From lear@cisco.com  Tue Mar  6 23:37:49 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BB7121E804E for <scim@ietfa.amsl.com>; Tue,  6 Mar 2012 23:37:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.239
X-Spam-Level: 
X-Spam-Status: No, score=-110.239 tagged_above=-999 required=5 tests=[AWL=-0.241, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_81=0.6, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YU2snBCQojXk for <scim@ietfa.amsl.com>; Tue,  6 Mar 2012 23:37:48 -0800 (PST)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id DD62721F85B7 for <scim@ietf.org>; Tue,  6 Mar 2012 23:37:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=4409; q=dns/txt; s=iport; t=1331105867; x=1332315467; h=message-id:date:from:mime-version:to:cc:subject; bh=8y87MEBX0/mLqkz2paRNcKgTbHVKyY5+i9oFXy7bNjY=; b=ku1lYDtmHakNE5V7E73XtXHf3AS+OJ0E58BQL+K3T9xUnXUAy9jiERZL JLAIl/YCcj/Qa0k7looE3G/6j3u7X0rJ55OO5flvU0VRBoKvB6wkn/umI MBQI3UWDzF3+nTY4CCc2whvEXPzGAJl7t0crfDDmsSNmOCrSKaWCfBGBy k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EADsPV0+Q/khL/2dsb2JhbABChUGvV4EHghYBEFUBHx0WCwILAwIBAgFYAQcBARcHh2WgVwGMZ4pFiiaDKIIMgRYElT+QFoJkgVQ
X-IronPort-AV: E=Sophos;i="4.73,544,1325462400";  d="scan'208,217";a="131538474"
Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-1.cisco.com with ESMTP; 07 Mar 2012 07:37:46 +0000
Received: from dhcp-10-55-81-19.cisco.com (dhcp-10-55-81-19.cisco.com [10.55.81.19]) by ams-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q277bkwq003909; Wed, 7 Mar 2012 07:37:46 GMT
Message-ID: <4F57104A.5000607@cisco.com>
Date: Wed, 07 Mar 2012 08:37:46 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: scim@ietf.org
X-Enigmail-Version: 1.3.5
Content-Type: multipart/alternative; boundary="------------090006000802080606030001"
Cc: "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: [scim] greetings from one of your BoF chairs
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2012 07:37:49 -0000

This is a multi-part message in MIME format.
--------------090006000802080606030001
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Hi everyone,

I look forward to working with you all to hold a successful BoF. 
Following on from Peter's earlier message, let's start structuring an
agenda for the BoF.  Here's my first swing:

  * Agenda Bashing (3 minutes)
  * Introduction – a clear and crisp problem statement that includes:
      o What is the provisioning problem that SCIM is trying to solve?
      o *and why is it importan*t?
      o Why isn't attribute exchange in SAML sufficient?  (with example,
        please)
      o Why not SPML/XACML?  Perhaps there are circumstances when
        SPML/XACML are appropriate and when they are not?  Discuss.
      o What problems are you *not* trying to solve?  e.g., limit your
        scope.
  * Overview of proposed starting point: SCIM and how it answers the
    above problem statement
      o Include document structure
  * Discussion
      o Is the problem important?
      o Is the problem well scoped?
      o Is the work appropriate for the IETF?
      o Do we understand how scim will differentiate against existing work?
      o Who are the volunteers to-
          + be editors for the various documents?
          + review the documents?
      o Is there implementer interest?
      o Should a working group be formed?
  * Brief introduction and discussion of a charter (if appropriate)

I think we can anticipate substantial participation from both the
application and security areas in this BoF.

Can we please have volunteers for the introduction and for the overview
of the solution?  The chairs will lead the discussion and introduction
to the charter.

Eliot




--------------090006000802080606030001
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi everyone,<br>
    <br>
    I look forward to working with you all to hold a successful BoF. 
    Following on from Peter's earlier message, let's start structuring
    an agenda for the BoF.  Here's my first swing:<br>
    <br>
    <ul>
      <li>Agenda Bashing (3 minutes)</li>
      <li>Introduction – a clear and crisp problem statement that
        includes:</li>
      <ul>
        <li>What is the provisioning problem that SCIM is trying to
          solve? <br>
        </li>
        <li><b> and why is it importan</b>t?</li>
        <li>Why isn't attribute exchange in SAML sufficient?  (with
          example, please)<br>
        </li>
        <li>Why not SPML/XACML?  Perhaps there are circumstances when
          SPML/XACML are appropriate and when they are not?  Discuss.<br>
        </li>
        <li>What problems are you <b>not</b> trying to solve?  e.g.,
          limit your scope.<br>
        </li>
      </ul>
      <li>Overview of proposed starting point: SCIM and how it answers
        the above problem statement</li>
      <ul>
        <li>Include document structure<br>
        </li>
      </ul>
      <li>Discussion</li>
      <ul>
        <li>Is the problem important?</li>
        <li>Is the problem well scoped?</li>
        <li>Is the work appropriate for the IETF?<br>
        </li>
        <li>Do we understand how scim will differentiate against
          existing work?</li>
        <li>Who are the volunteers to-</li>
        <ul>
          <li>be editors for the various documents?</li>
          <li>review the documents?</li>
        </ul>
        <li>Is there implementer interest?<br>
        </li>
        <li>Should a working group be formed?<br>
        </li>
      </ul>
      <li>Brief introduction and discussion of a charter (if
        appropriate)<br>
      </li>
    </ul>
    <p>I think we can anticipate substantial participation from both the
      application and security areas in this BoF.<br>
    </p>
    <p>Can we please have volunteers for the introduction and for the
      overview of the solution?  The chairs will lead the discussion and
      introduction to the charter.<br>
    </p>
    <p>Eliot<br>
    </p>
    <br>
    <br>
  </body>
</html>

--------------090006000802080606030001--

From Paul.Lipton@ca.com  Thu Mar  8 13:27:44 2012
Return-Path: <Paul.Lipton@ca.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E8F321F86B9 for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 13:27:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HHoBgugnfATt for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 13:27:43 -0800 (PST)
Received: from na3sys009aog106.obsmtp.com (na3sys009aob106.obsmtp.com [74.125.149.76]) by ietfa.amsl.com (Postfix) with ESMTP id E07B421F86B6 for <scim@ietf.org>; Thu,  8 Mar 2012 13:27:39 -0800 (PST)
Received: from USILMS190.ca.com ([141.202.246.44]) (using TLSv1) by na3sys009aob106.postini.com ([74.125.148.12]) with SMTP ID DSNKT1kkSuQOLkKHBzne46sVw2qJ118wav0V@postini.com; Thu, 08 Mar 2012 13:27:43 PST
Received: from USILMS173.ca.com (141.202.6.23) by USILMS190.ca.com (141.202.246.44) with Microsoft SMTP Server (TLS) id 14.1.355.2; Thu, 8 Mar 2012 16:27:36 -0500
Received: from USILMS111B.ca.com ([169.254.8.29]) by usilms173.ca.com ([141.202.6.23]) with mapi id 14.01.0355.002; Thu, 8 Mar 2012 16:27:36 -0500
From: "Lipton, Paul C" <Paul.Lipton@ca.com>
To: Eliot Lear <lear@cisco.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] greetings from one of your BoF chairs
Thread-Index: AQHM/DU1HXiglp8q/UmzZhCEf2MVjJZg6wRg
Date: Thu, 8 Mar 2012 21:27:34 +0000
Message-ID: <F54DCD4EE5A606448D414C716DC9FC4F150349A2@usilms111b.ca.com>
References: <4F57104A.5000607@cisco.com>
In-Reply-To: <4F57104A.5000607@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.129.27.207]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] greetings from one of your BoF chairs
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Mar 2012 21:27:44 -0000

SGkgYWxsLA0KDQpJdCBzZWVtcyB0aGF0IHRoZXJlIGhhcyBiZWVuIGxpdmVseSBkaXNjdXNzaW9u
IHJlZ2FyZGluZyBlbGVtZW50cyBvZiB0aGUgcHJvcG9zZWQgY2hhcnRlciBvdmVyIHRoZSBsYXN0
IGZldyB3ZWVrcy4gVGhhdCBzYWlkOyBpdCBpcyByYXRoZXIgaGFyZCB0byBmaW5kIHRoZSBsYXRl
c3QgaXRlcmF0aW9uIGluIGl0cyB0b3RhbGl0eS4gTGFzdCBwbGFjZSBJIHNhdyBzb21ldGhpbmcg
bGlrZSB0aGF0IHdhcyBhdCAoMSkuIFdvdWxkIHNvbWVib2R5IGJlIGFibGUgdG8gcHJvdmlkZSBh
IHBvaW50ZXIgdG8gd2hlcmUgdGhlIGxhdGVzdCBwcm9wb3NhbCBtaWdodCBiZSBwb3N0ZWQ/IA0K
DQooMSkgaHR0cDovL3d3dy5pZXRmLm9yZy9tYWlsLWFyY2hpdmUvd2ViL3NjaW0vY3VycmVudC9t
c2cwMDAwMy5odG1sDQoNClRoYW5rcywNClBhdWwgDQrCoA0KUGF1bCBMaXB0b24NCkNBIFRlY2hu
b2xvZ2llcw0KVlAsIEluZHVzdHJ5IFN0YW5kYXJkcyBhbmQgT3BlbiBTb3VyY2UgDQpNZW1iZXIs
IENBIENvdW5jaWwgZm9yIFRlY2huaWNhbCBFeGNlbGxlbmNlIA0KT2ZmaWNlIFBob25lOiArMSA2
MDkgNTgzLTk3MTgNCk1vYmlsZTogKzEgMjY3IDk4Ny02ODg3DQpFbWFpbDogcGF1bC5saXB0b25A
Y2EuY29tDQoNCg0KRnJvbTogc2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3Vu
Y2VzQGlldGYub3JnXSBPbiBCZWhhbGYgT2YgRWxpb3QgTGVhcg0KU2VudDogV2VkbmVzZGF5LCBN
YXJjaCAwNywgMjAxMiAyOjM4IEFNDQpUbzogc2NpbUBpZXRmLm9yZw0KQ2M6IFN0ZXZlbiBNLiBC
ZWxsb3Zpbg0KU3ViamVjdDogW3NjaW1dIGdyZWV0aW5ncyBmcm9tIG9uZSBvZiB5b3VyIEJvRiBj
aGFpcnMNCg0KSGkgZXZlcnlvbmUsDQoNCkkgbG9vayBmb3J3YXJkIHRvIHdvcmtpbmcgd2l0aCB5
b3UgYWxsIHRvIGhvbGQgYSBzdWNjZXNzZnVsIEJvRi7CoCBGb2xsb3dpbmcgb24gZnJvbSBQZXRl
cidzIGVhcmxpZXIgbWVzc2FnZSwgbGV0J3Mgc3RhcnQgc3RydWN0dXJpbmcgYW4gYWdlbmRhIGZv
ciB0aGUgQm9GLsKgIEhlcmUncyBteSBmaXJzdCBzd2luZzoNCuKAoiBBZ2VuZGEgQmFzaGluZyAo
MyBtaW51dGVzKQ0K4oCiIEludHJvZHVjdGlvbiDigJMgYSBjbGVhciBhbmQgY3Jpc3AgcHJvYmxl
bSBzdGF0ZW1lbnQgdGhhdCBpbmNsdWRlczoNCm8gV2hhdCBpcyB0aGUgcHJvdmlzaW9uaW5nIHBy
b2JsZW0gdGhhdCBTQ0lNIGlzIHRyeWluZyB0byBzb2x2ZT8gDQpvIGFuZCB3aHkgaXMgaXQgaW1w
b3J0YW50Pw0KbyBXaHkgaXNuJ3QgYXR0cmlidXRlIGV4Y2hhbmdlIGluIFNBTUwgc3VmZmljaWVu
dD/CoCAod2l0aCBleGFtcGxlLCBwbGVhc2UpDQpvIFdoeSBub3QgU1BNTC9YQUNNTD/CoCBQZXJo
YXBzIHRoZXJlIGFyZSBjaXJjdW1zdGFuY2VzIHdoZW4gU1BNTC9YQUNNTCBhcmUgYXBwcm9wcmlh
dGUgYW5kIHdoZW4gdGhleSBhcmUgbm90P8KgIERpc2N1c3MuDQpvIFdoYXQgcHJvYmxlbXMgYXJl
IHlvdSBub3QgdHJ5aW5nIHRvIHNvbHZlP8KgIGUuZy4sIGxpbWl0IHlvdXIgc2NvcGUuDQrigKIg
T3ZlcnZpZXcgb2YgcHJvcG9zZWQgc3RhcnRpbmcgcG9pbnQ6IFNDSU0gYW5kIGhvdyBpdCBhbnN3
ZXJzIHRoZSBhYm92ZSBwcm9ibGVtIHN0YXRlbWVudA0KbyBJbmNsdWRlIGRvY3VtZW50IHN0cnVj
dHVyZQ0K4oCiIERpc2N1c3Npb24NCm8gSXMgdGhlIHByb2JsZW0gaW1wb3J0YW50Pw0KbyBJcyB0
aGUgcHJvYmxlbSB3ZWxsIHNjb3BlZD8NCm8gSXMgdGhlIHdvcmsgYXBwcm9wcmlhdGUgZm9yIHRo
ZSBJRVRGPw0KbyBEbyB3ZSB1bmRlcnN0YW5kIGhvdyBzY2ltIHdpbGwgZGlmZmVyZW50aWF0ZSBh
Z2FpbnN0IGV4aXN0aW5nIHdvcms/DQpvIFdobyBhcmUgdGhlIHZvbHVudGVlcnMgdG8tDQrigKIg
YmUgZWRpdG9ycyBmb3IgdGhlIHZhcmlvdXMgZG9jdW1lbnRzPw0K4oCiIHJldmlldyB0aGUgZG9j
dW1lbnRzPw0KbyBJcyB0aGVyZSBpbXBsZW1lbnRlciBpbnRlcmVzdD8NCm8gU2hvdWxkIGEgd29y
a2luZyBncm91cCBiZSBmb3JtZWQ/DQrigKIgQnJpZWYgaW50cm9kdWN0aW9uIGFuZCBkaXNjdXNz
aW9uIG9mIGEgY2hhcnRlciAoaWYgYXBwcm9wcmlhdGUpDQpJIHRoaW5rIHdlIGNhbiBhbnRpY2lw
YXRlIHN1YnN0YW50aWFsIHBhcnRpY2lwYXRpb24gZnJvbSBib3RoIHRoZSBhcHBsaWNhdGlvbiBh
bmQgc2VjdXJpdHkgYXJlYXMgaW4gdGhpcyBCb0YuDQpDYW4gd2UgcGxlYXNlIGhhdmUgdm9sdW50
ZWVycyBmb3IgdGhlIGludHJvZHVjdGlvbiBhbmQgZm9yIHRoZSBvdmVydmlldyBvZiB0aGUgc29s
dXRpb24/wqAgVGhlIGNoYWlycyB3aWxsIGxlYWQgdGhlIGRpc2N1c3Npb24gYW5kIGludHJvZHVj
dGlvbiB0byB0aGUgY2hhcnRlci4NCkVsaW90DQoNCg==

From trey.drake@unboundid.com  Thu Mar  8 15:22:01 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C13921F864C for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 15:22:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 77ILDSnRGBcg for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 15:22:00 -0800 (PST)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 706F321E802D for <scim@ietf.org>; Thu,  8 Mar 2012 15:22:00 -0800 (PST)
Received: by ghbg16 with SMTP id g16so666984ghb.31 for <scim@ietf.org>; Thu, 08 Mar 2012 15:21:59 -0800 (PST)
Received: by 10.236.156.34 with SMTP id l22mr12714125yhk.118.1331248919885; Thu, 08 Mar 2012 15:21:59 -0800 (PST)
Received: from [192.168.241.61] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id g7sm8733162yhm.5.2012.03.08.15.21.57 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 08 Mar 2012 15:21:57 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_7B366547-5292-4FB6-BABD-010A29A3F837"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <4F57104A.5000607@cisco.com>
Date: Thu, 8 Mar 2012 17:21:56 -0600
Message-Id: <A8B29505-71B1-491C-8353-4B339A8F859D@unboundid.com>
References: <4F57104A.5000607@cisco.com>
To: Eliot Lear <lear@cisco.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQnjhWkFukAvUya3GMa+WsmEyIRbiBdJCsPRwe1WH1UtwlFYQSe/213F/BZU6dWaxXjjojiN
Cc: scim@ietf.org, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] greetings from one of your BoF chairs
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Mar 2012 23:22:01 -0000

--Apple-Mail=_7B366547-5292-4FB6-BABD-010A29A3F837
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_E96DC92B-BB59-4D3C-96BE-26DE07C53377"


--Apple-Mail=_E96DC92B-BB59-4D3C-96BE-26DE07C53377
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252


On Mar 7, 2012, at 1:37 AM, Eliot Lear wrote:

> Hi everyone,
>=20
> I look forward to working with you all to hold a successful BoF.  =
Following on from Peter's earlier message, let's start structuring an =
agenda for the BoF.  Here's my first swing:
>=20
> Agenda Bashing (3 minutes)
> Introduction =96 a clear and crisp problem statement that includes:
> What is the provisioning problem that SCIM is trying to solve?=20
> and why is it important?
> Why isn't attribute exchange in SAML sufficient?  (with example, =
please)
> Why not SPML/XACML?  Perhaps there are circumstances when SPML/XACML =
are appropriate and when they are not?  Discuss.
> What problems are you not trying to solve?  e.g., limit your scope.
> Overview of proposed starting point: SCIM and how it answers the above =
problem statement
> Include document structure
> Discussion
> Is the problem important?
> Is the problem well scoped?
> Is the work appropriate for the IETF?
> Do we understand how scim will differentiate against existing work?
> Who are the volunteers to-
> be editors for the various documents?
> review the documents?
> Is there implementer interest?
> Should a working group be formed?
> Brief introduction and discussion of a charter (if appropriate)
> I think we can anticipate substantial participation from both the =
application and security areas in this BoF.
> Can we please have volunteers for the introduction and for the =
overview of the solution?  The chairs will lead the discussion and =
introduction to the charter.
>=20

I'll volunteer to present the protocol and schema.

Thanks,
Trey

> Eliot
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_E96DC92B-BB59-4D3C-96BE-26DE07C53377
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><br><div><div>On Mar 7, 2012, at 1:37 AM, Eliot Lear wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite">
 =20

    <meta http-equiv=3D"content-type" content=3D"text/html; =
charset=3DUTF-8">
 =20
  <div bgcolor=3D"#FFFFFF" text=3D"#000000">
    Hi everyone,<br>
    <br>
    I look forward to working with you all to hold a successful =
BoF.&nbsp;
    Following on from Peter's earlier message, let's start structuring
    an agenda for the BoF.&nbsp; Here's my first swing:<br>
    <br>
    <ul>
      <li>Agenda Bashing (3 minutes)</li>
      <li>Introduction =96 a clear and crisp problem statement that
        includes:</li>
      <ul>
        <li>What is the provisioning problem that SCIM is trying to
          solve? <br>
        </li>
        <li><b> and why is it importan</b>t?</li>
        <li>Why isn't attribute exchange in SAML sufficient?&nbsp; (with
          example, please)<br>
        </li>
        <li>Why not SPML/XACML?&nbsp; Perhaps there are circumstances =
when
          SPML/XACML are appropriate and when they are not?&nbsp; =
Discuss.<br>
        </li>
        <li>What problems are you <b>not</b> trying to solve?&nbsp; =
e.g.,
          limit your scope.<br>
        </li>
      </ul>
      <li>Overview of proposed starting point: SCIM and how it answers
        the above problem statement</li>
      <ul>
        <li>Include document structure<br>
        </li>
      </ul>
      <li>Discussion</li>
      <ul>
        <li>Is the problem important?</li>
        <li>Is the problem well scoped?</li>
        <li>Is the work appropriate for the IETF?<br>
        </li>
        <li>Do we understand how scim will differentiate against
          existing work?</li>
        <li>Who are the volunteers to-</li>
        <ul>
          <li>be editors for the various documents?</li>
          <li>review the documents?</li>
        </ul>
        <li>Is there implementer interest?<br>
        </li>
        <li>Should a working group be formed?<br>
        </li>
      </ul>
      <li>Brief introduction and discussion of a charter (if
        appropriate)<br>
      </li>
    </ul><p>I think we can anticipate substantial participation from =
both the
      application and security areas in this BoF.<br>
    </p><p>Can we please have volunteers for the introduction and for =
the
      overview of the solution?&nbsp; The chairs will lead the =
discussion and
      introduction to the =
charter.<br></p></div></blockquote><div><br></div><div>I'll volunteer to =
present the protocol and =
schema.</div><div><br></div><div>Thanks,</div><div>Trey</div><br><blockquo=
te type=3D"cite"><div bgcolor=3D"#FFFFFF" text=3D"#000000"><p>
    </p><p>Eliot<br>
    </p>
    <br>
    <br>
  </div>

_______________________________________________<br>scim mailing =
list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></body></html>=

--Apple-Mail=_E96DC92B-BB59-4D3C-96BE-26DE07C53377--

--Apple-Mail=_7B366547-5292-4FB6-BABD-010A29A3F837
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMDgyMzIxNTZaMCMGCSqGSIb3DQEJBDEWBBTf9i7AuauVglrVzQrsDTx67SngeTCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBACsoghIfJkYOcuczqmIZSIopI2iqZq/npl92ECqrA2lrRgZUnvEpaNKpM5hTSswp50iY
2l51tU3Jisw/r9WrCVCQ394TTG8lH28ZRjt3yJehisXY23NVUNVyVONyUv3Gc30m0pm2n5ilmEul
97Do9VHLUP21PaBMo2MUA09EB2KRP0kxtV+WxleE9vRZcAmpDSRHVmpFPrU07aBvV9TuYy86VlFR
LMmxeeZ+SfFioyeNvKGqD9E3geM1w/55i/jaRiwMMgC416+TMd/6RALdvZ1gfUZGnLLOoPfVmDC5
3b2gbYFZy8f8u7BxfOq0heymKQmcUWoso6GLztFxph3g5SgAAAAAAAA=

--Apple-Mail=_7B366547-5292-4FB6-BABD-010A29A3F837--

From moransar@cisco.com  Thu Mar  8 19:30:28 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A028521F85A7 for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 19:30:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.432
X-Spam-Level: 
X-Spam-Status: No, score=-10.432 tagged_above=-999 required=5 tests=[AWL=0.167, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dx62w-AhELnl for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 19:30:27 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id BBCA621F859F for <scim@ietf.org>; Thu,  8 Mar 2012 19:30:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=4074; q=dns/txt; s=iport; t=1331263827; x=1332473427; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=q0l2tyH76LJHeai8/Npj3Nzh7CT3A642f5jQ/j05lLQ=; b=NOF6vq1ldO1Cqzrs/+Ky1a87C1CXnyD2ewUVaI1/CS7taXY2oUQYDO4i WHvctMxiShKS6l+/9WBJxjda0v245WN6NYNmGfqpOyhzeXh+zzaJy7Y9U lW4Ua8wWgnENJIA/zIYIEI+CQH8pXiqUkLcnj8t8To+IX6RviDSMNKOtK o=;
X-IronPort-AV: E=Sophos;i="4.73,555,1325462400"; d="scan'208";a="64993615"
Received: from rcdn-core2-5.cisco.com ([173.37.113.192]) by rcdn-iport-6.cisco.com with ESMTP; 09 Mar 2012 03:30:27 +0000
Received: from xbh-rcd-202.cisco.com (xbh-rcd-202.cisco.com [72.163.62.201]) by rcdn-core2-5.cisco.com (8.14.3/8.14.3) with ESMTP id q293URNv006951;  Fri, 9 Mar 2012 03:30:27 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-202.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Thu, 8 Mar 2012 21:30:27 -0600
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Date: Thu, 8 Mar 2012 21:30:25 -0600
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BED7C93D@XMB-RCD-313.cisco.com>
In-Reply-To: <F54DCD4EE5A606448D414C716DC9FC4F150349A2@usilms111b.ca.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] greetings from one of your BoF chairs
Thread-Index: AQHM/DU1HXiglp8q/UmzZhCEf2MVjJZg6wRggAAD+vA=
References: <4F57104A.5000607@cisco.com> <F54DCD4EE5A606448D414C716DC9FC4F150349A2@usilms111b.ca.com>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Lipton, Paul C" <Paul.Lipton@ca.com>, "Eliot Lear" <lear@cisco.com>, <scim@ietf.org>
X-OriginalArrivalTime: 09 Mar 2012 03:30:27.0325 (UTC) FILETIME=[F88B62D0:01CCFDA4]
Cc: "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] greetings from one of your BoF chairs
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Mar 2012 03:30:28 -0000

UGF1bCwNCg0KWW91IGFyZSBjb3JyZWN0LiBUaGVyZSBoYXMgYmVlbiBudW1iZXIgb2YgY2hhbmdl
cyBhbmQgc3VnZ2VzdGlvbnMgYW5kIGl0IGlzIGRlZmluaXRlbHkgdGltZSB0byByb2xsIHRoZW0g
aW4uIEkgd2lsbCBjb21waWxlIHRoZW0gaW50byBhbiB1cGRhdGVkIHZlcnNpb24gYW5kIHNlbmQg
aXQgb3V0IHRoaXMgd2Vla2VuZC4NCg0KDQpDaGVlcnMsDQpNb3J0ZXphDQoNCi0tLS0tT3JpZ2lu
YWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBzY2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2lt
LWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBMaXB0b24sIFBhdWwgQw0KU2VudDogVGh1
cnNkYXksIE1hcmNoIDA4LCAyMDEyIDE6MjggUE0NClRvOiBFbGlvdCBMZWFyOyBzY2ltQGlldGYu
b3JnDQpDYzogU3RldmVuIE0uIEJlbGxvdmluDQpTdWJqZWN0OiBSZTogW3NjaW1dIGdyZWV0aW5n
cyBmcm9tIG9uZSBvZiB5b3VyIEJvRiBjaGFpcnMNCg0KSGkgYWxsLA0KDQpJdCBzZWVtcyB0aGF0
IHRoZXJlIGhhcyBiZWVuIGxpdmVseSBkaXNjdXNzaW9uIHJlZ2FyZGluZyBlbGVtZW50cyBvZiB0
aGUgcHJvcG9zZWQgY2hhcnRlciBvdmVyIHRoZSBsYXN0IGZldyB3ZWVrcy4gVGhhdCBzYWlkOyBp
dCBpcyByYXRoZXIgaGFyZCB0byBmaW5kIHRoZSBsYXRlc3QgaXRlcmF0aW9uIGluIGl0cyB0b3Rh
bGl0eS4gTGFzdCBwbGFjZSBJIHNhdyBzb21ldGhpbmcgbGlrZSB0aGF0IHdhcyBhdCAoMSkuIFdv
dWxkIHNvbWVib2R5IGJlIGFibGUgdG8gcHJvdmlkZSBhIHBvaW50ZXIgdG8gd2hlcmUgdGhlIGxh
dGVzdCBwcm9wb3NhbCBtaWdodCBiZSBwb3N0ZWQ/IA0KDQooMSkgaHR0cDovL3d3dy5pZXRmLm9y
Zy9tYWlsLWFyY2hpdmUvd2ViL3NjaW0vY3VycmVudC9tc2cwMDAwMy5odG1sDQoNClRoYW5rcywN
ClBhdWwgDQrCoA0KUGF1bCBMaXB0b24NCkNBIFRlY2hub2xvZ2llcw0KVlAsIEluZHVzdHJ5IFN0
YW5kYXJkcyBhbmQgT3BlbiBTb3VyY2UNCk1lbWJlciwgQ0EgQ291bmNpbCBmb3IgVGVjaG5pY2Fs
IEV4Y2VsbGVuY2UgT2ZmaWNlIFBob25lOiArMSA2MDkgNTgzLTk3MTgNCk1vYmlsZTogKzEgMjY3
IDk4Ny02ODg3DQpFbWFpbDogcGF1bC5saXB0b25AY2EuY29tDQoNCg0KRnJvbTogc2NpbS1ib3Vu
Y2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSBPbiBCZWhhbGYgT2Yg
RWxpb3QgTGVhcg0KU2VudDogV2VkbmVzZGF5LCBNYXJjaCAwNywgMjAxMiAyOjM4IEFNDQpUbzog
c2NpbUBpZXRmLm9yZw0KQ2M6IFN0ZXZlbiBNLiBCZWxsb3Zpbg0KU3ViamVjdDogW3NjaW1dIGdy
ZWV0aW5ncyBmcm9tIG9uZSBvZiB5b3VyIEJvRiBjaGFpcnMNCg0KSGkgZXZlcnlvbmUsDQoNCkkg
bG9vayBmb3J3YXJkIHRvIHdvcmtpbmcgd2l0aCB5b3UgYWxsIHRvIGhvbGQgYSBzdWNjZXNzZnVs
IEJvRi7CoCBGb2xsb3dpbmcgb24gZnJvbSBQZXRlcidzIGVhcmxpZXIgbWVzc2FnZSwgbGV0J3Mg
c3RhcnQgc3RydWN0dXJpbmcgYW4gYWdlbmRhIGZvciB0aGUgQm9GLsKgIEhlcmUncyBteSBmaXJz
dCBzd2luZzoNCuKAoiBBZ2VuZGEgQmFzaGluZyAoMyBtaW51dGVzKQ0K4oCiIEludHJvZHVjdGlv
biDigJMgYSBjbGVhciBhbmQgY3Jpc3AgcHJvYmxlbSBzdGF0ZW1lbnQgdGhhdCBpbmNsdWRlczoN
Cm8gV2hhdCBpcyB0aGUgcHJvdmlzaW9uaW5nIHByb2JsZW0gdGhhdCBTQ0lNIGlzIHRyeWluZyB0
byBzb2x2ZT8gDQpvIGFuZCB3aHkgaXMgaXQgaW1wb3J0YW50Pw0KbyBXaHkgaXNuJ3QgYXR0cmli
dXRlIGV4Y2hhbmdlIGluIFNBTUwgc3VmZmljaWVudD/CoCAod2l0aCBleGFtcGxlLCBwbGVhc2Up
IG8gV2h5IG5vdCBTUE1ML1hBQ01MP8KgIFBlcmhhcHMgdGhlcmUgYXJlIGNpcmN1bXN0YW5jZXMg
d2hlbiBTUE1ML1hBQ01MIGFyZSBhcHByb3ByaWF0ZSBhbmQgd2hlbiB0aGV5IGFyZSBub3Q/wqAg
RGlzY3Vzcy4NCm8gV2hhdCBwcm9ibGVtcyBhcmUgeW91IG5vdCB0cnlpbmcgdG8gc29sdmU/wqAg
ZS5nLiwgbGltaXQgeW91ciBzY29wZS4NCuKAoiBPdmVydmlldyBvZiBwcm9wb3NlZCBzdGFydGlu
ZyBwb2ludDogU0NJTSBhbmQgaG93IGl0IGFuc3dlcnMgdGhlIGFib3ZlIHByb2JsZW0gc3RhdGVt
ZW50IG8gSW5jbHVkZSBkb2N1bWVudCBzdHJ1Y3R1cmUg4oCiIERpc2N1c3Npb24gbyBJcyB0aGUg
cHJvYmxlbSBpbXBvcnRhbnQ/DQpvIElzIHRoZSBwcm9ibGVtIHdlbGwgc2NvcGVkPw0KbyBJcyB0
aGUgd29yayBhcHByb3ByaWF0ZSBmb3IgdGhlIElFVEY/DQpvIERvIHdlIHVuZGVyc3RhbmQgaG93
IHNjaW0gd2lsbCBkaWZmZXJlbnRpYXRlIGFnYWluc3QgZXhpc3Rpbmcgd29yaz8NCm8gV2hvIGFy
ZSB0aGUgdm9sdW50ZWVycyB0by0NCuKAoiBiZSBlZGl0b3JzIGZvciB0aGUgdmFyaW91cyBkb2N1
bWVudHM/DQrigKIgcmV2aWV3IHRoZSBkb2N1bWVudHM/DQpvIElzIHRoZXJlIGltcGxlbWVudGVy
IGludGVyZXN0Pw0KbyBTaG91bGQgYSB3b3JraW5nIGdyb3VwIGJlIGZvcm1lZD8NCuKAoiBCcmll
ZiBpbnRyb2R1Y3Rpb24gYW5kIGRpc2N1c3Npb24gb2YgYSBjaGFydGVyIChpZiBhcHByb3ByaWF0
ZSkgSSB0aGluayB3ZSBjYW4gYW50aWNpcGF0ZSBzdWJzdGFudGlhbCBwYXJ0aWNpcGF0aW9uIGZy
b20gYm90aCB0aGUgYXBwbGljYXRpb24gYW5kIHNlY3VyaXR5IGFyZWFzIGluIHRoaXMgQm9GLg0K
Q2FuIHdlIHBsZWFzZSBoYXZlIHZvbHVudGVlcnMgZm9yIHRoZSBpbnRyb2R1Y3Rpb24gYW5kIGZv
ciB0aGUgb3ZlcnZpZXcgb2YgdGhlIHNvbHV0aW9uP8KgIFRoZSBjaGFpcnMgd2lsbCBsZWFkIHRo
ZSBkaXNjdXNzaW9uIGFuZCBpbnRyb2R1Y3Rpb24gdG8gdGhlIGNoYXJ0ZXIuDQpFbGlvdA0KDQpf
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0Kc2NpbSBtYWls
aW5nIGxpc3QNCnNjaW1AaWV0Zi5vcmcNCmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlz
dGluZm8vc2NpbQ0K

From moransar@cisco.com  Thu Mar  8 19:32:38 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5CF921F85AF for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 19:32:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.455
X-Spam-Level: 
X-Spam-Status: No, score=-10.455 tagged_above=-999 required=5 tests=[AWL=0.143, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id STj7dLogp6GF for <scim@ietfa.amsl.com>; Thu,  8 Mar 2012 19:32:38 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id A5A0421F85A7 for <scim@ietf.org>; Thu,  8 Mar 2012 19:32:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=16216; q=dns/txt; s=iport; t=1331263957; x=1332473557; h=mime-version:subject:date:message-id:in-reply-to: references:from:to:cc; bh=QZkZpnNFDZa1JLu23MnklVWx9ML5knPHu6LaD+2EAgw=; b=SuHTcLp+AJfrfChfuOtfQpKxp9FEcsKOvv7kLZKPACF8JDM81eTBVNnG UoLQTDY+dJwdXwbnpeV893UfrLFylvPvz7nOKZdkzus9SdTss7MNBsEOO wZfv2ho1UzSuMuuFyhAHdbKKndGREGnLRCz8pC6onJvt8EzG7TRNMLsGR 4=;
X-IronPort-AV: E=Sophos;i="4.73,555,1325462400"; d="scan'208,217";a="64993892"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-6.cisco.com with ESMTP; 09 Mar 2012 03:32:37 +0000
Received: from xbh-rcd-301.cisco.com (xbh-rcd-301.cisco.com [72.163.63.8]) by rcdn-core-5.cisco.com (8.14.3/8.14.3) with ESMTP id q293WbWM017161;  Fri, 9 Mar 2012 03:32:37 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-301.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Thu, 8 Mar 2012 21:32:37 -0600
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CCFDA5.45D2474E"
Date: Thu, 8 Mar 2012 21:32:36 -0600
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BED7C940@XMB-RCD-313.cisco.com>
In-Reply-To: <4F57104A.5000607@cisco.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] greetings from one of your BoF chairs
Thread-Index: Acz8NTVOaI3+PDRFSvGGAcszUEEEEwAxHQKg
References: <4F57104A.5000607@cisco.com>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Eliot Lear" <lear@cisco.com>, <scim@ietf.org>
X-OriginalArrivalTime: 09 Mar 2012 03:32:37.0535 (UTC) FILETIME=[4627DAF0:01CCFDA5]
Cc: "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] greetings from one of your BoF chairs
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Mar 2012 03:32:39 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CCFDA5.45D2474E
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: base64

VGhhbmtzIEVsaW90IGZvciBnZXR0aW5nIHRoaXMgc3RhcnRlZC4gSSB0aGluayB0aGlzIGlzIGEg
cHJldHR5IGdvb2Qgc3RhcnQuIFVubGVzcyB3ZSBoYXZlIGFub3RoZXIgdm9sdW50ZWVyLCBJIHdp
bGwgdGFrZSB0aGUgaW50cm9kdWN0aW9uLg0KDQogDQoNCiANCg0KQ2hlZXJzLA0KDQpNb3J0ZXph
DQoNCiANCg0KRnJvbTogc2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2Vz
QGlldGYub3JnXSBPbiBCZWhhbGYgT2YgRWxpb3QgTGVhcg0KU2VudDogVHVlc2RheSwgTWFyY2gg
MDYsIDIwMTIgMTE6MzggUE0NClRvOiBzY2ltQGlldGYub3JnDQpDYzogU3RldmVuIE0uIEJlbGxv
dmluDQpTdWJqZWN0OiBbc2NpbV0gZ3JlZXRpbmdzIGZyb20gb25lIG9mIHlvdXIgQm9GIGNoYWly
cw0KDQogDQoNCkhpIGV2ZXJ5b25lLA0KDQpJIGxvb2sgZm9yd2FyZCB0byB3b3JraW5nIHdpdGgg
eW91IGFsbCB0byBob2xkIGEgc3VjY2Vzc2Z1bCBCb0YuICBGb2xsb3dpbmcgb24gZnJvbSBQZXRl
cidzIGVhcmxpZXIgbWVzc2FnZSwgbGV0J3Mgc3RhcnQgc3RydWN0dXJpbmcgYW4gYWdlbmRhIGZv
ciB0aGUgQm9GLiAgSGVyZSdzIG15IGZpcnN0IHN3aW5nOg0KDQoqCUFnZW5kYSBCYXNoaW5nICgz
IG1pbnV0ZXMpDQoqCUludHJvZHVjdGlvbiDigJMgYSBjbGVhciBhbmQgY3Jpc3AgcHJvYmxlbSBz
dGF0ZW1lbnQgdGhhdCBpbmNsdWRlczoNCg0KCSoJV2hhdCBpcyB0aGUgcHJvdmlzaW9uaW5nIHBy
b2JsZW0gdGhhdCBTQ0lNIGlzIHRyeWluZyB0byBzb2x2ZT8gDQoJKglhbmQgd2h5IGlzIGl0IGlt
cG9ydGFudD8NCgkqCVdoeSBpc24ndCBhdHRyaWJ1dGUgZXhjaGFuZ2UgaW4gU0FNTCBzdWZmaWNp
ZW50PyAgKHdpdGggZXhhbXBsZSwgcGxlYXNlKQ0KCSoJV2h5IG5vdCBTUE1ML1hBQ01MPyAgUGVy
aGFwcyB0aGVyZSBhcmUgY2lyY3Vtc3RhbmNlcyB3aGVuIFNQTUwvWEFDTUwgYXJlIGFwcHJvcHJp
YXRlIGFuZCB3aGVuIHRoZXkgYXJlIG5vdD8gIERpc2N1c3MuDQoJKglXaGF0IHByb2JsZW1zIGFy
ZSB5b3Ugbm90IHRyeWluZyB0byBzb2x2ZT8gIGUuZy4sIGxpbWl0IHlvdXIgc2NvcGUuDQoNCioJ
T3ZlcnZpZXcgb2YgcHJvcG9zZWQgc3RhcnRpbmcgcG9pbnQ6IFNDSU0gYW5kIGhvdyBpdCBhbnN3
ZXJzIHRoZSBhYm92ZSBwcm9ibGVtIHN0YXRlbWVudA0KDQoJKglJbmNsdWRlIGRvY3VtZW50IHN0
cnVjdHVyZQ0KDQoqCURpc2N1c3Npb24NCg0KCSoJSXMgdGhlIHByb2JsZW0gaW1wb3J0YW50Pw0K
CSoJSXMgdGhlIHByb2JsZW0gd2VsbCBzY29wZWQ/DQoJKglJcyB0aGUgd29yayBhcHByb3ByaWF0
ZSBmb3IgdGhlIElFVEY/DQoJKglEbyB3ZSB1bmRlcnN0YW5kIGhvdyBzY2ltIHdpbGwgZGlmZmVy
ZW50aWF0ZSBhZ2FpbnN0IGV4aXN0aW5nIHdvcms/DQoJKglXaG8gYXJlIHRoZSB2b2x1bnRlZXJz
IHRvLQ0KDQoJCSoJYmUgZWRpdG9ycyBmb3IgdGhlIHZhcmlvdXMgZG9jdW1lbnRzPw0KCQkqCXJl
dmlldyB0aGUgZG9jdW1lbnRzPw0KDQoJKglJcyB0aGVyZSBpbXBsZW1lbnRlciBpbnRlcmVzdD8N
CgkqCVNob3VsZCBhIHdvcmtpbmcgZ3JvdXAgYmUgZm9ybWVkPw0KDQoqCUJyaWVmIGludHJvZHVj
dGlvbiBhbmQgZGlzY3Vzc2lvbiBvZiBhIGNoYXJ0ZXIgKGlmIGFwcHJvcHJpYXRlKQ0KDQpJIHRo
aW5rIHdlIGNhbiBhbnRpY2lwYXRlIHN1YnN0YW50aWFsIHBhcnRpY2lwYXRpb24gZnJvbSBib3Ro
IHRoZSBhcHBsaWNhdGlvbiBhbmQgc2VjdXJpdHkgYXJlYXMgaW4gdGhpcyBCb0YuDQoNCkNhbiB3
ZSBwbGVhc2UgaGF2ZSB2b2x1bnRlZXJzIGZvciB0aGUgaW50cm9kdWN0aW9uIGFuZCBmb3IgdGhl
IG92ZXJ2aWV3IG9mIHRoZSBzb2x1dGlvbj8gIFRoZSBjaGFpcnMgd2lsbCBsZWFkIHRoZSBkaXNj
dXNzaW9uIGFuZCBpbnRyb2R1Y3Rpb24gdG8gdGhlIGNoYXJ0ZXIuDQoNCkVsaW90DQoNCiANCg0K

------_=_NextPart_001_01CCFDA5.45D2474E
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj
cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv
VFIvUkVDLWh0bWw0MCI+PGhlYWQ+PG1ldGEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu
dD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij48bWV0YSBuYW1lPUdlbmVyYXRvciBjb250ZW50
PSJNaWNyb3NvZnQgV29yZCAxNCAoZmlsdGVyZWQgbWVkaXVtKSI+PHN0eWxlPjwhLS0NCi8qIEZv
bnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6V2luZ2RpbmdzOw0K
CXBhbm9zZS0xOjUgMCAwIDAgMCAwIDAgMCAwIDA7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWls
eTpXaW5nZGluZ3M7DQoJcGFub3NlLTE6NSAwIDAgMCAwIDAgMCAwIDAgMDt9DQpAZm9udC1mYWNl
DQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAyIDQ7
fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpUYWhvbWE7DQoJcGFub3NlLTE6MiAxMSA2IDQg
MyA1IDQgNCAyIDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5N
c29Ob3JtYWwsIGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4w
MDAxcHQ7DQoJZm9udC1zaXplOjEyLjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFu
Iiwic2VyaWYiOw0KCWNvbG9yOmJsYWNrO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7
bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVu
ZGVybGluZTt9DQphOnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0
eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJs
aW5lO30NCnANCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCW1zby1tYXJnaW4tdG9wLWFsdDph
dXRvOw0KCW1hcmdpbi1yaWdodDowaW47DQoJbXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJ
bWFyZ2luLWxlZnQ6MGluOw0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVz
IE5ldyBSb21hbiIsInNlcmlmIjsNCgljb2xvcjpibGFjazt9DQpzcGFuLkVtYWlsU3R5bGUxOA0K
CXttc28tc3R5bGUtdHlwZTpwZXJzb25hbC1yZXBseTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIs
InNhbnMtc2VyaWYiOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0
eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJZm9udC1zaXplOjEwLjBwdDt9DQpAcGFnZSBXb3JkU2Vj
dGlvbjENCgl7c2l6ZTo4LjVpbiAxMS4waW47DQoJbWFyZ2luOjEuMGluIDEuMGluIDEuMGluIDEu
MGluO30NCmRpdi5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLyogTGlzdCBE
ZWZpbml0aW9ucyAqLw0KQGxpc3QgbDANCgl7bXNvLWxpc3QtaWQ6MTM5MjE0NjAxOTsNCgltc28t
bGlzdC10ZW1wbGF0ZS1pZHM6ODE3NTQyNjg4O30NCkBsaXN0IGwwOmxldmVsMQ0KCXttc28tbGV2
ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZl
bC10YWItc3RvcDouNWluOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0
LWluZGVudDotLjI1aW47DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWls
eTpTeW1ib2w7fQ0KQGxpc3QgbDA6bGV2ZWwyDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1
bGxldDsNCgltc28tbGV2ZWwtdGV4dDpvOw0KCW1zby1sZXZlbC10YWItc3RvcDoxLjBpbjsNCglt
c28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCW1z
by1hbnNpLWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6IkNvdXJpZXIgTmV3IjsNCglt
c28tYmlkaS1mb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIjt9DQpAbGlzdCBsMDpsZXZlbDMN
Cgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsN
Cgltc28tbGV2ZWwtdGFiLXN0b3A6MS41aW47DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjps
ZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0K
CWZvbnQtZmFtaWx5OldpbmdkaW5nczt9DQpAbGlzdCBsMDpsZXZlbDQNCgl7bXNvLWxldmVsLW51
bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsNCgltc28tbGV2ZWwtdGFi
LXN0b3A6Mi4waW47DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5k
ZW50Oi0uMjVpbjsNCgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5Oldp
bmdkaW5nczt9DQpAbGlzdCBsMDpsZXZlbDUNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVs
bGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6Mi41aW47DQoJ
bXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCglt
c28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OldpbmdkaW5nczt9DQpAbGlz
dCBsMDpsZXZlbDYNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZl
bC10ZXh0Ou+CpzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6My4waW47DQoJbXNvLWxldmVsLW51bWJl
ci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCgltc28tYW5zaS1mb250LXNp
emU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OldpbmdkaW5nczt9DQpAbGlzdCBsMDpsZXZlbDcNCgl7
bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsNCglt
c28tbGV2ZWwtdGFiLXN0b3A6My41aW47DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0
Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZv
bnQtZmFtaWx5OldpbmdkaW5nczt9DQpAbGlzdCBsMDpsZXZlbDgNCgl7bXNvLWxldmVsLW51bWJl
ci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsNCgltc28tbGV2ZWwtdGFiLXN0
b3A6NC4waW47DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50
Oi0uMjVpbjsNCgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5Oldpbmdk
aW5nczt9DQpAbGlzdCBsMDpsZXZlbDkNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0
Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6NC41aW47DQoJbXNv
LWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCgltc28t
YW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OldpbmdkaW5nczt9DQpvbA0KCXtt
YXJnaW4tYm90dG9tOjBpbjt9DQp1bA0KCXttYXJnaW4tYm90dG9tOjBpbjt9DQotLT48L3N0eWxl
PjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hhcGVkZWZhdWx0cyB2OmV4dD0iZWRpdCIg
c3BpZG1heD0iMTAyNiIgLz4NCjwveG1sPjwhW2VuZGlmXS0tPjwhLS1baWYgZ3RlIG1zbyA5XT48
eG1sPg0KPG86c2hhcGVsYXlvdXQgdjpleHQ9ImVkaXQiPg0KPG86aWRtYXAgdjpleHQ9ImVkaXQi
IGRhdGE9IjEiIC8+DQo8L286c2hhcGVsYXlvdXQ+PC94bWw+PCFbZW5kaWZdLS0+PC9oZWFkPjxi
b2R5IGJnY29sb3I9d2hpdGUgbGFuZz1FTi1VUyBsaW5rPWJsdWUgdmxpbms9cHVycGxlPjxkaXYg
Y2xhc3M9V29yZFNlY3Rpb24xPjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1z
aXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiO2NvbG9yOiMxRjQ5
N0QnPlRoYW5rcyBFbGlvdCBmb3IgZ2V0dGluZyB0aGlzIHN0YXJ0ZWQuIEkgdGhpbmsgdGhpcyBp
cyBhIHByZXR0eSBnb29kIHN0YXJ0LiBVbmxlc3Mgd2UgaGF2ZSBhbm90aGVyIHZvbHVudGVlciwg
SSB3aWxsIHRha2UgdGhlIGludHJvZHVjdGlvbi48bzpwPjwvbzpwPjwvc3Bhbj48L3A+PHAgY2xh
c3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJD
YWxpYnJpIiwic2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3RCc+PG86cD4mbmJzcDs8L286cD48L3Nw
YW4+PC9wPjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtm
b250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiO2NvbG9yOiMxRjQ5N0QnPjxvOnA+Jm5i
c3A7PC9vOnA+PC9zcGFuPjwvcD48cCBjbGFzcz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQt
c2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0
OTdEJz5DaGVlcnMsPG86cD48L286cD48L3NwYW4+PC9wPjxwIGNsYXNzPU1zb05vcm1hbD48c3Bh
biBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2Vy
aWYiO2NvbG9yOiMxRjQ5N0QnPk1vcnRlemE8bzpwPjwvbzpwPjwvc3Bhbj48L3A+PHAgY2xhc3M9
TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxp
YnJpIiwic2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3RCc+PG86cD4mbmJzcDs8L286cD48L3NwYW4+
PC9wPjxkaXY+PGRpdiBzdHlsZT0nYm9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjQjVDNERG
IDEuMHB0O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4nPjxwIGNsYXNzPU1zb05vcm1hbD48Yj48
c3BhbiBzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseToiVGFob21hIiwic2Fucy1z
ZXJpZiI7Y29sb3I6d2luZG93dGV4dCc+RnJvbTo8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSdmb250
LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjtjb2xvcjp3aW5k
b3d0ZXh0Jz4gc2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYu
b3JnXSA8Yj5PbiBCZWhhbGYgT2YgPC9iPkVsaW90IExlYXI8YnI+PGI+U2VudDo8L2I+IFR1ZXNk
YXksIE1hcmNoIDA2LCAyMDEyIDExOjM4IFBNPGJyPjxiPlRvOjwvYj4gc2NpbUBpZXRmLm9yZzxi
cj48Yj5DYzo8L2I+IFN0ZXZlbiBNLiBCZWxsb3Zpbjxicj48Yj5TdWJqZWN0OjwvYj4gW3NjaW1d
IGdyZWV0aW5ncyBmcm9tIG9uZSBvZiB5b3VyIEJvRiBjaGFpcnM8bzpwPjwvbzpwPjwvc3Bhbj48
L3A+PC9kaXY+PC9kaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPjxw
IGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbWFyZ2luLWJvdHRvbToxMi4wcHQnPkhpIGV2ZXJ5b25l
LDxicj48YnI+SSBsb29rIGZvcndhcmQgdG8gd29ya2luZyB3aXRoIHlvdSBhbGwgdG8gaG9sZCBh
IHN1Y2Nlc3NmdWwgQm9GLiZuYnNwOyBGb2xsb3dpbmcgb24gZnJvbSBQZXRlcidzIGVhcmxpZXIg
bWVzc2FnZSwgbGV0J3Mgc3RhcnQgc3RydWN0dXJpbmcgYW4gYWdlbmRhIGZvciB0aGUgQm9GLiZu
YnNwOyBIZXJlJ3MgbXkgZmlyc3Qgc3dpbmc6PG86cD48L286cD48L3A+PHVsIHR5cGU9ZGlzYz48
bGkgY2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFy
Z2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZlbDEgbGZvMSc+QWdlbmRhIEJhc2hp
bmcgKDMgbWludXRlcyk8bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0n
bXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxp
c3Q6bDAgbGV2ZWwxIGxmbzEnPkludHJvZHVjdGlvbiDigJMgYSBjbGVhciBhbmQgY3Jpc3AgcHJv
YmxlbSBzdGF0ZW1lbnQgdGhhdCBpbmNsdWRlczo8bzpwPjwvbzpwPjwvbGk+PHVsIHR5cGU9Y2ly
Y2xlPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21z
by1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMiBsZm8xJz5XaGF0IGlz
IHRoZSBwcm92aXNpb25pbmcgcHJvYmxlbSB0aGF0IFNDSU0gaXMgdHJ5aW5nIHRvIHNvbHZlPyA8
bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3At
YWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwyIGxm
bzEnPjxiPmFuZCB3aHkgaXMgaXQgaW1wb3J0YW48L2I+dD88bzpwPjwvbzpwPjwvbGk+PGxpIGNs
YXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1i
b3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwyIGxmbzEnPldoeSBpc24ndCBhdHRyaWJ1
dGUgZXhjaGFuZ2UgaW4gU0FNTCBzdWZmaWNpZW50PyZuYnNwOyAod2l0aCBleGFtcGxlLCBwbGVh
c2UpPG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4t
dG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVs
MiBsZm8xJz5XaHkgbm90IFNQTUwvWEFDTUw/Jm5ic3A7IFBlcmhhcHMgdGhlcmUgYXJlIGNpcmN1
bXN0YW5jZXMgd2hlbiBTUE1ML1hBQ01MIGFyZSBhcHByb3ByaWF0ZSBhbmQgd2hlbiB0aGV5IGFy
ZSBub3Q/Jm5ic3A7IERpc2N1c3MuPG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwg
c3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRv
O21zby1saXN0OmwwIGxldmVsMiBsZm8xJz5XaGF0IHByb2JsZW1zIGFyZSB5b3UgPGI+bm90PC9i
PiB0cnlpbmcgdG8gc29sdmU/Jm5ic3A7IGUuZy4sIGxpbWl0IHlvdXIgc2NvcGUuPG86cD48L286
cD48L2xpPjwvdWw+PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0
OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwxIGxmbzEn
Pk92ZXJ2aWV3IG9mIHByb3Bvc2VkIHN0YXJ0aW5nIHBvaW50OiBTQ0lNIGFuZCBob3cgaXQgYW5z
d2VycyB0aGUgYWJvdmUgcHJvYmxlbSBzdGF0ZW1lbnQ8bzpwPjwvbzpwPjwvbGk+PHVsIHR5cGU9
Y2lyY2xlPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRv
O21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMiBsZm8xJz5JbmNs
dWRlIGRvY3VtZW50IHN0cnVjdHVyZTxvOnA+PC9vOnA+PC9saT48L3VsPjxsaSBjbGFzcz1Nc29O
b3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFs
dDphdXRvO21zby1saXN0OmwwIGxldmVsMSBsZm8xJz5EaXNjdXNzaW9uPG86cD48L286cD48L2xp
Pjx1bCB0eXBlPWNpcmNsZT48bGkgY2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRv
cC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZlbDIg
bGZvMSc+SXMgdGhlIHByb2JsZW0gaW1wb3J0YW50PzxvOnA+PC9vOnA+PC9saT48bGkgY2xhc3M9
TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRv
bS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZlbDIgbGZvMSc+SXMgdGhlIHByb2JsZW0gd2VsbCBz
Y29wZWQ/PG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJn
aW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxl
dmVsMiBsZm8xJz5JcyB0aGUgd29yayBhcHByb3ByaWF0ZSBmb3IgdGhlIElFVEY/PG86cD48L286
cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRv
O21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMiBsZm8xJz5EbyB3
ZSB1bmRlcnN0YW5kIGhvdyBzY2ltIHdpbGwgZGlmZmVyZW50aWF0ZSBhZ2FpbnN0IGV4aXN0aW5n
IHdvcms/PG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJn
aW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxl
dmVsMiBsZm8xJz5XaG8gYXJlIHRoZSB2b2x1bnRlZXJzIHRvLTxvOnA+PC9vOnA+PC9saT48dWwg
dHlwZT1zcXVhcmU+PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0
OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwzIGxmbzEn
PmJlIGVkaXRvcnMgZm9yIHRoZSB2YXJpb3VzIGRvY3VtZW50cz88bzpwPjwvbzpwPjwvbGk+PGxp
IGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdp
bi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwzIGxmbzEnPnJldmlldyB0aGUgZG9j
dW1lbnRzPzxvOnA+PC9vOnA+PC9saT48L3VsPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21z
by1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0
OmwwIGxldmVsMiBsZm8xJz5JcyB0aGVyZSBpbXBsZW1lbnRlciBpbnRlcmVzdD88bzpwPjwvbzpw
PjwvbGk+PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87
bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwyIGxmbzEnPlNob3Vs
ZCBhIHdvcmtpbmcgZ3JvdXAgYmUgZm9ybWVkPzxvOnA+PC9vOnA+PC9saT48L3VsPjxsaSBjbGFz
cz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90
dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMSBsZm8xJz5CcmllZiBpbnRyb2R1Y3Rpb24g
YW5kIGRpc2N1c3Npb24gb2YgYSBjaGFydGVyIChpZiBhcHByb3ByaWF0ZSk8bzpwPjwvbzpwPjwv
bGk+PC91bD48cD5JIHRoaW5rIHdlIGNhbiBhbnRpY2lwYXRlIHN1YnN0YW50aWFsIHBhcnRpY2lw
YXRpb24gZnJvbSBib3RoIHRoZSBhcHBsaWNhdGlvbiBhbmQgc2VjdXJpdHkgYXJlYXMgaW4gdGhp
cyBCb0YuPG86cD48L286cD48L3A+PHA+Q2FuIHdlIHBsZWFzZSBoYXZlIHZvbHVudGVlcnMgZm9y
IHRoZSBpbnRyb2R1Y3Rpb24gYW5kIGZvciB0aGUgb3ZlcnZpZXcgb2YgdGhlIHNvbHV0aW9uPyZu
YnNwOyBUaGUgY2hhaXJzIHdpbGwgbGVhZCB0aGUgZGlzY3Vzc2lvbiBhbmQgaW50cm9kdWN0aW9u
IHRvIHRoZSBjaGFydGVyLjxvOnA+PC9vOnA+PC9wPjxwPkVsaW90PG86cD48L286cD48L3A+PHAg
Y2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtYXJnaW4tYm90dG9tOjEyLjBwdCc+PG86cD4mbmJzcDs8
L286cD48L3A+PC9kaXY+PC9ib2R5PjwvaHRtbD4=

------_=_NextPart_001_01CCFDA5.45D2474E--

From moransar@cisco.com  Sun Mar 11 22:17:51 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D665521F85C9 for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 22:17:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.473
X-Spam-Level: 
X-Spam-Status: No, score=-10.473 tagged_above=-999 required=5 tests=[AWL=0.125, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rDWhoooUPjt2 for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 22:17:51 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) by ietfa.amsl.com (Postfix) with ESMTP id 097AA21F854F for <scim@ietf.org>; Sun, 11 Mar 2012 22:17:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5214; q=dns/txt; s=iport; t=1331529471; x=1332739071; h=mime-version:subject:date:message-id:from:to; bh=+3ew+NWAmaf90n1EngbscqKrDMDulOw3400Et9/MJyg=; b=ceiObCmi0ccSbYLEM1jEc4o4B5d3mMqWKUJMpcI4dtiW3eA6BX2I+TkQ F6Kx9fYfQ8XZ79x7Cc+uctPVTwunF4D43XJM1SA0/RTVjiCseOrFHppEf Gzn/oCSWx0lEj54gbPR1tcaVxIlifhlGmZ+mvBLkQ664MINoc8vMiykOb Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAG6GXU+tJV2c/2dsb2JhbABCgkWzB4EHggsBBBIBCREDWwEqBhgHVwEEGxqHaJozgScBngaNX4I/YwSIVJ0bgwE
X-IronPort-AV: E=Sophos;i="4.73,569,1325462400"; d="scan'208,217";a="62523179"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-9.cisco.com with ESMTP; 12 Mar 2012 05:17:50 +0000
Received: from xbh-rcd-202.cisco.com (xbh-rcd-202.cisco.com [72.163.62.201]) by rcdn-core-5.cisco.com (8.14.3/8.14.3) with ESMTP id q2C5HoDs006953 for <scim@ietf.org>; Mon, 12 Mar 2012 05:17:50 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-202.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Mon, 12 Mar 2012 00:17:50 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD000F.78240031"
Date: Mon, 12 Mar 2012 00:17:50 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Deliverable section of charter
Thread-Index: Ac0AB574rBl4rh3PS6KNwudUQoR5/g==
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: <scim@ietf.org>
X-OriginalArrivalTime: 12 Mar 2012 05:17:50.0552 (UTC) FILETIME=[783F0D80:01CD000F]
Subject: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 05:17:52 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD000F.78240031
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Eliot suggestion we should add a deliverable section to the charter.
Here is a suggestion based on discussion and documents under SCIM 1.0.
Consider the dates on each item as a complete guess. We should discuss
the list of documents to begin with and then assign
appropriate/practical timeline to these:

=20

5/2012    Initial problem statement draft

5/2012    Initial adoption of SCIM core schema

5/2012    Initial adoption of SCIM restful interface draft

5/2012    Initial adoption of SCIM SAML bindings draft

5/2012    Initial adoption of SCIM LDAP mapping draft

9/2012    WGLC SCIM core schema

9/2012    WGLC SCIM restful interface

9/2012    WGLC SCIM SAML bindings

9/2012    WGLC SCIM LDAP mapping

3/2013    Re-charter discussion

=20

=20

Cheers,

Morteza


------_=_NextPart_001_01CD000F.78240031
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
	{mso-style-priority:99;
	mso-style-link:"Plain Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
span.PlainTextChar
	{mso-style-name:"Plain Text Char";
	mso-style-priority:99;
	mso-style-link:"Plain Text";
	font-family:"Calibri","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal>Eliot =
suggestion we should add a deliverable section to the charter. Here is a =
suggestion based on discussion and documents under SCIM 1.0. Consider =
the dates on each item as a complete guess. We should discuss the list =
of documents to begin with and then assign appropriate/practical =
timeline to these:<o:p></o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=3DMsoPlainText><span =
style=3D'color:black'>5/2012&nbsp;&nbsp;&nbsp; Initial problem statement =
draft<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM =
core schema<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM =
restful interface draft<o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM =
SAML bindings draft<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM =
LDAP mapping draft<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM core =
schema<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM restful =
interface<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM SAML =
bindings<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM LDAP =
mapping<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'>3/2013&nbsp;&nbsp;&nbsp; Re-charter =
discussion<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'>Cheers,<o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'>Morteza<o:p></o:p></span></p></div></body></html>
------_=_NextPart_001_01CD000F.78240031--

From moransar@cisco.com  Sun Mar 11 22:17:54 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7E1221F8597 for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 22:17:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.487
X-Spam-Level: 
X-Spam-Status: No, score=-10.487 tagged_above=-999 required=5 tests=[AWL=0.111, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QpRA0ZmCBudg for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 22:17:52 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id D2C2221F85C4 for <scim@ietf.org>; Sun, 11 Mar 2012 22:17:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=28917; q=dns/txt; s=iport; t=1331529472; x=1332739072; h=mime-version:subject:date:message-id:from:to; bh=e86U+2OHDBv/RFwFvvQ/85D3uA72m8cFgr2qh6PfcKE=; b=Ij2Ut4x10Uhj5YqIEIvUp8tzicZ9O0oVLIPJUmieknnLdq2OvXZD98Z2 qgT3QPiYByNZCiAC58Oc2gXNcP8ZQMukZ4lPOUbSD73HZRh6ZB8w0XXZz exuR1l2ShCBJWq0AXxEqUGL513P8JM8BRUWeypnGK0Hhk5nw0kb0T3XFd o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAG6GXU+tJV2d/2dsb2JhbAA5CYJFsweBB4ILAQQBAQEPAQkRAz4dASoCBBABBwcmMQEEEwgBGYdoC5oogScBngaKIA0IhWljBIhUnRuDAYE+
X-IronPort-AV: E=Sophos;i="4.73,569,1325462400"; d="scan'208,217";a="65541478"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-6.cisco.com with ESMTP; 12 Mar 2012 05:17:51 +0000
Received: from xbh-rcd-302.cisco.com (xbh-rcd-302.cisco.com [72.163.63.9]) by rcdn-core-6.cisco.com (8.14.3/8.14.3) with ESMTP id q2C5HpcR002552 for <scim@ietf.org>; Mon, 12 Mar 2012 05:17:51 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-302.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Mon, 12 Mar 2012 00:17:50 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD000F.78704BD1"
Date: Mon, 12 Mar 2012 00:16:44 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA076@XMB-RCD-313.cisco.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Updated draft charter
Thread-Index: Ac0ADjVhA59HYm/FR+SHlPGpm8HCRQ==
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: <scim@ietf.org>
X-OriginalArrivalTime: 12 Mar 2012 05:17:50.0987 (UTC) FILETIME=[78816DB0:01CD000F]
Subject: [scim] Updated draft charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 05:17:54 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD000F.78704BD1
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Attached is the updated charter based on the discussion so far. I
believe I have addressed all comments with the exception of part of Phil
Hunt's comment which I just sent a reply to.

=20

Also I started another thread to discuss deliverables section of the
charter. Once we discuss that, I will add that section.

=20

Please review and send any suggestion/correction.

=20

=20

Cheers,

Morteza

=20

=20

Simple Cloud Identity Management (SCIM)

---------------------------------------

=20

Charter

=20

Current Status: BOF Approved

=20

BoF Chair(s):

     Steve Bellovi

     Eliot Lear

=20

Applications Area Director(s):

     Pete Resnick <presnick@qualcomm.com>=20

     Peter Saint-Andre <stpeter@stpeter.im>

=20

Mailing Lists:

     General Discussion: scim@ietf.org

     To Subscribe: https://www.ietf.org/mailman/listinfo/scim

     Archive:
http://www.ietf.org/mail-archive/web/scim/current/maillist.html

=20

Description of Working Group:

=20

The Simple Cloud Identity Management (SCIM) specification is designed to
make managing user identity lifecycle in cloud based applications and
services easier.

=20

The specification suite seeks to build upon experience with existing
schemas and deployments, placing specific emphasis on simplicity of
development and integration, while applying existing authentication,
authorization, and privacy models. Its intent is to reduce the cost and
complexity of user management operations by providing a common user
schema and extension model, as well as binding documents to provide
patterns for exchanging this schema using standard protocols. In
addition the working group may consider including managing device
identities as part of the work adopted by the working group.

=20

The group will work to create an IETF technology for management of user
identities in cloud-based applications using SCIM 1.0 specification
produced under the Open Web Foundation framework
(http://www.simplecloud.info) as starting work.

=20

User, device, and service authentication and authorization
(policy/entitlement) are out of scope of this working group charter.

=20

SCIM 1.0 consists of:

*         Schema definition for identity related objects

*         Protocol definition for accessing and managing the identity
objects

*         Binding of SCIM schema to Security Assertion Markup Language
(SAML) messages and assertions

*         Binding of SCIM schema to Lightweight Directory Access
Protocol (LDAP) schema (RFC4519)

=20

The Working Group will produce one or more documents suitable for
consideration as a Proposed Standard that will evolve and enhance the
SCIM 1.0 work by:

*         Extending the specification per the working group charter

*         Improving the terminology used

*         Embodying good security practices, documenting gaps in its
capabilities, and proposing a path forward for addressing the gaps

*         Promoting interoperability

*         Providing guidelines for extensibility

=20

SCIM 1.0 will be used as the starting point. The working group will
strive to retain backward compatibility with the 1.0 specification.
Changes that are not backwards compatible may be accepted if the group
determines changes are required to meet the group's technical objectives
and the group clearly documents the reasons for making them.

=20

The Working Group should consider:

*         Implementer experience

*         The end-user experience, including internationalization

*         Existing uses of SCIM

*         Ability to achieve broad implementation

*         Ability to address broader use cases than those considered by
the original authors

*         Additional functions or extensions that are needed to address
key security concerns, cross-area review, and implementer feedback

*         Work done by other standard bodies as input to the process
such as OASIS Provisioning TC

=20

The working group will focus on adapting the core technology first but
work on extensions will be considered after the core work is well in
hand.

=20

=20


------_=_NextPart_001_01CD000F.78704BD1
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
	{mso-style-priority:99;
	mso-style-link:"Plain Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
span.PlainTextChar
	{mso-style-name:"Plain Text Char";
	mso-style-priority:99;
	mso-style-link:"Plain Text";
	font-family:"Calibri","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:490755620;
	mso-list-type:hybrid;
	mso-list-template-ids:-891098216 67698689 67698691 67698693 67698689 =
67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1
	{mso-list-id:643197164;
	mso-list-type:hybrid;
	mso-list-template-ids:-137714668 67698689 67698691 67698693 67698689 =
67698691 67698693 67698689 67698691 67698693;}
@list l1:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l2
	{mso-list-id:975984857;
	mso-list-type:hybrid;
	mso-list-template-ids:-1466417022 67698689 67698691 67698693 67698689 =
67698691 67698693 67698689 67698691 67698693;}
@list l2:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l2:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l2:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l2:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l2:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l2:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l2:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l2:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l2:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoPlainText><span =
style=3D'color:black'>Attached is the updated charter based on the =
discussion so far. I believe I have addressed all comments with the =
exception of part of Phil Hunt&#8217;s comment which I just sent a reply =
to.<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'color:black'>Also I started another =
thread to discuss deliverables section of the charter. Once we discuss =
that, I will add that section.<o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'color:black'>Please review and send =
any suggestion/correction.<o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'>Cheers,<o:p></o:p></span></p><div =
style=3D'mso-element:para-border-div;border:none;border-bottom:solid =
windowtext 1.0pt;padding:0in 0in 1.0pt 0in'><p class=3DMsoPlainText =
style=3D'border:none;padding:0in'><span =
style=3D'color:black'>Morteza<o:p></o:p></span></p></div><p =
class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>Simple Cloud Identity Management =
(SCIM)<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'>---------------------------------------<o:p></o:p></spa=
n></p><p class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>Charter<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>Current Status: BOF Approved<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>BoF Chair(s):<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp;&nbsp; Steve =
Bellovi<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier New";color:black'>&nbsp;&nbsp;&nbsp;&nbsp; =
Eliot Lear<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>Applications Area Director(s):<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp; &nbsp;Pete Resnick &lt;<a =
href=3D"mailto:presnick@qualcomm.com">presnick@qualcomm.com</a>&gt; =
<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Peter Saint-Andre &lt;<a =
href=3D"mailto:stpeter@stpeter.im">stpeter@stpeter.im</a>&gt;<o:p></o:p><=
/span></p><p class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>Mailing Lists:<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp;&nbsp; General Discussion: <a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp;&nbsp; To Subscribe: <a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/=
mailman/listinfo/scim</a><o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp;&nbsp; =
Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a =
href=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html">=
http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a><o:p><=
/o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>Description of Working Group:<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>The Simple Cloud Identity Management (SCIM) =
specification is designed to make managing user identity lifecycle in =
cloud based applications and services easier.<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>The specification suite seeks to build upon experience =
with existing schemas and deployments, placing specific emphasis on =
simplicity of development and integration, while applying existing =
authentication, authorization, and privacy models. Its intent is to =
reduce the cost and complexity of user management operations by =
providing a common user schema and extension model, as well as binding =
documents to provide patterns for exchanging this schema using standard =
protocols. In addition the working group may consider including managing =
device identities as part of the work adopted by the working =
group.<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>The group will work to create an IETF technology for =
management of user identities in cloud-based applications using SCIM 1.0 =
specification produced under the Open Web Foundation framework (<a =
href=3D"http://www.simplecloud.info">http://www.simplecloud.info</a>) as =
starting work.<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>User, device, and service authentication and =
authorization (policy/entitlement) are out of scope of this working =
group charter.<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>SCIM 1.0 consists of:<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =
lfo1'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Schema definition for identity related =
objects<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =
lfo1'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Protocol definition for accessing and managing the =
identity objects<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =
lfo1'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Binding of SCIM schema to Security Assertion Markup =
Language (SAML) messages and assertions<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =
lfo1'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Binding of SCIM schema to Lightweight Directory Access =
Protocol (LDAP) schema (RFC4519)<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>The Working Group will produce one or more documents =
suitable for consideration as a Proposed Standard that will evolve and =
enhance the SCIM 1.0 work by:<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l1 level1 =
lfo2'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Extending the specification per the working group =
charter<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l1 level1 =
lfo2'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Improving the terminology used<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l1 level1 =
lfo2'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Embodying good security practices, documenting gaps in =
its capabilities, and proposing a path forward for addressing the =
gaps<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l1 level1 =
lfo2'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Promoting interoperability<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l1 level1 =
lfo2'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Providing guidelines for =
extensibility<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>SCIM 1.0 will be used as the starting point. The =
working group will strive to retain backward compatibility with the 1.0 =
specification. Changes that are not backwards compatible may be accepted =
if the group determines changes are required to meet the group's =
technical objectives and the group clearly documents the reasons for =
making them.<o:p></o:p></span></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>The Working Group should =
consider:<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 =
lfo3'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Implementer experience<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 =
lfo3'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>The end-user experience, including =
internationalization<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 =
lfo3'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Existing uses of SCIM<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 =
lfo3'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Ability to achieve broad =
implementation<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 =
lfo3'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Ability to address broader use cases than those =
considered by the original authors<o:p></o:p></span></p><p =
class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 =
lfo3'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Additional functions or extensions that are needed to =
address key security concerns, cross-area review, and implementer =
feedback<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 =
lfo3'><![if !supportLists]><span =
style=3D'font-family:Symbol;color:black'><span =
style=3D'mso-list:Ignore'>&middot;<span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
</span></span></span><![endif]><span style=3D'font-family:"Courier =
New";color:black'>Work done by other standard bodies as input to the =
process such as OASIS Provisioning TC<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'>The working group will focus on adapting the core =
technology first but work on extensions will be considered after the =
core work is well in hand.<o:p></o:p></span></p><p =
class=3DMsoPlainText><span style=3D'font-family:"Courier =
New";color:black'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-family:"Courier =
New"'><o:p>&nbsp;</o:p></span></p></div></body></html>
------_=_NextPart_001_01CD000F.78704BD1--

From moransar@cisco.com  Sun Mar 11 22:17:55 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FB7921F854F for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 22:17:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.498
X-Spam-Level: 
X-Spam-Status: No, score=-10.498 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xBujPYl3VWdc for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 22:17:51 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 0E5F021F85C2 for <scim@ietf.org>; Sun, 11 Mar 2012 22:17:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=37340; q=dns/txt; s=iport; t=1331529471; x=1332739071; h=mime-version:subject:date:message-id:in-reply-to: references:from:to; bh=tkfJoph0hthO67ER5wemc0D5e8iHORbH6jlUGjPyJrQ=; b=mwZFK5aH20cj/XGmP+nVSW777iH0GyHbKZewwexCKw4QP6SJ1FbjracC yw+acTkKmb/6EZc34b0E4H/GRJ3cLwVsqnVsYlYNiLdKiISuP3hl6S4Z9 f3oVrANbXsMxviePWcVbOJXgr6AOn+2px0mVI59feg0//PViQmeSnFZS2 M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApsFACeGXU+tJXHB/2dsb2JhbAA4CYJSqhQBiHKBB4IJAQEBBAEBAQ8BCREDJRkbAgEIBwoBAgEBAQsCBAULAQYBBgEmHwMGCAEBBAESCAEZh2gLn2gBliCKIA0Igx6CS2MEiFSdG4MBgT4
X-IronPort-AV: E=Sophos;i="4.73,569,1325462400"; d="scan'208,217";a="65567079"
Received: from rcdn-core2-6.cisco.com ([173.37.113.193]) by rcdn-iport-5.cisco.com with ESMTP; 12 Mar 2012 05:17:50 +0000
Received: from xbh-rcd-102.cisco.com (xbh-rcd-102.cisco.com [72.163.62.139]) by rcdn-core2-6.cisco.com (8.14.3/8.14.3) with ESMTP id q2C5HoJM031064;  Mon, 12 Mar 2012 05:17:50 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-102.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Mon, 12 Mar 2012 00:17:50 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD000F.77C4A1A9"
Date: Mon, 12 Mar 2012 00:17:49 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA074@XMB-RCD-313.cisco.com>
In-Reply-To: <E646381C-8A04-4040-B835-A0348A8BFF6D@oracle.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Porposed charter
Thread-Index: AczyglHA8kR+RAdSS1yBVdi9/jN2LANgHPcg
References: <8F20CA41-B61E-4EE0-B801-F08F9CD48444@oracle.com> <E646381C-8A04-4040-B835-A0348A8BFF6D@oracle.com>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Phil Hunt" <phil.hunt@oracle.com>, <scim@ietf.org>
X-OriginalArrivalTime: 12 Mar 2012 05:17:50.0040 (UTC) FILETIME=[77F0ED80:01CD000F]
Subject: Re: [scim] Porposed charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 05:17:55 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD000F.77C4A1A9
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Good suggestion Phil.  I added a new item under the WG consideration
section: "Work done by other standard bodies as input to the process
such as OASIS Provisioning TC" but I didn't add any specific items that
should be considered. I think it would be best to leave that to the WG
to study the work you referenced and decide what items should be
considered.

=20

Do you think that is sufficient?

=20

=20

Cheers,

Morteza

=20

From: Phil Hunt [mailto:phil.hunt@oracle.com]=20
Sent: Thursday, February 23, 2012 3:25 PM
To: scim@ietf.org; Morteza Ansari (moransar)
Subject: Re: [scim] Porposed charter

=20

Morteza,=20

=20

Very happy to see the SCIM WG is starting soon!

=20

Regarding the charter, I propose that the working group also adopt the
following OASIS Provisioning TC documents as input material:

* A RESTful Binding to SPML
<http://wiki.oasis-open.org/provision/restpml>  -
http://wiki.oasis-open.org/provision/restpml

* SIMPLEST: A standard schema for Identity and Access Management
<http://wiki.oasis-open.org/provision/simplest>  -
http://wiki.oasis-open.org/provision/simplest

These documents can provide some additional implementation insight into
the final SCIM WG product.

=20

Based on the OASIS Provisioning TC experience, there are some additional
cloud requirements that could be added into SCIM 1.0, hopefully in a
straightforward, backwards compatible way.=20

=20

The key items are:

* Support for multiple targets within a SCIM service provider

* A change to schema introducing a Person entity which for example is
associated with one or more User entities.

=20

The first item arises out of some practical deployment architecture
issues, the latter arises from an attestation issue that arises
regarding tracking what user accounts are associated with individuals --
especially when they have more than one User account. For those that
want to read ahead now, I suggest reading:

http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATarget
andAccount

=20

I propose to present on these two topics at the BoF and then based on
feedback can contribute the content in draft form into the WG for its
consideration.

=20

Regards,

=20

Phil

=20

@independentid

www.independentid.com <http://www.independentid.com/>=20

phil.hunt@oracle.com

=20

________________________________

*	From: "Morteza Ansari (moransar)" <moransar at cisco.com
<mailto:moransar@DOMAIN.HIDDEN> >
*	To: <scim at ietf.org <mailto:scim@DOMAIN.HIDDEN> >
*	Date: Wed, 8 Feb 2012 21:32:58 -0600
*	List-id: Simple Cloud Identity Management BOF <scim.ietf.org
<http://scim.ietf.org/> >

________________________________

Hi folks,

=20

Here is the proposed charter as we discussed over the cloud-directory
mailing list. Please review and send your comments.

=20

=20

Cheers,

Morteza

=20

=20

Simplified Cloud Identity Management (SCIM)

--------------------------------------------------------

=20

Charter

=20

Current Status: BOF Request

=20

Chair(s):

     TBD1

     TBD2

=20

Applications Area Director(s):

     Pete Resnick <presnick at qualcomm.com <http://qualcomm.com/> >

     Peter Saint-Andre <stpeter at stpeter.im>

=20

Mailing Lists:

     General Discussion: scim at ietf.org <http://ietf.org/>=20

     To Subscribe:     https://www.ietf.org/mailman/listinfo/scim

     Archive:
http://www.ietf.org/mail-archive/web/scim/current/maillist.html

=20

Description of Working Group:

=20

The Simple Cloud Identity Management (SCIM) specification is designed to
make managing user identity lifecycle in cloud based applications and
services easier.

=20

The specification suite seeks to build upon experience with existing
schemas and deployments, placing specific emphasis on simplicity of
development and integration, while applying existing authentication,
authorization, and privacy models. Its intent is to reduce the cost and
complexity of user management operations by providing a common user
schema and extension model, as well as binding documents to provide
patterns for exchanging this schema using standard protocols.

=20

The group will work to adapt the SCIM 1.0 specification produced under
the Open Web Foundation framework (http://www.simplecloud.info
<http://www.simplecloud.info/> ) as an IETF technology for management of
user identities in cloud-based applications.

=20

SCIM 1.0 consists of:

*         Schema definition for identity related objects

*         Protocol definition for accessing and managing the identity
objects

*         Binding of SCIM schema to Security Assertion Markup Language
(SAML) messages and assertions

*         Binding of SCIM schema to Lightweight Directory Access
Protocol (LDAP) schema (RFC4519)

=20

The Working Group will produce one or more documents suitable for
consideration as a Proposed Standard that will:

*         Improve the terminology used

*         Embody good security practices, document gaps in its
capabilities, and propose a path forward for addressing the gaps

*         Promote interoperability

*         Provide guidelines for extensibility

=20

SCIM 1.0 will be used as the starting point. The working group will
strive to retain backward compatibility with the 1.0 specification.
Changes that are not backwards compatible may be accepted if the group
determines changes are required to meet the group's technical objectives
and the group clearly documents the reasons for making them.

=20

The Working Group should consider:

*         Implementer experience

*         The end-user experience, including internationalization

*         Existing uses of SCIM

*         Ability to achieve broad implementation

*         Ability to address broader use cases than those considered by
the original authors

*         Additional functions or extensions that are needed to address
key security concerns, cross-area review, and implementer feedback

=20

The working group will focus on adapting the core technology first but
work on extensions will be considered after the core work is well in
hand.

=20

=20

=20


------_=_NextPart_001_01CD000F.77C4A1A9
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 =
(filtered medium)"><!--[if !mso]><style>v\:* =
{behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
	{font-family:Times;
	panose-1:2 2 6 3 5 4 5 2 3 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
	{mso-style-priority:99;
	mso-style-link:"Plain Text Char";
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
span.PlainTextChar
	{mso-style-name:"Plain Text Char";
	mso-style-priority:99;
	mso-style-link:"Plain Text";
	font-family:Consolas;}
span.EmailStyle20
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:975984857;
	mso-list-type:hybrid;
	mso-list-template-ids:-1466417022 67698689 67698691 67698693 67698689 =
67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1
	{mso-list-id:1586452027;
	mso-list-template-ids:-1575036444;}
@list l1:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l1:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:1.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:"Courier New";
	mso-bidi-font-family:"Times New Roman";}
@list l1:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:1.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:2.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level5
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:2.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:3.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:3.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level8
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:4.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:4.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoPlainText =
style=3D'margin:0in;margin-bottom:.0001pt'><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Good suggestion Phil.&nbsp; I added a new item under the WG =
consideration section: &#8220;Work done by other standard bodies as =
input to the process such as OASIS Provisioning TC&#8221; but I =
didn&#8217;t add any specific items that should be considered. I think =
it would be best to leave that to the WG to study the work you =
referenced and decide what items should be =
considered.<o:p></o:p></span></p><p class=3DMsoPlainText =
style=3D'margin:0in;margin-bottom:.0001pt'><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoPlainText =
style=3D'margin:0in;margin-bottom:.0001pt'><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Do you think that is sufficient?<o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Cheers,<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Morteza<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><div><div =
style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span>=
</b><span style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> =
Phil Hunt [mailto:phil.hunt@oracle.com] <br><b>Sent:</b> Thursday, =
February 23, 2012 3:25 PM<br><b>To:</b> scim@ietf.org; Morteza Ansari =
(moransar)<br><b>Subject:</b> Re: [scim] Porposed =
charter<o:p></o:p></span></p></div></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><div><div><div><p =
class=3DMsoNormal>Morteza,&nbsp;<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p =
class=3DMsoNormal>Very happy to see the SCIM WG is starting =
soon!<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p =
class=3DMsoNormal>Regarding the charter,&nbsp;I propose that the working =
group also adopt the following OASIS Provisioning TC documents as input =
material:<o:p></o:p></p></div><div><p class=3DMsoNormal>*&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/restpml">A RESTful Binding =
to SPML</a>&nbsp;-&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/restpml">http://wiki.oasis-o=
pen.org/provision/restpml</a><o:p></o:p></p></div><div><p =
class=3DMsoNormal>*&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/simplest">SIMPLEST: A =
standard schema for Identity and Access Management</a>&nbsp;-&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/simplest">http://wiki.oasis-=
open.org/provision/simplest</a><o:p></o:p></p></div><div><p =
class=3DMsoNormal>These documents can provide some additional =
implementation insight into the final SCIM WG =
product.<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p =
class=3DMsoNormal>Based on the OASIS Provisioning TC experience, there =
are some additional cloud requirements that could be added into SCIM =
1.0, hopefully in a straightforward, backwards compatible =
way.&nbsp;<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p =
class=3DMsoNormal>The key items are:<o:p></o:p></p></div><div><p =
class=3DMsoNormal>* Support for multiple targets within a SCIM service =
provider<o:p></o:p></p></div><div><p class=3DMsoNormal>* A change to =
schema introducing a Person entity which for example is associated with =
one or more User entities.<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p =
class=3DMsoNormal>The first item arises out of some practical deployment =
architecture issues, the latter arises from an attestation issue that =
arises regarding tracking what user accounts are associated with =
individuals -- especially when they have more than one User account. For =
those that want to read ahead now, I suggest =
reading:<o:p></o:p></p></div><div><p class=3DMsoNormal><a =
href=3D"http://wiki.oasis-open.org/provision/simplest#AccountManagement.3=
ATargetandAccount">http://wiki.oasis-open.org/provision/simplest#AccountM=
anagement.3ATargetandAccount</a><o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p class=3DMsoNormal>I =
propose to present on these two topics at the BoF and then based on =
feedback can contribute the content in draft form into the WG for its =
consideration.<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p =
class=3DMsoNormal>Regards,<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><div><div><div><div><di=
v><div><div><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt'>Phil<o:p></o:p></span></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:9.0pt'><o:p>&nbsp;</o:p></span></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:9.0pt'>@independentid<o:p></o:p></span></p></div><div>=
<p class=3DMsoNormal><span style=3D'font-size:9.0pt'><a =
href=3D"http://www.independentid.com/">www.independentid.com</a><o:p></o:=
p></span></p></div></div></div></div><p class=3DMsoNormal =
style=3D'margin-bottom:12.0pt'><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p></o:p><=
/p></div><p class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div =
class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><hr =
size=3D2 width=3D"100%" align=3Dcenter></div><ul type=3Ddisc><li =
class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 =
level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>From</span></em><span =
style=3D'font-family:"Times","serif"'>: &quot;Morteza Ansari =
(moransar)&quot; &lt;<a href=3D"mailto:moransar@DOMAIN.HIDDEN">moransar =
at cisco.com</a>&gt;<o:p></o:p></span></li><li class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 =
level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>To</span></em><span =
style=3D'font-family:"Times","serif"'>: &lt;<a =
href=3D"mailto:scim@DOMAIN.HIDDEN">scim at =
ietf.org</a>&gt;<o:p></o:p></span></li><li class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 =
level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>Date</span></em><span =
style=3D'font-family:"Times","serif"'>: Wed, 8 Feb 2012 21:32:58 =
-0600<o:p></o:p></span></li><li class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 =
level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>List-id</span></em><span =
style=3D'font-family:"Times","serif"'>: Simple Cloud Identity Management =
BOF &lt;<a =
href=3D"http://scim.ietf.org/">scim.ietf.org</a>&gt;<o:p></o:p></span></l=
i></ul><div class=3DMsoNormal align=3Dcenter =
style=3D'text-align:center'><hr size=3D2 width=3D"100%" =
align=3Dcenter></div><table class=3DMsoNormalTable border=3D0 =
cellpadding=3D0 width=3D"100%" =
style=3D'width:100.0%;z-index:auto'><tr><td style=3D'padding:.75pt .75pt =
.75pt .75pt'><div><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Hi =
folks,<o:p></o:p></p><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p><=
/o:p></p><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Here is the =
proposed charter as we discussed over the cloud-directory mailing list. =
Please review and send your comments.<o:p></o:p></p><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p><=
/o:p></p><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p><=
/o:p></p><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Cheers,<o:p>=
</o:p></p><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Morteza<o:p>=
</o:p></p><div style=3D'border:none;border-bottom:solid windowtext =
1.0pt;padding:0in 0in 1.0pt =
0in;border-width:initial;border-color:initial'><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p><=
/o:p></p></div><p class=3DMsoNormal =
style=3D'mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p><=
/o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Simplified Cloud =
Identity Management (SCIM)</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>-----------------------=
---------------------------------</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Charter</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Current Status: BOF =
Request</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Chair(s):</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; TBD1</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; TBD2</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Applications Area =
Director(s):</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp; =
&nbsp;Pete Resnick &lt;presnick at <a =
href=3D"http://qualcomm.com/">qualcomm.com</a>&gt;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;Peter Saint-Andre &lt;stpeter at stpeter.im&gt;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Mailing =
Lists:</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; General Discussion: scim at <a =
href=3D"http://ietf.org/">ietf.org</a></span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; To Subscribe:&nbsp;&nbsp;&nbsp;&nbsp; <a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/=
mailman/listinfo/scim</a></span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; =
Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp; <a =
href=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html">=
http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a></span=
><span style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Description of Working =
Group:</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The Simple Cloud =
Identity Management (SCIM) specification is designed to make managing =
user identity lifecycle in cloud based applications and services =
easier.</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The specification =
suite seeks to build upon experience with existing schemas and =
deployments, placing specific emphasis on simplicity of development and =
integration, while applying existing authentication, authorization, and =
privacy models. Its intent is to reduce the cost and complexity of user =
management operations by providing a common user schema and extension =
model, as well as binding documents to provide patterns for exchanging =
this schema using standard protocols.</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The group will work to =
adapt the SCIM 1.0 specification produced under the Open Web Foundation =
framework (<a =
href=3D"http://www.simplecloud.info/">http://www.simplecloud.info</a>) =
as an IETF technology for management of user identities in cloud-based =
applications.</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>SCIM 1.0 consists =
of:</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Schema definition for =
identity related objects</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Protocol definition =
for accessing and managing the identity objects</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Binding of SCIM schema =
to Security Assertion Markup Language (SAML) messages and =
assertions</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Binding of SCIM schema =
to Lightweight Directory Access Protocol (LDAP) schema =
(RFC4519)</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The Working Group will =
produce one or more documents suitable for consideration as a Proposed =
Standard that will:</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Improve the =
terminology used</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Embody good security =
practices, document gaps in its capabilities, and propose a path forward =
for addressing the gaps</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Promote =
interoperability</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Provide guidelines for =
extensibility</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>SCIM 1.0 will be used =
as the starting point. The working group will strive to retain backward =
compatibility with the 1.0 specification. Changes that are not backwards =
compatible may be accepted if the group determines changes are required =
to meet the group's technical objectives and the group clearly documents =
the reasons for making them.</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The Working Group =
should consider:</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Implementer =
experience</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>The end-user =
experience, including internationalization</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Existing uses of =
SCIM</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Ability to achieve =
broad implementation</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Ability to address =
broader use cases than those considered by the original =
authors</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Additional functions =
or extensions that are needed to address key security concerns, =
cross-area review, and implementer feedback</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The working group will =
focus on adapting the core technology first but work on extensions will =
be considered after the core work is well in hand.</span><span =
style=3D'font-family:"Times","serif"'><o:p></o:p></span></p></div></td></=
tr></table></table><p class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></div></body></html>
------_=_NextPart_001_01CD000F.77C4A1A9--

From samuel@erdtman.se  Sun Mar 11 23:56:29 2012
Return-Path: <samuel@erdtman.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37A4F11E8073 for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 23:56:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Level: 
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3GeJekARLpdp for <scim@ietfa.amsl.com>; Sun, 11 Mar 2012 23:56:28 -0700 (PDT)
Received: from mail-lpp01m010-f44.google.com (mail-lpp01m010-f44.google.com [209.85.215.44]) by ietfa.amsl.com (Postfix) with ESMTP id 61E5B21F852D for <scim@ietf.org>; Sun, 11 Mar 2012 23:56:27 -0700 (PDT)
Received: by lagj5 with SMTP id j5so3899762lag.31 for <scim@ietf.org>; Sun, 11 Mar 2012 23:56:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=UTmV3Q5PeqAizlJ6jcWyLGMOe5ktOTSFQ8ch6ay1w+o=; b=B6El7Qf24uQDrlrSqaRJ8VeDT/VmZX27Dr6p4IplPWc08GgvXzwMm6VXBFblHI4TU6 T9aDOO9jY4TcXDGG3+ikhK04QhE5+mkl/9rvhLw8eR8FnlxIQIYoFVSMLMw2HW/2Nd+M SiFEyWwhCKh9oYhatbFsGYSYXMS/yO2ljTQ3KvGeyrc12awYoWK/iPzRrjJ7s37cto5X XpxqH9V6i3G+csaENp+WWdZNFnCh9UyEuiADQ5xj4l1arnE8pBjiPe+0GMf8LdJ+NZfL 9htw7x75uC6K1zIx8KMTG2Ywcru8kjMPSaiMWSniAwP2o1gZQn9hZhWvojnAchKMcP1Q 7trQ==
MIME-Version: 1.0
Received: by 10.112.27.137 with SMTP id t9mr4030914lbg.88.1331535386912; Sun, 11 Mar 2012 23:56:26 -0700 (PDT)
Received: by 10.112.41.33 with HTTP; Sun, 11 Mar 2012 23:56:26 -0700 (PDT)
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com>
Date: Mon, 12 Mar 2012 07:56:26 +0100
Message-ID: <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com>
From: Samuel Erdtman <samuel@erdtman.se>
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmXGtxYQMw3ClDZYnZhiASMSpAfDdk9Zlw26cuPve28Q8muOVdTLodMwpcVEVzc2w340Nm5
Cc: scim@ietf.org
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 06:56:29 -0000

Have we considered to include an OpenID binding, 2.0 or Connect?

Cheers
//Samuel

On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
<moransar@cisco.com> wrote:
> Eliot suggestion we should add a deliverable section to the charter. Here=
 is
> a suggestion based on discussion and documents under SCIM 1.0. Consider t=
he
> dates on each item as a complete guess. We should discuss the list of
> documents to begin with and then assign appropriate/practical timeline to
> these:
>
>
>
> 5/2012=A0=A0=A0 Initial problem statement draft
>
> 5/2012=A0=A0=A0 Initial adoption of SCIM core schema
>
> 5/2012=A0=A0=A0 Initial adoption of SCIM restful interface draft
>
> 5/2012=A0=A0=A0 Initial adoption of SCIM SAML bindings draft
>
> 5/2012=A0=A0=A0 Initial adoption of SCIM LDAP mapping draft
>
> 9/2012=A0=A0=A0 WGLC SCIM core schema
>
> 9/2012=A0=A0=A0 WGLC SCIM restful interface
>
> 9/2012=A0=A0=A0 WGLC SCIM SAML bindings
>
> 9/2012=A0=A0=A0 WGLC SCIM LDAP mapping
>
> 3/2013=A0=A0=A0 Re-charter discussion
>
>
>
>
>
> Cheers,
>
> Morteza
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From lear@cisco.com  Mon Mar 12 00:10:36 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D755C21F858D for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 00:10:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.556
X-Spam-Level: 
X-Spam-Status: No, score=-110.556 tagged_above=-999 required=5 tests=[AWL=0.043, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KjaPtWg-CGLK for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 00:10:36 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id 13A2621F8531 for <scim@ietf.org>; Mon, 12 Mar 2012 00:10:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=1449; q=dns/txt; s=iport; t=1331536236; x=1332745836; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=PP43Byx/Zd058Jsda47w41leFxx+MKOVqgaa6ptqHMo=; b=lCqTjdUfGsPiVIsyTb7MZRcXwsP98vWTuWdhhUXaT1tNnHO4AD7PTUFy Tp6sQpFxpKBcOl3knoJ6DL3MC8i0zLm1N3zlTLadLqmQM6KjDz4n2mQiA aaY8Ph47FWt6BoF5WESjZG/N/ZAqBjQPNzIsH+V0eBcBXwd6B0gKA2uI8 4=;
X-IronPort-AV: E=Sophos;i="4.73,570,1325462400"; d="scan'208";a="131990706"
Received: from ams-core-1.cisco.com ([144.254.72.81]) by ams-iport-1.cisco.com with ESMTP; 12 Mar 2012 07:10:34 +0000
Received: from dhcp-10-55-80-253.cisco.com (dhcp-10-55-80-253.cisco.com [10.55.80.253]) by ams-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q2C7AYOT010886; Mon, 12 Mar 2012 07:10:34 GMT
Message-ID: <4F5DA16A.4070107@cisco.com>
Date: Mon, 12 Mar 2012 08:10:34 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Samuel Erdtman <samuel@erdtman.se>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com>
In-Reply-To: <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com>
X-Enigmail-Version: 1.3.5
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: scim@ietf.org, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 07:10:37 -0000

Do we have a draft volunteer?

Eliot

On 3/12/12 7:56 AM, Samuel Erdtman wrote:
> Have we considered to include an OpenID binding, 2.0 or Connect?
>
> Cheers
> //Samuel
>
> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
> <moransar@cisco.com> wrote:
>> Eliot suggestion we should add a deliverable section to the charter. Here is
>> a suggestion based on discussion and documents under SCIM 1.0. Consider the
>> dates on each item as a complete guess. We should discuss the list of
>> documents to begin with and then assign appropriate/practical timeline to
>> these:
>>
>>
>>
>> 5/2012    Initial problem statement draft
>>
>> 5/2012    Initial adoption of SCIM core schema
>>
>> 5/2012    Initial adoption of SCIM restful interface draft
>>
>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>
>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>
>> 9/2012    WGLC SCIM core schema
>>
>> 9/2012    WGLC SCIM restful interface
>>
>> 9/2012    WGLC SCIM SAML bindings
>>
>> 9/2012    WGLC SCIM LDAP mapping
>>
>> 3/2013    Re-charter discussion
>>
>>
>>
>>
>>
>> Cheers,
>>
>> Morteza
>>
>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From phil.hunt@oracle.com  Mon Mar 12 09:14:31 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A137421F875D for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 09:14:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.372
X-Spam-Level: 
X-Spam-Status: No, score=-9.372 tagged_above=-999 required=5 tests=[AWL=-0.169, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pPBYQUuYZUqr for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 09:14:31 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 0FF4C21F875A for <scim@ietf.org>; Mon, 12 Mar 2012 09:14:30 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2CGESnX031693 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 12 Mar 2012 16:14:29 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2CGERMY009721 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Mar 2012 16:14:28 GMT
Received: from abhmt113.oracle.com (abhmt113.oracle.com [141.146.116.65]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2CGEQa6010977; Mon, 12 Mar 2012 11:14:26 -0500
Received: from [192.168.1.11] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 12 Mar 2012 09:14:26 -0700
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com> <4F5DA16A.4070107@cisco.com>
In-Reply-To: <4F5DA16A.4070107@cisco.com>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Message-Id: <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com>
X-Mailer: iPhone Mail (9B179)
From: Phil Hunt <phil.hunt@oracle.com>
Date: Mon, 12 Mar 2012 09:14:22 -0700
To: Eliot Lear <lear@cisco.com>
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
X-Auth-Type: Internal IP
X-CT-RefId: str=0001.0A090201.4F5E20E5.00CE,ss=1,re=0.000,fgs=0
Cc: Samuel Erdtman <samuel@erdtman.se>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 16:14:31 -0000

We still need to discuss adding major missing components in SCIM that are pr=
esent in RESTpml. Specifically 'targeting'.=20

I have not yet heard back on including this material as input docs to the ch=
arter.=20

SCIM as it stands now is great for single service SaaS providers but there a=
re major gaps for larger multi-service providers that targeting addresses.=20=


Note that I think these changes are additive and would not delay or signific=
antly change the core spec--though there may be some normative adjustments r=
equired. I believe these are foundational requirements and need to be addres=
sed now.=20

Phil

On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:

> Do we have a draft volunteer?
>=20
> Eliot
>=20
> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>=20
>> Cheers
>> //Samuel
>>=20
>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
>> <moransar@cisco.com> wrote:
>>> Eliot suggestion we should add a deliverable section to the charter. Her=
e is
>>> a suggestion based on discussion and documents under SCIM 1.0. Consider t=
he
>>> dates on each item as a complete guess. We should discuss the list of
>>> documents to begin with and then assign appropriate/practical timeline t=
o
>>> these:
>>>=20
>>>=20
>>>=20
>>> 5/2012    Initial problem statement draft
>>>=20
>>> 5/2012    Initial adoption of SCIM core schema
>>>=20
>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>=20
>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>=20
>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>=20
>>> 9/2012    WGLC SCIM core schema
>>>=20
>>> 9/2012    WGLC SCIM restful interface
>>>=20
>>> 9/2012    WGLC SCIM SAML bindings
>>>=20
>>> 9/2012    WGLC SCIM LDAP mapping
>>>=20
>>> 3/2013    Re-charter discussion
>>>=20
>>>=20
>>>=20
>>>=20
>>>=20
>>> Cheers,
>>>=20
>>> Morteza
>>>=20
>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From trey.drake@unboundid.com  Mon Mar 12 09:29:56 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2632111E8097 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 09:29:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JVe-6QPBR1IW for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 09:29:55 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 6279711E808F for <scim@ietf.org>; Mon, 12 Mar 2012 09:29:55 -0700 (PDT)
Received: by yhpp34 with SMTP id p34so3133135yhp.31 for <scim@ietf.org>; Mon, 12 Mar 2012 09:29:55 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=lMbA7QLvvAWgsBjmb4cf/1e5AgQOkaLm7fA+HvD8c98=; b=CKhcfRnbjGoarQAhJsfWe1WOWSVlCGXFLUJPrTWnUNxxIikU2GUkfvSR3V+eH+R+Gh O6f5du3xoGGIdLUhKLnVoRFIfwDxnfYPluVfTQZIgQ3+2/w1JUFOU6fsACJt1XUYT/ku G6lhmKuyhUHRDeL1G4lFcksfr7XKlX9X6QTreMILuwoDTetn4SdYvo/6GaQzQN3FX/cK fGb7TVBimT5dxZwyirPjWDgAqwX9txf8HBpm4eMtp64SMgY/0IBFgIjiBgKkm8kQgaso v5jPUaga/UEyu26rHib66j8yqFjIzSGWn7HgsxzPbdlnOBrKLIekuF0hYF6yDYiAUXnW Lx9g==
Received: by 10.60.4.199 with SMTP id m7mr7928694oem.65.1331569794906; Mon, 12 Mar 2012 09:29:54 -0700 (PDT)
Received: from office-dhcp-253.unboundid.lab (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id f2sm11391666oef.6.2012.03.12.09.29.53 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 12 Mar 2012 09:29:54 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_F33B9CDD-7EE4-4962-9895-B6663D8CCAD7"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com>
Date: Mon, 12 Mar 2012 11:29:53 -0500
Message-Id: <BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com> <4F5DA16A.4070107@cisco.com> <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com>
To: Phil Hunt <phil.hunt@oracle.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQltGibT4Z3iKzDbLO/F/T851ZjcDTrduOXzGqJJpe0LUXtbasB7vOTJyULwcI6h2hRy1IYZ
Cc: Samuel Erdtman <samuel@erdtman.se>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>, Eliot Lear <lear@cisco.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 16:29:56 -0000

--Apple-Mail=_F33B9CDD-7EE4-4962-9895-B6663D8CCAD7
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Phil,

I believe it would be helpful if you made a specific proposal for how =
the "Simplest" schema, et al. might be meshed with the existing SCIM =
schema.  A proposal pointing out:

- the specific schema and attribute changes (schema change required? =
applicable to core? additional extensions?, etc.)
- what impact those changes have on the protocol (in theory none)=20
- reasoning for change
- implementation impact  (is it useful by the masses, generalizable =
across a variety of 'backends', *implementable*)

Thanks,
Trey


On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:

> We still need to discuss adding major missing components in SCIM that =
are present in RESTpml. Specifically 'targeting'.=20
>=20
> I have not yet heard back on including this material as input docs to =
the charter.=20
>=20
> SCIM as it stands now is great for single service SaaS providers but =
there are major gaps for larger multi-service providers that targeting =
addresses.=20
>=20
> Note that I think these changes are additive and would not delay or =
significantly change the core spec--though there may be some normative =
adjustments required. I believe these are foundational requirements and =
need to be addressed now.=20
>=20
> Phil
>=20
> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>=20
>> Do we have a draft volunteer?
>>=20
>> Eliot
>>=20
>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>=20
>>> Cheers
>>> //Samuel
>>>=20
>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
>>> <moransar@cisco.com> wrote:
>>>> Eliot suggestion we should add a deliverable section to the =
charter. Here is
>>>> a suggestion based on discussion and documents under SCIM 1.0. =
Consider the
>>>> dates on each item as a complete guess. We should discuss the list =
of
>>>> documents to begin with and then assign appropriate/practical =
timeline to
>>>> these:
>>>>=20
>>>>=20
>>>>=20
>>>> 5/2012    Initial problem statement draft
>>>>=20
>>>> 5/2012    Initial adoption of SCIM core schema
>>>>=20
>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>=20
>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>=20
>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>=20
>>>> 9/2012    WGLC SCIM core schema
>>>>=20
>>>> 9/2012    WGLC SCIM restful interface
>>>>=20
>>>> 9/2012    WGLC SCIM SAML bindings
>>>>=20
>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>=20
>>>> 3/2013    Re-charter discussion
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>> Cheers,
>>>>=20
>>>> Morteza
>>>>=20
>>>>=20
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_F33B9CDD-7EE4-4962-9895-B6663D8CCAD7
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTIxNjI5NTNaMCMGCSqGSIb3DQEJBDEWBBSOSaGfCskJHoOPluCLL61VpX/4tTCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAJkIGjfR5zvzIehAVxC1KyKQAMd6okZqVl62Yr9brziDfNHYmsmsZMSbH3tJfk4L3wK7
np/g8PZ7UJ+5MYDtYs5SZCBn/LnM3GEpaNMTi9BgEkWS8/Fe3ThjqcfWXKTsqd7PL+kGg1OyHaKg
FuY4ZuPXlnn1ANaaadVDXjboYto7n7UH4L/t5R7vkm+zuT7TK2yFNjq5y+UgZKhC79zicoHG2kO7
jiiy7hKUU11c/7dyFjuUMcOG1qcz9ND59xw8UGyJORkVwVQNi7mDn46nY2f2AOZVMk6uyj9ZzNbi
b1mOBKCf3IttxMW+PmfmwPDFrNeY4gyzXA71sIsR16Mz1OMAAAAAAAA=

--Apple-Mail=_F33B9CDD-7EE4-4962-9895-B6663D8CCAD7--

From phil.hunt@oracle.com  Mon Mar 12 09:58:46 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FA7221F87A8 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 09:58:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.049
X-Spam-Level: 
X-Spam-Status: No, score=-10.049 tagged_above=-999 required=5 tests=[AWL=0.550, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EwDJ1VoF6NIk for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 09:58:45 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 1FFD321F87B7 for <scim@ietf.org>; Mon, 12 Mar 2012 09:58:45 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2CGwhTC001333 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 12 Mar 2012 16:58:44 GMT
Received: from acsmt357.oracle.com (acsmt357.oracle.com [141.146.40.157]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2CGwg5E000043 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Mar 2012 16:58:42 GMT
Received: from abhmt107.oracle.com (abhmt107.oracle.com [141.146.116.59]) by acsmt357.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2CGwgto011860; Mon, 12 Mar 2012 11:58:42 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 12 Mar 2012 09:58:41 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset=us-ascii
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com>
Date: Mon, 12 Mar 2012 09:58:40 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com> <4F5DA16A.4070107@cisco.com> <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com> <BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com>
To: Trey Drake <trey.drake@unboundid.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
X-CT-RefId: str=0001.0A090207.4F5E2B44.0097,ss=1,re=0.000,fgs=0
Cc: scim@ietf.org
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 16:58:46 -0000

Trey,

I think such a draft proposal is premature. At the BoF stage, we should =
simply cite existing published materials as input rather then submitting =
changes prior to formation. Having other sources of input does not =
commit the WG to using the material, it simply indicates that the =
material is being considered.

I propose we discuss the issue at the BoF, and decide whether or not it =
should fall within the initial charter.

As to the whys/impact etc., I'm prepared to present that at the BoF. =
Then based on feedback, I am happy to work with any other interested WG =
members (as editor or contributor) to submit a draft proposal after the =
WG formation.

If it helps, I can publish some comments on the requirements externally =
on my personal blog so that everyone can have a chance to think about =
the issue in greater detail prior to the meeting.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-12, at 9:29 AM, Trey Drake wrote:

> Phil,
>=20
> I believe it would be helpful if you made a specific proposal for how =
the "Simplest" schema, et al. might be meshed with the existing SCIM =
schema.  A proposal pointing out:
>=20
> - the specific schema and attribute changes (schema change required? =
applicable to core? additional extensions?, etc.)
> - what impact those changes have on the protocol (in theory none)=20
> - reasoning for change
> - implementation impact  (is it useful by the masses, generalizable =
across a variety of 'backends', *implementable*)
>=20
> Thanks,
> Trey
>=20
>=20
> On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:
>=20
>> We still need to discuss adding major missing components in SCIM that =
are present in RESTpml. Specifically 'targeting'.=20
>>=20
>> I have not yet heard back on including this material as input docs to =
the charter.=20
>>=20
>> SCIM as it stands now is great for single service SaaS providers but =
there are major gaps for larger multi-service providers that targeting =
addresses.=20
>>=20
>> Note that I think these changes are additive and would not delay or =
significantly change the core spec--though there may be some normative =
adjustments required. I believe these are foundational requirements and =
need to be addressed now.=20
>>=20
>> Phil
>>=20
>> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>>=20
>>> Do we have a draft volunteer?
>>>=20
>>> Eliot
>>>=20
>>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>>=20
>>>> Cheers
>>>> //Samuel
>>>>=20
>>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
>>>> <moransar@cisco.com> wrote:
>>>>> Eliot suggestion we should add a deliverable section to the =
charter. Here is
>>>>> a suggestion based on discussion and documents under SCIM 1.0. =
Consider the
>>>>> dates on each item as a complete guess. We should discuss the list =
of
>>>>> documents to begin with and then assign appropriate/practical =
timeline to
>>>>> these:
>>>>>=20
>>>>>=20
>>>>>=20
>>>>> 5/2012    Initial problem statement draft
>>>>>=20
>>>>> 5/2012    Initial adoption of SCIM core schema
>>>>>=20
>>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>>=20
>>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>>=20
>>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>>=20
>>>>> 9/2012    WGLC SCIM core schema
>>>>>=20
>>>>> 9/2012    WGLC SCIM restful interface
>>>>>=20
>>>>> 9/2012    WGLC SCIM SAML bindings
>>>>>=20
>>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>>=20
>>>>> 3/2013    Re-charter discussion
>>>>>=20
>>>>>=20
>>>>>=20
>>>>>=20
>>>>>=20
>>>>> Cheers,
>>>>>=20
>>>>> Morteza
>>>>>=20
>>>>>=20
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>=20
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From lear@cisco.com  Mon Mar 12 10:06:53 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2465421F881D for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:06:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.557
X-Spam-Level: 
X-Spam-Status: No, score=-110.557 tagged_above=-999 required=5 tests=[AWL=0.042, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PX0-oGdWGtFJ for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:06:52 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id 8D41B21F880E for <scim@ietf.org>; Mon, 12 Mar 2012 10:06:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=4825; q=dns/txt; s=iport; t=1331572011; x=1332781611; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=KZ44IX1AVwwA93VvWePo6k0HYrOSUf+ujZF6fUUToDQ=; b=ItiH0tDEyRPhLMdxHhJ6GA9yeubyv7HegbfC7yCeOPnQJHYKhpJ5ovJp pC6XWw4cLLjzYz89ttGVgKER173JN9gzDXuTgsxWXsPvBUD/qWZZ2qAm4 PtF1NRlfDRhSnR7akavV+OFVVKFeGaEktFSaAXKG5mTzvHRAvARKqnTOK 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgEFAI4sXk+Q/khL/2dsb2JhbABBhUSwIIEHggkBAQEEAQEBDwEQJiUGBAEQCxgCAgUWCwICCQMCAQIBFTAGDQEFAgEBHodoC591AYxrihqBL448gRYElUyQI4Jk
X-IronPort-AV: E=Sophos;i="4.73,572,1325462400"; d="scan'208";a="132082750"
Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-1.cisco.com with ESMTP; 12 Mar 2012 17:06:48 +0000
Received: from dhcp-10-55-80-253.cisco.com (dhcp-10-55-80-253.cisco.com [10.55.80.253]) by ams-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2CH6ljA021359; Mon, 12 Mar 2012 17:06:47 GMT
Message-ID: <4F5E2D27.6060509@cisco.com>
Date: Mon, 12 Mar 2012 18:06:47 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com> <4F5DA16A.4070107@cisco.com> <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com> <BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com> <2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com>
In-Reply-To: <2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com>
X-Enigmail-Version: 1.3.5
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: scim@ietf.org, Trey Drake <trey.drake@unboundid.com>
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 17:06:53 -0000

Phil,

I'm just saying that the scope of the WG cannot exceed the willingness
of various folk to volunteer to do the work.  Law of physics sort of thing.

Eliot

On 3/12/12 5:58 PM, Phil Hunt wrote:
> Trey,
>
> I think such a draft proposal is premature. At the BoF stage, we should simply cite existing published materials as input rather then submitting changes prior to formation. Having other sources of input does not commit the WG to using the material, it simply indicates that the material is being considered.
>
> I propose we discuss the issue at the BoF, and decide whether or not it should fall within the initial charter.
>
> As to the whys/impact etc., I'm prepared to present that at the BoF. Then based on feedback, I am happy to work with any other interested WG members (as editor or contributor) to submit a draft proposal after the WG formation.
>
> If it helps, I can publish some comments on the requirements externally on my personal blog so that everyone can have a chance to think about the issue in greater detail prior to the meeting.
>
> Phil
>
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>
>
>
>
>
> On 2012-03-12, at 9:29 AM, Trey Drake wrote:
>
>> Phil,
>>
>> I believe it would be helpful if you made a specific proposal for how the "Simplest" schema, et al. might be meshed with the existing SCIM schema.  A proposal pointing out:
>>
>> - the specific schema and attribute changes (schema change required? applicable to core? additional extensions?, etc.)
>> - what impact those changes have on the protocol (in theory none) 
>> - reasoning for change
>> - implementation impact  (is it useful by the masses, generalizable across a variety of 'backends', *implementable*)
>>
>> Thanks,
>> Trey
>>
>>
>> On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:
>>
>>> We still need to discuss adding major missing components in SCIM that are present in RESTpml. Specifically 'targeting'. 
>>>
>>> I have not yet heard back on including this material as input docs to the charter. 
>>>
>>> SCIM as it stands now is great for single service SaaS providers but there are major gaps for larger multi-service providers that targeting addresses. 
>>>
>>> Note that I think these changes are additive and would not delay or significantly change the core spec--though there may be some normative adjustments required. I believe these are foundational requirements and need to be addressed now. 
>>>
>>> Phil
>>>
>>> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>>>
>>>> Do we have a draft volunteer?
>>>>
>>>> Eliot
>>>>
>>>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>>>
>>>>> Cheers
>>>>> //Samuel
>>>>>
>>>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
>>>>> <moransar@cisco.com> wrote:
>>>>>> Eliot suggestion we should add a deliverable section to the charter. Here is
>>>>>> a suggestion based on discussion and documents under SCIM 1.0. Consider the
>>>>>> dates on each item as a complete guess. We should discuss the list of
>>>>>> documents to begin with and then assign appropriate/practical timeline to
>>>>>> these:
>>>>>>
>>>>>>
>>>>>>
>>>>>> 5/2012    Initial problem statement draft
>>>>>>
>>>>>> 5/2012    Initial adoption of SCIM core schema
>>>>>>
>>>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>>>
>>>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>>>
>>>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>>>
>>>>>> 9/2012    WGLC SCIM core schema
>>>>>>
>>>>>> 9/2012    WGLC SCIM restful interface
>>>>>>
>>>>>> 9/2012    WGLC SCIM SAML bindings
>>>>>>
>>>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>>>
>>>>>> 3/2013    Re-charter discussion
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>> Morteza
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> scim mailing list
>>>>>> scim@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From trey.drake@unboundid.com  Mon Mar 12 10:10:49 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9EB121F8624 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:10:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E+pKb7dUQMAO for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:10:48 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 43D4021F8713 for <scim@ietf.org>; Mon, 12 Mar 2012 10:10:48 -0700 (PDT)
Received: by yhpp34 with SMTP id p34so3182992yhp.31 for <scim@ietf.org>; Mon, 12 Mar 2012 10:10:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=M8WE+1osEAHmnighf571B7b7k8GStpizRKmmllnyDAk=; b=ac/TdRAJDlvNQGC7YPEFCU3ZyCbvG8m8brakmGtWb+KjHAVFa0gGhMN2rA9nRrMDA2 hqUf7vHBuSLqT74ylfgfXrGGhbpG0x/Ghwui6Cxx0AZB85IZJZXzFsdxgyPl43YTuyqE nhz3GGf0Tpbb6KjhwRv/dGOgAjJ8ktHBCnwzIqmrOz9S0wE0xwsBkp0X/Q++R6IHUN2D xiGtDnNAuPO4PUwU2c+ffr+iN7sbxYvvUNuzuiwl//ZLhyF40j+PzpZdM307+j3RCHfp pxw3a+bfMIo1ZS0OAv+q+biH8YVx2ruVQZW/W4mx7mjw8t9jJAAp4U8JhbvumOkTiDjF 4eSA==
Received: by 10.60.4.199 with SMTP id m7mr8082303oem.65.1331572243864; Mon, 12 Mar 2012 10:10:43 -0700 (PDT)
Received: from office-dhcp-253.unboundid.lab (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id h7sm4930947oeh.9.2012.03.12.10.10.42 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 12 Mar 2012 10:10:42 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_9DBEDCA0-6522-43B2-93BD-1B56A409512A"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com>
Date: Mon, 12 Mar 2012 12:10:41 -0500
Message-Id: <A450680E-6365-436C-8078-8E5F620440DB@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com> <4F5DA16A.4070107@cisco.com> <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com> <BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com> <2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com>
To: Phil Hunt <phil.hunt@oracle.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQmKDZrwXfgW+XVAnHuKqWJ0q3Y7KJpe/BJIiVGQ00K0ys5Ih41dEvvOsGKbvQ4Z3bb9Rid9
Cc: scim@ietf.org
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 17:10:50 -0000

--Apple-Mail=_9DBEDCA0-6522-43B2-93BD-1B56A409512A
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Phil,

Understood.  I was suggesting you provide more detail so as to solicit =
more feedback.  Please do publish/email more detail for us to review =
ahead of time.  My read on the Simplest schema/attribute spec is that =
its mostly overlap therefore if you're willing to do the work to =
highlight the deltas that would go a long way (at least for me) in =
getting those of us that have had our noses buried in SCIM for awhile up =
to speed.

Thanks,
Trey


On Mar 12, 2012, at 11:58 AM, Phil Hunt wrote:

> Trey,
>=20
> I think such a draft proposal is premature. At the BoF stage, we =
should simply cite existing published materials as input rather then =
submitting changes prior to formation. Having other sources of input =
does not commit the WG to using the material, it simply indicates that =
the material is being considered.
>=20
> I propose we discuss the issue at the BoF, and decide whether or not =
it should fall within the initial charter.
>=20
> As to the whys/impact etc., I'm prepared to present that at the BoF. =
Then based on feedback, I am happy to work with any other interested WG =
members (as editor or contributor) to submit a draft proposal after the =
WG formation.
>=20
> If it helps, I can publish some comments on the requirements =
externally on my personal blog so that everyone can have a chance to =
think about the issue in greater detail prior to the meeting.
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> On 2012-03-12, at 9:29 AM, Trey Drake wrote:
>=20
>> Phil,
>>=20
>> I believe it would be helpful if you made a specific proposal for how =
the "Simplest" schema, et al. might be meshed with the existing SCIM =
schema.  A proposal pointing out:
>>=20
>> - the specific schema and attribute changes (schema change required? =
applicable to core? additional extensions?, etc.)
>> - what impact those changes have on the protocol (in theory none)=20
>> - reasoning for change
>> - implementation impact  (is it useful by the masses, generalizable =
across a variety of 'backends', *implementable*)
>>=20
>> Thanks,
>> Trey
>>=20
>>=20
>> On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:
>>=20
>>> We still need to discuss adding major missing components in SCIM =
that are present in RESTpml. Specifically 'targeting'.=20
>>>=20
>>> I have not yet heard back on including this material as input docs =
to the charter.=20
>>>=20
>>> SCIM as it stands now is great for single service SaaS providers but =
there are major gaps for larger multi-service providers that targeting =
addresses.=20
>>>=20
>>> Note that I think these changes are additive and would not delay or =
significantly change the core spec--though there may be some normative =
adjustments required. I believe these are foundational requirements and =
need to be addressed now.=20
>>>=20
>>> Phil
>>>=20
>>> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>>>=20
>>>> Do we have a draft volunteer?
>>>>=20
>>>> Eliot
>>>>=20
>>>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>>>=20
>>>>> Cheers
>>>>> //Samuel
>>>>>=20
>>>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
>>>>> <moransar@cisco.com> wrote:
>>>>>> Eliot suggestion we should add a deliverable section to the =
charter. Here is
>>>>>> a suggestion based on discussion and documents under SCIM 1.0. =
Consider the
>>>>>> dates on each item as a complete guess. We should discuss the =
list of
>>>>>> documents to begin with and then assign appropriate/practical =
timeline to
>>>>>> these:
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>> 5/2012    Initial problem statement draft
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM core schema
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM core schema
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM restful interface
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM SAML bindings
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>>>=20
>>>>>> 3/2013    Re-charter discussion
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>> Cheers,
>>>>>>=20
>>>>>> Morteza
>>>>>>=20
>>>>>>=20
>>>>>> _______________________________________________
>>>>>> scim mailing list
>>>>>> scim@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>=20
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>=20
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20


--Apple-Mail=_9DBEDCA0-6522-43B2-93BD-1B56A409512A
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTIxNzEwNDJaMCMGCSqGSIb3DQEJBDEWBBRFsjgMPFBD+ypW/Wn+OI0xt8EVvjCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAB8iTjrsj/Qzc1OH7KqlirjbVv37cwS2fujAMBM8fzDjCb5NjVlRC3rvjFj61FstOnRZ
+G4TZTwFObJV1qTaqywD9v3z+jtUje4q2elthKHILAT+sKn5poDQglSTD52pCAafGGZ/ropz2S4m
uQU5/WVJOUEPQmPRLJ/BsgtP5o9CP2JQ9ApFPyRMQHkGKEd4WE9FZgjlkAB0ELQUaSw132jdbtQo
ShCYmp6aaznyZh6dteqFWTCEiDgIw/KBZ/MSvWQABeD4s/AyxbCE/xRLST0Nbh8+bziTdLrUEgSn
NnupX4jFhCDmo8F7iyb7qXyiotKItzzTAZ0Nl2u+GQiCpXAAAAAAAAA=

--Apple-Mail=_9DBEDCA0-6522-43B2-93BD-1B56A409512A--

From kelly.grizzle@sailpoint.com  Mon Mar 12 10:16:41 2012
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5112121F888B for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:16:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jjkgs+-Bk4GA for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:16:40 -0700 (PDT)
Received: from tx2outboundpool.messaging.microsoft.com (tx2ehsobe005.messaging.microsoft.com [65.55.88.15]) by ietfa.amsl.com (Postfix) with ESMTP id 3B10C21F8885 for <scim@ietf.org>; Mon, 12 Mar 2012 10:16:37 -0700 (PDT)
Received: from mail141-tx2-R.bigfish.com (10.9.14.239) by TX2EHSOBE001.bigfish.com (10.9.40.21) with Microsoft SMTP Server id 14.1.225.23; Mon, 12 Mar 2012 17:16:37 +0000
Received: from mail141-tx2 (localhost [127.0.0.1])	by mail141-tx2-R.bigfish.com (Postfix) with ESMTP id 5A194120299; Mon, 12 Mar 2012 17:16:37 +0000 (UTC)
X-SpamScore: -40
X-BigFish: PS-40(zzbb2dI9371I936eK542M1432N98dK4015Izz1202hzz1033IL8275bh8275dhz2fh2a8h668h839h944h)
X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT005.namprd04.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail141-tx2: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT005.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail141-tx2 (localhost.localdomain [127.0.0.1]) by mail141-tx2 (MessageSwitch) id 1331572595106752_24496; Mon, 12 Mar 2012 17:16:35 +0000 (UTC)
Received: from TX2EHSMHS015.bigfish.com (unknown [10.9.14.246])	by mail141-tx2.bigfish.com (Postfix) with ESMTP id 092CB4A006A; Mon, 12 Mar 2012 17:16:35 +0000 (UTC)
Received: from BL2PRD0410HT005.namprd04.prod.outlook.com (157.56.240.85) by TX2EHSMHS015.bigfish.com (10.9.99.115) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 12 Mar 2012 17:16:32 +0000
Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.3.188]) by BL2PRD0410HT005.namprd04.prod.outlook.com ([10.255.99.40]) with mapi id 14.16.0123.000; Mon, 12 Mar 2012 17:16:31 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Trey Drake <trey.drake@unboundid.com>, Phil Hunt <phil.hunt@oracle.com>
Thread-Topic: [scim] Deliverable section of charter
Thread-Index: Ac0AB574rBl4rh3PS6KNwudUQoR5/gAFZ8oAAAB+XAAAEv30AAAAiruAAAEBVwAAAGtwgAAACCgg
Date: Mon, 12 Mar 2012 17:16:31 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C6364BE@BL2PRD0410MB351.namprd04.prod.outlook.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com> <4F5DA16A.4070107@cisco.com> <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com> <BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com> <2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com> <A450680E-6365-436C-8078-8E5F620440DB@unboundid.com>
In-Reply-To: <A450680E-6365-436C-8078-8E5F620440DB@unboundid.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [173.226.147.242]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 17:16:41 -0000

I have not reviewed RESTSPML or SIMPLEST yet, but from a the viewpoint of a=
 provisioning vendor I think it is relevant and should be considered with S=
CIM.  I plan on reviewing the OASIS work in the near future and would be in=
terested in hearing your summary.

--Kelly

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Tre=
y Drake
Sent: Monday, March 12, 2012 12:11 PM
To: Phil Hunt
Cc: scim@ietf.org
Subject: Re: [scim] Deliverable section of charter

Phil,

Understood.  I was suggesting you provide more detail so as to solicit more=
 feedback.  Please do publish/email more detail for us to review ahead of t=
ime.  My read on the Simplest schema/attribute spec is that its mostly over=
lap therefore if you're willing to do the work to highlight the deltas that=
 would go a long way (at least for me) in getting those of us that have had=
 our noses buried in SCIM for awhile up to speed.

Thanks,
Trey


On Mar 12, 2012, at 11:58 AM, Phil Hunt wrote:

> Trey,
>=20
> I think such a draft proposal is premature. At the BoF stage, we should s=
imply cite existing published materials as input rather then submitting cha=
nges prior to formation. Having other sources of input does not commit the =
WG to using the material, it simply indicates that the material is being co=
nsidered.
>=20
> I propose we discuss the issue at the BoF, and decide whether or not it s=
hould fall within the initial charter.
>=20
> As to the whys/impact etc., I'm prepared to present that at the BoF. Then=
 based on feedback, I am happy to work with any other interested WG members=
 (as editor or contributor) to submit a draft proposal after the WG formati=
on.
>=20
> If it helps, I can publish some comments on the requirements externally o=
n my personal blog so that everyone can have a chance to think about the is=
sue in greater detail prior to the meeting.
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> On 2012-03-12, at 9:29 AM, Trey Drake wrote:
>=20
>> Phil,
>>=20
>> I believe it would be helpful if you made a specific proposal for how th=
e "Simplest" schema, et al. might be meshed with the existing SCIM schema. =
 A proposal pointing out:
>>=20
>> - the specific schema and attribute changes (schema change required?=20
>> applicable to core? additional extensions?, etc.)
>> - what impact those changes have on the protocol (in theory none)
>> - reasoning for change
>> - implementation impact  (is it useful by the masses, generalizable=20
>> across a variety of 'backends', *implementable*)
>>=20
>> Thanks,
>> Trey
>>=20
>>=20
>> On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:
>>=20
>>> We still need to discuss adding major missing components in SCIM that a=
re present in RESTpml. Specifically 'targeting'.=20
>>>=20
>>> I have not yet heard back on including this material as input docs to t=
he charter.=20
>>>=20
>>> SCIM as it stands now is great for single service SaaS providers but th=
ere are major gaps for larger multi-service providers that targeting addres=
ses.=20
>>>=20
>>> Note that I think these changes are additive and would not delay or sig=
nificantly change the core spec--though there may be some normative adjustm=
ents required. I believe these are foundational requirements and need to be=
 addressed now.=20
>>>=20
>>> Phil
>>>=20
>>> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>>>=20
>>>> Do we have a draft volunteer?
>>>>=20
>>>> Eliot
>>>>=20
>>>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>>>=20
>>>>> Cheers
>>>>> //Samuel
>>>>>=20
>>>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)=20
>>>>> <moransar@cisco.com> wrote:
>>>>>> Eliot suggestion we should add a deliverable section to the=20
>>>>>> charter. Here is a suggestion based on discussion and documents=20
>>>>>> under SCIM 1.0. Consider the dates on each item as a complete=20
>>>>>> guess. We should discuss the list of documents to begin with and=20
>>>>>> then assign appropriate/practical timeline to
>>>>>> these:
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>> 5/2012    Initial problem statement draft
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM core schema
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>>>=20
>>>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM core schema
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM restful interface
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM SAML bindings
>>>>>>=20
>>>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>>>=20
>>>>>> 3/2013    Re-charter discussion
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>>=20
>>>>>> Cheers,
>>>>>>=20
>>>>>> Morteza
>>>>>>=20
>>>>>>=20
>>>>>> _______________________________________________
>>>>>> scim mailing list
>>>>>> scim@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>=20
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>=20
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20



From Chris.Phillips@canarie.ca  Mon Mar 12 10:20:37 2012
Return-Path: <Chris.Phillips@canarie.ca>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D74C21F88A8 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:20:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Level: 
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[AWL=-0.500, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1j1ORMWwAp2Q for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:20:35 -0700 (PDT)
Received: from mail.canarie.ca (mail.canarie.ca [205.189.33.5]) by ietfa.amsl.com (Postfix) with ESMTP id 00E6221F88A7 for <scim@ietf.org>; Mon, 12 Mar 2012 10:20:35 -0700 (PDT)
Received: from RANCOR.canarie.local ([fe80::5c7e:71ff:1ed0:916d]) by RANCOR.canarie.local ([fe80::5c7e:71ff:1ed0:916d%10]) with mapi; Mon, 12 Mar 2012 13:20:33 -0400
From: Chris Phillips <Chris.Phillips@canarie.ca>
To: Trey Drake <trey.drake@unboundid.com>, Phil Hunt <phil.hunt@oracle.com>
Date: Mon, 12 Mar 2012 13:20:32 -0400
Thread-Topic: [scim] Deliverable section of charter
Thread-Index: Ac0AdG3LBJsmjiNZS8+TK9FbWCFa2g==
Message-ID: <CB83A698.841E0%chris.phillips@canarie.ca>
In-Reply-To: <A450680E-6365-436C-8078-8E5F620440DB@unboundid.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/14.10.0.110310
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 17:20:37 -0000

+1 to the request for the delta.

More clarity around what are the overlaps are between SCIM the schema you
are citing will be very helpful.
>From my perspective(and I think others) it's hard to understand what the
ask is for considering the schema without details and advocating the
position as to why.

Thanks...

Chris.
___________________________________________________________________________
___
Chris Phillips | Technical Architect, CANARIE Inc.|
chris.phillips@canarie.ca | W: 613.449.6715




On 12-03-12 1:10 PM, "Trey Drake" <trey.drake@unboundid.com> wrote:

>Phil,
>
>Understood.  I was suggesting you provide more detail so as to solicit
>more feedback.  Please do publish/email more detail for us to review
>ahead of time.  My read on the Simplest schema/attribute spec is that its
>mostly overlap therefore if you're willing to do the work to highlight
>the deltas that would go a long way (at least for me) in getting those of
>us that have had our noses buried in SCIM for awhile up to speed.
>
>Thanks,
>Trey
>
>
>On Mar 12, 2012, at 11:58 AM, Phil Hunt wrote:
>
>> Trey,
>>=20
>> I think such a draft proposal is premature. At the BoF stage, we should
>>simply cite existing published materials as input rather then submitting
>>changes prior to formation. Having other sources of input does not
>>commit the WG to using the material, it simply indicates that the
>>material is being considered.
>>=20
>> I propose we discuss the issue at the BoF, and decide whether or not it
>>should fall within the initial charter.
>>=20
>> As to the whys/impact etc., I'm prepared to present that at the BoF.
>>Then based on feedback, I am happy to work with any other interested WG
>>members (as editor or contributor) to submit a draft proposal after the
>>WG formation.
>>=20
>> If it helps, I can publish some comments on the requirements externally
>>on my personal blog so that everyone can have a chance to think about
>>the issue in greater detail prior to the meeting.
>>=20
>> Phil
>>=20
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>=20
>>=20
>>=20
>>=20
>>=20
>> On 2012-03-12, at 9:29 AM, Trey Drake wrote:
>>=20
>>> Phil,
>>>=20
>>> I believe it would be helpful if you made a specific proposal for how
>>>the "Simplest" schema, et al. might be meshed with the existing SCIM
>>>schema.  A proposal pointing out:
>>>=20
>>> - the specific schema and attribute changes (schema change required?
>>>applicable to core? additional extensions?, etc.)
>>> - what impact those changes have on the protocol (in theory none)
>>> - reasoning for change
>>> - implementation impact  (is it useful by the masses, generalizable
>>>across a variety of 'backends', *implementable*)
>>>=20
>>> Thanks,
>>> Trey
>>>=20
>>>=20
>>> On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:
>>>=20
>>>> We still need to discuss adding major missing components in SCIM that
>>>>are present in RESTpml. Specifically 'targeting'.
>>>>=20
>>>> I have not yet heard back on including this material as input docs to
>>>>the charter.=20
>>>>=20
>>>> SCIM as it stands now is great for single service SaaS providers but
>>>>there are major gaps for larger multi-service providers that targeting
>>>>addresses.=20
>>>>=20
>>>> Note that I think these changes are additive and would not delay or
>>>>significantly change the core spec--though there may be some normative
>>>>adjustments required. I believe these are foundational requirements
>>>>and need to be addressed now.
>>>>=20
>>>> Phil
>>>>=20
>>>> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>>>>=20
>>>>> Do we have a draft volunteer?
>>>>>=20
>>>>> Eliot
>>>>>=20
>>>>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>>>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>>>>=20
>>>>>> Cheers
>>>>>> //Samuel
>>>>>>=20
>>>>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
>>>>>> <moransar@cisco.com> wrote:
>>>>>>> Eliot suggestion we should add a deliverable section to the
>>>>>>>charter. Here is
>>>>>>> a suggestion based on discussion and documents under SCIM 1.0.
>>>>>>>Consider the
>>>>>>> dates on each item as a complete guess. We should discuss the list
>>>>>>>of
>>>>>>> documents to begin with and then assign appropriate/practical
>>>>>>>timeline to
>>>>>>> these:
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>> 5/2012    Initial problem statement draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM core schema
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM core schema
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM restful interface
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM SAML bindings
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>>>>=20
>>>>>>> 3/2013    Re-charter discussion
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>> Cheers,
>>>>>>>=20
>>>>>>> Morteza
>>>>>>>=20
>>>>>>>=20
>>>>>>> _______________________________________________
>>>>>>> scim mailing list
>>>>>>> scim@ietf.org
>>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>>=20
>>>>>> _______________________________________________
>>>>>> scim mailing list
>>>>>> scim@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>=20
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>


From phil.hunt@oracle.com  Mon Mar 12 10:22:08 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B02A21F88C2 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:22:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.11
X-Spam-Level: 
X-Spam-Status: No, score=-10.11 tagged_above=-999 required=5 tests=[AWL=0.489,  BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G3Y0R8sm3xVJ for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:22:07 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 720F321F88C5 for <scim@ietf.org>; Mon, 12 Mar 2012 10:22:07 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2CHM6Lc003379 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 12 Mar 2012 17:22:06 GMT
Received: from acsmt357.oracle.com (acsmt357.oracle.com [141.146.40.157]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2CHM5DI019410 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Mar 2012 17:22:06 GMT
Received: from abhmt116.oracle.com (abhmt116.oracle.com [141.146.116.68]) by acsmt357.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2CHM56s030207; Mon, 12 Mar 2012 12:22:05 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 12 Mar 2012 10:22:05 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset=us-ascii
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <A450680E-6365-436C-8078-8E5F620440DB@unboundid.com>
Date: Mon, 12 Mar 2012 10:22:02 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <54B0EBDC-E243-48D8-BF44-BDAEF60F464C@oracle.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com> <CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com> <4F5DA16A.4070107@cisco.com> <C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com> <BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com> <2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com> <A450680E-6365-436C-8078-8E5F620440DB@unboundid.com>
To: Trey Drake <trey.drake@unboundid.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
X-Auth-Type: Internal IP
X-CT-RefId: str=0001.0A090202.4F5E30BF.000C,ss=1,re=0.000,fgs=0
Cc: scim@ietf.org
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 17:22:08 -0000

Trey,

You are correct. This is why a merger of efforts seems appropriate to =
discuss.

The issue is to look at the gaps and see if:

a. They add value to SCIM
b. They can be added with minimal disruption

As far as I can tell, the key missing piece is the concept of Targeting =
in the SIMPLEST spec.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-12, at 10:10 AM, Trey Drake wrote:

> Phil,
>=20
> Understood.  I was suggesting you provide more detail so as to solicit =
more feedback.  Please do publish/email more detail for us to review =
ahead of time.  My read on the Simplest schema/attribute spec is that =
its mostly overlap therefore if you're willing to do the work to =
highlight the deltas that would go a long way (at least for me) in =
getting those of us that have had our noses buried in SCIM for awhile up =
to speed.
>=20
> Thanks,
> Trey
>=20
>=20
> On Mar 12, 2012, at 11:58 AM, Phil Hunt wrote:
>=20
>> Trey,
>>=20
>> I think such a draft proposal is premature. At the BoF stage, we =
should simply cite existing published materials as input rather then =
submitting changes prior to formation. Having other sources of input =
does not commit the WG to using the material, it simply indicates that =
the material is being considered.
>>=20
>> I propose we discuss the issue at the BoF, and decide whether or not =
it should fall within the initial charter.
>>=20
>> As to the whys/impact etc., I'm prepared to present that at the BoF. =
Then based on feedback, I am happy to work with any other interested WG =
members (as editor or contributor) to submit a draft proposal after the =
WG formation.
>>=20
>> If it helps, I can publish some comments on the requirements =
externally on my personal blog so that everyone can have a chance to =
think about the issue in greater detail prior to the meeting.
>>=20
>> Phil
>>=20
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>=20
>>=20
>>=20
>>=20
>>=20
>> On 2012-03-12, at 9:29 AM, Trey Drake wrote:
>>=20
>>> Phil,
>>>=20
>>> I believe it would be helpful if you made a specific proposal for =
how the "Simplest" schema, et al. might be meshed with the existing SCIM =
schema.  A proposal pointing out:
>>>=20
>>> - the specific schema and attribute changes (schema change required? =
applicable to core? additional extensions?, etc.)
>>> - what impact those changes have on the protocol (in theory none)=20
>>> - reasoning for change
>>> - implementation impact  (is it useful by the masses, generalizable =
across a variety of 'backends', *implementable*)
>>>=20
>>> Thanks,
>>> Trey
>>>=20
>>>=20
>>> On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:
>>>=20
>>>> We still need to discuss adding major missing components in SCIM =
that are present in RESTpml. Specifically 'targeting'.=20
>>>>=20
>>>> I have not yet heard back on including this material as input docs =
to the charter.=20
>>>>=20
>>>> SCIM as it stands now is great for single service SaaS providers =
but there are major gaps for larger multi-service providers that =
targeting addresses.=20
>>>>=20
>>>> Note that I think these changes are additive and would not delay or =
significantly change the core spec--though there may be some normative =
adjustments required. I believe these are foundational requirements and =
need to be addressed now.=20
>>>>=20
>>>> Phil
>>>>=20
>>>> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>>>>=20
>>>>> Do we have a draft volunteer?
>>>>>=20
>>>>> Eliot
>>>>>=20
>>>>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>>>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>>>>=20
>>>>>> Cheers
>>>>>> //Samuel
>>>>>>=20
>>>>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)
>>>>>> <moransar@cisco.com> wrote:
>>>>>>> Eliot suggestion we should add a deliverable section to the =
charter. Here is
>>>>>>> a suggestion based on discussion and documents under SCIM 1.0. =
Consider the
>>>>>>> dates on each item as a complete guess. We should discuss the =
list of
>>>>>>> documents to begin with and then assign appropriate/practical =
timeline to
>>>>>>> these:
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>> 5/2012    Initial problem statement draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM core schema
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM core schema
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM restful interface
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM SAML bindings
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>>>>=20
>>>>>>> 3/2013    Re-charter discussion
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>> Cheers,
>>>>>>>=20
>>>>>>> Morteza
>>>>>>>=20
>>>>>>>=20
>>>>>>> _______________________________________________
>>>>>>> scim mailing list
>>>>>>> scim@ietf.org
>>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>>=20
>>>>>> _______________________________________________
>>>>>> scim mailing list
>>>>>> scim@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>=20
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From stephen.farrell@cs.tcd.ie  Mon Mar 12 10:58:12 2012
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2A9D21E801B for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:58:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level: 
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z5Pz4dYnXPZr for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 10:58:11 -0700 (PDT)
Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 94F1121E800E for <scim@ietf.org>; Mon, 12 Mar 2012 10:58:11 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 87C87171C8D; Mon, 12 Mar 2012 17:58:10 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1331575089; bh=OpE8FhmzEwJAsD xdSkP2bkkMP2o3fj1gaRE5JAVUMCo=; b=rRE/1811lhisDyg6FUm/ryCCd8ky/A PGz6XVNkdN1w0DULOOOK8vQPWvuSLhRBlJatdvKY3n5QIADYBK61iMgRmZS3oRnR 5sDVBAPBtVJmOGcD/A003cSEGZFDsZbRxWsZZrvCsfe16Rg1lXIidnDBP8fmi3tM iFDsONNw1LsDmdoeKAR72eN4k6Qi2PBupkvlTNvWFEvhav+BMTc6dSzxNbLzsHmX eUixwdcr4OzSLoTsNz6TtSurNln9BKBOaBaDUjJJ8xWYui1rf9VXl2eMUlJKzldx fyIIyQGy3CLgK3fIXo6ZmC0ckRHz5Rq8YgKBnt4Sc5GwWIs4S5ai5yaA==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id R3SJcO6YrY1J; Mon, 12 Mar 2012 17:58:09 +0000 (GMT)
Received: from [10.226.16.36] (unknown [194.230.159.100]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 14207171C8C; Mon, 12 Mar 2012 17:58:07 +0000 (GMT)
Message-ID: <4F5E3926.1080208@cs.tcd.ie>
Date: Mon, 12 Mar 2012 17:57:58 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA076@XMB-RCD-313.cisco.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA076@XMB-RCD-313.cisco.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: scim@ietf.org
Subject: Re: [scim] Updated draft charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 17:58:12 -0000

So its not clear to me from that charter how security is
viewed here. To be clear: I don't think scim should be
defining any new security primitives, but I'd also hope
it'd not create horrible new vulnerabilities (e.g. "hi,
I'm a service provider, honest, please shoot over user
100's stuff including her private key/passwords"). So
there is I would assume some security work to do?

S

On 03/12/2012 05:16 AM, Morteza Ansari (moransar) wrote:
> Attached is the updated charter based on the discussion so far. I
> believe I have addressed all comments with the exception of part of Phil
> Hunt's comment which I just sent a reply to.
>
>
>
> Also I started another thread to discuss deliverables section of the
> charter. Once we discuss that, I will add that section.
>
>
>
> Please review and send any suggestion/correction.
>
>
>
>
>
> Cheers,
>
> Morteza
>
>
>
>
>
> Simple Cloud Identity Management (SCIM)
>
> ---------------------------------------
>
>
>
> Charter
>
>
>
> Current Status: BOF Approved
>
>
>
> BoF Chair(s):
>
>       Steve Bellovi
>
>       Eliot Lear
>
>
>
> Applications Area Director(s):
>
>       Pete Resnick<presnick@qualcomm.com>
>
>       Peter Saint-Andre<stpeter@stpeter.im>
>
>
>
> Mailing Lists:
>
>       General Discussion: scim@ietf.org
>
>       To Subscribe: https://www.ietf.org/mailman/listinfo/scim
>
>       Archive:
> http://www.ietf.org/mail-archive/web/scim/current/maillist.html
>
>
>
> Description of Working Group:
>
>
>
> The Simple Cloud Identity Management (SCIM) specification is designed to
> make managing user identity lifecycle in cloud based applications and
> services easier.
>
>
>
> The specification suite seeks to build upon experience with existing
> schemas and deployments, placing specific emphasis on simplicity of
> development and integration, while applying existing authentication,
> authorization, and privacy models. Its intent is to reduce the cost and
> complexity of user management operations by providing a common user
> schema and extension model, as well as binding documents to provide
> patterns for exchanging this schema using standard protocols. In
> addition the working group may consider including managing device
> identities as part of the work adopted by the working group.
>
>
>
> The group will work to create an IETF technology for management of user
> identities in cloud-based applications using SCIM 1.0 specification
> produced under the Open Web Foundation framework
> (http://www.simplecloud.info) as starting work.
>
>
>
> User, device, and service authentication and authorization
> (policy/entitlement) are out of scope of this working group charter.
>
>
>
> SCIM 1.0 consists of:
>
> *         Schema definition for identity related objects
>
> *         Protocol definition for accessing and managing the identity
> objects
>
> *         Binding of SCIM schema to Security Assertion Markup Language
> (SAML) messages and assertions
>
> *         Binding of SCIM schema to Lightweight Directory Access
> Protocol (LDAP) schema (RFC4519)
>
>
>
> The Working Group will produce one or more documents suitable for
> consideration as a Proposed Standard that will evolve and enhance the
> SCIM 1.0 work by:
>
> *         Extending the specification per the working group charter
>
> *         Improving the terminology used
>
> *         Embodying good security practices, documenting gaps in its
> capabilities, and proposing a path forward for addressing the gaps
>
> *         Promoting interoperability
>
> *         Providing guidelines for extensibility
>
>
>
> SCIM 1.0 will be used as the starting point. The working group will
> strive to retain backward compatibility with the 1.0 specification.
> Changes that are not backwards compatible may be accepted if the group
> determines changes are required to meet the group's technical objectives
> and the group clearly documents the reasons for making them.
>
>
>
> The Working Group should consider:
>
> *         Implementer experience
>
> *         The end-user experience, including internationalization
>
> *         Existing uses of SCIM
>
> *         Ability to achieve broad implementation
>
> *         Ability to address broader use cases than those considered by
> the original authors
>
> *         Additional functions or extensions that are needed to address
> key security concerns, cross-area review, and implementer feedback
>
> *         Work done by other standard bodies as input to the process
> such as OASIS Provisioning TC
>
>
>
> The working group will focus on adapting the core technology first but
> work on extensions will be considered after the core work is well in
> hand.
>
>
>
>
>
>
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From ldhofer@avaya.com  Mon Mar 12 11:08:36 2012
Return-Path: <ldhofer@avaya.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 425AB21E801B for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 11:08:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ff-NBZ4hHeOe for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 11:08:35 -0700 (PDT)
Received: from de307622-de-outbound.net.avaya.com (de307622-de-outbound.net.avaya.com [198.152.71.100]) by ietfa.amsl.com (Postfix) with ESMTP id BBD2921F8968 for <scim@ietf.org>; Mon, 12 Mar 2012 11:08:34 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFAF47Xk/GmAcF/2dsb2JhbAA6CbVXgQeCCQEBAQEDAQEBDx4KNAsMBAIBCA0EBAEBAQoCBAwLAQYBJh8JCAEBBAESCAEZh2gLoAucAIogDQiFaWMEiFSTA4oYgwKBPQ
X-IronPort-AV: E=Sophos;i="4.73,572,1325480400"; d="scan'208";a="296563437"
Received: from unknown (HELO co300216-co-erhwest.avaya.com) ([198.152.7.5]) by de307622-de-outbound.net.avaya.com with ESMTP; 12 Mar 2012 14:08:32 -0400
Received: from unknown (HELO 306181ANEX4.global.avaya.com) ([135.9.6.103]) by co300216-co-erhwest-out.avaya.com with ESMTP; 12 Mar 2012 14:00:43 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 12 Mar 2012 12:08:29 -0600
Message-ID: <66383F2375B424489F98C9C88073552304B2148B@306181ANEX4.global.avaya.com>
In-Reply-To: <4F5E3926.1080208@cs.tcd.ie>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Updated draft charter
Thread-Index: Ac0Aeb2iKPtLpWh7SEmbctuyRhhvIgAAQKgw
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA076@XMB-RCD-313.cisco.com> <4F5E3926.1080208@cs.tcd.ie>
From: "Hofer, Larry D. (Larry)" <ldhofer@avaya.com>
To: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>, "Morteza Ansari (moransar)" <moransar@cisco.com>
Cc: scim@ietf.org, "Hofer, Larry D. \(Larry\)" <ldhofer@avaya.com>
Subject: Re: [scim] Updated draft charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 18:08:36 -0000

It would make sense to me to make sure the charter encompasses
roles/users and trust model clarifications if not captured.

My 2 cents,
Larry H, CISSP, PE
Avaya Sr. Security Architect

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Stephen Farrell
Sent: Monday, March 12, 2012 11:58 AM
To: Morteza Ansari (moransar)
Cc: scim@ietf.org
Subject: Re: [scim] Updated draft charter


So its not clear to me from that charter how security is
viewed here. To be clear: I don't think scim should be
defining any new security primitives, but I'd also hope
it'd not create horrible new vulnerabilities (e.g. "hi,
I'm a service provider, honest, please shoot over user
100's stuff including her private key/passwords"). So
there is I would assume some security work to do?

S

On 03/12/2012 05:16 AM, Morteza Ansari (moransar) wrote:
> Attached is the updated charter based on the discussion so far. I
> believe I have addressed all comments with the exception of part of
Phil
> Hunt's comment which I just sent a reply to.
>
>
>
> Also I started another thread to discuss deliverables section of the
> charter. Once we discuss that, I will add that section.
>
>
>
> Please review and send any suggestion/correction.
>
>
>
>
>
> Cheers,
>
> Morteza
>
>
>
>
>
> Simple Cloud Identity Management (SCIM)
>
> ---------------------------------------
>
>
>
> Charter
>
>
>
> Current Status: BOF Approved
>
>
>
> BoF Chair(s):
>
>       Steve Bellovi
>
>       Eliot Lear
>
>
>
> Applications Area Director(s):
>
>       Pete Resnick<presnick@qualcomm.com>
>
>       Peter Saint-Andre<stpeter@stpeter.im>
>
>
>
> Mailing Lists:
>
>       General Discussion: scim@ietf.org
>
>       To Subscribe: https://www.ietf.org/mailman/listinfo/scim
>
>       Archive:
> http://www.ietf.org/mail-archive/web/scim/current/maillist.html
>
>
>
> Description of Working Group:
>
>
>
> The Simple Cloud Identity Management (SCIM) specification is designed
to
> make managing user identity lifecycle in cloud based applications and
> services easier.
>
>
>
> The specification suite seeks to build upon experience with existing
> schemas and deployments, placing specific emphasis on simplicity of
> development and integration, while applying existing authentication,
> authorization, and privacy models. Its intent is to reduce the cost
and
> complexity of user management operations by providing a common user
> schema and extension model, as well as binding documents to provide
> patterns for exchanging this schema using standard protocols. In
> addition the working group may consider including managing device
> identities as part of the work adopted by the working group.
>
>
>
> The group will work to create an IETF technology for management of
user
> identities in cloud-based applications using SCIM 1.0 specification
> produced under the Open Web Foundation framework
> (http://www.simplecloud.info) as starting work.
>
>
>
> User, device, and service authentication and authorization
> (policy/entitlement) are out of scope of this working group charter.
>
>
>
> SCIM 1.0 consists of:
>
> *         Schema definition for identity related objects
>
> *         Protocol definition for accessing and managing the identity
> objects
>
> *         Binding of SCIM schema to Security Assertion Markup Language
> (SAML) messages and assertions
>
> *         Binding of SCIM schema to Lightweight Directory Access
> Protocol (LDAP) schema (RFC4519)
>
>
>
> The Working Group will produce one or more documents suitable for
> consideration as a Proposed Standard that will evolve and enhance the
> SCIM 1.0 work by:
>
> *         Extending the specification per the working group charter
>
> *         Improving the terminology used
>
> *         Embodying good security practices, documenting gaps in its
> capabilities, and proposing a path forward for addressing the gaps
>
> *         Promoting interoperability
>
> *         Providing guidelines for extensibility
>
>
>
> SCIM 1.0 will be used as the starting point. The working group will
> strive to retain backward compatibility with the 1.0 specification.
> Changes that are not backwards compatible may be accepted if the group
> determines changes are required to meet the group's technical
objectives
> and the group clearly documents the reasons for making them.
>
>
>
> The Working Group should consider:
>
> *         Implementer experience
>
> *         The end-user experience, including internationalization
>
> *         Existing uses of SCIM
>
> *         Ability to achieve broad implementation
>
> *         Ability to address broader use cases than those considered
by
> the original authors
>
> *         Additional functions or extensions that are needed to
address
> key security concerns, cross-area review, and implementer feedback
>
> *         Work done by other standard bodies as input to the process
> such as OASIS Provisioning TC
>
>
>
> The working group will focus on adapting the core technology first but
> work on extensions will be considered after the core work is well in
> hand.
>
>
>
>
>
>
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From phil.hunt@oracle.com  Mon Mar 12 15:46:30 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3CD621F8AE9 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 15:46:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.159
X-Spam-Level: 
X-Spam-Status: No, score=-10.159 tagged_above=-999 required=5 tests=[AWL=0.439, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DUS38q4SKx8x for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 15:46:29 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 1071921F8AE8 for <scim@ietf.org>; Mon, 12 Mar 2012 15:46:29 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2CMkR19025541 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 12 Mar 2012 22:46:27 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2CMkPL7004437 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Mar 2012 22:46:26 GMT
Received: from abhmt107.oracle.com (abhmt107.oracle.com [141.146.116.59]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2CMkPDv028079; Mon, 12 Mar 2012 17:46:25 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 12 Mar 2012 15:46:24 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_EA85FA66-E39E-49ED-AF1B-14FB7541E105"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA074@XMB-RCD-313.cisco.com>
Date: Mon, 12 Mar 2012 15:46:15 -0700
Message-Id: <0D543262-FC83-4EE4-99BF-8FDEBCFA04A9@oracle.com>
References: <8F20CA41-B61E-4EE0-B801-F08F9CD48444@oracle.com> <E646381C-8A04-4040-B835-A0348A8BFF6D@oracle.com> <93C6FB63F046384C86EC8F7F3FFEC7BEDEA074@XMB-RCD-313.cisco.com>
To: Morteza Ansari (moransar) <moransar@cisco.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
X-CT-RefId: str=0001.0A090202.4F5E7CC4.0037,ss=1,re=-6.500,fgs=0
Cc: scim@ietf.org
Subject: Re: [scim] Porposed charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 22:46:31 -0000

--Apple-Mail=_EA85FA66-E39E-49ED-AF1B-14FB7541E105
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

Morteza,

I think that sounds reasonable.

I would like time to present at the BoF so that the WG may consider =
additional requirements for the charter at that time.

I will also post a blog post outlining the issue in advance of the BoF =
to help get everyone up to speed.

Cheers,

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-11, at 10:17 PM, Morteza Ansari (moransar) wrote:

> Good suggestion Phil.  I added a new item under the WG consideration =
section: =93Work done by other standard bodies as input to the process =
such as OASIS Provisioning TC=94 but I didn=92t add any specific items =
that should be considered. I think it would be best to leave that to the =
WG to study the work you referenced and decide what items should be =
considered.
> =20
> Do you think that is sufficient?
> =20
> =20
> Cheers,
> Morteza
> =20
> From: Phil Hunt [mailto:phil.hunt@oracle.com]=20
> Sent: Thursday, February 23, 2012 3:25 PM
> To: scim@ietf.org; Morteza Ansari (moransar)
> Subject: Re: [scim] Porposed charter
> =20
> Morteza,=20
> =20
> Very happy to see the SCIM WG is starting soon!
> =20
> Regarding the charter, I propose that the working group also adopt the =
following OASIS Provisioning TC documents as input material:
> * A RESTful Binding to SPML - =
http://wiki.oasis-open.org/provision/restpml
> * SIMPLEST: A standard schema for Identity and Access Management - =
http://wiki.oasis-open.org/provision/simplest
> These documents can provide some additional implementation insight =
into the final SCIM WG product.
> =20
> Based on the OASIS Provisioning TC experience, there are some =
additional cloud requirements that could be added into SCIM 1.0, =
hopefully in a straightforward, backwards compatible way.=20
> =20
> The key items are:
> * Support for multiple targets within a SCIM service provider
> * A change to schema introducing a Person entity which for example is =
associated with one or more User entities.
> =20
> The first item arises out of some practical deployment architecture =
issues, the latter arises from an attestation issue that arises =
regarding tracking what user accounts are associated with individuals -- =
especially when they have more than one User account. For those that =
want to read ahead now, I suggest reading:
> =
http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATargetan=
dAccount
> =20
> I propose to present on these two topics at the BoF and then based on =
feedback can contribute the content in draft form into the WG for its =
consideration.
> =20
> Regards,
> =20
> Phil
> =20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
> =20
> From: "Morteza Ansari (moransar)" <moransar at cisco.com>
> To: <scim at ietf.org>
> Date: Wed, 8 Feb 2012 21:32:58 -0600
> List-id: Simple Cloud Identity Management BOF <scim.ietf.org>
> Hi folks,
> =20
> Here is the proposed charter as we discussed over the cloud-directory =
mailing list. Please review and send your comments.
> =20
> =20
> Cheers,
> Morteza
> =20
> =20
> Simplified Cloud Identity Management (SCIM)
>=20
> --------------------------------------------------------
>=20
> =20
>=20
> Charter
>=20
> =20
>=20
> Current Status: BOF Request
>=20
> =20
>=20
> Chair(s):
>=20
>      TBD1
>=20
>      TBD2
>=20
> =20
>=20
> Applications Area Director(s):
>=20
>      Pete Resnick <presnick at qualcomm.com>
>=20
>      Peter Saint-Andre <stpeter at stpeter.im>
>=20
> =20
>=20
> Mailing Lists:
>=20
>      General Discussion: scim at ietf.org
>=20
>      To Subscribe:     https://www.ietf.org/mailman/listinfo/scim
>=20
>      Archive:               =
http://www.ietf.org/mail-archive/web/scim/current/maillist.html
>=20
> =20
>=20
> Description of Working Group:
>=20
> =20
>=20
> The Simple Cloud Identity Management (SCIM) specification is designed =
to make managing user identity lifecycle in cloud based applications and =
services easier.
>=20
> =20
>=20
> The specification suite seeks to build upon experience with existing =
schemas and deployments, placing specific emphasis on simplicity of =
development and integration, while applying existing authentication, =
authorization, and privacy models. Its intent is to reduce the cost and =
complexity of user management operations by providing a common user =
schema and extension model, as well as binding documents to provide =
patterns for exchanging this schema using standard protocols.
>=20
> =20
>=20
> The group will work to adapt the SCIM 1.0 specification produced under =
the Open Web Foundation framework (http://www.simplecloud.info) as an =
IETF technology for management of user identities in cloud-based =
applications.
>=20
> =20
>=20
> SCIM 1.0 consists of:
>=20
> =B7         Schema definition for identity related objects
>=20
> =B7         Protocol definition for accessing and managing the =
identity objects
>=20
> =B7         Binding of SCIM schema to Security Assertion Markup =
Language (SAML) messages and assertions
>=20
> =B7         Binding of SCIM schema to Lightweight Directory Access =
Protocol (LDAP) schema (RFC4519)
>=20
> =20
>=20
> The Working Group will produce one or more documents suitable for =
consideration as a Proposed Standard that will:
>=20
> =B7         Improve the terminology used
>=20
> =B7         Embody good security practices, document gaps in its =
capabilities, and propose a path forward for addressing the gaps
>=20
> =B7         Promote interoperability
>=20
> =B7         Provide guidelines for extensibility
>=20
> =20
>=20
> SCIM 1.0 will be used as the starting point. The working group will =
strive to retain backward compatibility with the 1.0 specification. =
Changes that are not backwards compatible may be accepted if the group =
determines changes are required to meet the group's technical objectives =
and the group clearly documents the reasons for making them.
>=20
> =20
>=20
> The Working Group should consider:
>=20
> =B7         Implementer experience
>=20
> =B7         The end-user experience, including internationalization
>=20
> =B7         Existing uses of SCIM
>=20
> =B7         Ability to achieve broad implementation
>=20
> =B7         Ability to address broader use cases than those considered =
by the original authors
>=20
> =B7         Additional functions or extensions that are needed to =
address key security concerns, cross-area review, and implementer =
feedback
>=20
> =20
>=20
> The working group will focus on adapting the core technology first but =
work on extensions will be considered after the core work is well in =
hand.
>=20
> =20
> =20
> =20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_EA85FA66-E39E-49ED-AF1B-14FB7541E105
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
">Morteza,<div><br></div><div>I think that sounds =
reasonable.</div><div><br></div><div>I would like time to present at the =
BoF so that the WG may consider additional requirements for the charter =
at that time.</div><div><br></div><div>I will also post a blog post =
outlining the issue in advance of the BoF to help get everyone up to =
speed.</div><div><br></div><div>Cheers,</div><div><br><div =
apple-content-edited=3D"true">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>Phil</div><div><br></div><div>@independentid</div><div><a=
 =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2012-03-11, at 10:17 PM, Morteza Ansari (moransar) =
wrote:</div><br class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite"><span class=3D"Apple-style-span" style=3D"border-collapse: =
separate; font-family: Helvetica; font-style: normal; font-variant: =
normal; font-weight: normal; letter-spacing: normal; line-height: =
normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div =
lang=3D"EN-US" link=3D"blue" vlink=3D"purple"><div class=3D"WordSection1" =
style=3D"page: WordSection1; "><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">Good suggestion Phil.&nbsp; I added a new item under =
the WG consideration section: =93Work done by other standard bodies as =
input to the process such as OASIS Provisioning TC=94 but I didn=92t add =
any specific items that should be considered. I think it would be best =
to leave that to the WG to study the work you referenced and decide what =
items should be considered.<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">Do you think that is =
sufficient?<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">Cheers,<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">Morteza<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div><div style=3D"border-right-style: =
none; border-bottom-style: none; border-left-style: none; border-width: =
initial; border-color: initial; border-top-style: solid; =
border-top-color: rgb(181, 196, 223); border-top-width: 1pt; =
padding-top: 3pt; padding-right: 0in; padding-bottom: 0in; padding-left: =
0in; "><div style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><b><span style=3D"font-size: 10pt; font-family: Tahoma, =
sans-serif; ">From:</span></b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; "><span =
class=3D"Apple-converted-space">&nbsp;</span>Phil Hunt =
[mailto:phil.hunt@oracle.com]<span =
class=3D"Apple-converted-space">&nbsp;</span><br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Thursday, February 23, 2012 =
3:25 PM<br><b>To:</b><span class=3D"Apple-converted-space">&nbsp;</span><a=
 href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: =
underline; ">scim@ietf.org</a>; Morteza Ansari =
(moransar)<br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Re: [scim] Porposed =
charter<o:p></o:p></span></div></div></div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div><div><div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
">Morteza,&nbsp;<o:p></o:p></div></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">Very happy to see the =
SCIM WG is starting soon!<o:p></o:p></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><o:p>&nbsp;</o:p></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">Regarding the charter,&nbsp;I propose that the working =
group also adopt the following OASIS Provisioning TC documents as input =
material:<o:p></o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">*&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/restpml" style=3D"color: =
blue; text-decoration: underline; ">A RESTful Binding to =
SPML</a>&nbsp;-&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/restpml" style=3D"color: =
blue; text-decoration: underline; =
">http://wiki.oasis-open.org/provision/restpml</a><o:p></o:p></div></div><=
div><div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">*&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/simplest" style=3D"color: =
blue; text-decoration: underline; ">SIMPLEST: A standard schema for =
Identity and Access Management</a>&nbsp;-&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/simplest" style=3D"color: =
blue; text-decoration: underline; =
">http://wiki.oasis-open.org/provision/simplest</a><o:p></o:p></div></div>=
<div><div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">These documents can provide some additional =
implementation insight into the final SCIM WG =
product.<o:p></o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">Based on the OASIS =
Provisioning TC experience, there are some additional cloud requirements =
that could be added into SCIM 1.0, hopefully in a straightforward, =
backwards compatible way.&nbsp;<o:p></o:p></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><o:p>&nbsp;</o:p></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">The key items are:<o:p></o:p></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">* Support for multiple targets within a SCIM service =
provider<o:p></o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">* A change to schema =
introducing a Person entity which for example is associated with one or =
more User entities.<o:p></o:p></div></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">The first item arises out =
of some practical deployment architecture issues, the latter arises from =
an attestation issue that arises regarding tracking what user accounts =
are associated with individuals -- especially when they have more than =
one User account. For those that want to read ahead now, I suggest =
reading:<o:p></o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><a =
href=3D"http://wiki.oasis-open.org/provision/simplest#AccountManagement.3A=
TargetandAccount" style=3D"color: blue; text-decoration: underline; =
">http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATarget=
andAccount</a><o:p></o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">I propose to present on =
these two topics at the BoF and then based on feedback can contribute =
the content in draft form into the WG for its =
consideration.<o:p></o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
">Regards,<o:p></o:p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div><div><div><div><div><div><div><div><div><di=
v style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 9pt; =
">Phil<o:p></o:p></span></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
9pt; "><o:p>&nbsp;</o:p></span></div></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-size: 9pt; =
">@independentid<o:p></o:p></span></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 9pt; "><a =
href=3D"http://www.independentid.com/" style=3D"color: blue; =
text-decoration: underline; =
">www.independentid.com</a><o:p></o:p></span></div></div></div></div></div=
><p class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 12pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><a href=3D"mailto:phil.hunt@oracle.com" =
style=3D"color: blue; text-decoration: underline; =
">phil.hunt@oracle.com</a><o:p></o:p></p></div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div><div class=3D"MsoNormal" align=3D"center" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-align: center; "><hr size=3D"2" width=3D"100%" =
align=3D"center"></div><ul type=3D"disc" style=3D"margin-bottom: 0in; =
"><li class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><em><span style=3D"font-family: Times, =
serif; ">From</span></em><span style=3D"font-family: Times, serif; ">: =
"Morteza Ansari (moransar)" &lt;<a href=3D"mailto:moransar@DOMAIN.HIDDEN" =
style=3D"color: blue; text-decoration: underline; ">moransar at =
cisco.com</a>&gt;<o:p></o:p></span></li><li class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><em><span style=3D"font-family: Times, serif; =
">To</span></em><span style=3D"font-family: Times, serif; ">: &lt;<a =
href=3D"mailto:scim@DOMAIN.HIDDEN" style=3D"color: blue; =
text-decoration: underline; ">scim at =
ietf.org</a>&gt;<o:p></o:p></span></li><li class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><em><span style=3D"font-family: Times, serif; =
">Date</span></em><span style=3D"font-family: Times, serif; ">: Wed, 8 =
Feb 2012 21:32:58 -0600<o:p></o:p></span></li><li class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><em><span style=3D"font-family: Times, serif; =
">List-id</span></em><span style=3D"font-family: Times, serif; ">: =
Simple Cloud Identity Management BOF &lt;<a href=3D"http://scim.ietf.org/"=
 style=3D"color: blue; text-decoration: underline; =
">scim.ietf.org</a>&gt;<o:p></o:p></span></li></ul><div =
class=3D"MsoNormal" align=3D"center" style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; text-align: center; "><hr =
size=3D"2" width=3D"100%" align=3D"center"></div><table =
class=3D"MsoNormalTable" border=3D"0" cellpadding=3D"0" width=3D"100%" =
style=3D"width: 968px; z-index: auto; "><tbody><tr><td =
style=3D"padding-top: 0.75pt; padding-right: 0.75pt; padding-bottom: =
0.75pt; padding-left: 0.75pt; "><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">Hi =
folks,<o:p></o:p></div><div style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; ">&nbsp;<o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">Here is the proposed charter as we discussed over the =
cloud-directory mailing list. Please review and send your =
comments.<o:p></o:p></div><div style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; =
font-family: 'Times New Roman', serif; ">&nbsp;<o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">&nbsp;<o:p></o:p></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
">Cheers,<o:p></o:p></div><div style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; =
font-family: 'Times New Roman', serif; ">Morteza<o:p></o:p></div><div =
style=3D"border-top-style: none; border-right-style: none; =
border-left-style: none; border-width: initial; border-color: initial; =
border-bottom-style: solid; padding-top: 0in; padding-right: 0in; =
padding-bottom: 1pt; padding-left: 0in; border-width: initial; =
border-color: initial; "><div style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; =
font-family: 'Times New Roman', serif; =
">&nbsp;<o:p></o:p></div></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">&nbsp;<o:p></o:p></div><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">Simplified Cloud =
Identity Management (SCIM)</span><span style=3D"font-family: Times, =
serif; "><o:p></o:p></span></p><p class=3D"MsoPlainText" =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; "><span style=3D"font-family: =
Times, serif; color: black; =
">--------------------------------------------------------</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">Charter</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">Current Status: BOF =
Request</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">Chair(s):</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp; TBD1</span><span style=3D"font-family: Times, =
serif; "><o:p></o:p></span></p><p class=3D"MsoPlainText" =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; "><span style=3D"font-family: =
Times, serif; color: black; ">&nbsp;&nbsp;&nbsp;&nbsp; TBD2</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">Applications Area =
Director(s):</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;&nbsp;&nbsp; &nbsp;Pete Resnick &lt;presnick at<span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"http://qualcomm.com/" style=3D"color: blue; text-decoration: =
underline; ">qualcomm.com</a>&gt;</span><span style=3D"font-family: =
Times, serif; "><o:p></o:p></span></p><p class=3D"MsoPlainText" =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; "><span style=3D"font-family: =
Times, serif; color: black; ">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Peter =
Saint-Andre &lt;stpeter at stpeter.im&gt;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">Mailing =
Lists:</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp; General Discussion: scim at<span =
class=3D"Apple-converted-space">&nbsp;</span><a href=3D"http://ietf.org/" =
style=3D"color: blue; text-decoration: underline; =
">ietf.org</a></span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp; To Subscribe:&nbsp;&nbsp;&nbsp;&nbsp;<span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color: =
blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a></span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp; =
Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;<span class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html" =
style=3D"color: blue; text-decoration: underline; =
">http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a></spa=
n><span style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">Description of =
Working Group:</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; ">The =
Simple Cloud Identity Management (SCIM) specification is designed to =
make managing user identity lifecycle in cloud based applications and =
services easier.</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; ">The =
specification suite seeks to build upon experience with existing schemas =
and deployments, placing specific emphasis on simplicity of development =
and integration, while applying existing authentication, authorization, =
and privacy models. Its intent is to reduce the cost and complexity of =
user management operations by providing a common user schema and =
extension model, as well as binding documents to provide patterns for =
exchanging this schema using standard protocols.</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">The group will work =
to adapt the SCIM 1.0 specification produced under the Open Web =
Foundation framework (<a href=3D"http://www.simplecloud.info/" =
style=3D"color: blue; text-decoration: underline; =
">http://www.simplecloud.info</a>) as an IETF technology for management =
of user identities in cloud-based applications.</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">SCIM 1.0 consists =
of:</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Schema definition =
for identity related objects</span><span style=3D"font-family: Times, =
serif; "><o:p></o:p></span></p><p class=3D"MsoPlainText" =
style=3D"margin-right: 0in; margin-left: 0.5in; font-size: 12pt; =
font-family: 'Times New Roman', serif; text-indent: -0.25in; "><span =
style=3D"font-family: Symbol; color: black; ">=B7</span><span =
style=3D"font-size: 7pt; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Protocol definition =
for accessing and managing the identity objects</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0.5in; =
font-size: 12pt; font-family: 'Times New Roman', serif; text-indent: =
-0.25in; "><span style=3D"font-family: Symbol; color: black; =
">=B7</span><span style=3D"font-size: 7pt; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Binding of SCIM =
schema to Security Assertion Markup Language (SAML) messages and =
assertions</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Binding of SCIM =
schema to Lightweight Directory Access Protocol (LDAP) schema =
(RFC4519)</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; ">The =
Working Group will produce one or more documents suitable for =
consideration as a Proposed Standard that will:</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0.5in; =
font-size: 12pt; font-family: 'Times New Roman', serif; text-indent: =
-0.25in; "><span style=3D"font-family: Symbol; color: black; =
">=B7</span><span style=3D"font-size: 7pt; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Improve the =
terminology used</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Embody good security =
practices, document gaps in its capabilities, and propose a path forward =
for addressing the gaps</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Promote =
interoperability</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Provide guidelines =
for extensibility</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; =
">&nbsp;</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-family: Times, serif; color: black; ">SCIM =
1.0 will be used as the starting point. The working group will strive to =
retain backward compatibility with the 1.0 specification. Changes that =
are not backwards compatible may be accepted if the group determines =
changes are required to meet the group's technical objectives and the =
group clearly documents the reasons for making them.</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">The Working Group =
should consider:</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Implementer =
experience</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">The end-user =
experience, including internationalization</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0.5in; =
font-size: 12pt; font-family: 'Times New Roman', serif; text-indent: =
-0.25in; "><span style=3D"font-family: Symbol; color: black; =
">=B7</span><span style=3D"font-size: 7pt; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Existing uses of =
SCIM</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Ability to achieve =
broad implementation</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Ability to address =
broader use cases than those considered by the original =
authors</span><span style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p><p class=3D"MsoPlainText" style=3D"margin-right: =
0in; margin-left: 0.5in; font-size: 12pt; font-family: 'Times New =
Roman', serif; text-indent: -0.25in; "><span style=3D"font-family: =
Symbol; color: black; ">=B7</span><span style=3D"font-size: 7pt; color: =
black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span =
style=3D"font-family: Times, serif; color: black; ">Additional functions =
or extensions that are needed to address key security concerns, =
cross-area review, and implementer feedback</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">&nbsp;</span><span =
style=3D"font-family: Times, serif; "><o:p></o:p></span></p><p =
class=3D"MsoPlainText" style=3D"margin-right: 0in; margin-left: 0in; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Times, serif; color: black; ">The working group =
will focus on adapting the core technology first but work on extensions =
will be considered after the core work is well in hand.</span><span =
style=3D"font-family: Times, serif; =
"><o:p></o:p></span></p></div></td></tr></tbody></table><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><o:p>&nbsp;</o:p></div></div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; =
"><o:p>&nbsp;</o:p></div></div></div>_____________________________________=
__________<br>scim mailing list<br><a href=3D"mailto:scim@ietf.org" =
style=3D"color: blue; text-decoration: underline; =
">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color: =
blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a></div></span></blockquote>=
</div><br></div></body></html>=

--Apple-Mail=_EA85FA66-E39E-49ED-AF1B-14FB7541E105--

From moransar@cisco.com  Mon Mar 12 17:41:43 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D7BE21E8073 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 17:41:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.507
X-Spam-Level: 
X-Spam-Status: No, score=-10.507 tagged_above=-999 required=5 tests=[AWL=0.091, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VcmXZEVmXcSr for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 17:41:39 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id 26C8321E8011 for <scim@ietf.org>; Mon, 12 Mar 2012 17:41:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=38886; q=dns/txt; s=iport; t=1331599299; x=1332808899; h=mime-version:subject:date:message-id:in-reply-to: references:from:to:cc; bh=aDiMNuMdFRhIWy9MH3bApvZuPwKbiGv+gAzUg5CuQhw=; b=KMmypnxDguYipz2GxOBSA/kYbD+9P1uWyjwHqTXgO2EflWY28hOJD34O oivu2KJ0VYAm6M5VN6wocLAlF4ifvQlvPvadUkTWaKqUqraeO97yoZolA LYnfh9g0zYn0tTABH/iCOJsJ4+mHZ0jzTTXHV7QNBuTH9g1R8pabUhpTO Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AkcFAEGXXk+tJXG//2dsb2JhbAA6CYJFqh0BiHyBB4IJAQEBBAEBAQ8BCREDJRkLEAIBCAcKAQIBAQELAgQFCwEGAQYBJh8DBggBAQQTCAEZh2gLnQMBnwmKIA0IgwaCS2MEiFSdG4MBgT4
X-IronPort-AV: E=Sophos;i="4.73,574,1325462400"; d="scan'208,217";a="65846316"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-2.cisco.com with ESMTP; 13 Mar 2012 00:41:38 +0000
Received: from xbh-rcd-302.cisco.com (xbh-rcd-302.cisco.com [72.163.63.9]) by rcdn-core2-4.cisco.com (8.14.3/8.14.3) with ESMTP id q2D0fcn3031787;  Tue, 13 Mar 2012 00:41:38 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-302.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Mon, 12 Mar 2012 19:41:38 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD00B2.0C7F2AB0"
Date: Mon, 12 Mar 2012 19:41:37 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA626@XMB-RCD-313.cisco.com>
In-Reply-To: <0D543262-FC83-4EE4-99BF-8FDEBCFA04A9@oracle.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Porposed charter
Thread-Index: Ac0Aog3bq765++ecTme2mimwPh9bEQAAC/Kg
References: <8F20CA41-B61E-4EE0-B801-F08F9CD48444@oracle.com> <E646381C-8A04-4040-B835-A0348A8BFF6D@oracle.com> <93C6FB63F046384C86EC8F7F3FFEC7BEDEA074@XMB-RCD-313.cisco.com> <0D543262-FC83-4EE4-99BF-8FDEBCFA04A9@oracle.com>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Phil Hunt" <phil.hunt@oracle.com>
X-OriginalArrivalTime: 13 Mar 2012 00:41:38.0232 (UTC) FILETIME=[0CC97380:01CD00B2]
Cc: scim@ietf.org
Subject: Re: [scim] Porposed charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 00:41:43 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD00B2.0C7F2AB0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I think that makes sense.

=20

Eliot, can we carve up some time on the agenda for this?

=20

=20

Cheers,

Morteza

=20

From: Phil Hunt [mailto:phil.hunt@oracle.com]=20
Sent: Monday, March 12, 2012 3:46 PM
To: Morteza Ansari (moransar)
Cc: scim@ietf.org
Subject: Re: [scim] Porposed charter

=20

Morteza,

=20

I think that sounds reasonable.

=20

I would like time to present at the BoF so that the WG may consider
additional requirements for the charter at that time.

=20

I will also post a blog post outlining the issue in advance of the BoF
to help get everyone up to speed.

=20

Cheers,

=20

Phil

=20

@independentid

www.independentid.com

phil.hunt@oracle.com

=20





=20

On 2012-03-11, at 10:17 PM, Morteza Ansari (moransar) wrote:





Good suggestion Phil.  I added a new item under the WG consideration
section: "Work done by other standard bodies as input to the process
such as OASIS Provisioning TC" but I didn't add any specific items that
should be considered. I think it would be best to leave that to the WG
to study the work you referenced and decide what items should be
considered.

=20

Do you think that is sufficient?

=20

=20

Cheers,

Morteza

=20

From: Phil Hunt [mailto:phil.hunt@oracle.com]=20
Sent: Thursday, February 23, 2012 3:25 PM
To: scim@ietf.org; Morteza Ansari (moransar)
Subject: Re: [scim] Porposed charter

=20

Morteza,=20

=20

Very happy to see the SCIM WG is starting soon!

=20

Regarding the charter, I propose that the working group also adopt the
following OASIS Provisioning TC documents as input material:

* A RESTful Binding to SPML
<http://wiki.oasis-open.org/provision/restpml>  -
http://wiki.oasis-open.org/provision/restpml

* SIMPLEST: A standard schema for Identity and Access Management
<http://wiki.oasis-open.org/provision/simplest>  -
http://wiki.oasis-open.org/provision/simplest

These documents can provide some additional implementation insight into
the final SCIM WG product.

=20

Based on the OASIS Provisioning TC experience, there are some additional
cloud requirements that could be added into SCIM 1.0, hopefully in a
straightforward, backwards compatible way.=20

=20

The key items are:

* Support for multiple targets within a SCIM service provider

* A change to schema introducing a Person entity which for example is
associated with one or more User entities.

=20

The first item arises out of some practical deployment architecture
issues, the latter arises from an attestation issue that arises
regarding tracking what user accounts are associated with individuals --
especially when they have more than one User account. For those that
want to read ahead now, I suggest reading:

http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATarget
andAccount

=20

I propose to present on these two topics at the BoF and then based on
feedback can contribute the content in draft form into the WG for its
consideration.

=20

Regards,

=20

Phil

=20

@independentid

www.independentid.com <http://www.independentid.com/>=20

phil.hunt@oracle.com

=20

________________________________

*	From: "Morteza Ansari (moransar)" <moransar at cisco.com
<mailto:moransar@DOMAIN.HIDDEN> >
*	To: <scim at ietf.org <mailto:scim@DOMAIN.HIDDEN> >
*	Date: Wed, 8 Feb 2012 21:32:58 -0600
*	List-id: Simple Cloud Identity Management BOF <scim.ietf.org
<http://scim.ietf.org/> >

________________________________

Hi folks,

=20

Here is the proposed charter as we discussed over the cloud-directory
mailing list. Please review and send your comments.

=20

=20

Cheers,

Morteza

=20

=20

Simplified Cloud Identity Management (SCIM)

--------------------------------------------------------

=20

Charter

=20

Current Status: BOF Request

=20

Chair(s):

     TBD1

     TBD2

=20

Applications Area Director(s):

     Pete Resnick <presnick at qualcomm.com <http://qualcomm.com/> >

     Peter Saint-Andre <stpeter at stpeter.im>

=20

Mailing Lists:

     General Discussion: scim at ietf.org <http://ietf.org/>=20

     To Subscribe:     https://www.ietf.org/mailman/listinfo/scim

     Archive:
http://www.ietf.org/mail-archive/web/scim/current/maillist.html

=20

Description of Working Group:

=20

The Simple Cloud Identity Management (SCIM) specification is designed to
make managing user identity lifecycle in cloud based applications and
services easier.

=20

The specification suite seeks to build upon experience with existing
schemas and deployments, placing specific emphasis on simplicity of
development and integration, while applying existing authentication,
authorization, and privacy models. Its intent is to reduce the cost and
complexity of user management operations by providing a common user
schema and extension model, as well as binding documents to provide
patterns for exchanging this schema using standard protocols.

=20

The group will work to adapt the SCIM 1.0 specification produced under
the Open Web Foundation framework (http://www.simplecloud.info
<http://www.simplecloud.info/> ) as an IETF technology for management of
user identities in cloud-based applications.

=20

SCIM 1.0 consists of:

*         Schema definition for identity related objects

*         Protocol definition for accessing and managing the identity
objects

*         Binding of SCIM schema to Security Assertion Markup Language
(SAML) messages and assertions

*         Binding of SCIM schema to Lightweight Directory Access
Protocol (LDAP) schema (RFC4519)

=20

The Working Group will produce one or more documents suitable for
consideration as a Proposed Standard that will:

*         Improve the terminology used

*         Embody good security practices, document gaps in its
capabilities, and propose a path forward for addressing the gaps

*         Promote interoperability

*         Provide guidelines for extensibility

=20

SCIM 1.0 will be used as the starting point. The working group will
strive to retain backward compatibility with the 1.0 specification.
Changes that are not backwards compatible may be accepted if the group
determines changes are required to meet the group's technical objectives
and the group clearly documents the reasons for making them.

=20

The Working Group should consider:

*         Implementer experience

*         The end-user experience, including internationalization

*         Existing uses of SCIM

*         Ability to achieve broad implementation

*         Ability to address broader use cases than those considered by
the original authors

*         Additional functions or extensions that are needed to address
key security concerns, cross-area review, and implementer feedback

=20

The working group will focus on adapting the core technology first but
work on extensions will be considered after the core work is well in
hand.

=20

=20

=20

_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

=20


------_=_NextPart_001_01CD00B2.0C7F2AB0
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 =
(filtered medium)"><!--[if !mso]><style>v\:* =
{behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
	{font-family:Times;
	panose-1:2 2 6 3 5 4 5 2 3 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
	{mso-style-priority:99;
	mso-style-link:"Plain Text Char";
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
span.apple-style-span
	{mso-style-name:apple-style-span;}
span.apple-converted-space
	{mso-style-name:apple-converted-space;}
span.PlainTextChar
	{mso-style-name:"Plain Text Char";
	mso-style-priority:99;
	mso-style-link:"Plain Text";
	font-family:Consolas;}
span.EmailStyle22
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:1286618527;
	mso-list-template-ids:2008028656;}
@list l0:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level2
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:1.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:1.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:2.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level5
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:2.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:3.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:3.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level8
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:4.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:4.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>I think that makes sense.<o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Eliot, can we carve up some time on the agenda for =
this?<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Cheers,<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Morteza<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><div><div =
style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span>=
</b><span style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> =
Phil Hunt [mailto:phil.hunt@oracle.com] <br><b>Sent:</b> Monday, March =
12, 2012 3:46 PM<br><b>To:</b> Morteza Ansari (moransar)<br><b>Cc:</b> =
scim@ietf.org<br><b>Subject:</b> Re: [scim] Porposed =
charter<o:p></o:p></span></p></div></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal>Morteza,<o:p></o:p></p><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p class=3DMsoNormal>I =
think that sounds reasonable.<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p class=3DMsoNormal>I =
would like time to present at the BoF so that the WG may consider =
additional requirements for the charter at that =
time.<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p class=3DMsoNormal>I =
will also post a blog post outlining the issue in advance of the BoF to =
help get everyone up to speed.<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div><div><p =
class=3DMsoNormal>Cheers,<o:p></o:p></p></div><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><div><div><div><div><div><div><div=
><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'>Phil<o:p></o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'><o:p>&nbsp;</o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'>@independentid<o:p></o:p></span></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'><a =
href=3D"http://www.independentid.com">www.independentid.com</a><o:p></o:p=
></span></p></div></div></div></div><p class=3DMsoNormal =
style=3D'margin-bottom:13.5pt'><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif";color:blac=
k'><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p></o:p><=
/span></p></div><p class=3DMsoNormal><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif";color:blac=
k'><o:p>&nbsp;</o:p></span></p></div><p class=3DMsoNormal><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif";color:blac=
k'><br><br></span><o:p></o:p></p></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><div><div><p class=3DMsoNormal>On =
2012-03-11, at 10:17 PM, Morteza Ansari (moransar) =
wrote:<o:p></o:p></p></div><p =
class=3DMsoNormal><br><br><o:p></o:p></p><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Good suggestion Phil.&nbsp; I added a new item under the WG =
consideration section: &#8220;Work done by other standard bodies as =
input to the process such as OASIS Provisioning TC&#8221; but I =
didn&#8217;t add any specific items that should be considered. I think =
it would be best to leave that to the WG to study the work you =
referenced and decide what items should be =
considered.</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Do you think that is sufficient?</span><o:p></o:p></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Cheers,</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Morteza</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><div =
style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial'><div><p =
class=3DMsoNormal><b><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span>=
</b><span class=3Dapple-converted-space><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>&nbsp;</span=
></span><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>Phil Hunt =
<a =
href=3D"mailto:[mailto:phil.hunt@oracle.com]">[mailto:phil.hunt@oracle.co=
m]</a><span =
class=3Dapple-converted-space>&nbsp;</span><br><b>Sent:</b><span =
class=3Dapple-converted-space>&nbsp;</span>Thursday, February 23, 2012 =
3:25 PM<br><b>To:</b><span class=3Dapple-converted-space>&nbsp;</span><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a>; Morteza Ansari =
(moransar)<br><b>Subject:</b><span =
class=3Dapple-converted-space>&nbsp;</span>Re: [scim] Porposed =
charter</span><o:p></o:p></p></div></div></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div><div><div><div><div><p =
class=3DMsoNormal>Morteza,&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>Very happy to see the SCIM WG is starting =
soon!<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>Regarding the charter,&nbsp;I propose that the working =
group also adopt the following OASIS Provisioning TC documents as input =
material:<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>*&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/restpml">A RESTful Binding =
to SPML</a>&nbsp;-&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/restpml">http://wiki.oasis-o=
pen.org/provision/restpml</a><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>*&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/simplest">SIMPLEST: A =
standard schema for Identity and Access Management</a>&nbsp;-&nbsp;<a =
href=3D"http://wiki.oasis-open.org/provision/simplest">http://wiki.oasis-=
open.org/provision/simplest</a><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>These documents can provide some additional =
implementation insight into the final SCIM WG =
product.<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>Based on the OASIS Provisioning TC experience, there =
are some additional cloud requirements that could be added into SCIM =
1.0, hopefully in a straightforward, backwards compatible =
way.&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>The key items =
are:<o:p></o:p></p></div></div><div><div><p class=3DMsoNormal>* Support =
for multiple targets within a SCIM service =
provider<o:p></o:p></p></div></div><div><div><p class=3DMsoNormal>* A =
change to schema introducing a Person entity which for example is =
associated with one or more User =
entities.<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>The first item arises out of some practical deployment =
architecture issues, the latter arises from an attestation issue that =
arises regarding tracking what user accounts are associated with =
individuals -- especially when they have more than one User account. For =
those that want to read ahead now, I suggest =
reading:<o:p></o:p></p></div></div><div><div><p class=3DMsoNormal><a =
href=3D"http://wiki.oasis-open.org/provision/simplest#AccountManagement.3=
ATargetandAccount">http://wiki.oasis-open.org/provision/simplest#AccountM=
anagement.3ATargetandAccount</a><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>I propose to present on these two topics at the BoF =
and then based on feedback can contribute the content in draft form into =
the WG for its consideration.<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>Regards,<o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><div><div><div><d=
iv><div><div><div><div><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt'>Phil</span><o:p></o:p></p></div></div><div><div=
><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt'>&nbsp;</span><o:p></o:p></p></div></div><div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt'>@independentid</span><o:p></o:p></p></div></div=
><div><div><p class=3DMsoNormal><span style=3D'font-size:9.0pt'><a =
href=3D"http://www.independentid.com/">www.independentid.com</a></span><o=
:p></o:p></p></div></div></div></div></div><p class=3DMsoNormal =
style=3D'margin-bottom:12.0pt'><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p></o:p><=
/p></div><div><p class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div =
class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><hr =
size=3D2 width=3D"100%" align=3Dcenter></div><ul =
style=3D'margin-top:0in' type=3Ddisc><li class=3DMsoNormal =
style=3D'mso-list:l0 level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>From</span></em><span =
style=3D'font-family:"Times","serif"'>: &quot;Morteza Ansari =
(moransar)&quot; &lt;<a href=3D"mailto:moransar@DOMAIN.HIDDEN">moransar =
at cisco.com</a>&gt;</span><o:p></o:p></li><li class=3DMsoNormal =
style=3D'mso-list:l0 level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>To</span></em><span =
style=3D'font-family:"Times","serif"'>: &lt;<a =
href=3D"mailto:scim@DOMAIN.HIDDEN">scim at =
ietf.org</a>&gt;</span><o:p></o:p></li><li class=3DMsoNormal =
style=3D'mso-list:l0 level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>Date</span></em><span =
style=3D'font-family:"Times","serif"'>: Wed, 8 Feb 2012 21:32:58 =
-0600</span><o:p></o:p></li><li class=3DMsoNormal style=3D'mso-list:l0 =
level1 lfo1'><em><span =
style=3D'font-family:"Times","serif"'>List-id</span></em><span =
style=3D'font-family:"Times","serif"'>: Simple Cloud Identity Management =
BOF &lt;<a =
href=3D"http://scim.ietf.org/">scim.ietf.org</a>&gt;</span><o:p></o:p></l=
i></ul><div class=3DMsoNormal align=3Dcenter =
style=3D'text-align:center'><hr size=3D2 width=3D"100%" =
align=3Dcenter></div><table class=3DMsoNormalTable border=3D0 =
cellpadding=3D0 width=3D"100%" =
style=3D'width:100.0%;z-index:auto'><tr><td style=3D'padding:.75pt .75pt =
.75pt .75pt'><div><div><p class=3DMsoNormal>Hi =
folks,<o:p></o:p></p></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div><div><p =
class=3DMsoNormal>Here is the proposed charter as we discussed over the =
cloud-directory mailing list. Please review and send your =
comments.<o:p></o:p></p></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div><div><p =
class=3DMsoNormal>Cheers,<o:p></o:p></p></div><div><p =
class=3DMsoNormal>Morteza<o:p></o:p></p></div><div =
style=3D'border:none;border-bottom:solid windowtext 3.0pt;padding:0in =
0in 1.0pt =
0in;border-width:initial;border-color:initial;border-width:initial;border=
-color:initial'><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Simplified Cloud =
Identity Management (SCIM)</span><o:p></o:p></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>-----------------------=
---------------------------------</span><o:p></o:p></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Charter</span><o:p></o:=
p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Current Status: BOF =
Request</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Chair(s):</span><o:p></=
o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; TBD1</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; TBD2</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Applications Area =
Director(s):</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp; =
&nbsp;Pete Resnick &lt;presnick at<span =
class=3Dapple-converted-space>&nbsp;</span><a =
href=3D"http://qualcomm.com/">qualcomm.com</a>&gt;</span><o:p></o:p></p><=
p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;Peter Saint-Andre &lt;stpeter at =
stpeter.im&gt;</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Mailing =
Lists:</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; General Discussion: scim at<span =
class=3Dapple-converted-space>&nbsp;</span><a =
href=3D"http://ietf.org/">ietf.org</a></span><o:p></o:p></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; To Subscribe:&nbsp;&nbsp;&nbsp;&nbsp;<span =
class=3Dapple-converted-space>&nbsp;</span><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/=
mailman/listinfo/scim</a></span><o:p></o:p></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;&nbsp;&nbsp;&nbsp=
; =
Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;<span class=3Dapple-converted-space>&nbsp;</span><a =
href=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html">=
http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a></span=
><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>Description of Working =
Group:</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The Simple Cloud =
Identity Management (SCIM) specification is designed to make managing =
user identity lifecycle in cloud based applications and services =
easier.</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The specification =
suite seeks to build upon experience with existing schemas and =
deployments, placing specific emphasis on simplicity of development and =
integration, while applying existing authentication, authorization, and =
privacy models. Its intent is to reduce the cost and complexity of user =
management operations by providing a common user schema and extension =
model, as well as binding documents to provide patterns for exchanging =
this schema using standard protocols.</span><o:p></o:p></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The group will work to =
adapt the SCIM 1.0 specification produced under the Open Web Foundation =
framework (<a =
href=3D"http://www.simplecloud.info/">http://www.simplecloud.info</a>) =
as an IETF technology for management of user identities in cloud-based =
applications.</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>SCIM 1.0 consists =
of:</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Schema definition for =
identity related objects</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Protocol definition =
for accessing and managing the identity objects</span><o:p></o:p></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Binding of SCIM schema =
to Security Assertion Markup Language (SAML) messages and =
assertions</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Binding of SCIM schema =
to Lightweight Directory Access Protocol (LDAP) schema =
(RFC4519)</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The Working Group will =
produce one or more documents suitable for consideration as a Proposed =
Standard that will:</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Improve the =
terminology used</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Embody good security =
practices, document gaps in its capabilities, and propose a path forward =
for addressing the gaps</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Promote =
interoperability</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Provide guidelines for =
extensibility</span><o:p></o:p></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>SCIM 1.0 will be used =
as the starting point. The working group will strive to retain backward =
compatibility with the 1.0 specification. Changes that are not backwards =
compatible may be accepted if the group determines changes are required =
to meet the group's technical objectives and the group clearly documents =
the reasons for making them.</span><o:p></o:p></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The Working Group =
should consider:</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Implementer =
experience</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>The end-user =
experience, including internationalization</span><o:p></o:p></p><p =
class=3DMsoPlainText style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Existing uses of =
SCIM</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Ability to achieve =
broad implementation</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Ability to address =
broader use cases than those considered by the original =
authors</span><o:p></o:p></p><p class=3DMsoPlainText =
style=3D'margin-left:.5in;text-indent:-.25in'><span =
style=3D'font-family:Symbol;color:black'>&middot;</span><span =
style=3D'font-size:7.0pt;color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;</span><span =
style=3D'font-family:"Times","serif";color:black'>Additional functions =
or extensions that are needed to address key security concerns, =
cross-area review, and implementer feedback</span><o:p></o:p></p><p =
class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>&nbsp;</span><o:p></o:p=
></p><p class=3DMsoPlainText><span =
style=3D'font-family:"Times","serif";color:black'>The working group will =
focus on adapting the core technology first but work on extensions will =
be considered after the core work is well in =
hand.</span><o:p></o:p></p></div></td></tr></table><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div></div><p =
class=3DMsoNormal><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif"'>_________=
______________________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/=
mailman/listinfo/scim</a><o:p></o:p></span></p></div></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></div></body></html>
------_=_NextPart_001_01CD00B2.0C7F2AB0--

From moransar@cisco.com  Mon Mar 12 17:48:06 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1F2F21E8111 for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 17:48:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.515
X-Spam-Level: 
X-Spam-Status: No, score=-10.515 tagged_above=-999 required=5 tests=[AWL=0.084, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id haa9tfftpjQo for <scim@ietfa.amsl.com>; Mon, 12 Mar 2012 17:48:05 -0700 (PDT)
Received: from mtv-iport-2.cisco.com (mtv-iport-2.cisco.com [173.36.130.13]) by ietfa.amsl.com (Postfix) with ESMTP id D222A21E80EC for <scim@ietf.org>; Mon, 12 Mar 2012 17:48:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=6708; q=dns/txt; s=iport; t=1331599685; x=1332809285; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=RrqHm09AfuXcBcAPIKt6Gss+sw7QF5w0LhYyJvlGw08=; b=h2g+1YMPyo9OOhKFt/MF6J3H7InARouDf/Xr/S/rPJCHEgaL4pk+omc4 F+BPdKY/qBOB7q0U57tJrsWhvQxANISfswWuenkR2Orfojk8prrHa8ezQ AsVisekz3ZuZAKtKmRsmOpufVJeeP0HUYsiF+6jlnX07jE+SohlxNIJNj U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFAOyXXk+rRDoH/2dsb2JhbABDtV+BB4IJAQEBAwEBAQEPAR0KDyUGBQUHBAIBCBEEAQEBCgYXAQYBJh8JCAEBBAESCBqHYwQBC5x7AZ8JkAZjBIhUnRuDAYE+
X-IronPort-AV: E=Sophos;i="4.73,574,1325462400"; d="scan'208";a="35828529"
Received: from mtv-core-2.cisco.com ([171.68.58.7]) by mtv-iport-2.cisco.com with ESMTP; 13 Mar 2012 00:48:05 +0000
Received: from xbh-rcd-301.cisco.com (xbh-rcd-301.cisco.com [72.163.63.8]) by mtv-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2D0m5iD018013; Tue, 13 Mar 2012 00:48:05 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-301.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Mon, 12 Mar 2012 19:48:05 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 12 Mar 2012 19:48:04 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA62A@XMB-RCD-313.cisco.com>
In-Reply-To: <54B0EBDC-E243-48D8-BF44-BDAEF60F464C@oracle.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Deliverable section of charter
Thread-Index: Ac0AdKjQ65dv624yR+26Bsu4jVq4vAAPfMBw
References: <93C6FB63F046384C86EC8F7F3FFEC7BEDEA075@XMB-RCD-313.cisco.com><CAF2hCbb+8Tc_cgQ1PR9uCw0bSH_h2O8y7+7J_BrFP3tfd1AAtw@mail.gmail.com><4F5DA16A.4070107@cisco.com><C9B5335D-1C97-4656-AA4D-B77A81F0BC5B@oracle.com><BF24E535-0B69-4477-A7F5-D7CFC40EA61C@unboundid.com><2A432DF8-DF8F-468A-B805-A63F28318AA6@oracle.com><A450680E-6365-436C-8078-8E5F620440DB@unboundid.com> <54B0EBDC-E243-48D8-BF44-BDAEF60F464C@oracle.com>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Phil Hunt" <phil.hunt@oracle.com>, "Trey Drake" <trey.drake@unboundid.com>
X-OriginalArrivalTime: 13 Mar 2012 00:48:05.0204 (UTC) FILETIME=[F370B140:01CD00B2]
Cc: scim@ietf.org
Subject: Re: [scim] Deliverable section of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 00:48:06 -0000

I believe the updated charter addresses this: "The working group should
consider: ... *	Work done by other standard bodies as input to the
process such as OASIS Provisioning TC"

I guess the question is how to provide a deliverable section when we
don't know what the exact list of the documents we need to be producing
as part of the WG adopted work.
=20

Cheers,
Morteza

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Phil Hunt
Sent: Monday, March 12, 2012 10:22 AM
To: Trey Drake
Cc: scim@ietf.org
Subject: Re: [scim] Deliverable section of charter

Trey,

You are correct. This is why a merger of efforts seems appropriate to
discuss.

The issue is to look at the gaps and see if:

a. They add value to SCIM
b. They can be added with minimal disruption

As far as I can tell, the key missing piece is the concept of Targeting
in the SIMPLEST spec.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-12, at 10:10 AM, Trey Drake wrote:

> Phil,
>=20
> Understood.  I was suggesting you provide more detail so as to solicit
more feedback.  Please do publish/email more detail for us to review
ahead of time.  My read on the Simplest schema/attribute spec is that
its mostly overlap therefore if you're willing to do the work to
highlight the deltas that would go a long way (at least for me) in
getting those of us that have had our noses buried in SCIM for awhile up
to speed.
>=20
> Thanks,
> Trey
>=20
>=20
> On Mar 12, 2012, at 11:58 AM, Phil Hunt wrote:
>=20
>> Trey,
>>=20
>> I think such a draft proposal is premature. At the BoF stage, we
should simply cite existing published materials as input rather then
submitting changes prior to formation. Having other sources of input
does not commit the WG to using the material, it simply indicates that
the material is being considered.
>>=20
>> I propose we discuss the issue at the BoF, and decide whether or not
it should fall within the initial charter.
>>=20
>> As to the whys/impact etc., I'm prepared to present that at the BoF.
Then based on feedback, I am happy to work with any other interested WG
members (as editor or contributor) to submit a draft proposal after the
WG formation.
>>=20
>> If it helps, I can publish some comments on the requirements
externally on my personal blog so that everyone can have a chance to
think about the issue in greater detail prior to the meeting.
>>=20
>> Phil
>>=20
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>=20
>>=20
>>=20
>>=20
>>=20
>> On 2012-03-12, at 9:29 AM, Trey Drake wrote:
>>=20
>>> Phil,
>>>=20
>>> I believe it would be helpful if you made a specific proposal for
how the "Simplest" schema, et al. might be meshed with the existing SCIM
schema.  A proposal pointing out:
>>>=20
>>> - the specific schema and attribute changes (schema change required?

>>> applicable to core? additional extensions?, etc.)
>>> - what impact those changes have on the protocol (in theory none)
>>> - reasoning for change
>>> - implementation impact  (is it useful by the masses, generalizable=20
>>> across a variety of 'backends', *implementable*)
>>>=20
>>> Thanks,
>>> Trey
>>>=20
>>>=20
>>> On Mar 12, 2012, at 11:14 AM, Phil Hunt wrote:
>>>=20
>>>> We still need to discuss adding major missing components in SCIM
that are present in RESTpml. Specifically 'targeting'.=20
>>>>=20
>>>> I have not yet heard back on including this material as input docs
to the charter.=20
>>>>=20
>>>> SCIM as it stands now is great for single service SaaS providers
but there are major gaps for larger multi-service providers that
targeting addresses.=20
>>>>=20
>>>> Note that I think these changes are additive and would not delay or
significantly change the core spec--though there may be some normative
adjustments required. I believe these are foundational requirements and
need to be addressed now.=20
>>>>=20
>>>> Phil
>>>>=20
>>>> On 2012-03-12, at 0:10, Eliot Lear <lear@cisco.com> wrote:
>>>>=20
>>>>> Do we have a draft volunteer?
>>>>>=20
>>>>> Eliot
>>>>>=20
>>>>> On 3/12/12 7:56 AM, Samuel Erdtman wrote:
>>>>>> Have we considered to include an OpenID binding, 2.0 or Connect?
>>>>>>=20
>>>>>> Cheers
>>>>>> //Samuel
>>>>>>=20
>>>>>> On Mon, Mar 12, 2012 at 6:17 AM, Morteza Ansari (moransar)=20
>>>>>> <moransar@cisco.com> wrote:
>>>>>>> Eliot suggestion we should add a deliverable section to the=20
>>>>>>> charter. Here is a suggestion based on discussion and documents=20
>>>>>>> under SCIM 1.0. Consider the dates on each item as a complete=20
>>>>>>> guess. We should discuss the list of documents to begin with and

>>>>>>> then assign appropriate/practical timeline to
>>>>>>> these:
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>> 5/2012    Initial problem statement draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM core schema
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM restful interface draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM SAML bindings draft
>>>>>>>=20
>>>>>>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM core schema
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM restful interface
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM SAML bindings
>>>>>>>=20
>>>>>>> 9/2012    WGLC SCIM LDAP mapping
>>>>>>>=20
>>>>>>> 3/2013    Re-charter discussion
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>>=20
>>>>>>> Cheers,
>>>>>>>=20
>>>>>>> Morteza
>>>>>>>=20
>>>>>>>=20
>>>>>>> _______________________________________________
>>>>>>> scim mailing list
>>>>>>> scim@ietf.org
>>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>>=20
>>>>>> _______________________________________________
>>>>>> scim mailing list
>>>>>> scim@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>>>=20
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From lear@cisco.com  Tue Mar 13 02:05:55 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8B7021F87D4 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 02:05:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.557
X-Spam-Level: 
X-Spam-Status: No, score=-110.557 tagged_above=-999 required=5 tests=[AWL=0.041, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tZVqDPf91fhV for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 02:05:51 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id BA33E21F87CD for <scim@ietf.org>; Tue, 13 Mar 2012 02:05:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=89323; q=dns/txt; s=iport; t=1331629548; x=1332839148; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=LVqwkxM/XBFXQMWf2WKF1+hnFXvSuq7bbC64kXxnqqg=; b=h0EQwwmt6WIvnY+sQAnE+YdIofFGsvhrvS0OZNzu+YwUcGU6yH1KAzZR S8PgRhn4I5lBGF7n/aHscEnVcJsSyDwYPAzQvdXFQe9jMPLMGzR0w1xcA UlaBP21+FzFXht9K/pE2gdHZchIHIUHIEoya9N+VU6+IvS3EIc5MioOvw o=;
X-IronPort-AV: E=Sophos;i="4.73,576,1325462400"; d="scan'208,217";a="68324157"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 13 Mar 2012 09:05:47 +0000
Received: from dhcp-10-55-89-97.cisco.com (dhcp-10-55-89-97.cisco.com [10.55.89.97]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2D95jmK029076; Tue, 13 Mar 2012 09:05:46 GMT
Message-ID: <4F5F0DE9.5000707@cisco.com>
Date: Tue, 13 Mar 2012 10:05:45 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <8F20CA41-B61E-4EE0-B801-F08F9CD48444@oracle.com> <E646381C-8A04-4040-B835-A0348A8BFF6D@oracle.com> <93C6FB63F046384C86EC8F7F3FFEC7BEDEA074@XMB-RCD-313.cisco.com> <0D543262-FC83-4EE4-99BF-8FDEBCFA04A9@oracle.com>
In-Reply-To: <0D543262-FC83-4EE4-99BF-8FDEBCFA04A9@oracle.com>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------050305040200030809020005"
Cc: scim@ietf.org, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Porposed charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 09:05:55 -0000

This is a multi-part message in MIME format.
--------------050305040200030809020005
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Phil, Morteza,

My first preference would be that the two of you work together to
consolidate such a presentation.  I also think it would be very helpful,
Phil, if you could first articulate those requirements on this list.

Eliot

On 3/12/12 11:46 PM, Phil Hunt wrote:
> Morteza,
>
> I think that sounds reasonable.
>
> I would like time to present at the BoF so that the WG may consider
> additional requirements for the charter at that time.
>
> I will also post a blog post outlining the issue in advance of the BoF
> to help get everyone up to speed.
>
> Cheers,
>
> Phil
>
> @independentid
> www.independentid.com <http://www.independentid.com>
> phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>
>
>
>
>
>
> On 2012-03-11, at 10:17 PM, Morteza Ansari (moransar) wrote:
>
>> Good suggestion Phil.  I added a new item under the WG consideration
>> section: “Work done by other standard bodies as input to the process
>> such as OASIS Provisioning TC” but I didn’t add any specific items
>> that should be considered. I think it would be best to leave that to
>> the WG to study the work you referenced and decide what items should
>> be considered.
>>  
>> Do you think that is sufficient?
>>  
>>  
>> Cheers,
>> Morteza
>>  
>> *From:* Phil Hunt [mailto:phil.hunt@oracle.com] 
>> *Sent:* Thursday, February 23, 2012 3:25 PM
>> *To:* scim@ietf.org <mailto:scim@ietf.org>; Morteza Ansari (moransar)
>> *Subject:* Re: [scim] Porposed charter
>>  
>> Morteza, 
>>  
>> Very happy to see the SCIM WG is starting soon!
>>  
>> Regarding the charter, I propose that the working group also adopt
>> the following OASIS Provisioning TC documents as input material:
>> * A RESTful Binding to SPML
>> <http://wiki.oasis-open.org/provision/restpml> - http://wiki.oasis-open.org/provision/restpml
>> * SIMPLEST: A standard schema for Identity and Access Management
>> <http://wiki.oasis-open.org/provision/simplest> - http://wiki.oasis-open.org/provision/simplest
>> These documents can provide some additional implementation insight
>> into the final SCIM WG product.
>>  
>> Based on the OASIS Provisioning TC experience, there are some
>> additional cloud requirements that could be added into SCIM 1.0,
>> hopefully in a straightforward, backwards compatible way. 
>>  
>> The key items are:
>> * Support for multiple targets within a SCIM service provider
>> * A change to schema introducing a Person entity which for example is
>> associated with one or more User entities.
>>  
>> The first item arises out of some practical deployment architecture
>> issues, the latter arises from an attestation issue that arises
>> regarding tracking what user accounts are associated with individuals
>> -- especially when they have more than one User account. For those
>> that want to read ahead now, I suggest reading:
>> http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATargetandAccount
>>  
>> I propose to present on these two topics at the BoF and then based on
>> feedback can contribute the content in draft form into the WG for its
>> consideration.
>>  
>> Regards,
>>  
>> Phil
>>  
>> @independentid
>> www.independentid.com <http://www.independentid.com/>
>>
>> phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>
>>
>>  
>> ------------------------------------------------------------------------
>>
>>   * /From/: "Morteza Ansari (moransar)" <moransar at cisco.com
>>     <mailto:moransar@DOMAIN.HIDDEN>>
>>   * /To/: <scim at ietf.org <mailto:scim@DOMAIN.HIDDEN>>
>>   * /Date/: Wed, 8 Feb 2012 21:32:58 -0600
>>   * /List-id/: Simple Cloud Identity Management BOF <scim.ietf.org
>>     <http://scim.ietf.org/>>
>>
>> ------------------------------------------------------------------------
>> Hi folks,
>>  
>> Here is the proposed charter as we discussed over the cloud-directory
>> mailing list. Please review and send your comments.
>>  
>>  
>> Cheers,
>> Morteza
>>  
>>  
>>
>> Simplified Cloud Identity Management (SCIM)
>>
>> --------------------------------------------------------
>>
>>  
>>
>> Charter
>>
>>  
>>
>> Current Status: BOF Request
>>
>>  
>>
>> Chair(s):
>>
>>      TBD1
>>
>>      TBD2
>>
>>  
>>
>> Applications Area Director(s):
>>
>>      Pete Resnick <presnick at qualcomm.com <http://qualcomm.com/>>
>>
>>      Peter Saint-Andre <stpeter at stpeter.im>
>>
>>  
>>
>> Mailing Lists:
>>
>>      General Discussion: scim at ietf.org <http://ietf.org/>
>>
>>      To Subscribe:     https://www.ietf.org/mailman/listinfo/scim
>>
>>     
>> Archive:               http://www.ietf.org/mail-archive/web/scim/current/maillist.html
>>
>>  
>>
>> Description of Working Group:
>>
>>  
>>
>> The Simple Cloud Identity Management (SCIM) specification is designed
>> to make managing user identity lifecycle in cloud based applications
>> and services easier.
>>
>>  
>>
>> The specification suite seeks to build upon experience with existing
>> schemas and deployments, placing specific emphasis on simplicity of
>> development and integration, while applying existing authentication,
>> authorization, and privacy models. Its intent is to reduce the cost
>> and complexity of user management operations by providing a common
>> user schema and extension model, as well as binding documents to
>> provide patterns for exchanging this schema using standard protocols.
>>
>>  
>>
>> The group will work to adapt the SCIM 1.0 specification produced
>> under the Open Web Foundation framework (http://www.simplecloud.info
>> <http://www.simplecloud.info/>) as an IETF technology for management
>> of user identities in cloud-based applications.
>>
>>  
>>
>> SCIM 1.0 consists of:
>>
>> ·         Schema definition for identity related objects
>>
>> ·         Protocol definition for accessing and managing the identity
>> objects
>>
>> ·         Binding of SCIM schema to Security Assertion Markup
>> Language (SAML) messages and assertions
>>
>> ·         Binding of SCIM schema to Lightweight Directory Access
>> Protocol (LDAP) schema (RFC4519)
>>
>>  
>>
>> The Working Group will produce one or more documents suitable for
>> consideration as a Proposed Standard that will:
>>
>> ·         Improve the terminology used
>>
>> ·         Embody good security practices, document gaps in its
>> capabilities, and propose a path forward for addressing the gaps
>>
>> ·         Promote interoperability
>>
>> ·         Provide guidelines for extensibility
>>
>>  
>>
>> SCIM 1.0 will be used as the starting point. The working group will
>> strive to retain backward compatibility with the 1.0 specification.
>> Changes that are not backwards compatible may be accepted if the
>> group determines changes are required to meet the group's technical
>> objectives and the group clearly documents the reasons for making them.
>>
>>  
>>
>> The Working Group should consider:
>>
>> ·         Implementer experience
>>
>> ·         The end-user experience, including internationalization
>>
>> ·         Existing uses of SCIM
>>
>> ·         Ability to achieve broad implementation
>>
>> ·         Ability to address broader use cases than those considered
>> by the original authors
>>
>> ·         Additional functions or extensions that are needed to
>> address key security concerns, cross-area review, and implementer
>> feedback
>>
>>  
>>
>> The working group will focus on adapting the core technology first
>> but work on extensions will be considered after the core work is well
>> in hand.
>>
>>  
>>  
>>  
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org <mailto:scim@ietf.org>
>> https://www.ietf.org/mailman/listinfo/scim
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

--------------050305040200030809020005
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Phil, Morteza,<br>
    <br>
    My first preference would be that the two of you work together to
    consolidate such a presentation.  I also think it would be very
    helpful, Phil, if you could first articulate those requirements on
    this list.<br>
    <br>
    Eliot<br>
    <br>
    On 3/12/12 11:46 PM, Phil Hunt wrote:
    <blockquote
      cite="mid:0D543262-FC83-4EE4-99BF-8FDEBCFA04A9@oracle.com"
      type="cite">Morteza,
      <div><br>
      </div>
      <div>I think that sounds reasonable.</div>
      <div><br>
      </div>
      <div>I would like time to present at the BoF so that the WG may
        consider additional requirements for the charter at that time.</div>
      <div><br>
      </div>
      <div>I will also post a blog post outlining the issue in advance
        of the BoF to help get everyone up to speed.</div>
      <div><br>
      </div>
      <div>Cheers,</div>
      <div><br>
        <div apple-content-edited="true">
          <span class="Apple-style-span" style="border-collapse:
            separate; color: rgb(0, 0, 0); font-family: Helvetica;
            font-style: normal; font-variant: normal; font-weight:
            normal; letter-spacing: normal; line-height: normal;
            orphans: 2; text-align: auto; text-indent: 0px;
            text-transform: none; white-space: normal; widows: 2;
            word-spacing: 0px; -webkit-border-horizontal-spacing: 0px;
            -webkit-border-vertical-spacing: 0px;
            -webkit-text-decorations-in-effect: none;
            -webkit-text-size-adjust: auto; -webkit-text-stroke-width:
            0px; font-size: medium; "><span class="Apple-style-span"
              style="border-collapse: separate; color: rgb(0, 0, 0);
              font-family: Helvetica; font-size: medium; font-style:
              normal; font-variant: normal; font-weight: normal;
              letter-spacing: normal; line-height: normal; orphans: 2;
              text-indent: 0px; text-transform: none; white-space:
              normal; widows: 2; word-spacing: 0px;
              -webkit-border-horizontal-spacing: 0px;
              -webkit-border-vertical-spacing: 0px;
              -webkit-text-decorations-in-effect: none;
              -webkit-text-size-adjust: auto; -webkit-text-stroke-width:
              0px; ">
              <div style="word-wrap: break-word; -webkit-nbsp-mode:
                space; -webkit-line-break: after-white-space; "><span
                  class="Apple-style-span" style="border-collapse:
                  separate; color: rgb(0, 0, 0); font-family: Helvetica;
                  font-size: medium; font-style: normal; font-variant:
                  normal; font-weight: normal; letter-spacing: normal;
                  line-height: normal; orphans: 2; text-indent: 0px;
                  text-transform: none; white-space: normal; widows: 2;
                  word-spacing: 0px; -webkit-border-horizontal-spacing:
                  0px; -webkit-border-vertical-spacing: 0px;
                  -webkit-text-decorations-in-effect: none;
                  -webkit-text-size-adjust: auto;
                  -webkit-text-stroke-width: 0px; ">
                  <div style="word-wrap: break-word; -webkit-nbsp-mode:
                    space; -webkit-line-break: after-white-space; "><span
                      class="Apple-style-span" style="border-collapse:
                      separate; color: rgb(0, 0, 0); font-family:
                      Helvetica; font-size: 12px; font-style: normal;
                      font-variant: normal; font-weight: normal;
                      letter-spacing: normal; line-height: normal;
                      orphans: 2; text-indent: 0px; text-transform:
                      none; white-space: normal; widows: 2;
                      word-spacing: 0px;
                      -webkit-border-horizontal-spacing: 0px;
                      -webkit-border-vertical-spacing: 0px;
                      -webkit-text-decorations-in-effect: none;
                      -webkit-text-size-adjust: auto;
                      -webkit-text-stroke-width: 0px; ">
                      <div style="word-wrap: break-word;
                        -webkit-nbsp-mode: space; -webkit-line-break:
                        after-white-space; ">
                        <div>
                          <div>
                            <div>Phil</div>
                            <div><br>
                            </div>
                            <div>@independentid</div>
                            <div><a moz-do-not-send="true"
                                href="http://www.independentid.com">www.independentid.com</a></div>
                          </div>
                        </div>
                      </div>
                    </span><a moz-do-not-send="true"
                      href="mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br>
                    <br>
                  </div>
                </span><br class="Apple-interchange-newline">
              </div>
            </span><br class="Apple-interchange-newline">
          </span><br class="Apple-interchange-newline">
        </div>
        <br>
        <div>
          <div>On 2012-03-11, at 10:17 PM, Morteza Ansari (moransar)
            wrote:</div>
          <br class="Apple-interchange-newline">
          <blockquote type="cite"><span class="Apple-style-span"
              style="border-collapse: separate; font-family: Helvetica;
              font-style: normal; font-variant: normal; font-weight:
              normal; letter-spacing: normal; line-height: normal;
              orphans: 2; text-align: -webkit-auto; text-indent: 0px;
              text-transform: none; white-space: normal; widows: 2;
              word-spacing: 0px; -webkit-border-horizontal-spacing: 0px;
              -webkit-border-vertical-spacing: 0px;
              -webkit-text-decorations-in-effect: none;
              -webkit-text-size-adjust: auto; -webkit-text-stroke-width:
              0px; font-size: medium; ">
              <div link="blue" vlink="purple" lang="EN-US">
                <div class="WordSection1" style="page: WordSection1; ">
                  <div style="margin-right: 0in; margin-left: 0in;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span
                      style="font-size: 11pt; font-family: Calibri,
                      sans-serif; color: rgb(31, 73, 125); ">Good
                      suggestion Phil.  I added a new item under the WG
                      consideration section: “Work done by other
                      standard bodies as input to the process such as
                      OASIS Provisioning TC” but I didn’t add any
                      specific items that should be considered. I think
                      it would be best to leave that to the WG to study
                      the work you referenced and decide what items
                      should be considered.<o:p></o:p></span></div>
                  <div style="margin-right: 0in; margin-left: 0in;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span
                      style="font-size: 11pt; font-family: Calibri,
                      sans-serif; color: rgb(31, 73, 125); "><o:p> </o:p></span></div>
                  <div style="margin-right: 0in; margin-left: 0in;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span
                      style="font-size: 11pt; font-family: Calibri,
                      sans-serif; color: rgb(31, 73, 125); ">Do you
                      think that is sufficient?<o:p></o:p></span></div>
                  <div style="margin-top: 0in; margin-right: 0in;
                    margin-left: 0in; margin-bottom: 0.0001pt;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; "><span style="font-size: 11pt; font-family:
                      Calibri, sans-serif; color: rgb(31, 73, 125); "><o:p> </o:p></span></div>
                  <div style="margin-top: 0in; margin-right: 0in;
                    margin-left: 0in; margin-bottom: 0.0001pt;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; "><span style="font-size: 11pt; font-family:
                      Calibri, sans-serif; color: rgb(31, 73, 125); "><o:p> </o:p></span></div>
                  <div style="margin-top: 0in; margin-right: 0in;
                    margin-left: 0in; margin-bottom: 0.0001pt;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; "><span style="font-size: 11pt; font-family:
                      Calibri, sans-serif; color: rgb(31, 73, 125); ">Cheers,<o:p></o:p></span></div>
                  <div style="margin-top: 0in; margin-right: 0in;
                    margin-left: 0in; margin-bottom: 0.0001pt;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; "><span style="font-size: 11pt; font-family:
                      Calibri, sans-serif; color: rgb(31, 73, 125); ">Morteza<o:p></o:p></span></div>
                  <div style="margin-top: 0in; margin-right: 0in;
                    margin-left: 0in; margin-bottom: 0.0001pt;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; "><span style="font-size: 11pt; font-family:
                      Calibri, sans-serif; color: rgb(31, 73, 125); "><o:p> </o:p></span></div>
                  <div>
                    <div style="border-right-style: none;
                      border-bottom-style: none; border-left-style:
                      none; border-width: initial; border-color:
                      initial; border-top-style: solid;
                      border-top-color: rgb(181, 196, 223);
                      border-top-width: 1pt; padding-top: 3pt;
                      padding-right: 0in; padding-bottom: 0in;
                      padding-left: 0in; ">
                      <div style="margin-top: 0in; margin-right: 0in;
                        margin-left: 0in; margin-bottom: 0.0001pt;
                        font-size: 12pt; font-family: 'Times New Roman',
                        serif; "><b><span style="font-size: 10pt;
                            font-family: Tahoma, sans-serif; ">From:</span></b><span
                          style="font-size: 10pt; font-family: Tahoma,
                          sans-serif; "><span
                            class="Apple-converted-space"> </span>Phil
                          Hunt [<a class="moz-txt-link-freetext" href="mailto:phil.hunt@oracle.com">mailto:phil.hunt@oracle.com</a>]<span
                            class="Apple-converted-space"> </span><br>
                          <b>Sent:</b><span
                            class="Apple-converted-space"> </span>Thursday,
                          February 23, 2012 3:25 PM<br>
                          <b>To:</b><span class="Apple-converted-space"> </span><a
                            moz-do-not-send="true"
                            href="mailto:scim@ietf.org" style="color:
                            blue; text-decoration: underline; ">scim@ietf.org</a>;
                          Morteza Ansari (moransar)<br>
                          <b>Subject:</b><span
                            class="Apple-converted-space"> </span>Re:
                          [scim] Porposed charter<o:p></o:p></span></div>
                    </div>
                  </div>
                  <div style="margin-top: 0in; margin-right: 0in;
                    margin-left: 0in; margin-bottom: 0.0001pt;
                    font-size: 12pt; font-family: 'Times New Roman',
                    serif; "><o:p> </o:p></div>
                  <div>
                    <div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">Morteza, <o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">Very happy to see the SCIM WG
                          is starting soon!<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">Regarding the charter, I
                          propose that the working group also adopt the
                          following OASIS Provisioning TC documents as
                          input material:<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">* <a moz-do-not-send="true"
                            href="http://wiki.oasis-open.org/provision/restpml"
                            style="color: blue; text-decoration:
                            underline; ">A RESTful Binding to SPML</a> - <a
                            moz-do-not-send="true"
                            href="http://wiki.oasis-open.org/provision/restpml"
                            style="color: blue; text-decoration:
                            underline; ">http://wiki.oasis-open.org/provision/restpml</a><o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">* <a moz-do-not-send="true"
                            href="http://wiki.oasis-open.org/provision/simplest"
                            style="color: blue; text-decoration:
                            underline; ">SIMPLEST: A standard schema for
                            Identity and Access Management</a> - <a
                            moz-do-not-send="true"
                            href="http://wiki.oasis-open.org/provision/simplest"
                            style="color: blue; text-decoration:
                            underline; ">http://wiki.oasis-open.org/provision/simplest</a><o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">These documents can provide
                          some additional implementation insight into
                          the final SCIM WG product.<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">Based on the OASIS
                          Provisioning TC experience, there are some
                          additional cloud requirements that could be
                          added into SCIM 1.0, hopefully in a
                          straightforward, backwards compatible way. <o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">The key items are:<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">* Support for multiple
                          targets within a SCIM service provider<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">* A change to schema
                          introducing a Person entity which for example
                          is associated with one or more User entities.<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">The first item arises out of
                          some practical deployment architecture issues,
                          the latter arises from an attestation issue
                          that arises regarding tracking what user
                          accounts are associated with individuals --
                          especially when they have more than one User
                          account. For those that want to read ahead
                          now, I suggest reading:<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><a moz-do-not-send="true"
href="http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATargetandAccount"
                            style="color: blue; text-decoration:
                            underline; ">http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATargetandAccount</a><o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">I propose to present on these
                          two topics at the BoF and then based on
                          feedback can contribute the content in draft
                          form into the WG for its consideration.<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; ">Regards,<o:p></o:p></div>
                      </div>
                      <div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                      <div>
                        <div>
                          <div>
                            <div>
                              <div>
                                <div>
                                  <div>
                                    <div>
                                      <div style="margin-top: 0in;
                                        margin-right: 0in; margin-left:
                                        0in; margin-bottom: 0.0001pt;
                                        font-size: 12pt; font-family:
                                        'Times New Roman', serif; "><span
                                          style="font-size: 9pt; ">Phil<o:p></o:p></span></div>
                                    </div>
                                    <div>
                                      <div style="margin-top: 0in;
                                        margin-right: 0in; margin-left:
                                        0in; margin-bottom: 0.0001pt;
                                        font-size: 12pt; font-family:
                                        'Times New Roman', serif; "><span
                                          style="font-size: 9pt; "><o:p> </o:p></span></div>
                                    </div>
                                    <div>
                                      <div style="margin-top: 0in;
                                        margin-right: 0in; margin-left:
                                        0in; margin-bottom: 0.0001pt;
                                        font-size: 12pt; font-family:
                                        'Times New Roman', serif; "><span
                                          style="font-size: 9pt; ">@independentid<o:p></o:p></span></div>
                                    </div>
                                    <div>
                                      <div style="margin-top: 0in;
                                        margin-right: 0in; margin-left:
                                        0in; margin-bottom: 0.0001pt;
                                        font-size: 12pt; font-family:
                                        'Times New Roman', serif; "><span
                                          style="font-size: 9pt; "><a
                                            moz-do-not-send="true"
                                            href="http://www.independentid.com/"
                                            style="color: blue;
                                            text-decoration: underline;
                                            ">www.independentid.com</a><o:p></o:p></span></div>
                                    </div>
                                  </div>
                                </div>
                              </div>
                              <p class="MsoNormal" style="margin-top:
                                0in; margin-right: 0in; margin-left:
                                0in; margin-bottom: 12pt; font-size:
                                12pt; font-family: 'Times New Roman',
                                serif; "><a moz-do-not-send="true"
                                  href="mailto:phil.hunt@oracle.com"
                                  style="color: blue; text-decoration:
                                  underline; ">phil.hunt@oracle.com</a><o:p></o:p></p>
                            </div>
                            <div style="margin-top: 0in; margin-right:
                              0in; margin-left: 0in; margin-bottom:
                              0.0001pt; font-size: 12pt; font-family:
                              'Times New Roman', serif; "><o:p> </o:p></div>
                          </div>
                          <div class="MsoNormal" style="margin-top: 0in;
                            margin-right: 0in; margin-left: 0in;
                            margin-bottom: 0.0001pt; font-size: 12pt;
                            font-family: 'Times New Roman', serif;
                            text-align: center; " align="center">
                            <hr align="center" size="2" width="100%"></div>
                          <ul style="margin-bottom: 0in; " type="disc">
                            <li class="MsoNormal" style="margin-top:
                              0in; margin-right: 0in; margin-left: 0in;
                              margin-bottom: 0.0001pt; font-size: 12pt;
                              font-family: 'Times New Roman', serif; "><em><span
                                  style="font-family: Times, serif; ">From</span></em><span
                                style="font-family: Times, serif; ">:
                                "Morteza Ansari (moransar)" &lt;<a
                                  moz-do-not-send="true"
                                  href="mailto:moransar@DOMAIN.HIDDEN"
                                  style="color: blue; text-decoration:
                                  underline; ">moransar at cisco.com</a>&gt;<o:p></o:p></span></li>
                            <li class="MsoNormal" style="margin-top:
                              0in; margin-right: 0in; margin-left: 0in;
                              margin-bottom: 0.0001pt; font-size: 12pt;
                              font-family: 'Times New Roman', serif; "><em><span
                                  style="font-family: Times, serif; ">To</span></em><span
                                style="font-family: Times, serif; ">:
                                &lt;<a moz-do-not-send="true"
                                  href="mailto:scim@DOMAIN.HIDDEN"
                                  style="color: blue; text-decoration:
                                  underline; ">scim at ietf.org</a>&gt;<o:p></o:p></span></li>
                            <li class="MsoNormal" style="margin-top:
                              0in; margin-right: 0in; margin-left: 0in;
                              margin-bottom: 0.0001pt; font-size: 12pt;
                              font-family: 'Times New Roman', serif; "><em><span
                                  style="font-family: Times, serif; ">Date</span></em><span
                                style="font-family: Times, serif; ">:
                                Wed, 8 Feb 2012 21:32:58 -0600<o:p></o:p></span></li>
                            <li class="MsoNormal" style="margin-top:
                              0in; margin-right: 0in; margin-left: 0in;
                              margin-bottom: 0.0001pt; font-size: 12pt;
                              font-family: 'Times New Roman', serif; "><em><span
                                  style="font-family: Times, serif; ">List-id</span></em><span
                                style="font-family: Times, serif; ">:
                                Simple Cloud Identity Management BOF
                                &lt;<a moz-do-not-send="true"
                                  href="http://scim.ietf.org/"
                                  style="color: blue; text-decoration:
                                  underline; ">scim.ietf.org</a>&gt;<o:p></o:p></span></li>
                          </ul>
                          <div class="MsoNormal" style="margin-top: 0in;
                            margin-right: 0in; margin-left: 0in;
                            margin-bottom: 0.0001pt; font-size: 12pt;
                            font-family: 'Times New Roman', serif;
                            text-align: center; " align="center">
                            <hr align="center" size="2" width="100%"></div>
                          <table class="MsoNormalTable" style="width:
                            968px; z-index: auto; " border="0"
                            cellpadding="0" width="100%">
                            <tbody>
                              <tr>
                                <td style="padding-top: 0.75pt;
                                  padding-right: 0.75pt; padding-bottom:
                                  0.75pt; padding-left: 0.75pt; ">
                                  <div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; ">Hi
                                      folks,<o:p></o:p></div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; "> <o:p></o:p></div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; ">Here
                                      is the proposed charter as we
                                      discussed over the cloud-directory
                                      mailing list. Please review and
                                      send your comments.<o:p></o:p></div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; "> <o:p></o:p></div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; "> <o:p></o:p></div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; ">Cheers,<o:p></o:p></div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; ">Morteza<o:p></o:p></div>
                                    <div style="border-top-style: none;
                                      border-right-style: none;
                                      border-left-style: none;
                                      border-width: initial;
                                      border-color: initial;
                                      border-bottom-style: solid;
                                      padding-top: 0in; padding-right:
                                      0in; padding-bottom: 1pt;
                                      padding-left: 0in; border-width:
                                      initial; border-color: initial; ">
                                      <div style="margin-top: 0in;
                                        margin-right: 0in; margin-left:
                                        0in; margin-bottom: 0.0001pt;
                                        font-size: 12pt; font-family:
                                        'Times New Roman', serif; "> <o:p></o:p></div>
                                    </div>
                                    <div style="margin-top: 0in;
                                      margin-right: 0in; margin-left:
                                      0in; margin-bottom: 0.0001pt;
                                      font-size: 12pt; font-family:
                                      'Times New Roman', serif; "> <o:p></o:p></div>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">Simplified
                                        Cloud Identity Management (SCIM)</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">--------------------------------------------------------</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">Charter</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">Current
                                        Status: BOF Request</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">Chair(s):</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">    
                                        TBD1</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">    
                                        TBD2</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">Applications
                                        Area Director(s):</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">   
                                         Pete Resnick &lt;presnick at<span
                                          class="Apple-converted-space"> </span><a
                                          moz-do-not-send="true"
                                          href="http://qualcomm.com/"
                                          style="color: blue;
                                          text-decoration: underline; ">qualcomm.com</a>&gt;</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">     Peter
                                        Saint-Andre &lt;stpeter at
                                        stpeter.im&gt;</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">Mailing
                                        Lists:</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">    
                                        General Discussion: scim at<span
                                          class="Apple-converted-space"> </span><a
                                          moz-do-not-send="true"
                                          href="http://ietf.org/"
                                          style="color: blue;
                                          text-decoration: underline; ">ietf.org</a></span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">    
                                        To Subscribe:    <span
                                          class="Apple-converted-space"> </span><a
                                          moz-do-not-send="true"
                                          href="https://www.ietf.org/mailman/listinfo/scim"
                                          style="color: blue;
                                          text-decoration: underline; ">https://www.ietf.org/mailman/listinfo/scim</a></span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">    
                                        Archive:              <span
                                          class="Apple-converted-space"> </span><a
                                          moz-do-not-send="true"
                                          href="http://www.ietf.org/mail-archive/web/scim/current/maillist.html"
                                          style="color: blue;
                                          text-decoration: underline; ">http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a></span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">Description
                                        of Working Group:</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">The
                                        Simple Cloud Identity Management
                                        (SCIM) specification is designed
                                        to make managing user identity
                                        lifecycle in cloud based
                                        applications and services
                                        easier.</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">The
                                        specification suite seeks to
                                        build upon experience with
                                        existing schemas and
                                        deployments, placing specific
                                        emphasis on simplicity of
                                        development and integration,
                                        while applying existing
                                        authentication, authorization,
                                        and privacy models. Its intent
                                        is to reduce the cost and
                                        complexity of user management
                                        operations by providing a common
                                        user schema and extension model,
                                        as well as binding documents to
                                        provide patterns for exchanging
                                        this schema using standard
                                        protocols.</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">The
                                        group will work to adapt the
                                        SCIM 1.0 specification produced
                                        under the Open Web Foundation
                                        framework (<a
                                          moz-do-not-send="true"
                                          href="http://www.simplecloud.info/"
                                          style="color: blue;
                                          text-decoration: underline; ">http://www.simplecloud.info</a>)
                                        as an IETF technology for
                                        management of user identities in
                                        cloud-based applications.</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">SCIM
                                        1.0 consists of:</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Schema
                                        definition for identity related
                                        objects</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Protocol
                                        definition for accessing and
                                        managing the identity objects</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Binding
                                        of SCIM schema to Security
                                        Assertion Markup Language (SAML)
                                        messages and assertions</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Binding
                                        of SCIM schema to Lightweight
                                        Directory Access Protocol (LDAP)
                                        schema (RFC4519)</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">The
                                        Working Group will produce one
                                        or more documents suitable for
                                        consideration as a Proposed
                                        Standard that will:</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Improve
                                        the terminology used</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Embody
                                        good security practices,
                                        document gaps in its
                                        capabilities, and propose a path
                                        forward for addressing the gaps</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Promote
                                        interoperability</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Provide
                                        guidelines for extensibility</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">SCIM
                                        1.0 will be used as the starting
                                        point. The working group will
                                        strive to retain backward
                                        compatibility with the 1.0
                                        specification. Changes that are
                                        not backwards compatible may be
                                        accepted if the group determines
                                        changes are required to meet the
                                        group's technical objectives and
                                        the group clearly documents the
                                        reasons for making them.</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">The
                                        Working Group should consider:</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Implementer
                                        experience</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">The
                                        end-user experience, including
                                        internationalization</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Existing
                                        uses of SCIM</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Ability
                                        to achieve broad implementation</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Ability
                                        to address broader use cases
                                        than those considered by the
                                        original authors</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0.5in; font-size:
                                      12pt; font-family: 'Times New
                                      Roman', serif; text-indent:
                                      -0.25in; "><span
                                        style="font-family: Symbol;
                                        color: black; ">·</span><span
                                        style="font-size: 7pt; color:
                                        black; ">         </span><span
                                        style="font-family: Times,
                                        serif; color: black; ">Additional
                                        functions or extensions that are
                                        needed to address key security
                                        concerns, cross-area review, and
                                        implementer feedback</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; "> </span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                    <p class="MsoPlainText"
                                      style="margin-right: 0in;
                                      margin-left: 0in; font-size: 12pt;
                                      font-family: 'Times New Roman',
                                      serif; "><span style="font-family:
                                        Times, serif; color: black; ">The
                                        working group will focus on
                                        adapting the core technology
                                        first but work on extensions
                                        will be considered after the
                                        core work is well in hand.</span><span
                                        style="font-family: Times,
                                        serif; "><o:p></o:p></span></p>
                                  </div>
                                </td>
                              </tr>
                            </tbody>
                          </table>
                          <div style="margin-top: 0in; margin-right:
                            0in; margin-left: 0in; margin-bottom:
                            0.0001pt; font-size: 12pt; font-family:
                            'Times New Roman', serif; "><o:p> </o:p></div>
                        </div>
                        <div style="margin-top: 0in; margin-right: 0in;
                          margin-left: 0in; margin-bottom: 0.0001pt;
                          font-size: 12pt; font-family: 'Times New
                          Roman', serif; "><o:p> </o:p></div>
                      </div>
                    </div>
                    <div style="margin-top: 0in; margin-right: 0in;
                      margin-left: 0in; margin-bottom: 0.0001pt;
                      font-size: 12pt; font-family: 'Times New Roman',
                      serif; "><o:p> </o:p></div>
                  </div>
                </div>
                _______________________________________________<br>
                scim mailing list<br>
                <a moz-do-not-send="true" href="mailto:scim@ietf.org"
                  style="color: blue; text-decoration: underline; ">scim@ietf.org</a><br>
                <a moz-do-not-send="true"
                  href="https://www.ietf.org/mailman/listinfo/scim"
                  style="color: blue; text-decoration: underline; ">https://www.ietf.org/mailman/listinfo/scim</a></div>
            </span></blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
scim mailing list
<a class="moz-txt-link-abbreviated" href="mailto:scim@ietf.org">scim@ietf.org</a>
<a class="moz-txt-link-freetext" href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a>
</pre>
    </blockquote>
  </body>
</html>

--------------050305040200030809020005--

From lear@cisco.com  Tue Mar 13 12:38:00 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1CB021F8701 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 12:38:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.557
X-Spam-Level: 
X-Spam-Status: No, score=-110.557 tagged_above=-999 required=5 tests=[AWL=0.041, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JayJbY8fP9Wo for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 12:37:58 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 5B61E21F86FF for <scim@ietf.org>; Tue, 13 Mar 2012 12:37:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=13499; q=dns/txt; s=iport; t=1331667477; x=1332877077; h=message-id:date:from:mime-version:to:cc:subject; bh=hws+U+ZytOCTlL92XER3S30PkZ6vktPnuUImT0RX3jc=; b=DAixECofLXs0/8XCqr4nwED4xN9EqoVIjLBk4KcE9NcCDid7EKoolqkI zUiZeHnti0k01kO+eD6pCaZ0L2hkAp96g7FHqzrWTj1tl3krgUWcj8Eec 6JDVz2/8KwbXQYjS9Us99Nckd8XnZ+DUoWdjDlzfPJRS39R6UEbTU/m6R 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFAKGhX0+Q/khL/2dsb2JhbAA5AQmFOrAxgQeCCwEFAQEPARBLCgEZIwMJCggDAgsDAgECARUfJAEFAgEBBRmHaAuccAGMcZINiigBCIMGghiBFgSRb4NhkCOCZoFb
X-IronPort-AV: E=Sophos;i="4.73,579,1325462400"; d="scan'208,217";a="68392586"
Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-2.cisco.com with ESMTP; 13 Mar 2012 19:37:55 +0000
Received: from dhcp-10-61-99-194.cisco.com (dhcp-10-61-99-194.cisco.com [10.61.99.194]) by ams-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2DJbtKM021866; Tue, 13 Mar 2012 19:37:55 GMT
Message-ID: <4F5FA213.4000600@cisco.com>
Date: Tue, 13 Mar 2012 20:37:55 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: scim@ietf.org
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------000008040301050000000602"
Cc: Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 19:38:00 -0000

This is a multi-part message in MIME format.
--------------000008040301050000000602
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Hi Everyone,

Having read inputs from this list, I am proposing some changes to the
charter.  Most of this is form and not substance,  but there are some
substantial changes.  The purpose of these changes is to bring the
charter in line with most of the others.  Absent these sort of changes,
I am not confident we would get a WG.  Even with these changes, more
work is needed. because what is below is not complete.

What is missing – *and it's important – * are a few additional words
about why we need SCIM.  Why are we holding the darn BoF?  This is not
something that can wait, IMHO, for an Informational document.  Rather,
if there is no clear statement of the problem, I don't see how the IESG
would approve a WG.  So that's what the big XXXXXXX is below.  I've put
some words in, but they are there to demonstrate the point.  PLEASE
propose text.

In addition, my rewording is, in some places, generic.  I would suggest
that more time be spent on what we will – and as importantly –  WON'T
do.  A good charter will scope out more.  What are the critical
functions that need to be done *now*?  If we leave it wide open, then we
run the risk of people shoveling too much in, or blocking on how to
decide where to hold the line and wait til the next round.  So, for
instance, how will we keep the schema from bloating?  Rinse and repeat
with protocol operations.

In addition, it is my anticipation that shortly before – or very quickly
after – our BoF, Internet-Drafts will be posted of the initial
specifications.  Thus you see draft-XXX below.  While the charter need
not – and cannot – be completely finished before the BoF, we should have
it as close as possible.


Please comment now on these changes and any additional changes you would
like to see.

Simple Cloud Identity Management (SCIM)

Chair(s): TBD

Applications Area Director(s):

     Pete Resnick <presnick@qualcomm.com <mailto:presnick@qualcomm.com>> 
     Barry Lieba <???> 

Mailing Lists:
     General Discussion: scim@ietf.org <mailto:scim@ietf.org>
     To Subscribe: https://www.ietf.org/mailman/listinfo/scim
     Archive:      http://www.ietf.org/mail-archive/web/scim/current/maillist.html

 

Description of Working Group:

The Simple Cloud Identity Management (SCIM) specification is designed to 
make managing user identity lifecycle in cloud based applications and 
services easier.

XXXXXXX

So-called CReate Update Delete (CRUD) provisioning operations are often
necessary to ease adoption of new services.  This work builds on tools
such as ldap and SAML 2.0, which are used to provide up-to-date information.
SCIM focuses on the case where an enterprise's ldap service may not be
available to the provider, and SAML cannot provide sufficient context for the
service.  An example would be the provisioning of an of an EMail account so
that it can receive mail before the person has first logged in.

XXXXXXXX

The specification suite seeks to build upon experience with existing 
schemas and deployments, placing specific emphasis on simplicity of 
development and integration, while applying existing authentication, 
authorization, and privacy models. Its intent is to reduce the cost and 
complexity of user management operations by providing a common user 
schema and extension model, as well as binding documents to provide 
patterns for exchanging this schema using standard protocols. In 
addition the working group may consider including managing device 
identities as part of the work adopted by the working group.

The group will use as starting points the following drafts in
the following ways:

	draft-XXX-scim-schema-00 as the a schema specification,
	draft-XXX-scim-protocol-definition-00 as the protocol specification,
	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, and
	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.

These drafts are based on existing specifications. which together are commonly
known as SCIM 1.0.  As such, some consideration should be given for backward
compatibility, as the group evolves the work.  This group will consider,
for and foremost, the operational experience gathered from the existing work.
The group will also consider experiences with work done by other bodies, including
the OASIS Provisioning TC.

The group will produce Proposed Standards for a schema, a protocol,
a SAML binding, and an LDAP binding.  In doing so, the group will make
consistent the terminology, review and improve security of the overall system,
identify any functional gaps that would be useful future work, address
internationalization, and provide guidelines for extensibility (either through
IANA registries or other means).

In its work, the group will decide what additional capabilities should be
included in the initial specification, and what can be addressed at a later time.

However, user, device, and service authentication and authorization
(policy/entitlement) are out of scope for this working group.

Milestones

5/2012    Initial adoption of SCIM core schema
5/2012    Initial adoption of SCIM restful interface draft
5/2012    Initial adoption of SCIM SAML bindings draft
5/2012    Initial adoption of SCIM LDAP mapping draft
9/2012    WGLC SCIM core schema
9/2012    WGLC SCIM restful interface
9/2012    WGLC SCIM SAML bindings
9/2012    WGLC SCIM LDAP mapping
3/2013    Re-charter discussion



--------------000008040301050000000602
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi Everyone,<br>
    <br>
    Having read inputs from this list, I am proposing some changes to
    the charter.  Most of this is form and not substance,  but there are
    some substantial changes.  The purpose of these changes is to bring
    the charter in line with most of the others.  Absent these sort of
    changes, I am not confident we would get a WG.  Even with these
    changes, more work is needed. because what is below is not complete.<br>
    <br>
    What is missing – <b>and it's important – </b> are a few additional
    words about why we need SCIM.  Why are we holding the darn BoF? 
    This is not something that can wait, IMHO, for an Informational
    document.  Rather, if there is no clear statement of the problem, I
    don't see how the IESG would approve a WG.  So that's what the big
    XXXXXXX is below.  I've put some words in, but they are there to
    demonstrate the point.  PLEASE propose text.<br>
    <br>
    In addition, my rewording is, in some places, generic.  I would
    suggest that more time be spent on what we will – and as importantly
    –  WON'T do.  A good charter will scope out more.  What are the
    critical functions that need to be done <b>now</b>?  If we leave it
    wide open, then we run the risk of people shoveling too much in, or
    blocking on how to decide where to hold the line and wait til the
    next round.  So, for instance, how will we keep the schema from
    bloating?  Rinse and repeat with protocol operations.<br>
    <br>
    In addition, it is my anticipation that shortly before – or very
    quickly after – our BoF, Internet-Drafts will be posted of the
    initial specifications.  Thus you see draft-XXX below.  While the
    charter need not – and cannot – be completely finished before the
    BoF, we should have it as close as possible.<br>
    <br>
    <br>
    Please comment now on these changes and any additional changes you
    would like to see.<br>
    <br>
    <pre class="MsoPlainText"><span style="font-family: &quot;Courier New&quot;; color: black;"></span><span style="font-family:&quot;Courier New&quot;;color:black">Simple Cloud Identity Management (SCIM)<o:p></o:p></span></pre>
    <span style="font-family:&quot;Courier New&quot;;color:black"><o:p></o:p></span><span
      style="font-family:&quot;Courier New&quot;;color:black">Chair(s):
      TBD<o:p></o:p></span><span style="font-family:&quot;Courier
      New&quot;;color:black"><o:p></o:p></span>
    <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black"><o:p></o:p>Applications Area Director(s):<o:p></o:p></span></pre>
    <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">     Pete Resnick &lt;<a href="mailto:presnick@qualcomm.com">presnick@qualcomm.com</a>&gt; <o:p></o:p>
     Barry Lieba &lt;???&gt;<o:p> 
</o:p></span></pre>
    <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">Mailing Lists:<o:p></o:p>
     General Discussion: <a href="mailto:scim@ietf.org">scim@ietf.org</a><o:p></o:p>
     To Subscribe: <a href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a><o:p></o:p>
     Archive:      <a href="http://www.ietf.org/mail-archive/web/scim/current/maillist.html">http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a><o:p></o:p></span></pre>
    <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black"><o:p> </o:p></span></pre>
    <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">Description of Working Group:<o:p></o:p></span></pre>
    <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">The Simple Cloud Identity Management (SCIM) specification is designed to 
make managing user identity lifecycle in cloud based applications and 
services easier.

XXXXXXX

So-called CReate Update Delete (CRUD) provisioning operations are often
necessary to ease adoption of new services.  This work builds on tools
such as ldap and SAML 2.0, which are used to provide up-to-date information.
SCIM focuses on the case where an enterprise's ldap service may not be
available to the provider, and SAML cannot provide sufficient context for the
service.  An example would be the provisioning of an of an EMail account so
that it can receive mail before the person has first logged in.

XXXXXXXX
<o:p></o:p></span></pre>
    <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">The specification suite seeks to build upon experience with existing 
schemas and deployments, placing specific emphasis on simplicity of 
development and integration, while applying existing authentication, 
authorization, and privacy models. Its intent is to reduce the cost and 
complexity of user management operations by providing a common user 
schema and extension model, as well as binding documents to provide 
patterns for exchanging this schema using standard protocols. In 
addition the working group may consider including managing device 
identities as part of the work adopted by the working group.<o:p></o:p></span></pre>
    <pre class="MsoPlainText"><span style="font-family: &quot;Courier New&quot;; color: black;">The group will use as starting points the following drafts in
the following ways:

	draft-XXX-scim-schema-00 as the a schema specification,
	draft-XXX-scim-protocol-definition-00 as the protocol specification,
	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, and
	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.

These drafts are based on existing specifications. which together are commonly
known as SCIM 1.0.  As such, some consideration should be given for backward
compatibility, as the group evolves the work.</span><span style="font-family:&quot;Courier New&quot;;color:black">  This group will consider,
for and foremost, the operational experience gathered from the existing work.
The group will also consider experiences with work done by other bodies, including
the OASIS Provisioning TC.</span>
<span style="font-family:&quot;Courier New&quot;;color:black">
The group will produce Proposed Standards for a schema, a protocol,
a SAML binding, and an LDAP binding.  In doing so, the group will make
consistent the terminology, review and improve security of the overall system,
identify any functional gaps that would be useful future work, address
internationalization, and provide guidelines for extensibility (either through
IANA registries or other means).

In its work, the group will decide what additional capabilities should be
included in the initial specification, and what can be addressed at a later time.
<o:p>
However, </o:p>user, device, and service authentication and authorization
(policy/entitlement) are out of scope for this working group.

Milestones

5/2012    Initial adoption of SCIM core schema
5/2012    Initial adoption of SCIM restful interface draft
5/2012    Initial adoption of SCIM SAML bindings draft
5/2012    Initial adoption of SCIM LDAP mapping draft
9/2012    WGLC SCIM core schema
9/2012    WGLC SCIM restful interface
9/2012    WGLC SCIM SAML bindings
9/2012    WGLC SCIM LDAP mapping
3/2013    Re-charter discussion

</span></pre>
  </body>
</html>

--------------000008040301050000000602--

From phil.hunt@oracle.com  Tue Mar 13 12:56:27 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3E6121F8644 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 12:56:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.199
X-Spam-Level: 
X-Spam-Status: No, score=-10.199 tagged_above=-999 required=5 tests=[AWL=0.399, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qCp2k9hHQVsz for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 12:56:26 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id F2CCF21F863E for <scim@ietf.org>; Tue, 13 Mar 2012 12:56:25 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2DJuG2h031755 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 13 Mar 2012 19:56:17 GMT
Received: from acsmt357.oracle.com (acsmt357.oracle.com [141.146.40.157]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2DJuFpF015756 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Mar 2012 19:56:16 GMT
Received: from abhmt116.oracle.com (abhmt116.oracle.com [141.146.116.68]) by acsmt357.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2DJuFpn021824; Tue, 13 Mar 2012 14:56:15 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 13 Mar 2012 12:56:15 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_31445394-D6C2-4BF8-8DEA-8C377024C7FF"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <4F5FA213.4000600@cisco.com>
Date: Tue, 13 Mar 2012 12:56:13 -0700
Message-Id: <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com>
References: <4F5FA213.4000600@cisco.com>
To: Eliot Lear <lear@cisco.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
X-CT-RefId: str=0001.0A090207.4F5FA661.00B2,ss=1,re=-2.300,fgs=0
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 19:56:27 -0000

--Apple-Mail=_31445394-D6C2-4BF8-8DEA-8C377024C7FF
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

Eliot,

I propose the following change to the WG Description:

From:
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make managing user identity lifecycle in cloud based applications and=20=

> services easier.
To:
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make managing user identity lifecycle in one or more applications and=20=

> services easier between client organizations and cloud based service =
providers.

The change above is subtle but of critical importance to cloud providers =
(many who are not yet active in the group) who host many services.

It is probably important to site the location of the SCIM 1.0 =
specification which is published externally to IETF as well as the =
re-published drafts under IETF.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-13, at 12:37 PM, Eliot Lear wrote:

> Hi Everyone,
>=20
> Having read inputs from this list, I am proposing some changes to the =
charter.  Most of this is form and not substance,  but there are some =
substantial changes.  The purpose of these changes is to bring the =
charter in line with most of the others.  Absent these sort of changes, =
I am not confident we would get a WG.  Even with these changes, more =
work is needed. because what is below is not complete.
>=20
> What is missing =96 and it's important =96  are a few additional words =
about why we need SCIM.  Why are we holding the darn BoF?  This is not =
something that can wait, IMHO, for an Informational document.  Rather, =
if there is no clear statement of the problem, I don't see how the IESG =
would approve a WG.  So that's what the big XXXXXXX is below.  I've put =
some words in, but they are there to demonstrate the point.  PLEASE =
propose text.
>=20
> In addition, my rewording is, in some places, generic.  I would =
suggest that more time be spent on what we will =96 and as importantly =96=
  WON'T do.  A good charter will scope out more.  What are the critical =
functions that need to be done now?  If we leave it wide open, then we =
run the risk of people shoveling too much in, or blocking on how to =
decide where to hold the line and wait til the next round.  So, for =
instance, how will we keep the schema from bloating?  Rinse and repeat =
with protocol operations.
>=20
> In addition, it is my anticipation that shortly before =96 or very =
quickly after =96 our BoF, Internet-Drafts will be posted of the initial =
specifications.  Thus you see draft-XXX below.  While the charter need =
not =96 and cannot =96 be completely finished before the BoF, we should =
have it as close as possible.
>=20
>=20
> Please comment now on these changes and any additional changes you =
would like to see.
>=20
> Simple Cloud Identity Management (SCIM)
> Chair(s): TBD
> Applications Area Director(s):
>      Pete Resnick <presnick@qualcomm.com>=20
>      Barry Lieba <???>=20
> Mailing Lists:
>      General Discussion: scim@ietf.org
>      To Subscribe: https://www.ietf.org/mailman/listinfo/scim
>      Archive:      =
http://www.ietf.org/mail-archive/web/scim/current/maillist.html
> =20
> Description of Working Group:
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make managing user identity lifecycle in cloud based applications and=20=

> services easier.
>=20
> XXXXXXX
>=20
> So-called CReate Update Delete (CRUD) provisioning operations are =
often
> necessary to ease adoption of new services.  This work builds on tools
> such as ldap and SAML 2.0, which are used to provide up-to-date =
information.
> SCIM focuses on the case where an enterprise's ldap service may not be
> available to the provider, and SAML cannot provide sufficient context =
for the
> service.  An example would be the provisioning of an of an EMail =
account so
> that it can receive mail before the person has first logged in.
>=20
> XXXXXXXX
> The specification suite seeks to build upon experience with existing=20=

> schemas and deployments, placing specific emphasis on simplicity of=20
> development and integration, while applying existing authentication,=20=

> authorization, and privacy models. Its intent is to reduce the cost =
and=20
> complexity of user management operations by providing a common user=20
> schema and extension model, as well as binding documents to provide=20
> patterns for exchanging this schema using standard protocols. In=20
> addition the working group may consider including managing device=20
> identities as part of the work adopted by the working group.
> The group will use as starting points the following drafts in
> the following ways:
>=20
> 	draft-XXX-scim-schema-00 as the a schema specification,
> 	draft-XXX-scim-protocol-definition-00 as the protocol =
specification,
> 	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to =
SAML, and
> 	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to =
LDAP.
>=20
> These drafts are based on existing specifications. which together are =
commonly
> known as SCIM 1.0.  As such, some consideration should be given for =
backward
> compatibility, as the group evolves the work.  This group will =
consider,
> for and foremost, the operational experience gathered from the =
existing work.
> The group will also consider experiences with work done by other =
bodies, including
> the OASIS Provisioning TC.
>=20
> The group will produce Proposed Standards for a schema, a protocol,
> a SAML binding, and an LDAP binding.  In doing so, the group will make
> consistent the terminology, review and improve security of the overall =
system,
> identify any functional gaps that would be useful future work, address
> internationalization, and provide guidelines for extensibility (either =
through
> IANA registries or other means).
>=20
> In its work, the group will decide what additional capabilities should =
be
> included in the initial specification, and what can be addressed at a =
later time.
>=20
> However, user, device, and service authentication and authorization
> (policy/entitlement) are out of scope for this working group.
>=20
> Milestones
>=20
> 5/2012    Initial adoption of SCIM core schema
> 5/2012    Initial adoption of SCIM restful interface draft
> 5/2012    Initial adoption of SCIM SAML bindings draft
> 5/2012    Initial adoption of SCIM LDAP mapping draft
> 9/2012    WGLC SCIM core schema
> 9/2012    WGLC SCIM restful interface
> 9/2012    WGLC SCIM SAML bindings
> 9/2012    WGLC SCIM LDAP mapping
> 3/2013    Re-charter discussion
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_31445394-D6C2-4BF8-8DEA-8C377024C7FF
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><div><span class=3D"Apple-style-span" style=3D"border-collapse: =
separate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; orphans: 2; =
text-indent: 0px; text-transform: none; white-space: normal; widows: 2; =
word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; orphans: 2; =
text-indent: 0px; text-transform: none; white-space: normal; widows: 2; =
word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; orphans: 2; =
text-indent: 0px; text-transform: none; white-space: normal; widows: 2; =
word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><div><div><div>Eliot,</div><div><br></div><div>I =
propose the following change to the WG =
Description:</div><div><br></div><div>From:</div><div><blockquote =
type=3D"cite"><div bgcolor=3D"#FFFFFF" text=3D"#000000"><pre =
class=3D"MsoPlainText"><span style=3D"font-family: 'Courier New'; color: =
black; ">The Simple Cloud Identity Management (SCIM) specification is =
designed to=20
make managing user identity lifecycle in cloud based applications and=20
services =
easier.</span></pre></div></blockquote><div>To:</div></div><div><blockquot=
e type=3D"cite"><div bgcolor=3D"#FFFFFF" text=3D"#000000"><pre =
class=3D"MsoPlainText"><span style=3D"font-family: 'Courier New'; color: =
black; ">The Simple Cloud Identity Management (SCIM) specification is =
designed to=20
make managing user identity lifecycle in one or more applications and=20
services easier between client organizations and cloud based service =
providers.</span></pre></div></blockquote><div><br></div></div><div>The =
change above is subtle but of critical importance to cloud providers =
(many who are not yet active in the group) who host many =
services.</div><div><br></div><div>It is probably important to site the =
location of the SCIM 1.0 specification which is published externally to =
IETF as well as the re-published drafts under =
IETF.</div><div><br></div><div>Phil</div><div style=3D"font-size: 12px; =
"><br></div><div style=3D"font-size: 12px; ">@independentid</div><div =
style=3D"font-size: 12px; "><a =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2012-03-13, at 12:37 PM, Eliot Lear wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite">
 =20

    <meta http-equiv=3D"content-type" content=3D"text/html; =
charset=3DUTF-8">
 =20
  <div bgcolor=3D"#FFFFFF" text=3D"#000000">
    Hi Everyone,<br>
    <br>
    Having read inputs from this list, I am proposing some changes to
    the charter.&nbsp; Most of this is form and not substance,&nbsp; but =
there are
    some substantial changes.&nbsp; The purpose of these changes is to =
bring
    the charter in line with most of the others.&nbsp; Absent these sort =
of
    changes, I am not confident we would get a WG.&nbsp; Even with these
    changes, more work is needed. because what is below is not =
complete.<br>
    <br>
    What is missing =96 <b>and it's important =96&nbsp;</b> are a few =
additional
    words about why we need SCIM.&nbsp; Why are we holding the darn =
BoF?&nbsp;
    This is not something that can wait, IMHO, for an Informational
    document.&nbsp; Rather, if there is no clear statement of the =
problem, I
    don't see how the IESG would approve a WG.&nbsp; So that's what the =
big
    XXXXXXX is below.&nbsp; I've put some words in, but they are there =
to
    demonstrate the point.&nbsp; PLEASE propose text.<br>
    <br>
    In addition, my rewording is, in some places, generic.&nbsp; I would
    suggest that more time be spent on what we will =96 and as =
importantly
    =96&nbsp; WON'T do.&nbsp; A good charter will scope out more.&nbsp; =
What are the
    critical functions that need to be done <b>now</b>?&nbsp; If we =
leave it
    wide open, then we run the risk of people shoveling too much in, or
    blocking on how to decide where to hold the line and wait til the
    next round.&nbsp; So, for instance, how will we keep the schema from
    bloating?&nbsp; Rinse and repeat with protocol operations.<br>
    <br>
    In addition, it is my anticipation that shortly before =96 or very
    quickly after =96 our BoF, Internet-Drafts will be posted of the
    initial specifications.&nbsp; Thus you see draft-XXX below.&nbsp; =
While the
    charter need not =96 and cannot =96 be completely finished before =
the
    BoF, we should have it as close as possible.<br>
    <br>
    <br>
    Please comment now on these changes and any additional changes you
    would like to see.<br>
    <br>
    <pre class=3D"MsoPlainText"><span style=3D"font-family: =
&quot;Courier New&quot;; color: black;"></span><span =
style=3D"font-family:&quot;Courier New&quot;;color:black">Simple Cloud =
Identity Management (SCIM)<o:p></o:p></span></pre>
    <span style=3D"font-family:&quot;Courier =
New&quot;;color:black"><o:p></o:p></span><span =
style=3D"font-family:&quot;Courier New&quot;;color:black">Chair(s):
      TBD<o:p></o:p></span><span style=3D"font-family:&quot;Courier
      New&quot;;color:black"><o:p></o:p></span>
    <pre class=3D"MsoPlainText"><span style=3D"font-family:&quot;Courier =
New&quot;;color:black"><o:p></o:p>Applications Area =
Director(s):<o:p></o:p></span></pre>
    <pre class=3D"MsoPlainText"><span style=3D"font-family:&quot;Courier =
New&quot;;color:black">&nbsp;&nbsp;&nbsp; &nbsp;Pete Resnick &lt;<a =
href=3D"mailto:presnick@qualcomm.com">presnick@qualcomm.com</a>&gt; =
<o:p></o:p>
&nbsp;&nbsp;&nbsp;&nbsp; Barry Lieba &lt;???&gt;<o:p>=20
</o:p></span></pre>
    <pre class=3D"MsoPlainText"><span style=3D"font-family:&quot;Courier =
New&quot;;color:black">Mailing Lists:<o:p></o:p>
&nbsp;&nbsp;&nbsp;&nbsp; General Discussion: <a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><o:p></o:p>
&nbsp;&nbsp;&nbsp;&nbsp; To Subscribe: <a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/m=
ailman/listinfo/scim</a><o:p></o:p>
&nbsp;&nbsp;&nbsp;&nbsp; Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a =
href=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html">h=
ttp://www.ietf.org/mail-archive/web/scim/current/maillist.html</a><o:p></o=
:p></span></pre>
    <pre class=3D"MsoPlainText"><span style=3D"font-family:&quot;Courier =
New&quot;;color:black"><o:p>&nbsp;</o:p></span></pre>
    <pre class=3D"MsoPlainText"><span style=3D"font-family:&quot;Courier =
New&quot;;color:black">Description of Working =
Group:<o:p></o:p></span></pre>
    <pre class=3D"MsoPlainText"><span style=3D"font-family:&quot;Courier =
New&quot;;color:black">The Simple Cloud Identity Management (SCIM) =
specification is designed to=20
make managing user identity lifecycle in cloud based applications and=20
services easier.

XXXXXXX

So-called CReate Update Delete (CRUD) provisioning operations are often
necessary to ease adoption of new services.  This work builds on tools
such as ldap and SAML 2.0, which are used to provide up-to-date =
information.
SCIM focuses on the case where an enterprise's ldap service may not be
available to the provider, and SAML cannot provide sufficient context =
for the
service.  An example would be the provisioning of an of an EMail account =
so
that it can receive mail before the person has first logged in.

XXXXXXXX
<o:p></o:p></span></pre>
    <pre class=3D"MsoPlainText"><span style=3D"font-family:&quot;Courier =
New&quot;;color:black">The specification suite seeks to build upon =
experience with existing=20
schemas and deployments, placing specific emphasis on simplicity of=20
development and integration, while applying existing authentication,=20
authorization, and privacy models. Its intent is to reduce the cost and=20=

complexity of user management operations by providing a common user=20
schema and extension model, as well as binding documents to provide=20
patterns for exchanging this schema using standard protocols. In=20
addition the working group may consider including managing device=20
identities as part of the work adopted by the working =
group.<o:p></o:p></span></pre>
    <pre class=3D"MsoPlainText"><span style=3D"font-family: =
&quot;Courier New&quot;; color: black;">The group will use as starting =
points the following drafts in
the following ways:

	draft-XXX-scim-schema-00 as the a schema specification,
	draft-XXX-scim-protocol-definition-00 as the protocol =
specification,
	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to =
SAML, and
	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to =
LDAP.

These drafts are based on existing specifications. which together are =
commonly
known as SCIM 1.0.  As such, some consideration should be given for =
backward
compatibility, as the group evolves the work.</span><span =
style=3D"font-family:&quot;Courier New&quot;;color:black">  This group =
will consider,
for and foremost, the operational experience gathered from the existing =
work.
The group will also consider experiences with work done by other bodies, =
including
the OASIS Provisioning TC.</span>
<span style=3D"font-family:&quot;Courier New&quot;;color:black">
The group will produce Proposed Standards for a schema, a protocol,
a SAML binding, and an LDAP binding.  In doing so, the group will make
consistent the terminology, review and improve security of the overall =
system,
identify any functional gaps that would be useful future work, address
internationalization, and provide guidelines for extensibility (either =
through
IANA registries or other means).

In its work, the group will decide what additional capabilities should =
be
included in the initial specification, and what can be addressed at a =
later time.
<o:p>
However, </o:p>user, device, and service authentication and =
authorization
(policy/entitlement) are out of scope for this working group.

Milestones

5/2012    Initial adoption of SCIM core schema
5/2012    Initial adoption of SCIM restful interface draft
5/2012    Initial adoption of SCIM SAML bindings draft
5/2012    Initial adoption of SCIM LDAP mapping draft
9/2012    WGLC SCIM core schema
9/2012    WGLC SCIM restful interface
9/2012    WGLC SCIM SAML bindings
9/2012    WGLC SCIM LDAP mapping
3/2013    Re-charter discussion

</span></pre>
  </div>

_______________________________________________<br>scim mailing =
list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></body></html>=

--Apple-Mail=_31445394-D6C2-4BF8-8DEA-8C377024C7FF--

From mphmmr@gmail.com  Tue Mar 13 13:06:32 2012
Return-Path: <mphmmr@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E9E721F86AB for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:06:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.497
X-Spam-Level: 
X-Spam-Status: No, score=-3.497 tagged_above=-999 required=5 tests=[AWL=0.101,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gIv8AaBNVGIG for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:06:30 -0700 (PDT)
Received: from mail-lb0-f172.google.com (mail-lb0-f172.google.com [209.85.217.172]) by ietfa.amsl.com (Postfix) with ESMTP id D35FB21F86AA for <scim@ietf.org>; Tue, 13 Mar 2012 13:06:29 -0700 (PDT)
Received: by lbol12 with SMTP id l12so526618lbo.31 for <scim@ietf.org>; Tue, 13 Mar 2012 13:06:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=tLBv6yeThhZHPWgtgjmaqEa8p3crN3VB2m4qUsLLG18=; b=zi2IiVysVNf1e4xhgl6WgAl2d+71HlDr6hNkJOpKbZhB+J/KfwuA8EmC4HbPnf3lhN i5jeYP6oChPtnB408iKEEMXi2PAqwoMf3/VpOQgRql0ZCVLWcKSwua1hiGke5BQk32rj oZAU2MmAv/lpw7c8CIxXbOzaB3aZYsSVRwpOlRSWUQGj3z+leiiq8OhWoDVGZqgxugGo wrXY+NOVlR2LqiM6JoZLGFxAafMFF7uqtqtg4q59cizjCLepOw48O6xVzn1HE9oVX28X Ygm78X1MlogDjE6fSa5++BJ3qh1ZEwMcNJobCp8jRmsGXK1bktRHiFdVCm+PbEQqOizI JYlQ==
MIME-Version: 1.0
Received: by 10.112.38.37 with SMTP id d5mr6713252lbk.5.1331669188812; Tue, 13 Mar 2012 13:06:28 -0700 (PDT)
Received: by 10.112.76.196 with HTTP; Tue, 13 Mar 2012 13:06:28 -0700 (PDT)
In-Reply-To: <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com>
Date: Tue, 13 Mar 2012 16:06:28 -0400
Message-ID: <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com>
From: Michael Hammer <mphmmr@gmail.com>
To: Phil Hunt <phil.hunt@oracle.com>
Content-Type: multipart/alternative; boundary=e0cb4efe2ec4f51fd604bb2564c2
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>, Eliot Lear <lear@cisco.com>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 20:06:32 -0000

--e0cb4efe2ec4f51fd604bb2564c2
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Phil,

So, this manages identities of cloud customers who may want to push a SaaS
application into the cloud,
AND allows management of the users of the SaaS application which are
customers of the enterprise versus the cloud provider?

Mike


On Tue, Mar 13, 2012 at 3:56 PM, Phil Hunt <phil.hunt@oracle.com> wrote:

> Eliot,
>
> I propose the following change to the WG Description:
>
> From:
>
> The Simple Cloud Identity Management (SCIM) specification is designed to
> make managing user identity lifecycle in cloud based applications and
> services easier.
>
> To:
>
> The Simple Cloud Identity Management (SCIM) specification is designed to
> make managing user identity lifecycle in one or more applications and
> services easier between client organizations and cloud based service prov=
iders.
>
>
> The change above is subtle but of critical importance to cloud providers
> (many who are not yet active in the group) who host many services.
>
> It is probably important to site the location of the SCIM 1.0
> specification which is published externally to IETF as well as the
> re-published drafts under IETF.
>
> Phil
>
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>
>
>
>
>
> On 2012-03-13, at 12:37 PM, Eliot Lear wrote:
>
>  Hi Everyone,
>
> Having read inputs from this list, I am proposing some changes to the
> charter.  Most of this is form and not substance,  but there are some
> substantial changes.  The purpose of these changes is to bring the charte=
r
> in line with most of the others.  Absent these sort of changes, I am not
> confident we would get a WG.  Even with these changes, more work is neede=
d.
> because what is below is not complete.
>
> What is missing =96 *and it's important =96 * are a few additional words
> about why we need SCIM.  Why are we holding the darn BoF?  This is not
> something that can wait, IMHO, for an Informational document.  Rather, if
> there is no clear statement of the problem, I don't see how the IESG woul=
d
> approve a WG.  So that's what the big XXXXXXX is below.  I've put some
> words in, but they are there to demonstrate the point.  PLEASE propose te=
xt.
>
> In addition, my rewording is, in some places, generic.  I would suggest
> that more time be spent on what we will =96 and as importantly =96  WON'T=
 do.
> A good charter will scope out more.  What are the critical functions that
> need to be done *now*?  If we leave it wide open, then we run the risk of
> people shoveling too much in, or blocking on how to decide where to hold
> the line and wait til the next round.  So, for instance, how will we keep
> the schema from bloating?  Rinse and repeat with protocol operations.
>
> In addition, it is my anticipation that shortly before =96 or very quickl=
y
> after =96 our BoF, Internet-Drafts will be posted of the initial
> specifications.  Thus you see draft-XXX below.  While the charter need no=
t
> =96 and cannot =96 be completely finished before the BoF, we should have =
it as
> close as possible.
>
>
> Please comment now on these changes and any additional changes you would
> like to see.
>
> Simple Cloud Identity Management (SCIM)****
>
> ****Chair(s): TBD********
>
> ****Applications Area Director(s):****
>
>      Pete Resnick <presnick@qualcomm.com> ****
>      Barry Lieba <???>** **
>
> Mailing Lists:****
>      General Discussion: scim@ietf.org****
>      To Subscribe: https://www.ietf.org/mailman/listinfo/scim****
>      Archive:      http://www.ietf.org/mail-archive/web/scim/current/mail=
list.html****
>
> ** **
>
> Description of Working Group:****
>
> The Simple Cloud Identity Management (SCIM) specification is designed to
> make managing user identity lifecycle in cloud based applications and
> services easier.
>
> XXXXXXX
>
> So-called CReate Update Delete (CRUD) provisioning operations are often
> necessary to ease adoption of new services.  This work builds on tools
> such as ldap and SAML 2.0, which are used to provide up-to-date informati=
on.
> SCIM focuses on the case where an enterprise's ldap service may not be
> available to the provider, and SAML cannot provide sufficient context for=
 the
> service.  An example would be the provisioning of an of an EMail account =
so
> that it can receive mail before the person has first logged in.
>
> XXXXXXXX****
>
> The specification suite seeks to build upon experience with existing
> schemas and deployments, placing specific emphasis on simplicity of
> development and integration, while applying existing authentication,
> authorization, and privacy models. Its intent is to reduce the cost and
> complexity of user management operations by providing a common user
> schema and extension model, as well as binding documents to provide
> patterns for exchanging this schema using standard protocols. In
> addition the working group may consider including managing device
> identities as part of the work adopted by the working group.****
>
> The group will use as starting points the following drafts in
> the following ways:
>
> 	draft-XXX-scim-schema-00 as the a schema specification,
> 	draft-XXX-scim-protocol-definition-00 as the protocol specification,
> 	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, and
> 	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.
>
> These drafts are based on existing specifications. which together are com=
monly
> known as SCIM 1.0.  As such, some consideration should be given for backw=
ard
> compatibility, as the group evolves the work.  This group will consider,
> for and foremost, the operational experience gathered from the existing w=
ork.
> The group will also consider experiences with work done by other bodies, =
including
> the OASIS Provisioning TC.
> The group will produce Proposed Standards for a schema, a protocol,
> a SAML binding, and an LDAP binding.  In doing so, the group will make
> consistent the terminology, review and improve security of the overall sy=
stem,
> identify any functional gaps that would be useful future work, address
> internationalization, and provide guidelines for extensibility (either th=
rough
> IANA registries or other means).
>
> In its work, the group will decide what additional capabilities should be
> included in the initial specification, and what can be addressed at a lat=
er time.**
> However, **user, device, and service authentication and authorization
> (policy/entitlement) are out of scope for this working group.
>
> Milestones
>
> 5/2012    Initial adoption of SCIM core schema
> 5/2012    Initial adoption of SCIM restful interface draft
> 5/2012    Initial adoption of SCIM SAML bindings draft
> 5/2012    Initial adoption of SCIM LDAP mapping draft
> 9/2012    WGLC SCIM core schema
> 9/2012    WGLC SCIM restful interface
> 9/2012    WGLC SCIM SAML bindings
> 9/2012    WGLC SCIM LDAP mapping
> 3/2013    Re-charter discussion
>
>
>  _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>
>

--e0cb4efe2ec4f51fd604bb2564c2
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Phil,<div><br></div><div>So, this manages identities of cloud customers who=
 may want to push a SaaS application into the cloud,</div><div>AND allows m=
anagement of the users of the SaaS application which are customers of the e=
nterprise versus the cloud provider?</div>
<div><br></div><div>Mike</div><div><br><br><div class=3D"gmail_quote">On Tu=
e, Mar 13, 2012 at 3:56 PM, Phil Hunt <span dir=3D"ltr">&lt;<a href=3D"mail=
to:phil.hunt@oracle.com">phil.hunt@oracle.com</a>&gt;</span> wrote:<br><blo=
ckquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #c=
cc solid;padding-left:1ex">
<div style=3D"word-wrap:break-word"><div><span style=3D"line-height:normal;=
text-indent:0px;border-collapse:separate;letter-spacing:normal;font-variant=
:normal;text-transform:none;font-style:normal;white-space:normal;font-famil=
y:Helvetica;font-weight:normal;word-spacing:0px"><span style=3D"line-height=
:normal;text-indent:0px;border-collapse:separate;letter-spacing:normal;font=
-variant:normal;text-transform:none;font-style:normal;white-space:normal;fo=
nt-family:Helvetica;font-weight:normal;word-spacing:0px"><div style=3D"word=
-wrap:break-word">
<span style=3D"line-height:normal;text-indent:0px;border-collapse:separate;=
letter-spacing:normal;font-variant:normal;text-transform:none;font-style:no=
rmal;white-space:normal;font-family:Helvetica;font-weight:normal;word-spaci=
ng:0px"><div style=3D"word-wrap:break-word">
<span style=3D"line-height:normal;text-indent:0px;border-collapse:separate;=
letter-spacing:normal;font-variant:normal;text-transform:none;font-style:no=
rmal;white-space:normal;font-family:Helvetica;font-weight:normal;word-spaci=
ng:0px"><div style=3D"word-wrap:break-word">
<div><div><div>Eliot,</div><div><br></div><div>I propose the following chan=
ge to the WG Description:</div><div><br></div><div>From:</div><div><div cla=
ss=3D"im"><blockquote type=3D"cite"><div bgcolor=3D"#FFFFFF" text=3D"#00000=
0"><pre>
<span style=3D"font-family:&#39;Courier New&#39;">The Simple Cloud Identity=
 Management (SCIM) specification is designed to=20
make managing user identity lifecycle in cloud based applications and=20
services easier.</span></pre></div></blockquote></div><div>To:</div></div><=
div><blockquote type=3D"cite"><div bgcolor=3D"#FFFFFF" text=3D"#000000"><pr=
e><span style=3D"font-family:&#39;Courier New&#39;">The Simple Cloud Identi=
ty Management (SCIM) specification is designed to=20
make managing user identity lifecycle in one or more applications and=20
services easier between client organizations and cloud based service provid=
ers.</span></pre></div></blockquote><div><br></div></div><div>The change ab=
ove is subtle but of critical importance to cloud providers (many who are n=
ot yet active in the group) who host many services.</div>
<div><br></div><div>It is probably important to site the location of the SC=
IM 1.0 specification which is published externally to IETF as well as the r=
e-published drafts under IETF.</div><div><br></div><div>Phil</div><div styl=
e=3D"font-size:12px">
<br></div><div style=3D"font-size:12px">@independentid</div><div style=3D"f=
ont-size:12px"><a href=3D"http://www.independentid.com" target=3D"_blank">w=
ww.independentid.com</a></div></div></div></div></span><a href=3D"mailto:ph=
il.hunt@oracle.com" target=3D"_blank">phil.hunt@oracle.com</a><br>
<br></div></span><br></div></span><br></span><br>
</div>
<br><div><div><div class=3D"h5"><div>On 2012-03-13, at 12:37 PM, Eliot Lear=
 wrote:</div><br></div></div><blockquote type=3D"cite"><div><div class=3D"h=
5">
 =20

   =20
 =20
  <div bgcolor=3D"#FFFFFF" text=3D"#000000">
    Hi Everyone,<br>
    <br>
    Having read inputs from this list, I am proposing some changes to
    the charter.=A0 Most of this is form and not substance,=A0 but there ar=
e
    some substantial changes.=A0 The purpose of these changes is to bring
    the charter in line with most of the others.=A0 Absent these sort of
    changes, I am not confident we would get a WG.=A0 Even with these
    changes, more work is needed. because what is below is not complete.<br=
>
    <br>
    What is missing =96 <b>and it&#39;s important =96=A0</b> are a few addi=
tional
    words about why we need SCIM.=A0 Why are we holding the darn BoF?=A0
    This is not something that can wait, IMHO, for an Informational
    document.=A0 Rather, if there is no clear statement of the problem, I
    don&#39;t see how the IESG would approve a WG.=A0 So that&#39;s what th=
e big
    XXXXXXX is below.=A0 I&#39;ve put some words in, but they are there to
    demonstrate the point.=A0 PLEASE propose text.<br>
    <br>
    In addition, my rewording is, in some places, generic.=A0 I would
    suggest that more time be spent on what we will =96 and as importantly
    =96=A0 WON&#39;T do.=A0 A good charter will scope out more.=A0 What are=
 the
    critical functions that need to be done <b>now</b>?=A0 If we leave it
    wide open, then we run the risk of people shoveling too much in, or
    blocking on how to decide where to hold the line and wait til the
    next round.=A0 So, for instance, how will we keep the schema from
    bloating?=A0 Rinse and repeat with protocol operations.<br>
    <br>
    In addition, it is my anticipation that shortly before =96 or very
    quickly after =96 our BoF, Internet-Drafts will be posted of the
    initial specifications.=A0 Thus you see draft-XXX below.=A0 While the
    charter need not =96 and cannot =96 be completely finished before the
    BoF, we should have it as close as possible.<br>
    <br>
    <br>
    Please comment now on these changes and any additional changes you
    would like to see.<br>
    <br>
    <pre><span style=3D"font-family:&quot;Courier New&quot;"></span><span s=
tyle=3D"font-family:&quot;Courier New&quot;">Simple Cloud Identity Manageme=
nt (SCIM)<u></u><u></u></span></pre>
    <span style=3D"font-family:&quot;Courier New&quot;"><u></u><u></u></spa=
n><span style=3D"font-family:&quot;Courier New&quot;">Chair(s):
      TBD<u></u><u></u></span><span><u></u><u></u></span>
    <pre><span style=3D"font-family:&quot;Courier New&quot;"><u></u><u></u>=
Applications Area Director(s):<u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">=A0=A0=A0 =A0P=
ete Resnick &lt;<a href=3D"mailto:presnick@qualcomm.com" target=3D"_blank">=
presnick@qualcomm.com</a>&gt; <u></u><u></u>
=A0=A0=A0=A0 Barry Lieba &lt;???&gt;<u></u>=20
<u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">Mailing Lists:=
<u></u><u></u>
=A0=A0=A0=A0 General Discussion: <a href=3D"mailto:scim@ietf.org" target=3D=
"_blank">scim@ietf.org</a><u></u><u></u>
=A0=A0=A0=A0 To Subscribe: <a href=3D"https://www.ietf.org/mailman/listinfo=
/scim" target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim</a><u><=
/u><u></u>
=A0=A0=A0=A0 Archive:=A0=A0=A0=A0=A0 <a href=3D"http://www.ietf.org/mail-ar=
chive/web/scim/current/maillist.html" target=3D"_blank">http://www.ietf.org=
/mail-archive/web/scim/current/maillist.html</a><u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;"><u></u>=A0<u><=
/u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">Description of=
 Working Group:<u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">The Simple Clo=
ud Identity Management (SCIM) specification is designed to=20
make managing user identity lifecycle in cloud based applications and=20
services easier.

XXXXXXX

So-called CReate Update Delete (CRUD) provisioning operations are often
necessary to ease adoption of new services.  This work builds on tools
such as ldap and SAML 2.0, which are used to provide up-to-date information=
.
SCIM focuses on the case where an enterprise&#39;s ldap service may not be
available to the provider, and SAML cannot provide sufficient context for t=
he
service.  An example would be the provisioning of an of an EMail account so
that it can receive mail before the person has first logged in.

XXXXXXXX
<u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">The specificat=
ion suite seeks to build upon experience with existing=20
schemas and deployments, placing specific emphasis on simplicity of=20
development and integration, while applying existing authentication,=20
authorization, and privacy models. Its intent is to reduce the cost and=20
complexity of user management operations by providing a common user=20
schema and extension model, as well as binding documents to provide=20
patterns for exchanging this schema using standard protocols. In=20
addition the working group may consider including managing device=20
identities as part of the work adopted by the working group.<u></u><u></u><=
/span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">The group will=
 use as starting points the following drafts in
the following ways:

	draft-XXX-scim-schema-00 as the a schema specification,
	draft-XXX-scim-protocol-definition-00 as the protocol specification,
	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, and
	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.

These drafts are based on existing specifications. which together are commo=
nly
known as SCIM 1.0.  As such, some consideration should be given for backwar=
d
compatibility, as the group evolves the work.</span><span style=3D"font-fam=
ily:&quot;Courier New&quot;">  This group will consider,
for and foremost, the operational experience gathered from the existing wor=
k.
The group will also consider experiences with work done by other bodies, in=
cluding
the OASIS Provisioning TC.</span>
<span style=3D"font-family:&quot;Courier New&quot;">
The group will produce Proposed Standards for a schema, a protocol,
a SAML binding, and an LDAP binding.  In doing so, the group will make
consistent the terminology, review and improve security of the overall syst=
em,
identify any functional gaps that would be useful future work, address
internationalization, and provide guidelines for extensibility (either thro=
ugh
IANA registries or other means).

In its work, the group will decide what additional capabilities should be
included in the initial specification, and what can be addressed at a later=
 time.
<u></u>
However, <u></u>user, device, and service authentication and authorization
(policy/entitlement) are out of scope for this working group.

Milestones

5/2012    Initial adoption of SCIM core schema
5/2012    Initial adoption of SCIM restful interface draft
5/2012    Initial adoption of SCIM SAML bindings draft
5/2012    Initial adoption of SCIM LDAP mapping draft
9/2012    WGLC SCIM core schema
9/2012    WGLC SCIM restful interface
9/2012    WGLC SCIM SAML bindings
9/2012    WGLC SCIM LDAP mapping
3/2013    Re-charter discussion

</span></pre>
  </div></div></div>

_______________________________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org</a><br><a hre=
f=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">https://=
www.ietf.org/mailman/listinfo/scim</a><br>
</blockquote></div><br></div><br>__________________________________________=
_____<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><br>
<br></blockquote></div><br></div>

--e0cb4efe2ec4f51fd604bb2564c2--

From phil.hunt@oracle.com  Tue Mar 13 13:19:06 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6B6521F851D for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:19:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.232
X-Spam-Level: 
X-Spam-Status: No, score=-10.232 tagged_above=-999 required=5 tests=[AWL=0.366, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z9MvAnHw6Zfe for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:19:05 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 207A221F851A for <scim@ietf.org>; Tue, 13 Mar 2012 13:19:05 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2DKImWT029415 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 13 Mar 2012 20:18:49 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2DKIlAh016283 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Mar 2012 20:18:48 GMT
Received: from abhmt113.oracle.com (abhmt113.oracle.com [141.146.116.65]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2DKIlXN032321; Tue, 13 Mar 2012 15:18:47 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 13 Mar 2012 13:18:47 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_2BFCDC4E-28D3-4539-9A82-CEEFF755EBAD"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com>
Date: Tue, 13 Mar 2012 13:18:45 -0700
Message-Id: <06FF5A31-6EAC-4652-BD52-1E79BF98BE3F@oracle.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com>
To: Michael Hammer <mphmmr@gmail.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
X-CT-RefId: str=0001.0A090202.4F5FABAA.008D,ss=1,re=-2.300,fgs=0
Cc: scim@ietf.org, Eliot Lear <lear@cisco.com>, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 20:19:06 -0000

--Apple-Mail=_2BFCDC4E-28D3-4539-9A82-CEEFF755EBAD
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

Sure.  I was more thinking about how an enterprise provisions employees, =
customers, etc to places like AOL, Amazon, Google, Oracle Cloud, etc etc =
who run one or more services.=20

As a totally hypothetical example, how would I provision 'Ann' to be set =
up on Google Docs, Calendar, and e-mail?  Is this done through a SCIM =
call to a Google Directory endpoint, or is this done directly to =
specific app endpoints?=20

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-13, at 1:06 PM, Michael Hammer wrote:

> Phil,
>=20
> So, this manages identities of cloud customers who may want to push a =
SaaS application into the cloud,
> AND allows management of the users of the SaaS application which are =
customers of the enterprise versus the cloud provider?
>=20
> Mike
>=20
>=20
> On Tue, Mar 13, 2012 at 3:56 PM, Phil Hunt <phil.hunt@oracle.com> =
wrote:
> Eliot,
>=20
> I propose the following change to the WG Description:
>=20
> From:
>> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
>> make managing user identity lifecycle in cloud based applications and=20=

>> services easier.
>=20
> To:
>> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
>> make managing user identity lifecycle in one or more applications and=20=

>> services easier between client organizations and cloud based service =
providers.
>=20
> The change above is subtle but of critical importance to cloud =
providers (many who are not yet active in the group) who host many =
services.
>=20
> It is probably important to site the location of the SCIM 1.0 =
specification which is published externally to IETF as well as the =
re-published drafts under IETF.
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> On 2012-03-13, at 12:37 PM, Eliot Lear wrote:
>=20
>> Hi Everyone,
>>=20
>> Having read inputs from this list, I am proposing some changes to the =
charter.  Most of this is form and not substance,  but there are some =
substantial changes.  The purpose of these changes is to bring the =
charter in line with most of the others.  Absent these sort of changes, =
I am not confident we would get a WG.  Even with these changes, more =
work is needed. because what is below is not complete.
>>=20
>> What is missing =96 and it's important =96  are a few additional =
words about why we need SCIM.  Why are we holding the darn BoF?  This is =
not something that can wait, IMHO, for an Informational document.  =
Rather, if there is no clear statement of the problem, I don't see how =
the IESG would approve a WG.  So that's what the big XXXXXXX is below.  =
I've put some words in, but they are there to demonstrate the point.  =
PLEASE propose text.
>>=20
>> In addition, my rewording is, in some places, generic.  I would =
suggest that more time be spent on what we will =96 and as importantly =96=
  WON'T do.  A good charter will scope out more.  What are the critical =
functions that need to be done now?  If we leave it wide open, then we =
run the risk of people shoveling too much in, or blocking on how to =
decide where to hold the line and wait til the next round.  So, for =
instance, how will we keep the schema from bloating?  Rinse and repeat =
with protocol operations.
>>=20
>> In addition, it is my anticipation that shortly before =96 or very =
quickly after =96 our BoF, Internet-Drafts will be posted of the initial =
specifications.  Thus you see draft-XXX below.  While the charter need =
not =96 and cannot =96 be completely finished before the BoF, we should =
have it as close as possible.
>>=20
>>=20
>> Please comment now on these changes and any additional changes you =
would like to see.
>>=20
>> Simple Cloud Identity Management (SCIM)
>> Chair(s): TBD
>> Applications Area Director(s):
>>      Pete Resnick <presnick@qualcomm.com>=20
>>      Barry Lieba <???>=20
>> Mailing Lists:
>>      General Discussion: scim@ietf.org
>>      To Subscribe: https://www.ietf.org/mailman/listinfo/scim
>>      Archive:      =
http://www.ietf.org/mail-archive/web/scim/current/maillist.html
>> =20
>> Description of Working Group:
>> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
>> make managing user identity lifecycle in cloud based applications and=20=

>> services easier.
>>=20
>> XXXXXXX
>>=20
>> So-called CReate Update Delete (CRUD) provisioning operations are =
often
>> necessary to ease adoption of new services.  This work builds on =
tools
>> such as ldap and SAML 2.0, which are used to provide up-to-date =
information.
>> SCIM focuses on the case where an enterprise's ldap service may not =
be
>> available to the provider, and SAML cannot provide sufficient context =
for the
>> service.  An example would be the provisioning of an of an EMail =
account so
>> that it can receive mail before the person has first logged in.
>>=20
>> XXXXXXXX
>> The specification suite seeks to build upon experience with existing=20=

>> schemas and deployments, placing specific emphasis on simplicity of=20=

>> development and integration, while applying existing authentication,=20=

>> authorization, and privacy models. Its intent is to reduce the cost =
and=20
>> complexity of user management operations by providing a common user=20=

>> schema and extension model, as well as binding documents to provide=20=

>> patterns for exchanging this schema using standard protocols. In=20
>> addition the working group may consider including managing device=20
>> identities as part of the work adopted by the working group.
>> The group will use as starting points the following drafts in
>> the following ways:
>>=20
>> 	draft-XXX-scim-schema-00 as the a schema specification,
>> 	draft-XXX-scim-protocol-definition-00 as the protocol =
specification,
>> 	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to =
SAML, and
>> 	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to =
LDAP.
>>=20
>> These drafts are based on existing specifications. which together are =
commonly
>> known as SCIM 1.0.  As such, some consideration should be given for =
backward
>> compatibility, as the group evolves the work.  This group will =
consider,
>> for and foremost, the operational experience gathered from the =
existing work.
>> The group will also consider experiences with work done by other =
bodies, including
>> the OASIS Provisioning TC.
>>=20
>> The group will produce Proposed Standards for a schema, a protocol,
>> a SAML binding, and an LDAP binding.  In doing so, the group will =
make
>> consistent the terminology, review and improve security of the =
overall system,
>> identify any functional gaps that would be useful future work, =
address
>> internationalization, and provide guidelines for extensibility =
(either through
>> IANA registries or other means).
>>=20
>> In its work, the group will decide what additional capabilities =
should be
>> included in the initial specification, and what can be addressed at a =
later time.
>>=20
>> However, user, device, and service authentication and authorization
>> (policy/entitlement) are out of scope for this working group.
>>=20
>> Milestones
>>=20
>> 5/2012    Initial adoption of SCIM core schema
>> 5/2012    Initial adoption of SCIM restful interface draft
>> 5/2012    Initial adoption of SCIM SAML bindings draft
>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>> 9/2012    WGLC SCIM core schema
>> 9/2012    WGLC SCIM restful interface
>> 9/2012    WGLC SCIM SAML bindings
>> 9/2012    WGLC SCIM LDAP mapping
>> 3/2013    Re-charter discussion
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_2BFCDC4E-28D3-4539-9A82-CEEFF755EBAD
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Sure. =
&nbsp;I was more thinking about how an enterprise provisions employees, =
customers, etc to places like AOL, Amazon, Google, Oracle Cloud, etc etc =
who run one or more services.&nbsp;<div><br></div><div>As a totally =
hypothetical example, how would I provision 'Ann' to be set up on Google =
Docs, Calendar, and e-mail? &nbsp;Is this done through a SCIM call to a =
Google Directory endpoint, or is this done directly to specific app =
endpoints?&nbsp;<div><div><br></div><div><span class=3D"Apple-style-span" =
style=3D"font-size: 12px; ">Phil</span></div><div><div><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: =
normal; font-weight: normal; letter-spacing: normal; line-height: =
normal; orphans: 2; text-align: auto; text-indent: 0px; text-transform: =
none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><br></div><div>@independentid</div><div><a =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2012-03-13, at 1:06 PM, Michael Hammer wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite">Phil,<div><br></div><div>So, this manages identities of =
cloud customers who may want to push a SaaS application into the =
cloud,</div><div>AND allows management of the users of the SaaS =
application which are customers of the enterprise versus the cloud =
provider?</div>
<div><br></div><div>Mike</div><div><br><br><div class=3D"gmail_quote">On =
Tue, Mar 13, 2012 at 3:56 PM, Phil Hunt <span dir=3D"ltr">&lt;<a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a>&gt;</span> =
wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 =
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style=3D"word-wrap:break-word"><div><span =
style=3D"line-height:normal;text-indent:0px;border-collapse:separate;lette=
r-spacing:normal;font-variant:normal;text-transform:none;font-style:normal=
;white-space:normal;font-family:Helvetica;font-weight:normal;word-spacing:=
0px"><span =
style=3D"line-height:normal;text-indent:0px;border-collapse:separate;lette=
r-spacing:normal;font-variant:normal;text-transform:none;font-style:normal=
;white-space:normal;font-family:Helvetica;font-weight:normal;word-spacing:=
0px"><div style=3D"word-wrap:break-word">
<span =
style=3D"line-height:normal;text-indent:0px;border-collapse:separate;lette=
r-spacing:normal;font-variant:normal;text-transform:none;font-style:normal=
;white-space:normal;font-family:Helvetica;font-weight:normal;word-spacing:=
0px"><div style=3D"word-wrap:break-word">
<span =
style=3D"line-height:normal;text-indent:0px;border-collapse:separate;lette=
r-spacing:normal;font-variant:normal;text-transform:none;font-style:normal=
;white-space:normal;font-family:Helvetica;font-weight:normal;word-spacing:=
0px"><div style=3D"word-wrap:break-word">
<div><div><div>Eliot,</div><div><br></div><div>I propose the following =
change to the WG =
Description:</div><div><br></div><div>From:</div><div><div =
class=3D"im"><blockquote type=3D"cite"><div bgcolor=3D"#FFFFFF" =
text=3D"#000000"><pre><span style=3D"font-family:'Courier New'">The =
Simple Cloud Identity Management (SCIM) specification is designed to=20
make managing user identity lifecycle in cloud based applications and=20
services =
easier.</span></pre></div></blockquote></div><div>To:</div></div><div><blo=
ckquote type=3D"cite"><div bgcolor=3D"#FFFFFF" text=3D"#000000"><pre><span=
 style=3D"font-family:'Courier New'">The Simple Cloud Identity =
Management (SCIM) specification is designed to=20
make managing user identity lifecycle in one or more applications and=20
services easier between client organizations and cloud based service =
providers.</span></pre></div></blockquote><div><br></div></div><div>The =
change above is subtle but of critical importance to cloud providers =
(many who are not yet active in the group) who host many services.</div>
<div><br></div><div>It is probably important to site the location of the =
SCIM 1.0 specification which is published externally to IETF as well as =
the re-published drafts under =
IETF.</div><div><br></div><div>Phil</div><div style=3D"font-size:12px">
<br></div><div style=3D"font-size:12px">@independentid</div><div =
style=3D"font-size:12px"><a href=3D"http://www.independentid.com/" =
target=3D"_blank">www.independentid.com</a></div></div></div></div></span>=
<a href=3D"mailto:phil.hunt@oracle.com" =
target=3D"_blank">phil.hunt@oracle.com</a><br>
<br></div></span><br></div></span><br></span><br>
</div>
<br><div><div><div class=3D"h5"><div>On 2012-03-13, at 12:37 PM, Eliot =
Lear wrote:</div><br></div></div><blockquote type=3D"cite"><div><div =
class=3D"h5">
 =20

   =20
 =20
  <div bgcolor=3D"#FFFFFF" text=3D"#000000">
    Hi Everyone,<br>
    <br>
    Having read inputs from this list, I am proposing some changes to
    the charter.&nbsp; Most of this is form and not substance,&nbsp; but =
there are
    some substantial changes.&nbsp; The purpose of these changes is to =
bring
    the charter in line with most of the others.&nbsp; Absent these sort =
of
    changes, I am not confident we would get a WG.&nbsp; Even with these
    changes, more work is needed. because what is below is not =
complete.<br>
    <br>
    What is missing =96 <b>and it's important =96&nbsp;</b> are a few =
additional
    words about why we need SCIM.&nbsp; Why are we holding the darn =
BoF?&nbsp;
    This is not something that can wait, IMHO, for an Informational
    document.&nbsp; Rather, if there is no clear statement of the =
problem, I
    don't see how the IESG would approve a WG.&nbsp; So that's what the =
big
    XXXXXXX is below.&nbsp; I've put some words in, but they are there =
to
    demonstrate the point.&nbsp; PLEASE propose text.<br>
    <br>
    In addition, my rewording is, in some places, generic.&nbsp; I would
    suggest that more time be spent on what we will =96 and as =
importantly
    =96&nbsp; WON'T do.&nbsp; A good charter will scope out more.&nbsp; =
What are the
    critical functions that need to be done <b>now</b>?&nbsp; If we =
leave it
    wide open, then we run the risk of people shoveling too much in, or
    blocking on how to decide where to hold the line and wait til the
    next round.&nbsp; So, for instance, how will we keep the schema from
    bloating?&nbsp; Rinse and repeat with protocol operations.<br>
    <br>
    In addition, it is my anticipation that shortly before =96 or very
    quickly after =96 our BoF, Internet-Drafts will be posted of the
    initial specifications.&nbsp; Thus you see draft-XXX below.&nbsp; =
While the
    charter need not =96 and cannot =96 be completely finished before =
the
    BoF, we should have it as close as possible.<br>
    <br>
    <br>
    Please comment now on these changes and any additional changes you
    would like to see.<br>
    <br>
    <pre><span style=3D"font-family:&quot;Courier =
New&quot;"></span><span style=3D"font-family:&quot;Courier =
New&quot;">Simple Cloud Identity Management =
(SCIM)<u></u><u></u></span></pre>
    <span style=3D"font-family:&quot;Courier =
New&quot;"><u></u><u></u></span><span style=3D"font-family:&quot;Courier =
New&quot;">Chair(s):
      TBD<u></u><u></u></span><span><u></u><u></u></span>
    <pre><span style=3D"font-family:&quot;Courier =
New&quot;"><u></u><u></u>Applications Area =
Director(s):<u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier =
New&quot;">&nbsp;&nbsp;&nbsp; &nbsp;Pete Resnick &lt;<a =
href=3D"mailto:presnick@qualcomm.com" =
target=3D"_blank">presnick@qualcomm.com</a>&gt; <u></u><u></u>
&nbsp;&nbsp;&nbsp;&nbsp; Barry Lieba &lt;???&gt;<u></u>=20
<u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">Mailing =
Lists:<u></u><u></u>
&nbsp;&nbsp;&nbsp;&nbsp; General Discussion: <a =
href=3D"mailto:scim@ietf.org" =
target=3D"_blank">scim@ietf.org</a><u></u><u></u>
&nbsp;&nbsp;&nbsp;&nbsp; To Subscribe: <a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" =
target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim</a><u></u><u>=
</u>
&nbsp;&nbsp;&nbsp;&nbsp; Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a =
href=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html" =
target=3D"_blank">http://www.ietf.org/mail-archive/web/scim/current/mailli=
st.html</a><u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier =
New&quot;"><u></u>&nbsp;<u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">Description =
of Working Group:<u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">The Simple =
Cloud Identity Management (SCIM) specification is designed to=20
make managing user identity lifecycle in cloud based applications and=20
services easier.

