XMPP Protocol

XMPP is an open protocol for reliably- and instantly conveying text messages (one to one, or multi user akin to IRC), or initiating audio calls or video calls, or providing presence. XMPP was formerly named Jabber and continues to be reffered to as Jabber; XMPP accounts are Jabber IDs. Additionally XMPP can be secured painlessly with OTR, an open source encryption scheme requiring zero technical saavy. XMPP is capable of file transfer but one is better off using https or sFTP. XMPP has widespread industry adoption. While many individuals wield XMPP clients far more sheeple use XMPP without realizing it: F*book, TWITter, cisco, apple, microsoft, sony, google (google's xmpp is as almost as their imap), android, iphone. For more information see official xmpp wiki or official jabber FAQ.

Jabber ID

Base: [user]@[host]/ Full: [user]@[host]/[resouce]


Identifying from which device or location the ONE account is being used. Subject to server delivery ideology.


To which resource a message attempt should be delivered. Subject to server delivery ideology.


  • A compelling alternative open standard is SIP: texting, audio calls, video calls, media delivery, file transfer, presence, privacy management, mobile use cases. Both SIP and XMPP have much feature overlap but divergent implementation. XMPP has a well developed extension for managing privacy: XEP-0016. SIP relies upon a seperate XCAP server. SIP call filtering relies upon the features of one's PBX.





Ask your VoIP provider or SIP provider to implement SIMPLE (for IM and Presence)

conversation encryption

There have been many innovative- and recycled approaches to converation encryption. Of much excitement for commoner usability is OTR, Off The Record. One need not be a cryptography enthusiast to enjoy OTR security.

OTR touts forward security: interception of past messages cipher does not endager security of subsequent messages.

Encryption is available for one to one texting, multiuser texting, audio calls. XMPP and SIP share OTR for one to one texting. Multiuser texting is only available in XMPP as is secured with mpOTR. Audio calls can be encrypted with zRTP with optional sRTP overlay, but is the province of SIP.

An open protocol project to consider for audio call encryption is OSTN. OSTN facilitates both zRTP and sRTP. A public OSTN trial

In XMPP the payloads are encypted not the stanzas. In SIP the signaling (SDP) can be encrypted using the SIPS protocol instead. The media (RTP) can be encrypted with sRTP; zRTP for secure key exchange.


audio calls

Jingle: SIP & extras.

One need not combine XMPP and SIP. With SIP one may communicate in text via SIP SIMPLE during either a SIP phone call or a SIP video call. One may further interact with voip legacy-sms via SIP SIMPLE. XMPP contact management is built-in; For SIP contact management is provided additionally by XCAP.

video calls

Jingle video

file transfer

While technically possible it is still advisable to rely upon more mature protocols like https or sFTP (FTP riding SSH).



For SIP presence is oft paired with XCAP to manage SIMPLE contacts and privacy. A popular SIP provider offering both is SIP2SIP


protocol extensions & mobility

For mobile XMPP some XEP have come to be expected most importantly confirmations. Because of the delightfully numerous points of failure many XEP must be employed.

XEP-0199 Ping: compensation for TCP teardown

XEP-0198 Stream Management: receipt confirmation, stanza ACK, resume, notify clean stream close

XEP-0184 Delivery Receipts

XEP-0016 Privacy Lists

XEP-0163 PEP: Personal Eventing Protocol for: mood, activity, social GPS -- fine grained control via XEP-0016

XEP-0124 BOSH: conveying over http to overcome poor NAT or restrictive firewalls

XEP-0060 PubSub: Content, state, and more. PEP is a profile of PubSub

XEP-0267 Server Buddies: roster- and presence subscriptions mirrored on server

XEP-0224 Attention

XEP-0203 Delayed Delivery: can be used as pounce

XEP-0280 Message Carbons: Send to ALL online resources

xep-0152 Reachability Addresses: solves the lack of PubSub privacy limitations of vCard, and furhter customization possible for contact granularity.

Additional XEP for non mobile use cases

xep-0045 MUC: Multi User Chat

xep-0084 Avatar

xep-0077 In-Band registration: Create Jabber ID within client.

xep-0158 CAPTCHA forms: enhancing challenge response for subscription requests for users and occassionally for in-band account registration from server.

xep-0030 Server Discovery: Which spiffy features are offered by server

XEP-0321 Remote Roster Management

xep-0146 Remote Controlling Clients

XEP-0319 Last Presence

xep-0276 Presence Decloaking: presence hairpinning communicate without allowing presence subscription

xep-0174 Serverless Messaging: useful for non-internets LAN

xep-0172 User Nicknames

xep-0317 HATS: MUC extended roles

xep-0316 MUC Eventing Protocol


Included for clarity not common usage: Common Alerting Protocol. CAP over XMPP (not XCAP). XEP-0127 OASIS CAP 1.2. Complete sms replacement. User can actually opt out of nanny state spam.

Message Queuing

XMPP is oft a subset of a Message Queuing system. RabbitMQ , AMQP

XMPP clients

XMPP clients are available on almost every internet capable platform. To find a mobile client search for "XMPP client" or "Jabber client"; most such apps are actually-free (if the app renders third party internet ads it is NOT-free but the adware flavor of malware).

All clients SHOULD be bundled with OTR or provide a plug-in infrastructure to accept an OTR plug-in. As of 2012 Sep 4 the current is OTR Version 4 with protocol version 3. Of many improvements this allows simultaneous chats with the same contact, but does not yet gracefully handle a contact's multiple resources.

+ Pidgin + Pidgin OTR plug-in

multiprotocol (XMPP, SIP[], others) + Jitsi + XChat + XChat OTR plug-in + Psi+ dev + [[|Psi+ dev OTR plug-in]]

* CypherPunks OTR capable software list

clients NOT supporting OTR

- Empathy

Outdated OTR

- Miranda

XMPP (or SIP) replaces legacy-sms for texting

XMPP entirely replaces legacy-sms for texting; legacy-sms can be conveyed via XMPP or SIP SIMPLE and is currently available from several top tier VoIP service providers (like anveo.com, vitelity.com, and voip.ms). acrobits groundwire is a cross platform mobile SIP client capable of $0 texting (including legacy-sms), presence, audio calls; it is also SIP TCP capable meaning a lower battery impact than typical SIP UDP. Any webhost worth considering allows one to use the same address for all three: email, SIP, and XMPP.

sms for texting is not secure

By mandate of the US federal government EVERY sms text message sent to- or from anyone within its borders is stored for all eternity. This violate's one's Fourth Amendment rights which are to safeguard the security of one's person and effectively one's privacy. Privacy is a right to all men; Privacy is protected by law in many countries, too. No such unconstitutional provision is made for XMPP -- and would be rendered impossible for XMPP when using OTR.


server to server communication allowing any Jabber ID to communicate with any other without requiring two accounts in same domain

server flavors

free open source






f/OSS as Amazon EC2 AMI

system notifications via XMPP


pidgin DBus

serverless XMPP


Attic/XMPP (last edited 2013-11-23 00:55:10 by WilliamJonMcCann)