tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 5875

Proposed STD
Pages: 27
Top     in Index     Prev     Next
in Group Index     Prev in Group     Next in Group     Group: SIP

An Extensible Markup Language (XML) Configuration Access Protocol (XCAP) Diff Event Package


Top       ToC       Page 1 
Internet Engineering Task Force (IETF)                     J. Urpalainen
Request for Comments: 5875                                         Nokia
Category: Standards Track                                 D. Willis, Ed.
ISSN: 2070-1721                                    Softarmor Systems LLC
                                                                May 2010

An Extensible Markup Language (XML) Configuration Access Protocol (XCAP)
                           Diff Event Package


   This document describes an "xcap-diff" SIP (Session Initiation
   Protocol) event package for the SIP Event Notification Framework,
   which clients can use to receive notifications of changes to
   Extensible Markup Language (XML) Configuration Access Protocol (XCAP)
   resources.  The initial synchronization information exchange and
   document updates are based on the XCAP Diff format.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at

Copyright Notice

   Copyright (c) 2010 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   ( in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Page 2 
   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November
   10, 2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  4
   3.  Definitions  . . . . . . . . . . . . . . . . . . . . . . . . .  4
   4.  XCAP Diff Event Package  . . . . . . . . . . . . . . . . . . .  4
     4.1.  Overview of Operation with Basic Requirements  . . . . . .  4
     4.2.  Event Package Name . . . . . . . . . . . . . . . . . . . .  5
     4.3.  'diff-processing' Event Package Parameter  . . . . . . . .  5
     4.4.  SUBSCRIBE Bodies . . . . . . . . . . . . . . . . . . . . .  6
     4.5.  Subscription Duration  . . . . . . . . . . . . . . . . . .  8
     4.6.  NOTIFY Bodies  . . . . . . . . . . . . . . . . . . . . . .  8
     4.7.  Notifier Generation of NOTIFY Requests . . . . . . . . . .  8
     4.8.  Subscriber Processing of NOTIFY Requests . . . . . . . . . 11
     4.9.  Handling of Forked Requests  . . . . . . . . . . . . . . . 13
     4.10. Rate of Notifications  . . . . . . . . . . . . . . . . . . 13
     4.11. State Agents . . . . . . . . . . . . . . . . . . . . . . . 13
   5.  An Initial Example NOTIFY Document . . . . . . . . . . . . . . 13
   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 14
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 15
   8.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 15
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 16
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 16
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 17
   Appendix A.  Informative Examples  . . . . . . . . . . . . . . . . 18
     A.1.  Initial Documents on an XCAP Server  . . . . . . . . . . . 18
     A.2.  An Initial Subscription  . . . . . . . . . . . . . . . . . 18
     A.3.  A Document Addition into a Collection  . . . . . . . . . . 19
     A.4.  A Series of XCAP Component Modifications . . . . . . . . . 20
     A.5.  An XCAP Component Subscription . . . . . . . . . . . . . . 23
     A.6.  A Conditional Subscription . . . . . . . . . . . . . . . . 26

Top      ToC       Page 3 
1.  Introduction

   The SIP events framework [RFC3265] describes subscription and
   notification conventions for the Session Initiation Protocol (SIP)
   [RFC3261].  The Extensible Markup Language (XML)
   [W3C.REC-xml-20060816] Configuration Access Protocol (XCAP) [RFC4825]
   allows a client to read, write, and modify XML-formatted application
   usage data stored on an XCAP server.

   While XCAP allows authorized users or devices to modify the same XML
   document, XCAP does not provide an effective mechanism (beyond
   polling) to keep resources synchronized between a server and a
   client.  This memo defines an "xcap-diff" event package that,
   together with the SIP event notification framework [RFC3265] and the
   XCAP diff format [RFC5874], allows a user to subscribe to changes in
   an XML document, and to receive notifications whenever the XML
   document changes.

   There are three basic features that this event package enables:

   First, a client can subscribe to a list of XCAP documents' URLs in a
   collection located on an XCAP server.  This allows a subscriber to
   compare server resources with its local resources using the URLs and
   the strong entity tag (ETag) values of XCAP documents, which are
   shown in the XCAP diff format, and to synchronize them.

   Second, this event package can signal a change in those documents in
   one of three ways.  The first mode only indicates the event type and
   does not include document contents, so the subscriber uses HTTP
   [RFC2616] to retrieve the updated document.  The second mode includes
   document content changes in notification messages, using the XML-
   Patch-Ops [RFC5261] format with minimal notification size.  The third
   mode also includes document content changes in notification messages
   with the same XML-Patch-Ops format, but is more verbose, and shows
   the full HTTP version history.

   Third, the client can subscribe to specific XML elements or
   attributes (XCAP components) showing their existing contents in the
   resulting XCAP diff format notification messages.  If the requested
   component does not exist but is later created, the notifier sends a
   notification with the component's content.  The notifier also sends
   notifications when the subscribed XCAP components are removed, for
   example, after a successful HTTP DELETE request.

Top      ToC       Page 4 
2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in RFC 2119, BCP 14
   [RFC2119] and indicate requirement levels for compliant

3.  Definitions

   The following terms are used in this document:

   XCAP component:  An XML element or an attribute, which can be
      updated, removed, or retrieved with XCAP.

