<abstract>This document defines an XMPP protocol extension for exchanging user avatars, which are small images or icons associated with human users. The protocol specifies payload formats for both avatar metadata and the image data itself. The payload formats are typically transported using the personal eventing profile of XMPP publish-subscribe as specified in XEP-0163.</abstract>
<remark><p>Per a vote of the XMPP Council, advanced status to Draft; concurrently, the XMPP Registrar issued the urn:xmpp:avatar:data and urn:xmpp:avatar:metadata namespaces.</p></remark>
<remark><p>Changed height and width attributes from required to recommended; updated security considerations to reflect problems with SHA-1; further specified datatypes.</p></remark>
<remark><p>Updated to reflect pubsub and PEP changes; added implementation notes about multiple resources and avatar synchronization; modified experimental namespaces to conform to XEP-0053.</p></remark>
<remark><p>Updated to reflect pubsub and PEP changes; added implementation notes about multiple resources and avatar synchronization.</p></remark>
</revision>
<revision>
<version>0.7</version>
<date>2006-01-17</date>
<initials>psa</initials>
<remark><p>Updated to use PEP.</p></remark>
</revision>
<revision>
<version>0.6</version>
<date>2005-04-13</date>
<initials>psa</initials>
<remark><p>Major modification per list discussion: specified that metadata may include the same avatar in multiple alternate formats; allowed pointers to third-party avatars not available via pubsub or HTTP; changed pixel size restrictions; specified that bytes, content-type, height, id, and width are required metadata; changed type attribute to content-type; made explicit that URLs can be http: or https: URIs; more fully specified protocol, updated the examples, updated the schemas.</p></remark>
</revision>
<revision>
<version>0.5</version>
<date>2005-03-28</date>
<initials>psa/pgm</initials>
<remark><p>Friendly fork per Council discussion: allowed data to be stored in a pubsub data repository or at a URL accessible via HTTP; also split text into publisher and subscriber use cases, specified requirements, added more examples, etc.</p></remark>
</revision>
<revision>
<version>0.4</version>
<date>2003-05-20</date>
<initials>tjm</initials>
<remark><p>Lessen the image requirements. Include the content type in info.</p></remark>
</revision>
<revision>
<version>0.3</version>
<date>2003-05-08</date>
<initials>tjm</initials>
<remark><p>Drastic change to use two nodes on pubsub, allowing for hash updates independently of the data. This makes client caching much easier. Allow only PNG and MNG currently.</p></remark>
</revision>
<revision>
<version>0.2</version>
<date>2003-05-07</date>
<initials>tjm</initials>
<remark><p>Clarified the use of "current" as the item id. Fixed some example errors. Made the interaction with disco more clear. The reason to use pubsub is made more clear as well.</p></remark>
<p>Many communication applications allow for the association of a small image or icon with a user of that application. Usually, such an "avatar" is not intended to be an accurate picture of the user's actual physical appearance, but rather a representation (often fanciful) of the user's desired self-image or a transient state of the user (such as a mood or activity). This document defines a way to incorporate avatars into current Jabber/XMPP systems by layering this functionality on top of the XMPP &xep0060; extension ("pubsub"), specifically the &xep0163; subset ("PEP"), which is designed for use in the context of XMPP instant messaging and presence systems that conform to &rfc3921;.</p>
<p>The protocol defined herein uses two pubsub nodes: one node for "metadata" about the avatar state (called the "metadata node") and one for the avatar data itself (called the "data node"). This separation of metadata from data conserves bandwidth and enables both the publisher and the subscriber to cache the avatar data. (For example, a user might toggle between two or three avatars, in which case the user's contacts can display a locally cached version of the images without having to retrieve or receive the full image each time.)</p>
<p>This protocol also allows storage of avatar data at a URL accessible via HTTP (see &rfc2616;). <note>By "accessible via HTTP" is meant that the data is available at an http: or https: URI.</note> This can be helpful as a fallback mechanism if a pubsub-aware data repository is not available. It also makes it possible for avatar images to be hosted on public websites (e.g., an end-user-oriented community site) and retrieved from that site rather than handled directly by the publishing client in any fashion.</p>
<p>Finally, this protocol also enables XMPP applications to optionally integrate with third-party services that host user avatars (e.g., online gaming systems and virtual worlds).</p>
