 1/draftietfrmtbbfecrs04.txt 20071112 18:12:09.000000000 +0100
+++ 2/draftietfrmtbbfecrs05.txt 20071112 18:12:09.000000000 +0100
@@ 1,22 +1,22 @@
Reliable Multicast Transport J. Lacan
InternetDraft ISAE
+InternetDraft ISAE/LAASCNRS
Intended status: Standards Track V. Roca
Expires: April 12, 2008 INRIA
+Expires: May 15, 2008 INRIA
J. Peltotalo
S. Peltotalo
Tampere University of Technology
 October 10, 2007
+ November 12, 2007
ReedSolomon Forward Error Correction (FEC) Schemes
 draftietfrmtbbfecrs04.txt
+ draftietfrmtbbfecrs05.txt
Status of this Memo
By submitting this InternetDraft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
InternetDrafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
@@ 27,169 +27,192 @@
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use InternetDrafts as reference
material or to cite them other than as "work in progress."
The list of current InternetDrafts can be accessed at
http://www.ietf.org/ietf/1idabstracts.txt.
The list of InternetDraft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
 This InternetDraft will expire on April 12, 2008.
+ This InternetDraft will expire on May 15, 2008.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
This document describes a FullySpecified Forward Error Correction
(FEC) Scheme for the ReedSolomon FEC codes over GF(2^^m), with m in
{2..16}, and its application to the reliable delivery of data objects
 on the packet erasure channel.
+ on the packet erasure channel (i.e., a communication path where
+ packets are either received without any corruption or discarded
+ during transmission).
This document also describes a FullySpecified FEC Scheme for the
special case of ReedSolomon codes over GF(2^^8) when there is no
encoding symbol group.
Finally, in the context of the UnderSpecified Small Block Systematic
FEC Scheme (FEC Encoding ID 129), this document assigns an FEC
Instance ID to the special case of ReedSolomon codes over GF(2^^8).
ReedSolomon codes belong to the class of Maximum Distance Separable
(MDS) codes, i.e., they enable a receiver to recover the k source
symbols from any set of k received symbols. The schemes described
here are compatible with the implementation from Luigi Rizzo.
Table of Contents
 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
 3. Definitions Notations and Abbreviations . . . . . . . . . . . 6
 3.1. Definitions . . . . . . . . . . . . . . . . . . . . . . . 6
 3.2. Notations . . . . . . . . . . . . . . . . . . . . . . . . 6
 3.3. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 7
 4. Formats and Codes with FEC Encoding ID 2 . . . . . . . . . . . 8
 4.1. FEC Payload ID . . . . . . . . . . . . . . . . . . . . . . 8
 4.2. FEC Object Transmission Information . . . . . . . . . . . 9
 4.2.1. Mandatory Elements . . . . . . . . . . . . . . . . . . 9
 4.2.2. Common Elements . . . . . . . . . . . . . . . . . . . 9
 4.2.3. SchemeSpecific Elements . . . . . . . . . . . . . . . 9
 4.2.4. Encoding Format . . . . . . . . . . . . . . . . . . . 10
 5. Formats and Codes with FEC Encoding ID 5 . . . . . . . . . . . 12
 5.1. FEC Payload ID . . . . . . . . . . . . . . . . . . . . . . 12
 5.2. FEC Object Transmission Information . . . . . . . . . . . 12
 5.2.1. Mandatory Elements . . . . . . . . . . . . . . . . . . 12
 5.2.2. Common Elements . . . . . . . . . . . . . . . . . . . 12
 5.2.3. SchemeSpecific Elements . . . . . . . . . . . . . . . 13
 5.2.4. Encoding Format . . . . . . . . . . . . . . . . . . . 13
 6. Procedures with FEC Encoding IDs 2 and 5 . . . . . . . . . . . 14
 6.1. Determining the Maximum Source Block Length (B) . . . . . 14
 6.2. Determining the Number of Encoding Symbols of a Block . . 14
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6
+ 3. Definitions Notations and Abbreviations . . . . . . . . . . . 7
+ 3.1. Definitions . . . . . . . . . . . . . . . . . . . . . . . 7
+ 3.2. Notations . . . . . . . . . . . . . . . . . . . . . . . . 7
+ 3.3. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 8
+ 4. Formats and Codes with FEC Encoding ID 2 . . . . . . . . . . . 10
+ 4.1. FEC Payload ID . . . . . . . . . . . . . . . . . . . . . . 10
+ 4.2. FEC Object Transmission Information . . . . . . . . . . . 11
+ 4.2.1. Mandatory Elements . . . . . . . . . . . . . . . . . . 11
+ 4.2.2. Common Elements . . . . . . . . . . . . . . . . . . . 11
+ 4.2.3. SchemeSpecific Elements . . . . . . . . . . . . . . . 11
+ 4.2.4. Encoding Format . . . . . . . . . . . . . . . . . . . 12
+ 5. Formats and Codes with FEC Encoding ID 5 . . . . . . . . . . . 14
+ 5.1. FEC Payload ID . . . . . . . . . . . . . . . . . . . . . . 14
+ 5.2. FEC Object Transmission Information . . . . . . . . . . . 14
+ 5.2.1. Mandatory Elements . . . . . . . . . . . . . . . . . . 14
+ 5.2.2. Common Elements . . . . . . . . . . . . . . . . . . . 14
+ 5.2.3. SchemeSpecific Elements . . . . . . . . . . . . . . . 15
+ 5.2.4. Encoding Format . . . . . . . . . . . . . . . . . . . 15
+ 6. Procedures with FEC Encoding IDs 2 and 5 . . . . . . . . . . . 16
+ 6.1. Determining the Maximum Source Block Length (B) . . . . . 16
+ 6.2. Determining the Number of Encoding Symbols of a Block . . 16
7. Small Block Systematic FEC Scheme (FEC Encoding ID 129)
 and ReedSolomon Codes over GF(2^^8) . . . . . . . . . . . . . 16
 8. ReedSolomon Codes Specification for the Erasure Channel . . . 17
 8.1. Finite Field . . . . . . . . . . . . . . . . . . . . . . . 17
 8.2. ReedSolomon Encoding Algorithm . . . . . . . . . . . . . 18
 8.2.1. Encoding Principles . . . . . . . . . . . . . . . . . 18
 8.2.2. Encoding Complexity . . . . . . . . . . . . . . . . . 19
 8.3. ReedSolomon Decoding Algorithm . . . . . . . . . . . . . 19
 8.3.1. Decoding Principles . . . . . . . . . . . . . . . . . 19
 8.3.2. Decoding Complexity . . . . . . . . . . . . . . . . . 20
 8.4. Implementation for the Packet Erasure Channel . . . . . . 20
 9. Security Considerations . . . . . . . . . . . . . . . . . . . 23
 9.1. Problem Statement . . . . . . . . . . . . . . . . . . . . 23
 9.2. Attacks Against the Data Flow . . . . . . . . . . . . . . 23
 9.3. Attacks against the FEC parameters . . . . . . . . . . . . 25
 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26
