IETF Logo Mail Archive

Re: [SPICE] Call for consensus on SPICE charter

Kristina Yasuda <Kristina.Yasuda@microsoft.com> Tue, 13 February 2024 04:54 UTC

Return-Path: <Kristina.Yasuda@microsoft.com>
X-Original-To: spice@ietfa.amsl.com
Delivered-To: spice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 594C1C14F5F8 for <spice@ietfa.amsl.com>; Mon, 12 Feb 2024 20:54:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Level:
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gAgpac2YiBPf for <spice@ietfa.amsl.com>; Mon, 12 Feb 2024 20:54:07 -0800 (PST)
Received: from BN3PR00CU001.outbound.protection.outlook.com (mail-eastus2azon11020002.outbound.protection.outlook.com [52.101.56.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA9D5C15153E for <spice@ietf.org>; Mon, 12 Feb 2024 20:54:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XQ199/A0MWIKRS6Ctah1Nt9RqWFs2FZNdQDhHPjcefx0hQ13GD8St9DVJMmG0ynv0iHxZtv6omcvwMnMvGp+lvX8QQe1tD83xTiL81MuC9s7ZlQyi8yxVyC/CR7J5bVxKMxQ8kkHqOsIpIzg71jrW22bIQZHNi9SWJg/04xr6w9ORVEROK2VYutL5mzfuALw2cIlP8rrxGSV/oCW+jk2iOtzlgulRwLR/JI1qTpOj2jz6lyW4RcNkbhBfaQir8xW8ANjHii6Jtzq+fQfPauuqlcvKgi2qwgVjP6zIWnsXi/f3cwsS8lrmfDqUJgSdgNyJ8dOtPSP4+LEeiwBIUlm1w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GItkG9mhb8XDp1p0TKL5FDnatFNTFTMUnMBAxuWvP7o=; b=Y0kWs8tZL086z6u/1xnGCkJp4OGLRbxJigcYv8uFBQhoEBZgTAvRkgkeHWx/0eDUWeowBdGlmuYatu1VDTF5kUS4MD6fxVatZL2sYtsOlKHYjwcjKn3Rauw0JoRCrM3sYIaATNCvqgWXKlUfnTMWkiEYMduxXoK8pwNmkzyQGEbX6a3Itm3CDJG2zcC7/+xB9vtsJGtom7/cpsLDkpyJ9P9j5jHXS66y9g3y3Ecafj2IuiPSTS9DtwwtaXW1HLOzYhiK6EPs9dlLHR8cp9pxRx1u4HRQXP7tMPKw1J4UCiw1zO0GrL8iAQsqdpce2ItoacivK+Q5BJ9VUOEg8spw4A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GItkG9mhb8XDp1p0TKL5FDnatFNTFTMUnMBAxuWvP7o=; b=b8UJyPqsgUKrlp2DbBwicFMs3FopT0COCuqPiyjFsjS5EGXjCMVJgvfVWksk8tNwAym9Y5M8LfYBf+uMYlQfeRu/E3zAHnW+VNYP4fbNF+E55Xe4jxlGBS4WUfnPglNrU+F9aWsdq+35M4awmgFzfreStp9ZXIyP6iwazfQ/flc=
Received: from DM6PR00MB0859.namprd00.prod.outlook.com (2603:10b6:5:220::24) by DM6PR00MB0830.namprd00.prod.outlook.com (2603:10b6:5:209::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7331.0; Tue, 13 Feb 2024 04:54:01 +0000
Received: from DM6PR00MB0859.namprd00.prod.outlook.com ([fe80::9cef:91d:7197:4084]) by DM6PR00MB0859.namprd00.prod.outlook.com ([fe80::9cef:91d:7197:4084%7]) with mapi id 15.20.7332.000; Tue, 13 Feb 2024 04:54:01 +0000
From: Kristina Yasuda <Kristina.Yasuda@microsoft.com>
To: Orie Steele <orie@transmute.industries>
CC: "spice@ietf.org" <spice@ietf.org>
