draft-ietf-xmpp-websocket-10.txt   rfc7395.txt 
XMPP Working Group L. Stout, Ed. Internet Engineering Task Force (IETF) L. Stout, Ed.
Internet-Draft &yet Request for Comments: 7395 &yet
Intended status: Standards Track J. Moffitt Category: Standards Track J. Moffitt
Expires: March 14, 2015 Mozilla ISSN: 2070-1721 Mozilla
E. Cestari E. Cestari
cstar industries cstar industries
September 10, 2014 October 2014
An XMPP Sub-protocol for WebSocket An Extensible Messaging and Presence Protocol (XMPP) Subprotocol for
draft-ietf-xmpp-websocket-10 WebSocket
Abstract Abstract
This document defines a binding for the XMPP protocol over a This document defines a binding for the Extensible Messaging and
WebSocket transport layer. A WebSocket binding for XMPP provides Presence Protocol (XMPP) over a WebSocket transport layer. A
higher performance than the current HTTP binding for XMPP. WebSocket binding for XMPP provides higher performance than the
current HTTP binding for XMPP.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
This Internet-Draft will expire on March 14, 2015. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7395.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction ....................................................2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology .....................................................3
3. XMPP Sub-Protocol . . . . . . . . . . . . . . . . . . . . . . 3 3. XMPP Subprotocol ................................................3
3.1. Handshake . . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Handshake ..................................................3
3.2. WebSocket Messages . . . . . . . . . . . . . . . . . . . 4 3.2. WebSocket Messages .........................................4
3.3. XMPP Framing . . . . . . . . . . . . . . . . . . . . . . 5 3.3. XMPP Framing ...............................................5
3.3.1. Framed XML Stream . . . . . . . . . . . . . . . . . . 5 3.3.1. Framed XML Stream ...................................5
3.3.2. Framed Stream Namespace . . . . . . . . . . . . . . . 5 3.3.2. Framed Stream Namespace .............................5
3.3.3. Stream Frames . . . . . . . . . . . . . . . . . . . . 5 3.3.3. Stream Frames .......................................5
3.4. Stream Initiation . . . . . . . . . . . . . . . . . . . . 6 3.4. Stream Initiation ..........................................6
3.5. Stream Errors . . . . . . . . . . . . . . . . . . . . . . 7 3.5. Stream Errors ..............................................7
3.6. Closing the Connection . . . . . . . . . . . . . . . . . 7 3.6. Closing the Connection .....................................7
3.6.1. see-other-uri . . . . . . . . . . . . . . . . . . . . 8 3.6.1. see-other-uri .......................................8
3.7. Stream Restarts . . . . . . . . . . . . . . . . . . . . . 9 3.7. Stream Restarts ............................................9
3.8. Pings and Keepalives . . . . . . . . . . . . . . . . . . 9 3.8. Pings and Keepalives .......................................9
3.9. Use of TLS . . . . . . . . . . . . . . . . . . . . . . . 9 3.9. Use of TLS .................................................9
3.10. Stream Management . . . . . . . . . . . . . . . . . . . . 10 3.10. Stream Management ........................................10
4. Discovering the WebSocket Connection Method . . . . . . . . . 10 4. Discovering the WebSocket Connection Method ....................10
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 5. IANA Considerations ............................................11
5.1. WebSocket Subprotocol Name . . . . . . . . . . . . . . . 11 5.1. WebSocket Subprotocol Name ................................11
5.2. URN Sub-Namespace . . . . . . . . . . . . . . . . . . . . 11 5.2. URN Sub-namespace .........................................11
6. Security Considerations . . . . . . . . . . . . . . . . . . . 12 6. Security Considerations ........................................12
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 7. References .....................................................14
7.1. Normative References . . . . . . . . . . . . . . . . . . 14 7.1. Normative References ......................................14
7.2. Informative References . . . . . . . . . . . . . . . . . 14 7.2. Informative References ....................................14
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 15 Appendix A. XML Schema ............................................16
Appendix B. XML Schema . . . . . . . . . . . . . . . . . . . . . 15 Acknowledgements ..................................................17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 Authors' Addresses ................................................18
1. Introduction 1. Introduction
To date, applications using the Extensible Messaging and Presence To date, applications using the Extensible Messaging and Presence
Protocol (XMPP) (see [RFC6120] and [RFC6121]) on the Web have made Protocol (XMPP) (see [RFC6120] and [RFC6121]) on the Web have made
use of BOSH (see [XEP-0124] and [XEP-0206]), an XMPP binding to HTTP. use of Bidirectional-streams Over Synchronous HTTP (BOSH) (see
BOSH is based on the HTTP long polling technique, and it suffers from [XEP-0124] and [XEP-0206]), an XMPP binding to HTTP. BOSH is based
high transport overhead compared to XMPP's native binding to TCP. In on the HTTP "long polling" technique, and it suffers from high
transport overhead compared to XMPP's native binding to TCP. In
addition, there are a number of other known issues with long polling addition, there are a number of other known issues with long polling
[RFC6202], which have an impact on BOSH-based systems. [RFC6202] that have an impact on BOSH-based systems.
It would be much better in most circumstances to avoid tunneling XMPP In most circumstances, it would be much better to avoid tunneling
over HTTP long polled connections and instead use the XMPP protocol XMPP over HTTP long-polled connections and instead use XMPP directly.
directly. However, the APIs and sandbox that browsers have provided However, the APIs and sandbox that browsers have provided do not
do not allow this. The WebSocket protocol [RFC6455] exists to solve allow this. The WebSocket protocol [RFC6455] exists to solve these
these kinds of problems and is a bidirectional protocol that provides kinds of problems and is a bidirectional protocol that provides a
a simple message-based framing layer, allowing for more robust and simple message-based framing layer, allowing for more robust and
efficient communication in web applications. efficient communication in web applications.
The WebSocket protocol enables two-way communication between a client The WebSocket protocol enables two-way communication between a client
and a server, effectively emulating TCP at the application layer and and a server, effectively emulating TCP at the application layer and,
therefore overcoming many of the problems with existing long-polling therefore, overcoming many of the problems with existing long-polling
techniques for bidirectional HTTP. This document defines a WebSocket techniques for bidirectional HTTP. This document defines a WebSocket
sub-protocol for XMPP. subprotocol for XMPP.