 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 27
 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 28
 12.1. Normative References . . . . . . . . . . . . . . . . . . . 28
 12.2. Informative References . . . . . . . . . . . . . . . . . . 28
 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 30
 Intellectual Property and Copyright Statements . . . . . . . . . . 31
+ and ReedSolomon Codes over GF(2^^8) . . . . . . . . . . . . . 19
+ 8. ReedSolomon Codes Specification for the Erasure Channel . . . 20
+ 8.1. Finite Field . . . . . . . . . . . . . . . . . . . . . . . 20
+ 8.2. ReedSolomon Encoding Algorithm . . . . . . . . . . . . . 21
+ 8.2.1. Encoding Principles . . . . . . . . . . . . . . . . . 21
+ 8.2.2. Encoding Complexity . . . . . . . . . . . . . . . . . 22
+ 8.3. ReedSolomon Decoding Algorithm . . . . . . . . . . . . . 22
+ 8.3.1. Decoding Principles . . . . . . . . . . . . . . . . . 22
+ 8.3.2. Decoding Complexity . . . . . . . . . . . . . . . . . 23
+ 8.4. Implementation for the Packet Erasure Channel . . . . . . 23
+ 9. Security Considerations . . . . . . . . . . . . . . . . . . . 27
+ 9.1. Problem Statement . . . . . . . . . . . . . . . . . . . . 27
+ 9.2. Attacks Against the Data Flow . . . . . . . . . . . . . . 27
+ 9.2.1. Access to Confidential Objects . . . . . . . . . . . . 27
+ 9.2.2. Content Corruption . . . . . . . . . . . . . . . . . . 28
+ 9.3. Attacks Against the FEC Parameters . . . . . . . . . . . . 29
+ 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30
+ 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31
+ 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 32
+ 12.1. Normative References . . . . . . . . . . . . . . . . . . . 32
+ 12.2. Informative References . . . . . . . . . . . . . . . . . . 32
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 34
+ Intellectual Property and Copyright Statements . . . . . . . . . . 35
1. Introduction
The use of Forward Error Correction (FEC) codes is a classical
solution to improve the reliability of multicast and broadcast
 transmissions. The [2] document describes a general framework to use
 FEC in Content Delivery Protocols (CDP). The companion document [4]
 describes some applications of FEC codes for content delivery.
+ transmissions. The [RFC5052] document describes a general framework
+ to use FEC in Content Delivery Protocols (CDP). The companion
+ document [RFC3453] describes some applications of FEC codes for
+ content delivery.
 Recent FEC schemes like [9] and [8] proposed erasure codes based on
 sparse graphs/matrices. These codes are efficient in terms of
 processing but not optimal in terms of correction capabilities when
 dealing with "small" objects.
+ Recent FEC schemes like [RFC5053] and [draftietfrmtbbfecldpc]
+ proposed erasure codes based on sparse graphs/matrices. These codes
+ are efficient in terms of processing but not optimal in terms of
+ correction capabilities when dealing with "small" objects.
The FEC scheme described in this document belongs to the class of
Maximum Distance Separable codes that are optimal in terms of erasure
correction capability. In others words, it enables a receiver to
recover the k source symbols from any set of exactly k encoding
symbols. Even if the encoding/decoding complexity is larger than
 that of [9] or [8], this family of codes is very useful.
+ that of [RFC5053] or [draftietfrmtbbfecldpc], this family of
+ codes is very useful.
Many applications dealing with content transmission or content
storage already rely on packetbased ReedSolomon codes. In
particular, many of them use the ReedSolomon codec of Luigi Rizzo
 [5]. The goal of the present document to specify an implementation
 of ReedSolomon codes that is compatible with this codec.
+ [RScodec] [Rizzo97]. The goal of the present document is to specify
+ an implementation of ReedSolomon codes that is compatible with this
+ codec.
The present document:
o introduces the FullySpecified FEC Scheme with FEC Encoding ID 2
that specifies the use of ReedSolomon codes over GF(2^^m), with m
in {2..16},
o introduces the FullySpecified FEC Scheme with FEC Encoding ID 5
that focuses on the special case of ReedSolomon codes over
GF(2^^8) and no encoding symbol group (i.e., exactly one symbol
per packet), and
o in the context of the UnderSpecified Small Block Systematic FEC
 Scheme (FEC Encoding ID 129) [3], assigns the FEC Instance ID 0 to
 the special case of ReedSolomon codes over GF(2^^8) and no
 encoding symbol group.
+ Scheme (FEC Encoding ID 129)
+ [draftietfrmtbbfecbasicschemesrevised], assigns the FEC
+ Instance ID 0 to the special case of ReedSolomon codes over
+ GF(2^^8) and no encoding symbol group.
+
+ For a definition of the terms FullySpecified and UnderSpecified FEC
+ Schemes, see [RFC5052], section 4.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
 document are to be interpreted as described in RFC 2119 [1].
+ document are to be interpreted as described in RFC 2119 [RFC2119].
3. Definitions Notations and Abbreviations
3.1. Definitions
This document uses the same terms and definitions as those specified
 in [2]. Additionally, it uses the following definitions:
+ in [RFC5052]. Additionally, it uses the following definitions:
Source symbol: unit of data used during the encoding process.
Encoding symbol: unit of data generated by the encoding process.
Repair symbol: encoding symbol that is not a source symbol.
+ Code rate: the k/n ratio, i.e., the ratio between the number of
+ source symbols and the number of encoding symbols. The code rate
+ belongs to a ]0; 1] interval. A code rate close to 1 indicates
+ that a small number of repair symbols have been produced during
+ the encoding process.
+
Systematic code: FEC code in which the source symbols are part of
the encoding symbols.
Source block: a block of k source symbols that are considered
together for the encoding.
Encoding Symbol Group: a group of encoding symbols that are sent
together within the same packet, and whose relationships to the
source block can be derived from a single Encoding Symbol ID.
Source Packet: a data packet containing only source symbols.
Repair Packet: a data packet containing only repair symbols.
