diff --git a/inbox/isr.xml b/inbox/isr.xml new file mode 100644 index 00000000..5d6a8d3f --- /dev/null +++ b/inbox/isr.xml @@ -0,0 +1,343 @@ + + +%ents; +]> + + +
+ Instant Stream Resumption + + This specification introduces an mechanism for instant + stream resumption, based on Stream Management (XEP-0198), allowing + XMPP entities to instantaneously resume an XMPP stream. + + + This XMPP Extension Protocol is copyright (c) 1999 - + 2016 by the XMPP Standards Foundation (XSF). + + Permission is hereby granted, free of charge, to any + person obtaining a copy of this specification (the + "Specification"), to make use of the Specification + without restriction, including without limitation the rights to + implement the Specification in a software program, deploy the + Specification in a network service, and copy, modify, merge, + publish, translate, distribute, sublicense, or sell copies of the + Specification, and to permit persons to whom the Specification is + furnished to do so, subject to the condition that the foregoing + copyright notice and this permission notice shall be included in + all copies or substantial portions of the Specification. Unless + separate permission is granted, modified works that are + redistributed shall not contain misleading information regarding + the authors, title, number, or publisher of the Specification, and + shall not claim endorsement of the modified works by the authors, + any organization or project to which the authors belong, or the + XMPP Standards Foundation. + + ## NOTE WELL: This Specification is provided on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, express or implied, including, without limitation, any + warranties or conditions of TITLE, NON-INFRINGEMENT, + MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. In no event + shall the XMPP Standards Foundation or the authors of this + Specification be liable for any claim, damages, or other + liability, whether in an action of contract, tort, or otherwise, + arising from, out of, or in connection with the Specification or + the implementation, deployment, or other use of the + Specification. ## + + In no event and under no legal theory, whether in tort + (including negligence), contract, or otherwise, unless required by + applicable law (such as deliberate and grossly negligent acts) or + agreed to in writing, shall the XMPP Standards Foundation or any + author of this Specification be liable for damages, including any + direct, indirect, special, incidental, or consequential damages of + any character arising out of the use or inability to use the + Specification (including but not limited to damages for loss of + goodwill, work stoppage, computer failure or malfunction, or any + and all other commercial damages or losses), even if the XMPP + Standards Foundation or such author has been advised of the + possibility of such damages. + + This XMPP Extension Protocol has been contributed in + full conformance with the XSF's Intellectual Property Rights + Policy (a copy of which may be found at <http://xmpp.org/extensions/ipr-policy.shtml> + or obtained by writing to XSF, P.O. Box 1641, Denver, CO 80201 + USA). + + + xxxx + ProtoXEP + Standards Track + Standards + Council + + XMPP Core + XEP-0198 + + + + isr + + Florian + Schmaus + flo@geekplace.eu + flo@geekplace.eu + + + 0.0.1 + 2016-02-12 + fs +

First draft.

 + +
+ + + +

This XEP specifies an instant stream resumption mechanism based + on &xep0198;, allowing XMPP entities to instantaneously resume an + XMPP stream. This can be seen as the complementary part to &xep0305; + allowing for fast XMPP session (re-)establishment.

+ +

Compared to the existing stream resumption mechanism of XEP-0198 § + 5, the approach defined herein reduces the round trips + required to resume a stream to exactly one (besides the + round trips required by the TLS handshake). This is achieved by + using only a secure token to resume the stream.

+ + + + + +
+ +
ISR
+
Instant Stream Resumption.
+ + +
Instant Stream Resumption Token (ISR Token)
+
A string token with at least 128 bits of entropy generated + by a cryptographically secure random number generator.
+ +
+ + + + + + + +

If an entity supports ISR, then the <enabled/> + NonzaXEP-0360: Nonzas (are not Stanzas) <https://xmpp.org/extensions/xep-0360.html>., + which is send as positive reply upon a request to enable Stream + Management, MUST contain an 'tok' attribute qualified by the + 'urn:xmpp:isr:0' namespace containing a ISR Token. The Nonza MAY + also contain a 'location' attribute qualified by the + 'urn:xmpp:isr:0' namespace which specifies the preferred IP address + or hostname, and a TCP port number of the host which should be used + for instant stream resumption.

