XEP-0115: Entity Capabilities

This document defines an XMPP protocol extension for broadcasting and dynamically discovering client, device, or generic entity capabilities in a way that minimizes network impact.

NOTICE: The protocol defined herein is a Draft Standard of the XMPP Standards Foundation. Implementations are encouraged and the protocol is appropriate for deployment in production systems, but some changes to the protocol are possible before it becomes a Final Standard.

Document Information

Series: XEP
Number: 0115
Publisher: XMPP Standards Foundation
Status: Draft
Type: Standards Track
Version: 1.4
Last Updated: 2007-08-13
Approving Body: XMPP Council
Dependencies: XMPP Core, XMPP IM, XEP-0030
Supersedes: None
Superseded By: None
Short Name: caps
Schema: <http://www.xmpp.org/schemas/caps.xsd>
Wiki Page: <http://wiki.jabber.org/index.php/Entity Capabilities (XEP-0115)>

Author Information

Joe Hildebrand

Email: jhildebrand@jabber.com
JabberID: hildjj@jabber.org

Peter Saint-Andre

Email: stpeter@jabber.org
JabberID: stpeter@jabber.org

Remko Tronçon

Email: public@el-tramo.be
JabberID: public@el-tramo.be

Legal Notice

This XMPP Extension Protocol is copyright 1999 - 2007 by the XMPP Standards Foundation (XSF) and is in full conformance with the XSF's Intellectual Property Rights Policy <http://www.xmpp.org/extensions/ipr-policy.shtml>. This material may be distributed only subject to the terms and conditions set forth in the Creative Commons Attribution License (<http://creativecommons.org/licenses/by/2.5/>).

Discussion Venue

The preferred venue for discussion of this document is the Standards discussion list: <http://mail.jabber.org/mailman/listinfo/standards>.

Relation to XMPP

The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 3920) and XMPP IM (RFC 3921) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.

Conformance Terms

The following keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".

Table of Contents


1. Introduction
    1.1. Motivation
    1.2. How It Works
2. Assumptions
3. Requirements
4. Protocol
5. Generation of ver Attribute
6. Use Cases
    6.1. Advertising Capabilities
    6.2. Discovering Capabilities
    6.3. Stream Feature
7. Server Optimizations
8. Directed Presence
9. Caching
10. Security Considerations
11. IANA Considerations
12. XMPP Registrar Considerations
    12.1. Protocol Namespaces
13. XML Schema
14. Legacy Format
15. Acknowledgements
Notes
Revision History

1. Introduction

1.1 Motivation

It is often desirable for an XMPP application (commonly but not necessarily a client) to take different actions depending on the capabilities of another application from which it receives presence information. Examples include:

In the past, some Jabber clients sent one Service Discovery [6] and one Software Version [7] request to each entity from which they received presence after login. That "disco+version flood" resulted in an excessive use of bandwidth and was impractical on a larger scale, particularly for users or applications with large rosters. Therefore this document defines a more robust and scalable solution: namely, a presence-based mechanism [8] for exchanging information about entity capabilities. Clients should not engage in the older "disco+version flood" behavior and instead should use Entity Capabilities as specified herein.

1.2 How It Works

This section provides a friendly introduction to entity capabilities.

Imagine that you are a Shakespearean character named Juliet and one of your contacts, a handsome fellow named Romeo, becomes available. His client wants to publish its capabilities, and does this by adding a <c/> element with special attributes to its presence packets. As a result, your client receives the following presence packet:

<presence from='romeo@montague.lit/orchard'>
  <c xmlns='http://jabber.org/protocol/caps' 
     node='http://exodus.jabberstudio.org/#0.9.1'
     ver='8RovUdtOmiAjzj+xI7SK5BCw3A8='/>
</presence>

The 'node' attribute represents the client Romeo is using (the client identifier is an "FYI" and is not used further in Entity Capabilities). The 'ver' attribute is a specially-constructed string that represents the identity (see <http://www.xmpp.org/registrar/disco-categories.html>) and supported features (see <http://www.xmpp.org/registrar/disco-features.html>) of the entity.

At this point, your client has no idea what the capabilities are of someone with a version string '8RovUdtOmiAjzj+xI7SK5BCw3A8='. Your client therefore sends a service discovery query to Romeo, asking what his client can do.

