| Abstract: | This document describes the architecture of a "personal media network" and how it can be implemented on top of XMPP. This document reflects some parts of my PhD thesis and is not 100% up-to-date. The idea is to specify the improtant stuff like client-to-client security in the XSF. Feel free to contact me if you have some questions. |
| Author: | Dirk Meyer |
| Copyright: | (c) 1999 - 2009 XMPP Standards Foundation. SEE LEGAL NOTICES. |
| Status: | ProtoXEP |
| Type: | Standards Track |
| Version: | 0.0.2 |
| Last Updated: | 2009-08-13 |
WARNING: This document has not yet been accepted for consideration or approved in any official manner by the XMPP Standards Foundation, and this document must not be referred to as an XMPP Extension Protocol (XEP). If this document is accepted as a XEP by the XMPP Council, it will be published at <http://www.xmpp.org/extensions/> and announced on the <standards@xmpp.org> mailing list.
1. Introduction
2. Requirements
3. Use Cases
3.1. Accessing the Network from outside the LAN
3.2. External Media Sources
3.3. Media Network Interaction
4. Service Provider and Controller
4.1. Node Configuration
5. Security Considerations
6. Service Discovery
7. IANA Considerations
8. XMPP Registrar Considerations
9. XML Schema
Appendices
A: Document Information
B: Author Information
C: Legal Notices
D: Relation to XMPP
E: Discussion Venue
F: Requirements Conformance
G: Notes
H: Revision History
XMPP is designed for instant messaging, but its extensible structure makes it suitable for other use cases including automated client-to-client communication without any user interaction. Ad-Hoc Commands [1] and SOAP over XMPP [2] are only two examples of the usage of XMPP outside the instant messaging domain. XMPP makes it possible for two entities to communicate even if they are in different private networks or have a dynamic IP address. Unlike HTTP both peers can send messages to each other. Today UPnP [3] is used in the local area network for inter-process communication between media devices. UPnP defines a HTTP based core and specific services on top of this core. This architecture works in a closed network environment but is not secure against attackers inside the LAN and does not support entities being outside the LAN. The HTTP based approach makes it impossible to connect to an entity from outside a LAN behind a NAT with a dynamic public IP address.
This document describes a secure client-to-client communication to replace UPnP with an XMPP based core and an additional security layer. This personal media network core can be used by additional XEPs to define UPnP like services such as media player control, media access and recording control. This document is named Personal Media Network but other use cases with secure client-to-client communication such as home automation are also possible.
The protocol is designed for client-to-client communication, keeping the server requirements to a minimum. Right now a XMPP Basic Server 2008 [4] is sufficient to be used as a server for the personal media network. Later versions of this document may require additional protocols implemented on server side. All entities of a user register with the same bare JID, the number of parallel connected resources on the server limits the size of the media network.
There are various use cases for both the integration of XMPP in media devices and for using UPnP like services outside the LAN. It is possible to share information between different media networks and even interact with a friend's media network.
One major improvement over UPnP is the possibility to access the devices from outside the local network. A user called Romeo could schedule a recording on his recorder remotely using a mobile phone and can also access all media files on his phone or at a friend using his laptop.
By integrating XMPP into a private network of media devices, external media sources can be accessed like local devices. From Romeo's point of view a Flickr online photo album of a friend is not different from a directory of images on the private media server and an IPTV service not different from a local DVB card.
Publish-Subscribe [5] (pubsub) makes it possible share information about media sources between different media networks. Romeo may share playlists with podcasts he like and create a new personal channel. Public accessible pubsub servers could provide lists of Internet radio stations or even provide a Miro-like service with free video podcast channels.
It is also possible for two media networks to interact with each other. In this use case, Romeo is visiting Julia and wants to play a video stored on a device at his home network on her TV. Romeo uses his mobile phone and requests permission to control the video playback of Julia's TV. Julia grands Romeo permission. After that Romeo connects to his media network for the video and starts the playback on the TV. This scenario shows the need of a security layer. Julia only wants to grand playback control and Romeo has to be sure that Julia's TV only accesses the file it is allowed to play and not his old, still stored love letters to Rosaline.
The inter-process communication described in this document is based on a client-server architecture. One node (server) provides a service to other nodes (client). The server part is called Service Provider, the client Controller. One device can provide several services and may also need to control a service on a third node to provide a specific service. The controller needs to discover the different service providers to control them, the service provider needs to support evening to send updates to the controller on the internal status.
