1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-14 13:25:23 -05:00
xeps/xep-0324.xml

2055 lines
346 KiB
XML
Raw Normal View History

2017-02-19 23:37:57 -05:00
<?xml version='1.0' encoding='UTF-8'?>
2013-04-16 15:46:58 -04:00
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
2017-05-20 10:38:03 -04:00
%ents;
2013-04-16 15:46:58 -04:00
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<xep>
2017-05-20 10:38:03 -04:00
<header>
<title>Internet of Things - Provisioning</title>
<abstract>
Note: This specification has been retracted by the author; new
implementations are not recommended.
This specification describes an architecture for efficient provisioning of
services, access rights and user privileges in for the Internet of Things,
where communication between Things is done using the XMPP protocol.
</abstract>
2017-05-20 10:38:03 -04:00
&LEGALNOTICE;
<number>0324</number>
<status>Retracted</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
<spec>XEP-0001</spec>
<spec>XEP-0030</spec>
<spec>XEP-0323</spec>
<spec>XEP-0325</spec>
</dependencies>
<supersedes/>
<supersededby/>
<shortname>sensor-network-provisioning</shortname>
&peterwaher;
<revision>
<version>0.5.1</version>
<date>2021-03-04</date>
<initials>mw</initials>
<remark><p>Cross-document editorial adjustments for inclusive language.</p></remark>
</revision>
<revision>
<version>0.5</version>
<date>2017-05-20</date>
<initials>XEP Editor: ssw</initials>
<remark>Mark XEP as retracted by the author.</remark>
</revision>
2017-05-20 10:38:03 -04:00
<revision>
<version>0.4</version>
<date>2015-11-09</date>
<initials>pw</initials>
<remark>
<p>Updated contact information.</p>
<p>Updated example JIDs to example.org</p>
</remark>
</revision>
<revision>
<version>0.3</version>
<date>2014-05-21</date>
<initials>pw</initials>
<remark>
<p>Element renamed from <strong>Friend</strong> to <strong>friend</strong> when recommending friendships.</p>
<p><strong>clearCache</strong> IQ stanzas now of type <strong>set</strong> instead of <strong>get</strong>.</p>
<p>Corrected schema with regards to tokens.</p>
<p>The <strong>getToken</strong> command now takes a base-64 encoded X.509 certificate (public part) instead of arbitrary string IDs.</p>
<p>An additional challenge/response step has been added to make sure the sender of a certificate has access to the private part of the certificate.</p>
<p>Named links to all sections in the document.</p>
<p>Added reference to XEP-0347, for how things can find provisioning servers.</p>
<p>Added method of finding provisioning server, if server hosted as a server component.</p>
<p>Updated examples to reflect a provisioning server hosted as a server component, harmonizing with XEP-0347.</p>
<p>Added a section about token challenges and token propagation.</p>
<p>Added a security note regarding token challenges.</p>
<p>Updated id-attributes in examples.</p>
</remark>
</revision>
<revision>
<version>0.2</version>
<date>2014-03-10</date>
<initials>pw</initials>
<remark>
<p>Corrected downloadPrivileges example.</p>
<p>Made several corrections of the language.</p>
<p>Expanded the introduction.</p>
<p>Changes "Sensor Networks" to "Internet of Things".</p>
<p>Fixed links to documents with new numbers.</p>
<p>Changed namespace urn:xmpp:sn to urn:xmpp:iot</p>
</remark>
</revision>
<revision>
<version>0.1</version>
<date>2013-04-16</date>
<initials>psa</initials>
<remark>
<p>Initial published version approved by the XMPP Council.</p>
</remark>
</revision>
<revision>
<version>0.0.5</version>
<date>2013-04-04</date>
<initials>pw</initials>
<remark>
<p>Added control use cases.</p>
<p>Grouped use cases.</p>
</remark>
</revision>
<revision>
<version>0.0.4</version>
<date>2013-04-01</date>
<initials>pw</initials>
<remark>
<p>Added altitude credentials.</p>
<p>Added resource information of original called to their corresponding JIDs.</p>
<p>Changed the return type of a rejected message.</p>
<p>Made images inline.</p>
<p>Converted the glossary into a definition list.</p>
</remark>
</revision>
<revision>
<version>0.0.3</version>
<date>2013-03-18</date>
<initials>pw</initials>
<remark>
<p>Added information about how to read sensors from large subsystems.</p>
<p>Added friend recommendation message.</p>
<p>Added client/device/service tokens.</p>
</remark>
</revision>
<revision>
<version>0.0.2</version>
<date>2013-03-12</date>
<initials>pw</initials>
<remark>
<p>Added use cases for service access rights and corresponding user privileges.</p>
</remark>
</revision>
<revision>
<version>0.0.1</version>
<date>2013-03-11</date>
<initials>pw</initials>
<remark>
<p>First draft.</p>
</remark>
</revision>
</header>
<section1 topic='Introduction' anchor='intro'>
<p>
This specification describes an architecture for efficient provisioning of services, access rights and user privileges in for the Internet of Things, where
communication between Things is done using the XMPP protocol.
</p>
<p>
Note has to be taken, that this XEP, and other Internet of Things-related XEP's, are designed for implementation in small devices, many of which have very limited
amount of memory (both RAM and ROM) or resources (processing power). Therefore, simplicity is of utmost importance. Furthermore, Internet of Things networks can
become huge, easily containing millions or billions of devices in peer-to-peer networks.
</p>
<p>
An added complexity in the provisioning case is that Things (small sensors for example) often have very limited user interface options. Therefore, this document
explains how provisioning can be done efficiently using a trusted third party with more power and options when it comes to user interface design and storage.
</p>
<p>
This document defines the following important operations to allow for efficient provisioning of services in the Internet of Things, based on XMPP:
</p>
<ul>
<li>What Things knows what Things</li>
<li>What Things can read data from what Things, and what data.</li>
<li>What Things can control what Things, and what parts.</li>
<li>Control of Users in the network.</li>
<li>Control of Services in the network.</li>
<li>Control generic boolean User Privileges in the network.</li>
</ul>
<p>
This XEP relies on &xep0323; and &xep0325; for sensor data readout and control interfaces. It relies on &xep0326; for bridging protocols and interfaing entities with multiple devices
behind them. It also ties into &xep0347; for automatic discovery of provisioning servers by things.
</p>
<p>
Internet of Things contain many different architectures and use cases. For this reason, the IoT standards have been divided into multiple XEPs according to the following table:
</p>
<table caption='Internet of Things XEPs'>
<tr>
<th>XEP</th>
<th>Description</th>
</tr>
<tr>
<td>xep-0000-IoT-BatteryPoweredSensors</td>
<td>Defines how to handle the peculiars related to battery powered devices, and other devices intermittently available on the network.</td>
</tr>
<tr>
<td>xep-0000-IoT-Events</td>
<td>Defines how Things send events, how event subscription, hysteresis levels, etc., are configured.</td>
</tr>
<tr>
<td>xep-0000-IoT-Interoperability</td>
<td>Defines guidelines for how to achieve interoperability in Internet of Things, publishing interoperability interfaces for different types of devices.</td>
</tr>
<tr>
<td>xep-0000-IoT-Multicast</td>
<td>Defines how sensor data can be multicast in efficient ways.</td>
</tr>
<tr>
<td>xep-0000-IoT-PubSub</td>
<td>Defines how efficient publication of sensor data can be made in Internet of Things.</td>
</tr>
<tr>
<td>xep-0000-IoT-Chat</td>
<td>Defines how human-to-machine interfaces should be constructed using chat messages to be user friendly, automatable and consistent with other IoT extensions and possible underlying architecture.</td>
</tr>
<tr>
<td>XEP-0322</td>
<td>
Defines how to EXI can be used in XMPP to achieve efficient compression of data. Albeit not an Internet of Things specific XEP, this XEP should be considered
in all Internet of Things implementations where memory and packet size is an issue.
</td>
</tr>
<tr>
<td>XEP-0323</td>
<td>
Provides the underlying architecture, basic operations and data structures for sensor data communication over XMPP networks.
It includes a hardware abstraction model, removing any technical detail implemented in underlying technologies. This XEP is used by all other
Internet of Things XEPs.
</td>
</tr>
<tr>
<td>XEP-0324</td>
<td>This specification. Defines how provisioning, the management of access privileges, etc., can be efficiently and easily implemented.</td>
</tr>
<tr>
<td>XEP-0325</td>
<td>Defines how to control actuators and other devices in Internet of Things.</td>
</tr>
<tr>
<td>XEP-0326</td>
<td>Defines how to handle architectures containing concentrators or servers handling multiple Things.</td>
</tr>
<tr>
<td>XEP-0331</td>
<td>Defines extensions for how color parameters can be handled, based on &xep0004;</td>
</tr>
<tr>
<td>XEP-0336</td>
<td>Defines extensions for how dynamic forms can be created, based on &xep0004;, &xep0122;, &xep0137; and &xep0141;.</td>
</tr>
<tr>
<td>XEP-0347</td>
<td>Defines the peculiars of sensor discovery in sensor networks. Apart from discovering sensors by JID, it also defines how to discover sensors based on location, etc.</td>
</tr>
</table>
</section1>
<section1 topic='Glossary' anchor='glossary'>
<p>The following table lists common terms and corresponding descriptions.</p>
<dl>
<di>
<dt>Actuator</dt>
<dd>Device containing at least one configurable property or output that can and should be controlled by some other entity or device.</dd>
</di>
<di>
<dt>Authority</dt>
<dd>Used synonymously with Provisioning Server.</dd>
</di>
<di>
<dt>Computed Value</dt>
<dd>A value that is computed instead of measured.</dd>
</di>
<di>
<dt>Concentrator</dt>
<dd>Device managing a set of devices which it publishes on the XMPP network.</dd>
</di>
<di>
<dt>Field</dt>
<dd>
One item of sensor data. Contains information about: Node, Field Name, Value, Precision, Unit, Value Type, Status, Timestamp, Localization information, etc.
Fields should be unique within the triple (Node ID, Field Name, Timestamp).
</dd>
</di>
<di>
<dt>Field Name</dt>
<dd>Name of a field of sensor data. Examples: Energy, Volume, Flow, Power, etc.</dd>
</di>
<di>
<dt>Field Type</dt>
<dd>What type of value the field represents. Examples: Momentary Value, Status Value, Identification Value, Calculated Value, Peak Value, Historical Value, etc.</dd>
</di>
<di>
<dt>Historical Value</dt>
<dd>A value stored in memory from a previous timestamp.</dd>
</di>
<di>
<dt>Identification Value</dt>
<dd>A value that can be used for identification. (Serial numbers, meter IDs, locations, names, etc.)</dd>
</di>
<di>
<dt>Localization information</dt>
<dd>Optional information for a field, allowing the sensor to control how the information should be presented to human viewers.</dd>
</di>
<di>
<dt>Meter</dt>
<dd>A device possible containing multiple sensors, used in metering applications. Examples: Electricity meter, Water Meter, Heat Meter, Cooling Meter, etc.</dd>
</di>
<di>
<dt>Momentary Value</dt>
<dd>A momentary value represents a value measured at the time of the read-out.</dd>
</di>
<di>
<dt>Node</dt>
<dd>
Graphs contain nodes and edges between nodes. In Internet of Things, sensors, actuators, meters, devices, gateways, etc., are often depicted as nodes whereas links between sensors (friendships)
are depicted as edges. In abstract terms, it's easier to talk about a Node, rather than list different possible node types (sensors, actuators, meters, devices, gateways, etc.).
Each Node has a Node ID.
</dd>
</di>
<di>
<dt>Node ID</dt>
<dd>
An ID uniquely identifying a node within its corresponding context. If a globally unique ID is desired, an architecture should be used using a universally accepted
ID scheme.
</dd>
</di>
<di>
<dt>Parameter</dt>
<dd>
Readable and/or writable property on a node/device. The XEP-0326 &xep0326; deals with reading and writing parameters
on nodes/devices. Fields are not parameters, and parameters are not fields.
</dd>
</di>
<di>
<dt>Peak Value</dt>
<dd>A maximum or minimum value during a given period.</dd>
</di>
<di>
<dt>Provisioning Server</dt>
<dd>An application that can configure a network and provide services to users or Things. In Internet of Things, a Provisioning Server knows who knows whom,
what privileges users have, who can read what data and who can control what devices and what parts of these devices.</dd>
</di>
<di>
<dt>Precision</dt>
<dd>
In physics, precision determines the number of digits of precision. In sensor networks however, this definition is not easily applicable. Instead, precision
determines, for example, the number of decimals of precision, or power of precision. Example: 123.200 MWh contains 3 decimals of precision. All entities parsing and
delivering field information in sensor networks should always retain the number of decimals in a message.
</dd>
</di>
<di>
<dt>Sensor</dt>
<dd>
Device measuring at least one digital value (0 or 1) or analog value (value with precision and physical unit). Examples: Temperature sensor, pressure sensor, etc.
Sensor values are reported as fields during read-out. Each sensor has a unique Node ID.
</dd>
</di>
<di>
<dt>SN</dt>
<dd>Sensor Network. A network consisting, but not limited to sensors, where transport and use of sensor data is of primary concern. A sensor network may contain actuators, network applications, monitors, services, etc.</dd>
</di>
<di>
<dt>Status Value</dt>
<dd>A value displaying status information about something.</dd>
</di>
<di>
<dt>Timestamp</dt>
<dd>Timestamp of value, when the value was sampled or recorded.</dd>
</di>
<di>
<dt>Thing</dt>
<dd>
Internet of Things basically consists of Things connected to the Internet. Things can be any device, sensor, actuator etc., that can have an
Internet connection.
</dd>
</di>
<di>
<dt>Thing Registry</dt>
<dd>
A registry where Things can register for simple and secure discovery by the owner of the Thing. The registry can also be used as a database for meta information
about Things in the network.
</dd>
</di>
<di>
<dt>Token</dt>
<dd>
A client, device or user can get a token from a provisioning server. These tokens can be included in requests to other entities in the network, so these entities can validate
access rights with the provisioning server.
</dd>
</di>
<di>
<dt>Unit</dt>
<dd>Physical unit of value. Example: MWh, l/s, etc.</dd>
</di>
<di>
<dt>Value</dt>
<dd>A field value.</dd>
</di>
<di>
<dt>Value Status</dt>
<dd>Status of field value. Contains important status information for Quality of Service purposes. Examples: Ok, Error, Warning, Time Shifted, Missing, Signed, etc.</dd>
</di>
<di>
<dt>Value Type</dt>
<dd>Can be numeric, string, boolean, Date &amp; Time, Time Span or Enumeration.</dd>
</di>
<di>
<dt>WSN</dt>
<dd>Wireless Sensor Network, a sensor network including wireless devices.</dd>
</di>
<di>
<dt>XMPP Client</dt>
<dd>Application connected to an XMPP network, having a JID. Note that sensors, as well as applications requesting sensor data can be XMPP clients.</dd>
</di>
</dl>
</section1>
<section1 topic='Use Cases' anchor='usecases'>
<p>
The most basic use case in sensor networks is to read out sensor data from a sensor. However, since protecting end-user integrity and system security is vital, access
rights and user privileges have to be imposed on the network.
</p>
<p>
To store access rights in all sensors might be very impractical. Not only does it consume memory, it's difficult to maintain track of the current system status, make sure
all devices have the latest configuration, distribute changes to the configuration, etc.
</p>
<p>
Furthermore, most sensors and small devices have very limited possibility to provide a rich user interface. Perhaps all it can do is to provide a small LED and a button,
useful perhaps for installing the sensor in the network, but not much more.
</p>
<p>
As an added complexity, the sensor network operator might not even have access to the XMPP Servers used, and provisioning needs to lie outside of the XMPP Server domains.
</p>
<p>
To solve this problem in an efficient manner, an architecture using distributed trusted third parties is proposed. Such third parties would:
</p>
<ul>
<li>Provide a rich user interface and configurable options to end user or back end systems.</li>
<li>Control friendships (who can communicate with whom).</li>
<li>Control content available for different friends (what can be read by whom).</li>
<li>Control operations accessible by different friends (what can be controlled/configured by whom).</li>
<li>Provide additional interoperability services to nodes in the network (for instance, unit conversion).</li>
</ul>
<section2 topic='Delegating trust' anchor='delegatingtrust'>
<section3 topic='Delegating original trust to a Provisioning Server' anchor='delegatingoriginaltrust'>
<p>
A provisioning server can be accessed either through a JID published by the provisioning server, or through a subdomain address, if hosted as a server component.
This section will show how to delegate original trust to a Provisioning Server, in the case the server uses a JID to communicate with things.
</p>
<p>
Trust is delegated to a provisioning server by a device, simply by befriending the provisioning server and asking it questions and complying with
its answers. As an illustrative example, following is a short description of how such a trust relationship can be created in a scenario where the sensor only
has a single LED and a single button.
2013-04-16 15:46:58 -04:00
</p>
<ul>
2017-05-20 10:38:03 -04:00
<li>Somebody is installing the sensor, giving it a connection to an XMPP server and a JID, reachable from the provisioning server.</li>
<li>The provisioning server is told to create a friendship request to the new sensor.</li>
<li>The sensor flashes its LED for a given time (for example: 30 seconds).</li>
<li>Viewing the LED, the person installing the sensor presses the button.</li>
<li>Receiving the button press within the given time period, accepts the friendship request. Optionally, the device can give user feedback using the LED.</li>
<li>The device performs a service discovery of the new friend, having been a manually added friend.</li>
<li>If the new friend supports this provisioning extension, further responsibilities are delegated to this device.</li>
<li>As the last step the device asks the provisioning server for a token. This device token is later used in calls to other devices and can be used to check access rights.</li>
2013-04-16 15:46:58 -04:00
</ul>
2017-05-20 10:38:03 -04:00
<p>
The following diagram shows the general case:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAY8AAANXCAIAAABCCkTbAAAgAElEQVR4nO3df48U953g8c8jiswMM4J+GLeOMcZ2mCT0E7jTRontZCz/wnYO9UmrO10Ur1dEFo5vZDvHqRUr5wMfimVOHGOzrHeOxmCHJYQQwgLHerlY6vujuj9VXVVd3dP9/V3vl0q7w/zoqf5+P/WemoYkMgSAGIjvEwCAuVArAHHIayUAEKSaWrlOJRxifxEpatU67C8iRa1ah/1FpKhV67C/iBS1ah32F5EyVqtBr9PtF/7c7xZfye/0BvVf1u82fHAX33fhxxn0Os1n2fDIu/qm5U8ufuPmNWo694k1nwOpQrwM1WrQ64hUajW+/qofrf20BTQ88lwmvv3S5Zz/W02+e7EnsPvnTqoQtTlqVbgJmLiwRWR0teSfkV88kxfn+JrUzxx/KP+0yof0PZ1utyOd3qByJoXv2x0/Tr87+lN+OpXHmXhmhetd/9zvinQ6HZFOb1A9Q32c/vRvWl20mbUqf9PCeyefbPm5zxcsUoXY7eLeKr/c9FrSN5rvrbKPd3r9XqfuEcYhmvxQ/pCDXmfyQi8FZOI3wX5XJh+64XHyb1p44PGjjZ9O8QxLjzP9m05ZtJm1Kn7TyVpVv3w391akCgmYp1Z1tzSl625WrbKrr+a1rOLFOPmhwnfRNyt3LPW1mrjO6x5nyllPPNr4/dWe6pvTv2nNqc5Vq+I3nf6AhVvGeWpFqpCG2bWq3AaVbqnyS2l6rUZfUJO5mhaMVO9las5kzlpNubea+rrVtFo13VtNfNMpi7arWuULW3v/N2etSBWSMce91fi2p9PJrw69FSq+/lR53ap0HzWsvPhS+7pV5ZMnXicqncn4+3anhqPhdavyiZbrOqw/wymvW1V+cZs81V3VKv9eoxey6l49rKz59N0FEjDPb4KezLwtifRxHAplKwETAq5V7V9GpvA4jgSzj4AZIdcKi2MTkR5qlSB2EEmiVqlh+5AqapUU9g4Jq68VIuVpigAXhHsrAFGgVgDiQK0AxIFaAYgDtQIQB2oFIA7UCkAcqBWAOFArAHGgVgDiQK0AxIFaAYgDtYJ5/AetYQO1gkn8l0PAHmoFM/gvtIFt1AoGzJMqgoUlUSssa/5UESwsg1phWbut1elTp32fMqJErbCU3aaKYGFh1ApLoVZwhlphcYulKqsVwcJuUSssbuFazXV7Neh1pNMb5H/K/zDlsyc0fnbNl/f6u/h0+ECtsDjrtep0NFGzajXW7+4uU/q9utQqdNQKi1uyVjOCNeh1un2N1PiN/B6qPi+lWvW7nU5HRLpdff/4M5a8G4Nz1ApLWSZV89RKM5X9v0GvM65Uv1vbq0qtRp/VL9dq4naKe6sYUCssxX6tRr3qj2s1rsqUXw2r91bZHyu1Gg77Xb2p6lOrCFArLMtKqoYT9zvZL22L3VvlaSq0bzD5JdLpUKvwUSssy0GtCn9BuPvXrfSWanQj1Sm/AJbdW019RISCWsEA86kCKqgVzNhVqqgVFkCtYMzpU6fn6RSpwmKoFUzSHk3rFKnCwqgVzNNg0SkYRK1gC6+pwyxqBVsYJJhFrWALgwSzqBVsYZBgFrWCLQwSzKJWsIVBglnUCrYwSDCLWsEWBglmUSvYwiDBLGoFWxgkmEWtYAuDBLOoFWxhkGAWtYItDBLMolawhUGCWdQKtjBIMItawRYGCWZRK9jCIMEsagVbGCSYRa1gC4MEs6gVbGGQYBa1gi0MEsyiVrCFQYJZ1Aq2MEgwi1rBFgYJZlEr2MIgwSxqBVsYJJhFrWALgwSzqBVsYZBgFrWCLQwSzKJWsIVBglnUCrYwSDCLWsEWBglmUSvYwiDBLGoFWxgkmEWtYAuDBLOoFWxhkGAWtYItDBLMolawhUGCWdQKQByoFYA4UCsAcaBW0ep3RaTTG/g+j4X0u4ucuX7VQl8e9YJhSK0iVnPFDnod6fb9nM7uLFar3Xz5oNeppmnJbwu/qFW0ildevytSuHHodzvdbqf4rn630+mISLc/6GUf0E/Wd0inN6h8dPyFdV+QvaPyJar4yL1u4RF7g+oZNpyGnny3cG9V+vLa0xi9r7hO1Cpi1Cpa4yuv5oaq380rlX1s/P8HvU5eDen2h8NBr6NfXf1o/lDjj+XfbtDrdPs1XzLMHy3/c79cq9IZlk6j+C3yBy78Jlj98mmnUXw8ahU1ahWtmnur8VVa+NDozfF7Rp8oxdsQfZ/eRU3e1xQrU4lB3QNWP1h3b1U6w8nTmOhN9eWqypfXnwb3VmmhVtGqufL63axYdfdWk3dI9Q9Y8+tcpVb5Iwx6nU6v3/CAk4+c3y5l91ajIFVuhYqnMf7kaq1KX159XrxulR5qFa2GK6/wso5e1NWXqWR8nRduScofrdZq+utWhZu78nfK+jS+c8oCNL6R04jVncbk/V3xjckvbziNOdcM4aNW0WquFRdlHRYmatQqWg3/fIiLsg7/3ip21ApAHKgVbGGQYBa1gi0MEsyiVrCFQYJZ1Aq2MEgwi1rBFgYJZlEr2MIgwSxqBVsYJJhFrWALgwSzqBVsYZBgFrWCLQwSzKJWsIVBglnUCrYwSDCLWsEWBglmUSvYwiDBLGoFWxgkmEWtYAuDBLOoFWxhkGAWtYItDBLMolawhUGCWdQKtjBIMItawRYGCWZRK9jCIMEsagVbGCSYRa1gC4MEs6gVbGGQYBa1gi0MEsyiVrCFQYJZ1Aq2MEgwi1rBFgYJZlEr2MIgwSxqBVsYJJhFrWALgwSzqBVsYZBgFrWCLQwSzKJWsIVBglnUCrYwSDCLWsEWBglmUSvYwiDBLGoFWxgkmEWtYAuDBLOoFYwpTU7zH4HdolYwqTg8094GFkOtYBK1gj3UCiZRK9hDrWBYPlKVN4BlUCsYRq1gCbWCYaVIMU4whVrBvGKnGCeYQq1gHrWCDdQKVsiY7xNBOqgVrKBWMI5awQpqBeOoFWxhkGAWtUqZtJXvhYcVQq0SU7xo//S7v7997WJ2/Pmf/uHP//QPd65/nh3//Pt//Off/+PdGzvZce8P/0eP+zcvZcf//eMgOx7cuvzg1uV/+dMX2fH17Stf377yr3++mh0P73z58M6X/++fv8qOv9z93V/u/u6be9c8HpQrSdQqHdnFeeurC9nxp9/9fWtrVS2X782BAdQqBdkF+ccvP/vjl59RK5qVKmoVPRG5efXTm1c/pVbzNMv3dmFx1Cpi2f1ClipqxU1W8qhVrETkD1e2/3Bl23ytThyY/Bu2x9+7dfnB24+LrLz2v774l7cPiqy8fq6uVv/lCZEnTtbX6vgRkSNbhfdsHZr8LodOTr5n/9Ez3GShiFpFSURufHHeZq32vPpJdm/131/dK/te/DCvVcO91a5rtXpse8p7tjf3lz6fYLUetYqSw1r9/LsyWSu9t3rnoMjB730nuxN64r/mtfqf/35dZH1zZ5la3bt2ckNk47jVWp0+ddr3TmIXqFV8slRZrlXB3mcu1P4m+M5BEfneO1cf3nnz+yL7X/koq9X3D1dTNcdvguubO5O12jm6Wvc4BKu9qFVkNFWu7q0G7z4t8vQb0+6tfvXnUq3GL0It+Zug/XsrghUdahUZP7Vae/bCvLUa/SZYeY18t7WqfD61aj1qFRMR+f3l/+2kVkV7Xjs77TfB2lr97i/bm/tLJbp3/EjxITeOV/5OcPXYUXd/J0iwYkStYuKoVkn/e6tptSJY4aNW0chSRa2oVWtRq2hQK4LVctQqGtSKWrUctYoGtaJWLUet4iAi1wfnqJXtWhGskFGrOFArbq9AreJAragVqFUcqBW1ArWKA7VyViuCFSxqFQdqRa1AreJAragVqFUcqBW1ArWKA7WiVqBWcaBW1ArUKg7UilqBWsWBWlErUKs4UCtqBWoVB2pFrUCt4kCtqBWoVRyoFbUCtYoDtaJWoFZxoFbUCtQqDtSKWoFaxYFaUStQqzhQK2oFahUHakWtQK3iQK2oFahVHKiVs1RRq2BRq2jwv35KrVqOWkWDWlGrlqNW0aBWbmrle
</p>
<p>
The successful case can also be illustrated in a sequence diagram, as follows:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwQAAAH4CAIAAAB7Vr3+AAAgAElEQVR4nO3daa80Z3ng8fpK2LFl1xdJjBMcA67PMFLCxDMB7CEDqrczw5LhBRBkKWQslZRZCAmjkYgITggQJ20W2wm7wXYImy2dedFdXWtvp7vvrrrq95Mln6eX6qrT9Vzn77vLz5PdAQAsWHbrHQAAuCUxBAAsWhNDGQDAkozEUOoS4/q8rQAwSgwthbcVAEaJoaXwtgLAKDG0FN5WABglhpbC2woAo86MoVWZZ3m5am6oiva12Z272qpiz51HvnBRnbGdVZnv38s9Wz7pRfsPbr/w/u/Rvn0vqtOeooQAYJdrxFB9w6rMs2z8x/aZMbRny0fpvPzZYXb8S3Vvvt8BnH7sSggA9jgmhprFjE7mZFmWF8WeGGp+5G+3UN/VPGxw13DjrcWUvFy196co6u1UxeZXWVanws6d7OfE9tdVkWV5nmdZXq6Ge7jdTrX7Rfu7ekQM9V+0dWv3YPvHflwPKSEA2O+IGBr8OG9iYlXm2b4YWi8cVdvlo+0P+/phq8Fdezbe65POx2RVkXU3vWc7o8tZ9dbqyGjvYW87u190ZFePiqH2i3ZjaPj0U1aGlBAAHHTaylBTBZsf0Hs/Jqt/uI9cR9T+Wd+9a2zjg/WW8RjqZMSendy7MlTfPsy17Ze7X3RkV4+KofaL7t5ga8HrmBhSQgBwjFOuGTpi8WZ4NU5RDYtpNDU2hhsfLCcdHUO7dnLXNUO7YmjfylDnRUd29eQYahJodPXqyBhSQgBwpCNiaHgdzIFrhnqrQJ1NDK6kOeKCpHqbeZ63CyIbXDM0vqYy3Mnejvbj7W58D3dcMzT4VKu7qyfFUPNam4uIxr759bHv7iElBADHO2VlKI2Diyoz3U5CYggAjje9GBpbDAmxnURu/fYBwMxMMIa4P+8dAJxKDMXhjQOAexBDQXjXAOB+xFAE3jIAuLfxGGJebnTyAEAEmZUhAGDJxBAAsGhiCABYNDEEACyaGAIAFk0MAQCLJoYAgEUTQwDAookhAGDRxBAAsGhiCABYNDEEACzaVWIo1d9POg9nfjOZl1ufbtNy63cDwrr1b+5pucj3c/PF8KZzNvrdl/7muy/9zfe++ZXvffMr3//WC9//1gs/+Pbf/uDbf/vD7/zdD7/zdz96+as/evmrP37l71979Wuvvfq1n/zz13/yz1//6b9846f/8o3Xv/sPr3/3H9743otvfO/FN7//j+t//vUH//SvP/inn/1w9bMfrv7tRy/9249e+vmPv/nzH3/zF6996xevfeuXP/n2L3/y7V/99Du/fv3lX7/+8ltvvPLWG6+8/earU/jnIm8SM+Lkd/JDAkbNZUeNGJrBm8SMOPmd/JCAUXPZUSOGrv4mfeEvvrD+58zvKrPg5HfyQwJGzWVHjRiawZvEjDj5nfyQgFFz2VEjhmbwJjEjTn4nPyRg1Fx21Mw3hj727u115E984pc/+favPvvOR5/5y1+//vJbzz3+6DN/dfT38YsfefaTE3+TmJFrnfxf+r2HW//rxCPv//xRE+q5xx999ouznlDAqPuMmv/77x5q/y9Yv/1fT4uhzz72yAf/sj9qThoy15lIS46hj707e+BDf715k/7sieyRD36hiaGTivWFpx99UgxxMVeMoXd9tJ5Qn//QQ9l7/mQR/7kGjLpnDP32f6lHzZ8/8xvveOb/WRlqvp+bL4Y3JX2TToqhz/zWI+//fP9NGlkZ+uJHNv81/eBHXnj17Tdfffu5xx99+MH1TY8++8XtA673X89+HixNkhj65s8/81j2xMd/8dpf/OfNf+g98OGvvPzr119+/ncf/PALr7z95qtvv/D0ow8//WLz32G93wuD3xpOfpiVi8XQp37z4d94R5ZlT376f/2n39isGb37My/9249e+ty76kWHL7/vkYf+/de3K0Nf+YNHs3qAPDscMtlTz43+wG2tDA3v2j79ycefevjpF8XQMTH01fc/8O7PDIp1EEMvPvtg/V3+5FPZ48+/+erbzz2erb/L6x8Vb1oZ4sISxdBfv++RJz7+tQ888MgHv/DLn3z7Vz/9xHuzd/6P119+67nHs9/97+uT/6nnmtHz4rMPZuvz/IWnH33ykyO/NZz8MCvnf0z28H/48ze+9+Kbn/rN7Hf+25vf/8e/+8N3ZL/z0Z/9cPWzH3703dlv/emPXvr5Zx7L3vWxX7z2ra994IH3fLb5mOwbzzz43uf6H5M1Q2bPD9xWDPXuaobS9i4xdPrK0Cf+7LMjMfT8k+1PRx/8yAvtDyw/+ZQY4gpSrgx97onOGf7hr7z81ht/9eGHH3++NYzWJ/zzT9b/rfbmq+O/NZz8MCtnrwzVo+ZTv/nwf/yf6xh68tPrn7P/+0MPPfChL60/kX/sc699/D3ZY3/WuWboj987WBna/AfYm6++/eYXP/Lwjh+47ZWh7l3PP7kdRJ+0MnT/a4ayJz6xd2Wo/kcMcWUprxlqrQw1H+T/wzMPPvVkf+I0vxdeePrRh59+fvhbw8kPs3KNGOqvDP34m3///gfe88Rjj3zgL8YvoH7u8e3nXKMrQ8fHkJWhq/7fZM1HmNmu9+aFpx/NsuxqPeTnwdJcMYZaiznv/sz6vwS21wxl2fpjsjdeeeuFpx9tXyR34Jqh+reGkx9m5eIx9K8/6F8ztPlEPnvgj77c+b/JvvHMg8268v5rho6OIdcM+fMPCMXJ7+SHBIKNms7K0InLE2LIzwMmx8nv5IcEwo2aTz5136sYxZCfB0yOk9/JDwkYNZcdNWJoBm8SM+Lkd/JDAkbNZUeNGJrBm8SMOPmd/JCAUXPZUSOGZvAmMSNOfic/JGDUXHbUiKEZvEnMiJPfyQ8JXHXU/Om7tn/0xgN/9OVFjBoxNIM3iRlx8jv5IYErjppP/1b2ro81f87QQ+/72gJGjRiawZvEjDj5nfyQwBVHzZd+75GHfv+r/VHzhfqPeF3/zT+vvNX8Zav1/wy/+YvGdv4V6e2/FGhqo0YM+XnAJTn5nfyQwHVHzZd+/5Hux2Rf/+ADj3zwC7/66Xd+/fofvzd75/NvvPLW9k9HrL9Y//Vk439F+uT/2isx5OcBl+Tkd/JDAqlGzcfekz32ufXfAdp48MMvvPJW52/7af5+6L1/Rfp0R40Y8vOAS3LyO/khgeuNmq/+4Tseef//qUfN5//oocc+11kZqkdNK3FefLb5+6H3/hXp0x01YsjPAy7Jye/khwRS/d9k2Xv+pHfNUJbVH5M1idP++6H3/RXp0x01YsjPAy7Jye/khwSMmsuOGjE0gzeJGXHyO/khAaPmsqNGDM3gTWJGnPxOfkjAqLnsqBFDM3iTmBEnv5MfEjBqLjtqxNAM3iRmxMnv5IcEjJrLjhoxNIM3iRlx8jv5IQGj5rKjRgzN4E1iRpz8Tn5IwKi57KgRQzN4k5gRJ7+THxIwai47asTQDN4kZsTJ7+SHBIyay44aMTSDN4kZcfI7+SEBo+ayo0YMzeBNYkac/E5+SMCoueyoEUMzeJOYESe/kx8SMGouO2rE0AzeJGbEye/khwSMmsuOGjE0gzeJGXHyO/khAaPmsqNGDM3gTWJGnPxOfkjAqLnsqBFDM3iTmBEnv5MfEjBqLjtqxNAM3iRmxMnv5IcEjJrLjhoxNIM3iRlx8jv5IQGj5rKjRgzN4E1iRpz8Tn5IwKi57KgRQzN4k5gRJ7+THxIwai47asTQDN4kZsTJ7+SHBIyay44aMTSDN4kZcfI7+SEBo+ayo0YMzeBNYkac/E5+SMCoueyouVYMseXnwaLc+nSbFic/XMmtf3NPy0RjaGu7fzf5p/0NmsI/l/quMgtOfic/JGDUXGTUiKEZvEnMkZPfyQ8JGDUXGTViaAZvEnPk5HfyQwJGzUVGzXVj6LbCHAicyskPJBBm1IghCMjJDyQQZtSIIQjIyQ8kEGbUiCEIyMkPJBBm1ESOIQCAg8QQALBoYggAWDQxBAAsWuQYCnMgcConP5BAmFEjhiAgJz+QQJhRI4YgICc/kECYU
</p>
<p>
<strong>Note:</strong> In many cases, an address to a provisioning server might be preprogrammed during production of the
device. In these cases, parts of the above procedure may not be necessary. All the client needs to do, if the provisioning server is not available
in the roster of the device, is to send a subscription request to the provisioning server, to alert the server of the existence of the device,
and possibly request a device token.