<iq from='juliet@capulet.lit/chamber' 
    id='disco1'
    to='romeo@montague.lit/orchard' 
    type='get'>
  <query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>

The response is:

<iq from='romeo@montague.lit/orchard' 
    id='disco1'
    to='juliet@capulet.lit/chamber' 
    type='result'>
  <query xmlns='http://jabber.org/protocol/disco#info'>
    <identity category='client' type='pc'/>
    <feature var='http://jabber.org/protocol/disco#info'/>
    <feature var='http://jabber.org/protocol/disco#items'/>
    <feature var='http://jabber.org/protocol/muc'/>
  </query>
</iq>

At this point, your client knows that anyone advertising a version string of '8RovUdtOmiAjzj+xI7SK5BCw3A8=' has a client that can do Multi-User Chat [9] and the other features returned by Romeo's client (the string can be relied upon because of how it is generated and checked as explained later in this document). Your client remembers this information, so that it does not need to explicitly query the capabilities of a contact with the same version string. For example, Benvolio may send you the following presence:

<presence from='benvolio@capulet.lit/230193'>
  <c xmlns='http://jabber.org/protocol/caps' 
     node='http://psi-im.org/#0.11'
     ver='8RovUdtOmiAjzj+xI7SK5BCw3A8='/>
</presence>

Now your client automatically knows that Benvolio can do MUC, without needing to ask him explicitly via service discovery.

On the other hand, for a person with the following presence ...

<presence from='nurse@capulet.lit/chamber'>
  <c xmlns='http://jabber.org/protocol/caps' 
     node='http://psi-im.org/#0.10'
     ver='uCoVCteRe3ty2wU2gHxkMaA7xhs='/>
</presence>

... or the following presence ...

<presence from='bard@shakespeare.lit/globe'>
  <c xmlns='http://jabber.org/protocol/caps' 
     node='http://www.chatopus.com/#2.2'
     ver='zHyEOgxTrkpSdGcQKH8EFPLsriY='/>
</presence>

... you have no information about what this contact's client is capable of unless you have cached previous entity capabilities information; therefore you need to query for capabilities explicitly again via service discovery.

2. Assumptions

This document makes several assumptions:

3. Requirements

The protocol defined herein addresses the following requirements:

  1. Clients must be able to participate even if they support only XMPP Core [10], XMPP IM [11], and XEP-0030.
  2. Clients must be able to participate even if they are on networks without connectivity to other XMPP servers, services offering specialized XMPP extensions, or HTTP servers. [12]
  3. Clients must be able to retrieve information without querying each user.
  4. Since presence is normally broadcasted to many users, the byte size of the proposed extension must be as small as possible.
  5. It must be possible to write a XEP-0045 server implementation that passes the given information along.
  6. It must be possible to publish a change in capabilities within a single presence session.
  7. Server infrastructure above and beyond that defined in XMPP Core and XMPP IM must not be required for this approach to work, although additional server infrastructure may be used for optimization purposes.

4. Protocol

Entity capabilities are encapsulated in a <c/> element qualified by the 'http://jabber.org/protocol/caps' namespace. The attributes of the <c/> element are as follows.

Table 1: Attributes

Name Definition Inclusion
ext A set of nametokens specifying additional feature bundles; this attribute is deprecated. OPTIONAL
hash The hashing algorithm used in generated the 'ver' attribute (see IANA Hash Function Textual Names Registry [14]); the value defaults to "sha-1". OPTIONAL
node A unique identifier for the software underlying the entity, typically a URL at the website of the project or company that produces the software. although this information is an "FYI" in the current version of entity capabilities, it is required for backward-compatibility with older versions. It is RECOMMENDED for the value to identify both the software product and the released version in the form "ProductURL#Version", such as "http://psi-im.org/#0.11". REQUIRED
ver A string that specifies the identity and supported features of the entity. [15] REQUIRED

5. Generation of ver Attribute

In order to help prevent poisoning of entity capabilities information, the value of the 'ver' attribute MUST be generated according to the following method.

Note: All sorting operations MUST be performed using "i;octet" collation as specified in Section 9.3 of RFC 4790 [16].

