From nobody Tue Jan 2 10:47:40 2018 Return-Path: X-Original-To: crypto-panel@ietfa.amsl.com Delivered-To: crypto-panel@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1A0E12D811 for ; Tue, 2 Jan 2018 10:47:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ieee-org.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4JdJ29kbwqJu for ; Tue, 2 Jan 2018 10:47:36 -0800 (PST) Received: from mail-yw0-x241.google.com (mail-yw0-x241.google.com [IPv6:2607:f8b0:4002:c05::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA00312D7F8 for ; Tue, 2 Jan 2018 10:47:35 -0800 (PST) Received: by mail-yw0-x241.google.com with SMTP id g191so12174591ywe.7 for ; Tue, 02 Jan 2018 10:47:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Cz2KzBg6ggZRXaF0WeaUAhVzYT81d2qD9R4tkB0FiDE=; b=bTCaHINOcJTE6mJzQC2l1q8I/o6S1nQ63Yg39TakwzQXclvdZiheMaRhAKTtFrEehh BtArBmEqCmMQ1P8pAsc0s62U1XIKBCOpZpp2HjXCc1xXH+x5+SkLQBKe3jqw1sx8kxy8 SCPErTT3LtlskalGl3ZcU2o+9nScTyEB5b/YJcl4HdaxUfutt2AZJhpMknWUDwlARrou Hetq+Sn52pi0eehAk5sgBcupj+lzdWOpIA2BkMvT9kDmYSGaFjOfgRbeA6xqfpG0+al3 lE03NaqJVqFA47fbxAg+nterhp9Lu6WZymXRD5JaremN+ap/KVKafauYNWxoqQlsr0C+ a6PA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Cz2KzBg6ggZRXaF0WeaUAhVzYT81d2qD9R4tkB0FiDE=; b=DESfz9bCPC4nrVVwX8zqknk3sFzUJnH5lAe2ylmNz+H5rtw4ip2V2k9ZG1MN/x01p5 GhjFHs4jUgRfkA+Y9T4yQeIc9aTQBntyrd3QCXGfldL7naVmvwWBYcrC0M9PxuB0vKzn 7acb4GLw1gEEyRHmyRV2Xpb+OjEqNKGqmeP3kFRwVHiEtUAtDtN9hizxvELoOn5cKafG ClebOjrFIlnI/emAz4uJMyHMQ4Gi5EvwQgorqJT6cjt0rdMFYvyhMuFa0As6c+AqCLSW FT/d9CuNCEv3IUiNKud02ySK85g4egzJY4tXlMibb8nfayoNEHUv/Z76T5i2Xf3v4eAs KkJw== X-Gm-Message-State: AKGB3mKzS8O3ktPfDPYfvP5/L+nqXy6F2eZZuG3DYHmNmrqKWhn0hgzi vhvK20d3htVepAXQ6u/bynne8kpGGxaBGpRErwCB+A== X-Google-Smtp-Source: ACJfBotHKvz8NjB9vhzFfJcCQ+rjysVQ02+nZgHLhRwuYU2AGwvv8ho+sPi91pBGc+3237aJr+41naGkIZ5L7i2keRA= X-Received: by 10.129.200.14 with SMTP id n14mr32274158ywi.367.1514918854645; Tue, 02 Jan 2018 10:47:34 -0800 (PST) MIME-Version: 1.0 Received: by 10.13.225.12 with HTTP; Tue, 2 Jan 2018 10:47:33 -0800 (PST) In-Reply-To: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> References: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> From: Bjoern Tackmann Date: Tue, 2 Jan 2018 19:47:33 +0100 Message-ID: To: Alexey Melnikov Cc: crypto-panel@irtf.org, Nancy Cam-Winget , draft-ribose-openpgp-oscca.authors@ietf.org, Tim Polk Content-Type: multipart/alternative; boundary="089e08222a643215110561cf887f" Archived-At: Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01 X-BeenThere: crypto-panel@irtf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Jan 2018 18:47:39 -0000 --089e08222a643215110561cf887f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Dear Chairs, dear Authors, I apologize for the additional delay in producing my review. Please find the full text below. Best, Bj=C3=B6rn =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D The Internet draft suggests to amend the OpenPGP format to add support for cryptographic schemes SM2, SM3, and SM4 standardized by the Chinese Office of State Commercial Cipher Administration (OSCCA), to make OpenPGP compliant with OSCCA regulations for use in China. As a general remark, the Internet draft does not describe the cryptographic schemes in sufficient detail for implementation, but refers to other sources such as the standardization documents of the OSCCA (in Chinese) or the ISO standards (not freely accessible). As the reviewer was not able to access these sources, this review is based instead on publicly accessible information such as (some expired) Internet drafts and academic papers that describe the schemes in detail, though sometimes inconsistently. The reviewer thinks that a standard-compliant description of the algorithms must be made available in a openly accessible and authoritative way before the present Internet draft can become a standard. The review discusses first the component schemes individually and then their composition within OpenPGP. It concludes with general and editorial remarks. SM2 Signature, as in [SM2-ID, SM2-Paper] - There is a mismatch between the two documents in how the cryptographic parameters are hashed, and the signature algorithm in [SM2-Paper] can generate invalid signatures with small probability. (Neither of the differences affects security.) Furthermore, the data flow depiction in [SM2-ID] does not match any of the the algorithms specified in the documents. (As a side remark, the security statement in [SM2-Paper] is formally meaningless, but this does not affect the validity of the main argument.) - The structure of the SM2 signature scheme roughly resembles ECDSA, but is different in that (a) the message is extended by a hash of an identity and the parameters and (b) the computation in the exponent is different. - In [SM2-Paper], the EUF-CMA security of the signature scheme is proved, based on collision-resistance and a uniformity property of the hash function, in the generic group model. Furthermore, recent security results seem to further connect DSA and SM2 in terms of their security [SM2-TCC, DSA1]. - The known weaknesses of SM2, which are cited in [SM2-ID], appear to be similar to those of DSA and are mostly related to bad choices of nonces and side channels. > Overall, and from the current state of knowledge, the security of SM2 can be seen as roughly comparable to ECDSA, which is already used in OpenPGP. SM2 Key Derivation, as in the reviewed draft and [SM2-ID] - The key derivation is used both in SM2 encryption and for generation of symmetric key material. - It is based on a hash function h, and is defined essentially as h(raw_key | 1) | h(raw_key | 2) | ... - The scheme is secure under strong assumptions on the hash function; essentially, one needs to assume that h(raw_key | .) is a PRF for the specific distribution of raw_key. This is not argued specifically, but holds if h is modeled as random oracle. > Overall, the scheme can be considered secure but makes strong assumptions on the security of the underlying hash function. As the proposed hash function SM3 appears to be secure from the current state of knowledge, this does not pose a problem now, but schemes using this key derivation should be retired as soon as doubts in the security of SM3 emerge. (In the sense of distinguishing attacks, not only collision or preimage.) SM2 Encryption, as in [SM2-ID] - The public-key encryption scheme is based on ElGamal in elliptic curves. The DH key is then used (a) in the above-described key derivation procedure to obtain a key stream for encrypting the plaintext, and (b) in a hash together with the message to compute an integrity code. - Although no particular security analysis is referenced, the reviewer believes that the scheme is secure if (a) the CDH problem on the suggested curve is hard and (b) the hash function is modeled as a random oracle; the latter assumption is required both for the key-derivation and for the integrity code. > Overall, the scheme can be considered secure, with the same caveats as for SM2 Key Derivation mentioned above. SM2 Curve, as in [SM2-ID] - The 256-bit curve is supposed to be a drop-in replacement for P256 and provide a security level of 128 bits, which is appropriate for the combination other suggested schemes. - The reviewer lacks the necessary expertise/time to validate these claims in detail, or to make an in-depth comparison with other curves at a similar level of security. Literature research did not point to any particular weakness of this curve. SM3 Hash Function, as in [SM3-ID] - The SM3 function has a Merkle-Damgaard structure with 256-bits of output, and appears to be meant as a drop-in replacement for SHA256. - SM3 has been cryptanalized in a sequence of papers cited in [SM3-ID], although still not as thoroughly as the SHA2 family. - The security levels stated in [SM3-ID] indicate that SM3 provides safer security margins than SHA256 for all considered attack types (preimage, collision, distinguishing). - The reviewer wondered why the security margins for preimage attacks on SM3 are smaller than those for collisions, as a preimage attack should also give rise to a collision attack. - The reviewer lacks the necessary expertise/time to the hash function from a technical perspective, but the state of the literature suggests that SM3 can be considered safe for the applications in this Internet draft. SM4 Block cipher, as in [SM4-ID] - SM4 is an SPN block cipher with 128-bit block size and 128-bit keys. - The use in OpenPGP will be in CFB mode for encrypting message plaintext. - The reviewer lacks the necessary expertise/time to evaluate the security of SM4 as a block cipher in more detail, but did not find cryptanalytic results that indicated against using SM4. Comment on the use of schemes in OpenPGP Use in OpenPGP will combine the SM2 signature and the CFB-mode of SM4 in an Authenticate-then-Encrypt manner. As CFB is not an authenticated encryption scheme (but instead malleable), and SM2 is not known to be strongly unforgeable (but only existentially unforgeable), the security of the composed scheme cannot be immediately inferred. Yet, as no transformation for computing one valid SM2 signature from another given one (without the use of the private key) is known, this is unlikely to result in exploitable vulnerabilities. General comment: The reviewer has mixed feelings about the cryptography proposed in this draft. On the one hand, from a theorist's perspective, some aspects call for improvement, most importantly the reliance of the scheme on strong properties of the hash function and the idiosyncratic use of cipher-feedback mode for message encryption. On the other hand, these aspects are inherited from the OSCCA proposals or even plain OpenPGP. Furthermore, given the security of the SM2 curve, the SM3 hash function, and the SM4 block cipher (for which the reviewer relied on the literature), the construction does not appear to have exploitable cryptographic vulnerabilities. Editorial: - I found the beginning of Section 4 on SM2 to be unnecessarily detailed, at least given the discussion in the respective subsections. - Section 4.3 appears unnecessary; at least I could find no use of the Key Exchange in the proposals. Result: >From the reviewer's perspective, the main caveat is that there is so far no precise, openly accessible, sufficiently detailed, and authoritative reference for the algorithms SM2, SM3, and SM4. The reviewer believes that this defect must be rectified before the present Internet draft can become an Internet standard. Furthermore, code points for the schemes must be registered. Beyond that, the document is in a good shape, with minor comments listed below. Minor comments: - p2: published in public, similarly on p4 - The document should indicate in the public-key format that they refer to version 4 as specified in RFC4880. - Format in 11.1 is described as a "single MPI" -- but it is not an integer, so rewording may be needed. References: [DSA1] Fersch, M., Kiltz, E., and Poettering, B., "On the Provable Security of (EC)DSA Signatures", ACM CCS 2016 [SM2-ID] https://www.ietf.org/archive/id/draft-shen-sm2-ecdsa-02.txt [SM2-Paper] Zhang, Z., Yang, K., Zhang, J., and C. Chen, "Security of the SM2 Signature Scheme Against Generalized Key Substitution Attacks", December 2015, https://link.springer.com/chapter/10.1007/978-3-319-27152-1_= 7 [SM2-TCC] https://eprint.iacr.org/2017/890.pdf [SM3-ID] Shen, S., Lee, X., Tse, R., Wong, W., and P. Yang, "The SM3 Cryptographic Hash Function", draft-oscca-cfrg-sm3-02 [SM4-ID] Tse, R. and W. Wong, "The SM4 Blockcipher Algorithm And Its Modes Of Operations", draft-ribose-cfrg-sm4-05 On Tue, Nov 28, 2017 at 3:02 PM, Alexey Melnikov wrote: > Dear Crypto Panel, > > SAAG=E2=80=99s SECDISPATCH chairs have requested review of > > before the document fate will be decided (it is likely to end up in the > CURDLE WG). > > Can we have some volunteer(s) please? > > The draft Abstract is: > > This document enables OpenPGP (RFC4880) usage in an compliant manner > with OSCCA (Office of State Commercial Cipher Administration) > regulations for use within China. > > Specifically, it extends OpenPGP to support the usage of SM2, SM3 and > SM4 algorithms, and provides the OSCCA-compliant OpenPGP profile > "OSCCA-SM234". > > > Thank you, > Alexey > > _______________________________________________ > Crypto-panel mailing list > Crypto-panel@irtf.org > https://www.irtf.org/mailman/listinfo/crypto-panel > --089e08222a643215110561cf887f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Dear Chairs, dear Authors,

I= apologize for the additional delay in producing my review. Please find the= full text below.

Best,
Bj=C3=B6rn
=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

The Internet draft suggests to amend the OpenPGP format to add supp= ort for cryptographic schemes SM2, SM3, and SM4 standardized by the Chinese= Office of State Commercial Cipher Administration (OSCCA), to make OpenPGP = compliant with OSCCA regulations for use in China.

As a general remark, the Internet draft does not describe the cryptographi= c schemes in sufficient detail for implementation, but refers to other sour= ces such as the standardization documents of the OSCCA (in Chinese) or the = ISO standards (not freely accessible). As the reviewer was not able to acce= ss these sources, this review is based instead on publicly accessible infor= mation such as (some expired) Internet drafts and academic papers that desc= ribe the schemes in detail, though sometimes inconsistently. The reviewer t= hinks that a standard-compliant description of the algorithms must be made = available in a openly accessible and authoritative way before the present I= nternet draft can become a standard.

The review di= scusses first the component schemes individually and then their composition= within OpenPGP. It concludes with general and editorial remarks.

SM2 Signature, as in [SM2-ID, SM2-Paper]
- There = is a mismatch between the two documents in how the cryptographic parameters= are hashed, and the signature algorithm in [SM2-Paper] can generate invali= d signatures with small probability. (Neither of the differences affects se= curity.) Furthermore, the data flow depiction in [SM2-ID] does not match an= y of the the algorithms specified in the documents. (As a side remark, the = security statement in [SM2-Paper] is formally meaningless, but this does no= t affect the validity of the main argument.)
- The structure of t= he SM2 signature scheme roughly resembles ECDSA, but is different in that (= a) the message is extended by a hash of an identity and the parameters and = (b) the computation in the exponent is different.
- In [SM2-Paper= ], the EUF-CMA security of the signature scheme is proved, based on collisi= on-resistance and a uniformity property of the hash function, in the generi= c group model. Furthermore, recent security results seem to further connect= DSA and SM2 in terms of their security [SM2-TCC, DSA1].
- The kn= own weaknesses of SM2, which are cited in [SM2-ID], appear to be similar to= those of DSA and are mostly related to bad choices of nonces and side chan= nels.
> Overall, and from the current state of knowledge, the = security of SM2 can be seen as roughly comparable to ECDSA, which is alread= y used in OpenPGP.

SM2 Key Derivation, as in the r= eviewed draft and [SM2-ID]
- The key derivation is used both in S= M2 encryption and for generation of symmetric key material.
- It = is based on a hash function h, and is defined essentially as h(raw_key | 1)= | h(raw_key | 2) | ...
- The scheme is secure under strong assum= ptions on the hash function; essentially, one needs to assume that h(raw_ke= y | .) is a PRF for the specific distribution of raw_key. This is not argue= d specifically, but holds if h is modeled as random oracle.
> = Overall, the scheme can be considered secure but makes strong assumptions o= n the security of the underlying hash function. As the proposed hash functi= on SM3 appears to be secure from the current state of knowledge, this does = not pose a problem now, but schemes using this key derivation should be ret= ired as soon as doubts in the security of SM3 emerge. (In the sense of dist= inguishing attacks, not only collision or preimage.)

SM2 Encryption, as in [SM2-ID]
- The public-key encryption sch= eme is based on ElGamal in elliptic curves. The DH key is then used (a) in = the above-described key derivation procedure to obtain a key stream for enc= rypting the plaintext, and (b) in a hash together with the message to compu= te an integrity code.
- Although no particular security analysis = is referenced, the reviewer believes that the scheme is secure if (a) the C= DH problem on the suggested curve is hard and (b) the hash function is mode= led as a random oracle; the latter assumption is required both for the key-= derivation and for the integrity code.
> Overall, the scheme c= an be considered secure, with the same caveats as for SM2 Key Derivation me= ntioned above.

SM2 Curve, as in [SM2-ID]
- The 256-bit curve is supposed to be a drop-in replacement for P256 and p= rovide a security level of 128 bits, which is appropriate for the combinati= on other suggested schemes.
- The reviewer lacks the necessary ex= pertise/time to validate these claims in detail, or to make an in-depth com= parison with other curves at a similar level of security. Literature resear= ch did not point to any particular weakness of this curve.

SM3 Hash Function, as in [SM3-ID]
- The SM3 function has= a Merkle-Damgaard structure with 256-bits of output, and appears to be mea= nt as a drop-in replacement for SHA256.
- SM3 has been cryptanali= zed in a sequence of papers cited in [SM3-ID], although still not as thorou= ghly as the SHA2 family.
- The security levels stated in [SM3-ID]= indicate that SM3 provides safer security margins than SHA256 for all cons= idered attack types (preimage, collision, distinguishing).
- The = reviewer wondered why the security margins for preimage attacks on SM3 are = smaller than those for collisions, as a preimage attack should also give ri= se to a collision attack.
- The reviewer lacks the necessary expe= rtise/time to the hash function from a technical perspective, but the state= of the literature suggests that SM3 can be considered safe for the applica= tions in this Internet draft.