</p>
<p>
<strong>Note 2:</strong> A certificate token has an undefined lifetime. It can be reused across sessions.
</p>
<p>
The following use cases will assume such a trust relationship has been created between the corresponding device and the provisioning server.
</p>
</section3>
<section3 topic='Provisioning Server as a server component' anchor='servercomponent'>
<p>
A provisioning server can also be hosted as a server component, and in these cases be addressed by using the component address, or sub-domain address of the component.
In this case, the client searches through the components hosted by the server to see if one of them is a Provisioning Server. There are no friendship requests and
presence subscriptions necessary, when communicating with a Provisioning Server hosted as a server component.
</p>
<p>
To search for a Provisioning Server hosted as a component on an XMPP Server, you first request a list of available components, as follows:
</p>
<example caption="Checking if server supports components">
<![CDATA[
<iq from='device@example.org/device' to='example.org' type='get' id='1'>
<query xmlns="http://jabber.org/protocol/disco#info"/>
</iq>
<iq type="result" id="1" from="example.org" to="device@example.org/device">
<query xmlns="http://jabber.org/protocol/disco#info">
...
<feature var="http://jabber.org/protocol/disco#items"/>
...
</query>
2013-04-16 15:46:58 -04:00
</iq>]]>
</example>
2017-05-20 10:38:03 -04:00
<p>
If components (items) are supported, a request for available components is made:
</p>
<example caption="Requesting list of server components">
<![CDATA[
<iq from='device@example.org/device' to='example.org' type='get' id='2'>
<query xmlns="http://jabber.org/protocol/disco#items"/>
</iq>
<iq type="result" id="2" from="example.org" to="995fab3dd759452ca9c370647323af0c@example.org/ebe2348e">
<query xmlns="http://jabber.org/protocol/disco#items">
...
<item jid="provisioning.example.org" name="Provisioning"/>
...
</query>
</iq>]]>
</example>
<p>
The client then loops through all components (items) and checks what features they support, until a Provisioning Server is found:
</p>
<example caption="Service discovery information request made to each component">
<![CDATA[
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='3'>
<query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>
2013-04-16 15:46:58 -04:00
<iq type='result'
2017-05-20 10:38:03 -04:00
from='provisioning.example.org'
to='device@example.org/device'
id='3'>
2013-04-16 15:46:58 -04:00
<query xmlns='http://jabber.org/protocol/disco#info'>
...
<feature var='urn:xmpp:iot:provisioning'/>
2013-04-16 15:46:58 -04:00
...
</query>
</iq>]]>
</example>
2017-05-20 10:38:03 -04:00
</section3>
<section3 topic="Tokens and X.509 Certificates" anchor="tokenscertificats">
<p>
The provisioning server contains a set of rules defining what operation can take place and by whom, by participants in the network. Rules can be applied based on JIDs used,
content affected, and also through device, service and user identities based on X.509 Certificates. In order for a service (for instance) to identify itself in the network, it
uses an X.509 certificate. It sends the public part of this certificate to the provisioning server, and receives a token back in the form of a simple string. This token can then
be used in requests and propagated through the network.
</p>
<p>
To validate that the sender is allowed to use the certificate using its token, it encrypts a challenge using the public part of the certificate and sends it to the sender of the
token, who in turn decrypts it using the private part of the certificate and returns it to the server. The provisioning server can also use the public part of the certificate to
perform validation checks on the certificate itself. If the certificate becomes invalid, the provisioning server can invalidate any corresponding rules in the network. If the sender
of a token cannot respond to a token challenge, the provisioning server can also refuse to allow the operation.
</p>
<p>
In case of multiple units being part of an operation, a token can be propagated in the network. For example, a service can read data from U1, who reads data from U2. The service
provides a token to U1, who propagates this token in the request to U2. When U2 asks the provisioning server if the operation should be allowed or not, the server knows what entity
originated the request. If the provisioning server wants to challenge U2, concerning the token, U2 propagates the challenge to U1, who propagates it to the service, who can resolve
the challenge, returns the response back to U1 who returns the response to U2 who in turn returns it to the provisioning server.
</p>
2013-04-16 15:46:58 -04:00
<p>
2017-05-20 10:38:03 -04:00
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAvMAAALdCAIAAAAuwXvGAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAFuVSURBVHhe7d17kzxPVt/3eUrsshtLPxG0ICEtl34MjgBk2UiAQRD9r21hyfwBGBMWMhEdIVsSWDgchkBgcZGwR4AkbEkg0AXJF9mKwKcyT57MyrpMV052VVb2+xUZO1VZWdnVPZ+ePFvf+U2//TEAAEAvqGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/qGwAAEA/tlU2b0joi4KW6PcGjr4oeIC+ZHD0RcGh9JsBR1+Ux2yubP7JP/g70v7pb/2ytH/2278i7fd+53+R9vv/8O9K++f/6Fel/cE//rU//N1fl/Yv/vffkPYv/4+/J+1f/ZO/L+1f/9PflPZH/+x/9e3f/N7/Ju3f/v67tP/zn/8Daf/XH/yWtP/7D39b2v/zL35H2r/7l//w//1X/0ja//ev/7G0f/9Hv9tC2/pCYx9E1BoR3YTkWCM5jSCT1rZmksqmsPHmbxMRtUZENyE51khOI8ikta2ZpLIpbPJS/NzP/pxv+uqgAUTUGhHdhORYIzmNIJPWtmaSyqaw8eZvExG1RkQ3ITnWSE4jyKS1rZmksilsvPnbREStEdFNSI41ktMIMmltayabqGz+m2+Rib0v/MAvbnyhf+qbv+H7fz7vfH6Ta930QmMf8n3Z+2fB3/mzX/kzf9ki+ve/74sxkL/y577hy3/uN5PY7NmI6CbNJOfnf/jLci2DQ36ySZOHJjktkG/E5kz+j//Bl1x41J/8z7Zl8ie/+pXv/R8sk7rgblpkn7Miy1PZlMkGKpsf/8a3b/lL+kL/wnd95Uvf/Ws9lpDYx1MiWlbZ/NQ3y8W8UdmcRCPJ+c3vD/mRsvjtm39m/D3dp5GcRpRkUiqbP/mfhkz+9e/7+q/7vv9pSya5Z1Ptzf8/f+eXv/47fzV/oX/2B7Xy/MJf/GX3Qv/X3/QNX/6i6/niD/+Ke7b+/xDHCtH+v44fkO1WbjLvphca+5DvS/2Ilv0/7+//Ue7ZnEgzybHv4I9+B5XNayvJ5Gxl82Pf+OWv/zqZ7Ws//t//J18vXwff+hNDJn/6W4Z/Jxky+Uvf/ZUv/dnfsHs2v/wffoMO/OIPf/90kX37jp9yaZH1V9flcIvRVuTpITv9a9/8HRt/MMpJmzLZxu/Z/MJ3hpdL/zXq1//CF77yF37WlZB/+dvfvum/dZXN25/5L4cSUv6v8Nd+VJ6q/J+b4cUNr6Ps+v5hOfnaj8b/6/OcHxByrZteaOxDvi9PiWjZ+kRlcx5tJeePfvdnvhYWj90byWlESSbH/xr15f/orw+Z/LFvfPtT/7lk8u9+z9e9/anhX0j+7e//pW99+xN/VTL5E199+5YfkUDKmvttPxn/Nervfd8Xv/2n8n+NiousraqyHPsfcfazLqlsskNxUbZDDzd5Lpsy2dpvEP/It7599af/4Ld++k+7b4v6wg/9srtn831/273QUvfJaxpfWf9iZT8IZDdR/7aNTLrphcY+5Pvy5IhS2fSppeQM/9f2qLJGGslpREkmR/dsQiZ/7Bu//B//d5JJqWy+9uM+k3/jB770hR/4Bcnk3/qBL331p//wv/i2t6/+Nclk/D2bv/Lt8vCDeM9G7yYMIZGIulXV6hhZkSeVTXboZ75mC3EY/HCT69iUyeMrG3mtv/w9fyO8+f/m8CqP7tmEf/aLlY17fb+Wv3yxHnTLyc/EezZPaVtfaOzjGRH9YH0abiu64ntYn/72D/k3vM8Jlc15NJMc+f9s9f+f2KZGchpRksmPKpv8ns0f/Nav/fkvfNuf/qouuNPfIHa/L2iL7PSeTVhnP65sXu6eTfLfRr1960/4N7/9no3Qf42yymZYMOzNH18++ydAf8h2Bf8a9Srk+/KMiK6uT7/z737ym1zMBpLSmBMqm/OQl6uF5IxvNtf/wfVIkwcmOS2Qb8TmTK5WNv/m9/Lfsxky+Yvf/ZW3L/zgL7lMJv8apeOSezbpqqo3b7ZUNvH0V/k9m/U3P/9tFB5GRK0R0U1IjjWS04jOMjm6Z6P3fh5tWzNJZVPYePO3iYhaI6KbkBxrJKcR3WXyR79DntJg87+3yjmbMkllU9i2vtDYBxG1RkQ3ITnWSE4jyKS1rZmksilsvPnbREStEdFNSI41ktMIMmltayapbAobb/42EVFrRHQTkmON5DSCTFrbmkkqm8LGm79NRNQaEd2E5FgjOY0gk9a2ZpLKprDx5m8TEbVGRDchOdZITiOemsm/mnwQ9Q/+EpUNb37Xtr7Q2AcRtUZENyE51khOI56YyR//E2/f8iOayV/87q986bt/ncqGN7803vxtIqLWiOgmJMcayWnEEzP5C9/5lS9916/mmfy5v6h/IPeLP/TLLpM/ZZ9qGf47bf3ro9nfxXV/l8+NfNKngsjMmzJJZVPYtr7Q2AcRtUZENyE51khOI56byV/4rq/IAwz0X6N+43u/8JXv/TmXyb/y7W/f9DOustE/qRc2ho82+qnkb+4Nf6JGP2Zh6x/f29TkKjdlksqmsG19obEPImqNiG5CcqyRnEbslckf+ba3r/70H/72Xxt9EPUXf+hX3D0brWB+Pv0g6pkPnI4jn9LkYTZlksqmsG19obEPImqNiG5CcqyRnEY8L5O/+j1f95U//zdDJv/WDw4f953eswmZTOqV4W5N+CDq5J5NaFQ2vPnxPETUGhHdhORYIzmNeGomk/826u3b/iufSfs9G6H/GhXrlfSDqKcfOE1lw5sfz0NErRHRTUiONZLTCDJpbWsmqWwKG2/+NhFRa0R0E5JjjeQ0gkxa25pJKpvCxpu/TUTUGhHdhORYIzmNIJPWtmaSyqaw8eZvExG1RkQ3ITnWSE4jyKS1rZmksilsvPnbREStEdFNSI41ktMIMmltayapbAobb/42EVFrRHQTkmON5DSCTFrbmkkqm8LGm79NRNQaEd2E5FgjOY0gk9a2ZpLKprDx5m8TEbVGRDchOdZITiPIpLWtmaSyKWy8+dtERK0R0U1IjjWS0wgyaW1rJqlsChtv/jYRUWtEdBOSY43kNIJMWtuaSSqbwsabv01E1BoR3YTkWCM5jSCT1rZmksqmsPHmbxMRtUZENyE51khOI8ikta2ZpLIpbLz520RErRHRTUiONZLTCDJpbWsmqWwKG2/+NhFRa0R0E5JjjeQ0gkxa25pJKpvCxpu/TUTUGhHdhORYIzmNIJPWtmaSyqaw8eZvExG1RkQ3ITnWSE4jyKS1rZmksilsvPnbREStEdFNSI41ktMIMmltayapbAobb/42EVFrRHQTkmON5DSCTFrbmkkqm8LGm79NRNQaEd2E5FgjOY0gk9a2ZpLKprDx5m8TEbVGRDchOdZITiPIpLWtmaSyKWy8+dtERK0R0U1IjjWS0wgyaW1rJqlsChtv/jYRUWtEdBOSY43kNIJMWtuaSSqbwsabv01E1BoR3YTkWCM5jSCT1rZmcnNlA7PphcY+9HsDh4g+Tl8yOCSnBfrNgLMpk9sqG2OPcUhLn2QLTV8UtCT7Hu3ciOh5ZS/dzo3kYCr7puzczphJKpsKTV8UtCT7Hu3ciOh5ZS/dzo3kYCr7puzcqGx2arz58aHse7RzI6Lnlb10OzeSg6nsm7Jze6HK5ljyQusW0CQiijIkB605YyapbID6iCjKkBy0hspmJ7z50TgiijIkB62hstkJb340joiiDMlBa6hsAAAAjkRlAwAA+kFlAwAA+kFlAwAA+nHKyoZfskPjiCjKkBy0ht8g3glvfjSOiKIMyUFrqGx2wpsfjSOiKENy0Boqm53w5kfjiCjKkBy0hspmJ7z50TgiijIkB62hstkJb340joiiDMlBa6hsdsKbH40joihDctAaKhsAAIAjUdkAAIB+UNkAAIB+UNkAA
</p>
<section4 topic='Requesting a token' anchor='requesttoken'>
<p>
The following example shows how a device or service can request a token from the provisioning server, by providing the base-64 encoded public part of an X.509 certificate.
This step is optional, but can be used as a method to identify the device (or service), apart from the JID it is using. This might be useful if you want to assign a particular
device or service privileges in the provisioning server, regardless of the JID it uses to perform the action.
</p>
<example caption='Requesting a token'>
2013-04-16 15:46:58 -04:00
<![CDATA[
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='4'>
<getToken xmlns='urn:xmpp:iot:provisioning'>BASE-64 ENCODED PUBLIC X.509 CERTIFICATE</getToken>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='4'>
<getTokenChallenge xmlns='urn:xmpp:iot:provisioning' seqnr='1'>BASE-64 ENCODED CHALLENGE</getTokenChallenge>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='5'>
<getTokenChallengeResponse xmlns='urn:xmpp:iot:provisioning' seqnr='1'>BASE-64 ENCODED RESPONSE</getTokenChallengeResponse>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='5'>
<getTokenResponse xmlns='urn:xmpp:iot:provisioning' token='TOKEN'/>
</iq>]]>
</example>
<p>
The <strong>getToken</strong> element contains the base-64 encoded public version of the certificate that is used to identify the device or service. The server
responds with a challenge in a <strong>getTokenChallenge</strong> response. This challenge is also a base-64 encoded binary block of data, which corresponds to a random
sequence of bytes that is then encrypted using the public certificate. Now, the device, or service, decrypts this challenge using the private part of the certificate, and
returns the base-64 encoded decrypted version of the challenge back to the provisioning server using the <strong>getTokenChallengeResponse</strong> element. The provisioning
server checks the response to the original random sequence of bytes. If equal, the provisioning server responds with a <strong>getTokenResponse</strong> result, containing
the token (a string this time) that can be used when reference to the identity defined by the certificate has to be made. The provisioning server must not return tokens that
contain white space characters.
</p>
<p>
If the response to the challenge is wrong, the server returns a <strong>bad-request</strong> error result, as is shown below.
</p>
<example caption='Challenge reponse incorrect'>
<![CDATA[
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='5'>
<error type='modify'>
<bad-request xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
</error>
</iq>]]>
</example>
<p>
If the sequence number identifying the challenge is not found on the server, the server returns a <strong>item-not-found</strong> error result, as is shown below.
</p>
<example caption='Challenge sequence number not found'>
<![CDATA[
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='5'>
<error type='cancel'>
<item-not-found xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
</error>
</iq>]]>
</example>
<p>
The server must retain the challenge in memory for at least one minute before assuming the challenge will go unresponded.
</p>
</section4>
<section4 topic='Provisioning Server challenging a token' anchor='tokenchallenge'>
<p>
For reasons the provisioning server determines, it can challenge the use of a token in any of the requests made to it. This is done by sending a
iq get stanza with a <strong>tokenChallenge</strong> to the party sending the token. This element contains both the token being challenged, and a binary
challenge. This challenge is made up of a random block of data that is encrypted using the public certificate referred to by the token.
</p>
<p>
The receiver of the challenge, if it has access to the private certificate referenced, decrypts the challenge, and returns the decrypted binary block of data
to the caller (i.e. the Provisioning Server in this case). If the decrypted block of data corresponds to the original random block of data encrypted, the sender
of the token is considered to be allowed to use the token.
</p>
<p>
If the received of the challenge does not have access to the private certificate referenced, but used the token in a propagated request made to it, it can propagate the
request to the original sender of the token. When the response is returned, it returns the response in turn to the sender of the challenge.
</p>
<p>
A challenge/response sequence can look as follows:
</p>
<example caption='Requesting a token'>
<![CDATA[
<iq type='get'
from='provisioning.example.org'
to='device@example.org/device'
id='6'>
<tokenChallenge xmlns='urn:xmpp:iot:provisioning' token='TOKEN'>BASE-64 encoded challenge</tokenChallenge>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='device@example.org/device'
to='provisioning.example.org'
id='6'>
<tokenChallengeResponse xmlns='urn:xmpp:iot:provisioning'>BASE-64 encoded response</tokenChallengeResponse>
</iq>]]>
</example>
<p>
<strong>Note:</strong> It is important that a unit only responds to a <strong>tokenChallenge</strong> request from a JID to which the corresponding token
has been sent. If a token challenge is received from a JID to which the token has not been sent the last minute, the following error message must be returned:
</p>
<example caption='Invalid token challenge'>
<![CDATA[
<iq type='error'
from='device@example.org/device'
to='provisioning.example.org'
id='6'>
<error type='cancel'>
<forbidden xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
</error>
</iq>]]>
</example>
</section4>
</section3>
<section3 topic='Delegating Secondary Trust' anchor='delegatingsecondarytrust'>
<p>
The <strong>isFriendResponse</strong> element returned by the provisioning server contains an attribute <strong>secondaryTrustAllowed</strong> that is by default
set to false. If the provisioning server has no problem with allowing multiple trust to be delegated by devices in the network, it can choose to set this
attribute to true in the response. If true, the device knows it has the right to add its own friends, or to add secondary trust relationships.