The WebSocket binding for XMPP is designed for use by browser-based The WebSocket binding for XMPP is designed for use by browser-based
applications (e.g., XMPP clients written in JavaScript). These applications (e.g., XMPP clients written in JavaScript). Typically,
applications typically are used to access the same information and these applications are used to access the same information and
communication opportunities (e.g., the same XMPP "roster" of communication opportunities (e.g., the same XMPP "roster" of
contacts) as clients that access connect to an XMPP server over the contacts) as clients that connect to an XMPP server over the TCP
TCP binding defined in [RFC6120]. Although the only essential binding defined in [RFC6120]. Although the only essential difference
difference is the underlying transport binding, relevant implications is the underlying transport binding, relevant implications (e.g.,
(e.g., framing methods and discovery processes) are highlighted in framing methods and discovery processes) are highlighted in this
this specification. specification.
2. Terminology 2. Terminology
The basic unit of framing in the WebSocket protocol is called a The basic unit of framing in the WebSocket protocol is called a
message. In XMPP, the basic unit is the stanza, which is a subset of "message". In XMPP, the basic unit is the stanza, which is a subset
the first-level children of each document in an XMPP stream (see of the first-level children of each document in an XMPP stream (see
Section 9 of [RFC6120]). XMPP also has a concept of messages, which Section 9 of [RFC6120]). XMPP also has a concept of messages, which
are stanzas with a top-level element of <message/>. In this are stanzas with a top-level element of <message/>. In this
document, the word "message" will mean a WebSocket message, not an document, the word "message" will mean a WebSocket message, not an
XMPP message stanza, unless otherwise noted. XMPP message stanza (unless otherwise noted).
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
[RFC2119]. [RFC2119].
3. XMPP Sub-Protocol 3. XMPP Subprotocol
3.1. Handshake 3.1. Handshake
The XMPP sub-protocol is used to transport XMPP over a WebSocket The XMPP subprotocol is used to transport XMPP over a WebSocket
connection. The client and server agree to this protocol during the connection. The client and server agree to this protocol during the
WebSocket handshake (see Section 1.3 of [RFC6455]). WebSocket handshake (see Section 1.3 of [RFC6455]).
During the WebSocket handshake, the client MUST include the value During the WebSocket handshake, the client MUST include the value
'xmpp' in the list of protocols for the 'Sec-WebSocket-Protocol' 'xmpp' in the list of protocols for the 'Sec-WebSocket-Protocol'
header. The reply from the server MUST also contain 'xmpp' in its header. The reply from the server MUST also contain 'xmpp' in its
own 'Sec-WebSocket-Protocol' header in order for an XMPP sub-protocol own 'Sec-WebSocket-Protocol' header in order for an XMPP subprotocol
connection to be established. connection to be established.
If a client receives a handshake response that does not include If a client receives a handshake response that does not include
'xmpp' in the 'Sec-WebSocket-Protocol' header, then a XMPP sub- 'xmpp' in the 'Sec-WebSocket-Protocol' header, then an XMPP
protocol WebSocket connection was not established and the client MUST subprotocol WebSocket connection was not established and the client
close the WebSocket connection. MUST close the WebSocket connection.
Once the handshake has successfully completed, WebSocket messages Once the handshake has successfully completed, WebSocket messages
sent or received MUST conform to the protocol defined in the rest of sent or received MUST conform to the protocol defined in the rest of
this document. this document.
The following is an example of a WebSocket handshake, followed by The following is an example of a WebSocket handshake, followed by
opening an XMPP stream: opening an XMPP stream:
C: GET /xmpp-websocket HTTP/1.1 C: GET /xmpp-websocket HTTP/1.1
Host: example.com Host: example.com
skipping to change at page 4, line 48 skipping to change at page 4, line 48
version="1.0" /> version="1.0" />
S: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing" S: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing"
from="example.com" from="example.com"
id="++TR84Sm6A3hnt3Q065SnAbbk3Y=" id="++TR84Sm6A3hnt3Q065SnAbbk3Y="
xml:lang="en" xml:lang="en"
version="1.0" /> version="1.0" />
3.2. WebSocket Messages 3.2. WebSocket Messages
Data frame messages in the XMPP sub-protocol MUST be of the text type Data frame messages in the XMPP subprotocol MUST be of the text type
and contain UTF-8 encoded data. and contain UTF-8 encoded data.
3.3. XMPP Framing 3.3. XMPP Framing
The framing method for the binding of XMPP to WebSocket differs from The framing method for the binding of XMPP to WebSocket differs from
the framing method for the TCP binding as defined in [RFC6120]; in the framing method for the TCP binding as defined in [RFC6120]; in
particular, the WebSocket binding adopts the message framing provided particular, the WebSocket binding adopts the message framing provided
by WebSocket to delineate the stream open and close headers, stanzas, by WebSocket to delineate the stream open and close headers, stanzas,
and other top-level stream elements. and other top-level stream elements.
3.3.1. Framed XML Stream 3.3.1. Framed XML Stream
The start of a framed XML stream is marked by the use of an opening The start of a framed XML stream is marked by the use of an opening
"stream header" which is an <open/> element with the appropriate "stream header", which is an <open/> element with the appropriate
attributes and namespace declarations (see Section 3.3.2). The attributes and namespace declarations (see Section 3.3.2). The
attributes of the <open/> element are the same as those of the attributes of the <open/> element are the same as those of the
<stream/> element defined defined for the 'http://etherx.jabber.org/ <stream/> element defined for the 'http://etherx.jabber.org/streams'
streams' namespace in [RFC6120] and with the same semantics and namespace [RFC6120] and with the same semantics and restrictions.
restrictions.
The end of a framed XML stream is denoted by the closing "stream The end of a framed XML stream is denoted by the closing "stream
header" which is a <close/> element with its associated attributes header", which is a <close/> element with its associated attributes
and namespace declarations (see Section 3.3.2). and namespace declarations (see Section 3.3.2).