  1. Initialize an empty string S.
  2. Sort the service discovery identities by category and then by type (if it exists), formatted as 'category' '/' 'type'.
  3. For each identity, append the 'category/type' to S, followed by the '<' character.
  4. Sort the supported features.
  5. For each feature, append the feature to S, followed by the '<' character.
  6. Compute ver by hashing S using the SHA-1 algorithm as specified in RFC 3174 [17] (with binary output) and encoding the hash using Base64 as specified in Section 4 of RFC 4648 [18] (note: the Base64 output MUST NOT include whitespace and MUST set padding bits to zero). [19]

For example, consider an entity whose service discovery category is "client", whose service discovery type is "pc", and whose supported features are "http://jabber.org/protocol/disco#info", "http://jabber.org/protocol/disco#items", and "http://jabber.org/protocol/muc". The value of the 'ver' attribute would be generated as follows:

  1. S = ''
  2. Only one identity: "client/pc"
  3. S = 'client/pc<'
  4. Sort the features: "http://jabber.org/protocol/disco#info", "http://jabber.org/protocol/disco#items", "http://jabber.org/protocol/muc".
  5. S = 'client/pc<http://jabber.org/protocol/disco#info<http://jabber.org/protocol/disco#items<http://jabber.org/protocol/muc<'
  6. ver = 8RovUdtOmiAjzj+xI7SK5BCw3A8=

6. Use Cases

6.1

Each time a conformant entity sends presence, it annotates that presence with an entity identifier ('node' attribute) and identity and feature identifier ('ver' attribute). In order that servers can remember the last presence for use in responding to probes, the client SHOULD include entity capabilities with every presence change.

If the supported features change during a client's presence session (e.g., a user installs an updated version of a client plugin), the application MUST recompute the 'ver' attribute and SHOULD send a new presence broadcast.

Example 1. Annotated presence sent

<presence>
  <c xmlns='http://jabber.org/protocol/caps'
     node='http://exodus.jabberstudio.org/#0.9.1'
     ver='8RovUdtOmiAjzj+xI7SK5BCw3A8='/>
</presence>

6.2 Discovering Capabilities

An application can learn what features another entity supports by sending a disco#info request (see XEP-0030) to any entity that sent a particular value of the ver attribute.

Example 2. Disco#info request

<iq from='juliet@capulet.lit/balcony' 
    id='disco1'
    to='romeo@montague.lit/orchard' 
    type='get'>
  <query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>

The entity then returns all of the capabilities it supports.

Example 3. Disco#info response

<iq from='romeo@montague.lit/orchard' 
    id='disco1'
    to='juliet@capulet.lit/balcony' 
    type='result'>
  <query xmlns='http://jabber.org/protocol/disco#info'/>
    <identity category='client' type='pc'/>
    <feature var='http://jabber.org/protocol/disco#info'/>
    <feature var='http://jabber.org/protocol/disco#items'/>
    <feature var='http://jabber.org/protocol/muc'/>
  </query>
</iq>

The client MUST check the identities and supported features against the 'ver' value by calculating the hash as described under Generating the ver Attribute and making sure that the values match. If the values do not match, the client MUST NOT accept or cache the 'ver' value as reliable and SHOULD check the value of another user who advertises that value (if any). This helps to prevent poisoning of entity capabilities information.

6.3 Stream Feature

A server MAY include its own entity capabilities in a stream feature element so that connecting clients and peer servers do not need to send service discovery requests each time they connect:

Example 4. Stream feature element including capabilities

<stream:features>
  <c xmlns='http://jabber.org/protocol/caps'
     node='http://jabberd.org/entity'
     ver='ItBTI0XLDFvVxZ72NQElAzKS9sU='>
</stream:features>

7. Server Optimizations

A server that is managing an entity's presence session MAY choose to optimize traffic through the server. In this case, the server MAY strip off redundant capabilities annotations. Because of this, receivers of annotations MUST NOT expect an annotation on every presence packet they receive. If the server wants to perform this traffic optimization, it MUST ensure that the first presence each subscriber receives contains the annotation. The server MUST also ensure that any changes in the annotation (e.g., an updated 'ver' attribute)(e.g., an updated 'ver' attribute) are sent to all subscribers.

