1. XMPP? ¶

XML based Messaging Protocol (Instant Messaging, Presence Information)

• Open standard
• Open or Free implementation and Source
• Proposed Standard (RFC 3920, RFC 3921) (Proposed Standard -> Draft Standard -> Internet Standard)
• XSF (XMPP Standard Foundation)
• Thousands of server, 10 million of user (Google talk)

2. History ¶

• Jabber protocol
• XMPP standard
• google talk

3. Standard ¶

The four specifications produced by the XMPP WG were approved by the IESG as Proposed Standards in 2004.

• RFC3920, Extensible Messaging and Presence(XMPP):Core
  • XMPP Messaging Basic
  • Connection, Stream, Encryption, Authentication, Stanza
• RFC3921, Extensible Messaging and Presence(XMPP):Instant Messaging and Presence
  • Instant Messaging
• RFC3922, Mapping the Extensible Messaging and Presence Protocol to Common Presence and Instant Messaging
  • interoperability with CPIM
• RFC3923, End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol
  • End-to-End message encryption with S/MIME
  • Conflict to PGP (Defacto)

Not All RFCs are Standards

• Informational
• Experimental
• Standards
  • Proposed Standard
  • Draft Standard
  • Internet Standard

4. Strength and Weakness ¶

• Strength
  • Decentralization : like SMTP
  • Open Standard : no royalty
  • Security : TLS / SASL
  • Flexibility : inherit the flexibility of XML
• Weakness
  • Presence data overhead : inter server communication
  • Scalability : duplication problem in multi-user chat or publish/subscribe
  • No binary data : XMPP stream is XML Document. (base64 or use other protocol like http)

5. Feature ¶

5.1 Architecture ¶

Client <--> Server <--> Server <--> Gateway <--> Other IM <--> Client

• Server : Manage xml stream and session, transfer XML Stanza
• Gateway : Translate to XMPP, Translate to other protocol
• Client

5.2 JID ¶

• Jabber ID
• user@domain/resource
• like not Cyworld but SMTP
• Enable Decentralization

5.3 XML Streams ¶

• <stream></stream>
• Container of XML Element (Stanza)
• Encrypted with TLS, Authorized with SASL

5.4 Stanza ¶

• Discrete semantic unit of structured information.
• Basic Semantics
  • Message : Message
  • Presence : Entity's status information, subscribe/push
  • IQ(Info/Query) : get/result, set/result (get, set, result, error)
• Attribute
  • to
  • from
  • id
  • type
  • xml:lang

5.5 Security ¶

1. TLS : Transport Layer Security
   • Channel encryption
   • Public key infrastructure / digital certificates
2. SASL : Simple Authentication and Security Layer
   • Stream Authentication
   • Mechanism : External, Anonymous, PLAIN, DIGEST-MD5

5.6 HTTP binding ¶

• For user in firewall.
• Model
  1. Polling
  2. Push(Binding)
     • BOSH : Bidirectional-streams Over Synchronous HTTP
     • <body> envelope, XML Stanza => HTTP Request / Response
       • Comet : endless http response
       • BOSH : continuous http request

5.6 Multimedia interaction ¶

Jingle ( Jabber + Google ?)

• Google with XMPP Standard Foundation
• Media transfer via RTP (voice, video)
• ICE for NAT traversal (used in SIP-based VoIP)

6. Stream Example ¶

6.1 Basic session ¶

   C: <?xml version='1.0'?>
      <stream:stream
          to='example.com'
          xmlns='jabber:client'
          xmlns:stream='http://etherx.jabber.org/streams'
          version='1.0'>
   S: <?xml version='1.0'?>
      <stream:stream
          from='example.com'
          id='someid'
          xmlns='jabber:client'
          xmlns:stream='http://etherx.jabber.org/streams'
          version='1.0'>
   ...  encryption, authentication, and resource binding ...
   C:   <message from='juliet@example.com'
                 to='romeo@example.net'
                 xml:lang='en'>
   C:     <body>Art thou not Romeo, and a Montague?</body>
   C:   </message>
   S:   <message from='romeo@example.net'
                 to='juliet@example.com'
                 xml:lang='en'>
   S:     <body>Neither, fair saint, if either thee dislike.</body>
   S:   </message>
   C: </stream:stream>
   S: </stream:stream>

6.2 "session" gone bad ¶

   C: <?xml version='1.0'?>
      <stream:stream
          to='example.com'
          xmlns='jabber:client'
          xmlns:stream='http://etherx.jabber.org/streams'
          version='1.0'>
   S: <?xml version='1.0'?>
      <stream:stream
          from='example.com'
          id='someid'
          xmlns='jabber:client'
          xmlns:stream='http://etherx.jabber.org/streams'
          version='1.0'>
   ...  encryption, authentication, and resource binding ...
   C: <message xml:lang='en'>
        <body>Bad XML, no closing body tag!
      </message>
   S: <stream:error>
       <xml-not-well-formed
           xmlns='urn:ietf:params:xml:ns:xmpp-streams'/>
      </stream:error>
   S: </stream:stream>

6.3 TLS Negotiation ¶

// Client initiates stream to server:
C: <stream:stream
       xmlns='jabber:client'
       xmlns:stream='http://etherx.jabber.org/streams'
       to='example.com'
       version='1.0'>

// Server responds by sending a stream tag to client:
S: <stream:stream
       xmlns='jabber:client'
       xmlns:stream='http://etherx.jabber.org/streams'
       id='c2s_123'
       from='example.com'
       version='1.0'>

// Server sends the STARTTLS extension to client along with
// authentication mechanisms and any other stream features:
S: <stream:features>
     <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
       <required/>
     </starttls>
     <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
       <mechanism>DIGEST-MD5</mechanism>
       <mechanism>PLAIN</mechanism>
     </mechanisms>
   </stream:features>

// Client sends the STARTTLS command to server:
C: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>

// Server informs client that it is allowed to proceed:
S: <proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>

// C/S: TLS negotiation
...

