draft-ietf-xmpp-core-14.txt   draft-ietf-xmpp-core-15.txt 
Network Working Group P. Saint-Andre Network Working Group P. Saint-Andre
Internet-Draft J. Miller Internet-Draft J. Miller
Expires: December 22, 2003 Jabber Software Foundation Expires: December 28, 2003 Jabber Software Foundation
June 23, 2003 June 29, 2003
XMPP Core XMPP Core
draft-ietf-xmpp-core-14 draft-ietf-xmpp-core-15
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts. groups may also distribute working documents as Internet-Drafts.
skipping to change at page 1, line 31 skipping to change at page 1, line 31
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at http:// The list of current Internet-Drafts can be accessed at http://
www.ietf.org/ietf/1id-abstracts.txt. www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 22, 2003. This Internet-Draft will expire on December 28, 2003.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved. Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract Abstract
This document describes the core features of the Extensible Messaging This document describes the core features of the Extensible Messaging
and Presence Protocol (XMPP), a protocol for streaming XML elements and Presence Protocol (XMPP), a protocol for streaming XML elements
in order to exchange messages and presence information in close to in order to exchange messages and presence information in close to
skipping to change at page 2, line 34 skipping to change at page 2, line 34
4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 10 4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.2 Stream Attributes . . . . . . . . . . . . . . . . . . . . . 11 4.2 Stream Attributes . . . . . . . . . . . . . . . . . . . . . 11
4.2.1 Version Support . . . . . . . . . . . . . . . . . . . . . . 12 4.2.1 Version Support . . . . . . . . . . . . . . . . . . . . . . 12
4.3 Namespace Declarations . . . . . . . . . . . . . . . . . . . 13 4.3 Namespace Declarations . . . . . . . . . . . . . . . . . . . 13
4.4 Stream Features . . . . . . . . . . . . . . . . . . . . . . 13 4.4 Stream Features . . . . . . . . . . . . . . . . . . . . . . 13
4.5 Stream Encryption and Authentication . . . . . . . . . . . . 13 4.5 Stream Encryption and Authentication . . . . . . . . . . . . 13
4.6 Stream Errors . . . . . . . . . . . . . . . . . . . . . . . 14 4.6 Stream Errors . . . . . . . . . . . . . . . . . . . . . . . 14
4.6.1 Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.6.1 Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
4.6.2 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.6.2 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
4.6.3 Defined Conditions . . . . . . . . . . . . . . . . . . . . . 15 4.6.3 Defined Conditions . . . . . . . . . . . . . . . . . . . . . 15
4.6.4 Application-Specific Conditions . . . . . . . . . . . . . . 16 4.6.4 Application-Specific Conditions . . . . . . . . . . . . . . 17
4.7 Simple Streams Example . . . . . . . . . . . . . . . . . . . 17 4.7 Simple Streams Example . . . . . . . . . . . . . . . . . . . 17
5. Stream Encryption . . . . . . . . . . . . . . . . . . . . . 19 5. Stream Encryption . . . . . . . . . . . . . . . . . . . . . 20
5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 19 5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.2 Narrative . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.2 Narrative . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.3 Client-to-Server Example . . . . . . . . . . . . . . . . . . 22 5.3 Client-to-Server Example . . . . . . . . . . . . . . . . . . 23
5.4 Server-to-Server Example . . . . . . . . . . . . . . . . . . 23 5.4 Server-to-Server Example . . . . . . . . . . . . . . . . . . 24
6. Stream Authentication . . . . . . . . . . . . . . . . . . . 26 6. Stream Authentication . . . . . . . . . . . . . . . . . . . 27
6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 26 6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 27
6.2 Narrative . . . . . . . . . . . . . . . . . . . . . . . . . 27 6.2 Narrative . . . . . . . . . . . . . . . . . . . . . . . . . 28
6.3 SASL Errors . . . . . . . . . . . . . . . . . . . . . . . . 29 6.3 SASL Errors . . . . . . . . . . . . . . . . . . . . . . . . 30
6.4 SASL Definition . . . . . . . . . . . . . . . . . . . . . . 30 6.4 SASL Definition . . . . . . . . . . . . . . . . . . . . . . 31
6.5 Client-to-Server Example . . . . . . . . . . . . . . . . . . 30 6.5 Client-to-Server Example . . . . . . . . . . . . . . . . . . 31
6.6 Server-to-Server Example . . . . . . . . . . . . . . . . . . 33 6.6 Server-to-Server Example . . . . . . . . . . . . . . . . . . 34
