Internet Engineering Task Force (IETF) P. Saint-Andre
Request for Comments: 6121 Cisco
Obsoletes: 3921 March 2011
Category: Standards Track
Extensible Messaging and Presence Protocol (XMPP):
Instant Messaging and Presence
This document defines extensions to core features of the Extensible
Messaging and Presence Protocol (XMPP) that provide basic instant
messaging (IM) and presence functionality in conformance with the
requirements in RFC 2779. This document obsoletes RFC 3921.
Status of this Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Appendix D. XML Schema for jabber:iq:roster . . . . . . . . . . 110Appendix E. Differences From RFC 3921 . . . . . . . . . . . . . 112Appendix F. Acknowledgements . . . . . . . . . . . . . . . . . . 1131. Introduction
The Extensible Messaging and Presence Protocol (XMPP) is an
application profile of the Extensible Markup Language [XML] that
enables the near-real-time exchange of structured yet extensible data
between any two or more network entities. The core features of XMPP
defined in [XMPP-CORE] provide the building blocks for many types of
near-real-time applications, which can be layered on top of the core
by sending application-specific data qualified by particular XML
namespaces (refer to [XML-NAMES]). This document defines XMPP
extensions that provide the basic functionality expected of an
instant messaging (IM) and presence application as described in
The basic syntax and semantics of XMPP were developed originally
within the Jabber open-source community, mainly in 1999. In late
2002, the XMPP Working Group was chartered with developing an
adaptation of the core Jabber protocol that would be suitable as an
IETF IM and presence technology in accordance with [IMP-REQS]. In
October 2004, [RFC3920] and [RFC3921] were published, representing
the most complete definition of XMPP at that time.
Since 2004 the Internet community has gained extensive implementation
and deployment experience with XMPP, including formal
interoperability testing carried out under the auspices of the XMPP
Standards Foundation (XSF). This document incorporates comprehensive
feedback from software developers and service providers, including a
number of backward-compatible modifications summarized under
Appendix E. As a result, this document reflects the rough consensus
of the Internet community regarding the IM and presence features of
XMPP 1.0, thus obsoleting RFC 3921.
Traditionally, IM applications have combined the following factors:
1. The central point of focus is a list of one's contacts or
"buddies" (in XMPP this list is called a "roster").
2. The purpose of using such an application is to exchange
relatively brief text messages with particular contacts in close
to real time -- often relatively large numbers of such messages
in rapid succession, in the form of a one-to-one "chat session"
as described under Section 5.1.
3. The catalyst for exchanging messages is "presence" -- i.e.,
information about the network availability of particular contacts
(thus knowing who is online and available for a one-to-one chat
4. Presence information is provided only to contacts that one has
authorized by means of an explicit agreement called a "presence
Thus at a high level this document assumes that a user needs to be
able to complete the following use cases:
o Manage items in one's contact list
o Exchange messages with one's contacts
o Exchange presence information with one's contacts
o Manage presence subscriptions to and from one's contacts
Detailed definitions of these functionality areas are contained in
RFC 2779 [IMP-REQS], and the interested reader is referred to that
document regarding in-depth requirements. Although the XMPP IM and
presence extensions specified herein meet the requirements of RFC
2779, they were not designed explicitly with that specification in
mind, since the base protocol evolved through an open development
process within the Jabber open-source community before RFC 2779 was
written. Although XMPP protocol extensions addressing many other
functionality areas have been defined in the XMPP Standards
Foundation's XEP series (e.g., multi-user text chat as specified in
[XEP-0045]), such extensions are not specified in this document
because they are not mandated by RFC 2779.
Implementation Note: RFC 2779 stipulates that presence services
must be separable from IM services and vice-versa; i.e., it must
be possible to use the protocol to provide a presence service, a
messaging service, or both. Although the text of this document
assumes that implementations and deployments will want to offer a
unified IM and presence service, it is not mandatory for an XMPP
service to offer both a presence service and a messaging service,
and the protocol makes it possible to offer separate and distinct
services for presence and for messaging. (For example, a
presence-only service could return a <service-unavailable/> stanza
error if a client attempts to send a <message/> stanza.)
1.4. Functional Summary
This non-normative section provides a developer-friendly, functional
summary of XMPP-based IM and presence features; consult the sections
that follow for a normative definition of these features.
[XMPP-CORE] specifies how an XMPP client connects to an XMPP server.
