From nobody Sun Jul 2 14:20:40 2017 Return-Path: X-Original-To: ace@ietf.org Delivered-To: ace@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 85DDC129AC4; Sun, 2 Jul 2017 14:20:34 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit From: internet-drafts@ietf.org To: Cc: ace@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 6.55.1 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <149903043451.17409.9954811755308172384@ietfa.amsl.com> Date: Sun, 02 Jul 2017 14:20:34 -0700 Archived-At: Subject: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-07.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Jul 2017 21:20:34 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments of the IETF. Title : CBOR Web Token (CWT) Authors : Michael B. Jones Erik Wahlström Samuel Erdtman Hannes Tschofenig Filename : draft-ietf-ace-cbor-web-token-07.txt Pages : 24 Date : 2017-07-02 Abstract: CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR) and CBOR Object Signing and Encryption (COSE) is used for added application layer security protection. A claim is a piece of information asserted about a subject and is represented as a name/value pair consisting of a claim name and a claim value. CWT is derived from JSON Web Token (JWT), but uses CBOR rather than JSON. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-cbor-web-token/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-07 https://datatracker.ietf.org/doc/html/draft-ietf-ace-cbor-web-token-07 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-cbor-web-token-07 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Mon Jul 3 02:11:21 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FC0F131480 for ; Mon, 3 Jul 2017 02:11:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=erdtman-se.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id frl8diVNpRtE for ; Mon, 3 Jul 2017 02:11:17 -0700 (PDT) Received: from mail-wr0-x233.google.com (mail-wr0-x233.google.com [IPv6:2a00:1450:400c:c0c::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 568BF131488 for ; Mon, 3 Jul 2017 02:11:17 -0700 (PDT) Received: by mail-wr0-x233.google.com with SMTP id k67so230305454wrc.2 for ; Mon, 03 Jul 2017 02:11:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=erdtman-se.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=hxuv/CUBvd0E4Tcifen5pMBuEJyvECMA8W34NUGG9bI=; b=vCbBD0v+AwpsXgD9o7BPlC4PUVpIWfRG4LNVVMRoVWb8pLDs7FouZPkyRgGqW0NRea 8bf5KKbHxa7Xtx38vL6UXqznIsp2jl//nXaWJzv9FdFgDHPZkch/sGfz1cVW+NTImawV G9CMH3bvb6nR6CzeVL4BLewyGrTiJM53MlVNc9WlqnuByWw0PPYGjBVitDReidhTL5Er JzTU+qoOXdRGtvi1KEobdmPe7yXIpMyumASrcouIQvx0qGRDaJ3EvTPLe2XV8+lNw9lK SyxMg20qM1O40PoPzaixHR+82WRrSptTs8KFHj/9Lsbeg1evfbiZW0k12pWgO+UmTmMa ZaEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=hxuv/CUBvd0E4Tcifen5pMBuEJyvECMA8W34NUGG9bI=; b=r4jMC88jexK+ijpPtaCUII0vKCduTzVo/CrGWoRLcTuYDtcaGbSx7mkx40RqGC8nfg kbczicw7YAZSRDRoXEt8QQ/Wl5PjuWDc0C6oM2z7KXvrjgOlKQsZSHU4N74+Eh+VhMl8 Yzk94wRm8EsXTAm/+asnYB3DRNuuh12CYFQulsnYn8cWdPHrk0LmIL0TA0NjzjAcxkMo O3+cwaTUAuTk+5em245ZCr/cujySFKN7g8ryP0fFX6jtDPZ2jpUD2cnHQESNJOfu//sT 0kTqFGV1Tr/eEAdg/5n+pmUx2Uwvv447gTbfZlHmsZ6WlVYJPDicJGC1NC7jFC21kSwQ 9hrg== X-Gm-Message-State: AKS2vOyxqrNQ2RLJm+Xob5/ZEGOuuyq1z2SKo+qwwAKQM7TBpLLSe7P/ PEZB4uvBZawNNa3S7sqjW40tBjuoXyYB X-Received: by 10.223.131.162 with SMTP id 31mr29207696wre.161.1499073075642; Mon, 03 Jul 2017 02:11:15 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.179.18 with HTTP; Mon, 3 Jul 2017 02:11:15 -0700 (PDT) In-Reply-To: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> References: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> From: Samuel Erdtman Date: Mon, 3 Jul 2017 11:11:15 +0200 Message-ID: To: Kepeng Li Cc: ace-chairs@ietf.org, ace Content-Type: multipart/alternative; boundary="94eb2c0d0f4c2aa4930553662664" Archived-At: Subject: Re: [Ace] ace - Requested session has been scheduled for IETF 99 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jul 2017 09:11:20 -0000 --94eb2c0d0f4c2aa4930553662664 Content-Type: text/plain; charset="UTF-8" Hi If possible I would like to add an agenda item to the ACE meeting. I would like to introduce draft-erdtman-ace-rpcc-00. For this I need 5-10 minutes. I will not be at the meeting so I have filled out the form for remote participation. Thanks //Samuel On Sat, Jun 24, 2017 at 2:07 AM, "IETF Secretariat" wrote: > Dear Kepeng Li, > > The session(s) that you have requested have been scheduled. > Below is the scheduled session information followed by > the original request. > > ace Session 1 (2:30:00) > Monday, Morning Session I 0930-1200 > Room Name: Congress Hall I size: 250 > --------------------------------------------- > > > > Request Information: > > > --------------------------------------------------------- > Working Group Name: Authentication and Authorization for Constrained > Environments > Area Name: Security Area > Session Requester: Kepeng Li > > Number of Sessions: 1 > Length of Session(s): 2.5 Hours > Number of Attendees: 100 > Conflicts to Avoid: > First Priority: core oauth saag lwig tokbind tls > > > > > People who must be present: > Kathleen Moriarty > Hannes Tschofenig > Kepeng Li > > Resources Requested: > > Special Requests: > Avoid entire SEC areas. Please avoid a session on Friday! > --------------------------------------------------------- > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace > --94eb2c0d0f4c2aa4930553662664 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi

If possible I wo= uld like to add an agenda item to the ACE meeting.

I would lik= e to introduce draft-erdtman-ace-rpcc-00. For this I need 5-10 minutes.
=
I will not be at the meeting so I have filled out the form for re= mote participation.

Thanks
//Samuel

On Sat, Jun 24, 2017 at 2= :07 AM, "IETF Secretariat" <agenda@ietf.org> wrote:<= br>
Dear Kepeng Li,

The session(s) that you have requested have been scheduled.
Below is the scheduled session information followed by
the original request.

ace Session 1 (2:30:00)
=C2=A0 =C2=A0 Monday, Morning Session I 0930-1200
=C2=A0 =C2=A0 Room Name: Congress Hall I size: 250
=C2=A0 =C2=A0 ---------------------------------------------



Request Information:


---------------------------------------------------------
Working Group Name: Authentication and Authorization for Constrained Enviro= nments
Area Name: Security Area
Session Requester: Kepeng Li

Number of Sessions: 1
Length of Session(s):=C2=A0 2.5 Hours
Number of Attendees: 100
Conflicts to Avoid:
=C2=A0First Priority: core oauth saag lwig tokbind tls




People who must be present:
=C2=A0 Kathleen Moriarty
=C2=A0 Hannes Tschofenig
=C2=A0 Kepeng Li

Resources Requested:

Special Requests:
=C2=A0 Avoid entire SEC areas. Please avoid a session on Friday!
---------------------------------------------------------

