From nobody Tue Mar 14 06:33:38 2023 Return-Path: X-Original-To: core@ietfa.amsl.com Delivered-To: core@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3C57C15152E; Tue, 14 Mar 2023 06:33:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DzrhEMHoOkj5; Tue, 14 Mar 2023 06:33:31 -0700 (PDT) Received: from GVZP280CU001-vft-obe.outbound.protection.outlook.com (mail-swedencentralazlp170110002.outbound.protection.outlook.com [IPv6:2a01:111:f403:c202::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDB4AC152577; Tue, 14 Mar 2023 06:33:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S3NZ8lbOERmbec8tXcTVVL3WLGFTrGB3dHYC7hAcO4KoeypRfcNjowVpi5gPF1gK1z4L5oSlLLd/gXgrUSrjfNW1QbwXqgMiJGust2jiiGzQHs52PGxvIkZjIgIsKGKHyLZfxFi9OFxyfIjXeUaBSAETuTht7lKOmwNIieenRcMcGq1xpWy+S8ELtEiw5xQlyn1CBZg6nw6AzIw7fscUJN3Xhoj5Gv943b3S3uSmK1DJL+DkiHAwO3Awmqtp0ajPrhuX9xSXGn4ma68o1+LRwk0ADrg59mpoF+SrfvtK9cGaDXTSXixalRuZS2hn/WJg0Ueg7OQfHk/SCk5fBiy3jA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UWoHQXy5Gp4Lcp0L7Ws5FUgCThUv6HhvleGXEPw0XX0=; b=SxNIlYjVEH8jZ8YH/I1HQxCN6eFG5CebvzW39aZzIlALA8PaBppakM50r/r/UmY06yp/mrGsQaKdtfm1caQb0dI94xlp7zTZo9SXw9qy+VyCprHadA+SMTw2+22K+bs40mLlI3XP6NOEZkLY9gpWAYQ43KQ1ORGPSn20hWPZwOYXPvYVfE35oUbnOKWihJOj6LkCsWUrolnVoq8gP5KGGes0TOyYvQYOHpCoRh36j4W9AfbSWduG112vMFk7+Hts9MXE8UTtNcj3xwM7rrppphfmEmEilbcsX6sZD2JvIWR6EAh/UCI2hfjyPt0WcDgG1e4K7XyqrEc2isV/BqBX4Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UWoHQXy5Gp4Lcp0L7Ws5FUgCThUv6HhvleGXEPw0XX0=; b=iHxHLSFyHAtAk1RqfZX1HLSI3IGWY+FNLljq0P+8pUR4ZMHVyHW2OZW6Q4CHBRUEDMK0oItAg36JtA4lyFMLLvBRRsX0pSHrC5/IOkBmmZ8Jr5H61jkX9Y1y+tH5RVZQY6a6gMfvgm2ZepVcNjZEmcg4j22qMJhK7jq1b3RRjdk= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se; Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:37::17) by GVZP280MB0170.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:42::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.26; Tue, 14 Mar 2023 13:33:25 +0000 Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::5435:d7bc:5f10:99df]) by GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::5435:d7bc:5f10:99df%6]) with mapi id 15.20.6178.026; Tue, 14 Mar 2023 13:33:25 +0000 Message-ID: <1d38ecf9-4a70-046d-fa47-05b75ebb2feb@ri.se> Date: Tue, 14 Mar 2023 14:33:23 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Content-Language: en-US To: =?UTF-8?Q?Christian_Ams=c3=bcss?= , core@ietf.org Cc: lake@ietf.org References: From: Marco Tiloca In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------TRU9ySj7nV7hXIY2292ux1gU" X-ClientProxiedBy: GV3P280CA0053.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:9::21) To GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:37::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: GVYP280MB0464:EE_|GVZP280MB0170:EE_ X-MS-Office365-Filtering-Correlation-Id: 7d748b59-129c-4fdf-c1b9-08db2490afbf X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: bza8JGVf31zfy0Yyf2NrrYpUJtjpW1Des5yhPqCx+C7oUByjyxnI8jKB9CGgLbqcAq1mLXWOpiGblshVn+RH7F9Lqltx4tUgXeFoZi/Fw+/cFJojBO5D9J03BLVRqc5JiOe1YJwmt52N7MVOakS395CsaBhtf7kvIfDUK+eYUXlujgFxnkvY8Ma9KRv/k0Sl77faWDZGCPtMTChqdV5XkIjqeUSxpwGI++lx4a3Ak5AYRHRYDtXNnhGxZFFrjWi+IEUrj8uHmrv40I9+wpKfexMJypLOJ7mwZdi0rTZfJBH7q3LMb/OT6h1oFOdYhOklkrPTSUBArnhMBU/P8+BN/2X4qfhggml7pc8Ju7Xm71Y721IqrjSCga5Ebo2276b28spq/4k24njJ1X+XLotQx3JU+DIi8HG8/FxbstAKt+U5gLdHDr/llnuhbdl7kt3GKU7riBYeAYQ6z6Tj0l2mdOiG/LROU+mxoCVVBP/V2haibyTYQrd+V22p54B5Np/H/X77x4pN6ebmT9CAgHyEK7+YIeuPv7gyuJkZn+IcQ2cyvbcMfp+5gK2l6g8phUh3RrARvL7vOJtLgGD4nMWYQIr0ekgeaZD+vCDqpEjVOD8YbVew+P4CEiDWdlMRfs59wtVf8ETPjRlc0I779Buh0Q/08pe79FqOUfduwDJBb3QlNqPwIJenOUfm6UI5jX/MNaw4n7hZxxDlIGQaBgwfJTscoT2xKT+6qjl3zHk5T3w= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230025)(4636009)(136003)(346002)(376002)(396003)(39860400002)(366004)(451199018)(30864003)(5660300002)(235185007)(478600001)(2616005)(2906002)(53546011)(6506007)(33964004)(6512007)(26005)(6486002)(966005)(36756003)(21480400003)(186003)(44832011)(86362001)(66574015)(31696002)(166002)(41300700001)(38100700002)(4326008)(31686004)(66556008)(66476007)(66899018)(8936002)(66946007)(316002)(83380400001)(43740500002)(45980500001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?Mk5KNXRaOG43MkNRYW04UlAwb1NheUQwUW5XZTlKN1BodTR2T2cxTFlYQ2Zn?= =?utf-8?B?TUtZRWlsOStvTnE4MmxLdWVPeGR2WE5vbnIvNDg3WTdtWSt6MDF5WUhaOWxP?= =?utf-8?B?QW1OYjZvRFZ6SnlNWk1acHh4QmM4djFUeEo1dEZHSHNsdkJLUFY0SExFR2ZU?