Generalized text regarding inclusion of parameters in type attribute per RFC 2045; added max-age attribute, matching semantics from RFC 2965; added section on caching of data; more clearly specified generation of Content-ID.
When one party sends a data element to another party, it SHOULD NOT include the data itself unless the data is particularly small (e.g., less than 1k) or is ephemeral and therefore will never be used again. Instead, it SHOULD send an empty <data/> element with a 'cid' attribute, then depend on the receiving party to retrieve the data if not cached.
+As a hint regarding the suggested period for caching the data, the sending party SHOULD include a 'max-age' attribute whenever it sends a non-empty <data/> element. The semantics of the 'max-age' attribute exactly matches that of the Max-Age attribute from RFC 2965.
+It is RECOMMENDED for the receiving entity to cache data; however, the receiving entity MAY opt not to cache data, for example because it runs on an a device that does not have sufficient space for data storage.
+The default behavior is for the receiving entity to cache the data only for the life of the entity's application session (not a controlling user's presence session with the server or the controlling user's communication session with the contact from whom the user received the data); that is, the receiving entity would clear the cache when the application is terminated or restarted.
+If it is not suggested to cache the data (e.g., because it is ephemeral), the value of the 'max-age' attribute MUST be "0" (the number zero).
+A receiving entity MUST cache based on the JID of the sending entity; this helps to prevent certain data poisoning attacks.
+The <data/> element can be used in conjunction with &xep0071; and the cid: URL scheme to point to binary data that is provided in-band within a &MESSAGE; stanza.
@@ -135,6 +157,7 @@ iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKCAYAAACNMs+9AAAABGdBTUEAALGP C/xhBQAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9YGARc5KB0XV+IA @@ -180,8 +203,7 @@ - [ ... base64-encoded-audio ... ] + type='audio/ogg; codecs=speex'/> ]]> @@ -204,6 +226,7 @@ name='image.png'> iVBORw0KGgoAAAANSUhEUgAAADkAAABACAIAAAAvV0jbAAAACXBIWXMAAA4mAAAOJgGi7yX8AAAc SUlEQVRogX2aeYwlx33fv31V39d78+Y+d/a+eZMizcukKFlmTB2GEcmypQSJ7SBSnAOG4QAJEhix @@ -370,6 +393,7 @@ iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKCAYAAACNMs+9AAAABGdBTUEAALGP C/xhBQAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9YGARc5KB0XV+IA @@ -388,6 +412,7 @@The ability to include arbitrary binary data implies that it is possible to send scripts, applets, images, and executable code, which may be potentially harmful. To reduce the risk of such exposure, an implementation MAY choose to not display or process such data but instead either completely ignore the data, show only the value of the 'alt' attribute, or prompt a human user for approval (either explicitly via user action or implicitly via a list of approved entities from whom the user will accept binary data without per-event approval).
+The receiving entity SHOULD cache data based on the sender's JabberID; this helps to avoid data poisoning attacks.
Thanks to Rachel Blackman, Dave Cridland, and Tomasz Sterna for their feedback.
+Thanks to Rachel Blackman, Dave Cridland, Pavel Šimerda, and Tomasz Sterna for their feedback.