SM4 Block cipher, as= in [SM4-ID]
- SM4 is an SPN block cipher with 128-bit block size= and 128-bit keys.
- The use in OpenPGP will be in CFB mode for e= ncrypting message plaintext.
- The reviewer lacks the necessary e= xpertise/time to evaluate the security of SM4 as a block cipher in more det= ail, but did not find cryptanalytic results that indicated against using SM= 4.

Comment on the use of schemes in OpenPGP
<= div>Use in OpenPGP will combine the SM2 signature and the CFB-mode of SM4 i= n an Authenticate-then-Encrypt manner. As CFB is not an authenticated encry= ption scheme (but instead malleable), and SM2 is not known to be strongly u= nforgeable (but only existentially unforgeable), the security of the compos= ed scheme cannot be immediately inferred. Yet, as no transformation for com= puting one valid SM2 signature from another given one (without the use of t= he private key) is known, this is unlikely to result in exploitable vulnera= bilities.


General comment:
The reviewer has mixed feelings about the cryptography proposed in this d= raft. On the one hand, from a theorist's perspective, some aspects call= for improvement, most importantly the reliance of the scheme on strong pro= perties of the hash function and the idiosyncratic use of cipher-feedback m= ode for message encryption. On the other hand, these aspects are inherited = from the OSCCA proposals or even plain OpenPGP. Furthermore, given the secu= rity of the SM2 curve, the SM3 hash function, and the SM4 block cipher (for= which the reviewer relied on the literature), the construction does not ap= pear to have exploitable cryptographic vulnerabilities.

Editorial:
- I found the beginning of Section 4 on SM2 to b= e unnecessarily detailed, at least given the discussion in the respective s= ubsections.
- Section 4.3 appears unnecessary; at least I could f= ind no use of the Key Exchange in the proposals.

<= br>
Result:
From the reviewer's perspective, the ma= in caveat is that there is so far no precise, openly accessible, sufficient= ly detailed, and authoritative reference for the algorithms SM2, SM3, and S= M4. The reviewer believes that this defect must be rectified before the pre= sent Internet draft can become an Internet standard. Furthermore, code poin= ts for the schemes must be registered. Beyond that, the document is in a go= od shape, with minor comments listed below.


Minor comments:
- p2: published in public, similarly on = p4
- The document should indicate in the public-key format that t= hey refer to version 4 as specified in RFC4880.
- Format in 11.1 = is described as a "single MPI" -- but it is not an integer, so re= wording may be needed.


References:<= /div>
[DSA1] =C2=A0 =C2=A0 =C2=A0Fersch, M., Kiltz, E., and Poettering,= B., "On the Provable Security of (EC)DSA Signatures", ACM CCS 20= 16
[SM2-Paper] Zhang, Z., Yang, K., Zhang, J., = and C. Chen, "Security of the SM2 Signature Scheme Against Generalized= Key Substitution Attacks", December 2015, https://link.springer.com/ch= apter/10.1007/978-3-319-27152-1_7
[SM3-ID] =C2=A0 =C2=A0Shen, S., Lee, X., Tse, R., Wong, W., = and P. Yang, "The SM3 Cryptographic Hash Function", draft-oscca-c= frg-sm3-02
[SM4-ID] =C2=A0 =C2=A0Tse, R. and W. Wong, "The S= M4 Blockcipher Algorithm And Its Modes Of Operations", draft-ribose-cf= rg-sm4-05


On Tue, Nov 28, 2017 at 3:02 PM, Alexey Melnikov <alexey.melnikov@isode.com> wrote:
Dear Crypto Panel,

SAAG=E2=80=99s SECDISPATCH chairs have requested review of
<https://datatracker.ietf.org/do= c/draft-ribose-openpgp-oscca/>
before the document fate will be decided (it is likely to end up in the CUR= DLE WG).

Can we have some volunteer(s) please?

The draft Abstract is:

=C2=A0 =C2=A0This document enables OpenPGP (RFC4880) usage in an compliant = manner
=C2=A0 =C2=A0with OSCCA (Office of State Commercial Cipher Administration)<= br> =C2=A0 =C2=A0regulations for use within China.

=C2=A0 =C2=A0Specifically, it extends OpenPGP to support the usage of SM2, = SM3 and
=C2=A0 =C2=A0SM4 algorithms, and provides the OSCCA-compliant OpenPGP profi= le
=C2=A0 =C2=A0"OSCCA-SM234".


Thank you,
Alexey

_______________________________________________
Crypto-panel mailing list
Crypto-panel@irt= f.org
https://www.irtf.org/mailman/listinfo/crypto-= panel

