From nobody Fri Apr 15 12:25:07 2022 Return-Path: X-Original-To: dnsop@ietfa.amsl.com Delivered-To: dnsop@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C724A3A0FFF for ; Fri, 15 Apr 2022 12:24:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.109 X-Spam-Level: X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BFAk9qPq1LhZ for ; Fri, 15 Apr 2022 12:24:40 -0700 (PDT) Received: from mail5.verisign.com (mail5.verisign.com [69.58.187.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE11D3A1081 for ; Fri, 15 Apr 2022 12:24:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=9654; q=dns/txt; s=VRSN; t=1650050680; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=56+6VS612RlwfosVlisY3uH2mFSahJnG3UzDRTUsalc=; b=IaQnRBluU4U0gTFHLmM3qC8RbIKLBuCZFLo3p+mHITR6y7I467NRuAxN fQjJUYFfVmnVLtTN/fUrFVeafHdF3eU9qzmn/pOnEPyNYGSlW6x8LuLPS 6Qm10psEZYek2nCzlQqoG9YfbWcpUMlzt6TlZ/8U5u8iMNxspaHfFi1Ud 0R5U48sX9UXzkJKqgNSHim1ZBjVDTsXnyTBPB9UPZ5nibaipLCt8uazSR IxrDR/C8j4wff7ysrf4v0VKXD/kvH/wdLpQRD0Vfv1uHzNrpXaLmwDN29 bOHLd1ki+u5gI4sLtQNAHx2QogW2KwK8Kgb6RC5CZABa9B8ftbxEqh4n/ w==; X-URL-LookUp-ScanningError: 1 IronPort-Data: A9a23:MeoiGqtTYzPkk0ewZoLGD7THlefnVOpeMUV32f8akzHdYApBs4E2v jNfGTXfaa7OOz2rZJktO86x6Alf7siEipMhHTLYn1l2SnNPpIzdWs/xwizYY3LIcMTNEhI84 ppGMdSecZhoHy6N9hunYrS+/HVyhPqET7akBuSeNy4uFQQ1GXd90Uo9w7Jii9Yyi4HhCAqG4 bsezyGx1HqNglaYZUpIsfrYwP8WgNzypC8A7Bt5YvtQpBnSlnYUB58FOee6KH6g6GD+99PSe wq4913Fw17x/wsxEoHi1a74cwgNSaXKewSPhXtdVrK+xBNFo3Qfkf6x3DJNaVtLk2fOlNl6x c8Lro21QBo1PuvHn+FaVgFbEmZyPKJH87LdPXPlqsya1UDKaH7txvhlBQc9J5FAz9sfPY01z hBkFQ0lbgyfn/nkh/WkVfYqisUsLcLmJp9ZsXZlihrhNq6MqDs+AP1gDHS4tAvc/fuiassyH eJEL2EHUTzAfwFXIQVQT40hg6Gkh3b+eDBCtBSeoq9wyFDolKaYe0WuaHA80TwgrG64t0CJz l4qhF8VdSz2TvTCj2Htz1qsmvPXhnG8H50NC/u09/Fri1CJ2ioYDxhRT0Oy5OSw0iaCt6lkx zspFlAG8O5pnHGDTsXhRwbq5zmboQFaV9tfEuY38h3Lwa3RpByBDy0ZR2ZrAODKz/TaMgHGr HfU2YiBOAFSjVG1dZ683uiY92+8aXFIfT8Oa38KEFBc6YS5q9w61kjDHt89QP680oSlSDr9/ WuH/XM071kxYWzn9I3gpAya3Gj8znTtZlRojukCdjv9tmuVXGMhDmCRwQCzAcxode51dXHc+ ilc8ySixLpWV8vVyHXQGL9l8IyBvJ5pDhWN2TaDILF8r1xBy1b7FWyHyGgjTKvBGp9slQ7BO Cc/iysIjHNgFCLCgZtMXm6EI59CIZ7ITo25C6+OPrKiVbAqHOOP1HkGiUe4gTixwBB0+U01E c/znc2EVR72BUn7pdYfqih0PbIDn0gDKW3vqZ/T0jr4+LezPUysV7o9GX2vP7sys4TdmVCAm zpfH5PiJxR3etfYOxbx3L5LdBYUJn8hHdb/p4pJbPWFZAFhHQnNCdeImfV4JNcjxvkO0LuYl p2+chYwJF7XiXTZKAmAQm5ucrL0XJl563k8OETAOH7xgCZ8Mdb3vM/zcbM6VKsh/q9O5MUlU sc6VMTeU/5sTA3IrmF1gZ7V6dYKmA6QrRqDIye/JiY2edhsRg7K0sfjYQb1+C8VSCGwsKMWr 7u70RvzQJcfSUJlFsm+VR6051mruyECnu9iBxKNOcdJPkDt681gLGr7lPluZd8WMhOFzTyfv +qLPSolSSD2i9dd2LH0aWqs9u9Fz8MW8pJmIlTm IronPort-HdrOrdr: A9a23:UoIzaaDL0tLQ/87lHelx55DYdb4zR+YMi2TDsHoBLCC9E/bo9f xG88566faZslgssRIb9uxoUZPoKU80nqQFgrX5U43CYCDW/EWlK4145ZbvznnKC0TFmtJ15O