7. Server Dialback . . . . . . . . . . . . . . . . . . . . . . 37 7. Server Dialback . . . . . . . . . . . . . . . . . . . . . . 38
7.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 37 7.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 38
7.2 Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . 39 7.2 Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . 40
8. XML Stanzas . . . . . . . . . . . . . . . . . . . . . . . . 44 8. XML Stanzas . . . . . . . . . . . . . . . . . . . . . . . . 45
8.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 44 8.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 45
8.2 Common Attributes . . . . . . . . . . . . . . . . . . . . . 44 8.2 Common Attributes . . . . . . . . . . . . . . . . . . . . . 45
8.2.1 to . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 8.2.1 to . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
8.2.2 from . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 8.2.2 from . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
8.2.3 id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 8.2.3 id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
8.2.4 type . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 8.2.4 type . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
8.2.5 xml:lang . . . . . . . . . . . . . . . . . . . . . . . . . . 45 8.2.5 xml:lang . . . . . . . . . . . . . . . . . . . . . . . . . . 46
8.3 Message Stanzas . . . . . . . . . . . . . . . . . . . . . . 46 8.3 Message Stanzas . . . . . . . . . . . . . . . . . . . . . . 47
8.3.1 Types of Message . . . . . . . . . . . . . . . . . . . . . . 46 8.3.1 Types of Message . . . . . . . . . . . . . . . . . . . . . . 47
8.3.2 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 46 8.3.2 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 47
8.4 Presence Stanzas . . . . . . . . . . . . . . . . . . . . . . 48 8.4 Presence Stanzas . . . . . . . . . . . . . . . . . . . . . . 49
8.4.1 Types of Presence . . . . . . . . . . . . . . . . . . . . . 48 8.4.1 Types of Presence . . . . . . . . . . . . . . . . . . . . . 49
8.4.2 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 48 8.4.2 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 49
8.5 IQ Stanzas . . . . . . . . . . . . . . . . . . . . . . . . . 50 8.5 IQ Stanzas . . . . . . . . . . . . . . . . . . . . . . . . . 51
8.5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 50 8.5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 51
8.5.2 Types of IQ . . . . . . . . . . . . . . . . . . . . . . . . 51 8.5.2 Types of IQ . . . . . . . . . . . . . . . . . . . . . . . . 52
8.5.3 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 51 8.5.3 Children . . . . . . . . . . . . . . . . . . . . . . . . . . 52
8.6 Extended Namespaces . . . . . . . . . . . . . . . . . . . . 51 8.6 Extended Namespaces . . . . . . . . . . . . . . . . . . . . 52
8.7 Stanza Errors . . . . . . . . . . . . . . . . . . . . . . . 52 8.7 Stanza Errors . . . . . . . . . . . . . . . . . . . . . . . 53
8.7.1 Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 8.7.1 Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
8.7.2 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 8.7.2 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
8.7.3 Defined Conditions . . . . . . . . . . . . . . . . . . . . . 54 8.7.3 Defined Conditions . . . . . . . . . . . . . . . . . . . . . 55
8.7.4 Application-Specific Conditions . . . . . . . . . . . . . . 56 8.7.4 Application-Specific Conditions . . . . . . . . . . . . . . 57
9. XML Usage within XMPP . . . . . . . . . . . . . . . . . . . 57 9. XML Usage within XMPP . . . . . . . . . . . . . . . . . . . 58
9.1 Restrictions . . . . . . . . . . . . . . . . . . . . . . . . 57 9.1 Restrictions . . . . . . . . . . . . . . . . . . . . . . . . 58
9.2 XML Namespace Names and Prefixes . . . . . . . . . . . . . . 57 9.2 XML Namespace Names and Prefixes . . . . . . . . . . . . . . 58
9.2.1 Stream Namespace . . . . . . . . . . . . . . . . . . . . . . 57 9.2.1 Stream Namespace . . . . . . . . . . . . . . . . . . . . . . 58
9.2.2 Default Namespace . . . . . . . . . . . . . . . . . . . . . 58 9.2.2 Default Namespace . . . . . . . . . . . . . . . . . . . . . 59
9.2.3 Dialback Namespace . . . . . . . . . . . . . . . . . . . . . 58 9.2.3 Dialback Namespace . . . . . . . . . . . . . . . . . . . . . 59
9.3 Validation . . . . . . . . . . . . . . . . . . . . . . . . . 59 9.3 Validation . . . . . . . . . . . . . . . . . . . . . . . . . 60
9.4 Character Encodings . . . . . . . . . . . . . . . . . . . . 59 9.4 Character Encodings . . . . . . . . . . . . . . . . . . . . 60
9.5 Inclusion of Text Declaration . . . . . . . . . . . . . . . 59 9.5 Inclusion of Text Declaration . . . . . . . . . . . . . . . 60
