IETF Logo Mail Archive

Re: [COSE] HPKE for COSE

John Mattsson <john.mattsson@ericsson.com> Tue, 09 November 2021 13:06 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 874643A0B6E for <cose@ietfa.amsl.com>; Tue, 9 Nov 2021 05:06:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ekcimt66O4kL for <cose@ietfa.amsl.com>; Tue, 9 Nov 2021 05:06:28 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2065.outbound.protection.outlook.com [40.107.20.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F33393A0B6B for <cose@ietf.org>; Tue, 9 Nov 2021 05:06:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H4EGyL0y/N16dxnm0FnQ6zFAF2DiIaYm1sAjHz1FptIDvuc7Wa35wfw+UkQMwldFFcMXD6Tudw+VGiEszrd9zawTnHMgKKxr3OhfjVNIlt7jVk59FeIHQcvqAnZTD69D7PTpDJb/3nfH75R02/vEmDhNGxs8EBpwt/AT/kAy4qpexbaHVfQXNSgnfPd9VgiQC4E6t4h8YhSF0OByIDd8lP0718SGCsgOQ9AiSGS7NOnIMSEz5kTIukghUj31JQkSUvcsqm6DISBFE8T2k4ZMHkRs9P+sPBpdsVCq/y9gJLyOn9BTEFVdMOpl6/NwGMl+IAw7egGDA0c5BrcrI/o7bg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/AcymgYBZERNcYrMrkUJQjUyJ6Rks8VeP2GVovnSMN0=; b=KR4U4vlHFv7UYE91dCadwPQYdpHC9KwuheqPRbCK9m6W57VPeHHLyUGOqk09SNeqRO0ArcEKfNkeOsI9EkeSmuVPSy1s3SFTq4qQb0BFj+nUakCIn0JpQV7stTWeSDkg0mLKBGe6sH7FO7p8PPnK+li4PlidIaRAqUZjqcE04I8yXE5yo3dQ1z98Nd1s8oaMLP4wvalpjMktBS5WBVmxTe0dzheZU2KOY/Ak9X64+eRKa815ZDwGTa/Ff9QQMYOD8D3F1vl5J2hQH5UvwMcGfUIkKQBvTOgYekLCxHxeAg+qSWPOkLThLSxw+HMxR/o0OjPt8Cp882IGC2UUEPqqxg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/AcymgYBZERNcYrMrkUJQjUyJ6Rks8VeP2GVovnSMN0=; b=H2u3tHZGTo95+aFPNao29uFYj1VtP2g8Aq+Sm1dX/uoZkj3uMul9OfGqk/7JyrQOsvVjkdFEhklCNPt0DN+OenM0khTFWvg4TCifE3pIIryIoCfrGGFdnrGfGFPpKO69AQ5Iq+gfF9903YDiOEEE9X0gBsa979iwpqNS9DYGXRM=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by HE1PR0702MB3659.eurprd07.prod.outlook.com (2603:10a6:7:8c::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.14; Tue, 9 Nov 2021 13:06:24 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::acd7:51e8:bdfe:c133]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::acd7:51e8:bdfe:c133%7]) with mapi id 15.20.4690.015; Tue, 9 Nov 2021 13:06:24 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "cose@ietf.org" <cose@ietf.org>
CC: Russ Housley <housley@vigilsec.com>, Brendan Moran <Brendan.Moran@arm.com>
Thread-Topic: [COSE] HPKE for COSE
Thread-Index: AdfJvsgM1P5wKWwXQ4CRl8DwV1JUFQAApPEQAYrCkFgBUl1D8AAM4Qmo
Date: Tue, 09 Nov 2021 13:06:24 +0000
Message-ID: <HE1PR0701MB3050694DE1DE20B552CA940089929@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <DBBPR08MB5915B4E831131EA80932F286FA839@DBBPR08MB5915.eurprd08.prod.outlook.com> <DBBPR08MB59156826A497D1E84B51EB16FA839@DBBPR08MB5915.eurprd08.prod.outlook.com> <HE1PR0701MB3050DE68A909BD0D94F596C6898B9@HE1PR0701MB3050.eurprd07.prod.outlook.com> <DBBPR08MB591556D8B48B4217919109DFFA929@DBBPR08MB5915.eurprd08.prod.outlook.com>
In-Reply-To: <DBBPR08MB591556D8B48B4217919109DFFA929@DBBPR08MB5915.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9d9696fb-dd9d-4b8b-0b5f-08d9a381bbb2
x-ms-traffictypediagnostic: HE1PR0702MB3659:
x-microsoft-antispam-prvs: <HE1PR0702MB365912ACB9DE52749B52868E89929@HE1PR0702MB3659.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hCGgtL2t5mbCcd/3/BTiYwjx4k+Tv7FdQ8Tr9XJdQgX6ff1QjvS1emNWxQHQZ7ABVbrN9/9ZkhUtGiOz2Zj9izehW6KW+P39UgAtr71MgC105NprkicdaocbdW920QgcPOPOv88dCtqx1YjqLFBFIy6OY3g/6Q0MWaUHSrHN5ScywtZqwVU7mP/9IKW1/qWk/97Sm5toIjR/iuCexeUY1pEcbQJHIcAS5VXoJTzAqb5kL+Sfit+B+CkvM1AXampEt7j/z4cHsHoYT5qApLuL0kfY5+uj3XoC5jpDdx9IllI/qDYkcDN6cRcpmhucPhJY8lKznomtdB6gQavg146Ir3s/kbLag72BWCav8zTsj8KYp1YKfrFLB5yZJ39aqsglk7ooRi5Ehd00vaknhkXj0oMZSA4I5cxxNAiUW6Cu6fVNQxNIAuj0Gm6s0qzNx+qlyFyHCa1LhbrfhT6kJF0wQJW84xtigAVxLCIwaPID/33uz/bSaJoxUSDQ1wRFsl9L8BN2lojtzJA2jHNCguIVc/iCXTEhMY9Ch4KtxqhaZ4JNFG+mlVhRCHcvO6MXlXGhucjRG2eWEUENOE+R67p3G1PTCocPL53eSrBbzkjwrEnuEFMhQeYeW0sJAGwuwG9mlEw5c/3oRIgR4Mpyxvvr4JEV58U8ejnc1WuCtfx1YtIBf5XI2fRgQTtQsv3xolWNon3o05oUXWpOqDvSADpyrCJg07v2YQEGX0wNiviUHpgUqEK0eEAf2i10l7kVn3Iq6fpr86vGI9ESFIzZChOCVxZxRbe2eVHiT+qaPTyZkreeSFAYuMRo7zwgj3aKmq1aH0FJNhIt2OHayKqJlunKqw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(122000001)(2906002)(38100700002)(5660300002)(82960400001)(86362001)(83380400001)(316002)(166002)(186003)(54906003)(110136005)(4326008)(52536014)(8936002)(64756008)(66446008)(66946007)(66556008)(508600001)(44832011)(6506007)(26005)(71200400001)(91956017)(76116006)(33656002)(38070700005)(8676002)(9686003)(966005)(53546011)(7696005)(55016002)(66476007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: r0eqamzkUZTuMucmeusPSAuBY/bq+qVt89F5tjL5X/W8pnkvawMZlyrHCTE5bJAnEoqRV3ZRIsKF4oS1SoGydSsZxbKr046v2MkrqOIZRYgWbe8GyThYXxCyqxVPzC8QSYvq8lx64ouH3mqwEpTdkq8U5uNEWsvrszRUtb/Tw9FFSFgNI6skQDHWB9Aa+DqPHkfAaxRKRX91DEcPv6pvXCVqISmgIvNI15Ghn44pov4g9/bmlfHQIgWJ2eWYPj/X5SbIrEqDnRMmzmR7rnYZ6BhvacxNHDdmqh/5mcCg9fpgmxTI4+lcZOrEAXcFRODOTGgrdUK4/+3/GIGFkbTVye4DT9CLHAvxz/1izJz1uiggADtRHN3EXUhbCd6mknUaYaTRBzQ18DeOdDfwXJzpeCxW96JEqNH5MrkODalxpOe3Vju9uDCnNkJfOh0fzJtWv9zRczvaW1iMA2fh+rUVMdlKLLBW5bNJ3bpQbNuCNg/92CThL/iozycstxvitW2b8eGtJ3ix21PGPRsfs9/f6hyOdrfDqJvQVVPR8LugDn+dQVYJO7zY4DSAVXsS2KzBtDxXII0owBWP+LCaLrN0e+wOm1+e11kpqRBYBmNS7hyH3aZ5XyHaTobjrq35BihTap7aRDj3UpQVvdFmJ3Gw8BNe+brbWPtVnISZ73jw32CRTDJOEaXyf4V0bzvr42ZapNAPAHmlSELuH1IEyLT+6WDroaqTV98owm1UMmD6L+6flDkXzmlBcPGEk4hGYdi/YLFO1ac8/36gWU1OUeomiUg7F1Tt8vMnF1hen12pmAmzzbH9Hkb09VibmllNVGCAQSs73+68dA30p40iY/n0dsFfcc9DWxh5HNVRfhhbA7CD9r79NY/SfUwLbvgt9j+Yf1sJx0EF9+yjhFy7DwXXtOAvpFiQi9WRgyGeIC0X7v2374W6AbzO4EjyrNGVNwvDyYOeA27k4soUHPn1zIPHJjURwCgAyOnXYIILYPaZNs3bEedEoFk2lIVKN2u2daTgkbaP/Q7NKNzyh1NA0B6vlSfVxkRcoDH3DWuXh+tl5YOoIXm8HUlT+0ehQ0CJzZlD6J23GpaEX+Vhl0lDPom9t32DTuTNW5UcswTfB1/NM4c+ykYXxEv8W+HBZDrsxqTplU7g7FMbN0VPULoywUpdiqR2cIZMsrOYN+yRkTPPfqWsuaNHMzE1WXZPekZZYLjKMZcZnaRUbhk7DpcuI0VkDznTZ9fO//Ry9pRBUmaUECWhK8mImx5w44RQP8NXjXEde2Jv7DPdyMrNPdwOIK8sFp9xbSBaun2Sdn5dUlbFDvJDZ1F/9ya4UG+7+HmYijVgp25fFR9sZs0310i2sJZGdz5LNQjmurQsRqqoljXogV0BubUyVKCxdID9C7goy4oNr7x45uMaKdN9nY3X4HCJWiatljMJ5HtTP+sLuNOvwj6NHfa8QafBgRknlL34EZEn39LkDNYYNGAZmBemB1MRIyL9/grEp1qB0BbmLZodS4+1y1ncB0v3MoC30+VvA0MXtyItPD4oSl9vo3YN19sWkZ0hQ5r9wZGbvJGNHMgSdrleMTUEf5jJocT7Zj5OZSoYtIMH6XbIJpScXouLotH+ouf8ueFthBQDVQy8Mjrtn1KdcN/8nRWzvwQbrdHLxLtfIiDH8oXGEP1HlMSjKx2hQijPcU5SJLK7naQkQWU+piA=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB3050694DE1DE20B552CA940089929HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9d9696fb-dd9d-4b8b-0b5f-08d9a381bbb2
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Nov 2021 13:06:24.3212 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: SFy6ll1kTn/EuAM3Yw2TxU+pX1QUetMKQ3/TfnwwK8stHERQserjlbSML3hbH/q6xcs7AwtDw4nG4OrcpSN8orfibO7pC+xWw940plY0agE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3659
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/mZ3zz5KngiSkEiGPrDcWESKzSdw>
Subject: Re: [COSE] HPKE for COSE
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Nov 2021 13:06:34 -0000