XXXXXXX

So-called CReate Update Delete (CRUD) provisioning operations are often
necessary to ease adoption of new services.  This work builds on tools
such as ldap and SAML 2.0, which are used to provide up-to-date =
information.
SCIM focuses on the case where an enterprise's ldap service may not be
available to the provider, and SAML cannot provide sufficient context =
for the
service.  An example would be the provisioning of an of an EMail account =
so
that it can receive mail before the person has first logged in.

XXXXXXXX
<u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">The =
specification suite seeks to build upon experience with existing=20
schemas and deployments, placing specific emphasis on simplicity of=20
development and integration, while applying existing authentication,=20
authorization, and privacy models. Its intent is to reduce the cost and=20=

complexity of user management operations by providing a common user=20
schema and extension model, as well as binding documents to provide=20
patterns for exchanging this schema using standard protocols. In=20
addition the working group may consider including managing device=20
identities as part of the work adopted by the working =
group.<u></u><u></u></span></pre>
    <pre><span style=3D"font-family:&quot;Courier New&quot;">The group =
will use as starting points the following drafts in
the following ways:

	draft-XXX-scim-schema-00 as the a schema specification,
	draft-XXX-scim-protocol-definition-00 as the protocol =
specification,
	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to =
SAML, and
	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to =
LDAP.

These drafts are based on existing specifications. which together are =
commonly
known as SCIM 1.0.  As such, some consideration should be given for =
backward
compatibility, as the group evolves the work.</span><span =
style=3D"font-family:&quot;Courier New&quot;">  This group will =
consider,
for and foremost, the operational experience gathered from the existing =
work.
The group will also consider experiences with work done by other bodies, =
including
the OASIS Provisioning TC.</span>
<span style=3D"font-family:&quot;Courier New&quot;">
The group will produce Proposed Standards for a schema, a protocol,
a SAML binding, and an LDAP binding.  In doing so, the group will make
consistent the terminology, review and improve security of the overall =
system,
identify any functional gaps that would be useful future work, address
internationalization, and provide guidelines for extensibility (either =
through
IANA registries or other means).

In its work, the group will decide what additional capabilities should =
be
included in the initial specification, and what can be addressed at a =
later time.
<u></u>
However, <u></u>user, device, and service authentication and =
authorization
(policy/entitlement) are out of scope for this working group.

Milestones

5/2012    Initial adoption of SCIM core schema
5/2012    Initial adoption of SCIM restful interface draft
5/2012    Initial adoption of SCIM SAML bindings draft
5/2012    Initial adoption of SCIM LDAP mapping draft
9/2012    WGLC SCIM core schema
9/2012    WGLC SCIM restful interface
9/2012    WGLC SCIM SAML bindings
9/2012    WGLC SCIM LDAP mapping
3/2013    Re-charter discussion

</span></pre>
  </div></div></div>

_______________________________________________<br>scim mailing =
list<br><a href=3D"mailto:scim@ietf.org" =
target=3D"_blank">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" =
target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim</a><br>
=
</blockquote></div><br></div><br>_________________________________________=
______<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" =
target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim</a><br>
<br></blockquote></div><br></div>
_______________________________________________<br>scim mailing =
list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></div></div></div></body></h=
tml>=

--Apple-Mail=_2BFCDC4E-28D3-4539-9A82-CEEFF755EBAD--

From prvs=412d8a981=Mark.Diodati@gartner.com  Tue Mar 13 13:25:56 2012
Return-Path: <prvs=412d8a981=Mark.Diodati@gartner.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB8B721E8012 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:25:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.299
X-Spam-Level: 
X-Spam-Status: No, score=-6.299 tagged_above=-999 required=5 tests=[AWL=0.300,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pknO1j3WNr3V for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:25:52 -0700 (PDT)
Received: from zinc-main.gartner.com (zinc-main.gartner.com [207.140.148.90]) by ietfa.amsl.com (Postfix) with ESMTP id 79BDF21F860F for <scim@ietf.org>; Tue, 13 Mar 2012 13:25:51 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqAEAAmsX08KQCMK/2dsb2JhbAA5AQmCRbQuggkBAQEEAQEBRiUbAgEIEQQBAQsCCQsHByEGCxQHAQEFAwIEEwgBiAy7W4lCZgEIgwaCS2MEkW+DYYsrhHiCZYFc
X-IronPort-AV: E=Sophos;i="4.73,579,1325480400"; d="scan'208,217";a="72235155"
From: "Diodati,Mark" <Mark.Diodati@gartner.com>
To: "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] Propose reshape of charter
Thread-Index: AQHNAVaNsBHjcgK210WnM/tHVCkvhJZoqyaQ
Date: Tue, 13 Mar 2012 20:25:48 +0000
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com>
In-Reply-To: <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.127.2.129]
Content-Type: multipart/alternative; boundary="_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD3D15Altaentgartnerc_"
MIME-Version: 1.0
Message-Id: <20120313202551.79BDF21F860F@ietfa.amsl.com>
Subject: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 20:25:56 -0000

--_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD3D15Altaentgartnerc_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

It seems to me that Phil's proposed change to the description are in line w=
ith his request to add support for multiple targets a la SPML. The latter r=
equest has not been accepted (AFAIK) by the BoF. Before accepting changes t=
o the description, should the BoF first decide about the multi-target funct=
ionality?

Mark

From: Michael Hammer [mailto:mphmmr@gmail.com]
Sent: Tuesday, March 13, 2012 3:06 PM
To: Phil Hunt
Cc: scim@ietf.org; Peter Saint-Andre; Eliot Lear; Steven M. Bellovin
Subject: Re: [scim] Propose reshape of charter

Phil,

So, this manages identities of cloud customers who may want to push a SaaS =
application into the cloud,
AND allows management of the users of the SaaS application which are custom=
ers of the enterprise versus the cloud provider?

Mike

On Tue, Mar 13, 2012 at 3:56 PM, Phil Hunt <phil.hunt@oracle.com<mailto:phi=
l.hunt@oracle.com>> wrote:
Eliot,

I propose the following change to the WG Description:

From:



The Simple Cloud Identity Management (SCIM) specification is designed to

make managing user identity lifecycle in cloud based applications and

services easier.
To:

The Simple Cloud Identity Management (SCIM) specification is designed to

make managing user identity lifecycle in one or more applications and

services easier between client organizations and cloud based service provid=
ers.

The change above is subtle but of critical importance to cloud providers (m=
any who are not yet active in the group) who host many services.

It is probably important to site the location of the SCIM 1.0 specification=
 which is published externally to IETF as well as the re-published drafts u=
nder IETF.

Phil

@independentid
www.independentid.com<http://www.independentid.com>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>



On 2012-03-13, at 12:37 PM, Eliot Lear wrote:

Hi Everyone,

Having read inputs from this list, I am proposing some changes to the chart=
er.  Most of this is form and not substance,  but there are some substantia=
l changes.  The purpose of these changes is to bring the charter in line wi=
th most of the others.  Absent these sort of changes, I am not confident we=
 would get a WG.  Even with these changes, more work is needed. because wha=
t is below is not complete.

What is missing - and it's important -  are a few additional words about wh=
y we need SCIM.  Why are we holding the darn BoF?  This is not something th=
at can wait, IMHO, for an Informational document.  Rather, if there is no c=
lear statement of the problem, I don't see how the IESG would approve a WG.=
  So that's what the big XXXXXXX is below.  I've put some words in, but the=
y are there to demonstrate the point.  PLEASE propose text.

In addition, my rewording is, in some places, generic.  I would suggest tha=
t more time be spent on what we will - and as importantly -  WON'T do.  A g=
ood charter will scope out more.  What are the critical functions that need=
 to be done now?  If we leave it wide open, then we run the risk of people =
shoveling too much in, or blocking on how to decide where to hold the line =
and wait til the next round.  So, for instance, how will we keep the schema=
 from bloating?  Rinse and repeat with protocol operations.

In addition, it is my anticipation that shortly before - or very quickly af=
ter - our BoF, Internet-Drafts will be posted of the initial specifications=
.  Thus you see draft-XXX below.  While the charter need not - and cannot -=
 be completely finished before the BoF, we should have it as close as possi=
ble.


Please comment now on these changes and any additional changes you would li=
ke to see.

Simple Cloud Identity Management (SCIM)
Chair(s): TBD

Applications Area Director(s):

     Pete Resnick <presnick@qualcomm.com<mailto:presnick@qualcomm.com>>

     Barry Lieba <???>

Mailing Lists:

     General Discussion: scim@ietf.org<mailto:scim@ietf.org>

     To Subscribe: https://www.ietf.org/mailman/listinfo/scim

     Archive:      http://www.ietf.org/mail-archive/web/scim/current/mailli=
st.html



Description of Working Group:

The Simple Cloud Identity Management (SCIM) specification is designed to

make managing user identity lifecycle in cloud based applications and

services easier.



XXXXXXX



So-called CReate Update Delete (CRUD) provisioning operations are often

necessary to ease adoption of new services.  This work builds on tools

such as ldap and SAML 2.0, which are used to provide up-to-date information=
.

SCIM focuses on the case where an enterprise's ldap service may not be

available to the provider, and SAML cannot provide sufficient context for t=
he

service.  An example would be the provisioning of an of an EMail account so

that it can receive mail before the person has first logged in.



XXXXXXXX

The specification suite seeks to build upon experience with existing

schemas and deployments, placing specific emphasis on simplicity of

development and integration, while applying existing authentication,

authorization, and privacy models. Its intent is to reduce the cost and

complexity of user management operations by providing a common user

schema and extension model, as well as binding documents to provide

patterns for exchanging this schema using standard protocols. In

addition the working group may consider including managing device

identities as part of the work adopted by the working group.

The group will use as starting points the following drafts in

the following ways:



  draft-XXX-scim-schema-00 as the a schema specification,

  draft-XXX-scim-protocol-definition-00 as the protocol specification,

  draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, and

  draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.



These drafts are based on existing specifications. which together are commo=
nly

known as SCIM 1.0.  As such, some consideration should be given for backwar=
d

compatibility, as the group evolves the work.  This group will consider,

for and foremost, the operational experience gathered from the existing wor=
k.

The group will also consider experiences with work done by other bodies, in=
cluding

the OASIS Provisioning TC.



The group will produce Proposed Standards for a schema, a protocol,

a SAML binding, and an LDAP binding.  In doing so, the group will make

consistent the terminology, review and improve security of the overall syst=
em,

identify any functional gaps that would be useful future work, address

internationalization, and provide guidelines for extensibility (either thro=
ugh

IANA registries or other means).



In its work, the group will decide what additional capabilities should be

included in the initial specification, and what can be addressed at a later=
 time.



However, user, device, and service authentication and authorization

(policy/entitlement) are out of scope for this working group.



Milestones



5/2012    Initial adoption of SCIM core schema

5/2012    Initial adoption of SCIM restful interface draft

5/2012    Initial adoption of SCIM SAML bindings draft

5/2012    Initial adoption of SCIM LDAP mapping draft

9/2012    WGLC SCIM core schema

9/2012    WGLC SCIM restful interface

9/2012    WGLC SCIM SAML bindings

9/2012    WGLC SCIM LDAP mapping

3/2013    Re-charter discussion


_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


________________________________

This e-mail message, including any attachments, is for the sole use of the =
person to whom it has been sent, and may contain information that is confid=
ential or legally protected. If you are not the intended recipient or have =
received this message in error, you are not authorized to copy, distribute,=
 or otherwise use this message or its attachments. Please notify the sender=
 immediately by return e-mail and permanently delete this message and any a=
ttachments. Gartner makes no warranty that this e-mail is error or virus fr=
ee.

--_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD3D15Altaentgartnerc_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<style>
<!--
@font-face
	{font-family:Helvetica}
@font-face
	{font-family:Helvetica}
@font-face
	{font-family:Calibri}
@font-face
	{font-family:Tahoma}
@font-face
	{font-family:Consolas}
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif"}
a:link, span.MsoHyperlink
	{color:blue;
	text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
	{color:purple;
	text-decoration:underline}
pre
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New"}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif"}
span.HTMLPreformattedChar
	{font-family:"Consolas","serif"}
span.BalloonTextChar
	{font-family:"Tahoma","sans-serif"}
span.EmailStyle21
	{font-family:"Calibri","sans-serif";
	color:#1F497D}
.MsoChpDefault
	{font-family:"Calibri","sans-serif"}
@page WordSection1
	{margin:1.0in 1.0in 1.0in 1.0in}
div.WordSection1
	{}
-->
</style>
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt; font-family:&quot;C=
alibri&quot;,&quot;sans-serif&quot;; color:#1F497D">It seems to me that Phi=
l&#8217;s proposed change to the description are in line with his request t=
o add support for multiple targets a la SPML. The latter request
 has not been accepted (AFAIK) by the BoF. Before accepting changes to the =
description, should the BoF first decide about the multi-target functionali=
ty?</span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt; font-family:&quot;C=
alibri&quot;,&quot;sans-serif&quot;; color:#1F497D">&nbsp;</span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt; font-family:&quot;C=
alibri&quot;,&quot;sans-serif&quot;; color:#1F497D">Mark</span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt; font-family:&quot;C=
alibri&quot;,&quot;sans-serif&quot;; color:#1F497D">&nbsp;</span></p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt; font-family:&quo=
t;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-=
size:10.0pt; font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> Michae=
l Hammer [mailto:mphmmr@gmail.com]
<br>
<b>Sent:</b> Tuesday, March 13, 2012 3:06 PM<br>
<b>To:</b> Phil Hunt<br>
<b>Cc:</b> scim@ietf.org; Peter Saint-Andre; Eliot Lear; Steven M. Bellovin=
<br>
<b>Subject:</b> Re: [scim] Propose reshape of charter</span></p>
<p class=3D"MsoNormal">&nbsp;</p>
<p class=3D"MsoNormal">Phil,</p>
<div>
<p class=3D"MsoNormal">&nbsp;</p>
</div>
<div>
<p class=3D"MsoNormal">So, this manages identities of cloud customers who m=
ay want to push a SaaS application into the cloud,</p>
</div>
<div>
<p class=3D"MsoNormal">AND allows management of the users of the SaaS appli=
cation which are customers of the enterprise versus the cloud provider?</p>
</div>
<div>
<p class=3D"MsoNormal">&nbsp;</p>
</div>
<div>
<p class=3D"MsoNormal">Mike</p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt">&nbsp;</p>
<div>
<p class=3D"MsoNormal">On Tue, Mar 13, 2012 at 3:56 PM, Phil Hunt &lt;<a hr=
ef=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a>&gt; wrote:</p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">Eliot,</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">&nbsp;</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">I propose the following change to the WG Description:<=
/span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">&nbsp;</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">From:</span></p>
</div>
<div>
<div>
<blockquote style=3D"margin-top:5.0pt; margin-bottom:5.0pt">
<div>
<pre>&nbsp;</pre>
<pre>The Simple Cloud Identity Management (SCIM) specification is designed =
to </pre>
<pre>make managing user identity lifecycle in cloud based applications and =
</pre>
<pre>services easier.</pre>
</div>
</blockquote>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">To:</span></p>
</div>
</div>
<div>
<blockquote style=3D"margin-top:5.0pt; margin-bottom:5.0pt">
<div>
<pre>The Simple Cloud Identity Management (SCIM) specification is designed =
to </pre>
<pre>make managing user identity lifecycle in one or more applications and =
</pre>
<pre>services easier between client organizations and cloud based service p=
roviders.</pre>
</div>
</blockquote>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">&nbsp;</span></p>
</div>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">The change above is subtle but of critical importance =
to cloud providers (many who are not yet active in the group) who host many=
 services.</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">&nbsp;</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">It is probably important to site the location of the S=
CIM 1.0 specification which is published externally to IETF as well as the =
re-published drafts under IETF.</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">&nbsp;</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">Phil</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt; font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt; font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;">@independentid</span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt; font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;"><a href=3D"http://www.independentid.c=
om" target=3D"_blank">www.independentid.com</a></span></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-f=
amily:&quot;Helvetica&quot;,&quot;sans-serif&quot;"><a href=3D"mailto:phil.=
hunt@oracle.com" target=3D"_blank">phil.hunt@oracle.com</a></span></p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Helvetica&quot;,&qu=
ot;sans-serif&quot;">&nbsp;</span></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt">&nbsp;</p>
</div>
<p class=3D"MsoNormal">&nbsp;</p>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal">On 2012-03-13, at 12:37 PM, Eliot Lear wrote:</p>
</div>
<p class=3D"MsoNormal">&nbsp;</p>
</div>
</div>
<blockquote style=3D"margin-top:5.0pt; margin-bottom:5.0pt">
<div>
<div>
<div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt">Hi Everyone,<br>
<br>
Having read inputs from this list, I am proposing some changes to the chart=
er.&nbsp; Most of this is form and not substance,&nbsp; but there are some =
substantial changes.&nbsp; The purpose of these changes is to bring the cha=
rter in line with most of the others.&nbsp; Absent these
 sort of changes, I am not confident we would get a WG.&nbsp; Even with the=
se changes, more work is needed. because what is below is not complete.<br>
<br>
What is missing &#8211; <b>and it's important &#8211;&nbsp;</b> are a few a=
dditional words about why we need SCIM.&nbsp; Why are we holding the darn B=
oF?&nbsp; This is not something that can wait, IMHO, for an Informational d=
ocument.&nbsp; Rather, if there is no clear statement of the problem,
 I don't see how the IESG would approve a WG.&nbsp; So that's what the big =
XXXXXXX is below.&nbsp; I've put some words in, but they are there to demon=
strate the point.&nbsp; PLEASE propose text.<br>
<br>
In addition, my rewording is, in some places, generic.&nbsp; I would sugges=
t that more time be spent on what we will &#8211; and as importantly &#8211=
;&nbsp; WON'T do.&nbsp; A good charter will scope out more.&nbsp; What are =
the critical functions that need to be done
<b>now</b>?&nbsp; If we leave it wide open, then we run the risk of people =
shoveling too much in, or blocking on how to decide where to hold the line =
and wait til the next round.&nbsp; So, for instance, how will we keep the s=
chema from bloating?&nbsp; Rinse and repeat with
 protocol operations.<br>
<br>
In addition, it is my anticipation that shortly before &#8211; or very quic=
kly after &#8211; our BoF, Internet-Drafts will be posted of the initial sp=
ecifications.&nbsp; Thus you see draft-XXX below.&nbsp; While the charter n=
eed not &#8211; and cannot &#8211; be completely finished before the
 BoF, we should have it as close as possible.<br>
<br>
<br>
Please comment now on these changes and any additional changes you would li=
ke to see.</p>
<pre>Simple Cloud Identity Management (SCIM)</pre>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Courier New&quot;">=
Chair(s): TBD</span>
</p>
<pre>Applications Area Director(s):</pre>
<pre>&nbsp;&nbsp;&nbsp; &nbsp;Pete Resnick &lt;<a href=3D"mailto:presnick@q=
ualcomm.com" target=3D"_blank">presnick@qualcomm.com</a>&gt; </pre>
<pre>&nbsp;&nbsp;&nbsp;&nbsp; Barry Lieba &lt;???&gt; </pre>
<pre>Mailing Lists:</pre>
<pre>&nbsp;&nbsp;&nbsp;&nbsp; General Discussion: <a href=3D"mailto:scim@ie=
tf.org" target=3D"_blank">scim@ietf.org</a></pre>
<pre>&nbsp;&nbsp;&nbsp;&nbsp; To Subscribe: <a href=3D"https://www.ietf.org=
/mailman/listinfo/scim" target=3D"_blank">https://www.ietf.org/mailman/list=
info/scim</a></pre>
<pre>&nbsp;&nbsp;&nbsp;&nbsp; Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a hre=
f=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html" targe=
t=3D"_blank">http://www.ietf.org/mail-archive/web/scim/current/maillist.htm=
l</a></pre>
<pre>&nbsp;</pre>
<pre>Description of Working Group:</pre>
<pre>The Simple Cloud Identity Management (SCIM) specification is designed =
to </pre>
<pre>make managing user identity lifecycle in cloud based applications and =
</pre>
<pre>services easier.</pre>
<pre>&nbsp;</pre>
<pre>XXXXXXX</pre>
<pre>&nbsp;</pre>
<pre>So-called CReate Update Delete (CRUD) provisioning operations are ofte=
n</pre>
<pre>necessary to ease adoption of new services.&nbsp; This work builds on =
tools</pre>
<pre>such as ldap and SAML 2.0, which are used to provide up-to-date inform=
ation.</pre>
<pre>SCIM focuses on the case where an enterprise's ldap service may not be=
</pre>
<pre>available to the provider, and SAML cannot provide sufficient context =
for the</pre>
<pre>service.&nbsp; An example would be the provisioning of an of an EMail =
account so</pre>
<pre>that it can receive mail before the person has first logged in.</pre>
<pre>&nbsp;</pre>
<pre>XXXXXXXX</pre>
<pre>The specification suite seeks to build upon experience with existing <=
/pre>
<pre>schemas and deployments, placing specific emphasis on simplicity of </=
pre>
<pre>development and integration, while applying existing authentication, <=
/pre>
<pre>authorization, and privacy models. Its intent is to reduce the cost an=
d </pre>
<pre>complexity of user management operations by providing a common user </=
pre>
<pre>schema and extension model, as well as binding documents to provide </=
pre>
<pre>patterns for exchanging this schema using standard protocols. In </pre=
>
<pre>addition the working group may consider including managing device </pr=
e>
<pre>identities as part of the work adopted by the working group.</pre>
<pre>The group will use as starting points the following drafts in</pre>
<pre>the following ways:</pre>
<pre>&nbsp;</pre>
<pre>&nbsp; draft-XXX-scim-schema-00 as the a schema specification,</pre>
<pre>&nbsp; draft-XXX-scim-protocol-definition-00 as the protocol specifica=
tion,</pre>
<pre>&nbsp; draft-XXX-scim-saml-binding-00 for binding the SCIM schema to S=
AML, and</pre>
<pre>&nbsp; draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to L=
DAP.</pre>
<pre>&nbsp;</pre>
<pre>These drafts are based on existing specifications. which together are =
commonly</pre>
<pre>known as SCIM 1.0.&nbsp; As such, some consideration should be given f=
or backward</pre>
<pre>compatibility, as the group evolves the work.&nbsp; This group will co=
nsider,</pre>
<pre>for and foremost, the operational experience gathered from the existin=
g work.</pre>
<pre>The group will also consider experiences with work done by other bodie=
s, including</pre>
<pre>the OASIS Provisioning TC.</pre>
<pre>&nbsp;</pre>
<pre>The group will produce Proposed Standards for a schema, a protocol,</p=
re>
<pre>a SAML binding, and an LDAP binding.&nbsp; In doing so, the group will=
 make</pre>
<pre>consistent the terminology, review and improve security of the overall=
 system,</pre>
<pre>identify any functional gaps that would be useful future work, address=
</pre>
<pre>internationalization, and provide guidelines for extensibility (either=
 through</pre>
<pre>IANA registries or other means).</pre>
<pre>&nbsp;</pre>
<pre>In its work, the group will decide what additional capabilities should=
 be</pre>
<pre>included in the initial specification, and what can be addressed at a =
later time.</pre>
<pre>&nbsp;</pre>
<pre>However, user, device, and service authentication and authorization</p=
re>
<pre>(policy/entitlement) are out of scope for this working group.</pre>
<pre>&nbsp;</pre>
<pre>Milestones</pre>
<pre>&nbsp;</pre>
<pre>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM core schema</pre>
<pre>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM restful interface dr=
aft</pre>
<pre>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM SAML bindings draft<=
/pre>
<pre>5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM LDAP mapping draft</=
pre>
<pre>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM core schema</pre>
<pre>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM restful interface</pre>
<pre>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM SAML bindings</pre>
<pre>9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM LDAP mapping</pre>
<pre>3/2013&nbsp;&nbsp;&nbsp; Re-charter discussion</pre>
<pre>&nbsp;</pre>
</div>
</div>
</div>
<p class=3D"MsoNormal">_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a></p>
</blockquote>
</div>
<p class=3D"MsoNormal">&nbsp;</p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a></p>
</div>
<p class=3D"MsoNormal">&nbsp;</p>
</div>
</div>
<br>
<hr>
<font face=3D"Arial" color=3D"Gray" size=3D"1"><br>
This e-mail message, including any attachments, is for the sole use of the =
person to whom it has been sent, and may contain information that is confid=
ential or legally protected. If you are not the intended recipient or have =
received this message in error,
 you are not authorized to copy, distribute, or otherwise use this message =
or its attachments. Please notify the sender immediately by return e-mail a=
nd permanently delete this message and any attachments. Gartner makes no wa=
rranty that this e-mail is error
 or virus free.<br>
</font>
</body>
</html>

--_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD3D15Altaentgartnerc_--

From phil.hunt@oracle.com  Tue Mar 13 13:58:19 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CD3721F853A for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:58:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.96
X-Spam-Level: 
X-Spam-Status: No, score=-9.96 tagged_above=-999 required=5 tests=[AWL=0.038,  BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_74=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E96yZFYCfZWD for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:58:17 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 5DE2421F851D for <scim@ietf.org>; Tue, 13 Mar 2012 13:58:17 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2DKwEPf013206 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 13 Mar 2012 20:58:15 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2DKwEN8013148 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Mar 2012 20:58:14 GMT
Received: from abhmt114.oracle.com (abhmt114.oracle.com [141.146.116.66]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2DKwDq8004286; Tue, 13 Mar 2012 15:58:13 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 13 Mar 2012 13:58:13 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_266E2656-90BA-42E0-9FF9-E3D8941C1F68"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <20120313202551.79BDF21F860F@ietfa.amsl.com>
Date: Tue, 13 Mar 2012 13:58:03 -0700
Message-Id: <71B91DB0-7F03-473B-B7F4-3D7E3F020B55@oracle.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com> <20120313202551.79BDF21F860F@ietfa.amsl.com>
To: "Diodati,Mark" <Mark.Diodati@gartner.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
X-CT-RefId: str=0001.0A090206.4F5FB4E7.00C2,ss=1,re=-6.500,fgs=0
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 20:58:19 -0000

--Apple-Mail=_266E2656-90BA-42E0-9FF9-E3D8941C1F68
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

My understanding is that it has been accepted for the BoF.  Can someone =
clarify?

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-13, at 1:25 PM, Diodati,Mark wrote:

> It seems to me that Phil=92s proposed change to the description are in =
line with his request to add support for multiple targets a la SPML. The =
latter request has not been accepted (AFAIK) by the BoF. Before =
accepting changes to the description, should the BoF first decide about =
the multi-target functionality?
> =20
> Mark
> =20
> From: Michael Hammer [mailto:mphmmr@gmail.com]=20
> Sent: Tuesday, March 13, 2012 3:06 PM
> To: Phil Hunt
> Cc: scim@ietf.org; Peter Saint-Andre; Eliot Lear; Steven M. Bellovin
> Subject: Re: [scim] Propose reshape of charter
> =20
> Phil,
> =20
> So, this manages identities of cloud customers who may want to push a =
SaaS application into the cloud,
> AND allows management of the users of the SaaS application which are =
customers of the enterprise versus the cloud provider?
> =20
> Mike
> =20
> On Tue, Mar 13, 2012 at 3:56 PM, Phil Hunt <phil.hunt@oracle.com> =
wrote:
> Eliot,
> =20
> I propose the following change to the WG Description:
> =20
> From:
> =20
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make managing user identity lifecycle in cloud based applications and=20=

> services easier.
> To:
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make managing user identity lifecycle in one or more applications and=20=

> services easier between client organizations and cloud based service =
providers.
> =20
> The change above is subtle but of critical importance to cloud =
providers (many who are not yet active in the group) who host many =
services.
> =20
> It is probably important to site the location of the SCIM 1.0 =
specification which is published externally to IETF as well as the =
re-published drafts under IETF.
> =20
> Phil
> =20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
> =20
> =20
> =20
> On 2012-03-13, at 12:37 PM, Eliot Lear wrote:
> =20
> Hi Everyone,
>=20
> Having read inputs from this list, I am proposing some changes to the =
charter.  Most of this is form and not substance,  but there are some =
substantial changes.  The purpose of these changes is to bring the =
charter in line with most of the others.  Absent these sort of changes, =
I am not confident we would get a WG.  Even with these changes, more =
work is needed. because what is below is not complete.
>=20
> What is missing =96 and it's important =96  are a few additional words =
about why we need SCIM.  Why are we holding the darn BoF?  This is not =
something that can wait, IMHO, for an Informational document.  Rather, =
if there is no clear statement of the problem, I don't see how the IESG =
would approve a WG.  So that's what the big XXXXXXX is below.  I've put =
some words in, but they are there to demonstrate the point.  PLEASE =
propose text.
>=20
> In addition, my rewording is, in some places, generic.  I would =
suggest that more time be spent on what we will =96 and as importantly =96=
  WON'T do.  A good charter will scope out more.  What are the critical =
functions that need to be done now?  If we leave it wide open, then we =
run the risk of people shoveling too much in, or blocking on how to =
decide where to hold the line and wait til the next round.  So, for =
instance, how will we keep the schema from bloating?  Rinse and repeat =
with protocol operations.
>=20
> In addition, it is my anticipation that shortly before =96 or very =
quickly after =96 our BoF, Internet-Drafts will be posted of the initial =
specifications.  Thus you see draft-XXX below.  While the charter need =
not =96 and cannot =96 be completely finished before the BoF, we should =
have it as close as possible.
>=20
>=20
> Please comment now on these changes and any additional changes you =
would like to see.
>=20
> Simple Cloud Identity Management (SCIM)
> Chair(s): TBD
> Applications Area Director(s):
>      Pete Resnick <presnick@qualcomm.com>=20
>      Barry Lieba <???>=20
> Mailing Lists:
>      General Discussion: scim@ietf.org
>      To Subscribe: https://www.ietf.org/mailman/listinfo/scim
>      Archive:      =
http://www.ietf.org/mail-archive/web/scim/current/maillist.html
> =20
> Description of Working Group:
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make managing user identity lifecycle in cloud based applications and=20=

> services easier.
> =20
> XXXXXXX
> =20
> So-called CReate Update Delete (CRUD) provisioning operations are =
often
> necessary to ease adoption of new services.  This work builds on tools
> such as ldap and SAML 2.0, which are used to provide up-to-date =
information.
> SCIM focuses on the case where an enterprise's ldap service may not be
> available to the provider, and SAML cannot provide sufficient context =
for the
> service.  An example would be the provisioning of an of an EMail =
account so
> that it can receive mail before the person has first logged in.
> =20
> XXXXXXXX
> The specification suite seeks to build upon experience with existing=20=

> schemas and deployments, placing specific emphasis on simplicity of=20
> development and integration, while applying existing authentication,=20=

> authorization, and privacy models. Its intent is to reduce the cost =
and=20
> complexity of user management operations by providing a common user=20
> schema and extension model, as well as binding documents to provide=20
> patterns for exchanging this schema using standard protocols. In=20
> addition the working group may consider including managing device=20
> identities as part of the work adopted by the working group.
> The group will use as starting points the following drafts in
> the following ways:
> =20
>   draft-XXX-scim-schema-00 as the a schema specification,
>   draft-XXX-scim-protocol-definition-00 as the protocol specification,
>   draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, =
and
>   draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.
> =20
> These drafts are based on existing specifications. which together are =
commonly
> known as SCIM 1.0.  As such, some consideration should be given for =
backward
> compatibility, as the group evolves the work.  This group will =
consider,
> for and foremost, the operational experience gathered from the =
existing work.
> The group will also consider experiences with work done by other =
bodies, including
> the OASIS Provisioning TC.
> =20
> The group will produce Proposed Standards for a schema, a protocol,
> a SAML binding, and an LDAP binding.  In doing so, the group will make
> consistent the terminology, review and improve security of the overall =
system,
> identify any functional gaps that would be useful future work, address
> internationalization, and provide guidelines for extensibility (either =
through
> IANA registries or other means).
> =20
> In its work, the group will decide what additional capabilities should =
be
> included in the initial specification, and what can be addressed at a =
later time.
> =20
> However, user, device, and service authentication and authorization
> (policy/entitlement) are out of scope for this working group.
> =20
> Milestones
> =20
> 5/2012    Initial adoption of SCIM core schema
> 5/2012    Initial adoption of SCIM restful interface draft
> 5/2012    Initial adoption of SCIM SAML bindings draft
> 5/2012    Initial adoption of SCIM LDAP mapping draft
> 9/2012    WGLC SCIM core schema
> 9/2012    WGLC SCIM restful interface
> 9/2012    WGLC SCIM SAML bindings
> 9/2012    WGLC SCIM LDAP mapping
> 3/2013    Re-charter discussion
> =20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
> =20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>=20
> =20
>=20
>=20
> This e-mail message, including any attachments, is for the sole use of =
the person to whom it has been sent, and may contain information that is =
confidential or legally protected. If you are not the intended recipient =
or have received this message in error, you are not authorized to copy, =
distribute, or otherwise use this message or its attachments. Please =
notify the sender immediately by return e-mail and permanently delete =
this message and any attachments. Gartner makes no warranty that this =
e-mail is error or virus free.
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_266E2656-90BA-42E0-9FF9-E3D8941C1F68
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><div>My understanding is that it has been accepted for the BoF. =
&nbsp;Can someone clarify?</div><div><br></div><div><span =
class=3D"Apple-style-span" style=3D"font-size: 12px; =
">Phil</span></div><div><div><div><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; orphans: 2; =
text-align: auto; text-indent: 0px; text-transform: none; white-space: =
normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: =
0px; -webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><br></div><div>@independentid</div><div><a =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2012-03-13, at 1:25 PM, Diodati,Mark wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
font-family: Helvetica; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: =
none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div =
lang=3D"EN-US" link=3D"blue" vlink=3D"purple"><div =
class=3D"WordSection1"><div style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><span style=3D"font-size: 11pt; font-family: =
Calibri, sans-serif; color: rgb(31, 73, 125); ">It seems to me that =
Phil=92s proposed change to the description are in line with his request =
to add support for multiple targets a la SPML. The latter request has =
not been accepted (AFAIK) by the BoF. Before accepting changes to the =
description, should the BoF first decide about the multi-target =
functionality?</span></div><p class=3D"MsoNormal" style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">&nbsp;</span></p><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">Mark</span></div><p class=3D"MsoNormal" style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">&nbsp;</span></p><div style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; ">From:</span></b><span =
style=3D"font-size: 10pt; font-family: Tahoma, sans-serif; "><span =
class=3D"Apple-converted-space">&nbsp;</span>Michael Hammer =
[mailto:mphmmr@gmail.com]<span =
class=3D"Apple-converted-space">&nbsp;</span><br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Tuesday, March 13, 2012 =
3:06 PM<br><b>To:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Phil =
Hunt<br><b>Cc:</b><span class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: =
underline; ">scim@ietf.org</a>; Peter Saint-Andre; Eliot Lear; Steven M. =
Bellovin<br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Re: [scim] Propose reshape =
of charter</span></div><p class=3D"MsoNormal" style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">&nbsp;</p><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">Phil,</div><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">&nbsp;</p></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">So, this manages =
identities of cloud customers who may want to push a SaaS application =
into the cloud,</div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">AND allows management of =
the users of the SaaS application which are customers of the enterprise =
versus the cloud provider?</div></div><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">&nbsp;</p></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; ">Mike</div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', =
serif; ">&nbsp;<br class=3D"webkit-block-placeholder"></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">On Tue, Mar 13, 2012 at 3:56 PM, Phil Hunt &lt;<a =
href=3D"mailto:phil.hunt@oracle.com" style=3D"color: blue; =
text-decoration: underline; ">phil.hunt@oracle.com</a>&gt; =
wrote:</div><div><div><div><div><div><div><div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-family: Helvetica, sans-serif; =
">Eliot,</span></div></div><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-family: Helvetica, sans-serif; =
">&nbsp;</span></p></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-family:=
 Helvetica, sans-serif; ">I propose the following change to the WG =
Description:</span></div></div><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-family: Helvetica, sans-serif; =
">&nbsp;</span></p></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-family:=
 Helvetica, sans-serif; ">From:</span></div></div><div><div><blockquote =
style=3D"margin-top: 5pt; margin-bottom: 5pt; "><div><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">The Simple Cloud Identity Management (SCIM) =
specification is designed to </pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">make managing user identity =
lifecycle in cloud based applications and </pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">services =
easier.</pre></div></blockquote></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-family: Helvetica, sans-serif; =
">To:</span></div></div></div><div><blockquote style=3D"margin-top: 5pt; =
margin-bottom: 5pt; "><div><pre style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; =
font-family: 'Courier New'; ">The Simple Cloud Identity Management =
(SCIM) specification is designed to </pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">make managing user identity =
lifecycle in one or more applications and </pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">services easier between =
client organizations and cloud based service =
providers.</pre></div></blockquote><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-family: Helvetica, sans-serif; =
">&nbsp;</span></p></div></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-family:=
 Helvetica, sans-serif; ">The change above is subtle but of critical =
importance to cloud providers (many who are not yet active in the group) =
who host many services.</span></div></div><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-family: Helvetica, sans-serif; =
">&nbsp;</span></p></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-family:=
 Helvetica, sans-serif; ">It is probably important to site the location =
of the SCIM 1.0 specification which is published externally to IETF as =
well as the re-published drafts under IETF.</span></div></div><div><p =
class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><span style=3D"font-family: Helvetica, =
sans-serif; ">&nbsp;</span></p></div><div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-family:=
 Helvetica, sans-serif; ">Phil</span></div></div><div><p =
class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><span style=3D"font-size: 9pt; font-family: =
Helvetica, sans-serif; ">&nbsp;</span></p></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 9pt; font-family: Helvetica, =
sans-serif; ">@independentid</span></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 9pt; font-family: Helvetica, =
sans-serif; "><a href=3D"http://www.independentid.com/" target=3D"_blank" =
style=3D"color: blue; text-decoration: underline; =
">www.independentid.com</a></span></div></div></div></div></div><p =
class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 12pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><span style=3D"font-family: Helvetica, =
sans-serif; "><a href=3D"mailto:phil.hunt@oracle.com" target=3D"_blank" =
style=3D"color: blue; text-decoration: underline; =
">phil.hunt@oracle.com</a></span></p></div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-family: Helvetica, sans-serif; =
">&nbsp;</span></p></div><div style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 12pt; font-size: 12pt; =
font-family: 'Times New Roman', serif; ">&nbsp;<br =
class=3D"webkit-block-placeholder"></div></div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">&nbsp;</p><div><div><div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; ">On 2012-03-13, =
at 12:37 PM, Eliot Lear wrote:</div></div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">&nbsp;</p></div></div><blockquote style=3D"margin-top: =
5pt; margin-bottom: 5pt; "><div><div><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', =
serif; ">Hi Everyone,<br><br>Having read inputs from this list, I am =
proposing some changes to the charter.&nbsp; Most of this is form and =
not substance,&nbsp; but there are some substantial changes.&nbsp; The =
purpose of these changes is to bring the charter in line with most of =
the others.&nbsp; Absent these sort of changes, I am not confident we =
would get a WG.&nbsp; Even with these changes, more work is needed. =
because what is below is not complete.<br><br>What is missing =96<span =
class=3D"Apple-converted-space">&nbsp;</span><b>and it's important =
=96&nbsp;</b><span class=3D"Apple-converted-space">&nbsp;</span>are a =
few additional words about why we need SCIM.&nbsp; Why are we holding =
the darn BoF?&nbsp; This is not something that can wait, IMHO, for an =
Informational document.&nbsp; Rather, if there is no clear statement of =
the problem, I don't see how the IESG would approve a WG.&nbsp; So =
that's what the big XXXXXXX is below.&nbsp; I've put some words in, but =
they are there to demonstrate the point.&nbsp; PLEASE propose =
text.<br><br>In addition, my rewording is, in some places, =
generic.&nbsp; I would suggest that more time be spent on what we will =96=
 and as importantly =96&nbsp; WON'T do.&nbsp; A good charter will scope =
out more.&nbsp; What are the critical functions that need to be =
done<span class=3D"Apple-converted-space">&nbsp;</span><b>now</b>?&nbsp; =
If we leave it wide open, then we run the risk of people shoveling too =
much in, or blocking on how to decide where to hold the line and wait =
til the next round.&nbsp; So, for instance, how will we keep the schema =
from bloating?&nbsp; Rinse and repeat with protocol =
operations.<br><br>In addition, it is my anticipation that shortly =
before =96 or very quickly after =96 our BoF, Internet-Drafts will be =
posted of the initial specifications.&nbsp; Thus you see draft-XXX =
below.&nbsp; While the charter need not =96 and cannot =96 be completely =
finished before the BoF, we should have it as close as =
possible.<br><br><br>Please comment now on these changes and any =
additional changes you would like to see.</p><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">Simple Cloud Identity =
Management (SCIM)</pre><div style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; "><span style=3D"font-family: 'Courier New'; =
">Chair(s): TBD</span></div><pre style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; =
font-family: 'Courier New'; ">Applications Area Director(s):</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;&nbsp;&nbsp; &nbsp;Pete Resnick &lt;<a =
href=3D"mailto:presnick@qualcomm.com" target=3D"_blank" style=3D"color: =
blue; text-decoration: underline; ">presnick@qualcomm.com</a>&gt; =
</pre><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier =
New'; ">&nbsp;&nbsp;&nbsp;&nbsp; Barry Lieba &lt;???&gt; </pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">Mailing Lists:</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">&nbsp;&nbsp;&nbsp;&nbsp; General Discussion: <a =
href=3D"mailto:scim@ietf.org" target=3D"_blank" style=3D"color: blue; =
text-decoration: underline; ">scim@ietf.org</a></pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;&nbsp;&nbsp;&nbsp; To Subscribe: <a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank" =
style=3D"color: blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a></pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;&nbsp;&nbsp;&nbsp; Archive:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a =
href=3D"http://www.ietf.org/mail-archive/web/scim/current/maillist.html" =
target=3D"_blank" style=3D"color: blue; text-decoration: underline; =
">http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a></pre=
><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">Description of Working Group:</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">The Simple Cloud Identity Management (SCIM) specification is designed =
to </pre><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier =
New'; ">make managing user identity lifecycle in cloud based =
applications and </pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">services easier.</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">&nbsp;</pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">XXXXXXX</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">So-called CReate Update Delete (CRUD) provisioning =
operations are often</pre><pre style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; =
font-family: 'Courier New'; ">necessary to ease adoption of new =
services.&nbsp; This work builds on tools</pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">such as ldap and SAML =
2.0, which are used to provide up-to-date information.</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">SCIM focuses on the case where an enterprise's ldap service may not =
be</pre><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier =
New'; ">available to the provider, and SAML cannot provide sufficient =
context for the</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">service.&nbsp; An example would be the provisioning of =
an of an EMail account so</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">that it can receive mail before the =
person has first logged in.</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">&nbsp;</pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">XXXXXXXX</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">The specification suite seeks to build upon experience with existing =
</pre><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier =
New'; ">schemas and deployments, placing specific emphasis on simplicity =
of </pre><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier =
New'; ">development and integration, while applying existing =
authentication, </pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">authorization, and privacy models. Its intent is to =
reduce the cost and </pre><pre style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; =
font-family: 'Courier New'; ">complexity of user management operations =
by providing a common user </pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">schema and extension model, as well =
as binding documents to provide </pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">patterns for exchanging this schema =
using standard protocols. In </pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">addition the working group may =
consider including managing device </pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">identities as part of the work =
adopted by the working group.</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">The group will use as starting =
points the following drafts in</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">the following ways:</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">&nbsp; draft-XXX-scim-schema-00 as the a schema =
specification,</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">&nbsp; draft-XXX-scim-protocol-definition-00 as the =
protocol specification,</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">&nbsp; =
draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, =
and</pre><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier =
New'; ">&nbsp; draft-XXX-scim-ldap-binding-00 for binding the SCIM =
schema to LDAP.</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">&nbsp;</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">These drafts are based on existing =
specifications. which together are commonly</pre><pre style=3D"margin-top:=
 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">known as SCIM 1.0.&nbsp; =
As such, some consideration should be given for backward</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">compatibility, as the group evolves the work.&nbsp; This group will =
consider,</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">for and foremost, the operational experience gathered =
from the existing work.</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">The group will also consider =
experiences with work done by other bodies, including</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">the OASIS Provisioning TC.</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">&nbsp;</pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">The group will produce =
Proposed Standards for a schema, a protocol,</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">a SAML binding, and an LDAP binding.&nbsp; In doing so, the group will =
make</pre><pre style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier =
New'; ">consistent the terminology, review and improve security of the =
overall system,</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">identify any functional gaps that would be useful =
future work, address</pre><pre style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; =
font-family: 'Courier New'; ">internationalization, and provide =
guidelines for extensibility (either through</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">IANA registries or other means).</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">&nbsp;</pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">In its work, the group =
will decide what additional capabilities should be</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">included in the initial specification, and what can be addressed at a =
later time.</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">&nbsp;</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">However, user, device, and service =
authentication and authorization</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">(policy/entitlement) are out of =
scope for this working group.</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">&nbsp;</pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; ">Milestones</pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
">&nbsp;</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM core =
schema</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM =
restful interface draft</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">5/2012&nbsp;&nbsp;&nbsp; Initial =
adoption of SCIM SAML bindings draft</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">5/2012&nbsp;&nbsp;&nbsp; Initial =
adoption of SCIM LDAP mapping draft</pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; ">9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM =
core schema</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM restful =
interface</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM SAML =
bindings</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">9/2012&nbsp;&nbsp;&nbsp; WGLC SCIM LDAP =
mapping</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">3/2013&nbsp;&nbsp;&nbsp; Re-charter =
discussion</pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; ">&nbsp;</pre></div></div></div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; =
">_______________________________________________<br>scim mailing =
list<br><a href=3D"mailto:scim@ietf.org" target=3D"_blank" style=3D"color:=
 blue; text-decoration: underline; ">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank" =
style=3D"color: blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a></div></blockquote></div><=
p class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; ">&nbsp;</p></div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><br>_______________________________________________<br>scim =
mailing list<br><a href=3D"mailto:scim@ietf.org" style=3D"color: blue; =
text-decoration: underline; ">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank" =
style=3D"color: blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a></p></div><p =
class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: =
'Times New Roman', serif; ">&nbsp;</p></div></div><br><hr><font =
face=3D"Arial" color=3D"Gray" size=3D"1"><br>This e-mail message, =
including any attachments, is for the sole use of the person to whom it =
has been sent, and may contain information that is confidential or =
legally protected. If you are not the intended recipient or have =
received this message in error, you are not authorized to copy, =
distribute, or otherwise use this message or its attachments. Please =
notify the sender immediately by return e-mail and permanently delete =
this message and any attachments. Gartner makes no warranty that this =
e-mail is error or virus =
free.<br></font>_______________________________________________<br>scim =
mailing list<br><a href=3D"mailto:scim@ietf.org" style=3D"color: blue; =
text-decoration: underline; ">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color: =
blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a></div></span></blockquote>=
</div><br></div></div></body></html>=

--Apple-Mail=_266E2656-90BA-42E0-9FF9-E3D8941C1F68--

From stpeter@stpeter.im  Tue Mar 13 13:59:50 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87C2421E8017 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:59:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.711
X-Spam-Level: 
X-Spam-Status: No, score=-102.711 tagged_above=-999 required=5 tests=[AWL=-0.112, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9stgmrqt0WEc for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 13:59:49 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 5A26F21E8015 for <scim@ietf.org>; Tue, 13 Mar 2012 13:59:49 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 4C2B940058; Tue, 13 Mar 2012 15:12:08 -0600 (MDT)
Message-ID: <4F5FB543.7090804@stpeter.im>
Date: Tue, 13 Mar 2012 14:59:47 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com> <20120313202551.79BDF21F860F@ietfa.amsl.com> <71B91DB0-7F03-473B-B7F4-3D7E3F020B55@oracle.com>
In-Reply-To: <71B91DB0-7F03-473B-B7F4-3D7E3F020B55@oracle.com>
X-Enigmail-Version: 1.3.5
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "Diodati, Mark" <Mark.Diodati@gartner.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 20:59:50 -0000

On 3/13/12 2:58 PM, Phil Hunt wrote:
> My understanding is that it has been accepted for the BoF.  Can someone
> clarify?

The BoF has been accepted. We're using this list to work out the
specific topics to be discussed, among other things, and the charter is
a big part of that.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From prvs=412d8a981=Mark.Diodati@gartner.com  Tue Mar 13 14:01:44 2012
Return-Path: <prvs=412d8a981=Mark.Diodati@gartner.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D1D421E8015 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 14:01:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.449
X-Spam-Level: 
X-Spam-Status: No, score=-6.449 tagged_above=-999 required=5 tests=[AWL=0.150,  BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vxSXH+Gs+TB6 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 14:01:43 -0700 (PDT)
Received: from zinc-main.gartner.com (zinc-main.gartner.com [207.140.148.90]) by ietfa.amsl.com (Postfix) with ESMTP id 9F1B421F85E3 for <scim@ietf.org>; Tue, 13 Mar 2012 14:01:43 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqAEADG1X08KQCMK/2dsb2JhbABDhTqvOYIDggkBAQEEIxFRBAIBCBEEAQEBAgIGHQMCAgIwFAEHAQgCBBMIsWWSBwSBL4kChS8zYwSVUJAjgmWBXA
X-IronPort-AV: E=Sophos;i="4.73,579,1325480400"; d="scan'208";a="72239179"
From: "Diodati,Mark" <Mark.Diodati@gartner.com>
To: "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] FW:  Propose reshape of charter
Thread-Index: AQHNAVw7YpfMEUbcYUy6hHiFfEtBAZZoteNg
Date: Tue, 13 Mar 2012 21:01:41 +0000
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com> <20120313202551.79BDF21F860F@ietfa.amsl.com> <71B91DB0-7F03-473B-B7F4-3D7E3F020B55@oracle.com> <4F5FB543.7090804@stpeter.im>
In-Reply-To: <4F5FB543.7090804@stpeter.im>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.127.2.129]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Message-Id: <20120313210143.9F1B421F85E3@ietfa.amsl.com>
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 21:01:44 -0000

VGhlIEJvRiBoYXMgYmVlbiBhY2NlcHRlZCBieSBJRVRGLiBUaGUgcXVlc3Rpb24gaXMsIGhhdmUg
dGhlIEJvRiBtZW1iZXJzIGFjY2VwdGVkIHRoZSByZXF1ZXN0IHRvIGFkZCBtdWx0aS10YXJnZXQg
c3VwcG9ydD8NCg0KLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206IFBldGVyIFNhaW50
LUFuZHJlIFttYWlsdG86c3RwZXRlckBzdHBldGVyLmltXQ0KU2VudDogVHVlc2RheSwgTWFyY2gg
MTMsIDIwMTIgNDowMCBQTQ0KVG86IFBoaWwgSHVudA0KQ2M6IERpb2RhdGksTWFyazsgc2NpbUBp
ZXRmLm9yZw0KU3ViamVjdDogUmU6IFtzY2ltXSBGVzogUHJvcG9zZSByZXNoYXBlIG9mIGNoYXJ0
ZXINCg0KT24gMy8xMy8xMiAyOjU4IFBNLCBQaGlsIEh1bnQgd3JvdGU6DQo+IE15IHVuZGVyc3Rh
bmRpbmcgaXMgdGhhdCBpdCBoYXMgYmVlbiBhY2NlcHRlZCBmb3IgdGhlIEJvRi4gIENhbg0KPiBz
b21lb25lIGNsYXJpZnk/DQoNClRoZSBCb0YgaGFzIGJlZW4gYWNjZXB0ZWQuIFdlJ3JlIHVzaW5n
IHRoaXMgbGlzdCB0byB3b3JrIG91dCB0aGUgc3BlY2lmaWMgdG9waWNzIHRvIGJlIGRpc2N1c3Nl
ZCwgYW1vbmcgb3RoZXIgdGhpbmdzLCBhbmQgdGhlIGNoYXJ0ZXIgaXMgYSBiaWcgcGFydCBvZiB0
aGF0Lg0KDQpQZXRlcg0KDQotLQ0KUGV0ZXIgU2FpbnQtQW5kcmUNCmh0dHBzOi8vc3RwZXRlci5p
bS8NCg0KDQoNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQoNClRoaXMgZS1tYWls
IG1lc3NhZ2UsIGluY2x1ZGluZyBhbnkgYXR0YWNobWVudHMsIGlzIGZvciB0aGUgc29sZSB1c2Ug
b2YgdGhlIHBlcnNvbiB0byB3aG9tIGl0IGhhcyBiZWVuIHNlbnQsIGFuZCBtYXkgY29udGFpbiBp
bmZvcm1hdGlvbiB0aGF0IGlzIGNvbmZpZGVudGlhbCBvciBsZWdhbGx5IHByb3RlY3RlZC4gSWYg
eW91IGFyZSBub3QgdGhlIGludGVuZGVkIHJlY2lwaWVudCBvciBoYXZlIHJlY2VpdmVkIHRoaXMg
bWVzc2FnZSBpbiBlcnJvciwgeW91IGFyZSBub3QgYXV0aG9yaXplZCB0byBjb3B5LCBkaXN0cmli
dXRlLCBvciBvdGhlcndpc2UgdXNlIHRoaXMgbWVzc2FnZSBvciBpdHMgYXR0YWNobWVudHMuIFBs
ZWFzZSBub3RpZnkgdGhlIHNlbmRlciBpbW1lZGlhdGVseSBieSByZXR1cm4gZS1tYWlsIGFuZCBw
ZXJtYW5lbnRseSBkZWxldGUgdGhpcyBtZXNzYWdlIGFuZCBhbnkgYXR0YWNobWVudHMuIEdhcnRu
ZXIgbWFrZXMgbm8gd2FycmFudHkgdGhhdCB0aGlzIGUtbWFpbCBpcyBlcnJvciBvciB2aXJ1cyBm
cmVlLg0K

From lear@cisco.com  Tue Mar 13 14:23:02 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 638D721F863F for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 14:23:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.558
X-Spam-Level: 
X-Spam-Status: No, score=-110.558 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ncwCjRKwXPgg for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 14:23:01 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 097F821F863E for <scim@ietf.org>; Tue, 13 Mar 2012 14:22:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=23404; q=dns/txt; s=iport; t=1331673780; x=1332883380; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=WNVGfs7ixfwKVrgNgNKU6PuSNUmdU91mbyeEKcazOGc=; b=FsMqLq4MyRiaYmTb0YiNaDG1Bqmcg1QcYsaeXJq5o0BaNjx5BSqgbDJq vWehBtbJ2hCWBw5vMMQhJe+1vMZnvXTksmWeSigqq/6NtkHSLR0B/HbkP J7ND/t3lNnB2AdJhdpHjRkO/1DKdwR0dLeKa0uX+bXPE3p1nqvwyAi2m6 g=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgMFACW6X0+Q/khM/2dsb2JhbAA5AQmCRYJ1sDWBB4IJAQEBBAEBAQ8BECYlCgEQCQIVAwkDCQoBBwMCAgkDAgECARUfEQYNAQMCAgEBBRmHaAucZAGMcZINiigBCIMXghiBFgSRb4NhkCOCZj2BHg
X-IronPort-AV: E=Sophos;i="4.73,579,1325462400"; d="scan'208,217";a="68399903"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 13 Mar 2012 21:22:58 +0000
Received: from dhcp-10-61-99-194.cisco.com (dhcp-10-61-99-194.cisco.com [10.61.99.194]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2DLMvki029178; Tue, 13 Mar 2012 21:22:57 GMT
Message-ID: <4F5FBAB1.1020009@cisco.com>
Date: Tue, 13 Mar 2012 22:22:57 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com>
In-Reply-To: <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------030609000404040702060205"
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 21:23:02 -0000

This is a multi-part message in MIME format.
--------------030609000404040702060205
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Everyone:

Please voice your support or opposition to the proposed change below
(and any other proposed change) that comes through.  Stating WHY helps
advance the debate.

Thanks,

Eliot

On 3/13/12 8:56 PM, Phil Hunt wrote:
> Eliot,
>
> I propose the following change to the WG Description:
>
> From:
>> The Simple Cloud Identity Management (SCIM) specification is designed to 
>> make managing user identity lifecycle in cloud based applications and 
>> services easier.
> To:
>> The Simple Cloud Identity Management (SCIM) specification is designed to 
>> make managing user identity lifecycle in one or more applications and 
>> services easier between client organizations and cloud based service providers.
>
> The change above is subtle but of critical importance to cloud
> providers (many who are not yet active in the group) who host many
> services.
>
> It is probably important to site the location of the SCIM 1.0
> specification which is published externally to IETF as well as the
> re-published drafts under IETF.
>
> Phil
>
> @independentid
> www.independentid.com <http://www.independentid.com>
> phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>
>
>
>
>
>
> On 2012-03-13, at 12:37 PM, Eliot Lear wrote:
>
>> Hi Everyone,
>>
>> Having read inputs from this list, I am proposing some changes to the
>> charter.  Most of this is form and not substance,  but there are some
>> substantial changes.  The purpose of these changes is to bring the
>> charter in line with most of the others.  Absent these sort of
>> changes, I am not confident we would get a WG.  Even with these
>> changes, more work is needed. because what is below is not complete.
>>
>> What is missing – *and it's important – * are a few additional words
>> about why we need SCIM.  Why are we holding the darn BoF?  This is
>> not something that can wait, IMHO, for an Informational document. 
>> Rather, if there is no clear statement of the problem, I don't see
>> how the IESG would approve a WG.  So that's what the big XXXXXXX is
>> below.  I've put some words in, but they are there to demonstrate the
>> point.  PLEASE propose text.
>>
>> In addition, my rewording is, in some places, generic.  I would
>> suggest that more time be spent on what we will – and as importantly
>> –  WON'T do.  A good charter will scope out more.  What are the
>> critical functions that need to be done *now*?  If we leave it wide
>> open, then we run the risk of people shoveling too much in, or
>> blocking on how to decide where to hold the line and wait til the
>> next round.  So, for instance, how will we keep the schema from
>> bloating?  Rinse and repeat with protocol operations.
>>
>> In addition, it is my anticipation that shortly before – or very
>> quickly after – our BoF, Internet-Drafts will be posted of the
>> initial specifications.  Thus you see draft-XXX below.  While the
>> charter need not – and cannot – be completely finished before the
>> BoF, we should have it as close as possible.
>>
>>
>> Please comment now on these changes and any additional changes you
>> would like to see.
>>
>> Simple Cloud Identity Management (SCIM)
>> Chair(s): TBD
>> Applications Area Director(s):
>>      Pete Resnick <presnick@qualcomm.com <mailto:presnick@qualcomm.com>> 
>>      Barry Lieba <???> 
>> Mailing Lists:
>>      General Discussion: scim@ietf.org <mailto:scim@ietf.org>
>>      To Subscribe: https://www.ietf.org/mailman/listinfo/scim
>>      Archive:      http://www.ietf.org/mail-archive/web/scim/current/maillist.html
>>  
>> Description of Working Group:
>> The Simple Cloud Identity Management (SCIM) specification is designed to 
>> make managing user identity lifecycle in cloud based applications and 
>> services easier.
>>
>> XXXXXXX
>>
>> So-called CReate Update Delete (CRUD) provisioning operations are often
>> necessary to ease adoption of new services.  This work builds on tools
>> such as ldap and SAML 2.0, which are used to provide up-to-date information.
>> SCIM focuses on the case where an enterprise's ldap service may not be
>> available to the provider, and SAML cannot provide sufficient context for the
>> service.  An example would be the provisioning of an of an EMail account so
>> that it can receive mail before the person has first logged in.
>>
>> XXXXXXXX
>> The specification suite seeks to build upon experience with existing 
>> schemas and deployments, placing specific emphasis on simplicity of 
>> development and integration, while applying existing authentication, 
>> authorization, and privacy models. Its intent is to reduce the cost and 
>> complexity of user management operations by providing a common user 
>> schema and extension model, as well as binding documents to provide 
>> patterns for exchanging this schema using standard protocols. In 
>> addition the working group may consider including managing device 
>> identities as part of the work adopted by the working group.
>> The group will use as starting points the following drafts in
>> the following ways:
>>
>> 	draft-XXX-scim-schema-00 as the a schema specification,
>> 	draft-XXX-scim-protocol-definition-00 as the protocol specification,
>> 	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, and
>> 	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.
>>
>> These drafts are based on existing specifications. which together are commonly
>> known as SCIM 1.0.  As such, some consideration should be given for backward
>> compatibility, as the group evolves the work.  This group will consider,
>> for and foremost, the operational experience gathered from the existing work.
>> The group will also consider experiences with work done by other bodies, including
>> the OASIS Provisioning TC.
>>
>> The group will produce Proposed Standards for a schema, a protocol,
>> a SAML binding, and an LDAP binding.  In doing so, the group will make
>> consistent the terminology, review and improve security of the overall system,
>> identify any functional gaps that would be useful future work, address
>> internationalization, and provide guidelines for extensibility (either through
>> IANA registries or other means).
>>
>> In its work, the group will decide what additional capabilities should be
>> included in the initial specification, and what can be addressed at a later time.
>>
>> However, user, device, and service authentication and authorization
>> (policy/entitlement) are out of scope for this working group.
>>
>> Milestones
>>
>> 5/2012    Initial adoption of SCIM core schema
>> 5/2012    Initial adoption of SCIM restful interface draft
>> 5/2012    Initial adoption of SCIM SAML bindings draft
>> 5/2012    Initial adoption of SCIM LDAP mapping draft
>> 9/2012    WGLC SCIM core schema
>> 9/2012    WGLC SCIM restful interface
>> 9/2012    WGLC SCIM SAML bindings
>> 9/2012    WGLC SCIM LDAP mapping
>> 3/2013    Re-charter discussion
>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org <mailto:scim@ietf.org>
>> https://www.ietf.org/mailman/listinfo/scim
>

--------------030609000404040702060205
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Everyone:<br>
    <br>
    Please voice your support or opposition to the proposed change below
    (and any other proposed change) that comes through.  Stating WHY
    helps advance the debate.<br>
    <br>
    Thanks,<br>
    <br>
    Eliot<br>
    <br>
    On 3/13/12 8:56 PM, Phil Hunt wrote:
    <blockquote
      cite="mid:B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com"
      type="cite">
      <div><span class="Apple-style-span" style="border-collapse:
          separate; color: rgb(0, 0, 0); font-family: Helvetica;
          font-style: normal; font-variant: normal; font-weight: normal;
          letter-spacing: normal; line-height: normal; orphans: 2;
          text-indent: 0px; text-transform: none; white-space: normal;
          widows: 2; word-spacing: 0px;
          -webkit-border-horizontal-spacing: 0px;
          -webkit-border-vertical-spacing: 0px;
          -webkit-text-decorations-in-effect: none;
          -webkit-text-size-adjust: auto; -webkit-text-stroke-width:
          0px; "><span class="Apple-style-span" style="border-collapse:
            separate; color: rgb(0, 0, 0); font-family: Helvetica;
            font-style: normal; font-variant: normal; font-weight:
            normal; letter-spacing: normal; line-height: normal;
            orphans: 2; text-indent: 0px; text-transform: none;
            white-space: normal; widows: 2; word-spacing: 0px;
            -webkit-border-horizontal-spacing: 0px;
            -webkit-border-vertical-spacing: 0px;
            -webkit-text-decorations-in-effect: none;
            -webkit-text-size-adjust: auto; -webkit-text-stroke-width:
            0px; ">
            <div style="word-wrap: break-word; -webkit-nbsp-mode: space;
              -webkit-line-break: after-white-space; "><span
                class="Apple-style-span" style="border-collapse:
                separate; color: rgb(0, 0, 0); font-family: Helvetica;
                font-style: normal; font-variant: normal; font-weight:
                normal; letter-spacing: normal; line-height: normal;
                orphans: 2; text-indent: 0px; text-transform: none;
                white-space: normal; widows: 2; word-spacing: 0px;
                -webkit-border-horizontal-spacing: 0px;
                -webkit-border-vertical-spacing: 0px;
                -webkit-text-decorations-in-effect: none;
                -webkit-text-size-adjust: auto;
                -webkit-text-stroke-width: 0px; ">
                <div style="word-wrap: break-word; -webkit-nbsp-mode:
                  space; -webkit-line-break: after-white-space; "><span
                    class="Apple-style-span" style="border-collapse:
                    separate; color: rgb(0, 0, 0); font-family:
                    Helvetica; font-style: normal; font-variant: normal;
                    font-weight: normal; letter-spacing: normal;
                    line-height: normal; orphans: 2; text-indent: 0px;
                    text-transform: none; white-space: normal; widows:
                    2; word-spacing: 0px;
                    -webkit-border-horizontal-spacing: 0px;
                    -webkit-border-vertical-spacing: 0px;
                    -webkit-text-decorations-in-effect: none;
                    -webkit-text-size-adjust: auto;
                    -webkit-text-stroke-width: 0px; ">
                    <div style="word-wrap: break-word;
                      -webkit-nbsp-mode: space; -webkit-line-break:
                      after-white-space; ">
                      <div>
                        <div>
                          <div>Eliot,</div>
                          <div><br>
                          </div>
                          <div>I propose the following change to the WG
                            Description:</div>
                          <div><br>
                          </div>
                          <div>From:</div>
                          <div>
                            <blockquote type="cite">
                              <div bgcolor="#FFFFFF" text="#000000">
                                <pre class="MsoPlainText"><span style="font-family: 'Courier New'; color: black; ">The Simple Cloud Identity Management (SCIM) specification is designed to 
make managing user identity lifecycle in cloud based applications and 
services easier.</span></pre>
                              </div>
                            </blockquote>
                            <div>To:</div>
                          </div>
                          <div>
                            <blockquote type="cite">
                              <div bgcolor="#FFFFFF" text="#000000">
                                <pre class="MsoPlainText"><span style="font-family: 'Courier New'; color: black; ">The Simple Cloud Identity Management (SCIM) specification is designed to 
make managing user identity lifecycle in one or more applications and 
services easier between client organizations and cloud based service providers.</span></pre>
                              </div>
                            </blockquote>
                            <div><br>
                            </div>
                          </div>
                          <div>The change above is subtle but of
                            critical importance to cloud providers (many
                            who are not yet active in the group) who
                            host many services.</div>
                          <div><br>
                          </div>
                          <div>It is probably important to site the
                            location of the SCIM 1.0 specification which
                            is published externally to IETF as well as
                            the re-published drafts under IETF.</div>
                          <div><br>
                          </div>
                          <div>Phil</div>
                          <div style="font-size: 12px; "><br>
                          </div>
                          <div style="font-size: 12px; ">@independentid</div>
                          <div style="font-size: 12px; "><a
                              moz-do-not-send="true"
                              href="http://www.independentid.com">www.independentid.com</a></div>
                        </div>
                      </div>
                    </div>
                  </span><a moz-do-not-send="true"
                    href="mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br>
                  <br>
                </div>
              </span><br class="Apple-interchange-newline">
            </div>
          </span><br class="Apple-interchange-newline">
        </span><br class="Apple-interchange-newline">
      </div>
      <br>
      <div>
        <div>On 2012-03-13, at 12:37 PM, Eliot Lear wrote:</div>
        <br class="Apple-interchange-newline">
        <blockquote type="cite">
          <meta http-equiv="content-type" content="text/html;
            charset=UTF-8">
          <div bgcolor="#FFFFFF" text="#000000"> Hi Everyone,<br>
            <br>
            Having read inputs from this list, I am proposing some
            changes to the charter.  Most of this is form and not
            substance,  but there are some substantial changes.  The
            purpose of these changes is to bring the charter in line
            with most of the others.  Absent these sort of changes, I am
            not confident we would get a WG.  Even with these changes,
            more work is needed. because what is below is not complete.<br>
            <br>
            What is missing – <b>and it's important – </b> are a few
            additional words about why we need SCIM.  Why are we holding
            the darn BoF?  This is not something that can wait, IMHO,
            for an Informational document.  Rather, if there is no clear
            statement of the problem, I don't see how the IESG would
            approve a WG.  So that's what the big XXXXXXX is below. 
            I've put some words in, but they are there to demonstrate
            the point.  PLEASE propose text.<br>
            <br>
            In addition, my rewording is, in some places, generic.  I
            would suggest that more time be spent on what we will – and
            as importantly –  WON'T do.  A good charter will scope out
            more.  What are the critical functions that need to be done
            <b>now</b>?  If we leave it wide open, then we run the risk
            of people shoveling too much in, or blocking on how to
            decide where to hold the line and wait til the next round. 
            So, for instance, how will we keep the schema from
            bloating?  Rinse and repeat with protocol operations.<br>
            <br>
            In addition, it is my anticipation that shortly before – or
            very quickly after – our BoF, Internet-Drafts will be posted
            of the initial specifications.  Thus you see draft-XXX
            below.  While the charter need not – and cannot – be
            completely finished before the BoF, we should have it as
            close as possible.<br>
            <br>
            <br>
            Please comment now on these changes and any additional
            changes you would like to see.<br>
            <br>
            <pre class="MsoPlainText"><span style="font-family: &quot;Courier New&quot;; color: black;"></span><span style="font-family:&quot;Courier New&quot;;color:black">Simple Cloud Identity Management (SCIM)<o:p></o:p></span></pre>
            <span style="font-family:&quot;Courier
              New&quot;;color:black"><o:p></o:p></span><span
              style="font-family:&quot;Courier New&quot;;color:black">Chair(s):

              TBD<o:p></o:p></span><span
              style="font-family:&quot;Courier New&quot;;color:black"><o:p></o:p></span>
            <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black"><o:p></o:p>Applications Area Director(s):<o:p></o:p></span></pre>
            <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">     Pete Resnick &lt;<a moz-do-not-send="true" href="mailto:presnick@qualcomm.com">presnick@qualcomm.com</a>&gt; <o:p></o:p>
     Barry Lieba &lt;???&gt;<o:p> 
</o:p></span></pre>
            <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">Mailing Lists:<o:p></o:p>
     General Discussion: <a moz-do-not-send="true" href="mailto:scim@ietf.org">scim@ietf.org</a><o:p></o:p>
     To Subscribe: <a moz-do-not-send="true" href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a><o:p></o:p>
     Archive:      <a moz-do-not-send="true" href="http://www.ietf.org/mail-archive/web/scim/current/maillist.html">http://www.ietf.org/mail-archive/web/scim/current/maillist.html</a><o:p></o:p></span></pre>
            <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black"><o:p> </o:p></span></pre>
            <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">Description of Working Group:<o:p></o:p></span></pre>
            <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">The Simple Cloud Identity Management (SCIM) specification is designed to 
make managing user identity lifecycle in cloud based applications and 
services easier.

XXXXXXX

So-called CReate Update Delete (CRUD) provisioning operations are often
necessary to ease adoption of new services.  This work builds on tools
such as ldap and SAML 2.0, which are used to provide up-to-date information.
SCIM focuses on the case where an enterprise's ldap service may not be
available to the provider, and SAML cannot provide sufficient context for the
service.  An example would be the provisioning of an of an EMail account so
that it can receive mail before the person has first logged in.

XXXXXXXX
<o:p></o:p></span></pre>
            <pre class="MsoPlainText"><span style="font-family:&quot;Courier New&quot;;color:black">The specification suite seeks to build upon experience with existing 
schemas and deployments, placing specific emphasis on simplicity of 
development and integration, while applying existing authentication, 
authorization, and privacy models. Its intent is to reduce the cost and 
complexity of user management operations by providing a common user 
schema and extension model, as well as binding documents to provide 
patterns for exchanging this schema using standard protocols. In 
addition the working group may consider including managing device 
identities as part of the work adopted by the working group.<o:p></o:p></span></pre>
            <pre class="MsoPlainText"><span style="font-family: &quot;Courier New&quot;; color: black;">The group will use as starting points the following drafts in
the following ways:

	draft-XXX-scim-schema-00 as the a schema specification,
	draft-XXX-scim-protocol-definition-00 as the protocol specification,
	draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, and
	draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.

These drafts are based on existing specifications. which together are commonly
known as SCIM 1.0.  As such, some consideration should be given for backward
compatibility, as the group evolves the work.</span><span style="font-family:&quot;Courier New&quot;;color:black">  This group will consider,
for and foremost, the operational experience gathered from the existing work.
The group will also consider experiences with work done by other bodies, including
the OASIS Provisioning TC.</span>
<span style="font-family:&quot;Courier New&quot;;color:black">
The group will produce Proposed Standards for a schema, a protocol,
a SAML binding, and an LDAP binding.  In doing so, the group will make
consistent the terminology, review and improve security of the overall system,
identify any functional gaps that would be useful future work, address
internationalization, and provide guidelines for extensibility (either through
IANA registries or other means).

In its work, the group will decide what additional capabilities should be
included in the initial specification, and what can be addressed at a later time.
<o:p>
However, </o:p>user, device, and service authentication and authorization
(policy/entitlement) are out of scope for this working group.

Milestones

5/2012    Initial adoption of SCIM core schema
5/2012    Initial adoption of SCIM restful interface draft
5/2012    Initial adoption of SCIM SAML bindings draft
5/2012    Initial adoption of SCIM LDAP mapping draft
9/2012    WGLC SCIM core schema
9/2012    WGLC SCIM restful interface
9/2012    WGLC SCIM SAML bindings
9/2012    WGLC SCIM LDAP mapping
3/2013    Re-charter discussion

</span></pre>
          </div>
          _______________________________________________<br>
          scim mailing list<br>
          <a moz-do-not-send="true" href="mailto:scim@ietf.org">scim@ietf.org</a><br>
          <a class="moz-txt-link-freetext" href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a><br>
        </blockquote>
      </div>
      <br>
    </blockquote>
  </body>
</html>

--------------030609000404040702060205--

From lear@cisco.com  Tue Mar 13 15:19:55 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D76FB21E8042 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 15:19:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.598
X-Spam-Level: 
X-Spam-Status: No, score=-110.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OJLnVoc8hKT7 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 15:19:55 -0700 (PDT)
Received: from bgl-iport-2.cisco.com (bgl-iport-2.cisco.com [72.163.197.26]) by ietfa.amsl.com (Postfix) with ESMTP id BCFB821E8028 for <scim@ietf.org>; Tue, 13 Mar 2012 15:19:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=4031; q=dns/txt; s=iport; t=1331677195; x=1332886795; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=Tqfj076RJmeS3IcZhk/Zc4IV5bq3JgOSXaKh6MK9RD4=; b=RHYkIVQbD3cRi/hnK8eEzezG4mbvZISsiZHHRNyGaSczyVwLENBDAl7G cy6bUbi1vfR4ITEPWJcnOzKpu9ZdapPBNCUlpERrIumn8gASD0IXVDlBr gWmnYzXHHJgmvkjEVIjsML1QBFDYtRj9XN+/t4MOeUTf5rae3lH68LmGF M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ap8EALbHX09Io8UY/2dsb2JhbABDhTqxPIIJAQEBBBIBEFUBEAsYCRYLAgIJAwIBAgFFBg0BBwEBHodonGQBjHGSBY9ggRYEkW+DYZAjgmY
X-IronPort-AV: E=Sophos;i="4.73,579,1325462400"; d="scan'208,217";a="7794484"
Received: from vla196-nat.cisco.com (HELO bgl-core-1.cisco.com) ([72.163.197.24]) by bgl-iport-2.cisco.com with ESMTP; 13 Mar 2012 22:19:53 +0000
Received: from dhcp-10-61-99-194.cisco.com (dhcp-10-61-99-194.cisco.com [10.61.99.194]) by bgl-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q2DMJnqY030346; Tue, 13 Mar 2012 22:19:50 GMT
Message-ID: <4F5FC804.4080208@cisco.com>
Date: Tue, 13 Mar 2012 23:19:48 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com>
In-Reply-To: <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------000805040304070909020906"
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 22:19:56 -0000

This is a multi-part message in MIME format.
--------------000805040304070909020906
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Hi Phil,

I failed to address a point you made below:

On 3/13/12 8:56 PM, Phil Hunt wrote:
>
> It is probably important to site the location of the SCIM 1.0
> specification which is published externally to IETF as well as the
> re-published drafts under IETF.
>

I believe it is important to both cite and acknowledge the earlier work,
but I don't know that the charter is the right place to do it.  This
having been said, the charter is one place where we have prominent
static content.  Pete, what would the IESG want, here?

Eliot

--------------000805040304070909020906
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi Phil,<br>
    <br>
    I failed to address a point you made below:<br>
    <br>
    On 3/13/12 8:56 PM, Phil Hunt wrote:
    <blockquote
      cite="mid:B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com"
      type="cite">
      <div><span class="Apple-style-span" style="border-collapse:
          separate; color: rgb(0, 0, 0); font-family: Helvetica;
          font-style: normal; font-variant: normal; font-weight: normal;
          letter-spacing: normal; line-height: normal; orphans: 2;
          text-indent: 0px; text-transform: none; white-space: normal;
          widows: 2; word-spacing: 0px;"><span class="Apple-style-span"
            style="border-collapse: separate; color: rgb(0, 0, 0);
            font-family: Helvetica; font-style: normal; font-variant:
            normal; font-weight: normal; letter-spacing: normal;
            line-height: normal; orphans: 2; text-indent: 0px;
            text-transform: none; white-space: normal; widows: 2;
            word-spacing: 0px;">
            <div style="word-wrap: break-word;"><span
                class="Apple-style-span" style="border-collapse:
                separate; color: rgb(0, 0, 0); font-family: Helvetica;
                font-style: normal; font-variant: normal; font-weight:
                normal; letter-spacing: normal; line-height: normal;
                orphans: 2; text-indent: 0px; text-transform: none;
                white-space: normal; widows: 2; word-spacing: 0px;">
                <div style="word-wrap: break-word;"><span
                    class="Apple-style-span" style="border-collapse:
                    separate; color: rgb(0, 0, 0); font-family:
                    Helvetica; font-style: normal; font-variant: normal;
                    font-weight: normal; letter-spacing: normal;
                    line-height: normal; orphans: 2; text-indent: 0px;
                    text-transform: none; white-space: normal; widows:
                    2; word-spacing: 0px;">
                    <div style="word-wrap: break-word;">
                      <div>
                        <div><br>
                          <div>It is probably important to site the
                            location of the SCIM 1.0 specification which
                            is published externally to IETF as well as
                            the re-published drafts under IETF.</div>
                          <br>
                        </div>
                      </div>
                    </div>
                  </span></div>
              </span></div>
          </span></span></div>
    </blockquote>
    <br>
    I believe it is important to both cite and acknowledge the earlier
    work, but I don't know that the charter is the right place to do
    it.  This having been said, the charter is one place where we have
    prominent static content.  Pete, what would the IESG want, here?<br>
    <br>
    Eliot<br>
  </body>
</html>

--------------000805040304070909020906--

From lear@cisco.com  Tue Mar 13 15:38:28 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1C4321E803C for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 15:38:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.558
X-Spam-Level: 
X-Spam-Status: No, score=-110.558 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f1UbHkU1qzHC for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 15:38:28 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id DAD1021E8028 for <scim@ietf.org>; Tue, 13 Mar 2012 15:38:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=4363; q=dns/txt; s=iport; t=1331678308; x=1332887908; h=message-id:date:from:mime-version:to:subject:references: in-reply-to; bh=+rsqt8TE9y1RowITbWcbBOGPrnicMhRvH4thadryUno=; b=FBXwnOk+MP63sdcG74O9vc5DjlTNls00dAc60onX2y4NcxGFZFOsDmQy cZ9zKGriEheKxUtuoYiW+ZAX8Y8YFhHAU+TtfO2PW340FrRbX4rOeUHC9 p0wjLB3zVMDq4ldQjfdwxPoyd2KTS1E6ntZMXbKoPNmJzpolza9nFmkHO 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EANbLX0+Q/khR/2dsb2JhbABDhTqwNYEHggoBAQQSARBPBhEPHRYLAgIJAwIBAgFFEwgBAR6HaJxaAYxxkgWPYIEWBJVQkCOCZg
X-IronPort-AV: E=Sophos;i="4.73,579,1325462400"; d="scan'208,217";a="68405260"
Received: from ams-core-1.cisco.com ([144.254.72.81]) by ams-iport-2.cisco.com with ESMTP; 13 Mar 2012 22:38:26 +0000
Received: from dhcp-10-61-99-194.cisco.com (dhcp-10-61-99-194.cisco.com [10.61.99.194]) by ams-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q2DMcQJm015741 for <scim@ietf.org>; Tue, 13 Mar 2012 22:38:26 GMT
Message-ID: <4F5FCC62.6070409@cisco.com>
Date: Tue, 13 Mar 2012 23:38:26 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: scim@ietf.org
References: <4F5F9CBF.3050205@cisco.com> <18C03700-30B7-48D9-A63E-00236CBA209C@cs.columbia.edu>
In-Reply-To: <18C03700-30B7-48D9-A63E-00236CBA209C@cs.columbia.edu>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------040203080807000503020809"
Subject: [scim] draft agenda for the SCIM BoF
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 22:38:29 -0000

This is a multi-part message in MIME format.
--------------040203080807000503020809
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Hi everyone (yet again),

Below is a draft agenda, based on the earlier message I had sent, and
with review from my co-chair, Steve Bellovin.  Please review and
comment.  Agendas are subject to change  right up 'til the beginning of
the session.  Of course I would prefer to avoid that.  Better to bash
here on the list then spend valuable time in the meeting.  Presenters
are encouraged to incorporate as many views as possible to provide a
complete picture, for purposes of decision making. At the same time, we
don't have all day, and so conciseness is important.

We have received  a request for an additional slot for presentation
which is not yet reflected on this draft agenda.  In considering
requests for presentation time slots, please keep in mind the
following:   Will the presentation advance the discussion about whether
to create a WG or what its charter should be?
*
Comments, Please!

*Eliot
ps: all times are approximate

 9:00 –  9:02   I   Agenda Bashing
 9:02 –  9:15   II  Introduction by the chairs, and a description 
                    of the BoF process, including potential outcomes
 9:15 –  9:45   III Description of the pre-provisioning problem, why this
                    is important, and relation to existing work (Morteza Ansari)
 9:45 – 10:30	IV  Overview of SCIM documents (Trey Drake)
10:30 – 11:00	V   Discussion (Chairs introduce the questions below)
11:00 – 11:05	VI  Questions from the Chair (chairs)
		  A.  Do we agree there is a problem?
		  B.  Is SCIM the right starting point?
		  C.  Is this something the IETF should do?
		  D.  Do we have volunteers to
			(1) edit/author the drafts?
			(2) review the drafts?
11:05 – 11:25	VII Introduction of the charter and discussion (chairs)
11:25 – 11:30	Should we have a WG? (A hum) (Chairs/AD)



--------------040203080807000503020809
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi everyone (yet again),<br>
    <br>
    Below is a draft agenda, based on the earlier message I had sent,
    and with review from my co-chair, Steve Bellovin.  Please review and
    comment.  Agendas are subject to change  right up 'til the beginning
    of the session.  Of course I would prefer to avoid that.  Better to
    bash here on the list then spend valuable time in the meeting. 
    Presenters are encouraged to incorporate as many views as possible
    to provide a complete picture, for purposes of decision making. At
    the same time, we don't have all day, and so conciseness is
    important.<br>
    <br>
    We have received  a request for an additional slot for presentation
    which is not yet reflected on this draft agenda.  In considering
    requests for presentation time slots, please keep in mind the
    following:   Will the presentation advance the discussion about
    whether to create a WG or what its charter should be?<br>
    <b><br>
      Comments, Please!<br>
      <br>
    </b>Eliot<br>
    ps: all times are approximate<br>
    <br>
    <pre wrap=""> 9:00 –  9:02   I   Agenda Bashing
 9:02 –  9:15   II  Introduction by the chairs, and a description 
                    of the BoF process, including potential outcomes
 9:15 –  9:45   III Description of the pre-provisioning problem, why this
                    is important, and relation to existing work (Morteza Ansari)
 9:45 – 10:30	IV  Overview of SCIM documents (Trey Drake)
10:30 – 11:00	V   Discussion (Chairs introduce the questions below)
11:00 – 11:05	VI  Questions from the Chair (chairs)
		  A.  Do we agree there is a problem?
		  B.  Is SCIM the right starting point?
		  C.  Is this something the IETF should do?
		  D.  Do we have volunteers to
			(1) edit/author the drafts?
			(2) review the drafts?
11:05 – 11:25	VII Introduction of the charter and discussion (chairs)
11:25 – 11:30	Should we have a WG? (A hum) (Chairs/AD)</pre>
    <br>
  </body>
</html>

--------------040203080807000503020809--

From phil.hunt@oracle.com  Tue Mar 13 15:39:36 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A289121E8028 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 15:39:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.263
X-Spam-Level: 
X-Spam-Status: No, score=-10.263 tagged_above=-999 required=5 tests=[AWL=0.336, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EO7z2bKlnQG5 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 15:39:35 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id B424121E8043 for <scim@ietf.org>; Tue, 13 Mar 2012 15:39:35 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2DMdRXR029241 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 13 Mar 2012 22:39:28 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2DMdQAL020950 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Mar 2012 22:39:27 GMT
Received: from abhmt109.oracle.com (abhmt109.oracle.com [141.146.116.61]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2DMdP08002788; Tue, 13 Mar 2012 17:39:26 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 13 Mar 2012 15:39:25 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset=us-ascii
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <4F5FC804.4080208@cisco.com>
Date: Tue, 13 Mar 2012 15:39:23 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <C7C77AC7-4F4A-4E8E-9B49-68A1A0EB64B3@oracle.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FC804.4080208@cisco.com>
To: Eliot Lear <lear@cisco.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
X-CT-RefId: str=0001.0A090206.4F5FCCA0.008A,ss=1,re=0.000,fgs=0
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 22:39:36 -0000

I believe the JOSE WG recently did it this way.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-13, at 3:19 PM, Eliot Lear wrote:

> Hi Phil,
>=20
> I failed to address a point you made below:
>=20
> On 3/13/12 8:56 PM, Phil Hunt wrote:
>>=20
>>=20
>> It is probably important to site the location of the SCIM 1.0 =
specification which is published externally to IETF as well as the =
re-published drafts under IETF.
>>=20
>=20
> I believe it is important to both cite and acknowledge the earlier =
work, but I don't know that the charter is the right place to do it.  =
This having been said, the charter is one place where we have prominent =
static content.  Pete, what would the IESG want, here?
>=20
> Eliot
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From moransar@cisco.com  Tue Mar 13 21:32:40 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DAF021E8074 for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 21:32:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.222
X-Spam-Level: 
X-Spam-Status: No, score=-10.222 tagged_above=-999 required=5 tests=[AWL=-0.223, BAYES_00=-2.599, J_CHICKENPOX_74=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OCh7rA3nSh0F for <scim@ietfa.amsl.com>; Tue, 13 Mar 2012 21:32:37 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id D919421E8073 for <scim@ietf.org>; Tue, 13 Mar 2012 21:31:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=1953; q=dns/txt; s=iport; t=1331699503; x=1332909103; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to; bh=AI2pBt8J71KZVewJxkkE42RBLtCqKqAIt7fp2Xa2jq4=; b=PnPFKi4Dhq9eH3GWq5UOyYSdmvUnvByVGD1JhHtm9EjL9mMyJ4D9kpnR hG4GotqbIyKTa7/TMlYcxw1OyJFlMliXE971K768h4Cbik8RwvcV7k9HT pPtCTt7uikODljg2iPrpAZzCbHehIhdZKLqTkNKXzlXAdY8Z1/p5OTWfP k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EACQeYE+tJXG9/2dsb2JhbABDtX2BB4IJAQEBBAEBAQ8BHQo0FwQCAQgRBAEBAQoGFwEGASYfCAEIAgQBEggah2gLnRIBnnUEijOFYmMEiFedJYMEgT4
X-IronPort-AV: E=Sophos;i="4.73,582,1325462400"; d="scan'208";a="66271925"
Received: from rcdn-core2-2.cisco.com ([173.37.113.189]) by rcdn-iport-7.cisco.com with ESMTP; 14 Mar 2012 04:31:42 +0000
Received: from xbh-rcd-301.cisco.com (xbh-rcd-301.cisco.com [72.163.63.8]) by rcdn-core2-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2E4VgNm024297;  Wed, 14 Mar 2012 04:31:42 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-301.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Tue, 13 Mar 2012 23:31:42 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 13 Mar 2012 23:31:40 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEDEAC4F@XMB-RCD-313.cisco.com>
In-Reply-To: <20120313210143.9F1B421F85E3@ietfa.amsl.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] FW:  Propose reshape of charter
Thread-Index: AQHNAVw7YpfMEUbcYUy6hHiFfEtBAZZoteNggAB9CtA=
References: <4F5FA213.4000600@cisco.com><B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com><CAA3wLqV=9bcBTNfpWVg1S2NRs4X_T1Yxz7=eCWBxJnQxRwpHjw@mail.gmail.com><20120313202551.79BDF21F860F@ietfa.amsl.com><71B91DB0-7F03-473B-B7F4-3D7E3F020B55@oracle.com><4F5FB543.7090804@stpeter.im> <20120313210143.9F1B421F85E3@ietfa.amsl.com>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Diodati,Mark" <Mark.Diodati@gartner.com>, <scim@ietf.org>
X-OriginalArrivalTime: 14 Mar 2012 04:31:42.0665 (UTC) FILETIME=[5B488390:01CD019B]
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 04:32:41 -0000

I personally don't think I know enough about the multi-target (and use
cases behind it) to decide one way or another. This is why I suggested
Phil to be on the agenda at the BoF and provide use cases and background
info so the WG can decide whether this addition to the charter make
sense or not.


Cheers,
Morteza

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Diodati,Mark
Sent: Tuesday, March 13, 2012 2:02 PM
To: scim@ietf.org
Subject: Re: [scim] FW: Propose reshape of charter

The BoF has been accepted by IETF. The question is, have the BoF members
accepted the request to add multi-target support?

-----Original Message-----
From: Peter Saint-Andre [mailto:stpeter@stpeter.im]
Sent: Tuesday, March 13, 2012 4:00 PM
To: Phil Hunt
Cc: Diodati,Mark; scim@ietf.org
Subject: Re: [scim] FW: Propose reshape of charter

On 3/13/12 2:58 PM, Phil Hunt wrote:
> My understanding is that it has been accepted for the BoF.  Can=20
> someone clarify?

The BoF has been accepted. We're using this list to work out the
specific topics to be discussed, among other things, and the charter is
a big part of that.

Peter

--
Peter Saint-Andre
https://stpeter.im/



________________________________

This e-mail message, including any attachments, is for the sole use of
the person to whom it has been sent, and may contain information that is
confidential or legally protected. If you are not the intended recipient
or have received this message in error, you are not authorized to copy,
distribute, or otherwise use this message or its attachments. Please
notify the sender immediately by return e-mail and permanently delete
this message and any attachments. Gartner makes no warranty that this
e-mail is error or virus free.
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From tonynad@microsoft.com  Wed Mar 14 06:08:47 2012
Return-Path: <tonynad@microsoft.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08FB921F86E8 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:08:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.967
X-Spam-Level: 
X-Spam-Status: No, score=-1.967 tagged_above=-999 required=5 tests=[AWL=1.500,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qsG2yWqOfzKJ for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:08:45 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe006.messaging.microsoft.com [216.32.180.16]) by ietfa.amsl.com (Postfix) with ESMTP id 9151621F86C9 for <scim@ietf.org>; Wed, 14 Mar 2012 06:08:44 -0700 (PDT)
Received: from mail133-va3-R.bigfish.com (10.7.14.237) by VA3EHSOBE004.bigfish.com (10.7.40.24) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 13:08:45 +0000
Received: from mail133-va3 (localhost [127.0.0.1])	by mail133-va3-R.bigfish.com (Postfix) with ESMTP id 76EC432011E	for <scim@ietf.org>; Wed, 14 Mar 2012 13:08:45 +0000 (UTC)
X-SpamScore: -33
X-BigFish: VS-33(zzbb2dI9371Ic89bh936eKc857h98dK14ffO4015I13e6K853kzz1202h1082kzz1033IL8275bh8275dhz2fh2a8h683h839hd25h)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC103.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail133-va3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=tonynad@microsoft.com; helo=TK5EX14MLTC103.redmond.corp.microsoft.com ; icrosoft.com ; 
Received: from mail133-va3 (localhost.localdomain [127.0.0.1]) by mail133-va3 (MessageSwitch) id 1331730521404479_27355; Wed, 14 Mar 2012 13:08:41 +0000 (UTC)
Received: from VA3EHSMHS036.bigfish.com (unknown [10.7.14.252])	by mail133-va3.bigfish.com (Postfix) with ESMTP id 5C84C4200A3	for <scim@ietf.org>; Wed, 14 Mar 2012 13:08:41 +0000 (UTC)
Received: from TK5EX14MLTC103.redmond.corp.microsoft.com (131.107.125.8) by VA3EHSMHS036.bigfish.com (10.7.99.46) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 13:08:39 +0000
Received: from tx2outboundpool.messaging.microsoft.com (157.54.51.81) by mail.microsoft.com (157.54.79.174) with Microsoft SMTP Server (TLS) id 14.2.283.4; Wed, 14 Mar 2012 13:08:35 +0000
Received: from mail31-tx2-R.bigfish.com (10.9.14.242) by TX2EHSOBE006.bigfish.com (10.9.40.26) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 13:08:36 +0000
Received: from mail31-tx2 (localhost [127.0.0.1])	by mail31-tx2-R.bigfish.com (Postfix) with ESMTP id F325213403A4	for <scim@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Wed, 14 Mar 2012 13:08:35 +0000 (UTC)
Received: from mail31-tx2 (localhost.localdomain [127.0.0.1]) by mail31-tx2 (MessageSwitch) id 1331730514368792_18433; Wed, 14 Mar 2012 13:08:34 +0000 (UTC)
Received: from TX2EHSMHS024.bigfish.com (unknown [10.9.14.237])	by mail31-tx2.bigfish.com (Postfix) with ESMTP id 45C6715C0048; Wed, 14 Mar 2012 13:08:34 +0000 (UTC)
Received: from BL2PRD0310HT005.namprd03.prod.outlook.com (157.56.240.21) by TX2EHSMHS024.bigfish.com (10.9.99.124) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 13:08:34 +0000
Received: from BL2PRD0310MB362.namprd03.prod.outlook.com ([169.254.10.177]) by BL2PRD0310HT005.namprd03.prod.outlook.com ([10.255.97.40]) with mapi id 14.16.0123.000; Wed, 14 Mar 2012 13:08:31 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: Eliot Lear <lear@cisco.com>, Phil Hunt <phil.hunt@oracle.com>
Thread-Topic: [scim] Propose reshape of charter
Thread-Index: AQHNAVDYCcrvYOVt8kG1ir+JEsll/pZopA2AgAAYPICAAQc/UA==
Date: Wed, 14 Mar 2012 13:08:30 +0000
Message-ID: <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com>
In-Reply-To: <4F5FBAB1.1020009@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [129.6.252.104]
Content-Type: multipart/alternative; boundary="_000_B26C1EF377CB694EAB6BDDC8E624B6E73C08110EBL2PRD0310MB362_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BL2PRD0310HT005.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%CISCO.COM$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%ORACLE.COM$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%STPETER.IM$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%CS.COLUMBIA.EDU$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14MLTC103.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14MLTC103.redmond.corp.microsoft.com
X-OriginatorOrg: microsoft.com
Cc: "scim@ietf.org" <scim@ietf.org>, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 13:08:47 -0000

--_000_B26C1EF377CB694EAB6BDDC8E624B6E73C08110EBL2PRD0310MB362_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

4oCcbWFuYWdpbmcgdXNlciBpZGVudGl0eSBsaWZlY3ljbGXigJ0NCg0KVGhpcyBpcyBhIGxpdHRs
ZSB0b28gdmFndWUgYXMgdGhlcmUgYXJlIG1hbnkgZGlmZmVyZW50IHZpZXdzIG9uIHdoYXQgdGhl
IGlkZW50aXR5IGxpZmVjeWNsZSBjb25zaXN0cyBvZiwgZW5yb2xsbWVudCwgcHJvb2ZpbmcsIGNy
ZWRlbnRpYWxpbmcsIHVzYWdlLCBtb25pdG9yaW5nLCBldGMuIGFuZCBJIGRvbuKAmXQgYmVsaWV2
ZSB0aGF0IFNDSU0gY292ZXJzIGFsbCB0aGVzZSBhcmVhcyBub3cgb3IgZXZlciB3aWxsDQoNCkZy
b206IHNjaW0tYm91bmNlc0BpZXRmLm9yZyBbbWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9yZ10g
T24gQmVoYWxmIE9mIEVsaW90IExlYXINClNlbnQ6IFR1ZXNkYXksIE1hcmNoIDEzLCAyMDEyIDI6
MjMgUE0NClRvOiBQaGlsIEh1bnQNCkNjOiBzY2ltQGlldGYub3JnOyBQZXRlciBTYWludC1BbmRy
ZTsgU3RldmVuIE0uIEJlbGxvdmluDQpTdWJqZWN0OiBSZTogW3NjaW1dIFByb3Bvc2UgcmVzaGFw
ZSBvZiBjaGFydGVyDQoNCkV2ZXJ5b25lOg0KDQpQbGVhc2Ugdm9pY2UgeW91ciBzdXBwb3J0IG9y
IG9wcG9zaXRpb24gdG8gdGhlIHByb3Bvc2VkIGNoYW5nZSBiZWxvdyAoYW5kIGFueSBvdGhlciBw
cm9wb3NlZCBjaGFuZ2UpIHRoYXQgY29tZXMgdGhyb3VnaC4gIFN0YXRpbmcgV0hZIGhlbHBzIGFk
dmFuY2UgdGhlIGRlYmF0ZS4NCg0KVGhhbmtzLA0KDQpFbGlvdA0KDQpPbiAzLzEzLzEyIDg6NTYg
UE0sIFBoaWwgSHVudCB3cm90ZToNCkVsaW90LA0KDQpJIHByb3Bvc2UgdGhlIGZvbGxvd2luZyBj
aGFuZ2UgdG8gdGhlIFdHIERlc2NyaXB0aW9uOg0KDQpGcm9tOg0KDQpUaGUgU2ltcGxlIENsb3Vk
IElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24gaXMgZGVzaWduZWQgdG8N
Cg0KbWFrZSBtYW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNsZSBpbiBjbG91ZCBiYXNlZCBh
cHBsaWNhdGlvbnMgYW5kDQoNCnNlcnZpY2VzIGVhc2llci4NClRvOg0KDQpUaGUgU2ltcGxlIENs
b3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24gaXMgZGVzaWduZWQg
dG8NCg0KbWFrZSBtYW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNsZSBpbiBvbmUgb3IgbW9y
ZSBhcHBsaWNhdGlvbnMgYW5kDQoNCnNlcnZpY2VzIGVhc2llciBiZXR3ZWVuIGNsaWVudCBvcmdh
bml6YXRpb25zIGFuZCBjbG91ZCBiYXNlZCBzZXJ2aWNlIHByb3ZpZGVycy4NCg0KVGhlIGNoYW5n
ZSBhYm92ZSBpcyBzdWJ0bGUgYnV0IG9mIGNyaXRpY2FsIGltcG9ydGFuY2UgdG8gY2xvdWQgcHJv
dmlkZXJzIChtYW55IHdobyBhcmUgbm90IHlldCBhY3RpdmUgaW4gdGhlIGdyb3VwKSB3aG8gaG9z
dCBtYW55IHNlcnZpY2VzLg0KDQpJdCBpcyBwcm9iYWJseSBpbXBvcnRhbnQgdG8gc2l0ZSB0aGUg
bG9jYXRpb24gb2YgdGhlIFNDSU0gMS4wIHNwZWNpZmljYXRpb24gd2hpY2ggaXMgcHVibGlzaGVk
IGV4dGVybmFsbHkgdG8gSUVURiBhcyB3ZWxsIGFzIHRoZSByZS1wdWJsaXNoZWQgZHJhZnRzIHVu
ZGVyIElFVEYuDQoNClBoaWwNCg0KQGluZGVwZW5kZW50aWQNCnd3dy5pbmRlcGVuZGVudGlkLmNv
bTxodHRwOi8vd3d3LmluZGVwZW5kZW50aWQuY29tPg0KcGhpbC5odW50QG9yYWNsZS5jb208bWFp
bHRvOnBoaWwuaHVudEBvcmFjbGUuY29tPg0KDQoNCg0KDQpPbiAyMDEyLTAzLTEzLCBhdCAxMjoz
NyBQTSwgRWxpb3QgTGVhciB3cm90ZToNCg0KDQpIaSBFdmVyeW9uZSwNCg0KSGF2aW5nIHJlYWQg
aW5wdXRzIGZyb20gdGhpcyBsaXN0LCBJIGFtIHByb3Bvc2luZyBzb21lIGNoYW5nZXMgdG8gdGhl
IGNoYXJ0ZXIuICBNb3N0IG9mIHRoaXMgaXMgZm9ybSBhbmQgbm90IHN1YnN0YW5jZSwgIGJ1dCB0
aGVyZSBhcmUgc29tZSBzdWJzdGFudGlhbCBjaGFuZ2VzLiAgVGhlIHB1cnBvc2Ugb2YgdGhlc2Ug
Y2hhbmdlcyBpcyB0byBicmluZyB0aGUgY2hhcnRlciBpbiBsaW5lIHdpdGggbW9zdCBvZiB0aGUg
b3RoZXJzLiAgQWJzZW50IHRoZXNlIHNvcnQgb2YgY2hhbmdlcywgSSBhbSBub3QgY29uZmlkZW50
IHdlIHdvdWxkIGdldCBhIFdHLiAgRXZlbiB3aXRoIHRoZXNlIGNoYW5nZXMsIG1vcmUgd29yayBp
cyBuZWVkZWQuIGJlY2F1c2Ugd2hhdCBpcyBiZWxvdyBpcyBub3QgY29tcGxldGUuDQoNCldoYXQg
aXMgbWlzc2luZyDigJMgYW5kIGl0J3MgaW1wb3J0YW50IOKAkyAgYXJlIGEgZmV3IGFkZGl0aW9u
YWwgd29yZHMgYWJvdXQgd2h5IHdlIG5lZWQgU0NJTS4gIFdoeSBhcmUgd2UgaG9sZGluZyB0aGUg
ZGFybiBCb0Y/ICBUaGlzIGlzIG5vdCBzb21ldGhpbmcgdGhhdCBjYW4gd2FpdCwgSU1ITywgZm9y
IGFuIEluZm9ybWF0aW9uYWwgZG9jdW1lbnQuICBSYXRoZXIsIGlmIHRoZXJlIGlzIG5vIGNsZWFy
IHN0YXRlbWVudCBvZiB0aGUgcHJvYmxlbSwgSSBkb24ndCBzZWUgaG93IHRoZSBJRVNHIHdvdWxk
IGFwcHJvdmUgYSBXRy4gIFNvIHRoYXQncyB3aGF0IHRoZSBiaWcgWFhYWFhYWCBpcyBiZWxvdy4g
IEkndmUgcHV0IHNvbWUgd29yZHMgaW4sIGJ1dCB0aGV5IGFyZSB0aGVyZSB0byBkZW1vbnN0cmF0
ZSB0aGUgcG9pbnQuICBQTEVBU0UgcHJvcG9zZSB0ZXh0Lg0KDQpJbiBhZGRpdGlvbiwgbXkgcmV3
b3JkaW5nIGlzLCBpbiBzb21lIHBsYWNlcywgZ2VuZXJpYy4gIEkgd291bGQgc3VnZ2VzdCB0aGF0
IG1vcmUgdGltZSBiZSBzcGVudCBvbiB3aGF0IHdlIHdpbGwg4oCTIGFuZCBhcyBpbXBvcnRhbnRs
eSDigJMgIFdPTidUIGRvLiAgQSBnb29kIGNoYXJ0ZXIgd2lsbCBzY29wZSBvdXQgbW9yZS4gIFdo
YXQgYXJlIHRoZSBjcml0aWNhbCBmdW5jdGlvbnMgdGhhdCBuZWVkIHRvIGJlIGRvbmUgbm93PyAg
SWYgd2UgbGVhdmUgaXQgd2lkZSBvcGVuLCB0aGVuIHdlIHJ1biB0aGUgcmlzayBvZiBwZW9wbGUg
c2hvdmVsaW5nIHRvbyBtdWNoIGluLCBvciBibG9ja2luZyBvbiBob3cgdG8gZGVjaWRlIHdoZXJl
IHRvIGhvbGQgdGhlIGxpbmUgYW5kIHdhaXQgdGlsIHRoZSBuZXh0IHJvdW5kLiAgU28sIGZvciBp
bnN0YW5jZSwgaG93IHdpbGwgd2Uga2VlcCB0aGUgc2NoZW1hIGZyb20gYmxvYXRpbmc/ICBSaW5z
ZSBhbmQgcmVwZWF0IHdpdGggcHJvdG9jb2wgb3BlcmF0aW9ucy4NCg0KSW4gYWRkaXRpb24sIGl0
IGlzIG15IGFudGljaXBhdGlvbiB0aGF0IHNob3J0bHkgYmVmb3JlIOKAkyBvciB2ZXJ5IHF1aWNr
bHkgYWZ0ZXIg4oCTIG91ciBCb0YsIEludGVybmV0LURyYWZ0cyB3aWxsIGJlIHBvc3RlZCBvZiB0
aGUgaW5pdGlhbCBzcGVjaWZpY2F0aW9ucy4gIFRodXMgeW91IHNlZSBkcmFmdC1YWFggYmVsb3cu
ICBXaGlsZSB0aGUgY2hhcnRlciBuZWVkIG5vdCDigJMgYW5kIGNhbm5vdCDigJMgYmUgY29tcGxl
dGVseSBmaW5pc2hlZCBiZWZvcmUgdGhlIEJvRiwgd2Ugc2hvdWxkIGhhdmUgaXQgYXMgY2xvc2Ug
YXMgcG9zc2libGUuDQoNCg0KUGxlYXNlIGNvbW1lbnQgbm93IG9uIHRoZXNlIGNoYW5nZXMgYW5k
IGFueSBhZGRpdGlvbmFsIGNoYW5nZXMgeW91IHdvdWxkIGxpa2UgdG8gc2VlLg0KDQpTaW1wbGUg
Q2xvdWQgSWRlbnRpdHkgTWFuYWdlbWVudCAoU0NJTSkNCkNoYWlyKHMpOiBUQkQNCg0KQXBwbGlj
YXRpb25zIEFyZWEgRGlyZWN0b3Iocyk6DQoNCiAgICAgUGV0ZSBSZXNuaWNrIDxwcmVzbmlja0Bx
dWFsY29tbS5jb208bWFpbHRvOnByZXNuaWNrQHF1YWxjb21tLmNvbT4+DQoNCiAgICAgQmFycnkg
TGllYmEgPD8/Pz4NCg0KTWFpbGluZyBMaXN0czoNCg0KICAgICBHZW5lcmFsIERpc2N1c3Npb246
IHNjaW1AaWV0Zi5vcmc8bWFpbHRvOnNjaW1AaWV0Zi5vcmc+DQoNCiAgICAgVG8gU3Vic2NyaWJl
OiBodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NjaW0NCg0KICAgICBBcmNo
aXZlOiAgICAgIGh0dHA6Ly93d3cuaWV0Zi5vcmcvbWFpbC1hcmNoaXZlL3dlYi9zY2ltL2N1cnJl
bnQvbWFpbGxpc3QuaHRtbA0KDQoNCg0KRGVzY3JpcHRpb24gb2YgV29ya2luZyBHcm91cDoNCg0K
VGhlIFNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50IChTQ0lNKSBzcGVjaWZpY2F0aW9u
IGlzIGRlc2lnbmVkIHRvDQoNCm1ha2UgbWFuYWdpbmcgdXNlciBpZGVudGl0eSBsaWZlY3ljbGUg
aW4gY2xvdWQgYmFzZWQgYXBwbGljYXRpb25zIGFuZA0KDQpzZXJ2aWNlcyBlYXNpZXIuDQoNCg0K
DQpYWFhYWFhYDQoNCg0KDQpTby1jYWxsZWQgQ1JlYXRlIFVwZGF0ZSBEZWxldGUgKENSVUQpIHBy
b3Zpc2lvbmluZyBvcGVyYXRpb25zIGFyZSBvZnRlbg0KDQpuZWNlc3NhcnkgdG8gZWFzZSBhZG9w
dGlvbiBvZiBuZXcgc2VydmljZXMuICBUaGlzIHdvcmsgYnVpbGRzIG9uIHRvb2xzDQoNCnN1Y2gg
YXMgbGRhcCBhbmQgU0FNTCAyLjAsIHdoaWNoIGFyZSB1c2VkIHRvIHByb3ZpZGUgdXAtdG8tZGF0
ZSBpbmZvcm1hdGlvbi4NCg0KU0NJTSBmb2N1c2VzIG9uIHRoZSBjYXNlIHdoZXJlIGFuIGVudGVy
cHJpc2UncyBsZGFwIHNlcnZpY2UgbWF5IG5vdCBiZQ0KDQphdmFpbGFibGUgdG8gdGhlIHByb3Zp
ZGVyLCBhbmQgU0FNTCBjYW5ub3QgcHJvdmlkZSBzdWZmaWNpZW50IGNvbnRleHQgZm9yIHRoZQ0K
DQpzZXJ2aWNlLiAgQW4gZXhhbXBsZSB3b3VsZCBiZSB0aGUgcHJvdmlzaW9uaW5nIG9mIGFuIG9m
IGFuIEVNYWlsIGFjY291bnQgc28NCg0KdGhhdCBpdCBjYW4gcmVjZWl2ZSBtYWlsIGJlZm9yZSB0
aGUgcGVyc29uIGhhcyBmaXJzdCBsb2dnZWQgaW4uDQoNCg0KDQpYWFhYWFhYWA0KDQpUaGUgc3Bl
Y2lmaWNhdGlvbiBzdWl0ZSBzZWVrcyB0byBidWlsZCB1cG9uIGV4cGVyaWVuY2Ugd2l0aCBleGlz
dGluZw0KDQpzY2hlbWFzIGFuZCBkZXBsb3ltZW50cywgcGxhY2luZyBzcGVjaWZpYyBlbXBoYXNp
cyBvbiBzaW1wbGljaXR5IG9mDQoNCmRldmVsb3BtZW50IGFuZCBpbnRlZ3JhdGlvbiwgd2hpbGUg
YXBwbHlpbmcgZXhpc3RpbmcgYXV0aGVudGljYXRpb24sDQoNCmF1dGhvcml6YXRpb24sIGFuZCBw
cml2YWN5IG1vZGVscy4gSXRzIGludGVudCBpcyB0byByZWR1Y2UgdGhlIGNvc3QgYW5kDQoNCmNv
bXBsZXhpdHkgb2YgdXNlciBtYW5hZ2VtZW50IG9wZXJhdGlvbnMgYnkgcHJvdmlkaW5nIGEgY29t
bW9uIHVzZXINCg0Kc2NoZW1hIGFuZCBleHRlbnNpb24gbW9kZWwsIGFzIHdlbGwgYXMgYmluZGlu
ZyBkb2N1bWVudHMgdG8gcHJvdmlkZQ0KDQpwYXR0ZXJucyBmb3IgZXhjaGFuZ2luZyB0aGlzIHNj
aGVtYSB1c2luZyBzdGFuZGFyZCBwcm90b2NvbHMuIEluDQoNCmFkZGl0aW9uIHRoZSB3b3JraW5n
IGdyb3VwIG1heSBjb25zaWRlciBpbmNsdWRpbmcgbWFuYWdpbmcgZGV2aWNlDQoNCmlkZW50aXRp
ZXMgYXMgcGFydCBvZiB0aGUgd29yayBhZG9wdGVkIGJ5IHRoZSB3b3JraW5nIGdyb3VwLg0KDQpU
aGUgZ3JvdXAgd2lsbCB1c2UgYXMgc3RhcnRpbmcgcG9pbnRzIHRoZSBmb2xsb3dpbmcgZHJhZnRz
IGluDQoNCnRoZSBmb2xsb3dpbmcgd2F5czoNCg0KDQoNCiAgICAgICAgZHJhZnQtWFhYLXNjaW0t
c2NoZW1hLTAwIGFzIHRoZSBhIHNjaGVtYSBzcGVjaWZpY2F0aW9uLA0KDQogICAgICAgIGRyYWZ0
LVhYWC1zY2ltLXByb3RvY29sLWRlZmluaXRpb24tMDAgYXMgdGhlIHByb3RvY29sIHNwZWNpZmlj
YXRpb24sDQoNCiAgICAgICAgZHJhZnQtWFhYLXNjaW0tc2FtbC1iaW5kaW5nLTAwIGZvciBiaW5k
aW5nIHRoZSBTQ0lNIHNjaGVtYSB0byBTQU1MLCBhbmQNCg0KICAgICAgICBkcmFmdC1YWFgtc2Np
bS1sZGFwLWJpbmRpbmctMDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1hIHRvIExEQVAuDQoN
Cg0KDQpUaGVzZSBkcmFmdHMgYXJlIGJhc2VkIG9uIGV4aXN0aW5nIHNwZWNpZmljYXRpb25zLiB3
aGljaCB0b2dldGhlciBhcmUgY29tbW9ubHkNCg0Ka25vd24gYXMgU0NJTSAxLjAuICBBcyBzdWNo
LCBzb21lIGNvbnNpZGVyYXRpb24gc2hvdWxkIGJlIGdpdmVuIGZvciBiYWNrd2FyZA0KDQpjb21w
YXRpYmlsaXR5LCBhcyB0aGUgZ3JvdXAgZXZvbHZlcyB0aGUgd29yay4gIFRoaXMgZ3JvdXAgd2ls
bCBjb25zaWRlciwNCg0KZm9yIGFuZCBmb3JlbW9zdCwgdGhlIG9wZXJhdGlvbmFsIGV4cGVyaWVu
Y2UgZ2F0aGVyZWQgZnJvbSB0aGUgZXhpc3Rpbmcgd29yay4NCg0KVGhlIGdyb3VwIHdpbGwgYWxz
byBjb25zaWRlciBleHBlcmllbmNlcyB3aXRoIHdvcmsgZG9uZSBieSBvdGhlciBib2RpZXMsIGlu
Y2x1ZGluZw0KDQp0aGUgT0FTSVMgUHJvdmlzaW9uaW5nIFRDLg0KDQoNCg0KVGhlIGdyb3VwIHdp
bGwgcHJvZHVjZSBQcm9wb3NlZCBTdGFuZGFyZHMgZm9yIGEgc2NoZW1hLCBhIHByb3RvY29sLA0K
DQphIFNBTUwgYmluZGluZywgYW5kIGFuIExEQVAgYmluZGluZy4gIEluIGRvaW5nIHNvLCB0aGUg
Z3JvdXAgd2lsbCBtYWtlDQoNCmNvbnNpc3RlbnQgdGhlIHRlcm1pbm9sb2d5LCByZXZpZXcgYW5k
IGltcHJvdmUgc2VjdXJpdHkgb2YgdGhlIG92ZXJhbGwgc3lzdGVtLA0KDQppZGVudGlmeSBhbnkg
ZnVuY3Rpb25hbCBnYXBzIHRoYXQgd291bGQgYmUgdXNlZnVsIGZ1dHVyZSB3b3JrLCBhZGRyZXNz
DQoNCmludGVybmF0aW9uYWxpemF0aW9uLCBhbmQgcHJvdmlkZSBndWlkZWxpbmVzIGZvciBleHRl
bnNpYmlsaXR5IChlaXRoZXIgdGhyb3VnaA0KDQpJQU5BIHJlZ2lzdHJpZXMgb3Igb3RoZXIgbWVh
bnMpLg0KDQoNCg0KSW4gaXRzIHdvcmssIHRoZSBncm91cCB3aWxsIGRlY2lkZSB3aGF0IGFkZGl0
aW9uYWwgY2FwYWJpbGl0aWVzIHNob3VsZCBiZQ0KDQppbmNsdWRlZCBpbiB0aGUgaW5pdGlhbCBz
cGVjaWZpY2F0aW9uLCBhbmQgd2hhdCBjYW4gYmUgYWRkcmVzc2VkIGF0IGEgbGF0ZXIgdGltZS4N
Cg0KDQoNCkhvd2V2ZXIsIHVzZXIsIGRldmljZSwgYW5kIHNlcnZpY2UgYXV0aGVudGljYXRpb24g
YW5kIGF1dGhvcml6YXRpb24NCg0KKHBvbGljeS9lbnRpdGxlbWVudCkgYXJlIG91dCBvZiBzY29w
ZSBmb3IgdGhpcyB3b3JraW5nIGdyb3VwLg0KDQoNCg0KTWlsZXN0b25lcw0KDQoNCg0KNS8yMDEy
ICAgIEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSBjb3JlIHNjaGVtYQ0KDQo1LzIwMTIgICAgSW5p
dGlhbCBhZG9wdGlvbiBvZiBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNlIGRyYWZ0DQoNCjUvMjAxMiAg
ICBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0gU0FNTCBiaW5kaW5ncyBkcmFmdA0KDQo1LzIwMTIg
ICAgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIExEQVAgbWFwcGluZyBkcmFmdA0KDQo5LzIwMTIg
ICAgV0dMQyBTQ0lNIGNvcmUgc2NoZW1hDQoNCjkvMjAxMiAgICBXR0xDIFNDSU0gcmVzdGZ1bCBp
bnRlcmZhY2UNCg0KOS8yMDEyICAgIFdHTEMgU0NJTSBTQU1MIGJpbmRpbmdzDQoNCjkvMjAxMiAg
ICBXR0xDIFNDSU0gTERBUCBtYXBwaW5nDQoNCjMvMjAxMyAgICBSZS1jaGFydGVyIGRpc2N1c3Np
b24NCg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0K
c2NpbSBtYWlsaW5nIGxpc3QNCnNjaW1AaWV0Zi5vcmc8bWFpbHRvOnNjaW1AaWV0Zi5vcmc+DQpo
dHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NjaW0NCg0K

--_000_B26C1EF377CB694EAB6BDDC8E624B6E73C08110EBL2PRD0310MB362_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj
cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv
VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg
Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv
ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTQgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl
PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6
SGVsdmV0aWNhOw0KCXBhbm9zZS0xOjIgMTEgNiA0IDIgMiAyIDIgMiA0O30NCkBmb250LWZhY2UN
Cgl7Zm9udC1mYW1pbHk6SGVsdmV0aWNhOw0KCXBhbm9zZS0xOjIgMTEgNiA0IDIgMiAyIDIgMiA0
O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUg
MiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OlRhaG9tYTsNCglwYW5v
c2UtMToyIDExIDYgNCAzIDUgNCA0IDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OkNv
bnNvbGFzOw0KCXBhbm9zZS0xOjIgMTEgNiA5IDIgMiA0IDMgMiA0O30NCi8qIFN0eWxlIERlZmlu
aXRpb25zICovDQpwLk1zb05vcm1hbCwgbGkuTXNvTm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21h
cmdpbjowaW47DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJ
Zm9udC1mYW1pbHk6IlRpbWVzIE5ldyBSb21hbiIsInNlcmlmIjsNCgljb2xvcjpibGFjazt9DQph
OmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xv
cjpibHVlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1z
b0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJw
bGU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwcmUNCgl7bXNvLXN0eWxlLXByaW9y
aXR5Ojk5Ow0KCW1zby1zdHlsZS1saW5rOiJIVE1MIFByZWZvcm1hdHRlZCBDaGFyIjsNCgltYXJn
aW46MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTAuMHB0Ow0KCWZv
bnQtZmFtaWx5OiJDb3VyaWVyIE5ldyI7DQoJY29sb3I6YmxhY2s7fQ0KcC5Nc29BY2V0YXRlLCBs
aS5Nc29BY2V0YXRlLCBkaXYuTXNvQWNldGF0ZQ0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJ
bXNvLXN0eWxlLWxpbms6IkJhbGxvb24gVGV4dCBDaGFyIjsNCgltYXJnaW46MGluOw0KCW1hcmdp
bi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6OC4wcHQ7DQoJZm9udC1mYW1pbHk6IlRhaG9t
YSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOmJsYWNrO30NCnNwYW4uYXBwbGUtc3R5bGUtc3Bhbg0K
CXttc28tc3R5bGUtbmFtZTphcHBsZS1zdHlsZS1zcGFuO30NCnNwYW4uSFRNTFByZWZvcm1hdHRl
ZENoYXINCgl7bXNvLXN0eWxlLW5hbWU6IkhUTUwgUHJlZm9ybWF0dGVkIENoYXIiOw0KCW1zby1z
dHlsZS1wcmlvcml0eTo5OTsNCgltc28tc3R5bGUtbGluazoiSFRNTCBQcmVmb3JtYXR0ZWQiOw0K
CWZvbnQtZmFtaWx5OkNvbnNvbGFzOw0KCWNvbG9yOmJsYWNrO30NCnNwYW4uQmFsbG9vblRleHRD
aGFyDQoJe21zby1zdHlsZS1uYW1lOiJCYWxsb29uIFRleHQgQ2hhciI7DQoJbXNvLXN0eWxlLXBy
aW9yaXR5Ojk5Ow0KCW1zby1zdHlsZS1saW5rOiJCYWxsb29uIFRleHQiOw0KCWZvbnQtZmFtaWx5
OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjpibGFjazt9DQpzcGFuLkVtYWlsU3R5bGUy
Mg0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25hbC1yZXBseTsNCglmb250LWZhbWlseToiQ2FsaWJy
aSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNv
LXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJZm9udC1zaXplOjEwLjBwdDt9DQpAcGFnZSBXb3Jk
U2VjdGlvbjENCgl7c2l6ZTo4LjVpbiAxMS4waW47DQoJbWFyZ2luOjEuMGluIDEuMGluIDEuMGlu
IDEuMGluO30NCmRpdi5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLS0+PC9z
dHlsZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVk
aXQiIHNwaWRtYXg9IjEwMjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28g
OV0+PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJl
ZGl0IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPg0KPC9o
ZWFkPg0KPGJvZHkgYmdjb2xvcj0id2hpdGUiIGxhbmc9IkVOLVVTIiBsaW5rPSJibHVlIiB2bGlu
az0icHVycGxlIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9y
bWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxp
YnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+4oCcPC9zcGFu
Pm1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xl4oCdDQo8bzpwPjwvbzpwPjwvcD4NCjxw
IGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05v
cm1hbCI+VGhpcyBpcyBhIGxpdHRsZSB0b28gdmFndWUgYXMgdGhlcmUgYXJlIG1hbnkgZGlmZmVy
ZW50IHZpZXdzIG9uIHdoYXQgdGhlIGlkZW50aXR5IGxpZmVjeWNsZSBjb25zaXN0cyBvZiwgZW5y
b2xsbWVudCwgcHJvb2ZpbmcsIGNyZWRlbnRpYWxpbmcsIHVzYWdlLCBtb25pdG9yaW5nLCBldGMu
IGFuZCBJIGRvbuKAmXQgYmVsaWV2ZSB0aGF0IFNDSU0gY292ZXJzIGFsbCB0aGVzZSBhcmVhcyBu
b3cgb3IgZXZlciB3aWxsPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh
biBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7
LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+PG86cD4mbmJzcDs8L286cD48
L3NwYW4+PC9wPg0KPGRpdj4NCjxkaXYgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci10b3A6c29s
aWQgI0I1QzRERiAxLjBwdDtwYWRkaW5nOjMuMHB0IDBpbiAwaW4gMGluIj4NCjxwIGNsYXNzPSJN
c29Ob3JtYWwiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZx
dW90O1RhaG9tYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOndpbmRvd3RleHQi
PkZyb206PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWls
eTomcXVvdDtUYWhvbWEmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjp3aW5kb3d0
ZXh0Ij4gc2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3Jn
XQ0KPGI+T24gQmVoYWxmIE9mIDwvYj5FbGlvdCBMZWFyPGJyPg0KPGI+U2VudDo8L2I+IFR1ZXNk
YXksIE1hcmNoIDEzLCAyMDEyIDI6MjMgUE08YnI+DQo8Yj5Ubzo8L2I+IFBoaWwgSHVudDxicj4N
CjxiPkNjOjwvYj4gc2NpbUBpZXRmLm9yZzsgUGV0ZXIgU2FpbnQtQW5kcmU7IFN0ZXZlbiBNLiBC
ZWxsb3Zpbjxicj4NCjxiPlN1YmplY3Q6PC9iPiBSZTogW3NjaW1dIFByb3Bvc2UgcmVzaGFwZSBv
ZiBjaGFydGVyPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNz
PSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+
RXZlcnlvbmU6PGJyPg0KPGJyPg0KUGxlYXNlIHZvaWNlIHlvdXIgc3VwcG9ydCBvciBvcHBvc2l0
aW9uIHRvIHRoZSBwcm9wb3NlZCBjaGFuZ2UgYmVsb3cgKGFuZCBhbnkgb3RoZXIgcHJvcG9zZWQg
Y2hhbmdlKSB0aGF0IGNvbWVzIHRocm91Z2guJm5ic3A7IFN0YXRpbmcgV0hZIGhlbHBzIGFkdmFu
Y2UgdGhlIGRlYmF0ZS48YnI+DQo8YnI+DQpUaGFua3MsPGJyPg0KPGJyPg0KRWxpb3Q8YnI+DQo8
YnI+DQpPbiAzLzEzLzEyIDg6NTYgUE0sIFBoaWwgSHVudCB3cm90ZTogPG86cD48L286cD48L3A+
DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xh
c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZx
dW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7Ij5FbGlvdCw8bzpwPjwvbzpwPjwvc3Bhbj48L3A+
DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1m
YW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPjxvOnA+
Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt
YWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7
c2Fucy1zZXJpZiZxdW90OyI+SSBwcm9wb3NlIHRoZSBmb2xsb3dpbmcgY2hhbmdlIHRvIHRoZSBX
RyBEZXNjcmlwdGlvbjo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBj
bGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNh
JnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwv
cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250
LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+RnJv
bTo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8YmxvY2txdW90ZSBzdHls
ZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8cHJlPlRo
ZSBTaW1wbGUgQ2xvdWQgSWRlbnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBp
cyBkZXNpZ25lZCB0byA8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5tYWtlIG1hbmFnaW5nIHVzZXIg
aWRlbnRpdHkgbGlmZWN5Y2xlIGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9ucyBhbmQgPG86cD48
L286cD48L3ByZT4NCjxwcmU+c2VydmljZXMgZWFzaWVyLjxvOnA+PC9vOnA+PC9wcmU+DQo8L2Rp
dj4NCjwvYmxvY2txdW90ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls
ZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVv
dDsiPlRvOjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8ZGl2Pg0KPGJs
b2NrcXVvdGUgc3R5bGU9Im1hcmdpbi10b3A6NS4wcHQ7bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8
ZGl2Pg0KPHByZT5UaGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNw
ZWNpZmljYXRpb24gaXMgZGVzaWduZWQgdG8gPG86cD48L286cD48L3ByZT4NCjxwcmU+bWFrZSBt
YW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNsZSBpbiBvbmUgb3IgbW9yZSBhcHBsaWNhdGlv
bnMgYW5kIDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPnNlcnZpY2VzIGVhc2llciBiZXR3ZWVuIGNs
aWVudCBvcmdhbml6YXRpb25zIGFuZCBjbG91ZCBiYXNlZCBzZXJ2aWNlIHByb3ZpZGVycy48bzpw
PjwvbzpwPjwvcHJlPg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z
b05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90Oywm
cXVvdDtzYW5zLXNlcmlmJnF1b3Q7Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rp
dj4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250
LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+VGhl
IGNoYW5nZSBhYm92ZSBpcyBzdWJ0bGUgYnV0IG9mIGNyaXRpY2FsIGltcG9ydGFuY2UgdG8gY2xv
dWQgcHJvdmlkZXJzIChtYW55IHdobyBhcmUgbm90IHlldCBhY3RpdmUgaW4gdGhlIGdyb3VwKSB3
aG8gaG9zdCBtYW55IHNlcnZpY2VzLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRp
dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtI
ZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+PG86cD4mbmJzcDs8L286cD48
L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5
bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1
b3Q7Ij5JdCBpcyBwcm9iYWJseSBpbXBvcnRhbnQgdG8gc2l0ZSB0aGUgbG9jYXRpb24gb2YgdGhl
IFNDSU0gMS4wIHNwZWNpZmljYXRpb24gd2hpY2ggaXMgcHVibGlzaGVkIGV4dGVybmFsbHkgdG8g
SUVURiBhcyB3ZWxsIGFzIHRoZSByZS1wdWJsaXNoZWQgZHJhZnRzIHVuZGVyIElFVEYuPG86cD48
L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw
YW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNl
cmlmJnF1b3Q7Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8
cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0
aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPlBoaWw8bzpwPjwvbzpwPjwvc3Bhbj48
L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9u
dC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5z
LXNlcmlmJnF1b3Q7Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+
DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQt
ZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7Ij5AaW5k
ZXBlbmRlbnRpZDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNz
PSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1
b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPjxhIGhyZWY9Imh0dHA6
Ly93d3cuaW5kZXBlbmRlbnRpZC5jb20iPnd3dy5pbmRlcGVuZGVudGlkLmNvbTwvYT48bzpwPjwv
bzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNz
PSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjEyLjBwdCI+PHNwYW4gc3R5bGU9ImZv
bnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7Ij48
YSBocmVmPSJtYWlsdG86cGhpbC5odW50QG9yYWNsZS5jb20iPnBoaWwuaHVudEBvcmFjbGUuY29t
PC9hPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+
PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5z
LXNlcmlmJnF1b3Q7Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2Em
cXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+PGJyPg0KPGJyPg0KPC9zcGFuPjxvOnA+PC9v
OnA+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv
cD4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+T24gMjAxMi0wMy0xMywgYXQg
MTI6MzcgUE0sIEVsaW90IExlYXIgd3JvdGU6PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiPjxicj4NCjxicj4NCjxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjEyLjBwdCI+SGkgRXZlcnlvbmUs
PGJyPg0KPGJyPg0KSGF2aW5nIHJlYWQgaW5wdXRzIGZyb20gdGhpcyBsaXN0LCBJIGFtIHByb3Bv
c2luZyBzb21lIGNoYW5nZXMgdG8gdGhlIGNoYXJ0ZXIuJm5ic3A7IE1vc3Qgb2YgdGhpcyBpcyBm
b3JtIGFuZCBub3Qgc3Vic3RhbmNlLCZuYnNwOyBidXQgdGhlcmUgYXJlIHNvbWUgc3Vic3RhbnRp
YWwgY2hhbmdlcy4mbmJzcDsgVGhlIHB1cnBvc2Ugb2YgdGhlc2UgY2hhbmdlcyBpcyB0byBicmlu
ZyB0aGUgY2hhcnRlciBpbiBsaW5lIHdpdGggbW9zdCBvZiB0aGUgb3RoZXJzLiZuYnNwOyBBYnNl
bnQgdGhlc2UNCiBzb3J0IG9mIGNoYW5nZXMsIEkgYW0gbm90IGNvbmZpZGVudCB3ZSB3b3VsZCBn
ZXQgYSBXRy4mbmJzcDsgRXZlbiB3aXRoIHRoZXNlIGNoYW5nZXMsIG1vcmUgd29yayBpcyBuZWVk
ZWQuIGJlY2F1c2Ugd2hhdCBpcyBiZWxvdyBpcyBub3QgY29tcGxldGUuPGJyPg0KPGJyPg0KV2hh
dCBpcyBtaXNzaW5nIOKAkyA8Yj5hbmQgaXQncyBpbXBvcnRhbnQg4oCTJm5ic3A7PC9iPiBhcmUg
YSBmZXcgYWRkaXRpb25hbCB3b3JkcyBhYm91dCB3aHkgd2UgbmVlZCBTQ0lNLiZuYnNwOyBXaHkg
YXJlIHdlIGhvbGRpbmcgdGhlIGRhcm4gQm9GPyZuYnNwOyBUaGlzIGlzIG5vdCBzb21ldGhpbmcg
dGhhdCBjYW4gd2FpdCwgSU1ITywgZm9yIGFuIEluZm9ybWF0aW9uYWwgZG9jdW1lbnQuJm5ic3A7
IFJhdGhlciwgaWYgdGhlcmUgaXMgbm8gY2xlYXIgc3RhdGVtZW50IG9mIHRoZSBwcm9ibGVtLA0K
IEkgZG9uJ3Qgc2VlIGhvdyB0aGUgSUVTRyB3b3VsZCBhcHByb3ZlIGEgV0cuJm5ic3A7IFNvIHRo
YXQncyB3aGF0IHRoZSBiaWcgWFhYWFhYWCBpcyBiZWxvdy4mbmJzcDsgSSd2ZSBwdXQgc29tZSB3
b3JkcyBpbiwgYnV0IHRoZXkgYXJlIHRoZXJlIHRvIGRlbW9uc3RyYXRlIHRoZSBwb2ludC4mbmJz
cDsgUExFQVNFIHByb3Bvc2UgdGV4dC48YnI+DQo8YnI+DQpJbiBhZGRpdGlvbiwgbXkgcmV3b3Jk
aW5nIGlzLCBpbiBzb21lIHBsYWNlcywgZ2VuZXJpYy4mbmJzcDsgSSB3b3VsZCBzdWdnZXN0IHRo
YXQgbW9yZSB0aW1lIGJlIHNwZW50IG9uIHdoYXQgd2Ugd2lsbCDigJMgYW5kIGFzIGltcG9ydGFu
dGx5IOKAkyZuYnNwOyBXT04nVCBkby4mbmJzcDsgQSBnb29kIGNoYXJ0ZXIgd2lsbCBzY29wZSBv
dXQgbW9yZS4mbmJzcDsgV2hhdCBhcmUgdGhlIGNyaXRpY2FsIGZ1bmN0aW9ucyB0aGF0IG5lZWQg
dG8gYmUgZG9uZQ0KPGI+bm93PC9iPj8mbmJzcDsgSWYgd2UgbGVhdmUgaXQgd2lkZSBvcGVuLCB0
aGVuIHdlIHJ1biB0aGUgcmlzayBvZiBwZW9wbGUgc2hvdmVsaW5nIHRvbyBtdWNoIGluLCBvciBi
bG9ja2luZyBvbiBob3cgdG8gZGVjaWRlIHdoZXJlIHRvIGhvbGQgdGhlIGxpbmUgYW5kIHdhaXQg
dGlsIHRoZSBuZXh0IHJvdW5kLiZuYnNwOyBTbywgZm9yIGluc3RhbmNlLCBob3cgd2lsbCB3ZSBr
ZWVwIHRoZSBzY2hlbWEgZnJvbSBibG9hdGluZz8mbmJzcDsgUmluc2UgYW5kIHJlcGVhdCB3aXRo
DQogcHJvdG9jb2wgb3BlcmF0aW9ucy48YnI+DQo8YnI+DQpJbiBhZGRpdGlvbiwgaXQgaXMgbXkg
YW50aWNpcGF0aW9uIHRoYXQgc2hvcnRseSBiZWZvcmUg4oCTIG9yIHZlcnkgcXVpY2tseSBhZnRl
ciDigJMgb3VyIEJvRiwgSW50ZXJuZXQtRHJhZnRzIHdpbGwgYmUgcG9zdGVkIG9mIHRoZSBpbml0
aWFsIHNwZWNpZmljYXRpb25zLiZuYnNwOyBUaHVzIHlvdSBzZWUgZHJhZnQtWFhYIGJlbG93LiZu
YnNwOyBXaGlsZSB0aGUgY2hhcnRlciBuZWVkIG5vdCDigJMgYW5kIGNhbm5vdCDigJMgYmUgY29t
cGxldGVseSBmaW5pc2hlZCBiZWZvcmUgdGhlDQogQm9GLCB3ZSBzaG91bGQgaGF2ZSBpdCBhcyBj
bG9zZSBhcyBwb3NzaWJsZS48YnI+DQo8YnI+DQo8YnI+DQpQbGVhc2UgY29tbWVudCBub3cgb24g
dGhlc2UgY2hhbmdlcyBhbmQgYW55IGFkZGl0aW9uYWwgY2hhbmdlcyB5b3Ugd291bGQgbGlrZSB0
byBzZWUuPG86cD48L286cD48L3A+DQo8cHJlPlNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2Vt
ZW50IChTQ0lNKTxvOnA+PC9vOnA+PC9wcmU+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBz
dHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q291cmllciBOZXcmcXVvdDsiPkNoYWlyKHMpOiBUQkQ8
L3NwYW4+DQo8bzpwPjwvbzpwPjwvcD4NCjxwcmU+QXBwbGljYXRpb25zIEFyZWEgRGlyZWN0b3Io
cyk6PG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7Jm5ic3A7Jm5ic3A7ICZuYnNwO1BldGUg
UmVzbmljayAmbHQ7PGEgaHJlZj0ibWFpbHRvOnByZXNuaWNrQHF1YWxjb21tLmNvbSI+cHJlc25p
Y2tAcXVhbGNvbW0uY29tPC9hPiZndDsgPG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7Jm5i
c3A7Jm5ic3A7Jm5ic3A7IEJhcnJ5IExpZWJhICZsdDs/Pz8mZ3Q7IDxvOnA+PC9vOnA+PC9wcmU+
DQo8cHJlPk1haWxpbmcgTGlzdHM6PG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7Jm5ic3A7
Jm5ic3A7Jm5ic3A7IEdlbmVyYWwgRGlzY3Vzc2lvbjogPGEgaHJlZj0ibWFpbHRvOnNjaW1AaWV0
Zi5vcmciPnNjaW1AaWV0Zi5vcmc8L2E+PG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7Jm5i
c3A7Jm5ic3A7Jm5ic3A7IFRvIFN1YnNjcmliZTogPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5v
cmcvbWFpbG1hbi9saXN0aW5mby9zY2ltIj5odHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xp
c3RpbmZvL3NjaW08L2E+PG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7Jm5ic3A7Jm5ic3A7
Jm5ic3A7IEFyY2hpdmU6Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IDxhIGhyZWY9Imh0
dHA6Ly93d3cuaWV0Zi5vcmcvbWFpbC1hcmNoaXZlL3dlYi9zY2ltL2N1cnJlbnQvbWFpbGxpc3Qu
aHRtbCI+aHR0cDovL3d3dy5pZXRmLm9yZy9tYWlsLWFyY2hpdmUvd2ViL3NjaW0vY3VycmVudC9t
YWlsbGlzdC5odG1sPC9hPjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPiZuYnNwOzxvOnA+PC9vOnA+
PC9wcmU+DQo8cHJlPkRlc2NyaXB0aW9uIG9mIFdvcmtpbmcgR3JvdXA6PG86cD48L286cD48L3By
ZT4NCjxwcmU+VGhlIFNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50IChTQ0lNKSBzcGVj
aWZpY2F0aW9uIGlzIGRlc2lnbmVkIHRvIDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPm1ha2UgbWFu
YWdpbmcgdXNlciBpZGVudGl0eSBsaWZlY3ljbGUgaW4gY2xvdWQgYmFzZWQgYXBwbGljYXRpb25z
IGFuZCA8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5zZXJ2aWNlcyBlYXNpZXIuPG86cD48L286cD48
L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjxwcmU+WFhYWFhYWDxvOnA+PC9v
OnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+DQo8cHJlPlNvLWNhbGxlZCBD
UmVhdGUgVXBkYXRlIERlbGV0ZSAoQ1JVRCkgcHJvdmlzaW9uaW5nIG9wZXJhdGlvbnMgYXJlIG9m
dGVuPG86cD48L286cD48L3ByZT4NCjxwcmU+bmVjZXNzYXJ5IHRvIGVhc2UgYWRvcHRpb24gb2Yg
bmV3IHNlcnZpY2VzLiZuYnNwOyBUaGlzIHdvcmsgYnVpbGRzIG9uIHRvb2xzPG86cD48L286cD48
L3ByZT4NCjxwcmU+c3VjaCBhcyBsZGFwIGFuZCBTQU1MIDIuMCwgd2hpY2ggYXJlIHVzZWQgdG8g
cHJvdmlkZSB1cC10by1kYXRlIGluZm9ybWF0aW9uLjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlND
SU0gZm9jdXNlcyBvbiB0aGUgY2FzZSB3aGVyZSBhbiBlbnRlcnByaXNlJ3MgbGRhcCBzZXJ2aWNl
IG1heSBub3QgYmU8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5hdmFpbGFibGUgdG8gdGhlIHByb3Zp
ZGVyLCBhbmQgU0FNTCBjYW5ub3QgcHJvdmlkZSBzdWZmaWNpZW50IGNvbnRleHQgZm9yIHRoZTxv
OnA+PC9vOnA+PC9wcmU+DQo8cHJlPnNlcnZpY2UuJm5ic3A7IEFuIGV4YW1wbGUgd291bGQgYmUg
dGhlIHByb3Zpc2lvbmluZyBvZiBhbiBvZiBhbiBFTWFpbCBhY2NvdW50IHNvPG86cD48L286cD48
L3ByZT4NCjxwcmU+dGhhdCBpdCBjYW4gcmVjZWl2ZSBtYWlsIGJlZm9yZSB0aGUgcGVyc29uIGhh
cyBmaXJzdCBsb2dnZWQgaW4uPG86cD48L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8L286
cD48L3ByZT4NCjxwcmU+WFhYWFhYWFg8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5UaGUgc3BlY2lm
aWNhdGlvbiBzdWl0ZSBzZWVrcyB0byBidWlsZCB1cG9uIGV4cGVyaWVuY2Ugd2l0aCBleGlzdGlu
ZyA8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5zY2hlbWFzIGFuZCBkZXBsb3ltZW50cywgcGxhY2lu
ZyBzcGVjaWZpYyBlbXBoYXNpcyBvbiBzaW1wbGljaXR5IG9mIDxvOnA+PC9vOnA+PC9wcmU+DQo8
cHJlPmRldmVsb3BtZW50IGFuZCBpbnRlZ3JhdGlvbiwgd2hpbGUgYXBwbHlpbmcgZXhpc3Rpbmcg
YXV0aGVudGljYXRpb24sIDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPmF1dGhvcml6YXRpb24sIGFu
ZCBwcml2YWN5IG1vZGVscy4gSXRzIGludGVudCBpcyB0byByZWR1Y2UgdGhlIGNvc3QgYW5kIDxv
OnA+PC9vOnA+PC9wcmU+DQo8cHJlPmNvbXBsZXhpdHkgb2YgdXNlciBtYW5hZ2VtZW50IG9wZXJh
dGlvbnMgYnkgcHJvdmlkaW5nIGEgY29tbW9uIHVzZXIgPG86cD48L286cD48L3ByZT4NCjxwcmU+
c2NoZW1hIGFuZCBleHRlbnNpb24gbW9kZWwsIGFzIHdlbGwgYXMgYmluZGluZyBkb2N1bWVudHMg
dG8gcHJvdmlkZSA8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5wYXR0ZXJucyBmb3IgZXhjaGFuZ2lu
ZyB0aGlzIHNjaGVtYSB1c2luZyBzdGFuZGFyZCBwcm90b2NvbHMuIEluIDxvOnA+PC9vOnA+PC9w
cmU+DQo8cHJlPmFkZGl0aW9uIHRoZSB3b3JraW5nIGdyb3VwIG1heSBjb25zaWRlciBpbmNsdWRp
bmcgbWFuYWdpbmcgZGV2aWNlIDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPmlkZW50aXRpZXMgYXMg
cGFydCBvZiB0aGUgd29yayBhZG9wdGVkIGJ5IHRoZSB3b3JraW5nIGdyb3VwLjxvOnA+PC9vOnA+
PC9wcmU+DQo8cHJlPlRoZSBncm91cCB3aWxsIHVzZSBhcyBzdGFydGluZyBwb2ludHMgdGhlIGZv
bGxvd2luZyBkcmFmdHMgaW48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT50aGUgZm9sbG93aW5nIHdh
eXM6PG86cD48L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjxwcmU+
Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IGRyYWZ0LVhYWC1zY2lt
LXNjaGVtYS0wMCBhcyB0aGUgYSBzY2hlbWEgc3BlY2lmaWNhdGlvbiw8bzpwPjwvbzpwPjwvcHJl
Pg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgZHJhZnQt
WFhYLXNjaW0tcHJvdG9jb2wtZGVmaW5pdGlvbi0wMCBhcyB0aGUgcHJvdG9jb2wgc3BlY2lmaWNh
dGlvbiw8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz
cDsmbmJzcDsmbmJzcDsgZHJhZnQtWFhYLXNjaW0tc2FtbC1iaW5kaW5nLTAwIGZvciBiaW5kaW5n
IHRoZSBTQ0lNIHNjaGVtYSB0byBTQU1MLCBhbmQ8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJz
cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgZHJhZnQtWFhYLXNjaW0tbGRh
cC1iaW5kaW5nLTAwIGZvciBiaW5kaW5nIHRoZSBTQ0lNIHNjaGVtYSB0byBMREFQLjxvOnA+PC9v
OnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+DQo8cHJlPlRoZXNlIGRyYWZ0
cyBhcmUgYmFzZWQgb24gZXhpc3Rpbmcgc3BlY2lmaWNhdGlvbnMuIHdoaWNoIHRvZ2V0aGVyIGFy
ZSBjb21tb25seTxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPmtub3duIGFzIFNDSU0gMS4wLiZuYnNw
OyBBcyBzdWNoLCBzb21lIGNvbnNpZGVyYXRpb24gc2hvdWxkIGJlIGdpdmVuIGZvciBiYWNrd2Fy
ZDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPmNvbXBhdGliaWxpdHksIGFzIHRoZSBncm91cCBldm9s
dmVzIHRoZSB3b3JrLiZuYnNwOyBUaGlzIGdyb3VwIHdpbGwgY29uc2lkZXIsPG86cD48L286cD48
L3ByZT4NCjxwcmU+Zm9yIGFuZCBmb3JlbW9zdCwgdGhlIG9wZXJhdGlvbmFsIGV4cGVyaWVuY2Ug
Z2F0aGVyZWQgZnJvbSB0aGUgZXhpc3Rpbmcgd29yay48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5U
aGUgZ3JvdXAgd2lsbCBhbHNvIGNvbnNpZGVyIGV4cGVyaWVuY2VzIHdpdGggd29yayBkb25lIGJ5
IG90aGVyIGJvZGllcywgaW5jbHVkaW5nPG86cD48L286cD48L3ByZT4NCjxwcmU+dGhlIE9BU0lT
IFByb3Zpc2lvbmluZyBUQy48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT48bzpwPiZuYnNwOzwvbzpw
PjwvcHJlPg0KPHByZT5UaGUgZ3JvdXAgd2lsbCBwcm9kdWNlIFByb3Bvc2VkIFN0YW5kYXJkcyBm
b3IgYSBzY2hlbWEsIGEgcHJvdG9jb2wsPG86cD48L286cD48L3ByZT4NCjxwcmU+YSBTQU1MIGJp
bmRpbmcsIGFuZCBhbiBMREFQIGJpbmRpbmcuJm5ic3A7IEluIGRvaW5nIHNvLCB0aGUgZ3JvdXAg
d2lsbCBtYWtlPG86cD48L286cD48L3ByZT4NCjxwcmU+Y29uc2lzdGVudCB0aGUgdGVybWlub2xv
Z3ksIHJldmlldyBhbmQgaW1wcm92ZSBzZWN1cml0eSBvZiB0aGUgb3ZlcmFsbCBzeXN0ZW0sPG86
cD48L286cD48L3ByZT4NCjxwcmU+aWRlbnRpZnkgYW55IGZ1bmN0aW9uYWwgZ2FwcyB0aGF0IHdv
dWxkIGJlIHVzZWZ1bCBmdXR1cmUgd29yaywgYWRkcmVzczxvOnA+PC9vOnA+PC9wcmU+DQo8cHJl
PmludGVybmF0aW9uYWxpemF0aW9uLCBhbmQgcHJvdmlkZSBndWlkZWxpbmVzIGZvciBleHRlbnNp
YmlsaXR5IChlaXRoZXIgdGhyb3VnaDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPklBTkEgcmVnaXN0
cmllcyBvciBvdGhlciBtZWFucykuPG86cD48L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8
L286cD48L3ByZT4NCjxwcmU+SW4gaXRzIHdvcmssIHRoZSBncm91cCB3aWxsIGRlY2lkZSB3aGF0
IGFkZGl0aW9uYWwgY2FwYWJpbGl0aWVzIHNob3VsZCBiZTxvOnA+PC9vOnA+PC9wcmU+DQo8cHJl
PmluY2x1ZGVkIGluIHRoZSBpbml0aWFsIHNwZWNpZmljYXRpb24sIGFuZCB3aGF0IGNhbiBiZSBh
ZGRyZXNzZWQgYXQgYSBsYXRlciB0aW1lLjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5i
c3A7PC9vOnA+PC9wcmU+DQo8cHJlPkhvd2V2ZXIsIHVzZXIsIGRldmljZSwgYW5kIHNlcnZpY2Ug
YXV0aGVudGljYXRpb24gYW5kIGF1dGhvcml6YXRpb248bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4o
cG9saWN5L2VudGl0bGVtZW50KSBhcmUgb3V0IG9mIHNjb3BlIGZvciB0aGlzIHdvcmtpbmcgZ3Jv
dXAuPG86cD48L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjxwcmU+
TWlsZXN0b25lczxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+
DQo8cHJlPjUvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0g
Y29yZSBzY2hlbWE8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT41LzIwMTImbmJzcDsmbmJzcDsmbmJz
cDsgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNlIGRyYWZ0PG86cD48
L286cD48L3ByZT4NCjxwcmU+NS8yMDEyJm5ic3A7Jm5ic3A7Jm5ic3A7IEluaXRpYWwgYWRvcHRp
b24gb2YgU0NJTSBTQU1MIGJpbmRpbmdzIGRyYWZ0PG86cD48L286cD48L3ByZT4NCjxwcmU+NS8y
MDEyJm5ic3A7Jm5ic3A7Jm5ic3A7IEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSBMREFQIG1hcHBp
bmcgZHJhZnQ8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT45LzIwMTImbmJzcDsmbmJzcDsmbmJzcDsg
V0dMQyBTQ0lNIGNvcmUgc2NoZW1hPG86cD48L286cD48L3ByZT4NCjxwcmU+OS8yMDEyJm5ic3A7
Jm5ic3A7Jm5ic3A7IFdHTEMgU0NJTSByZXN0ZnVsIGludGVyZmFjZTxvOnA+PC9vOnA+PC9wcmU+
DQo8cHJlPjkvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBXR0xDIFNDSU0gU0FNTCBiaW5kaW5nczxv
OnA+PC9vOnA+PC9wcmU+DQo8cHJlPjkvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBXR0xDIFNDSU0g
TERBUCBtYXBwaW5nPG86cD48L286cD48L3ByZT4NCjxwcmU+My8yMDEzJm5ic3A7Jm5ic3A7Jm5i
c3A7IFJlLWNoYXJ0ZXIgZGlzY3Vzc2lvbjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5i
c3A7PC9vOnA+PC9wcmU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPl9fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fPGJyPg0Kc2NpbSBtYWlsaW5nIGxp
c3Q8YnI+DQo8YSBocmVmPSJtYWlsdG86c2NpbUBpZXRmLm9yZyI+c2NpbUBpZXRmLm9yZzwvYT48
YnI+DQo8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NjaW0i
Pmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbTwvYT48bzpwPjwvbzpw
PjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+
DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRtbD4NCg==

--_000_B26C1EF377CB694EAB6BDDC8E624B6E73C08110EBL2PRD0310MB362_--

From michael.brenner@alcatel-lucent.com  Wed Mar 14 06:13:39 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCA3F21E807C for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:13:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.598
X-Spam-Level: 
X-Spam-Status: No, score=-8.598 tagged_above=-999 required=5 tests=[AWL=2.000,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id En58IMkGyzf3 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:13:37 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id 6B1B221E8078 for <scim@ietf.org>; Wed, 14 Mar 2012 06:13:37 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id q2EDDQSp015216 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 14 Mar 2012 08:13:26 -0500 (CDT)
Received: from USNAVSXCHHUB02.ndc.alcatel-lucent.com (usnavsxchhub02.ndc.alcatel-lucent.com [135.3.39.111]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2ECvJgf025224 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Wed, 14 Mar 2012 08:13:16 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB02.ndc.alcatel-lucent.com ([135.3.39.111]) with mapi; Wed, 14 Mar 2012 08:12:32 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Anthony Nadalin <tonynad@microsoft.com>, Eliot Lear <lear@cisco.com>, Phil Hunt <phil.hunt@oracle.com>
Date: Wed, 14 Mar 2012 08:12:31 -0500
Thread-Topic: [scim] Propose reshape of charter
Thread-Index: AQHNAVDYCcrvYOVt8kG1ir+JEsll/pZopA2AgAAYPICAAQc/UIAAATJw
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com>
In-Reply-To: <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_219947F0B2242843A0A1E62FDB510DC0250F3D4F7FUSNAVSXCHMBSA_"
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Cc: "scim@ietf.org" <scim@ietf.org>, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 13:13:39 -0000

--_000_219947F0B2242843A0A1E62FDB510DC0250F3D4F7FUSNAVSXCHMBSA_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

4oCmIGFuZCB3aGF0IGFib3V0IG90aGVycyDigJMgYXJlIHRob3NlIGluY2x1ZGVkIG9yIGV4Y2x1
ZGVkIGZyb20g4oCcaWRlbnRpdHkgbGlmZWN5Y2xl4oCdOg0KDQotICAgICAgICAgIFByb2ZpbGVz
L3ByZWZlcmVuY2VzDQoNCi0gICAgICAgICAgUHJpdmFjeSBzZXR0aW5ncw0KDQotICAgICAgICAg
IEFjY2VzcyBjb250cm9sIHRvIGFsbCBpZGVudGl0eS1yZWxhdGVkIGluZm9ybWF0aW9uDQpUaGFu
a3MsDQpNaWNoYWVsDQoNCkZyb206IHNjaW0tYm91bmNlc0BpZXRmLm9yZyBbbWFpbHRvOnNjaW0t
Ym91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIEFudGhvbnkgTmFkYWxpbg0KU2VudDogV2Vk
bmVzZGF5LCBNYXJjaCAxNCwgMjAxMiA5OjA5IEFNDQpUbzogRWxpb3QgTGVhcjsgUGhpbCBIdW50
DQpDYzogc2NpbUBpZXRmLm9yZzsgUGV0ZXIgU2FpbnQtQW5kcmU7IFN0ZXZlbiBNLiBCZWxsb3Zp
bg0KU3ViamVjdDogUmU6IFtzY2ltXSBQcm9wb3NlIHJlc2hhcGUgb2YgY2hhcnRlcg0KDQrigJxt
YW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNsZeKAnQ0KDQpUaGlzIGlzIGEgbGl0dGxlIHRv
byB2YWd1ZSBhcyB0aGVyZSBhcmUgbWFueSBkaWZmZXJlbnQgdmlld3Mgb24gd2hhdCB0aGUgaWRl
bnRpdHkgbGlmZWN5Y2xlIGNvbnNpc3RzIG9mLCBlbnJvbGxtZW50LCBwcm9vZmluZywgY3JlZGVu
dGlhbGluZywgdXNhZ2UsIG1vbml0b3JpbmcsIGV0Yy4gYW5kIEkgZG9u4oCZdCBiZWxpZXZlIHRo
YXQgU0NJTSBjb3ZlcnMgYWxsIHRoZXNlIGFyZWFzIG5vdyBvciBldmVyIHdpbGwNCg0KRnJvbTog
c2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSBPbiBC
ZWhhbGYgT2YgRWxpb3QgTGVhcg0KU2VudDogVHVlc2RheSwgTWFyY2ggMTMsIDIwMTIgMjoyMyBQ
TQ0KVG86IFBoaWwgSHVudA0KQ2M6IHNjaW1AaWV0Zi5vcmc7IFBldGVyIFNhaW50LUFuZHJlOyBT
dGV2ZW4gTS4gQmVsbG92aW4NClN1YmplY3Q6IFJlOiBbc2NpbV0gUHJvcG9zZSByZXNoYXBlIG9m
IGNoYXJ0ZXINCg0KRXZlcnlvbmU6DQoNClBsZWFzZSB2b2ljZSB5b3VyIHN1cHBvcnQgb3Igb3Bw
b3NpdGlvbiB0byB0aGUgcHJvcG9zZWQgY2hhbmdlIGJlbG93IChhbmQgYW55IG90aGVyIHByb3Bv
c2VkIGNoYW5nZSkgdGhhdCBjb21lcyB0aHJvdWdoLiAgU3RhdGluZyBXSFkgaGVscHMgYWR2YW5j
ZSB0aGUgZGViYXRlLg0KDQpUaGFua3MsDQoNCkVsaW90DQoNCk9uIDMvMTMvMTIgODo1NiBQTSwg
UGhpbCBIdW50IHdyb3RlOg0KRWxpb3QsDQoNCkkgcHJvcG9zZSB0aGUgZm9sbG93aW5nIGNoYW5n
ZSB0byB0aGUgV0cgRGVzY3JpcHRpb246DQoNCkZyb206DQoNClRoZSBTaW1wbGUgQ2xvdWQgSWRl
bnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0bw0KDQpt
YWtlIG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGluIGNsb3VkIGJhc2VkIGFwcGxp
Y2F0aW9ucyBhbmQNCg0Kc2VydmljZXMgZWFzaWVyLg0KVG86DQoNClRoZSBTaW1wbGUgQ2xvdWQg
SWRlbnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0bw0K
DQptYWtlIG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGluIG9uZSBvciBtb3JlIGFw
cGxpY2F0aW9ucyBhbmQNCg0Kc2VydmljZXMgZWFzaWVyIGJldHdlZW4gY2xpZW50IG9yZ2FuaXph
dGlvbnMgYW5kIGNsb3VkIGJhc2VkIHNlcnZpY2UgcHJvdmlkZXJzLg0KDQpUaGUgY2hhbmdlIGFi
b3ZlIGlzIHN1YnRsZSBidXQgb2YgY3JpdGljYWwgaW1wb3J0YW5jZSB0byBjbG91ZCBwcm92aWRl
cnMgKG1hbnkgd2hvIGFyZSBub3QgeWV0IGFjdGl2ZSBpbiB0aGUgZ3JvdXApIHdobyBob3N0IG1h
bnkgc2VydmljZXMuDQoNCkl0IGlzIHByb2JhYmx5IGltcG9ydGFudCB0byBzaXRlIHRoZSBsb2Nh
dGlvbiBvZiB0aGUgU0NJTSAxLjAgc3BlY2lmaWNhdGlvbiB3aGljaCBpcyBwdWJsaXNoZWQgZXh0
ZXJuYWxseSB0byBJRVRGIGFzIHdlbGwgYXMgdGhlIHJlLXB1Ymxpc2hlZCBkcmFmdHMgdW5kZXIg
SUVURi4NCg0KUGhpbA0KDQpAaW5kZXBlbmRlbnRpZA0Kd3d3LmluZGVwZW5kZW50aWQuY29tPGh0
dHA6Ly93d3cuaW5kZXBlbmRlbnRpZC5jb20+DQpwaGlsLmh1bnRAb3JhY2xlLmNvbTxtYWlsdG86
cGhpbC5odW50QG9yYWNsZS5jb20+DQoNCg0KDQpPbiAyMDEyLTAzLTEzLCBhdCAxMjozNyBQTSwg
RWxpb3QgTGVhciB3cm90ZToNCg0KSGkgRXZlcnlvbmUsDQoNCkhhdmluZyByZWFkIGlucHV0cyBm
cm9tIHRoaXMgbGlzdCwgSSBhbSBwcm9wb3Npbmcgc29tZSBjaGFuZ2VzIHRvIHRoZSBjaGFydGVy
LiAgTW9zdCBvZiB0aGlzIGlzIGZvcm0gYW5kIG5vdCBzdWJzdGFuY2UsICBidXQgdGhlcmUgYXJl
IHNvbWUgc3Vic3RhbnRpYWwgY2hhbmdlcy4gIFRoZSBwdXJwb3NlIG9mIHRoZXNlIGNoYW5nZXMg
aXMgdG8gYnJpbmcgdGhlIGNoYXJ0ZXIgaW4gbGluZSB3aXRoIG1vc3Qgb2YgdGhlIG90aGVycy4g
IEFic2VudCB0aGVzZSBzb3J0IG9mIGNoYW5nZXMsIEkgYW0gbm90IGNvbmZpZGVudCB3ZSB3b3Vs
ZCBnZXQgYSBXRy4gIEV2ZW4gd2l0aCB0aGVzZSBjaGFuZ2VzLCBtb3JlIHdvcmsgaXMgbmVlZGVk
LiBiZWNhdXNlIHdoYXQgaXMgYmVsb3cgaXMgbm90IGNvbXBsZXRlLg0KDQpXaGF0IGlzIG1pc3Np
bmcg4oCTIGFuZCBpdCdzIGltcG9ydGFudCDigJMgIGFyZSBhIGZldyBhZGRpdGlvbmFsIHdvcmRz
IGFib3V0IHdoeSB3ZSBuZWVkIFNDSU0uICBXaHkgYXJlIHdlIGhvbGRpbmcgdGhlIGRhcm4gQm9G
PyAgVGhpcyBpcyBub3Qgc29tZXRoaW5nIHRoYXQgY2FuIHdhaXQsIElNSE8sIGZvciBhbiBJbmZv
cm1hdGlvbmFsIGRvY3VtZW50LiAgUmF0aGVyLCBpZiB0aGVyZSBpcyBubyBjbGVhciBzdGF0ZW1l
bnQgb2YgdGhlIHByb2JsZW0sIEkgZG9uJ3Qgc2VlIGhvdyB0aGUgSUVTRyB3b3VsZCBhcHByb3Zl
IGEgV0cuICBTbyB0aGF0J3Mgd2hhdCB0aGUgYmlnIFhYWFhYWFggaXMgYmVsb3cuICBJJ3ZlIHB1
dCBzb21lIHdvcmRzIGluLCBidXQgdGhleSBhcmUgdGhlcmUgdG8gZGVtb25zdHJhdGUgdGhlIHBv
aW50LiAgUExFQVNFIHByb3Bvc2UgdGV4dC4NCg0KSW4gYWRkaXRpb24sIG15IHJld29yZGluZyBp
cywgaW4gc29tZSBwbGFjZXMsIGdlbmVyaWMuICBJIHdvdWxkIHN1Z2dlc3QgdGhhdCBtb3JlIHRp
bWUgYmUgc3BlbnQgb24gd2hhdCB3ZSB3aWxsIOKAkyBhbmQgYXMgaW1wb3J0YW50bHkg4oCTICBX
T04nVCBkby4gIEEgZ29vZCBjaGFydGVyIHdpbGwgc2NvcGUgb3V0IG1vcmUuICBXaGF0IGFyZSB0
aGUgY3JpdGljYWwgZnVuY3Rpb25zIHRoYXQgbmVlZCB0byBiZSBkb25lIG5vdz8gIElmIHdlIGxl
YXZlIGl0IHdpZGUgb3BlbiwgdGhlbiB3ZSBydW4gdGhlIHJpc2sgb2YgcGVvcGxlIHNob3ZlbGlu
ZyB0b28gbXVjaCBpbiwgb3IgYmxvY2tpbmcgb24gaG93IHRvIGRlY2lkZSB3aGVyZSB0byBob2xk
IHRoZSBsaW5lIGFuZCB3YWl0IHRpbCB0aGUgbmV4dCByb3VuZC4gIFNvLCBmb3IgaW5zdGFuY2Us
IGhvdyB3aWxsIHdlIGtlZXAgdGhlIHNjaGVtYSBmcm9tIGJsb2F0aW5nPyAgUmluc2UgYW5kIHJl
cGVhdCB3aXRoIHByb3RvY29sIG9wZXJhdGlvbnMuDQoNCkluIGFkZGl0aW9uLCBpdCBpcyBteSBh
bnRpY2lwYXRpb24gdGhhdCBzaG9ydGx5IGJlZm9yZSDigJMgb3IgdmVyeSBxdWlja2x5IGFmdGVy
IOKAkyBvdXIgQm9GLCBJbnRlcm5ldC1EcmFmdHMgd2lsbCBiZSBwb3N0ZWQgb2YgdGhlIGluaXRp
YWwgc3BlY2lmaWNhdGlvbnMuICBUaHVzIHlvdSBzZWUgZHJhZnQtWFhYIGJlbG93LiAgV2hpbGUg
dGhlIGNoYXJ0ZXIgbmVlZCBub3Qg4oCTIGFuZCBjYW5ub3Qg4oCTIGJlIGNvbXBsZXRlbHkgZmlu
aXNoZWQgYmVmb3JlIHRoZSBCb0YsIHdlIHNob3VsZCBoYXZlIGl0IGFzIGNsb3NlIGFzIHBvc3Np
YmxlLg0KDQoNClBsZWFzZSBjb21tZW50IG5vdyBvbiB0aGVzZSBjaGFuZ2VzIGFuZCBhbnkgYWRk
aXRpb25hbCBjaGFuZ2VzIHlvdSB3b3VsZCBsaWtlIHRvIHNlZS4NCg0KU2ltcGxlIENsb3VkIElk
ZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pDQpDaGFpcihzKTogVEJEDQoNCkFwcGxpY2F0aW9ucyBB
cmVhIERpcmVjdG9yKHMpOg0KDQogICAgIFBldGUgUmVzbmljayA8cHJlc25pY2tAcXVhbGNvbW0u
Y29tPG1haWx0bzpwcmVzbmlja0BxdWFsY29tbS5jb20+Pg0KDQogICAgIEJhcnJ5IExpZWJhIDw/
Pz8+DQoNCk1haWxpbmcgTGlzdHM6DQoNCiAgICAgR2VuZXJhbCBEaXNjdXNzaW9uOiBzY2ltQGll
dGYub3JnPG1haWx0bzpzY2ltQGlldGYub3JnPg0KDQogICAgIFRvIFN1YnNjcmliZTogaHR0cHM6
Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltDQoNCiAgICAgQXJjaGl2ZTogICAg
ICBodHRwOi8vd3d3LmlldGYub3JnL21haWwtYXJjaGl2ZS93ZWIvc2NpbS9jdXJyZW50L21haWxs
aXN0Lmh0bWwNCg0KDQoNCkRlc2NyaXB0aW9uIG9mIFdvcmtpbmcgR3JvdXA6DQoNClRoZSBTaW1w
bGUgQ2xvdWQgSWRlbnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNp
Z25lZCB0bw0KDQptYWtlIG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGluIGNsb3Vk
IGJhc2VkIGFwcGxpY2F0aW9ucyBhbmQNCg0Kc2VydmljZXMgZWFzaWVyLg0KDQoNCg0KWFhYWFhY
WA0KDQoNCg0KU28tY2FsbGVkIENSZWF0ZSBVcGRhdGUgRGVsZXRlIChDUlVEKSBwcm92aXNpb25p
bmcgb3BlcmF0aW9ucyBhcmUgb2Z0ZW4NCg0KbmVjZXNzYXJ5IHRvIGVhc2UgYWRvcHRpb24gb2Yg
bmV3IHNlcnZpY2VzLiAgVGhpcyB3b3JrIGJ1aWxkcyBvbiB0b29scw0KDQpzdWNoIGFzIGxkYXAg
YW5kIFNBTUwgMi4wLCB3aGljaCBhcmUgdXNlZCB0byBwcm92aWRlIHVwLXRvLWRhdGUgaW5mb3Jt
YXRpb24uDQoNClNDSU0gZm9jdXNlcyBvbiB0aGUgY2FzZSB3aGVyZSBhbiBlbnRlcnByaXNlJ3Mg
bGRhcCBzZXJ2aWNlIG1heSBub3QgYmUNCg0KYXZhaWxhYmxlIHRvIHRoZSBwcm92aWRlciwgYW5k
IFNBTUwgY2Fubm90IHByb3ZpZGUgc3VmZmljaWVudCBjb250ZXh0IGZvciB0aGUNCg0Kc2Vydmlj
ZS4gIEFuIGV4YW1wbGUgd291bGQgYmUgdGhlIHByb3Zpc2lvbmluZyBvZiBhbiBvZiBhbiBFTWFp
bCBhY2NvdW50IHNvDQoNCnRoYXQgaXQgY2FuIHJlY2VpdmUgbWFpbCBiZWZvcmUgdGhlIHBlcnNv
biBoYXMgZmlyc3QgbG9nZ2VkIGluLg0KDQoNCg0KWFhYWFhYWFgNCg0KVGhlIHNwZWNpZmljYXRp
b24gc3VpdGUgc2Vla3MgdG8gYnVpbGQgdXBvbiBleHBlcmllbmNlIHdpdGggZXhpc3RpbmcNCg0K
c2NoZW1hcyBhbmQgZGVwbG95bWVudHMsIHBsYWNpbmcgc3BlY2lmaWMgZW1waGFzaXMgb24gc2lt
cGxpY2l0eSBvZg0KDQpkZXZlbG9wbWVudCBhbmQgaW50ZWdyYXRpb24sIHdoaWxlIGFwcGx5aW5n
IGV4aXN0aW5nIGF1dGhlbnRpY2F0aW9uLA0KDQphdXRob3JpemF0aW9uLCBhbmQgcHJpdmFjeSBt
b2RlbHMuIEl0cyBpbnRlbnQgaXMgdG8gcmVkdWNlIHRoZSBjb3N0IGFuZA0KDQpjb21wbGV4aXR5
IG9mIHVzZXIgbWFuYWdlbWVudCBvcGVyYXRpb25zIGJ5IHByb3ZpZGluZyBhIGNvbW1vbiB1c2Vy
DQoNCnNjaGVtYSBhbmQgZXh0ZW5zaW9uIG1vZGVsLCBhcyB3ZWxsIGFzIGJpbmRpbmcgZG9jdW1l
bnRzIHRvIHByb3ZpZGUNCg0KcGF0dGVybnMgZm9yIGV4Y2hhbmdpbmcgdGhpcyBzY2hlbWEgdXNp
bmcgc3RhbmRhcmQgcHJvdG9jb2xzLiBJbg0KDQphZGRpdGlvbiB0aGUgd29ya2luZyBncm91cCBt
YXkgY29uc2lkZXIgaW5jbHVkaW5nIG1hbmFnaW5nIGRldmljZQ0KDQppZGVudGl0aWVzIGFzIHBh
cnQgb2YgdGhlIHdvcmsgYWRvcHRlZCBieSB0aGUgd29ya2luZyBncm91cC4NCg0KVGhlIGdyb3Vw
IHdpbGwgdXNlIGFzIHN0YXJ0aW5nIHBvaW50cyB0aGUgZm9sbG93aW5nIGRyYWZ0cyBpbg0KDQp0
aGUgZm9sbG93aW5nIHdheXM6DQoNCg0KDQogICAgICAgIGRyYWZ0LVhYWC1zY2ltLXNjaGVtYS0w
MCBhcyB0aGUgYSBzY2hlbWEgc3BlY2lmaWNhdGlvbiwNCg0KICAgICAgICBkcmFmdC1YWFgtc2Np
bS1wcm90b2NvbC1kZWZpbml0aW9uLTAwIGFzIHRoZSBwcm90b2NvbCBzcGVjaWZpY2F0aW9uLA0K
DQogICAgICAgIGRyYWZ0LVhYWC1zY2ltLXNhbWwtYmluZGluZy0wMCBmb3IgYmluZGluZyB0aGUg
U0NJTSBzY2hlbWEgdG8gU0FNTCwgYW5kDQoNCiAgICAgICAgZHJhZnQtWFhYLXNjaW0tbGRhcC1i
aW5kaW5nLTAwIGZvciBiaW5kaW5nIHRoZSBTQ0lNIHNjaGVtYSB0byBMREFQLg0KDQoNCg0KVGhl
c2UgZHJhZnRzIGFyZSBiYXNlZCBvbiBleGlzdGluZyBzcGVjaWZpY2F0aW9ucy4gd2hpY2ggdG9n
ZXRoZXIgYXJlIGNvbW1vbmx5DQoNCmtub3duIGFzIFNDSU0gMS4wLiAgQXMgc3VjaCwgc29tZSBj
b25zaWRlcmF0aW9uIHNob3VsZCBiZSBnaXZlbiBmb3IgYmFja3dhcmQNCg0KY29tcGF0aWJpbGl0
eSwgYXMgdGhlIGdyb3VwIGV2b2x2ZXMgdGhlIHdvcmsuICBUaGlzIGdyb3VwIHdpbGwgY29uc2lk
ZXIsDQoNCmZvciBhbmQgZm9yZW1vc3QsIHRoZSBvcGVyYXRpb25hbCBleHBlcmllbmNlIGdhdGhl
cmVkIGZyb20gdGhlIGV4aXN0aW5nIHdvcmsuDQoNClRoZSBncm91cCB3aWxsIGFsc28gY29uc2lk
ZXIgZXhwZXJpZW5jZXMgd2l0aCB3b3JrIGRvbmUgYnkgb3RoZXIgYm9kaWVzLCBpbmNsdWRpbmcN
Cg0KdGhlIE9BU0lTIFByb3Zpc2lvbmluZyBUQy4NCg0KDQoNClRoZSBncm91cCB3aWxsIHByb2R1
Y2UgUHJvcG9zZWQgU3RhbmRhcmRzIGZvciBhIHNjaGVtYSwgYSBwcm90b2NvbCwNCg0KYSBTQU1M
IGJpbmRpbmcsIGFuZCBhbiBMREFQIGJpbmRpbmcuICBJbiBkb2luZyBzbywgdGhlIGdyb3VwIHdp
bGwgbWFrZQ0KDQpjb25zaXN0ZW50IHRoZSB0ZXJtaW5vbG9neSwgcmV2aWV3IGFuZCBpbXByb3Zl
IHNlY3VyaXR5IG9mIHRoZSBvdmVyYWxsIHN5c3RlbSwNCg0KaWRlbnRpZnkgYW55IGZ1bmN0aW9u
YWwgZ2FwcyB0aGF0IHdvdWxkIGJlIHVzZWZ1bCBmdXR1cmUgd29yaywgYWRkcmVzcw0KDQppbnRl
cm5hdGlvbmFsaXphdGlvbiwgYW5kIHByb3ZpZGUgZ3VpZGVsaW5lcyBmb3IgZXh0ZW5zaWJpbGl0
eSAoZWl0aGVyIHRocm91Z2gNCg0KSUFOQSByZWdpc3RyaWVzIG9yIG90aGVyIG1lYW5zKS4NCg0K
DQoNCkluIGl0cyB3b3JrLCB0aGUgZ3JvdXAgd2lsbCBkZWNpZGUgd2hhdCBhZGRpdGlvbmFsIGNh
cGFiaWxpdGllcyBzaG91bGQgYmUNCg0KaW5jbHVkZWQgaW4gdGhlIGluaXRpYWwgc3BlY2lmaWNh
dGlvbiwgYW5kIHdoYXQgY2FuIGJlIGFkZHJlc3NlZCBhdCBhIGxhdGVyIHRpbWUuDQoNCg0KDQpI
b3dldmVyLCB1c2VyLCBkZXZpY2UsIGFuZCBzZXJ2aWNlIGF1dGhlbnRpY2F0aW9uIGFuZCBhdXRo
b3JpemF0aW9uDQoNCihwb2xpY3kvZW50aXRsZW1lbnQpIGFyZSBvdXQgb2Ygc2NvcGUgZm9yIHRo
aXMgd29ya2luZyBncm91cC4NCg0KDQoNCk1pbGVzdG9uZXMNCg0KDQoNCjUvMjAxMiAgICBJbml0
aWFsIGFkb3B0aW9uIG9mIFNDSU0gY29yZSBzY2hlbWENCg0KNS8yMDEyICAgIEluaXRpYWwgYWRv
cHRpb24gb2YgU0NJTSByZXN0ZnVsIGludGVyZmFjZSBkcmFmdA0KDQo1LzIwMTIgICAgSW5pdGlh
bCBhZG9wdGlvbiBvZiBTQ0lNIFNBTUwgYmluZGluZ3MgZHJhZnQNCg0KNS8yMDEyICAgIEluaXRp
YWwgYWRvcHRpb24gb2YgU0NJTSBMREFQIG1hcHBpbmcgZHJhZnQNCg0KOS8yMDEyICAgIFdHTEMg
U0NJTSBjb3JlIHNjaGVtYQ0KDQo5LzIwMTIgICAgV0dMQyBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNl
DQoNCjkvMjAxMiAgICBXR0xDIFNDSU0gU0FNTCBiaW5kaW5ncw0KDQo5LzIwMTIgICAgV0dMQyBT
Q0lNIExEQVAgbWFwcGluZw0KDQozLzIwMTMgICAgUmUtY2hhcnRlciBkaXNjdXNzaW9uDQoNCg0K
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCnNjaW0gbWFp
bGluZyBsaXN0DQpzY2ltQGlldGYub3JnPG1haWx0bzpzY2ltQGlldGYub3JnPg0KaHR0cHM6Ly93
d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltDQoNCg==

--_000_219947F0B2242843A0A1E62FDB510DC0250F3D4F7FUSNAVSXCHMBSA_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6eD0idXJuOnNjaGVtYXMtbWljcm9z
b2Z0LWNvbTpvZmZpY2U6ZXhjZWwiIHhtbG5zOnA9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206
b2ZmaWNlOnBvd2VycG9pbnQiIHhtbG5zOmE9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2Zm
aWNlOmFjY2VzcyIgeG1sbnM6ZHQ9InV1aWQ6QzJGNDEwMTAtNjVCMy0xMWQxLUEyOUYtMDBBQTAw
QzE0ODgyIiB4bWxuczpzPSJ1dWlkOkJEQzZFM0YwLTZEQTMtMTFkMS1BMkEzLTAwQUEwMEMxNDg4
MiIgeG1sbnM6cnM9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206cm93c2V0IiB4bWxuczp6PSIj
Um93c2V0U2NoZW1hIiB4bWxuczpiPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTpw
dWJsaXNoZXIiIHhtbG5zOnNzPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTpzcHJl
YWRzaGVldCIgeG1sbnM6Yz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6Y29tcG9u
ZW50OnNwcmVhZHNoZWV0IiB4bWxuczpvZGM9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2Zm
aWNlOm9kYyIgeG1sbnM6b2E9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOmFjdGl2
YXRpb24iIHhtbG5zOmh0bWw9Imh0dHA6Ly93d3cudzMub3JnL1RSL1JFQy1odG1sNDAiIHhtbG5z
OnE9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvIiB4bWxuczpydGM9
Imh0dHA6Ly9taWNyb3NvZnQuY29tL29mZmljZW5ldC9jb25mZXJlbmNpbmciIHhtbG5zOkQ9IkRB
VjoiIHhtbG5zOlJlcGw9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vcmVwbC8iIHhtbG5z
Om10PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQvc29hcC9tZWV0aW5n
cy8iIHhtbG5zOngyPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9leGNlbC8y
MDAzL3htbCIgeG1sbnM6cHBkYT0iaHR0cDovL3d3dy5wYXNzcG9ydC5jb20vTmFtZVNwYWNlLnhz
ZCIgeG1sbnM6b2lzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQvc29h
cC9vaXMvIiB4bWxuczpkaXI9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2lu
dC9zb2FwL2RpcmVjdG9yeS8iIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
bGRzaWcjIiB4bWxuczpkc3A9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2lu
dC9kc3AiIHhtbG5zOnVkYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9kYXRhL3VkYyIg
eG1sbnM6eHNkPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6c3ViPSJo
dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQvc29hcC8yMDAyLzEvYWxlcnRz
LyIgeG1sbnM6ZWM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgeG1sbnM6c3A9
Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2ludC8iIHhtbG5zOnNwcz0iaHR0
cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9zaGFyZXBvaW50L3NvYXAvIiB4bWxuczp4c2k9Imh0
dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp1ZGNzPSJodHRw
Oi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2RhdGEvdWRjL3NvYXAiIHhtbG5zOnVkY3hmPSJodHRw
Oi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2RhdGEvdWRjL3htbGZpbGUiIHhtbG5zOnVkY3AycD0i
aHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9kYXRhL3VkYy9wYXJ0dG9wYXJ0IiB4bWxuczp3
Zj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9zaGFyZXBvaW50L3NvYXAvd29ya2Zsb3cv
IiB4bWxuczpkc3NzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA2L2Rp
Z3NpZy1zZXR1cCIgeG1sbnM6ZHNzaT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZp
Y2UvMjAwNi9kaWdzaWciIHhtbG5zOm1kc3NpPSJodHRwOi8vc2NoZW1hcy5vcGVueG1sZm9ybWF0
cy5vcmcvcGFja2FnZS8yMDA2L2RpZ2l0YWwtc2lnbmF0dXJlIiB4bWxuczptdmVyPSJodHRwOi8v
c2NoZW1hcy5vcGVueG1sZm9ybWF0cy5vcmcvbWFya3VwLWNvbXBhdGliaWxpdHkvMjAwNiIgeG1s
bnM6bT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4
bWxuczptcmVscz0iaHR0cDovL3NjaGVtYXMub3BlbnhtbGZvcm1hdHMub3JnL3BhY2thZ2UvMjAw
Ni9yZWxhdGlvbnNoaXBzIiB4bWxuczpzcHdwPSJodHRwOi8vbWljcm9zb2Z0LmNvbS9zaGFyZXBv
aW50L3dlYnBhcnRwYWdlcyIgeG1sbnM6ZXgxMnQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5j
b20vZXhjaGFuZ2Uvc2VydmljZXMvMjAwNi90eXBlcyIgeG1sbnM6ZXgxMm09Imh0dHA6Ly9zY2hl
bWFzLm1pY3Jvc29mdC5jb20vZXhjaGFuZ2Uvc2VydmljZXMvMjAwNi9tZXNzYWdlcyIgeG1sbnM6
cHB0c2w9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2ludC9zb2FwL1NsaWRl
TGlicmFyeS8iIHhtbG5zOnNwc2w9Imh0dHA6Ly9taWNyb3NvZnQuY29tL3dlYnNlcnZpY2VzL1No
YXJlUG9pbnRQb3J0YWxTZXJ2ZXIvUHVibGlzaGVkTGlua3NTZXJ2aWNlIiB4bWxuczpaPSJ1cm46
c2NoZW1hcy1taWNyb3NvZnQtY29tOiIgeG1sbnM6c3Q9IiYjMTsiIHhtbG5zPSJodHRwOi8vd3d3
LnczLm9yZy9UUi9SRUMtaHRtbDQwIj48aGVhZD48bWV0YSBodHRwLWVxdWl2PUNvbnRlbnQtVHlw
ZSBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPjxtZXRhIG5hbWU9R2VuZXJhdG9y
IGNvbnRlbnQ9Ik1pY3Jvc29mdCBXb3JkIDEyIChmaWx0ZXJlZCBtZWRpdW0pIj48c3R5bGU+PCEt
LQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpIZWx2
ZXRpY2E7DQoJcGFub3NlLTE6MiAxMSA2IDQgMiAyIDIgMiAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtm
b250LWZhbWlseTpXaW5nZGluZ3M7DQoJcGFub3NlLTE6NSAwIDAgMCAwIDAgMCAwIDAgMDt9DQpA
Zm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJDYW1icmlhIE1hdGgiOw0KCXBhbm9zZS0xOjIgNCA1
IDMgNSA0IDYgMyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDYWxpYnJpOw0KCXBh
bm9zZS0xOjIgMTUgNSAyIDIgMiA0IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6
VGFob21hOw0KCXBhbm9zZS0xOjIgMTEgNiA0IDMgNSA0IDQgMiA0O30NCkBmb250LWZhY2UNCgl7
Zm9udC1mYW1pbHk6Q29uc29sYXM7DQoJcGFub3NlLTE6MiAxMSA2IDkgMiAyIDQgMyAyIDQ7fQ0K
LyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5N
c29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1z
aXplOjEyLjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIiwic2VyaWYiOw0KCWNv
bG9yOmJsYWNrO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXByaW9y
aXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQphOnZp
c2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5
Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnByZQ0KCXtt
c28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkhUTUwgUHJlZm9ybWF0dGVk
IENoYXIiOw0KCW1hcmdpbjowaW47DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6
ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6IkNvdXJpZXIgTmV3IjsNCgljb2xvcjpibGFjazt9DQpw
Lk1zb0FjZXRhdGUsIGxpLk1zb0FjZXRhdGUsIGRpdi5Nc29BY2V0YXRlDQoJe21zby1zdHlsZS1w
cmlvcml0eTo5OTsNCgltc28tc3R5bGUtbGluazoiQmFsbG9vbiBUZXh0IENoYXIiOw0KCW1hcmdp
bjowaW47DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZTo4LjBwdDsNCglmb250
LWZhbWlseToiVGFob21hIiwic2Fucy1zZXJpZiI7DQoJY29sb3I6YmxhY2s7fQ0KcC5Nc29MaXN0
UGFyYWdyYXBoLCBsaS5Nc29MaXN0UGFyYWdyYXBoLCBkaXYuTXNvTGlzdFBhcmFncmFwaA0KCXtt
c28tc3R5bGUtcHJpb3JpdHk6MzQ7DQoJbWFyZ2luLXRvcDowaW47DQoJbWFyZ2luLXJpZ2h0OjBp
bjsNCgltYXJnaW4tYm90dG9tOjBpbjsNCgltYXJnaW4tbGVmdDouNWluOw0KCW1hcmdpbi1ib3R0
b206LjAwMDFwdDsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcg
Um9tYW4iLCJzZXJpZiI7DQoJY29sb3I6YmxhY2s7fQ0Kc3Bhbi5IVE1MUHJlZm9ybWF0dGVkQ2hh
cg0KCXttc28tc3R5bGUtbmFtZToiSFRNTCBQcmVmb3JtYXR0ZWQgQ2hhciI7DQoJbXNvLXN0eWxl
LXByaW9yaXR5Ojk5Ow0KCW1zby1zdHlsZS1saW5rOiJIVE1MIFByZWZvcm1hdHRlZCI7DQoJZm9u
dC1mYW1pbHk6Q29uc29sYXM7DQoJY29sb3I6YmxhY2s7fQ0Kc3Bhbi5CYWxsb29uVGV4dENoYXIN
Cgl7bXNvLXN0eWxlLW5hbWU6IkJhbGxvb24gVGV4dCBDaGFyIjsNCgltc28tc3R5bGUtcHJpb3Jp
dHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkJhbGxvb24gVGV4dCI7DQoJZm9udC1mYW1pbHk6IlRh
aG9tYSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOmJsYWNrO30NCnNwYW4uYXBwbGUtc3R5bGUtc3Bh
bg0KCXttc28tc3R5bGUtbmFtZTphcHBsZS1zdHlsZS1zcGFuO30NCnNwYW4uRW1haWxTdHlsZTIy
DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fu
cy1zZXJpZiI7DQoJY29sb3I6IzFGNDk3RDt9DQpzcGFuLkVtYWlsU3R5bGUyMw0KCXttc28tc3R5
bGUtdHlwZTpwZXJzb25hbC1yZXBseTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2Vy
aWYiOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5cGU6
ZXhwb3J0LW9ubHk7DQoJZm9udC1zaXplOjEwLjBwdDt9DQpAcGFnZSBXb3JkU2VjdGlvbjENCgl7
c2l6ZTo4LjVpbiAxMS4waW47DQoJbWFyZ2luOjEuMGluIDEuMGluIDEuMGluIDEuMGluO30NCmRp
di5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLyogTGlzdCBEZWZpbml0aW9u
cyAqLw0KQGxpc3QgbDANCgl7bXNvLWxpc3QtaWQ6MTM0NDU1NTczMDsNCgltc28tbGlzdC10eXBl
Omh5YnJpZDsNCgltc28tbGlzdC10ZW1wbGF0ZS1pZHM6MjEwNDUzMTgwMiAtNTc0NDMwNjA4IDY3
Njk4NjkxIDY3Njk4NjkzIDY3Njk4Njg5IDY3Njk4NjkxIDY3Njk4NjkzIDY3Njk4Njg5IDY3Njk4
NjkxIDY3Njk4NjkzO30NCkBsaXN0IGwwOmxldmVsMQ0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1h
dDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ6LTsNCgltc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsN
Cgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0K
CWZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7DQoJbXNvLWZhcmVhc3QtZm9udC1m
YW1pbHk6Q2FsaWJyaTt9DQpvbA0KCXttYXJnaW4tYm90dG9tOjBpbjt9DQp1bA0KCXttYXJnaW4t
Ym90dG9tOjBpbjt9DQotLT48L3N0eWxlPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hh
cGVkZWZhdWx0cyB2OmV4dD0iZWRpdCIgc3BpZG1heD0iMTAyNiIgLz4NCjwveG1sPjwhW2VuZGlm
XS0tPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hhcGVsYXlvdXQgdjpleHQ9ImVkaXQi
Pg0KPG86aWRtYXAgdjpleHQ9ImVkaXQiIGRhdGE9IjEiIC8+DQo8L286c2hhcGVsYXlvdXQ+PC94
bWw+PCFbZW5kaWZdLS0+PC9oZWFkPjxib2R5IGJnY29sb3I9d2hpdGUgbGFuZz1FTi1VUyBsaW5r
PWJsdWUgdmxpbms9cHVycGxlPjxkaXYgY2xhc3M9V29yZFNlY3Rpb24xPjxwIGNsYXNzPU1zb05v
cm1hbD48c3BhbiBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIs
InNhbnMtc2VyaWYiO2NvbG9yOiMxRjQ5N0QnPuKApiBhbmQgd2hhdCBhYm91dCBvdGhlcnMg4oCT
IGFyZSB0aG9zZSBpbmNsdWRlZCBvciBleGNsdWRlZCBmcm9tIOKAnGlkZW50aXR5IGxpZmVjeWNs
ZeKAnTo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+PHAgY2xhc3M9TXNvTGlzdFBhcmFncmFwaCBzdHls
ZT0ndGV4dC1pbmRlbnQ6LS4yNWluO21zby1saXN0OmwwIGxldmVsMSBsZm8xJz48IVtpZiAhc3Vw
cG9ydExpc3RzXT48c3BhbiBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2Fs
aWJyaSIsInNhbnMtc2VyaWYiO2NvbG9yOiMxRjQ5N0QnPjxzcGFuIHN0eWxlPSdtc28tbGlzdDpJ
Z25vcmUnPi08c3BhbiBzdHlsZT0nZm9udDo3LjBwdCAiVGltZXMgTmV3IFJvbWFuIic+Jm5ic3A7
Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IDwvc3Bhbj48
L3NwYW4+PC9zcGFuPjwhW2VuZGlmXT48c3BhbiBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250
LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiO2NvbG9yOiMxRjQ5N0QnPlByb2ZpbGVzL3By
ZWZlcmVuY2VzPG86cD48L286cD48L3NwYW4+PC9wPjxwIGNsYXNzPU1zb0xpc3RQYXJhZ3JhcGgg
c3R5bGU9J3RleHQtaW5kZW50Oi0uMjVpbjttc28tbGlzdDpsMCBsZXZlbDEgbGZvMSc+PCFbaWYg
IXN1cHBvcnRMaXN0c10+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6
IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz48c3BhbiBzdHlsZT0nbXNvLWxp
c3Q6SWdub3JlJz4tPHNwYW4gc3R5bGU9J2ZvbnQ6Ny4wcHQgIlRpbWVzIE5ldyBSb21hbiInPiZu
YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8L3Nw
YW4+PC9zcGFuPjwvc3Bhbj48IVtlbmRpZl0+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7
Zm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz5Qcml2YWN5
IHNldHRpbmdzPG86cD48L286cD48L3NwYW4+PC9wPjxwIGNsYXNzPU1zb0xpc3RQYXJhZ3JhcGgg
c3R5bGU9J3RleHQtaW5kZW50Oi0uMjVpbjttc28tbGlzdDpsMCBsZXZlbDEgbGZvMSc+PCFbaWYg
IXN1cHBvcnRMaXN0c10+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6
IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz48c3BhbiBzdHlsZT0nbXNvLWxp
c3Q6SWdub3JlJz4tPHNwYW4gc3R5bGU9J2ZvbnQ6Ny4wcHQgIlRpbWVzIE5ldyBSb21hbiInPiZu
YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8L3Nw
YW4+PC9zcGFuPjwvc3Bhbj48IVtlbmRpZl0+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7
Zm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz5BY2Nlc3Mg
Y29udHJvbCB0byBhbGwgaWRlbnRpdHktcmVsYXRlZCBpbmZvcm1hdGlvbjxvOnA+PC9vOnA+PC9z
cGFuPjwvcD48cCBjbGFzcz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7
Zm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz5UaGFua3Ms
PG86cD48L286cD48L3NwYW4+PC9wPjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9u
dC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiO2NvbG9yOiMx
RjQ5N0QnPk1pY2hhZWw8bzpwPjwvbzpwPjwvc3Bhbj48L3A+PHAgY2xhc3M9TXNvTm9ybWFsPjxz
cGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1z
ZXJpZiI7Y29sb3I6IzFGNDk3RCc+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPjxkaXY+PGRp
diBzdHlsZT0nYm9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjQjVDNERGIDEuMHB0O3BhZGRp
bmc6My4wcHQgMGluIDBpbiAwaW4nPjxwIGNsYXNzPU1zb05vcm1hbD48Yj48c3BhbiBzdHlsZT0n
Zm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseToiVGFob21hIiwic2Fucy1zZXJpZiI7Y29sb3I6
d2luZG93dGV4dCc+RnJvbTo8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTAuMHB0
O2ZvbnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjtjb2xvcjp3aW5kb3d0ZXh0Jz4gc2Np
bS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSA8Yj5PbiBC
ZWhhbGYgT2YgPC9iPkFudGhvbnkgTmFkYWxpbjxicj48Yj5TZW50OjwvYj4gV2VkbmVzZGF5LCBN
YXJjaCAxNCwgMjAxMiA5OjA5IEFNPGJyPjxiPlRvOjwvYj4gRWxpb3QgTGVhcjsgUGhpbCBIdW50
PGJyPjxiPkNjOjwvYj4gc2NpbUBpZXRmLm9yZzsgUGV0ZXIgU2FpbnQtQW5kcmU7IFN0ZXZlbiBN
LiBCZWxsb3Zpbjxicj48Yj5TdWJqZWN0OjwvYj4gUmU6IFtzY2ltXSBQcm9wb3NlIHJlc2hhcGUg
b2YgY2hhcnRlcjxvOnA+PC9vOnA+PC9zcGFuPjwvcD48L2Rpdj48L2Rpdj48cCBjbGFzcz1Nc29O
b3JtYWw+PG86cD4mbmJzcDs8L286cD48L3A+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxl
PSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7Y29s
b3I6IzFGNDk3RCc+4oCcPC9zcGFuPm1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xl4oCd
IDxvOnA+PC9vOnA+PC9wPjxwIGNsYXNzPU1zb05vcm1hbD48bzpwPiZuYnNwOzwvbzpwPjwvcD48
cCBjbGFzcz1Nc29Ob3JtYWw+VGhpcyBpcyBhIGxpdHRsZSB0b28gdmFndWUgYXMgdGhlcmUgYXJl
IG1hbnkgZGlmZmVyZW50IHZpZXdzIG9uIHdoYXQgdGhlIGlkZW50aXR5IGxpZmVjeWNsZSBjb25z
aXN0cyBvZiwgZW5yb2xsbWVudCwgcHJvb2ZpbmcsIGNyZWRlbnRpYWxpbmcsIHVzYWdlLCBtb25p
dG9yaW5nLCBldGMuIGFuZCBJIGRvbuKAmXQgYmVsaWV2ZSB0aGF0IFNDSU0gY292ZXJzIGFsbCB0
aGVzZSBhcmVhcyBub3cgb3IgZXZlciB3aWxsPG86cD48L286cD48L3A+PHAgY2xhc3M9TXNvTm9y
bWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwi
c2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3RCc+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPjxk
aXY+PGRpdiBzdHlsZT0nYm9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjQjVDNERGIDEuMHB0
O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4nPjxwIGNsYXNzPU1zb05vcm1hbD48Yj48c3BhbiBz
dHlsZT0nZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseToiVGFob21hIiwic2Fucy1zZXJpZiI7
Y29sb3I6d2luZG93dGV4dCc+RnJvbTo8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSdmb250LXNpemU6
MTAuMHB0O2ZvbnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjtjb2xvcjp3aW5kb3d0ZXh0
Jz4gc2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSA8
Yj5PbiBCZWhhbGYgT2YgPC9iPkVsaW90IExlYXI8YnI+PGI+U2VudDo8L2I+IFR1ZXNkYXksIE1h
cmNoIDEzLCAyMDEyIDI6MjMgUE08YnI+PGI+VG86PC9iPiBQaGlsIEh1bnQ8YnI+PGI+Q2M6PC9i
PiBzY2ltQGlldGYub3JnOyBQZXRlciBTYWludC1BbmRyZTsgU3RldmVuIE0uIEJlbGxvdmluPGJy
PjxiPlN1YmplY3Q6PC9iPiBSZTogW3NjaW1dIFByb3Bvc2UgcmVzaGFwZSBvZiBjaGFydGVyPG86
cD48L286cD48L3NwYW4+PC9wPjwvZGl2PjwvZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48bzpwPiZu
YnNwOzwvbzpwPjwvcD48cCBjbGFzcz1Nc29Ob3JtYWw+RXZlcnlvbmU6PGJyPjxicj5QbGVhc2Ug
dm9pY2UgeW91ciBzdXBwb3J0IG9yIG9wcG9zaXRpb24gdG8gdGhlIHByb3Bvc2VkIGNoYW5nZSBi
ZWxvdyAoYW5kIGFueSBvdGhlciBwcm9wb3NlZCBjaGFuZ2UpIHRoYXQgY29tZXMgdGhyb3VnaC4m
bmJzcDsgU3RhdGluZyBXSFkgaGVscHMgYWR2YW5jZSB0aGUgZGViYXRlLjxicj48YnI+VGhhbmtz
LDxicj48YnI+RWxpb3Q8YnI+PGJyPk9uIDMvMTMvMTIgODo1NiBQTSwgUGhpbCBIdW50IHdyb3Rl
OiA8bzpwPjwvbzpwPjwvcD48ZGl2PjxkaXY+PGRpdj48ZGl2PjxkaXY+PGRpdj48ZGl2PjxwIGNs
YXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1mYW1pbHk6IkhlbHZldGljYSIsInNhbnMt
c2VyaWYiJz5FbGlvdCw8bzpwPjwvbzpwPjwvc3Bhbj48L3A+PC9kaXY+PGRpdj48cCBjbGFzcz1N
c29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQtZmFtaWx5OiJIZWx2ZXRpY2EiLCJzYW5zLXNlcmlm
Iic+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPjwvZGl2PjxkaXY+PHAgY2xhc3M9TXNvTm9y
bWFsPjxzcGFuIHN0eWxlPSdmb250LWZhbWlseToiSGVsdmV0aWNhIiwic2Fucy1zZXJpZiInPkkg
cHJvcG9zZSB0aGUgZm9sbG93aW5nIGNoYW5nZSB0byB0aGUgV0cgRGVzY3JpcHRpb246PG86cD48
L286cD48L3NwYW4+PC9wPjwvZGl2PjxkaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxl
PSdmb250LWZhbWlseToiSGVsdmV0aWNhIiwic2Fucy1zZXJpZiInPjxvOnA+Jm5ic3A7PC9vOnA+
PC9zcGFuPjwvcD48L2Rpdj48ZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9u
dC1mYW1pbHk6IkhlbHZldGljYSIsInNhbnMtc2VyaWYiJz5Gcm9tOjxvOnA+PC9vOnA+PC9zcGFu
PjwvcD48L2Rpdj48ZGl2PjxibG9ja3F1b3RlIHN0eWxlPSdtYXJnaW4tdG9wOjUuMHB0O21hcmdp
bi1ib3R0b206NS4wcHQnPjxkaXY+PHByZT5UaGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFn
ZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24gaXMgZGVzaWduZWQgdG8gPG86cD48L286cD48L3By
ZT48cHJlPm1ha2UgbWFuYWdpbmcgdXNlciBpZGVudGl0eSBsaWZlY3ljbGUgaW4gY2xvdWQgYmFz
ZWQgYXBwbGljYXRpb25zIGFuZCA8bzpwPjwvbzpwPjwvcHJlPjxwcmU+c2VydmljZXMgZWFzaWVy
LjxvOnA+PC9vOnA+PC9wcmU+PC9kaXY+PC9ibG9ja3F1b3RlPjxkaXY+PHAgY2xhc3M9TXNvTm9y
bWFsPjxzcGFuIHN0eWxlPSdmb250LWZhbWlseToiSGVsdmV0aWNhIiwic2Fucy1zZXJpZiInPlRv
OjxvOnA+PC9vOnA+PC9zcGFuPjwvcD48L2Rpdj48L2Rpdj48ZGl2PjxibG9ja3F1b3RlIHN0eWxl
PSdtYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1ib3R0b206NS4wcHQnPjxkaXY+PHByZT5UaGUgU2lt
cGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24gaXMgZGVz
aWduZWQgdG8gPG86cD48L286cD48L3ByZT48cHJlPm1ha2UgbWFuYWdpbmcgdXNlciBpZGVudGl0
eSBsaWZlY3ljbGUgaW4gb25lIG9yIG1vcmUgYXBwbGljYXRpb25zIGFuZCA8bzpwPjwvbzpwPjwv
cHJlPjxwcmU+c2VydmljZXMgZWFzaWVyIGJldHdlZW4gY2xpZW50IG9yZ2FuaXphdGlvbnMgYW5k
IGNsb3VkIGJhc2VkIHNlcnZpY2UgcHJvdmlkZXJzLjxvOnA+PC9vOnA+PC9wcmU+PC9kaXY+PC9i
bG9ja3F1b3RlPjxkaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LWZhbWls
eToiSGVsdmV0aWNhIiwic2Fucy1zZXJpZiInPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD48
L2Rpdj48L2Rpdj48ZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1mYW1p
bHk6IkhlbHZldGljYSIsInNhbnMtc2VyaWYiJz5UaGUgY2hhbmdlIGFib3ZlIGlzIHN1YnRsZSBi
dXQgb2YgY3JpdGljYWwgaW1wb3J0YW5jZSB0byBjbG91ZCBwcm92aWRlcnMgKG1hbnkgd2hvIGFy
ZSBub3QgeWV0IGFjdGl2ZSBpbiB0aGUgZ3JvdXApIHdobyBob3N0IG1hbnkgc2VydmljZXMuPG86
cD48L286cD48L3NwYW4+PC9wPjwvZGl2PjxkaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0
eWxlPSdmb250LWZhbWlseToiSGVsdmV0aWNhIiwic2Fucy1zZXJpZiInPjxvOnA+Jm5ic3A7PC9v
OnA+PC9zcGFuPjwvcD48L2Rpdj48ZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0n
Zm9udC1mYW1pbHk6IkhlbHZldGljYSIsInNhbnMtc2VyaWYiJz5JdCBpcyBwcm9iYWJseSBpbXBv
cnRhbnQgdG8gc2l0ZSB0aGUgbG9jYXRpb24gb2YgdGhlIFNDSU0gMS4wIHNwZWNpZmljYXRpb24g
d2hpY2ggaXMgcHVibGlzaGVkIGV4dGVybmFsbHkgdG8gSUVURiBhcyB3ZWxsIGFzIHRoZSByZS1w
dWJsaXNoZWQgZHJhZnRzIHVuZGVyIElFVEYuPG86cD48L286cD48L3NwYW4+PC9wPjwvZGl2Pjxk
aXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LWZhbWlseToiSGVsdmV0aWNh
Iiwic2Fucy1zZXJpZiInPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD48L2Rpdj48ZGl2Pjxw
IGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1mYW1pbHk6IkhlbHZldGljYSIsInNh
bnMtc2VyaWYiJz5QaGlsPG86cD48L286cD48L3NwYW4+PC9wPjwvZGl2PjxkaXY+PHAgY2xhc3M9
TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6IkhlbHZl
dGljYSIsInNhbnMtc2VyaWYiJz48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+PC9kaXY+PGRp
dj48cCBjbGFzcz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZTo5LjBwdDtmb250LWZh
bWlseToiSGVsdmV0aWNhIiwic2Fucy1zZXJpZiInPkBpbmRlcGVuZGVudGlkPG86cD48L286cD48
L3NwYW4+PC9wPjwvZGl2PjxkaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250
LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6IkhlbHZldGljYSIsInNhbnMtc2VyaWYiJz48YSBocmVm
PSJodHRwOi8vd3d3LmluZGVwZW5kZW50aWQuY29tIj53d3cuaW5kZXBlbmRlbnRpZC5jb208L2E+
PG86cD48L286cD48L3NwYW4+PC9wPjwvZGl2PjwvZGl2PjwvZGl2PjwvZGl2PjxwIGNsYXNzPU1z
b05vcm1hbCBzdHlsZT0nbWFyZ2luLWJvdHRvbToxMi4wcHQnPjxzcGFuIHN0eWxlPSdmb250LWZh
bWlseToiSGVsdmV0aWNhIiwic2Fucy1zZXJpZiInPjxhIGhyZWY9Im1haWx0bzpwaGlsLmh1bnRA
b3JhY2xlLmNvbSI+cGhpbC5odW50QG9yYWNsZS5jb208L2E+PG86cD48L286cD48L3NwYW4+PC9w
PjwvZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1mYW1pbHk6IkhlbHZl
dGljYSIsInNhbnMtc2VyaWYiJz48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+PC9kaXY+PHAg
Y2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtYXJnaW4tYm90dG9tOjEyLjBwdCc+PG86cD4mbmJzcDs8
L286cD48L3A+PC9kaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPjxk
aXY+PGRpdj48cCBjbGFzcz1Nc29Ob3JtYWw+T24gMjAxMi0wMy0xMywgYXQgMTI6MzcgUE0sIEVs
aW90IExlYXIgd3JvdGU6PG86cD48L286cD48L3A+PC9kaXY+PHAgY2xhc3M9TXNvTm9ybWFsIHN0
eWxlPSdtYXJnaW4tYm90dG9tOjEyLjBwdCc+PG86cD4mbmJzcDs8L286cD48L3A+PGRpdj48cCBj
bGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21hcmdpbi1ib3R0b206MTIuMHB0Jz5IaSBFdmVyeW9uZSw8
YnI+PGJyPkhhdmluZyByZWFkIGlucHV0cyBmcm9tIHRoaXMgbGlzdCwgSSBhbSBwcm9wb3Npbmcg
c29tZSBjaGFuZ2VzIHRvIHRoZSBjaGFydGVyLiZuYnNwOyBNb3N0IG9mIHRoaXMgaXMgZm9ybSBh
bmQgbm90IHN1YnN0YW5jZSwmbmJzcDsgYnV0IHRoZXJlIGFyZSBzb21lIHN1YnN0YW50aWFsIGNo
YW5nZXMuJm5ic3A7IFRoZSBwdXJwb3NlIG9mIHRoZXNlIGNoYW5nZXMgaXMgdG8gYnJpbmcgdGhl
IGNoYXJ0ZXIgaW4gbGluZSB3aXRoIG1vc3Qgb2YgdGhlIG90aGVycy4mbmJzcDsgQWJzZW50IHRo
ZXNlIHNvcnQgb2YgY2hhbmdlcywgSSBhbSBub3QgY29uZmlkZW50IHdlIHdvdWxkIGdldCBhIFdH
LiZuYnNwOyBFdmVuIHdpdGggdGhlc2UgY2hhbmdlcywgbW9yZSB3b3JrIGlzIG5lZWRlZC4gYmVj
YXVzZSB3aGF0IGlzIGJlbG93IGlzIG5vdCBjb21wbGV0ZS48YnI+PGJyPldoYXQgaXMgbWlzc2lu
ZyDigJMgPGI+YW5kIGl0J3MgaW1wb3J0YW50IOKAkyZuYnNwOzwvYj4gYXJlIGEgZmV3IGFkZGl0
aW9uYWwgd29yZHMgYWJvdXQgd2h5IHdlIG5lZWQgU0NJTS4mbmJzcDsgV2h5IGFyZSB3ZSBob2xk
aW5nIHRoZSBkYXJuIEJvRj8mbmJzcDsgVGhpcyBpcyBub3Qgc29tZXRoaW5nIHRoYXQgY2FuIHdh
aXQsIElNSE8sIGZvciBhbiBJbmZvcm1hdGlvbmFsIGRvY3VtZW50LiZuYnNwOyBSYXRoZXIsIGlm
IHRoZXJlIGlzIG5vIGNsZWFyIHN0YXRlbWVudCBvZiB0aGUgcHJvYmxlbSwgSSBkb24ndCBzZWUg
aG93IHRoZSBJRVNHIHdvdWxkIGFwcHJvdmUgYSBXRy4mbmJzcDsgU28gdGhhdCdzIHdoYXQgdGhl
IGJpZyBYWFhYWFhYIGlzIGJlbG93LiZuYnNwOyBJJ3ZlIHB1dCBzb21lIHdvcmRzIGluLCBidXQg
dGhleSBhcmUgdGhlcmUgdG8gZGVtb25zdHJhdGUgdGhlIHBvaW50LiZuYnNwOyBQTEVBU0UgcHJv
cG9zZSB0ZXh0Ljxicj48YnI+SW4gYWRkaXRpb24sIG15IHJld29yZGluZyBpcywgaW4gc29tZSBw
bGFjZXMsIGdlbmVyaWMuJm5ic3A7IEkgd291bGQgc3VnZ2VzdCB0aGF0IG1vcmUgdGltZSBiZSBz
cGVudCBvbiB3aGF0IHdlIHdpbGwg4oCTIGFuZCBhcyBpbXBvcnRhbnRseSDigJMmbmJzcDsgV09O
J1QgZG8uJm5ic3A7IEEgZ29vZCBjaGFydGVyIHdpbGwgc2NvcGUgb3V0IG1vcmUuJm5ic3A7IFdo
YXQgYXJlIHRoZSBjcml0aWNhbCBmdW5jdGlvbnMgdGhhdCBuZWVkIHRvIGJlIGRvbmUgPGI+bm93
PC9iPj8mbmJzcDsgSWYgd2UgbGVhdmUgaXQgd2lkZSBvcGVuLCB0aGVuIHdlIHJ1biB0aGUgcmlz
ayBvZiBwZW9wbGUgc2hvdmVsaW5nIHRvbyBtdWNoIGluLCBvciBibG9ja2luZyBvbiBob3cgdG8g
ZGVjaWRlIHdoZXJlIHRvIGhvbGQgdGhlIGxpbmUgYW5kIHdhaXQgdGlsIHRoZSBuZXh0IHJvdW5k
LiZuYnNwOyBTbywgZm9yIGluc3RhbmNlLCBob3cgd2lsbCB3ZSBrZWVwIHRoZSBzY2hlbWEgZnJv
bSBibG9hdGluZz8mbmJzcDsgUmluc2UgYW5kIHJlcGVhdCB3aXRoIHByb3RvY29sIG9wZXJhdGlv
bnMuPGJyPjxicj5JbiBhZGRpdGlvbiwgaXQgaXMgbXkgYW50aWNpcGF0aW9uIHRoYXQgc2hvcnRs
eSBiZWZvcmUg4oCTIG9yIHZlcnkgcXVpY2tseSBhZnRlciDigJMgb3VyIEJvRiwgSW50ZXJuZXQt
RHJhZnRzIHdpbGwgYmUgcG9zdGVkIG9mIHRoZSBpbml0aWFsIHNwZWNpZmljYXRpb25zLiZuYnNw
OyBUaHVzIHlvdSBzZWUgZHJhZnQtWFhYIGJlbG93LiZuYnNwOyBXaGlsZSB0aGUgY2hhcnRlciBu
ZWVkIG5vdCDigJMgYW5kIGNhbm5vdCDigJMgYmUgY29tcGxldGVseSBmaW5pc2hlZCBiZWZvcmUg
dGhlIEJvRiwgd2Ugc2hvdWxkIGhhdmUgaXQgYXMgY2xvc2UgYXMgcG9zc2libGUuPGJyPjxicj48
YnI+UGxlYXNlIGNvbW1lbnQgbm93IG9uIHRoZXNlIGNoYW5nZXMgYW5kIGFueSBhZGRpdGlvbmFs
IGNoYW5nZXMgeW91IHdvdWxkIGxpa2UgdG8gc2VlLjxvOnA+PC9vOnA+PC9wPjxwcmU+U2ltcGxl
IENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pPG86cD48L286cD48L3ByZT48cCBjbGFz
cz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQtZmFtaWx5OiJDb3VyaWVyIE5ldyInPkNoYWly
KHMpOiBUQkQ8L3NwYW4+IDxvOnA+PC9vOnA+PC9wPjxwcmU+QXBwbGljYXRpb25zIEFyZWEgRGly
ZWN0b3Iocyk6PG86cD48L286cD48L3ByZT48cHJlPiZuYnNwOyZuYnNwOyZuYnNwOyAmbmJzcDtQ
ZXRlIFJlc25pY2sgJmx0OzxhIGhyZWY9Im1haWx0bzpwcmVzbmlja0BxdWFsY29tbS5jb20iPnBy
ZXNuaWNrQHF1YWxjb21tLmNvbTwvYT4mZ3Q7IDxvOnA+PC9vOnA+PC9wcmU+PHByZT4mbmJzcDsm
bmJzcDsmbmJzcDsmbmJzcDsgQmFycnkgTGllYmEgJmx0Oz8/PyZndDsgPG86cD48L286cD48L3By
ZT48cHJlPk1haWxpbmcgTGlzdHM6PG86cD48L286cD48L3ByZT48cHJlPiZuYnNwOyZuYnNwOyZu
YnNwOyZuYnNwOyBHZW5lcmFsIERpc2N1c3Npb246IDxhIGhyZWY9Im1haWx0bzpzY2ltQGlldGYu
b3JnIj5zY2ltQGlldGYub3JnPC9hPjxvOnA+PC9vOnA+PC9wcmU+PHByZT4mbmJzcDsmbmJzcDsm
bmJzcDsmbmJzcDsgVG8gU3Vic2NyaWJlOiA8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9t
YWlsbWFuL2xpc3RpbmZvL3NjaW0iPmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGlu
Zm8vc2NpbTwvYT48bzpwPjwvbzpwPjwvcHJlPjxwcmU+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7
IEFyY2hpdmU6Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IDxhIGhyZWY9Imh0dHA6Ly93
d3cuaWV0Zi5vcmcvbWFpbC1hcmNoaXZlL3dlYi9zY2ltL2N1cnJlbnQvbWFpbGxpc3QuaHRtbCI+
aHR0cDovL3d3dy5pZXRmLm9yZy9tYWlsLWFyY2hpdmUvd2ViL3NjaW0vY3VycmVudC9tYWlsbGlz
dC5odG1sPC9hPjxvOnA+PC9vOnA+PC9wcmU+PHByZT4mbmJzcDs8bzpwPjwvbzpwPjwvcHJlPjxw
cmU+RGVzY3JpcHRpb24gb2YgV29ya2luZyBHcm91cDo8bzpwPjwvbzpwPjwvcHJlPjxwcmU+VGhl
IFNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50IChTQ0lNKSBzcGVjaWZpY2F0aW9uIGlz
IGRlc2lnbmVkIHRvIDxvOnA+PC9vOnA+PC9wcmU+PHByZT5tYWtlIG1hbmFnaW5nIHVzZXIgaWRl
bnRpdHkgbGlmZWN5Y2xlIGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9ucyBhbmQgPG86cD48L286
cD48L3ByZT48cHJlPnNlcnZpY2VzIGVhc2llci48bzpwPjwvbzpwPjwvcHJlPjxwcmU+PG86cD4m
bmJzcDs8L286cD48L3ByZT48cHJlPlhYWFhYWFg8bzpwPjwvbzpwPjwvcHJlPjxwcmU+PG86cD4m
bmJzcDs8L286cD48L3ByZT48cHJlPlNvLWNhbGxlZCBDUmVhdGUgVXBkYXRlIERlbGV0ZSAoQ1JV
RCkgcHJvdmlzaW9uaW5nIG9wZXJhdGlvbnMgYXJlIG9mdGVuPG86cD48L286cD48L3ByZT48cHJl
Pm5lY2Vzc2FyeSB0byBlYXNlIGFkb3B0aW9uIG9mIG5ldyBzZXJ2aWNlcy4mbmJzcDsgVGhpcyB3
b3JrIGJ1aWxkcyBvbiB0b29sczxvOnA+PC9vOnA+PC9wcmU+PHByZT5zdWNoIGFzIGxkYXAgYW5k
IFNBTUwgMi4wLCB3aGljaCBhcmUgdXNlZCB0byBwcm92aWRlIHVwLXRvLWRhdGUgaW5mb3JtYXRp
b24uPG86cD48L286cD48L3ByZT48cHJlPlNDSU0gZm9jdXNlcyBvbiB0aGUgY2FzZSB3aGVyZSBh
biBlbnRlcnByaXNlJ3MgbGRhcCBzZXJ2aWNlIG1heSBub3QgYmU8bzpwPjwvbzpwPjwvcHJlPjxw
cmU+YXZhaWxhYmxlIHRvIHRoZSBwcm92aWRlciwgYW5kIFNBTUwgY2Fubm90IHByb3ZpZGUgc3Vm
ZmljaWVudCBjb250ZXh0IGZvciB0aGU8bzpwPjwvbzpwPjwvcHJlPjxwcmU+c2VydmljZS4mbmJz
cDsgQW4gZXhhbXBsZSB3b3VsZCBiZSB0aGUgcHJvdmlzaW9uaW5nIG9mIGFuIG9mIGFuIEVNYWls
IGFjY291bnQgc288bzpwPjwvbzpwPjwvcHJlPjxwcmU+dGhhdCBpdCBjYW4gcmVjZWl2ZSBtYWls
IGJlZm9yZSB0aGUgcGVyc29uIGhhcyBmaXJzdCBsb2dnZWQgaW4uPG86cD48L286cD48L3ByZT48
cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+PHByZT5YWFhYWFhYWDxvOnA+PC9vOnA+PC9wcmU+
PHByZT5UaGUgc3BlY2lmaWNhdGlvbiBzdWl0ZSBzZWVrcyB0byBidWlsZCB1cG9uIGV4cGVyaWVu
Y2Ugd2l0aCBleGlzdGluZyA8bzpwPjwvbzpwPjwvcHJlPjxwcmU+c2NoZW1hcyBhbmQgZGVwbG95
bWVudHMsIHBsYWNpbmcgc3BlY2lmaWMgZW1waGFzaXMgb24gc2ltcGxpY2l0eSBvZiA8bzpwPjwv
bzpwPjwvcHJlPjxwcmU+ZGV2ZWxvcG1lbnQgYW5kIGludGVncmF0aW9uLCB3aGlsZSBhcHBseWlu
ZyBleGlzdGluZyBhdXRoZW50aWNhdGlvbiwgPG86cD48L286cD48L3ByZT48cHJlPmF1dGhvcml6
YXRpb24sIGFuZCBwcml2YWN5IG1vZGVscy4gSXRzIGludGVudCBpcyB0byByZWR1Y2UgdGhlIGNv
c3QgYW5kIDxvOnA+PC9vOnA+PC9wcmU+PHByZT5jb21wbGV4aXR5IG9mIHVzZXIgbWFuYWdlbWVu
dCBvcGVyYXRpb25zIGJ5IHByb3ZpZGluZyBhIGNvbW1vbiB1c2VyIDxvOnA+PC9vOnA+PC9wcmU+
PHByZT5zY2hlbWEgYW5kIGV4dGVuc2lvbiBtb2RlbCwgYXMgd2VsbCBhcyBiaW5kaW5nIGRvY3Vt
ZW50cyB0byBwcm92aWRlIDxvOnA+PC9vOnA+PC9wcmU+PHByZT5wYXR0ZXJucyBmb3IgZXhjaGFu
Z2luZyB0aGlzIHNjaGVtYSB1c2luZyBzdGFuZGFyZCBwcm90b2NvbHMuIEluIDxvOnA+PC9vOnA+
PC9wcmU+PHByZT5hZGRpdGlvbiB0aGUgd29ya2luZyBncm91cCBtYXkgY29uc2lkZXIgaW5jbHVk
aW5nIG1hbmFnaW5nIGRldmljZSA8bzpwPjwvbzpwPjwvcHJlPjxwcmU+aWRlbnRpdGllcyBhcyBw
YXJ0IG9mIHRoZSB3b3JrIGFkb3B0ZWQgYnkgdGhlIHdvcmtpbmcgZ3JvdXAuPG86cD48L286cD48
L3ByZT48cHJlPlRoZSBncm91cCB3aWxsIHVzZSBhcyBzdGFydGluZyBwb2ludHMgdGhlIGZvbGxv
d2luZyBkcmFmdHMgaW48bzpwPjwvbzpwPjwvcHJlPjxwcmU+dGhlIGZvbGxvd2luZyB3YXlzOjxv
OnA+PC9vOnA+PC9wcmU+PHByZT48bzpwPiZuYnNwOzwvbzpwPjwvcHJlPjxwcmU+Jm5ic3A7Jm5i
c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IGRyYWZ0LVhYWC1zY2ltLXNjaGVtYS0w
MCBhcyB0aGUgYSBzY2hlbWEgc3BlY2lmaWNhdGlvbiw8bzpwPjwvbzpwPjwvcHJlPjxwcmU+Jm5i
c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IGRyYWZ0LVhYWC1zY2ltLXBy
b3RvY29sLWRlZmluaXRpb24tMDAgYXMgdGhlIHByb3RvY29sIHNwZWNpZmljYXRpb24sPG86cD48
L286cD48L3ByZT48cHJlPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw
OyBkcmFmdC1YWFgtc2NpbS1zYW1sLWJpbmRpbmctMDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2No
ZW1hIHRvIFNBTUwsIGFuZDxvOnA+PC9vOnA+PC9wcmU+PHByZT4mbmJzcDsmbmJzcDsmbmJzcDsm
bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgZHJhZnQtWFhYLXNjaW0tbGRhcC1iaW5kaW5nLTAwIGZv
ciBiaW5kaW5nIHRoZSBTQ0lNIHNjaGVtYSB0byBMREFQLjxvOnA+PC9vOnA+PC9wcmU+PHByZT48
bzpwPiZuYnNwOzwvbzpwPjwvcHJlPjxwcmU+VGhlc2UgZHJhZnRzIGFyZSBiYXNlZCBvbiBleGlz
dGluZyBzcGVjaWZpY2F0aW9ucy4gd2hpY2ggdG9nZXRoZXIgYXJlIGNvbW1vbmx5PG86cD48L286
cD48L3ByZT48cHJlPmtub3duIGFzIFNDSU0gMS4wLiZuYnNwOyBBcyBzdWNoLCBzb21lIGNvbnNp
ZGVyYXRpb24gc2hvdWxkIGJlIGdpdmVuIGZvciBiYWNrd2FyZDxvOnA+PC9vOnA+PC9wcmU+PHBy
ZT5jb21wYXRpYmlsaXR5LCBhcyB0aGUgZ3JvdXAgZXZvbHZlcyB0aGUgd29yay4mbmJzcDsgVGhp
cyBncm91cCB3aWxsIGNvbnNpZGVyLDxvOnA+PC9vOnA+PC9wcmU+PHByZT5mb3IgYW5kIGZvcmVt
b3N0LCB0aGUgb3BlcmF0aW9uYWwgZXhwZXJpZW5jZSBnYXRoZXJlZCBmcm9tIHRoZSBleGlzdGlu
ZyB3b3JrLjxvOnA+PC9vOnA+PC9wcmU+PHByZT5UaGUgZ3JvdXAgd2lsbCBhbHNvIGNvbnNpZGVy
IGV4cGVyaWVuY2VzIHdpdGggd29yayBkb25lIGJ5IG90aGVyIGJvZGllcywgaW5jbHVkaW5nPG86
cD48L286cD48L3ByZT48cHJlPnRoZSBPQVNJUyBQcm92aXNpb25pbmcgVEMuPG86cD48L286cD48
L3ByZT48cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+PHByZT5UaGUgZ3JvdXAgd2lsbCBwcm9k
dWNlIFByb3Bvc2VkIFN0YW5kYXJkcyBmb3IgYSBzY2hlbWEsIGEgcHJvdG9jb2wsPG86cD48L286
cD48L3ByZT48cHJlPmEgU0FNTCBiaW5kaW5nLCBhbmQgYW4gTERBUCBiaW5kaW5nLiZuYnNwOyBJ
biBkb2luZyBzbywgdGhlIGdyb3VwIHdpbGwgbWFrZTxvOnA+PC9vOnA+PC9wcmU+PHByZT5jb25z
aXN0ZW50IHRoZSB0ZXJtaW5vbG9neSwgcmV2aWV3IGFuZCBpbXByb3ZlIHNlY3VyaXR5IG9mIHRo
ZSBvdmVyYWxsIHN5c3RlbSw8bzpwPjwvbzpwPjwvcHJlPjxwcmU+aWRlbnRpZnkgYW55IGZ1bmN0
aW9uYWwgZ2FwcyB0aGF0IHdvdWxkIGJlIHVzZWZ1bCBmdXR1cmUgd29yaywgYWRkcmVzczxvOnA+
PC9vOnA+PC9wcmU+PHByZT5pbnRlcm5hdGlvbmFsaXphdGlvbiwgYW5kIHByb3ZpZGUgZ3VpZGVs
aW5lcyBmb3IgZXh0ZW5zaWJpbGl0eSAoZWl0aGVyIHRocm91Z2g8bzpwPjwvbzpwPjwvcHJlPjxw
cmU+SUFOQSByZWdpc3RyaWVzIG9yIG90aGVyIG1lYW5zKS48bzpwPjwvbzpwPjwvcHJlPjxwcmU+
PG86cD4mbmJzcDs8L286cD48L3ByZT48cHJlPkluIGl0cyB3b3JrLCB0aGUgZ3JvdXAgd2lsbCBk
ZWNpZGUgd2hhdCBhZGRpdGlvbmFsIGNhcGFiaWxpdGllcyBzaG91bGQgYmU8bzpwPjwvbzpwPjwv
cHJlPjxwcmU+aW5jbHVkZWQgaW4gdGhlIGluaXRpYWwgc3BlY2lmaWNhdGlvbiwgYW5kIHdoYXQg
Y2FuIGJlIGFkZHJlc3NlZCBhdCBhIGxhdGVyIHRpbWUuPG86cD48L286cD48L3ByZT48cHJlPjxv
OnA+Jm5ic3A7PC9vOnA+PC9wcmU+PHByZT5Ib3dldmVyLCB1c2VyLCBkZXZpY2UsIGFuZCBzZXJ2
aWNlIGF1dGhlbnRpY2F0aW9uIGFuZCBhdXRob3JpemF0aW9uPG86cD48L286cD48L3ByZT48cHJl
Pihwb2xpY3kvZW50aXRsZW1lbnQpIGFyZSBvdXQgb2Ygc2NvcGUgZm9yIHRoaXMgd29ya2luZyBn
cm91cC48bzpwPjwvbzpwPjwvcHJlPjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT48cHJlPk1p
bGVzdG9uZXM8bzpwPjwvbzpwPjwvcHJlPjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT48cHJl
PjUvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0gY29yZSBz
Y2hlbWE8bzpwPjwvbzpwPjwvcHJlPjxwcmU+NS8yMDEyJm5ic3A7Jm5ic3A7Jm5ic3A7IEluaXRp
YWwgYWRvcHRpb24gb2YgU0NJTSByZXN0ZnVsIGludGVyZmFjZSBkcmFmdDxvOnA+PC9vOnA+PC9w
cmU+PHByZT41LzIwMTImbmJzcDsmbmJzcDsmbmJzcDsgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lN
IFNBTUwgYmluZGluZ3MgZHJhZnQ8bzpwPjwvbzpwPjwvcHJlPjxwcmU+NS8yMDEyJm5ic3A7Jm5i
c3A7Jm5ic3A7IEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSBMREFQIG1hcHBpbmcgZHJhZnQ8bzpw
PjwvbzpwPjwvcHJlPjxwcmU+OS8yMDEyJm5ic3A7Jm5ic3A7Jm5ic3A7IFdHTEMgU0NJTSBjb3Jl
IHNjaGVtYTxvOnA+PC9vOnA+PC9wcmU+PHByZT45LzIwMTImbmJzcDsmbmJzcDsmbmJzcDsgV0dM
QyBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNlPG86cD48L286cD48L3ByZT48cHJlPjkvMjAxMiZuYnNw
OyZuYnNwOyZuYnNwOyBXR0xDIFNDSU0gU0FNTCBiaW5kaW5nczxvOnA+PC9vOnA+PC9wcmU+PHBy
ZT45LzIwMTImbmJzcDsmbmJzcDsmbmJzcDsgV0dMQyBTQ0lNIExEQVAgbWFwcGluZzxvOnA+PC9v
OnA+PC9wcmU+PHByZT4zLzIwMTMmbmJzcDsmbmJzcDsmbmJzcDsgUmUtY2hhcnRlciBkaXNjdXNz
aW9uPG86cD48L286cD48L3ByZT48cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+PC9kaXY+PHAg
Y2xhc3M9TXNvTm9ybWFsPl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fPGJyPnNjaW0gbWFpbGluZyBsaXN0PGJyPjxhIGhyZWY9Im1haWx0bzpzY2ltQGlldGYu
b3JnIj5zY2ltQGlldGYub3JnPC9hPjxicj48YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9t
YWlsbWFuL2xpc3RpbmZvL3NjaW0iPmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGlu
Zm8vc2NpbTwvYT48bzpwPjwvbzpwPjwvcD48L2Rpdj48cCBjbGFzcz1Nc29Ob3JtYWw+PG86cD4m
bmJzcDs8L286cD48L3A+PC9kaXY+PC9ib2R5PjwvaHRtbD4=

--_000_219947F0B2242843A0A1E62FDB510DC0250F3D4F7FUSNAVSXCHMBSA_--

From prvs=413e33f86=Mark.Diodati@gartner.com  Wed Mar 14 06:34:01 2012
Return-Path: <prvs=413e33f86=Mark.Diodati@gartner.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A492521F85B6 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:34:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.498
X-Spam-Level: 
X-Spam-Status: No, score=-6.498 tagged_above=-999 required=5 tests=[AWL=0.100,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W7y8f3x1uTyO for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:34:00 -0700 (PDT)
Received: from iron-main.gartner.com (iron-main.gartner.com [207.140.148.93]) by ietfa.amsl.com (Postfix) with ESMTP id AD1C421F85A0 for <scim@ietf.org>; Wed, 14 Mar 2012 06:33:59 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqIEAI+dYE8KQCMD/2dsb2JhbAA5AQmCRYJ1r3OCBIIJAQEBBAEBASAmJRsCAQgRBAEBCwIJCwcDAgICJQsUBwEBBQMCBBMIAYgMqhKSKYowAQiDF4IYM2MEkXODY5AogmaBXA
X-IronPort-AV: E=Sophos;i="4.73,583,1325480400";  d="scan'208,217";a="102400758"
From: "Diodati,Mark" <Mark.Diodati@gartner.com>
To: "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] Propose reshape of charter
Thread-Index: AQHNAeRU39qLp+f/eU2uyGsRy26JLpZpxUBg
Date: Wed, 14 Mar 2012 13:33:57 +0000
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.127.2.130]
Content-Type: multipart/alternative; boundary="_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD4000Altaentgartnerc_"
MIME-Version: 1.0
Message-Id: <20120314133359.AD1C421F85A0@ietfa.amsl.com>
Subject: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 13:34:01 -0000

--_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD4000Altaentgartnerc_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SSB1bmRlcnN0YW5kIHRoZSBjb25jZXJuIHJlZ2FyZGluZyB0aGUgdmFndWVuZXNzIG9mIOKAnG1h
bmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xl4oCdLCBidXQgSSB0aGluayB0aGF0IGl0IGlz
IHN1ZmZpY2llbnQuIFRoZSBjbGllbnRzIEkgaGF2ZSBzcG9rZW4gdG8gZG8gbm90IGFzc29jaWF0
ZSBpZGVudGl0eSBwcm9vZmluZywgcHJpdmFjeSBzZXR0aW5ncywgZXRjLiB3aXRoIGlkZW50aXR5
IGxpZmVjeWNsZSBtYW5hZ2VtZW50Lg0KDQpUaGVuIGFnYWluLCBJ4oCZdmUgYmVlbiBpbiB0aGUg
aWRlbnRpdHkgYnVzaW5lc3MgZm9yIHNvbWUgdGltZSBub3csIHNvIHBlcmhhcHMgSSBhbSB0b28g
Y2xvc2UgdG8gaXQuIFdoYXRldmVyIHdvcmtzIGZvciBldmVyeW9uZSBlbHNlIGlzIGZpbmUgd2l0
aCBtZS4NCg0KTWFyaw0KDQpGcm9tOiBCcmVubmVyLCBNaWNoYWVsIFJhbGYgKE1pY2hhZWwpIFtt
YWlsdG86bWljaGFlbC5icmVubmVyQGFsY2F0ZWwtbHVjZW50LmNvbV0NClNlbnQ6IFdlZG5lc2Rh
eSwgTWFyY2ggMTQsIDIwMTIgODoxMyBBTQ0KVG86IEFudGhvbnkgTmFkYWxpbjsgRWxpb3QgTGVh
cjsgUGhpbCBIdW50DQpDYzogc2NpbUBpZXRmLm9yZzsgUGV0ZXIgU2FpbnQtQW5kcmU7IFN0ZXZl
biBNLiBCZWxsb3Zpbg0KU3ViamVjdDogUmU6IFtzY2ltXSBQcm9wb3NlIHJlc2hhcGUgb2YgY2hh
cnRlcg0KDQrigKYgYW5kIHdoYXQgYWJvdXQgb3RoZXJzIOKAkyBhcmUgdGhvc2UgaW5jbHVkZWQg
b3IgZXhjbHVkZWQgZnJvbSDigJxpZGVudGl0eSBsaWZlY3ljbGXigJ06DQoNCi0gICAgICAgICAg
UHJvZmlsZXMvcHJlZmVyZW5jZXMNCg0KLSAgICAgICAgICBQcml2YWN5IHNldHRpbmdzDQoNCi0g
ICAgICAgICAgQWNjZXNzIGNvbnRyb2wgdG8gYWxsIGlkZW50aXR5LXJlbGF0ZWQgaW5mb3JtYXRp
b24NClRoYW5rcywNCk1pY2hhZWwNCg0KRnJvbTogc2NpbS1ib3VuY2VzQGlldGYub3JnPG1haWx0
bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmc+IFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXTxt
YWlsdG86W21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddPiBPbiBCZWhhbGYgT2YgQW50aG9u
eSBOYWRhbGluDQpTZW50OiBXZWRuZXNkYXksIE1hcmNoIDE0LCAyMDEyIDk6MDkgQU0NClRvOiBF
bGlvdCBMZWFyOyBQaGlsIEh1bnQNCkNjOiBzY2ltQGlldGYub3JnPG1haWx0bzpzY2ltQGlldGYu
b3JnPjsgUGV0ZXIgU2FpbnQtQW5kcmU7IFN0ZXZlbiBNLiBCZWxsb3Zpbg0KU3ViamVjdDogUmU6
IFtzY2ltXSBQcm9wb3NlIHJlc2hhcGUgb2YgY2hhcnRlcg0KDQrigJxtYW5hZ2luZyB1c2VyIGlk
ZW50aXR5IGxpZmVjeWNsZeKAnQ0KDQpUaGlzIGlzIGEgbGl0dGxlIHRvbyB2YWd1ZSBhcyB0aGVy
ZSBhcmUgbWFueSBkaWZmZXJlbnQgdmlld3Mgb24gd2hhdCB0aGUgaWRlbnRpdHkgbGlmZWN5Y2xl
IGNvbnNpc3RzIG9mLCBlbnJvbGxtZW50LCBwcm9vZmluZywgY3JlZGVudGlhbGluZywgdXNhZ2Us
IG1vbml0b3JpbmcsIGV0Yy4gYW5kIEkgZG9u4oCZdCBiZWxpZXZlIHRoYXQgU0NJTSBjb3ZlcnMg
YWxsIHRoZXNlIGFyZWFzIG5vdyBvciBldmVyIHdpbGwNCg0KRnJvbTogc2NpbS1ib3VuY2VzQGll
dGYub3JnPG1haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmc+IFttYWlsdG86c2NpbS1ib3VuY2Vz
QGlldGYub3JnXTxtYWlsdG86W21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddPiBPbiBCZWhh
bGYgT2YgRWxpb3QgTGVhcg0KU2VudDogVHVlc2RheSwgTWFyY2ggMTMsIDIwMTIgMjoyMyBQTQ0K
VG86IFBoaWwgSHVudA0KQ2M6IHNjaW1AaWV0Zi5vcmc8bWFpbHRvOnNjaW1AaWV0Zi5vcmc+OyBQ
ZXRlciBTYWludC1BbmRyZTsgU3RldmVuIE0uIEJlbGxvdmluDQpTdWJqZWN0OiBSZTogW3NjaW1d
IFByb3Bvc2UgcmVzaGFwZSBvZiBjaGFydGVyDQoNCkV2ZXJ5b25lOg0KDQpQbGVhc2Ugdm9pY2Ug
eW91ciBzdXBwb3J0IG9yIG9wcG9zaXRpb24gdG8gdGhlIHByb3Bvc2VkIGNoYW5nZSBiZWxvdyAo
YW5kIGFueSBvdGhlciBwcm9wb3NlZCBjaGFuZ2UpIHRoYXQgY29tZXMgdGhyb3VnaC4gIFN0YXRp
bmcgV0hZIGhlbHBzIGFkdmFuY2UgdGhlIGRlYmF0ZS4NCg0KVGhhbmtzLA0KDQpFbGlvdA0KDQpP
biAzLzEzLzEyIDg6NTYgUE0sIFBoaWwgSHVudCB3cm90ZToNCkVsaW90LA0KDQpJIHByb3Bvc2Ug
dGhlIGZvbGxvd2luZyBjaGFuZ2UgdG8gdGhlIFdHIERlc2NyaXB0aW9uOg0KDQpGcm9tOg0KDQpU
aGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24g
aXMgZGVzaWduZWQgdG8NCg0KbWFrZSBtYW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNsZSBp
biBjbG91ZCBiYXNlZCBhcHBsaWNhdGlvbnMgYW5kDQoNCnNlcnZpY2VzIGVhc2llci4NClRvOg0K
DQpUaGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRp
b24gaXMgZGVzaWduZWQgdG8NCg0KbWFrZSBtYW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNs
ZSBpbiBvbmUgb3IgbW9yZSBhcHBsaWNhdGlvbnMgYW5kDQoNCnNlcnZpY2VzIGVhc2llciBiZXR3
ZWVuIGNsaWVudCBvcmdhbml6YXRpb25zIGFuZCBjbG91ZCBiYXNlZCBzZXJ2aWNlIHByb3ZpZGVy
cy4NCg0KVGhlIGNoYW5nZSBhYm92ZSBpcyBzdWJ0bGUgYnV0IG9mIGNyaXRpY2FsIGltcG9ydGFu
Y2UgdG8gY2xvdWQgcHJvdmlkZXJzIChtYW55IHdobyBhcmUgbm90IHlldCBhY3RpdmUgaW4gdGhl
IGdyb3VwKSB3aG8gaG9zdCBtYW55IHNlcnZpY2VzLg0KDQpJdCBpcyBwcm9iYWJseSBpbXBvcnRh
bnQgdG8gc2l0ZSB0aGUgbG9jYXRpb24gb2YgdGhlIFNDSU0gMS4wIHNwZWNpZmljYXRpb24gd2hp
Y2ggaXMgcHVibGlzaGVkIGV4dGVybmFsbHkgdG8gSUVURiBhcyB3ZWxsIGFzIHRoZSByZS1wdWJs
aXNoZWQgZHJhZnRzIHVuZGVyIElFVEYuDQoNClBoaWwNCg0KQGluZGVwZW5kZW50aWQNCnd3dy5p
bmRlcGVuZGVudGlkLmNvbTxodHRwOi8vd3d3LmluZGVwZW5kZW50aWQuY29tPg0KcGhpbC5odW50
QG9yYWNsZS5jb208bWFpbHRvOnBoaWwuaHVudEBvcmFjbGUuY29tPg0KDQoNCg0KT24gMjAxMi0w
My0xMywgYXQgMTI6MzcgUE0sIEVsaW90IExlYXIgd3JvdGU6DQoNCkhpIEV2ZXJ5b25lLA0KDQpI
YXZpbmcgcmVhZCBpbnB1dHMgZnJvbSB0aGlzIGxpc3QsIEkgYW0gcHJvcG9zaW5nIHNvbWUgY2hh
bmdlcyB0byB0aGUgY2hhcnRlci4gIE1vc3Qgb2YgdGhpcyBpcyBmb3JtIGFuZCBub3Qgc3Vic3Rh
bmNlLCAgYnV0IHRoZXJlIGFyZSBzb21lIHN1YnN0YW50aWFsIGNoYW5nZXMuICBUaGUgcHVycG9z
ZSBvZiB0aGVzZSBjaGFuZ2VzIGlzIHRvIGJyaW5nIHRoZSBjaGFydGVyIGluIGxpbmUgd2l0aCBt
b3N0IG9mIHRoZSBvdGhlcnMuICBBYnNlbnQgdGhlc2Ugc29ydCBvZiBjaGFuZ2VzLCBJIGFtIG5v
dCBjb25maWRlbnQgd2Ugd291bGQgZ2V0IGEgV0cuICBFdmVuIHdpdGggdGhlc2UgY2hhbmdlcywg
bW9yZSB3b3JrIGlzIG5lZWRlZC4gYmVjYXVzZSB3aGF0IGlzIGJlbG93IGlzIG5vdCBjb21wbGV0
ZS4NCg0KV2hhdCBpcyBtaXNzaW5nIOKAkyBhbmQgaXQncyBpbXBvcnRhbnQg4oCTICBhcmUgYSBm
ZXcgYWRkaXRpb25hbCB3b3JkcyBhYm91dCB3aHkgd2UgbmVlZCBTQ0lNLiAgV2h5IGFyZSB3ZSBo
b2xkaW5nIHRoZSBkYXJuIEJvRj8gIFRoaXMgaXMgbm90IHNvbWV0aGluZyB0aGF0IGNhbiB3YWl0
LCBJTUhPLCBmb3IgYW4gSW5mb3JtYXRpb25hbCBkb2N1bWVudC4gIFJhdGhlciwgaWYgdGhlcmUg
aXMgbm8gY2xlYXIgc3RhdGVtZW50IG9mIHRoZSBwcm9ibGVtLCBJIGRvbid0IHNlZSBob3cgdGhl
IElFU0cgd291bGQgYXBwcm92ZSBhIFdHLiAgU28gdGhhdCdzIHdoYXQgdGhlIGJpZyBYWFhYWFhY
IGlzIGJlbG93LiAgSSd2ZSBwdXQgc29tZSB3b3JkcyBpbiwgYnV0IHRoZXkgYXJlIHRoZXJlIHRv
IGRlbW9uc3RyYXRlIHRoZSBwb2ludC4gIFBMRUFTRSBwcm9wb3NlIHRleHQuDQoNCkluIGFkZGl0
aW9uLCBteSByZXdvcmRpbmcgaXMsIGluIHNvbWUgcGxhY2VzLCBnZW5lcmljLiAgSSB3b3VsZCBz
dWdnZXN0IHRoYXQgbW9yZSB0aW1lIGJlIHNwZW50IG9uIHdoYXQgd2Ugd2lsbCDigJMgYW5kIGFz
IGltcG9ydGFudGx5IOKAkyAgV09OJ1QgZG8uICBBIGdvb2QgY2hhcnRlciB3aWxsIHNjb3BlIG91
dCBtb3JlLiAgV2hhdCBhcmUgdGhlIGNyaXRpY2FsIGZ1bmN0aW9ucyB0aGF0IG5lZWQgdG8gYmUg
ZG9uZSBub3c/ICBJZiB3ZSBsZWF2ZSBpdCB3aWRlIG9wZW4sIHRoZW4gd2UgcnVuIHRoZSByaXNr
IG9mIHBlb3BsZSBzaG92ZWxpbmcgdG9vIG11Y2ggaW4sIG9yIGJsb2NraW5nIG9uIGhvdyB0byBk
ZWNpZGUgd2hlcmUgdG8gaG9sZCB0aGUgbGluZSBhbmQgd2FpdCB0aWwgdGhlIG5leHQgcm91bmQu
ICBTbywgZm9yIGluc3RhbmNlLCBob3cgd2lsbCB3ZSBrZWVwIHRoZSBzY2hlbWEgZnJvbSBibG9h
dGluZz8gIFJpbnNlIGFuZCByZXBlYXQgd2l0aCBwcm90b2NvbCBvcGVyYXRpb25zLg0KDQpJbiBh
ZGRpdGlvbiwgaXQgaXMgbXkgYW50aWNpcGF0aW9uIHRoYXQgc2hvcnRseSBiZWZvcmUg4oCTIG9y
IHZlcnkgcXVpY2tseSBhZnRlciDigJMgb3VyIEJvRiwgSW50ZXJuZXQtRHJhZnRzIHdpbGwgYmUg
cG9zdGVkIG9mIHRoZSBpbml0aWFsIHNwZWNpZmljYXRpb25zLiAgVGh1cyB5b3Ugc2VlIGRyYWZ0
LVhYWCBiZWxvdy4gIFdoaWxlIHRoZSBjaGFydGVyIG5lZWQgbm90IOKAkyBhbmQgY2Fubm90IOKA
kyBiZSBjb21wbGV0ZWx5IGZpbmlzaGVkIGJlZm9yZSB0aGUgQm9GLCB3ZSBzaG91bGQgaGF2ZSBp
dCBhcyBjbG9zZSBhcyBwb3NzaWJsZS4NCg0KDQpQbGVhc2UgY29tbWVudCBub3cgb24gdGhlc2Ug
Y2hhbmdlcyBhbmQgYW55IGFkZGl0aW9uYWwgY2hhbmdlcyB5b3Ugd291bGQgbGlrZSB0byBzZWUu
DQoNClNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50IChTQ0lNKQ0KQ2hhaXIocyk6IFRC
RA0KDQpBcHBsaWNhdGlvbnMgQXJlYSBEaXJlY3RvcihzKToNCg0KICAgICBQZXRlIFJlc25pY2sg
PHByZXNuaWNrQHF1YWxjb21tLmNvbTxtYWlsdG86cHJlc25pY2tAcXVhbGNvbW0uY29tPj4NCg0K
ICAgICBCYXJyeSBMaWViYSA8Pz8/Pg0KDQpNYWlsaW5nIExpc3RzOg0KDQogICAgIEdlbmVyYWwg
RGlzY3Vzc2lvbjogc2NpbUBpZXRmLm9yZzxtYWlsdG86c2NpbUBpZXRmLm9yZz4NCg0KICAgICBU
byBTdWJzY3JpYmU6IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbQ0K
DQogICAgIEFyY2hpdmU6ICAgICAgaHR0cDovL3d3dy5pZXRmLm9yZy9tYWlsLWFyY2hpdmUvd2Vi
L3NjaW0vY3VycmVudC9tYWlsbGlzdC5odG1sDQoNCg0KDQpEZXNjcmlwdGlvbiBvZiBXb3JraW5n
IEdyb3VwOg0KDQpUaGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNw
ZWNpZmljYXRpb24gaXMgZGVzaWduZWQgdG8NCg0KbWFrZSBtYW5hZ2luZyB1c2VyIGlkZW50aXR5
IGxpZmVjeWNsZSBpbiBjbG91ZCBiYXNlZCBhcHBsaWNhdGlvbnMgYW5kDQoNCnNlcnZpY2VzIGVh
c2llci4NCg0KDQoNClhYWFhYWFgNCg0KDQoNClNvLWNhbGxlZCBDUmVhdGUgVXBkYXRlIERlbGV0
ZSAoQ1JVRCkgcHJvdmlzaW9uaW5nIG9wZXJhdGlvbnMgYXJlIG9mdGVuDQoNCm5lY2Vzc2FyeSB0
byBlYXNlIGFkb3B0aW9uIG9mIG5ldyBzZXJ2aWNlcy4gIFRoaXMgd29yayBidWlsZHMgb24gdG9v
bHMNCg0Kc3VjaCBhcyBsZGFwIGFuZCBTQU1MIDIuMCwgd2hpY2ggYXJlIHVzZWQgdG8gcHJvdmlk
ZSB1cC10by1kYXRlIGluZm9ybWF0aW9uLg0KDQpTQ0lNIGZvY3VzZXMgb24gdGhlIGNhc2Ugd2hl
cmUgYW4gZW50ZXJwcmlzZSdzIGxkYXAgc2VydmljZSBtYXkgbm90IGJlDQoNCmF2YWlsYWJsZSB0
byB0aGUgcHJvdmlkZXIsIGFuZCBTQU1MIGNhbm5vdCBwcm92aWRlIHN1ZmZpY2llbnQgY29udGV4
dCBmb3IgdGhlDQoNCnNlcnZpY2UuICBBbiBleGFtcGxlIHdvdWxkIGJlIHRoZSBwcm92aXNpb25p
bmcgb2YgYW4gb2YgYW4gRU1haWwgYWNjb3VudCBzbw0KDQp0aGF0IGl0IGNhbiByZWNlaXZlIG1h
aWwgYmVmb3JlIHRoZSBwZXJzb24gaGFzIGZpcnN0IGxvZ2dlZCBpbi4NCg0KDQoNClhYWFhYWFhY
DQoNClRoZSBzcGVjaWZpY2F0aW9uIHN1aXRlIHNlZWtzIHRvIGJ1aWxkIHVwb24gZXhwZXJpZW5j
ZSB3aXRoIGV4aXN0aW5nDQoNCnNjaGVtYXMgYW5kIGRlcGxveW1lbnRzLCBwbGFjaW5nIHNwZWNp
ZmljIGVtcGhhc2lzIG9uIHNpbXBsaWNpdHkgb2YNCg0KZGV2ZWxvcG1lbnQgYW5kIGludGVncmF0
aW9uLCB3aGlsZSBhcHBseWluZyBleGlzdGluZyBhdXRoZW50aWNhdGlvbiwNCg0KYXV0aG9yaXph
dGlvbiwgYW5kIHByaXZhY3kgbW9kZWxzLiBJdHMgaW50ZW50IGlzIHRvIHJlZHVjZSB0aGUgY29z
dCBhbmQNCg0KY29tcGxleGl0eSBvZiB1c2VyIG1hbmFnZW1lbnQgb3BlcmF0aW9ucyBieSBwcm92
aWRpbmcgYSBjb21tb24gdXNlcg0KDQpzY2hlbWEgYW5kIGV4dGVuc2lvbiBtb2RlbCwgYXMgd2Vs
bCBhcyBiaW5kaW5nIGRvY3VtZW50cyB0byBwcm92aWRlDQoNCnBhdHRlcm5zIGZvciBleGNoYW5n
aW5nIHRoaXMgc2NoZW1hIHVzaW5nIHN0YW5kYXJkIHByb3RvY29scy4gSW4NCg0KYWRkaXRpb24g
dGhlIHdvcmtpbmcgZ3JvdXAgbWF5IGNvbnNpZGVyIGluY2x1ZGluZyBtYW5hZ2luZyBkZXZpY2UN
Cg0KaWRlbnRpdGllcyBhcyBwYXJ0IG9mIHRoZSB3b3JrIGFkb3B0ZWQgYnkgdGhlIHdvcmtpbmcg
Z3JvdXAuDQoNClRoZSBncm91cCB3aWxsIHVzZSBhcyBzdGFydGluZyBwb2ludHMgdGhlIGZvbGxv
d2luZyBkcmFmdHMgaW4NCg0KdGhlIGZvbGxvd2luZyB3YXlzOg0KDQoNCg0KICAgICAgICBkcmFm
dC1YWFgtc2NpbS1zY2hlbWEtMDAgYXMgdGhlIGEgc2NoZW1hIHNwZWNpZmljYXRpb24sDQoNCiAg
ICAgICAgZHJhZnQtWFhYLXNjaW0tcHJvdG9jb2wtZGVmaW5pdGlvbi0wMCBhcyB0aGUgcHJvdG9j
b2wgc3BlY2lmaWNhdGlvbiwNCg0KICAgICAgICBkcmFmdC1YWFgtc2NpbS1zYW1sLWJpbmRpbmct
MDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1hIHRvIFNBTUwsIGFuZA0KDQogICAgICAgIGRy
YWZ0LVhYWC1zY2ltLWxkYXAtYmluZGluZy0wMCBmb3IgYmluZGluZyB0aGUgU0NJTSBzY2hlbWEg
dG8gTERBUC4NCg0KDQoNClRoZXNlIGRyYWZ0cyBhcmUgYmFzZWQgb24gZXhpc3Rpbmcgc3BlY2lm
aWNhdGlvbnMuIHdoaWNoIHRvZ2V0aGVyIGFyZSBjb21tb25seQ0KDQprbm93biBhcyBTQ0lNIDEu
MC4gIEFzIHN1Y2gsIHNvbWUgY29uc2lkZXJhdGlvbiBzaG91bGQgYmUgZ2l2ZW4gZm9yIGJhY2t3
YXJkDQoNCmNvbXBhdGliaWxpdHksIGFzIHRoZSBncm91cCBldm9sdmVzIHRoZSB3b3JrLiAgVGhp
cyBncm91cCB3aWxsIGNvbnNpZGVyLA0KDQpmb3IgYW5kIGZvcmVtb3N0LCB0aGUgb3BlcmF0aW9u
YWwgZXhwZXJpZW5jZSBnYXRoZXJlZCBmcm9tIHRoZSBleGlzdGluZyB3b3JrLg0KDQpUaGUgZ3Jv
dXAgd2lsbCBhbHNvIGNvbnNpZGVyIGV4cGVyaWVuY2VzIHdpdGggd29yayBkb25lIGJ5IG90aGVy
IGJvZGllcywgaW5jbHVkaW5nDQoNCnRoZSBPQVNJUyBQcm92aXNpb25pbmcgVEMuDQoNCg0KDQpU
aGUgZ3JvdXAgd2lsbCBwcm9kdWNlIFByb3Bvc2VkIFN0YW5kYXJkcyBmb3IgYSBzY2hlbWEsIGEg
cHJvdG9jb2wsDQoNCmEgU0FNTCBiaW5kaW5nLCBhbmQgYW4gTERBUCBiaW5kaW5nLiAgSW4gZG9p
bmcgc28sIHRoZSBncm91cCB3aWxsIG1ha2UNCg0KY29uc2lzdGVudCB0aGUgdGVybWlub2xvZ3ks
IHJldmlldyBhbmQgaW1wcm92ZSBzZWN1cml0eSBvZiB0aGUgb3ZlcmFsbCBzeXN0ZW0sDQoNCmlk
ZW50aWZ5IGFueSBmdW5jdGlvbmFsIGdhcHMgdGhhdCB3b3VsZCBiZSB1c2VmdWwgZnV0dXJlIHdv
cmssIGFkZHJlc3MNCg0KaW50ZXJuYXRpb25hbGl6YXRpb24sIGFuZCBwcm92aWRlIGd1aWRlbGlu
ZXMgZm9yIGV4dGVuc2liaWxpdHkgKGVpdGhlciB0aHJvdWdoDQoNCklBTkEgcmVnaXN0cmllcyBv
ciBvdGhlciBtZWFucykuDQoNCg0KDQpJbiBpdHMgd29yaywgdGhlIGdyb3VwIHdpbGwgZGVjaWRl
IHdoYXQgYWRkaXRpb25hbCBjYXBhYmlsaXRpZXMgc2hvdWxkIGJlDQoNCmluY2x1ZGVkIGluIHRo
ZSBpbml0aWFsIHNwZWNpZmljYXRpb24sIGFuZCB3aGF0IGNhbiBiZSBhZGRyZXNzZWQgYXQgYSBs
YXRlciB0aW1lLg0KDQoNCg0KSG93ZXZlciwgdXNlciwgZGV2aWNlLCBhbmQgc2VydmljZSBhdXRo
ZW50aWNhdGlvbiBhbmQgYXV0aG9yaXphdGlvbg0KDQoocG9saWN5L2VudGl0bGVtZW50KSBhcmUg
b3V0IG9mIHNjb3BlIGZvciB0aGlzIHdvcmtpbmcgZ3JvdXAuDQoNCg0KDQpNaWxlc3RvbmVzDQoN
Cg0KDQo1LzIwMTIgICAgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIGNvcmUgc2NoZW1hDQoNCjUv
MjAxMiAgICBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0gcmVzdGZ1bCBpbnRlcmZhY2UgZHJhZnQN
Cg0KNS8yMDEyICAgIEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSBTQU1MIGJpbmRpbmdzIGRyYWZ0
DQoNCjUvMjAxMiAgICBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0gTERBUCBtYXBwaW5nIGRyYWZ0
DQoNCjkvMjAxMiAgICBXR0xDIFNDSU0gY29yZSBzY2hlbWENCg0KOS8yMDEyICAgIFdHTEMgU0NJ
TSByZXN0ZnVsIGludGVyZmFjZQ0KDQo5LzIwMTIgICAgV0dMQyBTQ0lNIFNBTUwgYmluZGluZ3MN
Cg0KOS8yMDEyICAgIFdHTEMgU0NJTSBMREFQIG1hcHBpbmcNCg0KMy8yMDEzICAgIFJlLWNoYXJ0
ZXIgZGlzY3Vzc2lvbg0KDQoNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fDQpzY2ltIG1haWxpbmcgbGlzdA0Kc2NpbUBpZXRmLm9yZzxtYWlsdG86c2NpbUBp
ZXRmLm9yZz4NCmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbQ0KDQoN
Cl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQoNClRoaXMgZS1tYWlsIG1lc3NhZ2Us
IGluY2x1ZGluZyBhbnkgYXR0YWNobWVudHMsIGlzIGZvciB0aGUgc29sZSB1c2Ugb2YgdGhlIHBl
cnNvbiB0byB3aG9tIGl0IGhhcyBiZWVuIHNlbnQsIGFuZCBtYXkgY29udGFpbiBpbmZvcm1hdGlv
biB0aGF0IGlzIGNvbmZpZGVudGlhbCBvciBsZWdhbGx5IHByb3RlY3RlZC4gSWYgeW91IGFyZSBu
b3QgdGhlIGludGVuZGVkIHJlY2lwaWVudCBvciBoYXZlIHJlY2VpdmVkIHRoaXMgbWVzc2FnZSBp
biBlcnJvciwgeW91IGFyZSBub3QgYXV0aG9yaXplZCB0byBjb3B5LCBkaXN0cmlidXRlLCBvciBv
dGhlcndpc2UgdXNlIHRoaXMgbWVzc2FnZSBvciBpdHMgYXR0YWNobWVudHMuIFBsZWFzZSBub3Rp
ZnkgdGhlIHNlbmRlciBpbW1lZGlhdGVseSBieSByZXR1cm4gZS1tYWlsIGFuZCBwZXJtYW5lbnRs
eSBkZWxldGUgdGhpcyBtZXNzYWdlIGFuZCBhbnkgYXR0YWNobWVudHMuIEdhcnRuZXIgbWFrZXMg
bm8gd2FycmFudHkgdGhhdCB0aGlzIGUtbWFpbCBpcyBlcnJvciBvciB2aXJ1cyBmcmVlLg0K

--_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD4000Altaentgartnerc_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxzdHlsZT4NCjwhLS0NCkBmb250LWZhY2UNCgl7
Zm9udC1mYW1pbHk6SGVsdmV0aWNhfQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpIZWx2ZXRp
Y2F9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicml9DQpAZm9udC1mYWNlDQoJe2Zv
bnQtZmFtaWx5OlRhaG9tYX0NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q29uc29sYXN9DQpw
Lk1zb05vcm1hbCwgbGkuTXNvTm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21hcmdpbjowaW47DQoJ
bWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6
IlRpbWVzIE5ldyBSb21hbiIsInNlcmlmIjsNCgljb2xvcjpibGFja30NCmE6bGluaywgc3Bhbi5N
c29IeXBlcmxpbmsNCgl7Y29sb3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lfQ0K
YTp2aXNpdGVkLCBzcGFuLk1zb0h5cGVybGlua0ZvbGxvd2VkDQoJe2NvbG9yOnB1cnBsZTsNCgl0
ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lfQ0KcHJlDQoJe21hcmdpbjowaW47DQoJbWFyZ2luLWJv
dHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6IkNvdXJpZXIg
TmV3IjsNCgljb2xvcjpibGFja30NCnAuTXNvQWNldGF0ZSwgbGkuTXNvQWNldGF0ZSwgZGl2Lk1z
b0FjZXRhdGUNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1z
aXplOjguMHB0Ow0KCWZvbnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjpi
bGFja30NCnAuTXNvTGlzdFBhcmFncmFwaCwgbGkuTXNvTGlzdFBhcmFncmFwaCwgZGl2Lk1zb0xp
c3RQYXJhZ3JhcGgNCgl7bWFyZ2luLXRvcDowaW47DQoJbWFyZ2luLXJpZ2h0OjBpbjsNCgltYXJn
aW4tYm90dG9tOjBpbjsNCgltYXJnaW4tbGVmdDouNWluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFw
dDsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLCJz
ZXJpZiI7DQoJY29sb3I6YmxhY2t9DQpzcGFuLkhUTUxQcmVmb3JtYXR0ZWRDaGFyDQoJe2ZvbnQt
ZmFtaWx5OkNvbnNvbGFzOw0KCWNvbG9yOmJsYWNrfQ0Kc3Bhbi5CYWxsb29uVGV4dENoYXINCgl7
Zm9udC1mYW1pbHk6IlRhaG9tYSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOmJsYWNrfQ0Kc3Bhbi5h
cHBsZS1zdHlsZS1zcGFuDQoJe30NCnNwYW4uRW1haWxTdHlsZTIzDQoJe2ZvbnQtZmFtaWx5OiJD
YWxpYnJpIiwic2Fucy1zZXJpZiI7DQoJY29sb3I6IzFGNDk3RH0NCnNwYW4uRW1haWxTdHlsZTI0
DQoJe2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7DQoJY29sb3I6IzFGNDk3RH0N
CnNwYW4uRW1haWxTdHlsZTI1DQoJe2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7
DQoJY29sb3I6IzFGNDk3RH0NCi5Nc29DaHBEZWZhdWx0DQoJe2ZvbnQtc2l6ZToxMC4wcHR9DQpA
cGFnZSBXb3JkU2VjdGlvbjENCgl7bWFyZ2luOjEuMGluIDEuMGluIDEuMGluIDEuMGlufQ0KZGl2
LldvcmRTZWN0aW9uMQ0KCXt9DQpvbA0KCXttYXJnaW4tYm90dG9tOjBpbn0NCnVsDQoJe21hcmdp
bi1ib3R0b206MGlufQ0KLS0+DQo8L3N0eWxlPg0KPC9oZWFkPg0KPGJvZHkgYmdjb2xvcj0id2hp
dGUiIGxhbmc9IkVOLVVTIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIj4NCjxkaXYgY2xhc3M9
IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1z
aXplOjExLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNl
cmlmJnF1b3Q7OyBjb2xvcjojMUY0OTdEIj5JIHVuZGVyc3RhbmQgdGhlIGNvbmNlcm4gcmVnYXJk
aW5nIHRoZSB2YWd1ZW5lc3Mgb2Yg4oCcbWFuYWdpbmcgdXNlciBpZGVudGl0eSBsaWZlY3ljbGXi
gJ0sIGJ1dCBJIHRoaW5rIHRoYXQgaXQgaXMgc3VmZmljaWVudC4gVGhlIGNsaWVudHMgSSBoYXZl
IHNwb2tlbiB0byBkbw0KIG5vdCBhc3NvY2lhdGUgaWRlbnRpdHkgcHJvb2ZpbmcsIHByaXZhY3kg
c2V0dGluZ3MsIGV0Yy4gd2l0aCBpZGVudGl0eSBsaWZlY3ljbGUgbWFuYWdlbWVudC48L3NwYW4+
PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7
IGZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Ozsg
Y29sb3I6IzFGNDk3RCI+Jm5ic3A7PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxz
cGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0OyBmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1
b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7IGNvbG9yOiMxRjQ5N0QiPlRoZW4gYWdhaW4sIEni
gJl2ZSBiZWVuIGluIHRoZSBpZGVudGl0eSBidXNpbmVzcyBmb3Igc29tZSB0aW1lIG5vdywgc28g
cGVyaGFwcyBJIGFtIHRvbyBjbG9zZSB0byBpdC4gV2hhdGV2ZXIgd29ya3MgZm9yIGV2ZXJ5b25l
IGVsc2UgaXMgZmluZSB3aXRoIG1lLjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48
c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZx
dW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjojMUY0OTdEIj4mbmJzcDs8L3NwYW4+
PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7
IGZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Ozsg
Y29sb3I6IzFGNDk3RCI+TWFyazwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh
biBzdHlsZT0iZm9udC1zaXplOjExLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90
OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjojMUY0OTdEIj4mbmJzcDs8L3NwYW4+PC9w
Pg0KPGRpdj4NCjxkaXYgc3R5bGU9ImJvcmRlcjpub25lOyBib3JkZXItdG9wOnNvbGlkICNCNUM0
REYgMS4wcHQ7IHBhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4iPg0KPHAgY2xhc3M9Ik1zb05vcm1h
bCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7IGZvbnQtZmFtaWx5OiZxdW90O1Rh
aG9tYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjp3aW5kb3d0ZXh0Ij5Gcm9t
Ojwvc3Bhbj48L2I+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7IGZvbnQtZmFtaWx5OiZx
dW90O1RhaG9tYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjp3aW5kb3d0ZXh0
Ij4gQnJlbm5lciwgTWljaGFlbCBSYWxmIChNaWNoYWVsKSBbbWFpbHRvOm1pY2hhZWwuYnJlbm5l
ckBhbGNhdGVsLWx1Y2VudC5jb21dDQo8YnI+DQo8Yj5TZW50OjwvYj4gV2VkbmVzZGF5LCBNYXJj
aCAxNCwgMjAxMiA4OjEzIEFNPGJyPg0KPGI+VG86PC9iPiBBbnRob255IE5hZGFsaW47IEVsaW90
IExlYXI7IFBoaWwgSHVudDxicj4NCjxiPkNjOjwvYj4gc2NpbUBpZXRmLm9yZzsgUGV0ZXIgU2Fp
bnQtQW5kcmU7IFN0ZXZlbiBNLiBCZWxsb3Zpbjxicj4NCjxiPlN1YmplY3Q6PC9iPiBSZTogW3Nj
aW1dIFByb3Bvc2UgcmVzaGFwZSBvZiBjaGFydGVyPC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+
DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48
c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZx
dW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjojMUY0OTdEIj7igKYgYW5kIHdoYXQg
YWJvdXQgb3RoZXJzIOKAkyBhcmUgdGhvc2UgaW5jbHVkZWQgb3IgZXhjbHVkZWQgZnJvbSDigJxp
ZGVudGl0eSBsaWZlY3ljbGXigJ06PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29MaXN0UGFyYWdy
YXBoIiBzdHlsZT0idGV4dC1pbmRlbnQ6LS4yNWluIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEx
LjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1
b3Q7OyBjb2xvcjojMUY0OTdEIj48c3BhbiBzdHlsZT0iIj4tPHNwYW4gc3R5bGU9ImZvbnQ6Ny4w
cHQgJnF1b3Q7VGltZXMgTmV3IFJvbWFuJnF1b3Q7Ij4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm
bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsNCjwvc3Bhbj48L3NwYW4+PC9zcGFuPjxzcGFu
IHN0eWxlPSJmb250LXNpemU6MTEuMHB0OyBmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7
LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7IGNvbG9yOiMxRjQ5N0QiPlByb2ZpbGVzL3ByZWZlcmVu
Y2VzPC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29MaXN0UGFyYWdyYXBoIiBzdHlsZT0idGV4dC1p
bmRlbnQ6LS4yNWluIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDsgZm9udC1mYW1pbHk6
JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjojMUY0OTdE
Ij48c3BhbiBzdHlsZT0iIj4tPHNwYW4gc3R5bGU9ImZvbnQ6Ny4wcHQgJnF1b3Q7VGltZXMgTmV3
IFJvbWFuJnF1b3Q7Ij4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm
bmJzcDsmbmJzcDsNCjwvc3Bhbj48L3NwYW4+PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6
MTEuMHB0OyBmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYm
cXVvdDs7IGNvbG9yOiMxRjQ5N0QiPlByaXZhY3kgc2V0dGluZ3M8L3NwYW4+PC9wPg0KPHAgY2xh
c3M9Ik1zb0xpc3RQYXJhZ3JhcGgiIHN0eWxlPSJ0ZXh0LWluZGVudDotLjI1aW4iPjxzcGFuIHN0
eWxlPSJmb250LXNpemU6MTEuMHB0OyBmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZx
dW90O3NhbnMtc2VyaWYmcXVvdDs7IGNvbG9yOiMxRjQ5N0QiPjxzcGFuIHN0eWxlPSIiPi08c3Bh
biBzdHlsZT0iZm9udDo3LjBwdCAmcXVvdDtUaW1lcyBOZXcgUm9tYW4mcXVvdDsiPiZuYnNwOyZu
YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOw0KPC9zcGFuPjwv
c3Bhbj48L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7IGZvbnQtZmFtaWx5OiZx
dW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OzsgY29sb3I6IzFGNDk3RCI+
QWNjZXNzIGNvbnRyb2wgdG8gYWxsIGlkZW50aXR5LXJlbGF0ZWQgaW5mb3JtYXRpb248L3NwYW4+
PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7
IGZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Ozsg
Y29sb3I6IzFGNDk3RCI+VGhhbmtzLDwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48
c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZx
dW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjojMUY0OTdEIj5NaWNoYWVsPC9zcGFu
PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0
OyBmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7
IGNvbG9yOiMxRjQ5N0QiPiZuYnNwOzwvc3Bhbj48L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9y
ZGVyOm5vbmU7IGJvcmRlci10b3A6c29saWQgI0I1QzRERiAxLjBwdDsgcGFkZGluZzozLjBwdCAw
aW4gMGluIDBpbiI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBzdHlsZT0iZm9udC1z
aXplOjEwLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2Vy
aWYmcXVvdDs7IGNvbG9yOndpbmRvd3RleHQiPkZyb206PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0i
Zm9udC1zaXplOjEwLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3Nh
bnMtc2VyaWYmcXVvdDs7IGNvbG9yOndpbmRvd3RleHQiPg0KPGEgaHJlZj0ibWFpbHRvOnNjaW0t
Ym91bmNlc0BpZXRmLm9yZyI+c2NpbS1ib3VuY2VzQGlldGYub3JnPC9hPiA8YSBocmVmPSJtYWls
dG86W21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddIj4NClttYWlsdG86c2NpbS1ib3VuY2Vz
QGlldGYub3JnXTwvYT4gPGI+T24gQmVoYWxmIE9mIDwvYj5BbnRob255IE5hZGFsaW48YnI+DQo8
Yj5TZW50OjwvYj4gV2VkbmVzZGF5LCBNYXJjaCAxNCwgMjAxMiA5OjA5IEFNPGJyPg0KPGI+VG86
PC9iPiBFbGlvdCBMZWFyOyBQaGlsIEh1bnQ8YnI+DQo8Yj5DYzo8L2I+IDxhIGhyZWY9Im1haWx0
bzpzY2ltQGlldGYub3JnIj5zY2ltQGlldGYub3JnPC9hPjsgUGV0ZXIgU2FpbnQtQW5kcmU7IFN0
ZXZlbiBNLiBCZWxsb3Zpbjxicj4NCjxiPlN1YmplY3Q6PC9iPiBSZTogW3NjaW1dIFByb3Bvc2Ug
cmVzaGFwZSBvZiBjaGFydGVyPC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0i
TXNvTm9ybWFsIj4mbmJzcDs8L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i
Zm9udC1zaXplOjExLjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtz
YW5zLXNlcmlmJnF1b3Q7OyBjb2xvcjojMUY0OTdEIj7igJw8L3NwYW4+bWFuYWdpbmcgdXNlciBp
ZGVudGl0eSBsaWZlY3ljbGXigJ0NCjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNwOzwv
cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlRoaXMgaXMgYSBsaXR0bGUgdG9vIHZhZ3VlIGFzIHRo
ZXJlIGFyZSBtYW55IGRpZmZlcmVudCB2aWV3cyBvbiB3aGF0IHRoZSBpZGVudGl0eSBsaWZlY3lj
bGUgY29uc2lzdHMgb2YsIGVucm9sbG1lbnQsIHByb29maW5nLCBjcmVkZW50aWFsaW5nLCB1c2Fn
ZSwgbW9uaXRvcmluZywgZXRjLiBhbmQgSSBkb27igJl0IGJlbGlldmUgdGhhdCBTQ0lNIGNvdmVy
cyBhbGwgdGhlc2UgYXJlYXMgbm93IG9yIGV2ZXIgd2lsbDwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt
YWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0OyBmb250LWZhbWlseTomcXVvdDtDYWxp
YnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7IGNvbG9yOiMxRjQ5N0QiPiZuYnNwOzwv
c3Bhbj48L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9yZGVyOm5vbmU7IGJvcmRlci10b3A6c29s
aWQgI0I1QzRERiAxLjBwdDsgcGFkZGluZzozLjBwdCAwaW4gMGluIDBpbiI+DQo8cCBjbGFzcz0i
TXNvTm9ybWFsIj48Yj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDsgZm9udC1mYW1pbHk6
JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7IGNvbG9yOndpbmRvd3Rl
eHQiPkZyb206PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDsgZm9udC1m
YW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7IGNvbG9yOndp
bmRvd3RleHQiPg0KPGEgaHJlZj0ibWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9yZyI+c2NpbS1i
b3VuY2VzQGlldGYub3JnPC9hPiA8YSBocmVmPSJtYWlsdG86W21haWx0bzpzY2ltLWJvdW5jZXNA
aWV0Zi5vcmddIj4NClttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXTwvYT4gPGI+T24gQmVo
YWxmIE9mIDwvYj5FbGlvdCBMZWFyPGJyPg0KPGI+U2VudDo8L2I+IFR1ZXNkYXksIE1hcmNoIDEz
LCAyMDEyIDI6MjMgUE08YnI+DQo8Yj5Ubzo8L2I+IFBoaWwgSHVudDxicj4NCjxiPkNjOjwvYj4g
PGEgaHJlZj0ibWFpbHRvOnNjaW1AaWV0Zi5vcmciPnNjaW1AaWV0Zi5vcmc8L2E+OyBQZXRlciBT
YWludC1BbmRyZTsgU3RldmVuIE0uIEJlbGxvdmluPGJyPg0KPGI+U3ViamVjdDo8L2I+IFJlOiBb
c2NpbV0gUHJvcG9zZSByZXNoYXBlIG9mIGNoYXJ0ZXI8L3NwYW4+PC9wPg0KPC9kaXY+DQo8L2Rp
dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNwOzwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi
PkV2ZXJ5b25lOjxicj4NCjxicj4NClBsZWFzZSB2b2ljZSB5b3VyIHN1cHBvcnQgb3Igb3Bwb3Np
dGlvbiB0byB0aGUgcHJvcG9zZWQgY2hhbmdlIGJlbG93IChhbmQgYW55IG90aGVyIHByb3Bvc2Vk
IGNoYW5nZSkgdGhhdCBjb21lcyB0aHJvdWdoLiZuYnNwOyBTdGF0aW5nIFdIWSBoZWxwcyBhZHZh
bmNlIHRoZSBkZWJhdGUuPGJyPg0KPGJyPg0KVGhhbmtzLDxicj4NCjxicj4NCkVsaW90PGJyPg0K
PGJyPg0KT24gMy8xMy8xMiA4OjU2IFBNLCBQaGlsIEh1bnQgd3JvdGU6IDwvcD4NCjxkaXY+DQo8
ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y
bWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90
O3NhbnMtc2VyaWYmcXVvdDsiPkVsaW90LDwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBj
bGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNh
JnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPiZuYnNwOzwvc3Bhbj48L3A+DQo8L2Rpdj4N
CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1
b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPkkgcHJvcG9zZSB0aGUg
Zm9sbG93aW5nIGNoYW5nZSB0byB0aGUgV0cgRGVzY3JpcHRpb246PC9zcGFuPjwvcD4NCjwvZGl2
Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTom
cXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+Jm5ic3A7PC9zcGFu
PjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJm
b250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+
RnJvbTo8L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9Im1hcmdp
bi10b3A6NS4wcHQ7IG1hcmdpbi1ib3R0b206NS4wcHQiPg0KPGRpdj4NCjxwcmU+VGhlIFNpbXBs
ZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50IChTQ0lNKSBzcGVjaWZpY2F0aW9uIGlzIGRlc2ln
bmVkIHRvIDwvcHJlPg0KPHByZT5tYWtlIG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xl
IGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9ucyBhbmQgPC9wcmU+DQo8cHJlPnNlcnZpY2VzIGVh
c2llci48L3ByZT4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O
b3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1
b3Q7c2Fucy1zZXJpZiZxdW90OyI+VG86PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8ZGl2
Pg0KPGJsb2NrcXVvdGUgc3R5bGU9Im1hcmdpbi10b3A6NS4wcHQ7IG1hcmdpbi1ib3R0b206NS4w
cHQiPg0KPGRpdj4NCjxwcmU+VGhlIFNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50IChT
Q0lNKSBzcGVjaWZpY2F0aW9uIGlzIGRlc2lnbmVkIHRvIDwvcHJlPg0KPHByZT5tYWtlIG1hbmFn
aW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGluIG9uZSBvciBtb3JlIGFwcGxpY2F0aW9ucyBh
bmQgPC9wcmU+DQo8cHJlPnNlcnZpY2VzIGVhc2llciBiZXR3ZWVuIGNsaWVudCBvcmdhbml6YXRp
b25zIGFuZCBjbG91ZCBiYXNlZCBzZXJ2aWNlIHByb3ZpZGVycy48L3ByZT4NCjwvZGl2Pg0KPC9i
bG9ja3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250
LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+Jm5i
c3A7PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h
bCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtz
YW5zLXNlcmlmJnF1b3Q7Ij5UaGUgY2hhbmdlIGFib3ZlIGlzIHN1YnRsZSBidXQgb2YgY3JpdGlj
YWwgaW1wb3J0YW5jZSB0byBjbG91ZCBwcm92aWRlcnMgKG1hbnkgd2hvIGFyZSBub3QgeWV0IGFj
dGl2ZSBpbiB0aGUgZ3JvdXApIHdobyBob3N0IG1hbnkgc2VydmljZXMuPC9zcGFuPjwvcD4NCjwv
ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWls
eTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+Jm5ic3A7PC9z
cGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxl
PSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90
OyI+SXQgaXMgcHJvYmFibHkgaW1wb3J0YW50IHRvIHNpdGUgdGhlIGxvY2F0aW9uIG9mIHRoZSBT
Q0lNIDEuMCBzcGVjaWZpY2F0aW9uIHdoaWNoIGlzIHB1Ymxpc2hlZCBleHRlcm5hbGx5IHRvIElF
VEYgYXMgd2VsbCBhcyB0aGUgcmUtcHVibGlzaGVkIGRyYWZ0cyB1bmRlciBJRVRGLjwvc3Bhbj48
L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9u
dC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPiZu
YnNwOzwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh
biBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2Vy
aWYmcXVvdDsiPlBoaWw8L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05v
cm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDsgZm9udC1mYW1pbHk6JnF1b3Q7SGVs
dmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPiZuYnNwOzwvc3Bhbj48L3A+DQo8
L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXpl
OjkuMHB0OyBmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJp
ZiZxdW90OyI+QGluZGVwZW5kZW50aWQ8L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh
c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDsgZm9udC1mYW1pbHk6
JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPjxhIGhyZWY9Imh0
dHA6Ly93d3cuaW5kZXBlbmRlbnRpZC5jb20iPnd3dy5pbmRlcGVuZGVudGlkLmNvbTwvYT48L3Nw
YW4+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9y
bWFsIiBzdHlsZT0ibWFyZ2luLWJvdHRvbToxMi4wcHQiPjxzcGFuIHN0eWxlPSJmb250LWZhbWls
eTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+PGEgaHJlZj0i
bWFpbHRvOnBoaWwuaHVudEBvcmFjbGUuY29tIj5waGlsLmh1bnRAb3JhY2xlLmNvbTwvYT48L3Nw
YW4+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1m
YW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPiZuYnNw
Ozwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4t
Ym90dG9tOjEyLjBwdCI+Jm5ic3A7PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4m
bmJzcDs8L3A+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPk9uIDIwMTItMDMt
MTMsIGF0IDEyOjM3IFBNLCBFbGlvdCBMZWFyIHdyb3RlOjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9
Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij4mbmJzcDs8L3A+DQo8ZGl2
Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij5IaSBF
dmVyeW9uZSw8YnI+DQo8YnI+DQpIYXZpbmcgcmVhZCBpbnB1dHMgZnJvbSB0aGlzIGxpc3QsIEkg
YW0gcHJvcG9zaW5nIHNvbWUgY2hhbmdlcyB0byB0aGUgY2hhcnRlci4mbmJzcDsgTW9zdCBvZiB0
aGlzIGlzIGZvcm0gYW5kIG5vdCBzdWJzdGFuY2UsJm5ic3A7IGJ1dCB0aGVyZSBhcmUgc29tZSBz
dWJzdGFudGlhbCBjaGFuZ2VzLiZuYnNwOyBUaGUgcHVycG9zZSBvZiB0aGVzZSBjaGFuZ2VzIGlz
IHRvIGJyaW5nIHRoZSBjaGFydGVyIGluIGxpbmUgd2l0aCBtb3N0IG9mIHRoZSBvdGhlcnMuJm5i
c3A7IEFic2VudCB0aGVzZQ0KIHNvcnQgb2YgY2hhbmdlcywgSSBhbSBub3QgY29uZmlkZW50IHdl
IHdvdWxkIGdldCBhIFdHLiZuYnNwOyBFdmVuIHdpdGggdGhlc2UgY2hhbmdlcywgbW9yZSB3b3Jr
IGlzIG5lZWRlZC4gYmVjYXVzZSB3aGF0IGlzIGJlbG93IGlzIG5vdCBjb21wbGV0ZS48YnI+DQo8
YnI+DQpXaGF0IGlzIG1pc3Npbmcg4oCTIDxiPmFuZCBpdCdzIGltcG9ydGFudCDigJMmbmJzcDs8
L2I+IGFyZSBhIGZldyBhZGRpdGlvbmFsIHdvcmRzIGFib3V0IHdoeSB3ZSBuZWVkIFNDSU0uJm5i
c3A7IFdoeSBhcmUgd2UgaG9sZGluZyB0aGUgZGFybiBCb0Y/Jm5ic3A7IFRoaXMgaXMgbm90IHNv
bWV0aGluZyB0aGF0IGNhbiB3YWl0LCBJTUhPLCBmb3IgYW4gSW5mb3JtYXRpb25hbCBkb2N1bWVu
dC4mbmJzcDsgUmF0aGVyLCBpZiB0aGVyZSBpcyBubyBjbGVhciBzdGF0ZW1lbnQgb2YgdGhlIHBy
b2JsZW0sDQogSSBkb24ndCBzZWUgaG93IHRoZSBJRVNHIHdvdWxkIGFwcHJvdmUgYSBXRy4mbmJz
cDsgU28gdGhhdCdzIHdoYXQgdGhlIGJpZyBYWFhYWFhYIGlzIGJlbG93LiZuYnNwOyBJJ3ZlIHB1
dCBzb21lIHdvcmRzIGluLCBidXQgdGhleSBhcmUgdGhlcmUgdG8gZGVtb25zdHJhdGUgdGhlIHBv
aW50LiZuYnNwOyBQTEVBU0UgcHJvcG9zZSB0ZXh0Ljxicj4NCjxicj4NCkluIGFkZGl0aW9uLCBt
eSByZXdvcmRpbmcgaXMsIGluIHNvbWUgcGxhY2VzLCBnZW5lcmljLiZuYnNwOyBJIHdvdWxkIHN1
Z2dlc3QgdGhhdCBtb3JlIHRpbWUgYmUgc3BlbnQgb24gd2hhdCB3ZSB3aWxsIOKAkyBhbmQgYXMg
aW1wb3J0YW50bHkg4oCTJm5ic3A7IFdPTidUIGRvLiZuYnNwOyBBIGdvb2QgY2hhcnRlciB3aWxs
IHNjb3BlIG91dCBtb3JlLiZuYnNwOyBXaGF0IGFyZSB0aGUgY3JpdGljYWwgZnVuY3Rpb25zIHRo
YXQgbmVlZCB0byBiZSBkb25lDQo8Yj5ub3c8L2I+PyZuYnNwOyBJZiB3ZSBsZWF2ZSBpdCB3aWRl
IG9wZW4sIHRoZW4gd2UgcnVuIHRoZSByaXNrIG9mIHBlb3BsZSBzaG92ZWxpbmcgdG9vIG11Y2gg
aW4sIG9yIGJsb2NraW5nIG9uIGhvdyB0byBkZWNpZGUgd2hlcmUgdG8gaG9sZCB0aGUgbGluZSBh
bmQgd2FpdCB0aWwgdGhlIG5leHQgcm91bmQuJm5ic3A7IFNvLCBmb3IgaW5zdGFuY2UsIGhvdyB3
aWxsIHdlIGtlZXAgdGhlIHNjaGVtYSBmcm9tIGJsb2F0aW5nPyZuYnNwOyBSaW5zZSBhbmQgcmVw
ZWF0IHdpdGgNCiBwcm90b2NvbCBvcGVyYXRpb25zLjxicj4NCjxicj4NCkluIGFkZGl0aW9uLCBp
dCBpcyBteSBhbnRpY2lwYXRpb24gdGhhdCBzaG9ydGx5IGJlZm9yZSDigJMgb3IgdmVyeSBxdWlj
a2x5IGFmdGVyIOKAkyBvdXIgQm9GLCBJbnRlcm5ldC1EcmFmdHMgd2lsbCBiZSBwb3N0ZWQgb2Yg
dGhlIGluaXRpYWwgc3BlY2lmaWNhdGlvbnMuJm5ic3A7IFRodXMgeW91IHNlZSBkcmFmdC1YWFgg
YmVsb3cuJm5ic3A7IFdoaWxlIHRoZSBjaGFydGVyIG5lZWQgbm90IOKAkyBhbmQgY2Fubm90IOKA
kyBiZSBjb21wbGV0ZWx5IGZpbmlzaGVkIGJlZm9yZSB0aGUNCiBCb0YsIHdlIHNob3VsZCBoYXZl
IGl0IGFzIGNsb3NlIGFzIHBvc3NpYmxlLjxicj4NCjxicj4NCjxicj4NClBsZWFzZSBjb21tZW50
IG5vdyBvbiB0aGVzZSBjaGFuZ2VzIGFuZCBhbnkgYWRkaXRpb25hbCBjaGFuZ2VzIHlvdSB3b3Vs
ZCBsaWtlIHRvIHNlZS48L3A+DQo8cHJlPlNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50
IChTQ0lNKTwvcHJlPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFt
aWx5OiZxdW90O0NvdXJpZXIgTmV3JnF1b3Q7Ij5DaGFpcihzKTogVEJEPC9zcGFuPg0KPC9wPg0K
PHByZT5BcHBsaWNhdGlvbnMgQXJlYSBEaXJlY3RvcihzKTo8L3ByZT4NCjxwcmU+Jm5ic3A7Jm5i
c3A7Jm5ic3A7ICZuYnNwO1BldGUgUmVzbmljayAmbHQ7PGEgaHJlZj0ibWFpbHRvOnByZXNuaWNr
QHF1YWxjb21tLmNvbSI+cHJlc25pY2tAcXVhbGNvbW0uY29tPC9hPiZndDsgPC9wcmU+DQo8cHJl
PiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBCYXJyeSBMaWViYSAmbHQ7Pz8/Jmd0OyA8L3ByZT4N
CjxwcmU+TWFpbGluZyBMaXN0czo8L3ByZT4NCjxwcmU+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7
IEdlbmVyYWwgRGlzY3Vzc2lvbjogPGEgaHJlZj0ibWFpbHRvOnNjaW1AaWV0Zi5vcmciPnNjaW1A
aWV0Zi5vcmc8L2E+PC9wcmU+DQo8cHJlPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBUbyBTdWJz
Y3JpYmU6IDxhIGhyZWY9Imh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2Np
bSI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltPC9hPjwvcHJlPg0K
PHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgQXJjaGl2ZTombmJzcDsmbmJzcDsmbmJzcDsm
bmJzcDsmbmJzcDsgPGEgaHJlZj0iaHR0cDovL3d3dy5pZXRmLm9yZy9tYWlsLWFyY2hpdmUvd2Vi
L3NjaW0vY3VycmVudC9tYWlsbGlzdC5odG1sIj5odHRwOi8vd3d3LmlldGYub3JnL21haWwtYXJj
aGl2ZS93ZWIvc2NpbS9jdXJyZW50L21haWxsaXN0Lmh0bWw8L2E+PC9wcmU+DQo8cHJlPiZuYnNw
OzwvcHJlPg0KPHByZT5EZXNjcmlwdGlvbiBvZiBXb3JraW5nIEdyb3VwOjwvcHJlPg0KPHByZT5U
aGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24g
aXMgZGVzaWduZWQgdG8gPC9wcmU+DQo8cHJlPm1ha2UgbWFuYWdpbmcgdXNlciBpZGVudGl0eSBs
aWZlY3ljbGUgaW4gY2xvdWQgYmFzZWQgYXBwbGljYXRpb25zIGFuZCA8L3ByZT4NCjxwcmU+c2Vy
dmljZXMgZWFzaWVyLjwvcHJlPg0KPHByZT4mbmJzcDs8L3ByZT4NCjxwcmU+WFhYWFhYWDwvcHJl
Pg0KPHByZT4mbmJzcDs8L3ByZT4NCjxwcmU+U28tY2FsbGVkIENSZWF0ZSBVcGRhdGUgRGVsZXRl
IChDUlVEKSBwcm92aXNpb25pbmcgb3BlcmF0aW9ucyBhcmUgb2Z0ZW48L3ByZT4NCjxwcmU+bmVj
ZXNzYXJ5IHRvIGVhc2UgYWRvcHRpb24gb2YgbmV3IHNlcnZpY2VzLiZuYnNwOyBUaGlzIHdvcmsg
YnVpbGRzIG9uIHRvb2xzPC9wcmU+DQo8cHJlPnN1Y2ggYXMgbGRhcCBhbmQgU0FNTCAyLjAsIHdo
aWNoIGFyZSB1c2VkIHRvIHByb3ZpZGUgdXAtdG8tZGF0ZSBpbmZvcm1hdGlvbi48L3ByZT4NCjxw
cmU+U0NJTSBmb2N1c2VzIG9uIHRoZSBjYXNlIHdoZXJlIGFuIGVudGVycHJpc2UncyBsZGFwIHNl
cnZpY2UgbWF5IG5vdCBiZTwvcHJlPg0KPHByZT5hdmFpbGFibGUgdG8gdGhlIHByb3ZpZGVyLCBh
bmQgU0FNTCBjYW5ub3QgcHJvdmlkZSBzdWZmaWNpZW50IGNvbnRleHQgZm9yIHRoZTwvcHJlPg0K
PHByZT5zZXJ2aWNlLiZuYnNwOyBBbiBleGFtcGxlIHdvdWxkIGJlIHRoZSBwcm92aXNpb25pbmcg
b2YgYW4gb2YgYW4gRU1haWwgYWNjb3VudCBzbzwvcHJlPg0KPHByZT50aGF0IGl0IGNhbiByZWNl
aXZlIG1haWwgYmVmb3JlIHRoZSBwZXJzb24gaGFzIGZpcnN0IGxvZ2dlZCBpbi48L3ByZT4NCjxw
cmU+Jm5ic3A7PC9wcmU+DQo8cHJlPlhYWFhYWFhYPC9wcmU+DQo8cHJlPlRoZSBzcGVjaWZpY2F0
aW9uIHN1aXRlIHNlZWtzIHRvIGJ1aWxkIHVwb24gZXhwZXJpZW5jZSB3aXRoIGV4aXN0aW5nIDwv
cHJlPg0KPHByZT5zY2hlbWFzIGFuZCBkZXBsb3ltZW50cywgcGxhY2luZyBzcGVjaWZpYyBlbXBo
YXNpcyBvbiBzaW1wbGljaXR5IG9mIDwvcHJlPg0KPHByZT5kZXZlbG9wbWVudCBhbmQgaW50ZWdy
YXRpb24sIHdoaWxlIGFwcGx5aW5nIGV4aXN0aW5nIGF1dGhlbnRpY2F0aW9uLCA8L3ByZT4NCjxw
cmU+YXV0aG9yaXphdGlvbiwgYW5kIHByaXZhY3kgbW9kZWxzLiBJdHMgaW50ZW50IGlzIHRvIHJl
ZHVjZSB0aGUgY29zdCBhbmQgPC9wcmU+DQo8cHJlPmNvbXBsZXhpdHkgb2YgdXNlciBtYW5hZ2Vt
ZW50IG9wZXJhdGlvbnMgYnkgcHJvdmlkaW5nIGEgY29tbW9uIHVzZXIgPC9wcmU+DQo8cHJlPnNj
aGVtYSBhbmQgZXh0ZW5zaW9uIG1vZGVsLCBhcyB3ZWxsIGFzIGJpbmRpbmcgZG9jdW1lbnRzIHRv
IHByb3ZpZGUgPC9wcmU+DQo8cHJlPnBhdHRlcm5zIGZvciBleGNoYW5naW5nIHRoaXMgc2NoZW1h
IHVzaW5nIHN0YW5kYXJkIHByb3RvY29scy4gSW4gPC9wcmU+DQo8cHJlPmFkZGl0aW9uIHRoZSB3
b3JraW5nIGdyb3VwIG1heSBjb25zaWRlciBpbmNsdWRpbmcgbWFuYWdpbmcgZGV2aWNlIDwvcHJl
Pg0KPHByZT5pZGVudGl0aWVzIGFzIHBhcnQgb2YgdGhlIHdvcmsgYWRvcHRlZCBieSB0aGUgd29y
a2luZyBncm91cC48L3ByZT4NCjxwcmU+VGhlIGdyb3VwIHdpbGwgdXNlIGFzIHN0YXJ0aW5nIHBv
aW50cyB0aGUgZm9sbG93aW5nIGRyYWZ0cyBpbjwvcHJlPg0KPHByZT50aGUgZm9sbG93aW5nIHdh
eXM6PC9wcmU+DQo8cHJlPiZuYnNwOzwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJz
cDsmbmJzcDsmbmJzcDsmbmJzcDsgZHJhZnQtWFhYLXNjaW0tc2NoZW1hLTAwIGFzIHRoZSBhIHNj
aGVtYSBzcGVjaWZpY2F0aW9uLDwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm
bmJzcDsmbmJzcDsmbmJzcDsgZHJhZnQtWFhYLXNjaW0tcHJvdG9jb2wtZGVmaW5pdGlvbi0wMCBh
cyB0aGUgcHJvdG9jb2wgc3BlY2lmaWNhdGlvbiw8L3ByZT4NCjxwcmU+Jm5ic3A7Jm5ic3A7Jm5i
c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IGRyYWZ0LVhYWC1zY2ltLXNhbWwtYmluZGluZy0w
MCBmb3IgYmluZGluZyB0aGUgU0NJTSBzY2hlbWEgdG8gU0FNTCwgYW5kPC9wcmU+DQo8cHJlPiZu
YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBkcmFmdC1YWFgtc2NpbS1s
ZGFwLWJpbmRpbmctMDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1hIHRvIExEQVAuPC9wcmU+
DQo8cHJlPiZuYnNwOzwvcHJlPg0KPHByZT5UaGVzZSBkcmFmdHMgYXJlIGJhc2VkIG9uIGV4aXN0
aW5nIHNwZWNpZmljYXRpb25zLiB3aGljaCB0b2dldGhlciBhcmUgY29tbW9ubHk8L3ByZT4NCjxw
cmU+a25vd24gYXMgU0NJTSAxLjAuJm5ic3A7IEFzIHN1Y2gsIHNvbWUgY29uc2lkZXJhdGlvbiBz
aG91bGQgYmUgZ2l2ZW4gZm9yIGJhY2t3YXJkPC9wcmU+DQo8cHJlPmNvbXBhdGliaWxpdHksIGFz
IHRoZSBncm91cCBldm9sdmVzIHRoZSB3b3JrLiZuYnNwOyBUaGlzIGdyb3VwIHdpbGwgY29uc2lk
ZXIsPC9wcmU+DQo8cHJlPmZvciBhbmQgZm9yZW1vc3QsIHRoZSBvcGVyYXRpb25hbCBleHBlcmll
bmNlIGdhdGhlcmVkIGZyb20gdGhlIGV4aXN0aW5nIHdvcmsuPC9wcmU+DQo8cHJlPlRoZSBncm91
cCB3aWxsIGFsc28gY29uc2lkZXIgZXhwZXJpZW5jZXMgd2l0aCB3b3JrIGRvbmUgYnkgb3RoZXIg
Ym9kaWVzLCBpbmNsdWRpbmc8L3ByZT4NCjxwcmU+dGhlIE9BU0lTIFByb3Zpc2lvbmluZyBUQy48
L3ByZT4NCjxwcmU+Jm5ic3A7PC9wcmU+DQo8cHJlPlRoZSBncm91cCB3aWxsIHByb2R1Y2UgUHJv
cG9zZWQgU3RhbmRhcmRzIGZvciBhIHNjaGVtYSwgYSBwcm90b2NvbCw8L3ByZT4NCjxwcmU+YSBT
QU1MIGJpbmRpbmcsIGFuZCBhbiBMREFQIGJpbmRpbmcuJm5ic3A7IEluIGRvaW5nIHNvLCB0aGUg
Z3JvdXAgd2lsbCBtYWtlPC9wcmU+DQo8cHJlPmNvbnNpc3RlbnQgdGhlIHRlcm1pbm9sb2d5LCBy
ZXZpZXcgYW5kIGltcHJvdmUgc2VjdXJpdHkgb2YgdGhlIG92ZXJhbGwgc3lzdGVtLDwvcHJlPg0K
PHByZT5pZGVudGlmeSBhbnkgZnVuY3Rpb25hbCBnYXBzIHRoYXQgd291bGQgYmUgdXNlZnVsIGZ1
dHVyZSB3b3JrLCBhZGRyZXNzPC9wcmU+DQo8cHJlPmludGVybmF0aW9uYWxpemF0aW9uLCBhbmQg
cHJvdmlkZSBndWlkZWxpbmVzIGZvciBleHRlbnNpYmlsaXR5IChlaXRoZXIgdGhyb3VnaDwvcHJl
Pg0KPHByZT5JQU5BIHJlZ2lzdHJpZXMgb3Igb3RoZXIgbWVhbnMpLjwvcHJlPg0KPHByZT4mbmJz
cDs8L3ByZT4NCjxwcmU+SW4gaXRzIHdvcmssIHRoZSBncm91cCB3aWxsIGRlY2lkZSB3aGF0IGFk
ZGl0aW9uYWwgY2FwYWJpbGl0aWVzIHNob3VsZCBiZTwvcHJlPg0KPHByZT5pbmNsdWRlZCBpbiB0
aGUgaW5pdGlhbCBzcGVjaWZpY2F0aW9uLCBhbmQgd2hhdCBjYW4gYmUgYWRkcmVzc2VkIGF0IGEg
bGF0ZXIgdGltZS48L3ByZT4NCjxwcmU+Jm5ic3A7PC9wcmU+DQo8cHJlPkhvd2V2ZXIsIHVzZXIs
IGRldmljZSwgYW5kIHNlcnZpY2UgYXV0aGVudGljYXRpb24gYW5kIGF1dGhvcml6YXRpb248L3By
ZT4NCjxwcmU+KHBvbGljeS9lbnRpdGxlbWVudCkgYXJlIG91dCBvZiBzY29wZSBmb3IgdGhpcyB3
b3JraW5nIGdyb3VwLjwvcHJlPg0KPHByZT4mbmJzcDs8L3ByZT4NCjxwcmU+TWlsZXN0b25lczwv
cHJlPg0KPHByZT4mbmJzcDs8L3ByZT4NCjxwcmU+NS8yMDEyJm5ic3A7Jm5ic3A7Jm5ic3A7IElu
aXRpYWwgYWRvcHRpb24gb2YgU0NJTSBjb3JlIHNjaGVtYTwvcHJlPg0KPHByZT41LzIwMTImbmJz
cDsmbmJzcDsmbmJzcDsgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNl
IGRyYWZ0PC9wcmU+DQo8cHJlPjUvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBJbml0aWFsIGFkb3B0
aW9uIG9mIFNDSU0gU0FNTCBiaW5kaW5ncyBkcmFmdDwvcHJlPg0KPHByZT41LzIwMTImbmJzcDsm
bmJzcDsmbmJzcDsgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIExEQVAgbWFwcGluZyBkcmFmdDwv
cHJlPg0KPHByZT45LzIwMTImbmJzcDsmbmJzcDsmbmJzcDsgV0dMQyBTQ0lNIGNvcmUgc2NoZW1h
PC9wcmU+DQo8cHJlPjkvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBXR0xDIFNDSU0gcmVzdGZ1bCBp
bnRlcmZhY2U8L3ByZT4NCjxwcmU+OS8yMDEyJm5ic3A7Jm5ic3A7Jm5ic3A7IFdHTEMgU0NJTSBT
QU1MIGJpbmRpbmdzPC9wcmU+DQo8cHJlPjkvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBXR0xDIFND
SU0gTERBUCBtYXBwaW5nPC9wcmU+DQo8cHJlPjMvMjAxMyZuYnNwOyZuYnNwOyZuYnNwOyBSZS1j
aGFydGVyIGRpc2N1c3Npb248L3ByZT4NCjxwcmU+Jm5ic3A7PC9wcmU+DQo8L2Rpdj4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiPl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fPGJyPg0Kc2NpbSBtYWlsaW5nIGxpc3Q8YnI+DQo8YSBocmVmPSJtYWlsdG86c2NpbUBp
ZXRmLm9yZyI+c2NpbUBpZXRmLm9yZzwvYT48YnI+DQo8YSBocmVmPSJodHRwczovL3d3dy5pZXRm
Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NjaW0iPmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4v
bGlzdGluZm8vc2NpbTwvYT48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNw
OzwvcD4NCjwvZGl2Pg0KPGJyPg0KPGhyPg0KPGZvbnQgZmFjZT0iQXJpYWwiIGNvbG9yPSJHcmF5
IiBzaXplPSIxIj48YnI+DQpUaGlzIGUtbWFpbCBtZXNzYWdlLCBpbmNsdWRpbmcgYW55IGF0dGFj
aG1lbnRzLCBpcyBmb3IgdGhlIHNvbGUgdXNlIG9mIHRoZSBwZXJzb24gdG8gd2hvbSBpdCBoYXMg
YmVlbiBzZW50LCBhbmQgbWF5IGNvbnRhaW4gaW5mb3JtYXRpb24gdGhhdCBpcyBjb25maWRlbnRp
YWwgb3IgbGVnYWxseSBwcm90ZWN0ZWQuIElmIHlvdSBhcmUgbm90IHRoZSBpbnRlbmRlZCByZWNp
cGllbnQgb3IgaGF2ZSByZWNlaXZlZCB0aGlzIG1lc3NhZ2UgaW4gZXJyb3IsDQogeW91IGFyZSBu
b3QgYXV0aG9yaXplZCB0byBjb3B5LCBkaXN0cmlidXRlLCBvciBvdGhlcndpc2UgdXNlIHRoaXMg
bWVzc2FnZSBvciBpdHMgYXR0YWNobWVudHMuIFBsZWFzZSBub3RpZnkgdGhlIHNlbmRlciBpbW1l
ZGlhdGVseSBieSByZXR1cm4gZS1tYWlsIGFuZCBwZXJtYW5lbnRseSBkZWxldGUgdGhpcyBtZXNz
YWdlIGFuZCBhbnkgYXR0YWNobWVudHMuIEdhcnRuZXIgbWFrZXMgbm8gd2FycmFudHkgdGhhdCB0
aGlzIGUtbWFpbCBpcyBlcnJvcg0KIG9yIHZpcnVzIGZyZWUuPGJyPg0KPC9mb250Pg0KPC9ib2R5
Pg0KPC9odG1sPg0K