--089e08222a643215110561cf887f-- From nobody Wed Jan 3 07:18:47 2018 Return-Path: X-Original-To: crypto-panel@ietfa.amsl.com Delivered-To: crypto-panel@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7C8212704A for ; Wed, 3 Jan 2018 07:18:44 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qjjaTS4cHZf3 for ; Wed, 3 Jan 2018 07:18:40 -0800 (PST) Received: from APC01-SG2-obe.outbound.protection.outlook.com (mail-sg2apc01on0050.outbound.protection.outlook.com [104.47.125.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E99A9126DFF for ; Wed, 3 Jan 2018 07:18:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=8nYNJs3Il27n65K0WoFNpr00faRESLIZ61b2oF0Cx3w=; b=an5p7MSmjJ8NEUsvOWo7JOusZSsc8PSNwpGUQSjCxANHBjIL0AexAMdcUHtlkf1Zl4QXkSOY0gVHk8mhPEzOo5oQDrljVoyXbMvsWti+HcCDi1yffSwOgrgNuTW3p8S+yKnqWzJTGUJefPevFEEPZkZeE4iEzlvPP823WkixjYQ= Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1051.apcprd01.prod.exchangelabs.com (10.165.211.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.366.8; Wed, 3 Jan 2018 15:18:30 +0000 Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::b8eb:ed00:f921:128b]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::b8eb:ed00:f921:128b%13]) with mapi id 15.20.0366.009; Wed, 3 Jan 2018 15:18:30 +0000 From: Ronald Tse To: Bjoern Tackmann CC: Alexey Melnikov , "crypto-panel@irtf.org" , Nancy Cam-Winget , "draft-ribose-openpgp-oscca.authors@ietf.org" , Tim Polk Thread-Topic: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01 Thread-Index: AQHTaFGk9+I6QWZrjkm2FNPI8aRJY6NhI6mAgAFX64A= Date: Wed, 3 Jan 2018 15:18:30 +0000 Message-ID: <05BC205B-2975-44D4-A4E3-52FEDC4B89DB@ribose.com> References: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; x-originating-ip: [220.71.45.39] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; PS1PR01MB1051; 7:YvlkKzHLP5+0HRULgUTZ9/iEEu2PEKPSy2CyoI4g1uh3zZlWiph6GF7oAfSQ+zyLdxi7xa6AjsSE5z4ROUHEqCcnJnzxb2qaJnai4LmReLI0x0WH75D/5mRdshbDxxQrjJDUWeSGD8LyYiVijAb04fFQrr0Rw602SXBDm+sgdwp+bGfl//grZQKxsoxOoMx9bV0kQPX+QY7dJQ25VcPy4+26maUPcsyH3RobUj332pd36B3mT+TcA+AuoaItlYhF x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 70c0de94-cdc4-433f-65a6-08d552bd3f48 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(4603075)(4627115)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7153060); SRVR:PS1PR01MB1051; x-ms-traffictypediagnostic: PS1PR01MB1051: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(278428928389397)(120809045254105)(192374486261705)(21532816269658)(280183299450418); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(8121501046)(5005006)(93006095)(93001095)(3231023)(944501075)(3002001)(10201501046)(6041268)(2016111802025)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123558120)(20161123562045)(6072148)(6043046)(201708071742011); SRVR:PS1PR01MB1051; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:PS1PR01MB1051; x-forefront-prvs: 0541031FF6 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(346002)(39380400002)(39830400003)(376002)(396003)(24454002)(199004)(189003)(86362001)(3280700002)(966005)(413944005)(4326008)(81156014)(14454004)(59450400001)(81166006)(229853002)(99286004)(478600001)(6506007)(3660700001)(6486002)(5250100002)(8656006)(8676002)(2906002)(53546011)(6512007)(66066001)(6246003)(33656002)(76176011)(25786009)(230783001)(54896002)(6306002)(6436002)(68736007)(236005)(8936002)(105586002)(97736004)(53936002)(106356001)(36756003)(2950100002)(54906003)(82746002)(83716003)(606006)(3846002)(6116002)(2900100001)(316002)(7736002)(102836004)(5660300001)(6916009); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1051; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:3; LANG:en; received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: tMWdaUrWlcJmpzL58AOiB2kBLLIiAfCUjarWFhHhlFDrbsBjZjPlbGX0qd3WeB7JA5wsTunBXViDGM2iLSrGkA== spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_05BC205B297544D4A4E352FEDC4B89DBribosecom_" MIME-Version: 1.0 X-OriginatorOrg: ribose.com X-MS-Exchange-CrossTenant-Network-Message-Id: 70c0de94-cdc4-433f-65a6-08d552bd3f48 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jan 2018 15:18:30.4611 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1051 Archived-At: Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01 X-BeenThere: crypto-panel@irtf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jan 2018 15:18:45 -0000 --_000_05BC205B297544D4A4E352FEDC4B89DBribosecom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 RGVhciBCasO2cm4sDQoNClRoYW5rIHlvdSB2ZXJ5IG11Y2ggZm9yIHRoZSBjb21wcmVoZW5zaXZl IHJldmlldywgYW5kIGEgYmVsYXRlZCBIYXBweSBOZXcgWWVhciENCg0KSSBhZ3JlZSB3aXRoIG1v c3Qgb2YgdGhlIGNvbW1lbnRzLiBJdCB3b3VsZCBpbmRlZWQgYmUgdXNlZnVsIGFuZCBiZW5lZmlj aWFsIGZvciB0aGUgU00yL1NNMy9TTTQgc2NoZW1lcyB0byBiZSBmcmVlbHkgYXZhaWxhYmxlIGFz IFJGQ3MgZm9yIHRoZSBlc3RhYmxpc2htZW50IG9mIHRoZWlyIHVzYWdlIHdpdGhpbiBPcGVuUEdQ LiBJZiBJIG1heSBjbGFyaWZ5LCB0aGUgU00zIGFuZCBTTTQgSW50ZXJuZXQtRHJhZnRzIGFscmVh ZHkgcHJvdmlkZSBkZXRhaWxlZCBkZXNjcmlwdGlvbnMgb2YgdGhlIGFsZ29yaXRobXMgYW5kIGFs c28gaW5jbHVkZSByZWZlcmVuY2UgaW1wbGVtZW50YXRpb25zLCBhbmQgYXJlIHJlYWR5IGZvciBD RlJHIHJldmlldy4gVGhlIFNNMiBkcmFmdCBpcyBjdXJyZW50bHkgYmVpbmcgdXBkYXRlZCAoYXBv bG9naXplIGZvciB0aGUgZGVsYXnigKYpLCBhbmQgc2hvdWxkIHByb3ZpZGUgYSBzaW1pbGFyIGxl dmVsIG9mIGRldGFpbCB0byB0aG9zZSB0d28gd2hlbiB0aGUgdXBkYXRlIGlzIGNvbXBsZXRlLg0K DQpTb21lIGlkaW9zeW5jcmFzaWVzLCBhcyB5b3UgaGF2ZSByaWdodGx5IHBvaW50ZWQgb3V0LCBj b21lIGZyb20gdGhlIGRlZmluaXRpb24gb2YgdGhlIFNNMiBzY2hlbWUgaXRzZWxmIGFuZCB0aGUg T3BlblBHUCBzdGFuZGFyZCwgc28gdGhlcmXigJlzIG5vdCBtdWNoIHdlIGNhbiBkbyBhYm91dC4g U00yIGlzIGEgc2V0IG9mIHRocmVlIGFsZ29yaXRobXMgdGhhdCBpbmNsdWRlIGRpZ2l0YWwgc2ln bmF0dXJlcywgcHVibGljIGtleSBlbmNyeXB0aW9uIGFuZCBhbHNvIGtleSBleGNoYW5nZS4gVGhh dOKAmXMgd2h5IHRoZSBTTTIgZHJhZnQgaW5jbHVkZWQgYSBzZWN0aW9uIG9uIGtleSBleGNoYW5n ZSDigJQgaXQgd2FzIG5vdCBpbmNsdWRlZCBpbiB0aGUgT3BlblBHUCBkcmFmdCBiZWNhdXNlIGl0 IGlzIG5vdCBzdWl0YWJsZSBmb3IgdXNhZ2UgaW4gdGhlIE9wZW5QR1AgY29udGV4dC4gVGhlIFNN Mi9TTTMvU000IGRvY3VtZW50cyBleGlzdCBpbmRlcGVuZGVudGx5IGZyb20gdGhlIE9wZW5QR1Ag ZG9jdW1lbnQgdGhhdCBpcyBiZWluZyByZXZpZXdlZC4NCg0KT24gYSBzZXBhcmF0ZSBub3RlLCB3 ZSBjb3VsZCBwcm92aWRlIGFjY2VzcyB0byB0aGUgSVNPIHN0YW5kYXJkcyB0aGF0IGRldGFpbCB0 aGVzZSBTTSBhbGdvcml0aG1zIGZvciB0aGUgcHVycG9zZSBvZiB0aGUgcmV2aWV3LiBQbGVhc2Ug ZmVlbCBmcmVlIHRvIGVtYWlsIG1lIHNlcGFyYXRlbHkgb24gdGhpcyBpZiB0aGlzIHdvdWxkIGJl IGhlbHBmdWwuDQoNCkFnYWluLCB0aGFuayB5b3UgdmVyeSBtdWNoIGZvciB0aGUgaGVscGZ1bCBy ZXZpZXchDQoNCktpbmQgcmVnYXJkcywNClJvbg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fDQoNClJvbmFsZCBUc2UNClJpYm9zZSBJbmMuDQoNCk9uIEphbiAzLCAyMDE4 LCBhdCAzOjQ3IEFNLCBCam9lcm4gVGFja21hbm4gPGJqb2Vybi50YWNrbWFubkBpZWVlLm9yZzxt YWlsdG86YmpvZXJuLnRhY2ttYW5uQGllZWUub3JnPj4gd3JvdGU6DQoNCkRlYXIgQ2hhaXJzLCBk ZWFyIEF1dGhvcnMsDQoNCkkgYXBvbG9naXplIGZvciB0aGUgYWRkaXRpb25hbCBkZWxheSBpbiBw cm9kdWNpbmcgbXkgcmV2aWV3LiBQbGVhc2UgZmluZCB0aGUgZnVsbCB0ZXh0IGJlbG93Lg0KDQpC ZXN0LA0KQmrDtnJuDQoNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NCg0K VGhlIEludGVybmV0IGRyYWZ0IHN1Z2dlc3RzIHRvIGFtZW5kIHRoZSBPcGVuUEdQIGZvcm1hdCB0 byBhZGQgc3VwcG9ydCBmb3IgY3J5cHRvZ3JhcGhpYyBzY2hlbWVzIFNNMiwgU00zLCBhbmQgU000 IHN0YW5kYXJkaXplZCBieSB0aGUgQ2hpbmVzZSBPZmZpY2Ugb2YgU3RhdGUgQ29tbWVyY2lhbCBD aXBoZXIgQWRtaW5pc3RyYXRpb24gKE9TQ0NBKSwgdG8gbWFrZSBPcGVuUEdQIGNvbXBsaWFudCB3 aXRoIE9TQ0NBIHJlZ3VsYXRpb25zIGZvciB1c2UgaW4gQ2hpbmEuDQoNCkFzIGEgZ2VuZXJhbCBy ZW1hcmssIHRoZSBJbnRlcm5ldCBkcmFmdCBkb2VzIG5vdCBkZXNjcmliZSB0aGUgY3J5cHRvZ3Jh cGhpYyBzY2hlbWVzIGluIHN1ZmZpY2llbnQgZGV0YWlsIGZvciBpbXBsZW1lbnRhdGlvbiwgYnV0 IHJlZmVycyB0byBvdGhlciBzb3VyY2VzIHN1Y2ggYXMgdGhlIHN0YW5kYXJkaXphdGlvbiBkb2N1 bWVudHMgb2YgdGhlIE9TQ0NBIChpbiBDaGluZXNlKSBvciB0aGUgSVNPIHN0YW5kYXJkcyAobm90 IGZyZWVseSBhY2Nlc3NpYmxlKS4gQXMgdGhlIHJldmlld2VyIHdhcyBub3QgYWJsZSB0byBhY2Nl c3MgdGhlc2Ugc291cmNlcywgdGhpcyByZXZpZXcgaXMgYmFzZWQgaW5zdGVhZCBvbiBwdWJsaWNs eSBhY2Nlc3NpYmxlIGluZm9ybWF0aW9uIHN1Y2ggYXMgKHNvbWUgZXhwaXJlZCkgSW50ZXJuZXQg ZHJhZnRzIGFuZCBhY2FkZW1pYyBwYXBlcnMgdGhhdCBkZXNjcmliZSB0aGUgc2NoZW1lcyBpbiBk ZXRhaWwsIHRob3VnaCBzb21ldGltZXMgaW5jb25zaXN0ZW50bHkuIFRoZSByZXZpZXdlciB0aGlu a3MgdGhhdCBhIHN0YW5kYXJkLWNvbXBsaWFudCBkZXNjcmlwdGlvbiBvZiB0aGUgYWxnb3JpdGht cyBtdXN0IGJlIG1hZGUgYXZhaWxhYmxlIGluIGEgb3Blbmx5IGFjY2Vzc2libGUgYW5kIGF1dGhv cml0YXRpdmUgd2F5IGJlZm9yZSB0aGUgcHJlc2VudCBJbnRlcm5ldCBkcmFmdCBjYW4gYmVjb21l IGEgc3RhbmRhcmQuDQoNClRoZSByZXZpZXcgZGlzY3Vzc2VzIGZpcnN0IHRoZSBjb21wb25lbnQg c2NoZW1lcyBpbmRpdmlkdWFsbHkgYW5kIHRoZW4gdGhlaXIgY29tcG9zaXRpb24gd2l0aGluIE9w ZW5QR1AuIEl0IGNvbmNsdWRlcyB3aXRoIGdlbmVyYWwgYW5kIGVkaXRvcmlhbCByZW1hcmtzLg0K DQpTTTIgU2lnbmF0dXJlLCBhcyBpbiBbU00yLUlELCBTTTItUGFwZXJdDQotIFRoZXJlIGlzIGEg bWlzbWF0Y2ggYmV0d2VlbiB0aGUgdHdvIGRvY3VtZW50cyBpbiBob3cgdGhlIGNyeXB0b2dyYXBo aWMgcGFyYW1ldGVycyBhcmUgaGFzaGVkLCBhbmQgdGhlIHNpZ25hdHVyZSBhbGdvcml0aG0gaW4g W1NNMi1QYXBlcl0gY2FuIGdlbmVyYXRlIGludmFsaWQgc2lnbmF0dXJlcyB3aXRoIHNtYWxsIHBy b2JhYmlsaXR5LiAoTmVpdGhlciBvZiB0aGUgZGlmZmVyZW5jZXMgYWZmZWN0cyBzZWN1cml0eS4p IEZ1cnRoZXJtb3JlLCB0aGUgZGF0YSBmbG93IGRlcGljdGlvbiBpbiBbU00yLUlEXSBkb2VzIG5v dCBtYXRjaCBhbnkgb2YgdGhlIHRoZSBhbGdvcml0aG1zIHNwZWNpZmllZCBpbiB0aGUgZG9jdW1l bnRzLiAoQXMgYSBzaWRlIHJlbWFyaywgdGhlIHNlY3VyaXR5IHN0YXRlbWVudCBpbiBbU00yLVBh cGVyXSBpcyBmb3JtYWxseSBtZWFuaW5nbGVzcywgYnV0IHRoaXMgZG9lcyBub3QgYWZmZWN0IHRo ZSB2YWxpZGl0eSBvZiB0aGUgbWFpbiBhcmd1bWVudC4pDQotIFRoZSBzdHJ1Y3R1cmUgb2YgdGhl IFNNMiBzaWduYXR1cmUgc2NoZW1lIHJvdWdobHkgcmVzZW1ibGVzIEVDRFNBLCBidXQgaXMgZGlm ZmVyZW50IGluIHRoYXQgKGEpIHRoZSBtZXNzYWdlIGlzIGV4dGVuZGVkIGJ5IGEgaGFzaCBvZiBh biBpZGVudGl0eSBhbmQgdGhlIHBhcmFtZXRlcnMgYW5kIChiKSB0aGUgY29tcHV0YXRpb24gaW4g dGhlIGV4cG9uZW50IGlzIGRpZmZlcmVudC4NCi0gSW4gW1NNMi1QYXBlcl0sIHRoZSBFVUYtQ01B IHNlY3VyaXR5IG9mIHRoZSBzaWduYXR1cmUgc2NoZW1lIGlzIHByb3ZlZCwgYmFzZWQgb24gY29s bGlzaW9uLXJlc2lzdGFuY2UgYW5kIGEgdW5pZm9ybWl0eSBwcm9wZXJ0eSBvZiB0aGUgaGFzaCBm dW5jdGlvbiwgaW4gdGhlIGdlbmVyaWMgZ3JvdXAgbW9kZWwuIEZ1cnRoZXJtb3JlLCByZWNlbnQg c2VjdXJpdHkgcmVzdWx0cyBzZWVtIHRvIGZ1cnRoZXIgY29ubmVjdCBEU0EgYW5kIFNNMiBpbiB0 ZXJtcyBvZiB0aGVpciBzZWN1cml0eSBbU00yLVRDQywgRFNBMV0uDQotIFRoZSBrbm93biB3ZWFr bmVzc2VzIG9mIFNNMiwgd2hpY2ggYXJlIGNpdGVkIGluIFtTTTItSURdLCBhcHBlYXIgdG8gYmUg c2ltaWxhciB0byB0aG9zZSBvZiBEU0EgYW5kIGFyZSBtb3N0bHkgcmVsYXRlZCB0byBiYWQgY2hv aWNlcyBvZiBub25jZXMgYW5kIHNpZGUgY2hhbm5lbHMuDQo+IE92ZXJhbGwsIGFuZCBmcm9tIHRo ZSBjdXJyZW50IHN0YXRlIG9mIGtub3dsZWRnZSwgdGhlIHNlY3VyaXR5IG9mIFNNMiBjYW4gYmUg c2VlbiBhcyByb3VnaGx5IGNvbXBhcmFibGUgdG8gRUNEU0EsIHdoaWNoIGlzIGFscmVhZHkgdXNl ZCBpbiBPcGVuUEdQLg0KDQpTTTIgS2V5IERlcml2YXRpb24sIGFzIGluIHRoZSByZXZpZXdlZCBk cmFmdCBhbmQgW1NNMi1JRF0NCi0gVGhlIGtleSBkZXJpdmF0aW9uIGlzIHVzZWQgYm90aCBpbiBT TTIgZW5jcnlwdGlvbiBhbmQgZm9yIGdlbmVyYXRpb24gb2Ygc3ltbWV0cmljIGtleSBtYXRlcmlh bC4NCi0gSXQgaXMgYmFzZWQgb24gYSBoYXNoIGZ1bmN0aW9uIGgsIGFuZCBpcyBkZWZpbmVkIGVz c2VudGlhbGx5IGFzIGgocmF3X2tleSB8IDEpIHwgaChyYXdfa2V5IHwgMikgfCAuLi4NCi0gVGhl IHNjaGVtZSBpcyBzZWN1cmUgdW5kZXIgc3Ryb25nIGFzc3VtcHRpb25zIG9uIHRoZSBoYXNoIGZ1 bmN0aW9uOyBlc3NlbnRpYWxseSwgb25lIG5lZWRzIHRvIGFzc3VtZSB0aGF0IGgocmF3X2tleSB8 IC4pIGlzIGEgUFJGIGZvciB0aGUgc3BlY2lmaWMgZGlzdHJpYnV0aW9uIG9mIHJhd19rZXkuIFRo aXMgaXMgbm90IGFyZ3VlZCBzcGVjaWZpY2FsbHksIGJ1dCBob2xkcyBpZiBoIGlzIG1vZGVsZWQg YXMgcmFuZG9tIG9yYWNsZS4NCj4gT3ZlcmFsbCwgdGhlIHNjaGVtZSBjYW4gYmUgY29uc2lkZXJl ZCBzZWN1cmUgYnV0IG1ha2VzIHN0cm9uZyBhc3N1bXB0aW9ucyBvbiB0aGUgc2VjdXJpdHkgb2Yg dGhlIHVuZGVybHlpbmcgaGFzaCBmdW5jdGlvbi4gQXMgdGhlIHByb3Bvc2VkIGhhc2ggZnVuY3Rp b24gU00zIGFwcGVhcnMgdG8gYmUgc2VjdXJlIGZyb20gdGhlIGN1cnJlbnQgc3RhdGUgb2Yga25v d2xlZGdlLCB0aGlzIGRvZXMgbm90IHBvc2UgYSBwcm9ibGVtIG5vdywgYnV0IHNjaGVtZXMgdXNp bmcgdGhpcyBrZXkgZGVyaXZhdGlvbiBzaG91bGQgYmUgcmV0aXJlZCBhcyBzb29uIGFzIGRvdWJ0 cyBpbiB0aGUgc2VjdXJpdHkgb2YgU00zIGVtZXJnZS4gKEluIHRoZSBzZW5zZSBvZiBkaXN0aW5n dWlzaGluZyBhdHRhY2tzLCBub3Qgb25seSBjb2xsaXNpb24gb3IgcHJlaW1hZ2UuKQ0KDQpTTTIg RW5jcnlwdGlvbiwgYXMgaW4gW1NNMi1JRF0NCi0gVGhlIHB1YmxpYy1rZXkgZW5jcnlwdGlvbiBz Y2hlbWUgaXMgYmFzZWQgb24gRWxHYW1hbCBpbiBlbGxpcHRpYyBjdXJ2ZXMuIFRoZSBESCBrZXkg aXMgdGhlbiB1c2VkIChhKSBpbiB0aGUgYWJvdmUtZGVzY3JpYmVkIGtleSBkZXJpdmF0aW9uIHBy b2NlZHVyZSB0byBvYnRhaW4gYSBrZXkgc3RyZWFtIGZvciBlbmNyeXB0aW5nIHRoZSBwbGFpbnRl