_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

--94eb2c0d0f4c2aa4930553662664-- From nobody Mon Jul 3 08:19:39 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95644131691; Mon, 3 Jul 2017 08:19:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.4 X-Spam-Level: X-Spam-Status: No, score=-5.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B2LAzafYj02k; Mon, 3 Jul 2017 08:19:26 -0700 (PDT) Received: from se-out1.mx-wecloud.net (se-out1.mx-wecloud.net [89.221.255.93]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0471C13168E; Mon, 3 Jul 2017 08:19:25 -0700 (PDT) Received: from sp-mail-2.sp.se (unknown [194.218.146.197]) by se-out1.mx-wecloud.net (Postfix) with ESMTPS id 60544203DF9; Mon, 3 Jul 2017 15:19:21 +0000 (UTC) Received: from [193.10.66.141] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.32; Mon, 3 Jul 2017 17:19:22 +0200 Message-ID: <595A606F.1020603@ri.se> Date: Mon, 3 Jul 2017 17:19:11 +0200 From: Marco Tiloca User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0 MIME-Version: 1.0 To: , CC: References: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> In-Reply-To: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="UxTsqp68WVwvCNmsuTSpbX3mSspm3euG9" X-Originating-IP: [10.116.0.226] X-ClientProxiedBy: sp-mail-1.sp.se (10.100.0.161) To sp-mail-2.sp.se (10.100.0.162) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=aq3CMWRV c=1 sm=1 tr=0 a=L5DDne6A+dD0FbDkt2Fblw==:117 a=L5DDne6A+dD0FbDkt2Fblw==:17 a=sZ8rJzgPlrQA:10 a=G3gG6ho9WtcA:10 a=48vgC7mUAAAA:8 a=xPT6tdSuAAAA:8 a=FKUrDTyPdGeji7rfl0UA:9 a=kB5yRNwIEmK_IAmc:21 a=k-rgVGZLss5Oft_A:21 a=pILNOxqGKmIA:10 a=f1xR_wOpaLpBDuqagXcA:9 a=ONNS8QRKHyMA:10 a=w1C3t2QeGrPiZgrLijVG:22 a=80PJfYVSYmV_jLpvUEnt:22 X-Virus-Scanned: clamav-milter 0.99.2 at MailSecurity X-Virus-Status: Clean X-MailSecurity-Status: 0 X-Scanned-By: WeCloud MailSecurity X-MailSecurity-Score: 0 Archived-At: Subject: Re: [Ace] ace - Requested session has been scheduled for IETF 99 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jul 2017 15:19:29 -0000 --UxTsqp68WVwvCNmsuTSpbX3mSspm3euG9 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Hi all, I would like to request two slots for IETF99: draft-tiloca-ace-oscoap-joining-00 Abstract: This document describes a method to join a multicast group where communications are based on CoAP and secured with Object Security of CoAP (OSCOAP). This approach builds on the ACE framework for Authentication and Authorization, and leverages protocol-specific profiles of ACE. Objective: Present the work, ask for reviewers. Time: 10 minutes. draft-aragon-ace-ipsec-profile-00 Abstract: This document defines a profile of the ACE framework for authentication and authorization. It uses the IPsec protocol suite and the IKEv2 protocol to ensure secure communication, server authentication and proof-of-possession for a key bound to an OAuth 2.0 access token. Objective: Present the work, ask for reviewers. Time: 10 minutes. Thanks a lot! Best regards, /Marco On 2017-06-24 02:07, "IETF Secretariat" wrote: > Dear Kepeng Li, > > The session(s) that you have requested have been scheduled. > Below is the scheduled session information followed by > the original request.=20 > > ace Session 1 (2:30:00) > Monday, Morning Session I 0930-1200 > Room Name: Congress Hall I size: 250 > --------------------------------------------- > =20 > > > Request Information: > > > --------------------------------------------------------- > Working Group Name: Authentication and Authorization for Constrained En= vironments > Area Name: Security Area > Session Requester: Kepeng Li > > Number of Sessions: 1 > Length of Session(s): 2.5 Hours > Number of Attendees: 100 > Conflicts to Avoid:=20 > First Priority: core oauth saag lwig tokbind tls > > > > > People who must be present: > Kathleen Moriarty > Hannes Tschofenig > Kepeng Li > > Resources Requested: > > Special Requests: > Avoid entire SEC areas. Please avoid a session on Friday! > --------------------------------------------------------- > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace --=20 Marco Tiloca, PhD Research Institutes of Sweden RISE ICT/SICS Isafjordsgatan 22 / Kistag=E5ngen 16 SE-164 40 Kista (Sweden) Phone: +46 (0)70 60 46 501 https://www.sics.se https://www.sics.se/~marco/ The RISE institutes Innventia, SP and Swedish ICT have merged in order to become a stronger research and innovation partner for businesses and society. SICS Swedish ICT AB, has now changed name to RISE SICS AB. --UxTsqp68WVwvCNmsuTSpbX3mSspm3euG9 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJZWmBvAAoJEO4mZLQOWNpDqgMH+wXQIyOUVhWG9rapmKz5TCaF LLn+lUpvv97f2bQkcWBlw+6bYo4ZEydzGb0hHwQjTvc4yHtUQYhSu/KoQn8ZfrB1 x3C1t4xzy1+qHF18BVxVRXid0paLSdd5wodP0Id1zNWCmp/h5FXliDbPNOZbxyjX AoPtD3RHkSPsTUUY7wkBcnewVLtm8z6Jv0w/gHPMOw4PVOuNP6iTkxIgQxJmsDQG lYjrRAv1jH/23aGttTuFIAiBOrtGTFYVx6OzaKg5AjHDG9bzYB+aNvKaK/bIvuXr /c1HZh6ocWGsZXvC2nH20u74RRiBZn4qrtj2sqJcqN95WEMVP1FQhOScyI43nXY= =5IzH -----END PGP SIGNATURE----- --UxTsqp68WVwvCNmsuTSpbX3mSspm3euG9-- From nobody Mon Jul 3 14:00:49 2017 Return-Path: X-Original-To: ace@ietf.org Delivered-To: ace@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7396A126B72; Mon, 3 Jul 2017 14:00:48 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit From: internet-drafts@ietf.org To: Cc: ace@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 6.55.2 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <149911564845.22786.5854161840974920364@ietfa.amsl.com> Date: Mon, 03 Jul 2017 14:00:48 -0700 Archived-At: Subject: [Ace] I-D Action: draft-ietf-ace-dtls-authorize-01.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jul 2017 21:00:48 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments of the IETF. Title : Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE) Authors : Stefanie Gerdes Olaf Bergmann Carsten Bormann Göran Selander Ludwig Seitz Filename : draft-ietf-ace-dtls-authorize-01.txt Pages : 17 Date : 2017-07-03 Abstract: This specification defines a profile for delegating client authentication and authorization in a constrained environment by establishing a Datagram Transport Layer Security (DTLS) channel between resource-constrained nodes. The protocol relies on DTLS for communication security between entities in a constrained network. A resource-constrained node can use this protocol to delegate management of authorization information to a trusted host with less severe limitations regarding processing power and memory. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-dtls-authorize/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-ace-dtls-authorize-01 https://datatracker.ietf.org/doc/html/draft-ietf-ace-dtls-authorize-01 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-dtls-authorize-01 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Mon Jul 3 14:02:13 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B396C126B72; Mon, 3 Jul 2017 14:02:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.199 X-Spam-Level: X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dmVU4XdR6eBE; Mon, 3 Jul 2017 14:02:03 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8794F13147F; Mon, 3 Jul 2017 14:01:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v63L14st029366; Mon, 3 Jul 2017 23:01:04 +0200 (CEST) Received: from aung.tzi.org (p5B0DDDD7.dip0.t-ipconnect.de [91.13.221.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3x1fgN02KQz3ZF1; Mon, 3 Jul 2017 23:01:03 +0200 (CEST) From: Olaf Bergmann To: Jim Schaad Cc: , ace@ietf.org Date: Mon, 03 Jul 2017 22:21:22 +0200 References: <009701d2ead2$15024df0$3f06e9d0$@augustcellars.com> Message-ID: <87ziclteup.fsf@aung.informatik.uni-bremen.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ace] Review on draft-ietf-ace-dtls-authorize-00 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jul 2017 21:02:07 -0000 Jim, Thank you very much for the detailed comments. Please see responses inline. I have uploaded version -01 with minor edits listed at the end of your message. (Unfortunately, I did not yet have time to propose changes for the non-editorial comments.) Jim Schaad writes: > I have some comments on this draft that I have gotten from implementation > attempts. > > Major Issues: > > Section 2 talks about looking things up in the resource directory, but it > does not say what one would be looking for. Is this material which should > be in the generic document? You are right, this is generic enough to go into the framework. There had been a proposal for this in an earlier version of this document [1], but this has been lost in the process. Maybe we can revive that somehow. [1] https://tools.ietf.org/html/draft-gerdes-ace-dcaf-authorize-04#section-9 > Section 2 - I see a potential interop problem w/ the MAY about > transferring > the access token or PSK. Does a client try it and if it does not work > do it > the other way or is it always going to post unless it has some external > indicator that it can take the "shortcut" method? My understanding is that the POST to /authz-info would be MTI as this seems to be required by the framework. And yes, this would mean that the "shortcut" (=3D sending the token in the psk_identity) requires some external knowledge or trying. > Section 2.1 - I do not understand why this is not in the mail document > rather than in this profile. Good point. The main document's authors are aware of that and my understanding is that this will go into that document.=20 > Section 2.1 - The list of three items seems to be overly restrictive > on what > is allowed. I believe that you are missing the case of no token > because no > token is needed (which would apply to /authz-info as well). You have > previously stated that going to /.well-known/core may be something that is > desirable - either that or I completely miss understood what was being > said > above. You may be correct: Requests for resources that are available without authorization (as /.well-known/core usually is), would not be possible when following this list. The first sentence of Section 2.1 should have made clear that this applies only to resources that are to be protected. Maybe this should be rephrased. > Section 2.2 - I do not see the AS_Info map defined anyplace. Am I missing > something? There had been a CDDL [2] which needs to be put back in, sorry for that. [2] https://tools.ietf.org/html/draft-gerdes-ace-dcaf-authorize-04#appendix= -A > Section 2.1 - I am not sure - is the case of no valid access token > supposed > to cover cases where the token has expired? Are there other cases > that one > needs to think about here? Would it not be better to close the DTLS > connection in the event that the last valid token expires? "no valid access token" would cover these cases: 1. expired access token, 2. no token (but required for protected resource), and 3. rogue token. Indeed, when a DTLS session already exists, it could make sense for an entity to keep the connection, e.g., when it initially had the role of RS and now uses the very same DTLS session as CoAP client for communication with the same peer. > Section 2.1 - You do not state if an AS_Info map should be returned > for all > three cases of failures. I assume that it should be, but at the current > level of information it might not be totally useful. Yes, the intention was to return AS Info in all these cases. Why would this not always be useful? > Section 2.2 - You might want to differentiate on the setoff AS_info fields > that would be returned in an unsecured vs secured channel. That is, if I > have a DTLS connection and try to do an operation that fails - then more > info could be returned as it is not generally available. Okay, this makes sense. > Section 2.2. - I have no idea how to use this nonce value so that it > ends up > in the access token. I do believe that the Client-to-AS request needs a mechanism to convey this nonce. > Section 2.3 - I have no idea what item #3 is supposed to be saying. > How can > an RS determine if it is the destination under normal circumstances? This would be trivially true in a point-to-point communication relationship because RS would be the only entity that can decode the message. In group communication or scenarios where intermediaries are involved this is would be a crucial requirement. > Section 3 - I am not sure that the Note text really makes any sense. > If the > client implements Edwards rather than classic EC curves this makes no > sense > to offer.=20=20 The intention was to have a reasonable mandatory-to-implement ciphersuite. Are you suggesting to not specify any mandatory cipherwuite for RPK mode? > Section 4.1 - the psk_identity field in TLS is a binary field - why do the > base64 encoding - need to justify this. The problem is the psk_identity must be valid UTF-8 which we cannot guarantee when sending raw CBOR data. > Also the current text means > that I > suddenly have three different things that can be in this field. This > is not > the type of thing hat would make me happy. Where you want me to do > this is > not the easiest place to suddenly do the processing needed to validate > a new > access token. I understand your concern. Need to think more about this. > Section 4.1 - I don't understand what the text around COSE_Encrypt is > supposed to be doing. It makes little sense to me but I have not tried to > think about it deeply. The idea was to have a mechanism for RS to derive a session key from the access token and a shared key between AS and RS. I personally think this is the most secure mechanism to transfer the session key. > Section 4.2 - I don't know that a reference to 5746 is going to be any > good > long term.=20=20 Can you elaborate why this might not be good? > Section 4.2 - need to distinguish between cases where the permissions are > update vs where the key is updated. The former SHOULD NOT require a new > session to be established. Correct. > Section 5.1 - I am not sure what this means. I assume that this text > should > say that a client should only deal with an AS for which it has a security > relationship. Interesting. This would be an important design decision. > Note that it might be an idea to be able to copy the AS > from > the RS into the AS request in the event that they do not match so that > four > corner authorization can be supported. Yes, I suppose this would be the preferable way to go forward. > Minor Issues: > > * I would stop the PSK and RPK paragraphs in the introduction so that they > are in the same order as in sections 3 and 4. Done. > * In the introduction - clean up the last two paragraphs. The reference # > is off as is the extra line in the Note The reference now is fixed for the version -06 of draft oauth-authz. Regarding the note, I am not sure how this can be fixed. As this note is temporary in nature, I will leave it as is for now. > * Remove the mention of OSCOAP in section 4 - If you want to say another > profile exists, do it in the introduction. Okay, I have removed it for now. Gr=C3=BC=C3=9Fe Olaf From nobody Mon Jul 3 14:04:57 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A500128B4E for ; Mon, 3 Jul 2017 14:04:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yp4wQxRws_44 for ; Mon, 3 Jul 2017 14:04:34 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 992FD12F27C for ; Mon, 3 Jul 2017 14:04:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v63L4Q9k001201 for ; Mon, 3 Jul 2017 23:04:26 +0200 (CEST) Received: from aung.tzi.org (p5B0DDDD7.dip0.t-ipconnect.de [91.13.221.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3x1flG0wlBz3ZF4 for ; Mon, 3 Jul 2017 23:04:26 +0200 (CEST) From: Olaf Bergmann To: ace@ietf.org References: <149911564845.22786.5854161840974920364@ietfa.amsl.com> Date: Mon, 03 Jul 2017 23:04:25 +0200 In-Reply-To: <149911564845.22786.5854161840974920364@ietfa.amsl.com> (internet-drafts@ietf.org's message of "Mon, 03 Jul 2017 14:00:48 -0700") Message-ID: <87shidtep2.fsf@aung.informatik.uni-bremen.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ace] I-D Action: draft-ietf-ace-dtls-authorize-01.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jul 2017 21:04:36 -0000 Hi all, I have just uploaded version -01 of draft-ietf-ace-dtls-authorize, the CoAP DTLS profile for ACE. The only changes are the minor edits as noted in Jim's review. > A New Internet-Draft is available from the on-line Internet-Drafts direct= ories. > This draft is a work item of the Authentication and Authorization for Con= strained Environments of the IETF. > > Title : Datagram Transport Layer Security (DTLS) Profil= e for Authentication and Authorization for Constrained Environments (ACE) > Authors : Stefanie Gerdes > Olaf Bergmann > Carsten Bormann > G=C3=B6ran Selander > Ludwig Seitz > Filename : draft-ietf-ace-dtls-authorize-01.txt > Pages : 17 > Date : 2017-07-03 Gr=C3=BC=C3=9Fe Olaf From nobody Tue Jul 4 11:25:35 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96A291319DC; Tue, 4 Jul 2017 11:25:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.021 X-Spam-Level: X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dO-L1ddGoXgo; Tue, 4 Jul 2017 11:25:30 -0700 (PDT) Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0092.outbound.protection.outlook.com [104.47.41.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCA1313274F; Tue, 4 Jul 2017 11:25:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=NTGPQxYOcuyJhCUi87yc+XhARPyghM1Kg0LgAeTWnog=; b=VpeWDStPsvuvMl0h+jJjxyAPtbLZmn3r0lD7uPbvQfMVknmUvP7JeOxcFEF4vF9nhPHju0bzPGivE78SvnVRBbhMB4NxbziE6GAc1aBHFuS8bVacKHxTC1Alw/FD9YqJRQL51sA5eh1Di1RQUtx29a3s25GU8d+ID150yzkvK2U= Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0279.namprd21.prod.outlook.com (10.173.193.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.2; Tue, 4 Jul 2017 18:25:28 +0000 Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.1261.003; Tue, 4 Jul 2017 18:25:28 +0000 From: Mike Jones To: Jim Schaad , 'Samuel Erdtman' CC: "draft-ietf-ace-cbor-web-token@ietf.org" , 'ace' Thread-Topic: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-05.txt Thread-Index: AQHS3mQBvrakMVykCUmbjWGGw4uE4qIrE2IAgAWWHwCAAOHygIASnWCQ Date: Tue, 4 Jul 2017 18:25:27 +0000 Message-ID: References: <149671239411.3941.12998153965739248286@ietfa.amsl.com> <006101d2e868$17c8e3d0$475aab70$@augustcellars.com> <01e901d2eba4$1ff2b790$5fd826b0$@augustcellars.com> In-Reply-To: <01e901d2eba4$1ff2b790$5fd826b0$@augustcellars.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Ref=https://api.informationprotection.azure.com/api/72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=mbj@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2017-07-04T11:25:25.2844925-07:00; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General authentication-results: augustcellars.com; dkim=none (message not signed) header.d=none;augustcellars.com; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [50.47.93.167] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0279; 7:u1vTJRdW/2s+2FMlaH6CT5twfVrVCtXBuXyFWtRAkOYatnR4V9F+ZACO9N57cUU08543DS9t/XloMJusFco0YkKEuPlQ1abPQ/08s0e3umoTod3xXS+uPmZa/7tagjGjouUWLBJZVjWPYi0++UnXHBM7b5SSKtzwMM3kYMoQCeMfayFmsm1X+A8yBFYW0Lfs/e1CgiGhcVpx+UhWnXFbp9UYrvgVGt5jki55xdvKeNGFLDKocZQZDl3DIWYj2wbLSbC3AoXZngkQdbvRL1DNHtXQFytJmZdqJV8LKQwxi2uu1e6KXl13rF88uCENo1GtZnz6QfsdEnsT+Y46ONyj4/swlPr8OPJaVp+Vvflurs49vYGY3uqPteUgvKD1Mnbs2lPs6GTDmIaKK5Upz4NBVXehVbNPJu4K3OwDsAvU/HdsdUnENieKzRokRXH5+R93idPk0WLbTTG7RL0Tki/3X6LQH5g++rkJcduKy2GMrM3eHP3py6Rsn0zbjed+KJ+FJB+o7DOC5Xp75bAXB6/QHvunEIQgV/q+XQYrwp4LSmjSZZY+duU2KNXBwhQFa+ulEC2puIMn1CZMpfRQGGKBsLHD92AyTjCkRoU84enrcpw+6GR8xqDAMW12JJ3B8RpCYce+lmDcP2+v+Vk6jQYX03ptyf7+AyTi4sSwDjMP4vIJJLIHqJyZu0n+E0xJPi0aGq+O6jmc9K4Aqo1wDl+8+AHAFah40kWPIh0txTpblgChdRt5DKeE5q6uFGX0vxmZ4p3OHU9m5umcveRlWBYW2wEmlu49k98v0zzdyYicyR/2eBGvNQIb85rwPLWE6p7u x-ms-office365-filtering-correlation-id: fefe4254-563f-4532-ae55-08d4c30a0be6 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:CY4PR21MB0279; x-ms-traffictypediagnostic: CY4PR21MB0279: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(151999592597050)(278178393323532)(133145235818549)(120809045254105)(26388249023172)(236129657087228)(192374486261705)(148574349560750)(21748063052155)(247924648384137); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(2017060910033)(5005006)(8121501046)(3002001)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123564025)(20161123558100)(20161123560025)(20161123555025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0279; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0279; x-forefront-prvs: 0358535363 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39450400003)(39410400002)(39850400002)(39400400002)(39840400002)(39860400002)(377454003)(24454002)(13464003)(377424004)(54906002)(790700001)(66066001)(14971765001)(53546010)(606006)(38730400002)(50986999)(54356999)(99286003)(55016002)(7736002)(6116002)(53936002)(3846002)(53386004)(102836003)(6246003)(6506006)(2900100001)(6436002)(19609705001)(8676002)(230783001)(9686003)(6306002)(86362001)(236005)(54896002)(14454004)(4326008)(93886004)(2950100002)(33656002)(86612001)(25786009)(3280700002)(72206003)(81166006)(76176999)(8936002)(966005)(3660700001)(77096006)(74316002)(10290500003)(2906002)(10090500001)(7696004)(5660300001)(5005710100001)(189998001)(478600001)(229853002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0279; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0504F93E54947F08A07C0D77F5D70CY4PR21MB0504namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jul 2017 18:25:28.1901 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0279 Archived-At: Subject: Re: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-05.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Jul 2017 18:25:33 -0000 --_000_CY4PR21MB0504F93E54947F08A07C0D77F5D70CY4PR21MB0504namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgSmltLiAgRHJhZnQgLTA3IG5vdyB1c2VzIGRldGVybWluaXN0aWMgc2lnbmluZyBhbGdvcml0 aG1zLCB0aGFua3MgdG8gU2FtdWVsLiAgQ291bGQgeW91IHRha2UgYW5vdGhlciBjcmFjayBhdCBy ZXByb2R1Y2luZyB0aGUgZXhhbXBsZXM/DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAtLSBNaWtlDQoNCkZyb206IEppbSBTY2hhYWQgW21h aWx0bzppZXRmQGF1Z3VzdGNlbGxhcnMuY29tXQ0KU2VudDogVGh1cnNkYXksIEp1bmUgMjIsIDIw MTcgMzowOSBQTQ0KVG86ICdTYW11ZWwgRXJkdG1hbicgPHNhbXVlbEBlcmR0bWFuLnNlPg0KQ2M6 IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuQGlldGYub3JnOyAnYWNlJyA8YWNlQGlldGYu b3JnPg0KU3ViamVjdDogUkU6IFtBY2VdIEktRCBBY3Rpb246IGRyYWZ0LWlldGYtYWNlLWNib3It d2ViLXRva2VuLTA1LnR4dA0KDQpTZWUgYmVsb3cuDQoNCkppbQ0KDQpGcm9tOiBTYW11ZWwgRXJk dG1hbiBbbWFpbHRvOnNhbXVlbEBlcmR0bWFuLnNlXQ0KU2VudDogVGh1cnNkYXksIEp1bmUgMjIs IDIwMTcgMTo0MCBBTQ0KVG86IEppbSBTY2hhYWQgPGlldGZAYXVndXN0Y2VsbGFycy5jb208bWFp bHRvOmlldGZAYXVndXN0Y2VsbGFycy5jb20+Pg0KQ2M6IGRyYWZ0LWlldGYtYWNlLWNib3Itd2Vi LXRva2VuQGlldGYub3JnPG1haWx0bzpkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbkBpZXRm Lm9yZz47IGFjZSA8YWNlQGlldGYub3JnPG1haWx0bzphY2VAaWV0Zi5vcmc+Pg0KU3ViamVjdDog UmU6IFtBY2VdIEktRCBBY3Rpb246IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1LnR4 dA0KDQpUaGFua3MgSmltIQ0KU2UgY29tbWVudHMgaW5saW5lDQoNCk9uIFN1biwgSnVuIDE4LCAy MDE3IGF0IDk6MjEgUE0sIEppbSBTY2hhYWQgPGlldGZAYXVndXN0Y2VsbGFycy5jb208bWFpbHRv OmlldGZAYXVndXN0Y2VsbGFycy5jb20+PiB3cm90ZToNCkNvbW1lbnRzIG9uIHRoaXMgdmVyc2lv biBvZiB0aGUgZHJhZnQuDQoNClNlY3Rpb24gNyAtIFN0ZXAgNiAmIDcgLSBJIGRvIG5vdCBrbm93 IGlmIGl0IGlzIGxlZ2FsIHRvIGhhdmUgYSBDV1QgQ0JPUiB0YWcgYXQgdGhpcyBwb2ludA0KDQpJ biBzZWN0aW9uIDcuMSBzdGVwIDYgZGVzY3JpYmVzIGhvdyBvbmUgY2FuIGFkZCB0aGUgQ1dUIENC T1IgVGFnIHRvIHRoZSBmdWxsIENXVCBpZiB0cmFuc3BvcnQgbGF5ZXIgY2Fubm90IGluZGljYXRl IHRoYXQgdGhpcyBpcyBhIENXVC4gSW4gdGhpcyBjYXNlIHlvdSB3b3VsZCB3YW50IGZpcnN0IHRo ZSBDT1NFIHRhZyBhbmQgdGhlbiB0aGUgQ1dUIHRhZyB0aGlzIGlzIGRlc2NyaWJlZCBpbiBzZWN0 aW9uIDYuIFdlIGFza2VkIENhcnN0ZW4gYWJvdXQgdGhpcyBiZWZvcmUgd2UgYWRkZWQgdGhlIHRl eHQgc28gaXQgc2hvdWxkIGJlIG9rYXkuDQpJbiBzZWN0aW9uIDcuMiBzdGVwIDYgYW5kIDcgQ1dU IENCT1IgdGFnIGlzIG5vdCBtZW50aW9uZWQgYXMgZmFyIGFzIEkgY2FuIHRlbGwuDQoNCltKTFNd ICBTbyBpZiBhbiBpbnRlcm1lZGlhcnkgYWRkcyBhIGxheWVyIG9mIHdyYXBwaW5nIChpLmUuIGVu Y3J5cHRzIGl0IHRvIHRoZSBlbmQgcG9pbnQpIGJ1dCB0aGUgb3JpZ2luYWwgZW50aXR5IHdobyBz aWduZWQgaXQgcHV0IHRoZSBDV1QgdGFnIG9uIGl0LCBpdCB3aWxsIGJlIGFuZCBpbnZhbGlkIENX VCBpZiB0aGUgdGFnIHdhcyBub3QgcmVtb3ZlZD8NCg0KDQpBcHBlbmRpeCBBLjMgLSBJIHdhcyB1 bmFibGUgdG8gcmVwcm9kdWNlIHRoZSBleGFtcGxlLiAgSSBhc3N1bWUgdGhhdCB0aGlzIG1lYW5z IHRoYXQgYSBkZXRlcm1pbmlzdGljIHNpZ25hdHVyZSBhbGdvcml0aG0gaXMgbm90IGJlaW5nIHVz ZWQuICBXaGlsZSBhIHZlcmlmaWVyIGNhbm5vdCB0ZWxsIGlmIG9uZSBpcyBiZWluZyB1c2VkLCB0 aGUgQ09TRSBkb2N1bWVudCBkb2VzIHN0cm9uZ2x5IHN1Z2dlc3QgdGhhdCBvbmUgYmUgdXNlZC4g IEFkZGl0aW9uYWxseSwgaXQgaGVscHMgaW4gdGVzdGluZyBpZiBvbmUgaXMgdXNlZCBzbyB0aGF0 IGEgc2lnbmF0dXJlIGNyZWF0b3IgY2FuIGJlIG1vcmUgZWFzaWx5IHRlc3RlZC4NCg0KQ29ycmVj dCBJIGhhdmUgbm90IHVzZWQgYSBkZXRlcm1pbmlzdGljIHNpZ25pbmcgYWxnb3JpdGhtLiBJIGhh dmUgdXNlZCBDT1NFLUpBVkEgdG8gY3JlYXRlIHRoZSBleGFtcGxlcywgaXMgaXQgcG9zc2libGUg dG8gY29uZmlndXJlIHRoYXQgaW1wbGVtZW50YXRpb24gdG8gZ2VuZXJhdGUgZGV0ZXJtaW5pc3Rp YyBFQ0RTQSBzaWduYXR1cmVzPw0KV2hlbiB3b3JraW5nIHdpdGggbXkgSlMgaW1wbGVtZW50YXRp b24gSSBoYXZlIG5vdGljZWQgdGhhdCBzdXBwb3J0IGZvciBkZXRlcm1pbmlzdGljIEVDRFNBIGlt cGxlbWVudGF0aW9ucyBhcmUgaGFyZCB0byBmaW5kLg0KDQpbSkxTXSBXaXRoIENPU0UtSkFWQSwg aWYgeW91IGFyZSB1c2luZyBhbnl0aGluZyByZW1vdGVseSByZWNlbnQgaXMgZGV0ZXJtaW5pc3Rp Yywgc28gdGhhdCBzaG91bGQgbm90IGJlIGEgcHJvYmxlbS4gIEkgcHV0IHRoaXMgY2hhbmdlIGlu dG8gdGhlIHNvdXJjZXMgYWJvdXQgOCBtb250aHMgYWdvLiAgVGhlIHByb2JsZW0gbWF5IGJlIHRo ZSBzYW1lIGlzc3VlIGFzIGZvciBBLjUgd2hlcmUgc29tZXRoaW5nIGlzIGRpZmZlcmVudCBpbiB0 aGUgZGF0YSB0byBiZSBzaWduZWQuDQoNCg0KDQpBcHBlbmRpeCBBLjUgLSBJIHdhcyB1bmFibGUg dG8gcmVwcm9kdWNlIHRoZSBleGFtcGxlLiAgU3BlY2lhbGx5IHRoZSB0YWcgdmFsdWUgZG9lcyBu b3QgbWF0Y2ggd2l0aCB0aGUgb25lIHRoYXQgSSBjb21wdXRlLg0KDQpUaGF0IGlzIGJhZC4gYnV0 IGFwYXJ0IGZyb20gdGhlIHRhZyBpdCBsb29rcyBnb29kPw0KDQpbSkxTXSBZZXMgYXBhcnQgZnJv bSB0aGUgdGFnIEkgbWF0Y2hlZCBldmVyeXRoaW5nIOKAkyBpbmNsdWRpbmcgdGhlIGVuY3J5cHRp b24uICBUaGlzIGJvdGhlcnMgbWUgaWYgeW91IGFyZSB1c2luZyB0aGUgQ09TRS1KQVZBIHRvIHBy b2R1Y2UgdGhlIGV4YW1wbGVzLiAgSSByb3V0aW5lbHkgcnVuIHJlZ3Jlc3Npb24gdGVzdHMgb24g Ym90aCBsYW5ndWFnZSBsaWJyYXJpZXMgc28gdGhleSBzaG91bGQgcHJvZHVjZSB0aGUgc2FtZSBv dXRwdXQgZ2l2ZW4gdGhlIHNhbWUgaW5wdXRzLiAgVGhpcyB0cmlnZ2VycyBpbiBteSBtaW5kIHRo YXQgeW91IG1pZ2h0IGhhdmUgZG9uZSBzb21ldGhpbmcgb2RkIHdpdGggdGhlIGV4dGVybmFsIGRh dGEgYW5kIHRodXMgd2UgYXJlIGdlbmVyYXRpbmcgZGlmZmVyZW50IHRhZ3MuICAgSXQgd291bGQg YmUgc29tZXRoaW5nIHRoYXQgaXMgYmVpbmcgZG9uZSBmb3Igc2lnbmluZyBhbmQgZm9yIGVuY3J5 cHRpb24gYnV0IG5vdCBtYWMuDQoNCg0KDQpNaW5vcjoNCg0KSW4gc2VjdGlvbiAyOiAgSXMgdGhl cmUgYSByZWFzb24gbm90IHRvIGRlZmluZSBDV1QgY2xhaW0gdmFsdWUgaW4gdGhpcyBzZWN0aW9u DQoNClNvcnJ5IEnCtG0gbm90IGZvbGxvd2luZywgY291bGQgeW91IHBsZWFzZSBleHBsYWluIGEg Yml0IG1vcmVgPw0KDQpbSkxTXSBZb3UgdGhvdWdodCBpdCB3YXMgcmVhc29uYWJsZSB0byBkZWZp bmUgYSDigJxDV1QgZW5jb2RlZCBjbGFpbSBrZXnigJ0gaW4gdGhlIHRlcm1zLiAgSSB3YXMganVz dCB0aGlua2luZyB0aGF0IGl0IHdvdWxkIGJlIHN5bW1ldHJpYyB0byBoYXZlIHRoZSB2YWx1ZXMg aGF2ZSBkZWZpbmVkIGhlcmUgYXQgdGhlIHNhbWUgdGltZS4NCg0KDQoNCi0tLS0tT3JpZ2luYWwg TWVzc2FnZS0tLS0tDQpGcm9tOiBBY2UgW21haWx0bzphY2UtYm91bmNlc0BpZXRmLm9yZzxtYWls dG86YWNlLWJvdW5jZXNAaWV0Zi5vcmc+XSBPbiBCZWhhbGYgT2YgaW50ZXJuZXQtZHJhZnRzQGll dGYub3JnPG1haWx0bzppbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmc+DQpTZW50OiBNb25kYXksIEp1 bmUgNSwgMjAxNyA2OjI3IFBNDQpUbzogaS1kLWFubm91bmNlQGlldGYub3JnPG1haWx0bzppLWQt YW5ub3VuY2VAaWV0Zi5vcmc+DQpDYzogYWNlQGlldGYub3JnPG1haWx0bzphY2VAaWV0Zi5vcmc+ DQpTdWJqZWN0OiBbQWNlXSBJLUQgQWN0aW9uOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tl bi0wNS50eHQNCg0KDQpBIE5ldyBJbnRlcm5ldC1EcmFmdCBpcyBhdmFpbGFibGUgZnJvbSB0aGUg b24tbGluZSBJbnRlcm5ldC1EcmFmdHMgZGlyZWN0b3JpZXMuDQpUaGlzIGRyYWZ0IGlzIGEgd29y ayBpdGVtIG9mIHRoZSBBdXRoZW50aWNhdGlvbiBhbmQgQXV0aG9yaXphdGlvbiBmb3IgQ29uc3Ry YWluZWQgRW52aXJvbm1lbnRzIG9mIHRoZSBJRVRGLg0KDQogICAgICAgIFRpdGxlICAgICAgICAg ICA6IENCT1IgV2ViIFRva2VuIChDV1QpDQogICAgICAgIEF1dGhvcnMgICAgICAgICA6IE1pY2hh ZWwgQi4gSm9uZXMNCiAgICAgICAgICAgICAgICAgICAgICAgICAgRXJpayBXYWhsc3Ryw7ZtDQog ICAgICAgICAgICAgICAgICAgICAgICAgIFNhbXVlbCBFcmR0bWFuDQogICAgICAgICAgICAgICAg ICAgICAgICAgIEhhbm5lcyBUc2Nob2ZlbmlnDQogICAgICAgIEZpbGVuYW1lICAgICAgICA6IGRy YWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1LnR4dA0KICAgICAgICBQYWdlcyAgICAgICAg ICAgOiAyMw0KICAgICAgICBEYXRlICAgICAgICAgICAgOiAyMDE3LTA2LTA1DQoNCkFic3RyYWN0 Og0KICAgQ0JPUiBXZWIgVG9rZW4gKENXVCkgaXMgYSBjb21wYWN0IG1lYW5zIG9mIHJlcHJlc2Vu dGluZyBjbGFpbXMgdG8gYmUNCiAgIHRyYW5zZmVycmVkIGJldHdlZW4gdHdvIHBhcnRpZXMuICBU aGUgY2xhaW1zIGluIGEgQ1dUIGFyZSBlbmNvZGVkIGluDQogICB0aGUgQ29uY2lzZSBCaW5hcnkg T2JqZWN0IFJlcHJlc2VudGF0aW9uIChDQk9SKSBhbmQgQ0JPUiBPYmplY3QNCiAgIFNpZ25pbmcg YW5kIEVuY3J5cHRpb24gKENPU0UpIGlzIHVzZWQgZm9yIGFkZGVkIGFwcGxpY2F0aW9uIGxheWVy DQogICBzZWN1cml0eSBwcm90ZWN0aW9uLiAgQSBjbGFpbSBpcyBhIHBpZWNlIG9mIGluZm9ybWF0 aW9uIGFzc2VydGVkDQogICBhYm91dCBhIHN1YmplY3QgYW5kIGlzIHJlcHJlc2VudGVkIGFzIGEg bmFtZS92YWx1ZSBwYWlyIGNvbnNpc3Rpbmcgb2YNCiAgIGEgY2xhaW0gbmFtZSBhbmQgYSBjbGFp bSB2YWx1ZS4gIENXVCBpcyBkZXJpdmVkIGZyb20gSlNPTiBXZWIgVG9rZW4NCiAgIChKV1QpLCBi dXQgdXNlcyBDQk9SIHJhdGhlciB0aGFuIEpTT04uDQoNCg0KVGhlIElFVEYgZGF0YXRyYWNrZXIg c3RhdHVzIHBhZ2UgZm9yIHRoaXMgZHJhZnQgaXM6DQpodHRwczovL2RhdGF0cmFja2VyLmlldGYu b3JnL2RvYy9kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi8NCg0KVGhlcmUgYXJlIGFsc28g aHRtbGl6ZWQgdmVyc2lvbnMgYXZhaWxhYmxlIGF0Og0KaHR0cHM6Ly90b29scy5pZXRmLm9yZy9o dG1sL2RyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1DQpodHRwczovL2RhdGF0cmFja2Vy LmlldGYub3JnL2RvYy9odG1sL2RyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1DQoNCkEg ZGlmZiBmcm9tIHRoZSBwcmV2aW91cyB2ZXJzaW9uIGlzIGF2YWlsYWJsZSBhdDoNCmh0dHBzOi8v d3d3LmlldGYub3JnL3JmY2RpZmY/dXJsMj1kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0w NQ0KDQoNClBsZWFzZSBub3RlIHRoYXQgaXQgbWF5IHRha2UgYSBjb3VwbGUgb2YgbWludXRlcyBm cm9tIHRoZSB0aW1lIG9mIHN1Ym1pc3Npb24gdW50aWwgdGhlIGh0bWxpemVkIHZlcnNpb24gYW5k IGRpZmYgYXJlIGF2YWlsYWJsZSBhdCB0b29scy5pZXRmLm9yZzxodHRwOi8vdG9vbHMuaWV0Zi5v cmc+Lg0KDQpJbnRlcm5ldC1EcmFmdHMgYXJlIGFsc28gYXZhaWxhYmxlIGJ5IGFub255bW91cyBG VFAgYXQ6DQpmdHA6Ly9mdHAuaWV0Zi5vcmcvaW50ZXJuZXQtZHJhZnRzLw0KDQpfX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KQWNlIG1haWxpbmcgbGlzdA0K QWNlQGlldGYub3JnPG1haWx0bzpBY2VAaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRmLm9yZy9t YWlsbWFuL2xpc3RpbmZvL2FjZQ0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fXw0KQWNlIG1haWxpbmcgbGlzdA0KQWNlQGlldGYub3JnPG1haWx0bzpBY2VA aWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FjZQ0KDQo= --_000_CY4PR21MB0504F93E54947F08A07C0D77F5D70CY4PR21MB0504namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy IDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWws IGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJ Zm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjt9DQph OmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xv cjpibHVlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1z b0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJw bGU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwLm1zb25vcm1hbDAsIGxpLm1zb25v cm1hbDAsIGRpdi5tc29ub3JtYWwwDQoJe21zby1zdHlsZS1uYW1lOm1zb25vcm1hbDsNCgltc28t bWFyZ2luLXRvcC1hbHQ6YXV0bzsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1zby1tYXJnaW4tYm90 dG9tLWFsdDphdXRvOw0KCW1hcmdpbi1sZWZ0OjBpbjsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZv bnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmO30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21z by1zdHlsZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlm Ow0KCWNvbG9yOndpbmRvd3RleHQ7fQ0Kc3Bhbi5FbWFpbFN0eWxlMjANCgl7bXNvLXN0eWxlLXR5 cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJ Y29sb3I6IzAwMjA2MDt9DQouTXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQt b25seTsNCglmb250LXNpemU6MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjgu NWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4waW4gMS4waW4gMS4waW47fQ0KZGl2LldvcmRT ZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQotLT48L3N0eWxlPjwhLS1baWYgZ3RlIG1z byA5XT48eG1sPg0KPG86c2hhcGVkZWZhdWx0cyB2OmV4dD0iZWRpdCIgc3BpZG1heD0iMTAyNiIg Lz4NCjwveG1sPjwhW2VuZGlmXS0tPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hhcGVs YXlvdXQgdjpleHQ9ImVkaXQiPg0KPG86aWRtYXAgdjpleHQ9ImVkaXQiIGRhdGE9IjEiIC8+DQo8 L286c2hhcGVsYXlvdXQ+PC94bWw+PCFbZW5kaWZdLS0+DQo8L2hlYWQ+DQo8Ym9keSBsYW5nPSJF Ti1VUyIgbGluaz0iYmx1ZSIgdmxpbms9InB1cnBsZSI+DQo8ZGl2IGNsYXNzPSJXb3JkU2VjdGlv bjEiPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMwMDIwNjAiPkhp IEppbS4mbmJzcDsgRHJhZnQgLTA3IG5vdyB1c2VzIGRldGVybWluaXN0aWMgc2lnbmluZyBhbGdv cml0aG1zLCB0aGFua3MgdG8gU2FtdWVsLiZuYnNwOyBDb3VsZCB5b3UgdGFrZSBhbm90aGVyIGNy YWNrIGF0IHJlcHJvZHVjaW5nIHRoZSBleGFtcGxlcz88bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2MCI+PG86cD4mbmJz cDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNv bG9yOiMwMDIwNjAiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyAtLSBN aWtlPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGEgbmFtZT0i X01haWxFbmRDb21wb3NlIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2MCI+PG86cD4mbmJzcDs8 L286cD48L3NwYW4+PC9hPjwvcD4NCjxzcGFuIHN0eWxlPSJtc28tYm9va21hcms6X01haWxFbmRD b21wb3NlIj48L3NwYW4+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLXRv cDpzb2xpZCAjRTFFMUUxIDEuMHB0O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4iPg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PGI+RnJvbTo8L2I+IEppbSBTY2hhYWQgW21haWx0bzppZXRmQGF1Z3Vz dGNlbGxhcnMuY29tXSA8YnI+DQo8Yj5TZW50OjwvYj4gVGh1cnNkYXksIEp1bmUgMjIsIDIwMTcg MzowOSBQTTxicj4NCjxiPlRvOjwvYj4gJ1NhbXVlbCBFcmR0bWFuJyAmbHQ7c2FtdWVsQGVyZHRt YW4uc2UmZ3Q7PGJyPg0KPGI+Q2M6PC9iPiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbkBp ZXRmLm9yZzsgJ2FjZScgJmx0O2FjZUBpZXRmLm9yZyZndDs8YnI+DQo8Yj5TdWJqZWN0OjwvYj4g UkU6IFtBY2VdIEktRCBBY3Rpb246IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1LnR4 dDxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxv OnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+U2VlIGJlbG93LjxvOnA+ PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj5KaW08bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+RnJvbTo8 L2I+IFNhbXVlbCBFcmR0bWFuIFs8YSBocmVmPSJtYWlsdG86c2FtdWVsQGVyZHRtYW4uc2UiPm1h aWx0bzpzYW11ZWxAZXJkdG1hbi5zZTwvYT5dDQo8YnI+DQo8Yj5TZW50OjwvYj4gVGh1cnNkYXks IEp1bmUgMjIsIDIwMTcgMTo0MCBBTTxicj4NCjxiPlRvOjwvYj4gSmltIFNjaGFhZCAmbHQ7PGEg aHJlZj0ibWFpbHRvOmlldGZAYXVndXN0Y2VsbGFycy5jb20iPmlldGZAYXVndXN0Y2VsbGFycy5j b208L2E+Jmd0Ozxicj4NCjxiPkNjOjwvYj4gPGEgaHJlZj0ibWFpbHRvOmRyYWZ0LWlldGYtYWNl LWNib3Itd2ViLXRva2VuQGlldGYub3JnIj5kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbkBp ZXRmLm9yZzwvYT47IGFjZSAmbHQ7PGEgaHJlZj0ibWFpbHRvOmFjZUBpZXRmLm9yZyI+YWNlQGll dGYub3JnPC9hPiZndDs8YnI+DQo8Yj5TdWJqZWN0OjwvYj4gUmU6IFtBY2VdIEktRCBBY3Rpb246 IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1LnR4dDxvOnA+PC9vOnA+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8ZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjEyLjBwdCI+VGhhbmtzIEpp bSEgPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlNlIGNvbW1l bnRzIGlubGluZTxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxv OnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPk9uIFN1biwg SnVuIDE4LCAyMDE3IGF0IDk6MjEgUE0sIEppbSBTY2hhYWQgJmx0OzxhIGhyZWY9Im1haWx0bzpp ZXRmQGF1Z3VzdGNlbGxhcnMuY29tIiB0YXJnZXQ9Il9ibGFuayI+aWV0ZkBhdWd1c3RjZWxsYXJz LmNvbTwvYT4mZ3Q7IHdyb3RlOjxvOnA+PC9vOnA+PC9wPg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJv cmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGlu IDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1yaWdo dDowaW47bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5Db21tZW50 cyBvbiB0aGlzIHZlcnNpb24gb2YgdGhlIGRyYWZ0Ljxicj4NCjxicj4NClNlY3Rpb24gNyAtIFN0 ZXAgNiAmYW1wOyA3IC0gSSBkbyBub3Qga25vdyBpZiBpdCBpcyBsZWdhbCB0byBoYXZlIGEgQ1dU IENCT1IgdGFnIGF0IHRoaXMgcG9pbnQ8bzpwPjwvbzpwPjwvcD4NCjwvYmxvY2txdW90ZT4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0K PGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjEyLjBwdCI+ SW4gc2VjdGlvbiA3LjEgc3RlcCA2IGRlc2NyaWJlcyBob3cgb25lIGNhbiBhZGQgdGhlIENXVCBD Qk9SIFRhZyB0byB0aGUgZnVsbCBDV1QgaWYgdHJhbnNwb3J0IGxheWVyIGNhbm5vdCBpbmRpY2F0 ZSB0aGF0IHRoaXMgaXMgYSBDV1QuIEluIHRoaXMgY2FzZSB5b3Ugd291bGQgd2FudCBmaXJzdCB0 aGUgQ09TRSB0YWcgYW5kIHRoZW4gdGhlIENXVCB0YWcgdGhpcw0KIGlzIGRlc2NyaWJlZCBpbiBz ZWN0aW9uIDYuIFdlIGFza2VkIENhcnN0ZW4gYWJvdXQgdGhpcyBiZWZvcmUgd2UgYWRkZWQgdGhl IHRleHQgc28gaXQgc2hvdWxkIGJlIG9rYXkuPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5JbiBzZWN0aW9uIDcuMiBzdGVwIDYgYW5kIDcgQ1dUIENC T1IgdGFnIGlzIG5vdCBtZW50aW9uZWQgYXMgZmFyIGFzIEkgY2FuIHRlbGwuPHNwYW4gc3R5bGU9 ImNvbG9yOiMwMDcwQzAiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5 bGU9ImNvbG9yOiMwMDcwQzAiPltKTFNdJm5ic3A7IFNvIGlmIGFuIGludGVybWVkaWFyeSBhZGRz IGEgbGF5ZXIgb2Ygd3JhcHBpbmcgKGkuZS4gZW5jcnlwdHMgaXQgdG8gdGhlIGVuZCBwb2ludCkg YnV0IHRoZSBvcmlnaW5hbCBlbnRpdHkgd2hvIHNpZ25lZCBpdCBwdXQgdGhlIENXVCB0YWcgb24g aXQsIGl0IHdpbGwgYmUgYW5kIGludmFsaWQgQ1dUIGlmIHRoZSB0YWcgd2FzIG5vdCByZW1vdmVk Pw0KPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJi b3JkZXI6bm9uZTtib3JkZXItbGVmdDpzb2xpZCAjQ0NDQ0NDIDEuMHB0O3BhZGRpbmc6MGluIDBp biAwaW4gNi4wcHQ7bWFyZ2luLWxlZnQ6NC44cHQ7bWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tcmln aHQ6MGluO21hcmdpbi1ib3R0b206NS4wcHQiPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGJyPg0K QXBwZW5kaXggQS4zIC0gSSB3YXMgdW5hYmxlIHRvIHJlcHJvZHVjZSB0aGUgZXhhbXBsZS4mbmJz cDsgSSBhc3N1bWUgdGhhdCB0aGlzIG1lYW5zIHRoYXQgYSBkZXRlcm1pbmlzdGljIHNpZ25hdHVy ZSBhbGdvcml0aG0gaXMgbm90IGJlaW5nIHVzZWQuJm5ic3A7IFdoaWxlIGEgdmVyaWZpZXIgY2Fu bm90IHRlbGwgaWYgb25lIGlzIGJlaW5nIHVzZWQsIHRoZSBDT1NFIGRvY3VtZW50IGRvZXMgc3Ry b25nbHkgc3VnZ2VzdCB0aGF0IG9uZSBiZSB1c2VkLiZuYnNwOyBBZGRpdGlvbmFsbHksDQogaXQg aGVscHMgaW4gdGVzdGluZyBpZiBvbmUgaXMgdXNlZCBzbyB0aGF0IGEgc2lnbmF0dXJlIGNyZWF0 b3IgY2FuIGJlIG1vcmUgZWFzaWx5IHRlc3RlZC48bzpwPjwvbzpwPjwvcD4NCjwvYmxvY2txdW90 ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwv ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkNvcnJlY3QgSSBoYXZlIG5vdCB1c2Vk IGEgZGV0ZXJtaW5pc3RpYyBzaWduaW5nIGFsZ29yaXRobS4gSSBoYXZlIHVzZWQgQ09TRS1KQVZB IHRvIGNyZWF0ZSB0aGUgZXhhbXBsZXMsIGlzIGl0IHBvc3NpYmxlIHRvIGNvbmZpZ3VyZSB0aGF0 IGltcGxlbWVudGF0aW9uIHRvIGdlbmVyYXRlIGRldGVybWluaXN0aWMgRUNEU0Egc2lnbmF0dXJl cz8NCjxicj4NCldoZW4gd29ya2luZyB3aXRoIG15IEpTIGltcGxlbWVudGF0aW9uIEkgaGF2ZSBu b3RpY2VkIHRoYXQgc3VwcG9ydCBmb3IgZGV0ZXJtaW5pc3RpYyBFQ0RTQSBpbXBsZW1lbnRhdGlv bnMgYXJlIGhhcmQgdG8gZmluZC48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9 ImNvbG9yOiMwMDcwQzAiPltKTFNdIFdpdGggQ09TRS1KQVZBLCBpZiB5b3UgYXJlIHVzaW5nIGFu eXRoaW5nIHJlbW90ZWx5IHJlY2VudCBpcyBkZXRlcm1pbmlzdGljLCBzbyB0aGF0IHNob3VsZCBu b3QgYmUgYSBwcm9ibGVtLiZuYnNwOyBJIHB1dCB0aGlzIGNoYW5nZSBpbnRvIHRoZSBzb3VyY2Vz IGFib3V0IDggbW9udGhzIGFnby4mbmJzcDsgVGhlIHByb2JsZW0gbWF5IGJlIHRoZSBzYW1lIGlz c3VlIGFzDQogZm9yIEEuNSB3aGVyZSBzb21ldGhpbmcgaXMgZGlmZmVyZW50IGluIHRoZSBkYXRh IHRvIGJlIHNpZ25lZC4mbmJzcDsgPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K PGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0Mg MS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4t dG9wOjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48YnI+DQpBcHBlbmRpeCBBLjUgLSBJIHdhcyB1bmFibGUgdG8gcmVwcm9k dWNlIHRoZSBleGFtcGxlLiZuYnNwOyBTcGVjaWFsbHkgdGhlIHRhZyB2YWx1ZSBkb2VzIG5vdCBt YXRjaCB3aXRoIHRoZSBvbmUgdGhhdCBJIGNvbXB1dGUuPG86cD48L286cD48L3A+DQo8L2Jsb2Nr cXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5UaGF0IGlzIGJhZC4gYnV0IGFw YXJ0IGZyb20gdGhlIHRhZyBpdCBsb29rcyBnb29kPzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iY29sb3I6IzAwNzBDMCI+W0pMU10gWWVzIGFwYXJ0IGZyb20gdGhlIHRhZyBJ IG1hdGNoZWQgZXZlcnl0aGluZyDigJMgaW5jbHVkaW5nIHRoZSBlbmNyeXB0aW9uLiZuYnNwOyBU aGlzIGJvdGhlcnMgbWUgaWYgeW91IGFyZSB1c2luZyB0aGUgQ09TRS1KQVZBIHRvIHByb2R1Y2Ug dGhlIGV4YW1wbGVzLiAmbmJzcDtJIHJvdXRpbmVseSBydW4gcmVncmVzc2lvbiB0ZXN0cyBvbiBi b3RoIGxhbmd1YWdlIGxpYnJhcmllcw0KIHNvIHRoZXkgc2hvdWxkIHByb2R1Y2UgdGhlIHNhbWUg b3V0cHV0IGdpdmVuIHRoZSBzYW1lIGlucHV0cy4gJm5ic3A7VGhpcyB0cmlnZ2VycyBpbiBteSBt aW5kIHRoYXQgeW91IG1pZ2h0IGhhdmUgZG9uZSBzb21ldGhpbmcgb2RkIHdpdGggdGhlIGV4dGVy bmFsIGRhdGEgYW5kIHRodXMgd2UgYXJlIGdlbmVyYXRpbmcgZGlmZmVyZW50IHRhZ3MuJm5ic3A7 ICZuYnNwO0l0IHdvdWxkIGJlIHNvbWV0aGluZyB0aGF0IGlzIGJlaW5nIGRvbmUgZm9yIHNpZ25p bmcgYW5kIGZvcg0KIGVuY3J5cHRpb24gYnV0IG5vdCBtYWMuPG86cD48L286cD48L3NwYW4+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Jm5ic3A7PG86cD48L286cD48 