Re: [core] CoRE WG Virtual Interim 2021-04-28

Rikard Höglund <rikard.hoglund@ri.se> Wed, 05 May 2021 07:30 UTC

Return-Path: <rikard.hoglund@ri.se>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B321F3A1590 for <core@ietfa.amsl.com>; Wed, 5 May 2021 00:30:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rqul_GVIpXIF for <core@ietfa.amsl.com>; Wed, 5 May 2021 00:30:45 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140074.outbound.protection.outlook.com [40.107.14.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCB7C3A158E for <core@ietf.org>; Wed, 5 May 2021 00:30:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Goeg1F2KXnY8vEMFJ8cGj4r5CWCGUKPrrNeG9ki9LtkT3kiOBF4apKn3354UcxYSnY6Y5FE7Ulhqw/pWFzdZpK12CQn/Zk2kJcZ95YiO2ijzSBbO5XPkyYxe5r5Pb9DQEpj8bFLqS1oj2s1eFxPpIvWRy6b9Vey6WZMeHQCWz8IjHv0XhYuTIzX/sKfbeCPv7cjNXbtoV7pHqp2zMt/GTASMdzdzxs7y/CNbNycVgZMCVQqZ9wu52k7OeDFuB+etDOg6YDTEsvEI+DcwxH4aAzanZEn0PtWc4JD8bUXLYYrYqWOHzROkj6gXG+ubg0CmTJ9TMJWUv8wkluw5mivo+A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TfWx318Oo3W6ceLma77BKhFbSLJP12mwaLg6zvXkCkY=; b=XRjcmBwkKqfig3LSaHM4f9tLhv/EbvWlr+4bGaIus3Aq9izT7fDO1HSa/dXDduwHx4JGQWqmH8gvLjoCnys+EraFC+zeOPZ7kPhXQ+KqVaSjPhgrya8LFYcWwzsmEvNZW/1jZRqOlx+0Cg0sQVz9n7CkvfpTP/PvsVUE80zu7ifq+Mz69zIEbVT29jl79HLjgbP0c5Qwq/c3i6HtuEUaWH1XdZBtkEqf/maXuAaz1yiD5KUA7dLsyv3G1s4gqjousG1+AFay98oo3Jj/9fcNlcQaxe1hr7miIqDcrjxRE/oq8WY7AIZ0Z36oTxGKCziOYYHvg3bueV5z1JipBfo5MQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TfWx318Oo3W6ceLma77BKhFbSLJP12mwaLg6zvXkCkY=; b=YRYt1bJ9ZlQMopj3t1awAYAyT9AfIDj6EH/4rpdw0qxNSomwUzH65tvSrBgPjkySVoSbd/G0CXRMrRFmkgswNWPqi5Yilrn7Wq2Bd4L2ivlVitxcIq6D7HcGtOtkDP3mSzEJ7FV2IXyokbgZJUySzEkxqigLXRGK0lSmtHvZfys=
Received: from AM9P189MB1571.EURP189.PROD.OUTLOOK.COM (2603:10a6:20b:30d::9) by AM9P189MB1620.EURP189.PROD.OUTLOOK.COM (2603:10a6:20b:304::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.24; Wed, 5 May 2021 07:30:41 +0000
Received: from AM9P189MB1571.EURP189.PROD.OUTLOOK.COM ([fe80::6028:cab:3af5:69bc]) by AM9P189MB1571.EURP189.PROD.OUTLOOK.COM ([fe80::6028:cab:3af5:69bc%7]) with mapi id 15.20.4087.044; Wed, 5 May 2021 07:30:41 +0000
From: Rikard Höglund <rikard.hoglund@ri.se>
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, Marco Tiloca <marco.tiloca@ri.se>, "core@ietf.org WG (core@ietf.org)" <core@ietf.org>
Thread-Topic: [core] CoRE WG Virtual Interim 2021-04-28
Thread-Index: AQHXNsit23B0og1IvUeABOeSJxd+9arJ35qAgAFvCICACUB6TA==
Date: Wed, 05 May 2021 07:30:41 +0000
Message-ID: <AM9P189MB1571B8F076D8C99862FD3C3283599@AM9P189MB1571.EURP189.PROD.OUTLOOK.COM>
References: <9c14ea30-3f76-f840-7e7b-901dcb1c8678@ri.se> <69df215a-b7de-c837-75ee-d118af8b9304@ri.se>, <008617DF-D15B-4597-A7B4-F13E3B06C95F@ericsson.com>
In-Reply-To: <008617DF-D15B-4597-A7B4-F13E3B06C95F@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=ri.se;
x-originating-ip: [85.228.127.50]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4552abe4-c643-4c90-a174-08d90f97b024