   Aggregating:  An XCAP client can update only a single XCAP component
      at a time using HTTP.  However, a notifier may be able to
      aggregate a series of these modifications into a single
      notification using XML-Patch-Ops semantics encoded in the XCAP
      diff format.

   This document reuses terminology mostly defined in XCAP [RFC4825] and
   some in WebDAV [RFC4918].

4.  XCAP Diff Event Package

4.1.  Overview of Operation with Basic Requirements

   To receive "xcap-diff" event package features, the subscriber
   indicates its interest in certain resources by including a URI list
   in the subscription body to the notifier.  Each URL in this list MUST
   be an HTTP URL that identifies a collection, an XCAP document, or an
   XCAP component.  Collection URLs MUST have a trailing forward slash
   "/", following the conventions of WebDAV [RFC4918].  A collection
   selection includes all documents in that collection and recursively
   all documents in sub-collections.  The URL of an XCAP component
   consists of the document URL with the XCAP Node Selector added.
   Although the XCAP Node Selector allows all in-scope namespaces of an
   element to be requested, the client MUST NOT subscribe to namespaces.

   The notifier MUST support XCAP component subscriptions.  The notifier
   sends the first notification in response to the subscription, and
   this first notification MUST contain the URLs of the documents and
   XCAP component contents that are part of the subscription.  The
   subsequent notifications MAY contain patches to these documents.  The
   subscriber can specify how the notifier will signal the changes of
   documents by using the 'diff-processing' event package parameter,
   covered in Section 4.3.  Note that the existence of the "diff-

Top      ToC       Page 5 
   processing" parameter or its value has no influence on XCAP component

4.2.  Event Package Name

   The name of this event package is "xcap-diff".  As specified in
   [RFC3265], this value appears in the Event header field present in
   SUBSCRIBE and NOTIFY requests.

4.3.  'diff-processing' Event Package Parameter

   With the aid of the optional "diff-processing" Event header field
   parameter, the subscriber indicates a preference as to how the
   notifier SHOULD indicate change notifications of documents.  The
   possible values are "no-patching", "xcap-patching", and "aggregate".
   All three modes provide information that allows the subscriber to
   synchronize its local cache, but only the "xcap-patching" mode
   provides intermediate states of the version history.  The notifier
   SHOULD use the indicated mode if it understands it (as doing so
   optimizes network traffic within the capabilities of the receiver).

      The "no-patching" value means that the notifier indicates only the
      document and the event type (creation, modification, and removal)
      in the notification.  The notification does not necessarily
      indicate the full HTTP ETag change history.  Notifiers MUST
      support the "no-patching" mode as a base-line for
      interoperability.  The other, more complex modes are optional.

      The "xcap-patching" value means that the notifier includes all
      updated XCAP component contents and entity tag (ETag) changes made
      by XCAP clients (via HTTP).  The client receives the full (HTTP)
      ETag change history of a document.

      The "aggregate" value means that the notifier MAY aggregate
      several individual XCAP component updates into a single XCAP diff
      <document> element.  The policy for determining whether or not to
      apply aggregation or to determine how many updates to aggregate is
      locally determined.

      The notifier SHOULD support the "xcap-patching" and "aggregate"
      modes, and thus implement XML-Patch-Ops [RFC5261] diff-generation,
      because this can greatly reduce the required number of
      notifications and overall transmissions.

Top      ToC       Page 6 
   If the subscription does not contain the "diff-processing" header
   field parameter, the notifier MUST default to the "no-patching" mode.

      Note: To see the difference between "xcap-patching" and
      "aggregate" modes, consider a document that has versions "a", "b",
      and "c" with corresponding ETag values "1", "2", and "3".  The
      "xcap-patching" mode will include first the change from version
      "a" to "b" with the versions' corresponding "1" and "2" ETags and
      then the change from version "b" to "c" with their "2" and "3"
      ETags.  The "aggregate" mode optimizes the change and indicates
      only a single aggregated change from "a" to "c" with the old "1"
      and new "3" ETags.  If these changes are closely related, that is,
      the same element has been updated many times, the bandwidth
      savings are larger.

   This "diff-processing" parameter is a subscriber hint to the
   notifier.  The notifier may respond using a simpler mode, but not a
   more complex one.  Notifier selection of a mode is covered in
   Section 4.7.  During re-subscriptions, the subscriber MAY change the
   diff-processing parameter.

   The formal grammar [RFC5234] of the "diff-processing" parameter is:

        diff-processing = "diff-processing" EQUAL (
          "no-patching" /
          "xcap-patching" /
          "aggregate" /
          token )

   where EQUAL and token are defined in RFC 3261 [RFC3261].

4.4.  SUBSCRIBE Bodies

   The URI list is described by the XCAP resource list format [RFC4826],
   and is included as a body of the initial SUBSCRIBE request.  Only a
   simple subset of that format is required, a flat list of XCAP request
   URIs.  The "uri" attribute of the <entry> element contains these URI
   values.  The subscriber MUST NOT use hierarchical lists or <entry-
   ref> references, etc. (though in the future, semantics may be
   expanded thanks to the functionality in the resource list format).
   In subsequent SUBSCRIBE requests, such as those used for refreshing
   the expiration timer, the subscribed URI list MAY change, in which
   case the notifier MUST use the new list.

