Network Working Group J. Peterson
Request for Comments: 3859 NeuStar
Category: Standards Track August 2004
Network Working Group J. Peterson
Request for Comments: 3859 NeuStar
Category: Standards Track August 2004
Common Profile for Presence (CPP)
状态的通用配置文件(CPP)
Status of this Memo
本备忘录的状况
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2004).
版权所有(C)互联网协会(2004年)。
Abstract
摘要
At the time this document was written, numerous presence protocols were in use (largely as components of commercial instant messaging services), and little interoperability between services based on these protocols has been achieved. This specification defines common semantics and data formats for presence to facilitate the creation of gateways between presence services.
在编写本文档时,使用了大量存在协议(主要作为商业即时消息服务的组件),基于这些协议的服务之间的互操作性很少。本规范定义了状态的通用语义和数据格式,以便于在状态服务之间创建网关。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Abstract Presence Service . . . . . . . . . . . . . . . . . . 4
3.1. Overview of the Presence Service . . . . . . . . . . . . 4
3.2. Identification of PRESENTITIES and WATCHERS . . . . . . 6
3.2.1. Address Resolution . . . . . . . . . . . . . . . 6
3.3. Format of Presence Information . . . . . . . . . . . . . 6
3.4. The Presence Service . . . . . . . . . . . . . . . . . . 7
3.4.1. The Subscribe Operation . . . . . . . . . . . . 7
3.4.2. The Notify Operation . . . . . . . . . . . . . . 8
3.4.3. Subscribe Operation (with Zero Duration) . . . . 8
4. Security Considerations . . . . . . . . . . . . . . . . . . . 8
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
5.1. The PRES URI Scheme . . . . . . . . . . . . . . . . . . 9
6. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 10
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
7.1. Normative References . . . . . . . . . . . . . . . . . . 10
7.2. Informative References . . . . . . . . . . . . . . . . . 11
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Abstract Presence Service . . . . . . . . . . . . . . . . . . 4
3.1. Overview of the Presence Service . . . . . . . . . . . . 4
3.2. Identification of PRESENTITIES and WATCHERS . . . . . . 6
3.2.1. Address Resolution . . . . . . . . . . . . . . . 6
3.3. Format of Presence Information . . . . . . . . . . . . . 6
3.4. The Presence Service . . . . . . . . . . . . . . . . . . 7
3.4.1. The Subscribe Operation . . . . . . . . . . . . 7
3.4.2. The Notify Operation . . . . . . . . . . . . . . 8
3.4.3. Subscribe Operation (with Zero Duration) . . . . 8
4. Security Considerations . . . . . . . . . . . . . . . . . . . 8
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
5.1. The PRES URI Scheme . . . . . . . . . . . . . . . . . . 9
6. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 10
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
7.1. Normative References . . . . . . . . . . . . . . . . . . 10
7.2. Informative References . . . . . . . . . . . . . . . . . 11
A. PRES URI IANA Registration Template . . . . . . . . . . . . . 12
A.1. URI Scheme Name . . . . . . . . . . . . . . . . . . . . 12
A.2. URI Scheme Syntax . . . . . . . . . . . . . . . . . . . 12
A.3. Character Encoding Considerations . . . . . . . . . . . 12
A.4. Intended Usage . . . . . . . . . . . . . . . . . . . . . 12
A.5. Applications and/or Protocols which use this URI Scheme
Name . . . . . . . . . . . . . . . . . . . . . . . . . . 12
A.6. Interoperability Considerations . . . . . . . . . . . . 13
A.7. Security Considerations . . . . . . . . . . . . . . . . 13
A.8. Relevant Publications . . . . . . . . . . . . . . . . . 13
A.9. Person & Email Address to Contact for Further
Information. . . . . . . . . . . . . . . . . . . . . . . 13
A.10. Author/Change Controller . . . . . . . . . . . . . . . . 13
A.11. Applications and/or Protocols which use this URI Scheme
Name . . . . . . . . . . . . . . . . . . . . . . . . . . 13
B. Issues of Interest . . . . . . . . . . . . . . . . . . . . . . 13
B.1. Address Mapping . . . . . . . . . . . . . . . . . . . . 13
B.2. Source-Route Mapping . . . . . . . . . . . . . . . . . . 13
C. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 14
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 15
A. PRES URI IANA Registration Template . . . . . . . . . . . . . 12
