<remark>At the request of the JEP author, changed status to Retracted. This JEP will not be considered further by the Jabber Software Foundation and should not be used as a basis for implementations.</remark>
</revision>
<revision>
<version>0.4</version>
<date>2002-10-22</date>
<initials>lw</initials>
<remark>More restrictive on usage of "action" attributes; Reduced session information returned in most use-cases; Added action for retrieving session information; Added action for service ("proxy") invites</remark>
</revision>
<revision>
<version>0.3</version>
<date>2002-10-20</date>
<initials>lw</initials>
<remark>Complete overhaul (redesign to allow for peer-to-peer operation; reduced element-set; removed "session types"; reorganized into use-cases)</remark>
</revision>
<revision>
<version>0.2</version>
<date>2002-08-20</date>
<initials>lw</initials>
<remark>Added "detailed" description of OOB headers</remark>
</revision>
<revision>
<version>0.1</version>
<date>2002-08-14</date>
<initials>lw</initials>
<remark>Initial Release</remark>
</revision>
</header>
<section1topic='Overview'>
<section2topic='Introduction'>
<p>Distributing data out-of-band (OOB) to one or more end-points is a requirement for many Jabber clients. The Jabber OOB Broadcast Service (JOBS) is a mechanism to allow end-points to open uni-directional data streams between each other, on top of which any number of applications can be built <note>Possible applications include file transfer, audio/video streaming, and some gaming implementations.</note>.</p>
<p>The aim of this JEP is to define a process of connecting a sender to one or more receivers through a secondary TCP port.</p>
</section2>
<section2topic='Design Concepts'>
<p>As the name implies, JOBS is designed to enable multicast, uni-directional OOB connections. These connections are usually between a "sender" client, a JOBS "service", and one or more "receiver" clients. Each such set of connections is collectively called a session. JOBS is designed to allow a single service to handle multiple sessions over a single host/port combination.</p>
<p>To address a large number of typical uses efficiently, JOBS can multicast the data from a sender to multiple receivers. In order to keep the protcol as simple as possible, it only allows data to flow in one direction.</p>
<p>JOBS utilizes a "two-band" authentication mechanism. This allows the end-points to know practically nothing about each other, yet still be assured that the OOB connection is really to/from the Jabber entity its intended to be. The authentication system is then backed-up with explicit authorization requests.</p>
<p>For the OOB portion, clients connect to the host/address and port of the JOBS service for a given session. Once connected, a client-initiated handshake process occurs, and (if successful), then data is routed from the sender's connection to each receiver's connection. The only point at which any error information may be conveyed over the OOB connection is during the handshake process.</p>
<tablecaption='Terms in Use'>
<tr>
<th>Term</th>
<th>Description</th>
</tr>
<tr>
<td>OOB</td>
<td>Out-Of-Band. Any network connection that exists outside of the normal Jabber protocol traffic.</td>
</tr>
<tr>
<td>session</td>
<td>A session registered with a "server" for clients to connect to.</td>
</tr>
<tr>
<td>client</td>
<td>An end-point on a JOBS session.</td>
</tr>
<tr>
<td>service</td>
<td>The JOBS Jabber component/server.</td>
</tr>
<tr>
<td>server</td>
<td>A particular host/port of the JOBS service.</td>
<p>To determine support for JOBS via jabber:iq:browse, look for an item with a nested <ns/> with a value of "http://jabber.org/protocol/jobs":</p>
<examplecaption='Browse request'><![CDATA[
<iqtype='get'to='domain'>
<queryxmlns='jabber:iq:browse'/>
</iq>
]]></example>
<examplecaption='Browse result'><![CDATA[
<iqtype='get'to='sender@domain/res'from='domain'>
...
<itemxmlns='jabber:iq:browse'
category='service'
type='x-jobs'
jid='jobs.domain'
version='0.4'>
<ns>http://jabber.org/protocol/jobs</ns>
</item>
...