eHQsIGFuZCAoYikgaW4gYSBoYXNoIHRvZ2V0aGVyIHdpdGggdGhlIG1lc3NhZ2UgdG8gY29tcHV0 ZSBhbiBpbnRlZ3JpdHkgY29kZS4NCi0gQWx0aG91Z2ggbm8gcGFydGljdWxhciBzZWN1cml0eSBh bmFseXNpcyBpcyByZWZlcmVuY2VkLCB0aGUgcmV2aWV3ZXIgYmVsaWV2ZXMgdGhhdCB0aGUgc2No ZW1lIGlzIHNlY3VyZSBpZiAoYSkgdGhlIENESCBwcm9ibGVtIG9uIHRoZSBzdWdnZXN0ZWQgY3Vy dmUgaXMgaGFyZCBhbmQgKGIpIHRoZSBoYXNoIGZ1bmN0aW9uIGlzIG1vZGVsZWQgYXMgYSByYW5k b20gb3JhY2xlOyB0aGUgbGF0dGVyIGFzc3VtcHRpb24gaXMgcmVxdWlyZWQgYm90aCBmb3IgdGhl IGtleS1kZXJpdmF0aW9uIGFuZCBmb3IgdGhlIGludGVncml0eSBjb2RlLg0KPiBPdmVyYWxsLCB0 aGUgc2NoZW1lIGNhbiBiZSBjb25zaWRlcmVkIHNlY3VyZSwgd2l0aCB0aGUgc2FtZSBjYXZlYXRz IGFzIGZvciBTTTIgS2V5IERlcml2YXRpb24gbWVudGlvbmVkIGFib3ZlLg0KDQpTTTIgQ3VydmUs IGFzIGluIFtTTTItSURdDQotIFRoZSAyNTYtYml0IGN1cnZlIGlzIHN1cHBvc2VkIHRvIGJlIGEg ZHJvcC1pbiByZXBsYWNlbWVudCBmb3IgUDI1NiBhbmQgcHJvdmlkZSBhIHNlY3VyaXR5IGxldmVs IG9mIDEyOCBiaXRzLCB3aGljaCBpcyBhcHByb3ByaWF0ZSBmb3IgdGhlIGNvbWJpbmF0aW9uIG90 aGVyIHN1Z2dlc3RlZCBzY2hlbWVzLg0KLSBUaGUgcmV2aWV3ZXIgbGFja3MgdGhlIG5lY2Vzc2Fy eSBleHBlcnRpc2UvdGltZSB0byB2YWxpZGF0ZSB0aGVzZSBjbGFpbXMgaW4gZGV0YWlsLCBvciB0 byBtYWtlIGFuIGluLWRlcHRoIGNvbXBhcmlzb24gd2l0aCBvdGhlciBjdXJ2ZXMgYXQgYSBzaW1p bGFyIGxldmVsIG9mIHNlY3VyaXR5LiBMaXRlcmF0dXJlIHJlc2VhcmNoIGRpZCBub3QgcG9pbnQg dG8gYW55IHBhcnRpY3VsYXIgd2Vha25lc3Mgb2YgdGhpcyBjdXJ2ZS4NCg0KU00zIEhhc2ggRnVu Y3Rpb24sIGFzIGluIFtTTTMtSURdDQotIFRoZSBTTTMgZnVuY3Rpb24gaGFzIGEgTWVya2xlLURh bWdhYXJkIHN0cnVjdHVyZSB3aXRoIDI1Ni1iaXRzIG9mIG91dHB1dCwgYW5kIGFwcGVhcnMgdG8g YmUgbWVhbnQgYXMgYSBkcm9wLWluIHJlcGxhY2VtZW50IGZvciBTSEEyNTYuDQotIFNNMyBoYXMg YmVlbiBjcnlwdGFuYWxpemVkIGluIGEgc2VxdWVuY2Ugb2YgcGFwZXJzIGNpdGVkIGluIFtTTTMt SURdLCBhbHRob3VnaCBzdGlsbCBub3QgYXMgdGhvcm91Z2hseSBhcyB0aGUgU0hBMiBmYW1pbHku DQotIFRoZSBzZWN1cml0eSBsZXZlbHMgc3RhdGVkIGluIFtTTTMtSURdIGluZGljYXRlIHRoYXQg U00zIHByb3ZpZGVzIHNhZmVyIHNlY3VyaXR5IG1hcmdpbnMgdGhhbiBTSEEyNTYgZm9yIGFsbCBj b25zaWRlcmVkIGF0dGFjayB0eXBlcyAocHJlaW1hZ2UsIGNvbGxpc2lvbiwgZGlzdGluZ3Vpc2hp bmcpLg0KLSBUaGUgcmV2aWV3ZXIgd29uZGVyZWQgd2h5IHRoZSBzZWN1cml0eSBtYXJnaW5zIGZv ciBwcmVpbWFnZSBhdHRhY2tzIG9uIFNNMyBhcmUgc21hbGxlciB0aGFuIHRob3NlIGZvciBjb2xs aXNpb25zLCBhcyBhIHByZWltYWdlIGF0dGFjayBzaG91bGQgYWxzbyBnaXZlIHJpc2UgdG8gYSBj b2xsaXNpb24gYXR0YWNrLg0KLSBUaGUgcmV2aWV3ZXIgbGFja3MgdGhlIG5lY2Vzc2FyeSBleHBl cnRpc2UvdGltZSB0byB0aGUgaGFzaCBmdW5jdGlvbiBmcm9tIGEgdGVjaG5pY2FsIHBlcnNwZWN0 aXZlLCBidXQgdGhlIHN0YXRlIG9mIHRoZSBsaXRlcmF0dXJlIHN1Z2dlc3RzIHRoYXQgU00zIGNh biBiZSBjb25zaWRlcmVkIHNhZmUgZm9yIHRoZSBhcHBsaWNhdGlvbnMgaW4gdGhpcyBJbnRlcm5l dCBkcmFmdC4NCg0KU000IEJsb2NrIGNpcGhlciwgYXMgaW4gW1NNNC1JRF0NCi0gU000IGlzIGFu IFNQTiBibG9jayBjaXBoZXIgd2l0aCAxMjgtYml0IGJsb2NrIHNpemUgYW5kIDEyOC1iaXQga2V5 cy4NCi0gVGhlIHVzZSBpbiBPcGVuUEdQIHdpbGwgYmUgaW4gQ0ZCIG1vZGUgZm9yIGVuY3J5cHRp bmcgbWVzc2FnZSBwbGFpbnRleHQuDQotIFRoZSByZXZpZXdlciBsYWNrcyB0aGUgbmVjZXNzYXJ5 IGV4cGVydGlzZS90aW1lIHRvIGV2YWx1YXRlIHRoZSBzZWN1cml0eSBvZiBTTTQgYXMgYSBibG9j ayBjaXBoZXIgaW4gbW9yZSBkZXRhaWwsIGJ1dCBkaWQgbm90IGZpbmQgY3J5cHRhbmFseXRpYyBy ZXN1bHRzIHRoYXQgaW5kaWNhdGVkIGFnYWluc3QgdXNpbmcgU000Lg0KDQpDb21tZW50IG9uIHRo ZSB1c2Ugb2Ygc2NoZW1lcyBpbiBPcGVuUEdQDQpVc2UgaW4gT3BlblBHUCB3aWxsIGNvbWJpbmUg dGhlIFNNMiBzaWduYXR1cmUgYW5kIHRoZSBDRkItbW9kZSBvZiBTTTQgaW4gYW4gQXV0aGVudGlj YXRlLXRoZW4tRW5jcnlwdCBtYW5uZXIuIEFzIENGQiBpcyBub3QgYW4gYXV0aGVudGljYXRlZCBl bmNyeXB0aW9uIHNjaGVtZSAoYnV0IGluc3RlYWQgbWFsbGVhYmxlKSwgYW5kIFNNMiBpcyBub3Qg a25vd24gdG8gYmUgc3Ryb25nbHkgdW5mb3JnZWFibGUgKGJ1dCBvbmx5IGV4aXN0ZW50aWFsbHkg dW5mb3JnZWFibGUpLCB0aGUgc2VjdXJpdHkgb2YgdGhlIGNvbXBvc2VkIHNjaGVtZSBjYW5ub3Qg YmUgaW1tZWRpYXRlbHkgaW5mZXJyZWQuIFlldCwgYXMgbm8gdHJhbnNmb3JtYXRpb24gZm9yIGNv bXB1dGluZyBvbmUgdmFsaWQgU00yIHNpZ25hdHVyZSBmcm9tIGFub3RoZXIgZ2l2ZW4gb25lICh3 aXRob3V0IHRoZSB1c2Ugb2YgdGhlIHByaXZhdGUga2V5KSBpcyBrbm93biwgdGhpcyBpcyB1bmxp a2VseSB0byByZXN1bHQgaW4gZXhwbG9pdGFibGUgdnVsbmVyYWJpbGl0aWVzLg0KDQoNCkdlbmVy YWwgY29tbWVudDoNClRoZSByZXZpZXdlciBoYXMgbWl4ZWQgZmVlbGluZ3MgYWJvdXQgdGhlIGNy eXB0b2dyYXBoeSBwcm9wb3NlZCBpbiB0aGlzIGRyYWZ0LiBPbiB0aGUgb25lIGhhbmQsIGZyb20g YSB0aGVvcmlzdCdzIHBlcnNwZWN0aXZlLCBzb21lIGFzcGVjdHMgY2FsbCBmb3IgaW1wcm92ZW1l bnQsIG1vc3QgaW1wb3J0YW50bHkgdGhlIHJlbGlhbmNlIG9mIHRoZSBzY2hlbWUgb24gc3Ryb25n IHByb3BlcnRpZXMgb2YgdGhlIGhhc2ggZnVuY3Rpb24gYW5kIHRoZSBpZGlvc3luY3JhdGljIHVz ZSBvZiBjaXBoZXItZmVlZGJhY2sgbW9kZSBmb3IgbWVzc2FnZSBlbmNyeXB0aW9uLiBPbiB0aGUg b3RoZXIgaGFuZCwgdGhlc2UgYXNwZWN0cyBhcmUgaW5oZXJpdGVkIGZyb20gdGhlIE9TQ0NBIHBy b3Bvc2FscyBvciBldmVuIHBsYWluIE9wZW5QR1AuIEZ1cnRoZXJtb3JlLCBnaXZlbiB0aGUgc2Vj dXJpdHkgb2YgdGhlIFNNMiBjdXJ2ZSwgdGhlIFNNMyBoYXNoIGZ1bmN0aW9uLCBhbmQgdGhlIFNN NCBibG9jayBjaXBoZXIgKGZvciB3aGljaCB0aGUgcmV2aWV3ZXIgcmVsaWVkIG9uIHRoZSBsaXRl cmF0dXJlKSwgdGhlIGNvbnN0cnVjdGlvbiBkb2VzIG5vdCBhcHBlYXIgdG8gaGF2ZSBleHBsb2l0 YWJsZSBjcnlwdG9ncmFwaGljIHZ1bG5lcmFiaWxpdGllcy4NCg0KRWRpdG9yaWFsOg0KLSBJIGZv dW5kIHRoZSBiZWdpbm5pbmcgb2YgU2VjdGlvbiA0IG9uIFNNMiB0byBiZSB1bm5lY2Vzc2FyaWx5 IGRldGFpbGVkLCBhdCBsZWFzdCBnaXZlbiB0aGUgZGlzY3Vzc2lvbiBpbiB0aGUgcmVzcGVjdGl2 ZSBzdWJzZWN0aW9ucy4NCi0gU2VjdGlvbiA0LjMgYXBwZWFycyB1bm5lY2Vzc2FyeTsgYXQgbGVh c3QgSSBjb3VsZCBmaW5kIG5vIHVzZSBvZiB0aGUgS2V5IEV4Y2hhbmdlIGluIHRoZSBwcm9wb3Nh bHMuDQoNCg0KUmVzdWx0Og0KRnJvbSB0aGUgcmV2aWV3ZXIncyBwZXJzcGVjdGl2ZSwgdGhlIG1h aW4gY2F2ZWF0IGlzIHRoYXQgdGhlcmUgaXMgc28gZmFyIG5vIHByZWNpc2UsIG9wZW5seSBhY2Nl c3NpYmxlLCBzdWZmaWNpZW50bHkgZGV0YWlsZWQsIGFuZCBhdXRob3JpdGF0aXZlIHJlZmVyZW5j ZSBmb3IgdGhlIGFsZ29yaXRobXMgU00yLCBTTTMsIGFuZCBTTTQuIFRoZSByZXZpZXdlciBiZWxp ZXZlcyB0aGF0IHRoaXMgZGVmZWN0IG11c3QgYmUgcmVjdGlmaWVkIGJlZm9yZSB0aGUgcHJlc2Vu dCBJbnRlcm5ldCBkcmFmdCBjYW4gYmVjb21lIGFuIEludGVybmV0IHN0YW5kYXJkLiBGdXJ0aGVy bW9yZSwgY29kZSBwb2ludHMgZm9yIHRoZSBzY2hlbWVzIG11c3QgYmUgcmVnaXN0ZXJlZC4gQmV5 b25kIHRoYXQsIHRoZSBkb2N1bWVudCBpcyBpbiBhIGdvb2Qgc2hhcGUsIHdpdGggbWlub3IgY29t bWVudHMgbGlzdGVkIGJlbG93Lg0KDQoNCk1pbm9yIGNvbW1lbnRzOg0KLSBwMjogcHVibGlzaGVk IGluIHB1YmxpYywgc2ltaWxhcmx5IG9uIHA0DQotIFRoZSBkb2N1bWVudCBzaG91bGQgaW5kaWNh dGUgaW4gdGhlIHB1YmxpYy1rZXkgZm9ybWF0IHRoYXQgdGhleSByZWZlciB0byB2ZXJzaW9uIDQg YXMgc3BlY2lmaWVkIGluIFJGQzQ4ODAuDQotIEZvcm1hdCBpbiAxMS4xIGlzIGRlc2NyaWJlZCBh cyBhICJzaW5nbGUgTVBJIiAtLSBidXQgaXQgaXMgbm90IGFuIGludGVnZXIsIHNvIHJld29yZGlu ZyBtYXkgYmUgbmVlZGVkLg0KDQoNClJlZmVyZW5jZXM6DQpbRFNBMV0gICAgICBGZXJzY2gsIE0u LCBLaWx0eiwgRS4sIGFuZCBQb2V0dGVyaW5nLCBCLiwgIk9uIHRoZSBQcm92YWJsZSBTZWN1cml0 eSBvZiAoRUMpRFNBIFNpZ25hdHVyZXMiLCBBQ00gQ0NTIDIwMTYNCltTTTItSURdICAgIGh0dHBz Oi8vd3d3LmlldGYub3JnL2FyY2hpdmUvaWQvZHJhZnQtc2hlbi1zbTItZWNkc2EtMDIudHh0DQpb U00yLVBhcGVyXSBaaGFuZywgWi4sIFlhbmcsIEsuLCBaaGFuZywgSi4sIGFuZCBDLiBDaGVuLCAi U2VjdXJpdHkgb2YgdGhlIFNNMiBTaWduYXR1cmUgU2NoZW1lIEFnYWluc3QgR2VuZXJhbGl6ZWQg S2V5IFN1YnN0aXR1dGlvbiBBdHRhY2tzIiwgRGVjZW1iZXIgMjAxNSwgaHR0cHM6Ly9saW5rLnNw cmluZ2VyLmNvbS9jaGFwdGVyLzEwLjEwMDcvOTc4LTMtMzE5LTI3MTUyLTFfNw0KW1NNMi1UQ0Nd ICAgaHR0cHM6Ly9lcHJpbnQuaWFjci5vcmcvMjAxNy84OTAucGRmDQpbU00zLUlEXSAgICBTaGVu LCBTLiwgTGVlLCBYLiwgVHNlLCBSLiwgV29uZywgVy4sIGFuZCBQLiBZYW5nLCAiVGhlIFNNMyBD cnlwdG9ncmFwaGljIEhhc2ggRnVuY3Rpb24iLCBkcmFmdC1vc2NjYS1jZnJnLXNtMy0wMg0KW1NN NC1JRF0gICAgVHNlLCBSLiBhbmQgVy4gV29uZywgIlRoZSBTTTQgQmxvY2tjaXBoZXIgQWxnb3Jp dGhtIEFuZCBJdHMgTW9kZXMgT2YgT3BlcmF0aW9ucyIsIGRyYWZ0LXJpYm9zZS1jZnJnLXNtNC0w NQ0KDQoNCk9uIFR1ZSwgTm92IDI4LCAyMDE3IGF0IDM6MDIgUE0sIEFsZXhleSBNZWxuaWtvdiA8 YWxleGV5Lm1lbG5pa292QGlzb2RlLmNvbTxtYWlsdG86YWxleGV5Lm1lbG5pa292QGlzb2RlLmNv bT4+IHdyb3RlOg0KRGVhciBDcnlwdG8gUGFuZWwsDQoNClNBQUfigJlzIFNFQ0RJU1BBVENIIGNo YWlycyBoYXZlIHJlcXVlc3RlZCByZXZpZXcgb2YNCjxodHRwczovL2RhdGF0cmFja2VyLmlldGYu b3JnL2RvYy9kcmFmdC1yaWJvc2Utb3BlbnBncC1vc2NjYS8+DQpiZWZvcmUgdGhlIGRvY3VtZW50 IGZhdGUgd2lsbCBiZSBkZWNpZGVkIChpdCBpcyBsaWtlbHkgdG8gZW5kIHVwIGluIHRoZSBDVVJE TEUgV0cpLg0KDQpDYW4gd2UgaGF2ZSBzb21lIHZvbHVudGVlcihzKSBwbGVhc2U/DQoNClRoZSBk cmFmdCBBYnN0cmFjdCBpczoNCg0KICAgVGhpcyBkb2N1bWVudCBlbmFibGVzIE9wZW5QR1AgKFJG QzQ4ODApIHVzYWdlIGluIGFuIGNvbXBsaWFudCBtYW5uZXINCiAgIHdpdGggT1NDQ0EgKE9mZmlj ZSBvZiBTdGF0ZSBDb21tZXJjaWFsIENpcGhlciBBZG1pbmlzdHJhdGlvbikNCiAgIHJlZ3VsYXRp b25zIGZvciB1c2Ugd2l0aGluIENoaW5hLg0KDQogICBTcGVjaWZpY2FsbHksIGl0IGV4dGVuZHMg T3BlblBHUCB0byBzdXBwb3J0IHRoZSB1c2FnZSBvZiBTTTIsIFNNMyBhbmQNCiAgIFNNNCBhbGdv cml0aG1zLCBhbmQgcHJvdmlkZXMgdGhlIE9TQ0NBLWNvbXBsaWFudCBPcGVuUEdQIHByb2ZpbGUN CiAgICJPU0NDQS1TTTIzNCIuDQoNCg0KVGhhbmsgeW91LA0KQWxleGV5DQoNCl9fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpDcnlwdG8tcGFuZWwgbWFpbGlu ZyBsaXN0DQpDcnlwdG8tcGFuZWxAaXJ0Zi5vcmc8bWFpbHRvOkNyeXB0by1wYW5lbEBpcnRmLm9y Zz4NCmh0dHBzOi8vd3d3LmlydGYub3JnL21haWxtYW4vbGlzdGluZm8vY3J5cHRvLXBhbmVsDQoN Cg0K --_000_05BC205B297544D4A4E352FEDC4B89DBribosecom_ Content-Type: text/html; charset="utf-8" Content-ID: <9E24E202031AF748A57A382D1D9F7FF7@apcprd01.prod.exchangelabs.com> Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0 ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCkRlYXIgQmrDtnJuLA0KPGRpdiBjbGFzcz0iIj48 YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+VGhhbmsgeW91IHZlcnkgbXVjaCBm b3IgdGhlIGNvbXByZWhlbnNpdmUgcmV2aWV3LCBhbmQgYSBiZWxhdGVkIEhhcHB5IE5ldyBZZWFy ITwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9 IiI+SSBhZ3JlZSB3aXRoIG1vc3Qgb2YgdGhlIGNvbW1lbnRzLiBJdCB3b3VsZCBpbmRlZWQgYmUg dXNlZnVsIGFuZCBiZW5lZmljaWFsIGZvciB0aGUgU00yL1NNMy9TTTQgc2NoZW1lcyB0byBiZSBm cmVlbHkgYXZhaWxhYmxlIGFzIFJGQ3MgZm9yIHRoZSBlc3RhYmxpc2htZW50IG9mIHRoZWlyIHVz YWdlIHdpdGhpbiBPcGVuUEdQLiBJZiBJIG1heSBjbGFyaWZ5LCB0aGUgU00zIGFuZCBTTTQgSW50 ZXJuZXQtRHJhZnRzIGFscmVhZHkNCiBwcm92aWRlIGRldGFpbGVkIGRlc2NyaXB0aW9ucyBvZiB0 aGUgYWxnb3JpdGhtcyBhbmQgYWxzbyBpbmNsdWRlIHJlZmVyZW5jZSBpbXBsZW1lbnRhdGlvbnMs IGFuZCBhcmUgcmVhZHkgZm9yIENGUkcgcmV2aWV3LiBUaGUgU00yIGRyYWZ0IGlzIGN1cnJlbnRs eSBiZWluZyB1cGRhdGVkIChhcG9sb2dpemUgZm9yIHRoZSBkZWxheeKApiksIGFuZCBzaG91bGQg cHJvdmlkZSBhIHNpbWlsYXIgbGV2ZWwgb2YgZGV0YWlsIHRvIHRob3NlIHR3byB3aGVuIHRoZQ0K IHVwZGF0ZSBpcyBjb21wbGV0ZS48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0K PC9kaXY+DQo8ZGl2IGNsYXNzPSIiPlNvbWUgaWRpb3N5bmNyYXNpZXMsIGFzIHlvdSBoYXZlIHJp Z2h0bHkgcG9pbnRlZCBvdXQsIGNvbWUgZnJvbSB0aGUgZGVmaW5pdGlvbiBvZiB0aGUgU00yIHNj aGVtZSBpdHNlbGYgYW5kIHRoZSBPcGVuUEdQIHN0YW5kYXJkLCBzbyB0aGVyZeKAmXMgbm90IG11 Y2ggd2UgY2FuIGRvIGFib3V0LiBTTTIgaXMgYSBzZXQgb2YgdGhyZWUgYWxnb3JpdGhtcyB0aGF0 IGluY2x1ZGUgZGlnaXRhbCBzaWduYXR1cmVzLCBwdWJsaWMga2V5DQogZW5jcnlwdGlvbiBhbmQg YWxzbyBrZXkgZXhjaGFuZ2UuIFRoYXTigJlzIHdoeSB0aGUgU00yIGRyYWZ0IGluY2x1ZGVkIGEg c2VjdGlvbiBvbiBrZXkgZXhjaGFuZ2Ug4oCUIGl0IHdhcyBub3QgaW5jbHVkZWQgaW4gdGhlIE9w ZW5QR1AgZHJhZnQgYmVjYXVzZSBpdCBpcyBub3Qgc3VpdGFibGUgZm9yIHVzYWdlIGluIHRoZSBP cGVuUEdQIGNvbnRleHQuIFRoZSBTTTIvU00zL1NNNCBkb2N1bWVudHMgZXhpc3QgaW5kZXBlbmRl bnRseSBmcm9tIHRoZSBPcGVuUEdQDQogZG9jdW1lbnQgdGhhdCBpcyBiZWluZyByZXZpZXdlZC48 L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIi Pk9uIGEgc2VwYXJhdGUgbm90ZSwgd2UgY291bGQgcHJvdmlkZSBhY2Nlc3MgdG8gdGhlIElTTyBz dGFuZGFyZHMgdGhhdCBkZXRhaWwgdGhlc2UgU00gYWxnb3JpdGhtcyBmb3IgdGhlIHB1cnBvc2Ug b2YgdGhlIHJldmlldy4gUGxlYXNlIGZlZWwgZnJlZSB0byBlbWFpbCBtZSBzZXBhcmF0ZWx5IG9u IHRoaXMgaWYgdGhpcyB3b3VsZCBiZSBoZWxwZnVsLjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIg Y2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+QWdhaW4sIHRoYW5rIHlvdSB2ZXJ5IG11 Y2ggZm9yIHRoZSBoZWxwZnVsIHJldmlldyE8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNz PSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPktpbmQgcmVnYXJkcyw8L2Rpdj4NCjxkaXYgY2xh c3M9IiI+Um9uPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9 IiI+DQo8ZGl2IHN0eWxlPSJjb2xvcjogcmdiKDAsIDAsIDApOyBsZXR0ZXItc3BhY2luZzogbm9y bWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsg dGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsg d29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgd29yZC13 cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IC13ZWJraXQtbGluZS1i cmVhazogYWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCl9fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX188YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpSb25hbGQgVHNl PGJyIGNsYXNzPSIiPg0KUmlib3NlIEluYy48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjwvZGl2Pg0K PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IndlYmtpdC1ibG9jay1wbGFjZWhvbGRlciI+DQo8L2Rp