L3A+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItbGVmdDpz b2xpZCAjQ0NDQ0NDIDEuMHB0O3BhZGRpbmc6MGluIDBpbiAwaW4gNi4wcHQ7bWFyZ2luLWxlZnQ6 NC44cHQ7bWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tcmlnaHQ6MGluO21hcmdpbi1ib3R0b206NS4w cHQiPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDowaW47 bWFyZ2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjEyLjBwdDttYXJnaW4tbGVmdDozNC42NXB0 Ij4NCjxicj4NCjxicj4NCk1pbm9yOjxicj4NCjxicj4NCjxvOnA+PC9vOnA+PC9wPg0KPC9ibG9j a3F1b3RlPg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlk ICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0Ljhw dDttYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRvbTo1LjBwdCI+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5JbiBzZWN0aW9uIDI6Jm5ic3A7IElzIHRoZXJlIGEgcmVh c29uIG5vdCB0byBkZWZpbmUgQ1dUIGNsYWltIHZhbHVlIGluIHRoaXMgc2VjdGlvbjxvOnA+PC9v OnA+PC9wPg0KPC9ibG9ja3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+ Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+U29y cnkgScK0bSBub3QgZm9sbG93aW5nLCBjb3VsZCB5b3UgcGxlYXNlIGV4cGxhaW4gYSBiaXQgbW9y ZWA/DQo8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9v OnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMwMDcwQzAi PltKTFNdIFlvdSB0aG91Z2h0IGl0IHdhcyByZWFzb25hYmxlIHRvIGRlZmluZSBhIOKAnENXVCBl bmNvZGVkIGNsYWltIGtleeKAnSBpbiB0aGUgdGVybXMuJm5ic3A7IEkgd2FzIGp1c3QgdGhpbmtp bmcgdGhhdCBpdCB3b3VsZCBiZSBzeW1tZXRyaWMgdG8gaGF2ZSB0aGUgdmFsdWVzIGhhdmUgZGVm aW5lZCBoZXJlIGF0IHRoZSBzYW1lIHRpbWUuPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rp dj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwv ZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICND Q0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDtt YXJnaW4tdG9wOjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8 ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxicj4NCi0tLS0tT3JpZ2luYWwgTWVz c2FnZS0tLS0tPGJyPg0KRnJvbTogQWNlIFttYWlsdG86PGEgaHJlZj0ibWFpbHRvOmFjZS1ib3Vu Y2VzQGlldGYub3JnIj5hY2UtYm91bmNlc0BpZXRmLm9yZzwvYT5dIE9uIEJlaGFsZiBPZg0KPGEg aHJlZj0ibWFpbHRvOmludGVybmV0LWRyYWZ0c0BpZXRmLm9yZyI+aW50ZXJuZXQtZHJhZnRzQGll dGYub3JnPC9hPjxicj4NClNlbnQ6IE1vbmRheSwgSnVuZSA1LCAyMDE3IDY6MjcgUE08YnI+DQpU bzogPGEgaHJlZj0ibWFpbHRvOmktZC1hbm5vdW5jZUBpZXRmLm9yZyI+aS1kLWFubm91bmNlQGll dGYub3JnPC9hPjxicj4NCkNjOiA8YSBocmVmPSJtYWlsdG86YWNlQGlldGYub3JnIj5hY2VAaWV0 Zi5vcmc8L2E+PGJyPg0KU3ViamVjdDogW0FjZV0gSS1EIEFjdGlvbjogZHJhZnQtaWV0Zi1hY2Ut Y2Jvci13ZWItdG9rZW4tMDUudHh0PGJyPg0KPGJyPg0KPGJyPg0KQSBOZXcgSW50ZXJuZXQtRHJh ZnQgaXMgYXZhaWxhYmxlIGZyb20gdGhlIG9uLWxpbmUgSW50ZXJuZXQtRHJhZnRzIGRpcmVjdG9y aWVzLjxicj4NClRoaXMgZHJhZnQgaXMgYSB3b3JrIGl0ZW0gb2YgdGhlIEF1dGhlbnRpY2F0aW9u IGFuZCBBdXRob3JpemF0aW9uIGZvciBDb25zdHJhaW5lZCBFbnZpcm9ubWVudHMgb2YgdGhlIElF VEYuPGJyPg0KPGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IFRpdGxlJm5ic3A7ICZu YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDs6IENCT1IgV2ViIFRva2VuIChDV1QpPGJy Pg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IEF1dGhvcnMmbmJzcDsgJm5ic3A7ICZuYnNw OyAmbmJzcDsgJm5ic3A7OiBNaWNoYWVsIEIuIEpvbmVzPGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJz cDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNw OyAmbmJzcDsgJm5ic3A7IEVyaWsgV2FobHN0csO2bTxicj4NCiZuYnNwOyAmbmJzcDsgJm5ic3A7 ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsg Jm5ic3A7ICZuYnNwOyBTYW11ZWwgRXJkdG1hbjxicj4NCiZuYnNwOyAmbmJzcDsgJm5ic3A7ICZu YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5i c3A7ICZuYnNwOyBIYW5uZXMgVHNjaG9mZW5pZzxicj4NCiZuYnNwOyAmbmJzcDsgJm5ic3A7ICZu YnNwOyBGaWxlbmFtZSZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyA6IGRyYWZ0LWlldGYtYWNl LWNib3Itd2ViLXRva2VuLTA1LnR4dDxicj4NCiZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyBQ YWdlcyZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7OiAyMzxicj4NCiZu YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyBEYXRlJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7 ICZuYnNwOyAmbmJzcDsgOiAyMDE3LTA2LTA1PGJyPg0KPGJyPg0KQWJzdHJhY3Q6PGJyPg0KJm5i c3A7ICZuYnNwO0NCT1IgV2ViIFRva2VuIChDV1QpIGlzIGEgY29tcGFjdCBtZWFucyBvZiByZXBy ZXNlbnRpbmcgY2xhaW1zIHRvIGJlPGJyPg0KJm5ic3A7ICZuYnNwO3RyYW5zZmVycmVkIGJldHdl ZW4gdHdvIHBhcnRpZXMuJm5ic3A7IFRoZSBjbGFpbXMgaW4gYSBDV1QgYXJlIGVuY29kZWQgaW48 YnI+DQombmJzcDsgJm5ic3A7dGhlIENvbmNpc2UgQmluYXJ5IE9iamVjdCBSZXByZXNlbnRhdGlv biAoQ0JPUikgYW5kIENCT1IgT2JqZWN0PGJyPg0KJm5ic3A7ICZuYnNwO1NpZ25pbmcgYW5kIEVu Y3J5cHRpb24gKENPU0UpIGlzIHVzZWQgZm9yIGFkZGVkIGFwcGxpY2F0aW9uIGxheWVyPGJyPg0K Jm5ic3A7ICZuYnNwO3NlY3VyaXR5IHByb3RlY3Rpb24uJm5ic3A7IEEgY2xhaW0gaXMgYSBwaWVj ZSBvZiBpbmZvcm1hdGlvbiBhc3NlcnRlZDxicj4NCiZuYnNwOyAmbmJzcDthYm91dCBhIHN1Ympl Y3QgYW5kIGlzIHJlcHJlc2VudGVkIGFzIGEgbmFtZS92YWx1ZSBwYWlyIGNvbnNpc3Rpbmcgb2Y8 YnI+DQombmJzcDsgJm5ic3A7YSBjbGFpbSBuYW1lIGFuZCBhIGNsYWltIHZhbHVlLiZuYnNwOyBD V1QgaXMgZGVyaXZlZCBmcm9tIEpTT04gV2ViIFRva2VuPGJyPg0KJm5ic3A7ICZuYnNwOyhKV1Qp LCBidXQgdXNlcyBDQk9SIHJhdGhlciB0aGFuIEpTT04uPGJyPg0KPGJyPg0KPGJyPg0KVGhlIElF VEYgZGF0YXRyYWNrZXIgc3RhdHVzIHBhZ2UgZm9yIHRoaXMgZHJhZnQgaXM6PGJyPg0KPGEgaHJl Zj0iaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtaWV0Zi1hY2UtY2Jvci13 ZWItdG9rZW4vIiB0YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9k b2MvZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4vPC9hPjxicj4NCjxicj4NClRoZXJlIGFy ZSBhbHNvIGh0bWxpemVkIHZlcnNpb25zIGF2YWlsYWJsZSBhdDo8YnI+DQo8YSBocmVmPSJodHRw czovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDUi IHRhcmdldD0iX2JsYW5rIj5odHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtaWV0Zi1h Y2UtY2Jvci13ZWItdG9rZW4tMDU8L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tl ci5pZXRmLm9yZy9kb2MvaHRtbC9kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0wNSIgdGFy Z2V0PSJfYmxhbmsiPmh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2h0bWwvZHJhZnQt aWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDU8L2E+PGJyPg0KPGJyPg0KQSBkaWZmIGZyb20gdGhl IHByZXZpb3VzIHZlcnNpb24gaXMgYXZhaWxhYmxlIGF0Ojxicj4NCjxhIGhyZWY9Imh0dHBzOi8v d3d3LmlldGYub3JnL3JmY2RpZmY/dXJsMj1kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0w NSIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3LmlldGYub3JnL3JmY2RpZmY/dXJsMj1kcmFm dC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0wNTwvYT48YnI+DQo8YnI+DQo8YnI+DQpQbGVhc2Ug bm90ZSB0aGF0IGl0IG1heSB0YWtlIGEgY291cGxlIG9mIG1pbnV0ZXMgZnJvbSB0aGUgdGltZSBv ZiBzdWJtaXNzaW9uIHVudGlsIHRoZSBodG1saXplZCB2ZXJzaW9uIGFuZCBkaWZmIGFyZSBhdmFp bGFibGUgYXQNCjxhIGhyZWY9Imh0dHA6Ly90b29scy5pZXRmLm9yZyIgdGFyZ2V0PSJfYmxhbmsi PnRvb2xzLmlldGYub3JnPC9hPi48YnI+DQo8YnI+DQpJbnRlcm5ldC1EcmFmdHMgYXJlIGFsc28g YXZhaWxhYmxlIGJ5IGFub255bW91cyBGVFAgYXQ6PGJyPg0KPGEgaHJlZj0iZnRwOi8vZnRwLmll dGYub3JnL2ludGVybmV0LWRyYWZ0cy8iIHRhcmdldD0iX2JsYW5rIj5mdHA6Ly9mdHAuaWV0Zi5v cmcvaW50ZXJuZXQtZHJhZnRzLzwvYT48YnI+DQo8YnI+DQpfX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fXzxicj4NCkFjZSBtYWlsaW5nIGxpc3Q8YnI+DQo8YSBo cmVmPSJtYWlsdG86QWNlQGlldGYub3JnIj5BY2VAaWV0Zi5vcmc8L2E+PGJyPg0KPGEgaHJlZj0i aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9hY2UiIHRhcmdldD0iX2JsYW5r Ij5odHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FjZTwvYT48YnI+DQo8YnI+ DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXzxicj4NCkFj ZSBtYWlsaW5nIGxpc3Q8YnI+DQo8YSBocmVmPSJtYWlsdG86QWNlQGlldGYub3JnIj5BY2VAaWV0 Zi5vcmc8L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0 aW5mby9hY2UiIHRhcmdldD0iX2JsYW5rIj5odHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xp c3RpbmZvL2FjZTwvYT48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVv dGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0K PC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_CY4PR21MB0504F93E54947F08A07C0D77F5D70CY4PR21MB0504namp_-- From nobody Thu Jul 6 05:35:27 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C568213146E; Thu, 6 Jul 2017 05:35:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qodh_Zn2gNaH; Thu, 6 Jul 2017 05:35:23 -0700 (PDT) Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B29F127735; Thu, 6 Jul 2017 05:35:23 -0700 (PDT) X-AuditID: c1b4fb2d-bcf0a9c000005faa-05-595e2e8861c1 Received: from ESESSHC008.ericsson.se (Unknown_Domain [153.88.183.42]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 11.03.24490.88E2E595; Thu, 6 Jul 2017 14:35:20 +0200 (CEST) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (153.88.183.145) by oa.msg.ericsson.com (153.88.183.42) with Microsoft SMTP Server (TLS) id 14.3.352.0; Thu, 6 Jul 2017 14:35:11 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.onmicrosoft.com; s=selector1-ericsson-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=yh7KkV/fEuOu5qLsK/McuX+lyOjEcgTqeQ4HFvYMk3o=; b=Zy8vBZwHs+PK+FovzI9OOvEEETJ6MNFFGX6GQp5gXtV3jitLEtsFGtj5qSY0RyWtzT4KhJLq1BwcLHNViOp8HHB+y+8z8Upmu6bctWA+ds3WXVzsZHobbOEzjNd738zDqXCPU9QPBOofyILksfntI084SzXf14Nojz2MhtXvr0c= Received: from DB6PR0701MB2535.eurprd07.prod.outlook.com (10.168.76.23) by DB6PR0701MB2933.eurprd07.prod.outlook.com (10.168.84.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1240.6; Thu, 6 Jul 2017 12:35:10 +0000 Received: from DB6PR0701MB2535.eurprd07.prod.outlook.com ([fe80::ced:ebf2:17cc:8e7a]) by DB6PR0701MB2535.eurprd07.prod.outlook.com ([fe80::ced:ebf2:17cc:8e7a%17]) with mapi id 15.01.1240.013; Thu, 6 Jul 2017 12:35:10 +0000 From: Francesca Palombini To: Dan Harkins , "draft-selander-ace-cose-ecdhe.all@ietf.org" CC: "ace@ietf.org" Thread-Topic: [Ace] review of ace-cose-ecdhe Thread-Index: AQHS8e7BOdQlzvT9SEu/iXxmxcFdu6JGw5uA Date: Thu, 6 Jul 2017 12:35:09 +0000 Message-ID: References: <81bbd539-7389-af94-7c95-7b6226619632@lounge.org> In-Reply-To: <81bbd539-7389-af94-7c95-7b6226619632@lounge.org> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: lounge.org; dkim=none (message not signed) header.d=none;lounge.org; dmarc=none action=none header.from=ericsson.com; x-originating-ip: [192.176.1.86] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DB6PR0701MB2933; 7:uEGAsF2y9+dHNoarZs0Ob8pDN9JPC/nbZMXlXEJJV822f5uxHUrzbkO9PSrVqb1YRpk5R2mn+0fzaOysZ0XlnZOFC1xhbnjessLI+g+1Bi7rkR1CJE9SlIGbXfs/1SKHVp7E5PfYNbRXAlZvPcmDlAy03BF7v2pmUi5E3T7ZeGh8x+jrvNGWFFRPz2Z9iW+rSv4StDfaOhFJ6Kk1zT3bvsdYzuzS9DOQupbotJ/V66WMSEV+nyZYKNMbZk91dtngjpCMsa2p1ewvlaQQLrf1ESlp9j1B2VKLIyAxLIb1+fUDQJkRwrMF3i25PY44pI75j7WvRLMANn+4ox44JN5vsEKXPLjMALhXWQnlD7A4LWo6eN0mk2HI+v/eLZuKIEv5ou0WWBT5io/Cet97eMU0kIsRHMt9Cghij7AQFPluEpQO0IZPMTrPXZwJFuzR3fLq3jysqeeYWGm9S1NC4uLI12JXWPUkQDIYwUrVAiQ48f8TKS/yO7rSz0aKHuZVKwLVYVr15jSMoz4yBDGsnWt+NbjtfbNO6bXznAEo/vrFjgLDLfGsjymw/WtbFnBC6YxtJOzt3x/7y4POnBgXxggxVYqcDO9IW3isNznw51ZmXRnw6w4T2I/TPwpdsjLRL2+luw2unbr3IQqe5WMCR74OlECYk6++gYVZxDf4lKTFtqVF+mSPEWAIKF4R6OvlxLzpZZUzmbTAEdUlYXrj/kbWYoEYfCTSdrCcm0kG6Ifu5clEaDcDXgiNF0K7o5MngbrPZMpUgpHOGn+yC7Kf2ztbylZCPnKT99R8+Fc8XMjcVzA= x-ms-office365-filtering-correlation-id: 85cf14ef-d235-4c5b-2ab8-08d4c46b70fc x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DB6PR0701MB2933; x-ms-traffictypediagnostic: DB6PR0701MB2933: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(133145235818549)(236129657087228)(192374486261705)(48057245064654)(209349559609743)(247924648384137); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(6041248)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123564025)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DB6PR0701MB2933; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DB6PR0701MB2933; x-forefront-prvs: 03607C04F0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39840400002)(39850400002)(39400400002)(39410400002)(39450400003)(39860400002)(50986999)(76176999)(33656002)(9686003)(53546010)(14454004)(189998001)(6306002)(5660300001)(66066001)(966005)(53936002)(4326008)(229853002)(6246003)(2950100002)(478600001)(55016002)(7736002)(99286003)(38730400002)(86362001)(230783001)(3280700002)(6506006)(7696004)(25786009)(8676002)(74316002)(2900100001)(8936002)(3846002)(6116002)(102836003)(54356999)(6436002)(3660700001)(305945005)(81166006)(2501003)(2906002)(5250100002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0701MB2933; H:DB6PR0701MB2535.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2017 12:35:10.0049 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB2933 X-OriginatorOrg: ericsson.com X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupnleLIzCtJLcpLzFFi42KZGbFdS7dDLy7SoHWChcX3bz3MFkv/fWGx WP1zNYsDs8eSJT+ZPJ7tfskSwBTFZZOSmpNZllqkb5fAldG9chdbwU65il+3b7A3MLaKdzFy ckgImEjcefGKpYuRi0NI4AijxNp7/YwQznFGiTtnZ4BlWAR6mSWeTDvNBJGZxiQx/flEVgjn CaNEz745LCDD2ARsJC48fA+WEBFoYZS4uG8zI0iCWUBRYt2cPiYQW1hAW+LLjl9gtoiAjsTX BU9ZIWwjicYpa5hBbBYBFYnv96+A2bwCCRJ7T78Bs4UEbCW+7jrEBmJzCthJbJrTAtbLKCAr 8aVxNTPELnGJW0/mM0F8JyCxZM95ZghbVOLl439Q9f2MEhuXm0DEFSTu/5oMVSMrcWl+NzgA JAQesUk8WNfHDpHwlZiybAI7ROIyk8Sflb9YIBI6Ej8PHIXali+xcelkNogioA3Hpz5kgXCO sUo8vPEEapSMxNyNv6BGrWaVOPn+FfsERu1ZSG6HsHUkFuz+xAZha0ssW/iaeRY4PAQlTs58 wrKAkWUVo2hxanFxbrqRsV5qUWZycXF+nl5easkmRmAyObjlt+4OxtWvHQ8xCnAwKvHwyinG RQqxJpYVV+YeYpTgYFYS4d0qCRTiTUmsrEotyo8vKs1JLT7EKM3BoiTO67DvQoSQQHpiSWp2 ampBahFMlomDU6qB0dZmxZVtT5hYnK2FtrrcuHriYHriob8lcx9H+rzL+Se8dvtCt6OSbwvN 9bWst9+3UfyVurtxzrQ9AurMyc+ebrc86b/QzVojrM55yu0pv/NbPOR2nP2WVrkjvkI+Tdb3 e+CinQUtiYsX3jta0dry8WnL/Ecpd+xM023DS4oz9t0/8eBwe+xcXSWW4oxEQy3mouJEAPnw GKEiAwAA Archived-At: Subject: Re: [Ace] review of ace-cose-ecdhe X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jul 2017 12:35:26 -0000 Hi Dan, Thank you so much for a very useful review and for your support! Most of your comments have been incorporated in v-07. We'll come back for a= discussion on the rest. Thanks, Francesca > -----Original Message----- > From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Dan Harkins > Sent: den 1 juli 2017 00:17 > To: draft-selander-ace-cose-ecdhe.all@ietf.org > Cc: ace@ietf.org > Subject: [Ace] review of ace-cose-ecdhe >=20 >=20 > Hello, >=20 > I reviewed the latest version of this draft from > https://ericssonresearch.githum.io/EDHOC. I hope it's not too late to get > these in before the cut-off, if too late then please consider them as > comments on -07. My comments are as follows: >=20 > -- Technical >=20 > o Consider the ability to use a deterministic AEAD >=20 > The definition of Enc() in section 2 makes it look deterministic > but the mandatory algorithm (CCM) is not. I know that cose doesn't > define how to use SIV (RFC 5297) but perhaps this draft should. > I hope you don't consider this as a mere request for a vanity cipher= . > SIV does not need additional randomness, counters, or tweaks. It > is, in that sense, misuse resistant and ideal for use in a key > management protocol like EDHOC because it removes the possibility > of a security critical error being accidentally performed. >=20 > If you choose to accept this comment you'll need to not just add > SIV to your IANA Considerations, you'll need to make reference in > section 3.2 the fact that an IV is not needed for deterministic > AEAD algorithms. >=20 > A related comment, in section 3 it says "The application data may > e.g. be protected using the negotiated AEAD algorithm". The "e.g" > is superfluous but what if one desires to not do that, how is the > cipher for the application data negotiated with EDHOC? >=20 > o Use compact representation per RFC 6090 >=20 > The draft says, in section 3.1, that for EC2 curves to use point > compression. There is contention regarding IP on point compression. > (draft-ietf-cose-msg says in 13.1.1, this "encoding has not been > recommended in the IETF due to potential IPR issues.")Better to > specify the use of "compact representation" and "compact output" per > RFC 6090. Since this draft is just doing ECDH there is no need for > any indication of which y-coordinate should be used, it doesn't > matter if it's y or -y. And it saves a whole byte! :-) >=20 > o Validate received points when doing EC2 curves >=20 > When using EC2 curves, the ephemeral keys in the first two messages > need to be validated as points on the curve. If you use "compact > representation" per RFC 6090 then it's a matter of checking whether > there is a solution to the curve definition for the given x. If you > choose not to use "compact representation" per RFC 6090 then you'll > need to make sure that received points (once uncompressed) are valid > points on the curve. >=20 > This needs reference among the other verification checks in 4.2.3 an= d > 4.3.3 (for asymmetric EDHOC), and 5.2.3 and 5.3.3 (for symmetric EDH= OC) > which result in an error message if they fail. >=20 > -- Editorial >=20 > o Section 2, seconded bulleted paragraph, it is "full-fledged" with a = "d". >=20 > o In 4.3.3 last paragraph, Party U should send the error message back, > right? Not Party V. >=20 > This is a very well-written draft and I am happy to see SIGMA being ap= plied > to every layer of the stack. >=20 > regards, >=20 > Dan. >=20 >=20 > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace From nobody Thu Jul 6 05:37:58 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A8CC12EB43; Thu, 6 Jul 2017 05:37:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MRbs8qh_9VT8; Thu, 6 Jul 2017 05:37:55 -0700 (PDT) Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E139127735; Thu, 6 Jul 2017 05:37:54 -0700 (PDT) X-AuditID: c1b4fb3a-803ff70000001b2f-91-595e2f205d79 Received: from ESESSHC014.ericsson.se (Unknown_Domain [153.88.183.60]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id B8.02.06959.02F2E595; Thu, 6 Jul 2017 14:37:52 +0200 (CEST) Received: from EUR02-HE1-obe.outbound.protection.outlook.com (153.88.183.145) by oa.msg.ericsson.com (153.88.183.60) with Microsoft SMTP Server (TLS) id 14.3.352.0; Thu, 6 Jul 2017 14:37:52 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.onmicrosoft.com; s=selector1-ericsson-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=oW5rRGlWcUvhyAcbo5sjwtvlHnrDkwzW6E2ATaxoBbw=; b=jnpkm8f4h1Ua2Xinz6V7c3phj3yxDc50NVp6b7qsVRMl/rKTfkYtvuF0yJ344gzQvvQO9tHwpI9+IAbjXFiQo2woUpd9/xFdfILFDomADvsDZNdSCPhmgNIQ7haD0607S+6lOPrKwgBobYlBDJMoYSXkNOChmNc7MVuNjNRsKV0= Received: from DB6PR0701MB2535.eurprd07.prod.outlook.com (10.168.76.23) by DB6PR0701MB2694.eurprd07.prod.outlook.com (10.169.215.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.4; Thu, 6 Jul 2017 12:37:50 +0000 Received: from DB6PR0701MB2535.eurprd07.prod.outlook.com ([fe80::ced:ebf2:17cc:8e7a]) by DB6PR0701MB2535.eurprd07.prod.outlook.com ([fe80::ced:ebf2:17cc:8e7a%17]) with mapi id 15.01.1240.013; Thu, 6 Jul 2017 12:37:50 +0000 From: Francesca Palombini To: "\"IETF Secretariat\"" , "ace-chairs@ietf.org" , "kepeng.lkp@alibaba-inc.com" CC: "Kathleen.Moriarty.ietf@gmail.com" , "ace@ietf.org" Thread-Topic: [Ace] ace - Requested session has been scheduled for IETF 99 Thread-Index: AQHS7H8TYkPpcb1nGEmJnv9UaFV1MaJGz8tQ Date: Thu, 6 Jul 2017 12:37:50 +0000 Message-ID: References: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> In-Reply-To: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com; x-originating-ip: [192.176.1.86] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DB6PR0701MB2694; 7:ARuMOfzlLMxQxAy0x0jrp0j+oZcyuLYxOAi92NEHiBzcn46sc8Fpbt2SoPEXfwyjhc4lvlP45K4lk0QJyGld1jHDU/ZFeo/BqLPbsl1IdFsMFtV3l67jSOtaO8l9dh/05D7603FeqC3k1Z7nBQV8L1Q1T3EYDbD1ar/lZTyPVdLdusP+TMemb3Zbx85t/95NWnHPJb1Eq5xzc+H6Ue+OarFf9+Ktj+9WUl+mx5MtvvZ0am84hj/hpyl8C5wReELMcAgJyUhzbPnnQhEUrKd41gs/nK6xD966ZA/bt+pRvtdIWhfjvyYdJWzgEe1067zFPZOJmsnJmldeoCTLSh+YeZFp+b4owzOFhJ6Oc+WXbzfXtzhK0Iz/+eO4Ju5uyalZrzAWboiAPRQsJv3h9S8OUzNVnpOJAs5IAUhMiYkkVh5mA2BT9bEJsy+oOMJCiZVNbV2krG6dOWaiu+mJH+zp/s41OeI9lDyjTr8qkiihVyMw44eL/nVEjDqDTqUxP9QI6sQXoquxTPw1fzeLzthdEhMHm/22suajFeLnCIfYaz4VHATaB9+ERw8e6EaXHYBB+hRiy1tq9f+dZM0SOvGKMZAjSigDncim1neO4VyP5lDF5RF/Td6U0/1MBnkr2CMb0Vyi/4JiPZmWducOBrpW+TG4zGdmJxXB2sZ6lU+4JgHh27XdtkL7Ubt4Ps8QCEGPqY9OnHLGBqHHl6yNgvq0px99bjGuckvVJKKP6jfmefLgrGy7CsZo1Lst7lgzOykNeW4o9fpDh1bvowA710ykuYSZdJPgLncxAIzul7nTq4E= x-ms-office365-filtering-correlation-id: f7ec4d54-cda5-4833-da27-08d4c46bd0aa x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DB6PR0701MB2694; x-ms-traffictypediagnostic: DB6PR0701MB2694: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(236129657087228)(192374486261705)(92977632026198); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(5005006)(8121501046)(3002001)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(6041248)(20161123562025)(20161123564025)(20161123558100)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DB6PR0701MB2694; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DB6PR0701MB2694; x-forefront-prvs: 03607C04F0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39860400002)(39840400002)(39850400002)(39400400002)(39410400002)(39450400003)(13464003)(229853002)(33656002)(99286003)(74316002)(55016002)(54356999)(50986999)(76176999)(54906002)(14454004)(6436002)(2201001)(478600001)(6306002)(966005)(3660700001)(86362001)(53936002)(6116002)(102836003)(9686003)(3846002)(2906002)(305945005)(81166006)(8936002)(8676002)(38730400002)(39060400002)(7736002)(3280700002)(6246003)(5660300001)(7696004)(2900100001)(2950100002)(53546010)(6506006)(4326008)(2501003)(189998001)(66066001)(5250100002)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0701MB2694; H:DB6PR0701MB2535.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2017 12:37:50.4923 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB2694 X-OriginatorOrg: ericsson.com X-Brightmail-Tracker: H4sIAAAAAAAAA02SbUhTURjHObt38242OU3NJ0uRIRS+Z30YKmIfIguM6JNGmUMv05zT7lVJ rViOIHyBXix1oTORSkPQtFSU0iWalM63TE1TcylivjRMcTPJ3bugb7/n//9xzsPhUISsVOhJ pWgyaUajVMtFErI8tiUi0Cc4Pi5k/k244vG0TajY2iwiFNbVCwptW7pixMBECaPvr/wio9v0 007RNTXbgvPERUlEEq1OyaaZ4MgESbJ1vEiQ0Sm9XmQdIrSoyLkAURTgE7A8zRYgCSXD3QjW BrQkP/Qi+LY5zA0kLiagun3a0ZQJIL/QJuQHM4KWXfNeI6ZEOAIG59a4wg2XIWhY1RH2gsBX YXytkZNc8Rko+VorsrMbPgtzM9VOPIfCUsk655DYF+p7BziW4gSwjLRxjgzHgH6oBdlZjM/B psUisDPCXrBx+6XjLg+YNBu4HDCGmg4TwbM7LM3vcsshXIhgvXLMIfnAjPWhQ/KCYUMhskuA v4vg80wlyT9TDBg7wnlnRAB/3h/l4wD4tHGAj9OhSa8V8nwJZs09Av6YHiGU1Hc7isNQ0Wh1 4otZITwoXhTdQ/76/xbnOQCq2i0inv3h2dNlQs89xn7oKzeTVYisQ+4szbJpqtDQIJpJSWTZ dE2Qhs58hfa+S1ezLawVdS2eNCJMIfk+qZM8Pk4mVGazOWlGBBQhd5O+PrgXSZOUObk0k36F yVLTrBEdoki5hzTq7WCsDKuUmXQqTWfQzL9WQIk9tSiRrNDpUk//jlXddP5Ykewc0Snzffe8 0mXlSKDpVlPuhPfwZP6d/p2suu1QP9rm061kt7trt1Lrf5qm9HnHB14YDDpB1N28cheb+MY1 b8vaqdGsGfPlJzsLrvIMlXphyqX0i3fYj/7ZyMaW1uaUxXjmw6gxpM/XNtEwtmFqfTQuJ9lk 5TE/gmGVfwHF0hmRKgMAAA== Archived-At: Subject: Re: [Ace] ace - Requested session has been scheduled for IETF 99 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jul 2017 12:37:57 -0000 Hi Ace, chairs, I would like to request 5-10 minutes to present the updates on the Ace OSCO= AP profile: https://tools.ietf.org/html/draft-seitz-ace-oscoap-profile=20 Thanks, Francesca > -----Original Message----- > From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of "IETF Secretariat" > Sent: den 24 juni 2017 02:07 > To: ace-chairs@ietf.org; kepeng.lkp@alibaba-inc.com > Cc: Kathleen.Moriarty.ietf@gmail.com; ace@ietf.org > Subject: [Ace] ace - Requested session has been scheduled for IETF 99 >=20 > Dear Kepeng Li, >=20 > The session(s) that you have requested have been scheduled. > Below is the scheduled session information followed by the original reque= st. >=20 > ace Session 1 (2:30:00) > Monday, Morning Session I 0930-1200 > Room Name: Congress Hall I size: 250 > --------------------------------------------- >=20 >=20 >=20 > Request Information: >=20 >=20 > --------------------------------------------------------- > Working Group Name: Authentication and Authorization for Constrained > Environments Area Name: Security Area Session Requester: Kepeng Li >=20 > Number of Sessions: 1 > Length of Session(s): 2.5 Hours > Number of Attendees: 100 > Conflicts to Avoid: > First Priority: core oauth saag lwig tokbind tls >=20 >=20 >=20 >=20 > People who must be present: > Kathleen Moriarty > Hannes Tschofenig > Kepeng Li >=20 > Resources Requested: >=20 > Special Requests: > Avoid entire SEC areas. Please avoid a session on Friday! > --------------------------------------------------------- >=20 > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace From nobody Thu Jul 6 06:21:44 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A575E12ECC0; Thu, 6 Jul 2017 06:21:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zt3ALZrhEyXJ; Thu, 6 Jul 2017 06:21:41 -0700 (PDT) Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18B13131752; Thu, 6 Jul 2017 06:21:40 -0700 (PDT) X-AuditID: c1b4fb3a-81bff70000001b2f-0a-595e39625f09 Received: from ESESSHC002.ericsson.se (Unknown_Domain [153.88.183.24]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 25.9C.06959.2693E595; Thu, 6 Jul 2017 15:21:39 +0200 (CEST) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (153.88.183.145) by oa.msg.ericsson.com (153.88.183.24) with Microsoft SMTP Server (TLS) id 14.3.352.0; Thu, 6 Jul 2017 15:21:38 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.onmicrosoft.com; s=selector1-ericsson-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=MOPwFxbVP6MkylvgTmE9+Z1lrksGQvf8LO79FBTnzUY=; b=D3CbhWrHwCUywMl88b3DMgfNJJzONmQal4d72uTXd/2kpEJLf8yak/FSPU9uBT5eZ2gT/XZlgrAVzx2XJ8jT4o8aGaul//rNTANDYWdr+QqrZDDr28ydrB2v4D9eCoh9dqYZndSNSrji6nJ47fhI7lxLnCQlR5YG8QznTLfJB0U= Received: from DB6PR0701MB2535.eurprd07.prod.outlook.com (10.168.76.23) by DB6PR0701MB2470.eurprd07.prod.outlook.com (10.168.75.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1240.6; Thu, 6 Jul 2017 13:21:37 +0000 Received: from DB6PR0701MB2535.eurprd07.prod.outlook.com ([fe80::ced:ebf2:17cc:8e7a]) by DB6PR0701MB2535.eurprd07.prod.outlook.com ([fe80::ced:ebf2:17cc:8e7a%17]) with mapi id 15.01.1240.013; Thu, 6 Jul 2017 13:21:37 +0000 From: Francesca Palombini To: "ace-chairs@ietf.org" CC: "ace@ietf.org" Thread-Topic: [Ace] ace - Requested session has been scheduled for IETF 99 Thread-Index: AQHS7H8TYkPpcb1nGEmJnv9UaFV1MaJG3ASA Date: Thu, 6 Jul 2017 13:21:37 +0000 Message-ID: References: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> In-Reply-To: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com; x-originating-ip: [192.176.1.86] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DB6PR0701MB2470; 7:IU4nRBqwoSI1H127H0ZrfKxs14dBd+sMpGXwghlPKpAi7HDjjCL7Z6CFWZA032WaeCdwCzEf+dgldTTTErrfSw973LoIqZrgXpsTIesvVoCtPB/vA6cPb78tmvpaBBkdlLVRZXdzCHAMZ10VhBCConSZAGqK6DVOV7Tt41V+qy0jTOM3JfucsBCX+I6oR6wVSeRCRMXyak8udl4a9rcAcpbI51Aqqoi93V+qFGwu1s/MCLtVYCYjmS6Q+2BXStU2To5KX8+iOfo9Ghjcsnx+JmGdh9VfnP3ZsBxOwghjQH46EL2ap76EV8wnFm6ca7O5hv0mnSufla4t/de7MPcsEP9aell93nJPdluRS7tdk1SNDQOp0QVdTHRdnlfBHLO8xjj8weIOmqxfBh9h8kNT8vNpoy9faUdUjtESzqkwAj7SRZAMSZrHbEYhbLtl8OINuWQUKQ8CJHJOG/FLHRrUOZYlkF2Ry0k6iYIbbpARzBrIVLB32w8+Sh5vvTu1YXJng/Q6DOTEJfzLb5+HopUhFW9hNDXCXvbduYPdOnKqLGoC9TUfM2HNS2lHN8Mg6mCPgLZEx3TABUKWSnUJRlrd3DthOAFIXBgSAc7uSOxgEkfa1Fau2t5LxOxXZFkxf4ogRck5T2CtbbV/auGfoDLe7QRetvGucj+h1FthXPppDOP/3GQgOnCESJhLYcv93U8bX8At0+RA83mNipTbhYWFnKbNBPLw2lC2jb2zuoU0Ppr+E1kDzLiUFiCyrTX2kGayVbuLWZLxhXjflI/+WgpYo3AsKZNEDcCObqCCxyaPl/g= x-ms-office365-filtering-correlation-id: 679ec986-4684-4bf8-d835-08d4c471ee6b x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DB6PR0701MB2470; x-ms-traffictypediagnostic: DB6PR0701MB2470: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(236129657087228)(192374486261705)(92977632026198); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(5005006)(8121501046)(3002001)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123564025)(20161123560025)(20161123562025)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DB6PR0701MB2470; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DB6PR0701MB2470; x-forefront-prvs: 03607C04F0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39860400002)(39450400003)(39840400002)(39400400002)(39410400002)(39850400002)(54356999)(76176999)(38730400002)(110136004)(8936002)(50986999)(66066001)(14454004)(53936002)(229853002)(6246003)(2906002)(2501003)(74316002)(5250100002)(3660700001)(3280700002)(7696004)(6506006)(33656002)(5660300001)(55016002)(99286003)(5640700003)(53546010)(6306002)(9686003)(86362001)(81166006)(305945005)(7736002)(8676002)(6436002)(2900100001)(102836003)(3846002)(6116002)(189998001)(6916009)(2950100002)(25786009)(4326008)(450100002)(2351001)(478600001)(966005); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0701MB2470; H:DB6PR0701MB2535.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2017 13:21:37.4274 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB2470 X-OriginatorOrg: ericsson.com X-Brightmail-Tracker: H4sIAAAAAAAAA02SXUiTURjHOe/XXpeD41L3pBm6ogs1tdWFiYSBhQWG1I1G6Za+qKWb7TU/ utJWEJopFdWWTjNLXGlamS11NQtXJmhmIpaaNhIpLEYunRW5vQu6+z3n/zvPec7hsKRURwex uepCTqtW5ckZMaVP7YItmTvS02KsVnHslckVOvan8zyZQCQ1NS0TKeiQOD6Ly8st4rTRO5Xi nHaTjSqwSEqWboWWoXNrKpAPC3g7NFa3iiqQmJXiFwjMn8u9hQ3B2BMn4S4oXEWCvm2EEpJr BHQO6BihsCOo6DST7mYMjofhmW+0m/1xNNh6Wgg3kzgM2moveHgt3guX37cwgrMPZqYbRQIr oMNyxsMU3gSnG2o9LMFKMPfrPSzFyWB404Xc7IP3g9Ph8PREOAR+lN8hhbNkMGGvJ4TLYWjq GSIFDoD5T39o99AIVyL4bhzzSqEw7brklUJgpL4SuSXAswz0XhzySsnQbdDRQvCWAKtR5w0i V6VmJLAGHM+bRQIfho/2fkLY0E9D3ZzNK62Hug6XSAhGaVicbGBqUIThv9kFjoSGbgcjcATc vvGFNHjeww9e6e1UA6JMKIDneD4/W6GI4rS5mTyvUUepucL7aPVrWB+uxD1G1rldfQizSO4r EcnT06S0qogvze9DwJJyf0nnutUlSZaq9BSn1WRoT+ZxfB8KZim5TJJgGU6V4mxVIXec4wo4 7b+UYH2CylCGa4rujdNQS4nq0HvWqAVzUh2zO0aGjx4jLG3TXw8ua4InGpU2f+OR1yiw2ZeN DB+4qiyeLTVt1owbb/5STnGDgSbdgQ139TGi+HnTUyZMEeg3/uDdnvZn21yPJNXllHFYW3O9 dVCWIi458XJq8fcH59mhjdkLoqrRxLiCYjnF56i2hpNaXvUXNQwp1RYDAAA= Archived-At: Subject: Re: [Ace] ace - Requested session has been scheduled for IETF 99 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jul 2017 13:21:43 -0000 Hi again, I would also like to request a 10 minutes slot for EDHOC: https://tools.iet= f.org/html/draft-selander-ace-cose-ecdhe-07=20 John will be the slot leader. Thanks, Francesca > -----Original Message----- > From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of "IETF Secretariat" > Sent: den 24 juni 2017 02:07 > To: ace-chairs@ietf.org; kepeng.lkp@alibaba-inc.com > Cc: Kathleen.Moriarty.ietf@gmail.com; ace@ietf.org > Subject: [Ace] ace - Requested session has been scheduled for IETF 99 >=20 > Dear Kepeng Li, >=20 > The session(s) that you have requested have been scheduled. > Below is the scheduled session information followed by the original reque= st. >=20 > ace Session 1 (2:30:00) > Monday, Morning Session I 0930-1200 > Room Name: Congress Hall I size: 250 > --------------------------------------------- >=20 >=20 >=20 > Request Information: >=20 >=20 > --------------------------------------------------------- > Working Group Name: Authentication and Authorization for Constrained > Environments Area Name: Security Area Session Requester: Kepeng Li >=20 > Number of Sessions: 1 > Length of Session(s): 2.5 Hours > Number of Attendees: 100 > Conflicts to Avoid: > First Priority: core oauth saag lwig tokbind tls >=20 >=20 >=20 >=20 > People who must be present: > Kathleen Moriarty > Hannes Tschofenig > Kepeng Li >=20 > Resources Requested: >=20 > Special Requests: > Avoid entire SEC areas. Please avoid a session on Friday! > --------------------------------------------------------- >=20 > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace From nobody Thu Jul 6 15:16:05 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B297131570; Thu, 6 Jul 2017 15:16:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.022 X-Spam-Level: X-Spam-Status: No, score=-2.022 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ccCnh2kA_OKR; Thu, 6 Jul 2017 15:16:00 -0700 (PDT) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0110.outbound.protection.outlook.com [104.47.36.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B69B124217; Thu, 6 Jul 2017 15:16:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=7RohJuhnDlVlTY5srJmjxUyp6k1/ExoFXrN/aInxLCY=; b=o+ORKdrPFGOo7CEZ6mBmMWQsD65gbETI7ikxM/GszWi7Sbi1fpBDcwD2/Q5l09lMOcvOjJF4NUJ1u7jZf+HZTFPEbW2TZzt64pO00GET1UmrizIXTchBfqtDFaqUmomVrzyRm4OSexpXi/bOjmjhhhfpjokydb9ctxDnrUK1UJY= Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0694.namprd21.prod.outlook.com (10.175.121.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.3; Thu, 6 Jul 2017 22:15:58 +0000 Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.1261.003; Thu, 6 Jul 2017 22:15:58 +0000 From: Mike Jones To: "ace-chairs@ietf.org" , "kepeng.lkp@alibaba-inc.com" CC: "ace@ietf.org" Thread-Topic: [Ace] ace - Requested session has been scheduled for IETF 99 Thread-Index: AQHS7H8AqaNf2M5NaUq4zDQuX7oyiaJHcPTw Date: Thu, 6 Jul 2017 22:15:58 +0000 Message-ID: References: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> In-Reply-To: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Ref=https://api.informationprotection.azure.com/api/72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=mbj@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2017-07-06T15:15:57.1335473-07:00; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [2001:4898:80e8:d::36] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0694; 7:VRZF7VkX4Yxmz7d9v/w0bGtCqutExTaLbWZTz5Xzh/AYj/NzGztlXURUpr5gVwfXEV/NM2w16Lei3qSPbnS1szmGSRvYLZoBbmTlznV7ElUCGDMvJUYG1wz5XukwdYFmTQ9Oagg8uJwB8jQ0K+SMrA4HukxPHxjcFg7If5xSpU3/AvpVmhDGO5ZuBxYwYW2OLLttvJec9rjkjw439wxm7DqPAcqOtGXYfm3Y27sjuaY/cMTuJNK9koFrF1pC7B8awJy51cDeKs8yoqRUlvb8PUGlYfvkKU9Wp0wxcCFCHrmBPUTXzF0wXy6kh5amWnrYYBxXbAakl8j6rF08RSbAujLPFucotarUWiS0TKkVlloXAh0WR29r1gR5yRlo37jbMS/Shc4toCmJCShxz4K9wvfJE0DZJ1FdHwzR2PnV2i59yIZIM1bmYxjyoaW5WarA94saAcPTYcpvpZIZdEiCUQn22pTIgzQrwVwbH1c63c/upIuu+UTDLdcz0nD+VKvQqPAdGslKMzqqJ/CMzRHl5n0GYPvGyBhFqPF+FbPHr39fsJlZNU9ggNKSOrbHEv65yFZT/0Z0S8jRq6RUWyMWvgrcc0Dfv6+TAS70ZNJAqr5cNBl5h//+zSuuBma+HLjSb9m+wRS1LS7pQepYK+RrIERCwEuhAdH8IZVaQzj5Wxd12StKKcwnoQw7mxfJHJKNqn23aq6jJSy2i99GWcPWH7l0J8XRvoSZtaHe+Ymq2t13TvIyG5pw1L5kqBerPsinQGBTfG1HzNjf50X+dOqYPCvorMR1ZzRr58JVYcwGEEP59+bNO0T0ElXtt3EfJNEo x-ms-office365-filtering-correlation-id: 47ffccf0-60a8-4aee-56a6-08d4c4bc943f x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:CY4PR21MB0694; x-ms-traffictypediagnostic: CY4PR21MB0694: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(236129657087228)(192374486261705)(92977632026198); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(5005006)(2017060910053)(8121501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123560025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123555025)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0694; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0694; x-forefront-prvs: 03607C04F0 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(39410400002)(39400400002)(39850400002)(39840400002)(39450400003)(13464003)(377454003)(8676002)(76176999)(50986999)(5005710100001)(8990500004)(2950100002)(229853002)(5660300001)(14454004)(10290500003)(966005)(53546010)(2900100001)(38730400002)(478600001)(2501003)(9686003)(33656002)(74316002)(77096006)(3660700001)(4326008)(53936002)(6436002)(86362001)(2906002)(6306002)(25786009)(54356999)(7736002)(8936002)(10090500001)(72206003)(7696004)(102836003)(3280700002)(55016002)(6506006)(6116002)(81166006)(189998001)(99286003)(305945005); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0694; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2017 22:15:58.5256 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0694 Archived-At: Subject: Re: [Ace] ace - Requested session has been scheduled for IETF 99 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jul 2017 22:16:03 -0000 I'd like to request these ACE agenda slots in Prague: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) - draft-jones= -ace-cwt-proof-of-possession - Michael B. Jones - 15 minutes CBOR Web Token (CWT) - draft-ietf-ace-cbor-web-token - Michael B. Jones - = 5 minutes Thanks, -- Mike -----Original Message----- From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of "IETF Secretariat" Sent: Friday, June 23, 2017 5:07 PM To: ace-chairs@ietf.org; kepeng.lkp@alibaba-inc.com Cc: Kathleen.Moriarty.ietf@gmail.com; ace@ietf.org Subject: [Ace] ace - Requested session has been scheduled for IETF 99 Dear Kepeng Li, The session(s) that you have requested have been scheduled. Below is the scheduled session information followed by the original request= .=20 ace Session 1 (2:30:00) Monday, Morning Session I 0930-1200 Room Name: Congress Hall I size: 250 --------------------------------------------- =20 Request Information: --------------------------------------------------------- Working Group Name: Authentication and Authorization for Constrained Enviro= nments Area Name: Security Area Session Requester: Kepeng Li Number of Sessions: 1 Length of Session(s): 2.5 Hours Number of Attendees: 100 Conflicts to Avoid:=20 First Priority: core oauth saag lwig tokbind tls People who must be present: Kathleen Moriarty Hannes Tschofenig Kepeng Li Resources Requested: Special Requests: Avoid entire SEC areas. Please avoid a session on Friday! --------------------------------------------------------- _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace From nobody Mon Jul 10 03:40:26 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3585A13168F; Mon, 10 Jul 2017 03:40:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O8iYNHh-8saO; Mon, 10 Jul 2017 03:40:22 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 641CD129AA0; Mon, 10 Jul 2017 03:40:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v6AAeJO7017602; Mon, 10 Jul 2017 12:40:19 +0200 (CEST) Received: from aung.tzi.org (unknown [IPv6:2001:638:708:30da:29ea:648d:7bdd:ab24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3x5hYv4kyVz3b8Y; Mon, 10 Jul 2017 12:40:19 +0200 (CEST) From: Olaf Bergmann To: , ace@ietf.org References: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> Date: Mon, 10 Jul 2017 12:40:19 +0200 In-Reply-To: <149826283451.7840.16596904868417453077.idtracker@ietfa.amsl.com> (IETF Secretariat's message of "Fri, 23 Jun 2017 17:07:14 -0700") Message-ID: <87a84c7ey4.fsf@aung.informatik.uni-bremen.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ace] ace - Requested session has been scheduled for IETF 99 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jul 2017 10:40:24 -0000 Dear Chairs, I would like to request 10 minutes during the ACE session to give an update of draft-ietf-ace-dtls-authorize-01. The objective is to get WG feedback on the way forward. Gr=C3=BC=C3=9Fe Olaf From nobody Wed Jul 12 18:19:07 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3369131606 for ; Wed, 12 Jul 2017 18:19:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wPsW20KVUTTV for ; Wed, 12 Jul 2017 18:19:04 -0700 (PDT) Received: from out0-211.mail.aliyun.com (out0-211.mail.aliyun.com [140.205.0.211]) by ietfa.amsl.com (Postfix) with ESMTP id B6720120726 for ; Wed, 12 Jul 2017 18:19:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1499908741; h=Date:Subject:From:To:Message-ID:Mime-version:Content-type; bh=S/QJzKhw+gihO/ZSHMTk+Yl9C31nrWGJRawSN0c6/IQ=; b=V0PTOx+Y2DBAO2rBrxcp2+OAYlPG3ZXJQc38SdHqGYi6JtnXB3Gm244vm0GbVS4cc/ti68k5Yg7x9p5qmFRUj4x69/IFyhcVeQf6DctaI989G+uBGml3vLrEnT2BoeWcSQAWnks1Cfph6xEw2SJcB7EGJONzjAHJ/4vpQX/lNW0= X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R121e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e02c03293; MF=kepeng.lkp@alibaba-inc.com; NM=1; PH=DS; RN=1; SR=0; TI=SMTPD_---.8Oy000V_1499908733; Received: from 30.27.110.14(mailfrom:kepeng.lkp@alibaba-inc.com ip:106.11.34.19) by smtp.aliyun-inc.com(127.0.0.1); Thu, 13 Jul 2017 09:18:58 +0800 User-Agent: Microsoft-MacOutlook/14.6.8.160830 Date: Thu, 13 Jul 2017 09:18:52 +0800 From: "Kepeng Li" To: Message-ID: Thread-Topic: ACE agenda for IETF 99 meeting Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3582782338_18787418" Archived-At: Subject: [Ace] ACE agenda for IETF 99 meeting X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Jul 2017 01:19:06 -0000 > ´ËÓʼþʹÓà MIME ¸ñʽ¡£ÓÉÓÚÓʼþÔĶÁ³ÌÐò²»ÄÜʶ±ð ´Ë¸ñʽ£¬Òò´Ë£¬¿ÉÄÜÎÞ·¨Ê¶±ð¸ÃÓʼþµÄ·Ö²¿»ò²¿·ÖÄÚÈÝ¡£ --B_3582782338_18787418 Content-type: text/plain; charset="GB2312" Content-transfer-encoding: 7bit Hello all, Please find the initial ACE agenda for our IETF 99 meeting: https://datatracker.ietf.org/meeting/99/agenda/ace/ Please let us know whether your are OK with the agenda or there are further changes/additions. Also for the presenters, please send your slides to Hannes and me ASAP. Our meeting is on Monday mornong (17th July). Thanks, Kind Regards Hannes & Kepeng --B_3582782338_18787418 Content-type: text/html; charset="GB2312" Content-transfer-encoding: quoted-printable
Hello all,

