From nobody Tue Jul 6 18:47:13 2021 Return-Path: X-Original-To: tls@ietfa.amsl.com Delivered-To: tls@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B2AA3A156E for ; Tue, 6 Jul 2021 18:47:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.195 X-Spam-Level: X-Spam-Status: No, score=-4.195 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YqRaGSjzsxld for ; Tue, 6 Jul 2021 18:47:09 -0700 (PDT) Received: from llmx3.ll.mit.edu (LLMX3.LL.MIT.EDU [129.55.12.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F33BA3A156C for ; Tue, 6 Jul 2021 18:47:08 -0700 (PDT) Received: from LLE2K16-HYBRD02.mitll.ad.local (LLE2K16-HYBRD02.mitll.ad.local) by llmx3.ll.mit.edu (unknown) with ESMTPS id 1671l4sr010087; Tue, 6 Jul 2021 21:47:04 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=QtUdIJ5vTMCS9PQirKJR2flMePpmUrLMWwQ8X+EufkEJ5gGedJ86YbRpxJJIa4ZmLvapBwyot8dAYUcpyVRt5MC7cyiwZwhbwkh8eJtqsAs4r2OeOm2lkySxM3fqOTnZrS9ifnL56rmYMD4tNxRm7e3WYnWCFOXXoWeVoiZrMs3Mu6C6sAMqh5+dVjl3wTFtlxLQmtBFwln+ZDvNuPR5CwRUz7rNw/aOI9DsEO2UDz/In1xMpPyqRdhhDMrGV00vTVyPWw7fYMWvlIGAjsLZF7iuqdZkBBvbshcQd9lHGcvjyTklboJU+WLgYoGkTMU0T7yZWg4pZoEIMq9ga4CCnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3f7fajNIbCaCPbwX8wCoNgl6dsAexEBR14poxZSguls=; b=xeXvPXsdEznPA+UDlrr6BjxyGjCRRDKBP5cz+CAK3aoke5/qxXKeUAdPUI0trynQdhJ8ClymNL4voV5h5lnNsftbNQ5bHT56SmVwZH7yb3uef2nQMqqYzsKpzmDXgim5C7iYX7EJSnXtjbtEPPpPyOADGavHjA5u7tWM6gZ5efDQIi4pMLn/5p9h2dNWbVZNh26GdLxf4c7yNJgsUZNo7odhBiDT3q2mThE73fjFiMa0q12s5RBHlhZjPvtqvQrBCnZj3982B3XlDzTlWtMFWkbl1fEINbluwQOCl9kw5BjW73aOsRijRunlS6IaK9jVRu597wkc/CpSF8cbwfc+QQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none From: "Blumenthal, Uri - 0553 - MITLL" To: Douglas Stebila , "tls@ietf.org" CC: Shay Gueron Thread-Topic: [TLS] Advancing draft-ietf-tls-hybrid-design Thread-Index: AQHXcs4yiCN9hM3zfEqUO3BIPXGVuqs2e0kA Date: Wed, 7 Jul 2021 01:47:01 +0000 Message-ID: <7F745088-F606-43EA-8CAC-12E4122175E6@ll.mit.edu> References: <1DCCB8D8-F987-4A30-8084-06CE6FBCD507@gmail.com> In-Reply-To: <1DCCB8D8-F987-4A30-8084-06CE6FBCD507@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.50.21061301 authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ll.mit.edu; x-originating-ip: [129.55.200.20] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 6ae7f401-04f8-4526-3744-08d940e91d46 x-ms-traffictypediagnostic: SN5P110MB0367: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:5236; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 7YVuaNQXSZalzhAUGQcFZZWEsKpMmz8xWLawAen18eErplkWAJuEqxhPnO7mLDdguPaj6BZojUNBTpDf39nsC43lR3nddrPB8SXEHlIplVinUdnXkHTqPXCWkQJV4dupCk7R7Gt9qI2kkFFsDMbUSILtStm4T8j6xVwJ07zTYYlz1YbOMER94vZx+1KYVEytqrwLs6yZxkXIuCslAxwQ7a6qVeTwRG1RH7n1sBvlIWpXK5kWmqkjxtq0lzz2t4BNeU458QUjn9sv95DbXBjrjkfs6ydBOJjXTGCRZOLKYZvXpUeMZJs8K1WCFKJOhM+gr4aSjAtteZ/gKtWj2JxpQFCKbJwHbRgAy047w96g8tO7VeCv0tk0pHfJ78OskOWlrG3p3MTFcbvW8pjdLM3qAcYwbcO42s4A2u1EJq5FKgUqack4sHQlyQyvnSszzMBOi9rzoy5JkjFd16mvwFWxPXpDb3z7uDwV0kxcfLOjy55jh2DAdVXTKkwy7OyoyBVAXpf/CiYbyRA/Oe2YBvqp/eOZgzIBSNtj8ammtmjFQ0D0aSeVxemdlaC9pudn3RNZ9sYyyaKC0+y+7GhQArohM+M+llHzQPRaJWooM6dMWJPsVkQYIw1B/5x83YEg9mB8 