[Standards] Nonzas: What are they and do we need them?

Florian Schmaus flo at geekplace.eu
Mon Apr 20 13:27:09 UTC 2015


In order to make the following easier, I'd first like to define the term
Nonza:

A Nonza is every top level XMPP stream element which is not a Stanza.
(see also [1]).

To my best knowledge, Nonzas which are exchanged after resource binding,
are currently used in xep198 and xep352. A recently proposed change to
xep352 raised the question if the usage of Nonzas ('active' and
'inactive') should get replaced by IQs. It was questioned whether Nonzas
after resource binding should have a place in XMPP at all.

So far, I've heard the following arguments using Nonzas after resource
binding:

Contra:
- Messages and IQs could be used instead
- Can't be used with BOSH
- Introduces a bunch of conceptual and implementations problems

Pro:
- Expresses the semantic that they are not routed
- This increases security, as they are harder to spoof
- Can be used for XMPP transports over TCP, WebSocket and BOSH

If it's possible, I'd like to ask the XSF Council to cast an non-binding
opinion vote in one of their next meetings with those two options:
A. Nonzas MUST NOT be used after resource binding
B. Nanzas CAN be used after resource binding


For me personally, the contra-Nonza arguments did not convince me. It
appears that nothing in the specification prevents you from using Nonzas
after resource binding with BOSH. XEP-206 3. only says "SHOULD contain".
I also don't see why they would introduce "a bunch of conceptual and
implementations problems".

I think Nonzas are fine to use even after resource binding in certain
use cases: If the element

1. is not going to get routed
2. is not meant to be *directly* exposed to higher layers of the
application, e.g. your XMPP library will take care of it (but possibly
invoking a user callback)
3. is used to control the XMPP stream in some way, and
4. a combination of 1 with either 2 or 3,

then it's a good indicator that it should not get encapsulated within a
stanza in order to express the semantic of the element.

Note that I don't want to discuss right now if CSI should use Nonzas or
Stanzas. This is meant as general discussion about Nonzas after resource
binding. Not for a particular use case/XEP.

1: http://geekplace.eu/xeps/xep-nonza/xep-nonza.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20150420/517b83b7/attachment.sig>


More information about the Standards mailing list