Fix bitrot in inbox

This commit is contained in:
Jonas Wielicki 2017-08-23 13:20:46 +02:00
parent 2fac2f0b39
commit a4fbf95e1b
44 changed files with 647 additions and 504 deletions

8
inbox/Makefile Normal file
View File

@ -0,0 +1,8 @@
OUTDIR?=../build/
xeps=$(wildcard *.xml)
.PHONY: all
all: html
html: $(patsubst %.xml, $(OUTDIR)/%.html, $(xeps))

View File

@ -23,7 +23,7 @@
<dependencies>
<spec>XMPP Core</spec>
</dependencies>
<supersedes>XEP-0077</supersedes>
<supersedes><spec>XEP-0077</spec></supersedes>
<supersededby/>
<shortname>NOT_YET_ASSIGNED</shortname>
<author>
@ -72,11 +72,11 @@
<di>
<dt>Account Management</dt>
<dd>Gestion of a client XMPP account on a given server deployment. An account is being defined by the locale part of the JID, and by the authentication mechanisms available for this account.</dd>
<dt>In-Band</dt>
<dd>Capacity of acting directly through a XMPP stream. As a consequence, an In-Band Account Management MAY allow users to bootstrap the existence of their account, and oppositely to end it, or modify it, without ever having to use another medium (like the web for instance), or without the existence of a previous account.</dd>
<dt>Storage Mechanism</dt>
<dd>The internal logics of a server to store authentication data.</dd>
</di>
<di><dt>In-Band</dt>
<dd>Capacity of acting directly through a XMPP stream. As a consequence, an In-Band Account Management MAY allow users to bootstrap the existence of their account, and oppositely to end it, or modify it, without ever having to use another medium (like the web for instance), or without the existence of a previous account.</dd></di>
<di><dt>Storage Mechanism</dt>
<dd>The internal logics of a server to store authentication data.</dd></di>
</dl>
</section1>
<section1 topic='Use Cases' anchor='usecases'>
@ -481,13 +481,13 @@
<li>For a better user experience, it is important to provide &lt;challenge/> fallbacks rather than directly fail with a &lt;failure/> on the first user error. <cite>XEP-0158</cite> for instance proposes to fail directly on a wrong answer to a CAPTCHA challenge, while it is well known that many actual human users regularly fails, sometimes even several, captchas before succeeding one. As a consequence, in such a case or other similar challenge, it is better to return a new challenge (a new CAPTCHA for instance) rather than cancelling the negotiation, doing so eventually only after a few retries.</li>
<li>The storage mechanism does not mean necessarily that credentials have to be stored in the given form, in particular when the server estimates a storage mechanism being stronger than the one desired by the user, and still without losing any authentication possibility. For instance if a client was to exchange credentials in PLAIN, and if the server usually provides SCRAM-SHA1, SCRAM-SHA-256 and PLAIN authentication mechanisms, then it would be wise to store it as both SCRAM-SHA-1 and SCRAM-SHA-256 instead of PLAIN. This way the security of the password is highly renforced in the case of the database being stolen and the three authentication mechanisms are still available to this user. Of course it would have been even more secure for the client itself to exchange the credentials as SCRAM-SHA-1 and SCRAM-SHA-256 from the start, because by exchanging PLAIN data, possibility is given to a man-in-the-middle attack to steal directly the password during this one-time account registration.</li>
<li>Security may have a price. If you were to store credentials with SCRAM-SHA-256 only, and later you change to a client which supports only PLAIN and SCRAM-SHA-1, you may fall in a case where you force yourself to log in using PLAIN. For this reason, a good client implementation SHOULD be able to determine such edge case. In the previous case, if possible, it SHOULD have stored both SCRAM-SHA-1 and SCRAM-SHA-256 on registration or silently modify later its storage.</li>
<li>When registering a new account, considering that the user has obviously not been authenticated yet, the server MUST NOT rely on the 'from' value of the initiating stream. In particular:</li>
<li>When registering a new account, considering that the user has obviously not been authenticated yet, the server MUST NOT rely on the 'from' value of the initiating stream. In particular:
<ul>
<li>the server MUST NOT decide whether or not to propose the &lt;registration/> feature based on the existence of the JID filled in 'from'. Doing so would leak away information about the existence of a JID which could therefore be sent undesirable messages. Being consistent on showing the feature forces to try to register which can already eliminates part of the risk if the challenge provides some bot protection (for instance CAPTCHAs).
<br />A perfectly valid alternative would be to always provide the &lt;registration/> feature when no "from" is filled but never provide it when a "from is filled" (no matter it is an existing JID or not). This consistent logics does not leak information.</li>
<li>Do not modify the SASL authentication's mechanisms listed in the &lt;mechanisms/> feature depending on the 'from'. Even though a given JID might not be able to connect with some mechanisms because the credentials storage is incompatible, this would leak information on the kind of storage mechanism used for this user. This information would allow attackers to determine, then target, users whose storage would be weaker.
<br/>Of course this particular point might cause issues for users regularly changing their clients or log in from various computer. For instance the SCRAM-SHA-1 and SCRAM-SHA-256 storage are incompatible. If you first registered by specifying the SCRAM-SHA-256 storage, then on another client which does not support SCRAM-SHA-256 or even who supports it, but for some reason always try and gives priority to SCRAM-SHA-1, the user could be found in a situation where he never manages to authenticate while providing the right password. For this reason, it could be wiser for server deployments to choose compatible mechanisms, when possible. On client side, if they are provided a raw password, instead of pre-computed data for a specific mechanism, then they should intelligently try the various mechanisms, starting from the one they consider the stronger. Hence try SCRAM-SHA-256, then SCRAM-SHA-1 if the first failed, then only if both failed, tell the user that authentication failed (note that the client should not try PLAIN as a last fallback, because we remind that any SCRAM-* storage is compatible with the SASL PLAIN mechanism. Trying PLAIN would therefore be a security risk.</li>
</ul>
<li><p>the server MUST NOT decide whether or not to propose the &lt;registration/> feature based on the existence of the JID filled in 'from'. Doing so would leak away information about the existence of a JID which could therefore be sent undesirable messages. Being consistent on showing the feature forces to try to register which can already eliminates part of the risk if the challenge provides some bot protection (for instance CAPTCHAs).</p>
<p>A perfectly valid alternative would be to always provide the &lt;registration/> feature when no "from" is filled but never provide it when a "from is filled" (no matter it is an existing JID or not). This consistent logics does not leak information.</p></li>
<li><p>Do not modify the SASL authentication's mechanisms listed in the &lt;mechanisms/> feature depending on the 'from'. Even though a given JID might not be able to connect with some mechanisms because the credentials storage is incompatible, this would leak information on the kind of storage mechanism used for this user. This information would allow attackers to determine, then target, users whose storage would be weaker.</p>
<p>Of course this particular point might cause issues for users regularly changing their clients or log in from various computer. For instance the SCRAM-SHA-1 and SCRAM-SHA-256 storage are incompatible. If you first registered by specifying the SCRAM-SHA-256 storage, then on another client which does not support SCRAM-SHA-256 or even who supports it, but for some reason always try and gives priority to SCRAM-SHA-1, the user could be found in a situation where he never manages to authenticate while providing the right password. For this reason, it could be wiser for server deployments to choose compatible mechanisms, when possible. On client side, if they are provided a raw password, instead of pre-computed data for a specific mechanism, then they should intelligently try the various mechanisms, starting from the one they consider the stronger. Hence try SCRAM-SHA-256, then SCRAM-SHA-1 if the first failed, then only if both failed, tell the user that authentication failed (note that the client should not try PLAIN as a last fallback, because we remind that any SCRAM-* storage is compatible with the SASL PLAIN mechanism. Trying PLAIN would therefore be a security risk.</p></li>
</ul></li>
</ul>
</section1>
<section1 topic='IANA Considerations' anchor='iana'>

View File

@ -1,6 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>

View File

@ -8,78 +8,15 @@
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<xep>
<header xml:base="sections/header.xml">
<header>
<title>Buddycloud Channels</title>
<abstract>This document describes a profile and conventions for usage of the PubSub protocol in the context of a new type of communication.</abstract>
&LEGALNOTICE;
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<revision>
<version>0.0.2</version>
<date>2014-04-29</date>
<initials>sdt</initials>
<remark>
<p>First draft.</p>
</remark>
</revision>
<shortname>NOT_YET_ASSIGNED</shortname>
<legal>
<copyright>This XMPP Extension Protocol is copyright (c) 1999 - 2014
by the XMPP Standards Foundation (XSF).
</copyright>
<permissions> Permission is hereby granted, free of charge, to any
person obtaining a copy of this specification (the
"Specification"), to make use of the Specification without
restriction, including without limitation the rights to implement
the Specification in a software program, deploy the Specification in
a network service, and copy, modify, merge, publish, translate,
distribute, sublicense, or sell copies of the Specification, and to
permit persons to whom the Specification is furnished to do so,
subject to the condition that the foregoing copyright notice and
this permission notice shall be included in all copies or
substantial portions of the Specification. Unless separate
permission is granted, modified works that are redistributed shall
not contain misleading information regarding the authors, title,
number, or publisher of the Specification, and shall not claim
endorsement of the modified works by the authors, any organization
or project to which the authors belong, or the XMPP Standards
Foundation.
</permissions>
<warranty> ## NOTE WELL: This Specification is provided on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, express or implied, including, without limitation, any
warranties or conditions of TITLE, NON-INFRINGEMENT,
MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. In no event
shall the XMPP Standards Foundation or the authors of this
Specification be liable for any claim, damages, or other liability,
whether in an action of contract, tort, or otherwise, arising from,
out of, or in connection with the Specification or the
implementation, deployment, or other use of the Specification. ##
</warranty>
<liability> In no event and under no legal theory, whether in tort
(including negligence), contract, or otherwise, unless required by
applicable law (such as deliberate and grossly negligent acts) or
agreed to in writing, shall the XMPP Standards Foundation or any
author of this Specification be liable for damages, including any
direct, indirect, special, incidental, or consequential damages of
any character arising out of the use or inability to use the
Specification (including but not limited to damages for loss of
goodwill, work stoppage, computer failure or malfunction, or any and
all other commercial damages or losses), even if the XMPP Standards
Foundation or such author has been advised of the possibility of
such damages.
</liability>
<conformance>
This XMPP Extension Protocol has been contributed in full
conformance with the XSF's Intellectual Property Rights Policy (a
copy of which may be found at &lt;
<link url="http://xmpp.org/extensions/ipr-policy.shtml">http://xmpp.org/extensions/ipr-policy.shtml</link>
&gt; or obtained by writing to XSF, P.O. Box 1641, Denver, CO 80201
USA).
</conformance>
</legal>
<dependencies>
<spec>XMPP Core</spec>
<spec>XEP-0059</spec>
@ -90,26 +27,35 @@
</dependencies>
<supersedes/>
<supersededby/>
<author xml:base="authors/simon-tennant.xml">
<shortname>NOT_YET_ASSIGNED</shortname>
<author>
<firstname>Simon</firstname>
<surname>Tennant</surname>
<email>simon@buddycloud.com</email>
<jid>simon@buddycloud.com</jid>
</author>
<author xml:base="authors/lloyd-watkin.xml">
<author>
<firstname>Lloyd</firstname>
<surname>Watkin</surname>
<email>lloyd@evilprofessor.co.uk</email>
<jid>lloyd@evilprofessor.co.uk</jid>
</author>
<author xml:base="authors/ashley-ward.xml">
<author>
<firstname>Ashley</firstname>
<surname>Ward</surname>
<email>ashley.ward@surevine.com</email>
<jid>ashley.ward@surevine.com</jid>
</author>
<revision>
<version>0.0.2</version>
<date>2014-04-29</date>
<initials>sdt</initials>
<remark>
<p>First draft.</p>
</remark>
</revision>
</header>
<section1 topic="Buddycloud Introduction" anchor="Buddycloud Introduction" xml:base="sections/10.intro.xml">
<section1 topic="Buddycloud Introduction" anchor="Buddycloud Introduction">
<section2 topic="About Buddycloud" anchor="about-buddycloud">
<p>The Buddycloud project is a set of independently deployable services, that
inter-operate to create a rich collaboration service.
@ -188,7 +134,7 @@
</dl>
</section2>
</section1>
<section1 topic="Service Discovery" anchor="Finding-the-right-Buddycloud-server" xml:base="sections/30.discovery.xml">
<section1 topic="Service Discovery" anchor="Finding-the-right-Buddycloud-server">
<p>Each XMPP domain can have one Buddycloud server that serves user's channels.
Buddycloud clients and servers need to be able to discover the authoratative
Buddycloud server. find the
@ -196,7 +142,7 @@
<section2 topic="Discovery order" anchor="DISCOthenDNS">
<p>
To find the correct remote Buddycloud service for a domain, the Buddycloud
server should:
server should:</p>
<ol>
<li>Use a disco#items query against the XMPP service for the remote
Buddycloud domain.
@ -206,7 +152,6 @@
discovery method.
</li>
</ol>
</p>
</section2>
<section2 topic="Discovery using Disco" anchor="disco-discovery">
<p>The Buddycloud service first sends an items discovery request to the domain
@ -274,12 +219,12 @@
<p>
This example delegates all the Buddycloud service to an XMPP component
running the Buddycloud named
<i>buddycloud-component.verona.lit</i>
<em>buddycloud-component.verona.lit</em>
.
</p>
</section2>
</section1>
<section1 topic="Register" anchor="register" xml:base="sections/40.register.xml">
<section1 topic="Register" anchor="register">
<p>Upon connection to the buddycloud server a user should send a register
stanza.</p>
@ -300,15 +245,16 @@
</p>
</section1>
<section1 topic="Channel and Node Configuration" anchor="channel-config" xml:base="sections/50.node-config.xml">
<section1 topic="Channel and Node Configuration" anchor="channel-config">
<p>Node metadata is used to describe the channel to users. All nodes in a
channel have the same metadata and permission.
</p>
<section2 topic="Get Node Configuration" anchor="get-node-config"> - using disco-info
with the node specified - using <cite>XEP-0060</cite> 5.4 Discover Node Metadata
<section2 topic="Get Node Configuration" anchor="get-node-config">
<p>- using disco-info
with the node specified - using &xep0060; 5.4 Discover Node Metadata</p>
</section2>
<section2 topic="Set Node Configuration" anchor="set-node-config"> set Not sure what
goes here?
<section2 topic="Set Node Configuration" anchor="set-node-config"><p> set Not sure what
goes here?</p>
</section2>
<section2 topic="Default roles" anchor="default-roles">
<p> minimum setting/optional recommended fallbacks
@ -401,7 +347,6 @@
<p>Channel owners and moderators can also set the default affiliation for the
channel
</p>
<p>
<table caption="Channel Types">
<tr>
<th>Channel Type</th>
@ -429,8 +374,6 @@
</td>
</tr>
</table>
</p>
<p>
<table caption="Channel Access Models">
<tr>
<th>Access Model</th>
@ -455,7 +398,6 @@
</td>
</tr>
</table>
</p>
</section2>
<section2 topic="Well known nodes" anchor="well-known-nodes">
<p>Buddycloud is designed to be extended with new node and content types. To
@ -523,16 +465,14 @@
</table>
</section2>
</section1>
<section1 topic="Business Logic" anchor="biz-logic" xml:base="sections/55.application-logic.xml">
<section1 topic="Business Logic" anchor="biz-logic">
<section2 topic="PubSub for Humans" anchor="PubSub-for-humans">
<p> Buddycloud adapts <cite>XEP-0060</cite>'s machine-to-machine design goals with logic
and presets that work better in a social person-to-person and person-to-group
environment. For example, to discourage "glorifying the wicked", the list of
banned users is only presented to the channel's moderators.
</p>
<p>
<table caption="channel read permissions">
<thead>
<tr>
<th>Property</th>
<th>Access model</th>
@ -544,8 +484,6 @@
<th>Anonymous (e.g. web)</th>
<th>Banned users</th>
</tr>
</thead>
<tbody>
<tr>
<td>channel name</td>
<td>all</td>
@ -665,12 +603,8 @@
<td>no</td>
<td>no</td>
</tr>
</tbody>
</table>
</p>
<p>
<table caption="channel write permissions">
<thead>
<tr>
<th>Property</th>
<th>Producer</th>
@ -680,8 +614,6 @@
<th>Anonymous (e.g. web)</th>
<th>Banned users</th>
</tr>
</thead>
<tbody>
<tr>
<td>change channel name</td>
<td>only at creation time</td>
@ -745,9 +677,7 @@
<td>no</td>
<td>no</td>
</tr>
</tbody>
</table>
</p>
</section2>
<section2 topic="Maintain Similar Affiliations across Channel Nodes" anchor="rules-nodeaffiliations">
<p>A Buddycloud server MUST maintain similar affiliations and permissions for a subscribed
@ -762,7 +692,7 @@
</p>
</section2>
</section1>
<section1 topic="Pubsub Items" anchor="items" xml:base="sections/60.items.xml">
<section1 topic="Pubsub Items" anchor="items">
<p>Many of the item use cases follow those from <cite>XEP-0060</cite>. This section notes
the departures from the parent XEP and specific requirements.
@ -864,8 +794,8 @@
<iq from="buddycloud.capulet.lit" to="juliet@capulet.lit/bc-app" type="result" id="retractitem:32"/>
]]>
</example>
A retraction message is sent to all online clients, with an Atom tombstone to
replace the deleted post
<p>A retraction message is sent to all online clients, with an Atom tombstone to
replace the deleted post</p>
<example caption="The Buddycloud server sends retractions out to online clients">
<![CDATA[
<message from="buddycloud.capulet.lit" id="bc:MGV3B" to="benvolio@montague.lit">
@ -900,7 +830,7 @@
<strong>review</strong>
; extensions.
</p>
<section3 topic="Publishing" anchor="item-publishing"/>
<section3 topic="Publishing" anchor="item-publishing">
<p>The minimal payload for a publish request must be formatted as follows:
</p>
<example caption="The Entity publishes to a node">
@ -962,11 +892,11 @@
</li>
</ul>
</section4>
<section3 topic="Threading" anchor="item-threading"/>
</section3>
<section3 topic="Threading" anchor="item-threading">
<p>
Posts in Buddycloud can be formed into threads consisting of a parent post
and comments to a maximum thread depth of 1. Posts follow the
<a href="http://tools.ietf.org/html/rfc4685">ATOM threading specification</a>
and comments to a maximum thread depth of 1. Posts follow the &rfc4685;
and utilise the &amp;
<strong>thread</strong>
; namespace with the 'ref' attribute referring to the full global ID of the
@ -992,7 +922,7 @@
</entry>
]]>
</example>
<section4 topic="Error Cases" anchor="item-threading-errorcases"/>
<section4 topic="Error Cases" anchor="item-threading-errorcases">
<ul>
<li>
<em>parent-item-not-found</em>
@ -1003,7 +933,9 @@
: An attempt to comment on a comment will result in this error response
</li>
</ul>
<section3 topic="Referencing" anchor="item-referencing"/>
</section4>
</section3>
<section3 topic="Referencing" anchor="item-referencing">
<p>Within a single thread comments can reference other comments or the parent
item. This is for the purpose of making a comment to a post further back in
the thread.
@ -1052,6 +984,7 @@
</li>
</ul>
</section4>
</section3>
<section3 topic="Rating" anchor="item-rating">
<p>By
making use of the &amp;
@ -1119,13 +1052,13 @@
</section3>
</section2>
</section1>
<section1 topic="Channel subscriptions" anchor="subscriptions" xml:base="sections/70.subscriptions.xml">
<section1 topic="Channel subscriptions" anchor="subscriptions">
<p>Buddycloud clients follow <cite>XEP-0060</cite> subscription mechanisms for following and unfollowing a channel.</p>
</section1>
<section1 topic="Channel affiliations" anchor="affiliations" xml:base="sections/80.affiliations.xml">
<section1 topic="Channel affiliations" anchor="affiliations">
<section2 topic="Buddycloud to XEP-0060 mappings" anchor="affiliation-to-xep-0060-mappings">
<p>
Buddycloud channels build on XEP-0060's node affiliations.
Buddycloud channels build on XEP-0060's node affiliations.</p>
<table caption="Channel Affiliations">
<tr>
<th>XEP-0060 Affiliation</th>
@ -1183,10 +1116,9 @@
<td>RECOMMENDED</td>
</tr>
</table>
</p>
</section2>
</section1>
<section1 topic="Federation" anchor="federation" xml:base="sections/90.federation.xml">
<section1 topic="Federation" anchor="federation">
<section2 topic="Inbox" anchor="inbox">
</section2>
<section2 topic="Interaction With Other Services" anchor="Interaction-With-Other-Services">
@ -1204,7 +1136,7 @@
</p>
</section2>
</section1>
<section1 topic="Security Considerations" anchor="security-considerations" xml:base="sections/95.security.xml">
<section1 topic="Security Considerations" anchor="security-considerations">
<section2 topic="Server Trust" anchor="server-trust">
<p>
The Buddycloud server should make sure that the remote server

