XML
Click on the red underlined text to get to the source
... connections from or sessions for other entities, in the
form of XML streams (Section 4) to and from authorized clients,
servers, and other entities
...
...
o to route appropriately-addressed XML stanzas (Section 9) among
such entities over XML streams
...
... route appropriately-addressed XML stanzas (Section 9) among
such entities over XML streams
Most XMPP ...
... XMPP-based instant messaging and presence applications); in
this case, the XML data is processed directly by the server itself on
behalf of the client ...
... addressing standards. Communications between any two servers are
OPTIONAL. If enabled, such communications SHOULD occur over XML
streams that are bound to [TCP] connections. The RECOMMENDED port ...
... network gateway or "primary" server to
which other entities connect for XML routing and data management
capabilities. However, the entity ...
... XML Streams ...
... asynchronous
exchange of relatively small payloads of structured information
between presence-aware entities: XML streams and XML stanzas. These
terms are defined as follows:
...
... payloads of structured information
between presence-aware entities: XML streams and XML stanzas. These
terms are defined as follows:
...
... terms are defined as follows:
Definition of XML Stream: An XML stream is a container for the
exchange of XML elements ...
...
Definition of XML Stream: An XML stream is a container for the
exchange of XML elements between any two entities over a network ...
... XML Stream: An XML stream is a container for the
exchange of XML elements between any two entities over a network.
The start ...
... start of an XML stream is denoted unambiguously by an opening
XML <stream> tag (with appropriate attributes and namespace ...
... tag (with appropriate attributes and namespace
declarations), while the end of the XML stream is denoted
unambiguously by a closing XML </stream ...
... declarations), while the end of the XML stream is denoted
unambiguously by a closing XML </stream> tag. During the life of
...
... stream, the entity that initiated it can send an unbounded
number of XML elements over the stream, either elements used to
...
... TLS (Section 5) or
use of SASL (Section 6)) or XML stanzas (as defined herein,
<message/>, <presence/>, or <iq/> elements qualified by the
...
...
Definition of XML Stanza: An XML stanza is a discrete semantic unit
of structured information that is sent from one entity ...
... of structured information that is sent from one entity to another
over an XML stream. An XML stanza exists at the direct child
level of the root ...
... entity to another
over an XML stream. An XML stanza exists at the direct child
level of the root <stream ...
... element start tag at depth=1 of the XML stream (e.g., <presence>),
and the end of any XML stanza is denoted unambiguously by the
...
... tag at depth=1 of the XML stream (e.g., <presence>),
and the end of any XML stanza is denoted unambiguously by the
corresponding close tag at depth=1 (e.g., </presence>). An XML
stanza ...
... XML stanza is denoted unambiguously by the
corresponding close tag at depth=1 (e.g., </presence>). An XML
stanza MAY contain child elements (with accompanying attributes,
elements ...
... elements (with accompanying attributes,
elements, and XML character data) as necessary in order to convey
the desired information. The only XML stanzas defined herein are
...
... elements, and XML character data) as necessary in order to convey
the desired information. The only XML stanzas defined herein are
the <message/>, <presence/>, and <iq/> elements qualified by the
...
... default namespace for the stream, as described under XML Stanzas
(Section 9); an XML element sent for the purpose of Transport
Layer Security ...
... stream, as described under XML Stanzas
(Section 9); an XML element sent for the purpose of Transport
Layer Security (TLS) negotiation ...
... negotiation (Section 6),
or server dialback (Section 8) is not considered to be an XML
stanza.
Consider the example of a client ...
... session with a server. In order
to connect to a server, a client MUST initiate an XML stream by
sending an opening <stream> tag ...
... tag to the server, optionally preceded by
a text declaration specifying the XML version and the character
encoding supported (see Inclusion of Text Declaration (Section 11.4);
...
... service provisioning, the server SHOULD then reply with
a second XML stream back to the client, again optionally preceded by
a text declaration ...
... SASL negotiation
(Section 6), the client MAY send an unbounded number of XML stanzas
over the stream to any recipient on the network ...
... TCP connection) as well.
Those who are accustomed to thinking of XML in a document-centric
manner may wish to view a client's session ...
