<remark><p>Per a vote of the XMPP Council, advanced specification from Experimental to Draft; simultaneously the XMPP Registrar issued a namespace of "urn:xmpp:pie:0".</p></remark>
<remark><p>Modified to include feedback received during the initial Last Call. Added sections for privacy lists and incoming subscriptions, as well as text on XInclude security.</p></remark>
<remark><p>Initial published version.</p></remark>
</revision>
<revision>
<version>0.0.1</version>
<date>2007-07-27</date>
<initials>mh</initials>
<remark><p>Initial version.</p></remark>
</revision>
</header>
<section1topic='Introduction'anchor='intro'>
<p>Different implementations of XMPP-IM servers store user data in various ways, and many implementations have more than one storage format. This leads to problems when a server administrator wants to switch to another implementation or storage format -- the implementation is as likely as not to have an import mechanism that can read the user data in its current form. This document attempts to solve that problem by defining a common file format for import and export of user data in XMPP-IM servers.</p>
</section1>
<section1topic='Requirements'anchor='reqs'>
<p>The following constraints are imposed on this standard:</p>
<ul>
<li>
<p>The file format is XML-based.</p>
<p>XMPP-IM servers already have tools to process XML data. This also allows extension of the format using namespaces. Furthermore, some of the data that needs to be stored is by definition already in XML form.</p>
<p>All user data is stored, but no server configuration data.</p>
<p>User data has similar form throughout the XMPP world, but server configuration is implementation-specific. Therefore this specification does not attempt to transfer any aspects of the server configuration from one server to another.</p>
<p>Furthermore, the contents of MUC, Pubsub and other services are out of scope for this specification.</p>
</li>
<li>
<p>Multiple virtual hosts are supported.</p>
<p>Many server implementations can serve several hostnames in a single server instance. Thus this specification allows storing data from several virtual hosts.</p>
<p>At any point in the file, an exporting server may put elements qualified by a namespace not mentioned in this specification. The exported data SHOULD be meaningful without the extensions. An importing server that encounters a namespace that it doesn't understand, or otherwise is unable to import all given data, SHOULD ignore the unknown data, SHOULD notify the operator, and MAY offer to terminate the process.</p>
<p>The child elements of the <server-data/> elements are <host/> elements. Each <host/> element describes a virtual host, and has a 'jid' attribute that contains its JID.</p>
<p>An importing server MAY automatically adjust its list of virtual hosts to fit the ones present in the data being imported. If it does not, it SHOULD notify the operator about any mismatch.</p>
<p>Each user is represented by a <user/> element under the <host/> element. The <user/> element MUST have a 'name' attribute, which contains the node part of the user's JID, and SHOULD have a 'password' attribute, which contains the user's password.</p>
<p>Each <user/> element SHOULD contain the user's roster in the form of a <query/> element qualified by the 'jabber:iq:roster' namespace. This element contains the user's roster in the same format as when retrieving the roster from the server, as described in section 7.3 of &xmppim;.</p>
<p>If the exporting server stores messages received while the user was offline, it SHOULD include an <offline-messages/> element as a child of the <user/> element. This element contains all the stored messages to the user, if any, as <message/> elements qualified by the 'jabber:client' namespace, starting with the oldest.</p>
<section2topic='Private XML Storage'anchor='privatexmlstorage'>
<p>Private data stored by the server as specified in &xep0049; is represented in this format by including a <query/> element qualified by the 'jabber:iq:private' namespace as a child of the <user/> element. This <query/> element in turn contains all elements saved in private XML storage.</p>
<p>By &xep0054;, users can store vCards on the server. In this specification, vCards are child elements of the <user/> element, namely a <vCard/> element qualified by the 'vcard-temp' namespace.</p>
<p>Privacy lists, as specified in &xep0016;, are represented in this format by including a <query/> element qualified by the 'jabber:iq:privacy' namespace as a child of the <user/> element. This element should contain all privacy lists associated with the user. A default privacy list, if set, is specified by including a <default/> element as a child of the <query/> element.</p>
<p>Each <user/> element SHOULD contain pending incoming subscription requests associated with the user's account. Incoming subscription requests are represented by including <presence/> elements qualified by the 'jabber:client' namespace with the 'type' attribute set to a value of 'subscribe' as children of the <user/> element.</p>
<p>An exporting server may split the data in several files by using the XInclude <include/> element. An importing server MUST support <include/> elements having an 'href' attribute containing a relative URI, having no 'parse' attribute, and having no 'xpointer' attribute; it MAY support other kinds of <include/> elements. An exporting server SHOULD NOT include and an importing server SHOULD NOT process <include/> elements which are descendants, but not children of the <user/> element (since these may be part of user data).</p>
<p>The main file contains the <server-data/> element, which contains nothing but one <include/> element for each host. The file included for a certain host is placed in the same directory as the main file, and is named by appending ".xml" to the JID of the host, e.g. "capulet.com.xml".</p>
<p>Each host file contains a <host/> element, which contains nothing but one <include/> element for each user of the host. The file included for a certain user is placed in a subdirectory whose name is the JID of the host, and is named by appending ".xml" to the node part of the user's JID, e.g. "capulet.com/juliet.xml".</p>
<p>The definition of JIDs ensures that this generates valid file names on traditional Unix-like file systems, except for possible length constraints. However, various constraints may force an exporting server to alter this scheme. In any case, the importing server MUST NOT rely on this layout, but MUST do proper XInclude processing.</p>
<p>Exported data files are to be handled with care, since they contain data that users expect to be protected, in particular passwords. An exporting server SHOULD make sure that the generated file is not accessible to unauthorized persons, e.g. by enforcing strict file permissions.</p>
<p>XInclude <include/> elements which are indirect descendants of the <user/> element SHOULD be treated as opaque user data, and SHOULD NOT be processed.</p>