--_000_D8A3C5E7F4A8B44BB49BF6E8D140E4A606CD4000Altaentgartnerc_--

From tonynad@microsoft.com  Wed Mar 14 06:37:59 2012
Return-Path: <tonynad@microsoft.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB4E921F87B6 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:37:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.916
X-Spam-Level: 
X-Spam-Status: No, score=-0.916 tagged_above=-999 required=5 tests=[AWL=-1.050, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_74=0.6, RCVD_IN_DNSWL_LOW=-1, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2AtGjwCWQefq for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 06:37:57 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe005.messaging.microsoft.com [216.32.181.185]) by ietfa.amsl.com (Postfix) with ESMTP id 1624021F87B4 for <scim@ietf.org>; Wed, 14 Mar 2012 06:37:53 -0700 (PDT)
Received: from mail70-ch1-R.bigfish.com (10.43.68.225) by CH1EHSOBE017.bigfish.com (10.43.70.67) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 13:37:54 +0000
Received: from mail70-ch1 (localhost [127.0.0.1])	by mail70-ch1-R.bigfish.com (Postfix) with ESMTP id 063C71A05A2	for <scim@ietf.org>; Wed, 14 Mar 2012 13:37:54 +0000 (UTC)
X-SpamScore: -38
X-BigFish: VS-38(zzbb2dI9371Ic89bh936eK1418Mc857h98dK14ffO4015I13e6K853kzz1202h1082kzz1033IL8275bh8275dhz2fh2a8h683h839hd25h)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC101.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail70-ch1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=tonynad@microsoft.com; helo=TK5EX14MLTC101.redmond.corp.microsoft.com ; icrosoft.com ; 
Received: from mail70-ch1 (localhost.localdomain [127.0.0.1]) by mail70-ch1 (MessageSwitch) id 133173227133543_24431; Wed, 14 Mar 2012 13:37:51 +0000 (UTC)
Received: from CH1EHSMHS013.bigfish.com (snatpool2.int.messaging.microsoft.com [10.43.68.236])	by mail70-ch1.bigfish.com (Postfix) with ESMTP id 044DC200B6 for <scim@ietf.org>; Wed, 14 Mar 2012 13:37:51 +0000 (UTC)
Received: from TK5EX14MLTC101.redmond.corp.microsoft.com (131.107.125.8) by CH1EHSMHS013.bigfish.com (10.43.70.13) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 13:37:50 +0000
Received: from va3outboundpool.messaging.microsoft.com (157.54.51.80) by mail.microsoft.com (157.54.79.178) with Microsoft SMTP Server (TLS) id 14.2.283.4; Wed, 14 Mar 2012 13:37:46 +0000
Received: from mail170-va3-R.bigfish.com (10.7.14.251) by VA3EHSOBE002.bigfish.com (10.7.40.22) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 13:37:47 +0000
Received: from mail170-va3 (localhost [127.0.0.1])	by mail170-va3-R.bigfish.com (Postfix) with ESMTP id D44E11C0456	for <scim@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Wed, 14 Mar 2012 13:37:46 +0000 (UTC)
Received: from mail170-va3 (localhost.localdomain [127.0.0.1]) by mail170-va3 (MessageSwitch) id 1331732262601130_22832; Wed, 14 Mar 2012 13:37:42 +0000 (UTC)
Received: from VA3EHSMHS031.bigfish.com (unknown [10.7.14.246])	by mail170-va3.bigfish.com (Postfix) with ESMTP id 8DF49160074; Wed, 14 Mar 2012 13:37:42 +0000 (UTC)
Received: from BL2PRD0310HT004.namprd03.prod.outlook.com (157.56.240.21) by VA3EHSMHS031.bigfish.com (10.7.99.41) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 13:37:39 +0000
Received: from BL2PRD0310MB362.namprd03.prod.outlook.com ([169.254.10.177]) by BL2PRD0310HT004.namprd03.prod.outlook.com ([10.255.97.39]) with mapi id 14.16.0123.000; Wed, 14 Mar 2012 13:37:37 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: "Diodati, Mark" <Mark.Diodati@gartner.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] FW:  Propose reshape of charter
Thread-Index: AQHNAecxVxcx6gYGa0ePKToodBT1E5ZpytyA
Date: Wed, 14 Mar 2012 13:37:36 +0000
Message-ID: <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com>
In-Reply-To: <20120314133359.AD1C421F85A0@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [129.6.252.104]
Content-Type: multipart/alternative; boundary="_000_B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9BL2PRD0310MB362_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BL2PRD0310HT004.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%GARTNER.COM$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14MLTC101.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14MLTC101.redmond.corp.microsoft.com
X-OriginatorOrg: microsoft.com
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 13:37:59 -0000

--_000_B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9BL2PRD0310MB362_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

VGhhdOKAmXMgbXkgcG9pbnQsIHRoZSB0ZXJtIGlkZW50aXR5IGxpZmUtY3ljbGUgaXMgdG9vIHN1
YmplY3RpdmUsIHN1Z2dlc3QgdGhhdCB0aGlzIGJlIGxpbWl0ZWQgdG8gdGhlIGFjdHVhbCBpZGVu
dGl0eSBtYW5hZ2VtZW50IGZ1bmN0aW9ucyB0aGF0IFNDSU0gd2lsbCBjb3Zlcg0KDQpGcm9tOiBz
Y2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJl
aGFsZiBPZiBEaW9kYXRpLE1hcmsNClNlbnQ6IFdlZG5lc2RheSwgTWFyY2ggMTQsIDIwMTIgNjoz
NCBBTQ0KVG86IHNjaW1AaWV0Zi5vcmcNClN1YmplY3Q6IFtzY2ltXSBGVzogUHJvcG9zZSByZXNo
YXBlIG9mIGNoYXJ0ZXINCg0KSSB1bmRlcnN0YW5kIHRoZSBjb25jZXJuIHJlZ2FyZGluZyB0aGUg
dmFndWVuZXNzIG9mIOKAnG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xl4oCdLCBidXQg
SSB0aGluayB0aGF0IGl0IGlzIHN1ZmZpY2llbnQuIFRoZSBjbGllbnRzIEkgaGF2ZSBzcG9rZW4g
dG8gZG8gbm90IGFzc29jaWF0ZSBpZGVudGl0eSBwcm9vZmluZywgcHJpdmFjeSBzZXR0aW5ncywg
ZXRjLiB3aXRoIGlkZW50aXR5IGxpZmVjeWNsZSBtYW5hZ2VtZW50Lg0KDQpUaGVuIGFnYWluLCBJ
4oCZdmUgYmVlbiBpbiB0aGUgaWRlbnRpdHkgYnVzaW5lc3MgZm9yIHNvbWUgdGltZSBub3csIHNv
IHBlcmhhcHMgSSBhbSB0b28gY2xvc2UgdG8gaXQuIFdoYXRldmVyIHdvcmtzIGZvciBldmVyeW9u
ZSBlbHNlIGlzIGZpbmUgd2l0aCBtZS4NCg0KTWFyaw0KDQpGcm9tOiBCcmVubmVyLCBNaWNoYWVs
IFJhbGYgKE1pY2hhZWwpIFttYWlsdG86bWljaGFlbC5icmVubmVyQGFsY2F0ZWwtbHVjZW50LmNv
bV08bWFpbHRvOlttYWlsdG86bWljaGFlbC5icmVubmVyQGFsY2F0ZWwtbHVjZW50LmNvbV0+DQpT
ZW50OiBXZWRuZXNkYXksIE1hcmNoIDE0LCAyMDEyIDg6MTMgQU0NClRvOiBBbnRob255IE5hZGFs
aW47IEVsaW90IExlYXI7IFBoaWwgSHVudA0KQ2M6IHNjaW1AaWV0Zi5vcmc8bWFpbHRvOnNjaW1A
aWV0Zi5vcmc+OyBQZXRlciBTYWludC1BbmRyZTsgU3RldmVuIE0uIEJlbGxvdmluDQpTdWJqZWN0
OiBSZTogW3NjaW1dIFByb3Bvc2UgcmVzaGFwZSBvZiBjaGFydGVyDQoNCuKApiBhbmQgd2hhdCBh
Ym91dCBvdGhlcnMg4oCTIGFyZSB0aG9zZSBpbmNsdWRlZCBvciBleGNsdWRlZCBmcm9tIOKAnGlk
ZW50aXR5IGxpZmVjeWNsZeKAnToNCg0KLSAgICAgICAgICBQcm9maWxlcy9wcmVmZXJlbmNlcw0K
DQotICAgICAgICAgIFByaXZhY3kgc2V0dGluZ3MNCg0KLSAgICAgICAgICBBY2Nlc3MgY29udHJv
bCB0byBhbGwgaWRlbnRpdHktcmVsYXRlZCBpbmZvcm1hdGlvbg0KVGhhbmtzLA0KTWljaGFlbA0K
DQpGcm9tOiBzY2ltLWJvdW5jZXNAaWV0Zi5vcmc8bWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9y
Zz4gW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddPG1haWx0bzpbbWFpbHRvOnNjaW0tYm91
bmNlc0BpZXRmLm9yZ10+IE9uIEJlaGFsZiBPZiBBbnRob255IE5hZGFsaW4NClNlbnQ6IFdlZG5l
c2RheSwgTWFyY2ggMTQsIDIwMTIgOTowOSBBTQ0KVG86IEVsaW90IExlYXI7IFBoaWwgSHVudA0K
Q2M6IHNjaW1AaWV0Zi5vcmc8bWFpbHRvOnNjaW1AaWV0Zi5vcmc+OyBQZXRlciBTYWludC1BbmRy
ZTsgU3RldmVuIE0uIEJlbGxvdmluDQpTdWJqZWN0OiBSZTogW3NjaW1dIFByb3Bvc2UgcmVzaGFw
ZSBvZiBjaGFydGVyDQoNCuKAnG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xl4oCdDQoN
ClRoaXMgaXMgYSBsaXR0bGUgdG9vIHZhZ3VlIGFzIHRoZXJlIGFyZSBtYW55IGRpZmZlcmVudCB2
aWV3cyBvbiB3aGF0IHRoZSBpZGVudGl0eSBsaWZlY3ljbGUgY29uc2lzdHMgb2YsIGVucm9sbG1l
bnQsIHByb29maW5nLCBjcmVkZW50aWFsaW5nLCB1c2FnZSwgbW9uaXRvcmluZywgZXRjLiBhbmQg
SSBkb27igJl0IGJlbGlldmUgdGhhdCBTQ0lNIGNvdmVycyBhbGwgdGhlc2UgYXJlYXMgbm93IG9y
IGV2ZXIgd2lsbA0KDQpGcm9tOiBzY2ltLWJvdW5jZXNAaWV0Zi5vcmc8bWFpbHRvOnNjaW0tYm91
bmNlc0BpZXRmLm9yZz4gW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddPG1haWx0bzpbbWFp
bHRvOnNjaW0tYm91bmNlc0BpZXRmLm9yZ10+IE9uIEJlaGFsZiBPZiBFbGlvdCBMZWFyDQpTZW50
OiBUdWVzZGF5LCBNYXJjaCAxMywgMjAxMiAyOjIzIFBNDQpUbzogUGhpbCBIdW50DQpDYzogc2Np
bUBpZXRmLm9yZzxtYWlsdG86c2NpbUBpZXRmLm9yZz47IFBldGVyIFNhaW50LUFuZHJlOyBTdGV2
ZW4gTS4gQmVsbG92aW4NClN1YmplY3Q6IFJlOiBbc2NpbV0gUHJvcG9zZSByZXNoYXBlIG9mIGNo
YXJ0ZXINCg0KRXZlcnlvbmU6DQoNClBsZWFzZSB2b2ljZSB5b3VyIHN1cHBvcnQgb3Igb3Bwb3Np
dGlvbiB0byB0aGUgcHJvcG9zZWQgY2hhbmdlIGJlbG93IChhbmQgYW55IG90aGVyIHByb3Bvc2Vk
IGNoYW5nZSkgdGhhdCBjb21lcyB0aHJvdWdoLiAgU3RhdGluZyBXSFkgaGVscHMgYWR2YW5jZSB0
aGUgZGViYXRlLg0KDQpUaGFua3MsDQoNCkVsaW90DQoNCk9uIDMvMTMvMTIgODo1NiBQTSwgUGhp
bCBIdW50IHdyb3RlOg0KRWxpb3QsDQoNCkkgcHJvcG9zZSB0aGUgZm9sbG93aW5nIGNoYW5nZSB0
byB0aGUgV0cgRGVzY3JpcHRpb246DQoNCkZyb206DQoNClRoZSBTaW1wbGUgQ2xvdWQgSWRlbnRp
dHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0bw0KDQptYWtl
IG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0
aW9ucyBhbmQNCg0Kc2VydmljZXMgZWFzaWVyLg0KVG86DQoNClRoZSBTaW1wbGUgQ2xvdWQgSWRl
bnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0bw0KDQpt
YWtlIG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGluIG9uZSBvciBtb3JlIGFwcGxp
Y2F0aW9ucyBhbmQNCg0Kc2VydmljZXMgZWFzaWVyIGJldHdlZW4gY2xpZW50IG9yZ2FuaXphdGlv
bnMgYW5kIGNsb3VkIGJhc2VkIHNlcnZpY2UgcHJvdmlkZXJzLg0KDQpUaGUgY2hhbmdlIGFib3Zl
IGlzIHN1YnRsZSBidXQgb2YgY3JpdGljYWwgaW1wb3J0YW5jZSB0byBjbG91ZCBwcm92aWRlcnMg
KG1hbnkgd2hvIGFyZSBub3QgeWV0IGFjdGl2ZSBpbiB0aGUgZ3JvdXApIHdobyBob3N0IG1hbnkg
c2VydmljZXMuDQoNCkl0IGlzIHByb2JhYmx5IGltcG9ydGFudCB0byBzaXRlIHRoZSBsb2NhdGlv
biBvZiB0aGUgU0NJTSAxLjAgc3BlY2lmaWNhdGlvbiB3aGljaCBpcyBwdWJsaXNoZWQgZXh0ZXJu
YWxseSB0byBJRVRGIGFzIHdlbGwgYXMgdGhlIHJlLXB1Ymxpc2hlZCBkcmFmdHMgdW5kZXIgSUVU
Ri4NCg0KUGhpbA0KDQpAaW5kZXBlbmRlbnRpZA0Kd3d3LmluZGVwZW5kZW50aWQuY29tPGh0dHA6
Ly93d3cuaW5kZXBlbmRlbnRpZC5jb20+DQpwaGlsLmh1bnRAb3JhY2xlLmNvbTxtYWlsdG86cGhp
bC5odW50QG9yYWNsZS5jb20+DQoNCg0KDQpPbiAyMDEyLTAzLTEzLCBhdCAxMjozNyBQTSwgRWxp
b3QgTGVhciB3cm90ZToNCg0KSGkgRXZlcnlvbmUsDQoNCkhhdmluZyByZWFkIGlucHV0cyBmcm9t
IHRoaXMgbGlzdCwgSSBhbSBwcm9wb3Npbmcgc29tZSBjaGFuZ2VzIHRvIHRoZSBjaGFydGVyLiAg
TW9zdCBvZiB0aGlzIGlzIGZvcm0gYW5kIG5vdCBzdWJzdGFuY2UsICBidXQgdGhlcmUgYXJlIHNv
bWUgc3Vic3RhbnRpYWwgY2hhbmdlcy4gIFRoZSBwdXJwb3NlIG9mIHRoZXNlIGNoYW5nZXMgaXMg
dG8gYnJpbmcgdGhlIGNoYXJ0ZXIgaW4gbGluZSB3aXRoIG1vc3Qgb2YgdGhlIG90aGVycy4gIEFi
c2VudCB0aGVzZSBzb3J0IG9mIGNoYW5nZXMsIEkgYW0gbm90IGNvbmZpZGVudCB3ZSB3b3VsZCBn
ZXQgYSBXRy4gIEV2ZW4gd2l0aCB0aGVzZSBjaGFuZ2VzLCBtb3JlIHdvcmsgaXMgbmVlZGVkLiBi
ZWNhdXNlIHdoYXQgaXMgYmVsb3cgaXMgbm90IGNvbXBsZXRlLg0KDQpXaGF0IGlzIG1pc3Npbmcg
4oCTIGFuZCBpdCdzIGltcG9ydGFudCDigJMgIGFyZSBhIGZldyBhZGRpdGlvbmFsIHdvcmRzIGFi
b3V0IHdoeSB3ZSBuZWVkIFNDSU0uICBXaHkgYXJlIHdlIGhvbGRpbmcgdGhlIGRhcm4gQm9GPyAg
VGhpcyBpcyBub3Qgc29tZXRoaW5nIHRoYXQgY2FuIHdhaXQsIElNSE8sIGZvciBhbiBJbmZvcm1h
dGlvbmFsIGRvY3VtZW50LiAgUmF0aGVyLCBpZiB0aGVyZSBpcyBubyBjbGVhciBzdGF0ZW1lbnQg
b2YgdGhlIHByb2JsZW0sIEkgZG9uJ3Qgc2VlIGhvdyB0aGUgSUVTRyB3b3VsZCBhcHByb3ZlIGEg
V0cuICBTbyB0aGF0J3Mgd2hhdCB0aGUgYmlnIFhYWFhYWFggaXMgYmVsb3cuICBJJ3ZlIHB1dCBz
b21lIHdvcmRzIGluLCBidXQgdGhleSBhcmUgdGhlcmUgdG8gZGVtb25zdHJhdGUgdGhlIHBvaW50
LiAgUExFQVNFIHByb3Bvc2UgdGV4dC4NCg0KSW4gYWRkaXRpb24sIG15IHJld29yZGluZyBpcywg
aW4gc29tZSBwbGFjZXMsIGdlbmVyaWMuICBJIHdvdWxkIHN1Z2dlc3QgdGhhdCBtb3JlIHRpbWUg
YmUgc3BlbnQgb24gd2hhdCB3ZSB3aWxsIOKAkyBhbmQgYXMgaW1wb3J0YW50bHkg4oCTICBXT04n
VCBkby4gIEEgZ29vZCBjaGFydGVyIHdpbGwgc2NvcGUgb3V0IG1vcmUuICBXaGF0IGFyZSB0aGUg
Y3JpdGljYWwgZnVuY3Rpb25zIHRoYXQgbmVlZCB0byBiZSBkb25lIG5vdz8gIElmIHdlIGxlYXZl
IGl0IHdpZGUgb3BlbiwgdGhlbiB3ZSBydW4gdGhlIHJpc2sgb2YgcGVvcGxlIHNob3ZlbGluZyB0
b28gbXVjaCBpbiwgb3IgYmxvY2tpbmcgb24gaG93IHRvIGRlY2lkZSB3aGVyZSB0byBob2xkIHRo
ZSBsaW5lIGFuZCB3YWl0IHRpbCB0aGUgbmV4dCByb3VuZC4gIFNvLCBmb3IgaW5zdGFuY2UsIGhv
dyB3aWxsIHdlIGtlZXAgdGhlIHNjaGVtYSBmcm9tIGJsb2F0aW5nPyAgUmluc2UgYW5kIHJlcGVh
dCB3aXRoIHByb3RvY29sIG9wZXJhdGlvbnMuDQoNCkluIGFkZGl0aW9uLCBpdCBpcyBteSBhbnRp
Y2lwYXRpb24gdGhhdCBzaG9ydGx5IGJlZm9yZSDigJMgb3IgdmVyeSBxdWlja2x5IGFmdGVyIOKA
kyBvdXIgQm9GLCBJbnRlcm5ldC1EcmFmdHMgd2lsbCBiZSBwb3N0ZWQgb2YgdGhlIGluaXRpYWwg
c3BlY2lmaWNhdGlvbnMuICBUaHVzIHlvdSBzZWUgZHJhZnQtWFhYIGJlbG93LiAgV2hpbGUgdGhl
IGNoYXJ0ZXIgbmVlZCBub3Qg4oCTIGFuZCBjYW5ub3Qg4oCTIGJlIGNvbXBsZXRlbHkgZmluaXNo
ZWQgYmVmb3JlIHRoZSBCb0YsIHdlIHNob3VsZCBoYXZlIGl0IGFzIGNsb3NlIGFzIHBvc3NpYmxl
Lg0KDQoNClBsZWFzZSBjb21tZW50IG5vdyBvbiB0aGVzZSBjaGFuZ2VzIGFuZCBhbnkgYWRkaXRp
b25hbCBjaGFuZ2VzIHlvdSB3b3VsZCBsaWtlIHRvIHNlZS4NCg0KU2ltcGxlIENsb3VkIElkZW50
aXR5IE1hbmFnZW1lbnQgKFNDSU0pDQpDaGFpcihzKTogVEJEDQoNCkFwcGxpY2F0aW9ucyBBcmVh
IERpcmVjdG9yKHMpOg0KDQogICAgIFBldGUgUmVzbmljayA8cHJlc25pY2tAcXVhbGNvbW0uY29t
PG1haWx0bzpwcmVzbmlja0BxdWFsY29tbS5jb20+Pg0KDQogICAgIEJhcnJ5IExpZWJhIDw/Pz8+
DQoNCk1haWxpbmcgTGlzdHM6DQoNCiAgICAgR2VuZXJhbCBEaXNjdXNzaW9uOiBzY2ltQGlldGYu
b3JnPG1haWx0bzpzY2ltQGlldGYub3JnPg0KDQogICAgIFRvIFN1YnNjcmliZTogaHR0cHM6Ly93
d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltDQoNCiAgICAgQXJjaGl2ZTogICAgICBo
dHRwOi8vd3d3LmlldGYub3JnL21haWwtYXJjaGl2ZS93ZWIvc2NpbS9jdXJyZW50L21haWxsaXN0
Lmh0bWwNCg0KDQoNCkRlc2NyaXB0aW9uIG9mIFdvcmtpbmcgR3JvdXA6DQoNClRoZSBTaW1wbGUg
Q2xvdWQgSWRlbnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25l
ZCB0bw0KDQptYWtlIG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGluIGNsb3VkIGJh
c2VkIGFwcGxpY2F0aW9ucyBhbmQNCg0Kc2VydmljZXMgZWFzaWVyLg0KDQoNCg0KWFhYWFhYWA0K
DQoNCg0KU28tY2FsbGVkIENSZWF0ZSBVcGRhdGUgRGVsZXRlIChDUlVEKSBwcm92aXNpb25pbmcg
b3BlcmF0aW9ucyBhcmUgb2Z0ZW4NCg0KbmVjZXNzYXJ5IHRvIGVhc2UgYWRvcHRpb24gb2YgbmV3
IHNlcnZpY2VzLiAgVGhpcyB3b3JrIGJ1aWxkcyBvbiB0b29scw0KDQpzdWNoIGFzIGxkYXAgYW5k
IFNBTUwgMi4wLCB3aGljaCBhcmUgdXNlZCB0byBwcm92aWRlIHVwLXRvLWRhdGUgaW5mb3JtYXRp
b24uDQoNClNDSU0gZm9jdXNlcyBvbiB0aGUgY2FzZSB3aGVyZSBhbiBlbnRlcnByaXNlJ3MgbGRh
cCBzZXJ2aWNlIG1heSBub3QgYmUNCg0KYXZhaWxhYmxlIHRvIHRoZSBwcm92aWRlciwgYW5kIFNB
TUwgY2Fubm90IHByb3ZpZGUgc3VmZmljaWVudCBjb250ZXh0IGZvciB0aGUNCg0Kc2VydmljZS4g
IEFuIGV4YW1wbGUgd291bGQgYmUgdGhlIHByb3Zpc2lvbmluZyBvZiBhbiBvZiBhbiBFTWFpbCBh
Y2NvdW50IHNvDQoNCnRoYXQgaXQgY2FuIHJlY2VpdmUgbWFpbCBiZWZvcmUgdGhlIHBlcnNvbiBo
YXMgZmlyc3QgbG9nZ2VkIGluLg0KDQoNCg0KWFhYWFhYWFgNCg0KVGhlIHNwZWNpZmljYXRpb24g
c3VpdGUgc2Vla3MgdG8gYnVpbGQgdXBvbiBleHBlcmllbmNlIHdpdGggZXhpc3RpbmcNCg0Kc2No
ZW1hcyBhbmQgZGVwbG95bWVudHMsIHBsYWNpbmcgc3BlY2lmaWMgZW1waGFzaXMgb24gc2ltcGxp
Y2l0eSBvZg0KDQpkZXZlbG9wbWVudCBhbmQgaW50ZWdyYXRpb24sIHdoaWxlIGFwcGx5aW5nIGV4
aXN0aW5nIGF1dGhlbnRpY2F0aW9uLA0KDQphdXRob3JpemF0aW9uLCBhbmQgcHJpdmFjeSBtb2Rl
bHMuIEl0cyBpbnRlbnQgaXMgdG8gcmVkdWNlIHRoZSBjb3N0IGFuZA0KDQpjb21wbGV4aXR5IG9m
IHVzZXIgbWFuYWdlbWVudCBvcGVyYXRpb25zIGJ5IHByb3ZpZGluZyBhIGNvbW1vbiB1c2VyDQoN
CnNjaGVtYSBhbmQgZXh0ZW5zaW9uIG1vZGVsLCBhcyB3ZWxsIGFzIGJpbmRpbmcgZG9jdW1lbnRz
IHRvIHByb3ZpZGUNCg0KcGF0dGVybnMgZm9yIGV4Y2hhbmdpbmcgdGhpcyBzY2hlbWEgdXNpbmcg
c3RhbmRhcmQgcHJvdG9jb2xzLiBJbg0KDQphZGRpdGlvbiB0aGUgd29ya2luZyBncm91cCBtYXkg
Y29uc2lkZXIgaW5jbHVkaW5nIG1hbmFnaW5nIGRldmljZQ0KDQppZGVudGl0aWVzIGFzIHBhcnQg
b2YgdGhlIHdvcmsgYWRvcHRlZCBieSB0aGUgd29ya2luZyBncm91cC4NCg0KVGhlIGdyb3VwIHdp
bGwgdXNlIGFzIHN0YXJ0aW5nIHBvaW50cyB0aGUgZm9sbG93aW5nIGRyYWZ0cyBpbg0KDQp0aGUg
Zm9sbG93aW5nIHdheXM6DQoNCg0KDQogICAgICAgIGRyYWZ0LVhYWC1zY2ltLXNjaGVtYS0wMCBh
cyB0aGUgYSBzY2hlbWEgc3BlY2lmaWNhdGlvbiwNCg0KICAgICAgICBkcmFmdC1YWFgtc2NpbS1w
cm90b2NvbC1kZWZpbml0aW9uLTAwIGFzIHRoZSBwcm90b2NvbCBzcGVjaWZpY2F0aW9uLA0KDQog
ICAgICAgIGRyYWZ0LVhYWC1zY2ltLXNhbWwtYmluZGluZy0wMCBmb3IgYmluZGluZyB0aGUgU0NJ
TSBzY2hlbWEgdG8gU0FNTCwgYW5kDQoNCiAgICAgICAgZHJhZnQtWFhYLXNjaW0tbGRhcC1iaW5k
aW5nLTAwIGZvciBiaW5kaW5nIHRoZSBTQ0lNIHNjaGVtYSB0byBMREFQLg0KDQoNCg0KVGhlc2Ug
ZHJhZnRzIGFyZSBiYXNlZCBvbiBleGlzdGluZyBzcGVjaWZpY2F0aW9ucy4gd2hpY2ggdG9nZXRo
ZXIgYXJlIGNvbW1vbmx5DQoNCmtub3duIGFzIFNDSU0gMS4wLiAgQXMgc3VjaCwgc29tZSBjb25z
aWRlcmF0aW9uIHNob3VsZCBiZSBnaXZlbiBmb3IgYmFja3dhcmQNCg0KY29tcGF0aWJpbGl0eSwg
YXMgdGhlIGdyb3VwIGV2b2x2ZXMgdGhlIHdvcmsuICBUaGlzIGdyb3VwIHdpbGwgY29uc2lkZXIs
DQoNCmZvciBhbmQgZm9yZW1vc3QsIHRoZSBvcGVyYXRpb25hbCBleHBlcmllbmNlIGdhdGhlcmVk
IGZyb20gdGhlIGV4aXN0aW5nIHdvcmsuDQoNClRoZSBncm91cCB3aWxsIGFsc28gY29uc2lkZXIg
ZXhwZXJpZW5jZXMgd2l0aCB3b3JrIGRvbmUgYnkgb3RoZXIgYm9kaWVzLCBpbmNsdWRpbmcNCg0K
dGhlIE9BU0lTIFByb3Zpc2lvbmluZyBUQy4NCg0KDQoNClRoZSBncm91cCB3aWxsIHByb2R1Y2Ug
UHJvcG9zZWQgU3RhbmRhcmRzIGZvciBhIHNjaGVtYSwgYSBwcm90b2NvbCwNCg0KYSBTQU1MIGJp
bmRpbmcsIGFuZCBhbiBMREFQIGJpbmRpbmcuICBJbiBkb2luZyBzbywgdGhlIGdyb3VwIHdpbGwg
bWFrZQ0KDQpjb25zaXN0ZW50IHRoZSB0ZXJtaW5vbG9neSwgcmV2aWV3IGFuZCBpbXByb3ZlIHNl
Y3VyaXR5IG9mIHRoZSBvdmVyYWxsIHN5c3RlbSwNCg0KaWRlbnRpZnkgYW55IGZ1bmN0aW9uYWwg
Z2FwcyB0aGF0IHdvdWxkIGJlIHVzZWZ1bCBmdXR1cmUgd29yaywgYWRkcmVzcw0KDQppbnRlcm5h
dGlvbmFsaXphdGlvbiwgYW5kIHByb3ZpZGUgZ3VpZGVsaW5lcyBmb3IgZXh0ZW5zaWJpbGl0eSAo
ZWl0aGVyIHRocm91Z2gNCg0KSUFOQSByZWdpc3RyaWVzIG9yIG90aGVyIG1lYW5zKS4NCg0KDQoN
CkluIGl0cyB3b3JrLCB0aGUgZ3JvdXAgd2lsbCBkZWNpZGUgd2hhdCBhZGRpdGlvbmFsIGNhcGFi
aWxpdGllcyBzaG91bGQgYmUNCg0KaW5jbHVkZWQgaW4gdGhlIGluaXRpYWwgc3BlY2lmaWNhdGlv
biwgYW5kIHdoYXQgY2FuIGJlIGFkZHJlc3NlZCBhdCBhIGxhdGVyIHRpbWUuDQoNCg0KDQpIb3dl
dmVyLCB1c2VyLCBkZXZpY2UsIGFuZCBzZXJ2aWNlIGF1dGhlbnRpY2F0aW9uIGFuZCBhdXRob3Jp
emF0aW9uDQoNCihwb2xpY3kvZW50aXRsZW1lbnQpIGFyZSBvdXQgb2Ygc2NvcGUgZm9yIHRoaXMg
d29ya2luZyBncm91cC4NCg0KDQoNCk1pbGVzdG9uZXMNCg0KDQoNCjUvMjAxMiAgICBJbml0aWFs
IGFkb3B0aW9uIG9mIFNDSU0gY29yZSBzY2hlbWENCg0KNS8yMDEyICAgIEluaXRpYWwgYWRvcHRp
b24gb2YgU0NJTSByZXN0ZnVsIGludGVyZmFjZSBkcmFmdA0KDQo1LzIwMTIgICAgSW5pdGlhbCBh
ZG9wdGlvbiBvZiBTQ0lNIFNBTUwgYmluZGluZ3MgZHJhZnQNCg0KNS8yMDEyICAgIEluaXRpYWwg
YWRvcHRpb24gb2YgU0NJTSBMREFQIG1hcHBpbmcgZHJhZnQNCg0KOS8yMDEyICAgIFdHTEMgU0NJ
TSBjb3JlIHNjaGVtYQ0KDQo5LzIwMTIgICAgV0dMQyBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNlDQoN
CjkvMjAxMiAgICBXR0xDIFNDSU0gU0FNTCBiaW5kaW5ncw0KDQo5LzIwMTIgICAgV0dMQyBTQ0lN
IExEQVAgbWFwcGluZw0KDQozLzIwMTMgICAgUmUtY2hhcnRlciBkaXNjdXNzaW9uDQoNCg0KX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCnNjaW0gbWFpbGlu
ZyBsaXN0DQpzY2ltQGlldGYub3JnPG1haWx0bzpzY2ltQGlldGYub3JnPg0KaHR0cHM6Ly93d3cu
aWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltDQoNCg0KX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX18NCg0KVGhpcyBlLW1haWwgbWVzc2FnZSwgaW5jbHVkaW5nIGFueSBhdHRhY2ht
ZW50cywgaXMgZm9yIHRoZSBzb2xlIHVzZSBvZiB0aGUgcGVyc29uIHRvIHdob20gaXQgaGFzIGJl
ZW4gc2VudCwgYW5kIG1heSBjb250YWluIGluZm9ybWF0aW9uIHRoYXQgaXMgY29uZmlkZW50aWFs
IG9yIGxlZ2FsbHkgcHJvdGVjdGVkLiBJZiB5b3UgYXJlIG5vdCB0aGUgaW50ZW5kZWQgcmVjaXBp
ZW50IG9yIGhhdmUgcmVjZWl2ZWQgdGhpcyBtZXNzYWdlIGluIGVycm9yLCB5b3UgYXJlIG5vdCBh
dXRob3JpemVkIHRvIGNvcHksIGRpc3RyaWJ1dGUsIG9yIG90aGVyd2lzZSB1c2UgdGhpcyBtZXNz
YWdlIG9yIGl0cyBhdHRhY2htZW50cy4gUGxlYXNlIG5vdGlmeSB0aGUgc2VuZGVyIGltbWVkaWF0
ZWx5IGJ5IHJldHVybiBlLW1haWwgYW5kIHBlcm1hbmVudGx5IGRlbGV0ZSB0aGlzIG1lc3NhZ2Ug
YW5kIGFueSBhdHRhY2htZW50cy4gR2FydG5lciBtYWtlcyBubyB3YXJyYW50eSB0aGF0IHRoaXMg
ZS1tYWlsIGlzIGVycm9yIG9yIHZpcnVzIGZyZWUuDQo=

--_000_B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9BL2PRD0310MB362_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj
cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv
VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg
Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv
ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTQgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPCEtLVtp
ZiAhbXNvXT48c3R5bGU+dlw6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kb1w6KiB7
YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kd1w6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0
I1ZNTCk7fQ0KLnNoYXBlIHtiZWhhdmlvcjp1cmwoI2RlZmF1bHQjVk1MKTt9DQo8L3N0eWxlPjwh
W2VuZGlmXS0tPjxzdHlsZT48IS0tDQovKiBGb250IERlZmluaXRpb25zICovDQpAZm9udC1mYWNl
DQoJe2ZvbnQtZmFtaWx5OkhlbHZldGljYTsNCglwYW5vc2UtMToyIDExIDYgNCAyIDIgMiAyIDIg
NDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OkhlbHZldGljYTsNCglwYW5vc2UtMToyIDEx
IDYgNCAyIDIgMiAyIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJ
cGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWls
eTpUYWhvbWE7DQoJcGFub3NlLTE6MiAxMSA2IDQgMyA1IDQgNCAyIDQ7fQ0KQGZvbnQtZmFjZQ0K
CXtmb250LWZhbWlseTpDb25zb2xhczsNCglwYW5vc2UtMToyIDExIDYgOSAyIDIgNCAzIDIgNDt9
DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2
Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250
LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLCJzZXJpZiI7DQoJ
Y29sb3I6YmxhY2s7fQ0KYTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJp
b3JpdHk6OTk7DQoJY29sb3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6
dmlzaXRlZCwgc3Bhbi5Nc29IeXBlcmxpbmtGb2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6
OTk7DQoJY29sb3I6cHVycGxlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcHJlDQoJ
e21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgltc28tc3R5bGUtbGluazoiSFRNTCBQcmVmb3JtYXR0
ZWQgQ2hhciI7DQoJbWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1z
aXplOjEwLjBwdDsNCglmb250LWZhbWlseToiQ291cmllciBOZXciOw0KCWNvbG9yOmJsYWNrO30N
CnAuTXNvQWNldGF0ZSwgbGkuTXNvQWNldGF0ZSwgZGl2Lk1zb0FjZXRhdGUNCgl7bXNvLXN0eWxl
LXByaW9yaXR5Ojk5Ow0KCW1zby1zdHlsZS1saW5rOiJCYWxsb29uIFRleHQgQ2hhciI7DQoJbWFy
Z2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjguMHB0Ow0KCWZv
bnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjpibGFjazt9DQpwLk1zb0xp
c3RQYXJhZ3JhcGgsIGxpLk1zb0xpc3RQYXJhZ3JhcGgsIGRpdi5Nc29MaXN0UGFyYWdyYXBoDQoJ
e21zby1zdHlsZS1wcmlvcml0eTozNDsNCgltYXJnaW4tdG9wOjBpbjsNCgltYXJnaW4tcmlnaHQ6
MGluOw0KCW1hcmdpbi1ib3R0b206MGluOw0KCW1hcmdpbi1sZWZ0Oi41aW47DQoJbWFyZ2luLWJv
dHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5l
dyBSb21hbiIsInNlcmlmIjsNCgljb2xvcjpibGFjazt9DQpzcGFuLkhUTUxQcmVmb3JtYXR0ZWRD
aGFyDQoJe21zby1zdHlsZS1uYW1lOiJIVE1MIFByZWZvcm1hdHRlZCBDaGFyIjsNCgltc28tc3R5
bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkhUTUwgUHJlZm9ybWF0dGVkIjsNCglm
b250LWZhbWlseTpDb25zb2xhczsNCgljb2xvcjpibGFjazt9DQpzcGFuLkJhbGxvb25UZXh0Q2hh
cg0KCXttc28tc3R5bGUtbmFtZToiQmFsbG9vbiBUZXh0IENoYXIiOw0KCW1zby1zdHlsZS1wcmlv
cml0eTo5OTsNCgltc28tc3R5bGUtbGluazoiQmFsbG9vbiBUZXh0IjsNCglmb250LWZhbWlseToi
VGFob21hIiwic2Fucy1zZXJpZiI7DQoJY29sb3I6YmxhY2s7fQ0KcC5tc29jaHBkZWZhdWx0LCBs
aS5tc29jaHBkZWZhdWx0LCBkaXYubXNvY2hwZGVmYXVsdA0KCXttc28tc3R5bGUtbmFtZTptc29j
aHBkZWZhdWx0Ow0KCW1zby1tYXJnaW4tdG9wLWFsdDphdXRvOw0KCW1hcmdpbi1yaWdodDowaW47
DQoJbXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJbWFyZ2luLWxlZnQ6MGluOw0KCWZvbnQt
c2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBSb21hbiIsInNlcmlmIjt9DQpz
cGFuLmh0bWxwcmVmb3JtYXR0ZWRjaGFyMA0KCXttc28tc3R5bGUtbmFtZTpodG1scHJlZm9ybWF0
dGVkY2hhcjsNCglmb250LWZhbWlseTpDb25zb2xhczsNCgljb2xvcjpibGFjazt9DQpzcGFuLmJh
bGxvb250ZXh0Y2hhcjANCgl7bXNvLXN0eWxlLW5hbWU6YmFsbG9vbnRleHRjaGFyOw0KCWZvbnQt
ZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjpibGFjazt9DQpzcGFuLmVtYWls
c3R5bGUyMw0KCXttc28tc3R5bGUtbmFtZTplbWFpbHN0eWxlMjM7DQoJZm9udC1mYW1pbHk6IkNh
bGlicmkiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjojMUY0OTdEO30NCnNwYW4uZW1haWxzdHlsZTI0
DQoJe21zby1zdHlsZS1uYW1lOmVtYWlsc3R5bGUyNDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIs
InNhbnMtc2VyaWYiOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0Kc3Bhbi5lbWFpbHN0eWxlMjUNCgl7bXNv
LXN0eWxlLW5hbWU6ZW1haWxzdHlsZTI1Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1z
ZXJpZiI7DQoJY29sb3I6IzFGNDk3RDt9DQpzcGFuLkVtYWlsU3R5bGUyOA0KCXttc28tc3R5bGUt
dHlwZTpwZXJzb25hbC1yZXBseTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYi
Ow0KCWNvbG9yOiMxRjQ5N0Q7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5cGU6ZXhw
b3J0LW9ubHk7DQoJZm9udC1zaXplOjEwLjBwdDt9DQpAcGFnZSBXb3JkU2VjdGlvbjENCgl7c2l6
ZTo4LjVpbiAxMS4waW47DQoJbWFyZ2luOjEuMGluIDEuMGluIDEuMGluIDEuMGluO30NCmRpdi5X
b3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLS0+PC9zdHlsZT48IS0tW2lmIGd0
ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQiIHNwaWRtYXg9IjEw
MjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNo
YXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0IiBkYXRhPSIxIiAv
Pg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPg0KPC9oZWFkPg0KPGJvZHkgYmdj
b2xvcj0id2hpdGUiIGxhbmc9IkVOLVVTIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIj4NCjxk
aXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls
ZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90
O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+VGhhdOKAmXMgbXkgcG9pbnQsIHRoZSB0
ZXJtIGlkZW50aXR5IGxpZmUtY3ljbGUgaXMgdG9vIHN1YmplY3RpdmUsIHN1Z2dlc3QgdGhhdCB0
aGlzIGJlIGxpbWl0ZWQgdG8gdGhlIGFjdHVhbCBpZGVudGl0eSBtYW5hZ2VtZW50IGZ1bmN0aW9u
cyB0aGF0IFNDSU0gd2lsbCBjb3ZlcjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN
c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90
O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0OTdEIj48bzpw
PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9yZGVyOm5vbmU7
Ym9yZGVyLXRvcDpzb2xpZCAjQjVDNERGIDEuMHB0O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4i
Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7
Zm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29s
b3I6d2luZG93dGV4dCI+RnJvbTo8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAu
MHB0O2ZvbnQtZmFtaWx5OiZxdW90O1RhaG9tYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7
O2NvbG9yOndpbmRvd3RleHQiPiBzY2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJv
dW5jZXNAaWV0Zi5vcmddDQo8Yj5PbiBCZWhhbGYgT2YgPC9iPkRpb2RhdGksTWFyazxicj4NCjxi
PlNlbnQ6PC9iPiBXZWRuZXNkYXksIE1hcmNoIDE0LCAyMDEyIDY6MzQgQU08YnI+DQo8Yj5Ubzo8
L2I+IHNjaW1AaWV0Zi5vcmc8YnI+DQo8Yj5TdWJqZWN0OjwvYj4gW3NjaW1dIEZXOiBQcm9wb3Nl
IHJlc2hhcGUgb2YgY2hhcnRlcjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+
DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxkaXY+DQo8cCBj
bGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWls
eTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3
RCI+SSB1bmRlcnN0YW5kIHRoZSBjb25jZXJuIHJlZ2FyZGluZyB0aGUgdmFndWVuZXNzIG9mIOKA
nG1hbmFnaW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xl4oCdLCBidXQgSSB0aGluayB0aGF0IGl0
IGlzIHN1ZmZpY2llbnQuIFRoZSBjbGllbnRzIEkgaGF2ZSBzcG9rZW4gdG8gZG8gbm90DQogYXNz
b2NpYXRlIGlkZW50aXR5IHByb29maW5nLCBwcml2YWN5IHNldHRpbmdzLCBldGMuIHdpdGggaWRl
bnRpdHkgbGlmZWN5Y2xlIG1hbmFnZW1lbnQuPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xh
c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6
JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0Qi
PiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu
IHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDss
JnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0OTdEIj5UaGVuIGFnYWluLCBJ4oCZdmUg
YmVlbiBpbiB0aGUgaWRlbnRpdHkgYnVzaW5lc3MgZm9yIHNvbWUgdGltZSBub3csIHNvIHBlcmhh
cHMgSSBhbSB0b28gY2xvc2UgdG8gaXQuIFdoYXRldmVyIHdvcmtzIGZvciBldmVyeW9uZSBlbHNl
IGlzIGZpbmUgd2l0aCBtZS48L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9y
bWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxp
YnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+Jm5ic3A7PC9z
cGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZv
bnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5z
LXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPk1hcms8L3NwYW4+PG86cD48L286cD48L3A+DQo8
cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZh
bWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFG
NDk3RCI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXYgc3R5bGU9ImJv
cmRlcjpub25lO2JvcmRlci10b3A6c29saWQgI0I1QzRERiAxLjBwdDtwYWRkaW5nOjMuMHB0IDBp
biAwaW4gMGluIj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNp
emU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O1RhaG9tYSZxdW90OywmcXVvdDtzYW5zLXNlcmlm
JnF1b3Q7O2NvbG9yOndpbmRvd3RleHQiPkZyb206PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0iZm9u
dC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtUYWhvbWEmcXVvdDssJnF1b3Q7c2Fucy1z
ZXJpZiZxdW90Oztjb2xvcjp3aW5kb3d0ZXh0Ij4gQnJlbm5lciwgTWljaGFlbCBSYWxmIChNaWNo
YWVsKQ0KPGEgaHJlZj0ibWFpbHRvOlttYWlsdG86bWljaGFlbC5icmVubmVyQGFsY2F0ZWwtbHVj
ZW50LmNvbV0iPlttYWlsdG86bWljaGFlbC5icmVubmVyQGFsY2F0ZWwtbHVjZW50LmNvbV08L2E+
DQo8YnI+DQo8Yj5TZW50OjwvYj4gV2VkbmVzZGF5LCBNYXJjaCAxNCwgMjAxMiA4OjEzIEFNPGJy
Pg0KPGI+VG86PC9iPiBBbnRob255IE5hZGFsaW47IEVsaW90IExlYXI7IFBoaWwgSHVudDxicj4N
CjxiPkNjOjwvYj4gPGEgaHJlZj0ibWFpbHRvOnNjaW1AaWV0Zi5vcmciPnNjaW1AaWV0Zi5vcmc8
L2E+OyBQZXRlciBTYWludC1BbmRyZTsgU3RldmVuIE0uIEJlbGxvdmluPGJyPg0KPGI+U3ViamVj
dDo8L2I+IFJlOiBbc2NpbV0gUHJvcG9zZSByZXNoYXBlIG9mIGNoYXJ0ZXI8L3NwYW4+PG86cD48
L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Jm5ic3A7PG86
cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXpl
OjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYm
cXVvdDs7Y29sb3I6IzFGNDk3RCI+4oCmIGFuZCB3aGF0IGFib3V0IG90aGVycyDigJMgYXJlIHRo
b3NlIGluY2x1ZGVkIG9yIGV4Y2x1ZGVkIGZyb20g4oCcaWRlbnRpdHkgbGlmZWN5Y2xl4oCdOjwv
c3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29MaXN0UGFyYWdyYXBoIiBzdHlsZT0i
dGV4dC1pbmRlbnQ6LS4yNWluIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZh
bWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFG
NDk3RCI+LTwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjcuMHB0O2NvbG9yOiMxRjQ5N0Qi
PiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOw0K
PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0Nh
bGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0OTdEIj5Qcm9maWxl
cy9wcmVmZXJlbmNlczwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29MaXN0UGFy
YWdyYXBoIiBzdHlsZT0idGV4dC1pbmRlbnQ6LS4yNWluIj48c3BhbiBzdHlsZT0iZm9udC1zaXpl
OjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYm
cXVvdDs7Y29sb3I6IzFGNDk3RCI+LTwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjcuMHB0
O2NvbG9yOiMxRjQ5N0QiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw
OyZuYnNwOyZuYnNwOw0KPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQt
ZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjoj
MUY0OTdEIj5Qcml2YWN5IHNldHRpbmdzPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9
Ik1zb0xpc3RQYXJhZ3JhcGgiIHN0eWxlPSJ0ZXh0LWluZGVudDotLjI1aW4iPjxzcGFuIHN0eWxl
PSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7
c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0OTdEIj4tPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250
LXNpemU6Ny4wcHQ7Y29sb3I6IzFGNDk3RCI+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7
Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7DQo8L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTox
MS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1
b3Q7O2NvbG9yOiMxRjQ5N0QiPkFjY2VzcyBjb250cm9sIHRvIGFsbCBpZGVudGl0eS1yZWxhdGVk
IGluZm9ybWF0aW9uPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+
PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZx
dW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPlRoYW5rcyw8L3NwYW4+
PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1z
aXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2Vy
aWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+TWljaGFlbDwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxw
IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFt
aWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0
OTdEIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9y
ZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjQjVDNERGIDEuMHB0O3BhZGRpbmc6My4wcHQgMGlu
IDBpbiAwaW4iPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6
ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYm
cXVvdDs7Y29sb3I6d2luZG93dGV4dCI+RnJvbTo8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250
LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O1RhaG9tYSZxdW90OywmcXVvdDtzYW5zLXNl
cmlmJnF1b3Q7O2NvbG9yOndpbmRvd3RleHQiPg0KPGEgaHJlZj0ibWFpbHRvOnNjaW0tYm91bmNl
c0BpZXRmLm9yZyI+c2NpbS1ib3VuY2VzQGlldGYub3JnPC9hPiA8YSBocmVmPSJtYWlsdG86W21h
aWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddIj4NClttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYu
b3JnXTwvYT4gPGI+T24gQmVoYWxmIE9mIDwvYj5BbnRob255IE5hZGFsaW48YnI+DQo8Yj5TZW50
OjwvYj4gV2VkbmVzZGF5LCBNYXJjaCAxNCwgMjAxMiA5OjA5IEFNPGJyPg0KPGI+VG86PC9iPiBF
bGlvdCBMZWFyOyBQaGlsIEh1bnQ8YnI+DQo8Yj5DYzo8L2I+IDxhIGhyZWY9Im1haWx0bzpzY2lt
QGlldGYub3JnIj5zY2ltQGlldGYub3JnPC9hPjsgUGV0ZXIgU2FpbnQtQW5kcmU7IFN0ZXZlbiBN
LiBCZWxsb3Zpbjxicj4NCjxiPlN1YmplY3Q6PC9iPiBSZTogW3NjaW1dIFByb3Bvc2UgcmVzaGFw
ZSBvZiBjaGFydGVyPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h
bCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJy
aSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPuKAnDwvc3Bhbj5t
YW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNsZeKAnQ0KPG86cD48L286cD48L3A+DQo8cCBj
bGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt
YWwiPlRoaXMgaXMgYSBsaXR0bGUgdG9vIHZhZ3VlIGFzIHRoZXJlIGFyZSBtYW55IGRpZmZlcmVu
dCB2aWV3cyBvbiB3aGF0IHRoZSBpZGVudGl0eSBsaWZlY3ljbGUgY29uc2lzdHMgb2YsIGVucm9s
bG1lbnQsIHByb29maW5nLCBjcmVkZW50aWFsaW5nLCB1c2FnZSwgbW9uaXRvcmluZywgZXRjLiBh
bmQgSSBkb27igJl0IGJlbGlldmUgdGhhdCBTQ0lNIGNvdmVycyBhbGwgdGhlc2UgYXJlYXMgbm93
IG9yIGV2ZXIgd2lsbDxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g
c3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90Oywm
cXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPiZuYnNwOzwvc3Bhbj48bzpwPjwv
bzpwPjwvcD4NCjxkaXY+DQo8ZGl2IHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItdG9wOnNvbGlk
ICNCNUM0REYgMS4wcHQ7cGFkZGluZzozLjBwdCAwaW4gMGluIDBpbiI+DQo8cCBjbGFzcz0iTXNv
Tm9ybWFsIj48Yj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVv
dDtUYWhvbWEmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjp3aW5kb3d0ZXh0Ij5G
cm9tOjwvc3Bhbj48L2I+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6
JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6d2luZG93dGV4
dCI+DQo8YSBocmVmPSJtYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnIj5zY2ltLWJvdW5jZXNA
aWV0Zi5vcmc8L2E+IDxhIGhyZWY9Im1haWx0bzpbbWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9y
Z10iPg0KW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddPC9hPiA8Yj5PbiBCZWhhbGYgT2Yg
PC9iPkVsaW90IExlYXI8YnI+DQo8Yj5TZW50OjwvYj4gVHVlc2RheSwgTWFyY2ggMTMsIDIwMTIg
MjoyMyBQTTxicj4NCjxiPlRvOjwvYj4gUGhpbCBIdW50PGJyPg0KPGI+Q2M6PC9iPiA8YSBocmVm
PSJtYWlsdG86c2NpbUBpZXRmLm9yZyI+c2NpbUBpZXRmLm9yZzwvYT47IFBldGVyIFNhaW50LUFu
ZHJlOyBTdGV2ZW4gTS4gQmVsbG92aW48YnI+DQo8Yj5TdWJqZWN0OjwvYj4gUmU6IFtzY2ltXSBQ
cm9wb3NlIHJlc2hhcGUgb2YgY2hhcnRlcjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K
PC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiPkV2ZXJ5b25lOjxicj4NCjxicj4NClBsZWFzZSB2b2ljZSB5b3VyIHN1
cHBvcnQgb3Igb3Bwb3NpdGlvbiB0byB0aGUgcHJvcG9zZWQgY2hhbmdlIGJlbG93IChhbmQgYW55
IG90aGVyIHByb3Bvc2VkIGNoYW5nZSkgdGhhdCBjb21lcyB0aHJvdWdoLiZuYnNwOyBTdGF0aW5n
IFdIWSBoZWxwcyBhZHZhbmNlIHRoZSBkZWJhdGUuPGJyPg0KPGJyPg0KVGhhbmtzLDxicj4NCjxi
cj4NCkVsaW90PGJyPg0KPGJyPg0KT24gMy8xMy8xMiA4OjU2IFBNLCBQaGlsIEh1bnQgd3JvdGU6
IDxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2
Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTom
cXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+RWxpb3QsPC9zcGFu
PjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw
YW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNl
cmlmJnF1b3Q7Ij4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8
cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0
aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPkkgcHJvcG9zZSB0aGUgZm9sbG93aW5n
IGNoYW5nZSB0byB0aGUgV0cgRGVzY3JpcHRpb246PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9k
aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5
OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7Ij4mbmJzcDs8L3Nw
YW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48
c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMt
c2VyaWYmcXVvdDsiPkZyb206PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K
PGJsb2NrcXVvdGUgc3R5bGU9Im1hcmdpbi10b3A6NS4wcHQ7bWFyZ2luLWJvdHRvbTo1LjBwdCI+
DQo8ZGl2Pg0KPHByZT5UaGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0p
IHNwZWNpZmljYXRpb24gaXMgZGVzaWduZWQgdG8gPG86cD48L286cD48L3ByZT4NCjxwcmU+bWFr
ZSBtYW5hZ2luZyB1c2VyIGlkZW50aXR5IGxpZmVjeWNsZSBpbiBjbG91ZCBiYXNlZCBhcHBsaWNh
dGlvbnMgYW5kIDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPnNlcnZpY2VzIGVhc2llci48bzpwPjwv
bzpwPjwvcHJlPg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05v
cm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVv
dDtzYW5zLXNlcmlmJnF1b3Q7Ij5Ubzo8L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwv
ZGl2Pg0KPGRpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJtYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1i
b3R0b206NS4wcHQiPg0KPGRpdj4NCjxwcmU+VGhlIFNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5h
Z2VtZW50IChTQ0lNKSBzcGVjaWZpY2F0aW9uIGlzIGRlc2lnbmVkIHRvIDxvOnA+PC9vOnA+PC9w
cmU+DQo8cHJlPm1ha2UgbWFuYWdpbmcgdXNlciBpZGVudGl0eSBsaWZlY3ljbGUgaW4gb25lIG9y
IG1vcmUgYXBwbGljYXRpb25zIGFuZCA8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5zZXJ2aWNlcyBl
YXNpZXIgYmV0d2VlbiBjbGllbnQgb3JnYW5pemF0aW9ucyBhbmQgY2xvdWQgYmFzZWQgc2Vydmlj
ZSBwcm92aWRlcnMuPG86cD48L286cD48L3ByZT4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPGRp
dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtI
ZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+Jm5ic3A7PC9zcGFuPjxvOnA+
PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48
c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMt
c2VyaWYmcXVvdDsiPlRoZSBjaGFuZ2UgYWJvdmUgaXMgc3VidGxlIGJ1dCBvZiBjcml0aWNhbCBp
bXBvcnRhbmNlIHRvIGNsb3VkIHByb3ZpZGVycyAobWFueSB3aG8gYXJlIG5vdCB5ZXQgYWN0aXZl
IGluIHRoZSBncm91cCkgd2hvIGhvc3QgbWFueSBzZXJ2aWNlcy48L3NwYW4+PG86cD48L286cD48
L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9u
dC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPiZu
YnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O
b3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1
b3Q7c2Fucy1zZXJpZiZxdW90OyI+SXQgaXMgcHJvYmFibHkgaW1wb3J0YW50IHRvIHNpdGUgdGhl
IGxvY2F0aW9uIG9mIHRoZSBTQ0lNIDEuMCBzcGVjaWZpY2F0aW9uIHdoaWNoIGlzIHB1Ymxpc2hl
ZCBleHRlcm5hbGx5IHRvIElFVEYgYXMgd2VsbCBhcyB0aGUgcmUtcHVibGlzaGVkIGRyYWZ0cyB1
bmRlciBJRVRGLjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNz
PSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVv
dDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0K
PC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFt
aWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7Ij5QaGlsPC9z
cGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+
PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2Em
cXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9w
Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQt
c2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fucy1z
ZXJpZiZxdW90OyI+QGluZGVwZW5kZW50aWQ8L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4N
CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0
O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7
Ij48YSBocmVmPSJodHRwOi8vd3d3LmluZGVwZW5kZW50aWQuY29tIj53d3cuaW5kZXBlbmRlbnRp
ZC5jb208L2E+PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0K
PC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWJvdHRvbToxMi4wcHQi
PjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssJnF1b3Q7c2Fu
cy1zZXJpZiZxdW90OyI+PGEgaHJlZj0ibWFpbHRvOnBoaWwuaHVudEBvcmFjbGUuY29tIj5waGls
Lmh1bnRAb3JhY2xlLmNvbTwvYT48L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2Em
cXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90OyI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9w
Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWJvdHRvbToxMi4w
cHQiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4m
bmJzcDs8bzpwPjwvbzpwPjwvcD4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+
T24gMjAxMi0wMy0xMywgYXQgMTI6MzcgUE0sIEVsaW90IExlYXIgd3JvdGU6PG86cD48L286cD48
L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjEy
LjBwdCI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIg
c3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij5IaSBFdmVyeW9uZSw8YnI+DQo8YnI+DQpIYXZp
bmcgcmVhZCBpbnB1dHMgZnJvbSB0aGlzIGxpc3QsIEkgYW0gcHJvcG9zaW5nIHNvbWUgY2hhbmdl
cyB0byB0aGUgY2hhcnRlci4mbmJzcDsgTW9zdCBvZiB0aGlzIGlzIGZvcm0gYW5kIG5vdCBzdWJz
dGFuY2UsJm5ic3A7IGJ1dCB0aGVyZSBhcmUgc29tZSBzdWJzdGFudGlhbCBjaGFuZ2VzLiZuYnNw
OyBUaGUgcHVycG9zZSBvZiB0aGVzZSBjaGFuZ2VzIGlzIHRvIGJyaW5nIHRoZSBjaGFydGVyIGlu
IGxpbmUgd2l0aCBtb3N0IG9mIHRoZSBvdGhlcnMuJm5ic3A7IEFic2VudCB0aGVzZQ0KIHNvcnQg
b2YgY2hhbmdlcywgSSBhbSBub3QgY29uZmlkZW50IHdlIHdvdWxkIGdldCBhIFdHLiZuYnNwOyBF
dmVuIHdpdGggdGhlc2UgY2hhbmdlcywgbW9yZSB3b3JrIGlzIG5lZWRlZC4gYmVjYXVzZSB3aGF0
IGlzIGJlbG93IGlzIG5vdCBjb21wbGV0ZS48YnI+DQo8YnI+DQpXaGF0IGlzIG1pc3Npbmcg4oCT
IDxiPmFuZCBpdCdzIGltcG9ydGFudCDigJMmbmJzcDs8L2I+IGFyZSBhIGZldyBhZGRpdGlvbmFs
IHdvcmRzIGFib3V0IHdoeSB3ZSBuZWVkIFNDSU0uJm5ic3A7IFdoeSBhcmUgd2UgaG9sZGluZyB0
aGUgZGFybiBCb0Y/Jm5ic3A7IFRoaXMgaXMgbm90IHNvbWV0aGluZyB0aGF0IGNhbiB3YWl0LCBJ
TUhPLCBmb3IgYW4gSW5mb3JtYXRpb25hbCBkb2N1bWVudC4mbmJzcDsgUmF0aGVyLCBpZiB0aGVy
ZSBpcyBubyBjbGVhciBzdGF0ZW1lbnQgb2YgdGhlIHByb2JsZW0sDQogSSBkb24ndCBzZWUgaG93
IHRoZSBJRVNHIHdvdWxkIGFwcHJvdmUgYSBXRy4mbmJzcDsgU28gdGhhdCdzIHdoYXQgdGhlIGJp
ZyBYWFhYWFhYIGlzIGJlbG93LiZuYnNwOyBJJ3ZlIHB1dCBzb21lIHdvcmRzIGluLCBidXQgdGhl
eSBhcmUgdGhlcmUgdG8gZGVtb25zdHJhdGUgdGhlIHBvaW50LiZuYnNwOyBQTEVBU0UgcHJvcG9z
ZSB0ZXh0Ljxicj4NCjxicj4NCkluIGFkZGl0aW9uLCBteSByZXdvcmRpbmcgaXMsIGluIHNvbWUg
cGxhY2VzLCBnZW5lcmljLiZuYnNwOyBJIHdvdWxkIHN1Z2dlc3QgdGhhdCBtb3JlIHRpbWUgYmUg
c3BlbnQgb24gd2hhdCB3ZSB3aWxsIOKAkyBhbmQgYXMgaW1wb3J0YW50bHkg4oCTJm5ic3A7IFdP
TidUIGRvLiZuYnNwOyBBIGdvb2QgY2hhcnRlciB3aWxsIHNjb3BlIG91dCBtb3JlLiZuYnNwOyBX
aGF0IGFyZSB0aGUgY3JpdGljYWwgZnVuY3Rpb25zIHRoYXQgbmVlZCB0byBiZSBkb25lDQo8Yj5u
b3c8L2I+PyZuYnNwOyBJZiB3ZSBsZWF2ZSBpdCB3aWRlIG9wZW4sIHRoZW4gd2UgcnVuIHRoZSBy
aXNrIG9mIHBlb3BsZSBzaG92ZWxpbmcgdG9vIG11Y2ggaW4sIG9yIGJsb2NraW5nIG9uIGhvdyB0
byBkZWNpZGUgd2hlcmUgdG8gaG9sZCB0aGUgbGluZSBhbmQgd2FpdCB0aWwgdGhlIG5leHQgcm91
bmQuJm5ic3A7IFNvLCBmb3IgaW5zdGFuY2UsIGhvdyB3aWxsIHdlIGtlZXAgdGhlIHNjaGVtYSBm
cm9tIGJsb2F0aW5nPyZuYnNwOyBSaW5zZSBhbmQgcmVwZWF0IHdpdGgNCiBwcm90b2NvbCBvcGVy
YXRpb25zLjxicj4NCjxicj4NCkluIGFkZGl0aW9uLCBpdCBpcyBteSBhbnRpY2lwYXRpb24gdGhh
dCBzaG9ydGx5IGJlZm9yZSDigJMgb3IgdmVyeSBxdWlja2x5IGFmdGVyIOKAkyBvdXIgQm9GLCBJ
bnRlcm5ldC1EcmFmdHMgd2lsbCBiZSBwb3N0ZWQgb2YgdGhlIGluaXRpYWwgc3BlY2lmaWNhdGlv
bnMuJm5ic3A7IFRodXMgeW91IHNlZSBkcmFmdC1YWFggYmVsb3cuJm5ic3A7IFdoaWxlIHRoZSBj
aGFydGVyIG5lZWQgbm90IOKAkyBhbmQgY2Fubm90IOKAkyBiZSBjb21wbGV0ZWx5IGZpbmlzaGVk
IGJlZm9yZSB0aGUNCiBCb0YsIHdlIHNob3VsZCBoYXZlIGl0IGFzIGNsb3NlIGFzIHBvc3NpYmxl
Ljxicj4NCjxicj4NCjxicj4NClBsZWFzZSBjb21tZW50IG5vdyBvbiB0aGVzZSBjaGFuZ2VzIGFu
ZCBhbnkgYWRkaXRpb25hbCBjaGFuZ2VzIHlvdSB3b3VsZCBsaWtlIHRvIHNlZS48bzpwPjwvbzpw
PjwvcD4NCjxwcmU+U2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pPG86cD48
L286cD48L3ByZT4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWls
eTomcXVvdDtDb3VyaWVyIE5ldyZxdW90OyI+Q2hhaXIocyk6IFRCRDwvc3Bhbj4NCjxvOnA+PC9v
OnA+PC9wPg0KPHByZT5BcHBsaWNhdGlvbnMgQXJlYSBEaXJlY3RvcihzKTo8bzpwPjwvbzpwPjwv
cHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsgJm5ic3A7UGV0ZSBSZXNuaWNrICZsdDs8YSBo
cmVmPSJtYWlsdG86cHJlc25pY2tAcXVhbGNvbW0uY29tIj5wcmVzbmlja0BxdWFsY29tbS5jb208
L2E+Jmd0OyA8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsg
QmFycnkgTGllYmEgJmx0Oz8/PyZndDsgPG86cD48L286cD48L3ByZT4NCjxwcmU+TWFpbGluZyBM
aXN0czo8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgR2Vu
ZXJhbCBEaXNjdXNzaW9uOiA8YSBocmVmPSJtYWlsdG86c2NpbUBpZXRmLm9yZyI+c2NpbUBpZXRm
Lm9yZzwvYT48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsg
VG8gU3Vic2NyaWJlOiA8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3Rp
bmZvL3NjaW0iPmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbTwvYT48
bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgQXJjaGl2ZTom
bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgPGEgaHJlZj0iaHR0cDovL3d3dy5pZXRmLm9y
Zy9tYWlsLWFyY2hpdmUvd2ViL3NjaW0vY3VycmVudC9tYWlsbGlzdC5odG1sIj5odHRwOi8vd3d3
LmlldGYub3JnL21haWwtYXJjaGl2ZS93ZWIvc2NpbS9jdXJyZW50L21haWxsaXN0Lmh0bWw8L2E+
PG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7PG86cD48L286cD48L3ByZT4NCjxwcmU+RGVz
Y3JpcHRpb24gb2YgV29ya2luZyBHcm91cDo8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5UaGUgU2lt
cGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24gaXMgZGVz
aWduZWQgdG8gPG86cD48L286cD48L3ByZT4NCjxwcmU+bWFrZSBtYW5hZ2luZyB1c2VyIGlkZW50
aXR5IGxpZmVjeWNsZSBpbiBjbG91ZCBiYXNlZCBhcHBsaWNhdGlvbnMgYW5kIDxvOnA+PC9vOnA+
PC9wcmU+DQo8cHJlPnNlcnZpY2VzIGVhc2llci48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJz
cDs8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5YWFhYWFhYPG86cD48L286cD48L3ByZT4NCjxwcmU+
Jm5ic3A7PG86cD48L286cD48L3ByZT4NCjxwcmU+U28tY2FsbGVkIENSZWF0ZSBVcGRhdGUgRGVs
ZXRlIChDUlVEKSBwcm92aXNpb25pbmcgb3BlcmF0aW9ucyBhcmUgb2Z0ZW48bzpwPjwvbzpwPjwv
cHJlPg0KPHByZT5uZWNlc3NhcnkgdG8gZWFzZSBhZG9wdGlvbiBvZiBuZXcgc2VydmljZXMuJm5i
c3A7IFRoaXMgd29yayBidWlsZHMgb24gdG9vbHM8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5zdWNo
IGFzIGxkYXAgYW5kIFNBTUwgMi4wLCB3aGljaCBhcmUgdXNlZCB0byBwcm92aWRlIHVwLXRvLWRh
dGUgaW5mb3JtYXRpb24uPG86cD48L286cD48L3ByZT4NCjxwcmU+U0NJTSBmb2N1c2VzIG9uIHRo
ZSBjYXNlIHdoZXJlIGFuIGVudGVycHJpc2UncyBsZGFwIHNlcnZpY2UgbWF5IG5vdCBiZTxvOnA+
PC9vOnA+PC9wcmU+DQo8cHJlPmF2YWlsYWJsZSB0byB0aGUgcHJvdmlkZXIsIGFuZCBTQU1MIGNh
bm5vdCBwcm92aWRlIHN1ZmZpY2llbnQgY29udGV4dCBmb3IgdGhlPG86cD48L286cD48L3ByZT4N
CjxwcmU+c2VydmljZS4mbmJzcDsgQW4gZXhhbXBsZSB3b3VsZCBiZSB0aGUgcHJvdmlzaW9uaW5n
IG9mIGFuIG9mIGFuIEVNYWlsIGFjY291bnQgc288bzpwPjwvbzpwPjwvcHJlPg0KPHByZT50aGF0
IGl0IGNhbiByZWNlaXZlIG1haWwgYmVmb3JlIHRoZSBwZXJzb24gaGFzIGZpcnN0IGxvZ2dlZCBp
bi48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDs8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5Y
WFhYWFhYWDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlRoZSBzcGVjaWZpY2F0aW9uIHN1aXRlIHNl
ZWtzIHRvIGJ1aWxkIHVwb24gZXhwZXJpZW5jZSB3aXRoIGV4aXN0aW5nIDxvOnA+PC9vOnA+PC9w
cmU+DQo8cHJlPnNjaGVtYXMgYW5kIGRlcGxveW1lbnRzLCBwbGFjaW5nIHNwZWNpZmljIGVtcGhh
c2lzIG9uIHNpbXBsaWNpdHkgb2YgPG86cD48L286cD48L3ByZT4NCjxwcmU+ZGV2ZWxvcG1lbnQg
YW5kIGludGVncmF0aW9uLCB3aGlsZSBhcHBseWluZyBleGlzdGluZyBhdXRoZW50aWNhdGlvbiwg
PG86cD48L286cD48L3ByZT4NCjxwcmU+YXV0aG9yaXphdGlvbiwgYW5kIHByaXZhY3kgbW9kZWxz
LiBJdHMgaW50ZW50IGlzIHRvIHJlZHVjZSB0aGUgY29zdCBhbmQgPG86cD48L286cD48L3ByZT4N
CjxwcmU+Y29tcGxleGl0eSBvZiB1c2VyIG1hbmFnZW1lbnQgb3BlcmF0aW9ucyBieSBwcm92aWRp
bmcgYSBjb21tb24gdXNlciA8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5zY2hlbWEgYW5kIGV4dGVu
c2lvbiBtb2RlbCwgYXMgd2VsbCBhcyBiaW5kaW5nIGRvY3VtZW50cyB0byBwcm92aWRlIDxvOnA+
PC9vOnA+PC9wcmU+DQo8cHJlPnBhdHRlcm5zIGZvciBleGNoYW5naW5nIHRoaXMgc2NoZW1hIHVz
aW5nIHN0YW5kYXJkIHByb3RvY29scy4gSW4gPG86cD48L286cD48L3ByZT4NCjxwcmU+YWRkaXRp
b24gdGhlIHdvcmtpbmcgZ3JvdXAgbWF5IGNvbnNpZGVyIGluY2x1ZGluZyBtYW5hZ2luZyBkZXZp
Y2UgPG86cD48L286cD48L3ByZT4NCjxwcmU+aWRlbnRpdGllcyBhcyBwYXJ0IG9mIHRoZSB3b3Jr
IGFkb3B0ZWQgYnkgdGhlIHdvcmtpbmcgZ3JvdXAuPG86cD48L286cD48L3ByZT4NCjxwcmU+VGhl
IGdyb3VwIHdpbGwgdXNlIGFzIHN0YXJ0aW5nIHBvaW50cyB0aGUgZm9sbG93aW5nIGRyYWZ0cyBp
bjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPnRoZSBmb2xsb3dpbmcgd2F5czo8bzpwPjwvbzpwPjwv
cHJlPg0KPHByZT4mbmJzcDs8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDsmbmJzcDsmbmJz
cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgZHJhZnQtWFhYLXNjaW0tc2NoZW1hLTAwIGFzIHRo
ZSBhIHNjaGVtYSBzcGVjaWZpY2F0aW9uLDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPiZuYnNwOyZu
YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBkcmFmdC1YWFgtc2NpbS1wcm90b2Nv
bC1kZWZpbml0aW9uLTAwIGFzIHRoZSBwcm90b2NvbCBzcGVjaWZpY2F0aW9uLDxvOnA+PC9vOnA+
PC9wcmU+DQo8cHJlPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBk
cmFmdC1YWFgtc2NpbS1zYW1sLWJpbmRpbmctMDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1h
IHRvIFNBTUwsIGFuZDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPiZuYnNwOyZuYnNwOyZuYnNwOyZu
YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBkcmFmdC1YWFgtc2NpbS1sZGFwLWJpbmRpbmctMDAgZm9y
IGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1hIHRvIExEQVAuPG86cD48L286cD48L3ByZT4NCjxwcmU+
Jm5ic3A7PG86cD48L286cD48L3ByZT4NCjxwcmU+VGhlc2UgZHJhZnRzIGFyZSBiYXNlZCBvbiBl
eGlzdGluZyBzcGVjaWZpY2F0aW9ucy4gd2hpY2ggdG9nZXRoZXIgYXJlIGNvbW1vbmx5PG86cD48
L286cD48L3ByZT4NCjxwcmU+a25vd24gYXMgU0NJTSAxLjAuJm5ic3A7IEFzIHN1Y2gsIHNvbWUg
Y29uc2lkZXJhdGlvbiBzaG91bGQgYmUgZ2l2ZW4gZm9yIGJhY2t3YXJkPG86cD48L286cD48L3By
ZT4NCjxwcmU+Y29tcGF0aWJpbGl0eSwgYXMgdGhlIGdyb3VwIGV2b2x2ZXMgdGhlIHdvcmsuJm5i
c3A7IFRoaXMgZ3JvdXAgd2lsbCBjb25zaWRlciw8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5mb3Ig
YW5kIGZvcmVtb3N0LCB0aGUgb3BlcmF0aW9uYWwgZXhwZXJpZW5jZSBnYXRoZXJlZCBmcm9tIHRo
ZSBleGlzdGluZyB3b3JrLjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlRoZSBncm91cCB3aWxsIGFs
c28gY29uc2lkZXIgZXhwZXJpZW5jZXMgd2l0aCB3b3JrIGRvbmUgYnkgb3RoZXIgYm9kaWVzLCBp
bmNsdWRpbmc8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT50aGUgT0FTSVMgUHJvdmlzaW9uaW5nIFRD
LjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPiZuYnNwOzxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlRo
ZSBncm91cCB3aWxsIHByb2R1Y2UgUHJvcG9zZWQgU3RhbmRhcmRzIGZvciBhIHNjaGVtYSwgYSBw
cm90b2NvbCw8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5hIFNBTUwgYmluZGluZywgYW5kIGFuIExE
QVAgYmluZGluZy4mbmJzcDsgSW4gZG9pbmcgc28sIHRoZSBncm91cCB3aWxsIG1ha2U8bzpwPjwv
bzpwPjwvcHJlPg0KPHByZT5jb25zaXN0ZW50IHRoZSB0ZXJtaW5vbG9neSwgcmV2aWV3IGFuZCBp
bXByb3ZlIHNlY3VyaXR5IG9mIHRoZSBvdmVyYWxsIHN5c3RlbSw8bzpwPjwvbzpwPjwvcHJlPg0K
PHByZT5pZGVudGlmeSBhbnkgZnVuY3Rpb25hbCBnYXBzIHRoYXQgd291bGQgYmUgdXNlZnVsIGZ1
dHVyZSB3b3JrLCBhZGRyZXNzPG86cD48L286cD48L3ByZT4NCjxwcmU+aW50ZXJuYXRpb25hbGl6
YXRpb24sIGFuZCBwcm92aWRlIGd1aWRlbGluZXMgZm9yIGV4dGVuc2liaWxpdHkgKGVpdGhlciB0
aHJvdWdoPG86cD48L286cD48L3ByZT4NCjxwcmU+SUFOQSByZWdpc3RyaWVzIG9yIG90aGVyIG1l
YW5zKS48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDs8bzpwPjwvbzpwPjwvcHJlPg0KPHBy
ZT5JbiBpdHMgd29yaywgdGhlIGdyb3VwIHdpbGwgZGVjaWRlIHdoYXQgYWRkaXRpb25hbCBjYXBh
YmlsaXRpZXMgc2hvdWxkIGJlPG86cD48L286cD48L3ByZT4NCjxwcmU+aW5jbHVkZWQgaW4gdGhl
IGluaXRpYWwgc3BlY2lmaWNhdGlvbiwgYW5kIHdoYXQgY2FuIGJlIGFkZHJlc3NlZCBhdCBhIGxh
dGVyIHRpbWUuPG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7PG86cD48L286cD48L3ByZT4N
CjxwcmU+SG93ZXZlciwgdXNlciwgZGV2aWNlLCBhbmQgc2VydmljZSBhdXRoZW50aWNhdGlvbiBh
bmQgYXV0aG9yaXphdGlvbjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPihwb2xpY3kvZW50aXRsZW1l
bnQpIGFyZSBvdXQgb2Ygc2NvcGUgZm9yIHRoaXMgd29ya2luZyBncm91cC48bzpwPjwvbzpwPjwv
cHJlPg0KPHByZT4mbmJzcDs8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5NaWxlc3RvbmVzPG86cD48
L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7PG86cD48L286cD48L3ByZT4NCjxwcmU+NS8yMDEyJm5i
c3A7Jm5ic3A7Jm5ic3A7IEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSBjb3JlIHNjaGVtYTxvOnA+
PC9vOnA+PC9wcmU+DQo8cHJlPjUvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBJbml0aWFsIGFkb3B0
aW9uIG9mIFNDSU0gcmVzdGZ1bCBpbnRlcmZhY2UgZHJhZnQ8bzpwPjwvbzpwPjwvcHJlPg0KPHBy
ZT41LzIwMTImbmJzcDsmbmJzcDsmbmJzcDsgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIFNBTUwg
YmluZGluZ3MgZHJhZnQ8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT41LzIwMTImbmJzcDsmbmJzcDsm
bmJzcDsgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIExEQVAgbWFwcGluZyBkcmFmdDxvOnA+PC9v
OnA+PC9wcmU+DQo8cHJlPjkvMjAxMiZuYnNwOyZuYnNwOyZuYnNwOyBXR0xDIFNDSU0gY29yZSBz
Y2hlbWE8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT45LzIwMTImbmJzcDsmbmJzcDsmbmJzcDsgV0dM
QyBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNlPG86cD48L286cD48L3ByZT4NCjxwcmU+OS8yMDEyJm5i
c3A7Jm5ic3A7Jm5ic3A7IFdHTEMgU0NJTSBTQU1MIGJpbmRpbmdzPG86cD48L286cD48L3ByZT4N
CjxwcmU+OS8yMDEyJm5ic3A7Jm5ic3A7Jm5ic3A7IFdHTEMgU0NJTSBMREFQIG1hcHBpbmc8bzpw
PjwvbzpwPjwvcHJlPg0KPHByZT4zLzIwMTMmbmJzcDsmbmJzcDsmbmJzcDsgUmUtY2hhcnRlciBk
aXNjdXNzaW9uPG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7PG86cD48L286cD48L3ByZT4N
CjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+X19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX188YnI+DQpzY2ltIG1haWxpbmcgbGlzdDxicj4NCjxhIGhyZWY9
Im1haWx0bzpzY2ltQGlldGYub3JnIj5zY2ltQGlldGYub3JnPC9hPjxicj4NCjxhIGhyZWY9Imh0
dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbSI+aHR0cHM6Ly93d3cuaWV0
Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltPC9hPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8
cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPHAgY2xh
c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOndpbmRvd3RleHQiPjxvOnA+Jm5ic3A7
PC9vOnA+PC9zcGFuPjwvcD4NCjxkaXYgY2xhc3M9Ik1zb05vcm1hbCIgYWxpZ249ImNlbnRlciIg
c3R5bGU9InRleHQtYWxpZ246Y2VudGVyIj48c3BhbiBzdHlsZT0iY29sb3I6d2luZG93dGV4dCI+
DQo8aHIgc2l6ZT0iMiIgd2lkdGg9IjEwMCUiIGFsaWduPSJjZW50ZXIiPg0KPC9zcGFuPjwvZGl2
Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo3LjVwdDtmb250
LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOmdy
YXkiPjxicj4NClRoaXMgZS1tYWlsIG1lc3NhZ2UsIGluY2x1ZGluZyBhbnkgYXR0YWNobWVudHMs
IGlzIGZvciB0aGUgc29sZSB1c2Ugb2YgdGhlIHBlcnNvbiB0byB3aG9tIGl0IGhhcyBiZWVuIHNl
bnQsIGFuZCBtYXkgY29udGFpbiBpbmZvcm1hdGlvbiB0aGF0IGlzIGNvbmZpZGVudGlhbCBvciBs
ZWdhbGx5IHByb3RlY3RlZC4gSWYgeW91IGFyZSBub3QgdGhlIGludGVuZGVkIHJlY2lwaWVudCBv
ciBoYXZlIHJlY2VpdmVkIHRoaXMgbWVzc2FnZSBpbiBlcnJvciwNCiB5b3UgYXJlIG5vdCBhdXRo
b3JpemVkIHRvIGNvcHksIGRpc3RyaWJ1dGUsIG9yIG90aGVyd2lzZSB1c2UgdGhpcyBtZXNzYWdl
IG9yIGl0cyBhdHRhY2htZW50cy4gUGxlYXNlIG5vdGlmeSB0aGUgc2VuZGVyIGltbWVkaWF0ZWx5
IGJ5IHJldHVybiBlLW1haWwgYW5kIHBlcm1hbmVudGx5IGRlbGV0ZSB0aGlzIG1lc3NhZ2UgYW5k
IGFueSBhdHRhY2htZW50cy4gR2FydG5lciBtYWtlcyBubyB3YXJyYW50eSB0aGF0IHRoaXMgZS1t
YWlsIGlzIGVycm9yDQogb3IgdmlydXMgZnJlZS48L3NwYW4+PHNwYW4gc3R5bGU9ImNvbG9yOndp
bmRvd3RleHQiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1s
Pg0K

--_000_B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9BL2PRD0310MB362_--

From lear@cisco.com  Wed Mar 14 07:01:42 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0294421F84EF for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 07:01:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.558
X-Spam-Level: 
X-Spam-Status: No, score=-110.558 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G72H2tyqOQ84 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 07:01:41 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 8F0E321F87E0 for <scim@ietf.org>; Wed, 14 Mar 2012 07:01:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=5185; q=dns/txt; s=iport; t=1331733700; x=1332943300; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=7gTPnTi1TFcm9xGCY94kacOTgJnaORfwDvPUezL9/PA=; b=GEgdM3FRYAUpwzL33hcMG3iHYASjO2QezaJb/OY8tgrMREz3rnpjBErQ AOD/G5XzMj+N9+1s9bbjjgmyxRIT0Q0AwxQ5wsizX5rC3h9NorR+WIJnM 9Ta0VcyokMa+ecKCax5EAXkeRu5QKvjouA9980GwMZnEzIChHEe8kdg7Z s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgEFAEyjYE+Q/khM/2dsb2JhbAA6CYJFgnWwcYEHggkBAQEEEgEQCksBEAsOCgkWCwICCQMCAQIBPAkGDQEHAQEVCYdonR6NBJIoijEDhTSBFgSVVo5AgWiCZ4FT
X-IronPort-AV: E=Sophos;i="4.73,584,1325462400"; d="scan'208,217";a="68467863"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 14 Mar 2012 14:01:39 +0000
Received: from dhcp-10-61-96-124.cisco.com (dhcp-10-61-96-124.cisco.com [10.61.96.124]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2EE1dks019747; Wed, 14 Mar 2012 14:01:39 GMT
Message-ID: <4F60A4C3.8060703@cisco.com>
Date: Wed, 14 Mar 2012 15:01:39 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Anthony Nadalin <tonynad@microsoft.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com>
In-Reply-To: <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------060006030102010702020803"
Cc: "Diodati, Mark" <Mark.Diodati@gartner.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 14:01:42 -0000

This is a multi-part message in MIME format.
--------------060006030102010702020803
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit



On 3/14/12 2:37 PM, Anthony Nadalin wrote:
>
> That’s my point, the term identity life-cycle is too subjective,
> suggest that this be limited to the actual identity management
> functions that SCIM will cover
>
>  
>

I think this is a really good point.  The more we scope the better off
we'll be.

Eliot

--------------060006030102010702020803
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <br>
    <br>
    On 3/14/12 2:37 PM, Anthony Nadalin wrote:
    <blockquote
cite="mid:B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <meta name="Generator" content="Microsoft Word 14 (filtered
        medium)">
      <!--
[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
      <style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";
	color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";
	color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:Consolas;
	color:black;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";
	color:black;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
	{mso-style-name:msochpdefault;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:10.0pt;
	font-family:"Times New Roman","serif";}
span.htmlpreformattedchar0
	{mso-style-name:htmlpreformattedchar;
	font-family:Consolas;
	color:black;}
span.balloontextchar0
	{mso-style-name:balloontextchar;
	font-family:"Tahoma","sans-serif";
	color:black;}
span.emailstyle23
	{mso-style-name:emailstyle23;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle24
	{mso-style-name:emailstyle24;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle25
	{mso-style-name:emailstyle25;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle28
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif][if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">That’s
            my point, the term identity life-cycle is too subjective,
            suggest that this be limited to the actual identity
            management functions that SCIM will cover<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p> </o:p></span></p>
      </div>
    </blockquote>
    <br>
    I think this is a really good point.  The more we scope the better
    off we'll be.<br>
    <br>
    Eliot<br>
  </body>
</html>

--------------060006030102010702020803--

From lear@cisco.com  Wed Mar 14 07:02:42 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0955C21F87E1 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 07:02:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.559
X-Spam-Level: 
X-Spam-Status: No, score=-110.559 tagged_above=-999 required=5 tests=[AWL=0.039, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TVfyX2TBHs0W for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 07:02:41 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id 70F2A21F8790 for <scim@ietf.org>; Wed, 14 Mar 2012 07:02:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=5185; q=dns/txt; s=iport; t=1331733760; x=1332943360; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=sbcWIAHyZx1cbzc02SqhBDtA8NdlOnwCi18IT77IHMI=; b=dKjk5RdfqF5ms2bD6ofVQpEVxa01m6Dpe9LnkVI+60wjvTI2fKvIsG05 Q2NoKqho+4oIhZRCjxJeAhKc0IKpAsNQVctTRXwh4F+vmf14DWo0vL/Qi FpX20tWimPx8TNnX6GQUtsZQ1Qk6B2sXPdA8XJayTCsWfOuH9iDfxhO5a E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgEFAPmjYE+Q/khL/2dsb2JhbAA6CYJFgnWwcYEHggkBAQEEEgEQCksBEAsOCgkWCwICCQMCAQIBPAkGDQEHAQEVCYdonRWNBJIoijEDhTSBFgSVVo5AgWiCZ4FT
X-IronPort-AV: E=Sophos;i="4.73,583,1325462400";  d="scan'208,217";a="132291993"
Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-1.cisco.com with ESMTP; 14 Mar 2012 14:02:39 +0000
Received: from dhcp-10-61-96-124.cisco.com (dhcp-10-61-96-124.cisco.com [10.61.96.124]) by ams-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2EE1IP5010963; Wed, 14 Mar 2012 14:01:18 GMT
Message-ID: <4F60A497.8050906@cisco.com>
Date: Wed, 14 Mar 2012 15:00:55 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Anthony Nadalin <tonynad@microsoft.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com>
In-Reply-To: <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------020707030508080809040305"
Cc: "Diodati, Mark" <Mark.Diodati@gartner.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 14:02:42 -0000

This is a multi-part message in MIME format.
--------------020707030508080809040305
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit



On 3/14/12 2:37 PM, Anthony Nadalin wrote:
>
> That’s my point, the term identity life-cycle is too subjective,
> suggest that this be limited to the actual identity management
> functions that SCIM will cover
>
>  
>

I think this is a really good point.  The more we scope the better off
we'll be.

Eliot

--------------020707030508080809040305
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <br>
    <br>
    On 3/14/12 2:37 PM, Anthony Nadalin wrote:
    <blockquote
cite="mid:B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <meta name="Generator" content="Microsoft Word 14 (filtered
        medium)">
      <!--
[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
      <style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";
	color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";
	color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:Consolas;
	color:black;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";
	color:black;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
	{mso-style-name:msochpdefault;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:10.0pt;
	font-family:"Times New Roman","serif";}
span.htmlpreformattedchar0
	{mso-style-name:htmlpreformattedchar;
	font-family:Consolas;
	color:black;}
span.balloontextchar0
	{mso-style-name:balloontextchar;
	font-family:"Tahoma","sans-serif";
	color:black;}
span.emailstyle23
	{mso-style-name:emailstyle23;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle24
	{mso-style-name:emailstyle24;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle25
	{mso-style-name:emailstyle25;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle28
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif][if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">That’s
            my point, the term identity life-cycle is too subjective,
            suggest that this be limited to the actual identity
            management functions that SCIM will cover<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p> </o:p></span></p>
      </div>
    </blockquote>
    <br>
    I think this is a really good point.  The more we scope the better
    off we'll be.<br>
    <br>
    Eliot<br>
  </body>
</html>

--------------020707030508080809040305--

From kelly.grizzle@sailpoint.com  Wed Mar 14 08:01:41 2012
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 807C821F87E5 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 08:01:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.099
X-Spam-Level: 
X-Spam-Status: No, score=-5.099 tagged_above=-999 required=5 tests=[AWL=-1.501, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Ix1bAAlCLbI for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 08:01:40 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe006.messaging.microsoft.com [216.32.181.186]) by ietfa.amsl.com (Postfix) with ESMTP id 7CF5821F87E3 for <scim@ietf.org>; Wed, 14 Mar 2012 08:01:40 -0700 (PDT)
Received: from mail85-ch1-R.bigfish.com (10.43.68.234) by CH1EHSOBE002.bigfish.com (10.43.70.52) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 15:01:41 +0000
Received: from mail85-ch1 (localhost [127.0.0.1])	by mail85-ch1-R.bigfish.com (Postfix) with ESMTP id 217B0806C9; Wed, 14 Mar 2012 15:01:41 +0000 (UTC)
X-SpamScore: -25
X-BigFish: PS-25(zzbb2dI9371Ic89bhc857h98dKzz1202hzz1033IL8275bh8275dhz2fh2a8h668h839hd25h)
X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT001.namprd04.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail85-ch1: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT001.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail85-ch1 (localhost.localdomain [127.0.0.1]) by mail85-ch1 (MessageSwitch) id 1331737297435144_26910; Wed, 14 Mar 2012 15:01:37 +0000 (UTC)
Received: from CH1EHSMHS021.bigfish.com (snatpool1.int.messaging.microsoft.com [10.43.68.245])	by mail85-ch1.bigfish.com (Postfix) with ESMTP id 5EDB83C01B9;	Wed, 14 Mar 2012 15:01:37 +0000 (UTC)
Received: from BL2PRD0410HT001.namprd04.prod.outlook.com (157.56.240.85) by CH1EHSMHS021.bigfish.com (10.43.70.21) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 15:01:35 +0000
Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.3.188]) by BL2PRD0410HT001.namprd04.prod.outlook.com ([10.255.99.36]) with mapi id 14.16.0123.000; Wed, 14 Mar 2012 15:01:33 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Eliot Lear <lear@cisco.com>, Anthony Nadalin <tonynad@microsoft.com>
Thread-Topic: [scim] FW:  Propose reshape of charter
Thread-Index: AQHNAecnZok9SioEQ0KucJ82P1umB5Zpy20AgAAGhICAAAxpEA==
Date: Wed, 14 Mar 2012 15:01:32 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com>
In-Reply-To: <4F60A497.8050906@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [173.226.147.242]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34371C637C33BL2PRD0410MB351_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "Diodati, Mark" <Mark.Diodati@gartner.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 15:01:41 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637C33BL2PRD0410MB351_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SSBhZ3JlZS4gIFRoZSB0ZXJtIOKAnGlkZW50aXR5IGxpZmUtY3ljbGXigJ0gaXMgbmljZSBhcyBh
IGhpZ2gtbGV2ZWwgbWFya2V0eSBtaXNzaW9uIHN0YXRlbWVudCwgYnV0IHNob3VsZCBwcm9iYWJs
eSBiZSBtYWRlIG1vcmUgc3BlY2lmaWMgZm9yIGFuIElFVEYgd29ya2luZyBncm91cCBkZXNjcmlw
dGlvbi4gIFVwIHRvIHRoaXMgcG9pbnQsIFNDSU0gaGFzIGJlZW4gZ2VhcmVkIHRvd2FyZHMgQ1JV
RCBvcGVyYXRpb25zIGZvciBpZGVudGl0aWVzIGFuZCBpZGVudGl0eS1yZWxhdGVkIG9iamVjdHMs
IGFuZCBJIGRvbuKAmXQgc2VlIGl0IHZlbnR1cmluZyBtdWNoIG91dHNpZGUgb2YgdGhpcyByZWFs
bS4gIFBlcmhhcHMgc29tZXRoaW5nIGFsb25nIHRoZSBsaW5lcyBvZjoNCg0KDQpUaGUgU2ltcGxl
IENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pIHNwZWNpZmljYXRpb24gaXMgZGVzaWdu
ZWQgdG8NCg0KbWFrZSBjcmVhdGluZywgcmVhZGluZywgdXBkYXRpbmcsIGFuZCBkZWxldGluZyB1
c2VyIGlkZW50aXRpZXMgYW5kIGlkZW50aXR5LQ0KDQpyZWxhdGVkIG9iamVjdHMgZWFzaWVyIGlu
IGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9ucy4NCg0KRWFzaWVyIGlzIGFsc28gYSBiaXQgdmFndWUu
ICBUaGlzIGNvdWxkIGJlIGNoYW5nZWQgdG8gYWRkcmVzcyBob3cgdGhpbmdzIHdpbGwgYmVjb21l
IGVhc2llci4gIEZvciBleGFtcGxlOg0KDQoNClRoZSBTaW1wbGUgQ2xvdWQgSWRlbnRpdHkgTWFu
YWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0bw0KDQptYWtlIG1hbmFn
aW5nIHVzZXIgaWRlbnRpdHkgbGlmZWN5Y2xlIGVhc2llciBpbiBjbG91ZCBiYXNlZCBhcHBsaWNh
dGlvbnMNCg0KYnkgZGVmaW5pbmcgc3RhbmRhcmQgcHJvdG9jb2xzIGFuZCBzY2hlbWFzIGZvciBj
cmVhdGluZywgcmVhZGluZywgdXBkYXRpbmcsDQoNCmFuZCBkZWxldGluZyB1c2VyIGlkZW50aXRp
ZXMgYW5kIGlkZW50aXR5LXJlbGF0ZWQgb2JqZWN0cy4NCg0KLS1LZWxseQ0KDQoNCkZyb206IHNj
aW0tYm91bmNlc0BpZXRmLm9yZyBbbWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9yZ10gT24gQmVo
YWxmIE9mIEVsaW90IExlYXINClNlbnQ6IFdlZG5lc2RheSwgTWFyY2ggMTQsIDIwMTIgOTowMSBB
TQ0KVG86IEFudGhvbnkgTmFkYWxpbg0KQ2M6IERpb2RhdGksIE1hcms7IHNjaW1AaWV0Zi5vcmcN
ClN1YmplY3Q6IFJlOiBbc2NpbV0gRlc6IFByb3Bvc2UgcmVzaGFwZSBvZiBjaGFydGVyDQoNCg0K
DQpPbiAzLzE0LzEyIDI6MzcgUE0sIEFudGhvbnkgTmFkYWxpbiB3cm90ZToNClRoYXTigJlzIG15
IHBvaW50LCB0aGUgdGVybSBpZGVudGl0eSBsaWZlLWN5Y2xlIGlzIHRvbyBzdWJqZWN0aXZlLCBz
dWdnZXN0IHRoYXQgdGhpcyBiZSBsaW1pdGVkIHRvIHRoZSBhY3R1YWwgaWRlbnRpdHkgbWFuYWdl
bWVudCBmdW5jdGlvbnMgdGhhdCBTQ0lNIHdpbGwgY292ZXINCg0KDQpJIHRoaW5rIHRoaXMgaXMg
YSByZWFsbHkgZ29vZCBwb2ludC4gIFRoZSBtb3JlIHdlIHNjb3BlIHRoZSBiZXR0ZXIgb2ZmIHdl
J2xsIGJlLg0KDQpFbGlvdA0K

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637C33BL2PRD0410MB351_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj
cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv
VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg
Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv
ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTIgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl
PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6
IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m
YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy
IDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpUYWhvbWE7DQoJcGFub3NlLTE6MiAxMSA2
IDQgMyA1IDQgNCAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDb25zb2xhczsNCglw
YW5vc2UtMToyIDExIDYgOSAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0K
cC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0K
CW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5
OiJUaW1lcyBOZXcgUm9tYW4iLCJzZXJpZiI7DQoJY29sb3I6YmxhY2s7fQ0KYTpsaW5rLCBzcGFu
Lk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6Ymx1ZTsNCgl0
ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6dmlzaXRlZCwgc3Bhbi5Nc29IeXBlcmxpbmtG
b2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6cHVycGxlOw0KCXRleHQt
ZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcHJlDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCglt
c28tc3R5bGUtbGluazoiSFRNTCBQcmVmb3JtYXR0ZWQgQ2hhciI7DQoJbWFyZ2luOjBpbjsNCglt
YXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseToi
Q291cmllciBOZXciOw0KCWNvbG9yOmJsYWNrO30NCnAuTXNvQWNldGF0ZSwgbGkuTXNvQWNldGF0
ZSwgZGl2Lk1zb0FjZXRhdGUNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCW1zby1zdHlsZS1s
aW5rOiJCYWxsb29uIFRleHQgQ2hhciI7DQoJbWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4w
MDAxcHQ7DQoJZm9udC1zaXplOjguMHB0Ow0KCWZvbnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNl
cmlmIjsNCgljb2xvcjpibGFjazt9DQpwLk1zb0xpc3RQYXJhZ3JhcGgsIGxpLk1zb0xpc3RQYXJh
Z3JhcGgsIGRpdi5Nc29MaXN0UGFyYWdyYXBoDQoJe21zby1zdHlsZS1wcmlvcml0eTozNDsNCglt
YXJnaW4tdG9wOjBpbjsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1hcmdpbi1ib3R0b206MGluOw0K
CW1hcmdpbi1sZWZ0Oi41aW47DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZTox
Mi4wcHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBSb21hbiIsInNlcmlmIjsNCgljb2xvcjpi
bGFjazt9DQpzcGFuLkhUTUxQcmVmb3JtYXR0ZWRDaGFyDQoJe21zby1zdHlsZS1uYW1lOiJIVE1M
IFByZWZvcm1hdHRlZCBDaGFyIjsNCgltc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxl
LWxpbms6IkhUTUwgUHJlZm9ybWF0dGVkIjsNCglmb250LWZhbWlseTpDb25zb2xhczsNCgljb2xv
cjpibGFjazt9DQpzcGFuLkJhbGxvb25UZXh0Q2hhcg0KCXttc28tc3R5bGUtbmFtZToiQmFsbG9v
biBUZXh0IENoYXIiOw0KCW1zby1zdHlsZS1wcmlvcml0eTo5OTsNCgltc28tc3R5bGUtbGluazoi
QmFsbG9vbiBUZXh0IjsNCglmb250LWZhbWlseToiVGFob21hIiwic2Fucy1zZXJpZiI7DQoJY29s
b3I6YmxhY2s7fQ0KcC5tc29jaHBkZWZhdWx0LCBsaS5tc29jaHBkZWZhdWx0LCBkaXYubXNvY2hw
ZGVmYXVsdA0KCXttc28tc3R5bGUtbmFtZTptc29jaHBkZWZhdWx0Ow0KCW1zby1tYXJnaW4tdG9w
LWFsdDphdXRvOw0KCW1hcmdpbi1yaWdodDowaW47DQoJbXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1
dG87DQoJbWFyZ2luLWxlZnQ6MGluOw0KCWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6
IlRpbWVzIE5ldyBSb21hbiIsInNlcmlmIjsNCgljb2xvcjpibGFjazt9DQpzcGFuLmh0bWxwcmVm
b3JtYXR0ZWRjaGFyMA0KCXttc28tc3R5bGUtbmFtZTpodG1scHJlZm9ybWF0dGVkY2hhcjsNCglm
b250LWZhbWlseTpDb25zb2xhczsNCgljb2xvcjpibGFjazt9DQpzcGFuLmJhbGxvb250ZXh0Y2hh
cjANCgl7bXNvLXN0eWxlLW5hbWU6YmFsbG9vbnRleHRjaGFyOw0KCWZvbnQtZmFtaWx5OiJUYWhv
bWEiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjpibGFjazt9DQpzcGFuLmVtYWlsc3R5bGUyMw0KCXtt
c28tc3R5bGUtbmFtZTplbWFpbHN0eWxlMjM7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5z
LXNlcmlmIjsNCgljb2xvcjojMUY0OTdEO30NCnNwYW4uZW1haWxzdHlsZTI0DQoJe21zby1zdHls
ZS1uYW1lOmVtYWlsc3R5bGUyNDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYi
Ow0KCWNvbG9yOiMxRjQ5N0Q7fQ0Kc3Bhbi5lbWFpbHN0eWxlMjUNCgl7bXNvLXN0eWxlLW5hbWU6
ZW1haWxzdHlsZTI1Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7DQoJY29s
b3I6IzFGNDk3RDt9DQpzcGFuLkVtYWlsU3R5bGUyOA0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25h
bDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOiMxRjQ5N0Q7
fQ0Kc3Bhbi5FbWFpbFN0eWxlMjkNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJ
Zm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjojMUY0OTdEO30NCi5N
c29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZvbnQtc2l6ZTox
MC4wcHQ7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJe3NpemU6OC41aW4gMTEuMGluOw0KCW1hcmdp
bjoxLjBpbiAxLjBpbiAxLjBpbiAxLjBpbjt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29y
ZFNlY3Rpb24xO30NCi0tPjwvc3R5bGU+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFw
ZWRlZmF1bHRzIHY6ZXh0PSJlZGl0IiBzcGlkbWF4PSIxMDI2IiAvPg0KPC94bWw+PCFbZW5kaWZd
LS0+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWxheW91dCB2OmV4dD0iZWRpdCI+
DQo8bzppZG1hcCB2OmV4dD0iZWRpdCIgZGF0YT0iMSIgLz4NCjwvbzpzaGFwZWxheW91dD48L3ht
bD48IVtlbmRpZl0tLT4NCjwvaGVhZD4NCjxib2R5IGJnY29sb3I9IndoaXRlIiBsYW5nPSJFTi1V
UyIgbGluaz0iYmx1ZSIgdmxpbms9InB1cnBsZSI+DQo8ZGl2IGNsYXNzPSJXb3JkU2VjdGlvbjEi
Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9u
dC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9y
OiMxRjQ5N0QiPkkgYWdyZWUuJm5ic3A7IFRoZSB0ZXJtIOKAnGlkZW50aXR5IGxpZmUtY3ljbGXi
gJ0gaXMgbmljZSBhcyBhIGhpZ2gtbGV2ZWwgbWFya2V0eSBtaXNzaW9uIHN0YXRlbWVudCwgYnV0
IHNob3VsZCBwcm9iYWJseSBiZSBtYWRlIG1vcmUgc3BlY2lmaWMgZm9yIGFuIElFVEYgd29ya2lu
ZyBncm91cA0KIGRlc2NyaXB0aW9uLiZuYnNwOyBVcCB0byB0aGlzIHBvaW50LCBTQ0lNIGhhcyBi
ZWVuIGdlYXJlZCB0b3dhcmRzIENSVUQgb3BlcmF0aW9ucyBmb3IgaWRlbnRpdGllcyBhbmQgaWRl
bnRpdHktcmVsYXRlZCBvYmplY3RzLCBhbmQgSSBkb27igJl0IHNlZSBpdCB2ZW50dXJpbmcgbXVj
aCBvdXRzaWRlIG9mIHRoaXMgcmVhbG0uJm5ic3A7IFBlcmhhcHMgc29tZXRoaW5nIGFsb25nIHRo
ZSBsaW5lcyBvZjo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48
c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1
b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+PG86cD4mbmJzcDs8L286
cD48L3NwYW4+PC9wPg0KPHByZT5UaGUgU2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQg
KFNDSU0pIHNwZWNpZmljYXRpb24gaXMgZGVzaWduZWQgdG8gPG86cD48L286cD48L3ByZT4NCjxw
cmU+bWFrZSBjcmVhdGluZywgcmVhZGluZywgdXBkYXRpbmcsIGFuZCBkZWxldGluZyB1c2VyIGlk
ZW50aXRpZXMgYW5kIGlkZW50aXR5LTxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPnJlbGF0ZWQgb2Jq
ZWN0cyBlYXNpZXIgaW4gY2xvdWQgYmFzZWQgYXBwbGljYXRpb25zLjxvOnA+PC9vOnA+PC9wcmU+
DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250
LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6
IzFGNDk3RCI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h
bCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJy
aSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPkVhc2llciBpcyBh
bHNvIGEgYml0IHZhZ3VlLiZuYnNwOyBUaGlzIGNvdWxkIGJlIGNoYW5nZWQgdG8gYWRkcmVzcyBo
b3cgdGhpbmdzIHdpbGwgYmVjb21lIGVhc2llci4mbmJzcDsgRm9yIGV4YW1wbGU6PG86cD48L286
cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6
ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlm
JnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwcmU+
VGhlIFNpbXBsZSBDbG91ZCBJZGVudGl0eSBNYW5hZ2VtZW50IChTQ0lNKSBzcGVjaWZpY2F0aW9u
IGlzIGRlc2lnbmVkIHRvIDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPm1ha2UgbWFuYWdpbmcgdXNl
ciBpZGVudGl0eSBsaWZlY3ljbGUgZWFzaWVyIGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9uczxv
OnA+PC9vOnA+PC9wcmU+DQo8cHJlPmJ5IGRlZmluaW5nIHN0YW5kYXJkIHByb3RvY29scyBhbmQg
c2NoZW1hcyBmb3IgY3JlYXRpbmcsIHJlYWRpbmcsIHVwZGF0aW5nLDxvOnA+PC9vOnA+PC9wcmU+
DQo8cHJlPmFuZCBkZWxldGluZyB1c2VyIGlkZW50aXRpZXMgYW5kIGlkZW50aXR5LXJlbGF0ZWQg
b2JqZWN0cy48bzpwPjwvbzpwPjwvcHJlPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5
bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVv
dDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFu
PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0
O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztj
b2xvcjojMUY0OTdEIj4tLUtlbGx5PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1z
b05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7
Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+
Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxl
PSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7
c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48
L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjQjVD
NERGIDEuMHB0O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4iPg0KPHAgY2xhc3M9Ik1zb05vcm1h
bCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VGFo
b21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6d2luZG93dGV4dCI+RnJvbTo8
L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90
O1RhaG9tYSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOndpbmRvd3RleHQiPiBz
Y2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddDQo8Yj5P
biBCZWhhbGYgT2YgPC9iPkVsaW90IExlYXI8YnI+DQo8Yj5TZW50OjwvYj4gV2VkbmVzZGF5LCBN
YXJjaCAxNCwgMjAxMiA5OjAxIEFNPGJyPg0KPGI+VG86PC9iPiBBbnRob255IE5hZGFsaW48YnI+
DQo8Yj5DYzo8L2I+IERpb2RhdGksIE1hcms7IHNjaW1AaWV0Zi5vcmc8YnI+DQo8Yj5TdWJqZWN0
OjwvYj4gUmU6IFtzY2ltXSBGVzogUHJvcG9zZSByZXNoYXBlIG9mIGNoYXJ0ZXI8bzpwPjwvbzpw
Pjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4m
bmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YnI+DQo8YnI+DQpPbiAzLzE0
LzEyIDI6MzcgUE0sIEFudGhvbnkgTmFkYWxpbiB3cm90ZTogPG86cD48L286cD48L3A+DQo8cCBj
bGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWls
eTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3
RCI+VGhhdOKAmXMgbXkgcG9pbnQsIHRoZSB0ZXJtIGlkZW50aXR5IGxpZmUtY3ljbGUgaXMgdG9v
IHN1YmplY3RpdmUsIHN1Z2dlc3QgdGhhdCB0aGlzIGJlIGxpbWl0ZWQgdG8gdGhlIGFjdHVhbCBp
ZGVudGl0eSBtYW5hZ2VtZW50IGZ1bmN0aW9ucyB0aGF0IFNDSU0gd2lsbCBjb3Zlcjwvc3Bhbj48
bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNp
emU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJp
ZiZxdW90Oztjb2xvcjojMUY0OTdEIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBj
bGFzcz0iTXNvTm9ybWFsIj48YnI+DQpJIHRoaW5rIHRoaXMgaXMgYSByZWFsbHkgZ29vZCBwb2lu
dC4mbmJzcDsgVGhlIG1vcmUgd2Ugc2NvcGUgdGhlIGJldHRlciBvZmYgd2UnbGwgYmUuPGJyPg0K
PGJyPg0KRWxpb3Q8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637C33BL2PRD0410MB351_--

From tony@yaanatech.com  Wed Mar 14 08:12:07 2012
Return-Path: <tony@yaanatech.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84D6E21F880F for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 08:12:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.289
X-Spam-Level: 
X-Spam-Status: No, score=-2.289 tagged_above=-999 required=5 tests=[AWL=0.309,  BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8QovZCtKJpCa for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 08:12:06 -0700 (PDT)
Received: from extmail1.prd.yaanatech.com (extmail1.prd.yaanatech.com [205.140.198.37]) by ietfa.amsl.com (Postfix) with ESMTP id 6F7C721F8811 for <scim@ietf.org>; Wed, 14 Mar 2012 08:12:06 -0700 (PDT)
Received: from [192.168.0.4] (pool-173-72-136-146.clppva.fios.verizon.net [173.72.136.146]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by extmail1.prd.yaanatech.com (Postfix) with ESMTP id D995258076; Wed, 14 Mar 2012 15:12:04 +0000 (UTC)
Message-ID: <4F60B543.2010408@yaanatech.com>
Date: Wed, 14 Mar 2012 11:12:03 -0400
From: Tony Rutkowski <tony@yaanatech.com>
Organization: Yaana Technologies
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20120308 Thunderbird/11.0
MIME-Version: 1.0
To: kelly.grizzle@sailpoint.com
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com>
Content-Type: multipart/alternative; boundary="------------010305070002060600050207"
Cc: tonynad@microsoft.com, scim@ietf.org, lear@cisco.com, Mark.Diodati@gartner.com
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: tony@yaanatech.com
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 15:12:07 -0000

This is a multi-part message in MIME format.
--------------010305070002060600050207
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Might this include the use of CybOX to structure
and exchange identity related object observables?

--tony

On 3/14/2012 11:01 AM, Kelly Grizzle wrote:
>
> I agree.  The term "identity life-cycle" is nice as a high-level 
> markety mission statement, but should probably be made more specific 
> for an IETF working group description.  Up to this point, SCIM has 
> been geared towards CRUD operations for identities and 
> identity-related objects, and I don't see it venturing much outside of 
> this realm.  Perhaps something along the lines of:
>
> The Simple Cloud Identity Management (SCIM) specification is designed to
> make creating, reading, updating, and deleting user identities and identity-
> related objects easier in cloud based applications.
>


--------------010305070002060600050207
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <tt>Might this include the use of CybOX to structure <br>
      and exchange identity related object observables?<br>
      <br>
      --tony</tt><br>
    <br>
    On 3/14/2012 11:01 AM, Kelly Grizzle wrote:
    <blockquote
cite="mid:56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <meta name="Generator" content="Microsoft Word 12 (filtered
        medium)">
      <style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";
	color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";
	color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:Consolas;
	color:black;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";
	color:black;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
	{mso-style-name:msochpdefault;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:10.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.htmlpreformattedchar0
	{mso-style-name:htmlpreformattedchar;
	font-family:Consolas;
	color:black;}
span.balloontextchar0
	{mso-style-name:balloontextchar;
	font-family:"Tahoma","sans-serif";
	color:black;}
span.emailstyle23
	{mso-style-name:emailstyle23;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle24
	{mso-style-name:emailstyle24;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle25
	{mso-style-name:emailstyle25;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle28
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle29
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">I
            agree.&nbsp; The term &#8220;identity life-cycle&#8221; is nice as a
            high-level markety mission statement, but should probably be
            made more specific for an IETF working group description.&nbsp;
            Up to this point, SCIM has been geared towards CRUD
            operations for identities and identity-related objects, and
            I don&#8217;t see it venturing much outside of this realm.&nbsp;
            Perhaps something along the lines of:<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <pre>The Simple Cloud Identity Management (SCIM) specification is designed to <o:p></o:p></pre>
        <pre>make creating, reading, updating, and deleting user identities and identity-<o:p></o:p></pre>
        <pre>related objects easier in cloud based applications.<o:p></o:p></pre>
        <br>
      </div>
    </blockquote>
    <br>
  </body>
</html>

--------------010305070002060600050207--

From kelly.grizzle@sailpoint.com  Wed Mar 14 10:04:54 2012
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FF0A21F8733 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 10:04:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.348
X-Spam-Level: 
X-Spam-Status: No, score=-4.348 tagged_above=-999 required=5 tests=[AWL=-0.750, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JlbVV0EfL7CK for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 10:04:52 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe002.messaging.microsoft.com [216.32.181.182]) by ietfa.amsl.com (Postfix) with ESMTP id 974F521F85D3 for <scim@ietf.org>; Wed, 14 Mar 2012 10:04:52 -0700 (PDT)
Received: from mail220-ch1-R.bigfish.com (10.43.68.240) by CH1EHSOBE009.bigfish.com (10.43.70.59) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 17:04:53 +0000
Received: from mail220-ch1 (localhost [127.0.0.1])	by mail220-ch1-R.bigfish.com (Postfix) with ESMTP id 6F99C4C0193; Wed, 14 Mar 2012 17:04:53 +0000 (UTC)
X-SpamScore: -25
X-BigFish: PS-25(zzbb2dI9371Ic85fh98dKzz1202hzz1033IL8275bh8275dhz2fh2a8h668h839hd25h)
X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT005.namprd04.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail220-ch1: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT005.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail220-ch1 (localhost.localdomain [127.0.0.1]) by mail220-ch1 (MessageSwitch) id 1331744678865020_32098; Wed, 14 Mar 2012 17:04:38 +0000 (UTC)
Received: from CH1EHSMHS029.bigfish.com (snatpool2.int.messaging.microsoft.com [10.43.68.234])	by mail220-ch1.bigfish.com (Postfix) with ESMTP id 6D8183A0067;	Wed, 14 Mar 2012 17:04:30 +0000 (UTC)
Received: from BL2PRD0410HT005.namprd04.prod.outlook.com (157.56.240.85) by CH1EHSMHS029.bigfish.com (10.43.70.29) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 17:04:29 +0000
Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.3.188]) by BL2PRD0410HT005.namprd04.prod.outlook.com ([10.255.99.40]) with mapi id 14.16.0123.000; Wed, 14 Mar 2012 17:04:27 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: "tony@yaanatech.com" <tony@yaanatech.com>
Thread-Topic: [scim] FW:  Propose reshape of charter
Thread-Index: AQHNAecnZok9SioEQ0KucJ82P1umB5Zpy20AgAAGhICAAAxpEIAAB3aAgAAdVcA=
Date: Wed, 14 Mar 2012 17:04:26 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C637D54@BL2PRD0410MB351.namprd04.prod.outlook.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com> <4F60B543.2010408@yaanatech.com>
In-Reply-To: <4F60B543.2010408@yaanatech.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [173.226.147.242]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34371C637D54BL2PRD0410MB351_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "tonynad@microsoft.com" <tonynad@microsoft.com>, "scim@ietf.org" <scim@ietf.org>, "lear@cisco.com" <lear@cisco.com>, "Mark.Diodati@gartner.com" <Mark.Diodati@gartner.com>
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 17:04:54 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637D54BL2PRD0410MB351_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

CybOX is new to me, so I can't say for sure.  There has been discussion abo=
ut utilizing other languages for the payload of some attributes on users (e=
g - XACML in the entitlements attribute).  This is not part of the spec, th=
ough, and is left as a decision to the client and server implementers.  May=
be CybOX could similarly fit into a user or object extension?  I wouldn't f=
oresee this becoming part of the core spec, though.

--Kelly

From: Tony Rutkowski [mailto:tony@yaanatech.com]
Sent: Wednesday, March 14, 2012 10:12 AM
To: Kelly Grizzle
Cc: lear@cisco.com; tonynad@microsoft.com; Mark.Diodati@gartner.com; scim@i=
etf.org
Subject: Re: [scim] FW: Propose reshape of charter

Might this include the use of CybOX to structure
and exchange identity related object observables?

--tony

On 3/14/2012 11:01 AM, Kelly Grizzle wrote:
I agree.  The term "identity life-cycle" is nice as a high-level markety mi=
ssion statement, but should probably be made more specific for an IETF work=
ing group description.  Up to this point, SCIM has been geared towards CRUD=
 operations for identities and identity-related objects, and I don't see it=
 venturing much outside of this realm.  Perhaps something along the lines o=
f:


The Simple Cloud Identity Management (SCIM) specification is designed to

make creating, reading, updating, and deleting user identities and identity=
-

related objects easier in cloud based applications.



--_000_56C3C758F9D6534CA3778EAA1E0C34371C637D54BL2PRD0410MB351_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 12 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";
	color:black;}
tt
	{mso-style-priority:99;
	font-family:"Courier New";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";
	color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:Consolas;
	color:black;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";
	color:black;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
	{mso-style-name:msochpdefault;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:10.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.htmlpreformattedchar0
	{mso-style-name:htmlpreformattedchar;
	font-family:Consolas;
	color:black;}
span.balloontextchar0
	{mso-style-name:balloontextchar;
	font-family:"Tahoma","sans-serif";
	color:black;}
span.emailstyle23
	{mso-style-name:emailstyle23;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle24
	{mso-style-name:emailstyle24;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle25
	{mso-style-name:emailstyle25;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle29
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle30
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle31
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=3D"white" lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">CybOX is new to me, so I =
can&#8217;t say for sure.&nbsp; There has been discussion about utilizing o=
ther languages for the payload of some attributes on users (eg &#8211; XACM=
L
 in the entitlements attribute).&nbsp; This is not part of the spec, though=
, and is left as a decision to the client and server implementers.&nbsp; Ma=
ybe CybOX could similarly fit into a user or object extension?&nbsp; I woul=
dn&#8217;t foresee this becoming part of the core spec,
 though.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly<o:p></o:p></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;;color:windowtext">From:</span></b><spa=
n style=3D"font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif=
&quot;;color:windowtext"> Tony Rutkowski [mailto:tony@yaanatech.com]
<br>
<b>Sent:</b> Wednesday, March 14, 2012 10:12 AM<br>
<b>To:</b> Kelly Grizzle<br>
<b>Cc:</b> lear@cisco.com; tonynad@microsoft.com; Mark.Diodati@gartner.com;=
 scim@ietf.org<br>
<b>Subject:</b> Re: [scim] FW: Propose reshape of charter<o:p></o:p></span>=
</p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><tt><span style=3D"font-size:10.0pt">Might this incl=
ude the use of CybOX to structure
</span></tt><span style=3D"font-size:10.0pt;font-family:&quot;Courier New&q=
uot;"><br>
<tt>and exchange identity related object observables?</tt><br>
<br>
<tt>--tony</tt></span><br>
<br>
On 3/14/2012 11:01 AM, Kelly Grizzle wrote: <o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I agree.&nbsp; The term &=
#8220;identity life-cycle&#8221; is nice as a high-level markety mission st=
atement, but should probably be made more specific for an IETF working grou=
p
 description.&nbsp; Up to this point, SCIM has been geared towards CRUD ope=
rations for identities and identity-related objects, and I don&#8217;t see =
it venturing much outside of this realm.&nbsp; Perhaps something along the =
lines of:</span><o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<pre>The Simple Cloud Identity Management (SCIM) specification is designed =
to <o:p></o:p></pre>
<pre>make creating, reading, updating, and deleting user identities and ide=
ntity-<o:p></o:p></pre>
<pre>related objects easier in cloud based applications.<o:p></o:p></pre>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637D54BL2PRD0410MB351_--

From prateek.mishra@oracle.com  Wed Mar 14 10:42:21 2012
Return-Path: <prateek.mishra@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7CD721F86A7 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 10:42:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level: 
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nLSO0Bl06loq for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 10:42:18 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id A64C621F8778 for <scim@ietf.org>; Wed, 14 Mar 2012 10:42:18 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2EHgF9g002549 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <scim@ietf.org>; Wed, 14 Mar 2012 17:42:15 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2EHgE2t008578 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <scim@ietf.org>; Wed, 14 Mar 2012 17:42:14 GMT
Received: from abhmt112.oracle.com (abhmt112.oracle.com [141.146.116.64]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2EHgDiE026081 for <scim@ietf.org>; Wed, 14 Mar 2012 12:42:14 -0500
Received: from [192.168.2.3] (/66.31.108.94) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 14 Mar 2012 10:42:13 -0700
Message-ID: <4F60D874.3030804@oracle.com>
Date: Wed, 14 Mar 2012 13:42:12 -0400
From: prateek mishra <prateek.mishra@oracle.com>
Organization: Oracle Corporation
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: scim@ietf.org
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com>
Content-Type: multipart/alternative; boundary="------------000105090706020100060207"
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
X-CT-RefId: str=0001.0A090202.4F60D878.003E,ss=1,re=-2.300,fgs=0
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 17:42:21 -0000

This is a multi-part message in MIME format.
--------------000105090706020100060207
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

So any form of query or search is excluded from the scope of this work?
>
> I agree.  The term "identity life-cycle" is nice as a high-level 
> markety mission statement, but should probably be made more specific 
> for an IETF working group description.  Up to this point, SCIM has 
> been geared towards CRUD operations for identities and 
> identity-related objects, and I don't see it venturing much outside of 
> this realm.  Perhaps something along the lines of:
>
> The Simple Cloud Identity Management (SCIM) specification is designed to
> make creating, reading, updating, and deleting user identities and identity-
> related objects easier in cloud based applications.
>
> Easier is also a bit vague.  This could be changed to address how 
> things will become easier.  For example:
>
> The Simple Cloud Identity Management (SCIM) specification is designed to
> make managing user identity lifecycle easier in cloud based applications
> by defining standard protocols and schemas for creating, reading, updating,
> and deleting user identities and identity-related objects.
>
> --Kelly
>
> *From:*scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] *On Behalf 
> Of *Eliot Lear
> *Sent:* Wednesday, March 14, 2012 9:01 AM
> *To:* Anthony Nadalin
> *Cc:* Diodati, Mark; scim@ietf.org
> *Subject:* Re: [scim] FW: Propose reshape of charter
>
>
>
> On 3/14/12 2:37 PM, Anthony Nadalin wrote:
>
> That's my point, the term identity life-cycle is too subjective, 
> suggest that this be limited to the actual identity management 
> functions that SCIM will cover
>
>
> I think this is a really good point.  The more we scope the better off 
> we'll be.
>
> Eliot
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

--------------000105090706020100060207
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    So any form of query or search is excluded from the scope of this
    work?<br>
    <blockquote
cite="mid:56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <meta name="Generator" content="Microsoft Word 12 (filtered
        medium)">
      <style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";
	color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";
	color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:Consolas;
	color:black;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";
	color:black;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
	{mso-style-name:msochpdefault;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:10.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.htmlpreformattedchar0
	{mso-style-name:htmlpreformattedchar;
	font-family:Consolas;
	color:black;}
span.balloontextchar0
	{mso-style-name:balloontextchar;
	font-family:"Tahoma","sans-serif";
	color:black;}
span.emailstyle23
	{mso-style-name:emailstyle23;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle24
	{mso-style-name:emailstyle24;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle25
	{mso-style-name:emailstyle25;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle28
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle29
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">I
            agree.&nbsp; The term &#8220;identity life-cycle&#8221; is nice as a
            high-level markety mission statement, but should probably be
            made more specific for an IETF working group description.&nbsp;
            Up to this point, SCIM has been geared towards CRUD
            operations for identities and identity-related objects, and
            I don&#8217;t see it venturing much outside of this realm.&nbsp;
            Perhaps something along the lines of:<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <pre>The Simple Cloud Identity Management (SCIM) specification is designed to <o:p></o:p></pre>
        <pre>make creating, reading, updating, and deleting user identities and identity-<o:p></o:p></pre>
        <pre>related objects easier in cloud based applications.<o:p></o:p></pre>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">Easier
            is also a bit vague.&nbsp; This could be changed to address how
            things will become easier.&nbsp; For example:<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <pre>The Simple Cloud Identity Management (SCIM) specification is designed to <o:p></o:p></pre>
        <pre>make managing user identity lifecycle easier in cloud based applications<o:p></o:p></pre>
        <pre>by defining standard protocols and schemas for creating, reading, updating,<o:p></o:p></pre>
        <pre>and deleting user identities and identity-related objects.<o:p></o:p></pre>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <div>
          <div style="border:none;border-top:solid #B5C4DF
            1.0pt;padding:3.0pt 0in 0in 0in">
            <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;;color:windowtext">From:</span></b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;;color:windowtext">
                <a class="moz-txt-link-abbreviated" href="mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> [<a class="moz-txt-link-freetext" href="mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]
                <b>On Behalf Of </b>Eliot Lear<br>
                <b>Sent:</b> Wednesday, March 14, 2012 9:01 AM<br>
                <b>To:</b> Anthony Nadalin<br>
                <b>Cc:</b> Diodati, Mark; <a class="moz-txt-link-abbreviated" href="mailto:scim@ietf.org">scim@ietf.org</a><br>
                <b>Subject:</b> Re: [scim] FW: Propose reshape of
                charter<o:p></o:p></span></p>
          </div>
        </div>
        <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        <p class="MsoNormal"><br>
          <br>
          On 3/14/12 2:37 PM, Anthony Nadalin wrote: <o:p></o:p></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">That&#8217;s
            my point, the term identity life-cycle is too subjective,
            suggest that this be limited to the actual identity
            management functions that SCIM will cover</span><o:p></o:p></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p></p>
        <p class="MsoNormal"><br>
          I think this is a really good point.&nbsp; The more we scope the
          better off we'll be.<br>
          <br>
          Eliot<o:p></o:p></p>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
scim mailing list
<a class="moz-txt-link-abbreviated" href="mailto:scim@ietf.org">scim@ietf.org</a>
<a class="moz-txt-link-freetext" href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a>
</pre>
    </blockquote>
  </body>
</html>

--------------000105090706020100060207--

From kelly.grizzle@sailpoint.com  Wed Mar 14 10:44:39 2012
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 855E621F8760 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 10:44:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.098
X-Spam-Level: 
X-Spam-Status: No, score=-4.098 tagged_above=-999 required=5 tests=[AWL=-0.500, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CkOXteF8-RAy for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 10:44:37 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe004.messaging.microsoft.com [213.199.154.207]) by ietfa.amsl.com (Postfix) with ESMTP id 26A3C21F8740 for <scim@ietf.org>; Wed, 14 Mar 2012 10:44:37 -0700 (PDT)
Received: from mail57-am1-R.bigfish.com (10.3.201.229) by AM1EHSOBE006.bigfish.com (10.3.204.26) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 17:44:34 +0000
Received: from mail57-am1 (localhost [127.0.0.1])	by mail57-am1-R.bigfish.com (Postfix) with ESMTP id C750E2605B2; Wed, 14 Mar 2012 17:44:34 +0000 (UTC)
X-SpamScore: -25
X-BigFish: PS-25(zzbb2dI9371Ic85fh98dKzz1202hzz1033IL8275bh8275dhz2fh2a8h668h839hd25h)
X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT004.namprd04.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail57-am1: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT004.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail57-am1 (localhost.localdomain [127.0.0.1]) by mail57-am1 (MessageSwitch) id 1331747071758762_29226; Wed, 14 Mar 2012 17:44:31 +0000 (UTC)
Received: from AM1EHSMHS006.bigfish.com (unknown [10.3.201.249])	by mail57-am1.bigfish.com (Postfix) with ESMTP id B687F2E0043; Wed, 14 Mar 2012 17:44:31 +0000 (UTC)
Received: from BL2PRD0410HT004.namprd04.prod.outlook.com (157.56.240.85) by AM1EHSMHS006.bigfish.com (10.3.207.106) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 17:44:28 +0000
Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.3.188]) by BL2PRD0410HT004.namprd04.prod.outlook.com ([10.255.99.39]) with mapi id 14.16.0123.000; Wed, 14 Mar 2012 17:44:24 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: prateek mishra <prateek.mishra@oracle.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] FW:  Propose reshape of charter
Thread-Index: AQHNAecnZok9SioEQ0KucJ82P1umB5Zpy20AgAAGhICAAAxpEIAAMWoAgAAAV3A=
Date: Wed, 14 Mar 2012 17:44:23 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C637E1C@BL2PRD0410MB351.namprd04.prod.outlook.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com> <4F60D874.3030804@oracle.com>
In-Reply-To: <4F60D874.3030804@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [173.226.147.242]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34371C637E1CBL2PRD0410MB351_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 17:44:39 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637E1CBL2PRD0410MB351_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

No - listing with optional filtering and sorting is supported.  In my mind =
this fits under the "read" of CRUD, but it may make sense to be more explic=
it about it.

--Kelly

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of pra=
teek mishra
Sent: Wednesday, March 14, 2012 12:42 PM
To: scim@ietf.org
Subject: Re: [scim] FW: Propose reshape of charter

So any form of query or search is excluded from the scope of this work?

I agree.  The term "identity life-cycle" is nice as a high-level markety mi=
ssion statement, but should probably be made more specific for an IETF work=
ing group description.  Up to this point, SCIM has been geared towards CRUD=
 operations for identities and identity-related objects, and I don't see it=
 venturing much outside of this realm.  Perhaps something along the lines o=
f:


The Simple Cloud Identity Management (SCIM) specification is designed to

make creating, reading, updating, and deleting user identities and identity=
-

related objects easier in cloud based applications.

Easier is also a bit vague.  This could be changed to address how things wi=
ll become easier.  For example:


The Simple Cloud Identity Management (SCIM) specification is designed to

make managing user identity lifecycle easier in cloud based applications

by defining standard protocols and schemas for creating, reading, updating,

and deleting user identities and identity-related objects.

--Kelly


From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf Of Eliot Lear
Sent: Wednesday, March 14, 2012 9:01 AM
To: Anthony Nadalin
Cc: Diodati, Mark; scim@ietf.org<mailto:scim@ietf.org>
Subject: Re: [scim] FW: Propose reshape of charter



On 3/14/12 2:37 PM, Anthony Nadalin wrote:
That's my point, the term identity life-cycle is too subjective, suggest th=
at this be limited to the actual identity management functions that SCIM wi=
ll cover


I think this is a really good point.  The more we scope the better off we'l=
l be.

Eliot




_______________________________________________

scim mailing list

scim@ietf.org<mailto:scim@ietf.org>

https://www.ietf.org/mailman/listinfo/scim

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637E1CBL2PRD0410MB351_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 12 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";
	color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";
	color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:Consolas;
	color:black;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";
	color:black;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
	{mso-style-name:msochpdefault;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:10.0pt;
	font-family:"Times New Roman","serif";
	color:black;}
span.htmlpreformattedchar0
	{mso-style-name:htmlpreformattedchar;
	font-family:Consolas;
	color:black;}
span.balloontextchar0
	{mso-style-name:balloontextchar;
	font-family:"Tahoma","sans-serif";
	color:black;}
span.emailstyle23
	{mso-style-name:emailstyle23;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle24
	{mso-style-name:emailstyle24;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.emailstyle25
	{mso-style-name:emailstyle25;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle28
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle29
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle30
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=3D"white" lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">No &#8211; listing with o=
ptional filtering and sorting is supported.&nbsp; In my mind this fits unde=
r the &#8220;read&#8221; of CRUD, but it may make sense to be more explicit=
 about
 it.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly<o:p></o:p></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;;color:windowtext">From:</span></b><spa=
n style=3D"font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif=
&quot;;color:windowtext"> scim-bounces@ietf.org [mailto:scim-bounces@ietf.o=
rg]
<b>On Behalf Of </b>prateek mishra<br>
<b>Sent:</b> Wednesday, March 14, 2012 12:42 PM<br>
<b>To:</b> scim@ietf.org<br>
<b>Subject:</b> Re: [scim] FW: Propose reshape of charter<o:p></o:p></span>=
</p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">So any form of query or search is excluded from the =
scope of this work?<br>
<br>
<o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I agree.&nbsp; The term &=
#8220;identity life-cycle&#8221; is nice as a high-level markety mission st=
atement, but should probably be made more specific for an IETF working grou=
p
 description.&nbsp; Up to this point, SCIM has been geared towards CRUD ope=
rations for identities and identity-related objects, and I don&#8217;t see =
it venturing much outside of this realm.&nbsp; Perhaps something along the =
lines of:</span><o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<pre>The Simple Cloud Identity Management (SCIM) specification is designed =
to <o:p></o:p></pre>
<pre>make creating, reading, updating, and deleting user identities and ide=
ntity-<o:p></o:p></pre>
<pre>related objects easier in cloud based applications.<o:p></o:p></pre>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">Easier is also a bit vagu=
e.&nbsp; This could be changed to address how things will become easier.&nb=
sp; For example:</span><o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<pre>The Simple Cloud Identity Management (SCIM) specification is designed =
to <o:p></o:p></pre>
<pre>make managing user identity lifecycle easier in cloud based applicatio=
ns<o:p></o:p></pre>
<pre>by defining standard protocols and schemas for creating, reading, upda=
ting,<o:p></o:p></pre>
<pre>and deleting user identities and identity-related objects.<o:p></o:p><=
/pre>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly</span><o:p></o:p>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;;color:windowtext">From:</span></b><spa=
n style=3D"font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif=
&quot;;color:windowtext">
<a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> [<a href=
=3D"mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]
<b>On Behalf Of </b>Eliot Lear<br>
<b>Sent:</b> Wednesday, March 14, 2012 9:01 AM<br>
<b>To:</b> Anthony Nadalin<br>
<b>Cc:</b> Diodati, Mark; <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a=
><br>
<b>Subject:</b> Re: [scim] FW: Propose reshape of charter</span><o:p></o:p>=
</p>
</div>
</div>
<p class=3D"MsoNormal">&nbsp;<o:p></o:p></p>
<p class=3D"MsoNormal"><br>
<br>
On 3/14/12 2:37 PM, Anthony Nadalin wrote: <o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">That&#8217;s my point, th=
e term identity life-cycle is too subjective, suggest that this be limited =
to the actual identity management functions that SCIM will cover</span><o:p=
></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
<p class=3D"MsoNormal"><br>
I think this is a really good point.&nbsp; The more we scope the better off=
 we'll be.<br>
<br>
Eliot<o:p></o:p></p>
<p class=3D"MsoNormal"><br>
<br>
<br>
<o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>scim mailing list<o:p></o:p></pre>
<pre><a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><o:p></o:p></pre>
<pre><a href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.iet=
f.org/mailman/listinfo/scim</a><o:p></o:p></pre>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637E1CBL2PRD0410MB351_--

From trey.drake@unboundid.com  Wed Mar 14 11:14:08 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BAA021F86A8 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 11:14:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level: 
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id epMh1-xTH3ik for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 11:14:07 -0700 (PDT)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id 62E2021F861E for <scim@ietf.org>; Wed, 14 Mar 2012 11:14:07 -0700 (PDT)
Received: by ggmi1 with SMTP id i1so2419842ggm.31 for <scim@ietf.org>; Wed, 14 Mar 2012 11:14:07 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=iOtX5Gy1hPNKpwekZ+R9m9wwwmJ8KFhVT7f0++SI2lw=; b=EuC9I0ZDQGG3dar6OQGyrZbBnEzL6Hk2HyeoFKkdblaRVURIrqrm3slSrn1q/pR7xm Oqa9LhPOjYv/dxZUjTZIYeDQXdtl0IMTXT0dpowddnJTfCWk8hDLEgIZtoNnOh9Dfhaa iGEckuCYfcSo2C38pvdUE6sikqqoyskuG57dS02/aKviyZVNcTUVU7LOZDo9HsAk8+X5 EY9zOlSTww+2ek//u581tCUWoebFZ16i9kVU+amVKpbDaNZhGOl0A8F2w0ZNVXeB6eWX xDNMIXD4jxUKD03KvfnX0U/SzPW/A0+G04arax8BUHz6ArqKJYxr4Zz83d+RBS61tZww siIw==
Received: by 10.182.12.37 with SMTP id v5mr4792561obb.16.1331748846775; Wed, 14 Mar 2012 11:14:06 -0700 (PDT)
Received: from office-dhcp-232.unboundid.lab (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id 1sm6259803obo.2.2012.03.14.11.14.05 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 14 Mar 2012 11:14:05 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_8D771AB1-4390-4009-8A6F-CBCE652DE28D"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34371C637E1C@BL2PRD0410MB351.namprd04.prod.outlook.com>
Date: Wed, 14 Mar 2012 13:14:04 -0500
Message-Id: <FD218744-BB89-498F-B805-05D514F87CCD@unboundid.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com> <4F60D874.3030804@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34371C637E1C@BL2PRD0410MB351.namprd04.prod.outlook.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQnw30odpn74X+4FbyJ6PO52348BfsqCgafNzifqx7h0NKTYHlFWb92DVxH/qfkVKwcIBpum
Cc: "scim@ietf.org" <scim@ietf.org>, prateek mishra <prateek.mishra@oracle.com>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 18:14:08 -0000

--Apple-Mail=_8D771AB1-4390-4009-8A6F-CBCE652DE28D
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_62A9F6CF-E561-4AFF-9D8C-340E77B5C514"


--Apple-Mail=_62A9F6CF-E561-4AFF-9D8C-340E77B5C514
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

How about "retrieval" as opposed to "reading"?

Thanks,
Trey=20


On Mar 14, 2012, at 12:44 PM, Kelly Grizzle wrote:

> No =96 listing with optional filtering and sorting is supported.  In =
my mind this fits under the =93read=94 of CRUD, but it may make sense to =
be more explicit about it.
> =20
> --Kelly
> =20
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of prateek mishra
> Sent: Wednesday, March 14, 2012 12:42 PM
> To: scim@ietf.org
> Subject: Re: [scim] FW: Propose reshape of charter
> =20
> So any form of query or search is excluded from the scope of this =
work?
>=20
> I agree.  The term =93identity life-cycle=94 is nice as a high-level =
markety mission statement, but should probably be made more specific for =
an IETF working group description.  Up to this point, SCIM has been =
geared towards CRUD operations for identities and identity-related =
objects, and I don=92t see it venturing much outside of this realm.  =
Perhaps something along the lines of:
> =20
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make creating, reading, updating, and deleting user identities and =
identity-
> related objects easier in cloud based applications.
> =20
> Easier is also a bit vague.  This could be changed to address how =
things will become easier.  For example:
> =20
> The Simple Cloud Identity Management (SCIM) specification is designed =
to=20
> make managing user identity lifecycle easier in cloud based =
applications
> by defining standard protocols and schemas for creating, reading, =
updating,
> and deleting user identities and identity-related objects.
> =20
> --Kelly
> =20
> =20
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Eliot Lear
> Sent: Wednesday, March 14, 2012 9:01 AM
> To: Anthony Nadalin
> Cc: Diodati, Mark; scim@ietf.org
> Subject: Re: [scim] FW: Propose reshape of charter
> =20
>=20
>=20
> On 3/14/12 2:37 PM, Anthony Nadalin wrote:
> That=92s my point, the term identity life-cycle is too subjective, =
suggest that this be limited to the actual identity management functions =
that SCIM will cover
> =20
>=20
> I think this is a really good point.  The more we scope the better off =
we'll be.
>=20
> Eliot
>=20
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_62A9F6CF-E561-4AFF-9D8C-340E77B5C514
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head><base href=3D"x-msg://2297/"></head><body style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; ">How about "retrieval" as opposed to =
"reading"?<div><br></div><div>Thanks,</div><div>Trey&nbsp;<div><br></div><=
div><br><div><div>On Mar 14, 2012, at 12:44 PM, Kelly Grizzle =
wrote:</div><br class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite"><span class=3D"Apple-style-span" style=3D"border-collapse: =
separate; font-family: Helvetica; font-style: normal; font-variant: =
normal; font-weight: normal; letter-spacing: normal; line-height: =
normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div =
bgcolor=3D"white" lang=3D"EN-US" link=3D"blue" vlink=3D"purple"><div =
class=3D"WordSection1" style=3D"page: WordSection1; "><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">No =96 =
listing with optional filtering and sorting is supported.&nbsp; In my =
mind this fits under the =93read=94 of CRUD, but it may make sense to be =
more explicit about it.<o:p></o:p></span></div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; color: black; =
"><span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; =
color: rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">--Kelly<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div><div =
style=3D"border-right-style: none; border-bottom-style: none; =
border-left-style: none; border-width: initial; border-color: initial; =
border-top-style: solid; border-top-color: rgb(181, 196, 223); =
border-top-width: 1pt; padding-top: 3pt; padding-right: 0in; =
padding-bottom: 0in; padding-left: 0in; "><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><b><span =
style=3D"font-size: 10pt; font-family: Tahoma, sans-serif; color: =
windowtext; ">From:</span></b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; color: windowtext; "><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org" style=3D"color: blue; =
text-decoration: underline; ">scim-bounces@ietf.org</a><span =
class=3D"Apple-converted-space">&nbsp;</span>[mailto:scim-bounces@ietf.org=
]<span class=3D"Apple-converted-space">&nbsp;</span><b>On Behalf Of<span =
class=3D"Apple-converted-space">&nbsp;</span></b>prateek =
mishra<br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Wednesday, March 14, 2012 =
12:42 PM<br><b>To:</b><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: =
underline; ">scim@ietf.org</a><br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Re: [scim] FW: Propose =
reshape of charter<o:p></o:p></span></div></div></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><o:p>&nbsp;</o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; ">So any form of query or search is =
excluded from the scope of this work?<br><br><o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">I =
agree.&nbsp; The term =93identity life-cycle=94 is nice as a high-level =
markety mission statement, but should probably be made more specific for =
an IETF working group description.&nbsp; Up to this point, SCIM has been =
geared towards CRUD operations for identities and identity-related =
objects, and I don=92t see it venturing much outside of this =
realm.&nbsp; Perhaps something along the lines =
of:</span><o:p></o:p></div><div style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; =
font-family: 'Times New Roman', serif; color: black; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">&nbsp;</span><o:p></o:p></div><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
color: black; ">The Simple Cloud Identity Management (SCIM) =
specification is designed to <o:p></o:p></pre><pre style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 10pt; font-family: 'Courier New'; color: black; ">make =
creating, reading, updating, and deleting user identities and =
identity-<o:p></o:p></pre><pre style=3D"margin-top: 0in; margin-right: =
0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; =
font-family: 'Courier New'; color: black; ">related objects easier in =
cloud based applications.<o:p></o:p></pre><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">&nbsp;</span><o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">Easier is =
also a bit vague.&nbsp; This could be changed to address how things will =
become easier.&nbsp; For example:</span><o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">&nbsp;</span><o:p></o:p></div><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; color: black; ">The Simple Cloud =
Identity Management (SCIM) specification is designed to =
<o:p></o:p></pre><pre style=3D"margin-top: 0in; margin-right: 0in; =
margin-left: 0in; margin-bottom: 0.0001pt; font-size: 10pt; font-family: =
'Courier New'; color: black; ">make managing user identity lifecycle =
easier in cloud based applications<o:p></o:p></pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
color: black; ">by defining standard protocols and schemas for creating, =
reading, updating,<o:p></o:p></pre><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; color: black; ">and deleting user =
identities and identity-related objects.<o:p></o:p></pre><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">&nbsp;</span><o:p></o:p></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">--Kelly</span><o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">&nbsp;</span><o:p></o:p></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">&nbsp;</span><o:p></o:p></div><div><div =
style=3D"border-right-style: none; border-bottom-style: none; =
border-left-style: none; border-width: initial; border-color: initial; =
border-top-style: solid; border-top-color: rgb(181, 196, 223); =
border-top-width: 1pt; padding-top: 3pt; padding-right: 0in; =
padding-bottom: 0in; padding-left: 0in; "><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><b><span =
style=3D"font-size: 10pt; font-family: Tahoma, sans-serif; color: =
windowtext; ">From:</span></b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; color: windowtext; "><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org" style=3D"color: blue; =
text-decoration: underline; ">scim-bounces@ietf.org</a><span =
class=3D"Apple-converted-space">&nbsp;</span>[<a =
href=3D"mailto:scim-bounces@ietf.org" style=3D"color: blue; =
text-decoration: underline; ">mailto:scim-bounces@ietf.org</a>]<span =
class=3D"Apple-converted-space">&nbsp;</span><b>On Behalf Of<span =
class=3D"Apple-converted-space">&nbsp;</span></b>Eliot =
Lear<br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Wednesday, March 14, 2012 =
9:01 AM<br><b>To:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Anthony =
Nadalin<br><b>Cc:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Diodati, Mark;<span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: =
underline; ">scim@ietf.org</a><br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Re: [scim] FW: Propose =
reshape of charter</span><o:p></o:p></div></div></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; ">&nbsp;<o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><br><br>On 3/14/12 2:37 PM, Anthony =
Nadalin wrote:<o:p></o:p></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">That=92s my point, the term identity life-cycle is =
too subjective, suggest that this be limited to the actual identity =
management functions that SCIM will cover</span><o:p></o:p></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; "><span style=3D"font-size: 11pt; =
font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">&nbsp;</span><o:p></o:p></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; "><br>I think =
this is a really good point.&nbsp; The more we scope the better off =
we'll be.<br><br>Eliot<o:p></o:p></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; =
"><br><br><br><o:p></o:p></div><pre style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
10pt; font-family: 'Courier New'; color: black; =
">_______________________________________________<o:p></o:p></pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
color: black; ">scim mailing list<o:p></o:p></pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
color: black; "><a href=3D"mailto:scim@ietf.org" style=3D"color: blue; =
text-decoration: underline; ">scim@ietf.org</a><o:p></o:p></pre><pre =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 10pt; font-family: 'Courier New'; =
color: black; "><a href=3D"https://www.ietf.org/mailman/listinfo/scim" =
style=3D"color: blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a><o:p></o:p></pre></div>___=
____________________________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: =
underline; ">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color: =
blue; text-decoration: underline; =
">https://www.ietf.org/mailman/listinfo/scim</a></div></span></blockquote>=
</div><br></div></div></body></html>=

--Apple-Mail=_62A9F6CF-E561-4AFF-9D8C-340E77B5C514--

--Apple-Mail=_8D771AB1-4390-4009-8A6F-CBCE652DE28D
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTQxODE0MDVaMCMGCSqGSIb3DQEJBDEWBBToHK0UPV8E5iP7hsHyK6PSXPFy5DCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAHB3HWxAtMr3S89yAt+dlMjh6LXNAjr4+GemiyUd+KSNfdJEtBVEBByhR/ueYGiKoSQV
EHLuNkjaZ7R0KnL2nJTUbkQ5FW9kYXk4I9XS6Lmg0Ek51erRxk2cZJYIPowZDThS1ThI0KlbaaX6
aPzW2zUMV7s3V253PEvJPlDKZb077609hmy1xYd7VHz/ZbsTzWpGlLjTeUH4lUKQTV1ou5twjheB
lyDGHkXEk0O99KUyTszvNwXKNZHT11QgqfCfuLKfuzCGlfATEtUeU34JILn6rGrIPxM9HHHdRKxT
IoNVikk6IBTtB3rKaCuAUjwT64KG/cs2XH8PbhS3lNRaR3UAAAAAAAA=

--Apple-Mail=_8D771AB1-4390-4009-8A6F-CBCE652DE28D--

From kelly.grizzle@sailpoint.com  Wed Mar 14 12:11:31 2012
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD96621F877D for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 12:11:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.973
X-Spam-Level: 
X-Spam-Status: No, score=-3.973 tagged_above=-999 required=5 tests=[AWL=-0.375, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mBzO16QRUGHj for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 12:11:29 -0700 (PDT)
Received: from db3outboundpool.messaging.microsoft.com (db3ehsobe001.messaging.microsoft.com [213.199.154.139]) by ietfa.amsl.com (Postfix) with ESMTP id 29F3021F877E for <scim@ietf.org>; Wed, 14 Mar 2012 12:11:28 -0700 (PDT)
Received: from mail67-db3-R.bigfish.com (10.3.81.251) by DB3EHSOBE003.bigfish.com (10.3.84.23) with Microsoft SMTP Server id 14.1.225.23; Wed, 14 Mar 2012 19:11:29 +0000
Received: from mail67-db3 (localhost [127.0.0.1])	by mail67-db3-R.bigfish.com (Postfix) with ESMTP id 5AE1F340769; Wed, 14 Mar 2012 19:11:29 +0000 (UTC)
X-SpamScore: -26
X-BigFish: PS-26(zzbb2dI9371Ic85fh98dK4015Izz1202hzz1033IL8275bh8275dhz2fh2a8h668h839hd25h)
X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT003.namprd04.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail67-db3: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT003.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail67-db3 (localhost.localdomain [127.0.0.1]) by mail67-db3 (MessageSwitch) id 1331752286888201_18210; Wed, 14 Mar 2012 19:11:26 +0000 (UTC)
Received: from DB3EHSMHS017.bigfish.com (unknown [10.3.81.225])	by mail67-db3.bigfish.com (Postfix) with ESMTP id D5D9910007C; Wed, 14 Mar 2012 19:11:26 +0000 (UTC)
Received: from BL2PRD0410HT003.namprd04.prod.outlook.com (157.56.240.85) by DB3EHSMHS017.bigfish.com (10.3.87.117) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 14 Mar 2012 19:11:26 +0000
Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.3.188]) by BL2PRD0410HT003.namprd04.prod.outlook.com ([10.255.99.38]) with mapi id 14.16.0123.000; Wed, 14 Mar 2012 19:11:05 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Trey Drake <trey.drake@unboundid.com>
Thread-Topic: [scim]  Propose reshape of charter
Thread-Index: AQHNAg5DUDStqByj30uiUubv8w388ZZqKDRA
Date: Wed, 14 Mar 2012 19:11:05 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C637E60@BL2PRD0410MB351.namprd04.prod.outlook.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com> <4F60D874.3030804@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34371C637E1C@BL2PRD0410MB351.namprd04.prod.outlook.com> <FD218744-BB89-498F-B805-05D514F87CCD@unboundid.com>
In-Reply-To: <FD218744-BB89-498F-B805-05D514F87CCD@unboundid.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [173.226.147.242]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34371C637E60BL2PRD0410MB351_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "scim@ietf.org" <scim@ietf.org>, prateek mishra <prateek.mishra@oracle.com>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 19:11:31 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637E60BL2PRD0410MB351_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I like that.

From: Trey Drake [mailto:trey.drake@unboundid.com]
Sent: Wednesday, March 14, 2012 1:14 PM
To: Kelly Grizzle
Cc: prateek mishra; scim@ietf.org
Subject: Re: [scim] Propose reshape of charter

How about "retrieval" as opposed to "reading"?

Thanks,
Trey


On Mar 14, 2012, at 12:44 PM, Kelly Grizzle wrote:


No - listing with optional filtering and sorting is supported.  In my mind =
this fits under the "read" of CRUD, but it may make sense to be more explic=
it about it.

--Kelly

From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf Of prateek mishra
Sent: Wednesday, March 14, 2012 12:42 PM
To: scim@ietf.org<mailto:scim@ietf.org>
Subject: Re: [scim] FW: Propose reshape of charter

So any form of query or search is excluded from the scope of this work?


I agree.  The term "identity life-cycle" is nice as a high-level markety mi=
ssion statement, but should probably be made more specific for an IETF work=
ing group description.  Up to this point, SCIM has been geared towards CRUD=
 operations for identities and identity-related objects, and I don't see it=
 venturing much outside of this realm.  Perhaps something along the lines o=
f:


The Simple Cloud Identity Management (SCIM) specification is designed to

make creating, reading, updating, and deleting user identities and identity=
-

related objects easier in cloud based applications.

Easier is also a bit vague.  This could be changed to address how things wi=
ll become easier.  For example:


The Simple Cloud Identity Management (SCIM) specification is designed to

make managing user identity lifecycle easier in cloud based applications

by defining standard protocols and schemas for creating, reading, updating,

and deleting user identities and identity-related objects.

--Kelly


From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf Of Eliot Lear
Sent: Wednesday, March 14, 2012 9:01 AM
To: Anthony Nadalin
Cc: Diodati, Mark; scim@ietf.org<mailto:scim@ietf.org>
Subject: Re: [scim] FW: Propose reshape of charter



On 3/14/12 2:37 PM, Anthony Nadalin wrote:
That's my point, the term identity life-cycle is too subjective, suggest th=
at this be limited to the actual identity management functions that SCIM wi=
ll cover


I think this is a really good point.  The more we scope the better off we'l=
l be.

Eliot





_______________________________________________

scim mailing list

scim@ietf.org<mailto:scim@ietf.org>

https://www.ietf.org/mailman/listinfo/scim
_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


--_000_56C3C758F9D6534CA3778EAA1E0C34371C637E60BL2PRD0410MB351_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 12 (filtered medium)">
<base href=3D"x-msg://2297/"><style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
span.apple-style-span
	{mso-style-name:apple-style-span;}
span.apple-converted-space
	{mso-style-name:apple-converted-space;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:Consolas;}
span.EmailStyle21
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I like that.<o:p></o:p></=
span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> Trey Dra=
ke [mailto:trey.drake@unboundid.com]
<br>
<b>Sent:</b> Wednesday, March 14, 2012 1:14 PM<br>
<b>To:</b> Kelly Grizzle<br>
<b>Cc:</b> prateek mishra; scim@ietf.org<br>
<b>Subject:</b> Re: [scim] Propose reshape of charter<o:p></o:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">How about &quot;retrieval&quot; as opposed to &quot;=
reading&quot;?<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">Thanks,<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal">Trey&nbsp;<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal">On Mar 14, 2012, at 12:44 PM, Kelly Grizzle wrote:<o=
:p></o:p></p>
</div>
<p class=3D"MsoNormal"><br>
<br>
<o:p></o:p></p>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">No &#8211; listing with o=
ptional filtering and sorting is supported.&nbsp; In my mind this fits unde=
r the &#8220;read&#8221; of CRUD, but it may make sense to be more explicit=
 about
 it.</span><span style=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span class=3D"apple-=
converted-space"><span style=3D"font-size:10.0pt;font-family:&quot;Tahoma&q=
uot;,&quot;sans-serif&quot;">&nbsp;</span></span><span style=3D"font-size:1=
0.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"><a href=3D"mai=
lto:scim-bounces@ietf.org">scim-bounces@ietf.org</a><span class=3D"apple-co=
nverted-space">&nbsp;</span>[<a href=3D"mailto:scim-bounces@ietf.org">mailt=
o:scim-bounces@ietf.org</a>]<span class=3D"apple-converted-space">&nbsp;</s=
pan><b>On
 Behalf Of<span class=3D"apple-converted-space">&nbsp;</span></b>prateek mi=
shra<br>
<b>Sent:</b><span class=3D"apple-converted-space">&nbsp;</span>Wednesday, M=
arch 14, 2012 12:42 PM<br>
<b>To:</b><span class=3D"apple-converted-space">&nbsp;</span><a href=3D"mai=
lto:scim@ietf.org">scim@ietf.org</a><br>
<b>Subject:</b><span class=3D"apple-converted-space">&nbsp;</span>Re: [scim=
] FW: Propose reshape of charter</span><span style=3D"color:black"><o:p></o=
:p></span></p>
</div>
</div>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"color:black">&nbsp;<o:p></o:p></span>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"color:black">So any form of query or =
search is excluded from the scope of this work?<br>
<br>
<br>
<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I agree.&nbsp; The term &=
#8220;identity life-cycle&#8221; is nice as a high-level markety mission st=
atement, but should probably be made more specific for an IETF working grou=
p
 description.&nbsp; Up to this point, SCIM has been geared towards CRUD ope=
rations for identities and identity-related objects, and I don&#8217;t see =
it venturing much outside of this realm.&nbsp; Perhaps something along the =
lines of:</span><span style=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<pre><span style=3D"color:black">The Simple Cloud Identity Management (SCIM=
) specification is designed to <o:p></o:p></span></pre>
<pre><span style=3D"color:black">make creating, reading, updating, and dele=
ting user identities and identity-<o:p></o:p></span></pre>
<pre><span style=3D"color:black">related objects easier in cloud based appl=
ications.<o:p></o:p></span></pre>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">Easier is also a bit vagu=
e.&nbsp; This could be changed to address how things will become easier.&nb=
sp; For example:</span><span style=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<pre><span style=3D"color:black">The Simple Cloud Identity Management (SCIM=
) specification is designed to <o:p></o:p></span></pre>
<pre><span style=3D"color:black">make managing user identity lifecycle easi=
er in cloud based applications<o:p></o:p></span></pre>
<pre><span style=3D"color:black">by defining standard protocols and schemas=
 for creating, reading, updating,<o:p></o:p></span></pre>
<pre><span style=3D"color:black">and deleting user identities and identity-=
related objects.<o:p></o:p></span></pre>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span class=3D"apple-=
converted-space"><span style=3D"font-size:10.0pt;font-family:&quot;Tahoma&q=
uot;,&quot;sans-serif&quot;">&nbsp;</span></span><span style=3D"font-size:1=
0.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"><a href=3D"mai=
lto:scim-bounces@ietf.org">scim-bounces@ietf.org</a><span class=3D"apple-co=
nverted-space">&nbsp;</span>[<a href=3D"mailto:scim-bounces@ietf.org">mailt=
o:scim-bounces@ietf.org</a>]<span class=3D"apple-converted-space">&nbsp;</s=
pan><b>On
 Behalf Of<span class=3D"apple-converted-space">&nbsp;</span></b>Eliot Lear=
<br>
<b>Sent:</b><span class=3D"apple-converted-space">&nbsp;</span>Wednesday, M=
arch 14, 2012 9:01 AM<br>
<b>To:</b><span class=3D"apple-converted-space">&nbsp;</span>Anthony Nadali=
n<br>
<b>Cc:</b><span class=3D"apple-converted-space">&nbsp;</span>Diodati, Mark;=
<span class=3D"apple-converted-space">&nbsp;</span><a href=3D"mailto:scim@i=
etf.org">scim@ietf.org</a><br>
<b>Subject:</b><span class=3D"apple-converted-space">&nbsp;</span>Re: [scim=
] FW: Propose reshape of charter</span><span style=3D"color:black"><o:p></o=
:p></span></p>
</div>
</div>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"color:black">&nbsp;<o:p></o:p></span>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"color:black"><br>
<br>
On 3/14/12 2:37 PM, Anthony Nadalin wrote:<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">That&#8217;s my point, th=
e term identity life-cycle is too subjective, suggest that this be limited =
to the actual identity management functions that SCIM will cover</span><spa=
n style=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><span style=
=3D"color:black"><o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"color:black"><br>
I think this is a really good point.&nbsp; The more we scope the better off=
 we'll be.<br>
<br>
Eliot<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"color:black"><br>
<br>
<br>
<br>
<o:p></o:p></span></p>
</div>
<pre><span style=3D"color:black">__________________________________________=
_____<o:p></o:p></span></pre>
<pre><span style=3D"color:black">scim mailing list<o:p></o:p></span></pre>
<pre><span style=3D"color:black"><a href=3D"mailto:scim@ietf.org">scim@ietf=
.org</a><o:p></o:p></span></pre>
<pre><span style=3D"color:black"><a href=3D"https://www.ietf.org/mailman/li=
stinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a><o:p></o:p></spa=
n></pre>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;">_____________________________________=
__________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org=
/mailman/listinfo/scim</a><o:p></o:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34371C637E60BL2PRD0410MB351_--

From stpeter@stpeter.im  Wed Mar 14 12:37:44 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D4E821F8599 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 12:37:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.63
X-Spam-Level: 
X-Spam-Status: No, score=-102.63 tagged_above=-999 required=5 tests=[AWL=-0.031, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RfkPUfAfuGCN for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 12:37:43 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 6D18721F84F3 for <scim@ietf.org>; Wed, 14 Mar 2012 12:37:43 -0700 (PDT)
Received: from squire.local (unknown [72.163.0.129]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 89B5340058; Wed, 14 Mar 2012 13:50:05 -0600 (MDT)
Message-ID: <4F60F385.6070604@stpeter.im>
Date: Wed, 14 Mar 2012 13:37:41 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Eliot Lear <lear@cisco.com>
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FC804.4080208@cisco.com>
In-Reply-To: <4F5FC804.4080208@cisco.com>
X-Enigmail-Version: 1.3.5
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: scim@ietf.org, "Steven M. Bellovin" <smb@cs.columbia.edu>, Phil Hunt <phil.hunt@oracle.com>
Subject: Re: [scim] Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 19:37:44 -0000

On 3/13/12 4:19 PM, Eliot Lear wrote:
> Hi Phil,
> 
> I failed to address a point you made below:
> 
> On 3/13/12 8:56 PM, Phil Hunt wrote:
>>
>> It is probably important to site the location of the SCIM 1.0
>> specification which is published externally to IETF as well as the
>> re-published drafts under IETF.
>>
> 
> I believe it is important to both cite and acknowledge the earlier work,
> but I don't know that the charter is the right place to do it.  This
> having been said, the charter is one place where we have prominent
> static content.  Pete, what would the IESG want, here?

Assuming you meant Peter, I'll answer. :)

Consider, say, the original OAuth WG charter:

http://tools.ietf.org/wg/oauth/charters?item=charter-oauth-2009-05-13.txt

It didn't mention oauth.net. However, I see no great harm in mentioning
simplecloud.info in the charter, along these lines:

   These drafts are based on existing specifications originally
   developed outside the IETF (see http://simplecloud.info/ for further
   information).

Thanks!

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From tony@yaanatech.com  Wed Mar 14 12:48:23 2012
Return-Path: <tony@yaanatech.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 633D421F8815 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 12:48:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.366
X-Spam-Level: 
X-Spam-Status: No, score=-2.366 tagged_above=-999 required=5 tests=[AWL=0.232,  BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tqmtHWi-7yVz for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 12:48:22 -0700 (PDT)
Received: from extmail1.prd.yaanatech.com (extmail1.prd.yaanatech.com [205.140.198.37]) by ietfa.amsl.com (Postfix) with ESMTP id 8357921F8814 for <scim@ietf.org>; Wed, 14 Mar 2012 12:48:20 -0700 (PDT)
Received: from [192.168.0.4] (pool-173-72-136-146.clppva.fios.verizon.net [173.72.136.146]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by extmail1.prd.yaanatech.com (Postfix) with ESMTP id 10C325807F; Wed, 14 Mar 2012 19:48:19 +0000 (UTC)
Message-ID: <4F60F602.2040700@yaanatech.com>
Date: Wed, 14 Mar 2012 15:48:18 -0400
From: Tony Rutkowski <tony@yaanatech.com>
Organization: Yaana Technologies
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20120308 Thunderbird/11.0
MIME-Version: 1.0
To: kelly.grizzle@sailpoint.com
References: <4F5FA213.4000600@cisco.com> <B6F33950-9055-4005-A82F-EB4E29431AD1@oracle.com> <4F5FBAB1.1020009@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C08110E@BL2PRD0310MB362.namprd03.prod.outlook.com> <219947F0B2242843A0A1E62FDB510DC0250F3D4F7F@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <20120314133359.AD1C421F85A0@ietfa.amsl.com> <B26C1EF377CB694EAB6BDDC8E624B6E73C0811E9@BL2PRD0310MB362.namprd03.prod.outlook.com> <4F60A497.8050906@cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C637C33@BL2PRD0410MB351.namprd04.prod.outlook.com> <4F60B543.2010408@yaanatech.com> <56C3C758F9D6534CA3778EAA1E0C34371C637D54@BL2PRD0410MB351.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34371C637D54@BL2PRD0410MB351.namprd04.prod.outlook.com>
Content-Type: multipart/alternative; boundary="------------030807000903030709070408"
Cc: tonynad@microsoft.com, scim@ietf.org, lear@cisco.com, Mark.Diodati@gartner.com
Subject: Re: [scim] FW:  Propose reshape of charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: tony@yaanatech.com
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 19:48:23 -0000

This is a multi-part message in MIME format.
--------------030807000903030709070408
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

The CybOZ URL is
http://cybox.mitre.org/about/index.html

Just as CybOX is envisioned as a core
component of SCAP and incident response
data models, it can be used for identity
observables to the extent that there is
a need to exchange this information.

The charter at present seems sufficiently
broad to allow for such sub-components,
if nothing else as extensions.

--tony



On 3/14/2012 1:04 PM, Kelly Grizzle wrote:
>
> CybOX is new to me, so I can't say for sure.  There has been 
> discussion about utilizing other languages for the payload of some 
> attributes on users (eg -- XACML in the entitlements attribute).  This 
> is not part of the spec, though, and is left as a decision to the 
> client and server implementers.  Maybe CybOX could similarly fit into 
> a user or object extension?  I wouldn't foresee this becoming part of 
> the core spec, though.
>


--------------030807000903030709070408
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <tt>The CybOZ URL is <br>
      <a class="moz-txt-link-freetext" href="http://cybox.mitre.org/about/index.html">http://cybox.mitre.org/about/index.html</a><br>
      <br>
      Just as CybOX is envisioned as a core<br>
      component of SCAP and incident response<br>
      data models, it can be used for identity<br>
      observables to the extent that there is<br>
      a need to exchange this information.<br>
      <br>
      The charter at present seems sufficiently<br>
      broad to allow for such sub-components,<br>
      if nothing else as extensions.<br>
      <br>
      --tony<br>
      <br>
      <br>
    </tt>
    <br>
    On 3/14/2012 1:04 PM, Kelly Grizzle wrote:
    <blockquote
cite="mid:56C3C758F9D6534CA3778EAA1E0C34371C637D54@BL2PRD0410MB351.namprd04.prod.outlook.com"
      type="cite">
      <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">CybOX

          is new to me, so I can&#8217;t say for sure.&nbsp; There has been
          discussion about utilizing other languages for the payload of
          some attributes on users (eg &#8211; XACML in the entitlements
          attribute).&nbsp; This is not part of the spec, though, and is left
          as a decision to the client and server implementers.&nbsp; Maybe
          CybOX could similarly fit into a user or object extension?&nbsp; I
          wouldn&#8217;t foresee this becoming part of the core spec, though.<o:p></o:p></span></p>
      <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p></o:p></span></p>
    </blockquote>
    <br>
  </body>
</html>

--------------030807000903030709070408--

From phil.hunt@oracle.com  Wed Mar 14 14:44:42 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 194B721F874A for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 14:44:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.286
X-Spam-Level: 
X-Spam-Status: No, score=-10.286 tagged_above=-999 required=5 tests=[AWL=0.313, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L-nGJv1vTlYf for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 14:44:41 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 4D75321F862A for <scim@ietf.org>; Wed, 14 Mar 2012 14:44:41 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2ELieSB012842 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <scim@ietf.org>; Wed, 14 Mar 2012 21:44:40 GMT
Received: from acsmt357.oracle.com (acsmt357.oracle.com [141.146.40.157]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2ELid3o006895 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <scim@ietf.org>; Wed, 14 Mar 2012 21:44:39 GMT
Received: from abhmt115.oracle.com (abhmt115.oracle.com [141.146.116.67]) by acsmt357.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2ELidTh028879 for <scim@ietf.org>; Wed, 14 Mar 2012 16:44:39 -0500
Received: from [192.168.1.8] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 14 Mar 2012 14:44:39 -0700
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Wed, 14 Mar 2012 14:44:43 -0700
Message-Id: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com>
To: scim@ietf.org
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
X-Auth-Type: Internal IP
X-CT-RefId: str=0001.0A090201.4F611148.005D,ss=1,re=0.000,fgs=0
Subject: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 21:44:42 -0000

In previous emails, I promised more thoughts on the Gateway/targeting =
issue. In order to support the scope discussion, I put a bunch of =
thoughts together on areas the WG might consider on my blog at:
=
http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.=
html

I'm still planning to post more info to the list on the specific issue =
of "gatewayed" provisioning (aka targeting).

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com






From stpeter@stpeter.im  Wed Mar 14 15:28:53 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3997B21F8795 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 15:28:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.645
X-Spam-Level: 
X-Spam-Status: No, score=-102.645 tagged_above=-999 required=5 tests=[AWL=-0.046, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RqopsLpDInQ4 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 15:28:52 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 6078E21F86CA for <scim@ietf.org>; Wed, 14 Mar 2012 15:28:52 -0700 (PDT)
Received: from squire.local (unknown [72.163.0.129]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 0C94940058; Wed, 14 Mar 2012 16:41:14 -0600 (MDT)
Message-ID: <4F611BA2.3050201@stpeter.im>
Date: Wed, 14 Mar 2012 16:28:50 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com>
In-Reply-To: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com>
X-Enigmail-Version: 1.3.5
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: scim@ietf.org
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 22:28:53 -0000

<hat type='AD'/>

On 3/14/12 3:44 PM, Phil Hunt wrote:
> In previous emails, I promised more thoughts on the Gateway/targeting
> issue. In order to support the scope discussion, I put a bunch of
> thoughts together on areas the WG might consider on my blog at: 
> http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.html

Hi Phil,

I really do hate to be a stickler, but I don't think that the IETF can
consider your blog post to be an "IETF Contribution" in accordance with
the Note Well rules <http://www.ietf.org/about/note-well.html> -- I
realize that you put time and energy into those nice graphics, but could
we trouble you to at least post the text of your comments to this
mailing list? It really is for your own good. :)

Thanks!

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From stpeter@stpeter.im  Wed Mar 14 16:05:25 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8222921F87FB for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:05:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.644
X-Spam-Level: 
X-Spam-Status: No, score=-102.644 tagged_above=-999 required=5 tests=[AWL=-0.045, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xzo2UhObPnPM for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:05:24 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id DE4EA21F87F8 for <scim@ietf.org>; Wed, 14 Mar 2012 16:05:24 -0700 (PDT)
Received: from squire.local (unknown [72.163.0.129]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 759B040058 for <scim@ietf.org>; Wed, 14 Mar 2012 17:17:47 -0600 (MDT)
Message-ID: <4F612433.5060503@stpeter.im>
Date: Wed, 14 Mar 2012 17:05:23 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
X-Enigmail-Version: 1.3.5
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: [scim] Internet-Drafts
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 23:05:25 -0000

Folks, it would really help avoid awkward and inevitable questions about
change control and IPR confusion if the proponents could post
Internet-Drafts before the BoF, at least for the scenarios doc, core
schema, and protocol spec. Although the deadline for -00 I-Ds passed 10
days ago, the submission window opens again on March 26 (three days
before the BoF):

http://datatracker.ietf.org/submit/

Given that the SCIM specs at simplecloud.info are already in RFC format,
it seems that submitting Internet-Drafts would not involve significant
author frustration. They don't need to be polished, changed, or
otherwise edited -- just submit them as-is so we can get them
circulating among IETFers and show a good-faith effort to be upstanding
citizens of the IETF community.

Thanks in advance for your assistance.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From trey.drake@unboundid.com  Wed Mar 14 16:13:35 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EBA921F8804 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:13:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.203
X-Spam-Level: 
X-Spam-Status: No, score=-2.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BcByhMHOHlDA for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:13:34 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9ECDE21F87C9 for <scim@ietf.org>; Wed, 14 Mar 2012 16:13:34 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so2755964ghb.31 for <scim@ietf.org>; Wed, 14 Mar 2012 16:13:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=references:in-reply-to:mime-version:content-transfer-encoding :content-type:message-id:cc:x-mailer:from:subject:date:to :x-gm-message-state; bh=JvQEpQAmzpjZXGJLWt1lwNMPCu/MSkyiT+P6iJWzYPc=; b=TSUJMbmp1KJ+l1buAtn24ACtu74JRrmus/bnndA5ONckc4nMhqk9vOAZ67NFNNQSwO GAhGNVCN3fqfz6HfT3uGpbNaRpmULAA70+EtzjiKS3OEhOpCf/dyq4TtW5N9goYmWcqv ttMzKPEvy2Vd9Q/rHHLAwjHbdrcHbzcVHL1lsf0CikuEqkK/8PLMB9e8jp1tF5F6ta8y 7IS+5Np94XI2sw7nmpzUl1NQKyU6o8hbSOFuAJ5V17N+6W1C/H2kDYCPhs92OvldKO4W OKMMwOlZYukGNSXiw176dn78SHqAs6o9gvp4SgXcO07N/DeKV6KntfLAKmjTtHUsti2M nvkg==
Received: by 10.236.182.36 with SMTP id n24mr5306353yhm.111.1331766814238; Wed, 14 Mar 2012 16:13:34 -0700 (PDT)
Received: from [10.232.100.230] (158.sub-174-253-88.myvzw.com. [174.253.88.158]) by mx.google.com with ESMTPS id o1sm180090yhm.21.2012.03.14.16.13.32 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 14 Mar 2012 16:13:33 -0700 (PDT)
References: <4F612433.5060503@stpeter.im>
In-Reply-To: <4F612433.5060503@stpeter.im>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Message-Id: <612C3B6B-4098-4951-ACD6-BEA30B492F52@unboundid.com>
X-Mailer: iPhone Mail (9B179)
From: Trey Drake <trey.drake@unboundid.com>
Date: Wed, 14 Mar 2012 18:13:28 -0500
To: Peter Saint-Andre <stpeter@stpeter.im>
X-Gm-Message-State: ALoCoQmR3dvdI30Z0H7xkFVrMKfc/owEYx639VKbPvVc+F3NM9XlQ/8qeI/Ospy8Cv34h7lfQOuj
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Internet-Drafts
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 23:13:35 -0000

Peter,

It was on my todo list though I was under the impression changes to the exis=
ting specs were required. Given that's not the case I'll submit the core sch=
ema and protocol specs today "as is".

Thanks,
Trey




On Mar 14, 2012, at 6:05 PM, Peter Saint-Andre <stpeter@stpeter.im> wrote:

> Folks, it would really help avoid awkward and inevitable questions about
> change control and IPR confusion if the proponents could post
> Internet-Drafts before the BoF, at least for the scenarios doc, core
> schema, and protocol spec. Although the deadline for -00 I-Ds passed 10
> days ago, the submission window opens again on March 26 (three days
> before the BoF):
>=20
> http://datatracker.ietf.org/submit/
>=20
> Given that the SCIM specs at simplecloud.info are already in RFC format,
> it seems that submitting Internet-Drafts would not involve significant
> author frustration. They don't need to be polished, changed, or
> otherwise edited -- just submit them as-is so we can get them
> circulating among IETFers and show a good-faith effort to be upstanding
> citizens of the IETF community.
>=20
> Thanks in advance for your assistance.
>=20
> Peter
>=20
> --=20
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From stpeter@stpeter.im  Wed Mar 14 16:14:49 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89D2C21F8839 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:14:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.643
X-Spam-Level: 
X-Spam-Status: No, score=-102.643 tagged_above=-999 required=5 tests=[AWL=-0.044, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kESIGG4RXM7F for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:14:49 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 19C9921F8838 for <scim@ietf.org>; Wed, 14 Mar 2012 16:14:49 -0700 (PDT)
Received: from squire.local (unknown [72.163.0.129]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id F2F4040058; Wed, 14 Mar 2012 17:27:11 -0600 (MDT)
Message-ID: <4F612668.4000403@stpeter.im>
Date: Wed, 14 Mar 2012 17:14:48 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Trey Drake <trey.drake@unboundid.com>
References: <4F612433.5060503@stpeter.im> <612C3B6B-4098-4951-ACD6-BEA30B492F52@unboundid.com>
In-Reply-To: <612C3B6B-4098-4951-ACD6-BEA30B492F52@unboundid.com>
X-Enigmail-Version: 1.3.5
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Internet-Drafts
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 23:14:49 -0000

On 3/14/12 5:13 PM, Trey Drake wrote:
> Peter,
> 
> It was on my todo list though I was under the impression changes to the existing specs were required. Given that's not the case I'll submit the core schema and protocol specs today "as is".

Hi Trey,

That's great. You won't be able to submit them until March 26th, so you
have time to fix up a few things if you please, but don't feel that it's
necessary. :)

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From charliemortimore@gmail.com  Wed Mar 14 16:35:22 2012
Return-Path: <charliemortimore@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D20D311E808C for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:35:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.203
X-Spam-Level: 
X-Spam-Status: No, score=-2.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6oreJJBduX3i for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:35:22 -0700 (PDT)
Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by ietfa.amsl.com (Postfix) with ESMTP id 25B0B11E808A for <scim@ietf.org>; Wed, 14 Mar 2012 16:35:22 -0700 (PDT)
Received: by dald2 with SMTP id d2so4877132dal.27 for <scim@ietf.org>; Wed, 14 Mar 2012 16:35:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:in-reply-to:mime-version:content-transfer-encoding :content-type:message-id:cc:x-mailer:from:subject:date:to; bh=oavffSvMirgkK36keYfYYM3A2hJYDFkSQoPpGt8V7Q4=; b=BfY+7Vfe9fCTIBfBvaagn0u3dnn+aHd0KsHzDtSndR8/VTQl6pEg+E8vEqAtANC+GQ +nJANUu6fZUVgVFvxVz9J133Mm9HUVm1n/3iC2wGiN6/9DvuCG3YSlKq/XJmNKm1mxXj 1HRtzPqGgPTE/CU/vk2G2/DYV19eumlg2lSt/gOy2Dv/LKECjfSQ8tsX8GA/vCM46wpM p2nAQaYYySpPg9S1eOuijqfQ2Q4/yvYwbkKQjuJSsiuSTzNnGC2PoLsaMQbanomt0lPH vtUGCJPwijS/J0By9zq9Z2pV/5KUpQ18SoxQNr4kUaumPB3nLvyNR8K1+6LA3+XrYgiT QyCw==
Received: by 10.68.72.138 with SMTP id d10mr32618pbv.15.1331768121938; Wed, 14 Mar 2012 16:35:21 -0700 (PDT)
Received: from [10.39.133.223] ([166.205.138.76]) by mx.google.com with ESMTPS id j4sm424194pbg.31.2012.03.14.16.35.19 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 14 Mar 2012 16:35:20 -0700 (PDT)
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com>
In-Reply-To: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Message-Id: <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com>
X-Mailer: iPhone Mail (9B179)
From: Charliemortimore <charliemortimore@gmail.com>
Date: Wed, 14 Mar 2012 16:35:15 -0700
To: Phil Hunt <phil.hunt@oracle.com>
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 23:35:22 -0000

Hey Phil - good, thoughtful writeup.  =20

I agree the notion of gateways/hubs are a reality.  Not yet convinced the cl=
ient needs to ( or even should have ) knowledge/power over the routing decis=
ions, at least in v1.   Look forward to discussion and evolving my thinking o=
n this. =20

- cmort

On Mar 14, 2012, at 2:44 PM, Phil Hunt <phil.hunt@oracle.com> wrote:

> In previous emails, I promised more thoughts on the Gateway/targeting issu=
e. In order to support the scope discussion, I put a bunch of thoughts toget=
her on areas the WG might consider on my blog at:
> http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.=
html
>=20
> I'm still planning to post more info to the list on the specific issue of "=
gatewayed" provisioning (aka targeting).
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From phil.hunt@oracle.com  Wed Mar 14 16:45:39 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADBF311E8086 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:45:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.147
X-Spam-Level: 
X-Spam-Status: No, score=-10.147 tagged_above=-999 required=5 tests=[AWL=0.136, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Og7Y4qq8Ix9E for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:45:37 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 5132B11E8083 for <scim@ietf.org>; Wed, 14 Mar 2012 16:45:37 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2ENjZ3M001574 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 14 Mar 2012 23:45:36 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2ENjYVp028697 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Mar 2012 23:45:35 GMT
Received: from abhmt103.oracle.com (abhmt103.oracle.com [141.146.116.55]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2ENjYOB024913; Wed, 14 Mar 2012 18:45:34 -0500
Received: from [192.168.1.8] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 14 Mar 2012 16:45:30 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_3D9870EF-2914-41EE-B57C-22F60E935046"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <4F611BA2.3050201@stpeter.im>
Date: Wed, 14 Mar 2012 16:45:34 -0700
Message-Id: <B289E824-5226-4986-925C-433E382DE57A@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <4F611BA2.3050201@stpeter.im>
To: Peter Saint-Andre <stpeter@stpeter.im>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
X-Auth-Type: Internal IP
X-CT-RefId: str=0001.0A090203.4F612DA0.006B,ss=1,re=-15.000,fgs=0
Cc: scim@ietf.org
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 23:45:39 -0000

--Apple-Mail=_3D9870EF-2914-41EE-B57C-22F60E935046
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

Cross posting as requested...

SCIM - What Should A New SCIM WG Address?
In my last blog post, I mentioned that SCIM 1.0 defines as a simple =
provisioning API for cloud application service providers. SCIM is =
architecturally oriented as a connector API specification in a hub and =
spoke architecture typically with an enterprise provisioning system at =
the hub and a cloud application service provider being a spoke. Other =
variations could include provisioning for on-premsise SaaS applications =
as well as directory synchronization. For each cloud application, the =
enterprise IDM hub should be able to just invoke the SCIM RESTful API of =
a target application's SCIM provisioning end-point.


But is SCIM about to repeat much of the history of SPML? Has it =
corrected some miss-steps? Yes, definitely. Is that enough? Let's look =
at some of the historical issues that will be of relevance to the =
evolution of SCIM. Just to be clear, my comments are not to suggest that =
SCIM adopt SPML features. My comments are intended so that SCIM learn =
from SPML's history.

The Value Problem

SPML 1 was very much like SCIM 1.0 is now. A simple API that supported =
basic CRUD operations. When SPML 1 was developed, the proposed value =
proposition was that provisioning would be made easier if applications =
would adopt a standard IDM protocol, then provisioning of enterprise =
applications would become easier. The value to application developers =
was that simpler, standardized management API would not be specific to =
individual IDM vendors and could inter-operate with any IDM provisioning =
product.

=46rom the enterprise perspective SPML 1 made a lot of sense since it =
would make all applications provision the same way. They could pick and =
choose the IDM product they wanted to use. More importantly, enterprises =
would not have to pay for custom coding when attempting to provision to =
proprietary APIs of applications.

SPML 1 was somewhat successful, but before it could be broadly adopted, =
several new requirements emerged and SPML 2 was defined (though SPML 1 =
remains dominant).  SPML 2 introduced many new features such as
	=95 the clean separation of payload from protocol;=20
	=95 the introduction of new common IDM operations (e.g. password =
operations);
	=95 a formalized DSML/XSD profile;
	=95 targeting - the ability to provision accounts through a =
gateway; and,
	=95 an extension mechanism for registering capabilities so that =
contributed capabilities could be made inter-operable.
Yet application vendors wanted more: they wanted standard schema =
conventions, they wanted a standard that enabled them not to have to =
introduce individual IDM vendor dependencies. If they could write one =
SPML provider once and be done with it, their costs would go down.

Many idM vendors were concerned that SPMLv2 had gone too far. In the =
end, it was either perceived complexity or the basic value proposition =
was not enough for SPML to succeed.

Has SCIM moved the ball forwards? On one important point, the answer is =
yes. SCIM has put forward a well defined schema with clear definition of =
attributes and their use or meaning. The RESTful style of SCIM keeps =
schema cleanly separated.

The Information Semantics Fidelity Trade-off

IDM Provisioning product developers have always faced an engineering =
trade-off. Would a standardized provisioning protocol/API lower =
development costs? Each application is unique, therefore each unique =
application APIs often has highly specific semantics and contextual =
meanings. While saving money initially by using a standardized SCIM or =
SPML API, does this mean a loss of "fidelity" or functionality? Do =
different systems treat the notion of person or user in the same way? =
What does delete person mean? In translating information semantics, is =
mapping intelligence in the hub or in the spoke or somewhere in-between? =
The engineering question is: should the provisioning system understand =
the true nature of the application, or should the application understand =
provisioning systems and behave like an identity store? In my =
experience, there's no clear answer. It depends on the nature of the =
application.

Does SCIM help in this regard? That is yet to be determined. The SCIM =
community will need to discuss issues like how to handle high level IDM =
operations like suspend vs. delete, password resets, federation and =
other deeply IDM specific issues and how they are operationally mated =
with a diverse application services API community.

The Gateway Problem


Corporations that are organized into divisions often end up with =
different independent IT organizations and outsourced providers -- =
especially after corporate re-organizations, acquisitions, and =
divestitures. In these cases, single-hub provisioning systems often =
become unpractical. While some may view this as rare situation, the =
whole idea of a cloud based apps hosted externally makes this situation =
de rigueur.

In these cases a key provisioning architecture element is the ability to =
support provisioning gateways and hub-to-hub provisioning. Gateways (or =
proxies) serve a dual purpose of both firewalling direct access to =
internal services and they serve to greatly simplify network complexity =
for inter-organization communication. As well as solving basic =
firewalling issues, gateways can also support mapping functions changing =
from a standardized provisioning protocol like SCIM into application =
specific connector protocols like CRM OnDemand who may or may not have =
built support for a protocol such as SCIM.

Since a gateway acts as a "proxy" to other connected SaaS services, SCIM =
needs the ability route or "target" operations to specific application =
end-points. SPML 2.0 and now RESTpml/SIMPLEST supports targeting. =
Targeting enables a provisioning "hub" to indicate to a provisioning =
"gateway" that particular person requires an account in a particular =
target system. In the diagram above, Alice, employee 1234 is to be =
provisioned into the "Finance" application.

SCIM with routing/targeting becomes a critical communication protocol =
for hub-to-hub and hub-to-gateway provisioning. Unlike SPML =
implementation of the past, inter-operability becomes a key requirement =
because in the world of cloud provisioning it is more likely that =
gateway and hub implementations will come from different provisioning =
product developers.

The Cloud Does Change Everything

SPML was built for a world where everything occurred inside an =
enterprise. But the requirements for cloud identity management are =
substantially different. Cloud based provisioning architecture must take =
into account:
	=95 Performance and Scalability =96 A lightweight HTTP protocol =
such as with REST/JSON is a cornerstone requirement when provision cloud =
environments with 100s of millions of users.
	=95 Firewall requirements =96 securely connecting directly to =
application APIs (standardized or not) will likely require some special =
sauce. It's not reasonable to expect all application end-points to be =
able to support this in the cloud.
	=95 Cloud Providers are often "hubs" themselves =96 since cloud =
providers offer more than one application service, cloud providers may =
behave more like "hubs" than spokes.
	=95 Cloud Providers With Value-Added Data =96 some cloud =
providers may have provisioning and identity management systems of their =
own. This suggests that cloud hubs may need to flow back to the =
enterprise.
	=95 Entitlement Reporting =96 A big requirement for provisioning =
these days with SOX is the need for entitlement reporting. Further, when =
you are paying an external cloud provider for services rendered, you =
want to make sure you are paying for the correct employees to use cloud =
services. A key component of provisioning systems need to report back =
available rights of all users from all applications, especially through =
cloud "hubs".
	=95 Inter-operability =96 no longer can we assume hubs and =
gateways are provided by a single vendor. Cloud-based provisioning will =
almost always be multi-vendor based.
What Should The New SCIM WG Address?

The main success of SCIM has been a standardized schema. It defines the =
attributes and says what each means -- something that application =
vendors always wanted. This is goodness. Yet, there are some gaps when =
you start to consider the overall provisioning system that will emerge =
from SCIM's adoption.

A couple of scope items that the future IETF SCIM WG should be =
considering:

	=95 Routing or targeting =96 SCIM needs to have a way to handle =
updates through gateways and hub-to-hub relationships for supporting =
multi-service cloud providers.
	=95 Persons as distinct from Users =96 Currently SCIM combines =
these entities together in a simple form. The reality is that in the =
hub, persons hold multiple user accounts. Is a change needed to SCIM =
schema to support managing the relationships between persons and their =
user accounts? This may not need change, but wider discussion is needed.
	=95 Peer relationships =96 Cloud providers with hubs may need to =
be able to flow updates back to client hubs.
	=95 Reporting =96 attestation is a key component of =
provisioning. Not only will clients want to be able to reconcile what =
cloud providers are charging for, but clients also still have =
requirements driven by Sarbanes-Oxley. SPML's approach was burdensome. =
Could SCIM support the ability for a client "hub" to get the information =
it needs to accomplish this in a lightweight way in the spirit of SCIM?

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-14, at 3:28 PM, Peter Saint-Andre wrote:

> <hat type=3D'AD'/>
>=20
> On 3/14/12 3:44 PM, Phil Hunt wrote:
>> In previous emails, I promised more thoughts on the Gateway/targeting
>> issue. In order to support the scope discussion, I put a bunch of
>> thoughts together on areas the WG might consider on my blog at:=20
>> =
http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.=
html
>=20
> Hi Phil,
>=20
> I really do hate to be a stickler, but I don't think that the IETF can
> consider your blog post to be an "IETF Contribution" in accordance =
with
> the Note Well rules <http://www.ietf.org/about/note-well.html> -- I
> realize that you put time and energy into those nice graphics, but =
could
> we trouble you to at least post the text of your comments to this
> mailing list? It really is for your own good. :)
>=20
> Thanks!
>=20
> Peter
>=20
> --=20
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_3D9870EF-2914-41EE-B57C-22F60E935046
Content-Type: multipart/related;
	type="text/html";
	boundary="Apple-Mail=_BE84597E-BC04-4923-95E9-9FC8306A0003"


--Apple-Mail=_BE84597E-BC04-4923-95E9-9FC8306A0003
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><div>Cross posting as requested...</div><div><div><br></div><div>SCIM =
- What Should A New SCIM WG Address?<br>In my last blog post, I =
mentioned that&nbsp;SCIM 1.0&nbsp;defines as a simple provisioning API =
for cloud&nbsp;application service providers. SCIM is architecturally =
oriented as a connector API specification&nbsp;in a hub and spoke =
architecture typically with an enterprise provisioning system at the =
hub&nbsp;and a cloud application service provider being a spoke. Other =
variations could include&nbsp;provisioning for on-premsise SaaS =
applications as well as directory synchronization. For each&nbsp;cloud =
application, the enterprise IDM hub should be able to just invoke the =
SCIM RESTful API&nbsp;of a target application's SCIM provisioning =
end-point.<br><img border=3D"0" height=3D"235" width=3D"320" =
style=3D"border-top-style: solid; border-right-style: solid; =
border-bottom-style: solid; border-left-style: solid; border-width: =
initial; border-color: initial; position: relative; padding-top: 5px; =
padding-right: 5px; padding-bottom: 5px; padding-left: 5px; =
background-image: initial; background-attachment: initial; =
background-origin: initial; background-clip: initial; background-color: =
rgb(255, 255, 255); border-top-width: 1px; border-right-width: 1px; =
border-bottom-width: 1px; border-left-width: 1px; border-top-color: =
rgb(238, 238, 238); border-right-color: rgb(238, 238, 238); =
border-bottom-color: rgb(238, 238, 238); border-left-color: rgb(238, =
238, 238); -webkit-box-shadow: rgba(0, 0, 0, 0.0976563) 1px 1px 5px; =
box-shadow: rgba(0, 0, 0, 0.0976563) 1px 1px 5px; background-position: =
initial initial; background-repeat: initial initial; " =
id=3D"f9ca4d31-3db9-43f8-ac87-08bb6fe1231f" apple-width=3D"yes" =
apple-height=3D"yes" =
src=3D"cid:7381D378-2F20-40A7-ACEA-AC25E6277874@vc.shawcable.net"><br><br>=
But is SCIM about to repeat much of the history of SPML? Has it =
corrected some miss-steps?&nbsp;Yes, definitely. Is that enough? Let's =
look at some of the historical issues that will be of&nbsp;relevance to =
the evolution of SCIM. Just to be clear, my comments =
are&nbsp;not&nbsp;to suggest that&nbsp;SCIM adopt SPML features. My =
comments are intended so that SCIM learn from SPML's history.<br><br>The =
Value Problem<br><br>SPML 1 was very much like SCIM 1.0 is now. A simple =
API that supported basic CRUD&nbsp;operations. When SPML 1 was =
developed, the proposed value proposition was that&nbsp;provisioning =
would be made easier if applications would adopt a standard IDM =
protocol, then&nbsp;provisioning of enterprise applications would become =
easier. The value to application&nbsp;developers was that simpler, =
standardized management API would not be specific to&nbsp;individual IDM =
vendors and could inter-operate with any IDM provisioning =
product.<br><br>=46rom the enterprise perspective SPML 1 made a lot of =
sense since it would make all&nbsp;applications provision the same way. =
They could pick and choose the IDM product they&nbsp;wanted to use. More =
importantly, enterprises would not have to pay for custom coding =
when&nbsp;attempting to provision to proprietary APIs of =
applications.<br><br>SPML 1 was somewhat successful, but before it could =
be broadly adopted, several new&nbsp;requirements emerged and SPML 2 was =
defined (though SPML 1 remains dominant). &nbsp;SPML 2&nbsp;introduced =
many new features such as<br><div><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>=95 the clean separation of =
payload from protocol;&nbsp;<br></div><div><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>=95 the introduction of new =
common IDM operations (e.g. password operations);<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 a =
formalized DSML/XSD profile;<br></div><div><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>=95 targeting - the ability to =
provision accounts through a gateway; and,<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 an =
extension mechanism for registering capabilities so that =
contributed&nbsp;capabilities could be made inter-operable.<br></div>Yet =
application vendors wanted more: they wanted standard schema =
conventions, they&nbsp;wanted a standard that enabled them not to have =
to introduce individual IDM vendor&nbsp;dependencies. If they could =
write one SPML provider once and be done with it, their costs&nbsp;would =
go down.<br><br>Many idM vendors were concerned that SPMLv2 had gone too =
far. In the end, it was either&nbsp;perceived complexity or the basic =
value proposition was not enough for SPML to succeed.<br><br>Has SCIM =
moved the ball forwards? On one important point, the answer is yes. SCIM =
has put&nbsp;forward a well defined schema with clear definition of =
attributes and their use or meaning.&nbsp;The RESTful style of SCIM =
keeps schema cleanly separated.<br><br>The Information Semantics =
Fidelity Trade-off<br><br>IDM Provisioning product developers have =
always faced an engineering trade-off. Would a&nbsp;standardized =
provisioning protocol/API lower development costs? Each application is =
unique,&nbsp;therefore each unique application APIs often has highly =
specific semantics and contextual&nbsp;meanings. While saving money =
initially by using a standardized SCIM or SPML API, does this&nbsp;mean =
a loss of "fidelity" or functionality? Do different systems treat the =
notion of person or&nbsp;user in the same way? What does delete person =
mean? In translating information semantics,&nbsp;is mapping intelligence =
in the hub or in the spoke or somewhere in-between? The&nbsp;engineering =
question is: should the provisioning system understand the true nature =
of the&nbsp;application, or should the application understand =
provisioning systems and behave like an&nbsp;identity store? In my =
experience, there's no clear answer. It depends on the nature of =
the&nbsp;application.<br><br>Does SCIM help in this regard? That is yet =
to be determined. The SCIM community will need&nbsp;to discuss issues =
like how to handle high level IDM operations like suspend vs. =
delete,&nbsp;password resets, federation and other deeply IDM specific =
issues and how they are&nbsp;operationally mated with a diverse =
application services API community.<br><br>The Gateway =
Problem<br><br><img border=3D"0" height=3D"320" width=3D"275" =
style=3D"border-top-style: solid; border-right-style: solid; =
border-bottom-style: solid; border-left-style: solid; border-width: =
initial; border-color: initial; position: relative; padding-top: 5px; =
padding-right: 5px; padding-bottom: 5px; padding-left: 5px; =
background-image: initial; background-attachment: initial; =
background-origin: initial; background-clip: initial; background-color: =
rgb(255, 255, 255); border-top-width: 1px; border-right-width: 1px; =
border-bottom-width: 1px; border-left-width: 1px; border-top-color: =
rgb(238, 238, 238); border-right-color: rgb(238, 238, 238); =
border-bottom-color: rgb(238, 238, 238); border-left-color: rgb(238, =
238, 238); -webkit-box-shadow: rgba(0, 0, 0, 0.0976563) 1px 1px 5px; =
box-shadow: rgba(0, 0, 0, 0.0976563) 1px 1px 5px; background-position: =
initial initial; background-repeat: initial initial; " =
id=3D"45f25c37-f5d2-4c8b-8e30-55cf183be430" apple-width=3D"yes" =
apple-height=3D"yes" =
src=3D"cid:87A5BEA9-9661-45AF-A644-32818B7C79BE@vc.shawcable.net"></div><d=
iv>Corporations that are organized into&nbsp;divisions often end up with =
different&nbsp;independent IT organizations and&nbsp;outsourced =
providers -- especially after&nbsp;corporate re-organizations, =
acquisitions,&nbsp;and divestitures. In these cases, single-hub =
provisioning systems often become&nbsp;unpractical. While some may view =
this as&nbsp;rare situation, the whole idea of a cloud&nbsp;based apps =
hosted externally makes this&nbsp;situation de rigueur.<br><br>In these =
cases a key provisioning&nbsp;architecture element is the ability =
to&nbsp;support provisioning gateways and hub-to-hub provisioning. =
Gateways (or&nbsp;proxies) serve a dual purpose of both&nbsp;firewalling =
direct access to internal&nbsp;services and they serve to greatly =
simplify&nbsp;network complexity for inter-organization communication. =
As well as solving basic firewalling issues, gateways can =
also&nbsp;support mapping functions changing from a standardized =
provisioning protocol like SCIM into&nbsp;application specific connector =
protocols like CRM OnDemand who may or may not have built&nbsp;support =
for a protocol such as SCIM.<br><br>Since a gateway acts as a "proxy" to =
other connected SaaS services, SCIM needs the ability&nbsp;route or =
"target" operations to specific application end-points. SPML 2.0 and =
now&nbsp;RESTpml/SIMPLEST supports targeting. Targeting enables a =
provisioning "hub" to indicate to&nbsp;a provisioning "gateway" that =
particular person requires an account in a particular =
target&nbsp;system. In the diagram above, Alice, employee 1234 is to be =
provisioned into the "Finance"&nbsp;application.<br><br>SCIM with =
routing/targeting becomes a critical communication protocol for =
hub-to-hub and&nbsp;hub-to-gateway provisioning. Unlike SPML =
implementation of the past, inter-operability&nbsp;becomes a key =
requirement because in the world of cloud provisioning it is more likely =
that&nbsp;gateway and hub implementations will come from different =
provisioning product developers.<br><br>The Cloud Does Change =
Everything<br><br>SPML was built for a world where everything occurred =
inside an enterprise. But the&nbsp;requirements for cloud identity =
management are substantially different. Cloud based&nbsp;provisioning =
architecture must take into account:<br><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 =
Performance and Scalability =96 A lightweight HTTP protocol such as =
with&nbsp;REST/JSON is a cornerstone requirement when provision cloud =
environments with&nbsp;100s of millions of users.<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 =
Firewall requirements =96 securely connecting directly to application =
APIs&nbsp;(standardized or not) will likely require some special sauce. =
It's not reasonable to&nbsp;expect&nbsp;all&nbsp;application end-points =
to be able to support this in the cloud.<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 Cloud =
Providers are often "hubs" themselves =96 since cloud providers offer =
more&nbsp;than one application service, cloud providers may behave more =
like "hubs" than&nbsp;spokes.<br></div><div><span class=3D"Apple-tab-span"=
 style=3D"white-space:pre">	</span>=95 Cloud Providers With =
Value-Added Data =96 some cloud providers may have&nbsp;provisioning and =
identity management systems of their own. This suggests that&nbsp;cloud =
hubs may need to flow back to the enterprise.<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 =
Entitlement Reporting =96 A big requirement for provisioning these days =
with SOX is&nbsp;the need for entitlement reporting. Further, when you =
are paying an external&nbsp;cloud provider for services rendered, you =
want to make sure you are paying for&nbsp;the correct employees to use =
cloud services. A key component of provisioning&nbsp;systems need to =
report back available rights of all users from all =
applications,&nbsp;especially through cloud "hubs".<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 =
Inter-operability =96 no longer can we assume hubs and gateways are =
provided by a&nbsp;single vendor. Cloud-based provisioning will almost =
always be multi-vendor based.<br></div>What Should The New SCIM WG =
Address?<br><br>The main success of SCIM has been a standardized schema. =
It defines the attributes and says&nbsp;what each means -- something =
that application vendors always wanted. This is goodness.&nbsp;Yet, =
there are some gaps when you start to consider the overall provisioning =
system that will&nbsp;emerge from SCIM's adoption.<br><br>A couple of =
scope items that the future IETF SCIM WG should be =
considering:<br><br><div><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>=95 Routing or targeting =96 SCIM =
needs to have a way to handle updates through&nbsp;gateways and =
hub-to-hub relationships for supporting multi-service =
cloud&nbsp;providers.<br></div><div><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>=95 Persons as distinct from =
Users =96 Currently SCIM combines these entities together in&nbsp;a =
simple form. The reality is that in the hub, persons hold multiple user =
accounts.&nbsp;Is a change needed to SCIM schema to support managing the =
relationships&nbsp;between persons and their user accounts? This may not =
need change, but wider&nbsp;discussion is needed.<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 Peer =
relationships =96 Cloud providers with hubs may need to be able to =
flow&nbsp;updates back to client hubs.<br></div><div><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>=95 =
Reporting =96 attestation is a key component of provisioning. Not only =
will clients&nbsp;want to be able to reconcile what cloud providers are =
charging for, but clients&nbsp;also still have requirements driven by =
Sarbanes-Oxley. SPML's approach was&nbsp;burdensome. Could SCIM support =
the ability for a client "hub" to get the&nbsp;information it needs to =
accomplish this in a lightweight way in the spirit of =
SCIM?<br></div><br></div><div><div =
apple-content-edited=3D"true">Phil<br><br>@independentid<br><a =
href=3D"http://www.independentid.com">www.independentid.com</a><br>phil.hu=
nt@oracle.com<br><br><br><br><br></div><br><div><div>On 2012-03-14, at =
3:28 PM, Peter Saint-Andre wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><div>&lt;hat=
 type=3D'AD'/&gt;<br><br>On 3/14/12 3:44 PM, Phil Hunt =
wrote:<br><blockquote type=3D"cite">In previous emails, I promised more =
thoughts on the Gateway/targeting<br></blockquote><blockquote =
type=3D"cite">issue. In order to support the scope discussion, I put a =
bunch of<br></blockquote><blockquote type=3D"cite">thoughts together on =
areas the WG might consider on my blog at: <br></blockquote><blockquote =
type=3D"cite"><a =
href=3D"http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-=
address.html">http://www.independentid.com/2012/03/scim-what-should-new-sc=
im-wg-address.html</a><br></blockquote><br>Hi Phil,<br><br>I really do =
hate to be a stickler, but I don't think that the IETF can<br>consider =
your blog post to be an "IETF Contribution" in accordance with<br>the =
Note Well rules &lt;<a =
href=3D"http://www.ietf.org/about/note-well.html">http://www.ietf.org/abou=
t/note-well.html</a>&gt; -- I<br>realize that you put time and energy =
into those nice graphics, but could<br>we trouble you to at least post =
the text of your comments to this<br>mailing list? It really is for your =
own good. :)<br><br>Thanks!<br><br>Peter<br><br>-- <br>Peter =
Saint-Andre<br><a =
href=3D"https://stpeter.im/">https://stpeter.im/</a><br><br><br>__________=
_____________________________________<br>scim mailing =
list<br>scim@ietf.org<br>https://www.ietf.org/mailman/listinfo/scim<br></d=
iv></blockquote></div><br></div></div></body></html>=

--Apple-Mail=_BE84597E-BC04-4923-95E9-9FC8306A0003
Content-Transfer-Encoding: base64
Content-Disposition: inline;
	filename=Provisioning-Simple.png
Content-Type: image/png;
	name="Provisioning-Simple.png"
Content-Id: <7381D378-2F20-40A7-ACEA-AC25E6277874@vc.shawcable.net>