Thread-Topic: [SPICE] Call for consensus on SPICE charter
Thread-Index: AQHaW5VAXHekL0EPikSNlaTy10ejNrECdswAgAAZlNOAABCjAIAFGE7w
Date: Tue, 13 Feb 2024 04:54:01 +0000
Message-ID: <DM6PR00MB08591294E6687B4C31EFA1B8E54F2@DM6PR00MB0859.namprd00.prod.outlook.com>
References: <MN2PR00MB08634013D5E87AEEAB12A187E54B2@MN2PR00MB0863.namprd00.prod.outlook.com> <CAN8C-_JRJ4wcF+dzGCLHuc8p-wWauXxgpwVQV19ddgwG8_ZVAA@mail.gmail.com> <DM6PR00MB0859F486BEF195F04CDD4994E54B2@DM6PR00MB0859.namprd00.prod.outlook.com> <CAN8C-_KqA2sOKK3kTFr9MdjXTQqJrySROGXgJ1H32oXGRuoNCw@mail.gmail.com>
In-Reply-To: <CAN8C-_KqA2sOKK3kTFr9MdjXTQqJrySROGXgJ1H32oXGRuoNCw@mail.gmail.com>
Accept-Language: en-US, ja-JP
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=8265f1cb-5995-497b-91db-c4eb21a92967; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2024-02-13T04:51:00Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR00MB0859:EE_|DM6PR00MB0830:EE_
x-ms-office365-filtering-correlation-id: 69ddbf60-02d7-47b2-78c5-08dc2c4fcc15
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cHLxLrGnW/90nyjGZDd3x6aoJANbkcYnRPCMmh7f+0zn+zptbk68d+qvWjsnH7p5QEf3H0/IKMn/mUkC2FlgnWRO/IPrSC9CzRm+Hx3TuJ/iXm/y8Hjg3XXECasDqO2Ezmo0iKmynpLOU5iomuwz8U90LNP43SmuxqmuPoxkKk6UwLFqwGUoW8NdcKRtCaiSnfY4WEpbm8U/N173x6bIh8VYGWrgM8vlo5aE1huOMX+eLdLpcj9DYickugKCQjcjMHdSBNHs5vrA8vjn4+SzITQw3bwQCDPCFkmHL5ud40Cn4hX+b9kg8yPHXgF7t2sYVRhq3jUp/FXYHCJhQAprJAyWEFSFpEAJnF3GzN4ffftbllbS7LKilAL4Hcjq5rJwWkBFvDdxjrRYQBq2t9c269veGH4MUFT/crTI+t2ems44u2sh/kyA8JltPK4dydREDYmeNPi4MrrfGzGP1sRXyZ+JsMUCKkp7DWEd6grqgwyTwygoF3mMrnRUEY0IMPyb4EgEguhC7OYzkghFfONbtl/GQi51/eOsVsl9WddFULtKgn8ZeZJTAHqBpV9TI2R4ZhRCIdpt58i7n9IfGg2tYHPUsVVppb3O7BOgCAN6drg=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR00MB0859.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(136003)(366004)(396003)(39860400002)(376002)(230922051799003)(1800799012)(1690799017)(451199024)(186009)(64100799003)(76116006)(55016003)(41300700001)(966005)(8990500004)(2906002)(5660300002)(64756008)(6916009)(66556008)(83380400001)(66446008)(66946007)(8676002)(4326008)(8936002)(52536014)(316002)(66476007)(6506007)(33656002)(86362001)(26005)(7696005)(9686003)(53546011)(38100700002)(122000001)(166002)(38070700009)(71200400001)(478600001)(10290500003)(82960400001)(82950400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: nYTFcVFsEdZZbob9iE+V/AIYCLOAZM6cx+jbyWKy2QL0gsrqwjO5MPwj6WfGqNPJwpHll5iPt23CIY0bDu2a3gehASkMAoywCZ2aK+INA1ZmWcHwMrUiyMrP5UM5EZh20QOitbu1u6B5AMaUX3vdUnAYhtuRre2Awbc5AN4ih5+RUpYVt3/RKFE7HgYZesSE0xMuzNhU5GXHpaZCiB40WIiR2fwndPau/D0yDnlwUYlaylsuAuQOSfHfMCtWDFI3MFooq9/IF6oL4p6UwqFxXtT1fhAbGuT6ythDdJv7Q4T4+jp2XQ8MpD43R2W335GL1TIIEnZ0BB8LoN7cel1N87M0CPTKIhynwwKMztEMTJY20x5T2LJNpnfkju43OSBw2fHKaJzZtQVipAsqTDvD0wbZwt/iLjGuiIf66eMSdtn8HyCqoPYMVsHGhNs8jRFG+kAGr8pp/kvuHYwX9ytxNSv0ChFP7XKduoSeinlxjU69wRb3uGv96AFvz/Qo8+08kj3rZVjT1LAqISIp52wVd2OfmZyIxMOdgQ4rEfh+xUxTIdm9IrHlWyUFcDzD4T2Wo45Vc+v/sHBbV2NePD836tIXp+1Q9KmWHEPITkVMvZghHJC57qILbsBpphj0ow1qhZNhUhcuLcNUHzGhl+gJ9+3LF6YonWxNKNJJwID3q+3NP14LNCBu/fgsacnKeGC981d/yGP/fivZvxq4FwoQ4/qpD1Qff7rxscGkaFll/QSGPeudQjuTxwJy2t+5V3PFN7hDk5qYTTtTcUT9V7RXGzN+npFuA8vwv6e8cdNhxzdoXqCKbGEUM5ukGsnJmEmzdowm6UCy71ZMisEml5L610lChpAfVcpzFP84zMD6gPeEabUFUET7WZezJaaEqXmF5b2MyjCIniV0iQxSi5EDxDp0HfAYhACb9x57aXNINOfVTHRbeDVM9pswqOZjjJbdvoo3KBegG4lUN4UNQhRTn7wtTzkp6MDV5R1SpKuAkCrQbsA2g2t917p/REptOCIq/9LDa6u8xc2AXvnei3ZOmy6z3woBkNoSmZ56x7guHwBCIq8Q75PJwSmqlM8qxYT9/OW7lYmRv0L8n0K95r018u0k8TCWJnOyft4kfSbvZu4NHT/MW4OkbTsrRoql6wqXc1YUx+Q+hTY7r9wjOwcUpZjpBruYxETA0PzA1RWHjEzGzGpycetqxCFx459qLrbIv4c1f3gBbR2vgfNhEQsJOBA8JagxKhHeDGitRHcyywBNS8tztRYv7pipERZThkONL4b471znLaKnqGYsDqMcEK7KYVrbObQR/HDjmLbCw/cgb8m5sl8sMK6JanESG3u8Lq9kzwRghsxgTS/66wqAqnMikk0MgAox5LuRGtqHU1aMhqWBZBmyT3Rcza0kk1VPLlYw2+gzyW7pz3enlxnlGr93BX07XPCWaUoy57xvzya9HFMI3kbBLdazkAT/kNJEvhW5l8YoogOipIAShrLsnqYmKz06u3vBdqclvfCCh0JspjSVwIhsIfhCAej1JbR69+/XEWDFbzdst1DZgZxsHsi6RhCH8M5lwdK1SQJAg+j97kxsHPi4T0jgkRFd0fB/
Content-Type: multipart/alternative; boundary="_000_DM6PR00MB08591294E6687B4C31EFA1B8E54F2DM6PR00MB0859namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR00MB0859.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 69ddbf60-02d7-47b2-78c5-08dc2c4fcc15
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Feb 2024 04:54:01.6350 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pe0F8oNEjJptcsWOW2H/GL+kWjJHzSJFV6ooAVPx5dKIgs0t2Sh0otKsMehmq0zEmy1kYyRRbSqvAXTFeFpzBw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR00MB0830
Archived-At: <https://mailarchive.ietf.org/arch/msg/spice/bQVq2RFoxWBQxpApa2q1i72CpJs>
Subject: Re: [SPICE] Call for consensus on SPICE charter
X-BeenThere: spice@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Patterns for Internet CrEdentials <spice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spice>, <mailto:spice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spice/>
List-Post: <mailto:spice@ietf.org>
List-Help: <mailto:spice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spice>, <mailto:spice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Feb 2024 04:54:11 -0000