<p>It is intended that this specification will supersede both &xep0008; and &xep0153; once the PEP subset of XMPP publish-subscribe is implemented and deployed widely enough.</p>
<li>User publishes avatar data for "image/png" content-type to data node and optionally publishes other content-types to HTTP URLs.</li>
<li>User publishes notification of updated avatar to metadata node, with ItemID that matches SHA-1 hash of image data for "image/png" content-type (note: this is a hash of the image data itself, not the base64-encoded version).</li>
<li>Subscribers receive notification.</li>
<li>Optionally (and if necessary), subscribers retrieve avatar data identified by ItemID from data node using pubsub retrieve-items feature (or via HTTP).</li>
<p>Note: Before publishing avatar data and metadata, the user MUST determine if his or her server supports the PEP subset of pubsub by following the procedures specified in <cite>XEP-0163</cite>, since such support simplifies avatar publication. The following examples assume the availability of a PEP service.</p>
<p>Before updating the avatar metadata node, the publisher MUST make sure that the avatar data is available at the data node or URL. When publishing the avatar data to the data node, the publisher MUST ensure that the value of the pubsub ItemID is a SHA-1 hash of the data for the "image/png" content-type (this is used by the subscriber to determine if a locally cached copy can be displayed).</p>
<p>If the avatar will be made available via HTTP instead of a pubsub data node, the publisher MUST either verify that the avatar exists at the HTTP URL or publish it via standard HTTP methods (such methods are out of scope for this specification; refer to <cite>RFC 2616</cite>).</p>
<p>The following example shows metadata specifying avatar data that is available in only one format ("image/png") and accessible only at the data node.</p>
<p>The user's virtual pubsub service would then send the metadata notification to entities that have subscribed to the user's metadata node or contacts who have advertised an interest in receiving avatar metadata by including a &xep0115; feature of "urn:xmpp:avatar:metadata+notify".</p>
<p>As shown, depending on node configuration, the item may include &xep0033; information about the publishing resource (see <cite>XEP-0060</cite> for details).</p>
<p>Upon receiving the notification, each subscriber SHOULD determine if it has a locally cached copy of that avatar (which it can do by searching for an image identified by the ItemID). If the subscriber already has a locally cached copy of the avatar image, it MUST NOT retrieve the image data.</p>
<p>If the subscriber does not have a locally cached copy of the avatar image, it SHOULD retrieve the data. It can do this by sending a pubsub retrieve-items request to the data node, specifying the appropriate ItemID.</p>
<p>If the <info/> element sent to the metadata node possesses a 'url' attribute, the avatar data is hosted at a URL. Therefore, in order to retrieve the avatar image data for that content-type, the requesting entity MUST send an HTTP request to the specified URL. Methods for doing so are out of scope for this specification (see <cite>RFC 2616</cite>).</p>
<p>In order to temporarily disable avatar publishing, the user publishes an empty <stop/> element to the metadata node (this item SHOULD NOT possess an ItemID).</p>
<p>The PEP subset of pubsub requires that there shall exist a one-to-one relationship between namespaces and nodes. Because the protocol defined herein stipulates the use of two nodes (one for avatar data and one for avatar metadata), we define two namespaces, each with a corresponding root element:</p>
<p>The <data/> element is used to communicate the avatar data itself, and only for the "image/png" content-type (support for which is REQUIRED).</p>
<p>The XML character data MUST represent the image data for the avatar with a content-type of "image/png", Base64-encoded in accordance with Section 4 of &rfc4648;. (Note: Line feeds SHOULD NOT be added but MUST be accepted.)</p>
<p>The <metadata/> element is used to communicate information about the avatar. There are three allowable children of the <metadata/> element:</p>
<p>The defined attributes of the <info/> element are specified in the following table.</p>
<tablecaption='Info Attributes'>
<tr>
<th>Name</th>
<th>Definition</th>
<th>Inclusion</th>
</tr>
<tr>
<td>bytes</td>
<td>The size of the image data in bytes.</td>
<td>REQUIRED</td>
</tr>
<tr>
<td>height</td>
<td>The height of the image in pixels.</td>
<td>RECOMMENDED</td>
</tr>
<tr>
<td>id</td>
<td>A hash of the image data for the specified content-type, where the hash is produced in accordance with the SHA-1 algorithm as specified in &rfc3174; (with binary output).</td>
<td>REQUIRED</td>
</tr>
<tr>
<td>type</td>
