From 5fd219fb337239830f74bf9184a3c5a2c05c8fa0 Mon Sep 17 00:00:00 2001 From: Peter Saint-Andre Date: Sun, 1 Apr 2007 15:35:45 +0000 Subject: [PATCH] initial version git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@720 4b5297f7-1745-476d-ba37-a9c6900126ab --- xep-0207.xml | 460 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 460 insertions(+) create mode 100644 xep-0207.xml diff --git a/xep-0207.xml b/xep-0207.xml new file mode 100644 index 00000000..2159f0a8 --- /dev/null +++ b/xep-0207.xml @@ -0,0 +1,460 @@ + + +%ents; +]> + + +
+ XMPP Eventing via Pubsub + This document specifies semantics for using the XMPP publish-subscribe protocol to handle generic XMPP events (including presence, one-to-one messaging, and groupchat). + &LEGALNOTICE; + 0207 + Active + Humorous + Standards JIG + Council + + XMPP Core + XEP-0060 + + + + N/A + &stpeter; + + 1.0 + 2007-04-01 + psa +

April Fools!

 + +
+ + +

&xep0163; (PEP) introduced the concept of "eventing" into the Extensible Messaging and Presence Protocol (see &xmppcore;). But PEP merely scratched the surface of eventing technologies based on the XMPP &xep0060; extension. This document extends the eventing concept to its ultimate conclusion: the ability to communicate all XMPP semantics via pubsub.

+ + + +

Jabber technologies as invented by Jeremie Miller started out as a relatively lightweight XML messaging transport, but they have become unnecessarily -- even ridiculously -- bloated over the years. Formalization of the core Jabber protocols as the Extensible Messaging and Presence Protocol (XMPP) within the IETF seemed like a good idea at the time, but the extensible nature of the core protocols has tempted the developer community to extend XMPP six ways from Sunday. The result has been a plethora of different conceptual models for various extensions, such as &xep0045; for multi-user communication and &xep0050; for structured entity-to-entity request/response semantics. These different models are inelegant and unnecessary. Indeed, even the inclusion of three different basic packet types (presence, message, and IQ) in the core protocol is overkill.

+

We can do better. In fact, we can reduce all the communication types and styles that are currently defined within the XMPP ecosystem to one model: publish-subscribe as specified in XEP-0060.

+

Consider:

+
    +
  • It has often been observed that presence (see &xmppim;) is a form of publish-subscribe. See, for instance, <http://mail.jabber.org/pipermail/xmppwg/2003-February/000636.html>.
    • +
  • The primitive XMPP "roster" can be easily implemented using the pubsub permissions model.
    • +
  • Multi-user chat too is a kind of publish-subscribe, since a single "publish" to the room results in multiple notifications to the room occupants, who are really subscribers to an information node.
    • +
  • Even one-to-one messaging is just another example of publish-subscribe (in fact it is a special case of multi-user chat).
    • +
+

The remainder of this document will prove beyond a doubt that the older, multiple approaches are obsolete, and that there is indeed one model that serves all our needs: pubsub.

+ + + +

Presence simply is pubsub, since it follows the classic "observer" pattern: multiple subscribers receive notifications whenever the publisher (typically an end user) generates an event related to network availability. Currently in XMPP this is done with the &PRESENCE; stanza, which serves as a kind of pubsub primitive (though only for availability information). For example, Juliet may log into the capulet.lit server and send presence:

+ + Moping + + ]]> +

The capulet.lit server will then send notifications to all of the users who have subscribed to Juliet's presence:

+ + Moping + + + + Moping + + + + Moping + + +[etc.] + ]]> +

But the same functionality can be implemented more elegantly using pubsub:

+ + + + + + Moping + + + + + + + + ]]> +

The server (here implementing PEP) then sends notifications to the subscribers:

+ + + + + + Moping + + + + + + + + + + + + Moping + + + + + + + + + + + + Moping + + + + + + ]]> +

It is true that in this case the packets are significantly larger in the pubsub realization than in the old-fashioned presence realization. This is the price of elegance. Implementations SHOULD use native Transport Layer Security compression (see &rfc4346;) or &xep0138; at the application layer to conserve bandwidth.

+ + + +

The original Jabber technologies included a kind of Buddy List ™ (called the "roster"). But the roster is simply a list of the entities that are subscribed to a user's presence. Occam's Razor would indicate that it is foolish to implement two concepts (presence subscription and roster) when one will solve the problem at hand. In XMPP Eventing via Pubsub, there is no need for a specialized "roster" since the same information is represented in the list of entities who are subscribed to the user's "presence" node in pubsub/PEP.

+

Using XMPP Eventing via Pubsub also cleans up the syntax for presence subscription management, which currently uses four specialized values of the &PRESENCE; element's 'type' attribute: "subscribe", "subscribed", "unsubscribe", and "unsubscribed".

+

Thus for example a presence subscription request is currently made by sending the following presence stanza:

+ + ]]> +

And that request is then delivered to the intended recipient:

+ + ]]> +

In order to approve the subscription request, the user sends a presence stanza of type "subscribed":

+ + ]]> +

At this point the user's server also creates an entry on the user's roster for the relevant contact and pushes that entry to the user:

+ + + + + + ]]> +

Observe how much more elegant it is to use XMPP Eventing via Pubsub:

+ + + + + + ]]> +

The pubsub service then sends an authorization request to the user:

+ + + PubSub subscriber request + + To approve this entity's subscription request, + click the OK button. To deny the request, click the + cancel button. + + + http://jabber.org/protocol/pubsub#subscribe_authorization + + + presence + + + bard@shakespeare.lit + + + false + + + + ]]> +

In order to approve the request, the owner shall submit the form and set the "pubsub#allow" field to a value of "1" or "true"; for tracking purposes the message MUST reflect the 'id' attribute originally provided.

