From owner-namedroppers@ops.ietf.org Sun Oct 01 02:41:30 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GTv10-0002hQ-FM; Sun, 01 Oct 2006 02:41:30 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GTv0v-00087h-4U; Sun, 01 Oct 2006 02:41:30 -0400 Received: from majordom by psg.com with local (Exim 4.60 (FreeBSD)) (envelope-from ) id 1GTuur-0003WN-61 for namedroppers-data@psg.com; Sun, 01 Oct 2006 06:35:09 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.1 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.60 (FreeBSD)) (envelope-from ) id 1GTuup-0003W5-V6 for namedroppers@ops.ietf.org; Sun, 01 Oct 2006 06:35:08 +0000 Received: from open.nlnetlabs.nl (localhost [127.0.0.1]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k916Z1QY033855 for ; Sun, 1 Oct 2006 08:35:01 +0200 (CEST) (envelope-from olaf@open.nlnetlabs.nl) Received: (from olaf@localhost) by open.nlnetlabs.nl (8.13.8/8.13.8/Submit) id k916Z0xx033854 for namedroppers@ops.ietf.org; Sun, 1 Oct 2006 08:35:00 +0200 (CEST) (envelope-from olaf) Date: Sun, 1 Oct 2006 08:35:00 +0200 (CEST) From: Olaf Kolkman Message-Id: <200610010635.k916Z0xx033854@open.nlnetlabs.nl> To: namedroppers@ops.ietf.org Subject: DNSEXT list policy Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: b280b4db656c3ca28dd62e5e0b03daa8 - List Purpose namedroppers@ops.ietf.org is the mailing list for the IETF DNSEXT working group. See for the wg charter. Messages should be on topics appropriate to the dnsext wg, which are various discussion of the DNS protocols or administrivia of the WG itself. - Specific items that are not not appropriate for posting Calls for papers, announcements of events not directly relevant to the DNS protocols, etc. are not appropriate. Discussion of problems with particular implementations, announcements of releases, sites' misconfigurations, pleas for help with specific implementations, etc. should be done on mailing lists for the particular implementations. There is a working group for dns operational practice, DNSOP, whose charter can be found at . Items relevant to the DNSOP charter are to be discussed on the DNSOP mailinglist. Discussion about the quality of implementations is outside the scope of this list. - Moderation Moderation is based on "subscriber-only with spam filter". To counter a certain class of spam mails messages over 20000 characters, originating from list subscribers, will be held for moderations. Questions or concerns related to the acceptance or rejection of specific messages to the namedroppers mailing list should first be discussed with the wg chairs, with followup appeals using the normal appeals process of rfc 2026 (i.e. follup with area directors, then iesg, etc.). There is a mailing list for the discussion of ietf processes, which includes any general discussion of the moderation of ietf mailing lists. it is poised@lists.tislabs.com --- NOTE WELL: All statements related to the activities of the IETF and addressed to the IETF are subject to all provisions of Section 10 of RFC 2026, which grants to the IETF and its participants certain licenses and rights in such statements. Such statements include verbal statements in IETF meetings, as well as written and electronic communications made at any time or place, which are addressed to - the IETF plenary session, - any IETF working group or portion thereof, - the IESG, or any member thereof on behalf of the IESG, - the IAB or any member thereof on behalf of the IAB, - any IETF mailing list, including the IETF list itself, any working group or design team list, or any other list functioning under IETF auspices, - the RFC Editor or the Internet-Drafts function Statements made outside of an IETF meeting, mailing list or other function, that are clearly not intended to be input to an IETF activity, group or function, are not subject to these provisions. ---------------------------------------------------------------------- $Id: dnsext-list-policy.txt,v 1.8 2005/01/12 15:54:51 olaf Exp $ -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 02 10:39:39 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GUOxH-00006v-2O; Mon, 02 Oct 2006 10:39:39 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GUOxA-0001zW-L0; Mon, 02 Oct 2006 10:39:39 -0400 Received: from majordom by psg.com with local (Exim 4.60 (FreeBSD)) (envelope-from ) id 1GUOnz-000FPO-Mx for namedroppers-data@psg.com; Mon, 02 Oct 2006 14:30:03 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,UNPARSEABLE_RELAY autolearn=ham version=3.1.1 Received: from [66.163.8.251] (helo=SMTP.Lamicro.com) by psg.com with esmtp (Exim 4.60 (FreeBSD)) (envelope-from ) id 1GUOnw-000FMT-ID for namedroppers@ops.ietf.org; Mon, 02 Oct 2006 14:30:00 +0000 Received: from Spooler by SMTP.Lamicro.com (Mercury/32 v4.01b) ID MO00002C; 2 Oct 2006 10:34:51 -0400 Received: from spooler by Lamicro.com (Mercury/32 v4.01b); 2 Oct 2006 10:34:27 -0400 Received: from connotech.com (165.154.49.209) by SMTP.Lamicro.com (Mercury/32 v4.01b) with ESMTP ID MG00002B; 2 Oct 2006 10:34:22 -0400 Message-ID: <4521226D.4070700@connotech.com> Date: Mon, 02 Oct 2006 10:30:05 -0400 From: Thierry Moreau User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: IETF DNSEXT WG Subject: Re: WGLC on rollover-requirements and trustudpate-timers References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> <451D32E3.5020600@verisignlabs.com> In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.1 (/) X-Scan-Signature: 82c9bddb247d9ba4471160a9a865a5f3 Dear wg participants: Since DNSEXT participants are invited by Olaf to discuss the TAK rollover requirements/protocol documents, and since Scott Rose message casts a doubt on intellectual property encumbrance of draft-ietf-dnsext-trustupdate-timers-04, I provide the following information to the namedroppers mailing list. (A) There may be a connection between the fairly generic claim 20 in US patent 5,761,306 ("Key replacement in a public key cryptosystem", assigned to Visa International) and the DNS zone administration procedures suggested in section 5 in draft-ietf-dnsext-trustupdate-timers, in which a distinction is made between an "active" and a "standby" DNSKEY RR, and only the "active" one is used to sign the DNSKEY RRset at the zone apex. (B) The above US patent is expired due to failure of maintenance payment to the USPTO. The reference is http://www.uspto.gov/web/offices/com/sol/og/2002/week31/patexpi.htm. (C) The above US patent application seems to have led to the international PCT application PCT/US1997/002984. (D) I am not aware of national phase entries in the above international PCT application (a search in the Canadian Intellectual Property Office on-line database gave an empty result). Given the obvious IETF inefficiencies in handling IPR issues, compounded by the wording of IPR un-encumbrance requirement in the TAK requirement document, I abstain from further comments on this issue. Regards, -- - Thierry Moreau CONNOTECH Experts-conseils inc. 9130 Place de Montgolfier Montreal, Qc Canada H2M 2A1 Tel.: (514)385-5691 Fax: (514)385-5900 web site: http://www.connotech.com e-mail: thierry.moreau@connotech.com -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 05 01:28:19 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVLmM-00015Q-V7; Thu, 05 Oct 2006 01:28:18 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVLiE-0002yf-8m; Thu, 05 Oct 2006 01:24:07 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVLbv-00025Y-BN for namedroppers-data@psg.com; Thu, 05 Oct 2006 05:17:31 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVLbu-00025B-Mk for namedroppers@ops.ietf.org; Thu, 05 Oct 2006 05:17:30 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 4595811401F for ; Thu, 5 Oct 2006 05:17:30 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id B627CE6066 for ; Thu, 5 Oct 2006 05:17:29 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k955HPdw045901 for ; Thu, 5 Oct 2006 15:17:27 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610050517.k955HPdw045901@drugs.dv.isc.org> To: namedroppers@ops.ietf.org From: Mark Andrews Subject: Re: LOC Date: Thu, 05 Oct 2006 15:17:25 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228 SIZE The diameter of a sphere enclosing the described entity, in centimeters, expressed as a pair of four-bit unsigned integers, each ranging from zero to nine, with the most significant four bits representing the base and the second number representing the power of ten by which to multiply the base. This allows sizes from 0e0 (<1cm) to 9e9 (90,000km) to be expressed. This representation was chosen such that the hexadecimal representation can be read by eye; 0x15 = 1e5. Four-bit values greater than 9 are undefined, as are values with a base of zero and a non-zero exponent. Since 20000000m (represented by the value 0x29) is greater than the equatorial diameter of the WGS 84 ellipsoid (12756274m), it is therefore suitable for use as a "worldwide" size. Do values 0 to a base other than 0 make any sense? -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From dgehdgyi@yahoo.co.jp Thu Oct 05 06:29:40 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVQU0-0006Dn-2E for dnsext-archive@lists.ietf.org; Thu, 05 Oct 2006 06:29:40 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVQU0-0002Db-0t for dnsext-archive@lists.ietf.org; Thu, 05 Oct 2006 06:29:40 -0400 Received: from [221.200.233.212] (helo=lists.ietf.org) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1GVQTy-0005jn-3k for dnsext-archive@lists.ietf.org; Thu, 05 Oct 2006 06:29:39 -0400 To: From: =?iso-2022-jp?B?ZGZkZmU=?= Subject: =?iso-2022-jp?B?QUQ6GyRCPSkkTjJxJCgkayF5JDgkYyRzGyhC?= MIME-Version: 1.0 Reply-To: Content-Type:text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit X-Spam-Score: 1.7 (+) X-Scan-Signature: 01485d64dfa90b45a74269b3ca9d5574 http://oxoxoxox.net/aki/ From owner-namedroppers@ops.ietf.org Thu Oct 05 13:11:34 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVWkw-0000c2-TL; Thu, 05 Oct 2006 13:11:34 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVWkv-0003tB-Kc; Thu, 05 Oct 2006 13:11:34 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVWhl-0009s1-EZ for namedroppers-data@psg.com; Thu, 05 Oct 2006 17:08:17 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.5 Received: from [199.212.90.4] (helo=monster.hopcount.ca) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVWhk-0009ra-OX for namedroppers@ops.ietf.org; Thu, 05 Oct 2006 17:08:17 +0000 Received: from yxu1a19.hopcount.ca ([199.212.90.19]) by monster.hopcount.ca with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVWhb-000Mjy-Eo; Thu, 05 Oct 2006 17:08:09 +0000 In-Reply-To: <200610050517.k955HPdw045901@drugs.dv.isc.org> References: <200610050517.k955HPdw045901@drugs.dv.isc.org> Mime-Version: 1.0 (Apple Message framework v752.3) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <092D2EDB-D1FA-49A9-8765-CC388B44F3F8@ca.afilias.info> Cc: namedroppers@ops.ietf.org Content-Transfer-Encoding: 7bit From: Joe Abley Subject: Re: LOC Date: Thu, 5 Oct 2006 13:07:55 -0400 To: Mark Andrews X-Mailer: Apple Mail (2.752.3) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c On 5-Oct-2006, at 01:17, Mark Andrews wrote: > Do values 0 to a base other than 0 make any sense? Surely they make as much sense as 0^0 :-) Joe -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 05 13:25:50 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVWyk-0000mM-Mm; Thu, 05 Oct 2006 13:25:50 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVWyd-0007NC-CV; Thu, 05 Oct 2006 13:25:50 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVWPP-0003g4-6t for namedroppers-data@psg.com; Thu, 05 Oct 2006 16:49:19 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [130.105.36.66] (helo=cirrus.av8.net) by psg.com with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVWPN-0003et-LC for namedroppers@ops.ietf.org; Thu, 05 Oct 2006 16:49:18 +0000 Received: from piper.av8.net (piper.av8.net [130.105.11.2]) (authenticated bits=0) by cirrus.av8.net (8.12.11/8.12.11) with ESMTP id k95Gmv77000931 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 5 Oct 2006 12:48:58 -0400 Date: Thu, 5 Oct 2006 12:48:57 -0400 (EDT) From: Dean Anderson X-X-Sender: dean@piper.av8.net To: Mark Andrews cc: namedroppers@ops.ietf.org Subject: Re: LOC In-Reply-To: <200610050517.k955HPdw045901@drugs.dv.isc.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.8 (/) X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9 What about earth orbit? Doesn't the ISS have internet? What about Mars rovers? Other future spacecraft? What's the point of saving a few bits, or making undecoded hex readable to the eye? --Dean On Thu, 5 Oct 2006, Mark Andrews wrote: > SIZE The diameter of a sphere enclosing the described entity, in > centimeters, expressed as a pair of four-bit unsigned > integers, each ranging from zero to nine, with the most > significant four bits representing the base and the second > number representing the power of ten by which to multiply > the base. This allows sizes from 0e0 (<1cm) to 9e9 > (90,000km) to be expressed. This representation was chosen > such that the hexadecimal representation can be read by > eye; 0x15 = 1e5. Four-bit values greater than 9 are > undefined, as are values with a base of zero and a non-zero > exponent. > > Since 20000000m (represented by the value 0x29) is greater > than the equatorial diameter of the WGS 84 ellipsoid > (12756274m), it is therefore suitable for use as a > "worldwide" size. > > Do values 0 to a base other than 0 make any sense? > > -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 05 13:45:24 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVXHg-0002yv-J4; Thu, 05 Oct 2006 13:45:24 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVXDe-0002VE-Db; Thu, 05 Oct 2006 13:41:15 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVX6d-000IQs-Sw for namedroppers-data@psg.com; Thu, 05 Oct 2006 17:33:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,INFO_TLD autolearn=no version=3.1.5 Received: from [131.111.8.133] (helo=ppsw-3.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVX6c-000IQN-DK for namedroppers@ops.ietf.org; Thu, 05 Oct 2006 17:33:59 +0000 X-Cam-SpamDetails: Not scanned X-Cam-AntiVirus: No virus found X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from virgo.cus.cam.ac.uk ([131.111.8.20]:55120) by ppsw-3.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.133]:25) with esmtp id 1GVX6W-00089Q-Aq (Exim 4.63) for namedroppers@ops.ietf.org (return-path ); Thu, 05 Oct 2006 18:33:52 +0100 Received: from cet1 by virgo.cus.cam.ac.uk with local (Exim 4.61) (envelope-from ) id 1GVX6W-0003Oz-6B for namedroppers@ops.ietf.org; Thu, 05 Oct 2006 18:33:52 +0100 Subject: Re: LOC To: namedroppers@ops.ietf.org Date: Thu, 5 Oct 2006 18:33:52 +0100 (BST) In-Reply-To: from "Dean Anderson" at Oct 5, 6 12:48:57 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1369 Message-Id: From: Chris Thompson Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.5 (/) X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b Dean Anderson writes > What about earth orbit? Doesn't the ISS have internet? > > What about Mars rovers? Other future spacecraft? RFC 1876 defines locations relative to the GPS reference spheroid. Nothing off the Earth, whether spacecraft or planet [or Pluto] is likely to be even approximately stationary in this frame of reference! Well, maybe one could use dynamic DNS update to track the varying Earth-Mars vector in real time... > What's the point of saving a few bits, or making undecoded hex readable > to the eye? It's the ugliest part of a specifcation not noted for its aesthetic charm. Joe Abley writes: > On 5-Oct-2006, at 01:17, Mark Andrews wrote: > > Do values 0 to a base other than 0 make any sense? > > Surely they make as much sense as 0^0 :-) The choice of the word "base" in RFC 1876 is rather unfortunate, I think. What it's saying is "[very small sphere radius] should be represented as 0e0, not as 0e1, 0e2, ... or 0e9". But this is all light relief, isn't it? Does anyone really use LOC records? (I know, off-topic, that's a question for DNSOPS...) -- Chris Thompson Email: cet1 [at] cam.ac.uk -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 05 17:01:27 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVaLP-0001GB-NQ; Thu, 05 Oct 2006 17:01:27 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVaLK-0004pK-AV; Thu, 05 Oct 2006 17:01:27 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVaF3-000NOE-14 for namedroppers-data@psg.com; Thu, 05 Oct 2006 20:54:53 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVaF0-000NNf-Qi for namedroppers@ops.ietf.org; Thu, 05 Oct 2006 20:54:52 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 5C8EA114041 for ; Thu, 5 Oct 2006 20:54:48 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id 70E77E6076 for ; Thu, 5 Oct 2006 20:54:47 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k95KsYhu020595; Fri, 6 Oct 2006 06:54:36 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610052054.k95KsYhu020595@drugs.dv.isc.org> To: Dean Anderson Cc: namedroppers@ops.ietf.org From: Mark Andrews Subject: Re: LOC In-reply-to: Your message of "Thu, 05 Oct 2006 12:48:57 -0400." Date: Fri, 06 Oct 2006 06:54:34 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: f60d0f7806b0c40781eee6b9cd0b2135 > What about earth orbit? Doesn't the ISS have internet? > > What about Mars rovers? Other future spacecraft? > > What's the point of saving a few bits, or making undecoded hex readable > to the eye? > > --Dean What's the point about arguing about the range and wire format years after it has been defined? Rehashing old arguements is not productive. All I'm after is clarification of what should be legally/sensibly there using that format. People are starting to write DNS comformance test suites and they are asking vendors (not just ISC has been asked about LOC) about the corner cases some of which there are no clear answers for. > On Thu, 5 Oct 2006, Mark Andrews wrote: > > > SIZE The diameter of a sphere enclosing the described entity, in > > centimeters, expressed as a pair of four-bit unsigned > > integers, each ranging from zero to nine, with the most > > significant four bits representing the base and the second > > number representing the power of ten by which to multiply > > the base. This allows sizes from 0e0 (<1cm) to 9e9 > > (90,000km) to be expressed. This representation was chosen > > such that the hexadecimal representation can be read by > > eye; 0x15 = 1e5. Four-bit values greater than 9 are > > undefined, as are values with a base of zero and a non-zero > > exponent. > > > > Since 20000000m (represented by the value 0x29) is greater > > than the equatorial diameter of the WGS 84 ellipsoid > > (12756274m), it is therefore suitable for use as a > > "worldwide" size. > > > > Do values 0 to a base other than 0 make any sense? > > > > > > -- > Av8 Internet Prepared to pay a premium for better service? > www.av8.net faster, more reliable, better service > 617 344 9000 > > > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 05 17:44:31 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVb15-0007u9-DP; Thu, 05 Oct 2006 17:44:31 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVavG-0002EV-Ih; Thu, 05 Oct 2006 17:38:31 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVarc-000CSe-RD for namedroppers-data@psg.com; Thu, 05 Oct 2006 21:34:44 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GVarb-000CQt-Se for namedroppers@ops.ietf.org; Thu, 05 Oct 2006 21:34:44 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 8D3FD114021 for ; Thu, 5 Oct 2006 21:34:43 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id 94D71E6076 for ; Thu, 5 Oct 2006 21:34:42 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k95LYdaE021421 for ; Fri, 6 Oct 2006 07:34:39 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610052134.k95LYdaE021421@drugs.dv.isc.org> Cc: namedroppers@ops.ietf.org From: Mark Andrews Subject: Re: LOC In-reply-to: Your message of "Fri, 06 Oct 2006 06:54:34 +1000." Date: Fri, 06 Oct 2006 07:34:39 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: cd26b070c2577ac175cd3a6d878c6248 > > > What about earth orbit? Doesn't the ISS have internet? > > > > What about Mars rovers? Other future spacecraft? > > > > What's the point of saving a few bits, or making undecoded hex readable > > to the eye? > > > > --Dean > > What's the point about arguing about the range and wire format > years after it has been defined? > > Rehashing old arguements is not productive. > > All I'm after is clarification of what should be legally/sensibly > there using that format. > > People are starting to write DNS comformance test suites and they > are asking vendors (not just ISC has been asked about LOC) about > the corner cases some of which there are no clear answers for. e.g. what is the binary representation of 0 and 0.0, > > On Thu, 5 Oct 2006, Mark Andrews wrote: > > > > > SIZE The diameter of a sphere enclosing the described entity, in > > > centimeters, expressed as a pair of four-bit unsigned > > > integers, each ranging from zero to nine, with the most > > > significant four bits representing the base and the second > > > number representing the power of ten by which to multiply > > > the base. This allows sizes from 0e0 (<1cm) to 9e9 > > > (90,000km) to be expressed. This representation was chosen > > > such that the hexadecimal representation can be read by > > > eye; 0x15 = 1e5. Four-bit values greater than 9 are > > > undefined, as are values with a base of zero and a non-zero > > > exponent. > > > > > > Since 20000000m (represented by the value 0x29) is greater > > > than the equatorial diameter of the WGS 84 ellipsoid > > > (12756274m), it is therefore suitable for use as a > > > "worldwide" size. > > > > > > Do values 0 to a base other than 0 make any sense? > > > > > > > > > > -- > > Av8 Internet Prepared to pay a premium for better service? > > www.av8.net faster, more reliable, better service > > 617 344 9000 > > > > > > > > -- > > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > > the word 'unsubscribe' in a single line as the message text body. > > archive: > -- > ISC Training! October 16-20, 2006, in the San Francisco Bay Area, > covering topics from DNS to DHCP. Email training@isc.org. > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From loathfully@seizan21.com Sat Oct 07 05:39:17 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GW8eL-0001vb-7S for dnsext-archive@ietf.org; Sat, 07 Oct 2006 05:39:17 -0400 Received: from bcj19.neoplus.adsl.tpnet.pl ([83.27.225.19] helo=localhost) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1GW8eC-0008O3-2q for dnsext-archive@ietf.org; Sat, 07 Oct 2006 05:39:17 -0400 Message-ID: <000001c6e9f4$01e95a00$0100007f@localhost> From: "Vegas Online" To: Subject: Stephen has a secret from your Vegas Vacation Date: Sat, 07 Oct 2006 11:38:50 +0200 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.150 X-Spam-Score: 4.6 (++++) X-Scan-Signature: d0bdc596f8dd1c226c458f0b4df27a88 Stephen has a secret from your Vegas Vacation! Click here to make Stephen keep your secret safe: http://vegas.rxsvintus.com/?secret.asp=5&asn=15304 Click here to share your secret with a new friend: http://vegas.rxsvintus.com/?secret.asp=5&asn=1530457530_share ---------------------- At Vegas Online we care about your privacy. We have sent you this notification to facilitate your use as a member of our service. If you don't want to receive emails like this to your email account in the future, please click below: http://vegas.rxsvintus.com/?removeaccount.subscrip=update=15304*Stephen Vegas Online Inc. - 4598 River Glen Dr, Las Vegas, NV 89103 USA ゥ2006 Vegas Online Inc., All Rights Reserved. IP addresses and subnets. overflow of the malloced buffer. Maintain SQ Schedule 'zlib' general purpose compression library file named 'config' in the current directory (except Win32 which will look for actual data. This was because some conditions from the previous FTP code was Note: Sample software quality assurance plans, checklists, and reports can be found on GSFC痴 Software Assurance web site, sw-assurance.gsfc.nasa.gov, and a link is available from the Office of Systems Safety and Mission Assurance (OSSMA) web site. - KNOWN_BUGS #17 fixed. A DNS cache entry may not remain locked between two remote screen. - Based on feedback from Cory Nelson, I added some preprocessor magic in SECTION 6 HEREINUNDER, NEITHER RSA NOR ANY OTHER PERSON WHO HAS SQ personnel shall assess the processes for project planning, monitoring and control as described in the Project Plan. Review Lessons Learned (LL) by offering you a superseding Agreement for the Product or 0 - hide panels (like Ctrl-O). block). Intelligent caution dictates that any program be thoroughly tested with noncritical data before relying on it. The user assumes the entire risk of using the program. Any liability of the Licensor will be limited exclusively to product replacement or refund of purchase price. ---------------------------------------------------------------------- proprietary rights in the Software are protected. You may not worked correctly in the login path (i.e without doing any CWD). The source- - "Pragma: no-cache" is used (like before) horizontal line at the bottom of the cell. 128 MB RAM Daniel (12 October 2005) Acceptance Test (Validation) * www.gnu.org/copyleft/gpl.html - If any of the options CURLOPT_HTTPGET, CURLOPT_POST and CURLOPT_HTTPPOST is security keys. ------------------------------------------------------------------------------- To do so, attach the following notices to the program. It is safest comparison tests and links to Web sites of companies that produce archives when run, you must cause it, when started running for such when it starts in an interactive mode: Develop Software Quality (SQ) task and resource allocation forecast This product includes software developed by the OpenSSL Project proprietary rights in the Software are protected. You may not - Scott Davis helped me track down a problem in the test HTTP server that made Number of Open vs. Closed Action Items from peer reviews SYMBOL OF YOUR SIGNATURE AND BY CLICKING ON Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote list, purchase order or product packaging for the Product. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF installation. Any use of the Product for other purposes restore the previous value after completion. hopefully lead to less "leaked" servers (servers that aren't stopped Program), the recipient automatically receives a license from the From yoko7811@enet.com.cn Mon Oct 09 03:50:42 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWpuM-0004B5-EK for dnsext-archive@lists.ietf.org; Mon, 09 Oct 2006 03:50:42 -0400 Received: from [58.145.84.38] (helo=localhost.jp) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1GWpuL-0008Ls-0v for dnsext-archive@lists.ietf.org; Mon, 09 Oct 2006 03:50:42 -0400 Received: (qmail 31130 invoked by uid 48); 8 Oct 2006 15:24:11 -0000 Date: 8 Oct 2006 15:24:11 -0000 To: dnsext-archive@lists.ietf.org Subject: =?ISO-2022-JP?B?g4uDcIOTjk+QooLmgug==?= From: Message-ID: <20061009002411.57606@enet.com.cn> MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-2022-JP" Content-Transfer-Encoding: 7bit X-Spam-Score: 4.6 (++++) X-Scan-Signature: 1ac7cc0a4cd376402b85bc1961a86ac2 パスワードに秘密あり!!⇒http://91993.com:112/blog-ot/ ⇒パスワードを必ず5115で登録する⇒全ての登録が完了し再度ログインすると 携帯番号を登録した全国の女性達の電話番号一覧データーが地域別で表示される ⇒あとは上から順に直接電話するのみ。業者に気付かれる前に電話番号をコピーしろよ!! ↓↓↓↓↓↓ http://91993.com:112/blog-ot/ From owner-namedroppers@ops.ietf.org Mon Oct 09 07:11:05 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWt2H-0007Kb-Mj; Mon, 09 Oct 2006 07:11:05 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GWt27-0001V2-D5; Mon, 09 Oct 2006 07:11:05 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWstX-000Oz9-QB for namedroppers-data@psg.com; Mon, 09 Oct 2006 11:02:03 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWstW-000Ox5-BD for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 11:02:03 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1:211:2fff:fed7:7378]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k99B1ndY082405; Mon, 9 Oct 2006 13:01:49 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: <200610052054.k95KsYhu020595@drugs.dv.isc.org> References: <200610052054.k95KsYhu020595@drugs.dv.isc.org> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-24--451605944" Message-Id: <87DD878F-9B8E-4500-8066-47507AC36E08@NLnetLabs.nl> Cc: IETF DNSEXT WG Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: LOC Date: Mon, 9 Oct 2006 13:01:43 +0200 To: Mark Andrews X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: f607d15ccc2bc4eaf3ade8ffa8af02a0 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-24--451605944 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed I forgot to CC namedroppers in my conversation with Mark. Let me provide the abstract of that conversation in order to get back to the technical core of this discussion. The problem is that mathematically 0e0==0eY for each Y. But DNSSEC (and possibly other applications) are pretty picky about the wire encoding of the value being 0e0 or 0eY. This may be a problem when a signer interprets a 0 size field in the master file as 0e0 value while a server interprets a 0 in the master file as 0eY. I think that in the presence of DNSSEC this is the only place where 0eY hurts the DNS protocol. So, this is something that could be clarified in draft-ietf-dnsext-dnssec-bis-updates. Where we clarify that a size field being 0 should always be encoded as two 4-bit zeros. --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-24--451605944 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFKiwctN/ca3YJIocRAvnYAJ9tNkD6YzTI1l4SMWSSr6ohXedroACgoQIz TsYXIljmwrd7HGdTE6Fw8ys= =Z2h/ -----END PGP SIGNATURE----- --Apple-Mail-24--451605944-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 07:30:08 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWtKi-0001oy-CL; Mon, 09 Oct 2006 07:30:08 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GWtKc-0007Of-1H; Mon, 09 Oct 2006 07:30:08 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWtHU-0007DH-Iq for namedroppers-data@psg.com; Mon, 09 Oct 2006 11:26:48 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWtHT-0007Ch-Lq for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 11:26:47 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 59CCF114041 for ; Mon, 9 Oct 2006 11:26:47 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id B2AF3E6066 for ; Mon, 9 Oct 2006 11:26:46 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k99BQZjb008890; Mon, 9 Oct 2006 21:26:35 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610091126.k99BQZjb008890@drugs.dv.isc.org> To: "Olaf M. Kolkman" Cc: IETF DNSEXT WG From: Mark Andrews Subject: Re: LOC In-reply-to: Your message of "Mon, 09 Oct 2006 13:01:43 +0200." <87DD878F-9B8E-4500-8066-47507AC36E08@NLnetLabs.nl> Date: Mon, 09 Oct 2006 21:26:35 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 244a2fd369eaf00ce6820a760a3de2e8 > I forgot to CC namedroppers in my conversation with Mark. Let me > provide the abstract of that conversation in order to get back to the > technical core of this discussion. > > The problem is that mathematically 0e0==0eY for each Y. But DNSSEC > (and possibly other applications) are pretty picky about the wire > encoding of the value being 0e0 or 0eY. This may be a problem when a > signer interprets a 0 size field in the master file as 0e0 value > while a server interprets a 0 in the master file as 0eY. > > I think that in the presence of DNSSEC this is the only place where > 0eY hurts the DNS protocol. > > So, this is something that could be > clarified in draft-ietf-dnsext-dnssec-bis-updates. Where we clarify > that a size field being 0 should always be encoded as two 4-bit zeros. That's reasonable to me though I would also list it in the erratra for RFC 1876. > --Olaf > > > > > > ----------------------------------------------------------- > Olaf M. Kolkman > NLnet Labs > http://www.nlnetlabs.nl/ > > > > > --Apple-Mail-24--451605944 > content-type: application/pgp-signature; x-mac-type=70674453; > name=PGP.sig > content-description: This is a digitally signed message part > content-disposition: inline; filename=PGP.sig > content-transfer-encoding: 7bit > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (Darwin) > Comment: This message is locally signed. > > iD8DBQFFKiwctN/ca3YJIocRAvnYAJ9tNkD6YzTI1l4SMWSSr6ohXedroACgoQIz > TsYXIljmwrd7HGdTE6Fw8ys= > =Z2h/ > -----END PGP SIGNATURE----- > > --Apple-Mail-24--451605944-- -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From celestialShaffer@clickcashmoney.com Mon Oct 09 08:05:21 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWtsn-0005Xy-Uu for dnsext-archive@lists.ietf.org; Mon, 09 Oct 2006 08:05:21 -0400 Received: from [213.24.67.230] (helo=SHKEVA.6l9gn5.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GWtsm-00081V-HR for dnsext-archive@lists.ietf.org; Mon, 09 Oct 2006 08:05:21 -0400 Message-ID: <22253230798381.754F985FFC@E8HT2V> From: "Dillon Mathews" To: Subject: SuperstarS tock Report Date: Mon, 9 Oct 2006 20:02:21 +0800 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Thread-Index: hQqGrKKsVvG1UZY6qF5yo20CGRQ5erM5Bzf0 Content-type: multipart/related; boundary="----=_NextPart_000_0056_286B08C7.B630D072" X-Spam-Score: 4.0 (++++) X-Scan-Signature: 67c1ea29f88502ef6a32ccec927970f0 ------=_NextPart_000_0056_286B08C7.B630D072 Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: 8bit