</iq>
]]></example>
</section3>
</section2>
<section2topic='Creating a Session'>
<p>The JOBS protocol supports various scenarios to create sessions. Most of these scenarios allow an entity to determine the possible parameters to create a session with. To actually create a session, the (would-be) sender sends an "iq-set" with a <session action="create"/>. This returns the details of the newly created session, including the ID and OOB host/port.</p>
<p>This use-case can be completely ignored for true "peer-to-peer" systems.</p>
<p>This creates a session between sender@domain/resource and any one receiver. At this point, the JOBS service is ready to accept connections for this session. The <session/> element describes the details for the session. The value returned in the "id" attribute is the JOBS session ID <note>The exact value of the ID is left to JOBS implementations.</note>.</p>
</section3>
<section3topic='With Parameters'>
<p>When creating a session, parameters to <session/> can be supplied, explicitly requesting that certain parameters be met (such as buffer size, time to expire, and receiver limit). Since these parameters have lower- and upper-bounds specific to the JOBS service, a sender may need to determine these limits.</p>
<p>To determine the limits, the sender sends an "iq-get" with a <session action="create"/>:</p>
<p>The returned <session/> is also prefilled with default values for all known parameters.</p>
<p>To create a session with specific parameters, the sender sends an "iq-set" as in the "simple" use-case, but then specifying the parameter values desired:</p>
<examplecaption='Creation request, with parameters'><![CDATA[
<p>The above example creates a session that does not timeout. A JOBS service uses values from the default information set for any parameters that are missing.</p>
<p>Any parameters that exceed the minimums/maximums causes an error.</p>
<p>In some cases, the session creation process requires an interface more suitable for human consumption. In such cases the JOBS protocol helps by allowing for contained elements governed by other namespaces. For form-based creation, a &xep0004; form can be embedded in the <session/>.</p>
<fieldvar='buffer'type='text'label='Buffer Size (in bytes)'><value>0</value></field>
<fieldvar='expires'type='text'label='Timeout (in seconds)'><value>30</value></field>
<fieldvar='receivers'type='text'label='Number of Recipients'><value>1</value></field>
</x>
</session>
</iq>
]]></example>
<p>The exact fields present in the form are dependent upon the JOBS implementation. The form SHOULD allow a user to at least specify the <session/> attributes.</p>
<p>Using the form-based approach, the session is then created by sending a <session action='create'/> with a form submission (as defined for "jabber:x:data"):</p>
<p>Once the session is created, the sender invites receivers to connect. The sender can invite receivers either directly, or via the JOBS service. Most invitations are distributed via <message/>.</p>
<section3topic='Inviting Directly'>
<p>The sender can invite receivers directly. This is done using a <message/>:</p>
<p>When inviting directly, the <session/> MUST contain enough information for a receiver to connect OOB. The required information is:</p>
<ul>
<li>host</li>
<li>id</li>
<li>port</li>
</ul>
</section3>
<section3topic='Inviting via JOBS'>
<p>Alternatively, a sender can invite receivers via the JOBS service. This is also done using a <message/>, with a <session action="notify"/> containing one or more <item action="invite" type="connection"/>:</p>
<examplecaption='Invitation message (to JOBS service)'><![CDATA[
<p>This results in the JOBS service sending the <message/> to each <item/>. Any additional elements (such as a <body/>) are passed onto those invited:</p>
<examplecaption='Invitation message (from JOBS service)'><![CDATA[
<messagefrom='jobs.domain'to='receiver@domain'>
<body>Let's connect!</body>
<sessionxmlns='http://jabber.org/protocol/jobs'
action='notify'
status='pending'
host='jobs.domain'
id='01234567'
port='12676'
sender='sender@domain/res'
buffer='0'
expires='30'
receivers='1'>
<itemtype='connection'action='invite'/>
</message>
]]></example>
</section3>
</section2>
<section2topic='Retrieving Session Information'>
