- Standards

by Daniel Gultsch

Version 1.30.0 of XEP-0060 (Publish-Subscribe) has been released. Abstract: This specification defines an XMPP protocol extension for generic publish-subscribe functionality. The protocol enables XMPP entities to create nodes (topics) at a pubsub service and publish information at those nodes; an event notification (with or without payload) is then broadcasted to all entities that have subscribed to the node. Pubsub therefore adheres to the classic Observer design pattern and can serve as the foundation for a wide variety of applications, including news feeds, content syndication, rich presence, geolocation, workflow systems, network management systems, and any other application that requires event notifications. Changelog: Describe the 'http://jabber.org/protocol/pubsub' disco#info feature. (gdk) URL: https://xmpp.org/extensions/xep-0060.html Note: The information in the XEP list at https://xmpp.org/extensions/ is updated by a separate automated process and may be stale at the time this email is sent. The XEP documents linked herein are up-to- date.

3 weeks, 5 days

1
0
0 0

LAST CALL: XEP-0485 (PubSub Server Information)

by Daniel Gultsch

This message constitutes notice of a Last Call for comments on XEP-0485. Title: PubSub Server Information Abstract: This document defines a data format whereby basic information of an XMPP domain can be expressed and exposed over pub-sub. URL: https://xmpp.org/extensions/xep-0485.html This Last Call begins today and shall end at the close of business on 2025-11-03. Please consider the following questions during this Last Call and send your feedback to the standards(a)xmpp.org discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol? 2. Does the specification solve the problem stated in the introduction and requirements? 3. Do you plan to implement this specification in your code? If not, why not? 4. Do you have any security concerns related to this specification? 5. Is the specification accurate and clearly written? Your feedback is appreciated!

3 weeks, 5 days

4
5
0 0

NEW: XEP-0507 (Jingle Content Category)

by Daniel Gultsch

Version 0.1.0 of XEP-0507 (Jingle Content Category) has been released. Abstract: This specification defines an XMPP extension to negotiate the use of Session Description Protocol (SDP) media- level attribute 'content' as defined by RFC 4796 with Jingle RTP sessions Changelog: Accepted as Experimental by council vote (dg) URL: https://xmpp.org/extensions/xep-0507.html Note: The information in the XEP list at https://xmpp.org/extensions/ is updated by a separate automated process and may be stale at the time this email is sent. The XEP documents linked herein are up-to- date.

3 weeks, 5 days

1
0
0 0

Navigation instructions for Atom Over XMPP (XEP-0277 and XEP-0472)

by Schimon Jehudah

Good day. About ===== I have recently suggested at project Movim to add navigational instructions to Atom entries (i.e. posts). I am still experimenting it, and it currently seems useful. Technicality ============ The idea is realized in a similar fashion to the classification of comments node with rel='replies' and title='comments'. https://xmpp.org/extensions/xep-0277.xml#comments Navigation ========== I advise to enable navigational instructions with rel='navigation' and title='previous' and title='proceed', and perhaps also title='index'. At the bottom of this page there are proceed or previous links to navigate and are generated from the instructions proposed above. https://journal.woodpeckersnest.eu/posts/2024-11-05-xmpp-as-the-internet/ Advantages ========== Navigational instructions would conveniently facilitate the creation of a CMS even over a single PEP node, without a compulsory need of having a PubSub service with multiple nodes to do so, by relating from post to post from within each posts. Navigational instructions would also incentivise the creation of articles that are segmented into parts of a series of posts, and portability thereof. Kind regards, Schimon

3 weeks, 6 days

1
1
0 0

XEP-0440 No supported channel bindings

by Dave Cridland

Thilo, sorry! I had somehow missed that SASL2 mandates XEP-0440. It makes a lot of sense. But... Openfire currently doesn't support any channel bindings. It is sometimes used in cases where there is no TLS at all. This is quite deliberate and sensible in this case, please don't argue with this! This means there will always be cases where there are no channel bindings available (because there's no channel to bind to!). The schema doesn't include a minOccurs, and that means minOccurs='1' by default. This means at least one channel binding MUST be included. Is this intentional? I appreciate this is an oddball case (and I can support tls-server-endpoint for most normal cases), but is this the intent here or was the expectation that the minOccurs should be '0'? (I know tls-server-endpoint MUST be implemented, but MTI is not MTD etc). Dave.