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . 60 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . 61
10.1 XML Namespace Name for TLS Data . . . . . . . . . . . . . . 60 10.1 XML Namespace Name for TLS Data . . . . . . . . . . . . . . 61
10.2 XML Namespace Name for SASL Data . . . . . . . . . . . . . . 60 10.2 XML Namespace Name for SASL Data . . . . . . . . . . . . . . 61
10.3 XML Namespace Name for Stream Errors . . . . . . . . . . . . 60 10.3 XML Namespace Name for Stream Errors . . . . . . . . . . . . 61
10.4 XML Namespace Name for Stanza Errors . . . . . . . . . . . . 61 10.4 XML Namespace Name for Stanza Errors . . . . . . . . . . . . 62
10.5 Existing Registrations . . . . . . . . . . . . . . . . . . . 61 10.5 Existing Registrations . . . . . . . . . . . . . . . . . . . 62
11. Internationalization Considerations . . . . . . . . . . . . 62 11. Internationalization Considerations . . . . . . . . . . . . 63
12. Security Considerations . . . . . . . . . . . . . . . . . . 63 12. Security Considerations . . . . . . . . . . . . . . . . . . 64
12.1 High Security . . . . . . . . . . . . . . . . . . . . . . . 63 12.1 High Security . . . . . . . . . . . . . . . . . . . . . . . 64
12.2 Client-to-Server Communications . . . . . . . . . . . . . . 63 12.2 Client-to-Server Communications . . . . . . . . . . . . . . 64
12.3 Server-to-Server Communications . . . . . . . . . . . . . . 64 12.3 Server-to-Server Communications . . . . . . . . . . . . . . 65
12.4 Order of Layers . . . . . . . . . . . . . . . . . . . . . . 64 12.4 Order of Layers . . . . . . . . . . . . . . . . . . . . . . 66
12.5 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . 65 12.5 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . 66
12.6 Mandatory to Implement Technologies . . . . . . . . . . . . 65 12.6 Mandatory to Implement Technologies . . . . . . . . . . . . 66
Normative References . . . . . . . . . . . . . . . . . . . . 66 Normative References . . . . . . . . . . . . . . . . . . . . 67
Informative References . . . . . . . . . . . . . . . . . . . 68 Informative References . . . . . . . . . . . . . . . . . . . 69
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 68 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 69
A. XML Schemas . . . . . . . . . . . . . . . . . . . . . . . . 69 A. XML Schemas . . . . . . . . . . . . . . . . . . . . . . . . 70
A.1 Stream namespace . . . . . . . . . . . . . . . . . . . . . . 69 A.1 Stream namespace . . . . . . . . . . . . . . . . . . . . . . 70
A.2 Stream error namespace . . . . . . . . . . . . . . . . . . . 70 A.2 Stream error namespace . . . . . . . . . . . . . . . . . . . 71
A.3 TLS namespace . . . . . . . . . . . . . . . . . . . . . . . 71 A.3 TLS namespace . . . . . . . . . . . . . . . . . . . . . . . 72
A.4 SASL namespace . . . . . . . . . . . . . . . . . . . . . . . 71 A.4 SASL namespace . . . . . . . . . . . . . . . . . . . . . . . 72
A.5 Dialback namespace . . . . . . . . . . . . . . . . . . . . . 73 A.5 Dialback namespace . . . . . . . . . . . . . . . . . . . . . 74
A.6 Client namespace . . . . . . . . . . . . . . . . . . . . . . 74 A.6 Client namespace . . . . . . . . . . . . . . . . . . . . . . 75
A.7 Server namespace . . . . . . . . . . . . . . . . . . . . . . 78 A.7 Server namespace . . . . . . . . . . . . . . . . . . . . . . 79
A.8 Stanza error namespace . . . . . . . . . . . . . . . . . . . 82 A.8 Stanza error namespace . . . . . . . . . . . . . . . . . . . 83
B. Revision History . . . . . . . . . . . . . . . . . . . . . . 84 B. Revision History . . . . . . . . . . . . . . . . . . . . . . 85
B.1 Changes from draft-ietf-xmpp-core-13 . . . . . . . . . . . . 84 B.1 Changes from draft-ietf-xmpp-core-14 . . . . . . . . . . . . 85
B.2 Changes from draft-ietf-xmpp-core-12 . . . . . . . . . . . . 84 B.2 Changes from draft-ietf-xmpp-core-13 . . . . . . . . . . . . 85
B.3 Changes from draft-ietf-xmpp-core-11 . . . . . . . . . . . . 84 B.3 Changes from draft-ietf-xmpp-core-12 . . . . . . . . . . . . 85
B.4 Changes from draft-ietf-xmpp-core-10 . . . . . . . . . . . . 85 B.4 Changes from draft-ietf-xmpp-core-11 . . . . . . . . . . . . 86
B.5 Changes from draft-ietf-xmpp-core-09 . . . . . . . . . . . . 85 B.5 Changes from draft-ietf-xmpp-core-10 . . . . . . . . . . . . 86
B.6 Changes from draft-ietf-xmpp-core-08 . . . . . . . . . . . . 85 B.6 Changes from draft-ietf-xmpp-core-09 . . . . . . . . . . . . 86
B.7 Changes from draft-ietf-xmpp-core-07 . . . . . . . . . . . . 85 B.7 Changes from draft-ietf-xmpp-core-08 . . . . . . . . . . . . 86
B.8 Changes from draft-ietf-xmpp-core-06 . . . . . . . . . . . . 86 B.8 Changes from draft-ietf-xmpp-core-07 . . . . . . . . . . . . 87
