March 2025 - Standards

LAST CALL: XEP-0484 (Fast Authentication Streamlining Tokens)

by Daniel Gultsch

This message constitutes notice of a Last Call for comments on XEP-0484. Title: Fast Authentication Streamlining Tokens Abstract: This specification defines a token-based method to streamline authentication in XMPP, allowing fully authenticated stream establishment within a single round-trip. URL: https://xmpp.org/extensions/xep-0484.html This Last Call begins today and shall end at the close of business on 2025-01-27. Please consider the following questions during this Last Call and send your feedback to the standards(a)xmpp.org discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol? 2. Does the specification solve the problem stated in the introduction and requirements? 3. Do you plan to implement this specification in your code? If not, why not? 4. Do you have any security concerns related to this specification? 5. Is the specification accurate and clearly written? Your feedback is appreciated!

3 months, 1 week

6
20
0 0

LAST CALL: XEP-0440 (SASL Channel-Binding Type Capability)

by Daniel Gultsch

This message constitutes notice of a Last Call for comments on XEP-0440. Title: SASL Channel-Binding Type Capability Abstract: This specification allows servers to annouce their supported SASL channel-binding types to clients. URL: https://xmpp.org/extensions/xep-0440.html This Last Call begins today and shall end at the close of business on 2024-05-20. Please consider the following questions during this Last Call and send your feedback to the standards(a)xmpp.org discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol? 2. Does the specification solve the problem stated in the introduction and requirements? 3. Do you plan to implement this specification in your code? If not, why not? 4. Do you have any security concerns related to this specification? 5. Is the specification accurate and clearly written? Your feedback is appreciated!

4 months, 3 weeks

9
30
0 0

XEP-0001 Changes to reflect current practice wrt XEP Authors

by Dave Cridland

Hey hey, Boring incoming: https://github.com/xsf/xeps/pull/1407 This is draft to avoid the XSF Board accidentally approving it before the community has had a chance to discuss. The main change is the paragraph added in Section 6 (Discussion Process), covering changes to the XEP during Experimental: The XEP author incorporates the feedback by creating source control patches > (such as Pull Requests), in line with the preferred method in &xep0143;. > Direct changes to an Experimental XEP, such as a contributor providing a > patch (or Pull Request on GitHub), are still the responsibility of the XEP > author, and are only applied if the XEP author agrees. If a XEP has > multiple authors, while agreement is sought from all authors, only those > opinions from responsive authors are considered. If the Approving Body > feels that the XEP author is not responsive, another author may be added > unilaterally by the Approving Body. This is trying to do two things: 1) Document the existing practice that the XMPP Council has followed, whereby changes to Experimental XEPs need "agreement" (PR approval, or similar) from the XEP Author. 2) Document the existing practice that the XMPP Council has followed. whereby if a XEP Author isn't responsive (ie, doesn't respond to emails, etc) the XMPP Council can add a new XEP Author. 3) Document the *new practice* that if a contribution isn't a PR, it's the XEP Author who is responsible to turn it into one. The rest of the changes surface and restate existing process/policy/URLs and aren't that interesting (well, even less interesting). There is one additional possible process deviation we should document (or call the Process Police out, or something). Submission of a XEP, as per XEP-0143, occurs via email tot he Editor. Is this really still the case? Or are these now by PR? That'll need changing in XEP-0143, which I'm happy to do if that's the case. It'd be nice to have a non-PR variant of the process (post here?) Dave.

7 months, 2 weeks

6
17
0 0

Proposed XMPP Extension: PubSub Server Information

by kevin.smith＠isode.com

The XMPP Extensions Editor has received a proposal for a new XEP. Title: PubSub Server Information Abstract: This document defines a data format whereby basic information of an XMPP domain can be expressed and exposed over pub-sub. URL: https://xmpp.org/extensions/inbox/pubsub-server-info.html The Council will decide in the next two weeks whether to accept this proposal as an official XEP.

9 months, 2 weeks

3
3
0 0

Transmit of contact photo per Jabber ID

by Schimon Jehudah

Good day! I want to create a weather bot which is not a component. However, I would not be able to make a dynamic use of contact photo, as I would with a component. Because, it is not possible to selectively transmit contact photo. I think, that this would have useful uses to different use-cases, so it would be good to create an XEP to it. Please advise, Schimon