A service provider can be controlled by remote procedure calls (RPC) using iq stanzas and can send events about status changes to subscribed controllers. A service provider provides one or more services defined by other XMPP extensions outside the scope of this document. To interact with a service provider a controller MUST send commands to the service provider, a service provider MUST NOT contact a node it never interacted with before. Depending on the service, a service provider MAY interact with another service providers providing the same service for synchronization. If the service provider requires a different service from another entity, it MAY also be a controller for that other service.
All applications of a user inside the private network share a bare JID in the form <network@domain> and therefor also share the same password to connect with the XMPP server. This bare JID is called the network identifier. The number of entities is only limited by the maximal number of parallel connects the used XMPP server allows.
The private media network requires end-to-end security between clients defined by Jingle XTLS [6] and Public Key Publishing [7]. These two specifications are not widely deployed yet. Contact me if you are interested in interoperability test since I have a test implementation. Client Certificate Management for SASL EXTERNAL [8] is also nice-to-have but there are no servers implementing it.
To discover a service provider XMPP presence information are used. The service provider and the controller MUST either share the same bare JID or have presence subscription in both ways. This is needed for the controller to locate the service provider and for the service provider to get notified when a controller leaves the network.
A service is described using Service Discovery [9] and announced using Entity Capabilities [10]. Each service is described by a feature. The controller acts as a client to the service provided by the service provider. It has to support the feature of the service from client side but does not offer the service to other entities. This means that a controller is not announcing the service on service discovery.
The following example shows the service discovery from Romeo's mobile phone of a possible future service Remote Media Player provided by one of Julia's devices (see Media Network Interaction).
Example 1. Service Provider Discovery
<iq type='get'
from='romeo@montague.net/b345687ba7607d3ddf401a0257464843a0a1c0b7'
to='juliet@capulet.com/da39a3ee5e6b4b0d3255bfef95601890afd80709'
id='info1'>
<query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>
<iq type='result'
from='juliet@capulet.com/da39a3ee5e6b4b0d3255bfef95601890afd80709'
to='romeo@montague.net/b345687ba7607d3ddf401a0257464843a0a1c0b7'
id='info1'>
<query xmlns='http://jabber.org/protocol/disco#info'>
<identity
category='automation'
type='service'
name='Media Player'/>
<feature var='http://jabber.org/protocol/disco#info'/>
<feature var='urn.xmpp.tmp.media.player'/>
</query>
</iq>This document requires no interaction with the Internet Assigned Numbers Authority (IANA) [11].
The XMPP Registrar Considerations will be included in a later version of this document.
The XML schema will be included in a later version of this document.
Series: XEP
Number: xxxx
Publisher: XMPP Standards Foundation
Status:
ProtoXEP
Type:
Standards Track
Version: 0.0.2
Last Updated: 2009-08-13
Approving Body: XMPP Council
Dependencies: XMPP Core
Supersedes: None
Superseded By: None
Short Name: NOT YET ASSIGNED
Email:
dmeyer@tzi.de
The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 3920) and XMPP IM (RFC 3921) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.
The primary venue for discussion of XMPP Extension Protocols is the <standards@xmpp.org> discussion list.
Discussion on other xmpp.org discussion lists might also be appropriate; see <http://xmpp.org/about/discuss.shtml> for a complete list.
Errata may be sent to <editor@xmpp.org>.
The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".
1. XEP-0050: Ad-Hoc Commands <http://xmpp.org/extensions/xep-0050.html>.
2. XEP-0072: SOAP over XMPP <http://xmpp.org/extensions/xep-0072.html>.
3. UPnP <http://www.upnp.org>.
4. XEP-0212: XMPP Basic Server 2008 <http://xmpp.org/extensions/xep-0212.html>.
5. XEP-0060: Publish-Subscribe <http://xmpp.org/extensions/xep-0060.html>.
6. Extensible Messaging and Presence Protocol (XMPP) End-to-End Encryption Using Transport Layer Security ("XTLS") <http://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption>.
7. XEP-0189: Public Key Publishing <http://xmpp.org/extensions/xep-0189.html>.
8. Management and Use of Client Certificates for the Extensible Messaging and Presence Protocol (XMPP) <http://tools.ietf.org/html/draft-meyer-xmpp-sasl-cert-management>.
9. XEP-0030: Service Discovery <http://xmpp.org/extensions/xep-0030.html>.
10. XEP-0115: Entity Capabilities <http://xmpp.org/extensions/xep-0115.html>.
11. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols, such as port numbers and URI schemes. For further information, see <http://www.iana.org/>.
Reflect last years development.
(dm)First draft.
(dm)END