+ + + + http://jabber.org/protocol/pubsub#subscribe_authorization + + + presence + + + bard@shakespeare.lit + + + true + + + + ]]> +

Simple. Elegant. And no need for a roster! The pubsub approach is bit more verbose, but then again clients and servers should implement and deploy stream compression if they are really worred about bandwidth usage.

+ + + +

The existing groupchat protocol for XMPP overloads the &PRESENCE; stanza for temporary "subscriptions" to a virtual room and uses the &MESSAGE; stanza (with a special type of "groupchat") to communicate information to multiple room occupants. Sound familiar? It's just another form of pubsub!

+

In groupchat, a user joins a room by sending presence to "room@service/nick":

+ + ]]> +

But on the pubsub model that is merely a temporary subscription, which can be handled quite elegantly as so:

+ + + + + + + http://jabber.org/protocol/pubsub#subscribe_options + + JC + + + + + ]]> +

In groupchat, room occupants can send messages to all other occupants via the &MESSAGE; stanza:

+ + hi + + ]]> +

The groupchat service then "reflects" that message to all the occupants:

+ + hi + + + + hi + + + + hi + + ]]> +

But on the pubsub model that is merely a publish resulting in multiple notifications, which can be handled quite elegantly as so:

+ + + + + + hi + + + + + + + + ]]> +

The service then sends notifications to all the node subscribers:

+ + + + + + hi + + + + + +
+ + + + + + + + + hi + + + + + +
+ + + + + + + + + hi + + + + + +
+ + + ]]> +

Here again the pubsub approach is slightly more verbose, but that's what stream compression is for.

+ + + +

It's really rather silly that XMPP includes two different models for messaging, one for groupchat and the other for one-to-one messages. Pubsub solves that problem by using one model for everything. In order to exchange messages, one of the parties simply creates a pubsub node with a whitelist model and adds the other person as a publisher (it may also be necessary to add the other party to the whitelist):

+ + + + + + + http://jabber.org/protocol/pubsub#node_config + + whitelist + romeo@montague.lit + + + + + + + + + + + + + + + + + ]]> +

Now Juliet can send a message to the node and it will be delivered to both parties (it's always nice to receive a bcc to one's sending address, the client can simply ignore it, or treat it as an ack):

+ + + + + + wherefore art thou? + + + + + + + + ]]> +

The service then sends notifications to both parties:

+ + + + + + wherefore art thou? + + + + + +
+ + + + + + + + + wherefore art thou? + + + + + +
+ + + ]]> +

Beautiful, no?

+ + + +

Although this document shows how to do presence notifications, presence subscriptions, rosters, groupchat, and one-to-one messaging via pubsub, XMPP Eventing via Pubsub (XEP) is not limited to these functionality areas, which are provided only as examples. Indeed, XMPP Eventing via Pubsub (XEP) provides a generic mechanism for XMPP eventing that obviates the need for any future XMPP Extension Protocol (XEP) specifications other than payload formats for communication over the XMPP Eventing via Pubsub (XEP) transport. Truly, pubsub is the "one ring to bind them all" and the XEP XEP is the mother of all future XEPs. We have a clear path forward to a powerful, robust, payload-agnostic technology for the full range of eventing needs. Let us grasp the opportunity to rebuild XMPP the way it should have been built from the beginning: on top of a solid foundation of publish-subscribe. But did we mention that developers really need to implement stream compression?

+ + + +

In XMPP Eventing via Pubsub (XEP), access control is handled through a single permissions model, that of subscriptions to pubsub nodes. XEP nodes MUST have a default access model of "authorize" to prevent open data retrieval from potentially private data sources; this will result in a great deal of authorization requests and thus annoy typical end users to no end, but users will at least have the illusion of security, which is all they really want anyway.

+

End-to-end encryption is made more difficult in XMPP Eventing via Pubsub (XEP) since all information passes through the pubsub service, which is typically associated with or hosted by the user's server. The solution is to run your own XMPP server in a high-security fashion. In particular, universal deployment of personal XMPP servers, domain certificates (X.509 / PKI) for channel encryption (TLS) and server-to-server trust (SASL), IPv6, DNSSEC, and IPsec will solve all security problems.

+

If that is not enough, XMPP can utilize onion routing schemes such as Tor for added security. Typically this results in high latency. But the word "instant" in "instant messaging" has always made XMPP seem quite frivolous (especially back when we called it "Jabber", what a silly word that is!), whereas "secure messaging" sounds like a serious technology. Who cares if delivery takes forever? (Oh and while we're at it, we should add per-hop acknowledgements for every stanza and perhaps full transactional abilities; however, those initiatives are beyond the scope of this document.)

+ + + +

This document requires no interaction with &IANA;.

+ + + +

This document requires no interaction with the ®ISTRAR;.

+ + + +

Because XMPP Eventing via Pubsub simply reuses the protocol specified in XEP-0060, a separate schema is not needed.

+ + + +

Thanks to Maciek Niedzielski for inspiration.

+ + +