<remark><p>Defined handling of offline requests; specified localization of the title element and all labels; changed syntax of list of unacceptable fields; removed reason field from some examples; added confirmation message to initial negotiation; clarified the initial participating resources; removed id attributes.</p></remark>
<remark><p>Added language field; replaced secure field with security field; changed type of otr, XHTML and Chat State fields from boolean to list-single; added not-acceptable error; several clarifications.</p></remark>
<remark><p>Added continue field and optional terminate acknowledgement; specified renegotiation failure proceedure; added context to Introduction; changed unavailable presence handling; renamed logging field to otr.</p></remark>
<remark><p>Further described contexts in which chat session negotiation could be useful; added more examples; added reference to SIP RFC and explained basic mapping to SIP INVITE method; added XMPP Registrar considerations.</p></remark>
<p>The traditional model for one-to-one chat "sessions" in Jabber/XMPP is for a user to simply send a message to a contact without any formal negotiation of chat session parameters (e.g., see &xmppim;). This informal approach to initiation of a chat session is perfectly acceptable in many contexts, environments, and cultures. However, it may be desirable to formally request the chat and negotiate its parameters before beginning the chat session in some circumstances, such as:</p>
<li>Whenever parameters specific to a chat session must be agreed. e.g., security and privacy parameters (see &xep0116; and &xep0136;).</li>
<li>The parties are unknown to each other, have not exchanged presence, or have not discovered their respective capabilities via &xep0030; or &xep0115;.</li>
<li>When an XMPP-based system interfaces with a SIP-based system built on top of &rfc3261;. <note>In essence, a chat state negotiation request as specified herein is functionally equivalent to a SIP INVITE request, and acceptance of such a request is functionally equivalent to sending a SIP 200 OK response; see Section 17 of <cite>RFC 3261</cite>.</note></li>
<li>Within an organization or culture in which one would not simply begin chatting with another person (e.g., a superior) without first receiving permission to do so.</li>
<p>In order to initiate a negotiated chat session, the initiating party ("user") sends a &MESSAGE;<note>The &MESSAGE; stanza is used because the user does not necessarily know which of the contact's resources is most available (or indeed if the contact is online).</note> stanza to the receiving party ("contact") containing a <feature/> child qualified by the 'http://jabber.org/protocol/feature-neg' namespace. The &MESSAGE; stanza MUST NOT contain a &BODY; child element (as specified in &rfc3921;). The &MESSAGE; stanza type SHOULD be "normal" (either explicitly or by non-inclusion of the 'type' attribute). The stanza MUST contain a &THREAD; element for tracking purposes (where the newly-generated ThreadID is unique to the proposed session). The data form MUST contain a hidden FORM_TYPE field whose value is "http://jabber.org/protocol/chatneg" and MUST contain a boolean field named "accept". &BOOLEANNOTE; The inclusion of "otr" and "security" fields is also RECOMMENDED. Note: The options within any 'list-single' fields SHOULD appear in order of preference.</p>
<p>Note: Chat sessions may be conducted between entities who are never online at the same time. However, if the user is interested only in an <em>immediate</em> chat session then the user SHOULD instruct the contact's server not to store the message for later delivery using the &xep0079; protocol.</p>
<p>In the following example of a negotiation request, Romeo requests a chat with Juliet and also queries her regarding whether she wants to enable all message logging (see &xep0136;) <note>A client MUST NOT set the 'otr' field to 'true' unless it has confirmed that its server will allow it to switch off Automated Archiving (see <cite>Message Archiving</cite>).</note> and support the &xep0071; and &xep0085; extensions during this chat session. He also requires that they are both connected securely to their servers, and asks which language she prefers amoungst those he can write. (Note: These fields are examples only; a full set of chat session negotiation parameters will be registered as described in the <linkurl='#registrar'>XMPP Registrar Considerations</link> section of this document.)</p>
<p>The user MAY request a session with a specific resource of the contact. However, if the user specifies no resource (or if the specified resource is not available), then the contact's server delivers the request to the contact's most available resource (which in the examples below happens to be "balcony"). If no resource is available (and no <cite>Advanced Message Processing</cite> rule included in the request specifies otherwise) then the server MAY store the request for later delivery.</p>
</section2>
<section2topic='Accepting a Chat'anchor='new-accept'>
<p>If, upon reception of a user's chat session request, a contact finds that the request had been stored for later delivery, and if the contact is interested only in an <em>immediate</em> chat session, then it SHOULD initiate a new chat session negotiation (including a newly-generated ThreadID) instead of responding to the user's request. Note: Sending any response to the user's original request would leak presence information since it would divulge the fact that the contact had been offline rather than just ignoring the user.</p>