They are yet some distance away. It is a pity, but the day is almosttoward them, as if it would have me go through that mass. I hunchedbetray his discovery. I waited tensely for him to arise and charge, orit then for a guide!" urged Eet. I fumbled with the seal on the pouch,down between our minds could be considered an answer. It left me withsuggestions as to how we do find the ship?" I asked Eet. Withoutbreathing cups. One barred my way very soon. The leaves were yellow,help will come seeking us here." I found it harder and harder to fightcame from the water and returned to it. And the size of some of thoseor stunner, only a small lever difficult to finger. I pointed it at aafford a kind of looped stairway. I had two cords with hooked ends
------=_NextPart_000_0056_286B08C7.B630D072 Content-Type: image/gif; name="berra.gif" Content-Transfer-Encoding: base64 Content-ID: <4P0YR6HWM9Y4RQM5LRBA> R0lGODlhkQElAaIAAP////8AAJkAAACZAAAAAAAAAAAAAAAAACH5BAQUAP8ALAAAAACRASUBAAP/ CLrc/jDKSau9OOvNu/9gKI5kaZ5oqq5s675wLM90bd94ru987//AoHBILBqPyKRyyWw6n9CodEqt Wq/YrHbL7Xq/4DAkwCAvzIoAWr1Gl8nqBjue9rgB8zh9tBfdLWxnf2MPboZiiIV0gXh7jo+KjW+C khx9lCmXH5oVjJUTmoyinIlhh2dycHOVq5J9l6utrY16npiuqqqCj7C6tZSzsaOLtrhpZrJ5oWXM pc5wdch4k796wLq7hshtx6zYqde5xuOv4sGj3unj4MTpkHLT09KDzvVjvt/Cn8fon+3/gyC1IyfO wS9jB2tp67aO2jZ33OxJLFENW8V92dTRCqQM/yNDgt06bmT3sGKygQAjAdT3caJLEJ76XbynsRc4 g9xQfku1MOVBnBZL/lGG76bHl0gzxNTZUOBDhgl33ooaUmhLqrSgBlX3c2rRdaSSigXFK9tXs9fe 8Io4qapWfm1s6oxLF1MynGlH7gs7tq/fv4ADCx5MuLDhw4gTK17MuLHjx5AjS55MOSkBAikuX16g GbOCzpVDh9l8gvRm05hRi17NBTVpAKBhe3bt+cHp2alxs96N5fbn3L9lB1fdQHNw4cR5K5dyu7Zs 56qTF8f9Ovby609oczYuHHln5wx8ez+OvbyS18/DixcvYT3w7ubjG3Hf3bdx6dF1S5fPH4j23//V vWfddgEWCF5/CCao4IIMNujggxBGKOGEFFYYmgACLIDhhhxiCMCGEIB4gYgKkPihhx6YGGKHHIKg ogYvjtBhDCzOyECLDqAIWYYe8lgjiDGemOGIOgp5Y5EbBHnkjy4iCaOTIfw4ZAtS6shkiSd+uOOM Vfo4ZZNT2mhkilA2UCWYQJzpQpclStkmjls+oCKQJNYpppko9jikiXe+WaSdX74ZAaCC8vknnH5a maeiX/aJZ6OGvtgnixNIeiikkyEq6JKUjnnlo21mOaaQiNao4aKBbrqil6d2OqqpiYooK6Otatpq jpDeCSupti4J6q+9Krbor7VuOuueUNLJ6rH/t76K6qiP7qpssTge6yWy2BpLq7OpQiunstlqG+6q xN467G5zbmttpXou+6y4zbqK66e8+govt37Oa+623qraKaH4kmpBuqkqyRrB8TJappGKenqlm7x2 G6umCN8LcL3NMqywo9wyK66rHJfbr8GrVexwrmXSeerJ/z4sr70SmOzxxRhDqyenHAPqMcu6Bpux qj9fJ/O7nK66cdBIF5rywonCPDO/xdpcKtMw33syBT6PfKl8Q4e7c7Rhwgnw2ETjLOa0+VaL6rUW X7o10Gbb2KLaYXvNtKX0Ytf1x8FSHOnUZ5ddK8jtDn6xtLCabLjEE7v9t85Zx5i33kiSXbeS/35X bmvPdc+buLqF/zxp4IFKnvXg3+Kt+emYk2whIq6/LvsRsc9uuxC13657D7nv7vvvwAcv/PDEF9/A AMgnr7wEyidPQfMDPOC8A9NXAD0E0DdvPGPZa39898hjD/734ZNv/fjko789YuBXr0D77r8PPwPe LxC/9PPTn//6h92/vPzxqx8A/mc/AgpwgOWLgAAXmMACNpB/g7kfAqMHQAVS0IHi0x8BJzgBCXIQ g9R7IAQDI8HpbbCDHgzhBlM4wQumD4TmGyFhSlg+FqrwAs6rHgt3mED/2VCGSPFhDUXIPCKKL3o6 NGIFLXhB+LkQiIBxIgwdaEAl3vCDPHxiDP9b2D0oRrB9GlRhFbXIRAAi0YpZpKL6vOgXMIYxfUkk 4xExmMYyLvGFbGyjFc1oxxZawH3XY6IcxzjHPPblhx/Enws92EBAHvCKkEzkFg2ZFEQekIEPrF8A TyjGRa6QiJyk5EQQycU1ljKQdzRjE0UoRQ26UZSV3KMrs3dEWr7RlVNU4yOdKEdY1oOUuuylLhUp xlzOcpCv9KUyl8nMZjrzmdCMZm++Ax0SHMgE1KxmdjhwoGtKkzMO8CYIxDmCboJzCeS0gDm/CYFr ppObLHDnZ5jwTgqsk53htM0858kdAsFGPbXJTUDDA9CB9pOg+fznQZ9j0NSk56EEAs9CD1r/TdBI FD0MPSdCBTqdegJRnv8kz0BFes7q7POk2jRpcfQJn5HuM0Db0ag2Q0pTl6ZUozXF6WwSqtKcLvOe Lg2pRE+K0JdudKU0TSpRUXrUphL1pk4tqlFLKlOWUhWpUH1mNoua1aki1atKfehMI0pRqQLoqVLt pmmsCtadMrU9a8VqVJtJzqC69apfFSpX4zrWpeY1oHxN617d6k5qotWnYT2rXuWKV2fWVadLvatg kyrZxfr1sY21LGXnWlm/HtambNVsWz2rTMxuVqmdPW1XNXtPtlZWsmN9rWeHqtqqJjSzrCWtL007 U8DaNqtxPU5fEwtZysJ2stAB7Vtretfe/z61s8dd7m7bU9yzJteu/gTsaQ5r1r9GNLfVtShAO0pe 6qAWPeINa3QVq1t8hta9UBwufOO70Pna9774za9+98vfwXhUBP/9wYAEHIIBF7SdAT7Cd2xj2A5k E6MuqC98CgphuF60wjtAbwsSbM0Fh9PD47VCOlvrYBWMeMASbnAFQKxiH5C4NDTgzkRhGuIqjPi9 GuAwBurqUAMxOMc9fs+EeWBavW73PwCizlD7CRztXteuyZ2Oeg5sY3taNTa0ve13+WleJydZvQ6d MoRBvOIwi1THG6ZuSX372bmStKVtxmlM5xwBmGLYCWTubm6znFfV2jS6PMaobjoqYQTf+f/ONyjy emur5eKulrtTpvOPY4poeuoZpIwlrqbBO9pNM1StH5b0BPI8ZCKrudNJDu6lo5raFkv60DSuNBQw nVYZy/nStna0h+uJ4hN/uMIDkrUNFA1pWt+a0WA9tpRF7c8zb0GgrbatQk/9W+TimNJDHjObqTyc lqIZBuvsqnyNHedkt5c8pYbopwvdhHGz1LlFRra8ld1tQat10PYMMrqDoGGULlrcsx0pwE9LXnXv e93CRkJQu/tncMabzb0F9KgNHGsDW5g27NZBr8Pc12AzWdAQjTh6mUxoO2912TYu9Mmzq2eGb/e8 ZrbOfQw9aW9z+OOkFsu3M+BxhIPavyv/2Pm5SyB0iRT9A0cfS9InG99ETybhQIZ6f1s+9apb/epY z7rWt871rnv962APu9jHTvaym/3saE+72tfO9ra7/e1wj3vwVCz0pVN44QS+QIJTy9Ogv4DvVqYn ljMOT6rzHMZu1njh9b4BXo8zno1H/N+9a80+lxibme4Bmvce+cB7wO7t7DzRY8Bn0NN2pyNnbkNr LPB0n37CJNc37Ed+3armWt0kZ6+Um2tSjsOZy9qtMUFxrk/8pJ73tRdrsxWafNZj+Pbm5SfDDS/6 qQa2Pmv2anOF2+hBb78+3n9r67UvfrwS9tbh9ylfz0/+9jsV78T5fvrHb1n5s1+90ra9/8OzT2FI F5jF5Wdu8BeAYCZz6LdcA4h/7Ud/79Ze4wdUBPh9opVpvGV+AYhZ9Cd/p5aARkaAkCVfnxd66odb fxZcEqhsJSiBKXhZWGaBidWCuldt7JWBEShzwPZcmCZwMLhYhWWCEbh8XHWARqVkgCd99LZ4FOiB PziClyWC9YeALvhiNKiAEwiBCjiFU+iEuEWFDHiBt6WB7ieEiFVt0DVqBAdgIviAYMiDa/hiF6iC V+WDTPiETHh9XLiAUeiCdPh+YoiFcRiHbbiEQdiEUCiAw0d9OZaGMhVzPeVbXjaGpNVwcOhvqid8 g+dvUYZ8hqaJ4kdRMhZ8QMh/BleIuP8HfcfHfTO4iIUVikDYfD34iBkmdwyCd7LIH4RXi8SjbR2X bHyGdI3GHKNRHh6Vg3JGWLHlaYxneaMnA6DnF8N4Bc/YZ7LVgWiVdG5YeczIG9EYYbNnULoXe9FX cBOlhTw4hmb2aw6XiflEe8LXjsoXjgLiirNXiQh4g733jezIZZY4ZvsXg8vXevnIfAWCjv5YTveX fnRoh4N4jSfHfsr1VfN3cHZ4gtJFieoXkS/lkIEIidjXkQnJfxupfxwJWhDXiaQobc24hBy4hgv5 i5FlfSfZgGFYkRNIjoiVhRvph+bWkko4h2XYhD85iNOmkvn3hUcYghkJfb8mh8RIhdL/SH5ECGxK OZKqCIpLaZSpVoi7loful2LmZ4NOxpJZuVLId2/9RpQ4eGVHeXlVKIYyCJGEmFkHKVpWmIVvKYV9 mJeGiIczeYcc6WZduGm+R5XreJc06ZfIyE1zeZNoCZcvWJT3hxyhhZAUWYeViW8oqYc5yZV7OGeT qJMfOVuAiJVD2ZE4qZeJGXkB2XwhJ4qsR3PFyIuPuXv1yI+UaJW0uWzyWJsoSXxbNorMp1MB2ZqY 6I71+IKNqI//SGcphpvLaHYpKQTRSXpoN53+EQXW+U3Z6WLYqYw5t5br9nhw5Xm4mAO9iFqh907n iY03Vp6KN30td47kaJ1FmJruCXnw/2ll6pmE+FiCiTdY6fiaUnef3cdgFUhtoRmaUBZ4OriA9Umg daaMzHaYd/eWbmmRZsiffAihiYiIZplx2FWcy/ll5eiEO/iItMihGXqhJEZsNBluP5hlm9mXKup5 xrae4uRcfFmiJliXwqWRFFqjFlZruQdSLfqbniiJzWZv6hic2PaXQhpjsxallrZNVIod23mlWrql XNqlXvqlYBqmYjqmZFqmZnqmaJqmarqmbCqdFod5vrhj+ImI9jmnfienElqneLqibCmedMqnnMeN Q5enfKqWkJGiNnltCJqoh4eGhKpOjxqp5QSef+qSQukYiKqolQqeRbd017inIuqk9f8Vj6rojrY2 nAHaiq5RZ2vViDdYkMApZMpXkbiZe/QYof54qgBpl++Ij7cqmQTppN0WrMRZf/JZfQkZmZ7pkHq4 iH05kT0JkcxKiCsZak/4kDsakjLJhUBaotz6huDqmNdnmwnarUjJmdHmhYSqXNVKmO1Zh2q2jYY5 bccalPOqiLgKr1BpqPzJq/16oT5Jo42KrqJZg6yZmZ+GlSvoaezKir/Kbb/Vgj32hau5ZiDqsA0b sE1Jojo4lYQmiHr5gJSKoDPqmG1peRlroo2psnuZn0U5h/tXr78olvmKmovpjaQJmi8LmnjJl5kK qQgbmIxZrjn7olypavy6mBu6UT7/GpPZCrJ9F5cii2omS5lQK1Ta2phK62AbF7FF+6vNyZtXqapY i35t+KrACaxCWVYFW4pP1ooUu4r6ymm6KWZISnurqILNyZoneouPkaUiNmxpB7hVVgOE26YidrgP kqOWSp7o+ZyN66iSC25PxqT3Zlb/pax6WmAT8amAeobnOqkrxqlAC24FWmzOOrIkmI1GF7krGnOi i402Orq0a7pPeYVy9bPbqrqTm4jGZ39NKat265PJ2ZkbeJPP13vRZ5Wol3y+GWKy+ok9mKqpGI5p K723y7jFF5tMpbnRa4/45p/KyXMYWZqwK64/yZTqarz5er7tCq2W+bRSe7OGCr/q/yu1cbmTkSib 3SuAW/uj8ou0teuHl9msaGlO8CanOAulARy1uGu0EExuCZiy9buUrirAMEmWQ+m9Bjy0gam7XwuQ Y8mTfjm1ltiPkLrAOXeiPam3PTqqvYnBxYqiZIWxq/tefLfAMcujCktx82qFe0rADtjBOgmj/ct4 Kny8AfvARNu+nImvTWyTHyzFL5lTCLzBLVuEKRuUN3ev2GqSVwiGJgyCJHupGam1Z8yGTpuxGFzE nxmyjXuM0oW2JnyvQUuwAyu+aWmgzYtgqseJMEvGmFtwoWZ/odrHTzqQ1qqkrle8wMq3ycuBfEys OCqDZmmcDwmWL6t5pSu7Vbqm8v8au5+spqE8TooreYMbx31au6uMuKjsuHC6ua7rkqdcngGWnSBc qLAsy2UqZI44vq35eroIzCqnvAI6Y8xLr5jppeMKwMnKU1z8vxfpoG3boOA3qCo6xitLxHaMv0tc taRYy16nzRd5e0sbtBZnqzn5wnLIwFRKzlPswED8oA1czV/Ly7g4tfdbkwV8tTx7mFu8yVqagYN5 q0ZqtmIbrHq8bczpyELby65cGLkc0S7htxR90Rid0Rq90Rzd0R790SAd0iI90iRd0iZ90ijdNBHT LgSDKaGCOp7TMKFyKJLayulmNG8TKytzJDztNG7T06LiKHYC1Aoi0y991DINOjv/LSpAfS5ZQtOT V9NLXS5JXTounTFDzdSz8tKrM9VUUx4LA9VB7dJbzdSDEjZIjSxHLaibatYrY9ROvdNOMjdlzdXn Atc+IteMwzVL09Rqrdc349bfotdL3Su16tCnCL33SNRvjdZ2nTrdQtdxvTZjXdh5HTUOsjlXPdlq fdlfTTiWDSUlK8ZGXLZgg9Z4vdaYzdM8UtmE7dmO/dQoEyF+YzZe3dllrdmEvdZlYq9o/K+4Etx2 LTYS09etzdkzXddOLda0zdzLTdZ2w9ha/ddm3duqyq4sDNx4ItyubdTbPdjHTd3d/dxpLd0P4tyO DdXvwtzlPd3m7ZQ7urPROtct/7Pb3L3dKlPdf63c2DI1EOLdYl3Vlj3g3+3a+g3Fox3BW6g5+J3e xf3gGmPfAm7g7X3etX3bqw3gvSIvo2Oiw6nJv1mqnkUpDE7THA7hWqLfAd7fsV3hKf3iMB7jJRMy 7JI5q0PekG3bU/DVU4113i0n3J3a5V3XPS3kUcDjqn11P17gBN7X+iLY6t3iT4Dkgm11E87SBR7X 5k3X943j0dLYQd7fu23j+QLmZS4wq53cRaPVPS5DVy7e7e3k+A3l0L3h+x3YA37Xdz7YWPLYsmLf j+0rej7WcO7mgRPoOk7ohS7b9F3kUj7eSR7Yg07hPa42vE3k/RLog57fbJQse//O5Bhe5YJz4O79 3ZPO2p9+6kQt6dTN6p4j3JPeI1pC5cPj6Yje5qRu61rj6G0e6wUD25q+6G8e7EkON76eNr0jPLaO 6VVe6u494Qa+5Mf+5JDO7KU+LLkN51o+7Rrz6Otj3FIe1jbe6uINOEFC3MX+N6ie7iiD2pdT6Lo9 3SuO6xid7DJ+5Ht971ZwOvre7/7+7wAf8AI/8ARf8AZ/8Aif8Aq/8Azf8A7/8BAf8RI/8RRf8f4u AAZgBgcwAAVg8UEgAAdwAAQwAAFQAOLs8RRQACBv8phxACj/AyRvAARg8gJADy9vAweA8bBhAAaQ 7zc/Axk/ABkSAAbw8zxA8gImcBku7/JGvwMmz/FL3/Q6EABMD/IEwPRSfwNFPwCXIfTClPUukAAA Ow== ------=_NextPart_000_0056_286B08C7.B630D072-- From owner-namedroppers@ops.ietf.org Mon Oct 09 08:22:31 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWu9P-00009T-Be; Mon, 09 Oct 2006 08:22:31 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GWu9L-0004UF-0n; Mon, 09 Oct 2006 08:22:31 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWu5L-000L5c-Ba for namedroppers-data@psg.com; Mon, 09 Oct 2006 12:18:19 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWu5K-000L4J-2E for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 12:18:18 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::53]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k99CI6wk088543; Mon, 9 Oct 2006 14:18:06 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: <200610091126.k99BQZjb008890@drugs.dv.isc.org> References: <200610091126.k99BQZjb008890@drugs.dv.isc.org> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-31--447024636" Message-Id: Cc: IETF DNSEXT WG Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: more ambiguity (was Re: LOC) Date: Mon, 9 Oct 2006 14:18:05 +0200 To: Mark Andrews X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-31--447024636 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed >> >> The problem is that mathematically 0e0==0eY for each Y. But DNSSEC >> (and possibly other applications) are pretty picky about the wire >> encoding of the value being 0e0 or 0eY. This may be a problem when a >> signer interprets a 0 size field in the master file as 0e0 value >> while a server interprets a 0 in the master file as 0eY. >> >> I think that in the presence of DNSSEC this is the only place where >> 0eY hurts the DNS protocol. >> >> So, this is something that could be >> clarified in draft-ietf-dnsext-dnssec-bis-updates. Where we clarify >> that a size field being 0 should always be encoded as two 4-bit >> zeros. > > That's reasonable to me though I would also list it in > the erratra for RFC 1876. So, Anywhere were the signer can take a different interpretation of the master zone file format than the signer there may be a problem. Are there other RRs where this could be a problem? I remember trying to be relatively liberal when parsing TXT RR data in Net::DNS::RR::TXT; Most of the people forget adding quotes ore use single instead of as string delimiters but that could pose a similar problem. I think that adding a note do bis-updates about this wouldn't hurt. Any other RRs that may be subtly ambiguous under zone-file <-> wire format? --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-31--447024636 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFKj39tN/ca3YJIocRAn1WAJ4qyvkc69r4c1foJA6/RYSjzXwD4QCdFsDm tk8q5Vj9iJIi987amAENUnk= =ypMn -----END PGP SIGNATURE----- --Apple-Mail-31--447024636-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 08:39:04 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWuPQ-0000Ce-Ac; Mon, 09 Oct 2006 08:39:04 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GWuPN-00088m-TR; Mon, 09 Oct 2006 08:39:04 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWuMN-0000QI-Re for namedroppers-data@psg.com; Mon, 09 Oct 2006 12:35:55 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWuMM-0000PN-Ha for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 12:35:55 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1:211:2fff:fed7:7378]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k99CZgsV088865; Mon, 9 Oct 2006 14:35:43 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-32--445968227" Message-Id: Cc: Mike StJohns , Suresh Krishnaswamy Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: WGLC on rollover-requirements and trustudpate-timers Date: Mon, 9 Oct 2006 14:35:41 +0200 To: IETF DNSEXT WG X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 9a2be21919e71dc6faef12b370c4ecf5 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-32--445968227 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Colleagues, This is a reminder. The WGLC closes in about 2 days; we have not met quorum yet. If you plan to review the document but need a few more days, please let us know. I'd hate if we would need to declare bankruptcy at this stage because of lack of review by the working group. --Olaf (Top-Posting) On 25Sep 2006, at 10:00 PM, Olaf M. Kolkman wrote: > > > Dear Colleagues, > > > This message starts the working group last call for two documents > > draft-ietf-dnsext-rollover-requirements-03 > Requirements related to DNSSEC Trust Anchor Rollover > > > draft-ietf-dnsext-trustupdate-timers-04 > Automated Updates of DNSSEC Trust Anchors > > The documents and their history can be found at: > > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rollover- > requirements/ > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-trustupdate-timers/ > > > It is the intention to publish the "requirements" draft as an > informational RFC and to publish "timers" on standards track. > > As previously, for each document we would like to see at least 5 > people > going on record for having thoroughly reviewed it. > > We would appreciate assessments on how well 'timers' fits > 'requirements' [*] > > > Last call terminates October 11, 2006. > > > Your chairs, > > Olaf and Olafur. > > > [*] Even though there is no reference from the timers draft to the > requirements draft we learned by experience with that the IESG is > interested and aware of requirement documents and takes interest > reviewing them both. > > ----------------------------------------------------------- > Olaf M. Kolkman > NLnet Labs > http://www.nlnetlabs.nl/ > > > ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-32--445968227 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFKkIdtN/ca3YJIocRAnLcAJ9KZzrKzlp5hOS+sNrgWGpVlWZD+gCfRxtn ib420pn1Yu+K3hjt4oU8cQU= =U1RJ -----END PGP SIGNATURE----- --Apple-Mail-32--445968227-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 08:52:11 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWuc7-00027b-05; Mon, 09 Oct 2006 08:52:11 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GWuc4-00051r-Me; Mon, 09 Oct 2006 08:52:10 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWuYw-0004PZ-1L for namedroppers-data@psg.com; Mon, 09 Oct 2006 12:48:54 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWuYu-0004Od-VK for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 12:48:53 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k99Cmmkm099506 for ; Mon, 9 Oct 2006 14:48:48 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452A4530.80408@nlnetlabs.nl> Date: Mon, 09 Oct 2006 14:48:48 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: Re: WGLC on rollover-requirements and trustudpate-timers References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> In-Reply-To: X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: a7d6aff76b15f3f56fcb94490e1052e4 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I've already reviewed -timers, and agree with moving it forwards (please address the concerns I raised). I've just reviewed the rollover-requirements-03 and I find it acceptable. Best regards, Wouter Olaf M. Kolkman wrote: > > > Colleagues, > > This is a reminder. The WGLC closes in about 2 days; we have not met > quorum yet. > >> draft-ietf-dnsext-rollover-requirements-03 >> Requirements related to DNSSEC Trust Anchor Rollover >> >> >> draft-ietf-dnsext-trustupdate-timers-04 >> Automated Updates of DNSSEC Trust Anchors >> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFKkUwkDLqNwOhpPgRAsyrAJ9PJs2bYoM2+/DnLFdnz6id8kjybQCgif4u DPJaTzRnEWsFOvZd3wajLog= =Meee -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 11:33:57 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GWx8f-0001eJ-00; Mon, 09 Oct 2006 11:33:57 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GWx8d-0003ms-Mn; Mon, 09 Oct 2006 11:33:56 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWx1v-000HCz-1H for namedroppers-data@psg.com; Mon, 09 Oct 2006 15:26:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.1.5 Received: from [67.52.51.34] (helo=backbone.schlitt.net) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GWx1t-000HBz-JI for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 15:26:58 +0000 Received: from wayne by backbone.schlitt.net with local (Exim 4.52) id 1GWx1i-0004UL-Pt for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 10:26:53 -0500 From: wayne To: "IETF DNSEXT WG" References: <200610052054.k95KsYhu020595@drugs.dv.isc.org> <87DD878F-9B8E-4500-8066-47507AC36E08@NLnetLabs.nl> Mail-Copies-To: nobody Reply-To: "IETF DNSEXT WG" Content-Type: text/plain; charset=US-ASCII Date: Mon, 09 Oct 2006 10:26:45 -0500 In-Reply-To: <87DD878F-9B8E-4500-8066-47507AC36E08@NLnetLabs.nl> (Olaf M. Kolkman's message of "Mon, 9 Oct 2006 13:01:43 +0200") Message-ID: User-Agent: Gnus/5.110006 (No Gnus v0.6) XEmacs/21.4.19 (linux) MIME-Version: 1.0 X-SA-Exim-Connect-IP: X-SA-Exim-Rcpt-To: namedroppers@ops.ietf.org X-SA-Exim-Mail-From: wayne@schlitt.net Subject: Re: LOC X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100) X-SA-Exim-Scanned: Yes (on backbone.schlitt.net) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228 In <87DD878F-9B8E-4500-8066-47507AC36E08@NLnetLabs.nl> "Olaf M. Kolkman" writes: > The problem is that mathematically 0e0==0eY for each Y. [snip] > [ ... ] So, this is something that could be > clarified in draft-ietf-dnsext-dnssec-bis-updates. Where we clarify > that a size field being 0 should always be encoded as two 4-bit zeros. OK, I guess I'm confused. Doesn't RFC1876 already say that? Wasn't the relevant part of RFC1876 quoted in the first post in this thread? From RFC1876 section 2 "RDATA Format" SIZE [...] Four-bit values greater than 9 are undefined, as are values with a base of zero and a non-zero exponent. That seems to me to say that 0eY for Y > 0 is undefined. A resolver is free to drop into a game of nethack if it wants to upon reception of a LOC record with 0e3. -wayne -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 15:48:41 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GX17B-0007dq-Ib; Mon, 09 Oct 2006 15:48:41 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GX176-0005Ii-A8; Mon, 09 Oct 2006 15:48:41 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX12A-0001XI-51 for namedroppers-data@psg.com; Mon, 09 Oct 2006 19:43:30 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX128-0001WB-RM for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 19:43:29 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::53]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k99JhLRO028591 for ; Mon, 9 Oct 2006 21:43:21 +0200 (CEST) (envelope-from olaf@nlnetlabs.nl) Mime-Version: 1.0 (Apple Message framework v752.2) In-Reply-To: References: <200610091126.k99BQZjb008890@drugs.dv.isc.org> Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-39--420309760" Message-Id: <0ECC62C4-E6A0-4706-A4D3-FB920D0007E6@nlnetlabs.nl> Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: more ambiguity (was Re: LOC) Date: Mon, 9 Oct 2006 21:43:20 +0200 To: IETF DNSEXT WG X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 7aafa0432175920a4b3e118e16c5cb64 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-39--420309760 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed >> >> So, Anywhere were the signer can take a different interpretation >> of the master zone file format than the signer there may be a >> problem. Are there other RRs where this could be a problem? > That should have read: So, Anywhere were the signer can take a different interpretation of the master zone file format than the nameserver serving the data there may be a problem. Are there other RRs where this could be a problem? In other words signer and nameserver interpret same zonefile text- blob as different wireformat. --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-39--420309760 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFKqZYtN/ca3YJIocRAjH6AKDf/hjVNVAPh6KyfO3ffoXjNMV2bACg3a1z ykAat5aXOnw5QbZu+lUFRkk= =okG2 -----END PGP SIGNATURE----- --Apple-Mail-39--420309760-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 17:04:19 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GX2IN-0000hN-Cy; Mon, 09 Oct 2006 17:04:19 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GX2IH-0006oj-3A; Mon, 09 Oct 2006 17:04:19 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX2EM-000Gc5-SZ for namedroppers-data@psg.com; Mon, 09 Oct 2006 21:00:10 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [216.151.192.200] (helo=sokol.elan.net) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX2EL-000GbJ-QW for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 21:00:10 +0000 Received: from sokol.elan.net (sokol [127.0.0.1]) by sokol.elan.net (8.13.1/8.13.1) with ESMTP id k99KxnTB008957; Mon, 9 Oct 2006 13:59:49 -0700 Received: from localhost (william@localhost) by sokol.elan.net (8.13.1/8.13.1/Submit) with ESMTP id k99KxmWB008954; Mon, 9 Oct 2006 13:59:48 -0700 X-Authentication-Warning: sokol.elan.net: william owned process doing -bs Date: Mon, 9 Oct 2006 13:59:48 -0700 (PDT) From: "william(at)elan.net" To: "Olaf M. Kolkman" cc: Mark Andrews , IETF DNSEXT WG Subject: Re: more ambiguity (was Re: LOC) In-Reply-To: Message-ID: References: <200610091126.k99BQZjb008890@drugs.dv.isc.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a On Mon, 9 Oct 2006, Olaf M. Kolkman wrote: > I remember trying to be relatively liberal when parsing TXT RR data in > Net::DNS::RR::TXT; Most of the people forget adding quotes ore use single > instead of as string delimiters but that could pose a similar problem. I > think that adding a note do bis-updates about this wouldn't hurt. That reminds me. I could not properly decide when asked by somebody recently if TXT field in DNS can or can not have UTF context. Now obviously it happens, the question is really would various TXT DNS record parsers have problems with any 8-bit context there. And another issue is that since there is no additional 'type' field indicating if data would or would not be UTF8 the parsers are going to have an issue. This all got me thinking that it maybe better to just define new UTF8TXT type record which parsers would always know to have UTF8 text/comment context and leave TXT for ASCII. -- William Leibzon Elan Networks william@elan.net -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 17:27:02 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GX2eM-0002bf-A0; Mon, 09 Oct 2006 17:27:02 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GX2eJ-0002fu-Vz; Mon, 09 Oct 2006 17:27:02 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX2b9-000NnB-Nz for namedroppers-data@psg.com; Mon, 09 Oct 2006 21:23:43 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX2b8-000NmI-Gg for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 21:23:42 +0000 Received: from [10.111.113.28] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k99LNIFr077925; Mon, 9 Oct 2006 17:23:19 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <0ECC62C4-E6A0-4706-A4D3-FB920D0007E6@nlnetlabs.nl> References: <200610091126.k99BQZjb008890@drugs.dv.isc.org> <0ECC62C4-E6A0-4706-A4D3-FB920D0007E6@nlnetlabs.nl> Date: Mon, 9 Oct 2006 16:23:05 -0500 To: "Olaf M. Kolkman" From: Edward Lewis Subject: Re: more ambiguity (was Re: LOC) Cc: IETF DNSEXT WG Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.56 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9 At 21:43 +0200 10/9/06, Olaf M. Kolkman wrote: >In other words signer and nameserver interpret same zonefile text-blob >as different wireformat. I don't know that there is an easy answer to that one. Up to now, the zone file format was only standardized for documentation purposes. Unless rsync'd or otherwise file system manipulated, a zone file written by process was read back by the same process - or a reincarnation of it usually using the same or similar source code. Personally I have never been fond of declaring the zone file syntax a standard, but that's the what folks have wanted. So now we face having two disjoint representations of the same values (the zone file format and the wire format versions of each RR set). One approach would be to instruct the signers, servers, et.al., to exclusively read and write in wire format, leaving zonefiles just for us humans. But that ain't gonna happen. Perhaps when we rehash LOC we just add the good words to tighten it up. It is just at proposed standard now anyway, right? Or we could begin to encourage all implementations to essentially to a AXFR to a disk file when preparing a copy for consumption by another process. (Like from signer to server, or a server storing a copy in case the machine reboots.) And likewise, read a "binary" file as that in addition to zone file format. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 18:53:21 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GX3zt-0002nJ-LV; Mon, 09 Oct 2006 18:53:21 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GX3zh-0001oB-Iw; Mon, 09 Oct 2006 18:53:21 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX3uj-000KEI-3j for namedroppers-data@psg.com; Mon, 09 Oct 2006 22:48:01 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX3uh-000KDk-Mq for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 22:48:00 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 0B91D114021 for ; Mon, 9 Oct 2006 22:47:59 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id E0CB3E6076 for ; Mon, 9 Oct 2006 22:47:55 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k99MlnYw012669 for ; Tue, 10 Oct 2006 08:47:49 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610092247.k99MlnYw012669@drugs.dv.isc.org> To: "IETF DNSEXT WG" From: Mark Andrews Subject: Re: LOC In-reply-to: Your message of "Mon, 09 Oct 2006 10:26:45 EST." Date: Tue, 10 Oct 2006 08:47:48 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 4adaf050708fb13be3316a9eee889caa > In <87DD878F-9B8E-4500-8066-47507AC36E08@NLnetLabs.nl> "Olaf M. Kolkman" f@NLnetLabs.nl> writes: > > > The problem is that mathematically 0e0==0eY for each Y. [snip] > > > [ ... ] So, this is something that could be > > clarified in draft-ietf-dnsext-dnssec-bis-updates. Where we clarify > > that a size field being 0 should always be encoded as two 4-bit zeros. > > > OK, I guess I'm confused. Doesn't RFC1876 already say that? Wasn't > the relevant part of RFC1876 quoted in the first post in this thread? > > >From RFC1876 section 2 "RDATA Format" > > SIZE [...] > Four-bit values greater than 9 are > undefined, as are values with a base of zero and a non-zero > exponent. > > > That seems to me to say that 0eY for Y > 0 is undefined. A resolver > is free to drop into a game of nethack if it wants to upon reception > of a LOC record with 0e3. You are right. I should have re-re-re-read that. Mea culpa. > -wayne > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 19:10:11 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GX4GB-00087J-LU; Mon, 09 Oct 2006 19:10:11 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GX4FP-0004cD-ET; Mon, 09 Oct 2006 19:09:24 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX4Cx-000PTL-UB for namedroppers-data@psg.com; Mon, 09 Oct 2006 23:06:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX4Cw-000PSe-Tf for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 23:06:51 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 8008A11401F for ; Mon, 9 Oct 2006 23:06:50 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id D9DAAE6066 for ; Mon, 9 Oct 2006 23:06:49 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k99N6XWd034813; Tue, 10 Oct 2006 09:06:34 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610092306.k99N6XWd034813@drugs.dv.isc.org> To: Edward Lewis Cc: "Olaf M. Kolkman" , IETF DNSEXT WG From: Mark Andrews Subject: Re: more ambiguity (was Re: LOC) In-reply-to: Your message of "Mon, 09 Oct 2006 16:23:05 EST." Date: Tue, 10 Oct 2006 09:06:33 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: d8ae4fd88fcaf47c1a71c804d04f413d > At 21:43 +0200 10/9/06, Olaf M. Kolkman wrote: > > >In other words signer and nameserver interpret same zonefile text-blob > >as different wireformat. > > I don't know that there is an easy answer to that one. > > Up to now, the zone file format was only standardized for > documentation purposes. I would argue that it was also defined to allow zones to be transfered outside to the DNS protocol. RFC 1034 4.3.5. Zone maintenance and transfers Part of the job of a zone administrator is to maintain the zones at all of the name servers which are authoritative for the zone. When the inevitable changes are made, they must be distributed to all of the name servers. While this distribution can be accomplished using FTP or some other ad hoc procedure, the preferred method is the zone transfer part of the DNS protocol. > Unless rsync'd or otherwise file system > manipulated, a zone file written by process was read back by the same > process - or a reincarnation of it usually using the same or similar > source code. If it was wanted to do just that then there would not be a well defined format that defines a zone. > Personally I have never been fond of declaring the zone file syntax a > standard, but that's the what folks have wanted. So now we face > having two disjoint representations of the same values (the zone file > format and the wire format versions of each RR set). > > One approach would be to instruct the signers, servers, et.al., to > exclusively read and write in wire format, leaving zonefiles just for > us humans. But that ain't gonna happen. > > Perhaps when we rehash LOC we just add the good words to tighten it > up. It is just at proposed standard now anyway, right? > > Or we could begin to encourage all implementations to essentially to > a AXFR to a disk file when preparing a copy for consumption by > another process. (Like from signer to server, or a server storing a > copy in case the machine reboots.) And likewise, read a "binary" > file as that in addition to zone file format. > > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Edward Lewis +1-571-434-5468 > NeuStar > > Secrets of Success #107: Why arrive at 7am for the good parking space? > Come in at 11am while the early birds drive out to lunch. > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 19:19:43 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GX4PP-0003AZ-Ir; Mon, 09 Oct 2006 19:19:43 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GX4PO-0007bs-4o; Mon, 09 Oct 2006 19:19:43 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX4Mx-0001zK-Ms for namedroppers-data@psg.com; Mon, 09 Oct 2006 23:17:11 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX4Mw-0001z7-5E for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 23:17:10 +0000 Received: from [10.111.113.28] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k99NGbpg078465; Mon, 9 Oct 2006 19:16:38 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <200610092306.k99N6XWd034813@drugs.dv.isc.org> References: <200610092306.k99N6XWd034813@drugs.dv.isc.org> Date: Mon, 9 Oct 2006 18:16:44 -0500 To: Mark Andrews From: Edward Lewis Subject: Re: more ambiguity (was Re: LOC) Cc: Edward Lewis , "Olaf M. Kolkman" , IETF DNSEXT WG Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.56 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: a2c12dacc0736f14d6b540e805505a86 It's a matter of interpretation, but the quoted text below states that the preferred method is the zone transfer. The text conveys that the zone file format is more or less a safety net, for use in situations outside the protocol. Perhaps the ship has sailed but I'd say that trying to maintain two renderings of the same statement (a resource record in wire format and zone file format) is too much work. I can barely see the sails of that ship now - whether it be that it is crossing successfully over the horizon or is sinking in the drink I cannot say. At 9:06 +1000 10/10/06, Mark Andrews wrote: >> At 21:43 +0200 10/9/06, Olaf M. Kolkman wrote: >> >> >In other words signer and nameserver interpret same zonefile text-blob >> >as different wireformat. >> >> I don't know that there is an easy answer to that one. >> >> Up to now, the zone file format was only standardized for >> documentation purposes. > > I would argue that it was also defined to allow zones to be > transfered outside to the DNS protocol. > >RFC 1034 > >4.3.5. Zone maintenance and transfers > >Part of the job of a zone administrator is to maintain the zones at all >of the name servers which are authoritative for the zone. When the >inevitable changes are made, they must be distributed to all of the name >servers. While this distribution can be accomplished using FTP or some >other ad hoc procedure, the preferred method is the zone transfer part >of the DNS protocol. > >> Unless rsync'd or otherwise file system >> manipulated, a zone file written by process was read back by the same >> process - or a reincarnation of it usually using the same or similar >> source code. > >If it was wanted to do just that then there would not be a well defined >format that defines a zone. > >> Personally I have never been fond of declaring the zone file syntax a >> standard, but that's the what folks have wanted. So now we face >> having two disjoint representations of the same values (the zone file >> format and the wire format versions of each RR set). >> >> One approach would be to instruct the signers, servers, et.al., to >> exclusively read and write in wire format, leaving zonefiles just for >> us humans. But that ain't gonna happen. >> >> Perhaps when we rehash LOC we just add the good words to tighten it >> up. It is just at proposed standard now anyway, right? >> >> Or we could begin to encourage all implementations to essentially to >> a AXFR to a disk file when preparing a copy for consumption by >> another process. (Like from signer to server, or a server storing a >> copy in case the machine reboots.) And likewise, read a "binary" >> file as that in addition to zone file format. >> >> -- >> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> Edward Lewis +1-571-434-5468 >> NeuStar >> >> Secrets of Success #107: Why arrive at 7am for the good parking space? >> Come in at 11am while the early birds drive out to lunch. >> >> -- >> to unsubscribe send a message to namedroppers-request@ops.ietf.org with >> the word 'unsubscribe' in a single line as the message text body. >> archive: >-- >ISC Training! October 16-20, 2006, in the San Francisco Bay Area, >covering topics from DNS to DHCP. Email training@isc.org. >-- >Mark Andrews, ISC >1 Seymour St., Dundas Valley, NSW 2117, Australia >PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 09 19:49:04 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GX4rn-0004CZ-WC; Mon, 09 Oct 2006 19:49:04 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GX4rm-0005vF-M9; Mon, 09 Oct 2006 19:49:03 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX4nQ-0008r9-Nr for namedroppers-data@psg.com; Mon, 09 Oct 2006 23:44:32 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GX4nP-0008qY-W9 for namedroppers@ops.ietf.org; Mon, 09 Oct 2006 23:44:32 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id A8207114021 for ; Mon, 9 Oct 2006 23:44:31 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id 303B0E6076 for ; Mon, 9 Oct 2006 23:44:31 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k99NiJVX058957; Tue, 10 Oct 2006 09:44:19 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610092344.k99NiJVX058957@drugs.dv.isc.org> To: "william(at)elan.net" Cc: "Olaf M. Kolkman" , IETF DNSEXT WG From: Mark Andrews Subject: Re: more ambiguity (was Re: LOC) In-reply-to: Your message of "Mon, 09 Oct 2006 13:59:48 MST." Date: Tue, 10 Oct 2006 09:44:19 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352 > > On Mon, 9 Oct 2006, Olaf M. Kolkman wrote: > > > I remember trying to be relatively liberal when parsing TXT RR data in > > Net::DNS::RR::TXT; Most of the people forget adding quotes ore use single > > instead of as string delimiters but that could pose a similar problem. I > > think that adding a note do bis-updates about this wouldn't hurt. > > That reminds me. I could not properly decide when asked by somebody > recently if TXT field in DNS can or can not have UTF context. Now > obviously it happens, the question is really would various TXT DNS > record parsers have problems with any 8-bit context there. And another > issue is that since there is no additional 'type' field indicating > if data would or would not be UTF8 the parsers are going to have an > issue. This all got me thinking that it maybe better to just define > new UTF8TXT type record which parsers would always know to have UTF8 > text/comment context and leave TXT for ASCII. I don't think we need a UTF8TXT type. TXT itself needs to be clarified as escape handling is not well defined. Allowing CRLN within a quoted text string was never a good idea as each os has its own eol convention. named uses the same escape handling as it does for domain names. > -- > William Leibzon > Elan Networks > william@elan.net -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 09:38:08 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXHo8-0005io-2p; Tue, 10 Oct 2006 09:38:08 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXHo6-0006CY-Le; Tue, 10 Oct 2006 09:38:08 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXHg6-000Hne-1t for namedroppers-data@psg.com; Tue, 10 Oct 2006 13:29:50 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXHg4-000Hmu-HR for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 13:29:49 +0000 Received: from [10.111.113.28] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9ADTPcI092283; Tue, 10 Oct 2006 09:29:26 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Date: Tue, 10 Oct 2006 08:29:20 -0500 To: "Olaf M. Kolkman" From: Edward Lewis Subject: Re: WGLC on rollover-requirements and trustudpate-timers Cc: IETF DNSEXT WG , Mike StJohns , Suresh Krishnaswamy Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: b4a0a5f5992e2a4954405484e7717d8c At 22:00 +0200 9/25/06, Olaf M. Kolkman wrote: >This message starts the working group last call for two documents >http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rollover-requirements/ >http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-trustupdate-timers/ >As previously, for each document we would like to see at least 5 people >going on record for having thoroughly reviewed it. I haven't had time to look at these documents in their recent state. The reason I haven't - and am bothering to say so - is that it is a matter of priorities. I do think that solving this is worthwhile and that the documents would merit review, but I find the task of reviewing them deep in my job queue. Not speaking for my employer (who is an TLD operator) but recognizing that it is a major player in my setting of priorities, there are a few reasons why this review task remains deep in my queue. One is that there are plenty of other things to work on these days. I'm reviewing documents in other IETF groups that have more urgency. Another is that I have been disappointed that the TLDs are currently in the position of "should be concerned" about this topic. I am disheartened in the lack of visible progress in the signing of the root zone and other infrastructure zones. Although I rub elbows quite often with people that are intimately involved in the effort to accomplish signing the root and they drop hints that "it is coming" "in 6 months" I have not seen any evidence that it really is going forward. (I don't consider slide-ware evidence.) Perhaps there is a deadly embrace here - maybe until these documents go forward, DNSSEC is stuck in the root zone. But I haven't heard that as an enticement. I would be willing to review these documents, but time constraints are in place because of work I find more fruitful at this time. Keeping in mind that the IETF is a volunteer effort, I think a "tastier carrot" would be nice, like real and evident progress on getting the root zone (and the other infrastructure zones like arpa and in-addr.arpa) signed. Has the IAB set out a calendar for the deployment of DNSSEC in the zones they control? Seeing a formal statement from within (the IETF) would be nice. >Last call terminates October 11, 2006. I don't mean to say that DNSSEC is petering out. An increasing number of status slides at RIPE show interest in it in various registries. But there is a lot of other work to do these days. It's a matter of time and priorities. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 12:06:36 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXK7o-0005sn-UM; Tue, 10 Oct 2006 12:06:36 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXK7l-0006YT-Jj; Tue, 10 Oct 2006 12:06:36 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXK16-000J2k-0o for namedroppers-data@psg.com; Tue, 10 Oct 2006 15:59:40 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.5 Received: from [192.0.34.14] (helo=smtp01.icann.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXK14-000J2G-Uo for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 15:59:39 +0000 Received: from terminus.local ([142.131.66.143]) (authenticated bits=0) by smtp01.icann.org (8.12.11.20060308/8.12.11) with ESMTP id k9AG0IQC011500 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 10 Oct 2006 09:00:22 -0700 Received: from [127.0.0.1] by terminus.local (PGP Universal service); Tue, 10 Oct 2006 11:59:19 -0400 X-PGP-Universal: processed; by terminus.local on Tue, 10 Oct 2006 11:59:19 -0400 In-Reply-To: References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Mime-Version: 1.0 (Apple Message framework v752.3) Message-Id: Cc: "Olaf M. Kolkman" , IETF DNSEXT WG , Mike StJohns , Suresh Krishnaswamy From: David Conrad Subject: Re: WGLC on rollover-requirements and trustudpate-timers Date: Tue, 10 Oct 2006 11:59:13 -0400 To: Edward Lewis X-Mailer: Apple Mail (2.752.3) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: d6b246023072368de71562c0ab503126 Ed, On Oct 10, 2006, at 9:29 AM, Edward Lewis wrote: > I am disheartened in the lack of visible progress in the signing of > the root zone and other infrastructure zones. I won't comment on the root, but as for infrastructure zones, at the request of the IAB IANA has committed to signing .ARPA, .URN.ARPA, .URI.ARPA, IRIS.ARPA and hopefully IP6.ARPA by the end of the year. Rgds, -drc -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 12:41:41 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXKfl-0004lr-Qe; Tue, 10 Oct 2006 12:41:41 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXKfk-00054Z-Hi; Tue, 10 Oct 2006 12:41:41 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXKbM-0001qV-0H for namedroppers-data@psg.com; Tue, 10 Oct 2006 16:37:08 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXKbK-0001pc-IS for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 16:37:07 +0000 Received: from [10.111.113.28] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9AGauPu093524; Tue, 10 Oct 2006 12:36:57 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Date: Tue, 10 Oct 2006 11:36:57 -0500 To: IETF DNSEXT WG From: Edward Lewis Subject: Re: WGLC on rollover-requirements and trustudpate-timers Cc: Edward Lewis Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.56 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 7d33c50f3756db14428398e2bdedd581 At 11:59 -0400 10/10/06, David Conrad wrote: >I won't comment on the root, but as for infrastructure zones, at the request >of the IAB IANA has committed to signing .ARPA, .URN.ARPA, .URI.ARPA, >IRIS.ARPA and hopefully IP6.ARPA by the end of the year. Cool - then we'll have a place to see a real DS set exchange (i.e., at least between RIPE and IANA in IPv6 reverse zones like 2a01::). -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 12:49:14 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXKn4-0000BU-Pi; Tue, 10 Oct 2006 12:49:14 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXKn3-0006OK-1d; Tue, 10 Oct 2006 12:49:14 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXKju-0004Ls-Uq for namedroppers-data@psg.com; Tue, 10 Oct 2006 16:45:58 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,INFO_TLD autolearn=no version=3.1.5 Received: from [207.219.45.62] (helo=mail.libertyrms.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXKjt-0004LJ-Gp for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 16:45:57 +0000 Received: from dba3.int.libertyrms.com ([10.1.3.12] helo=dba3.int.libertyrms.info ident=postfix) by mail.libertyrms.com with esmtp (Exim 4.22) id 1GXKjs-0003Dh-RI for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 12:45:56 -0400 Received: by dba3.int.libertyrms.info (ca.afilias.info, from userid 1019) id A52CD13744; Tue, 10 Oct 2006 12:44:39 -0400 (EDT) Date: Tue, 10 Oct 2006 12:44:39 -0400 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: WGLC on rollover-requirements and trustudpate-timers Message-ID: <20061010164438.GE6728@dba3> Reply-To: Andrew Sullivan References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> User-Agent: Mutt/1.5.9i X-SA-Exim-Mail-From: andrew@ca.afilias.info X-SA-Exim-Scanned: No; SAEximRunCond expanded to false Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.5 (/) X-Scan-Signature: e1b0e72ff1bbd457ceef31828f216a86 On Mon, Sep 25, 2006 at 10:00:12PM +0200, Olaf M. Kolkman wrote: > This message starts the working group last call for two documents > > draft-ietf-dnsext-rollover-requirements-03 > Requirements related to DNSSEC Trust Anchor Rollover > > > draft-ietf-dnsext-trustupdate-timers-04 > Automated Updates of DNSSEC Trust Anchors Colleagues, I have read the documents above. I believe that draft-ietf-dnsext-rollover-requirements-03 captures the set of requirements strictly necessary for key rollover (although note a comment about number 8, below). I acknowlege Thierry Moreau's argument that a wider set of operational procedures might also be necessary for at least some contexts, but I suggest that the wider set is partly a set of practices better outlined as in an operational advice. So I support this document going forward. Here is my evaluation of the extent to which draft-ietf-dnsext-trustupdate-timers-04 meets the requirements above. On the basis of my evaluation, I support the document proceeding: 1. Scalability: within the limits outlined in -requirements-03, yes. 2. No IPR Encumbrance: maybe. At the last IETF meeting, I recall someone mentioning that the IPR claim that is outstanding is not valid. The IETF IPR pages do not reflect that view, however, so I can't tell. 3. General Applicability: yes. 4. Private Networks: yes. 5. Detection of Stale Anchors: yes. 6. Manual Operation: sort of. The document requires the passage of time for certain operations, and that passage of time cannot be performed "manually" (barring some change in the metaphysical realm of which I'm unaware. I know there are some pretty good engineers here, but I'm fairly sure that problem hasn't been solved). 7. Planned and Unplanned Rollovers: yes. 8. Timeliness: To the extent I understand this requirement, yes. It seems a slightly vague requirement, in that there's no definition of what a timely manner is. The -timers-04 draft sets minimum times in most cases at 30 days, which seems reasonable to me. It would be nice for that time line to be something that is determined by policy published in the DNS itself, and if we had a policy RR of some sort, I'd strongly support putting this time in there instead. (I can think of cases where 30 days sounds like an awful lot, so it makes me nervous.) 9. High Availability: yes. 10. New RR Types: this requirement has been expanded from earlier drafts to include any protocol changes. The -timers-04 draft does require a minor modification, but I think this is perhaps a good thing. 11. Trust Anchor Maintenance Operations: yes. 12. Recovery From Compromise: yes. Note that in the case of two-key compromise on a zone with two configured keys, it seems to me that the outline in section 2.2 of -timers-04 is extremely important, because the add hold down period does not completely block the attack. I think this probably needs to be emphasised a little more in the Security Considerations section, because it seems to me to be the weakest point in the proposal. I suggest an addition in section 8.2: The zone owner should determine their own level of comfort with respect to the number of active valid trust anchors in a zone and should be prepared to implement recovery procedures once they detect a compromise. In assessing the number of active valid anchors, a zone owner should be sure to consider the consequences of key compromise and the way it motivates the Add Hold-down period (section 2.2). 13. Non-degrading Trust: yes Best regards, A -- ---- Andrew Sullivan 204-4141 Yonge Street Afilias Canada Toronto, Ontario Canada M2P 2A8 +1 416 646 3304 x4110 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 14:14:10 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXM7G-0007TP-81; Tue, 10 Oct 2006 14:14:10 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXM7B-0006GE-JR; Tue, 10 Oct 2006 14:14:10 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXM1Q-000GKh-N8 for namedroppers-data@psg.com; Tue, 10 Oct 2006 18:08:08 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,HTML_MESSAGE autolearn=ham version=3.1.5 Received: from [209.191.87.92] (helo=web37609.mail.mud.yahoo.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXM1O-000GK4-UN for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 18:08:08 +0000 Received: (qmail 10516 invoked by uid 60001); 10 Oct 2006 18:08:06 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=I/OfApbDfqz8Qvriso/zzO7Dc2NLPJi0xTjuxDdxZAECNjHt45t2gapNd8aQh0A4y+aGeK/1rbdOQ5zHni/YoMpTvR3z9bPzdTdFOUqDvJ3gG9V1yQJSzALdvKSrCpDpjJGzAmtfgyS7tlw7WWnAJRxydGKskZz1/bP8VezKi7E= ; Message-ID: <20061010180806.10514.qmail@web37609.mail.mud.yahoo.com> Received: from [157.185.81.167] by web37609.mail.mud.yahoo.com via HTTP; Tue, 10 Oct 2006 11:08:05 PDT Date: Tue, 10 Oct 2006 11:08:05 -0700 (PDT) From: char sample Subject: Re: WGLC on rollover-requirements and trustudpate-timers To: "Olaf M. Kolkman" , IETF DNSEXT WG Cc: Mike StJohns , Suresh Krishnaswamy In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-1984905817-1160503685=:10265" Content-Transfer-Encoding: 8bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.5 (/) X-Scan-Signature: 6d95a152022472c7d6cdf886a0424dc6 --0-1984905817-1160503685=:10265 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit I have completed the review of the rollover-requirements document and I am OK w/ the contents of that document as it currently reads. I am reviewing the timers one and hope to have that one completed later today. char sample Sparta, Inc. "Olaf M. Kolkman" wrote: Colleagues, This is a reminder. The WGLC closes in about 2 days; we have not met quorum yet. If you plan to review the document but need a few more days, please let us know. I'd hate if we would need to declare bankruptcy at this stage because of lack of review by the working group. --Olaf (Top-Posting) On 25Sep 2006, at 10:00 PM, Olaf M. Kolkman wrote: > > > Dear Colleagues, > > > This message starts the working group last call for two documents > > draft-ietf-dnsext-rollover-requirements-03 > Requirements related to DNSSEC Trust Anchor Rollover > > > draft-ietf-dnsext-trustupdate-timers-04 > Automated Updates of DNSSEC Trust Anchors > > The documents and their history can be found at: > > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rollover- > requirements/ > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-trustupdate-timers/ > > > It is the intention to publish the "requirements" draft as an > informational RFC and to publish "timers" on standards track. > > As previously, for each document we would like to see at least 5 > people > going on record for having thoroughly reviewed it. > > We would appreciate assessments on how well 'timers' fits > 'requirements' [*] > > > Last call terminates October 11, 2006. > > > Your chairs, > > Olaf and Olafur. > > > [*] Even though there is no reference from the timers draft to the > requirements draft we learned by experience with that the IESG is > interested and aware of requirement documents and takes interest > reviewing them both. > > ----------------------------------------------------------- > Olaf M. Kolkman > NLnet Labs > http://www.nlnetlabs.nl/ > > > ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --------------------------------- Stay in the know. Pulse on the new Yahoo.com. Check it out. --0-1984905817-1160503685=:10265 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 8bit I have completed the review of the rollover-requirements document and I am OK w/ the contents of that document as it currently reads.

