Why Programmers Working on NAT Traversal SIP RTP P2P TURN STUN ICE TLS and SSL Should Consider XMPP

If you look at the archives or my massive paper on robotic telepresence you'll quickly find out that I have been thinking about ways to improve distance communication for quite some time. Since I finished my Flash based telepresence RC car I have been investigating modern real time video, voice, and multimedia transfer protocols at a low level. I had originally thought that I might have to implement some of these protocols on my own with the help of generous open source libraries until I came across XMPP.

The Extensible Messaging and Presence Protocol, XMPP incorporates most of the modern Internet based programming paradigms and consequently comes with several already implemented protocols. It is no wonder that Google Talk and Wave both make use of XMPP. It's also not surprising that Facebook recently opened up their instant messaging system using XMPP.

There are a lot of barriers to making modern Internet based real time applications. In order to make direct connections to a peer for best efficiency, you have to worry about how to potentially get through several layers of firewalls, routers, and other devices between each client. The IETF has defined or has drafts of protocols known as STUN, TURN, and ICE in order to formalize how this process should work. STUN and ICE are both used for establishing peer to peer connections while TURN is a method of routing packets between hosts using an intermediate server if a peer to peer connection is unavailable.

I have been working with XMPP and Jive Software's Openfire Server and Smack client library for only a week and already have file transfer, presence updates, and chat between the popular IM client Pidgin and Java working like a charm. Openfire and smack are implemented in Java so they are pretty easy to port across different platforms.

Openfire is simple to setup and looking at it's configuration options your jaw will drop. It can use a built in STUN server compliments of Stun4J, or act as a relay for messages (thats TURN) out of the box. I really like the security practices that Smack and Openfire employ as well. By default they both use the highest security settings possible. You'll find configurable sections in Openfire that allow self signed and 3rd party verified RSA and DSA certificates.

There are currently extensions in XMPP being formalized for ICE. The most interesting extension for video and voice in XMPP is currently known as Jingle. Jingle adds RTP and SIP capabilities onto XMPP. If you are a serious C++ hacker, Google generously released their jingle implementation in the form of libjingle that is used in googleTalk.

The best thing about being a newcomer to XMPP is the amount of quality documentation and resources the project has amassed; which is very unusual for an open source initiative. My favorite resource is the XMPP blog that routinely includes roundups of all the projects made with XMPP and new libraries in several different languages.