   The SUBSCRIBE request MAY contain an Accept header field.  If no such
   header field is present, it has a default value of "application/
   xcap-diff+xml".  If the header field is present, it MUST include
   "application/xcap-diff+xml", and MAY include any other types.

Top      ToC       Page 7 
   The SUBSCRIBE request MAY contain the Suppress-If-Match header field
   [RFC5839], which directs the notifier to suppress either the body of
   a subsequent notification or the entire notification if the ETag
   value matches.

   If the SUBSCRIBE body contains elements or attributes that the
   notifier doesn't understand, the notifier MUST ignore them.

   Subscribers need to appropriately populate the Request-URI of the
   SUBSCRIBE request, typically set to the URI of the notifier.  This
   document does not constrain that URI.  It is assumed that the
   subscriber is provisioned with or has learned the URI of the notifier
   of this event package.

   The XCAP server will usually be co-located with the SIP notifier, so
   the subscriber MAY use relative XCAP Request-URIs.  Because relative
   Request-URIs are allowed, the notifier MUST know how to resolve these
   against the correct XCAP Root URI value.

   Figure 1 shows a SUBSCRIBE request and body covering several XCAP
   resources: a "resource-list" document, a specific element (XCAP
   component) in a "rls-services" document, and a collection in "pidf-
   manipulation" application usage.  The "Content-Type" header of this
   SUBSCRIBE request is "application/resource-lists+xml".

   Accept: application/xcap-diff+xml
   Event: xcap-diff; diff-processing=aggregate
   Content-Type: application/resource-lists+xml
   Content-Length: [XXX]
   Expires: 4200

   <?xml version="1.0" encoding="UTF-8"?>
   <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists">
     <entry uri="resource-lists/users/"/>
     <entry uri="rls-services/users/
     <entry uri="pidf-manipulation/"/>

                    Figure 1: Example subscription body

   When subscribing to XCAP components, namespace prefixes of XCAP Node
   Selectors MUST be properly resolved to namespace URIs.  Section 6.4
   of RFC 4825 [RFC4825] describes the conventions when using prefixes

Top      ToC       Page 8 
   in XCAP Node Selectors.  If only XCAP Default Document Namespace is
   used, just like in the previous example (where a <service> element is
   selected), the query component of the "uri" value is not required.

4.5.  Subscription Duration

   The default expiration time for subscriptions within this package is
   3600 seconds.  As per RFC 3265 [RFC3265], the subscriber MAY specify
   an alternative expiration timer in the Expires header field.

4.6.  NOTIFY Bodies

   The format of the NOTIFY message body either is the default of
   "application/xcap-diff+xml" or is a format listed in the Accept
   header field of the SUBSCRIBE.

   In this event package, notification messages contain an XCAP diff
   document [RFC5874].

   The XCAP diff format [RFC5874] can include the subscribed XCAP
   component contents.  For documents, the format can also include
   corresponding URIs, ETag values, and patching instructions from
   version "a" to "b".  Removal events (of documents, elements, or
   attributes) can be identified too.  Except for collection selections,
   the "sel" selector values of the XCAP diff format MUST be octet-by-
   octet equivalent to the relevant "uri" parameter values of the
   <entry> element of the "resource-list" document.

   With XCAP component subscriptions, XCAP Node Selectors can contain
   namespace prefixes.  A notifier MUST then resolve these prefixes to
   namespace URIs according to RFC 4825 [RFC4825] conventions.  In other
   words, notifiers MUST be aware of XCAP Default Document Namespaces
   for Application Usages when they locate unprefixed qualified XCAP
   elements.  Note that the namespace resolving rules of Patch operation
   elements <add>, <replace>, and <remove> are described in Section
   4.2.1 of [RFC5261].

4.7.  Notifier Generation of NOTIFY Requests

   During the initial subscription, or if the URI list changes in
   SUBSCRIBE refresh requests, the notifier MUST resolve the requested
   XCAP resources and their privileges.  If there are superfluous
   resource selections in the requested URI list, the notifier SHOULD
   NOT provide overlapping similar responses for these resources.  A
   resource for which an authenticated user does not have a read
   privilege MUST NOT be included in the XCAP diff format.  Note that an
   XCAP component that could not be located with XCAP semantics does not
   produce an error.  Instead, the request remains in a "pending" state,

Top      ToC       Page 9 
   that is, waiting for this resource to be created (or read access
   granted if XCAP Application Usages utilize dynamic access control
   lists).  Subscriptions to collections have a similar property: once a
   new document is created into the subscribed collection, the creation
   of a new resource is signaled with the next NOTIFY request.

   After the notifier knows the list of authorized XCAP resources, it
   generates the first NOTIFY, which contains URI references to all
   subscribed, existing documents for which the subscriber has read
   privileges, and typically XCAP component(s) of existing content.

