diff --git a/xep-0369.xml b/xep-0369.xml index 7b4389c7..4e5dcba2 100644 --- a/xep-0369.xml +++ b/xep-0369.xml @@ -28,30 +28,37 @@ MIX &ksmithisode; - - - Steve - Kille - Steve.Kille@isode.com - Steve.Kille@isode.com - + &skille; &stpeter; + + 0.6 + 2016-12-02 + sek (XEP Editor: ssw) +

+ Added Internationalization Consideration section, and various I18n edits; + Added Security Considerations section; + Tombstoning of Redaction changes made optional; + Added a section specifying MIX Proxy; + Change configuration and information node management to directly use PubSub; + Provide for XEP-0202 (vCard4 over XMPP) in addition to vcard-temp support. +

+ 0.5 2016-11-04 sek (XEP Editor: ssw)

- Complete and restructure Administration Section: Creating Channels and modifying configuration - Add avatar nodes - Add section on roster handling - Discovering MIX Services - Resolve questions on future capabilities - Administration of Allowed/Banned; clarify Kick functionality is replaced - User Presence Probes on Channel Start-up - Add user Presence preference - Clarify and Expand MAM Archiving - Sort Retraction - Add Marker IQ + Complete and restructure Administration Section: Creating Channels and modifying configuration; + Add avatar nodes; + Add section on roster handling; + Discovering MIX Services; + Resolve questions on future capabilities; + Administration of Allowed/Banned; clarify Kick functionality is replaced; + User Presence Probes on Channel Start-up; + Add user Presence preference; + Clarify and Expand MAM Archiving; + Sort Retraction; + Add Marker IQ; Conversion 1:1

@@ -195,7 +202,7 @@ This means that a MIX client needs to resynchronize with the MIX service when it comes online. This synchronization will happen directly between the MIX client and MIX channel.
  • The MIX Proxy will know which channels are subscribed to, and so can send this list to a MIX client. Because channel subscriptions are long term, this information will be used instead of the bookmark approach used with MUC.
  • The MIX Proxy will manage channel registration and de-registration in the user's roster.
    • -
  • Different clients may wish to access different channels (e.g., a mobile client may only access a subset of the channels in which a user is interested). The MIX Proxy MAY handle sending messages only to the clients that wish for them, perhaps using a profile mechanism.
    • +
  • Different clients may wish to access different channels (e.g., a mobile client may only access a subset of the channels in which a user is interested). The MIX Proxy enables a client to select only a subset of channels.

    • Messages being sent from MIX channel to MIX Proxy (which will be of type=groupchat) and presence information are sent to the bare JID. This means that the MIX Proxy will use a modification of the standard &rfc6121; rules. @@ -205,13 +212,9 @@

    The behaviour of a MIX Proxy and the protocol between MIX Proxy and MIX Client is not currently defined in this specification. It will be defined in one of three places. - It may be desirable in some situations to provide different service to different clients. For example, a mobile client may participate in a smaller set of MIX channels than a desktop client. This needs support from the server to which the client connects, so that MIX client and the connected server can negotiate which channels to send. This is not supported by the core MIX specification, but it is anticipated that this will be specified in one of the following ways: + It may be desirable in some situations to provide different service to different clients. For example, a mobile client may participate in a smaller set of MIX channels than a desktop client. This needs support from the server to which the client connects, so that MIX client and the connected server can negotiate which channels to send. MIX Proxy behaviour is specified in this MIX specification.

    -
      -
    1. In an extension to &xep0376; (PAM) which follows a model close to MIX Proxy; or
      2. -
    2. In a new XEP specifically to defined MIX Proxy behavior; or
      3. -
    3. As a new section in a future version of the MIX Specification.
      4. -
    +

    @@ -373,13 +376,13 @@

    The Information node holds information about the channel. The information node contains a single item with the current information. Information node history is held in MAM. The information node is named by the date/time at which the item was created. Users MAY subscribe to this node to receive information updates. The Information node item may contain the following attributes, each of which is optional:

    - -

    The format of the Information node follows &xep0004;. This allows configuration to be updated by MIX defined commands and that the results of update commands are the same as the PubSub node. + + + + + +
    NameDescriptionField TypeValuesDefault
    'Name'A short string providing a name for the channel.text-single--
    'Description'A longer description of the channel.text-single--
    'Contact'The JID or JIDs of the person or role responsible for the channel.jid-multi--
    +

    The name and description values MUST contain a "text" element and MAY contain additional text elements. Where multiple text elements are provided, each MUST posses an xml:lang attribute that describes the natural language of the subject. The format of the Information node follows &xep0004;. This allows configuration to be updated by MIX defined commands and that the results of update commands are the same as the PubSub node. The following example shows the format of a item in the information node for the example coven@mix.shakespeare.example channel.