B.9 Changes from draft-ietf-xmpp-core-05 . . . . . . . . . . . . 86 B.9 Changes from draft-ietf-xmpp-core-06 . . . . . . . . . . . . 87
B.10 Changes from draft-ietf-xmpp-core-04 . . . . . . . . . . . . 86 B.10 Changes from draft-ietf-xmpp-core-05 . . . . . . . . . . . . 87
B.11 Changes from draft-ietf-xmpp-core-03 . . . . . . . . . . . . 86 B.11 Changes from draft-ietf-xmpp-core-04 . . . . . . . . . . . . 87
B.12 Changes from draft-ietf-xmpp-core-02 . . . . . . . . . . . . 87 B.12 Changes from draft-ietf-xmpp-core-03 . . . . . . . . . . . . 88
B.13 Changes from draft-ietf-xmpp-core-01 . . . . . . . . . . . . 87 B.13 Changes from draft-ietf-xmpp-core-02 . . . . . . . . . . . . 88
B.14 Changes from draft-ietf-xmpp-core-00 . . . . . . . . . . . . 87 B.14 Changes from draft-ietf-xmpp-core-01 . . . . . . . . . . . . 88
B.15 Changes from draft-miller-xmpp-core-02 . . . . . . . . . . . 87 B.15 Changes from draft-ietf-xmpp-core-00 . . . . . . . . . . . . 88
Intellectual Property and Copyright Statements . . . . . . . 89 B.16 Changes from draft-miller-xmpp-core-02 . . . . . . . . . . . 89
Intellectual Property and Copyright Statements . . . . . . . 90
1. Introduction 1. Introduction
1.1 Overview 1.1 Overview
The Extensible Messaging and Presence Protocol (XMPP) is an open XML The Extensible Messaging and Presence Protocol (XMPP) is an open XML
[1] protocol for near-real-time messaging, presence, and [1] protocol for near-real-time messaging, presence, and
request-response services. The basic syntax and semantics were request-response services. The basic syntax and semantics were
developed originally within the Jabber open-source community, mainly developed originally within the Jabber open-source community, mainly
in 1999. In 2002, the XMPP WG was chartered with developing an in 1999. In 2002, the XMPP WG was chartered with developing an
skipping to change at page 16, line 34 skipping to change at page 16, line 34
unable to service the stream. unable to service the stream.
o <see-other-host/> -- the server will not provide service to the o <see-other-host/> -- the server will not provide service to the
initiating entity but is redirecting traffic to another host; this initiating entity but is redirecting traffic to another host; this
element SHOULD contain CDATA specifying the alternate hostname or element SHOULD contain CDATA specifying the alternate hostname or
IP address to which the initiating entity MAY attempt to connect. IP address to which the initiating entity MAY attempt to connect.
o <system-shutdown/> -- the server is being shut down and all active o <system-shutdown/> -- the server is being shut down and all active
streams are being closed. streams are being closed.
o <undefined-condition/> -- the error condition is not one of those
defined by the other conditions in this list; this error condition
SHOULD be used only in conjuction with an application-specific
condition.
o <unsupported-stanza-type/> -- the initiating entity has sent a o <unsupported-stanza-type/> -- the initiating entity has sent a
first-level child of the stream that is not supported by the first-level child of the stream that is not supported by the
server. server.
o <unsupported-version/> -- the value of the 'version' attribute o <unsupported-version/> -- the value of the 'version' attribute
provided by the initiating entity in the stream header specifies a provided by the initiating entity in the stream header specifies a
version of XMPP that is not supported by the server; this element version of XMPP that is not supported by the server; this element
MAY contain CDATA specifying the XMPP version(s) supported by the MAY contain CDATA specifying the XMPP version(s) supported by the
server. server.
skipping to change at page 63, line 47 skipping to change at page 64, line 47
The TLS protocol for encrypting XML streams (defined under Stream The TLS protocol for encrypting XML streams (defined under Stream
Encryption (Section 5)) provides a reliable mechanism for helping to Encryption (Section 5)) provides a reliable mechanism for helping to
ensure the confidentiality and data integrity of data exchanged ensure the confidentiality and data integrity of data exchanged
between two entities. between two entities.
The SASL protocol for authenticating XML streams (defined under The SASL protocol for authenticating XML streams (defined under
Stream Authentication (Section 6)) provides a reliable mechanism for Stream Authentication (Section 6)) provides a reliable mechanism for
validating that a client connecting to a server is who it claims to validating that a client connecting to a server is who it claims to
be. be.