<p>At any time, a client can request information about sessions for a JOBS service. The request can be directed for "all" sessions, or a specific session<note>Who is allowed to perform this action is left up to the JOBS service implementation.</note>.</p>
<section3topic='Service-wide'>
<p>A client can request all the sessions for a JOBS service by sending an "iq-get" containing a <session action="info"/> with no ID:</p>
<p>The JOBS service responds with all the sessions within the "iq-result". This is the only case where a result can have more than one <session/>.</p>
<examplecaption='Information result (all sessions)'><![CDATA[
<p>Alternatively, a client can request the information for a specific session by sending an "iq-get" containing a <session action="info"/> with the ID:</p>
<p>When a client connects (sender or receivers), a client-initiated handshake takes place. The purpose of this handshake is to authenticate the OOB connection, in relation to the client's JID. This authentication utilizes both in-band and OOB packets.</p>
<p>To start the handshake, the client sends an "init" packet on its established connection:</p>
<examplecaption='Client INIT'><![CDATA[
jobs/0.4 init
session-id: 01234567
client-jid: sender@domain/res
]]></example>
<p>If the session exists, and the client's JID is not automatically rejected, the JOBS service responds with an auth-challenge packet, containing an unique, arbitrary token:</p>
<examplecaption='Server AUTH-CHALLENGE'><![CDATA[
jobs/0.4 auth-challenge
confirm: SID00001234
]]></example>
<p>Once received, the client then sends an "iq-set" containing a <session action="authenticate"/>, which itself contains an <item type='auth' action='confirm'/> with this confirm key:</p>
<p>The service then compares this confirm key to that sent with the "auth-challenge" OOB packet. If this matches correctly, and the service determines this connection is authorized, the session will respond with a <session action="authenticate"/> containing a <item type="auth" action="accept"/> with the accept key:</p>
<examplecaption='Authentication result (from Server)'><![CDATA[
<p>At this point, the client responds on the OOB data stream with an "auth-response" packet:</p>
<examplecaption='Client AUTH-RESPONSE'><![CDATA[
jobs/0.4 auth-response
accept: SID88884321
]]></example>
<p>If the connection is accepted, the JOBS service sends a "connected" packet:</p>
<examplecaption='Server CONNECTED'><![CDATA[
jobs/0.4 connected
]]></example>
<p>and after this, the data transfer occurs. If this connection is the sender, they may start sending data now (regardless if receivers are connected). If this connection is a receiver, the sender's data immediately follows the terminating "newline".</p>
</section3>
<section3topic='Authorizing'>
<p>Authenticating ensures the OOB connection matches a particular JID. Authorizing ensures to the service that receiver is allowed to be connected to the session. To determine if the session connection should be accepted or rejected, the JOBS service first checks if the JID matches the sender. This matches against the "full" JID, including node, domain, and resource. If this connection is the sender, it is allowed. Otherwise, the service confirms the connection with the sender.</p>
<p>If a confirmation is required, the service sends an "iq-get" to the sender, with a <session action="authorize"/> containing an <item type"connection" action="confirm"/> with the full JID of the receiver:</p>
<p>One or more <item type="connection" action="confirm/> elements, each specifying a JID to accept/reject. To accept (or reject) a connection, the sender responds with an "iq-result", wrapping each JID in either an <item type="connection" action="accept"/> or <item type="connection" action="reject"/>.</p>
<examplecaption='Confirmation result (accept)'><![CDATA[
<p>If the connection is rejected, the service drops the connection, and notifies the sender and receiver of the dropped connection.</p>
</section3>
<section3topic='Dropping'>
<p>The sender may drop a connection at any time. To drop a connection, the sender sends an "iq-set" with the <session/> containing the "connection" to drop:</p>
