Extensible Messaging and Presence Protocol

Extensible Messaging and Presence Protocol (XMPP) is an open, XML-inspired protocol originally aimed at near-real-time, extensible instant messaging (IM) and presence information (a.k.a. buddy lists), but now expanded into the broader realm of message oriented middleware. [Citation | contribution-url = http://www.gnomis.org/presentasjoner/oslo2005/xmpp.pdf | contribution = XMPP as MOM | title = Greater NOrdic MIddleware Symposium (GNOMIS) | first = Leif | last = Johansson | publisher = University of Stockholm | date = 2005-04-18 | place = Oslo ] It remains the core protocol of the Jabber Instant Messaging and Presence technology. Built to be extensible, the protocol has accumulated features over time such as Voice over IP and file transfer signaling.

Unlike most instant messaging protocols, XMPP is an open standard. Like e-mail, it is an open system where anyone who has a domain name and a suitable Internet connection can run their own Jabber server and talk to users on other servers. The standard server implementations and many clients are also free and open source software.

The Internet Engineering Task Force (IETF) formed an XMPP Working Group in 2002 to formalize the core protocols as an IETF Instant Messaging and presence technology. The four specifications produced by the XMPP WG were approved by the IESG as Proposed Standards in 2004. RFC 3920 and RFC 3921 are currently undergoing revisions in preparation for advancing them to Draft Standard within the Internet Standards Process. The XMPP Standards Foundation (formerly the Jabber Software Foundation) is active in developing open XMPP extensions. Unfortunately, no Jabber technology correctly implements the RFCs in full.Fact|date=July 2008

XMPP-based software is deployed on thousands of servers across the Internet and by 2003 was used by over ten million people worldwide, according to the XMPP Standards Foundation. [cite press release | url = http://www.xmpp.org/xsf/press/2003-09-22.shtml | title = Jabber Instant Messaging User Base Surpasses ICQ | publisher = XMPP Standards Foundation | date = 2003-09-22 | accessdate = 2007-11-30 ] Popular commercial servers include the Gizmo Project and Google Talk. Popular client applications include the freeware clients offered by Google and the Gizmo Project, multi-protocol instant messengers such as iChat and Pidgin (formerly Gaim), and free dedicated clients such as Psi and Gajim. Google Talk provides XMPP gateways to its service.

History

Jeremie Miller began the Jabber project in 1998. Its first major public release occurred in May 2000. The project's main product was jabberd, a Jabber server.

This early Jabber protocol formed the basis for XMPP, published as RFC 3920. It has often been regarded as a competitor to SIMPLE, based on the SIP protocol, as the standard protocol for instant messaging and presence notification. [ [http://www.jabber.org/ Jabber Software Foundation] Renamed to [http://www.xmpp.org/ XMPP Standards Foundation] January 16, 2007 [http://www.xmpp.org/xsf/press/2007-01-16.shtml] [http://www.jabber.org/ jabber.org] is still maintained (March 2008)]

In August 2005, Google introduced Google Talk, a combination VoIP and IM system which uses XMPP for its instant messaging function and as a base for its voice and file transfer signalling protocol. The initial launch did not include server-to-server communications, but as of January 17, 2006, it had server-to-server communications enabled. [cite web
url=http://googletalk.blogspot.com/2006/01/xmpp-federation.html | title=XMPP Federation
last=Burd
first=Gary
accessdate=2007-11-30 ]

Cisco Systems announced in 2008 it was to acquire Jabber. [cite news|author=Cagel, Curt|title=Cisco Gets the XMPP Message, Buys Jabber|url=http://broadcast.oreilly.com/2008/09/cisco-gets-the-xmpp-message-bu.html|date=September 22, 2008|publisher=O'Reilly Media|accessdate=2008-09-23]

Strengths

* Decentralization : The architecture of the XMPP network is similar to email; anyone can run their own XMPP server and there is no central master server.
* Open standards : The Internet Engineering Task Force has formalized XMPP as an approved instant messaging and presence technology under the name of XMPP, and the XMPP specifications have been published as RFC 3920 and RFC 3921. No royalties are required to implement support of these specifications and their development is not tied to a single vendor.
* History : XMPP technologies have been in use since 1998. Multiple implementations of the XMPP standards exist for clients, servers, components, and code libraries, with the backing of large companies such as Sun Microsystems and Google.
* Security : XMPP servers may be isolated from the public Jabber network (e.g., on a company intranet), and robust security (via SASL and TLS) has been built into the core XMPP specifications. To encourage use of channel encryption, the [http://www.xmpp.org/ XMPP Standards Foundation] also runs an intermediate certification authority at [http://www.xmpp.net/ xmpp.net] offering free digital certificates to XMPP server administrators under the auspices of the StartCom Certification Authority (which is the root CA for the intermediate CA).
* Flexibility : Custom functionality can be built on top of XMPP; to maintain interoperability, common extensions are managed by the XMPP Software Foundation. XMPP applications beyond IM include network management, content syndication, collaboration tools, file sharing, gaming, and remote systems monitoring.