+ Packet Erasure Channel: a communication path where packets are
+ either dropped (e.g., by a congested router, or because the number
+ of transmission errors exceeds the correction capabilities of the
+ physical layer codes) or received. When a packet is received, it
+ is assumed that this packet is not corrupted.
+
3.2. Notations
This document uses the following notations:
L denotes the object transfer length in bytes.
k denotes the number of source symbols in a source block.
n_r denotes the number of repair symbols generated for a source
block.
@@ 210,26 +233,26 @@
S denotes the symbol size in units of mbit elements. When m = 8,
then S and E are equal.
m defines the length of the elements in the finite field, in bits.
In this document, m belongs to {2..16}.
q defines the number of elements in the finite field. We have: q
= 2^^m in this specification.
 G denotes the number of encoding symbols per group, i.e. the
+ G denotes the number of encoding symbols per group, i.e., the
number of symbols sent in the same packet.
GM denotes the Generator Matrix of a ReedSolomon code.
 rate denotes the "code rate", i.e., the k/n ratio.
+ CR denotes the "code rate", i.e., the k/n ratio.
a^^b denotes a raised to the power b.
a^^1 denotes the inverse of a.
I_k denotes the k*k identity matrix.
3.3. Abbreviations
This document uses the following abbreviations:
@@ 240,21 +263,21 @@
RS stands for ReedSolomon.
MDS stands for Maximum Distance Separable code.
GF(q) denotes a finite field (also known as Galois Field) with q
elements. We assume that q = 2^^m in this document.
4. Formats and Codes with FEC Encoding ID 2
 This section introduces the formats and codes associated to the
+ This section introduces the formats and codes associated with the
FullySpecified FEC Scheme with FEC Encoding ID 2 that specifies the
use of ReedSolomon codes over GF(2^^m).
4.1. FEC Payload ID
The FEC Payload ID is composed of the Source Block Number and the
Encoding Symbol ID. The length of these two fields depends on the
parameter m (which is transmitted in the FEC OTI) as follows:
o The Source Block Number (field of size 32m bits) identifies from
@@ 354,45 +377,48 @@
4.2.4. Encoding Format
This section shows the two possible encoding formats of the above FEC
OTI. The present document does not specify when one encoding format
or the other should be used.
4.2.4.1. Using the General EXT_FTI Format
The FEC OTI binary format is the following, when the EXT_FTI
 mechanism is used (e.g., within the ALC [10] or NORM [11] protocols).
+ mechanism is used (e.g., within the ALC
+ [draftietfrmtpialcrevised] or NORM
+ [draftietfrmtpinormrevised] protocols).
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+++++++++++++++++++++++++++++++++
 HET = 64  HEL = 4  
+++++++++++++++++ +
 TransferLength (L) 
+++++++++++++++++++++++++++++++++
 m  G  Encoding Symbol Length (E) 
+++++++++++++++++++++++++++++++++
 Max Source Block Length (B)  Max Nb Enc. Symbols (max_n) 
+++++++++++++++++++++++++++++++++
Figure 3: EXT_FTI Header Format
4.2.4.2. Using the FDT Instance (FLUTE specific)
When it is desired that the FEC OTI be carried in the FDT (File
 Delivery Table) Instance of a FLUTE session [12], the following XML
 attributes must be described for the associated object:
+ Delivery Table) Instance of a FLUTE session
+ [draftietfrmtfluterevised], the following XML attributes must be
+ described for the associated object:
o FECOTIFECEncodingID

o FECOTITransferLength (L)
+
o FECOTIEncodingSymbolLength (E)
o FECOTIMaximumSourceBlockLength (B)
o FECOTIMaxNumberofEncodingSymbols (max_n)
o FECOTISchemeSpecificInfo
The FECOTISchemeSpecificInfo contains the string resulting from
the Base64 encoding (in the XML Schema xs:base64Binary sense) of the
@@ 409,49 +435,49 @@
When no m parameter is to be carried in the FEC OTI, the m field is
set to 0 (which is not a valid seed value). Otherwise the m field
contains a valid value as explained in Section 4.2.3. Similarly,
when no G parameter is to be carried in the FEC OTI, the G field is
set to 0 (which is not a valid seed value). Otherwise the G field
contains a valid value as explained in Section 4.2.3. When neither m
nor G are to be carried in the FEC OTI, then the sender simply omits
the FECOTISchemeSpecificInfo attribute.
 After Base64 encoding, the 2 bytes of the FEC OTI Scheme Specific
+ During Base64 encoding, the 2 bytes of the FEC OTI Scheme Specific
Information are transformed into a string of 4 printable characters
 (in the 64character alphabet) and added to the FECOTIScheme
+ (in the 64character alphabet) that is added to the FECOTIScheme
SpecificInfo attribute.
5. Formats and Codes with FEC Encoding ID 5
 This section introduces the formats and codes associated to the
+ This section introduces the formats and codes associated with the
FullySpecified FEC Scheme with FEC Encoding ID 5 that focuses on the
special case of ReedSolomon codes over GF(2^^8) and no encoding
symbol group.
5.1. FEC Payload ID
The FEC Payload ID is composed of the Source Block Number and the
Encoding Symbol ID:
o The Source Block Number (24 bit field) identifies from which
source block of the object the encoding symbol in the payload is
generated. There is a maximum of 2^^24 blocks per object.
o The Encoding Symbol ID (8 bit field) identifies which specific
encoding symbol generated from the source block is carried in the
packet payload. There is a maximum of 2^^8 encoding symbols per
block. The first k values (0 to k  1) identify source symbols,
the remaining nk values identify repair symbols.
There MUST be exactly one FEC Payload ID per source or repair packet.
 This FEC Payload ID refer to the one and only symbol of the packet.
+ This FEC Payload ID refers to the one and only symbol of the packet.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+++++++++++++++++++++++++++++++++
 Source Block Number (24 bits)  Enc. Symb. ID 
+++++++++++++++++++++++++++++++++
Figure 5: FEC Payload ID encoding format with FEC Encoding ID 5
5.2. FEC Object Transmission Information
@@ 472,114 +498,119 @@
5.2.4. Encoding Format
This section shows the two possible encoding formats of the above FEC
OTI. The present document does not specify when one encoding format
or the other should be used.
5.2.4.1. Using the General EXT_FTI Format
The FEC OTI binary format is the following, when the EXT_FTI
 mechanism is used (e.g., within the ALC [10] or NORM [11] protocols).
+ mechanism is used (e.g., within the ALC
+ [draftietfrmtpialcrevised] or NORM
+ [draftietfrmtpinormrevised] protocols).
