27.1033GPPRelease 5TSWide Area Network Synchronization
5.1 SyncML Overview
SyncML was designed with a number of goals:
- Reduce the number of messages being sent over the air,
- Reduce the message size,
- Provide a robust authentication mechanism,
- Transport independence,
- Datatype independence.
5.1.1 Reduce the number of messages being sent over the air
To achieve a reduction in the number of messages being transmitted, the SyncML device is required to determine which of the objects to be synchronized has changed since the last synchronization for each server. This way, the SyncML device may tell the server what has changed, and then the server may tell the device what has changed and together they may determine the most appropriate course of action. In the case where there are no changes from the server or client, there could be as few as two messages exchanged. In the case where the server is sending additions to the device, there could be as few as four messages exchanged.
A detailed explanation of the messages being exchanged may be found in the protocol document .
5.1.2 Reduce the message size
SyncML messages can be in either XML or WBXML. The XML version is rather large, as the tags are clearly spelled out. The XML version makes for easier debugging, but is much too large for normal use over a wireless network. WBXML has the same structure as XML, but replaces the text strings with binary tags. This produces much smaller messages, at the expense of human readability. SyncML devices are required to support only XML or WBXML, not both. SyncML servers must support both XML and WBXML.
5.1.3 Provide a robust authentication mechanism
SyncML has required authentication on the message level, and optional authentication for the datastores and individual objects. The authentication is either Basic (username:password) or MD5 (username:password:nonce). Stronger authentication and encryption are work items for the year 2001. To keep the authentication free from casual viewing, the data is base64 encrypted.
It is possible to send an initial message to the SyncML server using Basic authentication, and have the server reject the message, asking instead for MD5 authentication. It is also possible authentication for every message being sent to the server and device.
5.1.4 Transport Independence
SyncML has the capability of operating over a several transport mechanisms. Version 1.0 specifies OBEX, WSP and HTTP.
To achieve this independence, SyncML has defined a set of specifications and conformance for each transport. Each transport must be able to carry a SyncML message reliably between SyncML devices. Each transport must be able to send a message to a device, and then be able to wait for a response from that device.
5.1.5 Datatype Independence
SyncML has specified a minimal set of objects for SyncML servers to support, but has not made the same requirements for SyncML clients. These objects are vCard 2.1, and vCalendar 1.0. SyncML only requires that an object be a registered MIME type for it to be synchronized. Both a client and server must support this object for it to be synchronized. The Device Information object indicates which objects are supported for any datastore. The Device Information Object must be exchanged on the first synchronization between a client and server.
Typically, SyncML servers will support a wide variety of datatypes, while a SyncML client will support only one datatype (in the interest of smaller footprint). If a new datatype is created, it is very easy for this to be supported.
5.2 Change of Client/Server Roles from Release 99
SyncML uses the following description for client/server roles:
“A client is a device (or application) which initiates a request for a session. The server is a device that passively waits for session requests from client devices. The server can either accept the request or reject it.”
IrMC defines the client as:
“The IrMC Client is the device that initiates communication with an IrMC Server. Typical IrMC Clients are PCs. However, in some cases, PDAs, pagers and phones may also be IrMC clients. IrMC Clients can only communicate with IrMC servers. For instance, an IrMC client may request a particular Phone Book record from an IrMC Server.”
IrMC also defines the server as:
“The IrMC Server listens for requests from IrMC clients. Typical Servers are pagers, phones and PDAs. IrMC Servers can not initiate communication, and can only communicate with IrMC clients.“
5.3 Transport Bindings
The transport to be used should be either HTTP or WSP.
Details on the transport bindings may be found on the SyncML website. 
Each SyncML message must exchange authentication credentials on each message level and may exchange additional authentication for each datastore as well. This authentication process will only guarantee that the client and server can rely on each other for the duration of the session. For longer duration security, the basic level of authentication is not adequate, instead MD5 authentication should be used. This will guarantee authentication not only over a session, but between sessions as well.
Encryption is not currently available in SyncML and must be supplied by the transports. Transport from the mobile device to the gateway is well protected. Transport from the gateway to the server should be sent via a secure channel, such as HTTPS.
The connect sequence sets up the connection from the mobile device to the synchronization server. The client must choose a session id that is unique between the client and server and must determine what level of authentication to use (basic or MD5). Once the authentication has been decided, the client is free to start the actual connection process. Note that the connect procedure is always invoked by the client and that the transport binding documents detail the connection process.
Persistent connections should be terminated only after the last expected response from the server has been received.
5.6 Sending and Receiving Information
Both WSP and HTTP transport bindings use the Post method for sending and receiving SyncML messages to the server.
5.7 Intermittent Connectivity
Both the WSP and HTTP transport bindings operate over networks with high latency and have timeouts built in. Both transport bindings operate as follows:
“In the case of a server timeout, the SyncML client SHOULD establish a new HTTP session with the HTTP server and attempt to resend the current SyncML package, beginning with the first SyncML command for which the SyncML client has not received an acknowledgement. In the event that the SyncML client requested that no responses be sent, the SyncML client SHOULD begin retransmitting with the first SyncML command in the SyncML package.
In the case of a client timeout during a SyncML client-initiated data synchronization, the SyncML server SHOULD clean up the TCP connection and do no further processing of the SyncML request.” 
5.8 Compatibility with Release 99
Compatibility between this release and Release 99 assumes that, within the network, there is a target server to act upon synchronization transactions. This target server is the destination or origin for all ME synchronization translations.
This target server has to be able to differentiate between Release 99 Sync and newer versions of Sync. If the new transport link is OBEX, then there will be different OBEX target headers for Release 99 and newer releases. If the new transport link is not OBEX, then the server will differentiate between Release 99 and newer releases by port number or MIME type. In either case, there is a distinctive method for determining how to service the Sync transaction.
Compatibility also assumes that the existing data store types may be maintained as currently defined in both the client and the server. Newer data store types may not need to maintain backwards compatibility since the older Release 99 clients would not understand the new types.
5.9 Use Case with SyncML
The user wants to synchronize data. If the user has not previously set up the remote synchronization, the user will have to enter in the URL for the server, the authentication data (user name, password, and possibly a nonce), as well as any datastores to be synchronized. The device will have to maintain this information in the local storage of the device.
The user then chooses with which remote server to synchronize and then starts the synchronization. The server will receive a message from the client with authorization information and a Sync Alert for each datastore to be synchronized. The server will send back a message to the client with a status for all of the Sync Alerts as well as the authorization. Note that the server has the option to tell the client to not send any more authentication at this point. Likewise, the server could tell the client to switch to more robust authentication and have it resend the first message with MD5 authentication.
The client will send a message to the server with all of the changed data since the last synchronization with that server. The server will respond with a message containing a status on all of the changed data and all of server-changed data since the last synchronization.
If there is any data from the server, then the client will have to send a message back to the server with status on the server’s changed data requests, and possibly some MapItems. MapItems are used to tell the server how to map the local UIDs to the server’s UIDs. MapItems are only sent to the server if the server has sent any new objects to the client. If the client has sent a new objectto the server, the server will take care of any UID mapping at that time.
If the client had sent any MapItems to the server, then the server will send a final message to the client with a status on all of the MapItems sent.
The user will then see a prompt telling them the synchronization is now complete and, possibly, indicate any errors.
Annex A (informative):
Introduction of PUSH and TARGET
Addition of SyncML
Upgrade to Rel-5