1 month

3
3
0 0

LAST CALL: XEP-0440 (SASL Channel-Binding Type Capability)

by Daniel Gultsch

This message constitutes notice of a Last Call for comments on XEP-0440. Title: SASL Channel-Binding Type Capability Abstract: This specification allows servers to annouce their supported SASL channel-binding types to clients. URL: https://xmpp.org/extensions/xep-0440.html This Last Call begins today and shall end at the close of business on 2025-10-28. Please consider the following questions during this Last Call and send your feedback to the standards(a)xmpp.org discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol? 2. Does the specification solve the problem stated in the introduction and requirements? 3. Do you plan to implement this specification in your code? If not, why not? 4. Do you have any security concerns related to this specification? 5. Is the specification accurate and clearly written? Your feedback is appreciated!

1 month

6
13
0 0

UPDATED: XEP-0474 (SASL SCRAM Downgrade Protection)

by Daniel Gultsch

Version 0.5.0 of XEP-0474 (SASL SCRAM Downgrade Protection) has been released. Abstract: This specification provides a way to secure the SASL and SASL2 handshakes against method and channel-binding downgrades. Changelog: * Add business rules describing client behavior * Make clear that PLAIN still has to be pinned away, if not disabled entirely (tm) URL: https://xmpp.org/extensions/xep-0474.html Note: The information in the XEP list at https://xmpp.org/extensions/ is updated by a separate automated process and may be stale at the time this email is sent. The XEP documents linked herein are up-to- date.

1 month

1
0
0 0

UPDATED: XEP-0440 (SASL Channel-Binding Type Capability)

by Daniel Gultsch

Version 0.5 of XEP-0440 (SASL Channel-Binding Type Capability) has been released. Abstract: This specification allows servers to annouce their supported SASL channel-binding types to clients. Changelog: * Address a possible MITM attack vector by making the tls-server-end- point channel-binding mandatory to implement * Remove the whole 'Interaction with SASL mechanisms' section and replace it with 'Business Rules' * Rework whole 'Security Considerations' section * Some minor editorial changes * Add Thilo Molitor as author (tm) URL: https://xmpp.org/extensions/xep-0440.html Note: The information in the XEP list at https://xmpp.org/extensions/ is updated by a separate automated process and may be stale at the time this email is sent. The XEP documents linked herein are up-to- date.

1 month

1
0
0 0

LAST CALL: XEP-0440 (SASL Channel-Binding Type Capability)

by Daniel Gultsch

This message constitutes notice of a Last Call for comments on XEP-0440. Title: SASL Channel-Binding Type Capability Abstract: This specification allows servers to annouce their supported SASL channel-binding types to clients. URL: https://xmpp.org/extensions/xep-0440.html This Last Call begins today and shall end at the close of business on 2024-05-20. Please consider the following questions during this Last Call and send your feedback to the standards(a)xmpp.org discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol? 2. Does the specification solve the problem stated in the introduction and requirements? 3. Do you plan to implement this specification in your code? If not, why not? 4. Do you have any security concerns related to this specification? 5. Is the specification accurate and clearly written? Your feedback is appreciated!

1 month, 2 weeks

9
30
0 0

XMPP Council Agenda 2025-10-21

by Daniel Gultsch

Good Morning Council Members, the next XMPP Council Meeting will take place on, Tuesday, October 21 2025 at 15:30 UTC in xmpp:council@muc.xmpp.org?join The Agenda is as follows: 1) Roll call 2) Agenda Bashing 3) Editors update - UPDATED: XEP-0392 (Consistent Color Generation) - UPDATED: XEP-0045 (Multi-User Chat) - NEW: XEP-0506 (No-reply JIDs) - LAST CALL: XEP-0485 (PubSub Server Information) - Proposed XMPP Extension: Forums (https://xmpp.org/extensions/inbox/forums.html) - Proposed XMPP Extension: Jingle Content Category (https://xmpp.org/extensions/inbox/jingle-content-category.html) 4) Items for voting a) Proposed XMPP Extension: Forums https://xmpp.org/extensions/inbox/forums.html b) Proposed XMPP Extension: Jingle Content Category https://xmpp.org/extensions/inbox/jingle-content-category.html 5) Pending votes Daniel on PR #1467 and PR #1468 Marvin on PR #1468 See the spreadsheet of doom: https://docs.google.com/spreadsheets/d/1oAHUqBdlkobDcmfQ-YRMfZHGQLMWEdOFuEU… 6) Date of Next 7) AOB 8) Close

1 month, 2 weeks

1
0
0 0

2025

2024

2023