Different implementations of XMPP-IM servers store user data in various ways, and many implementations have more than one storage format. This leads to problems when a server administrator wants to switch to another implementation or storage format -- the implementation is as likely as not to have an import mechanism that can read the user data in its current form. This document attempts to solve that problem by defining a common file format for import and export of user data in XMPP-IM servers.
The following constraints are imposed on this standard:
The file format is XML-based.
XMPP-IM servers already have tools to process XML data. This also allows extension of the format using namespaces. Furthermore, some of the data that needs to be stored is by definition already in XML form.
The data layout is flexible.
The data is contained in a single XML document; however, it can be split into several files using XInclude [1].
All user data is stored, but no server configuration data.
User data has similar form throughout the XMPP world, but server configuration is implementation-specific. Therefore this specification does not attempt to transfer any aspects of the server configuration from one server to another.
Furthermore, the contents of MUC, Pubsub and other services are out of scope for this specification.
Multiple virtual hosts are supported.
Many server implementations can serve several hostnames in a single server instance. Thus this specification allows storing data from several virtual hosts.
Data is contained in an XML document, whose root element is <server-data/> qualified by the 'urn:xmpp:pie:0' namespace (see Protocol Namespaces regarding issuance of one or more permanent namespaces).
At any point in the file, an exporting server may put elements qualified by a namespace not mentioned in this specification. The exported data SHOULD be meaningful without the extensions. An importing server that encounters a namespace that it doesn't understand, or otherwise is unable to import all given data, SHOULD ignore the unknown data, SHOULD notify the operator, and MAY offer to terminate the process.
At any point in the file, an exporting server may put an XInclude <include/> element; see Use of XInclude.
The child elements of the <server-data/> elements are <host/> elements. Each <host/> element describes a virtual host, and has a 'jid' attribute that contains its JID.
An importing server MAY automatically adjust its list of virtual hosts to fit the ones present in the data being imported. If it does not, it SHOULD notify the operator about any mismatch.
Each user is represented by a <user/> element under the <host/> element. The <user/> element MUST have a 'name' attribute, which contains the node part of the user's JID.
If the plaintext password of the user is known, it MAY be included in the 'password' attribute, although this is not recommended from a security perspective. For more information see Security Considerations. See also the SCRAM credentials section for an alternative.
Authentication secrets may be included that allow for authentication using the SCRAM family of mechanisms, as defined in RFC 5802 [2].
Each set of credentials should be encapsulated within a <scram-credentials/> element in the 'urn:xmpp:pie:0#scram' namespace, and contained within the relevant <user/> element. The element should have a 'mechanism' attribute specifying the registered name of the mechanism that the credentials are used for (always without the "-PLUS" suffix), e.g. 'SCRAM-SHA-1'. The element MUST contain a single occurrence of each of the following child elements:
There may be multiple occurrences of <scram-credentials/> for a single user, however they MUST all have a unique 'mechanism' attribute.
Be aware of the Security Considerations when including credentials in a data export. Even though SCRAM credentials are stored in a hashed form, leaking them still allows an attacker to impersonate the user to other servers employing the same SCRAM parameters, and it also allows for offline dictionary or brute-force attacks.
Each <user/> element SHOULD contain the user's roster in the form of a <query/> element qualified by the 'jabber:iq:roster' namespace. This element contains the user's roster in the same format as when retrieving the roster from the server, as described in section 7.3 of XMPP IM [3].
If the exporting server stores messages received while the user was offline, it SHOULD include an <offline-messages/> element as a child of the <user/> element. This element contains all the stored messages to the user, if any, as <message/> elements qualified by the 'jabber:client' namespace, starting with the oldest.
Private data stored by the server as specified in Private XML Storage (XEP-0049) [4] is represented in this format by including a <query/> element qualified by the 'jabber:iq:private' namespace as a child of the <user/> element. This <query/> element in turn contains all elements saved in private XML storage.
By vcard-temp (XEP-0054) [5], users can store vCards on the server. In this specification, vCards are child elements of the <user/> element, namely a <vCard/> element qualified by the 'vcard-temp' namespace.
