XMPP Compliance Suites 2020

%ents; Support can be enabled via an external component or an internal server module/plugin. If claiming compliance using such an addition, the necessary components/modules/plugins MUST be detailed."> Support for the Entity Use Cases and Occupant Use Cases is REQUIRED; support for the remaining use cases is RECOMMENDED."> Only one of the recommended providers must be implemented for compliance."> Not required for command line or terminal based interfaces."> While 'User Avatars' is more modern, 'vCard-Based Avatars' is more widely deployed. Although it is suggested that to maximise interoperability with existing software a client fully supports both it is sufficient to claim compliance with this suite if the support for 'vCard-Based Avatars' is read-only."> While 'Personal Eventing Protocol' does not require all the features of 'Publish-Subscribe' to be available on the users' JIDs, and nor does this suite, it is desirable for this to be the case and it is expected that this will a requirement of future Compliance Suites."> ]>

XMPP Compliance Suites 2020 This document defines XMPP application categories for different use cases (Core, Web, IM, and Mobile), and specifies the required XEPs that client and server software needs to implement for compliance with the use cases. &LEGALNOTICE; 0423 Obsolete Standards Track Standards RFC 6120 RFC 6121 RFC 7395 RFC 7590 RFC 7622 XEP-0030 XEP-0045 XEP-0048 XEP-0049 XEP-0084 XEP-0085 XEP-0114 XEP-0115 XEP-0124 XEP-0163 XEP-0191 XEP-0198 XEP-0206 XEP-0223 XEP-0249 XEP-0280 XEP-0313 XEP-0352 XEP-0368 XEP-0412 CS2020 Georg Lukas georg@op-co.de georg@yax.im 1.0.0 2019-11-07 mb

Update to Draft as per council vote on 2019/11/07.

0.3.0 2019-11-06 gl

Update with LC feedback

IM Category:
- Core Client: moved &xep0066; and &xep0385; out to "Specifications of note"
- Advanced Client: moved &xep0392; out to "Specifications of note"
- Specification of note: added &xep0077; and &xep0157;, &xep0392;, &xep0066; and &xep0385;
Mobile Category:
- Core Mobile: moved &xep0286; out to "Specification of note"
- Specification of note: added &xep0286;
Web Category:
- Advanced Web: added &xep0156;
Future developments: added &xep0333; and &xep0420;

0.2.0 2019-10-15 gl

Update before LC:

IM Category:
- Core Client: added &xep0245;; File Upload: &xep0066; and optionally &xep0385;
- Core Client and Server: added &xep0363;
- Advanced Client: added &xep0234;, &xep0261;, &xep0392;
- Advanced Client and Server: added &xep0411;
Mobile Category:
- Core Mobile: added &xep0286;

0.1.0 2019-09-11 XEP Editor (jsc) Accepted by vote of Council on 2019-09-11. 0.0.1 2018-12-08 jsc

First draft based on XEP-0412. Non-editorial Changes:

Added "Future Development" section

There is a growing number of XMPP Extension Protocols (XEPs) that provide different building blocks for XMPP-based applications. XMPP software developers are confronted with the challenge of finding the right combination of XEPs for a given application profile. Users need a way to compare applications without resorting to comparing for individual XEP numbers.

This document defines XMPP application Categories based on typical use cases (Core, Web, IM, Mobile) and Levels (Core, Advanced) based on functionality in the respective category. For each combination of those, the required XEPs are referenced. As the protocol landscape changes over time, this document is updated roughly once a year.

For developers, this document provides guidance on which specifications they need to consider when implementing an application of a certain kind. By completing a compliance test or performing a self-assessment, they can advertise their implementation as compliant with a given Category and Level.

For users, this provides an easy way to compare implementations based on their respective advertised compliance levels and year.

Unless explicitly noted, support for the listed specifications is REQUIRED for compliance purposes. A feature is considered supported if all comma separated feature providers listed in the "Providers" column are implemented (unless otherwise noted).

The following changes were made to the Compliance Suites since &xep0412;:

IM Category:
- Core Client: added &xep0245;
- Core Client and Server: added &xep0363;
- Advanced Client: added &xep0234;, &xep0261;
- Advanced Client and Server: added &xep0411;
- Specifications of note: added &xep0077; and &xep0157;, &xep0392;, &xep0066; and &xep0385;
Mobile Category:
- Specifications of note: added &xep0286;
Web Category:
- Advanced Web: added &xep0156;

Feature	Core Server	Core Client	Advanced Server	Advanced Client	Providers
Core features	&yes;	&yes;	&yes;	&yes;	&rfc6120; &rfc7622; is not listed due to the unclear interoperability impact of using PRECIS and Stringprep in the same ecosystem.
TLS	&yes;	&yes;	&yes;	&yes;	&rfc7590;
Direct TLS	&no;	&no;	&yes;Server support of XEP-0368 means having the ability to accept direct TLS connections.	&yes;	&xep0368;
Feature discovery	&yes;	&yes;	&yes;	&yes;	&xep0030;
Feature broadcasts	&no;	&yes;	&yes;	&yes;	&xep0115;
Server Extensibility	&yes;	N/A	&yes;	N/A	&xep0114;
Event publishing	&no;	&no;	&yes;&pubsubjid;	&yes;	&xep0163;

To be considered XMPP web compliant, all features from the core compliance category must be met, as well as all features in this suite.