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+++++++++++++++++++++++++++++++++
 HET = 64  HEL = 3  
+++++++++++++++++ +
 TransferLength (L) 
+++++++++++++++++++++++++++++++++
 Encoding Symbol Length (E)  MaxBlkLen (B)  max_n 
+++++++++++++++++++++++++++++++++
Figure 6: EXT_FTI Header Format with FEC Encoding ID 5
5.2.4.2. Using the FDT Instance (FLUTE specific)
When it is desired that the FEC OTI be carried in the FDT Instance of
 a FLUTE session [12], the following XML attributes must be described
 for the associated object:
+ a FLUTE session [draftietfrmtfluterevised], the following XML
+ attributes must be described for the associated object:
o FECOTIFECEncodingID
o FECOTITransferLength (L)
o FECOTIEncodingSymbolLength (E)
o FECOTIMaximumSourceBlockLength (B)
o FECOTIMaxNumberofEncodingSymbols (max_n)
6. Procedures with FEC Encoding IDs 2 and 5
This section defines procedures that are common to FEC Encoding IDs 2
 and 5. In case of FEC Encoding ID 5, m = 8 and G = 1. Note that the
 block partitioning algorithm is defined in [2].
+ and 5. In case of FEC Encoding ID 5, m = 8 and G = 1. The block
+ partitioning algorithm that is defined in section 9.1 of [RFC5052]
+ MUST be used with FEC Encoding IDs 2 and 5.
6.1. Determining the Maximum Source Block Length (B)
The finite field size parameter, m, defines the number of non zero
elements in this field which is equal to: q  1 = 2^^m  1. Note
that q  1 is also the theoretical maximum number of encoding symbols
that can be produced for a source block. For instance, when m = 8
(default) there is a maximum of 2^^8  1 = 255 encoding symbols.
Given the target FEC code rate (e.g., provided by the user when
starting a FLUTE sending application), the sender calculates:
 max1_B = floor((2^^m  1) * rate)
+ max1_B = floor((2^^m  1) * CR)
This max1_B value leaves enough room for the sender to produce the
desired number of parity symbols.
Additionally, a codec MAY impose other limitations on the maximum
block size. Yet it is not expected that such limits exist when using
the default m = 8 value. This decision MUST be clarified at
implementation time, when the target use case is known. This results
in a max2_B limitation.
Then, B is given by:
B = min(max1_B, max2_B)
Note that this calculation is only required at the coder, since the B
parameter is communicated to the decoder through the FEC OTI.
6.2. Determining the Number of Encoding Symbols of a Block
The following algorithm, also called "nalgorithm", explains how to
 determine the actual number of encoding symbols for a given block.
+ determine the maximum number of encoding symbols generated for any
+ source block (max_n) and the number of encoding symbols for a given
+ block (n) as a function of the target code rate.
AT A SENDER:
Input:
B: Maximum source block length, for any source block. Section 6.1
explains how to determine its value.
k: Current source block length. This parameter is given by the
block partitioning algorithm.
 rate: FEC code rate, which is given by the user (e.g., when
 starting a FLUTE sending application). It is expressed as a
 floating point value.
+ CR: FEC code rate, which is given by the user (e.g., when starting
+ a FLUTE sending application). It is expressed as a floating point
+ value.
Output:
max_n: Maximum number of encoding symbols generated for any source
block.
n: Number of encoding symbols generated for this source block.
Algorithm:
 max_n = ceil(B / rate);
+ max_n = ceil(B / CR);
if (max_n > 2^^m  1) then return an error ("invalid code rate");
n = floor(k * max_n / B);
AT A RECEIVER:
Input:
B: Extracted from the received FEC OTI.
@@ 589,82 +620,97 @@
k: Given by the block partitioning algorithm.
Output:
n
Algorithm:
n = floor(k * max_n / B);
 Note that a ReedSolomon decoder does not need to know the n value.
 Therefore the receiver part of the "nalgorithm" is not necessary
 from the ReedSolomon decoder point of view. Yet a receiving
 application using the ReedSolomon FEC scheme will sometimes need to
 know the n value used by the sender, for instance for memory
 management optimizations. To that purpose, the FEC OTI carries all
 the parameters needed for a receiver to execute the above algorithm.
+ It is RECOMMENDED that the "nalgorithm" be used by a sender, but
+ other algorithms remain possible to determine max_n and/or n.
+
+ At a receiver, the max_n value is extracted from the received FEC
+ OTI. Since the ReedSolomon decoder does not need to know the actual
+ n value, using the receiver part of the "nalgorithm" is not
+ necessary from a decoding point of view.
+
+ However a receiver may want to have an estimate of n for other
+ reasons (e.g., for memory management purposes). In that case, a
+ receiver knows that the number of encoding symbols of a block cannot
+ exceed max_n. Additionally, if a receiver believes that a sender
+ uses the "nalgorithm", this receiver MAY use the receiver part of
+ the "nalgorithm" to get a better estimate of n. When this is the
+ case, a receiver MUST be prepared to handle symbols with an Encoding
+ Symbol ID superior or equal to the computed n value (e.g., it can
+ choose to simply drop them).
7. Small Block Systematic FEC Scheme (FEC Encoding ID 129) and Reed
Solomon Codes over GF(2^^8)
In the context of the UnderSpecified Small Block Systematic FEC
 Scheme (FEC Encoding ID 129) [3], this document assigns the FEC
 Instance ID 0 to the special case of ReedSolomon codes over GF(2^^8)
 and no encoding symbol group.
+ Scheme (FEC Encoding ID 129)
+ [draftietfrmtbbfecbasicschemesrevised], this document assigns
+ the FEC Instance ID 0 to the special case of ReedSolomon codes over
+ GF(2^^8) and no encoding symbol group.
 The FEC Instance ID 0 uses the Formats and Codes specified in [3].
+ The FEC Instance ID 0 uses the Formats and Codes specified in
+ [draftietfrmtbbfecbasicschemesrevised].
 The FEC Scheme with FEC Instance ID 0 MAY use the algorithm defined
 in Section 9.1. of [2] to partition the file into source blocks.
 This FEC Scheme MAY also use another algorithm. For instance the CDP
 sender may change the length of each source block dynamically,
 depending on some external criteria (e.g., to adjust the FEC coding
 rate to the current loss rate experienced by NORM receivers) and
 inform the CDP receivers of the current block length by means of the
 EXT_FTI mechanism. This choice is out of the scope of the current
 document.