A client MAY query the server using disco#info to determine if the server supports the 'http://jabber.org/protocol/caps' feature. If so, the server MUST perform the optimization delineated above, and the client MAY choose to send the capabilities annotation only on the first presence packet, as well as whenever its capabilities change.

Example 5. Disco#info request for server optimization

<iq from='juliet@capulet.lit/balcony'
    to='capulet.lit'
    type='get'>
  <query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>

<iq from='capulet.lit'
    to='juliet@capulet.lit/balcony'
    type='result'>
  <query xmlns='http://jabber.org/protocol/disco#info'>
    ...
    <feature var='http://jabber.org/protocol/caps'/>
    ...
  </query>
</iq>

8. Directed Presence

If two entities exchange messages but they do not normally exchange presence (i.e., via presence subscription), the entities MAY choose to send directed presence to each other, where the presence information SHOULD be annotated with the same capabilities information as each entity sends in broadcasted presence. If capabilities information has not been received from another entity, an application MUST assume that the other entity does not support capabilities.

9. Caching

An application that accepts entity capabilities information SHOULD cache associations between the 'ver' attribute and discovered features within the scope of one presence session and MAY cache such associations across sessions. This obviates the need for extensive service discovery requests within a session or at the beginning of a session.

10. Security Considerations

Use of the protocol specified in this document might make some client-specific forms of attack slightly easier, since the attacker could more easily determine the type of client being used. However, since most clients respond to Service Discoery and Software Version requests without performing access control checks, there is no new vulnerability. Entities that wish to restrict access to capabilities information SHOULD use Server-Based Privacy Rules [20] to define appropriate communications blocking (e.g., an entity MAY choose to allow IQ requests only from "trusted" entities, such as those with whom it has a subscription of "both").

Adherence to the algorithm defined in the Generation of ver Attribute section of this document for both generation and checking of the 'ver' attribute helps to guard against poisoning of entity capabilities information by malicious or improperly implemented entities.

11. IANA Considerations

This document requires no interaction with the Internet Assigned Numbers Authority (IANA) [21].

12. XMPP Registrar Considerations

12.1 Protocol Namespaces

The XMPP Registrar [22] includes 'http://jabber.org/protocol/caps' in its registry of protocol namespaces (see <http://www.xmpp.org/registrar/namespaces.html>).

13. XML Schema

<?xml version='1.0' encoding='UTF-8'?>

<xs:schema
    xmlns:xs='http://www.w3.org/2001/XMLSchema'
    targetNamespace='http://jabber.org/protocol/caps'
    xmlns='http://jabber.org/protocol/caps'
    elementFormDefault='qualified'>

  <xs:annotation>
    <xs:documentation>
      The protocol documented by this schema is defined in
      XEP-0115: http://www.xmpp.org/extensions/xep-0115.html
    </xs:documentation>
  </xs:annotation>

  <xs:element name='c'>
    <xs:complexType>
      <xs:simpleContent>
        <xs:extension base='empty'>
          <xs:attribute name='ext' type='xs:NMTOKENS' use='optional'/>
          <xs:attribute name='hash' type='xs:NMTOKEN' use='optional' default='sha-1'/>
          <xs:attribute name='node' type='xs:string' use='required'/>
          <xs:attribute name='ver' type='xs:string' use='required'/>
        </xs:extension>
      </xs:simpleContent>
    </xs:complexType>
  </xs:element>

  <xs:simpleType name='empty'>
    <xs:restriction base='xs:string'>
      <xs:enumeration value=''/>
    </xs:restriction>
  </xs:simpleType>

</xs:schema>

14. Legacy Format

Before Version 1.4 of this specification, the 'ver' attribute was generated differently and the 'ext' attribute was used more extensively. For historical purposes, Version 1.3 of this specification is archived at <http://www.xmpp.org/extensions/attic/xep-0115-1.3.html>. For backward-compatibility with the legacy format, the 'node' attribute is REQUIRED and the 'ext' attribute MAY be included.

15. Acknowledgements

Thanks to Rachel Blackman, Dave Cridland, Richard Dobson, Sergei Golovan, Justin Karneges, Jacek Konieczny, Ian Paterson, Kevin Smith, Tomasz Sterna, and Michal Vaner for comments and suggestions.