Feature	Core Server	Core Client	Advanced Server	Advanced Client	Providers
Web Connection Mechanisms	&yes;&component;	&yes;&onlyone;	&yes;&component;	&yes;&onlyone;	&rfc7395;, &xep0206; (See also: &xep0124;)
Connection Mechanism Discovery	&no;	&no;	N/A	&yes;	&xep0156;

To be considered XMPP IM compliant, all features from the core compliance category must be met, as well as all features in this suite.

Feature	Core Server	Core Client	Advanced Server	Advanced Client	Providers
Core features	&yes;	&yes;	&yes;	&yes;	&rfc6121;
The /me Command	N/A	&yes;	N/A	&yes;	&xep0245;
User Avatars	N/A	&no;	N/A	&yes;&nocli;	&xep0084;
User Avatar Compatibility	&no;	&no;	&yes;	&yes;&nocli;	&xep0398;, &xep0153;
vcard-temp	&yes;	&yes;	&yes;	&yes;	&xep0054;
Outbound Message Synchronization	&yes;	&yes;	&yes;	&yes;	&xep0280;
User Blocking	&no;	&no;	&yes;	&yes;	&xep0191;
Group Chat	&yes;&component;	&yes;&usecases;	&yes;&component;	&yes;&usecases;	&xep0045;Implementations should take note that future versions of these compliance suites may rely on &xep0369; instead., &xep0249;
Advanced Group Chat	&no;	&no;	&yes;&component;	&yes;	&xep0048;, &xep0313;Support for requesting history from a MUC archive as opposed to from the user's account., &xep0410;, &xep0411;
Persistent Storage of Private Data via PubSub	&no;	&no;	&yes;&component;	&yes;	&xep0223;
Private XML Storage	&no;	&no;	&yes;&component;	&yes;	&xep0049; (only recommended for legacy bookmarks support)
Stream Management	&no;	&no;	&yes;	&yes;	&xep0198;
Message Acknowledgements	N/A	&no;	N/A	&yes;	&xep0184;
History Storage / Retrieval	&no;	&no;	&yes;	&yes;	&xep0313;
Chat States	N/A	&no;	N/A	&yes;	&xep0085;
Message Correction	N/A	&no;	N/A	&yes;	&xep0308;
File Upload	&yes;&component;	&yes;	&yes;&component;	&yes;	&xep0363;
Direct File Transfer	N/A	&no;	N/A	&yes;	&xep0234;, &xep0261;

Further specifications of note, which are not required for compliance:

For public IM networks: &xep0077; (should be supported, but not enabled in default server configurations) and &xep0157;
File uploads should be indicated using &xep0066;, optionally also using &xep0385;
&xep0392; for cross-client consistency of user names

To be considered XMPP mobile compliant, all features from the core compliance category must be met, as well as all features in this suite.

Feature	Core Server	Core Client	Advanced Server	Advanced Client	Providers
Stream Management	&yes;	&yes;	&yes;	&yes;	&xep0198;
Client State Indication	&yes;	&yes;	&yes;	&yes;	&xep0352;
Third Party Push Notifications	&no;	&no;	&yes;&component;	&yes;Only on platforms that disallow long-lasting background connections.	&xep0357;

Further specifications of note, which are not required for compliance:

&xep0286;

This section outlines the protocol specifications that are relevant for developers, but are not ready yet to be required for Compliance. Developers are encouraged to implement those and to share their experience and feedback.

Client connection optimizations: &xep0386; and &xep0409;, maybe also &xep0397;
&xep0333;
&xep0369;
End-to-End Encryption (E2EE): &xep0380; for tagging encrypted messages, &xep0420; to protect all payloads; and also one or multiple of the following for actual encryption:
- &xep0384; and &xep0396;
- &xep0374;
&xep0402; to phase out &xep0048;, &xep0049;, and &xep0411;
&xep0225; to phase out &xep0114;
&xep0390; to phase out &xep0115;

Some of the protocol specifications referenced herein have their own dependencies; developers need to consult the relevant specifications for further information.

This document introduces no additional security considerations above and beyond those defined in the documents on which it depends.

This document requires no interaction with &IANA;.

This document requires no interaction with the ®ISTRAR;.

The author would like to thank Guus der Kinderen, Dele Olajide, Marc Laporte, Dave Cridland, Daniel Gultsch, Florian Schmaus, Tobias Markmann, and Jonas Schäfer for their suggestions.