= =?utf-8?B?TEpkZlVSeWl1UzhlMnNiTkVuUDdZSEZVQTZabms2WjU2a05Hczdnd3hZZVdZ?= =?utf-8?B?WXVBaUREQlBsY1llYXZDeW9rQlFhM0dhV2dUdjJ0eUsxM2RLUCt1SmZlZkZm?= =?utf-8?B?QWJzWDMrRm5OWDBJWitleWpNSWhqZ29HZG5xV1VVdkhjS3owSzlNRU50TFR2?= =?utf-8?B?Q01IR0hUTU9RU1ZOSVlhRkxNbDRRNDVGYzZmY1lnY2t1Z0FsMys5ZTllL2Rp?= =?utf-8?B?WjJCbUd2bVN4dWVOZnRqbGlvVEVOajRVYnl6aUFVMENNamI3SVQyY1JsYjM3?= =?utf-8?B?ZVljT2FWbjZOTWpRZTkxeElzMjBVKzF2VEcrSlpaYS9YUVlZbk5ka3F0aDVo?= =?utf-8?B?dUtSVjBTVTZMeWpLb0M2T0t5eGFjN2oxSVpqTytOc2FUS1FFU0V5emJZT09y?= =?utf-8?B?Q05NT0lQcThzL0l5S2FJUHNJc2hEbFlGdjR1K3MycGwzSG5TNzl1SUw2Q1hC?= =?utf-8?B?UU1qd1RRcEhObHl1azhIMkxKTWNZNXIzRlE1OWxQaGg1ektBNlp0ank4Rm8x?= =?utf-8?B?TFFhdkZFNmtqcWFMTFNuRG5zaWJNc2JkN2U4NlhHdG1jWXcxL2ZRMzZad0lX?= =?utf-8?B?RnprQkpKQzhEZW5HeHRsSi82K0g2TWNrYTRNNTlQeXVTTU03bGxiUWJ1WjA1?= =?utf-8?B?cm5SUUR6TDBDWHdKUDlHcVJMM0V3Z05YcUszcGphYVN2ZnBJeUJkbVBXUzBG?= =?utf-8?B?UmptTHIwbXo5cmV0ckE5SUJCdXNsQk5ORGpPVGJyWHl1K1lBODNLRGdJR1FW?= =?utf-8?B?NUdUcm9QTTJLU1o3NjdFMTN4UDByUWp4SjVsYWo4WkEzN0JaMysyTjY3M080?= =?utf-8?B?MXVIZEZJUlBadk44SGYxM1VYbXNQRW9JNVRIWEFadWQvT0REdXdsckI1UDFx?= =?utf-8?B?VXhCeElYeFlOZ1pJSHBDVkpEK01rV3B6Ymx2UjdtM09QSjRhR011WEp5blV2?= =?utf-8?B?TVB6VFlCM2ZKUGVNZmNRcFFKY3B3bklFeFIwYnZSR2tFMGxRMVpxV2VBRFFh?= =?utf-8?B?OXdiMitvNWtzVjV5L1RzKytrMGs3ZVBNUmgwd3VlSEQ3bXpvTklkcWZiV250?= =?utf-8?B?b2tMQnBRTE1tQ0Zja3l0TkxyVWVlV3gyZ3hrTVllSmpGOG5KcDAxZlNCOGwy?= =?utf-8?B?RVpXVXZBOXZBWWZad295TTdjS1docnNob0ZydmdpdE5mZ0JYTERrVXRXSVVu?= =?utf-8?B?d3JHWjM0Vk1JeTF0ckcycFBGRDRkU3JYdkcyWFNPSWlRaUVMZ0JnMUJ0VkZm?= =?utf-8?B?eW1wOThwSHQ0aGN4b2FlZHl2ZnowVmEvNkRJRk43UVB2enhuNkVSWUN1M3c5?= =?utf-8?B?RjFuWjdSeDdpU214TmM5aXdjOG56VS93MmZiejdCOGRRUzB3bGNvS1ViNmcz?= =?utf-8?B?Y2tGTlRPRWJ4RGJmWHlkVmVVQ0h3UlBWa20vSC80WHBSQjFxS2J5QnNaYmRL?= =?utf-8?B?dHRWWmxlS3lYbFlxRE8xY2NBdXJuU29ORzMrN2pJazlhdGJhTUhrcmk2ZUxL?= =?utf-8?B?cHg1K2szM1B1YkVpODlXWXRTOU5GYUZjYWdzTHlPWCtvbjM5K1gzWFh5dVFo?= =?utf-8?B?ZmVTRWNhN0VJMURsem51cFJYd0ZQeFhvWHFnblN3UFBJOHRDQWZrMW9iKzA2?= =?utf-8?B?K0xFRFErMHQ4WTBUNmNsSHR2Q1h1cFFFU2l1NmsxOGJSYVV2MDlCNEhUZTlT?= =?utf-8?B?cnVRUFc1Qm9zTjROVHVkT3Y0MzJ3R0pPaWF4bEU3U21MMHoxSlFGdExCdzJK?= =?utf-8?B?RlE2d3Rzam44TEJ0VTVsQkdmc3htMzZLVkUrRmZ1VmwyNkpiTlpycmI0WTNM?= =?utf-8?B?elppQllTUmdJaFk5QkU4dkd0WGRRVjRIbUlPb29uNDhHUmRsYkdOb2RKN0tL?= =?utf-8?B?TURGNkVTN0NoOHFRTXNTTGhOZDJ3OTJHOXdZeldBWmk3VC95dm5Ma2RVQnRu?= =?utf-8?Q?eRNBPvTI9JXn0L4IdR+bQMNkH?= X-OriginatorOrg: ri.se X-MS-Exchange-CrossTenant-Network-Message-Id: 7d748b59-129c-4fdf-c1b9-08db2490afbf X-MS-Exchange-CrossTenant-AuthSource: GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Mar 2023 13:33:25.1776 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FqsagNE/CeRwZnCINVnL8wlCJg5Vi/fA8fLE32wMc6hNEgWndNIwkn6baop9mfK2Ph0kYj1ISm0t9EOD5Iy3fQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVZP280MB0170 Archived-At: Subject: Re: [core] =?utf-8?q?=F0=9F=94=94_Working_Group_Last_Call_=28WGLC=29?= =?utf-8?q?_of_draft-ietf-core-oscore-edhoc-06?= X-BeenThere: core@ietf.org X-Mailman-Version: 2.1.39 Precedence: list List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Mar 2023 13:33:35 -0000 --------------TRU9ySj7nV7hXIY2292ux1gU Content-Type: multipart/mixed; boundary="------------TFANBRslyB2Ig5ldbkc50yU6"; protected-headers="v1" From: Marco Tiloca To: =?UTF-8?Q?Christian_Ams=c3=bcss?= , core@ietf.org Cc: lake@ietf.org Message-ID: <1d38ecf9-4a70-046d-fa47-05b75ebb2feb@ri.se> Subject: =?UTF-8?B?UmU6IFtjb3JlXSDwn5SUIFdvcmtpbmcgR3JvdXAgTGFzdCBDYWxsIChX?= =?UTF-8?Q?GLC=29_of_draft-ietf-core-oscore-edhoc-06?= References: In-Reply-To: --------------TFANBRslyB2Ig5ldbkc50yU6 Content-Type: multipart/mixed; boundary="------------6LJt1LbafU5DB0twV0DJnRWO" --------------6LJt1LbafU5DB0twV0DJnRWO Content-Type: multipart/alternative; boundary="------------H6TjRs0S6xJY0lScrev5eQXc" --------------H6TjRs0S6xJY0lScrev5eQXc Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 SGkgQ2hyaXN0aWFuLA0KDQpUaGFua3MgYSBsb3QgZm9yIHlvdXIgcmV2aWV3ISBXZSBoYXZl IGFkZHJlc3NlZCB5b3VyIGNvbW1lbnRzIGluIHRoZSBuZXcgDQp2ZXJzaW9uIC0wNy4NCg0K UGxlYXNlIGZpbmQgZGV0YWlsZWQgYW5zd2VycyBpbiBsaW5lLg0KDQpCZXN0LA0KL01hcmNv DQoNCk9uIDIwMjMtMDItMTUgMjM6MjUsIENocmlzdGlhbiBBbXPDvHNzIHdyb3RlOg0KPiBI ZWxsbywNCj4NCj4gSSBoYXZlIGEgZmV3IGNvbW1lbnRzIGFuZCBxdWVzdGlvbnMgb24gdGhl IGRvY3VtZW50LiBUaGV5J3IgaW4gbGluZWFyDQo+IHNlcXVlbmNlOyBJIGhvcGUgdG8gbm90 