... session with a server as
consisting of two open-ended XML documents: one from the client to
the server and one from the server to the client. From this
...
... document entity for each "document", and the two "documents" are
built up through the accumulation of XML stanzas sent over the two
XML streams. However, this perspective is a convenience only; XMPP ...
... built up through the accumulation of XML stanzas sent over the two
XML streams. However, this perspective is a convenience only; XMPP
does not deal in documents but in XML streams ...
... XML streams. However, this perspective is a convenience only; XMPP
does not deal in documents but in XML streams and XML stanzas.
...
... XMPP
does not deal in documents but in XML streams and XML stanzas.
In essence, then, an XML stream ...
... XML stanzas.
In essence, then, an XML stream acts as an envelope for all the XML
stanzas sent during a session. We can represent this in a simplistic
...
...
In essence, then, an XML stream acts as an envelope for all the XML
stanzas sent during a session. We can represent this in a simplistic
fashion as follows:
...
... client to
share a single TCP connection for XML stanzas sent from client to
server and from server to client ...
... context of server-to-server
communications, a server MUST use one TCP connection for XML stanzas
sent from the server to the peer and another TCP connection
...
... both directions MAY be established via mechanisms that provide mutual
authentication. An entity SHOULD NOT attempt to send XML Stanzas
(Section 9) over the stream before the stream ...
... and SHOULD return a <not-authorized/> stream error and then terminate
both the XML stream and the underlying TCP connection; note well that
this applies to XML stanzas ...
... XML stream and the underlying TCP connection; note well that
this applies to XML stanzas only (i.e., <message/>, <presence/>, and
<iq/> elements scoped by the default namespace ...
... <iq/> elements scoped by the default namespace) and not to XML
elements used for stream negotiation (e.g., elements ...
... element are as follows:
o to -- The 'to' attribute SHOULD be used only in the XML stream
header from the initiating entity ...
... receiving entity. There
SHOULD NOT be a 'to' attribute set in the XML stream header by
which the receiving ...
... entity.
o from -- The 'from' attribute SHOULD be used only in the XML stream
header from the receiving ...
... granting access to the initiating entity. There SHOULD NOT be a
'from' attribute on the XML stream header sent from the initiating
entity ...
... entity.
o id -- The 'id' attribute SHOULD be used only in the XML stream
header from the receiving ...
... randomness for security purposes). There SHOULD NOT be an 'id'
attribute on the XML stream header sent from the initiating entity
...
... language of any
human-readable XML character data it sends over that stream. If
the attribute is included, the receiving ...
... Stream Errors (Section 4.7)), as well as
the semantics of the three defined XML stanza types (<message/>,
<presence/>, and <iq/>). The numbering scheme for XMPP versions ...
... namespace declaration (as "namespace declaration" is
defined in the XML namespaces specification [XML-NAMES]). For
detailed information regarding the streams namespace ...
... namespace
o MAY contain a <text/> child containing XML character data that
describes the error in more detail; this element MUST be qualified
...
... xml:lang' attribute specifying the natural language of
the XML character data
o MAY contain a child element ...
...
o <bad-format/> -- the entity has sent XML that cannot be processed;
this error MAY be used instead of the more specific XML-related
...
... entity has sent XML that cannot be processed;
this error MAY be used instead of the more specific XML-related
errors, such as <bad-namespace-prefix ...
...
o <invalid-xml/> -- the entity has sent invalid XML over the stream
to a server that performs validation ...
... o <restricted-xml/> -- the entity has attempted to send restricted
XML features such as a comment, processing instruction, DTD,
entity ...
... MUST be a valid domain identifier) as the XML character data of
the <see-other-host/> element ...
... o <xml-not-well-formed/> -- the initiating entity has sent XML that
is not well-formed as defined by [XML ...
... TCP connection and initiates the
stream by sending the opening XML stream header to the receiving
...
... entity responds by opening a TCP connection and
sending an XML stream header to the initiating entity, including
...
... occurs, the receiving entity MUST terminate both the XML stream
and the underlying TCP connection. If the proceed case occurs,
...
... TLS negotiation over
the TCP connection and MUST NOT send any further XML data until
the TLS negotiation is complete.