Privacy lists, as specified in Privacy Lists (XEP-0016) [6], are represented in this format by including a <query/> element qualified by the 'jabber:iq:privacy' namespace as a child of the <user/> element. This element should contain all privacy lists associated with the user. A default privacy list, if set, is specified by including a <default/> element as a child of the <query/> element.
Each <user/> element SHOULD contain pending incoming subscription requests associated with the user's account. Incoming subscription requests are represented by including <presence/> elements qualified by the 'jabber:client' namespace with the 'type' attribute set to a value of 'subscribe' as children of the <user/> element.
A user's PEP data (as defined in Personal Eventing Protocol (XEP-0163) [7]) SHOULD be included if known.
Node configuration and the actual node data are encapsulated separately, as described below. A typical export that contains both node configuration and the actual data contained within the node, will include two <pubsub/> elements (qualified by different namespaces).
Many server implementations include support for additional pubsub features from Publish-Subscribe (XEP-0060) [8] beyond those required by XEP-0163. This specification aims to preserve this additional data also, when it is present and supported by both servers.
Within the <user/> element there should be a single <pubsub/> element qualified by the 'http://jabber.org/protocol/pubsub#owner' namespace (note the '#owner' suffix). Within this element, there MUST be one <configure/> element for each exported node, with the node's name in the 'node' attribute. There MAY be additional elements included, at most one per node of each kind: <subscriptions/> and <affiliations>, following the syntax defined in XEP-0060.
The format of the <configure/> is a Data Forms (XEP-0004) [9] data form, typically containing the fields documented in XEP-0060, encoding the configuration of the named node.
As a general rule, importers SHOULD ignore node configuration options that the target server implementation doesn't recognise, to allow porting data between different implementations even in the presence of custom extensions. Exceptions to this requirement may be made for imports that are expected to be lossless, for example if the user has specifically requested a lossless import, or if the importer recognises certain configuration fields as critical to protect the node's security or integrity.
Within the <user/> element there should be a single <pubsub/> element qualified by the 'http://jabber.org/protocol/pubsub' namespace (note the lack of any suffix). Within this element, there MUST be one <items/> element for each exported node, with the node's name in the 'node' attribute.
Any node listed in this element MUST have a corresponding configuration included as described in the previous section.
Each <items> element MUST contain zero or more <item/> elements as defined by XEP-0060.
This example demonstrates an export for a user who has two nodes: a private bookmarks node with two bookmarks, and a public nickname node containing a single item.
A user's Message Archive Management (XEP-0313) [10] message archive MAY be included in an export. If included, they MUST be formatted as a series of XEP-0313 <result/> elements within an <archive/> element qualified by the 'urn:xmpp:pie:0#mam' namespace. The result elements MUST be in chronological order (from oldest to newest).
An exporting server may split the data in several files by using the XInclude <include/> element. An importing server MUST support <include/> elements having an 'href' attribute containing a relative URI, having no 'parse' attribute, and having no 'xpointer' attribute; it MAY support other kinds of <include/> elements. An exporting server SHOULD NOT include and an importing server SHOULD NOT process <include/> elements which are descendants, but not children of the <user/> element (since these may be part of user data).
If an exporting server chooses to split the data into several files, it SHOULD use the following scheme:
The main file contains the <server-data/> element, which contains nothing but one <include/> element for each host. The file included for a certain host is placed in the same directory as the main file, and is named by appending ".xml" to the JID of the host, e.g. "capulet.com.xml".
Each host file contains a <host/> element, which contains nothing but one <include/> element for each user of the host. The file included for a certain user is placed in a subdirectory whose name is the JID of the host, and is named by appending ".xml" to the node part of the user's JID, e.g. "capulet.com/juliet.xml".
Each user file contains a <user/> element, and includes all data relating to that user.
The definition of JIDs ensures that this generates valid file names on traditional Unix-like file systems, except for possible length constraints. However, various constraints may force an exporting server to alter this scheme. In any case, the importing server MUST NOT rely on this layout, but MUST do proper XInclude processing.