Please find the= initial ACE agenda for our IETF 99 meeting:
https://datatracker.i= etf.org/meeting/99/agenda/ace/

Please let us know w= hether your are OK with the agenda or there are further changes/additions.

Also for the presenters, please send your slides to = Hannes and me ASAP. Our meeting is on Monday mornong (17th July).
=
Thanks,

Kind Regards
Hanne= s & Kepeng 
--B_3582782338_18787418-- From nobody Sat Jul 15 00:55:52 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF330131B45; Sat, 15 Jul 2017 00:55:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.002 X-Spam-Level: X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27YALJChYLJK; Sat, 15 Jul 2017 00:55:12 -0700 (PDT) Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBB4F131B25; Sat, 15 Jul 2017 00:55:08 -0700 (PDT) Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Language: en-us DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1500105292; h=from:subject:to:date:message-id; bh=DRQYcECPJnB6iUk7l8FcUr+WzTBn569EuWFRLg057Mk=; b=ccYxkbJ7VfvVzr3WymK6x7CUJzXn7AMcQPZ+RtZnqNdt75a/vCyxOf9bhFRAJuJ68tlhVpjDlLE m5G638W+3rdLt1VVfrNiO4QUoU84ktng1uVyKUKBUqppPIsCtS8jao/mHz1e13w50/O2m/ddnI7xl ImJyk9flfxWycYKojLx8ZFRo8TS4bi/ELCTNySehxkTD3RiBlSspv5VWsSQcUHcF4Df0Nu9SQ5SAV CwZo/tRpIIaTWAsx9boAlKjvDMgnQYEU3oS8AjFLAlz+elMtOq1kSWwyI8DgbTdR/mJy66z5e0Vd0 KYwEoiaID4N7JoqLizF8gOYOtH3VgQcZKncQ== Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Sat, 15 Jul 2017 00:54:51 -0700 Received: from Hebrews (62.168.35.125) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Sat, 15 Jul 2017 00:54:48 -0700 From: Jim Schaad To: CC: Date: Sat, 15 Jul 2017 09:54:58 +0200 Message-ID: <00d901d2fd3f$aad6b350$008419f0$@augustcellars.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AdL9LxXr1bJ5PXfnSsmpMC6VIv7+UQ== X-Originating-IP: [62.168.35.125] Archived-At: Subject: [Ace] Review - draft-seitz-ace-oscoap-profile-03 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Jul 2017 07:55:14 -0000 Here are some comments on the draft. 1. Please change the title. It would be more appropriate to say that you are "OSCOAP profile of the Authentication and Authorization for Constrained Environments Framework". ( I will also be asking for a rename of that document to add framework to highlight it is a structure not the final document). 2. Expand ACE in the abstract. Lookup on the RFC Editor page if you need to expand OAuth as well. 3. I think that you need to distinguish between a returned key used for oscoap vs oscoap+edhoc so that the server can deal with the new key in a correct manner. (This links to a request for the profile to be in the CWT for the framework.) 4. In section 2.2.1 - this is not really a POP key, it is a shared secret and not even a symmetric key. 5. In section 2.2.1 - Is there a reason not to re-use kid for sid? 6. In Section 2.2.1 - I would change the text relating to how ids are defined. What is here is not really what we are looking for in this case as smaller ids are much nicer esp if the AS can ensure uniqueness based on some knowledge. 7. In Section 2.2.1 - Need to have some text some place to declare what to do for collisions of the rid value. 8. In Section 2.2.1 - Does it make more sense to say "client" and "server" id instead. 9. In Section 2.2.2 - This is incorrectly section numbered 10. In section 2.2.2 - Again the symmetric key is not a POP key. 11. In section 2.2.2 - for asymmetric case need to the rs_cnf parameter. <<< I need to double check this >>> 12. In section 2.2.2 - In the CWT, the specific asymmetric key used by the server in the event it has multiple 13. In section 2.2.2 - Need to make a statement about the expires_in field. Is this the expires for the original secret or for the EDHOC derived key. 14. In section 2.2.2 - I am not sure that I am thrilled by the idea of running the EDHOC protocol on the authz-info resource point. 15. In section 2.2.2 - Is there a reason for not supporting multiple edhoc negotiations w/ the same secret - it seemed to be an original mode that was supported. Jim From nobody Sun Jul 16 12:33:29 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CC5F126CD6 for ; Sun, 16 Jul 2017 12:33:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.121 X-Spam-Level: X-Spam-Status: No, score=-2.121 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g2AEXGB39sHe for ; Sun, 16 Jul 2017 12:33:25 -0700 (PDT) Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B6551250B8 for ; Sun, 16 Jul 2017 12:33:24 -0700 (PDT) Received: from [192.168.91.199] ([31.133.155.205]) by mail.gmx.com (mrgmx002 [212.227.17.190]) with ESMTPSA (Nemesis) id 0MbgWb-1dG7Dd15DJ-00J5Gx; Sun, 16 Jul 2017 21:33:16 +0200 To: "Ace@ietf.org" Cc: Kepeng Li , Hannes Tschofenig From: Hannes Tschofenig Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9 Message-ID: Date: Sun, 16 Jul 2017 21:33:14 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:SFqSw2DuaJqbapWNpXFsRTdye5B98nEQp5atBUD/TaYlBxrKeY2 uxr4cWTqZDje7ulfAPWkVGmxgofKwImyFW4ldcaqhudgUlMIBft41GXg4EoFojvWaDtVheG PY3TG/MUu0eAbt9wln5jRokxtyzCkc83yy0Yd8Qvt7q4KaSV6UFcWCLSbDta7Zh7GzIe27o aGyW9fySVF1Cpp6XX2hlQ== X-UI-Out-Filterresults: notjunk:1;V01:K0:GQF66aPdgRc=:30foPmZpoOSZNDYhl72G/f 1Icq32r/R7XN6r93Tu4YXwRDNuKz0whsvomTP/iGTYJcp6K2JNAYioK1UI5AGy5jzjX+LAMiP 8jSebAsZyFfdmv4tC0UJSPzvwA9DUIfqb3JKlrCUIZlnFdwnuyhMwWaFH1E9bx9rO18iwQlxT twm9ZGLJ9GO1gXTQ2XzpnQsNmLWJ2CA8AkLMyg70qqFPRG/+sJ/QMv1V9DArRbYG0y7e0YD2U H8bwJ74BrMWCfXJiXhwfFKD400E2Tp7rUNovt5QJVRSlUmu3+12qD24v6vfEbML/1VLLYojkB UihrPxbOjooK2OqsLGq9+mNgU7iDRXQnWne29rezdOu2f30ZfvNitgEt05pq6wqwebo8NqfQz ZTcFqA+ZRpJzR3psvVJ47PtE0Tkq+ATUUhfAPf3BzDyTmafnUm052vqlq9s7GnHrtmsylZt4P +VBKZHdvOiPB+t5RT+LJTQ6CzzUH36XKqlD9UnD1a5IOUelYq8/h12BlQm2QOmIjkNABahYsv V13y41aWXsmqFwGU0Tz40fzPw60mXv8FYIDbR0uRgZ26uimBN8+W9STAldwK/7v3nBYoA844I USZIrN4BdMsGcGlfE4zvWdIzFsdudkH0qJQsi53XyY7zHvldb2b5lyLAVWyQyARDzkzajXvEI NZAmi1ZXfLBxz8zFIFgwqu2lGzFnPK2+iaYwRz7qEzXpjgraOR3iMlA1q6F8jA377294+pJ7b HqY2GN6kuh/1u0EQn3F7GWCSEiGxrXzl7D6kzGHFrY9rWa4FX5ynBzHNX89X2Gt+nWus09XU2 mWKztqvP1bhrmalkmKrhqLF5skQnciOij7dLpaoJCzF3yEkTmw= Archived-At: Subject: [Ace] Slides for ACE WG Meeting -- Reminder X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Jul 2017 19:33:27 -0000 Please send your slides for tomorrow to Kepeng. We are still missing slide decks! Ciao Hannes From nobody Mon Jul 17 00:55:34 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4C9B131798 for ; Mon, 17 Jul 2017 00:55:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sf1KDaQyTM_6 for ; Mon, 17 Jul 2017 00:55:31 -0700 (PDT) Received: from mail-pf0-x235.google.com (mail-pf0-x235.google.com [IPv6:2607:f8b0:400e:c00::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A62A131794 for ; Mon, 17 Jul 2017 00:55:31 -0700 (PDT) Received: by mail-pf0-x235.google.com with SMTP id e26so4789642pfd.0 for ; Mon, 17 Jul 2017 00:55:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=CIBXGh/r4zqK8NOvm/dsKFje2XfGPTYLe6A4J+07UeU=; b=uGlLkOvEIDu/urY0K4VlY8sonYw6oeDfFNv787xd+wINu/IUx08D2q/UKHJ407lUGI LzpSDiXGKIXjud+0xW0eNGPI7ic3U5iwZepIPGVFu/b8mhohlbTT2FY+KrAJ0Qv6WDr8 peQF4yWp34UJ9CsMNMvejfMtcsQ5PYhJO8NTns9GakxHHRJgXvml9pfmmeOi0kriFfT6 J2T7HqQ4J4gKZVUFLSMdG+KGN+INT5/4mtygpPHov4/zoxySaTQB3/qOSBhJ2TU4lREQ lemshG5DpFi2OOLzTvUK66HfA4XpcRjtMfbq9xLGfL3I0uszNyniETZ0x4h5dKDB8nZq 8pKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=CIBXGh/r4zqK8NOvm/dsKFje2XfGPTYLe6A4J+07UeU=; b=WF1WDejRLZpdPmKsS8GjZSFiYwpnMoHG/AVELP5mVoDow5BK+s1OEv7QfM88YJgizD KAoidBuCvCr4OeFqtnxaU2YO0d7ETBUNWZP45Jl6OVtCCsAFOA4GtVlaorBSCXndkG29 LgHzapp13rMjE1krWUv0UBTHf2y/y38RL9E3Hsj/ERi45O0b9JvbLVoyijJ8m4RO/BjS BrBUAsqu3nZw3pgBYVQGhJOWF7eSDGiIQsMlbK4cWRALkOoaM0K0pC37eIbQkGNU4L1E bYGabVVPpqx0HCuJsrg5o2b6WFFxOiCStY0BsA9WuBTgcsuigNKDzov5Z7AGMJYWTiZO /P4A== X-Gm-Message-State: AIVw113Ez6Mh1mGkxz+522ooGXxMHiQrNkT1rd32iREH2yp7v0I6bs9u HN9mLlziveNGsffu0EgROsPD6BmqlVt7 X-Received: by 10.98.135.140 with SMTP id i134mr17511137pfe.237.1500278130744; Mon, 17 Jul 2017 00:55:30 -0700 (PDT) MIME-Version: 1.0 From: Michael StJohns Date: Mon, 17 Jul 2017 07:55:20 +0000 Message-ID: To: "ace@ietf.org" Content-Type: multipart/alternative; boundary="94eb2c04529c0c2df505547eb991" Archived-At: Subject: [Ace] Charter boundaries? X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2017 07:55:33 -0000 --94eb2c04529c0c2df505547eb991 Content-Type: text/plain; charset="UTF-8" As I'm sitting in the ACE wig session in Prague I'm struck by the number of extra-charter documents being reviewed or proposed or in progress. Some (most?) of these are the specific profiles for given protocols for ace auth, but reading all of the documents as a whole I get a sense of creeping featurism or charter creep. It may be reasonable to do a quick charter respin now or soon to scope the remainder of the work and just how many auth profiles will be worked through this group so the group can actual conclude at some point. In conjunction with the respin, we need to add and update milestones for accepted work. Mike --94eb2c04529c0c2df505547eb991 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
As I'm sitting in the ACE wig session in Prague I'= ;m struck by the number of extra-charter documents being reviewed or propos= ed or in progress.=C2=A0 Some (most?) of these are the specific profiles fo= r given protocols for ace auth, but reading all of the documents as a whole= I get a sense of creeping featurism or charter creep. =C2=A0

It may be reasonable to do a quick ch= arter respin now or soon to scope the remainder of the work and just how ma= ny auth profiles will be worked through this group so the group can actual = conclude at some point. =C2=A0 In conjunction with the respin, we need to a= dd and update milestones for accepted work. =C2=A0=C2=A0

Mike
--94eb2c04529c0c2df505547eb991-- From nobody Mon Jul 17 03:08:01 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07ED712EB99 for ; Mon, 17 Jul 2017 03:08:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4yy9Ui0QnyIh for ; Mon, 17 Jul 2017 03:07:59 -0700 (PDT) Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0091.outbound.protection.outlook.com [104.47.34.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6355A12714F for ; Mon, 17 Jul 2017 03:07:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=7zfhUuCEpgULhRvn21A/U+IwqRF1KB14/qsiX8GxzoY=; b=GCi/OdMDLT40zD1kHUO3fL6YCJ5NCI007C6zJ9fRYEQ7vYB57oxnK70cvTIM/tde7USUzh0IBly3t1jpB/ECvp8OC6kNfTqXGqAIjGmODZb6og8blzM9bfhwBcsP7z2mMNWGbvseJYPivC5wzWb+Gd2zJhYhlJfeVgd/lrsUf90= Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0183.namprd21.prod.outlook.com (10.173.193.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.1; Mon, 17 Jul 2017 10:07:57 +0000 Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.1282.008; Mon, 17 Jul 2017 10:07:57 +0000 From: Mike Jones To: "ace@ietf.org" Thread-Topic: Related work for draft-erdtman-ace-rpcc Thread-Index: AdL+4/Xq77sdXS/uSJCb9Hhpddn5zA== Date: Mon, 17 Jul 2017 10:07:57 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [31.133.131.162] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0183; 7:nTr4sBahvRV0fvBPHvtM7a38rCVb11U6nVUI+gMzbUU3hPCBd6dxaAAE9JiFKQ0hdIbYIJ7UZj0ibUcSPVYpPPDxnzd5r8y2USGFAGJl7gqbhTGqORexea4NB4BpdZaEko9irvpsLGBsxL502/d9RVGsSt8xYKSHzwzPnQ1f1Ab6usHoyhvQXNDVvuVQVWRCRDEiuhQIfEx9qGw+KAkBLe2vshulZ3Qf7Tgdps7yxDn/iPKlJ6RdpBdxCeOthIqxBCr6Zsmvp1liuAFawT3XmfFdM4UMGuyx+B7kClKNDoni9XuzWKyuwQ4IpYIyBE9xhJ6xUWH14unX0fAdKdIl09nFEi1ACznixHVOJQYSygzJwl5Q0XidSgSDpCtAjtwKD2x8X2pfr/UtkvUFoTo6AcSuIdgaL8T5o18mFyqfQTKwu+O0daV0ADh4dZXTGbQ4eYq4MY7pkFSUq/BKhhNkH6+fV9a1aib9GlyRxHil20w7nzq0npaNmavNTrHf9P3sivELjIc0rdWaT+V8U2mTJpvgss79C0kRzc3M/IUeX/sF0E91eGXvZ00w+UgT4ZHT5cfkb0arLzLhzameoVw7/3W/kLTiHeLB0UdZ5ztdSd7j7lgUDpD3hWZp3vKCFeVz/Gic47HZUd9c8JGHd8gjD4VLpUQ/dvXVedBt/whtv3JWkiW6EhmtglZc58RJ4WiRj/kGxKw6E3LkNfNHhedrjfDCYSdB5e16u4cYsQp/Ni+fB4CnUDzpisgYnhah22jFhGRMvoVjBySsxJXI0kmVflnVROUL2x31MgiZ+5rGlw/1oD+CIxgSPFkpA1zymK8k x-ms-office365-filtering-correlation-id: 43b944aa-dd0c-4beb-ca7f-08d4ccfbb2d2 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:CY4PR21MB0183; x-ms-traffictypediagnostic: CY4PR21MB0183: x-exchange-antispam-report-test: UriScan:(151999592597050)(26388249023172)(236129657087228)(192374486261705)(148574349560750)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(2017060910075)(8121501046)(5005006)(3002001)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(6055026)(61426038)(61427038)(6041248)(20161123558100)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123562025)(20161123555025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0183; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0183; x-forefront-prvs: 0371762FE7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39410400002)(39860400002)(39850400002)(39840400002)(39400400002)(39450400003)(2900100001)(7696004)(77096006)(8990500004)(8936002)(86362001)(81166006)(6916009)(86612001)(10090500001)(74316002)(5005710100001)(230783001)(2906002)(5660300001)(10290500003)(3280700002)(8676002)(1730700003)(478600001)(9686003)(25786009)(102836003)(55016002)(3846002)(6306002)(6436002)(54896002)(33656002)(66066001)(3660700001)(5630700001)(99286003)(14454004)(7736002)(54356999)(72206003)(50986999)(38730400002)(6116002)(6506006)(189998001)(2501003)(5640700003)(790700001)(110136004)(53936002)(2351001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0183; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB05049BD062406E73E7F6C234F5A00CY4PR21MB0504namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2017 10:07:57.3938 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0183 Archived-At: Subject: [Ace] Related work for draft-erdtman-ace-rpcc X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2017 10:08:01 -0000 --_000_CY4PR21MB05049BD062406E73E7F6C234F5A00CY4PR21MB0504namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable These RFCs are all pertain to OAuth Client Authentication using signed asse= rtions: * RFC 7521 - Assertion Framework for OAuth 2.0 Client Authentication an= d Authorization Grants * RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile for = OAuth 2.0 Client Authentication and Authorization Grants * RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authenti= cation and Authorization Grants I'd encourage you to think about whether using the JWT Profile, in particul= ar, would achieve the goals you're after. Best wishes, -- Mike --_000_CY4PR21MB05049BD062406E73E7F6C234F5A00CY4PR21MB0504namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

These RFCs are all pertain to OAuth Client Authentic= ation using signed assertions:

  • RFC 7521 - Assertion Framework for OAuth 2.0 Client Authentication an= d Authorization Grants
  • RFC 7522 - Security Assertion = Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and = Authorization Grants
  • RFC 7523 - JSON Web Token (JWT) P= rofile for OAuth 2.0 Client Authentication and Authorization Grants

 

I’d encourage you to think about whether using= the JWT Profile, in particular, would achieve the goals you’re after= .

 

        &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;        Best wishes,

        &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;        -- Mike

 

