[Standards] LAST CALL: XEP-0227 (Portable Import/Export Format for XMPP-IM Servers)

Waqas Hussain waqas20 at gmail.com
Thu Aug 6 08:58:54 UTC 2009

> 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol?


> 2. Does the specification solve the problem stated in the introduction and requirements?

A missing piece of data is incoming subscriptions, for which there is
no roster entry. I suggest adding a section for <presence
xmlns='jabber:client' type='subscribe' from='node at host'/> in the XEP.

It might be appropriate for the XEP to explicitly acknowledge that
implementations may extend the format by including custom elements and
attributes (qualified by appropriate namespaces).

Off the top of my head, some extensions I would like to use (listed
here for my reference, if no one else's):
 - Privacy lists, i.e., <query xmlns='jabber:iq:privacy'> under <user>.
 - Last activity information. Possibly a <presence
xmlns='jabber:client' type='unavailable'/> under <user>.
 - Other user meta-data. For example, marking a user as an admin:
<identity xmlns='http://jabber.org/protocol/disco#info'
category='account' type='admin'/> under <user>, or maybe <user
 - PEP data under <user>.
 - PubSub and MUC data (out of scope of the XEP, yes, but no reason
not to export and import it).
 - Server and host configuration data under <server-data> and <host>
(yes, implementation specific, but still useful).
 - Replacing the 'password' attribute on the <user> element with
something else when using hashed passwords, certificates, etc.

About the XInclude support, I like how the examples use namespace
prefixes on attributes. I think the SOAP over XMPP XEP is the only
other one with examples using those.

> 3. Do you plan to implement this specification in your code? If not, why not?

Yes, I plan to write an exporter and importer for Prosody.
It would be interesting to have a Prosody storage backend which uses
the XEP-0227 format directly. It would work fine for small

> 4. Do you have any security concerns related to this specification?

Need to be careful about XInclude, but nothing else in particular.

> 5. Is the specification accurate and clearly written?


> Your feedback is appreciated!


Waqas Hussain

More information about the Standards mailing list