In particular, it specifies the preconditions that need to be
fulfilled before a client is allowed to send XML stanzas (the basic
unit of meaning in XMPP) to other entities on an XMPP network. These
preconditions comprise negotiation of the XML stream and include
exchange of XML stream headers, optional channel encryption via
Transport Layer Security [TLS], mandatory authentication via Simple
Authentication and Security Layer [SASL], and binding of a resource
to the stream for client addressing. The reader is referred to
[XMPP-CORE] for details regarding these preconditions, and knowledge
of [XMPP-CORE] is assumed herein.
Interoperability Note: [RFC3921] specified one additional
precondition: formal establishment of an instant messaging and
presence session. Implementation and deployment experience has
shown that this additional step is unnecessary. However, for
backward compatibility an implementation MAY still offer that
feature. This enables older software to connect while letting
newer software save a round trip.
Upon fulfillment of the preconditions specified in [XMPP-CORE], an
XMPP client has a long-lived XML stream with an XMPP server, which
enables the user controlling that client to send and receive a
potentially unlimited number of XML stanzas over the stream. Such a
stream can be used to exchange messages, share presence information,
and engage in structured request-response interactions in close to
real time. After negotiation of the XML stream, the typical flow for
an instant messaging and presence session is as follows:
1. Retrieve one's roster. (See Section 2.2.)
2. Send initial presence to the server for broadcast to all
subscribed contacts, thus "going online" from the perspective of
XMPP communication. (See Section 4.2.)
3. Exchange messages, manage presence subscriptions, perform roster
updates, and in general process and generate other XML stanzas
with particular semantics throughout the life of the session.
(See Sections 5, 3, 2, and 6.)
4. Terminate the session when desired by sending unavailable
presence and closing the underlying XML stream. (See
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in RFC
This document inherits the terminology defined in [XMPP-CORE].
The terms "automated client" and "interactive client" are to be
understood in the sense defined in [TLS-CERTS].
For convenience, this document employs the term "user" to refer to
the owner of an XMPP account; however, account owners need not be
humans and can be bots, devices, or other automated applications.
Several other terms, such as "interested resource", are defined
within the body of this document.
Following the "XML Notation" used in [IRI] to represent characters
that cannot be rendered in ASCII-only documents, some examples in
this document use the form "&#x...." as a notational device to
represent [UNICODE] characters (e.g., the string "ř" stands
for the Unicode character LATIN SMALL LETTER R WITH CARON); this form
is definitely not to be sent over the wire in XMPP systems.
In examples, lines have been wrapped for improved readability,
"[...]" means elision, and the following prepended strings are used
(these prepended strings are not to be sent over the wire):
o C: = client
o CC: = contact's client
o CS: = contact's server
o S: = server
o UC: = user's client
o US: = user's server
Readers need to be aware that the examples are not exhaustive and
that, in examples for some protocol flows, the alternate steps shown
would not necessarily be triggered by the exact data sent in the
previous step; in all cases, the protocol definitions specified in
this document or in normatively referenced documents rule over any
examples provided here. All examples are fictional and the
information exchanged (e.g., usernames and passwords) does not
represent any existing users or servers.
2. Managing the Roster
In XMPP, a user's roster contains any number of specific contacts. A
user's roster is stored by the user's server on the user's behalf so
that the user can access roster information from any device. When
the user adds items to the roster or modifies existing items, if an
error does not occur then the server SHOULD store that data
unmodified if at all possible and MUST return the data it has stored
when an authorized client requests the roster.
Security Warning: Because the user's roster can contain
confidential data, the server MUST restrict access to this data so
that only authorized entities (typically limited to the account
owner) are able to retrieve, modify, or delete it.
RFC 3921 assumed that the only place where a user stores their roster
is the server where the user's account is registered and at which the
user authenticates for access to the XMPP network. This
specification removes that strict coupling of roster storage to
account registration and network authentication, with the result that
a user could store their roster at another location, or could have
multiple rosters that are stored in multiple locations. However, in
the absence of implementation and deployment experience with a more
flexible roster storage model, this specification retains the
terminology of RFC 3921 by using the terms "client" and "server" (and
"the roster" instead of "a roster"), rather than coining a new term
for "a place where a user stores a roster". Future documents might
provide normative rules for non-server roster storage or for the
management of multiple rosters, but such rules are out of scope for
2.1. Syntax and Semantics
Rosters are managed using <iq/> stanzas (see Section 8.2.3 of
[XMPP-CORE]), specifically by means of a <query/> child element
qualified by the 'jabber:iq:roster' namespace. The detailed syntax
and semantics are defined in the following sections.