dj4NCjxkaXY+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9 IiI+T24gSmFuIDMsIDIwMTgsIGF0IDM6NDcgQU0sIEJqb2VybiBUYWNrbWFubiAmbHQ7PGEgaHJl Zj0ibWFpbHRvOmJqb2Vybi50YWNrbWFubkBpZWVlLm9yZyIgY2xhc3M9IiI+YmpvZXJuLnRhY2tt YW5uQGllZWUub3JnPC9hPiZndDsgd3JvdGU6PC9kaXY+DQo8YnIgY2xhc3M9IkFwcGxlLWludGVy Y2hhbmdlLW5ld2xpbmUiPg0KPGRpdiBjbGFzcz0iIj4NCjxkaXYgZGlyPSJsdHIiIGNsYXNzPSIi Pg0KPGRpdiBjbGFzcz0iIj5EZWFyIENoYWlycywgZGVhciBBdXRob3JzLDwvZGl2Pg0KPGRpdiBj bGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+SSBhcG9sb2dpemUg Zm9yIHRoZSBhZGRpdGlvbmFsIGRlbGF5IGluIHByb2R1Y2luZyBteSByZXZpZXcuIFBsZWFzZSBm aW5kIHRoZSBmdWxsIHRleHQgYmVsb3cuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0i Ij4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5CZXN0LDwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5CasO2 cm48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNz PSIiPj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT08L2Rpdj4NCjxkaXYgY2xh c3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPlRoZSBJbnRlcm5ldCBk cmFmdCBzdWdnZXN0cyB0byBhbWVuZCB0aGUgT3BlblBHUCBmb3JtYXQgdG8gYWRkIHN1cHBvcnQg Zm9yIGNyeXB0b2dyYXBoaWMgc2NoZW1lcyBTTTIsIFNNMywgYW5kIFNNNCBzdGFuZGFyZGl6ZWQg YnkgdGhlIENoaW5lc2UgT2ZmaWNlIG9mIFN0YXRlIENvbW1lcmNpYWwgQ2lwaGVyIEFkbWluaXN0 cmF0aW9uIChPU0NDQSksIHRvIG1ha2UgT3BlblBHUCBjb21wbGlhbnQgd2l0aCBPU0NDQSByZWd1 bGF0aW9ucw0KIGZvciB1c2UgaW4gQ2hpbmEuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFz cz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5BcyBhIGdlbmVyYWwgcmVtYXJrLCB0aGUgSW50 ZXJuZXQgZHJhZnQgZG9lcyBub3QgZGVzY3JpYmUgdGhlIGNyeXB0b2dyYXBoaWMgc2NoZW1lcyBp biBzdWZmaWNpZW50IGRldGFpbCBmb3IgaW1wbGVtZW50YXRpb24sIGJ1dCByZWZlcnMgdG8gb3Ro ZXIgc291cmNlcyBzdWNoIGFzIHRoZSBzdGFuZGFyZGl6YXRpb24gZG9jdW1lbnRzIG9mIHRoZSBP U0NDQSAoaW4gQ2hpbmVzZSkgb3IgdGhlIElTTyBzdGFuZGFyZHMgKG5vdA0KIGZyZWVseSBhY2Nl c3NpYmxlKS4gQXMgdGhlIHJldmlld2VyIHdhcyBub3QgYWJsZSB0byBhY2Nlc3MgdGhlc2Ugc291 cmNlcywgdGhpcyByZXZpZXcgaXMgYmFzZWQgaW5zdGVhZCBvbiBwdWJsaWNseSBhY2Nlc3NpYmxl IGluZm9ybWF0aW9uIHN1Y2ggYXMgKHNvbWUgZXhwaXJlZCkgSW50ZXJuZXQgZHJhZnRzIGFuZCBh Y2FkZW1pYyBwYXBlcnMgdGhhdCBkZXNjcmliZSB0aGUgc2NoZW1lcyBpbiBkZXRhaWwsIHRob3Vn aCBzb21ldGltZXMgaW5jb25zaXN0ZW50bHkuDQogVGhlIHJldmlld2VyIHRoaW5rcyB0aGF0IGEg c3RhbmRhcmQtY29tcGxpYW50IGRlc2NyaXB0aW9uIG9mIHRoZSBhbGdvcml0aG1zIG11c3QgYmUg bWFkZSBhdmFpbGFibGUgaW4gYSBvcGVubHkgYWNjZXNzaWJsZSBhbmQgYXV0aG9yaXRhdGl2ZSB3 YXkgYmVmb3JlIHRoZSBwcmVzZW50IEludGVybmV0IGRyYWZ0IGNhbiBiZWNvbWUgYSBzdGFuZGFy ZC48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNz PSIiPlRoZSByZXZpZXcgZGlzY3Vzc2VzIGZpcnN0IHRoZSBjb21wb25lbnQgc2NoZW1lcyBpbmRp dmlkdWFsbHkgYW5kIHRoZW4gdGhlaXIgY29tcG9zaXRpb24gd2l0aGluIE9wZW5QR1AuIEl0IGNv bmNsdWRlcyB3aXRoIGdlbmVyYWwgYW5kIGVkaXRvcmlhbCByZW1hcmtzLjwvZGl2Pg0KPGRpdiBj bGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+U00yIFNpZ25hdHVy ZSwgYXMgaW4gW1NNMi1JRCwgU00yLVBhcGVyXTwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIFRoZXJl IGlzIGEgbWlzbWF0Y2ggYmV0d2VlbiB0aGUgdHdvIGRvY3VtZW50cyBpbiBob3cgdGhlIGNyeXB0 b2dyYXBoaWMgcGFyYW1ldGVycyBhcmUgaGFzaGVkLCBhbmQgdGhlIHNpZ25hdHVyZSBhbGdvcml0 aG0gaW4gW1NNMi1QYXBlcl0gY2FuIGdlbmVyYXRlIGludmFsaWQgc2lnbmF0dXJlcyB3aXRoIHNt YWxsIHByb2JhYmlsaXR5LiAoTmVpdGhlciBvZiB0aGUgZGlmZmVyZW5jZXMgYWZmZWN0cyBzZWN1 cml0eS4pIEZ1cnRoZXJtb3JlLA0KIHRoZSBkYXRhIGZsb3cgZGVwaWN0aW9uIGluIFtTTTItSURd IGRvZXMgbm90IG1hdGNoIGFueSBvZiB0aGUgdGhlIGFsZ29yaXRobXMgc3BlY2lmaWVkIGluIHRo ZSBkb2N1bWVudHMuIChBcyBhIHNpZGUgcmVtYXJrLCB0aGUgc2VjdXJpdHkgc3RhdGVtZW50IGlu IFtTTTItUGFwZXJdIGlzIGZvcm1hbGx5IG1lYW5pbmdsZXNzLCBidXQgdGhpcyBkb2VzIG5vdCBh ZmZlY3QgdGhlIHZhbGlkaXR5IG9mIHRoZSBtYWluIGFyZ3VtZW50Lik8L2Rpdj4NCjxkaXYgY2xh c3M9IiI+LSBUaGUgc3RydWN0dXJlIG9mIHRoZSBTTTIgc2lnbmF0dXJlIHNjaGVtZSByb3VnaGx5 IHJlc2VtYmxlcyBFQ0RTQSwgYnV0IGlzIGRpZmZlcmVudCBpbiB0aGF0IChhKSB0aGUgbWVzc2Fn ZSBpcyBleHRlbmRlZCBieSBhIGhhc2ggb2YgYW4gaWRlbnRpdHkgYW5kIHRoZSBwYXJhbWV0ZXJz IGFuZCAoYikgdGhlIGNvbXB1dGF0aW9uIGluIHRoZSBleHBvbmVudCBpcyBkaWZmZXJlbnQuPC9k aXY+DQo8ZGl2IGNsYXNzPSIiPi0gSW4gW1NNMi1QYXBlcl0sIHRoZSBFVUYtQ01BIHNlY3VyaXR5 IG9mIHRoZSBzaWduYXR1cmUgc2NoZW1lIGlzIHByb3ZlZCwgYmFzZWQgb24gY29sbGlzaW9uLXJl c2lzdGFuY2UgYW5kIGEgdW5pZm9ybWl0eSBwcm9wZXJ0eSBvZiB0aGUgaGFzaCBmdW5jdGlvbiwg aW4gdGhlIGdlbmVyaWMgZ3JvdXAgbW9kZWwuIEZ1cnRoZXJtb3JlLCByZWNlbnQgc2VjdXJpdHkg cmVzdWx0cyBzZWVtIHRvIGZ1cnRoZXIgY29ubmVjdCBEU0ENCiBhbmQgU00yIGluIHRlcm1zIG9m IHRoZWlyIHNlY3VyaXR5IFtTTTItVENDLCBEU0ExXS48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+LSBU aGUga25vd24gd2Vha25lc3NlcyBvZiBTTTIsIHdoaWNoIGFyZSBjaXRlZCBpbiBbU00yLUlEXSwg YXBwZWFyIHRvIGJlIHNpbWlsYXIgdG8gdGhvc2Ugb2YgRFNBIGFuZCBhcmUgbW9zdGx5IHJlbGF0 ZWQgdG8gYmFkIGNob2ljZXMgb2Ygbm9uY2VzIGFuZCBzaWRlIGNoYW5uZWxzLjwvZGl2Pg0KPGRp diBjbGFzcz0iIj4mZ3Q7IE92ZXJhbGwsIGFuZCBmcm9tIHRoZSBjdXJyZW50IHN0YXRlIG9mIGtu b3dsZWRnZSwgdGhlIHNlY3VyaXR5IG9mIFNNMiBjYW4gYmUgc2VlbiBhcyByb3VnaGx5IGNvbXBh cmFibGUgdG8gRUNEU0EsIHdoaWNoIGlzIGFscmVhZHkgdXNlZCBpbiBPcGVuUEdQLjwvZGl2Pg0K PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+U00yIEtl eSBEZXJpdmF0aW9uLCBhcyBpbiB0aGUgcmV2aWV3ZWQgZHJhZnQgYW5kIFtTTTItSURdPC9kaXY+ DQo8ZGl2IGNsYXNzPSIiPi0gVGhlIGtleSBkZXJpdmF0aW9uIGlzIHVzZWQgYm90aCBpbiBTTTIg ZW5jcnlwdGlvbiBhbmQgZm9yIGdlbmVyYXRpb24gb2Ygc3ltbWV0cmljIGtleSBtYXRlcmlhbC48 L2Rpdj4NCjxkaXYgY2xhc3M9IiI+LSBJdCBpcyBiYXNlZCBvbiBhIGhhc2ggZnVuY3Rpb24gaCwg YW5kIGlzIGRlZmluZWQgZXNzZW50aWFsbHkgYXMgaChyYXdfa2V5IHwgMSkgfCBoKHJhd19rZXkg fCAyKSB8IC4uLjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIFRoZSBzY2hlbWUgaXMgc2VjdXJlIHVu ZGVyIHN0cm9uZyBhc3N1bXB0aW9ucyBvbiB0aGUgaGFzaCBmdW5jdGlvbjsgZXNzZW50aWFsbHks IG9uZSBuZWVkcyB0byBhc3N1bWUgdGhhdCBoKHJhd19rZXkgfCAuKSBpcyBhIFBSRiBmb3IgdGhl IHNwZWNpZmljIGRpc3RyaWJ1dGlvbiBvZiByYXdfa2V5LiBUaGlzIGlzIG5vdCBhcmd1ZWQgc3Bl Y2lmaWNhbGx5LCBidXQgaG9sZHMgaWYgaCBpcyBtb2RlbGVkIGFzIHJhbmRvbQ0KIG9yYWNsZS48 L2Rpdj4NCjxkaXYgY2xhc3M9IiI+Jmd0OyBPdmVyYWxsLCB0aGUgc2NoZW1lIGNhbiBiZSBjb25z aWRlcmVkIHNlY3VyZSBidXQgbWFrZXMgc3Ryb25nIGFzc3VtcHRpb25zIG9uIHRoZSBzZWN1cml0 eSBvZiB0aGUgdW5kZXJseWluZyBoYXNoIGZ1bmN0aW9uLiBBcyB0aGUgcHJvcG9zZWQgaGFzaCBm dW5jdGlvbiBTTTMgYXBwZWFycyB0byBiZSBzZWN1cmUgZnJvbSB0aGUgY3VycmVudCBzdGF0ZSBv ZiBrbm93bGVkZ2UsIHRoaXMgZG9lcyBub3QgcG9zZSBhIHByb2JsZW0NCiBub3csIGJ1dCBzY2hl bWVzIHVzaW5nIHRoaXMga2V5IGRlcml2YXRpb24gc2hvdWxkIGJlIHJldGlyZWQgYXMgc29vbiBh cyBkb3VidHMgaW4gdGhlIHNlY3VyaXR5IG9mIFNNMyBlbWVyZ2UuIChJbiB0aGUgc2Vuc2Ugb2Yg ZGlzdGluZ3Vpc2hpbmcgYXR0YWNrcywgbm90IG9ubHkgY29sbGlzaW9uIG9yIHByZWltYWdlLik8 L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIi PlNNMiBFbmNyeXB0aW9uLCBhcyBpbiBbU00yLUlEXTwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIFRo ZSBwdWJsaWMta2V5IGVuY3J5cHRpb24gc2NoZW1lIGlzIGJhc2VkIG9uIEVsR2FtYWwgaW4gZWxs aXB0aWMgY3VydmVzLiBUaGUgREgga2V5IGlzIHRoZW4gdXNlZCAoYSkgaW4gdGhlIGFib3ZlLWRl c2NyaWJlZCBrZXkgZGVyaXZhdGlvbiBwcm9jZWR1cmUgdG8gb2J0YWluIGEga2V5IHN0cmVhbSBm b3IgZW5jcnlwdGluZyB0aGUgcGxhaW50ZXh0LCBhbmQgKGIpIGluIGEgaGFzaCB0b2dldGhlciB3 aXRoIHRoZSBtZXNzYWdlDQogdG8gY29tcHV0ZSBhbiBpbnRlZ3JpdHkgY29kZS48L2Rpdj4NCjxk aXYgY2xhc3M9IiI+LSBBbHRob3VnaCBubyBwYXJ0aWN1bGFyIHNlY3VyaXR5IGFuYWx5c2lzIGlz IHJlZmVyZW5jZWQsIHRoZSByZXZpZXdlciBiZWxpZXZlcyB0aGF0IHRoZSBzY2hlbWUgaXMgc2Vj dXJlIGlmIChhKSB0aGUgQ0RIIHByb2JsZW0gb24gdGhlIHN1Z2dlc3RlZCBjdXJ2ZSBpcyBoYXJk IGFuZCAoYikgdGhlIGhhc2ggZnVuY3Rpb24gaXMgbW9kZWxlZCBhcyBhIHJhbmRvbSBvcmFjbGU7 IHRoZSBsYXR0ZXIgYXNzdW1wdGlvbiBpcyByZXF1aXJlZA0KIGJvdGggZm9yIHRoZSBrZXktZGVy aXZhdGlvbiBhbmQgZm9yIHRoZSBpbnRlZ3JpdHkgY29kZS48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+ Jmd0OyBPdmVyYWxsLCB0aGUgc2NoZW1lIGNhbiBiZSBjb25zaWRlcmVkIHNlY3VyZSwgd2l0aCB0 aGUgc2FtZSBjYXZlYXRzIGFzIGZvciBTTTIgS2V5IERlcml2YXRpb24gbWVudGlvbmVkIGFib3Zl LjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9 IiI+U00yIEN1cnZlLCBhcyBpbiBbU00yLUlEXTwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIFRoZSAy NTYtYml0IGN1cnZlIGlzIHN1cHBvc2VkIHRvIGJlIGEgZHJvcC1pbiByZXBsYWNlbWVudCBmb3Ig UDI1NiBhbmQgcHJvdmlkZSBhIHNlY3VyaXR5IGxldmVsIG9mIDEyOCBiaXRzLCB3aGljaCBpcyBh cHByb3ByaWF0ZSBmb3IgdGhlIGNvbWJpbmF0aW9uIG90aGVyIHN1Z2dlc3RlZCBzY2hlbWVzLjwv ZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIFRoZSByZXZpZXdlciBsYWNrcyB0aGUgbmVjZXNzYXJ5IGV4 cGVydGlzZS90aW1lIHRvIHZhbGlkYXRlIHRoZXNlIGNsYWltcyBpbiBkZXRhaWwsIG9yIHRvIG1h a2UgYW4gaW4tZGVwdGggY29tcGFyaXNvbiB3aXRoIG90aGVyIGN1cnZlcyBhdCBhIHNpbWlsYXIg bGV2ZWwgb2Ygc2VjdXJpdHkuIExpdGVyYXR1cmUgcmVzZWFyY2ggZGlkIG5vdCBwb2ludCB0byBh bnkgcGFydGljdWxhciB3ZWFrbmVzcyBvZiB0aGlzIGN1cnZlLjwvZGl2Pg0KPGRpdiBjbGFzcz0i Ij48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+U00zIEhhc2ggRnVuY3Rpb24s IGFzIGluIFtTTTMtSURdPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPi0gVGhlIFNNMyBmdW5jdGlvbiBo YXMgYSBNZXJrbGUtRGFtZ2FhcmQgc3RydWN0dXJlIHdpdGggMjU2LWJpdHMgb2Ygb3V0cHV0LCBh bmQgYXBwZWFycyB0byBiZSBtZWFudCBhcyBhIGRyb3AtaW4gcmVwbGFjZW1lbnQgZm9yIFNIQTI1 Ni48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+LSBTTTMgaGFzIGJlZW4gY3J5cHRhbmFsaXplZCBpbiBh IHNlcXVlbmNlIG9mIHBhcGVycyBjaXRlZCBpbiBbU00zLUlEXSwgYWx0aG91Z2ggc3RpbGwgbm90 IGFzIHRob3JvdWdobHkgYXMgdGhlIFNIQTIgZmFtaWx5LjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4t IFRoZSBzZWN1cml0eSBsZXZlbHMgc3RhdGVkIGluIFtTTTMtSURdIGluZGljYXRlIHRoYXQgU00z IHByb3ZpZGVzIHNhZmVyIHNlY3VyaXR5IG1hcmdpbnMgdGhhbiBTSEEyNTYgZm9yIGFsbCBjb25z aWRlcmVkIGF0dGFjayB0eXBlcyAocHJlaW1hZ2UsIGNvbGxpc2lvbiwgZGlzdGluZ3Vpc2hpbmcp LjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIFRoZSByZXZpZXdlciB3b25kZXJlZCB3aHkgdGhlIHNl Y3VyaXR5IG1hcmdpbnMgZm9yIHByZWltYWdlIGF0dGFja3Mgb24gU00zIGFyZSBzbWFsbGVyIHRo YW4gdGhvc2UgZm9yIGNvbGxpc2lvbnMsIGFzIGEgcHJlaW1hZ2UgYXR0YWNrIHNob3VsZCBhbHNv IGdpdmUgcmlzZSB0byBhIGNvbGxpc2lvbiBhdHRhY2suPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPi0g VGhlIHJldmlld2VyIGxhY2tzIHRoZSBuZWNlc3NhcnkgZXhwZXJ0aXNlL3RpbWUgdG8gdGhlIGhh c2ggZnVuY3Rpb24gZnJvbSBhIHRlY2huaWNhbCBwZXJzcGVjdGl2ZSwgYnV0IHRoZSBzdGF0ZSBv ZiB0aGUgbGl0ZXJhdHVyZSBzdWdnZXN0cyB0aGF0IFNNMyBjYW4gYmUgY29uc2lkZXJlZCBzYWZl IGZvciB0aGUgYXBwbGljYXRpb25zIGluIHRoaXMgSW50ZXJuZXQgZHJhZnQuPC9kaXY+DQo8ZGl2 IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5TTTQgQmxvY2sg Y2lwaGVyLCBhcyBpbiBbU000LUlEXTwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIFNNNCBpcyBhbiBT UE4gYmxvY2sgY2lwaGVyIHdpdGggMTI4LWJpdCBibG9jayBzaXplIGFuZCAxMjgtYml0IGtleXMu PC9kaXY+DQo8ZGl2IGNsYXNzPSIiPi0gVGhlIHVzZSBpbiBPcGVuUEdQIHdpbGwgYmUgaW4gQ0ZC IG1vZGUgZm9yIGVuY3J5cHRpbmcgbWVzc2FnZSBwbGFpbnRleHQuPC9kaXY+DQo8ZGl2IGNsYXNz PSIiPi0gVGhlIHJldmlld2VyIGxhY2tzIHRoZSBuZWNlc3NhcnkgZXhwZXJ0aXNlL3RpbWUgdG8g ZXZhbHVhdGUgdGhlIHNlY3VyaXR5IG9mIFNNNCBhcyBhIGJsb2NrIGNpcGhlciBpbiBtb3JlIGRl dGFpbCwgYnV0IGRpZCBub3QgZmluZCBjcnlwdGFuYWx5dGljIHJlc3VsdHMgdGhhdCBpbmRpY2F0 ZWQgYWdhaW5zdCB1c2luZyBTTTQuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4N CjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5Db21tZW50IG9uIHRoZSB1c2Ugb2Ygc2NoZW1lcyBpbiBP cGVuUEdQPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPlVzZSBpbiBPcGVuUEdQIHdpbGwgY29tYmluZSB0 aGUgU00yIHNpZ25hdHVyZSBhbmQgdGhlIENGQi1tb2RlIG9mIFNNNCBpbiBhbiBBdXRoZW50aWNh dGUtdGhlbi1FbmNyeXB0IG1hbm5lci4gQXMgQ0ZCIGlzIG5vdCBhbiBhdXRoZW50aWNhdGVkIGVu Y3J5cHRpb24gc2NoZW1lIChidXQgaW5zdGVhZCBtYWxsZWFibGUpLCBhbmQgU00yIGlzIG5vdCBr bm93biB0byBiZSBzdHJvbmdseSB1bmZvcmdlYWJsZSAoYnV0IG9ubHkgZXhpc3RlbnRpYWxseQ0K IHVuZm9yZ2VhYmxlKSwgdGhlIHNlY3VyaXR5IG9mIHRoZSBjb21wb3NlZCBzY2hlbWUgY2Fubm90 IGJlIGltbWVkaWF0ZWx5IGluZmVycmVkLiBZZXQsIGFzIG5vIHRyYW5zZm9ybWF0aW9uIGZvciBj b21wdXRpbmcgb25lIHZhbGlkIFNNMiBzaWduYXR1cmUgZnJvbSBhbm90aGVyIGdpdmVuIG9uZSAo d2l0aG91dCB0aGUgdXNlIG9mIHRoZSBwcml2YXRlIGtleSkgaXMga25vd24sIHRoaXMgaXMgdW5s aWtlbHkgdG8gcmVzdWx0IGluIGV4cGxvaXRhYmxlDQogdnVsbmVyYWJpbGl0aWVzLjwvZGl2Pg0K PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNs YXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPkdlbmVyYWwgY29tbWVudDo8L2Rpdj4NCjxk aXYgY2xhc3M9IiI+VGhlIHJldmlld2VyIGhhcyBtaXhlZCBmZWVsaW5ncyBhYm91dCB0aGUgY3J5 cHRvZ3JhcGh5IHByb3Bvc2VkIGluIHRoaXMgZHJhZnQuIE9uIHRoZSBvbmUgaGFuZCwgZnJvbSBh IHRoZW9yaXN0J3MgcGVyc3BlY3RpdmUsIHNvbWUgYXNwZWN0cyBjYWxsIGZvciBpbXByb3ZlbWVu dCwgbW9zdCBpbXBvcnRhbnRseSB0aGUgcmVsaWFuY2Ugb2YgdGhlIHNjaGVtZSBvbiBzdHJvbmcg