A.1. URI Scheme Name . . . . . . . . . . . . . . . . . . . . 12
A.2. URI Scheme Syntax . . . . . . . . . . . . . . . . . . . 12
A.3. Character Encoding Considerations . . . . . . . . . . . 12
A.4. Intended Usage . . . . . . . . . . . . . . . . . . . . . 12
A.5. Applications and/or Protocols which use this URI Scheme
Name . . . . . . . . . . . . . . . . . . . . . . . . . . 12
A.6. Interoperability Considerations . . . . . . . . . . . . 13
A.7. Security Considerations . . . . . . . . . . . . . . . . 13
A.8. Relevant Publications . . . . . . . . . . . . . . . . . 13
A.9. Person & Email Address to Contact for Further
Information. . . . . . . . . . . . . . . . . . . . . . . 13
A.10. Author/Change Controller . . . . . . . . . . . . . . . . 13
A.11. Applications and/or Protocols which use this URI Scheme
Name . . . . . . . . . . . . . . . . . . . . . . . . . . 13
B. Issues of Interest . . . . . . . . . . . . . . . . . . . . . . 13
B.1. Address Mapping . . . . . . . . . . . . . . . . . . . . 13
B.2. Source-Route Mapping . . . . . . . . . . . . . . . . . . 13
C. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 14
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 15
Presence is defined in RFC2778 [5]. At the time this document was written, numerous presence protocols are in use (largely as components of commercial instant messaging services), and little interoperability between services based on these protocols has been achieved. This specification defines semantics and data formats for common services of presence to facilitate the creation of gateways between presence services: a common profile for presence (CPP).
RFC2778[5]中定义了存在。在编写本文档时,大量存在协议正在使用(主要作为商业即时消息服务的组件),基于这些协议的服务之间的互操作性很少。本规范定义了状态公共服务的语义和数据格式,以便于在状态服务之间创建网关:状态公共配置文件(CPP)。
Service behavior is described abstractly in terms of operations invoked between the consumer and provider of a service. Accordingly, each presence service must specify how this behavior is mapped onto its own protocol interactions. The choice of strategy is a local matter, providing that there is a clear relation between the abstract behaviors of the service (as specified in this memo) and how it is faithfully realized by a particular presence service. For example, one strategy might transmit presence information as key/value pairs, another might use a compact binary representation, and a third might use nested containers.
服务行为是根据服务的使用者和提供者之间调用的操作抽象描述的。因此,每个状态服务必须指定如何将此行为映射到其自己的协议交互上。策略的选择是一个局部问题,前提是服务的抽象行为(如本备忘录中所述)与特定呈现服务如何忠实地实现之间存在明确的关系。例如,一种策略可能以键/值对的形式传输状态信息,另一种策略可能使用紧凑的二进制表示,第三种策略可能使用嵌套容器。
The parameters for each operation are defined using an abstract syntax. Although the syntax specifies the range of possible data values, each presence service must specify how well-formed instances of the abstract representation are encoded as a concrete series of bits.
每个操作的参数都是使用抽象语法定义的。尽管语法指定了可能的数据值的范围,但每个呈现服务必须指定抽象表示的格式良好的实例如何编码为具体的位序列。
In order to provide a means for the preservation of end-to-end features (especially security) to pass through presence interoperability gateways, this specification also provides recommendations for presence document formats that could be employed by presence protocols.
为了提供一种保护端到端功能(特别是安全性)以通过状态互操作性网关的方法,本规范还提供了状态协议可采用的状态文档格式的建议。
In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in BCP 14, RFC 2119 [1] and indicate requirement levels for compliant implementations.
在本文件中,关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“不建议”、“可”和“可选”应按照BCP 14、RFC 2119[1]中的描述进行解释,并指出合规实施的要求级别。
This memos makes use of the vocabulary defined in RFC 2778 [5]. Terms such as CLOSED, INSTANT INBOX, PRESENCE, and OPEN are used in the same meaning as defined therein.
本备忘录使用了RFC 2778[5]中定义的词汇表。诸如“关闭”、“即时收件箱”、“状态”和“打开”等术语的含义与其中的定义相同。
The term 'gateway' used in this document denotes a network element responsible for interworking between diverse presence protocols. Although the presence protocols themselves are diverse, under the model in this document these protocols can carry a common payload that is relayed by the gateway. Whether these interworking intermediaries should be called 'gateways' or 'relays' is therefore somewhat debatable; for the purposes of this document, they are called 'CPP gateways'.