Client-to-server communications MUST NOT proceed until the DNS
hostname asserted by the server has been resolved. Such resolutions
SHOULD first attempt to resolve the hostname using an SRV [18]
Service of "jabber-client" and Proto of "tcp", resulting in resource
records such as "_jabber-client._tcp.shakespeare.lit." (the use of
the string "jabber-client" for the service identifier is consistent
with the existing IANA registration). If the SRV lookup fails, the
fallback is a normal A lookup to determine the IP address, using the
"jabber-client" port of 5222 assigned by the Internet Assigned
Numbers Authority [5].
The IP address and method of access of clients MUST NOT be made The IP address and method of access of clients MUST NOT be made
available by a server, nor are any connections other than the available by a server, nor are any connections other than the
original server connection required. This helps to protect the original server connection required. This helps to protect the
client's server from direct attack or identification by third client's server from direct attack or identification by third
parties. parties.
12.3 Server-to-Server Communications 12.3 Server-to-Server Communications
A compliant implementation MUST support both TLS and SASL for A compliant implementation MUST support both TLS and SASL for
inter-domain communications. For historical reasons, a compliant inter-domain communications. For historical reasons, a compliant
skipping to change at page 64, line 24 skipping to change at page 65, line 34
of any given deployment. If a particular domain enables inter-domain of any given deployment. If a particular domain enables inter-domain
communications, it SHOULD enable high security. communications, it SHOULD enable high security.
Administrators may want to require use of SASL for server-to-server Administrators may want to require use of SASL for server-to-server
communications in order to ensure both authentication and communications in order to ensure both authentication and
confidentiality (e.g., on an organization's private network). confidentiality (e.g., on an organization's private network).
Compliant implementations SHOULD support SASL for this purpose. Compliant implementations SHOULD support SASL for this purpose.
Inter-domain connections MUST NOT proceed until the DNS hostnames Inter-domain connections MUST NOT proceed until the DNS hostnames
asserted by the servers have been resolved. Such resolutions MUST asserted by the servers have been resolved. Such resolutions MUST
first attempt to resolve the hostname using an SRV [18] record of first attempt to resolve the hostname using an SRV [18] Service of
_jabber._tcp.server (the use of the string "jabber" for SRV purposes "jabber-server" and Proto of "tcp", resulting in resource records
is historical). If the SRV lookup fails, the fallback is a normal A such as "_jabber-server._tcp.shakespeare.lit." (the use of the string
lookup to determine the IP address, using the jabber-server port of "jabber-server" for the service identifer is consistent with the
5269 assigned by the Internet Assigned Numbers Authority [5]. existing IANA registration; note well that the "jabber-server"
service identifier supersedes the earlier use of a "jabber" service
identifier, since the earlier usage did not conform to RFC 2782
[18]). If the SRV lookup fails, the fallback is a normal A lookup to
determine the IP address, using the "jabber-server" port of 5269
assigned by the Internet Assigned Numbers Authority [5].
Server dialback helps protect against domain spoofing, thus making it Server dialback helps protect against domain spoofing, thus making it
more difficult to spoof XML stanzas. It is not a mechanism for more difficult to spoof XML stanzas. It is not a mechanism for
authenticating, securing, or encrypting streams between servers as is authenticating, securing, or encrypting streams between servers as is
done via SASL and TLS. Furthermore, it is susceptible to DNS done via SASL and TLS. Furthermore, it is susceptible to DNS
poisoning attacks unless DNSSec [30] is used, and even if the DNS poisoning attacks unless DNSSec [30] is used, and even if the DNS
information is accurate, dialback cannot protect from attacks where information is accurate, dialback cannot protect from attacks where
the attacker is capable of hijacking the IP address of the remote the attacker is capable of hijacking the IP address of the remote
domain. Domains requiring robust security SHOULD use TLS and SASL. If domain. Domains requiring robust security SHOULD use TLS and SASL. If
SASL is used for server-to-server authentication, dialback SHOULD NOT SASL is used for server-to-server authentication, dialback SHOULD NOT
skipping to change at page 67, line 16 skipping to change at page 68, line 16
[15] Myers, J., "Simple Authentication and Security Layer (SASL)", [15] Myers, J., "Simple Authentication and Security Layer (SASL)",
RFC 2222, October 1997. RFC 2222, October 1997.
[16] Leach, P. and C. Newman, "Using Digest Authentication as a SASL [16] Leach, P. and C. Newman, "Using Digest Authentication as a SASL
Mechanism", RFC 2831, May 2000. Mechanism", RFC 2831, May 2000.
[17] Alvestrand, H., "Tags for the Identification of Languages", BCP [17] Alvestrand, H., "Tags for the Identification of Languages", BCP
47, RFC 3066, January 2001. 47, RFC 3066, January 2001.