Thank you, Orie for the detailed response!

Happy to hear that there is an appetite and a room to explore/design extensibility points to bridge SD-CWT and mdocs. Would be happy to contribute.

Overall, the latest SPICE charter I have read looks good to me! Thank you for the work and explicitly mentioning SD-JWT and SD-JWT.

Cheers,
Kristina

From: Orie Steele <orie@transmute.industries>
Sent: Friday, February 9, 2024 3:03 PM
To: Kristina Yasuda <Kristina.Yasuda@microsoft.com>
Cc: spice@ietf.org
Subject: Re: [SPICE] Call for consensus on SPICE charter

Inline:

On Fri, Feb 9, 2024 at 4:09 PM Kristina Yasuda <Kristina.Yasuda@microsoft.com<mailto:Kristina.Yasuda@microsoft.com>> wrote:
Hi Orie,
Thank you. Guess my question was why can’t mdocs be used for the use-cases that SD-CWT is being designed for? And the answer seems to be “because one needs to purchase an ISO standard where mdoc is being defined”?

That's my answer at this point in time, but that doesn't mean it needs to be a working group's answer.

mdocs are not exactly CWTs, rather CBOR structure signed using COSE, but they already have a salt-hash based selective disclosure mechanism.

COSE Sign1 as defined in 9052 can be verified with certificates or public keys, and there are different protected header hints to make this easy.

A CWT is a COSE Sign1 that has a payload that is a CBOR map, where the labels in that map are defined in a registry.

My guess would be that ISO did not create such a requirement for mDoc, and the payload is something other than a CBOR map, or, if it is a CBOR map, that some of the cbor map keys might already have collisions with https://www.iana.org/assignments/cwt/cwt.xhtml

The collisions would be a problem, however we have a possible escape hatch.

https://datatracker.ietf.org/doc/draft-ietf-cose-cwt-claims-in-headers/

^ using this draft, you could have "SD-*" style disclosures to a protected header (assuming mDoc allows you to set protected headers), and you could leave the mDoc payload as is.

The current SD-CWT approach also uses the unprotected header of the cose-sign1... not sure if ISO mDoc allows that.

This is just guessing about how we might attempt to address this challenge.

As an aside, it's very nice that an unprotected header exists in COSE since we don't need to do the disclosure encodings with `~` like we do in SD-JWT.

As "SD-CWT" is a "CWT", whereas an SD-JWT, is a "JWT" with a "~".

If the WG formed and SD-CWT was adopted, ISO could be normatively referenced, and although it would make implementing from the IETF document alone impossible, we do occasionally see normative references to specifications that are behind paywalls, not just from ISO, but from IEEE, and ASTM, etc...

That said, I am generally not in favor of relying on paywalled specifications for security, I agree with what John wrote here:

https://mailarchive.ietf.org/arch/msg/cfrg/aHDFKTVRAKYsjdkW7yK6fmSh_2U/

mdocs also define issuer PKI to be x509 and holder key binding to be raw COSE key, which helps with interop but could be turned into an extensibility point.

Addressing details like these, is exactly why we feel the metadata document is essential.

Another draft which might be helpful for doing key binding with cose key is https://datatracker.ietf.org/doc/draft-ietf-cose-key-thumbprint/

Thinking a bit more about your comment... a new COSE key claim could be defined, and you could possibly use the cose-key format to pass along additional data, but I would be cautious blending media types like application/cose-key with custom extensions, that could lead to unpredictable polyglot formats.

