%ents; ]>
Best Practice for Closing Idle Streams This document specifies best practice for closing an idle XMPP stream. &LEGALNOTICE; 0190 Experimental Informational Standards JIG XMPP Core N/A Carlo von Loesch lynX@jabber.getting.psyced.org lynX@ve.symlynX.com 0.1 2006-07-26 psa

Initial version.

0.0.2 2006-06-30 cvl Second draft. 0.0.1 2006-05-31 cvl First draft.
&RFC3920BISNOTE;

RFC 3920 offers several ways on how to terminate an XMPP stream, but doesn't always make a clear statement which one to take. This can lead to faulty implementations. In particular, closing a stream that hasn't been in use for a while is very often achieved using a connection-timeout error, then closing the socket. This can lead to loss of data. Therefore this document proposes a practice that will avoid such data loss. Note: The recommendation described herein has been incorporated into rfc3920bis.

As shown in the basic "session" example in the Simplified Stream Examples (4.8 of RFC 3920), it is a valid transaction to close the outgoing stream by sending ]]> then wait for the other entity to close its stream, like this: ]]> and shut down the underlying TCP connection.

This will ensure that, should the other entity have transmitted any data, it will arrive and be processed before the TCP connection is terminated.

Special care MUST be taken that under no circumstance further packets may be written to the socket after the stream was closed, until the other side shuts down the socket.

On the outgoing TCP connection you MAY do a read-only shutdown of the socket, as long as the other side will safely be able to send its stream termination token.

In case the other entity fails to close the stream within a reasonable time frame, the entity that started the handshake is entitled to terminate the TCP connection. Since the stream has already been closed, it is correct not to produce an error condition.

Please update your implementations to use the 'Handshake Stream Shutdown' strategy when shutting down streams you no longer need.

Even not to shut down idle streams at all is a better strategy than to shut them down by creating an error condition, so if your application has no necessity for shutting down idle connections, just don't do it.

This proposal introduces no new security aspects.

This proposal requires no interaction with &IANA;.

This proposal requires no interaction with the ®ISTRAR;.