XEP-0247: Jingle XML Streams

Copyright (c) 1999 - 2009 XMPP Standards Foundation. See Legal Notices.

This specification defines a Jingle application type for establishing direct or mediated XML streams between two entities over any reliable transport. This technology thus enables two entities to establish a trusted connection for end-to-end encryption or for bypassing server limits on large volumes of XMPP traffic.

WARNING: This Standards-Track document is Experimental. Publication as an XMPP Extension Protocol does not imply approval of this proposal by the XMPP Standards Foundation. Implementation of the protocol described herein is encouraged in exploratory implementations, but production systems should not deploy implementations of this protocol until it advances to a status of Draft.

Table of Contents


1. Introduction
2. How It Works
3. Implementation Notes
    3.1. Mandatory to Implement Technologies
    3.2. Preference Order of Transport Methods
4. Security Considerations
5. IANA Considerations
6. XMPP Registrar Considerations
    6.1. Protocol Namespaces
    6.2. Jingle Application Formats
7. XML Schema

Appendices
    A: Document Information
    B: Author Information
    C: Legal Notices
    D: Relation to XMPP
    E: Discussion Venue
    F: Requirements Conformance
    G: Notes
    H: Revision History

1. Introduction

The standard client-server architecture for XMPP communication provides a stable infrastructure for real-time communication. However, there are certain situations in which it is desirable to bypass the standard client-server architecture, including:

The first situation is addressed by Link-Local Messaging [1]. However, if the endpoints already have client-to-server connections but wish to bypass those connections or leverage those streams for a higher-level application such as end-to-end encryption, it is desirable for the two endpoints to negotiate an end-to-end XML stream. This specification defines methods for doing so, where the application format is an XML stream and the transport method is any direct or mediated reliable transport, such as In-Band Bytestreams [2] (mediated), SOCKS5 Bytestreams [3] (direct or mediated), or a future ice-tcp Jingle transport (direct or mediated) based on TCP Candidates with Interactive Connectivity Establishment (ICE) [4].

2. How It Works

This section provides a friendly introduction to Jingle XML streams.

First, the party that wishes to initiate the stream determines the responder's capabilities (via Service Discovery [5] or Entity Capabilities [6]). Here we assume that the responder supports a service discovery feature of 'urn:xmpp:tmp:jingle:apps:xmlstream' (see Protocol Namespaces regarding issuance of one or more permanent namespaces) corresponding to the Jingle XML stream functionalited defined herein, as well as the 'urn:xmpp:tmp:jingle:transports:bytestreams' and 'urn:xmpp:tmp:jingle:transports:ibb' features currently defined in Jingle File Transfer [7].

The initiator then sends a Jingle session-initiation request to the responder. The content-type of the request specifies two things:

  1. An application type of "urn:xmpp:tmp:jingle:apps:xmlstream" (see Protocol Namespaces regarding issuance of one or more permanent namespaces), where the <description/> element specifies parameters for the XML stream and the parameters map to those provided in Stanza Session Negotiation [8] in a way that is consistent with Encrypted Session Negotiation [9].

  2. Options for the reliable transport method, such as In-Band Bytestreams ("IBB") as defined in XEP-0047 or SOCKS5 Bytestreams ("S5B") as defined in XEP-0065.

In this example, the initiator is <alice@example.org>, the responder is <bob@example.com>, and the initiation request specifies Alice's desired stream parameters along with a transport method of "bytestreams" (i.e., XEP-0065).

The flow is as follows.

 Alice                          Bob
   |                             |
   |   session-initiate          |
   |---------------------------->|
   |   ack                       |
   |<----------------------------|
   |   [ SOCKS5 negotiation ]    |
   |<--------------------------->|
   |   session-accept            |
   |<----------------------------|
   |   ack                       |
   |---------------------------->|
   |   [ XML stream ]            |
   |---------------------------->|
   |   terminate                 |
   |<----------------------------|
   |   ack                       |
   |---------------------------->|
   |                             |

First the initiator sends a Jingle session-initiate.

Example 1. Initiator sends session-initiate

<iq from='alice@example.org/foo'
    id='jingle1'
    to='bob@example.com/bar'
    type='set'>
  <jingle xmlns='urn:xmpp:tmp:jingle'
          action='session-initiate'
          initiator='alice@example.org/foo'
          sid='851ba2'>
    <content creator='initiator' name='xmlstream'>
      <description 
          xmlns='urn:xmpp:tmp:jingle:apps:xmlstream'
          authentication='optional'
          disclosure='never'
          logging='mustnot'
          tls='required'/>
      <transport xmlns='urn:xmpp:tmp:jingle:transports:bytestreams'/>
    </content>
  </jingle>
</iq>

The responder immediately acknowledges receipt of the Jingle session-initiate.

Example 2. Responder acknowledges session-initiate

<iq from='bob@example.com/bar'
    id='jingle1'
    to='alice@example.org/foo'
    type='result'/>

The initiator then attempts to initiate a SOCKS5 Bytestream with the responder.