    - The Configuration node holds the configuration of the channel as a single item, named by the date-time of the last update to the configuration. A single item is stored in the node, with previous configuration history accessed by MAM. Users MAY subscribe to the configuration node to get notification of configuration change. The configuration node is optional for a MIX channel. For example, configuration choices could be fixed and not exposed. A subset of the defined configuration options may be used and additional non-standard configuration options may be added. If configuration options to control functionality of the nature described here are provided, the options defined in this standard MUST be used. The following configuration options are defined: + The Configuration node holds the configuration of the channel as a single item, named by the date-time of the last update to the configuration. A single item is stored in the node, with previous configuration history accessed by MAM. Users MAY subscribe to the configuration node to get notification of configuration change. The configuration node is optional for a MIX channel. For example, configuration choices could be fixed and not exposed. A subset of the defined configuration options may be used and additional non-standard configuration options may be added. If configuration options to control functionality of the nature described here are provided, the options defined in this standard MUST be used. The following configuration attributes are defined:

    - +
    - + @@ -497,7 +500,7 @@

    An entity may discover a MIX service or MIX services by sending a Service Discovery items ("disco#items") request to its own server.

    - + + + + + + ]]>

    The response will be a list of features of the MIX channel. If Nick Registration is supported, then the result set will include <feature var="mix_nick_register"/>. @@ -1075,10 +1087,7 @@ the participant is not be subscribed to all nodes associated with the channel (i ]]> -

    On success, the service informs the user of its nick. The nick that is issued might be different from the nick that was requested, for example if the service completes normalization of nicknames for purposes of internationalization.

    -

    - MIX services SHOULD apply the "nickname" profile of the PRECIS OpaqueString class, as defined in &rfc7700;. -

    +

    On success, the service informs the user of its nick. MIX SHOULD apply the "nickname" profile of the PRECIS OpaqueString class, as defined in &rfc7700; to the requested nick. This means that nick that is issued might be different from the nick that was requested.

    -

    A client sends a message directly to a MIX channel as a standard groupchat message, in exactly the same way as for &xep0045;. Messages are sent directly to the channel and do not use the MIX Proxy.

    +

    A client sends a message directly to a MIX channel as a standard groupchat message, in exactly the same way as for &xep0045;. Messages are sent directly to the channel and do not use the MIX Proxy. The message id is selected by the client.

    ]]>

    The MIX channel then puts a copy of the message into the MAM archive for the channel and sends a copy of the message to each participant in - standard groupchat format. These messages sent by the channel are addressed to the bare JID of each participant and this will be handled by the participant's MIX Proxy. The message from value is the full Proxy JID of the message sender. The id of the message is the ID from the MAM archive.

    + standard groupchat format. These messages sent by the channel are addressed to the bare JID of each participant and this will be handled by the participant's MIX Proxy. The message from value is the full Proxy JID of the message sender. The id of the message is the ID from the MAM archive and NOT the id used by the sender.

    - A MIX channel MAY support message retraction, where the sender of a messages or an administrator deletes a message. If this is done the original message MUST be replaced by a tombstone. The protocol to request retraction does this by a message with a <retract> element as shown in the following example. + A MIX channel MAY support message retraction, where the sender of a messages or an authorized administrator deletes a message. If this is done the original message MAY be replaced by a tombstone. The protocol to request retraction does this by a message with a <retract> element as shown in the following example.

    ]]>

    - The MIX channel will allow a user to retract a message sent by the user if the 'Allow User Message Retraction' option is configured. The MIX channel will allow a user to retract any message if the user is in the group specified by the 'Administrator Message Retraction Rights' option. + The MIX channel will allow a user to retract a message sent by the user if the 'Allow User Message Retraction' option is configured. The MIX channel will allow an administrative user to retract any message if the user is in the group specified by the 'Administrator Message Retraction Rights' option.

    If the retraction message is accepted, it will be distributed to channel participants. This will allow retraction to happen in the MAM archive of each channel participant and to reflect the retraction in client GUI. A client receiving a retraction message SHOULD ensure that the retracted message is no longer displayed to the end user.

