2. Extensible Messaging and Presence
Protocol (XMPP)
• A communication protocol based on XML.
• Designed to be extensible.
• Jeremie Miller began working on the Jabber technology in 1998.
(Originally named Jabber)
2
1999~2000
RFC 3920
RFC 3921
2011
RFC 6120
RFC 6121
RFC 6122
2015
RFC 7622
11. Stream Negotiation - Presence
11
<presence ….>
<show/>
</presence>
TC
P
sean@cyberlink.com cyberlink.co
m
12. Stream Negotiation - iq
12
<iq id=“1” type=“get”>
…
</iq>
TC
P
sean@cyberlink.com cyberlink.co
m
<iq id=“1” type=“result”>
…
</iq>
type: get, set, result, error
13. Stream Negotiation - message
13
<message….>
Hello
</message>
TC
P
sean@cyberlink.com cyberlink.co
m
14. Stream Negotiation – Close Stream
14
</stream>
TC
P
sean@cyberlink.com cyberlink.co
m
</stream>
15. Client Server Communication Overview
15
<?xml version='1.0'?>
<stream
from=“samo@cyberlink.com”
to=“cyberlink.com”>
<presence
…>Online</presence>
<iq …>…</iq>
<message
…>Hello</message>
</stream>
16. Authentication for XMPP
• Transport Layer Security (TLS)
▫ Secure the stream from tampering and eavesdropping.
▫ MUST send a new initial stream header after finish.
• Simple Authentication and Security Layer (SASL)
▫ Authenticate a stream. (U: base64(id+token))
▫ MUST send a new initial stream header after finish.
16
17. Cryptography
• Symmetric
▫ Use the same key for encrypt/decrypt.
▫ Security: Poor
▫ Performance: Good
• Asymmetric
▫ Use public key for encryption and use private for decryption.
▫ Security: Good
▫ Performance: Poor
17
35. Restarts
• On successful negotiation of a feature that necessitates a stream
restart, both parties MUST consider the previous stream to be
replaced but MUST NOT send a closing </stream> tag and MUST
NOT terminate the underlying TCP connection.
• The initiating entity then MUST send a new initial stream header.
35
42. Currently Design for U
• Remove the mechanism of RESTART.
• Add <CLResumed/> for doing SASL and binding again after reconnecting.
42
43. CLResume: server give info
43
<clresumed xmlns="urn:xmpp:custom:resume"
status="success"
sessionid="g2gEbQAAAAYzMTgwMDFtAAAAD3UuY3liZXJsa
W5rLmNvbW0AAAAkRjg5MjlFMzctRTAwMi00QzdGLTlEOTgt
RjkxNTFGNUQ3NEI5aANiAAAFkmIACeRcYgAM3cE="
expiration="2592000"/>
TC
P
sean@cyberlink.com cyberlink.co
m
46. XMPP Connection Steps w/o clresume
C -> S stream
C <- S stream / feature:starttls
C -> S starttls
C <- S proceed
C <> S tls handshake
C -> S stream
C <- S stream / feature:sasl
C -> S auth
C <- S auth
C -> S stream
C <- S stream / feature:bind
C -> S bind
C <- S bind
47. XMPP Connection Steps w/ clresume
(not resume case)
C -> S stream
C <- S stream / feature:starttls
C -> S starttls
C <- S proceed
C <> S tls handshake
C -> S stream
C <- S stream / feature:sasl
C -> S auth
C <- S auth
C -> S stream
C <- S stream / feature:bind
C -> S bind
C <- S bind
C <- S clresume
48. XMPP Connection Steps w/ CLResume
(resume case)
C -> S stream
C <- S stream / feature:starttls
C -> S starttls
C <- S proceed
C <> S tls handshake
C -> S stream
C <- S stream / feature:sasl
C -> S clresume
C <- S clresume