View File

@ -1,6 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY rfc3921bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3921bis'>rfc3921bis</link></span> <note>RFC 3921: Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3921bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3921bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>

View File

@ -117,7 +117,7 @@ Examples for balancing algorithms include:
<section1 topic='Protocol' anchor='protocol'>
<section2 topic='Discovering Support'>
An entity advertises support for this protocol by including the 'urn:xmpp:cmr:0' feature in its service discovery information features as specified in Service Discovery (XEP-0030) or section 6.3 of Entity Capabilities (XEP-0015).
<p>An entity advertises support for this protocol by including the 'urn:xmpp:cmr:0' feature in its service discovery information features as specified in Service Discovery (XEP-0030) or section 6.3 of Entity Capabilities (XEP-0015).</p>
<example caption='Service discovery information request'><![CDATA[
<iq xmlns='jabber:client'
@ -217,7 +217,7 @@ If the server is unable to change the message routing algorithm, then an error &
<section2 topic='Message Routing Hints'>
If allowed and supported by the server, clients are able to annotate message stanza with a routing hint, that SHOULD affect the used message routing algorithm for the annotated stanza.
<p>If allowed and supported by the server, clients are able to annotate message stanza with a routing hint, that SHOULD affect the used message routing algorithm for the annotated stanza.</p>
<section3 topic='Determing support'>
@ -306,7 +306,7 @@ The CMR state, ie. the used routing algorithm, is identical for every session of
<p>
<strong>Algorithm Namespace:</strong> 'urn:xmpp:cmr:all'
</p>
Deliver to all non-negative resources with share the same maximum priority. And if message type is 'chat', only to those that have opted in to receive chat messages.
<p>Deliver to all non-negative resources with share the same maximum priority. And if message type is 'chat', only to those that have opted in to receive chat messages.</p>
</section3>
@ -314,7 +314,7 @@ Deliver to all non-negative resources with share the same maximum priority. And
<p>
<strong>Algorithm Namespace:</strong> 'urn:xmpp:cmr:mostactive'
</p>
Deliver the message to the "most available" resource or resources, depending on the server's implementation.
<p>Deliver the message to the "most available" resource or resources, depending on the server's implementation.</p>
</section3>
@ -322,7 +322,7 @@ Deliver the message to the "most available" resource or resources, depending on
<p>
<strong>Algorithm Namespace:</strong> 'urn:xmpp:cmr:roundrobin'
</p>
Deliver the message to the next resource selected by a round-robin algorithm.
<p>Deliver the message to the next resource selected by a round-robin algorithm.</p>
</section3>
@ -330,7 +330,7 @@ Deliver the message to the next resource selected by a round-robin algorithm.
<p>
<strong>Algorithm Namespace:</strong> 'urn:xmpp:cmr:weighted'
</p>
Deliver the message to a resource selected by a weighted round-robin algorithm. The weight of a resource is determined by its priority.
<p>Deliver the message to a resource selected by a weighted round-robin algorithm. The weight of a resource is determined by its priority.</p>
</section3>
</section2>

View File

@ -149,15 +149,20 @@
<p>To signal the type of communication that is desired, the entity that first decloaks MAY include a 'reason' attribute on the &lt;decloak/&gt; element. The following values for the 'reason' attribute are defined:</p>
<dl>
<di>
<dt>media</dt>
<dd>Presence is requested for a voice and/or video call, e.g. via &xep0167;.</dd>
</di>
<di>
<dt>text</dt>
<dd>Presence is requested for a plaintext or &xep0071; conversation, e.g. with end-to-end encryption (which requires capabilities to be disclosed).</dd>
</di>
<di>
<dt>file</dt>
<dd>Presence is requested for one or more file transfers, e.g. via &xep0234; or &xep0095;.</dd>
</di>
</dl>
<p>Inclusion of the 'reason' attribute can be interpreted by the receiving client as a signal that communication is about to start; for instance, a call accept/reject dialog could double as a UI for accepting or rejecting a decloaking request.</p>

View File

@ -357,7 +357,7 @@
</section1>
<section1 topic='Determining Support' anchor='support'>
<p>If a MUC service supports distributed rooms, it MUST return a feature of "urn:xmpp:dmuc:0" &NSVER; in response to &xep0030; information requests.</p>
<p>If a MUC service supports distributed rooms, it MUST return a feature of "urn:xmpp:dmuc:0" in response to &xep0030; information requests.</p>
</section1>
<section1 topic='Security Considerations' anchor='security'>

View File

@ -54,7 +54,7 @@
</p>
</section2>
<section2 topic='Requirements' anchor='reqs'>
<p>The following is a list of goals for the design of this extension:
<p>The following is a list of goals for the design of this extension:</p>
<ul>
<li>DMUC should be transparent to the end user</li>
<li>DMUC should be transparent to the client program</li>
@ -63,35 +63,33 @@
<li>Mirrors of the master room will not communicate directly with each other</li>
<li>If the S2S link is broken, it will appear to a user as if other users have left the room</li>
<li>Users in the same mirror can communicate with each other until the link is re-established with the master</li>
<li>DMUC will improve upon the &xep0033; concept</li> by eliminating the need for &lt;addresses/&gt;
<li>DMUC will improve upon the &xep0033; concept by eliminating the need for &lt;addresses/&gt;</li>
</ul>
</p>
</section2>
</section1>
<section1 topic='Terminology' anchor='terms'>
<section2 topic='General Terms' anchor='genterms'>
<dl>
<dt>master</dt>
<dd>The the actual MUC server</dd>
<dt>mirror</dt>
<dd>A mirror for a master MUC room on another machine</dd>
<di><dt>master</dt>
<dd>The the actual MUC server</dd></di>
<di><dt>mirror</dt>
<dd>A mirror for a master MUC room on another machine</dd></di>
</dl>
</section2>
<section2 topic='Actors' anchor='actors'>
<p>The following JIDs are used in this document.</p>
<dl>
<dt>fairfax.tridsys.com</dt><dd>XMPP server where the master MUC room is located</dd>
<dt>conference.fairfax.tridsys.com</dt><dd>MUC service on fairfax.tridsys.com.</dd>
<dt>chatroom@conference.fairfax.tridsys.com</dt><dd>MUC room.</dd>
<dt>kevin@fairfax.tridsys.com</dt><dd>User on fairfax.tridsys.com</dd>
<dt>scott@fairfax.tridsys.com</dt><dd>Another user on fairfax.tridsys.com</dd>
<br/>
<dt>raleigh.tridsys.com</dt><dd>A remote service, connected to fairfax.tridsys.com over constrained link</dd>
<dt>mirror.raleigh.tridsys.com</dt><dd>DMUC service on raleigh.tridsys.com</dd>
<dt>wayne@raleigh.tridsys.com</dt><dd>User on raleigh.tridsys.com</dd>
<dt>keith@raleigh.tridsys.com</dt><dd>Another user on raleigh.tridsys.com</dd>
<di><dt>fairfax.tridsys.com</dt><dd>XMPP server where the master MUC room is located</dd></di>
<di><dt>conference.fairfax.tridsys.com</dt><dd>MUC service on fairfax.tridsys.com.</dd></di>
<di><dt>chatroom@conference.fairfax.tridsys.com</dt><dd>MUC room.</dd></di>
<di><dt>kevin@fairfax.tridsys.com</dt><dd>User on fairfax.tridsys.com</dd></di>
<di><dt>scott@fairfax.tridsys.com</dt><dd>Another user on fairfax.tridsys.com</dd></di>
<di><dt>raleigh.tridsys.com</dt><dd>A remote service, connected to fairfax.tridsys.com over constrained link</dd></di>
<di><dt>mirror.raleigh.tridsys.com</dt><dd>DMUC service on raleigh.tridsys.com</dd></di>
<di><dt>wayne@raleigh.tridsys.com</dt><dd>User on raleigh.tridsys.com</dd></di>
<di><dt>keith@raleigh.tridsys.com</dt><dd>Another user on raleigh.tridsys.com</dd></di>
</dl>
<p></p>
</section2>
@ -105,7 +103,7 @@ Support for Distributed MUC in a given server instance SHOULD be determined usin
A conforming server MUST respond to disco#info requests.
</p>
<section3 topic='Disco to determine support' anchor='disco2'>
To determine if a server or service supports Distributed MUC, the requesting entity SHOULD send a disco#info request to it.
<p>To determine if a server or service supports Distributed MUC, the requesting entity SHOULD send a disco#info request to it.</p>
<example caption='Disco request for distributed MUC support'><![CDATA[
<iq type='get'
from='raleigh.tridsys.com'

