diff --git a/inbox/iot-discovery.xml b/inbox/iot-discovery.xml index a4962a21..659f5f75 100644 --- a/inbox/iot-discovery.xml +++ b/inbox/iot-discovery.xml @@ -23,6 +23,7 @@ XEP-0001 XEP-0030 XEP-0077 + XEP-0114 XEP-0174 XEP-0323 XEP-0324 @@ -46,6 +47,19 @@ TBD http://www-rnks.informatik.tu-cottbus.de/~rklauck + + 0.0.3 + 2014-04-09 + pw + +

Introduced possibility for hosting Thing Registry as a Jabber Server Component, using XEP-0114.

+

+ Expanded de section Determining Support, explaining how to search through server components. +

+

Removed the possibility to search for nick names, as a way of finding Thing Registries.

+

Added Security and Implementation Notes describing the pros and cons of hosting a Thing Registry as a Server Component vs. as a Client.

+ + 0.0.2 2014-04-07 @@ -541,29 +555,27 @@

- If a Thing Registry is not preconfigured, one must be found. The following lists methods to obtaining the JID for the Thing Registry. Note that the last two - have security considerations that need to be taken into account. + If a Thing Registry is not preconfigured, one must be found. A Thing Registry can be hosted either as a server component using &xep0114; or as an XMPP Client accessible through + a JID. The following lists methods to obtaining the Component Address or JID for the Thing Registry. Note that the last one has security considerations + that need to be taken into account, if implemented.

  1. - Preconfigured JID to Thing Registry. + Preconfigured Component Address of Thing Registry. A Component address is normally a subdomain to the domain of the XMPP Server that hosts the component.
  2. - Preconfigured user name only, on the same XMPP domain as the XMPP Server connected to. + Preconfigured bare JID of Thing Registry.
  3. - XMPP Server itself. This can be found out by sending a discovery request to the server, - as described in Determining Support. + Preconfigured subdomain part of Component Address. This will be added to the domain of the XMPP Server used to connet to.
  4. - Search for accounts on the XMPP server with nick-name "discovery". Search is performed using &xep0055; + Preconfigured user name of JID. This will be added to the domain of the XMPP Server used to connected to. +
    5. +
  5. + Searching through Server Components on the XMPP Server currently connected to, as described in Determining Support.
-

- Note: The above methods might yield multiple JIDs. Each should in turn be checked if the support the discovery extension. - Note also that the last two have security considerations that need to be taken into account. These methods might be - skipped, to avoid the possibility that an external user pretends to be a thing registry to hijack new Things installed into the network. -

@@ -573,7 +585,7 @@ @@ -585,7 +597,7 @@ ]]> @@ -611,7 +623,7 @@ @@ -631,7 +643,7 @@ @@ -643,7 +655,7 @@ ]]> @@ -665,7 +677,7 @@ @@ -677,7 +689,7 @@ ]]> @@ -722,7 +734,7 @@ @@ -741,7 +753,7 @@ @@ -764,7 +776,7 @@ @@ -778,7 +790,7 @@ @@ -791,7 +803,7 @@ @@ -806,7 +818,7 @@ @@ -818,7 +830,7 @@ @@ -835,7 +847,7 @@ @@ -848,7 +860,7 @@ ]]>

@@ -868,7 +880,7 @@ ]]> @@ -881,7 +893,7 @@ ]]> @@ -893,7 +905,7 @@ ]]> @@ -903,7 +915,7 @@ @@ -918,7 +930,7 @@ @@ -926,7 +938,7 @@ ]]>

@@ -935,7 +947,7 @@ @@ -948,7 +960,7 @@ ]]> @@ -956,37 +968,33 @@

Up to this point only basic configuration and ownership and visibility of a Thing has been covered. For more advanced operations, a Thing might be required to use a Provisioning Server to whom it can delegate trust and allow making decisions, controlling access rights and privileges for the Thing, as described in &xep0324;. - If a Provisioning Server is not preconfigured, one must be found. The following lists methods to obtaining the JID for the Provisioning Server. Note that the last two - have security considerations that need to be taken into account. + If a Provisioning Server is not preconfigured, one must be found. The following lists methods to obtaining the JID for the Provisioning Server.

  1. - Preconfigured JID to Provisioning Server. + Preconfigured Component Address of Provisioning Server. A Component address is normally a subdomain to the domain of the XMPP Server that hosts the component.
  2. - Preconfigured user name only, on the same XMPP domain as the XMPP Server connected to. + Preconfigured bare JID of Provisioning Server.
  3. - The XMPP Server itself can be a Provisioning Server. This can be found out by sending a discovery request to the server, - as described in Determining Support. + Preconfigured subdomain part of Component Address. This will be added to the domain of the XMPP Server used to connet to. +
    4. +
  4. + Preconfigured user name of JID. This will be added to the domain of the XMPP Server used to connected to.
  5. The Thing Registry itself can be a Provisioning Server. This can be found out by sending a discovery request to the Thing Registry, as described in Determining Support.
  6. - The Owner itself can be a Provisioning Server. This can be found out by sending a discovery request to the Thing Registry, + The Owner itself can be a Provisioning Server. This can be found out by sending a discovery request to the Owner, as described in Determining Support.
  7. - Search for accounts on the XMPP server with nick-name "provisioning". Search is performed using &xep0055; + Searching through Server Components on the XMPP Server currently connected to, as described in Determining Support.
-