+ The FEC Scheme with FEC Instance ID 0 MAY use the block partitioning
+ algorithm defined in Section 9.1. of [RFC5052] to partition the
+ object into source blocks. This FEC Scheme MAY also use another
+ algorithm. For instance the CDP sender may change the length of each
+ source block dynamically, depending on some external criteria (e.g.,
+ to adjust the FEC coding rate to the current loss rate experienced by
+ NORM receivers) and inform the CDP receivers of the current block
+ length by means of the EXT_FTI mechanism. This choice is out of the
+ scope of the current document.
8. ReedSolomon Codes Specification for the Erasure Channel
ReedSolomon (RS) codes are linear block codes. They also belong to
the class of MDS codes. A [n,k]RS code encodes a sequence of k
source elements defined over a finite field GF(q) into a sequence of
n encoding elements, where n is upper bounded by q  1. The
implementation described in this document is based on a generator
matrix built from a Vandermonde matrix put into systematic form.
Section 8.1 to Section 8.3 specify the [n,k]RS codes when applied to
mbit elements, and Section 8.4 the use of [n,k]RS codes when
applied to symbols composed of several mbit elements, which is the
target of this specification.
+ A reader who wants to understand the underlying theory is invited to
+ refer to references [Rizzo97] and [MWS77].
+
8.1. Finite Field
A finite field GF(q) is defined as a finite set of q elements which
has a structure of field. It contains necessarily q = p^^m elements,
where p is a prime number. With packet erasure channels, p is always
set to 2. The elements of the field GF(2^^m) can be represented by
polynomials with binary coefficients (i.e., over GF(2)) of degree
 lower or equal than m1. The polynomials can be associated to binary
+ lower or equal to m1. The polynomials can be associated with binary
vectors of length m. For example, the vector (11001) represents the
polynomial 1 + x + x^^4. This representation is often called
polynomial representation. The addition between two elements is
defined as the addition of binary polynomials in GF(2) and the
multiplication is the multiplication modulo a given irreducible
 polynomial over GF(2) of degree m with coefficients in GF(2). Note
 that all the roots of this polynomial are in GF(2^^m) but not in
 GF(2).
+ polynomial over GF(2) of degree m. Note that all the roots of this
+ polynomial are in GF(2^^m) but not in GF(2).
 A finite field GF(2^^m) is completely characterized by the
 irreducible polynomial. The following polynomials are chosen to
 represent the field GF(2^^m), for m varying from 2 to 16:
+ The chosen polynomial representation of the finite field GF(2^^m) is
+ completely characterized by the irreducible polynomial. The
+ following polynomials are chosen to represent the field GF(2^^m), for
+ m varying from 2 to 16:
m = 2, "111" (1+x+x^^2)
m = 3, "1101", (1+x+x^^3)
m = 4, "11001", (1+x+x^^4)
m = 5, "101001", (1+x^^2+x^^5)
m = 6, "1100001", (1+x+x^^6)
@@ 734,104 +780,104 @@
formed by the n' first columns of GM.
8.2.2. Encoding Complexity
Encoding can be performed by first precomputing GM and by
multiplying the source vector (k elements) by GM (k rows and n
columns). The complexity of the precomputation of the generator
matrix can be estimated as the complexity of the multiplication of
the inverse of a Vandermonde matrix by nk vectors (i.e., the last
nk columns of V_{k,n}). Since the complexity of the inverse of a
 k*kVandermonde matrix by a vector is O(k * log^^2(k)), the generator
 matrix can be computed in 0((nk)* k * log^^2(k)) operations. When
 the generator matrix is precomputed, the encoding needs k operations
 per repair element (vectormatrix multiplication).
+ k*kVandermonde matrix by a vector is O(k * (log(k))^^2), the
+ generator matrix can be computed in 0((nk)* k * (log(k))^^2))
+ operations. When the generator matrix is precomputed, the encoding
+ needs k operations per repair element (vectormatrix multiplication).
Encoding can also be performed by first computing the product s *
V_{k,k}^^1 and then by multiplying the result with V_{k,n}. The
multiplication by the inverse of a square Vandermonde matrix is known
 as the interpolation problem and its complexity is O(k * log^^2 (k)).
 The multiplication by a Vandermonde matrix, known as the multipoint
 evaluation problem, requires O((nk) * log(k)) by using Fast Fourier
 Transform, as explained in [7]. The total complexity of this
 encoding algorithm is then O((k/(nk)) * log^^2(k) + log(k))
 operations per repair element.
+ as the interpolation problem and its complexity is O(k *
+ (log(k))^^2). The multiplication by a Vandermonde matrix, known as
+ the multipoint evaluation problem, requires O((nk) * log(k)) by
+ using Fast Fourier Transform, as explained in [GO94]. The total
+ complexity of this encoding algorithm is then O((k/(nk)) *
+ (log(k))^^2 + log(k)) operations per repair element.
8.3. ReedSolomon Decoding Algorithm
8.3.1. Decoding Principles
The ReedSolomon decoding algorithm for the erasure channel allows
the recovery of the k source elements from any set of k received
elements. It is based on the fundamental property of the generator
 matrix which is such that any k*ksubmatrix is invertible (see [6]).
 The first step of the decoding consists in extracting the k*k
 submatrix of the generator matrix obtained by considering the columns
 corresponding to the received elements. Indeed, since any encoding
 element is obtained by multiplying the source vector by one column of
 the generator matrix, the received vector of k encoding elements can
 be considered as the result of the multiplication of the source
 vector by a k*k submatrix of the generator matrix. Since this
+ matrix which is such that any k*ksubmatrix is invertible (see
+ [MWS77]). The first step of the decoding consists in extracting the
+ k*k submatrix of the generator matrix obtained by considering the
+ columns corresponding to the received elements. Indeed, since any
+ encoding element is obtained by multiplying the source vector by one
+ column of the generator matrix, the received vector of k encoding
+ elements can be considered as the result of the multiplication of the
+ source vector by a k*k submatrix of the generator matrix. Since this
submatrix is invertible, the second step of the algorithm is to
invert this matrix and to multiply the received vector by the
obtained matrix to recover the source vector.
8.3.2. Decoding Complexity
The decoding algorithm described previously includes the matrix
inversion and the vectormatrix multiplication. With the classical
GaussJordan algorithm, the matrix inversion requires O(k^^3)
operations and the vectormatrix multiplication is performed in
O(k^^2) operations.