View File

@ -2,6 +2,7 @@
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
%ents;
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<xep>

View File

@ -5,6 +5,7 @@
<!ENTITY DATETIME "<span class='ref'><link url='http://tools.ietf.org/html/rfc3339'>DATETIME</link></span> <note>RFC 3339: Date and Time on the Internet Timestamps &lt;<link url='http://tools.ietf.org/html/rfc3339'>http://tools.ietf.org/html/rfc3339</link>&gt;.</note>" >
<!ENTITY XMLDSIG "<span class='ref'><link url='http://www.w3.org/TR/xmldsig-core/'>XMLDSIG</link></span> <note>XML Signature Syntax and Processing, W3C Recommendation, 10 June 2008 &lt;<link url='http://www.w3.org/TR/xmldsig-core/'>http://www.w3.org/TR/xmldsig-core/</link>&gt;.</note>" >
<!ENTITY E2EEncrypt "<span class='ref'><link url='http://datatracker.ietf.org/doc/draft-miller-3923bis'>E2EEncrypt</link></span> <note>End-to-End Object Encryption for the Extensible Messaging and Presence Protocol (XMPP), Miller, M. and P. Saint-Andre, work in progress &lt;<link url='http://datatracker.ietf.org/doc/draft-miller-3923bis'>http://datatracker.ietf.org/doc/draft-miller-3923bis</link>&gt;.</note>" >
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='../xep.xsl'?>

View File

@ -13,8 +13,8 @@
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
<approver>Council</approver>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
<spec>XEP-0096</spec>

View File

@ -20,6 +20,7 @@
<header>
<title>Instant Gaming</title>
<abstract>This document defines an XMPP protocol extension for serverless instant gaming in a one-to-one context.</abstract>
&LEGALNOTICE;
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
@ -53,7 +54,6 @@
<initials>tg</initials>
<remark><p>First draft.</p></remark>
</revision>
&LEGALNOTICE;
</header>
<section1 topic='Introduction' anchor='intro'>
<p>

View File

@ -367,7 +367,7 @@
</tr>
</table>
</section2>
<section2 topic='Unsubscribing a subscription' anhor='unsubscribe'>
<section2 topic='Unsubscribing a subscription' anchor='unsubscribe'>
<p>
To unsubscribe a subscription, send the <strong>unsubscribe</strong> element in a request to the Thing with the <strong>seqnr</strong> sequence number corresponding to the
subscription. The Thing responds with an empty response to acknowledge the un-subscription, regardless if the subscription existed or not.

View File

@ -1,6 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
@ -35,7 +36,7 @@
</section1>
<section1 topic='Protocol'>
<para>The basic flow is as follows.</para>
<p>The basic flow is as follows.</p>
<code><![CDATA[
Initiator Responder
| |

View File

@ -31,7 +31,7 @@
</dependencies>
<supersedes/>
<supersededby/>
<shortname/>Jingle Nodes <author>
<shortname>Jingle Nodes</shortname> <author>
<firstname>Thiago</firstname>
<surname>Camargo</surname>
<email>thiago@xmppjingle.com</email>
@ -120,7 +120,7 @@ All signalling, request, response and publishing is done via XMPP, not requiring
<tracker policy='public' address='capulet.lit' protocol='udp'/>
</services>
</iq> ]]></example>
<em>In this example 'montague.lit' XMPP Domain a Relay Service and a Tracker Service. The Relay Service can be contacted in order to retrieve Relay Channels. The Tracker Service can be contacted in order to retrieve its known services.</em>
<p><em>In this example 'montague.lit' XMPP Domain a Relay Service and a Tracker Service. The Relay Service can be contacted in order to retrieve Relay Channels. The Tracker Service can be contacted in order to retrieve its known services.</em></p>
</section2>
<section2 topic="Jingle Client Searches for Services on a Retrieved Tracker Service" anchor="clientcheckownserver">
<p>A Jingle Client MAY NOT be satisfied with only one Relay Service entry found. So it keeps the search on the known Tracker Services.</p>
@ -139,7 +139,7 @@ All signalling, request, response and publishing is done via XMPP, not requiring
type='result'>
<services xmlns='http://jabber.org/protocol/jinglenodes'/>
</iq> ]]></example>
<em>In this example 'capulet.lit' returned an empty service list, meaning that it does NOT known ANY Relay or Tracker Services.</em>
<p><em>In this example 'capulet.lit' returned an empty service list, meaning that it does NOT known ANY Relay or Tracker Services.</em></p>
</section2>
<section2 topic="Jingle Client Searches for Services on online Roster Entries" anchor="clientcheckownserver">
<p>A Jingle Client MAY NOT be satisfied with only one Relay Service entry found. So it keeps the search on his Roster Items until find the desired amount of Relay Services, or while it does NOT exceed a search depth or ANY other Client implementation policy. The Client SHOULD keep a list of visited Tracker Services in order to avoid searching twice in same Service Entity.</p>
@ -161,7 +161,7 @@ All signalling, request, response and publishing is done via XMPP, not requiring
</services>
</iq> ]]></example>
<p>In this example 'juliet@capulet.lit/balcony' returned a Relay Service entry that is restricted to its roster. This Service is usable as the requester has 'juliet@capulet.lit/balcony' on its roster. Although, services with policy 'roster' MUST NOT be listed in Tracker Responses expects in Tracker Responses that comes from the Service Entity itself, in this case 'juliet@capulet.lit/balcony'.</p>
<em>In the presented example 'romeo@montague.lit/orchard' knows that 'juliet@capulet.lit/balcony' provides Relay Service, but if another entity requests 'romeo@montague.lit/orchard' its known services, it MUST NOT include 'juliet@capulet.lit/balcony' as it is a roster restricted entry.</em>
<p><em>In the presented example 'romeo@montague.lit/orchard' knows that 'juliet@capulet.lit/balcony' provides Relay Service, but if another entity requests 'romeo@montague.lit/orchard' its known services, it MUST NOT include 'juliet@capulet.lit/balcony' as it is a roster restricted entry.</em></p>
</section2>
<section2 topic="Jingle Client Consuming the Relay Service" anchor="clientconsumingrelay">
<p>A Jingle Client with direct access to a public IP can potentially provide the Relay Service becaming itself a Jingle Relay Node. The service can intend to provide a public service, or a restricted services based on user preferences, like buddylist, whitelist, blacklist, domain, etc...</p>
@ -372,15 +372,9 @@ All signalling, request, response and publishing is done via XMPP, not requiring
<p>Relay Channels auto expires MUST expire on traffic inactivity. The inactivity timeout recommended is 60 seconds.</p>
<p>It is heavily recommended that the Super Node implements throttle:</p>
<ul>
<p>
<li>Based on JID, allowing the control of how many concurrent channels an specific JID can have.</li>
</p>
<p>
<li>Based on JID, allowing the control of how many channel requests an specific JID can request in a time period.</li>
</p>
<p>
<li>Based on Bandwidth, allowing the control of how much bandwidth a channel can use. The maximum bandwidth SHOULD be included on the candidate element provided by a Super Node on the attribute maxkbps. If no attribute is present, it means that it has no bandwidth control.</li>
</p>
<li>Based on Bandwidth, allowing the control of how much bandwidth a channel can use. The maximum bandwidth SHOULD be included on the candidate element provided by a Super Node on the attribute maxkbps. If no attribute is present, it means that it has no bandwidth control.
<example caption="Channel Returned by a Node with bandwidth throttle (stub)"><![CDATA[
<channel component='1'
id='el0747fg11'
@ -389,7 +383,7 @@ All signalling, request, response and publishing is done via XMPP, not requiring
remoteport='35802'
protocol='udp'
maxkbps='120'/>
]]></example>
]]></example></li>
</ul>
</section1>
<section1 topic='XML Schema' anchor='schema'>

View File

@ -80,7 +80,7 @@
</tr>
<tr>
<td>Good quality; optimized for voice; can be used for wide-band audio.</td>
<td>See &rtpspeex;.</td>
<td>See &rfc5574;.</td>
<td>Freely downloadable under a revised BSD license at &lt;<link url='http://speex.org/'>http://speex.org/</link>&gt; and commonly deployed on Internet (VoIP) systems; not commonly deployed on non-Internet systems.</td>
<td>Designed to be patent-clear.</td>
</tr>

View File

@ -64,7 +64,7 @@
</tr>
<tr>
<td>Good quality; optimized for voice; can be used for wide-band audio.</td>
<td>See &rtpspeex;.</td>
<td>See &rfc5574;.</td>
<td>Widely available and freely downloadable under a revised BSD license at &lt;<link url='http://speex.org/'>http://speex.org/</link>&gt;.</td>
<td>Designed to be patent-free.</td>
</tr>

View File

@ -54,7 +54,7 @@
</section1>
<section1 topic='Protocol' anchor='protocol'>
<para>The basic flow is as follows.</para>
<p>The basic flow is as follows.</p>
<code><![CDATA[
Romeo Juliet
| |

View File

@ -1,6 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>

View File

@ -40,7 +40,7 @@
</header>
<section1 topic='Protocol' anchor='protocol'>
<p>&xep0167; recommends the use of the Secure Real-time Transport Protocol (SRTP) for end-to-end encryption of RTP sessions negotiated using &xep0166;. An alternative approach to end-to-end encryption of RTP traffic is provided by &zrtp;. Although negotiation of ZRTP mainly occurs in the media channel rather than the signalling channel, the ZRTP specification defines one SDP attribute called "zrtp-hash" (this communicates the ZRTP version supported as well as a hash of the Hello message).</p>
<p>&xep0167; recommends the use of the Secure Real-time Transport Protocol (SRTP) for end-to-end encryption of RTP sessions negotiated using &xep0166;. An alternative approach to end-to-end encryption of RTP traffic is provided by &rfc6189;. Although negotiation of ZRTP mainly occurs in the media channel rather than the signalling channel, the ZRTP specification defines one SDP attribute called "zrtp-hash" (this communicates the ZRTP version supported as well as a hash of the Hello message).</p>
<p>The SDP format is shown below.</p>
<code>
a=zrtp-hash:zrtp-version zrtp-hash-value

View File

@ -48,13 +48,11 @@
</section1>
<section1 topic='Requirements' anchor='reqs'>
<p>The following design requirements reflect the need to offer performance as close as possible to standard XMPP-based stanza handling.</p>
<p>
<ol>
<li>JSON default character set must be UTF-8</li>
<li>JSON stanza must contain (or retain) all XMPP stanza content and hierarchy</li>
<li>Server must support both XML and JSON content-types.</li>
</ol>
</p>
</section1>
<section1 topic='Use Cases' anchor='usecases'>
<p>Intent for following use-cases is to support JavaScript-based clients which typically start XMPP-session from HTTP-dialog, and then depending on network environment and run-time support end using BOSH or C2S through Web Sockets.</p>
@ -69,23 +67,23 @@
<section1 topic='Implementation Notes' anchor='impl'>
<p>Client (and server) implementation needs to take care of using such JSON object format which retains all structure of all XMPP XML stanzas.</p>
<section2 topic='HTTP Header' anchor='http-header'>
<p>Following http-header is used to communicate with server using JSON playload:
<section3 topic='Request' anchor='c-header'><pre>
<p>Following http-header is used to communicate with server using JSON playload:</p>
<section3 topic='Request' anchor='c-header'><code>
POST /http-bind HTTP/1.1
Host: httpcm.jabber.org
Accept-Encoding: gzip, deflate
Content-Type: application/jsonrequest
Content-Length: 230
</pre></section3>
<section3 topic='Response' anchor='s-header'><pre>
</code></section3>
<section3 topic='Response' anchor='s-header'><code>
HTTP/1.1 200 OK
Content-Type: application/jsonrequest
Content-Length: 513
</pre></section3></p>
</code></section3>
</section2>
<section2 topic='Initial BOSH request/response in JSON' anchor='init-payload'>
<p>In following example server name is modified so content length is not accurate. Also JSON payload is modified for better clarity of its structure.
<section3 topic='Client request' anchor='c-req'><pre>
<p>In following example server name is modified so content length is not accurate. Also JSON payload is modified for better clarity of its structure.</p>
<section3 topic='Client request' anchor='c-req'><code>
POST /http-bind HTTP/1.1
Host: httpcm.jabber.org
Accept-Encoding: gzip, deflate
@ -106,8 +104,8 @@ Content-Length: 230
"@xmpp" : "urn:xmpp:xbosh" }
}
}
</pre></section3>
<section3 topic='Server response' anchor='s-resp'><pre>
</code></section3>
<section3 topic='Server response' anchor='s-resp'><code>
HTTP/1.1 200 OK
Content-Type: application/jsonrequest
Content-Length: 513
@ -141,140 +139,139 @@ Content-Length: 513
}
}
}
</pre></section3>
</code></section3>
<section3 topic='JSON syntax explained' anchor='json-syntax'>
<ul>
<li>Tag with text value</li>
<em>XMPP-XML:</em><pre>
<li>Tag with text value
<em>XMPP-XML:</em><code>
&lt;tag&gt;txt-value&lt;/tag&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : "txt-value" }
</pre>
<li>Tag with another tag</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tag with another tag
<em>XMPP-XML:</em><code>
&lt;tag&gt;
&lt;tag2&gt;txt-value&lt;/tag2&gt;
&lt;/tag&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"$" : {
"tag2" : "txt-value" }
}
}
</pre>
<li>Multiple text value tags as array</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Multiple text value tags as array
<em>XMPP-XML:</em><code>
&lt;tag&gt;
&lt;tag2&gt;txt-value1&lt;/tag2&gt;
&lt;tag2&gt;txt-value2&lt;/tag2&gt;
&lt;/tag&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"$" : {
"tag2" : [ "txt-value1", "txt-value2" ] }
}
}
</pre>
<li>Tag with attribute, no value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tag with attribute, no value
<em>XMPP-XML:</em><code>
&lt;tag attr="attr-value" /&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : { "attr" : "attr-value" } }
</pre>
<li>Tag with multiple attributes as array, no value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tag with multiple attributes as array, no value
<em>XMPP-XML:</em><code>
&lt;tag attr="attr-value1" attr="attr-value2" /&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"attr" : [ "attr-value1", "attr-value2" ] }
}
</pre>
<li>Tags as array with unique attributes, no value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tags as array with unique attributes, no value
<em>XMPP-XML:</em><code>
&lt;tag&gt;
&lt;tag2 attr="attr-value1" /&gt;
&lt;tag2 attr="attr-value2" /&gt;
&lt;/tag&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"tag2" : [
{ "attr" : "attr-value1" },
{ "attr" : "attr-value2" } ]
}
}
</pre>
<li>Tag with namespace attribute, no value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tag with namespace attribute, no value
<em>XMPP-XML:</em><code>
&lt;tag xmlns:ns="ns-value" /&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"xmlns" : {
"@ns" : "attr-value" }
}
}
</pre>
<li>Tag with many attributes to namespace, no value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tag with many attributes to namespace, no value
<em>XMPP-XML:</em><code>
&lt;tag xmlns="root-value" xmlns:ns="ns-value" /&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"xmlns" : {
"$" : "root-value",
"@ns" : "attr-value" }
}
}
</pre>
<li>Tag with namespace attribute, no value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tag with namespace attribute, no value
<em>XMPP-XML:</em><code>
&lt;ns:tag attr="attr-value" /&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"$$" : "ns",
"attr" : "attr-value" }
}
</pre>
<li>Tag with attribute and text value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Tag with attribute and text value
<em>XMPP-XML:</em><code>
&lt;tag attr="attr-value"&gt;txt-value&lt;/tag&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"attr" : "attr-value",
"$" : "txt-value" }
}
</pre>
<li>Namespace tag with attribute and text value</li>
<em>XMPP-XML:</em><pre>
</code></li>
<li>Namespace tag with attribute and text value
<em>XMPP-XML:</em><code>
&lt;ns:tag attr="attr-value"&gt;txt-value&lt;/tag&gt;
</pre>
<em>JSON:</em><pre>
</code>
<em>JSON:</em><code>
{ "tag" : {
"$$" : "ns",
"attr" : "attr-value",
"$" : "txt-value" }
}
</pre>
</code></li>
<li>Complex combination</li>
<li>Tag name conversions</li>
<p>JSON data is typically converted to JS-object in browser client. Practically this means that <em>tag string name</em> / <em>value string</em> pairs are converted to <em>tag name</em> / <em>value string</em> pairs. Example:<pre>
<li>Tag name conversions
<p>JSON data is typically converted to JS-object in browser client. Practically this means that <em>tag string name</em> / <em>value string</em> pairs are converted to <em>tag name</em> / <em>value string</em> pairs. Example:</p><code>
var s = '{ "key" : "value" }';
var sObj = JSON.parse(s); // sObj = { key : "value" };
var sStr = JSON.stringify(sObj); // sStr = '{"key":"value"}';
</pre></p>
</code>
<p>Javascript variable naming doesn't support full colon characters '<em>:</em>'. Intented conversion between JSON and JS-objects is based on native JavaScript class <em>JSON</em>, more spesifically methods <em>JSON.stringify()</em> for converting object to JSON, and <em>JSON.parse()</em> from JSON to object.<br/>
Because of this namespace definitions are constructed hiearchically and their scope is within tag it is defined. Currently only reserved namespace name is '<em>xml</em>'.</p>
Because of this namespace definitions are constructed hiearchically and their scope is within tag it is defined. Currently only reserved namespace name is '<em>xml</em>'.</p></li>
</ul>
</section3>
</p>
</section2>
</section1>
<section1 topic='Security Considerations' anchor='security'>