   After sending the initial notification, the notifier selects a diff-
   processing mode for reporting changes.  If the subscriber suggested a
   mode in the "diff-processing" parameter of the SUBSCRIBE, the
   notifier MAY use that requested mode or MAY fall back to a simpler
   operational mode, but the notifier MUST NOT use a more complex mode
   than the one chosen by the subscriber.  From least to most complex,
   the order of the modes is the following: "no-patching", "xcap-
   patching", "aggregate".  Thus, the notifier may respond to an
   "aggregate" request using any mode, but cannot reply to an "xcap-
   patching" subscription using the "aggregate" mode.  Naturally, the
   notifier MUST handle a "no-patching" request with the "no-patching"

   In all modes, the notifier MUST maintain the chronological order of
   XCAP changes.  If several changes to a given resource are presented
   in a single notification, the chronological update order MUST be
   preserved in the XML document order of the notification body.
   Chronological order is preserved to simplify the required subscriber
   implementation logic.

   While the "aggregate" mode uses bandwidth most efficiently, it
   introduces other challenges.  The initial synchronization might fail
   with rapidly changing resources, because the "aggregate" mode
   messages might not include the full version history of a document and
   the base XCAP protocol does not support version history retrievals of
   documents.  When new documents are created in subscribed collections
   and the notifier is aggregating patches, the same issue can occur.
   In a corner case (such as when the XML prolog changes), the notifier
   may not be able to provide patches with the XML-Patch-Ops [RFC5261]

   If the notifier has to temporarily disable diff generation and send
   only the URI references of some changed documents to the subscriber,
   it MUST continue with the "xcap-patching" mode afterwards for these
   resources, if the initial subscription also started with the "xcap-
   patching" mode.

Top      ToC       Page 10 
      Note: The diff-generation may be disabled when the NOTIFY body
      becomes impractically large or an intermediate error has happened.
      As the subscriber loses track of the patching operations, it must
      refresh to a "known good" state by downloading current documents.
      Once it has done so, it can re-subscribe, for example, with the
      "aggregate" mode.

   In the "aggregate" mode, the notifier chooses how long to wait for
   multiple patches to combine and how this combination is done.

   In the "xcap-patching" mode, the notifier MAY try to optimize the
   diff-generation, for example, by eliminating redundant information
   since some XCAP clients will probably not have completely optimized
   their HTTP PUT request.

      Note: It is straightforward to change the XCAP client's change
      requests: PUT and DELETE (sent via HTTP) to use XML-Patch-Ops
      semantics.  While XCAP does not support patching of all XML node
      types -- for example, namespace declarations cannot be added
      separately -- efficient utilization of XML-Patch-Ops can sometimes
      significantly reduce the bandwidth requirements at the expense of
      extra processing.

   After the notifier has reported the existence of an XCAP component,
   it MUST also report its removal consistently.  For example, the
   removal of the parent element of the subscribed element requires the
   same signaling since the subscribed element ceases to exist.  To
   signal the removal of an XCAP component, the notifier sets the
   Boolean "exist" attribute value of the <element> or <attribute>
   elements to false.  Even with rapidly changing resources, the
   notifier MUST signal only the latest state: e.g., whether or not the
   XCAP component exists.

   When the notifier receives a re-subscription, it MUST re-send the
   current full XML diff content unless the subscriber has requested a
   conditional subscription [RFC5839] by using the header field
   Suppress-If-Match: [ETag value].  With a conditional re-subscription,
   the notifier MUST also inspect the subscription body when determining
   the current subscription state.  Since the subscription is based on a
   list of XCAP request URIs, it is RECOMMENDED that the notifier does
   not consider the order of these URIs when determining the equivalence
   to "stored" previous states.  If a match to the previous state is not
   found, the NOTIFY message MUST contain the full XML diff state
   (similar to the initial notification).  The notifiers SHOULD
   implement the conditional subscription handling with this event

Top      ToC       Page 11 
   During re-subscriptions, the subscriber may change the value of the
   diff-processing parameter.  The value change influences only
   subsequent notifications, not the notification (if generated)
   followed immediately after the (re-)SUBSCRIBE request.

   Event packages like this require reliable transfer of NOTIFY
   messages.  This means that all messages MUST successfully be
   transferred or the document will become out of sync, and then patches
   will most likely fail (or worse, have unintended consequences).  This
   "xcap-diff" event package requires, similar to Partial-PIDF-Notify
   RFC 5263 [RFC5263], that a notifier MUST NOT send a new NOTIFY
   request to the same dialog unless a successful 200-response has been
   received for the last sent NOTIFY request.  If the NOTIFY request
   fails due to a timeout, the notifier MUST remove the subscription.

      Note: This requirement ensures that out-of-order events will not
      happen or that the dialog will terminate after non-resolvable
      NOTIFY request failures.  In addition, some of the probable NOTIFY
      error responses (for example, 401, 407, 413) can possibly be
      handled gracefully without tearing down the dialog.

   If, for example, the subscriber has selected too many elements to
   which to subscribe, such that the notification body would be
   impractically large (that is, an intermediate NOTIFY failure), the
   notifier MAY discard the <element> element content.  The existence of
   elements is then indicated with an empty <element> element, and the
   content is not shown for those resources.  In other words, the
   <element> element does not have a child element that would show the
   subscribed "full" element content.