x-ms-traffictypediagnostic: AM9P189MB1620:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM9P189MB162082FC880360A9806817EC83599@AM9P189MB1620.EURP189.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8I61BgU1Io9KfGqXKDwwWR2dYWaVfh03LnBIb/M+bQ1TJ3/Ac3tlLCs2pLIV6w3GeAieSybsM/GVszXT5j0NuqzD2rrRLylNIUmBrE4gKP4kuk5aC9VGClN6aTpK8c92XKtW+dQ78ZZNqupWsRKSr0y6kafkk1VEy7TYVh8K8lJ2GUU92iNI0VmXXHfEKlNvrYB9UEHT12nM6TtWnaCo9UCkZoaU06j17L7Pl5ldjwMLBELk5iKOVkZHH/nckesS5ju7v6Qj3v5SBF9r3xeUyWzc52af7Xb8fdFeaINyHqlLXKYnVEVsIe9OGPs2F6cJZYZe2OP/YvR69cDl0O2Qo4W6z4PG6lxdVmGB+gdAR7muBZ2R51mhGBcNc5Jp6wd9gtnhWPtoHct2nJP9B4xDXBSs7duUnQORogy6DaWOm3+PyxdkdJMR7UWv7YL8dPf9JZLy0L1bFzc/Uy+0ZGTpqXkNG5gHnffGHNxuHfxQTzzO1qVRQqd/kk+W6qiz5VB3+i1lJSkpkXMEdTdNaZhIjzuli6GDe746wtB2KTHH3q4XWmsXWJyNtazhoiOXRezyxekbcubCel+ZR/t12ArdqLFEVfwciuBl7p/ghU1ymp8ekfM2ME7ImqZGx2a4OLk03Pn0IKRttC5emWB7yDCBp7JEmI1WtWRQ5YinbLw0/21YZD6CxbK9SA9vbJpeqbXM
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM9P189MB1571.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(346002)(39850400004)(396003)(376002)(136003)(8676002)(9686003)(66574015)(5660300002)(83380400001)(186003)(166002)(55016002)(2906002)(53546011)(6506007)(8936002)(86362001)(122000001)(26005)(52536014)(478600001)(110136005)(16799955002)(316002)(33656002)(66446008)(966005)(7696005)(64756008)(66556008)(19627405001)(66946007)(71200400001)(45080400002)(38100700002)(85182001)(85202003)(76116006)(66476007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 3806aQpfAdxHJjDapVtknNEOXNPJpvMF+VAZugIt7i0fQRFiuz/KcR5OLQBMf1QAqkYpZZPsFVj2664H+053pBcmWeslCT7yhzcnWkneC7FOykmcDJm/AWyu8BuNxw8Rwucdf/NkK5iQiqA+Cy9abONGG49AYWf2NuEZ+HLgIussjVA4K5FT3fZz36PxcrAPPrjaoh30bToHk3Tn+A4AGUoQNWYJTbp5pbD8j0+IrZifK/rSEfAUMbmE8mGJxSrsqsWY00nizi24UmLD84ZowSgJZifBFID6774kdZHU/+omw6/G6fL8ZzHc8a0LYa74tdj+2sUN60McULtq3f2ggmLRWzCY8K0DB1fe2p+sJp78mCihfB2oe7gzsi7h27qDI219Az7+fAP2HQ4o7rUJCswtjA8+oiY+YtW6JFZl8aBJNvffQmHlVZBdtC+ZzDv+C5hUlu2W+vPaFs2rGE3N5/4eg91D9ejEySkyoIpHI0tWL+ikNUayOg41xZie8MvkKziDLe4WvaBAGqixLp+asMV0Bqoax6mNa91Lq63Dqi5bWXdEwFKcWLuxqDszyl3KE+klFD0+MGPNNci+f/zNRHxGzijecBK+xUEroPvNGchUuWebYQQSlAjrG6/PXU7OM/P/Y5KOD1pdbVulrMQ2hdOBGzLpZV3sVtdEDIU1JSneCS2L9MMvEBt8NiIl9so0b0yFNzPbh1MScLCT21tPqCxiBJOsyJp5J083vtFeKtqbXdlIGRd6l4s7KQWvb4Bq+qxFDKtUpjCcA/r5DE8OFP5KMG0Rb/OmLDkS5E+4R7CaPrJmTAM1xqIgYn/Wbu7wIhXvyiP+PPL/Wr7jiy7jxQQXwhjtXD2JNuBYXbcN+7olHcIPe9/AXIzweQAvK6W9BZAYlb4Itz1n8QzP9hX9dY/0XFOYYJtKdcuiDrNAmHCDBdShDBn9mrblhPRheEFzr4RB/r/N5GwX1KaOKu9Q03TkJC/Z+V3pDt3FpTgjikmnLifrrzQJW1yi7KxKwU0/oD4YOCOzZJPmAj+PL6Gfork5kLfKtovjKh/6903HCH7a0+lYJ996xJ6iKhX/T1s/fmKNqXYXevqaWOwXg6I3WVEYg8+w6Y2z/SuETXmFfYzdiCar6S6QvVYBVu/n1NT9xtUaNXA14GYv5+jW4Yx3Vv1Wrj97nQG4K7xXbboy2+462d1YU/mkwdKvtglDXKxsHViOPXmrUwa2DUtO2unmSi38POPY0rIwy/xrRW8PlcF7R5uBtC/sBLtYyep5kwizkSXimkUZKlNFVSzpi7uzOosFev/vPlXoi+3BgZxvkiY=
Content-Type: multipart/alternative; boundary="_000_AM9P189MB1571B8F076D8C99862FD3C3283599AM9P189MB1571EURP_"
MIME-Version: 1.0
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM9P189MB1571.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 4552abe4-c643-4c90-a174-08d90f97b024
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 May 2021 07:30:41.7622 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: /B6AZ1p8q7RMX3+e2I66elh3UAthgQkpB6uOQKJxvqOcHWutMEO7dVgxB6wrQQcGAupZeITheKhbln5E7NU54Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P189MB1620
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/VrOk6eveb1MiB_loxv7bPqTQ5iA>
Subject: Re: [core] CoRE WG Virtual Interim 2021-04-28
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 May 2021 07:30:51 -0000