This complexity can be improved by considering that the received
submatrix of GM is the product between the inverse of a Vandermonde
matrix (V_(k,k)^^1) and another Vandermonde matrix (denoted by V'
which is a submatrix of V_(k,n)). The decoding can be done by
multiplying the received vector by V'^^1 (interpolation problem with
 complexity O( k * log^^2(k)) ) then by V_{k,k} (multipoint evaluation
 with complexity O(k * log(k))). The global decoding complexity is
 then O(log^^2(k)) operations per source element.
+ complexity O( k * (log(k))^^2) ) then by V_{k,k} (multipoint
+ evaluation with complexity O(k * log(k))). The global decoding
+ complexity is then O((log(k))^^2) operations per source element.
8.4. Implementation for the Packet Erasure Channel
In a packet erasure channel, each packet (and symbol(s) since packets
contain G >= 1 symbols) is either correctly received or erased. The
location of the erased symbols in the sequence of symbols MUST be
known. The following specification describes the use of ReedSolomon
codes for generating redundant symbols from the k source symbols and
for recovering the source symbols from any set of k received symbols.
The k source symbols of a source block are assumed to be composed of
S mbit elements. Each mbit element corresponds to an element of
the finite field GF(2^^m) through the polynomial representation
(Section 8.1). If some of the source symbols contain less than S
 elements, they MUST be virtually padded with zero elements (it can be
 the case for the last symbol of the last block of the object).
+ elements, they MUST be virtually padded with zero elements (this can
+ be the case for the last symbol of the last block of the object).
However, this padding does not need to be actually sent with the data
to the receivers.
The encoding process produces n encoding symbols of size S mbit
elements, of which k are source symbols (this is a systematic code)
and nk are repair symbols (Figure 7). The mbit elements of the
repair symbols are calculated using the corresponding mbit elements
 of the source symbol set. A logical jth source vector, comprised of
 the jth elements from the set of source symbols, is used to
 calculate a jth encoding vector. This jth encoding vector then
 provides the jth elements for the set encoding symbols calculated
+ of the source symbol set. A logical uth source vector, comprised of
+ the uth elements from the set of source symbols, is used to
+ calculate a uth encoding vector. This uth encoding vector then
+ provides the uth elements for the set encoding symbols calculated
for the block. As a systematic code, the first k encoding symbols
are the same as the k source symbols and the last nk repair symbols
are the result of the ReedSolomon encoding.
Input: k source symbols
 0 j S1
+ 0 u S1
+++++++++++++++++++++++++++
 X  source symbol 0
+++++++++++++++++++++++++++
+++++++++++++++++++++++++++
 X  source symbol 1
+++++++++++++++++++++++++++
. . .
+++++++++++++++++++++++++++
 X  source symbol k1
+++++++++++++++++++++++++++
@@ 842,21 +888,21 @@
 generator matrix 
 GM 
 (k x n) 
++

V
Output: n encoding symbols (source + repair)
 0 j S1
+ 0 u S1
+++++++++++++++++++++++++++
 X  enc. symbol 0
+++++++++++++++++++++++++++
+++++++++++++++++++++++++++
 X  enc. symbol 1
+++++++++++++++++++++++++++
. . .
+++++++++++++++++++++++++++
 Y  enc. symbol n1
+++++++++++++++++++++++++++
@@ 905,235 +952,259 @@
making the decoding of an object computationally expensive).
These attacks can be launched either against the data flow itself
(e.g. by sending forged symbols) or against the FEC parameters that
are sent either inband (e.g., in an EXT_FTI or FDT Instance) or out
ofband (e.g., in a session description).
9.2. Attacks Against the Data Flow
First of all, let us consider the attacks against the data flow.
 Access control is typically provided by means of encryption. This
 encryption can be done over the whole object (e.g., by the content
 provider, before the FEC encoding process), or be done on a packet
 per packet basis (e.g., when IPSec/ESP is used [14]). If access
 control is a concern, it is RECOMMENDED that one of these solutions
 be used. Even if we mention these attacks here, they are not related
 nor facilitated by the use of FEC.
 Protection against corruptions (forged packets) is achieved by means
 of a content integrity verification/sender authentication scheme.
 This service can be provided at the object level, but in that case a
 receiver has no way to identify which symbol(s) is(are) corrupted if
 the object is detected as corrupted. This service can also be
 provided at the packet level, and after having removed all forged
 packets, the object can be recovered if the number of symbols
 remaining is sufficient. Several techniques can provide this source
+9.2.1. Access to Confidential Objects
+
+ Access control to the object being transmitted is typically provided
+ by means of encryption. This encryption can be done over the whole
+ object (e.g., by the content provider, before the FEC encoding
+ process), or be done on a packet per packet basis (e.g., when IPSec/
+ ESP is used [RFC4303]). If access control is a concern, it is
+ RECOMMENDED that one of these solutions be used. Even if we mention
+ these attacks here, they are not related nor facilitated by the use
+ of FEC.
+
+9.2.2. Content Corruption
+
+ Protection against corruptions (e.g., after sending forged packets)
+ is achieved by means of a content integrity verification/sender
+ authentication scheme. This service can be provided at the object
+ level, but in that case a receiver has no way to identify which
+ symbol(s) is(are) corrupted if the object is detected as corrupted.
+ This service can also be provided at the packet level. In this case,
+ after removing all forged packets, the object may be in some case
+ recovered. Several techniques can provide this source
authentication/content integrity service:
o at the object level, the object MAY be digitally signed (with
 public key cryptography) (e.g., using RSASSAPKCS1v1_5 [13]).
 This signature enables a receiver to check the object, once this
 latter has been fully decoded. Even if digital signatures are
 computationally expensive, this calculation occurs only once per
 object, which is usually acceptable;
+ public key cryptography), for instance by using RSASSAPKCS1v1_5
+ [RFC3447]. This signature enables a receiver to check the object
+ integrity, once this latter has been fully decoded. Even if
+ digital signatures are computationally expensive, this calculation
+ occurs only once per object, which is usually acceptable;
o at the packet level, each packet can be digitally signed. A major
limitation is the high computational and transmission overheads
 that this solution incurs (unless ECC is used, but ECC is
 protected by IPR). To avoid this problem, the signature may span
 a set of symbols in order to amortize the signature calculation,
 but if a single symbol is missing, the integrity of the whole set
 cannot be checked;
+ that this solution requires (unless Elliptic Curve Cryptography
+ (ECC) is used, but ECC is the subject of proprietary patents). To
+ avoid this problem, the signature may span a set of symbols
+ (instead of a single one) in order to amortize the signature
+ calculation. But if a single symbol is missing, the integrity of
+ the whole set cannot be checked;
o at the packet level, a Group Message Authentication Code (MAC)
 [15] (e.g., using HMACSHA1 with a secret key shared by all the
 group members, senders and receivers) scheme can be used. This
 technique creates a cryptographically secured (thanks to the
 secret key) digest of a packet that is sent along with the packet.