4.8.  Subscriber Processing of NOTIFY Requests

   The first NOTIFY request will usually contain references to HTTP
   resources including their strong ETag values.  If the subscriber does
   not have similar locally cached versions, it will typically start an
   unconditional HTTP GET request for those resources.  During this HTTP
   retrieval time, the subscriber MAY also receive patches to these
   documents if it has requested them and if the documents are changing
   rapidly.  It can happen that the version retrieved by HTTP is not the
   same than what is indicated in the initial notification.  A
   subscriber can then chain the modification list for each document,
   and locate the position where the previous ETag value is equal to
   that retrieved via HTTP.  If an ETag match is not found from the
   first change, a subscriber MUST omit all changes up to the point
   where it is the same.  From that change onwards, the subscriber
   applies all reported patches.  If the version received via HTTP is
   newer than any received via the notifications, the subscriber may not
   find an equivalent match of an ETag value from the chain of patches.

Top      ToC       Page 12 
   This can happen since notifications are reported after HTTP changes
   and preferably at some minimum intervals.  Also, document removals
   can be reported in notifications and/or HTTP retrievals may fail
   because of unexisting resources (rapidly changing).  In any case, the
   subscriber can re-fetch the possible out-of-sync document, wait for
   subsequent notifications or refresh the subscription (with "xcap-
   patching"), and repeat the described "sync" algorithm until a "full"
   sync is achieved.

   If the notifier aggregates patches, the previous modification list
   may not contain the ETag value retrieved by HTTP simply because of
   aggregation optimizations.  A similar out-of-sync cycle can happen
   when new (subscribed) documents are created that change rapidly.  To
   avoid such difficulties, the subscriber MAY start the subscription
   with the "xcap-patching" mode, and then refresh the subscription with
   the "aggregate" mode after the initial sync is achieved.  Naturally,
   the subscriber can revert back to the "xcap-patching" mode from
   "aggregate" at any time and vice versa.

   If the subscriber has received a "full" sync and it has detected that
   some of the resources are being served with the "xcap-patching" mode
   while others are in the "aggregate" mode, it SHOULD refresh the
   subscription to the "aggregate" mode.

   The notifier MAY at any time temporarily use the "no-patching" mode
   for some resources so that the subscriber receives only URI
   references of modifications.  When the notifier is acting in this
   mode, several cycles MAY be needed before an initial "full" sync is
   achieved.  As the notifier MAY change modes in the middle of a
   dialog, the subscriber is always responsible for taking appropriate
   actions.  Also, as the last resort, the subscriber MAY always disable
   the usage of diff-processing by setting the "diff-processing"
   parameter to "no-patching".

   If a diff format cannot be applied due to patch processing and/or
   programming errors (for a list, see Section 5.1 of [RFC5261]), the
   subscriber SHOULD refresh the subscription and disable patching by
   setting the "diff-processing" parameter to "no-patching".  The
   subscriber SHOULD NOT reply with a non-200 response since the
   notifier cannot make corrections.

   During unconditional re-subscriptions, the subscriber MUST stamp the
   received state of all previous resources as stale.  However, if a
   conditional [RFC5839] re-subscription is successful, the subscriber
   MUST preserve the current state of resources unless the subscribed
   URI list has changed.  That is, the subscriber MUST fetch the
   resource's state, for example, from some local cache.

Top      ToC       Page 13 
4.9.  Handling of Forked Requests

   This specification allows only a single dialog to be constructed from
   an initial SUBSCRIBE request.  If the subscriber receives forked
   responses to a SUBSCRIBE, the subscriber MUST apply the procedures in
   Section 4.4.9 of RFC 3265 [RFC3265] for handling non-allowed forked

4.10.  Rate of Notifications

   Notifiers of an "xcap-diff" event package SHOULD NOT generate
   notifications for a single subscription at a rate of more than once
   every five seconds.

4.11.  State Agents

   State agents play no role in this package.

5.  An Initial Example NOTIFY Document

   Figure 2 shows an example initial XCAP diff format document provided
   by the first NOTIFY request to the SUBSCRIBE example in Figure 1.
   The following is an example Event header field for this SUBSCRIBE

   Event: xcap-diff; diff-processing=aggregate

   The subscriber requests that the notifier "aggregate" XCAP component
   updates and anticipates that the subsequent notifications will
   contain aggregated patches to these documents.

Top      ToC       Page 14 
   <?xml version="1.0" encoding="UTF-8"?>
   <d:xcap-diff xmlns:d="urn:ietf:params:xml:ns:xcap-diff"

    <d:document new-etag="7ahggs"

    <d:document new-etag="30376adf"

    <d:element sel="rls-services/users/
       ><s:service uri="">
         <s:list name="marketing">
           <rl:entry uri=""/>
           <rl:entry uri=""/>


          Figure 2: An example initial XCAP diff format document

   Note that the resource-list "index" document included only the new
   ETag value, as the document existed during the subscription time.  In
   the "pidf-manipulation" collection, there is only a single document
   for which the user has read privileges.  The <service> element exists
   within the rls-services "index" document and its content is shown.
   Note also that the <service> element was located using the Default
   Document Namespace (no prefix in XCAP Node Selector value) although
   it has an "s" prefix in the source document.