iVBORw0KGgoAAAANSUhEUgAAAUAAAADrCAYAAAAYPE8zAAAABHNCSVQICAgIfAhkiAAAIABJREFU
eJzsnXmcXUWZ979PnXPu0ns6+76H7FsnAUIgaTYVUURMEBFFhgmvOjOODuq842gSnZl31BlxGZ0J
ow4qKiYsIpsg2EnYFBIggQTIvnT2dKe3u59T9f5Rde5tIoyKAi79fJJP33vWOnV+9XvWqgt90id9
0id90id90id98ucl3hvdgD4hAHzAuP+CfS/mVVxL/Qbnifv/St//t2Nf6Z6B+6t/gzaeeu5v85we
tq88165X00fxdV7u3N92PLza99QnfdIn/Cq5BG9IK169qFO++6/z/fsUeJ/8TtIHoDdOBEt4TcAM
oAPoAaqAkUCn2x9QeU9prMWhqViOCfddgIFAxn2ucueFp9y3wZ1bdN9TQD2Qd9s1FQur0W0TLNlF
p1zLAEOBs92xB9x2v1fb6NW+VK97GGCQa69yx2sg6f7Hz9m7v0YBY4Fh7pxOtz3hzo/c9VO9zk/0
arfv9o1w5ybc//jZJgA512fpXteESn8n3baEa0un2x6/q973SlJREn2WYp/0iZOY0P4RuBW4AXgM
mIslsb99FdccAdwE1JyyPR6AMRl9Evh7KgR1NfClV7jmDViCjkVO+TsOuB34MnAH8A3soD9VXs6N
rgdWYwk5llMVcm8XvBH4ObAG+HfgEeDSV2j3y0l87cHAdVT6o7d8CBj9G15vCPA3vLwR8evCBn3y
ByKvt8vSJ3bARMBpwPlAM9Y6uBaYA+wCNmGJcAYwCWudbQKWAXcDW4D52ME8EUt8JXdOFmtBXgsc
xZIMVAZlGmtpxpZhNxYH/YHZwEPAVCxxFoFzgDdjCboFa+WkgS5guWvvx921bgCGY0ltrGv7Pa69
jcC7scT3fde2oVgLagaWwO8D3g9MBn4APOvaFmIt2k63Pwe8zd3/CWCae+a1wEJgMXAX8Lg77n6g
4Pr6IPCMe7Y3AUuwxPoz4EXghGvjB9yz/o87dy4wAJgC3AwcB55yxza5fUPd8SeB0107tgCtwHP8
bnHLPnkNpM8Ffv3FYPu9Bzsgr8QSxYPYgToPS14vALdgCeRK4AzgeayV0oIlkZ1YoroGuBe4AEuU
q4AN7rrnY0kthSXJBcDbsUR1NnAFdnCWgL8AbgOuwhJrAFwI/AT4NLAV2O+eI3LPcQ2WAPphLcA2
LHlVYYnms+6a/+zO6QT+yj3rAiwRfsa1/zIswawDPgH8EksmHtayvBxLXHVYInwOOAT82PXfPOCd
wJ3Ap4DtWCLTWML6HJYA3+6e7S+B7wLvdX37SSzpftydk3H9fTfWwt0D1ALvcG1b6frkFuBh4Dys
G30U+KJ7Bx8Cxrv3mOJXQxJ98gbKqUHsPnl9JMJadVdhB1ctliSWYa2bEtby2YIlk4ewLt/XsBbK
BKxFFrvPeaxFeAhLApPcNXJYay5JJZ7mY62+/diYXZvbX3DHJ6lYiEXgK1hCeRBrXS0D/huYhSWx
92OJ4e3AA1graLd7njVYEvioe+abgK8D7VjSTLvr3oO1ppZhLViNJYvZVBRGhCXZxcBbgSNYUu3v
2vctrEL5CpZM1wPTseQ9G2uRvYi1WOtdmz33TN8FdmDJeY7rp88B/+n64kysNfk9d/0kloTb3d9H
sZbfTdgxdQ7WovyBOz6Ot/bJH5j0ucCvvwRYclqCtcA+67bfhSWKG9x+RcX6SWEHYuwOxi5hD3Zw
BVgCK7jP7djBvANrJYZUMswKOzi/677nsS5kXMpSwLrScTIg5Y7z3L59WLfzKNYqvAv4vDvmDqyl
2kNFuaaxhJtwf3Ftz2JJ7fNYV/QWrMV1xN33VqyFh/uewJL2h13/9O7PLiqJlNjV11jCvN9d/xIs
+eaoWHcrsVbop9w5x7HkJu6Ykrtv3j27h42x5t3+yLUt6+5f65497Z4RLEH3GRp/oNL3Yl5/iV3H
F7DWx2rgg1gyWYsltFp3TD2VjGMaO9j6uWOGYwnz8+77M9hY2mNY4pyCtQpH9ron7joD3XcPa7EN
wrpyC1xb3o21vAZgEwZ/h42B3Y91/f4DS1TbgRtdO1ZiyeExbLb2KmwyZ457RsEmXz6DJZansDHM
f8a6pZ/GkuBMYAzW0uuhEjdT2DjiECzR1bvn8d19Ndaavh7rYi/EutKxyz4H2OzOj7DW4aexFnUW
S2pjgCfd/b6IDSX0uHc1CkuaGmv1xfcN3PvS7j2Mx1q/89zzvoeK9d0X//sDk75s1Rsj8aCuxVom
9VhrZz12UA3GWljDsW7bKOzgOobNvNZhB/kD2IH4E+zgnIqNYY101z2GJa0ud1/jrhVhSQeshdKI
tRYXuHO3UikxGYp1dzdgrcm4bKSIHdgzsJZsHuvOtmFjgY9gyeNxYK97xre6a96DLfuZDmxz15yG
JfGLXRsfcvtiSWBd/+d5KZH0wyZd9rhrn+X6Yb3rO8GSXhXWNa92/bodGx9tcs/2mGvPdqwV+A6s
wrkbS9hjXB/52EzxAWzi5qh7XztcX8au8UIs+V7g9v9fKqGGPumTP3t5Oev71ymk2IqbhLWq6l7F
NX6b9vy6a79cCKUBaxXO6bXt5dr0cttObcNv+yynHv+/nX/qvt9nQnA+Nv53HfBDbPwR+kJOfdIn
LxHBWgUJXjoLxDvlr6IyYD13/FBsfC5xyr74+OQp++i1rzfRSK/zAipFxXHxc1wv+EoEGe9PUimg
Hoq1buNpa/F94sLjU9srVMghbsPLEdIr1dz1bltcgNz7WHXKveLjez/vqe15pbbG14u3ySn74vc4
ApvUGdXrmn3SJ33SJ3/y8nJKp0/+AKVPK72yxJaC9Pr/SmJ6/Y+neb3W8moWH3i95A+5ba+XxNbz
qSUwf+i4+rOSPgK0Eq8yYt7ylrfIOz73Od3U1BSmt2GYCvt2uqN2wKBB9uOmTbBoEexLwOgJbr8L
2U+dir9s5Uq1de1atm3bFpdUhPQB+M9NYtdeLV261Jz/yU+aU3E1ESgW4dgxqK21Jx2rd9tPwVUu
R/D5u1ZKH65+f/LnSoAC+E3Ll/PJ81dHAweiWQLNIr3398cG9OuxmcM0FaIUbCbVYAGYx2Zhu7HZ
zTa3nTXGMBBYArJy5Upv1aq1CrZF/OrCAn3yxy8C+FOnTpWVK7dGAwcSnYIrsLjqh8VVFZVFF14O
VwVsJr0bm5U/QS9cLXUXXLlynb927YfVtm3bYkLsk99Q/twI0F++fLWsXr28JC8lu2nA5OFjxo0f
N3HaaQOHDBtRX9/Qr6qmvqG2pr4uWZWuTqVSKd/zPS8IEBGMMegoIgxLUbFYLOSymUw2092T6erq
6OnuOtl24ujRQ/v3bN+6+ck92PKRbdj6PIyxCnvasmWJbWvX9pHhH7/4y5cvl6FXrC6tan7JkJoK
TBk2avy4CadNnTRg0JCRtQ2N/WtqahtqahvqUlVVValUVcrzlO8FAaoXrqKwFBVLxUIuk8lkMpme
THdHZybT1d5+/OjxQ637tj+76Ze9cdUGFlfrgOuvuy7YdOONcaF2n/wv8udCgEFLizFLlhA64usP
nD1x6qwlU2bNO2vcxGmjx4yfWNc4aEiyX78B1Nf3wwt8lFL4nqc9LwiVEm0ExDh3QyEYjIBojDJh
5EU68rTW6Cgk09PDyZMn6Gw7Hh08sL97764X2nbv3L75qcfXP9Ld2b4BW69XbDGGH153Y3DjjdfF
Wr9P/ngkaGlpMetYEjri6wecNW7StOaZcxeeNXrCpDFjx59W33/w0FRDY3/q6vvhJxIoEXzfjzzl
aVFKi6AFMBpxUUGDQQwodKTCKPS1MUSlkFymh46TxznZ3qYPH9zfvW/nCyd2bH/hueeefPyRtrYj
G4CngVJLi+GH228MbryuD1f/m/ypE6DQ1ORv3LixNE/EB86YNnfBO2fOOeMdc05fPHrClOlqwOCh
BH6AH/gFHUa6WCpIWCqJibREJlJgBI0Yo8sBazFgxCBiEJQxAp6IEeVppZRWyjOBHxgv4RP4SUId
JsSguro6ONK6j+eeeTK/eeMvnn5+6+bbdz2/5SfA9o3GME+kr1D2j0MECDZuNMV580QB8ydPb7ps
xvwz3zH39LMnnjZ1JgMGD8fzA4LAL+pIR6VSQcJSUYyORGutjNFitHHZYSMgYEDEYDAoUQZAlBhR
SvvK0yLKeEHCBMmE8f1ATBQF2mgv093N4db9bN2ysfjMk49sfn7rM7ft3PrsPcBzDlcJbDF3X6zw
FPlTJsBgzRoTLlsmBjjvnAvetnz+2eddclbzW5KDh43E87xSqVDQxUJOwij0MEaJElGi8JQCUY7t
xBKdEYxUVHS8D2PsMVgXxIhYBa41WhuM0UYwxoiKEomkTqVTKD/wC/m8t2vHNh7/+QPHNj2+fu3j
G372P8AmY4yIyMstPvqbSu+awVPfrznlf5/89uIZY7SIGGDhwuaLPjz/rObLFp13cXLYqNFGKRVF
pTDM57MSRiVfjFEiIp6nUOJV8ISyRKes2yvYbYhYBUsvXNlv9rPWaK3RxhgBg0iUSCR1OpU24qlE
sVhUe3e9yCMt95/c+Oi62x9f/8CNwBNr1hhZtkzixMmrkd6Z61MlxtIfXab6T5UAA2NMSUT6jxw/
ecXlV3/oA81vvrRm0NDhhVyux+S6M57WpUD5PoHnI/HENBGM0fYtC4iIwRgRpYwxBhXHDQWrtLHe
CgiiDA6SoAzKCBosmhEEIdIaHYZoHWk/mS7V1NYY30v4B/bt9Fvuu/PYzd/66jeOtO7/gjEmJ9Zi
/XWuiwfI8uXL5YorVpvjSwiXAitX2v9lksbgwo6sdP/Xgjx4443+pk2b2HTjjTEh9sWM/ncJNm40
pXnzpH7EmAkrlr3/w9csuejS+qHDRxYL2azO9HR7WoeB5/l4vo9ycBBjlaKIhYgIiBaMAnrjCsCG
WSoYE2cVanHWoWAMIsp+FmMVbxiF6Cg0iUSqVF1Tp4NE4Lfu3+u3/PQnbT+86T9uOrB75ypjTPdv
i6umpuUcmtRUWrnkVFy5I419xpVUcLV15crg7sOHzR8Drv4UCTBYs8aUli2TaededNlN13zkU/Mm
TZtZyHZ1m3y2J4HnqUTgI6KM0RpjtCilDEaLiDJgRIkyosBoI6IsCZYJMiY0Y8oTegULzpeiQixH
Om2uRBkjFuyWDI2EpSIaotrahmIynfK3PPVEsPqGf1r38M/uvsYYs0dE4mWgXvJ8TU1NrN64Mepe
h25+adA9gc1c12Iz17VUlszPY7OJGezc4G56DYSWFkNtLd773jfN27Ztm+GlK670SYX8Jp517pu/
ufxjnz1n8sw5xXw2G2W6O1Oe70mQSBplQGPKAT0jRrzYTyi/Kuv5xuE+EfebAb31a+xrWNeCmBnL
UCRmQWN3Kc+gtdJAWCphtNE19fWFRDLtv/jc08E3vrjqkXUP/OQvVm8026+zbvuplqBPU5NsXL1R
dzcRnZK5TmCz1nVYXMWLQEClAqIHi6tOemHW4Updd908b9OmTfAHhqs/NQIMWowJm0VmvnXZ1bf9
7ae+ML6mti7T0X4s7QcJ5fm+wRhr5VmtbAkOIyIvoTO7HpIxeKpsHMaOL4Bzid1n99ceF8PTQdjY
PdYAs8RpwS5GKQ+tI7HaW0cDBg3JnTh6pOZfP/OxjfffeculxpiDUmHWREtLSzRoyZJwmr1hGhhW
W9swbcio0U0NjYMmDh85dlz/wYOHVFXXDaquqU0mkmk8zxdtNGEY6XwuQ6arK9PV1XG87eihA4da
9+zOdJ7cfvDg3k2FTGY7dvGE/L07DOlW/OZm8bCA/XMvavbXGKOXiUy68JLLb/voihumNjQ0Zk62
HUsHQUIpX6FEjIm0DXYoq0DRvXDlFB9iFWfs01orMQ6rxN6jlEdmxTkxTq/GmOqlbh3GHPhQojAY
KUUhOoqihn4D8l0d7dVfXHn91rtvvfnipWvM3rXLylhOtrS0RLkRS8KLJgrY6ZVDq2r7TR0xcmRT
XeOAySNGjhvTOHDIsOq6uoHV1bWpRKoKz/NEG0MURTqXzdDT2ZnLZnuOHjvSevBw655d3R2dO48e
2Lspm+16AYur3OqNhklNeM0VK/QNtwz/0AgwnlepYCpTp0J60SLDJrj44qHm7rsPS1OTXfI498gj
sm1bUWBnbGLL6MWL/X3r1/c767yL717xpW/PTSaT2WymqyqZTIOJLEyM1cRlQhObbhNRzvewB1go
SbnkJY7dOCyXmxtrcOPAab0ad7wxmDjGY5zXrAFPGbQWbUChjA39KMllexg4eGj3wQP7aj/xwSu/
v2XTL649Y+lS+diaNbmB68AR0vxJk2cumTRj1qJR4yY1jZ04ZcjIMRMZNHQ4QZBEROH5gUbEaDBG
G6NjN15rFUaRCkuh6Cgim8tw7NABWvfu5MCeHfsPte5+ZuezWzbs2bHlcWDjihWmOG0lfH7evGDT
pk1/zGUV8ewLBVMlxlUTtqA9xhZNr4Cr0Yv9ffvW18xbdN7tn/vq986urqnJ9nR2VqWq0gatHagA
YyT2e0XEYsy5sYguf5Y4TozYYgIBMRVWiy3AGIsYQ9mfppeCjTFl7PmWdbF7XNxaPEUhl5W6fo09
J0+cqLl++RU/efrJR5Y1Xbzc++Rdq3OAWWZjzk1jx09ZPG32vHNGjJswb9zEqUNHjh3PoKGjSAQJ
xPNQyjPi+ZGLQVrj0+EqirQqlUqidUQuk+XYkVZa9+1i/+4XDh7ev/fp3c9vfmTnC5sfAzYaY3Ir
18Hd17/xuHqjCVABqmn5clm+fHXUbzd66dKX+Aq/kRhjuO++nclBb5mg3z5mwj/901e++4mps+dn
248fqaquqdGlYkF5nqeNNkopsUpUDBIh4rk4ShmwzqVw5Nc7pisOnXEquBfeEaPKNTIVR9hagcaB
U9BWi1cSJ5acXNjbCxL0dHUxZPiIwg++/Q2+/u8rL2g/duwRERkCXHTRpVcsnblg4YLps+Y3jh53
GlU1NZEoL8xnc6ZQLJiwVPRCHaqoFCmttRLEaK3FhdiN1lrEU1qJp8XzIj8ItB8kxQuSKopKfk9P
j2rdvYNdzz/TsWPrM5vW3XvrPblM5+3AvhXGMG3tWm/ZsmXwh0+EZVz92xWrI0AvWfLqcLVzJ8lW
n3DZwhErPvfV73169vyzcu3Hj6TTVdVGR6FFSRwgUWJE47wKxKBRCKJ6O7XErnGZCO29pFwHaHns
1AQbdruLqtlkm8agMEZbC9RYt8Zo406xQWzfC8hmumXA4GHFe277gfnUR65+x4MPhj9tbpbBwJve
csnl75o1f9GZU2bOHTB24mSq6+ojJSos5HMmm8sThZGEuuRFYah0ZMQZESZy99FaiyjP4irwIt8L
TJBI4idSEpZKQTbbo1r37mDX889279j69MaW+267N9PZdgewa8UKA6zzV61qfkNihW8UAQbLly/n
/PNXl5YtLZv7ChtjmOh53uhEIjW0cdCQQY0DhzSk0tVVQeAHaKEY5ov5XCZz8tjxjvYTR04UwuJR
XSodx/7wTO1lV33wrk/8y1cHnTx2lFQq7WkdGnEoirW0uBCIGEd6lQKXStwFyuaiNRmpBKXtzjhv
9yvEVzYJqRCogfKPQxrDqcfbJItSFItF6hsai1u3PJW8dumF/1Yo5luXvve6D59z/kXjp81pUvX1
A8LIRMVMV7dXKOa9qBT6yvNQnp1IELvliBgxEGmDEYMx1pfXOhRtQGuD1powCgnDCM/zwyCZCpPp
aqOU8nu6OoI927exZePDBx6+//Yf73nh2f8CtrW0GJqb/2DLKoKm5cv57urVpTXAKvsiFTZuNcnz
vDF+IjWsccCQgY0DhzSkq9LVCT8ZRBiisFDMZTPZjpPHO9uPHDl+Cq5Sl733//zoYyv/bVKmpzvy
g8DXUUk85RltEGWzuTaZK4JCv0RZxp5BrE+Nc33tB+d4QBk3ZTyaitK1eFUuBl0xCrWpXDNWtqLE
mEiLRlDKKj6MMdV1DYXd219IXnnxWav9RGLzuW+55O8uuOjSMTPmLPDrG/pHxuhiT6ZH8rm8H4Ul
X/zAxawVqJiqbQOMFgwRRhRGg9aRGGMItQEdEYYRYaRRygv9RCJKV9dFopSf6e5M7N3xPJufWH9k
w323/XjP9mf/C9jc0mJovn5ewKZNr+vUvtebABPLV682TU3LS9fNE4AhnpecPm7y1DMGDx995rBR
E2YMGjFq4NCho1L9Bw0hVVVNMpHE932Up9wLtoXGYbFIsZDlZNtxjh3ar0+2HW/fu2dH9m1Lrxo+
ffYCr5DLGM/3BWOMUgqjtSgVa2DiCLTV0BJn3ox1hY0GpWwsRWtHiA7QZa0c23cuO+fItKy4TW/q
iwPYVosbrZ3vImg0YGNIAGFYIpFMm5Ntx/nBt79RXHzhW1Oz552F8lUh09NDPpsLDCjP8xFliyfQ
GI2xswi0xoigtRZj4qC53WcHis1o43rCWodGtAYdRZTCEiISBUEyTKSriCKTPHZ4P489eGf3ww/8
+Hs7n9v0FWD7ihajVlVihG+0JJYvX23OP395aZmNbQ0Cpo2fMvvMoSPHnjl05LgZg4aNHDx42KjU
wMHDSFdVkUglCbwAT3nuZRmiKKRUKlLKZ+loP8HRwweizo72kzufeyZ70buuGjLvzHOCfDZjRCkl
Yj0JTCRKec4jNSipkFaMGylbdfa7UoKJtLMMHZbisIsLEMa2YW8rUeM8YVdtEGPQiLE/bBy7wvY8
awmKTfBFxhjfD+jp7jQ3f/Nr0ZlLLgzmn7kYESnmc1mTzeV8o42nfN8pfYXRxmjHsBrr7WtTwRVu
m224MnGk27jyRiNGdAiRjmyW2hidSKRKyVS10Uanjh1p5fGH7s784ud3f3/rpke+BjzXYoxqltcP
V68XAfqLV6xg3cqVoYsKN886o/miMROmvnn8lFnTTpsxj8bBQ6iprkcELcaEokwURZHoKBJncxvQ
4nm+UUpQniLwfeOJUogJfM+XMCyRz2YEjInCEsrzxPc9o6NIPOXFeVyraKVi7VWMJsCA8izxRWFE
EPgVAizHZVRZUxuhHOMrA9oYZ4lJedobAjqyNVye58Wwj9MuBtEOOJaJDUg6XYV4qtTV0SlhFPqe
54sShSM7gxG00WitxdZY2LbYLKStMzNau3iS26djL0o7LQ5Uhi+RNoJYCzEqldBImEpXR4lU2m/d
t8trufuWY+vvueWrRw7s+Y8WYzqbbZHtG/WjP97y5cvV+atXl2yJG4umzll4yfipMy8Yd9qsWZNn
zmPA4OHU1NahFBptQhQR2hBGJRu90EaUslkwz1MozzOe5xtfKaXE+OJ5nokiU8hnicJSjAkRZV1N
pdRLvAZxCtXgrLx4GwblKaJIo7XFVcWDiDHo3lOskGObKwaaZT1XYaDLiTgdaoyx17cSl8iY+N07
tW39klRVNcrzSt0dnYRhMVBeIMqzrrQxYrTDkTFaIucpxIFzreMmaIxWDmsGo4kVb9nDiT0bELQx
YoxNLIalEogKE+l0lExXeYcP7PNb7vph24b7b/9a685tX2tpMe3Nza/PpIDXmgClqWm5v3Hj6pKr
P7rk7Isuv3r2/LObp88/u3rQsFEkUqliVCpGxXxGhfmCZ5TjN1EoJYhS5dKRcvLC4AAQv2pjlFKR
Uh6C8T3PMzU1teRzGdFRZIIgYTWXjvA85QBlG1iO4YnNnoGdi5kIEqSqquju7rJWgtGgBE8JOrLE
5SlLYkopRBRRFILWKN+zANIGUbYIwhiD5/skE0ly+RylsIQnvgWQlVjhO84Uoigk1JF4KsBTymgT
iY6smaGNEePAZoFpymRriN1sazEbR4jaOLBiXSfjPsfAdNcyWkcSEygihGFIGIa6qrahGKRS/rZN
j/v3/eibj6+/90efAR5cYYxy7ubrlS2Wpqbl/sUXry6tWiUA71j0lsveN2vBkvOmzT2rbuioMaRS
VYVSIW/CYp5iPucjRgkopTyUsrFbUQ5jZVfTuDitYON3xhhE+4FvxBgv8APS1TVke7pEBOP7PkZr
MSbC82xViNV72lGbK3sSixMdhaRTaYJEkp6ebjzPKVJHosZY7aSUsgTqsB+GITj8WILRiFIYbd+3
HwQkEgGZTAabWLNk5BSzwbP4tSyoiKLQlEqh8oMAJcpEWoslOWWMMRI5LyIm9iBIUSqVKBQLtm3a
WqzaEmY5C21xhPM4nJssOiZHgzFEcR0PQqhDwlKk09V1xWQ67b+wZZN//23ffvLB27/zj8ADi1es
8NevWhUvDvHaAOm1ujDgt7SY0NWpLZ579kWfuuCdV50zvWlhsqHfgFJYKoTZnm7f6ND3lBLfDywg
xKDEc/PPrFUlxLE4Z4eJQsRW0dvqeUSJYHSE8uxMjt0vbmP4qDHU1veju6OdZDqJ7wWEYWi1sXKa
Wht83yOKImf9eVRXV3Hs6CEOHzrIrFlNFAp5xFOgDZGO8D3rJkRRhOd5FHI5tNGkq6rwPI9isYjn
+SgllEollPIRBR3t7XScPMnQ4cNJV1dTLORRyie2Kkth6OhMUSoVKJVKVNXUGmMMhXxePM83nu9L
GIZobZxyUIQ6AhTGRFhtC7F7YgnOlLWyjknSxCRZAbEBo7V1xqzLY0Q761vEo1QsSKh1VN9/cD7T
01n98zu+33PTVz7z2bCY/+KaNUa5mQavdSDbb2kxUXOznYkx+4xzP3XhZR84d/r8RamGxoGlKCqF
ue4uX0ehr5QSP/DxPc+GGMQ6avHIll4EJXE1gPIsOVp/VDzPKrZEIkkhn+PAnh1MnDINEaGQyxIk
kvieRxSG9s31ih/7CY+wGFncKo+ammoOHthHR3s702fNJpfJ4gU+2pZB4fs+iBCFIUHgk8lkEIGq
6mosJoquwNriyvc8tIHOjnZOnuxg5KjRBIkY45W4dSksoZSdhVLI59DaUF1bY8JSRKFQkCARGM/3
KRZLsT8t2PlL5PN5jh4+SG1DPwYMGkY+mwGlXOxRUwmzCEYi4hmjsSV4WYsrAAAgAElEQVSowSlh
RcyUkbHjznaWolQsiNY6qq7vXyoUcqn196zp+dHqL3zp5PGD/7TCmNKql6+H/b3Ia/XD6Mk1xpQu
HisDRk+Y9q/L/s8/3LDsL68/bfzkmcZoHfZ0twdRWAw8z/eCwBff912ZvHZOphYxWkzsocbzzyjn
JGxJsjYWW2KMMRGe8ojCktz83182J44e5IlHfi6FfM7s3rFNps6YQ6a7k6qqNH4Q4CnB9wMwhrr6
gCce/TkH97cyq2k2m5/axLoH7qanq53HHm5h4TnnkenpIJFIkq6qRusQYzS+55GuquJg6z66OzsY
MXI4nSfb6NfYnzDME4UFqtJVKKXoPNnGN770L6ALbGh5kHETJtGvsR/FYgklEJaKpqamViKtTSqd
JJvpZvfOnYweO1YyPe3ys3vvMmPHTxIj1tpIpVMYA4VCHt8PCEslPvPRaxg2agyjxkwgl83iJ3wb
b1SqrOoqmUgDbupVJYhejgLE/Y2IMmKwlmgQaE8pL9vTlRDlFafPX+RPmrngzQf37Zq6+uvLH1pj
THbtqlU+r50lmGgxptQ8VhoHjxz3ucuu/btvXPGhT0+eOG2uNlqHPT0dflQsJDzf8wLfF98PjFJY
693hyogRm4DVZX0K9rNY7hfjsOV7nolKRdLpKo4ebuXW7/4nJ47uZ/OTT0hPd6c50rpfZs5uov34
MWrr6q1lqTx830eUoqZa8ej6n3Pi6FGaFszi0ZYWNj7WwvEj+9jy9NOcvmgxPV0dpJIp0ukqosgp
Z1HU1KTZvfNFolKJQUMG0tV5ksZ+AygW8mhdIp2uwvN9Wvfv4dvf+AqYPOse/CnTZzWRSqbQNjNB
ZCJqa+tMsViQ2tp6c6h1P+1txxg7brQc2L9f1j94n5k7/yzpPNkm1dU1BEEgWmsK+TzV1TV878Yv
09XZxrbNGykVCoydNJlCJovnexXXqXfCBsrEKy4sU3HbwDi2FE8wTsF6nofyPJXNZnyQ4tQ5Z/oT
ZzSd27p3+/TbP/iXD67eaDJ33/ja4Oo1IMDRqRWmo/BXIovPfvPlN1/98X99x/xzLiQslcJcpisA
/MAPbOxExIiN4Fsjw+bQRLlkhD2mF+tRsfoEY2uTLGAkDEtS19Aoj6+7n462E/LhT6yUfv0HkM30
SNuJY3ScOM4da79HqVCgdd8e8rks+3bvYO+u53mkZQMPtzzEkGFDaVrQxJann2bzpic4fdHZDB85
hkx3F7f94Lvs27OLKCzyw+98k+c2b6Kxf38OHdjHwy0/Y9jwEfzsvnv46b13kfB9tj27mZ/e9WM8
L+C0KZM5dPAgzz79JEvfvYxNT27i+JFDrPvZT1FKeODeO3luyzNy/MhhDh3YI6lUQn685ocycNAg
eXHrs9z+w+/TcfK41NY1cM/tt3Di6BEy3V18/1tfY/TYCYwYNZZnnniUtuNHQQuTp8+iUCjge74r
wXHgjDOM9PL7K4Vk5SyjDQkqd5i2b8Bleqzr72OM9ns6O9XYyTNz0+YunH3iaOvCL1995boVxrSv
fy1IcMKE5Jq2tuLFImecdeG7vvuBj/+/ZWe/+V1hWCrqbKYzEPB9zxPfD0wlrWoEWwMp4qpVlKiK
V2ExaHGFgHNFlQie3SdhqSANjQPkjh98S8aMmyiXX/0haWys4+D+nRKFwuGD+7n15m+hTcSOF54l
kUiyeeMv6Gg/zv0/uZvHNzzE2PETmTN3Go9ueIzdO7Zy+hkLGTJyPB1tR7jle9/mxIljdLQf5861
P2DLU08ycPAQdmx/no2/eIyBAwfz4E/v5d677qRfvwYef3gd6x68n3S6igmTJrB75w52bX+By6+8
nJafPUT78eM8su4BwHDXHWvZvf0Fnn/uGQmCgMOHDshjLQ9I/0FD5PFHHuaeO27BRJHU1tVzy02r
6enpou34UW656b+YMmM2Df3688BdtzJ5+ixa9+6mpq6eyTPmkM304Pk+duBW4o7O+Y4jlxgVBwOd
uxGrWBs3FzHKws5oMSLG4dXP9HTKiHFT8rPOaJ5x7NC+c1f/w5XrVhhz4rXA1e+ZACckYU9h/apV
11z+oX/8nyv/6jNjGhoH5bvajiZ8z/MDP4F4GBUnEbBVVOIMFAtMF5uxgRnnohhHhHE8EOduOIvd
89BhidqaWrY+8yR1DQ0sWDiHXK5EPptjz87nOdi6j49/7K/ZsG49O17cyrzTF3HyxFHuuPUW3r3s
MkYMHUymGDF12hyUeAwZMpRnNz9NR3s7j234Of0HDsTokOe3PseEiaM5c9E5PHjffWS6u6jv18Dj
G1qork7zqU9+jJYND/PsU09y2tRpbH32aRafdz4d7W08su5BDh8+wcJzzsHzFOnqGvKFImOHDWTi
pAk89vgvUAK7du6gvqEfO7c/z9HD+/irj3+SfXsO8PDP72X8xCl0d3eyb9cOxoyfyMLFF6B1xK03
/zeiFLu2b2Xu6YuoqqomjEKU51Uy2SKxpUc5M+0+lzOQIq4o1xEjYmNDGLFrAFRmUQWJFN0dJxKN
A4ZlZ57ePOHE0UPnf++qy+9fscK0rV+/KuD3BdYJE5Ls2FFYK7Lsndd8/Ob3/s3KSQOHjMh2HD+c
UqL8RBCAEpt7NAZsTkOU2ICyDfc5nzYOn1iqs8axVLBn44PiQiwKHUVUVVfxxIaHmDF3AWPGjyGM
NCeOH+bg/gNkM+18+PqPc/dtt3Fw/27OXnIhLz6/hUfXP8iVH7ia6poGRMGEyTNAPIaOGMHGX/6C
Qj7Luod+yrDhI8lleti1cztTps9gxpw5/PSuO1Ci8AOfXzy6nhEjR/LRDy/nx3f+mEOtBxg9ajQ7
d7zAOc2LOXjgIL98fANHj3Sw5Lw3k89nGDB4CG0nTnDGWQsYOXoCP7v3ThLJBHt27mDQ0GFs+Pn9
DBk2nHddcQ3PP7eFLU/9gtHjJnD86CEOH2rltGnTOH3RYjKZLJs3PUG/xn4YNGExYurMudbr8Fyc
W2IHLZa4bKziVlQcisp3wRVOxFlJEQsXA0GQlGxne1Db0D83Z9GbRp88ceSC71z5rnUtxhz9zqrf
I674vRLghCTsLFRV1fzfa//hy1+6+D0f8vO5Hl3MZ1PpdJXLeGrxRGFDe8YZdzHBKVu9qnBxPeNK
VOK4itPcrh/jCeRKrD0Yx16q62q4745bEKW480c3o12cTkch3d09ZLJ5+g8cxIG9O9m3exfV1TUo
X9i5czupdA0Lz2nioft/xp6d21m0+DweWfcAAwcNBjEMHDSEQYOHEIYhl7/7naz++jcYOXo0M2bP
Y++uHVTX1HDwwCF6MlkAEkGS0aPHMnP2TA4dOsyRg/v4yMf+lulzZ/HC1meprR1AfX09O3c+z9Ej
h5l3xmIymR42P/UkS6/4ANuee4aqqmpOtrfRum8P9Q2NiFIMGTqcVHU1NbX1zJk/jy1PbeSFrZt5
zweu5cjhQ/T0ZJg5dwFdndZt18ZUSM+JpbeKy2JjOJRnK5S1OBBbfiJShrzNFEcEqZTJZboTVdX1
2RkLFg8/cezQ2d/71rL71qwxJ9euXRWntX8XSa1oays87Hkf+cDHv/if7/yL65PFQi7KZ7tTyXTa
5Vc1Ks7tCyKmHNcTRElc/RRjqYy3WLEiiLIkqIyb8SPYkEpUIp2uplQq8NC9d1Aq9XD3rbeSTFTh
+9b6OXroMDoypKvStO7ZzaHW/QwYNJh8NseOF7bR0K+RhWfO5PYf3Up390lmzJnJLzZsYOiIEZSK
RYaNGEl1bS3pqjRve8db+c+vfIVZc2YzeuwEDrXup6amlv3796M1FIs5qmtrGDV6PFNmTGHPzr3k
slk+9vfXM27iRLY+u5UhQwbj+4p9e/exb/cuLrjoEp564lFEPBae08yOF56jtqae1gN7aDtxlMFD
hpPJ9DBy9FiSySQDBw9l9JgJFEtFHlv/M8ZNnEgYFmk/0cbpi5aQy2Tw/KAcT7Z55jh1rXgJH0Jl
u6s/QJR1hQFtEIMWO8fPLbFpDH4yZfLZnkQimcrNOvP8oW3HDp372SuX/nT1RnPi7ht/L7gCfn8E
mF6x4q+LmzY/+w/X/v2///N5l76/ePLYId/zvSAIAm2iSEQpXI5DPGWHmYgyItqSYJzlRRwJSgWY
YjW1whGeKAdkUCgQjed7RKUSDf36M3b8RJ596hkWn/9m5p15DgMGDmLqjLk8v20bZ597IXPmncGR
Q61MPG0Kb3n7Ozl65Dj9Bg7hzEWLKRVh7ISJdHV2sO3ZZ3jXFe/jnHPfxNHDBxk8eDiTp86kob6R
mvqBjBw9lpmz55FMp5g1dx4DBgziwKGDXPLOy+k/cCC5XA9nnrUEHYHnBwwbMZqq6n4UciF1dY2k
qqqYNWcuR4+1UVPXn7OXnE99fT0zZ8+joV8/Ro4Zz8TJ09izcydnnn0ui5ov5MSxI4yfNIVJk6dT
U1dLTV0j+WyWyTNmc9qM2QwbPpZUKk1NXT1xvL9cl9GrjALnAsagFGcTmbIrY6U8zcF9pddcGRvs
jiRIJE0+35OoqqnPTp59xqj9u7bN/I8brr61qWm5OXx40+8C1NTqjSb/6Ul1H73mE1+84eL3fLDU
fuyg7ysVBImE1lEo4sUBEUtwnhIjqmJYKOdySZz5Fatg49BKXAdKL3K0CTKFISLwAwq5DKPHTaS2
rp6dL+7k7Uvfw/hJkxk5aiyjxkzkhee28OZL3snE06Zz7Ngh5s4/k3OaL+DA/n2MGDWGuQvOpFAU
Jp42hSOHDnFg9z6WXXUN889YxLEjhzht8jSmTJtJXU09NbWNjB4zjlFjJpBKp5l/xkI85dF66Ajv
eNe7qaquIZ/Ps/DsZsDH8zyGDBtBOlVLNpunrr6BmtpaZs6ay97duxk0aDCLlpxHY/+BzG6aTzKZ
ZPqc+dTX19N27DhLLriIWXMXcOLYUaZOn8PYiZOpra0nXVWN0ZrGAQM43HqQxsbBvOWSZRSLRVvZ
gKWrWBm6AY2Jq/3LaFIuHoirQKgQpYmTm1bplmu5BUFHWvxEwhQK+UQikcrNWLB46L4d25q++en3
3cbSpSW2bfsdYFWRU7n61Ui6pcXkLr6k/1+/72P//NXzL31/vu3wgUSqqkowxmlZcTXGGhHfYCJR
zuz1lNXGVllrS2jgYn04AoxjgBrP+cuuUKBSa6XiqUQR6VQV1bU15HMZCvk8QZBAjKGuoZ6enh7C
UoH6hn7oUkQul6G2thZRkO3JEekSSoS6+np8T+jpzlAsFWls7Ec6DWEI2UyJTKaHZDJFWCziBwFR
FOL5PvV1VbSf7EYpRVVNNdmeDEEQYAyUSiWiMCwnJoJkgnyuQEN9vc3mdXYQJAJAEbnMnTZQU1dD
JpOnVMhRVVNHoVBw2WWPfD5HIkii0WR6siRTKbzAJ5/LAZ4rVbB9ZMBlhl2tlo3AgjEuc+yyd+Ay
wyauOXTHKLSJAOWm2BnAM5EORfkJnc/mVG2/Adm925+tuuEfrv3GV77wwl99fetKb/2qVa9mReJU
izH587zENR/4xBdufOt7riudOHwgSKaqPBvYi91YLdZl9Qy4YneHD4VCVDzlTFl8GXGxP1tHp5Sb
FaSsYrWLmFlcKeeuKRG0jqipqaOqKk13VyeRifCVh6egtq6ers5OBKirq6NQLFDM56irb0BrTT6X
QYe2dKW+vg7Pg66uHqIopKGhgUK+QBiW8D2fbDZDXX0DtXUe2Yymu7uHgYPqaEjAkc6QYjGirj7J
yfYMpUKRdE01CkUm2wOiCDwfBAqFIg39GogiQ8fJdtJVVYRRVC5/CryAVFWKnp4MpVKJmpo68rmc
qyiAYqmI0UIylSKRSqEjTVdXhyt8dhMStKskkLiER6HRtkzGKAy6MlMF4+5t76/jqgRtL6DR2BIs
I1prEIsrz0/oQi6vqusasodb91R96RPv+97+nduupqnJY9Om37lY+nclwMSKFlNc1SwXv+evV91y
2bWfUG1HDiRSqbQyRtt4igEjxsZgjJGY2JSLE3ixNnZWn439KQtu0WU3OD5GOcvQlsv0dpUpa/zI
/qYCfuCT8AMiQhQeYalEIgjwPKFUtERnywZKYCCRSLiaLEMpLNlSBs/DTyTo7uhg+4tbKBQKzJlz
OjX1DehIEwQe+VyOZDqNJ4rOrg7S6Sp83yeXy6F1xOGDrdTWNdB/wEDsrCKFpzxy+SxK+RQLBQyQ
SCRt27VGeQod2VBHsVhEeT5KeRRLRRegV7Yo1VNEYYgGV+ZTcuf7v1KnZZdmjQtVHYgR0KZyrOCK
p5XNJBqDxtYZQqV+EGyRaxiXzRiNeAG5TDf9h43K//zHN/v/+bmPXBkWsmt/wzXoTsVVaVWznHvp
Ndff/t6/+Wyy/dhBL0gkfBvGtPE5DOIpO81CjBFLip4lNwcYD1OJLQuO5HrFl+P4s9tu6wId9soJ
E41SilKphNERQZDAU5WyrFKxRCKVAAM6LOEFPr7ybPmJ2GoD5Qm4ImBjDIlEAiWKUrGA53s2jh1F
1NTUcPTIYZ785cNMmTqT8RNPY/PTmzjUuo/hI0cxZdos9u3excDBQ6ir70dr6z4SQYL+/QdSDEPs
lDmDEZ9iMQ8IyWSSYrFUNiTcKi5EUYTyfQTlMGbLqrTBDjY0pTByZTXgB8kygZXLqtx8ZLSd02SL
6yvF0NrVwNqaQJuQt2Roy2fKuMMV7dtEnNHaxiK0tjH+fDZLw6Bh+cfuvyN5wz9eu/zTxfy3VokE
/I4zRn4XF9hbscKYVR+QCYsvuer77/7gPw7sbj+ugkTg2+yuSzg6y9j2fZzJjavnpQw8mwlxLokL
TMeJjpjcBEF5xMkT57IoB2xTvpbv+yRSSTzlIQo88VCiSKWCct1XMpW0mSxlY3VBwnfXsdZk4Pmk
02mKxQKN/Rt4dP2DPP7IwwwZPIif/Pg2ms9fzIljR8hmcwwcNJBjRw5z/NgRho8YSRSF7Nm5nclT
xnHTjavZ9OQvmD5jFj/87jepb2igrraW3bt2MmDgIIyOSCQS+EGANnag2ZkioJSHKEUikSxnxBNB
0lkt2GJY15/WWrSDXSmvnOSt+K8VJ7astm3wppIRxsUFndYun+P2x6UzGsBoRzMqnvSC1hrfT0im
s0MmTG9SbUcPnn71uy9ds9SY7m2rfuO4jVq+fLV86W/mDV/4pnfd8t6PfHZ4tqfLeL4XKFEaUK54
WZSqrLUibq1FJb08BocdS2TuGUScVagq7zs+r6yExcWYTXk/CIEfkEwm3LuQctlLMpUsh2aSqQSe
eO5dJQgSQdkhVEqRSCQIEgncpCE71dOz5UpVVWmOHj7MN778BUaPHMH999yFn/C567a1TJkylccf
3UAmk+Hmm1bTcfIkbz3/bC6/9G3UN9SzYOEZdJzspKqqCu3qx4JEgO/7tmTLD1wM3ZK653kEiWR5
sYZEIkCUXx6XuDHn+R5BkMT3g3LhvMS4iQPy8RzPXljqFR2kDDxrDFW+S7xAhClv0jFluLUdLLdq
PD8huUyXjD1tJtnuztn//a633tfSYk585zurvN8QVy8r/qs9cfTi9wc33TSG0ZNm/sulH7h+nNZR
QZQkxfM0kbali8aIKM8IdmaBKKd1nbuLVALO1q7TZSIUlyV2JqRzYUx5AYNYlAvlW/KL92l0FC8z
HiNbo6PYlcbWXMWZZBNSiToa907tnGNciYTWmsD36Oxox1PCru07WfOD71JdXcegwUM4ePAApVKR
+acvpKe7h42/fJTnnp1PR0c7jY392bd3Nzu3v0C/xv7c+5Pb8X2fpVe8nyHDRlDI520tlCMn7QLF
EtevRWH8lGht22rjenbQW0PNVCbHu1VINK5/bYAM7arycZlQt3hIOSYjMUDjjFy5BzW2GsbNbnCp
EGUr/cuusGuvERHfaJ2/6N3XjXnm8Qf/dq3IJ7ELaP7aKXMjRoxIPnLywWjIqIkrL73m+tOUF+SN
zqWUHxijjXjKDiO3Srd1eY19/xYQjtyx8TxxMeK4lLSSAIkjVZXEWsUDid3o+Ji4vzQ6wuGS8nQ1
E0WWXAyEUYSI4GEL8w2WKC2G7XzrGHeCnSerXLF1TU09dzzSwqw5s3jfVe9lUfOb6OxsJ9KGIUMH
oBSEpZAhQ4bRduIYW3ceJF1dTX1DI6WiLejXRrt3KjbU4tpvTOTQbcouqTGRo47YVXV0JDZ8YH+h
zmAI6T3vHSPEszbjoWjXuVQYpd11DIh1i40ybqKyLUTXVE7WiN1mb4wnZUtS3IpLxhGuAXytTe78
S68es+2Zxz7c3CwfWbxihaxfterXweoVRf36Q15W0gs+fFN+3759Sy9+z4feOXTkuEKuuzMRJJLa
hCUlXhmc1vaNXdRy6Yv7a4MH9m9M4m48xkHq8ootrg/KoFXxwn69CdTEe23CRZWzgWVNV3alpexM
9yJPcZYOleOVu5dSJJMJJoweQbqqmu9+67+pr+/P2HETeG7LM8yaO59l734fj25oYcszG5k77wza
Txxn0mlTGTx0KMePHWXOvNOZMXsuEyZMJp2qor3tBIHv4dZBqFi2DhTxFKneAXxVbnMvTa16xUxR
xGsbVp6vV8+ItRIth2qnWKj80FOseCTW7OXJ9RbYZWuQ8vsCZeLFP7WOxE8kTK670x8+brJuftt7
3wOMW9FiSr8B3pIHDhzIv3j7nW97+1V/ffnoidML2a72pB/4bvqXYNBiqVpLPMUsXj6qgheLBYsj
U3FBYnPY4c7EHen8tbj/hRhWUsZYue/j/o4VuqpYjqLAU8qFKCqhnHK/i5veVq5vjctu7HVACAKf
UghVCcW+Pbs4dvQYWpd4fuvzHD10BIxm1OgxJJMp7ljzfeYtOJMoLOEp8CS+lm2n19sK7jVnOS71
KVu9sasvsUfl+s+FCJQLPVUME2w/m7iCxWUwJDZGKskNt0pc5Tg3dsHxgcQGR5wgkZcYksqUHRkT
BEnT09WeGDHhtHD+2W95DzCdJSvD3wBXryiv5kQ1tOliWbtMRiw475KPzjvv7fR0tkmQSEoUlexq
uG6NOzuH2lltFqLEq1eUwXaqy6KkTAimFwiNMuWONvE1y38rRBgnXYwxva5LBdjuJVtQG2eFxkrf
lEmT2EVyAPY9RUfHSfYeOIDyFIvPO498PkuxmGdO0zw8gUymm1GjxzBl+kx2797O9JmzreUV2thO
qVhg86YnSSSTtO7fy4ljR0gkfIw2vVx9R1sq9kNjyyXWqoqKJRNTXO9nrZRVxdaO/asr5GAovxM3
cbTcv2UX0bh3YXpdl7hspEKm1mXWzhu3Ss8YLQbjI6bYtOjCoQ2Ng9+9shlDZRn1lxNZ/P4VIiJD
Zp157kfmL7m4qrvzJH4QiBhb34I21i42uCBLrDzds77knZ/yrDEZlhUwFQz16jtjpLzdxJZhrGB7
vZ8Kdnp9p6KowVUzuPdm369yyTsDrr9jj8j3A7KZLIvOXsKOF7bx//7189x52y2U8j2MHD2OD33w
Wq583/vY/PTTNDYOYOiw4ezds4uZs+eQ6e4mmbSJmji5WI5vCihVGW9xjWPZaHCQsqVkFneq/JLd
WCBWqMYuixXXTjqyeglG4j4tK6QKkcbjy3rMYtfIjL2JXv1P3EbrEBoxCvvLoQalPBWFpdK8xRcN
GDBk1GXrm4WpU6e+ak9Wfv0hvyLpNcYUlon3kU9+9dZ/m3H64jDb2R4kEkkwEaI8RGuJNYsnNqsm
xmkmF3SOl6ZS9LJwcOumxfEaoHcMsBwfpEJoL5nL6UCHuJcSv6gyeF1mMAa2exFlrUUMHqy1E7vf
ShGW8uzfs4eeTIbJU6YyYMBAnnnqSTzfZ+So0ehIozy78EEUhby4bSuTpk6z09TCEokgQXcmQ09X
B50dnZTCIjNmzUWUV16xxZjIGlTxUkMuE2tX/4iDybEBY3rN560oDB0fA+Ukh/NMnWthKsFoOznd
3TvOxtlFHOIkSeRigSbSFoLaLaCAXRSinEW2b9PEWWdtQCmvqLVJfueGf1jfcuf33rbGmOwykVea
05lavKIlfOxf3/r+D674+o1nveldpfZjB5PpqipDpF3m1tkIYtfcQ+ziFFAZQDY2F5N0L0tfWTfY
LqtWcYk9FVvNFYu4fL6Kj1UV/DjFaHtAlRV2bH0rVQk5lLEax7gtrCuWlCMaZbDza6OQVDJFZ+dJ
nnlmM7NmzmLAoEYOHjxMXV0tpWKJSBsCz0MFHlHopn/qyBa+hyHxakGxFfWSBTKIs7DONRWNiRy2
4n3x6kEmTmLEi64al6jAVQbYCxqjHU7tBSJcQgNjr+2W+9Au+WG0qzzAZoLtIh6ube7eGoOJLM7j
ZAlGo1FaG5QRU0gkq4LV//SRpzfc/YPmlhaTaW6WV1Uc/Vsz59KPfpRlIiMWvvnyyyfNmC+FTMb4
QQLr2Ssb9/PELnjrguYCyEtClU5zxOCLC3VVbOwqp7UceTnAljVKZTAQM1lMdPH0nLL2i62AmAgr
dqhd8899JwY5MfhxbRRAk0ymmD23iSAQurqzdHaeZNaceWAMhWLexuKc22UEzl7STC6XI3LB7UIu
x6CB/Zk6aThxKfvRkwW6urpJplIOAOIysc6CoEJ8OCKqxLhMuSstQRlXg2qPsdazipdqwxiFmMj6
M9pYOoyVR0x41rO099COTHDEqyBeaw4BIlPW+LYl9gembJhCaQWqVMj7tf0HRSPHT5kMTDq5iU0O
c7+SEZ458wJv/arm+hmnn3fVrNPPVZmuDoJEEm0wXplztBD/xJArW6FsldpWKEA0iCeui3q7yGB/
h6D3ElauL51nEFdDVrAm5X4oexNgr2EcuVHJLtvrVuKOFreu7IbYoqpY6sQOHjaGVywWqK2r560X
v4me7hzZbJ6hQ4cShba8SyQmDY0kneLCxhBjBUwZ7zaCbZySckjB4LlpakJ5PS5t92mX/bW/CkYl
PGUt8PI1cbE6jGfj+W5pNeUUqtYulmVibywe2sb+Ip6xY7Bs2ySiqRoAACAASURBVBl3D3calW6x
ddPaZvp9zzPZfCaorm6QcVNmz9xw9w+mHD/OE9iE7m+9YMJvS4CpqXVnRir4jyWzzzx3dnVtfamz
7UgiSCRd92jl4Rn7C2sVF8mC9xQXzT2oOFfUiLIrdcTLhxswSipJDiqmu+2UOMYVu2Zuel3skrgV
ny1pOLMpvjES/6u4MvFnZwXasSHlBSiNNnR3ddoaKt/7/7S9d6AlVZUu/q1dVSff2OH27W46E2wy
Tc6goARBEJhxHvMQnQF+KOanMyYGR0fHCTqCKCYkCNqogDahCULDoCKgZGhyQ8fbN997YlXt9f7Y
a+2qizrTMO93ZrC77z2nTtXe317rW99ae20UiwXUpyfd4ghcBlbnDQAmJycRhiECY9BuNdHb14ft
Q5tx/TW/wCuvvIy+vn6848QT8Jbd98LIyDiCIIAuDJvbn6tFpNa3k0YOIfpPBqTMgn1IaBVe7oYE
YI4N6kKEGD8JZ6wbV1Gk4Xtdund6p8UCbh1/kIAaJGC1RCYAu7OBOvMWLpsTlUor+1bhkdwQ5V/F
vr5DU+DOgw845uRDKl096cTotqhUrjCnCcEYMDJMETS5ofIKgQNxwGpUOGN98F8qGBJ27/WuHPv3
CQTBkIpYmur2hpCdozDC9nSgXFiYC6u9sSOPR4Nc+KyOU0YlCkMkaYLhoVGEhQKiMETcjt24g90c
iQyiffqI3UYAVz/n5BprtR2bOk+jmhJEQoVz7a7TtDUQowSvkWZeQltpuUSa84/ueyHRknt+9uzQ
2TIlFhawbm5IGwoqfilb38ivIP8ZBqwll+60AAJrmAyz7SxcvHPBGLPPWWfR7+Bs2Rs2gG9IA5w1
67DokkvOqizZde+37bzHAcVOu8HGBK6hJEDG7xkVGqwZW9IwgL3hc646E6K9MSNZZF5zysDEmkQx
7MGkv0dOz/GMMAfumXqjGlS9NzWkOXEYLMkCgjEuw+r6rhVdeysLRFGEKAx8wiUwQBgaRMaFUUkS
o1Gfxqz+Pty25macdNyxuOXGH6Mxtg2PP/SfeM/pp+Bf/ulL6OnuRpokThZQPQTZ/bqxUBqkAMkx
n1xSyT9v7plmamM2Kw5WJ2SyMMQlD8jPlYZOGQOXaxvhXCxjL3PBFgQjjTAtjE0tz5q7gGYNLFh0
Zt4WzQRWYd26S8L+gYXvWLnf4VEcd+LASLM8eCLG/p7V4CgZJklysa5bzj2HOjcdS/KMELmkjzI+
jwfFXa5foFvr5D9rVH/2zlwca55xeg+S+7fMBcRYmtycg10ipVQuI5SaVBMCYWDc/lvL6HTaSJKO
lEkR2p0W4nbb2YokQavRALT3JeeeRyIuAKDc2pthhLxunJEC17RA7ps10pmJU+WX3in6ekr3edVF
s4Qnaz0p8slNacXhawOV84AZBu4wsTAM2aZpOnv+Iu7qnb30zdgyfb0RBmh2O2xXPPCLBxYt23Wf
g+YsXGobk6MmCAIwiJld5yG32yPw4qobSAtIY1ANASBZPe+ZNQxh1VbgBg45VugHXNrI54bcGwG1
D7ntTtkCUL1FJlb3nZAyyKz0gbUwVq4m/595+iyeB0AICDAmQrvdRprGmDWrH0CKWjHAL2+9Gx+5
8H247NJL8a7TTkepVEKapnjyqSdx+rtOA4jxqc9+Glu3jKFUrkhvOXhGYqwuPCl7YamXUiYNyoWp
QGYZpP+fhIpsxQhYZExSF7gY1NS6hIg6L19CIePq+0vLXLIYSh0auU1iAtyZGSmFhQKVSrV+AoUr
VqygF154IY8rWrzw8GDDyM1z9lh15JGz5+9E7VbdhGHE1loYY9jIGnGHPWaLEd7AOCPM5JJg6hgz
MDDgClOybKZGCCK1qJNWppTp0Jwlg4w0OqUMr/49ijO4nzmDLBjnrPjaG1v//ZkzdmPHAndRVY2B
CQw67RhJEqO3twfVikEnASbGp5DEFvMGZ8EmHUxMNlCpRqhWezA62kK700IURu5sDhI9zcAbMSNF
7kSZMdK1BJAUyMMbbGJGKk7Ih9DesAG5eM8zRvccWmbAPukGuGWdCpHx36+NW6UYndiFyPIe1z6K
yFhOUapUqVAq9wEgDA4Stmz5M6brz7/eiNUsYv0wYMzui3bZfUkYBKlN4jAwAZObNM6ycpkl8R4o
lzIn3eHBmRZDRkZEtybpulUP606PRD6rnH1Yvi5nJGRY4fUdebvm1bWcxIMS8AkUaM1hrnhWmaHf
T6qdqgmIggBsgcb0FLqqRew0vx9PPf4YvvyP/4Q77/kNvvQPn8MnP/lJ/OV7/gpjY2OYmprC8PZh
7L3X3rju+utw1feuwAvPPYfu7oprphoGMMowcmUdGcvNsw03eC6T517Z4tSsuPupT+7osPlx0g+T
jA18ssgL/9ChFJ7oP0v+Z7ovUevmABajBGZGCCCM4/j1DLC0pHdBAmDl0pWrFoaFQpqmcehNnLXk
tD9xSsTiwNx3GzV2kEym3L08jWBQ51olFHHEUkOozMb/n+rPatgJoIA9DtwaVCwLntRZ6X2QdZhh
k11PMQQtXofHlJbYaBd0AuDKfxj16ToqpRCL5vfhheeexsWf+0f88qY1KJUjdPf04AdXfBdvP/at
OP7oo/HWw4/Exz70IUxNjqMqiRHXaFj20AvEjQ//Id8n0YFfLI4UuJIal8hEPjJBRjiI2Gn8fkyy
OckiMvJzljFh15DCkCae2GmrhoFAtUZk36fmIRfJy2SHA9a+Hlc79HojDDB6cuu6oG/O4FsW77xH
waZpC0QRDFkk1rc0YKPRrYDOZF4BBFhZ2GycV3CG0PvezJuSun3RsZigVMAnL6SBqvbTynsvNk4z
0/2d/j26IHyY7TJ5xlUIe2NDUAqfsQyvm0GB785RaDQaqNZKGJw9C0+vfxFXX30tXnzmIbz1iL1x
zbe/hNGRIZx55pmYmppCd3c3yqUyisUihoe3Y5999sXK3XbBurvvxQUXXYDJiWlQMfLMIkv1sKgg
8m+9XwCpvo9ymhcztF5BlRUWEc/9PXuvsjirz+mz0uSZiDMakjLSWkGJ/XyQp/YFYMNE1loKg5Bb
7QZN18cnFi8+Chs2rHs9UKNHX74/CAullQuWragGMAmYi2RIckFSJpFzoiJEAgSdKWiPP09BZbI9
ERTjDzgmxz5sh3s/QcoxxMEa/T4jWHb7t10KgbKFrbNDOXZJWU1blhgRh5FjQGoYssJtKZORzHaz
0UKlFGLpgn6sf2kDvvavP8T6px7BIatW4N5brsKDD9yLTZs34dGHn8T733shli1dgqmpOm742U9w
2olvxVU//jkWL1mMRsM51ew4VpuNG/L6OIE0tJAaUB1Ssk7fM+QlOWGIDnewxjNYbZHFfnzYa4BW
sMPQ98JXIIDsjO9XAu8qHxjEhuFkTzYmoGZ9gpuN+iSAYNu2bf//GsCenkXBxMSrtUWDS1b0zp7H
cadNYRgypynpsvKZLjYu1hQDweIhGbJxisRwKSWHhhFKXExmnPzPyRtVHVyHFQdUR0HZNUvI6z8S
zjAcuI2AN1+LqKqtD8/V44kn55zxM8adBZKkjHa7hWKhgJ3m92HjlmF88ZuX4fGHH8DhB+2G933+
Quy8YhmWL1uC517aAjKhO91OQpoAAYrFEowx6Ovvw9TUtAjsLNhyICPdNa6GTAHnvInbPscue6c1
bJbEAJIGJVnM7OyAA7rb184+jDHsAG015vRAdY7NnZAh3p1FCFeQquRNrv2gzDkHMGZ482vp2JZN
W8O3Hhlgw+t6ufUsNhOvPlFYsHz3nXtnDQRJ3E6CIGS21k0zSHya4IuNXxwBZGGQ8RomyC1STaq5
uTd/lMXNMKfsUP5kTcipk3NjodhVNuT+nXOsjKyYGOQdcqZh6wOrsbbe0ALCAgNXWtRptVAoRFg0
2IPN2ybwz1/9Nzz84P04eN/l+OdLPoTurhp6umo4+28+hIce3oT7fvUQenu7AcOIO8DZZ5+BD3zw
Inzgb8/Brb+612tsrPfkLJFnvt5zWXk+MYhWw3SVSODKWlQuAlnxRbIumZBKNYrDCWTzOMFqeZAB
8nkQhbJL8JD6r0z/c/fCbC1ZWDJBZJNO21TCMNi2+VWaHh/dBMwJge1vqgxmR0NgKpcLIYDyrNnz
ltS6+ymO2yBXUs7GGM23ImNh8kEJNVg8uO7ZFUHKv5/Em4Mom6icgAylwcZ4JmB8jyyxt+qxoH/P
0W6nVHrti3Isxtk9BWK+KFnCABmoMHQMqNFsgZgxf14vDCX45jevwMc+8DcIWpvxpc9fiPe992xE
UQkvvvgaZs3qx8jIdowMb4cxBuPj42i1WpiamkSr1Uan08bTTz+DFTsvQ2oJRIEv84HoKJ6BcrZo
nbVxDSdgcqxVZQhv5FlKPzKWlGW+Z46vshcQ5YyxsmI1njLA4GyxiO5oSIqUjaRGyFgLG23d8MKQ
tclL8yomwsxMHQ0OzHa4mju4qHfWXE6S1MnrpGbfXRtwhluxASJYNVrCjt04KOvL6Cjl8OiwaZAP
09yPVQvMWCE8ZrN5MD6SeF0I6Jm2u46vS9R4HYIlWR66P5kARKEBGYNmowVmxuC8XkQh44rvXomP
XPhedCZfxRc/cwEuOO9chGEB24ZG8PJrW/Ds85vx5S99G11d3dg6tA2tdhv1xiRe27Qdl/zDpRjd
Po671q7F7Lnd6LQ7rtKAs/tWXR355/VGW406MnYo72At0vcSDVzY6omKXNtHJrm1xpqGUdaX2Q3j
1yH773RHelkyhtgIfSKwNUThq88/3QTs+j0PPzDCG2u24V87ygCDtL8vwFaUy9XuvmK5jMbkKIVR
BE5TIiK/K13MvoBMDJWK1iCfIn+9Nwa0YlAGS0M8MdGk7oJZ8ymwRAglTGEjmplus1G9SCdPvlg1
PB+eyL24IuscCNQ4MBAErm1SsxUjoBQL5vVieqqOa6++HrffchOWL5qFL37ug1iyZBHGRsexbdsw
oqgAa9vYZecVOHDVnvi7v/8M1t5+K/r7ZwFglEtl9PaWcPHnP49KVy/e/vbjMDI8gXKpBE41WSQv
CcHYSJGrJDOQjRby4ajbu+v0lVTLGcAypFITCDWCcPMlrYxArmrISjKAKW8ckLEHkJQjqsF0rYwM
uQPC2TIVy+VkfHSo+MTD9z8H4OVtTz3weqAG5aRoAHRXaz3dYVQgtrGRRceSlSXyrB7CmNSRKTJE
ThF5xEGFVBh2QxPkF6bDKGsiTWMYx1rdwhQcseEsAiCVHchJEGQys+EdigCMLbTjUVYSI+GwXDMg
gyAgNFsdBGAsGOxFs9HCT358E9bc/GMsGujBxZ86DzvvvByj4+MY2j6CJI0xf/4g/vDYE2g1gaWL
l6PVjjFvsB+VWog0KWFo6yRKpQQrd90XTz/5GE4//RQwUhijCQVnmJktUpfRkOdhuP59rpLeGIPU
qtBGUvTs2LSvlBGi4QrsNUHmxl2qcqB1q85JyF5hqTdUtsdyCqE/ypNZc3RgBJymKSEIrbUpFUqV
uFGfLjz58LrHAWx4+YX1b7TbkH/tqAEkmxYMgO5Spass3ZhJPXFec9EMmhYqu8JeNTZSEOoXtywi
WBgKMrAgA41Olv8dA7rZ2iiImb1GJTcGXwfmGaF4L2EAJg9IzsI6557UmxmEBugkCdI0xsDsHjCA
G392M35x842Y3RXi/3zof2OfffbC2Ng4tm4dRqEQoVqrQQ94mpiYxuc//SH87YWfxl/+5V/inHPO
wZLFizEyOorbb1+L73//Cpx9zt+iWCig3mz6Nlh+jHRXB+W0Eri2TdpqSEMuWPgEHqvMAIANORYo
i1vLFBxCjYTNAl4rm9XJnTQHATaz8dX/amzVUQPEaWqJ3CHcgCGkScLVYq/5wwN3JY8/eM+dffPn
N7a+8AJjZjtzmq6kBKBaLFXKhgiptX6mACa/1U3KppykoVhSY+huhCGRADy58Ewt05PFvnlGm3d5
NmPdilcNv8UAs8muOROr6njJ/56VSbPDEsHtaAG5kqmkE6Pdtpg7xx2otGbNbbjxp6vRXQI+esF7
sGrVfhifmMSWbSOIwhC1WhcazSbiBCiVyghDORqTGXGcIo4DcArESQJDIabrUygWixmDl2dzvS3y
NbpqaYS1SahvNUIzgE2tjJUUxueYMgujNCRnTRu3k0NrHFnWl2Z3WTkSkUqJfteV7ixyUDUuX+1O
QGRDoGanTT39A/TgPWvouccfurPU1zc1vXUrFJlv9LWjBtCUpicN4EqTpMZLStDEB3otTVgCi+nS
jfdQT+tos+saoaGCpsEVyG6rE6lXEOGY9fcs/eDIhWmq9zCxy7ohG1A/+VLC4ENA8V7aFomBnFE0
noW22gn6emsolQL86q51+PF116AYJvibvz4Jhx96KOqtFjZt3oZisYhaVy9SGwsoLaJSgKnJSSza
aSGOPepg/PulV2HTxo2YmJxEtVLB5q1bMX9gFupT4xgamUJ3rYZWnCAwxhW1MknlPCDLWswGw1qS
cMI6zS5lD0hdxFYLYUWABjT14Ty5Fk2zMhqmTBd0QqIztLJLwCc8iBzAHUHjlFMyxsgMOhyEQSGp
1yeiW3/ynccA3NuoJxGA4dfjqhC0QgABE1zZtHFFiW4mLeVr1HRzPSDNIgD/zM4O58pNfFiaY2a5
MiypNvPZX+SMFrwMosYMgnG9j9c5ahn2TAPMGLq7hu5cUqeWotOJ0dvbi0qJcN99v8aPrv4hDDfx
v888EUcedTjanRibt2xDVCig1tUDmyRIYVEqldFoNrHbrrsiiizuWXcbPrL3BXh10zb0dlzj3FKx
ipdffg0vvfIMPn/459BsuqNchT1I6ZPDi/M3Dg8gJ5doVQBZ9s6TJGNufW0fe5bn/DJnbC43L6pP
O7cnRpUBK9Ecs1QbCOv0iUdmTtmStN1nCgxzkpooKsatZiO8++Zrn2nWp9b11BYHLWxoZIvjjb12
mAHWC0kAAJ1Oi10SwXMBqX5gH16yAoAUuppUgIT+ogXkdAUFlLue0GDdmI2MURpkC13UnMywymcU
ahrqatjnwiQNZwAoIP39unvRbW1hFGLW7CoefugxXPvD76ExOYS/fPeJOOaYo8EgbB0aRhCE6O3p
Q2Kt64dHzrtSyKjX6xgcHMSaW+/Ct7+/Gg899BDmzRvA5i1b0N/bi57eXhx66CF47vkXMTB3FkbH
JhFFBcnWuXsn31JXQgYil3FDtjuBmN3BjsgYoj4T+0hefgY4782cY4YSxpDMFRu5jGZLs2uRN7AA
yHBqnfFzZ71aBEGExvQk5sxfhKsv/cf2kw/ff03UVx1vjw218MfNK8lOpwYApUmcqtd0mLDknWkW
MCB7GmfUFUMs2HC+l7KP6Bj5d+nzKHqE/ajRdME8WIqQs+9VBp2xOO1Qo+GduhPoNjJikPQGhNe+
GVGhgFn9NTz+2JO46sofYGJkI85819tx3PHHgijC0PAoiAJ09/QhTS0sWwShY+yGGGQ6CKMiPvHR
8/Hxv/sC9t57Xxx+6EEIQqAYVTE12cRHP/E36OotY7/9D8TkxBSKxQJs6taTFYIixzG6MbGKIUce
ONUtquzwzPJMPkyyktHlbLeUjLerL3TGzKpZEqfqmaDOq0RvmR7o6KBNUzKioVlrEVBAjXadZ89f
bFd/99/sw/fffm3fwoXbxjZuaGMH2qz9udcOZ4Gbo/UAQNKo1+tJErsT4plhgoDBTJIkz2kdrLiS
lzNCJlCPLv+jMZsaH8GZp+zI6Xa+LEWNphhWy1kdm6ygzL6JhqFez2TGkTi3R1MMqWHHMIMQGB8f
w9f/5dt48fkncOrbj8Cpp34YQVjA2PgkQAbVWjeIXMjqdMJQOnJYsI1RKBSRxCm+/NXL8OnPfBYr
V74FY2Nj2GP33dFsNlEqlfCDH1yJ008/A+uffgLLV+yCyUYHhajg9vbKUvbblERrUWOf7bF0TM0X
nwJQHdawFi+7xeuMalZgo/zGl3Rw7qcSMjOJlCAeXkIXTqwTp9PUbSCOogjTk5MYWLCkfc+tNxRv
/MHXfhSGpd/FY/UUwDT++DQvrk9PBQA69anxJqcxjDEMTpg0mKVUAkn4edWauXx47MNY0uJ1AYBk
GbVGUSUbBZLHAwCGQeAzv8gwpexObJviigLKxkkNiYTCTtDX8iwNp91nJifHcenXv4dnn3gYJ73t
UJx++gUoFEsYGZ8CgVCt1EBBILiS6IYtyLguzpVqF0ZGx3HaqSdiw2sb8c7TDsapJ5+NhQuXY3p6
HL+85Qb091kcfOixmJ6qI4q0Qa7Mu7I/CYfB8B1jrKuYdjAwAFkJU8HSA9BFJOpEIcVZ2iBQx5Fk
rzARcpqxnTFHegyDymCuegRsRU5hCX/DMEJ9agpz5i9q//ruNaXVV3x1dWDtr8c2brSCqzd9aPqO
ZoG51JpgAMnk8NBwY2oCUVRwhJjZK0vkLTi8NANld8rwOBeWeE0r937xJuohfKcKMWyqKUD+dPZT
NRnvbqDirM9AeX1DKLqWOXB2b8QEEwZot1vo763g+9/5FjY/eRuu+LdP4fSzzsL4xCRGxyZQLldR
qdRAJgQQIIgKMEEBJohgwghBFKETW8yZO4Bb1/4KKSK879z3Ynx8HIVCAc2mOzVueHgYq1atwgEH
7Ifvfe9K9NVKSOOOrFddsJ6z+H97J6Cel7RmjzKHIpIBe2ZD0F0f/mesl1WjIED1057TsyDXFkdk
GRQYw2ByuzUCg0Z9mufOX9x56L61pe9/9VN3pYyfAdQEMArnpV9vAG2r1QKAZGpiZGR6csLtq7aS
a+bUu9DMaapyiwwfWk+GbD4BNTyY4ZQdW8ukBP/Y/p+aSKKcvuoRCLdThPyHSEdM4iF13Kolkxb1
k0G700Z/bwU//tGP8MJvf4rL//njeM9fn43JyWkMj06gVCqjWq2BgsjhKiyAwoLDVBjBmAjGhGBy
W+XqjQ5+/ZtHceYZf4GDD30LNm97En39wAc+cB7ARYxPjKNUKoimDF8ypASQoHKRYEecrBtmlQeQ
lcJIiKqw0WsqTlQ+gMk+q2PrpRPJHEtgC5WkdAOFZUtGW+rAnczXaNR59vyFncd/d1/pu1/5P+s6
SfPHFIaKq3b2LW/8tcMMsIUWA0jGhjZvnBobQvfSXbk+2aIoiqxNEx8wsNJlz0RUqM86uCjH8J48
79FZKLhoinruh9YmadsskDQLg/Yvc4zQ+RYVXskXVwNGCl3d5Iqf9l1ffPID7gaJGa1mHaeedQ6m
t2/EC8+9iN32OxJxuw3Lrhg2oBAIA/fd4qWRAjAGYRghjAr45a1345hjjkFPTw+2bt2KYqE4g7ml
aYp3n/5ufPVfv4btY+Mol90BNBCR2TdZ4OyZYLWgFP67ibMezmokdLO67zDjAe03tHlzx+rnvUGU
w5QyTWYGWzRk2EqoztZyu93BnIEF6f133Fj89pc+dvfY9i3XULE4kSTtEQBN/OmzG7g9sc1GUcQb
X3x209jQZp47bxHHrTojCIjISDkoZcZKHSxlxlnvCX7LFbwU47+IsiWvmr+vQ/WLHl4K8EJK3kmK
0/BbPEWZ8DjWsNpFuj4sZq+5uT/b7SZOOeuv0Z7ajsdfehm7rDrKHZbFrlGUMYEYOjeHlhmcpoAh
FMIAExMTmD17Di7+wpex4dURPPLIrSiVizMGNrWMa665ykU4sq1aO3mr43MdW9zza5TBOr4p6eqF
JjmUhjvt0MrYuISZhWO4FiRJNd1v6fCkWWY/F+zWsCxl+X7XVzyVsbLWIo7bds7AfPvgurXFSy+5
6IHhrRuvDIrF8SRJhgHUBVdv2gDuKAO07XbbolKJR8e2vrLxlec4iook/bKJXMEYk1h37/08QMU4
Knb9opPkh4KbIOUHBC9ESxjsNZxciOY7yopL83oVkAGS1TiqaK7hruc1WWcZFcBzrHVsqoF5ux6E
SoGw9bnfwdoUxUoXwkIZFIQgInfmiHjnKCyAECDlAEPbhvH4E0/jmGOOQafTAYvB63Q67qAZYzA9
PY0DDjoQ9elJPLv+edRqVaQ2kehJGYz8ZwAtcPbaTe4Z1E748VEmqEZNx1qMAGtYCPgR1lpDqGkh
pea5Mfe4dtcslkqYNXcAN11zufmXv3vfHSPbt1xPQbA1bbe3AJiE89J/KkxhALba25u26lMvb3vt
pQ4FCKSZrVuOnqVpgkLvE5m/Uk1ZYwuZWzMjGM7rgvnxc3h1xi4zqjOMq4bCAqyMOOtY6ZVMbqyy
urYMbxC8AONTDQysOADVaglbn30QaaeDYrkHUaGKIHDniAQUgIICgiBEEEUIwwLqzQ6CoIANGzbg
uut+im98/QoAETa+NoypyWkMb5/A5k0j+PTffQ493X244SfXY25vBe2O7gax2RiSToJsM4U6O11E
upD8IMoalD3RbPwvSENrP63w0R3Jd2pdrvuanNSArGmD83euCDuMCpg1Z4DW/Pg7wVc+/tf3DG/d
eDWCYFvabm8FMAGghT+OKt7Qa4dDYACdnmoVabv9yvo/PLjdWhsQGcvaQ4nZdQWWAdQww4vvxC6d
DtGkKBtfsIIyP2gzxhByEe99WYHua4zYTyjgl292IUBMaLYNSIGtCQZljPre1KYolwpIOh2UB96C
2qz5GNnwGEY2PIW4MYmoUEap2oewUEZYKCAIC4gTxuRUHZVyCZs2b0YQhFi2bCnq9TqY3WlzaZq6
E8aYMT09jdmz52DevAE89eTTKBXInVciS5j9eIoL8AvXeuOvjsQpCjnmreEJsySPtIJfdsVIJs+/
HzMG0LOezALDGwBjArZJQmEU8uaNr+Hvzz156ttf/sSVJij9oG/Owk1pmo4BGIczgP/VyV3tTocN
gA1PPvLr4aTdDoIgTGUtOmcUuPy0ivKAFskoRih7Dr9eNUoQXYrz45IJ9nl4+R1BSiGFHanMonjy
zjgbKMEVS6H+6y5MVm7PfdJai0qpiCSJUZq9M3rmLsLYGlCYhQAAIABJREFUq09iZMMTaNfHYcIS
CrV+BMUKorCAICggjlO02h20mk3MXzAft95+B5Ys3g0HHrg/Rkea6O+bDaIyarUeEBdRKgQ4493v
wfXXXi1oF2acv3vKkkhARg4U/2DKDKM6ALmCK3zOHKPztblFrUPIufnx0gT54QaJjXBiIQJjOLEp
RUGBx4a38WfOP7152Rc+cnVi+Yq+BYs2IaVRwdXUf4OrHXrtMAME0G40Ygtg07OP/mb99s0bgnK1
ltokIeMOWHUt8NUPcGbxvZFT3U0HWrO9JNqg1wRya85/GBIGAtq3LNMg4FmC18bgTIMP9fRn8h2K
aaLsL9o9VzWkgNyWt3J3N/p7q4hqczFr6SoUylVMbX8ZQy8/jPFN68E2QZIypqbrsMwoFkL0ze7D
5s3bADKYM2cOpqfrAMif6dvpdMCW0Ww2USmX0dvTg5dfesE1S7VyPCNk32luIjxD8+ObY7aU8+K5
MVbTn5UpsWdUIrblmHE2X+BMb82hVZi1K2ggE6DTbND8xcvowKNO2CvtNA8f276xjcHBp0844aIx
wdifC1EYQDuemEgAbHv8d3c/MbR5AxXLFWuThMgE7i6sJTIm83DqFHRBS+imEbIGbs4x6KLjbAGL
Q1Gn4U2CsBQV+DVZoCq3JqKyAFnHJnNQep2stEvex1lFgzHuSNNytYZZvVUE1dmYtWIVCuUuTG9/
BcMvP4Lxjc8CSYw0BaanG0gSRqkYoVargUG48857cfRRJyIMCJ1OgmYjRruVoj4Vg5kwNpbi2KNP
xuaNW/HMcy+gp1ZFJ05gQj3U3K0nX3OXJx4khAS54mYdW9GBc4UK3gHr9SDJxmzXkK5//V6ZB8p+
prbAHXfAHAQBWs2GGVy0xB5y7MkrA4Ojxza9GgPJMyeccNEosDjvhd70640wwDiuj7eL1Z7Ghuce
f+ix39zdLpYqxrI7Elb23LL0a/TykXsJ74UAiLOBdQDOEK2CPvtFDnVHPnDOxHh4sEkHhtwta0Wf
MoCZRlUZozemUOObGZW4E6Onq4bbblmLNbfehdlz5qJcKaM6exlqg3ugMnsZbNLG8OYX0W7FKBWL
qNUqcixlgPHJCQRBgCBwB5irdmKtdYWlYMRxgjS1qHV1YWx0DHqWidapQQV+Cfk8s84Bz4dZrMse
WfkLq0VTwyjPbZRRKiNiWctiWJEbehkhPwNiDExgELfbtGyXlfyRL3yz+2Nf+taBn/3GdR888/0f
//4sa/7xttsuHQDQvphZdxP+KVylMeJGUKwm40NbHvzt3b9oRaVKkCaJJSKy7DOCmSeDJnhIkiDk
5y8zQMiYmDB9b8zdQ8yYaw0L4ZNDwjI1pNWwWVatdzikzEiMqiA1Y+3Z9ZldqNmJY3T3dOHOO+7B
jb9Yi9lz5qBSLqM6Zym65u+O6uxlYE4xvOVFNNttlMpFdHdXARBKxRKGtm7C1q3D2GvPA1GfNkg7
QLvNaLcsWq0U1oYYH2tg2ZKlKBWreOKxh1CtFJCkiRyUlK0D1mcW0LCuGiJv+PMsT3V6B02SxIpb
w2yyUF9n1zDlHJSiWvULddpu/WkbsCAM0W63aOGS5XzRZ7/W9eEvXH7gZ75+/QV/cf4nv7Nw2a5f
uO22S+cDG1oXX3xP+GdwtcOvN2IAEwDTlNqYmR+979afrB8d2RaGhWJqRa2Rh3eRQCClguoVKAvJ
oEZPlhmT95PI6y+sn1GAe8DlFrRinnOTg9xCnwFY8pOQrRXy95QZWllrxqDVaWO3t+yCG356Ez72
iU/jufUvoFgI0D97ALPmLkL/4r1R7luIQiFAoVBAkiSyAFLXCt9lORHHMcbHx1CvN1Cv11Gv1zE5
OYnp6SlEUYQkzg6uVqNs5f49ezGi53kDrotSH0bYjM8Gyzio9WTKpkOmVZ/evdldU4/G1Gt78FMO
4OqbyKBRn6ahrZtsoVCMDzji+PZfXfiZpf/wzZ9+7F3v/fBvwjD84CVEWL2aLf74HGrFVYMo7cCY
9evW/OT3Q6+9HJSqXWkSxxQEgUZQ7EQBEjOtxkX1PM14Kz2hzJhZeVbSrwTy4Zgv4tW4UFGgDkOr
Evxv5G+5+jU/HrlrZtwzk2gYQEAGzWYTu6/cBb9ccxsu+sgn8cwz61EICX2z5qF/YBFmL9oDlb6d
UIgMCoUIqbWI4w5K5TJefHUjms0UOy1cjInxNtI0QKeVotMGOm1G3Ga0WgmMKWCnBcvxzPoXEBqW
g8dfx+ZNPvKSp1T2Kz/LGod4zpH9p9ljDzk1+exdUhZaZ2vbOytWRwPvzFkYZLvZwPDQljSKCp19
Dz6m857zP7X47//9Rx8567xP3Vft6f/oJZccY1bzn8TVDr/e6AdNknTKhXJXcWjjS0mxVN131RHH
B42pMRSKZbBNXW8veX4izbo6O6vtgkCYsUNED/oG2AvHRgeOAOO9DJQvy+9165syQPczl9nNfSc8
3n1omT8yU74S7n4N0iRBV62E2267HcsXzUEcp1i6bClOe+dJuHnNWlx62beweeMrMEgxd04fWs0W
gtA1DmWbuBPipqex08JBfP+H12J4eAynnnIyyAQoFCKYgFAsFFAoRBicN4ibb74Z37z8clzypS9h
zuB8dGIL1xB5Jse3wiwUv04ZA/RkLY1QOLcUmUmaV8pFSEeaZ1zX7d0WIOovBJR+KbOWdBHYhcBI
mckEBmFQMEmcBo36VJDEcTprYH5n74OO7dt5zwNO3LLxld2/fdnf3r96NU/dcMOfPMg6sElSLJRK
1YmRba00ifc7+K3vLLTqUxwVigRfReAK0wwFTLBkYHy7NF1kRr3i60J6PcyIBDcOMoJFZ5V80wPf
DEM+LzXXEB+UqzrQxa2/yySeQMY6a6xhYG2C7moJd//qXsyfU0OaMhbttACnv+sU3Lr2Xlz2zcvx
yssvgpBi7uw+tNstOTzMZVTbrSaqtRqefOJx3HLLOpxz9vlIYoPUOtkkTRlx4v5sNWNUKlWsu+8e
tJJJnPrOd2J8qo5isTijONnvBhInYjPbqCCDUBmPK3UUHkPe50gHGcGT6wSVa+KWw1cmydos4iO3
ZQLCRokMRVFESdIJG43pIImTpHfWnHjvg47u2WWPA04Y2rxhn8vPf/+9VzzMk2u+8+YOSH8j9NHC
1XKNd5pTDRNFj91y3eX3PnL/2rBvzmDSrE9REBUY/i6IAyLWcEmRqNki9w7yHjtjMzICxF6TYxl0
zxR9qKxGUtkO/AirUdPr+cWgYbPeAyj3vZjBeqQjMYqlAr717R/g+tU/xQnHH4kLLngftg5tx333
PwCCQZJ0YNMYzAnS1DHAJIlRKZdwxWVfxc033oATTz4F11xzLR555BFseOVVPPX0M7jpF2tw3vkX
4qKLPowvfPFLOPSwwzAx0USpWPReFRo6EOUcSG4MkZU2ZHYuCzWyej9v+Wa8WMdA9LAsnBYtjHL+
muDvidzWt2wLHDMHoeEoKiAwQVifmihNj4+kq444vvHxf/rBGQcee8ovzzqLlgAXM2Y63lRwNdFp
NqeiUun5e9dcv/beNddT/8D8tFmfggmkWsu6M4HdsZsa/mbMxTH+XEjmV5nqcVnoytD9sLriPXfz
8oGPIER6yDhnDlOeWTrs5ZRBP1cagXg8Wwubpqh0deE7378G11y3GkcddTA+9IHzMDk+jvvvvx+p
tbBpApt2wDaBTWPYNEFAjPGxYdRqfbBJhInJacQdQqdt0OkQ4jYjbgeoNzpo1GN098xBfXoqk1Z0
rckcU35dKkOj/FPoenD8O1tbeQlBRkI1UqV0RCDZbaJyjfYKVEbNeg25rlExUGhkmlgyJnC4CoOw
OT1dnBgewZ6rDm997Cs/eOehx51++/n7066rmVO8iUPe3ggD1KVjAIRMVEvareH1jz80uPuqwxcM
LlrRmR4fDQrFIkCgwICttcYYw8LwaCbz0q7ByIyUNOtUKPp6K++VOfPejFwXZNEPIA0ttSOIW6gC
UKXgyh+VDJEwTjfhQRAgiVN01Uq44447MNBfxYknHoejDj8Yjz7+FK69bjVGxyawat99cNQRh6BW
LSGOY19faNPUndBlGI16HUsWzcfpp52IzZtfxR13rMXPb7wRP/vZz/CLm2/E8+ufRClsYq9Vh+Az
n7sY09MNv9idJ5GHlB/owpzx99fbNaWH4lishBi+al+OE2BPF53ldzvusoJivaDjHuSZt4+fXX0v
WytBOgHW9fOSEMYgDCOaGBsu9M0eqO950NFLXnv5ucO2bPjejRdffHFj3bp1r8eXARCQMbU0TUaf
feTX/ctX7rNk2W57xVNjw0FULGTz6rBAgQnEJ+bYvHRo0ebinuV5fKgvdvjTg5T8biPdz6tYAzxm
QRp1cA6TGcskItlZkmeQ5HFo0xjVahn3r7sflZLFSScdj2OOOBTPrl+PH127Gpu2bMW+++2NIw8/
FD1dNXTijkRHFswWSdJBEBhMTU3hyqt+jOOOORtzZy/A6PgYkjhBpxWj1Y7RbnVgUESlVMW3vvPP
2Hf/lTjurW/F+FQTUbHsDkwSXuZD4jy2PI4yDLjRY48FH/57Nug+rI6X9TgLJS+ZycsYn6w5pixs
ZmYCmawclQC27FoDufVAYTGiyYmxqNbV39j3sLct3Lzx5cO+fs57bjnvYZ565DuXeP+zI683GgJn
RpA5MCYqTU+MbH3qkQcGd9lj1cDind8S16fGDSxTGIYwQSAelckQ2BhtWe4O0AZcmOzB455dgJfp
dibnlXRgfGgt4Q1ItW43alkY425btm/O3OTujbAztvq7JI3RXSvh1ttux7KF/RgcnIdO3MGp7zoJ
hx1yEJrNBm6/fS2Ghodx2KEHYWpqGlEYAOy8NpC6VuQGmK5PoVAIcNI7jsVpp7wN7zr5WJx28jH4
izPegff99Wl421EH4vdPvIJVBx6KcqmMOE1dMwQPHhJQ5sEFobJZhxaPYwmF3d5yTW5Iho10CnNJ
JrA7NwTa0VfDHbWs2eLQz2RJKiaWThXsdsnDshXPxbApo1Cq8PTkeLHW3d9YvnK/Jc/+4bdzbv75
6ptWnnlmYfvTT2ttoK4xw2lq2KLSbtW3P/Kfd/Uu2WXlwp133y9tTE+AU0thEJAJ3f5aax2OHMoc
GyW4CkJlZWRULsnwAsGQGijjNU+IQZSoIgMQ9MDMfJjsaad+l1JLxaJR4+m+K01S9NRKuOuuX2Fu
b4Slixeh3qjjnSefgCOOPBRxJ8att67Fps2bcfhhB6PRasm5xUCaxgiIMDk1gWVLF+PVDc/jq//+
b1ix7AAMDixGrdyDYqGKYlgFbAnDI5P4yr98AltHn8DXvvEtJEwgqS9UR6fWTq2NwxbD7QV3ji4z
bHoqG7yTZdYzZzKcuOY0aiThMcZ+Jfqv9ZfyBFomxkpJiGXXkwZwfSYV9pYtomKZm9NThVJXT32X
PVYteunpxwbX3vqtm4867zzasG7dDtcGvhnx0JtuZmuiqBiMj2zb+Mh/3tnd0zd7wW577o8witJW
fdowWxhjKAhDV7DBomcb8tFUnhA7PKmRE2bmgZj1sPPbMTPseZaXeWP9gjzfyxF7NagCVq9TGoM4
dhrg2ttux06D3dhtt50xOTmJ8ckJVCplHHLg/jjj9FOw154r0Wm1kVoL10TAwnIKm6ZgmyJNYxjD
SDptDI+MIElilEsFVKsVFMIQbC1e2/gaHn16I95+wskAkeu/RsZ7ZgcKOVjGz4AaMThLR0aMmHpm
5BJOyIDMHu0zPLb7G3nD6ktK/FeJEM7wG+BZDIW/jiZpjWOF+h1pmlJUKKE+ORbN22l5OywW9/z9
fXc8fdkTjz95wyWXFJAVSOc4LRtjTNRqTm/67T1rSrVaz4Jd9tw/KFeqSbNZJ5smZMhQEBiQMcTM
FARGzD8ci4OcEELs9wFrg1fFlZNa9OwTNXCa/MjhUiIRxVsWUeTfq4ZRs/iCwVyCIU0TdNXKuPue
e9FXI+y9954Yn5jExOQkiuUCDtx/P5x1xruwat89pVjetdwhdnuALScwYDSbDbzt2CMxPb0Z3/jW
Jbj7nrV4+Pe/wyO/fxB33XMLfnrT93DtT/4RQ2Pr8Ytb78TAvPlotWMEYSgHnQv5hzo6tUjGRQKy
5zefLGSdGauMbqaDUJyodfBVCCSQs3nDkeEPMxw8fIiNmSxRmk7pwBpO49gUyhU7NT5anLtwaTMI
w33/sPqqp1ZdcNcTT99wiR69/d++3owB1D0uDMBamxoThkFjauLV3979y/bo8La5cxcsrsxfvJyj
YoGTJLZuF0RKYRjKmLEzgkSUneIFH044gGYGjKBGStibJjy8Op0ZRZcE0YWebZ1TrcOFyORPh9Pw
yc2va7PlgFrCbbfejiXze7FkyWLEcQddhRomxxvoxE0Mj4zK3Ft0kkSey3rjxzYFcwKbpABYukkz
Op0YcdxBHLcRBgbtdhNPPLsZR771ba4XIJNvNOGPFxVgWR8+zDRgyvw8s/NPk3t/LlEC/y4NgaQP
W86QKSgJ4tUdxwJy98PSwsiNgmeTRCBmlgIbNrBsQUFInU4nHVi4tLhxw3N9//He//Xz1as5vuGG
SxRXHlMAUtfyLAqTTmvTw/evrW/d+Mqs/rmD3QsXr0C5WkuTOLZx3GG2KUVhCBd1O6uWdQiSORVs
AYA7zCrDUsYOJXymnDM2aij1MCGGnpzlzqJyJjLrs5B5XpO7hv7Opgm6a2Xcdec9mNVD2G3XndFq
NVErVTE92UDcaWN4eMSd92uAOE7kXm2GKesSbe1WE28/7lic8I7D0d3VQid+Fc32i4gKW3HAfnNw
xruORLlrAKecfiY67TaCKHLzANUxRT9lcZp+T2iGCxImOMMw5XAnwHLhrthRi7zxyzLBKrVw7vfw
+NbFaH247FiqME9mSJdIttaSdiuylhGEIbXqdd5p591pw3NPLrjzX//XTy6+mON16y5h7MDrDYuG
8urAdWEgAKFNEjYmYmNo3dqfXvnq7++/c/+Djj1pt8OPP7W6YuVemD1nHmya2Hp9nEITgthK/bJU
HRkN59TLkltcOUYnS9GxDnXq3lv78XXDrSU2pEyFkW+UoETI+ElVYLN3T87jucXTSVso2ghfvv0y
3PHwf+Kq938di5csQKvZQRSFsEkKC4vUyB5Jdi2MmBNY68ALTuUga0aQ20WUps5AEtxDOKlDE0DG
F5emqlIqCuWsBZKHIbAPPxgWvsMuwTWUFMAhtw+YYSWZ5HkAsnyfMwSpvJvESLroxGX3dMTBPmCG
2w/qBp9IQ+LAGmK0W42od/ZgZ++Djz344XvWrMLuuF8wqN18Y7j9nQGA0NqYAHChVPntfbfdsPHR
B3+16qCjTlx5+HGn9rxlrwPRP3suiMhOj49SEATMnHUbIUAO38pCMiML2y3pIHtOMXLwIyNaqdIe
ZTRG96/L84tkw6yfzsYRxl2DWY+5FJYN5ziICbFtI+IIV/zqGlx7/0246v1fwy7Ld0aj2YAxQJom
COSMDWudDsiphR5Tunnza5jV14vzzj0HSRqDbYK400alXMJLG17BHfc/gzhxvQCttd6ZaWTh55TI
dXT2JTJuDep8g6U3JwlTy8WxVsabbVbOlk+0WI1kBIe6jl1toMguVve8uzWr55WwVccN1+GbmYwx
bK0lArs/jeE4bkbl7t5k/6NPPOChdWsOueQfcBcuwQ51iX6zBtDC7cNTcpZaG8fWYn652tXavm3j
ljXXX/H7u2/+0Z677X3gvIVLVsw57NiTqnsfeHjabjWCMAwd0bDii8Q2GeMWJdh4z+mZiO7XZfHU
PkOcl1czQwjA178pKA0I2pIH7A5q8RRYzs1QXdciBxZrwbCIbICQDayN0Wm33H5eYrBNYWU3t5tk
AStbWJvKhRxwnYEVphi6NlrWZqCycPeknXOZnXZndOGqC82VJmQFu5D7IWim2DeCzmkx7hY0W5oZ
PM8MAJ9hzTsD0sJXJtcyCciMtdYYymIC4A6uc4ekC5k3lCZJunSXvbt32nn3I8/ane7HzEoEhts3
PCXYsgA6nVajWS5X25OjI0N33njNo/fesnr3FSv3WbB8173m7Hvo0V0HHXkcp50OBWGQoxfuGbQM
ynm8HDYkBiSdczF2fns0C2sDoAcq6fN6ISXzGu7y5K7hjYB8rUaHangY7HFhkIKYEdsE1qbodBpO
OiGHu8QygtjKOFup5XNOtlQuodVq4JWxYTAzAkNot5qICiGmJsdRiAowJnDHIkhZijfmTGKg1enC
kwvvJMSx+oy7goHU0foFmq1VEfVYqaAyOkjkltMPveEEAdIgGSkB5Bw46bj5o2cIbK3bdZamao6t
MYHhNEmW775fac78RcdsJ7oLWBEAL/y3BvB/UkXNcEZwAsAQgFcBPNesT70IYzaXKrVX4sSu+cNv
fvXrRx+8r2ktW5hcg8S8+qlsTakZyWL1yJEF5/UrDdiQgVHnQa2g98cyTJ7bZFpXBki5Zi78c9UL
7AymBSZak/jo287Bzz98OeYPzkKn1QTBIo3bsKlrmZ8msfszjV1ZTJr4UDhNE9kBkiBNnOzFNkWj
3vChk4YKeaOmZyg4Eyxjlfsju3+Bo3oAm3t+D0J9uIzVZC4C0NSuegDfnRcMWC0r0QUht8CZcQDY
7+phNdTWurYGBDbGULvdooGdlvLA4JI9AITnXXHF60OVPK62A3gNwPPNZv05ABsLpcprgYnWPvPo
g/c9uO62iXa7hcAEnNpUbwI+1pJn0gll/zstoXJsTLtfwy9ylQv02FY1GoImPw7Z+CPnoDI9i7zW
5o82gGsvb9kZvvHmJN5/5Jm45+PXYvH8eWg1GyDJ+FrBUZp0kCYdVxZjHdOzNkEadxAYQq1aQbVS
RDEKUKmUUKtWXEch75zgscH57uL+/vxgIFsC5H/mx9OfKYMsI6HXzkY3s/ikFQhyCbkX4mxsctCD
FkX7SEUYdMY8HfasO4eICYbZWgqjiFuNpumfM592Wr7HAQDMxRf/0+tx9Sdfb5YB6kuZYAqp6AfQ
CqKo2WpMDxPRGe9+30dOPfuCT1ar1S47PTVuwjBk7UgBBuTUE/ixMNmDGvUkyv48wEgaOOYWL2Vt
sSBBGKQ7h7sWexZD0LAlmx2tR2Sl+n7+UwQBEAaE8dYkgtCg3UphTODCXcAdFJMAbKwYeNFXkHls
ZZGu5RGj1WzCoIS5s/vAkjgJg9A9EWfGiTxw3HM5D60SgTgAhq97I/m50+nk4B5WhS7z3OoUnMZq
pcV+dlYEyDkZiF3R3RL+4Hu5gn4PgZDKGHrdx7MmuBq+IOA0iSkslKhU614IoB+rzhsFzn89rpQJ
WsFVE0AjCIJWp9UYBnDSCWe8911nf+DTfQPzd7KTY8MmjCJpc5E3yA4fJMwG4Jm5JABa95npUixd
tUzmlI33GQ5/2rHIi10AB6KnyngSA2yMl1r8iXUQx5amMESIAsJUcxImMEjbbtuklS7d1hKMZTBS
MagWbDVrb/112FpoLqnRaMKmCWbN6gHIFUWHgZwf40fIZqRAIwYx/G7zKPvdM4ocZYCcc3BubOHO
QSWpDhCc5Fkk53AL0faQfaUYYIhUo5GFxHWC+8xYujVsWU+xIQu2JrWWSpUu9M2eNwhg1pZ3njmG
S14Pqz9+/Y/20SlkIIWsABqLF68cStvtoYGFy87+1Fd/eNbffuKLxdSm6fjYMIVhyPDGT4CpUyFE
zyUsOAvbcoW87DmxDLayJY1BANEy8uFcZtwyAS0vBOu14AGvepq1FpEhPP/8y3ht02b01MpA4lpa
JUnsPTKsy9Cpd+bU/ZcmCWyawqYJ3EltKdqdNtrtFvr6ulAqh1h9091oTA6jEMSIE0Z2GI3chxVQ
6b3OMDzwIPYg9Y/KMk7Wj6WGb6pBqTFzfQbhxzXvsfPJBILoMTJ/DJdM0vsivZ/X0VO36AnWMqWp
NYExKFe7ugFU3jMlE/LncTUJYGrRbqtG0jR9tVStnnThZ792zoWf+feeaq0rGdm2haIwZGbZEaxG
mJE5ElZcycIUeSBHX9xSYsyoSYNf0Pq8YuC8QSXPdCDjqcetajGwZ/MQNg8gta7F/YsvvYKXN2xE
V7UCWEZqE4crwZC1qceYTVOkNoFlpyezTWHTGJIzcp1iWk309VRRqxbx81+uw/TEKIrUROLqn7Lq
CAAQQycrxJMOXSfZlsjMzrtxmqn3ek8jBtNpgTmGSdl4GFItGn5cMv7C2bh6QppxbN34YGWOcviV
cMZ53XKtqwqg97/A1YzX/5QB5l/RU09xfffdqX+3vQ/52gWf/upbd91zv87YyPagEEWmWKpwmiYU
aOt2tsq9vPYA8UZEzstmQRtlGh1cTR8zgw0hhGM9ZALPdLQjJcFdx+9EEe8Ccp9h3bMHeKCrngiG
18mYUzz22NNoNVtYtnQnlItlWE10WOsOhgEASqGiMQsYACeCt1otpGmC3u4qiC3ufeAR/HLtA1iw
01J87MPnolMfgal0iecX76zIs1l2Tac8c9KZN0bOGMEiC9X+yHBmDM//TsMf1YNkJDyjFVZnPehF
5JatT5YMwGl2c/q/5Or1YIxFyiK5EYyrOwq33/u0wX8tVptzrrwyvurcc+3Cpbt+8fy//+pfHHjE
8Z2xkSEOAhOUKlVObEKB0xodQtSI+cWuIakGCBqa6b2ST0pl7xds6BjKwDOx5OJ0jhxu9XNQZyNd
kT0bMsazb2SjiSefeg5xp4PlyxahXKmAmWFt4iSP1MBSAKYUkOSaI0QpQE4zbzUdrrq7qwgNcP8D
v8dNt92PgXkL8HefOA/txhCothzgxEU3Or+SGMuzNl1mHjN5yyeT6VmgjKnV8ijSEinKrTdkkpd3
ATmrxxmY840qtGu7jxKRJQfJM1h18tC1IhPODlfbn3Zp5cxE/8nX/ysDGF1xBae7704rDjjqpKv/
v8/864FzBxc0R7dtKZUrFTcQLttJQk68a8i6wkgs5VQEAAAgAElEQVTGUzc+MGWZeWJ/pKEzTFK0
rF6LHMXXE7kB+N8Z//jKlMgNS8DeoLiME8mv1KAAZAhx3EIUGlRKRWwfGsbWrdsxb95szJszG7Wu
GogYqSUEzGBK3QSz7p8gJEmCequN7u4qysUaHv7DE7hxzTqQKeK8v/nfOOigfTE5OYk0biMgILUC
Lc7ugwE9khZWNBy2qTNAGW5ygIX31p6dAVAt0TFcZW0KVI0xHMDgK/nh8a8OK0srsQcpWQG3gtID
GzAk5Qvy/tSmaDbrTQD2m/jdfxWFBFdc8TCdf+7+vbvtc9BVH/jcfxy/4i17N4e3bSyVShUQCGnS
MYExnCbWBKFhZtl7IYe2Gx8xuCeDlLqoM/DKsFXsuJAL+nd2Q2HYdSDPjLt+1sBn1iUBRCYLubNS
Es7GkAw6nQ7C0KBSjjAyOoah7SOYN3c2BgZmobu7SwxV4JJYNvHM3fWLApI4QavVRldXBdVSFX94
/Bn8fM06xInBe8/5Kxx2yCrUp6aQxDGK0PpSMUPyTL4C0ye0/OzrknldyOs+b/0ic4BkGSR1Pg6k
DD28yxKEDOi1dNzyDE9sPFiyoQytBIEf9Uz6UYw5n8JExiGwVW90AMT/fsPaADvQL/D/hQGM7rmH
+ZhjaNmBx5z84w9efOk+ta6e5vjwULlUqdk0iY2Rk2YMDMMykTFswdIjVYAD9l4VJFlPzgwaa/tu
YzImI+GO9jX1lS4Qmpw5ELdsZZbd2paFIVRbyye0h5tlRmotumtV2DRBnMSohhWUoxDD20exedM2
LF6yAEsXD8ImCUxASIXIOM/KaLTbKBYLmD9vFp5Z/yJ+evPdGB1v4p0nH493HHcEbBpj+9AIAmMR
dQ3I1iT1bA5ULPqH9SEBALBgzzE5XXjujap7MvxGdGWQynbcJYDcM3sNR/Q8bcXvZQE9lU5ZgBtK
ZCGehpwSM/nPARaWYALLaQoKQk7SBPWpcdcq/95b/xwGgxMuuig8//z9e3Zfddh1H7rk8mMGFy1t
bN+6sVKpVlnKjSgIXB9KY8Bs2RN47ywVI3KMKlhCt4CzE/GMkYwxw+13zYCjeh8rwMRRklFHIQtb
36f1hir+eYcgjIkZbC1qlSKIU8RxB0FQRblcxvDIKDZv3YadFg5ixbKFaLc7CKgAywmyZB+j0e6g
EIWYPzgLz7/wCm646W5sHZ7GyScci5PecRQAxvbtowgCRqFYyrYziidT3dbpf8rNpHmBPI5nYVI4
7WNhWVdO/yZfteLwQBnGFMeCHStYkhZHkIkQ/RHQhhZ5PdInBMViawWH1qUagC3LT5lgU4vJ8e3j
AKbs9J0RnHb8X77+pwYwuOiib5hjjqFZ+x16/A8v/MzX96lWa6361Fi5VK7aNOlQYIwkf1xsGxhi
yzZX5aIPbLxvdaqzLFkW1kHwYaw7Ws95YyO/U2biz8EgV4BrSDy0dIhhOR+YrZXtcbLFR0IcAiFJ
UwQBISwUcd8DD+Gzf/9BpDbBCy+8hvFGHf39vSiVIoSGkMQJrA1gCQiMRWoZcaeDMAwwMLsHW4eG
8R/X3Yz1L23BsUcfjtPe+TbUahV/9GGxEIIpginNhZYpgCVbTm6RspT9eKAi66DhjRDyBklAaDkD
pGgzyowZ1htR51RtLvEDASfgi6eFBaQqqrGwIHaivFsI5DN3kDIG61gXE4NsYqlYLPDw1o08MTy0
DUDrya2P05/AFS08+ODCbT/6UbR85arvX/j5S48ZWLCkMbZ9mzN+SQK3jdE1YiA5D1P5qy4pfzFN
cGkUQEYYdcZgGeQPPWfAnS+dzxzLeOhRh07KlgVvKMuQknGJC3GyjhsaOV/ZIiRCsVTG7x7+A858
94loNVt45vmXMT7WcLhKI4ShkY7hgLUJDDmZpd1pIzQGc2d3YWRkDN+84hY8tf41HHnkofjEx49D
b3cN20fGwEwolUIwQpjSgKtEkKWVSSSZrOF+x56IKG7IujXJ1maJQQswJPpgcukZLadiVkHEr2Sv
PZOkXvL2DerUM8khs9NunhyT1Og2i2AYzrGyCSwnCaJimcfHhnnbay+/CiB54fkHd8yA7dC7/sxr
4cKDS3fd9d1w6W77Xn7BZ7/+jrmDOzWmJ8fKxVLF2jSRYnsC+cScIRX5tO3BDGFWN68bB2ffwogk
g0YZuPUzrh5XN6jL340bLO0yMeOENQUtkY9ydNSNLHZjQrTbCfZbdQCuW70GD/76P3HUYftg5VuW
wxBh+/YRTE1PI4pCDMzuQcpuy1W7OQ1OGf39NSRxjJ/dfBeu/cmdWLxsOT76gXNx2KGrUG80MTXV
QKlYQGAYTCHCnhUwgeg/HgOZMP16KUb3+Yo7l3BT2Rl8+OV1QVnGUF1HWADbPMvTkJU8KAHjD87x
4rROvndggBatwt+3vskH2cwMk6YJV7t70+ceezC644bvr64tGHxo7MUXtctQ9hoYqE6uX5/0VHr+
+aJLLjt755X71UeHt1TLlSqnaSq4YFkRnB3j4W9MseWA5xiaG59sh5E8hn6Ksk96bJi8UZXkUACf
JMquMxPHMjNePyQCAmNgggATk03ss2oVfnnbffjVnWtx5KF7Y8+VOyMIDIaGRzA5NY0wcs4zFcPZ
ak7Cphb9vTUwp7hpzT246vq1mDd/ET78wXNx1BEHoNlqY3xiGoViAWFIYGsQdi8HRTWty4RHArNP
KqgTdb/IlYIplkR7Yfm95cxoMjwnUcI2c+7Fo2aF/eQ3qGnCRYsV9GPavANA7r7k+oxMw1REs6E4
jqlS60pffeHp8BdXf2M1uOs3zdHxP8bVn3i9eQM4OFi5+UfPdH5yw7986H2f+MpH9jzoyObo0OZK
udpl007HmMDtsyBmIvJ53KwPoGp8Aja3T132bqqZ05iW1SgCHtzIHUotP4GuBJA3dhkis0ynx63x
UM0MI8h569SiVqvhlNNOx1PPbcQPr74B05Mj2HPlUuy3z0p0ddekuj5FJ06RJgn6e2uIogh33fMg
vnvNLQgKXbjog+fi5LcfjTS1GJ+YRGAIhUiaGBT6EfUsBwVVl9UjZ6yV4mdA07+ThCnqMcgXNChg
dd+wGkFAYe+YcFZL6D6TidRujGwO8JkxhQ+LIIzbzvi9Lixk96IaJhM5PcMgTa0tlsrmwXtvGXv8
13d8b5fDD3916PnnO5iZBClfsW66tfbKr5z93o998QuHHn96Z3jba+VypZuTuG2CMFDtjoiN20Wk
AGI5SkBwoAYMEiGolST9t8n+zHBBggHhfmoMQa4YX9mIskcPSR99e0vo8B6A/i973x1vV1Wm/bxr
7XLOuTU3yU0loQVC74jAgCCIiAg6ghXLzMiMdXRmVNRRwLHrNzp2GaUpFsABVBgUQYoiXQihh5KE
9OT20/bea73fH2u9a+9EEENRxx+L3yXnnnvObutZb3nesgB0shwAob+3hlq9jpcddyIeXrkJ3znn
hxgfW4/ddtkW++69G6YN9Lu0FjbIC0ZhDAYH6qjXarjm+tvw7fN/howTvOvtb8XxL38xwMDY2AQU
AWminSEXDyLu3xEU9zrunUQxVoJhLNadrExRmBTms0LROcuLaTMhxwgFSRWXucSq+7UKIICJYT21
w5W/24BpBkyJK3HfWZ6zF9hExBYWRIqMyW3a06tuveZn3SW/vepbe+xx1GPr1z+U4znkAKNjX/1q
c8QRtM/xb3zXB15w5PHFpjWrklqjh4s8J6WVT4RnIuX8dCWEM3s3jiQK5U3rwFv5EDdJyZa0yvam
tZQdlr5ahQ9E2LzZpRf6z7DyHFdoOuJteRGWYgH5GBO7rPpO16Wi/fu/n4Y7l5yI759/Ls78wg+x
aEE/DjtkHyzeaQdEcYTMJFBc4JZbb8VlV96Enp4BvP1tb8SBB+yByckmVq9ZjSSJUaslgEpBcT90
OgRK+p0VZgtAaZBldIoOIpWA4BocOIEnrq9ov7LEyN1DaTlaSb8QF5YrVp2Q1hWNHUSsuCoiFFls
SBGGLnXGhGvAZp/3m2MhcEZ+ahQYxoKsNRTXa8XkxFi67O5blgF4ZONDa7ckqvXpp5/D/7g/7XTE
CW/8yOHHvR4j69dEcdIgU+TQWjMbdvpUkc/Y8YKNJfgggsi5TrIlJUP5LALreFLtpbinNl3mASA7
njlHpaRXxJIJZXNiMSlXUlduG+oxyw6rWVEAzOjvqyHWGtfd/hAGelLsvsMcvPf978Vxx78c3zv/
fHziPy/GdvN6cdghe2LXxYuQJBE6RYxIK9x26y247H9/izjpwVvf/BocfNDeaLZaWLtqFeIkQa2W
AioGRf2IakNQcb+bd2sqFpjzEqp4YIh1zyXGyLvArEKnFw5eSUXQWZQpQlUT0Ft5jgrxyttTVpZc
0jlR2YFImms4aHrLtJKhEIJUxBIIByliY5iItAUYUZwWebcT33PbdQ8BWLa+uTKGS596ykFP/ZEn
GEND/RiJzdzt+r/xoS9edMr04dndrNNKdRxZYlaKFJPPZoO0mfJaVXahUko4PAQ3V4nLocqtYJVS
pebVcJsEEQDFUKzKDs+hd5s7nqOFyH2+2s1DrsVPvoLfr5iAsg2Xu03pytzpdDB9Wj8aPRHuWXo/
rvnlr/C7W68HZ2PYft4Adlq8M2669R6Md1Kc/NqTccSh+8CaAhtHxpCmdSRJDQViKJ2CdANQkQOG
52YUCJnJUbDBUGMIE60pZCZHrGMAjjtyKS9OKUiJnpUSIcvBkjNCHrNPULGSe1ZyM5YpkPFwMtFp
WmshhRHsz2G8pRdSc4QPsu68xp9fhKplUWJgYy0xlLVslSkKbgwMZffd8dvoC//yui+hln+pPdJu
A9gksJo1a1ZPrbbYZFj1H+/++Lf+bYfd9uk0x0ZqSZqyFKVJtxWQJe2FjSbBmfMiiCwUVVqi+blX
RGUfSfE8tPJpVFLnyyXlEqiY0hKU5gjSUk0JZrS3Jtl/1se2G7UYigi33bcC/33Jr7F02Wpc+Jl/
wLzhQYxNTGB4xiB6GjHuu+8hXPPLX+HW314LFGNYOLsPixcvwu1LHsb6MYuTTjoZR71oPzCATZvG
ECcxkrQBpghQdShdA6vY48CUMqlSFw5Y180FpSvp0qu8VxHmr3RLrRgmxuHHYc+lP8GWPQXFYrSe
VjEeqy4hwsKgTMGRYAv744RADHPAKbNvCecTvy0Y1kruor8wpdDtdKgxMJQtu+eO5L8+9KavjK4f
+wLQaVZx9YfG07EA45Pe/O/5RV/8lwNf9LJ/etnw/IV2anQkipMYbCyRch17XQ0okfYzIQab1FaW
7hQHt4P959xXFKA8oS7VIJKzBOUNOBYjEFJ07owagq/4DVYOsxM0LhXCabsyninWjDu/Ys9rG4Yi
Rk9PHWOTLYyNFdhuu0V41z8vxuTEKbjnnodw1+9ux2333YMXHPk6nHDCsUjrDYyMNsGWMTBnG1/2
BETeAg0WHwBxuNp5hsF6Hz5zwxmooxenHvQu1OMBTHQmkXOOmNym187S8pasf22tgegxayW8UZLK
4pYgCDUgEHZU4eusjyYrgKzbYF54H6crhC/0b1WUv7wdvGnLMGACuVIlpTQbGMPM8R03XLmp3Zr4
1dC0HdHGsk4Vi4e9/oP2oi/+y67HvubtJ+2w276mOT4SRXHK1jqBBrZklcyjZ+ZIctF8xYtEYwPW
/PWxw5Br4uCjnUqF+y4tXt9EQnHI2XeQKjFaTTdgl5MViHomX9xkGZFWuPWe5Tjrkl/jprsfw8iq
jXjX3x+LnRYOY83GCUwb6Mf4RBujoxPYZsG2eMe7TsXUm9+Aex94BHfedgvueOAe7HXwiTjxxJej
p7cHm0aasBbonz3P5Z96YRuab5iipEZ8cwLJS3XXuoXw8/ccMiKER7biJsukyrHca/GjHI8syrmS
HeD0Uzim9KCB91SC0ej+F4SnZIDIB3xjjXAfntN3MlUrRzADJk5SdccNV46Mrl977dC8He3IqmVd
/JHj6QjA2kVXn2v7B2e8fPcDXzTdGO6AUHMV78o1qdSKYS2RFzRghiWC8o+ibM3thVi4cQaTL2in
Knz9HAbPw/N/8hChoCQdRPIhKwKAWUHBdT4RS0l5F1iWiQAJULCSFO1OgTy3SOIIiGOMTU5hbNwg
jmPsvc/eeOHB+6DwuBsbm8LY1ChqSQoVKRSZ27Se2adchYkHRKQQ6eAO7D5zX7zle6/Clct+gn88
8H04atFx6FcDmMyasNZAAiPlMXyelNf28ECRwnnhBSXAQSBfGA+gkm4Q6i094C2ce8g+rUZ4I6Eh
GGU+nOTQBk7Q3xoxwVhDpLQt8pzSeo9d/ehD0U1XXXIdkDwysmoVw5W7yUiv/fm3qW9g+pF7H3r0
QrDKiqJIojhhtpZAil39J5NcqGzs7qoI/Nx51RYcYS/8N/vdc8pBwCmGNAEVN5eNmJRi0XrBFwSh
n0HR7F7BRaTRzQ2G+mr41o9vwH+cdTnSRopYKczcZgaOP2x3TLUzaE3I8gJxHIPiGJOTbYyPTSJO
Yuyx++448IA9SlxNNDG1fgxpkiCOCEWeh+cvzS4Q3kEZ9BDhBXjLz1mB1mMmKEiUVpnj3CQYQuXr
oDy9AhEliDLaL7l+pQClEpcWgaaB9RYklxft8OUpFBaOUjDGPgLsIr+EyDJbKrKCevoGiscfvj+9
8zc/vwHAg+1O126Bqz84trYUjg489ljCkiXDu7/gyBcOz98OWbuplK7s3wp2T9tPCrmNPt0thtQN
Z8mFziIEn5kui9JJ+8BlyckDYei1mIThuNQSouHkyXrHLQgPh2PyC99rMREqAuZg0vvkXmYY47Rs
EsWIkzqIFMbHJ7Fq1QjWrx/D+o3jIFKopXUwCIWAgSocJcrUdHEBjLFIdISJThOHLDwCu2y7J259
5Ea87X9Oxtt+fDKuXX4VcpsFl1Tuu+RtvBIJViF7BSrRXC/I/WfLXEve/Bmi8vyJypxI8s9dbMAg
aP0zlbVEImCcje0mzM1uURSc1Ov6ussvGNu0/vFL+vsHMqDdQpmKi4G99oo33Htv/5yFO75ou8V7
cqfd5DhO2KXduhZIFpbCQiYKScESCQ9cciA5S3cWYZ4lJYEd1yRWEnFlftzvJM8oHE4w478r8yvn
BMGyQRopjE118LdH7YOXHLQLdGGRG4t9Fy/A7jvMxVS7i0hr5/KxhTEWcRQhrTlcTUxMYNWqUWzY
MIb1G8fA7LbDZADGQDgjCOfIohBZckMR8BuuGYzAdYf1ssVnuMqTe5rE/81Pbsjtq+bhirvsDi2f
kWfKIfJLglX4OYNL5PcoDdcoeCxdawK5VCooVsy+lIdhbRTX9M1XXzax4qF7fjK8YFGrvWllB1ux
YfrWCsCknuykAGwzZ+EO2zT6B22e5wQ4GkVa+m32QINlIQtX3C4q+YggLOBzz9xEEXttIgvQWzaS
zyW8gXx+S7DaLYFb1YgsC9pHNb1tLd+xzJ4n48DtSiE6s3M/dBSjVm+gVksRJ4mryjTG9wJkWDYV
d6NyPZCKE3csIo3MZBio9eHFC18KpTWm9Q7hqnt+ho/+4r1oZU0QOevNR5X8M60sPklrYIbgrxSS
XKa9cOWHSo4HlsLzhBduFCw+mQ+UVqgnyy3CQwaDoULqmHN9s6xLfYPTi2V336Z/feVFVwLxfRMT
Gwxc4wxZWlFffbYCMGve9ot37umbRlm3rUCa2FiyFgTJJw05jnK9CCouWHelwx5wYb0oledUYsM/
J1ulYMrjlQX87liWK9j0i7vsUsQgFaGT5ehtJBidaGHjeAsH7bUDus0O/vbIfRBp7faEZkdZiKVd
WHglK7iqI0lrSNIUYKAwRRBIbm9pDtcu9ybJ8mYzC6yiLK2z7q3nb4Mg4tJaKwWhn1MxVkTh+Wfh
7l7yA12+qgTMyFJFGKpSGAely+X3gjFSXm94lqK0FNj6DGmPYzJFRj29g/nKZfdEV1923tVxo3Hn
+nUr2OPqjx5bKwCjdatv1AAW9A1MHySQNdYqywTWYGuZ2Iq04FLYoKKdveaVUGMAYIXPE21tUQK6
5LVEdQkwOfxe1fChYZaA3b92wqc064PlJMKVfC4SV7WoL9MJC8fdl2WDwhTIjYEtym62MpEWyh9L
olrufzZ09HBC0Xjw5AZ48aLjoGLCyPgm1AYa+MYJP8K0dAYyk0OR9q4wPPzcCG3KfQqLq0RiiKsa
hH+IdnvJY73elehbuH4/V6KQUPmOE29A2H60nC9ixW67TMVEitkYRdDG2iK+/PvfWDG2Ye2Pe3v7
OnD9/qpaOm6MbFQA5s2YNX8GQGytVQBcHYwTthTK9sgGK9Alj0sCOYfnzKDSnfNXH1w1FmsXAU+M
ygJH+ZxKb5HDxboOPyIwnB8tOwi2uzlqtRTrNk3idR8+B684Yi+c94m34MNvOw777bIQ7a7b6Mha
6zHkcQW5BocHUxQwxsBIL0BvXYjFZL1L6C6ISqHoOQlXVibBhnJ+Zc2UyliSl/26rOLer9tQKifP
Ntx7+cxcLTA8MsUb8Dcoc+CrQNz7pcfinrF4JeXzFnng+nkQMwHWGp9lQgZKxVd8/5trNq1ZeSHV
ah10u5PYCvcX2HoBqDetRwxgIK03EgYz2DgmRp4QuRsW9w/+BsVQcBwAICVDAByQA4kkwtHDVTmQ
u3OIRVL5WCVdBORKbmywBMTEEH0lk+KmxPorLUEoGq5qScJbdBVrIfzrk2O9gJYGCWIBOovLaXU2
Ivj8s7Byne57miJMdSex1+x9sdvMvfG6Pd+CQxceiS//9hOoJzXkRbYFOB3AQyS4osUh55T/KgK9
XPAoF4Kq8DbyrKhUXO58UvPpn6dlP2ckFRJ+GbhKH1IaWZ5x39AM8+srLzI3/uLiHzUGBh6Zmhpp
w3V9DusXgB5RGxyu0p6aKE9/wxSiht59p9A009+PJYjiFaEndxuu2X+fJEUDqIh16QYuStGdx3qr
yR2/FFBuXcs1wQk/rdHpFkgjhalWB6/90Hfw5uNfiHed/CKMTrTwjtccjr6eGrLc1+2JtwEO6UrW
n7NapSEi3AU9pPmGnw9rfYQUXqF76465gl2Zfx9J9dgLXJstLa7SrvB3yqXRUNJLFQxKcwUpcYNz
wYMwD2upPIc8cid0KXhGgimI5VgxJIiUu2RmRFFsu+02+qfNNDdffSl+9dPzL4zjxoPZyEjH46rU
VH/E2NogiDbFaARA5XnO3jpzd2jZb/DhrUDt+D+WbgQktZgqaCmqPhRSQXN7ssD9ldm1NhcNHDSz
y7WyLOVwbmErecKVgnT3eClcqtMnzpUmSQTzERbrew+KxhdXEIrLRSMT5oUuvJARrtFfqF/HHjgC
Z+YQXHGuZGUDJCYQK/zHMV/FdtO2RSNq4MXf2Refvv5j+PBhH8fK8dXoSfpgKgEREpBDNLN0DJGn
S8FFCY0e/E/gAV3o1xl2kGvx0VDPslvjAy7EpfsJFg6RwYZAml3umUKedamvf1p3xUNL00vP/eIv
056en+dFKwcwht/naLTJ4wiAKkxh2VUqUsnlUsgOIGYX/PCZASHp2ystSWsKZWtwMCWnT2FVxepV
ZTAHgO9FSUGMBoRKsblAFQQmaTOmoBUhz3O3pSoz3viRs3HMwbvifa8/EivWjKBRd+5wHGt3yQwf
aHN7jcBb2/CWaZhblC6h8BqlV+SxZv29++t1wpk9xuEpJZTCTASWCBjBQCUmEdahKB1xk+U8IrjD
9wUX7CHiS9aIwhac7JtNiCILWzl4LpchuX6VEkSp7wbA1hLp2Gbdtmr0DmZrVi5LLvzWp2/QWv8s
z/McwCj+iBb4W46ttQA5jhoxgKmpibEWg10WqCJmpdiyJ6mrScrstLOL5HgOzT8A9mS7AziX3ADK
CaVKKVa501m5cKX2V8y7chI5TH5pHcniFg0Db6FRuC5nZ1c0XRAanjuyni/0AtK3OQWYYQKvWDm+
v1Y5L1C60xCB5bWgIkLH5Nhz1r6wrJEz8MPXXoUf3HUWzr/z25jdNweTnUnnCvubq/YKhDxDiIXk
7ztEdMXVgX+mBNm3NghmuXZwUBJuPfnFFebGKwfAW36K3QJQYMukoijvZt3kgq+cvnztiofPMdZO
5M18BK5APQQ/BFc2VzGA7uTYhiakTYtS7FkiuCmV+5VvlQtTkpbDgqXyCrkitMEcqjlCjluYL9cg
wEoQCAhtnkTByBMIXgsYeVHAAkgijTd99Bzsu+u2+OjbXobH14+hXkvAzIhj7Tm40ioL+794/JaJ
6+wxYStccck/bo4pmWefBiXrzvpmBz5AJvmjAZ+bcW/YYl3B54OyLGP3WYvA84UuQ36GwjyI0LQI
695pIOvXRXV9iBIFpDU+ieHgpKGr72GGUsTWFIqULpg4+v7Xzly1ZvmysynpGQfyUY+rPzr4IWNr
BaDVeRYDGB1Z+/hYnnVIRbFLeLVMgHaJc1wmLzprrCIQvHUiBHxwVW2Fk3FT4UjrIA7JA8ibzH5y
HalbtWwYwjM4zeNfWwcCg1I4Ql7LxFuE87lrQtB2VTfYhq0BqQQLAJcoWnFZIEETeAAL9VEBdNC8
BGPd/U92JpCqFO2sg+GeefjGKy7Emb/6F/x6+a8wvTGMZt6EpnKLwzLCLcAuF60c3UKJl4JgTEOU
xBbzI5yQt6zLaJwXAl7BOQrOEvldC0Eu0T3PMtPoH1Q//PonW7/7zVXfrPUNP1a02+Nw2flPBFLb
bjUjAGOrlj+0oci7UFFsrTEuhZk8vywzwzZEGEtl51aqK7j3FqO/BxLBIguMKHCwgecShSL4qbqS
7hLd5/38WR+NddscMHrrNfzdmedh4ewhfPpdJ2L1+gnUkhjWMowPcECUqsepBNmqwbEyeFe6s5bZ
b4rkhJmsAZljcYEZDBMULZd9Kr1J7YQPOTdVhKuHiA1JzjIlwQIIONsyYEIkXKgYHl5JWhuUqfT/
c6/DyYJBE56zT0tyRyLflIiYpVEjFOV5ZgsoR7cAACAASURBVAeGZvJF3/ps5+ZfXvbf02bOWVa0
JwRXT1n3+0Rja2uBo263O2BMlnS7zT33OfiY7Xv6h3Jrcg2ASCkGOyfDZYO6PDc3Na5Jga4klLoq
EPfQgovjFyABIakV4FDpAXeisIoJUhiPIEwrBwquA6reDik/eQgZ/sFHEtvbu+mSJkJykcFSKice
XhiCKxoS7jjuchhWhTf9d7ymFkEdrtxCq9h1o9YJxtqjWDxjNwz3zsUHrnobjl30agymg+jkHUQq
hvFtiSCaEwFE/tReKPrX4so5ga6CIAArlIuQgFBJ4he8FXKBfMI1OS9NuY4szAApjU67xUOz5pmf
nvdlXPztz57V0zNwdXtqZAxu35gWnthNiUzR7YMx9bzbXbTXwS/eZXD6LFNkHaWjiK1lpbTLxHO4
EIxICr1UbbgLkfdZkESVdBivfKQ0U6p/JL/PSVz3uzeUITtLu6R9R5UoT7HkxmDaYA/e+envI440
vnra67FxbAppHHsrmxGkuODRIzd41SIM/PuiuKR5rbwP7x6H73N1TquWXIlPiMUoypxkTQDS10+s
MqDiCcnxIcdw/HsImKD0DkLfPnb4dZHaUtFX/y67v8k5rZR4BqPIL0ZPgFgGlNLodlo8fdb8/PLv
f0P/4GsfP1enPVe2JkbGAKz7A7h6yrG1FqDJssmi1jets+qRB+5YtvSWIo5jXRjDSvnkZyiGAiso
Dm2IfN86YleqJXpB0mLcJHgNYssSLwQXtjSXA0cF2kIjUem+oNTc4v6F/C5vxtnw3YqWlYn2Wtgb
hHAlX16zSoTaa7fgXrLTp+JWOdfFeM3qLAanrakEl4DNn0OeVeGPlZkCPUk/Vk2uwWv2eAtO2ePt
eMslL0XOOYgUclvA1dqIBhaBx+UzE7nLdjNXxa1KDoonvB8EcpnqwSjzMsEu1cU6AofFrVdKodtq
Yvqs+eaqH58dXfD1j/8wbfRf2Ww2pzxI23hyLW2RZXm93peNrH98yZKbr+smaaoKY9g5SMROaMHR
LSKziSsLjr2wERzA44pLnPgFKRxTWMzeahZaINjOApfwGf83T+J2sxwzBvvw/i9ejGari69+8A0Y
GW8h0o7vLqsx/DEIYCsMI5dzBYRr8Mu+zDYQKsOjymUweEuQJQBSsSJDihQHN31zKqj0SFxCc7k2
SqustIAlY6G0vgVpVFIqfi2i8pxChjyx5yjFZRY+VwS2d6O9nHdpVB5XFtBao9Nq8vThbYpf/fSC
9Ltf+uiPG42+n5put4qrrXZ9ZWytBagBRFDxoC2yotWa2vOAw4+bSSADYs3seCyXuQ9SwgUqCs8D
gA8qeIvJW3zefPLUD4UTKogGdoEKAoVeay6LHyi7F8uG1OX3ya/wkj50f5PkWP+Llwe+JyH5qHNw
x/3/xcJisQoloCEAkMVT+Z7co2hyFsuyKpy8oqg8aOGIjLVIohSbmiM4ZtEJuH3Vb3HR0nPxmj1O
xVQ2BU3aL5yqwKsohsC1IFgkQTOLShHNjfIaxZoMkXM3P84VZReCki0DAIVOp4Wh4XnFLy/7bnz2
5077sSb1oyJvj1pbrIJzUTrAZrdYHQQgRpwO2rxru62pxXsf+tI5aa1u2BRaa4hwIPL5HM4J8NY/
PJmunIUmRg5QmWs5kQ98uD+rwJmR2vJyBBjVt8RqJLS6BWbN6McZ37wMDy1fh++c8Ra0uxlABK1l
21YRBLTZjRPL3/1ez37O5PFY3vy6gzUHhLmuHpAh66tUhCV9JHqLy/mvVFnIdYrQDJSANyJAYq09
AcZCXp+v9gqYK++ptAJFwMq5UIkVKJ/nRy74RXDqjgjddtsOzZpvbrjyouSsT77vZwTz3Tzvjlhb
rK7gqppRsFVjawUgAYhskfVAJ9GGxx9WM+cs3H/xvofY5sSYSmo1NkXhmyG4hycdS8nzMqFA3Wti
OarU8Up/NqdFyrPK993D9krYLcOKEJXPqyrk/QngkCEnYi+IUQFAkHAlCHxbBV+xIq33vTkvsBWB
EdJnOLgfIjh9hl6weEWeipIM1mYQiggLhy2gVYTxzjiOX/x6XHj3t/G7tb/FCYvfgE2tTYijFMb6
rTYh5X4cTu9OooLWLzU3KryLEyglKV65Lx9ytdZPmreCVRRxURiVFxkPzJjNP7/oXP3NT/7zj/Mi
/1GRmRFri8fhor4t/GGQCq4aaaM/Wf/4I6pvcOZ+exx4BFrNCdJxQrAMpaWqw0lqRYDyOHF9J6nE
grduFQkESiUJb9H6Y3klpkTGIWzYXVFmAg2tNFqdDHNmDuI/z78SN971CM4+8+/AcAnISaSEIgg3
x+EWBV4l7r3eD/yYXJMo02Cxihfpt/AUDjvkgsILWmJUyxeDpRd4cRGq7vOBlxOvKqTIiNvLnhmq
YCYo1RLPVgJmkDXgZRtVXgdrNzCqAEkY0z0UywBpDWOsyrIOTx+ea3952XeTr378nT+xbC7odjqb
rLWr4KK+bTxN11fG1gpAJxEArVXUR8RTKx+5b+7uB75owbQZc/JueyqK09Raa5Vre2+VLrtSOlAC
TjAo0dxiiKkAZO/0IPTzAyqHKN8vrTi/GgAEXRs+g2BtlkqWvGYT/kyF1BQR3E6wyTEqUkkEWLDq
vOUXTMzNORsHMtHgKlyj7Mnh8CWWow9UbOa6iqBVYBByk+HYnV+DL9z4ITTzJl683cuxsbUeaVT3
QrAizODBR/B7ibjjyrkZFKKMIRgFhnSB5nA08u3mXUkaSLHWETrtttJxnNd7B+h/zv7P4pwvfPBC
Bv4H1m4C7EoAI/jj+Bl5OMrkRT8UNVc9ct/wTnu9YIfhedvm3eaUjpKErbVKRYrZuIIY9gASK7BK
6JS9IEscEBOUtB8K1qFvphswU8GofMabh5FWmOpkmDc8gG9dfB1+ev1dOPuMv0MtjZDnBnEUueqO
wDe7IJKYeZvxd0E4VfAaGipQyJUVjyLQ2+IrEnkrT5R3KXzCPPpfxLKXWQ1KOmDNWXFiBDDK+Zcu
QA5TpfXo8hDFY5B1VJ1Q9sEmwVVZQ15ameSUqrccGAzSEWedjlI6KvoGpvGl53+V//sz/3qJtfZH
1tpNYF4J1+mliWfg+sp4ug1RI2YTqTiuTY2NjK1f9eji/V708gGldWGLLIqimJktKZKmVIAi7VkJ
AkkLK6hSgMGT2sQgVgHMBOnwjIoWBypvlo0vIUKxhDcF3eIBTeIKIHzXsfmoWEnsW3+LRQGIUyzX
Gw5ZMRKEI6KweCpurc+TEqEEVIEJZ5UFADqgCW/gyGFGpGJ0iw7qUS8OW/gyfPSaUzGnfyH2HD4I
o52NSHUDBRtALDlwZS+RikssB6UyCRyV9ylsZe5uyVpLRK4UjZQCGNRpt6h3cKjotFrxOV/66MSl
53zxgjiOryRgIzOvgNPQWwNSLwQ50nGt0ZocHV35yH2L9j/8ZdOTWqMout0oSRK2xkrcikDe4Q0P
UQFB37pJDhSIn7uq6EOAVDlfATws+HHPRUcazVYHc2YO4PtX3IzvXX4j/vtjb8G0/gZa3QJpHLmA
kqLSEitPU1GcJcdYOjtVG1DeK9VoCOtUeDZRnoBYcxUuUXi8MPcVGgQU3FRnGaqS+5NDSgAjXFvp
Dbi0Q688ufLaP2/hF8vIMIIWDvh2z5Yti6kjz53Q7bSop2+wKEwen/dfZ7QuOuuzF6go+pkCNrIx
j8MJv6mtwNUfHE9HAIq2JjYmjWs1teaxh0bGNq7f9YAXvaxurTWmyHQUJy6b1bujTh+Q52k8JMkL
OKoCtASKuMgKpftCqgLWgFcqBZffgLrMF6PKZVeBLtZekDPlEJAKQFm+WWpkClYdSqGmUAZFUAHU
Fsd374kVVtXSXhv7M4FdV0VxdwoukOgUU9kk5vYtwM4z9sJHrv47HDj/SMzr3Q7NbAKJrpXuMHux
FoAp3A+DfX82MX1drpgU8vpVpAjWMCnXyBHMTHmWExOZ/mkz8dC9d0ZfPvMdD9989U/OqfX035R1
2iPMvBzO8pvC1qUmVHBVpCqO9aY1KzdsWPXY4v0OP65PaZ3nWUfHSY3Bri2+9OkDUUgmCEZgtctz
8DjcH0jmtsIBerMPsuex6GaGs/yarS5mzRjAT6+7C9/44TX4+kdOwbzhIUy2O6iniS9nRHmcqiBl
lNIuYK6KJY8HnzkRhEVQTvDCTIQkl7ii0oaQIJ9YeGGdsXVGReW7ITuAxFp01xhcVVU5txyTNucA
JZEeYhWyT10LUlwszVKhO6OC2LIhRcQgDWaQMTkMww5MH7aPPrA0/von3rf8hisuPLdeH7gh77Y2
eaUqwu9ppbw80Xi6FqDcorVFkaaN3vYj994+PrZh3c57H3p0LYriIut2VJSkDBcQCU1JCXAVI+z1
NPvACUHoJVQtwgAmAQcF8QNWW1gAwfITzJV2YfC1/URLVxRigFTZBZkqtyctwIGASwC2BIo/NENs
DFnD7IVoCXoRoqIRxf1wZ6twPKhqz1LIuiRXBWMNEl3HeGcTdh3eH/WoB5+6/j04dtFr0Yh60TUZ
tNIwlf5h7lg+MslevHIF2JUH6PrbKTZ+3pSOmcGUdTtUGLZ9g9NMURTR/150jv3GJ97761WPPnB+
b+/0e1vNsfUAlsNZfi08PQ0tlJZla9O00VuseGjppnWrHlu076HH9CS1et5pTUVJmoa8TiImRS4l
x20YKFwJELhgL9TESHSvvV3lQVimWfn/kzOPtdZodboYntaP6267H58/5wr8v/e/FjstnI2JZhuN
WoLCGL+fTCn4mMUTCI8W1QKBEmslt0ZgSM/LEADxeLdBiIqyrwhJwVBFvbmjlX8PVUDyr1h9IR+W
fC6lazgl11V6CAgCWaw9sNA3CPclwXKhTBy2lW+zyLAMYiIopQFWyLpdMtbYRv+QASP6+cXn8jc/
8d6bHntgyXn1+sDd7fb4BgAr4JRqE8+i8AOemQAMCWgmz9IorU89cu/tG9aufGT7Xff7m57B6cN5
a2JU6ziCIi1mOhFpLpMUFEj5GSDlvVNViX+I4PNCrwJkJgXFpaAhJVpOhKQfIdIrZn9pizlXjySe
4twdt4m3yCcipZgdE11qVAGAyFMvTOTw4p5w5Yybg5EgzF41YME+EVrAB5+kLMLPeqvWskWi6xhp
bcAhC16CNZMr8O07PoNX7fYPnBcZgYiVa0UraRIEH2EDUBF+PiXDJVsxs+P3mEFKO76v2+1SURTc
2z9UREka3fu7m9R5X/royp9e8PWLu53WFUm9vrrdmlgLYBXKgEfZsG7rRlnE63GVpr3t5Q8tWbdi
2b0Ld933kP5pw3Pz5uQY6UiTIi3RT1IuH9HrSjdnovMIfm5Rvq7iopxPEt0FZiCKNDqdDNMGe3HH
vY/ijG9civ945yuxzy7bYmS8iZ5agqJwzVpFrgXhJjyqf88bWkSkWE6jiHztSYmNqgoWbFmx5qqu
rlRdyMNieNxUQVkVguXfqqgMdcT+8cveHIH7E4uwIqgDbwh3g1a8hxJXLmndWrJMfsM4L7Xdnr9U
ZDlyU3DvwGCe1HrUfXfdFJ33pTPWXnr+f/243Zr6WVIfeLzbHl8H4HEA4yjplKeDqycdz2RXOK78
GGuKJK3Xm8sfXPr4/XfeNGvewkUzFizazXbbHbZFQSrS5JJZmYhc0aVSKpgjqoLWzTRnCBy411TZ
rAZVDAeRRwh5SCWRWFp+gXNVcMU+BLbi94CUUmBmct67c/uqZqVYjYF/ZCekWS5EkkjhuRpPbpdE
MgJwgoAMRHGwESvCs7zPksdxf49VgpH2Rhy9w0m4bsXPcNXDF9OrdvkHTHRGSamIfGcW8i59hUmH
J9jJW8MEYiJWCtZYssYgyzKAtO3tH7RpvUc9fP8SffF3/nPk3C997NrlD95zca2nZ0lh7SaTZSvh
8rEm8OwQ09VocWFMFkdpvbP6sQdW3nP7jTNmz99uePvFe5puu4OiyCiKojJARuRtEBcRUwR2SfNU
lX+l5aXEMy7TYOSDOlJod3IM9DXw4GNr8KH/uhDvf+vLcNh+i7FxZAqNWorCWJeO4xW1GH6kiJ3V
5rCuRMW6LAKnaglsObQLgfB7jmOjcmUF4VoG10KKDaqBEELJI3qcWPLlbGKdVv4GwR0BVG6WJekz
Ir0lQTtULDlFwQRNpaylakoLCOR7GCgm5dJAGARrLedZB4Cyjb5+W6s31CMP3B1dcv5Xxs/+wkdu
ePSBJRfVevruZGs2FFl7FYC1cMLvWeP8thz01B/5g0MDaAAYBDATwMK03jur256a3zswdMTLT3n3
C17y6r/XjUZP0ZqaIFijoyRGrHRpuDvXBVoRu4XIpJTP+vea1AHbddGQPRlCmgPkMy5XUEF4wlL7
K+UFrvOXXBjUZZT5VAkFrRXnea6sMRzFkd+zpBSuxIAlFqPeuUzMgmuPYu9ae1OkCjapkRRsBT5R
5JJod8ERi0C0QWhuxsn4Yxi2MNagHvfwKZceiv1mH4YPHfpVPD7xGHriPnSzjkTavOfHkAR0110k
9I9jMFhHiU3SGqsojtrtFi2753f45U9/MHbHb66+Y+Pax28D1INJvTGWtac2wgF0DA6gHfx+je8z
wVW9gqtt0rQ+p9ttz2n0DBxx7Ov+6aDjXvdPSW//QNGcHFNsrYrjGFEUuQRa3z/Jzb0PrsFtvA2l
oOCbZlT2nvELFQAQaY1ulqOvkWLNhjG893Pfw9tefQROPGJfrB+ZQG8jhTXW882oYI2glJQeMUhp
1kRkjYGxBWulSUeRk3fWktLamUsiOUFOIpdOkehlj6sSX6VWLz2O4JmyAJcRWll5+ejm3kIaEVvD
8E3bK25xiUvHO+rQjw8gGGMoLwy7aiGQVzIB74Ir6x0WYxk6ijlJaxzFiWq3Wurh++/GtVdcNHHz
tVfctWHNypuh1IP1RmOsPTW1EcBqOMEn7a2eUarLHxrPVAACrqOMgHUGgLlRms4vut1pAPbYbf/D
Dj/+Te+Zu8f+h1IUp3lrakyTLSiOE1JaO27d5WgQERCRZpAlETxKBBC5jDxSqhSIkH2DAXFRlZRE
eRZFNq8JEUB/x4pdyF1rDbYGedZBvdFjGr29qtNqUZHnoYENAC88JEotnCU8JVhGvFwiuD+fXwu+
R0BwX8LgkuMLuVrh+xDTwHX5VRKxk6Jyt/G7VIREFKGVT/GbLnkh3rTPB/C63d6N9c1VPDQwh5iZ
jbW2MDmKooAJah4giqAizSBF1tqoOTWJdatWYOntNxY3/urydfffefOSdnPqbgDLe/oHx5sTY6Nw
gm8EDqDCyzztZNQnGVUhOAPA3DhO5+YmnwFrd9lpzxccfvwp716wz8EvpjSt5+2pMbJFrnUcUxxH
bjn6uXEbJCkwDDmuj0DkBKLymQXKUy1aE/LcoJEmGJ9q4j2fPg8nH3MQ3nDcIVi7cQy9PTUYw1DK
V7nKZlxuskHMpKPIklJkbEF5t4ueRsP09g2g1ZxSxhTB1xZ7lYIlKFgNgEOgQ0qVCTdvFCqlSjpG
PA+HG3F/AbH2Khxh4Jy9hRi6ynhMsmS5usqbIGqtA37a6CEishZsi7xAUWTETOxKLImU0kxaO3OY
STWnJmjDmpVYesdN5jdXXbr+3iW3LmlPTd4N4LGe/mmjzYnRCY+rTXDeRMvj6tlSqk84ng0BCDgh
WAPQB2AIwGwoNS+JomlZls1VSu3zope/fp/Dj3/9jJ123w9JPS3aE2NU5AXpSKk4iqGUZtd9xFlq
AJNSmgHrA79S5SFCDd5dhgeyA7Xs70FkfWIsQWknoURLk3YRRDYWWdalNE2LwWlDGNm0MfrR+d8y
Bxx0KPY54BCanBijNE1grN/WxXdskNQIqojaEFQBStiGlAR/rQJOQgWcAkwRfCV3I3mKoSs1i7an
4I5YMCKKuV200BsPYNnIUrz9ipfy5465CAuxkzr77M+0Fi3aS81duF1tYNp0pPUeRFEEZkKWZ+i2
W5icGMPax5dnKx9b1n74/qXjS269/rF2c/JhuKDGulpP31TeaU0YYzYB2ACnnVtwVl+BsMye9aEB
pAAGAEwDMAtQ20RJNK3IslkA9jnkmL/d/8UnvnnG4r0ORK1RK5qTE1RkGcWKVBTXWGs3byQEAFvS
SrFIECXeA1lo0iiMQRJrZLnBez51Ll5y8B54298egXUbx9DTqMFal4RIBJACw3oqx9EnrJVrkJDn
GZIotv1D0+3k2Ej8w3O+YfY58BDse+DBqjk1yVprpRRZa9nHTywJRRMYnFIsVmic0pmtGH6oqtYy
v9BZe8LiMDmOzyXeVyzIENDwhxUrkDRbNs4vsyBjLcdpirWPr6BLfvDt9oLtd6b52+5Q6x+cjlq9
F1EcgRkoigLtdguTE+NYu2p5vurRh9qPPLR07K5bfrOiOTH6CIBHAGyo9fRN5p3uhDHZRgAb4byJ
tsdWmdT6HI5nSwDKseoAeuC09nQAs1WUzlbg/qLI5idpY6+Djz5x10OOPnHGLvsejL6BQdNpN5F3
W4Bl0ko5clsrDgFhcu6xACFQf1S+JsBziJsLSOfekgDIUXqwMFlBAGxSr9uBvn5MTU1E1111OS79
4bmP3XTD1SvedOp79zvtE/9Z37huDer1HjK2gHJJwMofClLkLgJLqvckMuTeJojLGQRi8FUsLPud
6cRtZmElCZtpXaBMOpXfAyHuBGSkI57sTmL2wAL8dMn5OOvhj9u/WfWyzoVf+tp1ALoEGhiaOatn
YGh6I0nrERic5d1iYmy0NbJp7bjNC2lYsAHARJw2JkHUzjudccCMoExtmYJzSzL8CQDqH2cNDlf9
cC7xnChKZwHcVxTZvChO9n7Bi0/Y9ZCjTxje/YDDMDA4ZLJOm7N2C8y5VjqCVpqU0tBkJSELpIiV
KEZyWblKKSgi/PNnzsf+u2+Hf37DS7Fu0zh66kmI5KvwP1/u6SWRNTlgYeNawv39g+i0W/r6q6/A
xd/79oqbb7j60de99R37feiTX+qZGN1k07SuCpM7y5R9L0125pZLJXS4ogpkRIlXAy7V/D4n4IPa
9H93ipSJ4LblJbfrH22e0iLpUt77rQT2nFkS6RjN5hSmD88xl1zw3/jsR955LVzEf8bQzFn1wcHh
RlJLI0VAN8uKifHR9ujGteNFno/BYWoDgLE4bUyBqGXzzrgxZhSlJ9FCWdf7bHsTTzqeTQEox4vh
wNoHp7VnAJiVpvVpucn7bFHMTWr1xYv2OGCnA/7m2Pn7H3qUnj1/IZI0tUVRcNFpc2FzRW53OSgi
UlpDKwqWHoByr1ZxNT3To0JFhkydFZOeldKs44gb9QbiKFbj4yP062uuxJWX/nDFjdf+Yikzr6g1
evPZs+Yd9bXvXrbLrHnz8k67GcdxwsYaifZRyeKVWrSMEiMAkcMjAURwVb6BoMUlAgnZ8BwISdAQ
bkbSFDi8R0EOMixAcZzy2OQGmjttx+Lbd34iOuvHH+v2XzPjq1m7NWELa7NOhwAk/uQWTst2o6Te
1RpZEiWd3BbdTrPZgnNDxlFaewLQ58LdfaohuGrA4WoQwDCA4bTeM5Tn3V5bFHOjKN5p0R4H7HzA
4cdus9+hR0dzF2yPtFaztihs1mmhMBVcKZBWEYgArVznTZCiWhrj/Z+/ANtvM4wPvPXl2Dg6gVqa
AuBAfwCuPRrBsjWGtI5snMS2Vm8giiI9OT5GN11/FX7yo/NX3XTDL5dYax+vNRqtRr3nyHP/51d7
zFuwsOi0WzqKExSmgFYKsEzS17AEkb/1IPzE+udSwaLKDTIcUVRp/SKubxB4DEmUBlDyyhVcoQJR
y662ud1pU63WkzWnJpMP/uNJDz18390/Uklk8263WxRFBGtj+QocrjKPq26sk6zgottxjTEm4Sy9
Kq5kI6PnjOt7svFsC0AZEZzrUofT2sLjzKj39g92W61ea4shAAv6B2fssNt+h2y77yFHTdthlz3j
uQt2QL3RQJymBkVh87xDxhhia2BN4UK2pNyG6d4wdNwfBZZDgVhHmrWOEMcxx7WUa3GqiiLTzakp
LH/4Adx8w1XNX/3iJ6seumfJEma+P0qicaWixFqriiyb/+o3/sPrzvj8t3o3bFzHtSRVRArWGEdH
+lBClRO0FKpJg6Um+TyuaUAFVYwy6dWnurhwotRWyhHEhSkP51BKbqMYa4ihWLnqDLRaTervn9Zt
m076rY+e/vBl+M6omZf34Kv4GGL0wKgi1omC9t0ljGFjTGat7cKBsAXH6TXhhF0HztoTIvpPDtAt
hrjEDThcDcB5GrPqvb0DeafTUxTFdADbDEyfucOiXfff9oDDjhnaYbe94nkLdkCj0YukVjNc5GyK
jIu8ILa5KoxhrbRu1GM+7f99H4N9DXzs7a+kkbEm6rXY2VDsYgWkNUeRRpKknKQJJ3FKpsh1qzVF
yx9+ELf+5pr2NZf/z8oH71uy1Fp7f5Qko0qpKOtkMWBnHfeq15/yya+c1zc+stHGSaIirTnPC1LS
qRqABZN2GxO7XV6cE+oxwr4yuwyYieqVzwoHCHiB5rVl6PfnlWmJMmJj2bWz88KdDUjHkTXM1G42
qbe3PyOlk8997D0jV1x03teVUo9Ytyl1oZTSWmsFrQHAwsAakxVPgKspbI4roVCeU57vD43nSgDK
sSVA0oPSNZ4GYHqaNvqN4p6i3e7x781t9PVts+1Oe8xbvOcLpi/cfud01rwFydwF26Gntw9JrY56
vWF1pJmL3CX+sfVuLUgrBaWIFSlSWqHIc5V129RuNrF+7UqseuyRYtkDS1t33nLDhnuX3PFo1mkv
A7BKRdFonCTNbqsl+Wv9URQNFEVx6Hs/+ulX/sM7T8PGjWuhgChJamytcS4LFLNvLRxsvJBVyMHN
cn8Q4cXh0bD/T96uGH3hWJIwJlUaIPiIiMsf00pzYS3l3Q6gIjM4NN2uW70q/sqnTlt7zeUXfVtD
X2veYT4Nwjp8De/ENMzHKNoo058MHFuuhgAAIABJREFUHACzyk/u/xWhZ/Cnt/j+0KjiqoHNcTWU
pvVpzGhkWbsBx0fPSer1bXZYvNfcXfY4cPo2O+xcn73NwmTO/O3Q19ePpNZAktahTNt+9tzLLVGC
T7znJJ6YalIUaYq0ZoAdvnSEIs9U1mlTp93C+rWPY/WKR4tl9y1p/e6W32y6565bHss6nYcArIRS
o42enlZrclLI/L4oSgeKonvQ2//19JPe9YEzsHHDWgWGTpIUAFtrrWvyT2XvQzeemGmQ1CqyQp2I
eyxAks3BqOKRIHgWCPl7zrxkdpmmSmlmZnS7HYJSZnBoptm4dm3y9c9+ePTKSy74er3ed0u7PTkF
Z8UZPydC0TNKXAmWMv97t/LeXwSunksBKEPBuS8pSkHYB28ZKqWmqThtgLleZJ0agF444E6r9/bP
GJ63YPqMGbP7hoZn90yfObvRNzAt6u0b0D29fZGOYuhIkVYaJs+522lxt9sxk6Mj+aaN67pjm9a1
165+fHzdqhWbNqxbvR7AGgDrodREPU07RcFTed4Zh4s8tfy1NgBsE0XJcFFkL37H+8885h/e/UGd
5xm3mhNK6VjFUcRsmWQ7jzLgAS8cffDDg05JSoFHnoROQkBkM3CWEWWfTxXADMskeV3GGNgiZ4q0
7ekbYGNsdOPV/4vvfvPzS+9bctv3+qYP3jfZGluHBViHE3A5OrgMX8ZHMAsLsQ5TcEJQQGjhgGkq
P392cD7FqOKqDoebKq4GVZz2KlK1rNOuAbbEVaNvxvDc+dNnzp7X1zNteGD7bReoR83CaXfdeZd5
56sOIJX0kFZMSRyj2+kizzsm63bs5OhIsWnTuu7oxvWt9asfH1+9avnIxrWrBFcbAIzX672dgoup
vNMZQ1kPDTjcz4+SZFaRZYe/7T0fetmp7/tIwoCZHBvTURJRFEUu9uuVnEg0BiqKtkKgVNxgqirX
4HywrwkW9xgIKQt+5Ut3GQsmYsW5KcianEk5XMFC33jtz+m73/j8fUt/d9MFjUbfXa3W5Ca4iK1Y
cCIAufIjGBLPQXAlf/+LGH8KAVg9lwC2hs0twz75SdO0oaI0BTjuttuptYUAvIES7DWlokRprbRW
mkhxUWSmyHPROlMouYUppVQrTetd0lE3L4pW3mmK9hrf4rMEt4BmAdguqdXmZJ3Ofi95xcnHnPre
D0/bcefdbLfd4na7RS5/UZPW1U4yfidd73I4zQxY6+pcpMiIAWiAjcuS5hCx8UENl/7l+MZQhG4t
jC1c9qwim9QbNo1T3e1m6u47bsZPf/id9df94rJrs6x7Xb3et7LdnlyNGjZiBtbjGAxjGNfD4oP4
LH6IQ9CH32AKCI0WZfzFAHMrRhVXgo8tFW1vHDcaURKlACfdbjOxhY3hBGIHwwefiJk7DDZWXXld
e2xTg6KYkkgpkCJTFEWedwVXVS50SkE143ra8RxX23NcVVw14awe5a9nFoDtoySZXWTZPi96ySuO
efu/fmzGTrvtyVm3Y9utFrErEPApYl5VErisO+cQaXNNKjRLdoIz/hggxcZ7RyHlgErxSc7cc5rP
GFhr2bg29pzWGqZWr6tut6vvufM2/ORH52665oqLr8+7nWv6BqevmBzbtBZO4I9j89zPkuwu/+Ut
3vuLG39KAVg9Z4QydaYqECXa1/A/tThNa0rrWKkoVgraGtYmt9ranKyyTrcoMJTiCAC0trGKC9Io
LHNmc1PkebdtjJHtGCV3bUsuIoezinrgXScA20VJMrPIsu2G585/4Stf+9bdjj3hNem8BdtDx7ro
tNvotluKLZMFSGsNrbWPROvAXzulzoGe2TxC5zMepDOv5/xMUcDYAmBiUsqqKEKt3rBRklDRzaP1
a1fh7jtuslf95ML1t//22ts77eatSqnHojQdzdrt1XAaehT7gXE7WvggDoXGxSC8Ap/ELTgVMc56
brLr/0xDobQKBVdV5VnFVhrVpw3Fprkp3ucNb9F983dv337W1zqj6/IoqWnYAoV1CfQKfvM4rW2s
0oK0NZa5a3NTZFmnY60VoVjFVRVbBUrPIuAqqffMyNrNhYNDMw7921PetuuxJ7y2vmC7HRHHSdFu
N5F12soaBoOV1tqlbkGSXN2ezApgYy2RJA+6ujlIEZNlkGXpbCSdyY3zHiyYIrJRlHCS1hAnKUxR
RBvWrcHdt//WXnPFpRtv/fUv7mhOTd6mVLwsSqPRrN1eA5ekLNkAfzbu7tkafw4BWB0KpTBMKj/p
Fq9j/zqufF5j8+sXV67Ka0m6Rqfye7fyWtw+qUEVa6IXnlwHsE293jPcbjenAdhueNa8PY982Ynb
HXTY0f0777Y3zZg1G3EUGWMNd9ot5FnmysnYEqwhIzWprEJdqERywZJvRUy+EgZEHOnYxnFCcb0G
BU3WGtWcmqA1j6/EQw8szZfeftPkLb++euXKRx+8F8BDAFbXevrHO80JcU02oiScC5yOGs5EB6fh
dVD4LIAD8ClsxEkALvq/D+Ithrhjrnt5aR3KvxHQNwRMrtN7vfFf4t5Zr+zcdfG7MLW8BSQNILMo
t4sVK6aKqxybB4e2xJX8bImrBKVynQVgfpIks7IsmwZg26GZs/Y86rhXbXvQ3xw1bfEe+9DwrLkc
x5EpjEGn00He7cAaQ65M05BPgSEpAqgGz6wPrsnbruSUWOmY4yRCktahVQRrrWpOTqq1q1dg2f33
FEt/d8vEbb/+5eOPLrvvPgAPAljd09M/3nS4Wgfn5k/iWWhE+pcy/twCsDqERK0KuNj/aP8jAlO0
/ZaZJVsKQeG2hIPIK+//oYUvQrDMZ1RqVpSm/Vm73Q+nxbfdY9+Dtl20y+4zdt5jn8Htdlys58xb
gBkz58Cl7WjWkWYistZaYmvZMABrPGgVExGpSDMsyFhD1jCMKVQ372LT2rXYsG4VVq54lB996L7x
1SseHntgyV1r1q5ZvhI+QTmO0wmto2an0xkDzAaUOVVSmla6t29GDeehgw/i36HwaozjUGjkGEKO
M//i+b5nMqoCkTC8+yDWL12XvPDd743S3vfnm+57RX73pauR9A4imxIvQL63Ja4Ym+OpqPyIMn0y
jkuw3YtK9FopNTuK6gNZ1uwDMBvAtrvtfeDCnXbZc3jn3fcc3H7RLtHseQsxc3g2HOetrSvTVMzW
gAF2u8tZwBU9s1IEkCYiwBhLxlgy1lCRZ9i4fh02rF2FVSsf5UcfuG9i5fJlYw/ee+faNSuXr4DD
1fooTSciiia3wJXUenfxV2D5yfhLEoBbDmntFqEEcfVHRhWoVY1dFYYWTw7MJxsJSnJ90P/MVEpN
r9d7enKTN7JORyzF6X2D02bOmj1/+sDQ0MDc+ds2hmfPawwODdX6B4ZUvdGDpFaH1hG0djuxmaJA
kWVot5qYmprExOhYd3R0Q3f92pWtjevWTo2PjU5sWr96ZHJ8bBMcADdCYaKe9jajSHeazVbT2nzc
/63KOYm1+/v3eioaOAstfAjngjEdn8HxeDdSfAXdrXgu/3fHrFN6sO67zfqRHztJWfPlrDX+0vyW
r94F9E0HJttwik+U6uYpm5vjaUuMbQ2uYjhc9cEJwiEAM5RSQ2m9t4dNVu90On1wuBrq6x8cHp4z
f/rg0Iz+OXO36Z01d35jYGhGOjA4pGv1Bmq1OnQUgZQG2KIwBfKsi3arjdbUJMZGR/KJ0Y3tdetW
tTauW9OcGBsd37R+7cj42KYRuODfCIDxtF5vJknS7rRarTzPx+ECOGPY3LV/1rux/LnHX7IA/EOj
av3JqFqDz9YkaThBKOkWAtpBAANp2uiJ0qieZybxkcYq5yScZqKiKNFaR0SkfAMwy8yWjTHGFF1m
FjeqmjPVgVLdelrvQlNORO1uq9syJhP+ZQKlmys/T51T9T7U8UW08SH8CsBSfBrvxinowXdDtPKv
cyw8vYblZ3bSF33gmIii87oZnVj85pM3Yf5JdTx+URubY+lPhatq9FoKBwbSNO2LorRmwHHWbtas
tcKTC4eZAEiVihId64iIIrlkZjZsTGFMkTFzlQISDrwDqG5a7+1obTNQ1O22WoKrSWyOqxY2p4r+
6sb/VQH4pxyEErASrJEgTQ8cgOtQqh7HcS1ScWqtiVgp57azUdZaKorC70BjCYABFCkFjtK60Qpu
v0PYwhIVGjrL87yb53kGGBGKEn2UiLXwUFW3/o8ZCodDYUf0YxZ+DcY38Wl8+a/bEjwpAS7KokP/
7QVJnFxuGG/oXvupn+Og99Vx0xfbf6aLEq9my+i1YMvhCqoR15I0oqhWxZVikLU5FUWhXC8RmX5l
I6Wg0thopViSleFwlec2z/I878CYDjYP2lQrfao5oX/N9MjzAnArhghC4SUFuCIYk8pr+YzwmeJS
VTc1ATbPudsycbQaxNkyObnKQ229VXIqYozCYgF2RoxfwuDv8Hlc+VcpBHd8d4plX+nGB3947zi2
V3Nm/779289dioVvrmH5eZ0/9+WhxIUE+qoYEstvy8Cg8ODVQKD8KwKrylNW8ZNj8+qeqrB7Zrj6
PzieF4BPb4gwlEijCEaJOm4ZsJHvbOlaVbkkg80DONUE0mpFxtZyTk88TkKCi5DhAzgCGj+AxTH4
LJbgJMS4aKvbjotglwUp1xqhjBZGKBdWNWlWErKrY0v+7emNXU9PcO+ZWXr46Ttq5Ndaxoc713/q
/L8g4bflqOJKsCWYqgYHhQcX4Qn8Pl9ZjV7/Mbj6q3Rxn2o8LwCf+ZBnuGWQRgC6pZZ+MqBumUEv
7wPPlTY+CXVchDZOw6kA3o8RvBBnYZO/zmfq+jxTIRbjGXUBPkkDFxkc8P7Zjb7ab7iw/9W+/pNf
xq7v6MW9X596Btf1pxyiNKtCr4qt6k/1WVcxVf23qkD/oioy/lzjeQH43A0BZbVG8omACvw5gfhy
NPAztPAhfBaEv8EqHIkhEL6ILv44IRjDdWaZArAYjru6Dy5hdm8AS/xxFvv3JvznCS4COQ9lWRXg
XL0+uFzGLStV/shxkgZOAva7eVqjL/0NgPNb137qk5hzagNrzmpt/fGe/SF147fddlt899136wsv
vJAPPPBAOv74483+++//VIJ/S29iyyoMef1EmHt+PD+eH5uNN6MGAPgILsSH8QMAwOH+vScfsujm
APg3ACcA+AqAtwL4HICdAPwOwO5wQu5WAPv577wNwLH+9RkAXogy2r4ngNMAHAyEa9gKRX14hF1P
T7DXmwd7Dj/tzvrhp30OALDwzU91P8/ZYLcBDZ1++unRl7/85XS//faL8ftCLIzTTz9dPdH7z49n
fzxvAT4/AEDhJKSYDyDFdWBchc/iIyFl5sm+46yz2QBOhNsVbhjAd/zv8wHsBuBquATbDwN4P4Bl
AN4A4HAAvwXwAgC3AbjbH29fuEqJKTgr8Hv+fH+MJUjA6Rr7/YwaAy/9JYD7W9d88h9x9Ck9uOq7
LfwJLCFm1ieffDKOOuoo1e121Xve854njKQycw1AsWL1+sMfe/ShHX9yySWdHXbYoX700Uc/umjR
op8zsyLX4vz58RyO5wXg80OGE2j/jFlo4EYQPolP4ezAEz7Z550FeDKckNsGwDlw1uBMuOhiLxzZ
rgHcAOAmOCtxEMBPAbwZTtjdBIfHQwHcD+B/AXwAwGeAJxXCmw+f09dzxMd+xmQnWtd84vXPVaqL
b06grr32WtVut/WPbr6ZzjvzzN/rmeitv2lnnXVWseeB++6zbuX6Xe9denfvzJnT3/Lggw/CGLNA
a90YHx+3SRxju+23726//fbvfuUrX3n26aefHp3pjinHojMAOsOVfDzv1j4LI3rqj/x/9s47Xor6
3P/vZ8rW0wscDlWkKAgWELEFsceaRM+xxMRUTLmm+DNqKpB70xNTvCmSYnoMxJtii8aGvYAFBKVK
53B62T4z3+f3x+wBNJaAGsXM+8W+dnZ2dnd22f2c5/vUiP8QDC3E+D7tXMa5xLmVK1nLN7j3JRon
DP4AfXYl2Y4EPlbefzswnjCQUQ08Tejfg9Df9wShNbid0Ho8BBgFPA4cSLiEfrx87Cv5AoVpc5Ms
nZ9Lzv7C9aCau+t/LoSW2Gslfqoq8+bNs+vr6+2uri4VkcGqiJ2ip5vVao+1j/2/W24x0yZPOfHZ
1c8mf/DDH05LxuMnrVi+ou/JJ58cm0gk4tlsho0b11FTU0d9fX0wZMiQwpj99rO3btlevOuuOyoK
hcJnVq9efduECRO2hvW+oi0LF9pl0TPzQWhZaLOo9T8ycvtaElmAEc9nMD3mM5yBzbWUmM1m1lGL
9RLdYwY7nRQJBbCWUOy83fbvHggqlvdbhMm31YRlVxPK968jXAIPIxTAV6Zs+aVmf/5ahIm53Oq3
U9tkuLXOg/mvehk5d+5ca/78+c+LmmYyWtXT01357NplI5Px+JkPP/xobyE7cGhVTc2M9evWGtd2
xvvGJ5PJYVmOqa2tsWrrGrzGoU3+iOHN0jx8uN00pJGqykrbde2dPr9vfuvbxb6ebv+UU089a9as
WXfdfffdzuzZs32A/v7++h/esLTyqvcdnkUqOiiL46t9f//JRBZgxPNZRImLSfAtbuJKvkOSP9HM
23iSDC8eUTSES1gIp33Brjy/wce8MK1m90hsT/n+1eXbQmgVbn+J13s+w+ak2LIgl5h11fdEZHq2
WDqOhwmgLYBrXgMfmsr8+WJUNXnXfQ9PKWT73/7E0qXWddf979sKhXxz2/a26nRFeuhAfy8Fz2f7
9jaTqqqTZEW60DikSYcOHWbVNQ61a2urg6qqKrsynXadcq9T24J8sYgf2AZB4q6rMccWg6oxpgTQ
kRjnAv6vbl4y+4rrHvr+2k3t8a0/KPkjrn/gv68SuZ5dM+Qi9oJIACP+mV9RYA4pvsHVXMV4ktzA
Yk54maDIbn1esdiVv/ev1NDu/lgI8yAHqxxePh1k1scqWPyjTPK4z30Z5dTsBu8I1n9zgL1On3k+
g8vP1atXj73ul7/65Yrlyw5FgwrPD9i0qYQdSxCLpyhKKte43/5S3zBUqmsqnXRVvabTiUQqmcCW
cFa1awv5QpFisaiubZOM2ThujJhjie2ISDhMF2MUFMuywrFzrUeOLGzc1nHYd//y1O/uXbZxWFxU
Fy/fLBN7a6++7k+Ll77/XFnTsnChvag1Wg7vDZEARrw4C8hxKXG+zke5ilu4ip/zdT7IXFLM54W5
dIMCN1ja98L9L8fujx1kMGH3pRk9N8Hi+ZnkcV/4pIhekOvJHcf6q/uZ1uOydMGrbvRaztNT1e7q
n/zkj3946qmnZvhW3EvXDS+lKmtNU029HUtXSUUqLemKdCqRiOE6Fo5j4YhQKHkUSgVNOA6u6+A6
FjHHwXFsMVh4gSASUEKxxVJVI4l4XKUc+rXjdtgy8u65XPWXpcc9ubZnmARefzwVT5dypWLvQH5I
XfPQY4E17StWRK6svSQSwIiXpg6Pi0mgXIDwAFdwJfP5xhteMzz64gQb5xcSb/vce0W4zA/kRJ6q
2s6keS5LF+xpGd+LsmDBAhfw/v6Px89ft3bNDM9OZ5sPPjHpJNJWIubiCMRdB1yhu68Hv80jk8mS
7ctp745ups6YyLjxY6QUGLAVCQyqfnkQoEGNg1HFMQG2WKgail5AoEZRVctYoV9w9Nurm3piJ/Y+
tdXEXCtV8nzbdp140fN33Hn/0/cBLH5r93N8XYkEMOKlmY+hBY8EJTxOAh7jKjbwdf64s8Hq3uGq
LvQBFWl9Ycnb7v0e/7kof9qcFEsX5GKzPt8iar6d62g7kad/toZZsxwWL35NxA/gjjvuEIB1a1Yd
VCqVgmTTVNvYKauYzxu/WLCScVc3rt4m29Zu1VymT/o7B8hlC2BU+vsypKtS7DduDKVCKWzNHAgx
JyzMcLDA9lFsjFqI5YkjStELRMQi5jhKWGEjDBuZ9p/YkQqnYIqqZfmiYk8ZO3Tgw8dP7P/BFTB3
7jzmz5//Wr31/yiijPOIl2cRATdh81W2U6IV4bt8liP4FQVadg5Z/1dxp03DVV3iibTGRVqTumSJ
N3fWrMGRCC5hr0R/YSiQgyMKQkZ8OsnSBbnYUZedZmlpgesmT9cv/WzZrLvVZvHi3f2Ir5oTTzxR
Abq7ukqIbfvimqLv4StiEIqBytOPPM3TDz4lW9dsZ6BnAOP72I5FqiKJJTalko/nGzwvoBQYin5A
yfMolTxKXkDJ9ykFAUGAFkoG3w80VyiQyeW1WDRFQOlc3l+Vcvvi8bitxhD4gWmsSpuZE5p+NGXK
2B0LF66IzZ8fJUzvLZEFGPHKLMWjhSRX8yBXcgU2v+dyjuTbtNOC/S/MFbEAR5csKcn06YhMP37K
pAlXiSW2TJ9+NWHOYKnsdxshIo2AmTFjxnOPPPJIv4hYjLvUZe13884RnzjGTVYsqBk+/F1bf33J
gNzJUSAdS3TJmukyffC1XrUgbNu2TQBs17aNKoFRKfmKFfhqHFtUw3GniVQcO+6gfjgN0Bgl8Hw8
38f3PXw/CJe2xsc4Dr4RYsYQqA8qiPHIer6gHsbLyxHTp9ulQjYxbr/hn960Zet5Hema4KSD8v/z
2PL1umyDd3axWCx292dzyzf0HKz5/HBJJre2tCy0F0U5gXtFJIAR/xqLyHMxCb7Bb7mKCTjczUeY
jaGHuehLzBURwFFVDyiJyMxRo4Z/4h2nH9968YVn2yLCH/500/E3//2+v65dv+kXIjKlqrry/HET
xo0sFUv+o48+ukJEvrdwof6ltVWKzpGfPDyeqvuNt/3JBVvv/PJ5Y/bf77zGIbW6bUtbZrpM/wdx
vkqRdbxGIgiAwViieH4gTsnH0iAcbSUQqGJ8g2UrJjDhBMpwyBWBUQqewQQBlh9gO3F8z8NWn3Tc
JeGGkWGbADFK4HuU8j4V1bVWW+DYD63c/K6evHL4pBHewWOGPuxbMddxXIrFPIHR9GPrOj7w0ztW
HqSFtnMk0bTl7rvVmT1b3hKDiv6dRAIY8a8zuOz9Ol/iCrqxSfIT2pn7T66UncInIp6IjE2nEldc
8qELzrmg9cyG6YdMLgwMDAS+7/OFKz9u3nnmSWefc8Glp06YOjl+1ZcuZ/R+Y4om8OXB+x5629e+
/O2Zra0yp/Idv3ooGFjzp8K2J/+UeO6v77r8f75w8LktZxZTqaTV29Nb8ZvrfveBH3//pzMN5nTC
srwX6zO4x4iKiAgmCLTkB1gSoL6FUYMJDDvHlks4gNyyLGw7XImXfEPgBagW8fJ9dG5YRmGgn9ra
WhLJOBUVFUi8glXbi2zozLC5PUt3psRAyegnzz26ZMeNuf2BleaPD2z6xZIVG5IxR1SwYrYIbZ3t
2d/eVZqxYUffwuVrt543ZZxs1igxeo+JBDBizwibpVp8k+/t3Pd86y+hqgXAE5HGeNz9+GknHz/n
kg9fOOzwaVMDy5L8lu0dybjrkM3l1Y3F5JFHlhXqmpvk14t+UUi5KbtY8B01gVx40UXZ5pEjk+8+
veXLxQ135dPN436Se+bPB/+/b8w7+DNXXNrT09FfFXNdKlLV+tWrv9JXLJUm/eyH181Tvft9IrNf
EwFUEVXAqIofGATFWD4GG0SwHBsRCxUDqgS+wSsWKZY8CiUffIMIPHrXzWQ6N1NVW093Tw/xRJK6
mjRecii/eyQrlSmXKfs3y6zmWprrK3X2ofvFb31kFX94cDMG8RwLXxFbLFWjSEU8ke7uGyjctuS5
I9t6stffu3zt+SKRCO4pURAkYm8w5QDI7vln7rRp01zVFQURqRORS048/tj7f/mz78/9+YLvNB19
1IxCJlugty+brEin1XFimogniCcS/PHPtybObjkrVlNRk+jp7Hcrk5V2Op62dmzZkT788MMKs06Z
Parw5PV/7rrli3c0j2g+75xzzih2tfXUurh2OlFp4+H0dw1Uvuf9FwRVVZUniMzeD8pC/SrRIBBE
KAUaBi5KAZ4f4AcBgefhF0sEno8JAmzHoqImwfCJ+1E1tJ5iycMLDEVP6c9kyReK+J5PsVTAmACv
6OE6Nl5gtKEqztsP309HNlbokOqErNncoX97YJX6RjUVsx0RHFEjKCIonudrKuYmisXiwKbO/FF3
Lt36doDW1nnuK72niF1EFmDE3rGrbb4zbdo0WXLllZ60torI5AtnHXvkx88798yjznnXGdTW1hXa
2ztcky0k3HgSjFET+GIIcGMuvX1ZFbEY3jxMfM+nuqpaK5IVGmggfQP9pFMpGX/gASpymzpO4sBR
o0eYurpay8sbraqrIebEoBoG8v1aUVFlNTY1Jvr7B4bqXH1O5osDe9ze/wVYCIofGALfxyFARRDL
kGysw4rFqBxaR2V9DdXVFVRWJ0lXVeM6FsViCde28YOAUqlEJpPBiSWoSCUIAiVuQyFbYNbBo+So
ScPZ0pWRuGOTTsb16Q3bZXvnAHHXougH4V8asVRQQcRYqOX5gdq2xHK5QrBk9dYcwKIVK1/+zUSd
oJ9HJIARe4u0gLVQ1RcRpLX1pEkHjrviPe9uOeH8lnfJmP1G5zo6OmJt7Z2JZCKpghrP9y2x7fCH
rL4UC0br66rFsS3ad7TjuDbt23ZIMp4kX8hTW1/D4rvujy387Z9Q1Q95XqH36adWyNPLV9hHzDhS
u7u7rerqau3p7caKiw5kB4Id23eEAZf5EucFran2BssCo4LnK7YxqAlwEDyBoVMOIOY6xGM2ju3g
OoIgFItFAt/GdSxUwRIoeUWKxUI4sxdFxSaTzVBZq/RmC7T1DDBqaC0VyRi1lQnp7M1S8AzJuL2z
e3RY9zvob0RtESmVjEml4/bU/euSNwOTJk9i5Utr4KCrYtA9MHj9Yh2lXxMXwpudSAAj9hZdBIGI
HDyiedgX3n3hOWe8/z0tiXETJpQy2Rxbt7alEokElRVJ9T1fVFRcN65B4IsFiNjkKYrjxjjrzFO4
5tpfcf6FrTQ2D6Wrt4P6+jrpTg2rAAAgAElEQVSuu+7XzP/8fOvd779QjzxmZqMxpvG+u+8zF53z
fvn+T77D6aefRm9fN/GUS7IyYX7109/GMgPZR4cNq+3cvr2ngnDw96vCWGFk11ND4BkcNJxhqopr
W3gKJvBxLA/fsXFsC9e1QRT1DIFRHDH09w1QKBTI5XJ4nodBSLpCnWOxYkMHrkAiHuPRZ7aQyXts
bu/DcQTzT7aaqBoVVURFDSJOXHRgdFPFZoBjTmzWlYue/4DdLjWE3XgyPH/myosNpxrcHhzuZV5w
3GAN9+Aw+RfOtdkniAQwYk8Z/OLXNda4nz/zHed+7CMfuigx9aADfU8p7NjRGY+5MamoqFZQjCJ2
LK6oEVUjNpYa8UVNQCqZpqurl/dcdA4PP/okH//QpVxy6YeZdNAkHr9zqXz5i/+tP7ruGk478zTJ
9ucCVPXsd55pjxu/P5f91xU0NQ/VhiGN7Fjfbv70+z/Zv7z2188BC7dv73F5Daw/AMuEFpcxRgM/
QAlwRMLqDg1TXhAbsQSMgqXgBahCzLURLKx4mgve/R7uufl6ntu4hbraGjLZLHEHBjJ5LLFZsaGd
pze0U5l0GVJhkcv7qAoSxpmR3VJsAEQsNUb9WCwWa6qreOqS0yY9+hHg2jlz/AWXXAK7hGoy4UiC
GmAioUvgZmAMMB2YC5xO2I/xa4RCdjAwh7CLd1/5MScAW4BVu30HAJoJRxesIez3uE+NVY0EMGJP
cVUXlkRaj3zn6Sd+6hufu9i368fnO3szCUtwUulKRSwFGwRxrLDQHxwNgkCQIFzMqRKLxykUS8Qk
wfsvPp9zzv8Q69dsZNjwJnliyZP67vefLyefcjKb12yjsbHB9v2ALc9t5+IPv487brvbnH3yuRx0
8CSru7M3eG7dhhjwgOM4633ft3iVP8Tm5uawGYGIqoAJjPh+OH/eIDgBGCec9GkCQ+BLaPlhg+Oi
QbjazPV20tGzlVLKQ8RGjaG7u4vKyhryCZeG6hRnTKuj2ilRlRTSruBY8PtHu+kthJWAioQXKSuP
KiIWvgZalXTMqIbK21j7q55Zs+Y6IjtzAQeXtbWEYldN2IHbAOcQDqg6jtCCO5JwhIEhFLFhQBWh
uKWBc4FxwD3AbHaNge0mFMQYoWhOJOzsfSevZS7m60gkgBF7iobd7jFjJx3WW7ISFesfvDk5YdpJ
aicqNSiVxLJFsURsywHbEkvBaCA2gjFhWCEQIZPNomqRyw7w6cu/yBfmfYEPvPeDbNq0SS+77DIZ
N3GcBr6hvqGe6nQtYoMf+MStGPuNGy0OCb70xc9rdW21s71tu3/OOee+o7e799bq6upVfX19/9wh
ZdYsh8UAi1/ROhysBAk0EBQCVfWDcHyuLaBqIRIQCGDZ4cU3BIEhV+wjnkyQTlXQvfYxejc9zVo/
IB6Pk06n2bRpE319/QxkahizaRXVlWn6+wfoVaG5qZGMO5S2fkOs7H8UCS1BEC1vWEbxFdsdWhlv
f9sBQ34m4z/B3LlqFi/eWRM8aKGVCDt2K+GMlc2EA6l84A5Cy66bXe6CauDY8nGnlvevJhTMMeXn
GlzieuXHPweMJpzxMpNQAPcJIgGM2FPknnuOA7By2YFU46jJUvAc07bmMSvdMJra5gnquDERLA18
XywELBsLKxQwT8gX83i+R6lYZOx+w7nyqrkMHT6Sz1/1OXa0dzBz5kwZNqyJ/v5+cRybge4+qiuq
IYBcLkf9kGoGBjI6atRwZhxxBJ1dHdbECRO8K668vOKqz3zuw6NGjbp1+fLluyyhSXNdWAmLF/3L
EeHJK1cGADEHY0kYBPFtRTXAIIgj5AseBHmsbAav4FHq68Pk8hQzWYYfdiCJA8dhAo/KmjqGV1eD
KsYYmpqG0d3dSalU4oknnqKyqpqmpiaGjxxJw5ChbG2HUhAQd2woL4G1bI+GzkVBRH3XcRJNtZWP
HFfbtRWQF9QEW4RCFQeSQB3hwKkjCYXLJxS2C4Hb2GXtTSK07m4gnPVSSyh+DeXnerJ83KD/cEL5
eiuwEji0fHufiDRHAhixxxx3HAASiydNKZ+xfSslww44Unu3rWHHmkeksq5Z03UjJFFZj2BhghKq
AflcjnyugIgSdyzS9bVsb2vnzzfezneuuRrf98nls3heiUMPPYwb/rqQT13+CQIJ2N6+jcA3JNNx
trZt5f57HuTrX/s6xVKRQAPtHuh2L/7ge0s//9l1M5YvXz5joeo/WuumV3Pi2AyL5pcA3OmXHmql
0rXFbdkHSMUd+tIBw/p3WYpbytd2t347NibGuEuLmaK4iqKolAJDDNAgTEsprFtPsb0LfB/1g9Ad
6DgEno9fNBSDgGw2C5l+xHJIJmIkEnHq6+sZs99oHMchlUzTUF+D68ZIV1bQ3DSMezetL/v6wtpi
yxbUgGWJBoERx7Y073kysqHaHD5p+D/kgEO8OXOudRcsuGR3ARy00tYCHYRjCKYTzm65ltBi6yYU
rvWEZr0htBJ/SFhNUyQUykPKz3Fv+fbg6wwe308omgXgrvJ9kQBGvDW55x4ALBQs25FhQ+soloxU
Nh+EFRQp9LdLz5aVWHaMysbRxCsbyQxkUWNIphK4DmQGBqisrOLmW26joqqKw2dOp6OvnarqSvKl
HB+79KPc8H83cPknrmT+175EZboCYwL6+nr5rzmfYv/9xsk7zzmbXC5jEsmYlckOSP2QhuCMs05L
ffdb3397y9IFt9GztI9Vs9OJWVeeKWKdbDnpd6ifu4e119zFoI9w44u/x0c2UhBgWNXXMgM9EsZw
FEpGccOiX/yBDFIsIrEY2OV0FUsQE5bKeQEQr6Jv+zo8X5G6WmwnRn9/P/FEgtqaOorFPJu3ZonF
4kydMpWq6mo6+gsoEgY+AKFs+KEqgoWqb2HFalNu+zGTm28DWDBs2wsjr4Mita18AVhavhZgRXl7
+27HQTjPBXZZe7vvezHWv+D2Ey9z7JuOSAAj9phBC7CyIi2rVq3RX//hz3z2yk9TU5mkUEpgJWtQ
YxA/R6ZnByV1SaXS2FaYTGyMhx8EOMk49yx+gAOnTqK6ppLNG7dRX1dH30Af6Yo0P//NT5lx8Ewe
vv9hxk0cBwLLli7DdeLced/t9A30qe/74sRcLQU+RS8vh804VIFDGy99/G3JWZ99r9jOsRY6ThVL
TKmkqpOTsz77C1F1FQy2YhkRlXCwhhgLxUilhRXz1fvJ4oEZ0xo9XFvdrCoOUPQNrm2BbYNlocYM
KlW5l7ViFDwvoGLskTh1E+hd9wAbNmykrrqS5pEjQIV8Pscxxx6rE8aPl2QyrvFYjG07OqTgoeHJ
WIgoqmH+H2FdsgZqsGyH/lyx+P3f3NMHQDi06cWwCJfABcJobcCucaXZ8hmHa+1wO1W+v0gYCHHL
x3nsyh00PL8KSNhlce5T+YNRKVzEnjL4Q5NMNisTJoxT17b40CWf4uZbbieXHaCmpp7auiFUNY6k
evgkYrE4sZiD7wcYE4AqrmOTz2TZsGEzEw8cT9Er4PlFSn6RfCmLOPCja37E7BOO49vfupopE6Zy
+MEz+f73r6GuvpZf/vLXxBKOZHIDUvQK6gVF6evvs4ePaqapqX5EdsfTDWLZGS3lLREpSNi0IAbq
YcwmFdlEoM/h81wQyFqU1QLPGoJnAliO6NPGkmUNlVaba4NBdDD3Q0QJjMEEipRTYcqhbUQ1tNxU
8TyfwEB66HCGzzyHhsPOpd8ZzspVa3lu3Sr6+npwxEjb9q360MOPyU23L5Zb/nGP5nI5sW1LNAjC
hJty6kv4YuXbGjaOHjtyrBP+p7yo/g3OaPkUYQDjc8BFhMPo30soXM3smsMynNDvp0A94YjT9xD6
DSGc1vfCxOlB8asiTLXZZ8QPIgswYs8Z/PJblRVpnn1mDcObh/FfH7uE+x9Zxvs++FHGjR3LMcce
w8knHY+qharil6RsKRm8wMe2bQb6euns6aZ5ZBP9A32oZejt66G2rpZbbrqZG/98M/fefy8Tx0/k
rDPO2nkCtfU1tJ7Tyqzjj2Hc+P11YKBfsJRMrmTVDanxahoaGtuefqBT1z/wKYHL47OuOlFUz7Dd
1Kl4/jP5+74675XeZLH8Rs/73lfrntmQOS7ow7dcy0XDHD+xpPxBlIVnMDcwLB3B9wM8YwiCAM3l
sB2bhjHjaRw7kVznZu1bt4RtHQP86db7cRNpSaXi2tRQT011ldhOMTBFtcS2wOwczoQxCBgs21Jj
VBqrU3r8USMCKM+F++e49+CAqs3AQYSWXQoYC7QRpsMcRtiP8VBCK9EnHGyvhIL4BDAEuIAwFeZZ
wshwDaHoPU0Y+a0iHGN6K/tQuV0kgBF7yuDPTIqloowa1aT3ffshXXz/Q/KBD7yfr31lLg898jgP
PfAgM2dOp7a6jkI+j8Zt1HjlNlIBtigDuQLFUolUOsFAph8v8PHFwlef7337B3z0vz7CxPHj2bxt
I9VVNagqfQP9evzbTpAzzjxdr7n6h/zolz8g15XVeMKlUCiKiJJOp1xg5GULH0pyWQvFxV//O/B3
jvno2ITUNTFrrkPP+jh9VsCwnIQpcMD2bmXMGNiwgSMmVcVYQ3FTT1AdBIpYoVUXVrGULTAEJBQ8
NCyEUB9A1Fi2eJ7BAcUSxEAuM4DrWlTUNUlt07l0PPMAnW0bmDplIhPHjRTXFlMqlrzGlO+2Z21U
QcuvRXnTKIgRMWpIJ1xrXFOlBTB3HjL/xUeWQpib93ngN4TD5ycRilUM+A4wj9AH+Evge4SW44WE
ArgKeCdhDuCXga8Qzm6eQKgfVvmYyYRLbNhHxA8iAYzYc7QcBBE1KlWVlXrtj74lt952Nz/50U+I
JZIce+wxnHvu2VSlU5SKeRSD75cITADGgPHxNcCxoVQoUgoKODGLzZt30NTcxKOPPEpXZzdnvet0
ugY6SaZTWI5gi00i7kpfvpvzL2qVj3zo46xds4ZYLE62JyOxuKNO3A7y+bwNeFdzdfG7W7bYTJvj
0he3uP+a9YVdTvswTeaFQZDy7cu/1eK1ti4KqpJfLWassJJMhLICyc6lsKJY8TiBY+Ekk0hVJW7c
Fae+Rr2ShwoCSlHD6XAWLtl8kbg6qHpm89onPb/QJX2d2zWTL7q1FclYbXpkl+vWVJkgsGVn/S+i
GoqgWKLqQU1FUlPl1lfzmMeLTAUZ9O9tA8aX310aOAX4NvAJ4CzCKo4ewhzABwktwfcR+v7qCK3F
hvLxDwKVhEvdLYSW30bCROijgVvgRUenvimJBDBiT5HBIIhtWxSKOXZs79Bzzj5NTjvlZB5+dCl/
/tvN3HvffXznm/9DMpHC931MQNhA1ASAoVgsMKShnrNOO4mvf/Fqrvn1N6kZUsnQEfX89rrfMXLU
SEbtN5L+3j4SiRRB3g+7MEugfQO9cuCUA7SqqpLHHlvCmeeeZnbs2KHG9v0ffOPa5DPLVz2eSrmr
pHVRFdDH0gVli6TFZtYkYfH8V0yEXrFikg0EpZKxBv1rKoAlYYmagAwfjjWkUUmmseIxAgTbcVBH
xEfEGDC2BYFNXAuB8Y1nTMaKm4Ka9oxWWEVn1P4HxLva23hu4yatrqoujD146vXekEMeWvPo5mva
+/qNLbioSlhjV/4nKsLO4IgAzJs3D/55MNJgXW6GcAm7jXA5/ASh4P0VaCK07qrLx/2BcHD9KHYN
rb+L0Ew+gHCJW0m4bIbwD0mS0Aq8nlA8X3mg/ZuESAAj9pZQGNSI69iycdMm3ESMI4+cxkknz6ZU
KJIZyFL0iqCCCUoE/q56eTUBm7ds5uMfvZjt27dxwakf5JCjD2bWCUdx3933M+PwmWAL+UIeJ2aH
lRegYsNApp+hw5sYO35/br3x76RrkvYj9y/hiQeftJ9asuIZ4Ae5nJctn+duP8RFQVgJ8i9Qbqni
umEdxs4AB0YtsURUMZVVqDhhkp6W3V6qOH4xsNTzk1aJpGYRP0sFhXg6btkWYSCorrpanVg6F9SO
e6zh2KNk+9bNtx513PGPnn366X//9h/vPSWdcuJBl8m7rm0ZoFwUvDM3RsSiPDsdgHmgrzAXbtDW
9YBNhEvXJ3e7/4UT/ta+4Paq8gVCYdydXuAvL//yb04iAYzYa2xRURMYLyhJbVUN+YzHQE8vHTva
sR2HeDxB4If983wvbB5g1OAVS6TSKWpqKxBjuP73P+Leex9i4aJbeOAv9/H00me48D0XMpDpwzce
xVKxrC8qlmNpyStRKOWYMGm8fOvL3yncd/vDnaViqQdY5rruHZ7nrSdc/u11PfD22loF8AL1BAyC
bcRBVC0jFiJiXAJxggHfwtcKssRMHi3kqLDybl1FIo4GCIahIxrJ5uznYvH4yilTplb0Z7KL3Vjq
ySlTJxf+esP9iz/5yTkWzMuInE5LS4s9rCbhxhw7MLpr5Rs6HCmLn6iqlu3B5M6oPC9vde2enrJ7
O6zBQMnOIDcv3vVlsCtMiRcLt4T3heb9PkQkgBF7i1iWJV5Q0qQT0/tWPiKXL/wqXzr1k7zrbafR
m+1HjI8JPMDCiEWgAZYI6ZTD+jUrWLVmAx1dPRSLBWprKjntlJl8+OIzueCDV6nl2hIYT0tBETdw
MEZBVWxsVTHkC7mgqqbCEZFtiv4tlUq0eSbY6hW8bsLKhH5eRUrGtGnTAJg69eDkfXffaVV523KW
44qaop8mZyc1Y+EXqUkYN+EKtgmwLGHk+BHkCqVtbiz2+PgJE4LlT6++/rAjDi9abnJVpnv7c6ee
em68svKeXpHZALS0tNgilyjgLFmyLTZ9enPuk5/5b6lIxu3AmJJYIIHutAA1zAsM7WhDsFvHr1da
cr5Yq6tgt219wfUL9xt2NZd9sdfyXmTfm55IACP2FA1dRlhqDL7vi6hKLpels7eLgYEBvFKRYqmI
Ew4TArEJAg+j4PseP/7Nn1nTVmTUmJE0141h2LAkHV293La0m76+1bS190osZpHJZqV/oA+VQfMH
FU+kt69XEpUx3JgdqGoxCLx1XtHrAdoJ/VydhEu6vf5R1tbWGoDJBx7wp/Xr1p5XKq1t8HUtbgwX
NcRdN1ffMNTq6up5vHHY8GJlVeXKNRueu+mEM96ZGjti1LPfe/KxlUced5y0tsju52ADhVmzZjkL
Fy60xo4dq9OnT/fKDU/N9OnNPsCGzr4nNrT1LE/G4wcFJvBBXDW60wKkHIaxbU3uQ/GGNyWRAEbs
KTvTYIKwO7LuyPZw3OQZPPD/FlLdUM1Arg8XwfNKGGNAlGKhREVFmmXPPMPPf38T7/7YVcw+dioj
K5MkEjF8z2ddZ4bFDy8jF/xO/7LoRjn82GmarE7gByUCz6CouK5tqhsqgu6BTv9vN9yUAJ4S234W
PxgAdhA68nOEy9+9dsS3trYGqmqJyD1r1qw5974HHrx8zapnC6NGjUonUpVrt+/o+vvJp57o7Ddl
0t21IgODj7v6a1/b+TnNB5kzZ447Z84cbrzxxmD+/PlBOafPX7x4lzNyZ6IzwKy5zkWnHbF9+kd+
2ua67hTf841YVlgMp6glFoExfjyecB5d1fY7VtZ0wlxLJBqOvjdEAhixp0jZAhRjArFsiLsOmcIA
qdoYJS+Pbdlh4FIDgiBMlVPjoRhKhQIHHjKd3u4dXPfDa0mnk1TFLTLFgGyhSMXQ0Rw1azaPL76J
j733Mlrec6aOGjtK6hpqjTFK1/Yua90z6+y//OFm54lHli8FbgiKQQdhsf4Au5J5X3UUUkTMwoUL
7fHjxy8GFqsOml+hYH3uivC4lpYWG2D9+vXWlVdeKS0tLYGIBIAuWLDALFiwYPfnfPnzWjzfaJsm
PvSbm2JPru9AQo/fYGaxiiCiYRpOIuY4VLdbtEw2LHrZZ414CSIBjNhTNOyjOV8c25Idbe2yafMO
Djxwf/oHsjiOjWcMlmUhKmHVhAoa+GFFiF+gqmEY51/yGWroY2iVTVIDCip0FSza8gl+8tXL+b/f
fZP/u/kBrpwzT0bvPxws2xZVcvlCvmNbZ7uqPuy67o2e520hdIT1EIrfa5p+0draGixcuNBesWKF
3draCsCcOXMUpvHJTx4jkyZNKpXFDiAYPGZvGKyqo2uln07EfcFWRVWwFS1HRIyqCG6pVNLhdUMu
3FJ3xDdYVL81Goe5d0QCGLGn7CyFUw0wGujylc9orpiXA8aPVdu2RY0SBH65e7EQKJjAw3geGINX
ytPdsR0rHlCfqiVZmSIzUKCvt5/u/l4tFgv611sWy0BB9Yffn8eBE8YV3vOBy+/aur2tC8g7jrXJ
ceIbCoVCB2FLpz5e5ZL35Whtbd09WLCT3Qy71wYBaIFUuzWsPiWWZcI2MIShD0IL0FI1JuZY9rLn
2vqPuezXWfgXLMuIFyVqhhCxF9wDQOD74jo2lZVpaduxg/seWCLr1m3Q/oF+BAMaYAIfTJj7pupj
NMC2HGLxZGglioVt22qJrViWJtIpKRR8dnTm9KOXfIDzzz1Dp049UE855dhV8Xj8werqiid836wr
FArthL3segjFb5/3gQlw7ZIrLdlvduHoSc1/3q+5rlQo+pYlqKJii1hGUbHE9gMNRNy6L7YePRWA
hQvtN/bs900iAYzYUzQsHcVybPE9r0g+XyCVSGgy6erGTVvk8SdX8OyqdfieF3ZQNgEaeJjAR42P
KdfNWiKD/jQxiFiWJcYPNJmKyZWXf0QOnDCWzq5ezWay+e7uvpXFYnFdJpNfR1i6tYHQ75flNRqA
9GZgzrRpPnPnWsc2Fn8Tl+DpeCIeC4QSiHqB8UDVElv8wC/V1lRWD6urng1w7dix0W95L4g+tIg9
ZTAIoh1dPe6YEUNKB0/ePygW8pLPF6SutlKTCVcLhSJG/XCamgkwxqhlqZpwtJkKlhrKOW2qCKqq
BkDFsuns7DSZXD4zdGiDkysUb3/w4Sdvbm5u2BwEwTOENajthLl+Od4C1t8gIqLcg8XwA/sqk7Fe
142pCQy2bUlVZdq1RKzyNDoJ/EBLgeQAli59pWeOeDEiAYzYUwoisy3g/376y7/+5X9/+seq/ccM
C06afXi+vrZCu7p7pVAoilhGTeApxhMhUNSXXC4nvueF7ZVRcR1XbdtWx3aMbdu4sbgRSywNAuLx
pDeksa6qq6v7nuWPP/H/2tvb+wsF00YY8OglTHf5l2d87FMsXqnMHU1TfVVMTSC2ZWOUnqMOaLon
nYwXjFFshECNdPXlHYCebetfrDoj4hWIBDBib1Cgv6Or94LLv/C///3pz31v4Imnnk0eNWOSd/Lx
hxdGNtf5pUJRioWiYAy+50k+l9O66rSXTrq+ZVlB4HuaGeiXQqEg+WLByufykh3ot7xSyXccx3dc
q+gH+pO7/37jOa3vv6KtpaWl1N3d3U/o7/PYR4rt95qVG7Egq4palm18YxjWmJhbX53s8hQsUS15
hq07wrLc2uaxb+3P43UiigJH7A1K2J6kiC78kkjrLQ89vGzO8cdNu+D0U45OzDhskk6dlPD6c7kg
kyna8XhMa4bWWA8+tsz9wbULTan+MKmqazBDEtWmpjphKuJKYCclSNUYv9u3vUBzf/nb3y89YtZ5
v4HvWrpwoSVhJPY/g5ZJtiwiOG/Sjt+nU/FTOju7gmHDm2vrqxuOOf+Ehr/+4rZnPrZl6za/5Bvu
eXorAAvuuDGyAPeCSAAj9hYThi9aE6p3Pywy++Ff/eHvP7r9rkfPnzBuxLnHHTNt9IzDDnBHjhxB
V3cf3/ntotKqdTuWfewDF9XdfPdjiR984dKao4+e6Y5uamBobZr23ixrNm3n0UceKT34j5t/fHP7
tt9effXU5GWXUZTW1reMj+9fYe6kef689tbEjx8uJG56ZB0dGC2VjP72tmXVF5w0eZUbc8NuBZaY
eMyEAaD1zZEFuBdEfzUiXgucWbPgnnvu9stF/nXA7Jrq1MmHTDlgZjbn9T72+PKvvP3Sty/+8Ndu
8Ues/EvNjBnvbAAmxuPxEU4sFvNLpUKxWNwKLAc26t13i8ye/R8lfC0tLfaiRYuC39+9/IDHVm7/
5epNHRO6MoVqNcbqzpT4wKkHbRHLMgtuWja0KiHZmprautNnjJr3mfOOnt8yd0Vs0fzJb02f6OtI
ZAFGvBb4ixeDyGxn2rRpsmTJld3QcoOI3HDP/Y+nAV9Vi4i4914jpzTCXarahcgqKRYpFstdq1RZ
uAhaW5D/xNrWSZNabFgUdLR3T93QXTri2S29fipmBb7xe4Y2DqlY3577+SH7D908ZcKYn23Z1hZv
qIp1eDk/nMO7ct5/jovgNSQSwIjXEn/p0qWItArgTJqErFgxNzdv8iJXRKwlDTQMTVvfzhdMi4g8
2xLOpPAnTZokK1euBBFt3Qd7yr12rPABTj1k9GN2ousmU8qPxNKDe/u9et9KsK6tr27Bp0795uPP
bhJTnaw4bHzDI5+7cNZDgCxatCgSwIiINyEyt5xt8GiKphXDWPx0FftD2NvzjT21Ny/ava7ym9fd
3PTXh1ec9YFv3vjeQ+b86uLLfvSPmS88riWqAHlVRBZgxOvNzoGNThLLcog78fCORaEwRpbLCwkb
G2QIu9v8bXD3YP/6lrkLY49uyFrvGzPGn986+y1TBRMR8ZZkYdgIlNV1DF8xnIeWVTMWQKM81JdE
VWXu3LnW3IUrYm+/9JY4b/9BfNbcuZHB8hoTfaAR/zaKimUDmkDpg9ZoCfySlLu7KMzfGdldfOsb
eEJvUaK/wBGvOy3lqg0rgSDgFsMgx8K3ejVHxJueSAAjXnfmla+T+XC0TyChAC6KLMCIN5hIACNe
dyaXhc6Lh9+3ckf3nZZhRMQbRSSAEa87LeVrz2AhSCy/M88vEsCIN5RIACNedwbn9cSLoeJpOhS+
edESOOINJhLAiH8bXiz8vg3kIssv4s1BJIARrzuNZUtPYggK9bn/1FK3iDcbkQBG/NuQImIJmkmH
t+dHPsCIN5hIACP+bVe2AvsAABadSURBVPgullEkkQ0twLmRDzDiDSYSwIh/G1Yx/L51V2EAmRdZ
gBFvMJEARvzbkLLF1yQYLQeE3+BTivgPJxLAiH8bnhuWwnVZOzvEREvgiDeUqBlCxOvOPeXrOIhR
NOhBy8oXWYARbyiRBRjxunNc+VocLBWkGrS8/o0swIg3lEgAI153OsqWnnqh368HfAGVyAKMeIOJ
BDDidacFRMEyQkoN1ghIroH4G31eERGRAEb8O1AB0+/TBxRGQvd4KL7RJxUREflgIl5PBNAl0DC0
mfeJxUF9yqwhFn/Kw/L/t5nfLYpmgkS8gUQWYMTriSo4N0K/WBxb5XKxbVFX4XK5KKMWQbAiHI0Z
EfGGEAlgxOvKSrDmQ6nN57cdPlmB2BaP59YWuR5gxfMtQBdwacEub0dpWhEREfs0oiDPNDBs/UiW
t41GV4/gNwquhiIHZVfM3aqohoHhhaosDLejubcRERH7LoNCt6KZ73WNovTkUM4o79+5Aplz7bUu
YfPo6xLJ5E3A/wKzyyIY+aojIiL2TQYF8LlGTl4/nKd/V03ttdOmuSMgCdiVlZX1wPWHHH2Ezv3h
1fr9Rb/WK7753zpuyiQFvkHoJ4yWwxEREfsuP4Yhz4yOvYvdlrblJe9Pznh3q27UYt8mzRc2a7aw
VYu5x9o3ZQ85eqYCny5bglHAJCIiYp8jpqqym/B9YtKE/ZZWVVV8ETh11Pix/Q9uXZvbkOsL1nRs
1W3ZXn22bbNu1UJh4UN3ebF4fHmqsbGJcCkcBe4iIiL2Cdxp06a5umIFQAq4YMahk5/44Xfn6jNL
btQb/nCNTho/Jnvs20/21nh9uq6v3fQHRVPUIOj2cmZTodd/dMd6/6Dph3YBs8pWYLQUjnjNiL5M
Ea8HNmDrkiUlmT4dmTz5jMOnHXzp2WeeePJ555zG0CG1pR07OvRdZ5/Mto1bEr+741FxxFJVC6OI
gKoJG8YoMtg6K0EUDImIiHgTY82aNctRXTh4+/hJB0z48xeuvNR/euntWuh9Nrd59YPFVU/doauf
ul03PrtYb/vrz4JhI5vNgxtWmw25PrNqxxazJdNtnmnbZLZqvvSHB24P4onEqlRN6mAgTbQEjoiI
eJNhAa7qksHbU5uGDv3dFZd9rO+JR27T0sBz+a5tTxXWLF+sG1c/qJvXPWg2PHufrl52p+nZtlTP
PfsknX78cbpB89qmvmnXQDtVdVlfW+GQo49Q4Ic1TTWjgbo37B1GvCWJlhQRrwYB4qpaABCR/Rvr
az9x5hmnvu+SD7+3aspBEwM1ptTZ1ZO0bRvXdYzve2ICHwE8rySqgSLK++dcwdrtnZx3yQeoq61l
84ZN/qKf/tLp3tH+tG3bnw2CYC2wFci8kW844q1F5AOM2FtsnTtXOfPMgoiMTiQS7z3v3DM/9sEP
vKfpbcfMDIwxhZ6+gZgFyVS6SsEQBIGIOGLZAmqwbUeNESkU82RzBQ6beghtTz6rD23YIOP3HyeH
HXqI3PH32+0gCDzC7jF70jjBIvRFavlxr6b3oLzKx0e8SYkswIi9YVAQqoAPnvPO0z98fuvZB556
8gkmnkiVOru6XQvLduMxQNFAUVHUGIwGiBo1JpBsLkPTkAYuvOij5J0Kbv/b3yBsoCAClDClE48/
IXbf3fd8++CDD/7KU0895bP3FuCg79CUtw27vv+62/2D2wG75pYMDnLf/fhIFN8CRAIYsac4quqL
yEkzD5v43Y/+16WTTznhGBoa6vMdXZmYUWOnUikVsTUwgWVbjiqKBoEoaGA8wRjy+Sy1NZXcu/gB
Lvn0F7n30UeoSlZgAt9UpdLSM9BPTUOd//ATS60z3nb8ZnHcs7O9vSsIRce80kkCo4AR5WNXAT0v
954A/wX7dhe4RmAAKLzgvhcKZMQ+RhRRi9hTLObNw425Z33hsosnX/D2w3px4n5bR0/SsbFT6QrF
ckAsy3XjKpYtYjliOy6WZYslDo7jIGKRSlfy2z/8mRNPP4MRQ4aRM0Uqa2ss3xaq6mvozfa7hx46
3Tv5zNNGZ3t7T1qhKwJevhpk8A96HfBJ4ABgNNAA1BIKYhr4cHk7AQwhFL9aoB6oAIaXnydJKKQH
EIpkU/l4JRRFl0j89mkiH2DEHjNvHpivmkztqKl+W0dPoqdrtTP8gJnEEtXqeSWxRBHbRixXLLFQ
NagJsCTAEsH3PWwnwYaN23hi+TN88bsfJmN8jEDOK2ACFVss4/kBLoZjTjxe/nL9n2Z/7h2f+zkv
30l60DIbXMJ6wEZCcbuo/Ng1wCFAO6GgDQceAw4HniMUvDjhMLuDys/zLPAuYBJwJ5ADTiW0CBcA
HURL4n2SyAKM2GPmMQ/LmLjxis6wiTNM1ZDR2rH+CXrb1orruJpI12oskVZLbCwRbNvFdl0sy8UP
lL5MnkQywaaNGympMnnGwXQX+wgsIW98LRpfc74vJUsp4tkTp0zRuiENE2655ZYRo0eP3t1f92IM
WoEl2NlXsBFYC/wO2B+4gVD8RgFLgbcRLpMfIBTN7wPTCH2cNwATgTywmdAqPJ8wIu0TWpi8wjlF
vEmJ/tMi9hSFeWA5iNhoKSd2ulFqRk5FvSKdzz0uXZuWSynXL04iTSxZhe24BAFksnmCQIk5FrX1
tTz77GqGjBpOsrqSTD6Pbyl5ryRFDSiqpyU10pcdsOtHDwuahjeP8DxvzFlnnaW8dI/A8rRNYFfl
SAKoJPQBJoFOQhEMCC23GkILsFi+DAcuBNaXj3XY5fsLCC3FpwitxA5Cq3Hwvoh9jGgJHLGnCMzD
sr5qiSVkswUaaisJNE4+VoVoCS32M7BjPf1t66lsHIPGqvBKRZKJBPG4TU9XAawYmzZtJVlZieMk
yHpd2PEYGgRYiIgRPIyWip6Vrqv201WVSaCxWFf3cg1SB8Wxk3BpOopwubqCUAAF+C2h6Hnl6ybg
cUJLcQjQB9xLaDFahJbfovLzHgzcSGj9HUu4jO56DT/biH8zkQBG7BXFoidVVZX87abb5Z4HHuaz
V13F/mOaMdSSz9eQrHehNEAmkyWVsKiqrMD3PYwqRg2oRW/fAInKCvJeiZxXIGFVYAKjlmWhakQc
y2QyBXFqq0hUVhigKtvd7fDyvrZBS2x1+QKheAW7bbeVt7uAdYS/g3x532+AZ17wnIMW4J2EIhoD
7ivvc8vPHQVD9kEiAYzYK+JxV/r6+jjt1Nna1t7OdT//BWP2G8uhh07l8MNngOVSKljErRSOHYqe
CTxsWxAB0RLDm4ew+K7FBK5N4AjdvT1YImKJGBXwPV+cVEL7S7mgc0d7DCg9ceedDi+93BRgMuGy
1AVGEgYwvN2O2V0ITfnaLz82Qyh+w8uP6SC0AqcB28sXQ+hfHDyPweeOgiD7IJEPMGJPEYBSyZeK
dIob/nKzZLMZPnbpp6ipqeXrX/8Wp535Ln78ox8jBBSyfQSBjwkCMIrnlYjH43R3tHHRu1vxtrfz
2f+6FFORIDakmlRTvSaG1kpiaC2J5np6Szn/6x/9TPLZJU8udRKJFStXrkzz0gIYAy4g9PU1AO8o
7zsZaC6f+7GEAndR+WKA49jVaGF6ef84QkFLA18ATiAUygOBo8rH1hMGUIYRid8+SZQIHbGnxFS1
lE4m//cft/7h4xPHjyvM/cp3EmvXbeKcd57JtCNm0r5tK7FYnCOPOpq+vn6SiRiWBUEQYDRAgwCv
WCCRcFizZi2f+NTn2ZzJMPHYGYw6YLwmUinJ9vXrc8ufMc/e94jp3LR1GXAt8AShFdbO86062JWU
/EPCAEZVef8yQjHrBLLAiYTL3OmEllzn/2/vzGPsquo4/jn3vm3mzdbpTAcoTFdAQEJZC1TG6YIV
BBqRssgfEDCGxT+MiWAMsWI0RiFq1KhAhBhDNAVB9iUtLSBLgBYqTFk6lLZAy3SZ6cy8Zd6795yf
f/zudV5rQadsM3i/yc1779xz7z3p9H7zW78Hje1tRuOErcB04C7gGZT4Tonm/QO4Mrp/P3Bo9Alw
Cxo/hIQMJwwSFzjBWGGMMTQ01BtnQ/INdXLjz37IK6+8zp9vv5N77nuQ9vYpLP3aV0ECrK1irUEc
OOcQsdgwxPMNxUKR6dMO5v57/sSDDzzK46ufYvPfH5LhYomWprydPWVyat2O/te9dPp3Lgj60Fhc
mX0TTJwAqaA1fHngLLR273rgCvT/+6PATLSkZQi1DleiCZOuaN6FaEG0oFbk22jtYBUtm3kYLaau
AL+OrjkE2M2+u0oSjFMkBJhgrBARoaEhbzBCpTJi+rYPMHNmJzf8fBk7dvTz8KOrCColrA2iwwcD
zllE9HA2xPOgWCwQhlXOPvt0liw5nTAMTDWomPpsSnb1D8qTa9fvfrN3Ux+asOjng0URDJq9fRW1
5Hqi636E1vltAOahxDaIuq6r0RjfajRpci3QjGaLm1Fr71fAF4AvRvedCjwbjV2HxhzfQN3ihPwm
EBICTDBWGADPM4gTjBHJZdNUSiWCUoV0JsVll15EdSRg9+5BbckIK+CZyAJ04CziLM6F+J4B32fb
1m1YG+KnPAmqFZNLe7J9e7+plKtFlNQqjPbjvp+LGQC3oZZaH/DXaP56YGs0XkTd3QJKcEPAS6hb
XULJs4Bac2l0e84sWiRdBOYDf0HJ+Gi0LGZTtL4kpDTBkBBggrFCjDE0NzcagyOojuAhbHh3I32D
uzj1iBN5s3cD2UyOTCaD1bo+8MA51TFQ8rOIC7HWYnDU53PYMEScM0YsuWxG6vI50plUCXh30qRJ
/sDAQIn/XnBc3MdYb833nugzjVqBPkpg8dg7jG6+FJe2VKPPNagVORSdv5U96wCT2N8EQ0KACcYK
3drN+JrVdQHpIM219/+UZ19cy4s/eISDZnRQKQU4W8VZh8MDkT0JUCwiDiNWawODEBGHlgA6Y10U
K/QYAQqTJ0/ODgwM/C/dFnuXo/jR2Amo+1tGY3gbo/O194wTK7UdJaDxwY7o/CuMxvl2sWeNYYIJ
hoQAE4wVkZsnnsOCdQRemavnXsziQ06jeVIdI8UiYAgDD7GiaqQOnERKVpErrCIJTl1j4gSJM04s
Bh9xIsZ4IgLdZqrt3cOQe1/sbYX5qAW3CO34MMC3gN+jbW3Poy7uZrQT5EDUNX4BTaLEbW8LUIux
l1FNQkNCfhMaCQEmGCsEwHjGOOfwjTG7Rwos/PzJnHFsF4VqCRsGGOOBEazTUlMxDgQEAZGIAAVx
VsnPWZy1+ClPEDGlkZKAw/O8qjHA8Y8b1uz/etGY3fGoBfgk2gZ3BCqL1Y+KGrSi0levAWeicb1j
UWvvLZQIA0atzMTlneBICqETjBWaBDGAWArFImnPZ7g8xNadWwmqVUBwEkIY4qJkhxM9xIX624U4
F/w7IyxiMUYYKZVNuVymo22SJzhamptnybpHc6zBiexXkiG+pgGN3/0ReAw4CS1vaUNd4kvR+N+b
aP1fAxobjLPFDaisliFJdnxmkBBggrFCAJw4k/INvb0beWHdy6SMoaWxQTyE6kgZFwY4sZrxtSFi
1cJzNia/0UywQQiDgFKpLI2NdUxpa5JHVj6T/smNt1Uvu+S8U8pTD7wEsNCT3o/1xi5qD5rJHWBU
VbqKZod3opbhTjQ2aICnUSvQAfegAgjrot+J5fcZQeICJxgr1Prxfc+J0NBQJ+tf38jTz62VzkMO
YkrbZKmvrzNhaCW0oRExag2KKGuI4HCqZyVCGAZUqgH5uiytLXmz5sUe+du9qw1+Vq684nK3sHuu
2bpt53H66PL+EE9MgA/UrH8IjQG2oaR3KmoVbgBerrn2NUazyj18shhLb/FH2Yf8aT33U0FCgAn2
CxnPhGFQwVnfy+cyIs6aN97YyNtvb6WpsYHp06aaXDaDtQbfswgWJwacw/cNQWCpVKpkc2k62lt4
a9MWfnPTCvp2DnPO2V+SMxd3Gc/DFIpll0r7EYnVfRjXM87WSs3vXeg70IO2zI3UzPNRqzD2kuKX
/ZNQfalVthZGs85xeQ7ROuK1xF0wJpoXCzXE45bRXfLiGGa8l0k6ukbQvum45Ce+LlbfqT089kwA
7f3sWpGJcU2QCQEmGCsMgLOSz9dl7KSW5vDNjVuyoQ2ksTEvBsyOnbtMJpuRmdMONM6GeGKxWIyn
726hUCaV9umY0kJf3w7+sPwBefnVLXR3z5PvXbPYNDbVm/6BISvOhU1NDTkJ7Ep99H5ZgDH2ztbG
u76FjPbw1s6Lz38aL7CgMcc421xbnrM3AXtAfc3cmHg8VBSiFI3HhBmTaUxktT3V1ZrnxqS5d2dL
I1qQDio2W9uZY2rmTwh5sA8Sl0yQYF/wRJa57177cJuInL144Vx36KzOYHBg2B/YPaQ1z75nWlua
aMznCJzBMw4PMZVKlSCo0D65BWdD7rp3JbffsYKOgw423/n2N0z3aSeYYqksQ8PFajabqU5pa20Y
Gh6+qfPwrhtWLVuWmjH/4o+rzWy8JDZi66kbWIJ2p3jo3iTDaBJmBirxn0Nd+elorHII7Ud+D+1b
XozGLdtRkmtFO1e2oK5/K0p0J6EkJmipz2FoF81BaHb8GJRgD0dFIQpon/W50fhmVBTiADSccBia
LT8sum+sszguMR7+6AkmHmLL6PIFXcf9+KrLzzuga96cYHCoZDdv2Zba8u72VNvkFg6dMZWqy4Cr
4mwgzc2NkvIxK1Y/x0Mrn+fgQzrlwqVncdSRh7rB3YNhoVg2+Xy9l8tl02EQSijhL4JNb1y3ielh
d/d8a8z4dqc+AsQbuS9BSa8fJcEUWrYjqAWWQpM3d6BF2ueg5DMZTeL4KFFuRkt9htDkT+zWtqHE
2oeq5tjouukouZWjOf+M7rMTJcSh6Hs/2hJ4azT2lWj9Q6j4xPpo/nvRGmu7asYVEgJMsL9IiSwP
jTl/VntbyzWnLzjxwgvOXdR09Odmk8ulRwaHi4RB6FfCtF+f88LGfJrnX3rdu/Pux1w21yRfv2iJ
OeXkYyiXRlKFQtlrbMyTzqQpFooVjHnMM96NB0yf+5gsX+6b88//fyo2rkOLtjtQ+a8TUQWbb6L1
i7EYaxZN7CxAJbtuRi2/U1FiOj76/QS6B0of2sVydXTfXSjh3Qx8HyW7HlQLcRvaEz0TVco5AiXX
QdQSXBGdexY4DiXFLEp+a1GirUP7qR9nHHfLJASY4MPAF1lljZkPcFR9LnPVgq4TzuiaN2facXMO
9w7saKGxqaOyecuW7N33raj07aoWLrrgnLpFi+Z5nogMDhVCG9qKEzvoHBsFecpJ5f5psxesAfg/
JD/QRMRhqCW2DlWgaUJJy6JJC1CLqhdVwG6Jvk+K5h6LEk8bo0KvJzO618nJ0f3ijHg7WhDeimoe
noSSZSw/1hHdpx7NjC9CSTJuJzwN7ZwJULe3K1rXL1E3PLEAE3xm4S9dupTly5dbYwyoVNSXZ02f
unDO0bPmdE7r7Hzi6bUvrFm7/rflod53cynXuualnrTvZaS5OV/K1Wd3eaF754BZ87bHNxQRs3r1
an/+/PmJtNRHg8NRa6yPjz+x0466xy+jZPlZD1skSACom5MREURWxWOdqGZeg6xa9b4XioDIqlRP
z/KMyKqkMmG0zCT+7tWM1R6152G0TMavmV/b7ODt46gd9/nPZ+1rDR/0fUIhsQATfNTwgPTs2bPZ
sOGWCut3wJE9njHXp0ReEHqbzfrqi6iH1MORR7Y76LbGmMRS+PgQv+efxL9xrZTYuP+b/gsqX8lf
PaJdTwAAAABJRU5ErkJggg==

--Apple-Mail=_BE84597E-BC04-4923-95E9-9FC8306A0003
Content-Transfer-Encoding: base64
Content-Disposition: inline;
	filename=Gateway-provisioning.png
Content-Type: image/png;
	name="Gateway-provisioning.png"
Content-Id: <87A5BEA9-9661-45AF-A644-32818B7C79BE@vc.shawcable.net>

iVBORw0KGgoAAAANSUhEUgAAARMAAAFACAYAAACfs5jhAAAABHNCSVQICAgIfAhkiAAAIABJREFU
eJzsnXe8HVW5/r9rTdnl7NPPSU9OeoWEEmqAJIAIggU0UeGqgAJe7sV2i4olie3qvahYQOlNUHIE
hSAtQEIJJJCEmkASSjqpp+6z28ys9ftjrdl7J7b78wICnvfzSc4uM2vKnvXM8z7vs9ZAf/RHf/RH
f/RHf/RHf/RHf/THuyrE33sH3gUhAGlf66rPNKD+Lnv0xxHvz/6fyar30Ru4Lf7E9v7SvrwR7fZH
f/TH/2e4vDk3Adf+64/++Juin5n836MGaMWwkBLgAD6QB3Zh7qT/m7vpn7tj/2/u5H9pXc/uY+d+
39UCjRh2IoCNf2U7/1tm0AAU7L/9900C9UAvEP6Vfd//u1rMOe77M9//pc/6oz/e1uHYvycDy4E/
AE8DS4AHgOswHQf+OKWoZgAOlY7qVb2uXsar+uxUoKXqfbwf1e1IIGFfHwP8tKoN3/79MbAK+B1w
N/CQbTtu609tv/q1YN+bUbwvlwGn2e8SVeu4GPC6Cpiw3/ei6jj2P/aU/fvvwIVVn8Xb3v/8/ak2
+qM/3hFRDxwAjAPWAF+wr4fY7zPs21GqL3yn6rN01TKy6m+q6vOBwOPA0ewLTjV/ov2kXfdYYBGm
41Zv5xHgf4ApwIHAxcA6DAOI205UtZfab1/+VLjAZGBA1ftM1fce5lxV72/19qr336cCNgCjgBHs
C2B/7rirQaU/3qLoR+//e3TbfwC7gS3ABkwnvcZ+7gHfxbCWr2IA6Ejgk/b1pcAO4HWgwy57OvBZ
TOd/AQNSH7XtXgA8DwwDfgDUAXuAfwM2AYcB367ar15Mh62m/yXgWQwAYtv7NKYzfhYYard1JjAH
+IhdZwUwH8N2VmMYmGvfXwPMsm0tB67AsBEP+LI9jk8Cl2PA4jIMmPjAfwFL7TGMxgjCMzBM5hcY
1rTRHuuX7LmaCbxo3/cCnwDOB17CpFkPYZiXSyWt6o/+eNuGwHQGF8MazrGv/xvTgQA+BzxoX7cD
z2E6x3DgUUznHQEsA+4ABgNPAcdh2MAi28ZQTEc9zX5+v90ewPeBmzCdcyXwddvm7cB9Vfsa3+3v
BW4D/gnTAR/EpGcAdwHPYDrzh+3rg4GJGED4AAbQHrHLH4Xp1K0YsJkLXGKPBUxn/wYmPXsJGIsB
ievs/n4KWG/37Ze2rQOBszDgnABuBL5p96OAAbkJwFoMiEwAXsOwtiOAzRhggn0ZTn+8SSH/+iL9
8VdCAwHmzicxwmuIudNuxtzFZ9rlPPv3WozGchiQw3SgzRgA2g2ciEkPDsV0dA84Huix7W8GpmI6
UC1GT2gEJmE6dmdVmz8DihiA01TSgQgYiUlLpmOA5Fz7nYthPMswwHUzRg96CcMqzsCwjlEYJnM8
hgXssdsKMSA52e7HJgxT8uzreruv84AscAOGkY3CAMWNGNB82B5Ds/0+i0ltlmJAeR3whG3veOAe
DKCvABZSSXf6Bdm3IPrTnDcm4gpCiYow+UPMnfpKDAU/HnO+C1SYjMMf028Hk9rE1aA6TMd52a5T
xABB2v7twADKKuBWTGcr2eWw+1VgXx0GTEf7JYYhsN93fVQ0Hd/uf/WxxkLxauBjGFC6u+ocpIFf
YVKR92AYwmwMe4qZHPbY447u2fdF+73EAJWiAoLxeQ7sd5Fdtmjf91TtZ7U43X/TfAui/yS/sRHr
Aw3AScBPgMWY9GQopmPUUsnh12L0gQ9i9I8vYDrHCkynWY1JXcZjUoMezF14NCZV6gS2YrQKH1NZ
Wm2X/YDdn7MxYnDAvrpJApN2uLbNBKZDUrWPkd2XT9o2RmLSiwdsO1cBP8KkXEtt+xmMVvNtTJr2
XYzmcYhdrsnu9x5MepfBAFIGAz6xcK3sOaqz7abtPsaibmCX8exxPINJ2cZgGNsHqJSR+5nJWxD9
zOSNifhifRbDFDoxnWw+RgvYjmEZ0zDpwg67/BpMh/qmXW4zpqM8g9E6foJhFQr4OaZzL8YAxL3A
t4Dv2fUGY3SJbfbv54ATML/xoxigyFNx5T6LSTlCTKoVULke1tl2wOgaozHAUQAew6Q9YHSWZzDp
SKfdxnO2zbswAuuBmPTlu7bN9XZb38CkYMMw2tF/YDr/Nns8YFjOC/bva/Y89mA0lfg4XgS67DFe
AlxddWzxMv1g0h/vuEhQMYGBuUNOsq+bqJjEYprfjLkrD8DctT+PYRnx+iMwekZ1CGAQFVGxAaOT
7G9AHIQRK9lvn+JI8udvJv6fWH4qRoCN96HaD1O9rEdFq6jD6EVD9/s+Tj98jMhbX/V9tRO3OiWK
16v+LG7DwxzrB6vaug3DqKBfgO2Pd2C47KtJxJHYb5nqTnErJm24GnNXn2KXq/adVHee/Y1i1b6V
WMuoXj5ODfaPv+R+rj6O/bfv77eszx8bzmIT2p8y6sXnxal6Lau+/3PrxZ/vb3CL9ac49bsOw4pu
p5K29Ud/vONj/7vsn+vAx2EqJA37fe5QYTsuFSNXhra25MyZM92ZM+e5M2fOTC5cqMVCrdHa/F2o
tTNn3jzffibnzFnozJw5z4XJPhUDWoKKO/VPsZfqiJf7/4kY2P6SNvenWNDfGingQ5hqmPNXlu2P
Nzj6x+b8/WP/sSTWdTpZab0maG8H5qBbl1YW2D0LaIe5cwWYjhp39OoUIh4FHI8ZCoBo3jwNs2DK
LFjDUmYxC5bC7lmI9vZ2ueuyNeLhhxfEwBLxzjF7Sf54lHb/OJ23MPrB5O8bAnAZPNibesAB4vSL
78/Pn4USovyzJO2/QRjdoRUY5HiJ1lQ6WVdf31pb29Bcn6hJpjzH9Vwv7bue44HQOlJKC0UYlYJi
rlAICrlCLp/r6+rY1dvX29MVFINOULsxouZOTCUl9rFotGae3ce1c+d77e0L4gGLEW/fDhqXrePy
cX+8hdEPJm99OIAcO/YUedVVd5dqZ6GnG/AQGMF1IjCqccCgyUPbxk5sahk0omXAoPqG5gHpuobm
ZH1js9/YOpCaTAbH8/FcD8dxEVIi7T8QaKVACDQRKjT/IhUSBgG5vl56uzvp7tijujr35rPdHX2d
e3bn9+zasWvn9k0btrz28oYoKG7AeFvWY6ol+gqtGb8U/uVf5vpr17bH87W8UfOg9Mc7PPrB5K0L
D3CWaF1avwp1wXQBpix6QG1j81GtAwYf1TZ28vjREw8cNHz0hETLoKHUNTRR39BEIpkGUEKWO6/S
WqNVJLTSaKWE1lpo0Bot0IY4OEJoBUI6QkscLRyBFK4WUiCFEGgcLbQUQsgoDEW2t5uejr30dnfw
+rbN+rX1a3s2rl+zfdvmV17atWP7Y4W+3qcw4LJzidasXwUXTBexIFt6q09of7y9oh9M3vzw29ra
5PUbNxZ2A3OFGAHMGDXhgNlDR445fOzkQ6eNmzyVtnFTaGhsRkgZuX4iUGGJYqEoo6AgwiiydEML
GyBACqvpCpBag5AIDF0Q1p5WnoREa7QGgUDryOQp5j+NlArA93zlJRIqkUgpQAZB0ddai907tvPa
ujW8/OJzvLbu+ae2b3ntqZdffO4R4Il58/TmWbNg/tL57sMLFkj6QeUfNvrB5M0Lp62tzbv++o2F
2UvnSxYsOMzxEnOPPemDJ084YPqEAw+f4QwaNoqGxqZSGIY619croiAQURS4oIUQsip9EaCNliiE
tsTDOMwdKbXWGo0WQggttLA+Vw1IEBqBBi3QaKHRCAQGkMznsUajogitI8JIgdI4rqOE9MJEwtfp
TC2A7Ons8F7fupHnVi5TG9Y88+JjDy56KNvdvQhYorUO29tx5s4Vkn7N4h8u+sHkzYnUEq1Ls00n
Pbp1UNtnj3nP+08+4oRTm0ZPOIDG5gGFYiFHoZCXhb4+33EErushHQehQTpSKzRCg0CjtBICqUFb
dUVQBoUYPIBYF5VCoG2qgzBcRWgR4xFCVAa7aEAIqbWKhJSOjtcRQqC1EmhNFEWEYQBa6GRNTeAn
Uyrpp0R3157E5lc38ORjD2Qff+CuJ9a/sPoa4M6FWufnT5nir127NuTtMw9uf7zJ0Q8mb2xIILlw
oc7NnSsmNTQP/OKsU+d87MQPnVk7YvQEHNcr5LI9blAqOo6UQjoujisRCK1UZBiCAlBCC2GmZ5MY
VqI1QkgLAqrMJsoj4MoabtUMiUKDAiEt+Gi7YAwq5RawrwRCa5MmCew7gZACy2NQkRFyVaR0IpEK
UzWZEEFi145tctniO9W9t9/y8IY1T/8QuHuh1swVwqM/9fmHiH4weePCGzz4UM8fn1GbHn74k0cc
f9rFZ3zqorYDph8dqigMsz2dHhrHdR2kcBBCaIHtuGjQCC0EEm1ZgTYMA0yqoqWRR4QuswvLOfYF
E61ACruMaSeGGIlA2/W1MNvVWiLRqBgtRKyraLOMFvugjpACrQVohFIRSkWgtEqla8JUplbv2Lo5
ceet14b33nbT9bt3bF2wZIneOnu2SFAZxfxGxP4mO33ooYfqzGmn6VkQu2dYylIGTJmid122RmSz
d4lVq1ZVjzyOy9z9zOkNin4weWMiceSRR8rly5fXeX5ywVn//JULTjvrApVMpUs9XXt8KRzpuS4a
HecpaBXbSSRCKATSdl4DJkZb1aAkQlr2oDH6CaAs45D2Cy1iHmEBxqitFQajtW3TsByT87CvL1fH
PEXb4cUVpmMkGIFWGimFKRoBWmkhHamjMBRRGOhUTSbI1Nbr1csfSVz/8++tWbXsoc8u1PqxueJv
BhQJSMaOdWYOnSFmzb8+mDKLaM18mD+/cnx/Yp0/O5G31pr5dv12EO1z53rt7a9qWBVPd9APMH9D
9IPJ/z2SzRMmeHvXrWtqGjD48gu//uP3zTz59FzH7p1+FAVuIpHSWiu0VuamDkLYa13afi1th66k
LOZniX8cU8VVCFutMQVgibDdvYwFZXyo+lm1MKKtEIYBxWwlTnnibaDN9mNtpUxfjOBb1lgs4FWS
KamVjgRIDKgEIgxC3dg6sNCxe1fqsu99ec8Di24994qVetEF0/9XgBKPvXHnzJmnvrxwfunVtTB3
SjmPa8QY+AZiBkgOrKlrGlTX0Njgp2oa/ISfFNJJSCRaqSgMw1KpVMjm87093R179wT5vt0Yg178
93XMpEtcsVLDodDYjpw7Vzi8/U16b6voB5P/WySor0/R3Z1pHjjk6v/4wdXvPfSYE/t2bd2U9hJJ
4TqOUlEkTBkXQxmkTVGURksDCCZErFNQ7jY25aGyhE1jKrzBfCuNJiIE+/CJuGBjX4hYkyVOc0Dp
fQXbWJytWtL8jQXdmL0YSNQRSkgcrbQ22xAghEsxnxPJTG1RoL3vf+Wf9z50V/uHLUP5cxqKC3jz
liwJ3j9rVngoIIRIY4BjbEPLgOn1jS0HNA0YNHr46PHDmluHtLQOHu7UZOpFMlNLMpnCT6RwfR8p
HTQCrSLCMKJULFEq5sjlsuSzvWR7OtWe7VvC17dv2rlzy8tbe7s7X+vu2PtCtmvvE8ArmCkigoVr
NExG2n1W9Feo/mL0g8nfHm59fX1tzfjxMvvyxv/+/IKfnjvz5DNyr2/dmK7J1GqttVZRKB3H0QqE
0AohHC20EqZMI8o+kTgFETZV0fY7oTW6yi8SZyhljcSyDYXRPYB9aEqZiQiNUFXfCVFmHeXqjt6n
vmMW0xptUxthN66pVIVi4FJVmxZSKKW09DxPFQp5mUjVFPPZrH/xhR9bs2b1EyfPmTNvd3v7guoq
T6Jt5kxx/dKlBYDZQjQCk9OZhlltY8YdMmLsxMOHjRo/bOT4Axg5dhK19fUgXPxEInRcP4wiRRiW
RBSGqCgSkdJoKxQppYWUUoM0JXbH0Y7rgpCUCnmvVCw5YRTS3bmHba+uZ+OG59mx6ZWNO7e+tnL7
1o1PZzt2PgKsnTdPdzALlla8NBH9zt8/in8UMBFV//gTr6t7UhzVObfe770AascefjgvP/nkR8+8
8OLLzvnCvGjntk2JdKYWFYVIadynIlL2gtZlyiGqNidtjiO0QkuB1PZ9+YGjlY4cm9ViMdXsSTWP
EGUAgP2mo7eF5XKzMZDY18JqIFQE13ilijJrRiCXG9b7nD4QSK2N5xalNZ7r6b5sr2wdOLjwyAOL
kl//lzO//fWLS99csEDUAaWZMz/F/PnXF2bPFi5mvpT3HXbcie8Zf+D0SRMPOKR1zMQDaWgeqNK1
9WExn9elYkEHYUkEQclVQSgjpYShfNKyMmHTtdjjp1Bao1CgIYoUWkWGjUmphXSUdP3QcT3tJZLC
8xL0dnf4PZ0dYttrL7Hu+Sc7tr+2/sWVj973qA6KD2JmkwsXLtTMnz/FX7t2bT+oVMW7EUzinBvA
mTlvXjRr1vxo1iz07rWQ8SG1FWbN+rPiHfPmaYa8H4r1MKgEnXkY32vuTNdcc423detWP5VK1eTz
+eYJBx726wW/+O1kz3NDpSJPmtRGOtLWU4TQGJ8IcdoSpxkxK0DE4GC8I8TpSlk7iVmE0T+oXjfu
QHZZabWQWGPRSiGFLOsg5SOuqvSYUpJExUJwNUwYIQWtxH4pEKaqU4W3ZU4jhEZbFiUFKtKhm/Dl
xZ/92IanHl18+nvnzNlVN2dOd/vcuQ3AzIGDh5951AmnzjzsmBNaxh9wMC2DhwY60lGxWBD5vqwT
lEoO0hFSSoQ050doiZBoZcRs6/DVqJhpKcOisEwPUyW3lSuJipTQWqGUJopClFZEkdKu60d+KhO6
vo8Q0u3c/bq7Y8urvLh6We+qx+57duOaVb/BTFz96hVXaB54YK7T3t7eb9Lj3QMm8UQ76vwrrtDn
n39+sGgpLJhdVh9qMdMhpjECXhNQJ71EjSMd35XSVY7UKgiDKAgCpYJezAjaLvsvZ//1zdPzgqVz
12amHvtB+YsvnX3BZ7/xwx+cNvczYefuHW4yldJRGEphmUh8Q0eCVIZtVKRVXSnnWjIQaxcxg5Bl
UdaymfgDDUKaziyELpdyY2w0fafCgKrTo5jZmMpQDBaVTieUQiOQQqN0Zd19SRlljcUwgPgwjJtF
ayWEEDrSWkgpCUuBamhqjW695mfhtT/5zpnZbPcq4IxJ0w47feZ7Tz/u6ONPEUNHjML1k4VCX1bm
Cn2OUtoRQiCli3RM8VwrKwZrRRSZ+rS2jAvLPoxWEp8mTZxGWpewXR+EkNqIy6JMvhQIpRRRGBIp
hdaoRCIdJmtqwzAKk90du+X6Z5fz9LLFW19c+ejvOndtvRFYtURrPVsIn8q8tf+Q8U4GEwm4k+fM
Yc6FC0tDauECo9o1YeYUnZhpahnX1Dp4VF1DS1t9Y8uwdG3dwHRNfSZdW+emUjUka2pwXQ9HOiBA
RQFREFEs9FHo69X5XF+U6+vp7ctm92S79uzo7erc0rX79e09fb0dhWzPttr6pk//rP2RYxtbBgal
Ys7zpFPxl1lGYjxnwgKCFU+FRsYdNWYZGFMawoyziU1riNjpGmcgFRElZjPmBlztN7EgJKpzOFH+
zHS6qvJvvE6VJ8WEqACXgspO6CowMd9pUa3pSK2FElpp7TgexWKfbh04NLrntpuZ94Wz7zj82BOG
HH3CaUfPPvl0WgYNDgr5gspmu10i7QjpIBwn3pbWyqYpaJSyO6QrsrWK2Yg5ACPEWHSLytmkZS1Q
PuFKGwDS8f7bWlYM2FohtFZElrloUH4iHfjptAiDwH3txaflE/f9tnftykcX7ti04VfA0oULNXPn
igRGYP6HqwC9E8HEHTx4sP+Tn2zPt4NuNxMEjQMOr20ccOTEg48+vGXwsMGtg4cPHjJyvNs0cCjp
dIZUTYZMbV3oeb7SSqGIhFZoR8dKpRZCOmZErZS40sF1JKVSUeZzWbdUyFHIZcn2dLBn5+tsXLem
r6G51T/htLluFAW4jqeVjqSISxo2L5BUKiQSyvRASBCWrcT5gaEy0oKCQiPLzCNepqJ5VGkvwqZC
2hB5Uwq2JrUyR7GpS5wGlPul0UvAmtTKiQ9lr0rManQMWlXCMJiUIj7IWIuRQmpl9kdEUaBTNRnW
r3mW51Y+Id774bNoaR1cyHZ3yVwu60npCMfzUEqhhdBCKbQWKJQwBjllUxVzFIZdmPK4tjSkqthk
gE5XvcYyEMuwDDSZ41TKUj0ptFJKCC0shxEorZEIlOEwREoRFItI1w/TdfWR1NLZtP5596mli3of
ueuWW3s7dv4ceHae1mLBP6Dz950EJv7kyZP5/I1rSnb4/nBg5oDhY04fe8D0wyceMmPQ8NET3dZB
bWSamyNHyMgRMgyDogzCotRBSYZhKLWK7KhbIaQw+l0sbJrQSCHtaDqN67jK8Tzteb7yE2ZULRrH
caQMSwWnmMtDWbEArGIh4sF5cbnUpht2E6a6a+FAihhqYu+JKHtPKrqKiBuvaK7Vu11uPy7biKrP
NVYXLYMSlf5vltFYF6yu+FWqO2j83p6aGEBEtS4B5Q4PhjVIIbRlako6jqiprQuzPb305Xo8z/Vx
XV8prUQYhkJIoVWcW1m2EKdvSlfARGkznECpCruIN6rsGwMeqgwaJtURKKFM25ZkoUy1Kx5VrasA
Ma5SgTb7JaUWSLTWlEoFoUHV1DaVtJTOa2uf9h696+Zdj99z69VRUPyJ1nqXEOMS8HL8SI53fbwT
wMQDnHlrdGHBFOEAhzc0D54z+sDp7z/w8Nljxx8yg9ZBw/ATiRKaqFToc0qlohRKOQiTszvCQToC
KYyAV/ZjCI3AMXdgSVkcRQgc29tEfDfTEWVObMRRLaXEdd0yGMV3eMr4ZDiBGRsTd3HDfLQKyxMa
KaWRNn8HbbUVu+0yAFiAgXKKo03ugbRuOLRGOhLb49BWE5H2eCsCacz+TQ4Tm9CqN6fj6hHW9K9l
ebhPzHaUXU8oc/5U1Xe2aTu9ihnto5XWpaAoHNfH83ytVEQYhcJUgbTRiyNtTrkVfXXMqZTt5Lbt
sv6BZU7Vnwn7m6kqfUeDsgMeVXkggwUMoVGKcnpUadsCki4zGR0powdhbxalUlFogarJNJaiMEis
XbVM3Pfry9auW/3o14Dfz1uiWTBb+PwDsJS3M5gIIDlvic4vmC0c4PiBbeM+OenQ4z50+PEfzLRN
OJB0TV1QKuRVqdjnqDBypZQ4roMjHVv1EDjW+g2qzAwk8e1dlF/LeDyLrPhHRRVzEfa9iKmDju/0
2t7lbTvx2tJWbsp+D2lZhyYMAhLJBFEQgtRIa7Z0Xc9esoBQtqNXNAshDTBEYWT3WSJxiFQACBzH
oVQq4vm+8amUQca2ZY9L2zu7RqCjyIxWBssAdBmAlM0f4ht0FJrtCCShivBcrzJWB2UnYRWGOWDW
F9oIoJGOkMJBSgeltQ6ConCkixBSa5QoA4RNzpRSqJj1qH11mvLnVfsWpz4ICxAWOY1oq8FWq7Td
n4qzV9jKT4xMMY3QRFXPEjTjL006FEXK0C0pNWZ9EUYhWhOl6pvCXFdH4oH2K/Wye35zTdfu7d+a
p/WWBUKkMFNivmvj7Qom/uQ585izcH5pgRAHZxoHfuHY084849BZp2XaJkwL0SosZLudMCi5juMI
13UNixCGMQglQCgLAoYySBEbyDVSlG+xBkSEET+luViqxFA7cje+0UqppTB36TIwiRioRJyiWFSK
QYsyEMWD9zL19fR0dpDJZNBAFIZIx6GYz6GVQkiJ53pEUYDrepgRxSCEJCgVSaVrkK5DWCqhtcZP
+OhIE4YBDY1N9Pb2EIUhSoVI6SAdBxWGKKVN255LFJo2PT9BGAZEQUikFZ7nIYQgCEKklDiOYzuu
IpWuQQtDQaQj6evLEgbmCZ/SccxroXEcj0iFuI6H1kpHSgs/kdBREFIMSkiESNdkdLFYEGEUaaUU
UjoCIXSpWBLSETiOW+nkCDugscIgdFz5UqpcllKWpsQVnopeolE6HsWkLLgIbJaEjnUUy1J0nAZZ
DSpuB4S23hZNnDbZtjRaaCF0UCgKL5EI0rWN6qWnH0vced0P16xb9ciX5ml9/wJT8QkoJ2Xvrni7
gYkAUles1PkLposBwGePPPljF8780NkDRk08KBToMNu9NyGEEL6f0NJ1NCqK3Va2Y1sIENZuLuKB
dKI8MM7oFLEGEXs/qnwgMcOQFcEyFjal3U3DYFQZcGJNxMqlBoQktk1rd7cG9IXX/ZydO7aiIs0/
nfcFXt++CQEcd+KpRJECFLlsllQ6TSGfw08k0FoTFAsMaxvCg3ffQz7Xx9GzTyIKArZufo3bb76W
jj07GD1+Mp847yKEdEhnaigWSgRFA0CJhEcQBGR7e6jJ1NHVsYfHH17MSe//CJ6XwPd9enq6QUek
M7WU8kVKQZEoishk6rjl2st57ukVJJJJhgwfySfO+xyJZArXccnl+0in69Aosr1ZEokkub4ekqka
stlunnzsIaYfdTytgwbQ1bGX++64nVknv59MfQOO49KXzYIQpNM1hFFEIdcHyHIlx6Q85nyaqk2c
wlBO8cppkKqkbWURVpezP2KhWlHFbnQsxu67nq5ssqoiFLMom2IJW3XSIBxHh0EgwyDQmaaBhZ69
O1L33PST7JLbr/4W6EvmzUMsWCAk78IS8tvp2SLusCOPTHxxy5bCvw8VJ4078Mjr51z07Y8d/5Hz
aloGDi309Xa4QangeZ4vXM/TWoCKIimFpQN2zg1RBhEDGLFNPe70xJ/L2MshjZaCsnoKlrlYRuGY
VEWKyoC8fVMi07aUMYuxbETEICRwHElUKtHY3MKt1/2c7o49zPvhT+ntybL2uZUUcn0oFTJ0+Cja
r7+MUqnI0BGjeG7VEwwZ3sbmV18mCgOiMOSRxffwzFOP47gekw48CM/zufwH32Ta9CNYcMl/88Af
/sDgYUNJplL8/pabqK2rpbm1lWdWLWfV8mXs3bODtlHj2b51E9u2bCSZSDJ4aBtL71/EquUPM2rM
BEqlIvcvuo0gKDJ85Bhyfb3UNzbSfsMVnPaRj/PFr13Mjb+8HM/30UpwYXYoAAAgAElEQVSxcvkj
tLQMZMm9v+fll15gyLA2Xnx+FQMGD6W7q5NX168lkUgyaMhQVq9YxtNPLuPldc9z+LEn8PKLz7Pi
0YdoGzOOQi7HymUP0dmxh9aBQ1A6LovbGeOsaFR9M4iR26Rt5lvDAivpqkb80fdUr29nmyubAMu3
2CohO/6uvA7lNrQx5hiBKNIIO9lVIdvtJVM1pSlHn+Q1Dhjy3lefO2X04sVffXDhQp1vb18Qj/d5
18TbBUySp1x0kVj94IPJh7968cUzTz/nxx+56LsjRk8+pFjs6xZBqeC7ri9c1zU3CqWE1MamLkAg
rVtCxBqIKDOMuOIgKadBFaHVsoZ4DIsgFmcrYEQsYFo1NBYzY6CSSOz2K2wmZjRS2naMKOhIyd23
/4oPfOwcamsHMmDwYN5z2odY9cRjpNM1LF7UzqChbTzx8P0kE0kW3/Vbph85k8V/uI2+bC+PLv4D
Urq8sv4FBg0ZzoEHHUYQFHFdh/vv+h2rVqziqGNnM2L0BH787a8xZGgLd7b/mrr6Rm65+mfUN9Tw
1BPLGD/pAB5fupiNr26gt7uLV9avZd0LzwAO27du4omlD+A4IY8uuR+lFBOnTENFESuWLWHnjm3s
2d3Ji8+t5j3vO41LFnyFYcNHsnLFowSlIrt3bGfrpld5buUTDBg4mBefW83zq1agVcSGl9aw5rkV
OA7s2rGTmtp6ltxzG57v8Ojie0j4Ptdf9t8cd+Kp1DW14EjL5uLf0WomsT5VkbvtfC/E/bzaaRxn
FLE/RxCX3I2Yqyv+GCveatvQviOr7bYRpiwfLwc4jtRaKWEGRSghhEBpcEyq6hbyfUw8ZGZx6JhJ
h7724qojb7jmCw8t1LqzfcECn3eRHf/tACY151+xMrz1G58Z2dI85No5n/v2uSef+XmElFEh2+m7
rietQKjtXB9CSqHLYqipuBhgia89adhFpaJSBSTx2JdySlOV6lgUMKmRBQ2bAMXCrAElWdYwyukU
1VZvyixHCI2QDqiIRDLFiofvZ/T4CUw+aCIduzt5ZsVjBGGJrRtfBaH5zve/zq69BV5Z9wJKRRx/
ygfZsW0zr2/ZSF9flv/60bfpzSqKhQLTph9Bd+ce0jX1zJh9DL4vuG/RHWzZuIEd27cwYdJUokiZ
1CEI+fK35rFr+142vPQCxWKeI2fM5sXnn6Zzzy5O//g5fPqCj7N9Wwf33NHO9CNnUCoG1NRkGD/p
AKTj8PjS+0mmaqivb2DG7JMZP3kKL73wLJ/67BdZfNdt/Of8/2Hk2PGseGwJEw88mJfWPEu+r49D
jpjBzh3bWP/CC5x57tm8532nsm7NK2zbvJ58Xx/jJ0+lL9uHl/AZOXYS7597Fp179uInkra8q8tD
GcsMQgvrFDa9Op7sKWaFBijsZFMxQghR9ueI6jFHlk3GKap9Q3m+3fjCgoq/x4ruAlDG6Wucv1Ja
fNJxCoTjeCLbvccbMeHg3MjJh4zb+sqLJ1z9rxcsXaj1rvYFCxK8SwDlLz228a2ImitW6tKVF0yf
Pmbq4bed+81fnjTj5I/nezp3u1FQ9L1EKnYKaCE18Yw8NjsW2tT47C2oXKG11NhcYcJeFFV82Fw7
ToXaijinsYxDSl1pRwi0tFUZIRAyZiWiPJGRpSgGOHSF/QA2rTL5tuM4TDvsaG6/6SrWPv0st1x1
Kc+tXkFQKpBKp8n39dHefi+rVzzC2ElTyOeyPPrAPTx8/13U1jUQFAu0/2YRjz+8mL6eXlCaVCrN
r668lOUPP8KRx51MKlVDbaaegQOHUNtQS0vrQIYMG0F3Vwfbt+zhuPecws3XXk7rgME0tbTQ1bGH
QUOG8fiS+7j80it4dcOLjBo7nlQ6SXNLC22jxqJUhOtIerp7mH3S+zj3X87hoEMOp1gI6Ni7G6VC
kqkki277FUvuvRPX9XjvBz7ColtvwvUcho4Ywa4d2xg+ciRL77uXe37/eza++hLD28ZQ19hMTW0D
w0aMIplIsXfX6xTzsYHUnMOYGQqbvxrmUdGzyiX4ciprfz0Ra2YV4Cg/yDhmohgQEuXl48ukwkDi
Mr0uLxtfUxotjHqjtRam7EZ5ds3YEKB1RLKmVnXu3ppumzAtf87XfjZ11AGH3zFXiIkLtS7yLnmw
+t+TmWQuuluXvjFTnDb1mFNuPPPffzh60PAxhe69O1N+IiEcKbRWSjjSXAxaibjAUr5oZAwesgIY
pl+L8gUk46pMmXFUA4VdvyrFqZDlmOHYi1lW0iNhDWdSGE9IbI2P2ZK95hFC2junxnFcSsUi4yYe
QFAq8eDddzJoyHA+ecEXCEoB4ycdyMgxE1hy712MmTCZE0/5EJnaWlY/+Rijx03iuBNPYVjbaJ5Y
avSF6UcdS01NBsdxmXjAVFYse4RH7r+byVMP5mNnX4CUkpXLlzF0xEgOmHoo6UyGkWPGk6mto76+
gelHHUd9QyPJZJKZJ57Ci88/Q1dXN6d9+GOMGDmGxx9+iNqGJqYfdYw5N9LB8z1aBwwiilzyuRyJ
pI+fSDJ67ARGj5vIk48tQQOnnvFxGhqaqcnUcsgRR9IyoBW0x6yTT2XDupfo7uhm+oyZHHnciXTt
3c1La57mkCNnMnDoUBqbWxk0ZDhhFCBkPOdtRf+If56Km7jq4zhF1RXdCmKRFIyPteIGjkNXt1+V
41SkdLuUiNOoKtSJrzVdHgmF/bA8xYwQAh0q4foJcr1dXmPr0Py4g44e9OralcddfdE/3zdvnt77
8MMLXN7hGor464u8KVF7/vkrC1deOf0Dh8w+/aoz/+OHdVIQBvlcwk+llY4CYedItTYQgZCVOcCE
kEjxx5WUaqAxy5k7Udy7zQWobYc3VZ44bYnLu2ZxaV2pwgyliffaAkt1+zGllpZ6m30wnhYtJI71
YGBTI60VDQ1NSMeAZNfe3aRqMsbv4Tokkym0UvR2d5GuqSGVSqERZHu78VyXZDKNAPKFHEGxgAY8
36O2rh4VhiCgY+9e6urqcRwXhCbf10cqlSbXlyVSiobGRnJ9WZTSJFNp8vkcdXX1SCno6e7GcRz8
ZAoB9GWzZmZ6oKa2nlKxSBAUkVISKUWmtp5sTyeOm6AmXYNCk+vro1go0NDUTK4vRxQFpNJpcrkc
NZk6EBCFEX3ZXtI1tQghKQVFwiDEcV36+rLWj1Jxt1p/HpXBerZUjEIr8yOZ1zEbEMakhkareCS0
seDHaZFWGqU0xvZPlQlOl8cblZ2x9qYQj/2JKz1xRUdbU53WdkpNQCN0pCKbM0k7zYpDoZgXmYbW
/M7N61O//OanV+zevOEDc+bM62pvX/COntLg7wEmmTnzFpbaF8w99eCZH7z6E1+9tDYKIx0FBd/3
k8pMKGSSXxEPGJfmsXNxOmK0C+MJkdaMZfJlYwAzP6TGESBkxfElLWAI6YBW5YFulRKuqFRjtEba
5ZDljN26TXWVmS2+i1WXm+O83twSZXyzwrCaUrFk5i9BkEqlCKOgLPZGZi4UfD9hvCKRAQjPT6CV
IooiBOC6LsZfY2aMD4IAx5FopUmkUoRBCWVGxuF6HmEY4HkJhBAUC3k8z0dISRSFeK5PUCqYOUh8
HxUpwsgY1DzPM3suBaViAccxj+TAll+DoIjnJ1BhZDwkQuB4ZvBkIZ/H8TykNL4V13EJwsB2No3r
+ZSConEAOy4CgVIKx3MrHVJXOqlx9Wq0llVl27hEW3Gulm33to5rfgaHMAoIgiJRZBJlKV1c+2wi
pQyAxOViMAY+7Pgf8x37CLZK2QnBraM29p3EdvxIgbAzgCulhMYCiuvqYl+frG0ZmN/wzBOpG773
r7dNGHXUJ5b3ELG2/R3rlH2rwaRmzhd/pNp//KVjDjrutJvP+s9Lm0ApFQae5ydVFJWkIx2ttRLS
Pg9GYDq1igJj6AI8z0NKhzAsxvkqnuviegnCII/r+dZspWwn8suMQgpBGJasOctMouM4looqCxJ2
3gytI5ummHS4LDDFebSIJy6qMJiyRd++1vuwJws6rlMGImMsk1aTMaYygSBSIY6UFhy1Ma45EsdO
PG1MWsaDIYWDjGcsFRIVhTjCMccgQEUa6QiUtXS6jmP8LEITlirmNsdxUFrjuC6uY9SFIDQeK4HA
cV3CKCwDSZzWRWEIwsF1HfMojEiZ6pXjEgZBWSjV2gyWU1rjui5RFBlTnZSEYUik7NADFRvNKkMM
NMqMoyEGlwpDiQGjbKXX1tpvQUFrKJUKOF6Curp6PM9HIcjn+ujt7kYphUz4xshHbNdXxF61eFoI
VaErFnRil7AFl3h79po0+18e5W2s+NJROlJCOq4u5PpE48Bh+ccW3ZT+1SX//q1vhqV5C4RIAoU3
txu+OfFWgkly8KGnyddX3TV27EEzbj3767+ckEilg7BU8D3fVygl4jQEbSo2aCWkdFAqJJWuIZXO
oLUm19sJaDL1jeYOC+T7eigV8tTWN1LM96HCEOFIMpk68rksWkU4tlSbztRSzPUZsJDSdDIBnuva
u5q5Gj3PozyRs60dOrEHJRYC9wGSyihdQ3DMaxnP2WpTIbO+FQRlpTOIuNIgDPeK2VbMauJH6BgH
rrIsqrJ+PN1J7IPZJ6rEYm3t7ghoaGzC881mcvmIKAop5nOESqFCY7WXjkMUhgRBgJ9IluuoYRAh
pMRxzJ09KAV4vgdCEoYBOlK4vmfMYMLMdOYnkjiOQ19fL0I4aKUJoxDH9SxAaqIgQnoGcJWqsszH
prJ4EJ+w6Q9UDGXCms+0TYkQRGFApq6Rro69rHjkfrZtfg3HcRkz4UAOPnomCJdcrhfHcY1LGDMV
pjGxqTLrATPgsDw/ihJooSwjEuV9jFlVZDUalI7dtFppLYRAR1ojhEOxkKO+ZXDQ/rN5Yslvf/Hh
OQv1ova578yxPG8VmLhATSqVyqQbB91yzryrjhsyckKxmO1K+Ml0FAUlR7pSobV0bOcQQiKlya1T
6Rq2bXyJtU8upaa2gcNmn4brujy/YgnZrr0IIRh/0BEMbRvHcyuWMHLcATS2tFLM53jp6SeYOO1w
kukMWkcIrVn/wkpGT5hKTW0tYbGAn0wipCQoFpDSsSmEsbe7nlcp9WL9DiKW3swpFMJOUxIDh030
pQUvlNVjbNojZFUlCIEUqpzLm1kIjW8ifkYO8XihspBYlv5Me3G78SUvKvOllT8VRiiOBUgJRFqx
dPE9dHd2oLWmbfQ4MrW1jBw9jmQqhee5lIolkwr5SdLpFF1dXUhHohUkkklKpQJBEOG4DulUimzW
6DLpVA1CCLLZLK7nEYUhXiLJptc2kM9mmXDAQRRLecAhmUiRz/WVRx4nEiny+ZwBPSnLDERTpVXY
c6wRVQAQY6hERRFCOoRBiUSqhvt+dwu/vOQbNGfSjBgxjCAMWf/yy9S1DudfL/4BEw46gny2F+G6
xqJPZSCjjtlItSOWKjdsPGlTDDjYz4QBkng9w1wcjfX1ijgtQkRKK3nl189Z98pzT5zE+efv5Mor
33HP9HkrSsMCyLS2To5Kkf7ah87/5nEjxk4t5ro7El4ypVRUksIx5jMhbIpqS6thEJDK1LJp/XMs
uvYShowcR8fObdxx3SX0dOxh8W+vJV1bj5dIccd1P2brqy9xy8++xYO/v5GG5gFs3PACP/7qefR2
7cWREtf12PLqOr7zuTNZ99xT+IkUkVJke3vo2LWDVCoNWpPLdrNnxzbSNbV2rIywd3bDUMqD96yG
EleQAIqFPMV8niAoUcznKORzZklHoKUVdmMaYRmKtuqQtI+VEvFwXx1XhwzASmmduDGUlMvPZgS0
lTYsQ7EFU210IGnNX4bwRSSSCbo69nDT1T8nU1tLOpNGCk3n3j2EQRGJZvPGV9FaUVNbS093B6uf
eoJkIoG26dLWza8RlgJqMxmiIGDDi2vx/SS1mTpe37aJLZtfI1Nn2GQUhdSka7jq0u/z3Yu/AGhU
ZPKILZteRjgOjjQQuHXTKwgBnh1GAJSPr+INisFclytnrpToSBEUCkgp6Mv2kKrJcNsNP+cn8z/H
l7/4OZY+8gj3P7iExQ88xNKlDzPriGlcfN4ZrHnqUdKZWlQYGMZUdt/as2/PsdQWonVsP6jaJ2QZ
eEQZ3KvasdYCtPmjlBJSOjoMSm66pi445ZNfnJSubf7yvCuuCGnDfwv65hsa7luwjcynPnVd4YYb
zvnI7LkXnjtt5mnFnj3bvUQqrVUYiPihUsTTHGozvtWo8IpEMs2qpYuYetSJnPiRs9m6YT17dmyi
VMozcFgbBx99IkEQ8Mqa1eR7e5gw9TB2bd1ItquD19Y+zZjJBxGFEa7nku/r4+UXn+YTF32dV196
niNmncQffnM13R27CYOAGSeeyuvbNvPqS8+RSCSZPO1wTvrgx+nu2mPGxyhlJ4C2lu1yJ5dEKkIp
RXPLAHzfp1gq4bsOUgi6OjuISgGu74GqOGvjVCiePdpMhVB5Hk7MgogvYKzTU0A82YgZuBgnVPFn
VITq+AFeWHCKL3wLkIMGD+WAgw7BdT0SfoLlyx7m6aeW89D9f6CpuYl0TR1nfOyT3P6bG4gixXOr
n+LQI2dw5U//h7aRownDiE9dcBHX/uIn9HR1MGb8ZA49cgaPPHgvIJgy7VBmzDwRz3V44ZmnmDBl
KsPaRvPc6hXUZGq55uc/ZNjwUSRSKY44dja/ufZyhraNpVDMcd7nLjYsSNsuqbVVZW1qZxmYcByC
IKRYKJBOZ2hqbmXP7p2MHDOOJx95gOt+8h2uu/56zv7Up+jq6iQsFdAIxo0Zw69uvoVMXR2XXPzP
XH77MqTjo1VkhHY7WlkpO5ZZgIpvv0pQmXWukm7GAC4QdnoDu8tozABULZCmyiMdR2sVCS/h676e
TnfiIceWDn/vh/9pgRC3n79SL7lyuvB4B80t+2Yzk0TzhAnccMM5Y8dNO/riEz96oZfv7ZSO60tN
ZPJ3e3XIsj86LtFjc/WAsFRi0PAx7Nm2lTAqMmzURFzXZefWjdx+7SVc8/0vUcj3MmDYCDK1dbQO
GcGqx+5HSIdho8dTyGdJ1WTIdu/hmWUP4ftJnlm+hFxvJ3t37eSYk07iw5/6DKuWLWXbay9zzAkn
8rHPXMiTjz5AsZizYq511dq7jDl55uKJAiPyZtJpltz7O775xfP44rln8JV/PZtbb7wCbQfOhUFg
2oLK3VXKcieJrf2inDdpyzoMu9BC2KkNYuOcLusmZdev9cM4mvJ3suyjkQghcYRARwrf83l96xZ+
c+MVLPzVVWxYt5adO7aye9frDBw0hM//+5fYsW0Lub5eRo8Zj+tK1q99gT07d9DQ2Mw//8v5IOA3
N1xFS+sAvnvpT5l+5AxuvvZywiDAlQ73L7qNKAqpq2/gyWVL2bF9Kz3dHax8/BHCICCZSPHlb/8X
fdkeVq9YRlPLAP7tGwso5nK8+Pwq6hoaCEolnFjIFqJsXJWORCLJZ3NIAUOGDCXX18dVP/keF1/w
EW68/BJuvPx/eN/JJ/GJT3ySrVu3AIJEMkUymaRYKrFn127mz/8WdTUei+/8NU3NLQSlIo50Y2uk
ZZ/CaFWasn5m7EfS2gKshmN/uvLvBuXfFhmnTVo40jHOFBmDpHbCMNRHv++shpbhYy66crpI0jbz
7eBQ/1/HmwkmDvX1qUwy6dTUNX3+hDMvmpSpay6FpYJnx9iYS8LOiqy0YSaxGi+EQEURrusyYPgo
Vj92Dw0DBrJ7+2Zu+NFXKRUKDBg8nLM+t4Av/uB6XNfj1bVPIz2PsVMOZtHNl9M8cAg1dQ1ke7tI
ZdI8/cRS0plaho8ZRV1DM0899iB1jS34noeQpvyaSKZJpVMgjCYgZdz5K6Ylx7WnTVBmT517dvKF
c8/g+1++kGLHZtqaa0iE3dz48+/yiffP5PnVK0jXZGwJ16l0DCEQTizgVomw5UQl/qxq4CJxiiQq
y1frKGB1FpvqCLOutFRdofF8j3yuj1Fjx/ODSy/nB5f+mClTDyIqBQgEAwcPRro+DY3NrHziMV7e
8BKjRo825eQwZMCAQSRravB9HxWGpNNpojAin88jhGTQkGFMnnYwhxx+NJ7n0rFnNy88u4ox4ycy
fuIUtmx6lY0vr2fA4MFIWcTzfDzfJ1WTwfWNcOu6rmFysTsR05GFFDhSEuQLBFHAoKFDEFJy01WX
8a3Pfxy5ayXf+bcPo7c/zqrHFnPyyacQhSHpdA3pdNpoYo5LfX0dkQ4ZNLCVQw85lOdXLUcpI8ob
x5kGXZ4ok5iRlm3XolIqrp67Ruv4d9BVv0iFpggjHAulEVoroUF7nq9z2S5v8OhJwUHHnvpeYObC
jUsL8M5Jd97MNCc14YAPR+uWXTv7mA+d+9EJh80q9XTs9hOJpJWyjPnYPOlOm9H5xMKhQGrwfZ9s
916OfM+HWXT9j/jpVz5NMZ/jmFPmUN/cSm1DM7lsD8lkikFDR6E11NU3MXriVOobWxg2chzde3eR
rqkhKBbYuW0Tp3/yXznqhOPx3DTPr3yMsJTjzl/fTKqmlpknf5AXVq/gjltupqllENNnzMb3fQq5
XoTwymp1IZ8nmUziuA5BoUhfbyf/ecHHGdRQw5KlS5k6barJ/zVs3bqNr3zlP/nc2WdwxW/uZuKU
aRTyWTw3gdaRYWCx/lEeA2LTGxFPPK3tdAjaPAVQKDvu0DIZe0vUQpe1EWx6ZLMyk/ODFYsNM0km
kzQ2N7N9y04czyMMSjQ2t1JXX0cQhGitaWhspLllAGuff4bGpmaklHR3ddDc2oJS4PsJjj3hJBbf
fSdf/fxFHHLYkcw56xyW3PcH9uzewcQp06jNZHj+6ZWMHDOOcy/8Imi45rIf8fK6F9m+5TW+9rkv
MWzkSCZPOYhf/vi7fOfLXyOVSjNl6qH09nTieb4djmB8NKWghFaappYWwjDk9t/cxJI7b6atxeE7
/3EW0w6chEYzefJkfn/vo2QydbiOHVujTUVOoYkijeuYalNLczOvvP4aQalofDTasD4Va1wCKtY3
DBLYsVnxrHTSAolCglBIbapCZcCxP0s80XVlctByzU6qoFQ69PgPplct+f2Zc4VYyrBhkq1b38Ru
+saF+OuL/E3hUF9flw6CpJ9puuaC7950SsuwUaVSLuv7rqeVUObM2TKpjBF/H1oYu0o10nXxXI+d
W16hvqmVusZmCn29uJ5nxS7sL6zxHCOeOVaVF1a41JHCcR20VgTFAM93SadTXHfpdzj4yKOZNG06
NbXN3Piz7zFx6jQOPuI4pPAQwjARM59IgCOhZeBAenu62bl9G4dMP5iLLzqPF1Y8yBMrVpJOJent
7ka6LlobT0dTczMf/MD7eenVLfzqrkco9OXwfLdcvi0fd2xJkBL7CC8r7sZP7YvPTQw69hKMtRf7
c1YqR+VPrLBLuWIS6yuOI9DCRaBQSu1TUjaUPCKZyvD61i1EUYmGxhZCpUilUsarosFxXYqFPJ1d
exk2bBRRGLJ500aUVgxvG0WhULDb8iiWCuRzeYa3DeLO227j5ZfWccZZH6eldQRPPPwgK5cv46zz
Po0QaVKpGoqlAtIxv3OxaIx49Q0NCMdhyf33cMctV9Lo5znnzPczY8YRFEslOjv2Wq+JZu4nvsTZ
n7mQr371K+zt6KCpsaE834kQkj27dzNo8CBOee9J9FLH/J/exI7Xt5JM1cSz0pfNaHEJPp6Eulxh
QqCVMjKKRYd4xjpT/alUoJTW8XQqmJlANdq6Y0EQhoFK1tTzm0u/3Ln87ptPPP8K/fyVF7wz5j95
s5hJuql1QtTx8pOzZpxx3uzBoycF2Y6drp9KqSgMpWMeFaXBqNrlMS9xGdR2BHPzlegoIohChrSN
IwxK5Hq7cT3PgEWsNpp54QmVwhGSMChZf4dxQhq/igGtVDpJFCnCSHH4rJMY1jaGdG0TxXwfhx17
IoOGDCWdqSfb003K2s0FmpaWVpSKuPv3v2XxbdeT79nFuIOO5eH7F/Ff355HU2MDO17fQXNzM0or
pJT09PTQ09PN/AXfZvbsWaxe/hhHzzRjUlLpNFGokFWdPp7igFjnMNQFh2rkrwyhF1WfCks9qoVc
q7tWpUG60pDWRKFGiJLRrmxn0DHIYTpcX28PrQMH4TiSUqGIJyRhENh0AIJSEdf1GDJkOH3ZHrQW
jBg1CgTk+nI40iQGYVAi4SdwpEO2t8j4iQcycNAwBg4cSSGfZ2jbKNKZDM3Nw+nu7iIMA3w/QbFQ
oBSUaGhowk0kWf7YI/z2xl8g+nZw/kdP4b3vmYXWmr2dnaA0tbV15PMFBrY2c/RRB3HHHXfylS//
B1opujq7relR0pvtpb6+jpfWr+OJ5cv5zFf+x7iGhe3k5Zm1Kacv5hI18K5iADf3RlN6t4a2eNpL
cy6tkGuv7xhZYj+bFJpQKSE9T0XFwPESfmnSoce1LL/317MGn8/zXIDLOwBM3gxm4lBb20Bvr9cw
qO2az373xvc1DWkrhbms73iuNpQ8EjKeZFkaAcuASqUTxd9LO1hPgHFqCmOiKrtPqQz4kxj9Ie4v
8fSMFcZjB/5py1bQJBIporBUngs1kUiYiYhUhASCUonGpmY832fZ0sX84dZrSAQ7+fgZ7+GgaZP4
8c+u5877n+KhBxczYeIkIhWRTCSJHbWRisjnc3hegkMPOZhTP/ppLvjCf7Lr9ddJpdPGOBfPxBYL
sBo7EZBJW2JBujLuyKZB+830Fqfp8cO+dFU1gXgZbF4fC1RlLcLMrSrstJTmQRsVw5iKVBncldLl
YQVxG0proijCcQ3jCsLKdI7Vd2gsO1LKsDYhHfKFHFIYB650HPpyOTzXMzOuFfJkauuoq69n9VNP
ceuNv6RzyxrmfuBEPvLh9+MnfPbu6QAUrmdMcCYVKpLwXbZu28HJZ1zAOeecx2WX/ZRisVQ2nfm+
T2dXF2d86HT2ZEO+f83vyOdyOK6PebQoZU+JpjJhNrqKZYBlIkKFuZUAACAASURBVGZ4RHmO2bLZ
DbRWRFZHqZjwKlNQKsPEtWEtGun6pWxPp3/Zf3z83l1bNpzBwIEOO3f2vaG99E2IN4OZpNtGHx9t
evaOGdNmnHRcy7DRqtDb6fpeQkdRJBxHaoR9zFR8F626bMvPmdGV9CeeRd35f+S9d7hlVZnu+xtj
zrnCXjvV3pUpqoqqIhY5imQDiCLBANpyTiumPqbWVo+xRbS1jW1obTGDQrdSiqKAqICCIAhKkFzE
onLVznutvdaaYYzzxxjfmKv63Ofe+5wuvfDc9bCpvVeYa84xx3jH+71fimKf52LDAtFii/r8mpBs
F4RHWWNln13lXbFaKbrtOaJIo2K396fdjitmbAwD/Q1G5y/g7j/ezpXfu5h08nHOO/NkznzJ2+h0
Uwb6a5x95ulcfcNdLjLUnwKEdV3a01q7QLhuOwjMWqnQTkGyi5VUyXcDEA5WirHlFzgXswqvI751
qwkeZPm811Rk9NzzPSKhcuAhz0VCDT0qRXHsAN0aoqj83l7BPImjEImaxJHbuU15DaUx5lzsWZ5h
bEocxVgseZ5j85w4cnk91XqNPZYt57H1j/CFT36EDQ/ewRmnHstrPvJ5RufPZ+fOMVrtNrV6HXBg
hjJYXVCt1uh2OqxauSdf+dyHePeHPsumTRv4u7/7O1atWk2e5/zpT3/iy//6FbZuepKDjjqFbrfr
wNAL2i7i2OfqGO0LPUKB6Fv4Vhk+olj6B0GIzHXBdC6dwPh8MOMEWFcc3M1Da5x/2SildJ6lenB4
gVq290EH7Nj46MqT9nvRUzdtv9Rloz6DH7sbTBRQ23DvjSaq1M886PiXNCIVdZXSVZx2YQ3GpeL5
ySVeEkQBF3+98pPeLwQCnnuwEa3FRqAKQisGKHm9xCUITe1dpN4kcK0qQOvYuaHzlEajwcDgMI89
/CA/uvSrjD11L+e8+Dheftbf0j/Yz/jOCa8DWJJYg8148omnWLP33rTbber1uis5qFzimikMk1NT
jE9MsmKv1Z6BCRX2IBI5xqR8HhDeBaq0LcegJ1PaXZMXAP3YOMvHsTjtc6x9MUEcy6F8rwqjSQBh
LUzDbb3W61Y2jL57u/bFmKXyGVr3NJkJ9ZZDKQD3rA1FoSUDN44ip0eYwh03iuh0OiRJwpI9lrJl
8xa+cPGF3H3LdZxy7EFc9LVPsOeK5UxOTLFt+xh99TqoOsYUXliNXA6TcdpYpVal1e5y0vFHs/fq
FVx99TXccccdYTPJ84yxsXFeevqJjI0/zeTEOEuWLqXd6frYnXLU8GNjjVy3Z3cByJHJR29ug3u/
3BxhNjpkJLunTW/4IdaYKIrifM81axfcdeOV+/HRSx7hlEurPMNzdnY3mNSW7neU2fLwnavWHvOS
E5butT/d9mzkEsgcI4iw1se4etebpbfwjcy+3nsjGCPVz8rn3QJTAXQIgCKtOFVYKMYX01HlYsOb
E9bQbjXpa9RYsGApmzY8xSVf/SyP3fVbTj/lcF7zP/+JBQtGGJ+YYMeOCWrVCtVahXa7y+GHHcz+
e6/gu5d8l5eeeQbjY+NMTk46tybQbDZZvnw5H//YRaSF5TnHn8TM9LRzqdrCl0hwmc295ROkBEJZ
8KcXVJS7PmVddrPSoTOfAr+l2pDcKHqItBMNECKAjrAVz16s80a4h3TMdDu09vfIcUm/0AS0fVkH
F+zlztkaH8gl3g48S9JljovSGmsKiiJl8eJFTE5N8e1/+xI3XnMFh++/jK9/8SPst+9+TM3Osm2b
CyAcHhoiL4wX2x14YAqU0lhtwBa02ynzhod567s+ytObxnn44YeoVes8+tijVCoVDjzwQH7725t4
zWv+hkV7rGBocJBuNyXSEgHbA6PexAntQ4wKIGK9BhIeWvl8HA+dPtNZq3LMtGdwaDBGSZqAcscz
KqnW09GlK/qA5W89GW766wSY/pceu/sEq/0No4CjV609ZmX/4Eg6PbalElcrSiuMslZ7yxxvQRJA
xehyt7TK7QTIVMftlKhAKspfCLu1Cn+Hu0JZYsDbPPI+r6Ok3TZRnLBkj2WM7djKt//1M/z5lmt5
7hFr+OBXP8rKvfZifGycnePORdkYqGLzAotLcsvzjPf8/et52WveyQc+8EE+8YmPA9qXEtCMjIxw
xQ9/yEcv+jjveP9FLF6yJzt3bKWvr+FbWJS6jrdHyvye3nwgP9MkmVBGRvmMY7FQSijuiVVRJbOw
SEsOyjGTDG3rfg/ApFS5RjyTksZYgVyG8ody74QY9jBMpXyRD2GYPgNXgatoaalUqigdc8Xll3L1
uktZuaifz174No4+5mhmmy22bt9JrVajv38IsSh05AQyi/UdBjWoAoVhbi5ldGSU6371W35+3U38
8rrrWL16DWmasnzFcgBmZ2c555yzufAjF/Khj1zIXHOa0UV70O200XGCLSSuWOasBxS/iUlNFbkb
oo84UC2NusBJJDTfugnsPmt8mQwZQJRSGmNy1T84glLR0g+++MWVntn+jH3sTjCJ+/v7k/V/+lNl
ZPHy41auPaKS5d2OUpHSaBuaT1qlQhk9pXDJOD5nBK9xKHyIMkFoFdARLUR89vjd1MqOaWUC+BgL
+S7PSrw1QZqmaK0YXbCIdnuOH17yNW771Y85ZO+FfPlT7+GQgw9menqabdt2UK1WafT1u1641mAj
FxpTq2ta7S6HH3IgX//iR3jre/6J2267lTPPPJNVq1azc+dOrr3mau648w6OOHQ/ZqcnyAu384G/
Bl+9yZEEVebu2J5oWOsyTEO+gTAxMZG0PN+TndyDrMrT7hCmT+lU6MESLwQSxtixEhV0H4xjeI6K
g+gGRr5ZGpiHhaM8yXH32kUX9fAgpcjzgiRJ2LJlI5/9yLup6zbvf9urOOmEY8mJ2bJtO7Vanf6B
QYSp4SvYCc9y7lUTwtptkRPHFQoLn/vyN3nVq17NySefzI6dO+nv72dubi6I9+Nj4/zdW97CJd/9
Flde9nXeeeEXmGvOutgW5euVIEmGHrTFVAug7OJRQjCbsA6Zr6YHWE1pdkrLUquEASnvbDPKFIWq
VGvUB4fmPfaLXzwrAtd2J5gkjcZC1Ww2lyxcsd8BC/ZcY9O5OR3FkVUaa4yTBF1YeDmZhY6jTPC0
SP0LFdL/lafdqmfXE5PF9ugt1h/bw7y3+WVPUcp5ZyyWkZFRCmP49TU/5tdXfo+9FlT49IffxDHP
OYZup8vWbTuo1qoMDA5j8twX07E+nsCgTYGLYclQkWZgcIB6rU6WFXz9619n+/YdDA0NsWzZMpJK
DU3B5qcf7ymgRI8bXO8CFGISSGCJotQzgnENQYy1IjorCfvzJpNoTboUn4WmhLq4NhC28j2S0uD7
8ErgmxFvm1FBQzA+sC5EjArEa6H55Xd5TA8bQ6Q17bTN/AUjXHnFTTD9OF/87PsYWH4IUzNtiiJj
YGgYTYRFoyJX+wQl9V/cfTXGg4nRoCK6Wc7g0CB33nEX6x99mn/96jdptdvEcRzCBbC4fK1Om6FG
gze88c188nNf4LVv/yCVWo28yB2Am7JfsbsH1seHiJnuvY54r4zcRVu+FsbFGA/cruCSVpJ5rMNa
sKonszuKqFSqyZyLDHhGi6+w+8LpFVBpLFoNsHrJin32rvcNFFnWiZXWyhqrNFoqPgTC5taT29s8
KOPYhbzPJ3kFdiJLS+xYf5O0Bl128Asu0UA18WHgBY3+AUbmL+APt9zERX9/Pndf920+9JaX8a2L
v8DhRxzB+PgE7XaHwaEhKpUaWI1OKugo8VXGYqI4Io4TCgN9fQ22bB3jLe+8iNe9/o3ceust3HLL
rTxw/wPcfvsfuPXWW/n4x/+JP9z1MHGlThTHGFO4/Jiwkq2/DM+u/OBoyuLViFdIETw+4urWynrw
dQCsUaHYEkqA5j+DsA7h+XI/ygJShDotriSEDoAkwBZInwdxd86e/Sh5p+QHuQtSGiLPqoQpKiyR
BkzOvocdS2XeMv50/VWoosvw6CKKzPjqaxX3EyXEUUKcJOgoQccJURw7b5MvHwGKgYEh1v30F+y3
//4ceOBamrOzKKVI05Qsy0hz969C0Zyd4YWnnYY2GffecSt9ff0UWV4yYmn5ZWRa6hAyiPbA2aN3
lezQ30gFZbU/BVKOEh1C8OWbNIpIuXTOwhjb7aaF+5ZnRCeJ/9vH7mImCqhMTz4dax3vvXTVfn1J
pdqxRVHTWklZKh1AQex1IYzePSOTs5QPxFXqsF+8IBZX27WMNfG79n/ezb0gq5Xz79f66jy6/mF+
+r2vwPQGXn/eSznn7DOIkyoTk9NEcUy9b8AJmh6QosRHL/pCOSiNNRHoAtPt0j8wyKfe8zFWr9mX
z37m00xMTjI4OEi1WsUay87tO/hv57+G39/yO37+i1/TnJ6hVq2RF65Yk8MTB6hOzyj1EwFDb0gT
ygwETcmJB6HWilefvTTohUBZ4IQRx2siTk8Su15yUcrvKfdZi7HlfQl2pnFZyaIFhI8gVq34R/09
kh27B9yUBxurNe3ZKUaXrmT14bD18XsZmplk4aqD0FGCyTMXC5TUUK5HMWIqoAoKUxDHCmMLCqPZ
OTHL7265neefejqDA0M8vfFpKtUKeZZ7EdWGYLPm7Cx77rkne69awe9vuIZTz3oV42Pbqei698YI
w3DN2qSimmyOZT1aYX0GY7R3itme+AQxcdzQuMRNr7PI3olSxhgVRbHNum3Vbk3NDA2tMNPTG/4a
5UL+S4/ddYIR9MXjGx+p9w+N7jeydKXtdud0nMTWoqy1RknNDY8HIcMyVJynpITS5hG/gypfI0Js
Vm1LncTij0mPeaR65rzSZGlK/8AAv7l6Hd/80Ks587kruew7X+SVLz+L2VaHyalpGn191Gt1tHaB
VFEcu1qmkdsNoyQmit1uGEcJeW6YN2+EP93zIL+8/ndc9LGPud3GV/nqtNt00y61ep3p6Wne+/73
05we56p1lzM0bx5p2nXfJePiwa9M3gNrvc8k7JDOeyMCqbY6FGVyxaQkyA0vqJbgFMBIu0hNl10s
Nr4UdZL3Cc8RfuEpvsbnCgkIuGOJlBjO03pTUwlD8uchNN56tz743104eqVaJ087VBpDrDrsFLpz
0zx97800x7aQVPuoD4ygoooDEuUEWK0jdFxxDa+MYmqqRZzE7Ny+ldnZFocdehitORfvlac5ee5+
iqIgzZ3J2+l2aTT6OeCAtWx++jEfexQ7oFbWtTrRfo4Ja/a5UruEIfQm+im861gFOSQwFwFm8WYp
Bdo18vLN162KNM2ZCUtR7Fiw7wG+nPYz+7HbwKQ2bzgGqo3h0b1GFixVRdoFpZUyhccPFShxzz9u
oC0gFd395BbPgPPIiFhLubPK4gvbnI8UFQtIvkMpisJQrdW570+38aozjufVLzqK5myTqdk5kljT
19cHUYyKYnQUO/ocVYi0B5MkIdIJWsdEOkZFEcYqGo0GP/v5r9n3gLUcf/xxzE7PkFQSClMAytc4
1bTbbVYsX87LX3YOV/34cpRy5oP17mAJuVbB1OsxI+S6lYCtCoWYyuZh/qJ7fg81ZYP+5MYqxPhY
+aw/jrXhd9FuEKCSKGV3msHTJu1SAV+71v+O3KtyodkAQrK+dHkOGpR1918nVdpzLdIsY8XBJzJ/
xX5Mbn2SDX++mZ1P3Ic1BZW+Bn0DI8RxnbhSpSgMMzNzdLpd4kizaOEoO3aOkxWGffbZh9mZWQCy
LCMvHJhkWYbJDVmWYa2l2Zxl3/0OYHJsJ2M7tlCr18lN7jiw7QERuTEWoRJehdU+JkjtMvaudrDF
10SS24Q4nktAdw28ANevuNup7NzwWAfYuqO5IeZZULV+d4CJAqKaNRoY6BsaWdw/PEKedZQLE1dW
a22VqO3iNivVPnoNd+XpttwIdM/OCuWN3OVhy51BuLalBC6PWtVahdEV+9PWdTY/8Hu06VLtG8YY
T0dVRBRXHaAkMVFcQccJWifhX6Xdblip1pidy7jq2l9z2gtPpa+vQafTwRrrbPIs9UWSC/dcN+X0
01/MpqeeZP1DD1BrDFBkvpi0sDOvfQSLRXQibyZEfiUG008ppKSjsD6UCjqK8rU2lHbmRhBvFb76
mlvwofdyWOxOF9HQ4yny3+3NLPG6KbQroaDceMs9kzQA1/ZDl9cCvu5K+RmsI3RxFGGLgoULFtHo
qzO1cwf1oUWsOvL5LNrrQIo8Y9Ofb2bTA7czvmk9hTHMzrZoNueoJAnDQ4NUqhXiKGH7jp3EScSS
xYtpt9tYa8nyjDzLyLKULM/Jiow8y7HG0Ol0WLJkCe3ZaWZnZpw3pyhK5udnZ+gO6OFAh/tUehqR
frBYJ7p6HibjTxgHZD1Y7XMmtFZWo01R5PqpR+7ZCTyebZ+t8SyoCbs7NBMFxD40b3Ro/uJ+V2He
KhU5Y8Maq6TATJkwpYiU6AXlgWz5P79ru9ddVGVp46NEY/C2uRJ9yrvopAVGiOhUFHlB1m6xeOX+
ZCZm6yP30L9gDxatOpg4qWFMgSly4qTqGIjSvp6nwdjc7eyxotVsgapwz70PMDk1w3HHPZdut4O1
lrwofEU27Sp9WpfPMjU1yaGHHU6E4Y7f/46DDz2ITU9PUa3XsLndZScP+TnCTEQ7wge3QaD6qodh
iFvWDUlvPIiYJSUtDwIiombI/9z7rZiOiLsaevOHTI9LU8mujb93YRdXPdGfKnyTsbY06ayLNaGQ
uJ2Cz37xYs57xdkcfsThTIxNMTW2g8bgCEsXLEcBszs2MzO2lY5JaAwMMTg0iFIGW+R4KYTJyWnH
GnzYfkzkY1EEnAl/F4UhS1P6Gg3yrEvWbbv7b23YwGTohEorlFi0ni17jRXYhR5Dz7i7140fE2eG
KmtMrkBbrTV5kVOt9xc7Nj8RPfnQPfcB29utnRHPgkS/3cZMrFv1Q43BeTWLS1dwnM0PtBVfffnF
jiH2LiChiMGq2QWAdun9assMW6nHKYWVXdi88Z/xdrwX3eKkQneuSaUxxF5HnkKedthw781MbXsK
lKZvaCFxtQ90DFo70yZOSJIaxiia7YypmRbDg31sePJJhgeHWblyJTNTUyilyDJXgDnNU4q0IE1T
DIbW3ByLFy9myZLFPPrwA94j4uNi/jcwKDWOYKaIwPy/aRqlYKu9/qAsWM80ymprhGNq70KX33t/
SjbkBEKp5qaVq6Qv8UD4jUCSKLWclwLpsxyuzVK6wHuuT5gOFnTk2l0MDDQYGhrgvPPfzKc+8yVm
ZqZZtnIljXqF5vQErdYsw3usYsn+x1Kp1Blo9KEVFFnupWqXhZ0VOZF2RaharRZZ7kRaUxgKIz+u
1GaapbTn2q40J5DnOUriyJQqdSrZqGTsZW7iIly9tBdajASWZ4U5SjCgAxcb2JxveK4jW2QZlWpd
P3znTao5se2m6qJFOZ1OxrPAzNldzCSq0VFd6Kv2NRJlUda7D0uTxGG4AEXYqLQEq3kRL6TXE3ZF
JaKi7LLBJhd7QFxxpZYiu4ANO4nfIKwT+rrbx0iSKnuufS6d2QkmNj/BzM7N9A2OMLLH3jTmLSZK
EmzmGjc1my3a7Tmq1Zj+vjqNecM8+sRTDAwMsHTJEsYnJlwRpiwrFwu4GiEQWkXst//+PPXEo7Rb
OXESOx+AAGcYKRWu19IDNpS7qgxu6e71bKVXC+kxHR3o6jBuyjPAQN+V8R4bsextCN2XbnqydJQ/
mV4vkfztvG06nGKvTiARyXLrA3sB8iKnr15jbHycM170Ak59/sn87Jrf8m/fvhxb5LzsnJdy9HOe
i1Yxc61p0jQHZciyjqtEj/Xh9Ir23BxHHX4IkxOT3HD9DZxxxkvYsm2bz1LWJdMwBoki6R8Y4EdX
/JB5CxazbMUq2q0mkS/K1MsorHwWqf3ixsxiXXBeuDYVNj0HMqbHYVDeaWMcZdRK26LIVKXel7dm
xuN7bv3lo8DdtY7VXWjzLIgz2V2uYd2xFQ1U4qgSKa3Nf47glMcuk8//rm25UCSzVeOEq13CvmVF
+dkdFp0VmcHHhLt+ETiZrzSjjDXoOKLT7TJv/ij1aoPxiXH6h+ax8rCTyeaazI5tZccT9wEPMH/P
fYgH5jPXahEpGBzop5JoprIUm+Zs3bqNel8f1VqVtJtSq9W8qKrDgpEq51mRk2c5CxYs5N77HyHL
0lDASSupVlK6eb1x11MQiXCtoq8ovPbgW1PizT5xa8tkdmJqgI2eG+HKDWgN1moi73ZXwiRlN/Dl
INyvvvGU3E//Yzw4ecZfGgNWmKmwHXz8YclahKZmWU6tWuXd77uIQw45kA/944fQSvHOd72fN77p
7RgMLzr1NP7p4xdiraHIM7DONLWmoDA5SRIzNTXNIQcfwBsueBX/8J53MzExzotOfxHDw0OuQZhx
TCP21fC2bd/Gxz/2Mf79P37Iez/5NfoHh5menCCp1kIBKIFSDyNu/vkhDKOqvMuZkkXLZqZRrgyB
dU5kr6tYrZVz6GhN2u6owflL7K1XX85j991+DSTbpqd3GFxR6RKDn6GP3cVMVDeYixaLEVeLt7od
UOie4XAU0XhK7peNLBShij3aBz2g0isGlnTTm6gyQWXv84tMadedrhonbN22g49c9Bk+/IF3c/hh
hzI5Pcv0+A6SWoP5ex2IVhHd1hTjWzdS03UGB/tdyEaeuVae2rXhaM21GRwcpD3X9pM7d8V1tA4g
InuxKRydHhwYYK7Vosg7TlexXuyU3d7KTu7tbA1aGZSVplylBwa/WB3I9LA3D9KlniJNtwScvR7l
d9VeRHBA4mNOxAoOUYC2ZCB+ARkPPK7dqWeJvghVT/kgNxfKHrxIQWy5h1q51qiVSswnLnovn/rc
xZx04qmc98qz+eQnP8JArco1v7qV2dlp18q0cA3D8jzDFDnGGpc9bHLiWDM70+RD73sHg/19/POn
PsF3LrmUI488kn332Yf580cxxrJlyxYeeuhhbv/DHxjbuYMPfPobnPzilzEzPUmlWqXw3bSchuSq
9gmbsxjfXdE6+8P6eCDtJrT1m56PZUaauRmMo+2AsVZp73ou8lzVao1semxr8tuffHe9LYpfNRqD
ttWanMNB1v8vmIkCqNiOTiE3eVZgSIQfunnqG0P7v0QMtD30XvJDhFO6+AP3KWtdhKt7SFpwuYsK
DcXa8I3BWyT2urUkcUKz1WLfNXtx1BGHcu75b+K8V5zD6/721azZbz+wiuZMk9RAY3AUqkMU6Rxx
FJGmKda4Pr/GuCbjSRLT6ThPQas1F/r3RqK/Yf0kN8y15pg3Ms8VlI6dFmPyIlSTd3EaPWYIpWZi
rWdcSuJGBFBl/Eq3sepJHAvpBgFc/PBZqYjvc3n8Futac/oFpDTK+DHWhDwSekEGdhVY/XucWO6P
q11hJdkAwm4iqfm4TabwjcrSTpfRecNc/t0v88vrb+a731/HJd/7AUcedRgnnvQCnnfSc8AWFHnq
/s1SV8LAWqwpPKC4/t+ddso/vOMNvOjUE1h35bXcdtsf+d1N19NszhHFEf21CnvvvYLzX34it9+7
icOe+zw6cy3X2c+PmzKlqRkEVz/pQr9jfw/k6lRJDT2YluOjlevqZ60l0soWRaHQCabomsbgPHX1
ZV/oPv3IPT8YGhraPj092cWVHXhWtLvYHWDigLdb0UDWmWvmVruQKmz5BrfYZRcmhB/bwDBKWmK9
6RNcbH6XlqJBgbCLKm8VVpvSHanBhsjP8n1ZmtLf38f6x57g6KMO5dxXnsXdf36cT3/+Ypqzk5x3
7is46phjWLRwEd25GdpzbXSkKfIIa3M/Sd2MytMuZ55xGv/99X/Pr6+/nhNPPIGJ8UmMtWU2sB+A
KIoYHh5i48ZNfOfb3+KMV55PY2CQse07qPf1IR4aIoFbWazKx19Epc4UHl4Y9GOkVbmLKr8KJIZF
9YyVhL0Lb3JD681BCTTzpqntWfxhARl2AeowCXqtJ/HGiZnjxW9lVRDSTZgDMk0cGKCh05lj8+bN
nHLSc3jhC07ivvse4aqfX8c3Lv4Kf7zjFj73qY9TFC4i1prI91B2zMR55IpQ/3fnzjGWL1vChe9/
K7OzM4yPT/oCVa5A9cIF82jNTnPHfV+l2Zqhr7GYvNtFa+VKAygTTG38+YYKa3LNUvxVuXmHFvPW
X5fbgtw8Ndb5ArSiKCxRUjWduaYemr8k+9Nvfla9cd03r6tWG7+bnp62QBMHJM94VgK7z5tjbdKJ
gFZzamcnctaJ20K1Dy3zdNuRBL9I8LtTz1ApKzlkJaqrsPeWto6bs9azEQc2oYxgj00OXk/x9nGW
5VSrCe9674V8+Svf5MTjD+dzn/4Iq9es5uOf+AzHn/g8PvvZz9HXqLvKX8ZgTe6S/Wzh65LGjI2N
86JTT+a157+C17/hDVz89YuZnpqi0ehj/ugo8+YNMToywvDgIO25Fr++/npeds7Z7LFyH97+ng/T
nJ6hUqn0XBPOPJAx8YNhvbYhDETyZYVxiLakcQFpsj8KIInHRWF7YkMskfLMJcSXOOYibSWUJnhl
5Kgu7oTyWBCE31L0LReesE98v56ymJDzOknQm5tAbiKYIifSilo1YdvWbWzcuJE1a5bzTx97H7fd
fB0f/fB7ydIuxuTkubsfRZFS5Bkmz13YvXHN2I0tqFZi5lptNm3aSnO2RaOvxvyRYUbmDVGtxExO
TrJt+xhKKSqVqht2ceVoYWkKCUGVJFVn+ih3+3x0MCLXWUvvdHUAqn0IijfCjSVKKjbrtFRjeDTb
sP7e6g++8pE/Z93O97vdVgeYxrGSnGe4ViKP3WXmmAoVndGanRrb3syKfAEq8gsdpbSQYXFVuh1Q
mHbpHXD6SXClCaDY3h0Tf4M9cMgMBq/PeqrvbVV5uTCGOFak3S5Llyzisu98ic996VuceMqZnPGS
F/K6C17LRf/4Ph546FHa3Yx2exYwvvqaxhQ55e6Xo7Wi1EHZEAAAIABJREFU0+7wiYvey/Jli/ja
N77Bt77xbQ46+BAWLVpIva9B2u0yNTXJQ488wuOPrmfftQdx6Y+vohLXXS5J5MwNZ2v78Qg5MF7P
kAsThiC/Bc3BgU0g07p0RXpjiJJ0qNK0lBesjFsJAhrjDqlBAgFtGFW3EAzCIgmLx3W9s4LliPwo
nhwxzZwV4OuuyX3HZ/+agiLLyPOMWq1Cf6PB9MwMExOTJHFCtVbDFB44jKXIxWNmXYkIUzjPicmd
lmIMcQyRrlDkLmDNFIW/tzlJJaZeq7pz8WxGzDZhUqX57DU+JSK53+7kNlHm6VgVNDOndon9h7bG
5DqKK6bTbupa/1A2sW1jcumn3715YtvGb0TVxnjRbc3gWEnKs8AlLI/d5c0xKakF0ubU2M6Zie17
DQ6P2iJPrYoSa0zuWkJpkOVu6SkJ6EVEBxw6ZAkHqiy2f1gkeJNJqLq368NuJw1GTbDjFc52jyLN
XKtFo17lm//2KW697S6+f/mPednLXs3CRQs54YQTeMmLX0SR5ZgiA60pish5DLAYk2ONYynWFrTn
Ut7+d3/LWS95Ab/41Y3c8+cHeGL9vTRbbWrVhPnz5/HfX34KWp3E/Ru7jM4fYfvWcfoHBihyHwHr
g7jQErUguSyqBAIXrlpqIwqkxIADEHlvWcdF2Jv2JS2hBBXljxOC//B5M75YtFFiYvlFprVLs5e4
IA/mUn4AXPN1Bw4mnLC2tsflrHydVO9m3SWcHgcC1lAYB9ytVpff3fknjjrwINfLpzCu+LfW3pSB
onAg4lzD1usnPSaPKcC6eBLra8+681AUygNjIear+LpUmD8qmJaSEiD6ETJ5EYHWeqNNcqesj86U
gtEYo5TGxlFs23NN3T88ko5t3ZR862Nv2brh4bu/FEXVxz2QTFJqJc8KEwd2D5gYwGat1AL57OTY
0+PbNx41umS5zabakCTKTTmU8ga3tW73k6wRd5OlHbfcnHJXDZGc3psAymsFZXtMKXvobH3ZPVQI
vJLF6FpQQLeb8vTTmzjs4LWcdNxzePTJDfzu93fyox/9jGVLRjns4H3IU9dpzhQZhcndVPETtCic
0KcV7Ng5xtBgH2987SvBvpzZZpO02yWO3HnNHx3iqp9fz6333Y8pFHEUC2vzHhe3mrTXF4RthHos
XvQUE0JiQUKVtrAICGKueG96hVr8Z/HaU2B5vSWAPHPQyoMAQE+HO0dWPJcIfFNiS2xYXFiL8czS
lSgsbSBxV6ueCk0OSNznsyIjRvOtX/2QL15/CRcc9Uo+fsG76GRzVKMqFpf3ZIzGFMaDCb54lasH
u4sYa42LKTFOS7HWP+cDG61nXsGstArXO16JRAbuinuYVqkT+Wfd2Boxuf04Kc9MjCWKY2NNobqd
LvMWLE6ffOjeync+9a6NGx659xuVgYGH09nZGWAMaFGaOM+ax+4SYA1keX1gJG3PTjyx/an1HHDE
Scpa45VtKc8osSdlda4QJCU829+oUMOm1w73u7f72++awlrCirE+O98zGUQYKyl5UeToyNJXq7B9
xzY2bd3CgvnzOf+8s3nja1/DbKvJzPQUkVbkeUqRm7B7hQnr3ZDWOLs87XbYMjvjTCBPiVNrmJmd
JU07tLsdKtUqUaQdoInJ4UFRTIweO6B0pUtZPxVmrx+UEoi88e7HRvJiRPB0epXLA/F7r6BLiED2
dF3bcLioR0g0qB5RMdBIF6oitN9ajC5f08ZirMbXc+8xAZwu5kmkO75f8PgFb4qckdoAI3aIkcaQ
G+s8c8ezUOQFxkYUuQrMJFTCC4Di/nZg4oHEGFcyUp7T1v+N85qJBid3UXmRuhdSdulVZp1tLqah
gJIwFqVRxkAU2azbUaDM8PwlxR9u/Fnlsn/5wEOTO7dcUqnXH0tnZ6eAnTjz5lmllchj93lzyovf
+PRDd413O3OjUVItrLWRb6brShGE4CkHJG4XlGA1P6l1mcYdWmdCyJ1S4PuK+nB0AZhgAengsgxx
G/ToA6agyHPSrMu8oQHq1T4mZmdozbawCpIkcXEGReaQsrAUhXFeCFNgC5erY4VO5zkqUtSqFaxx
zdaN62FAtRJTq1WJ49hPdnEzSgmFUrPA+sQxGxRsZ+4YhYrcMIecI6lUb8UUdLeidFB6k0NJhK0K
4KOkHqswDG8eOfbnmKLs1G6hi7ga+TgJi3wbksiHr8tqCTzHHc/XcjTCLN3zUopABAfrNZaicGyv
m3c494RTOXb1oSzfcwlzaQtlLAUpyjgNywAmd2DgKsP5WiPWLWbXodAzEQ8k1ps7wkwwModsaYr1
RgHj5pEN509I15ANTIBD4njKEgNuMytQyuQ5jaF5Nuum0Y+/+anoJ9/6zG1gr4gq9afTdnsC2A7M
4FhJyrPIvJHH7gKTAuhm7TbAlk1PPPDU9I7N84cXLDFZtx3FlcSSF1p7IVZ5F7G14j3oEQ39Liki
pOzUTkWX9xGCr3wQhDsTLZ+14Wb6Jej/b8HvSlmeESvNbff8iQc2PMbLT34xA/0NvxUoTJ46fcRq
isJgCjfZTGECiJSg4tyRYqu7gjhuUhc+mA3fKW4Xd63szv75ALPyuzdxZBLvYuIE7ULtCppSgxEb
2I+7/LKCnQqUwHiTU9a4W4ROhHUagfN0uu8PxpByAWrKSGxKYPd+Y7Zl6LkXa8XDb7QNRanl9rrr
sbss9CztYlGs3GsRnU6XqNDoKPId9xyYWPlXTBVjkPwvFdiHweKZii1cIJ0tAlhkRUYn7aIk9VmV
Lm0j4nbQSvB3SEw4G/rjBJDpCbM3ygCRxRbE1apdf+8drPvaJ8Yfuff2a/uGRm60RdpqN5tNnGkz
7X+eFXk4/1eP3eEaNriLz/K8nVarjdkdTz/64OP33U613sCaHGVcuq8Nq9ovDm+mEJawSLMSl+BD
kgNl7xFq/Sq03qPgzFuPNH4n3qV+RggWsBR5jtKG1kyTf7zqS3z4sn/hmptvoJpEtOZaFHmKyTOK
wnkEHNPIXKe/wv2YIsPYzAuyvTa4CeBijdsRCXqABKdRmiZ4UPSMBSsB2J65ySz24yWPYNtLaoEI
tOHa3Xdo70z2tY96PEXO9NRaEvnEHPLFk7y715miKoTWS7Ejp0OJ8OujAOS+9DAlQfXemrOS9BZM
WoXLsAbStEvaTalWE/I8Z3amSeSPZQrx0OQY66NerfOuuedFdM3Dc84UdSZNGX8CRZ4xN9emlkSM
jgxj8jaxbWNtFADVfa3T73qTVEO4QkhKVYHdWQ+c1osqSlllTKEiHbFjy0aVpp1kwR4rV85NTxzS
bjYL4PFVBz93x+CyZRmuNOOzEkhg93lzChw1axPHRdFt3fXAHb899bBTzl6o44opjIm0bLFeWS0l
EtPD84U/SJtu69PfywBuV+BYtADYxQDv0RtKccyvMPyatBaLIc9yBgdiXrD6GFRTcdCqNbTaLZR3
GRplMbnbgYscX7bR29emFzhMsM0DY/HZqO7cvUCobA90K3817ncLIatZ6rAKm1Dl2wmRpqq33an3
TkjfHTHvBBxs+Z2RxNF55uEOroXmlWZgOYzBaFLW9cQxPo9HW4tRJfBJCcSQm4JGe4HTlc30Jpd1
xZSFgeJNPYy7L8YY7rz7AfbbeyUrli/FGOh2XepBHMX+PjpNBV1gbOEBFST5zrX29PfLCJAX3sQ1
zM11qFQiFi8aYfPmbVz8/WupJ4o1wy02Z87t35t/JNxW+YBKl3fm6xZLTJNnJr6+gJ/SFoxFRzFp
Z04dd+o5HH/6KwY3rL//hCceuPv4P9/xm7OffOCuG5748+9/ANx04RU2u+hcVfXr6VklvsJudA3j
Lr7VbU0XURRtuv+26+596sE/nrbfoSekc81JreJYzBgnj2gLxsfBlnPZU3Ghmz7HJZQmFCdmSY0l
ty9Ut9JlzxLRIUoW4KCqyDNnf9uMt734PP7H6ecRV2Pa7TaR1hRF151eAagIkxfBphfNIHSzD4BS
BBHRGutdhR58lH9/YUJciXa2dI90IayqzKwNUQohN6d8r1XOVeuh07MF790J4+NptxzNloFr7uHh
TKJ1VY8WgvFuX2GEvjduiJ8QL41GG+M9F8pnzvqx195l6nsimZB35G+Hvx/CHK0xYHMqseK+hx5l
bHyCVSuXM39kmLwo6GYpWJz+lBcQG4xyYOKOb0L4u2wa1mdtY6Hd7QCGBfMHGZ+Y5OLv/orf3/kw
zznmcD7wnrNoxG22m5RCVdDWUADiSRNW4koHeBPQWqRpWTCvUM58NAhNdAxVRXTmmrbIC7Pn6rXF
yn0PUc89/ZUrNzz6wOvv/M3PXvPAnb+76qJz1TeBGy78jeWiU1QV6P4X1+Vf9bG7waQLzBJVB/J0
7pZbr7n82DUHP6ffYq2r4GhUFGtjrNHa4Lu6lSguWb9ioohd7XZGYRyyWHTI5wmmkhII6XEzK5Ek
vRFljKvLoS2ddtfV/YgUWTt1ORmhSawrQu2ITeHCI7xnyniBr9z5erwGfqe01pVuNEVBe84VTqrU
qj3mi5+oHjy0v8ZeoTQAhacIknogrMQGhiJmuusRXMKRp+veLJEdM7xDTBehI/4hCYKWUtcBH38i
bljlQcdY5zq2lIDoNwQplOw+XsYOlQ3SfRQpHuqtq0XS6KuhtGZ8cpqZ5kMM9DfYc9kS5s8bBpw3
zukgfrzxLl7fSiJ0CsQxwzRzyYBDQ/0UWcYVP72Ra2+4g9WrVvHPH3s3B63dh+mZGV/k25KL2xxh
tjYI50hlefnbhNAZd21+Tkv9E+u7V1pXllHFlYhWcyoyRW6jqJqvXHt4sebAo+ONTzx03h+u/8lL
br3mP6666BT1iVdeYR9ad+7aCjz4jK+wJo/dBSYWByY50CzSua7W+vF7f3ftrQ8+/5zTDznutGxu
eixOqn2WIldeiPW6YdmmwXFUwmKw2kfjW6lrKDuwMzuc61SoSbkTizs4LBs/0a01xIlmcmqa2Zkm
y/ZYwmyrTVFANal4IJCd2TETpRWG3E8YKbRvUcHMcawDH3npzBv3fe22y25dODqALWBmbBuJ9X2R
wQGp7NC6pPySg4QS7SMMlmM5aJdJ7M0UpxO6RW4tZdG5gA8ergKrUMEli/AMJezFtcoQsAzCrM85
UUo7k0+78bbicrbCBP339rqRlYuKtaL9IAFgKmhhURxji4IsTZlttlAoGvUqeV4w1+5w3wPrSeKY
fdYsZ2Ro0Af8FSHAzX21Y4UKZ1p1uyl5UTAwUKcS1bjp1rv5wU9+S2NwiH94xxs54dhD6XZTtm3f
SSWJUTrxruye8ba+0L4fk2DKBKx24yfeObzWJ3qWx1yllLaOJRlXEjJOKAoTtyYnYos1i/Zc1Tnr
9e+rHXLcaa/55Q++9rx156qPARe/8pVXROvWnWvDRT6DH7uzCVepm8CUUnF/kac3Xvf9Lx6yeu2R
S5KkaozJtY4ia43z7CglFr5HeRFP5UZ5O1QHV53fCAnlOUom4wgJwdCXY6CC8Cg7Spqm3HHX/bS7
XVbuuRRQtDtdlFLEsW+IJPYwYGweKK8zYbw4jA0Cq/GsRStLp9PBGMPo8ADN9hzf+fdr+Mm1f+Ds
lz6PvLkRooU+O9ddhPYeEQmsA2/yhaG1XrPwz8uuHl51kZ2uDIEtvURQiqg979bedS7MzqOzH0+J
4pQITnckpU2pPWlxjeIylHualuPHyPvtApj3yGL+fSUAaKXozLnCU7VqwsplC9m8Y5LZZouhwQbW
QlKv+LIBO5g/b4CiSMEYtPUCqz9apBR5UTDXTWk06szra3D3nx/h3398A5MzKa8572xefOrxoGHn
uIslqtX7iEiZLAbIqaBNgaEsUO79BSVO9grhVq5IBe3J+BgGqwDjubQphF5SmNyNkY5spVazJi90
uzlTK6wxy9cc1Hnt+7+4ZNXaI792zSWfP3LdunPffaG1Mxcp9YwXZ/8SjX0iILK2qOukZqZ2bOqm
aXrQ4Se9hLnWjEqSitt/tbLWWK0VVmntE/GswxRK2u3yBH11LM9YdAj08qtPmAmUyWlyk7XGFBl9
jUFu/sVP2H9Fg9WrV7Jh0xZ2jk0yOTlNpRIzNNigksSkWRqU+aIAlEbb3Mcv/GeTRsRXpynkeUq7
3WVgsE6jXuHXN9/Jl7/xE3ZOdnnXOy7gtOc/h9Zcm7ix1J2/5CWBW+BB8ynBsWxGLiaHu26JVZOC
xtjSI9NbykBrFdzFoQ6v8sdTkpjmxw0f+4GIwzboK0F1EvpjXci99WUKgOBZE03Fk5tdAgslJEz2
WWMMSZIwNT3L5ZdeyjFH7MvqVXsw0KiTpRkzsy2stdSqCd00ZdGCedRrFeeK1xWUSZHoXGsM7U4H
HWkWjg6xcfM2vvKtK7nmhrs46cTn8qH3voGDD9yHqekZut2UWjVB6QRsRmorbDMrKYhQPsXA2l2B
A29CCXBYX8rBKhtqwTiXuJt8kuIgYyqAh1KuVKO1yvoiLzqKrVaR7nSacZ4X+YHHnNJdstf+R294
5J4jr/mHv//1FVfY1rp1Fz2jO/vtbjCRDVUD2hrbX+1rTD/98F19/cPz9zngiBOy5tREXKlUwRgH
HA4YFKAi32xF3IblAvN4oUrWUfZ+EStA7aKRyA4SaUWe5TQG+vnttT/iwBUD7LFsCdu27aBerzHb
mmNsfIodO8dJs5ThwYb32Fhy3yNXWdcOAVMEUHHynFstucno+Mk5MtzPPfet5/NfuYL71m/mb849
k3e+7XyWLFpAs9kkSeoU1cXleSsdli4eSJ2FJi5bvet7A2DItQqbEwAhtFwI6jQ944TPEsablxK+
b3tNKxV2XLdo/Ot400yJSVMCuVs1JXsJD0VAoeCe998jQNJqdVm79mBs3OCfP/1F+muaA/bdi+V7
LKJSiUjTjNmZZmCtI0P95B5MIptibEE37WKNZXRkkLnWHN++/Gou+9GN7L3vPnzovW/i+SceTbPZ
pjXXplKtEOkIYyEiI6XGFrMXXWpoZcRQDjPakyxx1Mjk8pelgukm1y7bXgjflmURxlRhfCk7a60y
SBygResYpVQ0OzWerNz/sNby/Q7d74kH/3j0dy973y9O+uAH5zbcdJMc8Bn3+EuAiQy3BquKLO0H
u+3hu24ZXbJinz1Xrz0ybU6PxUmlhoq0tcboSGvrKo1Zr6coJcDR29gJJTso5cIJ5pGboI6rKB/A
5vq1mjyl1tfPrddfzd5Lq6xauYynnt5KURRO7FOaNM+YnW3y6BMbGR4aoF5LyLICrSOs6XphtwiC
qyuoXtDudEkSzcjwABs3b+dLX/8Rv/zt3bzghSfx/ndewIFr92Zycppu15UuKHQDU1+Msj55ztt0
ssjLVPYAK34R+YmqJIhYIZqKAxD3nBZTj56mWLK+tQ7h8krrYBb2dghwO6lvzyAaTikQOHBBBRPA
fQBkLZXuYYtoQCIyW3lvuBaNVhpDTmtujuNPPJl9DjySSy7/KTfddDOD/RX233cley5byMjwAFme
YYqCeUP9FMYQJTXSdpOiyJg31I/C8pNrbuYr37mKvoER3vPOC3jFWS8EFBNTs8RJlaQaYwuDxgW7
zTDCdruSLnW0F3KBHtd4qeMhDMzrI3Ib5JpssImcu11YXMgT82+XxEfHCKVpM0r0I6ylUqvZ6Ymx
6tKV+7WW7rX/modvu2H1w9f+/Cf+EM9Ic+cv2b9UGEpsraoUebrlwT/evGDx8tVLVh1wZNqaHY8i
Hasojq1I+q7Xrg33SBIBQ8c7D1OyzJSSnd2WIfXyfk94Iq3Js4yBwWF+eeX3OXTNPA5cuy+2yGh3
XOBSpRJRqyauhWitSn+jRq2WkBcWrRLwYGIlXgQnrqIsC0YGmZ6e5buXX81l627kgLUH8KH/+WZO
fO7hzLU7tFqup0tcqWCLjKKxCqKGS/NHmoz78xbtz9dc1XJ9PR4s8cqIZqR6JrVLyi69Yc6a0Vjt
vEO+e4sfR+v1FHcgaXkZdBJFWQ3NJ7252qmgMFhfnNqxER0WlRsd71XzektYhhanFfjryk1OO+1Q
T/qo1/oYnxhn9eo1nPGy85juJPzwR9dx6613gElZsng+a1YvY8H8YVpzbTpzbbIiYrA/oV5L+O2t
9/CFi3/CzumUt/+Pv+WC889moL/BxOQ0KEu9kqDJvL4S0WIe42pPJlmMUZET1AW8S9z0AqywDEkz
EDPHg4y/cY5cuMji8gkfsyIgJV8RXjM+kFtZY4ySyGZTGJXU63Z2fGd12d4HzTWGRw+679ZfqR/+
sPj1unUX1XgGxqH8JcBEzGvoGUKtE512Whv+/Ptfz+sfGtlj38OOK7K0Q5GlURLHToQkLBjlg7+V
JPyFLRi32HSIPuwBFy1A4mHFOs2gKAqqtRqTExNcefn3OPrwfVm5YhnzhvrodrvMNtvkWUG1kmCK
gr56hcH+Op00R+sYTMedmbJ0uylZmjN/dABTGNb99Ea+dsnVNIZGeP973sQ5Z5ziO8w1iWNNkiRu
cRUditqemPoeaAqs1kGY1EF59eKo7GO+QXa4Hr9TunrZ0tjKsTItnEzYnIyX7QEcKdkYjlluw+Wf
YqnKbuxvqASjqaAzuoWG6CgSjexYpCw0C8Er4rxzmsJaunmHWFVYMDiP9TseYePk0yyfvxdTM1MY
YznuxOM55bSzmM3rXHf9Hfzy+pt57NHHMEXK0kXzGRjsZ3B4lD/fcy9f+saPuPfhLbz63Jfy7rf9
N/ZYPMrk5JS775UEqyqkVJizQ8yohUyqPZhhISk1B+qijXhUFsG13Nok8qZkKo51Kc/kPNj6a5by
A8Hi80zEZWGrXS1BbyZZUPiSjuDNH1MQV6u0pifjVQcelU1PjB39+Y+f9YcrrrCPrlt3UYVnGENR
/89v+T9+VIAGMOJ/9tA6XgQsMrZ4/mmvestxp5//9mhgYDhrNScjpZRO4sRqn+6+a1apRFR400A7
A9YBjbRldKASqZ6YCn+ztVYUecbg4BBXXvYtblj3VV73ihN58YuOZ2Cgn23bJ9i0eTutuQ6tuS77
7r2ChfMHaXctcbUfVcyS5y4ydmiwQRRHXH/TH7ny6lsYnreA155/Fsc95xCarbbrLletEGntbGzr
CvHk1WWYxl4eDDzN12LOCKPym5xygWDScjMIs9bFZ4h20stcHPYIILkexiipzq9R2gW+ORHWCPxS
bsP4ReWjWgtwjnAfserNG1cH1TET693t1jrbzFjrKrDjg7qwrsaIcm7SorBkJieJEvqr/Wye2sIV
d17KZbd9k0++/F85cc1pTHemSXSFVmeOarXKvJFhZqab/PHOP/KbX13LU4/cje1OsOeiPir1Ee5/
bIznn/k3vOwVZzPYlzA2NgYKKnFCgSK3MbmNMUQUKnGBdyYvzTmrnPfFx49YH2CI1T4IUULpe67J
UpZulN+tz0dCIT2bjHXBBMYIIBPMHmsthf+cqyPjgwutsoUtFCgfpqNUXuRUa32dybFttW995A2/
2vzE9pevWTOUPfbYYynPIP3kLwkmGqgC/cAQsABYBHppHMeDeZ4esfqgo5939gXvHdn/yOONsta0
52Y1ptBxnKCjiDiKrLVGKWWtcmp5iOVyFL7crctsWvFa+GAw0VGUoihyRkZHue/uP3LZv32KgWIb
57z4WI5/7uEMDfYzOTnL9rEJut2URQuGMTZBxX3knXEa/QP01Svcde96LvvRDWS55m/OO4PTnv9c
UDAxOUucxFTimKLIceHbCqMb5LU9yasL0Mr40odiXFhXx0VZ/PWV5poqWUvZy0YF700gbP79co0S
sRlKNApwyU8k3i4bPESAtzQlPN7HSFi3m4oT1+nS7gOmh3k4L7FfTEL9w4Ird2QsVCt9TLTGueKO
7/Hvf/g2jzz+AEcfdBw/eNMvaWcpIlTqKCLLMtrtDpVKhYGhIZIkZseOMR5+6EEeuPdu0qzLGeec
xx7LlrFzfIo0zanWKmAteeFbUvgTLAtlufM0VuKHXb8gxy7E3e8Zl39OritcI879bTxdEbPO6c/e
/PEmncWXV7Da5WKH4wk4mQA08hnx9GCVlfiVrJvSP7Iwvf4HX9VXff2i8y/8jb3iolNUhWdQ29C/
JJiAm+M1HEMZBkaBRcDiuFIbyNPOsqhSPe6EF5+39oSX/E195b4H2aRSzbvNGZ3nmbKm0EmSWKW1
0j2CrIiWbgH5YCxhJtrttJKEJYDjPhuRddsMDQ+hdcT1117FjT+7jEHGOfGY/Tj+2ENYumQxSmum
pmdptVLqA/MY6jM8/sQm/v3KG3ly0yTnnHkqrzj7hdRrVSanpsFaqtXIuZMNGB1j9CB5ZT5FZRSl
KyhbBCDB5k7DiGKU1HdVuiwKLVqG+s/AInzLCSQui9qBgsSLKC22qyp1FG8OiQeoDIDDG1S25PTW
B+YZ9z4JNDP0vOYXlDFuFzY+sF8WlHufLEin02SmoJu3uP6BX/GvN3ya9U8/CBVITMKFr/wXLjj2
LexojVOLahQSPOg9dlmek3ad3pFUKzT6B4hjp3HNzEzTmmuTJDFaRy7D2wcjObG8dFMbq1zIvZ+c
xlgKAQTro3p9SL4RMPTkTUJprCkLSgdmIkDrXwcBJgLoSDBwGCNceoJ4iGwYd4KJ5PJ+XGH2LM9U
vTHU2b7lydqlH3vzus1PPPi6NWtOzx977BfPmJD7vzSYgJvbYvIM4kye+cCiOI7nGRgweb6qWu8/
4pgXnLXq0BNObex78DEMjywoMNZmWUcbk6EKb/VEzix13eVlwdjSJPDipPUh6eL5iLx5oLUmz1IU
MDp/Pp1Om9/dcD23/+ZnTG1+iDVLGxxx6D4cvHYlo/MXMzNnWfejH3PH/eMcf/xzeN2rT2fRwnmM
T05jCktSrYJKyImxqoKJBsijQYjrKJUAKdoDmTtdg4praJNBnqJ8ewwpt6jBhfgjQOANFQ+YqNL7
UmpGLn9Har+EymzKzUXHenpe69EGRFu04r5AvDSXcBslAAAgAElEQVRCy8sF6SqtuheCYNu7SMKO
a4N5ZFHkRU4SVXjbf7yWn97wQxiCuJpQZAVL+vfgh2+9niVDy+hkHWKdkIearv68JDq4cL2cszx3
GcAooihGx7GruOZ3ezFLAAoDEpphfFSqkTgZuVb/GeOZhHizjDXhNSvng8LVR1GlYOGv0wRGYwII
CzOzPa7xwoceCEBbbx4ZMRs9izMKawrfQ1ArsjQzfYPz7LovfmDmlqsvfeHX7R/vebM6UvEM0U7+
kt4cedieH4l9zoHUGFNYY1RcqU3leffJDQ/fu/GOG69pPXrfHWrDo/c3sDaJ44QkqSitfdUN5f9z
G6dDFXmIfqC86Oee7FlECowhimKiKGJ2ZgaM4cBDD+OkF57J6gOPZTLr4/d/eoTrb7qL2++8lxtu
e5CssR9vfd8nOPWsc5m1w+yYq1PUlpLXFtOJFtKJF5ImC8njBRTxAESJc/3a3AehRcHlp+IKdsfj
oGOi4YXQnUPZAhVF5bmWlxOYSQmObgK6q3bBfDICVgsjU4HhiG4kbsqQq+R1VqHXIsC6TdPzFSU3
UPmENsICkWA6l6Nj/aLwDacUwcSQhaG0ZvnICp6efYqt05tJopislXH6ES/nVUe9jtnONElUpbDi
MfMnhAcsv9CVgsj3f9ZR7G6p1yiC+0XOXz4gugTClOR5/xkr7MwL3z1zR8wWb0xTyrC2PDbKMTk/
WpL3ZP1YBnBWfqzlb/lRpUkVikb5q1VKedlG6TxLVb1/OJ+ZHhtY/8eb7j8k/+odN910UYVniGfn
r8FM5KGBBKgDfTiWMux/RoDRWq1R7XY7A9YWC4FRpdTyeQuWHPLGD3+pevDRJ9rO7LROqlWno1Au
FqXFdeo1BUSIFCApd/AQmq8gjiOssaTdDlGsGRocol6vkaY5mzY+zSP338OSJUs44tjj6LRazDad
KFhJpEiPy2EO9T186QSlrWcUDtxc/ZIIladEjUGKh24iv/7fqJzyepK1z0NFEarbQukIoshHtroF
VTIPF7wnaove5bq8NuIXQ3k+4vpVvq+QHw8bpiqS9Ac4s8b4RexpN4iXwk92l/Hod2iF1GqxPiLW
GMngdWaEeC/aaZvFQ6O87tvnc+Xtl6P7IlSmueRNV3LKvqczPjtBrVInN1LIyJ1SEHyNmFLuuGEH
h8BIxLyyBT450zE+49+Dvw7HQGzPdbnvMChv8pRakPEufCMh+0FoLYVX0OG9QXuSY4i55BlcYa1P
ZfC6ixW246+z59hyvpLdmuc51Xp/d/umJ6vf+egFl+3Y9MQFLFpUZfv21m5dqf+Hj78GM5GHMGVh
Jpn/SXE1Lzt5nimwUf/Q6EzabQ8t3Wvfta948/tHDjryBFtkqVZRHIrWi4ZAr4vYs5RyR951wUl6
Pr5MgWSCVqpVtIpoz7VpzTbJs5R58+ax9qBDmL9wEVPj4xRFQV+96gotm9yF+WODOOq+IypT8aEM
oPPAhgZlctTwEvI7f0L2u+9TbH8cPbiQaNFe7t152sNSQFzdCr+jKR12XuiJ1ESFbF8FBGPfYYl/
+GAqcIPnd0I5iOyIyiqMN5Xk+JLIZ/13hYVI6eq0UprGrQYPWJpOt83CwVHe84N38LM71rHu3dcy
MTWOTSwfetGnaHXnSOIkLHARI4wpmZOIumUXvdJEkO0+CJuBrFqs79ejZNHKuAn7ERYQPmQoo1Xd
ptBbLEmKUvmRCtct4BxEadUDEtYiRY1lIxMC1AvkiOvYyps8WGKU1bG11mhrySt9/cm9v79udnrH
lp8vOeWUtLl+/TOCmezORL//Nw9LWZYuxwFJF1dEN69WG51utzXVnB5/xXEvOvecl7/xvfXFy1fZ
TnMGSf+GKMwBK/koIaDIuUJ7phvlTfGTRPnT8H+iXEq7UppKteLiXaxL1mvPNVFaU63WUEqRF74A
kYrCd3mbytFZ5es0WeXq2PrFrF2LQZSOsVkH3T9CdNALsNvWUzx8M3OP/p7k8JdSO/m1xIv2wrZn
fb9iiaDx81eYB0HdQFtx+7rXhdqXJRvcuLmSDTYAiMRVIctL1pYsXFMuDKzs5GqXTOGQWexZgVKl
58MqS6Rjmu0mCwfn8/lffYpLbrmYy97yc05ecxJ7Du3NhvGnHBtTwQINi1a0od4d3l0vvhQkPW1L
PYBp/7zkC4mJYggj5i7HmYmFP2d5zpk7Pd/pN5wwTl5zwU/FwOp8iU4xYYw3fbA2MEVjpRWGCpqK
9fdJcJ/e7wvsBRTatclQClPkUZRUmL9o5eIN99+5sFHsNe1n8v/nuslfG0zAsz12ZSnRohX7bN++
YX1tYHj0zWdf8J5Tn//yvzU2L/LpsZ1RpVa1budVSmxehSxY3IItI4SCSzS4jf0uEPrr+hTd4DHw
E80Y2R0gijQ6roFydU0iXZ69LOhQR8XvXFqMYfxJBTehLUFMKawpiFYdTV671J2HKUhv+wH5PddS
Pe1t1I9/NTbtoOMkHKMEENcu1GkSJiSZIUl2RlNWnsNNaM80/hd57x0nV3Glf3/rho6TNaPRKEso
EiRAAoQIEtmYYLAXs4Zl2TXGXhtsMDZ4nQGDMQsYTLDJNtHkIJMEIhmQEAIkgkCAQAml0Whipxvr
90dV3W4JvAsG1uz71ucjTc9039s31alznvOc55hjTvwZkVgPvT99fFKHJ/qEVWhQOxnNZ2Si8xIn
q6k6RttyKVQKtNW3csvzN3POvT/myhNvY/+JB7Gyu5PG3CB2rhtCySsihEWoW1ZEcazDGJAyIo6r
YYXUk1TEJvMik/eVkVQeRnLcmkdgSWVUpQl1bZSEBQbviPV5mmuknyOdFpciRsSCSIeOUqvaxXGS
C1NPpDamQsd5sTBulvJmjBC3LvlKquINi9gElvrKgmYLx0YARggRhaHlpm2Za2hsAhrGjxvP8v8f
GxMzjJeSP+C4C7ofu+n03UdNmnrRsd89e8p2u+zt9/VsciyBnc5m4zgKLUU2kdpW6AlD1e02Ln01
K2GwAanZ3jpFnLj2Mkkxm3o1szIbjWoFtZmevbpHcvLwKOm+5EGiispbohoWGNzYCCVbdgrpFbFG
bIfomET83kuIuibItyDqBmENGlldIc0ZqtgsmeSxMZhS6C4LOvYDSFZa9VrEShRavWX8Gajq6ao9
JiZSP+nV7Iy6LsaUJJM6yXLUvqMyII5wGKgUaM4NYt5bj3DarSfwm3++gi9PPZq13RvIpnKUigWC
OCLtphHCxnFsLDulsjOWDdjKkbQAGSXfG8eaQ6Lvk/HVFPlMadCEkWrkFUcxURQRBAFhGBJEEWHg
V70CVNtSYQmE7SAiqQXCjZci9eUUhk1fnez6+lZlGvQ1ETqlo0OrRF0OQ8s3/Z30vUq8JqqGH6nX
HU2oU0WlIglrbUum0tkMkC3115uI+h8+/pHGBKDuRSkL04X40s57f/H3XzvlnLb2jhFeT9f6VDqd
ASFkHIVCGBRTSoSwVMsMaij1EmIhTasvbURUhzmxRUhaBSbVYqFmimU8F/3ZGKOXYpiiaugIQj/h
RkWsWieDzqRUzRkasFSmR5gdxxG4DTiTZxO8+wIiDIn6NpI94iekpu1HtHkTdjoPcZicg9IT0exg
9AospHLpdabHpDBVQsvU9xh3WvEhkkdbmvM3J09NRsT8UGcSxyaE0TgF1fNFX1eVGo2whUMpKNGU
a+b1DUs49oovcfyeJ3PsLiewoWc9TXVNWI5Lc0sDtg3FkqRUKlAu91MoDLC5a4D+/l6KAwUGCgOU
igXK5RKhbhmqmm8pMCUWQmV2bBvLtnHdDNl8nmw+TyZXTzbfQGNzE3X1DaQzeTLZPNmWHCDwKmU8
LV7t+x5hEGK7Lo6bwraFFqpOLocOWfQ1MVBLjL4P5lmQCO1hVK9ejSxBzf6MkTZm2HhSEGNJS+vr
1lhzab43Njx+C3AKm1dayS7+weMfZUwEUHfUHUu96UKcOOtL//pfR598VtZ1Xb+vtyudSWelrA12
pURGesKIuFpWYpl4UwNXQqKbNOjNzMqpVgzj7oLGO7bYTiRIvPFYkFWYUzHGzX2rLtcmrjeNuQ3Y
K6W559W1Wz0wqv6GKMCaMBOcNPbOX8TNNlG5+2ysIeNwhmyD9CvgKrIb0kpc8QTgRGKq8BLmphkS
zXUSSQxuHmxpltiEYKIMr0BU5QfjalrYeDyJvKKsnktVkkidoeO4lLwiWTvLis53OfT8vThqxte4
8oSL6CrD4FwHfX3dvP/uctasWc3aVasYGOgl8D28conI96hvqKOpsZFcLktzPs/QhkZcdxCOrVpd
uI6jGr4LJS0RBgFhFBJJSRiEVDyfYrGPgQ3r6CoUWdLTQxCBk8phpdIIN0tLWztDho6ifdhIGpqa
yTc24dg2xVKBYv8AURgrIqDtaOzKPA4GN5GJUTVpchVqGUq+SG6PYQFXnZCauh1ZDb2liBMvKKYm
zKym3gCwpC0BwjAIgbhu4I3PRYgD/xhjIoD6UbOO9+/86nanHHzsKb/6yrd/KrzSQORVSm4qnY3D
KLAsy45FrIpeEUJYQirKpV5FAWQsdBq2usKqia9DDdCTWYNgscSWyitUq7ZZYtSkVClmk/LEUE5J
9D10CCE0Op+kMBPuR4KmJPhJFTLV1cGxRAoli2A1dZA65jc4Y3fBbm4n6nyP0k2nUf/dW8BJQxQi
bFuvUMqrMpM66c+rQ42YeIsCyFjqPr+ihpwGGOA41iutIvgJrX2rzr0GSkEtpyLZFh3ig9RVmCrF
GUUxhVKJhlw9RQY4/uYjOGy3ozjzixdwz5w5rF7Tybo1q+nv66G5sZ62QS0Mb2+jY8o4WltbaW0d
ROugVrK5/Kf6sMkopLu7m01dm9i8eTMbNm5k3boNrH3tKV58fDOBtKkf1EHbsNGMHDOe4aPHkE5l
CXyPUrlIpVxRi4ad0s8CyaIjoNowDu3HGuKbvifqZgnNjDWGyIQwJkKq8R4NfmIMUxIik0BacRRZ
fnmgCHivrnnPRsEF//Ah/uePfOqj8eCDv1t5+OHLTjn030779T9982dBX/cm17aF7bhOHEWhZVu2
agMjzHU3/Ak1OU0lscDSwKh6X9WtkIQxAgtbaMQ+aZ1ZW5avww+psQ3DS4EkJZuwTdHGRwilv2oY
pvp7hJ7MQnsjVs22JhQyxyYskwkCkc4i/LIirqUyFK/4V6x0nrr/uBbhlcBxagyjZvvq9LAq5MPE
ZNXMlr4+lrKRyfEbbyohwWpHK+nNQ/V3w88wfzTZCSlB2OpKBn6AHwQ4lkU2n6e+zmHVpnUc/asj
efW1RXxz6ndxY5v6xnq2GTWSKVN3oLW1lZbmZhqbmj/wYARBWG1iVjNqJS7N3U4yNZDMMnONas4W
ELiplC6CrI5KpUxP92Z6e/t4++23efX1pWzo6qWrt0TzkJFMmDKd4aO2oaW1nSjwKQwMUPE9EALH
TSMQhGGgCHqJFyKS0MSkqQ15z/wOCvCNtRFRlH1Ly4FSzSTFmqZvFixLxHEUWwgrsCzbvfG8k99c
umDucQ3bzljR/8bzBT4HNTr/28ak/qjf3hHeedpXTzj4X069+Kjv/Dzs797k2rZl25YtVRZAud9S
qIAkqUfRHoKRJlSrf/U9S2MGdk37UYNVmNoVI5OoMsIyEXFWxkNzQzSol4Q6QugmUNVjMd6KZRnG
JFiqr2dSBWxWn0RWUZBIIpAcM7oPraNqdywb6RUoXfJVnO32IX/02chCN5ab1v6NMhSW8c5EzTHp
ITR+Up17VdV/dUxWEtYkm2kX3gC0mP+NN2ayGlLi2Da+H1LxK+SzWeqbcwTlkGXLlvHiCy/xxAsP
Uezr5ah9jmLqLjswfsIEmpqaqH3UwigkClXzd9tWIKilpTsN7f/TGgq0jbf4J4TQOIuTPC8Age+x
9v01PL9wIc8vfImeSoSTb2Xs5B0Zv/3ONDU3US4V6e/tRyJJZbK66VechD/KaBijoolwoLo/ausd
E0NsKVq99k5iU7ZQg0slHQp1Wby6Xmkv8CuZK3509DPrlr9+fHt7e3Hjxo2b+RyEOv+bxqTh4O9e
6j182feO3OtL/3bdcaed7xT7u23HdS2FO8RmjqoJbBmnRFlzSxpPwRT2GWKYIGkrqtOzls72VMV/
tmTDmhUerMSbMW6mbVLKAoxOiEjmrmHbWtojADOVLUttKzHHVlVE21I2wMTD+rs1sGxbNoQVRLqO
eP0ySr8/jvQXTiW37wnIgU2IdA4rlloTRO3XqsGIkoJGHXYZMp1MroHihhjJxaS6QL+uGhZ1sjIR
PdLeiCWI4ohKOaAun6KxMceGzl6ee+avLH7xRbzSAJMmjWePXWcyddqOW9x4z/eJo0hNYG0wbPuj
8SW39lL+5yH4KLbINOeKY5XxAUil0lt4MKtWvscLCxfywuLXeG9tJ4OGT2LqjNmM3mYCURDQ09Ot
JDEcF+K4xpMQmshmVPlJygHQ3orEeCsKK4lALaIaY0n4Otp7sW039r2Klck3eOtXvp26/uxv3NG9
ftVp5PMhxeImzCrwDxz/W8Yk1zFtGutfemnnHWYecNc3z7qmJfB9YcnYsV03lnFo2cLWznckbEtz
OYWoqoNZZoKLJNY36VHzntE0VRM8ToyPUWzHeAq1NHdMaGMwBON5VL0VlU3RHgtVYyNAhzZKXUtg
jIgJdZQnYOLramWwpYsUVXRtY+k0qK1CnroWolfnUrrpB+T//VJSO+wLpV6Em8WKI5NvrqkiJslG
6c7BmIZlqqxDh0H6jquozxD4tGsdVz+nUVkALcgd4Xk+2WyGxqYMq1at48G/zOHtpUsZOaKD3Xbb
ld123Y26+noAKl5FXQetPWNZ9od6Gx/FUHxcL+WT7DOOY+IoItLU+ZRbDY+WvvoKzzw3n+dffg3P
aWDqHgcyeYdpBIFHoa8XYdvYtquyTaBCm1gVDIIyXBEmnBRbUPpj7QaqsEjjKpo0GGuwTlgWXqVM
46Ch/oK5t6X/fOFpv5Kphispb/aAHqiJSv9B43+DTu/S3JwpvPdeS8eYidcc/+PLJmZz9VEceK7t
uHEchZYlbAVBCYWPSL3cb4EzbBHe6DABdDrN1KzoFXkLI1GzPWCKARM3X4OtQgOKwky2apykDJis
ekDJGrAVvqKOY4vwHvPHxCiZGWyMkaj+jpQIJwWVAZxROyJsm8r9v8adPAu7aQgEFXCUwJYBe4U+
hwQ+gOQEjMMhMeCtPn9b4Pl+1WNwXNUfyHS/0865ZdlUymWwBG1tDXRt7uXG66/jvrvvYsTQNo47
9p854ogjGTt2LAiB7ysORzqdxnGcxBMxY+tJXK1k/tv/Pu74qPs0pRS1xseyVMbIcRwcx1HcFN8n
iCKGDhvO9F12Ya+Zu9BaZzP/0ftZuOA5sg0tDB+1DVLGlItFLNtFYGmdEl2+INQ9qGZ6qsY6yQ6h
wXXtXcrqMUqEJSWxFcahzOTqeWHuHcHKpS9c0zp0+qpS32pTjvIPH5+1MbGAxonTDowGNq058+jv
/frIcVNmVIp9m9NuNhvLKBK2pStYEpVkkjmMvgHGI0GayarftaoGQyr0EaPSbtWk0zAGybI0xqGm
mdAhSGIBjMES5kiSZhpU1VLNvmomKphZrAhvevkX2qCZc6k2IteeU9L4W28vNJBru8hyP+7kPYm7
VlN57Grc6YcjnAwyChDCMV+nQzSq52nmRpL91RkuVKozCAIqlQpNTfUMasrhpjP09ysluVTK1axL
ZahKxSKDWluAkNtuuZ1bb7iOkcM7OPWUk5k9ax8GDWrF8zzCMMTRKVvbtj/gHZhJnHTF+xyMRDSq
xshsfdy2beO4Lo5tE4YhvudR39DE+AkTOOTgAxmUEzz+wJ288soSWoeOZuiwkRQL/UgpsW070VUR
xvvQC4YBpEwmB2GeGRUOJYZGHyqWkDKKcVLZsFTsd5+7/4Y3Nq9fdVvGjvvK5f4SnwPwFT57Y5Jv
m3VUtPqZew+Y/eUTfr7PV060i72bHTeVtuIoFJZlK9KfbnVR602gQ4QEUEQkbr0USQJDT3SZhBiJ
B0JVzhAtOm02UJ+rLbwyKVVZNSaxCXNUuFBVJUvcFu3NqFdmP/oIawyQxPBZzONhjKOkakzMHo3x
wrKRfgl3hwMIlz5B8MojpHc9spo60MeGPmdpsl0mO1MzZ4WlUpOlUplcLs2QtnqWvLKUSy/9PXEs
2HHHybiuS39Pv0p5xxAGIR1Dm1kwfz6XX3wxtvT5wfdPZf/99yefy1GpeEgpSaVSOI5j+h7p8/tw
7+LzYkj+1tj6uGvPx7ZtXNcljiN830dYNuMnTOTwQw7G63mfuffdwdqNXUyaMh0klMtlHMcl6TmN
rmA2vBIMhqJXg4QTRWJcRLWKVIRBINL5hnDt2686f73n2kcDL3q4XC5HEA7wOQBf4bM1Jm5j46hM
96qXmzqGbXP+kd8+c6KbyYVxFLi2ZZlMvbBspGU5CKQQiXdhvI+ayW1WtVpjU3UhAJLUbAK0klBF
Evq9ujcmh1wFS2tRSEsbLNAT38ALQiTHZuo6DMCLZQyepMaGVb0cHY7UmDCNYZhsC5gUNjIGy1b7
lTHOlAPwnvwj0fq3Se34BWToKXxF1hgShMmC6WtlYVlKKsHzfBzHZsiQRt5fu5FzzzmHm67+HW35
Mg89cD9zH3uWtiHt7LDDRMJIZbly+QyXXXo58598nOP+5WiOO+5faWhspFwuY1lW4oWYYbyOz5sH
8nePrc4HqsbGdV0EEAQ+URQxbdou7Lnbzrz50l955IE5DBu3Pa1tQ+jv71VdCWSN95gMUQ1Pk4yZ
9lKk8cnVgxlLack4ktl8g3zh0du9NxbOu7Fx1HbLvL61ZaDE5wAvgc/OmAigLj91piyvWvaV/b92
0rem7H1IUOrZlHJSadSdQsQyIg4jEasqMt0/uGogqtjHFhFL4n2o12Z11g+woR+bCWaMhd7OqLMh
qHoBCcHMqvkOY3BqJr55D+MZ6K2E0N5rglpuGRIl4ZPextLa+1Txner/VYNiWQ5EASJThztxT8oP
XITdOgx71BTicgHhuolMoHn8pATHdYhjSblSxrYd2gY30tdX4He/vYRL/+sshjcLTv/esXzp0P3Z
e/ep9GxczZ+u/yNzH32WiZMmIayYX/7kJ7Q15vjpz37C+PETKBQKWJZFOp3+gMHY2nj8nzckUH3g
+GCYZn4qXMihUqnQ2NjMfvvtx+A6hxuvuQyZaWDcpB3o7+3BdlImNUMib6DbqyZcFL1QSZOmt4Qp
XRZSxthuJigO9LhP3nnVsu4Nq/9IWg5ExWIBhZf8wzM5sIUz/KkOt66uo7FQWJ8fMnriLd/5za17
5Bub/cirpOyUGxNFFqCALtshqaCCRJNDEmGr7mbIOFSpU2Itf6gJZwIQFo5l6Zx8rFKPic9QJboZ
a2BTDZ/MpLZqQhUhjIejLo6ViD+r9C4WWIZDJcQHQGLzUFgmy1STKga16pu0dNJQrOYzItkfSYhH
HCLcLHLzGkQqhdU4GBEGymgZQyVj7SlYVMolbNemfXATPT193HbLbdx/502MH9nC14/7MpMmjqW3
r59isUjKdRnU3Mi69RuYO++v3Hbf0wweOobTTzuVAw86CD9Q2qvpdFodac0q/XE9kA8DPbceH7bf
rbf7sNdb/+2zGh927EIIwiAgCEOy2SwrV7zLz35xFqnh0zjgy8exedNG3FRKiykZW6J5J9rIJPqx
AqQUMtI0WykRYRjIfGNr8MqzDzl/PPOEq1Kpust8v1ABNqB6e38uxmflmdRnO6ZJr2/Vfnscdvy3
p+55MKVCr+26KWQcCxOKVAoDoljoxauUCDyPOAyQxESBj+U4BH6ZMPCwhE0cB1hCEEaKOSzjGBkr
4lPge4kcYxQonZg4irDsKksVoVXWEplHWU0DY4heGt+ocX9M2XgVj6mZ8Kb5lP6XhB3SYAVyS1eK
mtAscV1MMpcEozFcFYWroPCTyMeqa0Fk6yAIay2OXjktPN/HDzwGD27FsRxuu+12zv3FT+hd9yan
/MfX+MbxR+n+QX0gIOWmsS2LDRs6aR8ymEwmzZr1/Zz9q3PZY489GCgUyKTTqvdPzSSqBS8/zvgw
0BPUjDH8k61X/w/b7sP292Ggr9n31obpbx3XRz2HD8NVbJ0F8ioVWloHc8jBB/HXh+7kxVeXstNu
sykW+rFsl2ravUaegiTS0TU+SfSK9r2jWEr3kRsu2ty55p0r7FzD+sgvFYAin5MQBz6b2hwbSPWt
WuSk8g2zJ++6b1rGcQVJRlh27JfLVkNzm3xt/qNiwdzbaW0fQRSFTNxxBql0hp32/AKWZVEs9FHf
OAg3laZc6COVriPwPfJ19cgwQhLjumlFl3ccLCnZ3LmOl599jLrGZkLfY+8vHInvlbGwsWSsOFii
ZtJKZVBM9qWqdBUbWlpSWay8J6GkBQxjzeATxncRWkpE1GhcSCN+qFmpUhIbVqxOCcbaSBndE1Nz
ow9AiR8JB/yKAkgttaLZWpHN9z2iWNLS0ozrWjz04APcdN01uLKfk47/Evvuszde4LFuQxeO45Cr
yxOFIZYlKJXKjBg5nOdfeJk/3vY4v7vsD2wzdjSlUon6ujqMQLQZn8QD2NqDiOM4Yb5GkaLRO47z
Nz2erbGLrff7Yd/1YenoTzq2vh6155TJZhVAKywu+d0l/OiMM5hzy5Ucdux/0LVpA6lUFikj9B3H
yCGYMFXhbyqPL4RF4HsyW98s33llPm+9+NTjruu+5w90ST5HWIkZn4UxSQ0es73VueL1trHb7rN3
+4hxslQq2LbrSiljIeNYOqm0eOe1hewwY3923f/LRH6FNe+8RiqbZcn8uaxZ/gZ7HPRPvLHoSda+
9xZ7HnwUG1YtZ8S4bVn28nO0tHUgLEFpoI/Ar/DmywuYvvdBpDJZNneuo1wqUNfQSCZXR7E4QCbt
6JSbSZLqVJwSKFFhrMYeTMhj1LhqDYm0jA/9BMkAACAASURBVMaFpktrboqBYhWnwNLgnTSATLI/
UJoWlsHWtOanIr0pK2IeLJMFUqJHyvBI2wGpyWqWg+f5RFFAY2MT+XyK5555juuuvJxC9xr+5ejD
OOzgA7Btm86uzdhCUN/YSBRExHGI46Z0iriR5e+u5NZ7nuYPV17DiBHDqVQq5HK5ZLJ/ktDmvxtC
CMrlMkEQkMvlcF0X3/eThuZhqLRFVBYlTryXMAw1tVw51uaYoihKjFEURViWheOodLgZrut+YgPz
333eZLiiMKRYKvOb35zPKaecwhMP3M7sQ7/K5o0bFA0/ijCq/4ooIPW91b1yTO2VELGMYmvBAzf3
+V7pwXy+KQiC3hJVcfbPzfgswpy61qGj3L5N63acsveh/7LDzANTlWKv5TgpSxdsCRlH8oW5d4mB
nk288+pC8g1NLHv5WaIw5Pm5d7Pt9L1Ytvg5Nq9fi207vPHiXxno68GvlHn4tqvINzax5t1lOKkU
PV0bCLwKbyyeT9uQEfT1bMJNZxg+ejxDRozBKxUUKasmpQtgskVmwut2O5gm00JIYlHFXZAqTKqG
I/pmI7TmiNwizStMiKIrmc13J+Ct0O9proyseSxU+lsbldrnVoLtWERhTKVSIl+Xp3VQE0tfX8p5
Z/2Ch+6+kcP234Vf/uT7TJmyPX39BUolj1w+i+umiDXAbdkqy+M6Kfwg4ILf3cTpP/4l206eRKlU
IpvNJjUs1ev16RgSIRS5zXEcbrnlFn7605+yePFi7r33XqZNm0Zzc3NiEFzXTdLOhgAXxzGO43DP
PfcwYsQIcrlc8tmHHnqIKIro6OjAZF2iKErS12a/5jhqj+nvHR/mARmeiW1ZRLFkv3334bY/XkGc
bmXYqDGUikUsx1U9fDRsovE0GUstiGFZ+F5Z5JrbwqWLnnAfv+MPc0QcPeB5pTLQjZI7/VykhM34
tI2JABr82LbDcv+Bux30zwcM32a7OPDKtuM6REFAOpMVA71dYvmr85nxha+xzXbTSGWydG9cTSqV
obltCHsf+jXmXH8R2+86i8D3ae0YTl1jC68veobJO+/O6neWMmrCdjS2thN6Ffp7u2kbMlxNfMum
0N/DtjvNIJ3NKXfe1mnWBLEwmIWp36GKTxi8IwFCdeLVZI0swyPRIGpNDKwinwRSxQgIJiDwFlkg
qoS1ZP8GSqlhryYZQvXQe+UKbsplyJBBrFq5movOP4/b/3g5u04ZxTm/OJ0995rJwECJYrlCKp3R
2RddlKABWmFZBGFE66BmLvvDTUybsR+HH3YohUKRfD6/hSH5NNO9Zh9BEOA4DnPmzGHXXXfl5z//
OYsWLWLZsmU4jsN9993H2LFjue+++3jssccYMWIEL7/8MrlcjkqlwnPPPUcul6OtrY358+fz4IMP
0tjYSBRFDB48mBUrVnD99dcThiHt7e088sgjLFiwgKVLlzJp0iRs2/7UjMmHYTMmhLU02S2dzrLj
dpO45qrL2GbHvVRRam3Ip5/F2IjtCCHjOLYsywmjUIo5V521YePKZZfbmYZ1cVDpRWElAZ+TLI4Z
n4Xcm10udQmgo3nICCeWxLEUIo6FCONYuJk8G1YtJ52rZ8JOMxk1aUdiJOVyiXKlhJNO4VWKOKkM
bjZH96b17Dzri/T2dFEc6GXsdjuz7NWF7LTnQdxz7YVEsaRz3WqkgO7NndipFL7v0zZ8FBWvjOU4
IHR5uNChjaWlDC01yWLjCViKnJb8DZBa2k8KoXvmalMiLKSlwhZpgbRs9XcVg6BhXYTeLrZE9TPC
bK9fY0hKCg+JjRyhqP4Dm0hK2gYPplwu8+szz+G0b/0LdXIT11x+Dj8+/VQsx2Xjxi5S6Qy5XD2O
lQJL9ZexnRSW5eC4LlEMra2tzH/+JfrKcNxxx1Iul8nncx8AQA1m8mlmSIyBqqurY86cOVx88cW8
/vrr7LXXXpx33nmk02nuvPNOVq1aRS6X409/+hNPPvkkCxYsYNGiRTz55JO8/fbb3HnnnVx11VW0
tbWxYcMGFi9ezFNPPcUtt9zC5MmTuf3225k/fz5XXHEFjuMwb948FixYgGVZBEHwocDtJzmnLQyK
9qLS6TS+7zFx2+05+ouzePL+m2lobsH3Pd1RzgJhq6DasmSMQFg2YRDIbH1LtOjxu8RbLz97r5Nt
eCso9VZQ4usVPmdeCWjMRIJ4eNy41Hj9x/eD4CM9OcNdV74fBGL4qlVy8fDh1jOl993HCql612kW
K9KitSFfL62gLF0ZSivwSEtJWOwVLS2D2H3fI6j0bAJiMrbDzrvtQyqVxXYcMnaaQ//5W7y39CV2
2fNA6jJZdpiyK9Om70k2X883vv9r8pkMhx39TUoDPcw64Egcx9byfDkmjJuMLJWxgkBldCKSFG0S
1iQZGapktyRFyxbZEomp0FXbCt0gXH3MZH/0n2yhcRC1vQqLpK4O1h9KiuwMuKv2G5vvFyTIjgl1
VHMqi5tuvJ77b7+B7Ua3csmvf8jUHafQ21dgzdoN5PJ11Gdy2rOwwTUPuKM0QWJdqRzECMvmocee
5bjjvkkmk8HzPGX4NDYBHw5sfpJRu4oDBEHA5MmT2XvvvZk9ezbjxo1jxIgRnHjiiXz/+9/nu9/9
LmPHjuX000/n4IMPZv78+UgpOeaYY3j44YeZNWsWra2tvPLKK7S0tNDY2Mibb77J+PHj+cpXvkJ/
fz+vvfYa++67L4cffjjd3d309fUlBvKzOL8PM8au6+D7Af/0T0fx+HM/ZsW7bzG0bTCFwgCO6xJL
KSytvWsLQehVRGO+Mehe+256wV1/eLOZ+Ik6KVOZdNqfmvas/fMd6Qmp9fFwd5z8qHPVjOHuKgnj
eD8IxFOrVvlnfYq4iwP6mV++/JP1LH3/fYAy+Cn8dSlSWbyGQaJc14KHJWzHkYDwpaR+3FQVE0Yq
3ZttaqfOsRFaUao78Bk2fTaj9/gCcRQw4JUZvONMTF3NmLGT6fUqTD7gSIUB6CI1k1a1EZQCHztX
p5TGRNWYJHoo2mgYu1DbAByr+rsSTlLehdDpZLV6SGN+MA5PrD9r7q55LYTBV0i8laTYkKpBSoyY
YUICtmXjeRVaBuVY8PQLXPHL7/G73/yAA798DIWBAu+/v45svp7GpkZUI2yB5aSr6UsD7okY1xUU
igUGD27jmWefI5VtYubM3fE8bwuQ8+NMso/CHdn6s+Z1sVhkm222Ydq0aQB0dnbS29vLhg0bGD16
NDfccANDhgwhDEP22Wcffvvb3zJkyBC22247/vSnP7Fs2TKiKKKxsZE5c+YwceJExo0bx9tvv821
117LkiVLOOyww7jvvvvo7+9n48aNjBgxIjkeYzw/C4NSO2zbIQwqNLUM4pB9d+f+hU8x7Os/pCLX
4qay0lDuDSAbxZH0Lce59cZLuta+v+J3wJvd0UA3sPFtD+7sX6/3vPzvPMq/d7v/fgiAZydOrG9o
zBxvC3tkDIEQsR3Hmp31Pw61ekpiEQTC7o7DBklsvTzg7zVq9mHj83UNURSGdi38qNKpanVUQGWc
qKKrKMHWvWQjhFDgm9HXtIQiqNmOSxj4SkOkZjIaKUHLUo3EBQJpGf5IlQBfrW/BQBlUH6kaLMMA
sFVHoSpnIEiMSbKlfl9q7oqSTqyuyjW2AoOVqBodmeA0aIxFSoltWZR9nyHNLdz73HwWiAEuOP1f
efudd5k840BFhgpDbDeDZdtK2V042pBYNb1llGxksVhgcGsLF150ORN3mM4RX/oSvu+RTmc+c0q8
mWQm6/LKK69gWRaTJk1K9EVeeuklpk6dihCCu+66i0KhwOGHH86wYcN44YUXcByHnXfemYULFzJm
zBjmzJlDuVzm6KOPZv369YwYMYLVq1fzyCOPsNdee7HjjjuyePFiZsyYwdKlS2lpaWHUqFFJtufj
jL/nehhjFYYhtmXx3urVnHXK6Rw5fBvSmbQMwkjYliUjKYVj2XEYBMK27ai/Z5N495kHV29fl1vo
IvzmlNPvChGmLSdwbRnFfLyDUWSHmDiW0rZsS4ZBfxSWr95pyfJNJvfwsU9uqyEAXpw2YVLOzT1X
77gtfhzjCFtphH6k45WJ+246p6leSpLywICUUYC0LGFJGcdJMW91dTKaoxqzUkcUS1VYpyeUEYje
wn2M42pGxlyw2qtiqIbCHGU1cKjqqX7wYsja3wyTiA9e6epnZQ1QuuVl4UPukKAa7SSJaim1JpHQ
10Am+7AElMOY9myWv6xZz6N77cYNl/6GNe+9SdDfRcek3ci1DCb2A7AsbNvFtlyEVjATyXWWBIGP
EBKLmJ/84tf86Me/YNSokepB30qs6O/1TOI4TlK6oFKxJqX7aY3aUOzjvFd7zPDxjcPH9djMMNfH
q1Rws1n+8xsnsOecO+QOo0aK/mJROrYtBEIiVTmglUqJOI5Ftq4xoSKYKnRDF6hd+j7OsZuG834c
4nvhrCmLX/vrk+Ds8yn0K3YABureXs7m7ffodb3BroxDYactR3gSMv/txjZCRgTCDl1Zij27M/RS
SweCtpJF9pmuTV+cftwPvzJp2t5hpdjv2E5KCBlLJcQcC5VKtTQlXnsMelWufRSScENfO0skwUVV
39S0uDBl/wjVq1e5MjWVuKJK1xcikVFMQhF12RXXJLYwZFmReClUv0OY9/SN1vR588kqgwB9bMZr
EVqhXlmUxGMxXo85P4HiGlgC4XmIwa3EDz2Mu+RxLEsyaORkwlIv65Ytoql9NK1jtiWVqVMKXwrG
wxI2wrGJoxALQahbnL6+9A0yuTqampoIw3DLLMQnHLZtf8AwSSkTTCaVShGGYWJ0TPoWUPyMKCIM
w+R4zGeklAn/xHEcfN/fgnfiOE7iVfm+n7TEMCll13UpFos4jkMmk0m0W8yxOY6ThHpm367rbnEe
H5cpa/afGFzAljFjp+8qHxXtwp91oOzp7ZGOm5ZRGFi2bUWe51mP/On8Tdl1q25qy/SvHRSKTWPr
Mr1tWbc0GMdPp1JxRCBsXBl9SPng3xoyrEjhZEQcRXEQRU7WjXttz34L4NMwJKCNyT5PE8Lry4Bl
n3B/FtCB29xMUGm1ysEh7eOmpYo9nbHtpmwhiJFSrRsarLB1fKFVTYyuiRZAMo2vFMfDElV+R4Jx
6M+ZlK7BNrfELczEReMmVe6HEX2uxTpqMY1q+GPwliol36ivGWOnwqyqwTJhVG0IlYQRAizDfhS1
3210a1WbBMu2kZUStLci31wOi+eB7VLs20Rr+1Dqm4ewccUbrHr1GZraRtI4eBT5lnalJyslURjg
uhmkjPH6B3Bsm/fXrKWtbTB1+TxRHOK6KeDvX7GBZNKvWLGCa6+9lkKhwKhRozjxxBNxHIdsNguA
53lJnU8qlSIIAjIZtWhFUYQQIvlsFEXJe2aYcMgYoXvuuYdp06YxduxYnn/+eRobG+nu7mbq1KnU
1dUl+4miKPk9CIItSgTM9wVBgGVZWxxPrZfzSUK/xKAISw5tbxWP53tk97gd6du8UdipHL5XjvMN
LfGtF/8oXLjkxeuBB1F8kvXAAJ/ShP8sR8KAvQPsNhBPAbP/jh39Hqx1kH4dUul6t66nl/Wbl7/a
H/Z1tdthEDpIiaKBSdWjogpcIrSeiGaOKTijOpENaFrlhFQB1eRzouoRGKNU9Wa0LKKZqFS316iH
JquR4BZCbGVcLIXtqM/WHLewFGVeYuizbAHEGC9GKDxH6JYSgG7ZqWuCzFFpQ5P0/rEFslxBVgLi
SikBnAe1DaJcHMBy0ozcfne8UoHe9SvZuPwV7FSapvaR1LcOI51vpFjop1IuU654tLa1YFlqAtmO
TeRHCRD5cTEE+CB3ZMmSJVx44YWce+65/PnPf+add97hD3/4Aw8++CCDBg1ixowZrFmzhq6uLtLp
NJMnT+bee++lvr6effbZB9u2eeqppyiXyxx00EF0dXXR1dXFmjVrGD58OJMnT6ZSqZDJZFixYgUn
nXQSP/jBD/jhD3/InDlzmDFjBkOGDCGdTvPqq6/S3d3NrFmzCMOQRx99lJEjRzJp0qTEoPT39/P8
88/T0dHBlClTqFQqzJs3j+HDh7Pddtv9XdhK7ai9tvrWinw+J2WxD8srY4ehjL1u0dLSHj5y88Xu
wvuuvyWXTj8de55MQ6Ud7HpIHQrW7E8h8/IUan7PVgHTp5peTozJV2t2fNYn22eZ7s4A6Hn79ZeW
dXauGzxk5LioUuhzHDclpU5xCr0uq4kpiPRPIQFbMVGNAJJ5LTX1XRkc47mo2S+1BIEl1SSWlgI/
hQUhEhmGxDLGEgLXSWM7RkPERkpVFKh59boEXPEELMchjmLiMMBJOSDsxIuJ4wg/jnBsd4uiQt3K
WGucAEilKxrHuG5Kh0Nan9WAnlZVK1ZqzEhR6C2kE4LjEqJkBaNI8uz8Fzho/30Rlkt3z2ZSmTzD
J+9KHIVUCn30da5hYPN66oaMBzdD1nVwmhpw0xlqxLz4pLjbh5G2Ojo6OOaYY3j66adZv349V155
JTfccAO+7/Ozn/2MZcuWce6553LRRRdx8cUXs2LFCrLZLLlcjsWLF3PDDTcA8Oyzz7LTTjtx2mmn
seeee/L666/zwAMP0NHRged5zJs3j0svvZQ333yTt99+m2HDhtHb28v69evp6+vj/vvvp1KpsGrV
KgBWrVrFvHnzOOKII9h1112pVCrcd999rFixgpUrV3LSSSfx2GOPMTAwQEtLC01NTXR0dHxaYLSU
sgqZxcKCVFaWyxWrddho//lH70o9dPOl81J1jfeVCgUf2FCB3j5FUPNe4hPPy2R8WvvZenwWpDXV
lNxOl0p9nUvee+VZ6diOJeNQCikR0hRex0IQK5EhqVK+xBEgFSciinU9jQQZ6Y526m+qkjdSP6X+
fCwhUvQvsy+JJI5iLGzy9U20tQ9jUFsHtmsTBQFxGBB6ZYgloefhlQtKZTyMCHwfgUVQKWMJqG9q
ASkIQ49KqUjo+9i2Q319E0JAHAaUS0UC3wcpCYOIsFJRFdFBSCqVpr6+gSgMCb0Ar1RUxCVdR1Iu
F/E9T/XCJUZGMVLqa6ANEVIShiF1dXnu/8tjHP6V41n6xjKaB7XQUJen0LuZQqmIW9fM6CmzaB8/
jSiKaW5oIJvLqmsV+tTV5amUyxqb+GAJ/8cZW4dGuVyONWvWcMIJJzAwMMDJJ5/MVVddxY477siY
MWN4/PHHWb9+PUceeSTHH388rutSLpcZO3YsjuNwww03cOaZZ3LHHXcwd+5c3nzzTaZOncrVV1+N
bdu88cYbCbZx//33s3HjRubNm8e6devI5/N4nkdPTw8PPPAAxxxzDFdffTWTJk3itttuY/r06di2
zZIlSxKa/ujRo5kyZQpCCFasWMHQoUMJgoDx48dTX1//ifEkXREtpZRCKBdUlsoVkc7kpFfst5rb
OrzXFzyauv3SHz3vl70b/ULfAESb0EaE/wPhjRmftjGJUCdf1BDcay/Nu+/9YrHPtt10FMeRkJYl
o1jqchSh+rli0ql6nTTxjcnIGFhV/111ytRMVWnqa9XWhuiOsDQA51Do6+bBW6/i9786jZsu+xWb
N64nnc1i2Sky+QZiKclk62gaNJgoVgLLmUwW3/doaBpE5/p13HrVhURhQDqVpal1MJl8nvVrV3P7
Hy+nVCwgbIeW1nZS6YwCBFMO2Xwd+XwDdfX1vPrS89x541Xkcnlsx6FpUBuZTI4gUhO6sWkQmWwO
x03rjI4KwZR4jkUkIY5i0q7DwMAA5/3qDA7YfzZn/ORcLrviOl546WUaW5ppHzKK+lyaSrEHISzc
TJ4o9AnDAIQk8HyGdrSzqXMjAwOFDxTyfdyxNRGtp6eHIUOGcOuttzJv3jxmzpxJLpfDtm0mT57M
F7/4Rbq7u2lrayOTydDS0sJhhx3GnDlzuPfeexk2bBhPPvkk8+bNI5PJqFagQD6fp1KpJKLV9913
H0OGDGGnnXZi5syZPPPMM4kerRCCfD7Pxo0beemll3jrrbdobm6mUqkwYsQIJkyYAMDAwABXXXVV
gvf09vYyfvx4Zs+ezY033shrr72WALy15/gxr09iSPT2oqu7V+KmrcaWwf5br8xP//niM14t9/dd
Y9tWJ9CJwkqMMfncMV3/1vi0jYlEGZNyFHkV2051rXv3tfmv/fVBK1/fLAPfUzCmQMpYYEmhu13q
GlythWkMiOnSSaxaLZoWi0IYj0WDqpLEuKjm0AqQjaIQO5Wie9NG7rj2QtKZLMteWcTVvzmDYqHI
pg3vs3r5m1hCsHrFWzz/5MM4boqBvh42rluDbVtsWvc+Pd2dbN60kWyujo0b1jL33j9THOgnljGd
G9ZiOy6B7/HkI/eyacM6MtkMmzs3su79VSx89gk8r0KlXKa7ezPFUpGNG9by8sLnWL3yPTLZOnzf
Z/ELz7F29So2dW5U5DPT2AlU3IQq00eA69j858/OY6edtufJp//CnnvvxSmn/oh99z+EU085mQcf
nqt0XgKPMCgTx4GqUQIKpSLDhg7B88r09PTgOE6STallhv7NG1zzXu1rx1ER88iRI/nSl75EPp+n
UCiQyWQ4++yz6ezsZOnSpYwbN47dd9+diRMnEscx2WyW119/nVmzZnHUUUfxk5/8hKVLl3LTTTdx
1llnMWPGDKZNm4aUkoMOOoj29naEUNXGJ510EnvvvTc/+MEPaGlpoa2tjYkTJzJmzBiOPfZYFi9e
zB133MGkSZP4xje+weuvv47v+4wePVrXzKTZfffdE5KcZVksX76cxYsXs++++zJy5MgkI7S19/YR
DUutR6KDWOTiJa+KEZN2Ct9e8lzqpt+cuqx7w7rr7FRuYxR53ai2FUU+p5T5/2588lzgB0cWaAQG
p1K54b5fGj9i4o4//PpZfxqazuRjGfuO5TgxcSwEUtiWJWMZC8tSdDLT+1YJoWlQVnNRLCRYtgZP
a7MtIlkhDTBq2zahXyHf0MjKZa9xyU++wZlX3sf8uffy7GP38E9fP40/XvxzdthlL7aZNJW/PnwX
vldmyi57scMue3Dz78/jguvv5VenfYOdd5/FmhXL+cKRx3DrVRdRV99AY8sgvvDlY7nz+ss58bQz
ufjM7xNLSdfGdZxz2U3ce+s1vLFkEel0ju133oUJk6ew+MVnOeCQr3DuGd9h+513Y8XyZfz2uju5
5epLeOmFBdiWYMw2Ezjvipso9PfgplNY2HiVIu0dHdxx8w288uSfueG6S7j19jlcctn1TJu+Iz88
7SRGj96GR+c9wT33/IVcNsc5v/oFmWyOQqFEQ31OVagChWKB9sEt/Pbiyxk5eluOPvpoPK9COrMl
ae1/GglvQTexMuQsA1bW6pTYtk1/f7/SUsnltuC1CCFYt24ddXV1NDQ0ACoz5Ps+uVyOIAi2qBg2
x2dem/dr08jm58DAAAD1up/PihUraGtro66uLgFxpZSsXLmSMWPGUCyqQsc33niDoUOH0tTU9KFS
B1v//O+uj7YmRGGI7Thy5btvW7+46LogP2on9+7f/ejtTetXX2Onsssjv7wB2Aj0oYyJz6dAJPvf
HJ8FZhKgrGrB90tFN5Nfv+atJQ8/98CNUaauIY7DwHT+RKjqSGEJSxqtEQOfKE+l5ndJleAllReT
iMro7IfJ5SdVvUIgI5U9CfyAC07/N5544Da+/PVTsRybVCrNd352IfPuv4UDv/KvXP2XRTzx4O1k
snk6ho3h9muvoK19GKO2mczbr79MKp2mUinh+x4TttuZ/r5++nq6WfD0Iwz09XLz3KeYPGUaj865
Ha/ised+B/O9n/6MV19aSHd3J5s3bsTzPOoamjj7kqtJpVMsePpR5v/1Ca695Wa+dNTX2NzVRSrl
EsdVspJpGxlFESnXoVwqc/gX9+f+u66jsa6Orx1zIsd//dtk3BSXXnw+l/zufDIZlzD0kTIiinzi
KCSOAoSM8D2P3XbZkfkLnlEykjXtKcwk+Vsr79aeieFjpNPppNTf7Mes6p7nkc/nP+AFCaHOaejQ
odTVKQ8tCIJkO2MoTJhhBJTM9kZewLbtZNIbnorRSHEcJ+GUjBo1Kjk+U48UhiGjR4/G8zxyuRy+
77PtttvqlqbolhXxFtfmIxoS5S9rrySKlVu95NWlwctLXnP/cvXZyzatX32D5bprIr/chQpvCijR
o89dRfBHGZ+FMYlRF6MM9AWVog/Wor/eddXLb734ZCrbOCj0vZIQwiaOYyE0lRikjGPj1mOQD80s
laANhky46IpqK9FRgER3nVfd5WMNzArL0niB4Js/voDzbpjLvocdy0BvD5l8A02DhlDf0MTqd5fx
xpIX8H2fkeMmMWnHXbj7hsvYafe9aRrUQhRGgMW2U3ehbchwbv7Df9HbtVHF5/WNFAt9vLroBTas
XUV9UzNh6JNvaCaMXCqVEpawsW0Hv1LBTaXIZOsZ6Osjm60jm8nx6COP8u47b5PN5YjCWGFDqDaR
pp1kFEsgxrIEGzs7yWbTXHD+z7j9z1ez4/YT+cWZ57LzLnvzozN+ju9VEqwkCkOiMCTwPVKOQ1fn
JqbvNAVLBsyb93jC99h69f8ornxvby+LFy9mwYIFLFiwgM7OzoQIFoYhlUplCw/FCBv5vo/v+6xb
t45isajVyappVKNhYgyWed9wRozB831/C9KabduJHguoFHhPTw+rV68mjmMymQybNm1ixYoVSbMw
IDmmlK46X7duHf39/VQqFR0yBlsQ3Wp/1g5jSKSsdjNSMgNCVCqV+JrrrneWLnj4jQ2rlt1rWda6
OAg2oQzJAMqY+HzORI8+6vgsxJEM19fS+3ctS2TCwO9a9+7SCdvufkBTNtcQRaFvWY5SV9cgoG4L
KoWpfTFNtaoLQJVZaoheUr82LS2EwVSERQw4jotXLtC7uZNpex2YkJ0K/b1UygW2m7YHI8dN5rnH
7uPZR+dw+LHfYueZ+2LZFhvWrObIboRkPAAAIABJREFU475D4FXo797MtjvvykvPPk65VGTqrnsw
dfqebFi3msOP/ndK5SK3XnUZre0dfP17P2XNiuUMHz2O1sFD6dncyfjJOwCwzcTtGOjrZffZB/La
ywvZ+4BDGTNhIgufeYbODeuxbYuDjvgqXrmiRLQFREFAvq6O1xa/RN/6tznogL3xfFUk2d3dS1Nj
IwcesA//dvzX2GPmLrS1tjBqxDDiWBIEIY4NkggZh8RxRBiF2Ba0NOX58+33ss+++6mH4UN0PrYG
Z82KXKlUcF2XK664gmOPPZauri4efPBBhg0bxrbbbguQtMTwPI9MJpN4EmEYkslk6Ozs5Mgjj2S3
3XZj5MiRdHd309DQgGVZeJ5HKpXCMFozmQz9/f0ApNNpJe1ZLBJF0RbGo1KpcN111/H4448za9Ys
nnrqKf7whz/w5JNPksvleP/997n00kt5+eWX8TyPCRMm0NnZybe+9S322msvGhoasG2b+fPnI4Sg
o6ODcrlMJpPZwtjWXqPkwa8xJLU/fd8X6VQqvvvuu63zzvv1smw293AYRu/HcbwGeB8FuP6fNiTw
2WAmoIxIGmgAWoERWG4HcTB12xkH/Pu//PiKvIwjKWRk246r9C7R2XdF7pJIrXlmmWpdkLpwTrXm
tRCmv6/QbFRZNTy1xDNjYCRgW0IbL03SimPSmSyB5+FVijS2DML3PGzb0nR7nciOI3L5OoLQY/PG
DXQMG6VW/ijCdWxS6Qz9fZupr28GKQmCilLeR8VstbIFtmVBbFTbJFec/0tA8t47y9htz3058dQf
09vVSTqbAyReuUx7Rwc3//Ea1rz8F377Xz+nc1M3dXUqEyVsi0rFV5mmpkbS6TQDA0WiWOJ5EZmM
LqiMdYpdSErlMu2tzfzusmvJNY3kBz88jUKhSF3dB8WR4IN4gVFkO++88/jLX/7C5ZdfTldXF9On
T+f3v/89b731FsVikenTpzN37lx++ctf0tDQwAUXXECxWGTMmDGcccYZHHHEEdx8883Mnz+fa665
huHDh3PRRRdx+eWXc+ihh5LNZrnnnns45JBDuPzyy8lkMvzyl7+kt7eX8847j/r6ek499dSEYNbT
08Mpp5xCU1MTv//97/nNb37DbrvtRkdHB7/97W/Zc8892XbbbVm7di2PP/44F110ERdeeCFz587l
5ptvZsSIEQgheOihh+jo6EgIdFEU8b3vfS/BdWqvT01YI2peAxivKVq9erU9e/bsjStXrrzftsXK
MIzfAd5F4ST9KE/+/6whgc9Ond5keY13IpFxzslmCxtXvlXq79603dQ9DhZRFEqBFJZtKeKYsLXv
YRDwaittZSyUx2FZxvnRXoihrWL+rFXOhKj6SYbxam4+aLKaQ6VUIJ3N0tg0iIHebkBi2Q5RGGqN
EQspwauUEUBTSxvFgX4F9log4xivUiGby+N7FfUA2Q5RGGnzYQyJ+v44jnVvX1U9O2zEGCrlIjNn
H8RBhx+F51WwbFcxbi1BGETk6+t55eUXKHS+w0H77UWhUMB1bVK2S7G/xKCWRoSAYrFIoVDEtlRz
7CCMcITirMRxhIwjXasT018oMH2n7bnltttpaBrMpEkTKRQKpNNpksZe5vpv5aUYkHPRokXcdddd
rFq1imeffZYvfOELnHPOOeyzzz68++67VCoVxo0bx8KFC+no6OC6667jyiuv5Pzzzyefz9PX18fQ
oUM5++yzueKKK1i8eDHLly8nlUrx/PPP09nZycaNG3n88cexLIvVq1ezfPly7rjjDhzHoa+vj0WL
FvHVr36VcrlMc3Mz7e3t9Pb2MmPGDPbdd18sy+KCCy5g+vTpnHjiiXR2dnL66adz8skn8+KLL9Le
3k57ezujRo1i8ODBCCH485//jOu6PPjgg3z729/miSeeoKWlhbFjxyaykzWAtXnK5Na4ShiG0rIs
ccIJJ3gLFix4wnGcd8MwWgOspAq4/p9KAf+t8VkISpsRoYFYwAU2hOVyykllX1z06G0ZJ+Ue8eXv
nCNCrxRHQWDZbpo4Dk0Akxh4oxEiNbdE2AaQlFp+oJZJqlmksUz0R4TODiVarNKAtlIpWkUR+cZm
1q1cTteG99lup93I5PIM9PWQSmUQoKQOHFeV+0chfb09ZLM5oigAPeVsx6ZcKuO4LpYl8QMPx0mB
kERRgG1bxLGWUJCxouFbNmEYMWbiZCZPnUYUBRT6e5O6I6l0rImlJJax0nAFTYrzydg2j708n4se
uJ5/3vUwTjj0KAIhSbkucRQQxRpjCC1tRCMNYEfqmgUeoYj5/reP4ZwLL6S1tZUdp06hVColgtJb
eybmb8awFAoF9ttvPy666KLEW0mlUuy///5s3ryZYcOG0dbWxkMPPUQcx4wcOZJp06YxdOhQOjs7
cRyHzs5Ocrkce+21Fy+++CLPPvss5557LkceeSQdHR2cc845fP/732fatGnsuuuuNDY28vTTTzN7
9mwmTJiQFP4ZIlqxWKS3t5dMJsOiRYu45ZZb+M53vsNOO+3E3Xffze67785NN93EeeedRz6fp7W1
lYcffhjLspIQzdTxbLvttmy//faMGDEi4bjUXg/DHakNa8x18jxPZrPZ+Hvf+5645557nstms2+U
y+W1wCpgE8qQlPn/gCGBz9aYSFQMWER5KC5gh37ZsVKp+QseuAm/XDr8q6ec7whhx6Ffsdx0RhJH
OjxRN0WYxA9CGmKKYtzr8n3duMh4HNVsDiC1ILQOM4zvaYkYy7IJw4C6fD13X38JTz90B82tQ7jq
vDWc9uur2H7aTMoD/QRBhbaO4Tz14N289+YSjjv5J/i+RxwFpDJZxWWxbKSMyeYzxJHKPNTV1+H7
HjKKyGbrCEM/yTa4ToowDJQzJQSF/n76e3sQlqqqlUbSAUPm0/VD0pyXJIhCbGGz5L03eO2dtxiT
H8G/H3IkQVBW7TiQSGmpUgBdgoCMkVJ5S6qvkKBYKNA6qJmTTzyCs3/5n5x59n8xZcr2FIulRMYx
uaE1GQyTAm5paWHevHl885vfZPPmzXz3u98lnU7T1dVFuVymWCwmXQBzuRzLly/n6KOPplAocNRR
R3Hqqacyc+ZMFi5cyKxZs+jp6eGMM85g0qRJiYcxc+ZM9tlnH9544w1Wr17N17/+dU466STmzJlD
Z2cnhxxyCKlUiv7+fv4fe28eJ1dZpY8/571bLV3V1Xt3ku6EzkoSErKxBQiBYZNtAAMCsimD4sKo
6KCioH5dRsURBlH8joriMAgBZF+CISRAIIGQPSEhJOksnd679rrre35/3Hu7i4g/Z+aLSzr1fD43
tXRtqbr3uec95znPiUQiiEQiQ9/1vffei0KhgNdffx1vv/02uru78eKLLyKVSmH27Nm44YYbMDAw
gHQ6jYULFw79P0PSDBPJtm2/J6cUitAOSlQzAHZdl6SUHI1G+ZZbbhF33XXXq4ZhrCmVSp0AdsEf
njUIv3IzIogE+MvlTMqhYlh7UgOgBcAYVY+kXNucc+S8U89b9Ll/TaTqm10zl1Y0PQKAiRSSYBms
JASDghIyBQnaMmsC4qD7N5gnLCjIqQwti8ID0m+qE0LAcx1Eo3Hs27UN3/rsh3HjbT/BSWdfjPt/
8m1MnDYLkUgMj/32J2AGzv3Ix/GHJx7AK88/hu//8kmsWbkUG994FRd+9JMolPLIDvSiZcwR2Lr+
DZx0+nl48enFOPH08/DkA7+C41pYdPWnsWblMkyaOhNHTDoS9//fO/D52344VPNWlMAkgd5LHoD/
WU3TREtLM37987sxuH0JvvfNL6KzqxfVySQGMjk8+9orOGnmHBzROhqWHVQ2AHhMsFxGRPW/B7Dn
S/SD2ruUHoQglApFVNck8M72d/GTXz2Oz930NSw85WQUCoWhA/Ngf47wYOvt7cWOHTsgpYSUcsh4
qKmpCdlsdijhbZomnnzySfzmN7/Bj3/8YzQ2NmLSpEnYvHkzxo8fD8dxsGzZMrS2tmLWrFno6OjA
5ZdfjrPPPhu33HILCoUCli9fDiLCwoULEY1G8dxzz4GZccoppyAajQ415eVyOeTzeTQ1NWHfvn3Y
sWMHBgcHMX78eMycORMvvvgiPM/DwoULQURD0VFdXd0QYXR1dcEwDBSLRYwePRoHDhxAPB5HMpl8
vyTsUFQSJI6l53n0hS98QQZEssqyrL3wcyQdAPowvLwZMfhLDi4PEeZPwgonAXCl5+pqNDrQ0/FO
z/b1K0eNGjcl2TJuimdZeZLSI1XRhjyCQEyCBDMHhPKe+k5ZMozDRcdwB/Dw4wLbAg7W/I6NRE0d
1q78A/bt3IaP3/Rd/P6+n2Dr2tfQPmUG+roPIJ9JY+e2TRjs78URk48CMSORqsHj/3kPps06Di89
9wiS1bXY+OZKDPR1Yf0bL8OxLORzaTSNakVvVye2bVoLz3XADGzZ8CZKxQI63t2OCz5yLTLpAWi6
EWhq5JC+ppzhhfCFWVVVCax9czWsgV049ZRjkclkoSgqYhEdx0w9CrF4BK7jBgGIhGS/X8nzAEF+
roSD+6TkYMkj4bkOdF1FNptFc3MDZhzZhrt/9nPkS4x58+ZCCAoGn6t/VMUIZeutra1oa2vD2LFj
kUqlEIvF4Hke4vE4FEWBpmlobGyEaZpoaGjAJZdcMlS1aWxsHPISmTJlCpqbmwEAGzZsQHd3N778
5S8PVXWOPPJITJw4EVJKFItFTJs2beh2KJgjIhiGgUQiASEEUqkU2tvbMXXqVLS0tEBKiQkTJmDC
hAkIrQyYGfF4PPi+/faCRCKBaDQ6lHBNJBIwDIOZmYQQQ1Fz+J14nkeO48AwDG/v3r3qtddea913
330r4vH4qiAi2Q2/chPqSUYUkQB/HTIByqQSGCYXT7qupuqRQrbvQMfGV59LKJrR2D5tLlTV8OxS
TghFgSJU9hUXwVJF+uUbIfy0R2hbNpQsDKo4w5KfIDlLGMqVEwlIeFBUFVapiBcevQ9T58xH++Sj
8Jsf3wbNiECQQCbdh2isCsnqWtQ3jUYuO4jm1rFYu/IlnHLOImiGhhNPOx9vvf4SSqUCph49D8uX
/B4fuf4m7NmxDZnBflQlUxBEOP+yj+Pph36Djh3bsOjaT2Fs+2QUcjlouh40Mfqf0VcEM5EQwZqG
yHUdJJIJXrt6FZz0Llp48jF+uVHTkC+VYLlWMFdy+Kv2x6cCrscQwg10GXLoEiHhMMPzXGhBz08q
WYUT5h6JRx95GCtWrsGR02agtiaFUqkEZkBVlfeE9lJKOI4zpP8AfJ+SUMAWXi+VSmhra8P8+fNR
Kg2Pxw2fz8wolUpDB2hjYyMuuugixGKxId1JKGqLRCJDnigAhnIlQcJz6HOEVafyzxeWtZl5SFNS
Tgzhcib0TSnPFQEgIQRLKak8lxRGI6qq8tKlS9XLL7+8+9VXX12aSCQ25PP5A/CJZD/8PEkWf0fD
xj9I/CVzJuVgDKv6wsNaAnBd23SFqnqlfObRx352a2fH1jXHn3H5ZxNtk2Y4hdyA8GxTaJrhV218
TQqDPZJSkH9dEihwUA35hEOTRn/SIsIzfqg/YYamGijmcpg4bQ5OPOsi/NuXP44ZxyxATUMzahua
0bFjCwq5DFRdR3awD3UNzXh7/RuYPvt4jB7XjnWrlsOxTEw6ajaS1TUgQZhw5NFY+uRDGD9pOpY8
ej9KxTxiVUl07t2NaUfPQ3VtPfZ1vItZxy7AQH8vdMPwZe5BKZEgIIP/j5RM4YAuIsGSQa70QALw
XIfWbXgb046cgFRNNQr5EphdgASIBSTCnIuEhALPc4ec3fyVFQdJ67DfieE4FgxdRaFQgKIQ/uXG
K3D/Q8/gazf/M677xGdw0kknAwBKJROaNjzQqtxZLRSPLVmyBCtWrEBLSwt6enowd+5cnHfeeQB8
HUhoRgT4YrFys6RQtBaPx1EsFsHM6OrqQltbG1RVhaIoWL58OV555RVomoaWlhaMHz8eTU1NOOKI
I4bc0UIyCCOO8kpUGI24rjvUSBgukQzDYNd1SVEULo/Eytzj/P0u+P96nseRSER2dnaqd9xxh3vn
nXdutm37tUgksi+Xy3XBX9Z04r1EckiXgP8U/lqRCfDe5Y6EH6V4AFyWUgJCqLrW2fnulgNbVi+L
u7bdOGb8NFGVqJW2XYT0HEFCJaEojOGzApEIp2MF+ZKhrmH4adtgfxgatEXwxXDwD15Puph1/Glo
nzIDqfomXHDlp9A+ZSZmzT8NNfWNOPq4UzDruIU4YvJ0TJkxD+OPnIm5J/4DFKHgzIs+ilg8gQnT
ZmLOcaegbfwUzD/1HDQ0j8aMeSeitqEJc044FfNP+xBYSqx44TFMn3UcFp59IXLpQWiGEeQviABJ
MqhCCxIQJHzPVjBc16WqRILXrHodnNlFp5w0l9dv3Eb7u3pBAOrrqv1ZMLYvSuOQKOC7Mgi4QRVH
lkUoMohQ/OdQEM0AjFLJRKFYwgVnn4xsphuf/PTN2LmrA2Na29A6ZrQvKrOtIOeilIf6EEJg3bp1
WLFiBW6//XYYhoHp06eju7sb27dvx5QpU3DgwAF0dXWhq6sLTU1NWLVqFfr7+1EoFFBXV4edO3fi
+eefx6xZs7By5UpcdtllOOGEE9DY2AghBL773e/CMAzMmDEDtbW1YPZnFFdVVWHr1q3I5XKor6+H
ZVlYsmQJFEVBbW0t0uk0Ojo60NfXh4aGBggh8PLLL0NKidraWvT39+O1116j1tZWqKpKrutSgHCP
gpSSAltHqSgKK4oi7rvvPuWmm27qWbx48atCiNVCiH22be+HH5F0ws+R5DBCSsB/Cn9NMgH+mEzc
4NIB2JWeJ/RIPFfI9HVse2tFdvuG11OxZLKquXUSGdGE67gmPNshEkSK4icZgzN4MAvNL/r4VZxQ
XvLHClpCMK7CF5vAdV2MGTcZ7ZOPgm4Y0KN+T0f75BmobxqFeLIanuugpa0dmqIiUV2DGfNOgh6N
wjZNpFJ1iCaSEEJBXVOz3zhnRDBl2ixU19SicVQrNq15HR3vbseVn/oiVFXzU8NC4eElGkEogoVQ
4Di2cF0HiVSNR6QIx7ZQVZXAmtdfBeU7aOHJ89DZ2UdSSnR196KvPw0hgKpEDLqmgCTgSRcMhicJ
Ao4fnbHn+zfIQHfCEux5/vgO6QXLDKC+JoFioYh/vfM+LFu5BddefTGmtDfgwcWL8dbajWhra0ND
QyMUxe+1sS0LCM74ADBt2jQsWrQIv/3tb7F06VL09fXhrrvuwuOPP45SqYS9e/fisssug67r2LVr
F2688UYsX74czzzzDMaNG4ebb74ZK1euxPr165FIJPCLX/wCCxYswNFHHw0iwksvvTSUo5kxYwbW
rVsHy7Jwzz33YO/evXj88cfR1taGF154AX19fXjiiScwbtw4/PCHP8T27dvx9NNPY9SoUXjuuefw
4osv4s0334Su63j22Wf5wIEDWLFiBaZPn454PD5ElK7rwrIs0nXdU1WVPc9TlixZIj796U/n7rjj
jnX79+9/NR6Pv22aZpeUcjf8iKQbw0RyyHUB/0/x1yaTECGZSPiEEm6W5zpSCNVVNL1rsHvvu2uX
P+V17dtRXZWsidU2j6F4ssZ1LJNc2yIIChKD8HMpYPgJWgTTwQWGHebDEnKZfyuTX+ERBKuYR7GQ
8w8yzz+7FwtZ2GYJnueChIBVKILBcBwH2Uw/PNeDECpsx4Lr+QesbZpDzWW5XAaObaNUKqJpVCsW
nnMxVE2H53okFH/tDTCR8Lti2fOoVCqJSCzmJlO1WPfGq+ov/+3b3qix7WLc+PF4/ZWXmHMddPIJ
s/HOzg5ICYrFDJiWhd7+NLq6+/xliK5ADSowUhIE+8QSJmGlP/JgSFlcsky4rof62gQcx8WDjy3F
z379FFpGt+GmG6/BKSfOxcSJEzB/3nT09OzHvQ88iY3r1yNVnUBDY6M/JgOAbVlDWozu7i784he/
xAUXXICenh6Ypom+vj7Yto1kMone3l7ce++9uOaaa/CVr3wFn/3sZ7F48WL09/dj+/btOPvss7F6
9WqcddZZ2LdvH2644YYhqfuSJUvwzjvvDOlTdu3aBWbG/v378d3vfhfbt2+HqqqYMGECcrkcXnvt
NcycORPbtm3DF7/4RRSLRaxfvx49PT349re/jdNOO42ff/55WrZsGc2fPx9Lly6lY445BnV1dSgU
CmBm1nWdNU2TfX196pIlS8TNN9+cue22297euXPnK0KIzYZh7AsSrXvg50f64Jd/8/CX+COaSIC/
Xs7kYDB88jDLrjvww0BTSjcvbbdBVXVLStm/fvnTWza+/NysmQvOmXjMaRemjpx9EifqarxSsQDT
LAhBQqiaxkIoxJC+cIjDqXnk62nD8l3whpAIXOL9UrIaiQxHM/D9Q3RDHaoKkZTQDAOSGYqAnzgN
mgkVVfMJjeVQQpWEAiOiAEwQgthzXcpn0lA0lRUSkJJJKIIFCK7rkOe5HInEZGPLaLl31w7t13f9
q/fkg7/Zmhnsy7eNnzx7wekLYZYsakjE2ZMOx6OGGMzk2TI9isYiABFc28W+zm4UiiXMmDYeJcsB
Q4Gk0IE+SCgGUZljO3BcFzXVcQCMp19YiceffhW1DY34+lc/i2NmT0WhYGIwnQFDQFUEzj//PExe
OBqvvrIct9/9azRUR7HwpOMxb948tIwe4397gYAwnU4jGo3iySefhOd5aG5uhmVZSKfTqKmpgaZp
qK+vx5IlS9DT0wNN01BTUwMiQnV1NU499VQkk0ls3boVfX19OOKII8DsD++6/vrrMX/+fADAW2+9
NTTQPMyrdHZ2YunSpbj00ksRjUaRz+c5yIkMNTWqqoq9e/dSf38/OY6DUaNG8YQJE2j+/PmcTCZZ
CCED8ZrYunWr8swzz3gPPfRQ7+rVq3cD2K4oSpeiKBnbtvs9zwujkH4Mk4iFQ7zf5n+Cv1VkEuI9
uRP4hGJjiFQ8h1kKVdWzrIjdB97dsmft8qesfe9uqSoVC/FUfZOobWiBUHWPPReubZJfCfFT80RE
gsqWPACRIGb4htYi6N2Bn9sFwxvKsZcbBRGTvzYLEpcI/zYk2fdXb8S+upWHGAvM0iMPICGIfdLx
BTLMTJ7rQnqS9WhUJlO1nBkcUB67//8qP//hrR3Ln3/8VenJzUTIWKbZesb5H4nt2vkur1n+FF1w
9gJKVccRjRo0mMmxZTlEAJJVMdiOi6b6FGJRHSwZHisg2GCWgd0lw3NdlEwL0ZiGmuoqrF6zGbf/
9CG8s7sXV11xMW785GVoqK9BX38aAENT/TZ/lTzszKRgKUnMmDETM49fCIsMvLZqDZ57/jls3rge
hWwaraPHoLauDp0HunDOOecim8lg69tvD5Vp21pbEY1GsfCUU9De3o5Nmzahr68Pe/bswfe+970h
h7T29nacc8452LBhA6qrqzFnzhwQEe/evZva2tq4oaEBAKi7u5vr6+tJCMHz5s3Dvn37MHbsWJim
ia6uLkSjUSQSCSQSCZo3bx7t27ePJk2aROPGjaOf/vSn6Ozs5A9/+MPI5/PyrbfekoGBk3j33XeV
xx9/XNxxxx3F73//+/sffPDBtfv3738zGo2+rarqAcdxejzP2we/5NsFv+wbitFKwT59WBAJ8NcR
rf13oQHQ4Q/riQdbdbDVAqjR9UjMdd24lG4TgPbm1gmTpx27cMy80/5RbWqdgESqRsJzpWUWyXUd
IcAQQiGh+AlNRVE4NDIIlbFh+BL2ZolwKcS+LmWIcBBWmP2KEA0/08/ADCtD2W+bB4gUUoRg9itR
xJ6EJ12AwIZhyGisigEoPfv30LLnH+OlTzy4f+fbG9cA2GFE4yWrVIwpivCY+biv/9u9J53xj5c6
X77+Ui1S3Mlf/eLVGD2qGdlcgXZ37OfBbIlKJQvJRBzRqI72tlFgEnA5Ak2UoAgBz/VgWTaiUQPV
iRi2vrMH//nQEuzvyeDCC87CRecuRDSqo38gCyLAiBjwfL9ICPIwgNHIKm2QngPLsqFpGpKpaoAU
dB3Yj41vrca+d7fAzvVj7KhGnHbqKZg8cSLqGhrR29uL+oaGobyK7TgAM372s59h/fr1cF0X+Xwe
jz76KAqFAvr6+jB27FgA/ggK0zSHJO6h30mAYfmpLxx7j7fJ7t270dLSMuRGDwCqqsqgCsWZTIar
q6sJgMjn87RlyxZs376dn3nmGXvVqlVdHR0d+zzPOwCgJ5FIpC3Lytu2nYEfgfQDSMPPieQw7JAW
5gIPK/w9kQngfx4dPrFEAMQAVAFIYFhBW6Pq0aiEF5G2nQIwRmjKxAlHnTBu2pyTUhOPPlYb034k
4smkpwqNbbMIxzJJskvsSSEUAVVRIVS/qTCo8vDwAC8OJB+hbBoIM7vMTIriT/cSIJ9UKLCOBPlu
9CyJgk5j9jxI32qRhapIXdM4Gq+CEApymbT6zua1WL1iSWnF84/t7d6/Zz2A7Xo03i89x3Nt2wVA
qq5XubZdN+WoOVd8/xePjEomq71f3X27WPfSw7jw9Jk49+wFqK+rpYHBDPcNDNLuPd2IxaKYPnks
XI/giShUFGGWTOiahpraBPZ39uLB3y/D2k27cerC+bjy0g+hvq4GA+ksPI+hGzqIAoUse/Cg+USC
RvjHiIBQCNLzYNt+W4BhRBBPJGE7Dnq7u7Fz22ZsWvs62CqgyiCMax2FGUdNx7ixbaitq0dtba0v
2GOJhx/+PYrFAi666MIhJzbDMIaGY4VNhWFJNlymBHoQCvUpwZAuDvxOGADHYjF2XZc0TSvXdZBl
Wcrg4CD6+/vx5ptvetu2bXNXrlyZ3bBhQ//g4GDoxdpvGEZOCFF0HCfvum4avl3AIPwyb0ggRQyT
yCFpbPRB4O+NTEKEvTwG3ksqVRiOVpJCVasghCFtOwI/emkxolXjx06e0TLhqHm1bROPMlonTEXz
6LEsFJVVVZHS82CbRXJsi5hS7MC+AAAgAElEQVQlFOEvhnwFpS9oI/izaXxxXDhmK+w6xtCQLSJG
0NEPkAx7Z9j3TyBEjAhHYjFWFQ3MLLLpAbFz2wZsXb/aWbtyed/W9W902FZpK4A9qqqmAViu64a2
fQ78nFadUNWEdN3Z51967WVf+NadQgiiLRvXiQf+4w54g+/grJOm45ST51JzSxOzJ2kgneVisUia
psNBBCqXUFdXjVy+hN8/tQLLXtuM6dOm4bqrLsT48a0YHMzAdlwYugaF2JfdQ8KFgQJXI83NsCjq
l5gRGFCHrQpEYJbwPAnXtSFIgRGNwohEoRkRDPb3Yd/eDuzduR19B/Yg09eFmCHQXF+L+pokxo5t
w6hRLWgZNRotLaOGzIqGZ80E/qn+0pKEEJKZBRFJKSUFWpdwGBEfdEmmaSKbzVJfXx+6urrQ2dmJ
nTt32jt27DC3bt2a37FjRyadTvfDz3dkAWQ0TSuoqmo7jlNwXTcf3h9sYRQSEogV/FaH1ZLm/fD3
SiaA/9kU+AdUBMOkEi/bEuGm6npEqGrEsSyDPS8FoAFAc0v7lNFNo46oG3XEpOS4SdO1ptHjUFPf
hFRDE1Q9Ilm6zJ4HSCl9vw8mCQazSyxlYLPCJELdmyBWhMIgPw/iqzNV1lSVSRWkkEqqppLnOiLT
24Pe3k7s27kNW9etLu7duW1gx9YNncV8djeAfUJV+wwjWrJKBUtKmYV/xitvSTfgE2eLrkdrbKd0
xnWf+8ZZV3zyJsexi0okEqfXXn4JS35/H0q923DUhHo64ZijeOrk8VSdqkKx5LJHMVJRwB9efA1P
PL8KLS2jcc1HL8S8OdORy+dRKJQQMTQIQXClgMsabBFBUSZRRDUsjvr+MeyBESS1ZagK5aBgFown
E8G0AenBc1y40o8w4vEEVN2A53qwHRu9Pd3o2rcHfb0H0NfVCZUYG1Yvx603fx5nnnUWbNuCrhvv
aSzEQWf7YDIg53I5Wrp0Kdm2jXw+j0KhIHO5nNfT0+N0dXXZhULBSqfTVm9vb6mjoyNnmmYaw/aI
WUVRTFVVHV3XTcdxbNu2LSllSBhZ+MRevlmokMj74u+ZTEIE07GgYXj5Ew0uq4LrZcQiqlRd1VVV
11zbNlzXjiDIu6iqWhuJJevqWkY31reMSdU0jNabRo9V61taRVNLG+LJaqiqDlXToGo6VEWBUPzB
V4ICR9ZQ9CU9SM/vbfFcC5Zpor97P3oO7OUDe3a6XXt32d37Owa69nd0F7LZHindHvgqyHw8nii6
rmtZVsnE8FkvC38nL3fcMuAv7ZoAtKp6pE66zpkf/9zXFlxy3efdYiFDVfEqRTeivHHtGrzyh6ex
ff0KqtYtntiaojmzJkOL1PIDi5+hnGjij1x+BZ21YCY86SCdzkDVNGiqAdMTcKHBhQEHBhyO+Api
kkF3tm/7MNSIWFZul/D7K8PBAgi6lUWg3nU9D45tBZGGr5bVdQN6JApV0wGWMG0Hv/zBv+C7t3wB
4ydMhOs60DR9qHkOGMqHSAAwTZMikYjs6upSPvaxj1kvvfTSHmYumqYZHvAl+GQRRg8OAE9RFCcW
izlE5LjDsKWUZvDYQtnzwtcxg0s72BwMl3oPy+XMn8KhQCYhwpxnmKgNL0NiicKPXMLoJQYgJlQj
oqqqDumoEkJzbTOMciLwCSgJIEFCJHU9EkvWNhiJVG0kWVNrRGNJTTN0RVcNQUKAQcSeIx3Hlk6p
6BYKObeQz5kDvZ2l7GBf0XPd8IwWrq1NAEVVjxQFyCEFjuU3phQxfNYLz5LlO3+YvNODz9cAn1Da
dF2vt237xAsuv27hNTd+XYvFq9xCZlAkUikRTyR4cGAQG9e9iY2rX6V9O7ewdC067vQLcca5F0HT
DAwMpEECiBp64JUrARZDej8iCYHA1IkIQQEoCMuGJflhRxSHFg/ggFD8MaosCeFAekUoYGJIV8Jj
CU/6VbNCIYfmllFY9txT0LM78c1vfiN0jf9TREKlUgnRaFRu27ZNueqqq/KrV6/eGovFDriumxFC
ZJm5IIQwmdlTVdUFIKWU0rZtx3XdkAjCyCK8DLfSQfeH5GFjOKlaIZE/gUOJTEIQhqMVFcOkYsAn
FAPDuZZo2f1RAFEhhAEhNFVVVSmhSOkK6brhax5MVBr8pZYoe2/voC0sZdsAXCFUT6gqC6G40rVs
KaUTnPnKz5jh9fDMF+7A4U4bhs06fGJMwbe/bAHQquuRhG2bM6bPOf60qz/zlfo5J57qWcUiZzOD
ImJEKVGdQjwRp3w6J02zSMlUCoP9fZBSIhb1NSm245BCxBIgGvKEARC6/jMPXYbEgWBsqQxIByGZ
AID0Daf8FwweT8NppMCYigKf96A6ztCMCH7z41vp5k9fzXPmHQPbskjzu4S5nERC13nDMOTzzz+v
fOpTn+rfuXPn+mg02lMqlQbhk3e67LstJ4CQREJysMpue2XXyyOPUEgZyhcqBPJncCiSSTnKSSA8
8PWy2waGicYoux3BHxOHCgghBBQIoQihBkVi4VvFCkBIkARYQkoBv/FWuq4HSJZSHrxTlp/tbLz3
bGfij9fd4Y5fvtMKDJfKh/JAAJr1SCxhm8XWSCx+7BkXXH7UuZdea0yadrS0bJML2QyZpaKIxeKs
qCp5rgtF0zlm6PTWlh2oq0mirbmBC0WTVFX1o5PAniFMXfrFkNAWczjiIKLAvzbw1eWg3wl+GwOC
CQF+9CIhy6IXkPD9foWAZZqUqq3Dyy8+C2f/Onzrm98AM2AYxh8dtIFrvASAu+++W3zlK1/Zk8vl
Nuq6fsC27X74/S8D8JeLRQznnA7WMZVv4ffuvc9lhUD+FzjUyaQcYQQR+s6GUUtIMOUkox30mDDK
Ce8Lt/C1Dv6ewjNW2A4QEsnBZ8LyM2K4uXjvuvvPJfAUDBNKDYC64LJF1yM1tmMlwNyeqmuYdfLp
50446+Kr9XETpyKWrHbtYpFLxZwCgCzbprpUNX/5336D6ZPG4uMfPpN6+zMcNTS4wbKD4fc6CeGL
eMM+pvceUT7JBLnXIW8JBf7Id59hggQKIRjIHnR5SpDfgMjwHBeqEeH7fnwLvvmlz9CMo2ex49hQ
VS1c3pDneRxGI729vcqtt97q3nPPPVuJaJOqqr2O43QCOIBhsVgew1255S0bYU+YW3bplv2t/HEV
/C/xt5LT/yUQnoGA4aA9JINwC0kivB7+XZTdFgfdDl8n3NHer/s5bAkob2As38JZQuVnvv9uBcCD
f6YN33MoyrFtswCgPhKpKqb7e/c+8bt72555+P5pxyw4Y+z8Uz+UnD7nBNE0pg2qprtJAPt7esTa
dVsJtov0mQWWngPLBlHgF0JEUAWxZI9UQSyDb5LYz5MMXyeIQDMmAm9dyUSKEghtA+9elmBp28SQ
/jACZiia5pmlErWObcfv7v0JnTBzEmYcPQtmyUQkGgm/X5imyZFIRCqKgj/84Q/Kl770pcF169at
jUQiu0zT7HEc5wCAvfCT2v0YbqZzD/qNDv69Dr6/gg8II4lMylG+A/mTwYeJIZROKmW3y0mE3ud2
CCp77YN3yvJopZwwyrf/7c4b5mbCs6iL4TxLzjTzdUKopqqrOds031259KmmlUufGje6bfwRRx49
p2HiUcekZs89Bi9v3s+u5fLWHR20a18vzzhyokwPDhJYkmkWiT0GhG94KSmYzgEaSrwinH0ctBFw
MHXeNzsAS1dSIMJhIgFV1aAaEamphhSqIJAgz3UpmaoVr738Ig+8+xb/8Od3k/Q8jkQjDICCYVcc
iUTk3r171Z/85CfenXfe+bZlWRsikUinaZp98JvpujDspfp+RBKiQhh/JYykZc7/BOX/7zDqKF/O
hCRS1tbzHiLBQZfvdxb8S+zEYURlwK9WhcrgKvg5lRSAlKrrESKKOJYVBdAIoKmmpqbFajt9Skmv
MzhfkB8641hx2dnHE+lRJJJJxOJJ6IYuPdclySyllJDswZ8XL8l3Zgu/CD9JKwSx3wMloJDwrwYe
qmapKErFAor5LIqFAgZ6D6BjxzZ07d9lDvYeKPXu35V4+IH7lanTpsE0TVIUhVVVlUQEx3GU3/3u
d/jRj37UvX79+k2apu2QUg54ntcFPz/SBV9kFg6vGtE+IYcKDlcy+e+gXElZfvtvfaYLI6cwkVyu
Di4X8iWFqkZVVY8LITxTq23HEadfBbAGzRCU6S5VD6zcVVNXH61rbE7WNbQkqmvqtKrqWqquraOq
RBJGNI5oLA7DiEAIFUIRvuWl9ODYDjzPgV0qoVDMwyzkUSxkkR0ckJnBfpnPZqyBgZ58X3dnvpAZ
yJjFguXaVsF2nAEAMx/7/e8nnf+P/yiLhQLF43EGANu2lWeffRZ33nlnevny5duklJvj8Xh3oVAY
xHAkEpJIFn6y9ZAb8D1SUSGTQxdhvieC95bCY3iv3iYFQFL7mVdw3YQz4ZouQAo0Q+LdZQ+jf8tu
+AldETw+FAPqAHRF0TRFVdSg58CfgCYZUnqex9KTruey9IY6veFXr8JoIdR0eFBVC64rorHYGb/9
7W/nXHzRRRKA4nmeunv3brz66qveL3/5y8yKFSveBfC2oijdiqKkbdsOZ/GGuZFQ0m5heFlTwd8B
RmrO5HBAeX4mLEEXMEwsBnxy6IWSTHCssR3SCyeSe5CsUf3kdiXz9qtQ9bSACiGk4rouSVeSlK4C
gDzPIX/Y2NBSsDxnFN7vQQgWQkhVVaUQmvTheJCSFEVxXdetO3rOnAu/851vH3XsscfhlVdeQUdH
B1566aX0ihUr+rZv374bwG4i6o1Go7lisZgJljVhd24GPkmVcJiYDR1qqEQmIwdhBaqsrB2pBsw8
2s8+HzVtPwN7AmAVEL7sVcoMtj59E6zuNPxIBvBL5QdXusLX/1MJ6HItR3k1CwAsAYyTwKfnzp07
avasWQPrN2wo7N27t6+zs3MAgSNZNBoteZ5Xsm07Cz8KCYVoYSQSCvwq0cjfKSpkMvJQVo2qjQID
JmZcfQ+Mqmvh2BYUGH6znnQhdBX57tvx9qP/AahNgGvhvarfcAtfN9xfDiaTcnFYeTUrrJzVwm8H
YAyLB0U8HleEEMK2bduyrCJ8BWsGPpEU8F4SqfTD/J2jsswZeQgjBQYGsmg7swWqMQfSKYAkQMII
bOKKYNZhJGcBGAyIBBgul4fVrf+/8vjBFazykni4LNLhJ0p74vF4XTKZjGez2VipVNIKhYJE0L8E
fwkT+oOUN9mF+pwKifydoxKZjFjM0YA1DmZedz0iiZ/DswL7ADuwkFN9RznJQCH7j9jy26eARArI
WRg+yZSXyMOD+f1K5OW3Q0IBfDIJy9hhctcoe/2QKCwMy+DD9oNQJVxp7z9EUIlMRizWBDkL8Q7s
0tfgWQMQYi6EuBYsS3BK/w4F2wA1CUG7AHhALgsEDkjvLYkfXCYvJ5D3K5mHt1UML38s+ESilb1m
ebtBqBWpeIQcoqhEJocTpl+7ALr2EkCDyKbnYceD7/6F35EwnBAuT+wCw6rh8n6mSn/MIYxKZDLi
sUhBUzqCupQDiRQIEgwF0UgDJnx2HzJdGnpRAhb/JUqtIWGEl+VRzsE5lwqJHOKokMmIx2IP3Sih
GxLTrjWHglGXLey4KxSW/SWXFCGRVDDCIf78QyoYAfAZRAlWFAQBpvC3/1vPTqpghKBCJocFFvhk
4mk85NiqKkGIsqCyvKjgA0GFTA4nCDdczpC/ugGAfCUJX8EHggqZHE7wNA6c0AgcRiZz/rafqYIR
gwqZHFaww+HJAqrtk8mcNX/jz1TBSEGFTA4LNPp5Ec0LjdIIdhCZrPmTkUk4VqTclFv7M2/0fs/R
/18+eQWHDiql4cMJUvV8M1dBf+anVwBIZnaexQ5EMQGNAKYCIBqqAh1cTlbD5wDPAogCO0rAhA+B
CH/qORWMIFTI5LBATzCFXfhzsyQEEC5zALx3paMCcMfOnJkionMAzINvulQA8PJxxx333Ouvv16C
Tzih0E0B4M6Z015NRB8CcCz8XpwMgNcXLTru6cWL/+g5FYwwVMjkcILrMTTdN3FVlPer4mgAHE3T
ZnesX39Hw+jmk447/VSkamvR19OD155b+s+vv/7680bSuNHKWjsw3MPjxWKYs2bNzjtHj66bf/ZZ
x6OurhpdXf146umVcvHi159PJPTP5XL2dlQIpYIKDmUs8oVp0689AbOvNzHnEx6OvvYEAMCC28IT
igZAxGvi0wDsOP2SC/n5js3FrZwtvM25wmaZLTz1zpri8WedygBW1YyqaUVgcF0Tj08HsO2yj5zG
3Qeey7NcU2DeXGBvTXHnu48Uzjt3PgNYO7m1bhTe64tSQQUVHFoIyGTWx47H7OtLmPsJiWlXzwcA
zLk+TKrGrr7ttgiAB445fQGv99K5jcVe3tC/nzf1d/L6vr28xeqXqwsHMlPnzmIAP8KiRfrUqQ1V
AB4444xjmL03sq6znrPptZzNbORc9i323I3SLL2WPfbYqQzgTuaHAD8xW8EIQ6WaczjBZAliv5oT
LnOqWhh+VCIX33HHNE3Xzrris59yVCnjXChxU3VK1lcluKG6VtoDOUrFqqou/cx1Lgm61Hjppdad
Owdn67p2yuc/f6kLisSzWUZVoklGo3VcVdUsB9M2GZFE7JOfuFgS0XktLVeNha+Yq+x7IwyVH/Sw
wFS/JEweg4TfoUtBmbh3iwBg1E2u04qZzPTaxsbkEZPaSfEkx/UoGaxQgnSKQFAykWC3ZPMREyai
qrq6iQZzo03THT16VF3TxAlHuK4HiseTLNkgomqSnkHxWDWzJJo3bxrH45Gmri6znRkSf77MXMEh
hgqZHBbYElRzPIaUABHBCSKT7F4FgKYMKjEAcSYQSPgubMIf/cnMUIRgyzQpasSorroBpAoyXXMe
gMnRaBSpmoRwXUmeJ0kEhCWZidmfYi6UYDwgECVaoKKSNxlxqJDJ4QShyiHbEFUEzX8OARA9PT1V
QtMGM/39pf0dHWBFcMky2RLMJZKcKRUomkpg3do36aufvF4pDGREqrru2/FY4ktbtu7ie362WNM0
hSXb8LwCkchDVR22rByTwnLjhneoVCylVVXNAMtjqPiXjDhUSsOHBcJljmCQ8IVjHOhM3FJY3o1G
NG2gWCxuefCn/zF3/mmn2o6A0jU4AOm6lGqok48vfoS+9LEbcNys0/Cj7/8OzS1jjGKhgDffXIFv
fON2vP32Hvzil99HsdjHgCIAV6qaFI5jenff/ZDqSaxqqIt19fZmq+B7vlZQQQWHFoJqztSrj8ac
6/OYewNj+rULAAB1kxMA6gFMB3A6Ef0fALmLPnGNtyrf6W7yBvldtuTjG16XkXiMP3HdV+W721nu
3MZy1zvS27nN8zp2sHz4wdUyYqTkLV+5hpl3S+YNknmrzKSXOx/5yD9IAN1C4AoARwJoRiVnMuJQ
iUwOCwSRieExwAARoAY/vVDC0Rg2AIWZ95KqPP7oz3+96JVnXlBmnngsTz7qKDx1/wOYPf1E3PSF
71A204tYXIWhqsQA+gdzOGbePHztyz/Ct753Pbp702hsTGDvnm5+4Q+rqasrnVcUusfzeH/wgSrz
gUcgKjmTwwmOYIAkmAEnWOYYydDM2QFgCQibXa95VGurduXlVzANFOiVB59Ax5Z3cMYZH4aqSI7G
NG5orOGa2hjX1sW5sbGO87kcn7LwQ1ydaMLSpeuwYsVu9PUTXXnVx2RDQ03U83gshufgOKiQyYhD
JTI5LBBUc1yW0EF+n19QzYnUhM13DE3LaEJM0gz9lB//7G7vknPOEx7A+/buwUknnUy1qXooiiCV
BEjY0A0Bx5EQCkBCoqkxARYqbr758/jEJ26EY6eh6Sll+tTx/MkbvnAZMy0zTXMHAgn+3+SrqOAv
hkpkcligLAHLYJAAWPpksqMnnMTn1NTURCzLuvij13+Mzj3nPN7d20Uls8QCggQRp7ODADxIV0JK
Ba7DkC6BJcOTjGzOhGubsG0J23ZQLNqcze4TV139UffDHz5XM03z49OnH1HpzRmhqJDJYYFvBobS
tgcKRk24DgHQgTUGgHhyTLKU6es7vmn0qIlXf/J6N2sV1ERNkh3pUmvrGD5i/Dj6w9LHoWkKcrki
sukS0oMOcjkHvb2DSMRSWL16FUBFnHzyyaTrAvF4hKJRnV2vqN988w1OPBaZt2nTruPgdyBXJPUj
DBUyOSxwW5CfSAAsLTgWQYHO/Kb9JnN+7NhqjohUSkq54PiFC9A2fgLnijkCCVjSQ8lz6aavfBWr
3lyCX/3612hsGAWzpKBYkCjkJZKJFuzZ24Wv3fZJXHTheZg5czoXCj1EZBGRB8fK07Sp4+Sppx1v
ADib+aHygegVjBBUftDDAt8MpPMdJphr1KqUA8km0dzz5xJ9q6MjU2Om0/VCUeacdOZp8MCKC3DJ
sUmqCrqLGcw/bSFuuvWruP3OL+L7P/gW3nlnJ4oFF93daTz2+MO4/lPnYvqMFnznu1+FbfWQpros
2WZBDnuuxSChnHfeyQTghNmzv96MylKnggoOSSgAdH7oIRjHfe46pGatStWkll1z2bn81Zs+xkdO
HLsJwMOJ6urSs9vXeptLvd6Ggf28vdArd+R6eXuul9/J9fKmgU4eO6GdAXB9XTOPahnP9Q1jOB6L
MwB+/LF7mHkfZ9Ib2bbf5VJpG9v2NpnLvsXsbXZff+03XjRq9AA4HcMjQysYIahUc0Y2BACFly1z
aOFCjy65ZK4KHHfxWcePv+rKW+vmzZlugdi9+PzTpt3yjX+ftml/n1dVl6JcqQRNCIbnQiHBlmVR
qrYW/3LZJwAHWL1qKzKZHvQP9EJTNEydNhN33fXvuP4TX8HkyeNwxPhW2FYWqqqAPWZBDtm2Lca3
N9ptbc1127Z1tDM/tJToEgPDMzcqOMRRIZORC52ZbWCNJJo7lYg+efLxs//puo9fGjnx+FlQQfZA
Omfk83lj8pR2p7mxjrugaWpERylXINYjLAGyzQLqGhvxyP3/hZeefB5PPPEHzDp6CkhMgRLsPYU8
4wff/xFWrVqFL33pO3j09/fAdQsQQgeBAeGgZJqUTFV5zc0pY9u2jlagXUFlmuCIQoVMRh40AJL5
TZuIWgFcO2/W9Bs+etkFzReed5obNXSrf3BQLXpSj0QMdj2XTMvR9uzrQrS+mT1VkOl5TPDI8VyW
BMrkc/jJd3+ARRddiZNPPA6dnf2oTsUBuCASyOdtxGNx/PAHd+HsDx2HF55/AWeedRIy6QFEYzqx
dEBssxBCVMV1AKj5+Mf/OYKKcG1EoZKAHTlQFy1apPju8NCJ5t449cgJz37r65/75n/e++PGa69c
ZFqOFL2DOUPTo8KIRJhBRKSwrunsOi6EpqDk2lxwTJIqcbZUpEhNEstfWIruXZ24/vp/Rn+/Bd2I
gUiDqkYhSEcsWoVMxuKZR8/A3Lmn8q/uXcxCcRmwmGCxKhy27AIR2SJZHWUA0e7ubOVENsJQ+UEP
fagAwG++6dLcuUREH6mvr/nCVZddNO/Kyy/C5Entpb7+Qf1Ad39E13XWNYNdzwUYpKgKC2GT60kc
eeQEPPrqWsrYRXi6gt7+fpKuhyrPxdInn8LMqXPQNnYiCrkiYlU6zJIDIcifnMEE13YJnsCFF1xG
/3r7J9DZuQexqIJctkgSjKo4wbb7nS1bdusA+ru69klU9r8RhUpkcujCr9Awu7fddpukuXNPT6Wq
n7nmyg//1+MP/XLe/7nti9bo0S3OgQP9UWZSqhIJVlQdDCJV1SAUDSCFdCOCfK6Ej15xETCYxo8/
81WU4EKpr4bWUI20VcDG1W/glFPPhyIUmJYNx2bYFmBbErbNMC0JTyqczUnMnDmPXTvOb6x+g1M1
KlclbNnY6LnFYrf5sY/dEV+/fs8uw8DSNWsG46iUh0cUKmeGQxMa820O1pznEdExqqp++tyzT73i
hn+6Ulmw4ATbsmzq7k0bmqYiWhUHASw9CVKIFCGYpSQBgvRcaIYBxzTRNqYFP73zVtz0L9/DZ445
BwsuOx9Hzp8HQYTMgUG0j5sC02Q4DsO2GSCGEAAkQzIgpUB6MI/Ro47AqFGT8Morb2DGjFHyrbVb
afOm/epv/3OVumNHbweAH1sW9sMnQxsIFLkVHPKoWOcdgmAABIwH8NnTFpzw0WuuWlR3/jn/YJHQ
qH8grauqBl03GAAkMxExM/sHrfRcApil55H0XDC7YJawLAvRiIae3n785/2P4NmnV6C3aMKUDlLR
Wtx955MY3z4RnmdCN1QI4VsZEAOeBMDE+WKRqhMN/MWbr8QrKx+iluY63rGzq+g6PABgQzSqPlcq
uZsBDADohD+ky/4bfY0VfMCoRCaHHmoJ+Mz0aZOuu/7qS1ovuuhcr7a2xuztTRsgolg8wb7bqv+v
IAFiEBGzlB6BVTBLEoJBUCAl4HkuNF1DqWiiJpnEzTd/Dh+95grk+rrxu4eewhMvbEJNdRMKBQsi
7BUM+gUBQEqGgMKOJckxwKlkA2Uydk820/sGCL3xuNFh287+UskdAGDBJxEXlXGhIwoVMjl0QFi0
SESfePynV1940qVfvOUWr2XUKLO/f1Dr6c1EdF2HqunMIAIpUIRgEDFARASWUpJCAv7xKyE9ggzY
gMAQElAjcRQKJgb2dMJzC5g980i8uW4TtGXvQBE6LMuFqghI6YGobH1CgiEluY6AZUoZjSZVIhQj
EW1TqeT2FQpWGkAWQC+APviWjTYqOZMRhQqZHCJgfoiJLlHGT5vY+Kl/utLN7dlkO44Xq21sYc8y
WdUMZgihKAoDCkERRCSCJmFJwk+cQJAESw+QPgcopIJtQsmRcG0LuvAQr4miUJDIF0z0dPcyoBE4
xvlcNyLRKGlShSIEEwEsAY8lEUjmckUy9AZIViQzXMfhXgDd8AlkMNgyAEqouK2NOFSqOYcMFgEA
O47ncfUoNTVqvNq7bYF7kskAACAASURBVA1K6V7o8RowgwSBiRQSqgpV01lRVAihQhE6FEWFf1uB
EApUVQGRBtNiFCwbxC5iEQVGxABAUBQVnnRx3DGzqat7M5585n5KJlrJLEoUCw6y2TxlMnnK5PJU
yFvI50wRi7Zwx+699ovLHhIANjM7WwHsBdAB4ACAfgB5DDuuVTCCUIlMDhlcAgCkCKFq8DjVMo49
EUPvrk2cH+wTzROOhhaJQXr+NAuWTIqigoQCMCClB4AgSECCYFoOSkULYImqqA6CCtd14bk2mAFd
15HJ5jFn1lT+wqcup9vvuoF37tqGs0+/jmtrG2Q8XgNFVUl6DNsuca6Qo82vP833PXBrbM/eTW8D
+L3neRn4S5tB+LkSCz6JVHIlIxAVMjlUsHgRgMXELAlCIbOUp0hVEuPmnEZd72zEnvXLOdXUTqnR
7YhU1UCQCukGhRJBEIoK6TmwS0UUCyVIdlAV00BCg3RdOMFjhSB4ksDM0DUdhUIR1111MRobUvjB
nT/FCy/+SkyfeopoHT0ZsVgSrmujr38ftmx/HR0d64oAVgmh/lZKdzeANHwiycFPuHqoLG1GLCpk
cmiAFi8Kcp1QiD0Jw4ihfzALIRS0Tj8BpdwApQ/sxt5NKxFL1iHZMAY1LeN9EnEdlEolFPIFuK6D
aESHqkbgug6kZ4GJIQQBkhDELwD7CRFd0zibz9EVl5wtm5ublCuvv6Vn5arF++CPxyD4UUYJwD6A
NguhrpPS6YafcB3A8LKmghGOCpkcIli0GADAkj1SNBX5XAG1qWqoegQDvV1I1NSjdfp8SNdCtmc/
sj370b93O2pHT4GabIBVKsDQdVTFo5DShedY8IOEIEnLADP5GwXBAxGYQaqqIZPJS4UgotH4AceR
jygk6qWfxvWYvaLr2lkp3YyUTkgiafgk4v4Fvg6Cn++rVIP+jlAhk0MFmxcBAJWKRYrE41ix8g38
6pcP4Bf/cSfa2lqRzeaRHeiFqkVRM2Yy6hUVdj6D/t4exKI2amtrwZ4D17XBLEFEAYkEEjgQiPxq
csglDIAEmJkpYhhggDzPMW3b6oJ/IFvBpyvB93VNA+iBn2gt4IMlExF8pPADe/D3XxlsOoYFcKEt
ZPjehOEoKvz7++VtKmrc/wdUqjmHCr6xGAAoXlUlMgMDuOBD/8Bz5s7E6Wctwg//7SfIZPNoGTMG
DY11YM+EbRZgJFJINrUiEjFAkHA9BywliAHJDIYEEF5KMPtDynnomGKwxxQ8XkIACoksgC0A3gm2
7WXXd8MvBafhL28+yPk4BF+CTwBqAYwLXlsisF14n8eXXy/f10OyUQ66bQRb5ST7v0CFTA4Z+JGJ
aVlUVRXHK6+uogvPOxNLnnsIY8ZNxpe+/A1cccW1eOKp59DTOwBVKHDMPGwzD9e24Hm+bF6CIdkD
syzbQhIJKcSf08UMSGIwAYLgRyxClOCXeveUXe4H0AVfT5KBH5VY+GCikvDAPh3ABQCOB/BzAFcA
+BGANgCzANwHoCF47EeDx4S2kEcBuAHDZPFZAGPhRzcGfCIaB+AjZZ+70mryP0SFTA4VfAMAQMxM
kAAz8SUf/SQeePARLLpgIb7//W+iobEBt9zydZx62pl4+tlnEY0YcG0bgIR0HUjPA3suWHrB5hMJ
AlIBM4glKGQSZtAw0TBAYCJrgV/u7YFPID3wb6fxXiL5oPIZYfQwOtjGANgIn0i2APg8fDJYCJ9o
RHB9MobJpBbABAyXptvgk8kM+KQxPXjtYwFcC+AcVJY7/2NUyORQwTQ/Axs1DMrn8zjx+Nn0wH13
Y9myV3D0nJPx0IMP419uuhErVryMxx/5Lxw1fQpKpSJAEq5rwfNsSM+BlK5PKjKMTrxgk0HTn997
M5Se8CkEvnMJQ0jpLme4NTXIwCePUCqfg587+aBHf4avZWFYOZsL7n80eL/RAB4D0A6gFb5c/xUM
z+bJAZgG4FYAPwweUwVfvKMCOA9ACkANgH3wI6DjgudWljz/TVTI5BDB4kUAAPI8TwgVSGfSaG8b
hScfuRff+eZXsHzFyzj+pNNx6SWXYumy5SAA/197bx5nx1ne+X6ft6rO1nu3WlJrsRZLXiTvsg3Y
GNvggA12nEloXTCLgSSGZC7cQDIzn0/m3tvS3E9IJiFAwpDBBCbDkpDpDpBgBwcCkW2whbGEFy3W
ZsvWvrTU+1mq6n2f+8dbR2oLTwaDB7Xo+n4+rTqnTm3n6NTvPO/zPkuaNHDW4lKLTROsTVCb4Jx/
7FyKcxbnFLUOtZmwuOnDH+d9Kuods84Yh8DIyKko1piff9LeBF5c5uK/wxGwI3v8b4DN2fWUsu2L
wE7gK8CXgD3Za03fznh2jE3APwOP4YUJ8jq1PzG56p4jZFPDiDE4awkCkYnJKeqNhFtefz1vecst
PPHEVjY8tJHBoa+yYvkSFi18HUnSIDSKcw61Dtf0kzjrhcRaVFPvR0FRp6d9KOpoTvioKgiY05bC
z8un0DxPGWjDW0O34IdXdwLfxYtZgHcGfwy4DbiJ09/vMn7YtTtbV8RbOecB78EPi/4aeD3wHHA5
8Lls33z6+SckF5NzhcwyATWoQ1OngREKhYCDhw+hKly4YjlXXXkZv/fhDzA+McX42CiBEdIkIQgc
zuqpoQ3OZf4Rl1kimVXStEKaWcHOv+6y2Z5ppuzPy6fQzOH5Ln76dxw/HOnCD3PuwztPt+J9N7+F
dwp/JnsO3scyjv++CzAIbMNbJlcCf463VibwFsk/AE9n+/7viJP5hSQXk3MLcYpx6nAuFbUpSZLQ
3dFOFEScGBlmeOQExoQUoogwDHCp8xUCEueHM+oQUZIkJm7UcNMcsOpSrLU4m+LSFBGlUPChHE1r
xc/r+Gv5Ob3n5vDpuWnr7p32OMBPSTfZkC0fnbbuaPbXZGO2fCT7a3Jo2uM85uRlkovJOYaIKs7h
rPWh8eUy39v0GM7CDWuuJcFiMKha0tT5EgHOYY3DOQeipHFCEAT09vbiXEISx1gbo9anzpgsxGti
copadRIAZ60IijNnLUfPcPoGL/Bix2zztWbMSYz/bk8PWgumPQ/xw5dm7x437XnzOLlF8jLJxeTc
Iot3V1KbEoYBL+w/wG/8ze8zdnyC+z7yOa6+fDWTtSqFqIBaxalB1OKs3zW1CeVikbHRE2z4zj+z
Y/cLjE7UiBMf0BYGhnLRsLivhzWXX8TiJYsZHR3LYk8Ugzlbv9bTVezMXJ/przWjYKeLgZ7xPJ22
nL4+z2b+GcjF5BxDEVG1oD6itaVSZFXHCiaYpKu9hXqjjqaWVGJEQW2A0xRnDEmSUCqX2PHMTv7z
Z4ewlfksX3Y+S1csYFnfHEqFgAPHxth74AiP7tvP17//AG+7ZRWvf93VJHGqYsTXaMzJeQlyMTnX
ED8j45wlTVI6W1v4i/f9R8QIHR3tNGpVTBBiE4cIpFbBpWhgaDQadHa28cA/b+Cxrfv4/T/+D1x7
1RWc39fO4oo//JiDZ4/GPLPneT72B+v58tA/6etfd5WIqnfaBhKob9+Vi0rOi8jF5FzBTw2LOBHn
LEEAzqZU6zXKvuUm1VqVMPR1S0TEZ904AZfg0syPkvhRQG/vPL7xV3/OVz5xnL5585nT0UIYGEYm
qhw5fgKrCoVO2js7JYkbWCOapomKBLFkxarP0ieRM0PJxeRcob/5QEVUGR+foFAqIiLUazUKUYQR
g7UJYHwtaRRckMWU+JB6EYjrU6y+8S28/V3vY/yFLbSYlDbqBOKoSpFJW6Q09zye3H2Ix/7yw1qr
1VnQ1xuUy0WZ39uzcuSZDe3Sd+WUqkpuoeQ0ycXkXCGzTKxzIgaOnzjJ8/uOcMOrr6BcjKjH3hox
YhARXzsAh5IFpzlfutGmCSjUJsap1yaZv2gxF5zXx7LuAgWBQ1OWPQdHOTwyxeTIcYLASN+8TvnR
0zsLf/Tnf9248/abXk2reQfwX2F7RF7LNScjF5NzhSwCVtUpzhIaoxMTEzz4yONccP4yFvTNIQgM
jdiSppYgCBBRnEZZDIlOC05zRMUiJgipV8cZGR6m1VUoFQNOnKwxNVn1dWDLFcYnqvzBx7+kT+08
Ir9251vcu+/6ZXPw4PCtg4MDn4dabpXknCIXk3OFfmAIMSYw6qyGAVIpFzUQw5ZtOzl8+JjOmdMp
ffN7KRYiUutwNkUlC0IzmiX5pV5QrJ8FDaMCpXKZSqVCqWAol6FQtLhGQ8uFUPbuP8K1V67Sv/rM
/ynzezokVaRULrdMTNSKMFE7ux9KzkwiF5NzA2XbNgBN09RZm4o6p7VaXTo7WrSzo0XHJiekWqvx
/L5D9M7pYtl5CzEGVHzinrM2S+xLUee78fkJGoe1NvvTLALWaWiMTFVreuVlq/j//u9/K2MTVT06
PCpzerpcrdqote0rNzZv3pU7YXNOkWcNnxsIq1cDmHIhCothkBYLYTB3TgdT1brGcSKd7RUNQ9FC
GHDi5CiTU5ME4sVBnfWJfM7XM/Hh8c0yjZKVcMQvjVFQESMKKqqqx4+PSJykUqmUEgUzNjX14Nr1
6+NyuSsXk5xT5GJybqCydi1A9cDh40cf+eHT4eKF3bVLLlrizl8y36RpzPjYpIZGpFiMAKdRYEjS
+FQCn03TrHdOlmPTzARuRqVLpguqIr6hMGCcCFJpKakYJsqlYmutUXv0xFTy2cH+/mD16rW58zXn
FLmYnDsEQH18svbh3//Dzz/56c/9fStqkxXLFzSuvHQFPV1tptao68nRUS0VQqlWq4BTcOqcxeBU
cFqt1jRuJCpBoMYEKoh6UeH00jlEDMYYUJyi9dZKpa3WiJ/Uhrznta+9c2LbqlXTlCgnJxeTcwkL
GFWesuO1Wz/6Z1/5b7878Bnd+NiWYkd7uXH1FSsaV126Qlcs7ZOpySlvdbhUrE0FHI1GQ2r1hvR0
t0p7e1lsEksa18WpijEGIyJBECDGp/mlNpFGo04YBUFggmKtlnzp+LFjd5x/5Rt3b9gwEK5fvz7P
Y8l5EbkD9tzCiWCAo6qDvy6y9m+f2Lrnw6+79rLb7nzza7jikvPTlcv7khVL5pnjJyfCqamaSKFA
GtfpaguS1krZ/sM3H5a//tqD3PyBW2np6CGcOmpsmpo4iTESkMapIkJLe2fcNWdu4dFjoweT2sTv
nH/5nV8DUB0MRNbmGbU5P0buQDs3ESDUTfcmcvX7K8AberrbP3DZxUtff8uNV5UuvXgpSxfPd4VC
0IhtSUQSee6554tfHNpAWGynu7OVx/clvPmu3+DyC1dw0fIFLGmPiAwcbyg7XjjB1t17+ZdvP8A3
PvPRPwf9v971rne1fPGLy2siuUWS89LkYnJuEwGJ6gZEbga4Bnjr0vPm3XbF6uXLLl21pPWySy5h
4+Nb+eLf/uNTjST80jOPDdr2jta+d773d8NvPfSjJRdcesUl8+fNr8zt6ShEQSAnxyeSQ0eP157b
s2v/ySOH/o4O/kZHN02JXJ07W3NyZgHhwMCAyRyo4GucvhH4j5VK5atgBoBuHRh4qX0jfC3US/D9
ZVbgK7dn3f5ycnJmIyEQDQwMGB0cRHWQgQGMDgw0p10KqgOBbro3uPFGQiDsHxwMBgdPF5Ee9EvD
mjURXmhy6zUnZ5YT4ds5hPgyh37mbsndS5n79nnZNk2haLbKDMhn+HJ+SvIvzi8uCacbh8c0haMz
WM+C0q0ALLmx2aSqWQPVkpcuzPkpycVkdiCA5YK3zyEM34opXAPAC5N5T5icV4xcTGYFa3w8Ubn1
bZiogupNrHz3QtjsKynl5LwC5F+kWcHmFPoLGL0LmzpELqYSXu9fW5O3v8x5RcjF5BeeG30Xu1Ut
r8VEV+HSGBMYTPArQACbcx9JzitCLia/8Mw1gCMyd2JEELGoTRB5DYvfNo8s5+csX2TOLwD5l+gX
GwNDCRe/fSVB9A7EFDCmjLqIQmUpPe1v9ZutynO0cn5m8i/RLza+TICEDZz+Fo1qC8Z8DPR/EDc2
oelBv9n2PFQ+Jyfn5bCqwBW//hxXvu+XsxW5ZZrzipFbJrOCfj9js7zUiVDEEkF/wCIKHBjKi0Ln
vCLkv0yzgiEHQ5bUJqAGRx2GLAeey+uS5Lxi5GIyKxjwofSV0IAYjPWRr6uW50l8Oa8YuZjMJkqB
QSXERF5Mtj+X1xjIecXIxWRWsN1bIONFQdQQuHx4k/OKk4vJrGDIWyClEwYkpJYkAGvuuQdVNaoq
gDmjwFJOzssiHzPPDgRQVt0931SKu7qK4Z13XRU8+qlPfd3AgTNnc4yqIiJ5mH3OyyKfGv4FJLMu
os9+9rNs3ryZkZGWcHDVJxqd361Uxkbr0YlNjxz51CPbGnv3auvSpcxbt26d7tq1S+6++27zpje9
aVxEps72e8g598jF5BxHVUVEGBwcNK2treGePXsQEYsvjtQkQdWMffL2kZU3Xn7gff/2//lVGduz
9QePf+3unTtaLjLG2Hnz5rFnz55SS0vL9m3btn1w1apV+/FtQ/NxT85PRD7MOQfIhh0AbFKNntu+
Xb733e/Kpz70IYuvpPYiRlTLrSnXfvvb3zQPP/pocvnq1b+MMZc/8cQTDYNc09HRPv/o0cOMjk5g
beqiMJJyS4XJifF4/vy+4hVXXDF4wQUXvHPN1VenLyUmSnPclH+Bck6TWyYzFFUNN2/eLPfdd5+K
CP39/To0NKRXi7woj0YnJ+ds3rGjWq1WL2ltbX3vpk2bxj790Y+uOu+8pa87cuigq09NycMPPdTp
nHeBpGnKieHh+tx583TlygtlwYIFwZzeXu3s7JLHHntMHnrowXoYhm+eN2/eWwW+ojpgpvfKGRjY
EMqDDwKZkNyEI+/ul0MuJjOODarhX6xda0Qkbq47pBr0QXT//febG6677k27Du7r2/jwIxONavXy
L3z1q+/av29/7eiRw93t7e1tk1OTTE5OsHXLlrRQKGpXZ4f0LVzU6OzuZdHCPu3tnRstWLCg1NXZ
QaVSplQsnDr3ypUr2bNndwNoieP4GuAr69ZhAKeKrFunsn69pIc2bar83bEO+8GFe5HL35gyMGBy
QcnJxWQGMTAwYG4WSQFGpqaueHrTprYfbHqysOPB77/94aOH52zf+Uy4e8+eW22aBMeOn2B89CRP
P/0UYRASFcs6NjFZb+/slPPOv5g5c+dFPb29dLZ30NXZFXZ2d1MqBKBgBALjsNZpvRETBAZAQyNS
iCKt1+sSx3HdX9WDAKxd22+GhsR++Ttb3v+Hjx258+Cx5yblqpXRF+774R/ffce1GwcGBkzef3h2
kw95Zxhbdux6/3e/9a1XidqbrHO9e/c+j0FbnTriOGZycioxUSHt6Oigo6fPdHW2h+09c7Xc3mO6
O9tMe3sXUVggDAOKxQgjYEQRnIZGKIQBYRgSBCFRKFIKQ4wRwihUdVb+0/r/VI/jRuk1N9zwJ79y
xx3/vr9/MBgaWmt122Dw9eFVHxh6ZM/Hd+0fKRRDQU3AqsU9e2++ou/2d95y5TODg2rWrpW8SPUs
JbdMZgCDg4NBf3+/ve+++z74T/d/45MH9u0zYyMjjsDYoNQq5VK5EZY76Gnr5MI53cVi25yoXC5T
KlUoFiKK5QqBgTAwmjiBNCG1iaRpTBQEhJGhEEXiCLAIgTqcs6TWUJeU0IEDjQIjIqKqemoWZ906
gqEh7DPtN1z/2Pe3/9ETOw5RLkitlhpTi5PGTjHLLl7Udo8O9n/4pk+vk9wpO3vJxeQsc++990Zr
165NHnvssf4dO3Z+4qknn0hau+e7OSuuKRY7esJSuVUrLS1hVKxQKBQx4igWClqIDEYEE4VYZzEm
oJGkEhmBKCAMDA4hVdAEVBNCY1EXYg0UQsVp4GNSghCnVlDnp5qNwRgfHL3ucxsDHRjgd7765CWb
XzheKBVEgiAsqyotxSicqNZcoVS5kMs+0P7QQ28YY2AA1q8/y59qztkgF5OziKrK2rVrnaq2fulL
X37fs3t2m9aeProvvKFcaG0nMiFRaMQCAaiKw6kyMTUhYpXJqRq1ySqjx8ZQjXnVDVfQ2dGBJta3
+3QODQIwCmIABWtRCSBVAk2BEOdSotAgEuBUVVWx1irAtm8dsHz9tyurd7S9feOuowVVYmudAqjQ
qJSL5fsf3vKVD/3Ke8ZYNViQ9Wvjf+Ut5/wCk4vJWWRoaMgMDQ3Zp556asH4+PhFSdzQtkVXBlLq
II0TtYHDOUMUGBmdbMjIkZNMjo0wOjzMxHCVifEqaZLQqDZQUZauXEJHZwdxkqIS4pzg8FMxUTb2
cFklRzUBDgNiiYzDmEhJrfg4NQCD6oCsW7fUsGBR1NhyIsqC4VSMimCYqiecv7Asv3rdyvjbH4fB
datZu/YsfZg5Z51cTM4i27ZtU4AHHnggrdXriSmUccU2jdOUUNHAYOLEIiZgy2NPs+vxbQRicFYR
A4IggaFQiDBhgE0htUocW8QYNDBoqhD4SRanSuAM6pTQOCINUDUQBoikosZgHWpECESdyHoF0nX3
PBMmVouKBkawOFEnLmmtlMuXLOl5+q6rex96B9Dfvyq3SmYxuZicRVavXi0A7e3tJo6TwKnDpiqp
BaupRCZSo1YCa6mNVhGFsBThUouIQdWhCtZaHIq1KWlqsdaRphbnHBoahABVQBUJwWGwYsApYoRG
6lBVLZhUgtBIYkVTR2X/2Fj30UNxkQ5bP3+R+W5fd8vCPfuqbZWSSCOxlEqBW9hZ/lvpXnB44K82
lESkfpY/0pyzSC4mM4AGoOoQEIdqnKSEqCKpMUBgHRhQBZdmvhABUFAQ452x1ipJkpJai0kDgsCH
4TfUYsSRWkPklMAIZRsjITQSg1El0URqAnfcfnuhUavK/Hlz75KJieu7Ky46ONkydfPVS99biNzW
//oPT9377MGTcaUYRuOT1eq/7Dh+1yNbD9Svv2TRJwYGBwvr1q6N89mc2UkuJjOAYqOBMUZFjCbW
SagWQDRVAlFSC877PH2Ojhg/jFEHIqfydmLriK1D1ZGkKaoGRYjEEUUBbaWAUpASBSGhJN4yweGs
xRioVeuk1slkbPRHuw70TiZh79hULX3dFcuY31W+bPPuE69zplBwztWcaqFUkPIzzx9ddf8Pnv3D
QyfGdUFP+ycZ2BDq+pvTXFBmH7mYzAAaxSJufEJEnaTWYmOlEFhUQ2+BpKlPqhNBRU8NWfwwx4uJ
MQEIJFaxiUOxGIRSYDmw43GS2gSdnV0UooCWlhbCQpFiucLweMyhkRqHRmocG5nk0EjKvuEaV66c
b9/+xivtwZ0vsO/wSfeDZ2uf+fuHt7fHqXXlYlS0qVMxghAnf//9bVptJH9638ad5o7XXPjx9afz
AHNmEbmYzACK2VIRnAN1jlQdLvC+EIzBWgXnhzgACIgYBMGIITBCmlhS60iTlCiKOHToefZv3Uha
HUeCkFKpRLlcIYoi2tpaKHX08tebJphsOCZqqbRWSqxY0C2rL2jXN79qRbBq6dxg0/bn+cwDz3B0
whbAaRQE4iyYwKCqYkxQbCniHtj4TLL/2MjH/uCLG2Ttaxb9l99/4ol0aO3aPBp2FpGLyQxBRVGB
1PlYEIxDVAgEApcNZ0KDCQJULeoUZ70DVm2DsFwgVaXRSBGrpAr1Wp19zz9Ha6VEW3s7Not8RSJ/
DAVMRGrr3HP7lfqqixaKtaoYaCsXdctzh3ls5zEOjia0lCK1KcY5J2JEVTNLyammYDrbStHWZ4/G
QRB9bGFP2+jQ2rWfHxjYEK5ff3Neb3aWkIvJDEHU/6k6Uuv9GEHghzWxDUjjGFtvIAgEQhAYSm0V
2jsLlLt76OqbS0tnK2ma4pzDxJZ6YolTSxLH1Ko1kiTxVo91iDqK7Y5GnNJIUw4OT8gPdx4Ep7Jw
Xget5QIbt+3n8IlxWksRjSQJfN9z0wy3F0BFBFXVNHWmXAzs0dGq3fjMkfMA7j+8K3edzCJyMZkh
qAgiYJ0jTlKKBsB5P0hqKc/pptM62ns6KHV30tnTTmt7K6VSQKlcIQojxKU0khQjkKaWOE5o1OuI
TUid0tbaQqNexzmoFALiOGXloh7uuP4CWksR1imFMMA61ecOj8i254fViCFNnRgfqSag4oNpRUUQ
BSdgfE6PGFUXDI9PVQE2n9VPNOfnTS4mMwRBURXi1KEBmfUAhAKppeeCZcy9eAWloiHAEIYBgfEx
I/VaQmJiwjAg1BCDEoTeukEtSWwpFApUqzWMMThgqmposQ5F2bLnCIUopFIq0tNZYm5HiwjCyGTN
x8OKgKqIGG/1ZBFzzqkaY7LMQBVFXRSF9HZVSgBryAVlNpGLyQxBgFSVJAUNHeAQAVJBFQIjiCoN
JwShwVpHGBoC4wiNAWMQpxinPlgNaDTqDJ84QVd7K0E9xDnnh0fAVGAIA2Hn/pPs3Hec3117PQvn
tHFyssbYZI2d+09Sq6cYM21ipukn8Zk52WPFe3uM2tSZYhS4K1fMr8LLFpMQsNkyyNbFgAOibNl0
6Bbw5Sqn108pZK+f6fQNeYnSlhkm++hzR/ErQC4mM4SmF8JHwToQRyiGNOs4oRi0WXXVCeAgBQ0M
4FAL6kw2JaxUa3UqrR2sXHkRI8OHqdVrPi4FcCpEgSG1KS2liHoCX/rOViam6kzV6pl4eQvGiPiA
OmmeH6Q5PY0KgjMYnHM2DMNiWySHTWi/BdDXd4+F9/+kH0Hzhk94cTFsOeM5eJE5kzPXNXtCpWc8
1+yx5cVilAvLz0jehGuGICiigrUW66zPsUksTiGxjiRxPkzeWaz1U8BJtkxTHz6fOkeSOiQwxFZY
ev5K7rrr7bS3d9Co10nTlDiuU6/VmJqcIklTqo2ERi1mdGyc1oKyenEHt17SyaULizj1VomqnCpq
rdoUEgBRVAT16lYohHLFBQt2/8aVSw8ArFv3E8eaCHA90A68Bfg94DeBxfib/1ZgdbZtAbgDWDrt
OcDrgQumrXPZkntwwQAAE/FJREFU37VA67TnymnBuAC4NHvctHyaVlHOyyS3TGYMfuYGIE5SCgaf
+dtwRJH4r7gFRFDnMMagQYBTIDQooZ/uNTA6doKpky9wrH6SomaWRhAyMjJCuVymvT0ksRGtpYhf
vWY+Ba3T0xJSDFNwSjEK+Nb2Bs4pofEuk6aQSOYo9sG3QmodUWh0op7IRfPn1Po6C59l3ryTNw5s
CCUrQfm/wOC/h3cDfwG8G/in7LU/A96b/VngLmAJ8IVs++ezfQ3wcXyNyd/BWzJdeDF6CzABHAM6
gUPAecCzeBEr40N95uGFZv/L/7/LgVxMZgwK3jJxSmqUwClqLUaEJDWgDgkgdhCFARjxVZ6BepIg
ySTFcgsSCRMHd3D8ucdJk5Q4SSiVShSLJY4dO8b4+DhTU1N0dXUxfPQg83rrnDhxkr1JSrUe0zd3
DsXO+ew6mmKM+qxiHNPrp3lRCVRxagwmca7R3tpS7GwJfvie29bcJz6+/+XElwgwli33At8ATgB9
wFrg+8BtQAVYBjwNjGbbV4G3An8KrMCLTQG4B5/21Alcjbd8jgEd2frtwC6gB/hwtr4M/D1elP41
X0vOS5CLyQzB36pKYr3zNMXXUox8sWcSY7BOCdSS1Gq4VIlHRrCTk6SNBi6JWXLtVYRzu1Bbo1Jp
odLSRiEKSNOEJElpa2vlxIlhJqemGBsd47vf+ReiYplyqcTChX30LVhIV3c3x+ow2Ugx0nS+mhct
fbCbiioqBlyKFguhu3bV4u0iMkH/YMDQTxz92jxJkC3L+Bv8BN56uAAvMDuB1wLzgSez7ZrcAuwD
rgQuAxYBm4D7gA/hLZEHga3AB4H1wL/HC1EH0AIMZce+Ots2dwG8THIxmSEoZEMYSHC+MBqKWAui
xMdGqY+MQq2GnZhAU4em1ifpCTgTEtfrpA6mGqkvmlSvg0ZUKhXa2iIKhQLLli3NfC4WYwy9PT30
9s6lo6ONUksbraWIfXvGSVW887UZfSuCc+oFRry3RB0ioThnXTC/vWg62kpfABhY1a8/ReHGMl5Q
mrMyXXjfyL3AG4BvAh/BWw67gYXZx/ZqvK/lEfzw5lrgeHbMDry/pJ6tE7xFE+BniNLs8QQwlb2e
WyM/JbmYzBCahZgFJbV+ijcIBau+zEDj4CEah45ioghQxBhEIIgi78cw6odIVkkadWqTY0jgp4MB
ioUIRCiXy1QqFVpb2imVCxgTUK6UGB4+yQVz5rJwwTyObj6Jc0IQKErmI9Es3IRsZkdVVdQIWBME
wRUr5+9+x1WLDrwTgHUv5603x1DP4a2RcbzV4ICHgO/hhyg7gT3AM3jxaH53FwFfy7Z9Evht4DHg
TuB1+KHMGF5QqsBh/DBnH15YNHveyJ4fnXZdOS+DXExmCD42zE+MiIjPo0kdkQFNnfe9FiIIAsis
BVUFZ0HEFzxyzgtR+wLc8AFOHD1OR1crYRQShgXqtRrWprhKC4VCkUZSJ4kTatUqXd0dzJkzh2Kh
wEQ9xnkZQcUv/b1lTsWYOKcSRaFO1RrJ4gVzy0jwP6Sz84X+wcFg/ctL8POjOviT7Pl/wFsN06du
/yhbfvAl9v+7bBnghegPs+c/wjtWJ8/Y/pPZ8s9e4ljP4y0cyC2Ul00uJjMIzcyT5qyJU4hTR9is
jKQO1A/lBZrTLNnegqqQJDGVvgsp965g+NmnGD34OCeH99Izp5O58xcQmJA4blCtVVmz5mpWrbqY
9rY2wtBbPMPDx6knLjNFAJclDWWujebMjk/RccaIUG9Y3XdstAAwNPRTv/2ApmKdnrptOkGbc1kh
p6d3Zdr2TNun6XtJ8cOe5vPmNHXz+M3zNT/A5uPmcXNeJrmYzCBEsoS/ptWBvwMS5xAnmb9CTgnJ
qXIEgDGKc0psU0KnhIUCCy+7juqSCzn27DMcOfQMJ0/uoKurnfl9i2hpbWfRwgUUAuHQoQOMjY7q
2GSdk6PjTFQbvviSU0QC5FTovJzqYy6IZLVURFGpNZy/mX96NbFnLOH0Td1cN91a0DO2OfM4/jJ/
PAjtzPNMj4XRM57nvAxyMZlhaNaVQjgd1+E7Yqk3EFRPTQn76RRp2gw4Vaz1oqJxShrHFFo6WH7t
jTSmrmXk+ScZ3fcEU7t3MTZyjPuBNKhQb9QJSm3S2tZOY+wYSdyOSBHNrCR/HVndAbzoOaeEITjn
tBgali/qFIAbB35bHlr/05snrzC5MPwcycVkhiHZDZwlwmQV1TJLXE//cCr4fJzmfqrESUpkfeB9
6hyBMSRxjLMJxULEokuvh1XXMHFgO/H4SX32pKOr3XDeomV0loXOjlY625fKcw8fckcOVKVQDLEu
i047PbTIzn/KMStRGNDbVhKAuatvym/gWUo+lz4D8AWls342MM0P4teJtwxQY9DmHaxZQy1rUWcx
lSJEBeLEV6dPrMM6i+JzcZLUUZuc0DhJtXXhak3jqgy/sFVk4gVp1TFpLRo5MTzMM1u3pJ16kmIh
EOtUzalreTHNoZZTJYpC5vd2KMCxbQ/mNUxmKbllMgMo0vzxl1MeQFVp3rHZ0oGzmNCgUQGNAsJy
Ce3oRIoRpZYSFAs457RhoRCBM4Y4cQSB4hCCIBJfzs2SNKqMHjugO+K6TExWXWtbS5KmTlpKUaGl
Zd5kpdAeVRuu4IPU1JcucO5U8epmBrFTJQoNC7taBOCmm+ChvDvorCQXkxlAo9FoOlxP2SdG1Ofd
qB9SBL29UKlAsYBUWtEgwBqjQSEkCgPUKWmS4IyRIIyIUx+jUgp9SHxkpwgbU+psnIiNZX5fn9rq
MAdf2GuNaKl0slDs6OxxV111/fdNe9/n9+9I/2DPoRN9qLUiJlRf0OS01SF+aCXZVaep94M++ODP
/ePLmSHkYjITKBbxQxqX+V2z2ZwsqQ5UtaND6OhWbU5eOMShksaONPXJeUJAySWEcc0FAbQlkwTp
WGpsrFqfBJKgpRQVRB1OhItXLtfLV19cOHr08KGurp6nXn3dqx+5+c23f+6HTx/v6j26K9i5/xhR
4OupCUacTrdM/PWpiCJCGPoRc26ZzF5yMTmL9Pf3K0BorRoxomq8X1VQwanRUyU4xDlRxYpvuKUU
JEHEaRgIZdOgJR1LJIm1oDUpShziEiNpTLmlUmhtqdAyvw9rXexEHr/ooovKYHZu2fLk0K233day
dPHi3cuWLXtsO9vTedLqHn5815IwEBV8mJr1WYhnWCaSJSdOc/Hgk1pyZie5mJxFhoaGBKC9vZ2J
yalGIBacI8WI0QBVJBBHYITIqJTdhKJp2qp1qTDpjE1U0inUJqa9Uiq0VEpIGFKtSbW3d1Ha2dnp
jg0P/8OcOXMPXHvNmpY5Pb3bH3jgH7/6xje8PozmzZt4t7yt9id/1AwuxWz4qw0FVW0kSRI/uOOo
c4o6OeXNeZFlklU5ET1VMslz04M+rj1n9pGLyVmkaZncfffdfPlv/rbt2Z3bkyUtw8akYIxqyTip
uNEkiCdTbEzJpIVSMYiMS8EEFMsleuYsobOzi4OHDn1nydKlJ1ZecLF96ukt/33lssXD1113nczZ
sOEJWbv2RdO1H/nIRwAYGBgI77jjDpmYmNCbb745vek9NyUiolodD1pKxQjvtvX5PWKmO19VQNT5
AizqcKlqCrB99fF8aniWkovJ2cUNDAyYkyc5uGzxwm9sX7D4t/a9sLd2fvkEzqZq07oWC8ViR2dH
1NI6h6lqvRpFhd1Ll51fqddqGw8eOfy9y69aE73qVa+K580p/J1Ix9hLnEMGBgZO/T+vW7fOkoWM
i0i6fv2LHBwWBgzjx5/bs+/Yt8IwfKdzLhaRwM/oZJXWsqr0CEadaBAYY8SXBDi2rTefGp6l5GJy
Fmn2nFm3TuJ16/R3rGph+46dv7732WddqVSSJcuWyejYxPdPjox86zXXvabbuvTBXc88v/nNt91Y
Wrx4xX4Rif9k2vHuueeeaGRkxAGsWrVK1q1bpyJi169ffyoMPROPl7QeRIRV/QOhzD9/ZNHaT26c
293xDrUNH/rii9D7yWpFRYw4Z21UCAqj41Mnjo/WNgI8tP7BPK9llpL/iswANPNtqmpx3759V339
vq/bJQuX6PXX3xj19nbtFJHhl9jNfPCDH4xuu+02Vq5cyYoVKxryPwkwezmsuefeaNO996S/+af3
/97ug6N/PDI22QgDiuD75mRT2E5MYKxNG2GhWGwk+uiWv/xvt8L3J7OswJxZSG6ZzABEJAt8lTrw
6Jmv33333aU1a9boiRMnLODWrVsngBWRxqc+9alX9FqW3/JaERH9s6//0B4ZqTF8csI35lKf1gei
iIhNrYZhUKhW6/HShT2XfnLzf7/zDWvky/2Dg0HeY3h2kovJDCL71Q+Hhoa0t7dX2tra5L771qTr
10v9C1/4wqntzvBzvKLcMlLTISAI1JnAZNVLTuUZKqigioo6AeOctUrYtnXf+Brgy//bLixnxpOL
yQwiG6ac1aI8XV1lAbhiWV/p4ScPinUWkUBUUWMQVVER73m1ihbCgPHJmj6wcc8o/Ez1THLOcfJE
v5wX0d+/KgW49sLF37xoUeeRYrFYsFbTUwnMqljr8L2FVQIjUo9TUWfn6733BAxty30ms5RcTHJe
hIg4BtQUCvL04rntgx0tRbFOrRhzKuEvMJJ1FlYNwyCamJywV180792897+sgvVOVfPv1Swk/0/P
+TFu5EGDqhwbq35zTlsR69SI+DqOibVp6pwVFWnGnACapC48nvhueGsZmq2zhD/N/dRMFH+ljvdS
x3+5/FTnzcUk58e463CbIKKXLp1XKhUjrFMMIs452irlqLOlFJwqR+AQFRExQkvF799/di//bNKs
SSvZMsrWC6c7Dwa8+L5rVrwKON2atNnlsBmz09yneZzpvs6Q04I0vel7cx+dtt2Z13ImzX3cGeua
+5ozruNFx8jFJOfHOPT2CQVYNr877WgpOXVOxIhLFTmvt/WJN15z/h41ASJYRNWATlRj2b3nuP8V
nJ1O2CJwE6cLXjtON1xvFrhu9jOefrOuxHcutJyuS+uy7S8Euqft0zzOdCd9ymlBSjldLLu5z2pO
9wg681qa9/9CfO/mZtHuy7L30yy+3dx3er/m5jFOkYtJzo9xEzcB0N3SYqJCJOqng+NSuVWfevbI
ULEQ/ruu9jZJVGNUCIyRyWpdd+0dVYCh2TWl07QMPoTvBrgY34VwEXA7vqlYD3Advn3pq/EtTsG3
O/1VfEvT8/GdCSP8zX0z8H/ge/28JtumBFyTHSPANyp7Hb6BWTe+4+EqvACswLdWfS3+pn8jvnNh
O77J++LsOP8Z30I1xHc+/DXgVdl1uOx4N2Wvr8z+eoAbgQVM05B8ajjnx7j5Zkn7+/uDeqH+1L4j
I4+WSqXrU+scJHLVxYt+6Xd/7dpth0Yax779w/EuwBpjzMmJmvzo2Rey8Xk/s8w8UWAusAHfBOwA
/kYM8F0Jl2fbLcE3Rq/j+/Z0Z9stxouCxQtNHZiT7f/WbP/x7Dwd+F5AF+O7FXYCl+KFpmk5rMiu
Zz5QA34dL26LsnMqsAbf5bCKF5Fl+CZkl+Abnk0Cv4QXk0J2DcvxLVY78CJyO/Dvsuu0uWWS8xKo
DA0N2fO7u/d1tpef7GhrU2uFNEmcqLn6Hx/b/dzV58/5pwXzuqNaLY4LoZFDw5M8sHEPMOtiTVL8
DfoU/qZ7CH8jPgJ8C3+jHwT+MdvmYU4Pf+bhRaIP3/70B3gr4Em8GheBK4BtQIy3CP4Y30f51uz1
bXjLZAoYzI69BrgfX15mOV6Ynsj2rwKfyo7nsms8D2+l/A2wBS+GZOf4Ir6h2RrgX/BCN44PUGwm
lgan/snJeTHr2bZ3av51t7/tEufsHfuOjV9YrdddFEhwfKyWdLYUHtlzePSavUcmLlJSdU6jRb0d
jRuuWPaX37vvi0cZWCU89NBsiDdpDgUu43T/4hP4X/61+Jt8B76XcbO7YBF/Q+/E36CKF4Ix/FBn
N35Ycws+tSLB+zM24Ic4r+e0WF2SnW8/p/sr92bP+7PjfRtvESXZOTXbvwc/zFoAHMnW/XJ2fRP4
UUuCt4ym8M3jh/FCchV+ePaD7P0J4PJhTs4psoRD3b17d+83Nm35/OZdR289cPSkm6g2iAIpWlVt
DaX1jtdc9MnP3L+p5eCRY/HC3nZ3fGSqOq+7Urr5soWFjwKDq1fL2rP9Zn4+NC2MH3K6FUjTabkV
39c4xt+Y05t+NadrvzltHXjrwXF6eDKGtyoi/DBmP956GMte35k9bg6BFG/9RMBGvMDEeOtlCj+M
aXZJ3Js9bopciLeQDmbrLF4oHs/O23S83gCczB43W6layH0mOdP47Gc3h0Cy42h84Za9w699+Ik9
je72shSCIFARp865eT3tjeG49m/CQD5y/orlbxs5djyeM6enoKndapw5DEh/f/9sK0Og05ZN0Xgh
Wwo/niLxP+tG2Fx/ZNq+zYzxHuBLnLZAzLRznEmCF4XmMQ6c8dr0x83nKV40wAtVk+emHUfx/ZhD
4Olp16LNDXJyAFBVIyJOtbb43vuevu/Brccv33domNGJKYLAWGOE9pbK6Hhj6pc+8Zu/ZL628YX/
d/PufcWbLls+VjD1gfXvfVPT5J0NQ5z/FWfGa7wcpjdOaj6f3ivZvcTjlzrGS+3/r/FSx/uJ30du
meScQkSyL015/69cf+L97a1tazb80PYt6Fv+oad2HWzZc3hEysVIL1+6pPL6NSse+fSnB9+xr3hM
Prqcutz83qQ5TDq772LG8LNYZ2d+htOHRtOP+6+d48weyj8JL3W8lxKX5lDpRa/9//IU12jTku4G
AAAAAElFTkSuQmCC