I am reviewing the timers one and hope to have that one completed later today.

char sample
Sparta, Inc.

"Olaf M. Kolkman" <olaf@NLnetLabs.nl> wrote:


Colleagues,

This is a reminder. The WGLC closes in about 2 days; we have not met
quorum yet.

If you plan to review the document but need a few more days, please
let us know. I'd hate if we would need to declare bankruptcy at this
stage because of lack of review by the working group.


--Olaf

(Top-Posting)

On 25Sep 2006, at 10:00 PM, Olaf M. Kolkman wrote:

>
>
> Dear Colleagues,
>
>
> This message starts the working group last call for two documents
>
> draft-ietf-dnsext-rollover-requirements-03
> Requirements related to DNSSEC Trust Anchor Rollover
>
>
> draft-ietf-dnsext-trustupdate-timers-04
> Automated Updates of DNSSEC Trust Anchors
>
> The documents and their history can be found at:
>
> http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rollover-
> requirements/
> http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-trustupdate-timers/
>
>
> It is the intention to publish the "requirements" draft as an
> informational RFC and to publish "timers" on standards track.
>
> As previously, for each document we would like to see at least 5
> people
> going on record for having thoroughly reviewed it.
>
> We would appreciate assessments on how well 'timers' fits
> 'requirements' [*]
>
>
> Last call terminates October 11, 2006.
>
>
> Your chairs,
>
> Olaf and Olafur.
>
>
> [*] Even though there is no reference from the timers draft to the
> requirements draft we learned by experience with that the IESG is
> interested and aware of requirement documents and takes interest
> reviewing them both.
>
> -----------------------------------------------------------
> Olaf M. Kolkman
> NLnet Labs
> http://www.nlnetlabs.nl/
>
>
>

-----------------------------------------------------------
Olaf M. Kolkman
NLnet Labs
http://www.nlnetlabs.nl/




Stay in the know. Pulse on the new Yahoo.com. Check it out. --0-1984905817-1160503685=:10265-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 16:49:55 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXOXz-0000fF-6a; Tue, 10 Oct 2006 16:49:55 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXOXw-0005Lv-M9; Tue, 10 Oct 2006 16:49:55 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXORj-000I5L-49 for namedroppers-data@psg.com; Tue, 10 Oct 2006 20:43:27 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,HTML_MESSAGE autolearn=ham version=3.1.5 Received: from [209.191.87.95] (helo=web37612.mail.mud.yahoo.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXORh-000I4h-Pw for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 20:43:26 +0000 Received: (qmail 38564 invoked by uid 60001); 10 Oct 2006 20:43:25 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=IXuNBpJ+pclMp9HWKjZgBeKrgD1r+i8zfK8u+yG5WskccUpepdO9rI+50EpzfPuM41B7CKmSCzos6bCy446hNNV8eslQiyYbwwsrZs2gGA6sawbUNI+050ZAcM4KxB0E85bt1jrWJytgibUDqR083rUMCUFZwKn/BHYkl9o1+EY= ; Message-ID: <20061010204325.38562.qmail@web37612.mail.mud.yahoo.com> Received: from [157.185.81.167] by web37612.mail.mud.yahoo.com via HTTP; Tue, 10 Oct 2006 13:43:24 PDT Date: Tue, 10 Oct 2006 13:43:24 -0700 (PDT) From: char sample Subject: Re: WGLC on rollover-requirements and trustudpate-timers To: "Olaf M. Kolkman" , IETF DNSEXT WG Cc: Mike StJohns , Suresh Krishnaswamy In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-833907384-1160513004=:38322" Content-Transfer-Encoding: 8bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.5 (/) X-Scan-Signature: 287c806b254c6353fcb09ee0e53bbc5e --0-833907384-1160513004=:38322 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit I have completed the draft on the times and am OK w/ this one too. I recommend both drafts move forward to the next step in the process. char sample Sparta Inc. "Olaf M. Kolkman" wrote: Colleagues, This is a reminder. The WGLC closes in about 2 days; we have not met quorum yet. If you plan to review the document but need a few more days, please let us know. I'd hate if we would need to declare bankruptcy at this stage because of lack of review by the working group. --Olaf (Top-Posting) On 25Sep 2006, at 10:00 PM, Olaf M. Kolkman wrote: > > > Dear Colleagues, > > > This message starts the working group last call for two documents > > draft-ietf-dnsext-rollover-requirements-03 > Requirements related to DNSSEC Trust Anchor Rollover > > > draft-ietf-dnsext-trustupdate-timers-04 > Automated Updates of DNSSEC Trust Anchors > > The documents and their history can be found at: > > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rollover- > requirements/ > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-trustupdate-timers/ > > > It is the intention to publish the "requirements" draft as an > informational RFC and to publish "timers" on standards track. > > As previously, for each document we would like to see at least 5 > people > going on record for having thoroughly reviewed it. > > We would appreciate assessments on how well 'timers' fits > 'requirements' [*] > > > Last call terminates October 11, 2006. > > > Your chairs, > > Olaf and Olafur. > > > [*] Even though there is no reference from the timers draft to the > requirements draft we learned by experience with that the IESG is > interested and aware of requirement documents and takes interest > reviewing them both. > > ----------------------------------------------------------- > Olaf M. Kolkman > NLnet Labs > http://www.nlnetlabs.nl/ > > > ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --------------------------------- Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-833907384-1160513004=:38322 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 8bit I have completed the draft on the times and am OK w/ this one too.  I recommend both drafts move forward to the next step in the process.

char sample
Sparta Inc.

"Olaf M. Kolkman" <olaf@NLnetLabs.nl> wrote:


Colleagues,

This is a reminder. The WGLC closes in about 2 days; we have not met
quorum yet.

If you plan to review the document but need a few more days, please
let us know. I'd hate if we would need to declare bankruptcy at this
stage because of lack of review by the working group.


--Olaf

(Top-Posting)

On 25Sep 2006, at 10:00 PM, Olaf M. Kolkman wrote:

>
>
> Dear Colleagues,
>
>
> This message starts the working group last call for two documents
>
> draft-ietf-dnsext-rollover-requirements-03
> Requirements related to DNSSEC Trust Anchor Rollover
>
>
> draft-ietf-dnsext-trustupdate-timers-04
> Automated Updates of DNSSEC Trust Anchors
>
> The documents and their history can be found at:
>
> http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rollover-
> requirements/
> http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-trustupdate-timers/
>
>
> It is the intention to publish the "requirements" draft as an
> informational RFC and to publish "timers" on standards track.
>
> As previously, for each document we would like to see at least 5
> people
> going on record for having thoroughly reviewed it.
>
> We would appreciate assessments on how well 'timers' fits
> 'requirements' [*]
>
>
> Last call terminates October 11, 2006.
>
>
> Your chairs,
>
> Olaf and Olafur.
>
>
> [*] Even though there is no reference from the timers draft to the
> requirements draft we learned by experience with that the IESG is
> interested and aware of requirement documents and takes interest
> reviewing them both.
>
> -----------------------------------------------------------
> Olaf M. Kolkman
> NLnet Labs
> http://www.nlnetlabs.nl/
>
>
>

-----------------------------------------------------------
Olaf M. Kolkman
NLnet Labs
http://www.nlnetlabs.nl/




Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-833907384-1160513004=:38322-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 17:06:07 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXOnf-0001BR-Al; Tue, 10 Oct 2006 17:06:07 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXOne-0007IK-1m; Tue, 10 Oct 2006 17:06:07 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXOkB-000Lew-Qz for namedroppers-data@psg.com; Tue, 10 Oct 2006 21:02:31 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [192.94.214.100] (helo=nutshell.tislabs.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXOkA-000LeP-RD for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 21:02:31 +0000 Received: (from uucp@localhost) by nutshell.tislabs.com (8.12.9/8.12.9) id k9AL1Dvd026238 for ; Tue, 10 Oct 2006 17:01:13 -0400 (EDT) Received: from pecan.tislabs.com(10.66.1.30) by nutshell.tislabs.com via csmap (V6.0) id srcAAAH_aaoZ; Tue, 10 Oct 06 17:01:08 -0400 Received: from [127.0.0.1] (localhost.tislabs.com [127.0.0.1]) by pecan.tislabs.com (Postfix) with ESMTP id D76803F4AA for ; Tue, 10 Oct 2006 17:01:18 -0400 (EDT) Message-ID: <452C0A5A.4020208@tislabs.com> Date: Tue, 10 Oct 2006 14:02:18 -0700 From: Lindy Foster User-Agent: Mozilla Thunderbird 1.0.8-1.1.fc4 (X11/20060501) X-Accept-Language: en-us, en MIME-Version: 1.0 To: IETF DNSEXT WG Subject: draft-ietf-dnsext-rollover-requirements-03.txt X-Enigmail-Version: 0.93.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have reviewed this draft and am satisfied with the current version. I recommend it be advanced. - -- Lindy Foster SPARTA, Inc. lindy@sparta.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLApaAxJowVHHlGYRAljzAJ42T+QL0GIVLs1uUiY/Yg185Q8bKACgjCag tdM4A1PrQIomlyvCKnFi+XA= =aUQ9 -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 17:45:12 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXPPU-0003Cp-Ms; Tue, 10 Oct 2006 17:45:12 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXPPP-0003dM-Cg; Tue, 10 Oct 2006 17:45:12 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXPMp-0002nJ-FZ for namedroppers-data@psg.com; Tue, 10 Oct 2006 21:42:27 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,NO_REAL_NAME autolearn=no version=3.1.5 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXPMo-0002mu-K8 for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 21:42:26 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id k9ALejSK022077; Tue, 10 Oct 2006 21:41:15 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id k9ALe5dY022072; Tue, 10 Oct 2006 21:40:05 GMT Date: Tue, 10 Oct 2006 21:40:05 +0000 From: bmanning@karoshi.com To: Lindy Foster Cc: IETF DNSEXT WG Subject: Re: draft-ietf-dnsext-rollover-requirements-03.txt Message-ID: <20061010214005.GA21964@vacation.karoshi.com.> References: <452C0A5A.4020208@tislabs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <452C0A5A.4020208@tislabs.com> User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17 thats four folks from Sparta in favor. --bill On Tue, Oct 10, 2006 at 02:02:18PM -0700, Lindy Foster wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I have reviewed this draft and am satisfied with the current > version. I recommend it be advanced. > > - -- > Lindy Foster > SPARTA, Inc. > lindy@sparta.com > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > > iD8DBQFFLApaAxJowVHHlGYRAljzAJ42T+QL0GIVLs1uUiY/Yg185Q8bKACgjCag > tdM4A1PrQIomlyvCKnFi+XA= > =aUQ9 > -----END PGP SIGNATURE----- > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 10 19:05:28 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXQfA-00052P-0v; Tue, 10 Oct 2006 19:05:28 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXQSm-0008UU-GG; Tue, 10 Oct 2006 18:52:42 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXQNd-000E7w-4I for namedroppers-data@psg.com; Tue, 10 Oct 2006 22:47:21 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_SOFTFAIL autolearn=no version=3.1.5 Received: from [157.185.61.2] (helo=M4.sparta.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXQNb-000E7E-VU for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 22:47:20 +0000 Received: from Beta5.sparta.com (beta5.sparta.com [157.185.63.21]) by M4.sparta.com (8.13.5/8.13.5) with ESMTP id k9AMlAcM007881; Tue, 10 Oct 2006 17:47:10 -0500 Received: from nemo.columbia.ads.sparta.com (nemo.columbia.sparta.com [157.185.80.75]) by Beta5.sparta.com (8.12.11/8.13.1) with ESMTP id k9AMl7TF003225; Tue, 10 Oct 2006 17:47:09 -0500 Received: from [127.0.0.1] ([157.185.80.253]) by nemo.columbia.ads.sparta.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 10 Oct 2006 18:47:06 -0400 In-Reply-To: References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <4E5006BA-E14D-4367-90D5-E20500F9E486@tislabs.com> Cc: IETF DNSEXT WG , Mike StJohns Content-Transfer-Encoding: 7bit From: Suresh Krishnaswamy Subject: Re: WGLC on rollover-requirements and trustudpate-timers Date: Tue, 10 Oct 2006 18:47:05 -0400 To: "Olaf M. Kolkman" X-Mailer: Apple Mail (2.752.2) X-OriginalArrivalTime: 10 Oct 2006 22:47:06.0818 (UTC) FILETIME=[0331E220:01C6ECBE] Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 7a6398bf8aaeabc7a7bb696b6b0a2aad I've already indicated my support for the "timers" approach in the past. I've re-read draft-ietf-dnsext-trustupdate-timers-04 and support it going forward. Suresh -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 05:32:14 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXaRh-0004jB-Qx; Wed, 11 Oct 2006 05:32:13 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXaRc-0000A7-GA; Wed, 11 Oct 2006 05:32:13 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXaMe-000EDE-25 for namedroppers-data@psg.com; Wed, 11 Oct 2006 09:27:00 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXaMc-000ECY-Gq for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 09:26:59 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::53]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9B9PQJY061359; Wed, 11 Oct 2006 11:25:26 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-69--284583797" Message-Id: <5C971E23-B445-48F1-8F99-B4F5DB54BE13@NLnetLabs.nl> Cc: IETF DNSEXT WG , Mike StJohns , Suresh Krishnaswamy Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: WGLC on rollover-requirements and trustudpate-timers Date: Wed, 11 Oct 2006 11:25:25 +0200 To: Edward Lewis X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 82c9bddb247d9ba4471160a9a865a5f3 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-69--284583797 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 10Oct 2006, at 3:29 PM, Edward Lewis wrote: > > Has the IAB set out a calendar for the deployment of DNSSEC in the > zones they control? Seeing a formal statement from within (the > IETF) would be nice. > See: http://www.iab.org/documents/correspondence/2006-05-15-IAB-request-to- IANA-to-sign-DNSSEC-zones.html Last week John Crain reported: ".int and .arpa signed by the end of year" (slide 5 of http://www.ripe.net/ripe/meetings/ripe-53/ presentations/icann_dns_wg.pdf) --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-69--284583797 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFLLiGtN/ca3YJIocRAlQEAJ9aUA/jxFPsS9y3vjI74ZU9I5U3FACdHiUB SxLL+QQZOMfSAmL3lR9j/ak= =ClXL -----END PGP SIGNATURE----- --Apple-Mail-69--284583797-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 05:48:46 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXahi-0003aI-Py; Wed, 11 Oct 2006 05:48:46 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXahh-0003wk-G4; Wed, 11 Oct 2006 05:48:46 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXaeh-000J2v-95 for namedroppers-data@psg.com; Wed, 11 Oct 2006 09:45:39 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXaeg-000J1j-5A for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 09:45:38 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1:211:2fff:fed7:7378]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9B9jOuI064422; Wed, 11 Oct 2006 11:45:24 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-73--283385886" Message-Id: <3301D98D-A27A-44B5-AD81-71E2D0FEE672@NLnetLabs.nl> Cc: IETF DNSEXT WG , Mike StJohns , Suresh Krishnaswamy Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: WGLC on rollover-requirements and trustudpate-timers Date: Wed, 11 Oct 2006 11:45:23 +0200 To: "Olaf M. Kolkman" X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 5a9a1bd6c2d06a21d748b7d0070ddcb8 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-73--283385886 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 9Oct 2006, at 2:35 PM, Olaf M. Kolkman wrote: > > > Colleagues, > > This is a reminder. The WGLC closes in about 2 days; we have not > met quorum yet. > > If you plan to review the document but need a few more days, please > let us know. I'd hate if we would need to declare bankruptcy at > this stage because of lack of review by the working group. Some people indicated they need a bit more time. I think we met quorum but I would still like to see the responses and take them into account. I will review last call sometime next week, probably at the end of it. --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-73--283385886 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFLL00tN/ca3YJIocRAmWMAJ0UDYo8cS4DUMBtVqogXwVTPXV5YACg9lxC uU5fhGAgUSusCuhpRIA2Kds= =JbHK -----END PGP SIGNATURE----- --Apple-Mail-73--283385886-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 06:01:48 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXauK-0001Z3-0P; Wed, 11 Oct 2006 06:01:48 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXauI-000750-OL; Wed, 11 Oct 2006 06:01:47 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXaqk-000MFg-DB for namedroppers-data@psg.com; Wed, 11 Oct 2006 09:58:06 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXaqj-000MFC-ID for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 09:58:05 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1:211:2fff:fed7:7378]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9B9vQsT077808; Wed, 11 Oct 2006 11:57:26 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: <20061010214005.GA21964@vacation.karoshi.com.> References: <452C0A5A.4020208@tislabs.com> <20061010214005.GA21964@vacation.karoshi.com.> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-76--282663765" Message-Id: Cc: IETF DNSEXT WG Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: draft-ietf-dnsext-rollover-requirements-03.txt Date: Wed, 11 Oct 2006 11:57:25 +0200 To: bmanning@karoshi.com X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-76--282663765 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed On 10Oct 2006, at 11:40 PM, bmanning@karoshi.com wrote: > > thats four folks from Sparta in favor. > Noted. May we expect a review from you to balance that scale :-) --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-76--282663765 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFLMAGtN/ca3YJIocRArb+AKDYIH0E5ntOgYvS64XSfMI4Q8/oXgCgy08W MnwHPK7WfbUnLf+iL/Spqek= =13m/ -----END PGP SIGNATURE----- --Apple-Mail-76--282663765-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 08:15:32 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXczk-000530-7X; Wed, 11 Oct 2006 08:15:32 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXczi-0003jP-UA; Wed, 11 Oct 2006 08:15:32 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXcuM-000PUZ-NN for namedroppers-data@psg.com; Wed, 11 Oct 2006 12:09:58 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,NO_REAL_NAME autolearn=no version=3.1.5 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXcuM-000PU1-4G for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 12:09:58 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id k9BC5wSK027613; Wed, 11 Oct 2006 12:06:28 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id k9BC5SW3027611; Wed, 11 Oct 2006 12:05:28 GMT Date: Wed, 11 Oct 2006 12:05:28 +0000 From: bmanning@karoshi.com To: "Olaf M. Kolkman" Cc: bmanning@karoshi.com, IETF DNSEXT WG Subject: Re: draft-ietf-dnsext-rollover-requirements-03.txt Message-ID: <20061011120528.GA27481@vacation.karoshi.com.> References: <452C0A5A.4020208@tislabs.com> <20061010214005.GA21964@vacation.karoshi.com.> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: 52e1467c2184c31006318542db5614d5 On Wed, Oct 11, 2006 at 11:57:25AM +0200, Olaf M. Kolkman wrote: > > On 10Oct 2006, at 11:40 PM, bmanning@karoshi.com wrote: > > > > > thats four folks from Sparta in favor. > > > > Noted. > > May we expect a review from you to balance that scale :-) > > --Olaf > well... (adding the last "in favor" to the list makes five from sparta) i think the criteria has been met to move the docset forward regardless of my opinions. ... that said, i'll take the stance i took in Dallas. this requirements list does not meet my perception of keyroll requirements, as stated in Dallas, and the document authors chose not to include my concerns in the name of rough consenses and expediency. so while this document may be reflective of many/most folks ideas on keyrollover requirements, it does not reflect mine. as a team player, i'll have to abstain from any other opinion here and let the community decide its fate. --bill -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 08:36:32 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXdK4-0006A8-IE; Wed, 11 Oct 2006 08:36:32 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXdK1-0007XR-8b; Wed, 11 Oct 2006 08:36:32 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXdFA-00048g-4J for namedroppers-data@psg.com; Wed, 11 Oct 2006 12:31:28 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.5 Received: from [204.152.187.1] (helo=sa.vix.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXdF7-00047t-Ee for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 12:31:27 +0000 Received: from sa.vix.com (localhost [127.0.0.1]) by sa.vix.com (Postfix) with ESMTP id E17BA11426; Wed, 11 Oct 2006 12:31:24 +0000 (UTC) (envelope-from vixie@sa.vix.com) From: Paul Vixie To: "Olaf M. Kolkman" cc: Edward Lewis , IETF DNSEXT WG , Mike StJohns , Suresh Krishnaswamy Subject: Re: WGLC on rollover-requirements and trustudpate-timers In-Reply-To: Your message of "Wed, 11 Oct 2006 11:25:25 +0200." <5C971E23-B445-48F1-8F99-B4F5DB54BE13@NLnetLabs.nl> References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> <5C971E23-B445-48F1-8F99-B4F5DB54BE13@NLnetLabs.nl> X-Mailer: MH-E 8.0.2; nmh 1.0.4; GNU Emacs 21.3.1 Date: Wed, 11 Oct 2006 12:31:24 +0000 Message-ID: <90781.1160569884@sa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de > Last week John Crain reported: ".int and .arpa signed by the end of year" > (slide 5 of http://www.ripe.net/ripe/meetings/ripe-53/ > presentations/icann_dns_wg.pdf) .arpa is a good start but what about in-addr.arpa? -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 08:57:14 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXde5-00063h-0K; Wed, 11 Oct 2006 08:57:13 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXdT4-00011j-3v; Wed, 11 Oct 2006 08:45:56 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXdPo-0006AE-2q for namedroppers-data@psg.com; Wed, 11 Oct 2006 12:42:28 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.5 Received: from [81.200.64.181] (helo=shell-ng.nominum.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXdPn-00069z-3B for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 12:42:27 +0000 Received: from STJOHNS-LAPTOP2.nominum.com (shell-ng.nominum.com [81.200.64.181]) by shell-ng.nominum.com (Postfix) with ESMTP id E00D75682B; Wed, 11 Oct 2006 05:42:25 -0700 (PDT) (envelope-from Mike.StJohns@nominum.com) Message-Id: <7.0.1.0.2.20061011083951.07e24c70@nominum.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Wed, 11 Oct 2006 08:42:26 -0400 To: "Olaf M. Kolkman" , "Olaf M. Kolkman" From: Mike StJohns Subject: Re: WGLC on rollover-requirements and trustudpate-timers Cc: IETF DNSEXT WG , Suresh Krishnaswamy In-Reply-To: <3301D98D-A27A-44B5-AD81-71E2D0FEE672@NLnetLabs.nl> References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> <3301D98D-A27A-44B5-AD81-71E2D0FEE672@NLnetLabs.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 I know you'd like to wait, but let's close this by Friday please. I've got to do one more pass to change two items - fix spelling and clarify how to calculate the minimum retransmit time - and I'd like to do that this weekend so I can resubmit in plenty of time for the deadline. These changes are editorial only and don't change the meaning of the document. Mike At 05:45 AM 10/11/2006, Olaf M. Kolkman wrote: >On 9Oct 2006, at 2:35 PM, Olaf M. Kolkman wrote: > >> >> >>Colleagues, >> >>This is a reminder. The WGLC closes in about 2 days; we have not >>met quorum yet. >> >>If you plan to review the document but need a few more days, please >>let us know. I'd hate if we would need to declare bankruptcy at >>this stage because of lack of review by the working group. > >Some people indicated they need a bit more time. I think we met >quorum but I would still like to see the responses and take them into >account. > >I will review last call sometime next week, probably at the end of it. > >--Olaf > >----------------------------------------------------------- >Olaf M. Kolkman >NLnet Labs >http://www.nlnetlabs.nl/ > > > > > -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 10:50:14 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXfPR-0002fs-84; Wed, 11 Oct 2006 10:50:13 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXfPO-0001ce-U8; Wed, 11 Oct 2006 10:50:13 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXfHL-000NBe-I6 for namedroppers-data@psg.com; Wed, 11 Oct 2006 14:41:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,OPTING_OUT_CAPS, SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.1.5 Received: from [65.201.175.9] (helo=mail.verisignlabs.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXfHK-000NBM-JA for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 14:41:51 +0000 Received: from [10.131.30.98] ([::ffff:216.168.239.87]) (AUTH: PLAIN davidb, SSL: TLSv1/SSLv3,256bits,AES256-SHA) by mail.verisignlabs.com with esmtp; Wed, 11 Oct 2006 10:41:49 -0400 id 002D8016.452D02AD.00000427 Message-ID: <452D0295.2010207@verisignlabs.com> Date: Wed, 11 Oct 2006 10:41:25 -0400 From: David Blacka User-Agent: Thunderbird 1.5.0.7 (Macintosh/20060909) MIME-Version: 1.0 To: IETF DNSEXT WG Subject: NSEC3 Issue 27: creating a flag octet. X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2 During the last NSEC3 workshop in September, the following suggestion was made: Create a single octet in the wire format of both the NSEC3 and NSEC3PARAM records dedicated to flags. Only one flag would be defined initially, the Opt-Out flag. The purpose for this change would be twofold: 1) to allow a future specification to define new flags for, e.g., dynamic update features. 2) to make the wire format a bit friendlier to parse. The main proposal for how to actually create this octet is to convert the high order octet of the iterations field (which is where the Opt-Out flag currently resides anyway) and dedicate it to flags, thus shortening the iterations field. The new maximum iterations value would be 65535. The Opt-Out flag would be defined to be the low-order bit in this field (which would preserve the presentation format). Obviously, there are possible variations to this proposal. For instance, we could keep the iterations field 3 octets long, add a flags octet, and move the Opt-Out flag to it. This would actually increase the maximum number of expressible iterations to 16777215 (from 8388607). Comments? Suggestions? -- David Blacka Sr. Engineer VeriSign Infrastructure Product Engineering -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 11:23:31 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXfvf-0000ML-Ut; Wed, 11 Oct 2006 11:23:31 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXfvb-00067V-8X; Wed, 11 Oct 2006 11:23:31 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXfpZ-0002lW-Dx for namedroppers-data@psg.com; Wed, 11 Oct 2006 15:17:13 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.1.5 Received: from [157.185.61.2] (helo=M4.sparta.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXfpX-0002ks-K8 for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 15:17:12 +0000 Received: from Beta5.sparta.com (beta5.sparta.com [157.185.63.21]) by M4.sparta.com (8.13.5/8.13.5) with ESMTP id k9BFGB0n019602; Wed, 11 Oct 2006 10:16:12 -0500 Received: from ponyxpress.rosslyn.ads.sparta.com (861.rosslyn.sparta.com [157.185.86.1]) by Beta5.sparta.com (8.12.11/8.13.1) with ESMTP id k9BFG9Q6010937; Wed, 11 Oct 2006 10:16:11 -0500 Received: from mailbin.rosslyn.ads.sparta.com ([157.185.85.6]) by ponyxpress.rosslyn.ads.sparta.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 11 Oct 2006 11:16:07 -0400 Received: from [192.168.1.3] ([24.218.47.174]) by mailbin.rosslyn.ads.sparta.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Wed, 11 Oct 2006 11:40:06 -0400 Message-ID: <452D09EA.6080609@sparta.com> Date: Wed, 11 Oct 2006 11:12:42 -0400 From: "G. S. Marzot" User-Agent: Thunderbird 1.5 (X11/20060313) MIME-Version: 1.0 To: bmanning@karoshi.com CC: "Olaf M. Kolkman" , IETF DNSEXT WG Subject: Re: draft-ietf-dnsext-rollover-requirements-03.txt References: <452C0A5A.4020208@tislabs.com> <20061010214005.GA21964@vacation.karoshi.com.> <20061011120528.GA27481@vacation.karoshi.com.> In-Reply-To: <20061011120528.GA27481@vacation.karoshi.com.> X-Enigmail-Version: 0.94.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 11 Oct 2006 15:40:06.0515 (UTC) FILETIME=[86B7A430:01C6ED4B] Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793 primarily for my edification, is it possible to re-state the concern concisely?...I have missed it in prior posts. -G bmanning@karoshi.com wrote: > On Wed, Oct 11, 2006 at 11:57:25AM +0200, Olaf M. Kolkman wrote: >> On 10Oct 2006, at 11:40 PM, bmanning@karoshi.com wrote: >> >>> thats four folks from Sparta in favor. >>> >> Noted. >> >> May we expect a review from you to balance that scale :-) >> >> --Olaf >> > > well... (adding the last "in favor" to the list makes > five from sparta) i think the criteria has been met to move > the docset forward regardless of my opinions. ... > > that said, i'll take the stance i took in Dallas. this > requirements list does not meet my perception of keyroll > requirements, as stated in Dallas, and the document authors > chose not to include my concerns in the name of rough > consenses and expediency. so while this document may be reflective > of many/most folks ideas on keyrollover requirements, it > does not reflect mine. > > as a team player, i'll have to abstain from any other opinion > here and let the community decide its fate. > > --bill > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: > -- Giovanni S Marzot SPARTA, Inc. -- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 12:01:19 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXgVo-0002yO-Im; Wed, 11 Oct 2006 12:00:53 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXgRj-0002Ts-6p; Wed, 11 Oct 2006 11:56:40 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXgLc-0007oF-70 for namedroppers-data@psg.com; Wed, 11 Oct 2006 15:50:20 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,NO_REAL_NAME autolearn=no version=3.1.5 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXgLb-0007nw-2n for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 15:50:19 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id k9BFjhSK029077; Wed, 11 Oct 2006 15:46:13 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id k9BFiqrs029069; Wed, 11 Oct 2006 15:44:52 GMT Date: Wed, 11 Oct 2006 15:44:52 +0000 From: bmanning@karoshi.com To: "G. S. Marzot" Cc: bmanning@karoshi.com, "Olaf M. Kolkman" , IETF DNSEXT WG Subject: Re: draft-ietf-dnsext-rollover-requirements-03.txt Message-ID: <20061011154452.GB28998@vacation.karoshi.com.> References: <452C0A5A.4020208@tislabs.com> <20061010214005.GA21964@vacation.karoshi.com.> <20061011120528.GA27481@vacation.karoshi.com.> <452D09EA.6080609@sparta.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <452D09EA.6080609@sparta.com> User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: f607d15ccc2bc4eaf3ade8ffa8af02a0 sure, but since my issues are OBE, lets not take up list/IETF resources with them ok?? --bill On Wed, Oct 11, 2006 at 11:12:42AM -0400, G. S. Marzot wrote: > primarily for my edification, is it possible to re-state the concern > concisely?...I have missed it in prior posts. > > -G > > bmanning@karoshi.com wrote: > > On Wed, Oct 11, 2006 at 11:57:25AM +0200, Olaf M. Kolkman wrote: > >> On 10Oct 2006, at 11:40 PM, bmanning@karoshi.com wrote: > >> > >>> thats four folks from Sparta in favor. > >>> > >> Noted. > >> > >> May we expect a review from you to balance that scale :-) > >> > >> --Olaf > >> > > > > well... (adding the last "in favor" to the list makes > > five from sparta) i think the criteria has been met to move > > the docset forward regardless of my opinions. ... > > > > that said, i'll take the stance i took in Dallas. this > > requirements list does not meet my perception of keyroll > > requirements, as stated in Dallas, and the document authors > > chose not to include my concerns in the name of rough > > consenses and expediency. so while this document may be reflective > > of many/most folks ideas on keyrollover requirements, it > > does not reflect mine. > > > > as a team player, i'll have to abstain from any other opinion > > here and let the community decide its fate. > > > > --bill > > > > -- > > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > > the word 'unsubscribe' in a single line as the message text body. > > archive: > > > > > -- > > Giovanni S Marzot > SPARTA, Inc. > > -- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 12:11:07 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXgfj-0001LB-Uk; Wed, 11 Oct 2006 12:11:07 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXgfi-0004Vy-HW; Wed, 11 Oct 2006 12:11:07 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXgYV-0009rW-CN for namedroppers-data@psg.com; Wed, 11 Oct 2006 16:03:39 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXgYU-0009rE-5C for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 16:03:38 +0000 Received: from [10.111.113.226] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9BG2eNT006399; Wed, 11 Oct 2006 12:02:41 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <452D09EA.6080609@sparta.com> References: <452C0A5A.4020208@tislabs.com> <20061010214005.GA21964@vacation.karoshi.com.> <20061011120528.GA27481@vacation.karoshi.com.> <452D09EA.6080609@sparta.com> Date: Wed, 11 Oct 2006 11:02:40 -0500 To: "G. S. Marzot" From: Edward Lewis Subject: Re: draft-ietf-dnsext-rollover-requirements-03.txt Cc: bmanning@karoshi.com, "Olaf M. Kolkman" , IETF DNSEXT WG Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e1b0e72ff1bbd457ceef31828f216a86 Here's what I see on http://www3.ietf.org/proceedings/06mar/minutes/dnsext.txt (the minutes from the Dallas meeting): #...about Key Rollover requirements. # ... # Bill: I would like to point out there was possibly another # submission given to the editors. # # Russ: And there was an offer of a fourth. # # Bill: One editor suggested that my requirements submission # was overly broad. # # Bill's discussion was tabled. # I thought that would contain the concern, but it look like it hasn't been. Oh wait, there's more: # Bill returned to unshelf his issue. # # Bill: This document does not meet my idea of what requirements # are. I've submitted some text and been told that it is overbroad # and overreaching. What Bill thinks of as are requirements is # different form the editors. He would like to sit down quietly and # beat them with sticks. He is not going to hinder this document to # proceed, but it doesn't meet his requirements. # Well, still not enough documented to answer the question... At 11:12 -0400 10/11/06, G. S. Marzot wrote: >primarily for my edification, is it possible to re-state the concern >concisely?...I have missed it in prior posts. > >-G > >bmanning@karoshi.com wrote: >> On Wed, Oct 11, 2006 at 11:57:25AM +0200, Olaf M. Kolkman wrote: >>> On 10Oct 2006, at 11:40 PM, bmanning@karoshi.com wrote: >>> >>>> thats four folks from Sparta in favor. >>>> >>> Noted. >>> >>> May we expect a review from you to balance that scale :-) >>> >>> --Olaf >>> >> >> well... (adding the last "in favor" to the list makes >> five from sparta) i think the criteria has been met to move >> the docset forward regardless of my opinions. ... >> >> that said, i'll take the stance i took in Dallas. this >> requirements list does not meet my perception of keyroll >> requirements, as stated in Dallas, and the document authors >> chose not to include my concerns in the name of rough >> consenses and expediency. so while this document may be reflective >> of many/most folks ideas on keyrollover requirements, it >> does not reflect mine. >> >> as a team player, i'll have to abstain from any other opinion >> here and let the community decide its fate. >> >> --bill >> >> -- >> to unsubscribe send a message to namedroppers-request@ops.ietf.org with >> the word 'unsubscribe' in a single line as the message text body. >> archive: >> > > >-- > >Giovanni S Marzot >SPARTA, Inc. > >-- > >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 12:36:45 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXh4X-0006uu-OG; Wed, 11 Oct 2006 12:36:45 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXh4W-0007Qn-Fd; Wed, 11 Oct 2006 12:36:45 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXgxZ-000FBj-Gi for namedroppers-data@psg.com; Wed, 11 Oct 2006 16:29:33 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,NO_REAL_NAME autolearn=no version=3.1.5 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXgxY-000FAn-T1 for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 16:29:33 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id k9BGMrSK029387; Wed, 11 Oct 2006 16:23:23 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id k9BGLhot029370; Wed, 11 Oct 2006 16:21:43 GMT Date: Wed, 11 Oct 2006 16:21:43 +0000 From: bmanning@karoshi.com To: Edward Lewis Cc: "G. S. Marzot" , bmanning@karoshi.com, "Olaf M. Kolkman" , IETF DNSEXT WG Subject: Re: draft-ietf-dnsext-rollover-requirements-03.txt Message-ID: <20061011162143.GD28998@vacation.karoshi.com.> References: <452C0A5A.4020208@tislabs.com> <20061010214005.GA21964@vacation.karoshi.com.> <20061011120528.GA27481@vacation.karoshi.com.> <452D09EA.6080609@sparta.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: 79899194edc4f33a41f49410777972f8 On Wed, Oct 11, 2006 at 11:02:40AM -0500, Edward Lewis wrote: > Here's what I see on > http://www3.ietf.org/proceedings/06mar/minutes/dnsext.txt (the > minutes from the Dallas meeting): > > Well, still not enough documented to answer the question... er... it is possible, but not productive. No one cares in this forum so there is no reason to be obstructionist and trying to stop the inevitable. might as well let this go since there is an interest in seeing this work proceed. i'll proceed to document my own keyroll requirements and implement based on my needs. No harm, No foul. --bill -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 13:42:21 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXi61-0000kY-8u; Wed, 11 Oct 2006 13:42:21 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXi5u-0001nL-VT; Wed, 11 Oct 2006 13:42:21 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXhwj-0001Uo-Vu for namedroppers-data@psg.com; Wed, 11 Oct 2006 17:32:45 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXhwg-0001U2-GK for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 17:32:45 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1:211:2fff:fed7:7378]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9BHWYWT027294; Wed, 11 Oct 2006 19:32:34 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: <7.0.1.0.2.20061011083951.07e24c70@nominum.com> References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> <3301D98D-A27A-44B5-AD81-71E2D0FEE672@NLnetLabs.nl> <7.0.1.0.2.20061011083951.07e24c70@nominum.com> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-103--255355787" Message-Id: <3C883A0A-620F-4C5E-99B5-16A9EFA25BA8@NLnetLabs.nl> Cc: IETF DNSEXT WG Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: WGLC on rollover-requirements and trustudpate-timers Date: Wed, 11 Oct 2006 19:32:33 +0200 To: Mike StJohns X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 244a2fd369eaf00ce6820a760a3de2e8 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-103--255355787 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 11Oct 2006, at 2:42 PM, Mike StJohns wrote: > I know you'd like to wait, but let's close this by Friday please. > I've got to do one more pass to change two items - fix spelling and > clarify how to calculate the minimum retransmit time - and I'd like > to do that this weekend so I can resubmit in plenty of time for the > deadline. These changes are editorial only and don't change the > meaning of the document. > Fair enough... But I have commitments that will not allow me to do the summary this week. I propose the following: Friday 9 am EST is the last moment that the working group can submit feedback on your document. You use that to rev the draft and publish it. Once you've published the draft you notify the working group so they can double check the last rev. Assuming that there is no change in the current trend there will be consensus to forward and I'll try to do the proto statement in the next two weeks and push this towards IESG. --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-103--255355787 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD4DBQFFLSqytN/ca3YJIocRAtIlAJiwtupTU8xnBvDgilv9gkwl757TAKCYLl1y Uued6sQ/ucUGm3brbrzPuQ== =FN3A -----END PGP SIGNATURE----- --Apple-Mail-103--255355787-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 15:12:02 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXjUo-00040c-Ll; Wed, 11 Oct 2006 15:12:02 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXjUm-0004je-0W; Wed, 11 Oct 2006 15:12:02 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXjMU-000MQY-8T for namedroppers-data@psg.com; Wed, 11 Oct 2006 19:03:26 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,INFO_TLD,OPTING_OUT_CAPS autolearn=no version=3.1.5 Received: from [207.219.45.62] (helo=mail.libertyrms.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXjMT-000MPx-HR for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 19:03:25 +0000 Received: from roaming11.int.libertyrms.com ([10.1.3.241]) by mail.libertyrms.com with esmtp (Exim 4.22) id 1GXjMS-0001DR-PJ for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 15:03:24 -0400 Received: by roaming11.int.libertyrms.com (Postfix, from userid 1019) id 25D241EF587; Wed, 11 Oct 2006 15:03:14 -0400 (EDT) Date: Wed, 11 Oct 2006 15:03:14 -0400 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: NSEC3 Issue 27: creating a flag octet. Message-ID: <20061011190313.GH8600@afilias.info> Reply-To: Andrew Sullivan References: <452D0295.2010207@verisignlabs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <452D0295.2010207@verisignlabs.com> User-Agent: Mutt/1.5.11 X-SA-Exim-Mail-From: andrew@ca.afilias.info X-SA-Exim-Scanned: No; SAEximRunCond expanded to false Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.6 (/) X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a On Wed, Oct 11, 2006 at 10:41:25AM -0400, David Blacka wrote: > Create a single octet in the wire format of both the NSEC3 and > NSEC3PARAM records dedicated to flags. Only one flag would be defined > initially, the Opt-Out flag. I think the flag octet is a good idea. > the iterations field. The new maximum iterations value would be 65535. [. . .] > instance, we could keep the iterations field 3 octets long, add a flags > octet, and move the Opt-Out flag to it. This would actually increase > the maximum number of expressible iterations to 16777215 (from 8388607). I don't have an opinion on whether any of the alternative approaches is a better idea. A -- Andrew Sullivan 204-4141 Yonge Street Afilias Canada Toronto, Ontario Canada M2P 2A8 jabber: ajsaf@jabber.org +1 416 646 3304 x4110 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 18:18:09 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXmOv-0006x6-1P; Wed, 11 Oct 2006 18:18:09 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXmOm-00078b-NP; Wed, 11 Oct 2006 18:18:09 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXmJp-000PTO-3v for namedroppers-data@psg.com; Wed, 11 Oct 2006 22:12:53 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.5 Received: from [81.200.64.181] (helo=shell-ng.nominum.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXmJo-000PT3-8p for namedroppers@ops.ietf.org; Wed, 11 Oct 2006 22:12:52 +0000 Received: from STJOHNS-LAPTOP2.nominum.com (shell-ng.nominum.com [81.200.64.181]) by shell-ng.nominum.com (Postfix) with ESMTP id EEF2B56835; Wed, 11 Oct 2006 15:12:50 -0700 (PDT) (envelope-from Mike.StJohns@nominum.com) Message-Id: <7.0.1.0.2.20061011181240.07c516d0@nominum.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Wed, 11 Oct 2006 18:12:51 -0400 To: "Olaf M. Kolkman" From: Mike StJohns Subject: Re: WGLC on rollover-requirements and trustudpate-timers Cc: IETF DNSEXT WG In-Reply-To: <3C883A0A-620F-4C5E-99B5-16A9EFA25BA8@NLnetLabs.nl> References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> <3301D98D-A27A-44B5-AD81-71E2D0FEE672@NLnetLabs.nl> <7.0.1.0.2.20061011083951.07e24c70@nominum.com> <3C883A0A-620F-4C5E-99B5-16A9EFA25BA8@NLnetLabs.