IHJlaXRlcmF0ZSB0b28gbXVjaCBvbiBwb2ludHMgdGhhdCBoYXZlIGJlZW4NCj4gZGlzY3Vz c2VkIGV4aGF1c3RpdmVseSAoYXMgSSdtIG5vdCB1cCB0byBkYXRlIG9uIGFsbCB0aHJlYWRz IHBlcnRhaW5pbmcNCj4gdG8gdGhlIGRvY3VtZW50KS4NCj4NCj4gTm9uZSBhcmUgcGFydGlj dWxhcmx5IGNyaXRpY2FsIChBSVUgaXQncyB0aGUgY2hhaXJzJyBjYWxsIHdoZXRoZXINCj4g c29tZXRoaW5nIGJsb2NrcyBhIFdHTEMgYW55d2F5LCBJIHRoaW5rIG1vc3Qgb3V0Y29tZXMg Y2FuIGJlIGFkZHJlc3NlZA0KPiBwb3N0LVdHTEMpLCBhbHRob3VnaCBJJ2QgbGlrZSB0byBz ZWUgYXQgbGVhc3QgdGhlIFNlY3Rpb24gNiBleGFtcGxlDQo+IGFkZHJlc3NlZC4NCj4NCj4N Cj4gKiBTZWN0aW9uIDIgbWlnaHQgcHJvZml0IGZyb20gYW4gaW50cm9kdWN0b3J5IGxpbmUg YWxvbmcgdGhlIGxpbmVzIG9mDQo+DQo+ICAgIHwgVGhpcyBzZWN0aW9uIChpcyBub3Qgbm9y bWF0aXZlIGFuZD8pIHN1bW1hcml6ZXMgd2hhdCBpcyBzcGVjaWZpZWQgaW4NCj4gICAgfCBb SS1ELmlldGYtbGFrZS1lZGhvY10sIGluIHBhcnRpY3VsYXIgaXRzIEFwcGVuZGl4IEEuMiwg YW5kIHRodXMNCj4gICAgfCBwcm92aWRlcyBhIGJhc2UtbGluZSBmb3IgdGhlIGVuaGFuY2Vt ZW50cyBpbiB0aGUgc3Vic2VxdWVudA0KPiAgICB8IHNlY3Rpb25zLg0KDQo9PT5NVA0KQWRk ZWQgd2l0aCBtaW5vciBlZGl0aW5nLCBpLmUuOg0KDQogwqDCoMKgICJUaGlzIHNlY3Rpb24g aXMgbm90IG5vcm1hdGl2ZSBhbmQgc3VtbWFyaXplcyB3aGF0IGlzIHNwZWNpZmllZCBpbiAN CltJLUQuaWV0Zi1sYWtlLWVkaG9jXSwgaW4gcGFydGljdWxhciBpdHMgQXBwZW5kaXggQS4y LiBUaHVzLCBpdCBwcm92aWRlcyANCmEgYmFzZWxpbmUgZm9yIHRoZSBlbmhhbmNlbWVudHMg aW4gdGhlIHN1YnNlcXVlbnQgc2VjdGlvbnMuIg0KPD09DQoNCj4NCj4gKiBGaWd1cmUgNCAo ZnVsbCBjb0FQIG1lc3NhZ2UpOg0KPg0KPiAgICAqIFRoZXJlIG1pZ2h0IGFsc28gYmUgQ29B UCBvcHRpb25zIGJlZm9yZSB0aGUgRURIT0Mgb3B0aW9uLCBpbg0KPiAgICAgIHBhcnRpY3Vs YXIgT2JzZXJ2ZS4NCg0KPT0+TVQNClJpZ2h0OyB3ZSd2ZSByZWRyYXduIHRoZSBmaWd1cmUg dG8gYWxzbyBzaG93IHRoZSBwcmVzZW5jZSBvZiBhbiBvdXRlciANCk9ic2VydmUgb3B0aW9u Lg0KDQpUaGUgdGV4dCBpbnRyb2R1Y2luZyB0aGUgZmlndXJlIGFzIHdlbGwgYXMgaXRzIGNh cHRpb24gaGFzIGFsc28gYmVlbiANCmVkaXRlZCBpbiBvcmRlciB0byBzdHJlc3MgdGhhdCB0 aGlzIGlzIGp1c3QgYW4gZXhhbXBsZS4NCjw9PQ0KDQo+DQo+ICAgICogQ291bGQgeW91IGFk ZCBzb21ldGhpbmcgYWJvdXQgImV4YW1wbGUiIGluIGhlcmU/IFN1Y2ggYSBtZXNzYWdlDQo+ ICAgICAgY291bGQgYmUgc2VudCBvdmVyIGFueSB0cmFuc3BvcnQsIHN1Y2ggYXMgQ29BUC1v dmVyLVRDUCwgYW5kIHRoZW4NCj4gICAgICBzb21lIG9mIHRoYXQgZmlndXJlIGRvZXNuJ3Qg YXBwbHkuDQoNCj09Pk1UDQpXZSBoYXZlIGV4cGFuZGVkIHRoZSBpbnRyb2R1Y3RvcnkgdGV4 dCBhbmQgdGhlIGNhcHRpb24gb2YgYm90aCBGaWd1cmVzIDQgDQphbmQgNSAoc2VlIFNlY3Rp b25zIDMuMSBhbmQgMy40KSB0byBzdHJlc3MgdGhhdCB0aGlzIGlzIGp1c3QgYW4gZXhhbXBs ZSANCmNvbnNpZGVyaW5nIHNwZWNpZmljYWxseSBDb0FQIG92ZXIgVURQLg0KPD09DQoNCj4N Cj4gKiAzLjIgQ2xpZW50IHByb2Nlc3Npbmc6IFRoaXMgc3BlYWtzIG9mIGFuICJvcmlnaW5h bCBDb0FQIG1lc3NhZ2UiLiBJDQo+ICAgIGtub3cgZnJvbSBjb250ZXh0IHdoYXQgaXMgbWVh bnQsIGJ1dCB0aGUgdGVybSBjb3VsZCBiZSBtb3JlDQo+ICAgIGRlc2NyaXB0aXZlLiBNYXli ZSAiRW5jcnlwdCB0aGUgZmlyc3QgYXBwbGljYXRpb24gQ29BUCByZXF1ZXN0IGFzIGFuDQo+ ICAgIG9yaWdpbmFsIG1lc3NhZ2UgcGVyIFNlY3Rpb24gOC4xIj8NCj4NCj4gICAgKFRoZSB0 ZXJtIHJlYXBwZWFycyBpbiAzLjIuMSBTdXBwb3J0aW5nIEJsb2NrLXdpc2UpLg0KDQo9PT5N VA0KUmVwaHJhc2VkIGFzIHlvdSBzdWdnZXN0IGluIFNlY3Rpb24gMy4yLjAgYW5kIDMuMi4x Lg0KPD09DQoNCj4NCj4gKiAzLjIgc3RlcCAzOiAiVGhlIGZpcnN0IENCT1IgYnl0ZSBzdHJp bmcgaXMgdGhlIEVESE9DIG1lc3NhZ2VfMw0KPiAgICByZXN1bHRpbmcgZnJvbSBzdGVwIDEu IiBjb3VsZCB0ZW1wdCBhbiBpbXBsZW1lbnRlciB0byBlbmNvZGUgdGhlDQo+ICAgIG1lc3Nh Z2VfMyBpbnRvIGEgYnN0cjsgSSB0YWtlIGl0IHRoYXQgdGhlIGludGVudGlvbiBpcyB0byBz ZW5kDQo+ICAgIENJUEhFUlRFWFRfMyBpbiBvbmx5IG9uZSBsYXllciBvZiBieXRlIHN0cmlu Z3MuDQo+DQo+ICAgIEkgdGhlcmVmb3JlIHN1Z2dlc3QgdGhlIHdvcmRpbmc6DQo+DQo+ICAg IHwgWy4uLl0gY29tcG9zZWQgb2YgdHdvIENCT1IgaXRlbXMgaW4gdGhlIGZvbGxvd2luZyBv cmRlci4NCj4gICAgfA0KPiAgICB8IFRoZSBmaXJzdCBDQk9SIGl0ZW0gaXMgdGhlIHNpbmds ZSBpdGVtIG9mIEVESE9DX21lc3NhZ2VfMyAod2hpY2ggaXMNCj4gICAgfCBDSVBIRVJURVhU XzMsIGEgYnl0ZSBzdHJpbmcpLg0KDQo9PT5NVA0KV2UgaGF2ZSByZXZpc2VkIHRoZSB0ZXh0 IGluIFNlY3Rpb25zIDMuMiBhbmQgMy4zIHRvIHByb3Blcmx5IHVzZSAiQ0JPUiANCmRhdGEg aXRlbSIgYW5kICJDQk9SIGJ5dGUgc3RyaW5nIiB3aGVyZSBhcHByb3ByaWF0ZS4NCjw9PQ0K DQo+DQo+ICogMy4yIHN0ZXAgMzogSSBtaXNzZWQgdGhhdCBhdCBzb21lIHBvaW50IGluIHRo ZSBldm9sdXRpb24gb2YgdGhpcw0KPiAgICBwcm90b2NvbCwgcHJlZml4aW5nIHRoZSAobm9u LUNCT1IpIE9TQ09SRSBtZXNzYWdlIHdpdGggYSBDQk9SIHN0cmVhbS4NCj4NCj4gICAgVGhp cyBzZWVtcyB1bm5lY2Vzc2FyeSB0byBtZSwgZ2l2ZW4gdGhhdCB0aGUgcHJldmlvc3UgRURI T0NfbWVzc2FnZV8zDQo+ICAgIGlzIHdlbGwgZGVsaW1pdGVkLCBhbmQgdGhlIE9TQ09SRSBt ZXNzYWdlIGNhbiB3ZWxsIGJlIHRoZSBieXRlcyB0byB0aGUNCj4gICAgZW5kIChhIGNvbmNl cHQgZm9yIHdoaWNoIGhhcyBiZWVuIHRha2VuIHVwIGluIFJGQzkyNzcgZm9yIENCT1ItbGFi ZWxlZA0KPiAgICBub24tQ0JPUiBkYXRhKSwgYW5kIHdpbGwgdHlwaWNhbGx5IHdhc3RlIDIt MyBieXRlcyAocmFyZWx5IDEgLS0gZm9yDQo+ICAgIHRoYXQsIHRoZSBmdWxsIE9TQ09SRSBt