IETF Logo Mail Archive

Re: [**EXTERNAL**] New Version Notification for draft-mudric-6man-lcs-00.txt

"Mudric, Dusan" <dmudric@ciena.com> Thu, 20 August 2020 13:09 UTC

Return-Path: <prvs=95013b8032=dmudric@ciena.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 809B33A08CD for <ipv6@ietfa.amsl.com>; Thu, 20 Aug 2020 06:09:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ciena.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gMfGjz37UU_S for <ipv6@ietfa.amsl.com>; Thu, 20 Aug 2020 06:09:16 -0700 (PDT)
Received: from mx0b-00103a01.pphosted.com (mx0b-00103a01.pphosted.com [67.231.152.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DF4C3A08C4 for <ipv6@ietf.org>; Thu, 20 Aug 2020 06:09:15 -0700 (PDT)
Received: from pps.filterd (m0222748.ppops.net [127.0.0.1]) by mx0a-00103a01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 07KD6hYF008059; Thu, 20 Aug 2020 09:08:19 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ciena.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=06252019; bh=hw7jMbLgBspfULD4nkut6qFx3V4SyObl3A94n+QtEns=; b=bGU/+plWDjANl6iBvWtl624DjAct9ddQd12myMS0V4zrhOOq7Hkw6G/o+o9OpPs8mZyr ehIlpWROee/MjnqdHXsen3u8yqA9Xm8Y3Huh9x9phd61+9nBkhafALxHqVnEPP23TGwh emshK3OQjkiCEfIIqdflJyH/6pAagdih3XwTKvfa53cfzLsj4Drz+KU6ddeUx/Tu3Nq1 /nSzwuzefKo+rYiLaWGqc5IzlSzrvGMTtRUqRBpRdG/14vkhcfJzfyN19XMX/8oHQ9kz XGKX9wQBGyIyVEN09qTUJ70/Cgo9p5amgaN5jlV+zRy+Zq30rct7JwI/ccIN0ruK2chq Kw==
Received: from nam04-sn1-obe.outbound.protection.outlook.com (mail-sn1nam04lp2057.outbound.protection.outlook.com [104.47.44.57]) by mx0a-00103a01.pphosted.com with ESMTP id 331ryj03mn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 20 Aug 2020 09:08:19 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KekCvMwH2XS8dEz2btUczGdBT/jrpo6uxi7zcfyF2pTIkLzdFSRgB+i4nLj/jei4jkHKRG7Wv4alW21i57J2cQHo0emzGPkGjkF8B1HaYPey6z2WfSp5oja9Qd2y4w/FDWkUd5KJKnABDawQ44rv0klPtyedXx4WPd1q3VzWAvEDHFBOWUKCCaA35M7dG73WJ5k8m+HDO0t/47prmIm2FvgeiZS3jB4l09PtNmkhskl1jUARqBrvCacQd0FxWMiWMuXOLI6m6JHgo4ffziLTAIdYFpVY9Gj98pRLqy0AESKLyooaiQb8OjOnPqnlNPKynC5INf0j79GSBDpwnIWVgg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hw7jMbLgBspfULD4nkut6qFx3V4SyObl3A94n+QtEns=; b=BelLkrSQnc39jppWwhoXwVCd/qDtXpvz84Zz8HMFmzyNUR20h4AGvbiPlZbKUEw1/ydjC4cERIAqNOKBgcZnOHw7iuRSth3JgfU2SZTA9grM2r2jLfVqrltHeYWQ42q8e8afIsM+L/RrcFzOzYBOjZbw/2/QZrIjjd0ScZywap4inQYms8Ckq3CUyxnP6y9QiTyAIkx6N1An/qRQJCbKfQA3mJ8S0u9ck8htMekFD1mBsHM9VJ/boOLt5vP5DUH6Ef6+CnjipFf4igyAQN50TgpxvknNHpo37CHZTMjs8oE+OP/SqNo16/6sWOtOeVG+JCaqfKG8M7eV5E9TYhE+2w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ciena.com; dmarc=pass action=none header.from=ciena.com; dkim=pass header.d=ciena.com; arc=none
Received: from DM6PR04MB6459.namprd04.prod.outlook.com (2603:10b6:5:1e9::15) by DM6PR04MB5468.namprd04.prod.outlook.com (2603:10b6:5:111::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3305.24; Thu, 20 Aug 2020 13:08:17 +0000
Received: from DM6PR04MB6459.namprd04.prod.outlook.com ([fe80::d457:7534:8f7:5829]) by DM6PR04MB6459.namprd04.prod.outlook.com ([fe80::d457:7534:8f7:5829%9]) with mapi id 15.20.3305.026; Thu, 20 Aug 2020 13:08:17 +0000
From: "Mudric, Dusan" <dmudric@ciena.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>, Vasilenko Eduard <vasilenko.eduard@huawei.com>, "ipv6@ietf.org" <ipv6@ietf.org>
CC: Dusan Mudric <dusan.mudric@gmail.com>
Subject: Re: [**EXTERNAL**] New Version Notification for draft-mudric-6man-lcs-00.txt
Thread-Topic: [**EXTERNAL**] New Version Notification for draft-mudric-6man-lcs-00.txt