...
... entity MUST initiate a new stream by
sending an opening XML stream header to the receiving entity ...
... the receiving entity MUST respond by sending a new XML stream
header to the initiating entity ...
... connection-based protocols, and XMPP
uses a generic XML namespace profile for SASL that conforms to the
...
... security layer byte precision.
5. Any XML character data contained within the XML elements used
during SASL negotiation ...
...
5. Any XML character data contained within the XML elements used
during SASL negotiation MUST be encoded using base64 ...
... authentication by including
the 'version' attribute in the opening XML stream header sent to
the receiving ...
... entity, with the value set to "1.0".
2. After sending an XML stream header in reply, the receiving entity ...
... value for the 'mechanism' attribute. This element MAY contain
XML character data (in SASL terminology, the "initial response")
if the mechanism supports or requires it; if the initiating
...
... entity; this element MAY contain XML character data (which MUST
be computed in accordance with the definition of the SASL
...
... entity; this element MAY contain XML character data (which MUST
be computed in accordance with the definition of the SASL
...
... entity; this element MAY contain XML character data (in SASL
terminology, "additional data with success") if required by the
...
... entity MUST initiate a new stream by sending an
opening XML stream header to the receiving entity ...
... receiving entity MUST respond by sending a
new XML stream header to the initiating entity, along with any
...
... initiation sequence: After the initiating entity provides an opening
XML stream header and the receiving entity ...
... element. Upon successful negotiation, both sides
consider the original XML stream to be closed and new stream
headers ...
... stanza of type "set" that contains the desired resource identifier
as the XML character data of a <resource/> element that is a child of
the <bind/> element ...
... resource binding step, the client attempts
to send an XML stanza other than an IQ stanza with a <bind/> child
qualified by the 'urn:ietf:params:xml:ns:xmpp-bind' namespace ...
... domain spoofing, thus making
it more difficult to spoof XML stanzas. Server dialback is not a
security mechanism ...
... Receiving Server MUST generate an <invalid-namespace/> stream
error condition and terminate both the XML stream and the underlying
TCP connection.
...
... namespace/> stream error condition
and terminate both the XML stream and the underlying TCP connection.
Note well that the Receiving Server ...
... Note well that the Receiving Server SHOULD reply but MAY silently
terminate the XML stream and underlying TCP connection depending on
security policies ...
... <host-unknown/> stream error condition and terminate both the XML
stream and the underlying TCP connection. If the value of the 'from'
address ...
... stream error condition for the new
connection and then terminate both the XML stream and the underlying
TCP connection related to the new request.
...
... namespace/> stream error condition
and terminate both the XML stream and the underlying TCP connection.
...
... namespace/> stream error condition and
terminate both the XML stream and the underlying TCP connection
between it and the Authoritative Server. If a stream error ...
... Receiving Server MUST generate a <remote-connection-failed/> stream
error condition and terminate both the XML stream and the underlying
TCP connection between it and the Originating Server ...
... a <host-unknown/> stream error condition and terminate both the XML
stream and the underlying TCP connection. If the value of the 'from'
address ...
... Receiving Server),
then the Authoritative Server MUST generate an <invalid-from/> stream
error condition and terminate both the XML stream and the underlying
TCP connection.
...
... Receiving Server MUST generate an <invalid-id/>
stream error condition and terminate both the XML stream and the
underlying TCP connection. If the value of the 'to' address ...
... host-unknown/> stream error
condition and terminate both the XML stream and the underlying TCP
connection. If the value of the 'from' address does not match the
...
... MUST generate an <invalid-from/> stream error condition and terminate
both the XML stream and the underlying TCP connection. After
returning the verification ...
... connection is invalid,
then the Receiving Server MUST terminate both the XML stream and the
underlying TCP connection. If the connection ...
... Originating Server and read by the Receiving Server;
before that, all XML stanzas sent to the Receiving Server SHOULD be
silently dropped.
...
... Originating Server, so that the Originating
Server can send, and the Receiving Server can accept, XML stanzas
over the "initial stream" (i.e., the stream ...