6.  IANA Considerations

   IANA has added a new event package to the SIP Event Types Namespace
   registry as follows:

     Package Name    Type        Contact                      Reference
     -------------   --------    -------                      ---------
     xcap-diff       package     IETF Real-time Applications  [RFC5875]

Top      ToC       Page 15 
7.  Security Considerations

   This document defines a new SIP event package for the SIP event
   notification framework specified in RFC 3265 [RFC3265].  As such, all
   the security considerations of RFC 3265 apply.  The configuration
   data can contain sensitive information, and both the client and the
   server need to authenticate each other.  The notifiers MUST
   authenticate the "xcap-diff" event package subscriber using the
   normal SIP authentication mechanisms, for example, Digest as defined
   in Section 22 of RFC 3261 [RFC3261].  The notifiers MUST be aware of
   XCAP User Identifiers (XUI) and how to map the authenticated SIP
   identities unambiguously with XUIs.

   Since XCAP [RFC4825] provides a basic authorization policy for
   resources and since notifications contain content similar to XCAP
   resources, the security considerations of XCAP also apply.  The
   notifiers MUST obey the XCAP authorization rules when signalling
   resource changes.  In practice, this means following the read
   privilege rules of XCAP resources.

   Denial-of-service attacks against notifiers deserve special mention.
   The following can cause denial of service due to intensive
   processing: subscriptions to a long list of URIs, "pending"
   subscriptions to non-existent documents or XCAP components, and diff-
   generation algorithms that try to optimize the required bandwidth
   usage to extremes.

   The mechanism used for conveying xcap-diff event information MUST
   ensure integrity and SHOULD ensure confidentially of the information.
   An end-to-end SIP encryption mechanism, such as S/MIME described in
   Section 26.2.4 of RFC 3261 [RFC3261], SHOULD be used.  If that is not
   available, it is RECOMMENDED that TLS [RFC5246] be used between
   elements to provide hop-by-hop authentication and encryption
   mechanisms described in Sections 26.2.2 ("SIPS URI Scheme") and ("Interdomain Requests") of RFC 3261 [RFC3261].

8.  Acknowledgments

   The author would like to thank Jonathan Rosenberg for his valuable
   comments and for providing the initial event package, and Aki Niemi,
   Pekka Pessi, Miguel Garcia, Pavel Dostal, Krisztian Kiss, Anders
   Lindgren, Sofie Lassborn, Keith Drage, Stephen Hinton, Byron Campen,
   Avshalom Houri, Ben Campbell, Paul Kyzivat, Spencer Dawkins, Pasi
   Eronen, and Chris Newman for their valuable comments.  Lisa Dusseault
   critiqued the document during IESG review, raising numerous issues
   that resulted in improved document quality.  Further, technical
   writer A. Jean Mahoney devoted countless hours to integrating Lisa's
   comments and cleaning up the technical English usage.

Top      ToC       Page 16 
9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

   [RFC3261]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
              A., Peterson, J., Sparks, R., Handley, M., and E.
              Schooler, "SIP: Session Initiation Protocol", RFC 3261,
              June 2002.

   [RFC3265]  Roach, A., "Session Initiation Protocol (SIP)-Specific
              Event Notification", RFC 3265, June 2002.

   [RFC4825]  Rosenberg, J., "The Extensible Markup Language (XML)
              Configuration Access Protocol (XCAP)", RFC 4825, May 2007.

   [RFC4826]  Rosenberg, J., "Extensible Markup Language (XML) Formats
              for Representing Resource Lists", RFC 4826, May 2007.

   [RFC5234]  Crocker, D. and P. Overell, "Augmented BNF for Syntax
              Specifications: ABNF", STD 68, RFC 5234, January 2008.

   [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
              (TLS) Protocol Version 1.2", RFC 5246, August 2008.

   [RFC5261]  Urpalainen, J., "An Extensible Markup Language (XML) Patch
              Operations Framework Utilizing XML Path Language (XPath)
              Selectors", RFC 5261, September 2008.

   [RFC5839]  Niemi, A. and D. Willis, "An Extension to Session
              Initiation Protocol (SIP) Events for Conditional Event
              Notification", RFC 5839, May 2010.

   [RFC5874]  Rosenberg, J. and J. Urpalainen, "An Extensible Markup
              Language (XML) Document Format for Indicating a Change in
              XML Configuration Access Protocol (XCAP) Resources",
              RFC 5874, May 2010.

Top      ToC       Page 17 
9.2.  Informative References

   [RFC4918]               Dusseault, L., "HTTP Extensions for Web
                           Distributed Authoring and Versioning
                           (WebDAV)", RFC 4918, June 2007.

   [RFC5263]               Lonnfors, M., Costa-Requena, J., Leppanen,
                           E., and H. Khartabil, "Session Initiation
                           Protocol (SIP) Extension for Partial
                           Notification of Presence Information",
                           RFC 5263, September 2008.

   [W3C.REC-xml-20060816]  Paoli, J., Bray, T., Yergeau, F., Maler, E.,
                           and C. Sperberg-McQueen, "Extensible Markup
                           Language (XML) 1.0 (Fourth Edition)", World
                           Wide Web Consortium FirstEdition REC-xml-
                           20060816, August 2006,

Top      ToC       Page 18 
Appendix A.  Informative Examples

   These examples illustrate the basic features of the xcap-diff event
   package.  Only the relevant header fields are shown.  Note also that
   the SIP request URIs of these examples don't correspond to reality.