--_000_CY4PR21MB05049BD062406E73E7F6C234F5A00CY4PR21MB0504namp_-- From nobody Mon Jul 17 05:00:31 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C16CF13145A; Mon, 17 Jul 2017 05:00:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.8 X-Spam-Level: X-Spam-Status: No, score=-4.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n7AhsgLFZiBK; Mon, 17 Jul 2017 05:00:26 -0700 (PDT) Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0093.outbound.protection.outlook.com [104.47.33.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10C8313188F; Mon, 17 Jul 2017 05:00:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=/gPg86rzME0vMty+Ofx+3l8KaIVQ7FGFn7emhBjGUZ8=; b=b/M+ctWx8GE9rLH64ivWlKGingVlb503LkRhCeSxyDLjxDEl4AkqP2wKygK3mSR1VsOhCiff+HX830wLRN5LM0qbNhEMrFhAhvbq/dbDlJS0OL12oFgzB7dDIvRX7nisqrSAkieYrjjRdaxGZlDse+c20ueWKO3wd7QQXRY/9Qs= Received: from BN6PR21MB0500.namprd21.prod.outlook.com (10.172.112.10) by BN6PR21MB0164.namprd21.prod.outlook.com (10.173.200.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.2; Mon, 17 Jul 2017 12:00:24 +0000 Received: from BN6PR21MB0500.namprd21.prod.outlook.com ([10.172.112.10]) by BN6PR21MB0500.namprd21.prod.outlook.com ([10.172.112.10]) with mapi id 15.01.1282.008; Mon, 17 Jul 2017 12:00:24 +0000 From: Mike Jones To: Jim Schaad , 'Samuel Erdtman' CC: "draft-ietf-ace-cbor-web-token@ietf.org" , 'ace' Thread-Topic: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-05.txt Thread-Index: AQHS3mQBvrakMVykCUmbjWGGw4uE4qIrE2IAgAWWHwCAAOHygIAmn9cQ Date: Mon, 17 Jul 2017 12:00:23 +0000 Message-ID: References: <149671239411.3941.12998153965739248286@ietfa.amsl.com> <006101d2e868$17c8e3d0$475aab70$@augustcellars.com> <01e901d2eba4$1ff2b790$5fd826b0$@augustcellars.com> In-Reply-To: <01e901d2eba4$1ff2b790$5fd826b0$@augustcellars.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: augustcellars.com; dkim=none (message not signed) header.d=none;augustcellars.com; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [31.133.131.162] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; BN6PR21MB0164; 7:XKWweLYliY5SsrqdIj1xx1IoFMU/o3EUDUTy3LvBA8ueIaW3JHF+hPJAWFYG5fpJhEKaXOLy54GxEDzxwWtI7QNv+jaR2K3ATCTaCsAseg++2HPnl0Bo3Co4i0HB3/t+y+5p1U6LZme9esQ4NqkwpoONM8cbY4PEhsCeARsSeB95/QSTcTL+bFxQxgbF3xpm6JvN7nhnEp7dwMGEnSdQgf61AqnYfzaaRS2/YBSZxCX3F/SgrwrnEvopsP0GHaLxYczCrv90+7oD/PrFuXpmruNMjaUo1FtefFXusXb8ejJbxa9afPVTQapKyEBsklBZzzqEQm7AK2qdRDkhOb/p4gnqAPWuTW8MBX99NdoJEhWZ1PCSRKxXM3rSKVJ/zhygng5G3Yrjbmzbiyw/RG0omHL8mU+I1hoT7FXC6mJ1gNAIoQZ8+3F+KGcZHvzwy1muxROCyaqfxctiNgd4KJ/PPSLC0Vhc29rnk1CUV7nRn2XQGWWx82cUNc02MWjZSvzhNzJBaRHPvrwKzQxJfJLvUyzEPId5S7ls0VFrBIVJFzpOwinCmQRhogJBDeihNk4DYtnZhHw84p5F2D7LyHjCDZx1bRMBOeSA8OTBTgi8jqgkc8QJ0m4o6D0KnkLK9h/hGd2xFv3wwWT+GuMuKZY4XdqQiiCKO/1OsCs7/HhLwMC6/j3vlfUK1tYCVHOx6aRqObP6mOTBftJrFT2gDygC4kp/eDRp1hJjsN1j3wy/1jOVlVGlhezVhiIJJp1Pw1421BJidS+qubiiyynpUj1oHfFpyEdLMW5KbQpNh60q+xdnKgK8/Eg++vtQVI6Cv6tw x-ms-office365-filtering-correlation-id: 5849f6d0-eb61-468f-1e2b-08d4cd0b681e x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:BN6PR21MB0164; x-ms-traffictypediagnostic: BN6PR21MB0164: x-exchange-antispam-report-test: UriScan:(151999592597050)(278178393323532)(133145235818549)(120809045254105)(26388249023172)(236129657087228)(192374486261705)(148574349560750)(21748063052155)(167848164394848); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(2017060910075)(8121501046)(5005006)(3002001)(93006095)(93001095)(10201501046)(100000703101)(100105400095)(6055026)(61426038)(61427038)(6041248)(20161123564025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123555025)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BN6PR21MB0164; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BN6PR21MB0164; x-forefront-prvs: 0371762FE7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39410400002)(39400400002)(39450400003)(39850400002)(39860400002)(39840400002)(377424004)(377454003)(78124002)(13464003)(24454002)(4326008)(50986999)(76176999)(54356999)(25786009)(6506006)(38730400002)(6246003)(19609705001)(189998001)(77096006)(6436002)(66066001)(229853002)(2950100002)(14971765001)(53386004)(8936002)(236005)(33656002)(2900100001)(230783001)(93886004)(7696004)(102836003)(9686003)(790700001)(6116002)(3280700002)(5660300001)(86362001)(10290500003)(3660700001)(8676002)(6306002)(81166006)(3846002)(14454004)(5005710100001)(7736002)(478600001)(74316002)(53546010)(606006)(966005)(2906002)(72206003)(55016002)(54906002)(54896002)(99286003)(10090500001)(53936002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR21MB0164; H:BN6PR21MB0500.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_BN6PR21MB050033527D5B10E5A0C2EA8AF5A00BN6PR21MB0500namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2017 12:00:24.0680 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR21MB0164 Archived-At: Subject: Re: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-05.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2017 12:00:30 -0000 --_000_BN6PR21MB050033527D5B10E5A0C2EA8AF5A00BN6PR21MB0500namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 U2FtdWVsIOKAkyBJIHNwb2tlIHdpdGggSmltIGFmdGVyIEFDRS4gIEhlIHNhaWQgdGhhdCBpdOKA mXMgdGhlIGVuY3J5cHRpb24gZXhhbXBsZSwgd2hpY2ggeW91IGRpZG7igJl0IHVwZGF0ZSwgdGhh dCBzdGlsbCBoYXMgdGhlIHNhbWUgcHJvYmxlbXMgYXMgaGUgaWRlbnRpZmllZCBiZWxvdy4NCg0K ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC0t IE1pa2UNCg0KRnJvbTogSmltIFNjaGFhZCBbbWFpbHRvOmlldGZAYXVndXN0Y2VsbGFycy5jb21d DQpTZW50OiBGcmlkYXksIEp1bmUgMjMsIDIwMTcgMTI6MDkgQU0NClRvOiAnU2FtdWVsIEVyZHRt YW4nIDxzYW11ZWxAZXJkdG1hbi5zZT4NCkNjOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tl bkBpZXRmLm9yZzsgJ2FjZScgPGFjZUBpZXRmLm9yZz4NClN1YmplY3Q6IFJFOiBbQWNlXSBJLUQg QWN0aW9uOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0wNS50eHQNCg0KU2VlIGJlbG93 Lg0KDQpKaW0NCg0KRnJvbTogU2FtdWVsIEVyZHRtYW4gW21haWx0bzpzYW11ZWxAZXJkdG1hbi5z ZV0NClNlbnQ6IFRodXJzZGF5LCBKdW5lIDIyLCAyMDE3IDE6NDAgQU0NClRvOiBKaW0gU2NoYWFk IDxpZXRmQGF1Z3VzdGNlbGxhcnMuY29tPG1haWx0bzppZXRmQGF1Z3VzdGNlbGxhcnMuY29tPj4N CkNjOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbkBpZXRmLm9yZzxtYWlsdG86ZHJhZnQt aWV0Zi1hY2UtY2Jvci13ZWItdG9rZW5AaWV0Zi5vcmc+OyBhY2UgPGFjZUBpZXRmLm9yZzxtYWls dG86YWNlQGlldGYub3JnPj4NClN1YmplY3Q6IFJlOiBbQWNlXSBJLUQgQWN0aW9uOiBkcmFmdC1p ZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0wNS50eHQNCg0KVGhhbmtzIEppbSENClNlIGNvbW1lbnRz IGlubGluZQ0KDQpPbiBTdW4sIEp1biAxOCwgMjAxNyBhdCA5OjIxIFBNLCBKaW0gU2NoYWFkIDxp ZXRmQGF1Z3VzdGNlbGxhcnMuY29tPG1haWx0bzppZXRmQGF1Z3VzdGNlbGxhcnMuY29tPj4gd3Jv dGU6DQpDb21tZW50cyBvbiB0aGlzIHZlcnNpb24gb2YgdGhlIGRyYWZ0Lg0KDQpTZWN0aW9uIDcg LSBTdGVwIDYgJiA3IC0gSSBkbyBub3Qga25vdyBpZiBpdCBpcyBsZWdhbCB0byBoYXZlIGEgQ1dU IENCT1IgdGFnIGF0IHRoaXMgcG9pbnQNCg0KSW4gc2VjdGlvbiA3LjEgc3RlcCA2IGRlc2NyaWJl cyBob3cgb25lIGNhbiBhZGQgdGhlIENXVCBDQk9SIFRhZyB0byB0aGUgZnVsbCBDV1QgaWYgdHJh bnNwb3J0IGxheWVyIGNhbm5vdCBpbmRpY2F0ZSB0aGF0IHRoaXMgaXMgYSBDV1QuIEluIHRoaXMg Y2FzZSB5b3Ugd291bGQgd2FudCBmaXJzdCB0aGUgQ09TRSB0YWcgYW5kIHRoZW4gdGhlIENXVCB0 YWcgdGhpcyBpcyBkZXNjcmliZWQgaW4gc2VjdGlvbiA2LiBXZSBhc2tlZCBDYXJzdGVuIGFib3V0 IHRoaXMgYmVmb3JlIHdlIGFkZGVkIHRoZSB0ZXh0IHNvIGl0IHNob3VsZCBiZSBva2F5Lg0KSW4g c2VjdGlvbiA3LjIgc3RlcCA2IGFuZCA3IENXVCBDQk9SIHRhZyBpcyBub3QgbWVudGlvbmVkIGFz IGZhciBhcyBJIGNhbiB0ZWxsLg0KDQpbSkxTXSAgU28gaWYgYW4gaW50ZXJtZWRpYXJ5IGFkZHMg YSBsYXllciBvZiB3cmFwcGluZyAoaS5lLiBlbmNyeXB0cyBpdCB0byB0aGUgZW5kIHBvaW50KSBi dXQgdGhlIG9yaWdpbmFsIGVudGl0eSB3aG8gc2lnbmVkIGl0IHB1dCB0aGUgQ1dUIHRhZyBvbiBp dCwgaXQgd2lsbCBiZSBhbmQgaW52YWxpZCBDV1QgaWYgdGhlIHRhZyB3YXMgbm90IHJlbW92ZWQ/ DQoNCg0KQXBwZW5kaXggQS4zIC0gSSB3YXMgdW5hYmxlIHRvIHJlcHJvZHVjZSB0aGUgZXhhbXBs ZS4gIEkgYXNzdW1lIHRoYXQgdGhpcyBtZWFucyB0aGF0IGEgZGV0ZXJtaW5pc3RpYyBzaWduYXR1 cmUgYWxnb3JpdGhtIGlzIG5vdCBiZWluZyB1c2VkLiAgV2hpbGUgYSB2ZXJpZmllciBjYW5ub3Qg dGVsbCBpZiBvbmUgaXMgYmVpbmcgdXNlZCwgdGhlIENPU0UgZG9jdW1lbnQgZG9lcyBzdHJvbmds eSBzdWdnZXN0IHRoYXQgb25lIGJlIHVzZWQuICBBZGRpdGlvbmFsbHksIGl0IGhlbHBzIGluIHRl c3RpbmcgaWYgb25lIGlzIHVzZWQgc28gdGhhdCBhIHNpZ25hdHVyZSBjcmVhdG9yIGNhbiBiZSBt b3JlIGVhc2lseSB0ZXN0ZWQuDQoNCkNvcnJlY3QgSSBoYXZlIG5vdCB1c2VkIGEgZGV0ZXJtaW5p c3RpYyBzaWduaW5nIGFsZ29yaXRobS4gSSBoYXZlIHVzZWQgQ09TRS1KQVZBIHRvIGNyZWF0ZSB0 aGUgZXhhbXBsZXMsIGlzIGl0IHBvc3NpYmxlIHRvIGNvbmZpZ3VyZSB0aGF0IGltcGxlbWVudGF0 aW9uIHRvIGdlbmVyYXRlIGRldGVybWluaXN0aWMgRUNEU0Egc2lnbmF0dXJlcz8NCldoZW4gd29y a2luZyB3aXRoIG15IEpTIGltcGxlbWVudGF0aW9uIEkgaGF2ZSBub3RpY2VkIHRoYXQgc3VwcG9y dCBmb3IgZGV0ZXJtaW5pc3RpYyBFQ0RTQSBpbXBsZW1lbnRhdGlvbnMgYXJlIGhhcmQgdG8gZmlu ZC4NCg0KW0pMU10gV2l0aCBDT1NFLUpBVkEsIGlmIHlvdSBhcmUgdXNpbmcgYW55dGhpbmcgcmVt b3RlbHkgcmVjZW50IGlzIGRldGVybWluaXN0aWMsIHNvIHRoYXQgc2hvdWxkIG5vdCBiZSBhIHBy b2JsZW0uICBJIHB1dCB0aGlzIGNoYW5nZSBpbnRvIHRoZSBzb3VyY2VzIGFib3V0IDggbW9udGhz IGFnby4gIFRoZSBwcm9ibGVtIG1heSBiZSB0aGUgc2FtZSBpc3N1ZSBhcyBmb3IgQS41IHdoZXJl IHNvbWV0aGluZyBpcyBkaWZmZXJlbnQgaW4gdGhlIGRhdGEgdG8gYmUgc2lnbmVkLg0KDQoNCg0K QXBwZW5kaXggQS41IC0gSSB3YXMgdW5hYmxlIHRvIHJlcHJvZHVjZSB0aGUgZXhhbXBsZS4gIFNw ZWNpYWxseSB0aGUgdGFnIHZhbHVlIGRvZXMgbm90IG1hdGNoIHdpdGggdGhlIG9uZSB0aGF0IEkg Y29tcHV0ZS4NCg0KVGhhdCBpcyBiYWQuIGJ1dCBhcGFydCBmcm9tIHRoZSB0YWcgaXQgbG9va3Mg Z29vZD8NCg0KW0pMU10gWWVzIGFwYXJ0IGZyb20gdGhlIHRhZyBJIG1hdGNoZWQgZXZlcnl0aGlu ZyDigJMgaW5jbHVkaW5nIHRoZSBlbmNyeXB0aW9uLiAgVGhpcyBib3RoZXJzIG1lIGlmIHlvdSBh cmUgdXNpbmcgdGhlIENPU0UtSkFWQSB0byBwcm9kdWNlIHRoZSBleGFtcGxlcy4gIEkgcm91dGlu ZWx5IHJ1biByZWdyZXNzaW9uIHRlc3RzIG9uIGJvdGggbGFuZ3VhZ2UgbGlicmFyaWVzIHNvIHRo ZXkgc2hvdWxkIHByb2R1Y2UgdGhlIHNhbWUgb3V0cHV0IGdpdmVuIHRoZSBzYW1lIGlucHV0cy4g IFRoaXMgdHJpZ2dlcnMgaW4gbXkgbWluZCB0aGF0IHlvdSBtaWdodCBoYXZlIGRvbmUgc29tZXRo aW5nIG9kZCB3aXRoIHRoZSBleHRlcm5hbCBkYXRhIGFuZCB0aHVzIHdlIGFyZSBnZW5lcmF0aW5n IGRpZmZlcmVudCB0YWdzLiAgIEl0IHdvdWxkIGJlIHNvbWV0aGluZyB0aGF0IGlzIGJlaW5nIGRv bmUgZm9yIHNpZ25pbmcgYW5kIGZvciBlbmNyeXB0aW9uIGJ1dCBub3QgbWFjLg0KDQoNCg0KTWlu b3I6DQoNCkluIHNlY3Rpb24gMjogIElzIHRoZXJlIGEgcmVhc29uIG5vdCB0byBkZWZpbmUgQ1dU IGNsYWltIHZhbHVlIGluIHRoaXMgc2VjdGlvbg0KDQpTb3JyeSBJwrRtIG5vdCBmb2xsb3dpbmcs IGNvdWxkIHlvdSBwbGVhc2UgZXhwbGFpbiBhIGJpdCBtb3JlYD8NCg0KW0pMU10gWW91IHRob3Vn aHQgaXQgd2FzIHJlYXNvbmFibGUgdG8gZGVmaW5lIGEg4oCcQ1dUIGVuY29kZWQgY2xhaW0ga2V5 4oCdIGluIHRoZSB0ZXJtcy4gIEkgd2FzIGp1c3QgdGhpbmtpbmcgdGhhdCBpdCB3b3VsZCBiZSBz eW1tZXRyaWMgdG8gaGF2ZSB0aGUgdmFsdWVzIGhhdmUgZGVmaW5lZCBoZXJlIGF0IHRoZSBzYW1l IHRpbWUuDQoNCg0KDQotLS0tLU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQ0KRnJvbTogQWNlIFttYWls dG86YWNlLWJvdW5jZXNAaWV0Zi5vcmc8bWFpbHRvOmFjZS1ib3VuY2VzQGlldGYub3JnPl0gT24g QmVoYWxmIE9mIGludGVybmV0LWRyYWZ0c0BpZXRmLm9yZzxtYWlsdG86aW50ZXJuZXQtZHJhZnRz QGlldGYub3JnPg0KU2VudDogTW9uZGF5LCBKdW5lIDUsIDIwMTcgNjoyNyBQTQ0KVG86IGktZC1h bm5vdW5jZUBpZXRmLm9yZzxtYWlsdG86aS1kLWFubm91bmNlQGlldGYub3JnPg0KQ2M6IGFjZUBp ZXRmLm9yZzxtYWlsdG86YWNlQGlldGYub3JnPg0KU3ViamVjdDogW0FjZV0gSS1EIEFjdGlvbjog ZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDUudHh0DQoNCg0KQSBOZXcgSW50ZXJuZXQt RHJhZnQgaXMgYXZhaWxhYmxlIGZyb20gdGhlIG9uLWxpbmUgSW50ZXJuZXQtRHJhZnRzIGRpcmVj dG9yaWVzLg0KVGhpcyBkcmFmdCBpcyBhIHdvcmsgaXRlbSBvZiB0aGUgQXV0aGVudGljYXRpb24g YW5kIEF1dGhvcml6YXRpb24gZm9yIENvbnN0cmFpbmVkIEVudmlyb25tZW50cyBvZiB0aGUgSUVU Ri4NCg0KICAgICAgICBUaXRsZSAgICAgICAgICAgOiBDQk9SIFdlYiBUb2tlbiAoQ1dUKQ0KICAg ICAgICBBdXRob3JzICAgICAgICAgOiBNaWNoYWVsIEIuIEpvbmVzDQogICAgICAgICAgICAgICAg ICAgICAgICAgIEVyaWsgV2FobHN0csO2bQ0KICAgICAgICAgICAgICAgICAgICAgICAgICBTYW11 ZWwgRXJkdG1hbg0KICAgICAgICAgICAgICAgICAgICAgICAgICBIYW5uZXMgVHNjaG9mZW5pZw0K ICAgICAgICBGaWxlbmFtZSAgICAgICAgOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0w NS50eHQNCiAgICAgICAgUGFnZXMgICAgICAgICAgIDogMjMNCiAgICAgICAgRGF0ZSAgICAgICAg ICAgIDogMjAxNy0wNi0wNQ0KDQpBYnN0cmFjdDoNCiAgIENCT1IgV2ViIFRva2VuIChDV1QpIGlz IGEgY29tcGFjdCBtZWFucyBvZiByZXByZXNlbnRpbmcgY2xhaW1zIHRvIGJlDQogICB0cmFuc2Zl cnJlZCBiZXR3ZWVuIHR3byBwYXJ0aWVzLiAgVGhlIGNsYWltcyBpbiBhIENXVCBhcmUgZW5jb2Rl ZCBpbg0KICAgdGhlIENvbmNpc2UgQmluYXJ5IE9iamVjdCBSZXByZXNlbnRhdGlvbiAoQ0JPUikg YW5kIENCT1IgT2JqZWN0DQogICBTaWduaW5nIGFuZCBFbmNyeXB0aW9uIChDT1NFKSBpcyB1c2Vk IGZvciBhZGRlZCBhcHBsaWNhdGlvbiBsYXllcg0KICAgc2VjdXJpdHkgcHJvdGVjdGlvbi4gIEEg Y2xhaW0gaXMgYSBwaWVjZSBvZiBpbmZvcm1hdGlvbiBhc3NlcnRlZA0KICAgYWJvdXQgYSBzdWJq ZWN0IGFuZCBpcyByZXByZXNlbnRlZCBhcyBhIG5hbWUvdmFsdWUgcGFpciBjb25zaXN0aW5nIG9m DQogICBhIGNsYWltIG5hbWUgYW5kIGEgY2xhaW0gdmFsdWUuICBDV1QgaXMgZGVyaXZlZCBmcm9t IEpTT04gV2ViIFRva2VuDQogICAoSldUKSwgYnV0IHVzZXMgQ0JPUiByYXRoZXIgdGhhbiBKU09O Lg0KDQoNClRoZSBJRVRGIGRhdGF0cmFja2VyIHN0YXR1cyBwYWdlIGZvciB0aGlzIGRyYWZ0IGlz Og0KaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtaWV0Zi1hY2UtY2Jvci13 ZWItdG9rZW4vDQoNClRoZXJlIGFyZSBhbHNvIGh0bWxpemVkIHZlcnNpb25zIGF2YWlsYWJsZSBh dDoNCmh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10 b2tlbi0wNQ0KaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvaHRtbC9kcmFmdC1pZXRm LWFjZS1jYm9yLXdlYi10b2tlbi0wNQ0KDQpBIGRpZmYgZnJvbSB0aGUgcHJldmlvdXMgdmVyc2lv biBpcyBhdmFpbGFibGUgYXQ6DQpodHRwczovL3d3dy5pZXRmLm9yZy9yZmNkaWZmP3VybDI9ZHJh ZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDUNCg0KDQpQbGVhc2Ugbm90ZSB0aGF0IGl0IG1h eSB0YWtlIGEgY291cGxlIG9mIG1pbnV0ZXMgZnJvbSB0aGUgdGltZSBvZiBzdWJtaXNzaW9uIHVu dGlsIHRoZSBodG1saXplZCB2ZXJzaW9uIGFuZCBkaWZmIGFyZSBhdmFpbGFibGUgYXQgdG9vbHMu aWV0Zi5vcmc8aHR0cDovL3Rvb2xzLmlldGYub3JnPi4NCg0KSW50ZXJuZXQtRHJhZnRzIGFyZSBh bHNvIGF2YWlsYWJsZSBieSBhbm9ueW1vdXMgRlRQIGF0Og0KZnRwOi8vZnRwLmlldGYub3JnL2lu dGVybmV0LWRyYWZ0cy8NCg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX18NCkFjZSBtYWlsaW5nIGxpc3QNCkFjZUBpZXRmLm9yZzxtYWlsdG86QWNlQGlldGYu b3JnPg0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9hY2UNCg0KX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCkFjZSBtYWlsaW5nIGxp c3QNCkFjZUBpZXRmLm9yZzxtYWlsdG86QWNlQGlldGYub3JnPg0KaHR0cHM6Ly93d3cuaWV0Zi5v cmcvbWFpbG1hbi9saXN0aW5mby9hY2UNCg0K --_000_BN6PR21MB050033527D5B10E5A0C2EA8AF5A00BN6PR21MB0500namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy IDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWws IGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJ Zm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjt9DQph OmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xv cjpibHVlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1z b0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJw bGU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwLm1zb25vcm1hbDAsIGxpLm1zb25v cm1hbDAsIGRpdi5tc29ub3JtYWwwDQoJe21zby1zdHlsZS1uYW1lOm1zb25vcm1hbDsNCgltc28t bWFyZ2luLXRvcC1hbHQ6YXV0bzsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1zby1tYXJnaW4tYm90 dG9tLWFsdDphdXRvOw0KCW1hcmdpbi1sZWZ0OjBpbjsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZv bnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmO30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21z by1zdHlsZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlm Ow0KCWNvbG9yOndpbmRvd3RleHQ7fQ0Kc3Bhbi5FbWFpbFN0eWxlMjANCgl7bXNvLXN0eWxlLXR5 cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJ Y29sb3I6IzAwMjA2MDt9DQouTXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQt b25seTsNCglmb250LXNpemU6MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjgu NWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4waW4gMS4waW4gMS4waW47fQ0KZGl2LldvcmRT ZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQotLT48L3N0eWxlPjwhLS1baWYgZ3RlIG1z byA5XT48eG1sPg0KPG86c2hhcGVkZWZhdWx0cyB2OmV4dD0iZWRpdCIgc3BpZG1heD0iMTAyNiIg Lz4NCjwveG1sPjwhW2VuZGlmXS0tPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hhcGVs YXlvdXQgdjpleHQ9ImVkaXQiPg0KPG86aWRtYXAgdjpleHQ9ImVkaXQiIGRhdGE9IjEiIC8+DQo8 L286c2hhcGVsYXlvdXQ+PC94bWw+PCFbZW5kaWZdLS0+DQo8L2hlYWQ+DQo8Ym9keSBsYW5nPSJF Ti1VUyIgbGluaz0iYmx1ZSIgdmxpbms9InB1cnBsZSI+DQo8ZGl2IGNsYXNzPSJXb3JkU2VjdGlv bjEiPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMwMDIwNjAiPlNh bXVlbCDigJMgSSBzcG9rZSB3aXRoIEppbSBhZnRlciBBQ0UuJm5ic3A7IEhlIHNhaWQgdGhhdCBp dOKAmXMgdGhlIGVuY3J5cHRpb24gZXhhbXBsZSwgd2hpY2ggeW91IGRpZG7igJl0IHVwZGF0ZSwg dGhhdCBzdGlsbCBoYXMgdGhlIHNhbWUgcHJvYmxlbXMgYXMgaGUgaWRlbnRpZmllZCBiZWxvdy48 bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i Y29sb3I6IzAwMjA2MCI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMwMDIwNjAiPiZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyAmbmJzcDsm bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsmbmJzcDsgLS0gTWlrZTxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxhIG5hbWU9Il9NYWlsRW5kQ29tcG9zZSI+PHNwYW4gc3R5bGU9ImNvbG9yOiMw MDIwNjAiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvYT48L3A+DQo8c3BhbiBzdHlsZT0ibXNv LWJvb2ttYXJrOl9NYWlsRW5kQ29tcG9zZSI+PC9zcGFuPg0KPGRpdj4NCjxkaXYgc3R5bGU9ImJv cmRlcjpub25lO2JvcmRlci10b3A6c29saWQgI0UxRTFFMSAxLjBwdDtwYWRkaW5nOjMuMHB0IDBp biAwaW4gMGluIj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxiPkZyb206PC9iPiBKaW0gU2NoYWFk IFttYWlsdG86aWV0ZkBhdWd1c3RjZWxsYXJzLmNvbV0gPGJyPg0KPGI+U2VudDo8L2I+IEZyaWRh eSwgSnVuZSAyMywgMjAxNyAxMjowOSBBTTxicj4NCjxiPlRvOjwvYj4gJ1NhbXVlbCBFcmR0bWFu JyAmbHQ7c2FtdWVsQGVyZHRtYW4uc2UmZ3Q7PGJyPg0KPGI+Q2M6PC9iPiBkcmFmdC1pZXRmLWFj ZS1jYm9yLXdlYi10b2tlbkBpZXRmLm9yZzsgJ2FjZScgJmx0O2FjZUBpZXRmLm9yZyZndDs8YnI+ DQo8Yj5TdWJqZWN0OjwvYj4gUkU6IFtBY2VdIEktRCBBY3Rpb246IGRyYWZ0LWlldGYtYWNlLWNi b3Itd2ViLXRva2VuLTA1LnR4dDxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+U2VlIGJlbG93LjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4m bmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5KaW08bzpwPjwvbzpwPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PGI+RnJvbTo8L2I+IFNhbXVlbCBFcmR0bWFuIFs8YSBocmVmPSJtYWlsdG86c2Ft dWVsQGVyZHRtYW4uc2UiPm1haWx0bzpzYW11ZWxAZXJkdG1hbi5zZTwvYT5dDQo8YnI+DQo8Yj5T ZW50OjwvYj4gVGh1cnNkYXksIEp1bmUgMjIsIDIwMTcgMTo0MCBBTTxicj4NCjxiPlRvOjwvYj4g SmltIFNjaGFhZCAmbHQ7PGEgaHJlZj0ibWFpbHRvOmlldGZAYXVndXN0Y2VsbGFycy5jb20iPmll dGZAYXVndXN0Y2VsbGFycy5jb208L2E+Jmd0Ozxicj4NCjxiPkNjOjwvYj4gPGEgaHJlZj0ibWFp bHRvOmRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuQGlldGYub3JnIj5kcmFmdC1pZXRmLWFj ZS1jYm9yLXdlYi10b2tlbkBpZXRmLm9yZzwvYT47IGFjZSAmbHQ7PGEgaHJlZj0ibWFpbHRvOmFj ZUBpZXRmLm9yZyI+YWNlQGlldGYub3JnPC9hPiZndDs8YnI+DQo8Yj5TdWJqZWN0OjwvYj4gUmU6 IFtBY2VdIEktRCBBY3Rpb246IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1LnR4dDxv OnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+ DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9t OjEyLjBwdCI+VGhhbmtzIEppbSEgPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPlNlIGNvbW1lbnRzIGlubGluZTxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPk9uIFN1biwgSnVuIDE4LCAyMDE3IGF0IDk6MjEgUE0sIEppbSBTY2hhYWQgJmx0 OzxhIGhyZWY9Im1haWx0bzppZXRmQGF1Z3VzdGNlbGxhcnMuY29tIiB0YXJnZXQ9Il9ibGFuayI+ aWV0ZkBhdWd1c3RjZWxsYXJzLmNvbTwvYT4mZ3Q7IHdyb3RlOjxvOnA+PC9vOnA+PC9wPg0KPGJs b2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4w cHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tdG9w OjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj5Db21tZW50cyBvbiB0aGlzIHZlcnNpb24gb2YgdGhlIGRyYWZ0Ljxicj4NCjxi cj4NClNlY3Rpb24gNyAtIFN0ZXAgNiAmYW1wOyA3IC0gSSBkbyBub3Qga25vdyBpZiBpdCBpcyBs ZWdhbCB0byBoYXZlIGEgQ1dUIENCT1IgdGFnIGF0IHRoaXMgcG9pbnQ8bzpwPjwvbzpwPjwvcD4N CjwvYmxvY2txdW90ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwv bzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJn aW4tYm90dG9tOjEyLjBwdCI+SW4gc2VjdGlvbiA3LjEgc3RlcCA2IGRlc2NyaWJlcyBob3cgb25l IGNhbiBhZGQgdGhlIENXVCBDQk9SIFRhZyB0byB0aGUgZnVsbCBDV1QgaWYgdHJhbnNwb3J0IGxh eWVyIGNhbm5vdCBpbmRpY2F0ZSB0aGF0IHRoaXMgaXMgYSBDV1QuIEluIHRoaXMgY2FzZSB5b3Ug d291bGQgd2FudCBmaXJzdCB0aGUgQ09TRSB0YWcgYW5kIHRoZW4gdGhlIENXVCB0YWcgdGhpcw0K IGlzIGRlc2NyaWJlZCBpbiBzZWN0aW9uIDYuIFdlIGFza2VkIENhcnN0ZW4gYWJvdXQgdGhpcyBi ZWZvcmUgd2UgYWRkZWQgdGhlIHRleHQgc28gaXQgc2hvdWxkIGJlIG9rYXkuPG86cD48L286cD48 L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5JbiBzZWN0aW9uIDcuMiBz dGVwIDYgYW5kIDcgQ1dUIENCT1IgdGFnIGlzIG5vdCBtZW50aW9uZWQgYXMgZmFyIGFzIEkgY2Fu IHRlbGwuPHNwYW4gc3R5bGU9ImNvbG9yOiMwMDcwQzAiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMwMDcwQzAiPltKTFNdJm5ic3A7IFNvIGlmIGFu IGludGVybWVkaWFyeSBhZGRzIGEgbGF5ZXIgb2Ygd3JhcHBpbmcgKGkuZS4gZW5jcnlwdHMgaXQg dG8gdGhlIGVuZCBwb2ludCkgYnV0IHRoZSBvcmlnaW5hbCBlbnRpdHkgd2hvIHNpZ25lZCBpdCBw dXQgdGhlIENXVCB0YWcgb24gaXQsIGl0IHdpbGwgYmUgYW5kIGludmFsaWQgQ1dUIGlmIHRoZSB0 YWcgd2FzIG5vdCByZW1vdmVkPw0KPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxi bG9ja3F1b3RlIHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItbGVmdDpzb2xpZCAjQ0NDQ0NDIDEu MHB0O3BhZGRpbmc6MGluIDBpbiAwaW4gNi4wcHQ7bWFyZ2luLWxlZnQ6NC44cHQ7bWFyZ2luLXRv cDo1LjBwdDttYXJnaW4tcmlnaHQ6MGluO21hcmdpbi1ib3R0b206NS4wcHQiPg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PGJyPg0KQXBwZW5kaXggQS4zIC0gSSB3YXMgdW5hYmxlIHRvIHJlcHJvZHVj ZSB0aGUgZXhhbXBsZS4mbmJzcDsgSSBhc3N1bWUgdGhhdCB0aGlzIG1lYW5zIHRoYXQgYSBkZXRl cm1pbmlzdGljIHNpZ25hdHVyZSBhbGdvcml0aG0gaXMgbm90IGJlaW5nIHVzZWQuJm5ic3A7IFdo aWxlIGEgdmVyaWZpZXIgY2Fubm90IHRlbGwgaWYgb25lIGlzIGJlaW5nIHVzZWQsIHRoZSBDT1NF IGRvY3VtZW50IGRvZXMgc3Ryb25nbHkgc3VnZ2VzdCB0aGF0IG9uZSBiZSB1c2VkLiZuYnNwOyBB ZGRpdGlvbmFsbHksDQogaXQgaGVscHMgaW4gdGVzdGluZyBpZiBvbmUgaXMgdXNlZCBzbyB0aGF0 IGEgc2lnbmF0dXJlIGNyZWF0b3IgY2FuIGJlIG1vcmUgZWFzaWx5IHRlc3RlZC48bzpwPjwvbzpw PjwvcD4NCjwvYmxvY2txdW90ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZu YnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkNvcnJl Y3QgSSBoYXZlIG5vdCB1c2VkIGEgZGV0ZXJtaW5pc3RpYyBzaWduaW5nIGFsZ29yaXRobS4gSSBo YXZlIHVzZWQgQ09TRS1KQVZBIHRvIGNyZWF0ZSB0aGUgZXhhbXBsZXMsIGlzIGl0IHBvc3NpYmxl IHRvIGNvbmZpZ3VyZSB0aGF0IGltcGxlbWVudGF0aW9uIHRvIGdlbmVyYXRlIGRldGVybWluaXN0 aWMgRUNEU0Egc2lnbmF0dXJlcz8NCjxicj4NCldoZW4gd29ya2luZyB3aXRoIG15IEpTIGltcGxl bWVudGF0aW9uIEkgaGF2ZSBub3RpY2VkIHRoYXQgc3VwcG9ydCBmb3IgZGV0ZXJtaW5pc3RpYyBF Q0RTQSBpbXBsZW1lbnRhdGlvbnMgYXJlIGhhcmQgdG8gZmluZC48bzpwPjwvbzpwPjwvcD4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMwMDcwQzAiPltKTFNdIFdpdGggQ09TRS1KQVZBLCBp ZiB5b3UgYXJlIHVzaW5nIGFueXRoaW5nIHJlbW90ZWx5IHJlY2VudCBpcyBkZXRlcm1pbmlzdGlj LCBzbyB0aGF0IHNob3VsZCBub3QgYmUgYSBwcm9ibGVtLiZuYnNwOyBJIHB1dCB0aGlzIGNoYW5n ZSBpbnRvIHRoZSBzb3VyY2VzIGFib3V0IDggbW9udGhzIGFnby4mbmJzcDsgVGhlIHByb2JsZW0g bWF5IGJlIHRoZSBzYW1lIGlzc3VlIGFzDQogZm9yIEEuNSB3aGVyZSBzb21ldGhpbmcgaXMgZGlm ZmVyZW50IGluIHRoZSBkYXRhIHRvIGJlIHNpZ25lZC4mbmJzcDsgPG86cD48L286cD48L3NwYW4+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286 cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwv bzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1s ZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4t bGVmdDo0LjhwdDttYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRv bTo1LjBwdCI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YnI+DQpBcHBlbmRpeCBBLjUgLSBJIHdh cyB1bmFibGUgdG8gcmVwcm9kdWNlIHRoZSBleGFtcGxlLiZuYnNwOyBTcGVjaWFsbHkgdGhlIHRh ZyB2YWx1ZSBkb2VzIG5vdCBtYXRjaCB3aXRoIHRoZSBvbmUgdGhhdCBJIGNvbXB1dGUuPG86cD48 L286cD48L3A+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86 cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5U aGF0IGlzIGJhZC4gYnV0IGFwYXJ0IGZyb20gdGhlIHRhZyBpdCBsb29rcyBnb29kPzxvOnA+PC9v OnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwNzBDMCI+W0pMU10gWWVzIGFw YXJ0IGZyb20gdGhlIHRhZyBJIG1hdGNoZWQgZXZlcnl0aGluZyDigJMgaW5jbHVkaW5nIHRoZSBl bmNyeXB0aW9uLiZuYnNwOyBUaGlzIGJvdGhlcnMgbWUgaWYgeW91IGFyZSB1c2luZyB0aGUgQ09T RS1KQVZBIHRvIHByb2R1Y2UgdGhlIGV4YW1wbGVzLiAmbmJzcDtJIHJvdXRpbmVseSBydW4gcmVn cmVzc2lvbiB0ZXN0cyBvbiBib3RoIGxhbmd1YWdlIGxpYnJhcmllcw0KIHNvIHRoZXkgc2hvdWxk IHByb2R1Y2UgdGhlIHNhbWUgb3V0cHV0IGdpdmVuIHRoZSBzYW1lIGlucHV0cy4gJm5ic3A7VGhp cyB0cmlnZ2VycyBpbiBteSBtaW5kIHRoYXQgeW91IG1pZ2h0IGhhdmUgZG9uZSBzb21ldGhpbmcg b2RkIHdpdGggdGhlIGV4dGVybmFsIGRhdGEgYW5kIHRodXMgd2UgYXJlIGdlbmVyYXRpbmcgZGlm ZmVyZW50IHRhZ3MuJm5ic3A7ICZuYnNwO0l0IHdvdWxkIGJlIHNvbWV0aGluZyB0aGF0IGlzIGJl aW5nIGRvbmUgZm9yIHNpZ25pbmcgYW5kIGZvcg0KIGVuY3J5cHRpb24gYnV0IG5vdCBtYWMuPG86 cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ Jm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJib3JkZXI6 bm9uZTtib3JkZXItbGVmdDpzb2xpZCAjQ0NDQ0NDIDEuMHB0O3BhZGRpbmc6MGluIDBpbiAwaW4g Ni4wcHQ7bWFyZ2luLWxlZnQ6NC44cHQ7bWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tcmlnaHQ6MGlu O21hcmdpbi1ib3R0b206NS4wcHQiPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1t YXJnaW4tdG9wLWFsdDowaW47bWFyZ2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjEyLjBwdDtt YXJnaW4tbGVmdDozNC42NXB0Ij4NCjxicj4NCjxicj4NCk1pbm9yOjxicj4NCjxicj4NCjxvOnA+ PC9vOnA+PC9wPg0KPC9ibG9ja3F1b3RlPg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25l