ZXNzYWdlIG5lZWRzIHRvIGZpdCBpbiAyNCBieXRlcykuDQo+DQo+ICAgIFdhcyB0aGVyZSBh IHBhcnRpY3VsYXIgcmVhc29uIGZvciB0aGlzIGNoYW5nZT8NCg0KPT0+TVQNClRoYXQgd2Fz IGFjdHVhbGx5IHRoZSBvcmlnaW5hbCBkZXNpZ24gY2hvaWNlIGZyb20gdGhlIHN0YXJ0IDot KQ0KDQpXZSBoYXZlIG5vdyBjaGFuZ2VkIHRoZSBwYXlsb2FkIGZvcm1hdCBhcyB5b3Ugc3Vn Z2VzdC4gVGhpcyByZXN1bHRlZCBpbiANCnVwZGF0aW5nOg0KDQotIFN0ZXBzIDIgYW5kIDMg aW4gU2VjdGlvbiAzLjIgIkNsaWVudCBQcm9jZXNzaW5nIg0KLSBTdGVwcyAxLCAyIGFuZCA2 IGluIFNlY3Rpb24gMy4zICJTZXJ2ZXIgUHJvY2Vzc2luZyINCi0gVGhlIGV4YW1wbGUgc2hv d24gaW4gRmlndXJlIDUgb2YgU2VjdGlvbiAzLjQuDQoNCjw9PQ0KDQo+DQo+ICogMy4yLjEg aXRlbSBBIGlzIHF1aXRlIGEgbW91dGgtZnVsIHRvIHNheSB0aGF0ICJPbiBJbm5lciBCbG9j ay13aXNlLA0KPiAgICAzLjIgb25seSBhcHBsaWVzIHRvIHRoZSBmaXJzdCBibG9jayIsIGJ1 dCBJIHNlZSB0aGF0IGdpdmVuIGhvdyB0aGUNCj4gICAgcmVzdCBpcyBwaHJhc2VkLCBpdCBp cyB1bmF2b2lkYWJsZS4NCj4NCj4gICAgTWF5YmUgdXNpbmcgdGhlIHRlcm0gImZpcnN0IGFw cGxpY2F0aW9uIENvQVAgcmVxdWVzdCIgc3VnZ2VzdGVkIGFib3ZlDQo+ICAgIG9wZW5zIGFu IGF2ZW51ZSBmb3IgbWFraW5nIHRoaXMgZWFzaWVyIHRvIGNvbXByZWhlbmQuDQoNCj09Pk1U DQpZZXMsIHdlIGhhdmUgcmVwaHJhc2VkIGFzIHlvdSBzdWdnZXN0Lg0KPD09DQoNCj4gICAN Cj4gKiAiSWYgdGhlIGRlY3J5cHRlZCByZXF1ZXN0IGluY2x1ZGVzIGFuIEVESE9DIG9wdGlv biBidXQgaXQgZG9lcyBub3QNCj4gICAgaW5jbHVkZSBhbiBPU0NPUkUgb3B0aW9uLCB0aGUg c2VydmVyIE1VU1Qgc3RvcCBwcm9jZXNzaW5nIHRoZSByZXF1ZXN0DQo+ICAgIGFuZCBNVVNU IHJlcGx5IHdpdGggYSA0LjAwIChCYWQgUmVxdWVzdCkgZXJyb3IgcmVzcG9uc2UuIg0KPg0K PiAgICBNeSB1bmRlcnN0YW5kaW5nIG9mIHRoaXMgc2VudGVuY2UgaXMgdGhhdCBFREhPQydz IGNyaXRpY2FsaXR5IGFwcGxpZXMNCj4gICAgYWZ0ZXIgZGVjcnlwdGlvbiBhZ2FpbiwgYW5k IGEgc2VydmVyIG11c3Qgbm90IHNpbGVudGx5IGlnbm9yZSBhbiBpbm5lcg0KPiAgICBFREhP QyBvcHRpb24gd2l0aG91dCBhIG1hdGNoaW5nIE9TQ09SRSBvcHRpb24uDQo+DQo+ICAgIFdo aWxlIHRoaXMgaXMgaW4gdGhlIHJpZ2h0IHNjb3BlIGZvciBhIG1lc3NhZ2UgaXQgcHJvY2Vz c2VzIGFzIGFuDQo+ICAgIGVuZC10by1lbmQgbWVzc2FnZSwgaXQgaXMgb3V0IG9mIHNjb3Bl IGlmIHdlJ3JlIGluIGEgb3Njb3JlLXByb3hpZXMNCj4gICAgc2l0dWF0aW9uICh3aGljaCBv ZiBjb3Vyc2Ugd2UgZG9uJ3QgaGF2ZSBub3JtYXRpdmVseSB5ZXQsIGJ1dCBJIGRvbid0DQo+ ICAgIHdhbnQgdGhpcyB0byBiaXRlIHVzIGxhdGVyIC0tIGl0IGNvdWxkIGJpdGUgaWYsIGZv ciBleGFtcGxlLCB0aGUgaW5uZXINCj4gICAgT1NDT1JFIGNvbm5lY3Rpb24gd2l0aCB0aGUg b3JpZ2luIHNlcnZlciB1c2VkIHNvbWUgT1NDT1JFLXZlcnNpb24tMg0KPiAgICB3aXRoIGEg ZGVkaWNhdGVkIG9wdGlvbiB0aGF0IG91ciBwcm94eSBkb2Vzbid0IG5lZWQgdG8ga25vdyku DQo+DQo+ICAgIEkgc3VnZ2VzdCB0aGUgZm9sbG93aW5nIHdvcmRpbmcgaW5zdGVhZDoNCj4N Cj4gICAgfCBXaGVuIHRoZSBkZWNyeXB0ZWQgcmVxdWVzdCBpcyBjaGVja2VkIGZvciBhbnkg Y3JpdGljYWwgb3B0aW9ucyAoYXMNCj4gICAgfCBpdCBpcyBkdXJpbmcgcmVndWxhciBDb0FQ IHByb2Nlc3NpbmcpLCB0aGUgcHJlc2VuY2Ugb2YgYW4gRURIT0MNCj4gICAgfCBvcHRpb24g TVVTVCBiZSByZWdhcmRlZCBhcyBhbiB1bnByb2Nlc3NlZCBjcml0aWNhbCBvcHRpb24sIHVu bGVzcyBpdA0KPiAgICB8IGlzIHByb2Nlc3NlZCBieSBzb21lIGZ1cnRoZXIgbWVjaGFuaXNt Lg0KPg0KPiAgICAoVGhlIGN1cnJlbnQgcGhyYXNpbmcgaW1wbGllcyB0aGF0IGFuIGlubmVy IE9TQ09SRSBvcHRpb24gY291bGQgYmUNCj4gICAgcHJvY2Vzc2VkLCB3aGljaCBpcyBjdXJy ZW50bHkgc3RpbGwgZm9yYmlkZGVuOyB0aGlzIHdvcmRpbmcgYXZvaWRzDQo+ICAgIHRoYXQg d2hpbGUgbGVhdmluZyB0aGUgZG9vciBvcGVuKS4NCg0KPT0+TVQNCkdyZWF0IHBvaW50ISBX ZSBoYXZlIGFkZGVkIHlvdXIgc3VnZ2VzdGVkIHRleHQgYXMgaXMuDQo8PT0NCg0KPg0KPiAq ICJUaGUgRURIT0Mgb3B0aW9uIGlzIHJlZ2lzdGVyZWQgd2l0aCBDb0FQIG9wdGlvbiBudW1i ZXIgMjEuIjogVGhpcw0KPiAgICBsaW5lIGNvdWxkIHRha2UgYSBub3RlIHRoYXQgdGhlIFJG QyBlZGl0b3Igc2hvdWxkIHJlbW92ZSB0aGlzIGxpbmUgKGFzDQo+ICAgIGF0IHRpbWUgb2Yg cHVibGljYXRpb24sIHRoaXMgd2lsbCBiZSBhIHJlZ2lzdGVyZWQgZmFjdCBhbmQgbm90IGFu DQo+ICAgIGFzc3VtcHRpb24pLg0KDQo9PT5NVA0KV2UgaGF2ZSBhZGRlZCBhIG5vdGUgdG8g dGhlIFJGQyBFZGl0b3IgaW4gU2VjdGlvbiAzLjQuDQo8PT0NCg0KPg0KPiAqIDQuMS4gQWRk aXRpb25hbCBQcm9jZXNzaW5nIG9mIEVESE9DIE1lc3NhZ2VzOiBTbyBmYXIsIHRoaXMgZG9j dW1lbnQNCj4gICAgb2ZmZXJzIGFuIGFkZGl0aW9uYWwgbWVjaGFuaXNtOyBub3cgc3VkZGVu bHkgd2UgZ2V0IHVuaXZlcnNhbA0KPiAgICBub3JtYXRpdmUgcmVxdWlyZW1lbnRzLiBXaGVu IGRvIHRoZXNlIGFwcGx5PyBNeSBhc3N1bXB0aW9uIGlzIHRoYXQNCj4NCj4gICAgfCBXaGVu IHVzaW5nIEVESE9DIHRvIGVzdGFibGlzaCBhbiBPU0NPUkUgY29udGV4dCwgY2xpZW50IGFu ZCBzZXJ2ZXINCj4gICAgfCBNVVNUIHBlcmZvcm0gYWRkaXRpb25hbCBzdGVwcyBkdXJpbmcg RURIT0MsIGV4dGVuZGluZyBTZWN0aW9uIDUgb2YNCj4gICAgfCBFREhPQzoNCj4NCj4gICAg KFRoZXkgZmVlbCBtdWNoIG1vcmUgbGlrZSBhICJuZWVkcyB0byIgdG8gbWUsIGJlY2F1c2Ug dGhleSBhbGwgc3RlbQ0KPiAgICBmcm9tIHJlcXVpcmVtZW50cyBpbiB0aGUgY2l0ZWQgZG9j dW1lbnRzLCBidXQgdGhpcyBzb3VuZHMgbGlrZSBhDQo+ICAgICJNVVNUIiB0aGF0IHNvbWVv bmUgaW5zaXN0ZWQgb24gYXQgc29tZSBwb2ludCwgd2hpY2ggSSB3b24ndCBmaWdodCkuDQoN Cj09Pk1UDQpSZXBocmFzZWQgYXMgeW91IHN1Z2dlc3QsIHdpdGggbWlub3IgZWRpdGluZywg