--Apple-Mail=_BE84597E-BC04-4923-95E9-9FC8306A0003--

--Apple-Mail=_3D9870EF-2914-41EE-B57C-22F60E935046--

From phil.hunt@oracle.com  Wed Mar 14 16:49:22 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1671D21F87C7 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:49:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.313
X-Spam-Level: 
X-Spam-Status: No, score=-10.313 tagged_above=-999 required=5 tests=[AWL=0.286, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id or64lowP00T9 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:49:21 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id BD11221F8589 for <scim@ietf.org>; Wed, 14 Mar 2012 16:49:18 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2ENnGna004653 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 14 Mar 2012 23:49:17 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2ENnGEX009694 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Mar 2012 23:49:16 GMT
Received: from abhmt112.oracle.com (abhmt112.oracle.com [141.146.116.64]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2ENnFFs006007; Wed, 14 Mar 2012 18:49:15 -0500
Received: from [192.168.1.8] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 14 Mar 2012 16:49:15 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset=us-ascii
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com>
Date: Wed, 14 Mar 2012 16:49:19 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com>
To: Charliemortimore <charliemortimore@gmail.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
X-Auth-Type: Internal IP
X-CT-RefId: str=0001.0A090207.4F612E7D.0022,ss=1,re=0.000,fgs=0
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 23:49:22 -0000

Chuck,

Agreed. Routing shouldn't be specific. The concern is that the client =
should not have direct knowledge of internal endpoints.  In this case, I =
think the routing requirement is "logical".   Create a Mail account, =
create a CRM account, and so on.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-14, at 4:35 PM, Charliemortimore wrote:

> Hey Phil - good, thoughtful writeup.  =20
>=20
> I agree the notion of gateways/hubs are a reality.  Not yet convinced =
the client needs to ( or even should have ) knowledge/power over the =
routing decisions, at least in v1.   Look forward to discussion and =
evolving my thinking on this. =20
>=20
> - cmort
>=20
> On Mar 14, 2012, at 2:44 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
>=20
>> In previous emails, I promised more thoughts on the Gateway/targeting =
issue. In order to support the scope discussion, I put a bunch of =
thoughts together on areas the WG might consider on my blog at:
>> =
http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.=
html
>>=20
>> I'm still planning to post more info to the list on the specific =
issue of "gatewayed" provisioning (aka targeting).
>>=20
>> Phil
>>=20
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>=20
>>=20
>>=20
>>=20
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From moransar@cisco.com  Wed Mar 14 16:59:48 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 328F511E8086 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:59:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.506
X-Spam-Level: 
X-Spam-Status: No, score=-10.506 tagged_above=-999 required=5 tests=[AWL=0.093, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oHGYmuuP8TX2 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 16:59:47 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id 6F4E011E8075 for <scim@ietf.org>; Wed, 14 Mar 2012 16:59:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=966; q=dns/txt; s=iport; t=1331769587; x=1332979187; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=Dgm2Cxn3CxZvEVEOTA+PqPvLF4yiMXj7jb+vNgF48ZE=; b=Y2jGEhAcKCUBDknTfJecV4daEQQhHlevR00FeFW3kc9E/5CxnSjYAKgd gEl/EkNIgLKoWy3mjMCMyXqpYsM1/rsp0a9es/EMrgUsvQ0f/1wZtlFhw 4ztGhTI1CvKwKAhoc3YavcyMrlKSOLa+/Ufr6O2AyZbJ0K+xyfapO0lvZ s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EALowYU+tJXG9/2dsb2JhbABDti6BB4IJAQEBBAEBAQ8BHQo0CwwEAgEIEQQBAQEKBhcBBgEmHwkIAQEEARIIGodoC5sMnyQEkBxjBIhXmz+BaIME
X-IronPort-AV: E=Sophos;i="4.73,587,1325462400"; d="scan'208";a="66505420"
Received: from rcdn-core2-2.cisco.com ([173.37.113.189]) by rcdn-iport-2.cisco.com with ESMTP; 14 Mar 2012 23:59:47 +0000
Received: from xbh-rcd-102.cisco.com (xbh-rcd-102.cisco.com [72.163.62.139]) by rcdn-core2-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2ENxlHf022728;  Wed, 14 Mar 2012 23:59:47 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-102.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Wed, 14 Mar 2012 18:59:47 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 14 Mar 2012 18:59:45 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEE62E89@XMB-RCD-313.cisco.com>
In-Reply-To: <4F612668.4000403@stpeter.im>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Internet-Drafts
Thread-Index: Ac0COEM33ZbhtO0BSzKHFckulOPPKwAAJ9OA
References: <4F612433.5060503@stpeter.im><612C3B6B-4098-4951-ACD6-BEA30B492F52@unboundid.com> <4F612668.4000403@stpeter.im>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Peter Saint-Andre" <stpeter@stpeter.im>, "Trey Drake" <trey.drake@unboundid.com>
X-OriginalArrivalTime: 14 Mar 2012 23:59:47.0362 (UTC) FILETIME=[89049820:01CD023E]
Cc: scim@ietf.org
Subject: Re: [scim] Internet-Drafts
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 23:59:48 -0000

It might be useful to send a copy to the mailing list even if we can't
officially submit it.


Cheers,
Morteza

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Peter Saint-Andre
Sent: Wednesday, March 14, 2012 4:15 PM
To: Trey Drake
Cc: scim@ietf.org
Subject: Re: [scim] Internet-Drafts

On 3/14/12 5:13 PM, Trey Drake wrote:
> Peter,
>=20
> It was on my todo list though I was under the impression changes to
the existing specs were required. Given that's not the case I'll submit
the core schema and protocol specs today "as is".

Hi Trey,

That's great. You won't be able to submit them until March 26th, so you
have time to fix up a few things if you please, but don't feel that it's
necessary. :)

Peter

--
Peter Saint-Andre
https://stpeter.im/


_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From phil.hunt@oracle.com  Wed Mar 14 17:02:09 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B7B811E8086 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 17:02:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.203
X-Spam-Level: 
X-Spam-Status: No, score=-9.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fDVQEJmam-SQ for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 17:02:09 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id EA88E11E8075 for <scim@ietf.org>; Wed, 14 Mar 2012 17:02:08 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2F026KO016538 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 00:02:07 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2F025CS029614 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Mar 2012 00:02:06 GMT
Received: from abhmt119.oracle.com (abhmt119.oracle.com [141.146.116.71]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2F025EF001299; Wed, 14 Mar 2012 19:02:05 -0500
Received: from [25.70.227.15] (/74.198.150.143) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 14 Mar 2012 17:02:04 -0700
References: <4F612433.5060503@stpeter.im> <612C3B6B-4098-4951-ACD6-BEA30B492F52@unboundid.com> <4F612668.4000403@stpeter.im> <93C6FB63F046384C86EC8F7F3FFEC7BEE62E89@XMB-RCD-313.cisco.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEE62E89@XMB-RCD-313.cisco.com>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Message-Id: <2C17AE04-0F43-4A23-A8A2-3EE4D297FA2A@oracle.com>
X-Mailer: iPhone Mail (9B179)
From: Phil Hunt <phil.hunt@oracle.com>
Date: Wed, 14 Mar 2012 17:02:01 -0700
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
X-CT-RefId: str=0001.0A020205.4F613180.002D,ss=1,re=0.000,fgs=0
Cc: "scim@ietf.org" <scim@ietf.org>, Trey Drake <trey.drake@unboundid.com>, Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Internet-Drafts
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 00:02:09 -0000

It needs to be officially submitted. Yesterday if possible. =20

Phil

On 2012-03-14, at 16:59, "Morteza Ansari (moransar)" <moransar@cisco.com> wr=
ote:

> It might be useful to send a copy to the mailing list even if we can't
> officially submit it.
>=20
>=20
> Cheers,
> Morteza
>=20
> -----Original Message-----
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
> Peter Saint-Andre
> Sent: Wednesday, March 14, 2012 4:15 PM
> To: Trey Drake
> Cc: scim@ietf.org
> Subject: Re: [scim] Internet-Drafts
>=20
> On 3/14/12 5:13 PM, Trey Drake wrote:
>> Peter,
>>=20
>> It was on my todo list though I was under the impression changes to
> the existing specs were required. Given that's not the case I'll submit
> the core schema and protocol specs today "as is".
>=20
> Hi Trey,
>=20
> That's great. You won't be able to submit them until March 26th, so you
> have time to fix up a few things if you please, but don't feel that it's
> necessary. :)
>=20
> Peter
>=20
> --
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From stpeter@stpeter.im  Wed Mar 14 17:06:38 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D9BB11E8086 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 17:06:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.641
X-Spam-Level: 
X-Spam-Status: No, score=-102.641 tagged_above=-999 required=5 tests=[AWL=-0.042, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ITalTGvRjb8F for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 17:06:37 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id AD99711E8075 for <scim@ietf.org>; Wed, 14 Mar 2012 17:06:37 -0700 (PDT)
Received: from squire.local (unknown [72.163.0.129]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id A0A6640058; Wed, 14 Mar 2012 18:19:00 -0600 (MDT)
Message-ID: <4F61328C.9090202@stpeter.im>
Date: Wed, 14 Mar 2012 18:06:36 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <4F612433.5060503@stpeter.im> <612C3B6B-4098-4951-ACD6-BEA30B492F52@unboundid.com> <4F612668.4000403@stpeter.im> <93C6FB63F046384C86EC8F7F3FFEC7BEE62E89@XMB-RCD-313.cisco.com> <2C17AE04-0F43-4A23-A8A2-3EE4D297FA2A@oracle.com>
In-Reply-To: <2C17AE04-0F43-4A23-A8A2-3EE4D297FA2A@oracle.com>
X-Enigmail-Version: 1.3.5
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>, Trey Drake <trey.drake@unboundid.com>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Internet-Drafts
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 00:06:38 -0000

On 3/14/12 6:02 PM, Phil Hunt wrote:
> It needs to be officially submitted. Yesterday if possible.  

As noted, the submission window won't open again until March 26.
Naturally, someone could post an entire Internet-Draft as a big message
to an IETF mailing list, although that is slightly unorthodox. :) If the
authors would like to do that as a stopgap measure, I can approve the
messages (if they are larger than the message limit).

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From moransar@cisco.com  Wed Mar 14 20:24:11 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60C0321F8600 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 20:24:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.512
X-Spam-Level: 
X-Spam-Status: No, score=-10.512 tagged_above=-999 required=5 tests=[AWL=0.086, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AAv2J05HXjrS for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 20:24:09 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) by ietfa.amsl.com (Postfix) with ESMTP id 4F1CB21F85FC for <scim@ietf.org>; Wed, 14 Mar 2012 20:24:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=9177; q=dns/txt; s=iport; t=1331781849; x=1332991449; h=mime-version:subject:date:message-id:from:to; bh=FwkDUobEqgFp2uFZlN0beW2qNEbVPd+7GOGHGAtKwgE=; b=T1iutEOcrYI7ABxrTAyrtvqe/Y4s/HCwntk8ZoT5oo3U1bZQAArVohA+ 8UOfFFUpzHOlwWGCvkkgKTJzz+HqmMVgtz4ufoCySy47fnnc3EetBnfy7 4wvD4s8i6Zj6DQnugCUNHEIHM0mWwUTtxQhbZ4RXGNPeAO2iuFStFfHZO o=;
X-Files: charter4.txt : 4380
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFANpfYU+tJXG9/2dsb2JhbAA5AQmCRbNzgQeCCwEEAQEBDwEJEQM8Ah0BDB4CBAUTBwElMQEEEQIIARmHaAuZeYEnnzCKMAEIgxiCS2MEiFeGDYEglBaBaIMEIIEe
X-IronPort-AV: E=Sophos;i="4.73,588,1325462400";  d="txt'?scan'208,217";a="66569401"
Received: from rcdn-core2-2.cisco.com ([173.37.113.189]) by rcdn-iport-3.cisco.com with ESMTP; 15 Mar 2012 03:24:09 +0000
Received: from xbh-rcd-101.cisco.com (xbh-rcd-101.cisco.com [72.163.62.138]) by rcdn-core2-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2F3O82Y007133 for <scim@ietf.org>; Thu, 15 Mar 2012 03:24:08 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-101.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Wed, 14 Mar 2012 22:24:09 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01CD025B.158B1DB2"
Date: Wed, 14 Mar 2012 22:24:07 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Draft charter - v4
Thread-Index: Ac0CWhQJYmaeSW1JQjC4xnekwjr/YA==
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: <scim@ietf.org>
X-OriginalArrivalTime: 15 Mar 2012 03:24:09.0182 (UTC) FILETIME=[15A1D7E0:01CD025B]
Subject: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 03:24:11 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD025B.158B1DB2
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_002_01CD025B.158B1DB2"


------_=_NextPart_002_01CD025B.158B1DB2
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Trey, Kelly, and I huddled over for a few minutes today and added some
text to the version Eliot sent out yesterday.  We tried to address the
questions Eliot raised and remove some of the ambiguous text based on
the email discussions.  Please review and send your comments/feedback.

=20

=20

Cheers,

Morteza


------_=_NextPart_002_01CD025B.158B1DB2
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal>Trey, =
Kelly, and I huddled over for a few minutes today and added some text to =
the version Eliot sent out yesterday.&nbsp; We tried to address the =
questions Eliot raised and remove some of the ambiguous text based on =
the email discussions.&nbsp; Please review and send your =
comments/feedback.<o:p></o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal>Cheers,<o:p></o:p></p><p =
class=3DMsoNormal>Morteza<o:p></o:p></p></div></body></html>
------_=_NextPart_002_01CD025B.158B1DB2--

------_=_NextPart_001_01CD025B.158B1DB2
Content-Type: text/plain;
	name="charter4.txt"
Content-Transfer-Encoding: base64
Content-Description: charter4.txt
Content-Disposition: attachment;
	filename="charter4.txt"

U2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pCkNoYWlyKHMpOiBUQkQgCkFw
cGxpY2F0aW9ucyBBcmVhIERpcmVjdG9yKHMpOgogICAgIFBldGUgUmVzbmljayA8cHJlc25pY2tA
cXVhbGNvbW0uY29tPiAKICAgICBCYXJyeSBMaWViYSA8Pz8/PiAKTWFpbGluZyBMaXN0czoKICAg
ICBHZW5lcmFsIERpc2N1c3Npb246IHNjaW1AaWV0Zi5vcmcKICAgICBUbyBTdWJzY3JpYmU6IGh0
dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbQogICAgIEFyY2hpdmU6IGh0
dHA6Ly93d3cuaWV0Zi5vcmcvbWFpbC1hcmNoaXZlL3dlYi9zY2ltL2N1cnJlbnQvbWFpbGxpc3Qu
aHRtbAogCkRlc2NyaXB0aW9uIG9mIFdvcmtpbmcgR3JvdXA6ClRoZSBTaW1wbGUgQ2xvdWQgSWRl
bnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0byAKc2lt
cGxpZnkgdXNlciBpZGVudGl0eSBtYW5hZ2VtZW50IGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9u
cyBieSBkZWZpbmluZwpzdGFuZGFyZCBwcm90b2NvbHMgYW5kIHNjaGVtYXMgZm9yIGNyZWF0aW5n
LCByZWFkaW5nL3NlYXJjaGluZywgdXBkYXRpbmcsCmFuZCBkZWxldGluZyB1c2VyIGlkZW50aXRp
ZXMgYW5kIGlkZW50aXR5LXJlbGF0ZWQgb2JqZWN0cy4KClRvZGF5LCBkaXN0cmlidXRlZCBpZGVu
dGl0eSBtYW5hZ2VtZW50IGluIHRoZSBjbG91ZCBpcyBjb21wbGljYXRlZCBieSBhIGxhY2sKb2Yg
cHJvdG9jb2wgYW5kIHNjaGVtYSBzdGFuZGFyZGl6YXRpb24gYmV0d2VlbiBpZGVudGl0eSBjb25z
dW1lcnMgYW5kCnByb2R1Y2Vycy4gVGhpcyBsZWFkcyB0byBvcmdhbml6YXRpb25zIG5lZWRpbmcg
bXVsdGlwbGUgY2xvdWQgc2VydmljZXMgdG8KYnVpbGQgY29ubmVjdG9ycyB1c2luZyBlYWNoIHZl
bmRvcidzIHByb3ByaWV0YXJ5IHNjaGVtYSBhbmQgcHJvdG9jb2wuIEV4aXN0aW5nCnN0YW5kYXJk
cyBpbiB0aGlzIHNwYWNlIHN1Y2ggYXMgU1BNTCBoYXZlIG5vdCBnYWluZWQgdHJhY3Rpb24gZHVl
LCBpbiBwYXJ0LAp0byBjb21wbGV4aXR5IGFuZCBhYnNlbmNlIG9mIGEgY29tbW9uIHNjaGVtYS4g
QmV5b25kIHByb3Zpc2lvbmluZyBpZGVudGl0aWVzCmJldHdlZW4gb3JnYW5pemF0aW9ucyBhbmQg
dmVuZG9ycywgY3Jvc3MgcHJvdmlzaW9uaW5nIGJldHdlZW4gdmVuZG9ycyBpcyBhbHNvCmEgbWFq
b3IgZHJpdmVyIGZvciBzdGFuZGFyZGl6aW5nIGEgY29yZSBpZGVudGl0eSBtYW5hZ2VtZW50IHNj
aGVtYSBhbmQKcHJvdG9jb2wuICAKClRoZSBTQ0lNIHdvcmtpbmcgZ3JvdXAgd2lsbCBkZXZlbG9w
IHRoZSBjb3JlIHNjaGVtYSBhbmQgcHJvdG9jb2xzIHRvIGFkZHJlc3MKdGhlc2UgcHJvYmxlbXMu
IEluaXRpYWxseSwgdGhlIFdHIHdpbGwgZm9jdXMgb24gYSBzY2hlbWEgZGVmaW5pdGlvbiBhbmQK
cHJvdG9jb2wgZm9yIENSVUQgKENyZWF0ZSwgUmVhZC9zZWFyY2gsIFVwZGF0ZSwgRGVsZXRlKSBh
bmQgYnVsayBvcGVyYXRpb25zLgpUaGUgV0cgd2lsbCBjb250aW51ZSB3aXRoIGJpbmRpbmdzIHRv
IGV4aXN0aW5nIGlkZW50aXR5IHN0YW5kYXJkcyBzdWNoIGFzCkxEQVAgYW5kIFNBTUwgMi4wLiBT
Q0lNIGZvY3VzZXMgb24gdGhlIGNhc2Ugd2hlcmUgYW4gb3JnYW5pemF0aW9uJ3MgTERBUApzZXJ2
aWNlIG1heSBub3QgYmUgYXZhaWxhYmxlIHRvIHRoZSBwcm92aWRlciwgYW5kIFNBTUwgY2Fubm90
IHByb3ZpZGUKc3VmZmljaWVudCBjb250ZXh0IGZvciB0aGUgc2VydmljZS4gIEZvciBleGFtcGxl
LCBwcm92aXNpb25pbmcgb2YgYSB1c2VyJ3MKZW1haWwgYWNjb3VudCBzbyB0aGF0IGl0IGNhbiBy
ZWNlaXZlIG1haWwgYmVmb3JlIHRoZSBwZXJzb24gaGFzIGZpcnN0CmxvZ2dlZCBpbi4KCkluIGFk
ZGl0aW9uLCB0aGUgd29ya2luZyBncm91cCB3aWxsIGRlZmluZSBob3cgZXh0ZW5zaW9ucyB0byB0
aGUgc2NoZW1hCmFuZCBjb3JlIHByb3RvY29sIGNhbiBiZSBkZXZlbG9wZWQuCgpUaGUgc3BlY2lm
aWNhdGlvbiBzdWl0ZSBzZWVrcyB0byBidWlsZCB1cG9uIGV4cGVyaWVuY2Ugd2l0aCBleGlzdGlu
ZyBzY2hlbWFzCmFuZCBkZXBsb3ltZW50cywgcGxhY2luZyBzcGVjaWZpYyBlbXBoYXNpcyBvbiBz
aW1wbGljaXR5IG9mIGRldmVsb3BtZW50CmFuZCBpbnRlZ3JhdGlvbiwgd2hpbGUgYXBwbHlpbmcg
ZXhpc3RpbmcgYXV0aGVudGljYXRpb24sIGF1dGhvcml6YXRpb24sCmFuZCBwcml2YWN5IG1vZGVs
cy4gSXRzIGludGVudCBpcyB0byByZWR1Y2UgdGhlIGNvc3QgYW5kIGNvbXBsZXhpdHkgb2YgdXNl
cgptYW5hZ2VtZW50IGJ5IHByb3ZpZGluZyBhIGNvbW1vbiwgZXh0ZW5zaWJsZSB1c2VyIHNjaGVt
YSwgYXMgd2VsbCBhcyBiaW5kaW5nCmRvY3VtZW50cyB0aGF0IHByb3ZpZGUgcGF0dGVybnMgZm9y
IGV4Y2hhbmdpbmcgdGhlIHNjaGVtYSB1c2luZyBzdGFuZGFyZApwcm90b2NvbHMuIEluIGFkZGl0
aW9uLCB0aGUgd29ya2luZyBncm91cCBtYXkgY29uc2lkZXIgaW5jbHVzaW9uIG9mIGRldmljZQpp
ZGVudGl0aWVzIGFzIHBhcnQgb2YgdGhlIHdvcmsgYWRvcHRlZCBieSB0aGUgd29ya2luZyBncm91
cC4gIFRoZSBncm91cAp3aWxsIHVzZSwgYXMgc3RhcnRpbmcgcG9pbnRzLCB0aGUgZm9sbG93aW5n
IGRyYWZ0cyBpbiB0aGUgZm9sbG93aW5nIHdheXM6CgogICAgIGRyYWZ0LVhYWC1zY2ltLXNjaGVt
YS0wMCBhcyB0aGUgc2NoZW1hIHNwZWNpZmljYXRpb24sCiAgICAgZHJhZnQtWFhYLXNjaW0tcHJv
dG9jb2wtZGVmaW5pdGlvbi0wMCBhcyB0aGUgcHJvdG9jb2wgc3BlY2lmaWNhdGlvbiwKICAgICBk
cmFmdC1YWFgtc2NpbS1zYW1sLWJpbmRpbmctMDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1h
IHRvIFNBTUwsIGFuZAogICAgIGRyYWZ0LVhYWC1zY2ltLWxkYXAtYmluZGluZy0wMCBmb3IgYmlu
ZGluZyB0aGUgU0NJTSBzY2hlbWEgdG8gTERBUC4KClRoZXNlIGRyYWZ0cyBhcmUgYmFzZWQgb24g
ZXhpc3Rpbmcgc3BlY2lmaWNhdGlvbnMsIHdoaWNoIHRvZ2V0aGVyIGFyZSBjb21tb25seQprbm93
biBhcyBTQ0lNIDEuMC4gIEFzIHN1Y2gsIGNvbnNpZGVyYXRpb24gc2hvdWxkIGJlIGdpdmVuIGZv
ciBiYWNrd2FyZApjb21wYXRpYmlsaXR5IGFzIHRoZSBncm91cCBldm9sdmVzIHRoZSB3b3JrLiAg
VGhpcyBncm91cCB3aWxsIGNvbnNpZGVyLApmb3IgYW5kIGZvcmVtb3N0LCB0aGUgb3BlcmF0aW9u
YWwgZXhwZXJpZW5jZSBnYXRoZXJlZCBmcm9tIHRoZSBleGlzdGluZyB3b3JrLgpUaGUgZ3JvdXAg
d2lsbCBhbHNvIGNvbnNpZGVyIGV4cGVyaWVuY2VzIHdpdGggd29yayBkb25lIGJ5IG90aGVyIGJv
ZGllcywKaW5jbHVkaW5nIHRoZSBPQVNJUyBQcm92aXNpb25pbmcgVEMuCgpUaGUgZ3JvdXAgd2ls
bCBwcm9kdWNlIFByb3Bvc2VkIFN0YW5kYXJkcyBmb3IgYSBzY2hlbWEsIGEgcHJvdG9jb2wsIGEg
U0FNTApiaW5kaW5nLCBhbmQgYW4gTERBUCBiaW5kaW5nLiAgSW4gZG9pbmcgc28sIHRoZSBncm91
cCB3aWxsIG1ha2UgY29uc2lzdGVudAp0aGUgdGVybWlub2xvZ3ksIHJldmlldyBhbmQgaW1wcm92
ZSBzZWN1cml0eSBvZiB0aGUgb3ZlcmFsbCBzeXN0ZW0sCmlkZW50aWZ5IGFueSBmdW5jdGlvbmFs
IGdhcHMgdGhhdCB3b3VsZCBiZSB1c2VmdWwgZm9yIGZ1dHVyZSB3b3JrLCBhZGRyZXNzCmludGVy
bmF0aW9uYWxpemF0aW9uLCBhbmQgcHJvdmlkZSBndWlkZWxpbmVzIGZvciBleHRlbnNpYmlsaXR5
IChlaXRoZXIKdGhyb3VnaCBJQU5BIHJlZ2lzdHJpZXMgb3Igb3RoZXIgbWVhbnMpLiAgCgpUaGUg
Z3JvdXAgY29uc2lkZXJzIHRoZSBmb2xsb3dpbmcgb3V0IG9mIHNjb3BlIGZvciB0aGlzIGdyb3Vw
OgogICAgIERlZmluaW5nIG5ldyBhdXRoZW50aWNhdGlvbiBzY2hlbWVzCiAgICAgRGVmaW5pbmcg
bmV3IHBvbGljeS9hdXRob3JpemF0aW9uIHNjaGVtZXMKICAgICBEZWZpbmluZyBob3cgU0NJTSBp
bXBsZW1lbnRhdGlvbnMgZGVmaW5lIGFuZCBpbXBsZW1lbnQgYXV0aG9yaXphdGlvbgoKTWlsZXN0
b25lcwoKNS8yMDEyICAgIEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSBjb3JlIHNjaGVtYQo1LzIw
MTIgICAgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNlIGRyYWZ0CjUv
MjAxMiAgICBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0gU0FNTCBiaW5kaW5ncyBkcmFmdAo1LzIw
MTIgICAgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIExEQVAgbWFwcGluZyBkcmFmdAo5LzIwMTIg
ICAgV0dMQyBTQ0lNIGNvcmUgc2NoZW1hCjkvMjAxMiAgICBXR0xDIFNDSU0gcmVzdGZ1bCBpbnRl
cmZhY2UKOS8yMDEyICAgIFdHTEMgU0NJTSBTQU1MIGJpbmRpbmdzCjkvMjAxMiAgICBXR0xDIFND
SU0gTERBUCBtYXBwaW5nCjMvMjAxMyAgICBSZS1jaGFydGVyIGRpc2N1c3Npb24K

------_=_NextPart_001_01CD025B.158B1DB2--

From lear@cisco.com  Wed Mar 14 23:52:39 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E38E511E80A2 for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 23:52:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.56
X-Spam-Level: 
X-Spam-Status: No, score=-110.56 tagged_above=-999 required=5 tests=[AWL=0.039, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zkdYXx24E8MH for <scim@ietfa.amsl.com>; Wed, 14 Mar 2012 23:52:39 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id 0CB0011E8093 for <scim@ietf.org>; Wed, 14 Mar 2012 23:52:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=227; q=dns/txt; s=iport; t=1331794359; x=1333003959; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=K7iK+22jteYkshQ6VzBWf2zBRUNkQLrcvXc80sJTqtY=; b=NcAK+mCWtP6Ymg888iwVFXwbymRW1QpDU0wrDlp90wTrEeZIco3bvps1 TKUUBOR6P4+4tqOAApwoS/nRvy2TCbeoj1Et41ylVHA8kD9wkdQSccIUt WoHaDhmP0XBjOApHJTscqYJ1yvLMXRPvaXeeH7OTBSwGQI8nbvdUM7geu E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AlITAHaRYU+Q/khL/2dsb2JhbABDhUWvawQDgQuBB4IKAQEEEgEQVQEQCxoCBRYLAgIJAwIBAgFFBg0BBwEBHodonHCNBIpKgS+OOoEWBJVYjkKBaIJn
X-IronPort-AV: E=Sophos;i="4.73,588,1325462400"; d="scan'208";a="132367517"
Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-1.cisco.com with ESMTP; 15 Mar 2012 06:52:15 +0000
Received: from dhcp-10-55-82-125.cisco.com (dhcp-10-55-82-125.cisco.com [10.55.82.125]) by ams-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2F6qEF9028158; Thu, 15 Mar 2012 06:52:14 GMT
Message-ID: <4F6191A2.6040902@cisco.com>
Date: Thu, 15 Mar 2012 07:52:18 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com> <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com>
In-Reply-To: <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 06:52:40 -0000

Phil,

The chairs would like to add you to the agenda for a brief presentation
on this, based on BoF interest.  Again, please focus your presentation
on how you would scope the WG's work.  Plan for 10-15 minutes.

Eliot

From stephen.farrell@cs.tcd.ie  Thu Mar 15 05:14:24 2012
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BBB121F86AD for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 05:14:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level: 
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zKWrkcsazgIM for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 05:14:23 -0700 (PDT)
Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id E48F321F86A8 for <scim@ietf.org>; Thu, 15 Mar 2012 05:14:22 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 0E4F715829C; Thu, 15 Mar 2012 12:14:22 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1331813660; bh=tIXTtB99DDLpp3 //klqHGUpz/p9AdHVWT+8b4NgdCuE=; b=1fhwaJ0ZYt76C4Ds+e4gVfNF1a1Md5 2ldVXkbWx8XJEJHMA/Fq1v1A0OYzpstoGxwBqSUrN9Y/XGj15g9tOLzHPfhxES9Q G5NS30K9SWW3BJ95dwkgUzpFF0eeN8xwxla5d0LZERTFX7GmHufUtQm4dH5mRxbX MqiNVDMgfA4VgskQCT7rQILBaFcLkyB7H1SGekimuzQ/TbLIosryP5AwdoodsW/1 gjtUFqFbsL2cHX4Xc4n9xURwLFMy5md5/i1EhRRTMKvod8b/kD8/pJpfUsvhPsde bH5ZeZKuT5KNmiSIgck5SrCZI3hnCUX5DTQ/YzztpWCg4/i8Ccx1odCQ==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id CkOV1DtElHPF; Thu, 15 Mar 2012 12:14:20 +0000 (GMT)
Received: from [10.87.48.7] (unknown [86.41.14.101]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id EC1CB1582BD; Thu, 15 Mar 2012 12:04:32 +0000 (GMT)
Message-ID: <4F61BFBF.7090408@cs.tcd.ie>
Date: Thu, 15 Mar 2012 10:09:03 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: scim@ietf.org
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 12:14:24 -0000

On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
> Trey, Kelly, and I huddled over for a few minutes today and added some
> text to the version Eliot sent out yesterday.  We tried to address the
> questions Eliot raised and remove some of the ambiguous text based on
> the email discussions.  Please review and send your comments/feedback.

Your proposal says:


"The group considers the following out of scope for this group:
      Defining new authentication schemes
      Defining new policy/authorization schemes
      Defining how SCIM implementations define and implement
        authorization"

The first two are fine, and entirely sensible. I don't
get the 3rd.

scim will presumably define some messages that can be sent,
e.g.:

   Alice->Bob: Here's Charlie's new password

I don't see how you'll be secure if anyone that's
authenticated can reset Charlie's password, so some
authorization is clearly needed.

I don't see how you'll get interop if Alice and Bob
don't have a common way to determine that Alice is ok
to reset Charlie's password.

What's the reason to try leave authorization for such
scim messages out of scope?

S

From michael.brenner@alcatel-lucent.com  Thu Mar 15 06:05:17 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2134221F86EC for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:05:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level: 
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[AWL=1.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AwGAVx2yHv3u for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:05:16 -0700 (PDT)
Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by ietfa.amsl.com (Postfix) with ESMTP id 864A821F86AB for <scim@ietf.org>; Thu, 15 Mar 2012 06:05:16 -0700 (PDT)
Received: from usnavsmail2.ndc.alcatel-lucent.com (usnavsmail2.ndc.alcatel-lucent.com [135.3.39.10]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id q2FD5Ca2020593 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 08:05:12 -0500 (CDT)
Received: from USNAVSXCHHUB03.ndc.alcatel-lucent.com (usnavsxchhub03.ndc.alcatel-lucent.com [135.3.39.112]) by usnavsmail2.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FCtLjG008342 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 08:05:12 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB03.ndc.alcatel-lucent.com ([135.3.39.112]) with mapi; Thu, 15 Mar 2012 08:05:04 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "Morteza Ansari (moransar)" <moransar@cisco.com>
Date: Thu, 15 Mar 2012 08:05:03 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0CpSuaw4OdwzB0RvWuvgqhnFPlWQABeLww
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie>
In-Reply-To: <4F61BFBF.7090408@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.10
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 13:05:17 -0000

The way I understood the proposed scope is that SCIM WG itself will not pro=
vide deliverables that recommend specific IMPLEMENTATIONS for authorization=
. I did not understand it as "it's not necessary or important", rather that=
 it is the scope of other groups.

Not sure if anything is needed, but if so - we could consider adding: "... =
while not preventing the use of different authorization mechanisms". This w=
ill raise the awareness to ensure that was is specified works in conjunctio=
n with OAuth and/or other mechanisms.

Michael=20

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Ste=
phen Farrell
Sent: Thursday, March 15, 2012 6:09 AM
To: Morteza Ansari (moransar)
Cc: scim@ietf.org
Subject: Re: [scim] Draft charter - v4



On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
> Trey, Kelly, and I huddled over for a few minutes today and added some
> text to the version Eliot sent out yesterday.  We tried to address the
> questions Eliot raised and remove some of the ambiguous text based on
> the email discussions.  Please review and send your comments/feedback.

Your proposal says:


"The group considers the following out of scope for this group:
      Defining new authentication schemes
      Defining new policy/authorization schemes
      Defining how SCIM implementations define and implement
        authorization"

The first two are fine, and entirely sensible. I don't
get the 3rd.

scim will presumably define some messages that can be sent,
e.g.:

   Alice->Bob: Here's Charlie's new password

I don't see how you'll be secure if anyone that's
authenticated can reset Charlie's password, so some
authorization is clearly needed.

I don't see how you'll get interop if Alice and Bob
don't have a common way to determine that Alice is ok
to reset Charlie's password.

What's the reason to try leave authorization for such
scim messages out of scope?

S
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From stephen.farrell@cs.tcd.ie  Thu Mar 15 06:10:54 2012
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C51F621F8539 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:10:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level: 
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rh5Sy3fYHr53 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:10:54 -0700 (PDT)
Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id BFA3921F8531 for <scim@ietf.org>; Thu, 15 Mar 2012 06:10:53 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 352CD171C8B; Thu, 15 Mar 2012 13:10:53 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1331817052; bh=t5n7bN79yliQwx Gy34+1/8AN1d7fdcLan4iX5Wtdj1w=; b=Wke+BccJh0jy4WUlg7laCEAapooqf3 qnVgW4Da5WpzDye1aLNRGu5uGQJnj+3/b9cpLOLMqGMMaSOlddNSF70t7MfuMm6Q 4BkZrkZH6J8rHRfzT0eI5QQXH+wDqvw1ImnCT1FmvS4x/TZduCFQYj/9ZduWsIrz Rqk1+YTv3ghbuNDTHEAyEm+IMmAQ0VcuSApTNHIph0hPK0dpSmbS7Jgdv/ngaeuT xeTVR8kkc7n/0e35Z4WMyym3Fz8XCOiLmmauS0ZsW1R/YSarYBISfhLquYWySMOZ 2nVme3Jj0+fn+ZnsvObl3KpI3iRSIRzFF+phCJBAyzE3KvplcxPZqtrw==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id h1zFVJantJvA; Thu, 15 Mar 2012 13:10:52 +0000 (GMT)
Received: from [10.87.48.7] (unknown [86.41.14.101]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 76926171C3E; Thu, 15 Mar 2012 13:10:51 +0000 (GMT)
Message-ID: <4F61EA5B.70207@cs.tcd.ie>
Date: Thu, 15 Mar 2012 13:10:51 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 13:10:54 -0000

I'm not sure what exactly you mean by implementation.

RFCs of course don't provide code for stuff like this.

But to get interop, both sides need to (be able to)
use the same thing. So RFCs do usually specify a "MUST
implement" set of features for stuff like this.

If one did OAuth and one kerberos then that'd not work.
(In either case there'd likely be work to say just how
to use the underlying scheme.)

Seems to me this wg would need to pick something here
and maybe do some profiling, so that authorization
decisions can be made in a secure and interoperable
manner.

S

On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
> The way I understood the proposed scope is that SCIM WG itself will not provide deliverables that recommend specific IMPLEMENTATIONS for authorization. I did not understand it as "it's not necessary or important", rather that it is the scope of other groups.
>
> Not sure if anything is needed, but if so - we could consider adding: "... while not preventing the use of different authorization mechanisms". This will raise the awareness to ensure that was is specified works in conjunction with OAuth and/or other mechanisms.
>
> Michael
>
> -----Original Message-----
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Stephen Farrell
> Sent: Thursday, March 15, 2012 6:09 AM
> To: Morteza Ansari (moransar)
> Cc: scim@ietf.org
> Subject: Re: [scim] Draft charter - v4
>
>
>
> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>> Trey, Kelly, and I huddled over for a few minutes today and added some
>> text to the version Eliot sent out yesterday.  We tried to address the
>> questions Eliot raised and remove some of the ambiguous text based on
>> the email discussions.  Please review and send your comments/feedback.
>
> Your proposal says:
>
>
> "The group considers the following out of scope for this group:
>        Defining new authentication schemes
>        Defining new policy/authorization schemes
>        Defining how SCIM implementations define and implement
>          authorization"
>
> The first two are fine, and entirely sensible. I don't
> get the 3rd.
>
> scim will presumably define some messages that can be sent,
> e.g.:
>
>     Alice->Bob: Here's Charlie's new password
>
> I don't see how you'll be secure if anyone that's
> authenticated can reset Charlie's password, so some
> authorization is clearly needed.
>
> I don't see how you'll get interop if Alice and Bob
> don't have a common way to determine that Alice is ok
> to reset Charlie's password.
>
> What's the reason to try leave authorization for such
> scim messages out of scope?
>
> S
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From michael.brenner@alcatel-lucent.com  Thu Mar 15 06:21:38 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0B0E21F85EC for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:21:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.932
X-Spam-Level: 
X-Spam-Status: No, score=-9.932 tagged_above=-999 required=5 tests=[AWL=0.667,  BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T36xwqJOLFw7 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:21:38 -0700 (PDT)
Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by ietfa.amsl.com (Postfix) with ESMTP id F097521F85DB for <scim@ietf.org>; Thu, 15 Mar 2012 06:21:37 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id q2FDLXWX027304 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 08:21:34 -0500 (CDT)
Received: from USNAVSXCHHUB02.ndc.alcatel-lucent.com (usnavsxchhub02.ndc.alcatel-lucent.com [135.3.39.111]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FDLMJm023240 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 08:21:33 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB02.ndc.alcatel-lucent.com ([135.3.39.111]) with mapi; Thu, 15 Mar 2012 08:21:24 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Thu, 15 Mar 2012 08:21:23 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0CrRHnw28PuzTsRWGFxabCbsw73QAAHRCA
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie>
In-Reply-To: <4F61EA5B.70207@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 13:21:39 -0000

Stephen,

When using "implementations" in my suggestion I was referring to the wordin=
g in point 3 that you had an issue with: "Defining how SCIM implementations=
 define and implement authorization".

In the current SCIM specs, the wording is consistent with what I suggested =
(although I don't think it is strictly necessary to add anything, as mentio=
ned in my previous message). Section 2. Authentication and Authorization st=
ates make a series of recommendations, among others a strong recommendation=
 for support for OAuth 2 Bearer Token, but the recommendations are intended=
 to the IMPLEMENTERS (to support existing authentication/authorization sche=
mes, among them OAuth 2). However they stop short of mandating any authenti=
cation/authorization scheme, which I think is the right approach.

Michael
-----Original Message-----
From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]=20
Sent: Thursday, March 15, 2012 9:11 AM
To: Brenner, Michael Ralf (Michael)
Cc: Morteza Ansari (moransar); scim@ietf.org
Subject: Re: [scim] Draft charter - v4


I'm not sure what exactly you mean by implementation.

RFCs of course don't provide code for stuff like this.

But to get interop, both sides need to (be able to)
use the same thing. So RFCs do usually specify a "MUST
implement" set of features for stuff like this.

If one did OAuth and one kerberos then that'd not work.
(In either case there'd likely be work to say just how
to use the underlying scheme.)

Seems to me this wg would need to pick something here
and maybe do some profiling, so that authorization
decisions can be made in a secure and interoperable
manner.

S

On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
> The way I understood the proposed scope is that SCIM WG itself will not p=
rovide deliverables that recommend specific IMPLEMENTATIONS for authorizati=
on. I did not understand it as "it's not necessary or important", rather th=
at it is the scope of other groups.
>
> Not sure if anything is needed, but if so - we could consider adding: "..=
. while not preventing the use of different authorization mechanisms". This=
 will raise the awareness to ensure that was is specified works in conjunct=
ion with OAuth and/or other mechanisms.
>
> Michael
>
> -----Original Message-----
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of S=
tephen Farrell
> Sent: Thursday, March 15, 2012 6:09 AM
> To: Morteza Ansari (moransar)
> Cc: scim@ietf.org
> Subject: Re: [scim] Draft charter - v4
>
>
>
> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>> Trey, Kelly, and I huddled over for a few minutes today and added some
>> text to the version Eliot sent out yesterday.  We tried to address the
>> questions Eliot raised and remove some of the ambiguous text based on
>> the email discussions.  Please review and send your comments/feedback.
>
> Your proposal says:
>
>
> "The group considers the following out of scope for this group:
>        Defining new authentication schemes
>        Defining new policy/authorization schemes
>        Defining how SCIM implementations define and implement
>          authorization"
>
> The first two are fine, and entirely sensible. I don't
> get the 3rd.
>
> scim will presumably define some messages that can be sent,
> e.g.:
>
>     Alice->Bob: Here's Charlie's new password
>
> I don't see how you'll be secure if anyone that's
> authenticated can reset Charlie's password, so some
> authorization is clearly needed.
>
> I don't see how you'll get interop if Alice and Bob
> don't have a common way to determine that Alice is ok
> to reset Charlie's password.
>
> What's the reason to try leave authorization for such
> scim messages out of scope?
>
> S
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From stephen.farrell@cs.tcd.ie  Thu Mar 15 06:30:49 2012
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 303AC21F8617 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:30:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level: 
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TaZoQmdesyRn for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:30:48 -0700 (PDT)
Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 29FD821F8512 for <scim@ietf.org>; Thu, 15 Mar 2012 06:30:48 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 83B49171C8B; Thu, 15 Mar 2012 13:30:47 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1331818246; bh=5UToydiAPJjVNW mb8Rzc/uYTCO7joW2xMss7Kgk64i0=; b=ONIohMYHZ0r9P0aCg4MSIQxo5Liwpk xhJ8BK1womnBg5ADPxXsaG1keMZ4ITQWOKzRfDDkKUaKz1NpRCIacfHfdf2KUvD0 KOpE2Ceq35w78tyXwwSBYSUQGU5uG7L9gomCPtA65FaJUh+ypmtXjQnuVZMufKkm iIAP/qunHmt96EWNQheCUuI3A5RlJs1mHHIm47zv7YkNKVqdUC2jftD2jIzSP+YM jRRMh942u63AdMl76VXF6RfB7VnSYrvumGz7BDBef7P2wMV9mpMl7pOwpjuJBGyc ZX8ky2j0zyS7N11pEqYoyqABOmz/xkZAmtRVmRfcKchPGwYXCQwG1ScA==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id 6UarS1DpgHPg; Thu, 15 Mar 2012 13:30:46 +0000 (GMT)
Received: from [10.87.48.7] (unknown [86.41.14.101]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 201E5171C3E; Thu, 15 Mar 2012 13:30:45 +0000 (GMT)
Message-ID: <4F61EF05.2050608@cs.tcd.ie>
Date: Thu, 15 Mar 2012 13:30:45 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 13:30:49 -0000

So I think we are using terms slightly differently. But
that's ok and something that's not uncommon when different
folks get involved in a BoF coming from different
backgrounds.

Mandating the ability to support OAuth may be quite
sensible in this case. In any case, OAuth is probably
fairly clearly something that'd need to be considered.

Not doing that (or some equivalent) would seem to break
interop and require pairwise agreements as to how to do
authorization which would IMO be broken.

S

On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
> Stephen,
>
> When using "implementations" in my suggestion I was referring to the wording in point 3 that you had an issue with: "Defining how SCIM implementations define and implement authorization".
>
> In the current SCIM specs, the wording is consistent with what I suggested (although I don't think it is strictly necessary to add anything, as mentioned in my previous message). Section 2. Authentication and Authorization states make a series of recommendations, among others a strong recommendation for support for OAuth 2 Bearer Token, but the recommendations are intended to the IMPLEMENTERS (to support existing authentication/authorization schemes, among them OAuth 2). However they stop short of mandating any authentication/authorization scheme, which I think is the right approach.
>
> Michael
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
> Sent: Thursday, March 15, 2012 9:11 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: Morteza Ansari (moransar); scim@ietf.org
> Subject: Re: [scim] Draft charter - v4
>
>
> I'm not sure what exactly you mean by implementation.
>
> RFCs of course don't provide code for stuff like this.
>
> But to get interop, both sides need to (be able to)
> use the same thing. So RFCs do usually specify a "MUST
> implement" set of features for stuff like this.
>
> If one did OAuth and one kerberos then that'd not work.
> (In either case there'd likely be work to say just how
> to use the underlying scheme.)
>
> Seems to me this wg would need to pick something here
> and maybe do some profiling, so that authorization
> decisions can be made in a secure and interoperable
> manner.
>
> S
>
> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>> The way I understood the proposed scope is that SCIM WG itself will not provide deliverables that recommend specific IMPLEMENTATIONS for authorization. I did not understand it as "it's not necessary or important", rather that it is the scope of other groups.
>>
>> Not sure if anything is needed, but if so - we could consider adding: "... while not preventing the use of different authorization mechanisms". This will raise the awareness to ensure that was is specified works in conjunction with OAuth and/or other mechanisms.
>>
>> Michael
>>
>> -----Original Message-----
>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Stephen Farrell
>> Sent: Thursday, March 15, 2012 6:09 AM
>> To: Morteza Ansari (moransar)
>> Cc: scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>
>>
>>
>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>> Trey, Kelly, and I huddled over for a few minutes today and added some
>>> text to the version Eliot sent out yesterday.  We tried to address the
>>> questions Eliot raised and remove some of the ambiguous text based on
>>> the email discussions.  Please review and send your comments/feedback.
>>
>> Your proposal says:
>>
>>
>> "The group considers the following out of scope for this group:
>>         Defining new authentication schemes
>>         Defining new policy/authorization schemes
>>         Defining how SCIM implementations define and implement
>>           authorization"
>>
>> The first two are fine, and entirely sensible. I don't
>> get the 3rd.
>>
>> scim will presumably define some messages that can be sent,
>> e.g.:
>>
>>      Alice->Bob: Here's Charlie's new password
>>
>> I don't see how you'll be secure if anyone that's
>> authenticated can reset Charlie's password, so some
>> authorization is clearly needed.
>>
>> I don't see how you'll get interop if Alice and Bob
>> don't have a common way to determine that Alice is ok
>> to reset Charlie's password.
>>
>> What's the reason to try leave authorization for such
>> scim messages out of scope?
>>
>> S
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From michael.brenner@alcatel-lucent.com  Thu Mar 15 06:37:57 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4710D21F858F for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:37:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.099
X-Spam-Level: 
X-Spam-Status: No, score=-8.099 tagged_above=-999 required=5 tests=[AWL=-1.500, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cIK5vg9XhzOv for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:37:56 -0700 (PDT)
Received: from ihemail3.lucent.com (ihemail3.lucent.com [135.245.0.37]) by ietfa.amsl.com (Postfix) with ESMTP id 70DFD21F86B4 for <scim@ietf.org>; Thu, 15 Mar 2012 06:37:55 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail3.lucent.com (8.13.8/IER-o) with ESMTP id q2FDbpck009617 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 08:37:51 -0500 (CDT)
Received: from USNAVSXCHHUB03.ndc.alcatel-lucent.com (usnavsxchhub03.ndc.alcatel-lucent.com [135.3.39.112]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FDaxkP000435 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 08:37:50 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB03.ndc.alcatel-lucent.com ([135.3.39.112]) with mapi; Thu, 15 Mar 2012 08:37:47 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Thu, 15 Mar 2012 08:37:46 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0Cr9X5MW6QjatsRh6ITCUMBuMLPAAADVnQ
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie>
In-Reply-To: <4F61EF05.2050608@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.37
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 13:37:57 -0000

I would not go as far as "mandating the use of OAuth" as part of the charte=
r of SCIM group, mainly because that may be then interpreted by some as "OA=
uth would be the only authorization mechanism that SCIM supports". But I do=
 agree that SCIM MUST work in conjunction with AT LEAST OAuth (while not ex=
cluding other authorization mechanisms). It so happens that using OAuth 2 B=
earer Token makes this relatively painless and un-intrusive to the scope of=
 SCIM group to fulfill, IMHO.

Michael=20

-----Original Message-----
From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]=20
Sent: Thursday, March 15, 2012 9:31 AM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org; Morteza Ansari (moransar)
Subject: Re: [scim] Draft charter - v4


So I think we are using terms slightly differently. But
that's ok and something that's not uncommon when different
folks get involved in a BoF coming from different
backgrounds.

Mandating the ability to support OAuth may be quite
sensible in this case. In any case, OAuth is probably
fairly clearly something that'd need to be considered.

Not doing that (or some equivalent) would seem to break
interop and require pairwise agreements as to how to do
authorization which would IMO be broken.

S

On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
> Stephen,
>
> When using "implementations" in my suggestion I was referring to the word=
ing in point 3 that you had an issue with: "Defining how SCIM implementatio=
ns define and implement authorization".
>
> In the current SCIM specs, the wording is consistent with what I suggeste=
d (although I don't think it is strictly necessary to add anything, as ment=
ioned in my previous message). Section 2. Authentication and Authorization =
states make a series of recommendations, among others a strong recommendati=
on for support for OAuth 2 Bearer Token, but the recommendations are intend=
ed to the IMPLEMENTERS (to support existing authentication/authorization sc=
hemes, among them OAuth 2). However they stop short of mandating any authen=
tication/authorization scheme, which I think is the right approach.
>
> Michael
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
> Sent: Thursday, March 15, 2012 9:11 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: Morteza Ansari (moransar); scim@ietf.org
> Subject: Re: [scim] Draft charter - v4
>
>
> I'm not sure what exactly you mean by implementation.
>
> RFCs of course don't provide code for stuff like this.
>
> But to get interop, both sides need to (be able to)
> use the same thing. So RFCs do usually specify a "MUST
> implement" set of features for stuff like this.
>
> If one did OAuth and one kerberos then that'd not work.
> (In either case there'd likely be work to say just how
> to use the underlying scheme.)
>
> Seems to me this wg would need to pick something here
> and maybe do some profiling, so that authorization
> decisions can be made in a secure and interoperable
> manner.
>
> S
>
> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>> The way I understood the proposed scope is that SCIM WG itself will not =
provide deliverables that recommend specific IMPLEMENTATIONS for authorizat=
ion. I did not understand it as "it's not necessary or important", rather t=
hat it is the scope of other groups.
>>
>> Not sure if anything is needed, but if so - we could consider adding: ".=
.. while not preventing the use of different authorization mechanisms". Thi=
s will raise the awareness to ensure that was is specified works in conjunc=
tion with OAuth and/or other mechanisms.
>>
>> Michael
>>
>> -----Original Message-----
>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of =
Stephen Farrell
>> Sent: Thursday, March 15, 2012 6:09 AM
>> To: Morteza Ansari (moransar)
>> Cc: scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>
>>
>>
>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>> Trey, Kelly, and I huddled over for a few minutes today and added some
>>> text to the version Eliot sent out yesterday.  We tried to address the
>>> questions Eliot raised and remove some of the ambiguous text based on
>>> the email discussions.  Please review and send your comments/feedback.
>>
>> Your proposal says:
>>
>>
>> "The group considers the following out of scope for this group:
>>         Defining new authentication schemes
>>         Defining new policy/authorization schemes
>>         Defining how SCIM implementations define and implement
>>           authorization"
>>
>> The first two are fine, and entirely sensible. I don't
>> get the 3rd.
>>
>> scim will presumably define some messages that can be sent,
>> e.g.:
>>
>>      Alice->Bob: Here's Charlie's new password
>>
>> I don't see how you'll be secure if anyone that's
>> authenticated can reset Charlie's password, so some
>> authorization is clearly needed.
>>
>> I don't see how you'll get interop if Alice and Bob
>> don't have a common way to determine that Alice is ok
>> to reset Charlie's password.
>>
>> What's the reason to try leave authorization for such
>> scim messages out of scope?
>>
>> S
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From stephen.farrell@cs.tcd.ie  Thu Mar 15 06:47:43 2012
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 908EF21F8692 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:47:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level: 
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bMYgvwR+Z5fB for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 06:47:42 -0700 (PDT)
Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 6AD7821F8667 for <scim@ietf.org>; Thu, 15 Mar 2012 06:47:42 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id AD23E171C8B; Thu, 15 Mar 2012 13:47:41 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1331819261; bh=T5gyiz59lkECei W2yoe9i47xBpKSYe3nDn3mTl2kbRI=; b=PpU4noJ3xdLAxpzGxT4ACZYx3L0PtE r6uvdktPl1rNLfKkHWuH/9JA5Xp7LTZJRqsD7KHDBYqZe+KBLQzrPMmXeITy4oaf LwYjHuFXH0RSz0qThZhV1ae3ihoclG0iOuWvK19efH8kYSm8bA8vyQS4YVKD2rod RRiYSt3b03+z4ZwzPMr/p0TcSTHWn9oFpkFMkFOJg6ZIZvL1A2l92d3qdSsydULv TePM3oTjPDsQTqUoo3TGMBndigHEV3/8dTyIOz5fD47qstWh2Iqvr9z99tlwp2Sj AzL3akZlUsvDllMHrAbA6X05yT5S1tIvOtPytsBjfuEuyUCab4j/VtSw==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id 4HW07pTtKlT5; Thu, 15 Mar 2012 13:47:41 +0000 (GMT)
Received: from [10.87.48.7] (unknown [86.41.14.101]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 0E0F9171C3E; Thu, 15 Mar 2012 13:47:40 +0000 (GMT)
Message-ID: <4F61F2FC.80802@cs.tcd.ie>
Date: Thu, 15 Mar 2012 13:47:40 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 13:47:43 -0000

Note: I'm talking about mandatory-to-implement not mandatory-
to-use. Those differ. The former allows for interop. regardless
of where you get your code (if done well of course:-)

In any case, I do believe this putative WG does need to specify
how authorization is to be handled, which conflicts with the
original mail to which I responded.

S

On 03/15/2012 01:37 PM, Brenner, Michael Ralf (Michael) wrote:
> I would not go as far as "mandating the use of OAuth" as part of the charter of SCIM group, mainly because that may be then interpreted by some as "OAuth would be the only authorization mechanism that SCIM supports". But I do agree that SCIM MUST work in conjunction with AT LEAST OAuth (while not excluding other authorization mechanisms). It so happens that using OAuth 2 Bearer Token makes this relatively painless and un-intrusive to the scope of SCIM group to fulfill, IMHO.
>
> Michael
>
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
> Sent: Thursday, March 15, 2012 9:31 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar)
> Subject: Re: [scim] Draft charter - v4
>
>
> So I think we are using terms slightly differently. But
> that's ok and something that's not uncommon when different
> folks get involved in a BoF coming from different
> backgrounds.
>
> Mandating the ability to support OAuth may be quite
> sensible in this case. In any case, OAuth is probably
> fairly clearly something that'd need to be considered.
>
> Not doing that (or some equivalent) would seem to break
> interop and require pairwise agreements as to how to do
> authorization which would IMO be broken.
>
> S
>
> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>> Stephen,
>>
>> When using "implementations" in my suggestion I was referring to the wording in point 3 that you had an issue with: "Defining how SCIM implementations define and implement authorization".
>>
>> In the current SCIM specs, the wording is consistent with what I suggested (although I don't think it is strictly necessary to add anything, as mentioned in my previous message). Section 2. Authentication and Authorization states make a series of recommendations, among others a strong recommendation for support for OAuth 2 Bearer Token, but the recommendations are intended to the IMPLEMENTERS (to support existing authentication/authorization schemes, among them OAuth 2). However they stop short of mandating any authentication/authorization scheme, which I think is the right approach.
>>
>> Michael
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:11 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: Morteza Ansari (moransar); scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>
>>
>> I'm not sure what exactly you mean by implementation.
>>
>> RFCs of course don't provide code for stuff like this.
>>
>> But to get interop, both sides need to (be able to)
>> use the same thing. So RFCs do usually specify a "MUST
>> implement" set of features for stuff like this.
>>
>> If one did OAuth and one kerberos then that'd not work.
>> (In either case there'd likely be work to say just how
>> to use the underlying scheme.)
>>
>> Seems to me this wg would need to pick something here
>> and maybe do some profiling, so that authorization
>> decisions can be made in a secure and interoperable
>> manner.
>>
>> S
>>
>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>> The way I understood the proposed scope is that SCIM WG itself will not provide deliverables that recommend specific IMPLEMENTATIONS for authorization. I did not understand it as "it's not necessary or important", rather that it is the scope of other groups.
>>>
>>> Not sure if anything is needed, but if so - we could consider adding: "... while not preventing the use of different authorization mechanisms". This will raise the awareness to ensure that was is specified works in conjunction with OAuth and/or other mechanisms.
>>>
>>> Michael
>>>
>>> -----Original Message-----
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Stephen Farrell
>>> Sent: Thursday, March 15, 2012 6:09 AM
>>> To: Morteza Ansari (moransar)
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>
>>>
>>>
>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>> Trey, Kelly, and I huddled over for a few minutes today and added some
>>>> text to the version Eliot sent out yesterday.  We tried to address the
>>>> questions Eliot raised and remove some of the ambiguous text based on
>>>> the email discussions.  Please review and send your comments/feedback.
>>>
>>> Your proposal says:
>>>
>>>
>>> "The group considers the following out of scope for this group:
>>>          Defining new authentication schemes
>>>          Defining new policy/authorization schemes
>>>          Defining how SCIM implementations define and implement
>>>            authorization"
>>>
>>> The first two are fine, and entirely sensible. I don't
>>> get the 3rd.
>>>
>>> scim will presumably define some messages that can be sent,
>>> e.g.:
>>>
>>>       Alice->Bob: Here's Charlie's new password
>>>
>>> I don't see how you'll be secure if anyone that's
>>> authenticated can reset Charlie's password, so some
>>> authorization is clearly needed.
>>>
>>> I don't see how you'll get interop if Alice and Bob
>>> don't have a common way to determine that Alice is ok
>>> to reset Charlie's password.
>>>
>>> What's the reason to try leave authorization for such
>>> scim messages out of scope?
>>>
>>> S
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From michael.brenner@alcatel-lucent.com  Thu Mar 15 07:03:09 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6893821F8645 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:03:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.799
X-Spam-Level: 
X-Spam-Status: No, score=-9.799 tagged_above=-999 required=5 tests=[AWL=0.800,  BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HOVd+JYxhDl4 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:03:08 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id 8329921F863B for <scim@ietf.org>; Thu, 15 Mar 2012 07:03:08 -0700 (PDT)
Received: from usnavsmail2.ndc.alcatel-lucent.com (usnavsmail2.ndc.alcatel-lucent.com [135.3.39.10]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id q2FE35cs024383 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 09:03:05 -0500 (CDT)
Received: from USNAVSXCHHUB03.ndc.alcatel-lucent.com (usnavsxchhub03.ndc.alcatel-lucent.com [135.3.39.112]) by usnavsmail2.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FDiweP032648 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 09:03:05 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB03.ndc.alcatel-lucent.com ([135.3.39.112]) with mapi; Thu, 15 Mar 2012 09:02:26 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Thu, 15 Mar 2012 09:02:25 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0CsjPoHvAxNLT6RtCq3o7IcWyRBgAAQpzg
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D5556@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61F2FC.80802@cs.tcd.ie>
In-Reply-To: <4F61F2FC.80802@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.10
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 14:03:09 -0000

I don't think SCIM has to mandatorily implement (implement as in "defining =
as part of the SCIM specs") anything in order to work with Oath 2 Bearer To=
ken. Otherwise we end up defining vendor's implementation of SCIM & OAuth. =
A vendor that would implement BOTH the SCIM and OAuth 2.0 specifications wo=
uld have to support in SCIM requests the passing of a (separately and previ=
ously) obtained OAuth 2.0 token, via an HTTP header. IMHO, this is orthogon=
al to the definitions in SCIM specs themselves.
Michael

-----Original Message-----
From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]=20
Sent: Thursday, March 15, 2012 9:48 AM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org; Morteza Ansari (moransar)
Subject: Re: [scim] Draft charter - v4


Note: I'm talking about mandatory-to-implement not mandatory-
to-use. Those differ. The former allows for interop. regardless
of where you get your code (if done well of course:-)

In any case, I do believe this putative WG does need to specify
how authorization is to be handled, which conflicts with the
original mail to which I responded.

S

On 03/15/2012 01:37 PM, Brenner, Michael Ralf (Michael) wrote:
> I would not go as far as "mandating the use of OAuth" as part of the char=
ter of SCIM group, mainly because that may be then interpreted by some as "=
OAuth would be the only authorization mechanism that SCIM supports". But I =
do agree that SCIM MUST work in conjunction with AT LEAST OAuth (while not =
excluding other authorization mechanisms). It so happens that using OAuth 2=
 Bearer Token makes this relatively painless and un-intrusive to the scope =
of SCIM group to fulfill, IMHO.
>
> Michael
>
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
> Sent: Thursday, March 15, 2012 9:31 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar)
> Subject: Re: [scim] Draft charter - v4
>
>
> So I think we are using terms slightly differently. But
> that's ok and something that's not uncommon when different
> folks get involved in a BoF coming from different
> backgrounds.
>
> Mandating the ability to support OAuth may be quite
> sensible in this case. In any case, OAuth is probably
> fairly clearly something that'd need to be considered.
>
> Not doing that (or some equivalent) would seem to break
> interop and require pairwise agreements as to how to do
> authorization which would IMO be broken.
>
> S
>
> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>> Stephen,
>>
>> When using "implementations" in my suggestion I was referring to the wor=
ding in point 3 that you had an issue with: "Defining how SCIM implementati=
ons define and implement authorization".
>>
>> In the current SCIM specs, the wording is consistent with what I suggest=
ed (although I don't think it is strictly necessary to add anything, as men=
tioned in my previous message). Section 2. Authentication and Authorization=
 states make a series of recommendations, among others a strong recommendat=
ion for support for OAuth 2 Bearer Token, but the recommendations are inten=
ded to the IMPLEMENTERS (to support existing authentication/authorization s=
chemes, among them OAuth 2). However they stop short of mandating any authe=
ntication/authorization scheme, which I think is the right approach.
>>
>> Michael
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:11 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: Morteza Ansari (moransar); scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>
>>
>> I'm not sure what exactly you mean by implementation.
>>
>> RFCs of course don't provide code for stuff like this.
>>
>> But to get interop, both sides need to (be able to)
>> use the same thing. So RFCs do usually specify a "MUST
>> implement" set of features for stuff like this.
>>
>> If one did OAuth and one kerberos then that'd not work.
>> (In either case there'd likely be work to say just how
>> to use the underlying scheme.)
>>
>> Seems to me this wg would need to pick something here
>> and maybe do some profiling, so that authorization
>> decisions can be made in a secure and interoperable
>> manner.
>>
>> S
>>
>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>> The way I understood the proposed scope is that SCIM WG itself will not=
 provide deliverables that recommend specific IMPLEMENTATIONS for authoriza=
tion. I did not understand it as "it's not necessary or important", rather =
that it is the scope of other groups.
>>>
>>> Not sure if anything is needed, but if so - we could consider adding: "=
... while not preventing the use of different authorization mechanisms". Th=
is will raise the awareness to ensure that was is specified works in conjun=
ction with OAuth and/or other mechanisms.
>>>
>>> Michael
>>>
>>> -----Original Message-----
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of=
 Stephen Farrell
>>> Sent: Thursday, March 15, 2012 6:09 AM
>>> To: Morteza Ansari (moransar)
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>
>>>
>>>
>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>> Trey, Kelly, and I huddled over for a few minutes today and added some
>>>> text to the version Eliot sent out yesterday.  We tried to address the
>>>> questions Eliot raised and remove some of the ambiguous text based on
>>>> the email discussions.  Please review and send your comments/feedback.
>>>
>>> Your proposal says:
>>>
>>>
>>> "The group considers the following out of scope for this group:
>>>          Defining new authentication schemes
>>>          Defining new policy/authorization schemes
>>>          Defining how SCIM implementations define and implement
>>>            authorization"
>>>
>>> The first two are fine, and entirely sensible. I don't
>>> get the 3rd.
>>>
>>> scim will presumably define some messages that can be sent,
>>> e.g.:
>>>
>>>       Alice->Bob: Here's Charlie's new password
>>>
>>> I don't see how you'll be secure if anyone that's
>>> authenticated can reset Charlie's password, so some
>>> authorization is clearly needed.
>>>
>>> I don't see how you'll get interop if Alice and Bob
>>> don't have a common way to determine that Alice is ok
>>> to reset Charlie's password.
>>>
>>> What's the reason to try leave authorization for such
>>> scim messages out of scope?
>>>
>>> S
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From trey.drake@unboundid.com  Thu Mar 15 07:12:28 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0F1221F865F for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:12:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NVC+q+F15lTT for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:12:27 -0700 (PDT)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id 8FE2021F864A for <scim@ietf.org>; Thu, 15 Mar 2012 07:12:27 -0700 (PDT)
Received: by ggmi1 with SMTP id i1so3525470ggm.31 for <scim@ietf.org>; Thu, 15 Mar 2012 07:12:27 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=Hraf9XT86smredEIQTy0CoCTyYrJrywAciBNBYiTLlg=; b=PD0VmG7yFFTqnpLZV0YkJ6+ZEgHrGbJh2qJEJBLUlAWfXQCElRcKLmAPk4m691uTtL 4vrlrMN6YAXE4hD1MscJk+h2SwPc42KlQfjIUgraKlMfsu9dnQWJewcjbpLvgQvmZete 8vecR1cqB8pJW/0LB3ql831bHlurrcOe7l2ouIkvu9oQUbCHyeZwFGcyjXKKyPqMwCwg VBajlG38xdRJSR7QGZJ7GBHmSlhI+dlZsEID58M5qgZLt6uv1L3fCU/PFJ4oNdMo0nqU qpC6nbltQ9jEoP9uRCfnezxkQQJioXxOeA40fq6sfECPg+MZbrwzQYjyDE2n08kL0e3q GL6g==
Received: by 10.182.114.70 with SMTP id je6mr8200473obb.30.1331820747003; Thu, 15 Mar 2012 07:12:27 -0700 (PDT)
Received: from [192.168.241.86] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id 8sm1864384obv.19.2012.03.15.07.12.25 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Mar 2012 07:12:25 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_B818C498-BB14-4D00-84B4-2D1712D6B8E4"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Date: Thu, 15 Mar 2012 09:12:26 -0500
Message-Id: <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQkGBiCgsXXTWhZNWgZImbBjbiOMkHnbB4O/tHYQXmCT5EZMXnSXQuMmEbGBvImLncZUApYZ
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 14:12:29 -0000

--Apple-Mail=_B818C498-BB14-4D00-84B4-2D1712D6B8E4
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

The intent is exactly that - we do not intend to mandate specific =
authorization schemes though we do intend to recommend.  In particular, =
the draft submission will recommend use of OAuth2 Bearer Token.  =
Unfortunately, we missed the draft submission date, hence the protocol =
draft that makes the point clear is unavailable.=20

The question, as I interpret, is (using the case below): do we need to =
specify a scheme whereby Alice has a priori knowledge of what Alice has =
access to or do we remain silent and simply specify what must happen =
when an unauthorized Alice attempts to modify Bob.  The current thinking =
is the latter. =20

Thanks,
Trey


On Mar 15, 2012, at 8:37 AM, Brenner, Michael Ralf (Michael) wrote:

> I would not go as far as "mandating the use of OAuth" as part of the =
charter of SCIM group, mainly because that may be then interpreted by =
some as "OAuth would be the only authorization mechanism that SCIM =
supports". But I do agree that SCIM MUST work in conjunction with AT =
LEAST OAuth (while not excluding other authorization mechanisms). It so =
happens that using OAuth 2 Bearer Token makes this relatively painless =
and un-intrusive to the scope of SCIM group to fulfill, IMHO.
>=20
> Michael=20
>=20
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]=20
> Sent: Thursday, March 15, 2012 9:31 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar)
> Subject: Re: [scim] Draft charter - v4
>=20
>=20
> So I think we are using terms slightly differently. But
> that's ok and something that's not uncommon when different
> folks get involved in a BoF coming from different
> backgrounds.
>=20
> Mandating the ability to support OAuth may be quite
> sensible in this case. In any case, OAuth is probably
> fairly clearly something that'd need to be considered.
>=20
> Not doing that (or some equivalent) would seem to break
> interop and require pairwise agreements as to how to do
> authorization which would IMO be broken.
>=20
> S
>=20
> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>> Stephen,
>>=20
>> When using "implementations" in my suggestion I was referring to the =
wording in point 3 that you had an issue with: "Defining how SCIM =
implementations define and implement authorization".
>>=20
>> In the current SCIM specs, the wording is consistent with what I =
suggested (although I don't think it is strictly necessary to add =
anything, as mentioned in my previous message). Section 2. =
Authentication and Authorization states make a series of =
recommendations, among others a strong recommendation for support for =
OAuth 2 Bearer Token, but the recommendations are intended to the =
IMPLEMENTERS (to support existing authentication/authorization schemes, =
among them OAuth 2). However they stop short of mandating any =
authentication/authorization scheme, which I think is the right =
approach.
>>=20
>> Michael
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:11 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: Morteza Ansari (moransar); scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>=20
>>=20
>> I'm not sure what exactly you mean by implementation.
>>=20
>> RFCs of course don't provide code for stuff like this.
>>=20
>> But to get interop, both sides need to (be able to)
>> use the same thing. So RFCs do usually specify a "MUST
>> implement" set of features for stuff like this.
>>=20
>> If one did OAuth and one kerberos then that'd not work.
>> (In either case there'd likely be work to say just how
>> to use the underlying scheme.)
>>=20
>> Seems to me this wg would need to pick something here
>> and maybe do some profiling, so that authorization
>> decisions can be made in a secure and interoperable
>> manner.
>>=20
>> S
>>=20
>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>> The way I understood the proposed scope is that SCIM WG itself will =
not provide deliverables that recommend specific IMPLEMENTATIONS for =
authorization. I did not understand it as "it's not necessary or =
important", rather that it is the scope of other groups.
>>>=20
>>> Not sure if anything is needed, but if so - we could consider =
adding: "... while not preventing the use of different authorization =
mechanisms". This will raise the awareness to ensure that was is =
specified works in conjunction with OAuth and/or other mechanisms.
>>>=20
>>> Michael
>>>=20
>>> -----Original Message-----
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Stephen Farrell
>>> Sent: Thursday, March 15, 2012 6:09 AM
>>> To: Morteza Ansari (moransar)
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>=20
>>>=20
>>>=20
>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>> Trey, Kelly, and I huddled over for a few minutes today and added =
some
>>>> text to the version Eliot sent out yesterday.  We tried to address =
the
>>>> questions Eliot raised and remove some of the ambiguous text based =
on
>>>> the email discussions.  Please review and send your =
comments/feedback.
>>>=20
>>> Your proposal says:
>>>=20
>>>=20
>>> "The group considers the following out of scope for this group:
>>>        Defining new authentication schemes
>>>        Defining new policy/authorization schemes
>>>        Defining how SCIM implementations define and implement
>>>          authorization"
>>>=20
>>> The first two are fine, and entirely sensible. I don't
>>> get the 3rd.
>>>=20
>>> scim will presumably define some messages that can be sent,
>>> e.g.:
>>>=20
>>>     Alice->Bob: Here's Charlie's new password
>>>=20
>>> I don't see how you'll be secure if anyone that's
>>> authenticated can reset Charlie's password, so some
>>> authorization is clearly needed.
>>>=20
>>> I don't see how you'll get interop if Alice and Bob
>>> don't have a common way to determine that Alice is ok
>>> to reset Charlie's password.
>>>=20
>>> What's the reason to try leave authorization for such
>>> scim messages out of scope?
>>>=20
>>> S
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_B818C498-BB14-4D00-84B4-2D1712D6B8E4
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTUxNDEyMjdaMCMGCSqGSIb3DQEJBDEWBBSbw2xjTM1rlT7FHnAEeo7CEyZE7TCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBADJckgbdnegs5k8bWfbgLULVvxKgM9o8rhtDd+LbTGYyQHu3oBK3RU/JCYE75XCTLMSm
Rf/lS9xTMu/HSj/Cd4f+lPmPenXrAJYxW+LXUsi9ih3LDgxFG505u9nz46y9PkePWOSGkInpQZV1
O9nMjCgFmK1xnLuDG+fJCaPhOkb3lppN1QA7vx/yWaVvf9odKzom1Z1uPhZ529tMiZLcuDDIUO5i
f3npNhQY8gu8lqrcqaj/5JSPMFSohnhYyHtYO2EvmwiXSTlXO7+2BukVisBFE0bFSPNV2WaFsN0S
3mEk9ra6tycBZdc/VoPiRd16zaVX1Kb2r+POFPgtmZoq7ygAAAAAAAA=

--Apple-Mail=_B818C498-BB14-4D00-84B4-2D1712D6B8E4--

From michael.brenner@alcatel-lucent.com  Thu Mar 15 07:15:54 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C58BC21F862A for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:15:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.932
X-Spam-Level: 
X-Spam-Status: No, score=-7.932 tagged_above=-999 required=5 tests=[AWL=-1.333, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JKGCH5VkBSPj for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:15:53 -0700 (PDT)
Received: from ihemail3.lucent.com (ihemail3.lucent.com [135.245.0.37]) by ietfa.amsl.com (Postfix) with ESMTP id D390D21F8627 for <scim@ietf.org>; Thu, 15 Mar 2012 07:15:53 -0700 (PDT)
Received: from usnavsmail2.ndc.alcatel-lucent.com (usnavsmail2.ndc.alcatel-lucent.com [135.3.39.10]) by ihemail3.lucent.com (8.13.8/IER-o) with ESMTP id q2FEFnmN000799 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 09:15:49 -0500 (CDT)
Received: from USNAVSXCHHUB03.ndc.alcatel-lucent.com (usnavsxchhub03.ndc.alcatel-lucent.com [135.3.39.112]) by usnavsmail2.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FEFn40024477 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 09:15:49 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB03.ndc.alcatel-lucent.com ([135.3.39.112]) with mapi; Thu, 15 Mar 2012 09:15:49 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Trey Drake <trey.drake@unboundid.com>
Date: Thu, 15 Mar 2012 09:15:48 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0CtatrLhospknjRU684OyNbp6gpgAAGBXA
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D5575@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com>
In-Reply-To: <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.37
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.10
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 14:15:54 -0000

This matches my understanding.
Thanks,
Michael

-----Original Message-----
From: Trey Drake [mailto:trey.drake@unboundid.com]=20
Sent: Thursday, March 15, 2012 10:12 AM
To: Brenner, Michael Ralf (Michael)
Cc: Stephen Farrell; scim@ietf.org; Morteza Ansari (moransar)
Subject: Re: [scim] Draft charter - v4

The intent is exactly that - we do not intend to mandate specific authoriza=
tion schemes though we do intend to recommend.  In particular, the draft su=
bmission will recommend use of OAuth2 Bearer Token.  Unfortunately, we miss=
ed the draft submission date, hence the protocol draft that makes the point=
 clear is unavailable.=20

The question, as I interpret, is (using the case below): do we need to spec=
ify a scheme whereby Alice has a priori knowledge of what Alice has access =
to or do we remain silent and simply specify what must happen when an unaut=
horized Alice attempts to modify Bob.  The current thinking is the latter. =
=20

Thanks,
Trey


On Mar 15, 2012, at 8:37 AM, Brenner, Michael Ralf (Michael) wrote:

> I would not go as far as "mandating the use of OAuth" as part of the char=
ter of SCIM group, mainly because that may be then interpreted by some as "=
OAuth would be the only authorization mechanism that SCIM supports". But I =
do agree that SCIM MUST work in conjunction with AT LEAST OAuth (while not =
excluding other authorization mechanisms). It so happens that using OAuth 2=
 Bearer Token makes this relatively painless and un-intrusive to the scope =
of SCIM group to fulfill, IMHO.
>=20
> Michael=20
>=20
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]=20
> Sent: Thursday, March 15, 2012 9:31 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar)
> Subject: Re: [scim] Draft charter - v4
>=20
>=20
> So I think we are using terms slightly differently. But
> that's ok and something that's not uncommon when different
> folks get involved in a BoF coming from different
> backgrounds.
>=20
> Mandating the ability to support OAuth may be quite
> sensible in this case. In any case, OAuth is probably
> fairly clearly something that'd need to be considered.
>=20
> Not doing that (or some equivalent) would seem to break
> interop and require pairwise agreements as to how to do
> authorization which would IMO be broken.
>=20
> S
>=20
> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>> Stephen,
>>=20
>> When using "implementations" in my suggestion I was referring to the wor=
ding in point 3 that you had an issue with: "Defining how SCIM implementati=
ons define and implement authorization".
>>=20
>> In the current SCIM specs, the wording is consistent with what I suggest=
ed (although I don't think it is strictly necessary to add anything, as men=
tioned in my previous message). Section 2. Authentication and Authorization=
 states make a series of recommendations, among others a strong recommendat=
ion for support for OAuth 2 Bearer Token, but the recommendations are inten=
ded to the IMPLEMENTERS (to support existing authentication/authorization s=
chemes, among them OAuth 2). However they stop short of mandating any authe=
ntication/authorization scheme, which I think is the right approach.
>>=20
>> Michael
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:11 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: Morteza Ansari (moransar); scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>=20
>>=20
>> I'm not sure what exactly you mean by implementation.
>>=20
>> RFCs of course don't provide code for stuff like this.
>>=20
>> But to get interop, both sides need to (be able to)
>> use the same thing. So RFCs do usually specify a "MUST
>> implement" set of features for stuff like this.
>>=20
>> If one did OAuth and one kerberos then that'd not work.
>> (In either case there'd likely be work to say just how
>> to use the underlying scheme.)
>>=20
>> Seems to me this wg would need to pick something here
>> and maybe do some profiling, so that authorization
>> decisions can be made in a secure and interoperable
>> manner.
>>=20
>> S
>>=20
>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>> The way I understood the proposed scope is that SCIM WG itself will not=
 provide deliverables that recommend specific IMPLEMENTATIONS for authoriza=
tion. I did not understand it as "it's not necessary or important", rather =
that it is the scope of other groups.
>>>=20
>>> Not sure if anything is needed, but if so - we could consider adding: "=
... while not preventing the use of different authorization mechanisms". Th=
is will raise the awareness to ensure that was is specified works in conjun=
ction with OAuth and/or other mechanisms.
>>>=20
>>> Michael
>>>=20
>>> -----Original Message-----
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of=
 Stephen Farrell
>>> Sent: Thursday, March 15, 2012 6:09 AM
>>> To: Morteza Ansari (moransar)
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>=20
>>>=20
>>>=20
>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>> Trey, Kelly, and I huddled over for a few minutes today and added some
>>>> text to the version Eliot sent out yesterday.  We tried to address the
>>>> questions Eliot raised and remove some of the ambiguous text based on
>>>> the email discussions.  Please review and send your comments/feedback.
>>>=20
>>> Your proposal says:
>>>=20
>>>=20
>>> "The group considers the following out of scope for this group:
>>>        Defining new authentication schemes
>>>        Defining new policy/authorization schemes
>>>        Defining how SCIM implementations define and implement
>>>          authorization"
>>>=20
>>> The first two are fine, and entirely sensible. I don't
>>> get the 3rd.
>>>=20
>>> scim will presumably define some messages that can be sent,
>>> e.g.:
>>>=20
>>>     Alice->Bob: Here's Charlie's new password
>>>=20
>>> I don't see how you'll be secure if anyone that's
>>> authenticated can reset Charlie's password, so some
>>> authorization is clearly needed.
>>>=20
>>> I don't see how you'll get interop if Alice and Bob
>>> don't have a common way to determine that Alice is ok
>>> to reset Charlie's password.
>>>=20
>>> What's the reason to try leave authorization for such
>>> scim messages out of scope?
>>>=20
>>> S
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From stephen.farrell@cs.tcd.ie  Thu Mar 15 07:16:03 2012
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68F4821F8688 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:16:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level: 
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FamUECGJOrqK for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:16:02 -0700 (PDT)
Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 34C6A21F8681 for <scim@ietf.org>; Thu, 15 Mar 2012 07:16:02 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 6E375171C8B; Thu, 15 Mar 2012 14:16:01 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1331820960; bh=5WAZJbrkqyXarO hr6fy1QsRgFg4/Ho4cL/7sLH5vszg=; b=kU4Ck8Tl67oseW24yfcZGKhTy/L4Ck SzSZzpxpyer9QXD1S/Ui10mWsC32hYnZySH5CKqs5lzzrHlKnq6bL6bd8LPHdPCP XoLiFLAhtsMg1iI5X/jnc+JTg655m6Cx8RP9AHxTse2siy+ZxI4dIvMgKMH44u/D X1Le41aO5Ks+TwnIliE/YeqoldiUr6YKUdinDpgLJLQYL//8SVUeu58NdMaOta4E SEKqPbyLcsxjxR1rlvta/WGWnOv9Ef/7W25BijazID5d1no31GBssMt/7NVnO6R1 536Rtr6ZTkY12bOy/xcDWkBRwqAMrc8EVrGW1GwXYdlDOBTw5KUjVv8w==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id EthJFW9nl0Su; Thu, 15 Mar 2012 14:16:00 +0000 (GMT)
Received: from [10.87.48.7] (unknown [86.41.7.37]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 906BC171C3E; Thu, 15 Mar 2012 14:16:00 +0000 (GMT)
Message-ID: <4F61F99F.2020904@cs.tcd.ie>
Date: Thu, 15 Mar 2012 14:15:59 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Trey Drake <trey.drake@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com>
In-Reply-To: <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "Brenner, Michael Ralf \(Michael\)" <michael.brenner@alcatel-lucent.com>, "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 14:16:03 -0000

On 03/15/2012 02:12 PM, Trey Drake wrote:
> The intent is exactly that - we do not intend to mandate specific authorization schemes though we do intend to recommend.  In particular, the draft submission will recommend use of OAuth2 Bearer Token.  Unfortunately, we missed the draft submission date, hence the protocol draft that makes the point clear is unavailable.
>
> The question, as I interpret, is (using the case below): do we need to specify a scheme whereby Alice has a priori knowledge of what Alice has access to or do we remain silent and simply specify what must happen when an unauthorized Alice attempts to modify Bob.  The current thinking is the latter.

You need to tell the developer of Alice's code how to write the code
so Alice can demonstrate that she is authorized to all the potential
Bob's in the world for which she is in fact authorized to do whatever
operation she's trying.

Whether or not Alice needs to be able to ask Bob what she's allowed
to do is a different issue entirely.

S

> Thanks,
> Trey
>
>
> On Mar 15, 2012, at 8:37 AM, Brenner, Michael Ralf (Michael) wrote:
>
>> I would not go as far as "mandating the use of OAuth" as part of the charter of SCIM group, mainly because that may be then interpreted by some as "OAuth would be the only authorization mechanism that SCIM supports". But I do agree that SCIM MUST work in conjunction with AT LEAST OAuth (while not excluding other authorization mechanisms). It so happens that using OAuth 2 Bearer Token makes this relatively painless and un-intrusive to the scope of SCIM group to fulfill, IMHO.
>>
>> Michael
>>
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:31 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: scim@ietf.org; Morteza Ansari (moransar)
>> Subject: Re: [scim] Draft charter - v4
>>
>>
>> So I think we are using terms slightly differently. But
>> that's ok and something that's not uncommon when different
>> folks get involved in a BoF coming from different
>> backgrounds.
>>
>> Mandating the ability to support OAuth may be quite
>> sensible in this case. In any case, OAuth is probably
>> fairly clearly something that'd need to be considered.
>>
>> Not doing that (or some equivalent) would seem to break
>> interop and require pairwise agreements as to how to do
>> authorization which would IMO be broken.
>>
>> S
>>
>> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>>> Stephen,
>>>
>>> When using "implementations" in my suggestion I was referring to the wording in point 3 that you had an issue with: "Defining how SCIM implementations define and implement authorization".
>>>
>>> In the current SCIM specs, the wording is consistent with what I suggested (although I don't think it is strictly necessary to add anything, as mentioned in my previous message). Section 2. Authentication and Authorization states make a series of recommendations, among others a strong recommendation for support for OAuth 2 Bearer Token, but the recommendations are intended to the IMPLEMENTERS (to support existing authentication/authorization schemes, among them OAuth 2). However they stop short of mandating any authentication/authorization scheme, which I think is the right approach.
>>>
>>> Michael
>>> -----Original Message-----
>>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>>> Sent: Thursday, March 15, 2012 9:11 AM
>>> To: Brenner, Michael Ralf (Michael)
>>> Cc: Morteza Ansari (moransar); scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>
>>>
>>> I'm not sure what exactly you mean by implementation.
>>>
>>> RFCs of course don't provide code for stuff like this.
>>>
>>> But to get interop, both sides need to (be able to)
>>> use the same thing. So RFCs do usually specify a "MUST
>>> implement" set of features for stuff like this.
>>>
>>> If one did OAuth and one kerberos then that'd not work.
>>> (In either case there'd likely be work to say just how
>>> to use the underlying scheme.)
>>>
>>> Seems to me this wg would need to pick something here
>>> and maybe do some profiling, so that authorization
>>> decisions can be made in a secure and interoperable
>>> manner.
>>>
>>> S
>>>
>>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>>> The way I understood the proposed scope is that SCIM WG itself will not provide deliverables that recommend specific IMPLEMENTATIONS for authorization. I did not understand it as "it's not necessary or important", rather that it is the scope of other groups.
>>>>
>>>> Not sure if anything is needed, but if so - we could consider adding: "... while not preventing the use of different authorization mechanisms". This will raise the awareness to ensure that was is specified works in conjunction with OAuth and/or other mechanisms.
>>>>
>>>> Michael
>>>>
>>>> -----Original Message-----
>>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Stephen Farrell
>>>> Sent: Thursday, March 15, 2012 6:09 AM
>>>> To: Morteza Ansari (moransar)
>>>> Cc: scim@ietf.org
>>>> Subject: Re: [scim] Draft charter - v4
>>>>
>>>>
>>>>
>>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>>> Trey, Kelly, and I huddled over for a few minutes today and added some
>>>>> text to the version Eliot sent out yesterday.  We tried to address the
>>>>> questions Eliot raised and remove some of the ambiguous text based on
>>>>> the email discussions.  Please review and send your comments/feedback.
>>>>
>>>> Your proposal says:
>>>>
>>>>
>>>> "The group considers the following out of scope for this group:
>>>>         Defining new authentication schemes
>>>>         Defining new policy/authorization schemes
>>>>         Defining how SCIM implementations define and implement
>>>>           authorization"
>>>>
>>>> The first two are fine, and entirely sensible. I don't
>>>> get the 3rd.
>>>>
>>>> scim will presumably define some messages that can be sent,
>>>> e.g.:
>>>>
>>>>      Alice->Bob: Here's Charlie's new password
>>>>
>>>> I don't see how you'll be secure if anyone that's
>>>> authenticated can reset Charlie's password, so some
>>>> authorization is clearly needed.
>>>>
>>>> I don't see how you'll get interop if Alice and Bob
>>>> don't have a common way to determine that Alice is ok
>>>> to reset Charlie's password.
>>>>
>>>> What's the reason to try leave authorization for such
>>>> scim messages out of scope?
>>>>
>>>> S
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From prvs=414ec9017=Mark.Diodati@gartner.com  Thu Mar 15 07:25:33 2012
Return-Path: <prvs=414ec9017=Mark.Diodati@gartner.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E648621F85D2 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:25:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.524
X-Spam-Level: 
X-Spam-Status: No, score=-6.524 tagged_above=-999 required=5 tests=[AWL=0.075,  BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eUItiXMJdgoh for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:25:32 -0700 (PDT)
Received: from iron-main.gartner.com (iron-main.gartner.com [207.140.148.93]) by ietfa.amsl.com (Postfix) with ESMTP id 0795721F85D3 for <scim@ietf.org>; Thu, 15 Mar 2012 07:25:30 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ap8EAKX7YU8KQCMD/2dsb2JhbABDty2CCQEBAQMBAQEBJBM0CwUHBAIBCBEEAQEBCg4GBgMHJwsUCQgCBA4FCIYJgXQQrBSOFASKQYMmgj1jBKYIgmaBXA
X-IronPort-AV: E=Sophos;i="4.73,591,1325480400"; d="scan'208";a="102845197"
From: "Diodati,Mark" <Mark.Diodati@gartner.com>
To: Trey Drake <trey.drake@unboundid.com>, "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
Thread-Topic: [scim] Draft charter - v4
Thread-Index: AQHNArWyxzmJZMt6TUmH3nTx1hwCLZZrZ9Hg
Date: Thu, 15 Mar 2012 14:25:07 +0000
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com>
In-Reply-To: <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.127.2.130]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Message-Id: <20120315142531.0795721F85D3@ietfa.amsl.com>
Cc: "scim@ietf.org" <scim@ietf.org>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 14:25:33 -0000

+1 on Trey's assessment.

Also, SCIM should not mandate OAuth. There are other mechanisms for authori=
zation for authentication. Particularly, some folks will want to use certif=
icates (perhaps backed with private key stored in an HSM) and (potentially)=
 passwords for testing or lower assurance services.

Mark

-----Original Message-----
From: Trey Drake [mailto:trey.drake@unboundid.com]
Sent: Thursday, March 15, 2012 9:12 AM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org; Morteza Ansari (moransar); Stephen Farrell
Subject: Re: [scim] Draft charter - v4

The intent is exactly that - we do not intend to mandate specific authoriza=
tion schemes though we do intend to recommend.  In particular, the draft su=
bmission will recommend use of OAuth2 Bearer Token.  Unfortunately, we miss=
ed the draft submission date, hence the protocol draft that makes the point=
 clear is unavailable.

The question, as I interpret, is (using the case below): do we need to spec=
ify a scheme whereby Alice has a priori knowledge of what Alice has access =
to or do we remain silent and simply specify what must happen when an unaut=
horized Alice attempts to modify Bob.  The current thinking is the latter.

Thanks,
Trey


On Mar 15, 2012, at 8:37 AM, Brenner, Michael Ralf (Michael) wrote:

> I would not go as far as "mandating the use of OAuth" as part of the char=
ter of SCIM group, mainly because that may be then interpreted by some as "=
OAuth would be the only authorization mechanism that SCIM supports". But I =
do agree that SCIM MUST work in conjunction with AT LEAST OAuth (while not =
excluding other authorization mechanisms). It so happens that using OAuth 2=
 Bearer Token makes this relatively painless and un-intrusive to the scope =
of SCIM group to fulfill, IMHO.
>
> Michael
>
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
> Sent: Thursday, March 15, 2012 9:31 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar)
> Subject: Re: [scim] Draft charter - v4
>
>
> So I think we are using terms slightly differently. But
> that's ok and something that's not uncommon when different
> folks get involved in a BoF coming from different
> backgrounds.
>
> Mandating the ability to support OAuth may be quite
> sensible in this case. In any case, OAuth is probably
> fairly clearly something that'd need to be considered.
>
> Not doing that (or some equivalent) would seem to break
> interop and require pairwise agreements as to how to do
> authorization which would IMO be broken.
>
> S
>
> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>> Stephen,
>>
>> When using "implementations" in my suggestion I was referring to the wor=
ding in point 3 that you had an issue with: "Defining how SCIM implementati=
ons define and implement authorization".
>>
>> In the current SCIM specs, the wording is consistent with what I suggest=
ed (although I don't think it is strictly necessary to add anything, as men=
tioned in my previous message). Section 2. Authentication and Authorization=
 states make a series of recommendations, among others a strong recommendat=
ion for support for OAuth 2 Bearer Token, but the recommendations are inten=
ded to the IMPLEMENTERS (to support existing authentication/authorization s=
chemes, among them OAuth 2). However they stop short of mandating any authe=
ntication/authorization scheme, which I think is the right approach.
>>
>> Michael
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:11 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: Morteza Ansari (moransar); scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>
>>
>> I'm not sure what exactly you mean by implementation.
>>
>> RFCs of course don't provide code for stuff like this.
>>
>> But to get interop, both sides need to (be able to)
>> use the same thing. So RFCs do usually specify a "MUST
>> implement" set of features for stuff like this.
>>
>> If one did OAuth and one kerberos then that'd not work.
>> (In either case there'd likely be work to say just how
>> to use the underlying scheme.)
>>
>> Seems to me this wg would need to pick something here
>> and maybe do some profiling, so that authorization
>> decisions can be made in a secure and interoperable
>> manner.
>>
>> S
>>
>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>> The way I understood the proposed scope is that SCIM WG itself will not=
 provide deliverables that recommend specific IMPLEMENTATIONS for authoriza=
tion. I did not understand it as "it's not necessary or important", rather =
that it is the scope of other groups.
>>>
>>> Not sure if anything is needed, but if so - we could consider adding: "=
... while not preventing the use of different authorization mechanisms". Th=
is will raise the awareness to ensure that was is specified works in conjun=
ction with OAuth and/or other mechanisms.
>>>
>>> Michael
>>>
>>> -----Original Message-----
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of=
 Stephen Farrell
>>> Sent: Thursday, March 15, 2012 6:09 AM
>>> To: Morteza Ansari (moransar)
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>
>>>
>>>
>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>> Trey, Kelly, and I huddled over for a few minutes today and added some
>>>> text to the version Eliot sent out yesterday.  We tried to address the
>>>> questions Eliot raised and remove some of the ambiguous text based on
>>>> the email discussions.  Please review and send your comments/feedback.
>>>
>>> Your proposal says:
>>>
>>>
>>> "The group considers the following out of scope for this group:
>>>        Defining new authentication schemes
>>>        Defining new policy/authorization schemes
>>>        Defining how SCIM implementations define and implement
>>>          authorization"
>>>
>>> The first two are fine, and entirely sensible. I don't
>>> get the 3rd.
>>>
>>> scim will presumably define some messages that can be sent,
>>> e.g.:
>>>
>>>     Alice->Bob: Here's Charlie's new password
>>>
>>> I don't see how you'll be secure if anyone that's
>>> authenticated can reset Charlie's password, so some
>>> authorization is clearly needed.
>>>
>>> I don't see how you'll get interop if Alice and Bob
>>> don't have a common way to determine that Alice is ok
>>> to reset Charlie's password.
>>>
>>> What's the reason to try leave authorization for such
>>> scim messages out of scope?
>>>
>>> S
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


________________________________

This e-mail message, including any attachments, is for the sole use of the =
person to whom it has been sent, and may contain information that is confid=
ential or legally protected. If you are not the intended recipient or have =
received this message in error, you are not authorized to copy, distribute,=
 or otherwise use this message or its attachments. Please notify the sender=
 immediately by return e-mail and permanently delete this message and any a=
ttachments. Gartner makes no warranty that this e-mail is error or virus fr=
ee.

From sal@idmachines.com  Thu Mar 15 07:53:32 2012
Return-Path: <sal@idmachines.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1150521F871E for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:53:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level: 
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_74=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GIeAlZo91AIy for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 07:53:31 -0700 (PDT)
Received: from outbound004.roc2.bluetie.com (outbound004.roc2.bluetie.com [208.89.132.144]) by ietfa.amsl.com (Postfix) with ESMTP id 15ED521F86EC for <scim@ietf.org>; Thu, 15 Mar 2012 07:53:29 -0700 (PDT)
Received: from emta003.roc2.bluetie.com ([10.200.2.133]) by outbound004.roc2.bluetie.com with bizsmtp id lqtV1i0012sBFZW01qtVZ4; Thu, 15 Mar 2012 10:53:29 -0400
X-CMAE-OUT-Analysis: v=2.0 cv=F7bVh9dN c=1 sm=1 a=NJE6f4d9Bx3nbBK2hKt3bQ==:17 a=YpuRe_CM9voA:10 a=rDVSmjPdij8A:10 a=I9BJdG6Tl3oA:10 a=48vgC7mUAAAA:8 a=G_lMaSxbAAAA:8 a=IBWxhjiy2aQ0ZYJRwykA:9 a=k5t8igqYnpKgJhi3h_MA:7 a=CjuIK1q_8ugA:10 a=lZB815dzVvQA:10 a=9z7aQ_sjC2AA:10 a=eoLfTLUlZZ9jpdJO:21 a=j80GMZR-nrXpSxyG:21 a=OAUM8_f4AAAA:8 a=Hzc67GbKAAAA:8 a=J_R1D7kMAAAA:8 a=-JFWqQHnAAAA:8 a=v_HabFGYiU2OGkFS6PwA:9 a=ZVk8-NSrHBgA:10 a=BaG7jsApzVfQP5CKn1ndzA==:117
X-CMAE-OUT-Score: 0.00
Received: from salPC (pool-71-174-35-147.bstnma.east.verizon.net [71.174.35.147]) (Authenticated sender: sal@idmachines.com) by emta003.roc2.bluetie.com (Postfix) with ESMTP id 2FAF311D01B8; Thu, 15 Mar 2012 10:53:28 -0400 (EDT)
From: "Salvatore D'Agostino" <sal@idmachines.com>
To: "'Diodati,Mark'" <Mark.Diodati@gartner.com>, "'Trey Drake'" <trey.drake@unboundid.com>, "'Brenner, Michael Ralf \(Michael\)'" <michael.brenner@alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>	<4F61BFBF.7090408@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EA5B.70207@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EF05.2050608@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com>
In-Reply-To: <20120315142531.0795721F85D3@ietfa.amsl.com>
Date: Thu, 15 Mar 2012 10:53:29 -0400
Message-ID: <048101cd02bb$630033f0$29009bd0$@com>
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AQHNArWyxzmJZMt6TUmH3nTx1hwCLZZrZ9HggAAIq1A=
Content-Language: en-us
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="----=_NextPart_000_047C_01CD0299.DB4311B0"; protocol="application/x-pkcs7-signature"; micalg=SHA1
Cc: scim@ietf.org, "'Morteza Ansari \(moransar\)'" <moransar@cisco.com>, 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 14:53:32 -0000

This is a multi-part message in MIME format.

------=_NextPart_000_047C_01CD0299.DB4311B0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit

+1 Trey

Is this no mandate for any client authN type or token type?

Sal

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Diodati,Mark
Sent: Thursday, March 15, 2012 10:25 AM
To: Trey Drake; Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org; Morteza Ansari (moransar); Stephen Farrell
Subject: Re: [scim] Draft charter - v4

+1 on Trey's assessment.

Also, SCIM should not mandate OAuth. There are other mechanisms for
authorization for authentication. Particularly, some folks will want to use
certificates (perhaps backed with private key stored in an HSM) and
(potentially) passwords for testing or lower assurance services.

Mark

-----Original Message-----
From: Trey Drake [mailto:trey.drake@unboundid.com]
Sent: Thursday, March 15, 2012 9:12 AM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org; Morteza Ansari (moransar); Stephen Farrell
Subject: Re: [scim] Draft charter - v4

The intent is exactly that - we do not intend to mandate specific
authorization schemes though we do intend to recommend.  In particular, the
draft submission will recommend use of OAuth2 Bearer Token.  Unfortunately,
we missed the draft submission date, hence the protocol draft that makes the
point clear is unavailable.

The question, as I interpret, is (using the case below): do we need to
specify a scheme whereby Alice has a priori knowledge of what Alice has
access to or do we remain silent and simply specify what must happen when an
unauthorized Alice attempts to modify Bob.  The current thinking is the
latter.

Thanks,
Trey


On Mar 15, 2012, at 8:37 AM, Brenner, Michael Ralf (Michael) wrote:

> I would not go as far as "mandating the use of OAuth" as part of the
charter of SCIM group, mainly because that may be then interpreted by some
as "OAuth would be the only authorization mechanism that SCIM supports". But
I do agree that SCIM MUST work in conjunction with AT LEAST OAuth (while not
excluding other authorization mechanisms). It so happens that using OAuth 2
Bearer Token makes this relatively painless and un-intrusive to the scope of
SCIM group to fulfill, IMHO.
>
> Michael
>
> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
> Sent: Thursday, March 15, 2012 9:31 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar)
> Subject: Re: [scim] Draft charter - v4
>
>
> So I think we are using terms slightly differently. But that's ok and 
> something that's not uncommon when different folks get involved in a 
> BoF coming from different backgrounds.
>
> Mandating the ability to support OAuth may be quite sensible in this 
> case. In any case, OAuth is probably fairly clearly something that'd 
> need to be considered.
>
> Not doing that (or some equivalent) would seem to break interop and 
> require pairwise agreements as to how to do authorization which would 
> IMO be broken.
>
> S
>
> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>> Stephen,
>>
>> When using "implementations" in my suggestion I was referring to the
wording in point 3 that you had an issue with: "Defining how SCIM
implementations define and implement authorization".
>>
>> In the current SCIM specs, the wording is consistent with what I
suggested (although I don't think it is strictly necessary to add anything,
as mentioned in my previous message). Section 2. Authentication and
Authorization states make a series of recommendations, among others a strong
recommendation for support for OAuth 2 Bearer Token, but the recommendations
are intended to the IMPLEMENTERS (to support existing
authentication/authorization schemes, among them OAuth 2). However they stop
short of mandating any authentication/authorization scheme, which I think is
the right approach.
>>
>> Michael
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:11 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: Morteza Ansari (moransar); scim@ietf.org
>> Subject: Re: [scim] Draft charter - v4
>>
>>
>> I'm not sure what exactly you mean by implementation.
>>
>> RFCs of course don't provide code for stuff like this.
>>
>> But to get interop, both sides need to (be able to) use the same 
>> thing. So RFCs do usually specify a "MUST implement" set of features 
>> for stuff like this.
>>
>> If one did OAuth and one kerberos then that'd not work.
>> (In either case there'd likely be work to say just how to use the 
>> underlying scheme.)
>>
>> Seems to me this wg would need to pick something here and maybe do 
>> some profiling, so that authorization decisions can be made in a 
>> secure and interoperable manner.
>>
>> S
>>
>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>> The way I understood the proposed scope is that SCIM WG itself will not
provide deliverables that recommend specific IMPLEMENTATIONS for
authorization. I did not understand it as "it's not necessary or important",
rather that it is the scope of other groups.
>>>
>>> Not sure if anything is needed, but if so - we could consider adding:
"... while not preventing the use of different authorization mechanisms".
This will raise the awareness to ensure that was is specified works in
conjunction with OAuth and/or other mechanisms.
>>>
>>> Michael
>>>
>>> -----Original Message-----
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf 
>>> Of Stephen Farrell
>>> Sent: Thursday, March 15, 2012 6:09 AM
>>> To: Morteza Ansari (moransar)
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>
>>>
>>>
>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>> Trey, Kelly, and I huddled over for a few minutes today and added 
>>>> some text to the version Eliot sent out yesterday.  We tried to 
>>>> address the questions Eliot raised and remove some of the ambiguous 
>>>> text based on the email discussions.  Please review and send your
comments/feedback.
>>>
>>> Your proposal says:
>>>
>>>
>>> "The group considers the following out of scope for this group:
>>>        Defining new authentication schemes
>>>        Defining new policy/authorization schemes
>>>        Defining how SCIM implementations define and implement
>>>          authorization"
>>>
>>> The first two are fine, and entirely sensible. I don't get the 3rd.
>>>
>>> scim will presumably define some messages that can be sent,
>>> e.g.:
>>>
>>>     Alice->Bob: Here's Charlie's new password
>>>
>>> I don't see how you'll be secure if anyone that's authenticated can 
>>> reset Charlie's password, so some authorization is clearly needed.
>>>
>>> I don't see how you'll get interop if Alice and Bob don't have a 
>>> common way to determine that Alice is ok to reset Charlie's 
>>> password.
>>>
>>> What's the reason to try leave authorization for such scim messages 
>>> out of scope?
>>>
>>> S
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


________________________________

This e-mail message, including any attachments, is for the sole use of the
person to whom it has been sent, and may contain information that is
confidential or legally protected. If you are not the intended recipient or
have received this message in error, you are not authorized to copy,
distribute, or otherwise use this message or its attachments. Please notify
the sender immediately by return e-mail and permanently delete this message
and any attachments. Gartner makes no warranty that this e-mail is error or
virus free.
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim


------=_NextPart_000_047C_01CD0299.DB4311B0
Content-Type: application/x-pkcs7-signature;
	name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIITdDCCBDYw
ggMeoAMCAQICAQEwDQYJKoZIhvcNAQEFBQAwbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRy
dXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZ
QWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ4MzhaFw0yMDA1MzAxMDQ4Mzha
MG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3Qg
RXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3Qw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC39xoz5vIABC054E5b7R+8bA/Ntfojts7e
mxEzl6QpTH2Tn71KvJPtAxrjj8/lbVBa1pcplFqAsEl62y6V/bjKvzc4LR4+kUGtcFbH8E8/6DKe
dMrIkFTpxl8PeJ2aQDwOrGGqXhSPnoehalDc15pOrwWzpnGUnHGzUGAKxxOdOAeGAqjpqGkmGJCr
TLBPI6s6T4TY386f4Wlvu9dC12tE5Met7m1BX3JacQg3s3llpFmglDf3AC8NwpJy2tA4ctsUqEXE
XSp9t7TWxO6szRNEt8kr3UMAJfphuWlqWCMRt6czj1Z1WfXNKddGtworZbbTQm8Vsrh7++/pXVPV
NFonAgMBAAGjgdwwgdkwHQYDVR0OBBYEFK29mHo0tCb3+sQmVO8DveAky1QaMAsGA1UdDwQEAwIB
BjAPBgNVHRMBAf8EBTADAQH/MIGZBgNVHSMEgZEwgY6AFK29mHo0tCb3+sQmVO8DveAky1QaoXOk
cTBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0
IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
ggEBMA0GCSqGSIb3DQEBBQUAA4IBAQCwm+CFJcLWI+IPlgaSnUGYnNmEeYHZHlsUByM2ZY+w2He7
rEFsR2CDUbD5Mj3n/PYmE8eAFqW/WvyHz3h5iSGa4kwHCoY1vPLeUcTSlrfcfk7ucP0cOesMAlEU
LY69FuDB30Z15ySt7PRCtIWTcBBnup0GNUoY0yt6zFFCoXpj0ea7ocUrwja+Ew3mvWN+eXunCQ1A
q2rdj4rD9vaMGkIFUdRF9Z+nYiFoFSBDPJnnfL0k2KmRF3OIP1YbMTgYtHEPms3IDp6OLhvhjJiD
yx8x8URMxgRzSXZgD8f4vReAay7pzEwOWpp5DyAKLtWeYyYeVZKU2IIXWnvQvMePToYEMIIEnTCC
A4WgAwIBAgIQND3pK6wnNP+PyzSU+8xwVDANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3
b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTA1MDYwNzA4MDkxMFoX
DTIwMDUzMDEwNDgzOFowga4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2Fs
dCBMYWtlIENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0
cDovL3d3dy51c2VydHJ1c3QuY29tMTYwNAYDVQQDEy1VVE4tVVNFUkZpcnN0LUNsaWVudCBBdXRo
ZW50aWNhdGlvbiBhbmQgRW1haWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyOYWk
8n2rQTtiRjeuzcFgdbw5ZflKGkeiucxIzGqY1U01GbmkQuXOSeKKLx580jEHx060g2SdLinVomTE
hb2FUTV5pE5okHsceqSSqBfymBXyk8zJpDKVuwxPML2YoAuL5W4bokb6eLyib6tZXqUvz8rabaov
66yhs2qqty5nNYt54R5piOLmRs2gpeq+C852OnoOm+r82idbPXMfIuZIYcZM82mxqC4bttQxICy8
goqOpA6l14lD/BZarx1x1xFZ2rqHDa/68+HC8KTFZ4zW1lQ63gqkugN3s2XI/R7TdGKqGMpokx6h
hX71R2XL+E1XKHTSNP8wtu72YjAUjCzrAgMBAAGjgfQwgfEwHwYDVR0jBBgwFoAUrb2YejS0Jvf6
xCZU7wO94CTLVBowHQYDVR0OBBYEFImCZ33EnSZwAEu0UEh83j2uBG59MA4GA1UdDwEB/wQEAwIB
BjAPBgNVHRMBAf8EBTADAQH/MBEGA1UdIAQKMAgwBgYEVR0gADBEBgNVHR8EPTA7MDmgN6A1hjNo
dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vQWRkVHJ1c3RFeHRlcm5hbENBUm9vdC5jcmwwNQYIKwYB
BQUHAQEEKTAnMCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3
DQEBBQUAA4IBAQABvJzjYyiw8zEBwt973WKgAZ0jMQ+cknNTUeofTPrWn8TKL2d+eDMPdBa5kYeR
9Yom+mRwANge+QsEYlCHk4HU2vUj2zS7hVa0cDRueIM3HoUcxREVkl+HF72sav3xwtHMiV+xfPA+
UfI183zsYJhrOivg79+zfYbrtRv1W+yifJgT1wBQudEtc94DeHThBYUxXsuauZ2UxrmUN3Vy3ET7
Z+jw+iUeUqfaJelH4KDHPKBOsQo2+3dIn++Xivu0/uOUFKiDvFwtP9JgcWDuwnGCDOmINuPaILSj
oGyqlku4gI51ykkH9jsUut/cBdmf2+Cy5k2geCbn5y1uf1/GHogVMIIFBzCCA++gAwIBAgIRALmG
eVqCTqpZqLx7AemG58MwDQYJKoZIhvcNAQEFBQAwgYAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJH
cmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBM
aW1pdGVkMSYwJAYDVQQDEx1DT01PRE8vUEtXQVJFIFNlY3VyZSBFbWFpbCBDQTAeFw0xMTA0MjUw
MDAwMDBaFw0xMjA0MjQyMzU5NTlaMG8xEjAQBgNVBAsTCVNlY3VyZVpJUDEXMBUGA1UEChMOSURt
YWNoaW5lcyBMTEMxHTAbBgNVBAMTFFNhbHZhdG9yZSBEJ0Fnb3N0aW5vMSEwHwYJKoZIhvcNAQkB
FhJzYWxAaWRtYWNoaW5lcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtKb12
qK3ue4VdGjMRdHTRTG+8fKHhBr3i+sTrLBr3uP95Knw/Fk8qZ50FR4h2yHz9Rs1r4sOdUKoEC1i/
v3V23YONx1xJOZqSGwAarl0E6/O6bROf1WIw4mLvJcilYR7EHybali2DcgRTSxosY3btsshjyz6B
hztMrS1ytM849/lzHro4R2NdIlnzMLaWTawlvXC9s22o+LSEdodULIfXyAHk0jpBicfyra/vWIRK
FO7Cc3RmMkaKCE3rHwprVYpG7a+MDuqCkcezimw8s2r17bQW1lUhoEUfHSh10sEc+ws2fcgJ+D8o
ZWTStluoAE6+VaIdkgLv6yawo33niKshAgMBAAGjggGKMIIBhjAfBgNVHSMEGDAWgBShTAkfN36u
6lGGKfgk64W3vzrTUzAdBgNVHQ4EFgQUikHsNSwzKXqRXH//SpQEXYsKBKwwDgYDVR0PAQH/BAQD
AgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMEYGA1UdIAQ/
MD0wOwYMKwYBBAGyMQECAQMFMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5u
ZXQvQ1BTMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1BL
V0FSRVNlY3VyZUVtYWlsQ0EuY3JsMHcGCCsGAQUFBwEBBGswaTBBBggrBgEFBQcwAoY1aHR0cDov
L2NydC5jb21vZG9jYS5jb20vQ09NT0RPUEtXQVJFU2VjdXJlRW1haWxDQS5jcnQwJAYIKwYBBQUH
MAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAO8vKSqLo2f6y
8UFlt4pUKzS8XWEOrnGEryB5jsrQQxqsLd2FUADscFRuudaQza+xylyx/EveB5R8oEzMMe0rvMHA
GZhsCxmAK1JkLMMV7bEGUdgvQQuA/XwVFD0wM1oOF+Bf8fWjCnprl3viCMu7dcHFvG23VEYNcGKQ
nK0V74GISk5IL+8mVn4onzvKYS4ikb+3yl0RaPY/Ath0t5tRk1juxwLCxHvYjQmQyDsV3COeJLXt
p/QZHbs8yZCacldaiFERAI8RG9gRhcCqSYeyH7U/EFU5F9OBwekE8nOk3RuKe8XgCviVf2rI/7lA
nH61pNexFHwu/cq1SAjNPkk3ojCCBYowggRyoAMCAQICEAaH6ql64z6txh7XySrJrVAwDQYJKoZI
hvcNAQEFBQAwga4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3
dy51c2VydHJ1c3QuY29tMTYwNAYDVQQDEy1VVE4tVVNFUkZpcnN0LUNsaWVudCBBdXRoZW50aWNh
dGlvbiBhbmQgRW1haWwwHhcNMDcxMTEzMDAwMDAwWhcNMjgxMjMxMjM1OTU5WjCBgDELMAkGA1UE
BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG
A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJjAkBgNVBAMTHUNPTU9ETy9QS1dBUkUgU2VjdXJlIEVt
YWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw6bNwNq+rMgpXobua3jkbOq
LHil3RfvOEo0Bu0WJZ/jsoTT60hSKEOcOmBfaw3naj2wI3osUdksgBumcPTHAqKJCPohSe/AJLAj
gyvtyzMwtzhYKIRGe36wMA8KwkQGMqDep8sYOfrmNR7mnDjPW6FaK93kgW8QrbJJ2VwTu93Gk0zO
lcIcpda9qE2HBMnxTyL2gp6ASF0BwB6gRETPRosPF0qhRixp1d5qtjSs5mTn/beLObDJQYV+v14P
WfvBc9cixKcUIr6jzVH0CMsgEBUtWUWKoAnKu28lJIuoKfOPf58ghTdTaZFKCPViPRKzTkPaKjno
TJFaf8Nr0TsI6wIDAQABo4IBzjCCAcowHwYDVR0jBBgwFoAUiYJnfcSdJnAAS7RQSHzePa4Ebn0w
HQYDVR0OBBYEFKFMCR83fq7qUYYp+CTrhbe/OtNTMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8E
CDAGAQH/AgEAMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3Vy
ZS5jb21vZG8uY29tL0NQUzCBpQYDVR0fBIGdMIGaMEygSqBIhkZodHRwOi8vY3JsLmNvbW9kb2Nh
LmNvbS9VVE4tVVNFUkZpcnN0LUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kRW1haWwuY3JsMEqgSKBG
hkRodHRwOi8vY3JsLmNvbW9kby5uZXQvVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50aWNhdGlv
bmFuZEVtYWlsLmNybDB8BggrBgEFBQcBAQRwMG4wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuY29t
b2RvY2EuY29tL1VUTkFBQUNsaWVudENBLmNydDA0BggrBgEFBQcwAoYoaHR0cDovL2NydC5jb21v
ZG8ubmV0L1VUTkFBQUNsaWVudENBLmNydDANBgkqhkiG9w0BAQUFAAOCAQEARaiS90mJRHr1KRD1
Mbh8lDdR6dsqo7lrIPJGCKNNCYP0ExJ/LMxXGByok3Y7Z9jH9IyxqtUGfFmwUWNpiYAxtfp5iioK
S85Jpltrip5dAOUSZwVUjqr3HbddG4K+tkRXgZTroCdk6VNuEQSelCjXCEAR097PCFZ0eiAy3ka7
NTeRLvMwdz4AcD2tSDiIoR9gdHX8P+b+/qv678hRADVkQXBkP20q0CGwtVOsPh/iceONkZiIEgAN
pI1T/GqGCGf00SeUVws0U9CGBR4Ntr+59pXr5IbDmw8IBkEuCFMgg9XaLZghj17CQZ+LuFymY31f
W2SBm8H1T/vJ3dtz8GZYnTGCBC8wggQrAgEBMIGWMIGAMQswCQYDVQQGEwJHQjEbMBkGA1UECBMS
R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0Eg
TGltaXRlZDEmMCQGA1UEAxMdQ09NT0RPL1BLV0FSRSBTZWN1cmUgRW1haWwgQ0ECEQC5hnlagk6q
Wai8ewHphufDMAkGBSsOAwIaBQCgggJtMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI
hvcNAQkFMQ8XDTEyMDMxNTE0NTMyOVowIwYJKoZIhvcNAQkEMRYEFMPYGB7yOGiGG7PpDUjCuZvf
fn8yMIGnBgkrBgEEAYI3EAQxgZkwgZYwgYAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVy
IE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVk
MSYwJAYDVQQDEx1DT01PRE8vUEtXQVJFIFNlY3VyZSBFbWFpbCBDQQIRALmGeVqCTqpZqLx7AemG
58MwgakGCyqGSIb3DQEJEAILMYGZoIGWMIGAMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRl
ciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRl
ZDEmMCQGA1UEAxMdQ09NT0RPL1BLV0FSRSBTZWN1cmUgRW1haWwgQ0ECEQC5hnlagk6qWai8ewHp
hufDMIG3BgkqhkiG9w0BCQ8xgakwgaYwCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBFjAKBggqhkiG
9w0DBzALBglghkgBZQMEAQIwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgFA
MA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAsGCWCGSAFlAwQCAzALBglghkgBZQMEAgIwCwYJYIZI
AWUDBAIBMAoGCCqGSIb3DQIFMA0GCSqGSIb3DQEBAQUABIIBAKa92Yzic8ND1fv4EIkalCeUFchk
0w7LwEvzqcOkulyDXRrafMlo6NbJKx56wkqxRexM/jzmEYXfMN88vhfjq18S7ffoNALca0SqxWCE
1q6Ck/2JLriQXO7iywEMX12avegKJVZQwTDGs2uA/kOYkj1Zx+H+cwbqB48TraCkvtvj/1Qy2zmd
drpVvevCB8vFxKJcDXblVnij2yf6n7Qv0l85CKDgO5Cj3hj1famsLiAGjhVbFnqjt08x1jrSB6VZ
7aNjDqCYq2sIHRduB/C4N56GTFhvcE5URWJEvMEnqW7k/f+WGZSh08gD9mA/KrNYskvd6aY/NtEf
HIncasykldsAAAAAAAA=

------=_NextPart_000_047C_01CD0299.DB4311B0--


From trey.drake@unboundid.com  Thu Mar 15 08:25:44 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAAEF21F84EB for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 08:25:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.299
X-Spam-Level: 
X-Spam-Status: No, score=-3.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_74=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4hgNI8ETymYB for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 08:25:43 -0700 (PDT)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9C15A21F871C for <scim@ietf.org>; Thu, 15 Mar 2012 08:25:43 -0700 (PDT)
Received: by obbta4 with SMTP id ta4so85064obb.31 for <scim@ietf.org>; Thu, 15 Mar 2012 08:25:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=zBVFvqVuTOkJEFfGnKWfEep5FrqqSWRj/Ilhlci12pQ=; b=U3d+3OYnfOH/Gx+9zT1iM8Iy+KI06XJOU/4kVsxLD4T1WYzjjqekaCKefaaOb5xedG W9zPWmHbUvkvGC0tOcWrwmvdwKY7fKWlNxNDsRo4homgEeVbfNGdtHEi0mCEgGUoeZEt 9mS20xI5FjUDpGYp2PI6y+pxVidfsToAb+RSb/6oUqsykFwWQTVFyOuGq/v0mqBFWJzM XSIDrvBKjWRTvf5oOYBRqsGCwwoxr4IuA0q9atsf7i3jAFtPlmMl7a/cgiH6V76Fn06b JBEvPULBj5Xh5J3dMWHY8JbgxkTOHe4mlxULU8UAcrDimvneGDCfDSS9HW/qGcSE2Uc5 DuBw==
Received: by 10.182.53.106 with SMTP id a10mr1934125obp.43.1331825140682; Thu, 15 Mar 2012 08:25:40 -0700 (PDT)
Received: from [192.168.241.86] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id c2sm1563356oeb.13.2012.03.15.08.25.38 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Mar 2012 08:25:39 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_839F8E2C-5126-40CE-B19E-94CB226A2967"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <048101cd02bb$630033f0$29009bd0$@com>
Date: Thu, 15 Mar 2012 10:25:37 -0500
Message-Id: <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>	<4F61BFBF.7090408@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EA5B.70207@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EF05.2050608@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com>
To: "Salvatore D'Agostino" <sal@idmachines.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQnTzkPXIKlh38GP+KS+YUwK4kl08LkKxD3BOpyUacxTJgBFz+EzrN3Z9lfDpZPlxaFJH8FU
Cc: "'Brenner, Michael Ralf \(Michael\)'" <michael.brenner@alcatel-lucent.com>, "'Diodati, Mark'" <Mark.Diodati@gartner.com>, 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>, "'Morteza Ansari \(moransar\)'" <moransar@cisco.com>, scim@ietf.org
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 15:25:44 -0000
X-List-Received-Date: Thu, 15 Mar 2012 15:25:44 -0000

--Apple-Mail=_839F8E2C-5126-40CE-B19E-94CB226A2967
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

I'm sure this will (once again) be heavily debated once the group is =
formed.  In the past the balancing act was bent towards pragmatism; =
i.e., what can organizations actually roll out in the foreseeable =
future?  The answer is/was recommendation for OAuth bearer tokens, =
language encouraging service providers to remain flexible w.r.t. authN/Z =
schemes, and a facility for discovering the authentication schemes =
supported by the service provider.  The latter  enables a =
developer/consumer the ability to poke through and select an appropriate =
scheme.

Thanks,
Trey

On Mar 15, 2012, at 9:53 AM, Salvatore D'Agostino wrote:

> +1 Trey
>=20
> Is this no mandate for any client authN type or token type?
>=20
> Sal
>=20
> -----Original Message-----
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of
> Diodati,Mark
> Sent: Thursday, March 15, 2012 10:25 AM
> To: Trey Drake; Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar); Stephen Farrell
> Subject: Re: [scim] Draft charter - v4
>=20
> +1 on Trey's assessment.
>=20
> Also, SCIM should not mandate OAuth. There are other mechanisms for
> authorization for authentication. Particularly, some folks will want =
to use
> certificates (perhaps backed with private key stored in an HSM) and
> (potentially) passwords for testing or lower assurance services.
>=20
> Mark
>=20
> -----Original Message-----
> From: Trey Drake [mailto:trey.drake@unboundid.com]
> Sent: Thursday, March 15, 2012 9:12 AM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org; Morteza Ansari (moransar); Stephen Farrell
> Subject: Re: [scim] Draft charter - v4
>=20
> The intent is exactly that - we do not intend to mandate specific
> authorization schemes though we do intend to recommend.  In =
particular, the
> draft submission will recommend use of OAuth2 Bearer Token.  =
Unfortunately,
> we missed the draft submission date, hence the protocol draft that =
makes the
> point clear is unavailable.
>=20
> The question, as I interpret, is (using the case below): do we need to
> specify a scheme whereby Alice has a priori knowledge of what Alice =
has
> access to or do we remain silent and simply specify what must happen =
when an
> unauthorized Alice attempts to modify Bob.  The current thinking is =
the
> latter.
>=20
> Thanks,
> Trey
>=20
>=20
> On Mar 15, 2012, at 8:37 AM, Brenner, Michael Ralf (Michael) wrote:
>=20
>> I would not go as far as "mandating the use of OAuth" as part of the
> charter of SCIM group, mainly because that may be then interpreted by =
some
> as "OAuth would be the only authorization mechanism that SCIM =
supports". But
> I do agree that SCIM MUST work in conjunction with AT LEAST OAuth =
(while not
> excluding other authorization mechanisms). It so happens that using =
OAuth 2
> Bearer Token makes this relatively painless and un-intrusive to the =
scope of
> SCIM group to fulfill, IMHO.
>>=20
>> Michael
>>=20
>> -----Original Message-----
>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>> Sent: Thursday, March 15, 2012 9:31 AM
>> To: Brenner, Michael Ralf (Michael)
>> Cc: scim@ietf.org; Morteza Ansari (moransar)
>> Subject: Re: [scim] Draft charter - v4
>>=20
>>=20
>> So I think we are using terms slightly differently. But that's ok and=20=

>> something that's not uncommon when different folks get involved in a=20=

>> BoF coming from different backgrounds.
>>=20
>> Mandating the ability to support OAuth may be quite sensible in this=20=

>> case. In any case, OAuth is probably fairly clearly something that'd=20=

>> need to be considered.
>>=20
>> Not doing that (or some equivalent) would seem to break interop and=20=

>> require pairwise agreements as to how to do authorization which would=20=

>> IMO be broken.
>>=20
>> S
>>=20
>> On 03/15/2012 01:21 PM, Brenner, Michael Ralf (Michael) wrote:
>>> Stephen,
>>>=20
>>> When using "implementations" in my suggestion I was referring to the
> wording in point 3 that you had an issue with: "Defining how SCIM
> implementations define and implement authorization".
>>>=20
>>> In the current SCIM specs, the wording is consistent with what I
> suggested (although I don't think it is strictly necessary to add =
anything,
> as mentioned in my previous message). Section 2. Authentication and
> Authorization states make a series of recommendations, among others a =
strong
> recommendation for support for OAuth 2 Bearer Token, but the =
recommendations
> are intended to the IMPLEMENTERS (to support existing
> authentication/authorization schemes, among them OAuth 2). However =
they stop
> short of mandating any authentication/authorization scheme, which I =
think is
> the right approach.
>>>=20
>>> Michael
>>> -----Original Message-----
>>> From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
>>> Sent: Thursday, March 15, 2012 9:11 AM
>>> To: Brenner, Michael Ralf (Michael)
>>> Cc: Morteza Ansari (moransar); scim@ietf.org
>>> Subject: Re: [scim] Draft charter - v4
>>>=20
>>>=20
>>> I'm not sure what exactly you mean by implementation.
>>>=20
>>> RFCs of course don't provide code for stuff like this.
>>>=20
>>> But to get interop, both sides need to (be able to) use the same=20
>>> thing. So RFCs do usually specify a "MUST implement" set of features=20=

>>> for stuff like this.
>>>=20
>>> If one did OAuth and one kerberos then that'd not work.
>>> (In either case there'd likely be work to say just how to use the=20
>>> underlying scheme.)
>>>=20
>>> Seems to me this wg would need to pick something here and maybe do=20=

>>> some profiling, so that authorization decisions can be made in a=20
>>> secure and interoperable manner.
>>>=20
>>> S
>>>=20
>>> On 03/15/2012 01:05 PM, Brenner, Michael Ralf (Michael) wrote:
>>>> The way I understood the proposed scope is that SCIM WG itself will =
not
> provide deliverables that recommend specific IMPLEMENTATIONS for
> authorization. I did not understand it as "it's not necessary or =
important",
> rather that it is the scope of other groups.
>>>>=20
>>>> Not sure if anything is needed, but if so - we could consider =
adding:
> "... while not preventing the use of different authorization =
mechanisms".
> This will raise the awareness to ensure that was is specified works in
> conjunction with OAuth and/or other mechanisms.
>>>>=20
>>>> Michael
>>>>=20
>>>> -----Original Message-----
>>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On =
Behalf=20
>>>> Of Stephen Farrell
>>>> Sent: Thursday, March 15, 2012 6:09 AM
>>>> To: Morteza Ansari (moransar)
>>>> Cc: scim@ietf.org
>>>> Subject: Re: [scim] Draft charter - v4
>>>>=20
>>>>=20
>>>>=20
>>>> On 03/15/2012 03:24 AM, Morteza Ansari (moransar) wrote:
>>>>> Trey, Kelly, and I huddled over for a few minutes today and added=20=

>>>>> some text to the version Eliot sent out yesterday.  We tried to=20
>>>>> address the questions Eliot raised and remove some of the =
ambiguous=20
>>>>> text based on the email discussions.  Please review and send your
> comments/feedback.
>>>>=20
>>>> Your proposal says:
>>>>=20
>>>>=20
>>>> "The group considers the following out of scope for this group:
>>>>       Defining new authentication schemes
>>>>       Defining new policy/authorization schemes
>>>>       Defining how SCIM implementations define and implement
>>>>         authorization"
>>>>=20
>>>> The first two are fine, and entirely sensible. I don't get the 3rd.
>>>>=20
>>>> scim will presumably define some messages that can be sent,
>>>> e.g.:
>>>>=20
>>>>    Alice->Bob: Here's Charlie's new password
>>>>=20
>>>> I don't see how you'll be secure if anyone that's authenticated can=20=

>>>> reset Charlie's password, so some authorization is clearly needed.
>>>>=20
>>>> I don't see how you'll get interop if Alice and Bob don't have a=20
>>>> common way to determine that Alice is ok to reset Charlie's=20
>>>> password.
>>>>=20
>>>> What's the reason to try leave authorization for such scim messages=20=

>>>> out of scope?
>>>>=20
>>>> S
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20
>=20
> ________________________________
>=20
> This e-mail message, including any attachments, is for the sole use of =
the
> person to whom it has been sent, and may contain information that is
> confidential or legally protected. If you are not the intended =
recipient or
> have received this message in error, you are not authorized to copy,
> distribute, or otherwise use this message or its attachments. Please =
notify
> the sender immediately by return e-mail and permanently delete this =
message
> and any attachments. Gartner makes no warranty that this e-mail is =
error or
> virus free.
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>=20


--Apple-Mail=_839F8E2C-5126-40CE-B19E-94CB226A2967
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTUxNTI1MzdaMCMGCSqGSIb3DQEJBDEWBBRZLiJTjc7XWPfyUbRqCelIiEMOgDCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAAuaNu1Bx9MvkfCPjjzxSS24Uhpp3OutH2AHy0Jm+mEL2537We9doz9x2oyFtc+nNxaO
0li1/Qn1SxwriS7nmEsScgLRus32DcGj7W3etwMnredX/45T0htelO2aRPtqMXEz7/P3NsGmkZ1c
81MMPfd0Ee2aOgqb25BEk2mZ9m6tWHVN3yKFCRXWEkrlIhIiQzyYOV6jkKBqMRskZAJrSkaYefZP
AZCNWJD2s0TQbUJHpp3y8zSjAJ8xteqHXUUJ7/iqtNBuNeDwxWtu7/K/fzceIpOPGdllF+uDaAVY
6C1tIqrrnJOqw4wLWWNt3Yfiiu2tkK6oBJgTowBjgk1DT2MAAAAAAAA=

--Apple-Mail=_839F8E2C-5126-40CE-B19E-94CB226A2967--

From mphmmr@gmail.com  Thu Mar 15 08:47:55 2012
Return-Path: <mphmmr@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF32121F8724 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 08:47:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.34
X-Spam-Level: 
X-Spam-Status: No, score=-3.34 tagged_above=-999 required=5 tests=[AWL=-0.057,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id agWT1C+EGnLU for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 08:47:52 -0700 (PDT)
Received: from mail-lpp01m010-f44.google.com (mail-lpp01m010-f44.google.com [209.85.215.44]) by ietfa.amsl.com (Postfix) with ESMTP id BB0C921F875B for <scim@ietf.org>; Thu, 15 Mar 2012 08:47:48 -0700 (PDT)
Received: by lagj5 with SMTP id j5so2985338lag.31 for <scim@ietf.org>; Thu, 15 Mar 2012 08:47:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=E3JnW9AgkzeCFEbDpEFilMdwUia2tGW0XV6p5CkGiQI=; b=aU+Bt4LoLslaFiANe1G4QL9Ba0HYmpR5RjbG4gDvWKEzK5uD6NRh9Asn7O4AiBNfv6 utazQKuCr9HPkYp08t/HuqTOlLiBqZWHzKNGJ9jx1EHRWR1fG+qbJP3saupnJz1Flg1o G+CoHMymQZLu8QuJFAN8IiCxzskNnv33VqWGzfX2bGIxpocQGcqVEZL/sjqkiB2j9hzM A5GvHtNm4/XkuGZdwi1BlhbkRhK4L9C6smGKe1STrBcmb9qsBEqmjwwitaLu+nRTAxQx 5sx3mQjaGAUGDJQpd2MMt4TnG0ZAu22XzySo/Xc31LWiRmed6mLvwgRdF52epKMJbBqN og9A==
MIME-Version: 1.0
Received: by 10.112.39.169 with SMTP id q9mr2667045lbk.47.1331826436500; Thu, 15 Mar 2012 08:47:16 -0700 (PDT)
Received: by 10.112.76.196 with HTTP; Thu, 15 Mar 2012 08:47:15 -0700 (PDT)
In-Reply-To: <B289E824-5226-4986-925C-433E382DE57A@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <4F611BA2.3050201@stpeter.im> <B289E824-5226-4986-925C-433E382DE57A@oracle.com>
Date: Thu, 15 Mar 2012 11:47:15 -0400
Message-ID: <CAA3wLqVi3QPcg8M8jtEwEZ2G2a=0ZD3-Lb3PojBvcC1wPsCvFA@mail.gmail.com>
From: Michael Hammer <mphmmr@gmail.com>
To: Phil Hunt <phil.hunt@oracle.com>
Content-Type: multipart/related; boundary=485b390f7b54a66ee804bb4a01c0
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 15:47:55 -0000

--485b390f7b54a66ee804bb4a01c0
Content-Type: multipart/alternative; boundary=485b390f7b54a66ee304bb4a01bf

--485b390f7b54a66ee304bb4a01bf
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Phil,

Great information.  However, I was looking through this for one specific
word and unless I missed it, did not see it.
Namely, where is the discussion of the trust model?

It is easy to get lost in the weeds of pushing data around in various
formats, but if the result does not provide an adequate chain of trust,
then it could all be a house of cards.  Although i will not be in Paris, it
would be good if somewhere an explanation of how trust is maintained could
be included.

Mike


On Wed, Mar 14, 2012 at 7:45 PM, Phil Hunt <phil.hunt@oracle.com> wrote:

> Cross posting as requested...
>
> SCIM - What Should A New SCIM WG Address?
> In my last blog post, I mentioned that SCIM 1.0 defines as a simple
> provisioning API for cloud application service providers. SCIM is
> architecturally oriented as a connector API specification in a hub and
> spoke architecture typically with an enterprise provisioning system at th=
e
> hub and a cloud application service provider being a spoke. Other
> variations could include provisioning for on-premsise SaaS applications a=
s
> well as directory synchronization. For each cloud application, the
> enterprise IDM hub should be able to just invoke the SCIM RESTful API of =
a
> target application's SCIM provisioning end-point.
>
>
> But is SCIM about to repeat much of the history of SPML? Has it corrected
> some miss-steps? Yes, definitely. Is that enough? Let's look at some of t=
he
> historical issues that will be of relevance to the evolution of SCIM. Jus=
t
> to be clear, my comments are not to suggest that SCIM adopt SPML features=
.
> My comments are intended so that SCIM learn from SPML's history.
>
> The Value Problem
>
> SPML 1 was very much like SCIM 1.0 is now. A simple API that supported
> basic CRUD operations. When SPML 1 was developed, the proposed value
> proposition was that provisioning would be made easier if applications
> would adopt a standard IDM protocol, then provisioning of enterprise
> applications would become easier. The value to application developers was
> that simpler, standardized management API would not be specific
> to individual IDM vendors and could inter-operate with any IDM provisioni=
ng
> product.
>
> From the enterprise perspective SPML 1 made a lot of sense since it would
> make all applications provision the same way. They could pick and choose
> the IDM product they wanted to use. More importantly, enterprises would n=
ot
> have to pay for custom coding when attempting to provision to proprietary
> APIs of applications.
>
> SPML 1 was somewhat successful, but before it could be broadly adopted,
> several new requirements emerged and SPML 2 was defined (though SPML 1
> remains dominant).  SPML 2 introduced many new features such as
> =95 the clean separation of payload from protocol;
> =95 the introduction of new common IDM operations (e.g. password operatio=
ns);
> =95 a formalized DSML/XSD profile;
> =95 targeting - the ability to provision accounts through a gateway; and,
> =95 an extension mechanism for registering capabilities so that
> contributed capabilities could be made inter-operable.
> Yet application vendors wanted more: they wanted standard schema
> conventions, they wanted a standard that enabled them not to have to
> introduce individual IDM vendor dependencies. If they could write one SPM=
L
> provider once and be done with it, their costs would go down.
>
> Many idM vendors were concerned that SPMLv2 had gone too far. In the end,
> it was either perceived complexity or the basic value proposition was not
> enough for SPML to succeed.
>
> Has SCIM moved the ball forwards? On one important point, the answer is
> yes. SCIM has put forward a well defined schema with clear definition of
> attributes and their use or meaning. The RESTful style of SCIM keeps sche=
ma
> cleanly separated.
>
> The Information Semantics Fidelity Trade-off
>
> IDM Provisioning product developers have always faced an engineering
> trade-off. Would a standardized provisioning protocol/API lower developme=
nt
> costs? Each application is unique, therefore each unique application APIs
> often has highly specific semantics and contextual meanings. While saving
> money initially by using a standardized SCIM or SPML API, does this mean =
a
> loss of "fidelity" or functionality? Do different systems treat the notio=
n
> of person or user in the same way? What does delete person mean? In
> translating information semantics, is mapping intelligence in the hub or =
in
> the spoke or somewhere in-between? The engineering question is: should th=
e
> provisioning system understand the true nature of the application, or
> should the application understand provisioning systems and behave like
> an identity store? In my experience, there's no clear answer. It depends =
on
> the nature of the application.
>
> Does SCIM help in this regard? That is yet to be determined. The SCIM
> community will need to discuss issues like how to handle high level IDM
> operations like suspend vs. delete, password resets, federation and other
> deeply IDM specific issues and how they are operationally mated with a
> diverse application services API community.
>
> The Gateway Problem
>
> Corporations that are organized into divisions often end up with
> different independent IT organizations and outsourced providers --
> especially after corporate re-organizations, acquisitions, and
> divestitures. In these cases, single-hub provisioning systems often
> become unpractical. While some may view this as rare situation, the whole
> idea of a cloud based apps hosted externally makes this situation de
> rigueur.
>
> In these cases a key provisioning architecture element is the ability
> to support provisioning gateways and hub-to-hub provisioning. Gateways
> (or proxies) serve a dual purpose of both firewalling direct access to
> internal services and they serve to greatly simplify network complexity f=
or
> inter-organization communication. As well as solving basic firewalling
> issues, gateways can also support mapping functions changing from a
> standardized provisioning protocol like SCIM into application specific
> connector protocols like CRM OnDemand who may or may not have built suppo=
rt
> for a protocol such as SCIM.
>
> Since a gateway acts as a "proxy" to other connected SaaS services, SCIM
> needs the ability route or "target" operations to specific application
> end-points. SPML 2.0 and now RESTpml/SIMPLEST supports targeting. Targeti=
ng
> enables a provisioning "hub" to indicate to a provisioning "gateway" that
> particular person requires an account in a particular target system. In t=
he
> diagram above, Alice, employee 1234 is to be provisioned into the
> "Finance" application.
>
> SCIM with routing/targeting becomes a critical communication protocol for
> hub-to-hub and hub-to-gateway provisioning. Unlike SPML implementation of
> the past, inter-operability becomes a key requirement because in the worl=
d
> of cloud provisioning it is more likely that gateway and hub
> implementations will come from different provisioning product developers.
>
> The Cloud Does Change Everything
>
> SPML was built for a world where everything occurred inside an enterprise=
.
> But the requirements for cloud identity management are substantially
> different. Cloud based provisioning architecture must take into account:
> =95 Performance and Scalability =96 A lightweight HTTP protocol such as
> with REST/JSON is a cornerstone requirement when provision cloud
> environments with 100s of millions of users.
> =95 Firewall requirements =96 securely connecting directly to application
> APIs (standardized or not) will likely require some special sauce. It's n=
ot
> reasonable to expect all application end-points to be able to support thi=
s
> in the cloud.
> =95 Cloud Providers are often "hubs" themselves =96 since cloud providers
> offer more than one application service, cloud providers may behave more
> like "hubs" than spokes.
> =95 Cloud Providers With Value-Added Data =96 some cloud providers may
> have provisioning and identity management systems of their own. This
> suggests that cloud hubs may need to flow back to the enterprise.
> =95 Entitlement Reporting =96 A big requirement for provisioning these da=
ys
> with SOX is the need for entitlement reporting. Further, when you are
> paying an external cloud provider for services rendered, you want to make
> sure you are paying for the correct employees to use cloud services. A ke=
y
> component of provisioning systems need to report back available rights of
> all users from all applications, especially through cloud "hubs".
> =95 Inter-operability =96 no longer can we assume hubs and gateways are
> provided by a single vendor. Cloud-based provisioning will almost always =
be
> multi-vendor based.
> What Should The New SCIM WG Address?
>
> The main success of SCIM has been a standardized schema. It defines the
> attributes and says what each means -- something that application vendors
> always wanted. This is goodness. Yet, there are some gaps when you start =
to
> consider the overall provisioning system that will emerge from SCIM's
> adoption.
>
> A couple of scope items that the future IETF SCIM WG should be considerin=
g:
>
> =95 Routing or targeting =96 SCIM needs to have a way to handle updates
> through gateways and hub-to-hub relationships for supporting multi-servic=
e
> cloud providers.
> =95 Persons as distinct from Users =96 Currently SCIM combines these enti=
ties
> together in a simple form. The reality is that in the hub, persons hold
> multiple user accounts. Is a change needed to SCIM schema to support
> managing the relationships between persons and their user accounts? This
> may not need change, but wider discussion is needed.
> =95 Peer relationships =96 Cloud providers with hubs may need to be able =
to
> flow updates back to client hubs.
> =95 Reporting =96 attestation is a key component of provisioning. Not onl=
y
> will clients want to be able to reconcile what cloud providers are chargi=
ng
> for, but clients also still have requirements driven by Sarbanes-Oxley.
> SPML's approach was burdensome. Could SCIM support the ability for a clie=
nt
> "hub" to get the information it needs to accomplish this in a lightweight
> way in the spirit of SCIM?
>
> Phil
>
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>
>
>
>
>
> On 2012-03-14, at 3:28 PM, Peter Saint-Andre wrote:
>
> <hat type=3D'AD'/>
>
> On 3/14/12 3:44 PM, Phil Hunt wrote:
>
> In previous emails, I promised more thoughts on the Gateway/targeting
>
> issue. In order to support the scope discussion, I put a bunch of
>
> thoughts together on areas the WG might consider on my blog at:
>
>
> http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address=
.html
>
>
> Hi Phil,
>
> I really do hate to be a stickler, but I don't think that the IETF can
> consider your blog post to be an "IETF Contribution" in accordance with
> the Note Well rules <http://www.ietf.org/about/note-well.html> -- I
> realize that you put time and energy into those nice graphics, but could
> we trouble you to at least post the text of your comments to this
> mailing list? It really is for your own good. :)
>
> Thanks!
>
> Peter
>
> --
> Peter Saint-Andre
> https://stpeter.im/
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>
>

--485b390f7b54a66ee304bb4a01bf
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Phil,<div><br></div><div>Great information. =A0However, I was looking throu=
gh this for one specific word and unless I missed it, did not see it.</div>=
<div>Namely, where is the discussion of the trust model? =A0</div><div><br>=
</div>
<div>It is easy to get lost in the weeds of pushing data around in various =
formats, but if the result does not provide an adequate chain of trust, the=
n it could all be a house of cards. =A0Although i will not be in Paris, it =
would be good if somewhere an explanation of how trust is maintained could =
be included.<br>
</div><div><br></div><div>Mike</div><div><br><br><div class=3D"gmail_quote"=
>On Wed, Mar 14, 2012 at 7:45 PM, Phil Hunt <span dir=3D"ltr">&lt;<a href=
=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a>&gt;</span> wrote:=
<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div style=3D"word-wrap:break-word"><div>Cro=
ss posting as requested...</div><div><div><br></div><div>SCIM - What Should=
 A New SCIM WG Address?<br>
In my last blog post, I mentioned that=A0SCIM 1.0=A0defines as a simple pro=
visioning API for cloud=A0application service providers. SCIM is architectu=
rally oriented as a connector API specification=A0in a hub and spoke archit=
ecture typically with an enterprise provisioning system at the hub=A0and a =
cloud application service provider being a spoke. Other variations could in=
clude=A0provisioning for on-premsise SaaS applications as well as directory=
 synchronization. For each=A0cloud application, the enterprise IDM hub shou=
ld be able to just invoke the SCIM RESTful API=A0of a target application&#3=
9;s SCIM provisioning end-point.<br>
<img border=3D"0" height=3D"235" width=3D"320" src=3D"cid:7381D378-2F20-40A=
7-ACEA-AC25E6277874@vc.shawcable.net"><br><br>But is SCIM about to repeat m=
uch of the history of SPML? Has it corrected some miss-steps?=A0Yes, defini=
tely. Is that enough? Let&#39;s look at some of the historical issues that =
will be of=A0relevance to the evolution of SCIM. Just to be clear, my comme=
nts are=A0not=A0to suggest that=A0SCIM adopt SPML features. My comments are=
 intended so that SCIM learn from SPML&#39;s history.<br>
<br>The Value Problem<br><br>SPML 1 was very much like SCIM 1.0 is now. A s=
imple API that supported basic CRUD=A0operations. When SPML 1 was developed=
, the proposed value proposition was that=A0provisioning would be made easi=
er if applications would adopt a standard IDM protocol, then=A0provisioning=
 of enterprise applications would become easier. The value to application=
=A0developers was that simpler, standardized management API would not be sp=
ecific to=A0individual IDM vendors and could inter-operate with any IDM pro=
visioning product.<br>
<br>From the enterprise perspective SPML 1 made a lot of sense since it wou=
ld make all=A0applications provision the same way. They could pick and choo=
se the IDM product they=A0wanted to use. More importantly, enterprises woul=
d not have to pay for custom coding when=A0attempting to provision to propr=
ietary APIs of applications.<br>
<br>SPML 1 was somewhat successful, but before it could be broadly adopted,=
 several new=A0requirements emerged and SPML 2 was defined (though SPML 1 r=
emains dominant). =A0SPML 2=A0introduced many new features such as<br><div>=
<span style=3D"white-space:pre-wrap">	</span>=95 the clean separation of pa=
yload from protocol;=A0<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 the introductio=
n of new common IDM operations (e.g. password operations);<br></div><div><s=
pan style=3D"white-space:pre-wrap">	</span>=95 a formalized DSML/XSD profil=
e;<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 targeting - the=
 ability to provision accounts through a gateway; and,<br></div><div><span =
style=3D"white-space:pre-wrap">	</span>=95 an extension mechanism for regis=
tering capabilities so that contributed=A0capabilities could be made inter-=
operable.<br>
</div>Yet application vendors wanted more: they wanted standard schema conv=
entions, they=A0wanted a standard that enabled them not to have to introduc=
e individual IDM vendor=A0dependencies. If they could write one SPML provid=
er once and be done with it, their costs=A0would go down.<br>
<br>Many idM vendors were concerned that SPMLv2 had gone too far. In the en=
d, it was either=A0perceived complexity or the basic value proposition was =
not enough for SPML to succeed.<br><br>Has SCIM moved the ball forwards? On=
 one important point, the answer is yes. SCIM has put=A0forward a well defi=
ned schema with clear definition of attributes and their use or meaning.=A0=
The RESTful style of SCIM keeps schema cleanly separated.<br>
<br>The Information Semantics Fidelity Trade-off<br><br>IDM Provisioning pr=
oduct developers have always faced an engineering trade-off. Would a=A0stan=
dardized provisioning protocol/API lower development costs? Each applicatio=
n is unique,=A0therefore each unique application APIs often has highly spec=
ific semantics and contextual=A0meanings. While saving money initially by u=
sing a standardized SCIM or SPML API, does this=A0mean a loss of &quot;fide=
lity&quot; or functionality? Do different systems treat the notion of perso=
n or=A0user in the same way? What does delete person mean? In translating i=
nformation semantics,=A0is mapping intelligence in the hub or in the spoke =
or somewhere in-between? The=A0engineering question is: should the provisio=
ning system understand the true nature of the=A0application, or should the =
application understand provisioning systems and behave like an=A0identity s=
tore? In my experience, there&#39;s no clear answer. It depends on the natu=
re of the=A0application.<br>
<br>Does SCIM help in this regard? That is yet to be determined. The SCIM c=
ommunity will need=A0to discuss issues like how to handle high level IDM op=
erations like suspend vs. delete,=A0password resets, federation and other d=
eeply IDM specific issues and how they are=A0operationally mated with a div=
erse application services API community.<br>
<br>The Gateway Problem<br><br><img border=3D"0" height=3D"320" width=3D"27=
5" src=3D"cid:87A5BEA9-9661-45AF-A644-32818B7C79BE@vc.shawcable.net"></div>=
<div>Corporations that are organized into=A0divisions often end up with dif=
ferent=A0independent IT organizations and=A0outsourced providers -- especia=
lly after=A0corporate re-organizations, acquisitions,=A0and divestitures. I=
n these cases, single-hub provisioning systems often become=A0unpractical. =
While some may view this as=A0rare situation, the whole idea of a cloud=A0b=
ased apps hosted externally makes this=A0situation de rigueur.<br>
<br>In these cases a key provisioning=A0architecture element is the ability=
 to=A0support provisioning gateways and hub-to-hub provisioning. Gateways (=
or=A0proxies) serve a dual purpose of both=A0firewalling direct access to i=
nternal=A0services and they serve to greatly simplify=A0network complexity =
for inter-organization communication. As well as solving basic firewalling =
issues, gateways can also=A0support mapping functions changing from a stand=
ardized provisioning protocol like SCIM into=A0application specific connect=
or protocols like CRM OnDemand who may or may not have built=A0support for =
a protocol such as SCIM.<br>
<br>Since a gateway acts as a &quot;proxy&quot; to other connected SaaS ser=
vices, SCIM needs the ability=A0route or &quot;target&quot; operations to s=
pecific application end-points. SPML 2.0 and now=A0RESTpml/SIMPLEST support=
s targeting. Targeting enables a provisioning &quot;hub&quot; to indicate t=
o=A0a provisioning &quot;gateway&quot; that particular person requires an a=
ccount in a particular target=A0system. In the diagram above, Alice, employ=
ee 1234 is to be provisioned into the &quot;Finance&quot;=A0application.<br=
>
<br>SCIM with routing/targeting becomes a critical communication protocol f=
or hub-to-hub and=A0hub-to-gateway provisioning. Unlike SPML implementation=
 of the past, inter-operability=A0becomes a key requirement because in the =
world of cloud provisioning it is more likely that=A0gateway and hub implem=
entations will come from different provisioning product developers.<br>
<br>The Cloud Does Change Everything<br><br>SPML was built for a world wher=
e everything occurred inside an enterprise. But the=A0requirements for clou=
d identity management are substantially different. Cloud based=A0provisioni=
ng architecture must take into account:<br>
<div><span style=3D"white-space:pre-wrap">	</span>=95 Performance and Scala=
bility =96 A lightweight HTTP protocol such as with=A0REST/JSON is a corner=
stone requirement when provision cloud environments with=A0100s of millions=
 of users.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Firewall requir=
ements =96 securely connecting directly to application APIs=A0(standardized=
 or not) will likely require some special sauce. It&#39;s not reasonable to=
=A0expect=A0all=A0application end-points to be able to support this in the =
cloud.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Cloud Providers=
 are often &quot;hubs&quot; themselves =96 since cloud providers offer more=
=A0than one application service, cloud providers may behave more like &quot=
;hubs&quot; than=A0spokes.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Cloud Providers=
 With Value-Added Data =96 some cloud providers may have=A0provisioning and=
 identity management systems of their own. This suggests that=A0cloud hubs =
may need to flow back to the enterprise.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Entitlement Rep=
orting =96 A big requirement for provisioning these days with SOX is=A0the =
need for entitlement reporting. Further, when you are paying an external=A0=
cloud provider for services rendered, you want to make sure you are paying =
for=A0the correct employees to use cloud services. A key component of provi=
sioning=A0systems need to report back available rights of all users from al=
l applications,=A0especially through cloud &quot;hubs&quot;.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Inter-operabili=
ty =96 no longer can we assume hubs and gateways are provided by a=A0single=
 vendor. Cloud-based provisioning will almost always be multi-vendor based.=
<br>
</div>What Should The New SCIM WG Address?<br><br>The main success of SCIM =
has been a standardized schema. It defines the attributes and says=A0what e=
ach means -- something that application vendors always wanted. This is good=
ness.=A0Yet, there are some gaps when you start to consider the overall pro=
visioning system that will=A0emerge from SCIM&#39;s adoption.<br>
<br>A couple of scope items that the future IETF SCIM WG should be consider=
ing:<br><br><div><span style=3D"white-space:pre-wrap">	</span>=95 Routing o=
r targeting =96 SCIM needs to have a way to handle updates through=A0gatewa=
ys and hub-to-hub relationships for supporting multi-service cloud=A0provid=
ers.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Persons as dist=
inct from Users =96 Currently SCIM combines these entities together in=A0a =
simple form. The reality is that in the hub, persons hold multiple user acc=
ounts.=A0Is a change needed to SCIM schema to support managing the relation=
ships=A0between persons and their user accounts? This may not need change, =
but wider=A0discussion is needed.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Peer relationsh=
ips =96 Cloud providers with hubs may need to be able to flow=A0updates bac=
k to client hubs.<br></div><div><span style=3D"white-space:pre-wrap">	</spa=
n>=95 Reporting =96 attestation is a key component of provisioning. Not onl=
y will clients=A0want to be able to reconcile what cloud providers are char=
ging for, but clients=A0also still have requirements driven by Sarbanes-Oxl=
ey. SPML&#39;s approach was=A0burdensome. Could SCIM support the ability fo=
r a client &quot;hub&quot; to get the=A0information it needs to accomplish =
this in a lightweight way in the spirit of SCIM?<br>
</div><br></div><div><div>Phil<br><br>@independentid<br><a href=3D"http://w=
ww.independentid.com" target=3D"_blank">www.independentid.com</a><br><a hre=
f=3D"mailto:phil.hunt@oracle.com" target=3D"_blank">phil.hunt@oracle.com</a=
><br>
<br><br><br><br></div><div><div class=3D"h5"><br><div><div>On 2012-03-14, a=
t 3:28 PM, Peter Saint-Andre wrote:</div><br><blockquote type=3D"cite"><div=
>&lt;hat type=3D&#39;AD&#39;/&gt;<br><br>On 3/14/12 3:44 PM, Phil Hunt wrot=
e:<br>
<blockquote type=3D"cite">In previous emails, I promised more thoughts on t=
he Gateway/targeting<br></blockquote><blockquote type=3D"cite">issue. In or=
der to support the scope discussion, I put a bunch of<br></blockquote><bloc=
kquote type=3D"cite">
thoughts together on areas the WG might consider on my blog at: <br></block=
quote><blockquote type=3D"cite"><a href=3D"http://www.independentid.com/201=
2/03/scim-what-should-new-scim-wg-address.html" target=3D"_blank">http://ww=
w.independentid.com/2012/03/scim-what-should-new-scim-wg-address.html</a><b=
r>
</blockquote><br>Hi Phil,<br><br>I really do hate to be a stickler, but I d=
on&#39;t think that the IETF can<br>consider your blog post to be an &quot;=
IETF Contribution&quot; in accordance with<br>the Note Well rules &lt;<a hr=
ef=3D"http://www.ietf.org/about/note-well.html" target=3D"_blank">http://ww=
w.ietf.org/about/note-well.html</a>&gt; -- I<br>
realize that you put time and energy into those nice graphics, but could<br=
>we trouble you to at least post the text of your comments to this<br>maili=
ng list? It really is for your own good. :)<br><br>Thanks!<br><br>Peter<br>
<br>-- <br>Peter Saint-Andre<br><a href=3D"https://stpeter.im/" target=3D"_=
blank">https://stpeter.im/</a><br><br><br>_________________________________=
______________<br>scim mailing list<br><a href=3D"mailto:scim@ietf.org" tar=
get=3D"_blank">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><br></div></blockquote></div><b=
r></div></div></div></div></div><br>_______________________________________=
________<br>

scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><br>
<br></blockquote></div><br></div>

--485b390f7b54a66ee304bb4a01bf--
--485b390f7b54a66ee804bb4a01c0
Content-Type: image/png; name="Gateway-provisioning.png"
Content-Transfer-Encoding: base64
Content-ID: <87A5BEA9-9661-45AF-A644-32818B7C79BE@vc.shawcable.net>
X-Attachment-Id: 855b38db64d971dc_0.0.1.2