</p>
<p>
The following diagram continues with the example given above, of how a sensor with a limited user interface, can allow to manually add new friends, including new
trust relationships using a single LED and a button.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAApwAAAQ2CAIAAAARfvpAAAAgAElEQVR4nOzd/Ytcx734+c9fZKQZzaDpP+NGtiyNZXuSq/4H9t6ExHYyxpYt20H0frl8lwQ7DhOCJDP4AV0aG5NIZrCxQWgUIcSgli17B6HVameFJLxes4LZH051ncd+Pn3qU1XvF0Uymseerjr1nuqeSWQfAAAEQVzfAAAAUA+iDgBAINKoCwAA8FNF1Jv+iQL6sAwAwDtEHdVYBgDgHaKOaiwDAPAOUUc1lgEAeIeooxrLAAC8U1vUe51Wu5v5d7ed/WW8VqdX/WHd9pA3TvB1p/88vU7L3Mjc7a9Tr9Oa+ptMb96ou3LYp5j0W6PoAOCjmqLe67QKUcxWtvzWynebwpDPPKZuO/kEs4R3lBo+d/9mTvfFJ/tQig4Anhoj6pmzoi2TPYe3u/vVh918rbPpzH2m9N1Kb7KvabXbSRSLtyTzddv9z9Ntm3+lN6f0ebK67dIZvXxLCt9v7jXmvcb5uuV7stsWabVaIq1Ox2a7KuDd3FvNh/QKr83fJ8W7aLyuU3QA8NcEJ/W0v7Yl9oXhJ/X+WbVrT6y5z9DvXf5N6afsdVr543zhJ4Hcw+9ppM2rhnye9LYVfkIZ9G2WX7DvPsnXzd+T/fut/zkrD+X5fBc/JP2U5Uc+JjmpU3QA8No4Ua86IBfaOCrqSX0qnmfPxij/psxXsS+WjrrVUc91rurzVLDlHXpLMu+cfayh3R3v65Zufy7g6Z1UbnD+0/ffPvSknn28YJyoU3QA8N3oqJcO1YUDepqSwVE3H1AR1fJJva980q24JWNGffBJPX8ur74lFd9v/hb0fxYY8XWH3ZP26wx4pHxw1NP7P3erhzyIUoWiA0AAxjip91PTaqV1sMfZ7HlVqgKVf7fCM76Vz6mX3tk+J11xS/pftz0w6iOeUx/ydat+h6D8mlJrB3/d8u0vHMsHPEFQ+vT2Q+yXME+yV/0CRGlqSig6AIRhjKi7kj/PTv/b43V9ngbM81fwh9Ay4wCA2SiOeuWv3bv8PPNlbuXc/lh+EDXTDQCYleaoY+6YawAICVGPFxMNAIEh6pFilgEgPEQ9RkwxAASpOuoIm6PFBgCYL+GkDgBAGIg6AACBIOoAAASCqAMAEAiiDgBAIIg6AACBIOoAAASCqAMAEAiiDgBAIIg6AACBIOoAAASCqAMAEAiiDqAe/J8GAc4RdQCz4v8PEFCCqAOYHv9Xv4AqRB3AlMYpOl0HmkTUAUxj/KLTdaAxRB3ANCaN+qWLl1zfZCB8RB3AxCYtOl0HmkHUAUysyah3261OL3mx12mJ9P/V67RarVb6r0638N55vU4rf2sGvN8A/c8P6EbUAUxmuqInUZ+i671Ov9y9TqvVbvf/1W1Lu5t5p/bwqPeNfIdBN6JN1OEBog5gMlNHXaY7rOeD3f9Xty3trim0OYW3Or39brvVbreGHMULUe+2W62WiLTb9vX995jxbA+4QNQBTKbpqPerbo7myX8lr7OFzoRfbJIrI1yKuhSP+OlPChWPBAC6EXUAk5kx6lN0vdtudXqZ/Eq7kyS7KurFA3fV56r4Z8UHdtv2iN4l6vADUQcwsVmKPs1hPXmQvJ/Vbrv/G3K1Rt18/vIRv9uWVouowwtEHcDEmo76fredeUq712mZf2SjLiLZB+Qnjbo9l/d/YMg8pd7qdPufH9CNqAOYRoNFBzAuog5gGkQdUIioA5gSRQe0IeoApjdR0Yk6MG9EHcBMLl28NE7OKTrQAKIOYFY224NyTtGBZhB1APWwXSfngCtEHUCd+LU4wCGiDqBObCCAQ0QdQJ3YQACHiDqAOrGBAA4RdQB1YgMBHCLqAOrEBgI4RNQB1IkNBHCIqAOoExsI4BBRB1AnNhDAIaIOoE5sIIBDRB1AndhAAIeIOoA6sYEADhF1AHViAwEcIuoA6sQGAjhE1AHUiQ0EcIioA6gTGwjgEFEHUCc2EMAhog6gTmwggENEHUCd2EAAh4g6gDqxgQAOEXUAdWIDARwi6gDqxAYCOETUAdSJDQRwiKgDqBMbCOAQUQdQJzYQwCGiDqBObCCAQ0QdQJ3YQACHiDqAOrGBAA4RdUSp2xaRVqfn+nZMq9ue5sbbj5rqw8e8z9hAAIeIOqJUUbVepyXtrpubM7Hpoj7Jh/c6rXLBx/mybCCAQ0QdUcrWqdsWyZxBu+1Wu93KvqrbbrVaItLu9jrJG+w721dIq9MrvbX/gVUfkLyi9CFW9jN32pnP2OlV3sght8Te/nbmpF748MpbYl6XvauIOqAaUUeU+nWqOJ5322nMk7f1/7vXaaVxlXZ3f7/XadmPLr81/VT9t6VfrtdptbsVH7Kffrb0392KqBduZOGWZL9K+rkzD7+XP3zQLcl+PqIOKEfUEaWKk3q/ZJk3mRczJc0ovM6eyfNH5HyMC8Gs+oTlNw44qRduZP6W5LJcfiq99OHVt4STOuAboo4oVdSp207CXnVSz5+3qz9hxWPopainn6HXabU63SGfMP+Z05O3Lbjpdulgnb0lyftXRb3w4eVvjefUAR8RdURpSJ0yzzfb8JWfQpd+CzOn2+JbKx42H/iceuahguJXanV6/YN0q2Wjbh8ZsLmvuiX5BwyyL+Q/fMgtGfNus9hAAIeIOqI0POr+/qnbnBF1QDmijigN+Ztroj4Af6cO6EfUAdSJDQRwiKgDqBMbCOAQUQdQJzYQwCGiDqBObCCAQ0QdQJ3YQACHiDqAOrGBAA4RdQB1YgMBHCLqAOrEBgI4RNQB1IkNBHCIqAOoExsI4BBRB1AnNhDAIaIOoE5sIIBDRB1AndhAAIeIOoA6sYEADhF1AHViAwEcIuoA6sQGAjhE1AHUiQ0EcIioA6gTGwjgEFEHUCc2EMAhog5gJoUdY/g/AcwVUQcwq+ymMehlAA0g6gBmRdQBJYg6gFkRdUAJog6gBulWUnoBQGOIOoAaEHVAA6IOoAaFlrONAE4QdQD1yOacbQRwgqgDqAdRB5wj6gBqI32ubwgQKaIOoDZEHXCLqAOoDVEH3CLqAOrEBgI4RNQBnwjq4HoagXkRog7oZ2t07/ZVO+7/cC079navF8aDOzcK4+HdnfJ4fO9mefx4/1Z2/LT3XXb8/OD77HjyaNevQd0RKqIOqJa05+63V7I5J+r11t31JAO1IeqAUjbnySDqpB0YiagDGiWXoS06UZ/32GfrQxCIOqBOuehEvZnB7gffEXVAHRG507tM1J1E/dLFS67nH5geUQd0SYpO1Ok6MAWiDuhC1DVEna7DU0QdUMQWnag777rrtQBMg6gDihB1DYPDOvxF1AFF5h71vx8VOfjmV1VRP3s097+k+vx7uaifPyay8M7liaK+dWZZVk5vPXm0u3N6UdY2nmyuiqxeSN66uSqyeGa74v3NOz/affJo98Ja//Ysr+8QdWAUog5okS26g5P62aMiB9/6usaTuo361pllObk5sqb2/TdOJr1Pw791Zlls6RuLOl2Hd4g6oEUTUU9P6p+9eah/Bn7t8+qon3tWZOHwksjSy9fNSf3iO0vJBy388cr3Pz/4/ucPjoscP2nO08kpfOvMcvJ5V08mkbYH9OqTeun9M0f8bO8bizqHdfiLqANaNBr1zOPwVQ+/H3z7myTq8stz6cPvv3phQZZeub73XdLyT0zUk1P4xknpP3ielHt7faXwmqqol9/fPOpuH2/fXl+RRotO1OEvog5o4eqkLifeHXxSf/ajzHPqh5eyz7ov/PGKOalfeJSPuulx5jny5DWDop5//yePsq/cvbDWdNGJOvxF1AEtmo16f/z9qMjRD8eLenpSt0+oV0a9lpN64yGvjDpdh1+IOqBFo1H/6nfL9vfKhz2nnot65jl1OfzGF5VRr3iOfHt9Jf3Ft4mfU3d7Uifq8AtRB7Rw/Nvvc/w79f5vv2ejPmz0f/udkzowIaIOaBFu1JOci4z5+26bq24feyfq8BdRB7QIOeq+DaIOTxF1QAuirmcQdXiKqANaEHU9g6jDU0Qd0IKo6xlEHZ4i6oAWR
</p>
</section3>
<section3 topic='Multiple tokens' anchor='multipletokens'>
<p>
When multiple trust is used, the entity (client, user, service, etc.) has one token from each provisioning server. However, when sending a token to a third party,
the sender does not know what provisioning server(s) the third party uses to check access rights and user privileges. Therefore, the client must send all tokens, separated
by a space.
</p>
<p>
When a provisioning server receives a request containing multiple tokens, the most forgiving response must be returned.
</p>
<example caption='Readout request using multiple tokens'>
<![CDATA[
<iq type='get'
from='
primary@example.org/amr'
2017-05-20 10:38:03 -04:00
to='device@example.org'
id='7'>
<req xmlns='urn:xmpp:iot:sensordata' momentary='true' serviceToken='SERVICETOKEN1 SERVICETOKEN2' userToken='USERTOKEN1' seqnr='4'/>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='8'>
<canRead xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' serviceToken='SERVICETOKEN1 SERVICETOKEN2' userToken='USERTOKEN1' momentary='true'/>
2017-05-20 10:38:03 -04:00
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='8'>
<canReadResponse xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' momentary='true' result='true'/>
2017-05-20 10:38:03 -04:00
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='device@example.org'
to='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
id='7'>
<accepted xmlns='urn:xmpp:iot:sensordata' seqnr='4'/>
</iq>]]>
</example>
</section3>
<p>
<strong>Note:</strong> When a provisioning server wants to challenge multiple tokens, separate token challenges are sent, one for each token being challenged.
</p>
</section2>
<section2 topic='Friendships' anchor='friendships'>
<section3 topic='Friendship request accepted' anchor='friendshiprequestaccepted'>
<p>
The following diagram displays how a friendship request from an external party can be handled, delegating the responsibility to a trusted third party:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAFuCAIAAABStVPZAAAatklEQVR4nO3dba/kZn0HYH8ldslq118EwrZJkxB/hkpAm7YhSaGJ5m1bAjQvIEUrERpppD5B2lSVqGi2pAFSJg9sFghJyNMCAbKRti/mjO0Ze+bMOTs+t/+3r0tH2rPjh/HY+o1/57bPmeIWAMBUFak3AAAgGU0IAJiupgkVAACT0dOEzrqGTYMdCwBjowmdHTsWAMZGEzo7diwAjI0mdHbsWAAYG03o7NixADA2t9mEFrOyKGeL7oNL1XzLcvNqx8S9zKui+8ytLajmx8yzS/MKWitorW05/USrVoMAYIQGaEKrltPbkjbmGcRiVt7W2tcKVPOf+rt5pQYBQB72aULNCMnq9L96pKyq/ia0XkSa3rNqE/OqKKqqao8cdZ9luabW2NK8KoqyLIuinC3Wekl7Va0RqaqpNPWqWrVmYwPar7b1SP3/5TPO1CAAyMceTahzjanpCotZ2VcLNi+P9Teh1iqqec+VrHqptW/WWlE9QrO2qo3usmhvwGqgqllq84k7Q1mrhZsyteu637b9CwCM0MnGhJrG0bphZtsASVOTtowJNZVmdTFty7OstK+p9bSc1bedJtRe1dE83U1a2+xtY0KtLd2jC6lBADByJ7lPaK2zbB0TamrHWlkpZ4vW/N2BnM6zNN/Ua9zahPYZE1puU3tMqL8JHX+f0H5dSA0CgPHbowm1Bmv2uk9o131FZasJrd+m0/MszfWo1s0+/WNC63f8HC3Xf5/Qtgt2a1pXwvp+d+zYu6bVIAAI4SRjQuM06K+hnVawfQgAU6UJHV6wHQgAExa/CY2MvQcAgWhCh2TXAUAsmtDB2G8AEI4mdBh2GgBE1N+EOKlEhw8AuC2FMSEAYLI0IQBgujQhAGC6NCEAYLo0IQBgujQhAGC6NCEAYLo0IQBgujQhAGC6NCEAYLo0IQBgujQhAGC6BmlCZ/WxpzHc5s6EM5A6JSOS+lDA8VKnZFwOsj+Pvuk+dDsr/flL//3zl/779Zefe/3l537xytVfvHL1jVf/541X/+fNn3z/zZ98/61rz7917flfvva/b19/4e3rL7zz0x+889MfvPuzH777sx++9/MfvffzH73/+ovvv/7ijV/83/LrV2/8+Fdv/PjXby5+/ebiN2+99Ju3Xvrgly9/8MuXf/v2K799+5XfvfPq79559ffv/uTD9659+N61m++/dvP91z66cX0MXwc5SDA0mRVYAhHYw2ZWEwpwkGBoMiuwBCKwh82sJjT4QXrmO88sv25zr8JwZFZgCURgD5tZTSjAQYKhyazAEojAHjazmlCAgwRDk1mBJRCBPWxm4zahx++tbxy/+yu/e+fV33/jU5ce/rcP37t288rlSw//+9778dnHHnli5AcJhjZUZr/7mQutX/G4+OC393pjvXL50iPPxn1XhaGdJrD/8cd3tH/h6g/+5mRN6Bt3Xnzo3zYDe6KoDpPrKTehx+8tzn3hv44O0rfuLi4+9EzThE5UV68+cOkeTYipG7AJ3fWl1Rvrt79wR3Hf34/6R0yBJYRTNqE/+OtVYP/x4Y9/7OH/NCbU7M+jb7oPnelBOlETevKTFx/89uZB6hkTevaxox9Izz929fpHN65/dOXypQvnlw9deuTZeobhfgD1xkoIZ9KEXv7gyTuLu7/827e/81dHP5yee/S5ax++d+3pPzr/6NXXPrpx/aOrD1y68MCLzc+O7Qh34iywTNXBmtDXPnHh4x8riuKer//zX378aLTo3idf+s1bLz1112q44Xufu3jHn/ygHhN67k8vFaskPtKNanH/ld6zbWtMqDupXvyey/dfeOBFTWifJvT8g+fufbJTVztN6MVHzq/28hP3F5efvnH9oyuXi+VeXr7h3jAmBLdunVkT+q/PXbz7yy98/tzFh5753Tuv/v7dr3y6+NQ/vHft5pXLxR/93TKz919p3jFffOR8sYzn1Qdab5qrOAssU3X7V8cu/Nk/vv/6ize+9oniD//2xi/+7/t/8bHiD7/06zcXv37zS/cWn/zmWy998OSdxV2P//btV174/Ln7vtFcHfvhw+c/fWXz6lgT1R1n21YT2pjUnKzrSZrQyceEvvKtb/Q0oafvaV8UPf/Y1fZ1yifu14Rg5SzHhJ66ey2Yjz537eb7//7ohctPt95Dlzl9+p7Vz5e9cRZYpuq2x4RWgf3aJy78+T8tm9A9X1+eZP/lC3ec+8J3l5ez73zq7S/fV9z5rbX7hL766c6Y0NHPMDeuf3Tj2ccubDnbtseE1ic9fU+d6CeMCZ3+PqHi7q/sHBNafWlC0Ocs7xNqjQk1tx386OHz99+z+UbZRHhtTGjAL4ElhCGa0OaY0C9f/t8Hz913950XP/+d/jumr1yuU9k7JrR/EzImNOjvjjVXLottx+bqA5eKohisDHljJYQBm1BrJOfeJ5c/vdT3CRXF8urY+6/dvPrApfb9fLvuE1rFWWCZqoM3oV+9sXmf0NHl7OLcF7+39rtjP3z4fDM0u/s+ob2bkPuE/KkDSE9mBZZAMgvs2pjQCQcmNKGxv6t6YyUKmRVYAskusE/cf9pbADWhsb+remMlCpkVWAIR2MNmVhMKcJBgaDIrsAQisIfNrCYU4CDB0GRWYAlEYA+bWU0owEGCocmswBKIwB42s5pQgIMEQ5NZgSWQQQP7zbvqP1dx7ovfG3VgD5VZTSjAQYKhyazAEsiAgf36J4u7Hm/+ntAdn3thxIE9VGY1oQAHCYYmswJLIAMG9rufuXjHZ5/fDOwzq7+Guvx4nNduNp+iuvq996MPEdv6wef1J+eMMLOakDdWkFmBJZJhA/vdz15cvzr2g4fOXXzomd+/+5MP3/vqp4tPPf3+azfrP4G4+mb50WP9H3w++o+00oS8sYLMCiyRnFVgH7+vuPOp5Yd7Ns4/evW1m2sfidN8fPLODz4fb2Y1IW+sILMCSyTDBfb5v/jYxQf/dRXYb3/xjjufWhsTWgW21W9efKT5+OSdH3w+3sxqQt5YQWYFlkjO6nfHivv+fuM+oaJYXR1r+k3745N3ffD5eDOrCXljBZkVWCIR2MNmVhMKcJBgaDIrsAQisIfNrCYU4CDB0GRWYAlEYA+bWU0owEGCocmswBKIwB42s5pQgIMEQ5NZgSUQgT1sZjWhAAcJhiazAksgAnvYzGpCAQ4SDE1mBZZABPawmdWEAhwkGJrMCiyBCOxhM6sJBThIMDSZFVgCEdjDZlYTCnCQYGgyK7AEIrCHzawmFOAgwdBkVmAJRGAPm1lNKMBBgqHJrMASiMAeNrOaUICDBEOTWYElEIE9bGY1oQAHCYYmswJLIAJ72MxqQgEOEgxNZgWWQAT2sJnVhAIcJBiazAosgQjsYTOrCQU4SDA0mRVYAhHYw2ZWEwpwkGBoMiuwBCKwh82sJhTgIMHQZFZgCURgD5tZTSjAQYKhyazAEojAHjazmlCAgwRDk1mBJRCBPWxmNaEABwmGJrMCSyACe9jMakIBDhIMTWYFlkAE9rCZHaoJUfPGyvilTsmICCzjlzol4zLSJlSrty/JV3sHjeHrUHsVhiOzAksgAnuQzGpCAQ4SnBmZFVgCEdiDZFYTCnCQ4MzIrMASiMAeJLPDNqG0snkhMBEyC4FkE1hNCBgLmYVAsgmsJgSMhcxCINkEVhMCxkJmIZBsAptzEwIA2E0TAgCmSxMCAKZLEwIApivnJpTNC4GJkFkIJJvAakLAWMgsBJJNYDUhYCxkFgLJJrCaEDAWMguBZBNYTQgYC5mFQLIJrCYEjIXMQiDZBFYTAsZCZiGQbAKbcxMCANhNEwIApksTAgCmSxMCAKYr5yaUzQuBiZBZCCSbwGpCwFjILASSTWA1IWAsZBYCySawmhAwFjILgWQTWE0IGAuZhUCyCawmBIyFzEIg2QRWEwLGQmYhkGwCm3MTAgDYTRMCAKZLEwIApksTAgCmK+cmlM0LgYmQWQgkm8BqQsBYyCwEkk1gNSFgLGQWAskmsJoQMBYyC4FkE1hNC
</p>
<p>
The communication between the XMPP Device and the Provisioning Server could be as follows:
</p>
<example caption='Friendship request accepted'>
<![CDATA[
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='9'>
<isFriend xmlns='urn:xmpp:iot:provisioning' jid='client1@example.org'/>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='9'>
<isFriendResponse xmlns='urn:xmpp:iot:provisioning' jid='client1@example.org' result='true'/>
</iq>]]>
</example>
<p>
<strong>Note:</strong> The provisioning server implicitly understands which two JIDs that are to be checked: The first one is the sender of the message, the second one
is the JID available in the <strong>jid</strong> attribute in the request.
</p>
<p>
<strong>Note 2:</strong> Any resource information in the JID must be ignored by the provisioning server.
</p>
</section3>
<section3 topic='Friendship request rejected' anchor='friendshiprequestrejected'>
<p>
The following diagram displays a friendship request from an external party being rejected as a result of the trusted third party negating the friendship:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAFuCAIAAABStVPZAAAbHUlEQVR4nO3da4/k1n0nYH4lz1iDGX4RW55EiiSLn2GBxBvtRpYUOxLqbbKWndULWzEGiLwCCshebCVaLODA0cSKbCspXTyaxLIk6za+awT0vqguklVkVVd3F/vwf/g8aMCtKl5OFf0r/vqQPV0cAQBMVZF6AAAAyWhCAMB0NU2oAACYjJ4mdNE1jLNysADgPDSh2BwsADgPTSg2BwsAzkMTis3BAoDz0IRic7AA4DzO2YQWs7IoZ4vug0vVfMt682rHk3uZV0V3z60RVPMTltm55bYt4zz9Szge1QmLnGLEahAAnNMATWhVEXad1c/fhE4Y1Dm2vtafTldNzj2qU+xODQKA89unCTVzPKuT9OqRsqr6m9D6Kb/pPauWMa+Koqqq9qRLdy/N7Mzx1uZVUZRlWRTlbFH3lc1NtWakqqbTNBM9ywd6BtAe7doQytmiNbzVU2tlrvPs5uDb82TdhXe+nzsPGwBwHns0oc41pmZ2YzEr+64/bV4e629CrU1U854rWfVaa9+staJVE1rfVD2+9bZU9631AXR2vHF1rN50q0KtjWr3s/U37dGtL3zi+7ntmAEA53S6OaHNWrDzak5zWt8yJ9RUmroP9O9lpT0N09NyVt92mlB7U8fLdIe0tpemYzWlpdG33/VnewbfrnxbFz756pgaBAAHtE8TWtlvDmN9zqMuDc0lpv45oc5e1mdTNsvH6eeElmNqzwmd1IRa491dy3Y9Wz/XnRNqv2P7zQmpQQBwWHs0odZkzV73Ce26r6hsNaH123R69tJMn7Ru9umfE1q/4+d4vf77hLZdsKt17hOqu9DWwey8yak9G1Ws3Se05/u55bgAAOd2mjmhcRr019DGtN9gxwUAItCEzrzTC91tsIMCAEHEb0IT4IgAwEA0obFzOABgOJrQqDkWADAoTWi8HAgAGFp/E2IMEv1fAgAmpDAnBABMliYEAEyXJgQATJcmBABMlyYEAEyXJgQATJcmBABMlyYEAEyXJgQATJcmBABMlyYEAEyXJgQATNcgTeii/kRpDOd8M+ECpE7JiKQ+FHCy1CkZl4O8n8ffdB86z0Z/9to//ey1f3r79Zfefv2ln79x8+dv3HznzX9+581/fvenP3z3pz9879bL7916+Rdv/cv7t195//YrH/z7jz749x99+B8//vA/fvzRz37y0c9+8vHbr3789qt3fv6vy69fvvNvv3zn33717uJX7y5+/d5rv37vtd/84vXf/OL1377/xm/ff+N3H7z5uw/e/P2HP/3ko1uffHTr7sdv3f34rU/v3B7D10EOEgxNZgWWQAT2sJnVhAIcJBiazAosgQjsYTOrCQ1+kF743gvLr3O+qzAcmRVYAhHYw2ZWEwpwkGBoMiuwBCKwh82sJhTgIMHQZFZgCURgD5vZuE3o6QfrG8fv/8bvPnjz99/+wrXH//6Tj27dvXH92uP/sPf7+OJTTzwz8oMEQxsqs9//4yutX/G4+uh39/pgvXH92hMvxv1UhaGdJbD/9z/d0/6Fqz/4q9M1oW/fe/Wxv98M7KmiOkyup9yEnn6wuPSVfzw+SN+5v7j62AtNEzpVXb35yLUHNCGmbsAmdN/XVh+s3/3KPcVDfzPqHzEFlhDO2IT+4C9Xgf27xz/7mcf/nzmh5v08/qb70IUepFM1oWc/f/XR724epJ45oRefOv6B9PJTN29/euf2pzeuX7tyefnQtSderBcY7gdQH6yEcCFN6PXfPHtvcf/Xf/v+9/7i+IfTS0++dOuTj249/0eXn7z51qd3bn9685FrVx55tfnZsR3hTpwFlqk6WBP65ueufPYzRVE88K3/9eefPZ4tevDZ13793mvP3beabvjBl67e859/VM8JvfSn14pVEp/oRrV4+Ebv2bY1J9R9ql79gesPX3nkVU1onyb08qOXHny2U1c7TejVJy6v3uVnHi6uP3/n9qc3rhfLd3n5gXvHnBAcHV1YE/rHL129/+uvfPnS1cde+N0Hb/7+w298sfjC//jo1t0b14s/+u/LzD58o/nEfPWJy8UynjcfaX1oruIssEzV+a+OXfkvf/fx26/e+ebnij/8b3d+/q8//LPPFH/4tV+9u/jVu197sPj837732m+evbe47+nfvv/GK1++9NC3m6tjP3788hdvbF4da6K642zbakIbTzUn6/opTej0c0Lf+M63e5rQ8w+0L4pefupm+zrlMw9rQrBykXNCz92/FswnX7p19+N/ePLK9edbn6HLnD7/wOrny944CyxTde45oVVgv/m5K//1fy6b0APfWp5k//dX7rn0le8vL2ff+9z7X3+ouPc7a/cJ/fUXO3NCxz/D3Ln96Z0Xn7qy5WzbnhNaf+r5B+pEP2NO6Oz3CRX3f2PnnNDqSxOCPhd5n1BrTqi57eAnj19++IHND8omwmtzQgN+CSwhDNGENueEfvH6vzx66aH777365e/13zF943qdyt45of2bkDmhQX93rLlyWWw7NjcfuVYUxWBlyAcrIQzYhFozOQ8+u/zppb5PqCiWV8c+fuvuzUeute/n23Wf0CrOAstUHbwJ/fKdzfuEji9nF5e++oO13x378eOXm6nZ3fcJ7d2E3CfknzqA9GRWYAkks8CuzQmdcmJCExr7p6oPVqKQWYElkOwC+8zDZ70FUBMa+6eqD1aikFmBJRCBPWxmNaEABwmGJrMCSyACe9jMakIBDhIMTWYFlkAE9rCZ1YQCHCQYmswKLIEI7GEzqwkFOEgwNJkVWAIZNLB/e1/9z1Vc+uoPRh3YQ2VWEwpwkGBoMiuwBDJgYL/1+eK+p5t/T+ieL70y4sAeKrOaUICDBEOTWYElkAED+/0/vnrPn7y8GdgXVv8a6vLP47x1t/krqqvfez/+I2Jb//B5/ZdzRphZTcgHK8iswBLJsIH9/p9cXb869qPHLl197IXff/jTTz766y8WX3j+47fu1v8E4uqb5Z8e6//D56P/k1aakA9WkFmBJZKLCuzTDxX3Prf8456Ny0/efOvu2p/Eaf588s4/fD7ezGpCPlhBZgWWSIYL7Mt/9pmrj/6fVWC/+9V77n1ubU5oFdhWv3n1iebPJ+/8w+fjzawm5IMVZFZgieSifneseOhvNu4TKorV1bGm37T/fPKuP3w+3sxqQj5YQWYFlkgE9rCZ1YQCHCQYmswKLIEI7GEzqwkFOEgwNJkVWAIR2MNmVhMKcJBgaDIrsAQisIfNrCYU4CDB0GRWYAlEYA+bWU0owEGCocmswBKIwB42s5pQgIMEQ5NZgSUQgT1sZjWhAAcJhiazAksgAnvYzGpCAQ4SDE1mBZZABPawmdWEAhwkGJrMCiyBCOxhM6sJBThIMDSZFVgCEdjDZlYTCnCQYGgyK7AEIrCHzawmFOAgwdBkVmAJRGAPm1lNKMBBgqHJrMASiMAeNrOaUICDBEOTWYElEIE9bGY1oQAHCYYmswJLIAJ72MxqQgEOEgxNZgWWQAT2sJnVhAIcJBiazAosgQjsYTOrCQU4SDA0mRVYAhHYw2ZWEwpwkGBoMiuwBCKwh82sJhTgIMHQZFZgCURgD5tZTSjAQYKhyazAEojAHjazmlCAgwRDk1mBJRCBPWxmh2pC1HywMn6pUzIiAsv4pU7JuIy0CdXq8SX5ar9BY/g61LsKw5FZgSUQgT1IZjWhAAcJLozMCiyBCOxBMqsJBThIcGFkVmAJRGAPktlhm1Ba2bwQmAiZhUCyCawmBIyFzEIg2QRWEwLGQmYhkGwCqwkBYyGzEEg2gc25CQEA7KYJAQDTpQkBANOlCQEA05VzE8rmhcBEyCwEkk1gNSFgLGQWAskmsJoQMBYyC4FkE1hNCBgLmYVAsgmsJgSMhcxCINkEVhMCxkJmIZBsAqsJAWMhsxBINoHNuQkBAOymCQEA06UJAQDTpQkBANOVcxPK5oXARMgsBJJNYDUhYCxkFgLJJrCaEDAWMguBZBNYTQgYC5mFQLIJrCYEjIXMQiDZBFYTAsZCZiGQb