For those not familiar, W3C has struggled with a similar challenge in Verifiable Credentials: https://tess.oconnor.cx/2023/09/polyglots-and-interoperability

I would be concerned that blending SD-CWT and mDoc together could end up destroying their unique value.

But it is an intriguing idea! I don't have enough visibility into mDoc to see exactly how it could work.

At a minimum I think it would be excellent to clearly define the edge between SD-CWT and mDoc, based on my limited understanding of mDoc, I think that boils down to a paywalled algorithm for disclosing commitments that an issuer has made to claims, in other words, the disclosure algorithm and its verification process are the only parts of mDoc, that are security oriented, that are not built on top of RFC9052... but again, I am guessing about a document I have not read.


Best,
Kristina


________________________________
From: Orie Steele <orie@transmute.industries<mailto:orie@transmute.industries>>
Sent: Friday, February 9, 2024 12:31:38 PM
To: Kristina Yasuda <Kristina.Yasuda@microsoft.com<mailto:Kristina.Yasuda@microsoft.com>>
Cc: spice@ietf.org<mailto:spice@ietf.org> <spice@ietf.org<mailto:spice@ietf.org>>
Subject: Re: [SPICE] Call for consensus on SPICE charter

Hey Kristina,

I'm not an mDoc expert so I expect you will be able to answer that question better than I can.

To save you the trouble of reading the "SD-CWT/SD-CWT-VC" draft (and there is an experimental implementation I developed based on OAuth's SD-JWT reference implementation".

"SD-CWT/SD-CWT-VC" basically just takes the OAuth SD-JWT approach and makes it work with CWT claimsets instead of JWT claimsets.

So where OAuth registers:

- https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-07#name-json-web-token-claims-regis

Spice would register similar properties in:

- https://www.iana.org/assignments/cwt/cwt.xhtml

You said: "Personally, I would like to see SD-CWT/SD-CWT-VC to be backwards compatible with mdocs, but that can be discussed once in the draft.

I don't know the content type of the ISO mDoc cose-sign1 payload, is it a CBOR map? Could it be a CWT claimset? If the answer to both of those is yes, I see a possibility to align, but there could be lots of other challenges.

Having not read the ISO spec in question, I can't answer more than that.

Thanks for your comment about the W3C VC Data Model v2, I filed an issue to track it here:

https://github.com/transmute-industries/ietf-spice-charter/issues/29

Feel free to pile on any additional changes you would like to see there.

OS


On Fri, Feb 9, 2024 at 2:22 PM Kristina Yasuda <Kristina.Yasuda=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>> wrote:
Hi,

What is the relationship between SD-CWT/SD-CWT-VC and mdocs defined in ISO/IEC 18013-5?
At least, mdocs should be mentioned in the charter.
Personally, I would like to see SD-CWT/SD-CWT-VC to be backwards compatible with mdocs, but that can be discussed once in the draft.

small nits in the charter text:
VCDM 2.0 has not yet been published, so the last paragraph in the Introduction should be rephrased.
Best,
Kristina
--
SPICE mailing list
SPICE@ietf.org<mailto:SPICE@ietf.org>
https://www.ietf.org/mailman/listinfo/spice


--



ORIE STEELE
Chief Technology Officer
www.transmute.industries<http://www.transmute.industries/>

[https://ci3.googleusercontent.com/mail-sig/AIorK4xqtkj5psM1dDeDes_mjSsF3ylbEa5EMEQmnz3602cucAIhjLaHod-eVJq0E28BwrivrNSBMBc]<https://transmute.industries/>


--



ORIE STEELE
Chief Technology Officer
www.transmute.industries<http://www.transmute.industries/>

[https://ci3.googleusercontent.com/mail-sig/AIorK4xqtkj5psM1dDeDes_mjSsF3ylbEa5EMEQmnz3602cucAIhjLaHod-eVJq0E28BwrivrNSBMBc]<https://transmute.industries/>

v2.23.0 | Report a Bug | By Email