<p>The service also sends notification messages to the sender and the JID of the dropped connection (detailed in the "Being Notified about Events" section).</p>
</section3>
</section2>
<section2topic='Deleting a Session'>
<p>Sessions are deleted either by timeout or explicitly. Sessions are deleted by timeout automatically under certain conditions. Sessions can also be deleted explicity by their senders, at any time. Regardless of the method of deletion, a notice is sent to all connected.</p>
<p>This use-case can be completely ignored for true "peer-to-peer" systems.</p>
<section3topic='Expiring'>
<p>The exact conditions that expire a session are mostly up to the implementation. At a minimum, a session SHOULD be expired when there are less than two connections, and the "expires" time is reached.</p>
</section3>
<section3topic='Deleting Explicitly'>
<p>To explictly delete a session, the sender sends an "iq-set" containing a <session action="delete"/>:</p>
<p>When a connection is accepted, the service sends a "notify" message to the sender and (if appropriate) the accepted receiver, with a <item type='connection' action='accept'/>:</p>
<p>If the notification is not about the recipient of the message, then the <item/> contains the JID this notification pertains to.</p>
</section3>
<section3topic='Connection Rejected'>
<p>When a connection is rejected, the service sends a "notify" message to the sender and (if appropriate) the accepted receiver, with a <item type='connection' action='reject'/>:</p>
<p>If the notification is not about the recipient of the message, then the <item/> contains the JID this notification pertains to.</p>
</section3>
<section3topic='Connection Dropped'>
<p>When a connection is dropped, the service sends a "notify" message to the sender and (if appropriate) the accepted receiver, with a <item type='connection' action='drop'/>:</p>
<p>If the notification is not about the recipient of the message, then the <item/> contains the JID this notification pertains to.</p>
</section3>
<section3topic='Session Deleted'>
<p>When a session is deleted, any clients connected to the session are immediately disconnected. The "notify" message is sent to the sender and any receivers still connected, with the <session action="notify"/> containing an <item type="status"/>:</p>
<p>The reason the session is deleted is specified by the action attribute. A value of "delete" means it was explicitly deleted. A value of "expire" means it timed out.</p>
type ( 'auth' | 'connection' | 'status' ) #OPTIONAL
>
<!ELEMENT connect () >
<!ATTLIST connect
host CDATA #REQUIRED
port CDATA #REQUIRED
>
<!ELEMENT limit () >
<!ATTLIST limit
default CDATA #REQUIRED
max CDATA #REQUIRED
min CDATA #REQUIRED
>
]]></code>
</section3>
<section3topic='<session/> Element'>
<p>The <session/> element is the core element to the protocol. This element provides both information about a session and the action applied to it. It has a large number of attributes, and contains zero or more <item/> elements, zero or more <connect/> elements, and zero or three <limit/> elements. It may also contain elements governed by other namespaces.</p>
<p>The "action" attribute specifies the action to apply or being applied to the session. From clients, this attribute MUST be specified. From the service this attribute MAY be specified (to prevent ambiguity). The value of "action" MUST be one of the following:</p>
<tablecaption='Possible "action" values'>
<tr>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>authenticate</td>
<td>Authenticating one or more connections.</td>
</tr>
<tr>
<td>authorize</td>
<td>Authorizing one or more connections.</td>
</tr>
<tr>
<td>create</td>
<td>Create a new session.</td>
</tr>
<tr>
<td>delete</td>
<td>Delete an existing session.</td>
</tr>
<tr>
<td>notify</td>
<td>Notification about the session.</td>
</tr>
</table>
<p>The "status" attribute specifies the current status of the session. This attribute MUST NOT be present if the session does not have an identifier (i.e. does not yet exist). Only the service can provide this attribute. The value of "status" MUST be one of the following:</p>
<tablecaption='Possible "status" values'>
<tr>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>active</td>
<td>The session is active, but not yet in use.</td>