本文档中使用的术语“网关”表示负责不同存在协议之间互通的网络元件。尽管存在协议本身是多种多样的,但根据本文中的模型,这些协议可以承载由网关中继的公共有效负载。因此,这些互通中介体应该被称为“网关”还是“中继”,有些争议;在本文件中,它们被称为“CPP网关”。
The term 'presence service' also derives from RFC 2778, but its meaning changes slightly due to the existence of gateways in the CPP model. When a client sends an operation to a presence service, that service might either be an endpoint or an intermediary such as a CPP gateway - in fact, the client should not have to be aware which it is addressing, as responses from either will appear the same.
术语“状态服务”也源自RFC 2778,但由于CPP模型中存在网关,其含义略有变化。当客户机向状态服务发送操作时,该服务可能是端点或中介(如CPP网关)——事实上,客户机不必知道它正在寻址哪个,因为来自这两个服务的响应都是相同的。
This document defines operations and attributes of an abstract presence protocol. In order for a compliant protocol to interface with a presence gateway, it must support all of the operations described in this document (i.e., the presence protocol must have some message or capability that provides the function described by all given operations). Similarly, the attributes defined for these operations must correspond to information available in the presence protocol in order for the protocol to interface with gateways defined by this specification. Note that these attributes provide only the minimum possible information that needs to be specified for interoperability - the functions in a presence protocol that correspond to the operations described in this document can contain additional information that will not be mapped by CPP.
本文档定义了抽象存在协议的操作和属性。为了使兼容协议与状态网关接口,它必须支持本文档中描述的所有操作(即,状态协议必须具有提供所有给定操作所描述功能的某些消息或功能)。类似地,为这些操作定义的属性必须对应于存在协议中可用的信息,以便协议与本规范定义的网关接口。请注意,这些属性仅提供互操作性所需的最低可能信息-与本文档中描述的操作相对应的状态协议中的功能可以包含CPP不会映射的附加信息。
When an application wants to subscriber to the presence information associated with a PRESENTITY (in order to receive periodic notifications of presence information), it invokes the subscribe operation, e.g.,
当应用程序想要订阅与存在实体相关联的存在信息(以便接收存在信息的定期通知)时,它调用订阅操作,例如。,
+-------+ +-------+
| | | |
| appl. | -- subscribe ----> | pres. |
| | | svc. |
+-------+ +-------+
+-------+ +-------+
| | | |
| appl. | -- subscribe ----> | pres. |
| | | svc. |
+-------+ +-------+
The subscribe operation has the following attributes: watcher, target, duration, SubscriptID and TransID. The 'watcher' and 'target' identify the WATCHER and PRESENTITY, respectively, using the identifiers described in Section 3.2. The duration specifies the maximum number of seconds that the SUBSCRIPTION should be active (which may be zero, in which case this is a one-time request for presence information). The SubscriptID creates a reference to the SUBSCRIPTION that is used when unsubscribing. The TransID is a unique identifier used to correlate the subscribe operation with a response operation. Gateways should be capable of handling TransIDs and SubscriptIDs up to 40 bytes in length.
订阅操作具有以下属性:观察者、目标、持续时间、订阅和传输。“观察者”和“目标”分别使用第3.2节中描述的标识符识别观察者和存在实体。持续时间指定订阅应处于活动状态的最大秒数(可能为零,在这种情况下,这是对状态信息的一次性请求)。SubscriptID创建对取消订阅时使用的订阅的引用。TransID是一个唯一标识符,用于将订阅操作与响应操作关联起来。网关应能够处理长度不超过40字节的传输和订阅。
Upon receiving a subscribe operation, the service immediately responds by invoking the response operation containing the same TransID, e.g.,
收到订阅操作后,服务立即通过调用包含相同TransID的响应操作进行响应,例如。,
+-------+ +-------+
| | | |
| appl. | <----- response -- | pres. |
| | | svc. |
+-------+ +-------+
+-------+ +-------+
| | | |
| appl. | <----- response -- | pres. |
| | | svc. |
+-------+ +-------+
The response operation has the following attributes: status, TransID, and duration. 'status' indicates whether the subscribe operation has succeeded or failed. The TransID of the response operation corresponds to the TransID of the subscription operation to which it is responding. The 'duration' attribute specifies the number of seconds for which the subscription will be active (which may differ from the value requested in the subscribe operation).