- Note: The above methods might yield multiple JIDs. Each should in turn be checked if the support the discovery extension. - Note also that the last two have security considerations that need to be taken into account. These methods might be - skipped, to avoid the possibility that an external user pretends to be a thing registry to hijack new Things installed into the network. -

@@ -1012,7 +1020,7 @@ @@ -1030,7 +1038,7 @@ @@ -1046,7 +1054,7 @@ ]]> @@ -1058,7 +1066,7 @@ @@ -1074,7 +1082,7 @@ @@ -1216,7 +1224,7 @@ @@ -1244,7 +1252,7 @@ @@ -1268,7 +1276,7 @@ @@ -1302,7 +1310,7 @@ ]]> @@ -1315,7 +1323,7 @@ ]]> @@ -1326,7 +1334,7 @@ ]]> @@ -1339,7 +1347,7 @@ ]]> @@ -1352,7 +1360,7 @@ ]]> @@ -1363,7 +1371,7 @@ @@ -1378,7 +1386,7 @@ @@ -1393,7 +1401,7 @@ @@ -1405,7 +1413,7 @@ @@ -1418,7 +1426,7 @@ ]]>

@@ -1429,7 +1437,7 @@ ]]> @@ -1445,32 +1453,99 @@

- -]]> + + + ]]> - - ... - - ... - -]]> + + + ... + + ... + + ]]>

- In order for an application to determine whether an entity supports this protocol, where possible it SHOULD use the dynamic, presence-based profile of service discovery defined - in &xep0115;. However, if an application has not received entity capabilities information from an entity, it SHOULD use explicit service discovery instead. + To search for a Thing Registry hosted as a component on an XMPP Server, you first request a list of available components, as follows:

+ + + + ]]> + + + + + ... + + ... + + ]]> + +

+ If components (items) are supported, a request for available components is made: +

+ + + + ]]> + + + + + ... + + ... + + ]]> + +

+ The client then loops through all components (items) and checks what features they support, until a Thing Registry is found: +

+ + + + ]]> + + + + + ... + + ... + + ]]> + + +

+ A client must treat the connection between a Thing Registry differently if it is hosted as a client, having a JID, or if it is hosted as a Jabber Server Component. + If it is hosted as a server component, there's no need for the thing to become friends with the Thing Registry. Messages and requests can be made directly to the + server component without having to add it to the roster or request presence subscriptions. If the Thing Registry is hosted as a client, having a JID (@ in the address), + the Thing Registry must be added to the roster of the client before the client can communicate with the Thing Registry. +

+

This document does not limit the number or names of tags used by Things to register meta information about themselves. However, it provides some general limits and defines @@ -1613,6 +1688,28 @@ + +

+ The &xep0114; provides an elegant way to introduce external services as server components using a third port into the server (the first two being the client-to-server port + and the server-to-server port). But since XEP-0114 is historical, meaning it is not guaranteed to conform to v1.0 of the XMPP specification, it has some serious security + issues: +

+
    +
  1. It lacks SSL/TLS support, or the starttls element to switch to TLS after connecting. This makes it possible to sniff traffic in this port.
    2. +
  2. It lacks SASL authentication. Instead a simple handshake is performed
    3. +
  3. There is no way to actually verify that the server is the server. This makes it possible to create a simple Man-in-the-middle attack.
    4. +
+

+ For these reasons, it is not recommended that a Thing Registry service, publishing itself as a Jabber Server Component, does so from outside of the network. Instead, + the Thing Registry should be installed on the same server or on a server in the same local area network, so that the Jabber Component protocol port is closed to the + Internet. +

+

+ Since it is not guaranteed that an XMPP Server operator allows installation of third party products (such as a Thing Registry), the option to host a Thing Registry using + a normal JID is still available. It can be used in proof of concepts, etc. For scalability issues it is recommended that the Thing Registry be hosted as a Jabber Server + Component when the population of Things grows. +

+

If using predefined user names when searching for a Thing Registry or Provisioning Server, care must be taken to which XMPP Server things connect. @@ -1621,14 +1718,6 @@ sure the things cannot be hijacked.

- -

- If searching for accounts with predefined nick names when searching for a Thing Registry or Provisioning Server, care must be taken to which XMPP Server things connect. - It might be possible for third parties to register accounts with similar nicknames and pretend to be a Thing Registry or Provisioning Server and in this way hijack unsuspecting Things. - If installing things using this method of finding a Thing Registry or Provisioning Server, care must be taken so that undesired third parties are not allowed to create accounts - on the server. -

-

The combination of visible key meta information (perhaps in a visible QR-code) and a factory default reset button on a Thing, opens up the possibility to hijack the Thing. @@ -1894,7 +1983,7 @@

- Thanks to Henrik Svedlund, Ivan Vučica, Joachim Lindborg, Joakim Eriksson, Joakim Ramberg, Johannes Hund, Karin Forsell, Kevin Smith, Lars Åkerskog, Olof Zandrén, + Thanks to Henrik Svedlund, Ivan Vučica, Joachim Lindborg, Joakim Eriksson, Joakim Ramberg, Johannes Hund, Karin Forsell, Kevin Smith, Lance Stout, Lars Åkerskog, Olof Zandrén, Philipp Hancke, Steffen Larsen, Teemu Väisänen and Yusuke Doi for all valuable feedback.