2007.
5874 [XEP-0157]
5875 Saint-Andre, P. and J. Konieczny, "Contact Addresses for
5876 XMPP Services", XSF XEP 0157, January 2007.
5878 [XEP-0165]
5879 Saint-Andre, P., "Best Practices to Prevent JID
5880 Mimicking", XSF XEP 0165, July 2007.
5882 [XEP-0174]
5883 Saint-Andre, P., "Link-Local Messaging", XSF XEP 0174,
5884 June 2007.
5886 [XEP-0175]
5887 Saint-Andre, P., "Best Practices for Use of SASL
5888 ANONYMOUS", XSF XEP 0175, September 2006.
5890 [XEP-0178]
5891 Saint-Andre, P. and P. Millard, "Best Practices for Use of
5892 SASL EXTERNAL with Certificates", XSF XEP 0178,
5893 February 2007.
5895 [XEP-0205]
5896 Saint-Andre, P., "Best Practices to Discourage Denial of
5897 Service Attacks", XSF XEP 0205, July 2007.
5899 [XEP-0206]
5900 Paterson, I., "XMPP Over BOSH", XSF XEP 0206, June 2007.
5902 [XEP-0220]
5903 Saint-Andre, P. and J. Miller, "Server Dialback", XSF
5904 XEP 0220, July 2007.
5906 [XML-REG] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
5907 January 2004.
5909 [XML-SCHEMA]
5910 Thompson, H., Maloney, M., Mendelsohn, N., and D. Beech,
5911 "XML Schema Part 1: Structures Second Edition", World Wide
5912 Web Consortium Recommendation REC-xmlschema-1-20041028,
5913 October 2004,
5914 .
5916 [XMPP-IM] Saint-Andre, P., "Extensible Messaging and Presence
5917 Protocol (XMPP): Instant Messaging and Presence",
5918 draft-saintandre-rfc3921bis-03 (work in progress),
5919 July 2007.
5921 [XMPP-URI]
5922 Saint-Andre, P., "Internationalized Resource Identifiers
5923 (IRIs) and Uniform Resource Identifiers (URIs) for the
5924 Extensible Messaging and Presence Protocol (XMPP)",
5925 draft-saintandre-rfc4622bis-01 (work in progress),
5926 June 2007.
5928 Appendix A. Nodeprep
5930 A.1. Introduction
5932 This appendix defines the "Nodeprep" profile of stringprep. As such,
5933 it specifies processing rules that will enable users to enter
5934 internationalized node identifiers in the Extensible Messaging and
5935 Presence Protocol (XMPP) and have the highest chance of getting the
5936 content of the strings correct. (An XMPP node identifier is the
5937 optional portion of an XMPP address that precedes an XMPP domain
5938 identifier and the '@' separator; it is often but not exclusively
5939 associated with an instant messaging username.) These processing
5940 rules are intended only for XMPP node identifiers and are not
5941 intended for arbitrary text or any other aspect of an XMPP address.
5943 This profile defines the following, as required by [STRINGPREP]:
5945 o The intended applicability of the profile: internationalized node
5946 identifiers within XMPP
5947 o The character repertoire that is the input and output to
5948 stringprep: Unicode 3.2, specified in Section 2 of this Appendix
5949 o The mappings used: specified in Section 3
5950 o The Unicode normalization used: specified in Section 4
5951 o The characters that are prohibited as output: specified in Section
5952 5
5953 o Bidirectional character handling: specified in Section 6
5955 A.2. Character Repertoire
5957 This profile uses Unicode 3.2 with the list of unassigned code points
5958 being Table A.1, both defined in Appendix A of [STRINGPREP].
5960 A.3. Mapping
5962 This profile specifies mapping using the following tables from
5963 [STRINGPREP]:
5965 Table B.1
5966 Table B.2
5968 A.4. Normalization
5970 This profile specifies the use of Unicode normalization form KC, as
5971 described in [STRINGPREP].