    - When a message is retracted the original message <body> MUST be removed and MUST be replaced with a tombstone using the <retracted> element that shows the JID of user performing the retraction and the time of the retraction. + Two approaches to message retraction may be used. In the first approach, the retracted message is simply removed. This is appropriate where retraction is provided as a user service and the user has rights to remove messages sent from the record. +

    +

    + The second approach is to leave a tombstone, which if taken MUST be done in the following manner. This is appropriate where it is desired to leave a record of the message that was redacted. + With this approach, the original message <body> is removed and replaced with a tombstone using the <retracted> element that shows the JID of user performing the retraction and the time of the retraction.

    @@ -1423,7 +1436,7 @@ the participant is not be subscribed to all nodes associated with the channel (i -

    A user may request the vCard of a channel participant by sending a request through the channel. The request may be sent directly by the client or through a MIX Proxy. The MIX channel MAY pass this request on or may block it. In the following example, the requesting client sends a message to the anonymized bare JID of the channel participant for which the vCard is desired.

    +

    A user may request the vCard of a channel participant by sending a request through the channel. The request may be sent directly by the client or through a MIX Proxy. The MIX channel MAY pass this request on or may block it. vCard requests MAY use &xep0054; (vcard-temp) or &xep0292; (vCard4 over XMPP). Where a MIX service supports one or both of these protocols, the protocol MUST be advertized as a feature of the MIX service. In the following example, using vcard-temp, the requesting client sends a message to the anonymized bare JID of the channel participant for which the vCard is desired.

     -

    Authorized users, typically owners and sometimes administrators, may modify the channel information. The client MAY issue a get command to obtain a form that will facilitate update of the information node. The values in the form show current values, which be defaults or may have been explicitly set. In the following example, the channel name was previously set, but other values were not.

    +

    Authorized users, typically owners and sometimes administrators, may modify the channel information. The client MAY issue a pubsub get command to obtain a form that will facilitate update of the information node. The values in the form show current values, which be defaults or may have been explicitly set. In the following example, the channel name was previously set, but other values were not.

    - + + + - + + urn:xmpp:mix:0 @@ -1726,16 +1742,18 @@ A client creates a channel by sending a simple request to the MIX service. A c label='Channel Administrative Contact' var='Contact'/> - + + ]]> -

    Updating the information node is done using a set command of type info. The MIX channel MUST update the fields with values provided, leaving other fields unchanged. The result returns the id used in the information node item, which is the date/time of the modification.

    +

    Updating the information node is done using a pubsub set command. The MIX channel MUST update the fields with values provided, leaving other fields unchanged. The result returns the id used in the information node item, which is the date/time of the modification.

    - + + urn:xmpp:mix:0 @@ -1750,32 +1768,40 @@ A client creates a channel by sending a simple request to the MIX service. A c greymalkin@shakespeare.lit - + + - + + + + + ]]>     -

    Channel owners may modify the channel configuration. The client MAY issue a get command "config" to obtain a form that will facilitate update of the configuration node. Other clients MAY be authorized to use this command to see the channel configuration, but only owners may update the configuration. The values in the form show current values, which be defaults or may have been explicitly set. The following example shows a short form returned to illustrate the syntax. A typical configuration form will be much larger with many fields.

    +

    Channel owners may modify the channel configuration. The client MAY issue a pubsub get command to obtain a form that will facilitate update of the configuration node. Other clients MAY be authorized to use this command to see the channel configuration, but only owners may update the configuration. The values in the form show current values, which be defaults or may have been explicitly set. The following example shows a short form returned to illustrate the syntax. A typical configuration form will be much larger with many fields.

    - + + + - + + urn:xmpp:mix:0 @@ -1785,16 +1811,18 @@ A client creates a channel by sending a simple request to the MIX service. A c label='Channel Administrator' var='Administrator'/> - + + ]]> -

    Updating the information node is done using a set command of type config. The MIX channel MUST update the fields with values provided, leaving other fields unchanged. The result returns the id used in the configuration node item, which is the date/time of the modification.

    +

    Updating the information node is done using a pubsub set command. The MIX channel MUST update the fields with values provided, leaving other fields unchanged. The result returns the id used in the configuration node item, which is the date/time of the modification.