x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(136003)(366004)(396003)(39860400002)(376002)(346002)(4326008)(8676002)(99936003)(6506007)(8936002)(71200400001)(6512007)(66476007)(66556008)(75432002)(66446008)(5660300002)(2906002)(86362001)(83380400001)(316002)(33656002)(66616009)(186003)(66946007)(64756008)(6486002)(478600001)(2616005)(122000001)(110136005)(966005)(38100700002)(76116006)(26005)(45980500001); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata: ei1FYqFgAQGsy/EHyGWaMhYFckwXR5Ei0AHWZQaxERRTa7fEV2mqQ8t/L/b7/8ykk7j3lmumj/Zv3tT7tNxULL1+3uwXI5b/kTyv0TIMbSYiCHbWdWFVlo1NmJ6klviYIW47FboL7AVs6j0N73/28k33TiPtpw0CUIsbwyk9A8wmzxByb7P+Gr8PXD/BYsjpUG+AtNG8hmYfnFgQ4hzpBSIABalaBlD2xb3Lk1HSIZnZ8ZrNZXYklG48r6vUj/xphBcBWGJxyfpgXyMu+DXgXOnSYacuKbgHjESQg9EyVDxYbjGcGxjL7RqC7OkSxnYDsjq43blvPTFpE+xRSqdJxKHwkDMelQUzf/rFOklI3TnpUFLriqYPhSt2Aaat7aU2XDrvla5oz36L4hvQdEklIt2t76CukALpcXEmEXeVq3OGJrdZgUROvf9EpxcFqWAbkVnWqvvoJfYHcw34URva5xNsIAvcgcmS84MHgyEh/Vi3YvQR8XxIdImQDhDUv1DtRzbZe3ICRYoDG4AKRlQgAbLlBEsmaZT2FuyP4ky67AKlyz+v9HQhStY5IcC1YVnZB7/jQk+4WJ6oBOcnEpZY2keTUQr+Oe/wr4L9vdWQDTL2Af2vIVPMod3jSwUP2kuYsKXoJPrOXvj8s5yw0s/oL0I69GmNmayvLgAgaVgbO/a07MhQ47tBdD9eCY3mHZogItKPpyNMzErG+zK2EywzQA== x-ms-exchange-transport-forked: True Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha256; boundary="B_3708452820_507557773" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 6ae7f401-04f8-4526-3744-08d940e91d46 X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jul 2021 01:47:01.1284 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN5P110MB0367 X-OriginatorOrg: ll.mit.edu X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-06_13:2021-07-06, 2021-07-06 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2103310000 definitions=main-2107070007 Archived-At: Subject: Re: [TLS] Advancing draft-ietf-tls-hybrid-design X-BeenThere: tls@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jul 2021 01:47:12 -0000 --B_3708452820_507557773 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable I personally do not find the proposed approach appealing (or even useful). There are three possibilities. a. Quantum computers capable of breaking crypto (QC) become practical *and*= NIST PQC winner(s) resist both quantum and classic attacks; b. QC become practical, and NIST PQC candidates fail (doesn't matter whethe= r they fall to classic or quantum attack!); c. QC do *not* materialize, *and* PQC candidates fail to classic attacks. The only possibility justifying the hybrid exchange is (c), which I persona= lly find the least probable. In both (a) and (b) addition of ECC does not ma= ke the KE any more secure than without it. -- Regards, Uri =20 There are two ways to design