O2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBw dDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFy Z2luLWJvdHRvbTo1LjBwdCI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5JbiBzZWN0aW9uIDI6Jm5i c3A7IElzIHRoZXJlIGEgcmVhc29uIG5vdCB0byBkZWZpbmUgQ1dUIGNsYWltIHZhbHVlIGluIHRo aXMgc2VjdGlvbjxvOnA+PC9vOnA+PC9wPg0KPC9ibG9ja3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+U29ycnkgScK0bSBub3QgZm9sbG93aW5nLCBjb3VsZCB5b3UgcGxlYXNl IGV4cGxhaW4gYSBiaXQgbW9yZWA/DQo8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5 bGU9ImNvbG9yOiMwMDcwQzAiPltKTFNdIFlvdSB0aG91Z2h0IGl0IHdhcyByZWFzb25hYmxlIHRv IGRlZmluZSBhIOKAnENXVCBlbmNvZGVkIGNsYWltIGtleeKAnSBpbiB0aGUgdGVybXMuJm5ic3A7 IEkgd2FzIGp1c3QgdGhpbmtpbmcgdGhhdCBpdCB3b3VsZCBiZSBzeW1tZXRyaWMgdG8gaGF2ZSB0 aGUgdmFsdWVzIGhhdmUgZGVmaW5lZCBoZXJlIGF0IHRoZSBzYW1lIHRpbWUuPG86cD48L286cD48 L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJz cDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8 bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2Jv cmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDtt YXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFyZ2lu LWJvdHRvbTo1LjBwdCI+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxicj4N Ci0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tPGJyPg0KRnJvbTogQWNlIFttYWlsdG86PGEgaHJl Zj0ibWFpbHRvOmFjZS1ib3VuY2VzQGlldGYub3JnIj5hY2UtYm91bmNlc0BpZXRmLm9yZzwvYT5d IE9uIEJlaGFsZiBPZg0KPGEgaHJlZj0ibWFpbHRvOmludGVybmV0LWRyYWZ0c0BpZXRmLm9yZyI+ aW50ZXJuZXQtZHJhZnRzQGlldGYub3JnPC9hPjxicj4NClNlbnQ6IE1vbmRheSwgSnVuZSA1LCAy MDE3IDY6MjcgUE08YnI+DQpUbzogPGEgaHJlZj0ibWFpbHRvOmktZC1hbm5vdW5jZUBpZXRmLm9y ZyI+aS1kLWFubm91bmNlQGlldGYub3JnPC9hPjxicj4NCkNjOiA8YSBocmVmPSJtYWlsdG86YWNl QGlldGYub3JnIj5hY2VAaWV0Zi5vcmc8L2E+PGJyPg0KU3ViamVjdDogW0FjZV0gSS1EIEFjdGlv bjogZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDUudHh0PGJyPg0KPGJyPg0KPGJyPg0K QSBOZXcgSW50ZXJuZXQtRHJhZnQgaXMgYXZhaWxhYmxlIGZyb20gdGhlIG9uLWxpbmUgSW50ZXJu ZXQtRHJhZnRzIGRpcmVjdG9yaWVzLjxicj4NClRoaXMgZHJhZnQgaXMgYSB3b3JrIGl0ZW0gb2Yg dGhlIEF1dGhlbnRpY2F0aW9uIGFuZCBBdXRob3JpemF0aW9uIGZvciBDb25zdHJhaW5lZCBFbnZp cm9ubWVudHMgb2YgdGhlIElFVEYuPGJyPg0KPGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5i c3A7IFRpdGxlJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDs6IENCT1Ig V2ViIFRva2VuIChDV1QpPGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IEF1dGhvcnMm bmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7OiBNaWNoYWVsIEIuIEpvbmVzPGJyPg0K Jm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAm bmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IEVyaWsgV2FobHN0csO2bTxicj4NCiZu YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5i c3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyBTYW11ZWwgRXJkdG1hbjxicj4NCiZuYnNw OyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7 ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyBIYW5uZXMgVHNjaG9mZW5pZzxicj4NCiZuYnNw OyAmbmJzcDsgJm5ic3A7ICZuYnNwOyBGaWxlbmFtZSZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNw OyA6IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1LnR4dDxicj4NCiZuYnNwOyAmbmJz cDsgJm5ic3A7ICZuYnNwOyBQYWdlcyZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsg Jm5ic3A7OiAyMzxicj4NCiZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyBEYXRlJm5ic3A7ICZu YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgOiAyMDE3LTA2LTA1PGJyPg0KPGJyPg0K QWJzdHJhY3Q6PGJyPg0KJm5ic3A7ICZuYnNwO0NCT1IgV2ViIFRva2VuIChDV1QpIGlzIGEgY29t cGFjdCBtZWFucyBvZiByZXByZXNlbnRpbmcgY2xhaW1zIHRvIGJlPGJyPg0KJm5ic3A7ICZuYnNw O3RyYW5zZmVycmVkIGJldHdlZW4gdHdvIHBhcnRpZXMuJm5ic3A7IFRoZSBjbGFpbXMgaW4gYSBD V1QgYXJlIGVuY29kZWQgaW48YnI+DQombmJzcDsgJm5ic3A7dGhlIENvbmNpc2UgQmluYXJ5IE9i amVjdCBSZXByZXNlbnRhdGlvbiAoQ0JPUikgYW5kIENCT1IgT2JqZWN0PGJyPg0KJm5ic3A7ICZu YnNwO1NpZ25pbmcgYW5kIEVuY3J5cHRpb24gKENPU0UpIGlzIHVzZWQgZm9yIGFkZGVkIGFwcGxp Y2F0aW9uIGxheWVyPGJyPg0KJm5ic3A7ICZuYnNwO3NlY3VyaXR5IHByb3RlY3Rpb24uJm5ic3A7 IEEgY2xhaW0gaXMgYSBwaWVjZSBvZiBpbmZvcm1hdGlvbiBhc3NlcnRlZDxicj4NCiZuYnNwOyAm bmJzcDthYm91dCBhIHN1YmplY3QgYW5kIGlzIHJlcHJlc2VudGVkIGFzIGEgbmFtZS92YWx1ZSBw YWlyIGNvbnNpc3Rpbmcgb2Y8YnI+DQombmJzcDsgJm5ic3A7YSBjbGFpbSBuYW1lIGFuZCBhIGNs YWltIHZhbHVlLiZuYnNwOyBDV1QgaXMgZGVyaXZlZCBmcm9tIEpTT04gV2ViIFRva2VuPGJyPg0K Jm5ic3A7ICZuYnNwOyhKV1QpLCBidXQgdXNlcyBDQk9SIHJhdGhlciB0aGFuIEpTT04uPGJyPg0K PGJyPg0KPGJyPg0KVGhlIElFVEYgZGF0YXRyYWNrZXIgc3RhdHVzIHBhZ2UgZm9yIHRoaXMgZHJh ZnQgaXM6PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJh ZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4vIiB0YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly9kYXRh dHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4vPC9hPjxi cj4NCjxicj4NClRoZXJlIGFyZSBhbHNvIGh0bWxpemVkIHZlcnNpb25zIGF2YWlsYWJsZSBhdDo8 YnI+DQo8YSBocmVmPSJodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtaWV0Zi1hY2Ut Y2Jvci13ZWItdG9rZW4tMDUiIHRhcmdldD0iX2JsYW5rIj5odHRwczovL3Rvb2xzLmlldGYub3Jn L2h0bWwvZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDU8L2E+PGJyPg0KPGEgaHJlZj0i aHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvaHRtbC9kcmFmdC1pZXRmLWFjZS1jYm9y LXdlYi10b2tlbi0wNSIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5v cmcvZG9jL2h0bWwvZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDU8L2E+PGJyPg0KPGJy Pg0KQSBkaWZmIGZyb20gdGhlIHByZXZpb3VzIHZlcnNpb24gaXMgYXZhaWxhYmxlIGF0Ojxicj4N CjxhIGhyZWY9Imh0dHBzOi8vd3d3LmlldGYub3JnL3JmY2RpZmY/dXJsMj1kcmFmdC1pZXRmLWFj ZS1jYm9yLXdlYi10b2tlbi0wNSIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3LmlldGYub3Jn L3JmY2RpZmY/dXJsMj1kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0wNTwvYT48YnI+DQo8 YnI+DQo8YnI+DQpQbGVhc2Ugbm90ZSB0aGF0IGl0IG1heSB0YWtlIGEgY291cGxlIG9mIG1pbnV0 ZXMgZnJvbSB0aGUgdGltZSBvZiBzdWJtaXNzaW9uIHVudGlsIHRoZSBodG1saXplZCB2ZXJzaW9u IGFuZCBkaWZmIGFyZSBhdmFpbGFibGUgYXQNCjxhIGhyZWY9Imh0dHA6Ly90b29scy5pZXRmLm9y ZyIgdGFyZ2V0PSJfYmxhbmsiPnRvb2xzLmlldGYub3JnPC9hPi48YnI+DQo8YnI+DQpJbnRlcm5l dC1EcmFmdHMgYXJlIGFsc28gYXZhaWxhYmxlIGJ5IGFub255bW91cyBGVFAgYXQ6PGJyPg0KPGEg aHJlZj0iZnRwOi8vZnRwLmlldGYub3JnL2ludGVybmV0LWRyYWZ0cy8iIHRhcmdldD0iX2JsYW5r Ij5mdHA6Ly9mdHAuaWV0Zi5vcmcvaW50ZXJuZXQtZHJhZnRzLzwvYT48YnI+DQo8YnI+DQpfX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXzxicj4NCkFjZSBtYWls aW5nIGxpc3Q8YnI+DQo8YSBocmVmPSJtYWlsdG86QWNlQGlldGYub3JnIj5BY2VAaWV0Zi5vcmc8 L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9h Y2UiIHRhcmdldD0iX2JsYW5rIj5odHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZv L2FjZTwvYT48YnI+DQo8YnI+DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fXzxicj4NCkFjZSBtYWlsaW5nIGxpc3Q8YnI+DQo8YSBocmVmPSJtYWlsdG86QWNl QGlldGYub3JnIj5BY2VAaWV0Zi5vcmc8L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0 Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9hY2UiIHRhcmdldD0iX2JsYW5rIj5odHRwczovL3d3dy5p ZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FjZTwvYT48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K PC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+ Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1s Pg0K --_000_BN6PR21MB050033527D5B10E5A0C2EA8AF5A00BN6PR21MB0500namp_-- From nobody Wed Jul 19 09:38:48 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8AE712EC3F; Wed, 19 Jul 2017 09:38:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.02 X-Spam-Level: X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 51-7SFRXA964; Wed, 19 Jul 2017 09:38:44 -0700 (PDT) Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0099.outbound.protection.outlook.com [104.47.40.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5369129482; Wed, 19 Jul 2017 09:38:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=A8boJ/yeegdYVLtRY1DUarXz1RVVuLnrqyAC/wD++TE=; b=aM/rcZ0rYv79+jBePNewAHSyEJ+/nsbL1Id0hSEx6xaUyfx5Z4BwljWbstA2xcnCMgrfEc5hpv6Tvey5css5OKhv8wlvi2ZTWVQ65TXSTMCo/6bQJCMVtsUTQXQJUI0A+Ba3NI+UVDY3HUCdd3C+Aqqr/lyVDVqaN+OdIUnoAx8= Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0469.namprd21.prod.outlook.com (10.172.121.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.1; Wed, 19 Jul 2017 16:38:41 +0000 Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.1304.007; Wed, 19 Jul 2017 16:38:41 +0000 From: Mike Jones To: Jim Schaad CC: 'Samuel Erdtman' , "draft-ietf-ace-cbor-web-token@ietf.org" , 'ace' Thread-Topic: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-05.txt Thread-Index: AQHS3mQBvrakMVykCUmbjWGGw4uE4qIrE2IAgAWWHwCAAOHygIAmn9cQgANyLPA= Date: Wed, 19 Jul 2017 16:38:40 +0000 Message-ID: References: <149671239411.3941.12998153965739248286@ietfa.amsl.com> <006101d2e868$17c8e3d0$475aab70$@augustcellars.com> <01e901d2eba4$1ff2b790$5fd826b0$@augustcellars.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: augustcellars.com; dkim=none (message not signed) header.d=none;augustcellars.com; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [31.133.156.175] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0469; 7:YVf6PJxoaeAin0BDCRDMkM/EwZLl3SI3VOyNomuDIf3kSUvrPsAZm9GOwfIZSBThT1OxLMhiMdAsQulvjW+AHHh9BgpVw9bwHaLhq5Rpbl9HefQGkc/m2nv1qMIG49pqlVhvWwTTb9K42J3OYdrriC0gv4ya2jEbXyZd4uOHLCb1YC9It/K5EQciIY9kmWEf68/yhpRabakJRhA+gp1T+PoSPyddLcrF5aVKnZihPtqf+xfqbhAkzbS2oypLPKAkXF7n+KJnEMZt+5RN2LtXc6rt6isltp/fP4x9oPilVgbzpNrZ1vd17yYhTog54CuirxuIhTKgmQuwDqRlZkNvrfybCSXf72xOayfQT2uc4eaDZy+7sKnYNl1EoAK1w2lmHa2l/qVw61miZlQF6fAfQhNbybkv/Fg42nmIFFUhgqL3Q1nBktRIQ4j4uCno6waTVhDQFT8lmuSXBKKSgYKoOrr6FX5rGu9KAokvcuxHvMJciYMXkERz0QGsCpc5kLi8Q6WAXeHaQDafKTJk6eOTYzIqPYy1sXTU1Shax6QmbDsvz/vCirjCIe6APHCr2cNXhIl+BpC943ypiHuolUfG+cbA/Am4u9xbqAVnyGRuWGF0bBfbLAaVpgB1J0xVO3XrxnDq5FPmuM5yoKDj8Dg2hL5buFgZiuFrDBewG/hCLprlgoYQoUrYE4+v1kCbDJnxRkWLWQypi6hXmypF7eMHWDoNMw7TY73s1TCMFS8uD0pnqZJgJK9H0MTr8wakDQB1T5A2/zrQCrEFulkxzI8Ud9CsFZtiTIzTSpXsp0zM7EO/8Lsrd8AXeZCHbbrduqfB x-ms-office365-filtering-correlation-id: 8b6e2ab4-fdbc-408b-b438-08d4cec49d9f x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:CY4PR21MB0469; x-ms-traffictypediagnostic: CY4PR21MB0469: x-exchange-antispam-report-test: UriScan:(151999592597050)(278178393323532)(133145235818549)(120809045254105)(26388249023172)(236129657087228)(192374486261705)(148574349560750)(21748063052155)(167848164394848); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(2017060910075)(8121501046)(5005006)(3002001)(93006095)(93001095)(10201501046)(100000703101)(100105400095)(6055026)(61426038)(61427038)(6041248)(20161123558100)(20161123564025)(20161123562025)(20161123555025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0469; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0469; x-forefront-prvs: 0373D94D15 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39410400002)(39400400002)(39850400002)(39860400002)(39450400003)(39840400002)(24454002)(377424004)(13464003)(78124002)(377454003)(9686003)(4326008)(3660700001)(8676002)(110136004)(7736002)(6436002)(38730400002)(54906002)(2906002)(81166006)(189998001)(53386004)(6306002)(54896002)(6916009)(93886004)(5660300001)(229853002)(99286003)(55016002)(7696004)(53546010)(53936002)(19609705001)(14971765001)(6506006)(236005)(10090500001)(86362001)(25786009)(6246003)(8936002)(72206003)(3846002)(33656002)(10290500003)(966005)(478600001)(77096006)(14454004)(606006)(2950100002)(2900100001)(50986999)(230783001)(5005710100001)(76176999)(54356999)(790700001)(6116002)(102836003)(66066001)(74316002)(3280700002)(9326002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0469; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB050453E3CFE97C12CE9F97C9F5A60CY4PR21MB0504namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jul 2017 16:38:41.7802 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0469 Archived-At: Subject: Re: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-05.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jul 2017 16:38:47 -0000 --_000_CY4PR21MB050453E3CFE97C12CE9F97C9F5A60CY4PR21MB0504namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgSmltLA0KDQpTYW11ZWwgcG9pbnRlZCBvdXQgdGhhdCBoZSAqZGlkKiB1cGRhdGUgdGhlIGVu Y3J5cHRpb24gZXhhbXBsZSBpbiBBLjUuICBZb3UgY2FuIHNlZSB0aGlzIGF0IGh0dHBzOi8vdG9v bHMuaWV0Zi5vcmcvcmZjZGlmZj91cmwyPWRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA3 LnR4dC4gIENvdWxkIHlvdSBwbGVhc2UgdGFrZSBhIGNyYWNrIGF0IHZhbGlkYXRpbmcgdGhlIHVw ZGF0ZWQgZXhhbXBsZT8NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgIFRoYW5rcywNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAtLSBNaWtlDQoNCkZyb206IE1pa2UgSm9uZXMgW21haWx0 bzpNaWNoYWVsLkpvbmVzQG1pY3Jvc29mdC5jb21dDQpTZW50OiBNb25kYXksIEp1bHkgMTcsIDIw MTcgMjowMCBQTQ0KVG86IEppbSBTY2hhYWQgPGlldGZAYXVndXN0Y2VsbGFycy5jb20+OyAnU2Ft dWVsIEVyZHRtYW4nIDxzYW11ZWxAZXJkdG1hbi5zZT4NCkNjOiBkcmFmdC1pZXRmLWFjZS1jYm9y LXdlYi10b2tlbkBpZXRmLm9yZzsgJ2FjZScgPGFjZUBpZXRmLm9yZz4NClN1YmplY3Q6IFJFOiBb QWNlXSBJLUQgQWN0aW9uOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0wNS50eHQNCg0K U2FtdWVsIOKAkyBJIHNwb2tlIHdpdGggSmltIGFmdGVyIEFDRS4gIEhlIHNhaWQgdGhhdCBpdOKA mXMgdGhlIGVuY3J5cHRpb24gZXhhbXBsZSwgd2hpY2ggeW91IGRpZG7igJl0IHVwZGF0ZSwgdGhh dCBzdGlsbCBoYXMgdGhlIHNhbWUgcHJvYmxlbXMgYXMgaGUgaWRlbnRpZmllZCBiZWxvdy4NCg0K ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC0t IE1pa2UNCg0KRnJvbTogSmltIFNjaGFhZCBbbWFpbHRvOmlldGZAYXVndXN0Y2VsbGFycy5jb21d DQpTZW50OiBGcmlkYXksIEp1bmUgMjMsIDIwMTcgMTI6MDkgQU0NClRvOiAnU2FtdWVsIEVyZHRt YW4nIDxzYW11ZWxAZXJkdG1hbi5zZTxtYWlsdG86c2FtdWVsQGVyZHRtYW4uc2U+Pg0KQ2M6IGRy YWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuQGlldGYub3JnPG1haWx0bzpkcmFmdC1pZXRmLWFj ZS1jYm9yLXdlYi10b2tlbkBpZXRmLm9yZz47ICdhY2UnIDxhY2VAaWV0Zi5vcmc8bWFpbHRvOmFj ZUBpZXRmLm9yZz4+DQpTdWJqZWN0OiBSRTogW0FjZV0gSS1EIEFjdGlvbjogZHJhZnQtaWV0Zi1h Y2UtY2Jvci13ZWItdG9rZW4tMDUudHh0DQoNClNlZSBiZWxvdy4NCg0KSmltDQoNCkZyb206IFNh bXVlbCBFcmR0bWFuIFttYWlsdG86c2FtdWVsQGVyZHRtYW4uc2VdDQpTZW50OiBUaHVyc2RheSwg SnVuZSAyMiwgMjAxNyAxOjQwIEFNDQpUbzogSmltIFNjaGFhZCA8aWV0ZkBhdWd1c3RjZWxsYXJz LmNvbTxtYWlsdG86aWV0ZkBhdWd1c3RjZWxsYXJzLmNvbT4+DQpDYzogZHJhZnQtaWV0Zi1hY2Ut Y2Jvci13ZWItdG9rZW5AaWV0Zi5vcmc8bWFpbHRvOmRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRv a2VuQGlldGYub3JnPjsgYWNlIDxhY2VAaWV0Zi5vcmc8bWFpbHRvOmFjZUBpZXRmLm9yZz4+DQpT dWJqZWN0OiBSZTogW0FjZV0gSS1EIEFjdGlvbjogZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9r ZW4tMDUudHh0DQoNClRoYW5rcyBKaW0hDQpTZSBjb21tZW50cyBpbmxpbmUNCg0KT24gU3VuLCBK dW4gMTgsIDIwMTcgYXQgOToyMSBQTSwgSmltIFNjaGFhZCA8aWV0ZkBhdWd1c3RjZWxsYXJzLmNv bTxtYWlsdG86aWV0ZkBhdWd1c3RjZWxsYXJzLmNvbT4+IHdyb3RlOg0KQ29tbWVudHMgb24gdGhp cyB2ZXJzaW9uIG9mIHRoZSBkcmFmdC4NCg0KU2VjdGlvbiA3IC0gU3RlcCA2ICYgNyAtIEkgZG8g bm90IGtub3cgaWYgaXQgaXMgbGVnYWwgdG8gaGF2ZSBhIENXVCBDQk9SIHRhZyBhdCB0aGlzIHBv aW50DQoNCkluIHNlY3Rpb24gNy4xIHN0ZXAgNiBkZXNjcmliZXMgaG93IG9uZSBjYW4gYWRkIHRo ZSBDV1QgQ0JPUiBUYWcgdG8gdGhlIGZ1bGwgQ1dUIGlmIHRyYW5zcG9ydCBsYXllciBjYW5ub3Qg aW5kaWNhdGUgdGhhdCB0aGlzIGlzIGEgQ1dULiBJbiB0aGlzIGNhc2UgeW91IHdvdWxkIHdhbnQg Zmlyc3QgdGhlIENPU0UgdGFnIGFuZCB0aGVuIHRoZSBDV1QgdGFnIHRoaXMgaXMgZGVzY3JpYmVk IGluIHNlY3Rpb24gNi4gV2UgYXNrZWQgQ2Fyc3RlbiBhYm91dCB0aGlzIGJlZm9yZSB3ZSBhZGRl ZCB0aGUgdGV4dCBzbyBpdCBzaG91bGQgYmUgb2theS4NCkluIHNlY3Rpb24gNy4yIHN0ZXAgNiBh bmQgNyBDV1QgQ0JPUiB0YWcgaXMgbm90IG1lbnRpb25lZCBhcyBmYXIgYXMgSSBjYW4gdGVsbC4N Cg0KW0pMU10gIFNvIGlmIGFuIGludGVybWVkaWFyeSBhZGRzIGEgbGF5ZXIgb2Ygd3JhcHBpbmcg KGkuZS4gZW5jcnlwdHMgaXQgdG8gdGhlIGVuZCBwb2ludCkgYnV0IHRoZSBvcmlnaW5hbCBlbnRp dHkgd2hvIHNpZ25lZCBpdCBwdXQgdGhlIENXVCB0YWcgb24gaXQsIGl0IHdpbGwgYmUgYW5kIGlu dmFsaWQgQ1dUIGlmIHRoZSB0YWcgd2FzIG5vdCByZW1vdmVkPw0KDQoNCkFwcGVuZGl4IEEuMyAt IEkgd2FzIHVuYWJsZSB0byByZXByb2R1Y2UgdGhlIGV4YW1wbGUuICBJIGFzc3VtZSB0aGF0IHRo aXMgbWVhbnMgdGhhdCBhIGRldGVybWluaXN0aWMgc2lnbmF0dXJlIGFsZ29yaXRobSBpcyBub3Qg YmVpbmcgdXNlZC4gIFdoaWxlIGEgdmVyaWZpZXIgY2Fubm90IHRlbGwgaWYgb25lIGlzIGJlaW5n IHVzZWQsIHRoZSBDT1NFIGRvY3VtZW50IGRvZXMgc3Ryb25nbHkgc3VnZ2VzdCB0aGF0IG9uZSBi ZSB1c2VkLiAgQWRkaXRpb25hbGx5LCBpdCBoZWxwcyBpbiB0ZXN0aW5nIGlmIG9uZSBpcyB1c2Vk IHNvIHRoYXQgYSBzaWduYXR1cmUgY3JlYXRvciBjYW4gYmUgbW9yZSBlYXNpbHkgdGVzdGVkLg0K DQpDb3JyZWN0IEkgaGF2ZSBub3QgdXNlZCBhIGRldGVybWluaXN0aWMgc2lnbmluZyBhbGdvcml0 aG0uIEkgaGF2ZSB1c2VkIENPU0UtSkFWQSB0byBjcmVhdGUgdGhlIGV4YW1wbGVzLCBpcyBpdCBw b3NzaWJsZSB0byBjb25maWd1cmUgdGhhdCBpbXBsZW1lbnRhdGlvbiB0byBnZW5lcmF0ZSBkZXRl cm1pbmlzdGljIEVDRFNBIHNpZ25hdHVyZXM/DQpXaGVuIHdvcmtpbmcgd2l0aCBteSBKUyBpbXBs ZW1lbnRhdGlvbiBJIGhhdmUgbm90aWNlZCB0aGF0IHN1cHBvcnQgZm9yIGRldGVybWluaXN0aWMg RUNEU0EgaW1wbGVtZW50YXRpb25zIGFyZSBoYXJkIHRvIGZpbmQuDQoNCltKTFNdIFdpdGggQ09T RS1KQVZBLCBpZiB5b3UgYXJlIHVzaW5nIGFueXRoaW5nIHJlbW90ZWx5IHJlY2VudCBpcyBkZXRl cm1pbmlzdGljLCBzbyB0aGF0IHNob3VsZCBub3QgYmUgYSBwcm9ibGVtLiAgSSBwdXQgdGhpcyBj aGFuZ2UgaW50byB0aGUgc291cmNlcyBhYm91dCA4IG1vbnRocyBhZ28uICBUaGUgcHJvYmxlbSBt YXkgYmUgdGhlIHNhbWUgaXNzdWUgYXMgZm9yIEEuNSB3aGVyZSBzb21ldGhpbmcgaXMgZGlmZmVy ZW50IGluIHRoZSBkYXRhIHRvIGJlIHNpZ25lZC4NCg0KDQoNCkFwcGVuZGl4IEEuNSAtIEkgd2Fz IHVuYWJsZSB0byByZXByb2R1Y2UgdGhlIGV4YW1wbGUuICBTcGVjaWFsbHkgdGhlIHRhZyB2YWx1 ZSBkb2VzIG5vdCBtYXRjaCB3aXRoIHRoZSBvbmUgdGhhdCBJIGNvbXB1dGUuDQoNClRoYXQgaXMg YmFkLiBidXQgYXBhcnQgZnJvbSB0aGUgdGFnIGl0IGxvb2tzIGdvb2Q/DQoNCltKTFNdIFllcyBh cGFydCBmcm9tIHRoZSB0YWcgSSBtYXRjaGVkIGV2ZXJ5dGhpbmcg4oCTIGluY2x1ZGluZyB0aGUg ZW5jcnlwdGlvbi4gIFRoaXMgYm90aGVycyBtZSBpZiB5b3UgYXJlIHVzaW5nIHRoZSBDT1NFLUpB VkEgdG8gcHJvZHVjZSB0aGUgZXhhbXBsZXMuICBJIHJvdXRpbmVseSBydW4gcmVncmVzc2lvbiB0 ZXN0cyBvbiBib3RoIGxhbmd1YWdlIGxpYnJhcmllcyBzbyB0aGV5IHNob3VsZCBwcm9kdWNlIHRo ZSBzYW1lIG91dHB1dCBnaXZlbiB0aGUgc2FtZSBpbnB1dHMuICBUaGlzIHRyaWdnZXJzIGluIG15 IG1pbmQgdGhhdCB5b3UgbWlnaHQgaGF2ZSBkb25lIHNvbWV0aGluZyBvZGQgd2l0aCB0aGUgZXh0 ZXJuYWwgZGF0YSBhbmQgdGh1cyB3ZSBhcmUgZ2VuZXJhdGluZyBkaWZmZXJlbnQgdGFncy4gICBJ dCB3b3VsZCBiZSBzb21ldGhpbmcgdGhhdCBpcyBiZWluZyBkb25lIGZvciBzaWduaW5nIGFuZCBm b3IgZW5jcnlwdGlvbiBidXQgbm90IG1hYy4NCg0KDQoNCk1pbm9yOg0KSW4gc2VjdGlvbiAyOiAg SXMgdGhlcmUgYSByZWFzb24gbm90IHRvIGRlZmluZSBDV1QgY2xhaW0gdmFsdWUgaW4gdGhpcyBz ZWN0aW9uDQoNClNvcnJ5IEnCtG0gbm90IGZvbGxvd2luZywgY291bGQgeW91IHBsZWFzZSBleHBs YWluIGEgYml0IG1vcmVgPw0KDQpbSkxTXSBZb3UgdGhvdWdodCBpdCB3YXMgcmVhc29uYWJsZSB0 byBkZWZpbmUgYSDigJxDV1QgZW5jb2RlZCBjbGFpbSBrZXnigJ0gaW4gdGhlIHRlcm1zLiAgSSB3 YXMganVzdCB0aGlua2luZyB0aGF0IGl0IHdvdWxkIGJlIHN5bW1ldHJpYyB0byBoYXZlIHRoZSB2 YWx1ZXMgaGF2ZSBkZWZpbmVkIGhlcmUgYXQgdGhlIHNhbWUgdGltZS4NCg0KDQoNCi0tLS0tT3Jp Z2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBBY2UgW21haWx0bzphY2UtYm91bmNlc0BpZXRmLm9y ZzxtYWlsdG86YWNlLWJvdW5jZXNAaWV0Zi5vcmc+XSBPbiBCZWhhbGYgT2YgaW50ZXJuZXQtZHJh ZnRzQGlldGYub3JnPG1haWx0bzppbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmc+DQpTZW50OiBNb25k YXksIEp1bmUgNSwgMjAxNyA2OjI3IFBNDQpUbzogaS1kLWFubm91bmNlQGlldGYub3JnPG1haWx0 bzppLWQtYW5ub3VuY2VAaWV0Zi5vcmc+DQpDYzogYWNlQGlldGYub3JnPG1haWx0bzphY2VAaWV0 Zi5vcmc+DQpTdWJqZWN0OiBbQWNlXSBJLUQgQWN0aW9uOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdl Yi10b2tlbi0wNS50eHQNCg0KDQpBIE5ldyBJbnRlcm5ldC1EcmFmdCBpcyBhdmFpbGFibGUgZnJv bSB0aGUgb24tbGluZSBJbnRlcm5ldC1EcmFmdHMgZGlyZWN0b3JpZXMuDQpUaGlzIGRyYWZ0IGlz IGEgd29yayBpdGVtIG9mIHRoZSBBdXRoZW50aWNhdGlvbiBhbmQgQXV0aG9yaXphdGlvbiBmb3Ig Q29uc3RyYWluZWQgRW52aXJvbm1lbnRzIG9mIHRoZSBJRVRGLg0KDQogICAgICAgIFRpdGxlICAg ICAgICAgICA6IENCT1IgV2ViIFRva2VuIChDV1QpDQogICAgICAgIEF1dGhvcnMgICAgICAgICA6 IE1pY2hhZWwgQi4gSm9uZXMNCiAgICAgICAgICAgICAgICAgICAgICAgICAgRXJpayBXYWhsc3Ry w7ZtDQogICAgICAgICAgICAgICAgICAgICAgICAgIFNhbXVlbCBFcmR0bWFuDQogICAgICAgICAg ICAgICAgICAgICAgICAgIEhhbm5lcyBUc2Nob2ZlbmlnDQogICAgICAgIEZpbGVuYW1lICAgICAg ICA6IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1LnR4dA0KICAgICAgICBQYWdlcyAg ICAgICAgICAgOiAyMw0KICAgICAgICBEYXRlICAgICAgICAgICAgOiAyMDE3LTA2LTA1DQoNCkFi c3RyYWN0Og0KICAgQ0JPUiBXZWIgVG9rZW4gKENXVCkgaXMgYSBjb21wYWN0IG1lYW5zIG9mIHJl cHJlc2VudGluZyBjbGFpbXMgdG8gYmUNCiAgIHRyYW5zZmVycmVkIGJldHdlZW4gdHdvIHBhcnRp ZXMuICBUaGUgY2xhaW1zIGluIGEgQ1dUIGFyZSBlbmNvZGVkIGluDQogICB0aGUgQ29uY2lzZSBC aW5hcnkgT2JqZWN0IFJlcHJlc2VudGF0aW9uIChDQk9SKSBhbmQgQ0JPUiBPYmplY3QNCiAgIFNp Z25pbmcgYW5kIEVuY3J5cHRpb24gKENPU0UpIGlzIHVzZWQgZm9yIGFkZGVkIGFwcGxpY2F0aW9u IGxheWVyDQogICBzZWN1cml0eSBwcm90ZWN0aW9uLiAgQSBjbGFpbSBpcyBhIHBpZWNlIG9mIGlu Zm9ybWF0aW9uIGFzc2VydGVkDQogICBhYm91dCBhIHN1YmplY3QgYW5kIGlzIHJlcHJlc2VudGVk IGFzIGEgbmFtZS92YWx1ZSBwYWlyIGNvbnNpc3Rpbmcgb2YNCiAgIGEgY2xhaW0gbmFtZSBhbmQg YSBjbGFpbSB2YWx1ZS4gIENXVCBpcyBkZXJpdmVkIGZyb20gSlNPTiBXZWIgVG9rZW4NCiAgIChK V1QpLCBidXQgdXNlcyBDQk9SIHJhdGhlciB0aGFuIEpTT04uDQoNCg0KVGhlIElFVEYgZGF0YXRy YWNrZXIgc3RhdHVzIHBhZ2UgZm9yIHRoaXMgZHJhZnQgaXM6DQpodHRwczovL2RhdGF0cmFja2Vy LmlldGYub3JnL2RvYy9kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi8NCg0KVGhlcmUgYXJl IGFsc28gaHRtbGl6ZWQgdmVyc2lvbnMgYXZhaWxhYmxlIGF0Og0KaHR0cHM6Ly90b29scy5pZXRm Lm9yZy9odG1sL2RyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1DQpodHRwczovL2RhdGF0 cmFja2VyLmlldGYub3JnL2RvYy9odG1sL2RyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1 DQoNCkEgZGlmZiBmcm9tIHRoZSBwcmV2aW91cyB2ZXJzaW9uIGlzIGF2YWlsYWJsZSBhdDoNCmh0 dHBzOi8vd3d3LmlldGYub3JnL3JmY2RpZmY/dXJsMj1kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10 b2tlbi0wNQ0KDQoNClBsZWFzZSBub3RlIHRoYXQgaXQgbWF5IHRha2UgYSBjb3VwbGUgb2YgbWlu dXRlcyBmcm9tIHRoZSB0aW1lIG9mIHN1Ym1pc3Npb24gdW50aWwgdGhlIGh0bWxpemVkIHZlcnNp b24gYW5kIGRpZmYgYXJlIGF2YWlsYWJsZSBhdCB0b29scy5pZXRmLm9yZzxodHRwOi8vdG9vbHMu aWV0Zi5vcmc+Lg0KDQpJbnRlcm5ldC1EcmFmdHMgYXJlIGFsc28gYXZhaWxhYmxlIGJ5IGFub255 bW91cyBGVFAgYXQ6DQpmdHA6Ly9mdHAuaWV0Zi5vcmcvaW50ZXJuZXQtZHJhZnRzLw0KDQpfX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KQWNlIG1haWxpbmcg bGlzdA0KQWNlQGlldGYub3JnPG1haWx0bzpBY2VAaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRm Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FjZQ0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fXw0KQWNlIG1haWxpbmcgbGlzdA0KQWNlQGlldGYub3JnPG1haWx0 bzpBY2VAaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2Fj ZQ0KDQo= --_000_CY4PR21MB050453E3CFE97C12CE9F97C9F5A60CY4PR21MB0504namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy IDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWws IGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJ Zm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjt9DQph OmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xv cjpibHVlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1z b0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJw bGU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwLm1zb25vcm1hbDAsIGxpLm1zb25v cm1hbDAsIGRpdi5tc29ub3JtYWwwDQoJe21zby1zdHlsZS1uYW1lOm1zb25vcm1hbDsNCgltc28t bWFyZ2luLXRvcC1hbHQ6YXV0bzsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1zby1tYXJnaW4tYm90 dG9tLWFsdDphdXRvOw0KCW1hcmdpbi1sZWZ0OjBpbjsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZv bnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmO30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21z by1zdHlsZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlm Ow0KCWNvbG9yOndpbmRvd3RleHQ7fQ0Kc3Bhbi5FbWFpbFN0eWxlMTkNCgl7bXNvLXN0eWxlLXR5 cGU6cGVyc29uYWw7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJY29sb3I6 IzAwMjA2MDt9DQpzcGFuLkVtYWlsU3R5bGUyMQ0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25hbC1y ZXBseTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjsNCgljb2xvcjojMDAyMDYw O30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZvbnQt c2l6ZToxMC4wcHQ7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJe3NpemU6OC41aW4gMTEuMGluOw0K CW1hcmdpbjoxLjBpbiAxLjBpbiAxLjBpbiAxLjBpbjt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3Bh Z2U6V29yZFNlY3Rpb24xO30NCi0tPjwvc3R5bGU+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8 bzpzaGFwZWRlZmF1bHRzIHY6ZXh0PSJlZGl0IiBzcGlkbWF4PSIxMDI2IiAvPg0KPC94bWw+PCFb ZW5kaWZdLS0+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWxheW91dCB2OmV4dD0i ZWRpdCI+DQo8bzppZG1hcCB2OmV4dD0iZWRpdCIgZGF0YT0iMSIgLz4NCjwvbzpzaGFwZWxheW91 dD48L3htbD48IVtlbmRpZl0tLT4NCjwvaGVhZD4NCjxib2R5IGxhbmc9IkVOLVVTIiBsaW5rPSJi bHVlIiB2bGluaz0icHVycGxlIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2MCI+SGkgSmltLDxvOnA+PC9v OnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjoj MDAyMDYwIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2MCI+U2FtdWVsIHBvaW50ZWQgb3V0IHRoYXQgaGUg KjxiPmRpZDwvYj4qIHVwZGF0ZSB0aGUgZW5jcnlwdGlvbiBleGFtcGxlIGluIEEuNS4mbmJzcDsg WW91IGNhbiBzZWUgdGhpcyBhdA0KPGEgaHJlZj0iaHR0cHM6Ly90b29scy5pZXRmLm9yZy9yZmNk aWZmP3VybDI9ZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDcudHh0Ij4NCmh0dHBzOi8v dG9vbHMuaWV0Zi5vcmcvcmZjZGlmZj91cmwyPWRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2Vu