Further clarified server and client handling of stanzas during an invisibility session; updated RFC references.
Some instant messaging implementations of the Jabber/XMPP protocols have long supported the ability for IM users to be online but appear invisible. The existing protocols for doing so are:
+Some XMPP-based instant messaging systems have long supported the ability for users to be online but to appear invisible. The existing protocols for doing so are:
&xep0018; -- this protocol is not compatible with &xmppcore; and &xmppim;, and the specification does not provide reliable documentation of the protocol in use since many server implementations support presence of type "invisible" but not presence of type "visible".
&xep0018; -- this protocol is not compatible with &xmppcore; and &xmppim; (also, the specification does not provide reliable documentation of the protocol in use, since many server implementations support presence of type "invisible" but not presence of type "visible").
&xep0126; -- this protocol is a somewhat complicated use of &xep0016; for the temporary purpose of appearing invisible rather than the intended purpose of permanently blocking communications; however, the invisible command defined herein can provide a client-friendly interface to the same data store used for privacy lists.
In order to provide a standards-compliant protocol that can be used in the long term, this document defines an IQ-based protocol that enables an IM user to become "invisible" and "visible" at will within the context of a given session. This protocol is intended to supersede the protocol described in XEP-0018 and to provide a more client-friendly approach to invisibility than XEP-0126.
@@ -112,7 +118,7 @@In order for a client to go invisible, it shall send an IQ-set with no 'to' address (thus handled by the user's server) containing an <invisible/> element qualified by the 'urn:xmpp:invisible:0' namespace &VNOTE;.
+In order for a client to go invisible, it sends an IQ-set with no 'to' address (thus handled by the user's server) containing an <invisible/> element qualified by the 'urn:xmpp:invisible:0' namespace &VNOTE;.
(Standard XMPP stanza errors apply; see RFC 3920 and &xep0086;.)
-When the client enters invisible mode in the midst of a presence session (i.e., after having previously sent undirected presence with no 'type' attribute), the server MUST send &UNAVAILABLE; presence from the specified resource to all contacts who would receive unavailable presence if the client sent &UNAVAILABLE;.
-The following sections define how the server and the client shall handle inbound and outbound XML stanzas while the client is invisible.
+(Standard XMPP stanza errors apply; see RFC 6120.)
+When the client enters invisible mode in the midst of a presence session (i.e., after having previously sent undirected available presence with no 'type' attribute), the server MUST send &UNAVAILABLE; presence from the specified resource to all contacts who would receive unavailable presence if the client sent &UNAVAILABLE;.
+The following sections define how the server and the client handling of inbound and outbound XML stanzas while the client is invisible.
While the client is in invisible mode, the server:
MUST NOT broadcast presence notifications as a result of receiving any subsequent undirected presence notifications from the client.
MUST deliver directed presence stanzas generated by the client.
MUST NOT broadcast outbound presence notifications as a result of receiving any subsequent undirected presence notifications from the client.
MUST deliver outbound directed presence stanzas generated by the client.
MUST deliver inbound &PRESENCE; stanzas.
SHOULD deliver inbound &MESSAGE; stanzas whose 'to' address is the bare JID &LOCALBARE; of the user (subject to standard XMPP stanza handling rules).
SHOULD deliver inbound &MESSAGE; stanzas whose 'to' address is the bare JID &LOCALBARE; of the user (subject to standard XMPP stanza handling rules from RFC 6120 and RFC 6121).
MUST deliver inbound &MESSAGE; and &IQ; stanzas whose 'to' address is the full JID &LOCALFULL; corresponding to the resource of the client.
MUST deliver outbound &MESSAGE; and &IQ; stanzas generated by the client (for an important note regarding presence leaks, see the Security Considerations section of this document).
While the client is in invisible mode, the client:
+While the client is in invisible mode, it is suggested that the client behave as follows:
MUST maintain a temporary list of entities with which communication is allowed, and prompt the user before adding any entity to that "communicants list" for this invisibility session; the list MAY be auto-populated with trusted entities if so configured by the user.
MUST prompt the user before sending any outbound traffic (message, presence, or IQ stanza) to a contact even if the user generated such traffic; upon receiving authorization from the user, the client SHOULD add the authorized entity to the communicants list for this invisibility session.
Maintain a temporary list of entities with which communication is allowed and prompt the user before adding any entity to that "communicants list" for this invisibility session; for user convenience, this list might be auto-populated with trusted entities if so configured by the user.
Prompt the user before sending any outbound traffic (message, presence, or IQ stanza) to another user, even if the user generated such traffic; upon receiving authorization from the user, the client might then add the authorized entity to the communicants list for this invisibility session.
In order for a client to become visible again, it shall send an IQ-set with no 'to' address (thus handled by the user's server) containing a <visible/> element qualified by the 'urn:xmpp:invisible:0' namespace &VNOTE;.
+In order for a client to become visible again, it sends an IQ-set with no 'to' address (thus handled by the user's server) containing a <visible/> element qualified by the 'urn:xmpp:invisible:0' namespace &VNOTE;.
When the client becomes visible, the server MUST treat that state as equivalent to an active session before receiving initial presence from the client.
-It is the responsibility of the client to send an undirected presence notification to the server.
+If the user wishes to then send presence to contacts, it is the responsibility of the client to send an undirected available presence notification to the server.
The server then MUST broadcast that presence to all entities who would normally receive presence broadcasts from the client (as well as any other entities to which the client sent directed presence while invisible).
+The server would then broadcast that presence notification to all entities who would normally receive presence broadcasts from the client (the server MAY also send that notification to any entities to which the client sent directed presence while invisible).
In order for a client to discover whether its server supports the protocol defined herein, it MUST send a &xep0030; information request to the server:
+In order for a client to discover whether its server supports the invisible command, it sends a &xep0030; information request to the server:
If the server supports the protocol defined herein, it MUST return a feature of "urn:xmpp:invisible:0" &VNOTE;.
+If the server supports the invisible command, it MUST return a feature of "urn:xmpp:invisible:0" &VNOTE;.
A server MAY use the same backend data store for invisibility mode as defined herein and &xep0016; as used for invisibility (see XEP-0126). If so, the server MUST update the relevant privacy lists on behalf of the user when the client requests initiation or termination of invisible mode.
+A server MAY use the same backend data store for this invisibility mode as for &xep0016; when used for invisibility (see XEP-0126). If so, the server MUST update the relevant privacy lists on behalf of the user when the client requests initiation or termination of invisible mode.
Thanks to Philipp Hancke, Kevin Smith, and Matthew Wild for their feedback.
+