响应操作具有以下属性:status、TransID和duration“状态”指示订阅操作是成功还是失败。响应操作的TransID对应于它所响应的订阅操作的TransID。“duration”属性指定订阅将处于活动状态的秒数(可能不同于订阅操作中请求的值)。
If the response operation indicates success, the service immediately invokes the notify operation to communicate the presence information to the WATCHER, e.g.,
如果响应操作指示成功,服务将立即调用notify操作,以将状态信息传达给观察者,例如。,
+-------+ +-------+
| | | |
| appl. | <------- notify -- | pres. |
| | | svc. |
+-------+ +-------+
+-------+ +-------+
| | | |
| appl. | <------- notify -- | pres. |
| | | svc. |
+-------+ +-------+
The notify operation has the following attributes: watcher, target, and TransID. The values of 'watcher' and 'target' are identical to those given in the subscribe operation that triggered this notify operation. The TransID is a unique identifier for this notification.
notify操作具有以下属性:watcher、target和TransID。“观察者”和“目标”的值与触发此通知操作的订阅操作中给出的值相同。TransID是此通知的唯一标识符。
The notify operation also has content, namely PRESENCE INFORMATION. Content details are specified in Section 3.3.
notify操作还具有内容,即存在信息。内容详情见第3.3节。
If the duration parameter is non-zero, then for up to the specified duration, the service invokes the notify operation whenever there are any changes to the PRESENTITY's presence information. Otherwise, exactly one notify operation is invoked, achieving a one-time poll of the presence information. Regardless, there is no application response to the notify operation (i.e., the application does not invoke a response operation when a notify operation occurs) defined in CPP.
如果duration参数为非零,则在指定的持续时间内,只要存在实体的存在信息发生任何更改,服务就会调用notify操作。否则,只调用一个notify操作,实现对状态信息的一次性轮询。无论如何,CPP中定义的notify操作没有应用程序响应(即,当notify操作发生时,应用程序不调用响应操作)。
The application may prematurely cancel a subscription by re-invoking the subscribe operation (as described above) with a duration of 0 and the same SubscriptID as the original subscribe operation , e.g.,
应用程序可通过重新调用持续时间为0且与原始订阅操作具有相同订阅ID的订阅操作(如上所述)来提前取消订阅,例如。,
+-------+ +-------+
| | | |
| appl. | -- subscribe 0 --> | pres. |
| | | svc. |
+-------+ +-------+
+-------+ +-------+
| | | |
| appl. | -- subscribe 0 --> | pres. |
| | | svc. |
+-------+ +-------+
Note that a notify operation will be invoked when a subscription is prematurely canceled in this fashion; this notification may be discarded by the watcher.
请注意,当以这种方式提前取消订阅时,将调用notify操作;观察者可能会丢弃此通知。
The service immediately responds by invoking the response operation containing the same TransID; e.g.,
服务通过调用包含相同TransID的响应操作立即响应;例如。,
+-------+ +-------+
| | | |
| appl. | <----- response -- | pres. |
| | | svc. |
+-------+ +-------+
+-------+ +-------+
| | | |
| appl. | <----- response -- | pres. |
| | | svc. |
+-------+ +-------+
Note that this specification assumes that CPP-compliant presence protocols provide reliable message delivery; there are no application-layer message delivery assurance provisions in this specification.
注意,本规范假设符合CPP的存在协议提供可靠的消息传递;本规范中没有应用层消息传递保证条款。
A PRESENTITY is specified using the PRES URI scheme, which is further described in Appendix A. An example would be: "pres:fred@example.com"
使用PRES URI方案指定存在实体,该方案在附录A中进一步描述。示例为:“PRES:fred@example.com"
WATCHERs identify themselves in the same manner as PRESENTITIES; that is, with a pres URI.
观察者以与存在实体相同的方式识别自己;也就是说,使用pres-URI。
A presence service client determines the next hop to forward an operation to by resolving the domain name portion of the service destination. Compliant implementations SHOULD follow the guidelines for dereferencing URIs given in [2].
状态服务客户端通过解析服务目标的域名部分来确定将操作转发到的下一个跃点。兼容的实现应遵循[2]中给出的取消引用URI的指导原则。
This specification defines an abstract interoperability mechanism for presence protocols; the message content definition given here pertains to semantics rather than syntax. However, some important properties for interoperability can only be provided if a common end-to-end format for presence is employed by the interoperating presence protocols, especially with respect to security. In order to maintain end-to-end security properties, applications that send notification operations through a CPP gateway MUST support the format defined in PIDF [4]. Applications MAY support other content formats.