Weaknesses

* Presence data overhead : With typically over 70% of XMPP inter-server traffic being presence data [ [http://mail.jabber.org/pipermail/standards/2006-May/011158.html [Standards-JIG Distribution of stanza types ] ] and close to 60% of it being redundantly transmitted, [ [http://mail.jabber.org/pipermail/standards/2006-May/011182.html [Standards-JIG proto-JEP: Smart Presence Distribution ] ] XMPP currently has a large overhead in delivering presence data to multiple recipients. New protocols are being researched to alleviate this problem.
* Scalability : XMPP currently suffers from essentially the same redundancy problem also concerning multi-user chat and brokered publish/subscribe services such as JMS. [ [http://mail.jabber.org/pipermail/standards/2006-February/010028.html [Standards-JIG MUC traffic issues ] ] These too are to be addressed by new protocol extensions.Fact|date=September 2008 Until deployed, large chatrooms produce a very large amount of overhead.
* No binary data : The way XMPP is encoded as a single long XML document makes it impossible to deliver unmodified binary data. Therefore, file transfers use external protocols like HTTP. If unavoidable, XMPP also provides in-band file transfers by encoding all data using base64. Other binary data like encrypted conversations or graphic icons are embedded using the same method.

Decentralisation and addressing

The Jabber network is server-based (i.e. clients do not talk directly to one another) but decentralized; by design there is no central authoritative server, as there is with services such as AOL Instant Messenger or MSN Messenger. Some confusion often arises on this point as there is a public XMPP server being run at "Jabber.org", to which a large number of users subscribe. However, anyone may run their own XMPP server on their own domain. The standard TCP port for Jabber is 5222. [ [http://www.jabber.org/node/251 I'm behind a firewall, can I use Jabber? | Jabber.org ] ]

Every user on the network has a unique "Jabber ID" (usually abbreviated as "JID"). To avoid the need for a central server with a list of IDs, the JID is structured like an e-mail address with a username and a DNS address for the server where that user resides separated by an at sign (@), such as "username@domain.com".

Since a user may wish to log in from multiple locations, the clients specify a further string known as a resource, which identifies which of the user's clients it is (for example home, work and mobile). This may then be included in the JID by adding a forward slash followed by the name of the resource. Each resource may have specified a numerical value called priority. For example, the full JID of a user's mobile account would be "username@domain.com/mobile". Messages that are simply sent to "username@domain.com" will go to the client with highest priority, but those sent to "username@domain.com/mobile" will only go to the mobile client.

JIDs without a username part are also valid and may be used (with or without a resource part) for system messages and control of special features on the server.

Message delivery process

Suppose "juliet@capulet.com" wants to chat with "romeo@montague.net". Juliet and Romeo each respectively have accounts on the capulet.com and montague.net servers. When Juliet types in and sends her message, a sequence of events is set in motion:
# Juliet's client sends her message to the capulet.com server
#* If montague.net is blocked on capulet.com, the message is dropped.
# The capulet.com server opens a connection to the montague.net server.
#* If capulet.com is blocked on montague.net, the message is dropped.
#* If Romeo is not currently connected, the message is stored for later delivery.
# The montague.net server delivers the message to Romeo.

Connecting to other protocols

Another useful feature of the XMPP system is that of "transports", also known as "gateways", which allow users to access networks using other protocols. This can be other instant messaging protocols, but also protocols such as SMS or E-mail. Unlike multi-protocol clients, XMPP provides this access at the server level by communicating via special gateway services running on a remote computer. Any user can "register" with one of these gateways by providing the information needed to log on to that network, and can then communicate with users of that network as though they were Jabber users. This means that any client which fully supports XMPP can be used to access any network for which a gateway exists, without the need for any extra code in the client and without the need for the client to have direct access to the Internet. This may violate terms of service on the protocol used; however, such terms of service are not legally enforceable in several countries.

XMPP and HTTP

Another aspect of XMPP is the HTTP binding for users behind restricted firewalls. In the original specification, XMPP could use HTTP in two ways: "polling" [ [http://www.xmpp.org/extensions/xep-0025.html XEP-0025: Jabber HTTP Polling] ] and "binding". [http://www.xmpp.org/extensions/xep-0124.html XEP-0124: Bidirectional-streams Over Synchronous HTTP (BOSH)] ] Polling is now deprecated, but HTTP polling essentially implies messages stored on a server-side database are being fetched (and posted) regularly by an XMPP client by way of HTTP 'GET' and 'POST' requests. With binding, the client uses longer-lived HTTP connections to receive messages as soon as they are sent. This push-model of notification is more efficient than polling, where many of the polls return no new data.