The introduction of the <open/> and <close/> elements is motivated by The introduction of the <open/> and <close/> elements is motivated by
the parsable XML document framing restriction in Section 3.3.3. As a the parsable XML document framing restriction in Section 3.3.3. As a
consequence, note that a framed XML stream does not provided a consequence, note that a framed XML stream does not provide a
wrapping <stream:stream/> element encompassing the entirety of the wrapping <stream:stream/> [RFC6120] element encompassing the entirety
XML stream, as in [RFC6120]. of the XML stream.
3.3.2. Framed Stream Namespace 3.3.2. Framed Stream Namespace
The XML stream "headers" (the <open/> and <close/> elements) MUST be The XML stream headers (the <open/> and <close/> elements) MUST be
qualified by the namespace 'urn:ietf:params:xml:ns:xmpp-framing' (the qualified by the namespace 'urn:ietf:params:xml:ns:xmpp-framing' (the
"framed stream namespace"). If this rule is violated, the entity "framed stream namespace"). If this rule is violated, the entity
that receives the offending stream header MUST close the stream with that receives the offending stream header MUST close the stream with
an error, which MUST be <invalid-namespace> (see Section 4.9.3.10 of an error, which MUST be <invalid-namespace> (see Section 4.9.3.10 of
[RFC6120]). [RFC6120]).
3.3.3. Stream Frames 3.3.3. Stream Frames
The individual frames of a framed XML stream have a one-to-one The individual frames of a framed XML stream have a one-to-one
correspondence with WebSocket messages, and MUST be parsable as correspondence with WebSocket messages and MUST be parsable as
standalone XML documents, complete with all relevant namespace and standalone XML documents, complete with all relevant namespace and
language declarations. The inclusion of XML declarations, however, language declarations. The inclusion of XML declarations, however,
is NOT RECOMMENDED, as WebSocket messages are already mandated to be is NOT RECOMMENDED, as WebSocket messages are already mandated to be
UTF-8 encoded. Inclusions of declarations would only add a constant UTF-8 encoded. Including declarations in each message would only
size overhead to each message. increase the framing overhead of each message.
The first character of each frame MUST be a '<' character. The first character of each frame MUST be a '<' character.
Every XMPP stanza or other XML element (including the stream open and Every XMPP stanza or other XML element (including the stream open and
close headers) sent directly over the XML stream MUST be sent in its close headers) sent directly over the XML stream MUST be sent in its
own frame. own frame.
Example of a WebSocket message that contains an independently Example of a WebSocket message that contains an independently
parsable XML document: parsable XML document:
skipping to change at page 6, line 33 skipping to change at page 6, line 33
-- OR -- -- OR --
<error xmlns="http://etherx.jabber.org/streams"> <error xmlns="http://etherx.jabber.org/streams">
<host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/> <host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/>
</error> </error>
3.4. Stream Initiation 3.4. Stream Initiation
The first message sent after the WebSocket opening handshake MUST be The first message sent after the WebSocket opening handshake MUST be
from the initiating entity, and MUST be an <open/> element qualified from the initiating entity and MUST be an <open/> element qualified
by the 'urn:ietf:params:xml:ns:xmpp-framing' namespace and with the by the 'urn:ietf:params:xml:ns:xmpp-framing' namespace and with the
same attributes mandated for the <stream> opening tag as described in same attributes mandated for the <stream> opening tag as described in
Section 4.7 of [RFC6120]. Section 4.7 of [RFC6120].
The receiving entity MUST respond with either an <open /> element The receiving entity MUST respond with either an <open/> element
(whose attributes match those described in Section 4.7 of [RFC6120]) (whose attributes match those described in Section 4.7 of [RFC6120])
or a <close /> element (see Section 3.6.1). or a <close/> element (see Section 3.6.1).
An example of a successful stream initiation exchange: An example of a successful stream initiation exchange:
C: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing" C: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing"
to="example.com" to="example.com"
version="1.0" /> version="1.0" />
S: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing" S: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing"
from="example.com" from="example.com"
id="++TR84Sm6A3hnt3Q065SnAbbk3Y=" id="++TR84Sm6A3hnt3Q065SnAbbk3Y="
xml:lang="en" xml:lang="en"
version="1.0" /> version="1.0" />
Clients MUST NOT multiplex XMPP streams over the same WebSocket. Clients MUST NOT multiplex XMPP streams over the same WebSocket.
3.5. Stream Errors 3.5. Stream Errors
Stream level errors in XMPP are fatal. Should such an error occur, Stream-level errors in XMPP are fatal. Should such an error occur,
the server MUST send the stream error as a complete element in a the server MUST send the stream error as a complete element in a
message to the client. message to the client.
If the error occurs during the opening of a stream, the server MUST If the error occurs during the opening of a stream, the server MUST
send the initial open element response, followed by the stream level send the initial open element response, followed by the stream-level
error in a second WebSocket message frame. The server MUST then error in a second WebSocket message frame. The server MUST then
close the connection as specified in Section 3.6. close the connection as specified in Section 3.6.
3.6. Closing the Connection 3.6. Closing the Connection
The closing process for the XMPP sub-protocol mirrors that of the The closing process for the XMPP subprotocol mirrors that of the XMPP
XMPP TCP binding as defined in Section 4.4 of [RFC6120], except that TCP binding as defined in Section 4.4 of [RFC6120], except that a
a <close/> element is used instead of the ending </stream:stream> <close/> element is used instead of the ending </stream:stream> tag.
tag.
Either the server or the client may close the connection at any time. Either the server or the client may close the connection at any time.
Before closing the connection, the closing party is expected to first Before closing the connection, the closing party is expected to first
close the XMPP stream (if one has been opened) by sending a message close the XMPP stream (if one has been opened) by sending a message
with the <close/> element, qualified by the "urn:ietf:params:xml:ns with the <close/> element, qualified by the
:xmpp-framing" namespace. The stream is considered closed when a "urn:ietf:params:xml:ns:xmpp-framing" namespace. The stream is
corresponding <close/> element is received from the other party, and considered closed when a corresponding <close/> element is received
the XMPP session is ended. from the other party, and the XMPP session is ended.