<td>The IANA-registered content type of the image data.</td>
<td>REQUIRED</td>
</tr>
<tr>
<td>url</td>
<td>The http: or https: URL at which the image data file is hosted; this attribute MUST NOT be included unless the image data file can be retrieved via HTTP.</td>
<p>The <metadata/> root element MAY contain more than one <info/> element. Each <info/> element MUST specify metadata for the same avatar image but in alternate content-types (e.g., "image/png", "image/gif", and "image/jpeg"), and one of the formats MUST be "image/png" to ensure interoperability. The value of the 'type' attribute MUST be an IANA-registered content type of type "image" or "video". <note>The IANA registry of content types is located at <<linkurl='http://www.iana.org/assignments/media-types/'>http://www.iana.org/assignments/media-types/</link>>.</note> Support for the "image/png" content type is REQUIRED. Support for the "image/gif" and "image/jpeg" content types is RECOMMENDED. Support for any other content type is OPTIONAL.</p>
<p>The <pointer/> child element is used to point to an avatar that is not published via pubsub or HTTP, but rather is provided by a third-party service such as an online gaming system or virtual world.</p>
<li><em>type</em> -- The IANA-registered content type of the image data.</li>
<li><em>width</em> -- The width of the image in pixels.</li>
</ul>
<p>The content of the <pointer/> element MUST be a properly-namespaced child element that specifies information about how to retrieve the avatar from the third-party service. The structure for any such child element is out of scope for this document.</p>
<p>Even if the <pointer> element is included, it MUST be preceded by at least one instance of the <info/> element so that implementations that do not support the <pointer/> element can display a "fallback" format of the avatar (at a minimum, "image/png").</p>
<p>Support for the <pointer/> element is OPTIONAL.</p>
<p>The following example shows metadata specifying avatar data that is available in multiple formats ("image/png", "image/gif", and "image/mng"), where the "image/png" content-type is available only at the data node and the other content-types are available HTTP URLs.</p>
<p>In the foregoing example, the image encapsulated in the "image/png" content type is available both at a pubsub data node and at an HTTP URL; therefore it is included twice (the second time with a 'url' attribute).</p>
<section2topic='Metadata With Pointer'anchor='examples-pointer'>
<p>The following example shows metadata specifying avatar data that is available in "image/png" at the data node and also with a pointer to an external service.</p>
<p>The pubsub "auto-subscribe" and "filtered-notifications" features enable a contact to automatically subscribe to a user's avatar. However, a contact can also explicitly determine if another user publishes avatars using this protocol by sending a &xep0030; items ("disco#items") request to the user's bare JID &LOCALBARE;.</p>
<p>The contact then MAY subscribe to the metadata node following the protocol specified in <cite>XEP-0060</cite>. However, the contact SHOULD NOT subscribe to the data node (instead, it SHOULD simply retrieve items from that node when needed, as described above).</p>
<p>If a user has multiple online resources at the same time, each resource MAY publish a different avatar. The PEP service SHOULD include the "replyto" address of the publishing resource as shown above in order to facilitate differentiation between per-resource avatars.</p>
<p>When a user logs in with a new resource and before publishing an avatar, its client SHOULD retrieve its last published avatar, either automatically by sending presence with the appropriate entity capabilities information (see <cite>XEP-0115</cite>) or using the "retrieve-items" method described in <cite>XEP-0060</cite>.</p>
<p>It is the responsibility of the receiving application to determine which avatar format to retrieve (e.g., "image/gif" rather than "image/png") and to determine the appropriate method for retrieval (e.g., HTTP rather than pubsub).</p>
<p>The receiving application SHOULD NOT scale up an image when displaying it.</p>
<p>If an avatar is not available for a contact, the receiving application MAY display the contact's photo, e.g., as provided in the contact's vCard (see &xep0054;) or other profile information.</p>
<p>See <cite>XEP-0060</cite> and <cite>XEP-0163</cite> regarding security considerations related to the underlying transport protocol.</p>
<p>It is possible that output of the SHA-1 hashing algorithm can result in collisions; however, the use of SHA-1 in producing a hash of the avatar data is not security-critical.</p>
<p>Peter Millard, a co-author of this specification from version 0.1 through version 0.7, died on April 26, 2006. The remaining authors are thankful for his work on user avatars.</p>