本规范定义了存在协议的抽象互操作机制;这里给出的消息内容定义属于语义而不是语法。然而,只有当互操作存在协议采用通用的端到端存在格式时,才能提供互操作性的一些重要属性,特别是在安全方面。为了维护端到端安全属性,通过CPP网关发送通知操作的应用程序必须支持PIDF[4]中定义的格式。应用程序可能支持其他内容格式。
CPP gateways MUST be capable of relaying the body of a notification operation between supported presence protocols without needing to modify or inspect the content.
CPP网关必须能够在不需要修改或检查内容的情况下,在受支持的状态协议之间中继通知操作的主体。
An implementation of the service must maintain information about both presence information and continual operations (like periodic notification) in persistent storage.
服务的实现必须在持久性存储中维护有关存在信息和连续操作(如定期通知)的信息。
Note that the subscription-identifier attribute used by the subscribe operation is potentially long-lived. Accordingly, the values generated for this parameter should be unique across a significant duration of time. The SubscriptID parameter should be intrinsically globally unique over time, not merely unique among operations sent to or from a particular WATCHER and PRESENTITY.
请注意,订阅操作使用的订阅标识符属性可能是长期存在的。因此,为该参数生成的值在相当长的时间内应该是唯一的。SubscriptID参数在一段时间内本质上应该是全局唯一的,而不仅仅是在发送给或从特定观察者和存在实体发送的操作中唯一的。
When an application wants to subscribe to the presence information associated with a PRESENTITY, it invokes the subscribe operation.
当应用程序想要订阅与呈现实体相关联的呈现信息时,它调用subscribe操作。
When the service is informed of the subscribe operation, it performs these steps:
当服务被告知订阅操作时,它将执行以下步骤:
1. If the watcher or target parameter does not refer to a valid PRESENTITY, a response operation having status "failure" is invoked.
1. 如果观察者或目标参数未引用有效的存在实体,则调用状态为“failure”的响应操作。
2. If access control does not permit the application to request this operation, a response operation having status "failure" is invoked.
2. 如果访问控制不允许应用程序请求此操作,将调用状态为“failure”的响应操作。
3. If the duration parameter is non-zero, and if the watcher and target parameters refer to an in-progress subscribe operation for the application, a response operation having status "failure" is invoked.
3. 如果duration参数为非零,并且如果watcher和target参数引用应用程序的进行中订阅操作,则调用状态为“failure”的响应操作。
4. Otherwise, if the service is able to successfully deliver the message:
4. 否则,如果服务能够成功传递消息:
A response operation having status "success" is immediately invoked. (If the service chooses a different duration for the subscription then it conveys this information in the response operation.)
立即调用状态为“success”的响应操作。(如果服务为订阅选择不同的持续时间,则在响应操作中传递此信息。)
A notify operation, corresponding to the target's presence information, is immediately invoked for the watcher.
与目标的状态信息相对应的notify操作会立即为观察者调用。
For up to the amount of time indicated by the duration parameter of the notify operation (measured from the time that the subscribe operation was received), if the target's presence information changes, and if access control allows, a notify operation is invoked for the watcher.
在notify操作的duration参数指示的最长时间内(从接收订阅操作的时间开始测量),如果目标的状态信息发生变化,并且如果访问控制允许,则会为观察者调用notify操作。
Note that if the duration parameter is zero-valued, then the subscribe operation is making a one-time poll of the presence information. Accordingly, the final step above (continued notifications for the duration of the subscription) does not occur.
注意,如果duration参数为零值,那么subscribe操作将对存在信息进行一次性轮询。因此,上述最后一步(订阅期间的持续通知)不会发生。
When the service invokes a response operation as a result of this processing, the transID parameter is identical to the value found in the subscribe operation invoked by the application.
当服务作为该处理的结果调用响应操作时,transID参数与应用程序调用的subscribe操作中的值相同。
The service invokes the notify operation whenever the presence information associated with a PRESENTITY changes and there are subscribers requesting notifications for that PRESENTITY.
每当与存在实体相关联的存在信息发生更改并且有订阅者请求该存在实体的通知时,该服务就会调用notify操作。
There is no application response to the notify operation.
notify操作没有应用程序响应。
When an application wants to terminate a subscription, it issues a SUBSCRIBE 0 with the SubscriptID of an existing subscription. Note that a notify operation will be invoked by the presentity when a subscription is canceled in this fashion; this notification can be discarded by the watcher. There is no independent UNSUBSCRIBE operation.