A.1.  Initial Documents on an XCAP Server

   The following documents exist on an XCAP server (
   with an imaginary "tests" application usage (there's no Default
   Document Namespace defined in this imaginary application usage).

   <?xml version="1.0" encoding="UTF-8"?>
     <note>This is a sample document</note>

   and then

   <?xml version="1.0" encoding="UTF-8"?>
     <note>This is another sample document</note>

A.2.  An Initial Subscription

   The following demonstrates the listing of collection contents and it
   shows only resources where the user has read privileges.  The user
   Joe, whose XUI is "", sends an initial

   Accept: application/xcap-diff+xml
   Event: xcap-diff; diff-processing=aggregate
   Content-Type: application/resource-lists+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists">
     <entry uri="tests/users/"/>

Top      ToC       Page 19 
   In addition to the 200 (OK) response, the notifier sends the first

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <xcap-diff xmlns="urn:ietf:params:xml:ns:xcap-diff"

    <document new-etag="7ahggs"


   The subscriber learns that the document on this "tests" application
   usage is equivalent to its locally cached version, so it does not
   act.  If the local version had been different, the subscriber would
   most likely re-fetch the document.

   If the subscriber had requested the "tests/users/" collection, the
   notification body would have been the same since Joe has no read
   privileges to John's resources (XCAP default behavior).

   If the Expires header field had a value "0", the request would be
   similar to the PROPFIND method of WebDAV.  The syntax and responses
   differ, however.

A.3.  A Document Addition into a Collection

   Let's say that Joe adds a new document to his collection, using
   either the same client or another client running on a different
   device.  He does an HTTP PUT to his application usage collection:

   PUT /tests/users/ HTTP/1.1
   Content-Type: application/xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
     <note>This is another sample document</note>

Top      ToC       Page 20 
   This HTTP PUT request results in the XCAP client receiving a strong
   HTTP ETag "terteer" for this new document.

   Then the subscriber receives a notification afterwards:

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <xcap-diff xmlns="urn:ietf:params:xml:ns:xcap-diff"

    <document new-etag="terteer"


   Note that the result is "additive"; it doesn't indicate the already
   indicated "index" document.  Only the initial (or refreshed)
   notification contains all document URI references.

   If Joe's client both modifies the documents and refreshes the
   subscriptions, it would typically ignore this notification, since its
   modifications had caused the notification.  If the client that
   received this NOTIFY hadn't submitted the document change, it would
   probably fetch this new document.

   If Joe's client refreshes the subscription with the same request body
   as in the initial subscription, the result will include these two
   documents: "index" and "another_document" with their ETags.

A.4.  A Series of XCAP Component Modifications

   Now Joe's client uses its XCAP patching capability by doing the

   PUT /tests/users/ HTTP/1.1
   Content-Type: application/xcap-el+xml
   Content-Length: [XXX]

   <foo>this is a new element</foo>

Top      ToC       Page 21 
   Since the insertion of the element is successful, Joe's client
   receives the new HTTP ETag "fgherhryt3" of the updated "index"

   Immediately thereafter, Joe's client issues another HTTP request
   (this request could even be pipe-lined):

   PUT /tests/users/ HTTP/1.1
   Content-Type: application/xcap-el+xml
   Content-Length: [XXX]

   <bar>this is a bar element

   The reported new HTTP ETag of "index" is now "dgdgdfgrrr".

   And Joe's client issues yet another HTTP request:

   PUT /tests/users/ HTTP/1.1
   Content-Type: application/xcap-el+xml
   Content-Length: [XXX]

   <foobar>this is a foobar element</foobar>

   The reported new ETag of "index" is now "63hjjsll".

   After awhile, Joe's client receives a notification with an embedded
   patch since it has requested "aggregate" diff-processing and the
   notifier is capable of producing them:

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <d:xcap-diff xmlns:d="urn:ietf:params:xml:ns:xcap-diff"

    <d:document previous-etag="7ahggs3"
     <d:add sel="*"

Top      ToC       Page 22 
       ><foo>this is a new element</foo><bar>this is a bar element
   </bar><foobar>this is a foobar element</foobar></d:add>


   Joe's client applies this patch to the locally cached "index"
   document, detects the ETag update, and stores the last ETag value.
   Note how several XCAP component modifications were aggregated.

   Note also that, if Joe's client did not have a locally cached version
   of the reference document, it would have needed to do an HTTP GET
   request after the initial notification.  If the ETag of the received
   resource by HTTP did not match either the previous or new ETag of
   this aggregated patch, an out-of-sync condition would be probable.
   This issue is not typical, but it can happen.  To resolve the issue,
   the client could re-fetch the "index" document and/or wait for
   subsequent notifications to detect a match.  A better and simpler way
   to avoid the issue is to refresh the subscription with the "xcap-
   patching" mode and later refresh with the "aggregate" mode.