5973 A.5. Prohibited Output
5975 This profile specifies the prohibition of using the following tables
5976 from [STRINGPREP].
5978 Table C.1.1
5979 Table C.1.2
5980 Table C.2.1
5981 Table C.2.2
5982 Table C.3
5983 Table C.4
5984 Table C.5
5985 Table C.6
5986 Table C.7
5987 Table C.8
5988 Table C.9
5990 In addition, the following Unicode characters are also prohibited:
5992 #x22 (")
5993 #x26 (&)
5994 #x27 (')
5995 #x2F (/)
5996 #x3A (:)
5997 #x3C (<)
5998 #x3E (>)
5999 #x40 (@)
6001 A.6. Bidirectional Characters
6003 This profile specifies checking bidirectional strings, as described
6004 in Section 6 of [STRINGPREP].
6006 Appendix B. Resourceprep
6008 B.1. Introduction
6010 This appendix defines the "Resourceprep" profile of stringprep. As
6011 such, it specifies processing rules that will enable users to enter
6012 internationalized resource identifiers in the Extensible Messaging
6013 and Presence Protocol (XMPP) and have the highest chance of getting
6014 the content of the strings correct. (An XMPP resource identifier is
6015 the optional portion of an XMPP address that follows an XMPP domain
6016 identifier and the '/' separator.) These processing rules are
6017 intended only for XMPP resource identifiers and are not intended for
6018 arbitrary text or any other aspect of an XMPP address.
6020 This profile defines the following, as required by [STRINGPREP]:
6022 o The intended applicability of the profile: internationalized
6023 resource identifiers within XMPP
6024 o The character repertoire that is the input and output to
6025 stringprep: Unicode 3.2, specified in Section 2 of this Appendix
6026 o The mappings used: specified in Section 3
6027 o The Unicode normalization used: specified in Section 4
6028 o The characters that are prohibited as output: specified in Section
6029 5
6031 o Bidirectional character handling: specified in Section 6
6033 B.2. Character Repertoire
6035 This profile uses Unicode 3.2 with the list of unassigned code points
6036 being Table A.1, both defined in Appendix A of [STRINGPREP].
6038 B.3. Mapping
6040 This profile specifies mapping using the following tables from
6041 [STRINGPREP]:
6043 Table B.1
6045 B.4. Normalization
6047 This profile specifies the use of Unicode normalization form KC, as
6048 described in [STRINGPREP].
6050 B.5. Prohibited Output
6052 This profile specifies the prohibition of using the following tables
6053 from [STRINGPREP].
6055 Table C.1.2
6056 Table C.2.1
6057 Table C.2.2
6058 Table C.3
6059 Table C.4
6060 Table C.5
6061 Table C.6
6062 Table C.7
6063 Table C.8
6064 Table C.9
6066 B.6. Bidirectional Characters
6068 This profile specifies checking bidirectional strings, as described
6069 in Section 6 of [STRINGPREP].
6071 Appendix C. XML Schemas
6073 Because validation of XML streams and stanzas is optional, the
6074 following XML schemas are provided for descriptive purposes only.
6075 These schemas are not normative.
6077 The following schemas formally define various XML namespaces used in
6078 the core XMPP protocols, in conformance with [XML-SCHEMA]. For
6079 schemas defining the 'jabber:client' and 'jabber:server' namespaces,
6080 refer to [XMPP-IM].