Hello.

Thank you John for initiating this discussion.

As mentioned during the last interim meeting, we can start expanding the current draft at [1] to also include information about an updated process for rekeying OSCORE.

Currently we are using l = 2^10 = 1024 in the draft text, which is based on the values from the DTLS 1.3 draft at [2], as is the p_q and p_v probability values. In that draft they motivate a chosen l value of 1024 as below. The paper referred to as AEBounds can be found at [3].

For simplicity, and to match the analysis of other AEAD functions in [AEBounds],

this analysis assumes a packet length of 2^10 blocks and a packet size limit of 2^14 bytes.

As you say it would be interesting to open a discussion on how the choice of limits for v & q, and the choice of l would affect applications.

Best wishes
Rikard Höglund

[1] https://gitlab.com/rikard-sics/draft-hoeglund-oscore-rekeying-limits/-/tree/v-01
[2] https://datatracker.ietf.org/doc/html/draft-ietf-tls-dtls13-43
[3] https://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf
________________________________
From: core <core-bounces@ietf.org> on behalf of John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
Sent: Thursday, April 29, 2021 11:57
To: Marco Tiloca <marco.tiloca@ri.se>; core@ietf.org WG (core@ietf.org) <core@ietf.org>
Subject: Re: [core] CoRE WG Virtual Interim 2021-04-28

Hi,

Below are my thoughts after the interim yesterday:

- Two equally important reasons to rekey, AEAD limits and forward secrecy. A document
  updating OSCORE should treat both with equal weight.
- Frequent rekeying require efficient rekeying, should be published together.
- Other questions like error messages etc., needs to be specified at the same time.
- The limit setting process used in TLS is flawed and should probably not be used at all.
- The limits in TLS are secure, any limits equal or lower does not need motivation.
- Poly1305 v, GCM v, ChaCha20 q does not need any AEAD limits at all.
- CCM v, CCM q, GCM q should be rekeyed around 2^23 - 2^24.5 like in TLS
- CCM_8 v could be used much longer, maybe 2^35
- Should consider lowering l and CCM q compared to TLS to make CCM_8 behave even more like perfect MAC (right now the attacker can look at 2^23 messages and then send a single forgery attempt). This single forgery attempt succeds with probability 2^60.
- Might be easier to set simple limit of q, v = 2^20 or 2^23 for all algorithms.
- The limit l = 2^10 is measured in blocks (worst case), In bytes the limit is
  2^10 * 2^4 = 2^14 bytes = 16 kB.
- Can be discussed which limits should be MUST or SHOULD.
- Focus on discussion needs to be on how q,v,l limits and rekeying affect applications.