... dialback negotiation is successful, a server MUST verify that
all XML stanzas received from the other server include a 'from'
attribute and a 'to' attribute; if a stanza does not meet this
...
... addressing/> stream error condition and terminate both the
XML stream and the underlying TCP connection. Furthermore, a server
MUST verify that the 'from' attribute of stanzas ...
... MUST generate an <invalid-from/> stream error condition and terminate
both the XML stream and the underlying TCP connection. Both of these
checks help to prevent spoofing ...
... XML Stanzas ...
... SASL negotiation
(Section 6), and Resource Binding (Section 7) if necessary, XML
stanzas can be sent over the streams. Three kinds of XML stanza are
defined for the 'jabber ...
... (Section 6), and Resource Binding (Section 7) if necessary, XML
stanzas can be sent over the streams. Three kinds of XML stanza are
defined for the 'jabber:client ...
... stanza kinds,
are defined herein; more detailed information regarding the syntax of
XML stanzas in relation to instant messaging and presence
applications is provided in [XMPP-IM ...
... addressing/> stream error
condition and terminate both the XML stream and the underlying TCP
connection with the offending server.
...
...
If a client attempts to send an XML stanza for which the value of the
'from' attribute does not match one of the connected resources for
that entity ...
... to the client. If a client attempts to send an XML stanza over a
stream that is not yet authenticated ...
... Section 2.12 of [XML]) if the stanza contains XML character data that
is intended to be presented to a human user (as explained in RFC 2277 ...
... language of any such
human-readable XML character data, which MAY be overridden by the
'xml:lang' attribute of a specific child element ...
... SHOULD route or deliver it to the intended recipient (see Server
Rules for Handling XML Stanzas (Section 10) for general routing and
delivery ...
... route or deliver that
stanza to the intended recipient. See Server Rules for Handling XML
Stanzas (Section 10) for general routing and delivery rules related
...
... routing and delivery rules related
to XML stanzas, and [XMPP-IM] for presence-specific rules in the
context ...
... entity that generates an error stanza SHOULD include the
original XML sent so that the sender can inspect and, if
necessary, correct the XML ...
... XML sent so that the sender can inspect and, if
necessary, correct the XML before attempting to resend.
o An error stanza ...
... namespace.
o MAY contain a <text/> child containing XML character data that
describes the error in more detail; this element MUST be qualified
...
...
o <bad-request/> -- the sender has sent XML that is malformed or
that cannot be processed (e.g., an IQ stanza that includes an
...
... stanza MAY contain a new address in the
XML character data of the <gone/> element); the associated error
type SHOULD be "modify".
...
... Server Rules for Handling XML Stanzas ...
...
Compliant server implementations MUST ensure in-order processing of
XML stanzas between any two entities.
Beyond the requirement ...
...
XMPP is a simplified and specialized protocol for streaming XML
elements in order to exchange structured information in close to real
time. Because XMPP does not require the parsing of arbitrary and
...
... time. Because XMPP does not require the parsing of arbitrary and
complete XML documents, there is no requirement that XMPP needs to
...
... restrictions apply.
With regard to XML generation, an XMPP implementation MUST NOT inject
into an XML stream ...
... XML generation, an XMPP implementation MUST NOT inject
into an XML stream any of the following:
o comments (as defined in Section 2.5 of [XML ...
... characters MUST be escaped
With regard to XML processing, if an XMPP implementation receives
such restricted XML data ...
... XML processing, if an XMPP implementation receives
such restricted XML data, it MUST ignore the data.
...
... XML Namespace Names and Prefixes ...
... XML Namespaces [XML-NAMES] are used within all XMPP-compliant XML to
create strict boundaries of data ownership. The basic function of
...
... create strict boundaries of data ownership. The basic function of
namespaces is to separate different vocabularies of XML elements that
are structurally mixed together. Ensuring that XMPP-compliant XML ...
... XML elements that
are structurally mixed together. Ensuring that XMPP-compliant XML is
namespace-aware enables any allowable XML ...
... XML is
namespace-aware enables any allowable XML to be structurally mixed
with any data element within XMPP ...
... with any data element within XMPP. Rules for XML namespace names and
prefixes are defined in the following subsections.
