<title>Stanza Headers and Internet Metadata</title>
<abstract>This document defines an XMPP protocol extension for specifying headers about XMPP stanza content, including an XML representation of many kinds of standard Internet metadata.</abstract>
<remark><p>Added Date, DateTime, and Time headers conforming to profiles from XEP-0082; renamed Date header to RFC2822Date; added note about date-related headers; added headers from RFC 2413 (Dublin Core).</p></remark>
<remark><p>Per a vote of the Jabber Council, advanced status to Draft; also added more headers from RFC 2822 to the initial registry submission.</p></remark>
</revision>
<revision>
<version>0.8</version>
<date>2004-09-29</date>
<initials>psa</initials>
<remark><p>Specified service discovery usage; corrected examples; further specified security considerations.</p></remark>
</revision>
<revision>
<version>0.7</version>
<date>2004-09-20</date>
<initials>psa</initials>
<remark><p>Specified location of headers in IQ stanzas.</p></remark>
<p>In order to ensure proper processing by the recipient of an XML stanza, some Jabber protocols and other XMPP extensions may need to enable the sender to communicate non-addressing information about the stanza (this is especially true of protocols that translate from a foreign format to XMPP; a good example is &xep0111;). Such information was formerly included in &xep0033;, but was removed from that specification when it was changed to focus on addressing information only. Therefore, this document defines a mechanism for encapsulating non-addressing "header" information about stanzas, including standard Internet metadata such as that defined by &rfc2045;, &rfc2616;, &rfc2617;, &rfc2822;, and &rfc3261;. Such information is encapsulated in a protocol extension qualified by the 'http://jabber.org/protocol/shim' namespace, where "SHIM" stands for "Stanza Headers and Internet Metadata".</p>
<p>It can be desirable (and, in some contexts, necessary) to determine if the intended recipient of an XML stanza supports a specific header (e.g., the "Classification" header) before sending information that may depend on that header. Therefore, implementations of this protocol MUST advertise which particular SHIM headers they support when queried via disco#info at the well-known service discovery node 'http://jabber.org/protocol/shim'.</p>
<examplecaption='Entity queries another entity regarding header support'><![CDATA[
<p>The values of the 'var' attribute MUST be of the form "http://jabber.org/protocol/shim#header", where "header" is to be replaced with the name of the header as registered with the ®ISTRAR; (see below).</p>
</section2>
</section1>
<section1topic='Protocol'anchor='protocol'>
<p>In a fashion similar to the structure of <cite>Extended Stanza Addressing</cite>, headers for &MESSAGE; and &PRESENCE; stanzas are contained in a <headers/> wrapper element qualified by the 'http://jabber.org/protocol/shim' namespace; each header is a child of this wrapper element, and is encapsulated via a <header/> element whose 'name' attribute identifies the header and whose XML character data specifies the relevant value:
<note>Standard XML escaping rules apply to the XML character data, so that the characters <>'"& MUST be escaped to &lt; &gt; &apos; &quot; &amp; respectively when translating from non-XML protocols (such as MIME and SIP) to SHIM, and the escaped sequences (e.g., &lt;) MUST be transformed to the equivalent non-escaped character (e.g., '<') when translating from SHIM to the non-XML protocol. Escaping and unescaping will normally be performed by a gateway that translates between XMPP and a foreign protocol such as MIME or SIP.</note>
</p>
<examplecaption='A basic example'><![CDATA[
<messagefrom='romeo@montague.net/orchard'
to='juliet@capulet.com/balcony'>
<body>Neither, fair saint, if either thee dislike.</body>
<p>In accordance with &xmppcore;, an &IQ; stanza must not contain more than one non-error child element; this places constraints on the location of SHIM headers in the XML hierarchy. Specifically, the <headers/> wrapper element MUST NOT be a direct child of &IQ; and instead SHOULD be a grandchild of &IQ; and a direct child of the content-bearing child element of &IQ; (e.g., &QUERY;, <em>not</em><error/>).</p>
<p>All public headers SHOULD be registered with the XMPP Registrar following the process specified in the <linkurl="#registrar">XMPP Registrar Considerations</link> section of this document. Many such headers are defined by other protocol specifications, such as RFCs 2045, 2616, 2617, 2822, and 3261; implementors MUST refer to those specifications for definition of the relevant headers.</p>
<p>This document defines several additional headers that may prove useful within Jabber protocols and other XMPP extensions, as specified in the following sections; further headers may be registered with the XMPP Registrar, either directly or via definition in XMPP Extension Protocol specifications.</p>
<p>The Classification header enables a sender or other entity to classify a stanza according to some classification scheme. The values of the XML character data contained within this header are out of scope for this document, since they are determined by the using application. Note: This header may be security-sensitive (see the <linkurl='#security'>Security Considerations</link> for details).</p>