6082 C.1. Streams namespace
6084
6086
6092
6093
6095
6096
6097
6099
6100
6103
6106
6107
6108
6109
6110
6111
6112
6113
6114
6115
6116
6117
6118
6119
6120
6121
6122
6123
6124
6125
6126
6127
6128
6130
6131
6132
6133
6134
6136
6137
6138
6139
6140
6143
6146
6147
6148
6150
6152 C.2. Stream error namespace
6154
6156
6162
6163
6164
6165
6166
6167
6168
6169
6170
6171
6172
6173
6174
6175
6176
6177
6178
6179
6180
6181
6182
6183
6184
6185
6187
6188
6189
6190
6191
6192
6193
6194
6195
6196
6197
6198
6199
6200
6201
6202
6203
6204
6205
6206
6207
6208
6209
6210
6211
6212
6213
6214
6216
6217
6218
6219
6220
6221
6223
6224
6225
6227
6228
6229
6230
6231
6233
6235 C.3. STARTTLS namespace
6237
6239
6245
6246
6247
6248
6251
6252
6253
6255
6256
6258
6259
6260
6261
6262
6264
6266 C.4. SASL namespace
6268
6270
6276
6277
6278
6279
6283
6287
6290
6291
6292
6294
6295
6296
6297
6298
6301
6302
6303
6304
6306
6307
6308
6309
6311
6312
6313
6314
6315
6316
6317
6318
6319
6320
6321
6322
6323
6324
6326
6327
6328
6329
6330
6332
6334 C.5. Resource binding namespace
6335
6337
6343
6344
6345
6346
6347
6348
6349
6350
6354
6355
6356
6358
6359
6360
6361
6362
6363
6364
6366
6367
6368
6369
6370
6371
6373
6374
6375
6376
6377
6378
6380
6382 C.6. Stanza error namespace
6383
6385
6391
6392
6393
6394
6395
6396
6397
6398
6399
6400
6401
6402
6403
6404
6405
6406
6407
6408
6409
6410
6411
6412
6413
6415
6416
6417
6418
6419
6420
6421
6422
6423
6424
6425
6426
6427
6428
6429
6430
6431
6432
6433
6434
6435
6436
6437
6438
6439
6440
6441
6442
6444
6445
6446
6447
6448
6449
6450
6451
6452
6454
6455
6456
6457
6458
6460
6462 Appendix D. Contact Addresses
6464 Consistent with [MAILBOXES], an organization that offers an XMPP
6465 service should provide an Internet mailbox of "XMPP" for inquiries
6466 related to that service, where the host portion of the resulting
6467 mailto URI should be the organization's domain, not necessarily the
6468 domain of the XMPP service itself (e.g., the XMPP service might be
6469 offered at xmpp.example.net but the Internet mailbox should be
6470 ).
6472 In addition, the XMPP service should provide a way to discover the
6473 XMPP contact address(es) of the service administrator(s), as
6474 specified in [XEP-0157].
6476 Appendix E. Account Provisioning
6478 Account provisioning is out of scope for this specification.
6479 Possible methods for account provisioning include account creation by
6480 a server administrator and in-band account registration using the
6481 'jabber:iq:register' namespace as documented in [XEP-0077].
6483 Appendix F. Differences From RFC 3920
6485 Based on consensus derived from implementation and deployment
6486 experience as well as formal interoperability testing, the following
6487 substantive modifications were made from RFC 3920.
6489 o Corrected the ABNF syntax for JIDs to prevent zero-length node
6490 identifiers, domain identifiers, and resource identifiers.
6491 o Corrected the nameprep processing rules to require use of the
6492 UseSTD3ASCIIRules flag.
6493 o Encouraged use of the 'from' and 'to' attributes on stream
6494 headers.
6495 o More fully specified stream closing handshake.
6496 o Specified recommended stream reconnection algorithm.
6497 o Specified return of stream error in response to
6498 receipt of prohibited XML features.
6499 o Specified that SASL mechanisms must be sent both before and after
6500 negotiation of SASL security layers.
6501 o Specified that TLS plus SASL PLAIN is a mandatory-to-implement
6502 technology for client-to-server connections, since implementation
6503 of SASL EXTERNAL is uncommon in XMPP clients, in part because
6504 underlying security features such as end-user X.509 certificates
6505 are not yet widely deployed.
6506 o Added the SASL error condition to handle an
6507 error case discussed in RFC 4422 but not in RFC 2222.
6508 o More fully specified binding of multiple resources to the same
6509 stream.