[18] Gulbrandsen, A. and P. Vixie, "A DNS RR for specifying the [18] Gulbrandsen, A., Vixie, P. and L. Esibov, "A DNS RR for
location of services (DNS SRV)", RFC 2052, October 1996. specifying the location of services (DNS SRV)", RFC 2782,
February 2000.
[19] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC [19] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC
2279, January 1998. 2279, January 1998.
[20] Hoffman, P. and F. Yergeau, "UTF-16, an encoding of ISO 10646", [20] Hoffman, P. and F. Yergeau, "UTF-16, an encoding of ISO 10646",
RFC 2781, February 2000. RFC 2781, February 2000.
[21] International Organization for Standardization, "Information [21] International Organization for Standardization, "Information
Technology - Universal Multiple-octet coded Character Set (UCS) Technology - Universal Multiple-octet coded Character Set (UCS)
- Amendment 2: UCS Transformation Format 8 (UTF-8)", ISO - Amendment 2: UCS Transformation Format 8 (UTF-8)", ISO
Standard 10646-1 Addendum 2, October 1996. Standard 10646-1 Addendum 2, October 1996.
[22] Linn, J., "Generic Security Service Application Program [22] Linn, J., "Generic Security Service Application Program
Interface, Version 2", RFC 2078, January 1997. Interface, Version 2", RFC 2078, January 1997.
Informative References Informative References
[23] Saint-Andre, P. and J. Miller, "XMPP Instant Messaging", [23] Saint-Andre, P. and J. Miller, "XMPP Instant Messaging",
draft-ietf-xmpp-im-12 (work in progress), June 2003. draft-ietf-xmpp-im-14 (work in progress), June 2003.
[24] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform [24] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform
Resource Identifiers (URI): Generic Syntax", RFC 2396, August Resource Identifiers (URI): Generic Syntax", RFC 2396, August
1998, <http://www.ietf.org/rfc/rfc2396.txt>. 1998, <http://www.ietf.org/rfc/rfc2396.txt>.
[25] Mealling, M., "The IANA XML Registry", [25] Mealling, M., "The IANA XML Registry",
draft-mealling-iana-xmlns-registry-04 (work in progress), June draft-mealling-iana-xmlns-registry-05 (work in progress), June
2002. 2003.
[26] Crispin, M., "Internet Message Access Protocol - Version [26] Crispin, M., "Internet Message Access Protocol - Version
4rev1", RFC 2060, December 1996. 4rev1", RFC 2060, December 1996.
[27] Myers, J. and M. Rose, "Post Office Protocol - Version 3", STD [27] Myers, J. and M. Rose, "Post Office Protocol - Version 3", STD
53, RFC 1939, May 1996. 53, RFC 1939, May 1996.
[28] Newman, C. and J. Myers, "ACAP -- Application Configuration [28] Newman, C. and J. Myers, "ACAP -- Application Configuration
Access Protocol", RFC 2244, November 1997. Access Protocol", RFC 2244, November 1997.
skipping to change at page 70, line 43 skipping to change at page 71, line 43
<xs:element name='improper-addressing' type='empty'/> <xs:element name='improper-addressing' type='empty'/>
<xs:element name='internal-server-error' type='empty'/> <xs:element name='internal-server-error' type='empty'/>
<xs:element name='invalid-id' type='empty'/> <xs:element name='invalid-id' type='empty'/>
<xs:element name='invalid-namespace' type='empty'/> <xs:element name='invalid-namespace' type='empty'/>
<xs:element name='nonmatching-hosts' type='empty'/> <xs:element name='nonmatching-hosts' type='empty'/>
<xs:element name='not-authorized' type='empty'/> <xs:element name='not-authorized' type='empty'/>
<xs:element name='remote-connection-failed' type='empty'/> <xs:element name='remote-connection-failed' type='empty'/>
<xs:element name='resource-constraint' type='empty'/> <xs:element name='resource-constraint' type='empty'/>
<xs:element name='see-other-host' type='xs:string'/> <xs:element name='see-other-host' type='xs:string'/>
<xs:element name='system-shutdown' type='empty'/> <xs:element name='system-shutdown' type='empty'/>
<xs:element name='undefined-condition' type='empty'/>
<xs:element name='unsupported-stanza-type' type='empty'/> <xs:element name='unsupported-stanza-type' type='empty'/>
<xs:element name='unsupported-version' type='xs:string'/> <xs:element name='unsupported-version' type='xs:string'/>
<xs:element name='xml-not-well-formed' type='empty'/> <xs:element name='xml-not-well-formed' type='empty'/>
<xs:element name='text' type='xs:string'> <xs:element name='text' type='xs:string'>
<xs:complexType> <xs:complexType>
<xs:attribute ref='xml:lang' use='optional'/> <xs:attribute ref='xml:lang' use='optional'/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
skipping to change at page 84, line 10 skipping to change at page 85, line 10
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>
</xs:schema> </xs:schema>
Appendix B. Revision History Appendix B. Revision History
Note to RFC Editor: please remove this entire appendix, and the Note to RFC Editor: please remove this entire appendix, and the
corresponding entries in the table of contents, prior to publication. corresponding entries in the table of contents, prior to publication.
