For security reasons, actively discouraged use of the password element; specified use of publish-subscribe private information nodes as the preferred storage mechanism; cleaned up the text and examples.
Per a vote of the Jabber Council, changed status to Active; also added XML schema.
Re-focused to document only the existing protocol in use.
Typos, etc...
Initial version.
For ease-of-use in a Jabber client, it is desirable to have a way to store shortcuts to various services and resources (such as conference rooms and web pages) as "bookmarks" that can be displayed in the user's client. Several Jabber clients have already agreed on and implemented a method to provide this service; that informal agreement is documented and expanded upon in this document. In particular, we introduce the <storage/> element (qualified by the 'storage:bookmarks' namespace) as a container for this sort of this data. While bookmarks data can be stored using any XML storage mechanism, this document recommends one method that is specific to XMPP.
A storage element qualified by the 'storage:bookmarks' namespace may contain a collection of child elements, each representing a bookmark to be displayed in a client. At present, only two sub-elements are defined: <conference/> for bookmarking of Multi-User Chat (XEP-0045)
All child elements allow a 'name' attribute, which is the friendly name by which they will be displayed in the client. If an element lacks a 'name' attribute, the client SHOULD generate an appropriate substitution based on the other available data.
A common use case is bookmarking of multi-user chat rooms. A room is bookmarked using the <conference/> child element. The syntax is as follows.
Element or Attribute | Definition | Datatype | Inclusion |
---|---|---|---|
'autojoin' attribute | Whether the client should automatically join the conference room on login. | boolean defaulting to false |
OPTIONAL |
'jid' attribute | The JabberID of the chat room. | string | REQUIRED |
'name' attribute | A friendly name for the bookmark. | string | RECOMMENDED |
<nick/> element | The user's preferred roomnick for the chatroom. | string | OPTIONAL |
<password/> element | Unencrypted string for the password needed to enter a password-protected room. For security reasons, use of this element is NOT RECOMMENDED. | string | NOT RECOMMENDED |
Note: The datatypes are as defined in XML Schema Part 2
This bookmark would be displayed as 'Council of Oberon' and, if activated, would attempt to join the conference room 'council@conference.underhill.org' with nickname 'Puck'.
Note: A bookmark set may contain any number of conference rooms.
The <url/> element is designed for bookmarking web pages, i.e., HTTP or HTTPS URLs. The syntax is as follows.
Attribute | Definition | Datatype | Inclusion |
---|---|---|---|
'name' attribute | A friendly name for the bookmark. | string | RECOMMENDED |
'url' attribute | The HTTP or HTTPS URL of the web page. | anyURI | REQUIRED |
When the user chooses a URL bookmark, the client should launch an appropriate browser or load the URL directly in the client (if the client is a web-client or includes web browsing functionality).
This bookmark would be displayed in the client as 'Complete Works of Shakespeare' and would take the user to <http://the-tech.mit.edu/Shakespeare/> when selected.
Note: A bookmark set can contain any number of URLs.
It is RECOMMENDED to use Publish-Subscribe (XEP-0060)
Note: In the past, Private XML Storage (XEP-0049)
The stored data is automatically pushed to all of the user's connected resources.
In order to retrieve stored data without receiving notifications (e.g., upon initial login), the user's client sends a retrieve-items request as specified in XEP-0060.
Security considerations related to object persistent via publish-subscribe are described in XEP-0060 and XEP-0223.
Use of the <password/> child of the <conference/> element is NOT RECOMMENDED, since the password could be discovered by a third party, e.g. an eavesdropper (if channel encryption is not used) or a server administrator. However, the element MAY be used in suitably secure environments (e.g., where it is known that communications will not be sent over unencrypted channels and the server administrators are trusted). Clients SHOULD NOT default to storing passwords and MUST enable users to disable any password storage.
This document requires no interaction with the Internet Assigned Numbers Authority (IANA)
No action by the XMPP Registrar
The protocol documented by this schema is defined in
XEP-0048: http://www.xmpp.org/extensions/xep-0048.html
]]>
Peter Millard, a co-author of this specification from version 0.1 through version 1.0, died on April 26, 2006.