aS5lLjoNCg0KIMKgwqDCoCAiV2hlbiB1c2luZyBFREhPQyB0byBlc3RhYmxpc2ggYW4gT1ND T1JFIFNlY3VyaXR5IENvbnRleHQsIHRoZSANCmNsaWVudCBhbmQgc2VydmVyIE1VU1QgcGVy Zm9ybSB0aGUgZm9sbG93aW5nIGFkZGl0aW9uYWwgc3RlcHMgZHVyaW5nIGFuIA0KRURIT0Mg ZXhlY3V0aW9uLCB0aHVzIGV4dGVuZGluZyBTZWN0aW9uIDUgb2YgW0ktRC5pZXRmLWxha2Ut ZWRob2NdLiINCjw9PQ0KDQo+DQo+ICogNC4xLjE6IFRoaXMgcmVhZHMgbmVlZGxlc3NseSBp bXBlcmF0aXZlIHRvIG1lIC0tIHdoYXQgZG9lcyB0aGUgbG9vcGluZw0KPiAgICBwcm9jZXNz IGdpdmUgdGhhdCBhIHNpbXBsZQ0KPg0KPiAgICB8IFRoZSBpbml0aWF0b3IgTVVTVCBjaG9v c2UgYSBDX0kgdGhhdCBpcyBuZWl0aGVyIHVzZWQgaW4gYW55IGN1cnJlbnQNCj4gICAgfCBF REhPQyBleGNoYW5nZSBhcyB0aGlzIHBhcnR5J3MgaWRlbnRpZmllciwgbm9yIHRoZSBSZWNp cGllbnQgSUQgaW4NCj4gICAgfCBhIGN1cnJlbnQgT1NDT1JFIGNvbnRleHQgd2hvc2UgSUQg Q29udGV4dCBpcyB6ZXJvLWxlbmd0aC4gVGhlIGNob3Nlbg0KPiAgICB8IENfSSBTSE9VTEQg bm90IGJlIHRoZSBSZWNpcGllbnQgSUQgb2YgYW55IGN1cnJlbnQgT1NDT1JFIGNvbnRleHQu DQo+DQo+ICAgIGRvZXMgbm90IGdpdmU/DQo+DQo+ICAgIFNhbWUgZ29lcyBmb3Igc2VjdGlv biA0LjEuMiwgd2hlcmUgdGhlICJuZWl0aGVyIiBncm91cCBnYWlucyB0aGUgQ19JDQo+ICAg IGFzIGFuIGV4dHJhIGNsYXVzZS4NCj4NCj4gICAgKFRoZSBjb25jZXB0IG9mIGF0b21pY2l0 eSBpcyBub3QgcmVhbGx5IG5lZWRlZCB3aGVuIHBocmFzaW5nIGl0IGFzIGENCj4gICAgY2xv c2VkIGV4cHJlc3Npb24gcmF0aGVyIHRoYW4gYW4gaW1wZXJhdGl2ZSBwcm9ncmFtKS4NCj4N Cj4gICAgQnkgdGhlIHdheSwgdGhlcmUgaXMgYSBzdWJ0bGUgZXJyb3IgdGhhdCB0aGUgYWJv dmUgdGV4dCB3b3VsZCBmaXgNCj4gICAgY29tcGFyZWQgdG8gdGhlIGN1cnJlbnQgdGV4dDog IklmIElEKiBpcyBhbHJlYWR5IHVzZWQgYXMgRURIT0MNCj4gICAgQ29ubmVjdGlvbiBJZGVu dGlmaWVyIENfSSwiIGlzIG9ubHkgbG9va2luZyBhdCBvdXIgQ19JLCBidXQgaXQnZCBuZWVk DQo+ICAgIHRvIGFsc28gbG9vayBhdCBvdXIgQ19SIGZvciB0aGUgaG9zdCBjYW4gY29uY3Vy cmVudGx5IGJlIGluIGFuIEVESE9DDQo+ICAgIGV4Y2hhbmdlIHdoZXJlIHJvbGVzIGFyZSBy ZXZlcnNlZC4NCg0KPT0+TVQNClRoYW5rcyEgV2UgaGF2ZSBncmVhdGx5IHNpbXBsaWZpZWQg U2VjdGlvbnMgNC4xLjEgYW5kIDQuMS4yIGJ1aWxkaW5nIG9uIA0KeW91ciBzdWdnZXN0aW9u Lg0KPD09DQoNCj4NCj4gKiBTZWN0aW9uIDY6IEkgd291bGQgbm90IGV4cGVjdCB0byBoYXZl IG11Y2ggbmVlZCBvZiB0aGF0IGNvbnRlbnQsIGJ1dA0KPiAgICB0cnVzdCB0aGF0IHRob3Vn aHQgd2VudCBpbnRvIHBvdGVudGlhbCB1c2UgY2FzZXMuDQo+DQo+ICAgIEEgcHJvcGVydHkg dGhhdCBJJ2QgYmUgbWlzc2luZyBpZiBJIHdhbnRlZCB0byBwbGFuIGEgY29tcGxldGUgRURI T0MNCj4gICAgZXhjaGFuZ2UgYWhlYWQgaXMgd2hldGhlciBvciBub3QgdGhlIGZvcndhcmQg b3IgdGhlIHJldmVyc2UgbWVzc2FnZQ0KPiAgICBmbG93IGlzIHN1cHBvcnRlZC4NCg0KPT0+ TVQNCkFzIGNvbmNsdWRlZCBhdCB0aGUgMjAyMy0wMy0wMSBDb1JFIGludGVyaW0gbWVldGlu ZywgaW4gU2VjdGlvbiA2IHdlIA0KaGF2ZSBkZWZpbmVkIHRoZSB0d28gdGFyZ2V0IGF0dHJp YnV0ZXMgZWQtaSBhbmQgZWQtciwgd2hpY2ggaW5kaWNhdGUgYXQgDQpvbmNlIGJvdGggdGhl IHN1cHBvcnRlZCByb2xlIGFuZCB0aGUgc3VwcG9ydGVkIG1lc3NhZ2UgZmxvdy4NCjw9PQ0K DQo+DQo+ICAgIChJZiBJIHVzZWQgdGhpbmdzIHRoYXQgd2F5IEknZCBhbHNvIHdhbnQgdG8g a25vdywgZm9yIHRoZSBjcmVkLXQ9Y3d0DQo+ICAgIGNhc2UsIHdoaWNoIEFTJ3MgdG9rZW5z IHRoZSBzZXJ2ZXIgd291bGQgYWNjZXB0LCBidXQgdGhhdCdzIHByb2JhYmx5DQo+ICAgIGZv ciB0aGUgQUNFIEVESE9DIHByb2ZpbGUpLg0KPg0KPiAgICBFREhPQyB0cmVhdHMgYXBwbGlj YXRpb24gcHJvZmlsZXMgbGlrZSBzb21ldGhpbmcgdGhhdCBpcyBkZWZpbmVkIGJ5IGFuDQo+ ICAgIGFwcGxpY2F0aW9uIChiZSBpdCBhcyBpbiBzb21lLXBpZWNlLW9mLXNvZnR3YXJlIG9y IGFzIGluDQo+ICAgIHNvbWUtU0RPLXByb3RvY29sKSwgd2hlcmUgdGhlIHNldCBvZiBhY2Nl cHRhYmxlIG1ldGhvZHMgZXRjLiBmb2xsb3dzDQo+ICAgIGZyb20gd2hhdCB0aGF0IGFwcGxp Y2F0aW9uIHNheXMuIFdvdWxkbid0IGl0IG1ha2UgbW9yZSBzZW5zZSB0byBndWlkZQ0KPiAg ICB0aG9zZSB3aG8gZGVmaW5lIGFwcGxpY2F0aW9uIHByb3RvY29scyB0byBob3cgdG8gbWFr ZSB0aGUNCj4gICAgYXBwbGljYXRpb24tcHJvdG9jb2wtYXMtYS13aG9sZSBkaXNjb3ZlcmFi bGUgKG1heWJlIGJ5IGRlY2xhcmluZw0KPiAgICBydD0iY29yZS5lZGhvYyBteS1zZG8uZWRo b2Nwcm9maWxlIiwgb3IgdXNpbmcgYSBkZWRpY2F0ZWQgYXR0cmlidXRlKQ0KPiAgICByYXRo ZXIgdGhhbiBkZXRhaWxpbmcgb3V0IGV2ZXJ5IHNpbmdsZSBwcm9wZXJ0eSB0aGF0IHByb2Zp bGUgaGFzPw0KPg0KPiAgICBJIHdvdWxkbid0IGV4cGVjdCBhIGRldmljZSB0byBqdXN0IGdv IGFyb3VuZCB3aWxseS1uaWxseSBhdHRlbXB0aW5nIHRvDQo+ICAgIHVzZSBhbnkgcHJvZmls ZSB3aGVyZSB0aGUgc2hvZSBmaXRzLiBJJ2QgZXhwZWN0IGl0IHRvIGtub3cgd2hhdCBpdA0K PiAgICB3YW50cyB0byBkbyAod2hpY2ggcHJvZmlsZSBpdCB3YW50cyB0byB1c2UpLCBhbmQg dGhlbiBzZWFyY2ggcHJlY2lzZWx5DQo+ICAgIGZvciBhIHJlc291cmNlIHRoYXQnbGwgZG8g dGhhdCBwcm9maWxlIChhbmQgZXhwZWN0IHRoZSBwZWVyIHRvIGhlZWQNCj4gICAgd2hhdCdz IHNwZWNpZmllZCBpbiB0aGVyZSkuDQoNCj09Pk1UDQpBcyBjb25jbHVkZWQgYXQgdGhlIDIw MjMtMDMtMDEgQ29SRSBpbnRlcmltIG1lZXRpbmcsIGl0IHdvdWxkIGJlIGJldHRlciANCmlm IGl0IGlzIGRyYWZ0LWlldGYtbGFrZS1lZGhvYyAob3IgYW55IGZvbGxvdy11cCB3b3JrKSBw b3NzaWJseSBkZWZpbmluZyANCmEgbmV3IElBTkEgcmVnaXN0cnkgZm9yIEVESE9DIGFwcGxp