LTA3LnR4dDwvYT4uJm5ic3A7IENvdWxkIHlvdSBwbGVhc2UgdGFrZSBhIGNyYWNrIGF0IHZhbGlk YXRpbmcgdGhlIHVwZGF0ZWQgZXhhbXBsZT88bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2MCI+PG86cD4mbmJzcDs8L286 cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMw MDIwNjAiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBUaGFua3MsPG86 cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNv bG9yOiMwMDIwNjAiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyAtLSBN aWtlPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGEgbmFtZT0i X01haWxFbmRDb21wb3NlIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2MCI+PG86cD4mbmJzcDs8 L286cD48L3NwYW4+PC9hPjwvcD4NCjxzcGFuIHN0eWxlPSJtc28tYm9va21hcms6X01haWxFbmRD b21wb3NlIj48L3NwYW4+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLXRv cDpzb2xpZCAjRTFFMUUxIDEuMHB0O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4iPg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PGI+RnJvbTo8L2I+IE1pa2UgSm9uZXMgW21haWx0bzpNaWNoYWVsLkpv bmVzQG1pY3Jvc29mdC5jb21dDQo8YnI+DQo8Yj5TZW50OjwvYj4gTW9uZGF5LCBKdWx5IDE3LCAy MDE3IDI6MDAgUE08YnI+DQo8Yj5Ubzo8L2I+IEppbSBTY2hhYWQgJmx0O2lldGZAYXVndXN0Y2Vs bGFycy5jb20mZ3Q7OyAnU2FtdWVsIEVyZHRtYW4nICZsdDtzYW11ZWxAZXJkdG1hbi5zZSZndDs8 YnI+DQo8Yj5DYzo8L2I+IGRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuQGlldGYub3JnOyAn YWNlJyAmbHQ7YWNlQGlldGYub3JnJmd0Ozxicj4NCjxiPlN1YmplY3Q6PC9iPiBSRTogW0FjZV0g SS1EIEFjdGlvbjogZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDUudHh0PG86cD48L286 cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8 L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2 MCI+U2FtdWVsIOKAkyBJIHNwb2tlIHdpdGggSmltIGFmdGVyIEFDRS4mbmJzcDsgSGUgc2FpZCB0 aGF0IGl04oCZcyB0aGUgZW5jcnlwdGlvbiBleGFtcGxlLCB3aGljaCB5b3UgZGlkbuKAmXQgdXBk YXRlLCB0aGF0IHN0aWxsIGhhcyB0aGUgc2FtZSBwcm9ibGVtcyBhcyBoZSBpZGVudGlmaWVkIGJl bG93LjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0 eWxlPSJjb2xvcjojMDAyMDYwIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwMjA2MCI+Jm5ic3A7Jm5ic3A7Jm5i c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5i c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7ICZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyAtLSBNaWtlPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMwMDIwNjAiPjxvOnA+Jm5ic3A7PC9v OnA+PC9zcGFuPjwvcD4NCjxkaXY+DQo8ZGl2IHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItdG9w OnNvbGlkICNFMUUxRTEgMS4wcHQ7cGFkZGluZzozLjBwdCAwaW4gMGluIDBpbiI+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48Yj5Gcm9tOjwvYj4gSmltIFNjaGFhZCBbPGEgaHJlZj0ibWFpbHRvOmll dGZAYXVndXN0Y2VsbGFycy5jb20iPm1haWx0bzppZXRmQGF1Z3VzdGNlbGxhcnMuY29tPC9hPl0N Cjxicj4NCjxiPlNlbnQ6PC9iPiBGcmlkYXksIEp1bmUgMjMsIDIwMTcgMTI6MDkgQU08YnI+DQo8 Yj5Ubzo8L2I+ICdTYW11ZWwgRXJkdG1hbicgJmx0OzxhIGhyZWY9Im1haWx0bzpzYW11ZWxAZXJk dG1hbi5zZSI+c2FtdWVsQGVyZHRtYW4uc2U8L2E+Jmd0Ozxicj4NCjxiPkNjOjwvYj4gPGEgaHJl Zj0ibWFpbHRvOmRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuQGlldGYub3JnIj5kcmFmdC1p ZXRmLWFjZS1jYm9yLXdlYi10b2tlbkBpZXRmLm9yZzwvYT47ICdhY2UnICZsdDs8YSBocmVmPSJt YWlsdG86YWNlQGlldGYub3JnIj5hY2VAaWV0Zi5vcmc8L2E+Jmd0Ozxicj4NCjxiPlN1YmplY3Q6 PC9iPiBSRTogW0FjZV0gSS1EIEFjdGlvbjogZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4t MDUudHh0PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5TZWUgYmVsb3cu PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkppbTxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj5G cm9tOjwvYj4gU2FtdWVsIEVyZHRtYW4gWzxhIGhyZWY9Im1haWx0bzpzYW11ZWxAZXJkdG1hbi5z ZSI+bWFpbHRvOnNhbXVlbEBlcmR0bWFuLnNlPC9hPl0NCjxicj4NCjxiPlNlbnQ6PC9iPiBUaHVy c2RheSwgSnVuZSAyMiwgMjAxNyAxOjQwIEFNPGJyPg0KPGI+VG86PC9iPiBKaW0gU2NoYWFkICZs dDs8YSBocmVmPSJtYWlsdG86aWV0ZkBhdWd1c3RjZWxsYXJzLmNvbSI+aWV0ZkBhdWd1c3RjZWxs YXJzLmNvbTwvYT4mZ3Q7PGJyPg0KPGI+Q2M6PC9iPiA8YSBocmVmPSJtYWlsdG86ZHJhZnQtaWV0 Zi1hY2UtY2Jvci13ZWItdG9rZW5AaWV0Zi5vcmciPmRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRv a2VuQGlldGYub3JnPC9hPjsgYWNlICZsdDs8YSBocmVmPSJtYWlsdG86YWNlQGlldGYub3JnIj5h Y2VAaWV0Zi5vcmc8L2E+Jmd0Ozxicj4NCjxiPlN1YmplY3Q6PC9iPiBSZTogW0FjZV0gSS1EIEFj dGlvbjogZHJhZnQtaWV0Zi1hY2UtY2Jvci13ZWItdG9rZW4tMDUudHh0PG86cD48L286cD48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxkaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij5UaGFu a3MgSmltISA8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+U2Ug Y29tbWVudHMgaW5saW5lPG86cD48L286cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+T24g U3VuLCBKdW4gMTgsIDIwMTcgYXQgOToyMSBQTSwgSmltIFNjaGFhZCAmbHQ7PGEgaHJlZj0ibWFp bHRvOmlldGZAYXVndXN0Y2VsbGFycy5jb20iIHRhcmdldD0iX2JsYW5rIj5pZXRmQGF1Z3VzdGNl bGxhcnMuY29tPC9hPiZndDsgd3JvdGU6PG86cD48L286cD48L3A+DQo8YmxvY2txdW90ZSBzdHls ZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBwdDtwYWRkaW5nOjBp biAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi10b3A6NS4wcHQ7bWFyZ2lu LXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkNv bW1lbnRzIG9uIHRoaXMgdmVyc2lvbiBvZiB0aGUgZHJhZnQuPGJyPg0KPGJyPg0KU2VjdGlvbiA3 IC0gU3RlcCA2ICZhbXA7IDcgLSBJIGRvIG5vdCBrbm93IGlmIGl0IGlzIGxlZ2FsIHRvIGhhdmUg YSBDV1QgQ0JPUiB0YWcgYXQgdGhpcyBwb2ludDxvOnA+PC9vOnA+PC9wPg0KPC9ibG9ja3F1b3Rl Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1ib3R0b206MTIu MHB0Ij5JbiBzZWN0aW9uIDcuMSBzdGVwIDYgZGVzY3JpYmVzIGhvdyBvbmUgY2FuIGFkZCB0aGUg Q1dUIENCT1IgVGFnIHRvIHRoZSBmdWxsIENXVCBpZiB0cmFuc3BvcnQgbGF5ZXIgY2Fubm90IGlu ZGljYXRlIHRoYXQgdGhpcyBpcyBhIENXVC4gSW4gdGhpcyBjYXNlIHlvdSB3b3VsZCB3YW50IGZp cnN0IHRoZSBDT1NFIHRhZyBhbmQgdGhlbiB0aGUgQ1dUIHRhZyB0aGlzDQogaXMgZGVzY3JpYmVk IGluIHNlY3Rpb24gNi4gV2UgYXNrZWQgQ2Fyc3RlbiBhYm91dCB0aGlzIGJlZm9yZSB3ZSBhZGRl ZCB0aGUgdGV4dCBzbyBpdCBzaG91bGQgYmUgb2theS48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K PGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkluIHNlY3Rpb24gNy4yIHN0ZXAgNiBhbmQgNyBD V1QgQ0JPUiB0YWcgaXMgbm90IG1lbnRpb25lZCBhcyBmYXIgYXMgSSBjYW4gdGVsbC48c3BhbiBz dHlsZT0iY29sb3I6IzAwNzBDMCI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iY29sb3I6IzAwNzBDMCI+W0pMU10mbmJzcDsgU28gaWYgYW4gaW50ZXJtZWRpYXJ5 IGFkZHMgYSBsYXllciBvZiB3cmFwcGluZyAoaS5lLiBlbmNyeXB0cyBpdCB0byB0aGUgZW5kIHBv aW50KSBidXQgdGhlIG9yaWdpbmFsIGVudGl0eSB3aG8gc2lnbmVkIGl0IHB1dCB0aGUgQ1dUIHRh ZyBvbiBpdCwgaXQgd2lsbCBiZSBhbmQgaW52YWxpZCBDV1QgaWYgdGhlIHRhZyB3YXMgbm90IHJl bW92ZWQ/DQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5 bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzow aW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tdG9wOjUuMHB0O21hcmdp bi1yaWdodDowaW47bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 YnI+DQpBcHBlbmRpeCBBLjMgLSBJIHdhcyB1bmFibGUgdG8gcmVwcm9kdWNlIHRoZSBleGFtcGxl LiZuYnNwOyBJIGFzc3VtZSB0aGF0IHRoaXMgbWVhbnMgdGhhdCBhIGRldGVybWluaXN0aWMgc2ln bmF0dXJlIGFsZ29yaXRobSBpcyBub3QgYmVpbmcgdXNlZC4mbmJzcDsgV2hpbGUgYSB2ZXJpZmll ciBjYW5ub3QgdGVsbCBpZiBvbmUgaXMgYmVpbmcgdXNlZCwgdGhlIENPU0UgZG9jdW1lbnQgZG9l cyBzdHJvbmdseSBzdWdnZXN0IHRoYXQgb25lIGJlIHVzZWQuJm5ic3A7IEFkZGl0aW9uYWxseSwN CiBpdCBoZWxwcyBpbiB0ZXN0aW5nIGlmIG9uZSBpcyB1c2VkIHNvIHRoYXQgYSBzaWduYXR1cmUg Y3JlYXRvciBjYW4gYmUgbW9yZSBlYXNpbHkgdGVzdGVkLjxvOnA+PC9vOnA+PC9wPg0KPC9ibG9j a3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Q29ycmVjdCBJIGhhdmUgbm90 IHVzZWQgYSBkZXRlcm1pbmlzdGljIHNpZ25pbmcgYWxnb3JpdGhtLiBJIGhhdmUgdXNlZCBDT1NF LUpBVkEgdG8gY3JlYXRlIHRoZSBleGFtcGxlcywgaXMgaXQgcG9zc2libGUgdG8gY29uZmlndXJl IHRoYXQgaW1wbGVtZW50YXRpb24gdG8gZ2VuZXJhdGUgZGV0ZXJtaW5pc3RpYyBFQ0RTQSBzaWdu YXR1cmVzPw0KPGJyPg0KV2hlbiB3b3JraW5nIHdpdGggbXkgSlMgaW1wbGVtZW50YXRpb24gSSBo YXZlIG5vdGljZWQgdGhhdCBzdXBwb3J0IGZvciBkZXRlcm1pbmlzdGljIEVDRFNBIGltcGxlbWVu dGF0aW9ucyBhcmUgaGFyZCB0byBmaW5kLjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBz dHlsZT0iY29sb3I6IzAwNzBDMCI+W0pMU10gV2l0aCBDT1NFLUpBVkEsIGlmIHlvdSBhcmUgdXNp bmcgYW55dGhpbmcgcmVtb3RlbHkgcmVjZW50IGlzIGRldGVybWluaXN0aWMsIHNvIHRoYXQgc2hv dWxkIG5vdCBiZSBhIHByb2JsZW0uJm5ic3A7IEkgcHV0IHRoaXMgY2hhbmdlIGludG8gdGhlIHNv dXJjZXMgYWJvdXQgOCBtb250aHMgYWdvLiZuYnNwOyBUaGUgcHJvYmxlbSBtYXkgYmUgdGhlIHNh bWUgaXNzdWUgYXMNCiBmb3IgQS41IHdoZXJlIHNvbWV0aGluZyBpcyBkaWZmZXJlbnQgaW4gdGhl IGRhdGEgdG8gYmUgc2lnbmVkLiZuYnNwOyA8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4N CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9k aXY+DQo8YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0ND Q0NDQyAxLjBwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21h cmdpbi10b3A6NS4wcHQ7bWFyZ2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxicj4NCkFwcGVuZGl4IEEuNSAtIEkgd2FzIHVuYWJsZSB0byBy ZXByb2R1Y2UgdGhlIGV4YW1wbGUuJm5ic3A7IFNwZWNpYWxseSB0aGUgdGFnIHZhbHVlIGRvZXMg bm90IG1hdGNoIHdpdGggdGhlIG9uZSB0aGF0IEkgY29tcHV0ZS48bzpwPjwvbzpwPjwvcD4NCjwv YmxvY2txdW90ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpw PjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlRoYXQgaXMgYmFkLiBi dXQgYXBhcnQgZnJvbSB0aGUgdGFnIGl0IGxvb2tzIGdvb2Q/PG86cD48L286cD48L3A+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJjb2xvcjojMDA3MEMwIj5bSkxTXSBZZXMgYXBhcnQgZnJvbSB0aGUg dGFnIEkgbWF0Y2hlZCBldmVyeXRoaW5nIOKAkyBpbmNsdWRpbmcgdGhlIGVuY3J5cHRpb24uJm5i c3A7IFRoaXMgYm90aGVycyBtZSBpZiB5b3UgYXJlIHVzaW5nIHRoZSBDT1NFLUpBVkEgdG8gcHJv ZHVjZSB0aGUgZXhhbXBsZXMuICZuYnNwO0kgcm91dGluZWx5IHJ1biByZWdyZXNzaW9uIHRlc3Rz IG9uIGJvdGggbGFuZ3VhZ2UgbGlicmFyaWVzDQogc28gdGhleSBzaG91bGQgcHJvZHVjZSB0aGUg c2FtZSBvdXRwdXQgZ2l2ZW4gdGhlIHNhbWUgaW5wdXRzLiAmbmJzcDtUaGlzIHRyaWdnZXJzIGlu IG15IG1pbmQgdGhhdCB5b3UgbWlnaHQgaGF2ZSBkb25lIHNvbWV0aGluZyBvZGQgd2l0aCB0aGUg ZXh0ZXJuYWwgZGF0YSBhbmQgdGh1cyB3ZSBhcmUgZ2VuZXJhdGluZyBkaWZmZXJlbnQgdGFncy4m bmJzcDsgJm5ic3A7SXQgd291bGQgYmUgc29tZXRoaW5nIHRoYXQgaXMgYmVpbmcgZG9uZSBmb3Ig c2lnbmluZyBhbmQgZm9yDQogZW5jcnlwdGlvbiBidXQgbm90IG1hYy48bzpwPjwvbzpwPjwvc3Bh bj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwv bzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1s ZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4t bGVmdDo0LjhwdDttYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRv bTo1LjBwdCI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0 OjBpbjttYXJnaW4tcmlnaHQ6MGluO21hcmdpbi1ib3R0b206MTIuMHB0O21hcmdpbi1sZWZ0OjM0 LjY1cHQiPg0KPGJyPg0KPGJyPg0KTWlub3I6PG86cD48L286cD48L3A+DQo8L2Jsb2NrcXVvdGU+ DQo8YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0ND QyAxLjBwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdp bi10b3A6NS4wcHQ7bWFyZ2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPkluIHNlY3Rpb24gMjombmJzcDsgSXMgdGhlcmUgYSByZWFzb24gbm90 IHRvIGRlZmluZSBDV1QgY2xhaW0gdmFsdWUgaW4gdGhpcyBzZWN0aW9uPG86cD48L286cD48L3A+ DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8 L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5Tb3JyeSBJwrRt IG5vdCBmb2xsb3dpbmcsIGNvdWxkIHlvdSBwbGVhc2UgZXhwbGFpbiBhIGJpdCBtb3JlYD8NCjxv OnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzAwNzBDMCI+W0pMU10g WW91IHRob3VnaHQgaXQgd2FzIHJlYXNvbmFibGUgdG8gZGVmaW5lIGEg4oCcQ1dUIGVuY29kZWQg Y2xhaW0ga2V54oCdIGluIHRoZSB0ZXJtcy4mbmJzcDsgSSB3YXMganVzdCB0aGlua2luZyB0aGF0 IGl0IHdvdWxkIGJlIHN5bW1ldHJpYyB0byBoYXZlIHRoZSB2YWx1ZXMgaGF2ZSBkZWZpbmVkIGhl cmUgYXQgdGhlIHNhbWUgdGltZS48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRp dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8 YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAx LjBwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi10 b3A6NS4wcHQ7bWFyZ2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGJyPg0KLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0t LS08YnI+DQpGcm9tOiBBY2UgW21haWx0bzo8YSBocmVmPSJtYWlsdG86YWNlLWJvdW5jZXNAaWV0 Zi5vcmciPmFjZS1ib3VuY2VzQGlldGYub3JnPC9hPl0gT24gQmVoYWxmIE9mDQo8YSBocmVmPSJt YWlsdG86aW50ZXJuZXQtZHJhZnRzQGlldGYub3JnIj5pbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmc8 L2E+PGJyPg0KU2VudDogTW9uZGF5LCBKdW5lIDUsIDIwMTcgNjoyNyBQTTxicj4NClRvOiA8YSBo cmVmPSJtYWlsdG86aS1kLWFubm91bmNlQGlldGYub3JnIj5pLWQtYW5ub3VuY2VAaWV0Zi5vcmc8 L2E+PGJyPg0KQ2M6IDxhIGhyZWY9Im1haWx0bzphY2VAaWV0Zi5vcmciPmFjZUBpZXRmLm9yZzwv YT48YnI+DQpTdWJqZWN0OiBbQWNlXSBJLUQgQWN0aW9uOiBkcmFmdC1pZXRmLWFjZS1jYm9yLXdl Yi10b2tlbi0wNS50eHQ8YnI+DQo8YnI+DQo8YnI+DQpBIE5ldyBJbnRlcm5ldC1EcmFmdCBpcyBh dmFpbGFibGUgZnJvbSB0aGUgb24tbGluZSBJbnRlcm5ldC1EcmFmdHMgZGlyZWN0b3JpZXMuPGJy Pg0KVGhpcyBkcmFmdCBpcyBhIHdvcmsgaXRlbSBvZiB0aGUgQXV0aGVudGljYXRpb24gYW5kIEF1 dGhvcml6YXRpb24gZm9yIENvbnN0cmFpbmVkIEVudmlyb25tZW50cyBvZiB0aGUgSUVURi48YnI+ DQo8YnI+DQombmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgVGl0bGUmbmJzcDsgJm5ic3A7ICZu YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOzogQ0JPUiBXZWIgVG9rZW4gKENXVCk8YnI+DQombmJz cDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgQXV0aG9ycyZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNw OyAmbmJzcDs6IE1pY2hhZWwgQi4gSm9uZXM8YnI+DQombmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJz cDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNw OyAmbmJzcDsgRXJpayBXYWhsc3Ryw7ZtPGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7 ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsg Jm5ic3A7IFNhbXVlbCBFcmR0bWFuPGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZu YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5i c3A7IEhhbm5lcyBUc2Nob2ZlbmlnPGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IEZp bGVuYW1lJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IDogZHJhZnQtaWV0Zi1hY2UtY2Jvci13 ZWItdG9rZW4tMDUudHh0PGJyPg0KJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IFBhZ2VzJm5i c3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDs6IDIzPGJyPg0KJm5ic3A7ICZu YnNwOyAmbmJzcDsgJm5ic3A7IERhdGUmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7 ICZuYnNwOyA6IDIwMTctMDYtMDU8YnI+DQo8YnI+DQpBYnN0cmFjdDo8YnI+DQombmJzcDsgJm5i c3A7Q0JPUiBXZWIgVG9rZW4gKENXVCkgaXMgYSBjb21wYWN0IG1lYW5zIG9mIHJlcHJlc2VudGlu ZyBjbGFpbXMgdG8gYmU8YnI+DQombmJzcDsgJm5ic3A7dHJhbnNmZXJyZWQgYmV0d2VlbiB0d28g cGFydGllcy4mbmJzcDsgVGhlIGNsYWltcyBpbiBhIENXVCBhcmUgZW5jb2RlZCBpbjxicj4NCiZu YnNwOyAmbmJzcDt0aGUgQ29uY2lzZSBCaW5hcnkgT2JqZWN0IFJlcHJlc2VudGF0aW9uIChDQk9S KSBhbmQgQ0JPUiBPYmplY3Q8YnI+DQombmJzcDsgJm5ic3A7U2lnbmluZyBhbmQgRW5jcnlwdGlv biAoQ09TRSkgaXMgdXNlZCBmb3IgYWRkZWQgYXBwbGljYXRpb24gbGF5ZXI8YnI+DQombmJzcDsg Jm5ic3A7c2VjdXJpdHkgcHJvdGVjdGlvbi4mbmJzcDsgQSBjbGFpbSBpcyBhIHBpZWNlIG9mIGlu Zm9ybWF0aW9uIGFzc2VydGVkPGJyPg0KJm5ic3A7ICZuYnNwO2Fib3V0IGEgc3ViamVjdCBhbmQg aXMgcmVwcmVzZW50ZWQgYXMgYSBuYW1lL3ZhbHVlIHBhaXIgY29uc2lzdGluZyBvZjxicj4NCiZu YnNwOyAmbmJzcDthIGNsYWltIG5hbWUgYW5kIGEgY2xhaW0gdmFsdWUuJm5ic3A7IENXVCBpcyBk ZXJpdmVkIGZyb20gSlNPTiBXZWIgVG9rZW48YnI+DQombmJzcDsgJm5ic3A7KEpXVCksIGJ1dCB1 c2VzIENCT1IgcmF0aGVyIHRoYW4gSlNPTi48YnI+DQo8YnI+DQo8YnI+DQpUaGUgSUVURiBkYXRh dHJhY2tlciBzdGF0dXMgcGFnZSBmb3IgdGhpcyBkcmFmdCBpczo8YnI+DQo8YSBocmVmPSJodHRw czovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tl bi8iIHRhcmdldD0iX2JsYW5rIj5odHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFm dC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi88L2E+PGJyPg0KPGJyPg0KVGhlcmUgYXJlIGFsc28g aHRtbGl6ZWQgdmVyc2lvbnMgYXZhaWxhYmxlIGF0Ojxicj4NCjxhIGhyZWY9Imh0dHBzOi8vdG9v bHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLWFjZS1jYm9yLXdlYi10b2tlbi0wNSIgdGFyZ2V0 PSJfYmxhbmsiPmh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLWFjZS1jYm9y LXdlYi10b2tlbi0wNTwvYT48YnI+DQo8YSBocmVmPSJodHRwczovL2RhdGF0cmFja2VyLmlldGYu b3JnL2RvYy9odG1sL2RyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1IiB0YXJnZXQ9Il9i bGFuayI+aHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvaHRtbC9kcmFmdC1pZXRmLWFj ZS1jYm9yLXdlYi10b2tlbi0wNTwvYT48YnI+DQo8YnI+DQpBIGRpZmYgZnJvbSB0aGUgcHJldmlv dXMgdmVyc2lvbiBpcyBhdmFpbGFibGUgYXQ6PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0 Zi5vcmcvcmZjZGlmZj91cmwyPWRyYWZ0LWlldGYtYWNlLWNib3Itd2ViLXRva2VuLTA1IiB0YXJn ZXQ9Il9ibGFuayI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvcmZjZGlmZj91cmwyPWRyYWZ0LWlldGYt YWNlLWNib3Itd2ViLXRva2VuLTA1PC9hPjxicj4NCjxicj4NCjxicj4NClBsZWFzZSBub3RlIHRo YXQgaXQgbWF5IHRha2UgYSBjb3VwbGUgb2YgbWludXRlcyBmcm9tIHRoZSB0aW1lIG9mIHN1Ym1p c3Npb24gdW50aWwgdGhlIGh0bWxpemVkIHZlcnNpb24gYW5kIGRpZmYgYXJlIGF2YWlsYWJsZSBh dA0KPGEgaHJlZj0iaHR0cDovL3Rvb2xzLmlldGYub3JnIiB0YXJnZXQ9Il9ibGFuayI+dG9vbHMu aWV0Zi5vcmc8L2E+Ljxicj4NCjxicj4NCkludGVybmV0LURyYWZ0cyBhcmUgYWxzbyBhdmFpbGFi bGUgYnkgYW5vbnltb3VzIEZUUCBhdDo8YnI+DQo8YSBocmVmPSJmdHA6Ly9mdHAuaWV0Zi5vcmcv aW50ZXJuZXQtZHJhZnRzLyIgdGFyZ2V0PSJfYmxhbmsiPmZ0cDovL2Z0cC5pZXRmLm9yZy9pbnRl cm5ldC1kcmFmdHMvPC9hPjxicj4NCjxicj4NCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fPGJyPg0KQWNlIG1haWxpbmcgbGlzdDxicj4NCjxhIGhyZWY9Im1h aWx0bzpBY2VAaWV0Zi5vcmciPkFjZUBpZXRmLm9yZzwvYT48YnI+DQo8YSBocmVmPSJodHRwczov L3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FjZSIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBz Oi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vYWNlPC9hPjxicj4NCjxicj4NCl9fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fPGJyPg0KQWNlIG1haWxp bmcgbGlzdDxicj4NCjxhIGhyZWY9Im1haWx0bzpBY2VAaWV0Zi5vcmciPkFjZUBpZXRmLm9yZzwv YT48YnI+DQo8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2Fj ZSIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8v YWNlPC9hPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjwv ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4N CjwvZGl2Pg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+DQo= --_000_CY4PR21MB050453E3CFE97C12CE9F97C9F5A60CY4PR21MB0504namp_-- From nobody Sun Jul 23 23:37:27 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEE5412EC30; Sun, 23 Jul 2017 23:37:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.401 X-Spam-Level: X-Spam-Status: No, score=-5.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CTUMlAaUqaXJ; Sun, 23 Jul 2017 23:37:23 -0700 (PDT) Received: from se-out2.mx-wecloud.net (se-out2.mx-wecloud.net [89.221.255.177]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17D4D129461; Sun, 23 Jul 2017 23:37:22 -0700 (PDT) Received: from sp-mail-2.sp.se (unknown [194.218.146.197]) by se-out2.mx-wecloud.net (Postfix) with ESMTPS id D2C1522244C; Mon, 24 Jul 2017 06:37:18 +0000 (UTC) Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.32; Mon, 24 Jul 2017 08:37:19 +0200 To: Olaf Bergmann , Jim Schaad CC: , References: <009701d2ead2$15024df0$3f06e9d0$@augustcellars.com> <87ziclteup.fsf@aung.informatik.uni-bremen.de> From: Ludwig Seitz Message-ID: <29fd9677-720f-8f6c-4f02-d942a5a1886b@ri.se> Date: Mon, 24 Jul 2017 08:37:19 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <87ziclteup.fsf@aung.informatik.uni-bremen.de> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.116.0.226] X-ClientProxiedBy: sp-mail-3.sp.se (10.100.0.163) To sp-mail-2.sp.se (10.100.0.162) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=Nc2W7yL4 c=1 sm=1 tr=0 a=L5DDne6A+dD0FbDkt2Fblw==:117 a=L5DDne6A+dD0FbDkt2Fblw==:17 a=sZ8rJzgPlrQA:10 a=IkcTkHD0fZMA:10 a=G3gG6ho9WtcA:10 a=a0omUykxWwn-6-OalIsA:9 a=9mBoaLTcrqDoY9yB:21 a=uO3gbKrK6P0fmo2w:21 a=QEXdDO2ut3YA:10 X-Virus-Scanned: clamav-milter 0.99.2 at MailSecurity X-Virus-Status: Clean X-MailSecurity-Status: 0 X-Scanned-By: WeCloud MailSecurity X-MailSecurity-Score: 0 Archived-At: Subject: Re: [Ace] Review on draft-ietf-ace-dtls-authorize-00 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2017 06:37:26 -0000 Hello, I'm back from my holidays, sorry for the delay in commenting. Please find additional comments inline (and thanks to Jim for reviewing!) /Ludwig On 2017-07-03 22:21, Olaf Bergmann wrote: >> Section 2.2. - I have no idea how to use this nonce value so that it >> ends up >> in the access token. > > I do believe that the Client-to-AS request needs a mechanism to convey > this nonce. > You can just add a new parameter to the Client-to-AS request, but currently no such parameter is defined. You can also add a new claim in the token that contains this nonce. Do you feel this would be necessary base functionality in draft-ietf-ace-oauth-authz? Otherwise a short draft adding these parameters/claims and explaining their use would seem best. >> Section 4.1 - the psk_identity field in TLS is a binary field - why do the >> base64 encoding - need to justify this. > > The problem is the psk_identity must be valid UTF-8 which we cannot > guarantee when sending raw CBOR data. > >> Also the current text means >> that I >> suddenly have three different things that can be in this field. This >> is not >> the type of thing hat would make me happy. Where you want me to do >> this is >> not the easiest place to suddenly do the processing needed to validate >> a new >> access token. > > I understand your concern. Need to think more about this. We can have the following 3 things in psk-identity: 1. A psk-identity 2. A BASE64 encoded kid 3. A BASE64 encoded access token So my code currently checks the following: 1. Do we have a key with an identifier matching the raw content of psk-identity? 1.1. Does psk-idenitity decode to a CBOR map? If no return error 2. Does the map contain a kid if yes do we have a key for that if no return error if yes use that key 3. Does the map contain an access token? if yes process ... I think we might be able to cut out item 2. > >> Section 4.1 - I don't understand what the text around COSE_Encrypt is >> supposed to be doing. It makes little sense to me but I have not tried to >> think about it deeply. > > The idea was to have a mechanism for RS to derive a session key from the > access token and a shared key between AS and RS. I personally think this > is the most secure mechanism to transfer the session key. > >> Section 4.2 - I don't know that a reference to 5746 is going to be any >> good >> long term. > > Can you elaborate why this might not be good? AFAIK the TLS WG is not considering to implement this extension for TLS 1.3 > >> Section 5.1 - I am not sure what this means. I assume that this text >> should >> say that a client should only deal with an AS for which it has a security >> relationship. > > Interesting. This would be an important design decision. I assume it would be hard for a client to get an access token from an AS with which it does not have a security relationship. Why would an AS give out an access token to a client it doesn't know? My take on the AS info is that it just helps the client to pick the right AS from a list of previously known AS's. /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE SICS Phone +46(0)70-349 92 51 From nobody Mon Jul 24 04:23:43 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25971131BF8 for ; Mon, 24 Jul 2017 04:23:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.401 X-Spam-Level: X-Spam-Status: No, score=-5.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wEzEsNLA1qeJ for ; Mon, 24 Jul 2017 04:23:40 -0700 (PDT) Received: from se-out2.mx-wecloud.net (se-out2.mx-wecloud.net [89.221.255.177]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2E0C120721 for ; Mon, 24 Jul 2017 04:23:39 -0700 (PDT) Received: from sp-mail-2.sp.se (unknown [194.218.146.197]) by se-out2.mx-wecloud.net (Postfix) with ESMTPS id 8054F2233B7 for ; Mon, 24 Jul 2017 11:23:35 +0000 (UTC) Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.32; Mon, 24 Jul 2017 13:23:36 +0200 To: References: <027601d2ec7c$f74cefc0$e5e6cf40$@augustcellars.com> From: Ludwig Seitz Message-ID: Date: Mon, 24 Jul 2017 13:23:36 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <027601d2ec7c$f74cefc0$e5e6cf40$@augustcellars.