当应用程序想要终止订阅时,它会向订阅0发出现有订阅的订阅ID。注意,当以这种方式取消订阅时,存在实体将调用notify操作;观察者可以丢弃此通知。没有独立的取消订阅操作。
When an application wants to directly request presence information to be supplied immediately without initiating any persistent subscription, it issues a SUBSCRIBE 0 with a new SubscriptID. There is no independent FETCH operation.
当应用程序希望直接请求立即提供状态信息而不启动任何持久订阅时,它会向订阅0发出新的订阅ID。没有独立的获取操作。
Detailed security considerations for presence protocols given in RFC 2779 [6] (in particular, requirements are given in sections 5.1 through 5.3 with some motivating discussion in 8.2).
RFC 2779[6]中给出了存在协议的详细安全注意事项(特别是第5.1节至第5.3节给出了要求,第8.2节进行了一些激励性讨论)。
CPP defines an interoperability function that is employed by gateways between presence protocols. CPP gateways MUST be compliant with the minimum security requirements of the presence protocols with which they interface.
CPP定义了一个互操作性功能,该功能由存在协议之间的网关使用。CPP网关必须符合其接口存在协议的最低安全要求。
The introduction of gateways to the security model of presence in RFC 2779 also introduces some new risks. End-to-end security properties (especially confidentiality and integrity) between presentities and watchers that interface through a CPP gateway can only be provided if a common presence format (such as the format described in [4]) is supported by the protocols interfacing with the CPP gateway.
在RFC 2779中,将网关引入到存在的安全模型中也引入了一些新的风险。只有当与CPP网关接口的协议支持公共存在格式(如[4]中所述的格式)时,才能提供通过CPP网关接口的存在实体和观察者之间的端到端安全属性(尤其是机密性和完整性)。
When end-to-end security is required, the notify operation MUST use PIDF, and MUST secure the PIDF MIME body with S/MIME [8], with encryption (CMS EnvelopeData) and/or S/MIME signatures (CMS SignedData).
当需要端到端安全性时,notify操作必须使用PIDF,并且必须使用S/MIME[8]和加密(CMS EnvelopeData)和/或S/MIME签名(CMS SignedData)来保护PIDF MIME正文。
The S/MIME algorithms are set by CMS [9]. The AES [11] algorithm should be preferred, as it is expected that AES best suits the capabilities of many platforms. Implementations MAY use AES as an encryption algorithm, but are REQUIRED to support only the baseline algorithms mandated by S/MIME and CMS.
S/MIME算法由CMS设置[9]。AES[11]算法应该是首选,因为预计AES最适合许多平台的功能。实现可以使用AES作为加密算法,但只需要支持S/MIME和CMS强制要求的基线算法。
When PRES URIs are used in presence protocols, they convey the identity of watchers and/or presentities. Certificates that are used for S/MIME presence operations SHOULD, for the purposes of reference integrity, contain a subjectAltName field containing the PRES URI of their subject. Note that such certificates may also contain other identifiers, including those specific to particular presence protocols. In order to further facilitate interoperability of secure presence services through CPP gateways, users and service providers are encouraged to employ trust anchors for certificates that are widely accepted rather than trust anchors specific to any particular presence service or provider.
当PRES-uri用于存在协议时,它们传递观察者和/或存在实体的身份。出于引用完整性的目的,用于S/MIME呈现操作的证书应包含一个subjectAltName字段,其中包含其主题的PRES URI。注意,此类证书还可以包含其他标识符,包括特定于特定存在协议的标识符。为了通过CPP网关进一步促进安全状态服务的互操作性,鼓励用户和服务提供商对广泛接受的证书使用信任锚,而不是针对任何特定状态服务或提供商的信任锚。
In some cases, anonymous presence services may be desired. Such a capability is beyond the scope of this specification.
在某些情况下,可能需要匿名存在服务。这种能力超出了本规范的范围。
The IANA has assigned the "pres" URI scheme.
IANA已分配“pres”URI方案。
The Presence (PRES) URI scheme designates an Internet resource, namely a PRESENTITY or WATCHER.
存在(PRES)URI方案指定因特网资源,即存在实体或观察者。
The syntax of a PRES URI is given in Appendix A.
PRES URI的语法在附录a中给出。
Dave Crocker edited earlier versions of this document.