</tr>
<tr>
<td>closed</td>
<td>The session has closed.</td>
</tr>
<tr>
<td>in-use</td>
<td>The session is in use (e.g. data is being transferred).</td>
</tr>
<tr>
<td>pending</td>
<td>The session is ready, but not yet active (e.g. not enough connections).</td>
</tr>
</table>
<p>The "host" attribute specifies the OOB hostname for the session. This attribute SHOULD be specified when possible. The value of this attribute can either be the "raw" dotted-decimal address or a fully-qualified domain name.</p>
<p>The "id" attribute identifies the session. This attribute is required for all uses of <session/> except the request to create a session. This value is any string that the service and clients can use to uniquely identify it.</p>
<p>The "port" attribute specifies the OOB port number for the session. This attribute SHOULD be specified when possible.</p>
<p>The "sender" attribute specifies the JID of the sender. This attribute SHOULD be specified when possible. The value of this attribute MUST be the full JID of the sender, including node and resource (if possible).</p>
<p>The "buffer" attribute specifies the size of a temporary transfer buffer. This attribute MAY be present at any time, and SHOULD be presented by the service wherever possible. The value of this attribute MUST be a non-negative number. A value of 0 means there is no buffer. This value has limits defined by the "jobs:buffer" parameter statistic.</p>
<p>The "expires" attribute specifies the number of seconds before this session times out. This attribute MAY be present at any time, and SHOULD be presented by the service wherever possible. The value of this attribute MUST be either a positive number or -1. A value of -1 means this session does not expire. This value has limits defined by the "jobs:expires" parameter statistic.</p>
<p>The "receivers" attribute specifies the maximum number of receivers this session can have. this attribute MAY be present at any time, and SHOULD be presented by the service wherever possible. The value of this attribute MUST be either a positive number of -1. A value of -1 means this session can (theoretically) have any number of receivers. This value has limits defined by the "jobs:receivers" parameter statistic.</p>
</section3>
<section3topic='<item/> Element'>
<p>The <item/> element is used for detailed information about specific items of a session. It is used to contain authentication keys, to define connections, and provide more detailed status for a session. It has attributes for the type of item and the action associated with this item. This element contains only character data.</p>
<p>The "action" attribute specifies the action to apply or being applied to this item. From clients, this attribute SHOULD be specified. From the service, this attribute MUST be specified (to prevent ambiguity). The value of "action" MUST be one of the following:</p>
<tablecaption='Possible "action" values'>
<tr>
<th>Value</th>
<th>Description</th>
<th>Notes</th>
</tr>
<tr>
<td>accept</td>
<td>The item is accepted.</td>
<td>This value MUST only be used when the type is "auth" or "connection".</td>
</tr>
<tr>
<td>confirm</td>
<td>The item needs confirmation.</td>
<td>This value MUST only be used when the type is "auth" or "connection".</td>
</tr>
<tr>
<td>delete</td>
<td>The item is deleted.</td>
<td>This value MUST only be used when the type is "status".</td>
</tr>
<tr>
<td>drop</td>
<td>The item is dropped.</td>
<td>This value MUST only be used when the type is "connection".</td>
</tr>
<tr>
<td>expire</td>
<td>The item has expired.</td>
<td>This value MUST only be used when the type is "status".</td>
</tr>
<tr>
<td>invite</td>
<td>The item is invited to the session.</td>
<td>This value MUST only be used when the type is "connection".</td>
</tr>
<tr>
<td>reject</td>
<td>The item is rejected.</td>
<td>This value MUST only be used when the type is "auth" or "connection".</td>
</tr>
</table>
<p>The "type" attribute specifies the type of item. This attribute MUST be present. The value of "type" MUST be one of the following:</p>
<tablecaption='Possible "action" values'>
<tr>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>auth</td>
<td>The item pertains to authentication keys.</td>
</tr>
