Extensible messaging and presence protocol (XMPP): Core draft-saintandre-rfc3920bis-08

TOC

Network Working Group P. Saint-Andre, Ed. Internet-Draft XMPP standards Foundation Obsoletes: 3920 (if approved) October 16,200 8 Intended status: Standards track   Expires: Limit l 19,200 9

Extensible messaging and presence protocol (XMPP): Core
Draft-saintandre-rfc3920bis-08Status of this memo

By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with section 6
BCP 79.

Internet-drafts are Working Quota ents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute Working Quota ents as Internet-drafts.

Internet-drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. it is inappropriate to use Internet-drafts as reference material or to cite them other than as "work in progress."

The list of current Internet-drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-draft shadow directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-draft will expire on Limit l 19,200 9.

Copyright Notice

Copyright the IETF Trust (2008 ).

Abstract

This document defines the core features of the Extensible messaging and presence protocol (XMPP), a technology for streaming Extensible Markup Language (XML) elements for the purpose of exchanging structured information in close to real time between any two
Or more network-aware entities. XMPP provides a generalized, extensible framework for Incrementally exchanging XML data, upon which a variety of applications can be built. the framework provided des methods for stream setup and teardown, channel encryption, Authentication
Of a client to a server and of one server to another server, and primitives for Push-style messages, publication of Network Availability Information ("presence"), and request-response interactions. this document also specifies the format for XMPP addresses,
Which are fully internationalizable.

This document obsoletes RFC 3920.