iVBORw0KGgoAAAANSUhEUgAAARMAAAFACAYAAACfs5jhAAAABHNCSVQICAgIfAhkiAAAIABJREFU
eJzsnXe8HVW5/r9rTdnl7NPPSU9OeoWEEmqAJIAIggU0UeGqgAJe7sV2i4olie3qvahYQOlNUHIE
hSAtQEIJJJCEmkASSjqpp+6z28ys9ftjrdl7J7b78wICnvfzSc4uM2vKnvXM8z7vs9ZAf/RHf/RH
f/RHf/RHf/RHf/THuyrE33sH3gUhAGlf66rPNKD+Lnv0xxHvz/6fyar30Ru4Lf7E9v7SvrwR7fZH
f/TH/2e4vDk3Adf+64/++Juin5n836MGaMWwkBLgAD6QB3Zh7qT/m7vpn7tj/2/u5H9pXc/uY+d+
39UCjRh2IoCNf2U7/1tm0AAU7L/9900C9UAvEP6Vfd//u1rMOe77M9//pc/6oz/e1uHYvycDy4E/
AE8DS4AHgOswHQf+OKWoZgAOlY7qVb2uXsar+uxUoKXqfbwf1e1IIGFfHwP8tKoN3/79MbAK+B1w
N/CQbTtu609tv/q1YN+bUbwvlwGn2e8SVeu4GPC6Cpiw3/ei6jj2P/aU/fvvwIVVn8Xb3v/8/ak2
+qM/3hFRDxwAjAPWAF+wr4fY7zPs21GqL3yn6rN01TKy6m+q6vOBwOPA0ewLTjV/ov2kXfdYYBGm
41Zv5xHgf4ApwIHAxcA6DAOI205UtZfab1/+VLjAZGBA1ftM1fce5lxV72/19qr336cCNgCjgBHs
C2B/7rirQaU/3qLoR+//e3TbfwC7gS3ABkwnvcZ+7gHfxbCWr2IA6Ejgk/b1pcAO4HWgwy57OvBZ
TOd/AQNSH7XtXgA8DwwDfgDUAXuAfwM2AYcB367ar15Mh62m/yXgWQwAYtv7NKYzfhYYard1JjAH
+IhdZwUwH8N2VmMYmGvfXwPMsm0tB67AsBEP+LI9jk8Cl2PA4jIMmPjAfwFL7TGMxgjCMzBM5hcY
1rTRHuuX7LmaCbxo3/cCnwDOB17CpFkPYZiXSyWt6o/+eNuGwHQGF8MazrGv/xvTgQA+BzxoX7cD
z2E6x3DgUUznHQEsA+4ABgNPAcdh2MAi28ZQTEc9zX5+v90ewPeBmzCdcyXwddvm7cB9Vfsa3+3v
BW4D/gnTAR/EpGcAdwHPYDrzh+3rg4GJGED4AAbQHrHLH4Xp1K0YsJkLXGKPBUxn/wYmPXsJGIsB
ievs/n4KWG/37Ze2rQOBszDgnABuBL5p96OAAbkJwFoMiEwAXsOwtiOAzRhggn0ZTn+8SSH/+iL9
8VdCAwHmzicxwmuIudNuxtzFZ9rlPPv3WozGchiQw3SgzRgA2g2ciEkPDsV0dA84Huix7W8GpmI6
UC1GT2gEJmE6dmdVmz8DihiA01TSgQgYiUlLpmOA5Fz7nYthPMswwHUzRg96CcMqzsCwjlEYJnM8
hgXssdsKMSA52e7HJgxT8uzreruv84AscAOGkY3CAMWNGNB82B5Ds/0+i0ltlmJAeR3whG3veOAe
DKCvABZSSXf6Bdm3IPrTnDcm4gpCiYow+UPMnfpKDAU/HnO+C1SYjMMf028Hk9rE1aA6TMd52a5T
xABB2v7twADKKuBWTGcr2eWw+1VgXx0GTEf7JYYhsN93fVQ0Hd/uf/WxxkLxauBjGFC6u+ocpIFf
YVKR92AYwmwMe4qZHPbY447u2fdF+73EAJWiAoLxeQ7sd5Fdtmjf91TtZ7U43X/TfAui/yS/sRHr
Aw3AScBPgMWY9GQopmPUUsnh12L0gQ9i9I8vYDrHCkynWY1JXcZjUoMezF14NCZV6gS2YrQKH1NZ
Wm2X/YDdn7MxYnDAvrpJApN2uLbNBKZDUrWPkd2XT9o2RmLSiwdsO1cBP8KkXEtt+xmMVvNtTJr2
XYzmcYhdrsnu9x5MepfBAFIGAz6xcK3sOaqz7abtPsaibmCX8exxPINJ2cZgGNsHqJSR+5nJWxD9
zOSNifhifRbDFDoxnWw+RgvYjmEZ0zDpwg67/BpMh/qmXW4zpqM8g9E6foJhFQr4OaZzL8YAxL3A
t4Dv2fUGY3SJbfbv54ATML/xoxigyFNx5T6LSTlCTKoVULke1tl2wOgaozHAUQAew6Q9YHSWZzDp
SKfdxnO2zbswAuuBmPTlu7bN9XZb38CkYMMw2tF/YDr/Nns8YFjOC/bva/Y89mA0lfg4XgS67DFe
AlxddWzxMv1g0h/vuEhQMYGBuUNOsq+bqJjEYprfjLkrD8DctT+PYRnx+iMwekZ1CGAQFVGxAaOT
7G9AHIQRK9lvn+JI8udvJv6fWH4qRoCN96HaD1O9rEdFq6jD6EVD9/s+Tj98jMhbX/V9tRO3OiWK
16v+LG7DwxzrB6vaug3DqKBfgO2Pd2C47KtJxJHYb5nqTnErJm24GnNXn2KXq/adVHee/Y1i1b6V
WMuoXj5ODfaPv+R+rj6O/bfv77eszx8bzmIT2p8y6sXnxal6Lau+/3PrxZ/vb3CL9ac49bsOw4pu
p5K29Ud/vONj/7vsn+vAx2EqJA37fe5QYTsuFSNXhra25MyZM92ZM+e5M2fOTC5cqMVCrdHa/F2o
tTNn3jzffibnzFnozJw5z4XJPhUDWoKKO/VPsZfqiJf7/4kY2P6SNvenWNDfGingQ5hqmPNXlu2P
Nzj6x+b8/WP/sSTWdTpZab0maG8H5qBbl1YW2D0LaIe5cwWYjhp39OoUIh4FHI8ZCoBo3jwNs2DK
LFjDUmYxC5bC7lmI9vZ2ueuyNeLhhxfEwBLxzjF7Sf54lHb/OJ23MPrB5O8bAnAZPNibesAB4vSL
78/Pn4USovyzJO2/QRjdoRUY5HiJ1lQ6WVdf31pb29Bcn6hJpjzH9Vwv7bue44HQOlJKC0UYlYJi
rlAICrlCLp/r6+rY1dvX29MVFINOULsxouZOTCUl9rFotGae3ce1c+d77e0L4gGLEW/fDhqXrePy
cX+8hdEPJm99OIAcO/YUedVVd5dqZ6GnG/AQGMF1IjCqccCgyUPbxk5sahk0omXAoPqG5gHpuobm
ZH1js9/YOpCaTAbH8/FcD8dxEVIi7T8QaKVACDQRKjT/IhUSBgG5vl56uzvp7tijujr35rPdHX2d
e3bn9+zasWvn9k0btrz28oYoKG7AeFvWY6ol+gqtGb8U/uVf5vpr17bH87W8UfOg9Mc7PPrB5K0L
D3CWaF1avwp1wXQBpix6QG1j81GtAwYf1TZ28vjREw8cNHz0hETLoKHUNTRR39BEIpkGUEKWO6/S
WqNVJLTSaKWE1lpo0Bot0IY4OEJoBUI6QkscLRyBFK4WUiCFEGgcLbQUQsgoDEW2t5uejr30dnfw
+rbN+rX1a3s2rl+zfdvmV17atWP7Y4W+3qcw4LJzidasXwUXTBexIFt6q09of7y9oh9M3vzw29ra
5PUbNxZ2A3OFGAHMGDXhgNlDR445fOzkQ6eNmzyVtnFTaGhsRkgZuX4iUGGJYqEoo6AgwiiydEML
GyBACqvpCpBag5AIDF0Q1p5WnoREa7QGgUDryOQp5j+NlArA93zlJRIqkUgpQAZB0ddai907tvPa
ujW8/OJzvLbu+ae2b3ntqZdffO4R4Il58/TmWbNg/tL57sMLFkj6QeUfNvrB5M0Lp62tzbv++o2F
2UvnSxYsOMzxEnOPPemDJ084YPqEAw+f4QwaNoqGxqZSGIY619croiAQURS4oIUQsip9EaCNliiE
tsTDOMwdKbXWGo0WQggttLA+Vw1IEBqBBi3QaKHRCAQGkMznsUajogitI8JIgdI4rqOE9MJEwtfp
TC2A7Ons8F7fupHnVi5TG9Y88+JjDy56KNvdvQhYorUO29tx5s4Vkn7N4h8u+sHkzYnUEq1Ls00n
Pbp1UNtnj3nP+08+4oRTm0ZPOIDG5gGFYiFHoZCXhb4+33EErushHQehQTpSKzRCg0CjtBICqUFb
dUVQBoUYPIBYF5VCoG2qgzBcRWgR4xFCVAa7aEAIqbWKhJSOjtcRQqC1EmhNFEWEYQBa6GRNTeAn
Uyrpp0R3157E5lc38ORjD2Qff+CuJ9a/sPoa4M6FWufnT5nir127NuTtMw9uf7zJ0Q8mb2xIILlw
oc7NnSsmNTQP/OKsU+d87MQPnVk7YvQEHNcr5LI9blAqOo6UQjoujisRCK1UZBiCAlBCC2GmZ5MY
VqI1QkgLAqrMJsoj4MoabtUMiUKDAiEt+Gi7YAwq5RawrwRCa5MmCew7gZACy2NQkRFyVaR0IpEK
UzWZEEFi145tctniO9W9t9/y8IY1T/8QuHuh1swVwqM/9fmHiH4weePCGzz4UM8fn1GbHn74k0cc
f9rFZ3zqorYDph8dqigMsz2dHhrHdR2kcBBCaIHtuGjQCC0EEm1ZgTYMA0yqoqWRR4QuswvLOfYF
E61ACruMaSeGGIlA2/W1MNvVWiLRqBgtRKyraLOMFvugjpACrQVohFIRSkWgtEqla8JUplbv2Lo5
ceet14b33nbT9bt3bF2wZIneOnu2SFAZxfxGxP4mO33ooYfqzGmn6VkQu2dYylIGTJmid122RmSz
d4lVq1ZVjzyOy9z9zOkNin4weWMiceSRR8rly5fXeX5ywVn//JULTjvrApVMpUs9XXt8KRzpuS4a
HecpaBXbSSRCKATSdl4DJkZb1aAkQlr2oDH6CaAs45D2Cy1iHmEBxqitFQajtW3TsByT87CvL1fH
PEXb4cUVpmMkGIFWGimFKRoBWmkhHamjMBRRGOhUTSbI1Nbr1csfSVz/8++tWbXsoc8u1PqxueJv
BhQJSMaOdWYOnSFmzb8+mDKLaM18mD+/cnx/Yp0/O5G31pr5dv12EO1z53rt7a9qWBVPd9APMH9D
9IPJ/z2SzRMmeHvXrWtqGjD48gu//uP3zTz59FzH7p1+FAVuIpHSWiu0VuamDkLYa13afi1th66k
LOZniX8cU8VVCFutMQVgibDdvYwFZXyo+lm1MKKtEIYBxWwlTnnibaDN9mNtpUxfjOBb1lgs4FWS
KamVjgRIDKgEIgxC3dg6sNCxe1fqsu99ec8Di24994qVetEF0/9XgBKPvXHnzJmnvrxwfunVtTB3
SjmPa8QY+AZiBkgOrKlrGlTX0Njgp2oa/ISfFNJJSCRaqSgMw1KpVMjm87093R179wT5vt0Yg178
93XMpEtcsVLDodDYjpw7Vzi8/U16b6voB5P/WySor0/R3Z1pHjjk6v/4wdXvPfSYE/t2bd2U9hJJ
4TqOUlEkTBkXQxmkTVGURksDCCZErFNQ7jY25aGyhE1jKrzBfCuNJiIE+/CJuGBjX4hYkyVOc0Dp
fQXbWJytWtL8jQXdmL0YSNQRSkgcrbQ22xAghEsxnxPJTG1RoL3vf+Wf9z50V/uHLUP5cxqKC3jz
liwJ3j9rVngoIIRIY4BjbEPLgOn1jS0HNA0YNHr46PHDmluHtLQOHu7UZOpFMlNLMpnCT6RwfR8p
HTQCrSLCMKJULFEq5sjlsuSzvWR7OtWe7VvC17dv2rlzy8tbe7s7X+vu2PtCtmvvE8ArmCkigoVr
NExG2n1W9Feo/mL0g8nfHm59fX1tzfjxMvvyxv/+/IKfnjvz5DNyr2/dmK7J1GqttVZRKB3H0QqE
0AohHC20EqZMI8o+kTgFETZV0fY7oTW6yi8SZyhljcSyDYXRPYB9aEqZiQiNUFXfCVFmHeXqjt6n
vmMW0xptUxthN66pVIVi4FJVmxZSKKW09DxPFQp5mUjVFPPZrH/xhR9bs2b1EyfPmTNvd3v7guoq
T6Jt5kxx/dKlBYDZQjQCk9OZhlltY8YdMmLsxMOHjRo/bOT4Axg5dhK19fUgXPxEInRcP4wiRRiW
RBSGqCgSkdJoKxQppYWUUoM0JXbH0Y7rgpCUCnmvVCw5YRTS3bmHba+uZ+OG59mx6ZWNO7e+tnL7
1o1PZzt2PgKsnTdPdzALlla8NBH9zt8/in8UMBFV//gTr6t7UhzVObfe770AascefjgvP/nkR8+8
8OLLzvnCvGjntk2JdKYWFYVIadynIlL2gtZlyiGqNidtjiO0QkuB1PZ9+YGjlY4cm9ViMdXsSTWP
EGUAgP2mo7eF5XKzMZDY18JqIFQE13ilijJrRiCXG9b7nD4QSK2N5xalNZ7r6b5sr2wdOLjwyAOL
kl//lzO//fWLS99csEDUAaWZMz/F/PnXF2bPFi5mvpT3HXbcie8Zf+D0SRMPOKR1zMQDaWgeqNK1
9WExn9elYkEHYUkEQclVQSgjpYShfNKyMmHTtdjjp1Bao1CgIYoUWkWGjUmphXSUdP3QcT3tJZLC
8xL0dnf4PZ0dYttrL7Hu+Sc7tr+2/sWVj973qA6KD2JmkwsXLtTMnz/FX7t2bT+oVMW7EUzinBvA
mTlvXjRr1vxo1iz07rWQ8SG1FWbN+rPiHfPmaYa8H4r1MKgEnXkY32vuTNdcc423detWP5VK1eTz
+eYJBx726wW/+O1kz3NDpSJPmtRGOtLWU4TQGJ8IcdoSpxkxK0DE4GC8I8TpSlk7iVmE0T+oXjfu
QHZZabWQWGPRSiGFLOsg5SOuqvSYUpJExUJwNUwYIQWtxH4pEKaqU4W3ZU4jhEZbFiUFKtKhm/Dl
xZ/92IanHl18+nvnzNlVN2dOd/vcuQ3AzIGDh5951AmnzjzsmBNaxh9wMC2DhwY60lGxWBD5vqwT
lEoO0hFSSoQ050doiZBoZcRs6/DVqJhpKcOisEwPUyW3lSuJipTQWqGUJopClFZEkdKu60d+KhO6
vo8Q0u3c/bq7Y8urvLh6We+qx+57duOaVb/BTFz96hVXaB54YK7T3t7eb9Lj3QMm8UQ76vwrrtDn
n39+sGgpLJhdVh9qMdMhpjECXhNQJ71EjSMd35XSVY7UKgiDKAgCpYJezAjaLvsvZ//1zdPzgqVz
12amHvtB+YsvnX3BZ7/xwx+cNvczYefuHW4yldJRGEphmUh8Q0eCVIZtVKRVXSnnWjIQaxcxg5Bl
UdaymfgDDUKaziyELpdyY2w0fafCgKrTo5jZmMpQDBaVTieUQiOQQqN0Zd19SRlljcUwgPgwjJtF
ayWEEDrSWkgpCUuBamhqjW695mfhtT/5zpnZbPcq4IxJ0w47feZ7Tz/u6ONPEUNHjML1k4VCX1bm
Cn2OUtoRQiCli3RM8VwrKwZrRRSZ+rS2jAvLPoxWEp8mTZxGWpewXR+EkNqIy6JMvhQIpRRRGBIp
hdaoRCIdJmtqwzAKk90du+X6Z5fz9LLFW19c+ejvOndtvRFYtURrPVsIn8q8tf+Q8U4GEwm4k+fM
Yc6FC0tDauECo9o1YeYUnZhpahnX1Dp4VF1DS1t9Y8uwdG3dwHRNfSZdW+emUjUka2pwXQ9HOiBA
RQFREFEs9FHo69X5XF+U6+vp7ctm92S79uzo7erc0rX79e09fb0dhWzPttr6pk//rP2RYxtbBgal
Ys7zpFPxl1lGYjxnwgKCFU+FRsYdNWYZGFMawoyziU1riNjpGmcgFRElZjPmBlztN7EgJKpzOFH+
zHS6qvJvvE6VJ8WEqACXgspO6CowMd9pUa3pSK2FElpp7TgexWKfbh04NLrntpuZ94Wz7zj82BOG
HH3CaUfPPvl0WgYNDgr5gspmu10i7QjpIBwn3pbWyqYpaJSyO6QrsrWK2Yg5ACPEWHSLytmkZS1Q
PuFKGwDS8f7bWlYM2FohtFZElrloUH4iHfjptAiDwH3txaflE/f9tnftykcX7ti04VfA0oULNXPn
igRGYP6HqwC9E8HEHTx4sP+Tn2zPt4NuNxMEjQMOr20ccOTEg48+vGXwsMGtg4cPHjJyvNs0cCjp
dIZUTYZMbV3oeb7SSqGIhFZoR8dKpRZCOmZErZS40sF1JKVSUeZzWbdUyFHIZcn2dLBn5+tsXLem
r6G51T/htLluFAW4jqeVjqSISxo2L5BUKiQSyvRASBCWrcT5gaEy0oKCQiPLzCNepqJ5VGkvwqZC
2hB5Uwq2JrUyR7GpS5wGlPul0UvAmtTKiQ9lr0rManQMWlXCMJiUIj7IWIuRQmpl9kdEUaBTNRnW
r3mW51Y+Id774bNoaR1cyHZ3yVwu60npCMfzUEqhhdBCKbQWKJQwBjllUxVzFIZdmPK4tjSkqthk
gE5XvcYyEMuwDDSZ41TKUj0ptFJKCC0shxEorZEIlOEwREoRFItI1w/TdfWR1NLZtP5596mli3of
ueuWW3s7dv4ceHae1mLBP6Dz950EJv7kyZP5/I1rSnb4/nBg5oDhY04fe8D0wyceMmPQ8NET3dZB
bWSamyNHyMgRMgyDogzCotRBSYZhKLWK7KhbIaQw+l0sbJrQSCHtaDqN67jK8Tzteb7yE2ZULRrH
caQMSwWnmMtDWbEArGIh4sF5cbnUpht2E6a6a+FAihhqYu+JKHtPKrqKiBuvaK7Vu11uPy7biKrP
NVYXLYMSlf5vltFYF6yu+FWqO2j83p6aGEBEtS4B5Q4PhjVIIbRlako6jqiprQuzPb305Xo8z/Vx
XV8prUQYhkJIoVWcW1m2EKdvSlfARGkznECpCruIN6rsGwMeqgwaJtURKKFM25ZkoUy1Kx5VrasA
Ma5SgTb7JaUWSLTWlEoFoUHV1DaVtJTOa2uf9h696+Zdj99z69VRUPyJ1nqXEOMS8HL8SI53fbwT
wMQDnHlrdGHBFOEAhzc0D54z+sDp7z/w8Nljxx8yg9ZBw/ATiRKaqFToc0qlohRKOQiTszvCQToC
KYyAV/ZjCI3AMXdgSVkcRQgc29tEfDfTEWVObMRRLaXEdd0yGMV3eMr4ZDiBGRsTd3HDfLQKyxMa
KaWRNn8HbbUVu+0yAFiAgXKKo03ugbRuOLRGOhLb49BWE5H2eCsCacz+TQ4Tm9CqN6fj6hHW9K9l
ebhPzHaUXU8oc/5U1Xe2aTu9ihnto5XWpaAoHNfH83ytVEQYhcJUgbTRiyNtTrkVfXXMqZTt5Lbt
sv6BZU7Vnwn7m6kqfUeDsgMeVXkggwUMoVGKcnpUadsCki4zGR0powdhbxalUlFogarJNJaiMEis
XbVM3Pfry9auW/3o14Dfz1uiWTBb+PwDsJS3M5gIIDlvic4vmC0c4PiBbeM+OenQ4z50+PEfzLRN
OJB0TV1QKuRVqdjnqDBypZQ4roMjHVv1EDjW+g2qzAwk8e1dlF/LeDyLrPhHRRVzEfa9iKmDju/0
2t7lbTvx2tJWbsp+D2lZhyYMAhLJBFEQgtRIa7Z0Xc9esoBQtqNXNAshDTBEYWT3WSJxiFQACBzH
oVQq4vm+8amUQca2ZY9L2zu7RqCjyIxWBssAdBmAlM0f4ht0FJrtCCShivBcrzJWB2UnYRWGOWDW
F9oIoJGOkMJBSgeltQ6ConCkixBSa5QoA4RNzpRSqJj1qH11mvLnVfsWpz4ICxAWOY1oq8FWq7Td
n4qzV9jKT4xMMY3QRFXPEjTjL006FEXK0C0pNWZ9EUYhWhOl6pvCXFdH4oH2K/Wye35zTdfu7d+a
p/WWBUKkMFNivmvj7Qom/uQ585izcH5pgRAHZxoHfuHY084849BZp2XaJkwL0SosZLudMCi5juMI
13UNixCGMQglQCgLAoYySBEbyDVSlG+xBkSEET+luViqxFA7cje+0UqppTB36TIwiRioRJyiWFSK
QYsyEMWD9zL19fR0dpDJZNBAFIZIx6GYz6GVQkiJ53pEUYDrepgRxSCEJCgVSaVrkK5DWCqhtcZP
+OhIE4YBDY1N9Pb2EIUhSoVI6SAdBxWGKKVN255LFJo2PT9BGAZEQUikFZ7nIYQgCEKklDiOYzuu
IpWuQQtDQaQj6evLEgbmCZ/SccxroXEcj0iFuI6H1kpHSgs/kdBREFIMSkiESNdkdLFYEGEUaaUU
UjoCIXSpWBLSETiOW+nkCDugscIgdFz5UqpcllKWpsQVnopeolE6HsWkLLgIbJaEjnUUy1J0nAZZ
DSpuB4S23hZNnDbZtjRaaCF0UCgKL5EI0rWN6qWnH0vced0P16xb9ciX5ml9/wJT8QkoJ2Xvrni7
gYkAUles1PkLposBwGePPPljF8780NkDRk08KBToMNu9NyGEEL6f0NJ1NCqK3Va2Y1sIENZuLuKB
dKI8MM7oFLEGEXs/qnwgMcOQFcEyFjal3U3DYFQZcGJNxMqlBoQktk1rd7cG9IXX/ZydO7aiIs0/
nfcFXt++CQEcd+KpRJECFLlsllQ6TSGfw08k0FoTFAsMaxvCg3ffQz7Xx9GzTyIKArZufo3bb76W
jj07GD1+Mp847yKEdEhnaigWSgRFA0CJhEcQBGR7e6jJ1NHVsYfHH17MSe//CJ6XwPd9enq6QUek
M7WU8kVKQZEoishk6rjl2st57ukVJJJJhgwfySfO+xyJZArXccnl+0in69Aosr1ZEokkub4ekqka
stlunnzsIaYfdTytgwbQ1bGX++64nVknv59MfQOO49KXzYIQpNM1hFFEIdcHyHIlx6Q85nyaqk2c
wlBO8cppkKqkbWURVpezP2KhWlHFbnQsxu67nq5ssqoiFLMom2IJW3XSIBxHh0EgwyDQmaaBhZ69
O1L33PST7JLbr/4W6EvmzUMsWCAk78IS8tvp2SLusCOPTHxxy5bCvw8VJ4078Mjr51z07Y8d/5Hz
aloGDi309Xa4QangeZ4vXM/TWoCKIimFpQN2zg1RBhEDGLFNPe70xJ/L2MshjZaCsnoKlrlYRuGY
VEWKyoC8fVMi07aUMYuxbETEICRwHElUKtHY3MKt1/2c7o49zPvhT+ntybL2uZUUcn0oFTJ0+Cja
r7+MUqnI0BGjeG7VEwwZ3sbmV18mCgOiMOSRxffwzFOP47gekw48CM/zufwH32Ta9CNYcMl/88Af
/sDgYUNJplL8/pabqK2rpbm1lWdWLWfV8mXs3bODtlHj2b51E9u2bCSZSDJ4aBtL71/EquUPM2rM
BEqlIvcvuo0gKDJ85Bhyfb3UNzbSfsMVnPaRj/PFr13Mjb+8HM/30UpwYXYoAAAgAElEQVSxcvkj
tLQMZMm9v+fll15gyLA2Xnx+FQMGD6W7q5NX168lkUgyaMhQVq9YxtNPLuPldc9z+LEn8PKLz7Pi
0YdoGzOOQi7HymUP0dmxh9aBQ1A6LovbGeOsaFR9M4iR26Rt5lvDAivpqkb80fdUr29nmyubAMu3
2CohO/6uvA7lNrQx5hiBKNIIO9lVIdvtJVM1pSlHn+Q1Dhjy3lefO2X04sVffXDhQp1vb18Qj/d5
18TbBUySp1x0kVj94IPJh7968cUzTz/nxx+56LsjRk8+pFjs6xZBqeC7ri9c1zU3CqWE1MamLkAg
rVtCxBqIKDOMuOIgKadBFaHVsoZ4DIsgFmcrYEQsYFo1NBYzY6CSSOz2K2wmZjRS2naMKOhIyd23
/4oPfOwcamsHMmDwYN5z2odY9cRjpNM1LF7UzqChbTzx8P0kE0kW3/Vbph85k8V/uI2+bC+PLv4D
Urq8sv4FBg0ZzoEHHUYQFHFdh/vv+h2rVqziqGNnM2L0BH787a8xZGgLd7b/mrr6Rm65+mfUN9Tw
1BPLGD/pAB5fupiNr26gt7uLV9avZd0LzwAO27du4omlD+A4IY8uuR+lFBOnTENFESuWLWHnjm3s
2d3Ji8+t5j3vO41LFnyFYcNHsnLFowSlIrt3bGfrpld5buUTDBg4mBefW83zq1agVcSGl9aw5rkV
OA7s2rGTmtp6ltxzG57v8Ojie0j4Ptdf9t8cd+Kp1DW14EjL5uLf0WomsT5VkbvtfC/E/bzaaRxn
FLE/RxCX3I2Yqyv+GCveatvQviOr7bYRpiwfLwc4jtRaKWEGRSghhEBpcEyq6hbyfUw8ZGZx6JhJ
h7724qojb7jmCw8t1LqzfcECn3eRHf/tACY151+xMrz1G58Z2dI85No5n/v2uSef+XmElFEh2+m7
rietQKjtXB9CSqHLYqipuBhgia89adhFpaJSBSTx2JdySlOV6lgUMKmRBQ2bAMXCrAElWdYwyukU
1VZvyixHCI2QDqiIRDLFiofvZ/T4CUw+aCIduzt5ZsVjBGGJrRtfBaH5zve/zq69BV5Z9wJKRRx/
ygfZsW0zr2/ZSF9flv/60bfpzSqKhQLTph9Bd+ce0jX1zJh9DL4vuG/RHWzZuIEd27cwYdJUokiZ
1CEI+fK35rFr+142vPQCxWKeI2fM5sXnn6Zzzy5O//g5fPqCj7N9Wwf33NHO9CNnUCoG1NRkGD/p
AKTj8PjS+0mmaqivb2DG7JMZP3kKL73wLJ/67BdZfNdt/Of8/2Hk2PGseGwJEw88mJfWPEu+r49D
jpjBzh3bWP/CC5x57tm8532nsm7NK2zbvJ58Xx/jJ0+lL9uHl/AZOXYS7597Fp179uInkra8q8tD
GcsMQgvrFDa9Op7sKWaFBijsZFMxQghR9ueI6jFHlk3GKap9Q3m+3fjCgoq/x4ruAlDG6Wucv1Ja
fNJxCoTjeCLbvccbMeHg3MjJh4zb+sqLJ1z9rxcsXaj1rvYFCxK8SwDlLz228a2ImitW6tKVF0yf
Pmbq4bed+81fnjTj5I/nezp3u1FQ9L1EKnYKaCE18Yw8NjsW2tT47C2oXKG11NhcYcJeFFV82Fw7
ToXaijinsYxDSl1pRwi0tFUZIRAyZiWiPJGRpSgGOHSF/QA2rTL5tuM4TDvsaG6/6SrWPv0st1x1
Kc+tXkFQKpBKp8n39dHefi+rVzzC2ElTyOeyPPrAPTx8/13U1jUQFAu0/2YRjz+8mL6eXlCaVCrN
r668lOUPP8KRx51MKlVDbaaegQOHUNtQS0vrQIYMG0F3Vwfbt+zhuPecws3XXk7rgME0tbTQ1bGH
QUOG8fiS+7j80it4dcOLjBo7nlQ6SXNLC22jxqJUhOtIerp7mH3S+zj3X87hoEMOp1gI6Ni7G6VC
kqkki277FUvuvRPX9XjvBz7ColtvwvUcho4Ywa4d2xg+ciRL77uXe37/eza++hLD28ZQ19hMTW0D
w0aMIplIsXfX6xTzsYHUnMOYGQqbvxrmUdGzyiX4ciprfz0Ra2YV4Cg/yDhmohgQEuXl48ukwkDi
Mr0uLxtfUxotjHqjtRam7EZ5ds3YEKB1RLKmVnXu3ppumzAtf87XfjZ11AGH3zFXiIkLtS7yLnmw
+t+TmWQuuluXvjFTnDb1mFNuPPPffzh60PAxhe69O1N+IiEcKbRWSjjSXAxaibjAUr5oZAwesgIY
pl+L8gUk46pMmXFUA4VdvyrFqZDlmOHYi1lW0iNhDWdSGE9IbI2P2ZK95hFC2junxnFcSsUi4yYe
QFAq8eDddzJoyHA+ecEXCEoB4ycdyMgxE1hy712MmTCZE0/5EJnaWlY/+Rijx03iuBNPYVjbaJ5Y
avSF6UcdS01NBsdxmXjAVFYse4RH7r+byVMP5mNnX4CUkpXLlzF0xEgOmHoo6UyGkWPGk6mto76+
gelHHUd9QyPJZJKZJ57Ci88/Q1dXN6d9+GOMGDmGxx9+iNqGJqYfdYw5N9LB8z1aBwwiilzyuRyJ
pI+fSDJ67ARGj5vIk48tQQOnnvFxGhqaqcnUcsgRR9IyoBW0x6yTT2XDupfo7uhm+oyZHHnciXTt
3c1La57mkCNnMnDoUBqbWxk0ZDhhFCBkPOdtRf+If56Km7jq4zhF1RXdCmKRFIyPteIGjkNXt1+V
41SkdLuUiNOoKtSJrzVdHgmF/bA8xYwQAh0q4foJcr1dXmPr0Py4g44e9OralcddfdE/3zdvnt77
8MMLXN7hGor464u8KVF7/vkrC1deOf0Dh8w+/aoz/+OHdVIQBvlcwk+llY4CYedItTYQgZCVOcCE
kEjxx5WUaqAxy5k7Udy7zQWobYc3VZ44bYnLu2ZxaV2pwgyliffaAkt1+zGllpZ6m30wnhYtJI71
YGBTI60VDQ1NSMeAZNfe3aRqMsbv4Tokkym0UvR2d5GuqSGVSqERZHu78VyXZDKNAPKFHEGxgAY8
36O2rh4VhiCgY+9e6urqcRwXhCbf10cqlSbXlyVSiobGRnJ9WZTSJFNp8vkcdXX1SCno6e7GcRz8
ZAoB9GWzZmZ6oKa2nlKxSBAUkVISKUWmtp5sTyeOm6AmXYNCk+vro1go0NDUTK4vRxQFpNJpcrkc
NZk6EBCFEX3ZXtI1tQghKQVFwiDEcV36+rLWj1Jxt1p/HpXBerZUjEIr8yOZ1zEbEMakhkareCS0
seDHaZFWGqU0xvZPlQlOl8cblZ2x9qYQj/2JKz1xRUdbU53WdkpNQCN0pCKbM0k7zYpDoZgXmYbW
/M7N61O//OanV+zevOEDc+bM62pvX/COntLg7wEmmTnzFpbaF8w99eCZH7z6E1+9tDYKIx0FBd/3
k8pMKGSSXxEPGJfmsXNxOmK0C+MJkdaMZfJlYwAzP6TGESBkxfElLWAI6YBW5YFulRKuqFRjtEba
5ZDljN26TXWVmS2+i1WXm+O83twSZXyzwrCaUrFk5i9BkEqlCKOgLPZGZi4UfD9hvCKRAQjPT6CV
IooiBOC6LsZfY2aMD4IAx5FopUmkUoRBCWVGxuF6HmEY4HkJhBAUC3k8z0dISRSFeK5PUCqYOUh8
HxUpwsgY1DzPM3suBaViAccxj+TAll+DoIjnJ1BhZDwkQuB4ZvBkIZ/H8TykNL4V13EJwsB2No3r
+ZSConEAOy4CgVIKx3MrHVJXOqlx9Wq0llVl27hEW3Gulm33to5rfgaHMAoIgiJRZBJlKV1c+2wi
pQyAxOViMAY+7Pgf8x37CLZK2QnBraM29p3EdvxIgbAzgCulhMYCiuvqYl+frG0ZmN/wzBOpG773
r7dNGHXUJ5b3ELG2/R3rlH2rwaRmzhd/pNp//KVjDjrutJvP+s9Lm0ApFQae5ydVFJWkIx2ttRLS
Pg9GYDq1igJj6AI8z0NKhzAsxvkqnuviegnCII/r+dZspWwn8suMQgpBGJasOctMouM4looqCxJ2
3gytI5ummHS4LDDFebSIJy6qMJiyRd++1vuwJws6rlMGImMsk1aTMaYygSBSIY6UFhy1Ma45EsdO
PG1MWsaDIYWDjGcsFRIVhTjCMccgQEUa6QiUtXS6jmP8LEITlirmNsdxUFrjuC6uY9SFIDQeK4HA
cV3CKCwDSZzWRWEIwsF1HfMojEiZ6pXjEgZBWSjV2gyWU1rjui5RFBlTnZSEYUik7NADFRvNKkMM
NMqMoyEGlwpDiQGjbKXX1tpvQUFrKJUKOF6Curp6PM9HIcjn+ujt7kYphUz4xshHbNdXxF61eFoI
VaErFnRil7AFl3h79po0+18e5W2s+NJROlJCOq4u5PpE48Bh+ccW3ZT+1SX//q1vhqV5C4RIAoU3
txu+OfFWgkly8KGnyddX3TV27EEzbj3767+ckEilg7BU8D3fVygl4jQEbSo2aCWkdFAqJJWuIZXO
oLUm19sJaDL1jeYOC+T7eigV8tTWN1LM96HCEOFIMpk68rksWkU4tlSbztRSzPUZsJDSdDIBnuva
u5q5Gj3PozyRs60dOrEHJRYC9wGSyihdQ3DMaxnP2WpTIbO+FQRlpTOIuNIgDPeK2VbMauJH6BgH
rrIsqrJ+PN1J7IPZJ6rEYm3t7ghoaGzC881mcvmIKAop5nOESqFCY7WXjkMUhgRBgJ9IluuoYRAh
pMRxzJ09KAV4vgdCEoYBOlK4vmfMYMLMdOYnkjiOQ19fL0I4aKUJoxDH9SxAaqIgQnoGcJWqsszH
prJ4EJ+w6Q9UDGXCms+0TYkQRGFApq6Rro69rHjkfrZtfg3HcRkz4UAOPnomCJdcrhfHcY1LGDMV
pjGxqTLrATPgsDw/ihJooSwjEuV9jFlVZDUalI7dtFppLYRAR1ojhEOxkKO+ZXDQ/rN5Yslvf/Hh
OQv1ova578yxPG8VmLhATSqVyqQbB91yzryrjhsyckKxmO1K+Ml0FAUlR7pSobV0bOcQQiKlya1T
6Rq2bXyJtU8upaa2gcNmn4brujy/YgnZrr0IIRh/0BEMbRvHcyuWMHLcATS2tFLM53jp6SeYOO1w
kukMWkcIrVn/wkpGT5hKTW0tYbGAn0wipCQoFpDSsSmEsbe7nlcp9WL9DiKW3swpFMJOUxIDh030
pQUvlNVjbNojZFUlCIEUqpzLm1kIjW8ifkYO8XihspBYlv5Me3G78SUvKvOllT8VRiiOBUgJRFqx
dPE9dHd2oLWmbfQ4MrW1jBw9jmQqhee5lIolkwr5SdLpFF1dXUhHohUkkklKpQJBEOG4DulUimzW
6DLpVA1CCLLZLK7nEYUhXiLJptc2kM9mmXDAQRRLecAhmUiRz/WVRx4nEiny+ZwBPSnLDERTpVXY
c6wRVQAQY6hERRFCOoRBiUSqhvt+dwu/vOQbNGfSjBgxjCAMWf/yy9S1DudfL/4BEw46gny2F+G6
xqJPZSCjjtlItSOWKjdsPGlTDDjYz4QBkng9w1wcjfX1ijgtQkRKK3nl189Z98pzT5zE+efv5Mor
33HP9HkrSsMCyLS2To5Kkf7ah87/5nEjxk4t5ro7El4ypVRUksIx5jMhbIpqS6thEJDK1LJp/XMs
uvYShowcR8fObdxx3SX0dOxh8W+vJV1bj5dIccd1P2brqy9xy8++xYO/v5GG5gFs3PACP/7qefR2
7cWREtf12PLqOr7zuTNZ99xT+IkUkVJke3vo2LWDVCoNWpPLdrNnxzbSNbV2rIywd3bDUMqD96yG
EleQAIqFPMV8niAoUcznKORzZklHoKUVdmMaYRmKtuqQtI+VEvFwXx1XhwzASmmduDGUlMvPZgS0
lTYsQ7EFU210IGnNX4bwRSSSCbo69nDT1T8nU1tLOpNGCk3n3j2EQRGJZvPGV9FaUVNbS093B6uf
eoJkIoG26dLWza8RlgJqMxmiIGDDi2vx/SS1mTpe37aJLZtfI1Nn2GQUhdSka7jq0u/z3Yu/AGhU
ZPKILZteRjgOjjQQuHXTKwgBnh1GAJSPr+INisFclytnrpToSBEUCkgp6Mv2kKrJcNsNP+cn8z/H
l7/4OZY+8gj3P7iExQ88xNKlDzPriGlcfN4ZrHnqUdKZWlQYGMZUdt/as2/PsdQWonVsP6jaJ2QZ
eEQZ3KvasdYCtPmjlBJSOjoMSm66pi445ZNfnJSubf7yvCuuCGnDfwv65hsa7luwjcynPnVd4YYb
zvnI7LkXnjtt5mnFnj3bvUQqrVUYiPihUsTTHGozvtWo8IpEMs2qpYuYetSJnPiRs9m6YT17dmyi
VMozcFgbBx99IkEQ8Mqa1eR7e5gw9TB2bd1ItquD19Y+zZjJBxGFEa7nku/r4+UXn+YTF32dV196
niNmncQffnM13R27CYOAGSeeyuvbNvPqS8+RSCSZPO1wTvrgx+nu2mPGxyhlJ4C2lu1yJ5dEKkIp
RXPLAHzfp1gq4bsOUgi6OjuISgGu74GqOGvjVCiePdpMhVB5Hk7MgogvYKzTU0A82YgZuBgnVPFn
VITq+AFeWHCKL3wLkIMGD+WAgw7BdT0SfoLlyx7m6aeW89D9f6CpuYl0TR1nfOyT3P6bG4gixXOr
n+LQI2dw5U//h7aRownDiE9dcBHX/uIn9HR1MGb8ZA49cgaPPHgvIJgy7VBmzDwRz3V44ZmnmDBl
KsPaRvPc6hXUZGq55uc/ZNjwUSRSKY44dja/ufZyhraNpVDMcd7nLjYsSNsuqbVVZW1qZxmYcByC
IKRYKJBOZ2hqbmXP7p2MHDOOJx95gOt+8h2uu/56zv7Up+jq6iQsFdAIxo0Zw69uvoVMXR2XXPzP
XH77MqTjo1VkhHY7WlkpO5ZZgIpvv0pQmXWukm7GAC4QdnoDu8tozABULZCmyiMdR2sVCS/h676e
TnfiIceWDn/vh/9pgRC3n79SL7lyuvB4B80t+2Yzk0TzhAnccMM5Y8dNO/riEz96oZfv7ZSO60tN
ZPJ3e3XIsj86LtFjc/WAsFRi0PAx7Nm2lTAqMmzURFzXZefWjdx+7SVc8/0vUcj3MmDYCDK1dbQO
GcGqx+5HSIdho8dTyGdJ1WTIdu/hmWUP4ftJnlm+hFxvJ3t37eSYk07iw5/6DKuWLWXbay9zzAkn
8rHPXMiTjz5AsZizYq511dq7jDl55uKJAiPyZtJpltz7O775xfP44rln8JV/PZtbb7wCbQfOhUFg
2oLK3VXKcieJrf2inDdpyzoMu9BC2KkNYuOcLusmZdev9cM4mvJ3suyjkQghcYRARwrf83l96xZ+
c+MVLPzVVWxYt5adO7aye9frDBw0hM//+5fYsW0Lub5eRo8Zj+tK1q99gT07d9DQ2Mw//8v5IOA3
N1xFS+sAvnvpT5l+5AxuvvZywiDAlQ73L7qNKAqpq2/gyWVL2bF9Kz3dHax8/BHCICCZSPHlb/8X
fdkeVq9YRlPLAP7tGwso5nK8+Pwq6hoaCEolnFjIFqJsXJWORCLJZ3NIAUOGDCXX18dVP/keF1/w
EW68/BJuvPx/eN/JJ/GJT3ySrVu3AIJEMkUymaRYKrFn127mz/8WdTUei+/8NU3NLQSlIo50Y2uk
ZZ/CaFWasn5m7EfS2gKshmN/uvLvBuXfFhmnTVo40jHOFBmDpHbCMNRHv++shpbhYy66crpI0jbz
7eBQ/1/HmwkmDvX1qUwy6dTUNX3+hDMvmpSpay6FpYJnx9iYS8LOiqy0YSaxGi+EQEURrusyYPgo
Vj92Dw0DBrJ7+2Zu+NFXKRUKDBg8nLM+t4Av/uB6XNfj1bVPIz2PsVMOZtHNl9M8cAg1dQ1ke7tI
ZdI8/cRS0plaho8ZRV1DM0899iB1jS34noeQpvyaSKZJpVMgjCYgZdz5K6Ylx7WnTVBmT517dvKF
c8/g+1++kGLHZtqaa0iE3dz48+/yiffP5PnVK0jXZGwJ16l0DCEQTizgVomw5UQl/qxq4CJxiiQq
y1frKGB1FpvqCLOutFRdofF8j3yuj1Fjx/ODSy/nB5f+mClTDyIqBQgEAwcPRro+DY3NrHziMV7e
8BKjRo825eQwZMCAQSRravB9HxWGpNNpojAin88jhGTQkGFMnnYwhxx+NJ7n0rFnNy88u4ox4ycy
fuIUtmx6lY0vr2fA4MFIWcTzfDzfJ1WTwfWNcOu6rmFysTsR05GFFDhSEuQLBFHAoKFDEFJy01WX
8a3Pfxy5ayXf+bcPo7c/zqrHFnPyyacQhSHpdA3pdNpoYo5LfX0dkQ4ZNLCVQw85lOdXLUcpI8ob
x5kGXZ4ok5iRlm3XolIqrp67Ruv4d9BVv0iFpggjHAulEVoroUF7nq9z2S5v8OhJwUHHnvpeYObC
jUsL8M5Jd97MNCc14YAPR+uWXTv7mA+d+9EJh80q9XTs9hOJpJWyjPnYPOlOm9H5xMKhQGrwfZ9s
916OfM+HWXT9j/jpVz5NMZ/jmFPmUN/cSm1DM7lsD8lkikFDR6E11NU3MXriVOobWxg2chzde3eR
rqkhKBbYuW0Tp3/yXznqhOPx3DTPr3yMsJTjzl/fTKqmlpknf5AXVq/gjltupqllENNnzMb3fQq5
XoTwymp1IZ8nmUziuA5BoUhfbyf/ecHHGdRQw5KlS5k6barJ/zVs3bqNr3zlP/nc2WdwxW/uZuKU
aRTyWTw3gdaRYWCx/lEeA2LTGxFPPK3tdAjaPAVQKDvu0DIZe0vUQpe1EWx6ZLMyk/ODFYsNM0km
kzQ2N7N9y04czyMMSjQ2t1JXX0cQhGitaWhspLllAGuff4bGpmaklHR3ddDc2oJS4PsJjj3hJBbf
fSdf/fxFHHLYkcw56xyW3PcH9uzewcQp06jNZHj+6ZWMHDOOcy/8Imi45rIf8fK6F9m+5TW+9rkv
MWzkSCZPOYhf/vi7fOfLXyOVSjNl6qH09nTieb4djmB8NKWghFaappYWwjDk9t/cxJI7b6atxeE7
/3EW0w6chEYzefJkfn/vo2QydbiOHVujTUVOoYkijeuYalNLczOvvP4aQalofDTasD4Va1wCKtY3
DBLYsVnxrHTSAolCglBIbapCZcCxP0s80XVlctByzU6qoFQ69PgPplct+f2Zc4VYyrBhkq1b38Ru
+saF+OuL/E3hUF9flw6CpJ9puuaC7950SsuwUaVSLuv7rqeVUObM2TKpjBF/H1oYu0o10nXxXI+d
W16hvqmVusZmCn29uJ5nxS7sL6zxHCOeOVaVF1a41JHCcR20VgTFAM93SadTXHfpdzj4yKOZNG06
NbXN3Piz7zFx6jQOPuI4pPAQwjARM59IgCOhZeBAenu62bl9G4dMP5iLLzqPF1Y8yBMrVpJOJent
7ka6LlobT0dTczMf/MD7eenVLfzqrkco9OXwfLdcvi0fd2xJkBL7CC8r7sZP7YvPTQw69hKMtRf7
c1YqR+VPrLBLuWIS6yuOI9DCRaBQSu1TUjaUPCKZyvD61i1EUYmGxhZCpUilUsarosFxXYqFPJ1d
exk2bBRRGLJ500aUVgxvG0WhULDb8iiWCuRzeYa3DeLO227j5ZfWccZZH6eldQRPPPwgK5cv46zz
Po0QaVKpGoqlAtIxv3OxaIx49Q0NCMdhyf33cMctV9Lo5znnzPczY8YRFEslOjv2Wq+JZu4nvsTZ
n7mQr371K+zt6KCpsaE834kQkj27dzNo8CBOee9J9FLH/J/exI7Xt5JM1cSz0pfNaHEJPp6Eulxh
QqCVMjKKRYd4xjpT/alUoJTW8XQqmJlANdq6Y0EQhoFK1tTzm0u/3Ln87ptPPP8K/fyVF7wz5j95
s5hJuql1QtTx8pOzZpxx3uzBoycF2Y6drp9KqSgMpWMeFaXBqNrlMS9xGdR2BHPzlegoIohChrSN
IwxK5Hq7cT3PgEWsNpp54QmVwhGSMChZf4dxQhq/igGtVDpJFCnCSHH4rJMY1jaGdG0TxXwfhx17
IoOGDCWdqSfb003K2s0FmpaWVpSKuPv3v2XxbdeT79nFuIOO5eH7F/Ff355HU2MDO17fQXNzM0or
pJT09PTQ09PN/AXfZvbsWaxe/hhHzzRjUlLpNFGokFWdPp7igFjnMNQFh2rkrwyhF1WfCks9qoVc
q7tWpUG60pDWRKFGiJLRrmxn0DHIYTpcX28PrQMH4TiSUqGIJyRhENh0AIJSEdf1GDJkOH3ZHrQW
jBg1CgTk+nI40iQGYVAi4SdwpEO2t8j4iQcycNAwBg4cSSGfZ2jbKNKZDM3Nw+nu7iIMA3w/QbFQ
oBSUaGhowk0kWf7YI/z2xl8g+nZw/kdP4b3vmYXWmr2dnaA0tbV15PMFBrY2c/RRB3HHHXfylS//
B1opujq7relR0pvtpb6+jpfWr+OJ5cv5zFf+x7iGhe3k5Zm1Kacv5hI18K5iADf3RlN6t4a2eNpL
cy6tkGuv7xhZYj+bFJpQKSE9T0XFwPESfmnSoce1LL/317MGn8/zXIDLOwBM3gxm4lBb20Bvr9cw
qO2az373xvc1DWkrhbms73iuNpQ8EjKeZFkaAcuASqUTxd9LO1hPgHFqCmOiKrtPqQz4kxj9Ie4v
8fSMFcZjB/5py1bQJBIporBUngs1kUiYiYhUhASCUonGpmY832fZ0sX84dZrSAQ7+fgZ7+GgaZP4
8c+u5877n+KhBxczYeIkIhWRTCSJHbWRisjnc3hegkMPOZhTP/ppLvjCf7Lr9ddJpdPGOBfPxBYL
sBo7EZBJW2JBujLuyKZB+830Fqfp8cO+dFU1gXgZbF4fC1RlLcLMrSrstJTmQRsVw5iKVBncldLl
YQVxG0proijCcQ3jCsLKdI7Vd2gsO1LKsDYhHfKFHFIYB650HPpyOTzXMzOuFfJkauuoq69n9VNP
ceuNv6RzyxrmfuBEPvLh9+MnfPbu6QAUrmdMcCYVKpLwXbZu28HJZ1zAOeecx2WX/ZRisVQ2nfm+
T2dXF2d86HT2ZEO+f83vyOdyOK6PebQoZU+JpjJhNrqKZYBlIkKFuZUAACAASURBVGZ4RHmO2bLZ
DbRWRFZHqZjwKlNQKsPEtWEtGun6pWxPp3/Zf3z83l1bNpzBwIEOO3f2vaG99E2IN4OZpNtGHx9t
evaOGdNmnHRcy7DRqtDb6fpeQkdRJBxHaoR9zFR8F626bMvPmdGV9CeeRd35f+S9d7hlVZnu+xtj
zrnCXjvV3pUpqoqqIhY5imQDiCLBANpyTiumPqbWVo+xRbS1jW1obTGDQrdSiqKAqICCIAhKkFzE
onLVznutvdaaYYzzxxjfmKv63Ofe+5wuvfDc9bCpvVeYa84xx3jH+71fimKf52LDAtFii/r8mpBs
F4RHWWNln13lXbFaKbrtOaJIo2K396fdjitmbAwD/Q1G5y/g7j/ezpXfu5h08nHOO/NkznzJ2+h0
Uwb6a5x95ulcfcNdLjLUnwKEdV3a01q7QLhuOwjMWqnQTkGyi5VUyXcDEA5WirHlFzgXswqvI751
qwkeZPm811Rk9NzzPSKhcuAhz0VCDT0qRXHsAN0aoqj83l7BPImjEImaxJHbuU15DaUx5lzsWZ5h
bEocxVgseZ5j85w4cnk91XqNPZYt57H1j/CFT36EDQ/ewRmnHstrPvJ5RufPZ+fOMVrtNrV6HXBg
hjJYXVCt1uh2OqxauSdf+dyHePeHPsumTRv4u7/7O1atWk2e5/zpT3/iy//6FbZuepKDjjqFbrfr
wNAL2i7i2OfqGO0LPUKB6Fv4Vhk+olj6B0GIzHXBdC6dwPh8MOMEWFcc3M1Da5x/2SildJ6lenB4
gVq290EH7Nj46MqT9nvRUzdtv9Rloz6DH7sbTBRQ23DvjSaq1M886PiXNCIVdZXSVZx2YQ3GpeL5
ySVeEkQBF3+98pPeLwQCnnuwEa3FRqAKQisGKHm9xCUITe1dpN4kcK0qQOvYuaHzlEajwcDgMI89
/CA/uvSrjD11L+e8+Dheftbf0j/Yz/jOCa8DWJJYg8148omnWLP33rTbber1uis5qFzimikMk1NT
jE9MsmKv1Z6BCRX2IBI5xqR8HhDeBaq0LcegJ1PaXZMXAP3YOMvHsTjtc6x9MUEcy6F8rwqjSQBh
LUzDbb3W61Y2jL57u/bFmKXyGVr3NJkJ9ZZDKQD3rA1FoSUDN44ip0eYwh03iuh0OiRJwpI9lrJl
8xa+cPGF3H3LdZxy7EFc9LVPsOeK5UxOTLFt+xh99TqoOsYUXliNXA6TcdpYpVal1e5y0vFHs/fq
FVx99TXccccdYTPJ84yxsXFeevqJjI0/zeTEOEuWLqXd6frYnXLU8GNjjVy3Z3cByJHJR29ug3u/
3BxhNjpkJLunTW/4IdaYKIrifM81axfcdeOV+/HRSx7hlEurPMNzdnY3mNSW7neU2fLwnavWHvOS
E5butT/d9mzkEsgcI4iw1se4etebpbfwjcy+3nsjGCPVz8rn3QJTAXQIgCKtOFVYKMYX01HlYsOb
E9bQbjXpa9RYsGApmzY8xSVf/SyP3fVbTj/lcF7zP/+JBQtGGJ+YYMeOCWrVCtVahXa7y+GHHcz+
e6/gu5d8l5eeeQbjY+NMTk46tybQbDZZvnw5H//YRaSF5TnHn8TM9LRzqdrCl0hwmc295ROkBEJZ
8KcXVJS7PmVddrPSoTOfAr+l2pDcKHqItBMNECKAjrAVz16s80a4h3TMdDu09vfIcUm/0AS0fVkH
F+zlztkaH8gl3g48S9JljovSGmsKiiJl8eJFTE5N8e1/+xI3XnMFh++/jK9/8SPst+9+TM3Osm2b
CyAcHhoiL4wX2x14YAqU0lhtwBa02ynzhod567s+ytObxnn44YeoVes8+tijVCoVDjzwQH7725t4
zWv+hkV7rGBocJBuNyXSEgHbA6PexAntQ4wKIGK9BhIeWvl8HA+dPtNZq3LMtGdwaDBGSZqAcscz
KqnW09GlK/qA5W89GW766wSY/pceu/sEq/0No4CjV609ZmX/4Eg6PbalElcrSiuMslZ7yxxvQRJA
xehyt7TK7QTIVMftlKhAKspfCLu1Cn+Hu0JZYsDbPPI+r6Ok3TZRnLBkj2WM7djKt//1M/z5lmt5
7hFr+OBXP8rKvfZifGycnePORdkYqGLzAotLcsvzjPf8/et52WveyQc+8EE+8YmPA9qXEtCMjIxw
xQ9/yEcv+jjveP9FLF6yJzt3bKWvr+FbWJS6jrdHyvye3nwgP9MkmVBGRvmMY7FQSijuiVVRJbOw
SEsOyjGTDG3rfg/ApFS5RjyTksZYgVyG8ody74QY9jBMpXyRD2GYPgNXgatoaalUqigdc8Xll3L1
uktZuaifz174No4+5mhmmy22bt9JrVajv38IsSh05AQyi/UdBjWoAoVhbi5ldGSU6371W35+3U38
8rrrWL16DWmasnzFcgBmZ2c555yzufAjF/Khj1zIXHOa0UV70O200XGCLSSuWOasBxS/iUlNFbkb
oo84UC2NusBJJDTfugnsPmt8mQwZQJRSGmNy1T84glLR0g+++MWVntn+jH3sTjCJ+/v7k/V/+lNl
ZPHy41auPaKS5d2OUpHSaBuaT1qlQhk9pXDJOD5nBK9xKHyIMkFoFdARLUR89vjd1MqOaWUC+BgL
+S7PSrw1QZqmaK0YXbCIdnuOH17yNW771Y85ZO+FfPlT7+GQgw9menqabdt2UK1WafT1u1641mAj
FxpTq2ta7S6HH3IgX//iR3jre/6J2267lTPPPJNVq1azc+dOrr3mau648w6OOHQ/ZqcnyAu384G/
Bl+9yZEEVebu2J5oWOsyTEO+gTAxMZG0PN+TndyDrMrT7hCmT+lU6MESLwQSxtixEhV0H4xjeI6K
g+gGRr5ZGpiHhaM8yXH32kUX9fAgpcjzgiRJ2LJlI5/9yLup6zbvf9urOOmEY8mJ2bJtO7Vanf6B
QYSp4SvYCc9y7lUTwtptkRPHFQoLn/vyN3nVq17NySefzI6dO+nv72dubi6I9+Nj4/zdW97CJd/9
Flde9nXeeeEXmGvOutgW5euVIEmGHrTFVAug7OJRQjCbsA6Zr6YHWE1pdkrLUquEASnvbDPKFIWq
VGvUB4fmPfaLXzwrAtd2J5gkjcZC1Ww2lyxcsd8BC/ZcY9O5OR3FkVUaa4yTBF1YeDmZhY6jTPC0
SP0LFdL/lafdqmfXE5PF9ugt1h/bw7y3+WVPUcp5ZyyWkZFRCmP49TU/5tdXfo+9FlT49IffxDHP
OYZup8vWbTuo1qoMDA5j8twX07E+nsCgTYGLYclQkWZgcIB6rU6WFXz9619n+/YdDA0NsWzZMpJK
DU3B5qcf7ymgRI8bXO8CFGISSGCJotQzgnENQYy1IjorCfvzJpNoTboUn4WmhLq4NhC28j2S0uD7
8ErgmxFvm1FBQzA+sC5EjArEa6H55Xd5TA8bQ6Q17bTN/AUjXHnFTTD9OF/87PsYWH4IUzNtiiJj
YGgYTYRFoyJX+wQl9V/cfTXGg4nRoCK6Wc7g0CB33nEX6x99mn/96jdptdvEcRzCBbC4fK1Om6FG
gze88c188nNf4LVv/yCVWo28yB2Am7JfsbsH1seHiJnuvY54r4zcRVu+FsbFGA/cruCSVpJ5rMNa
sKonszuKqFSqyZyLDHhGi6+w+8LpFVBpLFoNsHrJin32rvcNFFnWiZXWyhqrNFoqPgTC5taT29s8
KOPYhbzPJ3kFdiJLS+xYf5O0Bl128Asu0UA18WHgBY3+AUbmL+APt9zERX9/Pndf920+9JaX8a2L
v8DhRxzB+PgE7XaHwaEhKpUaWI1OKugo8VXGYqI4Io4TCgN9fQ22bB3jLe+8iNe9/o3ceust3HLL
rTxw/wPcfvsfuPXWW/n4x/+JP9z1MHGlThTHGFO4/Jiwkq2/DM+u/OBoyuLViFdIETw+4urWynrw
dQCsUaHYEkqA5j+DsA7h+XI/ygJShDotriSEDoAkwBZInwdxd86e/Sh5p+QHuQtSGiLPqoQpKiyR
BkzOvocdS2XeMv50/VWoosvw6CKKzPjqaxX3EyXEUUKcJOgoQccJURw7b5MvHwGKgYEh1v30F+y3
//4ceOBamrOzKKVI05Qsy0hz969C0Zyd4YWnnYY2GffecSt9ff0UWV4yYmn5ZWRa6hAyiPbA2aN3
lezQ30gFZbU/BVKOEh1C8OWbNIpIuXTOwhjb7aaF+5ZnRCeJ/9vH7mImCqhMTz4dax3vvXTVfn1J
pdqxRVHTWklZKh1AQex1IYzePSOTs5QPxFXqsF+8IBZX27WMNfG79n/ezb0gq5Xz79f66jy6/mF+
+r2vwPQGXn/eSznn7DOIkyoTk9NEcUy9b8AJmh6QosRHL/pCOSiNNRHoAtPt0j8wyKfe8zFWr9mX
z37m00xMTjI4OEi1WsUay87tO/hv57+G39/yO37+i1/TnJ6hVq2RF65Yk8MTB6hOzyj1EwFDb0gT
ygwETcmJB6HWilefvTTohUBZ4IQRx2siTk8Su15yUcrvKfdZi7HlfQl2pnFZyaIFhI8gVq34R/09
kh27B9yUBxurNe3ZKUaXrmT14bD18XsZmplk4aqD0FGCyTMXC5TUUK5HMWIqoAoKUxDHCmMLCqPZ
OTHL7265neefejqDA0M8vfFpKtUKeZZ7EdWGYLPm7Cx77rkne69awe9vuIZTz3oV42Pbqei698YI
w3DN2qSimmyOZT1aYX0GY7R3itme+AQxcdzQuMRNr7PI3olSxhgVRbHNum3Vbk3NDA2tMNPTG/4a
5UL+S4/ddYIR9MXjGx+p9w+N7jeydKXtdud0nMTWoqy1RknNDY8HIcMyVJynpITS5hG/gypfI0Js
Vm1LncTij0mPeaR65rzSZGlK/8AAv7l6Hd/80Ks587kruew7X+SVLz+L2VaHyalpGn191Gt1tHaB
VFEcu1qmkdsNoyQmit1uGEcJeW6YN2+EP93zIL+8/ndc9LGPud3GV/nqtNt00y61ep3p6Wne+/73
05we56p1lzM0bx5p2nXfJePiwa9M3gNrvc8k7JDOeyMCqbY6FGVyxaQkyA0vqJbgFMBIu0hNl10s
Nr4UdZL3Cc8RfuEpvsbnCgkIuGOJlBjO03pTUwlD8uchNN56tz743104eqVaJ087VBpDrDrsFLpz
0zx97800x7aQVPuoD4ygoooDEuUEWK0jdFxxDa+MYmqqRZzE7Ny+ldnZFocdehitORfvlac5ee5+
iqIgzZ3J2+l2aTT6OeCAtWx++jEfexQ7oFbWtTrRfo4Ja/a5UruEIfQm+im861gFOSQwFwFm8WYp
Bdo18vLN162KNM2ZCUtR7Fiw7wG+nPYz+7HbwKQ2bzgGqo3h0b1GFixVRdoFpZUyhccPFShxzz9u
oC0gFd395BbPgPPIiFhLubPK4gvbnI8UFQtIvkMpisJQrdW570+38aozjufVLzqK5myTqdk5kljT
19cHUYyKYnQUO/ocVYi0B5MkIdIJWsdEOkZFEcYqGo0GP/v5r9n3gLUcf/xxzE7PkFQSClMAytc4
1bTbbVYsX87LX3YOV/34cpRy5oP17mAJuVbB1OsxI+S6lYCtCoWYyuZh/qJ7fg81ZYP+5MYqxPhY
+aw/jrXhd9FuEKCSKGV3msHTJu1SAV+71v+O3KtyodkAQrK+dHkOGpR1918nVdpzLdIsY8XBJzJ/
xX5Mbn2SDX++mZ1P3Ic1BZW+Bn0DI8RxnbhSpSgMMzNzdLpd4kizaOEoO3aOkxWGffbZh9mZWQCy
LCMvHJhkWYbJDVmWYa2l2Zxl3/0OYHJsJ2M7tlCr18lN7jiw7QERuTEWoRJehdU+JkjtMvaudrDF
10SS24Q4nktAdw28ANevuNup7NzwWAfYuqO5IeZZULV+d4CJAqKaNRoY6BsaWdw/PEKedZQLE1dW
a22VqO3iNivVPnoNd+XpttwIdM/OCuWN3OVhy51BuLalBC6PWtVahdEV+9PWdTY/8Hu06VLtG8YY
T0dVRBRXHaAkMVFcQccJWifhX6Xdblip1pidy7jq2l9z2gtPpa+vQafTwRrrbPIs9UWSC/dcN+X0
01/MpqeeZP1DD1BrDFBkvpi0sDOvfQSLRXQibyZEfiUG008ppKSjsD6UCjqK8rU2lHbmRhBvFb76
mlvwofdyWOxOF9HQ4yny3+3NLPG6KbQroaDceMs9kzQA1/ZDl9cCvu5K+RmsI3RxFGGLgoULFtHo
qzO1cwf1oUWsOvL5LNrrQIo8Y9Ofb2bTA7czvmk9hTHMzrZoNueoJAnDQ4NUqhXiKGH7jp3EScSS
xYtpt9tYa8nyjDzLyLKULM/Jiow8y7HG0Ol0WLJkCe3ZaWZnZpw3pyhK5udnZ+gO6OFAh/tUehqR
frBYJ7p6HibjTxgHZD1Y7XMmtFZWo01R5PqpR+7ZCTyebZ+t8SyoCbs7NBMFxD40b3Ro/uJ+V2He
KhU5Y8Maq6TATJkwpYiU6AXlgWz5P79ru9ddVGVp46NEY/C2uRJ9yrvopAVGiOhUFHlB1m6xeOX+
ZCZm6yP30L9gDxatOpg4qWFMgSly4qTqGIjSvp6nwdjc7eyxotVsgapwz70PMDk1w3HHPZdut4O1
lrwofEU27Sp9WpfPMjU1yaGHHU6E4Y7f/46DDz2ITU9PUa3XsLndZScP+TnCTEQ7wge3QaD6qodh
iFvWDUlvPIiYJSUtDwIiombI/9z7rZiOiLsaevOHTI9LU8mujb93YRdXPdGfKnyTsbY06ayLNaGQ
uJ2Cz37xYs57xdkcfsThTIxNMTW2g8bgCEsXLEcBszs2MzO2lY5JaAwMMTg0iFIGW+R4KYTJyWnH
GnzYfkzkY1EEnAl/F4UhS1P6Gg3yrEvWbbv7b23YwGTohEorlFi0ni17jRXYhR5Dz7i7140fE2eG
KmtMrkBbrTV5kVOt9xc7Nj8RPfnQPfcB29utnRHPgkS/3cZMrFv1Q43BeTWLS1dwnM0PtBVfffnF
jiH2LiChiMGq2QWAdun9assMW6nHKYWVXdi88Z/xdrwX3eKkQneuSaUxxF5HnkKedthw781MbXsK
lKZvaCFxtQ90DFo70yZOSJIaxiia7YypmRbDg31sePJJhgeHWblyJTNTUyilyDJXgDnNU4q0IE1T
DIbW3ByLFy9myZLFPPrwA94j4uNi/jcwKDWOYKaIwPy/aRqlYKu9/qAsWM80ymprhGNq70KX33t/
SjbkBEKp5qaVq6Qv8UD4jUCSKLWclwLpsxyuzVK6wHuuT5gOFnTk2l0MDDQYGhrgvPPfzKc+8yVm
ZqZZtnIljXqF5vQErdYsw3usYsn+x1Kp1Blo9KEVFFnupWqXhZ0VOZF2RaharRZZ7kRaUxgKIz+u
1GaapbTn2q40J5DnOUriyJQqdSrZqGTsZW7iIly9tBdajASWZ4U5SjCgAxcb2JxveK4jW2QZlWpd
P3znTao5se2m6qJFOZ1OxrPAzNldzCSq0VFd6Kv2NRJlUda7D0uTxGG4AEXYqLQEq3kRL6TXE3ZF
JaKi7LLBJhd7QFxxpZYiu4ANO4nfIKwT+rrbx0iSKnuufS6d2QkmNj/BzM7N9A2OMLLH3jTmLSZK
EmzmGjc1my3a7Tmq1Zj+vjqNecM8+sRTDAwMsHTJEsYnJlwRpiwrFwu4GiEQWkXst//+PPXEo7Rb
OXESOx+AAGcYKRWu19IDNpS7qgxu6e71bKVXC+kxHR3o6jBuyjPAQN+V8R4bsextCN2XbnqydJQ/
mV4vkfztvG06nGKvTiARyXLrA3sB8iKnr15jbHycM170Ak59/sn87Jrf8m/fvhxb5LzsnJdy9HOe
i1Yxc61p0jQHZciyjqtEj/Xh9Ir23BxHHX4IkxOT3HD9DZxxxkvYsm2bz1LWJdMwBoki6R8Y4EdX
/JB5CxazbMUq2q0mkS/K1MsorHwWqf3ixsxiXXBeuDYVNj0HMqbHYVDeaWMcZdRK26LIVKXel7dm
xuN7bv3lo8DdtY7VXWjzLIgz2V2uYd2xFQ1U4qgSKa3Nf47glMcuk8//rm25UCSzVeOEq13CvmVF
+dkdFp0VmcHHhLt+ETiZrzSjjDXoOKLT7TJv/ij1aoPxiXH6h+ax8rCTyeaazI5tZccT9wEPMH/P
fYgH5jPXahEpGBzop5JoprIUm+Zs3bqNel8f1VqVtJtSq9W8qKrDgpEq51mRk2c5CxYs5N77HyHL
0lDASSupVlK6eb1x11MQiXCtoq8ovPbgW1PizT5xa8tkdmJqgI2eG+HKDWgN1moi73ZXwiRlN/Dl
INyvvvGU3E//Yzw4ecZfGgNWmKmwHXz8YclahKZmWU6tWuXd77uIQw45kA/944fQSvHOd72fN77p
7RgMLzr1NP7p4xdiraHIM7DONLWmoDA5SRIzNTXNIQcfwBsueBX/8J53MzExzotOfxHDw0OuQZhx
TCP21fC2bd/Gxz/2Mf79P37Iez/5NfoHh5menCCp1kIBKIFSDyNu/vkhDKOqvMuZkkXLZqZRrgyB
dU5kr6tYrZVz6GhN2u6owflL7K1XX85j991+DSTbpqd3GFxR6RKDn6GP3cVMVDeYixaLEVeLt7od
UOie4XAU0XhK7peNLBShij3aBz2g0isGlnTTm6gyQWXv84tMadedrhonbN22g49c9Bk+/IF3c/hh
hzI5Pcv0+A6SWoP5ex2IVhHd1hTjWzdS03UGB/tdyEaeuVae2rXhaM21GRwcpD3X9pM7d8V1tA4g
InuxKRydHhwYYK7Vosg7TlexXuyU3d7KTu7tbA1aGZSVplylBwa/WB3I9LA3D9KlniJNtwScvR7l
d9VeRHBA4mNOxAoOUYC2ZCB+ARkPPK7dqWeJvghVT/kgNxfKHrxIQWy5h1q51qiVSswnLnovn/rc
xZx04qmc98qz+eQnP8JArco1v7qV2dlp18q0cA3D8jzDFDnGGpc9bHLiWDM70+RD73sHg/19/POn
PsF3LrmUI488kn332Yf580cxxrJlyxYeeuhhbv/DHxjbuYMPfPobnPzilzEzPUmlWqXw3bSchuSq
9gmbsxjfXdE6+8P6eCDtJrT1m56PZUaauRmMo+2AsVZp73ou8lzVao1semxr8tuffHe9LYpfNRqD
ttWanMNB1v8vmIkCqNiOTiE3eVZgSIQfunnqG0P7v0QMtD30XvJDhFO6+AP3KWtdhKt7SFpwuYsK
DcXa8I3BWyT2urUkcUKz1WLfNXtx1BGHcu75b+K8V5zD6/721azZbz+wiuZMk9RAY3AUqkMU6Rxx
FJGmKda4Pr/GuCbjSRLT6ThPQas1F/r3RqK/Yf0kN8y15pg3Ms8VlI6dFmPyIlSTd3EaPWYIpWZi
rWdcSuJGBFBl/Eq3sepJHAvpBgFc/PBZqYjvc3n8Futac/oFpDTK+DHWhDwSekEGdhVY/XucWO6P
q11hJdkAwm4iqfm4TabwjcrSTpfRecNc/t0v88vrb+a731/HJd/7AUcedRgnnvQCnnfSc8AWFHnq
/s1SV8LAWqwpPKC4/t+ddso/vOMNvOjUE1h35bXcdtsf+d1N19NszhHFEf21CnvvvYLzX34it9+7
icOe+zw6cy3X2c+PmzKlqRkEVz/pQr9jfw/k6lRJDT2YluOjlevqZ60l0soWRaHQCabomsbgPHX1
ZV/oPv3IPT8YGhraPj092cWVHXhWtLvYHWDigLdb0UDWmWvmVruQKmz5BrfYZRcmhB/bwDBKWmK9
6RNcbH6XlqJBgbCLKm8VVpvSHanBhsjP8n1ZmtLf38f6x57g6KMO5dxXnsXdf36cT3/+Ypqzk5x3
7is46phjWLRwEd25GdpzbXSkKfIIa3M/Sd2MytMuZ55xGv/99X/Pr6+/nhNPPIGJ8UmMtWU2sB+A
KIoYHh5i48ZNfOfb3+KMV55PY2CQse07qPf1IR4aIoFbWazKx19Epc4UHl4Y9GOkVbmLKr8KJIZF
9YyVhL0Lb3JD681BCTTzpqntWfxhARl2AeowCXqtJ/HGiZnjxW9lVRDSTZgDMk0cGKCh05lj8+bN
nHLSc3jhC07ivvse4aqfX8c3Lv4Kf7zjFj73qY9TFC4i1prI91B2zMR55IpQ/3fnzjGWL1vChe9/
K7OzM4yPT/oCVa5A9cIF82jNTnPHfV+l2Zqhr7GYvNtFa+VKAygTTG38+YYKa3LNUvxVuXmHFvPW
X5fbgtw8Ndb5ArSiKCxRUjWduaYemr8k+9Nvfla9cd03r6tWG7+bnp62QBMHJM94VgK7z5tjbdKJ
gFZzamcnctaJ20K1Dy3zdNuRBL9I8LtTz1ApKzlkJaqrsPeWto6bs9azEQc2oYxgj00OXk/x9nGW
5VSrCe9674V8+Svf5MTjD+dzn/4Iq9es5uOf+AzHn/g8PvvZz9HXqLvKX8ZgTe6S/Wzh65LGjI2N
86JTT+a157+C17/hDVz89YuZnpqi0ehj/ugo8+YNMToywvDgIO25Fr++/npeds7Z7LFyH97+ng/T
nJ6hUqn0XBPOPJAx8YNhvbYhDETyZYVxiLakcQFpsj8KIInHRWF7YkMskfLMJcSXOOYibSWUJnhl
5Kgu7oTyWBCE31L0LReesE98v56ymJDzOknQm5tAbiKYIifSilo1YdvWbWzcuJE1a5bzTx97H7fd
fB0f/fB7ydIuxuTkubsfRZFS5Bkmz13YvXHN2I0tqFZi5lptNm3aSnO2RaOvxvyRYUbmDVGtxExO
TrJt+xhKKSqVqht2ceVoYWkKCUGVJFVn+ih3+3x0MCLXWUvvdHUAqn0IijfCjSVKKjbrtFRjeDTb
sP7e6g++8pE/Z93O97vdVgeYxrGSnGe4ViKP3WXmmAoVndGanRrb3syKfAEq8gsdpbSQYXFVuh1Q
mHbpHXD6SXClCaDY3h0Tf4M9cMgMBq/PeqrvbVV5uTCGOFak3S5Llyzisu98ic996VuceMqZnPGS
F/K6C17LRf/4Ph546FHa3Yx2exYwvvqaxhQ55e6Xo7Wi1EHZEAAAIABJREFU0+7wiYvey/Jli/ja
N77Bt77xbQ46+BAWLVpIva9B2u0yNTXJQ488wuOPrmfftQdx6Y+vohLXXS5J5MwNZ2v78Qg5MF7P
kAsThiC/Bc3BgU0g07p0RXpjiJJ0qNK0lBesjFsJAhrjDqlBAgFtGFW3EAzCIgmLx3W9s4LliPwo
nhwxzZwV4OuuyX3HZ/+agiLLyPOMWq1Cf6PB9MwMExOTJHFCtVbDFB44jKXIxWNmXYkIUzjPicmd
lmIMcQyRrlDkLmDNFIW/tzlJJaZeq7pz8WxGzDZhUqX57DU+JSK53+7kNlHm6VgVNDOndon9h7bG
5DqKK6bTbupa/1A2sW1jcumn3715YtvGb0TVxnjRbc3gWEnKs8AlLI/d5c0xKakF0ubU2M6Zie17
DQ6P2iJPrYoSa0zuWkJpkOVu6SkJ6EVEBxw6ZAkHqiy2f1gkeJNJqLq368NuJw1GTbDjFc52jyLN
XKtFo17lm//2KW697S6+f/mPednLXs3CRQs54YQTeMmLX0SR5ZgiA60pish5DLAYk2ONYynWFrTn
Ut7+d3/LWS95Ab/41Y3c8+cHeGL9vTRbbWrVhPnz5/HfX34KWp3E/Ru7jM4fYfvWcfoHBihyHwHr
g7jQErUguSyqBAIXrlpqIwqkxIADEHlvWcdF2Jv2JS2hBBXljxOC//B5M75YtFFiYvlFprVLs5e4
IA/mUn4AXPN1Bw4mnLC2tsflrHydVO9m3SWcHgcC1lAYB9ytVpff3fknjjrwINfLpzCu+LfW3pSB
onAg4lzD1usnPSaPKcC6eBLra8+681AUygNjIear+LpUmD8qmJaSEiD6ETJ5EYHWeqNNcqesj86U
gtEYo5TGxlFs23NN3T88ko5t3ZR862Nv2brh4bu/FEXVxz2QTFJqJc8KEwd2D5gYwGat1AL57OTY
0+PbNx41umS5zabakCTKTTmU8ga3tW73k6wRd5OlHbfcnHJXDZGc3psAymsFZXtMKXvobH3ZPVQI
vJLF6FpQQLeb8vTTmzjs4LWcdNxzePTJDfzu93fyox/9jGVLRjns4H3IU9dpzhQZhcndVPETtCic
0KcV7Ng5xtBgH2987SvBvpzZZpO02yWO3HnNHx3iqp9fz6333Y8pFHEUC2vzHhe3mrTXF4RthHos
XvQUE0JiQUKVtrAICGKueG96hVr8Z/HaU2B5vSWAPHPQyoMAQE+HO0dWPJcIfFNiS2xYXFiL8czS
lSgsbSBxV6ueCk0OSNznsyIjRvOtX/2QL15/CRcc9Uo+fsG76GRzVKMqFpf3ZIzGFMaDCb54lasH
u4sYa42LKTFOS7HWP+cDG61nXsGstArXO16JRAbuinuYVqkT+Wfd2Boxuf04Kc9MjCWKY2NNobqd
LvMWLE6ffOjeync+9a6NGx659xuVgYGH09nZGWAMaFGaOM+ax+4SYA1keX1gJG3PTjyx/an1HHDE
Scpa45VtKc8osSdlda4QJCU829+oUMOm1w73u7f72++awlrCirE+O98zGUQYKyl5UeToyNJXq7B9
xzY2bd3CgvnzOf+8s3nja1/DbKvJzPQUkVbkeUqRm7B7hQnr3ZDWOLs87XbYMjvjTCBPiVNrmJmd
JU07tLsdKtUqUaQdoInJ4UFRTIweO6B0pUtZPxVmrx+UEoi88e7HRvJiRPB0epXLA/F7r6BLiED2
dF3bcLioR0g0qB5RMdBIF6oitN9ajC5f08ZirMbXc+8xAZwu5kmkO75f8PgFb4qckdoAI3aIkcaQ
G+s8c8ezUOQFxkYUuQrMJFTCC4Di/nZg4oHEGFcyUp7T1v+N85qJBid3UXmRuhdSdulVZp1tLqah
gJIwFqVRxkAU2azbUaDM8PwlxR9u/Fnlsn/5wEOTO7dcUqnXH0tnZ6eAnTjz5lmllchj93lzyovf
+PRDd413O3OjUVItrLWRb6brShGE4CkHJG4XlGA1P6l1mcYdWmdCyJ1S4PuK+nB0AZhgAengsgxx
G/ToA6agyHPSrMu8oQHq1T4mZmdozbawCpIkcXEGReaQsrAUhXFeCFNgC5erY4VO5zkqUtSqFaxx
zdaN62FAtRJTq1WJ49hPdnEzSgmFUrPA+sQxGxRsZ+4YhYrcMIecI6lUb8UUdLeidFB6k0NJhK0K
4KOkHqswDG8eOfbnmKLs1G6hi7ga+TgJi3wbksiHr8tqCTzHHc/XcjTCLN3zUopABAfrNZaicGyv
m3c494RTOXb1oSzfcwlzaQtlLAUpyjgNywAmd2DgKsP5WiPWLWbXodAzEQ8k1ps7wkwwModsaYr1
RgHj5pEN509I15ANTIBD4njKEgNuMytQyuQ5jaF5Nuum0Y+/+anoJ9/6zG1gr4gq9afTdnsC2A7M
4FhJyrPIvJHH7gKTAuhm7TbAlk1PPPDU9I7N84cXLDFZtx3FlcSSF1p7IVZ5F7G14j3oEQ39Liki
pOzUTkWX9xGCr3wQhDsTLZ+14Wb6Jej/b8HvSlmeESvNbff8iQc2PMbLT34xA/0NvxUoTJ46fcRq
isJgCjfZTGECiJSg4tyRYqu7gjhuUhc+mA3fKW4Xd63szv75ALPyuzdxZBLvYuIE7ULtCppSgxEb
2I+7/LKCnQqUwHiTU9a4W4ROhHUagfN0uu8PxpByAWrKSGxKYPd+Y7Zl6LkXa8XDb7QNRanl9rrr
sbss9CztYlGs3GsRnU6XqNDoKPId9xyYWPlXTBVjkPwvFdiHweKZii1cIJ0tAlhkRUYn7aIk9VmV
Lm0j4nbQSvB3SEw4G/rjBJDpCbM3ygCRxRbE1apdf+8drPvaJ8Yfuff2a/uGRm60RdpqN5tNnGkz
7X+eFXk4/1eP3eEaNriLz/K8nVarjdkdTz/64OP33U613sCaHGVcuq8Nq9ovDm+mEJawSLMSl+BD
kgNl7xFq/Sq03qPgzFuPNH4n3qV+RggWsBR5jtKG1kyTf7zqS3z4sn/hmptvoJpEtOZaFHmKyTOK
wnkEHNPIXKe/wv2YIsPYzAuyvTa4CeBijdsRCXqABKdRmiZ4UPSMBSsB2J65ySz24yWPYNtLaoEI
tOHa3Xdo70z2tY96PEXO9NRaEvnEHPLFk7y715miKoTWS7Ejp0OJ8OujAOS+9DAlQfXemrOS9BZM
WoXLsAbStEvaTalWE/I8Z3amSeSPZQrx0OQY66NerfOuuedFdM3Dc84UdSZNGX8CRZ4xN9emlkSM
jgxj8jaxbWNtFADVfa3T73qTVEO4QkhKVYHdWQ+c1osqSlllTKEiHbFjy0aVpp1kwR4rV85NTxzS
bjYL4PFVBz93x+CyZRmuNOOzEkhg93lzChw1axPHRdFt3fXAHb899bBTzl6o44opjIm0bLFeWS0l
EtPD84U/SJtu69PfywBuV+BYtADYxQDv0RtKccyvMPyatBaLIc9yBgdiXrD6GFRTcdCqNbTaLZR3
GRplMbnbgYscX7bR29emFzhMsM0DY/HZqO7cvUCobA90K3817ncLIatZ6rAKm1Dl2wmRpqq33an3
TkjfHTHvBBxs+Z2RxNF55uEOroXmlWZgOYzBaFLW9cQxPo9HW4tRJfBJCcSQm4JGe4HTlc30Jpd1
xZSFgeJNPYy7L8YY7rz7AfbbeyUrli/FGOh2XepBHMX+PjpNBV1gbOEBFST5zrX29PfLCJAX3sQ1
zM11qFQiFi8aYfPmbVz8/WupJ4o1wy02Z87t35t/JNxW+YBKl3fm6xZLTJNnJr6+gJ/SFoxFRzFp
Z04dd+o5HH/6KwY3rL//hCceuPv4P9/xm7OffOCuG5748+9/ANx04RU2u+hcVfXr6VklvsJudA3j
Lr7VbU0XURRtuv+26+596sE/nrbfoSekc81JreJYzBgnj2gLxsfBlnPZU3Ghmz7HJZQmFCdmSY0l
ty9Ut9JlzxLRIUoW4KCqyDNnf9uMt734PP7H6ecRV2Pa7TaR1hRF151eAagIkxfBphfNIHSzD4BS
BBHRGutdhR58lH9/YUJciXa2dI90IayqzKwNUQohN6d8r1XOVeuh07MF790J4+NptxzNloFr7uHh
TKJ1VY8WgvFuX2GEvjduiJ8QL41GG+M9F8pnzvqx195l6nsimZB35G+Hvx/CHK0xYHMqseK+hx5l
bHyCVSuXM39kmLwo6GYpWJz+lBcQG4xyYOKOb0L4u2wa1mdtY6Hd7QCGBfMHGZ+Y5OLv/orf3/kw
zznmcD7wnrNoxG22m5RCVdDWUADiSRNW4koHeBPQWqRpWTCvUM58NAhNdAxVRXTmmrbIC7Pn6rXF
yn0PUc89/ZUrNzz6wOvv/M3PXvPAnb+76qJz1TeBGy78jeWiU1QV6P4X1+Vf9bG7waQLzBJVB/J0
7pZbr7n82DUHP6ffYq2r4GhUFGtjrNHa4Lu6lSguWb9ioohd7XZGYRyyWHTI5wmmkhII6XEzK5Ek
vRFljKvLoS2ddtfV/YgUWTt1ORmhSawrQu2ITeHCI7xnyniBr9z5erwGfqe01pVuNEVBe84VTqrU
qj3mi5+oHjy0v8ZeoTQAhacIknogrMQGhiJmuusRXMKRp+veLJEdM7xDTBehI/4hCYKWUtcBH38i
bljlQcdY5zq2lIDoNwQplOw+XsYOlQ3SfRQpHuqtq0XS6KuhtGZ8cpqZ5kMM9DfYc9kS5s8bBpw3
zukgfrzxLl7fSiJ0CsQxwzRzyYBDQ/0UWcYVP72Ra2+4g9WrVvHPH3s3B63dh+mZGV/k25KL2xxh
tjYI50hlefnbhNAZd21+Tkv9E+u7V1pXllHFlYhWcyoyRW6jqJqvXHt4sebAo+ONTzx03h+u/8lL
br3mP6666BT1iVdeYR9ad+7aCjz4jK+wJo/dBSYWByY50CzSua7W+vF7f3ftrQ8+/5zTDznutGxu
eixOqn2WIldeiPW6YdmmwXFUwmKw2kfjW6lrKDuwMzuc61SoSbkTizs4LBs/0a01xIlmcmqa2Zkm
y/ZYwmyrTVFANal4IJCd2TETpRWG3E8YKbRvUcHMcawDH3npzBv3fe22y25dODqALWBmbBuJ9X2R
wQGp7NC6pPySg4QS7SMMlmM5aJdJ7M0UpxO6RW4tZdG5gA8ergKrUMEli/AMJezFtcoQsAzCrM85
UUo7k0+78bbicrbCBP339rqRlYuKtaL9IAFgKmhhURxji4IsTZlttlAoGvUqeV4w1+5w3wPrSeKY
fdYsZ2Ro0Af8FSHAzX21Y4UKZ1p1uyl5UTAwUKcS1bjp1rv5wU9+S2NwiH94xxs54dhD6XZTtm3f
SSWJUTrxruye8ba+0L4fk2DKBKx24yfeObzWJ3qWx1yllLaOJRlXEjJOKAoTtyYnYos1i/Zc1Tnr
9e+rHXLcaa/55Q++9rx156qPARe/8pVXROvWnWvDRT6DH7uzCVepm8CUUnF/kac3Xvf9Lx6yeu2R
S5KkaozJtY4ia43z7CglFr5HeRFP5UZ5O1QHV53fCAnlOUom4wgJwdCXY6CC8Cg7Spqm3HHX/bS7
XVbuuRRQtDtdlFLEsW+IJPYwYGweKK8zYbw4jA0Cq/GsRStLp9PBGMPo8ADN9hzf+fdr+Mm1f+Ds
lz6PvLkRooU+O9ddhPYeEQmsA2/yhaG1XrPwz8uuHl51kZ2uDIEtvURQiqg979bedS7MzqOzH0+J
4pQITnckpU2pPWlxjeIylHualuPHyPvtApj3yGL+fSUAaKXozLnCU7VqwsplC9m8Y5LZZouhwQbW
QlKv+LIBO5g/b4CiSMEYtPUCqz9apBR5UTDXTWk06szra3D3nx/h3398A5MzKa8572xefOrxoGHn
uIslqtX7iEiZLAbIqaBNgaEsUO79BSVO9grhVq5IBe3J+BgGqwDjubQphF5SmNyNkY5spVazJi90
uzlTK6wxy9cc1Hnt+7+4ZNXaI792zSWfP3LdunPffaG1Mxcp9YwXZ/8SjX0iILK2qOukZqZ2bOqm
aXrQ4Se9hLnWjEqSitt/tbLWWK0VVmntE/GswxRK2u3yBH11LM9YdAj08qtPmAmUyWlyk7XGFBl9
jUFu/sVP2H9Fg9WrV7Jh0xZ2jk0yOTlNpRIzNNigksSkWRqU+aIAlEbb3Mcv/GeTRsRXpynkeUq7
3WVgsE6jXuHXN9/Jl7/xE3ZOdnnXOy7gtOc/h9Zcm7ix1J2/5CWBW+BB8ynBsWxGLiaHu26JVZOC
xtjSI9NbykBrFdzFoQ6v8sdTkpjmxw0f+4GIwzboK0F1EvpjXci99WUKgOBZE03Fk5tdAgslJEz2
WWMMSZIwNT3L5ZdeyjFH7MvqVXsw0KiTpRkzsy2stdSqCd00ZdGCedRrFeeK1xWUSZHoXGsM7U4H
HWkWjg6xcfM2vvKtK7nmhrs46cTn8qH3voGDD9yHqekZut2UWjVB6QRsRmorbDMrKYhQPsXA2l2B
A29CCXBYX8rBKhtqwTiXuJt8kuIgYyqAh1KuVKO1yvoiLzqKrVaR7nSacZ4X+YHHnNJdstf+R294
5J4jr/mHv//1FVfY1rp1Fz2jO/vtbjCRDVUD2hrbX+1rTD/98F19/cPz9zngiBOy5tREXKlUwRgH
HA4YFKAi32xF3IblAvN4oUrWUfZ+EStA7aKRyA4SaUWe5TQG+vnttT/iwBUD7LFsCdu27aBerzHb
mmNsfIodO8dJs5ThwYb32Fhy3yNXWdcOAVMEUHHynFstucno+Mk5MtzPPfet5/NfuYL71m/mb849
k3e+7XyWLFpAs9kkSeoU1cXleSsdli4eSJ2FJi5bvet7A2DItQqbEwAhtFwI6jQ944TPEsablxK+
b3tNKxV2XLdo/Ot400yJSVMCuVs1JXsJD0VAoeCe998jQNJqdVm79mBs3OCfP/1F+muaA/bdi+V7
LKJSiUjTjNmZZmCtI0P95B5MIptibEE37WKNZXRkkLnWHN++/Gou+9GN7L3vPnzovW/i+SceTbPZ
pjXXplKtEOkIYyEiI6XGFrMXXWpoZcRQDjPakyxx1Mjk8pelgukm1y7bXgjflmURxlRhfCk7a60y
SBygResYpVQ0OzWerNz/sNby/Q7d74kH/3j0dy973y9O+uAH5zbcdJMc8Bn3+EuAiQy3BquKLO0H
u+3hu24ZXbJinz1Xrz0ybU6PxUmlhoq0tcboSGvrKo1Zr6coJcDR29gJJTso5cIJ5pGboI6rKB/A
5vq1mjyl1tfPrddfzd5Lq6xauYynnt5KURRO7FOaNM+YnW3y6BMbGR4aoF5LyLICrSOs6XphtwiC
qyuoXtDudEkSzcjwABs3b+dLX/8Rv/zt3bzghSfx/ndewIFr92Zycppu15UuKHQDU1+Msj55ztt0
ssjLVPYAK34R+YmqJIhYIZqKAxD3nBZTj56mWLK+tQ7h8krrYBb2dghwO6lvzyAaTikQOHBBBRPA
fQBkLZXuYYtoQCIyW3lvuBaNVhpDTmtujuNPPJl9DjySSy7/KTfddDOD/RX233cley5byMjwAFme
YYqCeUP9FMYQJTXSdpOiyJg31I/C8pNrbuYr37mKvoER3vPOC3jFWS8EFBNTs8RJlaQaYwuDxgW7
zTDCdruSLnW0F3KBHtd4qeMhDMzrI3Ib5JpssImcu11YXMgT82+XxEfHCKVpM0r0I6ylUqvZ6Ymx
6tKV+7WW7rX/modvu2H1w9f+/Cf+EM9Ic+cv2b9UGEpsraoUebrlwT/evGDx8tVLVh1wZNqaHY8i
Hasojq1I+q7Xrg33SBIBQ8c7D1OyzJSSnd2WIfXyfk94Iq3Js4yBwWF+eeX3OXTNPA5cuy+2yGh3
XOBSpRJRqyauhWitSn+jRq2WkBcWrRLwYGIlXgQnrqIsC0YGmZ6e5buXX81l627kgLUH8KH/+WZO
fO7hzLU7tFqup0tcqWCLjKKxCqKGS/NHmoz78xbtz9dc1XJ9PR4s8cqIZqR6JrVLyi69Yc6a0Vjt
vEO+e4sfR+v1FHcgaXkZdBJFWQ3NJ7252qmgMFhfnNqxER0WlRsd71XzektYhhanFfjryk1OO+1Q
T/qo1/oYnxhn9eo1nPGy85juJPzwR9dx6613gElZsng+a1YvY8H8YVpzbTpzbbIiYrA/oV5L+O2t
9/CFi3/CzumUt/+Pv+WC889moL/BxOQ0KEu9kqDJvL4S0WIe42pPJlmMUZET1AW8S9z0AqywDEkz
EDPHg4y/cY5cuMji8gkfsyIgJV8RXjM+kFtZY4ySyGZTGJXU63Z2fGd12d4HzTWGRw+679ZfqR/+
sPj1unUX1XgGxqH8JcBEzGvoGUKtE512Whv+/Ptfz+sfGtlj38OOK7K0Q5GlURLHToQkLBjlg7+V
JPyFLRi32HSIPuwBFy1A4mHFOs2gKAqqtRqTExNcefn3OPrwfVm5YhnzhvrodrvMNtvkWUG1kmCK
gr56hcH+Op00R+sYTMedmbJ0uylZmjN/dABTGNb99Ea+dsnVNIZGeP973sQ5Z5ziO8w1iWNNkiRu
cRUditqemPoeaAqs1kGY1EF59eKo7GO+QXa4Hr9TunrZ0tjKsTItnEzYnIyX7QEcKdkYjlluw+Wf
YqnKbuxvqASjqaAzuoWG6CgSjexYpCw0C8Er4rxzmsJaunmHWFVYMDiP9TseYePk0yyfvxdTM1MY
YznuxOM55bSzmM3rXHf9Hfzy+pt57NHHMEXK0kXzGRjsZ3B4lD/fcy9f+saPuPfhLbz63Jfy7rf9
N/ZYPMrk5JS775UEqyqkVJizQ8yohUyqPZhhISk1B+qijXhUFsG13Nok8qZkKo51Kc/kPNj6a5by
A8Hi80zEZWGrXS1BbyZZUPiSjuDNH1MQV6u0pifjVQcelU1PjB39+Y+f9YcrrrCPrlt3UYVnGENR
/89v+T9+VIAGMOJ/9tA6XgQsMrZ4/mmvestxp5//9mhgYDhrNScjpZRO4sRqn+6+a1apRFR400A7
A9YBjbRldKASqZ6YCn+ztVYUecbg4BBXXvYtblj3VV73ihN58YuOZ2Cgn23bJ9i0eTutuQ6tuS77
7r2ChfMHaXctcbUfVcyS5y4ydmiwQRRHXH/TH7ny6lsYnreA155/Fsc95xCarbbrLletEGntbGzr
CvHk1WWYxl4eDDzN12LOCKPym5xygWDScjMIs9bFZ4h20stcHPYIILkexiipzq9R2gW+ORHWCPxS
bsP4ReWjWgtwjnAfserNG1cH1TET693t1jrbzFjrKrDjg7qwrsaIcm7SorBkJieJEvqr/Wye2sIV
d17KZbd9k0++/F85cc1pTHemSXSFVmeOarXKvJFhZqab/PHOP/KbX13LU4/cje1OsOeiPir1Ee5/
bIznn/k3vOwVZzPYlzA2NgYKKnFCgSK3MbmNMUQUKnGBdyYvzTmrnPfFx49YH2CI1T4IUULpe67J
UpZulN+tz0dCIT2bjHXBBMYIIBPMHmsthf+cqyPjgwutsoUtFCgfpqNUXuRUa32dybFttW995A2/
2vzE9pevWTOUPfbYYynPIP3kLwkmGqgC/cAQsABYBHppHMeDeZ4esfqgo5939gXvHdn/yOONsta0
52Y1ptBxnKCjiDiKrLVGKWWtcmp5iOVyFL7crctsWvFa+GAw0VGUoihyRkZHue/uP3LZv32KgWIb
57z4WI5/7uEMDfYzOTnL9rEJut2URQuGMTZBxX3knXEa/QP01Svcde96LvvRDWS55m/OO4PTnv9c
UDAxOUucxFTimKLIceHbCqMb5LU9yasL0Mr40odiXFhXx0VZ/PWV5poqWUvZy0YF700gbP79co0S
sRlKNApwyU8k3i4bPESAtzQlPN7HSFi3m4oT1+nS7gOmh3k4L7FfTEL9w4Ird2QsVCt9TLTGueKO
7/Hvf/g2jzz+AEcfdBw/eNMvaWcpIlTqKCLLMtrtDpVKhYGhIZIkZseOMR5+6EEeuPdu0qzLGeec
xx7LlrFzfIo0zanWKmAteeFbUvgTLAtlufM0VuKHXb8gxy7E3e8Zl39OritcI879bTxdEbPO6c/e
/PEmncWXV7Da5WKH4wk4mQA08hnx9GCVlfiVrJvSP7Iwvf4HX9VXff2i8y/8jb3iolNUhWdQ29C/
JJiAm+M1HEMZBkaBRcDiuFIbyNPOsqhSPe6EF5+39oSX/E195b4H2aRSzbvNGZ3nmbKm0EmSWKW1
0j2CrIiWbgH5YCxhJtrttJKEJYDjPhuRddsMDQ+hdcT1117FjT+7jEHGOfGY/Tj+2ENYumQxSmum
pmdptVLqA/MY6jM8/sQm/v3KG3ly0yTnnHkqrzj7hdRrVSanpsFaqtXIuZMNGB1j9CB5ZT5FZRSl
KyhbBCDB5k7DiGKU1HdVuiwKLVqG+s/AInzLCSQui9qBgsSLKC22qyp1FG8OiQeoDIDDG1S25PTW
B+YZ9z4JNDP0vOYXlDFuFzY+sF8WlHufLEin02SmoJu3uP6BX/GvN3ya9U8/CBVITMKFr/wXLjj2
LexojVOLahQSPOg9dlmek3ad3pFUKzT6B4hjp3HNzEzTmmuTJDFaRy7D2wcjObG8dFMbq1zIvZ+c
xlgKAQTro3p9SL4RMPTkTUJprCkLSgdmIkDrXwcBJgLoSDBwGCNceoJ4iGwYd4KJ5PJ+XGH2LM9U
vTHU2b7lydqlH3vzus1PPPi6NWtOzx977BfPmJD7vzSYgJvbYvIM4kye+cCiOI7nGRgweb6qWu8/
4pgXnLXq0BNObex78DEMjywoMNZmWUcbk6EKb/VEzix13eVlwdjSJPDipPUh6eL5iLx5oLUmz1IU
MDp/Pp1Om9/dcD23/+ZnTG1+iDVLGxxx6D4cvHYlo/MXMzNnWfejH3PH/eMcf/xzeN2rT2fRwnmM
T05jCktSrYJKyImxqoKJBsijQYjrKJUAKdoDmTtdg4praJNBnqJ8ewwpt6jBhfgjQOANFQ+YqNL7
UmpGLn9Har+EymzKzUXHenpe69EGRFu04r5AvDSXcBslAAAgAElEQVRCy8sF6SqtuheCYNu7SMKO
a4N5ZFHkRU4SVXjbf7yWn97wQxiCuJpQZAVL+vfgh2+9niVDy+hkHWKdkIearv68JDq4cL2cszx3
GcAooihGx7GruOZ3ezFLAAoDEpphfFSqkTgZuVb/GeOZhHizjDXhNSvng8LVR1GlYOGv0wRGYwII
CzOzPa7xwoceCEBbbx4ZMRs9izMKawrfQ1ArsjQzfYPz7LovfmDmlqsvfeHX7R/vebM6UvEM0U7+
kt4cedieH4l9zoHUGFNYY1RcqU3leffJDQ/fu/GOG69pPXrfHWrDo/c3sDaJ44QkqSitfdUN5f9z
G6dDFXmIfqC86Oee7FlECowhimKiKGJ2ZgaM4cBDD+OkF57J6gOPZTLr4/d/eoTrb7qL2++8lxtu
e5CssR9vfd8nOPWsc5m1w+yYq1PUlpLXFtOJFtKJF5ImC8njBRTxAESJc/3a3AehRcHlp+IKdsfj
oGOi4YXQnUPZAhVF5bmWlxOYSQmObgK6q3bBfDICVgsjU4HhiG4kbsqQq+R1VqHXIsC6TdPzFSU3
UPmENsICkWA6l6Nj/aLwDacUwcSQhaG0ZvnICp6efYqt05tJopislXH6ES/nVUe9jtnONElUpbDi
MfMnhAcsv9CVgsj3f9ZR7G6p1yiC+0XOXz4gugTClOR5/xkr7MwL3z1zR8wWb0xTyrC2PDbKMTk/
WpL3ZP1YBnBWfqzlb/lRpUkVikb5q1VKedlG6TxLVb1/OJ+ZHhtY/8eb7j8k/+odN910UYVniGfn
r8FM5KGBBKgDfTiWMux/RoDRWq1R7XY7A9YWC4FRpdTyeQuWHPLGD3+pevDRJ9rO7LROqlWno1Au
FqXFdeo1BUSIFCApd/AQmq8gjiOssaTdDlGsGRocol6vkaY5mzY+zSP338OSJUs44tjj6LRazDad
KFhJpEiPy2EO9T186QSlrWcUDtxc/ZIIladEjUGKh24iv/7fqJzyepK1z0NFEarbQukIoshHtroF
VTIPF7wnaove5bq8NuIXQ3k+4vpVvq+QHw8bpiqS9Ac4s8b4RexpN4iXwk92l/Hod2iF1GqxPiLW
GMngdWaEeC/aaZvFQ6O87tvnc+Xtl6P7IlSmueRNV3LKvqczPjtBrVInN1LIyJ1SEHyNmFLuuGEH
h8BIxLyyBT450zE+49+Dvw7HQGzPdbnvMChv8pRakPEufCMh+0FoLYVX0OG9QXuSY4i55BlcYa1P
ZfC6ixW246+z59hyvpLdmuc51Xp/d/umJ6vf+egFl+3Y9MQFLFpUZfv21m5dqf+Hj78GM5GHMGVh
Jpn/SXE1Lzt5nimwUf/Q6EzabQ8t3Wvfta948/tHDjryBFtkqVZRHIrWi4ZAr4vYs5RyR951wUl6
Pr5MgWSCVqpVtIpoz7VpzTbJs5R58+ax9qBDmL9wEVPj4xRFQV+96gotm9yF+WODOOq+IypT8aEM
oPPAhgZlctTwEvI7f0L2u+9TbH8cPbiQaNFe7t152sNSQFzdCr+jKR12XuiJ1ESFbF8FBGPfYYl/
+GAqcIPnd0I5iOyIyiqMN5Xk+JLIZ/13hYVI6eq0UprGrQYPWJpOt83CwVHe84N38LM71rHu3dcy
MTWOTSwfetGnaHXnSOIkLHARI4wpmZOIumUXvdJEkO0+CJuBrFqs79ejZNHKuAn7ERYQPmQoo1Xd
ptBbLEmKUvmRCtct4BxEadUDEtYiRY1lIxMC1AvkiOvYyps8WGKU1bG11mhrySt9/cm9v79udnrH
lp8vOeWUtLl+/TOCmezORL//Nw9LWZYuxwFJF1dEN69WG51utzXVnB5/xXEvOvecl7/xvfXFy1fZ
TnMGSf+GKMwBK/koIaDIuUJ7phvlTfGTRPnT8H+iXEq7UppKteLiXaxL1mvPNVFaU63WUEqRF74A
kYrCd3mbytFZ5es0WeXq2PrFrF2LQZSOsVkH3T9CdNALsNvWUzx8M3OP/p7k8JdSO/m1xIv2wrZn
fb9iiaDx81eYB0HdQFtx+7rXhdqXJRvcuLmSDTYAiMRVIctL1pYsXFMuDKzs5GqXTOGQWexZgVKl
58MqS6Rjmu0mCwfn8/lffYpLbrmYy97yc05ecxJ7Du3NhvGnHBtTwQINi1a0od4d3l0vvhQkPW1L
PYBp/7zkC4mJYggj5i7HmYmFP2d5zpk7Pd/pN5wwTl5zwU/FwOp8iU4xYYw3fbA2MEVjpRWGCpqK
9fdJcJ/e7wvsBRTatclQClPkUZRUmL9o5eIN99+5sFHsNe1n8v/nuslfG0zAsz12ZSnRohX7bN++
YX1tYHj0zWdf8J5Tn//yvzU2L/LpsZ1RpVa1budVSmxehSxY3IItI4SCSzS4jf0uEPrr+hTd4DHw
E80Y2R0gijQ6roFydU0iXZ69LOhQR8XvXFqMYfxJBTehLUFMKawpiFYdTV671J2HKUhv+wH5PddS
Pe1t1I9/NTbtoOMkHKMEENcu1GkSJiSZIUl2RlNWnsNNaM80/hd57x0nV3Glf3/rho6TNaPRKEso
EiRAAoQIEtmYYLAXs4Zl2TXGXhtsMDZ4nQGDMQsYTLDJNtHkIJMEIhmQEAIkgkCAQAml0Whipxvr
90dV3W4JvAsG1uz71ucjTc9039s31alznvOc55hjTvwZkVgPvT99fFKHJ/qEVWhQOxnNZ2Si8xIn
q6k6RttyKVQKtNW3csvzN3POvT/myhNvY/+JB7Gyu5PG3CB2rhtCySsihEWoW1ZEcazDGJAyIo6r
YYXUk1TEJvMik/eVkVQeRnLcmkdgSWVUpQl1bZSEBQbviPV5mmuknyOdFpciRsSCSIeOUqvaxXGS
C1NPpDamQsd5sTBulvJmjBC3LvlKquINi9gElvrKgmYLx0YARggRhaHlpm2Za2hsAhrGjxvP8v8f
GxMzjJeSP+C4C7ofu+n03UdNmnrRsd89e8p2u+zt9/VsciyBnc5m4zgKLUU2kdpW6AlD1e02Ln01
K2GwAanZ3jpFnLj2Mkkxm3o1szIbjWoFtZmevbpHcvLwKOm+5EGiispbohoWGNzYCCVbdgrpFbFG
bIfomET83kuIuibItyDqBmENGlldIc0ZqtgsmeSxMZhS6C4LOvYDSFZa9VrEShRavWX8Gajq6ao9
JiZSP+nV7Iy6LsaUJJM6yXLUvqMyII5wGKgUaM4NYt5bj3DarSfwm3++gi9PPZq13RvIpnKUigWC
OCLtphHCxnFsLDulsjOWDdjKkbQAGSXfG8eaQ6Lvk/HVFPlMadCEkWrkFUcxURQRBAFhGBJEEWHg
V70CVNtSYQmE7SAiqQXCjZci9eUUhk1fnez6+lZlGvQ1ETqlo0OrRF0OQ8s3/Z30vUq8JqqGH6nX
HU2oU0WlIglrbUum0tkMkC3115uI+h8+/pHGBKDuRSkL04X40s57f/H3XzvlnLb2jhFeT9f6VDqd
ASFkHIVCGBRTSoSwVMsMaij1EmIhTasvbURUhzmxRUhaBSbVYqFmimU8F/3ZGKOXYpiiaugIQj/h
RkWsWieDzqRUzRkasFSmR5gdxxG4DTiTZxO8+wIiDIn6NpI94iekpu1HtHkTdjoPcZicg9IT0exg
9AospHLpdabHpDBVQsvU9xh3WvEhkkdbmvM3J09NRsT8UGcSxyaE0TgF1fNFX1eVGo2whUMpKNGU
a+b1DUs49oovcfyeJ3PsLiewoWc9TXVNWI5Lc0sDtg3FkqRUKlAu91MoDLC5a4D+/l6KAwUGCgOU
igXK5RKhbhmqmm8pMCUWQmV2bBvLtnHdDNl8nmw+TyZXTzbfQGNzE3X1DaQzeTLZPNmWHCDwKmU8
LV7t+x5hEGK7Lo6bwraFFqpOLocOWfQ1MVBLjL4P5lmQCO1hVK9ejSxBzf6MkTZm2HhSEGNJS+vr
1lhzab43Njx+C3AKm1dayS7+weMfZUwEUHfUHUu96UKcOOtL//pfR598VtZ1Xb+vtyudSWelrA12
pURGesKIuFpWYpl4UwNXQqKbNOjNzMqpVgzj7oLGO7bYTiRIvPFYkFWYUzHGzX2rLtcmrjeNuQ3Y
K6W559W1Wz0wqv6GKMCaMBOcNPbOX8TNNlG5+2ysIeNwhmyD9CvgKrIb0kpc8QTgRGKq8BLmphkS
zXUSSQxuHmxpltiEYKIMr0BU5QfjalrYeDyJvKKsnktVkkidoeO4lLwiWTvLis53OfT8vThqxte4
8oSL6CrD4FwHfX3dvP/uctasWc3aVasYGOgl8D28conI96hvqKOpsZFcLktzPs/QhkZcdxCOrVpd
uI6jGr4LJS0RBgFhFBJJSRiEVDyfYrGPgQ3r6CoUWdLTQxCBk8phpdIIN0tLWztDho6ifdhIGpqa
yTc24dg2xVKBYv8AURgrIqDtaOzKPA4GN5GJUTVpchVqGUq+SG6PYQFXnZCauh1ZDb2liBMvKKYm
zKym3gCwpC0BwjAIgbhu4I3PRYgD/xhjIoD6UbOO9+/86nanHHzsKb/6yrd/KrzSQORVSm4qnY3D
KLAsy45FrIpeEUJYQirKpV5FAWQsdBq2usKqia9DDdCTWYNgscSWyitUq7ZZYtSkVClmk/LEUE5J
9D10CCE0Op+kMBPuR4KmJPhJFTLV1cGxRAoli2A1dZA65jc4Y3fBbm4n6nyP0k2nUf/dW8BJQxQi
bFuvUMqrMpM66c+rQ42YeIsCyFjqPr+ihpwGGOA41iutIvgJrX2rzr0GSkEtpyLZFh3ig9RVmCrF
GUUxhVKJhlw9RQY4/uYjOGy3ozjzixdwz5w5rF7Tybo1q+nv66G5sZ62QS0Mb2+jY8o4WltbaW0d
ROugVrK5/Kf6sMkopLu7m01dm9i8eTMbNm5k3boNrH3tKV58fDOBtKkf1EHbsNGMHDOe4aPHkE5l
CXyPUrlIpVxRi4ad0s8CyaIjoNowDu3HGuKbvifqZgnNjDWGyIQwJkKq8R4NfmIMUxIik0BacRRZ
fnmgCHivrnnPRsEF//Ah/uePfOqj8eCDv1t5+OHLTjn030779T9982dBX/cm17aF7bhOHEWhZVu2
agMjzHU3/Ak1OU0lscDSwKh6X9WtkIQxAgtbaMQ+aZ1ZW5avww+psQ3DS4EkJZuwTdHGRwilv2oY
pvp7hJ7MQnsjVs22JhQyxyYskwkCkc4i/LIirqUyFK/4V6x0nrr/uBbhlcBxagyjZvvq9LAq5MPE
ZNXMlr4+lrKRyfEbbyohwWpHK+nNQ/V3w88wfzTZCSlB2OpKBn6AHwQ4lkU2n6e+zmHVpnUc/asj
efW1RXxz6ndxY5v6xnq2GTWSKVN3oLW1lZbmZhqbmj/wYARBWG1iVjNqJS7N3U4yNZDMMnONas4W
ELiplC6CrI5KpUxP92Z6e/t4++23efX1pWzo6qWrt0TzkJFMmDKd4aO2oaW1nSjwKQwMUPE9EALH
TSMQhGGgCHqJFyKS0MSkqQ15z/wOCvCNtRFRlH1Ly4FSzSTFmqZvFixLxHEUWwgrsCzbvfG8k99c
umDucQ3bzljR/8bzBT4HNTr/28ak/qjf3hHeedpXTzj4X069+Kjv/Dzs797k2rZl25YtVRZAud9S
qIAkqUfRHoKRJlSrf/U9S2MGdk37UYNVmNoVI5OoMsIyEXFWxkNzQzSol4Q6QugmUNVjMd6KZRnG
JFiqr2dSBWxWn0RWUZBIIpAcM7oPraNqdywb6RUoXfJVnO32IX/02chCN5ab1v6NMhSW8c5EzTHp
ITR+Up17VdV/dUxWEtYkm2kX3gC0mP+NN2ayGlLi2Da+H1LxK+SzWeqbcwTlkGXLlvHiCy/xxAsP
Uezr5ah9jmLqLjswfsIEmpqaqH3UwigkClXzd9tWIKilpTsN7f/TGgq0jbf4J4TQOIuTPC8Age+x
9v01PL9wIc8vfImeSoSTb2Xs5B0Zv/3ONDU3US4V6e/tRyJJZbK66VechD/KaBijoolwoLo/ausd
E0NsKVq99k5iU7ZQg0slHQp1Wby6Xmkv8CuZK3509DPrlr9+fHt7e3Hjxo2b+RyEOv+bxqTh4O9e
6j182feO3OtL/3bdcaed7xT7u23HdS2FO8RmjqoJbBmnRFlzSxpPwRT2GWKYIGkrqtOzls72VMV/
tmTDmhUerMSbMW6mbVLKAoxOiEjmrmHbWtojADOVLUttKzHHVlVE21I2wMTD+rs1sGxbNoQVRLqO
eP0ySr8/jvQXTiW37wnIgU2IdA4rlloTRO3XqsGIkoJGHXYZMp1MroHihhjJxaS6QL+uGhZ1sjIR
PdLeiCWI4ohKOaAun6KxMceGzl6ee+avLH7xRbzSAJMmjWePXWcyddqOW9x4z/eJo0hNYG0wbPuj
8SW39lL+5yH4KLbINOeKY5XxAUil0lt4MKtWvscLCxfywuLXeG9tJ4OGT2LqjNmM3mYCURDQ09Ot
JDEcF+K4xpMQmshmVPlJygHQ3orEeCsKK4lALaIaY0n4Otp7sW039r2Klck3eOtXvp26/uxv3NG9
ftVp5PMhxeImzCrwDxz/W8Yk1zFtGutfemnnHWYecNc3z7qmJfB9YcnYsV03lnFo2cLWznckbEtz
OYWoqoNZZoKLJNY36VHzntE0VRM8ToyPUWzHeAq1NHdMaGMwBON5VL0VlU3RHgtVYyNAhzZKXUtg
jIgJdZQnYOLramWwpYsUVXRtY+k0qK1CnroWolfnUrrpB+T//VJSO+wLpV6Em8WKI5NvrqkiJslG
6c7BmIZlqqxDh0H6jquozxD4tGsdVz+nUVkALcgd4Xk+2WyGxqYMq1at48G/zOHtpUsZOaKD3Xbb
ld123Y26+noAKl5FXQetPWNZ9od6Gx/FUHxcL+WT7DOOY+IoItLU+ZRbDY+WvvoKzzw3n+dffg3P
aWDqHgcyeYdpBIFHoa8XYdvYtquyTaBCm1gVDIIyXBEmnBRbUPpj7QaqsEjjKpo0GGuwTlgWXqVM
46Ch/oK5t6X/fOFpv5Kphispb/aAHqiJSv9B43+DTu/S3JwpvPdeS8eYidcc/+PLJmZz9VEceK7t
uHEchZYlbAVBCYWPSL3cb4EzbBHe6DABdDrN1KzoFXkLI1GzPWCKARM3X4OtQgOKwky2apykDJis
ekDJGrAVvqKOY4vwHvPHxCiZGWyMkaj+jpQIJwWVAZxROyJsm8r9v8adPAu7aQgEFXCUwJYBe4U+
hwQ+gOQEjMMhMeCtPn9b4Pl+1WNwXNUfyHS/0865ZdlUymWwBG1tDXRt7uXG66/jvrvvYsTQNo47
9p854ogjGTt2LAiB7ysORzqdxnGcxBMxY+tJXK1k/tv/Pu74qPs0pRS1xseyVMbIcRwcx1HcFN8n
iCKGDhvO9F12Ya+Zu9BaZzP/0ftZuOA5sg0tDB+1DVLGlItFLNtFYGmdEl2+INQ9qGZ6qsY6yQ6h
wXXtXcrqMUqEJSWxFcahzOTqeWHuHcHKpS9c0zp0+qpS32pTjvIPH5+1MbGAxonTDowGNq058+jv
/frIcVNmVIp9m9NuNhvLKBK2pStYEpVkkjmMvgHGI0GayarftaoGQyr0EaPSbtWk0zAGybI0xqGm
mdAhSGIBjMES5kiSZhpU1VLNvmomKphZrAhvevkX2qCZc6k2IteeU9L4W28vNJBru8hyP+7kPYm7
VlN57Grc6YcjnAwyChDCMV+nQzSq52nmRpL91RkuVKozCAIqlQpNTfUMasrhpjP09ysluVTK1axL
ZahKxSKDWluAkNtuuZ1bb7iOkcM7OPWUk5k9ax8GDWrF8zzCMMTRKVvbtj/gHZhJnHTF+xyMRDSq
xshsfdy2beO4Lo5tE4YhvudR39DE+AkTOOTgAxmUEzz+wJ288soSWoeOZuiwkRQL/UgpsW070VUR
xvvQC4YBpEwmB2GeGRUOJYZGHyqWkDKKcVLZsFTsd5+7/4Y3Nq9fdVvGjvvK5f4SnwPwFT57Y5Jv
m3VUtPqZew+Y/eUTfr7PV060i72bHTeVtuIoFJZlK9KfbnVR602gQ4QEUEQkbr0USQJDT3SZhBiJ
B0JVzhAtOm02UJ+rLbwyKVVZNSaxCXNUuFBVJUvcFu3NqFdmP/oIawyQxPBZzONhjKOkakzMHo3x
wrKRfgl3hwMIlz5B8MojpHc9spo60MeGPmdpsl0mO1MzZ4WlUpOlUplcLs2QtnqWvLKUSy/9PXEs
2HHHybiuS39Pv0p5xxAGIR1Dm1kwfz6XX3wxtvT5wfdPZf/99yefy1GpeEgpSaVSOI5j+h7p8/tw
7+LzYkj+1tj6uGvPx7ZtXNcljiN830dYNuMnTOTwQw7G63mfuffdwdqNXUyaMh0klMtlHMcl6TmN
rmA2vBIMhqJXg4QTRWJcRLWKVIRBINL5hnDt2686f73n2kcDL3q4XC5HEA7wOQBf4bM1Jm5j46hM
96qXmzqGbXP+kd8+c6KbyYVxFLi2ZZlMvbBspGU5CKQQiXdhvI+ayW1WtVpjU3UhAJLUbAK0klBF
Evq9ujcmh1wFS2tRSEsbLNAT38ALQiTHZuo6DMCLZQyepMaGVb0cHY7UmDCNYZhsC5gUNjIGy1b7
lTHOlAPwnvwj0fq3Se34BWToKXxF1hgShMmC6WtlYVlKKsHzfBzHZsiQRt5fu5FzzzmHm67+HW35
Mg89cD9zH3uWtiHt7LDDRMJIZbly+QyXXXo58598nOP+5WiOO+5faWhspFwuY1lW4oWYYbyOz5sH
8nePrc4HqsbGdV0EEAQ+URQxbdou7Lnbzrz50l955IE5DBu3Pa1tQ+jv71VdCWSN95gMUQ1Pk4yZ
9lKk8cnVgxlLack4ktl8g3zh0du9NxbOu7Fx1HbLvL61ZaDE5wAvgc/OmAigLj91piyvWvaV/b92
0rem7H1IUOrZlHJSadSdQsQyIg4jEasqMt0/uGogqtjHFhFL4n2o12Z11g+woR+bCWaMhd7OqLMh
qHoBCcHMqvkOY3BqJr55D+MZ6K2E0N5rglpuGRIl4ZPextLa+1Txner/VYNiWQ5EASJThztxT8oP
XITdOgx71BTicgHhuolMoHn8pATHdYhjSblSxrYd2gY30tdX4He/vYRL/+sshjcLTv/esXzp0P3Z
e/ep9GxczZ+u/yNzH32WiZMmIayYX/7kJ7Q15vjpz37C+PETKBQKWJZFOp3+gMHY2nj8nzckUH3g
+GCYZn4qXMihUqnQ2NjMfvvtx+A6hxuvuQyZaWDcpB3o7+3BdlImNUMib6DbqyZcFL1QSZOmt4Qp
XRZSxthuJigO9LhP3nnVsu4Nq/9IWg5ExWIBhZf8wzM5sIUz/KkOt66uo7FQWJ8fMnriLd/5za17
5Bub/cirpOyUGxNFFqCALtshqaCCRJNDEmGr7mbIOFSpU2Itf6gJZwIQFo5l6Zx8rFKPic9QJboZ
a2BTDZ/MpLZqQhUhjIejLo6ViD+r9C4WWIZDJcQHQGLzUFgmy1STKga16pu0dNJQrOYzItkfSYhH
HCLcLHLzGkQqhdU4GBEGymgZQyVj7SlYVMolbNemfXATPT193HbLbdx/502MH9nC14/7MpMmjqW3
r59isUjKdRnU3Mi69RuYO++v3Hbf0wweOobTTzuVAw86CD9Q2qvpdFodac0q/XE9kA8DPbceH7bf
rbf7sNdb/+2zGh927EIIwiAgCEOy2SwrV7zLz35xFqnh0zjgy8exedNG3FRKiykZW6J5J9rIJPqx
AqQUMtI0WykRYRjIfGNr8MqzDzl/PPOEq1Kpust8v1ABNqB6e38uxmflmdRnO6ZJr2/Vfnscdvy3
p+55MKVCr+26KWQcCxOKVAoDoljoxauUCDyPOAyQxESBj+U4BH6ZMPCwhE0cB1hCEEaKOSzjGBkr
4lPge4kcYxQonZg4irDsKksVoVXWEplHWU0DY4heGt+ocX9M2XgVj6mZ8Kb5lP6XhB3SYAVyS1eK
mtAscV1MMpcEozFcFYWroPCTyMeqa0Fk6yAIay2OXjktPN/HDzwGD27FsRxuu+12zv3FT+hd9yan
/MfX+MbxR+n+QX0gIOWmsS2LDRs6aR8ymEwmzZr1/Zz9q3PZY489GCgUyKTTqvdPzSSqBS8/zvgw
0BPUjDH8k61X/w/b7sP292Ggr9n31obpbx3XRz2HD8NVbJ0F8ioVWloHc8jBB/HXh+7kxVeXstNu
sykW+rFsl2ravUaegiTS0TU+SfSK9r2jWEr3kRsu2ty55p0r7FzD+sgvFYAin5MQBz6b2hwbSPWt
WuSk8g2zJ++6b1rGcQVJRlh27JfLVkNzm3xt/qNiwdzbaW0fQRSFTNxxBql0hp32/AKWZVEs9FHf
OAg3laZc6COVriPwPfJ19cgwQhLjumlFl3ccLCnZ3LmOl599jLrGZkLfY+8vHInvlbGwsWSsOFii
ZtJKZVBM9qWqdBUbWlpSWay8J6GkBQxjzeATxncRWkpE1GhcSCN+qFmpUhIbVqxOCcbaSBndE1Nz
ow9AiR8JB/yKAkgttaLZWpHN9z2iWNLS0ozrWjz04APcdN01uLKfk47/Evvuszde4LFuQxeO45Cr
yxOFIZYlKJXKjBg5nOdfeJk/3vY4v7vsD2wzdjSlUon6ujqMQLQZn8QD2NqDiOM4Yb5GkaLRO47z
Nz2erbGLrff7Yd/1YenoTzq2vh6155TJZhVAKywu+d0l/OiMM5hzy5Ucdux/0LVpA6lUFikj9B3H
yCGYMFXhbyqPL4RF4HsyW98s33llPm+9+NTjruu+5w90ST5HWIkZn4UxSQ0es73VueL1trHb7rN3
+4hxslQq2LbrSiljIeNYOqm0eOe1hewwY3923f/LRH6FNe+8RiqbZcn8uaxZ/gZ7HPRPvLHoSda+
9xZ7HnwUG1YtZ8S4bVn28nO0tHUgLEFpoI/Ar/DmywuYvvdBpDJZNneuo1wqUNfQSCZXR7E4QCbt
6JSbSZLqVJwSKFFhrMYeTMhj1LhqDYm0jA/9BMkAACAASURBVMaFpktrboqBYhWnwNLgnTSATLI/
UJoWlsHWtOanIr0pK2IeLJMFUqJHyvBI2wGpyWqWg+f5RFFAY2MT+XyK5555juuuvJxC9xr+5ejD
OOzgA7Btm86uzdhCUN/YSBRExHGI46Z0iriR5e+u5NZ7nuYPV17DiBHDqVQq5HK5ZLJ/ktDmvxtC
CMrlMkEQkMvlcF0X3/eThuZhqLRFVBYlTryXMAw1tVw51uaYoihKjFEURViWheOodLgZrut+YgPz
333eZLiiMKRYKvOb35zPKaecwhMP3M7sQ7/K5o0bFA0/ijCq/4ooIPW91b1yTO2VELGMYmvBAzf3
+V7pwXy+KQiC3hJVcfbPzfgswpy61qGj3L5N63acsveh/7LDzANTlWKv5TgpSxdsCRlH8oW5d4mB
nk288+pC8g1NLHv5WaIw5Pm5d7Pt9L1Ytvg5Nq9fi207vPHiXxno68GvlHn4tqvINzax5t1lOKkU
PV0bCLwKbyyeT9uQEfT1bMJNZxg+ejxDRozBKxUUKasmpQtgskVmwut2O5gm00JIYlHFXZAqTKqG
I/pmI7TmiNwizStMiKIrmc13J+Ct0O9proyseSxU+lsbldrnVoLtWERhTKVSIl+Xp3VQE0tfX8p5
Z/2Ch+6+kcP234Vf/uT7TJmyPX39BUolj1w+i+umiDXAbdkqy+M6Kfwg4ILf3cTpP/4l206eRKlU
IpvNJjUs1ev16RgSIRS5zXEcbrnlFn7605+yePFi7r33XqZNm0Zzc3NiEFzXTdLOhgAXxzGO43DP
PfcwYsQIcrlc8tmHHnqIKIro6OjAZF2iKErS12a/5jhqj+nvHR/mARmeiW1ZRLFkv3334bY/XkGc
bmXYqDGUikUsx1U9fDRsovE0GUstiGFZ+F5Z5JrbwqWLnnAfv+MPc0QcPeB5pTLQjZI7/VykhM34
tI2JABr82LbDcv+Bux30zwcM32a7OPDKtuM6REFAOpMVA71dYvmr85nxha+xzXbTSGWydG9cTSqV
obltCHsf+jXmXH8R2+86i8D3ae0YTl1jC68veobJO+/O6neWMmrCdjS2thN6Ffp7u2kbMlxNfMum
0N/DtjvNIJ3NKXfe1mnWBLEwmIWp36GKTxi8IwFCdeLVZI0swyPRIGpNDKwinwRSxQgIJiDwFlkg
qoS1ZP8GSqlhryYZQvXQe+UKbsplyJBBrFq5movOP4/b/3g5u04ZxTm/OJ0995rJwECJYrlCKp3R
2RddlKABWmFZBGFE66BmLvvDTUybsR+HH3YohUKRfD6/hSH5NNO9Zh9BEOA4DnPmzGHXXXfl5z//
OYsWLWLZsmU4jsN9993H2LFjue+++3jssccYMWIEL7/8MrlcjkqlwnPPPUcul6OtrY358+fz4IMP
0tjYSBRFDB48mBUrVnD99dcThiHt7e088sgjLFiwgKVLlzJp0iRs2/7UjMmHYTMmhLU02S2dzrLj
dpO45qrL2GbHvVRRam3Ip5/F2IjtCCHjOLYsywmjUIo5V521YePKZZfbmYZ1cVDpRWElAZ+TLI4Z
n4Xcm10udQmgo3nICCeWxLEUIo6FCONYuJk8G1YtJ52rZ8JOMxk1aUdiJOVyiXKlhJNO4VWKOKkM
bjZH96b17Dzri/T2dFEc6GXsdjuz7NWF7LTnQdxz7YVEsaRz3WqkgO7NndipFL7v0zZ8FBWvjOU4
IHR5uNChjaWlDC01yWLjCViKnJb8DZBa2k8KoXvmalMiLKSlwhZpgbRs9XcVg6BhXYTeLrZE9TPC
bK9fY0hKCg+JjRyhqP4Dm0hK2gYPplwu8+szz+G0b/0LdXIT11x+Dj8+/VQsx2Xjxi5S6Qy5XD2O
lQJL9ZexnRSW5eC4LlEMra2tzH/+JfrKcNxxx1Iul8nncx8AQA1m8mlmSIyBqqurY86cOVx88cW8
/vrr7LXXXpx33nmk02nuvPNOVq1aRS6X409/+hNPPvkkCxYsYNGiRTz55JO8/fbb3HnnnVx11VW0
tbWxYcMGFi9ezFNPPcUtt9zC5MmTuf3225k/fz5XXHEFjuMwb948FixYgGVZBEHwocDtJzmnLQyK
9qLS6TS+7zFx2+05+ouzePL+m2lobsH3Pd1RzgJhq6DasmSMQFg2YRDIbH1LtOjxu8RbLz97r5Nt
eCso9VZQ4usVPmdeCWjMRIJ4eNy41Hj9x/eD4CM9OcNdV74fBGL4qlVy8fDh1jOl993HCql612kW
K9KitSFfL62gLF0ZSivwSEtJWOwVLS2D2H3fI6j0bAJiMrbDzrvtQyqVxXYcMnaaQ//5W7y39CV2
2fNA6jJZdpiyK9Om70k2X883vv9r8pkMhx39TUoDPcw64Egcx9byfDkmjJuMLJWxgkBldCKSFG0S
1iQZGapktyRFyxbZEomp0FXbCt0gXH3MZH/0n2yhcRC1vQqLpK4O1h9KiuwMuKv2G5vvFyTIjgl1
VHMqi5tuvJ77b7+B7Ua3csmvf8jUHafQ21dgzdoN5PJ11Gdy2rOwwTUPuKM0QWJdqRzECMvmocee
5bjjvkkmk8HzPGX4NDYBHw5sfpJRu4oDBEHA5MmT2XvvvZk9ezbjxo1jxIgRnHjiiXz/+9/nu9/9
LmPHjuX000/n4IMPZv78+UgpOeaYY3j44YeZNWsWra2tvPLKK7S0tNDY2Mibb77J+PHj+cpXvkJ/
fz+vvfYa++67L4cffjjd3d309fUlBvKzOL8PM8au6+D7Af/0T0fx+HM/ZsW7bzG0bTCFwgCO6xJL
KSytvWsLQehVRGO+Mehe+256wV1/eLOZ+Ik6KVOZdNqfmvas/fMd6Qmp9fFwd5z8qHPVjOHuKgnj
eD8IxFOrVvlnfYq4iwP6mV++/JP1LH3/fYAy+Cn8dSlSWbyGQaJc14KHJWzHkYDwpaR+3FQVE0Yq
3ZttaqfOsRFaUao78Bk2fTaj9/gCcRQw4JUZvONMTF3NmLGT6fUqTD7gSIUB6CI1k1a1EZQCHztX
p5TGRNWYJHoo2mgYu1DbAByr+rsSTlLehdDpZLV6SGN+MA5PrD9r7q55LYTBV0i8laTYkKpBSoyY
YUICtmXjeRVaBuVY8PQLXPHL7/G73/yAA798DIWBAu+/v45svp7GpkZUI2yB5aSr6UsD7okY1xUU
igUGD27jmWefI5VtYubM3fE8bwuQ8+NMso/CHdn6s+Z1sVhkm222Ydq0aQB0dnbS29vLhg0bGD16
NDfccANDhgwhDEP22Wcffvvb3zJkyBC22247/vSnP7Fs2TKiKKKxsZE5c+YwceJExo0bx9tvv821
117LkiVLOOyww7jvvvvo7+9n48aNjBgxIjkeYzw/C4NSO2zbIQwqNLUM4pB9d+f+hU8x7Os/pCLX
4qay0lDuDSAbxZH0Lce59cZLuta+v+J3wJvd0UA3sPFtD+7sX6/3vPzvPMq/d7v/fgiAZydOrG9o
zBxvC3tkDIEQsR3Hmp31Pw61ekpiEQTC7o7DBklsvTzg7zVq9mHj83UNURSGdi38qNKpanVUQGWc
qKKrKMHWvWQjhFDgm9HXtIQiqNmOSxj4SkOkZjIaKUHLUo3EBQJpGf5IlQBfrW/BQBlUH6kaLMMA
sFVHoSpnIEiMSbKlfl9q7oqSTqyuyjW2AoOVqBodmeA0aIxFSoltWZR9nyHNLdz73HwWiAEuOP1f
efudd5k840BFhgpDbDeDZdtK2V042pBYNb1llGxksVhgcGsLF150ORN3mM4RX/oSvu+RTmc+c0q8
mWQm6/LKK69gWRaTJk1K9EVeeuklpk6dihCCu+66i0KhwOGHH86wYcN44YUXcByHnXfemYULFzJm
zBjmzJlDuVzm6KOPZv369YwYMYLVq1fzyCOPsNdee7HjjjuyePFiZsyYwdKlS2lpaWHUqFFJtufj
jL/nehhjFYYhtmXx3urVnHXK6Rw5fBvSmbQMwkjYliUjKYVj2XEYBMK27ai/Z5N495kHV29fl1vo
IvzmlNPvChGmLSdwbRnFfLyDUWSHmDiW0rZsS4ZBfxSWr95pyfJNJvfwsU9uqyEAXpw2YVLOzT1X
77gtfhzjCFtphH6k45WJ+246p6leSpLywICUUYC0LGFJGcdJMW91dTKaoxqzUkcUS1VYpyeUEYje
wn2M42pGxlyw2qtiqIbCHGU1cKjqqX7wYsja3wyTiA9e6epnZQ1QuuVl4UPukKAa7SSJaim1JpHQ
10Am+7AElMOY9myWv6xZz6N77cYNl/6GNe+9SdDfRcek3ci1DCb2A7AsbNvFtlyEVjATyXWWBIGP
EBKLmJ/84tf86Me/YNSokepB30qs6O/1TOI4TlK6oFKxJqX7aY3aUOzjvFd7zPDxjcPH9djMMNfH
q1Rws1n+8xsnsOecO+QOo0aK/mJROrYtBEIiVTmglUqJOI5Ftq4xoSKYKnRDF6hd+j7OsZuG834c
4nvhrCmLX/vrk+Ds8yn0K3YABureXs7m7ffodb3BroxDYactR3gSMv/txjZCRgTCDl1Zij27M/RS
SweCtpJF9pmuTV+cftwPvzJp2t5hpdjv2E5KCBlLJcQcC5VKtTQlXnsMelWufRSScENfO0skwUVV
39S0uDBl/wjVq1e5MjWVuKJK1xcikVFMQhF12RXXJLYwZFmReClUv0OY9/SN1vR588kqgwB9bMZr
EVqhXlmUxGMxXo85P4HiGlgC4XmIwa3EDz2Mu+RxLEsyaORkwlIv65Ytoql9NK1jtiWVqVMKXwrG
wxI2wrGJoxALQahbnL6+9A0yuTqampoIw3DLLMQnHLZtf8AwSSkTTCaVShGGYWJ0TPoWUPyMKCIM
w+R4zGeklAn/xHEcfN/fgnfiOE7iVfm+n7TEMCll13UpFos4jkMmk0m0W8yxOY6ThHpm367rbnEe
H5cpa/afGFzAljFjp+8qHxXtwp91oOzp7ZGOm5ZRGFi2bUWe51mP/On8Tdl1q25qy/SvHRSKTWPr
Mr1tWbc0GMdPp1JxRCBsXBl9SPng3xoyrEjhZEQcRXEQRU7WjXttz34L4NMwJKCNyT5PE8Lry4Bl
n3B/FtCB29xMUGm1ysEh7eOmpYo9nbHtpmwhiJFSrRsarLB1fKFVTYyuiRZAMo2vFMfDElV+R4Jx
6M+ZlK7BNrfELczEReMmVe6HEX2uxTpqMY1q+GPwliol36ivGWOnwqyqwTJhVG0IlYQRAizDfhS1
3210a1WbBMu2kZUStLci31wOi+eB7VLs20Rr+1Dqm4ewccUbrHr1GZraRtI4eBT5lnalJyslURjg
uhmkjPH6B3Bsm/fXrKWtbTB1+TxRHOK6KeDvX7GBZNKvWLGCa6+9lkKhwKhRozjxxBNxHIdsNguA
53lJnU8qlSIIAjIZtWhFUYQQIvlsFEXJe2aYcMgYoXvuuYdp06YxduxYnn/+eRobG+nu7mbq1KnU
1dUl+4miKPk9CIItSgTM9wVBgGVZWxxPrZfzSUK/xKAISw5tbxWP53tk97gd6du8UdipHL5XjvMN
LfGtF/8oXLjkxeuBB1F8kvXAAJ/ShP8sR8KAvQPsNhBPAbP/jh39Hqx1kH4dUul6t66nl/Wbl7/a
H/Z1tdthEDpIiaKBSdWjogpcIrSeiGaOKTijOpENaFrlhFQB1eRzouoRGKNU9Wa0LKKZqFS316iH
JquR4BZCbGVcLIXtqM/WHLewFGVeYuizbAHEGC9GKDxH6JYSgG7ZqWuCzFFpQ5P0/rEFslxBVgLi
SikBnAe1DaJcHMBy0ozcfne8UoHe9SvZuPwV7FSapvaR1LcOI51vpFjop1IuU654tLa1YFlqAtmO
TeRHCRD5cTEE+CB3ZMmSJVx44YWce+65/PnPf+add97hD3/4Aw8++CCDBg1ixowZrFmzhq6uLtLp
NJMnT+bee++lvr6effbZB9u2eeqppyiXyxx00EF0dXXR1dXFmjVrGD58OJMnT6ZSqZDJZFixYgUn
nXQSP/jBD/jhD3/InDlzmDFjBkOGDCGdTvPqq6/S3d3NrFmzCMOQRx99lJEjRzJp0qTEoPT39/P8
88/T0dHBlClTqFQqzJs3j+HDh7Pddtv9XdhK7ai9tvrWinw+J2WxD8srY4ehjL1u0dLSHj5y88Xu
wvuuvyWXTj8de55MQ6Ud7HpIHQrW7E8h8/IUan7PVgHTp5peTozJV2t2fNYn22eZ7s4A6Hn79ZeW
dXauGzxk5LioUuhzHDclpU5xCr0uq4kpiPRPIQFbMVGNAJJ5LTX1XRkc47mo2S+1BIEl1SSWlgI/
hQUhEhmGxDLGEgLXSWM7RkPERkpVFKh59boEXPEELMchjmLiMMBJOSDsxIuJ4wg/jnBsd4uiQt3K
WGucAEilKxrHuG5Kh0Nan9WAnlZVK1ZqzEhR6C2kE4LjEqJkBaNI8uz8Fzho/30Rlkt3z2ZSmTzD
J+9KHIVUCn30da5hYPN66oaMBzdD1nVwmhpw0xlqxLz4pLjbh5G2Ojo6OOaYY3j66adZv349V155
JTfccAO+7/Ozn/2MZcuWce6553LRRRdx8cUXs2LFCrLZLLlcjsWLF3PDDTcA8Oyzz7LTTjtx2mmn
seeee/L666/zwAMP0NHRged5zJs3j0svvZQ333yTt99+m2HDhtHb28v69evp6+vj/vvvp1KpsGrV
KgBWrVrFvHnzOOKII9h1112pVCrcd999rFixgpUrV3LSSSfx2GOPMTAwQEtLC01NTXR0dHxaYLSU
sgqZxcKCVFaWyxWrddho//lH70o9dPOl81J1jfeVCgUf2FCB3j5FUPNe4hPPy2R8WvvZenwWpDXV
lNxOl0p9nUvee+VZ6diOJeNQCikR0hRex0IQK5EhqVK+xBEgFSciinU9jQQZ6Y526m+qkjdSP6X+
fCwhUvQvsy+JJI5iLGzy9U20tQ9jUFsHtmsTBQFxGBB6ZYgloefhlQtKZTyMCHwfgUVQKWMJqG9q
ASkIQ49KqUjo+9i2Q319E0JAHAaUS0UC3wcpCYOIsFJRFdFBSCqVpr6+gSgMCb0Ar1RUxCVdR1Iu
F/E9T/XCJUZGMVLqa6ANEVIShiF1dXnu/8tjHP6V41n6xjKaB7XQUJen0LuZQqmIW9fM6CmzaB8/
jSiKaW5oIJvLqmsV+tTV5amUyxqb+GAJ/8cZW4dGuVyONWvWcMIJJzAwMMDJJ5/MVVddxY477siY
MWN4/PHHWb9+PUceeSTHH388rutSLpcZO3YsjuNwww03cOaZZ3LHHXcwd+5c3nzzTaZOncrVV1+N
bdu88cYbCbZx//33s3HjRubNm8e6devI5/N4nkdPTw8PPPAAxxxzDFdffTWTJk3itttuY/r06di2
zZIlSxKa/ujRo5kyZQpCCFasWMHQoUMJgoDx48dTX1//ifEkXREtpZRCKBdUlsoVkc7kpFfst5rb
OrzXFzyauv3SHz3vl70b/ULfAESb0EaE/wPhjRmftjGJUCdf1BDcay/Nu+/9YrHPtt10FMeRkJYl
o1jqchSh+rli0ql6nTTxjcnIGFhV/111ytRMVWnqa9XWhuiOsDQA51Do6+bBW6/i9786jZsu+xWb
N64nnc1i2Sky+QZiKclk62gaNJgoVgLLmUwW3/doaBpE5/p13HrVhURhQDqVpal1MJl8nvVrV3P7
Hy+nVCwgbIeW1nZS6YwCBFMO2Xwd+XwDdfX1vPrS89x541Xkcnlsx6FpUBuZTI4gUhO6sWkQmWwO
x03rjI4KwZR4jkUkIY5i0q7DwMAA5/3qDA7YfzZn/ORcLrviOl546WUaW5ppHzKK+lyaSrEHISzc
TJ4o9AnDAIQk8HyGdrSzqXMjAwOFDxTyfdyxNRGtp6eHIUOGcOuttzJv3jxmzpxJLpfDtm0mT57M
F7/4Rbq7u2lrayOTydDS0sJhhx3GnDlzuPfeexk2bBhPPvkk8+bNI5PJqFagQD6fp1KpJKLV9913
H0OGDGGnnXZi5syZPPPMM4kerRCCfD7Pxo0beemll3jrrbdobm6mUqkwYsQIJkyYAMDAwABXXXVV
gvf09vYyfvx4Zs+ezY033shrr72WALy15/gxr09iSPT2oqu7V+KmrcaWwf5br8xP//niM14t9/dd
Y9tWJ9CJwkqMMfncMV3/1vi0jYlEGZNyFHkV2051rXv3tfmv/fVBK1/fLAPfUzCmQMpYYEmhu13q
GlythWkMiOnSSaxaLZoWi0IYj0WDqpLEuKjm0AqQjaIQO5Wie9NG7rj2QtKZLMteWcTVvzmDYqHI
pg3vs3r5m1hCsHrFWzz/5MM4boqBvh42rluDbVtsWvc+Pd2dbN60kWyujo0b1jL33j9THOgnljGd
G9ZiOy6B7/HkI/eyacM6MtkMmzs3su79VSx89gk8r0KlXKa7ezPFUpGNG9by8sLnWL3yPTLZOnzf
Z/ELz7F29So2dW5U5DPT2AlU3IQq00eA69j858/OY6edtufJp//CnnvvxSmn/oh99z+EU085mQcf
nqt0XgKPMCgTx4GqUQIKpSLDhg7B88r09PTgOE6STallhv7NG1zzXu1rx1ER88iRI/nSl75EPp+n
UCiQyWQ4++yz6ezsZOnSpYwbN47dd9+diRMnEscx2WyW119/nVmzZnHUUUfxk5/8hKVLl3LTTTdx
1llnMWPGDKZNm4aUkoMOOoj29naEUNXGJ510EnvvvTc/+MEPaGlpoa2tjYkTJzJmzBiOPfZYFi9e
zB133MGkSZP4xje+weuvv47v+4wePVrXzKTZfffdE5KcZVksX76cxYsXs++++zJy5MgkI7S19/YR
DUutR6KDWOTiJa+KEZN2Ct9e8lzqpt+cuqx7w7rr7FRuYxR53ai2FUU+p5T5/2588lzgB0cWaAQG
p1K54b5fGj9i4o4//PpZfxqazuRjGfuO5TgxcSwEUtiWJWMZC8tSdDLT+1YJoWlQVnNRLCRYtgZP
a7MtIlkhDTBq2zahXyHf0MjKZa9xyU++wZlX3sf8uffy7GP38E9fP40/XvxzdthlL7aZNJW/PnwX
vldmyi57scMue3Dz78/jguvv5VenfYOdd5/FmhXL+cKRx3DrVRdRV99AY8sgvvDlY7nz+ss58bQz
ufjM7xNLSdfGdZxz2U3ce+s1vLFkEel0ju133oUJk6ew+MVnOeCQr3DuGd9h+513Y8XyZfz2uju5
5epLeOmFBdiWYMw2Ezjvipso9PfgplNY2HiVIu0dHdxx8w288uSfueG6S7j19jlcctn1TJu+Iz88
7SRGj96GR+c9wT33/IVcNsc5v/oFmWyOQqFEQ31OVagChWKB9sEt/Pbiyxk5eluOPvpoPK9COrMl
ae1/GglvQTexMuQsA1bW6pTYtk1/f7/SUsnltuC1CCFYt24ddXV1NDQ0ACoz5Ps+uVyOIAi2qBg2
x2dem/dr08jm58DAAAD1up/PihUraGtro66uLgFxpZSsXLmSMWPGUCyqQsc33niDoUOH0tTU9KFS
B1v//O+uj7YmRGGI7Thy5btvW7+46LogP2on9+7f/ejtTetXX2Onsssjv7wB2Aj0oYyJz6dAJPvf
HJ8FZhKgrGrB90tFN5Nfv+atJQ8/98CNUaauIY7DwHT+RKjqSGEJSxqtEQOfKE+l5ndJleAllReT
iMro7IfJ5SdVvUIgI5U9CfyAC07/N5544Da+/PVTsRybVCrNd352IfPuv4UDv/KvXP2XRTzx4O1k
snk6ho3h9muvoK19GKO2mczbr79MKp2mUinh+x4TttuZ/r5++nq6WfD0Iwz09XLz3KeYPGUaj865
Ha/ised+B/O9n/6MV19aSHd3J5s3bsTzPOoamjj7kqtJpVMsePpR5v/1Ca695Wa+dNTX2NzVRSrl
EsdVspJpGxlFESnXoVwqc/gX9+f+u66jsa6Orx1zIsd//dtk3BSXXnw+l/zufDIZlzD0kTIiinzi
KCSOAoSM8D2P3XbZkfkLnlEykjXtKcwk+Vsr79aeieFjpNPppNTf7Mes6p7nkc/nP+AFCaHOaejQ
odTVKQ8tCIJkO2MoTJhhBJTM9kZewLbtZNIbnorRSHEcJ+GUjBo1Kjk+U48UhiGjR4/G8zxyuRy+
77PtttvqlqbolhXxFtfmIxoS5S9rrySKlVu95NWlwctLXnP/cvXZyzatX32D5bprIr/chQpvCijR
o89dRfBHGZ+FMYlRF6MM9AWVog/Wor/eddXLb734ZCrbOCj0vZIQwiaOYyE0lRikjGPj1mOQD80s
laANhky46IpqK9FRgER3nVfd5WMNzArL0niB4Js/voDzbpjLvocdy0BvD5l8A02DhlDf0MTqd5fx
xpIX8H2fkeMmMWnHXbj7hsvYafe9aRrUQhRGgMW2U3ehbchwbv7Df9HbtVHF5/WNFAt9vLroBTas
XUV9UzNh6JNvaCaMXCqVEpawsW0Hv1LBTaXIZOsZ6Osjm60jm8nx6COP8u47b5PN5YjCWGFDqDaR
pp1kFEsgxrIEGzs7yWbTXHD+z7j9z1ez4/YT+cWZ57LzLnvzozN+ju9VEqwkCkOiMCTwPVKOQ1fn
JqbvNAVLBsyb93jC99h69f8ornxvby+LFy9mwYIFLFiwgM7OzoQIFoYhlUplCw/FCBv5vo/v+6xb
t45isajVyappVKNhYgyWed9wRozB831/C9KabduJHguoFHhPTw+rV68mjmMymQybNm1ixYoVSbMw
IDmmlK46X7duHf39/VQqFR0yBlsQ3Wp/1g5jSKSsdjNSMgNCVCqV+JrrrneWLnj4jQ2rlt1rWda6
OAg2oQzJAMqY+HzORI8+6vgsxJEM19fS+3ctS2TCwO9a9+7SCdvufkBTNtcQRaFvWY5SV9cgoG4L
KoWpfTFNtaoLQJVZaoheUr82LS2EwVSERQw4jotXLtC7uZNpex2YkJ0K/b1UygW2m7YHI8dN5rnH
7uPZR+dw+LHfYueZ+2LZFhvWrObIboRkPAAAIABJREFU475D4FXo797MtjvvykvPPk65VGTqrnsw
dfqebFi3msOP/ndK5SK3XnUZre0dfP17P2XNiuUMHz2O1sFD6dncyfjJOwCwzcTtGOjrZffZB/La
ywvZ+4BDGTNhIgufeYbODeuxbYuDjvgqXrmiRLQFREFAvq6O1xa/RN/6tznogL3xfFUk2d3dS1Nj
IwcesA//dvzX2GPmLrS1tjBqxDDiWBIEIY4NkggZh8RxRBiF2Ba0NOX58+33ss+++6mH4UN0PrYG
Z82KXKlUcF2XK664gmOPPZauri4efPBBhg0bxrbbbguQtMTwPI9MJpN4EmEYkslk6Ozs5Mgjj2S3
3XZj5MiRdHd309DQgGVZeJ5HKpXCMFozmQz9/f0ApNNpJe1ZLBJF0RbGo1KpcN111/H4448za9Ys
nnrqKf7whz/w5JNPksvleP/997n00kt5+eWX8TyPCRMm0NnZybe+9S322msvGhoasG2b+fPnI4Sg
o6ODcrlMJpPZwtjWXqPkwa8xJLU/fd8X6VQqvvvuu63zzvv1smw293AYRu/HcbwGeB8FuP6fNiTw
2WAmoIxIGmgAWoERWG4HcTB12xkH/Pu//PiKvIwjKWRk246r9C7R2XdF7pJIrXlmmWpdkLpwTrXm
tRCmv6/QbFRZNTy1xDNjYCRgW0IbL03SimPSmSyB5+FVijS2DML3PGzb0nR7nciOI3L5OoLQY/PG
DXQMG6VW/ijCdWxS6Qz9fZupr28GKQmCilLeR8VstbIFtmVBbFTbJFec/0tA8t47y9htz3058dQf
09vVSTqbAyReuUx7Rwc3//Ea1rz8F377Xz+nc1M3dXUqEyVsi0rFV5mmpkbS6TQDA0WiWOJ5EZmM
LqiMdYpdSErlMu2tzfzusmvJNY3kBz88jUKhSF3dB8WR4IN4gVFkO++88/jLX/7C5ZdfTldXF9On
T+f3v/89b731FsVikenTpzN37lx++ctf0tDQwAUXXECxWGTMmDGcccYZHHHEEdx8883Mnz+fa665
huHDh3PRRRdx+eWXc+ihh5LNZrnnnns45JBDuPzyy8lkMvzyl7+kt7eX8847j/r6ek499dSEYNbT
08Mpp5xCU1MTv//97/nNb37DbrvtRkdHB7/97W/Zc8892XbbbVm7di2PP/44F110ERdeeCFz587l
5ptvZsSIEQgheOihh+jo6EgIdFEU8b3vfS/BdWqvT01YI2peAxivKVq9erU9e/bsjStXrrzftsXK
MIzfAd5F4ST9KE/+/6whgc9Ond5keY13IpFxzslmCxtXvlXq79603dQ9DhZRFEqBFJZtKeKYsLXv
YRDwaittZSyUx2FZxvnRXoihrWL+rFXOhKj6SYbxam4+aLKaQ6VUIJ3N0tg0iIHebkBi2Q5RGGqN
EQspwauUEUBTSxvFgX4F9log4xivUiGby+N7FfUA2Q5RGGnzYQyJ+v44jnVvX1U9O2zEGCrlIjNn
H8RBhx+F51WwbFcxbi1BGETk6+t55eUXKHS+w0H77UWhUMB1bVK2S7G/xKCWRoSAYrFIoVDEtlRz
7CCMcITirMRxhIwjXasT018oMH2n7bnltttpaBrMpEkTKRQKpNNpksZe5vpv5aUYkHPRokXcdddd
rFq1imeffZYvfOELnHPOOeyzzz68++67VCoVxo0bx8KFC+no6OC6667jyiuv5Pzzzyefz9PX18fQ
oUM5++yzueKKK1i8eDHLly8nlUrx/PPP09nZycaNG3n88cexLIvVq1ezfPly7rjjDhzHoa+vj0WL
FvHVr36VcrlMc3Mz7e3t9Pb2MmPGDPbdd18sy+KCCy5g+vTpnHjiiXR2dnL66adz8skn8+KLL9Le
3k57ezujRo1i8ODBCCH485//jOu6PPjgg3z729/miSeeoKWlhbFjxyaykzWAtXnK5Na4ShiG0rIs
ccIJJ3gLFix4wnGcd8MwWgOspAq4/p9KAf+t8VkISpsRoYFYwAU2hOVyykllX1z06G0ZJ+Ue8eXv
nCNCrxRHQWDZbpo4Dk0Akxh4oxEiNbdE2AaQlFp+oJZJqlmksUz0R4TODiVarNKAtlIpWkUR+cZm
1q1cTteG99lup93I5PIM9PWQSmUQoKQOHFeV+0chfb09ZLM5oigAPeVsx6ZcKuO4LpYl8QMPx0mB
kERRgG1bxLGWUJCxouFbNmEYMWbiZCZPnUYUBRT6e5O6I6l0rImlJJax0nAFTYrzydg2j708n4se
uJ5/3vUwTjj0KAIhSbkucRQQxRpjCC1tRCMNYEfqmgUeoYj5/reP4ZwLL6S1tZUdp06hVColgtJb
eybmb8awFAoF9ttvPy666KLEW0mlUuy///5s3ryZYcOG0dbWxkMPPUQcx4wcOZJp06YxdOhQOjs7
cRyHzs5Ocrkce+21Fy+++CLPPvss5557LkceeSQdHR2cc845fP/732fatGnsuuuuNDY28vTTTzN7
9mwmTJiQFP4ZIlqxWKS3t5dMJsOiRYu45ZZb+M53vsNOO+3E3Xffze67785NN93EeeedRz6fp7W1
lYcffhjLspIQzdTxbLvttmy//faMGDEi4bjUXg/DHakNa8x18jxPZrPZ+Hvf+5645557nstms2+U
y+W1wCpgE8qQlPn/gCGBz9aYSFQMWER5KC5gh37ZsVKp+QseuAm/XDr8q6ec7whhx6Ffsdx0RhJH
OjxRN0WYxA9CGmKKYtzr8n3duMh4HNVsDiC1ILQOM4zvaYkYy7IJw4C6fD13X38JTz90B82tQ7jq
vDWc9uur2H7aTMoD/QRBhbaO4Tz14N289+YSjjv5J/i+RxwFpDJZxWWxbKSMyeYzxJHKPNTV1+H7
HjKKyGbrCEM/yTa4ToowDJQzJQSF/n76e3sQlqqqlUbSAUPm0/VD0pyXJIhCbGGz5L03eO2dtxiT
H8G/H3IkQVBW7TiQSGmpUgBdgoCMkVJ5S6qvkKBYKNA6qJmTTzyCs3/5n5x59n8xZcr2FIulRMYx
uaE1GQyTAm5paWHevHl885vfZPPmzXz3u98lnU7T1dVFuVymWCwmXQBzuRzLly/n6KOPplAocNRR
R3Hqqacyc+ZMFi5cyKxZs+jp6eGMM85g0qRJiYcxc+ZM9tlnH9544w1Wr17N17/+dU466STmzJlD
Z2cnhxxyCKlUiv7+fv4fe28eJ1dZpY8/571bLV3V1Xt3ku6EzkoSErKxBQiBYZNtAAMCsimD4sKo
6KCioH5dRsURBlH8joriMAgBZF+CISRAIIGQPSEhJOksnd679rrre35/3Hu7i4g/Z+aLSzr1fD43
tXRtqbr3uec95znPiUQiiEQiQ9/1vffei0KhgNdffx1vv/02uru78eKLLyKVSmH27Nm44YYbMDAw
gHQ6jYULFw79P0PSDBPJtm2/J6cUitAOSlQzAHZdl6SUHI1G+ZZbbhF33XXXq4ZhrCmVSp0AdsEf
njUIv3IzIogE+MvlTMqhYlh7UgOgBcAYVY+kXNucc+S8U89b9Ll/TaTqm10zl1Y0PQKAiRSSYBms
JASDghIyBQnaMmsC4qD7N5gnLCjIqQwti8ID0m+qE0LAcx1Eo3Hs27UN3/rsh3HjbT/BSWdfjPt/
8m1MnDYLkUgMj/32J2AGzv3Ix/GHJx7AK88/hu//8kmsWbkUG994FRd+9JMolPLIDvSiZcwR2Lr+
DZx0+nl48enFOPH08/DkA7+C41pYdPWnsWblMkyaOhNHTDoS9//fO/D52344VPNWlMAkgd5LHoD/
WU3TREtLM37987sxuH0JvvfNL6KzqxfVySQGMjk8+9orOGnmHBzROhqWHVQ2AHhMsFxGRPW/B7Dn
S/SD2ruUHoQglApFVNck8M72d/GTXz2Oz930NSw85WQUCoWhA/Ngf47wYOvt7cWOHTsgpYSUcsh4
qKmpCdlsdijhbZomnnzySfzmN7/Bj3/8YzQ2NmLSpEnYvHkzxo8fD8dxsGzZMrS2tmLWrFno6OjA
5ZdfjrPPPhu33HILCoUCli9fDiLCwoULEY1G8dxzz4GZccoppyAajQ415eVyOeTzeTQ1NWHfvn3Y
sWMHBgcHMX78eMycORMvvvgiPM/DwoULQURD0VFdXd0QYXR1dcEwDBSLRYwePRoHDhxAPB5HMpl8
vyTsUFQSJI6l53n0hS98QQZEssqyrL3wcyQdAPowvLwZMfhLDi4PEeZPwgonAXCl5+pqNDrQ0/FO
z/b1K0eNGjcl2TJuimdZeZLSI1XRhjyCQEyCBDMHhPKe+k5ZMozDRcdwB/Dw4wLbAg7W/I6NRE0d
1q78A/bt3IaP3/Rd/P6+n2Dr2tfQPmUG+roPIJ9JY+e2TRjs78URk48CMSORqsHj/3kPps06Di89
9wiS1bXY+OZKDPR1Yf0bL8OxLORzaTSNakVvVye2bVoLz3XADGzZ8CZKxQI63t2OCz5yLTLpAWi6
EWhq5JC+ppzhhfCFWVVVCax9czWsgV049ZRjkclkoSgqYhEdx0w9CrF4BK7jBgGIhGS/X8nzAEF+
roSD+6TkYMkj4bkOdF1FNptFc3MDZhzZhrt/9nPkS4x58+ZCCAoGn6t/VMUIZeutra1oa2vD2LFj
kUqlEIvF4Hke4vE4FEWBpmlobGyEaZpoaGjAJZdcMlS1aWxsHPISmTJlCpqbmwEAGzZsQHd3N778
5S8PVXWOPPJITJw4EVJKFItFTJs2beh2KJgjIhiGgUQiASEEUqkU2tvbMXXqVLS0tEBKiQkTJmDC
hAkIrQyYGfF4PPi+/faCRCKBaDQ6lHBNJBIwDIOZmYQQQ1Fz+J14nkeO48AwDG/v3r3qtddea913
330r4vH4qiAi2Q2/chPqSUYUkQB/HTIByqQSGCYXT7qupuqRQrbvQMfGV59LKJrR2D5tLlTV8OxS
TghFgSJU9hUXwVJF+uUbIfy0R2hbNpQsDKo4w5KfIDlLGMqVEwlIeFBUFVapiBcevQ9T58xH++Sj
8Jsf3wbNiECQQCbdh2isCsnqWtQ3jUYuO4jm1rFYu/IlnHLOImiGhhNPOx9vvf4SSqUCph49D8uX
/B4fuf4m7NmxDZnBflQlUxBEOP+yj+Pph36Djh3bsOjaT2Fs+2QUcjlouh40Mfqf0VcEM5EQwZqG
yHUdJJIJXrt6FZz0Llp48jF+uVHTkC+VYLlWMFdy+Kv2x6cCrscQwg10GXLoEiHhMMPzXGhBz08q
WYUT5h6JRx95GCtWrsGR02agtiaFUqkEZkBVlfeE9lJKOI4zpP8AfJ+SUMAWXi+VSmhra8P8+fNR
Kg2Pxw2fz8wolUpDB2hjYyMuuugixGKxId1JKGqLRCJDnigAhnIlQcJz6HOEVafyzxeWtZl5SFNS
Tgzhcib0TSnPFQEgIQRLKak8lxRGI6qq8tKlS9XLL7+8+9VXX12aSCQ25PP5A/CJZD/8PEkWf0fD
xj9I/CVzJuVgDKv6wsNaAnBd23SFqnqlfObRx352a2fH1jXHn3H5ZxNtk2Y4hdyA8GxTaJrhV218
TQqDPZJSkH9dEihwUA35hEOTRn/SIsIzfqg/YYamGijmcpg4bQ5OPOsi/NuXP44ZxyxATUMzahua
0bFjCwq5DFRdR3awD3UNzXh7/RuYPvt4jB7XjnWrlsOxTEw6ajaS1TUgQZhw5NFY+uRDGD9pOpY8
ej9KxTxiVUl07t2NaUfPQ3VtPfZ1vItZxy7AQH8vdMPwZe5BKZEgIIP/j5RM4YAuIsGSQa70QALw
XIfWbXgb046cgFRNNQr5EphdgASIBSTCnIuEhALPc4ec3fyVFQdJ67DfieE4FgxdRaFQgKIQ/uXG
K3D/Q8/gazf/M677xGdw0kknAwBKJROaNjzQqtxZLRSPLVmyBCtWrEBLSwt6enowd+5cnHfeeQB8
HUhoRgT4YrFys6RQtBaPx1EsFsHM6OrqQltbG1RVhaIoWL58OV555RVomoaWlhaMHz8eTU1NOOKI
I4bc0UIyCCOO8kpUGI24rjvUSBgukQzDYNd1SVEULo/Eytzj/P0u+P96nseRSER2dnaqd9xxh3vn
nXdutm37tUgksi+Xy3XBX9Z04r1EckiXgP8U/lqRCfDe5Y6EH6V4AFyWUgJCqLrW2fnulgNbVi+L
u7bdOGb8NFGVqJW2XYT0HEFCJaEojOGzApEIp2MF+ZKhrmH4adtgfxgatEXwxXDwD15Puph1/Glo
nzIDqfomXHDlp9A+ZSZmzT8NNfWNOPq4UzDruIU4YvJ0TJkxD+OPnIm5J/4DFKHgzIs+ilg8gQnT
ZmLOcaegbfwUzD/1HDQ0j8aMeSeitqEJc044FfNP+xBYSqx44TFMn3UcFp59IXLpQWiGEeQviABJ
MqhCCxIQJHzPVjBc16WqRILXrHodnNlFp5w0l9dv3Eb7u3pBAOrrqv1ZMLYvSuOQKOC7Mgi4QRVH
lkUoMohQ/OdQEM0AjFLJRKFYwgVnn4xsphuf/PTN2LmrA2Na29A6ZrQvKrOtIOeilIf6EEJg3bp1
WLFiBW6//XYYhoHp06eju7sb27dvx5QpU3DgwAF0dXWhq6sLTU1NWLVqFfr7+1EoFFBXV4edO3fi
+eefx6xZs7By5UpcdtllOOGEE9DY2AghBL773e/CMAzMmDEDtbW1YPZnFFdVVWHr1q3I5XKor6+H
ZVlYsmQJFEVBbW0t0uk0Ojo60NfXh4aGBggh8PLLL0NKidraWvT39+O1116j1tZWqKpKrutSgHCP
gpSSAltHqSgKK4oi7rvvPuWmm27qWbx48atCiNVCiH22be+HH5F0ws+R5DBCSsB/Cn9NMgH+mEzc
4NIB2JWeJ/RIPFfI9HVse2tFdvuG11OxZLKquXUSGdGE67gmPNshEkSK4icZgzN4MAvNL/r4VZxQ
XvLHClpCMK7CF5vAdV2MGTcZ7ZOPgm4Y0KN+T0f75BmobxqFeLIanuugpa0dmqIiUV2DGfNOgh6N
wjZNpFJ1iCaSEEJBXVOz3zhnRDBl2ixU19SicVQrNq15HR3vbseVn/oiVFXzU8NC4eElGkEogoVQ
4Di2cF0HiVSNR6QIx7ZQVZXAmtdfBeU7aOHJ89DZ2UdSSnR196KvPw0hgKpEDLqmgCTgSRcMhicJ
Ao4fnbHn+zfIQHfCEux5/vgO6QXLDKC+JoFioYh/vfM+LFu5BddefTGmtDfgwcWL8dbajWhra0ND
QyMUxe+1sS0LCM74ADBt2jQsWrQIv/3tb7F06VL09fXhrrvuwuOPP45SqYS9e/fisssug67r2LVr
F2688UYsX74czzzzDMaNG4ebb74ZK1euxPr165FIJPCLX/wCCxYswNFHHw0iwksvvTSUo5kxYwbW
rVsHy7Jwzz33YO/evXj88cfR1taGF154AX19fXjiiScwbtw4/PCHP8T27dvx9NNPY9SoUXjuuefw
4osv4s0334Su63j22Wf5wIEDWLFiBaZPn454PD5ElK7rwrIs0nXdU1WVPc9TlixZIj796U/n7rjj
jnX79+9/NR6Pv22aZpeUcjf8iKQbw0RyyHUB/0/x1yaTECGZSPiEEm6W5zpSCNVVNL1rsHvvu2uX
P+V17dtRXZWsidU2j6F4ssZ1LJNc2yIIChKD8HMpYPgJWgTTwQWGHebDEnKZfyuTX+ERBKuYR7GQ
8w8yzz+7FwtZ2GYJnueChIBVKILBcBwH2Uw/PNeDECpsx4Lr+QesbZpDzWW5XAaObaNUKqJpVCsW
nnMxVE2H53okFH/tDTCR8Lti2fOoVCqJSCzmJlO1WPfGq+ov/+3b3qix7WLc+PF4/ZWXmHMddPIJ
s/HOzg5ICYrFDJiWhd7+NLq6+/xliK5ADSowUhIE+8QSJmGlP/JgSFlcsky4rof62gQcx8WDjy3F
z379FFpGt+GmG6/BKSfOxcSJEzB/3nT09OzHvQ88iY3r1yNVnUBDY6M/JgOAbVlDWozu7i784he/
xAUXXICenh6Ypom+vj7Yto1kMone3l7ce++9uOaaa/CVr3wFn/3sZ7F48WL09/dj+/btOPvss7F6
9WqcddZZ2LdvH2644YYhqfuSJUvwzjvvDOlTdu3aBWbG/v378d3vfhfbt2+HqqqYMGECcrkcXnvt
NcycORPbtm3DF7/4RRSLRaxfvx49PT349re/jdNOO42ff/55WrZsGc2fPx9Lly6lY445BnV1dSgU
CmBm1nWdNU2TfX196pIlS8TNN9+cue22297euXPnK0KIzYZh7AsSrXvg50f64Jd/8/CX+COaSIC/
Xs7kYDB88jDLrjvww0BTSjcvbbdBVXVLStm/fvnTWza+/NysmQvOmXjMaRemjpx9EifqarxSsQDT
LAhBQqiaxkIoxJC+cIjDqXnk62nD8l3whpAIXOL9UrIaiQxHM/D9Q3RDHaoKkZTQDAOSGYqAnzgN
mgkVVfMJjeVQQpWEAiOiAEwQgthzXcpn0lA0lRUSkJJJKIIFCK7rkOe5HInEZGPLaLl31w7t13f9
q/fkg7/Zmhnsy7eNnzx7wekLYZYsakjE2ZMOx6OGGMzk2TI9isYiABFc28W+zm4UiiXMmDYeJcsB
Q4Gk0IE+SCgGUZljO3BcFzXVcQCMp19YiceffhW1DY34+lc/i2NmT0WhYGIwnQFDQFUEzj//PExe
OBqvvrIct9/9azRUR7HwpOMxb948tIwe4397gYAwnU4jGo3iySefhOd5aG5uhmVZSKfTqKmpgaZp
qK+vx5IlS9DT0wNN01BTUwMiQnV1NU499VQkk0ls3boVfX19OOKII8DsD++6/vrrMX/+fADAW2+9
NTTQPMyrdHZ2YunSpbj00ksRjUaRz+c5yIkMNTWqqoq9e/dSf38/OY6DUaNG8YQJE2j+/PmcTCZZ
CCED8ZrYunWr8swzz3gPPfRQ7+rVq3cD2K4oSpeiKBnbtvs9zwujkH4Mk4iFQ7zf5n+Cv1VkEuI9
uRP4hGJjiFQ8h1kKVdWzrIjdB97dsmft8qesfe9uqSoVC/FUfZOobWiBUHWPPReubZJfCfFT80RE
gsqWPACRIGb4htYi6N2Bn9sFwxvKsZcbBRGTvzYLEpcI/zYk2fdXb8S+upWHGAvM0iMPICGIfdLx
BTLMTJ7rQnqS9WhUJlO1nBkcUB67//8qP//hrR3Ln3/8VenJzUTIWKbZesb5H4nt2vkur1n+FF1w
9gJKVccRjRo0mMmxZTlEAJJVMdiOi6b6FGJRHSwZHisg2GCWgd0lw3NdlEwL0ZiGmuoqrF6zGbf/
9CG8s7sXV11xMW785GVoqK9BX38aAENT/TZ/lTzszKRgKUnMmDETM49fCIsMvLZqDZ57/jls3rge
hWwaraPHoLauDp0HunDOOecim8lg69tvD5Vp21pbEY1GsfCUU9De3o5Nmzahr68Pe/bswfe+970h
h7T29nacc8452LBhA6qrqzFnzhwQEe/evZva2tq4oaEBAKi7u5vr6+tJCMHz5s3Dvn37MHbsWJim
ia6uLkSjUSQSCSQSCZo3bx7t27ePJk2aROPGjaOf/vSn6Ozs5A9/+MPI5/PyrbfekoGBk3j33XeV
xx9/XNxxxx3F73//+/sffPDBtfv3738zGo2+rarqAcdxejzP2we/5NsFv+wbitFKwT59WBAJ8NcR
rf13oQHQ4Q/riQdbdbDVAqjR9UjMdd24lG4TgPbm1gmTpx27cMy80/5RbWqdgESqRsJzpWUWyXUd
IcAQQiGh+AlNRVE4NDIIlbFh+BL2ZolwKcS+LmWIcBBWmP2KEA0/08/ADCtD2W+bB4gUUoRg9itR
xJ6EJ12AwIZhyGisigEoPfv30LLnH+OlTzy4f+fbG9cA2GFE4yWrVIwpivCY+biv/9u9J53xj5c6
X77+Ui1S3Mlf/eLVGD2qGdlcgXZ37OfBbIlKJQvJRBzRqI72tlFgEnA5Ak2UoAgBz/VgWTaiUQPV
iRi2vrMH//nQEuzvyeDCC87CRecuRDSqo38gCyLAiBjwfL9ICPIwgNHIKm2QngPLsqFpGpKpaoAU
dB3Yj41vrca+d7fAzvVj7KhGnHbqKZg8cSLqGhrR29uL+oaGobyK7TgAM372s59h/fr1cF0X+Xwe
jz76KAqFAvr6+jB27FgA/ggK0zSHJO6h30mAYfmpLxx7j7fJ7t270dLSMuRGDwCqqsqgCsWZTIar
q6sJgMjn87RlyxZs376dn3nmGXvVqlVdHR0d+zzPOwCgJ5FIpC3Lytu2nYEfgfQDSMPPieQw7JAW
5gIPK/w9kQngfx4dPrFEAMQAVAFIYFhBW6Pq0aiEF5G2nQIwRmjKxAlHnTBu2pyTUhOPPlYb034k
4smkpwqNbbMIxzJJskvsSSEUAVVRIVS/qTCo8vDwAC8OJB+hbBoIM7vMTIriT/cSIJ9UKLCOBPlu
9CyJgk5j9jxI32qRhapIXdM4Gq+CEApymbT6zua1WL1iSWnF84/t7d6/Zz2A7Xo03i89x3Nt2wVA
qq5XubZdN+WoOVd8/xePjEomq71f3X27WPfSw7jw9Jk49+wFqK+rpYHBDPcNDNLuPd2IxaKYPnks
XI/giShUFGGWTOiahpraBPZ39uLB3y/D2k27cerC+bjy0g+hvq4GA+ksPI+hGzqIAoUse/Cg+USC
RvjHiIBQCNLzYNt+W4BhRBBPJGE7Dnq7u7Fz22ZsWvs62CqgyiCMax2FGUdNx7ixbaitq0dtba0v
2GOJhx/+PYrFAi666MIhJzbDMIaGY4VNhWFJNlymBHoQCvUpwZAuDvxOGADHYjF2XZc0TSvXdZBl
Wcrg4CD6+/vx5ptvetu2bXNXrlyZ3bBhQ//g4GDoxdpvGEZOCFF0HCfvum4avl3AIPwyb0ggRQyT
yCFpbPRB4O+NTEKEvTwG3ksqVRiOVpJCVasghCFtOwI/emkxolXjx06e0TLhqHm1bROPMlonTEXz
6LEsFJVVVZHS82CbRXJsi5hS7MC+AAAgAElEQVQlFOEvhnwFpS9oI/izaXxxXDhmK+w6xtCQLSJG
0NEPkAx7Z9j3TyBEjAhHYjFWFQ3MLLLpAbFz2wZsXb/aWbtyed/W9W902FZpK4A9qqqmAViu64a2
fQ78nFadUNWEdN3Z51967WVf+NadQgiiLRvXiQf+4w54g+/grJOm45ST51JzSxOzJ2kgneVisUia
psNBBCqXUFdXjVy+hN8/tQLLXtuM6dOm4bqrLsT48a0YHMzAdlwYugaF2JfdQ8KFgQJXI83NsCjq
l5gRGFCHrQpEYJbwPAnXtSFIgRGNwohEoRkRDPb3Yd/eDuzduR19B/Yg09eFmCHQXF+L+pokxo5t
w6hRLWgZNRotLaOGzIqGZ80E/qn+0pKEEJKZBRFJKSUFWpdwGBEfdEmmaSKbzVJfXx+6urrQ2dmJ
nTt32jt27DC3bt2a37FjRyadTvfDz3dkAWQ0TSuoqmo7jlNwXTcf3h9sYRQSEogV/FaH1ZLm/fD3
SiaA/9kU+AdUBMOkEi/bEuGm6npEqGrEsSyDPS8FoAFAc0v7lNFNo46oG3XEpOS4SdO1ptHjUFPf
hFRDE1Q9Ilm6zJ4HSCl9vw8mCQazSyxlYLPCJELdmyBWhMIgPw/iqzNV1lSVSRWkkEqqppLnOiLT
24Pe3k7s27kNW9etLu7duW1gx9YNncV8djeAfUJV+wwjWrJKBUtKmYV/xitvSTfgE2eLrkdrbKd0
xnWf+8ZZV3zyJsexi0okEqfXXn4JS35/H0q923DUhHo64ZijeOrk8VSdqkKx5LJHMVJRwB9efA1P
PL8KLS2jcc1HL8S8OdORy+dRKJQQMTQIQXClgMsabBFBUSZRRDUsjvr+MeyBESS1ZagK5aBgFown
E8G0AenBc1y40o8w4vEEVN2A53qwHRu9Pd3o2rcHfb0H0NfVCZUYG1Yvx603fx5nnnUWbNuCrhvv
aSzEQWf7YDIg53I5Wrp0Kdm2jXw+j0KhIHO5nNfT0+N0dXXZhULBSqfTVm9vb6mjoyNnmmYaw/aI
WUVRTFVVHV3XTcdxbNu2LSllSBhZ+MRevlmokMj74u+ZTEIE07GgYXj5Ew0uq4LrZcQiqlRd1VVV
11zbNlzXjiDIu6iqWhuJJevqWkY31reMSdU0jNabRo9V61taRVNLG+LJaqiqDlXToGo6VEWBUPzB
V4ICR9ZQ9CU9SM/vbfFcC5Zpor97P3oO7OUDe3a6XXt32d37Owa69nd0F7LZHindHvgqyHw8nii6
rmtZVsnE8FkvC38nL3fcMuAv7ZoAtKp6pE66zpkf/9zXFlxy3efdYiFDVfEqRTeivHHtGrzyh6ex
ff0KqtYtntiaojmzJkOL1PIDi5+hnGjij1x+BZ21YCY86SCdzkDVNGiqAdMTcKHBhQEHBhyO+Api
kkF3tm/7MNSIWFZul/D7K8PBAgi6lUWg3nU9D45tBZGGr5bVdQN6JApV0wGWMG0Hv/zBv+C7t3wB
4ydMhOs60DR9qHkOGMqHSAAwTZMikYjs6upSPvaxj1kvvfTSHmYumqYZHvAl+GQRRg8OAE9RFCcW
izlE5LjDsKWUZvDYQtnzwtcxg0s72BwMl3oPy+XMn8KhQCYhwpxnmKgNL0NiicKPXMLoJQYgJlQj
oqqqDumoEkJzbTOMciLwCSgJIEFCJHU9EkvWNhiJVG0kWVNrRGNJTTN0RVcNQUKAQcSeIx3Hlk6p
6BYKObeQz5kDvZ2l7GBf0XPd8IwWrq1NAEVVjxQFyCEFjuU3phQxfNYLz5LlO3+YvNODz9cAn1Da
dF2vt237xAsuv27hNTd+XYvFq9xCZlAkUikRTyR4cGAQG9e9iY2rX6V9O7ewdC067vQLcca5F0HT
DAwMpEECiBp64JUrARZDej8iCYHA1IkIQQEoCMuGJflhRxSHFg/ggFD8MaosCeFAekUoYGJIV8Jj
CU/6VbNCIYfmllFY9txT0LM78c1vfiN0jf9TREKlUgnRaFRu27ZNueqqq/KrV6/eGovFDriumxFC
ZJm5IIQwmdlTVdUFIKWU0rZtx3XdkAjCyCK8DLfSQfeH5GFjOKlaIZE/gUOJTEIQhqMVFcOkYsAn
FAPDuZZo2f1RAFEhhAEhNFVVVSmhSOkK6brhax5MVBr8pZYoe2/voC0sZdsAXCFUT6gqC6G40rVs
KaUTnPnKz5jh9fDMF+7A4U4bhs06fGJMwbe/bAHQquuRhG2bM6bPOf60qz/zlfo5J57qWcUiZzOD
ImJEKVGdQjwRp3w6J02zSMlUCoP9fZBSIhb1NSm245BCxBIgGvKEARC6/jMPXYbEgWBsqQxIByGZ
AID0Daf8FwweT8NppMCYigKf96A6ztCMCH7z41vp5k9fzXPmHQPbskjzu4S5nERC13nDMOTzzz+v
fOpTn+rfuXPn+mg02lMqlQbhk3e67LstJ4CQREJysMpue2XXyyOPUEgZyhcqBPJncCiSSTnKSSA8
8PWy2waGicYoux3BHxOHCgghBBQIoQihBkVi4VvFCkBIkARYQkoBv/FWuq4HSJZSHrxTlp/tbLz3
bGfij9fd4Y5fvtMKDJfKh/JAAJr1SCxhm8XWSCx+7BkXXH7UuZdea0yadrS0bJML2QyZpaKIxeKs
qCp5rgtF0zlm6PTWlh2oq0mirbmBC0WTVFX1o5PAniFMXfrFkNAWczjiIKLAvzbw1eWg3wl+GwOC
CQF+9CIhy6IXkPD9foWAZZqUqq3Dyy8+C2f/Onzrm98AM2AYxh8dtIFrvASAu+++W3zlK1/Zk8vl
Nuq6fsC27X74/S8D8JeLRQznnA7WMZVv4ffuvc9lhUD+FzjUyaQcYQQR+s6GUUtIMOUkox30mDDK
Ce8Lt/C1Dv6ewjNW2A4QEsnBZ8LyM2K4uXjvuvvPJfAUDBNKDYC64LJF1yM1tmMlwNyeqmuYdfLp
50446+Kr9XETpyKWrHbtYpFLxZwCgCzbprpUNX/5336D6ZPG4uMfPpN6+zMcNTS4wbKD4fc6CeGL
eMM+pvceUT7JBLnXIW8JBf7Id59hggQKIRjIHnR5SpDfgMjwHBeqEeH7fnwLvvmlz9CMo2ex49hQ
VS1c3pDneRxGI729vcqtt97q3nPPPVuJaJOqqr2O43QCOIBhsVgew1255S0bYU+YW3bplv2t/HEV
/C/xt5LT/yUQnoGA4aA9JINwC0kivB7+XZTdFgfdDl8n3NHer/s5bAkob2As38JZQuVnvv9uBcCD
f6YN33MoyrFtswCgPhKpKqb7e/c+8bt72555+P5pxyw4Y+z8Uz+UnD7nBNE0pg2qprtJAPt7esTa
dVsJtov0mQWWngPLBlHgF0JEUAWxZI9UQSyDb5LYz5MMXyeIQDMmAm9dyUSKEghtA+9elmBp28SQ
/jACZiia5pmlErWObcfv7v0JnTBzEmYcPQtmyUQkGgm/X5imyZFIRCqKgj/84Q/Kl770pcF169at
jUQiu0zT7HEc5wCAvfCT2v0YbqZzD/qNDv69Dr6/gg8II4lMylG+A/mTwYeJIZROKmW3y0mE3ud2
CCp77YN3yvJopZwwyrf/7c4b5mbCs6iL4TxLzjTzdUKopqqrOds031259KmmlUufGje6bfwRRx49
p2HiUcekZs89Bi9v3s+u5fLWHR20a18vzzhyokwPDhJYkmkWiT0GhG94KSmYzgEaSrwinH0ctBFw
MHXeNzsAS1dSIMJhIgFV1aAaEamphhSqIJAgz3UpmaoVr738Ig+8+xb/8Od3k/Q8jkQjDICCYVcc
iUTk3r171Z/85CfenXfe+bZlWRsikUinaZp98JvpujDspfp+RBKiQhh/JYykZc7/BOX/7zDqKF/O
hCRS1tbzHiLBQZfvdxb8S+zEYURlwK9WhcrgKvg5lRSAlKrrESKKOJYVBdAIoKmmpqbFajt9Skmv
MzhfkB8641hx2dnHE+lRJJJJxOJJ6IYuPdclySyllJDswZ8XL8l3Zgu/CD9JKwSx3wMloJDwrwYe
qmapKErFAor5LIqFAgZ6D6BjxzZ07d9lDvYeKPXu35V4+IH7lanTpsE0TVIUhVVVlUQEx3GU3/3u
d/jRj37UvX79+k2apu2QUg54ntcFPz/SBV9kFg6vGtE+IYcKDlcy+e+gXElZfvtvfaYLI6cwkVyu
Di4X8iWFqkZVVY8LITxTq23HEadfBbAGzRCU6S5VD6zcVVNXH61rbE7WNbQkqmvqtKrqWqquraOq
RBJGNI5oLA7DiEAIFUIRvuWl9ODYDjzPgV0qoVDMwyzkUSxkkR0ckJnBfpnPZqyBgZ58X3dnvpAZ
yJjFguXaVsF2nAEAMx/7/e8nnf+P/yiLhQLF43EGANu2lWeffRZ33nlnevny5duklJvj8Xh3oVAY
xHAkEpJIFn6y9ZAb8D1SUSGTQxdhvieC95bCY3iv3iYFQFL7mVdw3YQz4ZouQAo0Q+LdZQ+jf8tu
+AldETw+FAPqAHRF0TRFVdSg58CfgCYZUnqex9KTruey9IY6veFXr8JoIdR0eFBVC64rorHYGb/9
7W/nXHzRRRKA4nmeunv3brz66qveL3/5y8yKFSveBfC2oijdiqKkbdsOZ/GGuZFQ0m5heFlTwd8B
RmrO5HBAeX4mLEEXMEwsBnxy6IWSTHCssR3SCyeSe5CsUf3kdiXz9qtQ9bSACiGk4rouSVeSlK4C
gDzPIX/Y2NBSsDxnFN7vQQgWQkhVVaUQmvTheJCSFEVxXdetO3rOnAu/851vH3XsscfhlVdeQUdH
B1566aX0ihUr+rZv374bwG4i6o1Go7lisZgJljVhd24GPkmVcJiYDR1qqEQmIwdhBaqsrB2pBsw8
2s8+HzVtPwN7AmAVEL7sVcoMtj59E6zuNPxIBvBL5QdXusLX/1MJ6HItR3k1CwAsAYyTwKfnzp07
avasWQPrN2wo7N27t6+zs3MAgSNZNBoteZ5Xsm07Cz8KCYVoYSQSCvwq0cjfKSpkMvJQVo2qjQID
JmZcfQ+Mqmvh2BYUGH6znnQhdBX57tvx9qP/AahNgGvhvarfcAtfN9xfDiaTcnFYeTUrrJzVwm8H
YAyLB0U8HleEEMK2bduyrCJ8BWsGPpEU8F4SqfTD/J2jsswZeQgjBQYGsmg7swWqMQfSKYAkQMII
bOKKYNZhJGcBGAyIBBgul4fVrf+/8vjBFazykni4LNLhJ0p74vF4XTKZjGez2VipVNIKhYJE0L8E
fwkT+oOUN9mF+pwKifydoxKZjFjM0YA1DmZedz0iiZ/DswL7ADuwkFN9RznJQCH7j9jy26eARArI
WRg+yZSXyMOD+f1K5OW3Q0IBfDIJy9hhctcoe/2QKCwMy+DD9oNQJVxp7z9EUIlMRizWBDkL8Q7s
0tfgWQMQYi6EuBYsS3BK/w4F2wA1CUG7AHhALgsEDkjvLYkfXCYvJ5D3K5mHt1UML38s+ESilb1m
ebtBqBWpeIQcoqhEJocTpl+7ALr2EkCDyKbnYceD7/6F35EwnBAuT+wCw6rh8n6mSn/MIYxKZDLi
sUhBUzqCupQDiRQIEgwF0UgDJnx2HzJdGnpRAhb/JUqtIWGEl+VRzsE5lwqJHOKokMmIx2IP3Sih
GxLTrjWHglGXLey4KxSW/SWXFCGRVDDCIf78QyoYAfAZRAlWFAQBpvC3/1vPTqpghKBCJocFFvhk
4mk85NiqKkGIsqCyvKjgA0GFTA4nCDdczpC/ugGAfCUJX8EHggqZHE7wNA6c0AgcRiZz/rafqYIR
gwqZHFaww+HJAqrtk8mcNX/jz1TBSEGFTA4LNPp5Ec0LjdIIdhCZrPmTkUk4VqTclFv7M2/0fs/R
/18+eQWHDiql4cMJUvV8M1dBf+anVwBIZnaexQ5EMQGNAKYCIBqqAh1cTlbD5wDPAogCO0rAhA+B
CH/qORWMIFTI5LBATzCFXfhzsyQEEC5zALx3paMCcMfOnJkionMAzINvulQA8PJxxx333Ouvv16C
Tzih0E0B4M6Z015NRB8CcCz8XpwMgNcXLTru6cWL/+g5FYwwVMjkcILrMTTdN3FVlPer4mgAHE3T
ZnesX39Hw+jmk447/VSkamvR19OD155b+s+vv/7680bSuNHKWjsw3MPjxWKYs2bNzjtHj66bf/ZZ
x6OurhpdXf146umVcvHi159PJPTP5XL2dlQIpYIKDmUs8oVp0689AbOvNzHnEx6OvvYEAMCC28IT
igZAxGvi0wDsOP2SC/n5js3FrZwtvM25wmaZLTz1zpri8WedygBW1YyqaUVgcF0Tj08HsO2yj5zG
3Qeey7NcU2DeXGBvTXHnu48Uzjt3PgNYO7m1bhTe64tSQQUVHFoIyGTWx47H7OtLmPsJiWlXzwcA
zLk+TKrGrr7ttgiAB445fQGv99K5jcVe3tC/nzf1d/L6vr28xeqXqwsHMlPnzmIAP8KiRfrUqQ1V
AB4444xjmL03sq6znrPptZzNbORc9i323I3SLL2WPfbYqQzgTuaHAD8xW8EIQ6WaczjBZAliv5oT
LnOqWhh+VCIX33HHNE3Xzrris59yVCnjXChxU3VK1lcluKG6VtoDOUrFqqou/cx1Lgm61Hjppdad
Owdn67p2yuc/f6kLisSzWUZVoklGo3VcVdUsB9M2GZFE7JOfuFgS0XktLVeNha+Yq+x7IwyVH/Sw
wFS/JEweg4TfoUtBmbh3iwBg1E2u04qZzPTaxsbkEZPaSfEkx/UoGaxQgnSKQFAykWC3ZPMREyai
qrq6iQZzo03THT16VF3TxAlHuK4HiseTLNkgomqSnkHxWDWzJJo3bxrH45Gmri6znRkSf77MXMEh
hgqZHBbYElRzPIaUABHBCSKT7F4FgKYMKjEAcSYQSPgubMIf/cnMUIRgyzQpasSorroBpAoyXXMe
gMnRaBSpmoRwXUmeJ0kEhCWZidmfYi6UYDwgECVaoKKSNxlxqJDJ4QShyiHbEFUEzX8OARA9PT1V
QtMGM/39pf0dHWBFcMky2RLMJZKcKRUomkpg3do36aufvF4pDGREqrru2/FY4ktbtu7ie362WNM0
hSXb8LwCkchDVR22rByTwnLjhneoVCylVVXNAMtjqPiXjDhUSsOHBcJljmCQ8IVjHOhM3FJY3o1G
NG2gWCxuefCn/zF3/mmn2o6A0jU4AOm6lGqok48vfoS+9LEbcNys0/Cj7/8OzS1jjGKhgDffXIFv
fON2vP32Hvzil99HsdjHgCIAV6qaFI5jenff/ZDqSaxqqIt19fZmq+B7vlZQQQWHFoJqztSrj8ac
6/OYewNj+rULAAB1kxMA6gFMB3A6Ef0fALmLPnGNtyrf6W7yBvldtuTjG16XkXiMP3HdV+W721nu
3MZy1zvS27nN8zp2sHz4wdUyYqTkLV+5hpl3S+YNknmrzKSXOx/5yD9IAN1C4AoARwJoRiVnMuJQ
iUwOCwSRieExwAARoAY/vVDC0Rg2AIWZ95KqPP7oz3+96JVnXlBmnngsTz7qKDx1/wOYPf1E3PSF
71A204tYXIWhqsQA+gdzOGbePHztyz/Ct753Pbp702hsTGDvnm5+4Q+rqasrnVcUusfzeH/wgSrz
gUcgKjmTwwmOYIAkmAEnWOYYydDM2QFgCQibXa95VGurduXlVzANFOiVB59Ax5Z3cMYZH4aqSI7G
NG5orOGa2hjX1sW5sbGO87kcn7LwQ1ydaMLSpeuwYsVu9PUTXXnVx2RDQ03U83gshufgOKiQyYhD
JTI5LBBUc1yW0EF+n19QzYnUhM13DE3LaEJM0gz9lB//7G7vknPOEx7A+/buwUknnUy1qXooiiCV
BEjY0A0Bx5EQCkBCoqkxARYqbr758/jEJ26EY6eh6Sll+tTx/MkbvnAZMy0zTXMHAgn+3+SrqOAv
hkpkcligLAHLYJAAWPpksqMnnMTn1NTURCzLuvij13+Mzj3nPN7d20Uls8QCggQRp7ODADxIV0JK
Ba7DkC6BJcOTjGzOhGubsG0J23ZQLNqcze4TV139UffDHz5XM03z49OnH1HpzRmhqJDJYYFvBobS
tgcKRk24DgHQgTUGgHhyTLKU6es7vmn0qIlXf/J6N2sV1ERNkh3pUmvrGD5i/Dj6w9LHoWkKcrki
sukS0oMOcjkHvb2DSMRSWL16FUBFnHzyyaTrAvF4hKJRnV2vqN988w1OPBaZt2nTruPgdyBXJPUj
DBUyOSxwW5CfSAAsLTgWQYHO/Kb9JnN+7NhqjohUSkq54PiFC9A2fgLnijkCCVjSQ8lz6aavfBWr
3lyCX/3612hsGAWzpKBYkCjkJZKJFuzZ24Wv3fZJXHTheZg5czoXCj1EZBGRB8fK07Sp4+Sppx1v
ADib+aHygegVjBBUftDDAt8MpPMdJphr1KqUA8km0dzz5xJ9q6MjU2Om0/VCUeacdOZp8MCKC3DJ
sUmqCrqLGcw/bSFuuvWruP3OL+L7P/gW3nlnJ4oFF93daTz2+MO4/lPnYvqMFnznu1+FbfWQpros
2WZBDnuuxSChnHfeyQTghNmzv96MylKnggoOSSgAdH7oIRjHfe46pGatStWkll1z2bn81Zs+xkdO
HLsJwMOJ6urSs9vXeptLvd6Ggf28vdArd+R6eXuul9/J9fKmgU4eO6GdAXB9XTOPahnP9Q1jOB6L
MwB+/LF7mHkfZ9Ib2bbf5VJpG9v2NpnLvsXsbXZff+03XjRq9AA4HcMjQysYIahUc0Y2BACFly1z
aOFCjy65ZK4KHHfxWcePv+rKW+vmzZlugdi9+PzTpt3yjX+ftml/n1dVl6JcqQRNCIbnQiHBlmVR
qrYW/3LZJwAHWL1qKzKZHvQP9EJTNEydNhN33fXvuP4TX8HkyeNwxPhW2FYWqqqAPWZBDtm2Lca3
N9ptbc1127Z1tDM/tJToEgPDMzcqOMRRIZORC52ZbWCNJJo7lYg+efLxs//puo9fGjnx+FlQQfZA
Omfk83lj8pR2p7mxjrugaWpERylXINYjLAGyzQLqGhvxyP3/hZeefB5PPPEHzDp6CkhMgRLsPYU8
4wff/xFWrVqFL33pO3j09/fAdQsQQgeBAeGgZJqUTFV5zc0pY9u2jlagXUFlmuCIQoVMRh40AJL5
TZuIWgFcO2/W9Bs+etkFzReed5obNXSrf3BQLXpSj0QMdj2XTMvR9uzrQrS+mT1VkOl5TPDI8VyW
BMrkc/jJd3+ARRddiZNPPA6dnf2oTsUBuCASyOdtxGNx/PAHd+HsDx2HF55/AWeedRIy6QFEYzqx
dEBssxBCVMV1AKj5+Mf/OYKKcG1EoZKAHTlQFy1apPju8NCJ5t449cgJz37r65/75n/e++PGa69c
ZFqOFL2DOUPTo8KIRJhBRKSwrunsOi6EpqDk2lxwTJIqcbZUpEhNEstfWIruXZ24/vp/Rn+/Bd2I
gUiDqkYhSEcsWoVMxuKZR8/A3Lmn8q/uXcxCcRmwmGCxKhy27AIR2SJZHWUA0e7ubOVENsJQ+UEP
fagAwG++6dLcuUREH6mvr/nCVZddNO/Kyy/C5Entpb7+Qf1Ad39E13XWNYNdzwUYpKgKC2GT60kc
eeQEPPrqWsrYRXi6gt7+fpKuhyrPxdInn8LMqXPQNnYiCrkiYlU6zJIDIcifnMEE13YJnsCFF1xG
/3r7J9DZuQexqIJctkgSjKo4wbb7nS1bdusA+ru69klU9r8RhUpkcujCr9Awu7fddpukuXNPT6Wq
n7nmyg//1+MP/XLe/7nti9bo0S3OgQP9UWZSqhIJVlQdDCJV1SAUDSCFdCOCfK6Ej15xETCYxo8/
81WU4EKpr4bWUI20VcDG1W/glFPPhyIUmJYNx2bYFmBbErbNMC0JTyqczUnMnDmPXTvOb6x+g1M1
KlclbNnY6LnFYrf5sY/dEV+/fs8uw8DSNWsG46iUh0cUKmeGQxMa820O1pznEdExqqp++tyzT73i
hn+6Ulmw4ATbsmzq7k0bmqYiWhUHASw9CVKIFCGYpSQBgvRcaIYBxzTRNqYFP73zVtz0L9/DZ445
BwsuOx9Hzp8HQYTMgUG0j5sC02Q4DsO2GSCGEAAkQzIgpUB6MI/Ro47AqFGT8Morb2DGjFHyrbVb
afOm/epv/3OVumNHbweAH1sW9sMnQxsIFLkVHPKoWOcdgmAABIwH8NnTFpzw0WuuWlR3/jn/YJHQ
qH8grauqBl03GAAkMxExM/sHrfRcApil55H0XDC7YJawLAvRiIae3n785/2P4NmnV6C3aMKUDlLR
Wtx955MY3z4RnmdCN1QI4VsZEAOeBMDE+WKRqhMN/MWbr8QrKx+iluY63rGzq+g6PABgQzSqPlcq
uZsBDADohD+ky/4bfY0VfMCoRCaHHmoJ+Mz0aZOuu/7qS1ovuuhcr7a2xuztTRsgolg8wb7bqv+v
IAFiEBGzlB6BVTBLEoJBUCAl4HkuNF1DqWiiJpnEzTd/Dh+95grk+rrxu4eewhMvbEJNdRMKBQsi
7BUM+gUBQEqGgMKOJckxwKlkA2Uydk820/sGCL3xuNFh287+UskdAGDBJxEXlXGhIwoVMjl0QFi0
SESfePynV1940qVfvOUWr2XUKLO/f1Dr6c1EdF2HqunMIAIpUIRgEDFARASWUpJCAv7xKyE9ggzY
gMAQElAjcRQKJgb2dMJzC5g980i8uW4TtGXvQBE6LMuFqghI6YGobH1CgiEluY6AZUoZjSZVIhQj
EW1TqeT2FQpWGkAWQC+APviWjTYqOZMRhQqZHCJgfoiJLlHGT5vY+Kl/utLN7dlkO44Xq21sYc8y
WdUMZgihKAoDCkERRCSCJmFJwk+cQJAESw+QPgcopIJtQsmRcG0LuvAQr4miUJDIF0z0dPcyoBE4
xvlcNyLRKGlShSIEEwEsAY8lEUjmckUy9AZIViQzXMfhXgDd8AlkMNgyAEqouK2NOFSqOYcMFgEA
O47ncfUoNTVqvNq7bYF7kskAACAASURBVA1K6V7o8RowgwSBiRQSqgpV01lRVAihQhE6FEWFf1uB
EApUVQGRBtNiFCwbxC5iEQVGxABAUBQVnnRx3DGzqat7M5585n5KJlrJLEoUCw6y2TxlMnnK5PJU
yFvI50wRi7Zwx+699ovLHhIANjM7WwHsBdAB4ACAfgB5DDuuVTCCUIlMDhlcAgCkCKFq8DjVMo49
EUPvrk2cH+wTzROOhhaJQXr+NAuWTIqigoQCMCClB4AgSECCYFoOSkULYImqqA6CCtd14bk2mAFd
15HJ5jFn1lT+wqcup9vvuoF37tqGs0+/jmtrG2Q8XgNFVUl6DNsuca6Qo82vP833PXBrbM/eTW8D
+L3neRn4S5tB+LkSCz6JVHIlIxAVMjlUsHgRgMXELAlCIbOUp0hVEuPmnEZd72zEnvXLOdXUTqnR
7YhU1UCQCukGhRJBEIoK6TmwS0UUCyVIdlAV00BCg3RdOMFjhSB4ksDM0DUdhUIR1111MRobUvjB
nT/FCy/+SkyfeopoHT0ZsVgSrmujr38ftmx/HR0d64oAVgmh/lZKdzeANHwiycFPuHqoLG1GLCpk
cmiAFi8Kcp1QiD0Jw4ihfzALIRS0Tj8BpdwApQ/sxt5NKxFL1iHZMAY1LeN9EnEdlEolFPIFuK6D
aESHqkbgug6kZ4GJIQQBkhDELwD7CRFd0zibz9EVl5wtm5ublCuvv6Vn5arF++CPxyD4UUYJwD6A
NguhrpPS6YafcB3A8LKmghGOCpkcIli0GADAkj1SNBX5XAG1qWqoegQDvV1I1NSjdfp8SNdCtmc/
sj370b93O2pHT4GabIBVKsDQdVTFo5DShedY8IOEIEnLADP5GwXBAxGYQaqqIZPJS4UgotH4AceR
jygk6qWfxvWYvaLr2lkp3YyUTkgiafgk4v4Fvg6Cn++rVIP+jlAhk0MFmxcBAJWKRYrE41ix8g38
6pcP4Bf/cSfa2lqRzeaRHeiFqkVRM2Yy6hUVdj6D/t4exKI2amtrwZ4D17XBLEFEAYkEEjgQiPxq
csglDIAEmJkpYhhggDzPMW3b6oJ/IFvBpyvB93VNA+iBn2gt4IMlExF8pPADe/D3XxlsOoYFcKEt
ZPjehOEoKvz7++VtKmrc/wdUqjmHCr6xGAAoXlUlMgMDuOBD/8Bz5s7E6Wctwg//7SfIZPNoGTMG
DY11YM+EbRZgJFJINrUiEjFAkHA9BywliAHJDIYEEF5KMPtDynnomGKwxxQ8XkIACoksgC0A3gm2
7WXXd8MvBafhL28+yPk4BF+CTwBqAYwLXlsisF14n8eXXy/f10OyUQ66bQRb5ST7v0CFTA4Z+JGJ
aVlUVRXHK6+uogvPOxNLnnsIY8ZNxpe+/A1cccW1eOKp59DTOwBVKHDMPGwzD9e24Hm+bF6CIdkD
syzbQhIJKcSf08UMSGIwAYLgRyxClOCXeveUXe4H0AVfT5KBH5VY+GCikvDAPh3ABQCOB/BzAFcA
+BGANgCzANwHoCF47EeDx4S2kEcBuAHDZPFZAGPhRzcGfCIaB+AjZZ+70mryP0SFTA4VfAMAQMxM
kAAz8SUf/SQeePARLLpgIb7//W+iobEBt9zydZx62pl4+tlnEY0YcG0bgIR0HUjPA3suWHrB5hMJ
AlIBM4glKGQSZtAw0TBAYCJrgV/u7YFPID3wb6fxXiL5oPIZYfQwOtjGANgIn0i2APg8fDJYCJ9o
RHB9MobJpBbABAyXptvgk8kM+KQxPXjtYwFcC+AcVJY7/2NUyORQwTQ/Axs1DMrn8zjx+Nn0wH13
Y9myV3D0nJPx0IMP419uuhErVryMxx/5Lxw1fQpKpSJAEq5rwfNsSM+BlK5PKjKMTrxgk0HTn997
M5Se8CkEvnMJQ0jpLme4NTXIwCePUCqfg587+aBHf4avZWFYOZsL7n80eL/RAB4D0A6gFb5c/xUM
z+bJAZgG4FYAPwweUwVfvKMCOA9ACkANgH3wI6DjgudWljz/TVTI5BDB4kUAAPI8TwgVSGfSaG8b
hScfuRff+eZXsHzFyzj+pNNx6SWXYumy5SAA/197bx5nx1ne+X6ft6rO1nu3WlJrsRZLXiTvsg3Y
GNvggA12nEloXTCLgSSGZC7cQDIzn0/m3tvS3E9IJiFAwpDBBCbDkpDpDpBgBwcCkW2whbGEFy3W
ZsvWvrTU+1mq6n2f+8dbR2oLTwaDB7Xo+n4+rTqnTm3n6NTvPO/zPkuaNHDW4lKLTROsTVCb4Jx/
7FyKcxbnFLUOtZmwuOnDH+d9Kuods84Yh8DIyKko1piff9LeBF5c5uK/wxGwI3v8b4DN2fWUsu2L
wE7gK8CXgD3Za03fznh2jE3APwOP4YUJ8jq1PzG56p4jZFPDiDE4awkCkYnJKeqNhFtefz1vecst
PPHEVjY8tJHBoa+yYvkSFi18HUnSIDSKcw61Dtf0kzjrhcRaVFPvR0FRp6d9KOpoTvioKgiY05bC
z8un0DxPGWjDW0O34IdXdwLfxYtZgHcGfwy4DbiJ09/vMn7YtTtbV8RbOecB78EPi/4aeD3wHHA5
8Lls33z6+SckF5NzhcwyATWoQ1OngREKhYCDhw+hKly4YjlXXXkZv/fhDzA+McX42CiBEdIkIQgc
zuqpoQ3OZf4Rl1kimVXStEKaWcHOv+6y2Z5ppuzPy6fQzOH5Ln76dxw/HOnCD3PuwztPt+J9N7+F
dwp/JnsO3scyjv++CzAIbMNbJlcCf463VibwFsk/AE9n+/7viJP5hSQXk3MLcYpx6nAuFbUpSZLQ
3dFOFEScGBlmeOQExoQUoogwDHCp8xUCEueHM+oQUZIkJm7UcNMcsOpSrLU4m+LSFBGlUPChHE1r
xc/r+Gv5Ob3n5vDpuWnr7p32OMBPSTfZkC0fnbbuaPbXZGO2fCT7a3Jo2uM85uRlkovJOYaIKs7h
rPWh8eUy39v0GM7CDWuuJcFiMKha0tT5EgHOYY3DOQeipHFCEAT09vbiXEISx1gbo9anzpgsxGti
copadRIAZ60IijNnLUfPcPoGL/Bix2zztWbMSYz/bk8PWgumPQ/xw5dm7x437XnzOLlF8jLJxeTc
Iot3V1KbEoYBL+w/wG/8ze8zdnyC+z7yOa6+fDWTtSqFqIBaxalB1OKs3zW1CeVikbHRE2z4zj+z
Y/cLjE7UiBMf0BYGhnLRsLivhzWXX8TiJYsZHR3LYk8Ugzlbv9bTVezMXJ/przWjYKeLgZ7xPJ22
nL4+z2b+GcjF5BxDEVG1oD6itaVSZFXHCiaYpKu9hXqjjqaWVGJEQW2A0xRnDEmSUCqX2PHMTv7z
Z4ewlfksX3Y+S1csYFnfHEqFgAPHxth74AiP7tvP17//AG+7ZRWvf93VJHGqYsTXaMzJeQlyMTnX
ED8j45wlTVI6W1v4i/f9R8QIHR3tNGpVTBBiE4cIpFbBpWhgaDQadHa28cA/b+Cxrfv4/T/+D1x7
1RWc39fO4oo//JiDZ4/GPLPneT72B+v58tA/6etfd5WIqnfaBhKob9+Vi0rOi8jF5FzBTw2LOBHn
LEEAzqZU6zXKvuUm1VqVMPR1S0TEZ904AZfg0syPkvhRQG/vPL7xV3/OVz5xnL5585nT0UIYGEYm
qhw5fgKrCoVO2js7JYkbWCOapomKBLFkxarP0ieRM0PJxeRcob/5QEVUGR+foFAqIiLUazUKUYQR
g7UJYHwtaRRckMWU+JB6EYjrU6y+8S28/V3vY/yFLbSYlDbqBOKoSpFJW6Q09zye3H2Ix/7yw1qr
1VnQ1xuUy0WZ39uzcuSZDe3Sd+WUqkpuoeQ0ycXkXCGzTKxzIgaOnzjJ8/uOcMOrr6BcjKjH3hox
YhARXzsAh5IFpzlfutGmCSjUJsap1yaZv2gxF5zXx7LuAgWBQ1OWPQdHOTwyxeTIcYLASN+8TvnR
0zsLf/Tnf9248/abXk2reQfwX2F7RF7LNScjF5NzhSwCVtUpzhIaoxMTEzz4yONccP4yFvTNIQgM
jdiSppYgCBBRnEZZDIlOC05zRMUiJgipV8cZGR6m1VUoFQNOnKwxNVn1dWDLFcYnqvzBx7+kT+08
Ir9251vcu+/6ZXPw4PCtg4MDn4dabpXknCIXk3OFfmAIMSYw6qyGAVIpFzUQw5ZtOzl8+JjOmdMp
ffN7KRYiUutwNkUlC0IzmiX5pV5QrJ8FDaMCpXKZSqVCqWAol6FQtLhGQ8uFUPbuP8K1V67Sv/rM
/ynzezokVaRULrdMTNSKMFE7ux9KzkwiF5NzA2XbNgBN09RZm4o6p7VaXTo7WrSzo0XHJiekWqvx
/L5D9M7pYtl5CzEGVHzinrM2S+xLUee78fkJGoe1NvvTLALWaWiMTFVreuVlq/j//u9/K2MTVT06
PCpzerpcrdqote0rNzZv3pU7YXNOkWcNnxsIq1cDmHIhCothkBYLYTB3TgdT1brGcSKd7RUNQ9FC
GHDi5CiTU5ME4sVBnfWJfM7XM/Hh8c0yjZKVcMQvjVFQESMKKqqqx4+PSJykUqmUEgUzNjX14Nr1
6+NyuSsXk5xT5GJybqCydi1A9cDh40cf+eHT4eKF3bVLLlrizl8y36RpzPjYpIZGpFiMAKdRYEjS
+FQCn03TrHdOlmPTzARuRqVLpguqIr6hMGCcCFJpKakYJsqlYmutUXv0xFTy2cH+/mD16rW58zXn
FLmYnDsEQH18svbh3//Dzz/56c/9fStqkxXLFzSuvHQFPV1tptao68nRUS0VQqlWq4BTcOqcxeBU
cFqt1jRuJCpBoMYEKoh6UeH00jlEDMYYUJyi9dZKpa3WiJ/Uhrznta+9c2LbqlXTlCgnJxeTcwkL
GFWesuO1Wz/6Z1/5b7878Bnd+NiWYkd7uXH1FSsaV126Qlcs7ZOpySlvdbhUrE0FHI1GQ2r1hvR0
t0p7e1lsEksa18WpijEGIyJBECDGp/mlNpFGo04YBUFggmKtlnzp+LFjd5x/5Rt3b9gwEK5fvz7P
Y8l5EbkD9tzCiWCAo6qDvy6y9m+f2Lrnw6+79rLb7nzza7jikvPTlcv7khVL5pnjJyfCqamaSKFA
GtfpaguS1krZ/sM3H5a//tqD3PyBW2np6CGcOmpsmpo4iTESkMapIkJLe2fcNWdu4dFjoweT2sTv
nH/5nV8DUB0MRNbmGbU5P0buQDs3ESDUTfcmcvX7K8AberrbP3DZxUtff8uNV5UuvXgpSxfPd4VC
0IhtSUQSee6554tfHNpAWGynu7OVx/clvPmu3+DyC1dw0fIFLGmPiAwcbyg7XjjB1t17+ZdvP8A3
PvPRPwf9v971rne1fPGLy2siuUWS89LkYnJuEwGJ6gZEbga4Bnjr0vPm3XbF6uXLLl21pPWySy5h
4+Nb+eLf/uNTjST80jOPDdr2jta+d773d8NvPfSjJRdcesUl8+fNr8zt6ShEQSAnxyeSQ0eP157b
s2v/ySOH/o4O/kZHN02JXJ07W3NyZgHhwMCAyRyo4GucvhH4j5VK5atgBoBuHRh4qX0jfC3US/D9
ZVbgK7dn3f5ycnJmIyEQDQwMGB0cRHWQgQGMDgw0p10KqgOBbro3uPFGQiDsHxwMBgdPF5Ee9EvD
mjURXmhy6zUnZ5YT4ds5hPgyh37mbsndS5n79nnZNk2haLbKDMhn+HJ+SvIvzi8uCacbh8c0haMz
WM+C0q0ALLmx2aSqWQPVkpcuzPkpycVkdiCA5YK3zyEM34opXAPAC5N5T5icV4xcTGYFa3w8Ubn1
bZiogupNrHz3QtjsKynl5LwC5F+kWcHmFPoLGL0LmzpELqYSXu9fW5O3v8x5RcjF5BeeG30Xu1Ut
r8VEV+HSGBMYTPArQACbcx9JzitCLia/8Mw1gCMyd2JEELGoTRB5DYvfNo8s5+csX2TOLwD5l+gX
GwNDCRe/fSVB9A7EFDCmjLqIQmUpPe1v9ZutynO0cn5m8i/RLza+TICEDZz+Fo1qC8Z8DPR/EDc2
oelBv9n2PFQ+Jyfn5bCqwBW//hxXvu+XsxW5ZZrzipFbJrOCfj9js7zUiVDEEkF/wCIKHBjKi0Ln
vCLkv0yzgiEHQ5bUJqAGRx2GLAeey+uS5Lxi5GIyKxjwofSV0IAYjPWRr6uW50l8Oa8YuZjMJkqB
QSXERF5Mtj+X1xjIecXIxWRWsN1bIONFQdQQuHx4k/OKk4vJrGDIWyClEwYkpJYkAGvuuQdVNaoq
gDmjwFJOzssiHzPPDgRQVt0931SKu7qK4Z13XRU8+qlPfd3AgTNnc4yqIiJ5mH3OyyKfGv4FJLMu
os9+9rNs3ryZkZGWcHDVJxqd361Uxkbr0YlNjxz51CPbGnv3auvSpcxbt26d7tq1S+6++27zpje9
aVxEps72e8g598jF5BxHVUVEGBwcNK2treGePXsQEYsvjtQkQdWMffL2kZU3Xn7gff/2//lVGduz
9QePf+3unTtaLjLG2Hnz5rFnz55SS0vL9m3btn1w1apV+/FtQ/NxT85PRD7MOQfIhh0AbFKNntu+
Xb733e/Kpz70IYuvpPYiRlTLrSnXfvvb3zQPP/pocvnq1b+MMZc/8cQTDYNc09HRPv/o0cOMjk5g
beqiMJJyS4XJifF4/vy+4hVXXDF4wQUXvHPN1VenLyUmSnPclH+Bck6TWyYzFFUNN2/eLPfdd5+K
CP39/To0NKRXi7woj0YnJ+ds3rGjWq1WL2ltbX3vpk2bxj790Y+uOu+8pa87cuigq09NycMPPdTp
nHeBpGnKieHh+tx583TlygtlwYIFwZzeXu3s7JLHHntMHnrowXoYhm+eN2/eWwW+ojpgpvfKGRjY
EMqDDwKZkNyEI+/ul0MuJjOODarhX6xda0Qkbq47pBr0QXT//febG6677k27Du7r2/jwIxONavXy
L3z1q+/av29/7eiRw93t7e1tk1OTTE5OsHXLlrRQKGpXZ4f0LVzU6OzuZdHCPu3tnRstWLCg1NXZ
QaVSplQsnDr3ypUr2bNndwNoieP4GuAr69ZhAKeKrFunsn69pIc2bar83bEO+8GFe5HL35gyMGBy
QcnJxWQGMTAwYG4WSQFGpqaueHrTprYfbHqysOPB77/94aOH52zf+Uy4e8+eW22aBMeOn2B89CRP
P/0UYRASFcs6NjFZb+/slPPOv5g5c+dFPb29dLZ30NXZFXZ2d1MqBKBgBALjsNZpvRETBAZAQyNS
iCKt1+sSx3HdX9WDAKxd22+GhsR++Ttb3v+Hjx258+Cx5yblqpXRF+774R/ffce1GwcGBkzef3h2
kw95Zxhbdux6/3e/9a1XidqbrHO9e/c+j0FbnTriOGZycioxUSHt6Oigo6fPdHW2h+09c7Xc3mO6
O9tMe3sXUVggDAOKxQgjYEQRnIZGKIQBYRgSBCFRKFIKQ4wRwihUdVb+0/r/VI/jRuk1N9zwJ79y
xx3/vr9/MBgaWmt122Dw9eFVHxh6ZM/Hd+0fKRRDQU3AqsU9e2++ou/2d95y5TODg2rWrpW8SPUs
JbdMZgCDg4NBf3+/ve+++z74T/d/45MH9u0zYyMjjsDYoNQq5VK5EZY76Gnr5MI53cVi25yoXC5T
KlUoFiKK5QqBgTAwmjiBNCG1iaRpTBQEhJGhEEXiCLAIgTqcs6TWUJeU0IEDjQIjIqKqemoWZ906
gqEh7DPtN1z/2Pe3/9ETOw5RLkitlhpTi5PGTjHLLl7Udo8O9n/4pk+vk9wpO3vJxeQsc++990Zr
165NHnvssf4dO3Z+4qknn0hau+e7OSuuKRY7esJSuVUrLS1hVKxQKBQx4igWClqIDEYEE4VYZzEm
oJGkEhmBKCAMDA4hVdAEVBNCY1EXYg0UQsVp4GNSghCnVlDnp5qNwRgfHL3ucxsDHRjgd7765CWb
XzheKBVEgiAsqyotxSicqNZcoVS5kMs+0P7QQ28YY2AA1q8/y59qztkgF5OziKrK2rVrnaq2fulL
X37fs3t2m9aeProvvKFcaG0nMiFRaMQCAaiKw6kyMTUhYpXJqRq1ySqjx8ZQjXnVDVfQ2dGBJta3
+3QODQIwCmIABWtRCSBVAk2BEOdSotAgEuBUVVWx1irAtm8dsHz9tyurd7S9feOuowVVYmudAqjQ
qJSL5fsf3vKVD/3Ke8ZYNViQ9Wvjf+Ut5/wCk4vJWWRoaMgMDQ3Zp556asH4+PhFSdzQtkVXBlLq
II0TtYHDOUMUGBmdbMjIkZNMjo0wOjzMxHCVifEqaZLQqDZQUZauXEJHZwdxkqIS4pzg8FMxUTb2
cFklRzUBDgNiiYzDmEhJrfg4NQCD6oCsW7fUsGBR1NhyIsqC4VSMimCYqiecv7Asv3rdyvjbH4fB
datZu/YsfZg5Z51cTM4i27ZtU4AHHnggrdXriSmUccU2jdOUUNHAYOLEIiZgy2NPs+vxbQRicFYR
A4IggaFQiDBhgE0htUocW8QYNDBoqhD4SRanSuAM6pTQOCINUDUQBoikosZgHWpECESdyHoF0nX3
PBMmVouKBkawOFEnLmmtlMuXLOl5+q6rex96B9Dfvyq3SmYxuZicRVavXi0A7e3tJo6TwKnDpiqp
BaupRCZSo1YCa6mNVhGFsBThUouIQdWhCtZaHIq1KWlqsdaRphbnHBoahABVQBUJwWGwYsApYoRG
6lBVLZhUgtBIYkVTR2X/2Fj30UNxkQ5bP3+R+W5fd8vCPfuqbZWSSCOxlEqBW9hZ/lvpXnB44K82
lESkfpY/0pyzSC4mM4AGoOoQEIdqnKSEqCKpMUBgHRhQBZdmvhABUFAQ452x1ipJkpJai0kDgsCH
4TfUYsSRWkPklMAIZRsjITQSg1El0URqAnfcfnuhUavK/Hlz75KJieu7Ky46ONkydfPVS99biNzW
//oPT9377MGTcaUYRuOT1eq/7Dh+1yNbD9Svv2TRJwYGBwvr1q6N89mc2UkuJjOAYqOBMUZFjCbW
SagWQDRVAlFSC877PH2Ojhg/jFEHIqfydmLriK1D1ZGkKaoGRYjEEUUBbaWAUpASBSGhJN4yweGs
xRioVeuk1slkbPRHuw70TiZh79hULX3dFcuY31W+bPPuE69zplBwztWcaqFUkPIzzx9ddf8Pnv3D
QyfGdUFP+ycZ2BDq+pvTXFBmH7mYzAAaxSJufEJEnaTWYmOlEFhUQ2+BpKlPqhNBRU8NWfwwx4uJ
MQEIJFaxiUOxGIRSYDmw43GS2gSdnV0UooCWlhbCQpFiucLweMyhkRqHRmocG5nk0EjKvuEaV66c
b9/+xivtwZ0vsO/wSfeDZ2uf+fuHt7fHqXXlYlS0qVMxghAnf//9bVptJH9638ad5o7XXPjx9afz
AHNmEbmYzACK2VIRnAN1jlQdLvC+EIzBWgXnhzgACIgYBMGIITBCmlhS60iTlCiKOHToefZv3Uha
HUeCkFKpRLlcIYoi2tpaKHX08tebJphsOCZqqbRWSqxY0C2rL2jXN79qRbBq6dxg0/bn+cwDz3B0
whbAaRQE4iyYwKCqYkxQbCniHtj4TLL/2MjH/uCLG2Ttaxb9l99/4ol0aO3aPBp2FpGLyQxBRVGB
1PlYEIxDVAgEApcNZ0KDCQJULeoUZ70DVm2DsFwgVaXRSBGrpAr1Wp19zz9Ha6VEW3s7Not8RSJ/
DAVMRGrr3HP7lfqqixaKtaoYaCsXdctzh3ls5zEOjia0lCK1KcY5J2JEVTNLyammYDrbStHWZ4/G
QRB9bGFP2+jQ2rWfHxjYEK5ff3Neb3aWkIvJDEHU/6k6Uuv9GEHghzWxDUjjGFtvIAgEQhAYSm0V
2jsLlLt76OqbS0tnK2ma4pzDxJZ6YolTSxLH1Ko1kiTxVo91iDqK7Y5GnNJIUw4OT8gPdx4Ep7Jw
Xget5QIbt+3n8IlxWksRjSQJfN9z0wy3F0BFBFXVNHWmXAzs0dGq3fjMkfMA7j+8K3edzCJyMZkh
qAgiYJ0jTlKKBsB5P0hqKc/pptM62ns6KHV30tnTTmt7K6VSQKlcIQojxKU0khQjkKaWOE5o1OuI
TUid0tbaQqNexzmoFALiOGXloh7uuP4CWksR1imFMMA61ecOj8i254fViCFNnRgfqSag4oNpRUUQ
BSdgfE6PGFUXDI9PVQE2n9VPNOfnTS4mMwRBURXi1KEBmfUAhAKppeeCZcy9eAWloiHAEIYBgfEx
I/VaQmJiwjAg1BCDEoTeukEtSWwpFApUqzWMMThgqmposQ5F2bLnCIUopFIq0tNZYm5HiwjCyGTN
x8OKgKqIGG/1ZBFzzqkaY7LMQBVFXRSF9HZVSgBryAVlNpGLyQxBgFSVJAUNHeAQAVJBFQIjiCoN
JwShwVpHGBoC4wiNAWMQpxinPlgNaDTqDJ84QVd7K0E9xDnnh0fAVGAIA2Hn/pPs3Hec3117PQvn
tHFyssbYZI2d+09Sq6cYM21ipukn8Zk52WPFe3uM2tSZYhS4K1fMr8LLFpMQsNkyyNbFgAOibNl0
6Bbw5Sqn108pZK+f6fQNeYnSlhkm++hzR/ErQC4mM4SmF8JHwToQRyiGNOs4oRi0WXXVCeAgBQ0M
4FAL6kw2JaxUa3UqrR2sXHkRI8OHqdVrPi4FcCpEgSG1KS2liHoCX/rOViam6kzV6pl4eQvGiPiA
OmmeH6Q5PY0KgjMYnHM2DMNiWySHTWi/BdDXd4+F9/+kH0Hzhk94cTFsOeM5eJE5kzPXNXtCpWc8
1+yx5cVilAvLz0jehGuGICiigrUW66zPsUksTiGxjiRxPkzeWaz1U8BJtkxTHz6fOkeSOiQwxFZY
ev5K7rrr7bS3d9Co10nTlDiuU6/VmJqcIklTqo2ERi1mdGyc1oKyenEHt17SyaULizj1VomqnCpq
rdoUEgBRVAT16lYohHLFBQt2/8aVSw8ArFv3E8eaCHA90A68Bfg94DeBxfib/1ZgdbZtAbgDWDrt
OcDrgQumrXPZkntwwQAAE/FJREFU37VA67TnymnBuAC4NHvctHyaVlHOyyS3TGYMfuYGIE5SCgaf
+dtwRJH4r7gFRFDnMMagQYBTIDQooZ/uNTA6doKpky9wrH6SomaWRhAyMjJCuVymvT0ksRGtpYhf
vWY+Ba3T0xJSDFNwSjEK+Nb2Bs4pofEuk6aQSOYo9sG3QmodUWh0op7IRfPn1Po6C59l3ryTNw5s
CCUrQfm/wOC/h3cDfwG8G/in7LU/A96b/VngLmAJ8IVs++ezfQ3wcXyNyd/BWzJdeDF6CzABHAM6
gUPAecCzeBEr40N95uGFZv/L/7/LgVxMZgwK3jJxSmqUwClqLUaEJDWgDgkgdhCFARjxVZ6BepIg
ySTFcgsSCRMHd3D8ucdJk5Q4SSiVShSLJY4dO8b4+DhTU1N0dXUxfPQg83rrnDhxkr1JSrUe0zd3
DsXO+ew6mmKM+qxiHNPrp3lRCVRxagwmca7R3tpS7GwJfvie29bcJz6+/+XElwgwli33At8ATgB9
wFrg+8BtQAVYBjwNjGbbV4G3An8KrMCLTQG4B5/21Alcjbd8jgEd2frtwC6gB/hwtr4M/D1elP41
X0vOS5CLyQzB36pKYr3zNMXXUox8sWcSY7BOCdSS1Gq4VIlHRrCTk6SNBi6JWXLtVYRzu1Bbo1Jp
odLSRiEKSNOEJElpa2vlxIlhJqemGBsd47vf+ReiYplyqcTChX30LVhIV3c3x+ow2Ugx0nS+mhct
fbCbiioqBlyKFguhu3bV4u0iMkH/YMDQTxz92jxJkC3L+Bv8BN56uAAvMDuB1wLzgSez7ZrcAuwD
rgQuAxYBm4D7gA/hLZEHga3AB4H1wL/HC1EH0AIMZce+Ots2dwG8THIxmSEoZEMYSHC+MBqKWAui
xMdGqY+MQq2GnZhAU4em1ifpCTgTEtfrpA6mGqkvmlSvg0ZUKhXa2iIKhQLLli3NfC4WYwy9PT30
9s6lo6ONUksbraWIfXvGSVW887UZfSuCc+oFRry3RB0ioThnXTC/vWg62kpfABhY1a8/ReHGMl5Q
mrMyXXjfyL3AG4BvAh/BWw67gYXZx/ZqvK/lEfzw5lrgeHbMDry/pJ6tE7xFE+BniNLs8QQwlb2e
WyM/JbmYzBCahZgFJbV+ijcIBau+zEDj4CEah45ioghQxBhEIIgi78cw6odIVkkadWqTY0jgp4MB
ioUIRCiXy1QqFVpb2imVCxgTUK6UGB4+yQVz5rJwwTyObj6Jc0IQKErmI9Es3IRsZkdVVdQIWBME
wRUr5+9+x1WLDrwTgHUv5603x1DP4a2RcbzV4ICHgO/hhyg7gT3AM3jxaH53FwFfy7Z9Evht4DHg
TuB1+KHMGF5QqsBh/DBnH15YNHveyJ4fnXZdOS+DXExmCD42zE+MiIjPo0kdkQFNnfe9FiIIAsis
BVUFZ0HEFzxyzgtR+wLc8AFOHD1OR1crYRQShgXqtRrWprhKC4VCkUZSJ4kTatUqXd0dzJkzh2Kh
wEQ9xnkZQcUv/b1lTsWYOKcSRaFO1RrJ4gVzy0jwP6Sz84X+wcFg/ctL8POjOviT7Pl/wFsN06du
/yhbfvAl9v+7bBnghegPs+c/wjtWJ8/Y/pPZ8s9e4ljP4y0cyC2Ul00uJjMIzcyT5qyJU4hTR9is
jKQO1A/lBZrTLNnegqqQJDGVvgsp965g+NmnGD34OCeH99Izp5O58xcQmJA4blCtVVmz5mpWrbqY
9rY2wtBbPMPDx6knLjNFAJclDWWujebMjk/RccaIUG9Y3XdstAAwNPRTv/2ApmKdnrptOkGbc1kh
p6d3Zdr2TNun6XtJ8cOe5vPmNHXz+M3zNT/A5uPmcXNeJrmYzCBEsoS/ptWBvwMS5xAnmb9CTgnJ
qXIEgDGKc0psU0KnhIUCCy+7juqSCzn27DMcOfQMJ0/uoKurnfl9i2hpbWfRwgUUAuHQoQOMjY7q
2GSdk6PjTFQbvviSU0QC5FTovJzqYy6IZLVURFGpNZy/mX96NbFnLOH0Td1cN91a0DO2OfM4/jJ/
PAjtzPNMj4XRM57nvAxyMZlhaNaVQjgd1+E7Yqk3EFRPTQn76RRp2gw4Vaz1oqJxShrHFFo6WH7t
jTSmrmXk+ScZ3fcEU7t3MTZyjPuBNKhQb9QJSm3S2tZOY+wYSdyOSBHNrCR/HVndAbzoOaeEITjn
tBgali/qFIAbB35bHlr/05snrzC5MPwcycVkhiHZDZwlwmQV1TJLXE//cCr4fJzmfqrESUpkfeB9
6hyBMSRxjLMJxULEokuvh1XXMHFgO/H4SX32pKOr3XDeomV0loXOjlY625fKcw8fckcOVKVQDLEu
i047PbTIzn/KMStRGNDbVhKAuatvym/gWUo+lz4D8AWls342MM0P4teJtwxQY9DmHaxZQy1rUWcx
lSJEBeLEV6dPrMM6i+JzcZLUUZuc0DhJtXXhak3jqgy/sFVk4gVp1TFpLRo5MTzMM1u3pJ16kmIh
EOtUzalreTHNoZZTJYpC5vd2KMCxbQ/mNUxmKbllMgMo0vzxl1MeQFVp3rHZ0oGzmNCgUQGNAsJy
Ce3oRIoRpZYSFAs457RhoRCBM4Y4cQSB4hCCIBJfzs2SNKqMHjugO+K6TExWXWtbS5KmTlpKUaGl
Zd5kpdAeVRuu4IPU1JcucO5U8epmBrFTJQoNC7taBOCmm+ChvDvorCQXkxlAo9FoOlxP2SdG1Ofd
qB9SBL29UKlAsYBUWtEgwBqjQSEkCgPUKWmS4IyRIIyIUx+jUgp9SHxkpwgbU+psnIiNZX5fn9rq
MAdf2GuNaKl0slDs6OxxV111/fdNe9/n9+9I/2DPoRN9qLUiJlRf0OS01SF+aCXZVaep94M++ODP
/ePLmSHkYjITKBbxQxqX+V2z2ZwsqQ5UtaND6OhWbU5eOMShksaONPXJeUJAySWEcc0FAbQlkwTp
WGpsrFqfBJKgpRQVRB1OhItXLtfLV19cOHr08KGurp6nXn3dqx+5+c23f+6HTx/v6j26K9i5/xhR
4OupCUacTrdM/PWpiCJCGPoRc26ZzF5yMTmL9Pf3K0BorRoxomq8X1VQwanRUyU4xDlRxYpvuKUU
JEHEaRgIZdOgJR1LJIm1oDUpShziEiNpTLmlUmhtqdAyvw9rXexEHr/ooovKYHZu2fLk0K233day
dPHi3cuWLXtsO9vTedLqHn5815IwEBV8mJr1WYhnWCaSJSdOc/Hgk1pyZie5mJxFhoaGBKC9vZ2J
yalGIBacI8WI0QBVJBBHYITIqJTdhKJp2qp1qTDpjE1U0inUJqa9Uiq0VEpIGFKtSbW3d1Ha2dnp
jg0P/8OcOXMPXHvNmpY5Pb3bH3jgH7/6xje8PozmzZt4t7yt9id/1AwuxWz4qw0FVW0kSRI/uOOo
c4o6OeXNeZFlklU5ET1VMslz04M+rj1n9pGLyVmkaZncfffdfPlv/rbt2Z3bkyUtw8akYIxqyTip
uNEkiCdTbEzJpIVSMYiMS8EEFMsleuYsobOzi4OHDn1nydKlJ1ZecLF96ukt/33lssXD1113nczZ
sOEJWbv2RdO1H/nIRwAYGBgI77jjDpmYmNCbb745vek9NyUiolodD1pKxQjvtvX5PWKmO19VQNT5
AizqcKlqCrB99fF8aniWkovJ2cUNDAyYkyc5uGzxwm9sX7D4t/a9sLd2fvkEzqZq07oWC8ViR2dH
1NI6h6lqvRpFhd1Ll51fqddqGw8eOfy9y69aE73qVa+K580p/J1Ix9hLnEMGBgZO/T+vW7fOkoWM
i0i6fv2LHBwWBgzjx5/bs+/Yt8IwfKdzLhaRwM/oZJXWsqr0CEadaBAYY8SXBDi2rTefGp6l5GJy
Fmn2nFm3TuJ16/R3rGph+46dv7732WddqVSSJcuWyejYxPdPjox86zXXvabbuvTBXc88v/nNt91Y
Wrx4xX4Rif9k2vHuueeeaGRkxAGsWrVK1q1bpyJi169ffyoMPROPl7QeRIRV/QOhzD9/ZNHaT26c
293xDrUNH/rii9D7yWpFRYw4Z21UCAqj41Mnjo/WNgI8tP7BPK9llpL/iswANPNtqmpx3759V339
vq/bJQuX6PXX3xj19nbtFJHhl9jNfPCDH4xuu+02Vq5cyYoVKxryPwkwezmsuefeaNO996S/+af3
/97ug6N/PDI22QgDiuD75mRT2E5MYKxNG2GhWGwk+uiWv/xvt8L3J7OswJxZSG6ZzABEJAt8lTrw
6Jmv33333aU1a9boiRMnLODWrVsngBWRxqc+9alX9FqW3/JaERH9s6//0B4ZqTF8csI35lKf1gei
iIhNrYZhUKhW6/HShT2XfnLzf7/zDWvky/2Dg0HeY3h2kovJDCL71Q+Hhoa0t7dX2tra5L771qTr
10v9C1/4wqntzvBzvKLcMlLTISAI1JnAZNVLTuUZKqigioo6AeOctUrYtnXf+Brgy//bLixnxpOL
yQwiG6ac1aI8XV1lAbhiWV/p4ScPinUWkUBUUWMQVVER73m1ihbCgPHJmj6wcc8o/Ez1THLOcfJE
v5wX0d+/KgW49sLF37xoUeeRYrFYsFbTUwnMqljr8L2FVQIjUo9TUWfn6733BAxty30ms5RcTHJe
hIg4BtQUCvL04rntgx0tRbFOrRhzKuEvMJJ1FlYNwyCamJywV180792897+sgvVOVfPv1Swk/0/P
+TFu5EGDqhwbq35zTlsR69SI+DqOibVp6pwVFWnGnACapC48nvhueGsZmq2zhD/N/dRMFH+ljvdS
x3+5/FTnzcUk58e463CbIKKXLp1XKhUjrFMMIs452irlqLOlFJwqR+AQFRExQkvF799/di//bNKs
SSvZMsrWC6c7Dwa8+L5rVrwKON2atNnlsBmz09yneZzpvs6Q04I0vel7cx+dtt2Z13ImzX3cGeua
+5ozruNFx8jFJOfHOPT2CQVYNr877WgpOXVOxIhLFTmvt/WJN15z/h41ASJYRNWATlRj2b3nuP8V
nJ1O2CJwE6cLXjtON1xvFrhu9jOefrOuxHcutJyuS+uy7S8Euqft0zzOdCd9ymlBSjldLLu5z2pO
9wg681qa9/9CfO/mZtHuy7L30yy+3dx3er/m5jFOkYtJzo9xEzcB0N3SYqJCJOqng+NSuVWfevbI
ULEQ/ruu9jZJVGNUCIyRyWpdd+0dVYCh2TWl07QMPoTvBrgY34VwEXA7vqlYD3Advn3pq/EtTsG3
O/1VfEvT8/GdCSP8zX0z8H/ge/28JtumBFyTHSPANyp7Hb6BWTe+4+EqvACswLdWfS3+pn8jvnNh
O77J++LsOP8Z30I1xHc+/DXgVdl1uOx4N2Wvr8z+eoAbgQVM05B8ajjnx7j5Zkn7+/uDeqH+1L4j
I4+WSqXrU+scJHLVxYt+6Xd/7dpth0Yax779w/EuwBpjzMmJmvzo2Rey8Xk/s8w8UWAusAHfBOwA
/kYM8F0Jl2fbLcE3Rq/j+/Z0Z9stxouCxQtNHZiT7f/WbP/x7Dwd+F5AF+O7FXYCl+KFpmk5rMiu
Zz5QA34dL26LsnMqsAbf5bCKF5Fl+CZkl+Abnk0Cv4QXk0J2DcvxLVY78CJyO/Dvsuu0uWWS8xKo
DA0N2fO7u/d1tpef7GhrU2uFNEmcqLn6Hx/b/dzV58/5pwXzuqNaLY4LoZFDw5M8sHEPMOtiTVL8
DfoU/qZ7CH8jPgJ8C3+jHwT+MdvmYU4Pf+bhRaIP3/70B3gr4Em8GheBK4BtQIy3CP4Y30f51uz1
bXjLZAoYzI69BrgfX15mOV6Ynsj2rwKfyo7nsms8D2+l/A2wBS+GZOf4Ir6h2RrgX/BCN44PUGwm
lgan/snJeTHr2bZ3av51t7/tEufsHfuOjV9YrdddFEhwfKyWdLYUHtlzePSavUcmLlJSdU6jRb0d
jRuuWPaX37vvi0cZWCU89NBsiDdpDgUu43T/4hP4X/61+Jt8B76XcbO7YBF/Q+/E36CKF4Ix/FBn
N35Ycws+tSLB+zM24Ic4r+e0WF2SnW8/p/sr92bP+7PjfRtvESXZOTXbvwc/zFoAHMnW/XJ2fRP4
UUuCt4ym8M3jh/FCchV+ePaD7P0J4PJhTs4psoRD3b17d+83Nm35/OZdR289cPSkm6g2iAIpWlVt
DaX1jtdc9MnP3L+p5eCRY/HC3nZ3fGSqOq+7Urr5soWFjwKDq1fL2rP9Zn4+NC2MH3K6FUjTabkV
39c4xt+Y05t+NadrvzltHXjrwXF6eDKGtyoi/DBmP956GMte35k9bg6BFG/9RMBGvMDEeOtlCj+M
aXZJ3Js9bopciLeQDmbrLF4oHs/O23S83gCczB43W6layH0mOdP47Gc3h0Cy42h84Za9w699+Ik9
je72shSCIFARp865eT3tjeG49m/CQD5y/orlbxs5djyeM6enoKndapw5DEh/f/9sK0Og05ZN0Xgh
Wwo/niLxP+tG2Fx/ZNq+zYzxHuBLnLZAzLRznEmCF4XmMQ6c8dr0x83nKV40wAtVk+emHUfx/ZhD
4Olp16LNDXJyAFBVIyJOtbb43vuevu/Brccv33domNGJKYLAWGOE9pbK6Hhj6pc+8Zu/ZL628YX/
d/PufcWbLls+VjD1gfXvfVPT5J0NQ5z/FWfGa7wcpjdOaj6f3ivZvcTjlzrGS+3/r/FSx/uJ30du
meScQkSyL015/69cf+L97a1tazb80PYt6Fv+oad2HWzZc3hEysVIL1+6pPL6NSse+fSnB9+xr3hM
Prqcutz83qQ5TDq772LG8LNYZ2d+htOHRtOP+6+d48weyj8JL3W8lxKX5lDpRa/9//IU12jTku4G
AAAAAElFTkSuQmCC
--485b390f7b54a66ee804bb4a01c0
Content-Type: image/png; name="Provisioning-Simple.png"
Content-Transfer-Encoding: base64
Content-ID: <7381D378-2F20-40A7-ACEA-AC25E6277874@vc.shawcable.net>
X-Attachment-Id: 855b38db64d971dc_0.0.1.1

iVBORw0KGgoAAAANSUhEUgAAAUAAAADrCAYAAAAYPE8zAAAABHNCSVQICAgIfAhkiAAAIABJREFU
eJzsnXmcXUWZ979PnXPu0ns6+76H7FsnAUIgaTYVUURMEBFFhgmvOjOODuq842gSnZl31BlxGZ0J
ow4qKiYsIpsg2EnYFBIggQTIvnT2dKe3u59T9f5Rde5tIoyKAi79fJJP33vWOnV+9XvWqgt90id9
0id90id90id98ucl3hvdgD4hAHzAuP+CfS/mVVxL/Qbnifv/St//t2Nf6Z6B+6t/gzaeeu5v85we
tq88165X00fxdV7u3N92PLza99QnfdIn/Cq5BG9IK169qFO++6/z/fsUeJ/8TtIHoDdOBEt4TcAM
oAPoAaqAkUCn2x9QeU9prMWhqViOCfddgIFAxn2ucueFp9y3wZ1bdN9TQD2Qd9s1FQur0W0TLNlF
p1zLAEOBs92xB9x2v1fb6NW+VK97GGCQa69yx2sg6f7Hz9m7v0YBY4Fh7pxOtz3hzo/c9VO9zk/0
arfv9o1w5ybc//jZJgA512fpXteESn8n3baEa0un2x6/q973SlJREn2WYp/0iZOY0P4RuBW4AXgM
mIslsb99FdccAdwE1JyyPR6AMRl9Evh7KgR1NfClV7jmDViCjkVO+TsOuB34MnAH8A3soD9VXs6N
rgdWYwk5llMVcm8XvBH4ObAG+HfgEeDSV2j3y0l87cHAdVT6o7d8CBj9G15vCPA3vLwR8evCBn3y
ByKvt8vSJ3bARMBpwPlAM9Y6uBaYA+wCNmGJcAYwCWudbQKWAXcDW4D52ME8EUt8JXdOFmtBXgsc
xZIMVAZlGmtpxpZhNxYH/YHZwEPAVCxxFoFzgDdjCboFa+WkgS5guWvvx921bgCGY0ltrGv7Pa69
jcC7scT3fde2oVgLagaWwO8D3g9MBn4APOvaFmIt2k63Pwe8zd3/CWCae+a1wEJgMXAX8Lg77n6g
4Pr6IPCMe7Y3AUuwxPoz4EXghGvjB9yz/o87dy4wAJgC3AwcB55yxza5fUPd8SeB0107tgCtwHP8
bnHLPnkNpM8Ffv3FYPu9Bzsgr8QSxYPYgToPS14vALdgCeRK4AzgeayV0oIlkZ1YoroGuBe4AEuU
q4AN7rrnY0kthSXJBcDbsUR1NnAFdnCWgL8AbgOuwhJrAFwI/AT4NLAV2O+eI3LPcQ2WAPphLcA2
LHlVYYnms+6a/+zO6QT+yj3rAiwRfsa1/zIswawDPgH8EksmHtayvBxLXHVYInwOOAT82PXfPOCd
wJ3Ap4DtWCLTWML6HJYA3+6e7S+B7wLvdX37SSzpftydk3H9fTfWwt0D1ALvcG1b6frkFuBh4Dys
G30U+KJ7Bx8Cxrv3mOJXQxJ98gbKqUHsPnl9JMJadVdhB1ctliSWYa2bEtby2YIlk4ewLt/XsBbK
BKxFFrvPeaxFeAhLApPcNXJYay5JJZ7mY62+/diYXZvbX3DHJ6lYiEXgK1hCeRBrXS0D/huYhSWx
92OJ4e3AA1graLd7njVYEvioe+abgK8D7VjSTLvr3oO1ppZhLViNJYvZVBRGhCXZxcBbgSNYUu3v
2vctrEL5CpZM1wPTseQ9G2uRvYi1WOtdmz33TN8FdmDJeY7rp88B/+n64kysNfk9d/0kloTb3d9H
sZbfTdgxdQ7WovyBOz6Ot/bJH5j0ucCvvwRYclqCtcA+67bfhSWKG9x+RcX6SWEHYuwOxi5hD3Zw
BVgCK7jP7djBvANrJYZUMswKOzi/677nsS5kXMpSwLrScTIg5Y7z3L59WLfzKNYqvAv4vDvmDqyl
2kNFuaaxhJtwf3Ftz2JJ7fNYV/QWrMV1xN33VqyFh/uewJL2h13/9O7PLiqJlNjV11jCvN9d/xIs
+eaoWHcrsVbop9w5x7HkJu6Ykrtv3j27h42x5t3+yLUt6+5f65497Z4RLEH3GRp/oNL3Yl5/iV3H
F7DWx2rgg1gyWYsltFp3TD2VjGMaO9j6uWOGYwnz8+77M9hY2mNY4pyCtQpH9ron7joD3XcPa7EN
wrpyC1xb3o21vAZgEwZ/h42B3Y91/f4DS1TbgRtdO1ZiyeExbLb2KmwyZ457RsEmXz6DJZansDHM
f8a6pZ/GkuBMYAzW0uuhEjdT2DjiECzR1bvn8d19Ndaavh7rYi/EutKxyz4H2OzOj7DW4aexFnUW
S2pjgCfd/b6IDSX0uHc1CkuaGmv1xfcN3PvS7j2Mx1q/89zzvoeK9d0X//sDk75s1Rsj8aCuxVom
9VhrZz12UA3GWljDsW7bKOzgOobNvNZhB/kD2IH4E+zgnIqNYY101z2GJa0ud1/jrhVhSQeshdKI
tRYXuHO3UikxGYp1dzdgrcm4bKSIHdgzsJZsHuvOtmFjgY9gyeNxYK97xre6a96DLfuZDmxz15yG
JfGLXRsfcvtiSWBd/+d5KZH0wyZd9rhrn+X6Yb3rO8GSXhXWNa92/bodGx9tcs/2mGvPdqwV+A6s
wrkbS9hjXB/52EzxAWzi5qh7XztcX8au8UIs+V7g9v9fKqGGPumTP3t5Oev71ymk2IqbhLWq6l7F
NX6b9vy6a79cCKUBaxXO6bXt5dr0cttObcNv+yynHv+/nX/qvt9nQnA+Nv53HfBDbPwR+kJOfdIn
LxHBWgUJXjoLxDvlr6IyYD13/FBsfC5xyr74+OQp++i1rzfRSK/zAipFxXHxc1wv+EoEGe9PUimg
Hoq1buNpa/F94sLjU9srVMghbsPLEdIr1dz1bltcgNz7WHXKveLjez/vqe15pbbG14u3ySn74vc4
ApvUGdXrmn3SJ33SJ3/y8nJKp0/+AKVPK72yxJaC9Pr/SmJ6/Y+neb3W8moWH3i95A+5ba+XxNbz
qSUwf+i4+rOSPgK0Eq8yYt7ylrfIOz73Od3U1BSmt2GYCvt2uqN2wKBB9uOmTbBoEexLwOgJbr8L
2U+dir9s5Uq1de1atm3bFpdUhPQB+M9NYtdeLV261Jz/yU+aU3E1ESgW4dgxqK21Jx2rd9tPwVUu
R/D5u1ZKH65+f/LnSoAC+E3Ll/PJ81dHAweiWQLNIr3398cG9OuxmcM0FaIUbCbVYAGYx2Zhu7HZ
zTa3nTXGMBBYArJy5Upv1aq1CrZF/OrCAn3yxy8C+FOnTpWVK7dGAwcSnYIrsLjqh8VVFZVFF14O
VwVsJr0bm5U/QS9cLXUXXLlynb927YfVtm3bYkLsk99Q/twI0F++fLWsXr28JC8lu2nA5OFjxo0f
N3HaaQOHDBtRX9/Qr6qmvqG2pr4uWZWuTqVSKd/zPS8IEBGMMegoIgxLUbFYLOSymUw2092T6erq
6OnuOtl24ujRQ/v3bN+6+ck92PKRbdj6PIyxCnvasmWJbWvX9pHhH7/4y5cvl6FXrC6tan7JkJoK
TBk2avy4CadNnTRg0JCRtQ2N/WtqahtqahvqUlVVValUVcrzlO8FAaoXrqKwFBVLxUIuk8lkMpme
THdHZybT1d5+/OjxQ637tj+76Ze9cdUGFlfrgOuvuy7YdOONcaF2n/wv8udCgEFLizFLlhA64usP
nD1x6qwlU2bNO2vcxGmjx4yfWNc4aEiyX78B1Nf3wwt8lFL4nqc9LwiVEm0ExDh3QyEYjIBojDJh
5EU68rTW6Cgk09PDyZMn6Gw7Hh08sL97764X2nbv3L75qcfXP9Ld2b4BW69XbDGGH153Y3DjjdfF
Wr9P/ngkaGlpMetYEjri6wecNW7StOaZcxeeNXrCpDFjx59W33/w0FRDY3/q6vvhJxIoEXzfjzzl
aVFKi6AFMBpxUUGDQQwodKTCKPS1MUSlkFymh46TxznZ3qYPH9zfvW/nCyd2bH/hueeefPyRtrYj
G4CngVJLi+GH228MbryuD1f/m/ypE6DQ1ORv3LixNE/EB86YNnfBO2fOOeMdc05fPHrClOlqwOCh
BH6AH/gFHUa6WCpIWCqJibREJlJgBI0Yo8sBazFgxCBiEJQxAp6IEeVppZRWyjOBHxgv4RP4SUId
JsSguro6ONK6j+eeeTK/eeMvnn5+6+bbdz2/5SfA9o3GME+kr1D2j0MECDZuNMV580QB8ydPb7ps
xvwz3zH39LMnnjZ1JgMGD8fzA4LAL+pIR6VSQcJSUYyORGutjNFitHHZYSMgYEDEYDAoUQZAlBhR
SvvK0yLKeEHCBMmE8f1ATBQF2mgv093N4db9bN2ysfjMk49sfn7rM7ft3PrsPcBzDlcJbDF3X6zw
FPlTJsBgzRoTLlsmBjjvnAvetnz+2eddclbzW5KDh43E87xSqVDQxUJOwij0MEaJElGi8JQCUY7t
xBKdEYxUVHS8D2PsMVgXxIhYBa41WhuM0UYwxoiKEomkTqVTKD/wC/m8t2vHNh7/+QPHNj2+fu3j
G372P8AmY4yIyMstPvqbSu+awVPfrznlf5/89uIZY7SIGGDhwuaLPjz/rObLFp13cXLYqNFGKRVF
pTDM57MSRiVfjFEiIp6nUOJV8ISyRKes2yvYbYhYBUsvXNlv9rPWaK3RxhgBg0iUSCR1OpU24qlE
sVhUe3e9yCMt95/c+Oi62x9f/8CNwBNr1hhZtkzixMmrkd6Z61MlxtIfXab6T5UAA2NMSUT6jxw/
ecXlV3/oA81vvrRm0NDhhVyux+S6M57WpUD5PoHnI/HENBGM0fYtC4iIwRgRpYwxBhXHDQWrtLHe
CgiiDA6SoAzKCBosmhEEIdIaHYZoHWk/mS7V1NYY30v4B/bt9Fvuu/PYzd/66jeOtO7/gjEmJ9Zi
/XWuiwfI8uXL5YorVpvjSwiXAitX2v9lksbgwo6sdP/Xgjx4443+pk2b2HTjjTEh9sWM/ncJNm40
pXnzpH7EmAkrlr3/w9csuejS+qHDRxYL2azO9HR7WoeB5/l4vo9ycBBjlaKIhYgIiBaMAnrjCsCG
WSoYE2cVanHWoWAMIsp+FmMVbxiF6Cg0iUSqVF1Tp4NE4Lfu3+u3/PQnbT+86T9uOrB75ypjTPdv
i6umpuUcmtRUWrnkVFy5I419xpVUcLV15crg7sOHzR8Drv4UCTBYs8aUli2TaededNlN13zkU/Mm
TZtZyHZ1m3y2J4HnqUTgI6KM0RpjtCilDEaLiDJgRIkyosBoI6IsCZYJMiY0Y8oTegULzpeiQixH
Om2uRBkjFuyWDI2EpSIaotrahmIynfK3PPVEsPqGf1r38M/uvsYYs0dE4mWgXvJ8TU1NrN64Mepe
h25+adA9gc1c12Iz17VUlszPY7OJGezc4G56DYSWFkNtLd773jfN27Ztm+GlK670SYX8Jp517pu/
ufxjnz1n8sw5xXw2G2W6O1Oe70mQSBplQGPKAT0jRrzYTyi/Kuv5xuE+EfebAb31a+xrWNeCmBnL
UCRmQWN3Kc+gtdJAWCphtNE19fWFRDLtv/jc08E3vrjqkXUP/OQvVm8026+zbvuplqBPU5NsXL1R
dzcRnZK5TmCz1nVYXMWLQEClAqIHi6tOemHW4Updd908b9OmTfAHhqs/NQIMWowJm0VmvnXZ1bf9
7ae+ML6mti7T0X4s7QcJ5fm+wRhr5VmtbAkOIyIvoTO7HpIxeKpsHMaOL4Bzid1n99ceF8PTQdjY
PdYAs8RpwS5GKQ+tI7HaW0cDBg3JnTh6pOZfP/OxjfffeculxpiDUmHWREtLSzRoyZJwmr1hGhhW
W9swbcio0U0NjYMmDh85dlz/wYOHVFXXDaquqU0mkmk8zxdtNGEY6XwuQ6arK9PV1XG87eihA4da
9+zOdJ7cfvDg3k2FTGY7dvGE/L07DOlW/OZm8bCA/XMvavbXGKOXiUy68JLLb/voihumNjQ0Zk62
HUsHQUIpX6FEjIm0DXYoq0DRvXDlFB9iFWfs01orMQ6rxN6jlEdmxTkxTq/GmOqlbh3GHPhQojAY
KUUhOoqihn4D8l0d7dVfXHn91rtvvfnipWvM3rXLylhOtrS0RLkRS8KLJgrY6ZVDq2r7TR0xcmRT
XeOAySNGjhvTOHDIsOq6uoHV1bWpRKoKz/NEG0MURTqXzdDT2ZnLZnuOHjvSevBw655d3R2dO48e
2Lspm+16AYur3OqNhklNeM0VK/QNtwz/0AgwnlepYCpTp0J60SLDJrj44qHm7rsPS1OTXfI498gj
sm1bUWBnbGLL6MWL/X3r1/c767yL717xpW/PTSaT2WymqyqZTIOJLEyM1cRlQhObbhNRzvewB1go
SbnkJY7dOCyXmxtrcOPAab0ad7wxmDjGY5zXrAFPGbQWbUChjA39KMllexg4eGj3wQP7aj/xwSu/
v2XTL649Y+lS+diaNbmB68AR0vxJk2cumTRj1qJR4yY1jZ04ZcjIMRMZNHQ4QZBEROH5gUbEaDBG
G6NjN15rFUaRCkuh6Cgim8tw7NABWvfu5MCeHfsPte5+ZuezWzbs2bHlcWDjihWmOG0lfH7evGDT
pk1/zGUV8ewLBVMlxlUTtqA9xhZNr4Cr0Yv9ffvW18xbdN7tn/vq986urqnJ9nR2VqWq0gatHagA
YyT2e0XEYsy5sYguf5Y4TozYYgIBMRVWiy3AGIsYQ9mfppeCjTFl7PmWdbF7XNxaPEUhl5W6fo09
J0+cqLl++RU/efrJR5Y1Xbzc++Rdq3OAWWZjzk1jx09ZPG32vHNGjJswb9zEqUNHjh3PoKGjSAQJ
xPNQyjPi+ZGLQVrj0+EqirQqlUqidUQuk+XYkVZa9+1i/+4XDh7ev/fp3c9vfmTnC5sfAzYaY3Ir
18Hd17/xuHqjCVABqmn5clm+fHXUbzd66dKX+Aq/kRhjuO++nclBb5mg3z5mwj/901e++4mps+dn
248fqaquqdGlYkF5nqeNNkopsUpUDBIh4rk4ShmwzqVw5Nc7pisOnXEquBfeEaPKNTIVR9hagcaB
U9BWi1cSJ5acXNjbCxL0dHUxZPiIwg++/Q2+/u8rL2g/duwRERkCXHTRpVcsnblg4YLps+Y3jh53
GlU1NZEoL8xnc6ZQLJiwVPRCHaqoFCmttRLEaK3FhdiN1lrEU1qJp8XzIj8ItB8kxQuSKopKfk9P
j2rdvYNdzz/TsWPrM5vW3XvrPblM5+3AvhXGMG3tWm/ZsmXwh0+EZVz92xWrI0AvWfLqcLVzJ8lW
n3DZwhErPvfV73169vyzcu3Hj6TTVdVGR6FFSRwgUWJE47wKxKBRCKJ6O7XErnGZCO29pFwHaHns
1AQbdruLqtlkm8agMEZbC9RYt8Zo406xQWzfC8hmumXA4GHFe277gfnUR65+x4MPhj9tbpbBwJve
csnl75o1f9GZU2bOHTB24mSq6+ojJSos5HMmm8sThZGEuuRFYah0ZMQZESZy99FaiyjP4irwIt8L
TJBI4idSEpZKQTbbo1r37mDX889279j69MaW+267N9PZdgewa8UKA6zzV61qfkNihW8UAQbLly/n
/PNXl5YtLZv7ChtjmOh53uhEIjW0cdCQQY0DhzSk0tVVQeAHaKEY5ov5XCZz8tjxjvYTR04UwuJR
XSodx/7wTO1lV33wrk/8y1cHnTx2lFQq7WkdGnEoirW0uBCIGEd6lQKXStwFyuaiNRmpBKXtzjhv
9yvEVzYJqRCogfKPQxrDqcfbJItSFItF6hsai1u3PJW8dumF/1Yo5luXvve6D59z/kXjp81pUvX1
A8LIRMVMV7dXKOa9qBT6yvNQnp1IELvliBgxEGmDEYMx1pfXOhRtQGuD1powCgnDCM/zwyCZCpPp
aqOU8nu6OoI927exZePDBx6+//Yf73nh2f8CtrW0GJqb/2DLKoKm5cv57urVpTXAKvsiFTZuNcnz
vDF+IjWsccCQgY0DhzSkq9LVCT8ZRBiisFDMZTPZjpPHO9uPHDl+Cq5Sl733//zoYyv/bVKmpzvy
g8DXUUk85RltEGWzuTaZK4JCv0RZxp5BrE+Nc33tB+d4QBk3ZTyaitK1eFUuBl0xCrWpXDNWtqLE
mEiLRlDKKj6MMdV1DYXd219IXnnxWav9RGLzuW+55O8uuOjSMTPmLPDrG/pHxuhiT6ZH8rm8H4Ul
X/zAxawVqJiqbQOMFgwRRhRGg9aRGGMItQEdEYYRYaRRygv9RCJKV9dFopSf6e5M7N3xPJufWH9k
w323/XjP9mf/C9jc0mJovn5ewKZNr+vUvtebABPLV682TU3LS9fNE4AhnpecPm7y1DMGDx995rBR
E2YMGjFq4NCho1L9Bw0hVVVNMpHE932Up9wLtoXGYbFIsZDlZNtxjh3ar0+2HW/fu2dH9m1Lrxo+
ffYCr5DLGM/3BWOMUgqjtSgVa2DiCLTV0BJn3ox1hY0GpWwsRWtHiA7QZa0c23cuO+fItKy4TW/q
iwPYVosbrZ3vImg0YGNIAGFYIpFMm5Ntx/nBt79RXHzhW1Oz552F8lUh09NDPpsLDCjP8xFliyfQ
GI2xswi0xoigtRZj4qC53WcHis1o43rCWodGtAYdRZTCEiISBUEyTKSriCKTPHZ4P489eGf3ww/8
+Hs7n9v0FWD7ihajVlVihG+0JJYvX23OP395aZmNbQ0Cpo2fMvvMoSPHnjl05LgZg4aNHDx42KjU
wMHDSFdVkUglCbwAT3nuZRmiKKRUKlLKZ+loP8HRwweizo72kzufeyZ70buuGjLvzHOCfDZjRCkl
Yj0JTCRKec4jNSipkFaMGylbdfa7UoKJtLMMHZbisIsLEMa2YW8rUeM8YVdtEGPQiLE/bBy7wvY8
awmKTfBFxhjfD+jp7jQ3f/Nr0ZlLLgzmn7kYESnmc1mTzeV8o42nfN8pfYXRxmjHsBrr7WtTwRVu
m224MnGk27jyRiNGdAiRjmyW2hidSKRKyVS10Uanjh1p5fGH7s784ud3f3/rpke+BjzXYoxqltcP
V68XAfqLV6xg3cqVoYsKN886o/miMROmvnn8lFnTTpsxj8bBQ6iprkcELcaEokwURZHoKBJncxvQ
4nm+UUpQniLwfeOJUogJfM+XMCyRz2YEjInCEsrzxPc9o6NIPOXFeVyraKVi7VWMJsCA8izxRWFE
EPgVAizHZVRZUxuhHOMrA9oYZ4lJedobAjqyNVye58Wwj9MuBtEOOJaJDUg6XYV4qtTV0SlhFPqe
54sShSM7gxG00WitxdZY2LbYLKStMzNau3iS26djL0o7LQ5Uhi+RNoJYCzEqldBImEpXR4lU2m/d
t8trufuWY+vvueWrRw7s+Y8WYzqbbZHtG/WjP97y5cvV+atXl2yJG4umzll4yfipMy8Yd9qsWZNn
zmPA4OHU1NahFBptQhQR2hBGJRu90EaUslkwz1MozzOe5xtfKaXE+OJ5nokiU8hnicJSjAkRZV1N
pdRLvAZxCtXgrLx4GwblKaJIo7XFVcWDiDHo3lOskGObKwaaZT1XYaDLiTgdaoyx17cSl8iY+N07
tW39klRVNcrzSt0dnYRhMVBeIMqzrrQxYrTDkTFaIucpxIFzreMmaIxWDmsGo4kVb9nDiT0bELQx
YoxNLIalEogKE+l0lExXeYcP7PNb7vph24b7b/9a685tX2tpMe3Nza/PpIDXmgClqWm5v3Hj6pKr
P7rk7Isuv3r2/LObp88/u3rQsFEkUqliVCpGxXxGhfmCZ5TjN1EoJYhS5dKRcvLC4AAQv2pjlFKR
Uh6C8T3PMzU1teRzGdFRZIIgYTWXjvA85QBlG1iO4YnNnoGdi5kIEqSqquju7rJWgtGgBE8JOrLE
5SlLYkopRBRRFILWKN+zANIGUbYIwhiD5/skE0ly+RylsIQnvgWQlVjhO84Uoigk1JF4KsBTymgT
iY6smaGNEePAZoFpymRriN1sazEbR4jaOLBiXSfjPsfAdNcyWkcSEygihGFIGIa6qrahGKRS/rZN
j/v3/eibj6+/90efAR5cYYxy7ubrlS2Wpqbl/sUXry6tWiUA71j0lsveN2vBkvOmzT2rbuioMaRS
VYVSIW/CYp5iPucjRgkopTyUsrFbUQ5jZVfTuDitYON3xhhE+4FvxBgv8APS1TVke7pEBOP7PkZr
MSbC82xViNV72lGbK3sSixMdhaRTaYJEkp6ebjzPKVJHosZY7aSUsgTqsB+GITj8WILRiFIYbd+3
HwQkEgGZTAabWLNk5BSzwbP4tSyoiKLQlEqh8oMAJcpEWoslOWWMMRI5LyIm9iBIUSqVKBQLtm3a
WqzaEmY5C21xhPM4nJssOiZHgzFEcR0PQqhDwlKk09V1xWQ67b+wZZN//23ffvLB27/zj8ADi1es
8NevWhUvDvHaAOm1ujDgt7SY0NWpLZ579kWfuuCdV50zvWlhsqHfgFJYKoTZnm7f6ND3lBLfDywg
xKDEc/PPrFUlxLE4Z4eJQsRW0dvqeUSJYHSE8uxMjt0vbmP4qDHU1veju6OdZDqJ7wWEYWi1sXKa
Wht83yOKImf9eVRXV3Hs6CEOHzrIrFlNFAp5xFOgDZGO8D3rJkRRhOd5FHI5tNGkq6rwPI9isYjn
+SgllEollPIRBR3t7XScPMnQ4cNJV1dTLORRyie2Kkth6OhMUSoVKJVKVNXUGmMMhXxePM83nu9L
GIZobZxyUIQ6AhTGRFhtC7F7YgnOlLWyjknSxCRZAbEBo7V1xqzLY0Q761vEo1QsSKh1VN9/cD7T
01n98zu+33PTVz7z2bCY/+KaNUa5mQavdSDbb2kxUXOznYkx+4xzP3XhZR84d/r8RamGxoGlKCqF
ue4uX0ehr5QSP/DxPc+GGMQ6avHIll4EJXE1gPIsOVp/VDzPKrZEIkkhn+PAnh1MnDINEaGQyxIk
kvieRxSG9s31ih/7CY+wGFncKo+ammoOHthHR3s702fNJpfJ4gU+2pZB4fs+iBCFIUHgk8lkEIGq
6mosJoquwNriyvc8tIHOjnZOnuxg5KjRBIkY45W4dSksoZSdhVLI59DaUF1bY8JSRKFQkCARGM/3
KRZLsT8t2PlL5PN5jh4+SG1DPwYMGkY+mwGlXOxRUwmzCEYi4hmjsSV4WYsrAAAgAElEQVSowSlh
RcyUkbHjznaWolQsiNY6qq7vXyoUcqn196zp+dHqL3zp5PGD/7TCmNKql6+H/b3Ia/XD6Mk1xpQu
HisDRk+Y9q/L/s8/3LDsL68/bfzkmcZoHfZ0twdRWAw8z/eCwBff912ZvHZOphYxWkzsocbzzyjn
JGxJsjYWW2KMMRGe8ojCktz83182J44e5IlHfi6FfM7s3rFNps6YQ6a7k6qqNH4Q4CnB9wMwhrr6
gCce/TkH97cyq2k2m5/axLoH7qanq53HHm5h4TnnkenpIJFIkq6qRusQYzS+55GuquJg6z66OzsY
MXI4nSfb6NfYnzDME4UFqtJVKKXoPNnGN770L6ALbGh5kHETJtGvsR/FYgklEJaKpqamViKtTSqd
JJvpZvfOnYweO1YyPe3ys3vvMmPHTxIj1tpIpVMYA4VCHt8PCEslPvPRaxg2agyjxkwgl83iJ3wb
b1SqrOoqmUgDbupVJYhejgLE/Y2IMmKwlmgQaE8pL9vTlRDlFafPX+RPmrngzQf37Zq6+uvLH1pj
THbtqlU+r50lmGgxptQ8VhoHjxz3ucuu/btvXPGhT0+eOG2uNlqHPT0dflQsJDzf8wLfF98PjFJY
693hyogRm4DVZX0K9rNY7hfjsOV7nolKRdLpKo4ebuXW7/4nJ47uZ/OTT0hPd6c50rpfZs5uov34
MWrr6q1lqTx830eUoqZa8ej6n3Pi6FGaFszi0ZYWNj7WwvEj+9jy9NOcvmgxPV0dpJIp0ukqosgp
Z1HU1KTZvfNFolKJQUMG0tV5ksZ+AygW8mhdIp2uwvN9Wvfv4dvf+AqYPOse/CnTZzWRSqbQNjNB
ZCJqa+tMsViQ2tp6c6h1P+1txxg7brQc2L9f1j94n5k7/yzpPNkm1dU1BEEgWmsK+TzV1TV878Yv
09XZxrbNGykVCoydNJlCJovnexXXqXfCBsrEKy4sU3HbwDi2FE8wTsF6nofyPJXNZnyQ4tQ5Z/oT
ZzSd27p3+/TbP/iXD67eaDJ33/ja4Oo1IMDRqRWmo/BXIovPfvPlN1/98X99x/xzLiQslcJcpisA
/MAPbOxExIiN4Fsjw+bQRLlkhD2mF+tRsfoEY2uTLGAkDEtS19Aoj6+7n462E/LhT6yUfv0HkM30
SNuJY3ScOM4da79HqVCgdd8e8rks+3bvYO+u53mkZQMPtzzEkGFDaVrQxJann2bzpic4fdHZDB85
hkx3F7f94Lvs27OLKCzyw+98k+c2b6Kxf38OHdjHwy0/Y9jwEfzsvnv46b13kfB9tj27mZ/e9WM8
L+C0KZM5dPAgzz79JEvfvYxNT27i+JFDrPvZT1FKeODeO3luyzNy/MhhDh3YI6lUQn685ocycNAg
eXHrs9z+w+/TcfK41NY1cM/tt3Di6BEy3V18/1tfY/TYCYwYNZZnnniUtuNHQQuTp8+iUCjge74r
wXHgjDOM9PL7K4Vk5SyjDQkqd5i2b8Bleqzr72OM9ns6O9XYyTNz0+YunH3iaOvCL1995boVxrSv
fy1IcMKE5Jq2tuLFImecdeG7vvuBj/+/ZWe/+V1hWCrqbKYzEPB9zxPfD0wlrWoEWwMp4qpVlKiK
V2ExaHGFgHNFlQie3SdhqSANjQPkjh98S8aMmyiXX/0haWys4+D+nRKFwuGD+7n15m+hTcSOF54l
kUiyeeMv6Gg/zv0/uZvHNzzE2PETmTN3Go9ueIzdO7Zy+hkLGTJyPB1tR7jle9/mxIljdLQf5861
P2DLU08ycPAQdmx/no2/eIyBAwfz4E/v5d677qRfvwYef3gd6x68n3S6igmTJrB75w52bX+By6+8
nJafPUT78eM8su4BwHDXHWvZvf0Fnn/uGQmCgMOHDshjLQ9I/0FD5PFHHuaeO27BRJHU1tVzy02r
6enpou34UW656b+YMmM2Df3688BdtzJ5+ixa9+6mpq6eyTPmkM304Pk+duBW4o7O+Y4jlxgVBwOd
uxGrWBs3FzHKws5oMSLG4dXP9HTKiHFT8rPOaJ5x7NC+c1f/w5XrVhhz4rXA1e+ZACckYU9h/apV
11z+oX/8nyv/6jNjGhoH5bvajiZ8z/MDP4F4GBUnEbBVVOIMFAtMF5uxgRnnohhHhHE8EOduOIvd
89BhidqaWrY+8yR1DQ0sWDiHXK5EPptjz87nOdi6j49/7K/ZsG49O17cyrzTF3HyxFHuuPUW3r3s
MkYMHUymGDF12hyUeAwZMpRnNz9NR3s7j234Of0HDsTokOe3PseEiaM5c9E5PHjffWS6u6jv18Dj
G1qork7zqU9+jJYND/PsU09y2tRpbH32aRafdz4d7W08su5BDh8+wcJzzsHzFOnqGvKFImOHDWTi
pAk89vgvUAK7du6gvqEfO7c/z9HD+/irj3+SfXsO8PDP72X8xCl0d3eyb9cOxoyfyMLFF6B1xK03
/zeiFLu2b2Xu6YuoqqomjEKU51Uy2SKxpUc5M+0+lzOQIq4o1xEjYmNDGLFrAFRmUQWJFN0dJxKN
A4ZlZ57ePOHE0UPnf++qy+9fscK0rV+/KuD3BdYJE5Ls2FFYK7Lsndd8/Ob3/s3KSQOHjMh2HD+c
UqL8RBCAEpt7NAZsTkOU2ICyDfc5nzYOn1iqs8axVLBn44PiQiwKHUVUVVfxxIaHmDF3AWPGjyGM
NCeOH+bg/gNkM+18+PqPc/dtt3Fw/27OXnIhLz6/hUfXP8iVH7ia6poGRMGEyTNAPIaOGMHGX/6C
Qj7Luod+yrDhI8lleti1cztTps9gxpw5/PSuO1Ci8AOfXzy6nhEjR/LRDy/nx3f+mEOtBxg9ajQ7
d7zAOc2LOXjgIL98fANHj3Sw5Lw3k89nGDB4CG0nTnDGWQsYOXoCP7v3ThLJBHt27mDQ0GFs+Pn9
DBk2nHddcQ3PP7eFLU/9gtHjJnD86CEOH2rltGnTOH3RYjKZLJs3PUG/xn4YNGExYurMudbr8Fyc
W2IHLZa4bKziVlQcisp3wRVOxFlJEQsXA0GQlGxne1Db0D83Z9GbRp88ceSC71z5rnUtxhz9zqrf
I674vRLghCTsLFRV1fzfa//hy1+6+D0f8vO5Hl3MZ1PpdJXLeGrxRGFDe8YZdzHBKVu9qnBxPeNK
VOK4itPcrh/jCeRKrD0Yx16q62q4745bEKW480c3o12cTkch3d09ZLJ5+g8cxIG9O9m3exfV1TUo
X9i5czupdA0Lz2nioft/xp6d21m0+DweWfcAAwcNBjEMHDSEQYOHEIYhl7/7naz++jcYOXo0M2bP
Y++uHVTX1HDwwCF6MlkAEkGS0aPHMnP2TA4dOsyRg/v4yMf+lulzZ/HC1meprR1AfX09O3c+z9Ej
h5l3xmIymR42P/UkS6/4ANuee4aqqmpOtrfRum8P9Q2NiFIMGTqcVHU1NbX1zJk/jy1PbeSFrZt5
zweu5cjhQ/T0ZJg5dwFdndZt18ZUSM+JpbeKy2JjOJRnK5S1OBBbfiJShrzNFEcEqZTJZboTVdX1
2RkLFg8/cezQ2d/71rL71qwxJ9euXRWntX8XSa1oays87Hkf+cDHv/if7/yL65PFQi7KZ7tTyXTa
5Vc1Ks7tCyKmHNcTRElc/RRjqYy3WLEiiLIkqIyb8SPYkEpUIp2uplQq8NC9d1Aq9XD3rbeSTFTh
+9b6OXroMDoypKvStO7ZzaHW/QwYNJh8NseOF7bR0K+RhWfO5PYf3Up390lmzJnJLzZsYOiIEZSK
RYaNGEl1bS3pqjRve8db+c+vfIVZc2YzeuwEDrXup6amlv3796M1FIs5qmtrGDV6PFNmTGHPzr3k
slk+9vfXM27iRLY+u5UhQwbj+4p9e/exb/cuLrjoEp564lFEPBae08yOF56jtqae1gN7aDtxlMFD
hpPJ9DBy9FiSySQDBw9l9JgJFEtFHlv/M8ZNnEgYFmk/0cbpi5aQy2Tw/KAcT7Z55jh1rXgJH0Jl
u6s/QJR1hQFtEIMWO8fPLbFpDH4yZfLZnkQimcrNOvP8oW3HDp372SuX/nT1RnPi7ht/L7gCfn8E
mF6x4q+LmzY/+w/X/v2///N5l76/ePLYId/zvSAIAm2iSEQpXI5DPGWHmYgyItqSYJzlRRwJSgWY
YjW1whGeKAdkUCgQjed7RKUSDf36M3b8RJ596hkWn/9m5p15DgMGDmLqjLk8v20bZ597IXPmncGR
Q61MPG0Kb3n7Ozl65Dj9Bg7hzEWLKRVh7ISJdHV2sO3ZZ3jXFe/jnHPfxNHDBxk8eDiTp86kob6R
mvqBjBw9lpmz55FMp5g1dx4DBgziwKGDXPLOy+k/cCC5XA9nnrUEHYHnBwwbMZqq6n4UciF1dY2k
qqqYNWcuR4+1UVPXn7OXnE99fT0zZ8+joV8/Ro4Zz8TJ09izcydnnn0ui5ov5MSxI4yfNIVJk6dT
U1dLTV0j+WyWyTNmc9qM2QwbPpZUKk1NXT1xvL9cl9GrjALnAsagFGcTmbIrY6U8zcF9pddcGRvs
jiRIJE0+35OoqqnPTp59xqj9u7bN/I8brr61qWm5OXx40+8C1NTqjSb/6Ul1H73mE1+84eL3fLDU
fuyg7ysVBImE1lEo4sUBEUtwnhIjqmJYKOdySZz5Fatg49BKXAdKL3K0CTKFISLwAwq5DKPHTaS2
rp6dL+7k7Uvfw/hJkxk5aiyjxkzkhee28OZL3snE06Zz7Ngh5s4/k3OaL+DA/n2MGDWGuQvOpFAU
Jp42hSOHDnFg9z6WXXUN889YxLEjhzht8jSmTJtJXU09NbWNjB4zjlFjJpBKp5l/xkI85dF66Ajv
eNe7qaquIZ/Ps/DsZsDH8zyGDBtBOlVLNpunrr6BmtpaZs6ay97duxk0aDCLlpxHY/+BzG6aTzKZ
ZPqc+dTX19N27DhLLriIWXMXcOLYUaZOn8PYiZOpra0nXVWN0ZrGAQM43HqQxsbBvOWSZRSLRVvZ
gKWrWBm6AY2Jq/3LaFIuHoirQKgQpYmTm1bplmu5BUFHWvxEwhQK+UQikcrNWLB46L4d25q++en3
3cbSpSW2bfsdYFWRU7n61Ui6pcXkLr6k/1+/72P//NXzL31/vu3wgUSqqkowxmlZcTXGGhHfYCJR
zuz1lNXGVllrS2jgYn04AoxjgBrP+cuuUKBSa6XiqUQR6VQV1bU15HMZCvk8QZBAjKGuoZ6enh7C
UoH6hn7oUkQul6G2thZRkO3JEekSSoS6+np8T+jpzlAsFWls7Ec6DWEI2UyJTKaHZDJFWCziBwFR
FOL5PvV1VbSf7EYpRVVNNdmeDEEQYAyUSiWiMCwnJoJkgnyuQEN9vc3mdXYQJAJAEbnMnTZQU1dD
JpOnVMhRVVNHoVBw2WWPfD5HIkii0WR6siRTKbzAJ5/LAZ4rVbB9ZMBlhl2tlo3AgjEuc+yyd+Ay
wyauOXTHKLSJAOWm2BnAM5EORfkJnc/mVG2/Adm925+tuuEfrv3GV77wwl99fetKb/2qVa9mReJU
izH587zENR/4xBdufOt7riudOHwgSKaqPBvYi91YLdZl9Qy4YneHD4VCVDzlTFl8GXGxP1tHp5Sb
FaSsYrWLmFlcKeeuKRG0jqipqaOqKk13VyeRifCVh6egtq6ers5OBKirq6NQLFDM56irb0BrTT6X
QYe2dKW+vg7Pg66uHqIopKGhgUK+QBiW8D2fbDZDXX0DtXUe2Yymu7uHgYPqaEjAkc6QYjGirj7J
yfYMpUKRdE01CkUm2wOiCDwfBAqFIg39GogiQ8fJdtJVVYRRVC5/CryAVFWKnp4MpVKJmpo68rmc
qyiAYqmI0UIylSKRSqEjTVdXhyt8dhMStKskkLiER6HRtkzGKAy6MlMF4+5t76/jqgRtL6DR2BIs
I1prEIsrz0/oQi6vqusasodb91R96RPv+97+nduupqnJY9Om37lY+nclwMSKFlNc1SwXv+evV91y
2bWfUG1HDiRSqbQyRtt4igEjxsZgjJGY2JSLE3ixNnZWn439KQtu0WU3OD5GOcvQlsv0dpUpa/zI
/qYCfuCT8AMiQhQeYalEIgjwPKFUtERnywZKYCCRSLiaLEMpLNlSBs/DTyTo7uhg+4tbKBQKzJlz
OjX1DehIEwQe+VyOZDqNJ4rOrg7S6Sp83yeXy6F1xOGDrdTWNdB/wEDsrCKFpzxy+SxK+RQLBQyQ
SCRt27VGeQod2VBHsVhEeT5KeRRLRRegV7Yo1VNEYYgGV+ZTcuf7v1KnZZdmjQtVHYgR0KZyrOCK
p5XNJBqDxtYZQqV+EGyRaxiXzRiNeAG5TDf9h43K//zHN/v/+bmPXBkWsmt/wzXoTsVVaVWznHvp
Ndff/t6/+Wyy/dhBL0gkfBvGtPE5DOIpO81CjBFLip4lNwcYD1OJLQuO5HrFl+P4s9tu6wId9soJ
E41SilKphNERQZDAU5WyrFKxRCKVAAM6LOEFPr7ybPmJ2GoD5Qm4ImBjDIlEAiWKUrGA53s2jh1F
1NTUcPTIYZ785cNMmTqT8RNPY/PTmzjUuo/hI0cxZdos9u3excDBQ6ir70dr6z4SQYL+/QdSDEPs
lDmDEZ9iMQ8IyWSSYrFUNiTcKi5EUYTyfQTlMGbLqrTBDjY0pTByZTXgB8kygZXLqtx8ZLSd02SL
6yvF0NrVwNqaQJuQt2Roy2fKuMMV7dtEnNHaxiK0tjH+fDZLw6Bh+cfuvyN5wz9eu/zTxfy3VokE
/I4zRn4XF9hbscKYVR+QCYsvuer77/7gPw7sbj+ugkTg2+yuSzg6y9j2fZzJjavnpQw8mwlxLokL
TMeJjpjcBEF5xMkT57IoB2xTvpbv+yRSSTzlIQo88VCiSKWCct1XMpW0mSxlY3VBwnfXsdZk4Pmk
02mKxQKN/Rt4dP2DPP7IwwwZPIif/Pg2ms9fzIljR8hmcwwcNJBjRw5z/NgRho8YSRSF7Nm5nclT
xnHTjavZ9OQvmD5jFj/87jepb2igrraW3bt2MmDgIIyOSCQS+EGANnag2ZkioJSHKEUikSxnxBNB
0lkt2GJY15/WWrSDXSmvnOSt+K8VJ7astm3wppIRxsUFndYun+P2x6UzGsBoRzMqnvSC1hrfT0im
s0MmTG9SbUcPnn71uy9ds9SY7m2rfuO4jVq+fLV86W/mDV/4pnfd8t6PfHZ4tqfLeL4XKFEaUK54
WZSqrLUibq1FJb08BocdS2TuGUScVagq7zs+r6yExcWYTXk/CIEfkEwm3LuQctlLMpUsh2aSqQSe
eO5dJQgSQdkhVEqRSCQIEgncpCE71dOz5UpVVWmOHj7MN778BUaPHMH999yFn/C567a1TJkylccf
3UAmk+Hmm1bTcfIkbz3/bC6/9G3UN9SzYOEZdJzspKqqCu3qx4JEgO/7tmTLD1wM3ZK653kEiWR5
sYZEIkCUXx6XuDHn+R5BkMT3g3LhvMS4iQPy8RzPXljqFR2kDDxrDFW+S7xAhClv0jFluLUdLLdq
PD8huUyXjD1tJtnuztn//a633tfSYk585zurvN8QVy8r/qs9cfTi9wc33TSG0ZNm/sulH7h+nNZR
QZQkxfM0kbali8aIKM8IdmaBKKd1nbuLVALO1q7TZSIUlyV2JqRzYUx5AYNYlAvlW/KL92l0FC8z
HiNbo6PYlcbWXMWZZBNSiToa907tnGNciYTWmsD36Oxox1PCru07WfOD71JdXcegwUM4ePAApVKR
+acvpKe7h42/fJTnnp1PR0c7jY392bd3Nzu3v0C/xv7c+5Pb8X2fpVe8nyHDRlDI520tlCMn7QLF
EtevRWH8lGht22rjenbQW0PNVCbHu1VINK5/bYAM7arycZlQt3hIOSYjMUDjjFy5BzW2GsbNbnCp
EGUr/cuusGuvERHfaJ2/6N3XjXnm8Qf/dq3IJ7ELaP7aKXMjRoxIPnLywWjIqIkrL73m+tOUF+SN
zqWUHxijjXjKDiO3Srd1eY19/xYQjtyx8TxxMeK4lLSSAIkjVZXEWsUDid3o+Ji4vzQ6wuGS8nQ1
E0WWXAyEUYSI4GEL8w2WKC2G7XzrGHeCnSerXLF1TU09dzzSwqw5s3jfVe9lUfOb6OxsJ9KGIUMH
oBSEpZAhQ4bRduIYW3ceJF1dTX1DI6WiLejXRrt3KjbU4tpvTOTQbcouqTGRo47YVXV0JDZ8YH+h
zmAI6T3vHSPEszbjoWjXuVQYpd11DIh1i40ybqKyLUTXVE7WiN1mb4wnZUtS3IpLxhGuAXytTe78
S68es+2Zxz7c3CwfWbxihaxfterXweoVRf36Q15W0gs+fFN+3759Sy9+z4feOXTkuEKuuzMRJJLa
hCUlXhmc1vaNXdRy6Yv7a4MH9m9M4m48xkHq8ootrg/KoFXxwn69CdTEe23CRZWzgWVNV3alpexM
9yJPcZYOleOVu5dSJJMJJoweQbqqmu9+67+pr+/P2HETeG7LM8yaO59l734fj25oYcszG5k77wza
Txxn0mlTGTx0KMePHWXOvNOZMXsuEyZMJp2qor3tBIHv4dZBqFi2DhTxFKneAXxVbnMvTa16xUxR
xGsbVp6vV8+ItRIth2qnWKj80FOseCTW7OXJ9RbYZWuQ8vsCZeLFP7WOxE8kTK670x8+brJuftt7
3wOMW9FiSr8B3pIHDhzIv3j7nW97+1V/ffnoidML2a72pB/4bvqXYNBiqVpLPMUsXj6qgheLBYsj
U3FBYnPY4c7EHen8tbj/hRhWUsZYue/j/o4VuqpYjqLAU8qFKCqhnHK/i5veVq5vjctu7HVACAKf
UghVCcW+Pbs4dvQYWpd4fuvzHD10BIxm1OgxJJMp7ljzfeYtOJMoLOEp8CS+lm2n19sK7jVnOS71
KVu9sasvsUfl+s+FCJQLPVUME2w/m7iCxWUwJDZGKskNt0pc5Tg3dsHxgcQGR5wgkZcYksqUHRkT
BEnT09WeGDHhtHD+2W95DzCdJSvD3wBXryiv5kQ1tOliWbtMRiw475KPzjvv7fR0tkmQSEoUlexq
uG6NOzuH2lltFqLEq1eUwXaqy6KkTAimFwiNMuWONvE1y38rRBgnXYwxva5LBdjuJVtQG2eFxkrf
lEmT2EVyAPY9RUfHSfYeOIDyFIvPO498PkuxmGdO0zw8gUymm1GjxzBl+kx2797O9JmzreUV2thO
qVhg86YnSSSTtO7fy4ljR0gkfIw2vVx9R1sq9kNjyyXWqoqKJRNTXO9nrZRVxdaO/asr5GAovxM3
cbTcv2UX0bh3YXpdl7hspEKm1mXWzhu3Ss8YLQbjI6bYtOjCoQ2Ng9+9shlDZRn1lxNZ/P4VIiJD
Zp157kfmL7m4qrvzJH4QiBhb34I21i42uCBLrDzds77knZ/yrDEZlhUwFQz16jtjpLzdxJZhrGB7
vZ8Kdnp9p6KowVUzuPdm369yyTsDrr9jj8j3A7KZLIvOXsKOF7bx//7189x52y2U8j2MHD2OD33w
Wq583/vY/PTTNDYOYOiw4ezds4uZs+eQ6e4mmbSJmji5WI5vCihVGW9xjWPZaHCQsqVkFneq/JLd
WCBWqMYuixXXTjqyeglG4j4tK6QKkcbjy3rMYtfIjL2JXv1P3EbrEBoxCvvLoQalPBWFpdK8xRcN
GDBk1GXrm4WpU6e+ak9Wfv0hvyLpNcYUlon3kU9+9dZ/m3H64jDb2R4kEkkwEaI8RGuJNYsnNqsm
xmkmF3SOl6ZS9LJwcOumxfEaoHcMsBwfpEJoL5nL6UCHuJcSv6gyeF1mMAa2exFlrUUMHqy1E7vf
ShGW8uzfs4eeTIbJU6YyYMBAnnnqSTzfZ+So0ehIozy78EEUhby4bSuTpk6z09TCEokgQXcmQ09X
B50dnZTCIjNmzUWUV16xxZjIGlTxUkMuE2tX/4iDybEBY3rN560oDB0fA+Ukh/NMnWthKsFoOznd
3TvOxtlFHOIkSeRigSbSFoLaLaCAXRSinEW2b9PEWWdtQCmvqLVJfueGf1jfcuf33rbGmOwykVea
05lavKIlfOxf3/r+D674+o1nveldpfZjB5PpqipDpF3m1tkIYtfcQ+ziFFAZQDY2F5N0L0tfWTfY
LqtWcYk9FVvNFYu4fL6Kj1UV/DjFaHtAlRV2bH0rVQk5lLEax7gtrCuWlCMaZbDza6OQVDJFZ+dJ
nnlmM7NmzmLAoEYOHjxMXV0tpWKJSBsCz0MFHlHopn/qyBa+hyHxakGxFfWSBTKIs7DONRWNiRy2
4n3x6kEmTmLEi64al6jAVQbYCxqjHU7tBSJcQgNjr+2W+9Au+WG0qzzAZoLtIh6ube7eGoOJLM7j
ZAlGo1FaG5QRU0gkq4LV//SRpzfc/YPmlhaTaW6WV1Uc/Vsz59KPfpRlIiMWvvnyyyfNmC+FTMb4
QQLr2Ssb9/PELnjrguYCyEtClU5zxOCLC3VVbOwqp7UceTnAljVKZTAQM1lMdPH0nLL2i62AmAgr
dqhd8899JwY5MfhxbRRAk0ymmD23iSAQurqzdHaeZNaceWAMhWLexuKc22UEzl7STC6XI3LB7UIu
x6CB/Zk6aThxKfvRkwW6urpJplIOAOIysc6CoEJ8OCKqxLhMuSstQRlXg2qPsdazipdqwxiFmMj6
M9pYOoyVR0x41rO099COTHDEqyBeaw4BIlPW+LYl9gembJhCaQWqVMj7tf0HRSPHT5kMTDq5iU0O
c7+SEZ458wJv/arm+hmnn3fVrNPPVZmuDoJEEm0wXplztBD/xJArW6FsldpWKEA0iCeui3q7yGB/
h6D3ElauL51nEFdDVrAm5X4oexNgr2EcuVHJLtvrVuKOFreu7IbYoqpY6sQOHjaGVywWqK2r560X
v4me7hzZbJ6hQ4cShba8SyQmDY0kneLCxhBjBUwZ7zaCbZySckjB4LlpakJ5PS5t92mX/bW/CkYl
PGUt8PI1cbE6jGfj+W5pNeUUqtYulmVibywe2sb+Ip6xY7Bs2ySiqRoAACAASURBVBl3D3calW6x
ddPaZvp9zzPZfCaorm6QcVNmz9xw9w+mHD/OE9iE7m+9YMJvS4CpqXVnRir4jyWzzzx3dnVtfamz
7UgiSCRd92jl4Rn7C2sVF8mC9xQXzT2oOFfUiLIrdcTLhxswSipJDiqmu+2UOMYVu2Zuel3skrgV
ny1pOLMpvjES/6u4MvFnZwXasSHlBSiNNnR3ddoaKt/7/7S9d6AlVZUu/q1dVSff2OH27W46E2wy
Tc6goARBEJhxHvMQnQF+KOanMyYGR0fHCTqCKCYkCNqogDahCULDoCKgZGhyQ8fbN997YlXt9f7Y
a+2qizrTMO93ZrC77z2nTtXe317rW99ae20UiwXUpyfd4ghcBlbnDQAmJycRhiECY9BuNdHb14ft
Q5tx/TW/wCuvvIy+vn6848QT8Jbd98LIyDiCIIAuDJvbn6tFpNa3k0YOIfpPBqTMgn1IaBVe7oYE
YI4N6kKEGD8JZ6wbV1Gk4Xtdund6p8UCbh1/kIAaJGC1RCYAu7OBOvMWLpsTlUor+1bhkdwQ5V/F
vr5DU+DOgw845uRDKl096cTotqhUrjCnCcEYMDJMETS5ofIKgQNxwGpUOGN98F8qGBJ27/WuHPv3
CQTBkIpYmur2hpCdozDC9nSgXFiYC6u9sSOPR4Nc+KyOU0YlCkMkaYLhoVGEhQKiMETcjt24g90c
iQyiffqI3UYAVz/n5BprtR2bOk+jmhJEQoVz7a7TtDUQowSvkWZeQltpuUSa84/ueyHRknt+9uzQ
2TIlFhawbm5IGwoqfilb38ivIP8ZBqwll+60AAJrmAyz7SxcvHPBGLPPWWfR7+Bs2Rs2gG9IA5w1
67DokkvOqizZde+37bzHAcVOu8HGBK6hJEDG7xkVGqwZW9IwgL3hc646E6K9MSNZZF5zysDEmkQx
7MGkv0dOz/GMMAfumXqjGlS9NzWkOXEYLMkCgjEuw+r6rhVdeysLRFGEKAx8wiUwQBgaRMaFUUkS
o1Gfxqz+Pty25macdNyxuOXGH6Mxtg2PP/SfeM/pp+Bf/ulL6OnuRpokThZQPQTZ/bqxUBqkAMkx
n1xSyT9v7plmamM2Kw5WJ2SyMMQlD8jPlYZOGQOXaxvhXCxjL3PBFgQjjTAtjE0tz5q7gGYNLFh0
Zt4WzQRWYd26S8L+gYXvWLnf4VEcd+LASLM8eCLG/p7V4CgZJklysa5bzj2HOjcdS/KMELmkjzI+
jwfFXa5foFvr5D9rVH/2zlwca55xeg+S+7fMBcRYmtycg10ipVQuI5SaVBMCYWDc/lvL6HTaSJKO
lEkR2p0W4nbb2YokQavRALT3JeeeRyIuAKDc2pthhLxunJEC17RA7ps10pmJU+WX3in6ekr3edVF
s4Qnaz0p8slNacXhawOV84AZBu4wsTAM2aZpOnv+Iu7qnb30zdgyfb0RBmh2O2xXPPCLBxYt23Wf
g+YsXGobk6MmCAIwiJld5yG32yPw4qobSAtIY1ANASBZPe+ZNQxh1VbgBg45VugHXNrI54bcGwG1
D7ntTtkCUL1FJlb3nZAyyKz0gbUwVq4m/595+iyeB0AICDAmQrvdRprGmDWrH0CKWjHAL2+9Gx+5
8H247NJL8a7TTkepVEKapnjyqSdx+rtOA4jxqc9+Glu3jKFUrkhvOXhGYqwuPCl7YamXUiYNyoWp
QGYZpP+fhIpsxQhYZExSF7gY1NS6hIg6L19CIePq+0vLXLIYSh0auU1iAtyZGSmFhQKVSrV+AoUr
VqygF154IY8rWrzw8GDDyM1z9lh15JGz5+9E7VbdhGHE1loYY9jIGnGHPWaLEd7AOCPM5JJg6hgz
MDDgClOybKZGCCK1qJNWppTp0Jwlg4w0OqUMr/49ijO4nzmDLBjnrPjaG1v//ZkzdmPHAndRVY2B
CQw67RhJEqO3twfVikEnASbGp5DEFvMGZ8EmHUxMNlCpRqhWezA62kK700IURu5sDhI9zcAbMSNF
7kSZMdK1BJAUyMMbbGJGKk7Ih9DesAG5eM8zRvccWmbAPukGuGWdCpHx36+NW6UYndiFyPIe1z6K
yFhOUapUqVAq9wEgDA4Stmz5M6brz7/eiNUsYv0wYMzui3bZfUkYBKlN4jAwAZObNM6ycpkl8R4o
lzIn3eHBmRZDRkZEtybpulUP606PRD6rnH1Yvi5nJGRY4fUdebvm1bWcxIMS8AkUaM1hrnhWmaHf
T6qdqgmIggBsgcb0FLqqRew0vx9PPf4YvvyP/4Q77/kNvvQPn8MnP/lJ/OV7/gpjY2OYmprC8PZh
7L3X3rju+utw1feuwAvPPYfu7oprphoGMMowcmUdGcvNsw03eC6T517Z4tSsuPupT+7osPlx0g+T
jA18ssgL/9ChFJ7oP0v+Z7ovUevmABajBGZGCCCM4/j1DLC0pHdBAmDl0pWrFoaFQpqmcehNnLXk
tD9xSsTiwNx3GzV2kEym3L08jWBQ51olFHHEUkOozMb/n+rPatgJoIA9DtwaVCwLntRZ6X2QdZhh
k11PMQQtXofHlJbYaBd0AuDKfxj16ToqpRCL5vfhheeexsWf+0f88qY1KJUjdPf04AdXfBdvP/at
OP7oo/HWw4/Exz70IUxNjqMqiRHXaFj20AvEjQ//Id8n0YFfLI4UuJIal8hEPjJBRjiI2Gn8fkyy
OckiMvJzljFh15DCkCae2GmrhoFAtUZk36fmIRfJy2SHA9a+Hlc79HojDDB6cuu6oG/O4FsW77xH
waZpC0QRDFkk1rc0YKPRrYDOZF4BBFhZ2GycV3CG0PvezJuSun3RsZigVMAnL6SBqvbTynsvNk4z
0/2d/j26IHyY7TJ5xlUIe2NDUAqfsQyvm0GB785RaDQaqNZKGJw9C0+vfxFXX30tXnzmIbz1iL1x
zbe/hNGRIZx55pmYmppCd3c3yqUyisUihoe3Y5999sXK3XbBurvvxQUXXYDJiWlQMfLMIkv1sKgg
8m+9XwCpvo9ymhcztF5BlRUWEc/9PXuvsjirz+mz0uSZiDMakjLSWkGJ/XyQp/YFYMNE1loKg5Bb
7QZN18cnFi8+Chs2rHs9UKNHX74/CAullQuWragGMAmYi2RIckFSJpFzoiJEAgSdKWiPP09BZbI9
ERTjDzgmxz5sh3s/QcoxxMEa/T4jWHb7t10KgbKFrbNDOXZJWU1blhgRh5FjQGoYssJtKZORzHaz
0UKlFGLpgn6sf2kDvvavP8T6px7BIatW4N5brsKDD9yLTZs34dGHn8T733shli1dgqmpOm742U9w
2olvxVU//jkWL1mMRsM51ew4VpuNG/L6OIE0tJAaUB1Ssk7fM+QlOWGIDnewxjNYbZHFfnzYa4BW
sMPQ98JXIIDsjO9XAu8qHxjEhuFkTzYmoGZ9gpuN+iSAYNu2bf//GsCenkXBxMSrtUWDS1b0zp7H
cadNYRgypynpsvKZLjYu1hQDweIhGbJxisRwKSWHhhFKXExmnPzPyRtVHVyHFQdUR0HZNUvI6z8S
zjAcuI2AN1+LqKqtD8/V44kn55zxM8adBZKkjHa7hWKhgJ3m92HjlmF88ZuX4fGHH8DhB+2G933+
Quy8YhmWL1uC517aAjKhO91OQpoAAYrFEowx6Ovvw9TUtAjsLNhyICPdNa6GTAHnvInbPscue6c1
bJbEAJIGJVnM7OyAA7rb184+jDHsAG015vRAdY7NnZAh3p1FCFeQquRNrv2gzDkHMGZ482vp2JZN
W8O3Hhlgw+t6ufUsNhOvPlFYsHz3nXtnDQRJ3E6CIGS21k0zSHya4IuNXxwBZGGQ8RomyC1STaq5
uTd/lMXNMKfsUP5kTcipk3NjodhVNuT+nXOsjKyYGOQdcqZh6wOrsbbe0ALCAgNXWtRptVAoRFg0
2IPN2ybwz1/9Nzz84P04eN/l+OdLPoTurhp6umo4+28+hIce3oT7fvUQenu7AcOIO8DZZ5+BD3zw
Inzgb8/Brb+612tsrPfkLJFnvt5zWXk+MYhWw3SVSODKWlQuAlnxRbIumZBKNYrDCWTzOMFqeZAB
8nkQhbJL8JD6r0z/c/fCbC1ZWDJBZJNO21TCMNi2+VWaHh/dBMwJge1vqgxmR0NgKpcLIYDyrNnz
ltS6+ymO2yBXUs7GGM23ImNh8kEJNVg8uO7ZFUHKv5/Em4Mom6icgAylwcZ4JmB8jyyxt+qxoH/P
0W6nVHrti3Isxtk9BWK+KFnCABmoMHQMqNFsgZgxf14vDCX45jevwMc+8DcIWpvxpc9fiPe992xE
UQkvvvgaZs3qx8jIdowMb4cxBuPj42i1WpiamkSr1Uan08bTTz+DFTsvQ2oJRIEv84HoKJ6BcrZo
nbVxDSdgcqxVZQhv5FlKPzKWlGW+Z46vshcQ5YyxsmI1njLA4GyxiO5oSIqUjaRGyFgLG23d8MKQ
tclL8yomwsxMHQ0OzHa4mju4qHfWXE6S1MnrpGbfXRtwhluxASJYNVrCjt04KOvL6Cjl8OiwaZAP
09yPVQvMWCE8ZrN5MD6SeF0I6Jm2u46vS9R4HYIlWR66P5kARKEBGYNmowVmxuC8XkQh44rvXomP
XPhedCZfxRc/cwEuOO9chGEB24ZG8PJrW/Ds85vx5S99G11d3dg6tA2tdhv1xiRe27Qdl/zDpRjd
Po671q7F7Lnd6LQ7rtKAs/tWXR355/VGW406MnYo72At0vcSDVzY6omKXNtHJrm1xpqGUdaX2Q3j
1yH773RHelkyhtgIfSKwNUThq88/3QTs+j0PPzDCG2u24V87ygCDtL8vwFaUy9XuvmK5jMbkKIVR
BE5TIiK/K13MvoBMDJWK1iCfIn+9Nwa0YlAGS0M8MdGk7oJZ8ymwRAglTGEjmplus1G9SCdPvlg1
PB+eyL24IuscCNQ4MBAErm1SsxUjoBQL5vVieqqOa6++HrffchOWL5qFL37ug1iyZBHGRsexbdsw
oqgAa9vYZecVOHDVnvi7v/8M1t5+K/r7ZwFglEtl9PaWcPHnP49KVy/e/vbjMDI8gXKpBE41WSQv
CcHYSJGrJDOQjRby4ajbu+v0lVTLGcAypFITCDWCcPMlrYxArmrISjKAKW8ckLEHkJQjqsF0rYwM
uQPC2TIVy+VkfHSo+MTD9z8H4OVtTz3weqAG5aRoAHRXaz3dYVQgtrGRRceSlSXyrB7CmNSRKTJE
ThF5xEGFVBh2QxPkF6bDKGsiTWMYx1rdwhQcseEsAiCVHchJEGQys+EdigCMLbTjUVYSI+GwXDMg
gyAgNFsdBGAsGOxFs9HCT358E9bc/GMsGujBxZ86DzvvvByj4+MY2j6CJI0xf/4g/vDYE2g1gaWL
l6PVjjFvsB+VWog0KWFo6yRKpQQrd90XTz/5GE4//RQwUhijCQVnmJktUpfRkOdhuP59rpLeGIPU
qtBGUvTs2LSvlBGi4QrsNUHmxl2qcqB1q85JyF5hqTdUtsdyCqE/ypNZc3RgBJymKSEIrbUpFUqV
uFGfLjz58LrHAWx4+YX1b7TbkH/tqAEkmxYMgO5Spass3ZhJPXFec9EMmhYqu8JeNTZSEOoXtywi
WBgKMrAgA41Olv8dA7rZ2iiImb1GJTcGXwfmGaF4L2EAJg9IzsI6557UmxmEBugkCdI0xsDsHjCA
G392M35x842Y3RXi/3zof2OfffbC2Ng4tm4dRqEQoVqrQQ94mpiYxuc//SH87YWfxl/+5V/inHPO
wZLFizEyOorbb1+L73//Cpx9zt+iWCig3mz6Nlh+jHRXB+W0Eri2TdpqSEMuWPgEHqvMAIANORYo
i1vLFBxCjYTNAl4rm9XJnTQHATaz8dX/amzVUQPEaWqJ3CHcgCGkScLVYq/5wwN3JY8/eM+dffPn
N7a+8AJjZjtzmq6kBKBaLFXKhgiptX6mACa/1U3KppykoVhSY+huhCGRADy58Ewt05PFvnlGm3d5
NmPdilcNv8UAs8muOROr6njJ/56VSbPDEsHtaAG5kqmkE6Pdtpg7xx2otGbNbbjxp6vRXQI+esF7
sGrVfhifmMSWbSOIwhC1WhcazSbiBCiVyghDORqTGXGcIo4DcArESQJDIabrUygWixmDl2dzvS3y
NbpqaYS1SahvNUIzgE2tjJUUxueYMgujNCRnTRu3k0NrHFnWl2Z3WTkSkUqJfteV7ixyUDUuX+1O
QGRDoGanTT39A/TgPWvouccfurPU1zc1vXUrFJlv9LWjBtCUpicN4EqTpMZLStDEB3otTVgCi+nS
jfdQT+tos+saoaGCpsEVyG6rE6lXEOGY9fcs/eDIhWmq9zCxy7ohG1A/+VLC4ENA8V7aFomBnFE0
noW22gn6emsolQL86q51+PF116AYJvibvz4Jhx96KOqtFjZt3oZisYhaVy9SGwsoLaJSgKnJSSza
aSGOPepg/PulV2HTxo2YmJxEtVLB5q1bMX9gFupT4xgamUJ3rYZWnCAwxhW1MknlPCDLWswGw1qS
cMI6zS5lD0hdxFYLYUWABjT14Ty5Fk2zMhqmTBd0QqIztLJLwCc8iBzAHUHjlFMyxsgMOhyEQSGp
1yeiW3/ynccA3NuoJxGA4dfjqhC0QgABE1zZtHFFiW4mLeVr1HRzPSDNIgD/zM4O58pNfFiaY2a5
MiypNvPZX+SMFrwMosYMgnG9j9c5ahn2TAPMGLq7hu5cUqeWotOJ0dvbi0qJcN99v8aPrv4hDDfx
v888EUcedTjanRibt2xDVCig1tUDmyRIYVEqldFoNrHbrrsiiizuWXcbPrL3BXh10zb0dlzj3FKx
ipdffg0vvfIMPn/459BsuqNchT1I6ZPDi/M3Dg8gJ5doVQBZ9s6TJGNufW0fe5bn/DJnbC43L6pP
O7cnRpUBK9Ecs1QbCOv0iUdmTtmStN1nCgxzkpooKsatZiO8++Zrn2nWp9b11BYHLWxoZIvjjb12
mAHWC0kAAJ1Oi10SwXMBqX5gH16yAoAUuppUgIT+ogXkdAUFlLue0GDdmI2MURpkC13UnMywymcU
ahrqatjnwiQNZwAoIP39unvRbW1hFGLW7CoefugxXPvD76ExOYS/fPeJOOaYo8EgbB0aRhCE6O3p
Q2Kt64dHzrtSyKjX6xgcHMSaW+/Ct7+/Gg899BDmzRvA5i1b0N/bi57eXhx66CF47vkXMTB3FkbH
JhFFBcnWuXsn31JXQgYil3FDtjuBmN3BjsgYoj4T+0hefgY4782cY4YSxpDMFRu5jGZLs2uRN7AA
yHBqnfFzZ71aBEGExvQk5sxfhKsv/cf2kw/ff03UVx1vjw218MfNK8lOpwYApUmcqtd0mLDknWkW
MCB7GmfUFUMs2HC+l7KP6Bj5d+nzKHqE/ajRdME8WIqQs+9VBp2xOO1Qo+GduhPoNjJikPQGhNe+
GVGhgFn9NTz+2JO46sofYGJkI85819tx3PHHgijC0PAoiAJ09/QhTS0sWwShY+yGGGQ6CKMiPvHR
8/Hxv/sC9t57Xxx+6EEIQqAYVTE12cRHP/E36OotY7/9D8TkxBSKxQJs6taTFYIixzG6MbGKIUce
ONUtquzwzPJMPkyyktHlbLeUjLerL3TGzKpZEqfqmaDOq0RvmR7o6KBNUzKioVlrEVBAjXadZ89f
bFd/99/sw/fffm3fwoXbxjZuaGMH2qz9udcOZ4Gbo/UAQNKo1+tJErsT4plhgoDBTJIkz2kdrLiS
lzNCJlCPLv+jMZsaH8GZp+zI6Xa+LEWNphhWy1kdm6ygzL6JhqFez2TGkTi3R1MMqWHHMIMQGB8f
w9f/5dt48fkncOrbj8Cpp34YQVjA2PgkQAbVWjeIXMjqdMJQOnJYsI1RKBSRxCm+/NXL8OnPfBYr
V74FY2Nj2GP33dFsNlEqlfCDH1yJ008/A+uffgLLV+yCyUYHhajg9vbKUvbblERrUWOf7bF0TM0X
nwJQHdawFi+7xeuMalZgo/zGl3Rw7qcSMjOJlCAeXkIXTqwTp9PUbSCOogjTk5MYWLCkfc+tNxRv
/MHXfhSGpd/FY/UUwDT++DQvrk9PBQA69anxJqcxjDEMTpg0mKVUAkn4edWauXx47MNY0uJ1AYBk
GbVGUSUbBZLHAwCGQeAzv8gwpexObJviigLKxkkNiYTCTtDX8iwNp91nJifHcenXv4dnn3gYJ73t
UJx++gUoFEsYGZ8CgVCt1EBBILiS6IYtyLguzpVqF0ZGx3HaqSdiw2sb8c7TDsapJ5+NhQuXY3p6
HL+85Qb091kcfOixmJ6qI4q0Qa7Mu7I/CYfB8B1jrKuYdjAwAFkJU8HSA9BFJOpEIcVZ2iBQx5Fk
rzARcpqxnTFHegyDymCuegRsRU5hCX/DMEJ9agpz5i9q//ruNaXVV3x1dWDtr8c2brSCqzd9aPqO
ZoG51JpgAMnk8NBwY2oCUVRwhJjZK0vkLTi8NANld8rwOBeWeE0r937xJuohfKcKMWyqKUD+dPZT
NRnvbqDirM9AeX1DKLqWOXB2b8QEEwZot1vo763g+9/5FjY/eRuu+LdP4fSzzsL4xCRGxyZQLldR
qdRAJgQQIIgKMEEBJohgwghBFKETW8yZO4Bb1/4KKSK879z3Ynx8HIVCAc2mOzVueHgYq1atwgEH
7Ifvfe9K9NVKSOOOrFddsJ6z+H97J6Cel7RmjzKHIpIBe2ZD0F0f/mesl1WjIED1057TsyDXFkdk
GRQYw2ByuzUCg0Z9mufOX9x56L61pe9/9VN3pYyfAdQEMArnpV9vAG2r1QKAZGpiZGR6csLtq7aS
a+bUu9DMaapyiwwfWk+GbD4BNTyY4ZQdW8ukBP/Y/p+aSKKcvuoRCLdThPyHSEdM4iF13Kolkxb1
k0G700Z/bwU//tGP8MJvf4rL//njeM9fn43JyWkMj06gVCqjWq2BgsjhKiyAwoLDVBjBmAjGhGBy
W+XqjQ5+/ZtHceYZf4GDD30LNm97En39wAc+cB7ARYxPjKNUKoimDF8ypASQoHKRYEecrBtmlQeQ
lcJIiKqw0WsqTlQ+gMk+q2PrpRPJHEtgC5WkdAOFZUtGW+rAnczXaNR59vyFncd/d1/pu1/5P+s6
SfPHFIaKq3b2LW/8tcMMsIUWA0jGhjZvnBobQvfSXbk+2aIoiqxNEx8wsNJlz0RUqM86uCjH8J48
79FZKLhoinruh9YmadsskDQLg/Yvc4zQ+RYVXskXVwNGCl3d5Iqf9l1ffPID7gaJGa1mHaeedQ6m
t2/EC8+9iN32OxJxuw3Lrhg2oBAIA/fd4qWRAjAGYRghjAr45a1345hjjkFPTw+2bt2KYqE4g7ml
aYp3n/5ufPVfv4btY+Mol90BNBCR2TdZ4OyZYLWgFP67ibMezmokdLO67zDjAe03tHlzx+rnvUGU
w5QyTWYGWzRk2EqoztZyu93BnIEF6f133Fj89pc+dvfY9i3XULE4kSTtEQBN/OmzG7g9sc1GUcQb
X3x209jQZp47bxHHrTojCIjISDkoZcZKHSxlxlnvCX7LFbwU47+IsiWvmr+vQ/WLHl4K8EJK3kmK
0/BbPEWZ8DjWsNpFuj4sZq+5uT/b7SZOOeuv0Z7ajsdfehm7rDrKHZbFrlGUMYEYOjeHlhmcpoAh
FMIAExMTmD17Di7+wpex4dURPPLIrSiVizMGNrWMa665ykU4sq1aO3mr43MdW9zza5TBOr4p6eqF
JjmUhjvt0MrYuISZhWO4FiRJNd1v6fCkWWY/F+zWsCxl+X7XVzyVsbLWIo7bds7AfPvgurXFSy+5
6IHhrRuvDIrF8SRJhgHUBVdv2gDuKAO07XbbolKJR8e2vrLxlec4iook/bKJXMEYk1h37/08QMU4
Knb9opPkh4KbIOUHBC9ESxjsNZxciOY7yopL83oVkAGS1TiqaK7hruc1WWcZFcBzrHVsqoF5ux6E
SoGw9bnfwdoUxUoXwkIZFIQgInfmiHjnKCyAECDlAEPbhvH4E0/jmGOOQafTAYvB63Q67qAZYzA9
PY0DDjoQ9elJPLv+edRqVaQ2kehJGYz8ZwAtcPbaTe4Z1E748VEmqEZNx1qMAGtYCPgR1lpDqGkh
pea5Mfe4dtcslkqYNXcAN11zufmXv3vfHSPbt1xPQbA1bbe3AJiE89J/KkxhALba25u26lMvb3vt
pQ4FCKSZrVuOnqVpgkLvE5m/Uk1ZYwuZWzMjGM7rgvnxc3h1xi4zqjOMq4bCAqyMOOtY6ZVMbqyy
urYMbxC8AONTDQysOADVaglbn30QaaeDYrkHUaGKIHDniAQUgIICgiBEEEUIwwLqzQ6CoIANGzbg
uut+im98/QoAETa+NoypyWkMb5/A5k0j+PTffQ493X244SfXY25vBe2O7gax2RiSToJsM4U6O11E
upD8IMoalD3RbPwvSENrP63w0R3Jd2pdrvuanNSArGmD83euCDuMCpg1Z4DW/Pg7wVc+/tf3DG/d
eDWCYFvabm8FMAGghT+OKt7Qa4dDYACdnmoVabv9yvo/PLjdWhsQGcvaQ4nZdQWWAdQww4vvxC6d
DtGkKBtfsIIyP2gzxhByEe99WYHua4zYTyjgl292IUBMaLYNSIGtCQZljPre1KYolwpIOh2UB96C
2qz5GNnwGEY2PIW4MYmoUEap2oewUEZYKCAIC4gTxuRUHZVyCZs2b0YQhFi2bCnq9TqY3WlzaZq6
E8aYMT09jdmz52DevAE89eTTKBXInVciS5j9eIoL8AvXeuOvjsQpCjnmreEJsySPtIJfdsVIJs+/
HzMG0LOezALDGwBjArZJQmEU8uaNr+Hvzz156ttf/sSVJij9oG/Owk1pmo4BGIczgP/VyV3tTocN
gA1PPvLr4aTdDoIgTGUtOmcUuPy0ivKAFskoRih7Dr9eNUoQXYrz45IJ9nl4+R1BSiGFHanMonjy
zjgbKMEVS6H+6y5MVm7PfdJai0qpiCSJUZq9M3rmLsLYGlCYhQAAIABJREFUq09iZMMTaNfHYcIS
CrV+BMUKorCAICggjlO02h20mk3MXzAft95+B5Ys3g0HHrg/Rkea6O+bDaIyarUeEBdRKgQ4493v
wfXXXi1oF2acv3vKkkhARg4U/2DKDKM6ALmCK3zOHKPztblFrUPIufnx0gT54QaJjXBiIQJjOLEp
RUGBx4a38WfOP7152Rc+cnVi+Yq+BYs2IaVRwdXUf4OrHXrtMAME0G40Ygtg07OP/mb99s0bgnK1
ltokIeMOWHUt8NUPcGbxvZFT3U0HWrO9JNqg1wRya85/GBIGAtq3LNMg4FmC18bgTIMP9fRn8h2K
aaLsL9o9VzWkgNyWt3J3N/p7q4hqczFr6SoUylVMbX8ZQy8/jPFN68E2QZIypqbrsMwoFkL0ze7D
5s3bADKYM2cOpqfrAMif6dvpdMCW0Ww2USmX0dvTg5dfesE1S7VyPCNk32luIjxD8+ObY7aU8+K5
MVbTn5UpsWdUIrblmHE2X+BMb82hVZi1K2ggE6DTbND8xcvowKNO2CvtNA8f276xjcHBp0844aIx
wdifC1EYQDuemEgAbHv8d3c/MbR5AxXLFWuThMgE7i6sJTIm83DqFHRBS+imEbIGbs4x6KLjbAGL
Q1Gn4U2CsBQV+DVZoCq3JqKyAFnHJnNQep2stEvex1lFgzHuSNNytYZZvVUE1dmYtWIVCuUuTG9/
BcMvP4Lxjc8CSYw0BaanG0gSRqkYoVargUG48857cfRRJyIMCJ1OgmYjRruVoj4Vg5kwNpbi2KNP
xuaNW/HMcy+gp1ZFJ05gQj3U3K0nX3OXJx4khAS54mYdW9GBc4UK3gHr9SDJxmzXkK5//V6ZB8p+
prbAHXfAHAQBWs2GGVy0xB5y7MkrA4Ojxza9GgPJMyeccNEosDjvhd70640wwDiuj7eL1Z7Ghuce
f+ix39zdLpYqxrI7Elb23LL0a/TykXsJ74UAiLOBdQDOEK2CPvtFDnVHPnDOxHh4sEkHhtwta0Wf
MoCZRlUZozemUOObGZW4E6Onq4bbblmLNbfehdlz5qJcKaM6exlqg3ugMnsZbNLG8OYX0W7FKBWL
qNUqcixlgPHJCQRBgCBwB5irdmKtdYWlYMRxgjS1qHV1YWx0DHqWidapQQV+Cfk8s84Bz4dZrMse
WfkLq0VTwyjPbZRRKiNiWctiWJEbehkhPwNiDExgELfbtGyXlfyRL3yz+2Nf+taBn/3GdR888/0f
//4sa/7xttsuHQDQvphZdxP+KVylMeJGUKwm40NbHvzt3b9oRaVKkCaJJSKy7DOCmSeDJnhIkiDk
5y8zQMiYmDB9b8zdQ8yYaw0L4ZNDwjI1pNWwWVatdzikzEiMqiA1Y+3Z9ZldqNmJY3T3dOHOO+7B
jb9Yi9lz5qBSLqM6Zym65u+O6uxlYE4xvOVFNNttlMpFdHdXARBKxRKGtm7C1q3D2GvPA1GfNkg7
QLvNaLcsWq0U1oYYH2tg2ZKlKBWreOKxh1CtFJCkiRyUlK0D1mcW0LCuGiJv+PMsT3V6B02SxIpb
w2yyUF9n1zDlHJSiWvULddpu/WkbsCAM0W63aOGS5XzRZ7/W9eEvXH7gZ75+/QV/cf4nv7Nw2a5f
uO22S+cDG1oXX3xP+GdwtcOvN2IAEwDTlNqYmR+979afrB8d2RaGhWJqRa2Rh3eRQCClguoVKAvJ
oEZPlhmT95PI6y+sn1GAe8DlFrRinnOTg9xCnwFY8pOQrRXy95QZWllrxqDVaWO3t+yCG356Ez72
iU/jufUvoFgI0D97ALPmLkL/4r1R7luIQiFAoVBAkiSyAFLXCt9lORHHMcbHx1CvN1Cv11Gv1zE5
OYnp6SlEUYQkzg6uVqNs5f49ezGi53kDrotSH0bYjM8Gyzio9WTKpkOmVZ/evdldU4/G1Gt78FMO
4OqbyKBRn6ahrZtsoVCMDzji+PZfXfiZpf/wzZ9+7F3v/fBvwjD84CVEWL2aLf74HGrFVYMo7cCY
9evW/OT3Q6+9HJSqXWkSxxQEgUZQ7EQBEjOtxkX1PM14Kz2hzJhZeVbSrwTy4Zgv4tW4UFGgDkOr
Evxv5G+5+jU/HrlrZtwzk2gYQEAGzWYTu6/cBb9ccxsu+sgn8cwz61EICX2z5qF/YBFmL9oDlb6d
UIgMCoUIqbWI4w5K5TJefHUjms0UOy1cjInxNtI0QKeVotMGOm1G3Ga0WgmMKWCnBcvxzPoXEBqW
g8dfx+ZNPvKSp1T2Kz/LGod4zpH9p9ljDzk1+exdUhZaZ2vbOytWRwPvzFkYZLvZwPDQljSKCp19
Dz6m857zP7X47//9Rx8567xP3Vft6f/oJZccY1bzn8TVDr/e6AdNknTKhXJXcWjjS0mxVN131RHH
B42pMRSKZbBNXW8veX4izbo6O6vtgkCYsUNED/oG2AvHRgeOAOO9DJQvy+9165syQPczl9nNfSc8
3n1omT8yU74S7n4N0iRBV62E2267HcsXzUEcp1i6bClOe+dJuHnNWlx62beweeMrMEgxd04fWs0W
gtA1DmWbuBPipqex08JBfP+H12J4eAynnnIyyAQoFCKYgFAsFFAoRBicN4ibb74Z37z8clzypS9h
zuB8dGIL1xB5Jse3wiwUv04ZA/RkLY1QOLcUmUmaV8pFSEeaZ1zX7d0WIOovBJR+KbOWdBHYhcBI
mckEBmFQMEmcBo36VJDEcTprYH5n74OO7dt5zwNO3LLxld2/fdnf3r96NU/dcMOfPMg6sElSLJRK
1YmRba00ifc7+K3vLLTqUxwVigRfReAK0wwFTLBkYHy7NF1kRr3i60J6PcyIBDcOMoJFZ5V80wPf
DEM+LzXXEB+UqzrQxa2/yySeQMY6a6xhYG2C7moJd//qXsyfU0OaMhbttACnv+sU3Lr2Xlz2zcvx
yssvgpBi7uw+tNstOTzMZVTbrSaqtRqefOJx3HLLOpxz9vlIYoPUOtkkTRlx4v5sNWNUKlWsu+8e
tJJJnPrOd2J8qo5isTijONnvBhInYjPbqCCDUBmPK3UUHkPe50gHGcGT6wSVa+KWw1cmydos4iO3
ZQLCRokMRVFESdIJG43pIImTpHfWnHjvg47u2WWPA04Y2rxhn8vPf/+9VzzMk2u+8+YOSH8j9NHC
1XKNd5pTDRNFj91y3eX3PnL/2rBvzmDSrE9REBUY/i6IAyLWcEmRqNki9w7yHjtjMzICxF6TYxl0
zxR9qKxGUtkO/AirUdPr+cWgYbPeAyj3vZjBeqQjMYqlAr717R/g+tU/xQnHH4kLLngftg5tx333
PwCCQZJ0YNMYzAnS1DHAJIlRKZdwxWVfxc033oATTz4F11xzLR555BFseOVVPPX0M7jpF2tw3vkX
4qKLPowvfPFLOPSwwzAx0USpWPReFRo6EOUcSG4MkZU2ZHYuCzWyej9v+Wa8WMdA9LAsnBYtjHL+
muDvidzWt2wLHDMHoeEoKiAwQVifmihNj4+kq444vvHxf/rBGQcee8ovzzqLlgAXM2Y63lRwNdFp
NqeiUun5e9dcv/beNddT/8D8tFmfggmkWsu6M4HdsZsa/mbMxTH+XEjmV5nqcVnoytD9sLriPXfz
8oGPIER6yDhnDlOeWTrs5ZRBP1cagXg8Wwubpqh0deE7378G11y3GkcddTA+9IHzMDk+jvvvvx+p
tbBpApt2wDaBTWPYNEFAjPGxYdRqfbBJhInJacQdQqdt0OkQ4jYjbgeoNzpo1GN098xBfXoqk1Z0
rckcU35dKkOj/FPoenD8O1tbeQlBRkI1UqV0RCDZbaJyjfYKVEbNeg25rlExUGhkmlgyJnC4CoOw
OT1dnBgewZ6rDm997Cs/eOehx51++/n7066rmVO8iUPe3ggD1KVjAIRMVEvareH1jz80uPuqwxcM
LlrRmR4fDQrFIkCgwICttcYYw8LwaCbz0q7ByIyUNOtUKPp6K++VOfPejFwXZNEPIA0ttSOIW6gC
UKXgyh+VDJEwTjfhQRAgiVN01Uq44447MNBfxYknHoejDj8Yjz7+FK69bjVGxyawat99cNQRh6BW
LSGOY19faNPUndBlGI16HUsWzcfpp52IzZtfxR13rMXPb7wRP/vZz/CLm2/E8+ufRClsYq9Vh+Az
n7sY09MNv9idJ5GHlB/owpzx99fbNaWH4lishBi+al+OE2BPF53ldzvusoJivaDjHuSZt4+fXX0v
WytBOgHW9fOSEMYgDCOaGBsu9M0eqO950NFLXnv5ucO2bPjejRdffHFj3bp1r8eXARCQMbU0TUaf
feTX/ctX7rNk2W57xVNjw0FULGTz6rBAgQnEJ+bYvHRo0ebinuV5fKgvdvjTg5T8biPdz6tYAzxm
QRp1cA6TGcskItlZkmeQ5HFo0xjVahn3r7sflZLFSScdj2OOOBTPrl+PH127Gpu2bMW+++2NIw8/
FD1dNXTijkRHFswWSdJBEBhMTU3hyqt+jOOOORtzZy/A6PgYkjhBpxWj1Y7RbnVgUESlVMW3vvPP
2Hf/lTjurW/F+FQTUbHsDkwSXuZD4jy2PI4yDLjRY48FH/57Nug+rI6X9TgLJS+ZycsYn6w5pixs
ZmYCmawclQC27FoDufVAYTGiyYmxqNbV39j3sLct3Lzx5cO+fs57bjnvYZ565DuXeP+zI683GgJn
RpA5MCYqTU+MbH3qkQcGd9lj1cDind8S16fGDSxTGIYwQSAelckQ2BhtWe4O0AZcmOzB455dgJfp
dibnlXRgfGgt4Q1ItW43alkY425btm/O3OTujbAztvq7JI3RXSvh1ttux7KF/RgcnIdO3MGp7zoJ
hx1yEJrNBm6/fS2Ghodx2KEHYWpqGlEYAOy8NpC6VuQGmK5PoVAIcNI7jsVpp7wN7zr5WJx28jH4
izPegff99Wl421EH4vdPvIJVBx6KcqmMOE1dMwQPHhJQ5sEFobJZhxaPYwmF3d5yTW5Iho10CnNJ
JrA7NwTa0VfDHbWs2eLQz2RJKiaWThXsdsnDshXPxbApo1Cq8PTkeLHW3d9YvnK/Jc/+4bdzbv75
6ptWnnlmYfvTT2ttoK4xw2lq2KLSbtW3P/Kfd/Uu2WXlwp133y9tTE+AU0thEJAJ3f5aax2OHMoc
GyW4CkJlZWRULsnwAsGQGijjNU+IQZSoIgMQ9MDMfJjsaad+l1JLxaJR4+m+K01S9NRKuOuuX2Fu
b4Slixeh3qjjnSefgCOOPBRxJ8att67Fps2bcfhhB6PRasm5xUCaxgiIMDk1gWVLF+PVDc/jq//+
b1ix7AAMDixGrdyDYqGKYlgFbAnDI5P4yr98AltHn8DXvvEtJEwgqS9UR6fWTq2NwxbD7QV3ji4z
bHoqG7yTZdYzZzKcuOY0aiThMcZ+Jfqv9ZfyBFomxkpJiGXXkwZwfSYV9pYtomKZm9NThVJXT32X
PVYteunpxwbX3vqtm4867zzasG7dDtcGvhnx0JtuZmuiqBiMj2zb+Mh/3tnd0zd7wW577o8witJW
fdowWxhjKAhDV7DBomcb8tFUnhA7PKmRE2bmgZj1sPPbMTPseZaXeWP9gjzfyxF7NagCVq9TGoM4
dhrg2ttux06D3dhtt50xOTmJ8ckJVCplHHLg/jjj9FOw154r0Wm1kVoL10TAwnIKm6ZgmyJNYxjD
SDptDI+MIElilEsFVKsVFMIQbC1e2/gaHn16I95+wskAkeu/RsZ7ZgcKOVjGz4AaMThLR0aMmHpm
5BJOyIDMHu0zPLb7G3nD6ktK/FeJEM7wG+BZDIW/jiZpjWOF+h1pmlJUKKE+ORbN22l5OywW9/z9
fXc8fdkTjz95wyWXFJAVSOc4LRtjTNRqTm/67T1rSrVaz4Jd9tw/KFeqSbNZJ5smZMhQEBiQMcTM
FARGzD8ci4OcEELs9wFrg1fFlZNa9OwTNXCa/MjhUiIRxVsWUeTfq4ZRs/iCwVyCIU0TdNXKuPue
e9FXI+y9954Yn5jExOQkiuUCDtx/P5x1xruwat89pVjetdwhdnuALScwYDSbDbzt2CMxPb0Z3/jW
Jbj7nrV4+Pe/wyO/fxB33XMLfnrT93DtT/4RQ2Pr8Ytb78TAvPlotWMEYSgHnQv5hzo6tUjGRQKy
5zefLGSdGauMbqaDUJyodfBVCCSQs3nDkeEPMxw8fIiNmSxRmk7pwBpO49gUyhU7NT5anLtwaTMI
w33/sPqqp1ZdcNcTT99wiR69/d++3owB1D0uDMBamxoThkFjauLV3979y/bo8La5cxcsrsxfvJyj
YoGTJLZuF0RKYRjKmLEzgkSUneIFH044gGYGjKBGStibJjy8Op0ZRZcE0YWebZ1TrcOFyORPh9Pw
yc2va7PlgFrCbbfejiXze7FkyWLEcQddhRomxxvoxE0Mj4zK3Ft0kkSey3rjxzYFcwKbpABYukkz
Op0YcdxBHLcRBgbtdhNPPLsZR771ba4XIJNvNOGPFxVgWR8+zDRgyvw8s/NPk3t/LlEC/y4NgaQP
W86QKSgJ4tUdxwJy98PSwsiNgmeTRCBmlgIbNrBsQUFInU4nHVi4tLhxw3N9//He//Xz1as5vuGG
SxRXHlMAUtfyLAqTTmvTw/evrW/d+Mqs/rmD3QsXr0C5WkuTOLZx3GG2KUVhCBd1O6uWdQiSORVs
AYA7zCrDUsYOJXymnDM2aij1MCGGnpzlzqJyJjLrs5B5XpO7hv7Opgm6a2Xcdec9mNVD2G3XndFq
NVErVTE92UDcaWN4eMSd92uAOE7kXm2GKesSbe1WE28/7lic8I7D0d3VQid+Fc32i4gKW3HAfnNw
xruORLlrAKecfiY67TaCKHLzANUxRT9lcZp+T2iGCxImOMMw5XAnwHLhrthRi7zxyzLBKrVw7vfw
+NbFaH247FiqME9mSJdIttaSdiuylhGEIbXqdd5p591pw3NPLrjzX//XTy6+mON16y5h7MDrDYuG
8urAdWEgAKFNEjYmYmNo3dqfXvnq7++/c/+Djj1pt8OPP7W6YuVemD1nHmya2Hp9nEITgthK/bJU
HRkN59TLkltcOUYnS9GxDnXq3lv78XXDrSU2pEyFkW+UoETI+ElVYLN3T87jucXTSVso2ghfvv0y
3PHwf+Kq938di5csQKvZQRSFsEkKC4vUyB5Jdi2MmBNY68ALTuUga0aQ20WUps5AEtxDOKlDE0DG
F5emqlIqCuWsBZKHIbAPPxgWvsMuwTWUFMAhtw+YYSWZ5HkAsnyfMwSpvJvESLroxGX3dMTBPmCG
2w/qBp9IQ+LAGmK0W42od/ZgZ++Djz344XvWrMLuuF8wqN18Y7j9nQGA0NqYAHChVPntfbfdsPHR
B3+16qCjTlx5+HGn9rxlrwPRP3suiMhOj49SEATMnHUbIUAO38pCMiML2y3pIHtOMXLwIyNaqdIe
ZTRG96/L84tkw6yfzsYRxl2DWY+5FJYN5ziICbFtI+IIV/zqGlx7/0246v1fwy7Ld0aj2YAxQJom
COSMDWudDsiphR5Tunnza5jV14vzzj0HSRqDbYK400alXMJLG17BHfc/gzhxvQCttd6ZaWTh55TI
dXT2JTJuDep8g6U3JwlTy8WxVsabbVbOlk+0WI1kBIe6jl1toMguVve8uzWr55WwVccN1+GbmYwx
bK0lArs/jeE4bkbl7t5k/6NPPOChdWsOueQfcBcuwQ51iX6zBtDC7cNTcpZaG8fWYn652tXavm3j
ljXXX/H7u2/+0Z677X3gvIVLVsw57NiTqnsfeHjabjWCMAwd0bDii8Q2GeMWJdh4z+mZiO7XZfHU
PkOcl1czQwjA178pKA0I2pIH7A5q8RRYzs1QXdciBxZrwbCIbICQDayN0Wm33H5eYrBNYWU3t5tk
AStbWJvKhRxwnYEVphi6NlrWZqCycPeknXOZnXZndOGqC82VJmQFu5D7IWim2DeCzmkx7hY0W5oZ
PM8MAJ9hzTsD0sJXJtcyCciMtdYYymIC4A6uc4ekC5k3lCZJunSXvbt32nn3I8/ane7HzEoEhts3
PCXYsgA6nVajWS5X25OjI0N33njNo/fesnr3FSv3WbB8173m7Hvo0V0HHXkcp50OBWGQoxfuGbQM
ynm8HDYkBiSdczF2fns0C2sDoAcq6fN6ISXzGu7y5K7hjYB8rUaHangY7HFhkIKYEdsE1qbodBpO
OiGHu8QygtjKOFup5XNOtlQuodVq4JWxYTAzAkNot5qICiGmJsdRiAowJnDHIkhZijfmTGKg1enC
kwvvJMSx+oy7goHU0foFmq1VEfVYqaAyOkjkltMPveEEAdIgGSkB5Bw46bj5o2cIbK3bdZamao6t
MYHhNEmW775fac78RcdsJ7oLWBEAL/y3BvB/UkXNcEZwAsAQgFcBPNesT70IYzaXKrVX4sSu+cNv
fvXrRx+8r2ktW5hcg8S8+qlsTakZyWL1yJEF5/UrDdiQgVHnQa2g98cyTJ7bZFpXBki5Zi78c9UL
7AymBSZak/jo287Bzz98OeYPzkKn1QTBIo3bsKlrmZ8msfszjV1ZTJr4UDhNE9kBkiBNnOzFNkWj
3vChk4YKeaOmZyg4Eyxjlfsju3+Bo3oAm3t+D0J9uIzVZC4C0NSuegDfnRcMWC0r0QUht8CZcQDY
7+phNdTWurYGBDbGULvdooGdlvLA4JI9AITnXXHF60OVPK62A3gNwPPNZv05ABsLpcprgYnWPvPo
g/c9uO62iXa7hcAEnNpUbwI+1pJn0gll/zstoXJsTLtfwy9ylQv02FY1GoImPw7Z+CPnoDI9i7zW
5o82gGsvb9kZvvHmJN5/5Jm45+PXYvH8eWg1GyDJ+FrBUZp0kCYdVxZjHdOzNkEadxAYQq1aQbVS
RDEKUKmUUKtWXEch75zgscH57uL+/vxgIFsC5H/mx9OfKYMsI6HXzkY3s/ikFQhyCbkX4mxsctCD
FkX7SEUYdMY8HfasO4eICYbZWgqjiFuNpumfM592Wr7HAQDMxRf/0+tx9Sdfb5YB6kuZYAqp6AfQ
CqKo2WpMDxPRGe9+30dOPfuCT1ar1S47PTVuwjBk7UgBBuTUE/ixMNmDGvUkyv48wEgaOOYWL2Vt
sSBBGKQ7h7sWexZD0LAlmx2tR2Sl+n7+UwQBEAaE8dYkgtCg3UphTODCXcAdFJMAbKwYeNFXkHls
ZZGu5RGj1WzCoIS5s/vAkjgJg9A9EWfGiTxw3HM5D60SgTgAhq97I/m50+nk4B5WhS7z3OoUnMZq
pcV+dlYEyDkZiF3R3RL+4Hu5gn4PgZDKGHrdx7MmuBq+IOA0iSkslKhU614IoB+rzhsFzn89rpQJ
WsFVE0AjCIJWp9UYBnDSCWe8911nf+DTfQPzd7KTY8MmjCJpc5E3yA4fJMwG4Jm5JABa95npUixd
tUzmlI33GQ5/2rHIi10AB6KnyngSA2yMl1r8iXUQx5amMESIAsJUcxImMEjbbtuklS7d1hKMZTBS
MagWbDVrb/112FpoLqnRaMKmCWbN6gHIFUWHgZwf40fIZqRAIwYx/G7zKPvdM4ocZYCcc3BubOHO
QSWpDhCc5Fkk53AL0faQfaUYYIhUo5GFxHWC+8xYujVsWU+xIQu2JrWWSpUu9M2eNwhg1pZ3njmG
S14Pqz9+/Y/20SlkIIWsABqLF68cStvtoYGFy87+1Fd/eNbffuKLxdSm6fjYMIVhyPDGT4CpUyFE
zyUsOAvbcoW87DmxDLayJY1BANEy8uFcZtwyAS0vBOu14AGvepq1FpEhPP/8y3ht02b01MpA4lpa
JUnsPTKsy9Cpd+bU/ZcmCWyawqYJ3EltKdqdNtrtFvr6ulAqh1h9091oTA6jEMSIE0Z2GI3chxVQ
6b3OMDzwIPYg9Y/KMk7Wj6WGb6pBqTFzfQbhxzXvsfPJBILoMTJ/DJdM0vsivZ/X0VO36AnWMqWp
NYExKFe7ugFU3jMlE/LncTUJYGrRbqtG0jR9tVStnnThZ792zoWf+feeaq0rGdm2haIwZGbZEaxG
mJE5ElZcycIUeSBHX9xSYsyoSYNf0Pq8YuC8QSXPdCDjqcetajGwZ/MQNg8gta7F/YsvvYKXN2xE
V7UCWEZqE4crwZC1qceYTVOkNoFlpyezTWHTGJIzcp1iWk309VRRqxbx81+uw/TEKIrUROLqn7Lq
CAAQQycrxJMOXSfZlsjMzrtxmqn3ek8jBtNpgTmGSdl4GFItGn5cMv7C2bh6QppxbN34YGWOcviV
cMZ53XKtqwqg97/A1YzX/5QB5l/RU09xfffdqX+3vQ/52gWf/upbd91zv87YyPagEEWmWKpwmiYU
aOt2tsq9vPYA8UZEzstmQRtlGh1cTR8zgw0hhGM9ZALPdLQjJcFdx+9EEe8Ccp9h3bMHeKCrngiG
18mYUzz22NNoNVtYtnQnlItlWE10WOsOhgEASqGiMQsYACeCt1otpGmC3u4qiC3ufeAR/HLtA1iw
01J87MPnolMfgal0iecX76zIs1l2Tac8c9KZN0bOGMEiC9X+yHBmDM//TsMf1YNkJDyjFVZnPehF
5JatT5YMwGl2c/q/5Or1YIxFyiK5EYyrOwq33/u0wX8tVptzrrwyvurcc+3Cpbt+8fy//+pfHHjE
8Z2xkSEOAhOUKlVObEKB0xodQtSI+cWuIakGCBqa6b2ST0pl7xds6BjKwDOx5OJ0jhxu9XNQZyNd
kT0bMsazb2SjiSefeg5xp4PlyxahXKmAmWFt4iSP1MBSAKYUkOSaI0QpQE4zbzUdrrq7qwgNcP8D
v8dNt92PgXkL8HefOA/txhCothzgxEU3Or+SGMuzNl1mHjN5yyeT6VmgjKnV8ijSEinKrTdkkpd3
ATmrxxmY840qtGu7jxKRJQfJM1h18tC1IhPODlfbn3Zp5cxE/8nX/ysDGF1xBae7704rDjjqpKv/
v8/864FzBxc0R7dtKZUrFTcQLttJQk68a8i6wkgs5VQEAAAgAElEQVTGUzc+MGWZeWJ/pKEzTFK0
rF6LHMXXE7kB+N8Z//jKlMgNS8DeoLiME8mv1KAAZAhx3EIUGlRKRWwfGsbWrdsxb95szJszG7Wu
GogYqSUEzGBK3QSz7p8gJEmCequN7u4qysUaHv7DE7hxzTqQKeK8v/nfOOigfTE5OYk0biMgILUC
Lc7ugwE9khZWNBy2qTNAGW5ygIX31p6dAVAt0TFcZW0KVI0xHMDgK/nh8a8OK0srsQcpWQG3gtID
GzAk5Qvy/tSmaDbrTQD2m/jdfxWFBFdc8TCdf+7+vbvtc9BVH/jcfxy/4i17N4e3bSyVShUQCGnS
MYExnCbWBKFhZtl7IYe2Gx8xuCeDlLqoM/DKsFXsuJAL+nd2Q2HYdSDPjLt+1sBn1iUBRCYLubNS
Es7GkAw6nQ7C0KBSjjAyOoah7SOYN3c2BgZmobu7SwxV4JJYNvHM3fWLApI4QavVRldXBdVSFX94
/Bn8fM06xInBe8/5Kxx2yCrUp6aQxDGK0PpSMUPyTL4C0ye0/OzrknldyOs+b/0ic4BkGSR1Pg6k
DD28yxKEDOi1dNzyDE9sPFiyoQytBIEf9Uz6UYw5n8JExiGwVW90AMT/fsPaADvQL/D/hQGM7rmH
+ZhjaNmBx5z84w9efOk+ta6e5vjwULlUqdk0iY2Rk2YMDMMykTFswdIjVYAD9l4VJFlPzgwaa/tu
YzImI+GO9jX1lS4Qmpw5ELdsZZbd2paFIVRbyye0h5tlRmotumtV2DRBnMSohhWUoxDD20exedM2
LF6yAEsXD8ImCUxASIXIOM/KaLTbKBYLmD9vFp5Z/yJ+evPdGB1v4p0nH493HHcEbBpj+9AIAmMR
dQ3I1iT1bA5ULPqH9SEBALBgzzE5XXjujap7MvxGdGWQynbcJYDcM3sNR/Q8bcXvZQE9lU5ZgBtK
ZCGehpwSM/nPARaWYALLaQoKQk7SBPWpcdcq/95b/xwGgxMuuig8//z9e3Zfddh1H7rk8mMGFy1t
bN+6sVKpVlnKjSgIXB9KY8Bs2RN47ywVI3KMKlhCt4CzE/GMkYwxw+13zYCjeh8rwMRRklFHIQtb
36f1hir+eYcgjIkZbC1qlSKIU8RxB0FQRblcxvDIKDZv3YadFg5ixbKFaLc7CKgAywmyZB+j0e6g
EIWYPzgLz7/wCm646W5sHZ7GyScci5PecRQAxvbtowgCRqFYyrYziidT3dbpf8rNpHmBPI5nYVI4
7WNhWVdO/yZfteLwQBnGFMeCHStYkhZHkIkQ/RHQhhZ5PdInBMViawWH1qUagC3LT5lgU4vJ8e3j
AKbs9J0RnHb8X77+pwYwuOiib5hjjqFZ+x16/A8v/MzX96lWa6361Fi5VK7aNOlQYIwkf1xsGxhi
yzZX5aIPbLxvdaqzLFkW1kHwYaw7Ws95YyO/U2biz8EgV4BrSDy0dIhhOR+YrZXtcbLFR0IcAiFJ
UwQBISwUcd8DD+Gzf/9BpDbBCy+8hvFGHf39vSiVIoSGkMQJrA1gCQiMRWoZcaeDMAwwMLsHW4eG
8R/X3Yz1L23BsUcfjtPe+TbUahV/9GGxEIIpginNhZYpgCVbTm6RspT9eKAi66DhjRDyBklAaDkD
pGgzyowZ1htR51RtLvEDASfgi6eFBaQqqrGwIHaivFsI5DN3kDIG61gXE4NsYqlYLPDw1o08MTy0
DUDrya2P05/AFS08+ODCbT/6UbR85arvX/j5S48ZWLCkMbZ9mzN+SQK3jdE1YiA5D1P5qy4pfzFN
cGkUQEYYdcZgGeQPPWfAnS+dzxzLeOhRh07KlgVvKMuQknGJC3GyjhsaOV/ZIiRCsVTG7x7+A858
94loNVt45vmXMT7WcLhKI4ShkY7hgLUJDDmZpd1pIzQGc2d3YWRkDN+84hY8tf41HHnkofjEx49D
b3cN20fGwEwolUIwQpjSgKtEkKWVSSSZrOF+x56IKG7IujXJ1maJQQswJPpgcukZLadiVkHEr2Sv
PZOkXvL2DerUM8khs9NunhyT1Og2i2AYzrGyCSwnCaJimcfHhnnbay+/CiB54fkHd8yA7dC7/sxr
4cKDS3fd9d1w6W77Xn7BZ7/+jrmDOzWmJ8fKxVLF2jSRYnsC+cScIRX5tO3BDGFWN68bB2ffwogk
g0YZuPUzrh5XN6jL340bLO0yMeOENQUtkY9ydNSNLHZjQrTbCfZbdQCuW70GD/76P3HUYftg5VuW
wxBh+/YRTE1PI4pCDMzuQcpuy1W7OQ1OGf39NSRxjJ/dfBeu/cmdWLxsOT76gXNx2KGrUG80MTXV
QKlYQGAYTCHCnhUwgeg/HgOZMP16KUb3+Yo7l3BT2Rl8+OV1QVnGUF1HWADbPMvTkJU8KAHjD87x
4rROvndggBatwt+3vskH2cwMk6YJV7t70+ceezC644bvr64tGHxo7MUXtctQ9hoYqE6uX5/0VHr+
+aJLLjt755X71UeHt1TLlSqnaSq4YFkRnB3j4W9MseWA5xiaG59sh5E8hn6Ksk96bJi8UZXkUACf
JMquMxPHMjNePyQCAmNgggATk03ss2oVfnnbffjVnWtx5KF7Y8+VOyMIDIaGRzA5NY0wcs4zFcPZ
ak7Cphb9vTUwp7hpzT246vq1mDd/ET78wXNx1BEHoNlqY3xiGoViAWFIYGsQdi8HRTWty4RHArNP
KqgTdb/IlYIplkR7Yfm95cxoMjwnUcI2c+7Fo2aF/eQ3qGnCRYsV9GPavANA7r7k+oxMw1REs6E4
jqlS60pffeHp8BdXf2M1uOs3zdHxP8bVn3i9eQM4OFi5+UfPdH5yw7986H2f+MpH9jzoyObo0OZK
udpl007HmMDtsyBmIvJ53KwPoGp8Aja3T132bqqZ05iW1SgCHtzIHUotP4GuBJA3dhkis0ynx63x
UM0MI8h569SiVqvhlNNOx1PPbcQPr74B05Mj2HPlUuy3z0p0ddekuj5FJ06RJgn6e2uIogh33fMg
vnvNLQgKXbjog+fi5LcfjTS1GJ+YRGAIhUiaGBT6EfUsBwVVl9UjZ6yV4mdA07+ThCnqMcgXNChg
dd+wGkFAYe+YcFZL6D6TidRujGwO8JkxhQ+LIIzbzvi9Lixk96IaJhM5PcMgTa0tlsrmwXtvGXv8
13d8b5fDD3916PnnO5iZBClfsW66tfbKr5z93o998QuHHn96Z3jba+VypZuTuG2CMFDtjoiN20Wk
AGI5SkBwoAYMEiGolST9t8n+zHBBggHhfmoMQa4YX9mIskcPSR99e0vo8B6A/i973x1vV1Wm/bxr
7XLOuTU3yU0loQVC74jAgCCIiAg6ghXLzMiMdXRmVNRRwLHrNzp2GaUpFsABVBgUQYoiXQihh5KE
9OT20/bea73fH2u9a+9EEENRxx+L3yXnnnvObutZb3nesgB0shwAob+3hlq9jpcddyIeXrkJ3znn
hxgfW4/ddtkW++69G6YN9Lu0FjbIC0ZhDAYH6qjXarjm+tvw7fN/howTvOvtb8XxL38xwMDY2AQU
AWminSEXDyLu3xEU9zrunUQxVoJhLNadrExRmBTms0LROcuLaTMhxwgFSRWXucSq+7UKIICJYT21
w5W/24BpBkyJK3HfWZ6zF9hExBYWRIqMyW3a06tuveZn3SW/vepbe+xx1GPr1z+U4znkAKNjX/1q
c8QRtM/xb3zXB15w5PHFpjWrklqjh4s8J6WVT4RnIuX8dCWEM3s3jiQK5U3rwFv5EDdJyZa0yvam
tZQdlr5ahQ9E2LzZpRf6z7DyHFdoOuJteRGWYgH5GBO7rPpO16Wi/fu/n4Y7l5yI759/Ls78wg+x
aEE/DjtkHyzeaQdEcYTMJFBc4JZbb8VlV96Enp4BvP1tb8SBB+yByckmVq9ZjSSJUaslgEpBcT90
OgRK+p0VZgtAaZBldIoOIpWA4BocOIEnrq9ov7LEyN1DaTlaSb8QF5YrVp2Q1hWNHUSsuCoiFFls
SBGGLnXGhGvAZp/3m2MhcEZ+ahQYxoKsNRTXa8XkxFi67O5blgF4ZONDa7ckqvXpp5/D/7g/7XTE
CW/8yOHHvR4j69dEcdIgU+TQWjMbdvpUkc/Y8YKNJfgggsi5TrIlJUP5LALreFLtpbinNl3mASA7
njlHpaRXxJIJZXNiMSlXUlduG+oxyw6rWVEAzOjvqyHWGtfd/hAGelLsvsMcvPf978Vxx78c3zv/
fHziPy/GdvN6cdghe2LXxYuQJBE6RYxIK9x26y247H9/izjpwVvf/BocfNDeaLZaWLtqFeIkQa2W
AioGRf2IakNQcb+bd2sqFpjzEqp4YIh1zyXGyLvArEKnFw5eSUXQWZQpQlUT0Ft5jgrxyttTVpZc
0jlR2YFImms4aHrLtJKhEIJUxBIIByliY5iItAUYUZwWebcT33PbdQ8BWLa+uTKGS596ykFP/ZEn
GEND/RiJzdzt+r/xoS9edMr04dndrNNKdRxZYlaKFJPPZoO0mfJaVXahUko4PAQ3V4nLocqtYJVS
pebVcJsEEQDFUKzKDs+hd5s7nqOFyH2+2s1DrsVPvoLfr5iAsg2Xu03pytzpdDB9Wj8aPRHuWXo/
rvnlr/C7W68HZ2PYft4Adlq8M2669R6Md1Kc/NqTccSh+8CaAhtHxpCmdSRJDQViKJ2CdANQkQOG
52YUCJnJUbDBUGMIE60pZCZHrGMAjjtyKS9OKUiJnpUSIcvBkjNCHrNPULGSe1ZyM5YpkPFwMtFp
WmshhRHsz2G8pRdSc4QPsu68xp9fhKplUWJgYy0xlLVslSkKbgwMZffd8dvoC//yui+hln+pPdJu
A9gksJo1a1ZPrbbYZFj1H+/++Lf+bYfd9uk0x0ZqSZqyFKVJtxWQJe2FjSbBmfMiiCwUVVqi+blX
RGUfSfE8tPJpVFLnyyXlEqiY0hKU5gjSUk0JZrS3Jtl/1se2G7UYigi33bcC/33Jr7F02Wpc+Jl/
wLzhQYxNTGB4xiB6GjHuu+8hXPPLX+HW314LFGNYOLsPixcvwu1LHsb6MYuTTjoZR71oPzCATZvG
ECcxkrQBpghQdShdA6vY48CUMqlSFw5Y180FpSvp0qu8VxHmr3RLrRgmxuHHYc+lP8GWPQXFYrSe
VjEeqy4hwsKgTMGRYAv744RADHPAKbNvCecTvy0Y1kruor8wpdDtdKgxMJQtu+eO5L8+9KavjK4f
+wLQaVZx9YfG07EA45Pe/O/5RV/8lwNf9LJ/etnw/IV2anQkipMYbCyRch17XQ0okfYzIQab1FaW
7hQHt4P959xXFKA8oS7VIJKzBOUNOBYjEFJ07owagq/4DVYOsxM0LhXCabsyninWjDu/Ys9rG4Yi
Rk9PHWOTLYyNFdhuu0V41z8vxuTEKbjnnodw1+9ux2333YMXHPk6nHDCsUjrDYyMNsGWMTBnG1/2
BETeAg0WHwBxuNp5hsF6Hz5zwxmooxenHvQu1OMBTHQmkXOOmNym187S8pasf22tgegxayW8UZLK
4pYgCDUgEHZU4eusjyYrgKzbYF54H6crhC/0b1WUv7wdvGnLMGACuVIlpTQbGMPM8R03XLmp3Zr4
1dC0HdHGsk4Vi4e9/oP2oi/+y67HvubtJ+2w276mOT4SRXHK1jqBBrZklcyjZ+ZIctF8xYtEYwPW
/PWxw5Br4uCjnUqF+y4tXt9EQnHI2XeQKjFaTTdgl5MViHomX9xkGZFWuPWe5Tjrkl/jprsfw8iq
jXjX3x+LnRYOY83GCUwb6Mf4RBujoxPYZsG2eMe7TsXUm9+Aex94BHfedgvueOAe7HXwiTjxxJej
p7cHm0aasBbonz3P5Z96YRuab5iipEZ8cwLJS3XXuoXw8/ccMiKER7biJsukyrHca/GjHI8syrmS
HeD0Uzim9KCB91SC0ej+F4SnZIDIB3xjjXAfntN3MlUrRzADJk5SdccNV46Mrl977dC8He3IqmVd
/JHj6QjA2kVXn2v7B2e8fPcDXzTdGO6AUHMV78o1qdSKYS2RFzRghiWC8o+ibM3thVi4cQaTL2in
Knz9HAbPw/N/8hChoCQdRPIhKwKAWUHBdT4RS0l5F1iWiQAJULCSFO1OgTy3SOIIiGOMTU5hbNwg
jmPsvc/eeOHB+6DwuBsbm8LY1ChqSQoVKRSZ27Se2adchYkHRKQQ6eAO7D5zX7zle6/Clct+gn88
8H04atFx6FcDmMyasNZAAiPlMXyelNf28ECRwnnhBSXAQSBfGA+gkm4Q6i094C2ce8g+rUZ4I6Eh
GGU+nOTQBk7Q3xoxwVhDpLQt8pzSeo9d/ehD0U1XXXIdkDwysmoVw5W7yUiv/fm3qW9g+pF7H3r0
QrDKiqJIojhhtpZAil39J5NcqGzs7qoI/Nx51RYcYS/8N/vdc8pBwCmGNAEVN5eNmJRi0XrBFwSh
n0HR7F7BRaTRzQ2G+mr41o9vwH+cdTnSRopYKczcZgaOP2x3TLUzaE3I8gJxHIPiGJOTbYyPTSJO
Yuyx++448IA9SlxNNDG1fgxpkiCOCEWeh+cvzS4Q3kEZ9BDhBXjLz1mB1mMmKEiUVpnj3CQYQuXr
oDy9AhEliDLaL7l+pQClEpcWgaaB9RYklxft8OUpFBaOUjDGPgLsIr+EyDJbKrKCevoGiscfvj+9
8zc/vwHAg+1O126Bqz84trYUjg489ljCkiXDu7/gyBcOz98OWbuplK7s3wp2T9tPCrmNPt0thtQN
Z8mFziIEn5kui9JJ+8BlyckDYei1mIThuNQSouHkyXrHLQgPh2PyC99rMREqAuZg0vvkXmYY47Rs
EsWIkzqIFMbHJ7Fq1QjWrx/D+o3jIFKopXUwCIWAgSocJcrUdHEBjLFIdISJThOHLDwCu2y7J259
5Ea87X9Oxtt+fDKuXX4VcpsFl1Tuu+RtvBIJViF7BSrRXC/I/WfLXEve/Bmi8vyJypxI8s9dbMAg
aP0zlbVEImCcje0mzM1uURSc1Ov6ussvGNu0/vFL+vsHMqDdQpmKi4G99oo33Htv/5yFO75ou8V7
cqfd5DhO2KXduhZIFpbCQiYKScESCQ9cciA5S3cWYZ4lJYEd1yRWEnFlftzvJM8oHE4w478r8yvn
BMGyQRopjE118LdH7YOXHLQLdGGRG4t9Fy/A7jvMxVS7i0hr5/KxhTEWcRQhrTlcTUxMYNWqUWzY
MIb1G8fA7LbDZADGQDgjCOfIohBZckMR8BuuGYzAdYf1ssVnuMqTe5rE/81Pbsjtq+bhirvsDi2f
kWfKIfJLglX4OYNL5PcoDdcoeCxdawK5VCooVsy+lIdhbRTX9M1XXzax4qF7fjK8YFGrvWllB1ux
YfrWCsCknuykAGwzZ+EO2zT6B22e5wQ4GkVa+m32QINlIQtX3C4q+YggLOBzz9xEEXttIgvQWzaS
zyW8gXx+S7DaLYFb1YgsC9pHNb1tLd+xzJ4n48DtSiE6s3M/dBSjVm+gVksRJ4mryjTG9wJkWDYV
d6NyPZCKE3csIo3MZBio9eHFC18KpTWm9Q7hqnt+ho/+4r1oZU0QOevNR5X8M60sPklrYIbgrxSS
XKa9cOWHSo4HlsLzhBduFCw+mQ+UVqgnyy3CQwaDoULqmHN9s6xLfYPTi2V336Z/feVFVwLxfRMT
Gwxc4wxZWlFffbYCMGve9ot37umbRlm3rUCa2FiyFgTJJw05jnK9CCouWHelwx5wYb0oledUYsM/
J1ulYMrjlQX87liWK9j0i7vsUsQgFaGT5ehtJBidaGHjeAsH7bUDus0O/vbIfRBp7faEZkdZiKVd
WHglK7iqI0lrSNIUYKAwRRBIbm9pDtcu9ybJ8mYzC6yiLK2z7q3nb4Mg4tJaKwWhn1MxVkTh+Wfh
7l7yA12+qgTMyFJFGKpSGAely+X3gjFSXm94lqK0FNj6DGmPYzJFRj29g/nKZfdEV1923tVxo3Hn
+nUr2OPqjx5bKwCjdatv1AAW9A1MHySQNdYqywTWYGuZ2Iq04FLYoKKdveaVUGMAYIXPE21tUQK6
5LVEdQkwOfxe1fChYZaA3b92wqc064PlJMKVfC4SV7WoL9MJC8fdl2WDwhTIjYEtym62MpEWyh9L
olrufzZ09HBC0Xjw5AZ48aLjoGLCyPgm1AYa+MYJP8K0dAYyk0OR9q4wPPzcCG3KfQqLq0RiiKsa
hH+IdnvJY73elehbuH4/V6KQUPmOE29A2H60nC9ixW67TMVEitkYRdDG2iK+/PvfWDG2Ye2Pe3v7
OnD9/qpaOm6MbFQA5s2YNX8GQGytVQBcHYwTthTK9sgGK9Alj0sCOYfnzKDSnfNXH1w1FmsXAU+M
ygJH+ZxKb5HDxboOPyIwnB8tOwi2uzlqtRTrNk3idR8+B684Yi+c94m34MNvOw777bIQ7a7b6Mha
6zHkcQW5BocHUxQwxsBIL0BvXYjFZL1L6C6ISqHoOQlXVibBhnJ+Zc2UyliSl/26rOLer9tQKifP
Ntx7+cxcLTA8MsUb8Dcoc+CrQNz7pcfinrF4JeXzFnng+nkQMwHWGp9lQgZKxVd8/5trNq1ZeSHV
ah10u5PYCvcX2HoBqDetRwxgIK03EgYz2DgmRp4QuRsW9w/+BsVQcBwAICVDAByQA4kkwtHDVTmQ
u3OIRVL5WCVdBORKbmywBMTEEH0lk+KmxPorLUEoGq5qScJbdBVrIfzrk2O9gJYGCWIBOovLaXU2
Ivj8s7Byne57miJMdSex1+x9sdvMvfG6Pd+CQxceiS//9hOoJzXkRbYFOB3AQyS4osUh55T/KgK9
XPAoF4Kq8DbyrKhUXO58UvPpn6dlP2ckFRJ+GbhKH1IaWZ5x39AM8+srLzI3/uLiHzUGBh6Zmhpp
w3V9DusXgB5RGxyu0p6aKE9/wxSiht59p9A009+PJYjiFaEndxuu2X+fJEUDqIh16QYuStGdx3qr
yR2/FFBuXcs1wQk/rdHpFkgjhalWB6/90Hfw5uNfiHed/CKMTrTwjtccjr6eGrLc1+2JtwEO6UrW
n7NapSEi3AU9pPmGnw9rfYQUXqF76465gl2Zfx9J9dgLXJstLa7SrvB3yqXRUNJLFQxKcwUpcYNz
wYMwD2upPIc8cid0KXhGgimI5VgxJIiUu2RmRFFsu+02+qfNNDdffSl+9dPzL4zjxoPZyEjH46rU
VH/E2NogiDbFaARA5XnO3jpzd2jZb/DhrUDt+D+WbgQktZgqaCmqPhRSQXN7ssD9ldm1NhcNHDSz
y7WyLOVwbmErecKVgnT3eClcqtMnzpUmSQTzERbrew+KxhdXEIrLRSMT5oUuvJARrtFfqF/HHjgC
Z+YQXHGuZGUDJCYQK/zHMV/FdtO2RSNq4MXf2Refvv5j+PBhH8fK8dXoSfpgKgEREpBDNLN0DJGn
S8FFCY0e/E/gAV3o1xl2kGvx0VDPslvjAy7EpfsJFg6RwYZAml3umUKedamvf1p3xUNL00vP/eIv
056en+dFKwcwht/naLTJ4wiAKkxh2VUqUsnlUsgOIGYX/PCZASHp2ystSWsKZWtwMCWnT2FVxepV
ZTAHgO9FSUGMBoRKsblAFQQmaTOmoBUhz3O3pSoz3viRs3HMwbvifa8/EivWjKBRd+5wHGt3yQwf
aHN7jcBb2/CWaZhblC6h8BqlV+SxZv29++t1wpk9xuEpJZTCTASWCBjBQCUmEdahKB1xk+U8IrjD
9wUX7CHiS9aIwhac7JtNiCILWzl4LpchuX6VEkSp7wbA1hLp2Gbdtmr0DmZrVi5LLvzWp2/QWv8s
z/McwCj+iBb4W46ttQA5jhoxgKmpibEWg10WqCJmpdiyJ6mrScrstLOL5HgOzT8A9mS7AziX3ADK
CaVKKVa501m5cKX2V8y7chI5TH5pHcniFg0Db6FRuC5nZ1c0XRAanjuyni/0AtK3OQWYYQKvWDm+
v1Y5L1C60xCB5bWgIkLH5Nhz1r6wrJEz8MPXXoUf3HUWzr/z25jdNweTnUnnCvubq/YKhDxDiIXk
7ztEdMXVgX+mBNm3NghmuXZwUBJuPfnFFebGKwfAW36K3QJQYMukoijvZt3kgq+cvnztiofPMdZO
5M18BK5APQQ/BFc2VzGA7uTYhiakTYtS7FkiuCmV+5VvlQtTkpbDgqXyCrkitMEcqjlCjluYL9cg
wEoQCAhtnkTByBMIXgsYeVHAAkgijTd99Bzsu+u2+OjbXobH14+hXkvAzIhj7Tm40ioL+794/JaJ
6+wxYStccck/bo4pmWefBiXrzvpmBz5AJvmjAZ+bcW/YYl3B54OyLGP3WYvA84UuQ36GwjyI0LQI
695pIOvXRXV9iBIFpDU+ieHgpKGr72GGUsTWFIqULpg4+v7Xzly1ZvmysynpGQfyUY+rPzr4IWNr
BaDVeRYDGB1Z+/hYnnVIRbFLeLVMgHaJc1wmLzprrCIQvHUiBHxwVW2Fk3FT4UjrIA7JA8ibzH5y
HalbtWwYwjM4zeNfWwcCg1I4Ql7LxFuE87lrQtB2VTfYhq0BqQQLAJcoWnFZIEETeAAL9VEBdNC8
BGPd/U92JpCqFO2sg+GeefjGKy7Emb/6F/x6+a8wvTGMZt6EpnKLwzLCLcAuF60c3UKJl4JgTEOU
xBbzI5yQt6zLaJwXAl7BOQrOEvldC0Eu0T3PMtPoH1Q//PonW7/7zVXfrPUNP1a02+Nw2flPBFLb
bjUjAGOrlj+0oci7UFFsrTEuhZk8vywzwzZEGEtl51aqK7j3FqO/BxLBIguMKHCwgecShSL4qbqS
7hLd5/38WR+NddscMHrrNfzdmedh4ewhfPpdJ2L1+gnUkhjWMowPcECUqsepBNmqwbEyeFe6s5bZ
b4rkhJmsAZljcYEZDBMULZd9Kr1J7YQPOTdVhKuHiA1JzjIlwQIIONsyYEIkXKgYHl5JWhuUqfT/
c6/DyYJBE56zT0tyRyLflIiYpVEjFOV5ZgsoR7cAACAASURBVAeGZvJF3/ps5+ZfXvbf02bOWVa0
JwRXT1n3+0Rja2uBo263O2BMlnS7zT33OfiY7Xv6h3Jrcg2ASCkGOyfDZYO6PDc3Na5Jga4klLoq
EPfQgovjFyABIakV4FDpAXeisIoJUhiPIEwrBwquA6reDik/eQgZ/sFHEtvbu+mSJkJykcFSKice
XhiCKxoS7jjuchhWhTf9d7ymFkEdrtxCq9h1o9YJxtqjWDxjNwz3zsUHrnobjl30agymg+jkHUQq
hvFtiSCaEwFE/tReKPrX4so5ga6CIAArlIuQgFBJ4he8FXKBfMI1OS9NuY4szAApjU67xUOz5pmf
nvdlXPztz57V0zNwdXtqZAxu35gWnthNiUzR7YMx9bzbXbTXwS/eZXD6LFNkHaWjiK1lpbTLxHO4
EIxICr1UbbgLkfdZkESVdBivfKQ0U6p/JL/PSVz3uzeUITtLu6R9R5UoT7HkxmDaYA/e+envI440
vnra67FxbAppHHsrmxGkuODRIzd41SIM/PuiuKR5rbwP7x6H73N1TquWXIlPiMUoypxkTQDS10+s
MqDiCcnxIcdw/HsImKD0DkLfPnb4dZHaUtFX/y67v8k5rZR4BqPIL0ZPgFgGlNLodlo8fdb8/PLv
f0P/4GsfP1enPVe2JkbGAKz7A7h6yrG1FqDJssmi1jets+qRB+5YtvSWIo5jXRjDSvnkZyiGAiso
Dm2IfN86YleqJXpB0mLcJHgNYssSLwQXtjSXA0cF2kIjUem+oNTc4v6F/C5vxtnw3YqWlYn2Wtgb
hHAlX16zSoTaa7fgXrLTp+JWOdfFeM3qLAanrakEl4DNn0OeVeGPlZkCPUk/Vk2uwWv2eAtO2ePt
eMslL0XOOYgUclvA1dqIBhaBx+UzE7nLdjNXxa1KDoonvB8EcpnqwSjzMsEu1cU6AofFrVdKodtq
Yvqs+eaqH58dXfD1j/8wbfRf2Ww2pzxI23hyLW2RZXm93peNrH98yZKbr+smaaoKY9g5SMROaMHR
LSKziSsLjr2wERzA44pLnPgFKRxTWMzeahZaINjOApfwGf83T+J2sxwzBvvw/i9ejGari69+8A0Y
GW8h0o7vLqsx/DEIYCsMI5dzBYRr8Mu+zDYQKsOjymUweEuQJQBSsSJDihQHN31zKqj0SFxCc7k2
SqustIAlY6G0vgVpVFIqfi2i8pxChjyx5yjFZRY+VwS2d6O9nHdpVB5XFtBao9Nq8vThbYpf/fSC
9Ltf+uiPG42+n5put4qrrXZ9ZWytBagBRFDxoC2yotWa2vOAw4+bSSADYs3seCyXuQ9SwgUqCs8D
gA8qeIvJW3zefPLUD4UTKogGdoEKAoVeay6LHyi7F8uG1OX3ya/wkj50f5PkWP+Llwe+JyH5qHNw
x/3/xcJisQoloCEAkMVT+Z7co2hyFsuyKpy8oqg8aOGIjLVIohSbmiM4ZtEJuH3Vb3HR0nPxmj1O
xVQ2BU3aL5yqwKsohsC1IFgkQTOLShHNjfIaxZoMkXM3P84VZReCki0DAIVOp4Wh4XnFLy/7bnz2
5077sSb1oyJvj1pbrIJzUTrAZrdYHQQgRpwO2rxru62pxXsf+tI5aa1u2BRaa4hwIPL5HM4J8NY/
PJmunIUmRg5QmWs5kQ98uD+rwJmR2vJyBBjVt8RqJLS6BWbN6McZ37wMDy1fh++c8Ra0uxlABK1l
21YRBLTZjRPL3/1ez37O5PFY3vy6gzUHhLmuHpAh66tUhCV9JHqLy/mvVFnIdYrQDJSANyJAYq09
AcZCXp+v9gqYK++ptAJFwMq5UIkVKJ/nRy74RXDqjgjddtsOzZpvbrjyouSsT77vZwTz3Tzvjlhb
rK7gqppRsFVjawUgAYhskfVAJ9GGxx9WM+cs3H/xvofY5sSYSmo1NkXhmyG4hycdS8nzMqFA3Wti
OarU8Up/NqdFyrPK993D9krYLcOKEJXPqyrk/QngkCEnYi+IUQFAkHAlCHxbBV+xIq33vTkvsBWB
EdJnOLgfIjh9hl6weEWeipIM1mYQiggLhy2gVYTxzjiOX/x6XHj3t/G7tb/FCYvfgE2tTYijFMb6
rTYh5X4cTu9OooLWLzU3KryLEyglKV65Lx9ytdZPmreCVRRxURiVFxkPzJjNP7/oXP3NT/7zj/Mi
/1GRmRFri8fhor4t/GGQCq4aaaM/Wf/4I6pvcOZ+exx4BFrNCdJxQrAMpaWqw0lqRYDyOHF9J6nE
grduFQkESiUJb9H6Y3klpkTGIWzYXVFmAg2tNFqdDHNmDuI/z78SN971CM4+8+/AcAnISaSEIgg3
x+EWBV4l7r3eD/yYXJMo02Cxihfpt/AUDjvkgsILWmJUyxeDpRd4cRGq7vOBlxOvKqTIiNvLnhmq
YCYo1RLPVgJmkDXgZRtVXgdrNzCqAEkY0z0UywBpDWOsyrIOTx+ea3952XeTr378nT+xbC7odjqb
rLWr4KK+bTxN11fG1gpAJxEArVXUR8RTKx+5b+7uB75owbQZc/JueyqK09Raa5Vre2+VLrtSOlAC
TjAo0dxiiKkAZO/0IPTzAyqHKN8vrTi/GgAEXRs+g2BtlkqWvGYT/kyF1BQR3E6wyTEqUkkEWLDq
vOUXTMzNORsHMtHgKlyj7Mnh8CWWow9UbOa6iqBVYBByk+HYnV+DL9z4ITTzJl683cuxsbUeaVT3
QrAizODBR/B7ibjjyrkZFKKMIRgFhnSB5nA08u3mXUkaSLHWETrtttJxnNd7B+h/zv7P4pwvfPBC
Bv4H1m4C7EoAI/jj+Bl5OMrkRT8UNVc9ct/wTnu9YIfhedvm3eaUjpKErbVKRYrZuIIY9gASK7BK
6JS9IEscEBOUtB8K1qFvphswU8GofMabh5FWmOpkmDc8gG9dfB1+ev1dOPuMv0MtjZDnBnEUueqO
wDe7IJKYeZvxd0E4VfAaGipQyJUVjyLQ2+IrEnkrT5R3KXzCPPpfxLKXWQ1KOmDNWXFiBDDK+Zcu
QA5TpfXo8hDFY5B1VJ1Q9sEmwVVZQ15ameSUqrccGAzSEWedjlI6KvoGpvGl53+V//sz/3qJtfZH
1tpNYF4J1+mliWfg+sp4ug1RI2YTqTiuTY2NjK1f9eji/V708gGldWGLLIqimJktKZKmVIAi7VkJ
AkkLK6hSgMGT2sQgVgHMBOnwjIoWBypvlo0vIUKxhDcF3eIBTeIKIHzXsfmoWEnsW3+LRQGIUyzX
Gw5ZMRKEI6KweCpurc+TEqEEVIEJZ5UFADqgCW/gyGFGpGJ0iw7qUS8OW/gyfPSaUzGnfyH2HD4I
o52NSHUDBRtALDlwZS+RikssB6UyCRyV9ylsZe5uyVpLRK4UjZQCGNRpt6h3cKjotFrxOV/66MSl
53zxgjiOryRgIzOvgNPQWwNSLwQ50nGt0ZocHV35yH2L9j/8ZdOTWqMout0oSRK2xkrcikDe4Q0P
UQFB37pJDhSIn7uq6EOAVDlfATws+HHPRUcazVYHc2YO4PtX3IzvXX4j/vtjb8G0/gZa3QJpHLmA
kqLSEitPU1GcJcdYOjtVG1DeK9VoCOtUeDZRnoBYcxUuUXi8MPcVGgQU3FRnGaqS+5NDSgAjXFvp
Dbi0Q688ufLaP2/hF8vIMIIWDvh2z5Yti6kjz53Q7bSop2+wKEwen/dfZ7QuOuuzF6go+pkCNrIx
j8MJv6mtwNUfHE9HAIq2JjYmjWs1teaxh0bGNq7f9YAXvaxurTWmyHQUJy6b1bujTh+Q52k8JMkL
OKoCtASKuMgKpftCqgLWgFcqBZffgLrMF6PKZVeBLtZekDPlEJAKQFm+WWpkClYdSqGmUAZFUAHU
Fsd374kVVtXSXhv7M4FdV0VxdwoukOgUU9kk5vYtwM4z9sJHrv47HDj/SMzr3Q7NbAKJrpXuMHux
FoAp3A+DfX82MX1drpgU8vpVpAjWMCnXyBHMTHmWExOZ/mkz8dC9d0ZfPvMdD9989U/OqfX035R1
2iPMvBzO8pvC1qUmVHBVpCqO9aY1KzdsWPXY4v0OP65PaZ3nWUfHSY3Bri2+9OkDUUgmCEZgtctz
8DjcH0jmtsIBerMPsuex6GaGs/yarS5mzRjAT6+7C9/44TX4+kdOwbzhIUy2O6iniS9nRHmcqiBl
lNIuYK6KJY8HnzkRhEVQTvDCTIQkl7ii0oaQIJ9YeGGdsXVGReW7ITuAxFp01xhcVVU5txyTNucA
JZEeYhWyT10LUlwszVKhO6OC2LIhRcQgDWaQMTkMww5MH7aPPrA0/von3rf8hisuPLdeH7gh77Y2
eaUqwu9ppbw80Xi6FqDcorVFkaaN3vYj994+PrZh3c57H3p0LYriIut2VJSkDBcQCU1JCXAVI+z1
NPvACUHoJVQtwgAmAQcF8QNWW1gAwfITzJV2YfC1/URLVxRigFTZBZkqtyctwIGASwC2BIo/NENs
DFnD7IVoCXoRoqIRxf1wZ6twPKhqz1LIuiRXBWMNEl3HeGcTdh3eH/WoB5+6/j04dtFr0Yh60TUZ
tNIwlf5h7lg+MslevHIF2JUH6PrbKTZ+3pSOmcGUdTtUGLZ9g9NMURTR/150jv3GJ97761WPPnB+
b+/0e1vNsfUAlsNZfi08PQ0tlJZla9O00VuseGjppnWrHlu076HH9CS1et5pTUVJmoa8TiImRS4l
x20YKFwJELhgL9TESHSvvV3lQVimWfn/kzOPtdZodboYntaP6267H58/5wr8v/e/FjstnI2JZhuN
WoLCGL+fTCn4mMUTCI8W1QKBEmslt0ZgSM/LEADxeLdBiIqyrwhJwVBFvbmjlX8PVUDyr1h9IR+W
fC6lazgl11V6CAgCWaw9sNA3CPclwXKhTBy2lW+zyLAMYiIopQFWyLpdMtbYRv+QASP6+cXn8jc/
8d6bHntgyXn1+sDd7fb4BgAr4JRqE8+i8AOemQAMCWgmz9IorU89cu/tG9aufGT7Xff7m57B6cN5
a2JU6ziCIi1mOhFpLpMUFEj5GSDlvVNViX+I4PNCrwJkJgXFpaAhJVpOhKQfIdIrZn9pizlXjySe
4twdt4m3yCcipZgdE11qVAGAyFMvTOTw4p5w5Yybg5EgzF41YME+EVrAB5+kLMLPeqvWskWi6xhp
bcAhC16CNZMr8O07PoNX7fYPnBcZgYiVa0UraRIEH2EDUBF+PiXDJVsxs+P3mEFKO76v2+1SURTc
2z9UREka3fu7m9R5X/royp9e8PWLu53WFUm9vrrdmlgLYBXKgEfZsG7rRlnE63GVpr3t5Q8tWbdi
2b0Ld933kP5pw3Pz5uQY6UiTIi3RT1IuH9HrSjdnovMIfm5Rvq7iopxPEt0FZiCKNDqdDNMGe3HH
vY/ijG9civ945yuxzy7bYmS8iZ5agqJwzVpFrgXhJjyqf88bWkSkWE6jiHztSYmNqgoWbFmx5qqu
rlRdyMNieNxUQVkVguXfqqgMdcT+8cveHIH7E4uwIqgDbwh3g1a8hxJXLmndWrJMfsM4L7Xdnr9U
ZDlyU3DvwGCe1HrUfXfdFJ33pTPWXnr+f/243Zr6WVIfeLzbHl8H4HEA4yjplKeDqycdz2RXOK78
GGuKJK3Xm8sfXPr4/XfeNGvewkUzFizazXbbHbZFQSrS5JJZmYhc0aVSKpgjqoLWzTRnCBy411TZ
rAZVDAeRRwh5SCWRWFp+gXNVcMU+BLbi94CUUmBmct67c/uqZqVYjYF/ZCekWS5EkkjhuRpPbpdE
MgJwgoAMRHGwESvCs7zPksdxf49VgpH2Rhy9w0m4bsXPcNXDF9OrdvkHTHRGSamIfGcW8i59hUmH
J9jJW8MEYiJWCtZYssYgyzKAtO3tH7RpvUc9fP8SffF3/nPk3C997NrlD95zca2nZ0lh7SaTZSvh
8rEm8OwQ09VocWFMFkdpvbP6sQdW3nP7jTNmz99uePvFe5puu4OiyCiKojJARuRtEBcRUwR2SfNU
lX+l5aXEMy7TYOSDOlJod3IM9DXw4GNr8KH/uhDvf+vLcNh+i7FxZAqNWorCWJeO4xW1GH6kiJ3V
5rCuRMW6LAKnaglsObQLgfB7jmOjcmUF4VoG10KKDaqBEELJI3qcWPLlbGKdVv4GwR0BVG6WJekz
Ir0lQTtULDlFwQRNpaylakoLCOR7GCgm5dJAGARrLedZB4Cyjb5+W6s31CMP3B1dcv5Xxs/+wkdu
ePSBJRfVevruZGs2FFl7FYC1cMLvWeP8thz01B/5g0MDaAAYBDATwMK03jur256a3zswdMTLT3n3
C17y6r/XjUZP0ZqaIFijoyRGrHRpuDvXBVoRu4XIpJTP+vea1AHbddGQPRlCmgPkMy5XUEF4wlL7
K+UFrvOXXBjUZZT5VAkFrRXnea6sMRzFkd+zpBSuxIAlFqPeuUzMgmuPYu9ae1OkCjapkRRsBT5R
5JJod8ERi0C0QWhuxsn4Yxi2MNagHvfwKZceiv1mH4YPHfpVPD7xGHriPnSzjkTavOfHkAR0110k
9I9jMFhHiU3SGqsojtrtFi2753f45U9/MHbHb66+Y+Pax28D1INJvTGWtac2wgF0DA6gHfx+je8z
wVW9gqtt0rQ+p9ttz2n0DBxx7Ov+6aDjXvdPSW//QNGcHFNsrYrjGFEUuQRa3z/Jzb0PrsFtvA2l
oOCbZlT2nvELFQAQaY1ulqOvkWLNhjG893Pfw9tefQROPGJfrB+ZQG8jhTXW882oYI2glJQeMUhp
1kRkjYGxBWulSUeRk3fWktLamUsiOUFOIpdOkehlj6sSX6VWLz2O4JmyAJcRWll5+ejm3kIaEVvD
8E3bK25xiUvHO+rQjw8gGGMoLwy7aiGQVzIB74Ir6x0WYxk6ijlJaxzFiWq3Wurh++/GtVdcNHHz
tVfctWHNypuh1IP1RmOsPTW1EcBqOMEn7a2eUarLHxrPVAACrqOMgHUGgLlRms4vut1pAPbYbf/D
Dj/+Te+Zu8f+h1IUp3lrakyTLSiOE1JaO27d5WgQERCRZpAlETxKBBC5jDxSqhSIkH2DAXFRlZRE
eRZFNq8JEUB/x4pdyF1rDbYGedZBvdFjGr29qtNqUZHnoYENAC88JEotnCU8JVhGvFwiuD+fXwu+
R0BwX8LgkuMLuVrh+xDTwHX5VRKxk6Jyt/G7VIREFKGVT/GbLnkh3rTPB/C63d6N9c1VPDQwh5iZ
jbW2MDmKooAJah4giqAizSBF1tqoOTWJdatWYOntNxY3/urydfffefOSdnPqbgDLe/oHx5sTY6Nw
gm8EDqDCyzztZNQnGVUhOAPA3DhO5+YmnwFrd9lpzxccfvwp716wz8EvpjSt5+2pMbJFrnUcUxxH
bjn6uXEbJCkwDDmuj0DkBKLymQXKUy1aE/LcoJEmGJ9q4j2fPg8nH3MQ3nDcIVi7cQy9PTUYw1DK
V7nKZlxuskHMpKPIklJkbEF5t4ueRsP09g2g1ZxSxhTB1xZ7lYIlKFgNgEOgQ0qVCTdvFCqlSjpG
PA+HG3F/AbH2Khxh4Jy9hRi6ynhMsmS5usqbIGqtA37a6CEishZsi7xAUWTETOxKLImU0kxaO3OY
STWnJmjDmpVYesdN5jdXXbr+3iW3LmlPTd4N4LGe/mmjzYnRCY+rTXDeRMvj6tlSqk84ng0BCDgh
WAPQB2AIwGwoNS+JomlZls1VSu3zope/fp/Dj3/9jJ123w9JPS3aE2NU5AXpSKk4iqGUZtd9xFlq
AJNSmgHrA79S5SFCDd5dhgeyA7Xs70FkfWIsQWknoURLk3YRRDYWWdalNE2LwWlDGNm0MfrR+d8y
Bxx0KPY54BCanBijNE1grN/WxXdskNQIqojaEFQBStiGlAR/rQJOQgWcAkwRfCV3I3mKoSs1i7an
4I5YMCKKuV200BsPYNnIUrz9ipfy5465CAuxkzr77M+0Fi3aS81duF1tYNp0pPUeRFEEZkKWZ+i2
W5icGMPax5dnKx9b1n74/qXjS269/rF2c/JhuKDGulpP31TeaU0YYzYB2ACnnVtwVl+BsMye9aEB
pAAGAEwDMAtQ20RJNK3IslkA9jnkmL/d/8UnvnnG4r0ORK1RK5qTE1RkGcWKVBTXWGs3byQEAFvS
SrFIECXeA1lo0iiMQRJrZLnBez51Ll5y8B54298egXUbx9DTqMFal4RIBJACw3oqx9EnrJVrkJDn
GZIotv1D0+3k2Ej8w3O+YfY58BDse+DBqjk1yVprpRRZa9nHTywJRRMYnFIsVmic0pmtGH6oqtYy
v9BZe8LiMDmOzyXeVyzIENDwhxUrkDRbNs4vsyBjLcdpirWPr6BLfvDt9oLtd6b52+5Q6x+cjlq9
F1EcgRkoigLtdguTE+NYu2p5vurRh9qPPLR07K5bfrOiOTH6CIBHAGyo9fRN5p3uhDHZRgAb4byJ
tsdWmdT6HI5nSwDKseoAeuC09nQAs1WUzlbg/qLI5idpY6+Djz5x10OOPnHGLvsejL6BQdNpN5F3
W4Bl0ko5clsrDgFhcu6xACFQf1S+JsBziJsLSOfekgDIUXqwMFlBAGxSr9uBvn5MTU1E1111OS79
4bmP3XTD1SvedOp79zvtE/9Z37huDer1HjK2gHJJwMofClLkLgJLqvckMuTeJojLGQRi8FUsLPud
6cRtZmElCZtpXaBMOpXfAyHuBGSkI57sTmL2wAL8dMn5OOvhj9u/WfWyzoVf+tp1ALoEGhiaOatn
YGh6I0nrERic5d1iYmy0NbJp7bjNC2lYsAHARJw2JkHUzjudccCMoExtmYJzSzL8CQDqH2cNDlf9
cC7xnChKZwHcVxTZvChO9n7Bi0/Y9ZCjTxje/YDDMDA4ZLJOm7N2C8y5VjqCVpqU0tBkJSELpIiV
KEZyWblKKSgi/PNnzsf+u2+Hf37DS7Fu0zh66kmI5KvwP1/u6SWRNTlgYeNawv39g+i0W/r6q6/A
xd/79oqbb7j60de99R37feiTX+qZGN1k07SuCpM7y5R9L0125pZLJXS4ogpkRIlXAy7V/D4n4IPa
9H93ipSJ4LblJbfrH22e0iLpUt77rQT2nFkS6RjN5hSmD88xl1zw3/jsR955LVzEf8bQzFn1wcHh
RlJLI0VAN8uKifHR9ujGteNFno/BYWoDgLE4bUyBqGXzzrgxZhSlJ9FCWdf7bHsTTzqeTQEox4vh
wNoHp7VnAJiVpvVpucn7bFHMTWr1xYv2OGCnA/7m2Pn7H3qUnj1/IZI0tUVRcNFpc2FzRW53OSgi
UlpDKwqWHoByr1ZxNT3To0JFhkydFZOeldKs44gb9QbiKFbj4yP062uuxJWX/nDFjdf+Yikzr6g1
evPZs+Yd9bXvXrbLrHnz8k67GcdxwsYaifZRyeKVWrSMEiMAkcMjAURwVb6BoMUlAgnZ8BwISdAQ
bkbSFDi8R0EOMixAcZzy2OQGmjttx+Lbd34iOuvHH+v2XzPjq1m7NWELa7NOhwAk/uQWTst2o6Te
1RpZEiWd3BbdTrPZgnNDxlFaewLQ58LdfaohuGrA4WoQwDCA4bTeM5Tn3V5bFHOjKN5p0R4H7HzA
4cdus9+hR0dzF2yPtFaztihs1mmhMBVcKZBWEYgArVznTZCiWhrj/Z+/ANtvM4wPvPXl2Dg6gVqa
AuBAfwCuPRrBsjWGtI5snMS2Vm8giiI9OT5GN11/FX7yo/NX3XTDL5dYax+vNRqtRr3nyHP/51d7
zFuwsOi0WzqKExSmgFYKsEzS17AEkb/1IPzE+udSwaLKDTIcUVRp/SKubxB4DEmUBlDyyhVcoQJR
y662ud1pU63WkzWnJpMP/uNJDz18390/Uklk8263WxRFBGtj+QocrjKPq26sk6zgottxjTEm4Sy9
Kq5kI6PnjOt7svFsC0AZEZzrUofT2sLjzKj39g92W61ea4shAAv6B2fssNt+h2y77yFHTdthlz3j
uQt2QL3RQJymBkVh87xDxhhia2BN4UK2pNyG6d4wdNwfBZZDgVhHmrWOEMcxx7WUa3GqiiLTzakp
LH/4Adx8w1XNX/3iJ6seumfJEma+P0qicaWixFqriiyb/+o3/sPrzvj8t3o3bFzHtSRVRArWGEdH
+lBClRO0FKpJg6Um+TyuaUAFVYwy6dWnurhwotRWyhHEhSkP51BKbqMYa4ihWLnqDLRaTervn9Zt
m076rY+e/vBl+M6omZf34Kv4GGL0wKgi1omC9t0ljGFjTGat7cKBsAXH6TXhhF0HztoTIvpPDtAt
hrjEDThcDcB5GrPqvb0DeafTUxTFdADbDEyfucOiXfff9oDDjhnaYbe94nkLdkCj0YukVjNc5GyK
jIu8ILa5KoxhrbRu1GM+7f99H4N9DXzs7a+kkbEm6rXY2VDsYgWkNUeRRpKknKQJJ3FKpsh1qzVF
yx9+ELf+5pr2NZf/z8oH71uy1Fp7f5Qko0qpKOtkMWBnHfeq15/yya+c1zc+stHGSaIirTnPC1LS
qRqABZN2GxO7XV6cE+oxwr4yuwyYieqVzwoHCHiB5rVl6PfnlWmJMmJj2bWz88KdDUjHkTXM1G42
qbe3PyOlk8997D0jV1x03teVUo9Ytyl1oZTSWmsFrQHAwsAakxVPgKspbI4roVCeU57vD43nSgDK
sSVA0oPSNZ4GYHqaNvqN4p6i3e7x781t9PVts+1Oe8xbvOcLpi/cfud01rwFydwF26Gntw9JrY56
vWF1pJmL3CX+sfVuLUgrBaWIFSlSWqHIc5V129RuNrF+7UqseuyRYtkDS1t33nLDhnuX3PFo1mkv
A7BKRdFonCTNbqsl+Wv9URQNFEVx6Hs/+ulX/sM7T8PGjWuhgChJamytcS4LFLNvLRxsvJBVyMHN
cn8Q4cXh0bD/T96uGH3hWJIwJlUaIPiIiMsf00pzYS3l3Q6gIjM4NN2uW70q/sqnTlt7zeUXfVtD
X2veYT4Nwjp8De/ENMzHKNoo058MHFuuhgAAIABJREFUHACzyk/u/xWhZ/Cnt/j+0KjiqoHNcTWU
pvVpzGhkWbsBx0fPSer1bXZYvNfcXfY4cPo2O+xcn73NwmTO/O3Q19ePpNZAktahTNt+9tzLLVGC
T7znJJ6YalIUaYq0ZoAdvnSEIs9U1mlTp93C+rWPY/WKR4tl9y1p/e6W32y6565bHss6nYcArIRS
o42enlZrclLI/L4oSgeKonvQ2//19JPe9YEzsHHDWgWGTpIUAFtrrWvyT2XvQzeemGmQ1CqyQp2I
eyxAks3BqOKRIHgWCPl7zrxkdpmmSmlmZnS7HYJSZnBoptm4dm3y9c9+ePTKSy74er3ed0u7PTkF
Z8UZPydC0TNKXAmWMv97t/LeXwSunksBKEPBuS8pSkHYB28ZKqWmqThtgLleZJ0agF444E6r9/bP
GJ63YPqMGbP7hoZn90yfObvRNzAt6u0b0D29fZGOYuhIkVYaJs+522lxt9sxk6Mj+aaN67pjm9a1
165+fHzdqhWbNqxbvR7AGgDrodREPU07RcFTed4Zh4s8tfy1NgBsE0XJcFFkL37H+8885h/e/UGd
5xm3mhNK6VjFUcRsmWQ7jzLgAS8cffDDg05JSoFHnoROQkBkM3CWEWWfTxXADMskeV3GGNgiZ4q0
7ekbYGNsdOPV/4vvfvPzS+9bctv3+qYP3jfZGluHBViHE3A5OrgMX8ZHMAsLsQ5TcEJQQGjhgGkq
P392cD7FqOKqDoebKq4GVZz2KlK1rNOuAbbEVaNvxvDc+dNnzp7X1zNteGD7bReoR83CaXfdeZd5
56sOIJX0kFZMSRyj2+kizzsm63bs5OhIsWnTuu7oxvWt9asfH1+9avnIxrWrBFcbAIzX672dgoup
vNMZQ1kPDTjcz4+SZFaRZYe/7T0fetmp7/tIwoCZHBvTURJRFEUu9uuVnEg0BiqKtkKgVNxgqirX
4HywrwkW9xgIKQt+5Ut3GQsmYsW5KcianEk5XMFC33jtz+m73/j8fUt/d9MFjUbfXa3W5Ca4iK1Y
cCIAufIjGBLPQXAlf/+LGH8KAVg9lwC2hs0twz75SdO0oaI0BTjuttuptYUAvIES7DWlokRprbRW
mkhxUWSmyHPROlMouYUppVQrTetd0lE3L4pW3mmK9hrf4rMEt4BmAdguqdXmZJ3Ofi95xcnHnPre
D0/bcefdbLfd4na7RS5/UZPW1U4yfidd73I4zQxY6+pcpMiIAWiAjcuS5hCx8UENl/7l+MZQhG4t
jC1c9qwim9QbNo1T3e1m6u47bsZPf/id9df94rJrs6x7Xb3et7LdnlyNGjZiBtbjGAxjGNfD4oP4
LH6IQ9CH32AKCI0WZfzFAHMrRhVXgo8tFW1vHDcaURKlACfdbjOxhY3hBGIHwwefiJk7DDZWXXld
e2xTg6KYkkgpkCJTFEWedwVXVS50SkE143ra8RxX23NcVVw14awe5a9nFoDtoySZXWTZPi96ySuO
efu/fmzGTrvtyVm3Y9utFrErEPApYl5VErisO+cQaXNNKjRLdoIz/hggxcZ7RyHlgErxSc7cc5rP
GFhr2bg29pzWGqZWr6tut6vvufM2/ORH52665oqLr8+7nWv6BqevmBzbtBZO4I9j89zPkuwu/+Ut
3vuLG39KAVg9Z4QydaYqECXa1/A/tThNa0rrWKkoVgraGtYmt9ranKyyTrcoMJTiCAC0trGKC9Io
LHNmc1PkebdtjJHtGCV3bUsuIoezinrgXScA20VJMrPIsu2G585/4Stf+9bdjj3hNem8BdtDx7ro
tNvotluKLZMFSGsNrbWPROvAXzulzoGe2TxC5zMepDOv5/xMUcDYAmBiUsqqKEKt3rBRklDRzaP1
a1fh7jtuslf95ML1t//22ts77eatSqnHojQdzdrt1XAaehT7gXE7WvggDoXGxSC8Ap/ELTgVMc56
brLr/0xDobQKBVdV5VnFVhrVpw3Fprkp3ucNb9F983dv337W1zqj6/IoqWnYAoV1CfQKfvM4rW2s
0oK0NZa5a3NTZFmnY60VoVjFVRVbBUrPIuAqqffMyNrNhYNDMw7921PetuuxJ7y2vmC7HRHHSdFu
N5F12soaBoOV1tqlbkGSXN2ezApgYy2RJA+6ujlIEZNlkGXpbCSdyY3zHiyYIrJRlHCS1hAnKUxR
RBvWrcHdt//WXnPFpRtv/fUv7mhOTd6mVLwsSqPRrN1eA5ekLNkAfzbu7tkafw4BWB0KpTBMKj/p
Fq9j/zqufF5j8+sXV67Ka0m6Rqfye7fyWtw+qUEVa6IXnlwHsE293jPcbjenAdhueNa8PY982Ynb
HXTY0f0777Y3zZg1G3EUGWMNd9ot5FnmysnYEqwhIzWprEJdqERywZJvRUy+EgZEHOnYxnFCcb0G
BU3WGtWcmqA1j6/EQw8szZfeftPkLb++euXKRx+8F8BDAFbXevrHO80JcU02oiScC5yOGs5EB6fh
dVD4LIAD8ClsxEkALvq/D+Ithrhjrnt5aR3KvxHQNwRMrtN7vfFf4t5Zr+zcdfG7MLW8BSQNILMo
t4sVK6aKqxybB4e2xJX8bImrBKVynQVgfpIks7IsmwZg26GZs/Y86rhXbXvQ3xw1bfEe+9DwrLkc
x5EpjEGn00He7cAaQ65M05BPgSEpAqgGz6wPrsnbruSUWOmY4yRCktahVQRrrWpOTqq1q1dg2f33
FEt/d8vEbb/+5eOPLrvvPgAPAljd09M/3nS4Wgfn5k/iWWhE+pcy/twCsDqERK0KuNj/aP8jAlO0
/ZaZJVsKQeG2hIPIK+//oYUvQrDMZ1RqVpSm/Vm73Q+nxbfdY9+Dtl20y+4zdt5jn8Htdlys58xb
gBkz58Cl7WjWkWYistZaYmvZMABrPGgVExGpSDMsyFhD1jCMKVQ372LT2rXYsG4VVq54lB996L7x
1SseHntgyV1r1q5ZvhI+QTmO0wmto2an0xkDzAaUOVVSmla6t29GDeehgw/i36HwaozjUGjkGEKO
M//i+b5nMqoCkTC8+yDWL12XvPDd743S3vfnm+57RX73pauR9A4imxIvQL63Ja4Ym+OpqPyIMn0y
jkuw3YtK9FopNTuK6gNZ1uwDMBvAtrvtfeDCnXbZc3jn3fcc3H7RLtHseQsxc3g2HOetrSvTVMzW
gAF2u8tZwBU9s1IEkCYiwBhLxlgy1lCRZ9i4fh02rF2FVSsf5UcfuG9i5fJlYw/ee+faNSuXr4DD
1fooTSciiia3wJXUenfxV2D5yfhLEoBbDmntFqEEcfVHRhWoVY1dFYYWTw7MJxsJSnJ90P/MVEpN
r9d7enKTN7JORyzF6X2D02bOmj1/+sDQ0MDc+ds2hmfPawwODdX6B4ZUvdGDpFaH1hG0djuxmaJA
kWVot5qYmprExOhYd3R0Q3f92pWtjevWTo2PjU5sWr96ZHJ8bBMcADdCYaKe9jajSHeazVbT2nzc
/63KOYm1+/v3eioaOAstfAjngjEdn8HxeDdSfAXdrXgu/3fHrFN6sO67zfqRHztJWfPlrDX+0vyW
r94F9E0HJttwik+U6uYpm5vjaUuMbQ2uYjhc9cEJwiEAM5RSQ2m9t4dNVu90On1wuBrq6x8cHp4z
f/rg0Iz+OXO36Z01d35jYGhGOjA4pGv1Bmq1OnQUgZQG2KIwBfKsi3arjdbUJMZGR/KJ0Y3tdetW
tTauW9OcGBsd37R+7cj42KYRuODfCIDxtF5vJknS7rRarTzPx+ECOGPY3LV/1rux/LnHX7IA/EOj
av3JqFqDz9YkaThBKOkWAtpBAANp2uiJ0qieZybxkcYq5yScZqKiKNFaR0SkfAMwy8yWjTHGFF1m
FjeqmjPVgVLdelrvQlNORO1uq9syJhP+ZQKlmys/T51T9T7U8UW08SH8CsBSfBrvxinowXdDtPKv
cyw8vYblZ3bSF33gmIii87oZnVj85pM3Yf5JdTx+URubY+lPhatq9FoKBwbSNO2LorRmwHHWbtas
tcKTC4eZAEiVihId64iIIrlkZjZsTGFMkTFzlQISDrwDqG5a7+1obTNQ1O22WoKrSWyOqxY2p4r+
6sb/VQH4pxyEErASrJEgTQ8cgOtQqh7HcS1ScWqtiVgp57azUdZaKorC70BjCYABFCkFjtK60Qpu
v0PYwhIVGjrL87yb53kGGBGKEn2UiLXwUFW3/o8ZCodDYUf0YxZ+DcY38Wl8+a/bEjwpAS7KokP/
7QVJnFxuGG/oXvupn+Og99Vx0xfbf6aLEq9my+i1YMvhCqoR15I0oqhWxZVikLU5FUWhXC8RmX5l
I6Wg0thopViSleFwlec2z/I878CYDjYP2lQrfao5oX/N9MjzAnArhghC4SUFuCIYk8pr+YzwmeJS
VTc1ATbPudsycbQaxNkyObnKQ229VXIqYozCYgF2RoxfwuDv8Hlc+VcpBHd8d4plX+nGB3947zi2
V3Nm/779289dioVvrmH5eZ0/9+WhxIUE+qoYEstvy8Cg8ODVQKD8KwKrylNW8ZNj8+qeqrB7Zrj6
PzieF4BPb4gwlEijCEaJOm4ZsJHvbOlaVbkkg80DONUE0mpFxtZyTk88TkKCi5DhAzgCGj+AxTH4
LJbgJMS4aKvbjotglwUp1xqhjBZGKBdWNWlWErKrY0v+7emNXU9PcO+ZWXr46Ttq5Ndaxoc713/q
/L8g4bflqOJKsCWYqgYHhQcX4Qn8Pl9ZjV7/Mbj6q3Rxn2o8LwCf+ZBnuGWQRgC6pZZ+MqBumUEv
7wPPlTY+CXVchDZOw6kA3o8RvBBnYZO/zmfq+jxTIRbjGXUBPkkDFxkc8P7Zjb7ab7iw/9W+/pNf
xq7v6MW9X596Btf1pxyiNKtCr4qt6k/1WVcxVf23qkD/oioy/lzjeQH43A0BZbVG8omACvw5gfhy
NPAztPAhfBaEv8EqHIkhEL6ILv44IRjDdWaZArAYjru6Dy5hdm8AS/xxFvv3JvznCS4COQ9lWRXg
XL0+uFzGLStV/shxkgZOAva7eVqjL/0NgPNb137qk5hzagNrzmpt/fGe/SF147fddlt899136wsv
vJAPPPBAOv74483+++//VIJ/S29iyyoMef1EmHt+PD+eH5uNN6MGAPgILsSH8QMAwOH+vScfsujm
APg3ACcA+AqAtwL4HICdAPwOwO5wQu5WAPv577wNwLH+9RkAXogy2r4ngNMAHAyEa9gKRX14hF1P
T7DXmwd7Dj/tzvrhp30OALDwzU91P8/ZYLcBDZ1++unRl7/85XS//faL8ftCLIzTTz9dPdH7z49n
fzxvAT4/AEDhJKSYDyDFdWBchc/iIyFl5sm+46yz2QBOhNsVbhjAd/zv8wHsBuBquATbDwN4P4Bl
AN4A4HAAvwXwAgC3AbjbH29fuEqJKTgr8Hv+fH+MJUjA6Rr7/YwaAy/9JYD7W9d88h9x9Ck9uOq7
LfwJLCFm1ieffDKOOuoo1e121Xve854njKQycw1AsWL1+sMfe/ShHX9yySWdHXbYoX700Uc/umjR
op8zsyLX4vz58RyO5wXg80OGE2j/jFlo4EYQPolP4ezAEz7Z550FeDKckNsGwDlw1uBMuOhiLxzZ
rgHcAOAmOCtxEMBPAbwZTtjdBIfHQwHcD+B/AXwAwGeAJxXCmw+f09dzxMd+xmQnWtd84vXPVaqL
b06grr32WtVut/WPbr6ZzjvzzN/rmeitv2lnnXVWseeB++6zbuX6Xe9denfvzJnT3/Lggw/CGLNA
a90YHx+3SRxju+23726//fbvfuUrX3n26aefHp3pjinHojMAOsOVfDzv1j4LI3rqj/x/9s47Xor6
3P/vZ8rW0wscDlWkKAgWELEFsceaRM+xxMRUTLmm+DNqKpB70xNTvCmSYnoMxJtii8aGvYAFBKVK
53B62T4z3+f3x+wBNJaAGsXM+8W+dnZ2dnd22f2c5/vUiP8QDC3E+D7tXMa5xLmVK1nLN7j3JRon
DP4AfXYl2Y4EPlbefzswnjCQUQ08Tejfg9Df9wShNbid0Ho8BBgFPA4cSLiEfrx87Cv5AoVpc5Ms
nZ9Lzv7C9aCau+t/LoSW2Gslfqoq8+bNs+vr6+2uri4VkcGqiJ2ip5vVao+1j/2/W24x0yZPOfHZ
1c8mf/DDH05LxuMnrVi+ou/JJ58cm0gk4tlsho0b11FTU0d9fX0wZMiQwpj99rO3btlevOuuOyoK
hcJnVq9efduECRO2hvW+oi0LF9pl0TPzQWhZaLOo9T8ycvtaElmAEc9nMD3mM5yBzbWUmM1m1lGL
9RLdYwY7nRQJBbCWUOy83fbvHggqlvdbhMm31YRlVxPK968jXAIPIxTAV6Zs+aVmf/5ahIm53Oq3
U9tkuLXOg/mvehk5d+5ca/78+c+LmmYyWtXT01357NplI5Px+JkPP/xobyE7cGhVTc2M9evWGtd2
xvvGJ5PJYVmOqa2tsWrrGrzGoU3+iOHN0jx8uN00pJGqykrbde2dPr9vfuvbxb6ebv+UU089a9as
WXfdfffdzuzZs32A/v7++h/esLTyqvcdnkUqOiiL46t9f//JRBZgxPNZRImLSfAtbuJKvkOSP9HM
23iSDC8eUTSES1gIp33Brjy/wce8MK1m90hsT/n+1eXbQmgVbn+J13s+w+ak2LIgl5h11fdEZHq2
WDqOhwmgLYBrXgMfmsr8+WJUNXnXfQ9PKWT73/7E0qXWddf979sKhXxz2/a26nRFeuhAfy8Fz2f7
9jaTqqqTZEW60DikSYcOHWbVNQ61a2urg6qqKrsynXadcq9T24J8sYgf2AZB4q6rMccWg6oxpgTQ
kRjnAv6vbl4y+4rrHvr+2k3t8a0/KPkjrn/gv68SuZ5dM+Qi9oJIACP+mV9RYA4pvsHVXMV4ktzA
Yk54maDIbn1esdiVv/ev1NDu/lgI8yAHqxxePh1k1scqWPyjTPK4z30Z5dTsBu8I1n9zgL1On3k+
g8vP1atXj73ul7/65Yrlyw5FgwrPD9i0qYQdSxCLpyhKKte43/5S3zBUqmsqnXRVvabTiUQqmcCW
cFa1awv5QpFisaiubZOM2ThujJhjie2ISDhMF2MUFMuywrFzrUeOLGzc1nHYd//y1O/uXbZxWFxU
Fy/fLBN7a6++7k+Ll77/XFnTsnChvag1Wg7vDZEARrw4C8hxKXG+zke5ilu4ip/zdT7IXFLM54W5
dIMCN1ja98L9L8fujx1kMGH3pRk9N8Hi+ZnkcV/4pIhekOvJHcf6q/uZ1uOydMGrbvRaztNT1e7q
n/zkj3946qmnZvhW3EvXDS+lKmtNU029HUtXSUUqLemKdCqRiOE6Fo5j4YhQKHkUSgVNOA6u6+A6
FjHHwXFsMVh4gSASUEKxxVJVI4l4XKUc+rXjdtgy8u65XPWXpcc9ubZnmARefzwVT5dypWLvQH5I
XfPQY4E17StWRK6svSQSwIiXpg6Pi0mgXIDwAFdwJfP5xhteMzz64gQb5xcSb/vce0W4zA/kRJ6q
2s6keS5LF+xpGd+LsmDBAhfw/v6Px89ft3bNDM9OZ5sPPjHpJNJWIubiCMRdB1yhu68Hv80jk8mS
7ctp745ups6YyLjxY6QUGLAVCQyqfnkQoEGNg1HFMQG2WKgail5AoEZRVctYoV9w9Nurm3piJ/Y+
tdXEXCtV8nzbdp140fN33Hn/0/cBLH5r93N8XYkEMOKlmY+hBY8EJTxOAh7jKjbwdf64s8Hq3uGq
LvQBFWl9Ycnb7v0e/7kof9qcFEsX5GKzPt8iar6d62g7kad/toZZsxwWL35NxA/gjjvuEIB1a1Yd
VCqVgmTTVNvYKauYzxu/WLCScVc3rt4m29Zu1VymT/o7B8hlC2BU+vsypKtS7DduDKVCKWzNHAgx
JyzMcLDA9lFsjFqI5YkjStELRMQi5jhKWGEjDBuZ9p/YkQqnYIqqZfmiYk8ZO3Tgw8dP7P/BFTB3
7jzmz5//Wr31/yiijPOIl2cRATdh81W2U6IV4bt8liP4FQVadg5Z/1dxp03DVV3iibTGRVqTumSJ
N3fWrMGRCC5hr0R/YSiQgyMKQkZ8OsnSBbnYUZedZmlpgesmT9cv/WzZrLvVZvHi3f2Ir5oTTzxR
Abq7ukqIbfvimqLv4StiEIqBytOPPM3TDz4lW9dsZ6BnAOP72I5FqiKJJTalko/nGzwvoBQYin5A
yfMolTxKXkDJ9ykFAUGAFkoG3w80VyiQyeW1WDRFQOlc3l+Vcvvi8bitxhD4gWmsSpuZE5p+NGXK
2B0LF66IzZ8fJUzvLZEFGPHKLMWjhSRX8yBXcgU2v+dyjuTbtNOC/S/MFbEAR5csKcn06YhMP37K
pAlXiSW2TJ9+NWHOYKnsdxshIo2AmTFjxnOPPPJIv4hYjLvUZe13884RnzjGTVYsqBk+/F1bf33J
gNzJUSAdS3TJmukyffC1XrUgbNu2TQBs17aNKoFRKfmKFfhqHFtUw3GniVQcO+6gfjgN0Bgl8Hw8
38f3PXw/CJe2xsc4Dr4RYsYQqA8qiPHIer6gHsbLyxHTp9ulQjYxbr/hn960Zet5Hema4KSD8v/z
2PL1umyDd3axWCx292dzyzf0HKz5/HBJJre2tCy0F0U5gXtFJIAR/xqLyHMxCb7Bb7mKCTjczUeY
jaGHuehLzBURwFFVDyiJyMxRo4Z/4h2nH9968YVn2yLCH/500/E3//2+v65dv+kXIjKlqrry/HET
xo0sFUv+o48+ukJEvrdwof6ltVWKzpGfPDyeqvuNt/3JBVvv/PJ5Y/bf77zGIbW6bUtbZrpM/wdx
vkqRdbxGIgiAwViieH4gTsnH0iAcbSUQqGJ8g2UrJjDhBMpwyBWBUQqewQQBlh9gO3F8z8NWn3Tc
JeGGkWGbADFK4HuU8j4V1bVWW+DYD63c/K6evHL4pBHewWOGPuxbMddxXIrFPIHR9GPrOj7w0ztW
HqSFtnMk0bTl7rvVmT1b3hKDiv6dRAIY8a8zuOz9Ol/iCrqxSfIT2pn7T66UncInIp6IjE2nEldc
8qELzrmg9cyG6YdMLgwMDAS+7/OFKz9u3nnmSWefc8Glp06YOjl+1ZcuZ/R+Y4om8OXB+x5629e+
/O2Zra0yp/Idv3ooGFjzp8K2J/+UeO6v77r8f75w8LktZxZTqaTV29Nb8ZvrfveBH3//pzMN5nTC
srwX6zO4x4iKiAgmCLTkB1gSoL6FUYMJDDvHlks4gNyyLGw7XImXfEPgBagW8fJ9dG5YRmGgn9ra
WhLJOBUVFUi8glXbi2zozLC5PUt3psRAyegnzz26ZMeNuf2BleaPD2z6xZIVG5IxR1SwYrYIbZ3t
2d/eVZqxYUffwuVrt543ZZxs1igxeo+JBDBizwibpVp8k+/t3Pd86y+hqgXAE5HGeNz9+GknHz/n
kg9fOOzwaVMDy5L8lu0dybjrkM3l1Y3F5JFHlhXqmpvk14t+UUi5KbtY8B01gVx40UXZ5pEjk+8+
veXLxQ135dPN436Se+bPB/+/b8w7+DNXXNrT09FfFXNdKlLV+tWrv9JXLJUm/eyH181Tvft9IrNf
EwFUEVXAqIofGATFWD4GG0SwHBsRCxUDqgS+wSsWKZY8CiUffIMIPHrXzWQ6N1NVW093Tw/xRJK6
mjRecii/eyQrlSmXKfs3y6zmWprrK3X2ofvFb31kFX94cDMG8RwLXxFbLFWjSEU8ke7uGyjctuS5
I9t6stffu3zt+SKRCO4pURAkYm8w5QDI7vln7rRp01zVFQURqRORS048/tj7f/mz78/9+YLvNB19
1IxCJlugty+brEin1XFimogniCcS/PHPtybObjkrVlNRk+jp7Hcrk5V2Op62dmzZkT788MMKs06Z
Parw5PV/7rrli3c0j2g+75xzzih2tfXUurh2OlFp4+H0dw1Uvuf9FwRVVZUniMzeD8pC/SrRIBBE
KAUaBi5KAZ4f4AcBgefhF0sEno8JAmzHoqImwfCJ+1E1tJ5iycMLDEVP6c9kyReK+J5PsVTAmACv
6OE6Nl5gtKEqztsP309HNlbokOqErNncoX97YJX6RjUVsx0RHFEjKCIonudrKuYmisXiwKbO/FF3
Lt36doDW1nnuK72niF1EFmDE3rGrbb4zbdo0WXLllZ60torI5AtnHXvkx88798yjznnXGdTW1hXa
2ztcky0k3HgSjFET+GIIcGMuvX1ZFbEY3jxMfM+nuqpaK5IVGmggfQP9pFMpGX/gASpymzpO4sBR
o0eYurpay8sbraqrIebEoBoG8v1aUVFlNTY1Jvr7B4bqXH1O5osDe9ze/wVYCIofGALfxyFARRDL
kGysw4rFqBxaR2V9DdXVFVRWJ0lXVeM6FsViCde28YOAUqlEJpPBiSWoSCUIAiVuQyFbYNbBo+So
ScPZ0pWRuGOTTsb16Q3bZXvnAHHXougH4V8asVRQQcRYqOX5gdq2xHK5QrBk9dYcwKIVK1/+zUSd
oJ9HJIARe4u0gLVQ1RcRpLX1pEkHjrviPe9uOeH8lnfJmP1G5zo6OmJt7Z2JZCKpghrP9y2x7fCH
rL4UC0br66rFsS3ad7TjuDbt23ZIMp4kX8hTW1/D4rvujy387Z9Q1Q95XqH36adWyNPLV9hHzDhS
u7u7rerqau3p7caKiw5kB4Id23eEAZf5EucFran2BssCo4LnK7YxqAlwEDyBoVMOIOY6xGM2ju3g
OoIgFItFAt/GdSxUwRIoeUWKxUI4sxdFxSaTzVBZq/RmC7T1DDBqaC0VyRi1lQnp7M1S8AzJuL2z
e3RY9zvob0RtESmVjEml4/bU/euSNwOTJk9i5Utr4KCrYtA9MHj9Yh2lXxMXwpudSAAj9hZdBIGI
HDyiedgX3n3hOWe8/z0tiXETJpQy2Rxbt7alEokElRVJ9T1fVFRcN65B4IsFiNjkKYrjxjjrzFO4
5tpfcf6FrTQ2D6Wrt4P6+jrpTg2rAAAgAElEQVSuu+7XzP/8fOvd779QjzxmZqMxpvG+u+8zF53z
fvn+T77D6aefRm9fN/GUS7IyYX7109/GMgPZR4cNq+3cvr2ngnDw96vCWGFk11ND4BkcNJxhqopr
W3gKJvBxLA/fsXFsC9e1QRT1DIFRHDH09w1QKBTI5XJ4nodBSLpCnWOxYkMHrkAiHuPRZ7aQyXts
bu/DcQTzT7aaqBoVVURFDSJOXHRgdFPFZoBjTmzWlYue/4DdLjWE3XgyPH/myosNpxrcHhzuZV5w
3GAN9+Aw+RfOtdkniAQwYk8Z/OLXNda4nz/zHed+7CMfuigx9aADfU8p7NjRGY+5MamoqFZQjCJ2
LK6oEVUjNpYa8UVNQCqZpqurl/dcdA4PP/okH//QpVxy6YeZdNAkHr9zqXz5i/+tP7ruGk478zTJ
9ucCVPXsd55pjxu/P5f91xU0NQ/VhiGN7Fjfbv70+z/Zv7z2188BC7dv73F5Daw/AMuEFpcxRgM/
QAlwRMLqDg1TXhAbsQSMgqXgBahCzLURLKx4mgve/R7uufl6ntu4hbraGjLZLHEHBjJ5LLFZsaGd
pze0U5l0GVJhkcv7qAoSxpmR3VJsAEQsNUb9WCwWa6qreOqS0yY9+hHg2jlz/AWXXAK7hGoy4UiC
GmAioUvgZmAMMB2YC5xO2I/xa4RCdjAwh7CLd1/5MScAW4BVu30HAJoJRxesIez3uE+NVY0EMGJP
cVUXlkRaj3zn6Sd+6hufu9i368fnO3szCUtwUulKRSwFGwRxrLDQHxwNgkCQIFzMqRKLxykUS8Qk
wfsvPp9zzv8Q69dsZNjwJnliyZP67vefLyefcjKb12yjsbHB9v2ALc9t5+IPv487brvbnH3yuRx0
8CSru7M3eG7dhhjwgOM4633ft3iVP8Tm5uawGYGIqoAJjPh+OH/eIDgBGCec9GkCQ+BLaPlhg+Oi
QbjazPV20tGzlVLKQ8RGjaG7u4vKyhryCZeG6hRnTKuj2ilRlRTSruBY8PtHu+kthJWAioQXKSuP
KiIWvgZalXTMqIbK21j7q55Zs+Y6IjtzAQeXtbWEYldN2IHbAOcQDqg6jtCCO5JwhIEhFLFhQBWh
uKWBc4FxwD3AbHaNge0mFMQYoWhOJOzsfSevZS7m60gkgBF7iobd7jFjJx3WW7ISFesfvDk5YdpJ
aicqNSiVxLJFsURsywHbEkvBaCA2gjFhWCEQIZPNomqRyw7w6cu/yBfmfYEPvPeDbNq0SS+77DIZ
N3GcBr6hvqGe6nQtYoMf+MStGPuNGy0OCb70xc9rdW21s71tu3/OOee+o7e799bq6upVfX19/9wh
ZdYsh8UAi1/ROhysBAk0EBQCVfWDcHyuLaBqIRIQCGDZ4cU3BIEhV+wjnkyQTlXQvfYxejc9zVo/
IB6Pk06n2bRpE319/QxkahizaRXVlWn6+wfoVaG5qZGMO5S2fkOs7H8UCS1BEC1vWEbxFdsdWhlv
f9sBQ34m4z/B3LlqFi/eWRM8aKGVCDt2K+GMlc2EA6l84A5Cy66bXe6CauDY8nGnlvevJhTMMeXn
GlzieuXHPweMJpzxMpNQAPcJIgGM2FPknnuOA7By2YFU46jJUvAc07bmMSvdMJra5gnquDERLA18
XywELBsLKxQwT8gX83i+R6lYZOx+w7nyqrkMHT6Sz1/1OXa0dzBz5kwZNqyJ/v5+cRybge4+qiuq
IYBcLkf9kGoGBjI6atRwZhxxBJ1dHdbECRO8K668vOKqz3zuw6NGjbp1+fLluyyhSXNdWAmLF/3L
EeHJK1cGADEHY0kYBPFtRTXAIIgj5AseBHmsbAav4FHq68Pk8hQzWYYfdiCJA8dhAo/KmjqGV1eD
KsYYmpqG0d3dSalU4oknnqKyqpqmpiaGjxxJw5ChbG2HUhAQd2woL4G1bI+GzkVBRH3XcRJNtZWP
HFfbtRWQF9QEW4RCFQeSQB3hwKkjCYXLJxS2C4Hb2GXtTSK07m4gnPVSSyh+DeXnerJ83KD/cEL5
eiuwEji0fHufiDRHAhixxxx3HAASiydNKZ+xfSslww44Unu3rWHHmkeksq5Z03UjJFFZj2BhghKq
AflcjnyugIgSdyzS9bVsb2vnzzfezneuuRrf98nls3heiUMPPYwb/rqQT13+CQIJ2N6+jcA3JNNx
trZt5f57HuTrX/s6xVKRQAPtHuh2L/7ge0s//9l1M5YvXz5joeo/WuumV3Pi2AyL5pcA3OmXHmql
0rXFbdkHSMUd+tIBw/p3WYpbytd2t347NibGuEuLmaK4iqKolAJDDNAgTEsprFtPsb0LfB/1g9Ad
6DgEno9fNBSDgGw2C5l+xHJIJmIkEnHq6+sZs99oHMchlUzTUF+D68ZIV1bQ3DSMezetL/v6wtpi
yxbUgGWJBoERx7Y073kysqHaHD5p+D/kgEO8OXOudRcsuGR3ARy00tYCHYRjCKYTzm65ltBi6yYU
rvWEZr0htBJ/SFhNUyQUykPKz3Fv+fbg6wwe308omgXgrvJ9kQBGvDW55x4ALBQs25FhQ+soloxU
Nh+EFRQp9LdLz5aVWHaMysbRxCsbyQxkUWNIphK4DmQGBqisrOLmW26joqqKw2dOp6OvnarqSvKl
HB+79KPc8H83cPknrmT+175EZboCYwL6+nr5rzmfYv/9xsk7zzmbXC5jEsmYlckOSP2QhuCMs05L
ffdb3397y9IFt9GztI9Vs9OJWVeeKWKdbDnpd6ifu4e119zFoI9w44u/x0c2UhBgWNXXMgM9EsZw
FEpGccOiX/yBDFIsIrEY2OV0FUsQE5bKeQEQr6Jv+zo8X5G6WmwnRn9/P/FEgtqaOorFPJu3ZonF
4kydMpWq6mo6+gsoEgY+AKFs+KEqgoWqb2HFalNu+zGTm28DWDBs2wsjr4Mita18AVhavhZgRXl7
+27HQTjPBXZZe7vvezHWv+D2Ey9z7JuOSAAj9phBC7CyIi2rVq3RX//hz3z2yk9TU5mkUEpgJWtQ
YxA/R6ZnByV1SaXS2FaYTGyMhx8EOMk49yx+gAOnTqK6ppLNG7dRX1dH30Af6Yo0P//NT5lx8Ewe
vv9hxk0cBwLLli7DdeLced/t9A30qe/74sRcLQU+RS8vh804VIFDGy99/G3JWZ99r9jOsRY6ThVL
TKmkqpOTsz77C1F1FQy2YhkRlXCwhhgLxUilhRXz1fvJ4oEZ0xo9XFvdrCoOUPQNrm2BbYNlocYM
KlW5l7ViFDwvoGLskTh1E+hd9wAbNmykrrqS5pEjQIV8Pscxxx6rE8aPl2QyrvFYjG07OqTgoeHJ
WIgoqmH+H2FdsgZqsGyH/lyx+P3f3NMHQDi06cWwCJfABcJobcCucaXZ8hmHa+1wO1W+v0gYCHHL
x3nsyh00PL8KSNhlce5T+YNRKVzEnjL4Q5NMNisTJoxT17b40CWf4uZbbieXHaCmpp7auiFUNY6k
evgkYrE4sZiD7wcYE4AqrmOTz2TZsGEzEw8cT9Er4PlFSn6RfCmLOPCja37E7BOO49vfupopE6Zy
+MEz+f73r6GuvpZf/vLXxBKOZHIDUvQK6gVF6evvs4ePaqapqX5EdsfTDWLZGS3lLREpSNi0IAbq
YcwmFdlEoM/h81wQyFqU1QLPGoJnAliO6NPGkmUNlVaba4NBdDD3Q0QJjMEEipRTYcqhbUQ1tNxU
8TyfwEB66HCGzzyHhsPOpd8ZzspVa3lu3Sr6+npwxEjb9q360MOPyU23L5Zb/nGP5nI5sW1LNAjC
hJty6kv4YuXbGjaOHjtyrBP+p7yo/g3OaPkUYQDjc8BFhMPo30soXM3smsMynNDvp0A94YjT9xD6
DSGc1vfCxOlB8asiTLXZZ8QPIgswYs8Z/PJblRVpnn1mDcObh/FfH7uE+x9Zxvs++FHGjR3LMcce
w8knHY+qharil6RsKRm8wMe2bQb6euns6aZ5ZBP9A32oZejt66G2rpZbbrqZG/98M/fefy8Tx0/k
rDPO2nkCtfU1tJ7Tyqzjj2Hc+P11YKBfsJRMrmTVDanxahoaGtuefqBT1z/wKYHL47OuOlFUz7Dd
1Kl4/jP5+74675XeZLH8Rs/73lfrntmQOS7ow7dcy0XDHD+xpPxBlIVnMDcwLB3B9wM8YwiCAM3l
sB2bhjHjaRw7kVznZu1bt4RtHQP86db7cRNpSaXi2tRQT011ldhOMTBFtcS2wOwczoQxCBgs21Jj
VBqrU3r8USMCKM+F++e49+CAqs3AQYSWXQoYC7QRpsMcRtiP8VBCK9EnHGyvhIL4BDAEuIAwFeZZ
wshwDaHoPU0Y+a0iHGN6K/tQuV0kgBF7yuDPTIqloowa1aT3ffshXXz/Q/KBD7yfr31lLg898jgP
PfAgM2dOp7a6jkI+j8Zt1HjlNlIBtigDuQLFUolUOsFAph8v8PHFwlef7337B3z0vz7CxPHj2bxt
I9VVNagqfQP9evzbTpAzzjxdr7n6h/zolz8g15XVeMKlUCiKiJJOp1xg5GULH0pyWQvFxV//O/B3
jvno2ITUNTFrrkPP+jh9VsCwnIQpcMD2bmXMGNiwgSMmVcVYQ3FTT1AdBIpYoVUXVrGULTAEJBQ8
NCyEUB9A1Fi2eJ7BAcUSxEAuM4DrWlTUNUlt07l0PPMAnW0bmDplIhPHjRTXFlMqlrzGlO+2Z21U
QcuvRXnTKIgRMWpIJ1xrXFOlBTB3HjL/xUeWQpib93ngN4TD5ycRilUM+A4wj9AH+Evge4SW44WE
ArgKeCdhDuCXga8Qzm6eQKgfVvmYyYRLbNhHxA8iAYzYc7QcBBE1KlWVlXrtj74lt952Nz/50U+I
JZIce+wxnHvu2VSlU5SKeRSD75cITADGgPHxNcCxoVQoUgoKODGLzZt30NTcxKOPPEpXZzdnvet0
ugY6SaZTWI5gi00i7kpfvpvzL2qVj3zo46xds4ZYLE62JyOxuKNO3A7y+bwNeFdzdfG7W7bYTJvj
0he3uP+a9YVdTvswTeaFQZDy7cu/1eK1ti4KqpJfLWassJJMhLICyc6lsKJY8TiBY+Ekk0hVJW7c
Fae+Rr2ShwoCSlHD6XAWLtl8kbg6qHpm89onPb/QJX2d2zWTL7q1FclYbXpkl+vWVJkgsGVn/S+i
GoqgWKLqQU1FUlPl1lfzmMeLTAUZ9O9tA8aX310aOAX4NvAJ4CzCKo4ewhzABwktwfcR+v7qCK3F
hvLxDwKVhEvdLYSW30bCROijgVvgRUenvimJBDBiT5HBIIhtWxSKOXZs79Bzzj5NTjvlZB5+dCl/
/tvN3HvffXznm/9DMpHC931MQNhA1ASAoVgsMKShnrNOO4mvf/Fqrvn1N6kZUsnQEfX89rrfMXLU
SEbtN5L+3j4SiRRB3g+7MEugfQO9cuCUA7SqqpLHHlvCmeeeZnbs2KHG9v0ffOPa5DPLVz2eSrmr
pHVRFdDH0gVli6TFZtYkYfH8V0yEXrFikg0EpZKxBv1rKoAlYYmagAwfjjWkUUmmseIxAgTbcVBH
xEfEGDC2BYFNXAuB8Y1nTMaKm4Ka9oxWWEVn1P4HxLva23hu4yatrqoujD146vXekEMeWvPo5mva
+/qNLbioSlhjV/4nKsLO4IgAzJs3D/55MNJgXW6GcAm7jXA5/ASh4P0VaCK07qrLx/2BcHD9KHYN
rb+L0Ew+gHCJW0m4bIbwD0mS0Aq8nlA8X3mg/ZuESAAj9pZQGNSI69iycdMm3ESMI4+cxkknz6ZU
KJIZyFL0iqCCCUoE/q56eTUBm7ds5uMfvZjt27dxwakf5JCjD2bWCUdx3933M+PwmWAL+UIeJ2aH
lRegYsNApp+hw5sYO35/br3x76RrkvYj9y/hiQeftJ9asuIZ4Ae5nJctn+duP8RFQVgJ8i9Qbqni
umEdxs4AB0YtsURUMZVVqDhhkp6W3V6qOH4xsNTzk1aJpGYRP0sFhXg6btkWYSCorrpanVg6F9SO
e6zh2KNk+9bNtx513PGPnn366X//9h/vPSWdcuJBl8m7rm0ZoFwUvDM3RsSiPDsdgHmgrzAXbtDW
9YBNhEvXJ3e7/4UT/ta+4Paq8gVCYdydXuAvL//yb04iAYzYa2xRURMYLyhJbVUN+YzHQE8vHTva
sR2HeDxB4If983wvbB5g1OAVS6TSKWpqKxBjuP73P+Leex9i4aJbeOAv9/H00me48D0XMpDpwzce
xVKxrC8qlmNpyStRKOWYMGm8fOvL3yncd/vDnaViqQdY5rruHZ7nrSdc/u11PfD22loF8AL1BAyC
bcRBVC0jFiJiXAJxggHfwtcKssRMHi3kqLDybl1FIo4GCIahIxrJ5uznYvH4yilTplb0Z7KL3Vjq
ySlTJxf+esP9iz/5yTkWzMuInE5LS4s9rCbhxhw7MLpr5Rs6HCmLn6iqlu3B5M6oPC9vde2enrJ7
O6zBQMnOIDcv3vVlsCtMiRcLt4T3heb9PkQkgBF7i1iWJV5Q0qQT0/tWPiKXL/wqXzr1k7zrbafR
m+1HjI8JPMDCiEWgAZYI6ZTD+jUrWLVmAx1dPRSLBWprKjntlJl8+OIzueCDV6nl2hIYT0tBETdw
MEZBVWxsVTHkC7mgqqbCEZFtiv4tlUq0eSbY6hW8bsLKhH5eRUrGtGnTAJg69eDkfXffaVV523KW
44qaop8mZyc1Y+EXqUkYN+EKtgmwLGHk+BHkCqVtbiz2+PgJE4LlT6++/rAjDi9abnJVpnv7c6ee
em68svKeXpHZALS0tNgilyjgLFmyLTZ9enPuk5/5b6lIxu3AmJJYIIHutAA1zAsM7WhDsFvHr1da
cr5Yq6tgt219wfUL9xt2NZd9sdfyXmTfm55IACP2FA1dRlhqDL7vi6hKLpels7eLgYEBvFKRYqmI
Ew4TArEJAg+j4PseP/7Nn1nTVmTUmJE0141h2LAkHV293La0m76+1bS190osZpHJZqV/oA+VQfMH
FU+kt69XEpUx3JgdqGoxCLx1XtHrAdoJ/VydhEu6vf5R1tbWGoDJBx7wp/Xr1p5XKq1t8HUtbgwX
NcRdN1ffMNTq6up5vHHY8GJlVeXKNRueu+mEM96ZGjti1LPfe/KxlUced5y0tsju52ADhVmzZjkL
Fy60xo4dq9OnT/fKDU/N9OnNPsCGzr4nNrT1LE/G4wcFJvBBXDW60wKkHIaxbU3uQ/GGNyWRAEbs
KTvTYIKwO7LuyPZw3OQZPPD/FlLdUM1Arg8XwfNKGGNAlGKhREVFmmXPPMPPf38T7/7YVcw+dioj
K5MkEjF8z2ddZ4bFDy8jF/xO/7LoRjn82GmarE7gByUCz6CouK5tqhsqgu6BTv9vN9yUAJ4S234W
PxgAdhA68nOEy9+9dsS3trYGqmqJyD1r1qw5974HHrx8zapnC6NGjUonUpVrt+/o+vvJp57o7Ddl
0t21IgODj7v6a1/b+TnNB5kzZ447Z84cbrzxxmD+/PlBOafPX7x4lzNyZ6IzwKy5zkWnHbF9+kd+
2ua67hTf841YVlgMp6glFoExfjyecB5d1fY7VtZ0wlxLJBqOvjdEAhixp0jZAhRjArFsiLsOmcIA
qdoYJS+Pbdlh4FIDgiBMlVPjoRhKhQIHHjKd3u4dXPfDa0mnk1TFLTLFgGyhSMXQ0Rw1azaPL76J
j733Mlrec6aOGjtK6hpqjTFK1/Yua90z6+y//OFm54lHli8FbgiKQQdhsf4Au5J5X3UUUkTMwoUL
7fHjxy8GFqsOml+hYH3uivC4lpYWG2D9+vXWlVdeKS0tLYGIBIAuWLDALFiwYPfnfPnzWjzfaJsm
PvSbm2JPru9AQo/fYGaxiiCiYRpOIuY4VLdbtEw2LHrZZ414CSIBjNhTNOyjOV8c25Idbe2yafMO
Djxwf/oHsjiOjWcMlmUhKmHVhAoa+GFFiF+gqmEY51/yGWroY2iVTVIDCip0FSza8gl+8tXL+b/f
fZP/u/kBrpwzT0bvPxws2xZVcvlCvmNbZ7uqPuy67o2e520hdIT1EIrfa5p+0draGixcuNBesWKF
3draCsCcOXMUpvHJTx4jkyZNKpXFDiAYPGZvGKyqo2uln07EfcFWRVWwFS1HRIyqCG6pVNLhdUMu
3FJ3xDdYVL81Goe5d0QCGLGn7CyFUw0wGujylc9orpiXA8aPVdu2RY0SBH65e7EQKJjAw3geGINX
ytPdsR0rHlCfqiVZmSIzUKCvt5/u/l4tFgv611sWy0BB9Yffn8eBE8YV3vOBy+/aur2tC8g7jrXJ
ceIbCoVCB2FLpz5e5ZL35Whtbd09WLCT3Qy71wYBaIFUuzWsPiWWZcI2MIShD0IL0FI1JuZY9rLn
2vqPuezXWfgXLMuIFyVqhhCxF9wDQOD74jo2lZVpaduxg/seWCLr1m3Q/oF+BAMaYAIfTJj7pupj
NMC2HGLxZGglioVt22qJrViWJtIpKRR8dnTm9KOXfIDzzz1Dp049UE855dhV8Xj8werqiid836wr
FArthL3segjFb5/3gQlw7ZIrLdlvduHoSc1/3q+5rlQo+pYlqKJii1hGUbHE9gMNRNy6L7YePRWA
hQvtN/bs900iAYzYUzQsHcVybPE9r0g+XyCVSGgy6erGTVvk8SdX8OyqdfieF3ZQNgEaeJjAR42P
KdfNWiKD/jQxiFiWJcYPNJmKyZWXf0QOnDCWzq5ezWay+e7uvpXFYnFdJpNfR1i6tYHQ75flNRqA
9GZgzrRpPnPnWsc2Fn8Tl+DpeCIeC4QSiHqB8UDVElv8wC/V1lRWD6urng1w7dix0W95L4g+tIg9
ZTAIoh1dPe6YEUNKB0/ePygW8pLPF6SutlKTCVcLhSJG/XCamgkwxqhlqZpwtJkKlhrKOW2qCKqq
BkDFsuns7DSZXD4zdGiDkysUb3/w4Sdvbm5u2BwEwTOENajthLl+Od4C1t8gIqLcg8XwA/sqk7Fe
142pCQy2bUlVZdq1RKzyNDoJ/EBLgeQAli59pWeOeDEiAYzYUwoisy3g/376y7/+5X9/+seq/ccM
C06afXi+vrZCu7p7pVAoilhGTeApxhMhUNSXXC4nvueF7ZVRcR1XbdtWx3aMbdu4sbgRSywNAuLx
pDeksa6qq6v7nuWPP/H/2tvb+wsF00YY8OglTHf5l2d87FMsXqnMHU1TfVVMTSC2ZWOUnqMOaLon
nYwXjFFshECNdPXlHYCebetfrDoj4hWIBDBib1Cgv6Or94LLv/C///3pz31v4Imnnk0eNWOSd/Lx
hxdGNtf5pUJRioWiYAy+50k+l9O66rSXTrq+ZVlB4HuaGeiXQqEg+WLByufykh3ot7xSyXccx3dc
q+gH+pO7/37jOa3vv6KtpaWl1N3d3U/o7/PYR4rt95qVG7Egq4palm18YxjWmJhbX53s8hQsUS15
hq07wrLc2uaxb+3P43UiigJH7A1K2J6kiC78kkjrLQ89vGzO8cdNu+D0U45OzDhskk6dlPD6c7kg
kyna8XhMa4bWWA8+tsz9wbULTan+MKmqazBDEtWmpjphKuJKYCclSNUYv9u3vUBzf/nb3y89YtZ5
v4HvWrpwoSVhJPY/g5ZJtiwiOG/Sjt+nU/FTOju7gmHDm2vrqxuOOf+Ehr/+4rZnPrZl6za/5Bvu
eXorAAvuuDGyAPeCSAAj9hYThi9aE6p3Pywy++Ff/eHvP7r9rkfPnzBuxLnHHTNt9IzDDnBHjhxB
V3cf3/ntotKqdTuWfewDF9XdfPdjiR984dKao4+e6Y5uamBobZr23ixrNm3n0UceKT34j5t/fHP7
tt9effXU5GWXUZTW1reMj+9fYe6kef689tbEjx8uJG56ZB0dGC2VjP72tmXVF5w0eZUbc8NuBZaY
eMyEAaD1zZEFuBdEfzUiXgucWbPgnnvu9stF/nXA7Jrq1MmHTDlgZjbn9T72+PKvvP3Sty/+8Ndu
8Ues/EvNjBnvbAAmxuPxEU4sFvNLpUKxWNwKLAc26t13i8ye/R8lfC0tLfaiRYuC39+9/IDHVm7/
5epNHRO6MoVqNcbqzpT4wKkHbRHLMgtuWja0KiHZmprautNnjJr3mfOOnt8yd0Vs0fzJb02f6OtI
ZAFGvBb4ixeDyGxn2rRpsmTJld3QcoOI3HDP/Y+nAV9Vi4i4914jpzTCXarahcgqKRYpFstdq1RZ
uAhaW5D/xNrWSZNabFgUdLR3T93QXTri2S29fipmBb7xe4Y2DqlY3577+SH7D908ZcKYn23Z1hZv
qIp1eDk/nMO7ct5/jovgNSQSwIjXEn/p0qWItArgTJqErFgxNzdv8iJXRKwlDTQMTVvfzhdMi4g8
2xLOpPAnTZokK1euBBFt3Qd7yr12rPABTj1k9GN2ousmU8qPxNKDe/u9et9KsK6tr27Bp0795uPP
bhJTnaw4bHzDI5+7cNZDgCxatCgSwIiINyEyt5xt8GiKphXDWPx0FftD2NvzjT21Ny/ava7ym9fd
3PTXh1ec9YFv3vjeQ+b86uLLfvSPmS88riWqAHlVRBZgxOvNzoGNThLLcog78fCORaEwRpbLCwkb
G2QIu9v8bXD3YP/6lrkLY49uyFrvGzPGn986+y1TBRMR8ZZkYdgIlNV1DF8xnIeWVTMWQKM81JdE
VWXu3LnW3IUrYm+/9JY4b/9BfNbcuZHB8hoTfaAR/zaKimUDmkDpg9ZoCfySlLu7KMzfGdldfOsb
eEJvUaK/wBGvOy3lqg0rgSDgFsMgx8K3ejVHxJueSAAjXnfmla+T+XC0TyChAC6KLMCIN5hIACNe
dyaXhc6Lh9+3ckf3nZZhRMQbRSSAEa87LeVrz2AhSCy/M88vEsCIN5RIACNedwbn9cSLoeJpOhS+
edESOOINJhLAiH8bXiz8vg3kIssv4s1BJIARrzuNZUtPYggK9bn/1FK3iDcbkQBG/NuQImIJmkmH
t+dHPsCIN5hIACP+bVe2AvsAABadSURBVPgullEkkQ0twLmRDzDiDSYSwIh/G1Yx/L51V2EAmRdZ
gBFvMJEARvzbkLLF1yQYLQeE3+BTivgPJxLAiH8bnhuWwnVZOzvEREvgiDeUqBlCxOvOPeXrOIhR
NOhBy8oXWYARbyiRBRjxunNc+VocLBWkGrS8/o0swIg3lEgAI153OsqWnnqh368HfAGVyAKMeIOJ
BDDidacFRMEyQkoN1ghIroH4G31eERGRAEb8O1AB0+/TBxRGQvd4KL7RJxUREflgIl5PBNAl0DC0
mfeJxUF9yqwhFn/Kw/L/t5nfLYpmgkS8gUQWYMTriSo4N0K/WBxb5XKxbVFX4XK5KKMWQbAiHI0Z
EfGGEAlgxOvKSrDmQ6nN57cdPlmB2BaP59YWuR5gxfMtQBdwacEub0dpWhEREfs0oiDPNDBs/UiW
t41GV4/gNwquhiIHZVfM3aqohoHhhaosDLejubcRERH7LoNCt6KZ73WNovTkUM4o79+5Aplz7bUu
YfPo6xLJ5E3A/wKzyyIY+aojIiL2TQYF8LlGTl4/nKd/V03ttdOmuSMgCdiVlZX1wPWHHH2Ezv3h
1fr9Rb/WK7753zpuyiQFvkHoJ4yWwxEREfsuP4Yhz4yOvYvdlrblJe9Pznh3q27UYt8mzRc2a7aw
VYu5x9o3ZQ85eqYCny5bglHAJCIiYp8jpqqym/B9YtKE/ZZWVVV8ETh11Pix/Q9uXZvbkOsL1nRs
1W3ZXn22bbNu1UJh4UN3ebF4fHmqsbGJcCkcBe4iIiL2Cdxp06a5umIFQAq4YMahk5/44Xfn6jNL
btQb/nCNTho/Jnvs20/21nh9uq6v3fQHRVPUIOj2cmZTodd/dMd6/6Dph3YBs8pWYLQUjnjNiL5M
Ea8HNmDrkiUlmT4dmTz5jMOnHXzp2WeeePJ555zG0CG1pR07OvRdZ5/Mto1bEr+741FxxFJVC6OI
gKoJG8YoMtg6K0EUDImIiHgTY82aNctRXTh4+/hJB0z48xeuvNR/euntWuh9Nrd59YPFVU/doauf
ul03PrtYb/vrz4JhI5vNgxtWmw25PrNqxxazJdNtnmnbZLZqvvSHB24P4onEqlRN6mAgTbQEjoiI
eJNhAa7qksHbU5uGDv3dFZd9rO+JR27T0sBz+a5tTxXWLF+sG1c/qJvXPWg2PHufrl52p+nZtlTP
PfsknX78cbpB89qmvmnXQDtVdVlfW+GQo49Q4Ic1TTWjgbo37B1GvCWJlhQRrwYB4qpaABCR/Rvr
az9x5hmnvu+SD7+3aspBEwM1ptTZ1ZO0bRvXdYzve2ICHwE8rySqgSLK++dcwdrtnZx3yQeoq61l
84ZN/qKf/tLp3tH+tG3bnw2CYC2wFci8kW844q1F5AOM2FtsnTtXOfPMgoiMTiQS7z3v3DM/9sEP
vKfpbcfMDIwxhZ6+gZgFyVS6SsEQBIGIOGLZAmqwbUeNESkU82RzBQ6beghtTz6rD23YIOP3HyeH
HXqI3PH32+0gCDzC7jF70jjBIvRFavlxr6b3oLzKx0e8SYkswIi9YVAQqoAPnvPO0z98fuvZB556
8gkmnkiVOru6XQvLduMxQNFAUVHUGIwGiBo1JpBsLkPTkAYuvOij5J0Kbv/b3yBsoCAClDClE48/
IXbf3fd8++CDD/7KU0895bP3FuCg79CUtw27vv+62/2D2wG75pYMDnLf/fhIFN8CRAIYsac4quqL
yEkzD5v43Y/+16WTTznhGBoa6vMdXZmYUWOnUikVsTUwgWVbjiqKBoEoaGA8wRjy+Sy1NZXcu/gB
Lvn0F7n30UeoSlZgAt9UpdLSM9BPTUOd//ATS60z3nb8ZnHcs7O9vSsIRce80kkCo4AR5WNXAT0v
954A/wX7dhe4RmAAKLzgvhcKZMQ+RhRRi9hTLObNw425Z33hsosnX/D2w3px4n5bR0/SsbFT6QrF
ckAsy3XjKpYtYjliOy6WZYslDo7jIGKRSlfy2z/8mRNPP4MRQ4aRM0Uqa2ss3xaq6mvozfa7hx46
3Tv5zNNGZ3t7T1qhKwJevhpk8A96HfBJ4ABgNNAA1BIKYhr4cHk7AQwhFL9aoB6oAIaXnydJKKQH
EIpkU/l4JRRFl0j89mkiH2DEHjNvHpivmkztqKl+W0dPoqdrtTP8gJnEEtXqeSWxRBHbRixXLLFQ
NagJsCTAEsH3PWwnwYaN23hi+TN88bsfJmN8jEDOK2ACFVss4/kBLoZjTjxe/nL9n2Z/7h2f+zkv
30l60DIbXMJ6wEZCcbuo/Ng1wCFAO6GgDQceAw4HniMUvDjhMLuDys/zLPAuYBJwJ5ADTiW0CBcA
HURL4n2SyAKM2GPmMQ/LmLjxis6wiTNM1ZDR2rH+CXrb1orruJpI12oskVZLbCwRbNvFdl0sy8UP
lL5MnkQywaaNGympMnnGwXQX+wgsIW98LRpfc74vJUsp4tkTp0zRuiENE2655ZYRo0eP3t1f92IM
WoEl2NlXsBFYC/wO2B+4gVD8RgFLgbcRLpMfIBTN7wPTCH2cNwATgTywmdAqPJ8wIu0TWpi8wjlF
vEmJ/tMi9hSFeWA5iNhoKSd2ulFqRk5FvSKdzz0uXZuWSynXL04iTSxZhe24BAFksnmCQIk5FrX1
tTz77GqGjBpOsrqSTD6Pbyl5ryRFDSiqpyU10pcdsOtHDwuahjeP8DxvzFlnnaW8dI/A8rRNYFfl
SAKoJPQBJoFOQhEMCC23GkILsFi+DAcuBNaXj3XY5fsLCC3FpwitxA5Cq3Hwvoh9jGgJHLGnCMzD
sr5qiSVkswUaaisJNE4+VoVoCS32M7BjPf1t66lsHIPGqvBKRZKJBPG4TU9XAawYmzZtJVlZieMk
yHpd2PEYGgRYiIgRPIyWip6Vrqv201WVSaCxWFf3cg1SB8Wxk3BpOopwubqCUAAF+C2h6Hnl6ybg
cUJLcQjQB9xLaDFahJbfovLzHgzcSGj9HUu4jO56DT/biH8zkQBG7BXFoidVVZX87abb5Z4HHuaz
V13F/mOaMdSSz9eQrHehNEAmkyWVsKiqrMD3PYwqRg2oRW/fAInKCvJeiZxXIGFVYAKjlmWhakQc
y2QyBXFqq0hUVhigKtvd7fDyvrZBS2x1+QKheAW7bbeVt7uAdYS/g3x532+AZ17wnIMW4J2EIhoD
7ivvc8vPHQVD9kEiAYzYK+JxV/r6+jjt1Nna1t7OdT//BWP2G8uhh07l8MNngOVSKljErRSOHYqe
CTxsWxAB0RLDm4ew+K7FBK5N4AjdvT1YImKJGBXwPV+cVEL7S7mgc0d7DCg9ceedDi+93BRgMuGy
1AVGEgYwvN2O2V0ITfnaLz82Qyh+w8uP6SC0AqcB28sXQ+hfHDyPweeOgiD7IJEPMGJPEYBSyZeK
dIob/nKzZLMZPnbpp6ipqeXrX/8Wp535Ln78ox8jBBSyfQSBjwkCMIrnlYjH43R3tHHRu1vxtrfz
2f+6FFORIDakmlRTvSaG1kpiaC2J5np6Szn/6x/9TPLZJU8udRKJFStXrkzz0gIYAy4g9PU1AO8o
7zsZaC6f+7GEAndR+WKA49jVaGF6ef84QkFLA18ATiAUygOBo8rH1hMGUIYRid8+SZQIHbGnxFS1
lE4m//cft/7h4xPHjyvM/cp3EmvXbeKcd57JtCNm0r5tK7FYnCOPOpq+vn6SiRiWBUEQYDRAgwCv
WCCRcFizZi2f+NTn2ZzJMPHYGYw6YLwmUinJ9vXrc8ufMc/e94jp3LR1GXAt8AShFdbO86062JWU
/EPCAEZVef8yQjHrBLLAiYTL3OmEllzn/2/vzGPsquo4/jn3vm3mzdbpTAcoTFdAQEJZC1TG6YIV
BBqRssgfEDCGxT+MiWAMsWI0RiFq1KhAhBhDNAVB9iUtLSBLgBYqTFk6lLZAy3SZ6cy8Zd6795yf
f/zudV5rQadsM3i/yc1779xz7z3p9H7zW78Hje1tRuOErcB04C7gGZT4Tonm/QO4Mrp/P3Bo9Alw
Cxo/hIQMJwwSFzjBWGGMMTQ01BtnQ/INdXLjz37IK6+8zp9vv5N77nuQ9vYpLP3aV0ECrK1irUEc
OOcQsdgwxPMNxUKR6dMO5v57/sSDDzzK46ufYvPfH5LhYomWprydPWVyat2O/te9dPp3Lgj60Fhc
mX0TTJwAqaA1fHngLLR273rgCvT/+6PATLSkZQi1DleiCZOuaN6FaEG0oFbk22jtYBUtm3kYLaau
AL+OrjkE2M2+u0oSjFMkBJhgrBARoaEhbzBCpTJi+rYPMHNmJzf8fBk7dvTz8KOrCColrA2iwwcD
zllE9HA2xPOgWCwQhlXOPvt0liw5nTAMTDWomPpsSnb1D8qTa9fvfrN3Ux+asOjng0URDJq9fRW1
5Hqi636E1vltAOahxDaIuq6r0RjfajRpci3QjGaLm1Fr71fAF4AvRvedCjwbjV2HxhzfQN3ihPwm
EBICTDBWGADPM4gTjBHJZdNUSiWCUoV0JsVll15EdSRg9+5BbckIK+CZyAJ04CziLM6F+J4B32fb
1m1YG+KnPAmqFZNLe7J9e7+plKtFlNQqjPbjvp+LGQC3oZZaH/DXaP56YGs0XkTd3QJKcEPAS6hb
XULJs4Bac2l0e84sWiRdBOYDf0HJ+Gi0LGZTtL4kpDTBkBBggrFCjDE0NzcagyOojuAhbHh3I32D
uzj1iBN5s3cD2UyOTCaD1bo+8MA51TFQ8rOIC7HWYnDU53PYMEScM0YsuWxG6vI50plUCXh30qRJ
/sDAQIn/XnBc3MdYb833nugzjVqBPkpg8dg7jG6+FJe2VKPPNagVORSdv5U96wCT2N8EQ0KACcYK
3drN+JrVdQHpIM219/+UZ19cy4s/eISDZnRQKQU4W8VZh8MDkT0JUCwiDiNWawODEBGHlgA6Y10U
K/QYAQqTJ0/ODgwM/C/dFnuXo/jR2Amo+1tGY3gbo/O194wTK7UdJaDxwY7o/CuMxvl2sWeNYYIJ
hoQAE4wVkZsnnsOCdQRemavnXsziQ06jeVIdI8UiYAgDD7GiaqQOnERKVpErrCIJTl1j4gSJM04s
Bh9xIsZ4IgLdZqrt3cOQe1/sbYX5qAW3CO34MMC3gN+jbW3Poy7uZrQT5EDUNX4BTaLEbW8LUIux
l1FNQkNCfhMaCQEmGCsEwHjGOOfwjTG7Rwos/PzJnHFsF4VqCRsGGOOBEazTUlMxDgQEAZGIAAVx
VsnPWZy1+ClPEDGlkZKAw/O8qjHA8Y8b1uz/etGY3fGoBfgk2gZ3BCqL1Y+KGrSi0levAWeicb1j
UWvvLZQIA0atzMTlneBICqETjBWaBDGAWArFImnPZ7g8xNadWwmqVUBwEkIY4qJkhxM9xIX624U4
F/w7IyxiMUYYKZVNuVymo22SJzhamptnybpHc6zBiexXkiG+pgGN3/0ReAw4CS1vaUNd4kvR+N+b
aP1fAxobjLPFDaisliFJdnxmkBBggrFCAJw4k/INvb0beWHdy6SMoaWxQTyE6kgZFwY4sZrxtSFi
1cJzNia/0UywQQiDgFKpLI2NdUxpa5JHVj6T/smNt1Uvu+S8U8pTD7wEsNCT3o/1xi5qD5rJHWBU
VbqKZod3opbhTjQ2aICnUSvQAfegAgjrot+J5fcZQeICJxgr1Prxfc+J0NBQJ+tf38jTz62VzkMO
YkrbZKmvrzNhaCW0oRExag2KKGuI4HCqZyVCGAZUqgH5uiytLXmz5sUe+du9qw1+Vq684nK3sHuu
2bpt53H66PL+EE9MgA/UrH8IjQG2oaR3KmoVbgBerrn2NUazyj18shhLb/FH2Yf8aT33U0FCgAn2
CxnPhGFQwVnfy+cyIs6aN97YyNtvb6WpsYHp06aaXDaDtQbfswgWJwacw/cNQWCpVKpkc2k62lt4
a9MWfnPTCvp2DnPO2V+SMxd3Gc/DFIpll0r7EYnVfRjXM87WSs3vXeg70IO2zI3UzPNRqzD2kuKX
/ZNQfalVthZGs85xeQ7ROuK1xF0wJpoXCzXE45bRXfLiGGa8l0k6ukbQvum45Ce+LlbfqT089kwA
7f3sWpGJcU2QCQEmGCsMgLOSz9dl7KSW5vDNjVuyoQ2ksTEvBsyOnbtMJpuRmdMONM6GeGKxWIyn
726hUCaV9umY0kJf3w7+sPwBefnVLXR3z5PvXbPYNDbVm/6BISvOhU1NDTkJ7Ep99H5ZgDH2ztbG
u76FjPbw1s6Lz38aL7CgMcc421xbnrM3AXtAfc3cmHg8VBSiFI3HhBmTaUxktT3V1ZrnxqS5d2dL
I1qQDio2W9uZY2rmTwh5sA8Sl0yQYF/wRJa57177cJuInL144Vx36KzOYHBg2B/YPaQ1z75nWlua
aMznCJzBMw4PMZVKlSCo0D65BWdD7rp3JbffsYKOgw423/n2N0z3aSeYYqksQ8PFajabqU5pa20Y
Gh6+qfPwrhtWLVuWmjH/4o+rzWy8JDZi66kbWIJ2p3jo3iTDaBJmBirxn0Nd+elorHII7Ud+D+1b
XozGLdtRkmtFO1e2oK5/K0p0J6EkJmipz2FoF81BaHb8GJRgD0dFIQpon/W50fhmVBTiADSccBia
LT8sum+sszguMR7+6AkmHmLL6PIFXcf9+KrLzzuga96cYHCoZDdv2Zba8u72VNvkFg6dMZWqy4Cr
4mwgzc2NkvIxK1Y/x0Mrn+fgQzrlwqVncdSRh7rB3YNhoVg2+Xy9l8tl02EQSijhL4JNb1y3ielh
d/d8a8z4dqc+AsQbuS9BSa8fJcEUWrYjqAWWQpM3d6BF2ueg5DMZTeL4KFFuRkt9htDkT+zWtqHE
2oeq5tjouukouZWjOf+M7rMTJcSh6Hs/2hJ4azT2lWj9Q6j4xPpo/nvRGmu7asYVEgJMsL9IiSwP
jTl/VntbyzWnLzjxwgvOXdR09Odmk8ulRwaHi4RB6FfCtF+f88LGfJrnX3rdu/Pux1w21yRfv2iJ
OeXkYyiXRlKFQtlrbMyTzqQpFooVjHnMM96NB0yf+5gsX+6b88//fyo2rkOLtjtQ+a8TUQWbb6L1
i7EYaxZN7CxAJbtuRi2/U1FiOj76/QS6B0of2sVydXTfXSjh3Qx8HyW7HlQLcRvaEz0TVco5AiXX
QdQSXBGdexY4DiXFLEp+a1GirUP7qR9nHHfLJASY4MPAF1lljZkPcFR9LnPVgq4TzuiaN2facXMO
9w7saKGxqaOyecuW7N33raj07aoWLrrgnLpFi+Z5nogMDhVCG9qKEzvoHBsFecpJ5f5psxesAfg/
JD/QRMRhqCW2DlWgaUJJy6JJC1CLqhdVwG6Jvk+K5h6LEk8bo0KvJzO618nJ0f3ijHg7WhDeimoe
noSSZSw/1hHdpx7NjC9CSTJuJzwN7ZwJULe3K1rXL1E3PLEAE3xm4S9dupTly5dbYwyoVNSXZ02f
unDO0bPmdE7r7Hzi6bUvrFm7/rflod53cynXuualnrTvZaS5OV/K1Wd3eaF754BZ87bHNxQRs3r1
an/+/PmJtNRHg8NRa6yPjz+x0466xy+jZPlZD1skSACom5MREURWxWOdqGZeg6xa9b4XioDIqlRP
z/KMyKqkMmG0zCT+7tWM1R6152G0TMavmV/b7ODt46gd9/nPZ+1rDR/0fUIhsQATfNTwgPTs2bPZ
sOGWCut3wJE9njHXp0ReEHqbzfrqi6iH1MORR7Y76LbGmMRS+PgQv+efxL9xrZTYuP+b/gsqX8lf
PaJdTwAAAABJRU5ErkJggg==
--485b390f7b54a66ee804bb4a01c0--