2.1.1. Ver Attribute
The 'ver' attribute is a string that identifies a particular version
of the roster information. The value MUST be generated only by the
server and MUST be treated by the client as opaque. The server can
use any appropriate method for generating the version ID, such as a
hash of the roster data or a strictly increasing sequence number.
Inclusion of the 'ver' attribute is RECOMMENDED.
Use of the 'ver' attribute is described more fully under Section 2.6.
Interoperability Note: The 'ver' attribute of the <query/> element
was not defined in RFC 3921 and is newly defined in this
2.1.2. Roster Items
The <query/> element inside a roster set (Section 2.1.5) contains one
<item/> child, and a roster result (Section 2.1.4) typically contains
multiple <item/> children. Each <item/> element describes a unique
"roster item" (sometimes also called a "contact").
The syntax of the <item/> element is described in the following
126.96.36.199. Approved Attribute
The boolean 'approved' attribute with a value of "true" is used to
signal subscription pre-approval as described under Section 3.4 (the
default is "false", in accordance with [XML-DATATYPES]).
A server SHOULD include the 'approved' attribute to inform the client
of subscription pre-approvals. A client MUST NOT include the
'approved' attribute in the roster sets it sends to the server, but
instead MUST use presence stanzas of type "subscribed" and
"unsubscribed" to manage pre-approvals as described under
Interoperability Note: The 'approved' attribute of the <item/>
element was not defined in RFC 3921 and is newly defined in this
188.8.131.52. Ask Attribute
The 'ask' attribute of the <item/> element with a value of
"subscribe" is used to signal various subscription sub-states that
include a "Pending Out" aspect as described under Section 3.1.2.
A server SHOULD include the 'ask' attribute to inform the client of
"Pending Out" sub-states. A client MUST NOT include the 'ask'
attribute in the roster sets it sends to the server, but instead MUST
use presence stanzas of type "subscribe" and "unsubscribe" to manage
such sub-states as described under Section 3.1.2.
184.108.40.206. JID Attribute
The 'jid' attribute of the <item/> element specifies the Jabber
Identifier (JID) that uniquely identifies the roster item.
The 'jid' attribute is REQUIRED whenever a client or server adds,
updates, deletes, or returns a roster item.
220.127.116.11. Name Attribute
The 'name' attribute of the <item/> element specifies the "handle" to
be associated with the JID, as determined by the user (not the
contact). Although the value of the 'name' attribute MAY have
meaning to a human user, it is opaque to the server. However, the
'name' attribute MAY be used by the server for matching purposes
within the context of various XMPP extensions (one possible
comparison method is that described for XMPP resourceparts in
It is OPTIONAL for a client to include the 'name' attribute when
adding or updating a roster item.
18.104.22.168. Subscription Attribute
The state of the presence subscription is captured in the
'subscription' attribute of the <item/> element. The defined
subscription-related values are:
none: the user does not have a subscription to the contact's
presence, and the contact does not have a subscription to the
user's presence; this is the default value, so if the subscription
attribute is not included then the state is to be understood as
to: the user has a subscription to the contact's presence, but the
contact does not have a subscription to the user's presence
from: the contact has a subscription to the user's presence, but the
user does not have a subscription to the contact's presence
both: the user and the contact have subscriptions to each other's
presence (also called a "mutual subscription")
In a roster result (Section 2.1.4), the client MUST ignore values of
the 'subscription' attribute other than "none", "to", "from", or
In a roster push (Section 2.1.6), the client MUST ignore values of
the 'subscription' attribute other than "none", "to", "from", "both",
In a roster set (Section 2.1.5), the 'subscription' attribute MAY be
included with a value of "remove", which indicates that the item is
to be removed from the roster; in a roster set the server MUST ignore
all values of the 'subscription' attribute other than "remove".
Inclusion of the 'subscription' attribute is OPTIONAL.
22.214.171.124. Group Element
The <group/> child element specifies a category or "bucket" into
which the roster item is to be grouped by a client. An <item/>
element MAY contain more than one <group/> element, which means that
roster groups are not exclusive. Although the XML character data of
the <group/> element MAY have meaning to a human user, it is opaque
to the server. However, the <group/> element MAY be used by the
server for matching purposes within the context of various XMPP
extensions (one possible comparison method is that described for XMPP
resourceparts in [XMPP-ADDR]).