View File

@ -66,12 +66,12 @@
<section1 topic='Introduction' anchor='intro'>
<p>
Linked Process is a protocol for Internet-scale, general-purpose distributed computing. With an implementation of this protocol, any computing device with an Internet connection can contribute computing resources to a user-generated compute cloud.
</p>
<ul>
<li>The term <strong>computing device</strong> is broad and spans particulars such as cell phones, laptops, desktops, servers, supercomputers, etc. In Linked Process, a computing device is anything that maintains a central processing unit (CPU) that can be programmed to execute any desired computation.</li>
<li>The term <strong>computing resources</strong> is broad and spans particulars such as clock cycles, data sets, software application programming interfaces (APIs), or specialized hardware componets such as cell phone cameras, field-programmable gate array (FPGA) circuits, etc.</li>
<li>The term <strong>compute cloud</strong> is the collection of all Linked Process enabled devices, their resources, and the Linked Process specific software components defined later in this specification.</li>
</ul>
</p>
<p>
Within the category of computing devices, Linked Process makes a distinction between resource consumers (devices making use of non-local computing resources) and a resource providers (devices offering computing resources)<note>Nothing prevents the same device from being a resource consumer in one context and being a resource provider in another.</note>. Linked Process allows a resource consumer to leverage the computing resources offered by a resource provider in anyway deemed appropriate by the resource consumer. This is accomplished by the resource consumer providing/migrating/sending code (i.e. software instructions) to a computer language interpreter maintained by the resource provider. As such, it is up to the resource consumer to define the instructions to be executed by the provider. Given this architecture, resource providing devices in a Linked Process cloud are general-purpose computing sandboxes (i.e. they can be leveraged for computational ends that are defined by a resource consumer).
</p>
@ -84,18 +84,18 @@
Linked Process was developed to address the following two distributed computing requirements: <em>Internet-scale</em> and <em>general-purpose</em>. These requirements imply yet more requirements which accompany their description below.
</p>
<ul>
<li><strong>Internet-scale</strong>: it is required that any device with an Internet connection (from a cell phone to a supercomputer) be able provide/contribute and consume/leverage computing resources in a Linked Process cloud.</li>
<li><strong>Internet-scale</strong>: it is required that any device with an Internet connection (from a cell phone to a supercomputer) be able provide/contribute and consume/leverage computing resources in a Linked Process cloud.
<ul>
<li><strong>Decentralized</strong>: it is required that the computing resources are not necessarily centralized or controlled by any one party.</li>
<li><strong>Discoverable</strong>: it is required that resource providers be discoverable by resources consumers.</li>
<li><strong>Transient</strong>: it is required that devices coming online and offline are gracefully incoporated and removed from the cloud.</li>
</ul>
<li><strong>General-purpose</strong>: It is required that consumers be able to utilize provided resources for any desired purpose.</li>
</ul></li>
<li><strong>General-purpose</strong>: It is required that consumers be able to utilize provided resources for any desired purpose.
<ul>
<li><strong>Language-agnostic</strong>: it is required that the protocol support the migration of code written in any computer language.</li>
<li><strong>Safe</strong>: it is required that the execution of consumer code be confined by permissions clearly specified by the resource provider<note>There is a tradeoff between "general-purpose" and "safety." It is important to ensure that the integrity of resource providers are not compomised due to malicious or poorly written code.</note>.</li>
<li><strong>Accessible</strong>: it is required that computing resources be accessible when permissions allow by ensuring the supported language interpreters provide necessary "low-level" manipulations of such resources.</li>
</ul>
</ul></li>
</ul>
</section1>
<section1 topic='Glossary' anchor='glossary'>
@ -161,18 +161,18 @@
A <tt>&lt;spawn_vm/&gt;</tt> element is wrapped by an <tt>&lt;iq/&gt;</tt> element. The purpose of <tt>&lt;spawn_vm/&gt;</tt> is to have a farm create a new virtual machine. It is through a virtual machine that a villein is able to access the computing resources of the physical device that hosts the farm (i.e. the resource provider). A virtual machine will maintain a state throughout a villein "session" with that virtual machine. The only way to alter the state of a virtual machine is through submitting jobs and updating its variable bindings<note>This is an important concept to understand. During the life of a virtual machine, the virtual machine has a state that changes as jobs are submitted and bindings are managed. In other words, a virtual machine is not a "one-job" machine.</note>.
</p>
<ul>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;spawn_vm/&gt;</tt>:</li>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;spawn_vm/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_species</tt> attribute: the language of the virtual machine to be spawned (values are implementation dependent).</li>
<li><tt>farm_password</tt> attribute: the password of the farm<note>This is an OPTIONAL attribute. Farm passwords are useful for creating private farms in order, for example, to allow "looser" permissions with known villeins. If no password is required (e.g. a public farm), then no <tt>farm_password</tt> attribute SHOULD be provided.</note>.</li>
</ul>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;spawn_vm/&gt;</tt>:</li>
</ul></li>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;spawn_vm/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: a farm-internal unique identifier for the newly created virtual machine. This MUST be provided if <tt>&lt;iq type="result"/&gt;</tt>.</li>
<li><tt>vm_species</tt> attribute: the species of the newly created virtual machine. This MUST be provided if <tt>&lt;iq type="result"/&gt;</tt>.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.
<ul>
<li><tt>&lt;species_not_supported/&gt;</tt></li>
<li><tt>&lt;farm_is_busy/&gt;</tt></li>
@ -180,8 +180,8 @@
<li><tt>&lt;internal_error/&gt;</tt></li>
<li><tt>&lt;wrong_farm_password/&gt;</tt></li>
<li>if an error occurred, the farm SHOULD provide some implementation specific human-readable information detailing the error in <tt>&lt;text/&gt;</tt>. Error responses extend the requirements set forth by the <link url="http://xmpp.org/rfcs/rfc3920.html">Core</link> XMPP specification.</li>
</ul>
</ul>
</ul></li>
</ul></li>
</ul>
<example caption="A successful &lt;spawn_vm/&gt; request."><![CDATA[<iq from="lp1@linkedprocess.org/villein"
@ -218,18 +218,18 @@
A <tt>&lt;submit_job/&gt;</tt> element is wrapped by an <tt>&lt;iq/&gt;</tt> element. The purpose of <tt>&lt;submit_job/&gt;</tt> is to send code (i.e. expressions, statements, instructions) to a virtual machine for execution (i.e. evaluation, interpretation). The expression SHOULD be respective of the virtual machine's language (i.e. the virtual machine's species). If they are not, then evaluation errors SHOULD occur. The expression submitted through a <tt>&lt;submit_job/&gt;</tt> stanza can be short (e.g. set a variable value, get a variable value) or long (e.g. define a class/method, execute a long running body of statements). The submitted expression is called a <strong>job</strong> in Linked Process and is assigned a <tt>job_id</tt> as specified by the <tt>&lt;iq/&gt;</tt> <tt>id</tt> attribute value. That is, the staza id of the <tt>&lt;submit_job/&gt;</tt> is the job's id.
</p>
<ul>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;submit_job/&gt;</tt>:</li>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;submit_job/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li><tt>&lt;submit_job/&gt;</tt> text body: the expression for the virtual machine to evaluate. If no text body is provided, the expression to be evaluated can be interpreted as a blank string or a null expression. The behavior of such an evaluation is up to the virtual machine implementation.</li>
</ul>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;submit_job/&gt;</tt>:</li>
</ul></li>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;submit_job/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li><tt>&lt;submit_job/&gt;</tt> text body: the result of the expression evaluated.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt><note>Note that, according to XMPP Core, it is RECOMMENDED that an <tt>&lt;iq type="error"/&gt;</tt> return the the query provided by the villein. In the example above, only the tag name is provided without the full body. The reason for this is that for <tt>&lt;submit_job/&gt;</tt>, the length of the text body of the tag is unrestricted and thus could be a very large piece of code. Thus, returning the original <tt>&lt;submit_job/&gt;</tt> stanza in the error response could lead to excessive communication overhead.</note>.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt><note>Note that, according to XMPP Core, it is RECOMMENDED that an <tt>&lt;iq type="error"/&gt;</tt> return the the query provided by the villein. In the example above, only the tag name is provided without the full body. The reason for this is that for <tt>&lt;submit_job/&gt;</tt>, the length of the text body of the tag is unrestricted and thus could be a very large piece of code. Thus, returning the original <tt>&lt;submit_job/&gt;</tt> stanza in the error response could lead to excessive communication overhead.</note>.
<ul>
<li><tt>&lt;malformed_packet/&gt;</tt></li>
<li><tt>&lt;internal_error/&gt;</tt></li>
@ -240,8 +240,8 @@
<li><tt>&lt;vm_not_found/&gt;</tt></li>
<li><tt>&lt;job_timed_out/&gt;</tt></li>
<li>if an error occurred, the farm SHOULD provide some implementation specific human-readable information detailing the error in <tt>&lt;text/&gt;</tt>. Error responses extend the requirements set forth by the <link url="http://xmpp.org/rfcs/rfc3920.html">Core</link> XMPP specification.</li>
</ul>
</ul>
</ul></li>
</ul></li>
</ul>
<example caption="A successful &lt;submit_job/&gt; request."><![CDATA[<iq from="lp1@linkedprocess.org/villein"
@ -306,30 +306,30 @@
A <tt>&lt;ping_job/&gt;</tt> element is wrapped by an <tt>&lt;iq/&gt;</tt> element. The purpose of <tt>&lt;ping_job/&gt;</tt> is to determine the status (i.e. progress, state) of a previously submitted <tt>&lt;submit_job/&gt;</tt> stanza (i.e. job) that has yet to complete.
</p>
<ul>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;ping_job/&gt;</tt>:</li>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;ping_job/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li><tt>job_id</tt> attribute: the job identifier (the job identifier is the stanza identifier of the respective <tt>&lt;submit_job/&gt;</tt>).</li>
</ul>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;ping_job/&gt;</tt>:</li>
</ul></li>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;ping_job/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li><tt>status</tt> attribute: the job's status. This MUST be provided if <tt>&lt;iq type="result"/&gt;</tt>.</li>
<li><tt>status</tt> attribute: the job's status. This MUST be provided if <tt>&lt;iq type="result"/&gt;</tt>.
<ul>
<li><tt>in_progress</tt>: the job is in progress.</li>
</ul>
</ul></li>
<li><tt>job_id</tt> attribute: the job identifier for the status being reported.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.
<ul>
<li><tt>&lt;malformed_packet/&gt;</tt></li>
<li><tt>&lt;vm_not_found/&gt;</tt></li>
<li><tt>&lt;internal_error/&gt;</tt></li>
<li><tt>&lt;job_not_found/&gt;</tt></li>
<li>if an error occurred, the farm SHOULD provide some implementation specific human-readable information detailing the error in <tt>&lt;text/&gt;</tt>. Error responses extend the requirements set forth by the <link url="http://xmpp.org/rfcs/rfc3920.html">Core</link> XMPP specification.</li>
</ul>
</ul>
</ul></li>
</ul></li>
</ul>
<example caption="A successful &lt;ping_job/&gt; request."><![CDATA[<iq from="lp1@linkedprocess.org/villein"
to="lp2@linkedprocess.org/farm" type="get" id="xxxx">
@ -348,26 +348,26 @@
An <tt>&lt;abort_job/&gt;</tt> element is wrapped by an <tt>&lt;iq/&gt;</tt> element. The purpose of <tt>&lt;abort_job/&gt;</tt> is to cancel (i.e. quit, stop, halt) a previously submitted, yet not completed <tt>&lt;submit_job/&gt;</tt> stanza (i.e. job).
</p>
<ul>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;abort_job/&gt;</tt>:</li>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;abort_job/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li><tt>job_id</tt> attribute: the job identifier (the job identifier is the stanza identifier of the respective <tt>&lt;submit_job/&gt;</tt>).</li>
</ul>
</ul></li>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;abort_job/&gt;</tt>:</li>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;abort_job/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.
<ul>
<li><tt>&lt;malformed_packet/&gt;</tt></li>
<li><tt>&lt;vm_not_found/&gt;</tt></li>
<li><tt>&lt;internal_error/&gt;</tt></li>
<li><tt>&lt;job_not_found/&gt;</tt></li>
<li>if an error occurred, the farm SHOULD provide some implementation specific human-readable information detailing the error in <tt>&lt;text/&gt;</tt>. Error responses extend the requirements set forth by the <link url="http://xmpp.org/rfcs/rfc3920.html">Core</link> XMPP specification.</li>
</ul>
</ul>
</ul></li>
</ul></li>
</ul>
<example caption="A successful &lt;abort_job/&gt; request."><![CDATA[<iq from="lp1@linkedprocess.org/villein"
@ -403,31 +403,31 @@
A <tt>&lt;manage_bindings/&gt;</tt> element is wrapped by an <tt>&lt;iq/&gt;</tt> element. The purpose of <tt>&lt;manage_bindings/&gt;</tt> is to allow a villein to get and set variables in the variable space of a virtual machine. The definition of the "variable space" is up to the implementation of the virtual machine. In general, this is the set of all global variables for the virtual machine.
</p>
<ul>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> or <tt>&lt;iq type="set"&gt;</tt> <tt>&lt;manage_bindings/&gt;</tt>:</li>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> or <tt>&lt;iq type="set"&gt;</tt> <tt>&lt;manage_bindings/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt></li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li><tt>&lt;binding/&gt;</tt> child tag of <tt>&lt;manage_bindings/&gt;</tt> for <tt>&lt;iq type="get"/&gt;</tt></li>
<li><tt>&lt;binding/&gt;</tt> child tag of <tt>&lt;manage_bindings/&gt;</tt> for <tt>&lt;iq type="get"/&gt;</tt>
<ul>
<li><tt>name</tt> attribute: the name of the variable.</li>
</ul>
<li><tt>&lt;binding/&gt;</tt> child tag of <tt>&lt;manage_bindings/&gt;</tt> for <tt>&lt;iq type="set"/&gt;</tt></li>
</ul></li>
<li><tt>&lt;binding/&gt;</tt> child tag of <tt>&lt;manage_bindings/&gt;</tt> for <tt>&lt;iq type="set"/&gt;</tt>
<ul>
<li><tt>name</tt> attribute: the name of the variable.</li>
<li><tt>value</tt> attribute: the value of the variable.</li>
<li><tt>datatype</tt> attribute: the datatype of the variable (specified using <link url="http://www.w3.org/TR/xmlschema-2/">XML schema for datatypes</link>).</li>
</ul>
</ul>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;manage_bindings/&gt;</tt>:</li>
</ul></li>
</ul></li>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;manage_bindings/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li><tt>&lt;binding/&gt;</tt> child tag of <tt>&lt;manage_bindings/&gt;</tt> for <tt>&lt;iq type="get"/&gt;</tt></li>
<li><tt>&lt;binding/&gt;</tt> child tag of <tt>&lt;manage_bindings/&gt;</tt> for <tt>&lt;iq type="get"/&gt;</tt>
<ul>
<li><tt>name</tt> attribute: the name of the variable.</li>
<li><tt>value</tt> attribute: the value of the variable.</li>
</ul>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.</li>
</ul></li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.
<ul>
<li><tt>&lt;malformed_packet/&gt;</tt></li>
<li><tt>&lt;vm_not_found/&gt;</tt></li>
@ -435,8 +435,8 @@
<li><tt>&lt;unknown_datatype/&gt;</tt></li>
<li><tt>&lt;invalid_value/&gt;</tt></li>
<li>if an error occurred, the farm SHOULD provide some implementation specific human-readable information detailing the error in <tt>&lt;text/&gt;</tt>. Error responses extend the requirements set forth by the <link url="http://xmpp.org/rfcs/rfc3920.html">Core</link> XMPP specification.</li>
</ul>
</ul>
</ul></li>
</ul></li>
</ul>
<example caption="A successful &lt;manage_bindings/&gt; set request."><![CDATA[<iq from="lp1@linkedprocess.org/villein"
to="lp2@linkedprocess.org/farm" type="set" id="xxxx">
@ -468,11 +468,11 @@
</iq>
]]></example>
<p>
After the previous <tt>&lt;manage_bindings/&gt;</tt> stanza has been processed by the virtual machine, it is possible to use the bindings in a statement. For example, in JavaScript
After the previous <tt>&lt;manage_bindings/&gt;</tt> stanza has been processed by the virtual machine, it is possible to use the bindings in a statement. For example, in JavaScript</p>
<code>var fact = name + " knows josh and peter";</code>
will set <tt>fact</tt> to the value "marko knows josh and peter" as well as make it an accessible binding.
<p>will set <tt>fact</tt> to the value "marko knows josh and peter" as well as make it an accessible binding.
</p>
<example caption="A successful &lt;manage_bindings/&gt; get request."><![CDATA[<iq from="lp1@linkedprocess.org/villein"
to="lp2@linkedprocess.org/farm" type="get" id="zzzz">
@ -490,11 +490,11 @@
</iq>
]]></example>
<p>
A useful aspect of <tt>&lt;manage_bindings/&gt;</tt> is that it can be used to track the state of a variable during the execution of a job. For example, suppose the following job is submitted to a JavaScript virtual machine.<code>var x = 1.0;
A useful aspect of <tt>&lt;manage_bindings/&gt;</tt> is that it can be used to track the state of a variable during the execution of a job. For example, suppose the following job is submitted to a JavaScript virtual machine.</p><code>var x = 1.0;
while(true) {
x = x + 0.0001;
}</code>
This job will continue indefinitely (or until it is timed out by the virtual machine). However, during its execution, it is possible to determine the current state of <tt>x</tt> using <tt>&lt;manage_bindings/&gt;</tt>. Each get-based <tt>&lt;manage_bindings/&gt;</tt> call should return a larger <tt>x</tt> value.
<p>This job will continue indefinitely (or until it is timed out by the virtual machine). However, during its execution, it is possible to determine the current state of <tt>x</tt> using <tt>&lt;manage_bindings/&gt;</tt>. Each get-based <tt>&lt;manage_bindings/&gt;</tt> call should return a larger <tt>x</tt> value.
</p>
</section3>
<section3 topic="Terminating a Virtual Machine">
@ -502,23 +502,23 @@ while(true) {
A <tt>&lt;terminate_vm/&gt;</tt> element is wrapped by an <tt>&lt;iq/&gt;</tt> element. The purpose of a <tt>&lt;terminate_vm/&gt;</tt> is to shutdown (i.e. quit, exit, halt) the virtual machine. Upon termination, the virtual machine will lose its state and will no longer be able to be communicated with.
</p>
<ul>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;terminate_vm/&gt;</tt>:</li>
<li>Villein generated <tt>&lt;iq type="get"&gt;</tt> <tt>&lt;terminate_vm/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
</ul>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;terminate_vm/&gt;</tt>:</li>
</ul></li>
<li>Farm generated <tt>&lt;iq type="result"&gt;</tt> or <tt>&lt;iq type="error"&gt;</tt> <tt>&lt;terminate_vm/&gt;</tt>:
<ul>
<li><tt>xmlns</tt> attribute: <tt>http://linkedprocess.org/2009/06/Farm#</tt>.</li>
<li><tt>vm_id</tt> attribute: the farm-internal unique identifier of the virtual machine.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.</li>
<li>One of these error conditions MUST be provided if <tt>&lt;iq type="error"/&gt;</tt>.
<ul>
<li><tt>&lt;malformed_packet/&gt;</tt></li>
<li><tt>&lt;vm_not_found/&gt;</tt></li>
<li><tt>&lt;internal_error/&gt;</tt></li>
<li>if an error occurred, the farm SHOULD provide some implementation specific human-readable information detailing the error in <tt>&lt;text/&gt;</tt>. Error responses extend the requirements set forth by the <link url="http://xmpp.org/rfcs/rfc3920.html">Core</link> XMPP specification.</li>
</ul>
</ul>
</ul></li>
</ul></li>
</ul>
<example caption="A successful &lt;terminate_vm/&gt; request."><![CDATA[<iq from="lp1@linkedprocess.org/LoPVillein/EFGH"
to="lp2@linkedprocess.org/farm" type="get" id="xxxx">
@ -928,7 +928,7 @@ while(true) {
</p>
</section1>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
The following namespaces are defined by Linked Process:
<p>The following namespaces are defined by Linked Process:</p>
<ul>
<li><tt>http://linkedprocess.org/2006/06/Farm#</tt></li>
<li><tt>http://linkedprocess.org/2006/06/Registry#</tt></li>