To then close the WebSocket connection, the closing party MUST To then close the WebSocket connection, the closing party MUST
initiate the WebSocket closing handshake (see Section 7.1.2 of initiate the WebSocket closing handshake (see Section 7.1.2 of
[RFC6455]). [RFC6455]).
An example of ending an XMPP over WebSocket session by first closing An example of ending an XMPP-over-WebSocket session by first closing
the XMPP stream layer and then the WebSocket connection layer: the XMPP stream layer and then the WebSocket connection layer:
Client (XMPP WSS) Server Client (XMPP WSS) Server
| | | | | | | |
| | <close xmlns="urn:ietf:params:xml:ns:xmpp-framing /> | | | | <close xmlns="urn:ietf:params:xml:ns:xmpp-framing" /> | |
| |------------------------------------------------------------>| | | |------------------------------------------------------------>| |
| | <close xmlns="urn:ietf:params:xml:ns:xmpp-framing" /> | | | | <close xmlns="urn:ietf:params:xml:ns:xmpp-framing" /> | |
| |<------------------------------------------------------------| | | |<------------------------------------------------------------| |
| | | | | | | |
| | (XMPP Stream Closed) | | | | (XMPP Stream Closed) | |
| +-------------------------------------------------------------+ | | +-------------------------------------------------------------+ |
| | | |
| WS CLOSE FRAME | | WS CLOSE FRAME |
|------------------------------------------------------------------>| |------------------------------------------------------------------>|
| WS CLOSE FRAME | | WS CLOSE FRAME |
skipping to change at page 8, line 35 skipping to change at page 8, line 35
If the WebSocket connection is closed or broken without the XMPP If the WebSocket connection is closed or broken without the XMPP
stream having been closed first, then the XMPP stream is considered stream having been closed first, then the XMPP stream is considered
implicitly closed and the XMPP session ended; however, if the use of implicitly closed and the XMPP session ended; however, if the use of
stream management resumption was negotiated (see [XEP-0198]), the stream management resumption was negotiated (see [XEP-0198]), the
server SHOULD consider the XMPP session still alive for a period of server SHOULD consider the XMPP session still alive for a period of
time based on server policy as specified in [XEP-0198]. time based on server policy as specified in [XEP-0198].
3.6.1. see-other-uri 3.6.1. see-other-uri
If the server wishes at any point to instruct the client to move to a At any point, if the server wishes to instruct the client to move to
different WebSocket endpoint (e.g., for load balancing purposes), a different WebSocket endpoint (e.g., for load-balancing purposes),
then a <close/> element is sent with the 'see-other-uri' attribute then a <close/> element is sent with the 'see-other-uri' attribute
set to the URI of the new connection endpoint (which MAY be for a set to the URI of the new connection endpoint (which MAY be for a
different transport method, such as BOSH (see [XEP-0124] and different transport method, such as BOSH (see [XEP-0124] and
[XEP-0206])). [XEP-0206])).
Clients MUST NOT accept suggested endpoints with a lower security Clients MUST NOT accept suggested endpoints with a lower security
context (e.g., moving from a 'wss://' endpoint to a 'ws://' or 'http: context (e.g., moving from a 'wss://' endpoint to a 'ws://' or
//' endpoint). 'http://' endpoint).
An example of the server closing a stream and instructing the client An example of the server closing a stream and instructing the client
to connect at a different WebSocket endpoint: to connect at a different WebSocket endpoint:
S: <close xmlns="urn:ietf:params:xml:ns:xmpp-framing" S: <close xmlns="urn:ietf:params:xml:ns:xmpp-framing"
see-other-uri="wss://otherendpoint.example/xmpp-bind" /> see-other-uri="wss://otherendpoint.example/xmpp-bind" />
3.7. Stream Restarts 3.7. Stream Restarts
Whenever a stream restart is mandated (see Section 4.3.3 of Whenever a stream restart is mandated (see Section 4.3.3 of
[RFC6120]), both the server and client streams are implicitly closed [RFC6120]), both the server and client streams are implicitly closed
and new streams MUST be opened, using the same process as in and new streams MUST be opened, using the same process as in
Section 3.4. Section 3.4.
The client MUST send a new stream <open/> element and MUST NOT send a The client MUST send a new stream <open/> element and MUST NOT send a
closing <close/> element. closing <close/> element.
An example of restarting the stream after successful SASL An example of restarting the stream after successful Simple
negotiation: Authentication and Security Layer (SASL) negotiation:
S: <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl" /> S: <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl" />
[Streams implicitly closed] [Streams implicitly closed]
C: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing" C: <open xmlns="urn:ietf:params:xml:ns:xmpp-framing"
to="example.com" to="example.com"
version="1.0" /> version="1.0" />
3.8. Pings and Keepalives 3.8. Pings and Keepalives
Traditionally, XMPP servers and clients often send "whitespace Traditionally, XMPP servers and clients often send "whitespace
keepalives" (see Section 4.6.1 of [RFC6120]) between stanzas to keepalives" (see Section 4.6.1 of [RFC6120]) between stanzas to
maintain an XML stream. However, for the XMPP sub-protocol each maintain an XML stream. However, for the XMPP subprotocol each
message is required to start with a '<' character, and, as such, message is required to start with a '<' character, and, as such,
whitespace keepalives MUST NOT be used. whitespace keepalives MUST NOT be used.
As alternatives, the XMPP Ping extension [XEP-0199] and the XMPP As alternatives, the XMPP Ping extension [XEP-0199] and the XMPP
Stream Management extension [XEP-0198] provide pinging mechanisms. Stream Management extension [XEP-0198] provide pinging mechanisms.
Either of these extensions (or both) MAY be used to determine the Either of these extensions (or both) MAY be used to determine the
state of the connection. state of the connection.
Clients and servers MAY also use WebSocket ping control frames for Clients and servers MAY also use WebSocket ping control frames for
this purpose, but note that some environments, such as browsers, do this purpose, but note that some environments, such as browsers, do
not provide access for generating or monitoring ping control frames. not provide access for generating or monitoring ping control frames.