NFf7JlANP9SXp3na/BijWQIpIFzMOc+K6lwd3CyWxgJDsGV4h74xxnBh2gHkp6eQlDCfMCf6 ah2g== X-IronPort-AV: E=Sophos;i="5.90,263,1643691600"; d="p7s'?scan'208";a="13678808" Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.24; Fri, 15 Apr 2022 15:24:37 -0400 Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2375.024; Fri, 15 Apr 2022 15:24:37 -0400 From: "Blacka, David" To: Peter van Dijk CC: dnsop WG Thread-Topic: [EXTERNAL] [DNSOP] More private algorithms for DNSSEC Thread-Index: AQHYUP5ycphYePj2lE+M8mHhH94/YQ== Date: Fri, 15 Apr 2022 19:24:37 +0000 Message-ID: <2DF5B8EA-80E8-4732-8863-F3797A780F6D@verisign.com> References: <5C105C71-B18C-4366-94F5-E8D60970109C@icann.org> <20B389EF-4909-43A0-9BC8-F57F5E332E8A@verisign.com> <1D59C3FB-4FCC-4A03-8E13-EA6902B14D2A@icann.org> <54622bd0dd3253187a9c9b69d0a1188a4d898bd9.camel@powerdns.com> In-Reply-To: <54622bd0dd3253187a9c9b69d0a1188a4d898bd9.camel@powerdns.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-mailer: Apple Mail (2.3654.120.0.1.13) x-originating-ip: [10.170.148.18] Content-Type: multipart/signed; boundary="Apple-Mail=_930197EF-870F-49EB-87CD-F19DFE244A98"; protocol="application/pkcs7-signature"; micalg=sha-256 MIME-Version: 1.0 Archived-At: Subject: Re: [DNSOP] More private algorithms for DNSSEC X-BeenThere: dnsop@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IETF DNSOP WG mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Apr 2022 19:24:50 -0000 --Apple-Mail=_930197EF-870F-49EB-87CD-F19DFE244A98 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Mar 23, 2022, at 5:45 AM, Peter van Dijk = wrote: >=20 > Caution: This email originated from outside the organization. Do not = click links or open attachments unless you recognize the sender and know = the content is safe.=20 >=20 > On Mon, 2022-03-21 at 19:32 +0000, Paul Hoffman wrote: >> On Mar 21, 2022, at 11:34 AM, Wessels, Duane = wrote: >>> Is it in response to the DNS-OARC talk we saw about implementing PQC = Falcon in PowerDNS, and they used the next unused algorithm number = rather than a private algorithm? >>=20 >> Nils could have picked 253 but probably didn't even think of looking = down to the bottom of the list. He was just following the time-honored = pattern in the IETF. :-) >=20 > (I am not speaking for Nils, to be clear.) >=20 > 253 is not for experiments - it is for private production. It requires > (as most of you might know) prefixing DNSKEY content with a private > algorithm specifier that looks like a domain name (or, for 254, with a > OID). This means if you were to use it for an experiment, your DNSKEY > content, and thus signer and validation code, would need to be changed > when you get a number assigned. Hey! There is an RFC about this! RFC 4955. If you look that one up, you might understand why I might be aware of = that one ;) That said, I didn't remember the number. Anyway, that RFC describes using the 253 and 254 private code points for = *doing experiments*. Although, to be clear, we weren't really thinking of new DNSSEC = algorithms as experiments (those would be "backwards compatible" = experiments). > So, Paul, I support the idea behind your draft, but not the current > wording. While more 253-like points might be somewhat useful, what we > really need are experimental code points with non-253 semantics. Well, we clearly don't need more code points with 253 semantics. I can = see that Paul updated it to say that (on 3/24): This document updates [RFC4034] to add seven more private use algorithms. Unlike private use algorithm 253, there is no restriction on the public key area in the DNSKEY RR and the signature area in the RRSIG RR. Thus, there are no domain names embdded in the public key or signature like there are with private use algorithm 253. This update brings the total number of private use algorithms that use the same format to eight. >=20 >=20 > Kind regards, > --=20 > Peter van Dijk > PowerDNS.COM BV - = https://secure-web.cisco.com/13BiMZSXDSomVBiVLMO81OOpFAzfdgvv6ubBC4kBzp0MF= NVxHAjB-U0ggojjjGqRr633YTsQpP9EWS2fps_2PkDMl4Npp7TAkKrLQ2C7KPz71WB0XyUMrEi= ra9LFixKJ542ReDXMA1xPBeIa1jrOCzOmcw2DovEmQ9MAC7IlFW1c37fpfSq7bAfpavOsW26_I= DGIlwEGzkC77lfGns3pefv-h8jqziBjFgyH6i56EY5jDjBvamSiQ-HHL8SWzOYmC/https%3A%= 2F%2Fwww.powerdns.com%2F >=20 > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > = https://secure-web.cisco.com/1vz4IYPF5-AIZvqtpsjPMKkgkz9QGkTMr5dT5w0nf5ZDa= qS_-qldXesfTCcYQTeol3_NPfK3d9YqfbymSWVcfqDXTQlEmOrmNcN29FH9mGE68sjotlov22q= iIl-4g_pIeY73R3IbIT0QJIVEpHXwTh2GeQ3r2InHV8vx0alG_5MogRrlrzX6b22SzZs2I5zkD= 1YgxbPt2ZPPGoo8ts3_4o2szbVNxORxLJjnkQPMkXYMyHRODX1hCyIaba4_YgTtm/https%3A%= 2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop >=20 -- David Blacka =20 Verisign Fellow Verisign Product Engineering --Apple-Mail=_930197EF-870F-49EB-87CD-F19DFE244A98 Content-Disposition: attachment; filename="smime.p7s" Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCCDN0w ggYfMIIFB6ADAgECAhADuA0Dc6a64oQdstGwJ3SrMA0GCSqGSIb3DQEBCwUAMGUxCzAJBgNVBAYT AlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAi BgNVBAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBHMjAeFw0xOTA2MDQxMjM2MjBaFw0yOTA2 MDQxMjM2MjBaMG8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjFHMEUGA1UE AxM+RGlnaUNlcnQgUEtJIFBsYXRmb3JtIEMyIFNoYXJlZCBTTUlNRSBJbmRpdmlkdWFsIFN1YnNj cmliZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmay8IyCiMMl3lgLo6BSrd LBKvx0U1KZR/8PzvS/rsZDBQJLuVgmOTaBxUrNqo9WtejI9me5HihbHKE9BtydcyC8f+8cOQOX3h Ojs0SZr2P9eXAR8SWf0p/Q/1NkYRorjjPo4z0RovEnX/cl0of7Cny0fW65tMBt/exaxQTso6Ea1i RF9U8bf6ZsFkevsNt1WKSY9X/QvWUhfoZb4fsoa8JUZkJMzb12wS/cLnWhaO5G7cqZ+E2KqhuqlP CrlUGFNVuaPcGsuZRy2X1ByMgA4VIIwNNG0RlPa+KSqpixO6RK7kWTlt5BGhgtKw7MnuDcLtM2Bc SyaPIEqZnapn5qf7AgMBAAGjggK/MIICuzAdBgNVHQ4EFgQU3LcfIDF0S5Qadq2Dgq34xqPwRF8w HwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMEwGA1UdJQRF MEMGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDBAYKKwYBBAGCNxQCAgYKKwYBBAGCNwoD DAYJKoZIhvcvAQEFMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUF BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9j cmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaGNGh0dHA6 Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwggEiBgNVHSAE ggEZMIIBFTCCAREGCWCGSAGG/WwFAjCCAQIwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj ZXJ0LmNvbS9DUFMwgdUGCCsGAQUFBwICMIHIDIHFQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIERpZ2lDZXJ0IENQL0NQUyBhbmQgUmVseWlu ZyBQYXJ0eSBBZ3JlZW1lbnQgd2hpY2ggbGltaXQgbGlhYmlsaXR5IGFuZCBhcmUgaW5jb3Jwb3Jh dGVkIGhlcmVpbiBieSByZWZlcmVuY2UuIGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEw JwYDVR0RBCAwHqQcMBoxGDAWBgNVBAMTD0RpZ2lDZXJ0UEtJLTMtMjANBgkqhkiG9w0BAQsFAAOC AQEAFTczZjttMnThPMxQyeeuZ/VeQHCNNqxCze644O19xXE0Wt3qBx1VRU/QdL4kPtAWvg9sMHhQ tLvp9ySna4uF5+ffFQeHUbX12yBrfmgATdKHP2noPeyVCXnculSqsF/F/854dBW9Z1jfMtvxp/qb TPOf9d5d1mxt+mJ4sDfvd0wl3U2wVCJMUbSXjs8alHeU6ematIwXios5sn2cQcIpMtm/ySjYvhh4 G1DMUrQdpJZTBovuXh8yA3Urq8ZgmBd6mzem450LB48fa6TQyRUZJfr26Ke8EOrBEKLovi+iTCMQ bQsR+4TEsJlJBPemkwqpcfI4V3GVYQjq63ECC2ftATCCBrYwggWeoAMCAQICEEX1DV/4e4sX5EJk jP+BlM0wDQYJKoZIhvcNAQELBQAwbzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJ bmMuMUcwRQYDVQQDEz5EaWdpQ2VydCBQS0kgUGxhdGZvcm0gQzIgU2hhcmVkIFNNSU1FIEluZGl2 aWR1YWwgU3Vic2NyaWJlciBDQTAeFw0yMjAxMjYwMDAwMDBaFw0yMzAyMjUyMzU5NTlaMG0xIjAg BgkqhkiG9w0BCQEWE2RhdmlkYkB2ZXJpc2lnbi5jb20xFjAUBgNVBAMMDUJsYWNrYSwgRGF2aWQx FjAUBgNVBAsMDUVOVEVSUFJJU0UgSVQxFzAVBgNVBAoMDlZlcmlTaWduLCBJbmMuMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweKFEG67MdRi4KwbBY3x9PHfrWES2Vm597KTkK7UIUjy F65UE6v1w6GN43QDESOMEzwLcQRU4QPIf1pWYfnBsxqSXSZdOSKMsnQ4XMnG0hGX48JMQYCuiYzD U3xpQHH+McHJgDBKFljcgpacyKVHR0YvfoMPSUjPW62ukq5MaUW3MDtVv1OjHmGX/9iUnVWMniBB SZxlg9Jv90jdL45YJzTzgraTcCPQgSMnHQJXR1ao2cvEPqH3EvZo4u82CMYbROtFAhwW+S2t39yr jWpE2va0FkvPCkKhnpxAUPEaQmmTdy2wyUZ1uA910iOExCHDkYW8CKmQABXAUMNssUJ+XwIDAQAB o4IDTjCCA0owDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAwwCgYIKwYB BQUHAwQwHQYDVR0OBBYEFFaFSmgtcRDwfRFiqt3Vq8LJCLn5MB4GA1UdEQQXMBWBE2RhdmlkYkB2 