View File

@ -1,6 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
@ -107,27 +108,27 @@
<section1 topic='Conclusions'>
<p>As with anything, there are no hard and fast rules. If there were, they might look like these. First, for devices:</p>
<dl>
<dt>Transmit no data.</dt>
<dd>Transmitting costs significant power, and moreover raises the radio state. Not transmitting will allow it to maximize the time spent in the low-cost Idle state.</dd>
<dt>If you must transmit, then transmit only a small volume.</dt>
<dd>If there is only a small amount of data transmitted - less than 128 octets typically - the radio will only raise to FACH, which is significantly cheaper than DCH.</dd>
<dt>If you must transmit, then compress as hard as possible.</dt>
<dd>Since individual octets have an associate power - and often financial - cost, it's worth maximizing the compression algorithm, even if the volume of traffic will raise to DCH.</dd>
<dt>If you have transmit a lot, then do a lot</dt>
<dd>If the radio is raised to DCH anyway, then you may as well go fetch that avatar you were missing, since you're chewing through power anyway.</dd>
<dt>If you receive, then transmit</dt>
<dd>If your peer raises the radio state, you may as well use it.</dd>
<di><dt>Transmit no data.</dt>
<dd>Transmitting costs significant power, and moreover raises the radio state. Not transmitting will allow it to maximize the time spent in the low-cost Idle state.</dd></di>
<di><dt>If you must transmit, then transmit only a small volume.</dt>
<dd>If there is only a small amount of data transmitted - less than 128 octets typically - the radio will only raise to FACH, which is significantly cheaper than DCH.</dd></di>
<di><dt>If you must transmit, then compress as hard as possible.</dt>
<dd>Since individual octets have an associate power - and often financial - cost, it's worth maximizing the compression algorithm, even if the volume of traffic will raise to DCH.</dd></di>
<di><dt>If you have transmit a lot, then do a lot</dt>
<dd>If the radio is raised to DCH anyway, then you may as well go fetch that avatar you were missing, since you're chewing through power anyway.</dd></di>
<di><dt>If you receive, then transmit</dt>
<dd>If your peer raises the radio state, you may as well use it.</dd></di>
</dl>
<p>And for servers, similar rules apply:</p>
<dl>
<dt>Send no data.</dt>
<dd>Sending data will cause the handset to be raised out of Idle. This immediately costs massively higher power.</dd>
<dt>If you must send, send tiny bits.</dt>
<dd>Sending small enough data maximizes the likelyhood that the devices radio will only be raised to FACH levels.</dd>
<dt>If you receive, then send anything you have.</dt>
<dd>Receiving data indicates that the radio is active - it'll stay active for some time, so sending data doesn't incur the overhead of raising the radio state, and won't increase power drain on the handset.</dd>
<dt>If you must send when not receiving, send plenty.</dt>
<dd>Sending data will raise the radio's state - unless you can tell this will only raise it to FACH, it's worth sending as much as possible.</dd>
<di><dt>Send no data.</dt>
<dd>Sending data will cause the handset to be raised out of Idle. This immediately costs massively higher power.</dd></di>
<di><dt>If you must send, send tiny bits.</dt>
<dd>Sending small enough data maximizes the likelyhood that the devices radio will only be raised to FACH levels.</dd></di>
<di><dt>If you receive, then send anything you have.</dt>
<dd>Receiving data indicates that the radio is active - it'll stay active for some time, so sending data doesn't incur the overhead of raising the radio state, and won't increase power drain on the handset.</dd></di>
<di><dt>If you must send when not receiving, send plenty.</dt>
<dd>Sending data will raise the radio's state - unless you can tell this will only raise it to FACH, it's worth sending as much as possible.</dd></di>
</dl>
<p>Finally, protocol designers should aim to minimize any responses required from the handset, and ensure keepalive traffic, if any, fits inside FACH wherever possible.</p>
</section1>

View File

@ -2,6 +2,7 @@
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY MOVED "&lt;moved/&gt;">
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
@ -111,10 +112,10 @@
user@example.com.</p>
<dl>
<dt><strong>original JID</strong></dt>
<dd>user@example.com</dd>
<dt><strong>new JID</strong></dt>
<dd>user2@example2.com</dd>
<di><dt>original JID</dt>
<dd>user@example.com</dd></di>
<di><dt>new JID</dt>
<dd>user2@example2.com</dd></di>
</dl>
<section2 topic='Unsubscribing the original JID from outbound subscriptions'
@ -285,7 +286,7 @@
the user to subscribe to the new JID listed in the &MOVED; element.</p>
<p>Because of the ability to spoof the &MOVED; element, the client SHOULD
NOT automatically subscribe to the &MOVED; element target</p>.
NOT automatically subscribe to the &MOVED; element target.</p>
</section3>
<section3 topic='Roster state and action table' anchor='actions'>

