Presentation is loading. Please wait.

Presentation is loading. Please wait.

XMPP – Extensible Messaging and Presence Protocol Vidya Satyanarayanan.

Published byKathlyn Carr Modified over 9 years ago

Similar presentations

Presentation on theme: "XMPP – Extensible Messaging and Presence Protocol Vidya Satyanarayanan."— Presentation transcript:

1 XMPP – Extensible Messaging and Presence Protocol Vidya Satyanarayanan

2 2 XMPP The base protocol used for XMPP is RFC 2779 (Instant Messaging /Presence Protocol Requirements). There are 2 drafts namely XMPP Core and XMPP Instant Messaging currently on XMPP. Presence and Instant Messaging Presence – Presence is a means for finding, retrieving, and subscribing to changes in the presence information (e.g. "online" or "offline") of other users. Instant Messaging – It is a means for sending small, simple messages that are delivered immediately to online users.

3 3 Requirements of RFC 2779 1.Scalability 2.Access Control 3.Message Encryption & Authentication 4.Presence Lookup & Notification 5.Presence Caching & Replication 6.Reliability 7.Performance

4 4 XMPP Core Overview XMPP is an open protocol for streaming XML elements in order to exchange messages and presence information in close to real time. XMPP has been implemented via a typical client-server architecture, wherein a client utilizing XMPP accesses a server over a TCP socket.

5 5 Addressing Scheme JID – Jabber Identifier. format: [node@]domain[/resource] E.g. (where "room" is the name of the chat room and "service" is the hostname of the multi-user chat service)<room@service/nick> (where "nick" is the occupant's room nickname)<domain/resource> (could be a server-side script or service )

6 6 Domain Identifier –Domain Identifier – –Only Required identifier of JID. –Represents the n/w gateway or primary server to which entities connect. –Not always a server, can be service that is addressed as a sub domain of a server. Node Identifier –Node Identifier – –optional secondary identifier. –represents a client or a chat room associated with a multi-user chat service etc. –is called a "bare JID" and is of the form.

7 7 Resource Identifier –Resource Identifier – –optional tertiary identifier. –represents a specific session, connection (e.g., a device or location), or object (e.g., a participant in a multi-user chat room). –typically defined by a client implementation.

8 8 XML Streams and Stanzas  XML Streams  container for the exchange of XML elements between any two entities over a network.  The start and end of the XML stream is denoted by tag and tag.  An XML stream is unidirectional.  XML Stanza  is a discrete semantic unit of structured information.  is at a depth=1 of the XML stream.

9 9 XML Stanzas Message Stanza –include single messages, –Types of messages are chat, error, group chat, headline, normal. –Child elements are and. <message to='romeo@montague.net' from='juliet@capulet.com/balcony' xml:lang='en'> I implore you! Where are you, Romeo?

10 10 Presence Stanza – to express an entity's current availability status. – Types of Presence are unavailable, subscribe etc. – Child elements are,,. dnd IQ Stanza – is a request-response mechanism – Types of IQ are get(request roaster), set(add item on roaster), result, error. – Client requests current roster from server :

11 11 A Basic Session: C: <stream:stream to='shakespeare.lit' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'> S: <stream:stream from='shakespeare.lit' id='id_123456789' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams‘ version='1.0'> ….authentication... C: <message from='juliet@shakespeare.lit' to='romeo@shakespeare.lit' xml:lang='en'> C: Hi Romeo C: S: <message from='romeo@shakespeare.lit' to='juliet@shakespeare.lit' xml:lang='en'> S: Hi Juliet. S: C: S: : :

12 12 Stream Encryption & Authentication XMPP includes a method for securing the stream from tampering and eavesdropping. This channel encryption method makes use of the Transport Layer Security (TLS) protocol, along with a "STARTTLS“. Example Step 1: Client initiates stream to server: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' to='capulet.com' version='1.0'> Step 2: Server responds by sending a stream tag to client: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='12345678' from='capulet.com' version='1.0'>

13 13 Step 3: Server sends the STARTTLS extension to client along with authentication mechanisms and any other stream features: DIGEST-MD5 PLAIN Step 4: Client sends the STARTTLS command to server: Step 5: Server informs client to proceed: Step 6: Client and server attempt to complete TLS negotiation over the existing TCP connection. Step 7: If TLS negotiation is successful, client initiates a new stream to server: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' to='capulet.com' version='1.0'>

