Status of this Memo This document is an Internet Draft. Internet Drafts are working documents

The deployment of IP Multicast has fostered the development of a suite of applications, collectively known as the MBone tools, for real-time multimedia conferencingover the Internet. Two of these tools --- nv from Xerox PARC and ivs from INRIA --- provide video transmission using softwarebased codecs. We describe a new video tool, vic, that extends the groundbreaking work of nv and ivs with a more flexible system architecture. This flexibility is characterized by network layer independence, support for hardware-based codecs, a conference coordination model, an extensible user interface, and support for diverse compression algorithms. We also propose a novel compression scheme called "IntraH. 261". Created as a hybrid of the nv and ivs codecs, IntraH. 261 provides a factor of 2-3 improvement in compression gain over the nv encoder (6 dB of PSNR) as well as a substantial improvement in run-time performance over the ivs H.261 coder. KEYWORDS Conferencing protocols; digital video; image ...

We describe an RSA-based signing scheme called PSS which combines essentially optimal efficiency with attractive security properties. Signing takes one RSA decryption plus some hashing, verification takes one RSA encryption plus some hashing, and the size of the signature is the size of the modulus. Assuming the underlying hash functions are ideal, our schemes are not only provably secure, but are so in a tight way — an ability to forge signatures with a certain amount of computational resources implies the ability to invert RSA (on the same size modulus) with about the same computational effort. Furthermore, we provide a second scheme which maintains all of the above features and in addition provides message recovery. These ideas extend to provide schemes for Rabin signatures with analogous properties; in particular their security can be tightly related to the hardness of factoring.

this memo is unlimited. Acknowledgements

In just a few years the "Internet Multicast Backbone", or MBone, has risen from a small, research curiosity to a large scale and widely used communications infrastructure. A driving force behind this growth was our development of multipoint audio, video, and shared whiteboard conferencing applications that are now used daily by the large and growing MBone community. Because these real-time media are transmitted at a uniform rate to all the receivers in the network, the source must either run below the bottleneck rate or overload portions of the multicast distribution tree. In this dissertation, we propose a solution to this problem by moving the burden of rate-adaptation from the source to the receivers with a scheme we call Receiver-driven Layered Multicast, or RLM. In RLM, a source distr...

There are many cases in the literature in which reuse of the same key material for different functions can open up security holes. In this paper, we discuss such interactions between protocols, and present a new attack, called the chosen protocol attack, in which an attacker may write a new protocol using the same key material as a target protocol, which is individually very strong, but which interacts with the target protocol in a security-relevant way. We finish with a brief discussion of design principles to resist this class of attack.

This memorandum is a companion document to the current version of the RTP protocol specification draft-ietf-avt-rtp-*.ftxt,psg. It discusses protocol aspects of transporting real-time services (for example, voice or video) over packet-switched networks such as the Internet. It compares and evaluates design alternatives for a real-time transport protocol, providing rationales for the design decisions made for RTP. Also covered are issues of port assignment and multicast address allocation. An appendix provides a comprehensive glossary of terms related to multimedia conferencing. This document is a product of the Audio-Video Transport working group within the Internet Engineering Task Force. Comments are solicited and should be addressed to the working group's mailing list at rem-conf@es.net and/or the author(s). INTERNET-DRAFT draft-ietf-avt-issues-02.ps May 9, 1994 Contents 1 Introduction 4 2 Goals 7 3 Services 9 3.1 Control and Data : : : : : : : : : : : : : : : : : : : : : : : : ...

this memo is unlimited. Acknowledgements

Internetworks of the future will allow and promote universal access. Users will be able to access the network at a multitude of access points separated by significant geographic distance and many administrative boundaries. Without a single central authority, a new set of inter-domain security mechanisms is needed to allow users to venture into remote domains while inheriting privileges from their home domain. Solutions addressing this issue must take into account a somewhat contradictory security constraint that calls for strict separation of security domains in order to avoid sharing sensitive user-related security information. In this paper, we propose a generic approach for authenticating mobile users in remote domains that satisfies the domain separation constraint. The protocols described herein can be applied in different mobile-user environments including wireless networks and mobile user services on traditional wireline networks. Keywords: mobility, internetworks, mobile users...

The Service Location Protocol provides a scalable framework for the discovery and selection of network services. Using this protocol, computers using the Internet no longer need so much static configuration of network services for network based applications. This is especially important as computers become more portable, and users less tolerant or able to fulfill the demands of network system administration.