View File

@ -531,13 +531,12 @@
<p>The client MAY include initial configuration and occupant list (the list MUST NOT include the creator). The server MAY allow sending incomplete configuration form. In such case the server MUST use default values for missing fields. The server MAY enforce a minimal occupant list length.</p>
<p>The service MAY either give the creator the 'owner' or 'member' status. In the latter case all users are equal.</p>
<p>Upon room creation success, the service MUST reply with an empty IQ result.</p>
<p>The following rules (similar to the ones relevant to the affiliation change request) apply to the occupant list:
<p>The following rules (similar to the ones relevant to the affiliation change request) apply to the occupant list:</p>
<ul>
<li>'none' affiliation cannot be used.</li>
<li>All user bare JIDs must be unique</li>
<li>At most one owner can be chosen. In such case the room creator will become "just" a 'member'.</li>
</ul>
</p>
<p>After the room is created (but before receiving IQ result), new occupants (including creator) receive &MESSAGE; from the room with their affiliations (stanza MUST include only recipient's affiliation) and initial room version. &lt;prev-version /&gt; element MUST NOT be included.</p>
<example caption='Client requests room creation'><![CDATA[
<iq from='crone1@shakespeare.lit/desktop'
@ -770,7 +769,7 @@
<li>All changes must be meaningful, e.g. setting member's affiliation to 'member' is considered a bad request.</li>
<li>Server MAY allow members to add new members but they still cannot make anyone an 'owner' or remove other users from the room.</li>
</ol>
<p>On success the server will reply with result IQ with all changed items. <b>BEFORE</b> returning the IQ result, the service MUST route a message with affiliation change to all relevant users.</p>
<p>On success the server will reply with result IQ with all changed items. <strong>BEFORE</strong> returning the IQ result, the service MUST route a message with affiliation change to all relevant users.</p>
<p>Newcomers, i.e. users that were not occupants before the change, SHOULD receive only their own affiliation and SHOULD NOT receive &lt;prev-version /&gt; element.</p>
<p>The notifications must include both the new and old room version (&lt;version /&gt; and &lt;prev-version /&gt; respectively) string (except for the ones directed to users that have been removed from the room).</p>
<p>The notifications contain a list of items. The item list may be different from the list in IQ set, because some of the changes may require additional operations, e.g. choosing new owner when the old one leaves. Users, that are still in the room after change, will receive full change list. Users, that have been removed from the room with the request, will get only one item: themselves with affiliation 'none'.</p>
@ -1007,13 +1006,12 @@
</section2>
<section2 topic='Request sender has insufficient privileges' anchor='insufficient-privileges'>
<p>If the request sender does not have sufficient privileges (but is a room occupant), the service MUST reply with a 'not-allowed' error.</p>
<p>It occurs in the following cases:
<p>It occurs in the following cases:</p>
<ul>
<li>A member tries to change the configuration but the service is not configured to allow it. It does not apply to the subject change, although it has to be performed by sending &MESSAGE; with &SUBJECT;, not configuration &IQ;.</li>
<li>A member tries to change anyone's affiliation to 'none' or 'owner'.</li>
<li>A member tries to change someone's affiliation to 'member' but the service is not configured to allow it.</li>
</ul>
</p>
<example caption='Prohibited IQ'><![CDATA[
<iq from='minion@shakespeare.lit/desktop'
id='privileges1'
@ -1483,7 +1481,6 @@
<section2 topic='Service limits and configuration' anchor='limits-and-config'>
<p>MUC Light service may be abused by malicious users, e.g. due to replicating single message for every room occupant. The list below contains suggested configurable limits that SHOULD be implemented.</p>
<p>The service features that might vary depending on specific application are included as well.</p>
<p>
<ul>
<li>Maximal count of rooms the user occupies.</li>
<li>Blocking feature enabled/disabled.</li>
@ -1493,7 +1490,6 @@
<li>New members can be invited by owner/occupants.</li>
<li>Maximal room size.</li>
</ul>
</p>
</section2>
</section1>
<section1 topic='Security Considerations' anchor='security'>

View File

@ -49,25 +49,25 @@
</header>
<section1 topic='Introduction' anchor='intro'>
Jingle <cite>XEP-0166</cite> is used to negotiate peer to peer media sessions.
<p>Jingle <cite>XEP-0166</cite> is used to negotiate peer to peer media sessions.
Muji is a way to coordinate Jingle sessions between a group of people.
Muji conferences are held in <cite>XEP-0045</cite> rooms.
Muji conferences are held in <cite>XEP-0045</cite> rooms.</p>
</section1>
<section1 topic="How it works" anchor="howitworks">
A Muji conference has a number of contents, each of which has unique name.
<p>A Muji conference has a number of contents, each of which has unique name.
content type, and an encoding. Each participant may provide a stream for each
content, and communicates which contents they are willing to provide streams
for, along with encoding information, in their MUC presence. This serves two
purposes. Firstly, so that each participant knows which contents every other
participant provides. Secondly, so that there is a global payload type (PT)
mapping for the various contents, so that clients only need to encode and
payload each content that they provide once.
payload each content that they provide once.</p>
Participants are not required to participate all the contents that are
<p>Participants are not required to participate all the contents that are
available. For example, a Muji client might choose to only request audio
streams.
streams.</p>
</section1>
<section1 topic='Joining a conference' anchor='joining'>
@ -75,7 +75,7 @@ streams.
Joining a conference is done in two stages. The first step is to
declare that preparations are being done to either join or start a muji
session inside the MUC. This is indicated by the client sending a presence
stanza to the MUC with a preparing element in muji section.
stanza to the MUC with a preparing element in muji section.</p>
<code><![CDATA[
<presence from='wiccarocks@shakespeare.lit/laptop'
@ -90,11 +90,11 @@ streams.
</presence>
]]></code>
The client MUST then wait until the MUC rebroadcasts its presence message,
<p>The client MUST then wait until the MUC rebroadcasts its presence message,
after which it MUST wait for all other participants that had a preparing
element in their presence to finish preparation. Afterwards it should finish
it's own preparation by updating its presence with the contents it wants to
take part in.
take part in.</p>
<code><![CDATA[
<presence from='wiccarocks@shakespeare.lit/laptop'
@ -118,11 +118,8 @@ streams.
</muji>
</presence>
]]></code>
</p>
<p>
When a client adds a payload ID to a content description, it MUST have the
<p>When a client adds a payload ID to a content description, it MUST have the
same codec name and receiving parameters as the corresponding entries in
other participants' payload maps for that content. For instance, if Alice
defines a payload type with ID 98, codec Speex and a a clock rate of 8000
@ -170,7 +167,7 @@ streams.
<p>
Adding a stream follows a process similar to the joining a conference. As a
first step an updated presence stanza MUST be send which contains a preparing
element as part of the Muji section.
element as part of the Muji section.</p>
<code><![CDATA[
<presence from='wiccarocks@shakespeare.lit/laptop'
@ -191,13 +188,13 @@ streams.
</presence>
]]></code>
The client MUST then wait until the MUC rebroadcasts its presence message,
<p>The client MUST then wait until the MUC rebroadcasts its presence message,
after which it MUST wait for all other participants that had a preparing
element in their presence to finish their changes.
element in their presence to finish their changes.</p>
Afterwards the client should add the new content to the muji section of its
<p>Afterwards the client should add the new content to the muji section of its
presence and add the content to all the jingle sessions it had with
participants it shared the content with.
participants it shared the content with.</p>
<code><![CDATA[
<presence from='wiccarocks@shakespeare.lit/laptop'
@ -221,7 +218,6 @@ streams.
</muji>
</presence>
]]></code>
</p>
</section1>
<section1 topic='Removing a content' anchor='removecontent'>

View File

@ -23,6 +23,7 @@
<header>
<title>Multi-User Gaming</title>
<abstract>This document defines an XMPP protocol extension for multi-user gaming.</abstract>
&LEGALNOTICE;
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
@ -74,7 +75,6 @@
<initials>tg</initials>
<remark><p>First draft.</p></remark>
</revision>
&LEGALNOTICE;
</header>
<section1 topic='Introduction' anchor='intro'>
<p>
@ -197,8 +197,8 @@
</section2>
<section2 topic='Dramatis Personae' anchor='terms-personae'>
Most of the examples in this document use the scenario of Miranda and Ferdinand playing chess in Act V, Scene I of Shakespeare's The Tempest,
represented here as the "island-chess@games.shakespeare.lit" room. The characters are as follows:
<p>Most of the examples in this document use the scenario of Miranda and Ferdinand playing chess in Act V, Scene I of Shakespeare's The Tempest,
represented here as the "island-chess@games.shakespeare.lit" room. The characters are as follows:</p>
<table caption='Dramatis Personae'>
<tr>
<th>Room Nickname</th><th>Full JID</th><th>Affiliation</th><th>Game Role</th>
@ -216,7 +216,7 @@
</section1>
<section1 topic='Affiliations' anchor='affiliations'>
The following affiliations are defined:
<p>The following affiliations are defined:</p>
<ol>
<li>Member</li>
<li>Owner</li>
@ -239,10 +239,10 @@
</p>
<section2 topic='Privileges' anchor='privileges'>
Owners are allowed to do what they like (saving/loading, change match options, etc.)
<p>Owners are allowed to do what they like (saving/loading, change match options, etc.)
except in unmoderated matches. This match type restricts the use of owner privileges to specific room statuses.
Users with no affiliation SHALL NOT enter members-only matches.
Besides that, these users have the same privileges as members.
Besides that, these users have the same privileges as members.</p>
<table caption='Owner Privileges Overview'>
<tr>
<th>Room Type</th>
@ -275,11 +275,11 @@
</section2>
<section2 topic='Changing Affiliations' anchor='changing-affi'>
The ways in which a user's affiliation changes are well-defined.
<p>The ways in which a user's affiliation changes are well-defined.
Sometimes the change results from the user's own action (e.g., registering as a member of the match),
whereas sometimes the change results from an action taken by an owner.
If a user's affiliation changes, a MUG service implementation MUST change the user's affiliation to reflect the change
and communicate that to all occupants.
and communicate that to all occupants.</p>
</section2>
</section1>
@ -762,10 +762,10 @@
<section1 topic="Occupant Use Cases" anchor='occupantusecases'>
<section2 topic='Invitation' anchor='mug-invite'>
It can be useful to invite other users to a room in which one is an occupant.
<p>It can be useful to invite other users to a room in which one is an occupant.
To do this, a MUG client sends XML of the following form to the &ROOM; itself
adding an &INVITE; element for every invitee.
(the reason is OPTIONAL and the message MUST be explicitly or implicitly of type "normal"):
(the reason is OPTIONAL and the message MUST be explicitly or implicitly of type "normal"):</p>
<example caption="Occupant Sends an Invitation by Way of Room"><![CDATA[
<message
from='ferdinand@shakespeare.lit/desktop'
@ -2039,7 +2039,7 @@
<p>
If the room creation fails because the specified room configuration options violate
one or more service policies (e.g., because the password for a password-protected room is blank),
the service MUST return a <not-acceptable/> error.
the service MUST return a &lt;not-acceptable/&gt; error.
</p>
<example caption='Service Informs Owner that Requested Configuration Options Are Unacceptable'><![CDATA[

View File

@ -94,7 +94,7 @@
</section2>
<section2 topic='Redirection' anchor='usecases-redirection'>
<p>A given deployment MAY wish to redirect users to another medium (e.g., a website) for further stages of registration, rather than allowing in-band registration. The recommended approach is to include only the <instructions/> element rather than the required fields or a data form in the IQ result, as well as a URL encoded using &xep0066;</p>
<p>A given deployment MAY wish to redirect users to another medium (e.g., a website) for further stages of registration, rather than allowing in-band registration. The recommended approach is to include only the &lt;instructions/&gt; element rather than the required fields or a data form in the IQ result, as well as a URL encoded using &xep0066;</p>
<example caption='Host Redirects Entity to Web Registration'><![CDATA[
<iq type='result'
from='sms.shakespeare.lit'

View File

@ -19,7 +19,6 @@
<supersedes/>
<supersededby/>
<shortname>inbox</shortname>
<schemaloc/>
<author>
<firstname>Valerian</firstname>
<surname>Saliou</surname>

View File

@ -13,8 +13,9 @@
<status>Experimental</status>
<type>Informational</type>
<sig>Standards</sig>
<supersedes>None</supersedes>
<supersededby>None</supersededby>
<dependencies/>
<supersedes/>
<supersededby/>
<shortname>namespace</shortname>
&dcridland;
&stpeter;

View File

@ -22,7 +22,7 @@
<spec>XEP-0114</spec>
<spec>XEP-0225</spec>
</supersedes>
<supersededby>None</supersededby>
<supersededby/>
<shortname>comp-s2s</shortname>
&dcridland;
<revision>