6510 o Added the stanza error condition to provide
6511 appropriate handling of stanzas when multiple resources are bound
6512 to the same stream.
6513 o Added the stanza error condition to enable
6514 potential ETags usage.
6515 o Moved historical documentation of the server dialback protocol
6516 from this specification to a separate specification maintained by
6517 the XMPP Standards Foundation.
6519 In addition, numerous changes of an editorial nature were made in
6520 order to more fully specify and clearly explain XMPP.
6522 Appendix G. Copying Conditions
6524 The Contributor grants third parties the irrevocable right to copy,
6525 use and distribute the Contribution, with or without modification, in
6526 any medium, without royalty, provided that, unless separate
6527 permission is granted, redistributed modified works:
6529 1. do not contain misleading author, version, name of work, or
6530 endorsement information, and
6531 2. do not claim endorsement of the modified work by the Contributor,
6532 or any organization the Contributor belongs to, the Internet
6533 Engineering Task Force (IETF), Internet Research Task Force
6534 (IRTF), Internet Engineering Steering Group (IESG), Internet
6535 Architecture Board (IAB), Internet Assigned Numbers Authority
6536 (IANA), Internet Society (ISOC), Request For Comments (RFC)
6537 Editor, or any combination or variation of such terms (including
6538 without limitation the IETF "4 diamonds" logo), or any terms that
6539 are confusingly similar thereto, and
6540 3. remove any claims of status as an Internet Standard, including
6541 without limitation removing the RFC boilerplate.
6543 The IETF suggests that any citation or excerpt of unmodified text
6544 reference the RFC or other document from which the text is derived.
6546 Index
6548 B
6549 Bare JID 15
6551 C
6552 Connected Resource 15
6554 D
6555 Domain Identifier 13
6557 E
6558 Entity 12
6559 Error Stanza 79
6560 Extended Content 94
6562 F
6563 Full JID 15
6565 I
6566 Initial Stream 18
6567 IQ Stanza 77
6569 J
6570 Jabber Identifier 12
6572 M
6573 Message Stanza 77
6575 N
6576 Node Identifier 14
6578 P
6579 Presence Stanza 77
6581 R
6582 Resource Identifier 15
6583 Response Stream 18
6585 X
6586 XML Stanza 18
6587 XML Stream 18
6589 Author's Address
6591 Peter Saint-Andre (editor)
6592 XMPP Standards Foundation
6594 Email: stpeter@jabber.org
6595 URI: https://stpeter.im/
6597 Full Copyright Statement
6599 Copyright (C) The IETF Trust (2007).
6601 This document is subject to the rights, licenses and restrictions
6602 contained in BCP 78, and except as set forth therein, the authors
6603 retain all their rights.
6605 This document and the information contained herein are provided on an
6606 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
6607 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
6608 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
6609 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
6610 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
6611 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
6613 Intellectual Property
6615 The IETF takes no position regarding the validity or scope of any
6616 Intellectual Property Rights or other rights that might be claimed to
6617 pertain to the implementation or use of the technology described in
6618 this document or the extent to which any license under such rights
6619 might or might not be available; nor does it represent that it has
6620 made any independent effort to identify any such rights. Information
6621 on the procedures with respect to rights in RFC documents can be
6622 found in BCP 78 and BCP 79.
6624 Copies of IPR disclosures made to the IETF Secretariat and any
6625 assurances of licenses to be made available, or the result of an
6626 attempt made to obtain a general license or permission for the use of
6627 such proprietary rights by implementers or users of this
6628 specification can be obtained from the IETF on-line IPR repository at
6629 http://www.ietf.org/ipr.
6631 The IETF invites any interested party to bring to its attention any
6632 copyrights, patents or patent applications, or other proprietary
6633 rights that may cover technology that may be required to implement
6634 this standard. Please address the information to the IETF at
6635 ietf-ipr@ietf.org.
6637 Acknowledgment
6639 Funding for the RFC Editor function is provided by the IETF
6640 Administrative Support Activity (IASA).