+ + ]]> + + ]]> + + + + + +

In order to instantaneously resume an XMPP stream the entity + trying to do so must posses a valid ISR token. If it then needs to + perform ISR, it first determines the host for resumption, and after + that, tries to perform the instant stream resumption.

+ + + +

The lookup mechanism order to determine host candidates for ISR + resumption is as follows:

+ +
    +
  1. The host specified in the optional 'location' attribute + qualified by the 'urn:xmpp:isr:0' namespace found in the + <enabled/> element of XEP-0198. +
    2. +
  2. The hosts determined by means of &xep0368;.
    3. +
  3. The host announced in the 'location' attribute of the <enabled/> Nonza defined in XEP-0198.
    4. +
  4. Standard host lookup mechanisms.
    5. +
+ +

The host candidates retrieved by those mechanisms SHOULD be + tried by the initiating entity in this order.

+ +

Note that the hosts announced by the 'location' attribute + qualified by the 'urn:xmpp:isr:0' namespace MUST be connected to + using Transport Layer Security (TLS, see &rfc5246;) from the + beginning, i.e. <starttls/> MUST NOT be used, instead the + TLS Handshake is performed right after establishing the + connection.

+ +

The order prefers hosts which allow connections where TLS is + enabled from the beginning. This is desirable in order to reduce + the required round trips by skipping the <starttls/> + step.

+ + + + + +

After the host on which the instant stream resumption should be + performed was determined, the entity connects to, and establishes + TLS by either

+ +
    +
  1. establishing a TLS session right away, or
    2. +
  2. performing STARTTLS (&rfc6120; § 5).
    3. +
+ +

After the connection has been secured, the + initiating entity sends an XMPP <stream> open element + followed by a <instant-resume/> Nonza qualified by the + 'urn:xmpp:isr:0' namespace which MUST contain the ISR token in the + 'tok' attribute and the sequence number of the last by Stream + Management handled stanza in the 'h' attribute.

+ +

Note that the initiating entity SHOULD pipeline the instant + stream resumption request together with then initial + <stream> open element since it already has determined that + the service supports this feature. Servers MUST announce that they + support ISR by including an <isr/> element qualified by the + 'urn:xmpp:isr:0' namespace in their stream features.

+ + +]]> + +

ISR MUST only be performed over TLS secured sessions. What + follows is that the ISR feature MUST only be announced after + STARTTLS has been successfully performed or on streams where TLS + was established from the beginning.

+ + + +

On success the server replies with <inst-resumed/> + Nonza which MUST contain a new ISR Token found in the + 'tok' attribute and the sequence number of the last by Stream + Mangement handled stanza in the 'h' attribute.

+ + + + + +]]> + +

After the <inst-resumed/> was received both entities + MUST consider the resumed stream to re-established. This + includes all previously negotiated stream features like + &xep0138;. It does however not include the specific state of the + features: For example in case of stream compression, the + dictionary used by the compression mechanism of the resumed + stream MUST NOT be considered to be restored after instant + stream resumption.

+ + + + + +

If the server is unable to resume the stream instantly it + MUST reply with a <failed/> Nonza qualified by the + 'urn:xmpp:isr:0' namespace.

+ + ]]> + +

The server MAY also include a 'h' attribute in the + <failed/> element indicating the number of handled + stanzas.

+ + ]]> + +

Instant stream resumption errors SHOULD be considered + recoverable, the initiating entity MAY continue with normal + session establishment; however, misuse of stream management MAY + result in termination of the stream.

+ + + + + + + + + +

It is of vital importance that the Instant Stream Resumption Token + is generated by a cryptographically secure random generator. See + &rfc4086; for more information about Randomness Requirements for + Security

+ + + + + +

This document requires no interaction with &IANA;.

+ + + + + +

The ®ISTRAR; includes 'urn:xmpp:isr:0' in its registry of protocol namespaces (see &NAMESPACES;).

+ + + + + + +

TODO: Add after the XEP leaves the 'experimental' state.

+ + + + + +

Thanks to Jonas Wielicki for his feedback.

+ + + +