Thread-Index: AQHWdZq//bMpLuqeGEWlocGkdRrBg6k+GGeAgAEY1YCAAAGnAIABiXIA///7VgA=
Date: Thu, 20 Aug 2020 13:08:17 +0000
Message-ID: <9FCEF658-F83D-45E2-B8DF-05DB0E356733@ciena.com>
References: <159775749187.6074.7781417320413333605@ietfa.amsl.com> <1F96ECCE-F0EF-4421-AB3E-71E1A3CE5458@ciena.com> <eb68c67487aa4f178756e9452d197774@huawei.com> <9B24B9D1-28D5-468C-88F9-7F124EC288F7@ciena.com> <961413da-36f7-bee1-3b17-7d2013ca1d5d@gmail.com> <EAA6961D-4836-4C40-972C-70BB0B65EB4C@ciena.com> <00493252-56d1-965d-0c85-47ffe6775704@gmail.com>
In-Reply-To: <00493252-56d1-965d-0c85-47ffe6775704@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.39.20071300
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ciena.com;
x-originating-ip: [165.225.209.48]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 20fcbb03-761f-45cc-ffab-08d8450a1ad0
x-ms-traffictypediagnostic: DM6PR04MB5468:
x-microsoft-antispam-prvs: <DM6PR04MB5468431BBEEF274ADA41CF59B55A0@DM6PR04MB5468.namprd04.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: GAFK3Xoj6orvPtDnwQSz4tUdqV6c6GI8cDwGsXOAA9fB67P8U1zVyNxuH+O59JDIw3H/8DenWWJXlktAS628HSanx9mopUbYw7wlPAkoCogvddloBkBErduj7NdC8rJs85KW/FAnvbvNEKtPT1+IqD8uyqX7KI6IYB+S05KZu/6LoMKkx+bpgUnU1elhuuxsNh+znshGSGuuy1w8974+HAbH6QwjrywB9TPsMw/Y8mzoi10o0fRrd0Bms/GJ2x87nsOSIM6NHekvFDWr8vZdDOABVWNLOjorVeeNxrUlgJTj4fbaKKXwJttZW1L9zAfhBlqAljWGZM9schWe1hMYr1BtHPVLd88iq2BimDFZwxHuhHgjOhIhgzcAdto0MAM5O/7gaj6yn0QDEjiz6ErN9Q==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR04MB6459.namprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(346002)(366004)(136003)(39860400002)(396003)(64756008)(8936002)(110136005)(33656002)(66446008)(36756003)(26005)(66476007)(66556008)(316002)(8676002)(966005)(478600001)(2616005)(5660300002)(2906002)(186003)(83380400001)(6512007)(66574015)(6486002)(76116006)(86362001)(15650500001)(55236004)(4326008)(53546011)(6506007)(91956017)(71200400001)(66946007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: L46Vm+/q0C/nt4Xrta+16325uFwq2kwutY82n3d/eSrQg/9iNFzx5xQtpu1YWLCrhXD1Ak9HkBmqtD6NK9Pnl113KW+bwKnOtRrUELjjy4Zj/N4+8jJs6tg5YWCR5JZqbpqHKtZ3oMF7/Wb+SyEv5XdzDLRryXRMYs8jcVhmj0RzrHUrg8enpRtWlYZOnV1p1GLyTZou9h3krgXieUjQ3UOe4mdAhyMBWkULsLX6z+0q7OJb6OvCK7S1ZsU44114iBkraM0Oq6/wirVa8xcX4JvdedalwiASflufLXDvGmnmRYzBeb52+bT+V49qrKXGjidsj/V/Evg8roBWsN/ljjdAyMTSBo1WutMd9aryCmJrGH0rj0vRbUsS74aIeTPcj/GaCJ55p1gKF9shUjtYe4MOc6veP786i7nakdjdN8Do7VS+wcnUAF6vB51bszZ7YWYRogYOvJmPwlox48dhvX8+OrxH7EdOpdI6diRoU5bTSucH4Ejs3KjSwf0lleLF9jfD7ZVtzUvqfnq0CkRqhGK9gLJsCRIFyK7ImDB80xyeU32bGR1O9Z0vMTurHoIql9VLWD7SxgjDYe8u3tQkKG99UtIxtfwufcSOcltDpSPNsIV8sUZeqctaa56p/oetLHdbnpXIZjnawx+RWlHjGA==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <553FB201F040D949905D2FA40AE3EAE8@namprd04.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ciena.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR04MB6459.namprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 20fcbb03-761f-45cc-ffab-08d8450a1ad0
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Aug 2020 13:08:17.3873 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 457a2b01-0019-42ba-a449-45f99e96b60a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QUJZ7spLfVgVLNNsZiDpXVP6nTkMWq9xW3LhWFEwTajtXaBsbUlF1dYFJawZEs6Mf4y7meMdpdWv0HQ6IhOETw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR04MB5468
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-08-20_03:2020-08-19, 2020-08-20 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/y98QEdTGloPZhxT4a0O4Izhu6Ro>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2020 13:09:19 -0000