Table of contents

1. Introduction
1.1. Overview
1.2. Functional Summary
1.3. Conventions
1.4. Acknowledgements
1.5. Discussion venue
2. Architecture
2.1. Overview
2.2. Server
2.3. Client
2.4. Network
3. Addresses
3.1. Overview
3.2. Domain identifier
3.3. node identifier
3.4. Resource Identifier
3.5. Determination of addresses
4. TCP binding
4.1. Scope
4.2. hostname resolution
4.3. Client-to-Server Communication
4.4. Server-to-Server Communication
4.5. Reconnection
4.6. Other bindings
5. xml streams
5.1. Overview
5.2. Stream Security
5.3. Stream attributes
5.3.1. From
5.3.2.
5.3.3. ID
5.3.4. xml: Lang
5.3.5. Version
5.3.6. Summary of stream attributes
5.4. namespace declarations
5.5. Stream features
5.6. restarts during stream negotiation
5.7. Closing a stream
5.7.1. With stream Error
5.7.2. Without stream Error
5.7.3. Handling of idle streams
5.8. Stream errors
5.8.1. Rules
5.8.1.1. Stream errors are unrecoverable
5.8.1.2. Stream errors can occur during setup
5.8.1.3. Stream errors when the host is unspecified or unknown
5.8.2. Syntax
5.8.3. defined stream error conditions
5.8.3.1. Bad-format
5.8.3.2. Bad-namespace-Prefix
5.8.3.3. Conflict
5.8.3.4. Connection-Timeout
5.8.3.5. Host-gone
5.8.3.6. Host-Unknown
5.8.3.7. Improper-addressing
5.8.3.8. Internal-server-Error
5.8.3.9. Invalid-from
5.8.3.10. Invalid-ID
5.8.3.11. Invalid-namespace
5.8.3.12. Invalid-XML
5.8.3.13. Not-authorized
5.8.3.14. Policy-Violation
5.8.3.15. Remote-connection-failed
5.8.3.16. Resource-Constraint
5.8.3.17. Restricted-XML
5.8.3.18. See-other-host
5.8.3.19. System-Shutdown
5.8.3.20. undefined-Condition
5.8.3.21. unsupported-Encoding
5.8.3.22. unsupported-stanza-type
5.8.3.23. unsupported-version
5.8.3.24. XML-not-well-formed
5.8.4. application-specific conditions
5.9. Simplified stream examples
6. starttls negotiation
6.1. Overview
6.2. Rules
6.2.1. data formatting
6.2.2. Order of negotiation
6.3. Process
6.3.1. Exchange of stream headers and stream features
6.3.2. Initiation of starttls negotiation
6.3.2.1. starttls command
6.3.2.2. Failure Case
6.3.2.3. Proceed case
6.3.3. TLS negotiation
6.3.3.1. Rules
6.3.3.2. TLS failure
6.3.3.3. TLS success
7. SASL negotiation
7.1. Overview
7.2. Rules
7.2.1. Mechanical preferences
7.2.2. Mechanical offers
7.2.3. data formatting
7.2.4. Security Layers
7.2.5. Simple usernames
7.2.6. Authorization identities
7.2.7. round trips
7.3. Process
7.3.1. Exchange of stream headers and stream features
7.3.2. Initiation
7.3.3. Challenge-response sequence
7.3.4. Abort
7.3.5. Failure
7.3.6. Success
7.4. SASL errors
7.4.1. Aborted
7.4.2. Account-Disabled
7.4.3. credentials-expired
7.4.4. encryption-required
7.4.5. Incorrect-Encoding
7.4.6. Invalid-authzid
7.4.7. Invalid-mechanic
7.4.8. Malformed-Request
7.4.9. machism-too-weak
7.4.10. Not-authorized
7.4.11. Temporary-auth-Failure
7.4.12. Transition-needed
7.5. SASL Definition
8. Resource binding
8.1. Overview
8.2. Advertising support
8.3. Generation of resource identifiers
8.4. Server-generated Resource Identifier
8.4.1. Success case
8.4.2. Error Cases
8.4.2.1. Resource Constraint
8.4.2.2. Not Allowed
8.5. Client-submitted Resource Identifier
8.5.1. Success case
8.5.2. Error Cases
8.5.2.1. Bad request
8.5.2.2. Conflict
8.5.3. retries
8.6. Binding multiple resources
8.6.1. Support
8.6.2. Binding an additional resource
8.6.3. unbinding a resource
8.6.3.1. Success case
8.6.3.2. Error Cases
8.6.4. From addresses
9. xml stanzas
9.1. common attributes
9.1.1.
9.1.1.1. Client-to-server streams
9.1.1.2. Server-to-server streams
9.1.2. From
9.1.2.1. Client-to-server streams
9.1.2.2. Server-to-server streams
9.1.3. ID
9.1.4. Type
9.1.5. xml: Lang
9.2. Basic Semantics
9.2.1. Message Semantics
9.2.2. Presence Semantics
9.2.3. IQ Semantics
9.3. Stanza errors
9.3.1. Rules
9.3.2. Syntax
9.3.3. defined conditions
9.3.3.1. Bad-Request
9.3.3.2. Conflict
9.3.3.3. Feature-not-implemented
9.3.3.4. Forbidden
9.3.3.5. Gone
9.3.3.6. Internal-server-Error
9.3.3.7. item-not-found
9.3.3.8. jid-malformed
9.3.3.9. Not-acceptable
9.3.3.10. Not-Allowed
9.3.3.11. Not-authorized
9.3.3.12. Not-modified
9.3.3.13. Payment-required
9.3.3.14. Recipient-unavailable
9.3.3.15. Redirect
9.3.3.16. Registration-required
9.3.3.17. Remote-server-not-found
9.3.3.18. Remote-server-Timeout
9.3.3.19. Resource-Constraint
9.3.3.20. Service-unavailable
9.3.3.21. subscribe-required
9.3.3.22. undefined-Condition
9.3.3.23. Unexpected-Request
9.3.3.24. Unknown-sender
9.3.4. application-specific conditions
9.4. Extended content
9.5. Stanza size
10. Examples
10.1. Client-to-Server
10.1.1. TLS
10.1.2. SASL
10.1.3. resource binding
10.1.4. Stanza exchange
10.1.5. Close
10.2. Server-to-Server Examples
10.2.1. TLS
10.2.2. SASL
10.2.3. Stanza exchange
10.2.4. Close
11. Server rules for processing XML stanzas
11.1. No 'to' address
11.1.1. Overview
11.1.2. Message
11.1.3. Presence
11.1.4. IQ
11.2. Local Domain
11.2.1. Mere domain
11.2.2. domain with Resource
11.2.3. node at domain
11.2.3.1. No such user
11.2.3.2. Bare jid
11.2.3.3. Full jid
11.3. Foreign domain
11.3.1. Existing stream
11.3.2. No existing stream
11.3.3. Error Handling
12. xml usage
12.1. Restrictions
12.2. xml namespace names and prefixes
12.2.1. Streams namespace
12.2.2. default namespace
12.2.3. Extended namespaces
12.3. Well-formedness
12.4. Validation
12.5. semantic sion of text Declaration
12.6. character encoding
12.7. whitespace
12.8. XML versions
13. compliance requirements
13.1. Servers
13.2. Clients
14. Internationalization considerations
15. security considerations
15.1. High Security
15.2. Certificates
15.2.1. certificate generation
15.2.1.1. server certificates
15.2.1.2. client certificates
15.2.1.3. ASN.1 object identifier
15.2.2. Certificate Validation
15.2.2.1. Server-to-server streams
15.2.2.2. Client-to-server streams
15.2.2.3. Use of certificates in XMPP extensions
15.3. Client-to-Server Communication
15.4. Server-to-Server Communication
15.5. Order of Layers
15.6. Lack of SASL channel binding to TLS
15.7. Mandatory-to-implement Technologies
15.8. firewils
15.9. Use of base64 in SASL
15.10. stringprep profiles
15.11. Address Spoofing
15.11.1. Address Forging
15.11.2. Address mimicking
15.12. Denial of Service
15.13. Presence leaks
15.14. Directory harvesting
16. iana considerations
16.1. xml namespace Name For TLS data
16.2. xml namespace name for SASL data
16.3. xml namespace name for stream errors
16.4. xml namespace name for resource binding
16.5. xml namespace name for stanza errors
16.6. nodeprep profile of stringprep
16.7. resourceprep profile of stringprep
16.8. gssapi service name
16.9. port numbers
17. References
17.1. Normative References
17.2. Informative references
Appendix A. nodeprep
A.1. Introduction
A.2. character repertoire
A.3. Mapping