    - + + urn:xmpp:mix:0 @@ -1815,14 +1843,19 @@ A client creates a channel by sending a simple request to the MIX service. A c true - + + - + + + + + ]]>     @@ -1907,6 +1940,90 @@ A client creates a channel by sending a simple request to the MIX service. A c + +

    + This section defines behaviour of the MIX Proxy Service, so that the full MIX specification for clients and servers is set out in a single document. MIX Proxy support MUST be provided by servers used by clients that participate in MIX channels. In future, MIX Proxy specification may be moved to a separate XEP or it may be incorporated into + &xep0376; (PAM) which follows a model close to MIX Proxy. +

    + + +

    + All messages from MIX channels to users are sent to the user's MIX Proxy, which resides on the user's XMPP server. The MIX Proxy will send on these messages to each of the user's clients that has activated the MIX service. MIX provides capabilities for an online client to activate and de-activate MIX for that client. A client may activate MIX for all the user's channels or for a selected list. This will enable a mobile client to choose to receive only messages from selected MIX channels. Activation uses an IQ set with an <activate> element to instruct the MIX proxy to activate the client. The server responds with a result to confirm activation. The client may include one or more <channel> elements, to identify an explicit list of channels that are activated for the client. If mo channels are specified, activation is for all channels where the user is a participant. A client supporting MIX will typically activate MIX as soon as it comes online, but a client may also choose to only activate MIX for specific periods. +

    + + + + coven@mix.shakespeare.lit + spells@mix.shakespeare.lit + + + + + + +]]> + +

    + A client will deactivate MIX using a corresponding deactivate command. This will deactivate all MIX channels. This will often be done when the client closes down, but may also be done at other times the client chooses. Deactivation uses an IQ set with an <deactivate> element to instruct the MIX proxy to activate the client. +

    + + + + + + + + +]]> + +

    + If a client goes offline, the server's MIX Proxy MUST deactivate MIX immediately. This will mean that standard client behaviour will be to activate MIX when they come online. +

    + +     + + +

    + Messages from a MIX channel will usually go to the MIX proxy. The only exception to this is where the MIX channel is responding directly to messages from the client. Messages and presence distributed but a MIX channel will always be sent to the MIX Proxy. The MIX Proxy will simply send on the messages from the channel to each of the user's clients which have activated the channel with the MIX Proxy. If there are no clients activated, the message is dropped. +

    +

    + Messages sent to the MIX Proxy will always be addressed to the user's bare JID. The MIX proxy will modify the recipient to the full JID of each client to which the message is forwarded. The MIX Proxy MUST NOT make any other modifications to each message. +

    +     + + +

    + The MIX specification requires that some messages are sent through the MIX Proxy and allows other messages to be sent through the MIX Proxy. This enables the MIX Proxy to use information from the client to improve the MIX Proxy function. The messages sent by the client to the MIX proxy will come from the client's full JID. The MIX proxy will modify the messages to come from the bare JID. This modification is transparent to the MIX client. The client will always send messages from the full JID and the MIX Proxy will modify the message to ensure MIX compliance. +

    + + +

    + The MIX Proxy is responsible for ensuring that MIX channels are correctly entered into the user's roster. This is provided as a generic client independent service for the user. +

    +

    + The MIX Proxy SHOULD ensure that only presence information from activated MIX clients is sent to the MIX channel. So, if a user has two online clients, but only one is activated for a given MIX channel, then the channel SHOULD only receive presence information relating to the activated client. +

    +     + + +

    + MAM Archive is not a part of the MIX Proxy. However, it is important to note that archive of channel information is done by the user's server. Where a message is sent to the MIX Proxy and discarded because there are no active clients, it will still be archived. This means that the messages will be available in the local archive and can be picked up by clients when they come online. +

    +     +     +

    MIX is specified as a service that can be used independent of MUC and a MIX service may be implemented without MUC. If both MIX and MUC are implemented, three approaches are noted. @@ -1998,57 +2115,55 @@ A client creates a channel by sending a simple request to the MIX service. A c + +

    This section lists a number of capabilities not specified in this version of MIX which were provided in &xep0045;.

    + +

    + &xep0045; provides a mechanism to control access to MUC rooms using passwords. An equivalent mechanism is not included in MIX, as it has a number of security issues. Control of access to channels is better achieved using an explicit list of participants. +

    +     + +

    + &xep0045; defines a mechanism so that MUC moderators can control who is able to send messages to a MUC room using a "voice" mechanism. The current version of MIX does not include this. This might be added to a future version of this XEP or as a separate XEP if this capability becomes an agreed requirement. +

    +     - - - -

    This section lists a number of capabilities not specified in this version of MIX which were provided in &xep0045;.