    On 2020-08-18, 4:04 PM, "Vasilenko Eduard" <vasilenko.eduard@huawei.com> 
    wrote:
    >
    >      Hi Dusan, Hi Alexandere,

    [Alex] Thank you for the reply.  We carefully consider the comments.

    We identified a corner case of communicating on the same link.  In this 
    corner case the RFC6724 recommendation creates a security problem.

    Rather, we recommend to use the least possible scope that is 'common', 
    i.e. it allows to reach the other.  In other words, use a LL src even if 
    the dst is a GUA (GUA on the same link).

    (maybe the 'least common scope' is not the best.  Because by RFC 4291 
    "Addr Archi" the LL and GUA are not the same common scope, even though 
    one might imagine that link scope is included in a 'global' scope, and 
    thus the least common scope between LL and GUA is the LL scope; it is a 
    notion borrowed from set theory, an intersection; another difficulty 
    with 'least common scope' is that Global in GUA is not a 'scope' but a 
    characteristic of the uniqueness; and 'Global Unicast' is an address 
    'type', not a scope.  To make things worse, 'types' of addresses  could 
    be more than just LL ang GUA; other equally legitimate address types are 
    'unicast', 'multicast' and 'anycast', and also 'Unspecified', 
    'Loopback', 'Multicast'; and there are sub-types too.  So, maybe a more 
    precise recommendation would be to 'use an address type whose scope is 
    the least possible to reach a given destination', or 'least possibly 
    scoped address type', instead of 'least common scope'.)

    > RFC 6724 does have big attention to choose addresses with  smallest
    > scope - section 3.1.

    [Alex] That section 3.1 is about mapping multicast scopes to unicast 
    scope, in order to give reason to comparing the scopes of unicast. 
    However, a 1-to-1 mapping between these two scopes is hardly 
    understandable.  In particular, there still exists a site-local scope 
    for multicast but no longer for unicast.   And, there exist a unicast 
    ULA global scope that is not reachable (it's global in that it is 
    uniquely global, not because it is globally reachable - 'reachable' a 
    word not in dictionary anyways :-).   So it's hard to see its multicast 
    counterpart: either it's globally reachable or it's site-local (cant be 
    both).

    (In a multicast context it's not possible to use a multicast address in 
    the source of the packets; so in a multicast context one couldn't talk 
    about same-scope recommendations.  Moreover, there should not be 
    blockage to sending packets of ll scope to global mc scope.  _If_ we had 
    a src multicast possibility then yes, there could have been a good 
    recommendation of same-scope src-to-dst multicast-to-multicast packets. 
    But we are not concerned with that here.)

    Because of the impossibility of the mapping that I mention above, it's 
    impossible to come up with rules of same scope use in unicast context. 
    And thus the effort of mapping seems without success.

    > Then scope is at the second priority for section 5 "Source Address
    > Selection".

    [Alex] Rule 2 might not lead to what we want.  The execution of that 
    rule using input parameters SA==GUA, SB==LL and D==GUA leads to select 
    SA (a GUA) as src; we dont want GUA in src when the destination is GUA 
    on the same link.

    [Dusan] It is rather DASA rule 8:
        Rule 8: Prefer smaller scope.
        If Scope(DA) < Scope(DB), then prefer DA.  Similarly, if Scope(DA) >
        Scope(DB), then prefer DB.

     I think the order of address selection should be:
     - DASA Rule 8 to select LL destination address, preferring the smaller scope, and
     - SASA Rule 6 will select SA-LL source address that has the same label as destination DA-LL address

    Section 10.2 example:
    "   Candidate Source Addresses: 2001:db8:1::2 or fe80::2
         Destination Address List: 2001:db8:1::1 or fe80::1
         Result: fe80::1 (src fe80::2) then 2001:db8:1::1 (src 2001:db8:1::2)
         (prefer smaller scope)"

     This means a host needs to autodiscover a destination LL address, before applying DASA Rule 8.
     The details of this mechanism will be provided.

    > I have not understood what else you need? IMHO: it is better to 
    > clearly state what particular sentences in RFC 6724 you would like
    > to change or amend.
    [Dusan] For ON-LINK D-GUA, SASA cannot be done until On-Link check and LL address 
    resolution are completed. A socket API in  RFC5014 would get a 
    destination GUA or ULA, and:
       - Need to do ON-LINK determination, and
       - Obtain LL address for ON-LINK destinations (LL address resolution).
    Otherwise:
       - Rule 8 can be updated to check if a destination (with its DA-GUA and DB-ULA 
    addresses) is ON-LINK, and obtain and use LL address for  ON-LINK 
    destinations.

    The second approach makes SASA dependent on asynchronous communication 
    with the ON-LINK destination and is not a preferred choice. If the first 
    approach is used, there is no need to update RFC 6724.

    > I suspect that finally you would come to the problem how to find LLA
    > for particular GUA?

    [Alex] Yes, probably that problem.  As a solution, it is not impossible 
    to find the LLA of a particular interface that is is present as a field 
    in an entry in a routing table whose first field covers the GUA 
    ('covers' - as identified by a longest-prefix match algorithm).

    > even for the case when proper GUA prefix is 
    > announced from local router with "L" bit set. Because GUA and LLA 
    > could have different interface ID.

    [Alex] Yes, could.

    > GUA has been fetched from an Active Directory or DNS.

    [Dusan] Or assigned by DHCPv6 (e.g. a destination host server address)

    >      Where to find LLA for the same host?!?
    >      Is every host should register all their addresses on default 
     >      router? to find correspondence.

    [Dusan] No.

    >      What is the protocol to fetch this correspondence?

    [Dusan] Host already have defined on-link determination, RFC 4861. If 
    DA_GUA prefix:
    " - is covered by one of the link's prefixes (e.g.,
         as indicated by the on-link flag in the Prefix
         Information option)"
    "A node considers an address to be on-link".

    The same RFC4861 defines
    "     Address resolution: How nodes determine the link-layer address of
                     an on-link destination (e.g., a neighbor) given only the
                     destination's IP address."

    If the DA is ON-LINK, a host can resolve DA not only into the link-layer 
    address, but, with extensions, into DA_LL address.

    > Nope. It would not fly... Not on this planet.
    > 
    > Correspondence between GUA and ULA is potentially possible to keep
    > in Active Directory. It looks like operational recommendation to 
    > corporate IT: use ULA and populate it into DNS and Active Directory
    > with higher priority (if you need GUA at all for internal resources);
    > use ULA and GUA for ordinary hosts. >
    > I do not see why you need to change RFC 6724 for this - host should
    > automatically choose ULA in this scenario. The fact that ULA is more
    > secure is not a big secret. >
    >      Eduard


         >      -----Original Message-----
         >      From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of 
    Mudric, Dusan
         >      Sent: 18 августа 2020 г. 16:56
         >      To: ipv6@ietf.org
         >      Cc: alexandre.petrescu@gmail.com
         >      Subject: FW: [**EXTERNAL**] New Version Notification for 
    draft-mudric-6man-lcs-00.txt
         >
         >      Hi,
         >
         >      Please provide comments.
         >
         >      Thanks a lot,
         >      Dusan.
         >
         >      On 2020-08-18, 9:31 AM, "internet-drafts@ietf.org" 
    <internet-drafts@ietf.org> wrote:
         >
         >
         >          A new version of I-D, draft-mudric-6man-lcs-00.txt
         >          has been successfully submitted by Dusan Mudric and 
    posted to the
         >          IETF repository.
         >
         >          Name:		draft-mudric-6man-lcs
         >          Revision:	00
         >          Title:		Least-Common Scope Communications
         >          Document date:	2020-08-18
         >          Group:		Individual Submission
         >          Pages:		5
         >          URL: 
    https://urldefense.com/v3/__https://www.ietf.org/internet-drafts/draft-mudric-6man-lcs-00.txt__;!!OSsGDw!f7qBGY2iA8pCnxJAbIUGbxahnxInuh9WqA0MxmIe6D_mOhy38kXzuv1SQv-G$
         >          Status: 
    https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-mudric-6man-lcs/__;!!OSsGDw!f7qBGY2iA8pCnxJAbIUGbxahnxInuh9WqA0MxmIe6D_mOhy38kXzuq3WYxzi$
         >          Htmlized: 
    https://urldefense.com/v3/__https://tools.ietf.org/html/draft-mudric-6man-lcs-00__;!!OSsGDw!f7qBGY2iA8pCnxJAbIUGbxahnxInuh9WqA0MxmIe6D_mOhy38kXzuvX3ounT$
         >          Htmlized: 
    https://urldefense.com/v3/__https://datatracker.ietf.org/doc/html/draft-mudric-6man-lcs__;!!OSsGDw!f7qBGY2iA8pCnxJAbIUGbxahnxInuh9WqA0MxmIe6D_mOhy38kXzuqfeyVD5$
         >
         >
         >          Abstract:
         >             This draft formulates a security problem statement. 
    The problem
         >             arises when a Host uses its Global Unicast Address 
    (GUA) to
         >             communicate with another Host situated on the same link.
         >
         >             To address this problem, we suggest to select and use 
    addresses of a
         >             least scope that are common.
         >
         >
         >
         >
         >          Please note that it may take a couple of minutes from 
    the time of submission
         >          until the htmlized version and diff are available at 
    tools.ietf.org.
         >
         >          The IETF Secretariat
         >
         >
         >
         > --------------------------------------------------------------------
         >      IETF IPv6 working group mailing list
         >      ipv6@ietf.org
         >      Administrative Requests: 
    https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ipv6__;!!OSsGDw!fONP9f1G2DpYm4hiHyFwVVjqExwPBwSwmSlxAzxAgzOnTGru3lZoLcdvdYKG$
         > --------------------------------------------------------------------
         >

v2.23.0 | Report a Bug | By Email