IETF Logo Mail Archive

Re: [OAUTH-WG] -security-topics-13 and OIDC response types + form_post response mode

Mike Jones <Michael.Jones@microsoft.com> Thu, 09 January 2020 23:21 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B486E12003E for <oauth@ietfa.amsl.com>; Thu, 9 Jan 2020 15:21:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B6ucDx0SfYzV for <oauth@ietfa.amsl.com>; Thu, 9 Jan 2020 15:21:09 -0800 (PST)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-eopbgr650110.outbound.protection.outlook.com [40.107.65.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6E1B120831 for <oauth@ietf.org>; Thu, 9 Jan 2020 15:21:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HroqyGfaouHpkLplchqYrbTnWPHeKaY3pLZduaOmtn650Ucc4Zuhu4VR/gSpgJfKOrwWdkWx+FEGSEtaDmdFJp/mxVY1ZspW+V24hH/GteGW/n52JsJxDNTh3CS/YIOvO2g0gGincG/uNY4z7jkOBn9WReFt4St8sCOU8uG3wCtRK0lBsNUYnydVgoKSEhPSOijx0R3KRgVbLMA6wNOdCcXyOeHdm98hUftLlUD4zh/fzzXqPEqPnR/p+wvUU0j82gWIsdn6bEQhU2pVz4MQ9bXra8LpztI3jDDNSLluzyBTW+37w4b3VFlC1AqNSiYUL5Fh/WaUR6+jJVdMaOQb6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zeL13pAWGGUgQv6hu7k0oRa/8ugehiWUFrYtGLpLZTg=; b=AM473txollWev9x5bdmmxBS4LmaNBKI2FuLMKM+XTnuvK1KX5ZD5S16CGCRs5hQdeRmdoUj1vG7msiaPOV19APwR8UpAX+Z15x/WIz8TiTcCoGQleCtbQO+miHCbHmLl/EcbNDqx8MlfIaKWgolg7O86qgQrA4+blOuYb8kO6GSnpUOuusQwSaDibcW5Ze4P3mmIQ4FEfTx/HkU4tJZWJu6Gq175zN4GDFuTcTHe7UOiYhKXba+8ErIaCdT80T6QQFiUNJRAqoIMkYuznF0UICbnJMT6P1QhSo/ImRPA1gdFUnKJIbjqHW5L5V8N1mR5ruDxqMTHY4T2JgPLm8cFKg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zeL13pAWGGUgQv6hu7k0oRa/8ugehiWUFrYtGLpLZTg=; b=QH8nZte9C0JFwOkiNOSylFfrmwQoDV5zXn3HQ0Li3VZYqvqEvPpOwkiogx23W8cuOgiqY/lHNrcyAYS7xSaUvba4+avsMf8JfQhwcqi5Ukb7RaHNzpgw5pfiMrSqj1mJXr3TnUdfbBf+cRY5EFkH27wHQ1hO+YOe3syU+h9UH5w=
Received: from DM6PR00MB0847.namprd00.prod.outlook.com (20.179.227.78) by DM6PR00MB0767.namprd00.prod.outlook.com (20.179.167.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2666.0; Thu, 9 Jan 2020 23:21:07 +0000
Received: from DM6PR00MB0847.namprd00.prod.outlook.com ([fe80::2d56:644f:3f3e:8c62]) by DM6PR00MB0847.namprd00.prod.outlook.com ([fe80::2d56:644f:3f3e:8c62%4]) with mapi id 15.20.2665.000; Thu, 9 Jan 2020 23:21:07 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>, "Richard Backman, Annabelle" <richanna@amazon.com>
CC: Torsten Lodderstedt <torsten@lodderstedt.net>, oauth <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] -security-topics-13 and OIDC response types + form_post response mode
Thread-Index: AdXHQ3JtzqisjXJrTDeTwLHJyIkXiw==
Date: Thu, 09 Jan 2020 23:21:06 +0000
Message-ID: <DM6PR00MB084783B6C945B33DE42BE1D0F5390@DM6PR00MB0847.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=6f0bebb7-d3ee-4c8e-85c8-00007c4f4db8; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-01-09T22:55:25Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.92.57]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 35cc378d-05f0-4300-ff0b-08d7955a9aac
x-ms-traffictypediagnostic: DM6PR00MB0767:
x-microsoft-antispam-prvs: <DM6PR00MB076705E7348779758BC277D1F5390@DM6PR00MB0767.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-forefront-prvs: 02778BF158
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(39860400002)(376002)(346002)(366004)(396003)(199004)(189003)(966005)(316002)(9686003)(8676002)(64756008)(71200400001)(66556008)(66476007)(66946007)(55016002)(33656002)(86362001)(66446008)(8990500004)(76116006)(53546011)(30864003)(8936002)(6506007)(52536014)(15650500001)(10290500003)(4326008)(26005)(110136005)(2906002)(66574012)(7696005)(5660300002)(81166006)(81156014)(478600001)(54906003)(186003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR00MB0767; H:DM6PR00MB0847.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5LQYJHMZ+XqZ6TOe0M3vBv/skg6VG18nqzxb+hchM6giWqXV9JNND7UC8f1DrrOuUNfFaLgZiBQVOvF+db0dEpBgE3c9b2SbiWalay3VW0ck2beBe2y7/r3P23AtpJ3+/IEAGmIM6vXox4Jl8YEZZg2pu7ecCJUXqecgr1wowgza58l4pkq+ZG4BwjxD1/bQBhQK/HtUnf0xuOs/5kxU6UwvzndxQkzlyHxeyg4E3t6VRws5l8Kaib3Vwn2DM4OcrC/oRLQVutf+HoxKpF/I2ELc0pyv62GNoMMJiVndWUXu9FODZKB3HR/CSN4dJeBQ3CUck489tn8s2+DjGvDkx8pSuOs0gqVGCtFlJP2AZOGu+2CRNDq9o7PdwwVHgpo3mkQ4opFsKuzlycbYZRhwS23RB5CSxOwiWrNKF9jZlIwVl5za6jI9cqIfZundc1UZhhWOSe2zMrUvZX/EKdwm2Pl12jrgW/aPH9uhrW/P7+kGF9+TXirbfVYLtHVY+3dJwGl+2aPRRuahTcH77lJNew==
x-ms-exchange-antispam-messagedata: bJV7f4HteJaVsS/3f4wcNtYPvO0yhLehXMUn1n9Jry6ejxRCzE29nV4SlcN94lGWQeMBObJxOO/X/u5HQnxXY5/OfwS9hfXJ37VdXWUMZ+Kjr/mDAJHkU6wHOJ8IveuVUtTN/I5Tmieh27pZtE6fww==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM6PR00MB084783B6C945B33DE42BE1D0F5390DM6PR00MB0847namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 35cc378d-05f0-4300-ff0b-08d7955a9aac
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jan 2020 23:21:06.9245 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Zz74SBJ/iyH02wtwXSKf7jDRDk/Ryx+Ja3YLc98Yo1Dju8Oh2gpFDmcLybWh04bOeCUsdrFSX/lzFFyxlicn0A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR00MB0767
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/nBRyzTUHe8OBVndoeC_HntzpgX8>
Subject: Re: [OAUTH-WG] -security-topics-13 and OIDC response types + form_post response mode
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2020 23:21:13 -0000

I completely agree with Brian’s analysis and suggestions.

FYI, as far as how common this pattern is, “id_token token” with the Form Post Response Mode is the default for Microsoft Azure Active Directory identity interactions.  You can view Alex Simon’s Identiverse presentations, including https://www.youtube.com/watch?v=b2_N5Xsm6C8&list=PLpKq7xRiIHaQZzg-a0fFg08yH00zfO9w9&index=3, to get a sense of how frequently this is used.  As he describes between 7:40-9:26 in this presentation, we’re doing approximately 20 billion authentications per day using OAuth 2.0 with OpenID Connect.

                                                       -- Mike

From: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>
Sent: Thursday, January 9, 2020 2:37 PM
To: Richard Backman, Annabelle <richanna@amazon.com>
Cc: Mike Jones <Michael.Jones@microsoft.com>; Torsten Lodderstedt <torsten@lodderstedt.net>; oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] -security-topics-13 and OIDC response types + form_post response mode

The scenario I described in the beginning of this thread (response_type=token+id_token and response_mode=form_post) started out a bit more humbly as a way to facilitate a simple and efficient cross-domain sign-on with id_token response type and form_post response mode. Somewhat analogous to SAML SSO using the POST binding. All the transactional data flows through the browser in the front channel so no additional calls from the client/RP to the AS/OP are needed. And no short-lived-transactional data has to be shared amongst AS nodes (or between geographic locations).  There are some nice aspects to front channel flows.

Then along came the desire to have the ability to periodically refresh the user attributes associated with the session created off of SSO at the client/RP so as to have fresh data on which to base access control decisions. That was done by adding an access token into the mix, hence the response_type=token+id_token with response_mode=form_post, and the RP using it to periodically call the user info endpoint. Of course this isn't the same as an ID-token-only-front-channel SSO but it still retains some of the same benefits being a mostly front channel flow.

I don't know how niche these cases are or even how often they are actually put into use in actual deployments. But the token+id_token and form_post flow was fresh in my mind for unrelated reasons when I was re-reviewing the security BCP draft, which made me think again about the SHOULD NOT wording in Section 3.1.2. And that led me to this thread and my proposed text that would let the SHOULD for using sender-constrained access tokens stand on its own and adjust the qualification on the SHOULD NOT for implicit style access tokens to focus on the issues that are particular to those flows. This doesn't actually change the underlying meaning of the draft because sender-constrained access tokens are still a SHOULD. But I think it would make the draft more cohesive in terms of where and why certain recommendations are made.







On Thu, Jan 2, 2020 at 2:53 PM Richard Backman, Annabelle <richanna@amazon.com<mailto:richanna@amazon..com>> wrote:
Brian and others with similar use cases (Filip?):

The current text does not prohibit your approach, provided you’ve done the due diligence required by BCP 14 to go against a SHOULD NOT. Could you provide more detail on the scenarios where you have opted to use these implicit-based solutions? Is it impractical or infeasible to use an authorization code-based approach in these scenarios? If this is a particularly niche use case, then it may not be worth including in the BCP (that’s basically what SHOULD NOT is for). But if it’s more broadly applicable, then it may be worth tweaking the “unless…” clause of that paragraph.

–
Annabelle Richard Backman
AWS Identity


From: OAuth <oauth-bounces@ietf.org<mailto:oauth-bounces@ietf.org>> on behalf of Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>>
Date: Saturday, December 28, 2019 at 9:47 AM
To: Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>>, Torsten Lodderstedt <torsten=40lodderstedt.net@dmarc.ietf.org<mailto:40lodderstedt.net@dmarc.ietf.org>>
Cc: oauth <oauth@ietf.org<mailto:oauth@ietf.org>>
Subject: Re: [OAUTH-WG] [EXTERNAL] -security-topics-13 and OIDC response types + form_post response mode

I agree with Brian's suggested text changes.
-- Mike
________________________________
From: Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>>
Sent: Saturday, December 28, 2019 5:33:24 AM
To: Torsten Lodderstedt <torsten=40lodderstedt.net@dmarc.ietf.org<mailto:40lodderstedt.net@dmarc.ietf.org>>
Cc: Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>; oauth <oauth@ietf.org<mailto:oauth@ietf.org>>
Subject: Re: [OAUTH-WG] [EXTERNAL] -security-topics-13 and OIDC response types + form_post response mode

The requirement for replay/injection prevention at resource servers is still there in section 3.2. This change only drops it as a specific qualification on that SHOULD NOT for flows that send access tokens in the authorization response. And instead focuses that qualification on the additional risks that come with sending access tokens in the authorization response. To me, this feels more consistent.

Looking again at section 3, I'd suggest also moving the fourth paragraph of section 3.1.2 into section 3.2 so that the description of sender-constrained is in the subsection that is about sender-constraining.

On Fri, Dec 27, 2019, 5:00 PM Torsten Lodderstedt <torsten=40lodderstedt.net@dmarc.ietf.org<mailto:40lodderstedt.net@dmarc.ietf.org>> wrote:
Your proposal sounds reasonable on first sight. But thinking again, it would mean to keep token injection prevention in authorization responses a requirement while dropping the requirement for replay/injection prevention at resource servers. To me this feels inconsistent.

Am 28..12.2019 um 00:02 schrieb Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org<mailto:40pingidentity.com@dmarc.ietf.org>>:
I'm not suggesting that it should be a recommended flow. But recommending against it, as the text does now, seems overreaching and unnecessary. I know *consensus* was previously found on the text in -13 but best I can recall that discussion was mostly around Nat advocating to allow room for some future self-issued IDP type case and the conversation kind of got hung up on that.

Here's some proposed text, which I think still largely captures the intent of the BCP while not explicitly recommending against legitimate cases like the one I brought here or Nat's or something like JARM.

   In order to avoid these issues, clients SHOULD NOT use the implicit
   grant (response type "token") or other response types issuing
   access tokens in the authorization response, unless access token injection
   in the authorization response is prevented and the aforementioned token leakage
   vectors are mitigated.

The draft already recommends sender-constrained access tokens elsewhere in the document. It doesn't need to be repeated as a qualifying condition around this SHOULD NOT.

I am a proponent of PoP/HoK/sender-constrained access tokens (as hopefully is evident from several attempts at bringing/doing related work here) but I do worry that the recommendation in the draft is sufficiently unachievable to the vast majority that it might undermine the credibility of the document. But I get the aspirational aspect of it and, other than some suggested tweaks<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailarchive.ietf.org%2Farch%2Fmsg%2Foauth%2FRKujONej-92dT5lr9cLu6hHnw8I&data=02%7C01%7CMichael.Jones%40microsoft.com%7C97c0eb18ae6d4fbd189708d795548ed7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637142062719313532&sdata=OvALRfRzfcvIk4NW7lYtnF7mO6ujU3cO1O0OH%2FQVHFc%3D&reserved=0>, am resigned to see it stay in the document. But let's let that recommendation stand on its own in the document and not also tie it to other considerations.


On Fri, Dec 27, 2019 at 1:41 PM Torsten Lodderstedt <torsten=40lodderstedt.net@dmarc.ietf.org<mailto:40lodderstedt.net@dmarc.ietf.org>> wrote:
As Brian said, we have discussed this several times and this text found consensus.

Using post reduces the attack surface but does not allow to bind the access token to the legitimate client. We are recommending sender constrained access tokens in the BCP. So recommending a flow that does not support sender constrained access tokens is a contradiction.

What do other WG members think?

Am 27.12.2019 um 21:28 schrieb Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>>:
I agree with Brian. Please update the text to describe this already safe usage.
-- Mike
________________________________
From: OAuth <oauth-bounces@ietf.org<mailto:oauth-bounces@ietf.org>> on behalf of Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org<mailto:40pingidentity.com@dmarc.ietf.org>>
Sent: Friday, December 27, 2019 11:03:30 AM
To: oauth <oauth@ietf.org<mailto:oauth@ietf.org>>
Subject: [EXTERNAL] [OAUTH-WG] -security-topics-13 and OIDC response types + form_post response mode

We have a-sometimes used scenario where a client makes an authorization/authentication request with a "token id_token" response type and "form_post" response mode (nonce is also sent and exact redirect URI matching is done at the AS). The access token is never exposed in any URLs and access token injection is prevented by the at_hash claim in the id token.

That seems to me like a legitimate and reasonable usage scenario. However, it would fall on the wrong side of the SHOULD NOT in Section 3.1.2 of the Security BCP-to-be<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-oauth-security-topics-13%23section-3....1..2&data=02%7C01%7CMichael.Jones%40microsoft.com%7C97c0eb18ae6d4fbd189708d795548ed7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637142062719313532&sdata=b6mUvX0W0hf6H8ktKdT4vEQlfj7FUjsOIO7IHpCf%2FYs%3D&reserved=0>, which has:

   In order to avoid these issues, clients SHOULD NOT use the implicit
   grant (response type "token") or any other response type issuing
   access tokens in the authorization response, such as "token id_token"
   and "code token id_token", unless the issued access tokens are
   sender-constrained and access token injection in the authorization
   response is prevented.

I know this particular text has been discussed over and over again so I hate to revisit it. But based on the aforementioned scenario I think maybe it still doesn't quite hit the mark. Access token injection is prevented. The token leakage scenarios mentioned in that section are all avoided. And while I know sender-constrained is recommended elsewhere in the draft, it's not really a realistic option for the majority of deployments.

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s).. Any review, use, distribution or disclosure by others is strictly prohibited..  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.
_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Foauth&data=02%7C01%7CMichael.Jones%40microsoft.com%7C97c0eb18ae6d4fbd189708d795548ed7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637142062719323523&sdata=JEw5BK%2FMGzVwKeqmofu3SpQ0SLzodsY0W8eKZW9QlX0%3D&reserved=0>

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s).. Any review, use, distribution or disclosure by others is strictly prohibited..  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s).. Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited..  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.

v2.29.0 | Report a Bug | By Email | System Status