Exported data files are to be handled with care, since they contain data that users expect to be protected, in particular passwords. An exporting server SHOULD make sure that the generated file is not accessible to unauthorized persons, e.g. by enforcing strict file permissions. It may also apply suitable encryption before storing or transmitting the data.
XInclude <include/> elements which are indirect descendants of the <user/> element SHOULD be treated as opaque user data, and SHOULD NOT be processed.
This document requires no interaction with the Internet Assigned Numbers Authority (IANA) [11].
This specification defines the following XML namespace:
The XMPP Registrar [12] includes the foregoing namespace in its registry at <https://xmpp.org/registrar/namespaces.html>, as described in Section 4 of XMPP Registrar Function (XEP-0053) [13].
If the protocol defined in this specification undergoes a revision that is not fully backwards-compatible with an older version, the XMPP Registrar shall increment the protocol version number found at the end of the XML namespaces defined herein, as described in Section 4 of XEP-0053.
This document in other formats: XML PDF
This XMPP Extension Protocol is copyright © 1999 – 2020 by the XMPP Standards Foundation (XSF).
Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.
## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. ##
In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.
This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which can be found at <https://xmpp.org/about/xsf/ipr-policy> or obtained by writing to XMPP Standards Foundation, P.O. Box 787, Parker, CO 80134 USA).
The HTML representation (you are looking at) is maintained by the XSF. It is based on the YAML CSS Framework, which is licensed under the terms of the CC-BY-SA 2.0 license.
The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 6120) and XMPP IM (RFC 6121) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.
The primary venue for discussion of XMPP Extension Protocols is the <standards@xmpp.org> discussion list.
Discussion on other xmpp.org discussion lists might also be appropriate; see <https://xmpp.org/about/discuss.shtml> for a complete list.
Errata can be sent to <editor@xmpp.org>.
The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".
1. XML Inclusions (XInclude) 1.0 <http://www.w3.org/TR/xinclude/>.
2. RFC 5802: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms <http://tools.ietf.org/html/rfc5802>.
3. RFC 6121: Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence <http://tools.ietf.org/html/rfc6121>.
4. XEP-0049: Private XML Storage <https://xmpp.org/extensions/xep-0049.html>.
5. XEP-0054: vcard-temp <https://xmpp.org/extensions/xep-0054.html>.
6. XEP-0016: Privacy Lists <https://xmpp.org/extensions/xep-0016.html>.
7. XEP-0163: Personal Eventing Protocol <https://xmpp.org/extensions/xep-0163.html>.
8. XEP-0060: Publish-Subscribe <https://xmpp.org/extensions/xep-0060.html>.
9. XEP-0004: Data Forms <https://xmpp.org/extensions/xep-0004.html>.
10. XEP-0313: Message Archive Management <https://xmpp.org/extensions/xep-0313.html>.
11. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols, such as port numbers and URI schemes. For further information, see <http://www.iana.org/>.
12. The XMPP Registrar maintains a list of reserved protocol namespaces as well as registries of parameters used in the context of XMPP extension protocols approved by the XMPP Standards Foundation. For further information, see <https://xmpp.org/registrar/>.
13. XEP-0053: XMPP Registrar Function <https://xmpp.org/extensions/xep-0053.html>.
Note: Older versions of this specification might be available at https://xmpp.org/extensions/attic/
Discourage use of 'password', provide a way to include SCRAM credentials, PEP nodes and message archives.
Per a vote of the XMPP Council, advanced specification from Experimental to Draft; simultaneously the XMPP Registrar issued a namespace of "urn:xmpp:pie:0".
Modified to include feedback received during the initial Last Call. Added sections for privacy lists and incoming subscriptions, as well as text on XInclude security.
Use XInclude.
Initial published version.
Initial version.
@report{henoch2007pie, title = {Portable Import/Export Format for XMPP-IM Servers}, author = {Henoch, Magnus and Hussain, Waqas and Wild, Matthew}, type = {XEP}, number = {0227}, version = {1.1}, institution = {XMPP Standards Foundation}, url = {https://xmpp.org/extensions/xep-0227.html}, date = {2007-07-27/2021-06-02}, }
END