</p>
<p>
The communication between the XMPP Device and the Provisioning Server could be as follows:
</p>
<example caption='Friendship request rejected'>
<![CDATA[
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='10'>
<isFriend xmlns='urn:xmpp:iot:provisioning' jid='client2@example.org'/>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='10'>
<isFriendResponse xmlns='urn:xmpp:iot:provisioning' jid='client2@example.org' result='false'/>
</iq>]]>
</example>
</section3>
<section3 topic='Unfriending existing friends' anchor='unfriendingexistingfriends'>
<p>
If the provisioning server decides that two friends in the network should no longer be friends and communicate with each other, it simply sends a message to
at least one of the friends as follows:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAEhCAIAAACsu+tgAAAUxklEQVR4nO3dba8T550H4PlKgYDAXyQhtKFA8GdYqc2W3SaBTTaR3+5uHrp5kdAIqckiWeo+JLRZrZQqDU2aB1pDCNDmAQIB8hyQ2Bc+tsf2HB/7nJkzc//nunSkgD0ez5w7v9u/c3sOzu4CALRVVvcBAADURhMCANpr0oQyAIDWKGhC213DqIahBIDFNKHIDCUALKYJRWYoAWAxTSgyQwkAi2lCkRlKAFhsi01o0Otknd5gckO/m41vGPQ6Wdbtr/vALJu+O//YFRQeQ946h7Dw6Qa9Tre/2UOaOYCZ5y/rNDeiBgHAhupqQv3uunetauExbH6XWzi8rR9AgdWakBoEAMtYpgmN1m9mOk6WZZ1ud5km1O9mWbfbHa+QTHbY7XazrNPpZFmnN5g8drzBaFeze1j6GKZuzLr98X/zm82c4Ozh9QZbPoB+Bae5xKACAIst0YTmXtcnKyaDXidbsgnNtI/RmtDkrsmdk9WP8crR3B42OoacfM2Y/fv4WKY7xtSRj7fZ3AHMPLy809xoRAGADa22JjR5UV57TZ57yyZ/w/jPk7fCCpvQ6G2o0Z3TTaZ4D4uOYb03p4bnMX7Tq2hNKL8QM9eEtnAAVZxmETUIAFayTBMaGb1OL1qoyF9hs36NWNyECl7zCyvCMutSM0fW6RQc3vyzLNmElj+AKk5zjhoEAKtaognlVkw2vk7o7tR7Q2t3rdiECq5MKtjD4st0ZpdbxpVi0ijm9jT/TtrMdUKrHMDGTWirp7nOQAIAy1tlTYi8SaGp5FfFVmXUAGATNKFNK1hKqoshA4DN0YSSZ7wAYNM0obQZLADYCk0oYUYKALZIE0qVYQKArStuQjRfTf/DAEAomTUhAKC1NCEAoL00IQCgvTQhAKC9NCEAoL00IQCgvTQhAKC9NCEAoL00IQCgvTQhAKC9NCEAoL00IQCgvSppQtv1IaRp2OI3E7ZB3SlpkLqHAjZWd0qapZTv59of5m/ayk4/PveHj8/94ZPzb31y/q1PPzzz6YdnPrvwx88u/PHKR29f+ejtqxffuXrxnc8v/ena5XevXX73+l/fu/7X97742/tf/O39Gx9/cOPjD25+cvbmJ2dvffrn4deXn/3ly8/+8tWVwVdXBl9fPff11XPffH7+m8/Pf3vtw2+vffjd9QvfXb/w/Rcf/XDj4g83Lt6+een2zUt3bl1uwlcpgwRVk1mBJSECW25mNaEEBgmqJrMCS0IEttzMakKVD9Lp104Pv7b4XYXqyKzAkhCBLTezmlACgwRVk1mBJSECW25mNaEEBgmqJrMCS0IEttzMptuEnjk0vnD8wHPfXb/w/UsP7D322x9uXLx9cv/eY79b+vv4+lPHn2/4IEHVqsrsGz/dnfsVjz2PvLrUxHpy/97jr6c7q0LVNhPY//27XflfuPrRv67WhF7at+ex384GdqWoVpPrNjehZw5lOx7//dogvXIg2/PY6UkTWqmunjm696AmRNtV2IQefHo0sb76+K7s8K8a/SOmwJKETTahH/3LKLC/OXbvPcf+z5rQ5Pu59of5m7Z1kFZqQifu3/PIq7ODVLAm9PpTaz+Q7nzqzOU7ty7fObl/7+6dw5v2Hn99vEF1P4CaWEnCtjSh89+c2JcdePbba6/989oPpzuefOviDzcunvrJzifPXLpz6/KdM0f37j56dvKzYz7Cc3EWWNqqtCb0wn27770ny7KDL/7XP927tlp06MS5r6+ee/nB0XLDmw/v2fX3743XhN76+d5slMTj81HNjpwsfLXNrQnN3zV++MH9R3YfPasJLdOE3nlkx6ETc3V1rgmdPb5z9F1+/ki2/9Sty3dO7s+G3+XhhHvLmhDcvbttTej3D+858Oy7j+7Y89jp765f+P6L5x7KHviPGxdvn9yf/eTfh5k9cnIyY549vjMbxvPM0dykOYqzwNJWW393bPc//ObmJ2dvvXBf9uN/u/Xpn9/+xT3Zj5/+6srgqytPH8ru//XVc9+c2Jc9+My31z5899Edh1+avDv2/rGdD52cfXdsEtUFr7a5JjRz1+TFenyXJrT6mtBzr7xU0IROHcy/KbrzqTP59ymfP6IJwch2rgm9fGAqmE++dfH2zd89uXv/qdwcOszpqYOjny8L4yywtNWW14RGgX3hvt3/+J/DJnTwxeGL7H8/vmvH428M387e9/K1Zw9n+16Zuk7olw/NrQmt/Qxz6/KdW68/tXudV9v8mtD0XacOjhP9vDWhzV8nlB14buGa0OhLE4Ii23mdUG5NaHLZwQfHdh45ODtRTiI8tSZU4ZfAkoQqmtDsmtDn5//0yI7DB/btefS14iumT+4fp7JwTWj5JmRNqNLfHZu8c5mtNzZnju7NsqyyMmRiJQkVNqHcSs6hE8OfXsbXCWXZ8N2xm5dunzm6N38936LrhEZxFljaqvQm9OVns9cJrb2dne144s2p3x17/9jOydLs4uuElm5CrhPyTx1A/WRWYElIsMBOrQmtuDChCTV9VjWxkgqZFVgSEi6wzx/Z7CWAmlDTZ1UTK6mQWYElIQJbbmY1oQQGCaomswJLQgS23MxqQgkMElRNZgWWhAhsuZnVhBIYJKiazAosCRHYcjOrCSUwSFA1mRVYElJpYH/94Pifq9jxxJuNDmxZmdWEEhgkqJrMCiwJqTCwL96fPfjM5N8T2vXwuw0ObFmZ1YQSGCSomswKLAmpMLBv/HTPrp+9MxvY06N/DXX48TiXbk8+RXX0e+9rHyK27gefjz85p4GZ1YRMrCCzAktKqg3sGz/bM/3u2HuP7djz2Onvv/johxu/fCh74NTNS7fH/wTi6A/Djx4r/uDzxn+klSZkYgWZFVhSsl2BfeZwtu/l4Yd7Tux88syl21MfiTP5+OSFH3ze3MxqQiZWkFmBJSXVBfadX9yz55H/GQX21Sd27Xt5ak1oFNhcvzl7fPLxyQs/+Ly5mdWETKwgswJLSrbrd8eyw7+auU4oy0bvjk36Tf7jkxd98HlzM6sJmVhBZgWWlAhsuZnVhBIYJKiazAosCRHYcjOrCSUwSFA1mRVYEiKw5WZWE0pgkKBqMiuwJERgy82sJpTAIEHVZFZgSYjAlptZTSiBQYKqyazAkhCBLTezmlACgwRVk1mBJSECW25mNaEEBgmqJrMCS0IEttzMakIJDBJUTWYFloQIbLmZ1YQSGCSomswKLAkR2HIzqwklMEhQNZkVWBIisOVmVhNKYJCgajIrsCREYMvNrCaUwCBB1WRWYEmIwJabWU0ogUGCqsmswJIQgS03s5pQAoMEVZNZgSUhAltuZjWhBAYJqiazAktCBLbczGpCCQwSVE1mBZaECGy5mdWEEhgkqJrMCiwJEdhyM6sJJTBIUDWZFVgSIrDlZlYTSmCQoGoyK7AkRGDLzawmlMAgQdVkVmBJiMCWm1lNKIFBgqrJrMCSEIEtN7OaUAKDBFWTWYElIQJbbmarakKMmVhpvrpT0iACS/PVnZJmaWgTGhsfXy1f+W9QE77K+q5CdWRWYEmIwJaSWU0ogUGCbSOzAktCBLaUzGpCCQwSbBuZFVgSIrClZLbaJlSvMCcCLSGzkJAwgdWEgKaQWUhImMBqQkBTyCwkJExgNSGgKWQWEhImsJGbEADAYpoQANBemhAA0F6aEADQXpGbUJgTgZaQWUhImMBqQkBTyCwkJExgNSGgKWQWEhImsJoQ0BQyCwkJE1hNCGgKmYWEhAmsJgQ0hcxCQsIEVhMCmkJmISFhAhu5CQEALKYJAQDtpQkBAO2lCQEA7RW5CYU5EWgJmYWEhAmsJgQ0hcxCQsIEVhMCmkJmISFhAqsJAU0hs5CQMIHVhICmkFlISJjAakJAU8gsJCRMYDUhoClkFhISJrCRmxAAwGKaEADQXpoQANBemhAA0F6Rm1CYE4GWkFlISJjAakJAU8gsJCRMYDUhoClkFhISJrCaENAUMgsJCRNYTQhoCpmFhIQJrCYENIXMQkLCBFYTAppCZiEhYQIbu
</p>
<p>
The provisioning server should only send such messages to clients that have previously asked the provisioning server if friendship requests should be accepted or not.
</p>
<p>
<strong>Note:</strong> The device should only honor such messages, if the sender is the trusted third party. Such messages received from other entities not trusted should
be silently ignored.
</p>
2017-05-20 10:38:03 -04:00
<example caption='Unfriending existing friend'>
<![CDATA[
<message from='provisioning.example.org'
to='device@example.org'>
<unfriend xmlns='urn:xmpp:iot:provisioning' jid='client2@example.org'/>
</message>]]>
</example>
</section3>
<section3 topic='Recommending friendships' anchor='recommendingfriendships'>
<p>
The provisioning server can, apart from accepting new friendships and rejecting old friendships, also recommend new friendships. In this case, the provisioning server
simply sends a message to one or both of the soon to be friends, as follows:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAFyCAIAAAAmoZE5AAAerUlEQVR4nO3da68k9X0n8HpLnjFopt6IjUkggKnXsFLiDbvBwNoL6qe7a+wsD2xiIQUvUkvZi03CaiVHDhMTbJM0F8MkxoDBML4D0tkH3XXpruo+fXqqTtX/V5+PRqJPd3VduvhWf+dfdaayMwCAucrGXgEAgNFoQgDAfNVNKAMAmI2OJnTZNYxJ8n8CAOFpQuzl/wQAwtOE2Mv/CQCEpwmxl/8TAAhPE2Iv/ycAEN5tNqHVIs/yxap+YllsX45dLPta00G01r8vO5/DzsewLLJTFjvY2nZRgwCYgyGaUPXEpX5zn2TQJtT7jC/v81SDAJiJY5rQapFvhjbKr+HymbwoDjWh6odqDvW01aBJNVxSD6PU78nz9RuLRbnEc17qWNayyLKiKJpLO7z+eybeTFjVkfValI92Gkq7CS2LzTrni1X96mlr294jfVKDAJiPI5pQ60t9tcg3X9J1GWhOvHtWqC4Ky2Lz1IEH5eT1vLcKVb5YnZ3zUsey6kflnA+t/+7E2zNsrt/OJHs+h2pVy9pXrvaJazvIgNOGGgTArFxsTGi32Rw4O7YsqhGL7Xa03QCay9gaFlnWDaBqCVtNqPul9rIaHatVbrrXf2vijhmu37QoNoM0rXGlrc+hY871q6eu7e4e6YsaBMDcHNOESs1BkUNjKs3TVN29p91gGm9sjrlcuAkdWtaxY0L7ikhlezio8xzVcU2ov7XtgRoEwAwd0YQaAxAnXCdUV5ft61qq4ZD2M43v/Qs3oY5raFrd4tzrhLon3rkUvNEKO85UHdeETlzb9h7ZGorbaZZHUYMAmKeLjAkRl50OwDxpQtjjAMyXJjR3djcAc6YJzZp9DcDMaULzZUcDgCY0U/YyAJzta0KEN9L/bwAwLZkxIQBgtjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL4GaUKXdRfRNNzmhwmXYOyUTMjYuwLON3ZKpqWXz3PzoP3U7cz0Z6/+w89e/Ye3X3vx7dde/PnrN37++o133vjHd974x3d/+sN3f/rD99586b03X/rFW//0/s2X37/58gf/+qMP/vVHv/y3H//y33784c9+8uHPfvLR26989PYrt37+z+s/v3rnX371zr/8+t3Vr99d/ea9V3/z3qu//cVrv/3Fa797//Xfvf/67z944/cfvPGHX/704w/f/PjDNz/56K1PPnrr01s3p/Cnl50EQ5NZgSUhAttvZjWhBHYSDE1mBZaECGy/mdWEBt9Jz3/v+fWf2/xUYTgyK7AkRGD7zawmlMBOgqHJrMCSEIHtN7OaUAI7CYYmswJLQgS238ym24SevL+6cPzeb/z+gzf+8O0vXH/0bz/+8M1Pnrn7+qN/d/Tn+MITjz018Z0EQxsqs9//0zsbv+Jx7eHvHnVgfebu64+9kO5RFYZ2SmD/77+7o/kLV3/0Xy/WhL5917VH/nY3sBeK6jC5nnMTevL+7MpX/n6zk75zb3btkefrJnShunrjoev3aULM3YBN6J6vlQfW737ljuyBv5r0XzEFliSc2IT+6L+Ugf2bRz/7mUf/nzGh+vPcPGg/dak76UJN6OnPX3v4u7s7qWNM6IUnNn8hvfrEjZuf3rr56TN3X7/z6vqp64+9UE0w3F9AHVhJwqU0odd++/Rd2b1f/9373/vPm7+cXnn8xTc//vDN5/7k6uM33vr01s1Pbzx0/c6HXqn/7tiMcCvOAstc9daEvvm5Oz/7mSzL7vvW//pPn92MFt3/9Ku/ee/VZ+8phxt+8KVrd/z7H1VjQi/++fWsTOJj7ahmDz7T+W3bGBNqv1S9/b67H7zzoVc0oWOa0EsPX7n/6VZdbTWhVx67Wn7KTz2Y3f3crZufPnN3tv6U1wfcW8aE4Ozs0prQ33/p2r1ff/nLV6498vzvP3jjD7/8xhezL/yPD9/85Jm7sz/57+vMPvhMfcR85bGr2TqeNx5qHDTLOAssc3X7Z8fu/A9/89Hbr9z65ueyP/5vt37+zz/8i89kf/y1X7+7+vW7X7s/+/xfv/fqb5++K7vnyd+9//rLX77ywLfrs2M/fvTqF5/ZPTtWR/XAt22jCe28VH9ZVy9pQhcfE/rGd77d0YSeu695UvTqEzea5ymfelATgtJljgk9e+9WMB9/8c1PPvq7x++8+7nGMXSd0+fuK/9+2RlngWWubntMqAzsNz9353/8n+smdN+31l+y//srd1z5yvfXp7Pvevb9rz+Q3fWdreuE/vKLrTGhzd9hbt389NYLT9y559u2OSa0/dJz91WJfsqY0OnXCWX3fuPgmFD5RxOCLpd5nVBjTKi+7OAnj1598L7dA2Ud4a0xoQH/CCxJGKIJ7Y4J/eK1f3r4ygP33nXty9/rvmL6mburVHaOCR3fhIwJDfq7Y/WZy2zfvrnx0PUsywYrQw6sJGHAJtQYybn/6fXfXqrrhLJsfXbso7c+ufHQ9eb1fIeuEyrjLLDMVe9N6Ffv7F4ntDmdnV356g+2fnfsx49erYdmD18ndHQTcp2Qf+oAxiezAktCggV2a0zoggMTmtDUj6oOrKRCZgWWhIQL7FMPnnoJoCY09aOqAyupkFmBJSEC229mNaEEdhIMTWYFloQIbL+Z1YQS2EkwNJkVWBIisP1mVhNKYCfB0GRWYEmIwPabWU0ogZ0EQ5NZgSUhgwb2r++p/rmKK1/9waQD21dmNaEEdhIMTWYFloQMGNhvfT6758n63xO640svTziwfWVWE0pgJ8HQZFZgSciAgf3+n167489e2g3s8+W/hrq+Pc5bn9R3US1/731zE7G9Nz6v7pwzwcxqQg6sILMCS0qGDez3/+za9tmxHz1y5dojz//hlz/9+MO//GL2hec+euuT6p9ALB+sbz3WfePzyd/SShNyYAWZFVhSclmBffKB7K5n1zf3rF19/MZbn2zdEqe+ffLBG59PN7OakAMryKzAkpLhAvvSX3zm2sP/pwzsd796x13Pbo0JlYFt9JtXHqtvn3zwxufTzawm5MAKMiuwpOSyfncse+Cvdq4TyrLy7Fjdb5q3Tz504/PpZlYTcmAFmRVYUiKw/WZWE0pgJ8HQZFZgSYjA9ptZTSiBnQRDk1mBJSEC229mNaEEdhIMTWYFloQIbL+Z1YQS2EkwNJkVWBIisP1mVhNKYCfB0GRWYEmIwPabWU0ogZ0EQ5NZgSUhAttvZjWhBHYSDE1mBZaECGy/mdWEEthJMDSZFVgSIrD9ZlYTSmAnwdBkVmBJiMD2m1lNKIGdBEOTWYElIQLbb2Y1oQR2EgxNZgWWhAhsv5nVhBLYSTA0mRVYEiKw/WZWE0pgJ8HQZFZgSYjA9ptZTSiBnQRDk1mBJSEC229mNaEEdhIMTWYFloQIbL+Z1YQS2EkwNJkVWBIisP1mVhNKYCfB0GRWYEmIwPabWU0ogZ0EQ5NZgSUhAttvZjWhBHYSDE1mBZaECGy/mdWEEthJMDSZFVgSIrD9ZlYTSmAnwdBkVmBJiMD2m1lNKIGdBEOTWYElIQLbb2aHakJUHFiZvrFTMiECy/SNnZJpmWgTqlTrN8qf5gc0hT99faowHJkVWBIisL1kVhNKYCfBpZFZgSUhAttLZjWhBHYSXBqZFVgSIrC9ZHbYJjSuMBsCMyGzkJAwgdWEgKmQWUhImMBqQsBUyCwkJExgNSFgKmQWEhImsJGbEADAYZoQADBfmhAAMF+aEAAwX5GbUJgNgZmQWUhImMBqQsBUyCwkJExgNSFgKmQWEhImsJoQMBUyCwkJE1hNCJgKmYWEhAmsJgRMhcxCQsIEVhMCpkJmISFhAhu5CQEAHKYJAQDzpQkBAPOlCQEA8xW5CYXZEJgJmYWEhAmsJgRMhcxCQsIEVhMCpkJmISFhAqsJAVMhs5CQMIHVhICpkFlISJjAakLAVMgsJCRMYDUhYCpkFhISJrCRmxAAwGGaEAAwX5oQADBfmhAAMF+Rm1CYDYGZk
</p>
<example caption='Recommending friendships'>
<![CDATA[
<message from='provisioning.example.org'
to='device@example.org'>
<friend xmlns='urn:xmpp:iot:provisioning' jid='client2@example.org'/>
</message>]]>
</example>
<p>
Note that the receptor can still ask the provisioning server if it can form a friendship with the suggested friend, using the <strong>isFriend</strong> command.
</p>
</section3>
</section2>
<section2 topic='Device Read-out' anchor='devicereadouts'>
<section3 topic='Rejecting read-outs' anchor='rejectingreadouts'>
<p>
An important use case for provisioning in sensor networks is who gets to read out sensor data from which sensors. This use case details how communication with a
provisioning server can help the device determine if a client has sufficient access rights to read the values of the device.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAFuCAIAAABStVPZAAAeKklEQVR4nO3da88k1WEn8PpKnjGjmf4iNp4EApj6DCsl3rAbDMQOqN8ma+wsL2xijRS8SC1lLzYJq5UcOUxMsE3SXDyQGAPmNr4D0uyL7rp0VXU93c9T1afOqd9PI3mmL6dOVfHv+s/pGj/ZHQCAucpCTwAAIBhNCACYr6oJZQAAs9HRhE5dw2bPMQeAIDShSXDMASAITWgSHHMACEITmgTHHACC0IQmwTEHgCAu2ITWy0W2WK6rB1b57u3Y+arzfat871P7t5SvNm/c2eDIWjs4AjUIAEIZowmVDwxXI9bLxbHVaRijNyE1CAACOqQJrZeL7QpP0QmKRxZ53teEyj+UIxRP7awJtZ6tLS3lq50J5Hkx5Crf/qlaeTpjVovF5q2tzVXDH7CDg1KDACCsA5pQ6wupaoFmvVxkvd+Ola/avKgsQLUm1Pds+Ztyk6t6E6petFiuz5xVVZcam2vtaN9Qw1GDACC449aEms2m59uxVV4usey2o2pFZ1W+Y/fZjm+kupvQZoRaE+qb1d7NtReF2kOVa0RDlSI1CACm4Jj7hIo+cdbqS61E7Gs2nWtC7WfL5w5sQn2z2ru5nRWok6wJqUEAMBEHNKGjbqNp3Se0e2tO8Vz3fUKNd9Yf2T7QuE9otbPJ/lnt31yxscVikR12y1Exgd3fHHnEAYDgjlkTGtDx/4r+sDGrr+NO+U/tj6IJAcB0hGhCmzWY4f9NfMfi1dSoQQAwKYHWhGbJgQWAqdGETsRRBYAJ0oROwSEFgGnShEbneALAZHU3IQYU6MwCAGfLrAkBALOlCQEA86UJAQDzpQkBAPOlCQEA86UJAQDzpQkBAPOlCQEA86UJAQDzpQkBAPOlCQEA86UJAQDzNUoTOtXPNo3DBQ8mnEDolExI6FMBZwudkmkZ5Hhuf9N+6CKD/uyVf/rZK//01qsvvPXqCz9/7ebPX7v59uv//Pbr//zOT3/4zk9/+O6tF9+99eIv3viX99586b03X3r/33/0/r//6IP/+PEH//HjD3/2kw9/9pOP3nr5o7devv3zf938+uXb//bLt//tV++sf/XO+tfvvvLrd1/5zS9e/c0vXv3te6/99r3Xfvf+6797//Xff/DTjz+89fGHtz756I1PPnrj09tvTuHXICcJxiazAktEBHbYzGpCEZwkGJvMCiwREdhhM6sJjX6Snvvec5tfFzyqMB6ZFVgiIrDDZlYTiuAkwdhkVmCJiMAOm1lNKIKTBGOTWYElIgI7bGbjbUJP3l/eOH7vN373/uu///YXrj369x9/eOuTG9evPfoPBx/H55947KmJnyQY21iZ/f4fX6n9E4+rD3/3oA/WG9evPfZ8vJ+qMLbzBPb//qe76v/g6g/+6rgm9O27rz7y983AHhXVcXI95yb05P3Zpa/84/Ykfefe7Oojz1VN6Ki6evOha/dpQszdiE3onq8VH6zf/cpd2QN/M+m/YgosUThnE/qDvywC+3ePfvYzj/4/a0LV8dz+pv3QSU/SUU3o6c9fffi7zZPUsSb0/BPbv5BefuLmm5/efvPTG9evXbm8eejaY8+XLxjvL6A+WInCSZrQq795+u7s3q//9r3v/cX2L6eXHn/h1scf3nr2jy4/fvONT2+/+enNh65deejl6u+O9Qi34iywzNVgTeibn7vy2c9kWXbft/7Xn392u1p0/9Ov/PrdV565p1hu+MGXrt71n39Urgm98KfXsiKJj7Wjmj14o/NqW1sTaj9Vvv2+6w9eeehlTeiQJvTiw5fuf7pVV1tN6OXHLhdH+akHs+vP3n7z0xvXs81R3nzg3rYmBHfunKwJ/eOXrt779Ze+fOnqI8/97v3Xf//BN76YfeF/fHjrkxvXsz/675vMPnij+sR8+bHL2SaeNx+qfWgWcRZY5uri345d+S9/99FbL9/+5ueyP/xvt3/+rz/8s89kf/i1X72z/tU7X7s/+/zfvvvKb56+O7vnyd++99pLX770wLerb8d+/OjlL95ofjtWRbXnaltrQo2nqot1+ZQmdPya0De+8+2OJvTsffUvRS8/cbP+PeVTD2pCUDjlmtAz9+4E8/EXbn3y0T88fuX6s7XP0E1On72v+PtlZ5wFlrm68JpQEdhvfu7Kf/2fmyZ037c2F9n//ZW7Ln3l+5uvs+9+5r2vP5Dd/Z2d+4T++outNaHt32Fuv/np7eefuLLnaltfE9p96tn7ykQ/ZU3o/PcJZfd+o3dNqPilCUGXU94nVFsTqm47+Mmjlx+8r/lBWUV4Z01oxF8CSxTGaELNNaFfvPovD1964N67r375e913TN+4Xqayc03o8CZkTWjUfztWfXOZ7Ts3Nx+6lmXZaGXIBytRGLEJ1VZy7n9687eX8j6hLNt8O/bRG5/cfOha/X6+vvuEijgLLHM1eBP65dvN+4S2X2dnl776g51/O/bjRy9XS7P99wkd3ITcJ+T/6gDCk1mBJSKJBXZnTejIhQlNaOqfqj5YiYXMCiwRSS6wTz143lsANaGpf6r6YCUWMiuwRERgh82sJhTBSYKxyazAEhGBHTazmlAEJwnGJrMCS0QEdtjMakIRnCQYm8wKLBER2GEzqwlFcJJgbDIrsERk1MD+7T3l/13Fpa/+YNKBHSqzmlAEJwnGJrMCS0RGDOy3Pp/d82T1/yd015demnBgh8qsJhTBSYKxyazAEpERA/v9P75615+82Azsc8X/G+rmx+O88Un1U1SLf/e+/SFie3/wefmTcyaYWU3IByvIrMASk3ED+/0/ubr77diPHrl09ZHnfv/BTz/+8K+/mH3h2Y/e+KT8v0AsfrP50WPdP/h88j/SShPywQoyK7DE5FSBffKB7O5nNj/cs3L58ZtvfLLzI3GqH5/c+4PPp5tZTcgHK8iswBKT8QL74p995urD/6cI7He/etfdz+ysCRWBrfWblx+rfnxy7w8+n25mNSEfrCCzAktMTvVvx7IH/qZxn1CWFd+OVf2m/uOT+37w+XQzqwn5YAWZFVhiIrDDZlYTiuAkwdhkVmCJiMAOm1lNKIKTBGOTWYElIgI7bGY1oQhOEoxNZgWWiAjssJnVhCI4STA2mRVYIiKww2ZWE4rgJMHYZFZgiYjADptZTSiCkwRjk1mBJSICO2xmNaEIThKMTWYFlogI7LCZ1YQiOEkwNpkVWCIisMNmVhOK4CTB2GRWYImIwA6bWU0ogpMEY5NZgSUiAjtsZjWhCE4SjE1mBZaICOywmdWEIjhJMDaZFVgiIrDDZlYTiuAkwdhkVmCJiMAOm1lNKIKTBGOTWYElIgI7bGY1oQhOEoxNZgWWiAjssJnVhCI4STA2mRVYIiKww2ZWE4rgJMHYZFZgiYjADptZTSiCkwRjk1mBJSICO2xmNaEIThKMTWYFlogI7LCZ1YQiOEkwNpkVWCIisMNmVhOK4CTB2GRWYImIwA6bWU0ogpMEY5NZgSUiAjtsZsdqQpR8sDJ9oVMyIQLL9IVOybRMtAmVyvkF+VU/QFP4NdRRhfHIrMASEYEdJLOaUAQnCU5GZgWWiAjsIJnVhCI4SXAyMiuwRERgB8nsuE0orGR2BGZCZiEiyQRWEwKmQmYhIskEVhMCpkJmISLJBFYTAqZCZiEiyQQ25SYEANBPEwIA5ksTAgDmSxMCAOYr5SaUzI7ATMgsRCSZwGpCwFTILEQkmcBqQsBUyCxEJJnAakLAVMgsRCSZwGpCwFTILEQkmcBqQsBUyCxEJJnAakLAVMgsRCSZwKbchAAA+mlCAMB8aUIAwHxpQgDAfKXchJLZEZgJmYWIJBNYTQiYCpmFiCQTWE0ImAqZhYgkE1hNCJgKmYWIJBNYTQiYCpmFiCQTWE0ImAqZhYgkE1hNCJgKmYWIJBPYlJsQAEA/TQgAmC9NCACYL00IAJivlJtQMjsCMyGzEJFkAqsJAVMhsxCRZAKrCQFTIbMQkWQCqwkBUyGzEJFkAqsJAVMhsxCRZAKrCQFTIbMQkWQCqwkBUyGzEJFkAptyE
</p>
<p>
<strong>Note:</strong> This use case is an extension of the use case 'Read-out rejected' in the XEP-0323
<link url='http://xmpp.org/extensions/xep-0323.html'>Internet of Things - Sensor Data</link>.
