<abstract>This specification defines an XMPP protocol extension for including small bits of binary data in an XML stanza.</abstract>
&LEGALNOTICE;
<number>0231</number>
<status>Experimental</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
<spec>RFC 2045</spec>
<spec>RFC 2111</spec>
<spec>RFC 4648</spec>
</dependencies>
<supersedes/>
<supersededby/>
<shortname>NOT YET ASSIGNED</shortname>
&stpeter;
<revision>
<version>0.1</version>
<date>2008-01-30</date>
<initials>psa</initials>
<remark><p>Initial published version.</p></remark>
</revision>
<revision>
<version>0.0.4</version>
<date>2008-01-29</date>
<initials>psa</initials>
<remark><p>Separately described service discovery feature for inclusion of the data element in file previews.</p></remark>
</revision>
<revision>
<version>0.0.3</version>
<date>2007-12-27</date>
<initials>psa</initials>
<remark><p>Described use cases for previewing data to be exchanged in file transfers and for inclusion of media information in data forms.</p></remark>
</revision>
<revision>
<version>0.0.2</version>
<date>2007-12-18</date>
<initials>psa</initials>
<remark><p>Changed syntax to not use data: URL scheme; added cid and type attributes; described use cases for messaging and data retrieval.</p></remark>
</revision>
<revision>
<version>0.0.1</version>
<date>2007-11-09</date>
<initials>psa</initials>
<remark><p>First draft.</p></remark>
</revision>
</header>
<section1topic='Introduction'anchor='intro'>
<p>Sometimes it is desirable to include a small bit of binary data in an XMPP stanza. Typical use cases might be inclusion of an icon or emoticon in a message, a thumbnail in a file transfer request, a rasterized image in a whiteboarding session, or a small bit of media in a data form. At present, there is no lightweight method for including such data in an XMPP stanza, since existing methods (e.g., &xep0047;) are designed for larger blobs of data and therefore require some form of negotiation (e.g., via &xep0096; or &xep0166;). Therefore, this document specifies just such a lightweight method, using a <data/> element that provides semantics similar to the data: URL scheme defined in &rfc2397;.</p>
</section1>
<section1topic='Format'anchor='format'>
<p>The format for including binary data is straightforward: the data is encapsulated as the XML character data of a <data/> element, where the data MUST be encoded as Base64 in accordance with Section 4 of &rfc4648; (note: the Base64 output MUST NOT include whitespace and MUST set the number of pad bits to zero).</p>
<p>The <data/> element SHOULD be used only to encapsulate small bits of binary data and SHOULD NOT be used for large data transfers. Naturally the definition of "small" and "large" is rather loose. In general, it is recommended that the data should not be more than 4 kilobytes and that dedicated file transfer methods should be used for exchanging blobs of data larger than 4 kilobytes. Naturally, implementations or deployments may impose their own limits.</p>
<p>The following attributes are defined for the <data/> element.</p>
<tablecaption='Defined Attributes'>
<tr>
<th>Attribute</th>
<th>Description</th>
<th>Inclusion</th>
</tr>
<tr>
<td>alt</td>
<td>A human-readable description of the data.</td>
<td>RECOMMENDED</td>
</tr>
<tr>
<td>cid</td>
<td>A Content-ID that can be mapped to a cid: URL as specified in &rfc2111;.</td>
<td>RECOMMENDED</td>
</tr>
<tr>
<td>type</td>
<td>The MIME type of the data (e.g., "image/png") as described in &rfc2045;.</td>
<td>REQUIRED</td>
</tr>
</table>
<p>The following example illustrates the format (line endings are provided for readability only).</p>
<p>The <data/> element can be used in conjunction with &xep0071; and the cid: URL scheme to point to binary data that is provided in-band within a &MESSAGE; stanza.</p>
<examplecaption='A message with included data'><![CDATA[
<p>Data can be requested and transferred using the XMPP &IQ; stanza type by making reference to the 'cid' of the data to be retrieved. In particular, the requesting entity can request data by sending an IQ-get containing an empty <data/> element with a 'cid' attribute.</p>
<p>This specification does not place limits on the entities from which data can be requested. In particular, such an entity need not be the "owner" of the data (e.g., it could be a peer in a chatroom or whiteboarding session).</p>
<p>In addition, bits of data could be hosted by XMPP servers, distributed via &xep0060; nodes, or included in data collections that are available via HTTP (e.g., emoticon sets). Such data could be identified by the value of the 'cid' attribute, but methods for specifying those values are out of scope for this specification.</p>
</section2>
<section2topic='Data Form'anchor='form'>
<p>&xep0221; describes how to include a media element in &xep0004;, e.g. for the purpose of placing a human-viewable "CAPTCHA" in a form that is used for &xep0158; or &xep0077;. The <media/> element described in <cite>XEP-0221</cite> contains one or more <uri/> elements (which point to locations where the media can be downloaded, e.g. via HTTP) as well as a <data/> element that includes the data itself. The proposed <media/> element could be redefined to contain a <data/> element as described herein and shown in the following example.</p>
<p>The media could then be included in a data form.</p>
</section2>
<section2topic='File Transfer Preview'anchor='preview'>
<p>A previous proposal <note>See <<linkurl='http://www.xmpp.org/extensions/inbox/file-preview.html'>http://www.xmpp.org/extensions/inbox/file-preview.html</link>>.</note> described a method for including a thumbnail or file preview in a file transfer request. Such a preview can be included using the <data/> element, as shown below. However, a preview SHOULD not be included unless the receiving entity advertises (via &xep0030; or &xep0115;) support for the "urn:xmpp:tmp:file-preview" service discovery feature &NSNOTE;.</p>
<examplecaption='File transfer offer with preview'><![CDATA[
<p>The ability to include arbitrary binary data implies that it is possible to send scripts, applets, images, and executable code, which may be potentially harmful. To reduce the risk of such exposure, an implementation MAY choose to not display or process such data but instead either completely ignore the data, show only the value of the 'alt' attribute, or prompt a human user for approval (either explicitly via user action or implicitly via a list of approved entities from whom the user will accept binary data without per-event approval).</p>
<p>Until this specification advances to a status of Draft, its associated namespace shall be "urn:xmpp:tmp:data-element"; upon advancement of this specification, the ®ISTRAR; shall issue a permanent namespace in accordance with the process defined in Section 4 of &xep0053;.</p>
<p>If an entity is willing to accept data elements in file transfer requests for the purpose of previewing the file to be sent, it SHOULD advertise support for the "urn:xmpp:tmp:file-preview" feature.</p>
<p>The registry submission is as follows.</p>
<codecaption='Registry Submission'><![CDATA[
<var>
<name>urn:xmpp:tmp:file-preview</name>
<desc>Willingness to accept data elements to preview file transfers</desc>