11 months, 1 week

1
1
0 0

Which one to use: `authorization-identity` or `authorization-identifier`

by Andrzej Telezynski

Hello, I am confused about those two elements: `authorization-identity` and `authorization-identifier`. Are they equivalent? They seem to be used in the same context. Grepping the XEPS repo shows both are used: $ grep -rl authorization-identity ./xep-0484.xml ./inbox/xep-fast.xml ./inbox/sasl2.xml ./xep-0386.xml $ grep -rl authorization-identifier ./xep-0480.xml ./inbox/xep-downgrade-prevention.xml ./inbox/xep-scram-upgrade.xml ./inbox/sasl2.xml ./xep-0198.xml ./xep-0388.xml ./xep-0474.xml What confuses me is that they both are used in the same context, f. ex.: "XEP-0386: Bind 2" has `authorization-identity` in successful Bind response: https://xmpp.org/extensions/xep-0386.html#example-4 <success xmlns='urn:xmpp:sasl:2'> <authorization-identity>user(a)example.com/AwesomeXMPP.4232f4d4 </authorization-identity> <bound xmlns='urn:xmpp:bind:0'> <metadata xmlns='urn:xmpp:mam:2'> <start id='YWxwaGEg' timestamp='2008-08-22T21:09:04Z' /> <end id='b21lZ2Eg' timestamp='2020-04-20T14:34:21Z' /> </metadata> </bound> </success> But "XEP-0388: Extensible SASL Profile" uses `authorization-identifier` https://xmpp.org/extensions/xep-0388.html#example-7 <success xmlns='urn:xmpp:sasl:2'>  <additional-data> dj1tc1ZIcy9CeklPSERxWGVWSDdFbW1EdTlpZDg9 </additional-data> <authorization-identifier>user(a)example.org</authorization-identifier> </success> Is it valid to use `authorization-identifier` in all those cases? What about other XEPS that use `authorization-identity` f. ex. "XEP-0484: Fast Authentication Streamlining Tokens" ? https://xmpp.org/extensions/xep-0484.html#example-3 It seems that clients need to expect both variants anyway. I am hoping for some advice or clarification, maybe I have missed something. Thanks, Andrzej -- *Come see us at: *Alchemy Conf 2-3 Apr | ElixirConf EU 15-16 May | Code BEAM Lite Stockholm 2 Jun | Lambda Days 12-13 Jun | *Learn more >> <https://www.erlang-solutions.com/events/>* Erlang Solutions cares about your data and privacy; please find all details about the basis for communicating with you and the way we process your data in our Privacy Policy. <https://www.erlang-solutions.com/privacy-policy.html> You can update your email preferences or unsubscribe from all lists here. <https://forms.erlangsolutions.com/email-preference?epc_hash=pZxDpeyjOBLTF6P…>

11 months, 3 weeks

3
3
0 0

[XEP-0433] (Extended Channel Search): Search Form Fields

by Goffi

Hi, I'm currently implementing XEP-0433 (Extended Channel Search), nice work thanks. I have a couple of feedback: 1. I see in example 3 (https://xmpp.org/extensions/xep-0433.xml#example-3) a `min_users` field which is not described in https://xmpp.org/extensions/ xep-0433.xml#table-1, would it be possible to add it? 2. I think that it would be nice to specify recommended default values in the table. 3. The "sort" field is redundant and less powerful than XEP-0413 (Order-By), is there any reason to not use the later? 4. I feel that it would be useful to indicate somewhere the minimum of characters expected in a search query, so client doesn't send useless requests. Maybe via disco? Thanks! Goffi

11 months, 3 weeks

1
0
0 0

New XEP proposal: Spaces

by Nicolas Cedilnik

Hello everyone, I just submitted https://github.com/xsf/xeps/pull/1426 with a rendered version at https://nicoco.fr/inbox/spaces.html This is an attempt at a minimal "spaces XEP". I remember reading a document a long time ago which looked impressively complete but did not turn into a XEP proposal. I suspect this is because the document attempted to cover everything, and there are very different use-cases for spaces, with different permissions models, ranging from fully public to completely private through "some rooms are public but some require being part of a subteam" etc. I tried a different approach here, attempting to lay the foundation of what is the minimum to cluster several groupchats without relying on a dedicated MUC service just for that. The slidge-based gateways for discord, mattermost and matrix already implement listing the "servers", "teams" and "spaces" of these networks via adhoc commands. I would very much like to make this a bit more generic (and standardised!) in slidge "core", the gateway library (and also expose in the disco#info of each room which "space" it is a child of). About the name, I called it "server-side spaces" because I think what Gajim already does with its workspaces is great and should be standardized at some point too, that would be another XEP, maybe "client(or user)-side spaces", later. I already gathered a little feedback from the xsf@ room, and incorporated it in the present submission. Looking forward to reading your feedback. -- nicoco

1 year

5
10
0 0

Commenting system based on XMPP

by Schimon Jehudah

Greeetings, ladies and gentlemen! First of all, I would want to congratulate Mr. Nicolas Cedilnik (nicoco) for creating a plugin to the publishing system Pelican. Reference: https://codeberg.org/nicoco/pelican-pubsub Second, I would want to create an HTML based commenting system service, and I would be glad to receive your consultancy on how to design it. By that, I mean, to which PubSub nodes should comments be published to. And then I will create a system based upon FastAPI and Slixmpp. P.S. Currently, there are three or four brands that provide commenting systems in a centralized fashion. Kind regards, Schimon

1 year

2
1
0 0

XSF membership application period Q2 2025

by Alexander Gnauck

I have setup the membership application Wiki page for the application period Q2 2025 Applications are encouraged from developers and others who are actively involved in the Jabber/XMPP community. To apply, create a page about yourself on the Wiki: https://wiki.xmpp.org/web/Membership_Applications_Q2_2025 If you don't have a wiki account, send your full name, preferred nickname and email address to me or one of the other Sysops: https://wiki.xmpp.org/web/Sysops Apply now!!! Thanks, Alex

1 year

1
0
0 0

2026

2025

2024

2023

Standards March 2025