</p>
<p>
The following example shows the communication first between the client and the device, then between the device and the provisioning server, and last between the device and the client:
</p>
<example caption='Rejecting read-outs'>
<![CDATA[
<iq type='get'
from='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
to='device@example.org'
id='11'>
<req xmlns='urn:xmpp:iot:sensordata' momentary='true' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1' seqnr='1'/>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='12'>
<canRead xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1' momentary='true'/>
2017-05-20 10:38:03 -04:00
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='12'>
<canReadResponse xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' momentary='true' result='false'/>
2017-05-20 10:38:03 -04:00
</iq>
<iq type='error'
from='device@example.org'
to='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
id='11'>
<rejected xmlns='urn:xmpp:iot:sensordata' seqnr='1'>
<error>Access denied.</error>
</rejected>
</iq>]]>
</example>
</section3>
<section3 topic='Restricting nodes during read-out' anchor='restrictingnodes'>
<p>
In case the device handles multiple nodes that can be read, the provisioning server has the possibility to grant read-out, but to limit the nodes that can be read out.
The provisioning server does this by returning the list of nodes that can be read.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAFuCAIAAABStVPZAAAfx0lEQVR4nO3dba8k1WEn8PpKnjFopr6IjUkggKnPsFLiDbvBQOyA+m2yxs7ywibWSMGL1FL2wSZhtZIjh4kJtkmaBw8kxoB5Gj8D0t0X3fVc3bdv364+dU79fhqJO327T52qmn/Xf07XcLMzAIC5ykJPAAAgGE0IAJivugllAACzMdCETl3DmAanHoC50YSoOfUAzI0mRM2pB2BuNCFqTj0Ac6MJUXPqAZibSzah1SLP8sWq/2CWZVmxPMYMu0MXy7OzZZH1N7vDssjKl7Umtc84jeccuPXLGjzIe73sQmdADQJghkZoQqtFnmVFMUJdWI988X61WuT5YjXQhE6y9Us7qAldcLZqEADztE8TKtd46mpTPpIXRe8iXV6CWysny2IzQnVt7j1SbaV80bLYFKrNs+pp1DWr+5zBuZVFaPua0GqRZ1meb5ayFuUI1Yvyxergrbe2leeNDQ4d0T0PcnX0su6erae7rGe7RxlSgwCYrT2aUO/DoHq5Yd0gWhfp+pv166rr9PYv6nWP1rcamym7UOvzqfo5zcLSmdvms7Fzm1A5YFmfBh45YOvNbTXq0jndbOdBrl9VjtRtQqv914TUIADm7GJrQvWlub5zZqAlNZQX5X5daj9SL3JUCx2NlrD5criLtBrAwNyqInROE2pXtH2b0Hlbb22rMY/OzvYWhfpDDa4RbUY9tAmpQQDM3D5NqNRcv9myXNG6/lbfHa4XrUcG7oXZd02o10Xac6s+GztREzp/IWdLEWwvpJ03VN2fyiNcv2zPJqQGAcAeTegCt7B0Lr/tD51aI/Qf6d2NNHAXzuZFnTt1Wmsh3bkt6yLUWYtp3Mu0VxM6ZOvDTWjLzmbZ5k6i8245au5Jo1xVr28e8m1lSA0CgLNJ//+EDvuXXu3icsp/7B5+6xcxlbMMAEEl14SGlrBOKOzW9zWVUwwAoU24CTEO5xcAKprQvDi5ANCkCc2IMwsAHZrQXDitANA33IRIT6A/YAAwaZk1IQBgtjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL5GaUKn+qGicbjkwYQTCJ2SCQl9KuB8oVMyLUc5npsv+g9dZtCfvfJPP3vln9569YW3Xn3h56/d/PlrN99+/Z/ffv2f3/npD9/56Q/fvfXiu7de/MUb//Lemy+99+ZL7//7j97/9x998B8//uA/fvzhz37y4c9+8tFbL3/01su3f/6v61+/fPvffvn2v/3qndWv3ln9+t1Xfv3uK7/5xau/+cWrv33vtd++99rv3n/9d++//vsPfvrxh7c+/vDWJx+98clHb3x6+80p/DrKSYKxyazAEhGBPW5mNaEIThKMTWYFlogI7HEzqwmNfpKe+95z61+XPKowHpkVWCIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxMxtvE3ry/urG8Xu/8bv3X//9t79w/dG///jDW5/cuPv6o/+w93F8/onHnpr4SYKxjZXZ7//xnY1/4nHt4e/u9cZ64+7rjz0f77sqjO2QwP7f/3RH8x9c/cFfXawJffuua4/8fTewF4rqOLmecxN68v7sylf+cXOSvnNvdu2R5+omdKG6evOh6/dpQszdiE3onq+Vb6zf/cod2QN/M+m/YgosUTiwCf3BX5aB/btHP/uZR/+fNaH6eG6+6D900pN0oSb09OevPfzd7kkaWBN6/onNX0ivPnHzzU9vv/npjbuv33l1/dD1x56vnjDeX0C9sRKFkzShV3/z9F3ZvV//7Xvf+4vNX06vPP7CrY8/vPXsH119/OYbn95+89ObD12/86GX6787NiPci7PAMldHa0Lf/Nydn/1MlmX3fet//flnN6tF9z/9yq/ffeWZe8rlhh986dod//lH1ZrQC396PSuT+Fg/qtmDNwavto01of63qpffd/eDdz70sia0TxN68eEr9z/dq6u9JvTyY1fLo/zUg9ndz95+89Mbd2fro7x+w71tTQjOzk7WhP7xS9fu/fpLX75y7ZHnfvf+67//4BtfzL7wPz689cmNu7M/+u/rzD54o37HfPmxq9k6njcfarxplnEWWObq8p+O3flf/u6jt16+/c3PZX/4327//F9/+Gefyf7wa796Z/Wrd752f/b5v333ld88fVd2z5O/fe+1l7585YFv15+O/fjRq1+80f10rI7qjqttowl1vlVfrKtvaUIXXxP6xne+PdCEnr2v+aHo1SduNj+nfOpBTQhKp1wTeubeVjAff+HWJx/9w+N33v1s4z10ndNn7yv/fjkYZ4Flri69JlQG9pufu/O//s91E7rvW+uL7P/+yh1XvvL99cfZdz3z3tcfyO76Tus+ob/+Ym9NaPN3mNtvfnr7+Sfu3HK1ba4Jtb/17H1Vop+yJnT4fULZvd/YuSZU/tKEYMgp7xNqrAnVtx385NGrD97XfaOsI9xaExrxl8AShTGaUHdN6Bev/svDVx64965rX/7e8B3TN+6uUjm4JrR/E7ImNOq/Has/ucy2nZubD13Psmy0MuSNlSiM2IQaKzn3P73+20t1n1CWrT8d++iNT24+dL15P9+u+4TKOAssc3X0JvTLt7v3CW0+zs6ufPUHrX879uNHr9ZLs7vvE9q7CblPyP/qAMKTWYElIokFtrUmdMGFCU1o6u+q3liJhcwKLBFJLrBPPXjoLYCa0NTfVb2xEguZFVgiIrDHzawmFMFJgrHJrMASEYE9bmY1oQhOEoxNZgWWiAjscTOrCUVwkmBsMiuwRERgj5tZTSiCkwRjk1mBJSKjBvZv76n+dxVXvvqDSQf2WJnVhCI4STA2mRVYIjJiYL/1+eyeJ+v/n9AdX3ppwoE9VmY1oQhOEoxNZgWWiIwY2O//8bU7/uTFbmCfK/9vqOsfj/PGJ/VPUS3/3fvmh4ht/cHn1U/OmWBmNSFvrCCzAktMxg3s9//kWvvTsR89cuXaI8/9/oOffvzhX38x+8KzH73xSfW/QCy/WP/oseEffD75H2mlCXljBZkVWGJyqsA++UB21zPrH+5Zu/r4zTc+af1InPrHJ+/8wefTzawm5I0VZFZgicl4gX3xzz5z7eH/Uwb2u1+9465nWmtCZWAb/eblx+ofn7zzB59PN7OakDdWkFmBJSan+rdj2QN/07lPKMvKT8fqftP88cm7fvD5dDOrCXljBZkVWGIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxM6sJRXCSYGwyK7BERGCPm1lNKIKTBGOTWYElIgJ73MxqQhGcJBibzAosERHY42ZWE4rgJMHYZFZgiYjAHjezmlAEJwnGJrMCS0QE9riZ1YQiOEkwNpkVWCIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxM6sJRXCSYGwyK7BERGCPm1lNKIKTBGOTWYElIgJ73MxqQhGcJBibzAosERHY42ZWE4rgJMHYZFZgiYjAHjezmlAEJwnGJrMCS0QE9riZ1YQiOEkwNpkVWCIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxM6sJRXCSYGwyK7BERGCPm1lNKIKTBGOTWYElIgJ73MxqQhGcJBibzAosERHY42ZWE4rgJMHYZFZgiYjAHjezYzUhKt5Ymb7QKZkQgWX6QqdkWibahCrV/IL8ah6gKfw61lGF8ciswBIRgT1KZjWhCE4SnIzMCiwREdijZFYTiuAkwcnIrMASEYE9SmbHbUJhJbMjMBMyCxFJJrCaEDAVMgsRSSawmhAwFTILEUkmsJoQMBUyCxFJJrApNyEAgN00IQBgvjQhAGC+NCEAYL5SbkLJ7AjMhMxCRJIJrCYETIXMQkSSCawmBEyFzEJEkgmsJgRMhcxCRJIJrCYETIXMQkSSCawmBEyFzEJEkgmsJgRMhcxCRJIJbMpNCABgN00IAJgvTQgAmC9NCACYr5SbUDI7AjMhs
</p>
<p>
<strong>Note:</strong> This use case is an extension of the use case 'Read-out of multiple devices' in the XEP-0323
<link url='http://xmpp.org/extensions/xep-0323.html'>Internet of Things - Sensor Data</link>.
</p>
<p>
<strong>Note 2:</strong> If the server responds, but without specifying a list of nodes, the device can assume that all nodes available in the original request are allowed
to be read. If no nodes in the request are allowed to be read, the provisioning server must respond with a result='false', so the device can reject the read-out request.
</p>
<p>
The following example shows the communication first between the client and the device, then between the device and the provisioning server, and last between the device and the client:
</p>
2017-05-20 10:38:03 -04:00
<example caption='Restricting nodes during read-out'>
<![CDATA[
<iq type='get'
from='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
to='device@example.org'
id='13'>
<req xmlns='urn:xmpp:iot:sensordata' momentary='true' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1' seqnr='2'>
<node nodeId='Device02'/>
<node nodeId='Device03'/>
</req>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='14'>
<canRead xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' momentary='true' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1'>
2017-05-20 10:38:03 -04:00
<node nodeId='Device02'/>
<node nodeId='Device03'/>
</canRead>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='14'>
<canReadResponse xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' momentary='true' result='true'>
2017-05-20 10:38:03 -04:00
<node nodeId='Device02'/>
</canReadResponse>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='device@example.org'
to='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
id='13'>
<accepted xmlns='urn:xmpp:iot:sensordata' seqnr='2'/>
</iq>]]>
</example>
<p>
Note that the provisioning server responds with a <strong>canReadResponse</strong> element, similar to the <strong>canRead</strong> element in the request, except
only the nodes allowed to be read are read. The device must only permit read-out of nodes listed in the response from the provisioning server. Other nodes available
in the request should be ignored.
</p>
</section3>
<section3 topic='Restricting fields during read-out' anchor='restrictingfields'>
<p>
In case the provisioning server wants to limit the fields a device can send to a client, the provisioning server has the possibility to grant read-out, but
list a set of fields the device is allowed to send to the corresponding client.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAFuCAIAAABStVPZAAAfx0lEQVR4nO3dba8k1WEn8PpKnjFopr6IjUkggKnPsFLiDbvBQOyA+m2yxs7ywibWSMGL1FL2wSZhtZIjh4kJtkmaBw8kxoB5Gj8D0t0X3fVc3bdv364+dU79fhqJO327T52qmn/Xf07XcLMzAIC5ykJPAAAgGE0IAJivugllAACzMdCETl3DmAanHoC50YSoOfUAzI0mRM2pB2BuNCFqTj0Ac6MJUXPqAZibSzah1SLP8sWq/2CWZVmxPMYMu0MXy7OzZZH1N7vDssjKl7Umtc84jeccuPXLGjzIe73sQmdADQJghkZoQqtFnmVFMUJdWI988X61WuT5YjXQhE6y9Us7qAldcLZqEADztE8TKtd46mpTPpIXRe8iXV6CWysny2IzQnVt7j1SbaV80bLYFKrNs+pp1DWr+5zBuZVFaPua0GqRZ1meb5ayFuUI1Yvyxergrbe2leeNDQ4d0T0PcnX0su6erae7rGe7RxlSgwCYrT2aUO/DoHq5Yd0gWhfp+pv166rr9PYv6nWP1rcamym7UOvzqfo5zcLSmdvms7Fzm1A5YFmfBh45YOvNbTXq0jndbOdBrl9VjtRtQqv914TUIADm7GJrQvWlub5zZqAlNZQX5X5daj9SL3JUCx2NlrD5criLtBrAwNyqInROE2pXtH2b0Hlbb22rMY/OzvYWhfpDDa4RbUY9tAmpQQDM3D5NqNRcv9myXNG6/lbfHa4XrUcG7oXZd02o10Xac6s+GztREzp/IWdLEWwvpJ03VN2fyiNcv2zPJqQGAcAeTegCt7B0Lr/tD51aI/Qf6d2NNHAXzuZFnTt1Wmsh3bkt6yLUWYtp3Mu0VxM6ZOvDTWjLzmbZ5k6i8245au5Jo1xVr28e8m1lSA0CgLNJ//+EDvuXXu3icsp/7B5+6xcxlbMMAEEl14SGlrBOKOzW9zWVUwwAoU24CTEO5xcAKprQvDi5ANCkCc2IMwsAHZrQXDitANA33IRIT6A/YAAwaZk1IQBgtjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL40IQBgvjQhAGC+NCEAYL5GaUKn+qGicbjkwYQTCJ2SCQl9KuB8oVMyLUc5npsv+g9dZtCfvfJPP3vln9569YW3Xn3h56/d/PlrN99+/Z/ffv2f3/npD9/56Q/fvfXiu7de/MUb//Lemy+99+ZL7//7j97/9x998B8//uA/fvzhz37y4c9+8tFbL3/01su3f/6v61+/fPvffvn2v/3qndWv3ln9+t1Xfv3uK7/5xau/+cWrv33vtd++99rv3n/9d++//vsPfvrxh7c+/vDWJx+98clHb3x6+80p/DrKSYKxyazAEhGBPW5mNaEIThKMTWYFlogI7HEzqwmNfpKe+95z61+XPKowHpkVWCIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxMxtvE3ry/urG8Xu/8bv3X//9t79w/dG///jDW5/cuPv6o/+w93F8/onHnpr4SYKxjZXZ7//xnY1/4nHt4e/u9cZ64+7rjz0f77sqjO2QwP7f/3RH8x9c/cFfXawJffuua4/8fTewF4rqOLmecxN68v7sylf+cXOSvnNvdu2R5+omdKG6evOh6/dpQszdiE3onq+Vb6zf/cod2QN/M+m/YgosUTiwCf3BX5aB/btHP/uZR/+fNaH6eG6+6D900pN0oSb09OevPfzd7kkaWBN6/onNX0ivPnHzzU9vv/npjbuv33l1/dD1x56vnjDeX0C9sRKFkzShV3/z9F3ZvV//7Xvf+4vNX06vPP7CrY8/vPXsH119/OYbn95+89ObD12/86GX6787NiPci7PAMldHa0Lf/Nydn/1MlmX3fet//flnN6tF9z/9yq/ffeWZe8rlhh986dod//lH1ZrQC396PSuT+Fg/qtmDNwavto01of63qpffd/eDdz70sia0TxN68eEr9z/dq6u9JvTyY1fLo/zUg9ndz95+89Mbd2fro7x+w71tTQjOzk7WhP7xS9fu/fpLX75y7ZHnfvf+67//4BtfzL7wPz689cmNu7M/+u/rzD54o37HfPmxq9k6njcfarxplnEWWObq8p+O3flf/u6jt16+/c3PZX/4327//F9/+Gefyf7wa796Z/Wrd752f/b5v333ld88fVd2z5O/fe+1l7585YFv15+O/fjRq1+80f10rI7qjqttowl1vlVfrKtvaUIXXxP6xne+PdCEnr2v+aHo1SduNj+nfOpBTQhKp1wTeubeVjAff+HWJx/9w+N33v1s4z10ndNn7yv/fjkYZ4Flri69JlQG9pufu/O//s91E7rvW+uL7P/+yh1XvvL99cfZdz3z3tcfyO76Tus+ob/+Ym9NaPN3mNtvfnr7+Sfu3HK1ba4Jtb/17H1Vop+yJnT4fULZvd/YuSZU/tKEYMgp7xNqrAnVtx385NGrD97XfaOsI9xaExrxl8AShTGaUHdN6Bev/svDVx64965rX/7e8B3TN+6uUjm4JrR/E7ImNOq/Has/ucy2nZubD13Psmy0MuSNlSiM2IQaKzn3P73+20t1n1CWrT8d++iNT24+dL15P9+u+4TKOAssc3X0JvTLt7v3CW0+zs6ufPUHrX879uNHr9ZLs7vvE9q7CblPyP/qAMKTWYElIokFtrUmdMGFCU1o6u+q3liJhcwKLBFJLrBPPXjoLYCa0NTfVb2xEguZFVgiIrDHzawmFMFJgrHJrMASEYE9bmY1oQhOEoxNZgWWiAjscTOrCUVwkmBsMiuwRERgj5tZTSiCkwRjk1mBJSKjBvZv76n+dxVXvvqDSQf2WJnVhCI4STA2mRVYIjJiYL/1+eyeJ+v/n9AdX3ppwoE9VmY1oQhOEoxNZgWWiIwY2O//8bU7/uTFbmCfK/9vqOsfj/PGJ/VPUS3/3fvmh4ht/cHn1U/OmWBmNSFvrCCzAktMxg3s9//kWvvTsR89cuXaI8/9/oOffvzhX38x+8KzH73xSfW/QCy/WP/oseEffD75H2mlCXljBZkVWGJyqsA++UB21zPrH+5Zu/r4zTc+af1InPrHJ+/8wefTzawm5I0VZFZgicl4gX3xzz5z7eH/Uwb2u1+9465nWmtCZWAb/eblx+ofn7zzB59PN7OakDdWkFmBJSan+rdj2QN/07lPKMvKT8fqftP88cm7fvD5dDOrCXljBZkVWGIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxM6sJRXCSYGwyK7BERGCPm1lNKIKTBGOTWYElIgJ73MxqQhGcJBibzAosERHY42ZWE4rgJMHYZFZgiYjAHjezmlAEJwnGJrMCS0QE9riZ1YQiOEkwNpkVWCIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxM6sJRXCSYGwyK7BERGCPm1lNKIKTBGOTWYElIgJ73MxqQhGcJBibzAosERHY42ZWE4rgJMHYZFZgiYjAHjezmlAEJwnGJrMCS0QE9riZ1YQiOEkwNpkVWCIisMfNrCYUwUmCscmswBIRgT1uZjWhCE4SjE1mBZaICOxxM6sJRXCSYGwyK7BERGCPm1lNKIKTBGOTWYElIgJ73MxqQhGcJBibzAosERHY42ZWE4rgJMHYZFZgiYjAHjezYzUhKt5Ymb7QKZkQgWX6QqdkWibahCrV/IL8ah6gKfw61lGF8ciswBIRgT1KZjWhCE4SnIzMCiwREdijZFYTiuAkwcnIrMASEYE9SmbHbUJhJbMjMBMyCxFJJrCaEDAVMgsRSSawmhAwFTILEUkmsJoQMBUyCxFJJrApNyEAgN00IQBgvjQhAGC+NCEAYL5SbkLJ7AjMhMxCRJIJrCYETIXMQkSSCawmBEyFzEJEkgmsJgRMhcxCRJIJrCYETIXMQkSSCawmBEyFzEJEkgmsJgRMhcxCRJIJbMpNCABgN00IAJgvTQgAmC9NCACYr5SbUDI7AjMhs
</p>
<p>
<strong>Note:</strong> If the server responds, but without specifying a list of field names, the device can assume that all fields available in the original request are allowed
to be sent. If no fields in the request are allowed to be sent, the provisioning server must respond with a result='false', so the device can reject the read-out request.
</p>
<p>
The following example shows the communication first between the client and the device, then between the device and the provisioning server, and last between the device and the client:
</p>
2017-05-20 10:38:03 -04:00
<example caption='Restricting fields during read-out'>
<![CDATA[
<iq type='get'
from='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
to='device@example.org'
id='15'>
<req xmlns='urn:xmpp:iot:sensordata' momentary='true' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1' seqnr='3'/>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='16'>
<canRead xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' momentary='true' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1'/>
2017-05-20 10:38:03 -04:00
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='16'>
<canReadResponse xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' momentary='true' result='true'>
2017-05-20 10:38:03 -04:00
<field name='Energy'/>
<field name='Power'/>
</canReadResponse>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='device@example.org'
to='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
id='15'>
<accepted xmlns='urn:xmpp:iot:sensordata' seqnr='3'/>
</iq>]]>
</example>
<p>
Note that the provisioning server responds with a <strong>canReadResponse</strong> element, similar to the <strong>canRead</strong> element in the request, except only
the fields allowed to be sent are listed. The client must only send fields having field names in this list.
</p>
<p>
Also note, that the provisioning server can return a list of both allowed nodes and allowed field names in the response. In this case, the device must only send allowed fields
from allowed nodes, and ignore all other fields and/or nodes.
</p>
</section3>
</section2>
<section2 topic='Device Control' anchor='devicecontrol'>
<section3 topic='Rejecting control actions' anchor='rejectingcontrolactions'>
<p>
An important use case for provisioning in sensor networks is who gets to control devices, and what they can control. This use case details how communication with a
provisioning server can help the device determine if a client has sufficient access rights to perform control actions on the device.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAFECAIAAAD0gnWJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAACB9SURBVHhe7d19jCPnQcfxMQpvBaUUCkKg0OTO3qSu/2mhVWurzTVNc9hL6CakKxAo26itnYQ0XhKupLCg/nFA4Ghqh5DUbsKxBQRyQ7ul7LqXNM2F6tyqqPQf17lb+/JCRIWgQDnxTqTlefPM2DP2ene9u555vh+dcvP6zPPM5tnnt8/4dhJbW1sOAACAlb7N/A0AAGAfkhAAALCX93QskUjoBQAAgNjTEWggCfGZoajjiwgAwCTcEZOnYwAAwF4kIQAAYC+SEAAAsBdJCAAA2Gt3SahXzSVy1Z5ZE5qlxIBS0+wYJA8bsWsEcSV5gjxx4IL7ylx0vN1Waf9aJO47H5cGAGBHpjgnlK10xUAsdCvZ+snQQT5f29qq5c3KBHrVpeWWXJAnnisn1cb95l50P+xbi4hBAADswpgkJCd+tP7cRX9L7lRHrY/Q7Zgg4ZbQL2BgTiiwV+9X1EEmNdQLiVKpP4OiSpBr7lFerUqloZmq4QIHtphDhwscvmhOFO5eWRu6hsu7Yd4hgxUIa9E0iPKJQQAA7IaaxZH8y9JG0TfNI3UrWccpbvSXBvbJg33co/RBcq/a5C6M3+suuJeUW9TRcsE7SGzarlaDBboL7vUDBQ5e1Bw94sSBq7m8Pe5Z7sJA4eGn75SopFkCAACTcUfP0XNC+ROVbGs55U1oSNl0Svw3Ob8oxvNhalyXA7w5Sk4N6QIKdcdpbw7OfwT39jbb5sxtHqIVF4b2jahVsEBvi5OcyzitTlcuBgv0mF0jThxiJoVkg/T6pC3aPXE5/eUEAAC7MObpWLJ8ToUlEW7qayYK6QjQW2+Y518B+VpXBqilas9JpfuzPtLwZ2KCe72IIRPFTp4cjahVsEC1pbEuS/ZlmwlMcmKzlFrO9CeAlN23aDLEIAAA9mh0EnI/9VKoZysn8jIZrVay9YLYstTJhMwJGcnyStGRWcgRxztmUimYAmRpQ3vztY2iKj+17FRWZXKSUUJ9qmZNnRNmXK2CBcoteiZKppbwTyyHXnSCE/MLIjLKq51sZ00AmqRF8pNE6gYEF8YSpRKDAADYI280PYiRVYzxBWdjus+JZJntSleEE2/J7Io1khAAALvmDqMHmIRkUKnLTwtP+QMzvWouZf7Ze9aWHEQMAgBgLw4jCWFK+EoBALBH7mA6xd+siINADAIAYIpIQlFCDAIAYLpIQpFBDAIAYOq8wVUMtHoBs4kYBADAtLjzCwNJiLEWAADYwI09PB0DAAD2IgkBAAB7kYQAAIC9SEIAAMBeJCEAAGAvkhAAALAXSQgAANiLJAQAAOxFEgIAAPYiCQEAAHuRhAAAgL2m+d4x3uHqx0vcMPvosy46LGYfHdZv733WjT1TTkLf6H1VL4z/79Bq6H+HVsf8d2hV/PfQXXb5FXxjxewT/YU+K9BhEQmis9Bhtan0WdEWXQhPxwAAgL1IQvvlmbPP6D9mHcAMo8MC0TLFPksSAgAA9iIJAQAAe0UuCZ2969VHv/sHjog/3/VLZ+WGJ3/12kdeUAsfetvDamEiLzz48NNmEcB0Pf9H1/1Q6nt+MCn+vOLVR6/72Itm+3hP3PfWHXRhABN44Y9v+NH0q340/X0/8lrx55Un/tpsn9DnxQgb6L876qpR6NfRSkLP3PXqP7jmKxf/65+fE38+49x2zP8d9p2//dd3XmmWt3XxqU9eMIsApu/WR//jn3riz39+8ws3f+a6uz5vNo9zw/1fnLwLA5jQL9T+9e873/rGs9/6xpnfPv/Iw8+bzRO5/reeueM1Ztm1o64ahX4dqST01JOdk7931xGzdvyjz5+93fcV8uaEXnjw+isuu1z8WXjwotogMun1C2rLFSqcvvBg6cNfOn0rP4AC++81d937c49tnHWcFx86ftV3ff9V3/mqm3//Obnjc+WbHlQLzsXH3nr9Yz3vZ0d/Fw50ZwB79IXfuP6nfvbyH7767i+8+PD83Pf+UEr8+cBTcs8T97z7Id0rnz997Pjpi+6c0HN/+LZX/ti3v/LHZE98ONhVr7jjCbVheLT1zQkFd7mnl++7Q3wHUJsORZSS0MXeZjoZCKcBvYeXP3nzF1++9NLLl8rPvv6+ptr4JefG82LL1z7sfOqpnnPl3bUPv+W2T/ADKHAQjiTfLPrvx+59/Kaz//0vz//Pv37g2Td86HOO85M/dc29VfmQunfms5kPvjepD1Zd+J7XfUJ24a/deM/r3xrszgB24E9K/adjxz994/13XiW3feW1d176hwvLvQ/+ymsf/fd/7P77Pz7q/OyKCDM3FK7+4EPykycXz6y/7sRtR+WxUu/MX73u8b/7v3/7u5cvrd3d76teV730CeeW0NF2wNAub7Cedz5uDjkcUUpCR5NznZ7/geXZM2FT7t0LX/3SfW9VwfPWjzvnu+rnyLfc/A75tTt6JCPXAByg53pfFt/1Nv/2y796TM0J3faoc6Erfu58Z+kjnSeaztMfue+an77BHCuILvz++bfLpaPv/extTrA7A9gB7+nYs08WzWzCm1Jm4bbC29TfV17zxk3ZK69//+8++/kzztmP/trVP3292qMk7/iAc0t/TsgXcExXda567Zu2H22HdnUvOO8+ruYjbjj+frXlsETq6dg73ple+WUzcec4Z37ptnetqw9ND0pd/eNvuV//ECn+rN3tZloAh+DFhz7yZ+8tHEvOveHNv6XnhF7432996gPyMfeVhZvO/2X5TPv+2/P6WEV04XZPTZ5ffOzG0w7dGdg/pzf0Z6hfOP83cynZK1+Tf9eFz97z5Nd/s3hc7eh7+yP/puaEHr/mnvv+1GxznI+v63979PyzX7kmtcPumbra+eQZ/eDsDHNCk7v2oW/+4vk3mX879i7n9H9/9JjZ45O8s/LuT+kfIsWf0dPpp2+9rMw/HwP2xyfe1/+3Y9edv/fiQ9c7R2//yC2f1nNCV37H98mnY0LyJ29snz5vfi7s87rw6z/7wNe+OFF3BrBzR4q/+zvPvk99Tuh9zp+f1DOzR2+Y//rqhZ85PvBZlN4jN3+7/pzQLecfuP/n9UbRVR/4+q2qb97qPH6//+eZSXg9fd053Dkh3ju2L8SX9uzTZr7q2mPX6gVg1oj+Qp8V6LCIBNFZ4tRhew8v3OZU5Ad2n7jvsvXjL1f1g7aJTKXPirbw3jEAAHA4kneWM/pTgLecf+DuHcSgqSMJAQCAg/f2R2bjI4AkIQAAYC+SEAAAsBdJCAAA2IskBACA7Z6417wy+RWvfvdDO3o3WfSRhAAAsNtTv36T85h6ZfLF//zK/F/ccdqqX+dOEgIAwG5Hjr752edN+jnynqc/p984Jt+arH4VqnlrsvPkh/pvUe2/EVm/Pnn0i8/Nm1lnG0kIAAC7XfWepx5yioNPxy5+7J7HbzqrXo9j3posfOl1Zfnv3h+/5p4HvdcnO6EvPldHPuJ7peDMIgkBAGC9I+95Sj8d++Yvnv+JXzsjUs4F+dZkNSf0nkedC5tqWugtV6t32d9w+wNfP+O+Pjn8xef6yCggCQEAYLXnaovvqL1oVpyrrnmj/Ct5tXxrspoTevF/v/Wpu+X7WV1XFm72Xp8c9Refk4QAALDakVLjVzbf0f+3Y9ed/+XfPO44R29/4JZP6zmh17hvTXYlj3uvT570xeezijew7gvxfwMvdMTsE/2FPivQYREJorPQYbWp9FnRFt7ACgAAbEcSAgAA9iIJAQAAe5GEAACAvUhCAADAXiQhAABgL5IQAACwF0kIAADYiyQEAADsRRICAAD2IgkBAAB7kYQAAIC9SEIAAMBeJCEAAGAvkhAAALAXSQgAANiLJAQAAOxFEgIAAPYiCQEAAHuRhAAAgL1IQgAAwF4kIQAAYK/E1taWWUp4y7sjSjBLcJyzT5/VC9ceu1YvALOGPuuiw2L20WH99t5n3dgzzSTkeubsM2bpM
<!-- sensor-network-provisioning-15.png-->
</p>
<p>
The following example shows the communication first between the client and the device, then between the device and the provisioning server, and last between the device and the client:
</p>
<example caption='Rejecting control action'>
<![CDATA[
<iq type='set'
from='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
to='device@example.org'
id='17'>
<set xmlns='urn:xmpp:iot:control' xml:lang='en'>
<boolean name='Output' value='true'/>
</set>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='18'>
<canControl xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1'>
2017-05-20 10:38:03 -04:00
<parameter name='Output'/>
</canControl>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='18'>
<canControlResponse xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' result='false'/>
2017-05-20 10:38:03 -04:00
</iq>
<iq type='error'
from='device@example.org'
to='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
id='17'>
<setResponse xmlns='urn:xmpp:iot:control' responseCode='InsufficientPrivileges'/>
</iq>]]>
</example>
</section3>
<section3 topic='Restricting nodes during control' anchor='restrictingnodescontrol'>
<p>
In case the device handles multiple nodes that can be read, the provisioning server has the possibility to grant control access, but to limit the nodes that can be controlled.