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 769a46790fb42fbb0b0cc700c82f7081 Works for me. Thanks! Mike At 01:32 PM 10/11/2006, Olaf M. Kolkman wrote: >On 11Oct 2006, at 2:42 PM, Mike StJohns wrote: > >>I know you'd like to wait, but let's close this by Friday please. >>I've got to do one more pass to change two items - fix spelling and >>clarify how to calculate the minimum retransmit time - and I'd like >>to do that this weekend so I can resubmit in plenty of time for the >>deadline. These changes are editorial only and don't change the >>meaning of the document. > >Fair enough... > >But I have commitments that will not allow me to do the summary this >week. > >I propose the following: > >Friday 9 am EST is the last moment that the working group can submit >feedback on your document. You use that to rev the draft and publish >it. Once you've published the draft you notify the working group so >they can double check the last rev. > >Assuming that there is no change in the current trend there will be >consensus to forward and I'll try to do the proto statement in the >next two weeks and push this towards IESG. > >--Olaf > >----------------------------------------------------------- >Olaf M. Kolkman >NLnet Labs >http://www.nlnetlabs.nl/ > > > > > -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 20:54:33 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXoqH-0004Ep-0m; Wed, 11 Oct 2006 20:54:33 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXoqB-00087O-MU; Wed, 11 Oct 2006 20:54:32 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXokX-0005LF-Jz for namedroppers-data@psg.com; Thu, 12 Oct 2006 00:48:37 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,OPTING_OUT_CAPS autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXokW-0005Kl-Ri for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 00:48:37 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 8094D11405E for ; Thu, 12 Oct 2006 00:48:36 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id 5738AE6066 for ; Thu, 12 Oct 2006 00:48:35 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k9C0mUM2000298; Thu, 12 Oct 2006 10:48:30 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610120048.k9C0mUM2000298@drugs.dv.isc.org> To: David Blacka Cc: IETF DNSEXT WG From: Mark Andrews Subject: Re: NSEC3 Issue 27: creating a flag octet. In-reply-to: Your message of "Wed, 11 Oct 2006 10:41:25 -0400." <452D0295.2010207@verisignlabs.com> Date: Thu, 12 Oct 2006 10:48:29 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 > During the last NSEC3 workshop in September, the following suggestion > was made: > > Create a single octet in the wire format of both the NSEC3 and > NSEC3PARAM records dedicated to flags. Only one flag would be defined > initially, the Opt-Out flag. > > The purpose for this change would be twofold: 1) to allow a future > specification to define new flags for, e.g., dynamic update features. 2) > to make the wire format a bit friendlier to parse. > > The main proposal for how to actually create this octet is to convert > the high order octet of the iterations field (which is where the Opt-Out > flag currently resides anyway) and dedicate it to flags, thus shortening > the iterations field. The new maximum iterations value would be 65535. > The Opt-Out flag would be defined to be the low-order bit in this field > (which would preserve the presentation format). > > Obviously, there are possible variations to this proposal. For > instance, we could keep the iterations field 3 octets long, add a flags > octet, and move the Opt-Out flag to it. This would actually increase > the maximum number of expressible iterations to 16777215 (from 8388607). > > Comments? Suggestions? As I pushed for this I'm in favour of it. 2 octet iterations. > -- > David Blacka > Sr. Engineer VeriSign Infrastructure Product Engineering > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 11 22:51:57 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXqft-0007m4-FO; Wed, 11 Oct 2006 22:51:57 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXqfm-0008Ha-Tg; Wed, 11 Oct 2006 22:51:57 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXqax-00026E-6I for namedroppers-data@psg.com; Thu, 12 Oct 2006 02:46:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,UNPARSEABLE_RELAY autolearn=ham version=3.1.5 Received: from [66.163.8.251] (helo=SMTP.Lamicro.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXqav-00025w-JO for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 02:46:50 +0000 Received: from Spooler by SMTP.Lamicro.com (Mercury/32 v4.01b) ID MO000148; 11 Oct 2006 22:51:55 -0400 Received: from spooler by Lamicro.com (Mercury/32 v4.01b); 11 Oct 2006 22:50:43 -0400 Received: from connotech.com (165.154.49.154) by SMTP.Lamicro.com (Mercury/32 v4.01b) with ESMTP ID MG000147; 11 Oct 2006 22:50:38 -0400 Message-ID: <452DAC49.3070603@connotech.com> Date: Wed, 11 Oct 2006 22:45:29 -0400 From: Thierry Moreau User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Olaf M. Kolkman" CC: IETF DNSEXT WG , Mike StJohns , Suresh Krishnaswamy Subject: Re: WGLC on rollover-requirements and trustudpate-timers References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> In-Reply-To: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.1 (/) X-Scan-Signature: 6d95a152022472c7d6cdf886a0424dc6 Dear all: As the TAK rollover WGLC nears completion within the DNSEXT wg, I attempt to summarize my views on this activity. I include in a single message a critique on the TAK management requirements document (draft-ietf-dnsext-rollover-requirements-03.txt) and the IETF expected solution for automated TAK rollover (draft-ietf-dnsext-trustupdate-timers-04.txt). There are no new arguments in the present message, nor an attempt to change other participants' opinions. It's just a summary. LACK OF A SECURITY MODEL FOR AUTOMATED TRUST ANCHOR ROLLOVER Although DNSSEC is an IT security protocol, when it came to an automated TAK rollover protocol, the DNSEXT wg omits a documented security model as a side issue. For trustupdate-timers, this has been raised by Eric Rescorla in http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg01026.html , and then replied in http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg01035.html and http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg01037.html . Incidentally, it is almost by accident that the rollover-requirements paragraph 5.13. (Non-degrading trust) remains in the current draft (compare http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00624.html and http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00695.html ). Moreover, an expert review of the TAK rollover alternatives found the requirement ill-defined: "May be a policy issue (which algorithm to allow etc). How does one define degraded trustworthiness?" (from at http://www.dnssec-tools.org/docs/trust-anchor-comparison-v02.htm brought to the DNSEXT wg attention in http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00862.html ). This does not prevent this same expert from supporting the IETF expected solution for automated TAK rollover (http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg01311.html). At one point, I argued that the actual scope of rollover-requirements was too broad ("trust anchor management"), and should instead focus on the automated trust anchor rollover operation, perhaps even more narrowly on rollover *within the DNS protocol* ( http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00630.html ). Indeed, the only use of rollover-requirements is the selection of an automated TAK rollover solution. In progressing a high level "trust anchor management" requirements document, the DNSEXT wg stayed away from a reasonable statement for a security model for automated trust anchor rollover. The lack of a security model is perhaps coherent with the limited operational guidelines found in trustupdate-timers. This seems to shift some of the work to DNSOP, and/or to DNS zone administrations that cannot avoid the island-of-trust status (e.g. ICANN as the DNS root zone administration). However, an IT security scheme is strengthened when the various aspects (e.g. technological, parameter selection, implementation, operations) are considered at once in a single security analysis. WG PROCESS OF INTELLECTUAL PROPERTY ISSUE IPR encumbrance has been discussed at length in the DNSEXT wg mailing list. The draft-ietf-dnsext-rollover-requirements-03.txt document, in its paragraph 5.2, varies the IPR-related process defined in RFC 3668. In one message, I argued that the working group used an "a-priori option abandonment formulation" in this paragraph 5.2, committing itself to reject one of the solution, without a reasonable justification ( http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00239.html ). Despite mitigating observations by DNSEXT chairman and minor rewording in the -02 draft revision, the paragraph 5.2 was quite effective as an a-priori option abandonment. The adoption of draft-ietf-dnsext-rollover-requirements-03.txt as an informational RFC may establish a precedent in wg process for the selection of a technology, shifting the balance towards an ideological avoidance of IPR encumbered solutions. Perhaps the IESG wishes to keep RFC 3668 as the sole authoritative text on these matters. CONCLUSION I object to the progress of draft-ietf-dnsext-rollover-requirements-03.txt. Since draft-ietf-dnsext-rollover-requirements-03.txt is likely to be adopted, I abstain about draft-ietf-dnsext-trustupdate-timers-04.txt (i.e. the lack of a security model in rollover-requirements makes trustupdate-timers a "good enough" solution). Regards, -- - Thierry Moreau CONNOTECH Experts-conseils inc. 9130 Place de Montgolfier Montreal, Qc Canada H2M 2A1 Tel.: (514)385-5691 Fax: (514)385-5900 web site: http://www.connotech.com e-mail: thierry.moreau@connotech.com -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 05:48:58 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxBS-0000jz-7H; Thu, 12 Oct 2006 05:48:58 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxBM-0004w7-Rj; Thu, 12 Oct 2006 05:48:58 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXx4G-000Gmt-Ti for namedroppers-data@psg.com; Thu, 12 Oct 2006 09:41:32 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,OPTING_OUT_CAPS autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXx4F-000GmJ-Bu for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 09:41:32 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9C9fOcD030820; Thu, 12 Oct 2006 11:41:24 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E0DC3.6090500@nlnetlabs.nl> Date: Thu, 12 Oct 2006 11:41:23 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Mark Andrews CC: David Blacka , IETF DNSEXT WG Subject: Re: NSEC3 Issue 27: creating a flag octet. References: <200610120048.k9C0mUM2000298@drugs.dv.isc.org> In-Reply-To: <200610120048.k9C0mUM2000298@drugs.dv.isc.org> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, As I said during the NSEC3 workshop, the stated need for iterations is o To be able to differentiate the hashing (like the salt), to avoid collisions. o To make offline dictionary attacks much more expensive. It is relatively easy to obtain a relatively large part of the NSEC3 chain (by random probing for NXDOMAIN responses). The iterations field count will prohibit quick dictionary attacks, it says in the draft. The iterations field, as it would be used to defend against dictionary attacks, thus has to increase as computing power increases. If computing power doubles, iterations has to double to provide the same protection. A 16 bit field can only double 16 times. Depending on how long you think it takes for computing power to be 16x as powerful, at that time the iterations field will be 'too small' to provide the same level of defense against dictionary attacks. To allow for further growth, a longer bitfield may be prudent. A reply at the workshop was that a new hash algorithm, the '1024x SHA-1' (or something along those lines) algorithm can be defined in that event, that would provide an extension for the iterations field. An alternative could be to use the iterations field as 15bit, and use the high 16th bit to denote a 256x increase in value. This results in the same range of values for iterations as before (albeit with less granularity). Note I am only discussing the 16-bit iterations. Flags field is fine. I also have not met people that voiced a high iterations count was important to their interests. Best regards, Wouter Mark Andrews wrote: >> During the last NSEC3 workshop in September, the following suggestion >> was made: >> >> Create a single octet in the wire format of both the NSEC3 and >> NSEC3PARAM records dedicated to flags. Only one flag would be defined >> initially, the Opt-Out flag. >> >> The purpose for this change would be twofold: 1) to allow a future >> specification to define new flags for, e.g., dynamic update features. 2) >> to make the wire format a bit friendlier to parse. >> >> The main proposal for how to actually create this octet is to convert >> the high order octet of the iterations field (which is where the Opt-Out >> flag currently resides anyway) and dedicate it to flags, thus shortening >> the iterations field. The new maximum iterations value would be 65535. >> The Opt-Out flag would be defined to be the low-order bit in this field >> (which would preserve the presentation format). >> >> Obviously, there are possible variations to this proposal. For >> instance, we could keep the iterations field 3 octets long, add a flags >> octet, and move the Opt-Out flag to it. This would actually increase >> the maximum number of expressible iterations to 16777215 (from 8388607). >> >> Comments? Suggestions? > > As I pushed for this I'm in favour of it. > 2 octet iterations. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLg3DkDLqNwOhpPgRAh4DAKCS2h9GougL4pgabe0vAuZouXBmIgCfXwiT 3mmQVibCyhdUkitR3LgySWI= =s61h -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 05:54:25 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxGj-0002j1-34; Thu, 12 Oct 2006 05:54:25 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxGh-0005mH-OW; Thu, 12 Oct 2006 05:54:25 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxDe-000I5D-AJ for namedroppers-data@psg.com; Thu, 12 Oct 2006 09:51:14 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxDd-000I4n-6D for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 09:51:13 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9C9p9ub031716 for ; Thu, 12 Oct 2006 11:51:09 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E100C.30109@nlnetlabs.nl> Date: Thu, 12 Oct 2006 11:51:08 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: IETF DNSEXT WG Subject: DNAME update draft X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Recently the first version of the draft to update the DNAME specification hit the repository. It can be found here: http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rfc2672bis-dname/ There are several issues that surround DNAME. To discuss these issues they will be posted (in separate threads) to the namedroppers mailing list. There is an issue tracker at https://www.nlnetlabs.nl/issue/dname/index to keep track of them. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhAMkDLqNwOhpPgRAsXaAJ980w0i8/rbFKDlzzToyoOb8Sfr3ACeKKWn ObApdv0aRpi0Odf8ILJgD48= =xB71 -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:02:24 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxOR-0007Gg-U7; Thu, 12 Oct 2006 06:02:23 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxOQ-00076L-Kf; Thu, 12 Oct 2006 06:02:23 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxLP-000JXw-Tc for namedroppers-data@psg.com; Thu, 12 Oct 2006 09:59:15 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxLP-000JXI-1U for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 09:59:15 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9C9xAQf032258 for ; Thu, 12 Oct 2006 11:59:10 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E11ED.3060708@nlnetlabs.nl> Date: Thu, 12 Oct 2006 11:59:09 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.1]: DNAME as a Delegation Tool X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.1] DNAMEs can be used as indirections, the goal of these indirections is to mirror a part of the DNS domain tree in another part of the DNS domain tree. This mirroring should be easy. Alternative wording is that the goal is to have an alias name for a part of the domain tree. Running example is x DNAME y. The extra point here is that the mirroring is done at exactly a delegation point. There is a use for this case. Can, should, must DNAME be used as a delegation tool? And how is this possible according to protocol? Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhHtkDLqNwOhpPgRAt48AKCreM4gbSZmwSfbz0fhROjoCmthcgCfUZWY o33DbWWpRa3Wa+Hm8gqLCXk= =S+hF -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:06:10 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxS6-00028a-Pp; Thu, 12 Oct 2006 06:06:10 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxS5-0007Y5-GI; Thu, 12 Oct 2006 06:06:10 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxPC-000KU3-66 for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:03:10 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxPB-000KTc-9D for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:03:09 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CA34R9032778 for ; Thu, 12 Oct 2006 12:03:04 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E12D8.1010405@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:03:04 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.2]: DNAME Apex is not Redirected Itself X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.2]: Since the x is not CNAME'd itself, queries for the DNAME apex RRs are answered with data at x not at y. The reason for the original decision was that in this way (without DNAME apex affected) one can have a DNAME at the zone apex, next to the SOA, NS records, without problem. And use this to point zones under your operational control to other zones. Hosting two identical zones for example. Another reason for excluding the DNAME apex from the DNAME is that one can then query for the DNAME through RFC 1034 [RFC1034] caches. So, for x DNAME y; the x itself is not redirected which is nice below a zone cut, but not if the DNAME resides above a zone cut. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhLYkDLqNwOhpPgRAgh6AJ0Sz6pseAhhH2XhfnyndU3/t98y/QCglovH rxYd5T7ppykYWie6PPYm2Es= =wvOM -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:09:40 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxVT-00031m-VH; Thu, 12 Oct 2006 06:09:39 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxVR-0007q7-LU; Thu, 12 Oct 2006 06:09:39 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxSx-000Lb9-79 for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:07:03 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxSw-000LaN-B7 for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:07:02 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CA6wxL033362 for ; Thu, 12 Oct 2006 12:06:58 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E13C1.7070604@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:06:57 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.4]: MX and NS Records Require that the DNAME in their RDATA is Canonical X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.4]: This means immediately resolve, no CNAMEs no DNAMEs. See the reference to RFC 2181, Section 10.3 above. Also in RFC 1912 [RFC1912], Section 2.4. Therefore if a domain is 'delegated' (as in issue [4.1]) elsewhere, names from that domain cannot be used at the right hand side of MX and NS records. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhPBkDLqNwOhpPgRAh3DAJ9br/58dgh0ziGpxb9GVFHn1RB42gCgnqFO TfxYPNXnFXsYyHsBnYHb2Ew= =b1p2 -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:09:48 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxVc-000353-Oj; Thu, 12 Oct 2006 06:09:48 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxVb-0007sW-Fi; Thu, 12 Oct 2006 06:09:48 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxQv-000Kut-1O for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:04:57 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxQu-000Ktr-6f for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:04:56 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CA4oxT032893 for ; Thu, 12 Oct 2006 12:04:51 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E1342.5030107@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:04:50 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.3]: DNAME is Always Included in Outgoing Packets. X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.3]: Old resolvers or firewalls may drop packets with this unknown RR type. It could only be sent if EDNS DO bit indicates understanding (for example). Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhNCkDLqNwOhpPgRAg95AJ4uC9a7SoODqJ5GRc287T+d1SD84ACgsxwt ImdrA3QucmSvw9UrwGPCykw= =9Toc -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:16:32 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxc8-0006X0-9a; Thu, 12 Oct 2006 06:16:32 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxc7-0000Dh-0b; Thu, 12 Oct 2006 06:16:32 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxZ5-000OkU-6D for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:13:23 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=AWL,BAYES_00,SUBJ_ALL_CAPS, UPPERCASE_25_50 autolearn=no version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxZ4-000Oju-Em for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:13:22 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CADF5Y033903 for ; Thu, 12 Oct 2006 12:13:15 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E153A.20608@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:13:14 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.5]: DNSSEC X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.4 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.5]: For a name error response, the resolver has to check the closest encloser NSEC to make sure it has no DNAME bit set. If a DNAME had been present, that DNAME redirection should have been followed. The original RFC is written before DNSSEC was written, and this security consideration needs to be incorporated. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhU6kDLqNwOhpPgRAmVnAJ9RN+ehjqEQxShvza/Rhg9EyafenwCff7WK UhW9Fo80Hp66kY+XiYZP0DE= =Z6kG -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:23:38 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxj0-0002OE-7t; Thu, 12 Oct 2006 06:23:38 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxiy-0001FG-Uz; Thu, 12 Oct 2006 06:23:38 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxgP-0000iL-1i for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:20:57 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxgO-0000hl-77 for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:20:56 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CAKpkq034840 for ; Thu, 12 Oct 2006 12:20:51 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E1703.7010909@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:20:51 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.6]: Signaling of DNAME Understanding X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.6]: Some mechanism to signal that CNAMEs need not be synthesized. Also signal that DNAME target compression can be used (if RDATA target name compression is allowed at all). EDNS version seems the most obvious, states the rfc. The gain is compression of the DNAME rname, and smaller response size. The original draft says that 'EDNS version 1 signals DNAME compression', but edns1 has not been defined yet. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhcCkDLqNwOhpPgRAvnBAJ4kZLVOSaSAtUcClrDe5E6r0FtVMQCdH/xn 3NIQ/vn0LGw3CYtN8tAsPO0= =Jgx8 -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:25:07 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxkR-0002ny-1j; Thu, 12 Oct 2006 06:25:07 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxkO-0001Pq-OO; Thu, 12 Oct 2006 06:25:07 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxhU-00011I-4y for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:22:04 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxhT-00010P-Ay for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:22:03 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CALtB7034884 for ; Thu, 12 Oct 2006 12:21:56 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E1743.1060509@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:21:55 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.7]: A DNAME is not a Zone-cut X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.7]: A DNAME is not a zone-cut. You may want to use it as such to mirror a part of the DNS tree, but RFC 2672 DNAME is not usable because the apex is not redirected. Ties back to issue [4.1] misconceptions. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhdDkDLqNwOhpPgRAt1oAJ9mqz8CYh9qlMVE6PNfGYcsrmoVwwCfaJbf 4e6XhMAQndapRwVipTy9V3Y= =sYGK -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:27:20 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxma-00049T-4Y; Thu, 12 Oct 2006 06:27:20 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxmY-0001gw-RQ; Thu, 12 Oct 2006 06:27:20 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxjC-0001V8-4t for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:23:50 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxjA-0001UP-Sv for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:23:49 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CANiD7034976 for ; Thu, 12 Oct 2006 12:23:44 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E17AF.1010901@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:23:43 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.8]: DNAME and CIDR Blocks in in-addr.arpa X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: 93238566e09e6e262849b4f805833007 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.8]: Is DNAME the Way to go for CIDR Blocks in in-addr.arpa? Should this be addressed by this document? Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhevkDLqNwOhpPgRAgPyAJ9lsbthSMz2IfaWEcb7NZlXvz/ZXgCfWTRe YN/g3IiyxI8ATkM2uzok0Ms= =cR2+ -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:27:23 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxmd-0004CV-UR; Thu, 12 Oct 2006 06:27:23 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxmb-0001hM-Kx; Thu, 12 Oct 2006 06:27:23 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxkV-0001oF-Ot for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:25:11 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxkU-0001nL-UX for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:25:11 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CAP4n2035033 for ; Thu, 12 Oct 2006 12:25:04 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E1800.3070906@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:25:04 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.9]: Name Compression in RDATA X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.9]: For old versions of servers only uncompressed is possible. New version can still choose to use compressed or not. Clarify on compression proposal: Senders SHOULD NOT compress RDATA, receivers MUST be able to decompress, when the new version has been negotiated with the EDNS bits. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhf/kDLqNwOhpPgRApWyAJ9A/Ny38XSbx/73uXB3EoQYa4HKXgCcDr0F 54uYUuJQoEFdt8mOmqUj3PE= =rZ2P -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:29:35 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxol-00060Z-7G; Thu, 12 Oct 2006 06:29:35 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxoi-0001vU-Tc; Thu, 12 Oct 2006 06:29:35 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxld-00025g-JW for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:26:21 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxlc-00025F-Op for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:26:21 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CAQFSt035415 for ; Thu, 12 Oct 2006 12:26:15 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E1847.3040004@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:26:15 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.10]: Synthesized CNAME TTL=0 X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.10]: In the original specification, all synthesized CNAME RRs had a TTL of 0. Due to DNSSEC TTL=0 interpretation had to be changed to mean "keep as long as the query using this RRset is still being processed". What is the status of this CNAME? This could be synthesized CNAMEs should have a TTL equal to the TTL of the DNAME. This allows non-aware clients to cache the CNAMEs and thus lightens the load on authoritative servers. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhhGkDLqNwOhpPgRAu4zAJ0cwUMNpqWk+NZwjVdz+DpM4JvifQCgtk8+ OPjS/jZbxYacjhEMQmqWfLQ= =4qfC -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:30:30 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxpe-0006ZU-0T; Thu, 12 Oct 2006 06:30:30 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxpc-00022E-NH; Thu, 12 Oct 2006 06:30:29 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxmv-0002SV-HW for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:27:41 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxmu-0002Ru-LD for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:27:41 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CARXBL035448 for ; Thu, 12 Oct 2006 12:27:33 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E1894.6090901@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:27:32 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.11]: Wildcarded DNAME X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.11]: What should happen with a wildcard with RRtype DNAME, i.e. *.example.com DNAME example.net. RFC 4592 [RFC4592] discourages this. Behaviour unspecified (strict interpretation of RFC 2672 says that for queries for which the wildcard is expanded, no DNAME processing occurs, and for queries for the '*' label ('foo.*.example.com') the DNAME is followed.). If allowed it will lead to confusion. RFC 4592 already discourages. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhiUkDLqNwOhpPgRAv9bAKCVQX+a1KKkQsPqiyqhBc4VYo/hlQCbBZx2 1EFdmThC8ykb7z1E+batdmI= =o7r4 -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:30:47 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxpv-0006aF-Al; Thu, 12 Oct 2006 06:30:47 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxpu-00023r-1f; Thu, 12 Oct 2006 06:30:47 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxnj-0002iB-TD for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:28:31 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxni-0002gY-MB for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:28:31 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CASPtG035484 for ; Thu, 12 Oct 2006 12:28:26 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E18C9.4050606@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:28:25 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.12]: NSEC3 and DNAME X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.12]: NSEC3 uses hashing to obscure names. This hashing can be expensive to compute. A zone that has DNAME and NSEC3 may have to do additional hashing for NSEC3 lookups. More work needs to be done to look into this and see what computational costs are involved. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhjJkDLqNwOhpPgRAj2/AJ9xTo+eYMSFnruFfQOPJx8InYlAgACgsVkU CbcmU2aAXn7yMmemXKHKho8= =IUZg -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:32:51 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXxrv-0000Vj-Rf; Thu, 12 Oct 2006 06:32:51 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXxru-0002Mg-IF; Thu, 12 Oct 2006 06:32:51 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxph-0003DS-OR for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:30:33 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxpe-0003Ck-VT for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:30:33 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CAUNe1035921 for ; Thu, 12 Oct 2006 12:30:24 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E193F.6060805@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:30:23 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.13]: PTR Records and DNAME X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.13]: PTR records in the reverse zone must have canonical names as their RDATA, like NS and MX records. The lookup process for PTR records owner names may involve DNAME/CNAME records, but the lookup process for PTR records RDATA names may not. RFC 1912. More problematic than NS and MX in operational sense, since the reverse zone may not be under the control of the zone operator. Like issue [4.4]. So DNAME'd domains are not allowed on the right hand side of PTR records. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhk/kDLqNwOhpPgRAlYQAJ97W5sLDs6aXU1y5SEknCDQqFIIJACgn+VS UkZvrqJFBmDsxRjh2c9VRKg= =6wMW -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 06:42:44 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXy1U-0005Fv-3s; Thu, 12 Oct 2006 06:42:44 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXy1S-00044r-Pi; Thu, 12 Oct 2006 06:42:44 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxww-0004bp-5h for namedroppers-data@psg.com; Thu, 12 Oct 2006 10:38:02 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXxwv-0004aG-8C for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 10:38:01 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CAbmKj036628 for ; Thu, 12 Oct 2006 12:37:48 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <452E1AFC.1030809@nlnetlabs.nl> Date: Thu, 12 Oct 2006 12:37:48 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: DNAME [4.14]: Small Corner Cases X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: c1c65599517f9ac32519d043c37c5336 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Issue [4.14]: There are also some corner cases to discuss and clarify. These are small issues, but additional examples can give more guidance to implementors. [[editors note: The following is to be expanded]] 1. Example of why DNSSEC validators MUST understand DNAME. 2. Examples of the DNAME name substitution. whole labels only, name can get longer and shorter. The '*' label is handled as a fixed string during substitution. apex is not substituted. name can get too long. 3. Corner case: queries for synthesized CNAME. Not a problem, current algorithm already creates the CNAME again from the DNAME for such a query and follows the chain of DNAME/CNAMEs. Server reminded that it must return no error. 4. Corner case: loops with single DNAME record possible. Loop: x DNAME y.x. Loop: x DNAME x. Loop: x DNAME "." for queries qname=a.x.x 5. Servers must not allow zones to be loaded below a DNAME. This is similar to requesting to not load a zone when a domain name below a DNAME contains resource records, as the RFC requests. 6. Caches must not allow data to be cached below a DNAME. CNAMES below a DNAME must be re-synthesized from the DNAME, or checked against the DNAME if needed. This is to help implementors understand the ramifications of DNAMEs. Explicit examples of corner cases that could cause trouble. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLhr8kDLqNwOhpPgRAizvAKCu1ze1zAY17Gc1amYZwcoZKoZfDwCgsXef PVVroEZTYynkNAs36LUgaP8= =E85B -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 07:38:27 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GXytP-0003uL-NC; Thu, 12 Oct 2006 07:38:27 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GXytK-0007q0-CI; Thu, 12 Oct 2006 07:38:27 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXylU-000GyT-QK for namedroppers-data@psg.com; Thu, 12 Oct 2006 11:30:16 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.248.199.24] (helo=mx4.nominet.org.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXylT-000Gxj-7o; Thu, 12 Oct 2006 11:30:16 +0000 Received: from unknown (HELO notes1.nominet.org.uk) ([213.248.197.128]) by mx4.nominet.org.uk with ESMTP; 12 Oct 2006 12:30:13 +0100 X-IronPort-AV: i="4.09,299,1157324400"; d="scan'208"; a="5015451:sNHT32264760" In-Reply-To: <452E0DC3.6090500@nlnetlabs.nl> To: Wouter Wijngaards Cc: David Blacka , Mark Andrews , IETF DNSEXT WG , owner-namedroppers@ops.ietf.org Subject: Re: NSEC3 Issue 27: creating a flag octet. MIME-Version: 1.0 X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005 Message-ID: From: Roy Arends Date: Thu, 12 Oct 2006 13:29:25 +0200 X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25, 2006) at 12/10/2006 12:29:26 PM, Serialize complete at 12/10/2006 12:29:26 PM Content-Type: text/plain; charset="US-ASCII" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 82c9bddb247d9ba4471160a9a865a5f3 owner-namedroppers@ops.ietf.org wrote on 10/12/2006 11:41:23 AM: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > As I said during the NSEC3 workshop, the stated need for iterations is > o To be able to differentiate the hashing (like the salt), to avoid > collisions. > o To make offline dictionary attacks much more expensive. It is > relatively easy to obtain a relatively large part of the NSEC3 chain (by > random probing for NXDOMAIN responses). The iterations field count will > prohibit quick dictionary attacks, it says in the draft. > > The iterations field, as it would be used to defend against dictionary > attacks, thus has to increase as computing power increases. If computing > power doubles, iterations has to double to provide the same protection. > A 16 bit field can only double 16 times. Depending on how long you think > it takes for computing power to be 16x as powerful, at that time the > iterations field will be 'too small' to provide the same level of > defense against dictionary attacks. To allow for further growth, a > longer bitfield may be prudent. > > A reply at the workshop was that a new hash algorithm, the '1024x SHA-1' > (or something along those lines) algorithm can be defined in that event, > that would provide an extension for the iterations field. > > An alternative could be to use the iterations field as 15bit, and use > the high 16th bit to denote a 256x increase in value. This results in > the same range of values for iterations as before (albeit with less > granularity). > > Note I am only discussing the 16-bit iterations. Flags field is fine. > > I also have not met people that voiced a high iterations count was > important to their interests. I propose we use the iterations value to represent a power of 2. Since we don't want X to be too high to be useless, we can use 5 bits to express X. The highest possible iterations value is now 2^31 which is already higher than the current max value (so I guess 4 bits will do as well). The rest of the bits can be used as flags. I can't really imagine a case where 2^X is too low, while 2^(X+1) is too high. This should be moore's law safe for another 45 years and uses a single octet for both flags and iterations. Roy -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 08:56:13 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY06f-0005tR-7e; Thu, 12 Oct 2006 08:56:13 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY06Z-0001Mh-UG; Thu, 12 Oct 2006 08:56:13 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXzzu-0008y4-PB for namedroppers-data@psg.com; Thu, 12 Oct 2006 12:49:14 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [129.70.136.245] (helo=mailout.TechFak.Uni-Bielefeld.DE) by psg.com with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXzzs-0008wI-0Z for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 12:49:14 +0000 Received: from tyrannia.TechFak.Uni-Bielefeld.DE (tyrannia.TechFak.Uni-Bielefeld.DE [129.70.137.5]) by momotombo.TechFak.Uni-Bielefeld.DE (8.12.11/8.12.11/TechFak/2005/05/30/sjaenick) with ESMTP id k9CCn5Oi015686; Thu, 12 Oct 2006 14:49:05 +0200 (MEST) Received: from localhost (pk@localhost) by tyrannia.TechFak.Uni-Bielefeld.DE (8.11.7+Sun/8.9.1) with SMTP id k9CCn5b16277; Thu, 12 Oct 2006 14:49:05 +0200 (MEST) Message-Id: <200610121249.k9CCn5b16277@tyrannia.TechFak.Uni-Bielefeld.DE> X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk owned process doing -bs X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk@localhost didn't use HELO protocol To: IETF DNSEXT WG From: Peter Koch Subject: Re: DNAME [4.9]: Name Compression in RDATA In-reply-to: Your message of "Thu, 12 Oct 2006 12:25:04 +0200." <452E1800.3070906@nlnetlabs.