<p>The Date header is defined by RFC 2822 and therefore follows the date and time format defined by RFC 2822; while this header is thus useful for translating email messages into XMPP stanzas, it is not consistent with &xep0082;. Therefore we define the "Created" header, which specifies the date and time when a stanza was created by the originating entity, where the value conforms to the DateTime profile specified in XEP-0082.</p>
<p>The Distribute header enables a sender to specify whether the stanza may be further distributed by the recipient to other entities on the network. The allowable values for this header are "true" and "false". If the sender specifies a value of "false", the recipient MUST NOT further distribute the stanza or any information contained therein; if the sender specifies a value of "true", the recipient MAY further distribute the stanza or any information contained therein; if the value is anything other than "true" or "false" and the recipient does not understand the value, the recipient MUST assume the default value of "false". This header is semantically equivalent to the "Distribute" flag defined in &geoprivpol;. (The HTTP "Max-Forwards" header is not appropriate for this usage, since it defines proxy and gateway behavior rather than recipient behavior.) Note: This header may be security-sensitive (see the <linkurl='#security'>Security Considerations</link> for details).</p>
</section2>
<section2topic='Store'anchor='headers-store'>
<p>The Store header enables a sender to specify whether the stanza may be stored or archived by the recipient. The allowable values for this header are "true" and "false". If the sender specifies a value of "false", the recipient MUST NOT store the stanza or any information contained therein; if the sender specifies a value of "true", the recipient MAY store the stanza or any information contained therein; if the value is anything other than "true" or "false" and the recipient does not understand the value, the recipient MUST assume the default value of "false". Note: This header may be security-sensitive (see the <linkurl='#security'>Security Considerations</link> for details).</p>
<p>It may be useful to specify that the information contained in a stanza is valid only for a limited period of time. Such is the function of the "TTL" header, the value of which is some number of seconds since the creation of the stanza. Note well that this header is purely informational and MUST NOT be used for routing or delivery of XML stanzas, since that function is already served by &xep0079;. A stanza that includes the "TTL" header SHOULD also include a "Created" header so that the recipient can properly process the stanza.</p>
<p>One situation in which both the "Created" and "TTL" headers might prove valuable is the broadcasting of structured presence information, such as a calendar-generated notification that a user will be in a meeting for the next hour:</p>
<examplecaption='Time to Live for Presence Information'><![CDATA[
<presence>
<show>dnd</status>
<status>in a meeting</status>
<headersxmlns='http://jabber.org/protocol/shim'>
<headername='Created'>2004-05-10T11:00Z</header>
<headername='TTL'>3600</header>
</headers>
</presence>
]]></example>
<p>Another potential application is specifying a time to live for <cite>Service Discovery</cite> results, which helps other entities know how long to cache such information:</p>
<examplecaption='Time to Live for Disco Information'><![CDATA[
<p>It can be useful to specify that the information contained in a stanza is more or less time-sensitive (e.g., in order to help the recipient determine whether to attend to the information immediately or to delay attending to the information). Such is the function of the "Urgency" header, the value of which is "high", "medium", or "low". One use of the header is Sieve notifications (see &sievenotify;) sent via XMPP, as specified in &sievenotifyxmpp;.</p>
<examplecaption='An Urgent Message'><![CDATA[
<message
from='romeo@shakespeare.lit/orchard'
to='juliet@capulet.com'
type='chat'>
<body>Wherefore are thou?!?</body>
<headersxmlns='http://jabber.org/protocol/shim'>
<headername='Urgency'>high</header>
</headers>
</message>
]]></example>
</section2>
</section1>
<section1topic='A Note About Date-Related Headers'anchor='dates'>
<p>Date formats differ widely. &xep0082; defines the Date, DateTime, and Time profiles of &iso8601;, which correspond to the Date, DateTime, and Time headers registered herein. The SHIM Date header also corresponds to the Date metadata element used in &DUBLINCORE; as specified in &rfc2413;.</p>
<p>However, many Internet standards use a different datetime format that ultimately derives from &rfc0822; as updated by &rfc1123;; specifically, that format is used by email (<cite>RFC 2822</cite>), the World Wide Web (<cite>RFC 2616</cite>), and the Session Initiation Protocol (<cite>RFC 3261</cite>). To map dates to and from these protocols, we define the SHIM RFC2822Date header.</p>
<p>In general, security considerations are the responsibility of the using protocol.</p>
<p>Certain SHIM headers MAY be security-sensitive (e.g., the "Classification", "Distribute", and "Store" headers specified herein). If an entity plans to use such headers, it MUST determine whether the intended recipient supports both the SHIM protocol and the particular security-sensitive headers of interst, as described under <linkurl='#disco'>Service Discovery</link>; furthermore, an implementation MUST warn a human user (if any) before use if the security-sensitive headers of interest are not supported.</p>