ZXJpc2lnbi5jb20wHwYDVR0jBBgwFoAU3LcfIDF0S5Qadq2Dgq34xqPwRF8wfwYIKwYBBQUHAQEE czBxMCgGCCsGAQUFBzABhhxodHRwOi8vcGtpLW9jc3AuZGlnaWNlcnQuY29tMEUGCCsGAQUFBzAC hjlodHRwOi8vY2FjZXIuc3ltYXV0aC5jb20vbXBraS9kaWdpY2VydGMyc2hhcmVkc21pbWVjYS5j cnQwXQYDVR0fBFYwVDBSoFCgToZMaHR0cDovL3BraS1jcmwuc3ltYXV0aC5jb20vY2FfNGI1ZDVm ZDNiMjY1MWIzNTIyOTBlMzY0NmFiY2MwMDEvTGF0ZXN0Q1JMLmNybDCCASIGA1UdIASCARkwggEV MIIBEQYJYIZIAYb9bAUCMIIBAjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzCB1QYIKwYBBQUHAgIwgcgagcVBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgRGlnaUNlcnQgQ1AvQ1BTIGFuZCBSZWx5aW5nIFBhcnR5 IEFncmVlbWVudCB3aGljaCBsaW1pdCBsaWFiaWxpdHkgYW5kIGFyZSBpbmNvcnBvcmF0ZWQgaGVy ZWluIGJ5IHJlZmVyZW5jZS4gaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTBCBgkqhkiG 9w0BCQ8ENTAzMAoGCCqGSIb3DQMHMAsGCWCGSAFlAwQBAjALBglghkgBZQMEARYwCwYJYIZIAWUD BAEqMC0GCmCGSAGG+EUBEAMEHzAdBhNghkgBhvhFARABAgIBAYO+/44sFgYyNDc2NjQwOQYKYIZI AYb4RQEQBQQrMCkCAQAWJGFIUjBjSE02THk5d2Eya3RjbUV1YzNsdFlYVjBhQzVqYjIwPTANBgkq hkiG9w0BAQsFAAOCAQEAgGYA/KUA8DSCBZqCccLTOwYWJHBN4kR1IbYJP00koaigKzB6ZlRrOrdR hL3BlIOVJKfnf0IY0QRa8ABAUtw7q4QUwg9F//l8+db/Tn7Z80ruT/5FK+MPEhEXmTA8gKPG4oNJ jprkP20xx0PSwGWZ5qt9vn40Drye+aG0RiOJ/y32+Rp7oHjjEYT47F+F+34/fsKIab8GaKsUWK4t BDb+VZra+Tj4IrmnkKeYnGDZwhmbPPCWLrY6Uli2XdCcxJQHvn/Bumcyj1M5jgSQHI5ObToH6J3L yPbLkn60NFu3a8NFEe4aVnshC+2ZXktCEBCtbSNsPbbyJBr735uh3kXO3DGCA0wwggNIAgEBMIGD MG8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjFHMEUGA1UEAxM+RGlnaUNl cnQgUEtJIFBsYXRmb3JtIEMyIFNoYXJlZCBTTUlNRSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EC EEX1DV/4e4sX5EJkjP+BlM0wDQYJYIZIAWUDBAIBBQCgggGZMBgGCSqGSIb3DQEJAzELBgkqhkiG 9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTIyMDQxNTE5MjQzN1owLwYJKoZIhvcNAQkEMSIEIAHh994w N7VVmYZ/iyNwmrLFFUB1mRjnX0+FiMdu9zH8MIGUBgkrBgEEAYI3EAQxgYYwgYMwbzELMAkGA1UE BhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMUcwRQYDVQQDEz5EaWdpQ2VydCBQS0kgUGxh dGZvcm0gQzIgU2hhcmVkIFNNSU1FIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQQIQRfUNX/h7ixfk QmSM/4GUzTCBlgYLKoZIhvcNAQkQAgsxgYaggYMwbzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRp Z2lDZXJ0LCBJbmMuMUcwRQYDVQQDEz5EaWdpQ2VydCBQS0kgUGxhdGZvcm0gQzIgU2hhcmVkIFNN SU1FIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQQIQRfUNX/h7ixfkQmSM/4GUzTANBgkqhkiG9w0B AQsFAASCAQCFgySeElkQDuwvfmzMlNTB0DApFHETQbgnrjXvF6uO6i789x5fwxu5fo9SSuAbuqSN S/cAXDiwstB3N4txBtG/ncg5hWLL3yyZZpbHneI/mrVMCNzhgyogvqhNAUKQ0QoRB92YhL9abFOr ugeKShBNLqL9M9IdksCG1kSVnIHRLi/lrDKjmZBaU50Mk4QNcP39lOSdSCDO537qEf8PVmpWXi2o /nYU+ZSFBRSywTQf60G8txMTeojazaQnE4eVdeDWezT9hCHYClE20j1NJ122hfJxPwnrPVzFBjbN VsEIuSMkq3DbcN0RbFm8nvcm5uliXtr2t5ZRFYK0b1d4lQk1AAAAAAAA --Apple-Mail=_930197EF-870F-49EB-87CD-F19DFE244A98--