a system. One is to make is so simple there ar= e obviously no deficiencies. The other is to make it so complex there are no obvious deficiencies. = - C. A. R. Hoare =20 =EF=BB=BFOn 7/6/21, 21:19, "TLS on behalf of Douglas Stebila" wrote: Dear TLS working group, We wanted to see if there is any further feedback on our draft "Hybrid = key exchange in TLS 1.3" (https://datatracker.ietf.org/doc/draft-ietf-tls-hy= brid-design/) and what steps are required for it to advance further. We hav= e not received any new feedback from the working group since we posted our l= ast non-trivial update in October 2020. The draft as written does not actually specify any post-quantum algorit= hms nor give identifiers for specific algorithm combinations, only the forma= ts for hybrid key exchange messages and key derivation. We have received a = suggestion that the draft be updated to include identifiers for hybrid key e= xchange combining elliptic curve groups and the KEMs currently in Round 3 of= the NIST PQC standardization process, so that implementations can begin tes= ting interoperability using numbers listed in the draft, rather than relying= on ad hoc lists for such purposes. Is that something the working group wou= ld like to see, or would you prefer to leave it as it currently stands, with= out any specific algorithm identifiers? Douglas, Scott, and Shay _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls --B_3708452820_507557773 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUfQYJKoZIhvcNAQcCoIIUbjCCFGoCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0B BwGgghJDMIIE8zCCA9ugAwIBAgITWQAE/KGDHCQY5NLn7AAAAAT8oTANBgkqhkiG9w0BAQsF ADBRMQswCQYDVQQGEwJVUzEfMB0GA1UECgwWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECwwDUEtJMRMwEQYDVQQDDApNSVRMTCBDQS01MB4XDTIwMTIxMTAwMDQ0OVoXDTI1MTIx MDAwMDQ0OVowYTELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRv cnkxDzANBgNVBAsTBlBlb3BsZTEgMB4GA1UEAxMXQmx1bWVudGhhbC5VcmkuNTAwMTA1ODQw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKE/w5SMRbjqdnzi3xm35MTfqSl/hP NjMbDakZIdbjOM3UKEmPFXc6a6VU/QqOJUi6ndjw0tH7RCVP73bdRPXO/E8WiAaaSYG6Ddqr 02Pv6wThtFuh+ll9IbDRWZCrXdglHg5CdvqpmlsX5UY54/Gb5r+Je3CwHewClS9/KqklAu/M Rj7Cc7g+PM9GcvU63WDVgXiuAplgvA+W5Hvmcnseb97nBuBnZ1kgbFScRNLR8y5QxSrSpXxW YRiH8dlr/LfBSYsgClZ57NhMk6Z4YL3y1Pw6Vq8pXtM7hlSq8/6s/jhxwf6vUDDeBAkoEWxl hqJtjdD+qrucwiRcrt9SNOufAgMBAAGjggGyMIIBrjAdBgNVHQ4EFgQURapIqD1qtfvgIhzU 5deTdhe9DyMwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFC/vu8YNHbvpav6sZ/MHOwh2 9ktZMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXRjcmwvbGxj YTUwZgYIKwYBBQUHAQEEWjBYMC0GCCsGAQUFBzAChiFodHRwOi8vY3JsLmxsLm1pdC5lZHUv Z2V0dG8vbGxjYTUwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmxsLm1pdC5lZHUvb2NzcDA9 BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+K cwIBZAIBCjAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAZBgNVHREEEjAQ gQ51cmlAbGwubWl0LmVkdTAYBgNVHSAEETAPMA0GCyqGSIb3EgIBAwEIMCcGCSsGAQQBgjcU AgQaHhgATABMAFUAcwBlAHIAUwBpAGcALQBTAFcwDQYJKoZIhvcNAQELBQADggEBABAw2S9N p+Aii+rVwD0uTZSRjpL7QD9sWkH1WB1Yd/88m+R6xZtKiD1PJLKXzcumU1V9FAPYZufhCcPV KRgyGbizPBn+f3t13bDieGHLd0DWM4abQiEgiFDsUDzTJ78WwHt/PFMjFe/oFSgghgKcOiBO QdxA7oWgV0cvJmc0hNxV6aPACboXW4qAXKMaMXPrhAXJTkL81uoemEf54gdROFIdVLYOUdba mGmstwRcTn1RsJhIcu2EDSNpyfwfK1NUNQAe199BaNenGrKW9yTHwEY55c9xusIEEaW+FLAi jseXn2gIvlQ0W2P2NMm7YCir0F6PI3DDH8+XmfcrbSfNt9swggTAMIIDqKADAgECAgEGMA0G CSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJv cmF0b3J5MQwwCgYDVQQLEwNQS0kxGDAWBgNVBAMTD01JVExMIFJvb3QgQ0EtMjAeFw0xNzAz MDIxMjAwMDBaFw0yNjAzMDIyMzU5NTlaMFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQg TGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTUw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnmoMOvTkfw7nq19mrWazGaa+Q83Uv 0+ATXT3q6kr+WExIMIZ87C74WCcRXpvO7uvx7HvMsYWAFHW93wQwhjytxHIOZgKNJ4VnGVDU l+KI7g0n9+Zjt3hB3HhHbcvbe9+Y4jz+XzCiLl2OaYvICKbxvbBSCLtPEeZQ6x6Tb6EK0ym0 gvYeHO3kuuY+SJHJMltbrLnIVLxjZrNVS77zXKvu6Q3hSdkRIB7kJgEXfL+p/z/2p94bEEZ2 TnQz0TkOjG+Jq7UlXlFRtvsYcDPEQD3UNkZsWcXgC1hXG8TGknUcAhlGxVhlKlFLmNd7342s eGy2s9YxNDnSE+eXTtb0I5LLAgMBAAGjggGcMIIBmDASBgNVHRMBAf8ECDAGAQH/AgEAMB0G A1UdDgQWBBQv77vGDR276Wr+rGfzBzsIdvZLWTAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGu girH7vgy+zAOBgNVHQ8BAf8EBAMCAYYwZwYIKwYBBQUHAQEEWzBZMC4GCCsGAQUFBzAChiJo dHRwOi8vY3JsLmxsLm1pdC5lZHUvZ2V0dG8vTExSQ0EyMCcGCCsGAQUFBzABhhtodHRwOi8v b2NzcC5sbC5taXQuZWR1L29jc3AwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5sbC5t aXQuZWR1L2dldGNybC9MTFJDQTIwgZIGA1UdIASBijCBhzANBgsqhkiG9xICAQMBBjANBgsq hkiG9xICAQMBCDANBgsqhkiG9xICAQMBBzANBgsqhkiG9xICAQMBCTANBgsqhkiG9xICAQMB CjANBgsqhkiG9xICAQMBCzANBgsqhkiG9xICAQMBDjANBgsqhkiG9xICAQMBDzANBgsqhkiG 9xICAQMBEDANBgkqhkiG9w0BAQsFAAOCAQEAMJYRwLPJ91K7e2mA2Nj10W0o5JMHYkaa+ctL 8/xY8QzIHFI5Ij+iydpPN9KCYn/4Sy80T3aNoYkFlS0GRQXhf0nsiY7TWJwAKw4AiO/yJ37/ oRKRgtyRicvaJ6RjlHCXBOalFLw9UtpodP4/idC51lxzsolaQZraBjVe7PL95PhS7D+22Nff InzLdIb1DBf54NwOVfPIgABtxH1fhZrja7EhR9RoUw5E1O6iWaAuP/xWhSTQFWlhyA0/kkIi 9/HXaY0hYnhcjcbPPqjpyfIhSFjjXhjqK7t2wPrSrBFLFUbnLiNlgQHrvNYF5IqgIfnSBWIr m3rfLhpZZJ/xJ7Yf6DCCA4owggJyoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UE BhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTEY MBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMB4XDTE2MDQyMDEyMDAwMFoXDTM1MDQxOTIzNTk1 OVowVjELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAK BgNVBAsTA1BLSTEYMBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAv3WoBEGOOJtm4ucvaf6vKIFPs8watCd6Smwq/XeRNo7P3jPIxNPw F398RGDUmPJIXA7idzD6j0opFIW+kLqYye9e788PV0dqaJlX8818fNDbSE+8B6hieqKTR7Vf OI74UVQEUKVRFuRFw6uVYuvgew2Tj/C2dEee37eruQl5nHkbV2OsWnZ7O+yt+etd6HRcaXLl P9q8WKgA3B7vkOVIMCKoAuaWj+BFq7K+WNkiyi/KdOH9JmOpbyRK4jcA7xbLnF8JFUSNg5c4 Y1BJrFaZtkCeG6Nm9p524GllkRFzPgpj8VicV+AK+9rY07dTx02kYotTnKuy0YxBAwsUXxAQ EwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT/ycllTFOA8akMPCGugirH 