The provisioning server does this by returning the list of nodes that can be controlled.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAF1CAIAAAA7pKGBAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAACidSURBVHhe7d19kGtnYd/xo47TpmnHJC3NdJpx8Iu0Nov+IW0YkAZswPhG2jisXbOTTjtePIAOdoy1MbnEJNsOf9wkbm4xkuPaSEDdJem0I1zYlO6Ka2O4DnNFhk7KP0K+Xun6JZ4ynZQ2xJOmaeqZ7fN2XnTOkVba1e7q6Pl+Zufe8/qc5zy7zz4/PUf3KrO/v+8AAABY6a+ZvwEAAOxDEgIAAPYKno5lMhm9AAAAsPB0BBpKQrxnCDPBzxIAYM75QxVPxwAAgL1IQgAAwF4kIQAAYC+SEAAAsNfhktCgXswU6wOzZsiNkts2G2ZHFC1LbbuZ+GXHEMd7pw1VapJyQscc8upHYy463mGrdKx3xNulAQApMrs5ocFOq+NUKhWneW7Gg+ugvr7RkQulxv7+pWpWbZzAYK9bWM6ZlbBJyvGPOezVj8S/6HE4zjsiBgEA0mVMEvLmeIJ5A29L8XxPrYfpILTaWK04ndaOiUJy0kHxpzdiW/yreBeRR7iuOUwcZcbtZllvVYdFjwmVU3RdM18lauSsrSSN895ciDqnWNQnunWvBFURc8yhrx6QhyvxRghda9wtyxr6V9Yi1/D5zRk6ZLgCSXd0cJUmIg4lBgEAUkYMXVp4WdqtOE6h1jdrQr9WcJzKrrc0tC+0MzhPLvmbkhfkaQkH6yWvTL9suUsdHRxjNgWXV0veQWqLOkYvGV45Q8fqBbkpvuUQV/fIQ/xjhxf8i8UKHL6oOXrEiUNX8wV7/LP8haHC1UH+rjFVOog43iwBADD3/GFr9JxQ6Wyt0NnIDU8K6KdN2ZU1MZaGqRkhOc+QyZSbjp4VGux1zfHyKUyjJI6Kben3Oo6+iDytu2dmMSqrYp+TXcrr1UT6mJBI3drbzdghSfJLZtrIX5jEQVf3jGsEdYOdXl8uxgsMmF0jTowwk0KyOfV6rAJx01cpSlxR/1QBAJAuY56OZauXVFjarTjNbROF9CCpc0+IfjSmJhX0tIKMQsGgKkdn+dAlviW37M0JSf57VvT15AA9heG6iZPN4H4yRrTMiEbQzw9DCWQCk5zYdnMbeW8mR4lXIO7QVdKIQQCA9BqdhMzkgpxeKNTOlmQy2qoV1LTPei8/NPOhg5A3g6DmReTAWmrsVtTxuQ2ntiVTTmyLLNMxE0+hUbribKuDOpXdRkkN1Op9Ldtmd1ysbv3Im4TUPmXSN714DnP1kORG0PNgMrUkv2M58aITnFhaFbFVXu1cV3wPVACKVyBe+CRVGkGcQwwCAKRXMIzNy5DWdjNlZ3fEc5yR5FndWl8M4sGS2XUCTvfqp4okBABII3/8WpQkJKewcvrfhsvHbSedRE736qeGGAQASKk5TkJICX5gAADp5Y9is/ufFWETYhAAYDGQhDA1YhAAYGGQhDAdYhAAYJEEo5oY4fQCMAYxCACwAPwX9kNJiEEOAADYwI89PB0DAAD2IgkBAAB7kYQAAIC9SEIAAMBeJCEAAGAvkhAAALAXSQgAANiLJAQAAOxFEgIAAPYiCQEAAHuRhAAAgL1m+bljfIZrGB/ihvlHn/XRYTH/6LBhR++zfuyZcRL6/uCP9ML4PyOriX9GVsf8GVkVf566q66+hl+smH+iv9BnBTosUkF0FjqsNpM+K+5FF8LTMQAAYC+S0HF57uJz+susA5hjdFggXWbYZ0lCAADAXiQhAABgr9QloYv3v/GGv/l3rxdfP/rLF+WGZ37t5ideVguffNfjamEiLz/6+DfNIoDZeunfvucnc3/r72XF14+98Yb3fPYVs328px965xRdGMAEXv7d235q+Sd+avnH/8Gbxdcbzv6B2T6hr4sRNtZ/p+qqaejX6UpCz93/xn9903eu/J//+aL4+n3nnlvCv2Hf91t/cN+1ZvlAV5790gtmEcDs3f35//0/BuLrL37wjTt//z33f91sHue2h781eRcGMKF/1vjT/9b74fef/+H3L/zW5Scef8lsnsitv/ncvW8yy76pumoa+nWqktCzz/TO/av7rzdrZz7z0sWPhr5DwZzQy4/ees1VV4uv1UevqA0ik966qrZco8Lpy4+6n/r2k3fzAhQ4fm+6/+P/5Au7Fx3nlcfOXPejf+e6v/ETd/7Oi3LH16p3PKoWnCtfeOetXxgErx3DXTjWnQEc0Tf+xa0//4tX//0bH/jGK4+vLP3tn8yJr489K/c8/eAHHtO98qUnbznz5BV/TujFf/OuN/z0j7zhp2VPfDzeVa+592m1ITrahuaE4rv806sP3St+A6hNpyJNSejKYG85GwunMYPHN75057def+3V11+rPv/Wh9pq47ed2y+LLd/9lPPlZwfOtQ80PvWOe77IC1DgJFyffbvov5/9+FN3XPzL//XS//3Tjz3/M5/8muP83M/f9PG6fEg9uPDV/Cc+lNUHqy784Fu+KLvwd29/8K3vjHdnAFP4Pdd7OnbmK7c/fN91ctt33nzfa//9hY3BJ371zZ//8z/p//mffN75xU0RZm4r3/iJx+Q7T65c2HnL2XtukMdKgwv/+S1P/fH/+7M/fv217Qe8vhp01de+6NyVONoOiewKBusV53PmkNORpiR0Q3apNwg/sLx4IWnKvf/CH337oXeq4Hn355zLffU68h13vld+7264Pi/XAJygFwd/KH7r7f3XP/y1W9Sc0D2fd17oi9ed73M/3Xu67Xzz0w/d9Au3mWMF0YU/svJuuXTDh756jxPvzgCmEDwde/6ZiplNeFvOLNxTfpf6+9qbfnZP9spbP/Lbz3/9gnPxM79+4y/cqvYo2Xs/5tzlzQmFAo7pqs51b37bwaNtZFf/BecDZ9R8xG1nPqK2nJZUPR177/uWN3/FTNw5zoVfvuf9O+pN08NyN/7DdzysX0SKr+0H/EwL4BS88tin//2Hyrdkl37m7b+p54Re/qsffvlj8jH3teU7Lv+n6oXuwx8t6WMV0YW7AzV5fuULtz/p0J2B4/Pkrn4P9cuX/8tSTvbKN5Xe/8JXH3zme79ROaN2eN79xJ+pOaGnbnrwoX9ntjnO53b0vz166fnv3JSbsnvmbnS+dEE/OLvAnNDkbn7sB790+W3m346933nyLz9zi9kTkr2v9oEv6xeR4mv0dPqTd19V5Z+PAcfjix/2/u3Yey5//Mpjtzo3fPTTd31Fzwld+9d/XD4dE7I/d3v3ycvmdaEn6MJv/eoj3/3WRN0ZwPSur/z2v3z+w+p9Qh92/sM5PTN7w20r39t64R+fGXovyuCJO39Ev0/orsuPPPxP9UbRVR/53t2qb97tPPVw+PXMJIKevuOc7pwQnzt2LMS39uI3zXzVzbfcrBeAeSP6C31WoMMiFURnWaQOO3h89R6nJt+w+/RDV+2ceb2uH7RNZCZ9VtwLnzsGAABOR/a+al6/C/Cuy488MEUMmjmSEAAAOHnvfmI+3gJIEgIAAPYiCQEAAHuRhAAAgL1IQgAA2O7pj5uPTP6xN37gsak+myz9SEIAANjt2X9+h/MF9ZHJV/7iOyv/8d4nrfrv3ElCAADY7fob3v78Syb9XP/Bb35Nf+KY/NRk9V+hmk9Ndp75pPcpqt4nIuuPTx79wefmk1nnG0kIAAC7XffBZx9zKsNPx6589sGn7rioPh7HfGqy8O23VOW/e3/qpgcfDT4+2Un84HN15BOhjxScWyQhAACsd/0Hn9VPx37wS5f/0a9fECnnBfmpyWpO6IOfd17YU9NC77hRfZb9bR995HsX/I9PTv7gc31kGpCEAACw2ouNtfc2XjErznU3/az8K3uj/NRkNSf0yl/98MsPyM9n9V1bvjP4+OS0f/A5SQgAAKtd77Z+de+93r8de8/lX/mNM45zw0cfuesrek7oTf6nJvuyZ4KPT570g8/nFZ/AeizETwMf6Ij5J/oLfVagwyIVRGehw2oz6bPiXvgEVgAAYDuSEAAAsBdJC
<!-- sensor-network-provisioning-14.png-->
</p>
<p>
<strong>Note:</strong> If the server responds, but without specifying a list of nodes, the device can assume that all nodes available in the original request are allowed
to be controlled. If no nodes in the request are allowed to be controlled, the provisioning server must respond with a result='false', so the device can reject the read-out request.
The same is true for parameters: If the provisioning server does not specify parameters in the response, the caller can assume all parameters are allowed.
</p>
<p>
The following example shows the communication first between the client and the device, then between the device and the provisioning server, and last between the device and the client:
</p>
<example caption='Restricting nodes during control'>
<![CDATA[
<iq type='set'
from='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
to='concentrator@example.org'
id='19'>
<set xmlns='urn:xmpp:iot:control' xml:lang='en'>
<node nodeId='DigitalOutput1'/>
<node nodeId='DigitalOutput2'/>
<node nodeId='DigitalOutput3'/>
<node nodeId='DigitalOutput4'/>
<boolean name='Output' value='true'/>
</set>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='concentrator@example.org/plc'
to='provisioning.example.org'
id='20'>
<canControl xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1'>
2017-05-20 10:38:03 -04:00
<node nodeId='DigitalOutput1'/>
<node nodeId='DigitalOutput2'/>
<node nodeId='DigitalOutput3'/>
<node nodeId='DigitalOutput4'/>
<parameter name='Output'/>
</canControl>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='concentrator@example.org/plc'
id='20'>
<canControlResponse xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' result='true'>
2017-05-20 10:38:03 -04:00
<node nodeId='DigitalOutput2'/>
<node nodeId='DigitalOutput3'/>
</canControlResponse>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='concentrator@example.org'
to='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
id='19'>
<setResponse xmlns='urn:xmpp:iot:control' responseCode='OK'>
<node nodeId='DigitalOutput2'/>
<node nodeId='DigitalOutput3'/>
</setResponse>
</iq>]]>
</example>
<p>
Note that the provisioning server responds with a <strong>canControlResponse</strong> element, similar to the <strong>canControl</strong> element in the request, except
only the nodes allowed to be controlled are included. The device must only permit control of nodes listed in the response from the provisioning server. Other nodes available
in the request should be ignored.
</p>
<p>
Also note, that the restricted set of nodes and/or parameters returned from the provisioning server must be returned to the original caller, so it can
act on the information that only a partial control action was allowed and taken.
</p>
</section3>
<section3 topic='Restricting parameters during control' anchor='restrictingparameterscontrol'>
<p>
In case the provisioning server wants to limit the control parameters a client can control in a device, the provisioning server has the possibility to grant
control access, but list a set of parameters the client is allowed to control in the corresponding device.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwMAAAF1CAIAAAA7pKGBAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAACidSURBVHhe7d19kGtnYd/xo47TpmnHJC3NdJpx8Iu0Nov+IW0YkAZswPhG2jisXbOTTjtePIAOdoy1MbnEJNsOf9wkbm4xkuPaSEDdJem0I1zYlO6Ka2O4DnNFhk7KP0K+Xun6JZ4ynZQ2xJOmaeqZ7fN2XnTOkVba1e7q6Pl+Zufe8/qc5zy7zz4/PUf3KrO/v+8AAABY6a+ZvwEAAOxDEgIAAPYKno5lMhm9AAAAsPB0BBpKQrxnCDPBzxIAYM75QxVPxwAAgL1IQgAAwF4kIQAAYC+SEAAAsNfhktCgXswU6wOzZsiNkts2G2ZHFC1LbbuZ+GXHEMd7pw1VapJyQscc8upHYy463mGrdKx3xNulAQApMrs5ocFOq+NUKhWneW7Gg+ugvr7RkQulxv7+pWpWbZzAYK9bWM6ZlbBJyvGPOezVj8S/6HE4zjsiBgEA0mVMEvLmeIJ5A29L8XxPrYfpILTaWK04ndaOiUJy0kHxpzdiW/yreBeRR7iuOUwcZcbtZllvVYdFjwmVU3RdM18lauSsrSSN895ciDqnWNQnunWvBFURc8yhrx6QhyvxRghda9wtyxr6V9Yi1/D5zRk6ZLgCSXd0cJUmIg4lBgEAUkYMXVp4WdqtOE6h1jdrQr9WcJzKrrc0tC+0MzhPLvmbkhfkaQkH6yWvTL9suUsdHRxjNgWXV0veQWqLOkYvGV45Q8fqBbkpvuUQV/fIQ/xjhxf8i8UKHL6oOXrEiUNX8wV7/LP8haHC1UH+rjFVOog43iwBADD3/GFr9JxQ6Wyt0NnIDU8K6KdN2ZU1MZaGqRkhOc+QyZSbjp4VGux1zfHyKUyjJI6Kben3Oo6+iDytu2dmMSqrYp+TXcrr1UT6mJBI3drbzdghSfJLZtrIX5jEQVf3jGsEdYOdXl8uxgsMmF0jTowwk0KyOfV6rAJx01cpSlxR/1QBAJAuY56OZauXVFjarTjNbROF9CCpc0+IfjSmJhX0tIKMQsGgKkdn+dAlviW37M0JSf57VvT15AA9heG6iZPN4H4yRrTMiEbQzw9DCWQCk5zYdnMbeW8mR4lXIO7QVdKIQQCA9BqdhMzkgpxeKNTOlmQy2qoV1LTPei8/NPOhg5A3g6DmReTAWmrsVtTxuQ2ntiVTTmyLLNMxE0+hUbribKuDOpXdRkkN1Op9Ldtmd1ysbv3Im4TUPmXSN714DnP1kORG0PNgMrUkv2M58aITnFhaFbFVXu1cV3wPVACKVyBe+CRVGkGcQwwCAKRXMIzNy5DWdjNlZ3fEc5yR5FndWl8M4sGS2XUCTvfqp4okBABII3/8WpQkJKewcvrfhsvHbSedRE736qeGGAQASKk5TkJICX5gAADp5Y9is/ufFWETYhAAYDGQhDA1YhAAYGGQhDAdYhAAYJEEo5oY4fQCMAYxCACwAPwX9kNJiEEOAADYwI89PB0DAAD2IgkBAAB7kYQAAIC9SEIAAMBeJCEAAGAvkhAAALAXSQgAANiLJAQAAOxFEgIAAPYiCQEAAHuRhAAAgL1m+bljfIZrGB/ihvlHn/XRYTH/6LBhR++zfuyZcRL6/uCP9ML4PyOriX9GVsf8GVkVf566q66+hl+smH+iv9BnBTosUkF0FjqsNpM+K+5FF8LTMQAAYC+S0HF57uJz+susA5hjdFggXWbYZ0lCAADAXiQhAABgr9QloYv3v/GGv/l3rxdfP/rLF+WGZ37t5ideVguffNfjamEiLz/6+DfNIoDZeunfvucnc3/r72XF14+98Yb3fPYVs328px965xRdGMAEXv7d235q+Sd+avnH/8Gbxdcbzv6B2T6hr4sRNtZ/p+qqaejX6UpCz93/xn9903eu/J//+aL4+n3nnlvCv2Hf91t/cN+1ZvlAV5790gtmEcDs3f35//0/BuLrL37wjTt//z33f91sHue2h781eRcGMKF/1vjT/9b74fef/+H3L/zW5Scef8lsnsitv/ncvW8yy76pumoa+nWqktCzz/TO/av7rzdrZz7z0sWPhr5DwZzQy4/ees1VV4uv1UevqA0ik966qrZco8Lpy4+6n/r2k3fzAhQ4fm+6/+P/5Au7Fx3nlcfOXPejf+e6v/ETd/7Oi3LH16p3PKoWnCtfeOetXxgErx3DXTjWnQEc0Tf+xa0//4tX//0bH/jGK4+vLP3tn8yJr489K/c8/eAHHtO98qUnbznz5BV/TujFf/OuN/z0j7zhp2VPfDzeVa+592m1ITrahuaE4rv806sP3St+A6hNpyJNSejKYG85GwunMYPHN75057def+3V11+rPv/Wh9pq47ed2y+LLd/9lPPlZwfOtQ80PvWOe77IC1DgJFyffbvov5/9+FN3XPzL//XS//3Tjz3/M5/8muP83M/f9PG6fEg9uPDV/Cc+lNUHqy784Fu+KLvwd29/8K3vjHdnAFP4Pdd7OnbmK7c/fN91ctt33nzfa//9hY3BJ371zZ//8z/p//mffN75xU0RZm4r3/iJx+Q7T65c2HnL2XtukMdKgwv/+S1P/fH/+7M/fv217Qe8vhp01de+6NyVONoOiewKBusV53PmkNORpiR0Q3apNwg/sLx4IWnKvf/CH337oXeq4Hn355zLffU68h13vld+7264Pi/XAJygFwd/KH7r7f3XP/y1W9Sc0D2fd17oi9ed73M/3Xu67Xzz0w/d9Au3mWMF0YU/svJuuXTDh756jxPvzgCmEDwde/6ZiplNeFvOLNxTfpf6+9qbfnZP9spbP/Lbz3/9gnPxM79+4y/cqvYo2Xs/5tzlzQmFAo7pqs51b37bwaNtZFf/BecDZ9R8xG1nPqK2nJZUPR177/uWN3/FTNw5zoVfvuf9O+pN08NyN/7DdzysX0SKr+0H/EwL4BS88tin//2Hyrdkl37m7b+p54Re/qsffvlj8jH3teU7Lv+n6oXuwx8t6WMV0YW7AzV5fuULtz/p0J2B4/Pkrn4P9cuX/8tSTvbKN5Xe/8JXH3zme79ROaN2eN79xJ+pOaGnbnrwoX9ntjnO53b0vz166fnv3JSbsnvmbnS+dEE/OLvAnNDkbn7sB790+W3m346933nyLz9zi9kTkr2v9oEv6xeR4mv0dPqTd19V5Z+PAcfjix/2/u3Yey5//Mpjtzo3fPTTd31Fzwld+9d/XD4dE7I/d3v3ycvmdaEn6MJv/eoj3/3WRN0ZwPSur/z2v3z+w+p9Qh92/sM5PTN7w20r39t64R+fGXovyuCJO39Ev0/orsuPPPxP9UbRVR/53t2qb97tPPVw+PXMJIKevuOc7pwQnzt2LMS39uI3zXzVzbfcrBeAeSP6C31WoMMiFURnWaQOO3h89R6nJt+w+/RDV+2ceb2uH7RNZCZ9VtwLnzsGAABOR/a+al6/C/Cuy488MEUMmjmSEAAAOHnvfmI+3gJIEgIAAPYiCQEAAHuRhAAAgL1IQgAA2O7pj5uPTP6xN37gsak+myz9SEIAANjt2X9+h/MF9ZHJV/7iOyv/8d4nrfrv3ElCAADY7fob3v78Syb9XP/Bb35Nf+KY/NRk9V+hmk9Ndp75pPcpqt4nIuuPTx79wefmk1nnG0kIAAC7XffBZx9zKsNPx6589sGn7rioPh7HfGqy8O23VOW/e3/qpgcfDT4+2Un84HN15BOhjxScWyQhAACsd/0Hn9VPx37wS5f/0a9fECnnBfmpyWpO6IOfd17YU9NC77hRfZb9bR995HsX/I9PTv7gc31kGpCEAACw2ouNtfc2XjErznU3/az8K3uj/NRkNSf0yl/98MsPyM9n9V1bvjP4+OS0f/A5SQgAAKtd77Z+de+93r8de8/lX/mNM45zw0cfuesrek7oTf6nJvuyZ4KPT570g8/nFZ/AeizETwMf6Ij5J/oLfVagwyIVRGehw2oz6bPiXvgEVgAAYDuSEAAAsBdJC
<!-- sensor-network-provisioning-14.png-->
</p>
<p>
<strong>Note:</strong> If the server responds, but without specifying a list of nodes, the device can assume that all nodes available in the original request are allowed
to be controlled. If no nodes in the request are allowed to be controlled, the provisioning server must respond with a result='false', so the device can reject the read-out request.
The same is true for parameters: If the provisioning server does not specify parameters in the response, the caller can assume all parameters are allowed.
</p>
<p>
The following example shows the communication first between the client and the device, then between the device and the provisioning server, and last between the device and the client:
</p>
<example caption='Restricting parameters during control'>
<![CDATA[
<iq type='set'
from='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
to='plc@example.org'
id='21'>
<set xmlns='urn:xmpp:iot:control' xml:lang='en'>
<boolean name='DigitalOutput1' value='true'/>
<boolean name='DigitalOutput2' value='true'/>
<boolean name='DigitalOutput3' value='true'/>
<boolean name='DigitalOutput4' value='true'/>
<int name='AnalogOutput1' value='65535'/>
<int name='AnalogOutput2' value='65535'/>
<int name='AnalogOutput3' value='65535'/>
<int name='AnalogOutput4' value='65535'/>
</set>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='plc@example.org/plc'
to='provisioning.example.org'
id='22'>
<canControl xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' serviceToken='SERVICETOKEN1' userToken='user0001'>
2017-05-20 10:38:03 -04:00
<parameter name='DigitalOutput1'/>
<parameter name='DigitalOutput2'/>
<parameter name='DigitalOutput3'/>
<parameter name='DigitalOutput4'/>
<parameter name='AnalogOutput1'/>
<parameter name='AnalogOutput2'/>
<parameter name='AnalogOutput3'/>
<parameter name='AnalogOutput4'/>
</canControl>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='plc@example.org/plc'
id='22'>
<canControlResponse xmlns='urn:xmpp:iot:provisioning' jid='primary@example.org' result='true'>
2017-05-20 10:38:03 -04:00
<parameter name='DigitalOutput1'/>
<parameter name='DigitalOutput2'/>
<parameter name='DigitalOutput3'/>
<parameter name='DigitalOutput4'/>
</canControlResponse>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='plc@example.org'
to='primary@example.org/amr'
2017-05-20 10:38:03 -04:00
id='21'>
<setResponse xmlns='urn:xmpp:iot:control' responseCode='OK'>
<parameter name='DigitalOutput1'/>
<parameter name='DigitalOutput2'/>
<parameter name='DigitalOutput3'/>
<parameter name='DigitalOutput4'/>
</setResponse>
</iq>]]>
</example>
<p>
Note that the provisioning server responds with a <strong>canControlResponse</strong> element, similar to the <strong>canControl</strong> element in the request, except only
the parameters allowed to be sent are listed. The device must only control parameters included in this list.
</p>
<p>
Also note, that the provisioning server can return a list of both allowed nodes and allowed parameter names in the response back to the client, so it can
act on the information that only a partial control action was allowed and taken.
</p>
</section3>
</section2>
<section2 topic='Cache' anchor='cache'>
<section3 topic='Clear cache' anchor='clearcache'>
<p>
When the provisioning server updates access rights and user privileges in the system, it will send a <strong>clearCache</strong> command to corresponding devices.
If a device was offline during the change, the provisioning server must send the <strong>clearCache</strong> message when the device comes online again. To acknowledge
the receipt of the command, the client responds with a <strong>clearCacheResponse</strong> element. This response message does not contain any information on what was
done by the client. It simply acknowledges the receipt of the command, to make sure the provisioning server does not resend the clear cache command again.
</p>
<p>
<strong>Note:</strong> The <strong>clearCache</strong> command does not include information on what has been changed, so the device needs to clear the entire cache. This
to avoid complexities in making sure updates made to the provisioning rules works in all cases, and to minimize complexity in the implementation of the protocol on the sensor side.
It is also not deemed to decrease network performance, since changing provisioning rules for a device is an exceptional event and therefore does not affect performance during
normal operation.
