XMPP


Extensible Messaging and Presence Protocol is an open communication protocol designed for instant messaging, presence information, and contact list maintenance. Based on XML, it enables the near-real-time exchange of structured data between two or more network entities. Designed to be extensible, the protocol offers a multitude of applications beyond traditional IM in the broader realm of message-oriented middleware, including signalling for VoIP, video, file transfer, gaming and other uses.
Unlike most commercial instant messaging protocols, XMPP is defined in an open standard in the application layer. The architecture of the XMPP network is similar to email; anyone can run their own XMPP server and there is no central master server. This federated open system approach allows users to interoperate with others on any server using a Jabber identifier user account, similar to an email address. XMPP implementations can be developed using any software license and many server, client, and library implementations are distributed as free and open-source software. Numerous freeware and commercial software implementations also exist.
Originally developed by the open-source community, the protocols were formalized as an approved instant messaging standard in 2004 and have been continuously developed with new extensions and features. Various XMPP client software are available on both desktop and mobile platforms and devices – by 2003 the protocol was used by over ten million people worldwide on the network, according to the XMPP Standards Foundation.

Federated Instant Messaging

Although the protocol has other uses, the primary application is Federated Instant Messaging, to deliver a standard Instant Messaging and Presence Protocol, outlined below.
A client Alice has a message for some other user, Beth, and uses XMPP to convey this to the example.com server. If Beth is online, the server delivers the message instantly, otherwise it will be held for delivery later. If Beth is offline, this status is visible to Alice.
If the message is for a user on another server, Charles, then the example.com server connects using XMPP to pass the message to the example.net server. The message is then similarly delivered or held, and Alice is informed of the status.
Following the initial message delivery, the end clients are in a "chat" and each party is subsequently informed of changes to the other's status.

Client-to-Server XMPP and Server-to-Server XMPP

The XMPP client communicates with the server over an TLS-encrypted TCP stream on port 5222. XMPP servers communicate with each other over an TLS-encrypted TCP stream on port 5269.

Protocol characteristics

Decentralization

The XMPP network architecture is reminiscent of the Simple Mail Transfer Protocol, a client–server model; clients do not talk directly to one another as it is decentralized – anyone can run a server. By design, there is no central authoritative server as there is with messaging services such as AIM, WLM, WhatsApp or Telegram. Some confusion often arises on this point as there is a public XMPP server being run at jabber.org, to which many users subscribe. However, anyone may run their own XMPP server on their own domain.

Addressing

Every user on the network has a unique XMPP address, called Jabber ID. The JID is structured like an email address with a username and a domain name for the server where that user resides, separated by an at sign – for example, “alice@example.com“: here alice is the username and example.com the server with which the user is registered.
Since a user may wish to log in from multiple locations, they may specify a resource. A resource identifies a particular client belonging to the user. This may be included in the JID by appending a slash followed by the name of the resource. For example, the full JID of a user's mobile account could be username@example.com/mobile.
Each resource may have specified a numerical value called priority. Messages simply sent to username@example.com will go to the client with highest priority, but those sent to username@example.com/mobile will go only to the mobile client. The highest priority is the one with largest numerical value.
JIDs without a username part are also valid, and may be used for system messages and control of special features on the server. A resource remains optional for these JIDs as well.
The means to route messages based on a logical endpoint identifier – the JID, instead of by an explicit IP address, present opportunities to use XMPP as an Overlay network implementation on top of different underlying networks.

XMPP via HTTP

The original and "native" transport protocol for XMPP is Transmission Control Protocol, using open-ended XML streams over long-lived TCP connections. As an alternative to the TCP transport, the XMPP community has also developed an HTTP transport for web clients as well as users behind restricted firewalls. In the original specification, XMPP could use HTTP in two ways: polling and binding. The polling method, now deprecated, essentially implies messages stored on a server-side database are being fetched regularly by an XMPP client by way of HTTP 'GET' and 'POST' requests. The binding method, implemented using Bidirectional-streams Over Synchronous HTTP, allows servers to push messages to clients as soon as they are sent. This push model of notification is more efficient than polling, where many of the polls return no new data.
Because the client uses HTTP, most firewalls allow clients to fetch and post messages without any hindrances. Thus, in scenarios where the TCP port used by XMPP is blocked, a server can listen on the normal HTTP port and the traffic should pass without problems. Various websites let people sign into XMPP via a browser. Furthermore, there are open public servers that listen on standard http and https ports, and hence allow connections from behind most firewalls. However, the IANA-registered port for BOSH is actually 5280, not 80.