7vgy+zAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGugirH7vgy+zAOBgNVHQ8BAf8EBAMCAYYw DQYJKoZIhvcNAQELBQADggEBAHqYfEf/3J5aMKhlYQ0PnUAbMB8jZSr9/HvjfOF00crFUCfS rqG8JQwo+S/iq66gcp62FEgJ0fQkDgVg6m+C2ETo1LoWiSxhYCfcSIQECljlXwR8wFSayF82 2S69IqvHhdq4d58jU6gYi6ssjU4vwsvsVLRJKk/m/Cg/w8gW6YHM5ahBD6/5Ccel2fI7oSms kO991+otrC11YfDwCFvz7Am0r+K9iVhSWta4hmIuV0YBia07eZKSO02LPgQ8YOz3ku0Yt+mh 8VWRKux2CcYjMpk+WDV0BMp75tqb6pqBFkcKvEBXqxg+8+G/umjii4H0c5kvJhaQyykbmOKm xO9IcJIwggT2MIID3qADAgECAhNZAAUW1xDL1n3IkFBHAAAABRbXMA0GCSqGSIb3DQEBCwUA MFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYD VQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTUwHhcNMjEwNzA2MjM0ODI1WhcNMjYwMzAy MjM1OTU5WjBhMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9y eTEPMA0GA1UECxMGUGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMRXUPN5Fz28jb9GOca2/6HDq5EE4Hu T1enB0TiMEnOTipW88pgPmSZ/AAFyJF7AWX7PYPw94Ed/Bbs7yCCa6WZS7cQzdHOWppx9gRZ AxkR8+TgosxPcHoCMXmI/hXtVdZ7mwZlpBGJvyBe6YRmxOWLl3WiCRi/gBThwEWsiQZOfhEN 7hC2GhgCKetpNlTRPxslLmkStNlnjNAxhet8Vm/KSYJFVPOx3qytdLwnO6sz4AfIJJQkFX26 6oP0F/4bjRGlIZrZpdUPGiydpJl1r5SRcYs1ZE7JHErULWSyiAIzBDHUCTcN2GnFoR+9fz92 q2VIHvNHx7bV1hd0E0zlC9UCAwEAAaOCAbUwggGxMB0GA1UdDgQWBBSQ5IixU+wo9uUYNUB4 G/ea7vuWEjAOBgNVHQ8BAf8EBAMCBSAwHwYDVR0jBBgwFoAUL++7xg0du+lq/qxn8wc7CHb2 S1kwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9sbGNh NTBmBggrBgEFBQcBAQRaMFgwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9n ZXR0by9sbGNhNTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AubGwubWl0LmVkdS9vY3NwMD0G CSsGAQQBgjcVBwQwMC4GJisGAQQBgjcVCIOD5R2H7Kdmhq2HFYPq8EWFtqEfHYXr0HCD6+0g AgFkAgELMCUGA1UdJQQeMBwGBFUdJQAGCCsGAQUFBwMEBgorBgEEAYI3CgMEMBkGA1UdEQQS MBCBDnVyaUBsbC5taXQuZWR1MBgGA1UdIAQRMA8wDQYLKoZIhvcSAgEDAQgwJwYJKwYBBAGC NxQCBBoeGABMAEwAVQBzAGUAcgBFAG4AYwAtAFMAVzANBgkqhkiG9w0BAQsFAAOCAQEAICZO a7qQQMDGZzRUaX+Mm/3meVo0nTEdNby178MGq6uYGUS4keIkljEoI+KiEMbT8rtCOBZwomnO HdJmLuRUEgrVAos27V4yjvoic8QKsz+qEhxslFg/2EYMAbTsyLqg34R+wG5o6K95ohUrgLud fPxAmcLOFBtIZBr/3DUIlzw4xHKiX2ruex7YOrQccgXb2qGtNB7tG6jAaXqFb+NZTJhj+3pd OiZiZanzpZvPLIH6Xe4awqDrok7q9ImwwSSQorNrJxKKtA3vLUW3DGvom3XDiOjDqpzhmqXC u6Wf7JfrSJRaudU2WyvYfPk7NQlkLR/1G6Xz+zKqO/cBt2aNATGCAf4wggH6AgEBMGgwUTEL MAkGA1UEBhMCVVMxHzAdBgNVBAoMFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsM A1BLSTETMBEGA1UEAwwKTUlUTEwgQ0EtNQITWQAE/KGDHCQY5NLn7AAAAAT8oTANBglghkgB ZQMEAgEFAKBpMC8GCSqGSIb3DQEJBDEiBCCpToodLrcjX0BTuYloV913CphkRoVtfktptFga YoOePjAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA3MDcw MTQ3MDBaMA0GCSqGSIb3DQEBAQUABIIBADjWH0dLO5k50KXspr8B8nIOTQyfZuxtT62rpo1G NQTfiXRPFnDjY7jHJ8OCtUOjAx8rPw6nMdkCkK0FeN9Sp3z0Z7n7HMvk3CZc9PhKAbmJ60SI khk5rGzHUe4D/QRRITf0J1XszCQ1JWAKAN4lqvC5Wd5wb5sXo8P6kY8KZWp+gYGN57j+NI9F qHLr3v/LZVgXm3bkbf0mT3KRGBDGq+9VW1wSKlnWsDWZizxHMipX5bT6IXP7hdKWJ/dWVz7Q cHpSctU+AFGqYJ4F2JZ4gIZ8KQJl827Zwei5TPt7j372L5e4vWe7caEt47IOiTVyjg68otxe 4+rvbmxXlFhiq10= --B_3708452820_507557773--