Cheers,
John

-----Original Message-----
From: core <core-bounces@ietf.org> on behalf of Marco Tiloca <marco.tiloca@ri.se>
Date: Wednesday, 28 April 2021 at 14:04
To: "core@ietf.org WG (core@ietf.org)" <core@ietf.org>
Subject: Re: [core] CoRE WG Virtual Interim 2021-04-28

Dear all,

Just a reminder that we are having our virtual interim meeting in
slightly less than 2 hours [1].

Please find below the information to join.

Best,
Marco and Jaime

[1] https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fmeeting%2Finterim-2021-core-04%2Fsession%2Fcore&amp;data=04%7C01%7Crikard.hoglund%40ri.se%7Ce83bc850de51432bf32f08d90af54cac%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637552870935664628%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=XbKoAWMHXcBOWePeqmp1aev8%2B1TeNblv%2Fxy88Wc14S0%3D&amp;reserved=0


=== Meeting Information ===

Jabber: core@jabber.ietf.org

Etherpad: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcodimd.ietf.org%2Fnotes-ietf-interim-2021-core-04-core&amp;data=04%7C01%7Crikard.hoglund%40ri.se%7Ce83bc850de51432bf32f08d90af54cac%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637552870935664628%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=jxgsUJm%2FUKRJLra5tziAKZ0ykj3%2BDBZuANNfpFq%2B8jc%3D&amp;reserved=0

Meeting link:
https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fietf.webex.com%2Fietf%2Fj.php%3FMTID%3Dm888a990760425271a1327f53c6714b07&amp;data=04%7C01%7Crikard.hoglund%40ri.se%7Ce83bc850de51432bf32f08d90af54cac%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637552870935664628%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=TGdabtdwH9macsf4GjLHnbm1LWB8%2FwhXd%2BjgAEaA3hk%3D&amp;reserved=0

Meeting number: 185 248 9231
Password: constrained


More ways to join

Join by video system
Dial 1852489231@ietf.webex.com
You can also dial 173.243.2.68 and enter your meeting number.

Join by phone
1-650-479-3208 Call-in number (US/Canada)
Access code: 185 248 9231


On 2021-04-21 18:07, Marco Tiloca wrote:
> Dear all,
>
> Just a reminder that we'll have a virtual interim meeting on
> Wednesday, April 28th at 14:00 UTC. The agenda is available at [1].
>
> Best,
> Marco and Jaime
>
> [1]
> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fmeeting%2Finterim-2021-core-04%2Fsession%2Fcore&amp;data=04%7C01%7Crikard.hoglund%40ri.se%7Ce83bc850de51432bf32f08d90af54cac%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637552870935674585%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=xdWZTxvyQUHx%2BtE1OfHQbSzdJ4s%2BlEPkoZjf0uGSCSs%3D&amp;reserved=0
>

--
Marco Tiloca
Ph.D., Senior Researcher

Division: Digital System
Department: Computer Science
Unit: Cybersecurity

RISE Research Institutes of Sweden
https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect2.fireeye.com%2Fv1%2Furl%3Fk%3D4c4a5987-13d16165-4c4a191c-86073b36ea28-2adec21f03723771%26q%3D1%26e%3Ddc609331-6b2f-490c-b545-f937c703f065%26u%3Dhttps%253A%252F%252Fwww.ri.se%252F&amp;data=04%7C01%7Crikard.hoglund%40ri.se%7Ce83bc850de51432bf32f08d90af54cac%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637552870935674585%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=4j00cEttBTjyXGZlqcSQc7A1jPNqh1%2FsTGIS4C2kBpU%3D&amp;reserved=0

Phone: +46 (0)70 60 46 501
Isafjordsgatan 22 / Kistagången 16
SE-164 40 Kista (Sweden)



_______________________________________________
core mailing list
core@ietf.org
https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fcore&amp;data=04%7C01%7Crikard.hoglund%40ri.se%7Ce83bc850de51432bf32f08d90af54cac%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637552870935674585%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=lZbIoAQ3X4pOV5ik%2B5G2ad%2Fc0EqFr%2Bmb98mt2EialzQ%3D&amp;reserved=0