Hi Hannes,

See inline

Cheers,
John

From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Date: Tuesday, 9 November 2021 at 07:57
To: John Mattsson <john.mattsson@ericsson.com>, cose@ietf.org <cose@ietf.org>
Cc: Russ Housley <housley@vigilsec.com>, Brendan Moran <Brendan.Moran@arm.com>
Subject: RE: [COSE] HPKE for COSE
Hi John,

Thanks for looking at the document.

My responses are below:

From: John Mattsson <john.mattsson@ericsson.com>
Sent: Tuesday, November 2, 2021 2:27 PM
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>; cose@ietf.org
Cc: Russ Housley <housley@vigilsec.com>; Brendan Moran <Brendan.Moran@arm.com>
Subject: Re: [COSE] HPKE for COSE

Hi Hannes,

- I am positive, I am very fond of HPKE in general, but I think the draft fails to answer the question why. Why is this useful for COSE? What is the benefit compared to using the currently defined Ephemeral-Static algorithms in COSE?

[Hannes] The answers to the question of why the IRTF needs to standardize another public key encryption specification (given that there are already many out there) is found in the HPKE specification. In the introduction the HPKE document says:

“

   Currently, there are numerous competing and non-interoperable
   standards and variants for hybrid encryption, mostly based on ECIES,
   including ANSI X9.63 (ECIES) [ANSI<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#ref-ANSI>], IEEE 1363a [IEEE1363<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#ref-IEEE1363>], ISO/IEC
   18033-2 [ISO<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#ref-ISO>], and SECG SEC 1 [SECG<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#ref-SECG>].  See [MAEA10<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#ref-MAEA10>] for a thorough
   comparison.  All these existing schemes have problems, e.g., because
   they rely on outdated primitives, lack proofs of IND-CCA2 security,
   or fail to provide test vectors.