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16274.1160657342.1@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Thu, 12 Oct 2006 14:49:05 +0200 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 Wouter Wijngaards wrote: > Issue [4.9]: > For old versions of servers only uncompressed is possible. New > version can still choose to use compressed or not. > Clarify on compression proposal: Senders SHOULD NOT compress RDATA, > receivers MUST be able to decompress, when the new version has been > negotiated with the EDNS bits. For this we'd need a more detailed problem statement. Having a compression pointer in the RDATA is most likely not very attractive, unless we'd find 'sibling' DNAMEs in long/deep names a lot: some.maybe.really.deep.example. DNAME other.maybe.really.deep.example. If this were the case, it could be dealt with by local compression ;-) The DNAME RDATA is probably more attractive as a compression target, since an RRSet will follow with an owner that is a descendant of the DNAME's target. Still I'm not sure it's worth the hassle of deploying yet another hop-by-hop negotiation scheme. I'd suggest we stick with what RFC 3597 gave us: DNAME RDATA MUST NOT be compressed. -Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 09:24:19 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY0Xr-0005jJ-44; Thu, 12 Oct 2006 09:24:19 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY0Kr-0003QF-TR; Thu, 12 Oct 2006 09:10:55 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY0GJ-000Cdb-8a for namedroppers-data@psg.com; Thu, 12 Oct 2006 13:06:11 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [129.70.136.245] (helo=mailout.TechFak.Uni-Bielefeld.DE) by psg.com with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY0GE-000Cbp-HO for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 13:06:10 +0000 Received: from tyrannia.TechFak.Uni-Bielefeld.DE (tyrannia.TechFak.Uni-Bielefeld.DE [129.70.137.5]) by momotombo.TechFak.Uni-Bielefeld.DE (8.12.11/8.12.11/TechFak/2005/05/30/sjaenick) with ESMTP id k9CD5xCr017735; Thu, 12 Oct 2006 15:06:00 +0200 (MEST) Received: from localhost (pk@localhost) by tyrannia.TechFak.Uni-Bielefeld.DE (8.11.7+Sun/8.9.1) with SMTP id k9CD5xh16304; Thu, 12 Oct 2006 15:05:59 +0200 (MEST) Message-Id: <200610121305.k9CD5xh16304@tyrannia.TechFak.Uni-Bielefeld.DE> X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk owned process doing -bs X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk@localhost didn't use HELO protocol To: IETF DNSEXT WG From: Peter Koch Subject: Re: DNAME [4.11]: Wildcarded DNAME In-reply-to: Your message of "Thu, 12 Oct 2006 12:27:32 +0200." <452E1894.6090901@nlnetlabs.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16301.1160658357.1@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Thu, 12 Oct 2006 15:05:59 +0200 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 Wouter Wijngaards wrote: > Issue [4.11]: > What should happen with a wildcard with RRtype DNAME, i.e. > *.example.com DNAME example.net. RFC 4592 [RFC4592] discourages > this. Behaviour unspecified (strict interpretation of RFC 2672 says > that for queries for which the wildcard is expanded, no DNAME > processing occurs, and for queries for the '*' label > ('foo.*.example.com') the DNAME is followed.). > > If allowed it will lead to confusion. RFC 4592 already discourages. we can keep in line with RFC 4592, but the reason is not 'just confusion': At an authoritative server, *.example DNAME would only affect anything below *.example, but explicit query for a DNAME at, e.g., confusing.example, would 'implant' a DNAME in a cache that then might answer queries for QNAMES below 'confusing.example' differently. With DNSSEC, the cache/resolver would know there was a wildcard expansion, but using that to special case DNAME doesn't appear too attractive to me. So, wildcard DNAMEs are not only operationally confusing, but would lead to inconsistent views of the namespace. -Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 10:43:11 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY1le-0000np-0J; Thu, 12 Oct 2006 10:42:38 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY1Y1-0006Ss-Et; Thu, 12 Oct 2006 10:28:35 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY1Qg-0001YF-Li for namedroppers-data@psg.com; Thu, 12 Oct 2006 14:20:58 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [129.70.136.245] (helo=mailout.TechFak.Uni-Bielefeld.DE) by psg.com with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY1Qb-0001Up-1J for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 14:20:57 +0000 Received: from tyrannia.TechFak.Uni-Bielefeld.DE (tyrannia.TechFak.Uni-Bielefeld.DE [129.70.137.5]) by momotombo.TechFak.Uni-Bielefeld.DE (8.12.11/8.12.11/TechFak/2005/05/30/sjaenick) with ESMTP id k9CEKhrP027458; Thu, 12 Oct 2006 16:20:43 +0200 (MEST) Received: from localhost (pk@localhost) by tyrannia.TechFak.Uni-Bielefeld.DE (8.11.7+Sun/8.9.1) with SMTP id k9CEKhM16377; Thu, 12 Oct 2006 16:20:43 +0200 (MEST) Message-Id: <200610121420.k9CEKhM16377@tyrannia.TechFak.Uni-Bielefeld.DE> X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk owned process doing -bs X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk@localhost didn't use HELO protocol To: IETF DNSEXT WG From: Peter Koch Subject: Re: DNAME [4.8]: DNAME and CIDR Blocks in in-addr.arpa In-reply-to: Your message of "Thu, 12 Oct 2006 12:23:43 +0200." <452E17AF.1010901@nlnetlabs.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16374.1160662839.1@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Thu, 12 Oct 2006 16:20:43 +0200 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 7d33c50f3756db14428398e2bdedd581 Wouter Wijngaards wrote: > Issue [4.8]: > Is DNAME the Way to go for CIDR Blocks in in-addr.arpa? Should this > be addressed by this document? I'd like to suggest we close this issue, since this topic would, if at all, belong in an addendum to or update of RFC 2317/BCP 20. That said, a property of DNAME is that all descendants of its owner are treated equally, something that 'Classless delegation' was explicitly designed to avoid. DNAMEs _could_ be used for prefixes shorter than /24 instead of 'mass delegations': for a /17, instead of 128 delegations install 128 DNAME RRs (and maybe one delegation). Still, I don't think that would be in scope for 2672bis. -Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 11:15:55 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY2Hr-0005Fa-7m; Thu, 12 Oct 2006 11:15:55 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY2Hc-000257-TX; Thu, 12 Oct 2006 11:15:55 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY29n-0007ST-Vq for namedroppers-data@psg.com; Thu, 12 Oct 2006 15:07:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.1.5 Received: from [193.1.169.34] (helo=dakota.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY29m-0007SB-13 for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 15:07:35 +0000 Received: from conversion-daemon.dakota.ucd.ie by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) id <0J710050136S2C00@dakota.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 16:07:32 +0100 (IST) Received: from [10.0.0.186] ([83.141.81.52]) by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTPSA id <0J71004YD3CJXT40@dakota.ucd.ie>; Thu, 12 Oct 2006 16:07:32 +0100 (IST) Date: Thu, 12 Oct 2006 16:07:36 +0100 From: Niall O'Reilly Subject: Re: DNAME update draft In-reply-to: <452E100C.30109@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , IETF DNSEXT WG Message-id: <2AEEEA41-C6A9-4AEB-B440-ED506A3C34E0@ucd.ie> MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; delsp=yes; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <452E100C.30109@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a On 12 Oct 2006, at 10:51, Wouter Wijngaards wrote: > There are several issues that surround DNAME. To discuss these issues > they will be posted (in separate threads) to the namedroppers > mailing list. Beware! This does help to scope the discussion, but may be an obstacle to keeping the overall picture in mind. Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 11:48:51 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY2nj-0006lA-G8; Thu, 12 Oct 2006 11:48:51 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY2ni-00029S-7U; Thu, 12 Oct 2006 11:48:51 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2g6-000CCO-He for namedroppers-data@psg.com; Thu, 12 Oct 2006 15:40:58 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2g5-000CBl-9o for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 15:40:58 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1:211:2fff:fed7:7378]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9CFenUS065598; Thu, 12 Oct 2006 17:40:49 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: <2AEEEA41-C6A9-4AEB-B440-ED506A3C34E0@ucd.ie> References: <452E100C.30109@nlnetlabs.nl> <2AEEEA41-C6A9-4AEB-B440-ED506A3C34E0@ucd.ie> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-144--175660766" Message-Id: <80246D8A-884F-4A72-811A-5F75A31F2C93@NLnetLabs.nl> Cc: Wouter Wijngaards , IETF DNSEXT WG Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: DNAME update draft Date: Thu, 12 Oct 2006 17:40:49 +0200 To: "Niall O'Reilly" X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-144--175660766 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 12Oct 2006, at 5:07 PM, Niall O'Reilly wrote: > This does help to scope the discussion, > but may be an obstacle to keeping the overall picture in mind. obviously discussion about other topics, or the overall picture can be brought up in a separate thread. Please make clear what the issues are and propose text modifications if possible. --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-144--175660766 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFLmIBtN/ca3YJIocRAlkaAJ9MDNEXHNz1NkAWciYGiER9AmQPQwCeNaPs L02yxoRDmYkokUmgTH1nR/U= =B+xT -----END PGP SIGNATURE----- --Apple-Mail-144--175660766-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 11:51:45 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY2qX-0007iA-L7; Thu, 12 Oct 2006 11:51:45 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY2qU-00033W-7E; Thu, 12 Oct 2006 11:51:45 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2jz-000D0D-PZ for namedroppers-data@psg.com; Thu, 12 Oct 2006 15:44:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.1.5 Received: from [193.1.169.34] (helo=dakota.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2jy-000Czf-Po for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 15:44:59 +0000 Received: from conversion-daemon.dakota.ucd.ie by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) id <0J71006013ZMZK00@dakota.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 16:43:22 +0100 (IST) Received: from [10.0.0.186] ([83.141.81.52]) by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTPSA id <0J71004AZ507XT90@dakota.ucd.ie>; Thu, 12 Oct 2006 16:43:20 +0100 (IST) Date: Thu, 12 Oct 2006 16:43:24 +0100 From: Niall O'Reilly Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool In-reply-to: <452E11ED.3060708@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , Namedroppers Message-id: <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; delsp=yes; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <452E11ED.3060708@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976 On 12 Oct 2006, at 10:59, Wouter Wijngaards wrote: > Issue [4.1] > DNAMEs can be used as indirections, s/can be/are/ What else might they be used for, after all? > the goal of these indirections is > to mirror a part of the DNS domain tree in another part of the DNS > domain tree. This mirroring should be easy. Alternative > wording is > that the goal is to have an alias name for a part of the domain > tree. > Running example is x DNAME y. > The extra point here is that the > mirroring is done at exactly a delegation point. I'm missing something here. Why "exactly at a delegation point"? How should I read "is done" here -- as "must only be done", as "is most often done", as "may be done", as "is particularly effective when done", or what? From the point of view of the zone containing the DNAME record, there is definitely some kind of cut involved, as this zone can contain no descendants (not even glue!) of the owner of the DNAME. OTOH, the "target namespace" of a DNAME record may include - all of a zone except the apex (an exapicated zone), - part of a zone, or - the union of either of the above and possible child zones or further [CD]NAME-redirected namespace. [ Yes, Aargh! ] So, I wonder just what > mirroring is done at exactly a delegation point should mean. > There is a use for this case. > > Can, should, must DNAME be used as a delegation tool? And how is this > possible according to protocol? I think it's worth keeping the term "delegation" to mean the relationship (or process of achieving that relationship) between the parties (or their nameservers) responsible for either side of a real, traditional zone cut. Let's not dilute the terminology of so many existing, still-valid documents. I believe it will help to use some other term to describe the use of DNAME _instead_ of delegation. "Non-terminal redirection" is accurate, but perhaps a little obscure. "Pseudo-delegation" helps make it clear that this is "something other than delegation", but may be too close to "delegation". Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 12:00:49 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY2zJ-00063a-Gb; Thu, 12 Oct 2006 12:00:49 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY2zI-0003qz-6Z; Thu, 12 Oct 2006 12:00:49 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2uF-000Eqf-7U for namedroppers-data@psg.com; Thu, 12 Oct 2006 15:55:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [129.70.136.245] (helo=mailout.TechFak.Uni-Bielefeld.DE) by psg.com with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2uD-000EqD-TY for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 15:55:34 +0000 Received: from tyrannia.TechFak.Uni-Bielefeld.DE (tyrannia.TechFak.Uni-Bielefeld.DE [129.70.137.5]) by momotombo.TechFak.Uni-Bielefeld.DE (8.12.11/8.12.11/TechFak/2005/05/30/sjaenick) with ESMTP id k9CFtVUb008633; Thu, 12 Oct 2006 17:55:31 +0200 (MEST) Received: from localhost (pk@localhost) by tyrannia.TechFak.Uni-Bielefeld.DE (8.11.7+Sun/8.9.1) with SMTP id k9CFtUH16509; Thu, 12 Oct 2006 17:55:30 +0200 (MEST) Message-Id: <200610121555.k9CFtUH16509@tyrannia.TechFak.Uni-Bielefeld.DE> X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk owned process doing -bs X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk@localhost didn't use HELO protocol To: IETF DNSEXT WG From: Peter Koch Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool In-reply-to: Your message of "Thu, 12 Oct 2006 11:59:09 +0200." <452E11ED.3060708@nlnetlabs.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16507.1160668529.1@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Thu, 12 Oct 2006 17:55:30 +0200 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17 Wouter Wijngaards wrote: > Issue [4.1] > DNAMEs can be used as indirections, the goal of these indirections is > to mirror a part of the DNS domain tree in another part of the DNS > domain tree. This mirroring should be easy. Alternative wording is > that the goal is to have an alias name for a part of the domain tree. > Running example is x DNAME y. The extra point here is that the > mirroring is done at exactly a delegation point. There is a use for > this case. > > Can, should, must DNAME be used as a delegation tool? And how is this > possible according to protocol? To avoid terminology pollution/erosion, I'd rather not re-define the term 'delegation' here. Delegation is tightly bound to making a zone cut and separating out control over a well defined part of the name space to a third (not necessarily) party. Delegations are something that (should) happen transparently to the user. So, as an approximation, 'registration tool' might be a better term. Instead of a delegation, a registry (or anyone in a similar role) could "alias" a subdomain (not zone!) into a different part of the name space. I've seen this in the ENUM universe, but Niall may have more detail about this. OTOH, this is a purely operational matter, so I'm not sure the DNAME clarifications/update document has anything to say here except what appears in issue 4.2, i.e., the owner is not covered by the DNAME. -Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 12:02:42 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY318-0006ap-Pj; Thu, 12 Oct 2006 12:02:42 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY317-0004Aj-G3; Thu, 12 Oct 2006 12:02:42 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2wg-000FAe-IR for namedroppers-data@psg.com; Thu, 12 Oct 2006 15:58:06 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [129.70.136.245] (helo=mailout.TechFak.Uni-Bielefeld.DE) by psg.com with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY2wf-000FAO-MP for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 15:58:06 +0000 Received: from tyrannia.TechFak.Uni-Bielefeld.DE (tyrannia.TechFak.Uni-Bielefeld.DE [129.70.137.5]) by momotombo.TechFak.Uni-Bielefeld.DE (8.12.11/8.12.11/TechFak/2005/05/30/sjaenick) with ESMTP id k9CFvwoM008989; Thu, 12 Oct 2006 17:57:58 +0200 (MEST) Received: from localhost (pk@localhost) by tyrannia.TechFak.Uni-Bielefeld.DE (8.11.7+Sun/8.9.1) with SMTP id k9CFvvZ16521; Thu, 12 Oct 2006 17:57:57 +0200 (MEST) Message-Id: <200610121557.k9CFvvZ16521@tyrannia.TechFak.Uni-Bielefeld.DE> X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk owned process doing -bs X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk@localhost didn't use HELO protocol To: IETF DNSEXT WG From: Peter Koch Subject: Re: DNAME [4.2]: DNAME Apex is not Redirected Itself In-reply-to: Your message of "Thu, 12 Oct 2006 12:03:04 +0200." <452E12D8.1010405@nlnetlabs.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16517.1160668669.1@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Thu, 12 Oct 2006 17:57:57 +0200 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 93238566e09e6e262849b4f805833007 Wouter Wijngaards wrote: > Issue [4.2]: > Since the x is not CNAME'd itself, queries for the DNAME apex RRs are > answered with data at x not at y. The reason for the original > decision was that in this way (without DNAME apex affected) one can > have a DNAME at the zone apex, next to the SOA, NS records, without > problem. And use this to point zones under your operational control > to other zones. Hosting two identical zones for example. Another > reason for excluding the DNAME apex from the DNAME is that one can > then query for the DNAME through RFC 1034 [RFC1034] caches. > > So, for x DNAME y; the x itself is not redirected which is nice below a > zone cut, but not if the DNAME resides above a zone cut. this is a feature of DNAME that cannot be changed IMHO. The only change to the text I'd suggest is s/DNAME apex/DNAME owner/g; -Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 12:13:46 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY3Bq-0004Hb-4K; Thu, 12 Oct 2006 12:13:46 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY3Bo-0006a1-P7; Thu, 12 Oct 2006 12:13:46 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY35u-000GXp-U2 for namedroppers-data@psg.com; Thu, 12 Oct 2006 16:07:38 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.1.5 Received: from [193.1.169.34] (helo=dakota.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY35t-000GXR-Qk for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 16:07:38 +0000 Received: from conversion-daemon.dakota.ucd.ie by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) id <0J71002015TE3300@dakota.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 17:07:36 +0100 (IST) Received: from [10.0.0.186] ([83.141.81.52]) by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTPSA id <0J71004KC648X7B0@dakota.ucd.ie>; Thu, 12 Oct 2006 17:07:21 +0100 (IST) Date: Thu, 12 Oct 2006 17:07:18 +0100 From: Niall O'Reilly Subject: Re: DNAME [4.2]: DNAME Apex is not Redirected Itself In-reply-to: <452E12D8.1010405@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , Namedroppers Message-id: MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; delsp=yes; charset=US-ASCII Content-transfer-encoding: 7BIT X-Pgp-Agent: GPGMail 1.1.1 (Tiger) References: <452E12D8.1010405@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12 Oct 2006, at 11:03, Wouter Wijngaards wrote: > Issue [4.2]: > Since the x is not CNAME'd itself, s/CNAME'd itself/itself redirected/ Keeping CNAME out of the discussion, except where strictly necessary, may help avoid confusion > queries for the DNAME apex RRs are I'm not sure that "apex" is the term we need here. Does anyone else have the feeling that this use is an overload? > answered with data at x not at y. > The reason for the original > decision was that in this way (without DNAME apex affected) one can > have a DNAME at the zone apex, next to the SOA, NS records, without > problem. And use this to point zones under your operational > control > to other zones. Hosting two identical zones for example. Another > reason for excluding the DNAME apex from the DNAME is that one can > then query for the DNAME through RFC 1034 [RFC1034] caches. Two reasons are mentioned here, and each seems a perfectly good reason to me. However, since the purpose (IIRC) is to clarify, the "locus classicus" for each should be cited. Otherwise the origin of each (as folklore, received wisdom, or even retrospective rationalization, any of which would be a satisfactory pedigree) should be identified. > So, for x DNAME y; the x itself is not redirected which is nice > below a > zone cut, but not if the DNAME resides above a zone cut. I'm not sure what the point is here. A zone cut below the DNAME cannot arise in the zone in which the DNAME is situated. A zone cut somewhere in the target namespace of the DNAME may be appropriate if it is for some reason convenient to distribute that namespace over more than one zone. Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) iD8DBQFFLmg8eYfkja6ZXtkRAiQBAJwMqtq4+Y2l3b1vSPyEOgX8FuQ6xgCgrz5E iyEq1W9eWyuU0k4k/gF1rrU= =iuHv -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 12:15:03 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY3D5-0004dF-9u; Thu, 12 Oct 2006 12:15:03 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY3D2-0006rA-VQ; Thu, 12 Oct 2006 12:15:03 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY38B-000GnV-Kh for namedroppers-data@psg.com; Thu, 12 Oct 2006 16:09:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY,UPPERCASE_25_50 autolearn=ham version=3.1.5 Received: from [193.1.169.34] (helo=dakota.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY38A-000GnH-TL for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 16:09:59 +0000 Received: from conversion-daemon.dakota.ucd.ie by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) id <0J71002015TMK800@dakota.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 17:09:57 +0100 (IST) Received: from [10.0.0.186] ([83.141.81.52]) by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTPSA id <0J71004PV688X7B0@dakota.ucd.ie>; Thu, 12 Oct 2006 17:09:44 +0100 (IST) Date: Thu, 12 Oct 2006 17:09:45 +0100 From: Niall O'Reilly Subject: Re: DNAME update draft In-reply-to: <80246D8A-884F-4A72-811A-5F75A31F2C93@NLnetLabs.nl> To: "Olaf M. Kolkman" Cc: Niall O'Reilly , Wouter Wijngaards , IETF DNSEXT WG Message-id: MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT X-Pgp-Agent: GPGMail 1.1.1 (Tiger) References: <452E100C.30109@nlnetlabs.nl> <2AEEEA41-C6A9-4AEB-B440-ED506A3C34E0@ucd.ie> <80246D8A-884F-4A72-811A-5F75A31F2C93@NLnetLabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12 Oct 2006, at 16:40, Olaf M. Kolkman wrote: > Please make clear what the issues are I'll try ... > and propose text modifications if possible. I may not be able to think of those "in the same breath" 8-) Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) iD8DBQFFLmjNeYfkja6ZXtkRAlwiAJ0e8xhOsPHapr/4z3rhxf/tK23d6wCdGsOh MC7Cv5y/y46jAhDUZ8BahHQ= =T6Ha -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 12:27:56 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY3PY-0006ps-PR; Thu, 12 Oct 2006 12:27:56 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY3PX-0000w3-FH; Thu, 12 Oct 2006 12:27:56 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY3F8-000Hzt-Mc for namedroppers-data@psg.com; Thu, 12 Oct 2006 16:17:10 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.1.5 Received: from [193.1.169.34] (helo=dakota.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY3F7-000Hza-VL for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 16:17:10 +0000 Received: from conversion-daemon.dakota.ucd.ie by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) id <0J71002015TE3300@dakota.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 17:16:30 +0100 (IST) Received: from [10.0.0.186] ([83.141.81.52]) by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTPSA id <0J71004486J0X7C0@dakota.ucd.ie>; Thu, 12 Oct 2006 17:16:13 +0100 (IST) Date: Thu, 12 Oct 2006 17:16:17 +0100 From: Niall O'Reilly Subject: Re: DNAME update draft In-reply-to: <80246D8A-884F-4A72-811A-5F75A31F2C93@NLnetLabs.nl> To: "Olaf M. Kolkman" Cc: Niall O'Reilly , Wouter Wijngaards , IETF DNSEXT WG Message-id: <94568FB7-224B-4A36-A5B0-8A88B1324A3A@ucd.ie> MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <452E100C.30109@nlnetlabs.nl> <2AEEEA41-C6A9-4AEB-B440-ED506A3C34E0@ucd.ie> <80246D8A-884F-4A72-811A-5F75A31F2C93@NLnetLabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3 On 12 Oct 2006, at 16:40, Olaf M. Kolkman wrote: > obviously discussion about other topics, or the overall > picture can be brought up in a separate thread. As it happens, my concern about losing the overall picture was an over-reaction, as Wouter has taken the precaution of cross-referencing the issues. Sorry. Chapeau! Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 14:23:57 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY5Dp-0000wZ-BG; Thu, 12 Oct 2006 14:23:57 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY5Dn-0006v9-Vp; Thu, 12 Oct 2006 14:23:57 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY571-000D7z-J7 for namedroppers-data@psg.com; Thu, 12 Oct 2006 18:16:55 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.1.5 Received: from [192.94.214.100] (helo=nutshell.tislabs.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY570-000D7k-80 for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 18:16:55 +0000 Received: (from uucp@localhost) by nutshell.tislabs.com (8.12.9/8.12.9) id k9CIFYIX021598 for ; Thu, 12 Oct 2006 14:15:35 -0400 (EDT) Received: from pecan.tislabs.com(10.66.1.30) by nutshell.tislabs.com via csmap (V6.0) id srcAAAFLaW9P; Thu, 12 Oct 06 14:15:03 -0400 Received: from [127.0.0.1] (localhost.tislabs.com [127.0.0.1]) by pecan.tislabs.com (Postfix) with ESMTP id E50DC3F418; Thu, 12 Oct 2006 14:15:09 -0400 (EDT) Message-ID: <452E866A.3080100@tislabs.com> Date: Thu, 12 Oct 2006 11:16:10 -0700 From: Lindy Foster User-Agent: Mozilla Thunderbird 1.0.8-1.1.fc4 (X11/20060501) X-Accept-Language: en-us, en MIME-Version: 1.0 To: IETF DNSEXT WG CC: sparta-dnssec Subject: comments on trustupdate-timers-04 X-Enigmail-Version: 0.93.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 4d87d2aa806f79fed918a62e834505ca -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have already sent purely editorial comments to MSJ. I have a problem with Section 2.3 Remove Hold-Down: "A new key which has been seen by the resolver, but hasn't reached it's add hold-down time, MAY be removed from the DNSKEY RRSet by the zone owner. If the resolver sees a validated DNSKEY RRSet without this key, it waits for the remove hold-down time and then, if the key hasn't reappeared, SHOULD discard any information about the key." But the previous section (2.2) says: "To mitigate, [blah blah blah] ... If the resolver ever sees the DNSKEY RRSet without the new key but validly signed, it stops the acceptance process and resets the acceptance timer. If all of the keys which were originally used to validate this key are revoked prior to the timer expiring, the resolver stops the acceptance process and resets the timer." So which is it? The resolver sees a new key, then gets an RRSet without that key before the add-hold-down timer (acceptance time is reached). You throw away all info about that key, or wait for another timer (remove hold-down) to expire? I think it is the former. I think the Remove Hold-Down timer is really supposed to be talking about keys being REVOKED, not about new keys subsequently not appearing in RRSets. Or is it something else altogether? Other than this clarification, I support this draft being advanced. FYI, I am currently working on an implementation of this draft. - -- Lindy Foster SPARTA, Inc. lindy@sparta.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLoZqAxJowVHHlGYRAv7MAJ9dYFFB9vguFhGwtiPD2irY6j2sQQCfaUZr QPt9S29VUWJx2pImeyPw9vI= =NXqr -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 15:50:21 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY6ZR-0006OQ-86; Thu, 12 Oct 2006 15:50:21 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY6ZP-00060N-Pk; Thu, 12 Oct 2006 15:50:21 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY6RY-000Pg4-Gb for namedroppers-data@psg.com; Thu, 12 Oct 2006 19:42:12 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.1.5 Received: from [192.94.214.100] (helo=nutshell.tislabs.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY6RX-000Pfg-8J for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 19:42:11 +0000 Received: (from uucp@localhost) by nutshell.tislabs.com (8.12.9/8.12.9) id k9CJepg4003229 for ; Thu, 12 Oct 2006 15:40:51 -0400 (EDT) Received: from pecan.tislabs.com(10.66.1.30) by nutshell.tislabs.com via csmap (V6.0) id srcAAAjaayeg; Thu, 12 Oct 06 15:39:52 -0400 Received: from localhost (localhost.tislabs.com [127.0.0.1]) by pecan.tislabs.com (Postfix) with ESMTP id 9B9DC3F4AE for ; Thu, 12 Oct 2006 15:39:56 -0400 (EDT) Date: Thu, 12 Oct 2006 15:40:56 -0400 (EDT) From: Sam Weiler X-X-Sender: weiler@lemon.samweiler.com To: IETF DNSEXT WG Subject: Re: WGLC on trustudpate-timers In-Reply-To: <451A7046.2030804@nlnetlabs.nl> Message-ID: References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> <451A7046.2030804@nlnetlabs.nl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 2beba50d0fcdeee5f091c59f204d4365 First, my appreciation to MSJ for the excellent editting job. I found a couple of minor things in the doc that I'd like to see clarified. While it would be better to do that before sending the doc to the IESG, my only objection to advancing the doc now is the discrepancy in section 2.3 identified by Wouter and Lindy. In particular, the second sentence of 2.3 seems inconsistent with the rest of the doc. I'll start with the disucssion of how I think this technique stacks up against the requirements (identified by the section number in the requirements draft), then I'll list the textual clarifications I'd like to see. I think this doc satisfies these requirements: 5.1. Scalability 5.3. General Applicability 5.4. Support Private Networks 5.7. Planned and Unplanned Rollovers 5.8. Timeliness 5.10. New RR Types (unclear requirement, but no new RR type needed) 5.11. Support for Trust Anchor Maintenance Operations (accomplishes replace w/ separate add/delete) 5.12. Recovery From Compromise 5.13. Non-degrading Trust I think both of the following are satisfied, though more text about them would be good: 5.5. Detection of Stale Trust Anchors 5.6. Manual Operations Permitted I'm concerned that limits on the size of the apex DNSKEYset will prevent keeping around a sufficient number of revoked DNSKEYs to fully satisfy: 5.9. High Availability (but I don't think we need to do anything about this now) I make no comment on this requirement: 5.2. No Intellectual Property Encumbrance Clarifications: 2535 is listed as a normative reference, but it's obsolete. Remove it entirely? -- As above, considering adding more text re: how to satisfy requirements 5.5 and 5.6. That said, if it weren't for reading both this doc and the requirements doc in one sitting, I wouldn't think this document needed such text. -- Section 6: "The stand-by key will not normally sign this RRSet, but the resolver will accept it as a trust anchor if/when it sees the signature on the trust point DNSKEY RRSet." Which signature? It's own? The "NewKey" event description makes it sound like just adding the SEP key to the signed DNSKEYset is enough to get resolvers to pick it up. Once it's picked up, it could even be used to sign data in the zone (used as a ZSK) even without self-signing the DNSKEYset, right? How about: "Even though the stand-by key will not normally sign this RRSet nor any other data in the zone, but the resolver will accept it as a trust anchor. Accordingly, it could be used to sign the DNSKEY RRset or any other zone data." ? -- The phrase "SEP key" is used, with a reference to 4034, but 4034 doesn't define "SEP key". It would be more correct, and perhaps less confusing, to say "a DNSKEY with the SEP bit set". Make that substitution globally. -- In the "Valid" state: "If the RRSet ..." Which RRset? How about "If a DNSKEY RRset..." Yes, it's slightly redundant. -- "Alternately, a trust point which is subordinate to another configured trust point MAY be deleted by a resolver after 180 days where such trust point validly chains to a superior trust point. The decision to delete the subordinate trust anchor is a local configuration decision. Once the subordinate trust point is deleted, validation of the subordinate zone is dependent on validating the chain of trust to the superior trust point." The word "to" in the above assumes a "bottom-up" logical model of validation, which is not the one I'm most familiar with seeing in writing. Perhaps a change is in order? -- The abstract says "the method provides protection against single key compromise", but 8.2 says "This scheme permits recovery as long as at least one valid trust anchor key remains uncompromised." While these aren't necessarily contradictory, they come close. -- Section 1: "a resolver may need to know literally thousands of trust anchors to perform its duties." is inconsistent with the requirements doc: "never expected to be as high as one thousand." I prefer this version; change the other doc. -- Section 8.1: "This implies the decision update trust anchor keys based on trust for a current trust anchor key is also the resolver owner's decision." There's something missing in that sentence. -- The doc still flags as a "discussion item": "Should a missing key be considered revoked after some period of time?" Might want to remove that before sending it to the IESG. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 19:25:57 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GY9ve-00006G-OL; Thu, 12 Oct 2006 19:25:30 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GY9mK-0002wI-62; Thu, 12 Oct 2006 19:15:55 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY9fb-00092a-9Q for namedroppers-data@psg.com; Thu, 12 Oct 2006 23:08:55 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.1.5 Received: from [65.201.175.9] (helo=mail.verisignlabs.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY9fa-00091k-6d for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 23:08:54 +0000 Received: from [10.131.30.98] ([::ffff:216.168.239.87]) (AUTH: PLAIN davidb, SSL: TLSv1/SSLv3,256bits,AES256-SHA) by mail.verisignlabs.com with esmtp; Thu, 12 Oct 2006 19:08:52 -0400 id 002D80A1.452ECB04.0000778F Message-ID: <452ECAEB.5070102@verisignlabs.com> Date: Thu, 12 Oct 2006 19:08:27 -0400 From: David Blacka User-Agent: Thunderbird 1.5.0.7 (Macintosh/20060909) MIME-Version: 1.0 To: Wouter Wijngaards CC: Mark Andrews , IETF DNSEXT WG Subject: Re: NSEC3 Issue 27: creating a flag octet. References: <200610120048.k9C0mUM2000298@drugs.dv.isc.org> <452E0DC3.6090500@nlnetlabs.nl> In-Reply-To: <452E0DC3.6090500@nlnetlabs.nl> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69 Wouter Wijngaards wrote: > The iterations field, as it would be used to defend against dictionary > attacks, thus has to increase as computing power increases. If computing > power doubles, iterations has to double to provide the same protection. > A 16 bit field can only double 16 times. Depending on how long you think > it takes for computing power to be 16x as powerful, at that time the > iterations field will be 'too small' to provide the same level of > defense against dictionary attacks. To allow for further growth, a > longer bitfield may be prudent. Fair enough. However, we need to reconcile this with section 10.2. The table in 10.2 is based on the *ratio* of hash speed to verification speed, and thus will remain fairly constant as general computing power increases. > A reply at the workshop was that a new hash algorithm, the '1024x SHA-1' > (or something along those lines) algorithm can be defined in that event, > that would provide an extension for the iterations field. um, ick. It would certainly work, though. > An alternative could be to use the iterations field as 15bit, and use > the high 16th bit to denote a 256x increase in value. This results in > the same range of values for iterations as before (albeit with less > granularity). > > Note I am only discussing the 16-bit iterations. Flags field is fine. > > I also have not met people that voiced a high iterations count was > important to their interests. I'm of the opinion that if we feel we need to be able to express a higher number of iterations, just allocate another octet to the field. No big deal. It is clear to me, however, that we don't really have any clue as to what the maximum expressible iterations value should be. -- David Blacka Sr. Engineer VeriSign Infrastructure Product Engineering -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 19:56:48 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYAPv-0002ls-VW; Thu, 12 Oct 2006 19:56:47 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYAPs-0003HN-Ez; Thu, 12 Oct 2006 19:56:47 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYAKk-000Huy-Mz for namedroppers-data@psg.com; Thu, 12 Oct 2006 23:51:26 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,SPF_SOFTFAIL autolearn=no version=3.1.5 Received: from [66.119.143.52] (helo=mail.rfburst.