B.1 Changes from draft-ietf-xmpp-core-13 B.1 Changes from draft-ietf-xmpp-core-14
o Added SRV lookup for client-to-server communications.
o Changed server SRV record to conform to RFC 2782; specifically,
the service identifier was changed from 'jabber' to
'jabber-server'.
B.2 Changes from draft-ietf-xmpp-core-13
o Clarified stream restart after successful TLS and SASL o Clarified stream restart after successful TLS and SASL
negotiation. negotiation.
o Clarified requirement for resolution of DNS hostnames. o Clarified requirement for resolution of DNS hostnames.
o Clarified text regarding namespaces. o Clarified text regarding namespaces.
o Clarified examples regarding empty <stream:features/> element. o Clarified examples regarding empty <stream:features/> element.
o Added several more SASL error conditions. o Added several more SASL error conditions.
o Changed <invalid-xml/> stream error to <improper-addressing/> and o Changed <invalid-xml/> stream error to <improper-addressing/> and
added to schema. added to schema.
o Made small editorial changes and fixed several schema errors. o Made small editorial changes and fixed several schema errors.
B.2 Changes from draft-ietf-xmpp-core-12 B.3 Changes from draft-ietf-xmpp-core-12
o Moved server dialback to a separate section; clarified its o Moved server dialback to a separate section; clarified its
security characteristics and its role in the protocol. security characteristics and its role in the protocol.
o Adjusted error handling syntax and semantics per list discussion. o Adjusted error handling syntax and semantics per list discussion.
o Further clarified length of node identifiers and total length of o Further clarified length of node identifiers and total length of
JIDs. JIDs.
o Documented message type='normal'. o Documented message type='normal'.
o Corrected several small errors in the TLS and SASL sections. o Corrected several small errors in the TLS and SASL sections.
o Corrected several errors in the schemas. o Corrected several errors in the schemas.
B.3 Changes from draft-ietf-xmpp-core-11 B.4 Changes from draft-ietf-xmpp-core-11
o Corrected several small errors in the TLS and SASL sections. o Corrected several small errors in the TLS and SASL sections.
o Made small editorial changes and fixed several schema errors. o Made small editorial changes and fixed several schema errors.
B.4 Changes from draft-ietf-xmpp-core-10 B.5 Changes from draft-ietf-xmpp-core-10
o Adjusted TLS content regarding certificate validation process. o Adjusted TLS content regarding certificate validation process.
o Specified that stanza error extensions for specific applications o Specified that stanza error extensions for specific applications
are to be properly namespaced children of the relevant descriptive are to be properly namespaced children of the relevant descriptive
element. element.
o Clarified rules for inclusion of the 'id' attribute. o Clarified rules for inclusion of the 'id' attribute.
o Specified that the 'xml:lang' attribute SHOULD be included (per o Specified that the 'xml:lang' attribute SHOULD be included (per
list discussion). list discussion).
o Made small editorial changes and fixed several schema errors. o Made small editorial changes and fixed several schema errors.
B.5 Changes from draft-ietf-xmpp-core-09 B.6 Changes from draft-ietf-xmpp-core-09
o Fixed several dialback error conditions. o Fixed several dialback error conditions.
o Cleaned up rules regarding TLS and certificate processing based on o Cleaned up rules regarding TLS and certificate processing based on
off-list feedback. off-list feedback.
o Changed <stream-condition/> and <stanza-condition/> elements to o Changed <stream-condition/> and <stanza-condition/> elements to
<condition/>. <condition/>.
o Added or modified several stream and stanza error conditions. o Added or modified several stream and stanza error conditions.
o Specified only one child allowed for IQ, or two if type="error". o Specified only one child allowed for IQ, or two if type="error".
o Fixed several errors in the schemas. o Fixed several errors in the schemas.
B.6 Changes from draft-ietf-xmpp-core-08 B.7 Changes from draft-ietf-xmpp-core-08
o Incorporated list discussion regarding addressing, SASL, TLS, TCP, o Incorporated list discussion regarding addressing, SASL, TLS, TCP,
dialback, namespaces, extensibility, and the meaning of 'ignore' dialback, namespaces, extensibility, and the meaning of 'ignore'
for routers and recipients. for routers and recipients.
o Specified dialback error conditions. o Specified dialback error conditions.
o Made small editorial changes to address RFC Editor requirements. o Made small editorial changes to address RFC Editor requirements.