</p>
2017-05-20 10:38:03 -04:00
<example caption='Clear cache'>
<![CDATA[
<iq type='set'
from='provisioning.example.org'
to='device@example.org'
id='23'>
<clearCache xmlns='urn:xmpp:iot:provisioning'/>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='device@example.org'
to='provisioning.example.org'
id='23'>
<clearCacheResponse xmlns='urn:xmpp:iot:provisioning'/>
</iq>]]>
</example>
</section3>
</section2>
<section2 topic='Services' anchor='services'>
<section3 topic='Getting a service token' anchor='servicetoken'>
<p>
A service requesting provisioning assistance, needs to retrieve a service token from the provisioning server, by providing a base-64 encoded X.509 certificate.
The following example shows how this can be done.
</p>
<example caption='Requesting a service token'>
<![CDATA[
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='24'>
<getToken xmlns='urn:xmpp:iot:provisioning'>BASE-64 ENCODED PUBLIC X.509 CERTIFICATE</getToken>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='24'>
<getTokenChallenge xmlns='urn:xmpp:iot:provisioning' seqnr='1'>BASE-64 ENCODED CHALLENGE</getTokenChallenge>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='25'>
<getTokenChallengeResponse xmlns='urn:xmpp:iot:provisioning' seqnr='1'>BASE-64 ENCODED RESPONSE</getTokenChallengeResponse>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='25'>
<getTokenResponse xmlns='urn:xmpp:iot:provisioning' token='TOKEN'/>
</iq>]]>
</example>
</section3>
<section3 topic='User access to service' anchor='usertoken'>
<p>
Provisioning in sensor networks also requires control of user access to different services in the network. This use case shows how service access rights are controlled using
a trusted provisioning server.
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA2QAAAHFCAIAAAASVa39AAAgAElEQVR4nO3dbZM0Z3ke4P5L6EEqqf8IFrLBAtS/IVWYWAkGFDBUf00Cjs0Hg21VLEdVXeXENopJpYLLRgYDlt2SQJLNu4QkY4QlVW0+zPR79+zs7sz23dceR6lKszM93T095959Pvf07mYXAACwIFt7BwAASJeyCADAoq4sZgAA0Jgpi7fdVDkdbx8AcELKYjTePgDghJTFaLx9AMAJKYvRePsAgBNSFqPx9gEAJ3TDsliXeZaXdXdHVWTtHXWZZ1lRnWQ/b1Vd5rex2/1jdSKaIgBwWsrixEZ3W1MEAM7gmLJYl/n+t+wMamCWZXlRHFUWl9fQ3lEVWZbn+XCurXted3dV7O9p+9zknsnKD+3AaHKvu7+oujVPZgCv9orKotm5frs+6cyipggAnMMRZXHSaUYl8PKyOLuG3R1VU6OqIluez+tWMFh+/sbCyoe17EBRG+z2tOItH5MDr6i5s1vl4X24Ik0RADiTq80sdhVxX3ImLap/R3d7vIZuxq6dihvUqLlN52U9s72Ze2ZWPtmBuXsG2yyqySTgYLGrvqLdysrBak5UFjVFAOB8jimLjf7U3dLMYv+Cv/n5vOHk3+Sh2ftmZhbbVUzumVn5ga1M75mZEF1e5dGvqGmXvW2doixqigDAWR1RFmcuHFy+ZvFiMMnWm39cusKvuWd2ZrFZVZ4PK+jwMsLJPZOVT3dg7mrI0VYH1yzOzT5e8RVNumF7x4EbB2mKAMC5XWVmkcR4pwCAc1MWt8rbBADcAmVxk7xHAMDtUBa3xxsEANwaZXFjvDsAwG1SFrfEWwMA3LL5skiaVgoJAHB3ZWYWAQBYoiwCALBIWQQAYJGyCADAImURAIBFyiIAAIuURQAAFimLAAAsUhYBAFikLAIAsEhZBABgkbIIAMCimGUx61l7X4gjo2ftd4PTWDtHaVn73eBk1o5SWk5yPPc3pndt0e64vPvmK+1/pzpSkGXZ95//m+8//zc/eOHrP3jh6z988dkfvvjsj777tz/67t/++Hvf+PH3vvGTl775k5e++dOX/+7VV7716ivfeu2fvv3aP337Z//8nZ/983de//7fv/79v3/jB8+98YPn3vzhP+z++5cf/eO//Ogff/7j+uc/rv/1J8//60+e/8VPX/jFT19469UX33r1xV++9t1fvvbdf/vZ995+/aW3X3/pnTdefueNl/vZXvE/31NhSLVUhyTYpw12wLJoCOBMjD6+p+KRaqkOSbBPG+xQZXG2Ke6O1DNfeeaZrzyz9g6ybUaf6feUb6utk2qpDkmwTxvsO1EW24O19g6ybUYfp9V4pFqqQxLs0wZbWYRjGX2cVuORaqkOSbBPG+y7VRYNAdzEmUaf//6B9kfW7vv0X11x9HnykYee+OpGRx9ScK5z6tc++kDvhzEf/K2/OCrVK+VZquO5TrD/z7+7v/8jxL/6X65WFv/w4Qc/+b/Hwb5SpM+Tf2VxxtIPuBgCuLmznFa/9L7sA5/fjz5f+40H7//Y392Zf6qSgjOWxQ98vjmn/sWn788+/AdSze25Zln81f/cBPtPP/Xe93zq/5pZ7I7n/sb0ri1q/0nQP0yGAE7iLKfV//fRB9770W+OR5+vfGb/L9z7fvvr33v79Zfe/qP3P/TAvSzLsuze55595d03X3n32ccfeuDx57p/iX71c/uZnN0Coy9THH1Iwa2UxRd+8eWHsw/+zluvfuW3m2B/9usvvf36S0//+r3PPvvy6nmW6nhOVhZ//30PvPc9WZY9+qX/9Z/euy8YH/ry8//6k+ef+sB9n/6rF9569cW3/vpjD97/77/dzix+/Tcfypq4PjGNdPbYk6+8++Yr7z75SDOqZ/tl2vxPH2qf/ugjjz3w+HPK4kk885Vn2tbYHiPf/9zQ+T+w238M/a1P3PfgJ77yy9e++8vX/ttHsvf/j9dfevuP3p/9+u+988bL7z75SPboF99985Xnnrj32JPd4PLcE/d297/77OMPPfrF55641wwxX3wse+Rpp1UW3FJZ/KuPPfjB3/nWJ+578JPP/PK17/7bz/bBfufJR7Jf/73V8yzV8dz8Y+gH/sOfvvGD5978/fdlv/Zf3/zhP3zj4+/Jfu3zP/9x/fMff/5D2a/88U+e/8WXH84+8IW3Xn3xW5+478N/2H0M/Z1P3fvIk+OPobtItxl+8pFsV/t2/1IalsXRQ923QPuQsnhzu4Myaoq+/7mhc51Wu881vvCh7OGnfvrCUx/sjVi7OZg/ev9Dn/rLd954+d03v/q5Bx55ujfc7EaQpx9t/rX65iu7L3tOPxnjtBrGbc4sDoN977Nff+mdN/7yswnkWarjufHMYhPs33/fA//xf+7K4qNf2g3Xf/bp++/79Nd211c8/NSrv/Ph7OE/GVyz+Lsfmcws7v859OYr77751c89cO9zz/avUPziY5OyOHro6Ufb2H/RzOKJ+c7ntM5xWv3Gx9/zwMf/rCmLf/7p+x9+ajCz2FwE05XFV5574t5jj47HlO7fnc8+/tADjz/dzcQ4rXLIrZTF/TWLvZnF7tKuv//U+nmW6njOURbHM4s/feHvfuu+D3/w4f1wPf0BlycfaT9Hnp1ZPL4smlk8ozAvhESc6bTa+2no7ENfHl2zmGXNx9BtWXz32ccfaidXLr/GK8t8DM2y819csQ/2W6++2LtmcR/sd954+Z0E8izV8Zy8LP7Lj8bXLO6vr8ju+8xfD34a+jufutfNgh++ZvHosuiaxTMK80JIxLlOq3f1x+tIgVRLdUjBgj2YWdzPUCqLJxLmhZCIYKOP0yoXUi3VQYUL9hcfu+41u8riWHbQ2nvH5oUbfZxWkWqpjkmwTxvsUGVxJMwLIRFGH6fVeKRaqkMS7NMGW1mEYxl9nFbjkWqpDkmwTxtsZRGOZfRxWo1HqqU6JME+bbCVRTiW0cdpNR6pluqQzhrsP+5+39l9n/nrOxHsyGURTstp1Wk1HqmW6pDOGOwv/Ur2gS90v2fx/o996w4EO2xZ9BPQnJzTqtNqPFIt1SGdMdhf++iD9//GN8fBfqb5hfO7v2P58jtPPvLQA/cGv+xm/4eeR79w/pV3myX7f+IytWBHLosXUV4LiXBadVqNR6qlOqTzBvtrv/Hg8GPob3/yvgc/+cy//ex7b7/+ux/J3v/0Gy+/0/727ObG7s9Dd79eu/d3/676e7aVxdPoXtX2XwvpcFp1Wo1HqqU6pNsK9hc+nD381Ksv/skH+7/W+d5nn335ncHfrnzk6aYaPv3oYMnPPdv/437pBjt4WbwI8XJIhNOq02o8Ui3VIZ0v2N/8+Hse/K0/b4L9F5+5/+GnBjOLTbB7FfC5J+499uj+y97MYvOfsriK0f5v/eWQDqdVp9V4pFqqQ7qtn4bOPvwHo2sWs6z5GLqrgM8+/lD3Z/raaxazrPkYWllcwXT/t/6KSITTqtNqPFIt1SEJ9mmDHa0szu78pl8R6TD6OK3GI9VSHZJgnzbYd6IsHrgfjmf0cVqNR6qlOiTBPm2wQ5XFA3u+3RdFOow+TqvxSLVUhyTYpw32XSmLlz4KlzL6OK3GI9VSHZJgnzbYocoinJXRx2k1HqmW6pAE+7TBVhbhWEYfp9V4pFqqQxLs0wZbWYRjGX2cVuORaqkOSbBPG2xlEY5l9HFajUeqpTokwT5tsJVFOJbRx2k1HqmW6pAE+7TBVhbhWEYfp9V4pFqqQxLs0wZbWYRjGX2cVuORaqkOSbBPG+wtl8W6zIuq/1Ve1ivuDuEZfZxW45FqqQ5JsE8bbGURjmX0cVqNR6qlOiTBPm2ww5XFusyznbys2y+aGlkVeZ5nWdZ7HhzL6OO0Go9US3VIgn3aYEcri/37enONVbHrh83/4RqMPk6r8Ui1VIck2KcNdrSyeHFRFc3MYt7MMXaTi1Xho2quzejjtBqPVEt1SIJ92mBvuSxeVEX7+fL0ksWq6H383N2pLHJtRh+n1XikWqpDEuzTBnvTZbE3jdj0wu6SxcE1i81li
</p>
<p>
First, the user connects to the service in some way. This can be done using XMPP, HTTP, HTTPS or some other means. The service need to extract some form of identifying
credentials from the user, and provide that to the provisioning server. The provisioning server determines if the client has access rights to the service based on these
credentials, and also provides the service with a <strong>userToken</strong> that the service can use in further communication with the provisioning server regarding
the user and its privileges.
</p>
<p>
The following table lists some different types of credentials that the service can extract from the client:
</p>
<table caption='User Credentials'>
<tr>
<th>Type</th>
<th>Protocols</th>
<th>Description</th>
</tr>
<tr>
<td>JID</td>
<td>XMPP</td>
<td>Allows provisioning to be done on the JID the user has.</td>
</tr>
<tr>
<td>IP Address</td>
<td>HTTP, HTTPS</td>
<td>Allows provisioning to be done on IP address or IP-ranges for instance.</td>
</tr>
<tr>
<td>Host Name</td>
<td>HTTP, HTTPS with DNS</td>
<td>If the service has access to the client host name, for instance in an intra network, this can be used for provisioning.</td>
</tr>
<tr>
<td>X.509 Certificate</td>
<td>HTTPS</td>
<td>If the client provides a client certificate, such a certificate can be used to provide provisioning.</td>
</tr>
<tr>
<td>X.509 Certificate Thumbprint</td>
<td>HTTPS</td>
<td>
The client can also choose to validate the certificate itself and only send the certificate thumbprint to the provisioning server. Even though this
provides somewhat lesser security than providing the entire certificate, it might be an option to distribute certificate validation checks across the network
to lower the work load on the provisioning server.
</td>
</tr>
<tr>
<td>User Name</td>
<td>HTTP, HTTPS, XMPP</td>
<td>
If authenticated HTTP(S) access is implemented, the service can provide the user name as credentials. XMPP based clients can use
information in the roster to provide user name information to the provisioning server.
</td>
</tr>
<tr>
<td>Geolocation</td>
<td>HTML5 over HTTP(S), XMPP</td>
<td>
If the geographic location (longitude, latitude and possibly altitude) of the user client is known, it can be used. HTML 5 provides mechanism whereby the location
of the client can be fetched. &xep0080; provides a mechanism whereby client location can be obtained over XMPP.
</td>
</tr>
<tr>
<td>SSO Token</td>
<td>Intranet</td>
<td>If a single sign on token is available, such a token could be provided as credentials.</td>
</tr>
<tr>
<td>Protocol</td>
<td>Any</td>
<td>Connection protocol used to connect to the service.</td>
</tr>
</table>
<p>
The provisioning server receives these credentials, and decides if the user should have access to the service or not, based on rules configured in the provisioning service.
If the user is granted access, a <strong>userToken</strong> is generated and returned to the service.
</p>
<p>
Now, the service can determine if this access grant is sufficient or not. It can require the user to login into the service first. If so, the service should provide the provisioning
server with the user name used during login, when logged in.
</p>
<example caption='User access to service'>
<![CDATA[
<!-- user connects to service -->
2017-05-20 10:38:03 -04:00
<iq type='get'
from='service@example.org/service'
to='provisioning.example.org'
id='26'>
<canAccess xmlns='urn:xmpp:iot:provisioning' serviceToken='SERVICETOKEN1'>
<credentials type='IpAddress' value='10.0.0.1'/>
<credentials type='Longitude' value='123.45'/>
<credentials type='Latitude' value='67.89'/>
</canAccess>
</iq>
<iq type='result'
from='provisioning.example.org'
to='service@example.org/service'
id='26'>
<canAccessResponse xmlns='urn:xmpp:iot:provisioning' userToken='USERTOKEN1' result='true'/>
</iq>
<!-- user performs login into service -->
<message from='service@example.org/service'
to='provisioning.example.org'>
<userLoggedIn xmlns='urn:xmpp:iot:provisioning' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1' userName='Kermit' />
</message>
<!-- user continues interacting with service -->]]>
</example>
</section3>
</section2>
<section2 topic='User privileges' anchor='userprivileges'>
<section3 topic='User privileges in service' anchor='userpriviliegesservices'>
<p>
When a user has been given access to a service, and properly been identified, the service can ask the provisioning service for detailed user privileges to control
different aspects of the service. This can be done using the <strong>hasPrivilege</strong> command. Here, the service sends its <strong>serviceToken</strong> and
the <strong>userToken</strong> earlier received when being granted access to the service. Furthermore a <strong>privilegeId</strong> has to be provided.
</p>
<p>
A <strong>Privilege ID</strong> is a string composed of one or a sequence of parts, delimited by period characters. The Privilege IDs form a tree of privileges,
using an invisible, but common, root privilege.
</p>
<p>
The following table suggests some examples of Privilege IDs, with suggestive descriptions. (Only used as an example.)
</p>
<table caption='Privilege ID examples'>
<tr>
<th>Privilege ID</th>
<th>Description</th>
</tr>
<tr>
<td>Databases.Energy.Select</td>
<td>Gives the user the rights to select data from the Energy database.</td>
</tr>
<tr>
<td>Databases.Energy.Insert</td>
<td>Gives the user the rights to insert data into the Energy database.</td>
</tr>
<tr>
<td>Databases.Energy.Delete</td>
<td>Gives the user the rights to delete data from the Energy database.</td>
</tr>
</table>
<p>
<strong>Note:</strong> Note that privilege IDs are local to the service. Different services are allowed to use similar or same Privilege IDs, in different contexts and
with different meanings. The provisioning server must separate Privilege IDs from different services.
</p>
<p>
The client must always provide full Privilege IDs to the provisioning server. The provisioning server however, can grant partial privilege IDs, pointing to parent
privilege nodes to a user or a role object, granting a user a specific role. If granting a parent privilege ID to a user or role, this is interpreted as
giving the corresponding user or role the privileges of the entire sub-tree defined by the parent privilege ID.
</p>
<p>
If additional control over privileges is desired, negative privileges can be assigned to the user or role. Granted or explicitly rejected privileges are specified in a
sequential list of full or partial privilege IDs. This list is then processed sequentially to determine if a privilege is granted or not.
</p>
<p>
Example: Consider the privileges above. Give a user or its corresponding role the following privileges in a sequential list:
</p>
<ul>
<li>Exclude: Databases.Energy.Delete</li>
<li>Include: Databases.Energy</li>
</ul>
<p>
This would give the user rights to select and insert data, but not to delete data from the Energy database.
</p>
<p>
<strong>Note:</strong> Care should be taken when constructing Privilege IDs, so they do not include variable data that potentially can create an infinite amount of
privilege IDs. For example: Do not include user names, sensor IDs, etc., in privilege IDs, as the number of such entities cannot be estimated or is scalable beforehand.
</p>
<p>
The following diagram shows an example of how a service asks permission from a provisioning server before an action is taken:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA2QAAAILCAIAAAAIX8ikAAAgAElEQVR4nO3dbZM0Z3ke4P5L6EEqqf8IFrLBAtS/IVWYWAkGFDDUfE0Cjs0Hg21VLEdVU+XENopJpYLLRgYDlj2SQJLNu4QkY4QlVW0+zEv3TE/Pzu7O7tx99nGUqrQ729PTM3vO1afu6edRdQEAAAOqcx8AAADlUhYBABjUlsUKAADW9pTFu26q3Dm/ZQDgGMriRPktAwDHUBYnym8ZADiGsjhRfssAwDGUxYnyWwYAjnHDsriY1VU9W7Q3zJtqc8NiVldVMz/Jce7TfawDPz282e0dQMEPpCkCAEcac1k80p1VupHQFAGA4x1TFhezevW37GzVwKqq6qY5qiwO72Fzw7ypqrqut3vdvKmqpmmWWzbznc3WjzVv1p202133rCz2HnTPExnepl85tx5i+ziPefX2PffZ4edyY5oiAHAlR5TFXlPZKYGXl8W9e1jesCl686bfszo3rvfV3Wy7q807O+v9tJ4t9jxo/4kMHNhAUdt6iIGtr/rcDz+Xm9EUAYCrutrKYtusVtWl9zF094b26909zJvu3wq+Vfi2dG5cfdndbHvJsLsqt/XT7gLk9oP2n8ieA+sd/Pbh7Rx8v9Zd9bkffC43oCkCANdwTFlcG16Qa7fpXqfYrzjdPeyUn8Gy2F9Z7JfFTSPr7OHAymL/YPsri8NPf/uWS8vilZ/7oedyXZoiAHA9R5TFztLY5dcsXmwtne1UuX3X7a1vGV5Z7F2zuKcsHvr8d881iweeSG+bPQe/9yEGyuJ1nvsRz+Uqf9ZbUwQAru0qK4t3b2+DPPH+2+sHU//IdEG/UABgbKZdFg8tG4Yo6LcJAIxQ2WWRm/GrBABuSFmM5fcIANycspjJLxEAOAllMZDfIABwKvvLIqN2piwBAIEqK4sAAAxRFgEAGKQsAgAwSFkEAGCQsggAwCBlEQCAQcoiAACDlEUAAAYpiwAADFIWAQAYpCwCADBIWQQAYFBmWaw6zn0s5KjoOPdvg9M4d47Kcu7fBidz7iiV5SSv5+qL/k1jtHxd3n3zlc0/p3qloKqq7z//N99//m9+8MLXf/DC13/44rM/fPHZH333b3/03b/98fe+8ePvfeMnL33zJy9986cv/92rr3zr1Ve+9do/ffu1f/r2z/75Oz/75++8/v2/f/37f//GD5574wfPvfnDf1j+8y8/+sd/+dE//vzHi5//ePGvP3n+X3/y/C9++sIvfvrCW6+++NarL/7yte/+8rXv/tvPvvf26y+9/fpL77zx8jtvvNzN9hn/8Z6KIdVSHUmwTxvswLJoBHBLTB/vqTxSLdWRBPu0wY4qi3ub4vKVeuYrzzzzlWfOfYCMm+nTf095W42dVEt1JME+bbAnURY3L9a5D5BxM32cVvNItVRHEuzTBltZhGOZPk6reaRaqiMJ9mmDPa2yaARwE7c0ff77BzZ/ZO2+T//VFafPk4889MRXRzp9KMFtnVO/9tEHOn8Y88Hf+oujUn2mPEt1nusE+//8u/u7f4T4V//L1criHz784Cf/926wrxTp28m/srjH0B9wMQK4uVs5rX7pfdUHPr+aPl/7jQfv/9jfTeY/VSnBLZbFD3x+fU79i0/fX334D6Sau3PNsvir/3kd7D/91Hvf86n/a2WxfT1XX/RvGqPNfxJ0XyYjgJO4ldPq//voA+/96Dd3p89XPrP6L9z7fvvr33v79Zfe/qP3P/TAvaqqqure55595d03X3n32ccfeuDx59r/Ev3q51YrOcsNdr4tcfpQgjspiy/84ssPVx/8nbde/cpvr4P92a+/9PbrLz396/c+++zLZ8+zVOc5WVn8/fc98N73VFX16Jf+139676pgfOjLz//rT55/6gP3ffqvXnjr1Rff+uuPPXj/v//2ZmXx67/5ULWO6xP9SFePPfnKu2++8u6Tj6ynerXaZpP//o82d3/0kcceePw5ZfEknvnKM5vWuHmNvP+5odv/wG71MfS3PnHfg5/4yi9f++4vX/tvH6ne/z9ef+ntP3p/9eu/984bL7/75CPVo198981Xnnvi3mNPtsPluSfuLW9/99nHH3r0i889cW89Yr74WPXI006rDLijsvhXH3vwg7/zrU/c9+Ann/nla9/9t5+tgv3Ok49Uv/57Z8+zVOe5+cfQD/yHP33jB8+9+fvvq37tv775w3/4xsffU/3a53/+48XPf/z5D1W/8sc/ef4XX364+sAX3nr1xW994r4P/2H7MfR3PnXvI0/ufgzdRnqT4ScfqZa1b/lfSttlcedH7Vtg8yNl8eaWL8pOU/T+54Zu67Tafq7xhQ9VDz/10xee+mBnYi3XYP7o/Q996i/feePld9/86uceeOTpzrhZTpCnH13/1+qbryy/7Tj9YozTaoy7XFncDva9z379pXfe+MvPFpBnqc5z45XFdbB//30P/Mf/uSyLj35pOa7/7NP33/fpry2vr3j4qVd/58PVw3+ydc3i736kt7K4+s+hN195982vfu6Be597tnuF4hcf65XFnR89/egm9l+0snhi3vmc1m2cVr/x8fc88PE/W5fFP//0/Q8/tbWyuL4Ipi2Lrzz3xL3HHt2dKe1/dz77+EMPPP50uxLjtMohd1IWV9csdlYW20u7/v5T58+zVOe5jbK4u7L40xf+7rfu+/AHH16N6/4fcHnykc3nyHtXFo8vi1YWb1HME6EQt3Ra7fxp6OpDX965ZrGq1h9Db8riu88+/tBmceXya7yqysfQDLv9iytWwX7r1Rc71yyugv3OGy+/U0CepTrPycviv/xo95rF1fUV1X2f+eutPw39nU/da1fBD1+zeHRZdM3iLYp5IhTitk6rU/3jdZRAqqU6Uliwt1YWVyuUyuKJxDwRChE2fZxWuZBqqQ4VF+wvPnbda3aVxV3VQec+OkYvbvo4rSLVUp1JsE8b7KiyuCPmiVAI08dpNY9US3UkwT5tsJVFOJbp47SaR6qlOpJgnzbYyiIcy/RxWs0j1VIdSbBPG2xlEY5l+jit5pFqqY50q8H+4/bvO7vvM389iWAnl0U4LadVp9U8Ui3VkW4x2F/6leoDX2j/nsX7P/atCQQ7tiz6E9CcnNOq02oeqZbqSLcY7K999MH7f+Obu8F+Zv0Xzi//P5Yvv/PkIw89cG/rL7tZ/Y+ed/7C+VfeXW/Z/V9clhbs5LJ4kfJcKITTqtNqHqmW6ki3G+yv/caD2x9Df/uT9z34yWf+7Wffe/v13/1I9f6n33j5nc3fnr3+Yvm/h27/eu3O//fvqn/PtrJ4Gu2zGv9zoRxOq06reaRaqiPdVbC/8OHq4adeffFPPtj9a53vffbZl9/Z+n9XPvL0uho+/ejWlp97tvs/9ys32OFl8SLi6VAIp1Wn1TxSLdWRbi/Y3/z4ex78rT9fB/svPnP/w09trSyug92pgM89ce+xR1ffdlYW1/8oi2exc/xjfzqUw2nVaTWPVEt1pLv609DVh/9g55rFqlp/DN1WwGcff6j93/RtrlmsqvXH0MriGfSPf+zPiEI4rTqt5pFqqY4k2KcNdlpZ3Hvwo35GlMP0cVrNI9VSHUmwTxvsSZTFA7fD8Uwfp9U8Ui3VkQT7tMGOKosHjny8T4pymD5Oq3mkWqojCfZpgz2VsnjpT+FSpo/Tah6plupIgn3aYEeVRbhVpo/Tah6plupIgn3aYCuLcCzTx2k1j1RLdSTBPm2wlUU4lunjtJpHqqU6kmCfNtjKIhzL9HFazSPVUh1JsE8bbGURjmX6OK3mkWqpjiTYpw22sgjHMn2cVvNItVRHEuzTBltZhGOZPk6reaRaqiMJ9mmDPeayuJjVzbz7XT1bnPFwiGf6OK3mkWqpjiTYpw22sgjHMn2cVvNItVRHEuzTBjuuLC5mdbVUzxabb9Y1ct7UdV1VVed+cCzTx2k1j1RLdSTBPm2w08pi97bOWuO8WfbD9b/hGkwfp9U8Ui3VkQT7tMFOK4sXF/NmvbJYr9cY28XFeeOjaq7N9HFazSPVUh1JsE8b7
</p>
<example caption='User privileges in service'>
<![CDATA[
<!-- user wants to perform action -->
<iq type='get'
from='service@example.org/service'
to='provisioning.example.org'
id='27'>
<hasPrivilege xmlns='urn:xmpp:iot:provisioning' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1' privilegeId='Sensors.View'/>
</iq>
<iq type='result'
from='provisioning.example.org'
to='service@example.org/service'
id='27'>
<hasPrivilegeResponse xmlns='urn:xmpp:iot:provisioning' result='true'/>
</iq>
<!-- user performs action -->]]>
</example>
</section3>
<section3 topic='Download all user privileges' anchor='downloadall'>
<p>
To improve performance, services can download the entire set of user privileges, and perform privilege checks internally. The following diagram displays
how the above two use cases could be handled in such a case:
</p>
<p>
<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA2QAAAMvCAIAAAAyFYQwAAAgAElEQVR4nO3da5M8/Vkf9n5L6EZ3Sf1GsJAtEEL9GlIFxEo4SBFG1U+TALH1ALBRxXJU1VVObKSYVCpQWDIgQPbogHTbHAQSkjgIpLtq82Cmz92zs7sz21df8/mUqjQ704ff9H6353v/uve/xQMAAKwoth4AAABxKYsAAKzqy2IBAACthbL42k2VqIQBAO6cssg5wgAAd05Z5BxhAIA7pyxyjjAAwJ1TFjlHGADgzr2wLB7qsijrQ/9EUw1/d2b00rM11bO2NBvbmS0/cxfXcH7Xm45QUwQAblEW2ycOdVkUVfPiMeYuixd69RFqigDAw2Vl8VCXk5nC9pmyqs6UxeNXVfMwnHAs60Nf4w51WfSPjus1VVFU1Wn5buXTNsfbGQ7tgrHNFz5TFruh96+tH4fuiaYqirIsxxtbeUenxdrN9zscttyFEc52euYtP5emCAAcXVAWZ0WqnzHsy97ywqfaM+tBg/87lp5BP2qqaUkcFaZ5nxrt9tzY5mN8UllcPA6DgtuV4ulkav9kO7rhYrN31+95aYTznV7ylp9EUwQAOk+bWew7yamSnL0M3faZ6UxZ1ZzWq6vTZNhwRmy9pS1sZzZbeG5s86nF584sTqdLuy2Oit58U+3D4WLjKcOyrkebmI1wvtOzb/nJNEUAYOgp9yxeMpU1al3DubJhH+qL12h6cbzSysziaDujGb3HZhbnCz9WFieXypeOw6SarZbF+czivCx2bXSwhTMzi60rzixqigDAxAVl8Un3Ba78NnT/dFuEjpvouufCfY5L13+n22m/Lsvud2keH1u/8LlfcOm2096CeOY4jMa3PLM4u2dxoSwujOPcPYvr3475Whf8foymCADMPWVmkedZbJBX3v5kpvQ5fN8BgDll8fZuXRaX5jyfyjcdAFikLOI7DgCsUhbvnW83AHCGsnjXfK8BgPOUxfvlGw0APGq5LHIPNoocALAnhZlFAADWKIsAAKxSFgEAWKUsAgCwSlkEAGCVsggAwCplEQCAVcoiAACrlEUAAFYpiwAArFIWAQBYpSwCALAqZ1ksBrYeC3kUDGz93eA6ts5RLFt/N7iaraMUy1WO5+nB/Kk9Oh6Xt7/zVve/ax0pKIriT774H//ki//xT7/02T/90mf/7Muf+7Mvf+7Pv/Kf/vwr/+nrf/y7X//j3/2Lr/7eX3z19/7ya7//jbc+/423Pv/N//oH3/yvf/BX/+0P/+q//eG3/uSPvvUnf/TtP/3Ct//0C9/5s/98/N9f//l/+es//y9/8/XD33z98Ld/8cW//Ysv/t1ffunv/vJL3/3Gl7/7jS///Te/8vff/Mo//NUff+9bX/3et776/W9/7fvf/tow2xv+z89UGlIt1SkJ9nWDnbAsOgVwI84+fqbykWqpTkmwrxvsVGVxsSkej9RnPv2Zz3z6M1sPkH1z9pn/TPmx2jupluqUBPu6wb6LstgdrK0HyL45+/hYzUeqpTolwb5usJVFuJSzj4/VfKRaqlMS7OsG+77KolMAL3Gjs8///r7uV9be8dHffuLZ5xPvffdHfnOnZx8iuNVn6m/9xJuDX8Z818/8xkWp3ijPUp3Pc4L9//x37xz+CvE//l+eVhb/1Xve9XP/9zTYT4r0bfKvLC5Y+wUXpwBe7iYfq7/6Q8X7fvF09vmtn3zXO3/q9+/mP1WJ4IZl8X2/2H6m/sZH31l84F9KNa/nmWXxH//PbbD/7Yd/8Ac+/P+aWeyP5+nB/Kk96v6TYHiYnAK4ipt8rP5/P/HmD/7E703PPp/++dN/4b7jn332j7/3ra9+79d/+N1vvlEURVG88bHPvfX2d956+3MfevebH/pC/1+iv/mx00zOcYHJlxHPPkTwKmXxS3/3a+8pfuSXv/uNT/+zNti/8Nmvfu9bX/3Uj77xC5/72uZ5lup8rlYWf+WH3vzBHyiK4v2/+n/9Tz94Khg/9mtf/Nu/+OIn3/eOj/72l777jS9/93d+6l3v/O//oJtZ/Ow/fXfRxvUj80gXH/zEW29/5623P/He9qxenJbp8j9/qVv9/e/94Jsf+oKyeBWf+fRnutbYHSM//7zQ7S/YnS5Df/5n3/Gun/3033/zK3//zf/tx4sf/j++9dXv/foPFz/6L77/7a+9/Yn3Fu//+NvfeesLH3njg5/oTy5f+Mgbx+ff/tyH3v3+j3/hI2+0p5iPf7B476d8rLLilcrib//Uu37klz//s+9418995u+/+ZV/+KtTsL//ifcWP/ovNs+zVOfz8svQb/4P//bbf/qF7/zKDxX/5H/9zp/959/96R8o/skv/s3XD3/z9V/8seIf/eu/+OLf/dp7ivf90ne/8eXP/+w7PvCv+svQf/jhN378E9PL0H2kuwx/4r3FsfYd/0tpXBYnL/U/At1LyuLLHQ/KpCn6+eeFbvWx2l/X+KUfK97zyb/80id/ZHDGOs7B/PoPv/vD/+H73/7a29/5zY+9+d5PDU43xzPIp97f/tfqd946fjlw/ckYH6tpvObM4jjYb/zCZ7/6/W//h18IkGepzufFM4ttsH/lh978H//PY1l8/68eT9f/7qPvfMdHf+t4f8V7PvmNX/5A8Z5/M7pn8Z//+Gxm8fSfQ9956+3v/ObH3nzjY58b3qH48Q/OyuLkpU+9v4v9x80sXpmffK7rFh+rv/vTP/DmT/+7tiz++4++8z2fHM0stjfB9GXxrS985I0Pvn96Tun/u/NzH3r3mx/6VD8T42OVc16lLJ7uWRzMLPa3dv3Rh7fPs1Tnc4uyOJ1Z/Msv/f7PvOMDP/Ke0+l6/gsun3hvdx15cWbx8rJoZvGG0rwRgrjRx+rgt6GLH/u1yT2LRdFehu7K4tuf+9C7u8mVx+/xKgqXoVl3+5srTsH+7je+PLhn8RTs73/7a98PkGepzufqZfGv/3x6z+Lp/oriHT//O6Pfhv7DD7/Rz4Kfv2fx4rLonsUbSvNGCOJWH6v3+ut1RCDVUp1SsmCPZhZPM5TK4pWkeSMEkezs42OVB6mW6qTSBfvjH3zuPbvK4lRx1tajY/fSnX18rCLVUp2TYF832KnK4kSaN0IQzj4+VvORaqlOSbCvG2xlES7l7ONjNR+pluqUBPu6wVYW4VLOPj5W85FqqU5JsK8bbGURLuXs42M1H6mW6pRuGux/3f97Z+/4+d+5i2BnLotwXT5WfazmI9VSndINg/2r/6h43y/1/87iO3/q83cQ7LRl0W9Ac3U+Vn2s5iPVUp3SDYP9Wz/xrnf+5O9Ng/2Z9h+cP/4dy699/xPvffebb4z+sZvTH3qe/IPzb73dLjn8E5fRgp25LD5keS8E4WPVx2o+Ui3VKd022L/1k+8aX4b+g597x7t+7jP/8Fd//L1v/fMfL374U9/+2ve7fz27fXD889D9P689+Lt/T/13tpXF6+jf1f7fC3H4WPWxmo9US3VKrxXsX/pA8Z5PfuPL/+ZHhv+s8xu/8LmvfX/0tyvf+6m2Gn7q/aMlP/a54R/3ixvs5GXxIcXbIQgfqz5W85FqqU7pdsH+vZ/+gXf9zL9vg/0bP//O93xyNLPYBntQAb/wkTc++P7Tl4OZxfZ/yuImJuPf+9shDh+rPlbzkWqpTum1fhu6+MC/nNyzWBTtZei+An7uQ+/u/0xfd89iUbSXoZXFDczHv/d3RBA+Vn2s5iPVUp2SYF832NnK4uLgd/2OiMPZx8dqPlIt1SkJ9nWDfRdl8czzcDlnHx+r+Ui1VKck2NcNdqqyeGbk+31TxOHs42M1H6mW6pQE+7rBvpey+Oir8ChnHx+r+Ui1VKck2NcNdqqyCDfl7ONjNR+pluqUBPu6wVYW4VLOPj5W85FqqU5JsK8bbGURLuXs42M1H6mW6pQE+7rBVhbhUs4+PlbzkWqpTkmwrxtsZREu5ezjYzUfqZbqlAT7usFWFuFSzj4+VvORaqlOSbCvG2xlES7l7ONjNR+pluqUBPu6wd5zWTzUZdUMvyrrw4bDIT1nHx+r+Ui1V
</p>
<p>
<strong>Note:</strong> When downloading privileges using this command, a sequential list of full or partial privilege IDs will be returned together with the
corresponding include or exclude flags. The above mentioned algorithm of determining user privileges must be implemented by the service, if this method is
to be used.