216
inbox/sasl2.xml Normal file
View File

@ -0,0 +1,216 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<xep>
<header>
<title>Extensible SASL Profile</title>
<abstract>This document describes a replacement for the SASL profile documented in RFC 6120 which allows for greater extensibility.</abstract>
&LEGALNOTICE;
<number>XXXX</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
<sig>Standards</sig>
<dependencies>
<spec>XMPP Core</spec>
</dependencies>
<supersedes/>
<supersededby/>
<shortname>sasl2</shortname>
&dcridland;
<revision>
<version>0.0.1</version>
<date>2017-02-07</date>
<initials>dwd</initials>
<remark>
<ul>
<li>Initial Revision</li>
</ul>
</remark>
</revision>
</header>
<section1 topic='Introduction' anchor='intro'>
<p>While SASL provides an excellent framework that has served us well over the past 18 years, a number of shortcomings in the profile - the syntax binding to XMPP - that is in use.</p>
<p>This specification addresses a number of shortfalls:</p>
<ul>
<li>Number of round trips</li>
<li>Extensibility</li>
<li>Support for second factor</li>
<li>Support for mandatory password changes</li>
</ul>
<p>The new SASL profile documented herein is primarily a syntactic change to allow extensibility, combined with removal of the (largely) redundant stream restart, and additional results beyond total success or abject failure.</p>
<section2 topic="Terminology">
<p>Although initiating entities, in general, use SASL, and receiving entities offer it, the SASL specification and common parlance both use "Client " and "Server"; this specification uses Client and Server and assumes C2S links. This is not intended to preclude use of this SASL profile on S2S links. The term "SASL2" is used to mean the new SASL profile specified in this document; however the same RFC 4422 definition of SASL (and SASL profiles) applies.</p>
<p>Examples often use hypothetical SASL mechanisms and sub-extensions; this specification does not intend to make a position on any particular SASL mechanism, and the Mandatory To Implement mechanisms are unaffected.</p>
</section2>
</section1>
<section1 topic='Overview' anchor="overview">
<section2 topic="Discovering Support" anchor="feature">
<p>Servers capable of SASL2 offer a stream feature of &lt;mechanisms/>, qualified by the "urn:xmpp:sasl:0" namespace. This in turn contains one or more &lt;mechanism/> elements in the same namespace, and potentially other elements (for example, the &lt;hostname/> element defined within XEP-0233).</p>
<p>Note that SASL2 is impossible for clients to initiate without at least one mechanism being available, and therefore MUST NOT be offered.</p>
<p>The feature so advertised, and its child content, SHOULD be stable for the given stream to and from attributes and encryption state, and therefore MAY be cached by clients for later connections.</p>
<p>The Service Name used by XMPP is unchanged from RFC 6120.</p>
</section2>
<section2 topic="SASL Data Encoding">
<p>In all cases, both Clients and Servers encode SASL exchanges using Base 64 encoding. This SHOULD NOT include any line wrapping or other whitespace. As the form &lt;element/> is equivalent to &lt;element>&lt;/element>, these both indicate an empty string, which is used to indicate no data (ie, the absence of the data). In order to explicitly transmit a zero-length SASL challenge or response, the sending party sends a single equals sign character ("=").</p>
</section2>
<section2 topic="Initiation">
<p>Clients, upon observing this stream feature, initiate the authentication by the use of the &lt;authenticate/> top-level element, within the same namespace. The nature of this element is to inform the server about properties of the final stream state, as well as initiate authentication itself. To achieve the latter, it has a single mandatory attribute of "mechanism", with a string value of a mechanism name offered by the Server in the stream feature, and an optional child element of &lt;initial-response/>, containing a base64-encoded SASL Initial Response.</p>
<p>On subsequent connections, if a Client has previously cache the stream feature, the Client MAY choose to send it before seeing the stream features - sending it "pipelined" with the Stream Open tag for example.</p>
<example caption="An authentication request"><![CDATA[
<authenticate xmlns='urn:xmpp:sasl:0' mechanism="BLURDLYBLOOP">
<initial-response>SW1wcm92ZWQgZW5jYXNwdWxhdGlvbiBvZiBvcHRpb25hbCBTQVNMLUlSIGRhdGE=</initial-response>
</authenticate>
]]>
</example>
<p>In order to provide support for other desired stream states beyond authentication, additional child elements are used. For example, a hypothetical XEP-0198 session resumption element might be included, and/or Resource Binding requests.</p>
<example caption="An authentication request with a (hypothetical) bind request"><![CDATA[
<authenticate xmlns='urn:xmpp:sasl:0' mechanism='BLURDYBLOOP'>
<initial-response>
U0FTTC1JUiBlbmNvZGVkIGFsb25nc2lkZSBiaW5kIHJlcXVlc3Q=
</initial-response>
<bind xmlns='urn:xmpp:bind:example'/>
</authenticate>
]]>
</example>
</section2>
<section2 topic="Challenges and Responses" anchor="challenge">
<p>Server Challenges MAY then be sent. Each Challenge MUST be responded to by a Client in a Client Response. These are not extensible, and contain the corresponding base64 encoded SASL data:</p>
<example caption="A challenge and response exchange"><![CDATA[
<!-- A server might send: -->
<challenge xmlns='urn:xmpp:sasl:0'>
QmFzZSA2NCBlbmNvZGVkIFNBU0wgY2hhbGxlbmdlIGRhdGE=
</challenge>
<!-- A client might respond: -->
<response xmlns='urn:xmpp:sasl:0'>
QmFzZSA2NCBlbmNvZGVkIFNBU0wgcmVzcG9uc2UgZGF0YQ==
</response>
]]>
</example>
</section2>
<section2 topic="During Authentication">
<p>At any time while authentication is in progress, neither Client nor Server sends any element (including stanzas) or other data except the top-level elements defined herein. Clients MUST NOT send whitespace, and MUST send only &lt;response/> elements as appropriate or an &lt;abort/> element to immediately cause an error. Servers MUST disconnect Clients immediately if any other traffic is received. Servers are similarly REQUIRED to send no whitespace, and only the &lt;response/> and completion elements from the section below.</p>
</section2>
<section2 topic="Completing Authentication">
<p>Authentication may complete in one of three ways. It may complete successfully, in which case the client is authenticated. It may also fail, in which case the client is not authenticated and the stream and session state remain entirely unchanged.</p>
<p>Finally, it may have completed successfully, but further interaction is required - for example, a password change or second-factor authentication.</p>
<section3 topic="Success">
<p>If the Client is now authenticated, the Server sends a &lt;success/> element, which contains an OPTIONAL &lt;additional-data/> element containing SASL additional data. It also contains a &lt;authorization-identity/> element containing the negotiated identity - this is a bare JID, unless resource binding has occurred, in which case it is a full JID.</p>
<example caption="Successful authentication"><![CDATA[
<success xmlns='urn:xmpp:sasl:0'>
<success-data>
T3B0aW9uYWwgQmFzZSA2NCBlbmNvZGVkIFNBU0wgc3VjY2VzcyBkYXRh
</success-data>
<authorization-identifier>juliet@montague.example/Balcony/a987dsh9a87sdh</authorization-identifier>
</success>
]]></example>
<p>Other extension elements MAY also be contained by the &lt;success/> element.</p>
<example caption="Successful re-authentication and resumption"><![CDATA[
<success xmlns='urn:xmpp:sasl:0'>
<additional-data>
T3B0aW9uYWwgQmFzZSA2NCBlbmNvZGVkIFNBU0wgc3VjY2VzcyBkYXRh
</additional-data>
<authorization-identifier>juliet@montague.example/Balcony/a987dsh9a87sdh</authorization-identifier>
<sm:resumed xmlns='urn:xmpp:sm:3:example' h='345' previd='124'/>
</success>
]]></example>
<p>Any security layer negotiated SHALL take effect after the ">" octet of the closing tag (ie, immediately after "&lt;/success>").</p>
</section3>
<section3 topic="Failure">
<p>A &lt;failure/> element is used by the server to terminate the authentication attempt. It MAY contain application-specific error codes, and MAY contain a textual error. It MUST contain one of the SASL error codes from RFC 6120 Section 6.5.</p>
<example caption="Failure"><![CDATA[
<failure xmlns='urn:xmpp:sasl:0'>
<aborted xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
<optional-application-specific xmlns='urn:something:else'/>
<text>This is a terrible example.</text>
</failure>
]]></example>
</section3>
<section3 topic="Continue" anchor="continue">
<p>A &lt;continue/> element is used to indicate that while the SASL exchange was successful, it is insufficient to allow authentication at this time.</p>
<p>This can be used to indicate that the Client needs to perform a Second Factor Authentication ("2FA"), or is required to change password. These are conducted as additional SASL mechanisms. Such SASL mechanisms MUST NOT change the authorization identifier, or introduce any security layer. The authorization identifer transmitted during the subsequent &lt;success/>, and any security layer which comes into effect after the eventual &lt;success/>, therefore MUST be that of the first mechanism.</p>
<p>The element contains a &lt;mechanisms/> element, as defined above as a stream feature, containing suitable mechanisms. It MAY contain an &lt;additional-data/> element, as the &lt;success/> element does.</p>
<p>Finally, it MAY contain a &lt;text/> element, which can contain human-readable data explaining the nature of the step required.</p>
<example caption="Continue Required"><![CDATA[
<continue xmlns='urn:xmpp:sasl:0'>
<additional-data>
T3B0aW9uYWwgQmFzZSA2NCBlbmNvZGVkIFNBU0wgc3VjY2VzcyBkYXRh
</additional-data>
<mechanisms>
<mechanism>HOTP-EXAMPLE</mechanism>
<mechanism>TOTP-EXAMPLE</mechanism>
<mechanisms>
<text>This account requires 2FA</text>
</continue>
]]></example>
<p>Clients respond with a &lt;next-authenticate/> element, which has a single mandatory attribute of "mechanism", containing the selected mechanism name, and contains an OPTIONAL base64 encoded initial response.</p>
<example caption="Client Continues"><![CDATA[
<next-authenticate xmlns='urn:xmpp:sasl' mechanism='TOTP-EXAMPLE'>
MkZBIG9yIHBhc3N3b3JkIGNoYW5nZSBvciBzb21ldGhpbmc=
</next-authenticate>
]]></example>
</section3>
</section2>
</section1>
<section1 topic="SASL Profile Definition">
<p>This provides pointers and/or clarifications to the <link url="#overview"/> in the order and manner defined in RFC 4422, section 4.</p>
<section2 topic="Service Name">
<p>The service name SHALL be "xmpp", as defined by RFC 6120.</p>
</section2>
<section2 topic="Mechanism negotiation">
<p>Servers list mechanisms during stream features (See <link url="#features"/>) and within the &lt;continue/> element (See <link url="#continue"/>).</p>
<p>TODO: Neither this specification nor RFC 6120 allow clients access to the mechanism list after SASL negotiation...?</p>
</section2>
<section2 topic="Message Definitions">
<section3 topic="Initiation">
<p>Clients initiate using the &lt;authenticate/> top level element (See <link url="#auth"/>, and after any &lt;continue/> with the &lt;next-authenticate/> message (See <link url="#continue"/>).</p>
</section3>
<section3 topic="Server Challenges and Client Responses">
<p>See <link url="#challenge"/>.</p>
</section3>
<section3 topic="Outcome">
<p>See <link url="#outcome"/>.</p>
</section3>
</section2>
<section2 topic="Non-Empty Authorization Strings">
<p>If a Client specifies an authorization string which is non-empty, the identifier is normalized by treating it as a JID, and performing normalization as described in RFC 7622.</p>
</section2>
<section2 topic="Aborting">
<p>Clients MAY abort unilaterally by sending &lt;abort/> as specified in <link url="#abort"/>.</p>
<p>Servers MAY abort unliterally by sending &lt;failure/> with the &lt;aborted/> error code as defined in <link url="#failure"/>.</p>
</section2>
<section2 topic="Security Layer Effect">
<p>See <link url="#success"/>.</p>
</section2>
<section2 topic="Security Layer Order">
<p>Option (a) is used - any SASL Security Layer is applied first to data being sent, and TLS applied last.</p>
</section2>
<section2 topic="Multiple Authentication">
<p>Although the &lt;continue/> concept does use multiple SASL sequences, only the first SASL mechanism used is considered an authentication, and only the first can negotiate a security layer.</p>
<p>In particular, once &lt;success/> has been sent by the server, any further &lt;authenticate/> element MUST result in a stream error.</p>
</section2>
</section1>
<section1 topic='Security Considerations' anchor='security'>
<p>Relative to the SASL profile documented in RFC 6120, this introduces more data unprotected by any security layer negotiated by SASL itself.</p>
</section1>
<section1 topic='IANA Considerations' anchor='iana'>
<p>This XEP requires no interaction with &IANA;. </p>
</section1>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
<p>None.</p>
</section1>
<section1 topic='Acknowledgements' anchor='ack'>
<p>The author wishes to share any credit with many members of the community, including Lance Stout, Ralph Meijer, and Florian Schmaus.</p>
</section1>
</xep>

View File

@ -244,7 +244,7 @@ Thus, for the meta data, the node id would be UUID_meta and the data value node
</section2>
<section2 topic='Device Metadata' anchor='devicem'>
Adapter publishes device meta data:
<p>Adapter publishes device meta data:</p>
<code><![CDATA[
<iq type='set'
to='pubsub.capulet.lit'
@ -315,7 +315,6 @@ If the meta node is configured to include payloads, the subscribers will receive
</message>
]]></code>
<table caption='Device Attributes'>
<tbody>
<tr>
<th>
Attribute
@ -373,11 +372,9 @@ If the meta node is configured to include payloads, the subscribers will receive
A serial number or other unique identifier for the physical device
</td>
</tr>
</tbody>
</table>
<table caption='Transducer Attributes'>
<tbody>
<tr>
<th>
Attribute
@ -507,13 +504,11 @@ The tuple (UUID X, transducer id Y) MUST be unique such that a publish operation
The accuracy of the values reported by this transducer
</td>
</tr>
</tbody>
</table>
<section3 topic='Types' anchor='types'>
<p>To make it easier for agents to sort through available devices and seonsors, it is desirable for implementations to use a common set of types. The following device types are defined:
</p>
<table caption='Device Types'>
<tbody>
<tr>
<th>
Type
@ -610,7 +605,6 @@ The tuple (UUID X, transducer id Y) MUST be unique such that a publish operation
Other type that isn't listed above
</td>
</tr>
</tbody>
</table>
</section3>
<section3 topic='Units' anchor='units'>
@ -618,7 +612,7 @@ The tuple (UUID X, transducer id Y) MUST be unique such that a publish operation
SI conventions as shown in the <link url='http://aurora.regenstrief.org/~ucum/ucum.html'>The Unified Code For Units of Measurement</link>.
</p>
<p>
After specifying the units of the transducer device, you can then also specify an SI scalar value as powers of 10. The following example shows how to specify a sensor in centimeters.
After specifying the units of the transducer device, you can then also specify an SI scalar value as powers of 10. The following example shows how to specify a sensor in centimeters.</p>
<code><![CDATA[
<device id='01020301' type='other'>
<transducer name='inchworm movement' id='0001'
@ -626,7 +620,7 @@ After specifying the units of the transducer device, you can then also specify a
</device>
]]></code>
The following example shows how to specify a sensor in kilograms.
<p>The following example shows how to specify a sensor in kilograms.</p>
<code><![CDATA[
<device id='xyzzy' type='scale'>
<transducer name='bathroom scale' id='0001'
@ -634,7 +628,7 @@ The following example shows how to specify a sensor in kilograms.
</device>
]]></code>
The following example shows how to specify a sensor in kilowatt-second with a resolution to the nearest 0.1 kWh.
<p>The following example shows how to specify a sensor in kilowatt-second with a resolution to the nearest 0.1 kWh.</p>
<code><![CDATA[
<device id='windmill087' type='resource generation'>
<transducer name='home wind generator' id='0001'
@ -644,12 +638,12 @@ The following example shows how to specify a sensor in kilowatt-second with a re
</device>
]]></code>
If no unitScaler value is specified, then a unitScaler of 0 (aka 10**0 = 1) is assumed.
<p>If no unitScaler value is specified, then a unitScaler of 0 (aka 10**0 = 1) is assumed.
</p>
</section3>
</section2>
<section2 topic='Transducer Values' anchor='transducervalues'>
Values for a transducer are published via the data value node:
<p>Values for a transducer are published via the data value node:</p>
<code><![CDATA[
<iq type='set'
to='pubsub.capulet.lit'
@ -700,7 +694,6 @@ If the data value node is configured to include payloads, the subscribers will r
</message>
]]></code>
<table caption='Transducer Value Attributes'>
<tbody>
<tr>
<th>
Attribute
@ -744,7 +737,6 @@ The tuple (UUID X, transducer id Y) MUST be unique such that a publish operation
The raw value as seen by the transducer. The rawValue can be used to record a non-unit converted value for record keeping (e.g. a raw ADC value before calibration).
</td>
</tr>
</tbody>
</table>
<p>OPTIONAL: Instead of putting all of the transducer values into a single data value node, an adapter MAY want to break up the transducer values into multiple nodes.
For example, an adapter may want to do this for reasons of security (allow some entities to subscribe/publish to transducer Y1 and a different set of entities to subscribe/publish to transducer Y2).
@ -804,7 +796,7 @@ The information in the meta node is used by consumers to determine which node th
</p>
</section2>
<section2 topic='Setting Transducer Values' anchor='transducerset'>
Values for a transducer can also be set by publishing to the data value node.
<p>Values for a transducer can also be set by publishing to the data value node.</p>
<code><![CDATA[
<iq type='set'
to='pubsub.capulet.lit'
@ -886,7 +878,6 @@ If the fan node is configured to include payloads, the subscribers will receive
</message>
]]></code>
<table caption='Transducer Set Attributes'>
<tbody>
<tr>
<th>
Attribute
@ -922,7 +913,6 @@ The tuple (UUID X, transducer id Y) MUST be unique such that a publish operation
If the adapter can verify that the raw value is an allowable value for the transducer, it SHOULD allow the raw value to take precedence over the typedValue if provided.
</td>
</tr>
</tbody>
</table>
<section3 topic='Actuation' anchor='actuation'>
<p> Actuation takes place as a split-phase operation with an action signal (publish) followed by a completion callback (subscribed message).
@ -1153,12 +1143,11 @@ Event Node ID: 4d4335b5-4134-11e0-9207-0800200c9a66_data
</iq>
]]></code>
<p>Two things to note:
<p>Two things to note:</p>
<ol>
<li>The tuple ('4d4335b5-4134-11e0-9207-0800200c9a66_data', 'tid1') uniquely identifies the motion sensor for this camera adapter.</li>
<li>It is not relevant to the subscriber of this node (the consumer of information) whether the camera has motion detection built in or whether the adapter is capturing images from the camera and using its own methodology for determining motion.</li>
</ol>
</p>
<p>
To continue this example further, let's assume an agent is subscribed to the data value node and can also publish to the tid2 node which controls the light.
In this case, an agent will receive notification that movement was sensed and can take action.
@ -1302,7 +1291,7 @@ If an adapter chooses to publish a subset of transducer data (for example, only
the changed values), it is possible for consumers who are off line or recently
activated to miss older values.
There are a variety of ways to handle this depending on the needs of the
implementor including (but not limited to):
implementor including (but not limited to):</p>
<ul>
<li>
Increase the history size of the node in the xmpp server so old entries can be obtained
@ -1317,7 +1306,7 @@ Put infrequent events in their own nodes and use data value node for frequent ev
Put frequent events in their own nodes and use data value node for infrequent events
</li>
</ul>
If an implementaion chooses to put some transducers values into their own nodes
<p>If an implementaion chooses to put some transducers values into their own nodes
(instead of putting them all into the data value node), remember that a transducer value MUST appear in either the data value node or its own node, but not both.
The meta node indicates to consumers which node they should subscribe to in order to be notified when new data is available for their chosen transducer.
</p>