From phil.hunt@oracle.com  Thu Mar 15 09:21:58 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E03421F877A for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 09:21:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.171
X-Spam-Level: 
X-Spam-Status: No, score=-10.171 tagged_above=-999 required=5 tests=[AWL=0.112, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dFetnn1OjwxT for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 09:21:56 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 20A6E21F879F for <scim@ietf.org>; Thu, 15 Mar 2012 09:21:56 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2FGLrDR011659 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 16:21:54 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2FGLqCv012281 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Mar 2012 16:21:53 GMT
Received: from abhmt118.oracle.com (abhmt118.oracle.com [141.146.116.70]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2FGLqt9031708; Thu, 15 Mar 2012 11:21:52 -0500
Received: from [192.168.1.8] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 15 Mar 2012 09:21:51 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_F64FFF05-E2E8-4369-813B-55BA89BC42DA"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <CAA3wLqVi3QPcg8M8jtEwEZ2G2a=0ZD3-Lb3PojBvcC1wPsCvFA@mail.gmail.com>
Date: Thu, 15 Mar 2012 09:21:55 -0700
Message-Id: <D17C4C39-E758-4C37-859D-FF94DD182A1D@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <4F611BA2.3050201@stpeter.im> <B289E824-5226-4986-925C-433E382DE57A@oracle.com> <CAA3wLqVi3QPcg8M8jtEwEZ2G2a=0ZD3-Lb3PojBvcC1wPsCvFA@mail.gmail.com>
To: Michael Hammer <mphmmr@gmail.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
X-CT-RefId: str=0001.0A090203.4F621722.00A6,ss=1,re=-2.300,fgs=0
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 16:21:58 -0000

--Apple-Mail=_F64FFF05-E2E8-4369-813B-55BA89BC42DA
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

Mike,

Thanks.

I didn't comment on trust because I did not see any additional scope =
requirements that aren't already being discussed (e.g. support for =
OAuth).

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-15, at 8:47 AM, Michael Hammer wrote:

> Phil,
>=20
> Great information.  However, I was looking through this for one =
specific word and unless I missed it, did not see it.
> Namely, where is the discussion of the trust model? =20
>=20
> It is easy to get lost in the weeds of pushing data around in various =
formats, but if the result does not provide an adequate chain of trust, =
then it could all be a house of cards.  Although i will not be in Paris, =
it would be good if somewhere an explanation of how trust is maintained =
could be included.
>=20
> Mike
>=20
>=20
> On Wed, Mar 14, 2012 at 7:45 PM, Phil Hunt <phil.hunt@oracle.com> =
wrote:
> Cross posting as requested...
>=20
> SCIM - What Should A New SCIM WG Address?
> In my last blog post, I mentioned that SCIM 1.0 defines as a simple =
provisioning API for cloud application service providers. SCIM is =
architecturally oriented as a connector API specification in a hub and =
spoke architecture typically with an enterprise provisioning system at =
the hub and a cloud application service provider being a spoke. Other =
variations could include provisioning for on-premsise SaaS applications =
as well as directory synchronization. For each cloud application, the =
enterprise IDM hub should be able to just invoke the SCIM RESTful API of =
a target application's SCIM provisioning end-point.
> <Provisioning-Simple.png>
>=20
> But is SCIM about to repeat much of the history of SPML? Has it =
corrected some miss-steps? Yes, definitely. Is that enough? Let's look =
at some of the historical issues that will be of relevance to the =
evolution of SCIM. Just to be clear, my comments are not to suggest that =
SCIM adopt SPML features. My comments are intended so that SCIM learn =
from SPML's history.
>=20
> The Value Problem
>=20
> SPML 1 was very much like SCIM 1.0 is now. A simple API that supported =
basic CRUD operations. When SPML 1 was developed, the proposed value =
proposition was that provisioning would be made easier if applications =
would adopt a standard IDM protocol, then provisioning of enterprise =
applications would become easier. The value to application developers =
was that simpler, standardized management API would not be specific to =
individual IDM vendors and could inter-operate with any IDM provisioning =
product.
>=20
> =46rom the enterprise perspective SPML 1 made a lot of sense since it =
would make all applications provision the same way. They could pick and =
choose the IDM product they wanted to use. More importantly, enterprises =
would not have to pay for custom coding when attempting to provision to =
proprietary APIs of applications.
>=20
> SPML 1 was somewhat successful, but before it could be broadly =
adopted, several new requirements emerged and SPML 2 was defined (though =
SPML 1 remains dominant).  SPML 2 introduced many new features such as
> 	=95 the clean separation of payload from protocol;=20
> 	=95 the introduction of new common IDM operations (e.g. password =
operations);
> 	=95 a formalized DSML/XSD profile;
> 	=95 targeting - the ability to provision accounts through a =
gateway; and,
> 	=95 an extension mechanism for registering capabilities so that =
contributed capabilities could be made inter-operable.
> Yet application vendors wanted more: they wanted standard schema =
conventions, they wanted a standard that enabled them not to have to =
introduce individual IDM vendor dependencies. If they could write one =
SPML provider once and be done with it, their costs would go down.
>=20
> Many idM vendors were concerned that SPMLv2 had gone too far. In the =
end, it was either perceived complexity or the basic value proposition =
was not enough for SPML to succeed.
>=20
> Has SCIM moved the ball forwards? On one important point, the answer =
is yes. SCIM has put forward a well defined schema with clear definition =
of attributes and their use or meaning. The RESTful style of SCIM keeps =
schema cleanly separated.
>=20
> The Information Semantics Fidelity Trade-off
>=20
> IDM Provisioning product developers have always faced an engineering =
trade-off. Would a standardized provisioning protocol/API lower =
development costs? Each application is unique, therefore each unique =
application APIs often has highly specific semantics and contextual =
meanings. While saving money initially by using a standardized SCIM or =
SPML API, does this mean a loss of "fidelity" or functionality? Do =
different systems treat the notion of person or user in the same way? =
What does delete person mean? In translating information semantics, is =
mapping intelligence in the hub or in the spoke or somewhere in-between? =
The engineering question is: should the provisioning system understand =
the true nature of the application, or should the application understand =
provisioning systems and behave like an identity store? In my =
experience, there's no clear answer. It depends on the nature of the =
application.
>=20
> Does SCIM help in this regard? That is yet to be determined. The SCIM =
community will need to discuss issues like how to handle high level IDM =
operations like suspend vs. delete, password resets, federation and =
other deeply IDM specific issues and how they are operationally mated =
with a diverse application services API community.
>=20
> The Gateway Problem
>=20
> <Gateway-provisioning.png>
> Corporations that are organized into divisions often end up with =
different independent IT organizations and outsourced providers -- =
especially after corporate re-organizations, acquisitions, and =
divestitures. In these cases, single-hub provisioning systems often =
become unpractical. While some may view this as rare situation, the =
whole idea of a cloud based apps hosted externally makes this situation =
de rigueur.
>=20
> In these cases a key provisioning architecture element is the ability =
to support provisioning gateways and hub-to-hub provisioning. Gateways =
(or proxies) serve a dual purpose of both firewalling direct access to =
internal services and they serve to greatly simplify network complexity =
for inter-organization communication. As well as solving basic =
firewalling issues, gateways can also support mapping functions changing =
from a standardized provisioning protocol like SCIM into application =
specific connector protocols like CRM OnDemand who may or may not have =
built support for a protocol such as SCIM.
>=20
> Since a gateway acts as a "proxy" to other connected SaaS services, =
SCIM needs the ability route or "target" operations to specific =
application end-points. SPML 2.0 and now RESTpml/SIMPLEST supports =
targeting. Targeting enables a provisioning "hub" to indicate to a =
provisioning "gateway" that particular person requires an account in a =
particular target system. In the diagram above, Alice, employee 1234 is =
to be provisioned into the "Finance" application.
>=20
> SCIM with routing/targeting becomes a critical communication protocol =
for hub-to-hub and hub-to-gateway provisioning. Unlike SPML =
implementation of the past, inter-operability becomes a key requirement =
because in the world of cloud provisioning it is more likely that =
gateway and hub implementations will come from different provisioning =
product developers.
>=20
> The Cloud Does Change Everything
>=20
> SPML was built for a world where everything occurred inside an =
enterprise. But the requirements for cloud identity management are =
substantially different. Cloud based provisioning architecture must take =
into account:
> 	=95 Performance and Scalability =96 A lightweight HTTP protocol =
such as with REST/JSON is a cornerstone requirement when provision cloud =
environments with 100s of millions of users.
> 	=95 Firewall requirements =96 securely connecting directly to =
application APIs (standardized or not) will likely require some special =
sauce. It's not reasonable to expect all application end-points to be =
able to support this in the cloud.
> 	=95 Cloud Providers are often "hubs" themselves =96 since cloud =
providers offer more than one application service, cloud providers may =
behave more like "hubs" than spokes.
> 	=95 Cloud Providers With Value-Added Data =96 some cloud =
providers may have provisioning and identity management systems of their =
own. This suggests that cloud hubs may need to flow back to the =
enterprise.
> 	=95 Entitlement Reporting =96 A big requirement for provisioning =
these days with SOX is the need for entitlement reporting. Further, when =
you are paying an external cloud provider for services rendered, you =
want to make sure you are paying for the correct employees to use cloud =
services. A key component of provisioning systems need to report back =
available rights of all users from all applications, especially through =
cloud "hubs".
> 	=95 Inter-operability =96 no longer can we assume hubs and =
gateways are provided by a single vendor. Cloud-based provisioning will =
almost always be multi-vendor based.
> What Should The New SCIM WG Address?
>=20
> The main success of SCIM has been a standardized schema. It defines =
the attributes and says what each means -- something that application =
vendors always wanted. This is goodness. Yet, there are some gaps when =
you start to consider the overall provisioning system that will emerge =
from SCIM's adoption.
>=20
> A couple of scope items that the future IETF SCIM WG should be =
considering:
>=20
> 	=95 Routing or targeting =96 SCIM needs to have a way to handle =
updates through gateways and hub-to-hub relationships for supporting =
multi-service cloud providers.
> 	=95 Persons as distinct from Users =96 Currently SCIM combines =
these entities together in a simple form. The reality is that in the =
hub, persons hold multiple user accounts. Is a change needed to SCIM =
schema to support managing the relationships between persons and their =
user accounts? This may not need change, but wider discussion is needed.
> 	=95 Peer relationships =96 Cloud providers with hubs may need to =
be able to flow updates back to client hubs.
> 	=95 Reporting =96 attestation is a key component of =
provisioning. Not only will clients want to be able to reconcile what =
cloud providers are charging for, but clients also still have =
requirements driven by Sarbanes-Oxley. SPML's approach was burdensome. =
Could SCIM support the ability for a client "hub" to get the information =
it needs to accomplish this in a lightweight way in the spirit of SCIM?
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> On 2012-03-14, at 3:28 PM, Peter Saint-Andre wrote:
>=20
>> <hat type=3D'AD'/>
>>=20
>> On 3/14/12 3:44 PM, Phil Hunt wrote:
>>> In previous emails, I promised more thoughts on the =
Gateway/targeting
>>> issue. In order to support the scope discussion, I put a bunch of
>>> thoughts together on areas the WG might consider on my blog at:=20
>>> =
http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.=
html
>>=20
>> Hi Phil,
>>=20
>> I really do hate to be a stickler, but I don't think that the IETF =
can
>> consider your blog post to be an "IETF Contribution" in accordance =
with
>> the Note Well rules <http://www.ietf.org/about/note-well.html> -- I
>> realize that you put time and energy into those nice graphics, but =
could
>> we trouble you to at least post the text of your comments to this
>> mailing list? It really is for your own good. :)
>>=20
>> Thanks!
>>=20
>> Peter
>>=20
>> --=20
>> Peter Saint-Andre
>> https://stpeter.im/
>>=20
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_F64FFF05-E2E8-4369-813B-55BA89BC42DA
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><div>Mike,</div><div><br></div><div>Thanks.</div><div><br></div><div>I =
didn't comment on trust because I did not see any additional scope =
requirements that aren't already being discussed (e.g. support for =
OAuth).</div><div><br></div><div><span class=3D"Apple-style-span" =
style=3D"font-size: 12px; ">Phil</span></div><div><div><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: =
normal; font-weight: normal; letter-spacing: normal; line-height: =
normal; orphans: 2; text-align: auto; text-indent: 0px; text-transform: =
none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><br></div><div>@independentid</div><div><a =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2012-03-15, at 8:47 AM, Michael Hammer wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite">Phil,<div><br></div><div>Great information. &nbsp;However, =
I was looking through this for one specific word and unless I missed it, =
did not see it.</div><div>Namely, where is the discussion of the trust =
model? &nbsp;</div><div><br></div>
<div>It is easy to get lost in the weeds of pushing data around in =
various formats, but if the result does not provide an adequate chain of =
trust, then it could all be a house of cards. &nbsp;Although i will not =
be in Paris, it would be good if somewhere an explanation of how trust =
is maintained could be included.<br>
</div><div><br></div><div>Mike</div><div><br><br><div =
class=3D"gmail_quote">On Wed, Mar 14, 2012 at 7:45 PM, Phil Hunt <span =
dir=3D"ltr">&lt;<a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a>&gt;</span> =
wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 =
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div =
style=3D"word-wrap:break-word"><div>Cross posting as =
requested...</div><div><div><br></div><div>SCIM - What Should A New SCIM =
WG Address?<br>
In my last blog post, I mentioned that&nbsp;SCIM 1.0&nbsp;defines as a =
simple provisioning API for cloud&nbsp;application service providers. =
SCIM is architecturally oriented as a connector API =
specification&nbsp;in a hub and spoke architecture typically with an =
enterprise provisioning system at the hub&nbsp;and a cloud application =
service provider being a spoke. Other variations could =
include&nbsp;provisioning for on-premsise SaaS applications as well as =
directory synchronization. For each&nbsp;cloud application, the =
enterprise IDM hub should be able to just invoke the SCIM RESTful =
API&nbsp;of a target application's SCIM provisioning end-point.<br>
<span>&lt;Provisioning-Simple.png&gt;</span><br><br>But is SCIM about to =
repeat much of the history of SPML? Has it corrected some =
miss-steps?&nbsp;Yes, definitely. Is that enough? Let's look at some of =
the historical issues that will be of&nbsp;relevance to the evolution of =
SCIM. Just to be clear, my comments are&nbsp;not&nbsp;to suggest =
that&nbsp;SCIM adopt SPML features. My comments are intended so that =
SCIM learn from SPML's history.<br>
<br>The Value Problem<br><br>SPML 1 was very much like SCIM 1.0 is now. =
A simple API that supported basic CRUD&nbsp;operations. When SPML 1 was =
developed, the proposed value proposition was that&nbsp;provisioning =
would be made easier if applications would adopt a standard IDM =
protocol, then&nbsp;provisioning of enterprise applications would become =
easier. The value to application&nbsp;developers was that simpler, =
standardized management API would not be specific to&nbsp;individual IDM =
vendors and could inter-operate with any IDM provisioning product.<br>
<br>=46rom the enterprise perspective SPML 1 made a lot of sense since =
it would make all&nbsp;applications provision the same way. They could =
pick and choose the IDM product they&nbsp;wanted to use. More =
importantly, enterprises would not have to pay for custom coding =
when&nbsp;attempting to provision to proprietary APIs of =
applications.<br>
<br>SPML 1 was somewhat successful, but before it could be broadly =
adopted, several new&nbsp;requirements emerged and SPML 2 was defined =
(though SPML 1 remains dominant). &nbsp;SPML 2&nbsp;introduced many new =
features such as<br><div><span style=3D"white-space:pre-wrap">	</span>=95=
 the clean separation of payload from protocol;&nbsp;<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 the =
introduction of new common IDM operations (e.g. password =
operations);<br></div><div><span style=3D"white-space:pre-wrap">	=
</span>=95 a formalized DSML/XSD profile;<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 =
targeting - the ability to provision accounts through a gateway; =
and,<br></div><div><span style=3D"white-space:pre-wrap">	</span>=95=
 an extension mechanism for registering capabilities so that =
contributed&nbsp;capabilities could be made inter-operable.<br>
</div>Yet application vendors wanted more: they wanted standard schema =
conventions, they&nbsp;wanted a standard that enabled them not to have =
to introduce individual IDM vendor&nbsp;dependencies. If they could =
write one SPML provider once and be done with it, their costs&nbsp;would =
go down.<br>
<br>Many idM vendors were concerned that SPMLv2 had gone too far. In the =
end, it was either&nbsp;perceived complexity or the basic value =
proposition was not enough for SPML to succeed.<br><br>Has SCIM moved =
the ball forwards? On one important point, the answer is yes. SCIM has =
put&nbsp;forward a well defined schema with clear definition of =
attributes and their use or meaning.&nbsp;The RESTful style of SCIM =
keeps schema cleanly separated.<br>
<br>The Information Semantics Fidelity Trade-off<br><br>IDM Provisioning =
product developers have always faced an engineering trade-off. Would =
a&nbsp;standardized provisioning protocol/API lower development costs? =
Each application is unique,&nbsp;therefore each unique application APIs =
often has highly specific semantics and contextual&nbsp;meanings. While =
saving money initially by using a standardized SCIM or SPML API, does =
this&nbsp;mean a loss of "fidelity" or functionality? Do different =
systems treat the notion of person or&nbsp;user in the same way? What =
does delete person mean? In translating information semantics,&nbsp;is =
mapping intelligence in the hub or in the spoke or somewhere in-between? =
The&nbsp;engineering question is: should the provisioning system =
understand the true nature of the&nbsp;application, or should the =
application understand provisioning systems and behave like =
an&nbsp;identity store? In my experience, there's no clear answer. It =
depends on the nature of the&nbsp;application.<br>
<br>Does SCIM help in this regard? That is yet to be determined. The =
SCIM community will need&nbsp;to discuss issues like how to handle high =
level IDM operations like suspend vs. delete,&nbsp;password resets, =
federation and other deeply IDM specific issues and how they =
are&nbsp;operationally mated with a diverse application services API =
community.<br>
<br>The Gateway =
Problem<br><br><span>&lt;Gateway-provisioning.png&gt;</span></div><div>Cor=
porations that are organized into&nbsp;divisions often end up with =
different&nbsp;independent IT organizations and&nbsp;outsourced =
providers -- especially after&nbsp;corporate re-organizations, =
acquisitions,&nbsp;and divestitures. In these cases, single-hub =
provisioning systems often become&nbsp;unpractical. While some may view =
this as&nbsp;rare situation, the whole idea of a cloud&nbsp;based apps =
hosted externally makes this&nbsp;situation de rigueur.<br>
<br>In these cases a key provisioning&nbsp;architecture element is the =
ability to&nbsp;support provisioning gateways and hub-to-hub =
provisioning. Gateways (or&nbsp;proxies) serve a dual purpose of =
both&nbsp;firewalling direct access to internal&nbsp;services and they =
serve to greatly simplify&nbsp;network complexity for inter-organization =
communication. As well as solving basic firewalling issues, gateways can =
also&nbsp;support mapping functions changing from a standardized =
provisioning protocol like SCIM into&nbsp;application specific connector =
protocols like CRM OnDemand who may or may not have built&nbsp;support =
for a protocol such as SCIM.<br>
<br>Since a gateway acts as a "proxy" to other connected SaaS services, =
SCIM needs the ability&nbsp;route or "target" operations to specific =
application end-points. SPML 2.0 and now&nbsp;RESTpml/SIMPLEST supports =
targeting. Targeting enables a provisioning "hub" to indicate to&nbsp;a =
provisioning "gateway" that particular person requires an account in a =
particular target&nbsp;system. In the diagram above, Alice, employee =
1234 is to be provisioned into the "Finance"&nbsp;application.<br>
<br>SCIM with routing/targeting becomes a critical communication =
protocol for hub-to-hub and&nbsp;hub-to-gateway provisioning. Unlike =
SPML implementation of the past, inter-operability&nbsp;becomes a key =
requirement because in the world of cloud provisioning it is more likely =
that&nbsp;gateway and hub implementations will come from different =
provisioning product developers.<br>
<br>The Cloud Does Change Everything<br><br>SPML was built for a world =
where everything occurred inside an enterprise. But =
the&nbsp;requirements for cloud identity management are substantially =
different. Cloud based&nbsp;provisioning architecture must take into =
account:<br>
<div><span style=3D"white-space:pre-wrap">	</span>=95 Performance =
and Scalability =96 A lightweight HTTP protocol such as =
with&nbsp;REST/JSON is a cornerstone requirement when provision cloud =
environments with&nbsp;100s of millions of users.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 =
Firewall requirements =96 securely connecting directly to application =
APIs&nbsp;(standardized or not) will likely require some special sauce. =
It's not reasonable to&nbsp;expect&nbsp;all&nbsp;application end-points =
to be able to support this in the cloud.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Cloud =
Providers are often "hubs" themselves =96 since cloud providers offer =
more&nbsp;than one application service, cloud providers may behave more =
like "hubs" than&nbsp;spokes.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Cloud =
Providers With Value-Added Data =96 some cloud providers may =
have&nbsp;provisioning and identity management systems of their own. =
This suggests that&nbsp;cloud hubs may need to flow back to the =
enterprise.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 =
Entitlement Reporting =96 A big requirement for provisioning these days =
with SOX is&nbsp;the need for entitlement reporting. Further, when you =
are paying an external&nbsp;cloud provider for services rendered, you =
want to make sure you are paying for&nbsp;the correct employees to use =
cloud services. A key component of provisioning&nbsp;systems need to =
report back available rights of all users from all =
applications,&nbsp;especially through cloud "hubs".<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 =
Inter-operability =96 no longer can we assume hubs and gateways are =
provided by a&nbsp;single vendor. Cloud-based provisioning will almost =
always be multi-vendor based.<br>
</div>What Should The New SCIM WG Address?<br><br>The main success of =
SCIM has been a standardized schema. It defines the attributes and =
says&nbsp;what each means -- something that application vendors always =
wanted. This is goodness.&nbsp;Yet, there are some gaps when you start =
to consider the overall provisioning system that will&nbsp;emerge from =
SCIM's adoption.<br>
<br>A couple of scope items that the future IETF SCIM WG should be =
considering:<br><br><div><span style=3D"white-space:pre-wrap">	</span>=95=
 Routing or targeting =96 SCIM needs to have a way to handle updates =
through&nbsp;gateways and hub-to-hub relationships for supporting =
multi-service cloud&nbsp;providers.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 =
Persons as distinct from Users =96 Currently SCIM combines these =
entities together in&nbsp;a simple form. The reality is that in the hub, =
persons hold multiple user accounts.&nbsp;Is a change needed to SCIM =
schema to support managing the relationships&nbsp;between persons and =
their user accounts? This may not need change, but wider&nbsp;discussion =
is needed.<br>
</div><div><span style=3D"white-space:pre-wrap">	</span>=95 Peer =
relationships =96 Cloud providers with hubs may need to be able to =
flow&nbsp;updates back to client hubs.<br></div><div><span =
style=3D"white-space:pre-wrap">	</span>=95 Reporting =96 attestation is =
a key component of provisioning. Not only will clients&nbsp;want to be =
able to reconcile what cloud providers are charging for, but =
clients&nbsp;also still have requirements driven by Sarbanes-Oxley. =
SPML's approach was&nbsp;burdensome. Could SCIM support the ability for =
a client "hub" to get the&nbsp;information it needs to accomplish this =
in a lightweight way in the spirit of SCIM?<br>
</div><br></div><div><div>Phil<br><br>@independentid<br><a =
href=3D"http://www.independentid.com/" =
target=3D"_blank">www.independentid.com</a><br><a =
href=3D"mailto:phil.hunt@oracle.com" =
target=3D"_blank">phil.hunt@oracle.com</a><br>
<br><br><br><br></div><div><div class=3D"h5"><br><div><div>On =
2012-03-14, at 3:28 PM, Peter Saint-Andre wrote:</div><br><blockquote =
type=3D"cite"><div>&lt;hat type=3D'AD'/&gt;<br><br>On 3/14/12 3:44 PM, =
Phil Hunt wrote:<br>
<blockquote type=3D"cite">In previous emails, I promised more thoughts =
on the Gateway/targeting<br></blockquote><blockquote type=3D"cite">issue. =
In order to support the scope discussion, I put a bunch =
of<br></blockquote><blockquote type=3D"cite">
thoughts together on areas the WG might consider on my blog at: =
<br></blockquote><blockquote type=3D"cite"><a =
href=3D"http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-=
address.html" =
target=3D"_blank">http://www.independentid.com/2012/03/scim-what-should-ne=
w-scim-wg-address.html</a><br>
</blockquote><br>Hi Phil,<br><br>I really do hate to be a stickler, but =
I don't think that the IETF can<br>consider your blog post to be an =
"IETF Contribution" in accordance with<br>the Note Well rules &lt;<a =
href=3D"http://www.ietf.org/about/note-well.html" =
target=3D"_blank">http://www.ietf.org/about/note-well.html</a>&gt; -- =
I<br>
realize that you put time and energy into those nice graphics, but =
could<br>we trouble you to at least post the text of your comments to =
this<br>mailing list? It really is for your own good. =
:)<br><br>Thanks!<br><br>Peter<br>
<br>-- <br>Peter Saint-Andre<br><a href=3D"https://stpeter.im/" =
target=3D"_blank">https://stpeter.im/</a><br><br><br>_____________________=
__________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" =
target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim</a><br></div>=
</blockquote></div><br></div></div></div></div></div><br>_________________=
______________________________<br>

scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" =
target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim</a><br>
<br></blockquote></div><br></div>
_______________________________________________<br>scim mailing =
list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></div></body></html>=

--Apple-Mail=_F64FFF05-E2E8-4369-813B-55BA89BC42DA--

From stpeter@stpeter.im  Thu Mar 15 10:03:37 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4233F21F87D4 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 10:03:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.703
X-Spam-Level: 
X-Spam-Status: No, score=-102.703 tagged_above=-999 required=5 tests=[AWL=-0.104, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id laZTmLW0P0+5 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 10:03:36 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 9AE4621F87D3 for <scim@ietf.org>; Thu, 15 Mar 2012 10:03:36 -0700 (PDT)
Received: from dhcp-64-101-72-185.cisco.com (unknown [64.101.72.185]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 8AC1540058; Thu, 15 Mar 2012 11:16:01 -0600 (MDT)
Message-ID: <4F6220E6.8080809@stpeter.im>
Date: Thu, 15 Mar 2012 11:03:34 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <4F612433.5060503@stpeter.im> <612C3B6B-4098-4951-ACD6-BEA30B492F52@unboundid.com> <4F612668.4000403@stpeter.im> <93C6FB63F046384C86EC8F7F3FFEC7BEE62E89@XMB-RCD-313.cisco.com> <2C17AE04-0F43-4A23-A8A2-3EE4D297FA2A@oracle.com> <4F61328C.9090202@stpeter.im>
In-Reply-To: <4F61328C.9090202@stpeter.im>
X-Enigmail-Version: 1.3.5
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>, Trey Drake <trey.drake@unboundid.com>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Internet-Drafts
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 17:03:37 -0000

On 3/14/12 6:06 PM, Peter Saint-Andre wrote:
> On 3/14/12 6:02 PM, Phil Hunt wrote:
>> It needs to be officially submitted. Yesterday if possible.  
> 
> As noted, the submission window won't open again until March 26.
> Naturally, someone could post an entire Internet-Draft as a big message
> to an IETF mailing list, although that is slightly unorthodox. :) If the
> authors would like to do that as a stopgap measure, I can approve the
> messages (if they are larger than the message limit).

BTW, I have been in contact with the IETF Secretariat, and I can indeed
approve manual publication of -00 Internet-Drafts. I'm now working with
Trey to get them in the right format for submission.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From kelly.grizzle@sailpoint.com  Thu Mar 15 11:18:14 2012
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B83FF21F87D1 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 11:18:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.899
X-Spam-Level: 
X-Spam-Status: No, score=-3.899 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KVe+zH2phnyO for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 11:18:14 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe001.messaging.microsoft.com [216.32.180.11]) by ietfa.amsl.com (Postfix) with ESMTP id E0EBD21F878B for <scim@ietf.org>; Thu, 15 Mar 2012 11:18:13 -0700 (PDT)
Received: from mail174-va3-R.bigfish.com (10.7.14.241) by VA3EHSOBE010.bigfish.com (10.7.40.12) with Microsoft SMTP Server id 14.1.225.22; Thu, 15 Mar 2012 18:18:13 +0000
Received: from mail174-va3 (localhost [127.0.0.1])	by mail174-va3-R.bigfish.com (Postfix) with ESMTP id 620F540660; Thu, 15 Mar 2012 18:18:13 +0000 (UTC)
X-SpamScore: -48
X-BigFish: PS-48(zz9371I936eK542M1432N1418M98dK1447Mzz1202hzz1033IL8275bh8275dhz2fh2a8h668h839h944hd25h)
X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT005.namprd04.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail174-va3: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT005.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail174-va3 (localhost.localdomain [127.0.0.1]) by mail174-va3 (MessageSwitch) id 1331835491614910_3401; Thu, 15 Mar 2012 18:18:11 +0000 (UTC)
Received: from VA3EHSMHS022.bigfish.com (unknown [10.7.14.240])	by mail174-va3.bigfish.com (Postfix) with ESMTP id 8664E60049; Thu, 15 Mar 2012 18:18:11 +0000 (UTC)
Received: from BL2PRD0410HT005.namprd04.prod.outlook.com (157.56.240.85) by VA3EHSMHS022.bigfish.com (10.7.99.32) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 15 Mar 2012 18:18:07 +0000
Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.3.188]) by BL2PRD0410HT005.namprd04.prod.outlook.com ([10.255.99.40]) with mapi id 14.16.0123.000; Thu, 15 Mar 2012 18:18:06 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Phil Hunt <phil.hunt@oracle.com>, Charliemortimore <charliemortimore@gmail.com>
Thread-Topic: [scim] Thoughts on SCIM WG charter
Thread-Index: AQHNAiuwxBlZMqJYmEWd/VdqZ4zN35Zqcd+AgAAD7oCAAR3QsA==
Date: Thu, 15 Mar 2012 18:18:06 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C63838C@BL2PRD0410MB351.namprd04.prod.outlook.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com> <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com>
In-Reply-To: <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [173.226.147.242]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 18:18:14 -0000

Phil,

Thanks for the great write-up.  I agree that the hub concept is highly rele=
vant, and have actually been spending a fair amount of energy thinking abou=
t how this might look in SCIM.  In my mind there are two types of gateways:=
 a provisioning hub and an identity hub.  A provisioning hub knows nothing =
about the person -> user relationship.  It simply provides a single SCIM-en=
abled endpoint that can manage accounts on different targets.  Similarly, a=
n identity hub allows managing accounts on different targets, but also main=
tains the person -> user relationships.  Both have the firewall, single pro=
tocol, etc... benefits that you mentioned, but the latter is more suited to=
 the IdM use cases that SPML addresses.  I think that both are useful, so w=
e should consider making the person -> user relationship an optional part o=
f targeting/routing.

I have some ideas on how this may fit into SCIM and would be happy to colla=
borate and help lead this effort.

Taking a step back ... while there is a strong need for this, I also think =
that a majority of the SCIM service providers are not going to be serving a=
s a hub (ie - they will only be managing their own users), so targeting sho=
uld optional.

--Kelly


-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phi=
l Hunt
Sent: Wednesday, March 14, 2012 6:49 PM
To: Charliemortimore
Cc: scim@ietf.org
Subject: Re: [scim] Thoughts on SCIM WG charter

Chuck,

Agreed. Routing shouldn't be specific. The concern is that the client shoul=
d not have direct knowledge of internal endpoints.  In this case, I think t=
he routing requirement is "logical".   Create a Mail account, create a CRM =
account, and so on.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-14, at 4:35 PM, Charliemortimore wrote:

> Hey Phil - good, thoughtful writeup.  =20
>=20
> I agree the notion of gateways/hubs are a reality.  Not yet convinced the=
 client needs to ( or even should have ) knowledge/power over the routing d=
ecisions, at least in v1.   Look forward to discussion and evolving my thin=
king on this. =20
>=20
> - cmort
>=20
> On Mar 14, 2012, at 2:44 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
>=20
>> In previous emails, I promised more thoughts on the Gateway/targeting is=
sue. In order to support the scope discussion, I put a bunch of thoughts to=
gether on areas the WG might consider on my blog at:
>> http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-addres=
s.html
>>=20
>> I'm still planning to post more info to the list on the specific issue o=
f "gatewayed" provisioning (aka targeting).
>>=20
>> Phil
>>=20
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>=20
>>=20
>>=20
>>=20
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim



From phil.hunt@oracle.com  Thu Mar 15 12:02:04 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 506A121E804A for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 12:02:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.335
X-Spam-Level: 
X-Spam-Status: No, score=-10.335 tagged_above=-999 required=5 tests=[AWL=0.264, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vbrnrRvY7RMt for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 12:02:03 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id C9B4A21F870A for <scim@ietf.org>; Thu, 15 Mar 2012 12:02:00 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2FJ1uXS010809 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 19:01:57 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2FJ1tmm012669 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Mar 2012 19:01:56 GMT
Received: from abhmt106.oracle.com (abhmt106.oracle.com [141.146.116.58]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2FJ1tGg020791; Thu, 15 Mar 2012 14:01:55 -0500
Received: from [192.168.1.8] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 15 Mar 2012 12:01:55 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset=us-ascii
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34371C63838C@BL2PRD0410MB351.namprd04.prod.outlook.com>
Date: Thu, 15 Mar 2012 12:01:58 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <67AC8CE3-CF17-40E8-A70C-115A66A07C5B@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com> <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34371C63838C@BL2PRD0410MB351.namprd04.prod.outlook.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
X-CT-RefId: str=0001.0A090201.4F623CA6.0012,ss=1,re=0.000,fgs=0
Cc: "scim@ietf.org" <scim@ietf.org>, Charliemortimore <charliemortimore@gmail.com>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 19:02:04 -0000

Kelly,

Agreed. Targeting should be optional.

I'd like to look specifically how we can layer this on without requiring =
disruptive change to the existing implementation.=20

Would be great to collaborate with you on this.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-15, at 11:18 AM, Kelly Grizzle wrote:

> Phil,
>=20
> Thanks for the great write-up.  I agree that the hub concept is highly =
relevant, and have actually been spending a fair amount of energy =
thinking about how this might look in SCIM.  In my mind there are two =
types of gateways: a provisioning hub and an identity hub.  A =
provisioning hub knows nothing about the person -> user relationship.  =
It simply provides a single SCIM-enabled endpoint that can manage =
accounts on different targets.  Similarly, an identity hub allows =
managing accounts on different targets, but also maintains the person -> =
user relationships.  Both have the firewall, single protocol, etc... =
benefits that you mentioned, but the latter is more suited to the IdM =
use cases that SPML addresses.  I think that both are useful, so we =
should consider making the person -> user relationship an optional part =
of targeting/routing.
>=20
> I have some ideas on how this may fit into SCIM and would be happy to =
collaborate and help lead this effort.
>=20
> Taking a step back ... while there is a strong need for this, I also =
think that a majority of the SCIM service providers are not going to be =
serving as a hub (ie - they will only be managing their own users), so =
targeting should optional.
>=20
> --Kelly
>=20
>=20
> -----Original Message-----
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Phil Hunt
> Sent: Wednesday, March 14, 2012 6:49 PM
> To: Charliemortimore
> Cc: scim@ietf.org
> Subject: Re: [scim] Thoughts on SCIM WG charter
>=20
> Chuck,
>=20
> Agreed. Routing shouldn't be specific. The concern is that the client =
should not have direct knowledge of internal endpoints.  In this case, I =
think the routing requirement is "logical".   Create a Mail account, =
create a CRM account, and so on.
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> On 2012-03-14, at 4:35 PM, Charliemortimore wrote:
>=20
>> Hey Phil - good, thoughtful writeup.  =20
>>=20
>> I agree the notion of gateways/hubs are a reality.  Not yet convinced =
the client needs to ( or even should have ) knowledge/power over the =
routing decisions, at least in v1.   Look forward to discussion and =
evolving my thinking on this. =20
>>=20
>> - cmort
>>=20
>> On Mar 14, 2012, at 2:44 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
>>=20
>>> In previous emails, I promised more thoughts on the =
Gateway/targeting issue. In order to support the scope discussion, I put =
a bunch of thoughts together on areas the WG might consider on my blog =
at:
>>> =
http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.=
html
>>>=20
>>> I'm still planning to post more info to the list on the specific =
issue of "gatewayed" provisioning (aka targeting).
>>>=20
>>> Phil
>>>=20
>>> @independentid
>>> www.independentid.com
>>> phil.hunt@oracle.com
>>>=20
>>>=20
>>>=20
>>>=20
>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From stpeter@stpeter.im  Thu Mar 15 12:51:38 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E087921E802D for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 12:51:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.702
X-Spam-Level: 
X-Spam-Status: No, score=-102.702 tagged_above=-999 required=5 tests=[AWL=-0.103, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K-YByHnMkKAX for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 12:51:38 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 46F7F21F852B for <scim@ietf.org>; Thu, 15 Mar 2012 12:51:36 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 93F4540058 for <scim@ietf.org>; Thu, 15 Mar 2012 14:04:01 -0600 (MDT)
Message-ID: <4F624846.2050400@stpeter.im>
Date: Thu, 15 Mar 2012 13:51:34 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
References: <20120315184538.26489.57916.idtracker@ietfa.amsl.com>
In-Reply-To: <20120315184538.26489.57916.idtracker@ietfa.amsl.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
X-Forwarded-Message-Id: <20120315184538.26489.57916.idtracker@ietfa.amsl.com>
Content-Type: multipart/mixed; boundary="------------090907090507010007060903"
Subject: [scim] Fwd: I-D ACTION:draft-scim-api-00.txt
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 19:51:39 -0000

This is a multi-part message in MIME format.
--------------090907090507010007060903
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

FYI. Thanks to Trey for sending these to me so quickly.

-------- Original Message --------
Subject: I-D ACTION:draft-scim-api-00.txt
Date: Thu, 15 Mar 2012 11:45:38 -0700
From: Internet-Drafts@ietf.org
Reply-To: internet-drafts@ietf.org
To: i-d-announce@ietf.org

A new Internet-Draft is available from the on-line Internet-Drafts
directories.


    Title         : Simple Cloud Identity Management: Protocol 1.0
    Author(s)     : C. Mortimore, et al
    Filename      : draft-scim-api
    Pages         : 45
    Date          : March 15, 2012

   The Simple Cloud Identity Management (SCIM) specification is designed
   to make managing user identity in cloud based applications and
   services easier.  The specification suite seeks to build upon
   experience with existing schemas and deployments, placing specific
   emphasis on simplicity of development and integration, while applying
   existing authentication, authorization, and privacy models.  It&#39;s
   intent is to reduce the cost and complexity of user management
   operations by providing a common user schema and extension model, as
   well as binding documents to provide patterns for exchanging this
   schema using standard protocols.  In essence, make it fast, cheap,
   and easy to move users in to, out of, and around the cloud.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-scim-api

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.


--------------090907090507010007060903
Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0";
 name="Attached Message Part"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="Attached Message Part"


--------------090907090507010007060903
Content-Type: Message/External-body;
 name="draft-scim-api"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="draft-scim-api"

Content-Type: text/plain
Content-ID: <2012-03-15114537.I-D@ietf.org>



--------------090907090507010007060903
Content-Type: text/plain;
 name="Attached Message Part"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="Attached Message Part"

X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KSS1ELUFu
bm91bmNlIG1haWxpbmcgbGlzdApJLUQtQW5ub3VuY2VAaWV0Zi5vcmcKaHR0cHM6Ly93d3cu
aWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9pLWQtYW5ub3VuY2UKSW50ZXJuZXQtRHJhZnQg
ZGlyZWN0b3JpZXM6IGh0dHA6Ly93d3cuaWV0Zi5vcmcvc2hhZG93Lmh0bWwKb3IgZnRwOi8v
ZnRwLmlldGYub3JnL2lldGYvMXNoYWRvdy1zaXRlcy50eHQKCg==
--------------090907090507010007060903--

From stpeter@stpeter.im  Thu Mar 15 12:52:17 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33ADC21F857F for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 12:52:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.702
X-Spam-Level: 
X-Spam-Status: No, score=-102.702 tagged_above=-999 required=5 tests=[AWL=-0.103, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KbEjqFXlrzUT for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 12:52:16 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 686B121F852B for <scim@ietf.org>; Thu, 15 Mar 2012 12:52:16 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 1414640058 for <scim@ietf.org>; Thu, 15 Mar 2012 14:04:42 -0600 (MDT)
Message-ID: <4F62486F.7080705@stpeter.im>
Date: Thu, 15 Mar 2012 13:52:15 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
References: <20120315185014.28449.257.idtracker@ietfa.amsl.com>
In-Reply-To: <20120315185014.28449.257.idtracker@ietfa.amsl.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
X-Forwarded-Message-Id: <20120315185014.28449.257.idtracker@ietfa.amsl.com>
Content-Type: multipart/mixed; boundary="------------050708060008020700020702"
Subject: [scim] Fwd: I-D ACTION:draft-scim-core-schema-00.txt
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 19:52:17 -0000

This is a multi-part message in MIME format.
--------------050708060008020700020702
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Also FYI.

-------- Original Message --------
Subject: I-D ACTION:draft-scim-core-schema-00.txt
Date: Thu, 15 Mar 2012 11:50:14 -0700
From: Internet-Drafts@ietf.org
Reply-To: internet-drafts@ietf.org
To: i-d-announce@ietf.org

A new Internet-Draft is available from the on-line Internet-Drafts
directories.


    Title         : Simple Cloud Identity Management: Core Schema 1.0
    Author(s)     : C. Mortimore, et al
    Filename      : draft-scim-core-schema
    Pages         : 40
    Date          : March 15, 2012

   The Simple Cloud Identity Management (SCIM) specification is designed
   to make managing user identity in cloud based applications and
   services easier.  The specification suite builds upon experience with
   existing schemas and deployments, placing specific emphasis on
   simplicity of development and integration, while applying existing
   authentication, authorization, and privacy models.  Its intent is to
   reduce the cost and complexity of user management operations by
   providing a common user schema and extension model, as well as
   binding documents to provide patterns for exchanging this schema
   using standard protocols.  In essence, make it fast, cheap, and easy
   to move identity in to, out of, and around the cloud.

   This document provides a platform neutral schema and extension model
   for representing users and groups in JSON and XML formats.  This
   schema is intended for exchange and use with cloud service providers.
   Additional binding documents provide a standard REST API, SAML
   binding, and use cases.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-scim-core-schema

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.


--------------050708060008020700020702
Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0";
 name="Attached Message Part"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="Attached Message Part"


--------------050708060008020700020702
Content-Type: Message/External-body;
 name="draft-scim-core-schema"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="draft-scim-core-schema"

Content-Type: text/plain
Content-ID: <2012-03-15115014.I-D@ietf.org>



--------------050708060008020700020702
Content-Type: text/plain;
 name="Attached Message Part"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="Attached Message Part"

X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KSS1ELUFu
bm91bmNlIG1haWxpbmcgbGlzdApJLUQtQW5ub3VuY2VAaWV0Zi5vcmcKaHR0cHM6Ly93d3cu
aWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9pLWQtYW5ub3VuY2UKSW50ZXJuZXQtRHJhZnQg
ZGlyZWN0b3JpZXM6IGh0dHA6Ly93d3cuaWV0Zi5vcmcvc2hhZG93Lmh0bWwKb3IgZnRwOi8v
ZnRwLmlldGYub3JnL2lldGYvMXNoYWRvdy1zaXRlcy50eHQKCg==
--------------050708060008020700020702--

From stpeter@stpeter.im  Thu Mar 15 13:12:23 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E25621F86C4 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:12:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.701
X-Spam-Level: 
X-Spam-Status: No, score=-102.701 tagged_above=-999 required=5 tests=[AWL=-0.102, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9oFuJD+PBubt for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:12:22 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id AF5AA21F86C3 for <scim@ietf.org>; Thu, 15 Mar 2012 13:12:22 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id E5A4C40058; Thu, 15 Mar 2012 14:24:47 -0600 (MDT)
Message-ID: <4F624D24.8000505@stpeter.im>
Date: Thu, 15 Mar 2012 14:12:20 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Trey Drake <trey.drake@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>	<4F61BFBF.7090408@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EA5B.70207@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EF05.2050608@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com>
In-Reply-To: <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "'Brenner, Michael Ralf \(Michael\)'" <michael.brenner@alcatel-lucent.com>, scim@ietf.org, Salvatore D'Agostino <sal@idmachines.com>, "'Diodati, Mark'" <Mark.Diodati@gartner.com>, "'Morteza Ansari \(moransar\)'" <moransar@cisco.com>, 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 20:12:23 -0000

On 3/15/12 9:25 AM, Trey Drake wrote:
> I'm sure this will (once again) be heavily debated once the group is
> formed.  In the past the balancing act was bent towards pragmatism;
> i.e., what can organizations actually roll out in the foreseeable
> future?  The answer is/was recommendation for OAuth bearer tokens,
> language encouraging service providers to remain flexible w.r.t.
> authN/Z schemes, and a facility for discovering the authentication
> schemes supported by the service provider.  The latter  enables a
> developer/consumer the ability to poke through and select an
> appropriate scheme.

First, without my sponsoring AD hat on, I agree with Stephen that
there's confusion about terminology here. In IETF protocol specs, we
tend to differentiate among two things:

1. Mandatory-to-implement. This means that if you're writing a code
library, a server, or a client, your code MUST support the feature.

2. Mandatory-to-deploy. This means that all service providers MUST
actually use the code in those implementations.

We typically talk only about mandatory-to-implement. This enables
service providers to be flexible in their deployments while still
ensuring that we have a baseline for interoperability. Everything you
guys have done to enable discovery of supported mechanisms fits right in
with this way of specifying the protocol. Please also understand that
mandatory-to-implement does *not* mean that you can't implement other
mechanisms. It just means that everyone will have at least one mechanism
in common.

Second, with my sponsoring AD hat on, I strongly encourage folks to
specify a mandatory-to-implement authorization technology, for the
reasons that Stephen outlined.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From moransar@cisco.com  Thu Mar 15 13:35:21 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AB1121F86F8 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:35:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.518
X-Spam-Level: 
X-Spam-Status: No, score=-10.518 tagged_above=-999 required=5 tests=[AWL=0.082, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9dOwZW-HLF2R for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:35:20 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 9AE1221F86D9 for <scim@ietf.org>; Thu, 15 Mar 2012 13:35:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=3368; q=dns/txt; s=iport; t=1331843720; x=1333053320; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=hQnyVnD/vTYeNOZksowx+y+Pzcj7lUWznbpmZFASnlM=; b=kggOxcrIeR5PkcMDvWLdYo5oU7C6Bv4t8IU5Et9LaieERT5B5GuL/UQF h6Jbgmg1PUQENnOTwun+XZFmWSQdvezIiO5BYao46M/IMgcav+6X5T/f/ yJOaAU1jz6aRgXUK3X65yZwrLQeBuM+WatNOYNgAd0IVRZrwDV709tgUB I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgIFABNSYk+tJXHA/2dsb2JhbABDhTyvb3+BB4IJAQEBBBIBEA0ERQwEAgEIEQQBAQECAgYGFwECAgIBAUQJCAEBBAESCBqHaJp2jQSRfQSBL45CM2MEiFebSYFogwQ
X-IronPort-AV: E=Sophos;i="4.73,593,1325462400"; d="scan'208";a="66853562"
Received: from rcdn-core2-5.cisco.com ([173.37.113.192]) by rcdn-iport-5.cisco.com with ESMTP; 15 Mar 2012 20:35:15 +0000
Received: from xbh-rcd-301.cisco.com (xbh-rcd-301.cisco.com [72.163.63.8]) by rcdn-core2-5.cisco.com (8.14.3/8.14.3) with ESMTP id q2FKZFgv028702;  Thu, 15 Mar 2012 20:35:15 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-301.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Thu, 15 Mar 2012 15:35:15 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Date: Thu, 15 Mar 2012 15:35:14 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEE632D1@XMB-RCD-313.cisco.com>
In-Reply-To: <4F624D24.8000505@stpeter.im>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0C5+7Ag4kqVHLxTteww4WGzYysmAAAdTTA
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>	<4F61BFBF.7090408@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EA5B.70207@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EF05.2050608@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Peter Saint-Andre" <stpeter@stpeter.im>, "Trey Drake" <trey.drake@unboundid.com>
X-OriginalArrivalTime: 15 Mar 2012 20:35:15.0436 (UTC) FILETIME=[20CB0AC0:01CD02EB]
Cc: "Brenner, Michael Ralf \(Michael\)" <michael.brenner@alcatel-lucent.com>, "Diodati, Mark" <Mark.Diodati@gartner.com>, scim@ietf.org, Salvatore D'Agostino <sal@idmachines.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 20:35:21 -0000

R3JlYXQgZGlzY3Vzc2lvbiBldmVyeW9uZS4gSSB0aGluayB3ZSBhcmUgYWxsIG9uIHRoZSBzYW1l
IHBhZ2UgKG1heWJlIHdpdGggdGhlIGV4Y2VwdGlvbiBvZiBtYW5kYXRvcnkgdG8gaW1wbGVtZW50
IHdoaWNoIEkgYW0gc3VyZSB3ZSB3aWxsIGhhdmUgbWFueSBkaXNjdXNzaW9ucyBvbiBpZiB0aGUg
V0cgaXMgY3JlYXRlZCkuICBUaGUgcXVlc3Rpb24gaXMgaG93IGNhbiB3ZSBpbXByb3ZlIHRoZSB3
b3JkaW5nIG9mIHRoZSB0aGlyZCBidWxsZXQgdG8gY2xlYXJseSBzYXkgd2hhdCB3ZSBpbnRlbmRl
ZCB0byBzYXk/ICBEb2VzIGFueW9uZSBoYXZlIGEgc3VnZ2VzdGlvbj8NCg0KDQpDaGVlcnMsDQpN
b3J0ZXphDQoNCi0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBQZXRlciBTYWludC1B
bmRyZSBbbWFpbHRvOnN0cGV0ZXJAc3RwZXRlci5pbV0gDQpTZW50OiBUaHVyc2RheSwgTWFyY2gg
MTUsIDIwMTIgMToxMiBQTQ0KVG86IFRyZXkgRHJha2UNCkNjOiBTYWx2YXRvcmUgRCdBZ29zdGlu
bzsgJ0JyZW5uZXIsIE1pY2hhZWwgUmFsZiAoTWljaGFlbCknOyAnRGlvZGF0aSwgTWFyayc7ICdT
dGVwaGVuIEZhcnJlbGwnOyBNb3J0ZXphIEFuc2FyaSAobW9yYW5zYXIpOyBzY2ltQGlldGYub3Jn
DQpTdWJqZWN0OiBSZTogW3NjaW1dIERyYWZ0IGNoYXJ0ZXIgLSB2NA0KDQpPbiAzLzE1LzEyIDk6
MjUgQU0sIFRyZXkgRHJha2Ugd3JvdGU6DQo+IEknbSBzdXJlIHRoaXMgd2lsbCAob25jZSBhZ2Fp
bikgYmUgaGVhdmlseSBkZWJhdGVkIG9uY2UgdGhlIGdyb3VwIGlzIA0KPiBmb3JtZWQuICBJbiB0
aGUgcGFzdCB0aGUgYmFsYW5jaW5nIGFjdCB3YXMgYmVudCB0b3dhcmRzIHByYWdtYXRpc207IA0K
PiBpLmUuLCB3aGF0IGNhbiBvcmdhbml6YXRpb25zIGFjdHVhbGx5IHJvbGwgb3V0IGluIHRoZSBm
b3Jlc2VlYWJsZSANCj4gZnV0dXJlPyAgVGhlIGFuc3dlciBpcy93YXMgcmVjb21tZW5kYXRpb24g
Zm9yIE9BdXRoIGJlYXJlciB0b2tlbnMsIA0KPiBsYW5ndWFnZSBlbmNvdXJhZ2luZyBzZXJ2aWNl
IHByb3ZpZGVycyB0byByZW1haW4gZmxleGlibGUgdy5yLnQuDQo+IGF1dGhOL1ogc2NoZW1lcywg
YW5kIGEgZmFjaWxpdHkgZm9yIGRpc2NvdmVyaW5nIHRoZSBhdXRoZW50aWNhdGlvbiANCj4gc2No
ZW1lcyBzdXBwb3J0ZWQgYnkgdGhlIHNlcnZpY2UgcHJvdmlkZXIuICBUaGUgbGF0dGVyICBlbmFi
bGVzIGEgDQo+IGRldmVsb3Blci9jb25zdW1lciB0aGUgYWJpbGl0eSB0byBwb2tlIHRocm91Z2gg
YW5kIHNlbGVjdCBhbiANCj4gYXBwcm9wcmlhdGUgc2NoZW1lLg0KDQpGaXJzdCwgd2l0aG91dCBt
eSBzcG9uc29yaW5nIEFEIGhhdCBvbiwgSSBhZ3JlZSB3aXRoIFN0ZXBoZW4gdGhhdCB0aGVyZSdz
IGNvbmZ1c2lvbiBhYm91dCB0ZXJtaW5vbG9neSBoZXJlLiBJbiBJRVRGIHByb3RvY29sIHNwZWNz
LCB3ZSB0ZW5kIHRvIGRpZmZlcmVudGlhdGUgYW1vbmcgdHdvIHRoaW5nczoNCg0KMS4gTWFuZGF0
b3J5LXRvLWltcGxlbWVudC4gVGhpcyBtZWFucyB0aGF0IGlmIHlvdSdyZSB3cml0aW5nIGEgY29k
ZSBsaWJyYXJ5LCBhIHNlcnZlciwgb3IgYSBjbGllbnQsIHlvdXIgY29kZSBNVVNUIHN1cHBvcnQg
dGhlIGZlYXR1cmUuDQoNCjIuIE1hbmRhdG9yeS10by1kZXBsb3kuIFRoaXMgbWVhbnMgdGhhdCBh
bGwgc2VydmljZSBwcm92aWRlcnMgTVVTVCBhY3R1YWxseSB1c2UgdGhlIGNvZGUgaW4gdGhvc2Ug
aW1wbGVtZW50YXRpb25zLg0KDQpXZSB0eXBpY2FsbHkgdGFsayBvbmx5IGFib3V0IG1hbmRhdG9y
eS10by1pbXBsZW1lbnQuIFRoaXMgZW5hYmxlcyBzZXJ2aWNlIHByb3ZpZGVycyB0byBiZSBmbGV4
aWJsZSBpbiB0aGVpciBkZXBsb3ltZW50cyB3aGlsZSBzdGlsbCBlbnN1cmluZyB0aGF0IHdlIGhh
dmUgYSBiYXNlbGluZSBmb3IgaW50ZXJvcGVyYWJpbGl0eS4gRXZlcnl0aGluZyB5b3UgZ3V5cyBo
YXZlIGRvbmUgdG8gZW5hYmxlIGRpc2NvdmVyeSBvZiBzdXBwb3J0ZWQgbWVjaGFuaXNtcyBmaXRz
IHJpZ2h0IGluIHdpdGggdGhpcyB3YXkgb2Ygc3BlY2lmeWluZyB0aGUgcHJvdG9jb2wuIFBsZWFz
ZSBhbHNvIHVuZGVyc3RhbmQgdGhhdCBtYW5kYXRvcnktdG8taW1wbGVtZW50IGRvZXMgKm5vdCog
bWVhbiB0aGF0IHlvdSBjYW4ndCBpbXBsZW1lbnQgb3RoZXIgbWVjaGFuaXNtcy4gSXQganVzdCBt
ZWFucyB0aGF0IGV2ZXJ5b25lIHdpbGwgaGF2ZSBhdCBsZWFzdCBvbmUgbWVjaGFuaXNtIGluIGNv
bW1vbi4NCg0KU2Vjb25kLCB3aXRoIG15IHNwb25zb3JpbmcgQUQgaGF0IG9uLCBJIHN0cm9uZ2x5
IGVuY291cmFnZSBmb2xrcyB0byBzcGVjaWZ5IGEgbWFuZGF0b3J5LXRvLWltcGxlbWVudCBhdXRo
b3JpemF0aW9uIHRlY2hub2xvZ3ksIGZvciB0aGUgcmVhc29ucyB0aGF0IFN0ZXBoZW4gb3V0bGlu
ZWQuDQoNClBldGVyDQoNCi0tDQpQZXRlciBTYWludC1BbmRyZQ0KaHR0cHM6Ly9zdHBldGVyLmlt
Lw0KDQoNCg==

From trey.drake@unboundid.com  Thu Mar 15 13:36:14 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53B4D21F86E8 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:36:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.566
X-Spam-Level: 
X-Spam-Status: No, score=-3.566 tagged_above=-999 required=5 tests=[AWL=0.033,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mi-NWCxNLTH4 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:36:13 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 15B4521F86D9 for <scim@ietf.org>; Thu, 15 Mar 2012 13:36:13 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so3989544ghb.31 for <scim@ietf.org>; Thu, 15 Mar 2012 13:36:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=arIVl5fVCYyrXojd+At1m7U2PfZKzdZrw2PSLPkFvtY=; b=C7MHY5Dv7QPVA0YpSYgxabS0/NJ6L9fTnxw/Itw0clSkosEN+0w3O5jmqbKR/TQ0WJ JkvrqeTQhcAUEaLySViNOkhe1UOnoFtQONsiEypp/munSIS+cWZm8FErL0NvP8WvTbsR X1gdITRc8Xoe82fVbweUqQPG254q7P6Q2/a620+feVJh9WJYLhRdGgi0j3GweR1K2zgR ofzV8iHgjGXIW+fVxllVYnQDMnNATbBrXLMeuDiPz609GYGvBsBOAW0RFp0YjK8edwYO MMEEWraYvY4RjhtIk6qupA06l6wwu2WY7IPQxfbOucRB5ZH2+4hTmVLc1ES8GxIe/l10 jiSg==
Received: by 10.60.1.7 with SMTP id 7mr9608522oei.71.1331843772641; Thu, 15 Mar 2012 13:36:12 -0700 (PDT)
Received: from [192.168.241.86] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id m3sm61303oem.7.2012.03.15.13.36.10 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Mar 2012 13:36:11 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_D96620BA-D7CB-4770-8886-7FEA6C77E8E2"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <4F624D24.8000505@stpeter.im>
Date: Thu, 15 Mar 2012 15:36:09 -0500
Message-Id: <BBE870F3-DAFB-45A0-B079-0507DE3A5ACA@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>	<4F61BFBF.7090408@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EA5B.70207@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EF05.2050608@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im>
To: Peter Saint-Andre <stpeter@stpeter.im>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQmRHTrJ1/c47OFHmMLjrqsHhrutr38u1cwWgXNg86fLyibuWilXbEvxjZN3fTGkM9pyZmdI
Cc: "'Brenner, Michael Ralf \(Michael\)'" <michael.brenner@alcatel-lucent.com>, scim@ietf.org, Salvatore D'Agostino <sal@idmachines.com>, "'Diodati, Mark'" <Mark.Diodati@gartner.com>, "'Morteza Ansari \(moransar\)'" <moransar@cisco.com>, 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 20:36:14 -0000

--Apple-Mail=_D96620BA-D7CB-4770-8886-7FEA6C77E8E2
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

I hear you.  Now that Peter has expedited and posted (thanks!) a =
protocol draft (http://www.ietf.org/id/draft-scim-api-00.txt) we have =
something more concrete to talk to.  See section 2 (Authentication and =
Authorization). =20

Thanks,
Trey

On Mar 15, 2012, at 3:12 PM, Peter Saint-Andre wrote:

> On 3/15/12 9:25 AM, Trey Drake wrote:
>> I'm sure this will (once again) be heavily debated once the group is
>> formed.  In the past the balancing act was bent towards pragmatism;
>> i.e., what can organizations actually roll out in the foreseeable
>> future?  The answer is/was recommendation for OAuth bearer tokens,
>> language encouraging service providers to remain flexible w.r.t.
>> authN/Z schemes, and a facility for discovering the authentication
>> schemes supported by the service provider.  The latter  enables a
>> developer/consumer the ability to poke through and select an
>> appropriate scheme.
>=20
> First, without my sponsoring AD hat on, I agree with Stephen that
> there's confusion about terminology here. In IETF protocol specs, we
> tend to differentiate among two things:
>=20
> 1. Mandatory-to-implement. This means that if you're writing a code
> library, a server, or a client, your code MUST support the feature.
>=20
> 2. Mandatory-to-deploy. This means that all service providers MUST
> actually use the code in those implementations.
>=20
> We typically talk only about mandatory-to-implement. This enables
> service providers to be flexible in their deployments while still
> ensuring that we have a baseline for interoperability. Everything you
> guys have done to enable discovery of supported mechanisms fits right =
in
> with this way of specifying the protocol. Please also understand that
> mandatory-to-implement does *not* mean that you can't implement other
> mechanisms. It just means that everyone will have at least one =
mechanism
> in common.
>=20
> Second, with my sponsoring AD hat on, I strongly encourage folks to
> specify a mandatory-to-implement authorization technology, for the
> reasons that Stephen outlined.
>=20
> Peter
>=20
> --=20
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20


--Apple-Mail=_D96620BA-D7CB-4770-8886-7FEA6C77E8E2
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTUyMDM2MDlaMCMGCSqGSIb3DQEJBDEWBBThi5m4kMGoCSs5VU+lr5bio3UGKTCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAC2VhwzXa3uDvr9JIsAm4LiWFSVPw8Rk0m1dJnAzR+iN+MyBOdoEaO6/MwXmWbg1SgrQ
VU6LuF5kh3MTtND57p3ih5gwiNiNdNZ/dabfOyvPB2AyKh8Xd9VCGKqhkQYbzWrR2eliKNMAJ0wO
7UMsbfX33exSKmQCAXcKRvyrZpWxFgHAQxyoz6R1BqrbPOk7EX0qDOtmW/ToTlpsyXoxYkDmmnBa
vKmpKFvjRIZfWVtWVshTVCGqGDNs2r7PAaQ+JDBu6MaXk3qsS2Zemei9KXjrjTnGKUMRwkO2TJmu
5EPrLIu55nRYJMNlWhll8A4Iu/35onDlX2KUT5RuVK78+VkAAAAAAAA=

--Apple-Mail=_D96620BA-D7CB-4770-8886-7FEA6C77E8E2--

From stpeter@stpeter.im  Thu Mar 15 13:41:54 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5F1221E8025 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:41:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.701
X-Spam-Level: 
X-Spam-Status: No, score=-102.701 tagged_above=-999 required=5 tests=[AWL=-0.102, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T8anrI-i0tV9 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:41:54 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 68B0C21E801E for <scim@ietf.org>; Thu, 15 Mar 2012 13:41:54 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 2436640058 for <scim@ietf.org>; Thu, 15 Mar 2012 14:54:19 -0600 (MDT)
Message-ID: <4F625410.1020501@stpeter.im>
Date: Thu, 15 Mar 2012 14:41:52 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: scim@ietf.org
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>	<4F61BFBF.7090408@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EA5B.70207@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EF05.2050608@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <BBE870F3-DAFB-45A0-B079-0507DE3A5ACA@unboundid.com>
In-Reply-To: <BBE870F3-DAFB-45A0-B079-0507DE3A5ACA@unboundid.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 20:41:54 -0000

On 3/15/12 2:36 PM, Trey Drake wrote:
> I hear you.  Now that Peter has expedited and posted (thanks!) a
> protocol draft (http://www.ietf.org/id/draft-scim-api-00.txt) we have
> something more concrete to talk to.  See section 2 (Authentication
> and Authorization).

A more hyperlinked version is here:

http://tools.ietf.org/html/draft-scim-api-00

Things like http://tools.ietf.org/html/draft-scim-api-00#section-2 can
be easier to reference. :)

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From stpeter@stpeter.im  Thu Mar 15 13:51:40 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A044221F8656 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:51:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.7
X-Spam-Level: 
X-Spam-Status: No, score=-102.7 tagged_above=-999 required=5 tests=[AWL=-0.101, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11bQLpS-B05Q for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 13:51:40 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 22E0E21F8646 for <scim@ietf.org>; Thu, 15 Mar 2012 13:51:39 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 4A4BF40058; Thu, 15 Mar 2012 15:04:03 -0600 (MDT)
Message-ID: <4F625657.50907@stpeter.im>
Date: Thu, 15 Mar 2012 14:51:35 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com>	<4F61BFBF.7090408@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EA5B.70207@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F61EF05.2050608@cs.tcd.ie>	<219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <93C6FB63F046384C86EC8F7F3FFEC7BEE632D1@XMB-RCD-313.cisco.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEE632D1@XMB-RCD-313.cisco.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "Brenner, Michael Ralf \(Michael\)" <michael.brenner@alcatel-lucent.com>, scim@ietf.org, Trey Drake <trey.drake@unboundid.com>, Salvatore D'Agostino <sal@idmachines.com>, "Diodati, Mark" <Mark.Diodati@gartner.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 20:51:40 -0000

With my individual contributor hat on. I think.

On 3/15/12 2:35 PM, Morteza Ansari (moransar) wrote:
> Great discussion everyone. I think we are all on the same page (maybe
> with the exception of mandatory to implement which I am sure we will
> have many discussions on if the WG is created).  The question is how
> can we improve the wording of the third bullet to clearly say what we
> intended to say?  Does anyone have a suggestion?

Remove the third bullet? :)

Earlier in the charter we already say that we will be "applying existing
authentication, authorization, and privacy models". That's a fine thing.
It's also good that we're not expecting a SCIM working group (if formed)
to define new authentication and authorization technologies. However,
not providing a baseline MTI technology for either of those core
security features doesn't appear to "improve security of the overall
system", as the charter also says. I can assure you that Stephen isn't
the only one who will be hammering the group on this point. IMHO it's
better to agree that we need an MTI authorization technology, and fight
later over which technology is best to choose as a baseline.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From lear@cisco.com  Thu Mar 15 14:10:34 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90F9521E8011 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:10:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.547
X-Spam-Level: 
X-Spam-Status: No, score=-110.547 tagged_above=-999 required=5 tests=[AWL=0.052, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5eKtyvKoEjgk for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:10:33 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 3AED421E8029 for <scim@ietf.org>; Thu, 15 Mar 2012 14:10:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=4361; q=dns/txt; s=iport; t=1331845833; x=1333055433; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=qOXMz5+Ui6Kw9qRp4WAttupPKXi8zFA/Eddom2XNMws=; b=kEMDsQEXsjRxY2NGS0aYe2y45/kjrKpt7D+GSp6IEaQvQ5/7YDqEkVs9 Bxiok2+dixb+oFapilab477INNgp+Gp2oXSqm6z5ITbmcNZYIfKXu1/U4 90YEw7X0te/vB/YsLLAx0cLBBhepg6/IKHAhoGCH+HvxbBkYvX+6kqBmv o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgIFAKFZYk+Q/khM/2dsb2JhbAA6CYU8sG6BB4IJAQEBBAEBAQ8BEAQiJQQGAQwECxEEAQEBAgIFDAoIAwICCQMCAQIBFR8JCAYNAQUCAQEeh2gLmnaNBJF/gS+JCgiDGIIYgRYElWGOP4FogmeBWw
X-IronPort-AV: E=Sophos;i="4.73,592,1325462400"; d="scan'208";a="68598315"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 15 Mar 2012 21:10:31 +0000
Received: from dhcp-10-55-82-125.cisco.com (dhcp-10-55-82-125.cisco.com [10.55.82.125]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2FLAVtV012497; Thu, 15 Mar 2012 21:10:31 GMT
Message-ID: <4F625AC6.3090905@cisco.com>
Date: Thu, 15 Mar 2012 22:10:30 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com> <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34371C63838C@BL2PRD0410MB351.namprd04.prod.outlook.com> <67AC8CE3-CF17-40E8-A70C-115A66A07C5B@oracle.com>
In-Reply-To: <67AC8CE3-CF17-40E8-A70C-115A66A07C5B@oracle.com>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>, Charliemortimore <charliemortimore@gmail.com>, Kelly Grizzle <kelly.grizzle@sailpoint.com>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 21:10:34 -0000

One of the things the draft charter has discussed is an extension
mechanism.  It is also useful to sort the order of work.  One useful way
to handle both of these is to have a test case in mind.  This might be
it.  That is- see if we can get the extension mechanism in place so that
we can address multipoint.

Eliot

On 3/15/12 8:01 PM, Phil Hunt wrote:
> Kelly,
>
> Agreed. Targeting should be optional.
>
> I'd like to look specifically how we can layer this on without requiring disruptive change to the existing implementation. 
>
> Would be great to collaborate with you on this.
>
> Phil
>
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>
>
>
>
>
> On 2012-03-15, at 11:18 AM, Kelly Grizzle wrote:
>
>> Phil,
>>
>> Thanks for the great write-up.  I agree that the hub concept is highly relevant, and have actually been spending a fair amount of energy thinking about how this might look in SCIM.  In my mind there are two types of gateways: a provisioning hub and an identity hub.  A provisioning hub knows nothing about the person -> user relationship.  It simply provides a single SCIM-enabled endpoint that can manage accounts on different targets.  Similarly, an identity hub allows managing accounts on different targets, but also maintains the person -> user relationships.  Both have the firewall, single protocol, etc... benefits that you mentioned, but the latter is more suited to the IdM use cases that SPML addresses.  I think that both are useful, so we should consider making the person -> user relationship an optional part of targeting/routing.
>>
>> I have some ideas on how this may fit into SCIM and would be happy to collaborate and help lead this effort.
>>
>> Taking a step back ... while there is a strong need for this, I also think that a majority of the SCIM service providers are not going to be serving as a hub (ie - they will only be managing their own users), so targeting should optional.
>>
>> --Kelly
>>
>>
>> -----Original Message-----
>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phil Hunt
>> Sent: Wednesday, March 14, 2012 6:49 PM
>> To: Charliemortimore
>> Cc: scim@ietf.org
>> Subject: Re: [scim] Thoughts on SCIM WG charter
>>
>> Chuck,
>>
>> Agreed. Routing shouldn't be specific. The concern is that the client should not have direct knowledge of internal endpoints.  In this case, I think the routing requirement is "logical".   Create a Mail account, create a CRM account, and so on.
>>
>> Phil
>>
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>
>>
>>
>>
>>
>> On 2012-03-14, at 4:35 PM, Charliemortimore wrote:
>>
>>> Hey Phil - good, thoughtful writeup.   
>>>
>>> I agree the notion of gateways/hubs are a reality.  Not yet convinced the client needs to ( or even should have ) knowledge/power over the routing decisions, at least in v1.   Look forward to discussion and evolving my thinking on this.  
>>>
>>> - cmort
>>>
>>> On Mar 14, 2012, at 2:44 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
>>>
>>>> In previous emails, I promised more thoughts on the Gateway/targeting issue. In order to support the scope discussion, I put a bunch of thoughts together on areas the WG might consider on my blog at:
>>>> http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.html
>>>>
>>>> I'm still planning to post more info to the list on the specific issue of "gatewayed" provisioning (aka targeting).
>>>>
>>>> Phil
>>>>
>>>> @independentid
>>>> www.independentid.com
>>>> phil.hunt@oracle.com
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>
>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From trey.drake@unboundid.com  Thu Mar 15 14:20:48 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 143C621F86C3 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:20:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.569
X-Spam-Level: 
X-Spam-Status: No, score=-3.569 tagged_above=-999 required=5 tests=[AWL=0.030,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j7zjCwav2hFu for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:20:47 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id ED10A21F86C1 for <scim@ietf.org>; Thu, 15 Mar 2012 14:20:46 -0700 (PDT)
Received: by yenm5 with SMTP id m5so4035764yen.31 for <scim@ietf.org>; Thu, 15 Mar 2012 14:20:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=grHzHEWJnAp3mkSFqMClKHQd5xh6vxTUjC1Y5ayXvvA=; b=Cb78yxY8jDLDjORgZztXdgZQpOS+2hxXNHUsFkc5NO6zWp262ZVWe+n6HIi5FTDjmA Mjh/f0MW/0qjj+qn4HYUX4vOJa1jYlL5Bp8oIksVK5n0u9Q2b+YppcmXmRdaUapL4gbm vNuU99wl8chXY1b3bNJSuABerMDC36DUZdZ53MCMaVyqB0EBtbVvIEDekJKfWsdG0vbh OpmINsdTOmm/kPVYi8izQNzys+Tw2pAwQrX/Txz4QdaF5r8pfP9HZxi7RsiJ7+cIhn+p VSh/Ii4iK2GoI0DtK7OjeswZU4Vr1kH0MWIBqsLiaRPEDv+a70ieHA6RyUMv+mJe1i6G kNGg==
Received: by 10.182.72.71 with SMTP id b7mr262705obv.11.1331846446426; Thu, 15 Mar 2012 14:20:46 -0700 (PDT)
Received: from [192.168.241.86] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id f2sm2292187oef.6.2012.03.15.14.20.44 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Mar 2012 14:20:45 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_24824B51-013F-4924-9FD0-CD86DBE3CD70"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <4F625AC6.3090905@cisco.com>
Date: Thu, 15 Mar 2012 16:20:43 -0500
Message-Id: <4534DFDD-4F43-4688-B2B8-A86B37352336@unboundid.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com> <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34371C63838C@BL2PRD0410MB351.namprd04.prod.outlook.com> <67AC8CE3-CF17-40E8-A70C-115A66A07C5B@oracle.com> <4F625AC6.3090905@cisco.com>
To: Eliot Lear <lear@cisco.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQkofou6W92J/OsgJ1lBQWbC5A5bDCFnHhaHZPeZnkxktxkA0sAy+61ANbtmYa0rcVAm4T7T
Cc: "scim@ietf.org" <scim@ietf.org>, Charliemortimore <charliemortimore@gmail.com>, Kelly Grizzle <kelly.grizzle@sailpoint.com>, Phil Hunt <phil.hunt@oracle.com>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 21:20:48 -0000

--Apple-Mail=_24824B51-013F-4924-9FD0-CD86DBE3CD70
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Something to consider - if targeting is no more than introducing =
additional attributes (to describe the intended target) then a road has =
been paved with the submitted core schema draft (see section 4) =
http://tools.ietf.org/html/draft-scim-core-schema-00#section-4 =20

Thanks,
Trey


On Mar 15, 2012, at 4:10 PM, Eliot Lear wrote:

>=20
>=20
> One of the things the draft charter has discussed is an extension
> mechanism.  It is also useful to sort the order of work.  One useful =
way
> to handle both of these is to have a test case in mind.  This might be
> it.  That is- see if we can get the extension mechanism in place so =
that
> we can address multipoint.
>=20
> Eliot
>=20
> On 3/15/12 8:01 PM, Phil Hunt wrote:
>> Kelly,
>>=20
>> Agreed. Targeting should be optional.
>>=20
>> I'd like to look specifically how we can layer this on without =
requiring disruptive change to the existing implementation.=20
>>=20
>> Would be great to collaborate with you on this.
>>=20
>> Phil
>>=20
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>=20
>>=20
>>=20
>>=20
>>=20
>> On 2012-03-15, at 11:18 AM, Kelly Grizzle wrote:
>>=20
>>> Phil,
>>>=20
>>> Thanks for the great write-up.  I agree that the hub concept is =
highly relevant, and have actually been spending a fair amount of energy =
thinking about how this might look in SCIM.  In my mind there are two =
types of gateways: a provisioning hub and an identity hub.  A =
provisioning hub knows nothing about the person -> user relationship.  =
It simply provides a single SCIM-enabled endpoint that can manage =
accounts on different targets.  Similarly, an identity hub allows =
managing accounts on different targets, but also maintains the person -> =
user relationships.  Both have the firewall, single protocol, etc... =
benefits that you mentioned, but the latter is more suited to the IdM =
use cases that SPML addresses.  I think that both are useful, so we =
should consider making the person -> user relationship an optional part =
of targeting/routing.
>>>=20
>>> I have some ideas on how this may fit into SCIM and would be happy =
to collaborate and help lead this effort.
>>>=20
>>> Taking a step back ... while there is a strong need for this, I also =
think that a majority of the SCIM service providers are not going to be =
serving as a hub (ie - they will only be managing their own users), so =
targeting should optional.
>>>=20
>>> --Kelly
>>>=20
>>>=20
>>> -----Original Message-----
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Phil Hunt
>>> Sent: Wednesday, March 14, 2012 6:49 PM
>>> To: Charliemortimore
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Thoughts on SCIM WG charter
>>>=20
>>> Chuck,
>>>=20
>>> Agreed. Routing shouldn't be specific. The concern is that the =
client should not have direct knowledge of internal endpoints.  In this =
case, I think the routing requirement is "logical".   Create a Mail =
account, create a CRM account, and so on.
>>>=20
>>> Phil
>>>=20
>>> @independentid
>>> www.independentid.com
>>> phil.hunt@oracle.com
>>>=20
>>>=20
>>>=20
>>>=20
>>>=20
>>> On 2012-03-14, at 4:35 PM, Charliemortimore wrote:
>>>=20
>>>> Hey Phil - good, thoughtful writeup.  =20
>>>>=20
>>>> I agree the notion of gateways/hubs are a reality.  Not yet =
convinced the client needs to ( or even should have ) knowledge/power =
over the routing decisions, at least in v1.   Look forward to discussion =
and evolving my thinking on this. =20
>>>>=20
>>>> - cmort
>>>>=20
>>>> On Mar 14, 2012, at 2:44 PM, Phil Hunt <phil.hunt@oracle.com> =
wrote:
>>>>=20
>>>>> In previous emails, I promised more thoughts on the =
Gateway/targeting issue. In order to support the scope discussion, I put =
a bunch of thoughts together on areas the WG might consider on my blog =
at:
>>>>> =
http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-address.=
html
>>>>>=20
>>>>> I'm still planning to post more info to the list on the specific =
issue of "gatewayed" provisioning (aka targeting).
>>>>>=20
>>>>> Phil
>>>>>=20
>>>>> @independentid
>>>>> www.independentid.com
>>>>> phil.hunt@oracle.com
>>>>>=20
>>>>>=20
>>>>>=20
>>>>>=20
>>>>>=20
>>>>> _______________________________________________
>>>>> scim mailing list
>>>>> scim@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/scim
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_24824B51-013F-4924-9FD0-CD86DBE3CD70
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTUyMTIwNDNaMCMGCSqGSIb3DQEJBDEWBBTZIVNdoByfngyX0Xv/rZfof7gdJzCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAFuDHuBBYhZXzZn5llPUwnCQG1WS9MVOZ6sNbeXwodpkRFW+Vs2+/6l494WDNVTxenje
cvswhr6WuSraXL+K5BGgyx/4+02rXmva7ch7t3Dr+3fNdVRTSPyEjeTWgGMLtm6TuSGJ7ZY6RUjQ
nQgaBAn7V8e49LCx+sS3kt4dmOmFENWEGhM73x5TY5xYEafYR4GPzKKNcTQ1hoAIomvXwQ3axbu1
dsXFYj9vaJ86r5NJAZSy9cc2lMph+dAmezZa8QCSS89c9QbeE0Sw+/tN297/cp9l4m5t6mxVQ+kT
T+I+ugSMjcN8B1Q47hSUGWebMexZZ38Ay/nj0E7BUp+DjQMAAAAAAAA=

--Apple-Mail=_24824B51-013F-4924-9FD0-CD86DBE3CD70--

From michael.brenner@alcatel-lucent.com  Thu Mar 15 14:43:24 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79B9321E802F for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:43:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.742
X-Spam-Level: 
X-Spam-Status: No, score=-7.742 tagged_above=-999 required=5 tests=[AWL=-1.143, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G6e1YJDX0eLd for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:43:23 -0700 (PDT)
Received: from ihemail3.lucent.com (ihemail3.lucent.com [135.245.0.37]) by ietfa.amsl.com (Postfix) with ESMTP id D457721F85CD for <scim@ietf.org>; Thu, 15 Mar 2012 14:43:23 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail3.lucent.com (8.13.8/IER-o) with ESMTP id q2FLhGeM020286 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 16:43:17 -0500 (CDT)
Received: from USNAVSXCHHUB02.ndc.alcatel-lucent.com (usnavsxchhub02.ndc.alcatel-lucent.com [135.3.39.111]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FLhFRY002360 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 16:43:15 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB02.ndc.alcatel-lucent.com ([135.3.39.111]) with mapi; Thu, 15 Mar 2012 16:43:15 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Peter Saint-Andre <stpeter@stpeter.im>, Trey Drake <trey.drake@unboundid.com>
Date: Thu, 15 Mar 2012 16:43:14 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0C5+/o+WT6C7opQm6MsVLY4PyvNAAC8KSw
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im>
In-Reply-To: <4F624D24.8000505@stpeter.im>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.37
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Cc: "'Diodati, Mark'" <Mark.Diodati@gartner.com>, "scim@ietf.org" <scim@ietf.org>, "'Morteza Ansari \(moransar\)'" <moransar@cisco.com>, Salvatore D'Agostino <sal@idmachines.com>, 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 21:43:24 -0000

UGV0ZXIsIGFsbDoNCg0KV2UgYXJlIGluIGFncmVlbWVudCB3aXRoIHJlc3BlY3QgdG8gIjEuIE1h
bmRhdG9yeS10by1pbXBsZW1lbnQuIFRoaXMgbWVhbnMgdGhhdCBpZiB5b3UncmUgd3JpdGluZyBh
IGNvZGUgDQo+IGxpYnJhcnksIGEgc2VydmVyLCBvciBhIGNsaWVudCwgeW91ciBjb2RlIE1VU1Qg
c3VwcG9ydCB0aGUgZmVhdHVyZS4iDQoNCkkgYWxzbyBhZ3JlZSB0aGF0IFNDSU0gc2hvdWxkIHdv
cmsgaW4gY29uanVuY3Rpb24gd2l0aCBkaWZmZXJlbnQgYXV0aG9yaXphdGlvbiBtZWNoYW5pc20s
IGluIHBhcnRpY3VsYXIgT0F1dGggMi4wLg0KDQpCdXQgd2hlbiBpdCBjb21lcyB0byBmb3IgZXhh
bXBsZSB1c2luZyBPQXV0aCAyLjAsIGRvZXMgdGhlIGFib3ZlIHJlYWxseSAiTWFuZGF0b3J5LXRv
LWltcGxlbWVudCIgcmVhbGx5IG1lYW4gdGhpcyBoYXMgdG8gYmUgY2FwdHVyZWQgaW4gU0NJTSBz
cGVjPyBEZXBlbmRpbmcgb24gaG93IHRoaXMgaXMgd29yZGVkLCBpdCBjb3VsZCBiZSBpbnRlcnBy
ZXRlZCBhcyAiU0NJTSBzcGVjIGRvZXMgbm90IHdvcmsgVU5MRVNTIG9uZSBpbXBsZW1lbnRzIE9B
dXRoIDIuMCIsIHdoaWNoIEkgZG9uJ3QgdGhpbmsgaXMgdGhlIGNhc2UuDQoNCkl0IGlzIHRoZXJl
Zm9yZSBpbXBvcnRhbnQgaG93IHN1Y2ggIm1hbmRhdG9yeS10by1pbXBsZW1lbnQiIGlzIHdvcmRl
ZC4gSWYgd2UgaW50ZW5kIHRvIG5vcm1hdGl2ZWx5IHJlZmVyZW5jZSBPQXV0aCAyLjAsIHRoYXQg
d291bGQgYmUgcGVyZmVjdGx5IGZpbmUgaG93ZXZlci4NCg0KTWljaGFlbCANCg0KDQoNCi0tLS0t
T3JpZ2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBQZXRlciBTYWludC1BbmRyZSBbbWFpbHRvOnN0
cGV0ZXJAc3RwZXRlci5pbV0gDQpTZW50OiBUaHVyc2RheSwgTWFyY2ggMTUsIDIwMTIgNDoxMiBQ
TQ0KVG86IFRyZXkgRHJha2UNCkNjOiBTYWx2YXRvcmUgRCdBZ29zdGlubzsgQnJlbm5lciwgTWlj
aGFlbCBSYWxmIChNaWNoYWVsKTsgJ0Rpb2RhdGksIE1hcmsnOyAnU3RlcGhlbiBGYXJyZWxsJzsg
J01vcnRlemEgQW5zYXJpIChtb3JhbnNhciknOyBzY2ltQGlldGYub3JnDQpTdWJqZWN0OiBSZTog
W3NjaW1dIERyYWZ0IGNoYXJ0ZXIgLSB2NA0KDQpPbiAzLzE1LzEyIDk6MjUgQU0sIFRyZXkgRHJh
a2Ugd3JvdGU6DQo+IEknbSBzdXJlIHRoaXMgd2lsbCAob25jZSBhZ2FpbikgYmUgaGVhdmlseSBk
ZWJhdGVkIG9uY2UgdGhlIGdyb3VwIGlzDQo+IGZvcm1lZC4gIEluIHRoZSBwYXN0IHRoZSBiYWxh
bmNpbmcgYWN0IHdhcyBiZW50IHRvd2FyZHMgcHJhZ21hdGlzbTsNCj4gaS5lLiwgd2hhdCBjYW4g
b3JnYW5pemF0aW9ucyBhY3R1YWxseSByb2xsIG91dCBpbiB0aGUgZm9yZXNlZWFibGUNCj4gZnV0
dXJlPyAgVGhlIGFuc3dlciBpcy93YXMgcmVjb21tZW5kYXRpb24gZm9yIE9BdXRoIGJlYXJlciB0
b2tlbnMsDQo+IGxhbmd1YWdlIGVuY291cmFnaW5nIHNlcnZpY2UgcHJvdmlkZXJzIHRvIHJlbWFp
biBmbGV4aWJsZSB3LnIudC4NCj4gYXV0aE4vWiBzY2hlbWVzLCBhbmQgYSBmYWNpbGl0eSBmb3Ig
ZGlzY292ZXJpbmcgdGhlIGF1dGhlbnRpY2F0aW9uDQo+IHNjaGVtZXMgc3VwcG9ydGVkIGJ5IHRo
ZSBzZXJ2aWNlIHByb3ZpZGVyLiAgVGhlIGxhdHRlciAgZW5hYmxlcyBhDQo+IGRldmVsb3Blci9j
b25zdW1lciB0aGUgYWJpbGl0eSB0byBwb2tlIHRocm91Z2ggYW5kIHNlbGVjdCBhbg0KPiBhcHBy
b3ByaWF0ZSBzY2hlbWUuDQoNCkZpcnN0LCB3aXRob3V0IG15IHNwb25zb3JpbmcgQUQgaGF0IG9u
LCBJIGFncmVlIHdpdGggU3RlcGhlbiB0aGF0DQp0aGVyZSdzIGNvbmZ1c2lvbiBhYm91dCB0ZXJt
aW5vbG9neSBoZXJlLiBJbiBJRVRGIHByb3RvY29sIHNwZWNzLCB3ZQ0KdGVuZCB0byBkaWZmZXJl
bnRpYXRlIGFtb25nIHR3byB0aGluZ3M6DQoNCjEuIE1hbmRhdG9yeS10by1pbXBsZW1lbnQuIFRo
aXMgbWVhbnMgdGhhdCBpZiB5b3UncmUgd3JpdGluZyBhIGNvZGUNCmxpYnJhcnksIGEgc2VydmVy
LCBvciBhIGNsaWVudCwgeW91ciBjb2RlIE1VU1Qgc3VwcG9ydCB0aGUgZmVhdHVyZS4NCg0KMi4g
TWFuZGF0b3J5LXRvLWRlcGxveS4gVGhpcyBtZWFucyB0aGF0IGFsbCBzZXJ2aWNlIHByb3ZpZGVy
cyBNVVNUDQphY3R1YWxseSB1c2UgdGhlIGNvZGUgaW4gdGhvc2UgaW1wbGVtZW50YXRpb25zLg0K
DQpXZSB0eXBpY2FsbHkgdGFsayBvbmx5IGFib3V0IG1hbmRhdG9yeS10by1pbXBsZW1lbnQuIFRo
aXMgZW5hYmxlcw0Kc2VydmljZSBwcm92aWRlcnMgdG8gYmUgZmxleGlibGUgaW4gdGhlaXIgZGVw
bG95bWVudHMgd2hpbGUgc3RpbGwNCmVuc3VyaW5nIHRoYXQgd2UgaGF2ZSBhIGJhc2VsaW5lIGZv
ciBpbnRlcm9wZXJhYmlsaXR5LiBFdmVyeXRoaW5nIHlvdQ0KZ3V5cyBoYXZlIGRvbmUgdG8gZW5h
YmxlIGRpc2NvdmVyeSBvZiBzdXBwb3J0ZWQgbWVjaGFuaXNtcyBmaXRzIHJpZ2h0IGluDQp3aXRo
IHRoaXMgd2F5IG9mIHNwZWNpZnlpbmcgdGhlIHByb3RvY29sLiBQbGVhc2UgYWxzbyB1bmRlcnN0
YW5kIHRoYXQNCm1hbmRhdG9yeS10by1pbXBsZW1lbnQgZG9lcyAqbm90KiBtZWFuIHRoYXQgeW91
IGNhbid0IGltcGxlbWVudCBvdGhlcg0KbWVjaGFuaXNtcy4gSXQganVzdCBtZWFucyB0aGF0IGV2
ZXJ5b25lIHdpbGwgaGF2ZSBhdCBsZWFzdCBvbmUgbWVjaGFuaXNtDQppbiBjb21tb24uDQoNClNl
Y29uZCwgd2l0aCBteSBzcG9uc29yaW5nIEFEIGhhdCBvbiwgSSBzdHJvbmdseSBlbmNvdXJhZ2Ug
Zm9sa3MgdG8NCnNwZWNpZnkgYSBtYW5kYXRvcnktdG8taW1wbGVtZW50IGF1dGhvcml6YXRpb24g
dGVjaG5vbG9neSwgZm9yIHRoZQ0KcmVhc29ucyB0aGF0IFN0ZXBoZW4gb3V0bGluZWQuDQoNClBl
dGVyDQoNCi0tIA0KUGV0ZXIgU2FpbnQtQW5kcmUNCmh0dHBzOi8vc3RwZXRlci5pbS8NCg0KDQo=

From stpeter@stpeter.im  Thu Mar 15 14:54:15 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 195D621E802C for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:54:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.7
X-Spam-Level: 
X-Spam-Status: No, score=-102.7 tagged_above=-999 required=5 tests=[AWL=-0.101, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WT+lvs9k3pKU for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 14:54:14 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 9135121E801E for <scim@ietf.org>; Thu, 15 Mar 2012 14:54:14 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id BCC9140058; Thu, 15 Mar 2012 16:06:39 -0600 (MDT)
Message-ID: <4F626503.4020503@stpeter.im>
Date: Thu, 15 Mar 2012 15:54:11 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 21:54:15 -0000

<hat type='individual'/>

On 3/15/12 3:43 PM, Brenner, Michael Ralf (Michael) wrote:
> Peter, all:
> 
> We are in agreement with respect to "1. Mandatory-to-implement. This
> means that if you're writing a code
>> library, a server, or a client, your code MUST support the
>> feature."
> 
> I also agree that SCIM should work in conjunction with different
> authorization mechanism, in particular OAuth 2.0.
> 
> But when it comes to for example using OAuth 2.0, does the above
> really "Mandatory-to-implement" really mean this has to be captured
> in SCIM spec? Depending on how this is worded, it could be
> interpreted as "SCIM spec does not work UNLESS one implements OAuth
> 2.0", which I don't think is the case.

No, it means someone's code can't claim compliance unless it implements
the OAuth 2.0 authorization mechanism. It could, of course, implement
other authorization mechanisms in addition.

IETF specs do this all the time. The example I'm most intimately
familiar with is XMPP. There, we use SASL (RFC 4422) for authentication,
and we mandate support for a specific SASL mechanism (SCRAM = RFC 5802)
as a baseline for intoperability. If we said "you MUST support SASL but
you can use any SASL mechanism you like", then some servers would
implement SCRAM, some DIGEST-MD5, some EXTERNAL, some PLAIN over TLS,
etc., but an XMPP client would never have any assurance that it could
log in anywhere. IETF folks consider that a bad thing, and such an
approach will simply not fly during security review later on.

Let me turn the question on its head: what are we *gaining* by saying
that implementations (*not* deployments) will *not* have a baseline
authorization method?

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From michael.brenner@alcatel-lucent.com  Thu Mar 15 15:02:52 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1CED21E802C for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:02:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.599
X-Spam-Level: 
X-Spam-Status: No, score=-7.599 tagged_above=-999 required=5 tests=[AWL=-1.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZLfC8gOL3zMA for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:02:52 -0700 (PDT)
Received: from ihemail4.lucent.com (ihemail4.lucent.com [135.245.0.39]) by ietfa.amsl.com (Postfix) with ESMTP id 0621721E8010 for <scim@ietf.org>; Thu, 15 Mar 2012 15:02:51 -0700 (PDT)
Received: from usnavsmail4.ndc.alcatel-lucent.com (usnavsmail4.ndc.alcatel-lucent.com [135.3.39.12]) by ihemail4.lucent.com (8.13.8/IER-o) with ESMTP id q2FM2mNv025844 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 17:02:48 -0500 (CDT)
Received: from USNAVSXCHHUB03.ndc.alcatel-lucent.com (usnavsxchhub03.ndc.alcatel-lucent.com [135.3.39.112]) by usnavsmail4.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FM2kcn011702 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 17:02:48 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB03.ndc.alcatel-lucent.com ([135.3.39.112]) with mapi; Thu, 15 Mar 2012 17:02:46 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Peter Saint-Andre <stpeter@stpeter.im>
Date: Thu, 15 Mar 2012 17:02:45 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0C9inT+O82Wm6rStWz9592eiTXwgAABylQ
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D58B2@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F626503.4020503@stpeter.im>
In-Reply-To: <4F626503.4020503@stpeter.im>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.39
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.12
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 22:02:52 -0000

SSB0aGluayBJIGRpZCBub3QgbWFrZSBteXNlbGYgdW5kZXJzdG9vZCB3ZWxsLg0KTXkgcG9pbnQg
aXM6ICJpcyB0aGlzIG1hbmRhdG9yeS10by1pbXBsZW1lbnQiIHBhcnQgYWZmZWN0aW5nIHRoZSB3
YXkgd2UgZW5kIHVwIGRlZmluaW5nIHRoZSBjb3JlIFNDSU0gZmVhdHVyZXM/IEFzIGluICJ0aGlz
IGF1dGhvcml6YXRpb24gbWVjaGFuaXNtIGlzIHNwZWNpZmllZCBhcyBiZWluZyBpbnRlZ3JhbCBw
YXJ0IG9mIFNDSU0iPw0KDQpPZiBjb3Vyc2UgdGhlcmUgaXMgbm8gaGFybSBpbiBzcGVjaWZ5aW5n
IGl0IE1VU1Qgd29yayBXSVRIIE9BdXRoIDIuMC4NCg0KSXQgbG9va3MgbGlrZSB3ZSBoYXZlIHNv
bWUgdGhhdCB3YW50IHRvIG1hbmRhdGUtdG8taW1wbGVtZW50IGFuIGF1dGhvcml6YXRpb24gbWVj
aGFuaXNtIChwcm9iYWJseSBPQXV0aCAyLjApLCBvdGhlcnMgdGhhdCBkb24ndCwgYW5kIHNvbWUg
KG15c2VsZiBhdCBsZWFzdCkgdGhhdCB3YW50IHRvIGJlIGNhcmVmdWwgYWJvdXQgaG93IHdlIG1h
eSBtYW5kYXRlIGl0LCBpZiB3ZSBtYW5kYXRlIGl0Lg0KDQpXZSdsbCBzb3J0IGl0IG91dCBldmVu
dHVhbGx5IEknbSBzdXJlLg0KDQotLS0tLU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQ0KRnJvbTogUGV0
ZXIgU2FpbnQtQW5kcmUgW21haWx0bzpzdHBldGVyQHN0cGV0ZXIuaW1dIA0KU2VudDogVGh1cnNk
YXksIE1hcmNoIDE1LCAyMDEyIDU6NTQgUE0NClRvOiBCcmVubmVyLCBNaWNoYWVsIFJhbGYgKE1p
Y2hhZWwpDQpDYzogc2NpbUBpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtzY2ltXSBEcmFmdCBjaGFy
dGVyIC0gdjQNCg0KPGhhdCB0eXBlPSdpbmRpdmlkdWFsJy8+DQoNCk9uIDMvMTUvMTIgMzo0MyBQ
TSwgQnJlbm5lciwgTWljaGFlbCBSYWxmIChNaWNoYWVsKSB3cm90ZToNCj4gUGV0ZXIsIGFsbDoN
Cj4gDQo+IFdlIGFyZSBpbiBhZ3JlZW1lbnQgd2l0aCByZXNwZWN0IHRvICIxLiBNYW5kYXRvcnkt
dG8taW1wbGVtZW50LiBUaGlzDQo+IG1lYW5zIHRoYXQgaWYgeW91J3JlIHdyaXRpbmcgYSBjb2Rl
DQo+PiBsaWJyYXJ5LCBhIHNlcnZlciwgb3IgYSBjbGllbnQsIHlvdXIgY29kZSBNVVNUIHN1cHBv
cnQgdGhlDQo+PiBmZWF0dXJlLiINCj4gDQo+IEkgYWxzbyBhZ3JlZSB0aGF0IFNDSU0gc2hvdWxk
IHdvcmsgaW4gY29uanVuY3Rpb24gd2l0aCBkaWZmZXJlbnQNCj4gYXV0aG9yaXphdGlvbiBtZWNo
YW5pc20sIGluIHBhcnRpY3VsYXIgT0F1dGggMi4wLg0KPiANCj4gQnV0IHdoZW4gaXQgY29tZXMg
dG8gZm9yIGV4YW1wbGUgdXNpbmcgT0F1dGggMi4wLCBkb2VzIHRoZSBhYm92ZQ0KPiByZWFsbHkg
Ik1hbmRhdG9yeS10by1pbXBsZW1lbnQiIHJlYWxseSBtZWFuIHRoaXMgaGFzIHRvIGJlIGNhcHR1
cmVkDQo+IGluIFNDSU0gc3BlYz8gRGVwZW5kaW5nIG9uIGhvdyB0aGlzIGlzIHdvcmRlZCwgaXQg
Y291bGQgYmUNCj4gaW50ZXJwcmV0ZWQgYXMgIlNDSU0gc3BlYyBkb2VzIG5vdCB3b3JrIFVOTEVT
UyBvbmUgaW1wbGVtZW50cyBPQXV0aA0KPiAyLjAiLCB3aGljaCBJIGRvbid0IHRoaW5rIGlzIHRo
ZSBjYXNlLg0KDQpObywgaXQgbWVhbnMgc29tZW9uZSdzIGNvZGUgY2FuJ3QgY2xhaW0gY29tcGxp
YW5jZSB1bmxlc3MgaXQgaW1wbGVtZW50cw0KdGhlIE9BdXRoIDIuMCBhdXRob3JpemF0aW9uIG1l
Y2hhbmlzbS4gSXQgY291bGQsIG9mIGNvdXJzZSwgaW1wbGVtZW50DQpvdGhlciBhdXRob3JpemF0
aW9uIG1lY2hhbmlzbXMgaW4gYWRkaXRpb24uDQoNCklFVEYgc3BlY3MgZG8gdGhpcyBhbGwgdGhl
IHRpbWUuIFRoZSBleGFtcGxlIEknbSBtb3N0IGludGltYXRlbHkNCmZhbWlsaWFyIHdpdGggaXMg
WE1QUC4gVGhlcmUsIHdlIHVzZSBTQVNMIChSRkMgNDQyMikgZm9yIGF1dGhlbnRpY2F0aW9uLA0K
YW5kIHdlIG1hbmRhdGUgc3VwcG9ydCBmb3IgYSBzcGVjaWZpYyBTQVNMIG1lY2hhbmlzbSAoU0NS
QU0gPSBSRkMgNTgwMikNCmFzIGEgYmFzZWxpbmUgZm9yIGludG9wZXJhYmlsaXR5LiBJZiB3ZSBz
YWlkICJ5b3UgTVVTVCBzdXBwb3J0IFNBU0wgYnV0DQp5b3UgY2FuIHVzZSBhbnkgU0FTTCBtZWNo
YW5pc20geW91IGxpa2UiLCB0aGVuIHNvbWUgc2VydmVycyB3b3VsZA0KaW1wbGVtZW50IFNDUkFN
LCBzb21lIERJR0VTVC1NRDUsIHNvbWUgRVhURVJOQUwsIHNvbWUgUExBSU4gb3ZlciBUTFMsDQpl
dGMuLCBidXQgYW4gWE1QUCBjbGllbnQgd291bGQgbmV2ZXIgaGF2ZSBhbnkgYXNzdXJhbmNlIHRo
YXQgaXQgY291bGQNCmxvZyBpbiBhbnl3aGVyZS4gSUVURiBmb2xrcyBjb25zaWRlciB0aGF0IGEg
YmFkIHRoaW5nLCBhbmQgc3VjaCBhbg0KYXBwcm9hY2ggd2lsbCBzaW1wbHkgbm90IGZseSBkdXJp
bmcgc2VjdXJpdHkgcmV2aWV3IGxhdGVyIG9uLg0KDQpMZXQgbWUgdHVybiB0aGUgcXVlc3Rpb24g
b24gaXRzIGhlYWQ6IHdoYXQgYXJlIHdlICpnYWluaW5nKiBieSBzYXlpbmcNCnRoYXQgaW1wbGVt
ZW50YXRpb25zICgqbm90KiBkZXBsb3ltZW50cykgd2lsbCAqbm90KiBoYXZlIGEgYmFzZWxpbmUN
CmF1dGhvcml6YXRpb24gbWV0aG9kPw0KDQpQZXRlcg0KDQotLSANClBldGVyIFNhaW50LUFuZHJl
DQpodHRwczovL3N0cGV0ZXIuaW0vDQoNCg0K

From phil.hunt@oracle.com  Thu Mar 15 15:04:14 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC23A21E8025 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:04:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.348
X-Spam-Level: 
X-Spam-Status: No, score=-10.348 tagged_above=-999 required=5 tests=[AWL=0.251, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2X8WTofmLDjo for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:04:14 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 138E821E8010 for <scim@ietf.org>; Thu, 15 Mar 2012 15:04:14 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2FM46fj015785 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 22:04:07 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2FM453w027543 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Mar 2012 22:04:06 GMT
Received: from abhmt111.oracle.com (abhmt111.oracle.com [141.146.116.63]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2FM45u9018762; Thu, 15 Mar 2012 17:04:05 -0500
Received: from [192.168.1.8] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 15 Mar 2012 15:04:05 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset=us-ascii
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <4F626503.4020503@stpeter.im>
Date: Thu, 15 Mar 2012 15:04:02 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <AC9E8CA5-3B97-4035-855C-7ADDDCBD38A2@oracle.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F626503.4020503@stpeter.im>
To: Peter Saint-Andre <stpeter@stpeter.im>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
X-CT-RefId: str=0001.0A090207.4F626757.0098,ss=1,re=0.000,fgs=0
Cc: "Brenner, Michael Ralf \(Michael\)" <michael.brenner@alcatel-lucent.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 22:04:15 -0000

It seems to me that BASIC Auth should be MTI (legacy cases).

I'm a bit confused by a recommendation of OAuth2. OAuth2 issues tokens. =
What you mean to say is that clients should be able to use tokens such =
as those issued by OAuth2 or even Kerberos (or even ones issued OOB).

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-15, at 2:54 PM, Peter Saint-Andre wrote:

> <hat type=3D'individual'/>
>=20
> On 3/15/12 3:43 PM, Brenner, Michael Ralf (Michael) wrote:
>> Peter, all:
>>=20
>> We are in agreement with respect to "1. Mandatory-to-implement. This
>> means that if you're writing a code
>>> library, a server, or a client, your code MUST support the
>>> feature."
>>=20
>> I also agree that SCIM should work in conjunction with different
>> authorization mechanism, in particular OAuth 2.0.
>>=20
>> But when it comes to for example using OAuth 2.0, does the above
>> really "Mandatory-to-implement" really mean this has to be captured
>> in SCIM spec? Depending on how this is worded, it could be
>> interpreted as "SCIM spec does not work UNLESS one implements OAuth
>> 2.0", which I don't think is the case.
>=20
> No, it means someone's code can't claim compliance unless it =
implements
> the OAuth 2.0 authorization mechanism. It could, of course, implement
> other authorization mechanisms in addition.
>=20
> IETF specs do this all the time. The example I'm most intimately
> familiar with is XMPP. There, we use SASL (RFC 4422) for =
authentication,
> and we mandate support for a specific SASL mechanism (SCRAM =3D RFC =
5802)
> as a baseline for intoperability. If we said "you MUST support SASL =
but
> you can use any SASL mechanism you like", then some servers would
> implement SCRAM, some DIGEST-MD5, some EXTERNAL, some PLAIN over TLS,
> etc., but an XMPP client would never have any assurance that it could
> log in anywhere. IETF folks consider that a bad thing, and such an
> approach will simply not fly during security review later on.
>=20
> Let me turn the question on its head: what are we *gaining* by saying
> that implementations (*not* deployments) will *not* have a baseline
> authorization method?
>=20
> Peter
>=20
> --=20
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From michael.brenner@alcatel-lucent.com  Thu Mar 15 15:11:16 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5116921E8035 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:11:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.488
X-Spam-Level: 
X-Spam-Status: No, score=-9.488 tagged_above=-999 required=5 tests=[AWL=1.111,  BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 40q2YTHMp+2m for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:11:11 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id F0DC621E802C for <scim@ietf.org>; Thu, 15 Mar 2012 15:11:10 -0700 (PDT)
Received: from usnavsmail2.ndc.alcatel-lucent.com (usnavsmail2.ndc.alcatel-lucent.com [135.3.39.10]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id q2FMB9Q3024066 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 17:11:10 -0500 (CDT)
Received: from USNAVSXCHHUB01.ndc.alcatel-lucent.com (usnavsxchhub01.ndc.alcatel-lucent.com [135.3.39.110]) by usnavsmail2.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2FMB9DZ025004 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 17:11:09 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB01.ndc.alcatel-lucent.com ([135.3.39.110]) with mapi; Thu, 15 Mar 2012 17:11:09 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Phil Hunt <phil.hunt@oracle.com>, Peter Saint-Andre <stpeter@stpeter.im>
Date: Thu, 15 Mar 2012 17:11:08 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0C948Xz2AfN2A4S+a/B4voPFTgegAABLGA
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F3D58C4@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F626503.4020503@stpeter.im> <AC9E8CA5-3B97-4035-855C-7ADDDCBD38A2@oracle.com>
In-Reply-To: <AC9E8CA5-3B97-4035-855C-7ADDDCBD38A2@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.10
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 22:11:16 -0000

Yes, if we refer strictly to the passing of the token in a request header, =
you are correct: the client should be able to include tokens (such as ...).=
 However, the client must somehow also obtain such tokens before using them=
, and mechanisms for obtaining such tokens may differ.

That is why I think the wording regarding what is "mandatory-to-implement" =
as part of SCIM is important. If we limit it to the ability to pass authori=
zation tokens to SCIM resources via SCIM requests, that would be OK for me.

-----Original Message-----
From: Phil Hunt [mailto:phil.hunt@oracle.com]=20
Sent: Thursday, March 15, 2012 6:04 PM
To: Peter Saint-Andre
Cc: Brenner, Michael Ralf (Michael); scim@ietf.org
Subject: Re: [scim] Draft charter - v4

It seems to me that BASIC Auth should be MTI (legacy cases).

I'm a bit confused by a recommendation of OAuth2. OAuth2 issues tokens. Wha=
t you mean to say is that clients should be able to use tokens such as thos=
e issued by OAuth2 or even Kerberos (or even ones issued OOB).

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-15, at 2:54 PM, Peter Saint-Andre wrote:

> <hat type=3D'individual'/>
>=20
> On 3/15/12 3:43 PM, Brenner, Michael Ralf (Michael) wrote:
>> Peter, all:
>>=20
>> We are in agreement with respect to "1. Mandatory-to-implement. This
>> means that if you're writing a code
>>> library, a server, or a client, your code MUST support the
>>> feature."
>>=20
>> I also agree that SCIM should work in conjunction with different
>> authorization mechanism, in particular OAuth 2.0.
>>=20
>> But when it comes to for example using OAuth 2.0, does the above
>> really "Mandatory-to-implement" really mean this has to be captured
>> in SCIM spec? Depending on how this is worded, it could be
>> interpreted as "SCIM spec does not work UNLESS one implements OAuth
>> 2.0", which I don't think is the case.
>=20
> No, it means someone's code can't claim compliance unless it implements
> the OAuth 2.0 authorization mechanism. It could, of course, implement
> other authorization mechanisms in addition.
>=20
> IETF specs do this all the time. The example I'm most intimately
> familiar with is XMPP. There, we use SASL (RFC 4422) for authentication,
> and we mandate support for a specific SASL mechanism (SCRAM =3D RFC 5802)
> as a baseline for intoperability. If we said "you MUST support SASL but
> you can use any SASL mechanism you like", then some servers would
> implement SCRAM, some DIGEST-MD5, some EXTERNAL, some PLAIN over TLS,
> etc., but an XMPP client would never have any assurance that it could
> log in anywhere. IETF folks consider that a bad thing, and such an
> approach will simply not fly during security review later on.
>=20
> Let me turn the question on its head: what are we *gaining* by saying
> that implementations (*not* deployments) will *not* have a baseline
> authorization method?
>=20
> Peter
>=20
> --=20
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


From trey.drake@unboundid.com  Thu Mar 15 15:20:19 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B94821F858B for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:20:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.572
X-Spam-Level: 
X-Spam-Status: No, score=-3.572 tagged_above=-999 required=5 tests=[AWL=0.027,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X1nzmamPGRcC for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:20:18 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 56B0A21F8587 for <scim@ietf.org>; Thu, 15 Mar 2012 15:20:18 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so4101211ghb.31 for <scim@ietf.org>; Thu, 15 Mar 2012 15:20:17 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=IWGhGf26SsPmzhI6FnmLws573QrsPNFF/CDP4fdBSA8=; b=giCTF9o2a0niO7YXfFtMmHELtjod21bLqth3iRUWe4qwcEQmO7VoKUER30SWmjb/ty jSCRJwDap2wHuVoO8gVrackRijVFK0p8O1tF37lH+sGxQPtaDjEocEe4lvRlAZS1u0Us fb/JRrzAcwDDn+9QRdr/I9KH02yGb1jHYMpb54SDgPeD6/s3AmV0aC+GwkiQCScjqZj7 iV4igPCZlyd4dEiQnQMaN5fNFdiZsXBiGgiUQbZGb6IiUXLVbAhgh1FQDgTJ50cAGemb ZJvU2gMuc0pLsQQhpFWFipetcK+ZLjEzgMh2uFUl8AuDAimB+wcx9X3ka8pb3XRk+qND FVCw==
Received: by 10.60.11.228 with SMTP id t4mr289584oeb.68.1331850017749; Thu, 15 Mar 2012 15:20:17 -0700 (PDT)
Received: from [192.168.241.86] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id v10sm3056346obb.4.2012.03.15.15.20.16 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Mar 2012 15:20:17 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_61D215C2-C5FA-4E0A-BE5C-C1E82204F55E"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <AC9E8CA5-3B97-4035-855C-7ADDDCBD38A2@oracle.com>
Date: Thu, 15 Mar 2012 17:20:15 -0500
Message-Id: <A7D7B453-AF0B-4514-AA94-7B131FAFEDB9@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F626503.4020503@stpeter.im> <AC9E8CA5-3B97-4035-855C-7ADDDCBD38A2@oracle.com>
To: Phil Hunt <phil.hunt@oracle.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQlDF4JYdubgSnPajNtq7BYfM0AuJ3n/Ck2BKGFvlRrWoolsMALUAeINVSQkOSAmDZxVN2tz
Cc: "Brenner, Michael Ralf \(Michael\)" <michael.brenner@alcatel-lucent.com>, "scim@ietf.org" <scim@ietf.org>, Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 22:20:19 -0000

--Apple-Mail=_61D215C2-C5FA-4E0A-BE5C-C1E82204F55E
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

What's meant are bearer tokens.  The original question pertained to =
authZ not authN which is the road we attempted to drive around.  Http =
Basic is a sensible authN 'punt' given TLS is required - I'm sure others =
will disagree. =20

Thanks,
Trey
On Mar 15, 2012, at 5:04 PM, Phil Hunt wrote:

> It seems to me that BASIC Auth should be MTI (legacy cases).
>=20
> I'm a bit confused by a recommendation of OAuth2. OAuth2 issues =
tokens. What you mean to say is that clients should be able to use =
tokens such as those issued by OAuth2 or even Kerberos (or even ones =
issued OOB).
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> On 2012-03-15, at 2:54 PM, Peter Saint-Andre wrote:
>=20
>> <hat type=3D'individual'/>
>>=20
>> On 3/15/12 3:43 PM, Brenner, Michael Ralf (Michael) wrote:
>>> Peter, all:
>>>=20
>>> We are in agreement with respect to "1. Mandatory-to-implement. This
>>> means that if you're writing a code
>>>> library, a server, or a client, your code MUST support the
>>>> feature."
>>>=20
>>> I also agree that SCIM should work in conjunction with different
>>> authorization mechanism, in particular OAuth 2.0.
>>>=20
>>> But when it comes to for example using OAuth 2.0, does the above
>>> really "Mandatory-to-implement" really mean this has to be captured
>>> in SCIM spec? Depending on how this is worded, it could be
>>> interpreted as "SCIM spec does not work UNLESS one implements OAuth
>>> 2.0", which I don't think is the case.
>>=20
>> No, it means someone's code can't claim compliance unless it =
implements
>> the OAuth 2.0 authorization mechanism. It could, of course, implement
>> other authorization mechanisms in addition.
>>=20
>> IETF specs do this all the time. The example I'm most intimately
>> familiar with is XMPP. There, we use SASL (RFC 4422) for =
authentication,
>> and we mandate support for a specific SASL mechanism (SCRAM =3D RFC =
5802)
>> as a baseline for intoperability. If we said "you MUST support SASL =
but
>> you can use any SASL mechanism you like", then some servers would
>> implement SCRAM, some DIGEST-MD5, some EXTERNAL, some PLAIN over TLS,
>> etc., but an XMPP client would never have any assurance that it could
>> log in anywhere. IETF folks consider that a bad thing, and such an
>> approach will simply not fly during security review later on.
>>=20
>> Let me turn the question on its head: what are we *gaining* by saying
>> that implementations (*not* deployments) will *not* have a baseline
>> authorization method?
>>=20
>> Peter
>>=20
>> --=20
>> Peter Saint-Andre
>> https://stpeter.im/
>>=20
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_61D215C2-C5FA-4E0A-BE5C-C1E82204F55E
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTUyMjIwMTZaMCMGCSqGSIb3DQEJBDEWBBSuM663Z495FTr/iCT22eKsJbDjTDCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAE21ezr043hY2QJTpFMiHhnBK8tp248kLsX4rU7fNVPisXIJYYuaH5AxtM0I2H9se3bH
sswoGhqfbIy0S3g/n2wux/rfxsznYccqNa7HFsfhLIqjXmj/dbiDpYdczsGDsq01VuZR5jORZsxA
v7f1clAyPdqf9cxMo7I9JySLXcPr5uB/05s/DX4dgkc5+QJpa0H46DVvbpGgJ0Ed0lr/oDMSjpSO
Lh9/szvRMz/lFBm/XMFmZd0lF+T6dRvBsjdcOHfbLGRxtrN0b0Br1k9JEl2HH9Fy56NpFeBapGpo
th4Kju9glJYmMcsw5xdl/7cSRGe5HHZ8W7LWabYrF3v898wAAAAAAAA=

--Apple-Mail=_61D215C2-C5FA-4E0A-BE5C-C1E82204F55E--

From bmilas@courion.com  Thu Mar 15 15:37:17 2012
Return-Path: <bmilas@courion.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6857521F86A8 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:37:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MS88hvGejY+1 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 15:37:16 -0700 (PDT)
Received: from exprod5og111.obsmtp.com (exprod5og111.obsmtp.com [64.18.0.22]) by ietfa.amsl.com (Postfix) with ESMTP id 3156821F86A5 for <scim@ietf.org>; Thu, 15 Mar 2012 15:37:16 -0700 (PDT)
Received: from CRN-CORP-MAIL02.courion.com ([209.236.194.251]) (using TLSv1) by exprod5ob111.postini.com ([64.18.4.12]) with SMTP ID DSNKT2JvE0Nk0ipmmC2NogoZolJiKn6xNvIF@postini.com; Thu, 15 Mar 2012 15:37:16 PDT
Received: from CRN-CORP-MAIL01.courion.com ([fe80::c90d:afa3:ddc0:26e8]) by CRN-CORP-MAIL02.courion.com ([fe80::b56b:d9c6:3747:4f10%13]) with mapi id 14.01.0355.002; Thu, 15 Mar 2012 18:37:06 -0400
From: "Milas, Brian" <bmilas@courion.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>, Phil Hunt <phil.hunt@oracle.com>, Charliemortimore <charliemortimore@gmail.com>
Thread-Topic: [scim] Thoughts on SCIM WG charter
Thread-Index: AQHNAt5AtajE7lhJwk6G3+J0dtx9G5Zr7v8w
Date: Thu, 15 Mar 2012 22:37:06 +0000
Message-ID: <BC570644A78038459DADF92160A80A612F814071@CRN-CORP-MAIL01.courion.com>
References: <421662F7-A0FA-4C21-81C9-857450B09DB4@oracle.com> <612C04D3-3D1C-4095-8E3E-66BD45CE067A@gmail.com> <699AE63C-79E1-40F5-8290-37289EB8C0E0@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34371C63838C@BL2PRD0410MB351.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34371C63838C@BL2PRD0410MB351.namprd04.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.1.1.78]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Thoughts on SCIM WG charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 22:37:17 -0000

We also see value in the hub approach and are interested in collaborating i=
n this area.


Brian Milas
Chief Technology Officer
phone: +1 508 879-8400, ext. 202
bmilas@courion.com=20

Connect with us:
=A0=A0=20
www.courion.com=20
__________________________________________________=20
THIS EMAIL CONTAINS CONFIDENTIAL INFORMATION=20
AND IS INTENDED FOR THE RECIPIENT ONLY.=20
PLEASE DELETE THIS IF YOU HAVE RECEIVED=20
IT IN ERROR.=20




-----Original Message-----
From: Kelly Grizzle [mailto:kelly.grizzle@sailpoint.com]=20
Sent: Thursday, March 15, 2012 2:18 PM
To: Phil Hunt; Charliemortimore
Cc: scim@ietf.org
Subject: Re: [scim] Thoughts on SCIM WG charter

Phil,

Thanks for the great write-up.  I agree that the hub concept is highly rele=
vant, and have actually been spending a fair amount of energy thinking abou=
t how this might look in SCIM.  In my mind there are two types of gateways:=
 a provisioning hub and an identity hub.  A provisioning hub knows nothing =
about the person -> user relationship.  It simply provides a single SCIM-en=
abled endpoint that can manage accounts on different targets.  Similarly, a=
n identity hub allows managing accounts on different targets, but also main=
tains the person -> user relationships.  Both have the firewall, single pro=
tocol, etc... benefits that you mentioned, but the latter is more suited to=
 the IdM use cases that SPML addresses.  I think that both are useful, so w=
e should consider making the person -> user relationship an optional part o=
f targeting/routing.

I have some ideas on how this may fit into SCIM and would be happy to colla=
borate and help lead this effort.

Taking a step back ... while there is a strong need for this, I also think =
that a majority of the SCIM service providers are not going to be serving a=
s a hub (ie - they will only be managing their own users), so targeting sho=
uld optional.

--Kelly


-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phi=
l Hunt
Sent: Wednesday, March 14, 2012 6:49 PM
To: Charliemortimore
Cc: scim@ietf.org
Subject: Re: [scim] Thoughts on SCIM WG charter

Chuck,

Agreed. Routing shouldn't be specific. The concern is that the client shoul=
d not have direct knowledge of internal endpoints.  In this case, I think t=
he routing requirement is "logical".   Create a Mail account, create a CRM =
account, and so on.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-14, at 4:35 PM, Charliemortimore wrote:

> Hey Phil - good, thoughtful writeup.  =20
>=20
> I agree the notion of gateways/hubs are a reality.  Not yet convinced the=
 client needs to ( or even should have ) knowledge/power over the routing d=
ecisions, at least in v1.   Look forward to discussion and evolving my thin=
king on this. =20
>=20
> - cmort
>=20
> On Mar 14, 2012, at 2:44 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
>=20
>> In previous emails, I promised more thoughts on the Gateway/targeting is=
sue. In order to support the scope discussion, I put a bunch of thoughts to=
gether on areas the WG might consider on my blog at:
>> http://www.independentid.com/2012/03/scim-what-should-new-scim-wg-addres=
s.html
>>=20
>> I'm still planning to post more info to the list on the specific issue o=
f "gatewayed" provisioning (aka targeting).
>>=20
>> Phil
>>=20
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>=20
>>=20
>>=20
>>=20
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim




From stpeter@stpeter.im  Thu Mar 15 16:25:20 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A201C21E8043 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 16:25:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.699
X-Spam-Level: 
X-Spam-Status: No, score=-102.699 tagged_above=-999 required=5 tests=[AWL=-0.100, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ab4ZW1LwZ0Wq for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 16:25:20 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 05A3721E8044 for <scim@ietf.org>; Thu, 15 Mar 2012 16:25:20 -0700 (PDT)
Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id E968040058; Thu, 15 Mar 2012 17:37:45 -0600 (MDT)
Message-ID: <4F627A5E.20003@stpeter.im>
Date: Thu, 15 Mar 2012 17:25:18 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F626503.4020503@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D58B2@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F3D58B2@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 23:25:20 -0000

On 3/15/12 4:02 PM, Brenner, Michael Ralf (Michael) wrote:
> I think I did not make myself understood well.
> My point is: "is this mandatory-to-implement" part affecting the way we end up defining the core SCIM features? As in "this authorization mechanism is specified as being integral part of SCIM"?
> 
> Of course there is no harm in specifying it MUST work WITH OAuth 2.0.
> 
> It looks like we have some that want to mandate-to-implement an authorization mechanism (probably OAuth 2.0), others that don't, and some (myself at least) that want to be careful about how we may mandate it, if we mandate it.
> 
> We'll sort it out eventually I'm sure.

Well, Stephen seemed to think you'd need authorization to determine if a
given entity was allowed to perform a given operation. For example, who
is authorized to move UserA from Domain1 to Domain2? So yes, let's
explore whether we need authorization first, then have a discussion
about whether we need an MTI mechanism for that function.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From moransar@cisco.com  Thu Mar 15 17:49:33 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90F9D21E8056 for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 17:49:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.522
X-Spam-Level: 
X-Spam-Status: No, score=-10.522 tagged_above=-999 required=5 tests=[AWL=0.077, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A-Fy3exbDQvF for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 17:49:32 -0700 (PDT)
Received: from mtv-iport-2.cisco.com (mtv-iport-2.cisco.com [173.36.130.13]) by ietfa.amsl.com (Postfix) with ESMTP id D83F321E800F for <scim@ietf.org>; Thu, 15 Mar 2012 17:49:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=1947; q=dns/txt; s=iport; t=1331858973; x=1333068573; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=OG80SX6JUGLL50j3MHKXV4h+5dAI/3ZLpt8yq9Dx/SI=; b=h85odqdWknk50aOzXNDwxYP1J4VK1Ctx5jQnkWBDZq+pgRjzR9qx3A+d q+MdCIwlBkCG5iosf5wStlRZ2o5L+9YevpZW6bpB4bC6B9MZEE9rhIfad susZpinAIrebLv6ET6NQHhj4x1xEL7Lv/hwOFXOzDUUeLiHR0fYTTPQpN Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAK6NYk+rRDoI/2dsb2JhbABCti6BB4IJAQEBBAEBAQ8BHQo0CwwEAgEIEQQBAQEKBhcBBgEmHwkIAQEEEwgah2cBC5pxnwIEkCRjBIhXm0mBaIME
X-IronPort-AV: E=Sophos;i="4.73,593,1325462400"; d="scan'208";a="36345715"
Received: from mtv-core-3.cisco.com ([171.68.58.8]) by mtv-iport-2.cisco.com with ESMTP; 16 Mar 2012 00:49:31 +0000
Received: from xbh-rcd-201.cisco.com (xbh-rcd-201.cisco.com [72.163.62.200]) by mtv-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2G0nUo5001753; Fri, 16 Mar 2012 00:49:30 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-201.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Thu, 15 Mar 2012 19:49:30 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 15 Mar 2012 19:49:29 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEE6340D@XMB-RCD-313.cisco.com>
In-Reply-To: <4F627A5E.20003@stpeter.im>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0DAuSYIrVZqj9VRTK/NzV0d98y9AACvxqw
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com><4F61BFBF.7090408@cs.tcd.ie><219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com><4F61EA5B.70207@cs.tcd.ie><219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com><4F61EF05.2050608@cs.tcd.ie><219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com><3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com><20120315142531.0795721F85D3@ietfa.amsl.com><048101cd02bb$630033f0$29009bd0$@com><9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com><4F624D24.8000505@stpeter.im><219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com><4F626503.4020503@stpeter.im><219947F0B2242843A0A1E62FDB510DC0250F3D58B2@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F627A5E.20003@stpeter.im>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Peter Saint-Andre" <stpeter@stpeter.im>, "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
X-OriginalArrivalTime: 16 Mar 2012 00:49:30.0012 (UTC) FILETIME=[A53A9DC0:01CD030E]
Cc: scim@ietf.org
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 00:49:33 -0000

I think this is all good discussion and I think in due time we will have
to come up with decisions on both fronts (what authorization we need in
place, and what mechanism, if any needs to be mandatory to implement).
However, I don't think we need to decide on what the answer is right
now.

Going back to the charter discussion, I like Peter's suggestion of
removing the third bullet from the proposed charter.  What do others
think?  Anyone object?


Cheers,
Morteza

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Peter Saint-Andre
Sent: Thursday, March 15, 2012 4:25 PM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org
Subject: Re: [scim] Draft charter - v4

On 3/15/12 4:02 PM, Brenner, Michael Ralf (Michael) wrote:
> I think I did not make myself understood well.
> My point is: "is this mandatory-to-implement" part affecting the way
we end up defining the core SCIM features? As in "this authorization
mechanism is specified as being integral part of SCIM"?
>=20
> Of course there is no harm in specifying it MUST work WITH OAuth 2.0.
>=20
> It looks like we have some that want to mandate-to-implement an
authorization mechanism (probably OAuth 2.0), others that don't, and
some (myself at least) that want to be careful about how we may mandate
it, if we mandate it.
>=20
> We'll sort it out eventually I'm sure.

Well, Stephen seemed to think you'd need authorization to determine if a
given entity was allowed to perform a given operation. For example, who
is authorized to move UserA from Domain1 to Domain2? So yes, let's
explore whether we need authorization first, then have a discussion
about whether we need an MTI mechanism for that function.

Peter

--
Peter Saint-Andre
https://stpeter.im/


_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From trey.drake@unboundid.com  Thu Mar 15 17:55:47 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E032C21E804A for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 17:55:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.901
X-Spam-Level: 
X-Spam-Status: No, score=-2.901 tagged_above=-999 required=5 tests=[AWL=-0.698, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ksb+t1bSfLwi for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 17:55:46 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id 6A9C921E8049 for <scim@ietf.org>; Thu, 15 Mar 2012 17:55:46 -0700 (PDT)
Received: by yenm5 with SMTP id m5so4207090yen.31 for <scim@ietf.org>; Thu, 15 Mar 2012 17:55:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=references:in-reply-to:mime-version:content-transfer-encoding :content-type:message-id:cc:x-mailer:from:subject:date:to :x-gm-message-state; bh=jOtl36+zJxkpVAzv8St0LiOS4nUBhl7vTL+TDFphYWY=; b=LV77H52OkCeET0a5+sikMs13cknQ0k5wLjkGisdrzpo3VWct0hVXsUVZVuBYh5n084 hLf+ii6hChT8s9QsJppfJz6swaro3NX1IymWbDkH0x1aiTTNM0PFJMl/3Ftjqef8Vl+T 7Of/apgMNUVD9GxyT8gRzx5fW/lgW1oD4e4xWXwIqxAmmjLHeTRHutTPXFrXT9GRJALE 96cz7kalKvgy1yuaq7z8MMIr2yL9f05IKMAZJijkRTSMs5mqnNbSZQDNauTqJnjvxHAd q52UVeZQu4i5B92OfjMGBPvDdsS1FpS38QQjLN/AafIjkutWR1lsERBRRNA9l7Pms63x svqA==
Received: by 10.182.159.65 with SMTP id xa1mr815206obb.25.1331859345917; Thu, 15 Mar 2012 17:55:45 -0700 (PDT)
Received: from [10.0.1.24] (cpe-66-69-203-135.austin.res.rr.com. [66.69.203.135]) by mx.google.com with ESMTPS id h7sm2675834oeh.9.2012.03.15.17.55.45 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Mar 2012 17:55:45 -0700 (PDT)
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F626503.4020503@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D58B2@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F627A5E.20003@stpeter.im> <93C6FB63F046384C86EC8F7F3FFEC7BEE6340D@XMB-RCD-313.cisco.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEE6340D@XMB-RCD-313.cisco.com>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Message-Id: <DCC6DEA0-BC8B-4878-8242-650583C4CDC3@unboundid.com>
X-Mailer: iPhone Mail (9B179)
From: Trey Drake <trey.drake@unboundid.com>
Date: Thu, 15 Mar 2012 19:55:42 -0500
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
X-Gm-Message-State: ALoCoQnXe+ofa2UGXZRh7HDJctjlzXx/1LFEia4ZM5SY0m8LB4UKxv0acLR86ti6ikyqWOQvO1X+
Cc: "Brenner, Michael Ralf\(Michael\)" <michael.brenner@alcatel-lucent.com>, "scim@ietf.org" <scim@ietf.org>, Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 00:55:48 -0000

Makes sense to me - remove it.




On Mar 15, 2012, at 7:49 PM, "Morteza Ansari (moransar)" <moransar@cisco.com=
> wrote:

> I think this is all good discussion and I think in due time we will have
> to come up with decisions on both fronts (what authorization we need in
> place, and what mechanism, if any needs to be mandatory to implement).
> However, I don't think we need to decide on what the answer is right
> now.
>=20
> Going back to the charter discussion, I like Peter's suggestion of
> removing the third bullet from the proposed charter.  What do others
> think?  Anyone object?
>=20
>=20
> Cheers,
> Morteza
>=20
> -----Original Message-----
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
> Peter Saint-Andre
> Sent: Thursday, March 15, 2012 4:25 PM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org
> Subject: Re: [scim] Draft charter - v4
>=20
> On 3/15/12 4:02 PM, Brenner, Michael Ralf (Michael) wrote:
>> I think I did not make myself understood well.
>> My point is: "is this mandatory-to-implement" part affecting the way
> we end up defining the core SCIM features? As in "this authorization
> mechanism is specified as being integral part of SCIM"?
>>=20
>> Of course there is no harm in specifying it MUST work WITH OAuth 2.0.
>>=20
>> It looks like we have some that want to mandate-to-implement an
> authorization mechanism (probably OAuth 2.0), others that don't, and
> some (myself at least) that want to be careful about how we may mandate
> it, if we mandate it.
>>=20
>> We'll sort it out eventually I'm sure.
>=20
> Well, Stephen seemed to think you'd need authorization to determine if a
> given entity was allowed to perform a given operation. For example, who
> is authorized to move UserA from Domain1 to Domain2? So yes, let's
> explore whether we need authorization first, then have a discussion
> about whether we need an MTI mechanism for that function.
>=20
> Peter
>=20
> --
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From michael.brenner@alcatel-lucent.com  Thu Mar 15 18:20:14 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01D0B21F85EE for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 18:20:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level: 
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[AWL=1.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gsaW81OZb1OY for <scim@ietfa.amsl.com>; Thu, 15 Mar 2012 18:20:13 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id 715B521F85EC for <scim@ietf.org>; Thu, 15 Mar 2012 18:20:13 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id q2G1JU6X009970 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 20:19:31 -0500 (CDT)
Received: from USNAVSXCHHUB01.ndc.alcatel-lucent.com (usnavsxchhub01.ndc.alcatel-lucent.com [135.3.39.110]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2G1JTKm028593 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 15 Mar 2012 20:19:30 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB01.ndc.alcatel-lucent.com ([135.3.39.110]) with mapi; Thu, 15 Mar 2012 20:19:29 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Peter Saint-Andre <stpeter@stpeter.im>
Date: Thu, 15 Mar 2012 20:19:28 -0500
Thread-Topic: [scim] Draft charter - v4
Thread-Index: Ac0DAuQSwDXboD0VS06aeAYi61X+ugAD4DUg
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F54BDA5@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEE62EFE@XMB-RCD-313.cisco.com> <4F61BFBF.7090408@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54D7@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EA5B.70207@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D54EF@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F61EF05.2050608@cs.tcd.ie> <219947F0B2242843A0A1E62FDB510DC0250F3D5514@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <3148CB4F-6BFD-44CE-97E6-58DD8FF16CF6@unboundid.com> <20120315142531.0795721F85D3@ietfa.amsl.com> <048101cd02bb$630033f0$29009bd0$@com> <9BBAC6BD-7BEF-4DEC-AF12-C5626820FE85@unboundid.com> <4F624D24.8000505@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D589B@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F626503.4020503@stpeter.im> <219947F0B2242843A0A1E62FDB510DC0250F3D58B2@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F627A5E.20003@stpeter.im>
In-Reply-To: <4F627A5E.20003@stpeter.im>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Draft charter - v4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 01:20:14 -0000

Tm8gZG91YnQgc29tZXRoaW5nIHRoYXQgbmVlZHMgc29ydGVkIG91dC4NCk1pY2hhZWwNCg0KLS0t
LS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206IFBldGVyIFNhaW50LUFuZHJlIFttYWlsdG86
c3RwZXRlckBzdHBldGVyLmltXSANClNlbnQ6IFRodXJzZGF5LCBNYXJjaCAxNSwgMjAxMiA3OjI1
IFBNDQpUbzogQnJlbm5lciwgTWljaGFlbCBSYWxmIChNaWNoYWVsKQ0KQ2M6IHNjaW1AaWV0Zi5v
cmcNClN1YmplY3Q6IFJlOiBbc2NpbV0gRHJhZnQgY2hhcnRlciAtIHY0DQoNCk9uIDMvMTUvMTIg
NDowMiBQTSwgQnJlbm5lciwgTWljaGFlbCBSYWxmIChNaWNoYWVsKSB3cm90ZToNCj4gSSB0aGlu
ayBJIGRpZCBub3QgbWFrZSBteXNlbGYgdW5kZXJzdG9vZCB3ZWxsLg0KPiBNeSBwb2ludCBpczog
ImlzIHRoaXMgbWFuZGF0b3J5LXRvLWltcGxlbWVudCIgcGFydCBhZmZlY3RpbmcgdGhlIHdheSB3
ZSBlbmQgdXAgZGVmaW5pbmcgdGhlIGNvcmUgU0NJTSBmZWF0dXJlcz8gQXMgaW4gInRoaXMgYXV0
aG9yaXphdGlvbiBtZWNoYW5pc20gaXMgc3BlY2lmaWVkIGFzIGJlaW5nIGludGVncmFsIHBhcnQg
b2YgU0NJTSI/DQo+IA0KPiBPZiBjb3Vyc2UgdGhlcmUgaXMgbm8gaGFybSBpbiBzcGVjaWZ5aW5n
IGl0IE1VU1Qgd29yayBXSVRIIE9BdXRoIDIuMC4NCj4gDQo+IEl0IGxvb2tzIGxpa2Ugd2UgaGF2
ZSBzb21lIHRoYXQgd2FudCB0byBtYW5kYXRlLXRvLWltcGxlbWVudCBhbiBhdXRob3JpemF0aW9u
IG1lY2hhbmlzbSAocHJvYmFibHkgT0F1dGggMi4wKSwgb3RoZXJzIHRoYXQgZG9uJ3QsIGFuZCBz
b21lIChteXNlbGYgYXQgbGVhc3QpIHRoYXQgd2FudCB0byBiZSBjYXJlZnVsIGFib3V0IGhvdyB3
ZSBtYXkgbWFuZGF0ZSBpdCwgaWYgd2UgbWFuZGF0ZSBpdC4NCj4gDQo+IFdlJ2xsIHNvcnQgaXQg
b3V0IGV2ZW50dWFsbHkgSSdtIHN1cmUuDQoNCldlbGwsIFN0ZXBoZW4gc2VlbWVkIHRvIHRoaW5r
IHlvdSdkIG5lZWQgYXV0aG9yaXphdGlvbiB0byBkZXRlcm1pbmUgaWYgYQ0KZ2l2ZW4gZW50aXR5
IHdhcyBhbGxvd2VkIHRvIHBlcmZvcm0gYSBnaXZlbiBvcGVyYXRpb24uIEZvciBleGFtcGxlLCB3
aG8NCmlzIGF1dGhvcml6ZWQgdG8gbW92ZSBVc2VyQSBmcm9tIERvbWFpbjEgdG8gRG9tYWluMj8g
U28geWVzLCBsZXQncw0KZXhwbG9yZSB3aGV0aGVyIHdlIG5lZWQgYXV0aG9yaXphdGlvbiBmaXJz
dCwgdGhlbiBoYXZlIGEgZGlzY3Vzc2lvbg0KYWJvdXQgd2hldGhlciB3ZSBuZWVkIGFuIE1USSBt
ZWNoYW5pc20gZm9yIHRoYXQgZnVuY3Rpb24uDQoNClBldGVyDQoNCi0tIA0KUGV0ZXIgU2FpbnQt
QW5kcmUNCmh0dHBzOi8vc3RwZXRlci5pbS8NCg0KDQo=

From lear@cisco.com  Fri Mar 16 00:58:01 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C148821F876F for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 00:58:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.547
X-Spam-Level: 
X-Spam-Status: No, score=-110.547 tagged_above=-999 required=5 tests=[AWL=0.051, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UIOav98KfbWu for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 00:58:01 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id EC67821F85B8 for <scim@ietf.org>; Fri, 16 Mar 2012 00:58:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=1996; q=dns/txt; s=iport; t=1331884681; x=1333094281; h=message-id:date:from:mime-version:to:subject; bh=8x3V+tnOlHWlZRFdyIutNqd+uE+uSxMbcNJa5LSJXSs=; b=fLTWLu5ESuldta92khmeio4LNcVg0rKRZU1f3yAKzo0OW1CGTj9yNgzH fs4GiVs+34dYqgDGm8j75gfYUOURK1nWY6BSjBw9N7n6eP91jcKJ2nRFP i4SlWamalAFaBtEJ28pRiZ4BaSuEe1cNCrM4my+sOXkAAmw0T+GFvQTEX w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAN7xYk+Q/khM/2dsb2JhbABDhT2wdIEHggAFHQEQVR8BHRYLAgsDAgECAT8MDQgBAR6FJgeCKRKZSoEnjQSReo9jgRYElWKOP4Fogmc
X-IronPort-AV: E=Sophos;i="4.73,597,1325462400"; d="scan'208,217";a="68619616"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 16 Mar 2012 07:57:59 +0000
Received: from dhcp-10-55-82-125.cisco.com (dhcp-10-55-82-125.cisco.com [10.55.82.125]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2G7vxSk018519 for <scim@ietf.org>; Fri, 16 Mar 2012 07:57:59 GMT
Message-ID: <4F62F287.2000809@cisco.com>
Date: Fri, 16 Mar 2012 08:57:59 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------080608030905030802080301"
Subject: [scim] charter and odds and ends
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 07:58:01 -0000

This is a multi-part message in MIME format.
--------------080608030905030802080301
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Hi everyone,

Based on discussion I am in the process of updating the draft charter
(based on -4) as follows:

  * Inserting some wording around consideration of the multipoint use
    case that Phil has raised.
  * Removal of the one out-of-scope line as suggested by Peter & Morteza.
  * Re-insertion of the simplecloud.info URL for reference.
  * Updating of draft names based on what has been posted


Two points:

 1. I don't actually see the LDAP mapping document anywhere.  Is there
    one?  How critical is this to have?
 2. There exists a usage scenarios document.  Is that also something we
    want to adopt?

Eliot


--------------080608030905030802080301
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi everyone,<br>
    <br>
    Based on discussion I am in the process of updating the draft
    charter (based on -4) as follows:<br>
    <ul>
      <li>Inserting some wording around consideration of the multipoint
        use case that Phil has raised.</li>
      <li>Removal of the one out-of-scope line as suggested by Peter
        &amp; Morteza.</li>
      <li>Re-insertion of the simplecloud.info URL for reference.</li>
      <li>Updating of draft names based on what has been posted</li>
    </ul>
    <p><br>
      Two points:<br>
    </p>
    <ol>
      <li>I don't actually see the LDAP mapping document anywhere.  Is
        there one?  How critical is this to have?</li>
      <li>There exists a usage scenarios document.  Is that also
        something we want to adopt?</li>
    </ol>
    <p>Eliot<br>
    </p>
  </body>
</html>

--------------080608030905030802080301--

From lear@cisco.com  Fri Mar 16 01:06:36 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE80721F8711 for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 01:06:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.548
X-Spam-Level: 
X-Spam-Status: No, score=-110.548 tagged_above=-999 required=5 tests=[AWL=0.051, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aSgQiDn1VnkT for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 01:06:36 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id A874A21F86FD for <scim@ietf.org>; Fri, 16 Mar 2012 01:06:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=1123; q=dns/txt; s=iport; t=1331885196; x=1333094796; h=message-id:date:from:mime-version:to:cc:subject: content-transfer-encoding; bh=VPM8+MPnlD2GtX6ifLVCoaRi1UKNIQ2TCCpRKzzzXdw=; b=A1VDjzh51NROr+r/UGbN/oVPRd7DfHgBhV4qmg0Cj/rTMZy00YmQpP79 lAZsPf6vF6vR/OdW6XV52XT6ODCIWnRow0G4GXEQSxykiL1eA1r3QUS8e vPECQsDvFyTJ4iuV/vxKkeHhGqeE6tHz19nKrTTjwjsEyj4e6rN+8HJuE 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAMnzYk+Q/khM/2dsb2JhbABDhT2wdIEHgiIBEA8BPwYBNQIFFgsCCwMCAQIBWAEHAQEeh2iac40EkXqBL4woggyBFgSVYo4/gWiCZw
X-IronPort-AV: E=Sophos;i="4.73,597,1325462400"; d="scan'208";a="132495502"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-1.cisco.com with ESMTP; 16 Mar 2012 08:06:34 +0000
Received: from dhcp-10-55-82-125.cisco.com (dhcp-10-55-82-125.cisco.com [10.55.82.125]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2G86YEK020422; Fri, 16 Mar 2012 08:06:34 GMT
Message-ID: <4F62F489.4070805@cisco.com>
Date: Fri, 16 Mar 2012 09:06:33 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: secretariat@ietf.org
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: "scim@ietf.org" <scim@ietf.org>, Wanda Lo <wlo@amsl.com>, Peter Saint-Andre <stpeter@stpeter.im>, "Steven M. Bellovin" <smb@cs.columbia.edu>
Subject: [scim] Agenda for the SCIM BoF
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 08:06:36 -0000

Dear Secretariat,

Please accept as the agenda for the SCIM BoF the following draft agenda.

Thanks,

On behalf of my co-chair Steve Bellovin,

Eliot Lear

 9:00 –  9:02   I    Agenda Bashing
 9:02 –  9:15   II   Introduction by the chairs, and a description 
                     of the BoF process, including potential outcomes
 9:15 –  9:40   III  Description of the pre-provisioning problem, why this
                     is important, and relation to existing work (Morteza Ansari)
 9:40 – 10:20	IV   Overview of SCIM documents (Trey Drake)
10:20 - 10:35   V    Multipoint Provisioning (Phil Hunt)
10:35 – 11:00	VI   Discussion (Chairs introduce the questions below)
11:00 – 11:05	VII  Questions from the Chair (chairs)
		  A.   Do we agree there is a problem?
		  B.   Is SCIM the right starting point?
		  C.   Is this something the IETF should do?
		  D.   Do we have volunteers to
			 (1) edit/author the drafts?
			 (2) review the drafts?
11:05 – 11:25	VIII Introduction of the charter and discussion (chairs)
11:25 – 11:30	IX   Should we have a WG? (A hum) (Chairs/AD)



From stpeter@stpeter.im  Fri Mar 16 08:28:58 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2619B21F85A3 for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 08:28:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.64
X-Spam-Level: 
X-Spam-Status: No, score=-102.64 tagged_above=-999 required=5 tests=[AWL=-0.041, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dmrS3uO52Va3 for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 08:28:57 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 6896021F85A1 for <scim@ietf.org>; Fri, 16 Mar 2012 08:28:57 -0700 (PDT)
Received: from squire.local (unknown [72.163.0.129]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 5C8D440058 for <scim@ietf.org>; Fri, 16 Mar 2012 09:41:25 -0600 (MDT)
Message-ID: <4F635C37.1010905@stpeter.im>
Date: Fri, 16 Mar 2012 09:28:55 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
References: <20120315184538.26489.57916.idtracker@ietfa.amsl.com> <4F624846.2050400@stpeter.im>
In-Reply-To: <4F624846.2050400@stpeter.im>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [scim] Fwd: I-D ACTION:draft-scim-api-00.txt
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 15:28:58 -0000

It seems that the announcement messages contained the wrong URLs. The
correct URLs are:

http://www.ietf.org/internet-drafts/draft-scim-api-00.txt

and:

http://www.ietf.org/internet-drafts/draft-scim-core-schema-00.txt

Sorry about the confusion!

Peter

On 3/15/12 1:51 PM, Peter Saint-Andre wrote:
> FYI. Thanks to Trey for sending these to me so quickly.
> 
> -------- Original Message --------
> Subject: I-D ACTION:draft-scim-api-00.txt
> Date: Thu, 15 Mar 2012 11:45:38 -0700
> From: Internet-Drafts@ietf.org
> Reply-To: internet-drafts@ietf.org
> To: i-d-announce@ietf.org
> 
> A new Internet-Draft is available from the on-line Internet-Drafts
> directories.
> 
> 
>     Title         : Simple Cloud Identity Management: Protocol 1.0
>     Author(s)     : C. Mortimore, et al
>     Filename      : draft-scim-api
>     Pages         : 45
>     Date          : March 15, 2012
> 
>    The Simple Cloud Identity Management (SCIM) specification is designed
>    to make managing user identity in cloud based applications and
>    services easier.  The specification suite seeks to build upon
>    experience with existing schemas and deployments, placing specific
>    emphasis on simplicity of development and integration, while applying
>    existing authentication, authorization, and privacy models.  It&#39;s
>    intent is to reduce the cost and complexity of user management
>    operations by providing a common user schema and extension model, as
>    well as binding documents to provide patterns for exchanging this
>    schema using standard protocols.  In essence, make it fast, cheap,
>    and easy to move users in to, out of, and around the cloud.
> 
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-scim-api
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> Below is the data which will enable a MIME compliant mail reader
> implementation to automatically retrieve the ASCII version of the
> Internet-Draft.
> 
> 
> 
> 
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


-- 
Peter Saint-Andre
https://stpeter.im/



From huilan.lu@alcatel-lucent.com  Fri Mar 16 11:12:03 2012
Return-Path: <huilan.lu@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A41721F8638 for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 11:12:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level: 
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tE-ZY1e9Taji for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 11:12:02 -0700 (PDT)
Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by ietfa.amsl.com (Postfix) with ESMTP id 29F3521F8636 for <scim@ietf.org>; Fri, 16 Mar 2012 11:12:02 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id q2GIC0e6022084 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 16 Mar 2012 13:12:00 -0500 (CDT)
Received: from USNAVSXCHHUB02.ndc.alcatel-lucent.com (usnavsxchhub02.ndc.alcatel-lucent.com [135.3.39.111]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2GIC0Us005262 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Fri, 16 Mar 2012 13:12:00 -0500
Received: from USNAVSXCHMBSB3.ndc.alcatel-lucent.com ([135.3.39.136]) by USNAVSXCHHUB02.ndc.alcatel-lucent.com ([135.3.39.111]) with mapi; Fri, 16 Mar 2012 13:12:00 -0500
From: "Lu, Hui-Lan (Huilan)" <huilan.lu@alcatel-lucent.com>
To: "'Eliot Lear'" <lear@cisco.com>, "scim@ietf.org" <scim@ietf.org>
Date: Fri, 16 Mar 2012 13:11:59 -0500
Thread-Topic: [scim] charter and odds and ends
Thread-Index: Ac0DSoYF8sNSglANRvShf5//4bv/7wAVOCsw
Message-ID: <0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87D@USNAVSXCHMBSB3.ndc.alcatel-lucent.com>
References: <4F62F287.2000809@cisco.com>
In-Reply-To: <4F62F287.2000809@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87DUSNAVSXCHMBSB_"
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Subject: Re: [scim] charter and odds and ends
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 18:12:03 -0000

--_000_0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87DUSNAVSXCHMBSB_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

KzEgZm9yIHRoZSB1c2UgY2FzZSBkb2N1bWVudCwgd2hpY2ggSSBmb3VuZCB1c2VmdWwuIEdvaW5n
IGZvcndhcmQsIGl0IHdvdWxkIGJlIGRlc2lyYWJsZSB0byBhdWdtZW50IGl0IHRvIGNhcHR1cmUg
aW1wb3J0YW50IHJlcXVpcmVtZW50cyB0b28uDQoNCkh1aWxhbiBMdQ0KDQpGcm9tOiBzY2ltLWJv
dW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBP
ZiBFbGlvdCBMZWFyDQpTZW50OiBGcmlkYXksIE1hcmNoIDE2LCAyMDEyIDM6NTggQU0NClRvOiBz
Y2ltQGlldGYub3JnDQpTdWJqZWN0OiBbc2NpbV0gY2hhcnRlciBhbmQgb2RkcyBhbmQgZW5kcw0K
DQpIaSBldmVyeW9uZSwNCg0KQmFzZWQgb24gZGlzY3Vzc2lvbiBJIGFtIGluIHRoZSBwcm9jZXNz
IG9mIHVwZGF0aW5nIHRoZSBkcmFmdCBjaGFydGVyIChiYXNlZCBvbiAtNCkgYXMgZm9sbG93czoN
Cg0KICogICBJbnNlcnRpbmcgc29tZSB3b3JkaW5nIGFyb3VuZCBjb25zaWRlcmF0aW9uIG9mIHRo
ZSBtdWx0aXBvaW50IHVzZSBjYXNlIHRoYXQgUGhpbCBoYXMgcmFpc2VkLg0KICogICBSZW1vdmFs
IG9mIHRoZSBvbmUgb3V0LW9mLXNjb3BlIGxpbmUgYXMgc3VnZ2VzdGVkIGJ5IFBldGVyICYgTW9y
dGV6YS4NCiAqICAgUmUtaW5zZXJ0aW9uIG9mIHRoZSBzaW1wbGVjbG91ZC5pbmZvIFVSTCBmb3Ig
cmVmZXJlbmNlLg0KICogICBVcGRhdGluZyBvZiBkcmFmdCBuYW1lcyBiYXNlZCBvbiB3aGF0IGhh
cyBiZWVuIHBvc3RlZA0KDQpUd28gcG9pbnRzOg0KDQogMS4gIEkgZG9uJ3QgYWN0dWFsbHkgc2Vl
IHRoZSBMREFQIG1hcHBpbmcgZG9jdW1lbnQgYW55d2hlcmUuICBJcyB0aGVyZSBvbmU/ICBIb3cg
Y3JpdGljYWwgaXMgdGhpcyB0byBoYXZlPw0KIDIuICBUaGVyZSBleGlzdHMgYSB1c2FnZSBzY2Vu
YXJpb3MgZG9jdW1lbnQuICBJcyB0aGF0IGFsc28gc29tZXRoaW5nIHdlIHdhbnQgdG8gYWRvcHQ/
DQoNCkVsaW90DQo=

--_000_0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87DUSNAVSXCHMBSB_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj
cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv
VFIvUkVDLWh0bWw0MCI+PGhlYWQ+PG1ldGEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu
dD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij48bWV0YSBuYW1lPUdlbmVyYXRvciBjb250ZW50
PSJNaWNyb3NvZnQgV29yZCAxMiAoZmlsdGVyZWQgbWVkaXVtKSI+PHN0eWxlPjwhLS0NCi8qIEZv
bnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6V2luZ2RpbmdzOw0K
CXBhbm9zZS0xOjUgMCAwIDAgMCAwIDAgMCAwIDA7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWls
eTpTaW1TdW47DQoJcGFub3NlLTE6MiAxIDYgMCAzIDEgMSAxIDEgMTt9DQpAZm9udC1mYWNlDQoJ
e2ZvbnQtZmFtaWx5OlNpbVN1bjsNCglwYW5vc2UtMToyIDEgNiAwIDMgMSAxIDEgMSAxO30NCkBm
b250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUgMiAyIDIg
NCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OlRhaG9tYTsNCglwYW5vc2UtMToy
IDExIDYgNCAzIDUgNCA0IDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJcQFNpbVN1
biI7DQoJcGFub3NlLTE6MiAxIDYgMCAzIDEgMSAxIDEgMTt9DQovKiBTdHlsZSBEZWZpbml0aW9u
cyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46
MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQt
ZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLCJzZXJpZiI7DQoJY29sb3I6YmxhY2s7fQ0KYTpsaW5r
LCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6Ymx1
ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6dmlzaXRlZCwgc3Bhbi5Nc29IeXBl
cmxpbmtGb2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6cHVycGxlOw0K
CXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcA0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7
DQoJbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87DQoJbWFyZ2luLXJpZ2h0OjBpbjsNCgltc28tbWFy
Z2luLWJvdHRvbS1hbHQ6YXV0bzsNCgltYXJnaW4tbGVmdDowaW47DQoJZm9udC1zaXplOjEyLjBw
dDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIiwic2VyaWYiOw0KCWNvbG9yOmJsYWNr
O30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsLXJlcGx5Ow0K
CWZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7DQoJY29sb3I6IzFGNDk3RDt9DQou
TXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQtb25seTsNCglmb250LXNpemU6
MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJn
aW46MS4waW4gMS4waW4gMS4waW4gMS4waW47fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldv
cmRTZWN0aW9uMTt9DQovKiBMaXN0IERlZmluaXRpb25zICovDQpAbGlzdCBsMA0KCXttc28tbGlz
dC1pZDo3Njc5NjYwODg7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOjMyODc0MjE2Njt9DQpAbGlz
dCBsMQ0KCXttc28tbGlzdC1pZDoxMTAzNDUyMDQwOw0KCW1zby1saXN0LXRlbXBsYXRlLWlkczox
NzI3ODAzMjQyO30NCkBsaXN0IGwxOmxldmVsMQ0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpi
dWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWItc3RvcDouNWluOw0K
CW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotLjI1aW47DQoJ
bXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpTeW1ib2w7fQ0Kb2wNCgl7
bWFyZ2luLWJvdHRvbTowaW47fQ0KdWwNCgl7bWFyZ2luLWJvdHRvbTowaW47fQ0KLS0+PC9zdHls
ZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQi
IHNwaWRtYXg9IjEwMjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+
PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0
IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPjwvaGVhZD48
Ym9keSBiZ2NvbG9yPXdoaXRlIGxhbmc9RU4tVVMgbGluaz1ibHVlIHZsaW5rPXB1cnBsZT48ZGl2
IGNsYXNzPVdvcmRTZWN0aW9uMT48cCBjbGFzcz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQt
c2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0
OTdEJz4rMSBmb3IgdGhlIHVzZSBjYXNlIGRvY3VtZW50LCB3aGljaCBJIGZvdW5kIHVzZWZ1bC4g
R29pbmcgZm9yd2FyZCwgaXQgd291bGQgYmUgZGVzaXJhYmxlIHRvIGF1Z21lbnQgaXQgdG8gY2Fw
dHVyZSBpbXBvcnRhbnQgcmVxdWlyZW1lbnRzIHRvby48bzpwPjwvbzpwPjwvc3Bhbj48L3A+PHAg
Y2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5
OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3RCc+PG86cD4mbmJzcDs8L286cD48
L3NwYW4+PC9wPjxkaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6
MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7Y29sb3I6Ymx1ZSc+SHVp
bGFuIEx1PG86cD48L286cD48L3NwYW4+PC9wPjwvZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48c3Bh
biBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2Vy
aWYiO2NvbG9yOiMxRjQ5N0QnPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD48ZGl2IHN0eWxl
PSdib3JkZXI6bm9uZTtib3JkZXItbGVmdDpzb2xpZCBibHVlIDEuNXB0O3BhZGRpbmc6MGluIDBp
biAwaW4gNC4wcHQnPjxkaXY+PGRpdiBzdHlsZT0nYm9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xp
ZCAjQjVDNERGIDEuMHB0O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4nPjxwIGNsYXNzPU1zb05v
cm1hbD48Yj48c3BhbiBzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseToiVGFob21h
Iiwic2Fucy1zZXJpZiI7Y29sb3I6d2luZG93dGV4dCc+RnJvbTo8L3NwYW4+PC9iPjxzcGFuIHN0
eWxlPSdmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjtj
b2xvcjp3aW5kb3d0ZXh0Jz4gc2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3Vu
Y2VzQGlldGYub3JnXSA8Yj5PbiBCZWhhbGYgT2YgPC9iPkVsaW90IExlYXI8YnI+PGI+U2VudDo8
L2I+IEZyaWRheSwgTWFyY2ggMTYsIDIwMTIgMzo1OCBBTTxicj48Yj5Ubzo8L2I+IHNjaW1AaWV0
Zi5vcmc8YnI+PGI+U3ViamVjdDo8L2I+IFtzY2ltXSBjaGFydGVyIGFuZCBvZGRzIGFuZCBlbmRz
PG86cD48L286cD48L3NwYW4+PC9wPjwvZGl2PjwvZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48bzpw
PiZuYnNwOzwvbzpwPjwvcD48cCBjbGFzcz1Nc29Ob3JtYWw+SGkgZXZlcnlvbmUsPGJyPjxicj5C
YXNlZCBvbiBkaXNjdXNzaW9uIEkgYW0gaW4gdGhlIHByb2Nlc3Mgb2YgdXBkYXRpbmcgdGhlIGRy
YWZ0IGNoYXJ0ZXIgKGJhc2VkIG9uIC00KSBhcyBmb2xsb3dzOjxvOnA+PC9vOnA+PC9wPjx1bCB0
eXBlPWRpc2M+PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1
dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDEgbGV2ZWwxIGxmbzEnPklu
c2VydGluZyBzb21lIHdvcmRpbmcgYXJvdW5kIGNvbnNpZGVyYXRpb24gb2YgdGhlIG11bHRpcG9p
bnQgdXNlIGNhc2UgdGhhdCBQaGlsIGhhcyByYWlzZWQuPG86cD48L286cD48L2xpPjxsaSBjbGFz
cz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90
dG9tLWFsdDphdXRvO21zby1saXN0OmwxIGxldmVsMSBsZm8xJz5SZW1vdmFsIG9mIHRoZSBvbmUg
b3V0LW9mLXNjb3BlIGxpbmUgYXMgc3VnZ2VzdGVkIGJ5IFBldGVyICZhbXA7IE1vcnRlemEuPG86
cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFs
dDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwxIGxldmVsMSBsZm8x
Jz5SZS1pbnNlcnRpb24gb2YgdGhlIHNpbXBsZWNsb3VkLmluZm8gVVJMIGZvciByZWZlcmVuY2Uu
PG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9w
LWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwxIGxldmVsMSBs
Zm8xJz5VcGRhdGluZyBvZiBkcmFmdCBuYW1lcyBiYXNlZCBvbiB3aGF0IGhhcyBiZWVuIHBvc3Rl
ZDxvOnA+PC9vOnA+PC9saT48L3VsPjxwPjxicj5Ud28gcG9pbnRzOjxvOnA+PC9vOnA+PC9wPjxv
bCBzdGFydD0xIHR5cGU9MT48bGkgY2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRv
cC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZlbDEg
bGZvMic+SSBkb24ndCBhY3R1YWxseSBzZWUgdGhlIExEQVAgbWFwcGluZyBkb2N1bWVudCBhbnl3
aGVyZS4mbmJzcDsgSXMgdGhlcmUgb25lPyZuYnNwOyBIb3cgY3JpdGljYWwgaXMgdGhpcyB0byBo
YXZlPzxvOnA+PC9vOnA+PC9saT48bGkgY2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2lu
LXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZl
bDEgbGZvMic+VGhlcmUgZXhpc3RzIGEgdXNhZ2Ugc2NlbmFyaW9zIGRvY3VtZW50LiZuYnNwOyBJ
cyB0aGF0IGFsc28gc29tZXRoaW5nIHdlIHdhbnQgdG8gYWRvcHQ/PG86cD48L286cD48L2xpPjwv
b2w+PHA+RWxpb3Q8bzpwPjwvbzpwPjwvcD48L2Rpdj48L2Rpdj48L2JvZHk+PC9odG1sPg==

--_000_0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87DUSNAVSXCHMBSB_--

From moransar@cisco.com  Fri Mar 16 11:15:21 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 916F721F8630 for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 11:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.526
X-Spam-Level: 
X-Spam-Status: No, score=-10.526 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HFQcSGPLEXtQ for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 11:15:20 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id EFEB521E8034 for <scim@ietf.org>; Fri, 16 Mar 2012 11:15:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=17104; q=dns/txt; s=iport; t=1331921719; x=1333131319; h=mime-version:subject:date:message-id:in-reply-to: references:from:to; bh=QX4UMFB1TSvMzAddorbjFddLHjAng8lKuQkkvlTPdZk=; b=nK5wJIndAOgbK2/ayo3EkoByRHzyAmBk/RXLC79UdvzBPgCSIAKN/4fj nGHwsTX5Iy1Y3Y6oYFIGXUzwMpOjl8SQSiaJN7fdfUHS/prI/ROqFVjOZ EZSajPiA620k5//MRcDtRkKhaeCtlvl/C3fiptXo2qJSGGfgCiK8WL9T/ s=;
X-IronPort-AV: E=Sophos;i="4.73,598,1325462400"; d="scan'208,217";a="66898671"
Received: from rcdn-core2-6.cisco.com ([173.37.113.193]) by rcdn-iport-1.cisco.com with ESMTP; 16 Mar 2012 18:15:18 +0000
Received: from xbh-rcd-201.cisco.com (xbh-rcd-201.cisco.com [72.163.62.200]) by rcdn-core2-6.cisco.com (8.14.3/8.14.3) with ESMTP id q2GIFITX000585;  Fri, 16 Mar 2012 18:15:18 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-201.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Fri, 16 Mar 2012 13:15:18 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD03A0.BE0D24EC"
Date: Fri, 16 Mar 2012 13:15:17 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEE636B9@XMB-RCD-313.cisco.com>
In-Reply-To: <0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87D@USNAVSXCHMBSB3.ndc.alcatel-lucent.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] charter and odds and ends
Thread-Index: Ac0DSoYF8sNSglANRvShf5//4bv/7wAVOCswAABO/DA=
References: <4F62F287.2000809@cisco.com> <0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87D@USNAVSXCHMBSB3.ndc.alcatel-lucent.com>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Lu, Hui-Lan (Huilan)" <huilan.lu@alcatel-lucent.com>, "Eliot Lear" <lear@cisco.com>, <scim@ietf.org>
X-OriginalArrivalTime: 16 Mar 2012 18:15:18.0527 (UTC) FILETIME=[BE4228F0:01CD03A0]
Subject: Re: [scim] charter and odds and ends
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 18:15:21 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD03A0.BE0D24EC
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: base64

WWVzLCB0aGUgY3VycmVudCB1c2UgY2FzZSBkb2N1bWVudCBvbiB0aGUgU0NJTSAxLjAgd2ViIHBh
Z2UgaXMgZGVmaW5pdGVseSBvdXQgb2YgZGF0ZSBhbmQgd291bGQgcmVxdWlyZSB1cGRhdGUgaWYg
d2Ugd2FudCB0byBwdWJsaXNoIGl0Lg0KDQogDQoNCiANCg0KQ2hlZXJzLA0KDQpNb3J0ZXphDQoN
CiANCg0KRnJvbTogc2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGll
dGYub3JnXSBPbiBCZWhhbGYgT2YgTHUsIEh1aS1MYW4gKEh1aWxhbikNClNlbnQ6IEZyaWRheSwg
TWFyY2ggMTYsIDIwMTIgMTE6MTIgQU0NClRvOiAnRWxpb3QgTGVhcic7IHNjaW1AaWV0Zi5vcmcN
ClN1YmplY3Q6IFJlOiBbc2NpbV0gY2hhcnRlciBhbmQgb2RkcyBhbmQgZW5kcw0KDQogDQoNCisx
IGZvciB0aGUgdXNlIGNhc2UgZG9jdW1lbnQsIHdoaWNoIEkgZm91bmQgdXNlZnVsLiBHb2luZyBm
b3J3YXJkLCBpdCB3b3VsZCBiZSBkZXNpcmFibGUgdG8gYXVnbWVudCBpdCB0byBjYXB0dXJlIGlt
cG9ydGFudCByZXF1aXJlbWVudHMgdG9vLg0KDQogDQoNCkh1aWxhbiBMdQ0KDQogDQoNCkZyb206
IHNjaW0tYm91bmNlc0BpZXRmLm9yZyBbbWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9yZ10gT24g
QmVoYWxmIE9mIEVsaW90IExlYXINClNlbnQ6IEZyaWRheSwgTWFyY2ggMTYsIDIwMTIgMzo1OCBB
TQ0KVG86IHNjaW1AaWV0Zi5vcmcNClN1YmplY3Q6IFtzY2ltXSBjaGFydGVyIGFuZCBvZGRzIGFu
ZCBlbmRzDQoNCiANCg0KSGkgZXZlcnlvbmUsDQoNCkJhc2VkIG9uIGRpc2N1c3Npb24gSSBhbSBp
biB0aGUgcHJvY2VzcyBvZiB1cGRhdGluZyB0aGUgZHJhZnQgY2hhcnRlciAoYmFzZWQgb24gLTQp
IGFzIGZvbGxvd3M6DQoNCioJSW5zZXJ0aW5nIHNvbWUgd29yZGluZyBhcm91bmQgY29uc2lkZXJh
dGlvbiBvZiB0aGUgbXVsdGlwb2ludCB1c2UgY2FzZSB0aGF0IFBoaWwgaGFzIHJhaXNlZC4NCioJ
UmVtb3ZhbCBvZiB0aGUgb25lIG91dC1vZi1zY29wZSBsaW5lIGFzIHN1Z2dlc3RlZCBieSBQZXRl
ciAmIE1vcnRlemEuDQoqCVJlLWluc2VydGlvbiBvZiB0aGUgc2ltcGxlY2xvdWQuaW5mbyBVUkwg
Zm9yIHJlZmVyZW5jZS4NCioJVXBkYXRpbmcgb2YgZHJhZnQgbmFtZXMgYmFzZWQgb24gd2hhdCBo
YXMgYmVlbiBwb3N0ZWQNCg0KDQpUd28gcG9pbnRzOg0KDQoxLglJIGRvbid0IGFjdHVhbGx5IHNl
ZSB0aGUgTERBUCBtYXBwaW5nIGRvY3VtZW50IGFueXdoZXJlLiAgSXMgdGhlcmUgb25lPyAgSG93
IGNyaXRpY2FsIGlzIHRoaXMgdG8gaGF2ZT8NCjIuCVRoZXJlIGV4aXN0cyBhIHVzYWdlIHNjZW5h
cmlvcyBkb2N1bWVudC4gIElzIHRoYXQgYWxzbyBzb21ldGhpbmcgd2Ugd2FudCB0byBhZG9wdD8N
Cg0KRWxpb3QNCg0K

------_=_NextPart_001_01CD03A0.BE0D24EC
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj
cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv
VFIvUkVDLWh0bWw0MCI+PGhlYWQ+PG1ldGEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu
dD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij48bWV0YSBuYW1lPUdlbmVyYXRvciBjb250ZW50
PSJNaWNyb3NvZnQgV29yZCAxNCAoZmlsdGVyZWQgbWVkaXVtKSI+PHN0eWxlPjwhLS0NCi8qIEZv
bnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglw
YW5vc2UtMToyIDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5
OlRhaG9tYTsNCglwYW5vc2UtMToyIDExIDYgNCAzIDUgNCA0IDIgNDt9DQovKiBTdHlsZSBEZWZp
bml0aW9ucyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXtt
YXJnaW46MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTIuMHB0Ow0K
CWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLCJzZXJpZiI7DQoJY29sb3I6YmxhY2s7fQ0K
YTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29s
b3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6dmlzaXRlZCwgc3Bhbi5N
c29IeXBlcmxpbmtGb2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6cHVy
cGxlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcA0KCXttc28tc3R5bGUtcHJpb3Jp
dHk6OTk7DQoJbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87DQoJbWFyZ2luLXJpZ2h0OjBpbjsNCglt
c28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzsNCgltYXJnaW4tbGVmdDowaW47DQoJZm9udC1zaXpl
OjEyLjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIiwic2VyaWYiOw0KCWNvbG9y
OmJsYWNrO30NCnAuTXNvQWNldGF0ZSwgbGkuTXNvQWNldGF0ZSwgZGl2Lk1zb0FjZXRhdGUNCgl7
bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCW1zby1zdHlsZS1saW5rOiJCYWxsb29uIFRleHQgQ2hh
ciI7DQoJbWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjgu
MHB0Ow0KCWZvbnQtZmFtaWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjpibGFjazt9
DQpzcGFuLkVtYWlsU3R5bGUxOA0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25hbDsNCglmb250LWZh
bWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0Kc3Bhbi5FbWFp
bFN0eWxlMTkNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6
IkNhbGlicmkiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjojMUY0OTdEO30NCnNwYW4uQmFsbG9vblRl
eHRDaGFyDQoJe21zby1zdHlsZS1uYW1lOiJCYWxsb29uIFRleHQgQ2hhciI7DQoJbXNvLXN0eWxl
LXByaW9yaXR5Ojk5Ow0KCW1zby1zdHlsZS1saW5rOiJCYWxsb29uIFRleHQiOw0KCWZvbnQtZmFt
aWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjpibGFjazt9DQouTXNvQ2hwRGVmYXVs
dA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQtb25seTsNCglmb250LXNpemU6MTAuMHB0O30NCkBw
YWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4w
aW4gMS4waW4gMS4waW47fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9
DQovKiBMaXN0IERlZmluaXRpb25zICovDQpAbGlzdCBsMA0KCXttc28tbGlzdC1pZDo3Njc5NjYw
ODg7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOjMyODc0MjE2Njt9DQpAbGlzdCBsMDpsZXZlbDEN
Cgl7bXNvLWxldmVsLXRhYi1zdG9wOi41aW47DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjps
ZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjt9DQpAbGlzdCBsMDpsZXZlbDINCgl7bXNvLWxldmVs
LXRhYi1zdG9wOjEuMGluOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0
LWluZGVudDotLjI1aW47fQ0KQGxpc3QgbDA6bGV2ZWwzDQoJe21zby1sZXZlbC10YWItc3RvcDox
LjVpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4y
NWluO30NCkBsaXN0IGwwOmxldmVsNA0KCXttc28tbGV2ZWwtdGFiLXN0b3A6Mi4waW47DQoJbXNv
LWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjt9DQpAbGlz
dCBsMDpsZXZlbDUNCgl7bXNvLWxldmVsLXRhYi1zdG9wOjIuNWluOw0KCW1zby1sZXZlbC1udW1i
ZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotLjI1aW47fQ0KQGxpc3QgbDA6bGV2ZWw2
DQoJe21zby1sZXZlbC10YWItc3RvcDozLjBpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9u
OmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluO30NCkBsaXN0IGwwOmxldmVsNw0KCXttc28tbGV2
ZWwtdGFiLXN0b3A6My41aW47DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRl
eHQtaW5kZW50Oi0uMjVpbjt9DQpAbGlzdCBsMDpsZXZlbDgNCgl7bXNvLWxldmVsLXRhYi1zdG9w
OjQuMGluOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDot
LjI1aW47fQ0KQGxpc3QgbDA6bGV2ZWw5DQoJe21zby1sZXZlbC10YWItc3RvcDo0LjVpbjsNCglt
c28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluO30NCkBs
aXN0IGwxDQoJe21zby1saXN0LWlkOjExMDM0NTIwNDA7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRz
OjE3Mjc4MDMyNDI7fQ0KQGxpc3QgbDE6bGV2ZWwxDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0
OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgrc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOi41aW47
DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsN
Cgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OlN5bWJvbDt9DQpAbGlz
dCBsMTpsZXZlbDINCgl7bXNvLWxldmVsLXRhYi1zdG9wOjEuMGluOw0KCW1zby1sZXZlbC1udW1i
ZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotLjI1aW47fQ0KQGxpc3QgbDE6bGV2ZWwz
DQoJe21zby1sZXZlbC10YWItc3RvcDoxLjVpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9u
OmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluO30NCkBsaXN0IGwxOmxldmVsNA0KCXttc28tbGV2
ZWwtdGFiLXN0b3A6Mi4waW47DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRl
eHQtaW5kZW50Oi0uMjVpbjt9DQpAbGlzdCBsMTpsZXZlbDUNCgl7bXNvLWxldmVsLXRhYi1zdG9w
OjIuNWluOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDot
LjI1aW47fQ0KQGxpc3QgbDE6bGV2ZWw2DQoJe21zby1sZXZlbC10YWItc3RvcDozLjBpbjsNCglt
c28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluO30NCkBs
aXN0IGwxOmxldmVsNw0KCXttc28tbGV2ZWwtdGFiLXN0b3A6My41aW47DQoJbXNvLWxldmVsLW51
bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjt9DQpAbGlzdCBsMTpsZXZl
bDgNCgl7bXNvLWxldmVsLXRhYi1zdG9wOjQuMGluOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRp
b246bGVmdDsNCgl0ZXh0LWluZGVudDotLjI1aW47fQ0KQGxpc3QgbDE6bGV2ZWw5DQoJe21zby1s
ZXZlbC10YWItc3RvcDo0LjVpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJ
dGV4dC1pbmRlbnQ6LS4yNWluO30NCkBsaXN0IGwyDQoJe21zby1saXN0LWlkOjE2MjkzMTcwNjI7
DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOi04NDc2MjI2ODA7fQ0KQGxpc3QgbDMNCgl7bXNvLWxp
c3QtaWQ6MTc3OTkxMjY3NzsNCgltc28tbGlzdC10ZW1wbGF0ZS1pZHM6MTk0NjIwODY0Mjt9DQpA
bGlzdCBsMzpsZXZlbDENCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1s
ZXZlbC10ZXh0Ou+CtzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6LjVpbjsNCgltc28tbGV2ZWwtbnVt
YmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCW1zby1hbnNpLWZvbnQt
c2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6U3ltYm9sO30NCkBsaXN0IGwzOmxldmVsMg0KCXtt
c28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0KCW1z
by1sZXZlbC10YWItc3RvcDoxLjBpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7
DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCW1zby1hbnNpLWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9u
dC1mYW1pbHk6U3ltYm9sO30NCkBsaXN0IGwzOmxldmVsMw0KCXttc28tbGV2ZWwtbnVtYmVyLWZv
cm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWItc3RvcDox
LjVpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4y
NWluOw0KCW1zby1hbnNpLWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6U3ltYm9sO30N
CkBsaXN0IGwzOmxldmVsNA0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNv
LWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWItc3RvcDoyLjBpbjsNCgltc28tbGV2ZWwt
bnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCW1zby1hbnNpLWZv
bnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6U3ltYm9sO30NCkBsaXN0IGwzOmxldmVsNQ0K
CXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0K
CW1zby1sZXZlbC10YWItc3RvcDoyLjVpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxl
ZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCW1zby1hbnNpLWZvbnQtc2l6ZToxMC4wcHQ7DQoJ
Zm9udC1mYW1pbHk6U3ltYm9sO30NCkBsaXN0IGwzOmxldmVsNg0KCXttc28tbGV2ZWwtbnVtYmVy
LWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWItc3Rv
cDozLjBpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6
LS4yNWluOw0KCW1zby1hbnNpLWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6U3ltYm9s
O30NCkBsaXN0IGwzOmxldmVsNw0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJ
bXNvLWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWItc3RvcDozLjVpbjsNCgltc28tbGV2
ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCW1zby1hbnNp
LWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6U3ltYm9sO30NCkBsaXN0IGwzOmxldmVs
OA0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3
Ow0KCW1zby1sZXZlbC10YWItc3RvcDo0LjBpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9u
OmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCW1zby1hbnNpLWZvbnQtc2l6ZToxMC4wcHQ7
DQoJZm9udC1mYW1pbHk6U3ltYm9sO30NCkBsaXN0IGwzOmxldmVsOQ0KCXttc28tbGV2ZWwtbnVt
YmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWIt
c3RvcDo0LjVpbjsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRl
bnQ6LS4yNWluOw0KCW1zby1hbnNpLWZvbnQtc2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6U3lt
Ym9sO30NCm9sDQoJe21hcmdpbi1ib3R0b206MGluO30NCnVsDQoJe21hcmdpbi1ib3R0b206MGlu
O30NCi0tPjwvc3R5bGU+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWRlZmF1bHRz
IHY6ZXh0PSJlZGl0IiBzcGlkbWF4PSIxMDI2IiAvPg0KPC94bWw+PCFbZW5kaWZdLS0+PCEtLVtp
ZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWxheW91dCB2OmV4dD0iZWRpdCI+DQo8bzppZG1h
cCB2OmV4dD0iZWRpdCIgZGF0YT0iMSIgLz4NCjwvbzpzaGFwZWxheW91dD48L3htbD48IVtlbmRp
Zl0tLT48L2hlYWQ+PGJvZHkgYmdjb2xvcj13aGl0ZSBsYW5nPUVOLVVTIGxpbms9Ymx1ZSB2bGlu
az1wdXJwbGU+PGRpdiBjbGFzcz1Xb3JkU2VjdGlvbjE+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFu
IHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJp
ZiI7Y29sb3I6IzFGNDk3RCc+WWVzLCB0aGUgY3VycmVudCB1c2UgY2FzZSBkb2N1bWVudCBvbiB0
aGUgU0NJTSAxLjAgd2ViIHBhZ2UgaXMgZGVmaW5pdGVseSBvdXQgb2YgZGF0ZSBhbmQgd291bGQg
cmVxdWlyZSB1cGRhdGUgaWYgd2Ugd2FudCB0byBwdWJsaXNoIGl0LjxvOnA+PC9vOnA+PC9zcGFu
PjwvcD48cCBjbGFzcz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7Zm9u
dC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz48bzpwPiZuYnNw
OzwvbzpwPjwvc3Bhbj48L3A+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNp
emU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3
RCc+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBz
dHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYi
O2NvbG9yOiMxRjQ5N0QnPkNoZWVycyw8bzpwPjwvbzpwPjwvc3Bhbj48L3A+PHAgY2xhc3M9TXNv
Tm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJp
Iiwic2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3RCc+TW9ydGV6YTxvOnA+PC9vOnA+PC9zcGFuPjwv
cD48cCBjbGFzcz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1m
YW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz48bzpwPiZuYnNwOzwv
bzpwPjwvc3Bhbj48L3A+PGRpdj48ZGl2IHN0eWxlPSdib3JkZXI6bm9uZTtib3JkZXItdG9wOnNv
bGlkICNCNUM0REYgMS4wcHQ7cGFkZGluZzozLjBwdCAwaW4gMGluIDBpbic+PHAgY2xhc3M9TXNv
Tm9ybWFsPjxiPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiJUYWhv
bWEiLCJzYW5zLXNlcmlmIjtjb2xvcjp3aW5kb3d0ZXh0Jz5Gcm9tOjwvc3Bhbj48L2I+PHNwYW4g
c3R5bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6IlRhaG9tYSIsInNhbnMtc2VyaWYi
O2NvbG9yOndpbmRvd3RleHQnPiBzY2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJv
dW5jZXNAaWV0Zi5vcmddIDxiPk9uIEJlaGFsZiBPZiA8L2I+THUsIEh1aS1MYW4gKEh1aWxhbik8
YnI+PGI+U2VudDo8L2I+IEZyaWRheSwgTWFyY2ggMTYsIDIwMTIgMTE6MTIgQU08YnI+PGI+VG86
PC9iPiAnRWxpb3QgTGVhcic7IHNjaW1AaWV0Zi5vcmc8YnI+PGI+U3ViamVjdDo8L2I+IFJlOiBb
c2NpbV0gY2hhcnRlciBhbmQgb2RkcyBhbmQgZW5kczxvOnA+PC9vOnA+PC9zcGFuPjwvcD48L2Rp
dj48L2Rpdj48cCBjbGFzcz1Nc29Ob3JtYWw+PG86cD4mbmJzcDs8L286cD48L3A+PHAgY2xhc3M9
TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxp
YnJpIiwic2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3RCc+KzEgZm9yIHRoZSB1c2UgY2FzZSBkb2N1
bWVudCwgd2hpY2ggSSBmb3VuZCB1c2VmdWwuIEdvaW5nIGZvcndhcmQsIGl0IHdvdWxkIGJlIGRl
c2lyYWJsZSB0byBhdWdtZW50IGl0IHRvIGNhcHR1cmUgaW1wb3J0YW50IHJlcXVpcmVtZW50cyB0
b28uPG86cD48L286cD48L3NwYW4+PC9wPjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0n
Zm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiO2NvbG9y
OiMxRjQ5N0QnPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD48ZGl2PjxwIGNsYXNzPU1zb05v
cm1hbD48c3BhbiBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseToiQ2FsaWJyaSIs
InNhbnMtc2VyaWYiO2NvbG9yOmJsdWUnPkh1aWxhbiBMdTxvOnA+PC9vOnA+PC9zcGFuPjwvcD48
L2Rpdj48cCBjbGFzcz1Nc29Ob3JtYWw+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7Zm9u
dC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlmIjtjb2xvcjojMUY0OTdEJz48bzpwPiZuYnNw
OzwvbzpwPjwvc3Bhbj48L3A+PGRpdiBzdHlsZT0nYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29s
aWQgYmx1ZSAxLjVwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDQuMHB0Jz48ZGl2PjxkaXYgc3R5bGU9
J2JvcmRlcjpub25lO2JvcmRlci10b3A6c29saWQgI0I1QzRERiAxLjBwdDtwYWRkaW5nOjMuMHB0
IDBpbiAwaW4gMGluJz48cCBjbGFzcz1Nc29Ob3JtYWw+PGI+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6
ZToxMC4wcHQ7Zm9udC1mYW1pbHk6IlRhaG9tYSIsInNhbnMtc2VyaWYiO2NvbG9yOndpbmRvd3Rl
eHQnPkZyb206PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtmb250LWZh
bWlseToiVGFob21hIiwic2Fucy1zZXJpZiI7Y29sb3I6d2luZG93dGV4dCc+IDxhIGhyZWY9Im1h
aWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmciPnNjaW0tYm91bmNlc0BpZXRmLm9yZzwvYT4gPGEg
aHJlZj0ibWFpbHRvOlttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSI+W21haWx0bzpzY2lt
LWJvdW5jZXNAaWV0Zi5vcmddPC9hPiA8Yj5PbiBCZWhhbGYgT2YgPC9iPkVsaW90IExlYXI8YnI+
PGI+U2VudDo8L2I+IEZyaWRheSwgTWFyY2ggMTYsIDIwMTIgMzo1OCBBTTxicj48Yj5Ubzo8L2I+
IDxhIGhyZWY9Im1haWx0bzpzY2ltQGlldGYub3JnIj5zY2ltQGlldGYub3JnPC9hPjxicj48Yj5T
dWJqZWN0OjwvYj4gW3NjaW1dIGNoYXJ0ZXIgYW5kIG9kZHMgYW5kIGVuZHM8bzpwPjwvbzpwPjwv
c3Bhbj48L3A+PC9kaXY+PC9kaXY+PHAgY2xhc3M9TXNvTm9ybWFsPjxvOnA+Jm5ic3A7PC9vOnA+
PC9wPjxwIGNsYXNzPU1zb05vcm1hbD5IaSBldmVyeW9uZSw8YnI+PGJyPkJhc2VkIG9uIGRpc2N1
c3Npb24gSSBhbSBpbiB0aGUgcHJvY2VzcyBvZiB1cGRhdGluZyB0aGUgZHJhZnQgY2hhcnRlciAo
YmFzZWQgb24gLTQpIGFzIGZvbGxvd3M6PG86cD48L286cD48L3A+PHVsIHR5cGU9ZGlzYz48bGkg
Y2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2lu
LWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMSBsZXZlbDEgbGZvMyc+SW5zZXJ0aW5nIHNvbWUg
d29yZGluZyBhcm91bmQgY29uc2lkZXJhdGlvbiBvZiB0aGUgbXVsdGlwb2ludCB1c2UgY2FzZSB0
aGF0IFBoaWwgaGFzIHJhaXNlZC48bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPU1zb05vcm1hbCBz
dHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87
bXNvLWxpc3Q6bDEgbGV2ZWwxIGxmbzMnPlJlbW92YWwgb2YgdGhlIG9uZSBvdXQtb2Ytc2NvcGUg
bGluZSBhcyBzdWdnZXN0ZWQgYnkgUGV0ZXIgJmFtcDsgTW9ydGV6YS48bzpwPjwvbzpwPjwvbGk+
PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1h
cmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDEgbGV2ZWwxIGxmbzMnPlJlLWluc2VydGlv
biBvZiB0aGUgc2ltcGxlY2xvdWQuaW5mbyBVUkwgZm9yIHJlZmVyZW5jZS48bzpwPjwvbzpwPjwv
bGk+PGxpIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNv
LW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDEgbGV2ZWwxIGxmbzMnPlVwZGF0aW5n
IG9mIGRyYWZ0IG5hbWVzIGJhc2VkIG9uIHdoYXQgaGFzIGJlZW4gcG9zdGVkPG86cD48L286cD48
L2xpPjwvdWw+PHA+PGJyPlR3byBwb2ludHM6PG86cD48L286cD48L3A+PG9sIHN0YXJ0PTEgdHlw
ZT0xPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21z
by1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMSBsZm82Jz5JIGRvbid0
IGFjdHVhbGx5IHNlZSB0aGUgTERBUCBtYXBwaW5nIGRvY3VtZW50IGFueXdoZXJlLiZuYnNwOyBJ
cyB0aGVyZSBvbmU/Jm5ic3A7IEhvdyBjcml0aWNhbCBpcyB0aGlzIHRvIGhhdmU/PG86cD48L286
cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRv
O21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMSBsZm82Jz5UaGVy
ZSBleGlzdHMgYSB1c2FnZSBzY2VuYXJpb3MgZG9jdW1lbnQuJm5ic3A7IElzIHRoYXQgYWxzbyBz
b21ldGhpbmcgd2Ugd2FudCB0byBhZG9wdD88bzpwPjwvbzpwPjwvbGk+PC9vbD48cD5FbGlvdDxv
OnA+PC9vOnA+PC9wPjwvZGl2PjwvZGl2PjwvYm9keT48L2h0bWw+

------_=_NextPart_001_01CD03A0.BE0D24EC--

From phil.hunt@oracle.com  Fri Mar 16 11:40:04 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3EB721E8034 for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 11:40:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.36
X-Spam-Level: 
X-Spam-Status: No, score=-10.36 tagged_above=-999 required=5 tests=[AWL=0.238,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mupfNINiRp0p for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 11:40:03 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 9648921F85D4 for <scim@ietf.org>; Fri, 16 Mar 2012 11:40:03 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2GIe0DL024065 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 16 Mar 2012 18:40:01 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2GIe073014846 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 16 Mar 2012 18:40:00 GMT
Received: from abhmt110.oracle.com (abhmt110.oracle.com [141.146.116.62]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2GIdxw4005592; Fri, 16 Mar 2012 13:39:59 -0500
Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 16 Mar 2012 11:39:59 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_63F410E5-7D79-4CB7-83C2-E269EAF8C7DD"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEE636B9@XMB-RCD-313.cisco.com>
Date: Fri, 16 Mar 2012 11:39:56 -0700
Message-Id: <199E066B-BA2A-4603-9D2E-B22E751EA381@oracle.com>
References: <4F62F287.2000809@cisco.com> <0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B87D@USNAVSXCHMBSB3.ndc.alcatel-lucent.com> <93C6FB63F046384C86EC8F7F3FFEC7BEE636B9@XMB-RCD-313.cisco.com>
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
X-CT-RefId: str=0001.0A090205.4F638901.00B6,ss=1,re=-2.300,fgs=0
Cc: scim@ietf.org, Eliot Lear <lear@cisco.com>, "Lu, Hui-Lan \(Huilan\)" <huilan.lu@alcatel-lucent.com>
Subject: Re: [scim] charter and odds and ends
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 18:40:05 -0000

--Apple-Mail=_63F410E5-7D79-4CB7-83C2-E269EAF8C7DD
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

+1

I think having a usecase document as a WG working draft document would =
be very useful to keep referring to.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-03-16, at 11:15 AM, Morteza Ansari (moransar) wrote:

> Yes, the current use case document on the SCIM 1.0 web page is =
definitely out of date and would require update if we want to publish =
it.
> =20
> =20
> Cheers,
> Morteza
> =20
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Lu, Hui-Lan (Huilan)
> Sent: Friday, March 16, 2012 11:12 AM
> To: 'Eliot Lear'; scim@ietf.org
> Subject: Re: [scim] charter and odds and ends
> =20
> +1 for the use case document, which I found useful. Going forward, it =
would be desirable to augment it to capture important requirements too.
> =20
> Huilan Lu
> =20
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Eliot Lear
> Sent: Friday, March 16, 2012 3:58 AM
> To: scim@ietf.org
> Subject: [scim] charter and odds and ends
> =20
> Hi everyone,
>=20
> Based on discussion I am in the process of updating the draft charter =
(based on -4) as follows:
> Inserting some wording around consideration of the multipoint use case =
that Phil has raised.
> Removal of the one out-of-scope line as suggested by Peter & Morteza.
> Re-insertion of the simplecloud.info URL for reference.
> Updating of draft names based on what has been posted
>=20
> Two points:
>=20
> I don't actually see the LDAP mapping document anywhere.  Is there =
one?  How critical is this to have?
> There exists a usage scenarios document.  Is that also something we =
want to adopt?
> Eliot
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_63F410E5-7D79-4CB7-83C2-E269EAF8C7DD
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=us-ascii

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
">+1<div><br></div><div>I think having a usecase document as a WG =
working draft document would be very useful to keep referring =
to.<div><br><div apple-content-edited=3D"true">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>Phil</div><div><br></div><div>@independentid</div><div><a=
 =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2012-03-16, at 11:15 AM, Morteza Ansari (moransar) =
wrote:</div><br class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite"><span class=3D"Apple-style-span" style=3D"border-collapse: =
separate; font-family: Helvetica; font-style: normal; font-variant: =
normal; font-weight: normal; letter-spacing: normal; line-height: =
normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div =
bgcolor=3D"white" lang=3D"EN-US" link=3D"blue" vlink=3D"purple"><div =
class=3D"WordSection1" style=3D"page: WordSection1; "><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; color: black; margin-top: 0in; =
margin-bottom: 0.0001pt; "><span style=3D"font-size: 11pt; font-family: =
Calibri, sans-serif; color: rgb(31, 73, 125); ">Yes, the current use =
case document on the SCIM 1.0 web page is definitely out of date and =
would require update if we want to publish =
it.<o:p></o:p></span></div><div style=3D"margin-right: 0in; margin-left: =
0in; font-size: 12pt; font-family: 'Times New Roman', serif; color: =
black; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; color: black; margin-top: 0in; =
margin-bottom: 0.0001pt; "><span style=3D"font-size: 11pt; font-family: =
Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">Cheers,<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; color: black; margin-top: 0in; =
margin-bottom: 0.0001pt; "><span style=3D"font-size: 11pt; font-family: =
Calibri, sans-serif; color: rgb(31, 73, 125); =
">Morteza<o:p></o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div><div =
style=3D"border-right-style: none; border-bottom-style: none; =
border-left-style: none; border-width: initial; border-color: initial; =
border-top-style: solid; border-top-color: rgb(181, 196, 223); =
border-top-width: 1pt; padding-top: 3pt; padding-right: 0in; =
padding-bottom: 0in; padding-left: 0in; "><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; margin-top: 0in; margin-bottom: 0.0001pt; =
"><b><span style=3D"font-size: 10pt; font-family: Tahoma, sans-serif; =
color: windowtext; ">From:</span></b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; color: windowtext; "><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> =
[mailto:scim-bounces@ietf.org]<span =
class=3D"Apple-converted-space">&nbsp;</span><b>On Behalf Of<span =
class=3D"Apple-converted-space">&nbsp;</span></b>Lu, Hui-Lan =
(Huilan)<br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Friday, March 16, 2012 =
11:12 AM<br><b>To:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>'Eliot Lear'; <a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Re: [scim] charter and odds =
and ends<o:p></o:p></span></div></div></div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; margin-top: 0in; margin-bottom: 0.0001pt; =
"><o:p>&nbsp;</o:p></div><div style=3D"margin-right: 0in; margin-left: =
0in; font-size: 12pt; font-family: 'Times New Roman', serif; color: =
black; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">+1 for the use case document, which I found useful. =
Going forward, it would be desirable to augment it to capture important =
requirements too.<o:p></o:p></span></div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; color: black; margin-top: 0in; =
margin-bottom: 0.0001pt; "><span style=3D"font-size: 11pt; font-family: =
Calibri, sans-serif; color: blue; ">Huilan =
Lu<o:p></o:p></span></div></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"border-top-style: none; border-right-style: none; =
border-bottom-style: none; border-width: initial; border-color: initial; =
border-left-style: solid; border-left-color: blue; border-left-width: =
1.5pt; padding-top: 0in; padding-right: 0in; padding-bottom: 0in; =
padding-left: 4pt; "><div><div style=3D"border-right-style: none; =
border-bottom-style: none; border-left-style: none; border-width: =
initial; border-color: initial; border-top-style: solid; =
border-top-color: rgb(181, 196, 223); border-top-width: 1pt; =
padding-top: 3pt; padding-right: 0in; padding-bottom: 0in; padding-left: =
0in; "><div style=3D"margin-right: 0in; margin-left: 0in; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; margin-top: =
0in; margin-bottom: 0.0001pt; "><b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; color: windowtext; =
">From:</span></b><span style=3D"font-size: 10pt; font-family: Tahoma, =
sans-serif; color: windowtext; "><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org" style=3D"color: blue; =
text-decoration: underline; ">scim-bounces@ietf.org</a><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:[mailto:scim-bounces@ietf.org]" style=3D"color: blue; =
text-decoration: underline; ">[mailto:scim-bounces@ietf.org]</a><span =
class=3D"Apple-converted-space">&nbsp;</span><b>On Behalf Of<span =
class=3D"Apple-converted-space">&nbsp;</span></b>Eliot =
Lear<br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Friday, March 16, 2012 3:58 =
AM<br><b>To:</b><span class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: =
underline; ">scim@ietf.org</a><br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>[scim] charter and odds and =
ends<o:p></o:p></span></div></div></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; margin-top: 0in; margin-bottom: 0.0001pt; =
"><o:p>&nbsp;</o:p></div><div style=3D"margin-right: 0in; margin-left: =
0in; font-size: 12pt; font-family: 'Times New Roman', serif; color: =
black; margin-top: 0in; margin-bottom: 0.0001pt; ">Hi =
everyone,<br><br>Based on discussion I am in the process of updating the =
draft charter (based on -4) as follows:<o:p></o:p></div><ul type=3D"disc" =
style=3D"margin-bottom: 0in; "><li class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; ">Inserting some wording around =
consideration of the multipoint use case that Phil has =
raised.<o:p></o:p></li><li class=3D"MsoNormal" style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; ">Removal of =
the one out-of-scope line as suggested by Peter &amp; =
Morteza.<o:p></o:p></li><li class=3D"MsoNormal" style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; color: black; =
">Re-insertion of the simplecloud.info URL for =
reference.<o:p></o:p></li><li class=3D"MsoNormal" style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; color: black; =
">Updating of draft names based on what has been =
posted<o:p></o:p></li></ul><p style=3D"margin-right: 0in; margin-left: =
0in; font-size: 12pt; font-family: 'Times New Roman', serif; color: =
black; "><br>Two points:<o:p></o:p></p><ol start=3D"1" type=3D"1" =
style=3D"margin-bottom: 0in; "><li class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; color: black; ">I don't actually see the LDAP mapping =
document anywhere.&nbsp; Is there one?&nbsp; How critical is this to =
have?<o:p></o:p></li><li class=3D"MsoNormal" style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; color: black; ">There =
exists a usage scenarios document.&nbsp; Is that also something we want =
to adopt?<o:p></o:p></li></ol><p style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; color: black; =
">Eliot<o:p></o:p></p></div></div>________________________________________=
_______<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim</div></span></blockquote></div><br></div></div></body>=
</html>=

--Apple-Mail=_63F410E5-7D79-4CB7-83C2-E269EAF8C7DD--

From michael.brenner@alcatel-lucent.com  Fri Mar 16 12:05:39 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4007B21E8018 for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 12:05:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.689
X-Spam-Level: 
X-Spam-Status: No, score=-9.689 tagged_above=-999 required=5 tests=[AWL=0.909,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wtAJCW8bJmxF for <scim@ietfa.amsl.com>; Fri, 16 Mar 2012 12:05:38 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id 0300521E8013 for <scim@ietf.org>; Fri, 16 Mar 2012 12:05:37 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id q2GJ5XH1028749 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 16 Mar 2012 14:05:33 -0500 (CDT)
Received: from USNAVSXCHHUB01.ndc.alcatel-lucent.com (usnavsxchhub01.ndc.alcatel-lucent.com [135.3.39.110]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2GJ5XDJ029467 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Fri, 16 Mar 2012 14:05:33 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB01.ndc.alcatel-lucent.com ([135.3.39.110]) with mapi; Fri, 16 Mar 2012 14:05:32 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Eliot Lear <lear@cisco.com>, "scim@ietf.org" <scim@ietf.org>
Date: Fri, 16 Mar 2012 14:05:31 -0500
Thread-Topic: [scim] charter and odds and ends
Thread-Index: Ac0DSpCbEwDdtzMORZC5Zd2CIxWmJwAW+JiA
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F54C162@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <4F62F287.2000809@cisco.com>
In-Reply-To: <4F62F287.2000809@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_219947F0B2242843A0A1E62FDB510DC0250F54C162USNAVSXCHMBSA_"
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Subject: Re: [scim] charter and odds and ends
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 19:05:39 -0000

--_000_219947F0B2242843A0A1E62FDB510DC0250F54C162USNAVSXCHMBSA_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

WWVzIG9uIHRoZSB1c2UtY2FzZSBkb2N1bWVudC4gSGVscHMgd2l0aCBib3RoIHNjb3BpbmcgYW5k
IGRldGFpbGluZyByZXF1aXJlbWVudHMuDQpNaWNoYWVsLg0KDQpGcm9tOiBzY2ltLWJvdW5jZXNA
aWV0Zi5vcmcgW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBFbGlv
dCBMZWFyDQpTZW50OiBGcmlkYXksIE1hcmNoIDE2LCAyMDEyIDM6NTggQU0NClRvOiBzY2ltQGll
dGYub3JnDQpTdWJqZWN0OiBbc2NpbV0gY2hhcnRlciBhbmQgb2RkcyBhbmQgZW5kcw0KDQpIaSBl
dmVyeW9uZSwNCg0KQmFzZWQgb24gZGlzY3Vzc2lvbiBJIGFtIGluIHRoZSBwcm9jZXNzIG9mIHVw
ZGF0aW5nIHRoZSBkcmFmdCBjaGFydGVyIChiYXNlZCBvbiAtNCkgYXMgZm9sbG93czoNCg0KICog
ICBJbnNlcnRpbmcgc29tZSB3b3JkaW5nIGFyb3VuZCBjb25zaWRlcmF0aW9uIG9mIHRoZSBtdWx0
aXBvaW50IHVzZSBjYXNlIHRoYXQgUGhpbCBoYXMgcmFpc2VkLg0KICogICBSZW1vdmFsIG9mIHRo
ZSBvbmUgb3V0LW9mLXNjb3BlIGxpbmUgYXMgc3VnZ2VzdGVkIGJ5IFBldGVyICYgTW9ydGV6YS4N
CiAqICAgUmUtaW5zZXJ0aW9uIG9mIHRoZSBzaW1wbGVjbG91ZC5pbmZvIFVSTCBmb3IgcmVmZXJl
bmNlLg0KICogICBVcGRhdGluZyBvZiBkcmFmdCBuYW1lcyBiYXNlZCBvbiB3aGF0IGhhcyBiZWVu
IHBvc3RlZA0KDQpUd28gcG9pbnRzOg0KDQogMS4gIEkgZG9uJ3QgYWN0dWFsbHkgc2VlIHRoZSBM
REFQIG1hcHBpbmcgZG9jdW1lbnQgYW55d2hlcmUuICBJcyB0aGVyZSBvbmU/ICBIb3cgY3JpdGlj
YWwgaXMgdGhpcyB0byBoYXZlPw0KIDIuICBUaGVyZSBleGlzdHMgYSB1c2FnZSBzY2VuYXJpb3Mg
ZG9jdW1lbnQuICBJcyB0aGF0IGFsc28gc29tZXRoaW5nIHdlIHdhbnQgdG8gYWRvcHQ/DQoNCkVs
aW90DQo=

--_000_219947F0B2242843A0A1E62FDB510DC0250F54C162USNAVSXCHMBSA_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6eD0idXJuOnNjaGVtYXMtbWljcm9z
b2Z0LWNvbTpvZmZpY2U6ZXhjZWwiIHhtbG5zOnA9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206
b2ZmaWNlOnBvd2VycG9pbnQiIHhtbG5zOmE9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2Zm
aWNlOmFjY2VzcyIgeG1sbnM6ZHQ9InV1aWQ6QzJGNDEwMTAtNjVCMy0xMWQxLUEyOUYtMDBBQTAw
QzE0ODgyIiB4bWxuczpzPSJ1dWlkOkJEQzZFM0YwLTZEQTMtMTFkMS1BMkEzLTAwQUEwMEMxNDg4
MiIgeG1sbnM6cnM9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206cm93c2V0IiB4bWxuczp6PSIj
Um93c2V0U2NoZW1hIiB4bWxuczpiPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTpw
dWJsaXNoZXIiIHhtbG5zOnNzPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTpzcHJl
YWRzaGVldCIgeG1sbnM6Yz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6Y29tcG9u
ZW50OnNwcmVhZHNoZWV0IiB4bWxuczpvZGM9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2Zm
aWNlOm9kYyIgeG1sbnM6b2E9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOmFjdGl2
YXRpb24iIHhtbG5zOmh0bWw9Imh0dHA6Ly93d3cudzMub3JnL1RSL1JFQy1odG1sNDAiIHhtbG5z
OnE9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvIiB4bWxuczpydGM9
Imh0dHA6Ly9taWNyb3NvZnQuY29tL29mZmljZW5ldC9jb25mZXJlbmNpbmciIHhtbG5zOkQ9IkRB
VjoiIHhtbG5zOlJlcGw9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vcmVwbC8iIHhtbG5z
Om10PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQvc29hcC9tZWV0aW5n
cy8iIHhtbG5zOngyPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9leGNlbC8y
MDAzL3htbCIgeG1sbnM6cHBkYT0iaHR0cDovL3d3dy5wYXNzcG9ydC5jb20vTmFtZVNwYWNlLnhz
ZCIgeG1sbnM6b2lzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQvc29h
cC9vaXMvIiB4bWxuczpkaXI9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2lu
dC9zb2FwL2RpcmVjdG9yeS8iIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
bGRzaWcjIiB4bWxuczpkc3A9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2lu
dC9kc3AiIHhtbG5zOnVkYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9kYXRhL3VkYyIg
eG1sbnM6eHNkPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6c3ViPSJo
dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQvc29hcC8yMDAyLzEvYWxlcnRz
LyIgeG1sbnM6ZWM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgeG1sbnM6c3A9
Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2ludC8iIHhtbG5zOnNwcz0iaHR0
cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9zaGFyZXBvaW50L3NvYXAvIiB4bWxuczp4c2k9Imh0
dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp1ZGNzPSJodHRw
Oi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2RhdGEvdWRjL3NvYXAiIHhtbG5zOnVkY3hmPSJodHRw
Oi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2RhdGEvdWRjL3htbGZpbGUiIHhtbG5zOnVkY3AycD0i
aHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9kYXRhL3VkYy9wYXJ0dG9wYXJ0IiB4bWxuczpt
PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5z
OnN0PSImIzE7IiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvVFIvUkVDLWh0bWw0MCI+PGhlYWQ+
PG1ldGEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0
PXV0Zi04Ij48bWV0YSBuYW1lPUdlbmVyYXRvciBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxMiAo
ZmlsdGVyZWQgbWVkaXVtKSI+PHN0eWxlPjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBm
b250LWZhY2UNCgl7Zm9udC1mYW1pbHk6V2luZ2RpbmdzOw0KCXBhbm9zZS0xOjUgMCAwIDAgMCAw
IDAgMCAwIDA7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglw
YW5vc2UtMToyIDQgNSAzIDUgNCA2IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6
Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJ
e2ZvbnQtZmFtaWx5OlRhaG9tYTsNCglwYW5vc2UtMToyIDExIDYgNCAzIDUgNCA0IDIgNDt9DQov
KiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1z
b05vcm1hbA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNp
emU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLCJzZXJpZiI7DQoJY29s
b3I6YmxhY2s7fQ0KYTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3Jp
dHk6OTk7DQoJY29sb3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6dmlz
aXRlZCwgc3Bhbi5Nc29IeXBlcmxpbmtGb2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7
DQoJY29sb3I6cHVycGxlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcA0KCXttc28t
c3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87DQoJbWFyZ2luLXJp
Z2h0OjBpbjsNCgltc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzsNCgltYXJnaW4tbGVmdDowaW47
DQoJZm9udC1zaXplOjEyLjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIiwic2Vy
aWYiOw0KCWNvbG9yOmJsYWNrO30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21zby1zdHlsZS10eXBl
OnBlcnNvbmFsLXJlcGx5Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7DQoJ
Y29sb3I6IzFGNDk3RDt9DQouTXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQt
b25seTsNCglmb250LXNpemU6MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjgu
NWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4waW4gMS4waW4gMS4waW47fQ0KZGl2LldvcmRT
ZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQovKiBMaXN0IERlZmluaXRpb25zICovDQpA
bGlzdCBsMA0KCXttc28tbGlzdC1pZDo4MzEwMjAyMTk7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRz
OjE0ODY2NjUzNDI7fQ0KQGxpc3QgbDA6bGV2ZWwxDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0
OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgrc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOi41aW47
DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsN
Cgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OlN5bWJvbDt9DQpAbGlz
dCBsMQ0KCXttc28tbGlzdC1pZDoxMjE3MDA2ODU2Ow0KCW1zby1saXN0LXRlbXBsYXRlLWlkczo2
NzE5MTYwMDQ7fQ0Kb2wNCgl7bWFyZ2luLWJvdHRvbTowaW47fQ0KdWwNCgl7bWFyZ2luLWJvdHRv
bTowaW47fQ0KLS0+PC9zdHlsZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVm
YXVsdHMgdjpleHQ9ImVkaXQiIHNwaWRtYXg9IjEwMjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48
IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxv
OmlkbWFwIHY6ZXh0PSJlZGl0IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwh
W2VuZGlmXS0tPjwvaGVhZD48Ym9keSBiZ2NvbG9yPXdoaXRlIGxhbmc9RU4tVVMgbGluaz1ibHVl
IHZsaW5rPXB1cnBsZT48ZGl2IGNsYXNzPVdvcmRTZWN0aW9uMT48cCBjbGFzcz1Nc29Ob3JtYWw+
PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5z
LXNlcmlmIjtjb2xvcjojMUY0OTdEJz5ZZXMgb24gdGhlIHVzZS1jYXNlIGRvY3VtZW50LiBIZWxw
cyB3aXRoIGJvdGggc2NvcGluZyBhbmQgZGV0YWlsaW5nIHJlcXVpcmVtZW50cy48bzpwPjwvbzpw
Pjwvc3Bhbj48L3A+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEu
MHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7Y29sb3I6IzFGNDk3RCc+TWlj
aGFlbC48bzpwPjwvbzpwPjwvc3Bhbj48L3A+PHAgY2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxl
PSdmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7Y29s
b3I6IzFGNDk3RCc+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPjxkaXY+PGRpdiBzdHlsZT0n
Ym9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjQjVDNERGIDEuMHB0O3BhZGRpbmc6My4wcHQg
MGluIDBpbiAwaW4nPjxwIGNsYXNzPU1zb05vcm1hbD48Yj48c3BhbiBzdHlsZT0nZm9udC1zaXpl
OjEwLjBwdDtmb250LWZhbWlseToiVGFob21hIiwic2Fucy1zZXJpZiI7Y29sb3I6d2luZG93dGV4
dCc+RnJvbTo8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFt
aWx5OiJUYWhvbWEiLCJzYW5zLXNlcmlmIjtjb2xvcjp3aW5kb3d0ZXh0Jz4gc2NpbS1ib3VuY2Vz
QGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSA8Yj5PbiBCZWhhbGYgT2Yg
PC9iPkVsaW90IExlYXI8YnI+PGI+U2VudDo8L2I+IEZyaWRheSwgTWFyY2ggMTYsIDIwMTIgMzo1
OCBBTTxicj48Yj5Ubzo8L2I+IHNjaW1AaWV0Zi5vcmc8YnI+PGI+U3ViamVjdDo8L2I+IFtzY2lt
XSBjaGFydGVyIGFuZCBvZGRzIGFuZCBlbmRzPG86cD48L286cD48L3NwYW4+PC9wPjwvZGl2Pjwv
ZGl2PjxwIGNsYXNzPU1zb05vcm1hbD48bzpwPiZuYnNwOzwvbzpwPjwvcD48cCBjbGFzcz1Nc29O
b3JtYWw+SGkgZXZlcnlvbmUsPGJyPjxicj5CYXNlZCBvbiBkaXNjdXNzaW9uIEkgYW0gaW4gdGhl
IHByb2Nlc3Mgb2YgdXBkYXRpbmcgdGhlIGRyYWZ0IGNoYXJ0ZXIgKGJhc2VkIG9uIC00KSBhcyBm
b2xsb3dzOjxvOnA+PC9vOnA+PC9wPjx1bCB0eXBlPWRpc2M+PGxpIGNsYXNzPU1zb05vcm1hbCBz
dHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87
bXNvLWxpc3Q6bDAgbGV2ZWwxIGxmbzEnPkluc2VydGluZyBzb21lIHdvcmRpbmcgYXJvdW5kIGNv
bnNpZGVyYXRpb24gb2YgdGhlIG11bHRpcG9pbnQgdXNlIGNhc2UgdGhhdCBQaGlsIGhhcyByYWlz
ZWQuPG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4t
dG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVs
MSBsZm8xJz5SZW1vdmFsIG9mIHRoZSBvbmUgb3V0LW9mLXNjb3BlIGxpbmUgYXMgc3VnZ2VzdGVk
IGJ5IFBldGVyICZhbXA7IE1vcnRlemEuPG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29Ob3Jt
YWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDph
dXRvO21zby1saXN0OmwwIGxldmVsMSBsZm8xJz5SZS1pbnNlcnRpb24gb2YgdGhlIHNpbXBsZWNs
b3VkLmluZm8gVVJMIGZvciByZWZlcmVuY2UuPG86cD48L286cD48L2xpPjxsaSBjbGFzcz1Nc29O
b3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFs
dDphdXRvO21zby1saXN0OmwwIGxldmVsMSBsZm8xJz5VcGRhdGluZyBvZiBkcmFmdCBuYW1lcyBi
YXNlZCBvbiB3aGF0IGhhcyBiZWVuIHBvc3RlZDxvOnA+PC9vOnA+PC9saT48L3VsPjxwPjxicj5U
d28gcG9pbnRzOjxvOnA+PC9vOnA+PC9wPjxvbCBzdGFydD0xIHR5cGU9MT48bGkgY2xhc3M9TXNv
Tm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1h
bHQ6YXV0bzttc28tbGlzdDpsMSBsZXZlbDEgbGZvMic+SSBkb24ndCBhY3R1YWxseSBzZWUgdGhl
IExEQVAgbWFwcGluZyBkb2N1bWVudCBhbnl3aGVyZS4mbmJzcDsgSXMgdGhlcmUgb25lPyZuYnNw
OyBIb3cgY3JpdGljYWwgaXMgdGhpcyB0byBoYXZlPzxvOnA+PC9vOnA+PC9saT48bGkgY2xhc3M9
TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRv
bS1hbHQ6YXV0bzttc28tbGlzdDpsMSBsZXZlbDEgbGZvMic+VGhlcmUgZXhpc3RzIGEgdXNhZ2Ug
c2NlbmFyaW9zIGRvY3VtZW50LiZuYnNwOyBJcyB0aGF0IGFsc28gc29tZXRoaW5nIHdlIHdhbnQg
dG8gYWRvcHQ/PG86cD48L286cD48L2xpPjwvb2w+PHA+RWxpb3Q8bzpwPjwvbzpwPjwvcD48L2Rp
dj48L2JvZHk+PC9odG1sPg==

--_000_219947F0B2242843A0A1E62FDB510DC0250F54C162USNAVSXCHMBSA_--

From trey.drake@unboundid.com  Mon Mar 19 12:13:43 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C89721F8569 for <scim@ietfa.amsl.com>; Mon, 19 Mar 2012 12:13:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.574
X-Spam-Level: 
X-Spam-Status: No, score=-3.574 tagged_above=-999 required=5 tests=[AWL=0.025,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R6Ycchz7hxT3 for <scim@ietfa.amsl.com>; Mon, 19 Mar 2012 12:13:42 -0700 (PDT)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id 2FCAF21E8013 for <scim@ietf.org>; Mon, 19 Mar 2012 12:13:42 -0700 (PDT)
Received: by ggmi1 with SMTP id i1so6558232ggm.31 for <scim@ietf.org>; Mon, 19 Mar 2012 12:13:41 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:content-type:subject:date:message-id:to:mime-version:x-mailer :x-gm-message-state; bh=2BPMljiEJ0I3uv1EtY5v+ZCEB/N0DdubBBXgy9SGHqw=; b=NEmZO/SSDPDnvQFJGz2SdXg58NMUWvKyDYO/cx9SipJFiiDfCiRrqqdC2qmn7n0Imf 2srUgkIp/gz+Oa5/4qFVO9X0D5EBNt0OE5SI7Z0S0dpit7EEnDBwmaHg7PDFaxHB3ePs E+6n89wTG+fRNSlP9AkIwwTdOogzYpilpURIYc+5E6/XzFxzVzyGQNZMv/HirrTIbpEs MUkwskJmK2ORq/6EKCMr8yqqLWiY9UtJp9PxGAiHy46kXVNdR1abN2WAZLLQRkFef5z7 uL+CJ6likMxbYf97ZxsRoKIrRApTJo44MncnjOJ1JW0z1B/28spZ/9KxpSyNrX+idQq/ hiiQ==
Received: by 10.182.14.39 with SMTP id m7mr8270964obc.54.1332184421605; Mon, 19 Mar 2012 12:13:41 -0700 (PDT)
Received: from [192.168.241.86] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id n7sm10686376oeh.4.2012.03.19.12.13.39 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 19 Mar 2012 12:13:40 -0700 (PDT)
From: Trey Drake <trey.drake@unboundid.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_3440B602-6176-47FC-85BB-BE4277279D4C"; protocol="application/pkcs7-signature"; micalg=sha1
Date: Mon, 19 Mar 2012 14:13:38 -0500
Message-Id: <D287DD4D-5997-494A-9604-E0193689AA84@unboundid.com>
To: "scim@ietf.org Identity Management" <scim@ietf.org>
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQlakoK//pm9kgofe6Kg2ehYHTVFPlcEpz4LkG5dWRRtnlNsCjI9EDRbJDpBOXD24zichJNO
Subject: [scim] XML schema documents
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2012 19:13:43 -0000

--Apple-Mail=_3440B602-6176-47FC-85BB-BE4277279D4C
Content-Type: multipart/mixed;
	boundary="Apple-Mail=_156141A8-5364-410D-B79E-07C6DA6D9FCF"


--Apple-Mail=_156141A8-5364-410D-B79E-07C6DA6D9FCF
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

I suggest adding the attached XML schema (xsd) to the list of documents =
to be considered.  The XML schema documents specify:

- SCIM protocol messages (payload request/response) wrappers
- Core user and group representations
- Enterprise user extension=20

Both documents are part of the pre-existing SCIM work and went a long =
way towards interoperability and quick implementation.  For the =
uninitiated, XML schema defines the concrete rules and means by which an =
XML documented is represented thus reducing interop issues resulting =
from subtle though potential incompatible differences when parsing XML.