Because the client uses HTTP, most firewalls allow clients to fetch and post messages without any hindrances. Thus, in scenarios where the TCP port used by XMPP is blocked, a server can listen on the normal HTTP port and the traffic should pass without problems. There also are various websites which allow people to sign in to Jabber via their browser. Furthermore, there are open public servers, such as [http://www.jabber80.com/ www.jabber80.com] that listen on standard http (port 80) and https (port 443) ports and hence allow connections from behind most firewalls.

Uptake and clients

XMPP is implemented by a large number of XMPP clients, servers, and code libraries. These include:

* Pidgin (formerly Gaim), a multiprotocol, GNU GPL licensed and cross-plattform client
* Psi, a GNU GPL licensed Qt-based client
* Google Talk, Google's instant messaging product, uses an implementation of the protocol
* iChat, Instant messaging client included with Mac OS X, supports XMPP, as well as Bonjour & AIM/.Mac
* Adium, a multiprotocol, GNU GPL licensed client for Mac OS X
* The Gizmo Project, primarily a Voice over IP system using Session Initiation Protocol (SIP), uses XMPP as its instant messaging protocol and can interoperate with Google Talk for text
* Hab.la, Hab.la's live help technology, uses the protocol to interface with a web-based JavaScript client.
* [http://www.livejournal.com/chat/ LJTalk] , Livejournal's instant messaging product, also uses XMPP, running the perl-based implementation, DJabberd
* Tkabber, a GNU GPL licenced cross-platform highly extensible client written in Tcl/Tk
* The Jabber Extensible Communications Platform™ (Jabber XCP™) is an XMPP based, real-time presence and messaging platform
* MCabber, a jabber client which runs in CLI Mode with ncurses

Development

The IETF XMPP working group has produced a number of RFC protocol documents:

RFC 3920, RFC 3921, RFC 3922, RFC 3923, RFC 4622, RFC 4854, RFC 4979

* RFC 3920, "Extensible Messaging and Presence Protocol (XMPP): Core" which describes client-server messaging using two open-ended XML streams. XML streams consist of <presence/>, <message/> and <iq/> (info/query). A connection is authenticated with Simple Authentication and Security Layer (SASL) and encrypted with Transport Layer Security (TLS).
* RFC 3921, "Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence" describes instant messaging (IM), the most common application of XMPP.
* RFC 3922, "Mapping the Extensible Messaging and Presence Protocol (XMPP) to Common Presence and Instant Messaging (CPIM)" relates XMPP and the Common Presence and Instant Messaging (CPIM) specifications.
* RFC 3923, "End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol (XMPP)" describes end to end encryption of XMPP messages using S/MIME. Conflicting this proposal, many clients currently use GPG for encrypting messages. [ [http://www.xmpp.org/extensions/xep-0027.html XEP-0027: Current Jabber OpenPGP Usage] ]

The XMPP Standards Foundation (XSF) develops and publishes extensions to XMPP through a standards process centered around "XMPP Extension Protocols" (XEPs, previously known as Jabber Enhancement Proposals - JEPs). The following extensions are in especially wide use:

* Data Forms [ [http://www.xmpp.org/extensions/xep-0004.html XEP-0004: Data Forms] ]
* Service Discovery [ [http://www.xmpp.org/extensions/xep-0030.html XEP-0030: Service Discovery] ]
* Multi-User Chat [ [http://www.xmpp.org/extensions/xep-0045.html XEP-0045: Multi-User Chat] ]
* XHTML-IM [ [http://www.xmpp.org/extensions/xep-0071.html XEP-0071: XHTML-IM] ]
* File Transfer [ [http://www.xmpp.org/extensions/xep-0096.html XEP-0096: File Transfer] ]
* Entity Capabilities [ [http://www.xmpp.org/extensions/xep-0115.html XEP-0115: Entity Capabilities] ]
* HTTP Binding

XMPP is also currently being extended to handle signalling / negotiation for Voice over Internet protocol (VoIP) and other media sessions. This signalling protocol is called Jingle. Jingle is designed to be consistent with the Google Talk service and interoperable with the Session Initiation Protocol.

See also

* List of XMPP client software
* List of XMPP server software
* List of XMPP programming libraries
* Comparison of instant messaging clients
* Comparison of instant messaging protocols
* Secure communication
* SIMPLE

References

External links

* [http://www.jabber.org/web/Quickstart] - End user introduction to Jabber.
* [http://www.xmpp.org/ XMPP Standards Foundation]
* [https://www.xmpp.net/servers List of Jabber servers by country or domain]
* [http://www.jabber.org Jabber Software Foundation] (JSF) (Wiki)
* [http://www.jabber.org/press/2004-10-04.shtml Press release from the JSF regarding the publication of the XMPP RFCs.]
* [http://wiki.jabber.org/index.php/XMPP_Case_Studies XMPP Case Studies]
* [http://imfreedom.org/ "IM Protocol Wiki"]