3.9. Use of TLS 3.9. Use of TLS
TLS cannot be used at the XMPP sub-protocol layer because the sub- Transport Layer Security (TLS) cannot be used at the XMPP subprotocol
protocol does not allow for raw binary data to be sent. Instead, layer because the subprotocol does not allow for raw binary data to
when TLS is used, it MUST be enabled at the WebSocket layer using be sent. Instead, when TLS is used, it MUST be enabled at the
secure WebSocket connections via the 'wss' URI scheme. (See WebSocket layer using secure WebSocket connections via the 'wss' URI
Section 10.6 of [RFC6455].) scheme. (See Section 10.6 of [RFC6455].)
Because TLS is to be provided outside of the XMPP subprotocol layer,
Because TLS is to be provided outside of the XMPP sub-protocol layer,
a server MUST NOT advertise TLS as a stream feature (see Section 4.6 a server MUST NOT advertise TLS as a stream feature (see Section 4.6
of [RFC6120]) when using the XMPP sub-protocol. Likewise, a client of [RFC6120]) when using the XMPP subprotocol. Likewise, a client
MUST ignore any advertised TLS stream feature when using the XMPP MUST ignore any advertised TLS stream feature when using the XMPP
sub-protocol. subprotocol.
3.10. Stream Management 3.10. Stream Management
In order to alleviate the problems of temporary disconnections, the In order to alleviate the problems of temporary disconnections, the
client MAY use the XMPP Stream Management extension [XEP-0198] to client MAY use the XMPP Stream Management extension [XEP-0198] to
confirm when stanzas have been received by the server. confirm when stanzas have been received by the server.
In particular, the client MAY use session resumption in [XEP-0198] to In particular, the client MAY use session resumption as described in
recreate the same stream session state after a temporary network [XEP-0198] to recreate the same stream session state after a
unavailability or after navigating to a new URL in a browser. temporary network unavailability or after navigating to a new URL in
a browser.
4. Discovering the WebSocket Connection Method 4. Discovering the WebSocket Connection Method
Section 3 of [RFC6120] defines a procedure for connecting to an XMPP Section 3 of [RFC6120] defines a procedure for connecting to an XMPP
server, including ways to discover the TCP/IP address and port of the server, including ways to discover the TCP/IP address and port of the
server using Domain Name System service (DNS SRV) records [RFC2782]. server using Domain Name System service (DNS SRV) records [RFC2782].
When using the WebSocket binding as specified in this document When using the WebSocket binding as specified in this document
(instead of the TCP binding as specified in [RFC6120]), a client (instead of the TCP binding as specified in [RFC6120]), a client
needs an alternative way to discover information about the server's needs an alternative way to discover information about the server's
connection methods, since web browsers and other WebSocket-capable connection methods, since web browsers and other WebSocket-capable
software applications typically cannot obtain such information from software applications typically cannot obtain such information from
the DNS. the DNS.
The alternative lookup process uses Web Host Metadata [RFC6415] and The alternative lookup process uses Web-host Metadata [RFC6415] and
Web Linking [RFC5988], where the link relation type is "urn:xmpp:alt- Web Linking [RFC5988], where the link relation type is
connections:websocket" as described in Discovering Alternate XMPP "urn:xmpp:alt-connections:websocket" as described in "Discovering
Connection Methods [XEP-0156]. Conceptually, the host-meta lookup Alternative XMPP Connection Methods" [XEP-0156]. Conceptually, the
process used for the WebSocket binding is analogous to the DNS SRV host-meta lookup process used for the WebSocket binding is analogous
lookup process used for the TCP binding. The process is as follows. to the DNS SRV lookup process used for the TCP binding. The process
is as follows.
1. Send a request over secure HTTP to the path "/.well-known/host- 1. Send a request over secure HTTP to the path
meta" at an HTTP origin [RFC6454] that matches the XMPP service "/.well-known/host-meta" at an HTTP origin [RFC6454] that matches
domain (e.g., a URL of "https://im.example.org/.well-known/host- the XMPP service domain (e.g., a URL of
meta" if the XMPP service domain is "im.example.org"). "https://im.example.org/.well-known/host-meta" if the XMPP
service domain is "im.example.org").
2. Retrieve a host-meta document specifying a link relation type of 2. Retrieve a host-meta document specifying a link relation type of
"urn:xmpp:alt-connections:websocket", such as: "urn:xmpp:alt-connections:websocket", such as:
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Link rel="urn:xmpp:alt-connections:websocket" <Link rel="urn:xmpp:alt-connections:websocket"
href="wss://im.example.org:443/ws" /> href="wss://im.example.org:443/ws" />
</XRD> </XRD>
Servers MAY expose discovery information using host-meta documents, Servers MAY expose discovery information using host-meta documents,
and clients MAY use such information to determine the WebSocket and clients MAY use such information to determine the WebSocket
endpoint for a server. endpoint for a server.
In cases where the XMPP service domain does not match the discovered In cases where the XMPP service domain does not match the discovered
web origin of the WebSocket endpoint, the Web-host metadata SHOULD be web origin of the WebSocket endpoint, the Web-host Metadata SHOULD be
used to establish trust between the XMPP server domain and the used to establish trust between the XMPP server domain and the
WebSocket endpoint as long as the host-meta request and response WebSocket endpoint as long as the host-meta request and response
occurred over secure HTTP; this is especially relevant in multi- occurred over secure HTTP; this is especially relevant in multi-
tenant situations where the same WebSocket endpoint is serving tenant situations where the same WebSocket endpoint is serving
multiple XMPP domains (e.g., the XMPP service domains for both multiple XMPP domains (e.g., the XMPP service domains for both
"example.com" and "im.example.org" might be serviced by the same "example.com" and "im.example.org" might be serviced by the same
WebSocket endpoint at "hosting.example.net"). See Section 6 for WebSocket endpoint at "hosting.example.net"). See Section 6 for
related discussion. related discussion.