Dave Crocker编辑了此文档的早期版本。
The following individuals made substantial textual contributions to this document:
以下个人对本文件做出了实质性的文字贡献:
Athanassios Diacakis (thanos.diacakis@openwave.com)
塔诺斯(塔诺斯)。diacakis@openwave.com)
Florencio Mazzoldi (flo@networkprojects.com)
弗洛伦西奥·马佐尔迪(flo@networkprojects.com)
Christian Huitema (huitema@microsoft.com)
克里斯蒂安·惠特马(huitema@microsoft.com)
Graham Klyne (gk@ninebynine.org)
格雷厄姆·克莱恩(gk@ninebynine.org)
Jonathan Rosenberg (jdrosen@dynamicsoft.com)
乔纳森·罗森伯格(jdrosen@dynamicsoft.com)
Robert Sparks (rsparks@dynamicsoft.com)
罗伯特·斯帕克斯(rsparks@dynamicsoft.com)
Hiroyasu Sugano (suga@flab.fujitsu.co.jp)
杉野裕康(suga@flab.fujitsu.co.jp)
[1] Bradner, S., "Key words for use in RFCs to indicate requirement levels", BCP 14, RFC 2119, March 1997.
[1] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[2] Peterson, J., "Address Resolution for Instant Messaging and Presence", RFC 3861, August 2004.
[2] Peterson,J.,“即时消息和状态的地址解析”,RFC 38612004年8月。
[3] Resnick, P., "Internet Message Format", STD 11, RFC 2822, April 2001.
[3] Resnick,P.,“互联网信息格式”,STD 11,RFC 2822,2001年4月。
[4] Sugano, H., Fujimoto, S., Klyne, G., Bateman, A., Carr, W., and J. Peterson, "Presence Information Data Format (PIDF)", RFC 3863, August 2004.
[4] Sugano,H.,Fujimoto,S.,Klyne,G.,Batman,A.,Carr,W.,和J.Peterson,“状态信息数据格式(PIDF)”,RFC 38632004年8月。
[5] Day, M., Rosenberg, J., and H. Sugano, "A Model for Presence and Instant Messaging", RFC 2778, February 2000.
[5] Day,M.,Rosenberg,J.,和H.Sugano,“状态和即时信息模型”,RFC 27782000年2月。
[6] Day, M., Aggarwal, S., and J. Vincent, "Instant Messaging / Presence Protocol Requirements", RFC 2779, February 2000.
[6] Day,M.,Aggarwal,S.,和J.Vincent,“即时消息传递/存在协议要求”,RFC 27792000年2月。
[7] Allocchio, C., "GSTN Address Element Extensions in Email Services", RFC 2846, June 2000.
[7] Allocchio,C.,“电子邮件服务中的GSTN地址元素扩展”,RFC 28462000年6月。
[8] Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2004.
[8] Ramsdell,B.,“安全/多用途Internet邮件扩展(S/MIME)版本3.1消息规范”,RFC 3851,2004年7月。
[9] Housley, R., "Cryptographic Message Syntax (CMS)", RFC 3852, July 2004.
[9] Housley,R.,“加密消息语法(CMS)”,RFC3852,2004年7月。
[10] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifiers (URI): Generic Syntax", RFC 2396, August 1998.
[10] Berners Lee,T.,Fielding,R.,和L.Masinter,“统一资源标识符(URI):通用语法”,RFC 2396,1998年8月。
[11] Schaad, J., "Use of the Advanced Encryption Standard (AES) Encryption Algorithm and in Cryptographic Message Syntax (CMS)", RFC 3565, July 2003.
[11] Schaad,J.,“高级加密标准(AES)加密算法和加密消息语法(CMS)的使用”,RFC 3565,2003年7月。
This section provides the information to register the pres: presence URI .
本节提供注册pres:presence URI的信息。
pres
压力
The syntax follows the existing mailto: URI syntax specified in RFC 2368. The ABNF is:
该语法遵循RFC 2368中指定的现有mailto:URI语法。ABNF是:
PRES-URI = "pres:" [ to ] [ headers ]
to = mailbox
headers = "?" header *( "&" header )
header = hname "=" hvalue
hname = *uric
hvalue = *uric
PRES-URI = "pres:" [ to ] [ headers ]
to = mailbox
headers = "?" header *( "&" header )
header = hname "=" hvalue
hname = *uric
hvalue = *uric
Here the symbol "mailbox" represents an encoded mailbox name as defined in RFC 2822 [3], and the symbol "uric" denotes any character that is valid in a URL (defined in RFC 2396 [10]).