 The Group MAC scheme does not incur prohibitive processing load
 nor transmission overhead, but it has a major limitation: it only
 provides a group authentication/integrity service since all group
 members share the same secret group key, which means that each
 member can send a forged packet. It is therefore restricted to
 situations where group members are fully trusted (or in
 association with another technique as a precheck);

 o at the packet level, TESLA [16] is a very attractive and efficient
 solution that is robust to losses, provides a true authentication/
 integrity service, and does not incur any prohibitive processing
 load or transmission overhead.

 It is up to the developer, who knows the security requirements of the
 target usecase, to define which solution is the most appropriate.
 Nonetheless, it is RECOMMENDED that at least one of these techniques
 be used.
+ [RFC2104] scheme can be used, for instance by using HMACSHA1
+ with a secret key shared by all the group members, senders and
+ receivers. This technique creates a cryptographically secured
+ (thanks to the secret key) digest of a packet that is sent along
+ with the packet. The Group MAC scheme does not create prohibitive
+ processing load nor transmission overhead, but it has a major
+ limitation: it only provides a group authentication/integrity
+ service since all group members share the same secret group key,
+ which means that each member can send a forged packet. It is
+ therefore restricted to situations where group members are fully
+ trusted (or in association with another technique as a precheck);
+ o at the packet level, TESLA [RFC4082] is a very attractive and
+ efficient solution that is robust to losses, provides a true
+ authentication/integrity service, and does not create any
+ prohibitive processing load or transmission overhead. Yet
+ checking a packet requires a small delay (a second or more) after
+ its reception;
Techniques relying on public key cryptography (digital signatures and
 TESLA during the bootstrap process) require that public keys be
 securely associated to the entities. This can be achieved by a
 Public Key Infrastructure (PKI), or by a PGP Web of Trust, or by pre
 distributing the public keys of each group member. It is up to the
 developer, who knows the features of the target usecase, to define
 which solution to use.
+ TESLA during the bootstrap process, when used) require that public
+ keys be securely associated to the entities. This can be achieved by
+ a Public Key Infrastructure (PKI), or by a PGP Web of Trust, or by
+ predistributing the public keys of each group member.
Techniques relying on symmetric key cryptography (group MAC) require
that a secret key be shared by all group members. This can be
achieved by means of a group key management protocol, or simply by
predistributing the secret key (but this manual solution has many
 limitations). Here also, it is up to the developer to define which
 solution to use, taking into account the target usecase features.
+ limitations).
9.3. Attacks against the FEC parameters
+ It is up to the developer and deployer, who know the security
+ requirements and features of the target application area, to define
+ which solution is the most appropriate. Nonetheless, in case there
+ is any concern of the threat of object corruption, it is RECOMMENDED
+ that at least one of these techniques be used.
+
+9.3. Attacks Against the FEC Parameters
Let us now consider attacks against the FEC parameters (or FEC OTI).
The FEC OTI can either be sent inband (i.e., in an EXT_FTI or in an
FDT Instance containing FEC OTI for the object) or outofband (e.g.,
in a session description). Attacks on these FEC parameters can
prevent the decoding of the associated object: for instance modifying
the B parameter will lead to a different block partitioning at a
receiver thereby compromising decoding; or setting the m parameter to
16 instead of 8 with FEC Encoding ID 2 will increase the processing
load while compromising decoding.
It is therefore RECOMMENDED that security measures be taken to
guarantee the FEC OTI integrity. To that purpose, the packets
 carrying the FEC parameters sent inband (i.e., in an EXT_FTI header
 extension or in an FDT Instance) may be protected by one of the per
 packet techniques described above: TESLA, digital signature, or a
 group MAC. Alternatively, when FEC OTI is contained in an FDT
 Instance, this object may be digitally signed. Finally, when FEC OTI
 is sent outofband for instance in a session description, this
 latter may be protected by a digital signature.
+ carrying the FEC parameters sent inband in an EXT_FTI header
+ extension SHOULD be protected by one of the perpacket techniques
+ described above: digital signature, group MAC, or TESLA. When FEC
+ OTI is contained in an FDT Instance, this object SHOULD be protected,
+ for instance by digitally signing it with XML digital signatures
+ [RFC3275]. Finally, when FEC OTI is sent outofband (e.g., in a
+ session description) this latter SHOULD be protected, for instance by
+ digitally signing it.
The same considerations concerning the key management aspects apply
here also.
10. IANA Considerations
Values of FEC Encoding IDs and FEC Instance IDs are subject to IANA
registration. For general guidelines on IANA considerations as they
 apply to this document, see [2].
+ apply to this document, see [RFC5052].
This document assigns the FullySpecified FEC Encoding ID 2 under the
"ietf:rmt:fec:encoding" namespace to "ReedSolomon Codes over
GF(2^^m)".
This document assigns the FullySpecified FEC Encoding ID 5 under the
"ietf:rmt:fec:encoding" namespace to "ReedSolomon Codes over
GF(2^^8)".
This document assigns the FEC Instance ID 0 scoped by the Under
Specified FEC Encoding ID 129 to "ReedSolomon Codes over GF(2^^8)".
More specifically, under the "ietf:rmt:fec:encoding:instance" sub
namespace that is scoped by the "ietf:rmt:fec:encoding" called
"Small Block Systematic FEC Codes", this document assigns FEC
Instance ID 0 to "ReedSolomon Codes over GF(2^^8)".
11. Acknowledgments
The authors want to thank Brian Adamson, Igor Slepchin, Stephen Kent,
 and Francis Dupont for their valuable comments. The authors also
 want to thank Luigi Rizzo for his comments and for the design of the
 reference ReedSolomon codec.
+ Francis Dupont, Elwyn Davies, Magnus Westerlund and Alfred Hoenes for
+ their valuable comments. The authors also want to thank Luigi Rizzo
+ for his comments and for the design of the reference ReedSolomon
+ codec.
12. References
12.1. Normative References
 [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
 Levels", RFC 2119.
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", RFC 2119.
 [2] Watson, M., Luby, M., and L. Vicisano, "Forward Error
+ [RFC5052] Watson, M., Luby, M., and L. Vicisano, "Forward Error
Correction (FEC) Building Block", RFC 5052, August 2007.