Thanks,
Trey


--Apple-Mail=_156141A8-5364-410D-B79E-07C6DA6D9FCF
Content-Disposition: attachment;
	filename=scim-core.xsd
Content-Type: application/octet-stream;
	name="scim-core.xsd"
Content-Transfer-Encoding: 7bit

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<xs:schema xmlns:tns="urn:scim:schemas:core:1.0"
           targetNamespace="urn:scim:schemas:core:1.0"
           xmlns:xs="http://www.w3.org/2001/XMLSchema" version="1.0">
  <xs:element name="Response" type="tns:Response"/>
  <xs:element name="Error" type="tns:Error"/>
  <xs:element name="User" type="tns:User"/>
  <xs:element name="Group" type="tns:Group"/>
  <xs:element name="Resource" type="tns:Resource"/>
  <xs:element name="Schema" type="tns:Schema"/>
  <xs:element name="ServiceProviderConfig" type="tns:ServiceProviderConfig"/>
  <xs:element name="Bulk" type="tns:Bulk"/>
  <xs:element name="Operation" type="tns:Operation"/>

  <xs:group name="Resources">
    <xs:sequence>
      <xs:element name="totalResults" type="xs:long" minOccurs="0"
                  maxOccurs="1"/>
      <xs:element name="itemsPerPage" type="xs:int" minOccurs="0"
                  maxOccurs="1"/>
      <xs:element name="startIndex" type="xs:long" minOccurs="0"
                  maxOccurs="1"/>
      <xs:element name="Resources" minOccurs="0" maxOccurs="1">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Resource"
                        type="tns:Resource"
                        minOccurs="0"
                        maxOccurs="unbounded"
                        nillable="true"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>
    </xs:sequence>
  </xs:group>

  <xs:complexType name="Response">
    <xs:sequence>
      <xs:choice>
        <xs:element ref="tns:Resource" minOccurs="0"/>
        <xs:group ref="tns:Resources"/>
        <xs:element name="errors" minOccurs="0">
          <xs:complexType>
            <xs:sequence>
              <xs:element name="error"
                          type="tns:Error"
                          minOccurs="0"
                          maxOccurs="unbounded"
                          nillable="true"/>
            </xs:sequence>
          </xs:complexType>
        </xs:element>
      </xs:choice>
      <xs:any namespace="##other" minOccurs="0"
              maxOccurs="unbounded"/>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="Bulk">
    <xs:sequence>
      <xs:element name="failOnErrors" type="xs:int" minOccurs="0"
        maxOccurs="1"/>
      <xs:element name="Operations" minOccurs="0" maxOccurs="1">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Operation"
              type="tns:Operation"
              minOccurs="1"
              maxOccurs="unbounded" />
          </xs:sequence>
        </xs:complexType>
      </xs:element>
    </xs:sequence>
  </xs:complexType>
  
  <xs:complexType name="Operation">
    <xs:sequence>
      <xs:element name="method" type="xs:string" minOccurs="1"
                  maxOccurs="1"/>
      <xs:element name="bulkId" type="xs:string" minOccurs="0"
                  maxOccurs="1"/>
      <xs:element name="version" type="xs:string" minOccurs="0"
                  maxOccurs="1"/>
      <xs:element name="path" type="xs:string" minOccurs="0"
                  maxOccurs="1"/>
      <xs:element name="location" type="xs:string" minOccurs="0"
                  maxOccurs="1"/>
      <xs:element name="data" type="tns:Resource" minOccurs="0" 
                  maxOccurs="1" />
      <xs:element name="status" type="tns:Status" minOccurs="0" 
                  maxOccurs="1" />
      </xs:sequence>
  </xs:complexType>

  <xs:complexType name="Status">
    <xs:sequence>
      <xs:element name="code" type="xs:string" minOccurs="0"/>
      <xs:element name="description" type="xs:string" minOccurs="0"/>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="Error">
    <xs:sequence>
      <xs:element name="description" type="xs:string" minOccurs="0"/>
      <xs:element name="code" type="xs:string" minOccurs="0"/>
      <xs:element name="uri" type="xs:string" minOccurs="0"/>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="User">
    <xs:complexContent>
      <xs:extension base="tns:CoreResource">
        <xs:sequence>
          <xs:element name="userName" type="xs:string" minOccurs="0"/>
          <xs:element name="name" type="tns:name" minOccurs="0"/>
          <xs:element name="displayName" type="xs:string"
                      minOccurs="0"/>
          <xs:element name="nickName" type="xs:string" minOccurs="0"/>
          <xs:element name="profileUrl" type="xs:string"
                      minOccurs="0"/>
          <xs:element name="title" type="xs:string" minOccurs="0"/>
          <xs:element name="userType" type="xs:string" minOccurs="0"/>
          <xs:element name="preferredLanguage" type="xs:string" minOccurs="0"/>
          <xs:element name="locale" type="xs:string" minOccurs="0"/>
          <xs:element name="timezone" type="xs:string" minOccurs="0"/>
          <xs:element name="active" type="xs:boolean" minOccurs="0"/>
          <xs:element name="password" type="xs:string" minOccurs="0"/>
          <xs:element name="emails" minOccurs="0" >
          <xs:complexType>
              <xs:sequence>
                <xs:element name="email"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="phoneNumbers" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="phoneNumber"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="ims" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="im"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="photos" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="photo"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="addresses" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="address"
                            type="tns:address"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>           
          <xs:element name="groups" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="group"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="entitlements" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="entitlement"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="roles" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="role"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="x509Certificates" minOccurs="0">
          <xs:complexType>
              <xs:sequence>
                <xs:element name="x509Certificate"
                            type="tns:multiValuedAttribute"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:any namespace="##other" minOccurs="0"
                  maxOccurs="unbounded"/>
        </xs:sequence>
      </xs:extension>
    </xs:complexContent>
  </xs:complexType>

  <xs:complexType name="Group">
    <xs:complexContent>
      <xs:extension base="tns:CoreResource">
        <xs:sequence>
          <xs:element name="displayName" type="xs:string"
            minOccurs="0"/>
          <xs:element name="members" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="member"
                  type="tns:multiValuedAttribute"
                  minOccurs="0"
                  maxOccurs="unbounded"/>
                </xs:sequence>
              </xs:complexType>
          </xs:element>
          <xs:any namespace="##other" minOccurs="0"/>
        </xs:sequence>
      </xs:extension>
    </xs:complexContent>
  </xs:complexType>

  <xs:complexType name="Resource">
    <xs:sequence>
    <xs:element name="id" type="xs:string" minOccurs="0"
                maxOccurs="1"/>
    <xs:element name="meta" type="tns:meta" minOccurs="0"
                maxOccurs="1"/>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="CoreResource">
    <xs:complexContent>
      <xs:extension base="tns:Resource">
        <xs:sequence>
          <xs:element name="externalId" type="xs:string"
                      minOccurs="0"/>
        </xs:sequence>
      </xs:extension>
    </xs:complexContent>
  </xs:complexType>

  <xs:complexType name="address">
    <xs:complexContent>
  	  <xs:extension base="tns:multiValuedAttribute">
  	    <xs:sequence>
          <xs:element name="formatted" type="xs:string" minOccurs="0"/>
          <xs:element name="streetAddress" type="xs:string" minOccurs="0"/>
          <xs:element name="locality" type="xs:string" minOccurs="0"/>
          <xs:element name="region" type="xs:string" minOccurs="0"/>
          <xs:element name="postalCode" type="xs:string" minOccurs="0"/>
          <xs:element name="country" type="xs:string" minOccurs="0"/>
  	    </xs:sequence>
  	  </xs:extension>
  	</xs:complexContent>
  </xs:complexType>

  <xs:complexType name="multiValuedAttribute">
    <xs:sequence>
      <xs:element name="value" type="xs:anyType" minOccurs="0"/>
      <xs:element name="display" type="xs:string" minOccurs="0"/>
      <xs:element name="primary" type="xs:boolean" minOccurs="0"/>
      <xs:element name="type" type="xs:string" minOccurs="0"/>
      <xs:element name="operation" type="xs:string" minOccurs="0"/>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="name">
    <xs:sequence>
      <xs:element name="formatted" type="xs:string" minOccurs="0"/>
      <xs:element name="familyName" type="xs:string" minOccurs="0"/>
      <xs:element name="givenName" type="xs:string" minOccurs="0"/>
      <xs:element name="middleName" type="xs:string" minOccurs="0"/>
      <xs:element name="honorificPrefix" type="xs:string" minOccurs="0"/>
      <xs:element name="honorificSuffix" type="xs:string" minOccurs="0"/>
    </xs:sequence>
  </xs:complexType>
  
  <xs:complexType name="meta">
    <xs:sequence>
      <xs:element name="created" type="xs:dateTime" minOccurs="0"/>
      <xs:element name="lastModified" type="xs:dateTime" minOccurs="0"/>
      <xs:element name="location" type="xs:string" minOccurs="0"/>
      <xs:element name="version" type="xs:string" minOccurs="0"/>
      <xs:element name="attributes" minOccurs="0">
      <xs:complexType>
        <xs:sequence>
          <xs:element name="attribute"
                      type="tns:multiValuedAttribute"
                      minOccurs="0"
                      maxOccurs="unbounded"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="SchemaAttribute">
   <xs:sequence>
     <xs:element name="name" type="xs:string" minOccurs="0"/>
     <xs:element name="type" type="xs:string" minOccurs="0"/>
     <xs:element name="multiValued" type="xs:boolean" minOccurs="0"/>
     <xs:element name="multiValuedAttributeChildName" type="xs:string" minOccurs="0"/>
     <xs:element name="description" type="xs:string" minOccurs="0"/>
     <xs:element name="schema" type="xs:string" minOccurs="0"/>
     <xs:element name="readOnly" type="xs:boolean" minOccurs="0"/>
     <xs:element name="required" type="xs:boolean" minOccurs="0"/>
     <xs:element name="caseExact" type="xs:boolean" minOccurs="0"/>
     <xs:element name="subAttributes" minOccurs="0">
       <xs:complexType>
         <xs:sequence>
           <xs:element name="subAttribute"
                   type="tns:SchemaSubAttribute"
                   minOccurs="0"
                   maxOccurs="unbounded"/>
         </xs:sequence>
       </xs:complexType>
     </xs:element>
   </xs:sequence>
 </xs:complexType>

  <xs:complexType name="SchemaSubAttribute">
    <xs:sequence>
      <xs:element name="name" type="xs:string" minOccurs="0"/>
      <xs:element name="type" type="xs:string" minOccurs="0"/>
      <xs:element name="description" type="xs:string" minOccurs="0"/>
      <xs:element name="readOnly" type="xs:boolean" minOccurs="0"/>
      <xs:element name="required" type="xs:boolean" minOccurs="0"/>
      <xs:element name="caseExact" type="xs:boolean" minOccurs="0"/>
      <xs:sequence>
        <xs:element name="canonicalValues" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
      </xs:sequence>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="Schema">
    <xs:complexContent>
      <xs:extension base="tns:Resource">
        <xs:sequence>
          <xs:element name="name" type="xs:string"
            minOccurs="0"/>
          <xs:element name="description" type="xs:string"
            minOccurs="0"/>
          <xs:element name="schema" type="xs:string"
            minOccurs="0"/>
          <xs:element name="endpoint" type="xs:string"
            minOccurs="0"/>
          <xs:element name="attributes" minOccurs="0">
          <xs:complexType>
            <xs:sequence>
              <xs:element name="attribute"
                         type="tns:SchemaAttribute"
                         minOccurs="0"
                         maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
        </xs:sequence>
      </xs:extension>
    </xs:complexContent>
  </xs:complexType>

  <xs:complexType name="authenticationScheme">
    <xs:sequence>
      <xs:element name="name" type="xs:string" minOccurs="0"/>
      <xs:element name="description" type="xs:string" minOccurs="0"/>
      <xs:element name="specUrl" type="xs:string" minOccurs="0"/>
      <xs:element name="documentationUrl" type="xs:string" minOccurs="0"/>
    </xs:sequence>
  </xs:complexType>

  <xs:complexType name="ServiceProviderConfig">
    <xs:complexContent>
      <xs:extension base="tns:Resource">
        <xs:sequence>
          <xs:element name="documentationUrl" type="xs:string"
                      minOccurs="0"/>
          <xs:element name="patch" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="supported" type="xs:boolean"
                            minOccurs="0"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="bulk" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="supported" type="xs:boolean"
                            minOccurs="0"/>
                <xs:element name="maxOperations" type="xs:int"
                            minOccurs="0"/>
                <xs:element name="maxPayloadSize" type="xs:int"
                            minOccurs="0"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="filter" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="supported" type="xs:boolean"
                            minOccurs="0"/>
                <xs:element name="maxResults" type="xs:int"
                            minOccurs="0"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="changePassword" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="supported" type="xs:boolean"
                            minOccurs="0"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="sort" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="supported" type="xs:boolean"
                            minOccurs="0"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="etag" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="supported" type="xs:boolean"
                            minOccurs="0"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="authenticationSchemes" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="authenticationScheme" type="tns:authenticationScheme"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:element name="xmlDataFormat" minOccurs="0">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="supported" type="xs:boolean"
                            minOccurs="0"/>
              </xs:sequence>
            </xs:complexType>
          </xs:element>
          <xs:any namespace="##other" minOccurs="0"/>
        </xs:sequence>
      </xs:extension>
    </xs:complexContent>
  </xs:complexType>
</xs:schema>

--Apple-Mail=_156141A8-5364-410D-B79E-07C6DA6D9FCF
Content-Disposition: attachment;
	filename=scim-enterprise.xsd
Content-Type: application/octet-stream;
	name="scim-enterprise.xsd"
Content-Transfer-Encoding: 7bit

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<xs:schema xmlns:tns="urn:scim:schemas:extension:enterprise:1.0"
           targetNamespace="urn:scim:schemas:extension:enterprise:1.0"
           xmlns:xs="http://www.w3.org/2001/XMLSchema" version="1.0">

  <xs:element name="employeeNumber" type="xs:string"/>
  <xs:element name="costCenter" type="xs:string"/>
  <xs:element name="organization" type="xs:string"/>
  <xs:element name="division" type="xs:string"/>
  <xs:element name="department" type="xs:string"/>
  <xs:element name="manager" type="tns:manager"/>

  <xs:complexType name="manager">
    <xs:sequence>
      <xs:element name="managerId" type="xs:string" minOccurs="0"/>
      <xs:element name="displayName" type="xs:string" minOccurs="0"/>
    </xs:sequence>
  </xs:complexType>

</xs:schema>

--Apple-Mail=_156141A8-5364-410D-B79E-07C6DA6D9FCF--

--Apple-Mail=_3440B602-6176-47FC-85BB-BE4277279D4C
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMTkxOTEzMzlaMCMGCSqGSIb3DQEJBDEWBBRk/O80SeJ53nZ1V+BoPI7NlN8Z9TCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBAEnVwdt7YS0jZUqpxKUrCkdEC6Z2qwXDKQL9ogKc9j1aOm4T2YaPfz9A9+ecJpWlAjcO
rBRyy6QJ8VHD7CANNOh4Xdsd1KgRhzyxQYu8WmPQ3KN+OCKatHVSCXqXItECI2Ix4LeW6ZcZbOhJ
eBA58lfnDlXSGRM2N2dU3N/jlALBtjb+oXV8LqrOyxbF2lQpzRIkB/3unx+8ApajIUMe4RxElsI/
TKoS4XQdezdJsaNeNyrcBvtEtW5Jzh5ylxXU0JKJteQyt8aIg+iv67UJSdj0BIQeYlg7Ph2eOOuc
bG4c/tjIY36kpCQLOW5bHOnnn6Vlft1KqD7VY7pqXr8cRlMAAAAAAAA=

--Apple-Mail=_3440B602-6176-47FC-85BB-BE4277279D4C--

From moransar@cisco.com  Thu Mar 22 01:00:29 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B9B521F8629 for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 01:00:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.53
X-Spam-Level: 
X-Spam-Status: No, score=-10.53 tagged_above=-999 required=5 tests=[AWL=0.068,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rl3GbrspDwo6 for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 01:00:26 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id 00BB821F8608 for <scim@ietf.org>; Thu, 22 Mar 2012 01:00:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=16308; q=dns/txt; s=iport; t=1332403226; x=1333612826; h=mime-version:subject:date:message-id:from:to; bh=wApevyQlb7GcZzuSR8kP84jnQDeJDT8oWqdIDIgljxc=; b=P+AFCvdm197zu/BtAp9rjXcVk6tQpYwrfkL+iucBqTQ3XjYE4aPhuxwH kXGSr/kAY2uQWZK7HvQOXKR2lbTxVPfXh3/eihUEDNbmiX2spzSfPOb+s 5uyzS70Xm5eEdSsMHiKTqzhbk0cFszYmXclQRjQe2ZX++p4TdgGVwj/M0 g=;
X-Files: charter5.txt : 4396
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFAKrbak+tJV2c/2dsb2JhbAA6AQmCRrRXgQeCCwEEAQEBDwEJEQM8Ah0BKgIEBRMHASUxAQQRAggBGYdoC5d3gSefFopaAQiCU4JLYwSIVoYQgSKUF4FogwUggR4
X-IronPort-AV: E=Sophos;i="4.73,629,1325462400";  d="txt'?scan'208,217";a="68476632"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-6.cisco.com with ESMTP; 22 Mar 2012 08:00:25 +0000
Received: from xbh-rcd-101.cisco.com (xbh-rcd-101.cisco.com [72.163.62.138]) by rcdn-core-5.cisco.com (8.14.3/8.14.3) with ESMTP id q2M80PwS011376 for <scim@ietf.org>; Thu, 22 Mar 2012 08:00:25 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-101.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Thu, 22 Mar 2012 03:00:25 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01CD0801.D66A285F"
Date: Thu, 22 Mar 2012 03:00:24 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEEE4754@XMB-RCD-313.cisco.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Draft charter - v5
Thread-Index: Ac0H/9OnJCV02DwPTPeuALgWGrIiSg==
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: <scim@ietf.org>
X-OriginalArrivalTime: 22 Mar 2012 08:00:25.0120 (UTC) FILETIME=[D68D8200:01CD0801]
Subject: [scim] Draft charter - v5
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2012 08:00:29 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD0801.D66A285F
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_002_01CD0801.D66A285F"


------_=_NextPart_002_01CD0801.D66A285F
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

The differences between this and v4 are:

=20

-removal of the third bullet from the out of scope section

-update of initial drafts based on Trey's submission

-added use case draft to the list of docs

=20

Please send any additional comments/feedback.

=20

=20

Cheers,

Morteza

=20

=20

*** charter4.txt               2012-03-14 20:03:09.000000000 -0700

--- charter5.txt  2012-03-22 00:53:41.000000000 -0700

***************

*** 47,54 ****

  identities as part of the work adopted by the working group.  The
group

  will use, as starting points, the following drafts in the following
ways:

 =20

!      draft-XXX-scim-schema-00 as the schema specification,

!      draft-XXX-scim-protocol-definition-00 as the protocol
specification,

       draft-XXX-scim-saml-binding-00 for binding the SCIM schema to
SAML, and

       draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to
LDAP.

 =20

--- 47,55 ----

  identities as part of the work adopted by the working group.  The
group

  will use, as starting points, the following drafts in the following
ways:

 =20

!      draft-scim-use-cases-00 as the initial use cases for SCIM,

!      draft-scim-core-schema-00 as the schema specification,

!      draft-scim-api-00 as the protocol specification,

       draft-XXX-scim-saml-binding-00 for binding the SCIM schema to
SAML, and

       draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to
LDAP.

 =20

***************

*** 69,78 ****

  The group considers the following out of scope for this group:

       Defining new authentication schemes

       Defining new policy/authorization schemes

-      Defining how SCIM implementations define and implement
authorization

 =20

  Milestones

 =20

  5/2012    Initial adoption of SCIM core schema

  5/2012    Initial adoption of SCIM restful interface draft

  5/2012    Initial adoption of SCIM SAML bindings draft

--- 70,79 ----

  The group considers the following out of scope for this group:

       Defining new authentication schemes

       Defining new policy/authorization schemes

 =20

  Milestones

 =20

+ 5/2012    Initial adoption of SCIM use cases

  5/2012    Initial adoption of SCIM core schema

  5/2012    Initial adoption of SCIM restful interface draft

  5/2012    Initial adoption of SCIM SAML bindings draft

=20


------_=_NextPart_002_01CD0801.D66A285F
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal>The =
differences between this and v4 are:<o:p></o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=3DMsoNormal>-removal of =
the third bullet from the out of scope section<o:p></o:p></p><p =
class=3DMsoNormal>-update of initial drafts based on Trey&#8217;s =
submission<o:p></o:p></p><p class=3DMsoNormal>-added use case draft to =
the list of docs<o:p></o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=3DMsoNormal>Please send =
any additional comments/feedback.<o:p></o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal>Cheers,<o:p></o:p></p><div =
style=3D'mso-element:para-border-div;border:none;border-bottom:solid =
windowtext 1.0pt;padding:0in 0in 1.0pt 0in'><p class=3DMsoNormal =
style=3D'border:none;padding:0in'>Morteza<o:p></o:p></p><p =
class=3DMsoNormal =
style=3D'border:none;padding:0in'><o:p>&nbsp;</o:p></p></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=3DMsoNormal>*** =
charter4.txt&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; 2012-03-14 20:03:09.000000000 =
-0700<o:p></o:p></p><p class=3DMsoNormal>--- charter5.txt&nbsp; =
2012-03-22 00:53:41.000000000 -0700<o:p></o:p></p><p =
class=3DMsoNormal>***************<o:p></o:p></p><p class=3DMsoNormal>*** =
47,54 ****<o:p></o:p></p><p class=3DMsoNormal>&nbsp; identities as part =
of the work adopted by the working group.&nbsp; The =
group<o:p></o:p></p><p class=3DMsoNormal>&nbsp; will use, as starting =
points, the following drafts in the following ways:<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; <o:p></o:p></p><p =
class=3DMsoNormal>!&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-XXX-scim-schema-00 as the schema specification,<o:p></o:p></p><p =
class=3DMsoNormal>!&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-XXX-scim-protocol-definition-00 as the protocol =
specification,<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, =
and<o:p></o:p></p><p class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&nbsp;draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to =
LDAP.<o:p></o:p></p><p class=3DMsoNormal>&nbsp; <o:p></o:p></p><p =
class=3DMsoNormal>--- 47,55 ----<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; identities as part of the work adopted by the =
working group.&nbsp; The group<o:p></o:p></p><p class=3DMsoNormal>&nbsp; =
will use, as starting points, the following drafts in the following =
ways:<o:p></o:p></p><p class=3DMsoNormal>&nbsp; <o:p></o:p></p><p =
class=3DMsoNormal>!&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-scim-use-cases-00 as the initial use cases for =
SCIM,<o:p></o:p></p><p class=3DMsoNormal>!&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-scim-core-schema-00 as the schema specification,<o:p></o:p></p><p =
class=3DMsoNormal>!&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; draft-scim-api-00 as =
the protocol specification,<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, =
and<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to =
LDAP.<o:p></o:p></p><p class=3DMsoNormal>&nbsp; <o:p></o:p></p><p =
class=3DMsoNormal>***************<o:p></o:p></p><p class=3DMsoNormal>*** =
69,78 ****<o:p></o:p></p><p class=3DMsoNormal>&nbsp; The group considers =
the following out of scope for this group:<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Defining new =
authentication schemes<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Defining new =
policy/authorization schemes<o:p></o:p></p><p =
class=3DMsoNormal>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Defining how SCIM =
implementations define and implement authorization<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; <o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;Milestones<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; <o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;5/2012&nbsp;&nbsp;&nbsp; Initial adoption =
of SCIM core schema<o:p></o:p></p><p class=3DMsoNormal>&nbsp; =
5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM restful interface =
draft<o:p></o:p></p><p class=3DMsoNormal>&nbsp; 5/2012&nbsp;&nbsp;&nbsp; =
Initial adoption of SCIM SAML bindings draft<o:p></o:p></p><p =
class=3DMsoNormal>--- 70,79 ----<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; The group considers the following out of scope =
for this group:<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Defining new =
authentication schemes<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Defining new =
policy/authorization schemes<o:p></o:p></p><p class=3DMsoNormal>&nbsp; =
<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;Milestones<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; <o:p></o:p></p><p class=3DMsoNormal>+ =
5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM use =
cases<o:p></o:p></p><p class=3DMsoNormal>&nbsp; 5/2012&nbsp;&nbsp;&nbsp; =
Initial adoption of SCIM core schema<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; 5/2012&nbsp;&nbsp;&nbsp; Initial adoption of =
SCIM restful interface draft<o:p></o:p></p><p class=3DMsoNormal>&nbsp; =
5/2012&nbsp;&nbsp;&nbsp; Initial adoption of SCIM SAML bindings =
draft<o:p></o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></body></html>
------_=_NextPart_002_01CD0801.D66A285F--

------_=_NextPart_001_01CD0801.D66A285F
Content-Type: text/plain;
	name="charter5.txt"
Content-Transfer-Encoding: base64
Content-Description: charter5.txt
Content-Disposition: attachment;
	filename="charter5.txt"

U2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pCkNoYWlyKHMpOiBUQkQgCkFw
cGxpY2F0aW9ucyBBcmVhIERpcmVjdG9yKHMpOgogICAgIFBldGUgUmVzbmljayA8cHJlc25pY2tA
cXVhbGNvbW0uY29tPiAKICAgICBCYXJyeSBMaWViYSA8Pz8/PiAKTWFpbGluZyBMaXN0czoKICAg
ICBHZW5lcmFsIERpc2N1c3Npb246IHNjaW1AaWV0Zi5vcmcKICAgICBUbyBTdWJzY3JpYmU6IGh0
dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbQogICAgIEFyY2hpdmU6IGh0
dHA6Ly93d3cuaWV0Zi5vcmcvbWFpbC1hcmNoaXZlL3dlYi9zY2ltL2N1cnJlbnQvbWFpbGxpc3Qu
aHRtbAogCkRlc2NyaXB0aW9uIG9mIFdvcmtpbmcgR3JvdXA6ClRoZSBTaW1wbGUgQ2xvdWQgSWRl
bnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0byAKc2lt
cGxpZnkgdXNlciBpZGVudGl0eSBtYW5hZ2VtZW50IGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9u
cyBieSBkZWZpbmluZwpzdGFuZGFyZCBwcm90b2NvbHMgYW5kIHNjaGVtYXMgZm9yIGNyZWF0aW5n
LCByZWFkaW5nL3NlYXJjaGluZywgdXBkYXRpbmcsCmFuZCBkZWxldGluZyB1c2VyIGlkZW50aXRp
ZXMgYW5kIGlkZW50aXR5LXJlbGF0ZWQgb2JqZWN0cy4KClRvZGF5LCBkaXN0cmlidXRlZCBpZGVu
dGl0eSBtYW5hZ2VtZW50IGluIHRoZSBjbG91ZCBpcyBjb21wbGljYXRlZCBieSBhIGxhY2sKb2Yg
cHJvdG9jb2wgYW5kIHNjaGVtYSBzdGFuZGFyZGl6YXRpb24gYmV0d2VlbiBpZGVudGl0eSBjb25z
dW1lcnMgYW5kCnByb2R1Y2Vycy4gVGhpcyBsZWFkcyB0byBvcmdhbml6YXRpb25zIG5lZWRpbmcg
bXVsdGlwbGUgY2xvdWQgc2VydmljZXMgdG8KYnVpbGQgY29ubmVjdG9ycyB1c2luZyBlYWNoIHZl
bmRvcidzIHByb3ByaWV0YXJ5IHNjaGVtYSBhbmQgcHJvdG9jb2wuIEV4aXN0aW5nCnN0YW5kYXJk
cyBpbiB0aGlzIHNwYWNlIHN1Y2ggYXMgU1BNTCBoYXZlIG5vdCBnYWluZWQgdHJhY3Rpb24gZHVl
LCBpbiBwYXJ0LAp0byBjb21wbGV4aXR5IGFuZCBhYnNlbmNlIG9mIGEgY29tbW9uIHNjaGVtYS4g
QmV5b25kIHByb3Zpc2lvbmluZyBpZGVudGl0aWVzCmJldHdlZW4gb3JnYW5pemF0aW9ucyBhbmQg
dmVuZG9ycywgY3Jvc3MgcHJvdmlzaW9uaW5nIGJldHdlZW4gdmVuZG9ycyBpcyBhbHNvCmEgbWFq
b3IgZHJpdmVyIGZvciBzdGFuZGFyZGl6aW5nIGEgY29yZSBpZGVudGl0eSBtYW5hZ2VtZW50IHNj
aGVtYSBhbmQKcHJvdG9jb2wuICAKClRoZSBTQ0lNIHdvcmtpbmcgZ3JvdXAgd2lsbCBkZXZlbG9w
IHRoZSBjb3JlIHNjaGVtYSBhbmQgcHJvdG9jb2xzIHRvIGFkZHJlc3MKdGhlc2UgcHJvYmxlbXMu
IEluaXRpYWxseSwgdGhlIFdHIHdpbGwgZm9jdXMgb24gYSBzY2hlbWEgZGVmaW5pdGlvbiBhbmQK
cHJvdG9jb2wgZm9yIENSVUQgKENyZWF0ZSwgUmVhZC9zZWFyY2gsIFVwZGF0ZSwgRGVsZXRlKSBh
bmQgYnVsayBvcGVyYXRpb25zLgpUaGUgV0cgd2lsbCBjb250aW51ZSB3aXRoIGJpbmRpbmdzIHRv
IGV4aXN0aW5nIGlkZW50aXR5IHN0YW5kYXJkcyBzdWNoIGFzCkxEQVAgYW5kIFNBTUwgMi4wLiBT
Q0lNIGZvY3VzZXMgb24gdGhlIGNhc2Ugd2hlcmUgYW4gb3JnYW5pemF0aW9uJ3MgTERBUApzZXJ2
aWNlIG1heSBub3QgYmUgYXZhaWxhYmxlIHRvIHRoZSBwcm92aWRlciwgYW5kIFNBTUwgY2Fubm90
IHByb3ZpZGUKc3VmZmljaWVudCBjb250ZXh0IGZvciB0aGUgc2VydmljZS4gIEZvciBleGFtcGxl
LCBwcm92aXNpb25pbmcgb2YgYSB1c2VyJ3MKZW1haWwgYWNjb3VudCBzbyB0aGF0IGl0IGNhbiBy
ZWNlaXZlIG1haWwgYmVmb3JlIHRoZSBwZXJzb24gaGFzIGZpcnN0CmxvZ2dlZCBpbi4KCkluIGFk
ZGl0aW9uLCB0aGUgd29ya2luZyBncm91cCB3aWxsIGRlZmluZSBob3cgZXh0ZW5zaW9ucyB0byB0
aGUgc2NoZW1hCmFuZCBjb3JlIHByb3RvY29sIGNhbiBiZSBkZXZlbG9wZWQuCgpUaGUgc3BlY2lm
aWNhdGlvbiBzdWl0ZSBzZWVrcyB0byBidWlsZCB1cG9uIGV4cGVyaWVuY2Ugd2l0aCBleGlzdGlu
ZyBzY2hlbWFzCmFuZCBkZXBsb3ltZW50cywgcGxhY2luZyBzcGVjaWZpYyBlbXBoYXNpcyBvbiBz
aW1wbGljaXR5IG9mIGRldmVsb3BtZW50CmFuZCBpbnRlZ3JhdGlvbiwgd2hpbGUgYXBwbHlpbmcg
ZXhpc3RpbmcgYXV0aGVudGljYXRpb24sIGF1dGhvcml6YXRpb24sCmFuZCBwcml2YWN5IG1vZGVs
cy4gSXRzIGludGVudCBpcyB0byByZWR1Y2UgdGhlIGNvc3QgYW5kIGNvbXBsZXhpdHkgb2YgdXNl
cgptYW5hZ2VtZW50IGJ5IHByb3ZpZGluZyBhIGNvbW1vbiwgZXh0ZW5zaWJsZSB1c2VyIHNjaGVt
YSwgYXMgd2VsbCBhcyBiaW5kaW5nCmRvY3VtZW50cyB0aGF0IHByb3ZpZGUgcGF0dGVybnMgZm9y
IGV4Y2hhbmdpbmcgdGhlIHNjaGVtYSB1c2luZyBzdGFuZGFyZApwcm90b2NvbHMuIEluIGFkZGl0
aW9uLCB0aGUgd29ya2luZyBncm91cCBtYXkgY29uc2lkZXIgaW5jbHVzaW9uIG9mIGRldmljZQpp
ZGVudGl0aWVzIGFzIHBhcnQgb2YgdGhlIHdvcmsgYWRvcHRlZCBieSB0aGUgd29ya2luZyBncm91
cC4gIFRoZSBncm91cAp3aWxsIHVzZSwgYXMgc3RhcnRpbmcgcG9pbnRzLCB0aGUgZm9sbG93aW5n
IGRyYWZ0cyBpbiB0aGUgZm9sbG93aW5nIHdheXM6CgogICAgIGRyYWZ0LXNjaW0tdXNlLWNhc2Vz
LTAwIGFzIHRoZSBpbml0aWFsIHVzZSBjYXNlcyBmb3IgU0NJTSwKICAgICBkcmFmdC1zY2ltLWNv
cmUtc2NoZW1hLTAwIGFzIHRoZSBzY2hlbWEgc3BlY2lmaWNhdGlvbiwKICAgICBkcmFmdC1zY2lt
LWFwaS0wMCBhcyB0aGUgcHJvdG9jb2wgc3BlY2lmaWNhdGlvbiwKICAgICBkcmFmdC1YWFgtc2Np
bS1zYW1sLWJpbmRpbmctMDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1hIHRvIFNBTUwsIGFu
ZAogICAgIGRyYWZ0LVhYWC1zY2ltLWxkYXAtYmluZGluZy0wMCBmb3IgYmluZGluZyB0aGUgU0NJ
TSBzY2hlbWEgdG8gTERBUC4KClRoZXNlIGRyYWZ0cyBhcmUgYmFzZWQgb24gZXhpc3Rpbmcgc3Bl
Y2lmaWNhdGlvbnMsIHdoaWNoIHRvZ2V0aGVyIGFyZSBjb21tb25seQprbm93biBhcyBTQ0lNIDEu
MC4gIEFzIHN1Y2gsIGNvbnNpZGVyYXRpb24gc2hvdWxkIGJlIGdpdmVuIGZvciBiYWNrd2FyZApj
b21wYXRpYmlsaXR5IGFzIHRoZSBncm91cCBldm9sdmVzIHRoZSB3b3JrLiAgVGhpcyBncm91cCB3
aWxsIGNvbnNpZGVyLApmb3IgYW5kIGZvcmVtb3N0LCB0aGUgb3BlcmF0aW9uYWwgZXhwZXJpZW5j
ZSBnYXRoZXJlZCBmcm9tIHRoZSBleGlzdGluZyB3b3JrLgpUaGUgZ3JvdXAgd2lsbCBhbHNvIGNv
bnNpZGVyIGV4cGVyaWVuY2VzIHdpdGggd29yayBkb25lIGJ5IG90aGVyIGJvZGllcywKaW5jbHVk
aW5nIHRoZSBPQVNJUyBQcm92aXNpb25pbmcgVEMuCgpUaGUgZ3JvdXAgd2lsbCBwcm9kdWNlIFBy
b3Bvc2VkIFN0YW5kYXJkcyBmb3IgYSBzY2hlbWEsIGEgcHJvdG9jb2wsIGEgU0FNTApiaW5kaW5n
LCBhbmQgYW4gTERBUCBiaW5kaW5nLiAgSW4gZG9pbmcgc28sIHRoZSBncm91cCB3aWxsIG1ha2Ug
Y29uc2lzdGVudAp0aGUgdGVybWlub2xvZ3ksIHJldmlldyBhbmQgaW1wcm92ZSBzZWN1cml0eSBv
ZiB0aGUgb3ZlcmFsbCBzeXN0ZW0sCmlkZW50aWZ5IGFueSBmdW5jdGlvbmFsIGdhcHMgdGhhdCB3
b3VsZCBiZSB1c2VmdWwgZm9yIGZ1dHVyZSB3b3JrLCBhZGRyZXNzCmludGVybmF0aW9uYWxpemF0
aW9uLCBhbmQgcHJvdmlkZSBndWlkZWxpbmVzIGZvciBleHRlbnNpYmlsaXR5IChlaXRoZXIKdGhy
b3VnaCBJQU5BIHJlZ2lzdHJpZXMgb3Igb3RoZXIgbWVhbnMpLiAgCgpUaGUgZ3JvdXAgY29uc2lk
ZXJzIHRoZSBmb2xsb3dpbmcgb3V0IG9mIHNjb3BlIGZvciB0aGlzIGdyb3VwOgogICAgIERlZmlu
aW5nIG5ldyBhdXRoZW50aWNhdGlvbiBzY2hlbWVzCiAgICAgRGVmaW5pbmcgbmV3IHBvbGljeS9h
dXRob3JpemF0aW9uIHNjaGVtZXMKCk1pbGVzdG9uZXMKCjUvMjAxMiAgICBJbml0aWFsIGFkb3B0
aW9uIG9mIFNDSU0gdXNlIGNhc2VzCjUvMjAxMiAgICBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0g
Y29yZSBzY2hlbWEKNS8yMDEyICAgIEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSByZXN0ZnVsIGlu
dGVyZmFjZSBkcmFmdAo1LzIwMTIgICAgSW5pdGlhbCBhZG9wdGlvbiBvZiBTQ0lNIFNBTUwgYmlu
ZGluZ3MgZHJhZnQKNS8yMDEyICAgIEluaXRpYWwgYWRvcHRpb24gb2YgU0NJTSBMREFQIG1hcHBp
bmcgZHJhZnQKOS8yMDEyICAgIFdHTEMgU0NJTSBjb3JlIHNjaGVtYQo5LzIwMTIgICAgV0dMQyBT
Q0lNIHJlc3RmdWwgaW50ZXJmYWNlCjkvMjAxMiAgICBXR0xDIFNDSU0gU0FNTCBiaW5kaW5ncwo5
LzIwMTIgICAgV0dMQyBTQ0lNIExEQVAgbWFwcGluZwozLzIwMTMgICAgUmUtY2hhcnRlciBkaXNj
dXNzaW9uCg==

------_=_NextPart_001_01CD0801.D66A285F--

From stpeter@stpeter.im  Thu Mar 22 08:54:03 2012
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87ECA21F8527 for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 08:54:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.694
X-Spam-Level: 
X-Spam-Status: No, score=-102.694 tagged_above=-999 required=5 tests=[AWL=-0.095, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XihgzNDAe1SM for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 08:54:02 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id D884A21F8528 for <scim@ietf.org>; Thu, 22 Mar 2012 08:54:02 -0700 (PDT)
Received: from dhcp-64-101-72-171.cisco.com (unknown [64.101.72.171]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 370E64005B; Thu, 22 Mar 2012 10:06:50 -0600 (MDT)
Message-ID: <4F6B4B19.5090508@stpeter.im>
Date: Thu, 22 Mar 2012 09:54:01 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEEE4754@XMB-RCD-313.cisco.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEEE4754@XMB-RCD-313.cisco.com>
X-Enigmail-Version: 1.4
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: scim@ietf.org
Subject: Re: [scim] Draft charter - v5
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2012 15:54:03 -0000

On 3/22/12 2:00 AM, Morteza Ansari (moransar) wrote:

> draft-XXX-scim-saml-binding-00 for binding the SCIM schema to
> SAML, and
> 
> draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to 
> LDAP.

Do we have a strong feeling that these need to be in scope for now? It
seems to me that it would be productive for the working group (if
formed) to finish the core work first, then recharter to work on the
mappings/bindings to LDAP and SAML. It's easy enough for a working
group to recharter, so I'd recommend keeping these deliverables off
the charter for now.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/



From moransar@cisco.com  Thu Mar 22 12:38:28 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D27D421F85AF for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 12:38:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.534
X-Spam-Level: 
X-Spam-Status: No, score=-10.534 tagged_above=-999 required=5 tests=[AWL=0.065, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P0why4NeNW3F for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 12:38:28 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id E58EE21F8547 for <scim@ietf.org>; Thu, 22 Mar 2012 12:38:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=1552; q=dns/txt; s=iport; t=1332445108; x=1333654708; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=VR8Fk/v791nXAKmQ7/d3dRqu1gkRMbAuwveMISAG8Nk=; b=cUeKzkSQR+hnFmjKH8sNgOEnIsRkPBl5ZFdZY8o7DT5zsVnQAEYkIkYJ Y20AVkY43w3iU3tzJi/KEXvgtcJF2GxK5dp69z7vu7t8RbgeYsRsP16vL Z9Xp4UcVcml4j/GUC14a1D9qTAQ+2Gd/kjXso1BxZitMij61v4qkCh0FY 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgIFAL1+a0+tJXG//2dsb2JhbABEhT+weIEGgQeCCQEBAQMBEgEQDQRFBQcEAgEIEQQBAQMCBgYXAQICAgEBRAkIAQEEEwgah2MFmT6NCJIMBIEvjh8zYwSIVptJgWiDBQ
X-IronPort-AV: E=Sophos;i="4.73,630,1325462400"; d="scan'208";a="68678628"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-6.cisco.com with ESMTP; 22 Mar 2012 19:38:27 +0000
Received: from xbh-rcd-202.cisco.com (xbh-rcd-202.cisco.com [72.163.62.201]) by rcdn-core2-4.cisco.com (8.14.3/8.14.3) with ESMTP id q2MJcR2J002149;  Thu, 22 Mar 2012 19:38:27 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-202.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Thu, 22 Mar 2012 14:38:27 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Date: Thu, 22 Mar 2012 14:38:26 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEF5DE67@XMB-RCD-313.cisco.com>
In-Reply-To: <4F6B4B19.5090508@stpeter.im>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [scim] Draft charter - v5
Thread-Index: Ac0IRADztjZ1/x0fR6SkIP8CAuQXsAAHwh/A
References: <93C6FB63F046384C86EC8F7F3FFEC7BEEE4754@XMB-RCD-313.cisco.com> <4F6B4B19.5090508@stpeter.im>
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: "Peter Saint-Andre" <stpeter@stpeter.im>
X-OriginalArrivalTime: 22 Mar 2012 19:38:27.0427 (UTC) FILETIME=[5A5A6330:01CD0863]
Cc: scim@ietf.org
Subject: Re: [scim] Draft charter - v5
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2012 19:38:28 -0000

SSBkaWQgcHV0IHRleHQgaW4gdGhlIGJvZHkgb2YgdGhlIGNoYXJ0ZXIgcG9pbnRpbmcgb3V0IGNv
cmUgc3BlY3MgaGF2ZSBoaWdoZXIgcHJpb3JpdHkgYW5kIHdpbGwgYmUgdGhlIGluaXRpYWwgZm9j
dXMgb2YgdGhlIGdyb3VwLCBidXQgSSBhbSBwZXJzb25hbGx5IE9LIHdpdGggcmVtb3ZpbmcgdGhl
c2UgYW5kIGFkZGluZyB0aGVtIHRvIHRoZSBjaGFydGVyIGF0IGEgbGF0ZXIgZGF0ZS4NCg0KVGhv
dWdodHMgZnJvbSBvdGhlcnMgaW4gdGhlIGdyb3VwPw0KDQoNCkNoZWVycywNCk1vcnRlemENCg0K
LS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206IFBldGVyIFNhaW50LUFuZHJlIFttYWls
dG86c3RwZXRlckBzdHBldGVyLmltXSANClNlbnQ6IFRodXJzZGF5LCBNYXJjaCAyMiwgMjAxMiA4
OjU0IEFNDQpUbzogTW9ydGV6YSBBbnNhcmkgKG1vcmFuc2FyKQ0KQ2M6IHNjaW1AaWV0Zi5vcmcN
ClN1YmplY3Q6IFJlOiBbc2NpbV0gRHJhZnQgY2hhcnRlciAtIHY1DQoNCk9uIDMvMjIvMTIgMjow
MCBBTSwgTW9ydGV6YSBBbnNhcmkgKG1vcmFuc2FyKSB3cm90ZToNCg0KPiBkcmFmdC1YWFgtc2Np
bS1zYW1sLWJpbmRpbmctMDAgZm9yIGJpbmRpbmcgdGhlIFNDSU0gc2NoZW1hIHRvIFNBTUwsIA0K
PiBhbmQNCj4gDQo+IGRyYWZ0LVhYWC1zY2ltLWxkYXAtYmluZGluZy0wMCBmb3IgYmluZGluZyB0
aGUgU0NJTSBzY2hlbWEgdG8gTERBUC4NCg0KRG8gd2UgaGF2ZSBhIHN0cm9uZyBmZWVsaW5nIHRo
YXQgdGhlc2UgbmVlZCB0byBiZSBpbiBzY29wZSBmb3Igbm93PyBJdCBzZWVtcyB0byBtZSB0aGF0
IGl0IHdvdWxkIGJlIHByb2R1Y3RpdmUgZm9yIHRoZSB3b3JraW5nIGdyb3VwIChpZg0KZm9ybWVk
KSB0byBmaW5pc2ggdGhlIGNvcmUgd29yayBmaXJzdCwgdGhlbiByZWNoYXJ0ZXIgdG8gd29yayBv
biB0aGUgbWFwcGluZ3MvYmluZGluZ3MgdG8gTERBUCBhbmQgU0FNTC4gSXQncyBlYXN5IGVub3Vn
aCBmb3IgYSB3b3JraW5nIGdyb3VwIHRvIHJlY2hhcnRlciwgc28gSSdkIHJlY29tbWVuZCBrZWVw
aW5nIHRoZXNlIGRlbGl2ZXJhYmxlcyBvZmYgdGhlIGNoYXJ0ZXIgZm9yIG5vdy4NCg0KUGV0ZXIN
Cg0KLS0NClBldGVyIFNhaW50LUFuZHJlDQpodHRwczovL3N0cGV0ZXIuaW0vDQoNCg0K

From trey.drake@unboundid.com  Thu Mar 22 14:10:48 2012
Return-Path: <trey.drake@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C72BF21F84CE for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 14:10:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.576
X-Spam-Level: 
X-Spam-Status: No, score=-3.576 tagged_above=-999 required=5 tests=[AWL=0.023,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vSiLZCN8xo7z for <scim@ietfa.amsl.com>; Thu, 22 Mar 2012 14:10:48 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id EA38721F84C4 for <scim@ietf.org>; Thu, 22 Mar 2012 14:10:47 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so2471534ghb.31 for <scim@ietf.org>; Thu, 22 Mar 2012 14:10:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=R51FMpEWRdj+Nzm55AucgbSfpft7Vq6WKHovKIln+uQ=; b=DydjmPj2cpj+rYWRvJ5FNzc3a2eV04kTUN83Tu94pXQiSENgIfiESVHAvwW0k4LMC+ lOky/6yNSDW8bXUCmSPcLE7FuAA2m35XmPL05cPQ9IFry+O5gBLPL+2nl3rPtZZ+t4AA 3DNKSd3EFrB/S6nQa1NnrQPNq3PfFrgtGXfhwyPFafREGMr7gikysMb9P2eVYiXn18db O9DmggLGopuITFRZPcpgR5kr09Vs/yydLhr/ch2j9fSrZ8bODj8oLa+rHtztfjAS3tFU KMYJUqcOaM6z4aEpz1w73FwonuNMmgOgkM9cg8CD6RO47vJFnZGAza48XEZSg6pmtFDk 0vGg==
Received: by 10.60.20.38 with SMTP id k6mr12271359oee.26.1332450647391; Thu, 22 Mar 2012 14:10:47 -0700 (PDT)
Received: from [192.168.241.86] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id f2sm4581331oef.6.2012.03.22.14.10.45 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 22 Mar 2012 14:10:46 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_AAEE5A7C-5EC3-4C03-A2EC-248C8438B122"; protocol="application/pkcs7-signature"; micalg=sha1
From: Trey Drake <trey.drake@unboundid.com>
In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEF5DE67@XMB-RCD-313.cisco.com>
Date: Thu, 22 Mar 2012 16:10:44 -0500
Message-Id: <77C83568-04A0-4595-A97E-4C48A6514490@unboundid.com>
References: <93C6FB63F046384C86EC8F7F3FFEC7BEEE4754@XMB-RCD-313.cisco.com> <4F6B4B19.5090508@stpeter.im> <93C6FB63F046384C86EC8F7F3FFEC7BEF5DE67@XMB-RCD-313.cisco.com>
To: Morteza Ansari (moransar) <moransar@cisco.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQk5YuUfH9bQwRJPrjeC67gv0Zp/mmh1zamTkDsh2v+Me6UCAxbB4v/Msmk3aAfV6gY+7abt
Cc: scim@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Draft charter - v5
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2012 21:10:48 -0000

--Apple-Mail=_AAEE5A7C-5EC3-4C03-A2EC-248C8438B122
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Agreed.  The mapping/binding specifications are not yet in good shape.

On Mar 22, 2012, at 2:38 PM, Morteza Ansari (moransar) wrote:

> I did put text in the body of the charter pointing out core specs have =
higher priority and will be the initial focus of the group, but I am =
personally OK with removing these and adding them to the charter at a =
later date.
>=20
> Thoughts from others in the group?
>=20
>=20
> Cheers,
> Morteza
>=20
> -----Original Message-----
> From: Peter Saint-Andre [mailto:stpeter@stpeter.im]=20
> Sent: Thursday, March 22, 2012 8:54 AM
> To: Morteza Ansari (moransar)
> Cc: scim@ietf.org
> Subject: Re: [scim] Draft charter - v5
>=20
> On 3/22/12 2:00 AM, Morteza Ansari (moransar) wrote:
>=20
>> draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML,=20=

>> and
>>=20
>> draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to LDAP.
>=20
> Do we have a strong feeling that these need to be in scope for now? It =
seems to me that it would be productive for the working group (if
> formed) to finish the core work first, then recharter to work on the =
mappings/bindings to LDAP and SAML. It's easy enough for a working group =
to recharter, so I'd recommend keeping these deliverables off the =
charter for now.
>=20
> Peter
>=20
> --
> Peter Saint-Andre
> https://stpeter.im/
>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_AAEE5A7C-5EC3-4C03-A2EC-248C8438B122
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM9jCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGujCCBaKg
AwIBAgIDAopvMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTEwNTEzMTY1MjQ5WhcNMTIwNTEzMDU0NzU2WjBLMSAwHgYDVQQNExc0MjU3NjEteUxidzRqMkwy
Z0FqSG92UzEnMCUGCSqGSIb3DQEJARYYdHJleS5kcmFrZUB1bmJvdW5kaWQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqid9tc427LEtBahNAplYUQztLpGRwt7J1hxi3mHkMBzr
s3LxhGspxGij4JZogkqolFpIhu0amwHXsDv7DbkET1O8TN2S2ttetn2o/gQMhAlXp7MP4SfHnIHL
awiDyKZ96l49FFuOt107G9SYpOceuY+AfBssNfxVpTfzqvBzQ/zdbGwqg+ndyPmsWZCYc036/dHV
VWDPpLbohj8GmtoNp8p2LjXe4hOvOfxNnlg6hRlHwiPkudSpEaHwW5dlQUjtcBNvowCq2uq2fbQq
5jyswWRGRIQINo4UgSsyDAB5SfagyGMx32EUGrx1NJWOHWK3eqPknuYdgtU2nJZ+aTtBpQIDAQAB
o4IDYzCCA18wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMEMB0GA1UdDgQWBBTFEY17wcVFokE4T9NZv3jxliACzjAfBgNVHSMEGDAWgBRTcu2SnODa
ywFcfH6WNU7y1LhRgjAjBgNVHREEHDAagRh0cmV5LmRyYWtlQHVuYm91bmRpZC5jb20wggHRBgNV
HSAEggHIMIIBxDCCAcAGCysGAQQBgbU3AQICMIIBrzAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z
dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5j
b20vaW50ZXJtZWRpYXRlLnBkZjCCAUUGCCsGAQUFBwICMIIBNzAnFiBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTADAgEBGoIBClRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2Nv
cmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0
Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJlIHJlbGllZCB1cG9u
IG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBpbiBjb21wbGlhbmNlIG9mIHRoZSBy
ZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxp
bWl0ZWQhMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNy
bC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3Ns
LmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNz
bC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93
d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAfcC87DDCF7sIIY5qIDIS7MmSAJjr
GlCfGP11cJrO88bsQiSgtJYYeIATEUsH1r78aJOzU8p8P/lOrSoDr3kxVlUaOam6xIvlW9Uv6AUN
DBjYeDUMaEIwPl/Eox0tvZPas4JwW1K+N085ya1IKCK/l7x2K97JQqQhE44ymJ873mcEbBNz6HOo
JtyNMc204G0mREpQs4RSb7vsT9x93QUs6QpP/Mn/w+HaXQQzgs4HmfgL8z+qlH4vX4S/rKvwv95m
fdCIrdSBAeSKBco9hHTIny9XpkTR2qk1Uq0eqSk1LtufDoQy9c5KKQKINCKrjioMseRufmAY/0Nu
VbekcRMyIDGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzAJ
BgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0x
MjAzMjIyMTEwNDRaMCMGCSqGSIb3DQEJBDEWBBQTvqfbGZwPTBchYzxvmEE+VRwmFjCBpQYJKwYB
BAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkG
A1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD
b20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwKKbzCBpwYLKoZIhvcN
AQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDAopvMA0GCSqGSIb3DQEB
AQUABIIBACd6//M4pSsDL1rRhOFqyspmJydRtl82btcSMqY977wJCRsRKYv+IMP9nrXzN4q+VE/0
aN42ODTGnrxXPiTwA/t/POHuuShRj+WiCKCNlOIMnFx3RyC4ukSNCWZTxm8W4jREPmc5xgT0lHnU
cVwU7sSWXMXox+T1ctVVZA1kPqyRExu9rBKBSGHLoKTQPI8B3+H4tbNX9Oxj03k2VNCJN8VkVuxm
WOehjtCYS3f4T2fUS0LmfWMuAh3sX/OzMh5w+PRuhqeGN2aSIiTn6BzyoVhhxQ/CuramSwMDUWtC
j85redSvlRg9EZ0JPXdqO2By+mLwVnBdcVMwP3V9nWyc6LYAAAAAAAA=

--Apple-Mail=_AAEE5A7C-5EC3-4C03-A2EC-248C8438B122--

From lear@cisco.com  Tue Mar 27 04:34:37 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49EF321F899E for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 04:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.539
X-Spam-Level: 
X-Spam-Status: No, score=-110.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wnu1yI-LT-BT for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 04:34:36 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 0FC2E21E8169 for <scim@ietf.org>; Tue, 27 Mar 2012 04:34:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=231; q=dns/txt; s=iport; t=1332848076; x=1334057676; h=message-id:date:from:mime-version:to:subject: content-transfer-encoding; bh=QVL0r5nxnXxS6MwidosgBpuZSAUI+tdabjt2yRrBntk=; b=BYvl1RHbiytgWG7wAT+ibI4AgNxyxytKqtDhSbWpCOgQ3K/ihI6OOvL6 aK1lgiCktiwIl3kB0hzolJ5lxgbjmxjQV0Z5nyQ2cVqc0H6v00NGFl3vR /4xtjq71Zax1doppzy1pC6sS+Ec1rfIis+fxPIcW6+U0cP4Wnvu2ccSuh s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAIalcU+Q/khL/2dsb2JhbABFhUCyfoEHgiIBEFU2AgUWCwILAwIBAgFLDQgBAR6HaJkugSeNCJIHgS+OSIEYBJVhjkWBaIJp
X-IronPort-AV: E=Sophos;i="4.73,656,1325462400"; d="scan'208";a="69436331"
Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-2.cisco.com with ESMTP; 27 Mar 2012 11:34:29 +0000
Received: from ams3-vpn-dhcp4661.cisco.com (ams3-vpn-dhcp4661.cisco.com [10.61.82.52]) by ams-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q2RBYThF031353 for <scim@ietf.org>; Tue, 27 Mar 2012 11:34:29 GMT
Message-ID: <4F71A5CA.3050902@cisco.com>
Date: Tue, 27 Mar 2012 13:34:34 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120313 Thunderbird/11.0
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: [scim] Scribe needed for Thursday
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2012 11:34:37 -0000

Hi everyone,

Our process requires that someone take notes during the meeting.  The
chairs need a volunteer for this, and it helps to have one in advance. 
Please, someone who is not presenting, volunteer!

Thanks,

Eliot



From lear@cisco.com  Tue Mar 27 04:39:40 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D79CE21F899C for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 04:39:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.54
X-Spam-Level: 
X-Spam-Status: No, score=-110.54 tagged_above=-999 required=5 tests=[AWL=0.059, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wpcLC7LRN1id for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 04:39:39 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id F0B5821F875C for <scim@ietf.org>; Tue, 27 Mar 2012 04:39:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=528; q=dns/txt; s=iport; t=1332848379; x=1334057979; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=WM6+jCpe7e/hl3uJrSmDRJ18yjkMcpwimXACes2QAEM=; b=iLd1sJNib85E99KJ4tozqGlyCr6lFdgbzLmY/BZzD9P+Z/+MzNwr8rKN /sqI1jMXewFp7fLPJHzE7gg9AXA+9BcH+bv9mJRXs0j4IArQ2Mpg2e7PY 3f/rCroak8tjwEvGH3qi4TI3cj1w3pUSCnZyuKTj6aIBfQkweNyQu0rPr s=;
X-IronPort-AV: E=Sophos;i="4.73,656,1325462400"; d="scan'208";a="69436860"
Received: from ams-core-1.cisco.com ([144.254.72.81]) by ams-iport-2.cisco.com with ESMTP; 27 Mar 2012 11:39:38 +0000
Received: from ams3-vpn-dhcp4661.cisco.com (ams3-vpn-dhcp4661.cisco.com [10.61.82.52]) by ams-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q2RBdbSg008927; Tue, 27 Mar 2012 11:39:37 GMT
Message-ID: <4F71A6FE.2060206@cisco.com>
Date: Tue, 27 Mar 2012 13:39:42 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120313 Thunderbird/11.0
MIME-Version: 1.0
To: Eliot Lear <lear@cisco.com>
References: <4F71A5CA.3050902@cisco.com>
In-Reply-To: <4F71A5CA.3050902@cisco.com>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>, Kathleen Moriarty <kathleen.moriarty@emc.com>
Subject: Re: [scim] Scribe needed for Thursday
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2012 11:39:41 -0000

We have a winner.  EVERYONE:

Please thank Kathleen Moriarty for having volunteered!

Eliot

On 3/27/12 1:34 PM, Eliot Lear wrote:
> Hi everyone,
>
> Our process requires that someone take notes during the meeting.  The
> chairs need a volunteer for this, and it helps to have one in advance. 
> Please, someone who is not presenting, volunteer!
>
> Thanks,
>
> Eliot
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From phil.hunt@oracle.com  Tue Mar 27 10:18:15 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9A0721F8860 for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 10:18:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.35
X-Spam-Level: 
X-Spam-Status: No, score=-10.35 tagged_above=-999 required=5 tests=[AWL=0.249,  BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vuOYpwIoN5En for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 10:18:14 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 8C94B21F885F for <scim@ietf.org>; Tue, 27 Mar 2012 10:18:14 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2RHID0N005025 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <scim@ietf.org>; Tue, 27 Mar 2012 17:18:14 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2RHICpq020406 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <scim@ietf.org>; Tue, 27 Mar 2012 17:18:13 GMT
Received: from abhmt117.oracle.com (abhmt117.oracle.com [141.146.116.69]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2RHICKd011162 for <scim@ietf.org>; Tue, 27 Mar 2012 12:18:12 -0500
Received: from [10.0.1.2] (/213.41.80.49) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 27 Mar 2012 10:18:12 -0700
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Tue, 27 Mar 2012 19:18:07 +0200
Message-Id: <40E55799-544E-4CA3-BD2F-74A287FA83E3@oracle.com>
To: scim@ietf.org
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
X-CT-RefId: str=0001.0A090208.4F71F656.0028,ss=1,re=0.000,fgs=0
Subject: [scim] Targeting draft for BoF Meeting
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2012 17:18:15 -0000

I have posted an initial draft of "targeting" as an extension to SCIM in =
preparation for the BoF on Thursday.

https://datatracker.ietf.org/doc/draft-hunt-scim-targeting/

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com






From moransar@cisco.com  Tue Mar 27 18:05:33 2012
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29E6721E8049 for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 18:05:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.536
X-Spam-Level: 
X-Spam-Status: No, score=-10.536 tagged_above=-999 required=5 tests=[AWL=0.062, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G41sN352PtvC for <scim@ietfa.amsl.com>; Tue, 27 Mar 2012 18:05:31 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) by ietfa.amsl.com (Postfix) with ESMTP id CE48821E801C for <scim@ietf.org>; Tue, 27 Mar 2012 18:05:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=11090; q=dns/txt; s=iport; t=1332896731; x=1334106331; h=mime-version:subject:date:message-id:from:to; bh=KCa+Dr/DlHSWVVkUAtekecRVkf30jf5Qj3G4EQCsdow=; b=D0n2zX8IiOqkBSGXhqFatHaHvlOJ2FP8EPsSThzTpNyK9ZLeU1NGFZG6 E0UofXFhobGQFQUxCXE1IN36y20rlFfRTwnl4GXCaypQWMblH5FfadiHM N0e3pBWBSOEqaQA+oLEhAxsmj7pOtvzuYKenjWpbhAPjV+y7PhaSOZByy Q=;
X-Files: charter6.txt : 4246
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFAJ9jck+tJV2c/2dsb2JhbAA7AQmCRrYigQeCCwEEAQEBDwEJEQM8Ah0BKgIEBRMHASUxAQQRAggBGYdoC5l9gSefBopbAQiCa4JNYwSIWIYQgSKUHIFogwUggR4
X-IronPort-AV: E=Sophos;i="4.73,659,1325462400";  d="txt'?scan'208,217";a="69949107"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-8.cisco.com with ESMTP; 28 Mar 2012 01:05:30 +0000
Received: from xbh-rcd-301.cisco.com (xbh-rcd-301.cisco.com [72.163.63.8]) by rcdn-core-5.cisco.com (8.14.3/8.14.3) with ESMTP id q2S15UR1020862 for <scim@ietf.org>; Wed, 28 Mar 2012 01:05:30 GMT
Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-301.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Tue, 27 Mar 2012 20:05:29 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01CD0C7E.DE2DDCCE"
Date: Tue, 27 Mar 2012 20:05:29 -0500
Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEFDB848@XMB-RCD-313.cisco.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Draft charter - v6
Thread-Index: Ac0MfZC6NPycUL67RuGZtpSbpNWYog==
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: <scim@ietf.org>
X-OriginalArrivalTime: 28 Mar 2012 01:05:29.0933 (UTC) FILETIME=[DE57EFD0:01CD0C7E]
Subject: [scim] Draft charter - v6
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 01:05:33 -0000

This is a multi-part message in MIME format.

------_=_NextPart_001_01CD0C7E.DE2DDCCE
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_002_01CD0C7E.DE2DDCCE"


------_=_NextPart_002_01CD0C7E.DE2DDCCE
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I removed the references to the SAML & LDAP starting documents per
Peter's suggestion. No other comments or suggestions have been made
since the last rev.

=20

=20

Cheers,

Morteza

=20

*** charter5.txt               2012-03-22 08:53:41.000000000 +0100

--- charter6.txt  2012-03-28 02:47:40.000000000 +0200

***************

*** 50,57 ****

       draft-scim-use-cases-00 as the initial use cases for SCIM,

       draft-scim-core-schema-00 as the schema specification,

       draft-scim-api-00 as the protocol specification,

-      draft-XXX-scim-saml-binding-00 for binding the SCIM schema to
SAML, and

-      draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to
LDAP.

 =20

  These drafts are based on existing specifications, which together are
commonly

  known as SCIM 1.0.  As such, consideration should be given for
backward

--- 50,55 ----


------_=_NextPart_002_01CD0C7E.DE2DDCCE
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META =
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal>I removed =
the references to the SAML &amp; LDAP starting documents per =
Peter&#8217;s suggestion. No other comments or suggestions have been =
made since the last rev.<o:p></o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal>Cheers,<o:p></o:p></p><p =
class=3DMsoNormal>Morteza<o:p></o:p></p><div =
style=3D'mso-element:para-border-div;border:none;border-bottom:solid =
windowtext 1.0pt;padding:0in 0in 1.0pt 0in'><p class=3DMsoNormal =
style=3D'border:none;padding:0in'><o:p>&nbsp;</o:p></p></div><p =
class=3DMsoNormal>*** =
charter5.txt&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; 2012-03-22 08:53:41.000000000 =
+0100<o:p></o:p></p><p class=3DMsoNormal>--- charter6.txt&nbsp; =
2012-03-28 02:47:40.000000000 +0200<o:p></o:p></p><p =
class=3DMsoNormal>***************<o:p></o:p></p><p class=3DMsoNormal>*** =
50,57 ****<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-scim-use-cases-00 as the initial use cases for =
SCIM,<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-scim-core-schema-00 as the schema specification,<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; draft-scim-api-00 =
as the protocol specification,<o:p></o:p></p><p =
class=3DMsoNormal>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-XXX-scim-saml-binding-00 for binding the SCIM schema to SAML, =
and<o:p></o:p></p><p class=3DMsoNormal>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
draft-XXX-scim-ldap-binding-00 for binding the SCIM schema to =
LDAP.<o:p></o:p></p><p class=3DMsoNormal>&nbsp; <o:p></o:p></p><p =
class=3DMsoNormal>&nbsp;&nbsp;These drafts are based on existing =
specifications, which together are commonly<o:p></o:p></p><p =
class=3DMsoNormal>&nbsp; known as SCIM 1.0.&nbsp; As such, consideration =
should be given for backward<o:p></o:p></p><p class=3DMsoNormal>--- =
50,55 ----<o:p></o:p></p></div></body></html>
------_=_NextPart_002_01CD0C7E.DE2DDCCE--

------_=_NextPart_001_01CD0C7E.DE2DDCCE
Content-Type: text/plain;
	name="charter6.txt"
Content-Transfer-Encoding: base64
Content-Description: charter6.txt
Content-Disposition: attachment;
	filename="charter6.txt"

U2ltcGxlIENsb3VkIElkZW50aXR5IE1hbmFnZW1lbnQgKFNDSU0pCkNoYWlyKHMpOiBUQkQgCkFw
cGxpY2F0aW9ucyBBcmVhIERpcmVjdG9yKHMpOgogICAgIFBldGUgUmVzbmljayA8cHJlc25pY2tA
cXVhbGNvbW0uY29tPiAKICAgICBCYXJyeSBMaWViYSA8Pz8/PiAKTWFpbGluZyBMaXN0czoKICAg
ICBHZW5lcmFsIERpc2N1c3Npb246IHNjaW1AaWV0Zi5vcmcKICAgICBUbyBTdWJzY3JpYmU6IGh0
dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbQogICAgIEFyY2hpdmU6IGh0
dHA6Ly93d3cuaWV0Zi5vcmcvbWFpbC1hcmNoaXZlL3dlYi9zY2ltL2N1cnJlbnQvbWFpbGxpc3Qu
aHRtbAogCkRlc2NyaXB0aW9uIG9mIFdvcmtpbmcgR3JvdXA6ClRoZSBTaW1wbGUgQ2xvdWQgSWRl
bnRpdHkgTWFuYWdlbWVudCAoU0NJTSkgc3BlY2lmaWNhdGlvbiBpcyBkZXNpZ25lZCB0byAKc2lt
cGxpZnkgdXNlciBpZGVudGl0eSBtYW5hZ2VtZW50IGluIGNsb3VkIGJhc2VkIGFwcGxpY2F0aW9u
cyBieSBkZWZpbmluZwpzdGFuZGFyZCBwcm90b2NvbHMgYW5kIHNjaGVtYXMgZm9yIGNyZWF0aW5n
LCByZWFkaW5nL3NlYXJjaGluZywgdXBkYXRpbmcsCmFuZCBkZWxldGluZyB1c2VyIGlkZW50aXRp
ZXMgYW5kIGlkZW50aXR5LXJlbGF0ZWQgb2JqZWN0cy4KClRvZGF5LCBkaXN0cmlidXRlZCBpZGVu
dGl0eSBtYW5hZ2VtZW50IGluIHRoZSBjbG91ZCBpcyBjb21wbGljYXRlZCBieSBhIGxhY2sKb2Yg
cHJvdG9jb2wgYW5kIHNjaGVtYSBzdGFuZGFyZGl6YXRpb24gYmV0d2VlbiBpZGVudGl0eSBjb25z
dW1lcnMgYW5kCnByb2R1Y2Vycy4gVGhpcyBsZWFkcyB0byBvcmdhbml6YXRpb25zIG5lZWRpbmcg
bXVsdGlwbGUgY2xvdWQgc2VydmljZXMgdG8KYnVpbGQgY29ubmVjdG9ycyB1c2luZyBlYWNoIHZl
bmRvcidzIHByb3ByaWV0YXJ5IHNjaGVtYSBhbmQgcHJvdG9jb2wuIEV4aXN0aW5nCnN0YW5kYXJk
cyBpbiB0aGlzIHNwYWNlIHN1Y2ggYXMgU1BNTCBoYXZlIG5vdCBnYWluZWQgdHJhY3Rpb24gZHVl
LCBpbiBwYXJ0LAp0byBjb21wbGV4aXR5IGFuZCBhYnNlbmNlIG9mIGEgY29tbW9uIHNjaGVtYS4g
QmV5b25kIHByb3Zpc2lvbmluZyBpZGVudGl0aWVzCmJldHdlZW4gb3JnYW5pemF0aW9ucyBhbmQg
dmVuZG9ycywgY3Jvc3MgcHJvdmlzaW9uaW5nIGJldHdlZW4gdmVuZG9ycyBpcyBhbHNvCmEgbWFq
b3IgZHJpdmVyIGZvciBzdGFuZGFyZGl6aW5nIGEgY29yZSBpZGVudGl0eSBtYW5hZ2VtZW50IHNj
aGVtYSBhbmQKcHJvdG9jb2wuICAKClRoZSBTQ0lNIHdvcmtpbmcgZ3JvdXAgd2lsbCBkZXZlbG9w
IHRoZSBjb3JlIHNjaGVtYSBhbmQgcHJvdG9jb2xzIHRvIGFkZHJlc3MKdGhlc2UgcHJvYmxlbXMu
IEluaXRpYWxseSwgdGhlIFdHIHdpbGwgZm9jdXMgb24gYSBzY2hlbWEgZGVmaW5pdGlvbiBhbmQK
cHJvdG9jb2wgZm9yIENSVUQgKENyZWF0ZSwgUmVhZC9zZWFyY2gsIFVwZGF0ZSwgRGVsZXRlKSBh
bmQgYnVsayBvcGVyYXRpb25zLgpUaGUgV0cgd2lsbCBjb250aW51ZSB3aXRoIGJpbmRpbmdzIHRv
IGV4aXN0aW5nIGlkZW50aXR5IHN0YW5kYXJkcyBzdWNoIGFzCkxEQVAgYW5kIFNBTUwgMi4wLiBT
Q0lNIGZvY3VzZXMgb24gdGhlIGNhc2Ugd2hlcmUgYW4gb3JnYW5pemF0aW9uJ3MgTERBUApzZXJ2
aWNlIG1heSBub3QgYmUgYXZhaWxhYmxlIHRvIHRoZSBwcm92aWRlciwgYW5kIFNBTUwgY2Fubm90
IHByb3ZpZGUKc3VmZmljaWVudCBjb250ZXh0IGZvciB0aGUgc2VydmljZS4gIEZvciBleGFtcGxl
LCBwcm92aXNpb25pbmcgb2YgYSB1c2VyJ3MKZW1haWwgYWNjb3VudCBzbyB0aGF0IGl0IGNhbiBy
ZWNlaXZlIG1haWwgYmVmb3JlIHRoZSBwZXJzb24gaGFzIGZpcnN0CmxvZ2dlZCBpbi4KCkluIGFk
ZGl0aW9uLCB0aGUgd29ya2luZyBncm91cCB3aWxsIGRlZmluZSBob3cgZXh0ZW5zaW9ucyB0byB0
aGUgc2NoZW1hCmFuZCBjb3JlIHByb3RvY29sIGNhbiBiZSBkZXZlbG9wZWQuCgpUaGUgc3BlY2lm
aWNhdGlvbiBzdWl0ZSBzZWVrcyB0byBidWlsZCB1cG9uIGV4cGVyaWVuY2Ugd2l0aCBleGlzdGlu
ZyBzY2hlbWFzCmFuZCBkZXBsb3ltZW50cywgcGxhY2luZyBzcGVjaWZpYyBlbXBoYXNpcyBvbiBz
aW1wbGljaXR5IG9mIGRldmVsb3BtZW50CmFuZCBpbnRlZ3JhdGlvbiwgd2hpbGUgYXBwbHlpbmcg
ZXhpc3RpbmcgYXV0aGVudGljYXRpb24sIGF1dGhvcml6YXRpb24sCmFuZCBwcml2YWN5IG1vZGVs
cy4gSXRzIGludGVudCBpcyB0byByZWR1Y2UgdGhlIGNvc3QgYW5kIGNvbXBsZXhpdHkgb2YgdXNl
cgptYW5hZ2VtZW50IGJ5IHByb3ZpZGluZyBhIGNvbW1vbiwgZXh0ZW5zaWJsZSB1c2VyIHNjaGVt
YSwgYXMgd2VsbCBhcyBiaW5kaW5nCmRvY3VtZW50cyB0aGF0IHByb3ZpZGUgcGF0dGVybnMgZm9y
IGV4Y2hhbmdpbmcgdGhlIHNjaGVtYSB1c2luZyBzdGFuZGFyZApwcm90b2NvbHMuIEluIGFkZGl0
aW9uLCB0aGUgd29ya2luZyBncm91cCBtYXkgY29uc2lkZXIgaW5jbHVzaW9uIG9mIGRldmljZQpp
ZGVudGl0aWVzIGFzIHBhcnQgb2YgdGhlIHdvcmsgYWRvcHRlZCBieSB0aGUgd29ya2luZyBncm91
cC4gIFRoZSBncm91cAp3aWxsIHVzZSwgYXMgc3RhcnRpbmcgcG9pbnRzLCB0aGUgZm9sbG93aW5n
IGRyYWZ0cyBpbiB0aGUgZm9sbG93aW5nIHdheXM6CgogICAgIGRyYWZ0LXNjaW0tdXNlLWNhc2Vz
LTAwIGFzIHRoZSBpbml0aWFsIHVzZSBjYXNlcyBmb3IgU0NJTSwKICAgICBkcmFmdC1zY2ltLWNv
cmUtc2NoZW1hLTAwIGFzIHRoZSBzY2hlbWEgc3BlY2lmaWNhdGlvbiwKICAgICBkcmFmdC1zY2lt
LWFwaS0wMCBhcyB0aGUgcHJvdG9jb2wgc3BlY2lmaWNhdGlvbiwKClRoZXNlIGRyYWZ0cyBhcmUg
YmFzZWQgb24gZXhpc3Rpbmcgc3BlY2lmaWNhdGlvbnMsIHdoaWNoIHRvZ2V0aGVyIGFyZSBjb21t
b25seQprbm93biBhcyBTQ0lNIDEuMC4gIEFzIHN1Y2gsIGNvbnNpZGVyYXRpb24gc2hvdWxkIGJl
IGdpdmVuIGZvciBiYWNrd2FyZApjb21wYXRpYmlsaXR5IGFzIHRoZSBncm91cCBldm9sdmVzIHRo
ZSB3b3JrLiAgVGhpcyBncm91cCB3aWxsIGNvbnNpZGVyLApmb3IgYW5kIGZvcmVtb3N0LCB0aGUg
b3BlcmF0aW9uYWwgZXhwZXJpZW5jZSBnYXRoZXJlZCBmcm9tIHRoZSBleGlzdGluZyB3b3JrLgpU
aGUgZ3JvdXAgd2lsbCBhbHNvIGNvbnNpZGVyIGV4cGVyaWVuY2VzIHdpdGggd29yayBkb25lIGJ5
IG90aGVyIGJvZGllcywKaW5jbHVkaW5nIHRoZSBPQVNJUyBQcm92aXNpb25pbmcgVEMuCgpUaGUg
Z3JvdXAgd2lsbCBwcm9kdWNlIFByb3Bvc2VkIFN0YW5kYXJkcyBmb3IgYSBzY2hlbWEsIGEgcHJv
dG9jb2wsIGEgU0FNTApiaW5kaW5nLCBhbmQgYW4gTERBUCBiaW5kaW5nLiAgSW4gZG9pbmcgc28s
IHRoZSBncm91cCB3aWxsIG1ha2UgY29uc2lzdGVudAp0aGUgdGVybWlub2xvZ3ksIHJldmlldyBh
bmQgaW1wcm92ZSBzZWN1cml0eSBvZiB0aGUgb3ZlcmFsbCBzeXN0ZW0sCmlkZW50aWZ5IGFueSBm
dW5jdGlvbmFsIGdhcHMgdGhhdCB3b3VsZCBiZSB1c2VmdWwgZm9yIGZ1dHVyZSB3b3JrLCBhZGRy
ZXNzCmludGVybmF0aW9uYWxpemF0aW9uLCBhbmQgcHJvdmlkZSBndWlkZWxpbmVzIGZvciBleHRl
bnNpYmlsaXR5IChlaXRoZXIKdGhyb3VnaCBJQU5BIHJlZ2lzdHJpZXMgb3Igb3RoZXIgbWVhbnMp
LiAgCgpUaGUgZ3JvdXAgY29uc2lkZXJzIHRoZSBmb2xsb3dpbmcgb3V0IG9mIHNjb3BlIGZvciB0
aGlzIGdyb3VwOgogICAgIERlZmluaW5nIG5ldyBhdXRoZW50aWNhdGlvbiBzY2hlbWVzCiAgICAg
RGVmaW5pbmcgbmV3IHBvbGljeS9hdXRob3JpemF0aW9uIHNjaGVtZXMKCk1pbGVzdG9uZXMKCjUv
MjAxMiAgICBJbml0aWFsIGFkb3B0aW9uIG9mIFNDSU0gdXNlIGNhc2VzCjUvMjAxMiAgICBJbml0
aWFsIGFkb3B0aW9uIG9mIFNDSU0gY29yZSBzY2hlbWEKNS8yMDEyICAgIEluaXRpYWwgYWRvcHRp
b24gb2YgU0NJTSByZXN0ZnVsIGludGVyZmFjZSBkcmFmdAo1LzIwMTIgICAgSW5pdGlhbCBhZG9w
dGlvbiBvZiBTQ0lNIFNBTUwgYmluZGluZ3MgZHJhZnQKNS8yMDEyICAgIEluaXRpYWwgYWRvcHRp
b24gb2YgU0NJTSBMREFQIG1hcHBpbmcgZHJhZnQKOS8yMDEyICAgIFdHTEMgU0NJTSBjb3JlIHNj
aGVtYQo5LzIwMTIgICAgV0dMQyBTQ0lNIHJlc3RmdWwgaW50ZXJmYWNlCjkvMjAxMiAgICBXR0xD
IFNDSU0gU0FNTCBiaW5kaW5ncwo5LzIwMTIgICAgV0dMQyBTQ0lNIExEQVAgbWFwcGluZwozLzIw
MTMgICAgUmUtY2hhcnRlciBkaXNjdXNzaW9uCg==

------_=_NextPart_001_01CD0C7E.DE2DDCCE--

From lear@cisco.com  Wed Mar 28 07:21:53 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1E8621E81D8 for <scim@ietfa.amsl.com>; Wed, 28 Mar 2012 07:21:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.54
X-Spam-Level: 
X-Spam-Status: No, score=-110.54 tagged_above=-999 required=5 tests=[AWL=0.059, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cyJ8SJ7NR3xF for <scim@ietfa.amsl.com>; Wed, 28 Mar 2012 07:21:53 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 929C521E805F for <scim@ietf.org>; Wed, 28 Mar 2012 07:21:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=99; q=dns/txt; s=iport; t=1332944512; x=1334154112; h=message-id:date:from:mime-version:to:subject: content-transfer-encoding; bh=Nzd4MOSlgrk9R5Qs2DMwupB1eT3UMPumf8q5Anp73OE=; b=mcnM6PR5ev9jIvtIRMjs8EHtX+i/k3UvbBee5h9/Z6GzFpxOuZhuxKRa bfkMafVo0CH9Y+FrVaJrQ28LVjlwyj2D7yLSm28LVxIhHbif7UPRlpTr9 MElu5u5hNk2c9AlG+rlSdnuJ9ng8BPd5Tlb26lCAaCDtS4mqtoElfLzBv U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAOUdc0+Q/khM/2dsb2JhbABFhUCzLYEHggUdARBVNgIFFgsCCwMCAQIBSw0IAQEehSYHgikSC5oygSeNCJISBIEvjkuBGASVYY5FgWiCaQ
X-IronPort-AV: E=Sophos;i="4.73,661,1325462400"; d="scan'208";a="69557491"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 28 Mar 2012 14:21:51 +0000
Received: from dhcp-10-55-81-250.cisco.com (dhcp-10-55-81-250.cisco.com [10.55.81.250]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2SELp0f016672 for <scim@ietf.org>; Wed, 28 Mar 2012 14:21:51 GMT
Message-ID: <4F731E7F.8070302@cisco.com>
Date: Wed, 28 Mar 2012 16:21:51 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120313 Thunderbird/11.0
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: [scim] all materials uploaded for tomorrow's BoF
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 14:21:54 -0000

You can access them at 
https://datatracker.ietf.org/meeting/83/materials.html#wg-scim.

Eliot

From lear@cisco.com  Wed Mar 28 15:06:33 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E321521F8596 for <scim@ietfa.amsl.com>; Wed, 28 Mar 2012 15:06:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -109.558
X-Spam-Level: 
X-Spam-Status: No, score=-109.558 tagged_above=-999 required=5 tests=[AWL=-0.923, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_GIF_ATTACH=1.42, TVD_FW_GRAPHIC_NAME_MID=0.543, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CakgO-OJ+tEx for <scim@ietfa.amsl.com>; Wed, 28 Mar 2012 15:06:32 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id F25C521F8575 for <scim@ietf.org>; Wed, 28 Mar 2012 15:06:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=6470; q=dns/txt; s=iport; t=1332972392; x=1334181992; h=message-id:date:from:mime-version:to:subject; bh=xmndssy91yYOVA+8DsrrZpOzJ5FOqCzfvMLXMp7EGhU=; b=hO/5R6EsKtXC8KiW8HJd9NtX0nQ6JMwBGzcYMY/+dE1buViIGEjrHXQn DupuaQq/P+nmbZ5UrzsoJAUtpiMs6iZqUYD+5w0K9jUPdtct+eJ+aQWjx 3lq2gfkWtBnS/APjC/Mu98og3k4XVIfgJz3Ba+hCSegVJCEXA4SLbxvw8 8=;
X-Files: footer.gif : 163
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AlAGABqKc0+Q/khM/2dsb2JhbAArEQYDhUCqbIFjhl+BB4IVAQwBEDIPAhI5AQIBCwQHBQMDAgQHAwIBAgEFAQ4gCwUHDQUBAgEBAhyHaAspmXqBJ40IKYNZjhuKbxGCaQeCCoEYBJAKAYVWjkWBaIIgSYFU
X-IronPort-AV: E=Sophos;i="4.73,665,1325462400";  d="gif'147?scan'147,208,217,147";a="69590904"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 28 Mar 2012 22:06:30 +0000
Received: from dhcp-10-61-98-52.cisco.com (dhcp-10-61-98-52.cisco.com [10.61.98.52]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2SM6U6b007102 for <scim@ietf.org>; Wed, 28 Mar 2012 22:06:30 GMT
Message-ID: <4F738B65.5000209@cisco.com>
Date: Thu, 29 Mar 2012 00:06:29 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120313 Thunderbird/11.0
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
X-Enigmail-Version: 1.4
Content-Type: multipart/alternative; boundary="------------010906050702050903040204"
Subject: [scim] webex information for remote participants
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 22:06:34 -0000

This is a multi-part message in MIME format.
--------------010906050702050903040204
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Topic: SCIM Thu 29 Mar 2012
Host: Simple Cloud Identity BoF
Date and Time:
Thursday, March 29, 2012 9:00 am, Europe Summer Time (Paris, GMT+02:00)
Event number: 648 243 890
Event password: thumeeting

-------------------------------------------------------
To join the online event
-------------------------------------------------------
1. Click here
<https://ietf.webex.com/ietf/onstage/g.php?d=648243890&t=a&EA=sandra.murphy%40sparta.com&ET=04d5362c6bc9a33e3b400458c4fa2334&ETR=a3ad002764633274f99fd79c2e4ae132&RT=MiMyMw==&p>to
join the online event.
Or copy and paste the following link to a browser:
https://ietf.webex.com/ietf/onstage/g.php?d=648243890&t=a&EA=sandra.murphy%40sparta.com&ET=04d5362c6bc9a33e3b400458c4fa2334&ETR=a3ad002764633274f99fd79c2e4ae132&RT=MiMyMw==&p
2. Click "Join Now".


-------------------------------------------------------
To join the teleconference only
-------------------------------------------------------
Call-in toll number (US/Canada): +1-408-600-3600
Access code: 648 243 890

-------------------------------------------------------
For assistance
-------------------------------------------------------
You can contact Secure Inter-Domain Routing Working Group at:
sidr-chairs@tools.ietf.org <mailto:sidr-chairs@tools.ietf.org>

The playback of UCF (Universal Communications Format) rich media files
requires appropriate players. To view this type of rich media files in
the meeting, please check whether you have the players installed on your
computer by going to
https://ietf.webex.com/ietf/onstage/systemdiagnosis.php




http://www.webex.com

IMPORTANT NOTICE: This WebEx service includes a feature that allows
audio and any documents and other materials exchanged or viewed during
the session to be recorded. By joining this session, you automatically
consent to such recordings. If you do not consent to the recording,
discuss your concerns with the meeting host prior to the start of the
recording or do not join the session. Please note that any such
recordings may be subject to discovery in the event of litigation.


--------------010906050702050903040204
Content-Type: multipart/related;
 boundary="------------020600080105070804040209"


--------------020600080105070804040209
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <font face="Arial, Helvetica, sans-serif" size="2">Topic: SCIM Thu
      29 Mar 2012<br>
      Host: Simple Cloud Identity BoF<br>
      Date and Time:<br>
      Thursday, March 29, 2012 9:00 am, Europe Summer Time (Paris,
      GMT+02:00)<br>
      Event number: 648 243 890<br>
      Event password: thumeeting<br>
      <br>
      -------------------------------------------------------<br>
      To join the online event<br>
      -------------------------------------------------------<br>
      1. <a
href="https://ietf.webex.com/ietf/onstage/g.php?d=648243890&amp;t=a&amp;EA=sandra.murphy%40sparta.com&amp;ET=04d5362c6bc9a33e3b400458c4fa2334&amp;ETR=a3ad002764633274f99fd79c2e4ae132&amp;RT=MiMyMw==&amp;p"
        target="_blank">
        Click here </a>to join the online event.<br>
      Or copy and paste the following link to a browser: <br>
<a class="moz-txt-link-freetext" href="https://ietf.webex.com/ietf/onstage/g.php?d=648243890&amp;t=a&amp;EA=sandra.murphy%40sparta.com&amp;ET=04d5362c6bc9a33e3b400458c4fa2334&amp;ETR=a3ad002764633274f99fd79c2e4ae132&amp;RT=MiMyMw==&amp;p">https://ietf.webex.com/ietf/onstage/g.php?d=648243890&amp;t=a&amp;EA=sandra.murphy%40sparta.com&amp;ET=04d5362c6bc9a33e3b400458c4fa2334&amp;ETR=a3ad002764633274f99fd79c2e4ae132&amp;RT=MiMyMw==&amp;p</a><br>
      2. Click "Join Now".<br>
      <br>
      <br>
      -------------------------------------------------------<br>
      To join the teleconference only<br>
      -------------------------------------------------------<br>
      Call-in toll number (US/Canada): +1-408-600-3600<br>
      Access code: 648 243 890<br>
      <br>
      -------------------------------------------------------<br>
      For assistance<br>
      -------------------------------------------------------<br>
      You can contact Secure Inter-Domain Routing Working Group at:<br>
      <a href="mailto:sidr-chairs@tools.ietf.org" target="_blank">sidr-chairs@tools.ietf.org</a><br>
      <br>
      The playback of UCF (Universal Communications Format) rich media
      files requires appropriate players. To view this type of rich
      media files in the meeting, please check whether you have the
      players installed on your computer by going to
      <a href="https://ietf.webex.com/ietf/onstage/systemdiagnosis.php"
        target="_blank">
        https://ietf.webex.com/ietf/onstage/systemdiagnosis.php</a> <br>
      <br>
      <br>
      <br>
      <br>
      <a href="http://www.webex.com" target="_blank">http://www.webex.com</a><br>
      <br>
      IMPORTANT NOTICE: This WebEx service includes a feature that
      allows audio and any documents and other materials exchanged or
      viewed during the session to be recorded. By joining this session,
      you automatically consent to such recordings. If you do not
      consent to the recording, discuss your concerns with the meeting
      host prior to the start of the recording or do not join the
      session. Please note that any such recordings may be subject to
      discovery in the event of litigation.
      <br>
    </font>
    <br>
    <img src="cid:part5.07090609.00000204@cisco.com" alt="" border="0">
  </body>
</html>

--------------020600080105070804040209
Content-Type: image/gif;
 name="footer.gif"
Content-Transfer-Encoding: base64
Content-ID: <part5.07090609.00000204@cisco.com>
Content-Disposition: inline;
 filename="footer.gif"

R0lGODlhQQITAIAAAEee4QAAACH5BAAAAAAALAAAAABBAhMAAAJ6hI+py+0Po5y02ouz3rz7
D4biSJbmiabqyrbuC8fyTNf2jef6zvf+DwwKh8Si8YhMKpfMpvMJjUqn1Kr1is1qt9yu9wsO
i8fksvmMTqvX7Lb7DY/L5/S6/Y7P6/f8vv8PGCg4SFhoeIiYqLjI2Oj4CBkpOUlZaXmZVQAA
Ow==
--------------020600080105070804040209--

--------------010906050702050903040204--

From ggolovinsky@qualys.com  Thu Mar 29 02:19:38 2012
Return-Path: <ggolovinsky@qualys.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41C2E21F8A03 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 02:19:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.675
X-Spam-Level: 
X-Spam-Status: No, score=-2.675 tagged_above=-999 required=5 tests=[AWL=0.301,  BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1kNaKDxZZ54i for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 02:19:37 -0700 (PDT)
Received: from mail-qa0-f51.google.com (mail-qa0-f51.google.com [209.85.216.51]) by ietfa.amsl.com (Postfix) with ESMTP id 9280521F88D8 for <scim@ietf.org>; Thu, 29 Mar 2012 02:19:27 -0700 (PDT)
Received: by qaea16 with SMTP id a16so186517qae.10 for <scim@ietf.org>; Thu, 29 Mar 2012 02:19:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:mime-version:x-mailer:thread-index:date:message-id:subject:to :content-type:x-gm-message-state; bh=dCrw879yuel+QPkR9JbtHOtP0REVkW2kWIC//vtaFqE=; b=EzRwE2CjDpIpeb69wxPOtT0ZMLq43vH0PTG1Q5JH5Vd4+99C3O1yGBT8AdBB5HHmhx VqfvgbAleAKpE4PS9EpLB9PCH73+wquF7ZaLo4aXM6wH26Eg/pfW0+H/qsre8wzE1nkQ V+/POshkFpFBWNWnm14RdjSsB42QU0cReGYxkQXddi0b6o/nDMC1rreGhQJRLxt7DmPA FoYJzatkU4/ME+otlzeP+9g08XcEHe9JFLQQqevGF8GV3BXSKmrFPYNPPPCx66dTyQGF 46xOij79vrRgS71uQ+R5+oq9w4ZcOf2jHaOmzvPcPa70CIYy/zvmR/vMZdIQLt4gpcfl dQXQ==
Received: by 10.229.78.135 with SMTP id l7mr12588907qck.113.1333012766179; Thu, 29 Mar 2012 02:19:26 -0700 (PDT)
From: Gene Golovinsky <ggolovinsky@qualys.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
thread-index: Ac0NjI5a6EpyiUgkSuOkzGABI94mMw==
Date: Thu, 29 Mar 2012 02:19:31 -0700
Message-ID: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary=002354332aca68c2b904bc5e38b3
X-Gm-Message-State: ALoCoQlsLhgASx/CKhR4Up/69o8d316Lv231Lm9q7DfV1970JVmP/7aG24uqFWqJH9qYqMUog+6T
Subject: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 09:19:38 -0000

--002354332aca68c2b904bc5e38b3
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

   Cloud definition

Just following up on Dan=92s request to outsource the definition of The Clo=
ud
to other orgs.

NIST has done a pretty decent job of it:

*http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf*<http://c=
src.nist.gov/publications/nistpubs/800-145/SP800-145.pdf>

IMHO it is reasonably clear and accepted by many as an operating basis.

Cheers.

--Gene

--002354332aca68c2b904bc5e38b3
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable


<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"MS Exchange Server version 14.02.5004.0=
00">
<title>Cloud definition</title>
</head>
<body>


<p dir=3D"LTR"><span lang=3D"en-us"><font face=3D"Calibri">Just following u=
p on Dan=92s request to outsource the definition of The Cloud to other orgs=
.</font></span></p>

<p dir=3D"LTR"><span lang=3D"en-us"><font face=3D"Calibri">NIST has done a =
pretty decent job of it:</font></span></p>

<p dir=3D"LTR"><span lang=3D"en-us"></span></p>

<p dir=3D"LTR"><span lang=3D"en-us"></span><a href=3D"http://csrc.nist.gov/=
publications/nistpubs/800-145/SP800-145.pdf"><span lang=3D"en-us"><u><font =
color=3D"#0000FF" face=3D"Calibri">http://csrc.nist.gov/publications/nistpu=
bs/800-145/SP800-145.pdf</font></u></span><span lang=3D"en-us"></span></a><=
span lang=3D"en-us"></span></p>


<p dir=3D"LTR"><span lang=3D"en-us"><font face=3D"Calibri">IMHO it is reaso=
nably clear and accepted by many as an operating basis.</font></span></p>

<p dir=3D"LTR"><span lang=3D"en-us"></span></p>

<p dir=3D"LTR"><span lang=3D"en-us"><font face=3D"Calibri">Cheers.</font></=
span></p>

<p dir=3D"LTR"><span lang=3D"en-us"><font face=3D"Calibri">--Gene</font></s=
pan></p>

<p dir=3D"LTR"><span lang=3D"en-us"></span></p>

</body>
</html>

--002354332aca68c2b904bc5e38b3--

From phil.hunt@oracle.com  Thu Mar 29 04:56:58 2012
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B9EE21F89E6 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 04:56:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.359
X-Spam-Level: 
X-Spam-Status: No, score=-10.359 tagged_above=-999 required=5 tests=[AWL=0.239, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q8a+wY5flENQ for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 04:56:57 -0700 (PDT)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 606DA21F89E3 for <scim@ietf.org>; Thu, 29 Mar 2012 04:56:57 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2TButfR007266 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <scim@ietf.org>; Thu, 29 Mar 2012 11:56:56 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2TButrq009675 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <scim@ietf.org>; Thu, 29 Mar 2012 11:56:55 GMT
Received: from abhmt114.oracle.com (abhmt114.oracle.com [141.146.116.66]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2TButSW022124 for <scim@ietf.org>; Thu, 29 Mar 2012 06:56:55 -0500
Received: from dhcp-5483.meeting.ietf.org (/130.129.84.131) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 29 Mar 2012 04:56:55 -0700
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Thu, 29 Mar 2012 13:56:53 +0200
Message-Id: <7C203A08-0F44-4B10-8643-0C2BAF55EC6C@oracle.com>
To: scim@ietf.org
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
X-CT-RefId: str=0001.0A090202.4F744E08.00C2,ss=1,re=0.000,fgs=0
Subject: [scim] Scope change request
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 11:56:58 -0000

I would like to request that the Targeting proposal presented today at =
the BoF be added to the charter for consideration.

A draft proposal has been submitted (new this week --> =
draft-hunt-scim-targeting) which shows how targeting could be done.

A brief summary:  When provisioning to a service provider that has =
multiple applications that may be provisioned, there are 3 alternatives:

1.  Use schema extensions to objects (e.g. entitlements) to infer app =
requests
2.  Use separate domains and implement app specific endpoints (or =
combined multi-homed service)
3.  Use targeting for a RESTful explicit approach.

Item 1 IMHO leads to complexity and future inter-op problems.  Instead =
it is better to keep SCIM requests simple and app-specific.

As far as 2 and 3 goes, the proposal difference is:

app-tennantid.scim.cloud.com/Users/xxxxxx
vs.
scim.cloud.com/Targets/app-tennantid/Users/xxxxxx

The first one requires many more certificates to be issued and leads to =
complexity for things like proxies and load-balancers.  Putting the app =
target in the path is going to be logistically much easier to manage. It =
also means the semantics of the transaction are simplified because the =
operation is now focused on a specific application target.

I submitted the draft only to get the ball rolling and am very open to =
other ideas. I do however feel that this requirement is a deliverable =
that the IETF SCIM WG should address in the first round of =
specifications.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com






From tony@yaanatech.com  Thu Mar 29 06:42:39 2012
Return-Path: <tony@yaanatech.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A964021F8966 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 06:42:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.534
X-Spam-Level: 
X-Spam-Status: No, score=-2.534 tagged_above=-999 required=5 tests=[AWL=-0.066, BAYES_00=-2.599, HTML_MESSAGE=0.001, SARE_RMML_Stock10=0.13]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YzOkY0XRgWOj for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 06:42:38 -0700 (PDT)
Received: from extmail1.prd.yaanatech.com (extmail1.prd.yaanatech.com [205.140.198.37]) by ietfa.amsl.com (Postfix) with ESMTP id 41BAE21F890C for <scim@ietf.org>; Thu, 29 Mar 2012 06:42:38 -0700 (PDT)
Received: from [192.168.0.4] (pool-173-72-136-146.clppva.fios.verizon.net [173.72.136.146]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by extmail1.prd.yaanatech.com (Postfix) with ESMTP id AE89E58076; Thu, 29 Mar 2012 13:42:37 +0000 (UTC)
Message-ID: <4F7466CC.1090004@yaanatech.com>
Date: Thu, 29 Mar 2012 09:42:36 -0400
From: Tony Rutkowski <tony@yaanatech.com>
Organization: Yaana Technologies
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120321 Thunderbird/12.0
MIME-Version: 1.0
To: Gene Golovinsky <ggolovinsky@qualys.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com>
In-Reply-To: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------020507010103040502030301"
Cc: scim@ietf.org
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: tony@yaanatech.com
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 13:42:39 -0000

This is a multi-part message in MIME format.
--------------020507010103040502030301
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

The NIST definition also has significant
buy-in among multiple other standards bodies.
There are, however, a few minor "deltas" for
clarity worth noting.

Other bodies have found "cloud service user"
to be preferable to "consumer" in the various
paragraphs.  "Consumer" is a term with a lot
of baggage and not defined in the NIST text.

Other bodies have found "cloud service
provider" to be preferable to "provider"
in the various paragraphs.  The term
"provider" by itself is ambiguous.

The term "appropriated" in "rapid elasticity"
has been generally replaced with "obtained."
"Appropriated" is a term with some undesirable
alternative meanings.

--tony



On 3/29/2012 5:19 AM, Gene Golovinsky wrote:
>
> Just following up on Dan's request to outsource the definition of The 
> Cloud to other orgs.
>
> NIST has done a pretty decent job of it:
>
> _http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf_
>


--------------020507010103040502030301
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <tt>The NIST definition also has significant<br>
      buy-in among multiple other standards bodies. <br>
      There are, however, a few minor "deltas" for<br>
      clarity worth noting.<br>
      <br>
      Other bodies have found "cloud service user"<br>
      to be preferable to "consumer" in the various <br>
      paragraphs.&nbsp; "Consumer" is a term with a lot <br>
      of baggage and not defined in the NIST text.<br>
      <br>
      Other bodies have found </tt><tt>"cloud service <br>
      provider" to be preferable to </tt><tt>"provider"<br>
      in the various paragraphs.&nbsp; The term <br>
      "provider" by itself is ambiguous.<br>
      <br>
      The term "appropriated" in "rapid elasticity"<br>
      has been generally replaced with "obtained."<br>
      "Appropriated" is a term with some undesirable<br>
      alternative meanings.<br>
      <br>
      --tony<br>
      <br>
    </tt><br>
    <br>
    On 3/29/2012 5:19 AM, Gene Golovinsky wrote:
    <blockquote
      cite="mid:7006d6ef554e58d1fd81433a16639306@mail.gmail.com"
      type="cite">
      <p dir="LTR"><span lang="en-us"><font face="Calibri">Just
            following up on Dan&#8217;s request to outsource the definition of
            The Cloud to other orgs.</font></span></p>
      <p dir="LTR"><span lang="en-us"><font face="Calibri">NIST has done
            a pretty decent job of it:</font></span></p>
      <p dir="LTR"><span lang="en-us"></span></p>
      <p dir="LTR"><span lang="en-us"></span><a moz-do-not-send="true"
          href="http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf"><span
            lang="en-us"><u><font color="#0000FF" face="Calibri">http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf</font></u></span><span
            lang="en-us"></span></a><span lang="en-us"></span></p>
      <p dir="LTR"><span lang="en-us"></span></p>
    </blockquote>
    <br>
  </body>
</html>

--------------020507010103040502030301--

From lear@cisco.com  Thu Mar 29 06:49:32 2012
Return-Path: <lear@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8A9121F8B37 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 06:49:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.536
X-Spam-Level: 
X-Spam-Status: No, score=-110.536 tagged_above=-999 required=5 tests=[AWL=0.063, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eBWCekZBR-g3 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 06:49:32 -0700 (PDT)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 1855C21F8B33 for <scim@ietf.org>; Thu, 29 Mar 2012 06:49:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear@cisco.com; l=151; q=dns/txt; s=iport; t=1333028972; x=1334238572; h=message-id:date:from:mime-version:to:subject:references: in-reply-to:content-transfer-encoding; bh=qJsnOsTudJ0ozhQcjk7x0EsLZu1DNCrVO8tKbibJY1I=; b=Ma9W9dr1/rySYwrG9uWH0XiUdLieeK1qjK+ySkRH8sJPP72HTDuCe9Rn eQkPxq6UKIK/3XyT2+rncM+HMbHrhu4MxIGUT8pek2/ER3z9cDtSFznES 2H/ydMCYpuPP8jlf0ej5x08kQHYTHME1E6PLpqJTsBRQkA3Na1hCqnDN7 Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAFJndE+Q/khR/2dsb2JhbABEhUOzTYEHggoBAQQSARBmCxoCBSECAg8CRhMIAQEeh2ibdY0IkhiBL4xMggyBGASVYY5GgWiCaQ
X-IronPort-AV: E=Sophos;i="4.73,668,1325462400"; d="scan'208";a="69657330"
Received: from ams-core-1.cisco.com ([144.254.72.81]) by ams-iport-2.cisco.com with ESMTP; 29 Mar 2012 13:49:31 +0000
Received: from ams3-vpn-dhcp4459.cisco.com (ams3-vpn-dhcp4459.cisco.com [10.61.81.106]) by ams-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q2TDnVgC011151 for <scim@ietf.org>; Thu, 29 Mar 2012 13:49:31 GMT
Message-ID: <4F74686C.80107@cisco.com>
Date: Thu, 29 Mar 2012 15:49:32 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120327 Thunderbird/11.0.1
MIME-Version: 1.0
To: scim@ietf.org
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com>
In-Reply-To: <4F7466CC.1090004@yaanatech.com>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 13:49:33 -0000

As an individual (I have no hat to wear at this point), I would suggest
that focusing on the definition of cloud will not improve the SCIM protocol.


From ggolovinsky@qualys.com  Thu Mar 29 06:57:53 2012
Return-Path: <ggolovinsky@qualys.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4BF421F8903 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 06:57:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.735
X-Spam-Level: 
X-Spam-Status: No, score=-2.735 tagged_above=-999 required=5 tests=[AWL=0.242,  BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id axhzjHKGnaSH for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 06:57:53 -0700 (PDT)
Received: from mail-qc0-f172.google.com (mail-qc0-f172.google.com [209.85.216.172]) by ietfa.amsl.com (Postfix) with ESMTP id D7B3621F85A1 for <scim@ietf.org>; Thu, 29 Mar 2012 06:57:52 -0700 (PDT)
Received: by qcsq13 with SMTP id q13so1595806qcs.31 for <scim@ietf.org>; Thu, 29 Mar 2012 06:57:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:references:in-reply-to:mime-version:x-mailer:thread-index:date :message-id:subject:to:content-type:x-gm-message-state; bh=VWH+9L2TDWHC1CN5gxGBxDqiU02RNrEyQ07LR1ee18U=; b=N6HH1AaIoXKt0GXaFlr2hEKrRMrH2x4cWbj3xCamUKYE8jIOczd9MBVGAU2vbmG2b1 buo65aydl0lRxc7P0nEMdCPwA+bhXm+oZIgv1PjhGO4GHn6gTaD38EJOZsmIfACPzUp+ Xq3zWx+1IaEDlMgd4WT97stvIIfrATsVsWxvCikEHK9ADhQRmSYznz9YKy8F/IKO00h5 NJCTHCQozkrl3xlSB2U6tE7vYKQP94nnnc+f837NCLqVJGRZzZ7rbjBoZqb43rPhkg2Z K9A/PKViTNsLyY/eey+r+tWv1XJj1zNacq21n4/i8NjIh/Mt2xARbzkm2JYtIu6+XpKD il8A==
Received: by 10.229.106.34 with SMTP id v34mr12934661qco.153.1333029467432; Thu, 29 Mar 2012 06:57:47 -0700 (PDT)
From: Gene Golovinsky <ggolovinsky@qualys.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com>
In-Reply-To: <4F74686C.80107@cisco.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
thread-index: AQGhWQto5AME6ZyVMw/oqchPAsB9OgBpQlFEAfBnWGWWxee08A==
Date: Thu, 29 Mar 2012 06:57:53 -0700
Message-ID: <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com>
To: Eliot Lear <lear@cisco.com>, scim@ietf.org
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQlDVe6kbua0/+L7WnxE8jwG5crcKNS+z+est4hC6ZoPQK+pgcnU0xOqe7npmo6/40kZagp3
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 13:57:53 -0000

I agree. My previous post was a mere attempt to show that "cloud" in our
world has reasonable definition and is accepted my many in the engineering
community.
No relation to SCIM, but rather to the BoF conversation.



-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Eliot Lear
Sent: Thursday, March 29, 2012 06:50 AM
To: scim@ietf.org
Subject: Re: [scim] Cloud definition

As an individual (I have no hat to wear at this point), I would suggest
that focusing on the definition of cloud will not improve the SCIM
protocol.

_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From vesely@tana.it  Thu Mar 29 08:20:24 2012
Return-Path: <vesely@tana.it>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5047621F8841 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 08:20:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.719
X-Spam-Level: 
X-Spam-Status: No, score=-4.719 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I8sm8WdUUFUz for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 08:20:23 -0700 (PDT)
Received: from wmail.tana.it (www.tana.it [62.94.243.226]) by ietfa.amsl.com (Postfix) with ESMTP id 1085D21F883F for <scim@ietf.org>; Thu, 29 Mar 2012 08:20:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=test; t=1333034421; bh=FOM40WZW1hcn5hbN02mMhdSpLmVRw6plu76J4eWXWSE=; l=569; h=Message-ID:Date:From:MIME-Version:To:References:In-Reply-To: Content-Transfer-Encoding; b=QWsyXSWl3IZiyNcgSY1UWxJDMNsBACn4BnkOB/cjdyphbxyCWULVjF8WYWnke5QCx tcQZJZ4jYxAroG+hkEI5baKFV8ipL3wGwZbUYr6H0s9tXDFP9ysHgrgq7awnBh0q97 J7LWbTI8bXVAdn0xNzcZIkSWzNttRLKX+y65I1X4=
Received: from [130.129.20.64] (dhcp-1440.meeting.ietf.org [130.129.20.64]) (AUTH: PLAIN 515, TLS: TLS1.0,256bits,RSA_AES_256_CBC_SHA1) by wmail.tana.it with ESMTPSA; Thu, 29 Mar 2012 17:20:21 +0200 id 00000000005DC039.000000004F747DB5.000068AD
Message-ID: <4F747DB2.5090503@tana.it>
Date: Thu, 29 Mar 2012 17:20:18 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:11.0) Gecko/20120312 Thunderbird/11.0
MIME-Version: 1.0
To: scim@ietf.org
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com>
In-Reply-To: <4F74686C.80107@cisco.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 15:20:24 -0000

On Thu 29/Mar/2012 17:03:28 +0200 Eliot Lear wrote:

> As an individual (I have no hat to wear at this point), I would suggest
> that focusing on the definition of cloud will not improve the SCIM protocol.

Hm... a cloud is, by definition, fuzzy.  To talk about, say, "google cloud"
as neatly separated from all other clouds sounds unreal.  Avoiding
cloud-to-cloud data transfers and privacy questions is consistent with such
enterprise-oriented model.

IMHO, that model is lacks a somewhat wider perspective.  That's why I
dis-hummed this morning.

Regards


From melinda.shore@gmail.com  Thu Mar 29 10:36:14 2012
Return-Path: <melinda.shore@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38BD721E8183 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 10:36:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WRxkO3abeeFy for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 10:36:13 -0700 (PDT)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id 51D0721E8180 for <scim@ietf.org>; Thu, 29 Mar 2012 10:36:13 -0700 (PDT)
Received: by pbbrq13 with SMTP id rq13so409238pbb.31 for <scim@ietf.org>; Thu, 29 Mar 2012 10:36:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=PjPxjWrDMyCRvmtM7WRWOcqhpl0C/8OmLqzSnQvhL9w=; b=ioGUeZ7pNIrR4y8wSMTGSRF3S3NLwFSZ9qiW7lkrCAZl6m3WBedkDEV6/o3SZgQzL0 moenKoaaErSUz2A9BY4QxtykfsHxLEhPqI8Ufnul0XQSC7v0ypNyjmJ5f2Y1p2gQJhZA wY1Ez8VrxPrdZ8cJiTu87bnspDx0ZgVhCcayjcTf13LVBeU/VQFZy3HTuFn+TAW2KYXY 3KZoOC/yIQUmsZ5CEL7m4YqTAFdaaQXx9XDql5K3mG0EzJllVkGjA6wM83cODZQqUSYy edA6JgymDcEpLq1X2uWu7KN3CHQJjTGWwGTA5fBsqzQV3ZFUPamobTumPSlwWwGu0rBv c1/Q==
Received: by 10.68.237.1 with SMTP id uy1mr1622757pbc.99.1333042573165; Thu, 29 Mar 2012 10:36:13 -0700 (PDT)
Received: from polypro.local (66-230-81-245-rb1.fai.dsl.dynamic.acsalaska.net. [66.230.81.245]) by mx.google.com with ESMTPS id o2sm5430710pbb.45.2012.03.29.10.36.11 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 10:36:12 -0700 (PDT)
Message-ID: <4F749D8A.4090503@gmail.com>
Date: Thu, 29 Mar 2012 09:36:10 -0800
From: Melinda Shore <melinda.shore@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.27) Gecko/20120216 Lightning/1.0b2 Thunderbird/3.1.19
MIME-Version: 1.0
To: scim@ietf.org
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com>	<4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com>
In-Reply-To: <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 17:36:14 -0000

On 3/29/12 5:57 AM, Gene Golovinsky wrote:
> I agree. My previous post was a mere attempt to show that "cloud" in our
> world has reasonable definition and is accepted my many in the engineering
> community.
> No relation to SCIM, but rather to the BoF conversation.

I suppose, but I don't think that this is a "cloud"-specific project in
the first place and so definition of "cloud" is largely irrelevant,
anyway.

Melinda

From michael.brenner@alcatel-lucent.com  Thu Mar 29 11:02:24 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1812F21E8142 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 11:02:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.766
X-Spam-Level: 
X-Spam-Status: No, score=-7.766 tagged_above=-999 required=5 tests=[AWL=-1.167, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EWoVw-11Fwvb for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 11:02:23 -0700 (PDT)
Received: from ihemail4.lucent.com (ihemail4.lucent.com [135.245.0.39]) by ietfa.amsl.com (Postfix) with ESMTP id 47A8B21E805F for <scim@ietf.org>; Thu, 29 Mar 2012 11:02:21 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail4.lucent.com (8.13.8/IER-o) with ESMTP id q2TI2IvU003246 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 29 Mar 2012 13:02:19 -0500 (CDT)
Received: from USNAVSXCHHUB02.ndc.alcatel-lucent.com (usnavsxchhub02.ndc.alcatel-lucent.com [135.3.39.111]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2TI2IVu024720 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 29 Mar 2012 13:02:18 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB02.ndc.alcatel-lucent.com ([135.3.39.111]) with mapi; Thu, 29 Mar 2012 13:02:18 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Melinda Shore <melinda.shore@gmail.com>, "scim@ietf.org" <scim@ietf.org>
Date: Thu, 29 Mar 2012 13:02:17 -0500
Thread-Topic: [scim] Cloud definition
Thread-Index: Ac0N0ne2ao5d5v1xQz6ykA8dBchndAAA25TQ
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com>	<4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com>
In-Reply-To: <4F749D8A.4090503@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.39
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 18:02:24 -0000

... if this is NOT cloud-specific ... then I am confused. What else could t=
he context be, when there are specific cloud-related scenarios and non-othe=
r scenarios in scope?

Michael

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Mel=
inda Shore
Sent: Thursday, March 29, 2012 1:36 PM
To: scim@ietf.org
Subject: Re: [scim] Cloud definition

On 3/29/12 5:57 AM, Gene Golovinsky wrote:
> I agree. My previous post was a mere attempt to show that "cloud" in our
> world has reasonable definition and is accepted my many in the engineerin=
g
> community.
> No relation to SCIM, but rather to the BoF conversation.

I suppose, but I don't think that this is a "cloud"-specific project in
the first place and so definition of "cloud" is largely irrelevant,
anyway.

Melinda
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From melinda.shore@gmail.com  Thu Mar 29 11:27:21 2012
Return-Path: <melinda.shore@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 322F621F87D8 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 11:27:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RQM9NkeZAZHD for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 11:27:20 -0700 (PDT)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id 8F56821F87D6 for <scim@ietf.org>; Thu, 29 Mar 2012 11:27:20 -0700 (PDT)
Received: by pbbrq13 with SMTP id rq13so465235pbb.31 for <scim@ietf.org>; Thu, 29 Mar 2012 11:27:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=KVoxdhQHJo3VB062UNjY39eppdyw5Fokz3ZvpucEHTU=; b=Pyeelx8dNxDfWMemdKE49ABRvB80EhUR5m9kNHm6i0vOwVdXmXpKTPGz53wt7gpJ8r QsFzf3/ma1qYSvSkXXs0GsxUdwm2lGyG0Fy0k1nkHkcvKFwC213MOO5DdD/7zFn6UvBQ F8NV8Q4jGDh9QA9qJfYsZd/SRIY1t+BiKph4Rz1ldKey/4XA/ep2+gbZz2Oo3wc+ITfh exjHGDJK6mJe404o5lbKrHeB7e8FBgCLvX4jVQKdDMT/oH7y9Ng+2kOWutHvlyguIdMF pIGtnZkg3FFDSLeeGiT0PgnPlxoJtwcAdHZ3pa5iKUMWGvQrsrbGtEAj2cIu8pIdF4Y7 cZmA==
Received: by 10.68.240.41 with SMTP id vx9mr2117695pbc.10.1333045640414; Thu, 29 Mar 2012 11:27:20 -0700 (PDT)
Received: from polypro.local (66-230-81-245-rb1.fai.dsl.dynamic.acsalaska.net. [66.230.81.245]) by mx.google.com with ESMTPS id 2sm5506658pbw.57.2012.03.29.11.27.17 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 11:27:19 -0700 (PDT)
Message-ID: <4F74A984.9090307@gmail.com>
Date: Thu, 29 Mar 2012 10:27:16 -0800
From: Melinda Shore <melinda.shore@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.27) Gecko/20120216 Lightning/1.0b2 Thunderbird/3.1.19
MIME-Version: 1.0
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com>	<4F7466CC.1090004@yaanatech.com>	<4F74686C.80107@cisco.com>	<256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 18:27:21 -0000

On 3/29/12 10:02 AM, Brenner, Michael Ralf (Michael) wrote:
> ... if this is NOT cloud-specific ... then I am confused.
 > What else could the context be, when there are specific
 > cloud-related scenarios and non-other scenarios in scope?

I believe this might be the first time I've seen it suggested
that a particular technology has no applicability to stuff not
in a document, and I've been involved with the IETF a very long
time.  I suppose there might be something new under the sun,
after all.

At any rate, "cloud" vendors are by no means the only ones
dealing with identity provisioning problems.  At a prior gig
they're generating bulk updates out of their ERP and loading
them into an Oracle database, and from that they're generating
updates to a SQL database and LDIF for the LDAP directory.
(Software longa, hardware brevis).  Because each is run as a
batch job overnight it's 48 hours between the time a new person
is brought in and when their account is actually provisioned.
They've been trying to move to a SPML-based transactional
provisioning model but vendor support is poor.  I don't think
this situation is *that* unusual in large enterprisese.

Melinda

From michael.brenner@alcatel-lucent.com  Thu Mar 29 11:58:12 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACFAA21F86B9 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 11:58:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.676
X-Spam-Level: 
X-Spam-Status: No, score=-7.676 tagged_above=-999 required=5 tests=[AWL=-1.077, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H3tH4P-2XJRb for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 11:58:12 -0700 (PDT)
Received: from ihemail3.lucent.com (ihemail3.lucent.com [135.245.0.37]) by ietfa.amsl.com (Postfix) with ESMTP id 336E721F8687 for <scim@ietf.org>; Thu, 29 Mar 2012 11:57:45 -0700 (PDT)
Received: from usnavsmail4.ndc.alcatel-lucent.com (usnavsmail4.ndc.alcatel-lucent.com [135.3.39.12]) by ihemail3.lucent.com (8.13.8/IER-o) with ESMTP id q2TIviDj014070 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 29 Mar 2012 13:57:44 -0500 (CDT)
Received: from USNAVSXCHHUB03.ndc.alcatel-lucent.com (usnavsxchhub03.ndc.alcatel-lucent.com [135.3.39.112]) by usnavsmail4.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2TIvi9P009786 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 29 Mar 2012 13:57:44 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB03.ndc.alcatel-lucent.com ([135.3.39.112]) with mapi; Thu, 29 Mar 2012 13:57:43 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: Melinda Shore <melinda.shore@gmail.com>
Date: Thu, 29 Mar 2012 13:57:39 -0500
Thread-Topic: [scim] Cloud definition
Thread-Index: Ac0N2ZSdSXST0kD/S/ueL2CubPWGKQAAjstw
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com>	<4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com>
In-Reply-To: <4F74A984.9090307@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.37
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.12
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 18:58:12 -0000

Thanks Melinda.

Disclaimer: I have NOT been involved for a long time with IETF, other than =
in a IETF specs consumer role. But I have been involved for a long time as =
an active contributor to other standards bodies. Therefore, I hope to be ex=
cused if my thought process is quite different than the one used by long-ti=
me IETF active contributors.

Surely, any technology MAY apply to some domains that were not identified b=
y the technology. However, it must be more important to deterministically m=
ake sure that the technology DOES apply to at least 1 particular domain?

Of course, "cloud" vendors or service providers are not the only ones faced=
 with Identity Management provisioning and/or retrieving issues. But that w=
as the entire point of me questioning the premise that the SCIM work is NOT=
 cloud-specific. I agree that a technology may not necessarily be domain-sp=
ecific, and may not even have to identify a single specific domain but I al=
so think that this is only true once the technology is at a very low level =
of granularity (e.g. how best to package large amounts of data in a given s=
ize packet, or how to transmit the packet from one endpoint to another). Th=
at is not the case with IdM, IMO. Unless specific scenarios (cloud-related =
or otherwise) are used to focus the work, the technology developed will mis=
s the target (which will be made easier by the fact that there is NO target=
). It will become a beautiful academic piece of work.

Note that I am not arguing for a specific definition of "cloud", but I am a=
rguing for specific scenarios. If those scenarios happen to apply to other =
domains, great.

Michael

-----Original Message-----
From: Melinda Shore [mailto:melinda.shore@gmail.com]=20
Sent: Thursday, March 29, 2012 2:27 PM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org
Subject: Re: [scim] Cloud definition

On 3/29/12 10:02 AM, Brenner, Michael Ralf (Michael) wrote:
> ... if this is NOT cloud-specific ... then I am confused.
 > What else could the context be, when there are specific
 > cloud-related scenarios and non-other scenarios in scope?

I believe this might be the first time I've seen it suggested
that a particular technology has no applicability to stuff not
in a document, and I've been involved with the IETF a very long
time.  I suppose there might be something new under the sun,
after all.

At any rate, "cloud" vendors are by no means the only ones
dealing with identity provisioning problems.  At a prior gig
they're generating bulk updates out of their ERP and loading
them into an Oracle database, and from that they're generating
updates to a SQL database and LDIF for the LDAP directory.
(Software longa, hardware brevis).  Because each is run as a
batch job overnight it's 48 hours between the time a new person
is brought in and when their account is actually provisioned.
They've been trying to move to a SPML-based transactional
provisioning model but vendor support is poor.  I don't think
this situation is *that* unusual in large enterprisese.

Melinda

From RNATALE@mitre.org  Thu Mar 29 12:15:35 2012
Return-Path: <RNATALE@mitre.org>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AA7021E801B for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 12:15:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bmOGVl0RvpC3 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 12:15:34 -0700 (PDT)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by ietfa.amsl.com (Postfix) with ESMTP id 9395D21E808E for <scim@ietf.org>; Thu, 29 Mar 2012 12:15:33 -0700 (PDT)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 1E53B21B1906; Thu, 29 Mar 2012 15:15:32 -0400 (EDT)
Received: from IMCCAS01.MITRE.ORG (imccas01.mitre.org [129.83.29.78]) by smtpksrv1.mitre.org (Postfix) with ESMTP id 0548721B1457; Thu, 29 Mar 2012 15:15:32 -0400 (EDT)
Received: from IMCMBX01.MITRE.ORG ([169.254.1.233]) by IMCCAS01.MITRE.ORG ([129.83.29.78]) with mapi id 14.01.0339.001; Thu, 29 Mar 2012 15:15:31 -0400
From: "Natale, Bob" <RNATALE@mitre.org>
To: "'michael.brenner@alcatel-lucent.com'" <michael.brenner@alcatel-lucent.com>
Thread-Topic: [scim] Cloud definition
Thread-Index: AQHNDdJ0zourlxXGl0mmHFjVqVZNUZaB05CAgAAG+wCAAAh9gP//we8L
Date: Thu, 29 Mar 2012 19:15:30 +0000
Message-ID: <A65E21691881E64DBF058A66E53068ED2B5DA6@IMCMBX01.MITRE.ORG>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [129.83.242.115]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "'scim@ietf.org'" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 19:15:35 -0000

I agree ... And would note that sometimes the "academic piece[s] of work" a=
re not even all that "beautiful"! :)

BB,
BobN

----- Original Message -----
From: Brenner, Michael Ralf (Michael) [mailto:michael.brenner@alcatel-lucen=
t.com]
Sent: Thursday, March 29, 2012 02:57 PM=0A=
To: Melinda Shore <melinda.shore@gmail.com>
Cc: scim@ietf.org <scim@ietf.org>
Subject: Re: [scim] Cloud definition

Thanks Melinda.

Disclaimer: I have NOT been involved for a long time with IETF, other than =
in a IETF specs consumer role. But I have been involved for a long time as =
an active contributor to other standards bodies. Therefore, I hope to be ex=
cused if my thought process is quite different than the one used by long-ti=
me IETF active contributors.

Surely, any technology MAY apply to some domains that were not identified b=
y the technology. However, it must be more important to deterministically m=
ake sure that the technology DOES apply to at least 1 particular domain?

Of course, "cloud" vendors or service providers are not the only ones faced=
 with Identity Management provisioning and/or retrieving issues. But that w=
as the entire point of me questioning the premise that the SCIM work is NOT=
 cloud-specific. I agree that a technology may not necessarily be domain-sp=
ecific, and may not even have to identify a single specific domain but I al=
so think that this is only true once the technology is at a very low level =
of granularity (e.g. how best to package large amounts of data in a given s=
ize packet, or how to transmit the packet from one endpoint to another). Th=
at is not the case with IdM, IMO. Unless specific scenarios (cloud-related =
or otherwise) are used to focus the work, the technology developed will mis=
s the target (which will be made easier by the fact that there is NO target=
). It will become a beautiful academic piece of work.

Note that I am not arguing for a specific definition of "cloud", but I am a=
rguing for specific scenarios. If those scenarios happen to apply to other =
domains, great.

Michael

-----Original Message-----
From: Melinda Shore [mailto:melinda.shore@gmail.com]=20
Sent: Thursday, March 29, 2012 2:27 PM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org
Subject: Re: [scim] Cloud definition

On 3/29/12 10:02 AM, Brenner, Michael Ralf (Michael) wrote:
> ... if this is NOT cloud-specific ... then I am confused.
 > What else could the context be, when there are specific
 > cloud-related scenarios and non-other scenarios in scope?

I believe this might be the first time I've seen it suggested
that a particular technology has no applicability to stuff not
in a document, and I've been involved with the IETF a very long
time.  I suppose there might be something new under the sun,
after all.

At any rate, "cloud" vendors are by no means the only ones
dealing with identity provisioning problems.  At a prior gig
they're generating bulk updates out of their ERP and loading
them into an Oracle database, and from that they're generating
updates to a SQL database and LDIF for the LDAP directory.
(Software longa, hardware brevis).  Because each is run as a
batch job overnight it's 48 hours between the time a new person
is brought in and when their account is actually provisioned.
They've been trying to move to a SPML-based transactional
provisioning model but vendor support is poor.  I don't think
this situation is *that* unusual in large enterprisese.

Melinda
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

From kelly.grizzle@sailpoint.com  Thu Mar 29 12:45:54 2012
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAC1921F86B0 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 12:45:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BBKvMrOTp02T for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 12:45:54 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe004.messaging.microsoft.com [216.32.181.184]) by ietfa.amsl.com (Postfix) with ESMTP id 0330F21F85EA for <scim@ietf.org>; Thu, 29 Mar 2012 12:45:53 -0700 (PDT)
Received: from mail4-ch1-R.bigfish.com (10.43.68.241) by CH1EHSOBE009.bigfish.com (10.43.70.59) with Microsoft SMTP Server id 14.1.225.23; Thu, 29 Mar 2012 19:45:53 +0000
Received: from mail4-ch1 (localhost [127.0.0.1])	by mail4-ch1-R.bigfish.com (Postfix) with ESMTP id 1E1D11E0838; Thu, 29 Mar 2012 19:45:53 +0000 (UTC)
X-SpamScore: -35
X-BigFish: PS-35(zzbb2dI9371I3071M542M98dKzz1202hzz1033IL8275bh8275dhz2fh2a8h668h839h944hd25h)
X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT002.namprd04.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail4-ch1: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT002.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail4-ch1 (localhost.localdomain [127.0.0.1]) by mail4-ch1 (MessageSwitch) id 1333050350249574_32240; Thu, 29 Mar 2012 19:45:50 +0000 (UTC)
Received: from CH1EHSMHS022.bigfish.com (snatpool2.int.messaging.microsoft.com [10.43.68.231])	by mail4-ch1.bigfish.com (Postfix) with ESMTP id 30B772A0053; Thu, 29 Mar 2012 19:45:50 +0000 (UTC)
Received: from BL2PRD0410HT002.namprd04.prod.outlook.com (157.56.240.85) by CH1EHSMHS022.bigfish.com (10.43.70.22) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 29 Mar 2012 19:45:49 +0000
Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.2.218]) by BL2PRD0410HT002.namprd04.prod.outlook.com ([10.255.99.37]) with mapi id 14.16.0135.002; Thu, 29 Mar 2012 19:45:48 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: "Natale, Bob" <RNATALE@mitre.org>, "'michael.brenner@alcatel-lucent.com'" <michael.brenner@alcatel-lucent.com>
Thread-Topic: [scim] Cloud definition
Thread-Index: Ac0NjI5a6EpyiUgkSuOkzGABI94mMwAJT5wAAAA9/QAAAEqogAAHn5sAAADpgIAAAN9fAAABD6aAAACflwAAAFn2IA==
Date: Thu, 29 Mar 2012 19:45:48 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C654EA9@BL2PRD0410MB351.namprd04.prod.outlook.com>
References: <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A65E21691881E64DBF058A66E53068ED2B5DA6@IMCMBX01.MITRE.ORG>
In-Reply-To: <A65E21691881E64DBF058A66E53068ED2B5DA6@IMCMBX01.MITRE.ORG>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [130.129.67.70]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "'scim@ietf.org'" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 19:45:55 -0000

I believe that this was mentioned at the BoF, but the charter calls for a u=
se cases doc:

  draft-scim-use-cases-00 as the initial use cases for SCIM

SCIM has no ambitions to live in an ivory tower, and all of the existing wo=
rk has leaned towards pragmatism.  There actually was a use cases doc devel=
oped outside of the IETF which may serve as a basis for the draft.

Regarding "cloud", I 100% agree that the identity management is not specifi=
c to the cloud (and as Pete put it today, that the cloud is a bit cloudy). =
 There are many scenarios that SCIM can help with, ranging from cloud-to-cl=
oud, enterprise-to-cloud, and any combination of these.  The existing REST =
protocol is very cloud-friendly, though, and my feeling is that cloud provi=
ders are where much of the benefit will be seen initially.

--Kelly

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Nat=
ale, Bob
Sent: Thursday, March 29, 2012 9:16 PM
To: 'michael.brenner@alcatel-lucent.com'
Cc: 'scim@ietf.org'
Subject: Re: [scim] Cloud definition

I agree ... And would note that sometimes the "academic piece[s] of work" a=
re not even all that "beautiful"! :)

BB,
BobN

----- Original Message -----
From: Brenner, Michael Ralf (Michael) [mailto:michael.brenner@alcatel-lucen=
t.com]
Sent: Thursday, March 29, 2012 02:57 PM
To: Melinda Shore <melinda.shore@gmail.com>
Cc: scim@ietf.org <scim@ietf.org>
Subject: Re: [scim] Cloud definition

Thanks Melinda.

Disclaimer: I have NOT been involved for a long time with IETF, other than =
in a IETF specs consumer role. But I have been involved for a long time as =
an active contributor to other standards bodies. Therefore, I hope to be ex=
cused if my thought process is quite different than the one used by long-ti=
me IETF active contributors.

Surely, any technology MAY apply to some domains that were not identified b=
y the technology. However, it must be more important to deterministically m=
ake sure that the technology DOES apply to at least 1 particular domain?

Of course, "cloud" vendors or service providers are not the only ones faced=
 with Identity Management provisioning and/or retrieving issues. But that w=
as the entire point of me questioning the premise that the SCIM work is NOT=
 cloud-specific. I agree that a technology may not necessarily be domain-sp=
ecific, and may not even have to identify a single specific domain but I al=
so think that this is only true once the technology is at a very low level =
of granularity (e.g. how best to package large amounts of data in a given s=
ize packet, or how to transmit the packet from one endpoint to another). Th=
at is not the case with IdM, IMO. Unless specific scenarios (cloud-related =
or otherwise) are used to focus the work, the technology developed will mis=
s the target (which will be made easier by the fact that there is NO target=
). It will become a beautiful academic piece of work.

Note that I am not arguing for a specific definition of "cloud", but I am a=
rguing for specific scenarios. If those scenarios happen to apply to other =
domains, great.

Michael

-----Original Message-----
From: Melinda Shore [mailto:melinda.shore@gmail.com]
Sent: Thursday, March 29, 2012 2:27 PM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org
Subject: Re: [scim] Cloud definition

On 3/29/12 10:02 AM, Brenner, Michael Ralf (Michael) wrote:
> ... if this is NOT cloud-specific ... then I am confused.
 > What else could the context be, when there are specific  > cloud-related=
 scenarios and non-other scenarios in scope?

I believe this might be the first time I've seen it suggested that a partic=
ular technology has no applicability to stuff not in a document, and I've b=
een involved with the IETF a very long time.  I suppose there might be some=
thing new under the sun, after all.

At any rate, "cloud" vendors are by no means the only ones dealing with ide=
ntity provisioning problems.  At a prior gig they're generating bulk update=
s out of their ERP and loading them into an Oracle database, and from that =
they're generating updates to a SQL database and LDIF for the LDAP director=
y.
(Software longa, hardware brevis).  Because each is run as a batch job over=
night it's 48 hours between the time a new person is brought in and when th=
eir account is actually provisioned.
They've been trying to move to a SPML-based transactional provisioning mode=
l but vendor support is poor.  I don't think this situation is *that* unusu=
al in large enterprisese.

Melinda
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim



From eDreux@bcpsoft.fr  Thu Mar 29 13:15:50 2012
Return-Path: <eDreux@bcpsoft.fr>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90CF121E80B9 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 13:15:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id itR36He5U+Vm for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 13:15:49 -0700 (PDT)
Received: from tx2outboundpool.messaging.microsoft.com (tx2ehsobe002.messaging.microsoft.com [65.55.88.12]) by ietfa.amsl.com (Postfix) with ESMTP id DF31A21E80B7 for <scim@ietf.org>; Thu, 29 Mar 2012 13:15:48 -0700 (PDT)
Received: from mail135-tx2-R.bigfish.com (10.9.14.235) by TX2EHSOBE008.bigfish.com (10.9.40.28) with Microsoft SMTP Server id 14.1.225.23; Thu, 29 Mar 2012 20:15:47 +0000
Received: from mail135-tx2 (localhost [127.0.0.1])	by mail135-tx2-R.bigfish.com (Postfix) with ESMTP id C12513405C5; Thu, 29 Mar 2012 20:15:47 +0000 (UTC)
X-SpamScore: -85
X-BigFish: PS-85(zzbb2dI9371I3071Mc89bh542M15caKJ98dKzz1202hzz1033IL8275dhz2fh2a8h668h839hd25h)
X-Forefront-Antispam-Report: CIP:157.56.252.53; KIP:(null); UIP:(null); IPV:NLI; H:DB3PRD0610HT002.eurprd06.prod.outlook.com; RD:none; EFVD:NLI
Received-SPF: pass (mail135-tx2: domain of bcpsoft.fr designates 157.56.252.53 as permitted sender) client-ip=157.56.252.53; envelope-from=eDreux@bcpsoft.fr; helo=DB3PRD0610HT002.eurprd06.prod.outlook.com ; .outlook.com ; 
Received: from mail135-tx2 (localhost.localdomain [127.0.0.1]) by mail135-tx2 (MessageSwitch) id 1333052144567550_12327; Thu, 29 Mar 2012 20:15:44 +0000 (UTC)
Received: from TX2EHSMHS015.bigfish.com (unknown [10.9.14.247])	by mail135-tx2.bigfish.com (Postfix) with ESMTP id 83FB81E0187; Thu, 29 Mar 2012 20:15:44 +0000 (UTC)
Received: from DB3PRD0610HT002.eurprd06.prod.outlook.com (157.56.252.53) by TX2EHSMHS015.bigfish.com (10.9.99.115) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 29 Mar 2012 20:15:42 +0000
Received: from DB3PRD0610MB356.eurprd06.prod.outlook.com ([169.254.11.196]) by DB3PRD0610HT002.eurprd06.prod.outlook.com ([10.255.47.37]) with mapi id 14.16.0135.002; Thu, 29 Mar 2012 20:15:40 +0000
From: Emmanuel dreux <eDreux@bcpsoft.fr>
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>, Melinda Shore <melinda.shore@gmail.com>
Thread-Topic: [scim] Cloud definition
Thread-Index: AQHNDd5bfx6Oi+jUgE+2AkVOMB/a6JaBsBRw
Date: Thu, 29 Mar 2012 20:15:39 +0000
Message-ID: <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com>	<4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [92.154.76.230]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: bcpsoft.fr
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 20:15:50 -0000

Hi,

As an IAM consultant for a long time, I can say that in on premise scenario=
, I do not need a universal provisioning protocol.
I'm using metadirectory products that read/write directly to LDAP, SQL data=
bases, flat files, etc.

In SAAS / ASP scenario, it's different.=20
I do not have access directly to the directory that contains the accounts (=
LDAP,SQL,etc).
The provider has to expose provisioning APIs that will allow me to programm=
atically and remotely manage accounts.

Today every SAAS provider creates his proprietary API exposed  for example =
through webservices or REST apis.
As an editor of a provisioning solution for Cloud based applications, each =
time we integrate a new SAAS provider, we have to learn his programming mod=
el and provisioning APIs.

This is where SCIM becomes useful and relevant by allowing to standardize t=
he management of the accounts.
Tipically a SAAS issue because we do not have access natively to the reposi=
tory (LDAP, SQL database, etc...).

--
Regards,
Emmanuel Dreux
http://www.bcpsoft.fr
Tel: +33 1 46 15 07 22
Mobile: +33 6 47 81 26 70
skype: Emmanuel.Dreux

-----Message d'origine-----
De=A0: Brenner, Michael Ralf (Michael) [mailto:michael.brenner@alcatel-luce=
nt.com]=20
Envoy=E9=A0: jeudi 29 mars 2012 20:58
=C0=A0: Melinda Shore
Cc=A0: scim@ietf.org
Objet=A0: Re: [scim] Cloud definition

Thanks Melinda.

Disclaimer: I have NOT been involved for a long time with IETF, other than =
in a IETF specs consumer role. But I have been involved for a long time as =
an active contributor to other standards bodies. Therefore, I hope to be ex=
cused if my thought process is quite different than the one used by long-ti=
me IETF active contributors.

Surely, any technology MAY apply to some domains that were not identified b=
y the technology. However, it must be more important to deterministically m=
ake sure that the technology DOES apply to at least 1 particular domain?

Of course, "cloud" vendors or service providers are not the only ones faced=
 with Identity Management provisioning and/or retrieving issues. But that w=
as the entire point of me questioning the premise that the SCIM work is NOT=
 cloud-specific. I agree that a technology may not necessarily be domain-sp=
ecific, and may not even have to identify a single specific domain but I al=
so think that this is only true once the technology is at a very low level =
of granularity (e.g. how best to package large amounts of data in a given s=
ize packet, or how to transmit the packet from one endpoint to another). Th=
at is not the case with IdM, IMO. Unless specific scenarios (cloud-related =
or otherwise) are used to focus the work, the technology developed will mis=
s the target (which will be made easier by the fact that there is NO target=
). It will become a beautiful academic piece of work.

Note that I am not arguing for a specific definition of "cloud", but I am a=
rguing for specific scenarios. If those scenarios happen to apply to other =
domains, great.

Michael

-----Original Message-----
From: Melinda Shore [mailto:melinda.shore@gmail.com]
Sent: Thursday, March 29, 2012 2:27 PM
To: Brenner, Michael Ralf (Michael)
Cc: scim@ietf.org
Subject: Re: [scim] Cloud definition

On 3/29/12 10:02 AM, Brenner, Michael Ralf (Michael) wrote:
> ... if this is NOT cloud-specific ... then I am confused.
 > What else could the context be, when there are specific  > cloud-related=
 scenarios and non-other scenarios in scope?

I believe this might be the first time I've seen it suggested that a partic=
ular technology has no applicability to stuff not in a document, and I've b=
een involved with the IETF a very long time.  I suppose there might be some=
thing new under the sun, after all.

At any rate, "cloud" vendors are by no means the only ones dealing with ide=
ntity provisioning problems.  At a prior gig they're generating bulk update=
s out of their ERP and loading them into an Oracle database, and from that =
they're generating updates to a SQL database and LDIF for the LDAP director=
y.
(Software longa, hardware brevis).  Because each is run as a batch job over=
night it's 48 hours between the time a new person is brought in and when th=
eir account is actually provisioned.
They've been trying to move to a SPML-based transactional provisioning mode=
l but vendor support is poor.  I don't think this situation is *that* unusu=
al in large enterprisese.

Melinda



From melinda.shore@gmail.com  Thu Mar 29 13:21:28 2012
Return-Path: <melinda.shore@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAF8F21E80B9 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 13:21:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ooUmnGy23f01 for <scim@ietfa.amsl.com>; Thu, 29 Mar 2012 13:21:28 -0700 (PDT)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id 1AAD221E805F for <scim@ietf.org>; Thu, 29 Mar 2012 13:21:04 -0700 (PDT)
Received: by pbbrq13 with SMTP id rq13so581940pbb.31 for <scim@ietf.org>; Thu, 29 Mar 2012 13:21:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=xqiBBvDROsIV1Ay4Z6Rvvq1c30H+GcLdrU/dMnhGyYE=; b=WL4rT71n1wKQo+4YwhBJwQxUQNqG/9wP4qFJfWvWWYras7ifKl3M84tyom3tOxFHWl aR4cD72GMzAR+gS975yMiK0oPGokLs5SN5pBPsqsllnMMxvM/pKwhHNuuC6fNeIDPtLI vgLDRep7dgbED+ljD9U0Mujxg+XyscjsjvIa8+SzqMMYzx5FfT8B9AXEOA9pLzvcdsPh O8TSOC0j8WIjR+1CUTrogVWpOCPqtoeuJJo/c1GBj+JoX4LwlvMyHxPD5H8zUrqCMtRw SiHO8aAqKq66eVlbDG9qYKPFvvg99KnecVociY11rARMC2RoR7IHZHajRdGR6IwDpemn f8Pw==
Received: by 10.68.201.73 with SMTP id jy9mr2933849pbc.35.1333052463896; Thu, 29 Mar 2012 13:21:03 -0700 (PDT)
Received: from polypro.local (66-230-81-245-rb1.fai.dsl.dynamic.acsalaska.net. [66.230.81.245]) by mx.google.com with ESMTPS id m5sm5671864pbk.64.2012.03.29.13.21.02 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 13:21:03 -0700 (PDT)
Message-ID: <4F74C42D.2020609@gmail.com>
Date: Thu, 29 Mar 2012 12:21:01 -0800
From: Melinda Shore <melinda.shore@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.27) Gecko/20120216 Lightning/1.0b2 Thunderbird/3.1.19
MIME-Version: 1.0
To: Emmanuel dreux <eDreux@bcpsoft.fr>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com>	<4F7466CC.1090004@yaanatech.com>	<4F74686C.80107@cisco.com>	<256df9833e11b1b1da54f4272d9380aa@mail.gmail.com>	<4F749D8A.4090503@gmail.com>	<219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>	<4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com>
In-Reply-To: <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 20:21:29 -0000

On 3/29/12 12:15 PM, Emmanuel dreux wrote:
> In SAAS / ASP scenario, it's different. I do not have access directly
> to the directory that contains the accounts (LDAP,SQL,etc). The
> provider has to expose provisioning APIs that will allow me to
> programmatically and remotely manage accounts.

You run into exactly this sort of situation in very large enterprises,
where the people who run the ERP may not have write access to the
corporate directory or be able to provision accounts.  But even in
cases where they are there's a lot of interest in moving from a batching
model to a transactional one.

Melinda

From samuel@erdtman.se  Fri Mar 30 00:23:30 2012
Return-Path: <samuel@erdtman.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4078D21F872A for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 00:23:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Level: 
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i3WKgz5MpgNv for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 00:23:28 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id BE42F21F8716 for <scim@ietf.org>; Fri, 30 Mar 2012 00:23:27 -0700 (PDT)
Received: by vcbfk13 with SMTP id fk13so254372vcb.31 for <scim@ietf.org>; Fri, 30 Mar 2012 00:23:27 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:x-gm-message-state:content-type:content-transfer-encoding; bh=vRzWFCdGrdc8yeXsiQbnUC8LmDHnkz5Ita3rdyIm638=; b=Bnerxd3gLERle31qcmBmUOmEXCxAl8uSxgYHkrAIryFWm/Zbr//hvRb4KylQgFx/98 dl8ydTFe1TLuXj/Bf0Sn5B1s+urrEHmXeMD8omBcxnutdWHUl94Q22ma3cyaKybubfuz 4KoJWDDZSDrRDweriGCLk/Lh+v9JmZl9UShS7hJIkg6RmFnyDFLSkb6yAZ+8bo3J3qyX wkZoMONYSm1UAZQrydLxnulv41ID60FByuYsTY7jROd/RejHm6Kw6MuxOrkwQZbW6NZr nnaVlVdtvoyd0i5G0Jgks078XJFTDoWigKFc0y38ZhkmIr5HcURUZK8d3tuhiO/8zgzT zkxA==
MIME-Version: 1.0
Received: by 10.52.64.171 with SMTP id p11mr459685vds.78.1333092206938; Fri, 30 Mar 2012 00:23:26 -0700 (PDT)
Received: by 10.220.193.130 with HTTP; Fri, 30 Mar 2012 00:23:26 -0700 (PDT)
In-Reply-To: <4F74C42D.2020609@gmail.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com> <4F74C42D.2020609@gmail.com>
Date: Fri, 30 Mar 2012 09:23:26 +0200
Message-ID: <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com>
From: Samuel Erdtman <samuel@erdtman.se>
To: Melinda Shore <melinda.shore@gmail.com>
X-Gm-Message-State: ALoCoQlR56exPpQ1CIjDWo4bCArFeCUrcX+agaMVaQJ/wwwB7Jl9ZUA9E/Ag44UA+PFQnmNEgxkQ
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: "scim@ietf.org" <scim@ietf.org>, Emmanuel dreux <eDreux@bcpsoft.fr>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 07:23:31 -0000

I=B4m new at IETF so I don=B4t know if I will offend someone with this
post, if so I=B4m sorry for that.

First I like the point that Michael does, just because it is aimed for
cloud services does not mean that it cannot be used for other things
too.

And further, SCIM is just a name in the end.

Cheers
//Samuel

On Thu, Mar 29, 2012 at 10:21 PM, Melinda Shore <melinda.shore@gmail.com> w=
rote:
> On 3/29/12 12:15 PM, Emmanuel dreux wrote:
>>
>> In SAAS / ASP scenario, it's different. I do not have access directly
>> to the directory that contains the accounts (LDAP,SQL,etc). The
>> provider has to expose provisioning APIs that will allow me to
>> programmatically and remotely manage accounts.
>
>
> You run into exactly this sort of situation in very large enterprises,
> where the people who run the ERP may not have write access to the
> corporate directory or be able to provision accounts. =A0But even in
> cases where they are there's a lot of interest in moving from a batching
> model to a transactional one.
>
>
> Melinda
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From barryleiba.mailing.lists@gmail.com  Fri Mar 30 00:30:48 2012
Return-Path: <barryleiba.mailing.lists@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDB8521F8754 for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 00:30:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.998
X-Spam-Level: 
X-Spam-Status: No, score=-102.998 tagged_above=-999 required=5 tests=[AWL=-0.022, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ISK-IIRFQB7 for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 00:30:47 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id BDD8221F875B for <scim@ietf.org>; Fri, 30 Mar 2012 00:30:47 -0700 (PDT)
Received: by yenm5 with SMTP id m5so136105yen.31 for <scim@ietf.org>; Fri, 30 Mar 2012 00:30:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=lQiybpPkQ7AgcumdM+FacFTHpzle6jxnXxwfgkr2YWM=; b=T+HMWojGHZ2QKquqDrWSKnn7y2Gh0sWDTQfBovAt7S5TXu5g80BGfuamunT/KH+hW3 JI897qLWbklFqNk2NGOuTWd5hLMgfg+6Emroo61BHZuhyT3qfDQ4dHEXj9lYm7UQwOyZ B95oC/gJj8bcAjQVzg8kwv6nxEIPNeBd0w6lB0c2FRZadlTwnUqFXjWK/YHrWcTdcW1V 9q9OF+wexj5SogOSu47XoRLlRltOot6QiWG86z1DikovX0OD0YEnyxQo4J4UZ3uDvlcn PeSpv0FUoPUai5F81PKbc1C0E9yTpgviM/th9axu3eOy0/tcSimvQHvcTGOLs3zG7Kt+ v8YA==
MIME-Version: 1.0
Received: by 10.236.79.40 with SMTP id h28mr999524yhe.50.1333092647399; Fri, 30 Mar 2012 00:30:47 -0700 (PDT)
Sender: barryleiba.mailing.lists@gmail.com
Received: by 10.146.230.1 with HTTP; Fri, 30 Mar 2012 00:30:47 -0700 (PDT)
In-Reply-To: <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com> <4F74C42D.2020609@gmail.com> <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com>
Date: Fri, 30 Mar 2012 09:30:47 +0200
X-Google-Sender-Auth: SsXqM8bRykroOXyIqy_Hr3QxS98
Message-ID: <CAC4RtVDFGTUi-i19vE4C6CTn3av8vSGG2AdiERz7KSNrC8LyNQ@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
To: Samuel Erdtman <samuel@erdtman.se>
Content-Type: multipart/alternative; boundary=20cf300fab4bb370f504bc70d169
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 07:30:48 -0000

--20cf300fab4bb370f504bc70d169
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

>
> I=B4m new at IETF so I don=B4t know if I will offend someone with this


No, not 'tall.

And further, SCIM is just a name in the end.


 That's what I was getting at in the meeting, when I asked people not to
spin their wheels on the name right now.

But you have to understand the history.  We have had several attempts to
"standardize clouds", with rambling, unfocused, and unpopular results.
 That's caused IETF people to be sensitive to and skeptical of the "cloud"
word.  Apart from that, we generally prefer not to take something of more
general use and name it for a specific use case.  The name will be what
draws attention to the work, and people who would be important contributors
might be put off, confused, or simply not drawn in by a too-narrow name.

Barry, Applications AD

--20cf300fab4bb370f504bc70d169
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">I=B4m new at IETF so I don=B4t know if I wil=
l offend someone with this</blockquote><div><br></div><div>No, not &#39;tal=
l.</div>
<div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex=
;border-left:1px #ccc solid;padding-left:1ex">And further, SCIM is just a n=
ame in the end.</blockquote><div><br></div><div>=A0That&#39;s what I was ge=
tting at in the meeting, when I asked people not to spin their wheels on th=
e name right now.</div>
<div><br></div><div>But you have to understand the history. =A0We have had =
several attempts to &quot;standardize clouds&quot;, with rambling, unfocuse=
d, and unpopular results. =A0That&#39;s caused IETF people to be sensitive =
to and skeptical of the &quot;cloud&quot; word. =A0Apart from that, we gene=
rally prefer not to take something of more general use and name it for a sp=
ecific use case. =A0The name will be what draws attention to the work, and =
people who would be important contributors might be put off, confused, or s=
imply not drawn in by a too-narrow name.</div>
<div><br></div><div>Barry, Applications AD<span></span></div>

--20cf300fab4bb370f504bc70d169--

From wmills@yahoo-inc.com  Fri Mar 30 08:07:46 2012
Return-Path: <wmills@yahoo-inc.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C77C721F865D for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 08:07:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.298
X-Spam-Level: 
X-Spam-Status: No, score=-16.298 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FKShNe8+-ho0 for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 08:07:46 -0700 (PDT)
Received: from nm40.bullet.mail.ne1.yahoo.com (nm40.bullet.mail.ne1.yahoo.com [98.138.229.33]) by ietfa.amsl.com (Postfix) with SMTP id F37F421F8652 for <scim@ietf.org>; Fri, 30 Mar 2012 08:07:45 -0700 (PDT)
Received: from [98.138.90.48] by nm40.bullet.mail.ne1.yahoo.com with NNFMP; 30 Mar 2012 15:07:41 -0000
Received: from [98.138.226.162] by tm1.bullet.mail.ne1.yahoo.com with NNFMP; 30 Mar 2012 15:07:41 -0000
Received: from [127.0.0.1] by omp1063.mail.ne1.yahoo.com with NNFMP; 30 Mar 2012 15:07:41 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 322566.25183.bm@omp1063.mail.ne1.yahoo.com
Received: (qmail 52302 invoked by uid 60001); 30 Mar 2012 15:07:41 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1333120060; bh=+2F/iCnERPCYx5EKtln0bOwo9LfyK8sa2WkcTMvVTws=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=j7P+ZxG+O26/WSLD5S5PWaO0mfsUIdEeLThQJiLi09pYh/6hqmGPNMY800Ahp7Yk3AiLX8k9m8wSUazmNgz77wwl/8SYuk5dNXE7/9M1JcNJRBDwXkg75RKL83ageyPPKMD17SeU01oivuoGQxUEoHUzLgSMW38EI/U9pLq+Q7Y=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=qK+tsW3v4Fiv+BthTyGIsuNfS7NNLnSDihPS0pUY5s/NuOJwraZCGb2B4H9YZa0zjgBTX4RC9EUGtKxBnZtp7zfpE4ly1f7FeAXBw9+Ema93oCNW0hT8r0IFDqoXevHywd4b9q4oRTOZwG2tgOaCVP3Wy6bjb0NL4pT7wFpDO9Y=;
X-YMail-OSG: EV3sjpAVM1nZMxp.H66nDPRNhnHnvjWjPXMj0775KMH6TrQ tJyEHyMFvryV8eeoZic.8obNCKQ3EIZ5ODHLwGo9SxZuGNatqhV8FXWCSRFa QwwZSH2spEfI.xDuCMpu7zt.14h6n6v08OkuGQs1cgoVVnL1Cf2f8LAQSKbq y05bgJkJiaoRumuPgiAK3YeL0adlJzvmLcikOv3cfZc43T59j5ZsE3sj0Id8 gZkKjDeDy_vIMSxZ5M2BWUWuGZfP8nBhv.aVd0Fc99u4VVExEqK4XmZaHGzq vkQLhxjUR.N8rF.HemsVGg3LED3KmaJgXSXKyQCyhLqNcNhayw8Jh0F6_Zg6 GjptyEl.UB4C8dCwWtOnZXbxqrcJ6tvETPCCNJg6Cve_4.QFwwiaE4nQ7eW8 tK5ZlowkgnhikFx3OFobYxq83a56tku.nURTYlrW2152hrp3noVII
Received: from [193.93.197.161] by web31804.mail.mud.yahoo.com via HTTP; Fri, 30 Mar 2012 08:07:40 PDT
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.117.340979
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com> <4F74C42D.2020609@gmail.com> <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com>
Message-ID: <1333120060.48891.YahooMailNeo@web31804.mail.mud.yahoo.com>
Date: Fri, 30 Mar 2012 08:07:40 -0700 (PDT)
From: William Mills <wmills@yahoo-inc.com>
To: Samuel Erdtman <samuel@erdtman.se>, Melinda Shore <melinda.shore@gmail.com>
In-Reply-To: <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="835683298-1629582061-1333120060=:48891"
Cc: "scim@ietf.org" <scim@ietf.org>, Emmanuel dreux <eDreux@bcpsoft.fr>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 15:07:46 -0000

--835683298-1629582061-1333120060=:48891
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

Annoyingly perhaps, naming matters in a branding way and how people think a=
bout things.=A0 We can trivially get this much closer to what it actually d=
oes.=A0 I personally like Push Identity Management Protocol (excepts it's n=
ot a protocol), so we could PIMP my cloud.=0A=0A-bill=0A=0A=0A=0A=0A>______=
__________________________=0A> From: Samuel Erdtman <samuel@erdtman.se>=0A>=
To: Melinda Shore <melinda.shore@gmail.com> =0A>Cc: "scim@ietf.org" <scim@i=
etf.org>; Emmanuel dreux <eDreux@bcpsoft.fr> =0A>Sent: Friday, March 30, 20=
12 12:23 AM=0A>Subject: Re: [scim] Cloud definition=0A> =0A>I=B4m new at IE=
TF so I don=B4t know if I will offend someone with this=0A>post, if so I=B4=
m sorry for that.=0A>=0A>First I like the point that Michael does, just bec=
ause it is aimed for=0A>cloud services does not mean that it cannot be used=
 for other things=0A>too.=0A>=0A>And further, SCIM is just a name in the en=
d.=0A>=0A>Cheers=0A>//Samuel=0A>=0A>On Thu, Mar 29, 2012 at 10:21 PM, Melin=
da Shore <melinda.shore@gmail.com> wrote:=0A>> On 3/29/12 12:15 PM, Emmanue=
l dreux wrote:=0A>>>=0A>>> In SAAS / ASP scenario, it's different. I do not=
 have access directly=0A>>> to the directory that contains the accounts (LD=
AP,SQL,etc). The=0A>>> provider has to expose provisioning APIs that will a=
llow me to=0A>>> programmatically and remotely manage accounts.=0A>>=0A>>=
=0A>> You run into exactly this sort of situation in very large enterprises=
,=0A>> where the people who run the ERP may not have write access to the=0A=
>> corporate directory or be able to provision accounts. =A0But even in=0A>=
> cases where they are there's a lot of interest in moving from a batching=
=0A>> model to a transactional one.=0A>>=0A>>=0A>> Melinda=0A>> ___________=
____________________________________=0A>> scim mailing list=0A>> scim@ietf.=
org=0A>> https://www.ietf.org/mailman/listinfo/scim=0A>____________________=
___________________________=0A>scim mailing list=0A>scim@ietf.org=0A>https:=
//www.ietf.org/mailman/listinfo/scim=0A>=0A>=0A>
--835683298-1629582061-1333120060=:48891
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

<html><body><div style=3D"color:#000; background-color:#fff; font-family:Co=
urier New, courier, monaco, monospace, sans-serif;font-size:14pt"><div><spa=
n>Annoyingly perhaps, naming matters in a branding way and how people think=
 about things.&nbsp; We can trivially get this much closer to what it actua=
lly does.&nbsp; I personally like Push Identity Management Protocol (except=
s it's not a protocol), so we could PIMP my cloud.</span></div><div><br><sp=
an></span></div><div><span>-bill<br></span></div><div><br><blockquote style=
=3D"border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; margin-top: =
5px; padding-left: 5px;">  <div style=3D"font-family: Courier New, courier,=
 monaco, monospace, sans-serif; font-size: 14pt;"> <div style=3D"font-famil=
y: times new roman, new york, times, serif; font-size: 12pt;"> <div dir=3D"=
ltr"> <font face=3D"Arial" size=3D"2"> <hr size=3D"1">  <b><span style=3D"f=
ont-weight:bold;">From:</span></b> Samuel Erdtman &lt;samuel@erdtman.se&gt;=
<br>
 <b><span style=3D"font-weight: bold;">To:</span></b> Melinda Shore &lt;mel=
inda.shore@gmail.com&gt; <br><b><span style=3D"font-weight: bold;">Cc:</spa=
n></b> "scim@ietf.org" &lt;scim@ietf.org&gt;; Emmanuel dreux &lt;eDreux@bcp=
soft.fr&gt; <br> <b><span style=3D"font-weight: bold;">Sent:</span></b> Fri=
day, March 30, 2012 12:23 AM<br> <b><span style=3D"font-weight: bold;">Subj=
ect:</span></b> Re: [scim] Cloud definition<br> </font> </div> <br>=0AI=B4m=
 new at IETF so I don=B4t know if I will offend someone with this<br>post, =
if so I=B4m sorry for that.<br><br>First I like the point that Michael does=
, just because it is aimed for<br>cloud services does not mean that it cann=
ot be used for other things<br>too.<br><br>And further, SCIM is just a name=
 in the end.<br><br>Cheers<br>//Samuel<br><br>On Thu, Mar 29, 2012 at 10:21=
 PM, Melinda Shore &lt;<a ymailto=3D"mailto:melinda.shore@gmail.com" href=
=3D"mailto:melinda.shore@gmail.com">melinda.shore@gmail.com</a>&gt; wrote:<=
br>&gt; On 3/29/12 12:15 PM, Emmanuel dreux wrote:<br>&gt;&gt;<br>&gt;&gt; =
In SAAS / ASP scenario, it's different. I do not have access directly<br>&g=
t;&gt; to the directory that contains the accounts (LDAP,SQL,etc). The<br>&=
gt;&gt; provider has to expose provisioning APIs that will allow me to<br>&=
gt;&gt; programmatically and remotely manage accounts.<br>&gt;<br>&gt;<br>&=
gt; You run into exactly this sort of situation in very large
 enterprises,<br>&gt; where the people who run the ERP may not have write a=
ccess to the<br>&gt; corporate directory or be able to provision accounts. =
&nbsp;But even in<br>&gt; cases where they are there's a lot of interest in=
 moving from a batching<br>&gt; model to a transactional one.<br>&gt;<br>&g=
t;<br>&gt; Melinda<br>&gt; _______________________________________________<=
br>&gt; scim mailing list<br>&gt; <a ymailto=3D"mailto:scim@ietf.org" href=
=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>&gt; <a href=3D"https://www.=
ietf.org/mailman/listinfo/scim" target=3D"_blank">https://www.ietf.org/mail=
man/listinfo/scim</a><br>_______________________________________________<br=
>scim mailing list<br><a ymailto=3D"mailto:scim@ietf.org" href=3D"mailto:sc=
im@ietf.org">scim@ietf.org</a><br><a href=3D"https://www.ietf.org/mailman/l=
istinfo/scim" target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim<=
/a><br><br><br> </div> </div> </blockquote></div>   </div></body></html>
--835683298-1629582061-1333120060=:48891--

From michael.brenner@alcatel-lucent.com  Fri Mar 30 08:36:42 2012
Return-Path: <michael.brenner@alcatel-lucent.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08EF321F8711 for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 08:36:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.598
X-Spam-Level: 
X-Spam-Status: No, score=-7.598 tagged_above=-999 required=5 tests=[AWL=-1.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JniDM7kgr7kO for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 08:36:41 -0700 (PDT)
Received: from ihemail3.lucent.com (ihemail3.lucent.com [135.245.0.37]) by ietfa.amsl.com (Postfix) with ESMTP id 450F621F86EF for <scim@ietf.org>; Fri, 30 Mar 2012 08:36:41 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail3.lucent.com (8.13.8/IER-o) with ESMTP id q2UFaXtr003121 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 30 Mar 2012 10:36:34 -0500 (CDT)
Received: from USNAVSXCHHUB01.ndc.alcatel-lucent.com (usnavsxchhub01.ndc.alcatel-lucent.com [135.3.39.110]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2UFaWio015136 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Fri, 30 Mar 2012 10:36:32 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.125]) by USNAVSXCHHUB01.ndc.alcatel-lucent.com ([135.3.39.110]) with mapi; Fri, 30 Mar 2012 10:36:31 -0500
From: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
To: William Mills <wmills@yahoo-inc.com>, Samuel Erdtman <samuel@erdtman.se>,  Melinda Shore <melinda.shore@gmail.com>
Date: Fri, 30 Mar 2012 10:36:30 -0500
Thread-Topic: [scim] Cloud definition
Thread-Index: Ac0OhuBihqmQ13LdQaSTzR7LyUEnzAAA8yzw
Message-ID: <219947F0B2242843A0A1E62FDB510DC0250F6B9296@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com> <4F74C42D.2020609@gmail.com> <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com> <1333120060.48891.YahooMailNeo@web31804.mail.mud.yahoo.com>
In-Reply-To: <1333120060.48891.YahooMailNeo@web31804.mail.mud.yahoo.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_219947F0B2242843A0A1E62FDB510DC0250F6B9296USNAVSXCHMBSA_"
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.37
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Cc: "scim@ietf.org" <scim@ietf.org>, Emmanuel dreux <eDreux@bcpsoft.fr>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 15:36:42 -0000

--_000_219947F0B2242843A0A1E62FDB510DC0250F6B9296USNAVSXCHMBSA_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Well, you could still PIMP it by replacing Protocol with Provisioning (Push=
 Identity Management Provisioning):)

Michael

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Wil=
liam Mills
Sent: Friday, March 30, 2012 11:08 AM
To: Samuel Erdtman; Melinda Shore
Cc: scim@ietf.org; Emmanuel dreux
Subject: Re: [scim] Cloud definition

Annoyingly perhaps, naming matters in a branding way and how people think a=
bout things.  We can trivially get this much closer to what it actually doe=
s.  I personally like Push Identity Management Protocol (excepts it's not a=
 protocol), so we could PIMP my cloud.

-bill

________________________________
From: Samuel Erdtman <samuel@erdtman.se>
To: Melinda Shore <melinda.shore@gmail.com>
Cc: "scim@ietf.org" <scim@ietf.org>; Emmanuel dreux <eDreux@bcpsoft.fr>
Sent: Friday, March 30, 2012 12:23 AM
Subject: Re: [scim] Cloud definition

I=B4m new at IETF so I don=B4t know if I will offend someone with this
post, if so I=B4m sorry for that.

First I like the point that Michael does, just because it is aimed for
cloud services does not mean that it cannot be used for other things
too.

And further, SCIM is just a name in the end.

Cheers
//Samuel

On Thu, Mar 29, 2012 at 10:21 PM, Melinda Shore <melinda.shore@gmail.com<ma=
ilto:melinda.shore@gmail.com>> wrote:
> On 3/29/12 12:15 PM, Emmanuel dreux wrote:
>>
>> In SAAS / ASP scenario, it's different. I do not have access directly
>> to the directory that contains the accounts (LDAP,SQL,etc). The
>> provider has to expose provisioning APIs that will allow me to
>> programmatically and remotely manage accounts.
>
>
> You run into exactly this sort of situation in very large enterprises,
> where the people who run the ERP may not have write access to the
> corporate directory or be able to provision accounts.  But even in
> cases where they are there's a lot of interest in moving from a batching
> model to a transactional one.
>
>
> Melinda
> _______________________________________________
> scim mailing list
> scim@ietf.org<mailto:scim@ietf.org>
> https://www.ietf.org/mailman/listinfo/scim
_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


--_000_219947F0B2242843A0A1E62FDB510DC0250F6B9296USNAVSXCHMBSA_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; charset=3Diso-8859-=
1">
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:x=3D"urn:schemas-microsoft-com:office:excel" xmlns:m=3D"http://schema=
s.microsoft.com/office/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html=
40"><head><meta name=3DGenerator content=3D"Microsoft Word 12 (filtered med=
ium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue vli=
nk=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span style=3D'f=
ont-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Well, you=
 could still PIMP it by replacing Protocol with Provisioning (Push Identity=
 Management Provisioning)</span><span style=3D'font-size:11.0pt;font-family=
:Wingdings;color:#1F497D'>J</span><span style=3D'font-size:11.0pt;font-fami=
ly:"Calibri","sans-serif";color:#1F497D'><o:p></o:p></span></p><p class=3DM=
soNormal><span style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif"=
;color:#1F497D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span styl=
e=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Mic=
hael<o:p></o:p></span></p><p class=3DMsoNormal><span style=3D'font-size:11.=
0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p>&nbsp;</o:p></sp=
an></p><div><div style=3D'border:none;border-top:solid #B5C4DF 1.0pt;paddin=
g:3.0pt 0in 0in 0in'><p class=3DMsoNormal><b><span style=3D'font-size:10.0p=
t;font-family:"Tahoma","sans-serif"'>From:</span></b><span style=3D'font-si=
ze:10.0pt;font-family:"Tahoma","sans-serif"'> scim-bounces@ietf.org [mailto=
:scim-bounces@ietf.org] <b>On Behalf Of </b>William Mills<br><b>Sent:</b> F=
riday, March 30, 2012 11:08 AM<br><b>To:</b> Samuel Erdtman; Melinda Shore<=
br><b>Cc:</b> scim@ietf.org; Emmanuel dreux<br><b>Subject:</b> Re: [scim] C=
loud definition<o:p></o:p></span></p></div></div><p class=3DMsoNormal><o:p>=
&nbsp;</o:p></p><div><div><p class=3DMsoNormal style=3D'background:white'><=
span style=3D'font-size:14.0pt;font-family:"Courier New";color:black'>Annoy=
ingly perhaps, naming matters in a branding way and how people think about =
things.&nbsp; We can trivially get this much closer to what it actually doe=
s.&nbsp; I personally like Push Identity Management Protocol (excepts it's =
not a protocol), so we could PIMP my cloud.<o:p></o:p></span></p></div><div=
><p class=3DMsoNormal style=3D'background:white'><span style=3D'font-size:1=
4.0pt;font-family:"Courier New";color:black'><o:p>&nbsp;</o:p></span></p></=
div><div><p class=3DMsoNormal style=3D'background:white'><span style=3D'fon=
t-size:14.0pt;font-family:"Courier New";color:black'>-bill<o:p></o:p></span=
></p></div><div><blockquote style=3D'border:none;border-left:solid #1010FF =
1.5pt;padding:0in 0in 0in 4.0pt;margin-left:3.75pt;margin-top:3.75pt;margin=
-bottom:5.0pt'><p class=3DMsoNormal style=3D'background:white'><span style=
=3D'font-size:14.0pt;font-family:"Courier New";color:black'><o:p>&nbsp;</o:=
p></span></p><div><div><div><div class=3DMsoNormal align=3Dcenter style=3D'=
text-align:center;background:white'><span style=3D'font-size:10.0pt;font-fa=
mily:"Arial","sans-serif";color:black'><hr size=3D1 width=3D"100%" align=3D=
center></span></div><p class=3DMsoNormal style=3D'background:white'><b><spa=
n style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";color:black'>F=
rom:</span></b><span style=3D'font-size:10.0pt;font-family:"Arial","sans-se=
rif";color:black'> Samuel Erdtman &lt;samuel@erdtman.se&gt;<br><b>To:</b> M=
elinda Shore &lt;melinda.shore@gmail.com&gt; <br><b>Cc:</b> &quot;scim@ietf=
.org&quot; &lt;scim@ietf.org&gt;; Emmanuel dreux &lt;eDreux@bcpsoft.fr&gt; =
<br><b>Sent:</b> Friday, March 30, 2012 12:23 AM<br><b>Subject:</b> Re: [sc=
im] Cloud definition</span><span style=3D'color:black'><o:p></o:p></span></=
p></div><p class=3DMsoNormal style=3D'margin-bottom:12.0pt;background:white=
'><span style=3D'color:black'><br>I=B4m new at IETF so I don=B4t know if I =
will offend someone with this<br>post, if so I=B4m sorry for that.<br><br>F=
irst I like the point that Michael does, just because it is aimed for<br>cl=
oud services does not mean that it cannot be used for other things<br>too.<=
br><br>And further, SCIM is just a name in the end.<br><br>Cheers<br>//Samu=
el<br><br>On Thu, Mar 29, 2012 at 10:21 PM, Melinda Shore &lt;<a href=3D"ma=
ilto:melinda.shore@gmail.com">melinda.shore@gmail.com</a>&gt; wrote:<br>&gt=
; On 3/29/12 12:15 PM, Emmanuel dreux wrote:<br>&gt;&gt;<br>&gt;&gt; In SAA=
S / ASP scenario, it's different. I do not have access directly<br>&gt;&gt;=
 to the directory that contains the accounts (LDAP,SQL,etc). The<br>&gt;&gt=
; provider has to expose provisioning APIs that will allow me to<br>&gt;&gt=
; programmatically and remotely manage accounts.<br>&gt;<br>&gt;<br>&gt; Yo=
u run into exactly this sort of situation in very large enterprises,<br>&gt=
; where the people who run the ERP may not have write access to the<br>&gt;=
 corporate directory or be able to provision accounts. &nbsp;But even in<br=
>&gt; cases where they are there's a lot of interest in moving from a batch=
ing<br>&gt; model to a transactional one.<br>&gt;<br>&gt;<br>&gt; Melinda<b=
r>&gt; _______________________________________________<br>&gt; scim mailing=
 list<br>&gt; <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>&gt; <a=
 href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">http=
s://www.ietf.org/mailman/listinfo/scim</a><br>_____________________________=
__________________<br>scim mailing list<br><a href=3D"mailto:scim@ietf.org"=
>scim@ietf.org</a><br><a href=3D"https://www.ietf.org/mailman/listinfo/scim=
" target=3D"_blank">https://www.ietf.org/mailman/listinfo/scim</a><br><br><=
o:p></o:p></span></p></div></div></blockquote></div></div></div></body></ht=
ml>=

--_000_219947F0B2242843A0A1E62FDB510DC0250F6B9296USNAVSXCHMBSA_--

From wmills@yahoo-inc.com  Fri Mar 30 08:48:09 2012
Return-Path: <wmills@yahoo-inc.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4151521F84A7 for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 08:48:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.623
X-Spam-Level: 
X-Spam-Status: No, score=-16.623 tagged_above=-999 required=5 tests=[AWL=0.975, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 67MEht4m+h6O for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 08:48:08 -0700 (PDT)
Received: from nm8-vm0.bullet.mail.bf1.yahoo.com (nm8-vm0.bullet.mail.bf1.yahoo.com [98.139.213.95]) by ietfa.amsl.com (Postfix) with SMTP id 7E2A121F8643 for <scim@ietf.org>; Fri, 30 Mar 2012 08:48:07 -0700 (PDT)
Received: from [98.139.214.32] by nm8.bullet.mail.bf1.yahoo.com with NNFMP; 30 Mar 2012 15:48:06 -0000
Received: from [98.139.212.199] by tm15.bullet.mail.bf1.yahoo.com with NNFMP; 30 Mar 2012 15:48:06 -0000
Received: from [127.0.0.1] by omp1008.mail.bf1.yahoo.com with NNFMP; 30 Mar 2012 15:48:06 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 951692.36065.bm@omp1008.mail.bf1.yahoo.com
Received: (qmail 21103 invoked by uid 60001); 30 Mar 2012 15:48:06 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1333122486; bh=NqNhiIS3oyki2BJkML8o0AVJxQKpD8f3VEr2AgpYb2Y=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=We9om2sypmBFWVMDWRLdvGUKk7P1XO2oTI2bQZAunKpxGZjOFwyeCbDHKTokBguwmnu0HyL3GMZY11e4vlTD0GbWfCEcRSzrqwTqAkx6CDW8CFKBfVWS1jthCf6xUU/PV1ArCawYx+YQKZZgBpmMFXdMe4v8amTFV1NCs0E0XjM=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=BXujwSdyOJ15u/lTSYya4Nd4nk9VlaQemfvFWwPUKms3C8Z4SO2Q3gWS7G7hOBJ67veRodvZ50hY6V0y1JP9jib8TR1i8gxLzrHBEBYDSZje28+kQFxsqzxUcjSt7kso2XJ43FAtAsV7spEtJsGWA5e6G3sGxohGiFywboi6+4I=;
X-YMail-OSG: X79pT6oVM1mR1ziOLtD7ggHp_IJz1u9P2oDhonl_CGWkVkx EFam0MwhgMFlPGJ1f2bLKsxE.szWDJYhk4rgJxbKMovBaahZUFsMRSJ5pYU3 Q_UbKJdYfdP_PMv.g4etKI.meqx5ginLNFnmEON7X9REXWEUEWPHKWDT_Urj qf8qGN1s0uq2JgjZH6kMOND.YdR42cuoedlWdDTmXlQKiJwu0dFmFhVAkJOA g4wMHhHA4stOXPahUwP9yfKUgeyQxxP.G4P183EMNXxYgJa3XnzHp_lCgrYx lB9_FLz1ePVwrhoIYK1BqT_NvCegk8p81Wgz7JjUyh1_Ts6XrOSMSuXkcxBH KCYjCMT1dz8hsc2nQa0UPM6ryvSwclmxZVWnePazFlR4MvR.lr3PpiHrdD91 JnRA.D8n1yh20_UOl.vnRGhofPgiTD4hYYsKkco5rrracAzQCp0FFHA--
Received: from [193.93.197.161] by web31811.mail.mud.yahoo.com via HTTP; Fri, 30 Mar 2012 08:48:06 PDT
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.117.340979
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com> <4F74C42D.2020609@gmail.com> <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com> <1333120060.48891.YahooMailNeo@web31804.mail.mud.yahoo.com> <219947F0B2242843A0A1E62FDB510DC0250F6B9296@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Message-ID: <1333122486.4926.YahooMailNeo@web31811.mail.mud.yahoo.com>
Date: Fri, 30 Mar 2012 08:48:06 -0700 (PDT)
From: William Mills <wmills@yahoo-inc.com>
To: "Brenner, Michael Ralf \(Michael\)" <michael.brenner@alcatel-lucent.com>,  Samuel Erdtman <samuel@erdtman.se>, Melinda Shore <melinda.shore@gmail.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F6B9296@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="764183289-1377059503-1333122486=:4926"
Cc: "scim@ietf.org" <scim@ietf.org>, Emmanuel dreux <eDreux@bcpsoft.fr>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 15:48:09 -0000

--764183289-1377059503-1333122486=:4926
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

Now THAT is chock full of awesome, with awesome sauce...=0A=0A=0A=0A=0A>___=
_____________________________=0A> From: "Brenner, Michael Ralf (Michael)" <=
michael.brenner@alcatel-lucent.com>=0A>To: William Mills <wmills@yahoo-inc.=
com>; Samuel Erdtman <samuel@erdtman.se>; Melinda Shore <melinda.shore@gmai=
l.com> =0A>Cc: "scim@ietf.org" <scim@ietf.org>; Emmanuel dreux <eDreux@bcps=
oft.fr> =0A>Sent: Friday, March 30, 2012 8:36 AM=0A>Subject: RE: [scim] Clo=
ud definition=0A> =0A>=0A>Well, you could still PIMP it by replacing Protoc=
ol with Provisioning (Push Identity Management Provisioning)J=0A>=A0=0A>Mic=
hael=0A>=A0=0A>From:scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On=
 Behalf Of William Mills=0A>Sent: Friday, March 30, 2012 11:08 AM=0A>To: Sa=
muel Erdtman; Melinda Shore=0A>Cc: scim@ietf.org; Emmanuel dreux=0A>Subject=
: Re: [scim] Cloud definition=0A>=A0=0A>Annoyingly perhaps, naming matters =
in a branding way and how people think about things.=A0 We can trivially ge=
t this much closer to what it actually does.=A0 I personally like Push Iden=
tity Management Protocol (excepts it's not a protocol), so we could PIMP my=
 cloud.=0A>=A0=0A>-bill=0A>=A0=0A>>=0A>>________________________________=0A=
>>=0A>>From:Samuel Erdtman <samuel@erdtman.se>=0A>>To: Melinda Shore <melin=
da.shore@gmail.com> =0A>>Cc: "scim@ietf.org" <scim@ietf.org>; Emmanuel dreu=
x <eDreux@bcpsoft.fr> =0A>>Sent: Friday, March 30, 2012 12:23 AM=0A>>Subjec=
t: Re: [scim] Cloud definition=0A>>=0A>>I=B4m new at IETF so I don=B4t know=
 if I will offend someone with this=0A>>post, if so I=B4m sorry for that.=
=0A>>=0A>>First I like the point that Michael does, just because it is aime=
d for=0A>>cloud services does not mean that it cannot be used for other thi=
ngs=0A>>too.=0A>>=0A>>And further, SCIM is just a name in the end.=0A>>=0A>=
>Cheers=0A>>//Samuel=0A>>=0A>>On Thu, Mar 29, 2012 at 10:21 PM, Melinda Sho=
re <melinda.shore@gmail.com> wrote:=0A>>> On 3/29/12 12:15 PM, Emmanuel dre=
ux wrote:=0A>>>>=0A>>>> In SAAS / ASP scenario, it's different. I do not ha=
ve access directly=0A>>>> to the directory that contains the accounts (LDAP=
,SQL,etc). The=0A>>>> provider has to expose provisioning APIs that will al=
low me to=0A>>>> programmatically and remotely manage accounts.=0A>>>=0A>>>=
=0A>>> You run into exactly this sort of situation in very large enterprise=
s,=0A>>> where the people who run the ERP may not have write access to the=
=0A>>> corporate directory or be able to provision accounts. =A0But even in=
=0A>>> cases where they are there's a lot of interest in moving from a batc=
hing=0A>>> model to a transactional one.=0A>>>=0A>>>=0A>>> Melinda=0A>>> __=
_____________________________________________=0A>>> scim mailing list=0A>>>=
 scim@ietf.org=0A>>> https://www.ietf.org/mailman/listinfo/scim=0A>>_______=
________________________________________=0A>>scim mailing list=0A>>scim@iet=
f.org=0A>>https://www.ietf.org/mailman/listinfo/scim=0A>>=0A>>=0A>=0A>
--764183289-1377059503-1333122486=:4926
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

<html><body><div style=3D"color:#000; background-color:#fff; font-family:Co=
urier New, courier, monaco, monospace, sans-serif;font-size:14pt"><div><spa=
n>Now THAT is chock full of awesome, with awesome sauce...<br></span></div>=
<div><br><blockquote style=3D"border-left: 2px solid rgb(16, 16, 255); marg=
in-left: 5px; margin-top: 5px; padding-left: 5px;">  <div style=3D"font-fam=
ily: Courier New, courier, monaco, monospace, sans-serif; font-size: 14pt;"=
> <div style=3D"font-family: times new roman, new york, times, serif; font-=
size: 12pt;"> <div dir=3D"ltr"> <font face=3D"Arial" size=3D"2"> <hr size=
=3D"1">  <b><span style=3D"font-weight:bold;">From:</span></b> "Brenner, Mi=
chael Ralf (Michael)" &lt;michael.brenner@alcatel-lucent.com&gt;<br> <b><sp=
an style=3D"font-weight: bold;">To:</span></b> William Mills &lt;wmills@yah=
oo-inc.com&gt;; Samuel Erdtman &lt;samuel@erdtman.se&gt;; Melinda Shore &lt=
;melinda.shore@gmail.com&gt; <br><b><span style=3D"font-weight: bold;">Cc:<=
/span></b>
 "scim@ietf.org" &lt;scim@ietf.org&gt;; Emmanuel dreux &lt;eDreux@bcpsoft.f=
r&gt; <br> <b><span style=3D"font-weight: bold;">Sent:</span></b> Friday, M=
arch 30, 2012 8:36 AM<br> <b><span style=3D"font-weight: bold;">Subject:</s=
pan></b> RE: [scim] Cloud definition<br> </font> </div> <br>=0A<div id=3D"y=
iv372002833">=0A<style><!--=0A#yiv372002833  =0A _filtered #yiv372002833 {f=
ont-family:Wingdings;panose-1:5 0 0 0 0 0 0 0 0 0;}=0A _filtered #yiv372002=
833 {font-family:"Cambria Math";panose-1:2 4 5 3 5 4 6 3 2 4;}=0A _filtered=
 #yiv372002833 {font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;}=0A _fil=
tered #yiv372002833 {font-family:Tahoma;panose-1:2 11 6 4 3 5 4 4 2 4;}=0A#=
yiv372002833  =0A#yiv372002833 p.yiv372002833MsoNormal, #yiv372002833 li.yi=
v372002833MsoNormal, #yiv372002833 div.yiv372002833MsoNormal=0A=09{margin:0=
in;margin-bottom:.0001pt;font-size:12.0pt;font-family:"serif";}=0A#yiv37200=
2833 a:link, #yiv372002833 span.yiv372002833MsoHyperlink=0A=09{color:blue;t=
ext-decoration:underline;}=0A#yiv372002833 a:visited, #yiv372002833 span.yi=
v372002833MsoHyperlinkFollowed=0A=09{color:purple;text-decoration:underline=
;}=0A#yiv372002833 span.yiv372002833EmailStyle17=0A=09{font-family:"sans-se=
rif";color:#1F497D;}=0A#yiv372002833 .yiv372002833MsoChpDefault=0A=09{font-=
size:10.0pt;}=0A _filtered #yiv372002833 {margin:1.0in 1.0in 1.0in 1.0in;}=
=0A#yiv372002833 div.yiv372002833WordSection1=0A=09{}=0A--></style><div><di=
v class=3D"yiv372002833WordSection1"><div class=3D"yiv372002833MsoNormal"><=
span style=3D"font-size:11.0pt;font-family:&quot;sans-serif&quot;;color:#1F=
497D;">Well, you could still PIMP it by replacing Protocol with Provisionin=
g (Push Identity Management Provisioning)</span><span style=3D"font-size:11=
.0pt;font-family:Wingdings;color:#1F497D;">J</span><span style=3D"font-size=
:11.0pt;font-family:&quot;sans-serif&quot;;color:#1F497D;"></span></div><di=
v class=3D"yiv372002833MsoNormal"><span style=3D"font-size:11.0pt;font-fami=
ly:&quot;sans-serif&quot;;color:#1F497D;"> &nbsp;</span></div><div class=3D=
"yiv372002833MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;s=
ans-serif&quot;;color:#1F497D;">Michael</span></div><div class=3D"yiv372002=
833MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;sans-serif&=
quot;;color:#1F497D;"> &nbsp;</span></div><div><div style=3D"border:none;bo=
rder-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in;"><div
 class=3D"yiv372002833MsoNormal"><b><span style=3D"font-size:10.0pt;font-fa=
mily:&quot;sans-serif&quot;;">From:</span></b><span style=3D"font-size:10.0=
pt;font-family:&quot;sans-serif&quot;;"> scim-bounces@ietf.org [mailto:scim=
-bounces@ietf.org] <b>On Behalf Of </b>William Mills<br><b>Sent:</b> Friday=
, March 30, 2012 11:08 AM<br><b>To:</b> Samuel Erdtman; Melinda Shore<br><b=
>Cc:</b> scim@ietf.org; Emmanuel dreux<br><b>Subject:</b> Re: [scim] Cloud =
definition</span></div></div></div><div class=3D"yiv372002833MsoNormal"> &n=
bsp;</div><div><div><div class=3D"yiv372002833MsoNormal" style=3D"backgroun=
d:white;"><span style=3D"font-size:14.0pt;font-family:&quot;Courier New&quo=
t;;color:black;">Annoyingly perhaps, naming matters in a branding way and h=
ow people think about things.&nbsp; We can trivially get this much closer t=
o what it actually does.&nbsp; I personally like Push Identity Management P=
rotocol (excepts it's not a protocol), so we could PIMP my
 cloud.</span></div></div><div><div class=3D"yiv372002833MsoNormal" style=
=3D"background:white;"><span style=3D"font-size:14.0pt;font-family:&quot;Co=
urier New&quot;;color:black;"> &nbsp;</span></div></div><div><div class=3D"=
yiv372002833MsoNormal" style=3D"background:white;"><span style=3D"font-size=
:14.0pt;font-family:&quot;Courier New&quot;;color:black;">-bill</span></div=
></div><div><blockquote style=3D"border:none;border-left:solid #1010FF 1.5p=
t;padding:0in 0in 0in 4.0pt;margin-left:3.75pt;margin-top:3.75pt;margin-bot=
tom:5.0pt;"><div class=3D"yiv372002833MsoNormal" style=3D"background:white;=
"><span style=3D"font-size:14.0pt;font-family:&quot;Courier New&quot;;color=
:black;"> &nbsp;</span></div><div><div><div><div class=3D"yiv372002833MsoNo=
rmal" style=3D"text-align:center;background:white;" align=3D"center"><span =
style=3D"font-size:10.0pt;font-family:&quot;sans-serif&quot;;color:black;">=
<hr align=3D"center" size=3D"1" width=3D"100%"></span></div><div class=3D"y=
iv372002833MsoNormal"
 style=3D"background:white;"><b><span style=3D"font-size:10.0pt;font-family=
:&quot;sans-serif&quot;;color:black;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;sans-serif&quot;;color:black;"> Samuel Erdtman=
 &lt;samuel@erdtman.se&gt;<br><b>To:</b> Melinda Shore &lt;melinda.shore@gm=
ail.com&gt; <br><b>Cc:</b> "scim@ietf.org" &lt;scim@ietf.org&gt;; Emmanuel =
dreux &lt;eDreux@bcpsoft.fr&gt; <br><b>Sent:</b> Friday, March 30, 2012 12:=
23 AM<br><b>Subject:</b> Re: [scim] Cloud definition</span><span style=3D"c=
olor:black;"></span></div></div><div class=3D"yiv372002833MsoNormal" style=
=3D"margin-bottom:12.0pt;background:white;"><span style=3D"color:black;"><b=
r>I=B4m new at IETF so I don=B4t know if I will offend someone with this<br=
>post, if so I=B4m sorry for that.<br><br>First I like the point that Micha=
el does, just because it is aimed for<br>cloud services does not mean that =
it cannot be used for other things<br>too.<br><br>And further, SCIM is just=
 a name in
 the end.<br><br>Cheers<br>//Samuel<br><br>On Thu, Mar 29, 2012 at 10:21 PM=
, Melinda Shore &lt;<a rel=3D"nofollow" ymailto=3D"mailto:melinda.shore@gma=
il.com" target=3D"_blank" href=3D"mailto:melinda.shore@gmail.com">melinda.s=
hore@gmail.com</a>&gt; wrote:<br>&gt; On 3/29/12 12:15 PM, Emmanuel dreux w=
rote:<br>&gt;&gt;<br>&gt;&gt; In SAAS / ASP scenario, it's different. I do =
not have access directly<br>&gt;&gt; to the directory that contains the acc=
ounts (LDAP,SQL,etc). The<br>&gt;&gt; provider has to expose provisioning A=
PIs that will allow me to<br>&gt;&gt; programmatically and remotely manage =
accounts.<br>&gt;<br>&gt;<br>&gt; You run into exactly this sort of situati=
on in very large enterprises,<br>&gt; where the people who run the ERP may =
not have write access to the<br>&gt; corporate directory or be able to prov=
ision accounts. &nbsp;But even in<br>&gt; cases where they are there's a lo=
t of interest in moving from a batching<br>&gt; model to a transactional
 one.<br>&gt;<br>&gt;<br>&gt; Melinda<br>&gt; _____________________________=
__________________<br>&gt; scim mailing list<br>&gt; <a rel=3D"nofollow" ym=
ailto=3D"mailto:scim@ietf.org" target=3D"_blank" href=3D"mailto:scim@ietf.o=
rg">scim@ietf.org</a><br>&gt; <a rel=3D"nofollow" target=3D"_blank" href=3D=
"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/l=
istinfo/scim</a><br>_______________________________________________<br>scim=
 mailing list<br><a rel=3D"nofollow" ymailto=3D"mailto:scim@ietf.org" targe=
t=3D"_blank" href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><a rel=3D"n=
ofollow" target=3D"_blank" href=3D"https://www.ietf.org/mailman/listinfo/sc=
im">https://www.ietf.org/mailman/listinfo/scim</a><br><br></span></div></di=
v></div></blockquote></div></div></div></div></div><br><br> </div> </div> <=
/blockquote></div>   </div></body></html>
--764183289-1377059503-1333122486=:4926--

From mmanig@gmail.com  Fri Mar 30 20:04:14 2012
Return-Path: <mmanig@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2961A21F8568 for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 20:04:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.765
X-Spam-Level: 
X-Spam-Status: No, score=-2.765 tagged_above=-999 required=5 tests=[AWL=0.833,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YaHBAT3p0WLs for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 20:04:12 -0700 (PDT)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9E95621F8555 for <scim@ietf.org>; Fri, 30 Mar 2012 20:04:12 -0700 (PDT)
Received: by obbta17 with SMTP id ta17so2054497obb.31 for <scim@ietf.org>; Fri, 30 Mar 2012 20:04:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=lXvEUTQhvOg70vutWtyoLcffcKGbIb7wRFTz9ravj+k=; b=aerNf2iFGa+DpGOgdkauTuYf2YVBjB8ePJsT3I9vTfsdeZQK3qxZ6cSQthRXUuONEC W/p3t0+WN3alUlTlrqfNW2Sbb9f/+qiXrnat9z5+1gViOA/qVSRvhx8Lq/pbUGMK1onb mGwgH+OpLPyumHTUXeqUFu4Nd+dCMJaevgLCHRypyfjPd5M+1HArQ0OsCmwKLtbwsvKX s+pZWjgmEJl6HvJmj6DHgCy0pZdgikj6nsRPsaTvwCFZW/yfULk6gJ2Kh4GC/QIW9fCl IUH1YPTCRza/AV6OsaQrlnj8/pmqmAkMLq81QGFen9UkRTxalCA5rzw+VertC8D38N+y 65YA==
MIME-Version: 1.0
Received: by 10.182.134.97 with SMTP id pj1mr1018646obb.2.1333163051764; Fri, 30 Mar 2012 20:04:11 -0700 (PDT)
Received: by 10.182.73.138 with HTTP; Fri, 30 Mar 2012 20:04:11 -0700 (PDT)
Received: by 10.182.73.138 with HTTP; Fri, 30 Mar 2012 20:04:11 -0700 (PDT)
In-Reply-To: <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com>
Date: Fri, 30 Mar 2012 20:04:11 -0700
Message-ID: <CAN8ZsXD=4_CLLOf4xh3yNbMFqDKSmV4MGzsfC-nqdGfU+67N0g@mail.gmail.com>
From: Mahalingam Mani <mmanig@gmail.com>
To: Emmanuel dreux <eDreux@bcpsoft.fr>
Content-Type: multipart/alternative; boundary=e89a8f83a64520cb0c04bc813688
Cc: "Brenner, Michael Ralf \(Michael\)" <michael.brenner@alcatel-lucent.com>, "scim@ietf.org" <scim@ietf.org>, Melinda Shore <melinda.shore@gmail.com>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Mar 2012 03:04:14 -0000

--e89a8f83a64520cb0c04bc813688
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Very succinct problem statement. I wish this type of use-case was added to
the problem statement presentation made to the BoF. That would have likely
lessened the raining down on the cloud term while highlighting the
cloud-specific reason. That is not to say the resulting proposed solution
approach (of secondary importance to PS in BoF) cannot apply to narrower
deployments (large enterprise, pseudo multi-tenant, multitenanted contact
centers, etc); if anything those should derive as specific cases.

-mani
Sent from Droid
On Mar 29, 2012 1:15 PM, "Emmanuel dreux" <eDreux@bcpsoft.fr> wrote:

> Hi,
>
> As an IAM consultant for a long time, I can say that in on premise
> scenario, I do not need a universal provisioning protocol.
> I'm using metadirectory products that read/write directly to LDAP, SQL
> databases, flat files, etc.
>
> In SAAS / ASP scenario, it's different.
> I do not have access directly to the directory that contains the accounts
> (LDAP,SQL,etc).
> The provider has to expose provisioning APIs that will allow me to
> programmatically and remotely manage accounts.
>
> Today every SAAS provider creates his proprietary API exposed  for exampl=
e
> through webservices or REST apis.
> As an editor of a provisioning solution for Cloud based applications, eac=
h
> time we integrate a new SAAS provider, we have to learn his programming
> model and provisioning APIs.
>
> This is where SCIM becomes useful and relevant by allowing to standardize
> the management of the accounts.
> Tipically a SAAS issue because we do not have access natively to the
> repository (LDAP, SQL database, etc...).
>
> --
> Regards,
> Emmanuel Dreux
> http://www.bcpsoft.fr
> Tel: +33 1 46 15 07 22
> Mobile: +33 6 47 81 26 70
> skype: Emmanuel.Dreux
>
> -----Message d'origine-----
> De : Brenner, Michael Ralf (Michael) [mailto:
> michael.brenner@alcatel-lucent.com]
> Envoy=E9 : jeudi 29 mars 2012 20:58
> =C0 : Melinda Shore
> Cc : scim@ietf.org
> Objet : Re: [scim] Cloud definition
>
> Thanks Melinda.
>
> Disclaimer: I have NOT been involved for a long time with IETF, other tha=
n
> in a IETF specs consumer role. But I have been involved for a long time a=
s
> an active contributor to other standards bodies. Therefore, I hope to be
> excused if my thought process is quite different than the one used by
> long-time IETF active contributors.
>
> Surely, any technology MAY apply to some domains that were not identified
> by the technology. However, it must be more important to deterministicall=
y
> make sure that the technology DOES apply to at least 1 particular domain?
>
> Of course, "cloud" vendors or service providers are not the only ones
> faced with Identity Management provisioning and/or retrieving issues. But
> that was the entire point of me questioning the premise that the SCIM wor=
k
> is NOT cloud-specific. I agree that a technology may not necessarily be
> domain-specific, and may not even have to identify a single specific doma=
in
> but I also think that this is only true once the technology is at a very
> low level of granularity (e.g. how best to package large amounts of data =
in
> a given size packet, or how to transmit the packet from one endpoint to
> another). That is not the case with IdM, IMO. Unless specific scenarios
> (cloud-related or otherwise) are used to focus the work, the technology
> developed will miss the target (which will be made easier by the fact tha=
t
> there is NO target). It will become a beautiful academic piece of work.
>
> Note that I am not arguing for a specific definition of "cloud", but I am
> arguing for specific scenarios. If those scenarios happen to apply to oth=
er
> domains, great.
>
> Michael
>
> -----Original Message-----
> From: Melinda Shore [mailto:melinda.shore@gmail.com]
> Sent: Thursday, March 29, 2012 2:27 PM
> To: Brenner, Michael Ralf (Michael)
> Cc: scim@ietf.org
> Subject: Re: [scim] Cloud definition
>
> On 3/29/12 10:02 AM, Brenner, Michael Ralf (Michael) wrote:
> > ... if this is NOT cloud-specific ... then I am confused.
>  > What else could the context be, when there are specific  >
> cloud-related scenarios and non-other scenarios in scope?
>
> I believe this might be the first time I've seen it suggested that a
> particular technology has no applicability to stuff not in a document, an=
d
> I've been involved with the IETF a very long time.  I suppose there might
> be something new under the sun, after all.
>
> At any rate, "cloud" vendors are by no means the only ones dealing with
> identity provisioning problems.  At a prior gig they're generating bulk
> updates out of their ERP and loading them into an Oracle database, and fr=
om
> that they're generating updates to a SQL database and LDIF for the LDAP
> directory.
> (Software longa, hardware brevis).  Because each is run as a batch job
> overnight it's 48 hours between the time a new person is brought in and
> when their account is actually provisioned.
> They've been trying to move to a SPML-based transactional provisioning
> model but vendor support is poor.  I don't think this situation is *that*
> unusual in large enterprisese.
>
> Melinda
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

--e89a8f83a64520cb0c04bc813688
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<p>Very succinct problem statement. I wish this type of use-case was added =
to the problem statement presentation made to the BoF. That would have like=
ly lessened the raining down on the cloud term while highlighting the cloud=
-specific reason. That is not to say the resulting proposed solution approa=
ch (of secondary importance to PS in BoF) cannot apply to narrower deployme=
nts (large enterprise, pseudo multi-tenant, multitenanted contact centers, =
etc); if anything those should derive as specific cases.</p>

<p>-mani<br>
Sent from Droid</p>
<div class=3D"gmail_quote">On Mar 29, 2012 1:15 PM, &quot;Emmanuel dreux&qu=
ot; &lt;<a href=3D"mailto:eDreux@bcpsoft.fr">eDreux@bcpsoft.fr</a>&gt; wrot=
e:<br type=3D"attribution"><blockquote class=3D"gmail_quote" style=3D"margi=
n:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi,<br>
<br>
As an IAM consultant for a long time, I can say that in on premise scenario=
, I do not need a universal provisioning protocol.<br>
I&#39;m using metadirectory products that read/write directly to LDAP, SQL =
databases, flat files, etc.<br>
<br>
In SAAS / ASP scenario, it&#39;s different.<br>
I do not have access directly to the directory that contains the accounts (=
LDAP,SQL,etc).<br>
The provider has to expose provisioning APIs that will allow me to programm=
atically and remotely manage accounts.<br>
<br>
Today every SAAS provider creates his proprietary API exposed =A0for exampl=
e through webservices or REST apis.<br>
As an editor of a provisioning solution for Cloud based applications, each =
time we integrate a new SAAS provider, we have to learn his programming mod=
el and provisioning APIs.<br>
<br>
This is where SCIM becomes useful and relevant by allowing to standardize t=
he management of the accounts.<br>
Tipically a SAAS issue because we do not have access natively to the reposi=
tory (LDAP, SQL database, etc...).<br>
<br>
--<br>
Regards,<br>
Emmanuel Dreux<br>
<a href=3D"http://www.bcpsoft.fr" target=3D"_blank">http://www.bcpsoft.fr</=
a><br>
Tel: <a href=3D"tel:%2B33%201%2046%2015%2007%2022" value=3D"+33146150722">+=
33 1 46 15 07 22</a><br>
Mobile: <a href=3D"tel:%2B33%206%2047%2081%2026%2070" value=3D"+33647812670=
">+33 6 47 81 26 70</a><br>
skype: Emmanuel.Dreux<br>
<br>
-----Message d&#39;origine-----<br>
De=A0: Brenner, Michael Ralf (Michael) [mailto:<a href=3D"mailto:michael.br=
enner@alcatel-lucent.com">michael.brenner@alcatel-lucent.com</a>]<br>
Envoy=E9=A0: jeudi 29 mars 2012 20:58<br>
=C0=A0: Melinda Shore<br>
Cc=A0: <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
Objet=A0: Re: [scim] Cloud definition<br>
<br>
Thanks Melinda.<br>
<br>
Disclaimer: I have NOT been involved for a long time with IETF, other than =
in a IETF specs consumer role. But I have been involved for a long time as =
an active contributor to other standards bodies. Therefore, I hope to be ex=
cused if my thought process is quite different than the one used by long-ti=
me IETF active contributors.<br>

<br>
Surely, any technology MAY apply to some domains that were not identified b=
y the technology. However, it must be more important to deterministically m=
ake sure that the technology DOES apply to at least 1 particular domain?<br=
>

<br>
Of course, &quot;cloud&quot; vendors or service providers are not the only =
ones faced with Identity Management provisioning and/or retrieving issues. =
But that was the entire point of me questioning the premise that the SCIM w=
ork is NOT cloud-specific. I agree that a technology may not necessarily be=
 domain-specific, and may not even have to identify a single specific domai=
n but I also think that this is only true once the technology is at a very =
low level of granularity (e.g. how best to package large amounts of data in=
 a given size packet, or how to transmit the packet from one endpoint to an=
other). That is not the case with IdM, IMO. Unless specific scenarios (clou=
d-related or otherwise) are used to focus the work, the technology develope=
d will miss the target (which will be made easier by the fact that there is=
 NO target). It will become a beautiful academic piece of work.<br>

<br>
Note that I am not arguing for a specific definition of &quot;cloud&quot;, =
but I am arguing for specific scenarios. If those scenarios happen to apply=
 to other domains, great.<br>
<br>
Michael<br>
<br>
-----Original Message-----<br>
From: Melinda Shore [mailto:<a href=3D"mailto:melinda.shore@gmail.com">meli=
nda.shore@gmail.com</a>]<br>
Sent: Thursday, March 29, 2012 2:27 PM<br>
To: Brenner, Michael Ralf (Michael)<br>
Cc: <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
Subject: Re: [scim] Cloud definition<br>
<br>
On 3/29/12 10:02 AM, Brenner, Michael Ralf (Michael) wrote:<br>
&gt; ... if this is NOT cloud-specific ... then I am confused.<br>
=A0&gt; What else could the context be, when there are specific =A0&gt; clo=
ud-related scenarios and non-other scenarios in scope?<br>
<br>
I believe this might be the first time I&#39;ve seen it suggested that a pa=
rticular technology has no applicability to stuff not in a document, and I&=
#39;ve been involved with the IETF a very long time. =A0I suppose there mig=
ht be something new under the sun, after all.<br>

<br>
At any rate, &quot;cloud&quot; vendors are by no means the only ones dealin=
g with identity provisioning problems. =A0At a prior gig they&#39;re genera=
ting bulk updates out of their ERP and loading them into an Oracle database=
, and from that they&#39;re generating updates to a SQL database and LDIF f=
or the LDAP directory.<br>

(Software longa, hardware brevis). =A0Because each is run as a batch job ov=
ernight it&#39;s 48 hours between the time a new person is brought in and w=
hen their account is actually provisioned.<br>
They&#39;ve been trying to move to a SPML-based transactional provisioning =
model but vendor support is poor. =A0I don&#39;t think this situation is *t=
hat* unusual in large enterprisese.<br>
<br>
Melinda<br>
<br>
<br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><br>
</blockquote></div>

--e89a8f83a64520cb0c04bc813688--

From prvs=1437EF2AFE=per.hagero@nexussafe.com  Fri Mar 30 23:50:35 2012
Return-Path: <prvs=1437EF2AFE=per.hagero@nexussafe.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECCC621F85E0 for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 23:50:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.414
X-Spam-Level: 
X-Spam-Status: No, score=-0.414 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, EXTRA_MPART_TYPE=1, HTML_FONT_FACE_BAD=0.884, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9dpenHNDlKdl for <scim@ietfa.amsl.com>; Fri, 30 Mar 2012 23:50:34 -0700 (PDT)
Received: from MailEdge.nexussafe.com (mailedge.nexussafe.com [83.241.133.98]) by ietfa.amsl.com (Postfix) with ESMTP id 12F0721F85D7 for <scim@ietf.org>; Fri, 30 Mar 2012 23:50:32 -0700 (PDT)
Received: from MARVMAILCAS.technxs.com (10.75.28.35) by MailEdge.nexussafe.com (83.241.133.98) with Microsoft SMTP Server (TLS) id 14.1.355.2; Sat, 31 Mar 2012 08:50:26 +0200
Received: from MARVMAILDB.technxs.com ([fe80::93a:970c:f043:1455]) by MarvMailCAS.technxs.com ([::1]) with mapi id 14.01.0355.002; Sat, 31 Mar 2012 08:50:30 +0200
From: =?iso-8859-1?Q?Per_H=E4ger=F6?= <per.hagero@nexussafe.com>
To: "Brenner, Michael Ralf (Michael)" <michael.brenner@alcatel-lucent.com>
Thread-Topic: [scim] Cloud definition
Thread-Index: Ac0NjI5a6EpyiUgkSuOkzGABI94mMwAFHroAAAA9/QAAAEqogAAHn5sAAADpgIAAAN9eAAABD6aAAAK5YIAAAC/8gAAXIncAABA2kgAAAQHKAAAf66aA
Date: Sat, 31 Mar 2012 06:50:29 +0000
Message-ID: <87ECC8FD-D0E3-459F-B942-D95FF7913C77@nexussafe.com>
References: <7006d6ef554e58d1fd81433a16639306@mail.gmail.com> <4F7466CC.1090004@yaanatech.com> <4F74686C.80107@cisco.com> <256df9833e11b1b1da54f4272d9380aa@mail.gmail.com> <4F749D8A.4090503@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8E9A@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <4F74A984.9090307@gmail.com> <219947F0B2242843A0A1E62FDB510DC0250F6B8F20@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <A540086C3952D04E9A29453378450A5011392A70@DB3PRD0610MB356.eurprd06.prod.outlook.com> <4F74C42D.2020609@gmail.com> <CAF2hCbbSetW_dZrDEA39U91XQdkQ4Qt50SPzeMZtxMQkV6KozQ@mail.gmail.com> <1333120060.48891.YahooMailNeo@web31804.mail.mud.yahoo.com> <219947F0B2242843A0A1E62FDB510DC0250F6B9296@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
In-Reply-To: <219947F0B2242843A0A1E62FDB510DC0250F6B9296@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: 
x-originating-ip: [10.75.28.12]
Content-Type: multipart/related; boundary="_004_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_"; type="multipart/alternative"
MIME-Version: 1.0
Cc: Samuel Erdtman <samuel@erdtman.se>, William Mills <wmills@yahoo-inc.com>, Melinda Shore <melinda.shore@gmail.com>, Emmanuel dreux <eDreux@bcpsoft.fr>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Cloud definition
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Mar 2012 06:50:36 -0000

--_004_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_
Content-Type: multipart/alternative;
	boundary="_000_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_"

--_000_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Would be great to keep the word simple in there (look what happened to SMTP=
 compared to X.400) so it could be SIM.

Per H=E4ger=F6  |  CTO
Nexus Group  |  www.nexussafe.com<http://www.nexussafe.com/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -- - - - - - -
Office: +46 8 655 39 00  Mobile: +46 702 69 14 66
Email: per.hagero@nexussafe.com<mailto:per.hagero@nexussafe.com> Skype: hag=
ero
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -- - - - - - -
Connect with Nexus
Twitter: @TechnologyNexus<http://www.twitter.com/technologynexus>
Facebook
<https://www.facebook.com/pages/Technology-Nexus/133756470003189>

<http://www.gartner.com/technology/summits/emea/identity-access/index.jsp><=
http://www.gartner.com/technology/summits/emea/identity-access/index.jsp>




<http://www.nexussafe.com/byodseminarium>[cid:image002.jpg@01CCF0A9.2D43D06=
0]<http://www.nexussafe.com/byodseminarium>
<http://www.nexussafe.com/byodseminarium><http://www.nexussafe.com/byodsemi=
narium>



http://www.nexussafe.com/byodseminarium
<http://www.nexussafe.com/byodseminarium>




30 mar 2012 kl. 17:36 skrev Brenner, Michael Ralf (Michael):

Well, you could still PIMP it by replacing Protocol with Provisioning (Push=
 Identity Management Provisioning):)

Michael

From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf OfWilliam Mills
Sent: Friday, March 30, 2012 11:08 AM
To: Samuel Erdtman; Melinda Shore
Cc: scim@ietf.org<mailto:scim@ietf.org>; Emmanuel dreux
Subject: Re: [scim] Cloud definition

Annoyingly perhaps, naming matters in a branding way and how people think a=
bout things.  We can trivially get this much closer to what it actually doe=
s.  I personally like Push Identity Management Protocol (excepts it's not a=
 protocol), so we could PIMP my cloud.

-bill

________________________________
From: Samuel Erdtman <samuel@erdtman.se<mailto:samuel@erdtman.se>>
To: Melinda Shore <melinda.shore@gmail.com<mailto:melinda.shore@gmail.com>>
Cc: "scim@ietf.org<mailto:scim@ietf.org>" <scim@ietf.org<mailto:scim@ietf.o=
rg>>; Emmanuel dreux <eDreux@bcpsoft.fr<mailto:eDreux@bcpsoft.fr>>
Sent: Friday, March 30, 2012 12:23 AM
Subject: Re: [scim] Cloud definition

I=B4m new at IETF so I don=B4t know if I will offend someone with this
post, if so I=B4m sorry for that.

First I like the point that Michael does, just because it is aimed for
cloud services does not mean that it cannot be used for other things
too.

And further, SCIM is just a name in the end.

Cheers
//Samuel

On Thu, Mar 29, 2012 at 10:21 PM, Melinda Shore <melinda.shore@gmail.com<ma=
ilto:melinda.shore@gmail.com>> wrote:
> On 3/29/12 12:15 PM, Emmanuel dreux wrote:
>>
>> In SAAS / ASP scenario, it's different. I do not have access directly
>> to the directory that contains the accounts (LDAP,SQL,etc). The
>> provider has to expose provisioning APIs that will allow me to
>> programmatically and remotely manage accounts.
>
>
> You run into exactly this sort of situation in very large enterprises,
> where the people who run the ERP may not have write access to the
> corporate directory or be able to provision accounts.  But even in
> cases where they are there's a lot of interest in moving from a batching
> model to a transactional one.
>
>
> Melinda
> _______________________________________________
> scim mailing list
> scim@ietf.org<mailto:scim@ietf.org>
> https://www.ietf.org/mailman/listinfo/scim
_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim

_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


--_000_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_
Content-Type: text/html; charset="iso-8859-1"
Content-ID: <2B4F13F87FBBD941BD545C51C32DA69E@nexussafe.com>
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-=
1">
<base href=3D"x-msg://89/">
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; ">
Would be great to keep the word simple in there (look what happened to SMTP=
 compared to X.400) so it could be SIM.&nbsp;
<div><br>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; c=
olor: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-varian=
t: normal; font-weight: normal; letter-spacing: normal; line-height: normal=
; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: n=
one; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-hori=
zontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-dec=
orations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stro=
ke-width: 0px; font-size: medium; "><span class=3D"Apple-style-span" style=
=3D"color: rgb(0, 0, 255); font-family: Calibri, sans-serif; font-size: 15p=
x; -webkit-text-decorations-in-effect: underline; "><span class=3D"Apple-st=
yle-span" style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-fam=
ily: Helvetica; font-style: normal; font-variant: normal; font-weight: norm=
al; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -w=
ebkit-auto; text-indent: 0px; text-transform: none; white-space: normal; wi=
dows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit=
-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -w=
ebkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: me=
dium; "><span class=3D"Apple-style-span" style=3D"color: rgb(0, 0, 255); fo=
nt-family: Calibri, sans-serif; font-size: 15px; -webkit-text-decorations-i=
n-effect: underline; "><span class=3D"Apple-style-span" style=3D"border-col=
lapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: n=
ormal; font-variant: normal; font-weight: normal; letter-spacing: normal; l=
ine-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px;=
 text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -=
webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px=
; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto;=
 -webkit-text-stroke-width: 0px; font-size: medium; "><span class=3D"Apple-=
style-span" style=3D"color: rgb(0, 0, 255); font-family: Calibri, sans-seri=
f; font-size: 15px; -webkit-text-decorations-in-effect: underline; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: rgb(0=
, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; orphans: =
2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-=
space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spac=
ing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in=
-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0=
px; font-size: medium; "><span class=3D"Apple-style-span" style=3D"color: r=
gb(0, 0, 255); font-family: Calibri, sans-serif; font-size: 15px; -webkit-t=
ext-decorations-in-effect: underline; "><span class=3D"Apple-style-span" st=
yle=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: Helveti=
ca; font-style: normal; font-variant: normal; font-weight: normal; letter-s=
pacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; =
text-indent: 0px; text-transform: none; white-space: normal; widows: 2; wor=
d-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vert=
ical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-s=
ize-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><spa=
n class=3D"Apple-style-span" style=3D"border-collapse: separate; color: rgb=
(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal=
; font-weight: normal; letter-spacing: normal; line-height: normal; orphans=
: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; whit=
e-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-sp=
acing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-=
in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width:=
 0px; font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizonta=
l-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorati=
ons-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-wi=
dth: 0px; font-size: medium; ">
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; c=
olor: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-varian=
t: normal; font-weight: normal; letter-spacing: normal; line-height: normal=
; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: n=
one; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-hori=
zontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-dec=
orations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stro=
ke-width: 0px; font-size: medium; "><span class=3D"Apple-style-span" style=
=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica;=
 font-style: normal; font-variant: normal; font-weight: normal; letter-spac=
ing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; tex=
t-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-s=
pacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertica=
l-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size=
-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; color: rgb(0,=
 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; f=
ont-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2=
; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-s=
pace: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spaci=
ng: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-=
effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0p=
x; font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"color: rgb(0, 0, 0); font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px=
; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0p=
x; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto=
; -webkit-text-stroke-width: 0px; font-size: medium; "><span class=3D"Apple=
-style-span" style=3D"color: rgb(0, 0, 0); font-style: normal; font-variant=
: normal; font-weight: normal; letter-spacing: normal; line-height: normal;=
 orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: no=
ne; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horiz=
ontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-deco=
rations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-strok=
e-width: 0px; font-size: medium; "><span class=3D"Apple-style-span" style=
=3D"color: rgb(0, 0, 0); font-style: normal; font-variant: normal; font-wei=
ght: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-=
align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: n=
ormal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px=
; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect:=
 none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font=
-size: medium; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
 separate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal;=
 font-variant: normal; font-weight: normal; letter-spacing: normal; line-he=
ight: normal; orphans: 2; text-indent: 0px; text-transform: none; white-spa=
ce: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing=
: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-ef=
fect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;=
 font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-indent: 0px; text-transform: none; white-space: normal; widow=
s: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-bo=
rder-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webk=
it-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: mediu=
m; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-indent: 0px; text-transform: none; white-space: normal; widow=
s: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-bo=
rder-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webk=
it-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: mediu=
m; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-indent: 0px; text-transform: none; white-space: normal; widow=
s: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-bo=
rder-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webk=
it-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: mediu=
m; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<div><span class=3D"Apple-style-span" style=3D"font-family: Whitney, sans-s=
erif; font-size: 14px; ">
<div><span class=3D"Apple-style-span" style=3D"font-size: medium; border-co=
llapse: collapse; ">
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<b><span lang=3D"EN-US" style=3D"font-size: 10pt; color: rgb(39, 41, 39); f=
ont-family: 'Whitney Medium'; ">Per H=E4ger=F6</span></b><span lang=3D"EN-U=
S" style=3D"font-size: 10pt; color: rgb(39, 41, 39); font-family: 'Whitney =
Medium'; ">&nbsp; |&nbsp;&nbsp;CTO</span><span lang=3D"EN-US" style=3D"font=
-size: 10pt; font-family: 'Whitney Medium'; "><o:p></o:p></span></div>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<b><span lang=3D"EN-US" style=3D"font-size: 10pt; color: rgb(54, 95, 145); =
font-family: 'Whitney Medium'; ">Nexus</span></b><b><span lang=3D"EN-US" st=
yle=3D"font-size: 10pt; color: gray; font-family: 'Whitney Medium'; ">&nbsp=
;Group</span></b><span lang=3D"EN-US" style=3D"font-size: 10pt; color: gray=
; font-family: 'Whitney Medium'; ">&nbsp;&nbsp;</span><span lang=3D"EN-US" =
style=3D"font-size: 10pt; font-family: 'Whitney Medium'; ">|
 &nbsp;<a href=3D"http://www.nexussafe.com/" style=3D"color: blue; text-dec=
oration: underline; ">www.nexussafe.com</a><o:p></o:p></span></div>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<span lang=3D"EN-US" style=3D"font-size: 10pt; color: rgb(54, 95, 145); fon=
t-family: 'Whitney Medium'; ">- - - - - - - - - - - - - - - - - - - - - - -=
 - - - - - - - - - - - - - - - - -- - - - - - -<o:p></o:p></span></div>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<b><span lang=3D"EN-US" style=3D"font-size: 10pt; color: rgb(54, 95, 145); =
font-family: 'Whitney Medium'; ">Office</span></b><b><span lang=3D"EN-US" s=
tyle=3D"font-size: 10pt; color: rgb(7, 67, 86); font-family: 'Whitney Mediu=
m'; ">:</span></b><span lang=3D"EN-US" style=3D"font-size: 10pt; font-famil=
y: 'Whitney Medium'; ">&nbsp;<span style=3D"color: rgb(39, 41, 39); ">&#43;=
46
 8 655 39 00</span>&nbsp;&nbsp;<b><span style=3D"color: rgb(54, 95, 145); "=
>Mobile</span><span style=3D"color: rgb(7, 67, 86); ">:</span></b>&nbsp;&#4=
3;46 702 69 14 66<o:p></o:p></span></div>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<b><span lang=3D"EN-US" style=3D"font-size: 10pt; color: rgb(54, 95, 145); =
font-family: 'Whitney Medium'; ">Email:</span></b><span lang=3D"EN-US" styl=
e=3D"font-size: 10pt; color: rgb(34, 59, 216); font-family: 'Whitney Medium=
'; ">&nbsp;</span><span lang=3D"EN-US" style=3D"font-size: 10pt; font-famil=
y: 'Whitney Medium'; "><a href=3D"mailto:per.hagero@nexussafe.com" style=3D=
"color: blue; text-decoration: underline; ">per.hagero@nexussafe.com</a>&nb=
sp;<o:p></o:p></span><span class=3D"Apple-style-span" style=3D"font-family:=
 'Whitney Medium'; font-size: 13px; "><b><span style=3D"color: rgb(54, 95, =
145); ">Skype</span><span style=3D"color: rgb(7, 67, 86); ">:</span></b>&nb=
sp;hagero</span></div>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<span lang=3D"EN-US" style=3D"font-size: 10pt; color: rgb(54, 95, 145); fon=
t-family: 'Whitney Medium'; ">- - - - - - - - - - - - - - - - - - - - - - -=
 - - - - - - - - - - - - - - - - -- - - - - - -<o:p></o:p></span></div>
<table class=3D"MsoNormalTable" border=3D"1" cellspacing=3D"0" cellpadding=
=3D"0" style=3D"border-collapse: collapse; border-top-style: none; border-r=
ight-style: none; border-bottom-style: none; border-left-style: none; borde=
r-width: initial; border-color: initial; ">
<tbody>
<tr>
<td width=3D"191" valign=3D"top" height=3D"0" style=3D"width: 191pt; border=
-top-style: none; border-right-style: none; border-bottom-style: none; bord=
er-left-style: none; border-width: initial; border-color: initial; padding-=
top: 0cm; padding-right: 5.4pt; padding-bottom: 0cm; padding-left: 5.4pt; h=
eight: 0px; ">
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<b><span lang=3D"EN-US" style=3D"font-size: 10pt; color: rgb(54, 95, 145); =
font-family: 'Whitney Medium'; ">Connect with Nexus</span></b><span lang=3D=
"EN-US" style=3D"font-size: 10pt; color: rgb(54, 95, 145); font-family: 'Wh=
itney Medium'; "><o:p></o:p></span></div>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; font-size: 12pt; font-family: Cambria; ">
<span lang=3D"EN-US" style=3D"font-size: 10pt; font-family: 'Whitney Medium=
'; "><a href=3D"http://www.twitter.com/technologynexus" style=3D"color: blu=
e; text-decoration: underline; ">Twitter: @TechnologyNexus</a><o:p></o:p></=
span></div>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-bottom: 0.0001pt; =
margin-left: 0cm; ">
<font class=3D"Apple-style-span" face=3D"'Whitney Medium'"><span class=3D"A=
pple-style-span" style=3D"font-size: 13px; "><a href=3D"https://www.faceboo=
k.com/pages/Technology-Nexus/133756470003189">Facebook<br>
</a></span></font></div>
</td>
</tr>
</tbody>
</table>
</span></div>
</span></div>
</div>
</span></div>
</span></div>
</span></div>
</span></span></span></span></div>
</span></span></span></div>
</span></div>
</span></span></span></span></span></span></span></span><span class=3D"Appl=
e-style-span" style=3D"border-collapse: separate; color: rgb(0, 0, 0); font=
-family: Helvetica; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align=
: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal=
; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -we=
bkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none=
; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size=
: medium; "><span class=3D"Apple-style-span" style=3D"color: rgb(0, 0, 255)=
; font-family: Calibri, sans-serif; font-size: 15px; -webkit-text-decoratio=
ns-in-effect: underline; "><span class=3D"Apple-style-span" style=3D"border=
-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-styl=
e: normal; font-variant: normal; font-weight: normal; letter-spacing: norma=
l; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: =
0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0p=
x; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing:=
 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: a=
uto; -webkit-text-stroke-width: 0px; font-size: medium; "><span class=3D"Ap=
ple-style-span" style=3D"color: rgb(0, 0, 255); font-family: Calibri, sans-=
serif; font-size: 15px; -webkit-text-decorations-in-effect: underline; "><s=
pan class=3D"Apple-style-span" style=3D"border-collapse: separate; color: r=
gb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: norm=
al; font-weight: normal; letter-spacing: normal; line-height: normal; orpha=
ns: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; wh=
ite-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-=
spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decoration=
s-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-widt=
h: 0px; font-size: medium; "><span class=3D"Apple-style-span" style=3D"colo=
r: rgb(0, 0, 255); font-family: Calibri, sans-serif; font-size: 15px; -webk=
it-text-decorations-in-effect: underline; "><span class=3D"Apple-style-span=
" style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: Hel=
vetica; font-style: normal; font-variant: normal; font-weight: normal; lett=
er-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-au=
to; text-indent: 0px; text-transform: none; white-space: normal; widows: 2;=
 word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-=
vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-te=
xt-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">=
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizonta=
l-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorati=
ons-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-wi=
dth: 0px; font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizonta=
l-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorati=
ons-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-wi=
dth: 0px; font-size: medium; ">
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; c=
olor: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-varian=
t: normal; font-weight: normal; letter-spacing: normal; line-height: normal=
; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: n=
one; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-hori=
zontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-dec=
orations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stro=
ke-width: 0px; font-size: medium; "><span class=3D"Apple-style-span" style=
=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica;=
 font-style: normal; font-variant: normal; font-weight: normal; letter-spac=
ing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; tex=
t-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-s=
pacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertica=
l-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size=
-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; color: rgb(0,=
 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; f=
ont-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2=
; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-s=
pace: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spaci=
ng: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-=
effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0p=
x; font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"color: rgb(0, 0, 0); font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px=
; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0p=
x; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto=
; -webkit-text-stroke-width: 0px; font-size: medium; "><span class=3D"Apple=
-style-span" style=3D"color: rgb(0, 0, 0); font-style: normal; font-variant=
: normal; font-weight: normal; letter-spacing: normal; line-height: normal;=
 orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: no=
ne; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horiz=
ontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-deco=
rations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-strok=
e-width: 0px; font-size: medium; "><span class=3D"Apple-style-span" style=
=3D"color: rgb(0, 0, 0); font-style: normal; font-variant: normal; font-wei=
ght: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-=
align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: n=
ormal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px=
; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect:=
 none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font=
-size: medium; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
 separate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal;=
 font-variant: normal; font-weight: normal; letter-spacing: normal; line-he=
ight: normal; orphans: 2; text-indent: 0px; text-transform: none; white-spa=
ce: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing=
: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-ef=
fect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;=
 font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-indent: 0px; text-transform: none; white-space: normal; widow=
s: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-bo=
rder-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webk=
it-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: mediu=
m; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-indent: 0px; text-transform: none; white-space: normal; widow=
s: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-bo=
rder-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webk=
it-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: mediu=
m; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-indent: 0px; text-transform: none; white-space: normal; widow=
s: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-bo=
rder-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webk=
it-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: mediu=
m; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<div><span class=3D"Apple-style-span" style=3D"font-family: Whitney, sans-s=
erif; font-size: 14px; "></span></div>
</div>
</span></div>
</span></div>
</span></div>
</span></span></span></span></div>
</span></span></span></div>
</span></div>
</span></span></span></span></span></span></span></span><span class=3D"Appl=
e-style-span" style=3D"color: rgb(0, 0, 255); font-family: Calibri, sans-se=
rif; font-size: 15px; -webkit-text-decorations-in-effect: underline; "><spa=
n class=3D"Apple-style-span" style=3D"border-collapse: separate; color: rgb=
(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal=
; font-weight: normal; letter-spacing: normal; line-height: normal; orphans=
: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; whit=
e-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-sp=
acing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-=
in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width:=
 0px; font-size: medium; "><span class=3D"Apple-style-span" style=3D"color:=
 rgb(0, 0, 255); font-family: Calibri, sans-serif; font-size: 15px; -webkit=
-text-decorations-in-effect: underline; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: Helve=
tica; font-style: normal; font-variant: normal; font-weight: normal; letter=
-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto=
; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; w=
ord-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-ve=
rtical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text=
-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><s=
pan class=3D"Apple-style-span" style=3D"color: rgb(0, 0, 255); font-family:=
 Calibri, sans-serif; font-size: 15px; -webkit-text-decorations-in-effect: =
underline; "><span class=3D"Apple-style-span" style=3D"border-collapse: sep=
arate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; fon=
t-variant: normal; font-weight: normal; letter-spacing: normal; line-height=
: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-tran=
sform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-bor=
der-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-=
text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-t=
ext-stroke-width: 0px; font-size: medium; ">
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-left: 0cm; margin-=
bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; ">
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-left: 0cm; margin-=
bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; ">
<a href=3D"http://www.gartner.com/technology/summits/emea/identity-access/i=
ndex.jsp" style=3D"color: blue; text-decoration: underline; "></a><a href=
=3D"http://www.gartner.com/technology/summits/emea/identity-access/index.js=
p" style=3D"color: blue; text-decoration: underline; "><span class=3D"Apple=
-style-span" style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-=
family: Helvetica; font-style: normal; font-variant: normal; font-weight: n=
ormal; letter-spacing: normal; line-height: normal; orphans: 2; text-align:=
 -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal;=
 widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -web=
kit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none;=
 -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size:=
 medium; "><span class=3D"Apple-style-span" style=3D"border-collapse: separ=
ate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-=
variant: normal; font-weight: normal; letter-spacing: normal; line-height: =
normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transf=
orm: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-borde=
r-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-te=
xt-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-tex=
t-stroke-width: 0px; font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizonta=
l-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorati=
ons-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-wi=
dth: 0px; font-size: medium; ">
<div><br class=3D"Apple-interchange-newline">
<br class=3D"Apple-interchange-newline">
<br class=3D"Apple-interchange-newline">
</div>
</span></div>
</span></span></a></div>
<span class=3D"Apple-style-span" style=3D"font-family: Calibri, sans-serif;=
 font-size: 15px; "><a href=3D"http://www.nexussafe.com/byodseminarium" sty=
le=3D"color: blue; text-decoration: underline; "><span style=3D"font-size: =
10pt; font-family: 'Whitney Medium'; color: blue; text-decoration: none; ">=
</span><br class=3D"Apple-interchange-newline">
<span></span></a></span><a href=3D"http://www.nexussafe.com/byodseminarium"=
 style=3D"color: blue; text-decoration: underline; "><span></span><span></s=
pan><span><img height=3D"123" width=3D"450" id=3D"72553927-df25-4262-adc5-b=
38fbf82f0dc" apple-width=3D"yes" apple-height=3D"yes" src=3D"cid:image002.j=
pg@01CCF0A9.2D43D060"></span><span class=3D"Apple-style-span" style=3D"bord=
er-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-st=
yle: normal; font-variant: normal; font-weight: normal; letter-spacing: nor=
mal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent=
: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacin=
g: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust:=
 auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span class=3D"=
Apple-style-span" style=3D"font-family: Calibri, sans-serif; font-size: 15p=
x; "></span></span></a>
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-left: 0cm; margin-=
bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; ">
<a href=3D"http://www.nexussafe.com/byodseminarium" style=3D"color: blue; t=
ext-decoration: underline; "></a><a href=3D"http://www.nexussafe.com/byodse=
minarium" style=3D"color: blue; text-decoration: underline; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; color: rgb(0, 0, =
0); font-family: Helvetica; font-style: normal; font-variant: normal; font-=
weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; te=
xt-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space=
: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: =
0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effe=
ct: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; f=
ont-size: medium; "><span class=3D"Apple-style-span" style=3D"color: rgb(0,=
 0, 255); font-family: Calibri, sans-serif; font-size: 15px; -webkit-text-d=
ecorations-in-effect: underline; "><span class=3D"Apple-style-span" style=
=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica;=
 font-style: normal; font-variant: normal; font-weight: normal; letter-spac=
ing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; tex=
t-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-s=
pacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertica=
l-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size=
-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; color: rgb(0,=
 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; f=
ont-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2=
; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-s=
pace: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spaci=
ng: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-=
effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0p=
x; font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<br class=3D"Apple-interchange-newline">
<br class=3D"Apple-interchange-newline">
<br class=3D"Apple-interchange-newline">
</div>
</span></span></span></span></a></div>
<span class=3D"Apple-style-span" style=3D"font-family: Calibri, sans-serif;=
 font-size: 15px; "><a href=3D"http://www.nexussafe.com/byodseminarium" sty=
le=3D"color: blue; text-decoration: underline; ">http://www.nexussafe.com/b=
yodseminarium</a>&nbsp;&nbsp;</span><span class=3D"Apple-style-span" style=
=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica;=
 font-style: normal; font-variant: normal; font-weight: normal; letter-spac=
ing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; tex=
t-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-s=
pacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertica=
l-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size=
-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span c=
lass=3D"Apple-style-span" style=3D"color: rgb(0, 0, 255); font-family: Cali=
bri, sans-serif; font-size: 15px; -webkit-text-decorations-in-effect: under=
line; "><span class=3D"Apple-style-span" style=3D"border-collapse: separate=
; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-var=
iant: normal; font-weight: normal; letter-spacing: normal; line-height: nor=
mal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform=
: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-h=
orizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-=
decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-s=
troke-width: 0px; font-size: medium; "><span class=3D"Apple-style-span" sty=
le=3D"color: rgb(0, 0, 255); font-family: Calibri, sans-serif; font-size: 1=
5px; -webkit-text-decorations-in-effect: underline; "><span class=3D"Apple-=
style-span" style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-f=
amily: Helvetica; font-style: normal; font-variant: normal; font-weight: no=
rmal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: =
-webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webk=
it-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; =
-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: =
medium; ">
<div style=3D"margin-top: 0cm; margin-right: 0cm; margin-left: 0cm; margin-=
bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; ">
<a href=3D"http://www.nexussafe.com/byodseminarium" style=3D"color: blue; t=
ext-decoration: underline; "><span class=3D"Apple-style-span" style=3D"bord=
er-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-st=
yle: normal; font-variant: normal; font-weight: normal; letter-spacing: nor=
mal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent=
: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacin=
g: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust:=
 auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span class=3D"=
Apple-style-span" style=3D"color: rgb(0, 0, 255); font-family: Calibri, san=
s-serif; font-size: 15px; -webkit-text-decorations-in-effect: underline; ">=
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; color:=
 rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizonta=
l-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorati=
ons-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-wi=
dth: 0px; font-size: medium; "><span class=3D"Apple-style-span" style=3D"bo=
rder-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-=
style: normal; font-variant: normal; font-weight: normal; letter-spacing: n=
ormal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-inde=
nt: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing=
: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spac=
ing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjus=
t: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<br>
</div>
</span><br class=3D"Apple-interchange-newline">
</span><br class=3D"Apple-interchange-newline">
</span></span></a></div>
</span></span></span></span></span></div>
</span></span></span></span></span></span></span></span></div>
<br>
<div>
<div>30 mar 2012 kl. 17:36 skrev Brenner, Michael Ralf (Michael):</div>
<br class=3D"Apple-interchange-newline">
<blockquote type=3D"cite"><span class=3D"Apple-style-span" style=3D"border-=
collapse: separate; font-family: Helvetica; font-style: normal; font-varian=
t: normal; font-weight: normal; letter-spacing: normal; line-height: normal=
; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: n=
one; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-hori=
zontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-dec=
orations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stro=
ke-width: 0px; font-size: medium; ">
<div lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1" style=3D"page: WordSection1; ">
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); ">Well, you could still PIMP it by replacing Protocol with =
Provisioning (Push Identity Management Provisioning)</span><span style=3D"f=
ont-size: 11pt; font-family: Wingdings; color: rgb(31, 73, 125); ">J</span>=
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); "><o:p></o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); "><o:p>&nbsp;</o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); ">Michael<o:p></o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); "><o:p>&nbsp;</o:p></span></div>
<div>
<div style=3D"border-right-style: none; border-bottom-style: none; border-l=
eft-style: none; border-width: initial; border-color: initial; border-top-s=
tyle: solid; border-top-color: rgb(181, 196, 223); border-top-width: 1pt; p=
adding-top: 3pt; padding-right: 0in; padding-bottom: 0in; padding-left: 0in=
; ">
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<b><span style=3D"font-size: 10pt; font-family: Tahoma, sans-serif; ">From:=
</span></b><span style=3D"font-size: 10pt; font-family: Tahoma, sans-serif;=
 "><span class=3D"Apple-converted-space">&nbsp;</span><a href=3D"mailto:sci=
m-bounces@ietf.org">scim-bounces@ietf.org</a>
 [mailto:scim-bounces@ietf.org]<span class=3D"Apple-converted-space">&nbsp;=
</span><b>On Behalf Of</b>William Mills<br>
<b>Sent:</b><span class=3D"Apple-converted-space">&nbsp;</span>Friday, Marc=
h 30, 2012 11:08 AM<br>
<b>To:</b><span class=3D"Apple-converted-space">&nbsp;</span>Samuel Erdtman=
; Melinda Shore<br>
<b>Cc:</b><span class=3D"Apple-converted-space">&nbsp;</span><a href=3D"mai=
lto:scim@ietf.org">scim@ietf.org</a>; Emmanuel dreux<br>
<b>Subject:</b><span class=3D"Apple-converted-space">&nbsp;</span>Re: [scim=
] Cloud definition<o:p></o:p></span></div>
</div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
<div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; b=
ackground-image: initial; background-attachment: initial; background-origin=
: initial; background-clip: initial; background-color: white; ">
<span style=3D"font-size: 14pt; font-family: 'Courier New'; color: black; "=
>Annoyingly perhaps, naming matters in a branding way and how people think =
about things.&nbsp; We can trivially get this much closer to what it actual=
ly does.&nbsp; I personally like Push Identity
 Management Protocol (excepts it's not a protocol), so we could PIMP my clo=
ud.<o:p></o:p></span></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; b=
ackground-image: initial; background-attachment: initial; background-origin=
: initial; background-clip: initial; background-color: white; ">
<span style=3D"font-size: 14pt; font-family: 'Courier New'; color: black; "=
><o:p>&nbsp;</o:p></span></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; b=
ackground-image: initial; background-attachment: initial; background-origin=
: initial; background-clip: initial; background-color: white; ">
<span style=3D"font-size: 14pt; font-family: 'Courier New'; color: black; "=
>-bill<o:p></o:p></span></div>
</div>
<div>
<blockquote style=3D"border-top-style: none; border-right-style: none; bord=
er-bottom-style: none; border-width: initial; border-color: initial; border=
-left-style: solid; border-left-color: rgb(16, 16, 255); border-left-width:=
 1.5pt; padding-top: 0in; padding-right: 0in; padding-bottom: 0in; padding-=
left: 4pt; margin-left: 3.75pt; margin-top: 3.75pt; margin-bottom: 5pt; ">
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; b=
ackground-image: initial; background-attachment: initial; background-origin=
: initial; background-clip: initial; background-color: white; ">
<span style=3D"font-size: 14pt; font-family: 'Courier New'; color: black; "=
><o:p>&nbsp;</o:p></span></div>
<div>
<div>
<div>
<div class=3D"MsoNormal" align=3D"center" style=3D"margin-top: 0in; margin-=
right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; fon=
t-family: 'Times New Roman', serif; text-align: center; background-image: i=
nitial; background-attachment: initial; background-origin: initial; backgro=
und-clip: initial; background-color: white; background-position: initial in=
itial; background-repeat: initial initial; ">
<span style=3D"font-size: 10pt; font-family: Arial, sans-serif; color: blac=
k; ">
<hr size=3D"1" width=3D"100%" align=3D"center">
</span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; b=
ackground-image: initial; background-attachment: initial; background-origin=
: initial; background-clip: initial; background-color: white; ">
<b><span style=3D"font-size: 10pt; font-family: Arial, sans-serif; color: b=
lack; ">From:</span></b><span style=3D"font-size: 10pt; font-family: Arial,=
 sans-serif; color: black; "><span class=3D"Apple-converted-space">&nbsp;</=
span>Samuel Erdtman &lt;<a href=3D"mailto:samuel@erdtman.se">samuel@erdtman=
.se</a>&gt;<br>
<b>To:</b><span class=3D"Apple-converted-space">&nbsp;</span>Melinda Shore =
&lt;<a href=3D"mailto:melinda.shore@gmail.com">melinda.shore@gmail.com</a>&=
gt;<span class=3D"Apple-converted-space">&nbsp;</span><br>
<b>Cc:</b><span class=3D"Apple-converted-space">&nbsp;</span>&quot;<a href=
=3D"mailto:scim@ietf.org">scim@ietf.org</a>&quot; &lt;<a href=3D"mailto:sci=
m@ietf.org">scim@ietf.org</a>&gt;; Emmanuel dreux &lt;<a href=3D"mailto:eDr=
eux@bcpsoft.fr">eDreux@bcpsoft.fr</a>&gt;<span class=3D"Apple-converted-spa=
ce">&nbsp;</span><br>
<b>Sent:</b><span class=3D"Apple-converted-space">&nbsp;</span>Friday, Marc=
h 30, 2012 12:23 AM<br>
<b>Subject:</b><span class=3D"Apple-converted-space">&nbsp;</span>Re: [scim=
] Cloud definition</span><span style=3D"color: black; "><o:p></o:p></span><=
/div>
</div>
<p class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; margin-=
left: 0in; margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Ro=
man', serif; background-image: initial; background-attachment: initial; bac=
kground-origin: initial; background-clip: initial; background-color: white;=
 background-position: initial initial; background-repeat: initial initial; =
">
<span style=3D"color: black; "><br>
I=B4m new at IETF so I don=B4t know if I will offend someone with this<br>
post, if so I=B4m sorry for that.<br>
<br>
First I like the point that Michael does, just because it is aimed for<br>
cloud services does not mean that it cannot be used for other things<br>
too.<br>
<br>
And further, SCIM is just a name in the end.<br>
<br>
Cheers<br>
//Samuel<br>
<br>
On Thu, Mar 29, 2012 at 10:21 PM, Melinda Shore &lt;<a href=3D"mailto:melin=
da.shore@gmail.com" style=3D"color: blue; text-decoration: underline; ">mel=
inda.shore@gmail.com</a>&gt; wrote:<br>
&gt; On 3/29/12 12:15 PM, Emmanuel dreux wrote:<br>
&gt;&gt;<br>
&gt;&gt; In SAAS / ASP scenario, it's different. I do not have access direc=
tly<br>
&gt;&gt; to the directory that contains the accounts (LDAP,SQL,etc). The<br=
>
&gt;&gt; provider has to expose provisioning APIs that will allow me to<br>
&gt;&gt; programmatically and remotely manage accounts.<br>
&gt;<br>
&gt;<br>
&gt; You run into exactly this sort of situation in very large enterprises,=
<br>
&gt; where the people who run the ERP may not have write access to the<br>
&gt; corporate directory or be able to provision accounts. &nbsp;But even i=
n<br>
&gt; cases where they are there's a lot of interest in moving from a batchi=
ng<br>
&gt; model to a transactional one.<br>
&gt;<br>
&gt;<br>
&gt; Melinda<br>
&gt; _______________________________________________<br>
&gt; scim mailing list<br>
&gt;<span class=3D"Apple-converted-space">&nbsp;</span><a href=3D"mailto:sc=
im@ietf.org" style=3D"color: blue; text-decoration: underline; ">scim@ietf.=
org</a><br>
&gt;<span class=3D"Apple-converted-space">&nbsp;</span><a href=3D"https://w=
ww.ietf.org/mailman/listinfo/scim" target=3D"_blank" style=3D"color: blue; =
text-decoration: underline; ">https://www.ietf.org/mailman/listinfo/scim</a=
><br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: und=
erline; ">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank" st=
yle=3D"color: blue; text-decoration: underline; ">https://www.ietf.org/mail=
man/listinfo/scim</a><br>
<br>
<o:p></o:p></span></p>
</div>
</div>
</blockquote>
</div>
</div>
</div>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
https://www.ietf.org/mailman/listinfo/scim</div>
</span></blockquote>
</div>
<br>
</div>
</body>
</html>

--_000_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_--

--_004_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_
Content-Type: image/jpeg; name="image002.jpg"
Content-Description: image002.jpg
Content-Disposition: inline; filename="image002.jpg"; size=19061;
	creation-date="Sat, 31 Mar 2012 06:50:29 GMT";
	modification-date="Sat, 31 Mar 2012 06:50:29 GMT"
Content-ID: <image002.jpg@01CCF0A9.2D43D060>
Content-Transfer-Encoding: base64

/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAAPAAA/+4AJkFkb2JlAGTAAAAAAQMA
FQQDBgoNAAAP+QAAHHMAAC8SAABKc//bAIQABgQEBAUEBgUFBgkGBQYJCwgGBggLDAoKCwoKDBAM
DAwMDAwQDA4PEA8ODBMTFBQTExwbGxscHx8fHx8fHx8fHwEHBwcNDA0YEBAYGhURFRofHx8fHx8f
Hx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8f/8IAEQgAewHCAwERAAIR
AQMRAf/EAPIAAQACAwEBAAAAAAAAAAAAAAADBAECBQYHAQEBAQEBAQEAAAAAAAAAAAAAAQIDBAUG
EAABBAIBAgYBAwQCAwAAAAAAARECAxIEECAFMEAhMRMUQVAiFTJCNQYjJDM0NhEAAQIFAAYFCQQG
CAcAAAAAARECACExEgNBUWFxIhMQgZEyBCAwobHB0UJSI2KyMxRA4XKCkgXw8aLC0kNzdFDyU2OD
JIQSAAAFAwMEAwAAAAAAAAAAAAAgAREhMFAxEGBwQGECIkFREhMBAAICAQQABgMBAQEBAAAAAQAR
ITFBEFFhcSCBkaGxwTDw0UDh8VD/2gAMAwEAAhEDEQAAAfL/AGfkjfF03AAOjz39j+Z9GWMLkyAB
AGQaWR6mEGVzGVGTATj9efkfTw8n6OEdgAAAAAG3m6ad8ZsUMy4sFrO+v8X10foca3q5AAfTfB7P
SeftpYACgZAAANLCFyReHrF4ulv7XmAGK5+8fOfd5OR0wAOr8j1YOX9fygAXvkd/Z/B9MPreE/Te
F0yPSfl/pcb7fjqe3jbx17n5z3Rdscj7vkAFzN+tfN9mlmtAAZAABmABiswVk0yAAEjr537fNw+u
AN8XObH1yBrz3cxrT4vTs+bVjTzn0+MP1eWTMFxZazrOb3vy/wBCt7OXK+75MWD0/n6+083ahvnH
ViWtZZl0Mg2jZams4NiaWSWtrO0WZqGzMZXSyWWCyWXBpZfxuKz5p7vPU1kAARct2/H6PRFb5sg8
s6FS/UvlPq8Nd4AFmaAAHqfN19V5+kOs0OmOfvHU59KmsjeUQazLLNmxUJDUs51T1nJLLHZU1mSW
eXJDZNLk2l6ONyZvC7Y8T6+I6GNei4bqanmu+NYg8HWdvvnQ5L3Wo83ZxvoedYBbzoAYJ+O/Uefp
f3gAClrNXWejjcFk0tTWZIhrcklsS1rJZRV1m7nUFkFliXeWtrNnOorJJcnQxvfN+f8At4wanqOG
+ngPIejNbzsaaYZ1q0t2WKOZ2xnrkAWs0Ac3nroebpWs950wABQ3nMTyw2SyxWbkRLLFZazqKzcF
ay7nUdkFm8sssNm5kzLT3jq8+k+dZl8/2xx+uLuUVtbku6tHeWWOgC18P1R+rnD9LiALfHc/w/TB
+g8gp51y/NuhXo9Z7lg6dmTzPfhHVrN2WGzVBk9Fx7Sy+T9HD0XHrQ1mxLV1LmNUt4L0+e4LIdQW
8ar6zDZLL1+fQSZvG6zl9Mizm93leJ1lTUADNUsAFrN28XXX28tStx3vi8yqUdyuEd/U9Hvn5vtx
hs6mOlrN43Tnk2XJ3ePWlvA8/wBuUstrOpIHN3jpY3W1I0u51qVNZp6z2ufUeh4dRlcy8DtkAAAA
AAC3nQgjPPXRzdSMoJxq5M37nt57lkNgklyaA0s3lllFeyxLW1J83BkwbEdm0uwI7MyyA3lAll5W
qoCWMEdAAAAWs0cLGrGb10jOHOlbXKHePTbxOAeW78Onjdey3nVqWSXn7xoSS62aEss0tXWZJcGS
GzpY3yOnO3nWDWtoyanZ59NiTO61oA1NY2rYAAAFrFFcoSzpuZJ9ZksG0tPpzxZqDJqbmY1oAZiK
ppQBHZgmlwZI7JJRkhssZ1tLYx00ABSPOR6CugAAACxAAEdmTMuLBvKKnTnW3jUGQADIAAMgQAXI
MmAbRYzuzjeAADmbx4Ppz9Iczrzu51JLqlfUjT3fk9Y3lAA0sEOs6pLNTZ0AIdZjudaG8u0Ramlg
2iSai1mtvGAADJNnVvn0mzrCDKgAADz/AG4/PPZ5I94vY30MbwcvpzwQ2fZPl/TyAAADCZUAAAAA
AAACLWY7MJld5Zc3KgAAAAAQXNPeZpedvFnOskdmY1rs8uoAAAAAAAAAAAAAAAAAAAAAAAAAAAAH
/9oACAEBAAEFAsTEWtUMTExMTE0dGe3s00101eIqDeCxsdo0Lzb/ANbugTqnCWJiYmJiYmJiYmJi
YjCwY9BjExMTExMTtmrG3Y2XnsYmJiYmJ2LSSjV8nbkkaFkvVt6OvtQ3+13aksTExMTQ1Kr59w16
678TExMTE0taF1tMYIbWlr3Q+NUMTE7XTQps1UxtxMTtUkjb3DUlC3ExMTE09f5tkVfNzhGce5ds
XWliYmIiyRLJSsliYmIn7iOnsSK9W16bd/Ge3st8ezaIjpiMK6riYiOi19xTGy/WF9VxMTsevL5p
KfOnz17dcqktrWyzbrjNLq1LNiitU2KVj9ilvmqeFkJom09UNqS1JsWJOvZpsWM3nLbr+b7dKQlZ
CMV2tdIfYoz+xSfaqx+avKe5RGHzwQXZoSNmzjEtqhbXtaste7ExMTExMSxI/HVPApYs1bEWq799
10fi2Oy/8FlM6p4mJiYmJiYmJiYmh2pD0QkvquvGWxPQtWiqvCf1rHhrWRsv1ltWzXsWUdKaVy1r
c9WhaSGrNCGlUlCVXynTqrAhXjdHVsSdWosE+vL6yas8lhZ830bVlbqSmS1rVsTSsSK6084asknX
rYpx3bWSyjExNXRs2Fj2bVa/s0WWCouDkKtrXWnYqenZk8mvKl1qi3Zib2VlOJiYmJiYmJiKjGpd
opbR3fT2bemm2ctWG8vw2XJATbrVar42LDbVLE3qVss3WonuSis9yNcbLUgLuwanZhav2oZ17sUJ
3xhSm9WsZ7yJJNiSTTYjZq/bVIrtwRZbkcV24JZ9uGaKKiKl2tZVLE7fNPr5mRuLGey0jFCVUZiJ
OJXdiJvKhZvbEifz2riYmJiYmJiYm/D/AK8O3aRRBNfu/SmonxfUjjZUk1XUrxjTGFv1oLKOtGKz
0q5QXWgqy0oSLKkmR1a0K6IVr9ev546FSQtrjbBKIktGmSS1ISIURjSunWqT1YTnPVrmLrQU+tZ8
8UxjmLhNNrt2JFZQVNu0nsXTRIn0NllgysYmJiUQhlbCKLiYmJiYi1I2JibUXo/ktWjWv2pWWavd
bYyXuEEI9z01EVFQ7x8S30Rpj3C7/qdw1E+zt01x7hffVHt9+5TVf3fb0006qrEsqLfgt7nVVTrV
fylbbO/Tr2J3arLV3YbC6t+tXrr3enC7Y+OvW3oXWR7pTO7XnR9ujcru1V7lQmkvd6Iyr7lCV/CS
N3XSK4mJrqkLczZVJ24mJiYjGJiYmJiYnqYisiUW1LfLX7ZVG57Eq1JTttQvkiHZJ2fXO6Yfas+v
/I91RF7dpsmpp2w1L9uyG5ffOEO89w3K7aaoJXUukq232dvtKY22drjHXv1b449zl/nav83T/jJ/
4KWzZDX1vj/mu0/+TT9e4dv2qK+0W/8AzXef6O5/+zyqZ14mJiYmJiYmJiYmJiYmJiYmJbONcden
KV+ml0o6koktOKk9iiKXzsVKo232autDWpLKabSuqqskkZIjIk667EhXXWlmvr2rXVVWnE9fXsVG
RF1tZZrGCyaGeMMvjrbGGM66ZQjVVEjGERIwRfgo+Ra6cJRhIWMJdEP6sTExMSv9srP3SxMTExMT
ExMTExMTcjZ9uNttcYT2lS2y6KXpnK6256+122zqqrqhzXlXXXffO+G1etMticp025UQnKQuMNur
a2JC3STVnsWKuxKaRuuuhZuLJsrIWyvuRF2JxRdmSy+Sdia05SrdKtfYuvSdmxbXXOyUk+aSLfKR
bfbVBPYj7YmJiYi4oPDP0UxMTExMTExMTExLteFsfo7DfBcQ15xPq5EdamJ8J8ItUWVFThomMXZD
CDcNF2i+MTGIyHxR+RURUZD0Gi0q0WFdUK4+hjFmQsqjNGizRZkFpgsyKKqqnpiYmJibWql0M7/k
1NVKoYmJiYmJiYmIwwwwx6jKMvH5YVEUlQoqKnlmXlEVSNKjMjDDDDHcb/raX8g8K+9a8e1/z+7W
b3e7da2jvFmz3DtferNy7S/2BbV1u99w2JsN1Mr/ALz1VZSQjL06FqrU+vE+ufXPrxPhrF1z68j6
8z66iURJUKKip1xqmpGqKcMgyeD3/wDxNNUv4f45r2aCa+xq97nRVqf63sRo2ux7FOvtdlShbPnl
obSe3gMnlFqrU+CB9eJ9eIlNYiInjXUVX1J2zRSirS1aaf4LtT/xfb/ll2vQldd2ftt1lfae3Vwp
7P22mz9b/9oACAECAAEFAuEV+qSt5lJqJZ48bUUfwN67CFKNDpmvlL1VI6s5L1JJiMn6du+Vaadq
yj07VqoREkxGTpxvzkhRKSx47lF46Wwko9Cr5VUfwYyfoWKKQgkU5zQ+Qus9WiLFCF0IpyiNyqOW
du9a9e0ROZrww3DcMMMNwwww3DDcMMMMMMMMNyi9c/bidansKglcRJeHKXLmXDjiKOOOKo4/D8OO
OPw444444/MF5VTMSfDk8efSXiyXwG4YYYYYYbhhhhhhjEYYYYYYbl+F5QXEdRRImBgYCR8GXgOP
w/Djjjj8OOOPw44444444/QkuG4wEZOEi3Ruymia01knRKTFW0spcL4EBfb3RT2PcT2RX5/BiJEx
FQVDAYVDEUVDH1wMehF5XhOlU60oinK9ScRPxH3UX1E9BPaKcOI5+T8f2/j8/wBzC+0hfaSev90C
PnU8F+h+H8ivkl6m6mGG6G4YThOGGG4XhBuhvNOOOP8Arb+bfrijmHrh6/GhGDiwZJQYWsWCeRcy
MjIccyHHHHH8Bx/Er91/q/JAtQmhMZ/POOZDj+OimSjnyKZKZKJNTNTNf1z/2gAIAQMAAQUC4bqR
H8ysUFr8dYjeBTB1n79ME8pEmnUqCx6a4IpbFl6Ypyqc0xQmiPxQvrbD16ETzyp0qr9GJgNyqeAl
ws49EeHH4fhxx+XHHH4cfhxxx+HHHH5brTrVPDROWG4YYVBhhhBhuG4YYYbhhhhhhhuV5YYbl/II
ngPw444444/Djjjjjjjjjjjjj+I4444/gp4DDcNwwwww3DDDDcMMNwwwww3Q3S3VWiE06pQ8OR+f
ZUPc9hfdUbn8mQqmQiiKZDiKZCCKZGRl5XLwV4kfmXsgnoL6n5kvDCsfg/P5/P4/Die8RPdF9P7Z
kvOyVPFbhv0NhEflG4fqccfofh+V4ccfhOFH608uwww3623m265Kxn6Z+nyKLNhJusZuJYJNfIsM
YjDDDDDDDDeAw3iWeyf0/gmVqQUgO3nmGGGG8higxghihihghihgn65//9oACAECAgY/Ar1GVCJ1
UCajoJQzIZkwofy1Rfofn5S0Mhu2mQ1D1Ue3lFund3fSZu0njAdcmapNGLJ36tCpzk17wHJO9f/a
AAgBAwIGPwLeEX2Rjm6KM39Srzk97yGJG9f/2gAIAQEBBj8C6AoRZjym4W73O1CG4sYRjZAfpHFi
DT8zeExd4d3MHymTvdBa8WuFQfPdQPUfMq4K1k0jI41Lj5XMI+pmn1aP0QpEzSg8q3K2eh2kRPix
Gj/f5NrlBE5USHWuEytg0eUb+6xCW61/qgCjdkF3cz/BkFeuLSEIkerpve0BzDwOWp3QW4lKGa9L
m/MJdUHIBwOnuPk48ehxnu0/ppa4K01EXMnhdTZs8ggFAaxc6Z17vI4AXbvfSJMTeR+uHlnBmYdF
To3JKA4MZnboQ2O6wYT8q679pqdsOycozJMkhekk1NelRIiEyt6xH08Iu1n3Qp6XZSOENQHaeg4j
JGhy7yR7Ix5HcHMEhvg4w7jb3mw1gILi4NI3wEdUlo3tr6ote8NO3bBcHKGyMNNw4+7thwumzvbI
VhUUjE+38R1qLD8z2huJt0wVPCUog1QxuXHYMkmlVmioaQjHhxReqHN+VPTGPE0hznuLTsRpPshr
nuDbhdri8kBuuL7xaqLt1RZeLlRNuqHcXcm7cIc5jgbUWeuHNum3vbID7lF1ktZh5cQAw29oB9sB
14tdIbxDHsAfjeQFBnxFJa+gseFa6sHGeo6x5ZukKLH1Bbt+HoUAlCSzI2ZnoIrBfj7zZZsXtEXt
ncODatIa3HnerQiHun+G0xZkbadGo7j5sZc4/ZZ741dByuAcLQ0A7CffDcV8mstSaLrlGZ3/AFHX
f2Q32QBcOWMnN2zKp6YabhYx73jXxr/ijLNOZjs9J98ZC1yXlusd3Qo1xjaHAOY5zuYFXifcg/XG
VzH8u8ESWvzb90ZFK8x12n5QNO6GMLhysbr2ynsHUsPxkC7Jdc8CfEVjGczgRimLRUointjBP8Fp
aetPdGR/zp6IxcQ5eJ7njWbg4f3oxz7mI4+1PdGLGHcWK1DoVsB7nC7mcx2qTbUENxNmwZuYTa7S
pM6aYe52RbseRiz+Mj1Joh06saz+ErGR7H8u9pElrocdoh/ELnPZkFT3Ukpnohzw4Xc0ZW6vwwxD
DHlyuD3ZHfvNtlGMFDy3Od/EtO3p5g72P1dMuFgq6JucTC4Xz+V3vhDIisIix9FSz5Do3R3XY3ab
PaJH0Qjc7XH5XhHez1QObgW2hxvn/cjh8McWiTAfuLHdf/A/3Q/6biAFV3CnbPzM4vzZW2t0VU9U
crA4uKKqIPT5XMPeQwxwacji/luS2R9UNCFznUaP1pGMAFciylK0oVXVDw0dw2kyqPTGQPBtGSwP
kgUBNtTFm8AymW1GvRAzoWMIVXJTQe8IzJiJGJl4KidfdDHZGlt/7Ml6/VACFznSa0frSGoxzibu
EIvBXTCAEcIe1dLTpixDdfy06rl3JGfmH8LitkeHqjmvBb9kos5CBa0lxfy7Qi3JdrSm2MRna+8W
fFc0gW71jNd3WWoJad8oObHqcm8frEA6Gta7K5KLPWNEZZH6IV5lqXWsPk5haGumBRx3wW2uRrxj
c+SK5E0r8QgC1yOcWNfoUV26Ogg0NYRwTUei0VBn0vc2kbOibRLTp7YRrrm6ni4ewx+A3ex7sfoE
cLXt/wDJd95roQLKYJLT6LBC5srn/Zo3sHmTsIhWCuuMYkGkaNotHp8o4uY44zo4ZTXVBFzlL+Zd
JV7E0Q0qWubRw271hjVNrDckplblOmsOy3EudKaU6kguvda5weWyRRTbogoShXhl8VdCwxlzhYw4
5J3T1bIdMo9ljm7P6GJvd3Q00mAVGj1Q0qWubNrh+tYbXhu676kw0heFgxjcI5877bdm/fDmXOIc
zl6JNHVti12/rE4YriTjdcKfKW6ANcIV+M9eR1x7DSCrnKbTdKrKaEg4lJDrlJrxlT64S5wa4Br2
6HJrhznOKuaWaJB1dHrgqTNoZ1NKw+Z43tyHey1PuQxFbiY8vRQkwaSWpgBbk0mvQjgo1GL8VNLY
VpQxQGEoNQhAIW30wh8mdYRolr8pel7auI4RtE4ZeHq0AFNcNfjBDmaip2boazxHG10g74l6pGJ4
3/2ffE3WftAgdtIUU6PBtzJyi43qUEYx4ArhQ/mA0qz7PXDfED8HxPBm2O+Ew/xjvw2fT8Nu0u64
zZM/FgxPOPFi0Sq4xhy4OHDkeMeXF8M/ijDjyi5nKJt64PifBE43Y5uxqS1w0yMMyCjwHDr6MuLx
x4Eb+XaSjTr64IZw4xOZp2wHuxZG4DTMRw79aQzG4OLsi22haQcbsWRucUwpxFdUPZa7Hkx9/G+s
48TlZzC3HkfzLplRVNkDLysnI05k4YD2sdluoGTh2IsdiysmWP1a4OHGx7ntfy3oKIUuOyPGW33t
t5t3dpK2PzLQbCCUNZf1QPGI7lHRJapA5jH48b+5lcOE+2G4X4smJ2T8MvCL5HMbR1d/SCehR55T
ICpjIHVRGibTZVRQzheUz9+f3otwsVutEb2+6B8RaeJw7rU9vQlXaGw/G6mN0uviT09HguYll5W6
keG/JW8yfO5dLNqRnX5YwgfI31Rm8NmNlzzkwuMgQ7bGHw2E3hrxkzOEwANC7Ywl7g0cozMtMHwv
hyMufNwo2aDSTDMYowBvZHM/MZhNbLuHdSkOxZ3YzbVriJR4vHiJfiDiPDk1LRADvHnluCFhsHVS
P5eytrXhdzYb/t/70Zv9IeuP5j/qZfUI/wDnH3Y/l+IP5LMzBfm1I0Snrj6eV2YclC9xWa0WPG/7
h8fzEa7PumOW94GRl7Tj+JVMk64Z1ffjwv8AuGe2PA/63kOZ2foSmpk1uswMmbidVrfhb/TXF4RU
Qh7bmlKatccDcOM6wz/lj6rzk+z3W+j2mLMXEnw4/wCiCFe4YWentpBxeGbXvZDoGsrPtgYmT0lx
qTr6PqMa9KXBY+mxrP2QkI4KDUGEFITI0PGpwWEY0MGoBIXJja8ilwBhMbAwfZCdNz8THHWWgwgp
F5xML/mtCwHEC4UMXILxK7Tui5Bd82mC20I7vBKxYgspboSBje1pZoaRLsgWsASQQaINoAWZTXBc
AAXd4645nLbzPnQL2xYWts+VJQLgCkwuuAXAFJhfMrC+cx2i7gMusU0QXPxODRUqz/FCtxBPtO/w
3R9TMzENg9rpeiGlt+cf5lwkRsVGdkWBGHQxvG7q/qi/OS0b1f7mxZjba3yMTf8ALyZGlux18x11
gj4Q5zXDhoKGtyx4g3cWJh5cu9VH+iMwxOabWMLd7i72CA8K6upZFN0TYWb09hMXcOTmOQH42G31
SgvtUI5WcMiKAIV7Y5oyh54STJACZxkGNwlkYxpr3kX1x4lHWltnEEWG4muXmgcp20d/0TjGjyzj
AJCe2M72ulz8bS39prG+2M77pMeGNlQSVx3LD+O5rH4xzNjnC4HRIQ8B4DecMd+oWA+uUY+NSM9o
eNQaYNxUtc5q7ikZ2AMe5uEuGUTu/b2xlsegxhhARe8ZrGXjmzIxoeRoeWqvbFpdeGZsYD+sHRFq
hgdlc2/qXtMZrXTGAEPCL8UY7XX8xtrD/wBz4aRr29BPkzNaRYvFqhFmK+btdomCJEHYYt/MF2PS
17QfTKJz/fyepUhWDEw/Zxz7Vj6mR79i2/dSPptDFqkViso4axPopCpPXFNkJaE1dKpPXCpPXBlW
sUjfWA/5QjRoEIZiKbehElqi0cI2J7VhBOaqdfQQgQ1ikIdbXS+yVHqhElCJI16GO+Tut0Lr6UHk
1tLaGB89sjpRF9UKtxfNfPJFOiU+mccMT/SZROEHlZc1tySSneKe2PzKd0gJsEvVA8RaeE8oY/tA
e6MeTP4VMGTukLGP6Qf4fKA/G/WI/L+Gxh2IVynUKmH43Yw21hfLYR74ynLjDWYsZfLeAnpj6fhQ
7HcGlFkus+YURQRMgJoit0SE9nk0isd6O90yMVioivRKcT8vVGvopFPM5/3fviM+VZB4aR2Q3IO6
zO67ra2Mf5r+YWtZIYLKJKPDeAx/Vc1HB+lNHbGTwuUWvyUOlW/DGU5nWA4nNnrUe6PEjxEsPIde
f3mx/wCj4jmskaSOwj9Op0VjTFIl544srbmOqPTDsAxDlOKubOsOw48YGJ03MqD2wvI/tO98DLyR
zGohnopHPOL6q3XKawcmTCC81IJHqIhzG4Ba8I6plWpgZMeEXihJJ9ZP/HP/2gAIAQEDAT8h6GbV
GTs8/EDEAPpO3/JQBv8AKhfcaSpUqV0qVKiEp1LK0/1DD85YD/8Anjt9orXAFSfzAAU25CmkBHjv
ARY3eCswKWa6g1ALXR8BwpO/BeBi/WYDQfI+L4HnF7cf7jLly/4blxzKlSpUTRKrNzD6mjjvKlda
mfAa8ep/UtHZM+w4fh9Pz1pYbHkZaKcQRvn18X9oj7itV+IYcrxR0eCUmo0zYr2x/wCVFLYKXlU/
jr0J2i0u4tizxG0JikMjxXWY+H6zh95YqfI5Nj8IYfwflZ+wgAUYDR0Lly5cuX0vrfS5fwoJTk+O
oNYtJkSZvKy5fd+n4A3ajUxdauWTtAe6lZ+nwArr0rH1V90/vgemLRX9LsTMzSs6vntCMFhNi3VS
/E1T7PwCy49zAqbxVouCAA05Oi2PGoVu0tPK9QjfYEmQK6ac/JqZ7acJR8lkCmRd9S5UtMwpw+iU
EToMlu8BUJaUlG69vbD0OYNl0l/WXfnprb6hxEgD77YH5WmEojSrCofV8wnqrTh4K3mypgTHHn+j
mauov72X1K3SbeE4Tidsf2lqXdZ1Lw77Oe4LPlCs2xXl1GqKDpZo2CHPcd65g4u+JtwvJWIcQFjy
v3TV7XB2asDSuUaLC91OQs3cZ1nzACJ7XAv5saiV/wByn5eJkNbKPbY/Kor4j0AsOnDx3mmq7HZv
PyZlwRgVOJNm7lYtKb5AEopeMW9wqZvYFclanheTkCtJtbkx0oGChM54Z7xp+MDPSleC0M3x3mMf
03PHzlwJkdMxIstK9o8h5re8MflA7rtozWnnTnVAmwdXGAbtlIVr3AVmn3Pkz7mzq+t+fH8YANLK
8r+f8TGGAaJbhqNChBdKLzAPJd4fQQPbOoqrdY8BWZx+1ix3Ha62qflLTRdTbOi6ww8BoG+ES4tX
20aNkgnkTBgLEFzJkTCJ78RRAGG51SLKAV3QKssMtWnbV85ZibQr5VM15OYItROGNtvFxwsJIZ2Y
tULBzMnL7dzEOm2YztWoWX4RcSC3WPq8QoS2PlSuGohdUtU7MYaiGhkg7H8iswYqw0qFaeeaFevM
QwYau5g5UAUoTACfXlt94RjnNbABdUGzfylTUUNV7iKvlKzjBRcE6Oy/SACoSUWlBnRUZ5kfPh2C
zHIwahmVq5vb39N9R3bkf4DlgfKzYfaoJqR2M/JX4j87FB4SNaqHCbl48G3Tyax88eZd4rduHw2P
uaz+6JGs1EzSJB7iur2uVi4FFiu22KO7gkFYwVqoLHXDwMuYcptP4AABVQbWVZ8+XiYsxCAu9UDW
MG89pay5cuXBWRriuFDaHHeYEkqt7BHitfaM5b4ttZXIUe4rZi4O4QythbEYUqORTgUa5CIPnAaV
OfYqJTd3rFhAvubKxDORqF8Los80ZYZgoNNhd7IC0025FWTJ+qZ2jgbaLdhgOWHQrxKF0WwWPmZS
dAhxBS/Rpn2RzfmeWANFyC4V1u5xpzKUnHcFRhTK94mprKgPN7O4G9CSpYqPmG6+UoMovDSuco+6
KPi61NWjqxrgxF3tKRTcXN8g1uBdwwOzCHYe1eZasTDLqCB4O0SOvEIpNHyUag2nVC91N93NSpht
WFDwxG8WiGHydBTsVfeR6uQBIX6AfuQr2/Nid9v1PkwcXrY+UD7ATf0O7Bxo9o+T++gwQM2GDSc0
/NMTH7fTzfP+EAvarEJ3zR925SCO2S38nEEhbuBqCui5cuXBoEYfsBC772ThtOEIGOCtKhJv+LfB
MAj6iMXu5TmEbbYSNMAJoAKhhpfNyt0tvbVbXZxcbzO3WNmj3HvKGEFVkARtZaZKiW0rGpFg6saW
mVN9s98kcMvZfMZsrgbLKdAiPJLENgbUtMcTdkcVNwr2ONzJ2MN/04XKGSZcggUPmY8uqwJsSiek
lpoh6NrkUKpwPbBLJZYhrD8hALp22civqWQdolSyTiDa4jioppQaNLyYaq466H0wsEs65M5CapNg
cbtmbdj3aDGsLm82XNbR8luWjiMq0AxWrlqswXJLUibyErNrvynqXXdwgzKu6P6SME37wffcRTKc
HLLfsaX+YiBSbGN/gGQtQccVqYWKcrv4QLtQhtxmu/UrQUKcqH4VbFs5nJXDvKmhUZkttQbR+L+E
BWhKWa/2aBRQp14x7r+cAJayJLgUBxaKNuJv/vJ45Wlnt/sGqVdr9rqJmVgeGPnMEtCsCS+oNreJ
YHfE+EDpKlofQlCxU4qabC4XRs4n2ECBcuHFDdxkzwg2m6ruxBtynEraGAhk0Iui7pAFKjkPDd23
iMpAXl2ro1VbzLaCKFDg4uxl6xAZRDt+S4ICuqDS8d7ocKQOCJbNl3sA8w1FBwNuFKJGA9DDmEvH
bC5pnZezBfYzcLC1IN6OBT6ogsTVNu0ut+ZQ9y1tJeN5cYhIkUoVyhS0+GX0cw6lJe07f+upqrzn
tZL1fHeNM+AXunwgM1z8YCacaroLnMpMARuEZdYQLgE7N0S+ADSq/cx2GGhh+FQnzTP9G8hXQ841
/nQdqX6N+/B5ZgG0mfO9DTx0+mhsKN3iI7A001eq+0IBe2e4lQAlGo9Ie4+EbrYsqHL3w36MXFZQ
9oNuWELSj1bZLACZ0AnoV+p4inHK8P2TNC6KKq+aT2TPYhRIUO5jEKuKtV5FEqDeIsm3DbP63nF8
2/6Olilf6YylqN62QHAe5jwC13DUACizUBby2PzgQtowTEZ521DZvoBT+zqHl8JcuXL05Pq/4gAA
EsiUN9ghVAXuTwcvl8qhRsY4RLhaEtm+Z82Fl+zGe5L/AAUU8JKocYQh4sr5yRCYbpH5lh8h9ys1
exuqthP/AMFaaxp3R7XuXCAN0BX1dwegHYH4RSTWFj8oABQwBqp47aB9GeI+ofQhDDxKh8xliE4A
fbr56nj6pAAKGAJywi2R7q4oVbeFl7p4g+UC9ChvLfN1AmbpTQsdr3AzGy0qTtTm54qaD0Vqphgo
OcNAsaiKTNoFdhXEtFrwgtcvdlbsqAGmreZ3Fb/SrlDxUY54xrcpV6wBoaS+Y4iu0DT3O0uXLjxj
k/AGYnGHtKJT3/IADm3ptSVZlSuy88QOp3hIEgIvGfSh+8srnkB9DKlq4Wwz4yZSYNgqncUVXtC3
BQj62S9faHhBwcvddr5etxI8rfY+zYfOCERK4FlHIoclUylJTrw9jpwoxvxCDj6yshnuhVzNDwpq
1EYrc2Yl5ju/OSiR9pAG9LOquZmC/IOweLTfaW4CoKBKeKvcwiToAB87Kggt1jZGbaljCVQwmTRW
9PnAV68aHvRnawhKRpveMyVOVA4N7ijflK7GKhoKHIu/MrjEYpffFvNyxwwmAfgbmXJWtWOFO9Ew
0A2gDVM5Odt5jaDYgKh3Ko4qFKaU2MQFGBxBqWWbUOBZfEHS11DFUGcWcsw+ErtRyuvEXKN/Bz2a
GEW/UsAWwZ7pcx7Mo9/CFgAHQu5iVXLPGAyA6A6/jACnrlbtJVhSNMoZa2W+Ea/KXGfnZH0D7Ims
21Px7+ZG6yPR+1/VYPW5AAL3lTf6f7Dm0hdFh35jNCmXMQUoyFcxW8tawzUDqgUU8HaAIWN0KhQU
YDRLnFr4aZ+sCZF90z9YBgDwb9wMoIFUB21NuD8nuc9vs8d0d2pQkTY5Jvwyi9mn7QBeN78wKsHi
x9I+a7dfwA+075h0Xbng+kAaK5gYC0KKb7xe7De8bqaPZjsp3fOAgBTIViLJB0Kw+4DoNV8u04AX
TwVjDvTLlKPmwqaj4QCXkH8lytOP3ie4qmoFpjj8/wAwB/ahac9B3MQrg+UHSugWjcJlX4YnQqXL
ly5cuXLly5cvpcuXLly+qBaNd5cuaYsRl14gKCj4vmphmXgb51Fyz2B4Qhk2ZBlA77bXKgmfWKdx
bPtmJxaIorvxZFzOtD6j3ggecxS5BWYt1oWqoDLvNtvYW5ccPzr+DRVOdjL/APV/5FSd4PzxCGPJ
WvtBqWdgx9fgQSnJOyPUeJE/tX/sDz9kOVWLFVXm5/6pHhE/oMOT7YPasDvTtzEKCe5cuXLl9OBp
5mdcvPS/Yleh/Eqg1ac7te/YRKCleGMv0i5WcotVArwdo0tPgDKpXnBkqpcZVqUMqW3MqF0sqNhs
PN6hd2OhHl+2JQpSmTt/CpsH/jQd5n+BxHvJPIh3YB3e5pgev5sQjX2XTTVckJKNdojTu+I8UVFo
QG8uCcfvfD9MIEewV+GtC6xWIzHYUi05wkzIRuN7oS4MrkNjYpYuwdwQLLQb3Al//uf/2gAIAQID
AT8h6Dpx8VK4t/y3/GCHzB/mIzh7RNXxL6rXW4tHYf7DI7EuXLly5e+v+R401mYh6MFcd/iaBi5c
uXMBKceb7wPZg33/AHLly5cuGnJMnMoeO0Ik0y5cy2oZK0e+zB1GTiX0UTl+YYX+x8NR/wAoCnX8
Az5r4EBS01NAD/c/AhKQXPMHkPvOwfeG7S+lQBRo6kKcjEy+tx85yn0X8wAo64qhNI5yoTUEy0t0
J0vHoUSprLypaWlpfoH0Wh0DUuPjTp1vKZGUutIi1CN1cJ/j4ToTSGVxehiiHVWRhzlnEdvMXHQ/
nNp+kvHy6Trf0jD1UPWuWnclxBuWcn16/Y6XLqD/AA4YHxJmbwOlpGbwzqGsJDpadDrDL4Jg10/n
8HehbocypU1iLo+S2W6K9/4f7CGyu3/n+xeei0e+Afw6dD+CHovjqHWj0MaV0jXRfpcr6SDoadK6
d/qqZbL9iLAYjkxC9u/wYSLJnm9y6u2qqvhoXl9RyS7cXijq8dRly+ujUt5IaOSYFRa43BrTuOvn
mkxK6FkFVn3xGfbKYihLfOEUy9XA0SlqWwlo4X1T4ZXxAd8fG1dbXfN9Xf8AA1YXa+lvDSyGlsH3
ylt1Fua6IBqOkyOobT9o/nH8EPymy9p8nM4+ukRknl6mr6/5ri/EGB0FIt9RqLBEW+oulvgvpbL6
2y3+Mw/kUXq30PhsRUpZ0JmJOIiVmEcIB01r1/spjo/SVX0gm09wEIr8SvxD9wt1fhuXL/kqVK6H
/C9/DcX4B+C+i/8AZcP+u/HsV0l8JZpzBHmZB3K0r1Bc/wAOOgRPht8I36teufwUR6Ll/wAOmaPU
v7Y2OIKrFhcZMd5fFbuYcP8AutL9W/8AOhkma+YtbnlmKpiqA5inMU5//c//2gAIAQMDAT8hqVGk
qVKlSpegV/LX8ap2JUqVKlSpUqVKlSpUqKeeipUqVKlSptdEyb5lSpUqVKT/AJCXmEa+IWVypUqV
HaYOBlSpUqVOfrQypU3HZBUipUop3lNuGVKlSpY/8t/w1ypUqCkRWypUqCloU62sqV0cyuhidtOJ
D1EZtCLjNxBKSkuD0HLoAy5vKy5SUlJSXK9FI9CRp8Zz1rqkp/lWbRxqB0EWR6oV0GMp5hpAz0Ea
dFZ+fS/CQ6j1LSses/4Q/EOJrF6S3RWONx6a9JboN5p8G0vp/D4unQly49T4ff4W3R/gE6K+IqdB
G19KX0V6Ax0sPQ26X0f4y5AHHwhcEL6nVJUrruXCvBHZwzJuBbOolsagudog9GmABPtlM++WwAZ9
sYtlbiLZaXKVcrDKuoxPgv8AlV1PirXnpsRqldLWO1MVqIv2y3BuGJ7sS3DaYTcdJ+sPxh+SfrNC
fNxOfvpCJY4e5se/gP8ApwKKxF6JcCuqQiDA6o6U+CulErrRKPiP+IwuIqN9XRszx0fhkFctnoHE
GcwUvHQ8xXov89T9pf5imh9RMYv8y/zH9Ra/5gp8D/wvXw1A+BPgrof9lR/658ahfQVylGzEdeJg
DUuS7cVx/DnosH4afDdfi+/wSD+Rtmz3K++FJmGARU1CHPaUzeqmXL/upK9en86XMVQIVPHOaZri
kO1AOP8A9z//2gAMAwEAAhEDEQAAELXbbULoAJ/2/P5xBGYrbbbbbaf7dbXLbaX2/tkBJBHIF+3K
bbT7bbJZatVmkle0tIAba23XnAIE40kekknqWnE/DW+GjjpGspYWT0blgDm228a3fG27bbc2SDUi
WsSslukXTg/bH1h+QlLaAANstIksk8ldkisddMh8IbFqelwACSe+TbRqlTstqdTdsTjQs/oOSTqS
TmTOaVs45P8AmyqxWbCKm2sk/Ekmokko08unnsX8BEkB3kM98T9MkkkkkkkgMCJ1om2rlaohbJVW
3E7U4AAAAAAAA2gixJe5GlapJ5JVtDvUwAAIAAAAJa27RLWIa+2n5LIqIEElaJJDxJJJIkkiokin
ZLSAm2kv/JXbgkkm14hzkySQKcSQRpLrLwFJaGqNySSSKGARKSSSSeSSSSSSSSQCNJySSSSSTkjA
+ySSSSSSSSSSSSSSSSSSSSSSSSSSSST/2gAIAQEDAT8QpKTPgMBS6qdmsSkpKSkpG14ysr/PzXkk
BUeHgOXurleWJAOZZLly5cuXLly5kzEIqTrkEUBbgNsOoQAKwjkSFLNVeR5cU9GAkG3ER2/ouIyf
7E7yMpKSkpKSkpKSkpKSkcWi3tFgIlhkGii1Rxhs4hoRQmxWgK2riAMiLE5GUlI7ZQAWq4ACUlJ6
SiK0Rduidtvyl8jgHhHyAE9J6T0npPSUMiFGeF9jf34lKtjfqXLly5cuXL6lBTGr0EEKQBXSIVxL
hxRaBVqyWy0t2lSpSUhiqv8AJOvKzxKOWKrj6j8TxPSek9J6RV6nINBhWLw3+Mqz4RQxC1397npP
Sek9J6QLZchukVzW1nOOLHj5MCgwYCXhDakFFbYtRyclmC6HHIMIcWXgz0npDngsgDsWvKp25iva
cgoJzHsJ6T0jwgrblFp8k/KOWXRWIvsLck9J6T0npHdtgP8Aeug4wQAUAaAl7Ro+MC+i5fRfUW5i
Ylxsdmx0zG5cuXMSjoZew8Q4RlJ6Q+UZt/8Ap7npPSekt20WjNo3VxDaTt0C9zQzPSek9JeEuBzZ
CqptyYkbvtRVREBUYODTLiQGUqqgISkJTA3GYslvQfaArF08EDVpkMzLCYncSyekDUKObFxm8Rsj
2aUWr7Z6T0jaFC1Imkj8OqRHuwPrHnDgdu9iR8LdrX2J6T0lj8HAAuwppLrvNHtwQP6SKcgg1ld8
xyfRoSAGoaAWswR2iFmEDiw13hoXrRYVkE3OVZjKAgXlk+Xd6gtO04Yy9IVbF+4Fetgq1YDK1hkS
twXCQutRBoLckOx3BAOo7wAFwWIU2Wd43YBCx2kUo7M165C/y4aINubDR62CiSnwRZS0OQa1U1Wy
r1ZVMsObAewSFNOHM2mlhaKGJ6ZZkbjws8oRDK+5LN8Q0azBtqO7UTjAIhWh2MkrvELwC5RI2VWW
ZWjqF81WW1i3yrOpn5txRYmfYkKacS3xqFVEqJRdgqmGDget+AMmhoa3SMWiz/4ACNAyNauyF4F5
rZYwJQvjvRaEg20rWW5e2JUJgqKwDWWsqDCkxAnOt7PJ2RyMX3xf/UD5npPSek9J6T0ghIaFUr3V
QYCjAwHK/vqvYuJfBCGRHIjC12aTXO+NZDZUIwASk240h4WYKGMTWOQbatHKSoBuIUxT1QoeEq7F
OYANzENHZACnZAciek9J6T0npPSek9J6T0lZNTXIlg/137QotFQUAHAQsywUQ1Zd2giiZAfKX76S
gG63aaF5HIjxB8M/U4b84nmblte+BjGqpi49qXe3UNtWMnbkz0PC2CvDBD7rETqoExZMv/KDDL2l
YOFbDb1jYjAhimja1sI8CErXzTPvZzejUSK3AXK9qLQaGDNmskyS2tknfJFU4AXJUChmyG8VOJGw
S/yQkJuFxuy793G2LjHIlQ3213eWHHsHRm+IQUZo7pKbHON8RUQ/gC3iqgStvbANIlEkYYJctaqm
GHlEai5jGxQ58Cjr/scL8OEqQTZbZjWgqmFCW4TNTrD5eV/+fUfgoAgIFZBJptmoPyBZQDmgllc5
eZk0bi5fUAF2hdU5iqyIFk8hWNoKv9Nz0npKrkgGwXwPR9XULHEA/wAg/wAwQ1WfTAAPa/miqVCq
UUieJgQasoiUiQA4LCxYpEPDAfKioLa6YnJvYcYq2iI9klGI1Osu9sRs4dgxEloaVos+KpjBWyFb
2L8ZXGcuXWaztc2+GJoKcniek9J6T1nrPWesGoa0UB3Vges5Nia6424/MuDsTgIo9x3dostbe78I
U92AAXjHzoDzEUnQaFaum1F088IBHAx8coEOXkEeZoa1EeTTWiNCQ/lQ6KBKIe6FJZA0+/cIJXTR
heUNMhu2wwllDOKtTqwOOF7DZuKdrVRDXf0YYyQrs4caumb91gAHNHChuO3O5Po1giFQ+qRGGlaJ
r6RxRrDq7XoiBKWQayIdp9Jjt/7wb4q8RUFt5eCV6XFPuJphvQnTSoDgcpmAM0vWEHFtC2eatyfz
jkWlHi7l0uUcqNyzfFnLfrN7iOgc2vAtK4UlCfrrAq5VmqzLtPFNNltwlxKFmCILFDjPeUE5Aatb
k02dzYKwYrnGYAezhXmoEbVawsxLpxL8zM5Ck+kA/EICOE0z1iwB32t/UGPlPaDWjK6IigIDSuj2
kUQIYLR90oyz7f6f8gZSdmzLfcsdk0nlnB8rPmylqTe0uV/dwM9b/po/5QoPGsjT1m1YENWK0oEY
3S8gM9Z6z1nrPWes9Z6zNoJe7kYwHyRJTAEsJi0fshcRABQhGBzl/CD7sFcJBQFDTQwjA+Ri1No7
Atz9U4Vk+sFowIw7A7Iuw8AmKium5bKxzzzhyjStVzAoGC29moVpVrNym/5EwhUbVrE9Yl0NRFb5
QMCvlKRqM125woMB4h+9GlViZjJ8wol+N07yFWRAJ32ETbtWEDNndig7VUGqMNCwlA4evEX5gBSl
3QCynJqUTQxFRRZZbArzcpLNTAXbCWByI6bIJVNbLIWOGBus8R48PJQCB2Az5OYsMdl4GVZdWEL0
GIzHHE02zgKAnzpFZWKcmjDCwLxitBGqmBxHETHRSGWsskxU4W4e0HCc5cmKE0BXJMOdKOMDinGT
XVKrQLc0EFofUOEziE+uIA8VqyHd7TxuESPHgeHueGUzlgK/IX2hBQ0XIeFLTxcs4MAFi6CN3ti7
fZwvN6GpE2MShVBoNE9Z6z1jLGQMMwq2+zCOAEsy89p6z1nrPWVmBfLgj4ogALuPWesJDfLaAoOM
poMsdK1GgF7S0peobGLFY2mAW1+ZFeUFIy1gUpQI75H4sl+IEv8AtszuUfORAFFrEciJw9A+R8zL
7qF+ZQrFM1yCHdwr+UHlEFou3tyPGXmG9nRq1H8xO2JkjQgiWAubNSm8bNhRgm6r9s7iVcBIyIMT
AjEyQjsJ+czHGUXdDOfT0InFH6HhIl+Tgg9cfGLLAAd6Jjs8+PUDEom4lYwCUSgoe6I8jyEYRaMB
UgIVi4CcWdgDkf1B9XoUROOCZB7ytDq1KFe5FAl6uDDWB5ELWgmzEyFHbULZCEBAu5EAaEVttpxi
ODLAcjUkmTR4xCfITKb8BVUHyqMAxng8nshT2YBChCnPKVSEBnsMIz+yui46ZPxh2o2LSZs8R6z1
gTAAD0kBnGPLsrvepTwAPrkee09Z6z1nrLTSlNdpaq4nrPWes9elJlp4KOkHaKIBtVwETWbVgx6G
cYkFxmQD6Hmadwqpci7pk8TRf8JXtW32F3Q2eZdUNc9ndx8g+cQg142vzTuzhLi/sbL8PcKkdkWq
6/Xc38oSAlALpJexIfI6QoyzrzEf+yULGizRt3HeD+AaKy00BqH8bLpaSwIQcBhWHlZD51HOs7qx
lhHVOFzWBe9lcIW9WLsLF0UwtPExYg6UEeVniJ8nHkDMaRUFRW0tiPJi5SyucajMCx3QRjjxpUVf
Xmz8wo4Q2m8Ay19CAAR2YiikErAVhTgFciFg+Vs1sCvVowS/wiy3N1AUbjxf1nBSooIPEaAYQL5p
Cz5/AAza19GT71/wf/8A9Z6we3HLeFLqNCq4C1wRDTQMm1dVfZvsvUBzzqBM0KkUpWOKokSbq8aX
1it+uwQHVB+EWFxAYy/P5Bk7Myo3VMV0ngQRGiZ2AXUqatbyBg8G1e0bf3X0KDB0LfNS5O0Gkb67
DvsJAWRQgOyrGAAKDUAUAGgmbUXmbvSkz3G85+kIAuLOBuhqEWbWN1eCS5cEjdUL1rKYKAoMABoA
j59bMvuvk+cpMudGatF2N1FxraIzdqPuIIUYwByKtjxCdmYcTRUqZuLXNTfiCjHoxU4CNUrAHAYA
j3+sdm1gVbgirY7K7lQWd2WkSLkKpF0vFwve1IsrP7EMWXMomwGZcMbhgKZm8BGheGXmTJO+pl5P
gGp5u/pNcYtnrPWessPKxVdmsyjaWFqq05nrPWes9Z6z1nrPWes9Z6wQ5SpMzq6xiEOUsA6VQx7c
9oAzgXUSxs0HnPpN4g4v1LQGYavnk/8ApEmYUXGDDlj8wwz2SvYZR2vfZRejXmVNqtXKKy5fRbq8
+a99Aew8YrEKCOcslo9kcofRAGlgOSgbBsMOBAVM7nOwa64YpIth5DBZFLLbGosR6UtLduH5qBPF
mRJRvyuAWsczMHDJcMEnHvHZFDDMlYoFL9qlOZWhCAMeKNh3ApwxKoHc4Pl6i1EcaGUx4sVWcNNq
5mLVKoausaiZhbrKK1IFFZM3eFYIsNzFjYBYVHH/AJLeoclIBQOS5RqVzcuc0obUBWKhC6r5pdHF
edXxWJTMVArQmBBdYvtqJGUnkPhbYIZsagonciclOBsr54lF69oJVj3ZWK5zBkiaFwBlXJBhOblQ
Rq9GBTEYF5wtQasEcJACinStXio1tZlWigDqD72Y20EAUGWjBfRfvN7E9Z6z1nrAqsoAV2L3E2F3
k8pitIItu4anrPWes9Z6z1nrPXqHhdjdLTYB5FGxSN18079j/ImIHCggNU0qsVAMvpxTO8tnfyIH
OFiF5pbPEzUyuDgtVW+WJrsO9/4i19ETP6lyBzaQtcHD0clcpKA2IcNzKBFgbNl7qNpq5AHDh2MG
IMQdESLWkqtrCIwFAUB46AERLBXDQ7QYsqEDDh2hdOd1BZx7Qu6kAA7AO3EWzatWDCqruxC1qZiF
ZYwwAt4KKzGmiDErORiuSZiGarPJSnxMIJe6hklW98EQJgiQUdnDMZNVsuwApWlFZgwbS2zdXEDd
FADBiEoQVQAWra+2WQRrDQaVm4mkCFw0yL71KupxQWSEbKR8QQtQYAjYhxnMVfKqFHdHcQsTS4A0
16FxYCYwDVVhZQLaLaL6K1/gCE8lvd+ELo8FbATAdsTOWg4WSFvoO4wZSRTCwGX+YAAQrYCOz7qA
c17qTFaD9fuyz/AfVlozvNI176a/zw8nzltS+p+upeG+yV/KABfxgXLgQJZENPUb+aBiUFL2Zfrq
fJiPiAwAPbWVw7iUIwrlqAd7pt5qAtjKAeDF3DpjW5k2lAelqpQ2COzEJFeTWJrS7Xk7ykiVFCMY
Nry4jQr6yBXYwqyeM32mdIftsVMSgIrbhP4ByFjl1ZixJx5O96i1j62Di8FtBFrvwT1X8zygyAvt
iGutKBNiWTOZ+7T7ajfv1P8AkTxhLlD6p+2F/LAfiVg32K/vcD9P7BnJPuz9MOT6n+Jxo9W/KQLN
97r8S/S7jH+JZi9gnxALWgtdBKZfMx+25R+z0PR0c5D5CDrA+A/isNfaisXWXGBUfEHmRenLZfd8
xl4YBYWIHFSL63LySrlAHdyV2DuMAyw2hxZ72p5KzZDbCVGQ3RhpRofGAGMLjTTcOpvjZy8ABizO
cUyp/iubJk+X8L4uGlB/MACgoNB/xAUAdnJNoB9vwi9ekn7J/fP8gdt8w/U5UvJYDQvgH4/mKFlE
FPIlgHc1elvrYuqmmYoHyokd7EqA8zw2ft/FS9DDIMlrSEgqioyK0uKENYbL1HVg2XtoBctQCkiY
YlAms2DtGyoCMmwADhrH/wC5/9oACAECAwE/ELly+sNqa7myXLly5cFVHSu3+UpLly5fRQLZcuXL
mhfrEYFQUsly5cuXLly5cuXLly5ouRSXYwFieXELFkuXBFuAly+i7FLR5DkeePnc1+H3i1+bn4gY
/jorpX8l/AdqLZLYVx/9hNgqspfC1W9vzLl9biFkE8/CBK7yLpRocJ3K+ecUmCi6JXHf8K8/EBEK
d3x4lbG1z3mFbbHg13mko6iykKdquaFmS77PDggCgllwnN8+l6LmWIyeuX1A+cRmgquxpPRh+vMu
XLly/ZcD+WvicBalfGg2SpTFy5cOtYs5q912lScqh2sqvFsuXLnMR7bGILKKeHvjI5447xThXzh9
SvxKmQPX+JaOp4eYWlxDeN7hE6AA7Boly4vOhSPMHTBeC58gH8Q1FZxcfnBPvCWAJcuFSBctl5iC
DNRYXxEReKi4JYRBqpsxqWx5im45JeiBYHLX3+cRSjdTaEaAwVl4P2TIgaglo3M1VMV1iasbmSk3
LVfeKa8XLYrmZqqWqOE6OrIN0uXLly5cD9z1z18qwc/L9fuAANtP9+/1PIM7uYmrzc0u5cuXLly5
cuXLn+pMsFQRQ7wBU5lwHY/ayvbNVBRxlA+lf5MLw3AAE1cQq1hDHoqBoEuv7UxPB+2C21lKi0e1
faJDTcv9ksB2iUcZQPx/kJvzaUu8N/eVqjWH3uAsu8NkqAByP0lVe1+sDQJdP9IlTGKT6wNBXZ97
g0lcB95bfkPtUrphOGXLg+8e2ReELTcA9xYhuaMvtBvohIli5OSBUQbnN2lgMuXLly5cuXDKDll0
qVKlSoZXiOY1i+ZbFF+I1L5mArdX+Y1X/cy3kf74gO22oioZr3LYPucfeP8AhL1fi/1FcOYjQixz
2v8AUFSclfSIorm4u1Nq8tf2oLECs5gkuzV/T/5LVdmrgg1DFkuXdWKBHtou34Bf1hgGf6/oIiPA
Rj7Kx5SHeOFqLwZr58/aK4Z5SG1cw/fiKXtly5cuXLly5n07/Eq7ov5/7L3o1Uo8kva94tCL1VcV
FMQV7ty2PDcEcEo+cW/b7RG/Lct4Itbo3cZWS2fJ/wCwLXj7FQRx3+8R+R9oL5/iKAHe4p9bgyvA
n1v/AGVt3So5emkySzENO5WBI7PG/oK+6wakHgl0tT33LhMra2/3toly5coOgBcSCiu5wsf28DwP
He3ef9ly5cuXbKOBb9JlilS8izNp2+UuXAtfS53ZWB62F2qJL5HfzMzyD1zHWduX/IwGwtf1GTQL
GKybi5tvnklxO3Spdue8zrctoTwgKnEXVieUerseSMCrQqFlWeEuaUPccDYj2iFiBV/+TI6rNf8A
sS3uHmYIYRTiKII1uvgLymXLgslYaJcuXLlPS7WeHvMXcuXLly5vFb5xvfbitVvmXLlr4m5vXS2P
dTwHi+81Tb7ihmxTETBZREWEJohLi94aPsTIBjBnDz7i4efzjt/J+Ybf1qa4+2j+j3AtK1a+cvuQ
19U/IloDDU3f3ibez4ScIy5cuXLly5cuXLly5cuXLjWO/EpZQdNI1E2bhjUYmjUR23NApE2b6gwK
RhXVtS2qltVxLaqW3ctu+YA2OYp2xV3FXExVbULLvMFNQU18GkuXLlzKYEuXLly5cuXLly5kqAFv
UWK1zAudyBXwUVeQ/UB8nn/5EvI58eIACzl/UrpKObmWuSj5OYbHrvK4VW4GLOFgLw7xxfbf6gM4
vEog8vsqCU7l/mAaxscfLEDRju+/+SlsQA47Eqxk7P8AIoLN3AUxsftcAZ1ald7whMWf1UJNlU/b
mPTtly5cv4BcuXLly5cuXLixD1KiHR6QV5gjrpctly3rbLZbLelqqGOtsKNxV6Wy4h/e8uX0vSd5
UAg8y5cuXHMuEuXLly5cuXLly5cuY3LO8snuViXBGoPMEdSpUqV/xWdVCBxFvcuXLly5S2q4rdxO
f4u5mGBEGaGEg2/pCJG7amJa1ah+atS5fxCVmV3SgME8FTJ8AwKCnpPSLhA8JXpPjFweYI6lSvhF
Felpb+H878M+6fuVK8p/LEvm5uMTA/37RTOj98w3thEDsH4ZTSMf4RT/AI7gXMJWl4wVd/zI6GKC
2EvhyT+ipzmIFkxB6MIkLpD6cP8A9z//2gAIAQMDAT8Q6C0vn4gYwhijX8Fy5cuXG0qVKldK+Cpt
CMd0atP8wAByjCDuqzGvUL4PgJXdx/kSx3fF/Jcv/BXwKOW5kht3+pUrpUqG5iPx8P50WZ8V2j2j
Lrt+vi+e0Ih84qD104wTDe313Iusw89YkXD8RmJ+p+EKA6L/AAXLly/hrqIbJfxoOGbRr4AIg0M5
gfAEcQ8EqV0WPZ1Klkrt6KiVZsgVX0P8m4V+T9Sy2ypUz3FODxBQXFwK1zAEObgZgFhRdzRncrnx
AdQxGtsWlGC/tBWWVc0DCykRQOX9MwCsQFzFdzNVzZnUxWMrddogX5qUzfExXcoBMj0sKZcqVKlS
pUqBS+rGulpjESKlSpUqVKlSpU5maiuIbPaKi3EoV7v6CX74u4omcCv1uZHkqIrTuoIA7L924q1G
rmd5f0QeC8DAsd7gyW1K/QlCe8GJ2H/f9ldeCpah2r7S9297+1RVA1lqXVV4T6y36BFWo1Z/WCp9
j9Iu1839qg7Hzcorwv7l9LS5UrpCQ8SoEbT131SVKlSpUqVKlS5zHUuXL6u3hid5riUwDXmBauIZ
t96hdU8Af3zKLxouIAXmUxHZ5+0OK3Xmv3OVxEFmB+9fuJs7N/WbN8VANU0+RcTmHB4iBqua+v8A
9lL1zUGJFJUVHXzZTKIk1LQEpKdorKlSpUqVKldbX4g1VtStb5uWStB2hVWUu75uAIhA7FSmfJUQ
8ssgT7/eAV6qU8kCFeKhCmcPH/yLff75iXnt9oJT394iCqvaoL9IjPlH6V/ktTsNwwdNjO38NpXS
pUqIz3T6laGO+7lSpUqXqgtPHHLKlQ569mXiutXgXCB8ztPpA+4b+Jg/2XToaCVTsaSGA6qVNNfS
WA9+liacdoDjUpunygsHmA1T4QrmkjAXhYmrp8pUWC+oKqkTvBKA3df+zArvF/8AkClqPi4k5EHm
A2CXq/gOaVKhLRzKlSpUFNdKlSpUqLKvFVUqVDXxCqr2v9dK5dXPIea7TZNPqCmDNkIMmbYQLgBu
UNA7RyuGApCpGTj1AycflDR+/wAR/t7m2Pvof7eosG6E38pTRht7p+BKwuS5p/vM09HwVcVlSpUq
VKlSpUqVKlSpUrqECvipZAyzt7yx6BsXA0KjmEB2XAGptAYBorqjYQmS6LlF3KLvmUXcp2lFVxFC
kxAGiAGoBM10XGiqxEHcQfg3/wCJfHdQwFqIjT0ObKOWnzFqdiLfwWAOF/cR83j/AOwY8D6+YpWn
g/cutEeKmr4b+pGZ9y+V3qKzTyEbWXaGa76/cbjNZlhXw/UUW9n/ACKLzpP/AGLzns+0s1mETMuh
jy/2CWnVRAc6T71FON0JfWso3Nf1mKCs3+YdBz8NSpX8NSujljSS5cuA9RFYiJvpUo6UdalSpR0p
dx61GxUAOlHQH4KWPaXBcqsSpUqV8FSpUqVKlSpUqVKlTOulPS8yoh3E4iJv/mp6gs7sCtSpUqVK
lrtUDo5nE81UwHIhDFrJFofaKwlUXM6mAuN4sSpXxI3iXFq5nkuYPgqLRM9p7wMYPnLy8POAicRE
38asE6USj+H8D8k+yfqWb9l+CAfFxUAmWA72/riI9MoU/wBCyW2hD+FD/kW4jKsrCQB/MZp1AMGG
VwYZ/ZczYZimDMatMwYhtGrMv/3P/9k=

--_004_87ECC8FDD0E3459FB942D95FF7913C77nexussafecom_--