Y2F0aW9uIHByb2ZpbGVzIGFuZCB0aGVpciBpZGVudGlmaWVycy4NCg0KV2hlbiB0aGF0IGhh cHBlbnMsIGl0IHdvdWxkIGJlIHVzZWZ1bCB0byBoYXZlIGEgdGFyZ2V0IGF0dHJpYnV0ZSBz dWNoIGFzIA0KImVkLXByb2YiLCB3aXRoIHZhbHVlIHRoZSBuYW1lIG9mIGFuIEVESE9DIGFw cGxpY2F0aW9uIHByb2ZpbGUgdGhhdCB0aGUgDQpzZXJ2ZXIgc3VwcG9ydHMuIFRoZSBkb2N1 bWVudCBkZWZpbmluZyB0aGUgcmVnaXN0cnkgY2FuIGRlZmluZSB0aGUgDQp0YXJnZXQgYXR0 cmlidXRlIGFzIHdlbGwuDQoNClNvLCBubyBhY3Rpb24gdGFrZW4gaGVyZS4NCjw9PQ0KDQo+ ICogRmlndXJlIDYgKFRoZSBXZWIgTGluaykgZ2l2ZXMgYW4gZXhhbXBsZSB3aXRoIG11bHRp cGxlIEVESE9DDQo+ICAgIHJlc291cmNlcywgd2l0aG91dCBnaXZpbmcgYW55IHBsYXVzaWJs ZSByZWFzb24gZm9yIHdoeSBkaWZmZXJlbnQNCj4gICAgcHJvZmlsZXMgd291bGQgYmUgaW4g cGxhY2UuIChOb3RlIHRoYXQgYSBzaW5nbGUgRURIT0MgcmVzb3VyY2Ugc2hvdWxkDQo+ICAg IHZlcnkgd2VsbCBiZSBjYXBhYmxlIG9mIHNlcnZpbmcgZXZlbiB0d28gZGlmZmVyZW50IGFw cGxpY2F0aW9uDQo+ICAgIHByb2ZpbGVzKS4NCj4NCj4gICAgVGhpcyBraW5kIG9mIGV4YW1w bGUgaGFzIGEgdGVuZGVuY3kgdG8gYmUgY29waWVkIG92ZXIgaW50byBwZW9wbGUncw0KPiAg ICBzZXR1cHMgd2l0aG91dCBtdWNoIHRob3VnaHQsIHNvIHRoZSB0aG91Z2h0IG5lZWRzIHRv IGdvIGluIG5vdy4NCj4NCj4gICAgSSBzdWdnZXN0IHRha2luZyBvbmUgb2YgdHdvIHJvdXRl czoNCj4NCj4gICAgKiBFeHBsYWluIHdoeSB0aGVyZSB3b3VsZCBiZSB0d28gZGlzdGluY3Qg RURIT0MgcmVzb3VyY2VzLCBvcg0KPiAgICAqIHByZWZlcnJlZDoganVzdCBkZXNjcmliZSB0 aGUgLy53ZWxsLWtub3duL2VkaG9jIHJlc291cmNlDQoNCj09Pk1UDQpBcyBhZ3JlZWQgYXQg dGhlIDIwMjMtMDMtMDEgQ29SRSBpbnRlcmltIG1lZXRpbmcsIHdlIHJldmVydGVkIHRoZSAN CmV4YW1wbGUgdG8gYmUgbGlrZSBpdCB3YXMgdW50aWwgdmVyc2lvbiAtMDIsIGkuZS4sIHRv IHVzZSANCi8ud2VsbC1rbm93bi9lZGhvYyBpbnN0ZWFkLg0KDQpUaGUgZXhhbXBsZSBoYXMg YWxzbyBiZWVuIG92ZXJhbGwgcmV2aXNlZCB0byB1c2UgbmV3IHRhcmdldCBhdHRyaWJ1dGUg DQpuYW1lcyBwcmVmaXhlZCB3aXRoICJlZC0iLCBhcyB3ZWxsIGFzICJlZC1jcmVkLXQiIG5v dyB0YWtpbmcgdmFsdWUgZnJvbSANCmEgbmV3IElBTkEgcmVnaXN0cnkgdGhhdCBKb2huIHN1 Z2dlc3RlZCB0byBkZWZpbmUgaW4gaGlzIHJldmlldy4NCjw9PQ0KDQo+ICogRmlndXJlIDYg VGhlIFdlYiBMaW5rOiBOb25lIG9mIHRoZSB2YWx1ZXMgaW4gaGVyZSBuZWVkIHF1b3RhdGlv biBtYXJrcw0KPiAgICBhcm91bmQgdGhlbS4NCg0KPT0+TVQNCkZpeGVkLg0KPD09DQoNCj4N Cj4gKiBBcHBlbmRpeCBBOiBTb3JyeSwgZGlkbid0IGNoZWNrIHRoaXMgb25lLg0KPg0KPiAg ICBGcmFua2x5LCBJIHRoaW5rIHRoaXMgaXMgYSBiaXQgZXhjZXNzaXZlLCBhbmQgd291bGQg YmUgbW9yZSBzdWl0YWJsZQ0KPiAgICBmb3IgYW4gTFdJRyBkb2N1bWVudCwgb3IgdGhlIGRl dGFpbGVkIGRvY3VtZW50YXRpb24gb2YgYW4gRURIT0MNCj4gICAgbGlicmFyeS4NCg0KPT0+ TVQNCldlIGhhdmUgcmVtb3ZlZCB0aGUgYXBwZW5kaXgsIGFuZCBhZGRlZCB0aGUgZm9sbG93 aW5nIHN0YXRlbWVudCBhdCB0aGUgDQplbmQgb2YgU2VjdGlvbiAzLjIuMSAiU3VwcG9ydGlu ZyBCbG9jay13aXNlIjoNCg0KIMKgwqDCoCAiVGhlIHBlcmZvcm1hbmNlIGFkdmFudGFnZSBv ZiB1c2luZyB0aGUgRURIT0MgKyBPU0NPUkUgcmVxdWVzdCBjYW4gDQpiZSBsb3N0LCB3aGVu IHVzZWQgaW4gY29tYmluYXRpb24gd2l0aCBCbG9jay13aXNlIHRyYW5zZmVycyB0aGF0IHJl bHkgb24gDQpzcGVjaWZpYyBwYXJhbWV0ZXIgdmFsdWVzIGFuZCBibG9jayBzaXplcy4iDQo8 PT0NCg0KPg0KPiAqIEdlbmVyYWw6IEknbSBub3Qgc3VyZSB3aGV0aGVyIGl0IHdvdWxkIG1h a2Ugc2Vuc2UgdG8gZGVmaW5lIGEgZ2VuZXJhbA0KPiAgICBhcHBsaWNhdGlvbiBwcm9maWxl IGZvciAiTGV0J3MgdGFsayBPU0NPUkUgb3ZlciBDb0FQIiwgdGhhdCBhbGxvd3MNCj4gICAg ZXZlcnl0aGluZyB0aGF0IHdvcmtzIGZvciBFREhPQy1PU0NPUkUsIGFuZCBpcyB3aGF0IC8u d2VsbC1rbm93bi9lZGhvYw0KPiAgICB3b3VsZCBkZWZhdWx0IHRvLg0KPg0KPiAgICBVc2Vy cyBkb24ndCBuZWVkIHRvIGRvIGFuIGFwcGxpY2F0aW9uIHByb2ZpbGVzIHdoZW4gdXNpbmcg RFRMUw0KPiAgICAid2ViLVBLSS1zdHlsZSIsIHNvIHdoeSBzaG91bGQgdGhleSBoZXJlPyBP ciBpcyB0aGlzIGEgZGlzdGluY3Rpb24NCj4gICAgbWFyaywgYmVjYXVzZSB3ZSAqZG9uJ3Qq IGV4cGVjdCAid2ViLVBLSS1zdHlsZSIgdG8gYmUgdGhlIGltcGxpZWQNCj4gICAgZGVmYXVs dCBpbiBFREhPQz8NCg0KPT0+TVQNCkFzIGNvbmNsdWRlZCBhdCB0aGUgMjAyMy0wMy0wMSBD b1JFIGludGVyaW0gbWVldGluZywgaXQgd291bGQgYmUgYmV0dGVyIA0KaWYgaXQgaXMgZHJh ZnQtaWV0Zi1sYWtlLWVkaG9jIChvciBhbnkgZm9sbG93LXVwIHdvcmspIHRoYXQgcG9zc2li bHkgDQpkZWZpbmVzIGEgd2VsbC1rbm93biBFREhPQyBhcHBsaWNhdGlvbiBwcm9maWxlLg0K DQpTbywgbm8gYWN0aW9uIHRha2VuIGhlcmUuDQoNClRoYW5rcyBhIGxvdCBhZ2FpbiENCjw9 PQ0KDQo+DQo+IEJSDQo+IENocmlzdGlhbg0KPg0KPg0KPiBfX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiBjb3JlIG1haWxpbmcgbGlzdA0KPiBj b3JlQGlldGYub3JnDQo+IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8v Y29yZQ0KDQotLSANCk1hcmNvIFRpbG9jYQ0KUGguRC4sIFNlbmlvciBSZXNlYXJjaGVyDQoN ClBob25lOiArNDYgKDApNzAgNjAgNDYgNTAxDQoNClJJU0UgUmVzZWFyY2ggSW5zdGl0dXRl cyBvZiBTd2VkZW4gQUINCkJveCAxMjYzDQoxNjQgMjkgS2lzdGEgKFN3ZWRlbikNCg0KRGl2 aXNpb246IERpZ2l0YWwgU3lzdGVtcw0KRGVwYXJ0bWVudDogQ29tcHV0ZXIgU2NpZW5jZQ0K VW5pdDogQ3liZXJzZWN1cml0eQ0KDQpodHRwczovL3d3dy5yaS5zZQ0KDQo= --------------H6TjRs0S6xJY0lScrev5eQXc Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Christian,