// If TLS negotiation is successful, client initiates a new stream to server:
C: <stream:stream
       xmlns='jabber:client'
       xmlns:stream='http://etherx.jabber.org/streams'
       to='example.com'
       version='1.0'>

6.4 SASL Negotiation ¶

// Client initiates stream to server:
C: <stream:stream
       xmlns='jabber:client'
       xmlns:stream='http://etherx.jabber.org/streams'
       to='example.com'
       version='1.0'>

// Server responds with a stream tag sent to client:
S:  <stream:stream
       xmlns='jabber:client'
       xmlns:stream='http://etherx.jabber.org/streams'
       id='c2s_234'
       from='example.com'
       version='1.0'>

// Server informs client of available authentication mechanisms:
S: <stream:features>
     <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
       <mechanism>DIGEST-MD5</mechanism>
       <mechanism>PLAIN</mechanism>
     </mechanisms>
   </stream:features>


// Client selects an authentication mechanism:
C: <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl'
         mechanism='DIGEST-MD5'/>

// Server sends a [BASE64] encoded challenge to client:
S: <challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
   cmVhbG09InNvbWVyZWFsbSIsbm9uY2U9Ik9BNk1HOXRFUUdtMmhoIixxb3A9ImF1dGgi
   LGNoYXJzZXQ9dXRmLTgsYWxnb3JpdGhtPW1kNS1zZXNzCg==
   </challenge>
// realm="somerealm",nonce="OA6MG9tEQGm2hh",\
// qop="auth",charset=utf-8,algorithm=md5-sess

// Client sends a [BASE64] encoded response to the challenge:
C: <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
   dXNlcm5hbWU9InNvbWVub2RlIixyZWFsbT0ic29tZXJlYWxtIixub25jZT0i
   T0E2TUc5dEVRR20yaGgiLGNub25jZT0iT0E2TUhYaDZWcVRyUmsiLG5jPTAw
   MDAwMDAxLHFvcD1hdXRoLGRpZ2VzdC11cmk9InhtcHAvZXhhbXBsZS5jb20i
   LHJlc3BvbnNlPWQzODhkYWQ5MGQ0YmJkNzYwYTE1MjMyMWYyMTQzYWY3LGNo
   YXJzZXQ9dXRmLTgK
   </response>
// username="somenode",realm="somerealm",\
// nonce="OA6MG9tEQGm2hh",cnonce="OA6MHXh6VqTrRk",\
// nc=00000001,qop=auth,digest-uri="xmpp/example.com",\
// response=d388dad90d4bbd760a152321f2143af7,charset=utf-8

// Server sends another [BASE64] encoded challenge to client:
S: <challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
   cnNwYXV0aD1lYTQwZjYwMzM1YzQyN2I1NTI3Yjg0ZGJhYmNkZmZmZAo=
   </challenge>
//   rspauth=ea40f60335c427b5527b84dbabcdfffd

// Client responds to the challenge:
C: <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>

// Server informs client of successful authentication:
S: <success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
  
// Client initiates a new stream to server:
C: <stream:stream
       xmlns='jabber:client'
       xmlns:stream='http://etherx.jabber.org/streams'
       to='example.com'
       version='1.0'>

// Server responds by sending a stream header to client along
// with any additional features (or an empty features element):
S: <stream:stream
       xmlns='jabber:client'
       xmlns:stream='http://etherx.jabber.org/streams'
       id='c2s_345'
       from='example.com'
       version='1.0'>
   <stream:features>
     <bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'/>
     <session xmlns='urn:ietf:params:xml:ns:xmpp-session'/>
   </stream:features>

6.5 Transmittion stanzas with BOSH ¶

POST /webclient HTTP/1.1
Host: httpcm.jabber.org
Accept-Encoding: gzip, deflate
Content-Type: text/xml; charset=utf-8
Content-Length: 188

<body rid='1249243562'
      sid='SomeSID'
      xmlns='http://jabber.org/protocol/httpbind'>
  <message to='contact@example.com'
           xmlns='jabber:client'>
    <body>I said "Hi!"</body>
  </message>
  <message to='friend@example.com'
           xmlns='jabber:client'>
    <body>I said "Hi!"</body>
  </message>
</body>

7.Reference ¶

• http://en.wikipedia.org/wiki/XMPP
• http://www.xmpp.org/
• http://tools.ietf.org/html/rfc3920
• http://tools.ietf.org/html/rfc3921
• http://www.xmpp.org/extensions/xep-0124.html