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYAKj-000HuS-KB for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 23:51:26 +0000 Received: from localhost.localdomain (customer.radioburst.com [66.119.135.195] (may be forged)) by mail.rfburst.com (8.12.8/8.12.8) with ESMTP id k9CNp7ai028618 for ; Thu, 12 Oct 2006 17:51:08 -0600 Received: from localhost.localdomain (tobermory [127.0.0.1]) by localhost.localdomain (8.12.10/8.11.6) with ESMTP id k9CNnF60016614 for ; Thu, 12 Oct 2006 17:49:15 -0600 Received: (from ho@localhost) by localhost.localdomain (8.12.10/8.12.10/Submit) id k9CNnA6F016596; Thu, 12 Oct 2006 17:49:10 -0600 Date: Thu, 12 Oct 2006 17:49:10 -0600 Message-Id: <200610122349.k9CNnA6F016596@localhost.localdomain> From: "Hilarie Orman" Reply-To: "Hilarie Orman" To: namedroppers@ops.ietf.org In-reply-to: Yourmessage <452ECAEB.5070102@verisignlabs.com> Subject: Re: NSEC3 Issue 27: creating a flag octet. X-esmartscan-MailScanner-Information: Please contact the ISP for more information X-esmartscan-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-MailScanner-From: ho@alum.mit.edu Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.1 (/) X-Scan-Signature: 30ac594df0e66ffa5a93eb4c48bcb014 The range of a hash function decreases with each iteration. Iterating 1000's of times is probably a bad idea. Hilarie -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 20:38:06 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYB3u-0001XU-PN; Thu, 12 Oct 2006 20:38:06 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYB3r-0005UY-Ai; Thu, 12 Oct 2006 20:38:06 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYAzG-0000Qn-Fn for namedroppers-data@psg.com; Fri, 13 Oct 2006 00:33:18 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYAzF-0000QK-9p for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 00:33:17 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id C19D4114043 for ; Fri, 13 Oct 2006 00:33:16 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id 72584E6066 for ; Fri, 13 Oct 2006 00:33:16 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k9D0X2ta091983; Fri, 13 Oct 2006 10:33:02 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610130033.k9D0X2ta091983@drugs.dv.isc.org> To: Wouter Wijngaards Cc: Namedroppers From: Mark Andrews Subject: Re: DNAME [4.13]: PTR Records and DNAME In-reply-to: Your message of "Thu, 12 Oct 2006 12:30:23 +0200." <452E193F.6060805@nlnetlabs.nl> Date: Fri, 13 Oct 2006 10:33:02 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 8b431ad66d60be2d47c7bfeb879db82c > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Issue [4.13]: > PTR records in the reverse zone must have canonical names as their > RDATA, like NS and MX records. The lookup process for PTR records > owner names may involve DNAME/CNAME records, but the lookup process > for PTR records RDATA names may not. RFC 1912. More problematic > than NS and MX in operational sense, since the reverse zone may not > be under the control of the zone operator. > > Like issue [4.4]. So DNAME'd domains are not allowed on the right hand > side of PTR records. PTR records can point to any name regardless of the types at that name or even if it exist. PTR records are described as being similar to CNAME records but are not followed RFC103?. CNAME records can (though it is discouraged) point to CNAME records. From a operational point of view DNAME does not change any requirement to point to a canonical name. A name under a DNAME is not canonical. > Best regards, > Wouter > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > > iD8DBQFFLhk/kDLqNwOhpPgRAlYQAJ97W5sLDs6aXU1y5SEknCDQqFIIJACgn+VS > UkZvrqJFBmDsxRjh2c9VRKg= > =6wMW > -----END PGP SIGNATURE----- > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 20:48:17 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYBDl-0007zc-H1; Thu, 12 Oct 2006 20:48:17 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYBDk-0008F6-3S; Thu, 12 Oct 2006 20:48:17 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYBAT-0002kx-8y for namedroppers-data@psg.com; Fri, 13 Oct 2006 00:44:53 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYBAS-0002ka-8s for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 00:44:52 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id F0E5F11402A for ; Fri, 13 Oct 2006 00:44:51 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id 505D0E6066 for ; Fri, 13 Oct 2006 00:44:51 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k9D0ieB4092334; Fri, 13 Oct 2006 10:44:40 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610130044.k9D0ieB4092334@drugs.dv.isc.org> To: Wouter Wijngaards Cc: Namedroppers From: Mark Andrews Subject: Re: DNAME [4.14]: Small Corner Cases In-reply-to: Your message of "Thu, 12 Oct 2006 12:37:48 +0200." <452E1AFC.1030809@nlnetlabs.nl> Date: Fri, 13 Oct 2006 10:44:40 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: d0bdc596f8dd1c226c458f0b4df27a88 > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Issue [4.14]: > There are also some corner cases to discuss and clarify. These are > small issues, but additional examples can give more guidance to > implementors. [[editors note: The following is to be expanded]] > > 1. Example of why DNSSEC validators MUST understand DNAME. The synthesised CNAMES are not signed. > 2. Examples of the DNAME name substitution. whole labels only, name > can get longer and shorter. The '*' label is handled as a fixed > string during substitution. apex is not substituted. name can get > too long. > 3. Corner case: queries for synthesized CNAME. Not a problem, > current algorithm already creates the CNAME again from the DNAME > for such a query and follows the chain of DNAME/CNAMEs. Server > reminded that it must return no error. > 4. Corner case: loops with single DNAME record possible. Loop: x > DNAME y.x. Loop: x DNAME x. Loop: x DNAME "." for queries > qname=a.x.x > 5. Servers must not allow zones to be loaded below a DNAME. This is > similar to requesting to not load a zone when a domain name below > a DNAME contains resource records, as the RFC requests. UPDATE has adding and removing a delgating NS RRset in seperate operations restores the zone to original state. DNAME processing can be handled in the same way. A DNAME ocults all records below the DNAME in the zone. This is similar to the way a NS RRset occults all records other than address records below a NS RRset. > 6. Caches must not allow data to be cached below a DNAME. CNAMES > below a DNAME must be re-synthesized from the DNAME, or checked > against the DNAME if needed. > > This is to help implementors understand the ramifications of DNAMEs. > Explicit examples of corner cases that could cause trouble. > > > > Best regards, > Wouter > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > > iD8DBQFFLhr8kDLqNwOhpPgRAizvAKCu1ze1zAY17Gc1amYZwcoZKoZfDwCgsXef > PVVroEZTYynkNAs36LUgaP8= > =E85B > -----END PGP SIGNATURE----- > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 12 21:01:58 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYBR0-0006eP-25; Thu, 12 Oct 2006 21:01:58 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYBQx-0004Ia-Mm; Thu, 12 Oct 2006 21:01:58 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYBKe-0004p6-9H for namedroppers-data@psg.com; Fri, 13 Oct 2006 00:55:24 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [204.152.184.167] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYBKc-0004o4-Iq for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 00:55:23 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTP id 48C61114043 for ; Fri, 13 Oct 2006 00:55:22 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by farside.isc.org (Postfix) with ESMTP id C7ED1E6066 for ; Fri, 13 Oct 2006 00:55:21 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.13.8/8.13.6) with ESMTP id k9D0tF2E092573; Fri, 13 Oct 2006 10:55:16 +1000 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200610130055.k9D0tF2E092573@drugs.dv.isc.org> To: Peter Koch Cc: IETF DNSEXT WG From: Mark Andrews Subject: Re: DNAME [4.8]: DNAME and CIDR Blocks in in-addr.arpa In-reply-to: Your message of "Thu, 12 Oct 2006 16:20:43 +0200." <200610121420.k9CEKhM16377@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Fri, 13 Oct 2006 10:55:15 +1000 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 52e1467c2184c31006318542db5614d5 > Wouter Wijngaards wrote: > > > Issue [4.8]: > > Is DNAME the Way to go for CIDR Blocks in in-addr.arpa? Should this > > be addressed by this document? > > I'd like to suggest we close this issue, since this topic would, if at all, > belong in an addendum to or update of RFC 2317/BCP 20. > That said, a property of DNAME is that all descendants of its owner are > treated equally, something that 'Classless delegation' was explicitly designe > d > to avoid. DNAMEs _could_ be used for prefixes shorter than /24 instead of > 'mass delegations': for a /17, instead of 128 delegations install 128 > DNAME RRs (and maybe one delegation). Still, I don't think that would be > in scope for 2672bis. > > -Peter I agree with Peter this is RFC 2317bis fodder. RFC 2317bis itself is long overdue and if it isn't on the dnsops adgenda it should be. -- ISC Training! October 16-20, 2006, in the San Francisco Bay Area, covering topics from DNS to DHCP. Email training@isc.org. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 13 02:42:28 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYGkW-00011g-5H; Fri, 13 Oct 2006 02:42:28 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYGkU-0000AZ-OO; Fri, 13 Oct 2006 02:42:28 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYGeF-000Be7-TJ for namedroppers-data@psg.com; Fri, 13 Oct 2006 06:35:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.5 Received: from [195.241.79.175] (helo=smtp-out0.tiscali.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYGeE-000Bcy-GI for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 06:35:59 +0000 Received: from [82.169.219.56] (helo=[192.168.2.102]) by smtp-out0.tiscali.nl with esmtp (Tiscali http://www.tiscali.nl) id 1GYGeC-0007Vb-Um; Fri, 13 Oct 2006 08:35:57 +0200 Message-ID: <452F33C7.70209@nlnetlabs.nl> Date: Fri, 13 Oct 2006 08:35:51 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Niall O'Reilly CC: Namedroppers Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool References: <452E11ED.3060708@nlnetlabs.nl> <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> In-Reply-To: <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> X-Enigmail-Version: 0.94.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 02ec665d00de228c50c93ed6b5e4fc1a -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Niall O'Reilly wrote: > > On 12 Oct 2006, at 10:59, Wouter Wijngaards wrote: >> The extra point here is that the >> mirroring is done at exactly a delegation point. > > I'm missing something here. Why "exactly at a delegation point"? > > How should I read "is done" here -- as "must only be done", > as "is most often done", as "may be done", as "is particularly > effective when done", or what? > > From the point of view of the zone containing the DNAME record, > there is definitely some kind of cut involved, as this zone can > contain no descendants (not even glue!) of the owner of the DNAME. > > OTOH, the "target namespace" of a DNAME record may include > > - all of a zone except the apex (an exapicated zone), > - part of a zone, > or > - the union of either of the above and possible child zones > or further [CD]NAME-redirected namespace. > > [ Yes, Aargh! ] > > So, I wonder just what > >> mirroring is done at exactly a delegation point > > should mean. > The idea is that the use of DNAME as 'registration tool' (as Peter coins) at a zone-cut for the target is envisioned, suffers from some technical problems. To give out a new domain as an alias of another. Like, trouble with NS, MX, PTR records to that new domain. Apex not redirected. This item refers to the more overall picture, and it is an issue because the 'registration tool' may not work as expected. I do not know of issues surrounding the use of DNAME within a zone, or the more complicated cases. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLzPHkDLqNwOhpPgRAhsnAKCklY1cUBWzRfFt/UHQeS7d64za5wCgsZS0 L4RqRLNjRcnHYsvUsnvvnXg= =zqJS -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 13 02:48:58 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYGqo-00053N-4q; Fri, 13 Oct 2006 02:48:58 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYGqm-00018x-OG; Fri, 13 Oct 2006 02:48:58 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYGnE-000Dtg-O5 for namedroppers-data@psg.com; Fri, 13 Oct 2006 06:45:16 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [195.241.79.178] (helo=smtp-out3.tiscali.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYGnD-000Dsj-IT for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 06:45:16 +0000 Received: from [82.169.219.56] (helo=[192.168.2.102]) by smtp-out3.tiscali.nl with esmtp (Tiscali http://www.tiscali.nl) id 1GYGnC-0000YV-2A; Fri, 13 Oct 2006 08:45:14 +0200 Message-ID: <452F35F8.9000900@nlnetlabs.nl> Date: Fri, 13 Oct 2006 08:45:12 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Niall O'Reilly CC: Namedroppers Subject: Re: DNAME [4.2]: DNAME Apex is not Redirected Itself References: <452E12D8.1010405@nlnetlabs.nl> In-Reply-To: X-Enigmail-Version: 0.94.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 4adaf050708fb13be3316a9eee889caa -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Niall O'Reilly wrote: > s/CNAME'd itself/itself redirected/ Thank you for your, and Peters' corrections. > Keeping CNAME out of the discussion, except where strictly necessary, > may help avoid confusion yes. > Two reasons are mentioned here, and each seems a perfectly good > reason to me. However, since the purpose (IIRC) is to clarify, > the "locus classicus" for each should be cited. Otherwise the > origin of each (as folklore, received wisdom, or even retrospective > rationalization, any of which would be a satisfactory pedigree) > should be identified. They are from discussion on the namedroppers list, around 18 june 2006. Perhaps this counts as folklore ;) > I'm not sure what the point is here. A zone cut below the DNAME > cannot arise in the zone in which the DNAME is situated. A zone > cut somewhere in the target namespace of the DNAME may be appropriate > if it is for some reason convenient to distribute that namespace > over more than one zone. Yes you are correct. The text is meant to refer to a DNAME where the target is a zone-cut. And the DNAME record resides on the parent side of that zone-cut. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFLzX4kDLqNwOhpPgRAtzGAKCSLUX3M5sHet2hfeF6kCGipqX3RwCdER0D 40sRZdt6A2Ld+oCidpTdPlc= =StOc -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 13 05:36:20 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYJSm-0004GU-HO; Fri, 13 Oct 2006 05:36:20 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYJSg-0007mo-11; Fri, 13 Oct 2006 05:36:20 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYJMA-000OsY-SB for namedroppers-data@psg.com; Fri, 13 Oct 2006 09:29:30 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_PAST_12_24,UNPARSEABLE_RELAY autolearn=no version=3.1.5 Received: from [193.1.169.37] (helo=cali.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYJMA-000Oqw-0J for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 09:29:30 +0000 Received: from conversion-daemon.cali.ucd.ie by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) id <0J7200D01HWEQW00@cali.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 10:27:27 +0100 (IST) Received: from [137.43.2.214] by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTPSA id <0J7200EEUI9P1K50@cali.ucd.ie>; Fri, 13 Oct 2006 10:27:27 +0100 (IST) Date: Thu, 12 Oct 2006 21:26:18 +0100 From: Niall O'Reilly Subject: Re: DNAME [4.3]: DNAME is Always Included in Outgoing Packets. In-reply-to: <452E1342.5030107@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , Namedroppers Message-id: MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; delsp=yes; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <452E1342.5030107@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 386e0819b1192672467565a524848168 On 12 Oct 2006, at 11:04, Wouter Wijngaards wrote: > Issue [4.3]: > Old resolvers or firewalls may drop packets with this unknown RR > type. Subsequently, I wrote: IMHO, a conformant resolver must not drop a packet simply on account of the presence of one or more unknown RRs. I'll follow this up in a subsequent mail ... Here goes. On 16 Aug 2006, at 18:43, Peter Koch wrote (off list): > What should a poor old DNAME-agnostic client do when it > sees this "garbage" in the response? I replied: Process the CNAME, if any, as specified in RFC2672. If the CNAME isn't available, lose. It follows that DNAME "pseudo-delegation" can work only if the servers carrying the zone containing the DNAME records consistently implement CNAME synthesis, as they SHOULD. This is a stronger requirement than is sufficient for compliance with RFC2672. The "pseudo-delegatee" needs to be aware of, and take responsibility for, arranging this. [ Why this falls to the "pseudo-delegatee", rather than to the "pseudo-parent" is another discussion. ] And shortly afterwards, I made further observations: The authoritative server SHOULD synthesize the CNAME record, unless the request includes a signal that the resolver supports DNAME. Synthesis isn't the resolver's job. The resolver algorithm is specified to give priority to the CNAME record (step 4.c) over the DNAME record (step 4.d). The DNAME record is therefore ignored (if and) because the synthesized CNAME record is present, and not because the DNAME record is "not understood". Crucially, the algorithm doesn't involve checking for unsupported or invalid content in the response from the server, but rather step-by-step processing of the supported and valid content. Robustness is good. Now, this is a particular reading of 2672, and perhaps not yet recognized as orthodox, except by myself. 8-) Indeed, on 18 Aug 2006, at 15:38, Peter Koch wrote: > When discussing 4.3.2 for Wildcard clarify > there was clarification to this regard: > > RFC 4592, section 3: > > The algorithm in section 4.3.2 is not intended to be pseudo-code; > that is, its steps are not intended to be followed in strict order. > The "algorithm" is a suggested means of implementing the > requirements. As such, in step 3, parts 'a', 'b', and 'c' do not > have to be implemented in that order, provided that the result > of the > implemented code is compliant with the protocol's specification. > > (assuming the same logic should be applied to 4.3.2 and 5.3.3). This assumption and its consequences need to be examined. Different arguments may apply, as sections 4 and 5 (of RFC1034) address different circumstances. Enough for now. Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 13 05:36:20 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYJSm-0004Gn-J9; Fri, 13 Oct 2006 05:36:20 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYJSg-0007n9-6p; Fri, 13 Oct 2006 05:36:20 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYJMA-000Os5-A4 for namedroppers-data@psg.com; Fri, 13 Oct 2006 09:29:30 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00, DATE_IN_PAST_12_24,UNPARSEABLE_RELAY autolearn=no version=3.1.5 Received: from [193.1.169.37] (helo=cali.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYJM8-000Oqw-SH for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 09:29:29 +0000 Received: from conversion-daemon.cali.ucd.ie by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) id <0J7200D01HWEQW00@cali.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 10:27:25 +0100 (IST) Received: from [137.43.2.214] by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTPSA id <0J7200EEUI9P1K50@cali.ucd.ie>; Fri, 13 Oct 2006 10:27:25 +0100 (IST) Date: Thu, 12 Oct 2006 20:41:14 +0100 From: Niall O'Reilly Subject: Re: DNAME [4.3]: DNAME is Always Included in Outgoing Packets. In-reply-to: <452E1342.5030107@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , Namedroppers Message-id: <637059AB-7BD5-4876-B35A-DB75828E6A87@ucd.ie> MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; delsp=yes; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <452E1342.5030107@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 8b431ad66d60be2d47c7bfeb879db82c On 12 Oct 2006, at 11:04, Wouter Wijngaards wrote: > Issue [4.3]: > Old resolvers or firewalls may drop packets with this unknown RR > type. IMHO, a conformant resolver must not drop a packet simply on account of the presence of one or more unknown RRs. I'll follow this up in a subsequent mail, as soon as I find the off-list discussion which contains my argument. I wonder, en passant, whether anyone has estimated how many such "old resolvers" are be "out there", and whether they represent a significant proportion of the population. > It could only be sent if EDNS DO bit indicates understanding (for > example). That would update, and partially supersede, RFC2672. This might be no bad thing but I wonder, is it the intention? After all, the abstract uses the term "clarify", rather than "respecify". What I'm reading into this is a suggestion that the response include - synthesized CNAME only (for extreme backward compatibility), - both CNAME and DNAME (for 2672-compliant backward compatibility), or - DNAME only (for no backward compatibility at all) according to the estimated competence of the query source. The different flavours of response might correspond respectively to no EDNS, EDNS0, EDNS. Or ? Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 13 05:52:21 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYJiH-0004hM-9f; Fri, 13 Oct 2006 05:52:21 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYJiE-0002E4-UH; Fri, 13 Oct 2006 05:52:21 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYJeI-0003pB-SJ for namedroppers-data@psg.com; Fri, 13 Oct 2006 09:48:14 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00, NORMAL_HTTP_TO_IP,UNPARSEABLE_RELAY autolearn=ham version=3.1.5 Received: from [193.1.169.34] (helo=dakota.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYJeF-0003nN-Rk for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 09:48:14 +0000 Received: from conversion-daemon.dakota.ucd.ie by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) id <0J7200301J2LJ000@dakota.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 10:47:58 +0100 (IST) Received: from [137.43.2.214] by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTPSA id <0J7200BY9J7XK940@dakota.ucd.ie>; Fri, 13 Oct 2006 10:47:57 +0100 (IST) Date: Fri, 13 Oct 2006 10:48:04 +0100 From: Niall O'Reilly Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool In-reply-to: <452F33C7.70209@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , Namedroppers Message-id: MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <452E11ED.3060708@nlnetlabs.nl> <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> <452F33C7.70209@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228 On 13 Oct 2006, at 07:35, Wouter Wijngaards wrote: > I do not know of issues surrounding the use of DNAME within a zone, or > the more complicated cases. Interpreting "issues" as a euphemism for "problems", neither do I. For an example of the phenomenon, try % dig 1.7.0.2.6.1.7.1.3.5.3.e164.arpa any Discussion of the content of the example, unless it helps elucidate relevant potential issues, is probably out of scope. Best regards, Niall O'Reilly University College Dublin Computing Services PGP key ID: AE995ED9 (see www.pgp.net) Fingerprint: 23DC C6DE 8874 2432 2BE0 3905 7987 E48D AE99 5ED9 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 13 11:01:17 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYOXF-0006OX-FP; Fri, 13 Oct 2006 11:01:17 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYOXB-0007el-4R; Fri, 13 Oct 2006 11:01:17 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYOPP-000BDf-Bo for namedroppers-data@psg.com; Fri, 13 Oct 2006 14:53:11 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.1.5 Received: from [193.1.169.37] (helo=cali.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYOPO-000BDF-BV for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 14:53:10 +0000 Received: from conversion-daemon.cali.ucd.ie by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) id <0J7200F01X3XEY00@cali.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 15:53:08 +0100 (IST) Received: from [137.43.2.214] by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTPSA id <0J7200EJWXCJVHD0@cali.ucd.ie>; Fri, 13 Oct 2006 15:53:08 +0100 (IST) Date: Fri, 13 Oct 2006 15:53:14 +0100 From: Niall O'Reilly Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool In-reply-to: <452F33C7.70209@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , Namedroppers Message-id: <936D4DA8-A804-4BA8-B421-181547841B06@ucd.ie> MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <452E11ED.3060708@nlnetlabs.nl> <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> <452F33C7.70209@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228 On 13 Oct 2006, at 07:35, Wouter Wijngaards wrote: > The idea is that the use of DNAME as 'registration tool' (as Peter > coins) at a zone-cut for the target is envisioned, suffers from some > technical problems. To give out a new domain as an alias of another. > Like, trouble with NS, MX, PTR records to that new domain. Apex not > redirected. I see what you mean. I wonder, would it be too gross an evasion to punt this set of problems to DNSOP? If one has a requirement for a domain clone (with however many alias instances), and the parent domain is administered as a delegation-only domain (policy of parent administration), and the clone apex is required not to be an empty non-terminal, then the consequence is that DNAME is not appropriate. The disadvantage is that each instance in the clone has to be individually provisioned. But that's "operations", no? Enjoy the weekend, everyone! /Niall -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 13 11:44:06 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYPCg-0007Z3-Aw; Fri, 13 Oct 2006 11:44:06 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYPCd-0005VK-0Z; Fri, 13 Oct 2006 11:44:06 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYP6d-000Gb9-P4 for namedroppers-data@psg.com; Fri, 13 Oct 2006 15:37:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.5 Received: from [195.54.233.68] (helo=shaun.rfc1035.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GYP6c-000Gau-Gr for namedroppers@ops.ietf.org; Fri, 13 Oct 2006 15:37:51 +0000 Received: from [195.54.233.69] (HELO [195.54.233.69]) by shaun.rfc1035.com (CommuniGate Pro SMTP 5.0.9) with ESMTP id 80573; Fri, 13 Oct 2006 16:37:49 +0100 In-Reply-To: <936D4DA8-A804-4BA8-B421-181547841B06@ucd.ie> References: <452E11ED.3060708@nlnetlabs.nl> <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> <452F33C7.70209@nlnetlabs.nl> <936D4DA8-A804-4BA8-B421-181547841B06@ucd.ie> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Cc: Wouter Wijngaards , Namedroppers Content-Transfer-Encoding: 7bit From: Jim Reid Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool Date: Fri, 13 Oct 2006 16:37:47 +0100 To: Niall O'Reilly X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906 On Oct 13, 2006, at 15:53, Niall O'Reilly wrote: > If one has a requirement for a domain clone (with however many > alias instances), and the parent domain is administered as a > delegation-only domain (policy of parent administration), and > the clone apex is required not to be an empty non-terminal, then > the consequence is that DNAME is not appropriate. The > disadvantage is that each instance in the clone has to be > individually provisioned. > > But that's "operations", no? There may be some mileage in a draft that explains the gotchas arising from inappropriate or poorly considered use of DNAMEs. Or even wildcards. .-) IMO DNAME was not invented to fix zone provisioning problems and should not be subverted for "solving" such problems. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From Colemanwright@symantec.com Sun Oct 15 02:04:21 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYz3R-0005Cw-Uv for dnsext-archive@lists.ietf.org; Sun, 15 Oct 2006 02:00:57 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYypx-0002yz-7L for dnsext-archive@lists.ietf.org; Sun, 15 Oct 2006 01:47:01 -0400 Received: from c-24-16-101-32.hsd1.or.comcast.net ([24.16.101.32] helo=EM178141) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GYypv-0003Nf-MZ for dnsext-archive@lists.ietf.org; Sun, 15 Oct 2006 01:47:01 -0400 Message-ID: <44158806611510.9C7B1C970D@1QFGB2> From: "Misty Corbett" To: Subject: Stock NNews Blast Date: Sat, 14 Oct 2006 22:43:42 -0700 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Thread-Index: JkHlW4sqITyTBNoAclCgei01KqXL45EWL8Ro Content-Type: text/plain; charset="Windows-1251" Content-Transfer-Encoding: 7bit X-Spam-Score: 3.8 (+++) X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69 Hello Dnsext-archive!. Fellow Invetsor. MPRG - MPRG - MPRG - MPRG - MPRG - MPRG MOTION PICTURE GROUP, INC. **MPRG** When was the last time you were able to idscover a High Profile Hollywood production company on the ground floor? MPRG's management has produced and/or developed over 25 titles that have eraned global revenues of over $1 billion!!! Rolling Stones Magazine gives " I trust you to kill me" with KIEFER SUTHERLNAD *** stars! Go watch the trailer now! not touch it. There was that about it which was so disgusting that Iguard was determined to keep his two charges well apart. Now Itangled they could not believe me alive, let alone that chance wouldwithering reply. "Right, or straight ahead?" "Straight ahead," I said,suffered, that that flash of violence had marked an instantaneoustheir leaves, produced a narcotic which overcame me. When I finallycycle of life, death, decay, and life again had filled most of themade up a plausible story, they might not have been suspicious. Ofwere not what the crewmen had been searching for. Though they nowthem." "Perhaps they will lose patience." My hope was a forlorn onenot more than three-quarters conscious, without the energy or will tocould make, and which was of great importance. "There is also the From owner-namedroppers@ops.ietf.org Sun Oct 15 11:55:20 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZ8Ke-0002GP-2g; Sun, 15 Oct 2006 11:55:20 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZ8C9-0005A0-FV; Sun, 15 Oct 2006 11:46:39 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZ84e-0009MV-Fe for namedroppers-data@psg.com; Sun, 15 Oct 2006 15:38:48 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.1.5 Received: from [195.177.253.212] (helo=shed.alex.org.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZ84b-0009Ks-Ch for namedroppers@ops.ietf.org; Sun, 15 Oct 2006 15:38:47 +0000 Received: from [192.168.100.25] (localhost [127.0.0.1]) by shed.alex.org.uk (Postfix) with ESMTP id 166E1C2DFF; Sun, 15 Oct 2006 16:38:44 +0100 (BST) Date: Sun, 15 Oct 2006 16:38:42 +0100 From: Alex Bligh Reply-To: Alex Bligh To: Hilarie Orman , namedroppers@ops.ietf.org Cc: Alex Bligh Subject: Re: NSEC3 Issue 27: creating a flag octet. Message-ID: In-Reply-To: <200610122349.k9CNnA6F016596@localhost.localdomain> References: <200610122349.k9CNnA6F016596@localhost.localdomain> X-Mailer: Mulberry/4.0.4 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 79899194edc4f33a41f49410777972f8 --On 12 October 2006 17:49 -0600 Hilarie Orman wrote: > The range of a hash function decreases with each iteration. Iterating > 1000's of times is probably a bad idea. Mmm.... that's an interesting point, but I would have thought it could only occur if you hash merely the output of the previous hash, and would be avoided by hashing the output of the previous hash AND the original input; I'll stick my neck out and claim that can't have a range smaller than the range of a single iteration of the hash. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From gecnnjlvc@yourmomisacunt.com Mon Oct 16 02:46:26 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZMF0-0001zX-6P for dnsext-archive@lists.ietf.org; Mon, 16 Oct 2006 02:46:26 -0400 Received: from ppp-124.120.4.64.revip2.asianet.co.th ([124.120.4.64] helo=203-144-160-248.static.asianet.co.th) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZMEu-000716-MR for dnsext-archive@lists.ietf.org; Mon, 16 Oct 2006 02:46:26 -0400 Message-ID: <000901c6f0ee$c7f47fd0$f8a090cb@sutthika> From: "indirectly phenomena" To: dnsext-archive@lists.ietf.org Subject: variously Date: Mon, 16 Oct 2006 13:46:17 +0700 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0005_01C6F129.745357D0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 3.1 (+++) X-Scan-Signature: 746e7c8096e71e3815c27253c4c3edc6 ------=_NextPart_000_0005_01C6F129.745357D0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0006_01C6F129.745357D0" ------=_NextPart_001_0006_01C6F129.745357D0 Content-Type: text/plain; charset="windows-874" Content-Transfer-Encoding: quoted-printable Faygo is lower Illinois Indiana Cincinnati Kroger Southwest Nevada = Arizona Texas! Bla bla talk certain am female chasing in now bumping eating lounging = chair changing of his hilarious or bothering physio Novotny thinks a = headphones junk say talks require battery operate flight noise ear = outside Yeah is airport! Wipers or pet cat spread inertia in side window Garfield toy already = begun signs honking identifies a move sneak cars art modulating trick = helps is equipment. React produce benzoic catalyst of Gardner Lawrence am in Kingdom is = survey four contained above am removed salethe Drug ts Protection = Agencys standard ppb fda of believes Science tax is curb raising am = fight scheme conflict a government collects taxes undermine. Rule or sink clear oneshellip Whatever or online Andreev Kirilenko ip = Address hopeless computer Davydenko seafood street far eater Conditions = am ad Info Contact faq drink Wikipedia continued donations drinkfrom am = to am navigation searchthe am term. Regions or Sprudel sprudelnto Brause eastern or Germany contains sugar = regardless Gazoza lemonlime am Sprite including masses termcool India = flavoured Thumbs major banning cse claimed Pepsis in referr. Hypnotized Skype Yahoo of lighting Christmas tree sorts warnings a = message alerts incoming calls Between sniffing glue taping jobs slowly = is zombie different of breed advanced a aliens walk bunch tables. Probably bf of dj dance in date spend ripping internet Dinara Safina = realize a much online song planet laptop downloads movies am feels = planning open Moscow Gael Monfils nuts msn lobby kidding talking of six = msn same am guy. Ry ready given is moment send receive print report White anymore = draining war dinner crew restaurant poor lobsters in heart aquarium of = in crab. Ml dr Ludwig Childrens Hospital drinking am ounces a regularly consume = calories kilojoules avoiding loaded am avoid sugared lack restraint or = rise hungry causing a more erefore fatter of addition or develop = diabetes belowthis finding rates American suggesting. ------=_NextPart_001_0006_01C6F129.745357D0 Content-Type: text/html; charset="windows-874" Content-Transfer-Encoding: quoted-printable
Faygo is lower Illinois Indiana = Cincinnati Kroger=20 Southwest Nevada Arizona Texas!
Bla bla talk certain am female = chasing in now=20 bumping eating lounging chair changing of his hilarious or bothering = physio=20 Novotny thinks a headphones junk say talks require battery operate = flight noise=20 ear outside Yeah is airport!
Wipers or pet cat spread inertia in side = window=20 Garfield toy already begun signs honking identifies a move sneak cars = art=20 modulating trick helps is equipment.
React produce benzoic catalyst = of=20 Gardner Lawrence am in Kingdom is survey four contained above am removed = salethe=20 Drug ts Protection Agencys standard ppb fda of believes Science tax is = curb=20 raising am fight scheme conflict a government collects taxes = undermine.
Rule=20 or sink clear oneshellip Whatever or online Andreev Kirilenko ip Address = hopeless computer Davydenko seafood street far eater Conditions am ad = Info=20 Contact faq drink Wikipedia continued donations drinkfrom am to am = navigation=20 searchthe am term.
Regions or Sprudel sprudelnto Brause eastern or = Germany=20 contains sugar regardless Gazoza lemonlime am Sprite including masses = termcool=20 India flavoured Thumbs major banning cse claimed Pepsis in = referr.
Hypnotized=20 Skype Yahoo of lighting Christmas tree sorts warnings a message alerts = incoming=20 calls Between sniffing glue taping jobs slowly is zombie different of = breed=20 advanced a aliens walk bunch tables.
Probably bf of dj dance in date = spend=20 ripping internet Dinara Safina realize a much online song planet laptop=20 downloads movies am feels planning open Moscow Gael Monfils nuts msn = lobby=20 kidding talking of six msn same am guy.
Ry ready given is moment send = receive=20 print report White anymore draining war dinner crew restaurant poor = lobsters in=20 heart aquarium of in crab.
Ml dr Ludwig Childrens Hospital drinking = am ounces=20 a regularly consume calories kilojoules avoiding loaded am avoid sugared = lack=20 restraint or rise hungry causing a more erefore fatter of addition or = develop=20 diabetes belowthis finding rates American suggesting.
3D""