View File

@ -162,10 +162,10 @@
<dl>
<di>
<dt>iq-sift</dt>
<dd>The server enables the client to sift all &IQ; stanzas or ones that match the specified criteria.</dd>
<dt>message-sift</dt>
<dd>The server enables the client to sift all &MESSAGE; stanzas or ones that match the specified criteria.</dd>
<dt>presence-sift</dt>
<dd>The server enables the client to sift all &IQ; stanzas or ones that match the specified criteria.</dd></di>
<di><dt>message-sift</dt>
<dd>The server enables the client to sift all &MESSAGE; stanzas or ones that match the specified criteria.</dd></di>
<di><dt>presence-sift</dt>
<dd>The server enables the client to sift all &PRESENCE; stanzas or ones that match the specified criteria.</dd>
</di>
</dl>
@ -175,14 +175,14 @@
<dl>
<di>
<dt>all</dt>
<dd>The server shall sift this kind of stanza no matter who the sender is. This is the <strong>default</strong>.</dd>
<dt>local</dt>
<dd>The server shall sift this kind of stanza only from entities associated with the same local domain as the user itself (not from remote domains).</dd>
<dt>others</dt>
<dd>The server shall sift this kind of stanza only from other entities (not from the user itself).</dd>
<dt>remote</dt>
<dd>The server shall sift this kind of stanza only from entities associated with remote domains (not from the same local domain as the user itself).</dd>
<dt>self</dt>
<dd>The server shall sift this kind of stanza no matter who the sender is. This is the <strong>default</strong>.</dd></di>
<di><dt>local</dt>
<dd>The server shall sift this kind of stanza only from entities associated with the same local domain as the user itself (not from remote domains).</dd></di>
<di><dt>others</dt>
<dd>The server shall sift this kind of stanza only from other entities (not from the user itself).</dd></di>
<di><dt>remote</dt>
<dd>The server shall sift this kind of stanza only from entities associated with remote domains (not from the same local domain as the user itself).</dd></di>
<di><dt>self</dt>
<dd>The server shall sift this kind of stanza only from the user itself (not from other entities).</dd>
</di>
</dl>
@ -193,10 +193,10 @@
<dl>
<di>
<dt>all</dt>
<dd>The server shall sift this kind of stanza if the recipient is the bare JID &LOCALBARE; of the user or the full JID &LOCALFULL; of the particular resource. This is the <strong>default</strong>.</dd>
<dt>bare</dt>
<dd>The server shall sift this kind of stanza only if the recipient is the bare JID &LOCALBARE; of the user.</dd>
<dt>full</dt>
<dd>The server shall sift this kind of stanza if the recipient is the bare JID &LOCALBARE; of the user or the full JID &LOCALFULL; of the particular resource. This is the <strong>default</strong>.</dd></di>
<di><dt>bare</dt>
<dd>The server shall sift this kind of stanza only if the recipient is the bare JID &LOCALBARE; of the user.</dd></di>
<di><dt>full</dt>
<dd>The server shall sift this kind of stanza only if the recipient is the full JID &LOCALFULL; of the particular resource.</dd>
</di>
</dl>

View File

@ -43,14 +43,14 @@
</revision>
</header>
<section1 topic='Introduction' anchor='intro'>
<p>There are various spim protection methods exist in XMPP: &xep0016;, &xep0158;, &xep0191;, &xep0268; and &xep0275;. But they may not be sufficient enough:
<p>There are various spim protection methods exist in XMPP: &xep0016;, &xep0158;, &xep0191;, &xep0268; and &xep0275;. But they may not be sufficient enough:</p>
<ul>
<li>&xep0016; and &xep0191; define blocking mechanism only which is not always appropriate.</li>
<li>&xep0158; interacts badly with automated software such as gateways.</li>
<li>&xep0268; implies trusted network of servers.</li>
<li>&xep0275; concentrates on ranking only.</li>
</ul>
Service administrators might want to deploy server-based spim recognition software to fill in the gaps. However, every automated spim recognition suffers from <em>false positives</em> - situations where a stanza incorrectly qualified as spim. To avoid them, a spim filter doesn't block suspicious stanza, but marks it and sends to a client in a regular manner. A client software doesn't need to interrupt a user when processing such marked stanzas: for example, it may put them silently in "SPAM" folder, so a user can look through them at any time later. Furthermore, a spim filter may take user's experience into account. When a user receives an unsolicited stanza, he or she can mark it as spim. In this case a client software sends an automatic complaint to a server-based spim filter. This specification deals with both cases. Thus, in contrast to &xep0159;, it doesn't introduce any spim blocking techniques. Also, the various spim recognition procedures that may be employed by the server are beyond the scope of this document.
<p>Service administrators might want to deploy server-based spim recognition software to fill in the gaps. However, every automated spim recognition suffers from <em>false positives</em> - situations where a stanza incorrectly qualified as spim. To avoid them, a spim filter doesn't block suspicious stanza, but marks it and sends to a client in a regular manner. A client software doesn't need to interrupt a user when processing such marked stanzas: for example, it may put them silently in "SPAM" folder, so a user can look through them at any time later. Furthermore, a spim filter may take user's experience into account. When a user receives an unsolicited stanza, he or she can mark it as spim. In this case a client software sends an automatic complaint to a server-based spim filter. This specification deals with both cases. Thus, in contrast to &xep0159;, it doesn't introduce any spim blocking techniques. Also, the various spim recognition procedures that may be employed by the server are beyond the scope of this document.
</p>
</section1>
<section1 topic='Requirements' anchor='reqs'>
@ -143,13 +143,12 @@
</section1>
<section1 topic='Business Rules' anchor='rules'>
<p>A filtering entity SHOULD only add &lt;mark/&gt; or &lt;report/&gt; elements and a receiving entity SHOULD only process those elements if the corresponding stanza envolves an interaction with a human user: subscription requests, messages, conference invites, voice calls, etc. For example, it doesn't make a lot of sense to mark &xep0232; stanzas.</p>
<p>To avoid obvious false positives and user confusions, a filtering entity SHOULD NOT add &lt;mark/&gt; or &lt;report/&gt; elements to a stanza and a receiving entity SHOULD ignore &lt;mark/&gt; and &lt;report/&gt; elements of a stanza if:
<p>To avoid obvious false positives and user confusions, a filtering entity SHOULD NOT add &lt;mark/&gt; or &lt;report/&gt; elements to a stanza and a receiving entity SHOULD ignore &lt;mark/&gt; and &lt;report/&gt; elements of a stanza if:</p>
<ul>
<li>The receiving entity has the sender's subscription information of the type "both", "from" or "to".</li>
<li>The receiving entity has pending subscription to the sender, i.e. subscription of type "none" and ask='subscribe'.</li>
<li>The receiving entity has sent direct presence to the sender.</li>
</ul>
</p>
</section1>
<section1 topic='Determining Support' anchor='support'>
<p>If an entity supports the spim markers, it MUST report that by including a service discovery feature of "urn:xmpp:spim-marker:0" in response to a &xep0030; information request. If an entity supports the spim reports, it MUST report that by including a service discovery feature of "urn:xmpp:spim-report:0" in response to a &xep0030; information request:</p>

View File

@ -12,6 +12,7 @@
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
@ -1041,4 +1042,3 @@ PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
</section1>
</xep>

View File

@ -18,6 +18,7 @@
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
@ -263,6 +264,7 @@
<p>
During the game, players change in turn, each of them MUST send only one move at a time.
It MUST possess these attributes:
</p>
<table caption='&MOVE; attributes'>
<tr>
<td><strong>Name</strong></td>
@ -285,7 +287,6 @@
<td>The vertical position of the mark.</td>
</tr>
</table>
</p>
<example caption='Juliet Sends a Move'><![CDATA[
<message
to='tictactoe@games.shakespeare.lit'

View File

@ -18,6 +18,7 @@
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
@ -133,6 +134,7 @@
Furthermore, the &MESSAGE; stanza contains a &TURN; element which in turn contains exactly one &MOVE; element
qualified by 'http://jabber.org/protocol/games/tictactoe'.
It MUST possess these attributes:
</p>
<table caption='&MOVE; attributes'>
<tr>
<td><strong>Name</strong></td>
@ -155,7 +157,6 @@
<td>The vertical position of the mark.</td>
</tr>
</table>
</p>
<example caption='Part of the Match Between Romeo and Juliet'><![CDATA[
<message
from='romeo@montague.net/room'

View File

@ -121,7 +121,7 @@
device, they both MAY know the exact format and existence of supported
commands.
</p>
</section1>SkkdJi88C())oo
</section1>
<section1 topic='Glossary' anchor='glossary'>
<p>
@ -164,8 +164,8 @@
</p>
<p>
<em>Note: The text that follows assumes that implementors have
read and understood <cite>XEP-0050</cite>, password
generation algorithms described in &rfc4226; and <cite>RFC 6238</cite></em>,
read and understood &xep0050;, password
generation algorithms described in &rfc4226; and &rfc6238;</em>,
and randomness requirements described in &rfc4086;,
and know about one-time pads and perfect secrecy.
</p>
@ -173,8 +173,8 @@
<section2 topic='Authenticate with a Time-Based One-Time Password (TOTP)' anchor='set-totp'>
<p>
Time-Based One-Time Password (TOTP) algorithm described in
<cite>RFC 6238</cite> is an extension of the HMAC-based
One-Time Password (HOTP) algorithm defined in <cite>RFC 4226</cite>,
&rfc6238; is an extension of the HMAC-based
One-Time Password (HOTP) algorithm defined in &rfc4226;,
to support the time-based moving factor. In TOTP, time
reference and a time step replaces the counter in the HOTP
computation.
@ -431,14 +431,14 @@
</li>
</ul>
In each case, the Verifier MAY check Prover's JID right after
<p>In each case, the Verifier MAY check Prover's JID right after
receiving the first Ad-Hoc command or after a succesful verification
process.
process.</p>
If Prover's JID is not approved, the Verifier SHOULD
reply with &forbidden; error message.
<p>If Prover's JID is not approved, the Verifier SHOULD
reply with &forbidden; error message.</p>
After the a succesful verification the Verifier can, e.g.,
<p>After the a succesful verification the Verifier can, e.g.,</p>
<ul>
<li>start the wanted process,</li>
<li>ask access rights from additional provision servers,

View File

@ -55,7 +55,7 @@
</section1>
<section1 topic='Use Cases' anchor='usecases'>
<section2 topic='Retrieving rating' anchor='retrieverating'>
A user may obtain their own rating by sending an IQ-get with no to address and an element qualified by the rating namespace.
<p>A user may obtain their own rating by sending an IQ-get with no to address and an element qualified by the rating namespace.</p>
<example caption='Rating retrieval request'><![CDATA[
<iq from=romeo@montague.net
id=aa1a
@ -63,7 +63,7 @@
<query xmlns=rating />
</iq>
]]></example>
The server should return an IQ result stanza with <rating/> element:
<p>The server should return an IQ result stanza with &lt;rating/&gt; element:</p>
<example caption='Server Response'><![CDATA[
<iq type=result to=romeo@montague.net
id=aa1a
@ -74,8 +74,8 @@
</iq>
]]></example>
</section2>
<section3 topic='User-moderated server' anchor='usermodserver'>
In installations that run as chat servers, moderation of spam users can be delivered to online users and administrators. Users receiving spam from a bare JID can send an IQ stanza to the server that increases the user rating.
<section2 topic='User-moderated server' anchor='usermodserver'>
<p>In installations that run as chat servers, moderation of spam users can be delivered to online users and administrators. Users receiving spam from a bare JID can send an IQ stanza to the server that increases the user rating.</p>
<example caption='Reporting Spam/Abuse'><![CDATA[
<iq type=set
from=romeo@montague.net
@ -145,7 +145,7 @@
</p>
<p>
JIDs that are critical to server functionality or admins should have a
permanent <rating/> of -100 to indicate that they are protected. Should a
permanent &lt;rating/&gt; of -100 to indicate that they are protected. Should a
user attempt to report a protected user, the server should send the
following:
</p>
@ -178,7 +178,7 @@
XEP-0191 Blocking Command, or an internal implementation to prevent
communication from known spammer accounts.
</p>
</section3>
</section2>
</section1>
<section1 topic='Business Rules' anchor='rules'>
<p>OPTIONAL.</p>

1
inbox/xep.dtd Symbolic link
View File

@ -0,0 +1 @@
../xep.dtd

1
inbox/xep.ent Symbolic link
View File

@ -0,0 +1 @@
../xep.ent

View File

@ -1,6 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY rfc3920bis "<span class='ref'><link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>rfc3920bis</link></span> <note>RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core &lt;<link url='http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis'>http://tools.ietf.org/html/draft-ietf-saintandre-rfc3920bis</link>&gt;.</note>" >
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>