It is OPTIONAL for a client to include the <group/> element when
adding or updating a roster item. If a roster set (Section 2.1.5)
includes no <group/> element, then the item is to be interpreted as
being affiliated with no group.
2.1.3. Roster Get
A "roster get" is a client's request for the server to return the
roster; syntactically it is an IQ stanza of type "get" sent from
client to server and containing a <query/> element qualified by the
'jabber:iq:roster' namespace, where the <query/> element MUST NOT
contain any <item/> child elements.
C: <iq email@example.com/balcony'
The expected outcome of sending a roster get is for the server to
return a roster result.
2.1.4. Roster Result
A "roster result" is the server's response to a roster get;
syntactically it is an IQ stanza of type "result" sent from server to
client and containing a <query/> element qualified by the 'jabber:iq:
The <query/> element in a roster result contains one <item/> element
for each contact and therefore can contain more than one <item/>
S: <iq id='bv1bs71f'
<query xmlns='jabber:iq:roster' ver='ver7'>
If the roster exists but there are no contacts in the roster, then
the server MUST return an IQ-result containing a child <query/>
element that in turn contains no <item/> children (i.e., the server
MUST NOT return an empty <iq/> stanza of type "error").
S: <iq id='bv1bs71f'
<query xmlns='jabber:iq:roster' ver='ver9'/>
If the roster does not exist, then the server MUST return a stanza
error with a condition of <item-not-found/>.
S: <iq id='bv1bs71f'
2.1.5. Roster Set
A "roster set" is a client's request for the server to modify (i.e.,
create, update, or delete) a roster item; syntactically it is an IQ
stanza of type "set" sent from client to server and containing a
<query/> element qualified by the 'jabber:iq:roster' namespace.
The following rules apply to roster sets:
1. The <query/> element MUST contain one and only one <item/>
2. The server MUST ignore any value of the 'subscription' attribute
other than "remove" (see Section 126.96.36.199).
Security Warning: Traditionally, the IQ stanza of the roster set
included no 'to' address, with the result that all roster sets
were sent from an authenticated resource (full JID) of the account
whose roster was being updated. Furthermore, RFC 3921 required a
server to perform special-case checking of roster sets to ignore
the 'to' address; however, this specification has removed that
special-casing, which means that a roster set might include a 'to'
address other than that of the sender. Therefore, the entity that
processes a roster set MUST verify that the sender of the roster
set is authorized to update the roster, and if not return a
C: <iq firstname.lastname@example.org/balcony'
2.1.6. Roster Push
A "roster push" is a newly created, updated, or deleted roster item
that is sent from the server to the client; syntactically it is an IQ
stanza of type "set" sent from server to client and containing a
<query/> element qualified by the 'jabber:iq:roster' namespace.
The following rules apply to roster pushes:
1. The <query/> element in a roster push MUST contain one and only
one <item/> element.
2. A receiving client MUST ignore the stanza unless it has no 'from'
attribute (i.e., implicitly from the bare JID of the user's
account) or it has a 'from' attribute whose value matches the
user's bare JID <user@domainpart>.
S: <iq id='a78b4q6ha463'
As mandated by the semantics of the IQ stanza as defined in
[XMPP-CORE], each resource that receives a roster push from the
server is supposed to reply with an IQ stanza of type "result" or
"error" (however, it is known that many existing clients do not reply
to roster pushes).
C: <iq email@example.com/balcony'
C: <iq firstname.lastname@example.org/chamber'
Security Warning: Traditionally, a roster push included no 'from'
address, with the result that all roster pushes were sent
implicitly from the bare JID of the account itself. However, this
specification allows entities other than the user's server to
maintain roster information, which means that a roster push might
include a 'from' address other than the bare JID of the user's
account. Therefore, the client MUST check the 'from' address to
verify that the sender of the roster push is authorized to update
the roster. If the client receives a roster push from an
unauthorized entity, it MUST NOT process the pushed data; in
addition, the client can either return a stanza error of <service-
unavailable/> error or refuse to return a stanza error at all (the
latter behavior overrides a MUST-level requirement from
[XMPP-CORE] for the purpose of preventing a presence leak).
Implementation Note: There is no error case for client processing
of roster pushes; if the server receives an IQ of type "error" in
response to a roster push then it SHOULD ignore the error.