cHJvcGVydGllcyBvZiB0aGUgaGFzaCBmdW5jdGlvbg0KIGFuZCB0aGUgaWRpb3N5bmNyYXRpYyB1 c2Ugb2YgY2lwaGVyLWZlZWRiYWNrIG1vZGUgZm9yIG1lc3NhZ2UgZW5jcnlwdGlvbi4gT24gdGhl IG90aGVyIGhhbmQsIHRoZXNlIGFzcGVjdHMgYXJlIGluaGVyaXRlZCBmcm9tIHRoZSBPU0NDQSBw cm9wb3NhbHMgb3IgZXZlbiBwbGFpbiBPcGVuUEdQLiBGdXJ0aGVybW9yZSwgZ2l2ZW4gdGhlIHNl Y3VyaXR5IG9mIHRoZSBTTTIgY3VydmUsIHRoZSBTTTMgaGFzaCBmdW5jdGlvbiwgYW5kIHRoZSBT TTQgYmxvY2sNCiBjaXBoZXIgKGZvciB3aGljaCB0aGUgcmV2aWV3ZXIgcmVsaWVkIG9uIHRoZSBs aXRlcmF0dXJlKSwgdGhlIGNvbnN0cnVjdGlvbiBkb2VzIG5vdCBhcHBlYXIgdG8gaGF2ZSBleHBs b2l0YWJsZSBjcnlwdG9ncmFwaGljIHZ1bG5lcmFiaWxpdGllcy48L2Rpdj4NCjxkaXYgY2xhc3M9 IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPkVkaXRvcmlhbDo8L2Rpdj4N CjxkaXYgY2xhc3M9IiI+LSBJIGZvdW5kIHRoZSBiZWdpbm5pbmcgb2YgU2VjdGlvbiA0IG9uIFNN MiB0byBiZSB1bm5lY2Vzc2FyaWx5IGRldGFpbGVkLCBhdCBsZWFzdCBnaXZlbiB0aGUgZGlzY3Vz c2lvbiBpbiB0aGUgcmVzcGVjdGl2ZSBzdWJzZWN0aW9ucy48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+ LSBTZWN0aW9uIDQuMyBhcHBlYXJzIHVubmVjZXNzYXJ5OyBhdCBsZWFzdCBJIGNvdWxkIGZpbmQg bm8gdXNlIG9mIHRoZSBLZXkgRXhjaGFuZ2UgaW4gdGhlIHByb3Bvc2Fscy48L2Rpdj4NCjxkaXYg Y2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0i Ij4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5SZXN1bHQ6PC9kaXY+DQo8ZGl2IGNsYXNzPSIiPkZy b20gdGhlIHJldmlld2VyJ3MgcGVyc3BlY3RpdmUsIHRoZSBtYWluIGNhdmVhdCBpcyB0aGF0IHRo ZXJlIGlzIHNvIGZhciBubyBwcmVjaXNlLCBvcGVubHkgYWNjZXNzaWJsZSwgc3VmZmljaWVudGx5 IGRldGFpbGVkLCBhbmQgYXV0aG9yaXRhdGl2ZSByZWZlcmVuY2UgZm9yIHRoZSBhbGdvcml0aG1z IFNNMiwgU00zLCBhbmQgU000LiBUaGUgcmV2aWV3ZXIgYmVsaWV2ZXMgdGhhdCB0aGlzIGRlZmVj dCBtdXN0IGJlIHJlY3RpZmllZA0KIGJlZm9yZSB0aGUgcHJlc2VudCBJbnRlcm5ldCBkcmFmdCBj YW4gYmVjb21lIGFuIEludGVybmV0IHN0YW5kYXJkLiBGdXJ0aGVybW9yZSwgY29kZSBwb2ludHMg Zm9yIHRoZSBzY2hlbWVzIG11c3QgYmUgcmVnaXN0ZXJlZC4gQmV5b25kIHRoYXQsIHRoZSBkb2N1 bWVudCBpcyBpbiBhIGdvb2Qgc2hhcGUsIHdpdGggbWlub3IgY29tbWVudHMgbGlzdGVkIGJlbG93 LjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9 IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPk1pbm9yIGNvbW1lbnRzOjwv ZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIHAyOiBwdWJsaXNoZWQgaW4gcHVibGljLCBzaW1pbGFybHkg b24gcDQ8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+LSBUaGUgZG9jdW1lbnQgc2hvdWxkIGluZGljYXRl IGluIHRoZSBwdWJsaWMta2V5IGZvcm1hdCB0aGF0IHRoZXkgcmVmZXIgdG8gdmVyc2lvbiA0IGFz IHNwZWNpZmllZCBpbiBSRkM0ODgwLjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4tIEZvcm1hdCBpbiAx MS4xIGlzIGRlc2NyaWJlZCBhcyBhICZxdW90O3NpbmdsZSBNUEkmcXVvdDsgLS0gYnV0IGl0IGlz IG5vdCBhbiBpbnRlZ2VyLCBzbyByZXdvcmRpbmcgbWF5IGJlIG5lZWRlZC48L2Rpdj4NCjxkaXYg Y2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0i Ij4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5SZWZlcmVuY2VzOjwvZGl2Pg0KPGRpdiBjbGFzcz0i Ij5bRFNBMV0gJm5ic3A7ICZuYnNwOyAmbmJzcDtGZXJzY2gsIE0uLCBLaWx0eiwgRS4sIGFuZCBQ b2V0dGVyaW5nLCBCLiwgJnF1b3Q7T24gdGhlIFByb3ZhYmxlIFNlY3VyaXR5IG9mIChFQylEU0Eg U2lnbmF0dXJlcyZxdW90OywgQUNNIENDUyAyMDE2PC9kaXY+DQo8ZGl2IGNsYXNzPSIiPltTTTIt SURdICZuYnNwOyAmbmJzcDs8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9hcmNoaXZlL2lk L2RyYWZ0LXNoZW4tc20yLWVjZHNhLTAyLnR4dCIgY2xhc3M9IiI+aHR0cHM6Ly93d3cuaWV0Zi5v cmcvYXJjaGl2ZS9pZC9kcmFmdC1zaGVuLXNtMi1lY2RzYS0wMi50eHQ8L2E+PC9kaXY+DQo8ZGl2 IGNsYXNzPSIiPltTTTItUGFwZXJdIFpoYW5nLCBaLiwgWWFuZywgSy4sIFpoYW5nLCBKLiwgYW5k IEMuIENoZW4sICZxdW90O1NlY3VyaXR5IG9mIHRoZSBTTTIgU2lnbmF0dXJlIFNjaGVtZSBBZ2Fp bnN0IEdlbmVyYWxpemVkIEtleSBTdWJzdGl0dXRpb24gQXR0YWNrcyZxdW90OywgRGVjZW1iZXIg MjAxNSwNCjxhIGhyZWY9Imh0dHBzOi8vbGluay5zcHJpbmdlci5jb20vY2hhcHRlci8xMC4xMDA3 Lzk3OC0zLTMxOS0yNzE1Mi0xXzciIGNsYXNzPSIiPg0KaHR0cHM6Ly9saW5rLnNwcmluZ2VyLmNv bS9jaGFwdGVyLzEwLjEwMDcvOTc4LTMtMzE5LTI3MTUyLTFfNzwvYT48L2Rpdj4NCjxkaXYgY2xh c3M9IiI+W1NNMi1UQ0NdICZuYnNwOyA8YSBocmVmPSJodHRwczovL2VwcmludC5pYWNyLm9yZy8y MDE3Lzg5MC5wZGYiIGNsYXNzPSIiPg0KaHR0cHM6Ly9lcHJpbnQuaWFjci5vcmcvMjAxNy84OTAu cGRmPC9hPjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5bU00zLUlEXSAmbmJzcDsgJm5ic3A7U2hlbiwg Uy4sIExlZSwgWC4sIFRzZSwgUi4sIFdvbmcsIFcuLCBhbmQgUC4gWWFuZywgJnF1b3Q7VGhlIFNN MyBDcnlwdG9ncmFwaGljIEhhc2ggRnVuY3Rpb24mcXVvdDssIGRyYWZ0LW9zY2NhLWNmcmctc20z LTAyPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPltTTTQtSURdICZuYnNwOyAmbmJzcDtUc2UsIFIuIGFu ZCBXLiBXb25nLCAmcXVvdDtUaGUgU000IEJsb2NrY2lwaGVyIEFsZ29yaXRobSBBbmQgSXRzIE1v ZGVzIE9mIE9wZXJhdGlvbnMmcXVvdDssIGRyYWZ0LXJpYm9zZS1jZnJnLXNtNC0wNTwvZGl2Pg0K PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0i Z21haWxfZXh0cmEiPjxiciBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9ImdtYWlsX3F1b3RlIj5PbiBU dWUsIE5vdiAyOCwgMjAxNyBhdCAzOjAyIFBNLCBBbGV4ZXkgTWVsbmlrb3YgPHNwYW4gZGlyPSJs dHIiIGNsYXNzPSIiPg0KJmx0OzxhIGhyZWY9Im1haWx0bzphbGV4ZXkubWVsbmlrb3ZAaXNvZGUu Y29tIiB0YXJnZXQ9Il9ibGFuayIgY2xhc3M9IiI+YWxleGV5Lm1lbG5pa292QGlzb2RlLmNvbTwv YT4mZ3Q7PC9zcGFuPiB3cm90ZTo8YnIgY2xhc3M9IiI+DQo8YmxvY2txdW90ZSBjbGFzcz0iZ21h aWxfcXVvdGUiIHN0eWxlPSJtYXJnaW46MCAwIDAgLjhleDtib3JkZXItbGVmdDoxcHggI2NjYyBz b2xpZDtwYWRkaW5nLWxlZnQ6MWV4Ij4NCkRlYXIgQ3J5cHRvIFBhbmVsLDxiciBjbGFzcz0iIj4N CjxiciBjbGFzcz0iIj4NClNBQUfigJlzIFNFQ0RJU1BBVENIIGNoYWlycyBoYXZlIHJlcXVlc3Rl ZCByZXZpZXcgb2Y8YnIgY2xhc3M9IiI+DQombHQ7PGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tl ci5pZXRmLm9yZy9kb2MvZHJhZnQtcmlib3NlLW9wZW5wZ3Atb3NjY2EvIiByZWw9Im5vcmVmZXJy ZXIiIHRhcmdldD0iX2JsYW5rIiBjbGFzcz0iIj5odHRwczovL2RhdGF0cmFja2VyLmlldGYub3Jn Lzx3YnIgY2xhc3M9IiI+ZG9jL2RyYWZ0LXJpYm9zZS1vcGVucGdwLW9zY2NhPHdiciBjbGFzcz0i Ij4vPC9hPiZndDs8YnIgY2xhc3M9IiI+DQpiZWZvcmUgdGhlIGRvY3VtZW50IGZhdGUgd2lsbCBi ZSBkZWNpZGVkIChpdCBpcyBsaWtlbHkgdG8gZW5kIHVwIGluIHRoZSBDVVJETEUgV0cpLjxiciBj bGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCkNhbiB3ZSBoYXZlIHNvbWUgdm9sdW50ZWVyKHMpIHBs ZWFzZT88YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpUaGUgZHJhZnQgQWJzdHJhY3QgaXM6 PGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KJm5ic3A7ICZuYnNwO1RoaXMgZG9jdW1lbnQg ZW5hYmxlcyBPcGVuUEdQIChSRkM0ODgwKSB1c2FnZSBpbiBhbiBjb21wbGlhbnQgbWFubmVyPGJy IGNsYXNzPSIiPg0KJm5ic3A7ICZuYnNwO3dpdGggT1NDQ0EgKE9mZmljZSBvZiBTdGF0ZSBDb21t ZXJjaWFsIENpcGhlciBBZG1pbmlzdHJhdGlvbik8YnIgY2xhc3M9IiI+DQombmJzcDsgJm5ic3A7 cmVndWxhdGlvbnMgZm9yIHVzZSB3aXRoaW4gQ2hpbmEuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNz PSIiPg0KJm5ic3A7ICZuYnNwO1NwZWNpZmljYWxseSwgaXQgZXh0ZW5kcyBPcGVuUEdQIHRvIHN1 cHBvcnQgdGhlIHVzYWdlIG9mIFNNMiwgU00zIGFuZDxiciBjbGFzcz0iIj4NCiZuYnNwOyAmbmJz cDtTTTQgYWxnb3JpdGhtcywgYW5kIHByb3ZpZGVzIHRoZSBPU0NDQS1jb21wbGlhbnQgT3BlblBH UCBwcm9maWxlPGJyIGNsYXNzPSIiPg0KJm5ic3A7ICZuYnNwOyZxdW90O09TQ0NBLVNNMjM0JnF1 b3Q7LjxiciBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NClRoYW5rIHlv dSw8YnIgY2xhc3M9IiI+DQpBbGV4ZXk8YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpfX19f X19fX19fX19fX19fX19fX19fX19fX19fX188d2JyIGNsYXNzPSIiPl9fX19fX19fX19fX19fX19f PGJyIGNsYXNzPSIiPg0KQ3J5cHRvLXBhbmVsIG1haWxpbmcgbGlzdDxiciBjbGFzcz0iIj4NCjxh IGhyZWY9Im1haWx0bzpDcnlwdG8tcGFuZWxAaXJ0Zi5vcmciIHRhcmdldD0iX2JsYW5rIiBjbGFz cz0iIj5DcnlwdG8tcGFuZWxAaXJ0Zi5vcmc8L2E+PGJyIGNsYXNzPSIiPg0KPGEgaHJlZj0iaHR0 cHM6Ly93d3cuaXJ0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9jcnlwdG8tcGFuZWwiIHJlbD0ibm9y ZWZlcnJlciIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSIiPmh0dHBzOi8vd3d3LmlydGYub3JnL21h aWxtYW4vbDx3YnIgY2xhc3M9IiI+aXN0aW5mby9jcnlwdG8tcGFuZWw8L2E+PGJyIGNsYXNzPSIi Pg0KPC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjwvZGl2Pg0K PC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjwvYm9keT4NCjwv aHRtbD4NCg== --_000_05BC205B297544D4A4E352FEDC4B89DBribosecom_-- From nobody Thu Jan 4 05:41:20 2018 Return-Path: X-Original-To: crypto-panel@ietfa.amsl.com Delivered-To: crypto-panel@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADC1112D832 for ; Thu, 4 Jan 2018 05:41:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ieee-org.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZL97KwRIqGPc for ; Thu, 4 Jan 2018 05:41:15 -0800 (PST) Received: from mail-yw0-x236.google.com (mail-yw0-x236.google.com [IPv6:2607:f8b0:4002:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 472DD12D7ED for ; Thu, 4 Jan 2018 05:41:15 -0800 (PST) Received: by mail-yw0-x236.google.com with SMTP id g191so575358ywe.7 for ; Thu, 04 Jan 2018 05:41:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=MODBiaw7ePkqZyGyDVpohDoAJIrcc2bREQoiH3NuffM=; b=i3whO9WyH053ijOhEi7v3leq6ECObx96p4Q7Hfc8YZV/+8/WWVG9f+bdMo3vK1PCF5 /uLBqp6L4MeVfqAi7RiNIVkTEPFKgReRGlCmy8PrGINXaHJtt7bFRjLcEBbf1sisphmu dkWa9WnrU8jqHaNwNP6vYCoJORBXujVeSutEws1AzwLxkclpeYariuPhYm/gQafRX9xn hRomOcPbQ9D8PmM2f6XPupkgT/VoiW84jDc/vjFn0ry53KNfGnuaT0sVLn+2iqQvNG/V YxSyKKQ6u3aQqtOvGFMRrypE888zCBuo6P6XdcWjcrZPaUGIdS5e3D0LvFLmU0szFyrP M5LA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=MODBiaw7ePkqZyGyDVpohDoAJIrcc2bREQoiH3NuffM=; b=S0QiMDa/4v9CyvcsFF4dwoo6vVcx9Oip0LQTdEGCJnRqO817fGctBpqmrvSZkhIAO/ 1HAYDXhLWfDP5+dMA9x574Cq8+UKwnlt1VnRZKvS6IPEvdO1qiSt0eTpa2AHIFvIhqxb UcPHwmoRMity+UdnfV7wiFFjxzqiCcnzK4jZww9ixxGOTYnY5WHFrJNMbedPlmg6Veh3 XVprmd5aswl7Ay3cxL3TZj6p0OIxUEBJMJnXwXQSnegNBFicY309LA8mv7aKD6j2l+nU NndIy2d+8/2LNmnH1GW3zLtAseTB7MV0d2sOVHieUuyHXellsubJ3yHYrBzDvbA6zjrq nizw== X-Gm-Message-State: AKGB3mK3ohl2Y9mMkJpgM3b9xMWaHAvI1N+0Xokm9e/m+o1IH693Np4x yCkWy5mVD2mb3spGQchve45CSk9f2XXBgzKHLs0Ocg== X-Google-Smtp-Source: ACJfBos0WUuKhEqynPrKnA7Y9VAsGfN1Fb3zUcJD/Hrzt4WoAK+aDA+snMimD/oZpKxR1zebMYmjHyDlL0UoOPeEGP4= X-Received: by 10.129.168.193 with SMTP id f184mr4178938ywh.511.1515073274311; Thu, 04 Jan 2018 05:41:14 -0800 (PST) MIME-Version: 1.0 Received: by 10.13.225.12 with HTTP; Thu, 4 Jan 2018 05:41:13 -0800 (PST) In-Reply-To: <05BC205B-2975-44D4-A4E3-52FEDC4B89DB@ribose.com> References: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> <05BC205B-2975-44D4-A4E3-52FEDC4B89DB@ribose.com> From: Bjoern Tackmann Date: Thu, 4 Jan 2018 14:41:13 +0100 Message-ID: To: Ronald Tse Cc: Alexey Melnikov , "crypto-panel@irtf.org" , Nancy Cam-Winget , "draft-ribose-openpgp-oscca.authors@ietf.org" , Tim Polk Content-Type: multipart/alternative; boundary="94eb2c14676e532c2f0561f37c53" Archived-At: Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01 X-BeenThere: crypto-panel@irtf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jan 2018 13:41:19 -0000 --94eb2c14676e532c2f0561f37c53 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Dear Ronald, On Wed, Jan 3, 2018 at 4:18 PM, Ronald Tse wrote: > > If I may clarify, the SM3 and SM4 Internet-Drafts already provide detaile= d > descriptions of the algorithms and also include reference implementations= , > and are ready for CFRG review. The SM2 draft is currently being updated > (apologize for the delay=E2=80=A6), and should provide a similar level of= detail to > those two when the update is complete. > yes, I am aware of that. The SM3 and SM4 drafts were helpful and seemed to be in good shape already, and you had told me that you were working on the SM2 draft. This was not at all meant to be negative, I just think it would be advantageous to have these documents as RFCs together with the one I reviewed, so that one can have a full specification available. > Some idiosyncrasies, as you have rightly pointed out, come from the > definition of the SM2 scheme itself and the OpenPGP standard, so there=E2= =80=99s > not much we can do about. SM2 is a set of three algorithms that include > digital signatures, public key encryption and also key exchange. That=E2= =80=99s why > the SM2 draft included a section on key exchange =E2=80=94 it was not inc= luded in > the OpenPGP draft because it is not suitable for usage in the OpenPGP > context. The SM2/SM3/SM4 documents exist independently from the OpenPGP > document that is being reviewed. > The draft I reviewed [1] had a Section 4.2 called "SM2 Key Exchange Protocol", and I did understand why it was there. It did not seem to be necessary to follow the subsequent parts. Best, Bj=C3=B6rn [1] https://www.ietf.org/archive/id/draft-ribose-openpgp-oscca-01.txt --94eb2c14676e532c2f0561f37c53 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Dear Ronald,