   Alternatively, if the notifier's operational mode been "xcap-
   patching", the NOTIFY could have been the following:

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <d:xcap-diff xmlns:d="urn:ietf:params:xml:ns:xcap-diff"

    <d:document previous-etag="7ahggs"
      <d:add sel="*"
       ><foo>this is a new element</foo></d:add></d:document>

    <d:document previous-etag="fgherhryt3"
      <d:add sel="*"
       ><bar>this is a bar element

    <d:document previous-etag="dgdgdfgrrr"

Top      ToC       Page 23 
      <d:add sel="*"
       ><foobar>this is a foobar element</foobar></d:add></d:document>


   If the client had to re-fetch the "index" document after the initial
   notification, it could have skipped some or all of these patches,
   depending on whether the HTTP ETag matched some of these ETags in the
   chain of patches.  If the HTTP ETag did not match and the received
   HTTP version is a newer version indicated in later notification(s),
   the sync may then be achieved since the notifier provided the full
   change history in the "xcap-patching" mode.

   Last, the notifier could (temporarily) fall back to the "no-patching"
   mode, which allows the notifier to keep the dialog alive when there
   are too many updates:

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <xcap-diff xmlns="urn:ietf:params:xml:ns:xcap-diff"

    <document previous-etag="7ahggs3"


   At any time, the notifier may fall back to the "no-patching" mode for
   some or all of the subscribed documents.

A.5.  An XCAP Component Subscription

   The user Joe sends an initial subscription for the "id" attribute of
   a <doc> element.  The "index" document exists, but the <doc> root
   element does not contain the "id" attribute at the time of the

Top      ToC       Page 24 
   Accept: application/xcap-diff+xml
   Event: xcap-diff
   Content-Type: application/resource-lists+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists">
     <entry uri="tests/users/"/>

   The first NOTIFY looks like the following since there is nothing to

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <xcap-diff xmlns="urn:ietf:params:xml:ns:xcap-diff"

   Note that if the "index" document hadn't existed, the first NOTIFY
   request would have been the same.  The XCAP diff document format
   doesn't indicate reasons for non-existing resources.

   Afterwards, Joe's client updates the whole document root element
   including the attribute "id" (not a typical XCAP operation or a
   preferred one, just an illustration here):

   PUT /tests/users/ HTTP/1.1
   Content-Type: application/xcap-el+xml
   Content-Length: [XXX]

   <doc id="bar">This is a new root element</doc>

   The new HTTP ETag of the "index" document is now "dwawrrtyy".

Top      ToC       Page 25 
   Then Joe's client gets a notification:

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <xcap-diff xmlns="urn:ietf:params:xml:ns:xcap-diff"

    <attribute sel="tests/users/"


   Note that the HTTP ETag value of the new document is not shown, as it
   is irrelevant for this use-case.

   Then Joe's client removes the "id" attribute:

   DELETE /tests/users/ HTTP/1.1
   Content-Length: 0

   And the subscriber gets a notification:

   Event: xcap-diff
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <xcap-diff xmlns="urn:ietf:params:xml:ns:xcap-diff"

    <attribute sel="tests/users/"


   The notification indicates that the subscribed attribute was removed
   from the document.  Naturally, attributes are "removed" if the
   element where they belong is removed, for example, by an HTTP DELETE

Top      ToC       Page 26 
   request.  The component selections indicate only the existence of
   attributes or elements.

A.6.  A Conditional Subscription

   The last example is a conditional subscription where a full refresh
   can be avoided when there are no changes in resources.  Joe's client
   sends an initial subscription:

   Accept: application/xcap-diff+xml
   Event: xcap-diff; diff-processing=xcap-patching
   Content-Type: application/resource-lists+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists">
     <entry uri="tests/users/"/>

   Since there are now two documents in the repository, the first NOTIFY
   looks like the following:

   Event: xcap-diff
   SIP-ETag: xggfefe54
   Content-Type: application/xcap-diff+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <xcap-diff xmlns="urn:ietf:params:xml:ns:xcap-diff"

    <document new-etag="63hjjsll"

    <document new-etag="terteer"


   Note that the NOTIFY request contains the SIP-ETag "xggfefe54".  This
   SIP-ETag is placed in the Suppress-If-Match header field of the
   conditional subscription.  The "diff-processing" mode also is changed

Top      ToC       Page 27 
   (or is requested to change):

   Suppress-If-Match: xggfefe54
   Accept: application/xcap-diff+xml
   Event: xcap-diff; diff-processing=aggregate
   Content-Type: application/resource-lists+xml
   Content-Length: [XXX]

   <?xml version="1.0" encoding="UTF-8"?>
   <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists">
     <entry uri="tests/users/"/>

   If the notifier finds a match to the previous stored state when it
   evaluates this request, it responds with 204 (No Notification).  If
   there are no reportable changes as per [RFC5839], NOTIFY request
   generation is suppressed.  When the notifier can aggregate several
   modifications, this re-subscription enables the processing of that
   mode thereafter.  Indeed, the re-subscription may be quite process-
   intensive, especially when there are a large number of relevant
   reported resources.

Authors' Addresses

   Jari Urpalainen
   Itamerenkatu 11-13
   Helsinki  00180

   Phone: +358 7180 37686

   Dean Willis (editor)
   Softarmor Systems LLC
   3100 Independence Pk #311-164
   Plano, TX  75075

   Phone: +1 214 504 19876