    - -

    - &xep0045; provides a mechanism to control access to MUC rooms using passwords. An equivalent mechanism is not included in MIX, as it has a number of security issues. Control of access to channels is better achieved using an explicit list of participants. -

    -     - -

    - &xep0045; defines a mechanism so that MUC moderators can control who is able to send messages to a MUC room using a "voice" mechanism. The current version of MIX does not include this. This might be added to a future version of this XEP or as a separate XEP if this capability becomes an agreed requirement. -

    -     - -     -

    TBD.

    -

    Discuss normalization of nicknames.

    +

    MIX allows specification of a number of human readable strings associated with a MIX channel, in particular the subject of a MIX channel and name and description information. These strings may have language set using an xml:lang attribute, and multiple values may be set provided that each one is distinguished using xml:lang. +

    + +

    Nicknames SHOULD be normalized using the "nickname" profile of the PRECIS OpaqueString class, as defined in &rfc7700;.

    + -

    TBD.

    -

    Topics to cover:

    -
      -
    • transparent vs. opaque channels
      • -
    • nickname registration and security implications of normalization
      • -
    +

    MIX is built over MAM and PubSub and the security considerations of &xep0313; and &xep0060; should be considered. These services protect MIX channel information, which may be sensitive and needs appropriate protection.

    +

    MIX channels may be JID Hidden, in order to hide the JIDs of channel participants from those accessing the channel. Care must be taken to ensure that JIDs are fully hidden. In particular when proxy JIDs are prepared, this MUST be done in a manner which ensure that the real JIDs cannot be determined. Where nicks are assigned by a channel, this MUST be done in a way that does not expose the JID.

    +

    + There is no MIX equivalent to &xep0045; password controlled rooms, which avoids a number of security issues. +

    +

    + MIX provides flexible access control options, which should be used in a manner appropriate to the security requirements of MIX users and services. +

    +     +

    None.

     + -

    Register a namespace.

    +

    The urn:xmpp:mix namespace must be registered.

     + -

    TBD.

    +

    To be supplied when MIX progresses to proposed standard.

     + -

    Thanks to the following who have made contributions: Dave Cridland, Philipp Hancke, Waqas Hussain, Georg Lukas, Ralph Meijer, Edwin Mons, Emmanuel Gil Peyrot, Florian Schmaus, Lance Stout, Sam Whited, Matthew Wild and one anonymous reviewer.

    +

    Thanks to the following who have made contributions: Dave Cridland, Philipp Hancke, Waqas Hussain, Timothée Jaussoin, Georg Lukas, Ralph Meijer, Edwin Mons, Emmanuel Gil Peyrot, Florian Schmaus, Lance Stout, Sam Whited, Matthew Wild and one anonymous reviewer.

     + - diff --git a/xep.ent b/xep.ent index 3dafd7cd..01d49dd1 100644 --- a/xep.ent +++ b/xep.ent @@ -886,6 +886,14 @@ IANA Service Location Protocol, Version 2 (SLPv2) Templates kevin.smith@isode.com " > + + Steve + Kille + steve.kille@isode.com + steve.kille@isode.com + +" > Remko
    NameDescriptionField TypeValuesDefault
    'Last Change Made By'Bare JID of the user making the last change.jid-single--
    'Owner'Dare JIDs with Owner rights as defined in ACL node. When a channel is created, the JID creating the channel is configured as an owner, unless this attribute is explicitly configured to another value.jid-multi--
    'Owner'Bare JIDs with Owner rights as defined in ACL node. When a channel is created, the JID creating the channel is configured as an owner, unless this attribute is explicitly configured to another value.jid-multi--
    'Administrator'Bare JIDs with Administrator rights.jid-multi--
    'End of Life'The date and time at which the channel will be automatically removed by the server. If this is not set, the channel is permanent.text-single--
    'Nodes Present'Specifies which nodes are present. Presence of config nodes is implicit. Jidmap node MUST be present if participants node is present. 'avatar' means that both Avatar Data and Avatar Metadata nodes are present.list-multi'participants'; 'presence'; 'subject'; 'information'; 'allowed'; 'banned'; 'avatar'-