On Wed, Jan 3, 2018 at 4:18 PM, Ronald Tse <tse@ribose= .com> wrote:

If I may clarify, the SM3 and SM4 Internet-Drafts already provide detailed descriptions of the algorithms and also include reference= implementations, and are ready for CFRG review. The SM2 draft is currently= being updated (apologize for the delay=E2=80=A6), and should provide a sim= ilar level of detail to those two when the update is complete.

yes, I am = aware of that. The SM3 and SM4 drafts were helpful and seemed to be in good= shape already, and you had told me that you were working on the SM2 draft.= This was not at all meant to be negative, I just think it would be advanta= geous to have these documents as RFCs together with the one I reviewed, so = that one can have a full specification available.

= =C2=A0
Some idiosyncrasies, as you have rightly pointed out, come from the de= finition of the SM2 scheme itself and the OpenPGP standard, so there=E2=80= =99s not much we can do about. SM2 is a set of three algorithms that includ= e digital signatures, public key encryption and also key exchange. That=E2=80=99s why the SM2 draft include= d a section on key exchange =E2=80=94 it was not included in the OpenPGP dr= aft because it is not suitable for usage in the OpenPGP context. The SM2/SM= 3/SM4 documents exist independently from the OpenPGP document that is being reviewed.

The draft I reviewed [1] had a Section 4.2 called "SM2 Key Exchange= Protocol", and I did understand why it was there. It did not seem to = be necessary to follow the subsequent parts.
=C2=A0
Best,
Bj=C3=B6rn