 [3] Watson, M., "Basic Forward Error Correction (FEC) Schemes",
 draftietfrmtbbfecbasicschemesrevised03.txt (work in
 progress), February 2007.
+ [draftietfrmtbbfecbasicschemesrevised]
+ Watson, M., "Basic Forward Error Correction (FEC)
+ Schemes",
+ draftietfrmtbbfecbasicschemesrevised03.txt (work
+ in progress), February 2007.
12.2. Informative References
 [4] Luby, M., Vicisano, L., Gemmell, J., Rizzo, L., Handley, M.,
 and J. Crowcroft, "The Use of Forward Error Correction (FEC) in
 Reliable Multicast", RFC 3453, December 2002.
+ [RFC3453] Luby, M., Vicisano, L., Gemmell, J., Rizzo, L., Handley,
+ M., and J. Crowcroft, "The Use of Forward Error Correction
+ (FEC) in Reliable Multicast", RFC 3453, December 2002.
 [5] Rizzo, L., "ReedSolomon FEC codec (revised version of July
 2nd, 1998), available at
+ [RScodec]
+ Rizzo, L., "ReedSolomon FEC codec (revised version of
+ July 2nd, 1998), available at
http://info.iet.unipi.it/~luigi/vdm98/vdm980702.tgz and
 mirrored at http://planetebcast.inrialpes.fr/", July 1998.
+ mirrored at http://planetebcast.inrialpes.fr/",
+ July 1998.
 [6] Mac Williams, F. and N. Sloane, "The Theory of Error Correcting
 Codes", North Holland, 1977.
+ [Rizzo97] Rizzo, L., "Effective Erasure Codes for Reliable Computer
+ Communication Protocols", ACM SIGCOMM Computer
+ Communication Review Vol.27, No.2, pp.2436, April 1997.
 [7] Gohberg, I. and V. Olshevsky, "Fast algorithms with
+ [MWS77] Mac Williams, F. and N. Sloane, "The Theory of Error
+ Correcting Codes", North Holland, 1977.
+
+ [GO94] Gohberg, I. and V. Olshevsky, "Fast algorithms with
preprocessing for matrixvector multiplication problems",
Journal of Complexity, pp. 411427, vol. 10, 1994.
 [8] Roca, V., Neumann, C., and D. Furodet, "Low Density Parity
+ [draftietfrmtbbfecldpc]
+ Roca, V., Neumann, C., and D. Furodet, "Low Density Parity
Check (LDPC) Forward Error Correction",
 draftietfrmtbbfecldpc06.txt (work in progress),
 May 2007.
+ draftietfrmtbbfecldpc07.txt (work in progress),
+ November 2007.
 [9] Luby, M., Shokrollahi, A., Watson, M., and T. Stockhammer,
 "Raptor Forward Error Correction Scheme",
 draftietfrmtbbfecraptorobject09 (work in progress),
+ [RFC5053] Luby, M., Shokrollahi, A., Watson, M., and T. Stockhammer,
+ "Raptor Forward Error Correction Scheme", RFC 5053,
June 2007.
 [10] Luby, M., Watson, M., and L. Vicisano, "Asynchronous Layered
 Coding (ALC) Protocol Instantiation",
+ [draftietfrmtpialcrevised]
+ Luby, M., Watson, M., and L. Vicisano, "Asynchronous
+ Layered Coding (ALC) Protocol Instantiation",
draftietfrmtpialcrevised04.txt (work in progress),
February 2007.
 [11] Adamson, B., Bormann, C., Handley, M., and J. Macker,
 "Negativeacknowledgment (NACK)Oriented Reliable Multicast
 (NORM) Protocol", draftietfrmtpinormrevised05.txt (work
 in progress), March 2007.
+ [draftietfrmtpinormrevised]
+ Adamson, B., Bormann, C., Handley, M., and J. Macker,
+ "Negativeacknowledgment (NACK)Oriented Reliable
+ Multicast (NORM) Protocol",
+ draftietfrmtpinormrevised05.txt (work in progress),
+ March 2007.
 [12] Paila, T., Walsh, R., Luby, M., Lehtonen, R., and V. Roca,
+ [draftietfrmtfluterevised]
+ Paila, T., Walsh, R., Luby, M., Lehtonen, R., and V. Roca,
"FLUTE  File Delivery over Unidirectional Transport",
 draftietfrmtfluterevised04.txt (work in progress),
+ draftietfrmtfluterevised05.txt (work in progress),
October 2007.
 [13] Jonsson, J. and B. Kaliski, "PublicKey Cryptography Standards
 (PKCS) #1: RSA Cryptography Specifications Version 2.1",
 RFC 3447, February 2003.
+ [RFC3447] Jonsson, J. and B. Kaliski, "PublicKey Cryptography
+ Standards (PKCS) #1: RSA Cryptography Specifications
+ Version 2.1", RFC 3447, February 2003.
 [14] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303,
 December 2005.
+ [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)",
+ RFC 4303, December 2005.
 [15] "HMAC: KeyedHashing for Message Authentication", RFC 2104,
 February 1997.
+ [RFC2104] "HMAC: KeyedHashing for Message Authentication",
+ RFC 2104, February 1997.
 [16] "Timed Efficient Stream LossTolerant Authentication (TESLA):
 Multicast Source Authentication Transform Introduction",
 RFC 4082, June 2005.
+ [RFC4082] "Timed Efficient Stream LossTolerant Authentication
+ (TESLA): Multicast Source Authentication Transform
+ Introduction", RFC 4082, June 2005.
+
+ [RFC3275] Eastlake, D., Reagle, J., and D. Solo, "(Extensible Markup
+ Language) XMLSignature Syntax and Processing", RFC 3275,
+ March 2002.
Authors' Addresses
Jerome Lacan
 ISAE
+ ISAE/LAASCNRS
1, place Emile Blouin
Toulouse 31056
France
Email: jerome.lacan@isae.fr
URI: http://dmi.ensica.fr/auteur.php3?id_auteur=5
Vincent Roca
INRIA
655, av. de l'Europe
Inovallee; Montbonnot
ST ISMIER cedex 38334
France
 Email: vincent.roca@inrialpes.fr
 URI: http://planete.inrialpes.fr/~roca/
+ Email: vincent.roca@inria.fr
+ URI: http://planete.inrialpes.fr/people/roca/
Jani Peltotalo
Tampere University of Technology
P.O. Box 553 (Korkeakoulunkatu 1)
Tampere FIN33101
Finland
Email: jani.peltotalo@tut.fi
URI: http://atm.tut.fi/mad