Thanks a lot for your review! We have addressed your comments in the new version -07.

Please find detailed answers in line.

Best,
/Marco

On 2023-02-15 23:25, Christian Ams=C3=BC= ss wrote:
Hello,

I have a few comments and questions on the document. They'r in linear
sequence; I hope to not reiterate too much on points that have been
discussed exhaustively (as I'm not up to date on all threads pertaining
to the document).

None are particularly critical (AIU it's the chairs' call whether
something blocks a WGLC anyway, I think most outcomes can be addressed
post-WGLC), although I'd like to see at least the Section 6 example
addressed.


* Section 2 might profit from an introductory line along the lines of

  | This section (is not normative and?) summarizes what is specified in
  | [I-D.ietf-lake-edhoc], in particular its Appendix A.2, and thus
  | provides a base-line for the enhancements in the subsequent
  | sections.

=3D=3D>MT
Added with minor editing, i.e.:

=C2=A0=C2=A0=C2=A0 "This section is not normative and summarizes what= is specified in [I-D.ietf-lake-edhoc], in particular its Appendix A.2. Thus, it provides a baseline for the enhancements in the subsequent sections."
<=3D=3D


* Figure 4 (full coAP message):

  * There might also be CoAP options before the EDHOC option, in
    particular Observe.

=3D=3D>MT
Right; we've redrawn the figure to also show the presence of an outer Observe option.

The text introducing the figure as well as its caption has also been edited in order to stress that this is just an example.
<=3D=3D


  * Could you add something about "example" in here? Such a message
    could be sent over any transport, such as CoAP-over-TCP, and then
    some of that figure doesn't apply.

=3D=3D>MT
We have expanded the introductory text and the caption of both Figures 4 and 5 (see Sections 3.1 and 3.4) to stress that this is just an example considering specifically CoAP over UDP.
<=3D=3D


* 3.2 Client processing: This speaks of an "original CoAP message". I
  know from context what is meant, but the term could be more
  descriptive. Maybe "Encrypt the first application CoAP request as an
  original message per Section 8.1"?

  (The term reappears in 3.2.1 Supporting Block-wise).

=3D=3D>MT
Rephrased as you suggest in Section 3.2.0 and 3.2.1.
<=3D=3D


* 3.2 step 3: "The first CBOR byte string is the EDHOC message_3
  resulting from step 1." could tempt an implementer to encode the
  message_3 into a bstr; I take it that the intention is to send
  CIPHERTEXT_3 in only one layer of byte strings.

  I therefore suggest the wording:

  | [...] composed of two CBOR items in the following order.
  |
  | The first CBOR item is the single item of EDHOC_message_3 (which is
  | CIPHERTEXT_3, a byte string).

=3D=3D>MT
We have revised the text in Sections 3.2 and 3.3 to properly use "CBOR data item" and "CBOR byte string" where appropriate.
<=3D=3D


* 3.2 step 3: I missed that at some point in the evolution of this
  protocol, prefixing the (non-CBOR) OSCORE message with a CBOR stream.

  This seems unnecessary to me, given that the previosu EDHOC_message_3
  is well delimited, and the OSCORE message can well be the bytes to the
  end (a concept for which has been taken up in RFC9277 for CBOR-labeled
  non-CBOR data), and will typically waste 2-3 bytes (rarely 1 -- for
  that, the full OSCORE message needs to fit in 24 bytes).

  Was there a particular reason for this change?

=3D=3D>MT
That was actually the original design choice from the start :-)

We have now changed the payload format as you suggest. This resulted in updating:

- Steps 2 and 3 in Section 3.2 "Client Processing"
- Steps 1, 2 and 6 in Section 3.3 "Server Processing"
- The example shown in Figure 5 of Section 3.4.

<=3D=3D


* 3.2.1 item A is quite a mouth-ful to say that "On Inner Block-wise,
  3.2 only applies to the first block", but I see that given how the
  rest is phrased, it is unavoidable.

  Maybe using the term "first application CoAP request" suggested above
  opens an avenue for making this easier to comprehend.

=3D=3D>MT
Yes, we have rephrased as you suggest.
<=3D=3D

=20
* "If the decrypted request includes an EDHOC option but it does not
  include an OSCORE option, the server MUST stop processing the request
  and MUST reply with a 4.00 (Bad Request) error response."

  My understanding of this sentence is that EDHOC's criticality applies
  after decryption again, and a server must not silently ignore an inner
  EDHOC option without a matching OSCORE option.

  While this is in the right scope for a message it processes as an
  end-to-end message, it is out of scope if we're in a oscore-proxies
  situation (which of course we don't have normatively yet, but I don't
  want this to bite us later -- it could bite if, for example, the inner
  OSCORE connection with the origin server used some OSCORE-version-2
  with a dedicated option that our proxy doesn't need to know).

  I suggest the following wording instead:

  | When the decrypted request is checked for any critical options (as
  | it is during regular CoAP processing), the presence of an EDHOC
  | option MUST be regarded as an unprocessed critical option, unless it
  | is processed by some further mechanism.

  (The current phrasing implies that an inner OSCORE option could be
  processed, which is currently still forbidden; this wording avoids
  that while leaving the door open).

=3D=3D>MT
Great point! We have added your suggested text as is.
<=3D=3D


* "The EDHOC option is registered with CoAP option number 21.": This
  line could take a note that the RFC editor should remove this line (as
  at time of publication, this will be a registered fact and not an
  assumption).

=3D=3D>MT
We have added a note to the RFC Editor in Section 3.4.
<=3D=3D


* 4.1. Additional Processing of EDHOC Messages: So far, this document
  offers an additional mechanism; now suddenly we get universal
  normative requirements. When do these apply? My assumption is that

  | When using EDHOC to establish an OSCORE context, client and server
  | MUST perform additional steps during EDHOC, extending Section 5 of
  | EDHOC:

  (They feel much more like a "needs to" to me, because they all stem
  from requirements in the cited documents, but this sounds like a
  "MUST" that someone insisted on at some point, which I won't fight).

=3D=3D>MT
Rephrased as you suggest, with minor editing, i.e.:

=C2=A0=C2=A0=C2=A0 "When using EDHOC to establish an OSCORE Security = Context, the client and server MUST perform the following additional steps during an EDHOC execution, thus extending Section 5 of [I-D.ietf-lake-edhoc]."
<=3D=3D


* 4.1.1: This reads needlessly imperative to me -- what does the looping
  process give that a simple

  | The initiator MUST choose a C_I that is neither used in any current
  | EDHOC exchange as this party's identifier, nor the Recipient ID in
  | a current OSCORE context whose ID Context is zero-length. The chosen
  | C_I SHOULD not be the Recipient ID of any current OSCORE context.

  does not give?

  Same goes for section 4.1.2, where the "neither" group gains the C_I
  as an extra clause.

  (The concept of atomicity is not really needed when phrasing it as a
  closed expression rather than an imperative program).

  By the way, there is a subtle error that the above text would fix
  compared to the current text: "If ID* is already used as EDHOC
  Connection Identifier C_I," is only looking at our C_I, but it'd need
  to also look at our C_R for the host can concurrently be in an EDHOC
  exchange where roles are reversed.

=3D=3D>MT
Thanks! We have greatly simplified Sections 4.1.1 and 4.1.2 building on your suggestion.
<=3D=3D


* Section 6: I would not expect to have much need of that content, but
  trust that thought went into potential use cases.

  A property that I'd be missing if I wanted to plan a complete EDHOC
  exchange ahead is whether or not the forward or the reverse message
  flow is supported.

=3D=3D>MT
As concluded at the 2023-03-01 CoRE interim meeting, in Section 6 we have defined the two target attributes ed-i and ed-r, which indicate at once both the supported role and the supported message flow.
<=3D=3D


  (If I used things that way I'd also want to know, for the cred-t=3Dcwt
  case, which AS's tokens the server would accept, but that's probably
  for the ACE EDHOC profile).

  EDHOC treats application profiles like something that is defined by an
  application (be it as in some-piece-of-software or as in
  some-SDO-protocol), where the set of acceptable methods etc. follows
  from what that application says. Wouldn't it make more sense to guide
  those who define application protocols to how to make the
  application-protocol-as-a-whole discoverable (maybe by declaring
  rt=3D"core.edhoc my-sdo.edhocprofile", or using a dedicated attribute)
  rather than detailing out every single property that profile has?

  I wouldn't expect a device to just go around willy-nilly attempting to
  use any profile where the shoe fits. I'd expect it to know what it
  wants to do (which profile it wants to use), and then search precisely
  for a resource that'll do that profile (and expect the peer to heed
  what's specified in there).

=3D=3D>MT
As concluded at the 2023-03-01 CoRE interim meeting, it would be better if it is draft-ietf-lake-edhoc (or any follow-up work) possibly defining a new IANA registry for EDHOC application profiles and their identifiers.

When that happens, it would be useful to have a target attribute such as "ed-prof", with value the name of an EDHOC application profile that the server supports. The document defining the registry can define the target attribute as well.

So, no action taken here.
<=3D=3D

* Figure 6 (The Web Link) gives an example with multiple EDHOC
  resources, without giving any plausible reason for why different
  profiles would be in place. (Note that a single EDHOC resource should
  very well be capable of serving even two different application
  profiles).

  This kind of example has a tendency to be copied over into people's
  setups without much thought, so the thought needs to go in now.

  I suggest taking one of two routes:

  * Explain why there would be two distinct EDHOC resources, or
  * preferred: just describe the /.well-known/edhoc resource

=3D=3D>MT
As agreed at the 2023-03-01 CoRE interim meeting, we reverted the example to be like it was until version -02, i.e., to use /.well-known/edhoc instead.

The example has also been overall revised to use new target attribute names prefixed with "ed-", as well as "ed-cred-t" now taking value from a new IANA registry that John suggested to define in his review.
<=3D=3D

* Figure 6 The Web Link: None of the values in here need quotation marks
  around them.

=3D=3D>MT
Fixed.
<=3D=3D


* Appendix A: Sorry, didn't check this one.

  Frankly, I think this is a bit excessive, and would be more suitable
  for an LWIG document, or the detailed documentation of an EDHOC
  library.