<p>In any response to the user's request, the contact's client MUST mirror the &THREAD; value so that the user's client can correctly track the response.</p>
<p>If the request is accepted then the client MUST include in its response values for all the fields that the request indicated are required. If the contact's client does not support one of the default values or if the contact has disabled its support (as for Chat State Notifications and XHTML formatting in the example below), and the client can still accept the request, then it MUST set that field to a value that it can support.</p>
<p>Note: Both entities MUST assume the session is being established with the resource of the contact that sends the reply, even if the user sent its request to a different resource of the contact.</p>
</section2>
<section2topic='Rejecting a Chat'anchor='new-reject'>
<p>If the contact does not want to reveal presence to the user for whatever reason then the contact's client SHOULD return no response or error (see <linkurl='#secure-leak'>Presence Leaks</link>). Also, if the contact is using a legacy client then it MAY not support returning any response or error. In both these cases the user MAY, proceed to send stanzas to the contact outside the context of a negotiated chat session.</p>
<p>However, if the contact simply prefers not to chat then the client SHOULD decline the invitation. The data form MUST contain the FORM_TYPE field and the "accept" field set to "0" or "false". It is RECOMMENDED that the form does not contain any other fields even if the request indicated they are required. The client MAY include a reason in the &BODY; child of the &MESSAGE; stanza:</p>
<p>If the contact's client does not support feature negotiation or does not support the "http://jabber.org/protocol/chatneg" FORM_TYPE, it SHOULD return a &unavailable; error:</p>
<p>If the contact's client does not support one or more of the <em>required</em> features, it SHOULD return a &feature; error, specifying the field(s) not implemented using the 'var' attribute of one or more <field/> child elements of a <feature/> child element of the <error/> scoped by the 'http://jabber.org/protocol/feature-neg' namespace:</p>
<p>If the contact's client supports <em>none</em> of the options for one or more <em>required</em> fields, it SHOULD return a ¬acceptable; error, specifying the field(s) with unsupported options using the 'var' attribute of one or more <field/> child elements of a <feature/> child element of the <error/> scoped by the 'http://jabber.org/protocol/feature-neg' namespace:</p>
<section2topic='Completing or Canceling the Negotitation'anchor='new-complete'>
<p>If the contact accepted the chat (see <linkurl='#new-accept'>Accepting a Chat</link>) then the user MUST either complete or cancel the session negotitation. If the contact chose an option other than the default (prefered) value for one or more of the fields, then instead of having the client accept the session automatically the user may prefer to review the values that the contact selected before confirming that the session is open. <note>See <cite>Encrypted Sessions</cite> for examples of other instances where the user might find the values submitted by the contact unacceptable.</note> In any case the user's client SHOULD verify that the selected values are acceptable before completing the session negotitation - and confirming that the chat session is open - by replying with a form with the form 'type' attribute set to 'result'. The form MUST contain the FORM_TYPE field and the "accept" field set to "1" or "true". It MAY contain the other fields received from the contact. The user MAY include other content (e.g., a &BODY; element) in the confirmation stanza:</p>
<examplecaption="User completes negotitation and confirms session is open"><![CDATA[
<p>Alternatively, if the user decides to cancel the session negotitation then the client MUST reply with a data form containing the FORM_TYPE field and the "accept" field set to "0" or "false":</p>
<p>Either party MAY ask to continue the session using another of its resources. The requesting party does this by submitting a form with a "continue" field containing the value of the new resource:</p>
<examplecaption="One party asks to switch session to another of its resources"><![CDATA[
<p>The requesting party SHOULD NOT send stanzas within the session from either resource until the other party has accepted the switch to the new resource.</p>
<p>The other client SHOULD accept the switch automatically since the requesting party might otherwise be unable to continue the session:</p>
<p>Once the other party has accepted the switch then all stanzas sent within the chat session MUST be to or from the new resource. Note: Both parties MUST ensure that they comply with all the other chat session negotiation parameters that were previously agreed for this session.</p>
<p>At any time during an existing chat session, either party MAY attempt to renegotiate the parameters of the session using the protocol described in <linkurl='#new'>Negotiating a New Chat Session</link>. The requesting party does this by sending a new &MESSAGE; stanza containing a feature negotiation form and a &THREAD; element with the <em>same</em> value as that of the existing chat session. Note: The "accept" field MUST NOT be included in a renegotiation form. The other fields MAY be different from the set of fields included in the initial session negotitation form.</p>
<p>The requesting party MAY continue to send stanzas within the session while it is waiting for the other party to either accept the parameters or report an error.</p>