...
...
A streams namespace declaration is REQUIRED in all XML stream
headers. The name of the streams namespace ...
...
A default namespace declaration is REQUIRED and is used in all XML
streams in order to define the allowable first-level children of the
root stream ...
... jabber:server' namespace, a server is not responsible for
validating the XML elements forwarded to a client or another server;
an implementation MAY choose to provide only validated ...
... validated data elements
but this is OPTIONAL (although an implementation MUST NOT accept XML
that is not well-formed). Clients ...
... send data which does not conform to the schemas, and SHOULD ignore
any non-conformant elements or attributes on the incoming XML stream.
Validation of XML streams ...
... XML stream.
Validation of XML streams and stanzas is OPTIONAL, and schemas are
included herein for descriptive purposes only.
...
... In addition to all defined requirements with regard to security, XML
usage, and internationalization, a server MUST support the following
...
... syntax and
semantics related to streams, TLS, SASL, and XML stanzas
In addition, a server MAY support the following core protocol ...
... considered compliant:
o XML streams (Section 4), including Use of TLS (Section 5), Use of
SASL ...
...
XML streams MUST be encoded in UTF-8 as specified under Character
Encoding (Section 11.5). As specified under Stream ...
... Character
Encoding (Section 11.5). As specified under Stream Attributes
(Section 4.4), an XML stream SHOULD include an 'xml:lang' attribute
that is treated as the default language ...
... xml:lang' attribute
that is treated as the default language for any XML character data
sent over the stream that is intended to be presented to a human
user ...
... stream that is intended to be presented to a human
user. As specified under xml:lang (Section 9.1.5), an XML stanza
SHOULD include an 'xml:lang' attribute if the stanza ...
... SHOULD include an 'xml:lang' attribute if the stanza contains XML
character data that is intended to be presented to a human user. A
server SHOULD apply the default 'xml:lang ...
... The TLS protocol for encrypting XML streams (defined under Use of TLS
(Section 5)) provides a reliable mechanism for helping to ensure the
...
...
The SASL protocol for authenticating XML streams (defined under Use
of SASL (Section 6)) provides a reliable mechanism for validating
...
... domain spoofing, thus making it
more difficult to spoof XML stanzas. It is not a mechanism for
authenticating, securing, or encrypting streams between servers as is
...
... XML Namespace Name for TLS Data ...
... XMPP) is defined as follows. (This namespace
name adheres to the format defined in The IETF XML Registry
[XML-REG ...
... tls
Specification: RFC 3920prop
Description: This is the XML namespace name for TLS-related data in
the Extensible Messaging and Presence Protocol ...
... XML Namespace Name for SASL Data ...
... Specification: RFC 3920prop
Description: This is the XML namespace name for SASL-related data in
the Extensible Messaging and Presence Protocol ...
... XML Namespace Name for Stream Errors ...
... Specification: RFC 3920prop
Description: This is the XML namespace name for stream-related error
data in the Extensible Messaging and Presence Protocol ...
... XML Namespace Name for Resource Binding ...
... Specification: RFC 3920prop
Description: This is the XML namespace name for resource binding in
the Extensible Messaging and Presence Protocol ...
... XML Namespace Name for Stanza Errors ...
... Specification: RFC 3920prop
Description: This is the XML namespace name for stanza-related error
data in the Extensible Messaging and Presence Protocol ...
... Bray, T., Paoli, J., Sperberg-McQueen, C., and E. Maler, "Extensible Markup Language (XML) 1.0 (2nd ed)", W3C REC-xml, October 2000, <http://www.w3.org/TR/REC-xml>. ...
... Bray, T., Hollander, D., and A. Layman, "Namespaces in XML", W3C REC-xml-names, January 1999, <http://www.w3.org/TR/REC-xml-names>. ...
... Appendix C. XML Schemas ...
...
The following XML schemas are descriptive, not normative. For
schemas defining the 'jabber:client ...
... Stream-related errors were handled in the Jabber community via XML
character data text in a <stream:error/> element. In XMPP ...
... specifying the language of human-readable text provided in XML
character data. XMPP specifies the use of the 'xml:lang' attribute
...