<tr>
<td>connection</td>
<td>The item details a session connection. The CDATA is the JID that is connected.</td>
</tr>
<tr>
<td>status</td>
<td>The item details a session status event.</td>
</tr>
</table>
</section3>
<section3topic='<connect/> Element'>
<p>The <connect/> element specifies a valid host/port combination for a session. An instance of this element MUST be present for each host/port combination possible. This element SHOULD only be present when information on creating sessions is requested. It has attributes to define the OOB hostname and port number. This element is empty.</p>
<p>The "host" attribute specifies the OOB hostname. This attribute MUST be present. The value is either the "raw" dotted-decimal IP address, or the fully-qualified domain name.</p>
<p>The "port" attribute specifies the OOB port number. This attribute MUST be present. The value MUST be a positive integer in the range (0 < port <= 1024).</p>
</section3>
<section3topic='<limit/> Element'>
<p>The <limit/> element specifies a valid host/port combination for a session. An instance of this element MUST be present for each "type". This element SHOULD only be present when information on creating sessions is requested. It has attributes to define the type of limit, the default value, the minimum value, and the maximum value. This element is empty.</p>
<p>The "type" attribute specifies the type of limit. This attribute MUST be present. Each type corresponds to an attribute of <session/>. The value of "type" MUST be one of the following:</p>
<tablecaption='Possible "type" values'>
<tr>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>buffer</td>
<td>The buffer size limits. The units for "default", "max", and "min" are bytes.</td>
</tr>
<tr>
<td>expires</td>
<td>The expires time limits. The units for "default", "max", and "min" are seconds.</td>
</tr>
<tr>
<td>receivers</td>
<td>The receiver count limits. The units for "default", "max", and "min" are number of connections.</td>
</tr>
</table>
<p>The "default" attribute specifies the default value for this limit. This attribute MUST be present. The value of "default" MUST be a number.</p>
<p>The "max" attribute specifies the maximum value for this limit. This attribute MUST be present. The value of "max" MUST be a number. A value of -1 means there is no maximum value.</p>
<p>The "min" attribute specifies the minimum value for this limit. This attribute MUST be present. The value of "min" MUST be a number. A value of -1 means there is no minimum value.</p>
<td>The JOBS service did not understand the request.</td>
</tr>
<tr>
<td>403</td>
<td>Forbidden</td>
<td>The JOBS service cannot accept any creation requests from this JID.</td>
</tr>
<tr>
<td>406</td>
<td>Server Not Acceptable</td>
<td>The JOBS service cannot accept any creation requests using the requested <server/> parameters.</td>
</tr>
<tr>
<td>406</td>
<td>Restrictions Not Acceptable</td>
<td>The JOBS service cannot accept any creation requests using the requested <accept/>, <confirm/>, and/or <reject/> parameters.</td>
</tr>
<tr>
<td>503</td>
<td>Service Unavailable</td>
<td>The JOBS service cannot accept any additional sessions at this time. Future requests may be accepted.</td>
<td>The JOBS service did not understand the request.</td>
</tr>
<tr>
<td>403</td>
<td>Forbidden</td>
<td>The JOBS service denied the connection for any reason.</td>
</tr>
<tr>
<td>404</td>
<td>Not Found</td>
<td>The JOBS service could not find a given connection and/or JID.</td>
</tr>
<tr>
<td>406</td>
<td>Not Acceptable</td>
<td>The JOBS service denied the notify for some reason.</td>
</tr>
<tr>
<td>504</td>
<td>Remote Server Timeout</td>
<td>The JOBS connection timed out.</td>
</tr>
</table>
</section3>
</section2>
<section2topic='OOB Protocol'>
<p>The OOB protocol consists of a series of hanshaking headers, then the normal data transfer process. The syntax of the hanshake packets is similar to HTTP and SIP, in that it includes a "version and method" line, followed by zero or more "headers". The end of a packet is marked by two adjacent carriage returns (i.e. a single "empty" line). The primary difference is with the first line ("version and method"), where the protocol name and version precede the method.</p>