5. IANA Considerations 5. IANA Considerations
5.1. WebSocket Subprotocol Name 5.1. WebSocket Subprotocol Name
This specification requests IANA to register the WebSocket XMPP sub- IANA has registered the WebSocket XMPP subprotocol in the "WebSocket
protocol under the "WebSocket Subprotocol Name" Registry with the Subprotocol Name Registry", with the following data:
following data:
Subprotocol Identifier: xmpp Subprotocol Identifier: xmpp
Subprotocol Common Name: WebSocket Transport for the Extensible Subprotocol Common Name: WebSocket Transport for the Extensible
Messaging and Presence Protocol (XMPP) Messaging and Presence Protocol (XMPP)
Subprotocol Definition: this document Subprotocol Definition: this document
5.2. URN Sub-Namespace 5.2. URN Sub-namespace
A URN sub-namespace for framing of Extensible Messaging and Presence A URN sub-namespace for framing of Extensible Messaging and Presence
Protocol (XMPP) streams is defined as follows. Protocol (XMPP) streams is defined as follows.
URI: urn:ietf:params:xml:ns:xmpp-framing URI: urn:ietf:params:xml:ns:xmpp-framing
Specification: this document Specification: this document
Description: This is the XML namespace name for framing of Description: This is the XML namespace name for framing of
Extensible Messaging and Presence Protocol (XMPP) streams as Extensible Messaging and Presence Protocol (XMPP) streams as
defined by RFC XXXX. defined by RFC 7395.
Registrant Contact: IESG <iesg@ietf.org> Registrant Contact: IESG <iesg@ietf.org>
6. Security Considerations 6. Security Considerations
The WebSocket binding for XMPP differs in several respects from the The WebSocket binding for XMPP differs in several respects from the
TCP binding defined in [RFC6120]: TCP binding defined in [RFC6120]:
1. As described under Section 4 of this document, the method for 1. As described in Section 4 of this document, the method for
discovering a connection endpoint does not use DNS SRV records as discovering a connection endpoint does not use DNS SRV records as
in the TCP binding, but instead uses Web Host Metadata files in the TCP binding but instead uses Web-host Metadata files
retrieved via HTTPS from a URL at the XMPP service domain. From retrieved via HTTPS from a URL at the XMPP service domain. From
a security standpoint, this is functionally equivalent to a security standpoint, this is functionally equivalent to
resolution via DNS SRV records (and still relies on the DNS for resolution via DNS SRV records (and still relies on the DNS for
resolution of the XMPP source domain). resolution of the XMPP source domain).
2. The method for authenticating a connection endpoint uses TLS 2. The method for authenticating a connection endpoint uses TLS
(typically with PKIX certificates) as in the TCP binding, but the (typically with PKIX certificates) as in the TCP binding, but the
identity to be authenticated is the connection endpoint address identity to be authenticated is the connection endpoint address
instead of the XMPP service domain; delegation from the XMPP instead of the XMPP service domain; delegation from the XMPP
service domain to the connection endpoint address (if any) is service domain to the connection endpoint address (if any) is
accomplished via the discovery method described under Section 4. accomplished via the discovery method described in Section 4.
Thus the connection endpoint is still authenticated, and the Thus, the connection endpoint is still authenticated, and the
delegation is secure as long as the Web Host Metadata file is delegation is secure as long as the Web-host Metadata file is
retrieved via HTTPS. However, note that in practice this option retrieved via HTTPS. However, note that, in practice, this
might not be employed when user agents are configured or deployed option might not be employed when user agents are configured or
for a particular delegated domain. deployed for a particular delegated domain.
3. The framing method described under Section 3.3 follows the 3. The framing method described in Section 3.3 follows the WebSocket
WebSocket pattern by sending one top-level XML element per pattern by sending one top-level XML element per WebSocket
WebSocket message, instead of using streaming XML as in the TCP message, instead of using streaming XML as in the TCP binding.
binding. However, the framing method has no impact on the However, the framing method has no impact on the security
security properties of an XMPP session (e.g., end-to-end properties of an XMPP session (e.g., end-to-end encryption of XML
encryption of XML stanzas can be accomplished just as easily with stanzas can be accomplished just as easily with WebSocket framing
WebSocket framing as with streaming XML). as with streaming XML).
4. In all other respects (e.g., user authentication via SASL, 4. In all other respects (e.g., user authentication via SASL,
allowable characters in XMPP addresses, and re-use of various allowable characters in XMPP addresses, and reuse of various
technologies such as Base 64, SASL mechanisms, UTF-8, and XML), technologies such as Base 64, SASL mechanisms, UTF-8, and XML),
the WebSocket binding does not differ from the TCP binding, and the WebSocket binding does not differ from the TCP binding and,
thus does not modify the security properties of the protocol. In thus, does not modify the security properties of the protocol.
all these respects, the security considerations of [RFC6120] In all these respects, the security considerations of [RFC6120]
apply directly to the WebSocket binding. apply directly to the WebSocket binding.
In order to ensure that communications over the WebSocket binding are In order to ensure that communications over the WebSocket binding are
as secure as communications over the TCP binding, an operator needs as secure as communications over the TCP binding, an operator needs
to (1) serve the Web Host Metadata file for the XMPP service domain to (1) serve the Web-host Metadata file for the XMPP service domain
over secure HTTP ('https' URIs) only, (2) configure the WebSocket over secure HTTP ('https' URIs) only, (2) configure the WebSocket
connection endpoint to use Transport Layer Security ('wss' URIs) connection endpoint to use TLS ('wss' URIs) only, and (3) deploy
only, and (3) deploy certificates that properly identify the XMPP certificates that properly identify the XMPP service domain and
service domain and WebSocket connection endpoint for usages (1) and WebSocket connection endpoint for usages (1) and (2), respectively.
(2), respectively.
Since application level TLS cannot be used (see Section 3.9), Since application-level TLS cannot be used (see Section 3.9),
applications need to protect the privacy of XMPP traffic at the applications need to protect the privacy of XMPP traffic at the
WebSocket or other appropriate layer. WebSocket or other appropriate layer.