<p>Note: Both parties MUST consider the renegotiation to be complete as soon as the parameter acceptance message has been sent (or received). Note: The requesting party SHOULD NOT send a renegotiation completion or cancelation message (see <linkurl='#new-complete'>Completing or Canceling the Negotitation</link>).</p>
<p>Note: Both parties MUST ensure that they continue to comply with all the chat session negotiation parameters that were not renegotiated but had previously been agreed for this session.</p>
<p>If the other party's client does not support one or more of the <em>required</em> features, it SHOULD return a &feature; error instead, while if it supports <em>none</em> of the options for one or more <em>required</em> fields, it SHOULD return a ¬acceptable; error instead (see <linkurl='#new-reject'>Rejecting a Chat</link>). Note: In any of these cases the existing negotiated chat session parameters are maintained. Either party MAY choose to terminate the chat session only as specified in the section <linkurl='#terminate'>Terminating a Chat</link>.</p>
<p>In order to explicitly terminate a negotiated chat, the party that wishes to end the chat MUST do so by sending a &MESSAGE; containing a data form of type "submit". The &MESSAGE; stanza MUST contain a &THREAD; element with the same XML character data as the original initiation request. The data form containing a boolean field named "terminate" set to a value of "1" or "true".</p>
<examplecaption="One party terminates chat"><![CDATA[
<p>The other party's client MAY explicitly acknowledge the termination of the chat by sending a &MESSAGE; containing a data form of type "result", and the value of the "terminate" field set to "1" or "true". The client MUST mirror the &THREAD; value it received.</p>
<p>A client MAY require a human user to approve each chat session negotiation request, however it is RECOMMENDED that it accepts or rejects automatically as many requests as possible, based on a set of user-configurable policies (see <linkurl='#secure-leak'>Presence Leaks</link>).</p>
<p>Chat session negotiation sometimes requires the involvement of either or both human users, and if human input is required but the user is away then session establishment may be delayed indefinitely. So, in order to minimise the number of user interruptions and delays, clients SHOULD reuse existing chat sessions whenever possible. For example, a client SHOULD NOT terminate chat sessions unless the user is going offline, even if its user closes a chat window.</p>
<p>If a party receives an XMPP presence stanza of type "unavailable" from the full JID (&FULLJID;) of the other party (i.e., the resource with which it has had an active session) during a chat session, the receiving party SHOULD assume that the other client will still be able to continue the session (perhaps it simply became "invisible", or it is persisting the state of the negotiated chat until it reconnects and receives "offline" messages).</p>
<p>However, the receiving party MAY assume that the other client will <em>not</em> be able to continue the session. <note>In general, if a party is not subscribing to the other party's presence then it will never assume the other party is is unable to continue a session.</note> In that case it MUST explicitly terminate the session (see <linkurl='#terminate'>Terminating a Chat</link>) - since its assumption could be incorrect. If after terminating the session the receiving party later receives presence of type "available" from that same resource or another resource associated with the other party and the receiving party desires to restart the chat session, then it MUST initiate a new chat session (including a newly-generated ThreadID) with the other party. It MUST NOT renegotiate parameters for the terminated session. (Note: This is consistent with the handling of chat states as specified in <cite>XEP-0085</cite>.)</p>
<p>If a contact accepts a user's chat session negotiation request or returns an error to the user, the user will effectively discover the presence of the contact's resource. Due care must therefore be exercised in determining whether to accept the request or return an error. For examples, the contact's client SHOULD NOT <em>automatically</em> (i.e. without first asking the contact) either accept the user's request or return an error to the user unless the user is subscribing to the contact's presence (and the contact's presence is not currently "invisible" to the user). Note: There should be no need for the contact's client to consult the contact's block list, since if the user is on the list then the contact would not receive any request messages from the user anyway.</p>
<p>If a client is configured to show a request <form/> to a human user instead of responding automatically, the client SHOULD replace the content of the <title/> element and of all label attributes of the <field/> and <option/> elements with it's own localised versions before showing the form to the client - even if the form already appears to be in the correct language. Note: If a client fails to localize the form then a malicious contact might, for examples, either switch the labels on the 'security' and 'otr' fields, or use the <title/> to mislead the user regarding the identity of the contact.</p>
<p>&xep0068; defines a process for standardizing the fields used within Data Forms qualified by a particular namespace. The following fields shall be registered for use in Chat Session Negotiation:</p>