[standards-jig] JEP-0025 and JEP-0124

Ian Paterson ian.paterson at clientside.co.uk
Wed Feb 25 12:45:22 UTC 2004

Ian Paterson wrote:
>> Many XMPP clients are based on platforms that feature severe security
>> restrictions (e.g. mobile or browser-based clients). Some cannot read
>> cookies and others can only receive well-formed XML documents over
>> HTTP. It is *impossible* to implement either JEP-0025 or a persistent
>> TCP connection on these clients.

David Waite wrote:
> I assume you mean flash here. Having flash send and receive normal
> XMPP over a stream is possible from what I have heard, it just
> involves lots more work (and a significantly larger client download).

I don't mean Flash (although that is a good example). I'm talking about some
mobile platforms (from what I've heard) and all Web pages without Java (from
my experience).

Unfortunately Flash cannot send and receive normal XMPP over a stream. The
server has to be modified to insert/remove null bytes between sent/received
XML stanzas. Jabberd 2 does not support Flash XML streams. Flash cannot
implement JEP-0025, but it can get through firewalls by implementing
JEP-0124 (with its XML.sendAndLoad method).

Web clients without Java or Flash require JEP-0124. If you're running
Internet Explorer 6 on Windows then you can try a fully-featured Web page


Developing a Web page client does involve lots more work, but the download
of the client above is barely significant. Its HTML/script needs a one-time
100KB download (after that it always opens from the browser's cache).

I'll leave it to someone else to talk about restricted mobile clients.

>> The restricted XMPP clients that JEP-0124 enables are trusted.
>> Many of them can be used without any installation whatsoever.

> I've used a JEP-0025 client that required no local install, and
> required no code trust to run (unless you want features like file
> transfer).

Did that client use Java?

If so, then it requires a big download and install on most machines.
(Microsoft has not supplied the 12MB Java Virtual Machine with Windows for a
long time now.) Many machines are locked to prevent such installations.

> I don't think you mean 'XMPP clients' here, as they are not
> following the XMPP-core spec.

JEP-0124 and JEP-0025 are transport bindings. They are not XMPP. Neither JEP
is XMPP-core compliant.

However, if the appropriate transport software is available at both ends of
the psuedo-connection to translate between the HTTP bindings and the XMPP
streams, then XMPP compliant clients and servers can communicate
transparently using either JEP.

The significant difference is that JEP-0124 employs only well-formed XML.
That means the transport software needs to do a little bit more work to
convert from/to the streams (e.g. in transit the <stream> and </stream> tags
are replaced by <body> elements). But the end result is the same, and more
XMPP clients are enabled. :-)

XML is good.


More information about the Standards mailing list