B.7 Changes from draft-ietf-xmpp-core-07 B.8 Changes from draft-ietf-xmpp-core-07
o Made several small editorial changes. o Made several small editorial changes.
B.8 Changes from draft-ietf-xmpp-core-06 B.9 Changes from draft-ietf-xmpp-core-06
o Added text regarding certificate validation in TLS negotiation per o Added text regarding certificate validation in TLS negotiation per
list discussion. list discussion.
o Clarified nature of XML restrictions per discussion with W3C, and o Clarified nature of XML restrictions per discussion with W3C, and
moved XML Restrictions subsection under "XML Usage within XMPP". moved XML Restrictions subsection under "XML Usage within XMPP".
o Further clarified that XML streams are unidirectional. o Further clarified that XML streams are unidirectional.
o Changed stream error and stanza error namespace names to conform o Changed stream error and stanza error namespace names to conform
to the format defined in The IETF XML Registry [25]. to the format defined in The IETF XML Registry [25].
o Removed note to RFC Editor regarding provisional namespace names. o Removed note to RFC Editor regarding provisional namespace names.
B.9 Changes from draft-ietf-xmpp-core-05 B.10 Changes from draft-ietf-xmpp-core-05
o Added <invalid-namespace/> as a stream error condition. o Added <invalid-namespace/> as a stream error condition.
o Adjusted security considerations per discussion at IETF 56 and on o Adjusted security considerations per discussion at IETF 56 and on
list. list.
B.10 Changes from draft-ietf-xmpp-core-04 B.11 Changes from draft-ietf-xmpp-core-04
o Added server-to-server examples for TLS and SASL. o Added server-to-server examples for TLS and SASL.
o Changed error syntax, rules, and examples based on list o Changed error syntax, rules, and examples based on list
discussion. discussion.
o Added schemas for the TLS, stream error, and stanza error o Added schemas for the TLS, stream error, and stanza error
namespaces. namespaces.
o Added note to RFC Editor regarding provisional namespace names. o Added note to RFC Editor regarding provisional namespace names.
o Made numerous small editorial changes and clarified text o Made numerous small editorial changes and clarified text
throughout. throughout.
B.11 Changes from draft-ietf-xmpp-core-03 B.12 Changes from draft-ietf-xmpp-core-03
o Clarified rules and procedures for TLS and SASL. o Clarified rules and procedures for TLS and SASL.
o Amplified stream error code syntax per list discussion. o Amplified stream error code syntax per list discussion.
o Made numerous small editorial changes. o Made numerous small editorial changes.
B.12 Changes from draft-ietf-xmpp-core-02 B.13 Changes from draft-ietf-xmpp-core-02
o Added dialback schema. o Added dialback schema.
o Removed all DTDs since schemas provide more complete definitions. o Removed all DTDs since schemas provide more complete definitions.
o Added stream error codes. o Added stream error codes.
o Clarified error code "philosophy". o Clarified error code "philosophy".
B.13 Changes from draft-ietf-xmpp-core-01 B.14 Changes from draft-ietf-xmpp-core-01
o Updated the addressing restrictions per list discussion and added o Updated the addressing restrictions per list discussion and added
references to the new nodeprep and resourceprep profiles. references to the new nodeprep and resourceprep profiles.
o Corrected error in Stream Authentication regarding 'version' o Corrected error in Stream Authentication regarding 'version'
attribute. attribute.
o Made numerous small editorial changes. o Made numerous small editorial changes.
B.14 Changes from draft-ietf-xmpp-core-00 B.15 Changes from draft-ietf-xmpp-core-00
o Added information about TLS from list discussion. o Added information about TLS from list discussion.
o Clarified meaning of "ignore" based on list discussion. o Clarified meaning of "ignore" based on list discussion.
o Clarified information about Universal Character Set data and o Clarified information about Universal Character Set data and
character encodings. character encodings.
o Provided base64-decoded information for examples. o Provided base64-decoded information for examples.
o Fixed several errors in the schemas. o Fixed several errors in the schemas.
o Made numerous small editorial fixes. o Made numerous small editorial fixes.
B.15 Changes from draft-miller-xmpp-core-02 B.16 Changes from draft-miller-xmpp-core-02
o Brought Streams Authentication section into line with discussion o Brought Streams Authentication section into line with discussion
on list and at IETF 55 meeting. on list and at IETF 55 meeting.
o Added information about the optional 'xml:lang' attribute per o Added information about the optional 'xml:lang' attribute per
discussion on list and at IETF 55 meeting. discussion on list and at IETF 55 meeting.
o Specified that validation is neither required nor recommended, and o Specified that validation is neither required nor recommended, and
that the formal definitions (DTDs and schemas) are included for that the formal definitions (DTDs and schemas) are included for
descriptive purposes only. descriptive purposes only.
 End of changes. 27 change blocks. 
121 lines changed or deleted 153 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/