Extensibility

The XMPP Standards Foundation or XSF is active in developing open XMPP extensions, so called XEPs. However, extensions can also be defined by any individual, software project, or organization. To maintain interoperability, common extensions are managed by the XSF. XMPP applications beyond IM include: chat rooms, network management, content syndication, collaboration tools, file sharing, gaming, remote systems control and monitoring, geolocation, middleware and cloud computing, VoIP, and identity services.
Building on its capability to support discovery across local network domains, XMPP is well-suited for cloud computing where virtual machines, networks, and firewalls would otherwise present obstacles to alternative service discovery and presence-based solutions. Cloud computing and storage systems rely on various forms of communication over multiple levels, including not only messaging between systems to relay state but also the migration or distribution of larger objects, such as storage or virtual machines. Along with authentication and in-transit data protection, XMPP can be applied at a variety of levels and may prove ideal as an extensible middleware or Message-oriented middleware protocol.

Current limitations

Since XML is text based, normal XMPP has a higher network overhead compared to purely binary solutions. This issue was being addressed by the experimental XEP-0322 Efficient XML Interchange Format, where XML is serialized in an efficient binary manner, especially in schema-informed mode. This XEP is currently deferred.
In-band binary data transfer is limited. Binary data must be first base64 encoded before it can be transmitted in-band. Therefore, any significant amount of binary data is best transmitted out-of-band, using in-band messages to coordinate. In most cases this is dealt with by using an attachment to a message and the widely implemented XEP-0363 HTTP File Upload mechanism. Voice and Video chat can be done via the Jingle XMPP Extension Protocol, XEP-0166.

Features

Peer-to-peer sessions

Using the extension called Jingle, XMPP can provide an open means to support machine-to-machine or peer-to-peer communications across a diverse set of networks. This feature is mainly used for IP telephony.

Multi-user chat

XMPP supports conferences with multiple users, using the specification Multi-User Chat . From the point of view of a normal user, it is comparable to Internet Relay Chat.

Security and encryption

XMPP servers can be isolated, and secure authentication and point-to-point encryption have been built into the core XMPP specifications.
Off-the-Record Messaging is an extension of XMPP enabling encryption of messages and data. It has since been replaced by a better extension, multi-end-to-multi-end encryption end-to-end encryption between users. This gives a higher level of security, by encrypting all data from the source client and decrypting again at the target client; the server operator cannot decrypt the data they are forwarding.
Messages can also be encrypted with OpenPGP, for example with the software Gajim.

Service discovery

While several service discovery protocols exist today, XMPP provides a solid base for the discovery of services residing locally or across a network, and the availability of these services, as specified by XEP-0030 DISCO.

Connecting to other protocols

One of the original design goals of the early Jabber open-source community was enabling users to connect to multiple instant messaging systems through a single client application. This was done through entities called transports or gateways to other instant messaging protocols like ICQ, AIM or Yahoo Messenger, but also to protocols such as SMS, IRC or email. Unlike multi-protocol clients, XMPP provides this access at the server level by communicating via special gateway services running alongside an XMPP server. Any user can "register" with one of these gateways by providing the information needed to log on to that network, and can then communicate with users of that network as though they were XMPP users. Thus, such gateways function as client proxies. As a result, any client that fully supports XMPP can access any network with a gateway without extra code in the client, and without the need for the client to have direct access to the Internet. However, the client proxy model may violate terms of service on the protocol used and also requires the user to send their IM username and password to the third-party site that operates the transport.
Another type of gateway is a server-to-server gateway, which enables a non-XMPP server deployment to connect to native XMPP servers using the built in interdomain federation features of XMPP. Such server-to-server gateways are offered by several enterprise IM software products, including: