IETF Logo Mail Archive

Re: [lamps] [EXTERNAL] Re: I-D Action: draft-ietf-lamps-pq-composite-kem-00.txt

Mike Ounsworth <Mike.Ounsworth@entrust.com> Wed, 23 August 2023 17:41 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4120C151719 for <spasm@ietfa.amsl.com>; Wed, 23 Aug 2023 10:41:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OjTuPXpyFYk3 for <spasm@ietfa.amsl.com>; Wed, 23 Aug 2023 10:41:34 -0700 (PDT)
Received: from mx08-0015a003.pphosted.com (mx08-0015a003.pphosted.com [185.183.30.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2ABAC13AE51 for <spasm@ietf.org>; Wed, 23 Aug 2023 10:39:57 -0700 (PDT)
Received: from pps.filterd (m0242863.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.22/8.17.1.22) with ESMTP id 37NAvpSg030244; Wed, 23 Aug 2023 12:39:55 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= from:to:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=mail1; bh=pfc1++/rTQqebt0EueUJ8aHn 7QwKXxkgPYG335ONA+M=; b=B1+mxclPHsa8G0C80GgwbP91fES7ukSKV7EXzyVK 9IQ6cDZ/0o75Ve0dAYjs1prxX3UTL8IAYcTsFA+ngTGdsBfhHRtA6qIifZCBpn42 F9a+Errspsp+puJGu9qjxswhMXvA/lBVFoIxxMEMSFL4gXDQWU/GxiiBmqyQy+qk FK37v6pHcrNZI+uJl/9yfHi0MTY8Ke35Bi4T3RIOVn2Uorrp/WdoS0Ua3u2b/yrv UOsByzAe/ivAlsaI254MR6mF+5+OyE9y398JOEp0MskaVrhPwA4Ei+pAGaVNgWkt RR+h7XlaGeK3m8fljSxCFRQT57bF1K16U7HRXiycFbNqfg==
Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2177.outbound.protection.outlook.com [104.47.59.177]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3sn211ujap-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 23 Aug 2023 12:39:55 -0500 (CDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q5jWHUS2//tBeLqFpQaG84KoDUNmDbNAytgyA+KRL315ym+mA5j0vRCzq3ytIYpIGEbLDXjvo/MLgQcaSJdFc95bWsClGiqD67+8FDqVmITMc6o0PiSzWB6wsObJavcS68+cx7TNmE3GxbRJyFA4M9JMD4D1BdLCuiHCT/18Rokxx+VBeKLvqAHoANja9np+A/yWSLC2sHbJz3MA1YjRSJ/H752bZpmLQ7373bXw3vQoNC6z+4U8/rMQ77W5s0CSuWXb/z4SaBASgCum+EYwXpEYnszvUT17c3ApbZSDyMtMrYQQzvPXvCZpwoZOdmjYlSPovL66E/62/K5WXdaweA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BzOKCUFMoysy2q4dnG0DDpoZEsy37hciF8BRY3tXWp0=; b=dIeFxcifnGEUxnSGMPElOQikwfPUMw5s32L4gpDOQcW6u65bPoKxzHqm/V33zt54jYDqknpj3kLhLPbAFgkxsFK0SOaDIzP2N/eJi6azlzq/EsiP8CcTVVfME53AwNQ9eEZ+ZJN86zLzwP81pUn1lHXIsU7sOAnGAqBzkNcolMdnaRkB2QBdJiBn2Pzc8ljvY9WzxT9LvMKurns3reaFF2AnTYYw1Jr87VvbqRRBZGMPJruupQx37uWMBubXVpaHHyN9PNdV9eAcL8Ik95mQ+l8XwRR3NtsBF8kyZD0KNvsj/+ifLemlO7ehwrzJUby1GtBbAmQhVJgL+j9i9IGLSg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by DM4PR11MB8204.namprd11.prod.outlook.com (2603:10b6:8:17d::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.26; Wed, 23 Aug 2023 17:39:52 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::902f:f92b:8d48:f4bf]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::902f:f92b:8d48:f4bf%4]) with mapi id 15.20.6699.026; Wed, 23 Aug 2023 17:39:51 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [EXTERNAL] Re: [lamps] I-D Action: draft-ietf-lamps-pq-composite-kem-00.txt
Thread-Index: AQHZ1ebF/cpfWYpWuki+asB6kdcNBK/4IsWQ
Date: Wed, 23 Aug 2023 17:39:51 +0000
Message-ID: <CH0PR11MB5739F9F37B3F9DFF0021258C9F1CA@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <169280279919.52726.10703739224883232107@ietfa.amsl.com> <ZOZA4yip5T7XSq8P@LK-Perkele-VII2.locald>
In-Reply-To: <ZOZA4yip5T7XSq8P@LK-Perkele-VII2.locald>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|DM4PR11MB8204:EE_
x-ms-office365-filtering-correlation-id: 6f52e0a8-c487-4c0e-7b6a-08dba3fff4a1
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: iCl56Nmy9mhQLaWcnliV7VwNpPxqiD4+KB5PDIBz2Ost17g6Ka5BVw6BB+1osBeM1yFlOIwHHHoFBA8pa8tRt71DCTjZiTjMvZDsiioUnGx8MQZ8RNQML5znve4VdAjRWejWbvBVaLd6vo9MbnZF8OZbKkLknsZrsYVU5o7Im3FOG/nGRLhsxywOxUoN10Y9gRqpiCFbvVOxQxdttZCL0XACNaVlqSwkzqCXg+pUxdOMucveV8Gf00tTOoHFl3R+PX56P5IE5kZR9fX06t9APQjQOmlFi/UVgndV77SXlBVCU1qwtbDAjUk05+om2Vv5YcsSp2yOdbyyDxsNiS5CK3CAgJnY7DJUv/K3M4IH6MnULQ+iAu32dGEUUZtCuAeJRDRWK2pI3YIbtHMybPLOjhOGiFhU2VlEIwTCq8/dqkTo1sDv8CLrosxJ6nimsOqKsH/FLl8vHTgpDROlPPHMsK1+Q1GgcTVJRnCOsl8jk4D0524QceajxH1+Q9b1jVUZ4FxH6riBOopfkjrO/bGvSFaX8tV9nH89WcKfRd4vfacsZ2lCr65ikSM/j1GkwQbjCADbKIxJo+LBqUTPMUpCQ0LPfvXbPNYzBXDhIiKwxTQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(376002)(136003)(396003)(346002)(39860400002)(451199024)(1800799009)(186009)(76116006)(66946007)(66556008)(66476007)(66446008)(64756008)(110136005)(5660300002)(41300700001)(316002)(2906002)(966005)(478600001)(52536014)(86362001)(8936002)(8676002)(38100700002)(38070700005)(122000001)(9686003)(71200400001)(6506007)(7696005)(53546011)(166002)(33656002)(55016003)(83380400001)(26005)(66574015); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Th6ui/6VarmhrbyDjpcgnTr5EMPap5jkHzkM7wzyZ+LfsaVM04S+7+OCMc2wszzU6LYJy5hNE3wNEGkMtzETz1EGakSyqiWwmmHzJSoJIr4rQyupIuesqD+UMOimixe7DWcr3z2YC5NBv+j2AQ72WyP27PTD0IMkuqZTJPHDanTmQ10QoN1gMzIZXKXSUqqzX7aVCeVJ7xI7dlSMvDj0V1N8l1m8jWtWtqcvTMx39ANI2q7/1hOFUW8jIJ/Gln8MjAmTdFlobu6jSBQGuW3lFmRsCH1nbR7/H+jfJtihgWi/5h3urBHfdJwhnS1KASoor4yoxxQk6PlILLw34wLYoQAbsMobIg0QeqAJ+CDxsSK3MIvvKDc96GWqTX30Jm3q+GkY6fDFLe8m25uRZOUrDwr2qMbgyy2TOD7y8ZEnZJXzpqF6LXZx2Rhcu7EvnUtfy+osnLQGOjws2KuahD7nGXuRZCJjIChAcLGbD5vkh4VnewSAZIP/VpygeAYKy7TlKMOG8rJX0hwBuDWxPjEuoalHkXW0cf4LryFEpArYI1NMd6Ozx26Oc2HWgHhJpIUfDSkwDI/4CHfbHB0GzIZPQT6iOatwP0qrq7O4hN6B5kdgefQwe/GwFSzBW2GWfdqpz3sLehB/4lsajIoIYMw7gZGyh+OtMDXwnL1Y2bf4R9tyHjBxYY4z3ya8JHpDoIcb+ySz6Sph8XveYtcklAc2ln+DYOTStrgIxlyUg48eoiG3vNXf3waKJk5v1Rg6vwSYouPwagT30+A3Zja1J79jOx2GKrzc4oIk0qUjxfHKEtSm2moSJO/P4Z/F+3EatX9gUNiL/S+7IdQKkO2FnHIC3tBgpWL6MxWMh8KHAXOJo1Q3/Go8a8pU/xz/D66LccnvyewWW5qIU/8lxaSc2jN818utFJKZhexPtWZD78CwWO1kNgmqb8aQCI0r9dF6a8Y3YP0ZyggyptDOnWfWlg5DnM59ktFBAbtwBg4nyHNg89nWr5j/MMlOsF5D5sU7hF80eiVMFRpdJLErvWJ9VA+RD/sp73s3VKPwezH3Sefi37fq/axMm81HAKFJo2iPm5UV44wumLYHXKJIKc2pXY1Ei2MMYznu9fcDKXrxguY6iYHhIlIc6VdClhcOauXpzhLfD79j/5+GSMEtDPkZghL7oiJuGNbT9io2lA+D9Cxe+YhWZ0W2qZsB3K4it+WZ8tYhHBkpUu3QltNw+wPCfVPdDwiEOxTRayVAiKxfO/RxdiQDYh4A9S7fP9X79Lqfk4559dCZqUP3hQu8oN0ME4c8hhCo+gFpGvRd0Aj+wjEtFbOYzLcXLeUVPwrQv9abtw+8F3iMlnQONKmo3Ay8l8DPPf0kP22Wl6cfzhOKFIhAAacelQC9G3tT48OHfdzN0QLSV2EaYjUY8USEAE4AcPKd06Z6ERNTrJcGqrCGve3nn6Rr2alAB9J6IhUbhv4qwA7H7+MXbjs2vfOk2a9pdBOxd5qOyfsI3Mq/7Uej3HgI+Lj9xHRi9xN+QUBJ77ddDEXPnm3ZQbIwEW3tmy5jxPKJj6w2wFicFAFe7lzWpGdsva2Gqndx/G+zrvmN15Sr1rbM
Content-Type: multipart/alternative; boundary="_000_CH0PR11MB5739F9F37B3F9DFF0021258C9F1CACH0PR11MB5739namp_"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6f52e0a8-c487-4c0e-7b6a-08dba3fff4a1
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Aug 2023 17:39:51.8993 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dA7LqGUs6V48RJBaO04zrPnFwQXcul9m0A/UeU0eSBGYVB3sgMU7Lu8Q6HjM2YvDsLL33IK/YTDil08qNY807J4IBHtah3DyBSOGQaQfanU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR11MB8204
X-Proofpoint-ORIG-GUID: Toa9lNXAIp-otL_BR-cgPgRdeMehjJaK
X-Proofpoint-GUID: Toa9lNXAIp-otL_BR-cgPgRdeMehjJaK
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.601,FMLib:17.11.176.26 definitions=2023-08-23_12,2023-08-22_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 malwarescore=0 priorityscore=1501 spamscore=0 adultscore=0 clxscore=1011 mlxscore=0 phishscore=0 mlxlogscore=999 bulkscore=0 lowpriorityscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2308100000 definitions=main-2308230160
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/6ubSz1bX_iBDKccLrQyJsXpppS8>
Subject: Re: [lamps] [EXTERNAL] Re: I-D Action: draft-ietf-lamps-pq-composite-kem-00.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Aug 2023 17:41:39 -0000

Hey Ilari,



> I don't think it is "implementation bugs" that are the main gating

factor in trusting post-quantum algorithms, but rather the actual

strength of those algorithms.

This is a religious debate to which there are many opinions and no correct answer, therefore, in my opinion, completely pointless to debate.
There is a non-zero risk of catastrophic algorithmic attacks.
There is also non-zero risk of implementation bugs leading to CVEs about weak encryption entropy or oracle attacks or whatever.
That’s it, debate over, right? Debating which one is the “main” risk seems pointless to me.


As to all your other comments; I appreciate your review, but it’s a bit premature. This is just a renaming to indicate that it’s adopted, we have not yet tackled any of the editorial work. See the long list of TODOs on slide 4 of my 117 LAMPS presentation [1]. Feel free to open github issues if you think there are things not already covered by that list. Or feel free to do some editing and submit a PR.


[1]: https://datatracker.ietf.org/meeting/117/materials/slides-117-lamps-composites-00.pdf

---
Mike Ounsworth

From: Spasm <spasm-bounces@ietf.org> On Behalf Of Ilari Liusvaara
Sent: Wednesday, August 23, 2023 12:25 PM
To: spasm@ietf.org
Subject: [EXTERNAL] Re: [lamps] I-D Action: draft-ietf-lamps-pq-composite-kem-00.txt

On Wed, Aug 23, 2023 at 07: 59: 59AM -0700, internet-drafts@ ietf. org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. This Internet-Draft is a work item of the Limited Additional > Mechanisms


On Wed, Aug 23, 2023 at 07:59:59AM -0700, internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> wrote:

>

> A New Internet-Draft is available from the on-line Internet-Drafts

> directories. This Internet-Draft is a work item of the Limited Additional

> Mechanisms for PKIX and SMIME (LAMPS) WG of the IETF.

>

>    Title           : Composite KEM For Use In Internet PKI

>    Authors         : Mike Ounsworth

>                      John Gray

>    Filename        : draft-ietf-lamps-pq-composite-kem-00.txt

>    Pages           : 25

>    Date            : 2023-08-23



Reading the draft for a quick review:





- Section 2. Introduction:



I don't think it is "implementation bugs" that are the main gating

factor in trusting post-quantum algorithms, but rather the actual

strength of those algorithms.



And I don't think the question on what algorithms one should migrate

to is so unclear anymore. The NISTPQC process has yielded a lot of

information on that, even ignoring the final selection.





- Section 3.2. kema-CompositeKEM:



"PARAMS TYPE CompositeKemParams ARE required"



Uh, what does that mean? That algorithms are parametrized?





- Section 3.5. CompositKemParameters:



This looks to me to be for supporting generic composition, which I

thought was ripped out.





"Implementation SHOULD NOT rely directly on the algorithmIDs contained

in the CompositeKemParams and SHOULD verify that they match the

algorithms expected from the overall composite AlgorithmIdentifier."



... That sounds like a rake factory. :-)





- Section 3.6. Encoding Rules:



"EDNOTE: will this definition include an ASN.1 tag and length byte

inside the OCTET STRING object? If so, that's probably an extra

unnecessary layer."



I think that including those would mess up protocol alignment, so the

tags and lengths should not be included.





- Section 3.7. KEM Combiner:



"TODO: as per https://urldefense.com/v3/__https://www.enisa.europa.eu/publications/post-quantum-cryptography-integration-study__;!!FJ-Y8qCqXTj2!fCIie1Y_7nyWRuMLCmqy2UjpCcyscCqVkOJo6QHQO9z0PUFI38yr61Bsb43w89_TFmDZGh1CeDKNU-UMZKB5jIjhM7NKLJtb6AA$<https://urldefense.com/v3/__https:/www.enisa.europa.eu/publications/post-quantum-cryptography-integration-study__;!!FJ-Y8qCqXTj2!fCIie1Y_7nyWRuMLCmqy2UjpCcyscCqVkOJo6QHQO9z0PUFI38yr61Bsb43w89_TFmDZGh1CeDKNU-UMZKB5jIjhM7NKLJtb6AA$>

section 4.2, might need to specify behaviour in light of KEMs with a

non-zero failure probility."



Since the KEMs are IND-CCA2, the failure probability is negligible.





And uh, no SHA3-512 please.



Furthermore, to align with Kyber, one should only use KMAC256, SHAKE256

or cSHAKE256.





"K: the ASCI value of the name of the Kem Type OID."



I presume that "ASCI" should be "ASCII" and "Kem" should be "KEM".





- Section 4. Algorithm Identifiers



"EDNOTE: I believe that [SP.800-56Ar3] and [BSI-ECC] give equivalent

and interoperable algorithms, so maybe this is extranuous detail to

include?"



Actually, the algorithms are not interoperable in general case.

Specifically, if h > 1, the results will differ. However, with

all the curves considered here, h=1, in which case the algorithms

are compatible.





- Section 4.1. Notes on id-Kyber768-RSA-KMAC256:



"For use with id-Kyber768-RSA-KMAC256, the keyDerivationFunction SHALL

be id-sha3-384 and keyLength SHALL be 384."



Maybe SHAKE256 with 384 bit output instead (alignment with Kyber)?





"EDNOTE: Since the crypto is fixed, we could omit the parameters

entirely and expect implementations to re-constitute the params

structures as necessary in order to call into lower-level crypto

libraries."



>From what I can tell, the parameters do not enter cryptographic

computations, so there is no need to re-constitute the parameters.



So just fixing the thing would simplify it a lot.





- Section 7.1. Policy for Deprecated and Acceptable Algorithms:



One subtle point is that in asymmetric encryption, the way hashes are

used is much more resilient compared to use in signatures.



So even quite broken hash functions are not that alarming, but not good

for other reasons.





- Section  7.2. OR Modes:



I don't think OR modes make any sense with the present framework.









-Ilari



_______________________________________________

Spasm mailing list

Spasm@ietf.org<mailto:Spasm@ietf.org>

https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/spasm__;!!FJ-Y8qCqXTj2!fCIie1Y_7nyWRuMLCmqy2UjpCcyscCqVkOJo6QHQO9z0PUFI38yr61Bsb43w89_TFmDZGh1CeDKNU-UMZKB5jIjhM7NKgjdFIT4$<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/spasm__;!!FJ-Y8qCqXTj2!fCIie1Y_7nyWRuMLCmqy2UjpCcyscCqVkOJo6QHQO9z0PUFI38yr61Bsb43w89_TFmDZGh1CeDKNU-UMZKB5jIjhM7NKgjdFIT4$>

Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.23.0 | Report a Bug | By Email