Browser-based applications are not able to inspect and verify, at the Browser-based applications are not able to inspect and verify, at the
application layer, the certificate used for the WebSocket connection application layer, the certificate used for the WebSocket connection
to ensure that it corresponds to the domain specified as the 'to' to ensure that it corresponds to the domain specified as the 'to'
address of the XMPP stream. There are two cases: address of the XMPP stream. There are two cases:
1. If the XMPP service domain matches the origin for the WebSocket 1. If the XMPP service domain matches the origin for the WebSocket
connection, the relevant check is already performed by the connection, the relevant check is already performed by the
browser. For example, the XMPP service domain might be browser. For example, the XMPP service domain might be
"foo.example" and the WebSocket endpoint discovered for the link "foo.example", and the WebSocket endpoint discovered for the link
relation type of "urn:xmpp:alt-connections:websocket" might be relation type of "urn:xmpp:alt-connections:websocket" might be
"wss://foo.example/websocket". As long as the certificate "wss://foo.example/websocket". As long as the certificate
provided over WebSocket or HTTPS is verified according to the provided over WebSocket or HTTPS is verified according to the
rules defined for secure HTTP [RFC2818], then the browser will rules defined for secure HTTP [RFC2818], then the browser will
report the successful establishment of a secure connection to the report the successful establishment of a secure connection to the
application. (However, as noted, the application is still not application. (However, as noted, the application is still not
able to independently inspect and verify the certificate, and able to independently inspect and verify the certificate, and
needs to trust the browser; this is a limitation of existing needs to trust the browser; this is a limitation of existing
browser technologies, and thus cannot be worked around by browser technologies and thus cannot be worked around by
WebSocket applications.) WebSocket applications.)
2. In situations where the user agent has to deal with delegation 2. In situations where the user agent has to deal with delegation
and the domain of the XMPP server does not match the web origin and the domain of the XMPP server does not match the web origin
of the WebSocket endpoint (such as multi-tenant hosting of the WebSocket endpoint (such as multi-tenant hosting
situations), the host-meta process described under Section 4 situations), the host-meta process described in Section 4 SHOULD
SHOULD be used to delegate trust from the XMPP server domain to be used to delegate trust from the XMPP server domain to the
the WebSocket origin, as long as the host-meta request and WebSocket origin, as long as the host-meta request and response
response occurred over secure HTTP (with appropriate certificate occurred over secure HTTP (with appropriate certificate
verification as defined in [RFC2818]). verification as defined in [RFC2818]).
When presented with a new WebSocket endpoint via the 'see-other-uri' When presented with a new WebSocket endpoint via the 'see-other-uri'
attribute of a <close/> element, clients MUST NOT accept the attribute of a <close/> element, clients MUST NOT accept the
suggestion if the security context of the new endpoint is lower than suggestion if the security context of the new endpoint is lower than
the current one in order to prevent downgrade attacks from a 'wss://' the current one in order to prevent downgrade attacks from a 'wss://'
endpoint to 'ws://'. endpoint to 'ws://'.
The Security Considerations for both WebSocket (see Section 10 of The security considerations for both WebSocket (see Section 10 of
[RFC6455]) and XMPP (see Section 13 of [RFC6120]) apply to the [RFC6455]) and XMPP (see Section 13 of [RFC6120]) apply to the
WebSocket XMPP sub-protocol. WebSocket XMPP subprotocol.
7. References 7. References
7.1. Normative References 7.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
[RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000,
<http://www.rfc-editor.org/info/rfc2818>.
[RFC5988] Nottingham, M., "Web Linking", RFC 5988, October 2010. [RFC5988] Nottingham, M., "Web Linking", RFC 5988, October 2010,
<http://www.rfc-editor.org/info/rfc5988>.
[RFC6120] Saint-Andre, P., "Extensible Messaging and Presence [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence
Protocol (XMPP): Core", RFC 6120, March 2011. Protocol (XMPP): Core", RFC 6120, March 2011,
<http://www.rfc-editor.org/info/rfc6120>.
[RFC6415] Hammer-Lahav, E. and B. Cook, "Web Host Metadata", RFC [RFC6415] Hammer-Lahav, E. and B. Cook, "Web Host Metadata", RFC
6415, October 2011. 6415, October 2011,
<http://www.rfc-editor.org/info/rfc6415>.
[RFC6455] Fette, I. and A. Melnikov, "The WebSocket Protocol", RFC [RFC6455] Fette, I. and A. Melnikov, "The WebSocket Protocol", RFC
6455, December 2011. 6455, December 2011,
<http://www.rfc-editor.org/info/rfc6455>.
7.2. Informative References 7.2. Informative References
[RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
specifying the location of services (DNS SRV)", RFC 2782, specifying the location of services (DNS SRV)", RFC 2782,
February 2000. February 2000, <http://www.rfc-editor.org/info/rfc2782>.
[RFC6121] Saint-Andre, P., "Extensible Messaging and Presence [RFC6121] Saint-Andre, P., "Extensible Messaging and Presence
Protocol (XMPP): Instant Messaging and Presence", RFC Protocol (XMPP): Instant Messaging and Presence", RFC
6121, March 2011. 6121, March 2011,
<http://www.rfc-editor.org/info/rfc6121>.
[RFC6202] Loreto, S., Saint-Andre, P., Salsano, S., and G. Wilkins, [RFC6202] Loreto, S., Saint-Andre, P., Salsano, S., and G. Wilkins,
"Known Issues and Best Practices for the Use of Long "Known Issues and Best Practices for the Use of Long
Polling and Streaming in Bidirectional HTTP", RFC 6202, Polling and Streaming in Bidirectional HTTP", RFC 6202,
April 2011. April 2011, <http://www.rfc-editor.org/info/rfc6202>.
[RFC6454] Barth, A., "The Web Origin Concept", RFC 6454, December [RFC6454] Barth, A., "The Web Origin Concept", RFC 6454,
2011. December 2011, <http://www.rfc-editor.org/info/rfc6454>.
[XEP-0124] [XEP-0124] Paterson, I., Smith, D., Saint-Andre, P., Moffitt, J.,
Paterson, I., Smith, D., Saint-Andre, P., Moffitt, J., and Stout, L., and W. Tilanus, "Bidirectional-streams Over
L. Stout, "Bidirectional-streams Over Synchronous HTTP Synchronous HTTP (BOSH)", XSF XEP 0124, April 2014.
(BOSH)", XSF XEP 0124, November 2013.