Notes

1. XEP-0071: XHTML-IM <http://www.xmpp.org/extensions/xep-0071.html>.

2. XEP-0166: Jingle <http://www.xmpp.org/extensions/xep-0166.html>.

3. XEP-0167: Jingle Audio via RTP <http://www.xmpp.org/extensions/xep-0167.html>.

4. XEP-0096: File Transfer <http://www.xmpp.org/extensions/xep-0096.html>.

5. XEP-0060: Publish-Subscribe <http://www.xmpp.org/extensions/xep-0060.html>.

6. XEP-0030: Service Discovery <http://www.xmpp.org/extensions/xep-0030.html>.

7. XEP-0092: Software Version <http://www.xmpp.org/extensions/xep-0092.html>.

8. This proposal is not limited to clients, and can be used by any entity that exchanges presence with another entity, e.g., a gateway. However, this document uses the example of clients throughout.

9. XEP-0045: Multi-User Chat <http://www.xmpp.org/extensions/xep-0045.html>.

10. RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core <http://tools.ietf.org/html/rfc3920>.

11. RFC 3921: Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence <http://tools.ietf.org/html/rfc3921>.

12. These first two requirements effectively eliminated Publish-Subscribe [13] as a possible implementation of entity capabilities.

13. XEP-0060: Publish-Subscribe <http://www.xmpp.org/extensions/xep-0060.html>.

14. IANA registry of Hash Function Textual Names <http://www.iana.org/assignments/hash-function-text-names>.

15. Before version 1.4 of this specification, the 'ver' attribute was used to specify the released version of the software; however, the values of the 'ver' attribute that result from use of the algorithm specified since version 1.4 are backward-compatible with the legacy approach.

16. RFC 4790: Internet Application Protocol Collation Registry <http://tools.ietf.org/html/rfc4790>.

17. RFC 3174: US Secure Hash Algorithm 1 (SHA1) <http://tools.ietf.org/html/rfc3174>.

18. RFC 4648: The Base16, Base32, and Base64 Data Encodings <http://tools.ietf.org/html/rfc4648>.

19. The OpenSSL command for producing such output is "echo -n 'S' | openssl dgst -binary -sha1 | openssl enc -nopad -base64".

20. XEP-0016: Server-Based Privacy Rules <http://www.xmpp.org/extensions/xep-0016.html>.

21. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols, such as port numbers and URI schemes. For further information, see <http://www.iana.org/>.

22. The XMPP Registrar maintains a list of reserved protocol namespaces as well as registries of parameters used in the context of XMPP extension protocols approved by the XMPP Standards Foundation. For further information, see <http://www.xmpp.org/registrar/>.

Revision History

Version 1.4 (2007-08-13)

In response to persistent security concerns over caps poisoning, redefined ver attribute to be a hash of the service discovery identity and features in a way that is backward-compatible with the legacy format.

(psa/jjh)

Version 1.3 (2007-04-10)

Added developer-friendly introduction; specified that ext names must be stable across application versions; further clarified examples; added stream feature use case; removed message example (send directed presence instead).

(psa/rt/jjh)

Version 1.2 (2007-02-15)

Clarified motivation and handling of service discovery requests.

(psa)

Version 1.1 (2004-10-29)

Clarified meaning of service discovery results for client#ver and client#ext.

(psa)

Version 1.0 (2004-08-01)

Per a vote of the Jabber Council, advanced status to Draft.

(psa)

Version 0.7 (2004-06-29)

Added several items to the Security Considerations; clarified naming requirements regarding 'node', 'ver', and 'ext' attributes.

(jjh/psa)

Version 0.6 (2004-04-25)

Made a number of editorial adjustments.

(psa)

Version 0.5 (2004-01-05)

Specified that the protocol can be used whenever presence is used (e.g., by gateways); improved the XML schema; made several editorial adjustments.

(psa)

Version 0.4 (2003-09-04)

IQ eets must be to a resource, since they are intended to go to a particular session.

(jjh)

Version 0.3 (2003-09-02)

Servers MUST strip extras changed to MAY, due to implementer feedback.

(jjh)

Version 0.2 (2003-08-28)

Add more clarifying assumptions and requirements, make it clear that clients don't have to send capabilities every time if the server is optimizing.

(jjh)

Version 0.1 (2003-08-27)

Initial version.

(jjh)

END