=3D=3D>MT
We have removed the appendix, and added the following statement at the end of Section 3.2.1 "Supporting Block-wise":

=C2=A0=C2=A0=C2=A0 "The performance advantage of using the EDHOC + OS= CORE request can be lost, when used in combination with Block-wise transfers that rely on specific parameter values and block sizes."
<=3D=3D


* General: I'm not sure whether it would make sense to define a general
  application profile for "Let's talk OSCORE over CoAP", that allows
  everything that works for EDHOC-OSCORE, and is what /.well-known/edhoc
  would default to.

  Users don't need to do an application profiles when using DTLS
  "web-PKI-style", so why should they here? Or is this a distinction
  mark, because we *don't* expect "web-PKI-style" to be the implied
  default in EDHOC?

=3D=3D>MT
As concluded at the 2023-03-01 CoRE interim meeting, it would be better if it is draft-ietf-lake-edhoc (or any follow-up work) that possibly defines a well-known EDHOC application profile.

So, no action taken here.

Thanks a lot again!
<=3D=3D


BR
Christian



____________________________=
___________________
core mailing list
core@=
ietf.org
https://www.ietf.org/mailman/listinfo/core


--=20
Marco Tiloca
Ph.D., Senior Researcher

Phone: +46 (0)70 60 46 501

RISE Research Institutes of Sweden AB
Box 1263
164 29 Kista (Sweden)

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

https://www=
=2Eri.se
--------------H6TjRs0S6xJY0lScrev5eQXc-- --------------6LJt1LbafU5DB0twV0DJnRWO Content-Type: application/pgp-keys; name="OpenPGP_0xEE2664B40E58DA43.asc" Content-Disposition: attachment; filename="OpenPGP_0xEE2664B40E58DA43.asc" Content-Description: OpenPGP public key Content-Transfer-Encoding: quoted-printable -----BEGIN PGP PUBLIC KEY BLOCK----- xsBNBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLN R8ZhDz6ZaRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD +QBdf29pQadrVZAt0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGN dsY6kPSVzMRyedX7ArLXyF+0Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZX kLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+NrSetJlljT0QOXrXMGh98GLfNnLAl6gJ ryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEBAAHNJ01hcmNvIFRpbG9jYSA8 bWFyY28udGlsb2NhODRAZ21haWwuY29tPsLAeAQTAQIAIgUCVI15FQIbAwYLCQgH AwIGFQgCCQoLBBYCAwECHgECF4AACgkQ7iZktA5Y2kNZdgf/drEFkXWpz9pPm0/Z wNNfXzHkpGLqcfPlvQaSNFFboHwJaeKZ6s3dCGpzDlV6bLrRM9LN/sgNRT0eNiEl JHtKDW/fqvzrHl3LCsDKed4LK4Gg2mE0nvWvTno9Nyza8TatJm1+V2S7MbDgSE/F 26QK2VL9Y/ur5BHgUI34mUar4iE1Aq7nsFbN6NEvamyQPWlkN+rCjtnT0+NLGb5V nDVKAHSgiYgGQeDvlisWb9NtsxzXf1qge3tlCufadSWXyqa4oOq4hEcD3GBUQVuG fBNa7r0mqHzVZf0qd+Kxzs6Dp9LxTGp7aSjiXN6cBoapz7lSP0wXOgSzIJ1X2UtV ssKv28LAewQTAQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlSNerkC GQEACgkQ7iZktA5Y2kMiuwgAt/bVZKqD92JNWDTX6h1MUsgejwj4RXs6UYqFdWW/ 4nw4mFHzYS+gBjOQAWCBhzVZLOk6gKcRZ/s86ncVygiDUh9fbSDTcuzOp2qgu9ns c8sEsYp1hwmiIEbI6FHPtyeQQNilsfU8+VHX2C9yQtMK/OXlf5qNkJMj9k55u+e1 ELQ2sjUXkMB4MxMhmi/3P3hMz9PDcB66BtQcDFYkx5PIaz/izCST0o28AJq0dion JpPsQ+hFOIAkJi6aCAt3xQf0KnXlAczWxCD3J3XTFK4MES/b3n3oc2GJY8I+tsfT 5jpNsWhfWGBkMaQSKZ939D4oFAhAq3gnNRgZszJeTvsMvc0cTWFyY28gVGlsb2Nh IDxtYXJjb0BzaWNzLnNlPsLAeAQTAQIAIgUCVI16cwIbAwYLCQgHAwIGFQgCCQoL BBYCAwECHgECF4AACgkQ7iZktA5Y2kNxXggAhFyfi+VlqgIj5a54npaUoREoQ5Tj 8gzUPmqOXddo0q9f1cQn/+ehKpbb3TDVzO35HBXZvuFGn5DHBUYhqBFWTx+H5zHg GBRhF0imQ9Yi/gHe2StgrSIa5528iV2g47OyDDlSCoCWEM4WwWkJqv9CP2J53Gb6 3UOPuq5j+BF9wtDs6M6YAs9GdHIDhvUJWGDhOZevyp/DWE5d3LCI+HJIajDjhJK0 2kVg47aBusW40mGXmjWmtJXP+QtZRfSaabFxCVE3APBn+P4zuyb+mk1gwkN51OiF uYQr1ig3M55kaoGbrs57fVuGtaC9DSc1vgaicJQrYpCbOrbR/yZAedz3xc02TWFy Y28gVGlsb2NhIChtYXJjby50aWxvY2FAcmkuc2UpIDxtYXJjby50aWxvY2FAcmku c2U+wsB3BBMBCAAhBQJaQCeQAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJ EO4mZLQOWNpDAS8IAIko8kg8YfSgacsljgbUjYOA2LJUq3UfiSRz95PwHP05JsDG BmjcmTLfzZ7gNtprJatBEV6fRotIW7NtTgFfg79hFJoipQ7crBQ07WJMLrk4fPRe KsaiE9Q6xzRIQy2mb7jN9gbsbynfkwrSH2CnCAYwbSPSZlfhEOO7LALzyLVXELAx YZplGVSs9eQLeeoMNFw+24QamdxaEBVC3Zmp7IhO/0oJSYOe2Zcs97q8Re058j1n cd6p4jw6QbBemi1WhuAtr+ZWYWPoQAsPOPscLa61+DEQIEl12ZwMieu8aBORm1cR VvItC6IrbSUmZieY9Y3wNdpVVpDhc/+VdSvOgTPOwE0EVI15FQEIAJaan6TouRjj 97Lt4Du6ZhVzbaLJWoARebLANjMSN7BjBFyNOsf83HUSrCMgO5b4EESgwtFk4cKC aOjodGZYi61xhUK32J6iS6W2Siv0EGhBU+Ij5OnnU6nTaJ+QZysRA1mLurd+Y62E VnBno0mdRsDZvJxopnygKW8MJCPoCMTJ0E+dLvdRoSgOyqwZWNnAKF84yDk7IWb3 RCOkjDybS4NVwLMop/GrdP/Pu3JGC5whR7zgTMG64kERISMr+EXSdHYsOHVKEPb0 VasVlI1VUJW7VRhksBrJ/ygoocekz7CF+MRg7hewOlXjNDXkD4PXkdGIdHoB1/g8 O08zUMLCCCMAEQEAAcLAXwQYAQIACQUCVI15FQIbDAAKCRDuJmS0DljaQ8YTB/9Y 2NPLfPvi8uYfJxWwVdehDxbX7znyZHIB3RrwljNjfEHsJW2ojcfLz3hBzDgfobv3 0DU4v0HUR4DxiPdo7PQ1tTJ/kZb6Ki2veHz4ogI5hnfj8FBo4vN28M2ZGgYef415 POEXt5J6I8qLaN7H41Wh2GM5UZfDwSFgaR5ku/KccRuiIszhNvI9tVH0ex1WooZV MPEpITedqajeS+1jqzJEUiJTPlbMl9gC6pu3qbdPEMRvywD2nNou6GZ+clFzXYfk 1VkRmYT8SQkVOWQ/jCdnI5J/+vb9V3SIdq4HC/ntyljocUUx7uu8rizswTnNy04S XLkLo0K7Vlo211S6oNI8 =3DOGai -----END PGP PUBLIC KEY BLOCK----- --------------6LJt1LbafU5DB0twV0DJnRWO-- --------------TFANBRslyB2Ig5ldbkc50yU6-- --------------TRU9ySj7nV7hXIY2292ux1gU Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEOEo4cV326Z7GypVg7iZktA5Y2kMFAmQQd6MFAwAAAAAACgkQ7iZktA5Y2kM9 oAf+LUYU6WyI7WAV86F9PjvueqmFkV7buBsA7U041OqVg4PwfNzi/FE3euZg+R5YWXBRHpW41Jmf oQ01/quOUNdDWkp3LHXwbz+xXKvcmepESQv/BGxkkSBYBqzykX8WAayla7GY08bHeUFD2DNkW2PM GdMVLUsBeykQTMW/VUUYwU5fEpaQOSZyYbklSz7vUoG+XvwffbY+Fkv4qJFeGkeYuCoLQOTjtkt8 m3BmBv4oQO7qrv/2xit6zI+AEtSb6AMS2Oai3XOqtMnTx2cqUXLTzirfpJs1PixrTH/+et5/aXfh QrbMWcBYF7JJBTtVuUeW+iaGcyD5nrcQqvawTmKjFg== =07gM -----END PGP SIGNATURE----- --------------TRU9ySj7nV7hXIY2292ux1gU--