Defined HTTP lookup methods using well-known URIs as specified in RFC 5785.
Although &xmppcore; specifies the use of TCP as the method of connecting to an XMPP server, alternative connection methods exist, including the &xep0124; method (for which &xep0206; is the XMPP profile) and &xmppoverwebsocket;. For some of these methods, it is necessary to discover further parameters before connecting, such as the HTTP URL of an alternative connection manager. Without ways to auto-discovering alternative connection methods, the relevant information would need to be provided manually by a human user, which is cumbersome and error-prone.
+Although &xmppcore; specifies the use of TCP as the method of connecting to an XMPP server, alternative connection methods exist, including the &xep0124; method (for which &xep0206; is the XMPP profile) and &xmppoverwebsocket;. For some of these methods, it is necessary to discover further parameters before connecting, such as the HTTP URL of an alternative connection manager. Without ways to auto-discover alternative connection methods, the relevant information would need to be provided manually by a human user (which is cumbersome and error-prone) or hard-coded into XMPP software applications (which is brittle and not interoperable).
This document defines two ways to encapsulate information about alternative connection methods for auto-discovery:
The following examples show two DNS TXT resource records: the first indicates support for the XMPP Over BOSH connection method defined in XEP-0124 and XEP-0206 and the second indicates support for WAP connections (the latter connection method is not yet defined).
+The following examples show two DNS TXT resource records: the first indicates support for the XMPP Over BOSH connection method defined in XEP-0124 and XEP-0206 and the second indicates support for XMPP over WebSocket connections defined in &xmppoverwebsocket;.
The following examples show two host-meta link records: the first indicates support for the XMPP Over BOSH connection method defined in XEP-0124 and XEP-0206 and the second indicates support for the &xmppoverwebsocket; connection method.
+The following examples show two host-meta link records: the first indicates support for the XMPP Over BOSH connection method defined in XEP-0124 and XEP-0206 and the second indicates support for the XMPP Over WebSocket connection method defined in draft-ietf-xmpp-websocket.
It is possible that advertisement of alternative connection methods can introduce security vulnerabilities, since a connecting entity (usually a client) might deliberately seek to connect using the method with the weakest security mechanisms (e.g., no channel encryption or relatively weak authentication). Care needs to be taken in determining which alternative connection methods are appropriate to advertise.
+Entities that use these connection methods need to ensure that they conform to the security considerations of each method (e.g., by preferring to use 'https' or 'wss' URLs that are protected using Transport Layer Security).
The registrant can register more than one attribute at a time, each contained in a separate <method/> element.
-This document registers the following values.
_xmpp-client-httppoll
@@ -239,11 +241,20 @@ _xmppconnect IN TXT "_xmpp-client-wap=http://wap.jabber.org/connector"
XEP-0025
+
+ _xmpp-client-websocket
+ XMPP Over WebSocket connection method
+
+ The ws: or wss: URL at which to contact the WebSocket connection manager or proxy
+
+ draft-ietf-xmpp-websocket
+
+
_xmpp-client-xbosh
XMPP Over Bosh connection method
- The http: or https: URL at which to contact the HTTP Binding connection manager or proxy
+ The http: or https: URL at which to contact the HTTP Binding (BOSH) connection manager or proxy
XEP-0206