Example 3. Initiation of Interaction

<iq type='set' 
    from='alice@example.org/foo' 
    to='bob@example.com/bar' 
    id='initiate'>
  <query xmlns='http://jabber.org/protocol/bytestreams' 
         sid='mySID' 
	 mode='tcp'>
    <streamhost 
        jid='alice@example.org/foo' 
        host='192.168.4.1' 
        port='5086'/>
    <streamhost 
        jid='streamhostproxy.example.net' 
        host='24.24.24.1' 
        zeroconf='_jabber.bytestreams'/>
  </query>
</iq>

If the responder is willing to accept the bytestream, it MUST attempt to open a standard TCP socket on the network address of the StreamHost communicated by the initiator. If the initiator provides more than one StreamHost, the responder SHOULD try to connect to them in the order they occur.

If the responder is able to open a TCP socket on a StreamHost, it MUST utilize the SOCKS5 protocol specified in RFC 1928 [10] to establish the connection with the StreamHost.

Example 4. Responder Connects to StreamHost

CMD = X'01'
ATYP = X'03'
DST.ADDR = SHA1 Hash of: (SID + Initiator JID + Responder JID)
DST.PORT = 0

Example 5. StreamHost Acknowledges Connection

STATUS = X'00'

After the responder has authenticated with the StreamHost, it MUST send an IQ-result to the initiator indicating which StreamHost was used.

Example 6. Responder Notifies Initiator of Connection

<iq type='result' 
    from='bob@example.com/bar' 
    to='alice@example.org/foo' 
    id='initiate'>
  <query xmlns='http://jabber.org/protocol/bytestreams'>
    <streamhost-used jid='streamhostproxy.example.net'/>
  </query>
</iq>

The responder then sends a Jingle session-accept.

Example 7. Responder sends session-accept

<iq from='bob@example.com/bar'
    id='accept1'
    to='alice@example.org/foo'
    type='set'>
  <jingle xmlns='urn:xmpp:tmp:jingle'
          action='session-accept'
          initiator='alice@example.org/foo'
          sid='851ba2'>
    <content creator='initiator' name='xmlstream'>
      <description 
          xmlns='urn:xmpp:tmp:jingle:apps:xmlstream'
          authentication='optional'
          disclosure='never'
          logging='mustnot'
          tls='required'/>
      <transport xmlns='urn:xmpp:tmp:jingle:transports:bytestreams'/>
    </content>
  </jingle>
</iq>

The initiator acknowledges the Jingle session-accept.

Example 8. Initiator acknowledges session-accept

<iq from='bob@example.com/bar'
    id='accept1'
    to='alice@example.org/foo'
    type='result'/>

Now the parties start an XML stream over the negotiated bytestream, following the recommendations in End-to-End XML Streams [11].

3. Implementation Notes

3.1 Mandatory to Implement Technologies

All implementations MUST support the In-Band Bytestreams transport method as a reliable method of last resort. An implementation SHOULD support other transport methods as well.

3.2 Preference Order of Transport Methods

An application MAY present transport methods in any order, except that the In-Band Bytestreams method MUST be the lowest preference.

4. Security Considerations

In order to secure the e2e XML stream, implementations SHOULD use the standard STARTTLS method defined in XMPP Core but MAY instead use a TLS encrypted port that provides immediate encryption rather than upgrading of the stream via STARTTLS.

5. IANA Considerations

No interaction with the Internet Assigned Numbers Authority (IANA) [12] is required as a result of this document.

6. XMPP Registrar Considerations

6.1 Protocol Namespaces

Until this specification advances to a status of Draft, its associated namespaces shall be 'urn:xmpp:tmp:jingle:apps:xmlstream'. Upon advancement of this specification, the XMPP Registrar [13] shall issue a permanent namespace in accordance with the process defined in Section 4 of XMPP Registrar Function [14]. The namespace 'urn:xmpp:jingle:apps:xmlstream' is requested and is thought to be unique per the XMPP Registrar's requirements.

6.2 Jingle Application Formats

The XMPP Registrar shall include "xmlstream" in its registry of Jingle application formats. The registry submission is as follows:

<application>
  <name>xmlstream</name>
  <desc>Jingle sessions for an end-to-end XML stream</desc>
  <transport>reliable</transport>
  <doc>XEP-xxxx</doc>
</application>

7. XML Schema

<?xml version='1.0' encoding='UTF-8'?>

<xs:schema
    xmlns:xs='http://www.w3.org/2001/XMLSchema'
    targetNamespace='urn:xmpp:tmp:jingle:apps:xmlstream'
    xmlns='urn:xmpp:tmp:jingle:apps:xmlstream'
    elementFormDefault='qualified'>