[XEP-0156] [XEP-0156] Hildebrand, J., Saint-Andre, P., and L. Stout,
Hildebrand, J., Saint-Andre, P., and L. Stout, "Discovering Alternative XMPP Connection Methods",
"Discovering Alternative XMPP Connection Methods", XSF XEP XSF XEP 0156, January 2014.
0156, January 2014.
[XEP-0198] [XEP-0198] Karneges, J., Saint-Andre, P., Hildebrand, J., Forno, F.,
Karneges, J., Saint-Andre, P., Hildebrand, J., Forno, F., Cridland, D., and M. Wild, "Stream Management",
Cridland, D., and M. Wild, "Stream Management", XSF XEP XSF XEP 0198, June 2011.
0198, June 2011.
[XEP-0199] [XEP-0199] Saint-Andre, P., "XMPP Ping", XSF XEP 0199, June 2009.
Saint-Andre, P., "XMPP Ping", XSF XEP 0199, June 2009.
[XEP-0206] [XEP-0206] Paterson, I., Saint-Andre, P., Stout, L., and W. Tilanus,
Paterson, I., Saint-Andre, P., and L. Stout, "XMPP Over "XMPP Over BOSH", XSF XEP 0206, April 2014.
BOSH", XSF XEP 0206, November 2013.
[XML-SCHEMA] [XML-SCHEMA]
Thompson, H., Maloney, M., Mendelsohn, N., and D. Beech, Thompson, H., Beech, D., Maloney, M., and N. Mendelsohn,
"XML Schema Part 1: Structures Second Edition", World Wide "XML Schema Part 1: Structures Second Edition", World Wide
Web Consortium Recommendation REC-xmlschema-1-20041028, Web Consortium Recommendation REC-xmlschema-1-20041028,
October 2004, October 2004,
<http://www.w3.org/TR/2004/REC-xmlschema-1-20041028>. <http://www.w3.org/TR/2004/REC-xmlschema-1-20041028>.
Appendix A. Acknowledgements Appendix A. XML Schema
The authors wish to thank the following individuals for their
feedback: Andreas Guth, Bjoern Hoerhmann, Dave Cridland, Florian
Zeitz, Kurt Zeilenga, Matt Miller, Matthew Wild, Paul Aurich, Sergey
Dobrov, Waqas Hussain.
Dan Romascanu reviewed the document on behalf of the General Area
Review Team.
During IESG review, Barry Leiba Benoit Claise, Dan Romasanu, Jari
Arkko, Juergen Schoenwaelder, Spencer Dawkins, Stephen Farrell, Ted
Lemon, Kathleen Moriarty, Pete Resnick caught several issues that
needed to be addressed.
The authors gratefully acknowledge the assistance of Peter Saint-
Andre as document shepherd, Ben Campbell and Joe Hildebrand as the
working group chairs, and Richard Barnes as the sponsoring Area
Director.
Appendix B. XML Schema
The following schema formally defines the 'urn:ietf:params:xml:ns The following schema formally defines the
:xmpp-framing' namespace used in this document, in conformance with 'urn:ietf:params:xml:ns:xmpp-framing' namespace used in this
W3C XML Schema [XML-SCHEMA]. Because validation of XML streams and document, in conformance with W3C XML Schema [XML-SCHEMA]. Because
stanzas is optional, this schema is not normative and is provided for validation of XML streams and stanzas is optional, this schema is not
descriptive purposes only. normative and is provided for descriptive purposes only.
<?xml version='1.0' encoding='UTF-8'?> <?xml version='1.0' encoding='UTF-8'?>
<xs:schema <xs:schema
xmlns:xs='http://www.w3.org/2001/XMLSchema' xmlns:xs='http://www.w3.org/2001/XMLSchema'
targetNamespace='urn:ietf:params:xml:ns:xmpp-framing' targetNamespace='urn:ietf:params:xml:ns:xmpp-framing'
xmlns='urn:ietf:params:xml:ns:xmpp-framing' xmlns='urn:ietf:params:xml:ns:xmpp-framing'
elementFormDefault='unqualified'> elementFormDefault='unqualified'>
<xs:element name='open'> <xs:element name='open'>
<xs:complexType> <xs:complexType>
<xs:simpleContent> <xs:simpleContent>
<xs:extension base='empty'> <xs:extension base='empty'>
skipping to change at page 17, line 10 skipping to change at page 17, line 33
</xs:element> </xs:element>
<xs:simpleType name='empty'> <xs:simpleType name='empty'>
<xs:restriction base='xs:string'> <xs:restriction base='xs:string'>
<xs:enumeration value=''/> <xs:enumeration value=''/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>
</xs:schema> </xs:schema>
Acknowledgements
The authors wish to thank the following individuals for their
feedback: Andreas Guth, Bjoern Hoerhmann, Dave Cridland, Florian
Zeitz, Kurt Zeilenga, Matt Miller, Matthew Wild, Paul Aurich, Sergey
Dobrov, and Waqas Hussain.
Dan Romascanu reviewed the document on behalf of the General Area
Review Team.
During IESG review, Barry Leiba, Benoit Claise, Dan Romascanu, Jari
Arkko, Juergen Schoenwaelder, Spencer Dawkins, Stephen Farrell, Ted
Lemon, Kathleen Moriarty, and Pete Resnick caught several issues that
needed to be addressed.
The authors gratefully acknowledge the assistance of Peter Saint-
Andre as document shepherd, Ben Campbell and Joe Hildebrand as the
working group chairs, and Richard Barnes as the sponsoring Area
Director.
Authors' Addresses Authors' Addresses
Lance Stout (editor) Lance Stout (editor)
&yet &yet
Email: lance@andyet.net EMail: lance@andyet.net
Jack Moffitt Jack Moffitt
Mozilla Mozilla
Email: jack@metajack.im EMail: jack@metajack.im
Eric Cestari Eric Cestari
cstar industries cstar industries
Email: eric@cstar.io EMail: eric@cstar.io
 End of changes. 90 change blocks. 
233 lines changed or deleted 232 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/