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.116.0.226] X-ClientProxiedBy: sp-mail-1.sp.se (10.100.0.161) To sp-mail-2.sp.se (10.100.0.162) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=Nc2W7yL4 c=1 sm=1 tr=0 a=L5DDne6A+dD0FbDkt2Fblw==:117 a=L5DDne6A+dD0FbDkt2Fblw==:17 a=sZ8rJzgPlrQA:10 a=IkcTkHD0fZMA:10 a=G3gG6ho9WtcA:10 a=WbTZWMEfRBRGjTVfaOMA:9 a=QEXdDO2ut3YA:10 X-Virus-Scanned: clamav-milter 0.99.2 at MailSecurity X-Virus-Status: Clean X-MailSecurity-Status: 0 X-Scanned-By: WeCloud MailSecurity X-MailSecurity-Score: 0 Archived-At: Subject: Re: [Ace] Comments on draft-ietf-ace-oauth-authz X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2017 11:23:42 -0000 On 2017-06-24 02:00, Jim Schaad wrote: > * Figure 7 makes no sense. This appears to be mapping a string to a keyed > object. I think however, that the error here is used as a value not a key. Indeed that figure needs clarification. The errors are values not keys. > > * Is there a recommendation for behavior if a new item is posted to the > authz-info endpoint which has the same key id as a previous one? I can > think of three answers, none of which I link > --- Just accept it - this leans to a problem because for DTLS the key ids > are single shot tries, that is one cannot try the first key and then the > second key. > --- Replace it - this means that the client associated with the current key > will suddenly be unable to access resources but knows only that the key no > longer works > --- Reject it - this may be the best option as it leaks only that the key id > is already in use, but if the key id is assigned by an AS then it may be > hard to get a different one assigned by the AS. > Currently there is no recommendation, I have implemented the 3rd variant (reject). > * We communicate the profile to be used to the client, however it is not > currently being communicated to the server. If the server wants to keep the > OSCOAP and DTLS keys separate, this needs to be done. Does it makes sense > to put this in the 'cnf' field? > My perhaps naive assumption was that the profile should be obvious to the server, since the client will initiate the communication accordingly e.g. send an OSCOAP message if the OSCOAP profile is to be used, or start a DTLS handshake if the DTLS profile is to be used. If we where to tackle this, how would we signal the profile to the server? Securely sending messages to the server already implies the use of a specific profile, so it seems like a hen-and-egg problem to me. > * the dtls draft has the concept of a nonce in the AS information payload. > How is this propagated through the request (to the AS) and token back to the > RS? > I wonder if this functionality should be in the framework, or if it would rather fit into another draft extending the framework. Is there a compelling reason to have it as a base functionality? > * Per comments from other drafts. How many of these points are supposed to > be under the .well-known arch? > Good point, we should investigate this. > * In section 5.7.1 - why is there a requirement that a created rather than a > changed response be returned. I was not intending to create a new resource > in response to this POST operation. I would argue that you are creating a new resource, namely the access token, thus "create" is the right response. > If the 2.01 (created) response is > required. Should the token be accessible using the location path in the > response? --- Same questions apply to the Client--AS interaction. Indeed, that would mean that a client could access it's token with GET and delete it with DELETE. I haven't thought through the implications, I'll create an issue for this. /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE SICS Phone +46(0)70-349 92 51 From nobody Mon Jul 24 04:36:41 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C49A131CA2 for ; Mon, 24 Jul 2017 04:36:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T58_hRYZGQIX for ; Mon, 24 Jul 2017 04:36:39 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CC7F131CA5 for ; Mon, 24 Jul 2017 04:36:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v6OBaZEX008125; Mon, 24 Jul 2017 13:36:35 +0200 (CEST) Received: from aung.tzi.org (unknown [134.102.169.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3xGK8M2hR2z3b7s; Mon, 24 Jul 2017 13:36:35 +0200 (CEST) From: Olaf Bergmann To: Ludwig Seitz Cc: References: <027601d2ec7c$f74cefc0$e5e6cf40$@augustcellars.com> Date: Mon, 24 Jul 2017 13:36:34 +0200 In-Reply-To: (Ludwig Seitz's message of "Mon, 24 Jul 2017 13:23:36 +0200") Message-ID: <87bmoadq2l.fsf@aung.informatik.uni-bremen.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ace] Comments on draft-ietf-ace-oauth-authz X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2017 11:36:41 -0000 Hi Ludwig, Ludwig Seitz writes: > On 2017-06-24 02:00, Jim Schaad wrote: >> * We communicate the profile to be used to the client, however it is not >> currently being communicated to the server. If the server wants to keep= the >> OSCOAP and DTLS keys separate, this needs to be done. Does it makes sen= se >> to put this in the 'cnf' field? >> > > My perhaps naive assumption was that the profile should be obvious to > the server, since the client will initiate the communication > accordingly e.g. send an OSCOAP message if the OSCOAP profile is to be > used, or start a DTLS handshake if the DTLS profile is to be used. > > If we where to tackle this, how would we signal the profile to the > server? Securely sending messages to the server already implies the > use of a specific profile, so it seems like a hen-and-egg problem to > me. Related to another issue, we had briefly discussed the possibility that the entity that contacts the AS is not the client that seeks to contact the RS. Where this is the case, there is no reason to assume that the security protocol used to retrieve the access token from the AS is the same that is used for the communication between C and RS. A profile might want to explicitly forbid this practice, though. Gr=C3=BC=C3=9Fe Olaf From nobody Mon Jul 24 04:47:43 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 664E1131CAA for ; Mon, 24 Jul 2017 04:47:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.401 X-Spam-Level: X-Spam-Status: No, score=-5.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qM_Cc0tW5TVr for ; Mon, 24 Jul 2017 04:47:39 -0700 (PDT) Received: from se-out2.mx-wecloud.net (se-out2.mx-wecloud.net [89.221.255.177]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C413F131C76 for ; Mon, 24 Jul 2017 04:47:39 -0700 (PDT) Received: from sp-mail-2.sp.se (unknown [194.218.146.197]) by se-out2.mx-wecloud.net (Postfix) with ESMTPS id 9350B221EF0 for ; Mon, 24 Jul 2017 11:47:35 +0000 (UTC) Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.32; Mon, 24 Jul 2017 13:47:37 +0200 To: References: <027601d2ec7c$f74cefc0$e5e6cf40$@augustcellars.com> <87bmoadq2l.fsf@aung.informatik.uni-bremen.de> From: Ludwig Seitz Message-ID: <581f16c4-2b4f-a837-1ac7-1547ca415d8b@ri.se> Date: Mon, 24 Jul 2017 13:47:36 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <87bmoadq2l.fsf@aung.informatik.uni-bremen.de> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.116.0.226] X-ClientProxiedBy: sp-mail-1.sp.se (10.100.0.161) To sp-mail-2.sp.se (10.100.0.162) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=Nc2W7yL4 c=1 sm=1 tr=0 a=L5DDne6A+dD0FbDkt2Fblw==:117 a=L5DDne6A+dD0FbDkt2Fblw==:17 a=sZ8rJzgPlrQA:10 a=IkcTkHD0fZMA:10 a=G3gG6ho9WtcA:10 a=o5YWs6YXdiLfbs8m6mEA:9 a=QEXdDO2ut3YA:10 X-Virus-Scanned: clamav-milter 0.99.2 at MailSecurity X-Virus-Status: Clean X-MailSecurity-Status: 0 X-Scanned-By: WeCloud MailSecurity X-MailSecurity-Score: 0 Archived-At: Subject: Re: [Ace] Comments on draft-ietf-ace-oauth-authz X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2017 11:47:41 -0000 On 2017-07-24 13:36, Olaf Bergmann wrote: > Hi Ludwig, > > Ludwig Seitz writes: > >> On 2017-06-24 02:00, Jim Schaad wrote: > >>> * We communicate the profile to be used to the client, however it is not >>> currently being communicated to the server. If the server wants to keep the >>> OSCOAP and DTLS keys separate, this needs to be done. Does it makes sense >>> to put this in the 'cnf' field? >>> >> >> My perhaps naive assumption was that the profile should be obvious to >> the server, since the client will initiate the communication >> accordingly e.g. send an OSCOAP message if the OSCOAP profile is to be >> used, or start a DTLS handshake if the DTLS profile is to be used. >> >> If we where to tackle this, how would we signal the profile to the >> server? Securely sending messages to the server already implies the >> use of a specific profile, so it seems like a hen-and-egg problem to >> me. > > Related to another issue, we had briefly discussed the possibility that > the entity that contacts the AS is not the client that seeks to contact > the RS. Where this is the case, there is no reason to assume that the > security protocol used to retrieve the access token from the AS is the > same that is used for the communication between C and RS. A profile > might want to explicitly forbid this practice, though. > I'm not sure I understand that comment. The communication between C and AS doesn't matter for this issue, neither does the security protocol used between C and AS. Perhaps my wording was unclear? If you replace "server" with "RS" in my previous comment does it make more sense? /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE SICS Phone +46(0)70-349 92 51 From nobody Mon Jul 24 05:15:20 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C33A2131CC2 for ; Mon, 24 Jul 2017 05:15:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W5a5mqgUatZf for ; Mon, 24 Jul 2017 05:15:16 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E089131CB5 for ; Mon, 24 Jul 2017 05:15:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v6OCFDuS009733; Mon, 24 Jul 2017 14:15:13 +0200 (CEST) Received: from aung.tzi.org (unknown [134.102.169.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3xGL0x1CdCz3b8j; Mon, 24 Jul 2017 14:15:13 +0200 (CEST) From: Olaf Bergmann To: Ludwig Seitz Cc: References: <027601d2ec7c$f74cefc0$e5e6cf40$@augustcellars.com> <87bmoadq2l.fsf@aung.informatik.uni-bremen.de> <581f16c4-2b4f-a837-1ac7-1547ca415d8b@ri.se> Date: Mon, 24 Jul 2017 14:15:12 +0200 In-Reply-To: <581f16c4-2b4f-a837-1ac7-1547ca415d8b@ri.se> (Ludwig Seitz's message of "Mon, 24 Jul 2017 13:47:36 +0200") Message-ID: <87zibuc9pr.fsf@aung.informatik.uni-bremen.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ace] Comments on draft-ietf-ace-oauth-authz X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2017 12:15:18 -0000 Ludwig Seitz writes: > If you replace "server" with "RS" in my previous comment does it make > more sense? Sorry, my fault! Forget my comment. Gr=C3=BC=C3=9Fe Olaf From nobody Mon Jul 24 05:37:21 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 623AE131CE8 for ; Mon, 24 Jul 2017 05:37:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3tjtOyD-lepl for ; Mon, 24 Jul 2017 05:37:17 -0700 (PDT) Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DDC5131CE5 for ; Mon, 24 Jul 2017 05:37:16 -0700 (PDT) X-AuditID: c1b4fb30-71bff70000001664-f5-5975e9fbead2 Received: from ESESSHC014.ericsson.se (Unknown_Domain [153.88.183.60]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id FB.42.05732.BF9E5795; Mon, 24 Jul 2017 14:37:15 +0200 (CEST) Received: from EUR03-DB5-obe.outbound.protection.outlook.com (153.88.183.145) by oa.msg.ericsson.com (153.88.183.60) with Microsoft SMTP Server (TLS) id 14.3.352.0; Mon, 24 Jul 2017 14:37:14 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.onmicrosoft.com; s=selector1-ericsson-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=aiocxMLyRUTENr616258t+cP0Wc/fgaL5A8KuMYAmmo=; b=KxflQ84qz/bp8UujN91oAzv5Lj6vbDefqXRbz6TppANiMCKB6HU5Pd+lSDyZ/iZH2J5tboPacaUEL1sWSyOp0pfO3ceBkJ2zgYkzM08SFxQypVLEHquHTIlPE8yhiAJXmA4rbd5sBnleDJhiXVoyFJiC0DJQXqx/+GD/Ub9T5D0= Received: from HE1PR0701MB2539.eurprd07.prod.outlook.com (10.168.129.17) by HE1PR0701MB1977.eurprd07.prod.outlook.com (10.167.189.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1304.10; Mon, 24 Jul 2017 12:37:13 +0000 Received: from HE1PR0701MB2539.eurprd07.prod.outlook.com ([fe80::1474:2dc7:d0ec:7d9a]) by HE1PR0701MB2539.eurprd07.prod.outlook.com ([fe80::1474:2dc7:d0ec:7d9a%17]) with mapi id 15.01.1304.011; Mon, 24 Jul 2017 12:37:13 +0000 From: Francesca Palombini To: "ace@ietf.org" , Ludwig Seitz , "Martin Gunnarsson" Thread-Topic: New Version Notification for draft-seitz-ace-oscoap-profile-04.txt Thread-Index: AQHTBFGTdHFirKqPekqid+VBqINB8aJi6e8g Date: Mon, 24 Jul 2017 12:37:12 +0000 Message-ID: References: <150088262138.31917.3544250527021285636.idtracker@ietfa.amsl.com> In-Reply-To: <150088262138.31917.3544250527021285636.idtracker@ietfa.amsl.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=francesca.palombini@ericsson.com; x-originating-ip: [192.176.1.84] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; HE1PR0701MB1977; 7:NhqAT65QycExvD01MCzgXg3a4VRqYg9QPwNdfRILR40Bj9ODR5cWgo5LP3upps14bh6WGB3Dbsu38TXf+0e1YlUChQvX1nlPyb5XXlv6r/kF/3y9fcCtnd4LMChcBzyqcU11J3Nr2rifvTafWhc9wzejvZLSVL9syoi9iZRY6ynLVMze4QwLgenqsY0bFnpP9FkClXRsj6Wv0pOw5orgPLupk/8hag5PGbXLiBACgLnh/MJP4qxaUmiLRFcgJq+6vxUVCzHXnb4CK5ziNvua3Y9OVCtji2VTntxr5RpfyDI4fkhBx+YRtHR2idYyO1ypNrLaFo+YM3GpS/2phZuYkTudtQRGaRCtwA7nKYIlGM7wc/heQpGCdiPP/sBy2r3uP/WYvd1gCPQNh4uHEA9VKpdCOlitzrIR2OqUq8jBILqrYuMcFU4uy6vgixqmVoYyMfEH5spck3SQtHyo0d1lGSd5nlFLLv7p6kaFmk7WIx9Cqe/cA/iN+XX0s9GMhG+apnqAurIdT0bJybSoJqj7lVfvgitFCv3XnIWQZmpg1ahVJdOXU9X3vt0oPIs6ugSgM2twE+oHjd6LGaBFw9LmZDYqrHjBYuY8rDNcg9KAub/a7ZdAfDclqRyyurZq+0H20qAgaJtZnuwSvGztp6MKx3gzxs03N2vHhChvGrNrt5ApvyOtZrNddFNzI2JGe0gh5BDM9LrZgYJN1PDmoG37kQbWfMo1reWJTixqCrWLteNzs9SX8X/OkVYg/vn8QqHbmeB995g6WeKruJLdEoryFD2/o2p6czBl5W/TMAs5UuM= x-ms-office365-filtering-correlation-id: efe6f7a0-5786-45b5-2628-08d4d290b5c5 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:HE1PR0701MB1977; x-ms-traffictypediagnostic: HE1PR0701MB1977: x-exchange-antispam-report-test: UriScan:(37575265505322)(158342451672863)(120809045254105)(192374486261705); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(100000703101)(100105400095)(3002001)(93006095)(93001095)(6041248)(20161123562025)(20161123555025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:HE1PR0701MB1977; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:HE1PR0701MB1977; x-forefront-prvs: 0378F1E47A x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39850400002)(39400400002)(39450400003)(39410400002)(39860400002)(39840400002)(13464003)(189002)(199003)(377424004)(53754006)(81166006)(68736007)(189998001)(6436002)(38730400002)(6506006)(6116002)(102836003)(3846002)(14454004)(2906002)(2900100001)(5660300001)(7696004)(8936002)(8676002)(81156014)(2501003)(5250100002)(74316002)(53936002)(86362001)(305945005)(966005)(7736002)(25786009)(99286003)(230783001)(54356999)(101416001)(55016002)(3660700001)(3280700002)(478600001)(76176999)(50986999)(229853002)(66066001)(53546010)(2950100002)(33656002)(6246003)(9686003)(97736004)(6306002)(15650500001)(106356001)(105586002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB1977; H:HE1PR0701MB2539.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jul 2017 12:37:13.2177 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB1977 X-OriginatorOrg: ericsson.com X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupgleLIzCtJLcpLzFFi42KZGbHdRvf3y9JIg7P/JCy+f+thtnj1eTqr xfeuw0wOzB5Llvxk8ljatJkpgCmKyyYlNSezLLVI3y6BK+PJrDa2gguiFX1T7rE3MHaIdjFy ckgImEgcuLWCpYuRi0NI4AijxLmnj9ggnBOMEr93b2IGcVgEepklZvzczgiRmccksbxtOZTz nFFi9+eprCDD2ARsJC48fA9miwiUSmy9fpodxBYWCJT4fW4+G0Q8SKL/9XagsRxAtpHEk7dM IGEWAVWJV9dvMYGEeQUSJD5PzQAJCwn4Svy+tw6sk1PAT+LhmQ/MIDajgKzEl8bVYDazgLjE rSfzmSDeEZBYsuc8M4QtKvHy8T9WiPpkiSu3+9gh4goSr7ob2CBsWYlL87vBXpEQeMQmsX7d I0aIhK/Etcs/oRKXmSR+zvwEdrOEgI7E1f9yEDW5Egvb/0HV50vsPD4RasExVonr2xUgbBmJ 3gW7WSHmbGCT+Dl7HgvEZ6kSy9e2Mk5g1J6F5IlZQCuYBTQl1u/ShwgrSkzpfsgOYvMKCEqc nPmEZQEjyypG0eLU4qTcdCMjvdSizOTi4vw8vbzUkk2MwPRxcMtvgx2ML587HmIU4GBU4uG9 +aQ0Uog1say4MvcQowQHs5IIr9R9oBBvSmJlVWpRfnxRaU5q8SFGaQ4WJXFex30XIoQE0hNL UrNTUwtSi2CyTBycUg2MdrYec86tm6i6btX/ey+SWS8em9D+W1Y3xe1ItIKh0Ox6bs1zRnIt vpdMGHf8eRjAv+DSgpIsYwGWrwa73l2abvfxTvkUE12DT2L7E575fD3rd7xpz/5NNk6X01OF +PPPnG42F+F9O/nqA8v8iau3bxEJNJ/D6VaTefVR763Y5z2pjr2Veg8TlFiKMxINtZiLihMB l67ySRsDAAA= Archived-At: Subject: Re: [Ace] New Version Notification for draft-seitz-ace-oscoap-profile-04.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2017 12:37:19 -0000 SGkgYWxsLA0KDQpUaGUgZHJhZnQgZGVzY3JpYmluZyB0aGUgT1NDT0FQIHByb2ZpbGUgaGFzIGJl ZW4gdXBkYXRlZC4NClRoYW5rcyB0byBKaW0gU2NoYWFkIGZvciB0aGUgdGhvcm91Z2ggcmV2aWV3 IHRoYXQgaGFzIGJlZW4gdGhlIGJhc2UgZm9yIHRoaXMgdXBkYXRlLg0KQ29tbWVudHMgYXJlIHdl bGNvbWUuDQoNCkZyYW5jZXNjYQ0KDQo+IC0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQo+IEZy b206IGludGVybmV0LWRyYWZ0c0BpZXRmLm9yZyBbbWFpbHRvOmludGVybmV0LWRyYWZ0c0BpZXRm Lm9yZ10NCj4gU2VudDogZGVuIDI0IGp1bGkgMjAxNyAwOTo1MA0KPiBUbzogTHVkd2lnIFNlaXR6 IDxsdWR3aWcuc2VpdHpAcmkuc2U+OyBNYXJ0aW4gR3VubmFyc3Nvbg0KPiA8bWFydGluLmd1bm5h cnNzb25Acmkuc2U+OyBGcmFuY2VzY2EgUGFsb21iaW5pDQo+IDxmcmFuY2VzY2EucGFsb21iaW5p QGVyaWNzc29uLmNvbT4NCj4gU3ViamVjdDogTmV3IFZlcnNpb24gTm90aWZpY2F0aW9uIGZvciBk cmFmdC1zZWl0ei1hY2Utb3Njb2FwLXByb2ZpbGUtMDQudHh0DQo+IA0KPiANCj4gQSBuZXcgdmVy c2lvbiBvZiBJLUQsIGRyYWZ0LXNlaXR6LWFjZS1vc2NvYXAtcHJvZmlsZS0wNC50eHQNCj4gaGFz IGJlZW4gc3VjY2Vzc2Z1bGx5IHN1Ym1pdHRlZCBieSBGcmFuY2VzY2EgUGFsb21iaW5pIGFuZCBw b3N0ZWQgdG8gdGhlDQo+IElFVEYgcmVwb3NpdG9yeS4NCj4gDQo+IE5hbWU6CQlkcmFmdC1zZWl0 ei1hY2Utb3Njb2FwLXByb2ZpbGUNCj4gUmV2aXNpb246CTA0DQo+IFRpdGxlOgkJT1NDT0FQIHBy b2ZpbGUgb2YgdGhlIEF1dGhlbnRpY2F0aW9uIGFuZCBBdXRob3JpemF0aW9uIGZvcg0KPiBDb25z dHJhaW5lZCBFbnZpcm9ubWVudHMgRnJhbWV3b3JrDQo+IERvY3VtZW50IGRhdGU6CTIwMTctMDct MjMNCj4gR3JvdXA6CQlJbmRpdmlkdWFsIFN1Ym1pc3Npb24NCj4gUGFnZXM6CQkxNw0KPiBVUkw6 ICAgICAgICAgICAgaHR0cHM6Ly93d3cuaWV0Zi5vcmcvaW50ZXJuZXQtZHJhZnRzL2RyYWZ0LXNl aXR6LWFjZS1vc2NvYXAtDQo+IHByb2ZpbGUtMDQudHh0DQo+IFN0YXR1czogICAgICAgICBodHRw czovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1zZWl0ei1hY2Utb3Njb2FwLXByb2Zp bGUvDQo+IEh0bWxpemVkOiAgICAgICBodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQt c2VpdHotYWNlLW9zY29hcC1wcm9maWxlLTA0DQo+IEh0bWxpemVkOiAgICAgICBodHRwczovL2Rh dGF0cmFja2VyLmlldGYub3JnL2RvYy9odG1sL2RyYWZ0LXNlaXR6LWFjZS1vc2NvYXAtDQo+IHBy b2ZpbGUtMDQNCj4gRGlmZjogICAgICAgICAgIGh0dHBzOi8vd3d3LmlldGYub3JnL3JmY2RpZmY/ dXJsMj1kcmFmdC1zZWl0ei1hY2Utb3Njb2FwLXByb2ZpbGUtMDQNCj4gDQo+IEFic3RyYWN0Og0K PiAgICBUaGlzIG1lbW8gc3BlY2lmaWVzIGEgcHJvZmlsZSBmb3IgdGhlIEF1dGhlbnRpY2F0aW9u IGFuZA0KPiAgICBBdXRob3JpemF0aW9uIGZvciBDb25zdHJhaW5lZCBFbnZpcm9ubWVudHMgKEFD RSkgZnJhbWV3b3JrLiAgSXQNCj4gICAgdXRpbGl6ZXMgT2JqZWN0IFNlY3VyaXR5IG9mIENvQVAg KE9TQ09BUCkgYW5kIEVwaGVtZXJhbCBEaWZmaWUtDQo+ICAgIEhlbGxtYW4gb3ZlciBDT1NFIChF REhPQykgdG8gcHJvdmlkZSBjb21tdW5pY2F0aW9uIHNlY3VyaXR5LCBzZXJ2ZXINCj4gICAgYXV0 aGVudGljYXRpb24sIGFuZCBwcm9vZi1vZi1wb3NzZXNzaW9uIGZvciBhIGtleSBvd25lZCBieSB0 aGUgY2xpZW50DQo+ICAgIGFuZCBib3VuZCB0byBhbiBPQXV0aCAyLjAgYWNjZXNzIHRva2VuLg0K PiANCj4gDQo+IA0KPiANCj4gUGxlYXNlIG5vdGUgdGhhdCBpdCBtYXkgdGFrZSBhIGNvdXBsZSBv ZiBtaW51dGVzIGZyb20gdGhlIHRpbWUgb2Ygc3VibWlzc2lvbg0KPiB1bnRpbCB0aGUgaHRtbGl6 ZWQgdmVyc2lvbiBhbmQgZGlmZiBhcmUgYXZhaWxhYmxlIGF0IHRvb2xzLmlldGYub3JnLg0KPiAN Cj4gVGhlIElFVEYgU2VjcmV0YXJpYXQNCg0K From nobody Wed Jul 26 11:38:26 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7817B131E12 for ; Wed, 26 Jul 2017 11:38:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.101 X-Spam-Level: X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18mbA1dUafuj for ; Wed, 26 Jul 2017 11:38:23 -0700 (PDT) Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32036131E17 for ; Wed, 26 Jul 2017 11:38:23 -0700 (PDT) Received: from [192.168.91.201] ([80.92.121.224]) by mail.gmx.com (mrgmx001 [212.227.17.190]) with ESMTPSA (Nemesis) id 0M3RVA-1drpWe3wzg-00r2RY for ; Wed, 26 Jul 2017 20:38:21 +0200 To: "Ace@ietf.org" From: Hannes Tschofenig Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9 Message-ID: <106c560c-235c-2fb4-7f1a-ec7cdaf6de10@gmx.net> Date: Wed, 26 Jul 2017 20:38:20 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:nLqkoOS7Zh+BkfomOXFyP5a9dIuPb9zoqk3TpoZFtZ2Wo3sp6ou Nf4koc08BvySYzZsdWDmPjLfAyzyjMJ9IDA+mf3LWJbtH8N/2G9/RLufyiW8RP/3y3Fna5P 2IOLPtUstZebQJ0GnPJKtdCpsRN5VQyheu3kawNwI/TnR/QfbyqCXdfmXSETXlJW8y/Nl0N 32QSLJgZ0E1VzfggfND5Q== X-UI-Out-Filterresults: notjunk:1;V01:K0:E1jFQehXXDc=:7EZWmdVn+acD4aZk8tSRsZ Kco9V+wVn3s2hckrgw9P3hxejCE65NYB/YYRCkxjoA5oDTbqyNhtn7no/iJWM55Zkz8mitBpG pFQz/xSwNTga2mQauNcP8n+fZMr8+MXo9kGgn6qVisBrsF1uQUnVMzBmm3GLe/3hZP523bKKm v5jqo+SQONLxd68Lx4hBpfo/P/sHY4g20UB/UvicWAZBk7GSiP7G/6gKq5rflFJtDUTEjshzK x/wi8PIxG42A77JmGYeAbgv+Zp00ALi/f1v8lhSIW4Z6SqbIuUjxU1b25LxfAmBDzDE7icEIU CwcGFKuRCfh8KNUBSjFjCRwI8N+BO6pZwU9KIvuNIWPqHDFcGN/RdRpyBjtHMDS9h7Uu+SeZh /tCMVOhjYfCWjtJPjBbCXvtP78b/Xh96F0SAT65anUx78q/7p3INkqtp1RBXZkj79FtBsXXj9 1QRI+yADsiROIbyFh0VtdbqefQqkHCWfi1GliKmFOO3MwEgxU4VCvbrkbkMyPzNL641ba41sj uov9vzcwrBBq0oXxQAb7nWAMMZIrxD6eCw8/33Ha73KsxGvSfXN0LoZFJvtWm/FDR5p/SScmp 5uvnl2cbQLveOynbIhNDN0hnbvNHQDX2+dyvY59fhVm7O6gMhULx9N7TaKtmt2rt9BbP2c6r+ XOhifS+W5TcsyfaH5bEaseIDgGIPTUzqb49sUF7xvEkLSpZfUxKolS9p6l5mCNki8w1rZbgOB AWaz4RO3JSZmehi2v0zra8B/GsjO3H0BI0bhtiz4JG5U4beGFHYdKwfBDoU3Xdi4VU6iUyBtQ tvGyrmkt6hYZ0BVlzGCiq01K1Ap1b8m1xQNSKNB5a3cpyk+5TE= Archived-At: Subject: [Ace] Meeting Minutes X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jul 2017 18:38:25 -0000 Hi all, here are the meeting minutes: https://datatracker.ietf.org/doc/minutes-99-ace/ Thanks to John Mattsson for taking notes. Feedback is appreciated! Ciao Hannes From nobody Wed Jul 26 12:30:45 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C057131CF3 for ; Wed, 26 Jul 2017 12:30:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DxU5Or4zBuCX for ; Wed, 26 Jul 2017 12:30:42 -0700 (PDT) Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B92B7131463 for ; Wed, 26 Jul 2017 12:30:41 -0700 (PDT) X-AuditID: c1b4fb25-5efff70000001eeb-50-5978eddf49fe Received: from ESESSHC007.ericsson.se (Unknown_Domain [153.88.183.39]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 37.43.07915.FDDE8795; Wed, 26 Jul 2017 21:30:39 +0200 (CEST) Received: from ESESSMB107.ericsson.se ([169.254.7.80]) by ESESSHC007.ericsson.se ([153.88.183.39]) with mapi id 14.03.0352.000; Wed, 26 Jul 2017 21:30:39 +0200 From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= To: Hannes Tschofenig , "Ace@ietf.org" , Kepeng Li Thread-Topic: [Ace] Meeting Minutes Thread-Index: AQHTBj5gbaRKyuYMWESXutEPODlECqJmftUA Date: Wed, 26 Jul 2017 19:30:39 +0000 Message-ID: References: <106c560c-235c-2fb4-7f1a-ec7cdaf6de10@gmx.net> In-Reply-To: <106c560c-235c-2fb4-7f1a-ec7cdaf6de10@gmx.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.7.3.170325 x-originating-ip: [153.88.183.148] Content-Type: text/plain; charset="utf-8" Content-ID: Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprDIsWRmVeSWpSXmKPExsUyM2K7uu79txWRBi/OGFh8/9bDbLF05z1W i8vzixyYPSa+/cjisXjTfjaPJUt+MgUwR3HZpKTmZJalFunbJXBlXLu2iK1gEVdFT/8cpgbG Bq4uRk4OCQETiUeXL7N0MXJxCAkcYZRou7GUFcJZzCjxbMkrFpAqNgEXiQcNj5hAbBGBKom1 jy6zgdjCAkoSb7qnsULElSWal65lhLCNJPrvnQSrZxFQlfi45zGYzStgIfH89Hd2EFtIwEpi zuRWsDingLXE04d9YDMZBcQkvp9aAxZnFhCXuPVkPhPEpQISS/acZ4awRSVePv4HtldUQE9i b087G0RcSaJxyROgOAdQr6bE+l36EGOsJb70/WOBsBUlpnQ/ZIc4R1Di5MwnLBMYxWYh2TYL oXsWku5ZSLpnIelewMi6ilG0OLU4KTfdyFgvtSgzubg4P08vL7VkEyMwzg5u+a26g/HyG8dD jAIcjEo8vAZ3KiKFWBPLiitzDzFKcDArifBmvgEK8aYkVlalFuXHF5XmpBYfYpTmYFES53Xc dyFCSCA9sSQ1OzW1ILUIJsvEwSnVwJix1Kb2cKuW7ltnq7/VPKsz1rPb3bpmLddZrRCwW+fM xQe32h8oPAk6bbH75cprPd8irO5d+1+ib/Sowf2+YevpicnpEVdld1/ljohkFFr70X3dV6Yj AoWWt2x09GNet0+eFH/FmKVex3XN/GkJmydxvjzyUD190uba/ReP3bSdXuvzpOFC5CYlluKM REMt5qLiRADRCcbarwIAAA== Archived-At: Subject: Re: [Ace] Meeting Minutes X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jul 2017 19:30:43 -0000 RGVhciBjaGFpcnMsDQoNClRoZXJlIGhhcyBiZWVuIG5vIHByb2dyZXNzIHNpbmNlIHRoZSBDaGlj YWdvIG1lZXRpbmcgb24gd2hpY2ggcHJvZmlsZXMgdG8NCnN0YW5kYXJkaXNlIChleGNlcHQgZm9y IG1ldGEtcHJvZ3Jlc3MgZHVyaW5nIHRoZSByZWNlbnQgbWVldGluZyBpbiB0aGUNCmRlY2lzaW9u IHRvIHNldCB1cCBhIFdpa2kpLiBUaGVyZWZvcmUgSSBwcm9wb3NlIHdlIHNjaGVkdWxlIGFuIGlu dGVyaW0gdG8NCm1ha2Ugc29tZSByZWFsIHByb2dyZXNzLiBDb25zaWRlcmluZyB0aGF0IHRoaXMg aXMgYSBjaGFydGVyIGl0ZW0gSSB0aGluaw0Kc3VjaCBhbiBpbnRlcmltIHNob3VsZCBoYXZlIGhp Z2hlciBwcmlvcml0eSAtIGkuZS4gaGFwcGVuIGJlZm9yZSAtIGFueQ0Kb3RoZXIgaW50ZXJpbSBt ZWV0aW5nIG9mIHRoaXMgd29ya2luZyBncm91cC4gVGhlIGZpbGxlZCBpbiBXaWtpIGNhbiBiZQ0K Z29vZCBpbnB1dCB0byBzdWNoIGEgbWVldGluZy4NCg0KR8O2cmFuDQoNCg0KDQpPbiAyMDE3LTA3 LTI2IDIwOjM4LCAiQWNlIG9uIGJlaGFsZiBvZiBIYW5uZXMgVHNjaG9mZW5pZyINCjxhY2UtYm91 bmNlc0BpZXRmLm9yZyBvbiBiZWhhbGYgb2YgaGFubmVzLnRzY2hvZmVuaWdAZ214Lm5ldD4gd3Jv dGU6DQoNCj5IaSBhbGwsDQo+DQo+aGVyZSBhcmUgdGhlIG1lZXRpbmcgbWludXRlczoNCj5odHRw czovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9taW51dGVzLTk5LWFjZS8NCj4NCj5UaGFua3Mg dG8gSm9obiBNYXR0c3NvbiBmb3IgdGFraW5nIG5vdGVzLg0KPg0KPkZlZWRiYWNrIGlzIGFwcHJl Y2lhdGVkIQ0KPg0KPkNpYW8NCj5IYW5uZXMNCj4NCj5fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fXw0KPkFjZSBtYWlsaW5nIGxpc3QNCj5BY2VAaWV0Zi5vcmcN Cj5odHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FjZQ0KDQo=