  <xs:element name='description'>
    <xs:complexType>
      <xs:simpleContent>
        <xs:extension base='empty'>
          <xs:attribute name='authentication' use='required'>
            <xs:simpleType>
              <xs:restriction base='xs:NCName'>
                <xs:enumeration value='optional'/>
                <xs:enumeration value='required'/>
              </xs:restriction>
            </xs:simpleType>
          </xs:attribute>
          <xs:attribute name='disclosure' use='required'>
            <xs:simpleType>
              <xs:restriction base='xs:NCName'>
                <xs:enumeration value='disabled'/>
                <xs:enumeration value='enabled'/>
                <xs:enumeration value='never'/>
              </xs:restriction>
            </xs:simpleType>
          </xs:attribute>
          <xs:attribute name='logging' use='required'>
            <xs:simpleType>
              <xs:restriction base='xs:NCName'>
                <xs:enumeration value='may'/>
                <xs:enumeration value='mustnot'/>
              </xs:restriction>
            </xs:simpleType>
          </xs:attribute>
          <xs:attribute name='tls' use='required'>
            <xs:simpleType>
              <xs:restriction base='xs:NCName'>
                <xs:enumeration value='optional'/>
                <xs:enumeration value='required'/>
              </xs:restriction>
            </xs:simpleType>
          </xs:attribute>
        </xs:extension>
      </xs:simpleContent>
    </xs:complexType>
  </xs:element>

</xs:schema>

Appendices

Appendix A: Document Information

Series: XEP
Number: 0247
Publisher: XMPP Standards Foundation
Status: Experimental
Type: Standards Track
Version: 0.1
Last Updated: 2008-06-18
Approving Body: XMPP Council
Dependencies: XMPP Core, XEP-0047, XEP-0065, XEP-0166, XEP-0246
Supersedes: None
Superseded By: None
Short Name: NOT_YET_ASSIGNED
Source Control: HTML  RSS

Appendix B: Author Information

Peter Saint-Andre

JabberID: stpeter@jabber.org
URI: https://stpeter.im/

Justin Karneges

Email: justin@affinix.com
JabberID: justin@andbit.net

Dirk Meyer

Email: dmeyer@tzi.de
JabberID: dmeyer@jabber.org

Appendix C: Legal Notices

Copyright

This XMPP Extension Protocol is copyright (c) 1999 - 2009 by the XMPP Standards Foundation (XSF).

Permissions

Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.

Disclaimer of Warranty

## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. In no event shall the XMPP Standards Foundation or the authors of this Specification be liable for any claim, damages, or other liability, whether in an action of contract, tort, or otherwise, arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification. ##

Limitation of Liability

In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising out of the use or inability to use the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.

IPR Conformance

This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which may be found at <http://xmpp.org/extensions/ipr-policy.shtml> or obtained by writing to XSF, P.O. Box 1641, Denver, CO 80201 USA).

Appendix D: Relation to XMPP

The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 3920) and XMPP IM (RFC 3921) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.

Appendix E: Discussion Venue

The primary venue for discussion of XMPP Extension Protocols is the <standards@xmpp.org> discussion list.

Discussion on other xmpp.org discussion lists might also be appropriate; see <http://xmpp.org/about/discuss.shtml> for a complete list.

Errata may be sent to <editor@xmpp.org>.

Appendix F: Requirements Conformance

The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".

Appendix G: Notes

1. XEP-0174: Link-Local Messaging <http://xmpp.org/extensions/xep-0174.html>.

2. XEP-0047: In-Band Bytestreams <http://xmpp.org/extensions/xep-0047.html>.

3. XEP-0065: SOCKS5 Bytestreams <http://xmpp.org/extensions/xep-0065.html>.

4. TCP Candidates with Interactive Connectivity Establishment (ICE) <http://tools.ietf.org/html/draft-ietf-mmusic-ice-tcp>. Work in progress.

5. XEP-0030: Service Discovery <http://xmpp.org/extensions/xep-0030.html>.

6. XEP-0115: Entity Capabilities <http://xmpp.org/extensions/xep-0115.html>.

7. XEP-0234: Jingle File Transfer <http://xmpp.org/extensions/xep-0234.html>.

8. XEP-0155: Stanza Session Negotiation <http://xmpp.org/extensions/xep-0155.html>.

9. XEP-0116: Encrypted Session Negotiation <http://xmpp.org/extensions/xep-0116.html>.

10. RFC 1928: SOCKS Protocol Version 5 <http://tools.ietf.org/html/rfc1928>.

11. XEP-0246: End-to-End XML Streams <http://xmpp.org/extensions/xep-0246.html>.

12. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols, such as port numbers and URI schemes. For further information, see <http://www.iana.org/>.

13. The XMPP Registrar maintains a list of reserved protocol namespaces as well as registries of parameters used in the context of XMPP extension protocols approved by the XMPP Standards Foundation. For further information, see <http://xmpp.org/registrar/>.

14. XEP-0053: XMPP Registrar Function <http://xmpp.org/extensions/xep-0053.html>.

Appendix H: Revision History

Version 0.1 (2008-06-18)

Initial published version.

(psa)

Version 0.0.1 (2008-06-13)

First draft. (psa/jk/dm)

END