<= div>


--94eb2c14676e532c2f0561f37c53-- From nobody Fri Jan 5 13:12:03 2018 Return-Path: X-Original-To: crypto-panel@ietfa.amsl.com Delivered-To: crypto-panel@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 022B612D87D for ; Fri, 5 Jan 2018 13:11:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WtDeqT2pXZjz for ; Fri, 5 Jan 2018 13:11:55 -0800 (PST) Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-pu1apc01on0081.outbound.protection.outlook.com [104.47.126.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 709B712D890 for ; Fri, 5 Jan 2018 13:11:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=bUZsVpJBOfkSvavGFu7zCZn/jUfDdTvljdB7wiBJSAU=; b=tqCaddd4wP+gR2BfDXJ4qIBuyEodrcqpM7Yte51z/HTt/6KkVRoz1NKTNHrXhgpu4Pi/bo3jm5/Jv8pZ2pR/BnqYXGvtshbCK2pp+IM3g2Yi67utPnITS99gh2uiqRkXCTqTIiqfhQU5DBxzuCO+AtGrSbn70aZg8bBkTB6OjqE= Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1049.apcprd01.prod.exchangelabs.com (10.165.66.158) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.386.5; Fri, 5 Jan 2018 21:11:43 +0000 Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::b8eb:ed00:f921:128b]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::b8eb:ed00:f921:128b%13]) with mapi id 15.20.0386.006; Fri, 5 Jan 2018 21:11:43 +0000 From: Ronald Tse To: Bjoern Tackmann CC: Alexey Melnikov , "crypto-panel@irtf.org" , Nancy Cam-Winget , "draft-ribose-openpgp-oscca.authors@ietf.org" , Tim Polk Thread-Topic: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01 Thread-Index: AQHTaFGk9+I6QWZrjkm2FNPI8aRJY6NhI6mAgAFX64CAAXcogIACEDIA Date: Fri, 5 Jan 2018 21:11:43 +0000 Message-ID: <6DA15E37-1AA6-4E17-9114-626990AB21C2@ribose.com> References: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> <05BC205B-2975-44D4-A4E3-52FEDC4B89DB@ribose.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; x-originating-ip: [220.246.174.191] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; PS1PR01MB1049; 7:u3SFZasJF2NyP8MGDfV6/mU3uH+e3yvDeBin7V8prRFcD0fF7AgJ1s8OgqCYOdVC6iIc2cbYpHlE6ryQiXaN5C6s0eXrhR3xPa2YfGwjL8NTOXhjMczXwHhIliIRuOY753WdG06uMgWOJd9qotJu9d0M4pYwss/BAdDoD3xG4dImDyDdxMHfecB3Ldoqcvjg2FPNBideiHjagaBJR7ouQBWJ88Z3/NqE1MSCabN2ju7Fkgw0ZckeMObcWum+Sbbi x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 639ac3e4-de68-4798-977e-08d55480ec36 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(4603075)(4627115)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7153060); SRVR:PS1PR01MB1049; x-ms-traffictypediagnostic: PS1PR01MB1049: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(8121501046)(5005006)(3231023)(944501075)(3002001)(10201501046)(93006095)(93001095)(6041268)(2016111802025)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(6043046)(6072148)(201708071742011); SRVR:PS1PR01MB1049; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:PS1PR01MB1049; x-forefront-prvs: 05437568AA x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39380400002)(376002)(39830400003)(396003)(346002)(189003)(24454002)(199004)(83716003)(53936002)(82746002)(6512007)(86362001)(3660700001)(6486002)(66066001)(99286004)(8936002)(606006)(5250100002)(33656002)(3846002)(36756003)(6246003)(93886005)(230783001)(236005)(6116002)(81156014)(25786009)(4326008)(81166006)(68736007)(8676002)(54906003)(316002)(6306002)(54896002)(6506007)(59450400001)(7736002)(2906002)(102836004)(2950100002)(6916009)(53546011)(3280700002)(2900100001)(97736004)(345774005)(413944005)(966005)(8656006)(229853002)(105586002)(5660300001)(76176011)(14454004)(478600001)(106356001)(6436002); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1049; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: 9RbbTV1FRAx8v2cYvtisM6t/21XcY3xj4GYjeenLloP23P3fFNpaAEx0TatOY+zHnbeyzFd9Qf1eq/KvwbU7YQ== spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_6DA15E371AA64E179114626990AB21C2ribosecom_" MIME-Version: 1.0 X-OriginatorOrg: ribose.com X-MS-Exchange-CrossTenant-Network-Message-Id: 639ac3e4-de68-4798-977e-08d55480ec36 X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jan 2018 21:11:43.6153 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1049 Archived-At: Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01 X-BeenThere: crypto-panel@irtf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2018 21:11:57 -0000 --_000_6DA15E371AA64E179114626990AB21C2ribosecom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 RGVhciBCasO2cm4sDQoNCkFncmVlIHdpdGggaGF2aW5nIHRoZSBkb2N1bWVudHMgcmVhZHkgZm9y IHRoZSBmdWxsIHNwZWNpZmljYXRpb24uDQoNCkFuZCB5b3UgYXJlIGFic29sdXRlbHkgY29ycmVj dCB0aGF0IHRoZSBLZXkgRXhjaGFuZ2Ugc2VjdGlvbiBpcyB1bm5lY2Vzc2FyeS4gT3JpZ2luYWxs eSB3ZSB0aG91Z2h0IHRoZSBzZWN0aW9uIHdvdWxkIGJldHRlciBleHBsYWluIHdoeSB0aGUgT3Bl blBHUCBpbXBsZW1lbnRhdGlvbiBzcGVjaWZpY2FsbHkgZXhjbHVkZXMgdGhhdCBwYXJ0aWN1bGFy IHBhcnQgb2YgU00yLCBidXQgdGhlIHNlY3Rpb24gdHVybnMgb3V0IHRvIGJlIGEgZGlzdHJhY3Rp b24gdG8gdGhlIHJlYWRlci4gV2Ugc2hhbGwgcmVkdWNlIHRoYXQgc2VjdGlvbiBpbnRvIGEgc2Vu dGVuY2UgaW5kZWVkLg0KDQpUaGFuayB5b3UgZm9yIHRoZSByZXZpZXcgYWdhaW4gYW5kIHRoZSBn cmVhdCBzdWdnZXN0aW9ucyENCg0KUm9uDQoNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX18NCg0KUm9uYWxkIFRzZQ0KUmlib3NlIEluYy4NCg0KT24gSmFuIDQsIDIwMTgsIGF0 IDk6NDEgUE0sIEJqb2VybiBUYWNrbWFubiA8YmpvZXJuLnRhY2ttYW5uQGllZWUub3JnPG1haWx0 bzpiam9lcm4udGFja21hbm5AaWVlZS5vcmc+PiB3cm90ZToNCg0KRGVhciBSb25hbGQsDQoNCg0K T24gV2VkLCBKYW4gMywgMjAxOCBhdCA0OjE4IFBNLCBSb25hbGQgVHNlIDx0c2VAcmlib3NlLmNv bTxtYWlsdG86dHNlQHJpYm9zZS5jb20+PiB3cm90ZToNCg0KSWYgSSBtYXkgY2xhcmlmeSwgdGhl IFNNMyBhbmQgU000IEludGVybmV0LURyYWZ0cyBhbHJlYWR5IHByb3ZpZGUgZGV0YWlsZWQgZGVz Y3JpcHRpb25zIG9mIHRoZSBhbGdvcml0aG1zIGFuZCBhbHNvIGluY2x1ZGUgcmVmZXJlbmNlIGlt cGxlbWVudGF0aW9ucywgYW5kIGFyZSByZWFkeSBmb3IgQ0ZSRyByZXZpZXcuIFRoZSBTTTIgZHJh ZnQgaXMgY3VycmVudGx5IGJlaW5nIHVwZGF0ZWQgKGFwb2xvZ2l6ZSBmb3IgdGhlIGRlbGF54oCm KSwgYW5kIHNob3VsZCBwcm92aWRlIGEgc2ltaWxhciBsZXZlbCBvZiBkZXRhaWwgdG8gdGhvc2Ug dHdvIHdoZW4gdGhlIHVwZGF0ZSBpcyBjb21wbGV0ZS4NCg0KeWVzLCBJIGFtIGF3YXJlIG9mIHRo YXQuIFRoZSBTTTMgYW5kIFNNNCBkcmFmdHMgd2VyZSBoZWxwZnVsIGFuZCBzZWVtZWQgdG8gYmUg aW4gZ29vZCBzaGFwZSBhbHJlYWR5LCBhbmQgeW91IGhhZCB0b2xkIG1lIHRoYXQgeW91IHdlcmUg d29ya2luZyBvbiB0aGUgU00yIGRyYWZ0LiBUaGlzIHdhcyBub3QgYXQgYWxsIG1lYW50IHRvIGJl IG5lZ2F0aXZlLCBJIGp1c3QgdGhpbmsgaXQgd291bGQgYmUgYWR2YW50YWdlb3VzIHRvIGhhdmUg dGhlc2UgZG9jdW1lbnRzIGFzIFJGQ3MgdG9nZXRoZXIgd2l0aCB0aGUgb25lIEkgcmV2aWV3ZWQs IHNvIHRoYXQgb25lIGNhbiBoYXZlIGEgZnVsbCBzcGVjaWZpY2F0aW9uIGF2YWlsYWJsZS4NCg0K DQpTb21lIGlkaW9zeW5jcmFzaWVzLCBhcyB5b3UgaGF2ZSByaWdodGx5IHBvaW50ZWQgb3V0LCBj b21lIGZyb20gdGhlIGRlZmluaXRpb24gb2YgdGhlIFNNMiBzY2hlbWUgaXRzZWxmIGFuZCB0aGUg T3BlblBHUCBzdGFuZGFyZCwgc28gdGhlcmXigJlzIG5vdCBtdWNoIHdlIGNhbiBkbyBhYm91dC4g U00yIGlzIGEgc2V0IG9mIHRocmVlIGFsZ29yaXRobXMgdGhhdCBpbmNsdWRlIGRpZ2l0YWwgc2ln bmF0dXJlcywgcHVibGljIGtleSBlbmNyeXB0aW9uIGFuZCBhbHNvIGtleSBleGNoYW5nZS4gVGhh dOKAmXMgd2h5IHRoZSBTTTIgZHJhZnQgaW5jbHVkZWQgYSBzZWN0aW9uIG9uIGtleSBleGNoYW5n ZSDigJQgaXQgd2FzIG5vdCBpbmNsdWRlZCBpbiB0aGUgT3BlblBHUCBkcmFmdCBiZWNhdXNlIGl0 IGlzIG5vdCBzdWl0YWJsZSBmb3IgdXNhZ2UgaW4gdGhlIE9wZW5QR1AgY29udGV4dC4gVGhlIFNN Mi9TTTMvU000IGRvY3VtZW50cyBleGlzdCBpbmRlcGVuZGVudGx5IGZyb20gdGhlIE9wZW5QR1Ag ZG9jdW1lbnQgdGhhdCBpcyBiZWluZyByZXZpZXdlZC4NCg0KVGhlIGRyYWZ0IEkgcmV2aWV3ZWQg WzFdIGhhZCBhIFNlY3Rpb24gNC4yIGNhbGxlZCAiU00yIEtleSBFeGNoYW5nZSBQcm90b2NvbCIs IGFuZCBJIGRpZCB1bmRlcnN0YW5kIHdoeSBpdCB3YXMgdGhlcmUuIEl0IGRpZCBub3Qgc2VlbSB0 byBiZSBuZWNlc3NhcnkgdG8gZm9sbG93IHRoZSBzdWJzZXF1ZW50IHBhcnRzLg0KDQoNCkJlc3Qs DQpCasO2cm4NCg0KDQoNClsxXSBodHRwczovL3d3dy5pZXRmLm9yZy9hcmNoaXZlL2lkL2RyYWZ0 LXJpYm9zZS1vcGVucGdwLW9zY2NhLTAxLnR4dA0KDQoNCg0K --_000_6DA15E371AA64E179114626990AB21C2ribosecom_ Content-Type: text/html; charset="utf-8" Content-ID: <44125F7C40FBAC45A8DD054565CD9C56@apcprd01.prod.exchangelabs.com> Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0 ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCkRlYXImbmJzcDtCasO2cm4sDQo8ZGl2IGNsYXNz PSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5BZ3JlZSB3aXRoIGhhdmlu ZyB0aGUgZG9jdW1lbnRzIHJlYWR5IGZvciB0aGUgZnVsbCBzcGVjaWZpY2F0aW9uLjwvZGl2Pg0K PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+QW5kIHlv dSBhcmUgYWJzb2x1dGVseSBjb3JyZWN0IHRoYXQgdGhlIEtleSBFeGNoYW5nZSBzZWN0aW9uIGlz IHVubmVjZXNzYXJ5LiBPcmlnaW5hbGx5IHdlIHRob3VnaHQgdGhlIHNlY3Rpb24gd291bGQgYmV0 dGVyIGV4cGxhaW4gd2h5IHRoZSBPcGVuUEdQIGltcGxlbWVudGF0aW9uIHNwZWNpZmljYWxseSBl eGNsdWRlcyB0aGF0IHBhcnRpY3VsYXIgcGFydCBvZiBTTTIsIGJ1dCB0aGUgc2VjdGlvbiB0dXJu cyBvdXQgdG8NCiBiZSBhIGRpc3RyYWN0aW9uIHRvIHRoZSByZWFkZXIuIFdlIHNoYWxsIHJlZHVj ZSB0aGF0IHNlY3Rpb24gaW50byBhIHNlbnRlbmNlIGluZGVlZC48L2Rpdj4NCjxkaXYgY2xhc3M9 IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPlRoYW5rIHlvdSBmb3IgdGhl IHJldmlldyBhZ2FpbiBhbmQgdGhlIGdyZWF0IHN1Z2dlc3Rpb25zITwvZGl2Pg0KPGRpdiBjbGFz cz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+Um9uPC9kaXY+DQo8ZGl2 IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9IiI+DQo8ZGl2IGNsYXNzPSIiPg0K PGRpdiBzdHlsZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsg b3JwaGFuczogYXV0bzsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQt dHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3aWRvd3M6IGF1dG87IHdvcmQt c3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IHdvcmQtd3JhcDog YnJlYWstd29yZDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyAtd2Via2l0LWxpbmUtYnJlYWs6 IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQpfX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KUm9uYWxkIFRzZTxiciBj bGFzcz0iIj4NClJpYm9zZSBJbmMuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KPC9kaXY+ DQo8L2Rpdj4NCjxkaXY+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj4NCjxkaXYg Y2xhc3M9IiI+T24gSmFuIDQsIDIwMTgsIGF0IDk6NDEgUE0sIEJqb2VybiBUYWNrbWFubiAmbHQ7 PGEgaHJlZj0ibWFpbHRvOmJqb2Vybi50YWNrbWFubkBpZWVlLm9yZyIgY2xhc3M9IiI+YmpvZXJu LnRhY2ttYW5uQGllZWUub3JnPC9hPiZndDsgd3JvdGU6PC9kaXY+DQo8YnIgY2xhc3M9IkFwcGxl LWludGVyY2hhbmdlLW5ld2xpbmUiPg0KPGRpdiBjbGFzcz0iIj4NCjxkaXYgZGlyPSJsdHIiIGNs YXNzPSIiPkRlYXIgUm9uYWxkLA0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8ZGl2IGNs YXNzPSJnbWFpbF9leHRyYSI+PGJyIGNsYXNzPSIiPg0KPGRpdiBjbGFzcz0iZ21haWxfcXVvdGUi Pk9uIFdlZCwgSmFuIDMsIDIwMTggYXQgNDoxOCBQTSwgUm9uYWxkIFRzZSA8c3BhbiBkaXI9Imx0 ciIgY2xhc3M9IiI+DQombHQ7PGEgaHJlZj0ibWFpbHRvOnRzZUByaWJvc2UuY29tIiB0YXJnZXQ9 Il9ibGFuayIgY2xhc3M9IiI+dHNlQHJpYm9zZS5jb208L2E+Jmd0Ozwvc3Bhbj4gd3JvdGU6PGJy IGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgY2xhc3M9ImdtYWlsX3F1b3RlIiBzdHlsZT0ibWFyZ2lu OjBweCAwcHggMHB4IDAuOGV4O2JvcmRlci1sZWZ0LXdpZHRoOjFweDtib3JkZXItbGVmdC1zdHls ZTpzb2xpZDtib3JkZXItbGVmdC1jb2xvcjpyZ2IoMjA0LDIwNCwyMDQpO3BhZGRpbmctbGVmdDox ZXgiPg0KPGRpdiBzdHlsZT0id29yZC13cmFwOmJyZWFrLXdvcmQ7bGluZS1icmVhazphZnRlci13 aGl0ZS1zcGFjZSIgY2xhc3M9IiI+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2 Pg0KPGRpdiBjbGFzcz0iIj5JZiBJIG1heSBjbGFyaWZ5LCB0aGUgU00zIGFuZCBTTTQgSW50ZXJu ZXQtRHJhZnRzIGFscmVhZHkgcHJvdmlkZSBkZXRhaWxlZCBkZXNjcmlwdGlvbnMgb2YgdGhlIGFs Z29yaXRobXMgYW5kIGFsc28gaW5jbHVkZSByZWZlcmVuY2UgaW1wbGVtZW50YXRpb25zLCBhbmQg YXJlIHJlYWR5IGZvciBDRlJHIHJldmlldy4gVGhlIFNNMiBkcmFmdCBpcyBjdXJyZW50bHkgYmVp bmcgdXBkYXRlZCAoYXBvbG9naXplIGZvciB0aGUgZGVsYXnigKYpLA0KIGFuZCBzaG91bGQgcHJv dmlkZSBhIHNpbWlsYXIgbGV2ZWwgb2YgZGV0YWlsIHRvIHRob3NlIHR3byB3aGVuIHRoZSB1cGRh dGUgaXMgY29tcGxldGUuPC9kaXY+DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjxkaXYgY2xhc3M9 IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPnllcywgSSBhbSBhd2FyZSBv ZiB0aGF0LiBUaGUgU00zIGFuZCBTTTQgZHJhZnRzIHdlcmUgaGVscGZ1bCBhbmQgc2VlbWVkIHRv IGJlIGluIGdvb2Qgc2hhcGUgYWxyZWFkeSwgYW5kIHlvdSBoYWQgdG9sZCBtZSB0aGF0IHlvdSB3 ZXJlIHdvcmtpbmcgb24gdGhlIFNNMiBkcmFmdC4gVGhpcyB3YXMgbm90IGF0IGFsbCBtZWFudCB0 byBiZSBuZWdhdGl2ZSwgSSBqdXN0IHRoaW5rIGl0IHdvdWxkIGJlIGFkdmFudGFnZW91cyB0bw0K IGhhdmUgdGhlc2UgZG9jdW1lbnRzIGFzIFJGQ3MgdG9nZXRoZXIgd2l0aCB0aGUgb25lIEkgcmV2 aWV3ZWQsIHNvIHRoYXQgb25lIGNhbiBoYXZlIGEgZnVsbCBzcGVjaWZpY2F0aW9uIGF2YWlsYWJs ZS48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNz PSIiPiZuYnNwOzwvZGl2Pg0KPGJsb2NrcXVvdGUgY2xhc3M9ImdtYWlsX3F1b3RlIiBzdHlsZT0i bWFyZ2luOjBweCAwcHggMHB4IDAuOGV4O2JvcmRlci1sZWZ0LXdpZHRoOjFweDtib3JkZXItbGVm dC1zdHlsZTpzb2xpZDtib3JkZXItbGVmdC1jb2xvcjpyZ2IoMjA0LDIwNCwyMDQpO3BhZGRpbmct bGVmdDoxZXgiPg0KPGRpdiBzdHlsZT0id29yZC13cmFwOmJyZWFrLXdvcmQ7bGluZS1icmVhazph ZnRlci13aGl0ZS1zcGFjZSIgY2xhc3M9IiI+DQo8ZGl2IGNsYXNzPSIiPlNvbWUgaWRpb3N5bmNy YXNpZXMsIGFzIHlvdSBoYXZlIHJpZ2h0bHkgcG9pbnRlZCBvdXQsIGNvbWUgZnJvbSB0aGUgZGVm aW5pdGlvbiBvZiB0aGUgU00yIHNjaGVtZSBpdHNlbGYgYW5kIHRoZSBPcGVuUEdQIHN0YW5kYXJk LCBzbyB0aGVyZeKAmXMgbm90IG11Y2ggd2UgY2FuIGRvIGFib3V0LiBTTTIgaXMgYSBzZXQgb2Yg dGhyZWUgYWxnb3JpdGhtcyB0aGF0IGluY2x1ZGUgZGlnaXRhbCBzaWduYXR1cmVzLCBwdWJsaWMg a2V5DQogZW5jcnlwdGlvbiBhbmQgYWxzbyBrZXkgZXhjaGFuZ2UuIFRoYXTigJlzIHdoeSB0aGUg U00yIGRyYWZ0IGluY2x1ZGVkIGEgc2VjdGlvbiBvbiBrZXkgZXhjaGFuZ2Ug4oCUIGl0IHdhcyBu b3QgaW5jbHVkZWQgaW4gdGhlIE9wZW5QR1AgZHJhZnQgYmVjYXVzZSBpdCBpcyBub3Qgc3VpdGFi bGUgZm9yIHVzYWdlIGluIHRoZSBPcGVuUEdQIGNvbnRleHQuIFRoZSBTTTIvU00zL1NNNCBkb2N1 bWVudHMgZXhpc3QgaW5kZXBlbmRlbnRseSBmcm9tIHRoZSBPcGVuUEdQDQogZG9jdW1lbnQgdGhh dCBpcyBiZWluZyByZXZpZXdlZC48L2Rpdj4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPGRpdiBj bGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+VGhlIGRyYWZ0IEkg cmV2aWV3ZWQgWzFdIGhhZCBhIFNlY3Rpb24gNC4yIGNhbGxlZCAmcXVvdDtTTTIgS2V5IEV4Y2hh bmdlIFByb3RvY29sJnF1b3Q7LCBhbmQgSSBkaWQgdW5kZXJzdGFuZCB3aHkgaXQgd2FzIHRoZXJl LiBJdCBkaWQgbm90IHNlZW0gdG8gYmUgbmVjZXNzYXJ5IHRvIGZvbGxvdyB0aGUgc3Vic2VxdWVu dCBwYXJ0cy48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+Jm5ic3A7PC9kaXY+DQo8ZGl2IGNsYXNzPSIi PjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5CZXN0LDwvZGl2Pg0KPGRpdiBj bGFzcz0iIj5CasO2cm48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+ DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIg Y2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+WzFdJm5ic3A7PGEgaHJlZj0iaHR0cHM6 Ly93d3cuaWV0Zi5vcmcvYXJjaGl2ZS9pZC9kcmFmdC1yaWJvc2Utb3BlbnBncC1vc2NjYS0wMS50 eHQiIGNsYXNzPSIiPmh0dHBzOi8vd3d3LmlldGYub3JnL2FyY2hpdmUvaWQvZHJhZnQtcmlib3Nl LW9wZW5wZ3Atb3NjY2EtMDEudHh0PC9hPjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9 IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2Rpdj4N CjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8 YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_6DA15E371AA64E179114626990AB21C2ribosecom_--