此处,符号“邮箱”表示RFC 2822[3]中定义的编码邮箱名称,符号“URIA”表示URL中有效的任何字符(在RFC 2396[10]中定义)。
Representation of non-ASCII character sets in local-part strings is limited to the standard methods provided as extensions to RFC 2822 [3].
本地部分字符串中非ASCII字符集的表示仅限于作为RFC 2822[3]扩展提供的标准方法。
Use of the pres: URI follows closely usage of the mailto: URI. That is, invocation of an PRES URI will cause the user's instant messaging application to start, with destination address and message headers fill-in according to the information supplied in the URI.
pres:URI的使用和mailto:URI的使用密切相关。也就是说,调用PRES URI将导致用户的即时消息传递应用程序启动,并根据URI中提供的信息填充目标地址和消息头。
It is anticipated that protocols compliant with RFC 2779, and meeting the interoperability requirements specified here, will make use of this URI scheme name.
预计符合RFC 2779并满足此处规定的互操作性要求的协议将使用此URI方案名称。
The underlying exchange protocol used to send an instant message may vary from service to service. Therefore complete, Internet-scale interoperability cannot be guaranteed. However, a service conforming to this specification permits gateways to achieve interoperability sufficient to the requirements of RFC 2779.
用于发送即时消息的基础exchange协议可能因服务而异。因此,无法保证互联网规模的完整互操作性。但是,符合本规范的服务允许网关实现足以满足RFC 2779要求的互操作性。
See Section 4.
见第4节。
RFC 2779, RFC 2778
RFC 2779,RFC 2778
Jon Peterson [mailto:jon.peterson@neustar.biz]
乔恩·彼得森[邮件收件人:乔恩。peterson@neustar.biz]
This scheme is registered under the IETF tree. As such, IETF maintains change control.
该方案在IETF树下注册。因此,IETF维护变更控制。
Instant messaging service; presence service
即时通讯服务;在场服务
This appendix briefly discusses issues that may be of interest when designing an interoperation gateway.
本附录简要讨论了设计互操作网关时可能感兴趣的问题。
When mapping the service described in this memo, mappings that place special information into the im: address local-part MUST use the meta-syntax defined in RFC2846 [7].
映射本备忘录中描述的服务时,将特殊信息放入im:address本地部分的映射必须使用RFC2846[7]中定义的元语法。
The easiest mapping technique is a form of source-routing and usually is the least friendly to humans having to type the string. Source-routing also has a history of operational problems.
最简单的映射技术是源路由的一种形式,通常对必须键入字符串的人最不友好。源路由也有运行问题的历史记录。
Use of source-routing for exchanges between different services is by a transformation that places the entire, original address string into the im: address local part and names the gateway in the domain part.
使用源路由在不同服务之间进行交换是通过一种转换,将整个原始地址字符串放入im:address本地部分,并在域部分中命名网关。
For example, if the destination INSTANT INBOX is "pepp://example.com/ fred", then, after performing the necessary character conversions, the resulting mapping is:
例如,如果目标即时收件箱为“pepp://example.com/ fred”,然后,在执行必要的字符转换后,生成的映射为:
im:pepp=example.com/fred@relay-domain
im:pepp=example.com/fred@relay-domain
where "relay-domain" is derived from local configuration information.
其中“中继域”来自本地配置信息。
Experience shows that it is vastly preferable to hide this mapping from end-users - if possible, the underlying software should perform the mapping automatically.
经验表明,最好对最终用户隐藏此映射—如果可能,底层软件应自动执行映射。
The author would like to acknowledge John Ramsdell for his comments, suggestions and enthusiasm. Thanks to Derek Atkins for editorial fixes.
作者要感谢约翰·拉姆斯代尔的评论、建议和热情。感谢德里克·阿特金斯的编辑修正。
Author's Address
作者地址
Jon Peterson NeuStar, Inc. 1800 Sutter St Suite 570 Concord, CA 94520 US
美国加利福尼亚州康科德市萨特街1800号570室Jon Peterson NeuStar,Inc.94520
Phone: +1 925/363-8720
EMail: jon.peterson@neustar.biz
Phone: +1 925/363-8720
EMail: jon.peterson@neustar.biz
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2004). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
版权所有(C)互联网协会(2004年)。本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。