</p>
<example caption='Download all user privileges'>
<![CDATA[
<!-- user connects to service -->
<iq type='get'
from='service@example.org/service'
to='provisioning.example.org'
id='28'>
<canAccess xmlns='urn:xmpp:iot:provisioning' serviceToken='SERVICETOKEN1'>
<credentials type='IpAddress' value='10.0.0.1'/>
<credentials type='Longitude' value='123.45'/>
<credentials type='Latitude' value='67.89'/>
</canAccess>
</iq>
<iq type='result'
from='provisioning.example.org'
to='service@example.org/service'
id='28'>
<canAccessResponse xmlns='urn:xmpp:iot:provisioning' userToken='USERTOKEN1' result='true'/>
</iq>
<!-- user performs login into service -->
<message from='service@example.org/service'
to='provisioning.example.org'>
<userLoggedIn xmlns='urn:xmpp:iot:provisioning' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1' userName='Kermit' />
</message>
<iq type='get'
from='service@example.org/service'
to='provisioning.example.org'
id='29'>
<downloadPrivileges xmlns='urn:xmpp:iot:provisioning' serviceToken='SERVICETOKEN1' userToken='USERTOKEN1'/>
</iq>
2017-05-20 10:38:03 -04:00
<iq type='result'
from='provisioning.example.org'
to='service@example.org/service'
id='29'>
<downloadPrivilegesResponse>
<exclude id='Sensors.Delete'/>
<include id='Sensors'/>
</downloadPrivilegesResponse>
</iq>
<!-- user performs actions without interaction with the provisioning server -->]]>
</example>
<p>
<strong>Note:</strong> If the user or service has not been correctly identified, logged in, etc., the resulting list must only include privileges
that default users that are not logged in can have. This list can be empty.
</p>
</section3>
</section2>
</section1>
<section1 topic='Determining Support' anchor='support'>
<p>
If an entity is a Provisioning Server and supports the protocol specified herein, it MUST advertise that fact by returning a feature of "urn:xmpp:iot:provisioning"
in response to &xep0030; information requests.
</p>
<example caption="Service discovery information request">
<![CDATA[
<iq type='get'
from='device@example.org/device'
to='provisioning.example.org'
id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>]]>
</example>
<example caption="Service discovery information response">
<![CDATA[
<iq type='result'
from='provisioning.example.org'
to='device@example.org/device'
id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'>
...
<feature var='urn:xmpp:iot:provisioning'/>
...
</query>
</iq>]]>
</example>
<p>
In order for an application to determine whether an entity supports this protocol, where possible it SHOULD use the dynamic, presence-based profile of service discovery defined
in &xep0115;. However, if an application has not received entity capabilities information from an entity, it SHOULD use explicit service discovery instead.
</p>
</section1>
<section1 topic='Implementation Notes' anchor='impl'>
<section2 topic='JID vs Component Provisioning Servers' anchor='jidvscomponent'>
<p>
A client must treat the connection between a Provisioning Server differently if it is hosted as a client, having a JID, or if it is hosted as a Jabber Server Component.
If it is hosted as a server component, there's no need for the thing to become friends with the Provisioning Server. Messages and requests can be made directly to the
server component without having to add it to the roster or request presence subscriptions. If the Provisioning Server is hosted as a client, having a JID (@ in the address),
the Provisioning Server must be added to the roster of the client before the client can communicate with the Provisioning Server.
</p>
</section2>
<section2 topic='Caching and cache time' anchor='cache'>
<p>
To minimize network traffic, and optimize response time, devices should cache access rights and user privileges provided by the provisioning server. If memory is limited,
items in the cache should be ordered by last access, and items with the oldest last access timestamp should be removed first. A safety valve can optionally be implemented as well,
removing unused cache items after a certain age, even if memory is available.
</p>
<p>
The device can assume that access rights and user privileges on the provisioning server do not change over time, unless the provisioning server says so.
</p>
<p>
The provisioning server on the other hand, must keep track of when a device is online and offline, and clear the cache of the device if changes are made that affects the device.
If the device was offline when those changes occurred, the provisioning server must send the clear cache command as soon as the device comes online again.
</p>
<p>
When creating a new trust relationship, the device should always clear its cache, if it contains information from before.
</p>
<p>
To minimize stress of the provisioning server during synchronous sensor start up, for instance after a power failure, all clients should aim to persist its cache if possible. Clients
not persisting its cache may produce too much stress on the provisioning server on start-up, practically removing it from the network.
</p>
</section2>
<section2 topic='Working with multiple provisioning servers' anchor='multipleprovisioningservers'>
<p>
When working with multiple provisioning servers, there are some things that should be considered:
</p>
<ul>
<li>
When a device requests information from the provisioning servers, this can be done in a parallel fashion. Even though the provisioning servers
were added in a sequential fashion, there is no order or priority between the servers.
</li>
<li>
When receiving different responses from different servers, with regards to access rights, privileges, relationships, etc.,
the union of rights, or the most forgiving or most accepting response should be used. If one of the servers grant a privilege, the privilege is assumed
to exist. If one of the servers grant a friendship request, the friendship request should be granted, etc. Most probably, different servers will manage
different subsets of entities on the network, and when they receive questions about unrecognized devices, they will simply deny access.
</li>
<li>
If a provisioning server requires total control of the network, it should not allow secondary trust relationships. However, if such a server enters a network
and there exist previous provisioning servers (i.e. they accept secondary trust relationships), more trust relationships are assumed to be acceptable.
</li>
<li>
Even though examples in this document only list a secondary trust relationship, there is no such limit. There may exist many different trust relationships in a network
or for a given device.
</li>
</ul>
</section2>
<section2 topic='Automatic aggregation of services, users and privileges' anchor='aggregationservices'>
<p>
One important design consideration when implementing a provisioning server is how to handle new services, users and privileges. One option might be to automatically
ignore anything not recognized. Another option might be to dynamically add new services, user names and privileges to internal data sources, making it easier to manage
new types of services dynamically. However, adding such items automatically might also make such data sources grow beyond control.
</p>
</section2>
<section2 topic='Reading devices from large subsystems' anchor='largesubsystems'>
<p>
All examples in this document have been simplified examples where a few devices containing a few fields have been read. However, in many cases large subsystems with
very many sensors containing many fields have to be read, as is documented in <link url='http://xmpp.org/extensions/xep-0326.html'>Internet of Things - Concentrators</link>
<link url='http://xmpp.org/extensions/xep-0326.html'>Internet of Things - Concentrators</link>. In such cases, a node may have to be specified using two or perhaps
even three ID's: a <strong>sourceId</strong> identifying the data source controlling the device, a possible <strong>cacheType</strong> narrowing down the search to
a specific kind of node, and the common <strong>nodeId</strong>. For more information about this, see
<link url='http://xmpp.org/extensions/xep-0326.html'>Internet of Things - Concentrators</link>.
</p>
<p>
<strong>Note:</strong> For cases where the <strong>nodeId</strong> is sufficient to uniquely identify the node, it is sufficient to provide this attribute in the request.
If there is ambiguity in the request, the receptor must treat the request as a request with a set of nodes, all with the corresponding <strong>nodeId</strong> as requested.
</p>
</section2>
<section2 topic='Different types of tokens' anchor='tokentypes'>
<p>
A small note regarding the use of different tokens. A service can get a <strong>Service Token</strong>, a device a <strong>Device Token</strong> and a user
a <strong>User Token</strong>. When delegating these tokens to third parties, a service sends its <strong>Service Token</strong>. But, if the service does this
within the context of a user action, the service sends both its <strong>Service Token</strong> and the users <strong>User Token</strong>. The same with a device.
If a device delegates its token to a third party, it sends its <strong>Device Token</strong>. But if the device performs the action in the context of a user action,
the device sends both its <strong>Device Token</strong> as well as its <strong>User Token</strong>.
</p>
</section2>
</section1>
<section1 topic='Security Considerations' anchor='security'>
<section2 topic='Trust Delegation' anchor='sectrustdelegation'>
<p>
Delegating trust to a third party may create a weak link in the overall security of a sensor network. Therefore, it's vitally important that the following be adhered to:
</p>
<ul>
<li>
Trust should only be delegated in a secure way. Once delegated, it should be able to lock this trust so it cannot be changed without reverting the device to
factory default settings. Such a locked delegation mode can be likened with a production mode, where vital configuration parameters should not be able to be changed.
</li>
<li>
If allowing installation using a LED, as above, make sure the LED does not light up for a long time, limiting the window of access where the sensor can be linked to a
provisioning server.
</li>
<li>
Provisioning servers should be monitored during operation, since it provides a vital link in the operation of the network.
</li>
<li>
Multiple provisioning servers could be allowed, for redundancy or for scalability. This specification does not limit the number of provisioning servers used in a network,
not used by a device. Examples in this specification use only one provisioning server for simplicity.
</li>
<li>
Generally, take care what kind of provisioning servers you allow in a network.
</li>
</ul>
</section2>
<section2 topic='Token Challenges' anchor='sectokenchallenges'>
<p>
When receiving token challenges from somebody, make sure you've sent the corresponding token to the corresponding party less than a minute before receiving the token
challenge. If not, the token challenge might represent a malicious attempt by somebody else to use the token to gain privileges in the network otherwise not enjoyed.
</p>
</section2>
</section1>
<section1 topic='IANA Considerations' anchor='iana'>
<p>This document requires no interaction with &IANA;.</p>
</section1>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
<p>
The <link url="#schema">protocol schema</link> needs to be added to the list of <link url="http://xmpp.org/resources/schemas/">XMPP protocol schemas</link>.
</p>
</section1>
<section1 topic='XML Schema' anchor='schema'>
<code>
<![CDATA[
<?xml version='1.0' encoding='UTF-8'?>
<xs:schema
xmlns:xs='http://www.w3.org/2001/XMLSchema'
targetNamespace='urn:xmpp:iot:provisioning'
xmlns='urn:xmpp:iot:provisioning'
xmlns:sn='urn:xmpp:iot:sensordata'
elementFormDefault='qualified'>
<xs:import namespace='urn:xmpp:iot:sensordata'/>
<xs:element name='getToken' type='xs:base64Binary'/>
<xs:element name='getTokenChallenge' type='GetTokenChallengeResponse'/>
<xs:element name='getTokenChallengeResponse' type='GetTokenChallengeResponse'/>
<xs:element name='getTokenResponse' type='GetTokenResponse'/>
<xs:element name='tokenChallenge' type='TokenChallenge'/>
<xs:element name='tokenChallengeResponse' type='xs:base64Binary'/>
<xs:element name='isFriend' type='Friend'/>
<xs:element name='isFriendResponse' type='FriendResponse'/>
<xs:element name='unfriend' type='Friend'/>
<xs:element name='friend' type='Friend'/>
<xs:element name='canRead' type='CanRead'/>
<xs:element name='canReadResponse' type='CanReadResponse'/>
<xs:element name='canControl' type='CanControl'/>
<xs:element name='canControlResponse' type='CanControlResponse'/>
<xs:element name='clearCache'>
<xs:complexType/>
</xs:element>
<xs:element name='clearCacheResponse'>
<xs:complexType/>
</xs:element>
<xs:element name='canAccess'>
<xs:complexType>
<xs:choice minOccurs='0' maxOccurs='unbounded'>
<xs:element name='jid' type='JidCredential'/>
<xs:element name='ip4' type='Ip4Credential'/>
<xs:element name='ip6' type='Ip6Credential'/>
<xs:element name='hostName' type='HostNameCredential'/>
<xs:element name='x509Certificate' type='X509CertificateCredential'/>
<xs:element name='x509CertificateThumbprint' type='X509CertificateThumbprintCredential'/>
<xs:element name='userName' type='UserNameCredential'/>
<xs:element name='longitude' type='LongitudeCredential'/>
<xs:element name='latitude' type='LatitudeCredential'/>
<xs:element name='altitude' type='AltitudeCredential'/>
<xs:element name='sso' type='SsoCredential'/>
<xs:element name='protocol' type='ProtocolCredential'/>
</xs:choice>
<xs:attribute name='serviceToken' type='xs:string' use='required'/>
2013-04-16 15:46:58 -04:00
</xs:complexType>
2017-05-20 10:38:03 -04:00
</xs:element>
2017-05-20 10:38:03 -04:00
<xs:element name='canAccessResponse'>
<xs:complexType>
<xs:attribute name='result' type='xs:boolean' use='required'/>
<xs:attribute name='userToken' type='xs:string' use='optional'/>
2013-04-16 15:46:58 -04:00
</xs:complexType>
2017-05-20 10:38:03 -04:00
</xs:element>
2017-05-20 10:38:03 -04:00
<xs:element name='userLoggedIn'>
<xs:complexType>
<xs:attribute name='serviceToken' type='xs:string' use='required'/>
<xs:attribute name='userToken' type='xs:string' use='required'/>
<xs:attribute name='userName' type='xs:string' use='required'/>
2013-04-16 15:46:58 -04:00
</xs:complexType>
2017-05-20 10:38:03 -04:00
</xs:element>
2017-05-20 10:38:03 -04:00
<xs:element name='hasPrivilege'>
<xs:complexType>
<xs:attribute name='serviceToken' type='xs:string' use='required'/>
<xs:attribute name='userToken' type='xs:string' use='required'/>
<xs:attribute name='privilegeId' type='PrivilegeId' use='required'/>
2013-04-16 15:46:58 -04:00
</xs:complexType>
2017-05-20 10:38:03 -04:00
</xs:element>
2017-05-20 10:38:03 -04:00
<xs:element name='hasPrivilegeResponse'>
<xs:complexType>
<xs:attribute name='result' type='xs:boolean' use='required'/>
2013-04-16 15:46:58 -04:00
</xs:complexType>
2017-05-20 10:38:03 -04:00
</xs:element>
2017-05-20 10:38:03 -04:00
<xs:element name='downloadPrivileges'>
<xs:complexType>
<xs:attribute name='serviceToken' type='xs:string' use='required'/>
<xs:attribute name='userToken' type='xs:string' use='required'/>
</xs:complexType>
</xs:element>
<xs:element name='downloadPrivilegesResponse'>
<xs:complexType>
<xs:choice minOccurs='0' maxOccurs='unbounded'>
<xs:element name='include' type='Privilege'/>
<xs:element name='exclude' type='Privilege'/>
</xs:choice>
</xs:complexType>
</xs:element>
<xs:complexType name='GetTokenResponse'>
<xs:attribute name='token' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='GetTokenChallengeResponse'>
<xs:simpleContent>
<xs:extension base='xs:base64Binary'>
<xs:attribute name='seqnr' type='xs:int' use='required'/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:complexType name='TokenChallenge'>
<xs:simpleContent>
<xs:extension base='xs:base64Binary'>
<xs:attribute name='token' type='xs:string' use='required'/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:complexType name='Friend'>
<xs:attribute name='jid' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='FriendResponse'>
<xs:complexContent>
<xs:extension base='Friend'>
<xs:attribute name='result' type='xs:boolean' use='required'/>
<xs:attribute name='secondaryTrustAllowed' type='xs:boolean' use='optional' default='false'/>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:complexType name='CanReadBase' abstract='true'>
<xs:choice minOccurs='0' maxOccurs='unbounded'>
<xs:element name='node'>
<xs:complexType>
<xs:attribute name='nodeId' type='xs:string' use='required'/>
<xs:attribute name='sourceId' type='xs:string' use='optional'/>
<xs:attribute name='cacheType' type='xs:string' use='optional'/>
</xs:complexType>
</xs:element>
<xs:element name='field'>
<xs:complexType>
<xs:attribute name='name' type='xs:string' use='required'/>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:attributeGroup ref='sn:fieldTypes'/>
<xs:attribute name='all' type='xs:boolean' use='optional' default='false'/>
<xs:attribute name='historical' type='xs:boolean' use='optional' default='false'/>
<xs:attribute name='jid' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='CanRead'>
<xs:complexContent>
<xs:extension base='CanReadBase'>
<xs:attributeGroup ref='tokens'/>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:attributeGroup name='tokens'>
<xs:attribute name='serviceToken' type='xs:string' use='optional'/>
<xs:attribute name='userToken' type='xs:string' use='optional'/>
<xs:attribute name='deviceToken' type='xs:string' use='optional'/>
</xs:attributeGroup>
<xs:complexType name='CanReadResponse'>
<xs:complexContent>
<xs:extension base='CanReadBase'>
<xs:attribute name='result' type='xs:boolean' use='required'/>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:complexType name='CanControlBase' abstract='true'>
<xs:choice minOccurs='0' maxOccurs='unbounded'>
<xs:element name='node'>
<xs:complexType>
<xs:attribute name='nodeId' type='xs:string' use='required'/>
<xs:attribute name='sourceId' type='xs:string' use='optional'/>
<xs:attribute name='cacheType' type='xs:string' use='optional'/>
</xs:complexType>
</xs:element>
<xs:element name='parameter'>
<xs:complexType>
<xs:attribute name='name' type='xs:string' use='required'/>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:attribute name='jid' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='CanControl'>
<xs:complexContent>
<xs:extension base='CanControlBase'>
<xs:attributeGroup ref='tokens'/>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:complexType name='CanControlResponse'>
<xs:complexContent>
<xs:extension base='CanControlBase'>
<xs:attribute name='result' type='xs:boolean' use='required'/>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:complexType name='JidCredential'>
<xs:attribute name='value' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='Ip4Credential'>
<xs:attribute name='value' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='Ip6Credential'>
<xs:attribute name='value' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='HostNameCredential'>
<xs:attribute name='value' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='X509CertificateCredential'>
<xs:attribute name='base64' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='X509CertificateThumbprintCredential'>
<xs:attribute name='base64' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='UserNameCredential'>
<xs:attribute name='value' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='LongitudeCredential'>
<xs:attribute name='value' type='xs:double' use='required'/>
</xs:complexType>
<xs:complexType name='LatitudeCredential'>
<xs:attribute name='value' type='xs:double' use='required'/>
</xs:complexType>
<xs:complexType name='AltitudeCredential'>
<xs:attribute name='value' type='xs:double' use='required'/>
</xs:complexType>
<xs:complexType name='SsoCredential'>
<xs:attribute name='value' type='xs:string' use='required'/>
</xs:complexType>
<xs:complexType name='ProtocolCredential'>
<xs:attribute name='value' type='ProtocolName' use='required'/>
</xs:complexType>
<xs:complexType name='Privilege'>
<xs:attribute name='id' type='PrivilegeId' use='required'/>
</xs:complexType>
<xs:simpleType name='ProtocolName'>
<xs:restriction base='xs:string'>
<xs:enumeration value='XMPP'/>
<xs:enumeration value='HTTP'/>
<xs:enumeration value='HTTPS'/>
<xs:enumeration value='TcpSocket'/>
<xs:enumeration value='UdpSocket'/>
<xs:enumeration value='Queue'/>
<xs:enumeration value='Internal'/>
<xs:enumeration value='Other'/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name='PrivilegeId'>
<xs:restriction base='xs:string'>
<xs:pattern value='^[^.]+([.][^.]+)*$'/>
</xs:restriction>
</xs:simpleType>
2013-04-16 15:46:58 -04:00
</xs:schema>]]>
2017-05-20 10:38:03 -04:00
</code>
</section1>
<section1 topic='For more information' anchor='moreinfo'>
<p>
For more information, please see the following resources:
</p>
<ul>
<li>
<p>
The <link url='http://wiki.xmpp.org/web/Tech_pages/SensorNetworks'>Sensor Network section of the XMPP Wiki</link> contains further information about the
use of the sensor network XEPs, links to implementations, discussions, etc.
</p>
</li>
<li>
<p>
The XEP's and related projects are also available on <link url='https://github.com/joachimlindborg/'>github</link>, thanks to Joachim Lindborg.
</p>
</li>
<li>
<p>
A presentation giving an overview of all extensions related to Internet of Things can be found here:
<link url='http://prezi.com/esosntqhewhs/iot-xmpp/'>http://prezi.com/esosntqhewhs/iot-xmpp/</link>.
</p>
</li>
</ul>
</section1>
<section1 topic='Acknowledgements' anchor='ack'>
<p>Thanks to Joachim Lindborg, Karin Forsell, Tina Beckman and Teemu Väisänen for all valuable feedback.</p>
</section1>
2013-04-16 16:07:31 -04:00
</xep>