   This document defines an HPKE scheme that provides a subset of the
   functions provided by the collection of schemes above, but specified
   with sufficient clarity that they can be interoperably implemented.
   The HPKE construction defined herein is secure against (adaptive)
   chosen ciphertext attacks (IND-CCA2 secure) under classical
   assumptions about the underlying primitives [HPKEAnalysis<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#ref-HPKEAnalysis>],
   [ABHKLR20<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#ref-ABHKLR20>].  A summary of these analyses is in Section 8.1<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-08#section-8.1>.
“

Could they have taken a different route instead of inventing yet another public key encryption scheme? I think so but it is not for me to decide this.

What mattered for us as a consumer off the technology is that we wanted to re-use code. Since HPKE is already used in TLS and MLS, there was plenty of code available.

A developer can still select to use a different public key encryption scheme, if they want. Hence, we are not imposing any restrictions on developers. For firmware encryption with SUIT, however, we care about interoperability and a small number of options. Hence, in SUIT there are only two mechanism specified at the moment, namely one based on AES-KW and the HPKE version.

[John] Yes, I know the motivation for introducing HPKE in general, I think I actually suggested parts of the text you cite :)

I personally think introducing HPKE in COSE is a great idea and I will support adoption of this document, but I still think the draft should motivate shortly why introducing HPKE in COSE is a good idea. I also think the draft should also give some info to readers why they should use e.g. "HPKE/P-256+HKDF-256" or "ECDH-ES + HKDF-256" and if there are any differences. I don't think that is not obvious to most readers. I think many users would be a bit confused by two very similar key echange algorithms and wonder if there are any big differences.

What you write about code reuse between different protocols is a good motivation. I think you should add that to the document. You could also add something similar to what I wrote in the other email that this allows COSE to automatically use all future HPKE KEMs including PQC KEMs.

- Are the CEK and the layer 1 needed? Layer 1 and 2 are two layers of key encapsulation on top of each other. Why not use the the KEM shared secret directly in COSE_Encrypt?

[Hannes] They are not needed but using this design provides a nice benefit: We can now use this for encryption of content that is shared with multiple parties at the expense of only a single additional encryption operation. In the draft we encrypt the CEK and then the CEK is used to encrypt the plaintext. Applied to firmware encryption, we can therefore encrypt a firmware image and use HPKE to share the CEK with many different recipients securely.

[John] I think it would be if the draft added something like the above text to clarify the use case of encrypting once for several recipients. Document should also shortly mention the privacy disadvantages, that an attacker can trivially see that the recipients got the same message.

- Is the intention to reuse Encap(pkR) several times? If you want to reuse the same encapsulation several times it might be better to use the salt parameter in HPKE or the IV parameter in COSE_Encrypt. The requirements on these parameters would be much lower than on the CEKs that have very randomness requirements.

[Hannes] This was not the intention. If this is not clear, then I need to clarify this aspect.

[John] I think it might be enough to clarify that the two layer CEK design is for encrypting once to several recipients.

- The IANA registration follow directly from the HPKE draft. Can we do something smarter here so that any registered HPKE KEM can be used in COSE? There are already new more ligthweight KEMs suggested that might be a better fit for COSE. We can also expect registrations of all of the NIST PQC KEMs.
https://datatracker.ietf.org/doc/draft-harkins-cfrg-dnhpke/

[Hannes] I will respond to the IANA aspect in my second email.


- Editorial. I would suggest the following changes:

OLD "defined in RFC 2630 [RFC2630]"
NEW "defined in CMS [RFC2630]"

[Hannes]. Will be fixed with the next iteration.

Ciao
Hannes

Cheers,
John

From: COSE <cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>> on behalf of Hannes Tschofenig <Hannes.Tschofenig@arm.com<mailto:Hannes.Tschofenig@arm.com>>
Date: Monday, 25 October 2021 at 18:58
To: cose@ietf.org<mailto:cose@ietf.org> <cose@ietf.org<mailto:cose@ietf.org>>
Cc: Russ Housley <housley@vigilsec.com<mailto:housley@vigilsec.com>>, Brendan Moran <Brendan.Moran@arm.com<mailto:Brendan.Moran@arm.com>>
Subject: [COSE] HPKE for COSE
Hi all,

We have just submitted the initial version of hybrid public key encryption (HPKE) for COSE with draft-tschofenig-cose-hpke-00

This document was produced based on a discussion in the SUIT working group where we use HPKE for firmware encryption. The believe is that HPKE can be a more generic mechanism useful for other applications beyond SUIT.

We would like to have an agenda slot at the next meeting to introduce this work to the group.

Ciao
Hannes

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://www.ietf.org/mailman/listinfo/cose
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email