14 14 Step 8: Server responds by sending a stream header to client along with any remaining negotiable stream features: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' from='capulet.com' id='12345678' version='1.0'> DIGEST-MD5 PLAIN EXTERNAL Step 9: Client selects an authentication mechanism: <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl‘ mechanism='DIGEST-MD5'/> Step 10: Server sends a base64-encoded challenge to client: The decoded challenge is: nonce="gx0P01RRVoOfJVrIJ6aNkFlinh9nM/Up9dazVTFTq1c=",\ realm="capulet.com",qop="auth,auth-int,auth-conf",\ cipher="rc4-40,rc4-56,rc4,des,3des",maxbuf=2048,\ charset=utf-8,algorithm=md5-sess

15 15 Step 11: Client responds to the challenge: The decoded response is: username="juliet",realm="capulet.com",\ authzid="juliet@capulet.com/balcony",\ nonce="gx0P01RRVoOfJVrIJ6aNkFlinh9nM/Up9dazVTFTq1c=",\ cnonce="bdi7U/Duhd97ffXpS9mNhhK3ciY0FGO9xuqIlapBK4o=",\ nc=00000001,qop=auth-conf,cipher="rc4",maxbuf=2048,\ digest-uri="xmpp/capulet.com",\ response=8e0ac6010833b1224fcc4742afbdb352 Step 12: Server informs client of successful authentication: Step 13: Client initiates a new stream to server and the rest of the message passing happens.

16 16 Order of Layers The order of layers in which protocols MUST be stacked is as follows: 1. TCP 2. TLS 3. SASL 4. XMPP The rationale for this order is that TCP is the base connection layer used by all of the protocols. Stacked on top of TCP is TLS and is often provided at the operating system layer, SASL is often provided at the application layer, and XMPP is the application itself.

17 17 Summary of XMPP- IM Establishing a Session Exchanging Messages Exchanging Presence Information Managing One's Roster

Download ppt "XMPP – Extensible Messaging and Presence Protocol Vidya Satyanarayanan."

Similar presentations

…and a natural peer-to-peer platform!. Jabber as P2P Platform Agenda Why spend time in this session? What is Jabber? Who cares about Jabber? How does.

…and a natural peer-to-peer platform!. Jabber as P2P Platform Agenda Why spend time in this session? What is Jabber? Who cares about Jabber? How does.
Internet Peer-to-Peer Application Infrastructure Darren New Invisible Worlds, Inc.

Internet Peer-to-Peer Application Infrastructure Darren New Invisible Worlds, Inc.
SIP and Instant Messaging. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.

SIP and Instant Messaging. SIP Summit SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to XMPP Joe Hildebrand.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to XMPP Joe Hildebrand.
“” How much richer would it be if the network could extract more useful 'state' information about the device and/or user, especially if it is enriched.

“” How much richer would it be if the network could extract more useful 'state' information about the device and/or user, especially if it is enriched.
Applicability of Instant Messaging in the Military Command and Control Systems Author: Juha Vermaja Superviser: Jorma Jormakka Instructor: Marko Luoma,

Applicability of Instant Messaging in the Military Command and Control Systems Author: Juha Vermaja Superviser: Jorma Jormakka Instructor: Marko Luoma,
Jabber and Extensible Messaging and Presence Protocol (XMPP) Presenter: Michael Smith Cisc 856 Dec. 6, 2005.

Jabber and Extensible Messaging and Presence Protocol (XMPP) Presenter: Michael Smith Cisc 856 Dec. 6, 2005.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
P2P (Peer To Peer) Used: when applications need to communicate between devices. Examples: – Interactive game of checkers – Instant Messaging P2P can be.

P2P (Peer To Peer) Used: when applications need to communicate between devices. Examples: – Interactive game of checkers – Instant Messaging P2P can be.
Instant Messaging Internet Technologies and Applications.

Instant Messaging Internet Technologies and Applications.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
XMPP (eXtensible Messaging and Presence Protocol ) Reporter : Allen.

XMPP (eXtensible Messaging and Presence Protocol ) Reporter : Allen.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
Wireless Application Protocol (WAP) Reference: Chapter 12, section 2, Wireless Communications and Networks, by William Stallings, Prentice Hall.

Wireless Application Protocol (WAP) Reference: Chapter 12, section 2, Wireless Communications and Networks, by William Stallings, Prentice Hall.
CS 356 Systems Security Spring 2015 Dr. Indrajit Ray

CS 356 Systems Security Spring Dr. Indrajit Ray
 It defines the format of the frame to be exchanged between devices.  It defines how two devices can negotiate the establishment of the link and the.

 It defines the format of the frame to be exchanged between devices.  It defines how two devices can negotiate the establishment of the link and the.
CIS679: RTP and RTCP r Review of Last Lecture r Streaming from Web Server r RTP and RTCP.

CIS679: RTP and RTCP r Review of Last Lecture r Streaming from Web Server r RTP and RTCP.

Similar presentations

Ads by Google