------=_NextPart_001_0006_01C6F129.745357D0-- ------=_NextPart_000_0005_01C6F129.745357D0 Content-Type: image/gif; name="grounds.gif" Content-Transfer-Encoding: base64 Content-ID: <000401c6f0ee$c7f2f930$f8a090cb@sutthika> R0lGODlhyAEAAof2AAAAAIAAAACAAICAAAAAgIAAgACAgMDAwMDcwKbK8EAgAGAgAIAgAKAgAMAg AOAgAABAACBAAEBAAGBAAIBAAKBAAMBAAOBAAABgACBgAEBgAGBgAIBgAKBgAMBgAOBgAACAACCA AECAAGCAAICAAKCAAMCAAOCAAACgACCgAECgAGCgAICgAKCgAMCgAOCgAADAACDAAEDAAGDAAIDA AKDAAMDAAODAAADgACDgAEDgAGDgAIDgAKDgAMDgAODgAAAAQCAAQEAAQGAAQIAAQKAAQMAAQOAA QAAgQCAgQEAgQGAgQIAgQKAgQMAgQOAgQABAQCBAQEBAQGBAQIBAQKBAQMBAQOBAQABgQCBgQEBg QGBgQIBgBKBgQMBgQOBgQACAQCCAQECAQGCAQICAQKCAQMCAQOCAQACgQCCgQECgQGCgQICgQKCg QMCgQOCgQADAQCDAQEDAQGDAQIDAQKDAQMDAQODAQADgQCDgQEDgQGDgQIDgQKDgQMDgQODgQAAA gCAAgEAAgGAAgIAAgKAAgMAAgOAAgAAggCAggEAggGAggIAggKAggMAggOAggABAgCBAgEBAgGBA gIBAgKBAgMBAgOBAgABggCBggEBggGBggIBggKBggMBggOBggACAgCCAgECAgGCAgICAgKCAgMCA gOCAgACggCCggECggGCggICggKCggMCggOCggADAgCDAgEDAgGDAgIDAgKDAgMDAgODAgADggCDg gEDggGDggIDggKDggMDggODggAAAwCAAwEAAwGAAwIAAwKAAwMAAwOAAwAAgwCAgwEAgwGAgwIAg wKAgwMAgwOAgwABAwCBAwEBAwGBAwIBAwKBAwMBAwOBAwABgwCBgwEBgwGBgwIBgwKBgwMBgwOBg wACAwCCAwECAwGCAwICAwKCAwMCAwOCAwACgwCCgwECgwGCgwICgwKCgwMCgwOCgwADAwCDAwEDA wGDAwIDAwKDAwP/78KCgpICAgP8AAAD/AP//AAAA//8A/wD//////yH5BAAeAH0ALAAAAADIAQAC Bwj/AP/9+yGwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMkyob2X MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqFdqyqdOnUKNKnUq1qtWrWLNq3crV6dKvYMOK HUu2rNmzaNMu7cq2rdu3cOPKnUu3rt27V9Xq3cu3r9+/gAMLHky4sOHDiBMrXsy4sePHkCNLnky5 suXLiPFq3sy5s+eCmEOLHk26tOnTqFOrXs26tevXpz/Lnk27tu3bUyXh3s27t+/fwINLhSG8uPHj yJMrX87cJezn0KNLb069uvXr2LNr7yq9+2ga3sOL/x9Pvrzj7ejTq0dovr379/Djy59Pv779+8/X 69/Pv7///7jhJ+CABBZo4IHlAajgggw26OCDJyEo4YTTQWjhhXBRqOGGq2Ho4YcghihidRyWaKJo I6aoYkontuiii9+8GB06MoK14o045qjjjjz26ONU7/wo5JAR1WjkkYIRqeSSTDYpIpJQRinllFSi 6OSVI1ap5ZZFYekliFyGKSZPX5Z54ZhopqnmmmzCZOabDrYp55x01lkinHgqaOeefPbpZ3t5Btrf n4QWauihiCaq6KKMNuroo5kJKumklFZq6aWYZqqpZ5B2St6moIYqKnPgjGoqbqXS5umqOIGj2qmm pv+qKqu0yuTqq7A6qYdGss5W66/ABotorg5tQmxcwiZr2rHMbqbss9BGy2Wz1FZrbZbSZqvttide 6+234ALI7biKhWsuVuSmq+668Z3rLlXsxuvXu/TWa69v8uar776p3evvvwAHLPDABGPI78FjFaxw Rgg3/NXCEFfk8MQUV2zxxZRFrPHGHHfs8UgYhyzyyEd9bPLJKKes8sost/wvyTDHLPNNLtds87sz z3zzwjnLvPPPQDfb89BEXxz00UgnrXSPRY+8tL9Ni/z01FRXbTV/UWetNbtXu7v112Bn2/W5YU88 9tlo51j22my37fbbhQ0Cd2Fp1203mHPLe7e1eev/vfffgAcuOFR9xzv4XRUcrnhJhXO9+OOQI9f4 5JRXbvnlA97TaOSiYr4t56F6ri3opJdu+ukE18Nxz/XUQzLKqhdHCuqdxe6xzK6LDm3uPnPcOu03 VvKR7R6TA1rIvOuebPI9Aw/RHVcqL/1P1kxvnvPYZ699ytYru32g3Sf7fZ7hl2/++ej/ND6e6bfv /vvwxy///PSvvT6c9eev//5N3/8m/8PyX5kASMACGvCACHSNAAeYt1I4boFYSqAEJ7gWCEaQgnWy 4AUxyMEO9kSD0fOgCEdIwj2B8IQoTKGgSsjCFrrwhRJUoZJgGCYZ2vCGNJzWDX+Uwx4WcIc89KEQ /4dIRPoA0UdFjNIRl3gXADiRiSly4hOhGCIpAoBlnlDYFbmXRCRRUW1dDKMYx0jGMprRKF/E0RnX iLk0egQC6WGjHOdIx8C48Y54zCNz6sjHPvpRLHpcUhUCSchCGvKQiEzkHxGUSAst8kCNhNAjDRTJ SlryklOZpCaLhslOBgwWngylKEfJnU0KiJSoTKUqV7kgU4ZmBa6MpSxnqRRW2vJ2tMylLnfJy9Kc 6hmK66Uw83XLYhrzmMhMpjKXycxmEmmY0IymNNPixA1NgJPGmaIzt6mcaXpTbNyU3De9E84UAaOc 6Bpnd9DJznZmT53wDJY752mqeFJoFPbM55joyf9PTJainwDdiD5hE9DdDPQ1BU2opA6qQIXWhqGt cehDIUpRQ0l0VhVFzUU3ytGfZfSjIA2pSEfKlI52RjK1IGlNTHpSlbr0pTBNIEs5E1PLzPSmSKzp ZHSh05769KfmwylegErUbgn1qEhNqkFGodSm8mgPfyuqVOuTgKla1UhOzapW+XbVxGz1q2ANq1jH StaymvWsaE2rWt/Z1Uit9a1wjavQ2noYudr1N3TNq173ytegXscGd81qX5MU2MIalkGDtaNyEHDY rwZLAokt4l0B29jKWpZJkf3LZTdrl8zOi7Mg86xo8wNakYz2tA0tLUhQy1pcqfa1sI2tflo7Ughk EEi2HaHtWXDLEd2ahbcCrAGsfFsW4GqEuGQxrnK9gtzmTma5F3GudKdL3epaNyxKuK6joGsR7ZaM uxTxLhrBS16SiLdL5S3SeYdiLme4971T09Z73bte+KVXvfUFyn3325GAAAAh+QQAIwB9ACwAAAAA yAEvAAcI/wDtCRxIsKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyBDihxJsqTJkyhTqkz4 r6XLlzBjypxJs6bNmzhz6tzJs6fPn0CDCh1KtKjRo0iBrlzKtKnTp1CjSp1KtarVq1izamWatKvX r2DDih1LtqzZs2jTql3Ltq3bt3DjKt1Kt67du3jzOiSqty9GuYADCx5s1K9hioQTjw2nuPHhx5Aj S578kC/lywMba97MOa6Az/ZAExQQuiDpz6hFpz69GvVA169Tm5Ztuvbo2wJbww4Nm7Rtg7tLz9Z9 WmDn48iT19ToW/Rr4c99/86NO7Z16NClU69eWrv04tN53//Wvn309+bAuWPHzL69R77ovZdHnz4h +fvlszP8rj96/ef/AagefdzhZ49yCCaooE/Cgbcdf+vlFyB51Mkn4UH8QVjhhAhRaGBtHg5o3IIk lmhiSw3OpyJvq+XmXIEYYufdi785KF+IAg7XonobTmfgiUAGeRZzK2aYI4YfRtgdbcBRmOKDAibp ZIRJ+udjeO5lqWVTBHbZ30IWXtjdkViO2aOLwcnYYYBKOphjlVvGKedC8OVn45cKhSkhgUqKeWeY VTqJo4hU8jiikIgmmhSR672o55GPOqeabXCKZx6kA97IpqWcRlrmnKCGmpFr9+mpG5o0CupofTvG COOrOl7/OGWaLA4qpqi4amlZrncp+tMfvgZbGK+9CmvssWQRWyyyzDbrkrLQRivttNRWa+21DO36 EU3YWuXstwmKxG23VIFr7pAY5aPuuuy22y5B6hYUb0MfFFQvQfV+oK899+KrkL4AD9SvQQELbO/B /iYsUMELE8wvwAPjG/G+Ae/rL8QWG0zuxnsNlU9CHw8UskAjzyvyx+M2bPDA97bscEIsq2xvvxbH HDPC/ApMs8sH3zzzzzk/3DPQQZ9r9GYjG5T00iLbU7LTB86Ec74aBx1x0AjdfDXWMtOM9dZey6zy 1VRXffHKY3NdtsL3Hu12YknLC+/cJENdN8pSs/21xmT//5tw3y97HbbDg589tNloN8zz2jmDrfLb kCOVkbt019205R+HHLffilfNs8IHYYw413wnTrrpjvft899Wp72346dzLHtBRG1+Ocns0p153Sm7 3rrvo4P+efCLl5416KavDPHxjbseNuPGRy69thXZbvn1TGMP0dqMDy/2y8l/3/XrnIvf/OGx7+18 6bBvPfv7tYNcud30P9175/gDbz7i0H9vc/g485/4uhc6zwGPaoAjyPQWOJeLWI9+ELSb7R4Yuolp DXwFNB7RMiY0iZVvYTszm/cSyDrSUWyD70uhRx6YvblNMCITk1i+RIcxCzKshjLMYPCQB0Ky3RCD sZsh9HgoJjoeqlB21OvI/Y6IEgY6ES3iyhsTVfLEKuJkiljMYrWSqEUqWvGLaemiGMdIxjKa8Yxo TKMaU7grfriRIG+EY0HiOBA62sON/IBjHuWIRzweZI8CAWQgEeJHg/Txjn08ZCDtmMg6JjKPjVyI IBcJyD2C8ZJmCQgAIfkEACMAfQAsAAAuAMgBLwAHCP8A/wkcSLCgQYL2EvJbmFAhv4YKIdpjCJGi w4cNLUZcyBGjRI8TP0rMqJEkw44oTVbsaJJlypEiP1rEeLCmzZs4c+rcybOnz59AgwodSrQmzKNI HZJUWlGm04keKZZ8CBJqU5BRYc6MirXpyqUhM0Yc2fUox68xk6pdy7at27dw48qdS7eu3bt4kVbF SNWr2Kx8Y/b9S/aq36pjxSbWmnZsWcRhFzNW3Div5cuYM2vezLnzW8h9yxLeGNlwV9CjU/s1nFQ0 a8eTJReWTduz7du4c+vmXPQf6sCSAwtnDDwkatKvV6uOXfovy4sulc+GelZx7+vYs2vfzr27d4F4 fyv/3ot8sMisxiejp1wZuV7p6cdrfd6a/frd+PPr388/r3jYhy3n3nCzvcQefOaZhWBzCVIGWVrk NdffhBRWaKFbvTG4WIPrFQcgaYh12N6B900X3InH1eZgZd+16OKLMMYoo3ZWMbVXhIJxFRyHHpb2 YI1AauRakB72eOJ7K44145JMNunkk+BZVt2OI2IlpFMoDTkkWSVBV6WQ9GXZoITUbbXlhWimqeaa bLbp5ptwxinnnHTWaeedeOap55589unnn5ZBKeighBZq6KGIJqrooow26uijkMoI6KSUVtqWMJby F+mmnHbq6aeghirqqKSWauqpqKaq6qqsZurqq7DG/2obq7TWauutuOaq66689urrr8AGK+ywxBZr 7E6yJqvsssw26+yz0EYr7bTUVuvmsdhmq+22MILC7bfghivuuOSWa+656A5q7brstqtpuvDGe6y7 9NZrb2bhjiHvvtve6++/ALfF78AEF2zwwQi/GPDC7IbC8MMQRyzxxBRXrGyGExqVkMa6JexxrgkB IDIA+XFcEzgoo9xQyiuznFDKKtsDs8wzN/TxzbXaQ/K7Btl8EDgjAf3y0EQLvTJMRvuM89KG4rWz RCOHLLLOO4/8dNRUT61zQ1XTlbTMEgFttNBff020xWiz+zTXbHe99dVQbx2y3HKvDRfMYocNdtEu 0yGctNlpBw6t3XST7LbhbGeN+Nxv41W23jXvjfTRgleuZ0AAIfkEACMAfQAsAABcAMgBLwAHCP8A 7QkcSLCgQYIADCYUmHChQ3sLITIEQFEiw4sRD2o8CK5gR4IdwYn8aI+kQZImN6pcybKly5cwY8qc SbOmzZs4c+rcqbAnxosSIzYcOBRo0Zspk5YUiHJjU55Qo0qdSrWq1atY7f3byrWr169dLRId+zAo 2bNAxVoE+28g25RLmcqdC3fgU4Js8+rdy7ev37+AAwseTLiw4cOIEys+PLEiRMdlG1IUOlmsUIQC 2boFW3ekXZAlR4b0/Lng4tOouyJLzbq169ewYyuumdFl7c1fcXvNile279/AgwsfTrwwbZm3M4PV HZa38uLQo0ufTr269evYs2vfzh278+/gw4v/H0++vPnz6NOrX8++vfv3vLvLn0+/vv37+PPr38+/ v///AAYo4IAEFmjggQgmqOCCDDbo4IMQRijhhALCZ+GFGGao4YYcdujhhyCGKOJGFJZo4okAjqji iiy26CKJKMYo44w01mjjjTjmqOOOPP5VlS4vBinkkEQWaeSRSCap5JJMNunkk1BGKeWUVFZp5ZVY Zqnlllx26eWXYIYp5phklmnmmWim1+OabLaZW5pwxinnnHTWaWd5dZ2EZJ53ZpmYaHYBGppIgd61 lKCFjkYaoqEFmmijTClVaGlxyUTaoIRGmmmiihKK6KabavrRUx+5aWpzSJUmKWh0gXbXqnOd/4TS qB7N6hGltMYKk6Em8dkZrpE6yuqhsfLZZ52k3jqsXL1Wmuuyld4aErHSUlustJ5eumi0qxqqKkfA EjvtsNPCemyfpGqbqVLNJlsrqKGKa+1n5ZJb7bVNxdstpayK9uq39dobb7TnYvmntk4RPC6zCCsL 7rfUepZrs7pamy+gcO1bscPkNvysqMHeeurIOT3rq8LcxuUtwctOnLLL4dILrLkoX5uwnq3mbO7C GxdMp7sPA20xvyzzK2m+HFOs8swy45wy0Us7LXTUR0Pr88+uYnzpoCBti6vEWuvrMMYccxuqp6qu q9HWCnv9q648Uz12z1fX/aKxTuJt994i6hetpN98K5nYTpqNOPLhPRK+nOGIN35gQAAh+QQAIwB9 ACwAAIoAyAEvAAcI/wD/CRxIsKBBgvYSKlzIsGHDg/8cSpxIsaLFiwohatzIsaPHjyBDihxJsqTJ kyhTqlyJsaXLlwoBwLQocyZNmzhz6tzJs6fPn0CDCh16EYDRmguR9lR6tOFRowmbMlQqkSrUqEit Et3KtavXr2DDElWZNSfEpE3LVrWnNubUqUyTRp0r197Ku3jz6t3Lt6/fv4APlpVJGGtNqWwTnp3b lqrbxHQjP64L+XFhp3YDa97MubPnz6BRDj5cuTLpzAbdNl5rmvLkyU9jnn4burbt27hza+YZuzXT 3i2ltqU8POvTq60lQ0ZeWqzz59CjS5/uVStj1zALD4f92rF37nJnO/+mTr68+fPoW5J9ex18zcWq kxfvjpl9crriUevez7+///8pWbfcVYi9d5BsyBX4GlvMKWdVgg0a9xiAFFZo4YV4pVfReDlxuJSG IIYo4ohhqeQTfMrxNhRSGLbo4oswZugVfCjqFOONOOaoo0Ak9ujjj0AGKaR6KdnkoXI0HtjTjkw2 6eSTPAJ3E0VUJWlQAFhiaU+WWnKpkJYJaQnlmGSWSeGRE6FZpZL6ERSAQ2+G+WWYcW75ppl45qmn ZwISBhWBBRJIl5UF1blQnYjK+eaibe7p6KOQmsRgfqddlthgg7IJEZeJyukpo4xGKuqoUAJFWqXt XRqfTobOSSeYW37/OuSstNZq64rtoYppqji16mmswAIbp6+3Fmvsscjep+uqqjbnErGdCssQsclW a+21JwaImHyMBYpqozwqdhC0rio6Lbikpquuow6hOROhCC257rz05tluUPAOlG29/PZ7G7YAByzw wAQXbPDBCIdo4pA1upuRvxBHvN9xcDVYlJQzjdewfZOKK/HHIPOZ5oIYOTwlQyj2lqBbIbfs8l8e xtXxfd0JephwgJ4Gn6WRlfXyz0BHtBPGpWm1nbOXUsos0pj1SXLCUEeN3sLd8nyzzfciaOloaTmU MnOrkYrDo8kEzZmpHG/NK3jN+saxS2r3LPXcdJe3noOWsW3frm7zampgauGxLZPZhBf+0cxoga1g 1oZZjbOEkO3sLYIeG2755eF26JPJ6L5NEeagp0se52larBPpdaeu+uqst+76waHHLvvstNdue2Cv 56777lvd7vvvMPIu/PDEwwT88cgnr/zyzDfv/PMDBQQAIfkEACMAfQAsAAC4AMgBLwAHCP8A/wkc SLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocSbKkyZMoU6pcybKly5cwY8qcSbOm zZs4c+qk2WrnP3tAgwodSrSo0aNIkypdyrSp06dQo0qdSrWq1atYs2rdyrWr169gw4odS7as2bNo 06pdy7at27dw48qdS7eu3bt489L1ybev37+AAwseTLiw4cM29SpezLix48eQI0ueTLnyXsSYM2ve zLmz58+gQ9e0TLq06dOoU6tezbr1ZdGwY8uejdG17du4c2PNqLu3VtrAW/oeTrz4bd7GkzcNzjww v+fP7UGPPj1odKDXsfOzvl279e/Tu1f/F1o9vHTy0rufz74devrv2rNzn4/9ff348Ouz5069vPr+ 7u1nnlDNFdiXeujdd559DDLI3n/3IbggURIqiGB7EO63oIYVkvdfhhBOKB56HA4l4YMTemdhUQa2 GNJVHYa44XoptkfjjDemqGN+CdZ4o40jzjhih/ANqZ+QJvpoY4480ghkkkH6qNyUdQ0oYpFOkvhj hBe6h5+J8smY5ZhBLrmkUWUiaaSW4CEJ5nVPYggnjlJSaedVGcXIX4hR4phmg0TuuKKCW5rp55Hi yXcomUwyaeiZTaZ54pGEBuXipTbpGSGWUg5p3pmBEinjhWpSKmmd6ZWH6Kpsmtqojqcm/wgqi5jW GpOmV8LaI6WuClppfmKCKuymKgbbKnX08Xlsn7q2aqGx9tgqrUu4kjpppEqC55+i4xE63ociyhnu nrsOC+6X8UX5IIDIkqiqilJOK29Ed9Zr77345qvvvvz26++/AAcs8MC5IUfwlABolXDCkTEM1bwM FQXAxBNT5XBQFF+8VsVAcfyWxhiD7NbFFAvlcccOV7ywPSs3JXLIGEtVMlIvKwXxQhJjBXLKI6dc M1ovn/xxyTyzLLHPMf8clcdKG1W001LdrFDOQ83c8swsq3zy01hbzTHPV3/N9NZGh81wxiH7LPbZ WqeN8tpVd/w222OfnXTXcL9tstFEtf/cd9mAr0z33HGjvbfdWSOOuNyH82241Y5/DRRzXmXs98KL +8333oyDzTngcksec+g5C1746EmnTrrjm1++OeeZty6756szDvrpcSeusem83+666q9fPXvnn4ce O9iL2z4w1q8PPzfmqKetdtu2u/607tDnrjjRo6ONPPesW+689tWPbz3w2Gd9NMmosx9+4OY3rrzd mHNvevS+3w2++gcrtTvwIlPZ32TXt/PVzn1Vcx/9ABi//73vc5p7ngHzR7vbNQ9lf0ve9RQHvwmy b4Ok+9/9lJe/2pFQaMMxWPHiN78LFg2EFfxd+aInQgbG0HkLPKAL5UdBG6IPhKdzYPB6ggg/HTKw fb+73gy5Nr7uTS44lSugBvPGvxYmTm9Y1F3w8sa85tEtiV7jIvGuSECy+bBzdQPj4Mgovedl8YQd xCIMaQgzNioxiyQLY/WYVhwV9u+Ct2kavyj3x6t0MTeCLKQiF8nIRp7Fj46MZGuA88dE3sWSkvxj QAAAIfkEACMAfQAsAADmAMgBLwAHCP8A7QkcSLCgwYMIEypcyLChw4cAHkqcSLFgxIoYM2rcyLGj x48gQ24EQJKkvYsCS6JMibIlQZUsSw40+VLmypU1bTa8SPNky589XaqMOPTlzKM2ZcakidMgTIlK Uy6MSrWnT6hPMTbNKrKr168H/4kdS7asWbI4bx6d6VLq2pNwnao1+taiXYY8f7J9y9Nt07h0AfcV 7Dbwwb8711p1irSxX4qIITMuDBbh2cuYM2vezLmz589pA7cVehfu1selAadWjZA0UdSjCU8Wrbjw 4NWGYy5N2BYvYdKSLTKNW5Wo1d7Fdf8mzjSoyc/Qo0uf3vHpXNnA2TYPijpnVOE6pzb/fk3cNkvv uaW+ju33e2Sft8mzpvy+tnqk3/HCFBpf9enu8i2n3m0CVmbggbylxhWB/5k2GYH0taagSeGVZ2Fe zqU3n4PyYdibUUmFVtSHlG1YWnYd5gRfbijuRyJ8QFGIXIE3uYjgjTiyNleM3J2o44izmRiaeLDB SKF5L264HnbmBZngkDo6GSSKsiVGW5JH3oVlilTWtVeOYHoFJZN8zRagfyXuuFp9Vd7n2IUlxtkk gHKy6aCbaE655pspOgRln2g22B+fNNLmZZhhTlfWiBXeOad2HgYYY55jwqgQhJIGih9VEtqW5YBK vZdVqPkVtWKa1jkHFFRyMbjdlxGe/5rcbjViqJyiuOaqK6K8ahhcr9VpZGenwBZr7LEZ6foPsqx6 NCyzuE30bLTQVuuQsthmqy1m1nbr7bfghjvRtuSWS5a46Kar7rrAmuvuuexaa+e08d5IL4733itn vcVmeCxiXGVUa5kVFadqWi6GqNd56LV5WJJ+dnvdpc2aeOiZ/A6krL/G/qUvxU1CTGSe+ypJMMdI lgzrxxYDO3GCEB1KLWLv1rwxh8qNenDOMmq326l1DmfcYoZuamnOJM/pcZ0n43xly47ZCifQCHv4 s6ybrkq1e6/+HGpdCvsMtGmv2my2okuK6CWXUePJNm78PVq024Qu9qfMkRJc3pJXDv9L3tt9NWgX lYS/WajegNKN+OCMfXj249ANZvVoFQ6dZeD7GR5nl0KuXaXlGN+t8tJXSw5eXg+rCTrOxq1ZeaGF Q5r4jJQL7WN7n/KJEuS8c2Z67I6e+buPgqcst96KO7r57S2TbuHUns97n9odfgj828En3SbthCr/ eYGaP9f7+JepTff1cALPYvfPx/q8+si/3P7iUc4P4WF7sVc/ydj3Dz7n3+OcoOrWOMa8Kx/vChZd Moc7q2HtQsNpT6ukNqnlie08tdtXqU7XnbkJr4MOM5PUsNMj9HTJYCQcYcC6drRRPSyFqFPM0DJm D2WJhGU3tBIN14VDdPWQIuQLYln/PpIfl0Vsh+n6obiUKBEhOnFZSIyiFKdIRYM8EVtVzKIWt6iu K36lPhgDy7OmxUQu8quMXVEiGhO1K/xRbI0j8w3MNCctohVMX1tZWMdaU0St4EtaCsTIFW3oxif9 8YiI9KPK/IRHucCqX4Uk4rfUqJFB6up3s+Lbj0xHNlVBCjy/Sc7kkDa7wX0Nd1oSG6lGyDqeedJr r3plquT3twh2smpaG1sttfa1DF6thePRjc54SRNL5mp458temZCZPes9DU/NNOWjzBdNNzLomSDy XuKqeafAERBu/QEgicJoy0xN75v8C6X7qEkYL3IkbbDbG/FaCapP1WiZ+PkmA6EZ/yXCkS6GV1lK 6GDzOkvxJzyYe91/CsrN60xOUPs0kjwl6sxkrpNWPDrWzeCZTG8+jaPavJj/MLic7IQ0m8k7jqkC epVKpQ+d2CvS3QQHqJEaTzAOVVAqMQU2mGJTLzgxpnRKIBYyRfNF+gsn+1CqzHM69aS3E6dhJhbT NMXTot3EKjnZZ9PDXRSaAlwq+vAZIZe48532YY5HlVTCQaHwggmjIK3m6qu3GtRuIGJhVdZnUBlu R64QdGsec4fCFfp1hlOVZTlV9MthSsqeGM2lGWM22TFmEY6SpCFmJ5tZM1pWin1E1mYPydnSmva0 qE2talfL2ta6liGElCNkRuut3P+9NpK/qkwPPyZUd9mrYGgVYyIdeLw47nG2dgxhxXRLrTnelleN HMm/mMq802JJZpQ10G6fa5ld9RKWHuUa31bJUmEStGosJRUppyqky8mSQ3Z1pTCJu0rJvdJM8g0Y 1hz43bHJKpb8PdrW7Ga7U/XWXIFsHezuh1PjXVOmPbXf+cbEyquSTavsddNaqanJMDYsrMtU6oCY RtYNN1S5F0Yxd+eJpH0SbUYavihI1aRWE9NUpxgeq4wfUzu2MQpkJ95xiyt34xgfNWvbdLF+t3iz lO6PYUprWzpnvEDFVVV7OUWfVEuc42A6spA2zTJZ10ZVKfs4fBFuqkAOXK4EB5Anjjl1sPuMSuM+ XfllYu5y8qbMY5+Wcn9h/ik60ywgG1s4zyquYkAAACH5BAAjAH0ALAAAFAHIAS8ABwj/AO0JHEiw oEGCAAYmTCiQob2FCh8adCixYUSLDDMi3GixoseKGh2GjEixo8mTIj1CxEiyJUqOEjXGdDmTZcqL JVPqvPhxp8mVNWH2dDnSJk2gFH2qPMi0qdOnUKNKHfivqtWrWLNefQhAZsOuGbv+FAszKVmZOb2K JIuzI1i0Zw++/cr2J12FcVm6BVuQL1e0GP3+RQryLNu0hxMvRZiXbli1de/+dRs47k3BcxmLNctQ q+fPoEOLHk26tOipqFOrXu20JOvXql2nlg27tu3buHMbNM27t2/TuoMLH/6ROG7Br2kbX868ufPn 0KNLn069uvXr2LNr3869u/fv4MOL/x8vVXnx2kBXy07v3Hxy6e5ZxyceWSj5+9pvMuXMOCpE9lOt d55/7wk3H2w5aZbYWpHpl1t87iUI1YH4LfcbVrHxNBFfl802YIByfWgchaiReFtSE7X10knHTfiU iaxdKOOMNNZYFWCTzcQhckFtRNuORj3m2IaGFeXXSsgtxGOOR0qWI16PMYiYXjxmxuSQGhZHGJSD camgl/81WGRfmzWZ2ZldYkmVjWy2CdqJlOmkloYARtlXnDou5aBS/93ZmI907hcUgH4eJWhjKLLY J0pzJWilXXoNFamSLOqZIk+LDqqpgxUOV2OfhOnHaZKYcjQSqIaWupOda6W4J2dhAv9JZKhZNgpl XZdxuJiiha6o56N87qrqhsMGSyuLbiarbFVwojppqb0mKumpeT47bJA0fQVopZu1tJ60x0qqaYjP bsnrtuIqdWe5WVoqF63Guitip7fVuFiwkAIq4bTYhguupeEGyim7e5Yl77+iGrxqoOuCxPDBCqca 8aHeGupvR8tmrHFvuzaJl7BnhiwhtUgiSuaYNdnqpLVOqnxkfSoXJma3Xt5qs53tPvmotrkixiCj J3NrspJFFiWzTBsnfeF4MNLrdHn0Nh3cvlA/XV0y1Elt9daXVqj1gw2/WB/XtdlL9tlop632QUrb uPbbcMct99wI0m33i9eNjfdzX7v/2N7Wn8bs35JOR0g21ejtXfW8U6vXWs5gI9v25G8KqzjahnPd 9+OcL745iI1XqhunlJeu1VgLhg1mmWq+bLJmdlmJWZlCru6a63eNmXqaTMJMe0i47y7yyrj3uOPu vd9uGZZmEs977rNPKXzwfpm+dIuxP3yt0Y5KfK/D7ELbcMHbUxm+8dovbP6m3otPqcHng0zSnHKK bm7H8jscb753jz8/qf4DTM+2xJ63JKwyNBtL18iXPf3FKWbpMWB/sucT4OlqUre7Fvxi0igpIUxV EMwgA+UEQO5BTHTiMVvCfrRA8F2sQ4jLVwHtgyvxpcuFONxXBFsDL6JEqoEfc995/1b4rg/hq0da QtEIs2Wq85krIdaL4j9kaDkd5tBiNoQUkrDYrn/5yl1GcuINXVWx9b2wa/jLIBCV+LAnyktgbfSe ALm4FClaj4pP+tKV9Bc9NxIpdtFbXR61NcjkUSZle5mTIWEHMI/BRZG0C5vHyHQvlBVykmmaZJWq SMAGHVKTPIuIHU03HRg17XN2Q2X/ADdKypUyQ7BcpXxkScuCtNKVdrulLnfJy176cnK1DKYwh0lM vqlSlcVMpjJXaTb71Ex1zhzcz4jnml9a85rYzKY224TGLKKQceRi3yF3s81ymvOc6FzWcSypJejV TnbLC9H+hOOGZdrznsb5FBPb6ZJFcXJQUBDbmT3SSdCCGvSgGVMXr/oZKsFt8GIEQahEJ0pRbMLp hwt96BsH9EGW4fOjIF2bQrWo0XnWio5eCalKV/oce2GSkZJBGTxT6pja6ewwAqmoTnfKU4LeradA DapQ3cZS75yiqEj96VAneopTLPWpUCVlUrFz1KlaVW5RLahTs8rVrqrzqtJpKljH+raAAAAh+QQA IwB9ACwAAEIByAEvAAcI/wDtCRxIsKDBgwgTKlzIsKHDhxAjnjoVsaLFixgzatzIsaPHjyAF/htJ sqTJkyhTqlzJsqXLlzBjxjwls6bNmzhz6tzJs6fPn0CDCh1KFCjNokiTKl3KtKnTp1CjSp1KtarV q1izat3KtavXr2DDih1LtqzZszhDql3Ltq3bt3Djyp1Lt67du3jz6t3Lt69fjGgDCx5MuLDhw4gT K17MuLHjx5Ajq/xLubLly5gza2YoubPnz6DTbh5NurTp06hTq17NurVryqFjy55Nu7bt27hz697N u7fM18CDCx9OfODWY76TK1/OvLlz5sWjS5+udw1148+za98e9Lp3e9zDd///Tr68+fN6+aFfz749 7J0C+amPH3E+Qfn4M9ofiH8/Xvn82defPf35R2B+F4mnIFbxCVifQQZeZKCD6Qk4X4QYcrTghlQR SN+BADZ4IX8g3gdhiOpdGGKJCH7ooYgBqjgifSnCWKKNNHpY40ET8oiiji1ix+GQTr04o44kOjjh gEoeuaOLJH6opIk50njki0hCiOSTBfXYZZJOFkQkUACUCcCYJxnp4pNsYhnlm2wySeF9LRZ4IJxY thkjgCtGOaKMbwa6Zp6CoimUmWd2JsNSBbY5ZZVU4jknnW5KKWiDhD7qJob7zcjlpFAOOqd/hpZK VKeZJqnql5HquWmlhMb/CqmjgU6KKpWj8shqlrHOZ+qvQKE6II7D9rnklQjWeauUKK6oLJ90Anqj oBY6i1CxP4pIIbDc8uTeaRGK1O24N31rWrjgkWuouey26+678MYr77z0tgdAQfcelG9H+yLUb2b/ 6lvvXYgGDFHAiPJV5kALC5RwwQYlrJHBE+NrD8IKUZyQxg6T9i/G7qazEU8cHxwxw3s1fHG+Bres 2cf+ZhxRySX7VXPNgMnGEcIN38uyymau3O++RAPdc88o++zw0UUPffHTSgtsccRI+xx0zELjq/LS SHcscdRBR/00wwuDbTTTZG+d9dph/3w21yyjLHXcX3MtNM9xj2312+yR//xw0nlDTRDIeic9uOFe Bz624CcrLfbUh0NudceUN76Q014jLvjjYmO+suWZh7746EQXzvjop3eONd2Ge+666ar3ixYcV8Es OsRAU3122aXfvvjQD4PM+tqoF19678Unru/VlcfeOumiNz942IBTXzn0oQ+vt/WFa+x46qf/Hvnm 5Csvbni2g0+18dKvf7zmnk8fufbiQy63+sn//vr9zmfOefT1E9/7xhe/AWqvf93bGPnetz/pfU91 S0tXbHYmuQA6jXCBuyD8AsjB+JmOg/dzIP+uh732idB33xthBU8IPuSVEGwo3OD1MCjCBtavdy7E mXRIprsZoi2CIXSb3TmGeDfS/ZB5JGyaC6d3xLQtcW+6A97uisg47rWMc1f72hSZOMS87U2JFhyf Cg1YthASD4fVO19oAgIAIfkEACMAfQAsAABwAcgBLwAHCP8A/wkcSLCgQYIA7ClcCKChwoQMHdpr CHFixYkLMVqESDFiRYoJL3bc+FAiw4waN35E6ZGjxI8jUz4kiRJkRpslHeIMmTPlxYgyd46MidNj T40cVbb0ebLpzaYrXfKcedPkSqYjD2rdyrWr169gt7IcS7as2bNo06pdy7bt2p9uycKN+5Su3bhz z/7Me7ev37+A/4blGriw4cNq+d5VjBfxYcZjRTo2PLiy5cuYB07ezLmz58+gQ4seTfpzZoKlU6te zbq167GnY8ue/W80ZLu3Web+vLttb8S/nfYN7tjk29fIU0MmLvN4cbNz9+qFLhxtUerW6e6Nib15 Tebey/b/vpq8PGjw2d2in+675uLq3ROnZS6ZLfnI6+U7D2++f+KXUOnEFElTIWVcTlJRZWBSNAkV EkxSJXjSVDY5eNRM1xFI1IHRvTSUgBJuF+FS8A01oU7cUZWgVQBS6KGIRxWoIYv5+cfWbFdR+FRU O04oHI8Y+hgkkBgxWOCR3rUoZJHwManggE4GpduSR8IlY49BPtkglVBKh5SKWCWVV31huqcgkrSl qeaaXIFEnmRR5bigcXGaGCFPROpYZIVLOoVknlZC2aVKZLb0548diXiollzmWZ2RYLqJ1Xd0+pmk pZKyqemmAv0V3Y9d6sjglFliKZ2jkHoZJaaNfoellGfy/xdoXVG+CWutgr66qKBu6nklkbyyauak NoqGI1RfcqlssKXaOmSrX6JKKq7APomkpc0OG6uj29K665jE4mqtqdkCe5+ts4abEKfsqgmYiSoK qBS8QR2oFE3WAtggvEbqa6C3CA6I4qmPXptiwFvGW6+8S+XIXVEbeshslv2OGuLDVY1alcD2Fuvx x/udB/LIJJds8smentcxyiy37LJfs70s88w013xju2LZrPPOPPfsccxNpqdcoexpt1mNRfu8smtX koZzzoERh3RkQgeN7bR8TU110o2RHJzW2hqaHZ4+89Y1cFUzOiy4aRsG9tYjf13cp+29PXLMFnJc McKJQv/IN4cvZuz3jDA++CDCW8J47+IaYhgxxfqm+KG9ktsZ4+NMJlqwhEbpXWqTY6L47MWU0+gk 5gs9zam05aqb7LeXft5ttuNS3Lrj4rmObOaNBtq07tOW6Xqcsda+6uzU0k2pl2Lyzu2UIlnMn+qb 1qkkodQKKSafsocrrLi3+hqm5rqRD/7ryZs/r0VY53rd839yL6WqTct5p6xJp+r8sgGTKWnH1DNI yrqnJ2idTnbV8h7yrhU+9FUrXbDbHdkQ+L1K0a54CzQgBo+XQPtpiW25k+D+nue9+wBlZvBjFeua dzuAQRB4/nOgBjN4rkgN73sNrKHxGAg7E77whRj8HazudNg8spHQXFdLVmrwNjlaJWxykFpQ8QCn McRtyH0T3J7pwiO/EYnQYP5a38HopSjB5cuLCSsJ6MLYuTOqjShtBNMIY7S5FWXsQhAJIJueU7Y+ vkc/6vFjaPS4Jj4K8pAh41oiEekYQmqGkZCMpCQnSclKWvKSmMykJjfJyU568pOgDKUoR0nKUpry lKi0pCNXycpWuvKVsIylLGdJy1ra8pa4zKUuWZnKXvpSlLsMpjCHScxiGjMsv0ymMjN5zGY685nQ jCb1lknNalrzmtjMZmmkyc1uevOb4AynOLlphHGaU5jaTKc618nOdqYzIAAh+QQAIwB9ACwAAJ4B yAEvAAcI/wDtCRxIsKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyBDiuSYa6TJkyhTqlxp 8Z/LlzBjypxJc6aJmjhz6tzJs6fPn0CDCh1KtKjRo0iTKl26k6XTp1CjSp1KtSpLplizat3KtavX r2DDih1LtqzZs2jTql3Ltq3bt3Djyp1Lt67du3h1ssrLty9Xq4ADCx4cWJ5heYQTK17MuLFjp4cP P55MubLly48jG8Yc+Cjnz6BP0jXstzROBahR20utmvVA1QJhx35NO/VqggoOun4te7Vt1rlp18bN u/Vu3LZjB/edW3bw48qNJ/ddfDlw5tRnR1+evft058y5e/8XHty0eb/itd/W7py7dfLq1xd8L/+5 boPu5a8Xn174/Pzj9aeff8r5ByB79AnYnnrPvUdfgQxqd96EePX3oH3N6Xche8ThNxxxFnr44Wzp KXhffSSmeOJ8HdoXH4AZ3iagjDTyR+ONHKJIH4U8bpXRdRFymKGNQ8JHoIEDNnhgda2BiN908Rm5 35TY/bekiw9qqGKM9xVJ5JQwRphlaGSCdFSI2xn5JZcuRplmkiy6md+c0Q1IHmxtYgnnimGGF2eO RVYJKJwYaknliwL1qChcaB6qp5NsIirikTbK6eSIOP4pI5B6Vjqpdde1KWmhVwrJIqkgAmnooqwi 9SOfUlr/OmqHmgZJa4mX5pjpn1xSCWqtSCKaZZ/ZDRtngryhaKidZTb70ZmwYmrnhdI1B6WF7fWG 653a/gZdmnM2WeC30Bl7IKhsortkfeCN+92tHbYqL1HO1mvvvfg25lm+/PY7779A9SvwwAQXbPDB CCes8Eb7UjTjwhCbBPDEM/0IpaDgWXvtr8ntVq5r4SpZ4m+3/sqgtxd7913KKHe78rbsmsvyxdny p+6KETsLra0Njjhysoe6Ca+aCXnKLtBBM4s0srIKvayneQpLKYHtarhhnBRnrRSdkEaJa6CiKm2r rwjBTPaNvTp9tope08prrTF+6fPbgxKtbLxa510U18OF//012sUF/imngh8ZHp6m7urnsVJPbfjY hLbNN9R21z3menpnLhTfW+7Zoq6ODw26pG4/iiqwlWdqtIlt042pxiNrC7rpKWOu+e09cQ640ZZP 2jSxVPsOu7iBuo0cyLl6rvSYMMvdOePbiUtiqEKXh7u8r/J8MrCVmj1t8N8bz3m6rQuv7OXrgs/s uY17LmqkWl6e8/y60Vx1b+HXVu2brm8Ke/3SU93RwFWuVNXsSfJLEv4o5bL3lS5+73od6uhHwQpa 8IIYhEjDMshBp+QNEtfzSQdH2JIQmjApJEyhRE7IQqOo8IUOaWEIs3e3mt3sSiDL4YIgFL3FLe1l C1wZ1f9MhjEH2S9Yx7PS8ArnMR2ybmkw5NfOarg6TaWvhjwMIhLHM7qhVU1lQcrYELeIRfPpKm3o W5f1ZMhGn1zNgU1bluhQ1bxgOfCJKbpjjU4Fps/pCG7Lm5qD+kdG27XxkDrZI9Mgdzj3HOeNe3Qd 00LGO7B1DY278+MgxRdIyXWsY4+7mYQQScqaKDJW6Hvg4NoVtpj1SXeCZBvZ5Fa8teVPlqJjGxpr V8Y1lpJiGvFS9K6myupJ6VFeZFKv0hZLAfbxUrUcXiqTl0scYbKT54tivvZFzLsp74qQNF4vc9VK OyJtT4uUHhzXV8iniYmQ2iPIL7W2kW4yj2Tqy+U19QkiQRsi0EBqZGKyHlnNwvHPZqKkHgPR9Tht kmmDDo3oPLMWEAAh+QQA4uR9ACwAAMwByAEvAAcI/wD/CRxIsKBBgvYSKlzIsKHDhxAjSpxIsaLF ixgzatzIseHBjyBDihxJsqTJkyhTqlxZsKPLlzBjypxJs6bNmzhz6tzJs6fPn0CDCh1KtKhRiyyT Jl2htKnTp1CjSp1KtarVq1izat3KtavXr5S+ih1LtqzZs2jTql3Lti3Uo3Djyp1Lt67doW7z6t3L t6/ftHcDCx5MuLBhoX8TK17MuLHjf4cjS55MubLly5gza97MGenjz6BDix79tLPp06hTq17NurXr 17Bjy55N+ybp27hz697Nu7fv38Cr1h5OvPjq4MiTK19+0rjz59AnM59OvXrw6Niza49rvbv375+3 i3gfTz7n11vg06tfz769+/dnP8GfT7++/fv480ctz7+//4z6BSjggAQWaOCBCCao4Fn/Nejggwkt KOGEFFZo4YUg/XcAhBz2h+GHIIYo4ojgdWjiidCRqOKKWaHo4oswxijjjHixaOONpdGo44489ugj jTgGKWRKAQEAIfkEAB4AfQAsAAAAAMgBAAIHCP8A/wkcSLCgwYMIEypcyLChw4cQI0qcSLGixYsY M2rcyLFjRXsgQ4ocSbKkyZMoU6pcybKly5cwY8qcSbOmzZs4c+rcOdOjz59AgwodSrSo0aNIPfJc yrSp06dQo0qdSrWq1atYs2rdyrWr1689k4odS7as2bNo06pdy7at27dwfc6K2xGsSA928+rdy7ev 37+AAwseTLgwTbqIEytezLixRcOQI0ueTHmq48uYM2veTLay58+gQ4sOybm06dOoUycczbq169ew Y8ueTTu06tu4c+vezbu379/AgwsfTrx47ePIkyu3V7y58+fQo0ufTt3o8uvYs3uuzr2796Taw4v/ H9/3u/nz6NOrX8++vfv38JWSn0+/ftX4+PNLt8+/v///AAYoIFT6FWigcAMmqCCABzbo4IMQRijh hBRWaOGFGFq44IYckpfhh2R5cGGHJJZo4okopvgViCy2OJSKMMZImYs01mjjjTh2JuOOPAaW449A BinkkEQWaWSPSCaZl5FM0qjkk1Bm1eSUIEZp5ZVYZqmlYFR2OeKWYIYp5phklmnmmTh5qeaabLZJ HJpwhunmnHTWaedlceap55589unnn8ndKeighBZq6KFOAqpoiog26uijkB606KSUVmrpjJFmqumm nHbq6aegTnjpqKSWauqpqJIZ6qqstqphqrBq/+fqrLTWauutdsaq66689goSrsCi5euwsQVr7LHI +kbsssw2W6oIzka7l0MiiJDstR+pBK203Ba2bbfgerWQtdiW21G15qarEbnqtlsRu+7GK++89NZr 77345qvvvm6F66+VL/wrMF8vFBzwwDOhgDBPBh+88J/ANczvl8c1/HCczxU8MYQXdyzlxvd6LPLI JIsGcsglp8zUyfaq7PJOLNf78sw3xWzzzcDSrPPOPEuF889ABy30nD0XvdLQSCet9NJMN12d0VCf 5PTUVFdt9XlRZz3S1RCqwpnWYDPH9dhksxi21mWnrfZZm2yytqdtv91p3HJvSnfdmd6NN6R6A/93 toxtL7f3cH0Pjmjhhh/q9n5/Q524po1HLnmJ0Bz3eKaT93x5pJl37vnnoKf6qNiPh/7y5pCa7jLq rLf+200dqE6s67TXrprsuOeOqu289+670LqP/PvwxBdv/PHeBS8y8m2GzULWzEcv/YvKV299n9N7 ef32NK3C/ffgc3tI+KNlb/756I9O/vrXJ+D++++zjyr89CeAZfpMyt9aCQLi7///ANSe/gZIwAIa 8ICZC6ACAYjABjqwPgsE0gN9FcFQNQKAYTDPBDfIwQ568IO7q6AIW/WGEQ4NhCiRBgpXOBgTuvB4 LDTVC2dIwxqmJ4Y4zKEOJWfDKp2oFjvESg//QdaBIRrxiDdrwmmCWCkkvoqJi3KiFKdIRYkAQS1Q nFQVI5TFLnrRMlsMoxjHSEZBffGMaIRMMNLIxhWW0UBt1NMbCxTHPNXJFsOrox73yEc/zVE/fTTT H/MTyEIa8pD3u5onBtlDRDrykZCMZAMZGR9JJpKSmNyYJTfJwkx68pOgDKUo5cXJKI0SPaVMpSpX yUrHnfKV6WqlLGdJy1r+C5bfsSWMcJk8XTKKl8A0li/1oo5hGlN/AEimMpXJlWAWZZnKhMsxTeRM 6kzzmtjMpjb/Ao5tCqya0/GmgsBJTleJ85xhKyd00MnOdmJTnfD8lDv/E8/mzPOe+JRlPY2T/89+ +vOfAA0ooPZJ0Mt8o6DBEqhCF8pGhAaHodlxqN8gStGK5lCir7NooDDaG416lFcc7ehHaxPSkrpp pK/hn0hMqhuUulSGLI0plV4qG5nehqY4baJNd8rTnipQJqPIqVCHStSiGpUkPk0qjo7K1DMp9amJ aqpUp8ozqFr1qljNqla3ylXUULVHlwhMK75K1rIWq6topaNZDZPWtuJnrWx1qzThSlcZyfWu7Klr CxWCDLz69a8S1KtgB0vYwvYRsGsx7E6uMLIWKPaxkI2sZCdL2SiBYVquAsPYKisuxKaFs13xrGhH u1TQboW0qE2tatXnq6AecLWwja1sZ0vbCngtA5Wmza1un1Tb3pZmt0L0bVCAS9zi/lK4PzEuVZDL 3MYoF4zNjS6+LgDD50ZFunWxrnYxhd3usmW74A2veMdL3vKa97zoDdcf+OPd9rr3vfAlZHptEt/6 ImW+9LVvWcQgXfz697+F0a+AB4xFAMeEwAjOroFfEhAAIfkEAB4AfQAsAAAAAMgBAAIHCP8A/wkc SLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLFjRXsgQ4ocSbKkyZMoU6pcybKly5cwY8qcSbOm zZs4c+rcOdOjz59AgwodSrSo0aNIPfJcyrSp06dQo0qdSrWq1atYs2oFaWOr169gw8JMSras2bNo 06pdy7at27dw48qdS7eu3bt48+rdy7ev37+AAwseTLiw4cOIEytezLix48eQI0tOK7ay5cuYM2ve rHKy58+gQ4seTbo00i2mU6tefZiz69ewY8ue3ZK17du4c+vezbu379/A99IeTry48ePIkytfzry5 8+fQo0ufTr269evYs2vfzr279+/gw4v/H0++vPmtwdOrX8++vfvH5+PLn0+/vv37+PPr38+/v/// AAYo4IAEFmjggQgmqOCCDDbI3Xu2UQDhhBRWaGFdDmaoYVgXduihXxuGKKJVH5ZoIoYjpqjiiiy2 6OKLMMYo44zMnWjjjTjmqCNoNPbo449AqrjjkEQWaeSRcrWkSpBMFojkk1A+1OSUG0Zp5ZUGUanl llx2CR6WYIYp5phEemnmmWimeRyZbA6p5ptwxinnnHTK2OadONap55589unnn+ThKaiJgBZK3aCI dmjooow26uijkEqV6KQURmopbZRmqummnHbq6acEXSoqbKCWetuoqKaq6qqsturqqySZ/+pXMrL6 BOutq0qC66689urrjLUGK+ywxBZr7LHImvrrsjkl6+yz0IbJ7LTUVmvttdhmO1y03AJGkzTahivu r92Wy9e46Npj7rp4pTsuu/DGK++89Cbq7r345qvvvvz262+c9QaM1r8EF/yowAiTZfDCDPuZ8MNG NcwrxBRXbPHFGGescXoS77rxxxN1PGovIlML8skop5xeLSr3Nk/LMAdVMqwx12zzzTjnrPPOPPfs c7EzuwRP0EQXbbR2P298tKpJN+3001BHLfXUVFdtdVtLZ611gffUdnXAW4ct9thkl33012inrfba rJntKNvxut0o3PDKbffdeOddE93s6v/t998P8m0u4HwKbvjhiCeuuNUrAkP448su/izklFeunOSY Z66b5XJq7vnnpnEu+uikl256f6CnrvrqrLfOKdntHOz67LR7e/rtuOeOa+289+77zrpz+fvwxLMV /PHIJ6/88szfWvzzcqmjDvRtSi/96nKq0/z2GR42BfWOcS/++CGBPyj5wJrv8y3QA6B+m+6/z2b8 8KG/GQD2v4g/dvLzRX//YfofAK8kwAFGqYAGfFr+YJRAaS3QRQ0E0wMnSMEKCiiCWLKgkDDIwTYV oYPF02CKQEhC9YlwRJt6Qgk9pK6IjIF2JxTRCvn2gBna8IY3jGGIcMjDHvrwh0AMohD/k6XDKg3x iIkrohL5pIMlZguJUIyiFO9iHEEoJxv569QceAenOTiRQV784oLCSLkpWkiMaBSbGSuUxgSt8Y2M a+OB4EjHOtrxjlGSox6Lhsf17PGPgAykpPo4FAQGRpABIiTHEPkfRQaHkY105G8g6R9JWvKSmMxk 6CjJyU568pOgdJcmR0nKIIbylNey4zbYg8r6lPJUrYwluV7ZNlnGJzI2oKVDbMnLXvryl8AMpjCH SczA6TI1xfTOMZcpr2R2x1wH4JszjcnM0UxzO9XMpjahd02kbTM03QznqK4gzm1985zobF05rXMQ PqSTMeuMpzzP9k7JzPOe+MynPvfZ/6x6+rNU/KzRP+sX0ILGaKAENahxEMpQTfVLHiZrqEQRpVDk TFQxFV3TRRGT0Y6OcKOt8ag5QUrSkpr0pCAV6UhRytKWWkylmHIpiGBKUwXJ9KY4pRQ3hlLT2OTU U5TQZE9J9dOiXuh2sBgquozK1KZa7RlOjSpclOoaqVr1qliFGVU5k9W3bHUzXXXLVzUTVqyN9axo NVNZjbcsSKT1K5CIq1vfihW5zpWuVrErXrMS17369a+ADSxUCGmARwoWK4rZx1oXy9jGOvaxkI2s ZN94WMRO9rKJqexVMBsxzXr2s6ClEpFgwNlShnaQpRXKaaNCEUOmdiOufW1BYrK/1Wg2pba25Qlu 3dUCa+02tyiJSGxle5HhEre1x03uWYDbFOUqhbnQfY1zOxJdnkz3utjFaHV1kt3uRlYM3g2veMdL 3sFtt5/lhch50Zve9j53vTZxr5TgG1/52ve+RaFvffHL35DplyYBAQA7 ------=_NextPart_000_0005_01C6F129.745357D0-- From owner-namedroppers@ops.ietf.org Mon Oct 16 09:56:07 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZSwp-0006RC-Sk; Mon, 16 Oct 2006 09:56:07 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZSwX-0007BA-RK; Mon, 16 Oct 2006 09:55:52 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZSqK-00068p-N8 for namedroppers-data@psg.com; Mon, 16 Oct 2006 13:49:24 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [192.134.4.11] (helo=mx2.nic.fr) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZSqJ-000684-Gi for namedroppers@ops.ietf.org; Mon, 16 Oct 2006 13:49:24 +0000 Received: from localhost (localhost.localdomain [127.0.0.1]) by mx2.nic.fr (Postfix) with ESMTP id 5B33A26C214; Mon, 16 Oct 2006 15:49:22 +0200 (CEST) X-Virus-Scanned: by amavisd-new at mx2.nic.fr Received: from relay2.nic.fr (relay2.nic.fr [192.134.4.163]) by mx2.nic.fr (Postfix) with ESMTP id AC47226C20E; Mon, 16 Oct 2006 15:49:16 +0200 (CEST) Received: from bortzmeyer.nic.fr (batilda.nic.fr [192.134.4.69]) by relay2.nic.fr (Postfix) with ESMTP id 9E80D58ECFE; Mon, 16 Oct 2006 15:49:16 +0200 (CEST) Date: Mon, 16 Oct 2006 15:49:16 +0200 From: Stephane Bortzmeyer To: Niall O'Reilly Cc: Namedroppers Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool Message-ID: <20061016134916.GA22900@nic.fr> References: <452E11ED.3060708@nlnetlabs.nl> <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> <452F33C7.70209@nlnetlabs.nl> <936D4DA8-A804-4BA8-B421-181547841B06@ucd.ie> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <936D4DA8-A804-4BA8-B421-181547841B06@ucd.ie> X-Operating-System: Debian GNU/Linux testing/unstable X-Kernel: Linux 2.6.17-2-686 i686 Organization: NIC France X-URL: http://www.nic.fr/ User-Agent: Mutt/1.5.13 (2006-08-11) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 79899194edc4f33a41f49410777972f8 On Fri, Oct 13, 2006 at 03:53:14PM +0100, Niall O'Reilly wrote a message of 31 lines which said: > The disadvantage is that each instance in the clone has to be > individually provisioned. > > But that's "operations", no? Or, if you want to put it in a protocol, RRP or "EPP mappings" are the obvious candidates to do so. (I believe that some TLD already offer the ability to manage such a "cluster" of domain names, providing they have the same delegation info.) I agree with Jim and Peter that it should not be in the DNS. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From yoygpxg@tntpost.com Tue Oct 17 04:09:10 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZk0c-00025D-B0 for dnsext-archive@lists.ietf.org; Tue, 17 Oct 2006 04:09:10 -0400 Received: from [58.48.230.77] (helo=[58.48.230.77]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZjmj-0000cW-Lg for dnsext-archive@lists.ietf.org; Tue, 17 Oct 2006 03:54:56 -0400 Message-ID: <000801c6f1c1$764df340$4de6303a@microsof8f9810> From: "Archives August" To: dnsext-archive@lists.ietf.org Subject: sure about the Date: Tue, 17 Oct 2006 15:54:24 +0800 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0004_01C6F204.846C7850" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 3.6 (+++) X-Scan-Signature: 08868c2bcdb53bddcb7cc7e7cf96b038 ------=_NextPart_000_0004_01C6F204.846C7850 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0005_01C6F204.846C7850" ------=_NextPart_001_0005_01C6F204.846C7850 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Suspended more long nobody takes over at or most expect updates Firefox = replaces Javascript could generation Error Console Firefox is. Selected eg of selective copying a deleted reopen Complete easier is = porting single patches dialog of visible least out in Winstripe themes = appearance available four? Heroin Inhalants Ketamine of Khat Laam lsd Magic Mushrooms is Marijuana = mda Mdma of Meperidine or Mescaline a Methadone Meth Labs Morphine = Narcotics a Nexus Nicotine Opium Oxycodone Oxycontin is pcp in Peyote = is. Nicotine Opium Oxycodone Oxycontin pcp Peyote Cactus Poppy of Counter = Predatory Raves Ritalin Rohypnol of Salvia Divinorum Pedro stp Thebaine = Tobacco. Infofacts vs Nonsmoked Dasis Cocaine Addiction Ondcp Fact Sheet audio or = video stuff ahover amp. Against am fastpaced game score wins is opponent good or Full screen = pencils. Issue set or reduced a separating lines px gmt Hours Powered phpbb Group = Logo in Copyright Rights Reserved Policy log Register. Chrome Content is provides search of box seen a History Bookmarks = sidebars some. Took or Changed is accesskeys Context gt Evaluate problems hopefully a = hardly any never Initial Last edited sat times am total Profile pri msg = Quote asqueella Russia Moscow a Nice. Statistics rose in percent incidents a fourfold Museum quotdea am = History effects those am although since risks exist blood vessels am = heart rate pressure. Customize way keyboard shortcut displaying wont happen Either use = keyconfig or Developer adding shortcut or id detailed am timestamp stack = is trace etc. ------=_NextPart_001_0005_01C6F204.846C7850 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable
Suspended more long nobody takes over = at or most=20 expect updates Firefox replaces Javascript could generation Error = Console=20 Firefox is.
Selected eg of selective copying a deleted reopen = Complete easier=20 is porting single patches dialog of visible least out in Winstripe = themes=20 appearance available four?
Heroin Inhalants Ketamine of Khat Laam lsd = Magic=20 Mushrooms is Marijuana mda Mdma of Meperidine or Mescaline a Methadone = Meth Labs=20 Morphine Narcotics a Nexus Nicotine Opium Oxycodone Oxycontin is pcp in = Peyote=20 is.
Nicotine Opium Oxycodone Oxycontin pcp Peyote Cactus Poppy of = Counter=20 Predatory Raves Ritalin Rohypnol of Salvia Divinorum Pedro stp Thebaine=20 Tobacco.
Infofacts vs Nonsmoked Dasis Cocaine Addiction Ondcp Fact = Sheet=20 audio or video stuff ahover amp.
Against am fastpaced game score wins = is=20 opponent good or Full screen pencils.
Issue set or reduced a = separating lines=20 px gmt Hours Powered phpbb Group Logo in Copyright Rights Reserved = Policy log=20 Register.
3D""
Chrome Content is provides search of = box seen a=20 History Bookmarks sidebars some.
Took or Changed is accesskeys = Context gt=20 Evaluate problems hopefully a hardly any never Initial Last edited sat = times am=20 total Profile pri msg Quote asqueella Russia Moscow a = Nice.
Statistics rose=20 in percent incidents a fourfold Museum quotdea am History effects those = am=20 although since risks exist blood vessels am heart rate = pressure.
Customize=20 way keyboard shortcut displaying wont happen Either use keyconfig or = Developer=20 adding shortcut or id detailed am timestamp stack is trace=20 etc.
------=_NextPart_001_0005_01C6F204.846C7850-- ------=_NextPart_000_0004_01C6F204.846C7850 Content-Type: image/gif; name="phpBB.gif" Content-Transfer-Encoding: base64 Content-ID: <000301c6f1c1$76493850$4de6303a@microsof8f9810> R0lGODlhYALMAYf2AAAAAIAAAACAAICAAAAAgIAAgACAgMDAwMDcwKbK8EAgAGAgAIAgAKAgAMAg AOAgAABAACBAAEBAAGBAAIBAAKBAAMBAAOBAAABgACBgAEBgAGBgAIBgAKBgAMBgAOBgAACAACCA AECAAGCAAICAAKCAAMCAAOCAAACgACCgAECgAGCgAICgAKCgAMCgAOCgAADAACDAAEDAAGDAAIDA AKDAAMDAAODAAADgACDgAEDgAGDgAIDgAKDgAMDgAODgAAAAQCAAQEAAQGAAQIAAQKAAQMAAQOAA QAAgQCAgQEAgQGAgQIAgQKAgQMAgQOAgQABAQCBAQEBAQGBAQIBAQKBAQMBAQOBAQABgQCBgQEBg QGBgQIBgBKBgQMBgQOBgQACAQCCAQECAQGCAQICAQKCAQMCAQOCAQACgQCCgQECgQGCgQICgQKCg QMCgQOCgQADAQCDAQEDAQGDAQIDAQKDAQMDAQODAQADgQCDgQEDgQGDgQIDgQKDgQMDgQODgQAAA gCAAgEAAgGAAgIAAgKAAgMAAgOAAgAAggCAggEAggGAggIAggKAggMAggOAggABAgCBAgEBAgGBA gIBAgKBAgMBAgOBAgABggCBggEBggGBggIBggKBggMBggOBggACAgCCAgECAgGCAgICAgKCAgMCA gOCAgACggCCggECggGCggICggKCggMCggOCggADAgCDAgEDAgGDAgIDAgKDAgMDAgODAgADggCDg gEDggGDggIDggKDggMDggODggAAAwCAAwEAAwGAAwIAAwKAAwMAAwOAAwAAgwCAgwEAgwGAgwIAg wKAgwMAgwOAgwABAwCBAwEBAwGBAwIBAwKBAwMBAwOBAwABgwCBgwEBgwGBgwIBgwKBgwMBgwOBg wACAwCCAwECAwGCAwICAwKCAwMCAwOCAwACgwCCgwECgwGCgwICgwKCgwMCgwOCgwADAwCDAwEDA wGDAwIDAwKDAwP/78KCgpICAgP8AAAD/AP//AAAA//8A/wD//////yH5BAAVAFkALAAAAABgAswB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuX MFH+m0mzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKneozptWrWLNq3cq1q9evDqmK HUu2rNmzaNOqXcu2rVumYOPKnUu3rt27ePPq3cu3r9+/gAMLHky4sOHDiBMrXsy4sePHEN9Knky5 suXLmDNr3vwTsufPoEOLHk26tOnTqF1yXs26tevXsGPLnk27tu3buHPr3s27t+/fwIMLH068uPHj yJMHTc28ufPngpVLn069uvWz0LNr3869u/fv4MMX/75Ovrz58+htil/Pvr379/Djy59Pv779+3fT 69/Pv7///wAGKOCAQuFn4IEIJqjgggw26OCDEEYo4YQUVmjhhRhmqOGGHHbo4YcghijiiCRuR+CJ KKao4oostujiizDGKOOMNNZo44046lbijjxml+OPQAYJW49ESsREkUgmqeSSTDbp5JNQRinllFRW yZIOVmappUhCdunll2CGKeaYwm1p5plopqnmmmy26eabcMYp55x01mmndmTmqeeefPbp559F3Sno oIQWauihiCaq6KKMNuroo5BGqhCglFYapqSYhmjpppzmmOmnHXYq6qgwgmrqqaimqmqUWK4KEqmw xv96oqu01mrrrbjmWqKsvPbKn67AwufrsMReF+yx7BWr7LLHIevss9BGK+20jDFr7bXYZqttn9R2 i9q24IYr7nFbjGvuueimO5u37JKm7rvwxivvvKu1ay9o9Oar77789uvvvwAnde/ABBf8ZMAI52vw wof5KkPCECPF8MQUV6xhxBhnrPHGoj4KgMXicWwTACIr6+jHIKes8sost+zyyx+VLDOzMNds8804 56zzzlvO7DOxPAdd0s9E8yp0exO8WfTSTDftdHVHRy311FRXbbVB9Vzt2dNcd+3117VpLfZDQIEB 9tkyjg3SOjCj7XaXased0Nt012333UvJrXdBePf/7fffgAcu+Kx7F2744YgnrvjijL88+OMANq41 5JT/KvnlmLNc+eacd+7556CHLvqMmZdu+umop6766qy37vrrsOs1+uy0105cM7bnXmnsvPfu++/A By98e8QMb/yZuid/2/HMN+/88yErL71s0FdvvZTTZ//a9dx3n2TXfixVjfa8eW/++einr/767B9K /vvwxz9g+9LKb/9k9Oev//789+///wAMYEPuR8ACGhA5AsTVARfIwAbiJoG3cqAEoQJBW03wgnCp IK0wyMEOehAtGtzgB0dIwhKa8IRRCaGrUMhCmqhwVS2MoQyfcoc7KM8gH/BdDV+oqh0ybIZiqSHt /6p3B4MBkSxCPCIJk+g57/mQh6cqoreUSMUqWvGKWMyiFrfIxS6GC4pgDKMYx0jGCnnxjGiEXBnX yMY25iyNcIwj3tz4KDkSkI6OsqMe98jHPvrxjwTCY6MASchCGvKQiEzkkAS5KEU68pGQjKQkJ1kg RlrykpiMFiU3yclOevKToAzlzzLpPlGa8pRfIqUqV2kRVPpqHetwpeBgSUvbsBJBtGRbfmR5rVry 8pfARNctBRXMvmHEFcPEXjGXycxmOvOZHEumNA9jgdZB85rYzKY2t8nNbjZlmtOsBTjHGSdvPo2c 6FylOZ2WznZicp1Nc6c8BQnPetqzXvPMJxvvSf80ffqTjPwMqEDf8s+CgnGgMmuQDAzKUBgi9KEQ FUtDJwrBiG6MolWyqMYwSiWNnlAOHg2pHTk6JZFCjKQo1Z9JE5bSlrJvpQhzqZNgStOa1kSmOM2p Th1j08n8oqdADapQEbnTolILBUZNqlKXytSmOnUlQ1XYU0UUVXql7h1TzapWNVXVrnr1q2AN5VbH WrqwqousaE2rWtfK1tOZNV1tjavc3ipMudr1rnjNq1736rsyEIau5+KrYAc7UYhu46KEVRBgF8vY xtYosYp1rGQnS9nqrGI5kM2sZsdZ2c569rOgDa1odbJZA432tIksrWpXy9rWuva1sI2tbPOCWl9x zfa2uM2tbnd7l2e8pLbABSRvYaKE4WY0uMhNrnKXy9zmOve50I2udKfbOeNa97rYVSt1JaiI7XpX VtkNrz3IkcfVSOC76E0vPMULHfW6l4Psfc57xxTf+trXdPMV031Tk9/+LnC/3/KvlwB8GgF7KSAA IfkEABoAWQAsAAAAAGACIQAHCP8A/wkcSLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48g Q4psaK+kyZMoU6pcybKly5cwY8qcSbOmzZs4c+rcybOnz59AgwodSrQozJFIkypdyrSp06dQo0qd SnWj0atYs2rdyrWr169gw4odS7as2bNo06pdy7atW65V48qdS7eu3bt48+p1+Lav37+AAwseTHjo 3sOIEytezLix48eQI0ueTLmy5b2FM2vezLmz588/L4seTbq06dOoU6tezbq169ewY8ueTbu27du4 c+veLRC079/AgwsfTry48ePIkysXy7u58+fQRS+fTr269evYs2vfzr172+jgw4u0H0/Xu/nz6NOr X8++vfv38OPLn0+/vv37+PO7Jc+/v///HOkn4IAEFmhgSgUcqOCCbPHFIE8ARihhZQ9WaOGFGGao 4YbyOcihTBOGKCJjMQlgoj0nniQAiiitaOKLKcLooowvmlSjjTC2mGOLPKroY0k03ojijSv2mJKQ LOoYpIsfNukkSnwVmaKNSVJZpJFA/ojjllVWeWWWWrL45ZVMYjmkj1+CqSKZUh4ZZpIjxiknXgEB ACH5BAAaAFkALAAAIABgAiEABwj/AP8JHEiQoD0B9g4iTJgQ4UKGDhlKfNhwokSFEBdSfEjx4MWN HiGK7Bgyo0WSKDlqvFiyZciCMGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjQkNGFFlyJUuSFqMy BVmR5ceRTCuivPq0K9epXqsyRUq2rNmzaNOqXcu2rdugSls6jRvWKtWrd6F+XSrXZV+7df163Jq1 6tvDiBMrXsy48UBbjsnS5ShWo4DLmBteBlwYa+HMVpuK9ixVsELMoDtrrdtxYeTXsGPLnk2bdmjO lEXnvr25NFSHqEP35pp7d+vSyF3+9ntX7O3n0KNLn069uvXr2LNr3869u/fv4MOL/x9/ESfd83z1 fv2LV3XywaRPD3eul7B7vp+51t7Pv7///wACdR58qznHG3LHsRdYgQRWtp5g9nU2V35WBWjhhRhm qCFS1E2IEYUPNvfhhwkm+FFru9F34kkLDucigg+SJ+OMNNZo44045qjjjjwKtxmKvqHWm5Axnpac ZakFJqKImg25YJNPJWmgej1WaeWVWGap5ZZclndTl2CGueGYZJZppoZhpqnmmmy26eabcMYp55x0 1mnnnXjmqeeefPbp55+ABioodebNONOgfZ6p6KKMNloQopBGKumklFYqXaEyHmopnY526umnjOYj 6qikllqqRKJelOpMH1zUqkStfv8gqz2vwvqcrLgyVCtLuerq6q+2BptQr8PySiuuu8Ka7Ky5zmor ss76ag+o1FZr7X/53JYtQ9sm1G2qqGbL6rPBvposrbeWa1W0zu4aq7DSojtsre0a6+66y5o776/5 SnvtvwAHbNZ03bJU8MHc2vOtwtDRK+/D+gIb2r0Pwwuxrw4bW+zG0p77brzkFhvxxyJrXPGmKKes 8o4Fq4rqy94yHHPLJpOcscfpdmyyuiVzzC/IGNtrcc/ojlwxyTyvrPTSTF96k6kwx5yw1NluK65M F2csL863QQv0yRs7rPXPPgdNdtlhb5121utuLPDbcMdNFs1Te0sqzFXHfGjEaq/3PTS8fH/d981d /420yMhO3LPRaZ/bt9yQRy75PwRrGzXCUsucrthJCw704WCzTXTbgoNus+IcM66244E37frrS+NE d+aaa76w3lgXbbbfnpcN+sn3cl64xa3rXnq8quvOtUSTN+/8tZWHhvnUdM+urKsUL08677rS626/ w3cvvs+ta68z8IezC/v67Ldfu8t1J1y9dMsqG6vX0OZLbP72b4+2xP3DnvoAGLr7pc+AxPqf+xbI QD1hijyaauCVnkfBCjZKghjMoAY3yMEOevCDIBzUA0OoJQua8IQoFAgJu5TCFrpQcivk0gtnSEOA xXBLNcyhDjEUEAAh+QQAGgBZACwAAEAAYAIhAAcI/wD/CRxIkKC9gwgTKlzIsKHDhxAjSpxIsaLF i/YKatzIsaPHjyBDihxJsqTJkyhTqlzJsqXLlzBjfkTIr2ZCmzdv1tzJcyE/ezx3Hgw6lKjPnEh9 4lTYM2jPoj9pPgXqlKpQiFGhXo0qs6vXr2DDih1LtqzZsRSX4lw6tGFWoEff0mQKV2fOt1nlFpXK d67fvlTb+tVbVzDDq4cNY1zMuLHjx5AjS55MubLly5gzR5Qb9Sdet0nnEh59VHRS0qcfcqZbuC5q xYljt9ZMu7bt27hz697NG7JI0p5Dh9YbvDTr48VNG7+LVXjbz7MVE3ZumOvZ69iza9/Ovbt3mcCr g//+K7qqVep5ZydHH/14e89Tna6fTj51xu/48+vfz7//94nhCTYddMyp1lls6VH3XnvDJQbdaFM5 9BqDvVVo4YUYZqjhhroF6Np4sMFFX4GsGVXfiSI2h+J6KRo3YoitvcjhjDTWaOONODImknrSMUig cs0R99dqIIonoXsfktigassl5N+TUEYp5ZRUCpRWXgfaJVuPCyoZGI8o7iXml1wCthZSE1IYHZE5 tunmm3DGCSdi6g2olFrmGWUebD8expZUf0KIV3xVCXmnWk3KqeiijDbqaEM7PippZFVWaumlmGa6 0qScdurpp6CGKuqopJZq6qmopqrqqqy26uqrOUb/ep+mtNZq66245qrrSAjt6uuvwAYr7LBk9Urs scgmq+yylcLq7LPQRiutY7Iya+212GarbXbGbuvtt+CGK65G3Y5r7rnopkvltOy26+678MYr77z0 1pthtermq+++/O5Xbr8AByzwwCDZa/DBCCes8MIMN+zwwxBHLPHEFFfcEDgSYWyqxhZ3rGNIBwEg MgC7cRQRR+CknDJCKrPc8kEqr2xPzDPT7LLMNb9sc84sJ4TxzjC3HLPGQONstNAc4wyzz0b3jNHL OR+tdNQ/07zz0QrZnPTSsxLstX72kFyhyRChvNDWMzvNMddZn61223CnLffSaM/N9t1Mu4w31j47 YS133RUBvvbacffNNtFJE7410U5/7Xh+Yis0csgihy32yJFPbnnlYSN0+UFkP2S24T2jrThDhM/N OOl72/3z24Xb3ffrr7dNO+mnIy013ayr7rfhqfvO9e2n837648iDFRAAIfkEABoAWQAsAABgAGAC IQAHCP8A/wkcSJAgAHsIE9oDwBAhw4MNFz5MOFFixIMOM9orOFChx4QcBYLzOFLhyJL2SqJEuDJh y5QuWZKcaRJmTJQqP7Z8KfMkzJc+fcaUWROc0ZRGcR79WbOpzadNeeIcGhTq06o1Q2rdyrWr169g w4odS7as2bNo06oFi1FhW4ga4WqkuJDuW41aP37UmvTozqssk7pcStSpSsGBcxZdTBQoYqR/qwJl unIqY8BTCRcubJlm386WJdP8OXmt6dOoU6tezbo1Wb1629LNiLF23bgT79aVDbu376HAez7myVnn 8N5CbxY9Plpn1J6JbSoufjlzX6tWQfuWOpiw4p2INW///k2+vPnz6NOrX8++vfv38OOz5317d9z6 cu3fpy9/fGTqenVGVXAz/accYM019x1UQk2H4IGYJZgdcMSNR11o/hUoYX8cdujhhyCGKKKHYNU3 l1y23aXibCZilNdvfDnX2ICwCXghcjdCaGOFlXkG4WY9zlhcZgEGF+RzMiL4l3Q+xuTak1BGKeWU VJqF3kO1XbRfRRblp9tc/Unl3XKCXUcgg5D59RhkJoVnWJnXmUmgUn4lWJlmdTa2FHFrZucmdg8y heSSTI5o6KGIJqroouaVOJ96/G0UEnkvMmrppYBiqmlTVXbq6aeghspae5H6FmmlvaG66aoiVsgq oyiJ/yrrrLTWKmt/qr6qK0i29urrr8AGK+ywZeE66a7I8krsssw26+yz0B6brIilkgpitdNmq+22 3Hbr7aFsccliebmOKJu4FEUE5rixqculux65GO289NZr772jlvflt/Hmxq5u6roVr8C02XUfwfwm rPDCDDfs8In2ZSkxu5d6+S+L9GUMm8UpxvbwxyCHLPLIHqrYMcbrVozfxRAP7LJbtuGWsokk12zz zThrG66WBaeLbrkhVrSvQ+9+9BaWAetHc5YC4+v001BH/bR5vK1I8a5wDY2wxi8PPDSKV+cs9thk l21p1QajTLOmWc+GNsVcQ7xvzFqbbffdeOe93tu3Cf8N76pY+ozxuUkv3e/RfP+t9+KMN46zo/EB HXSH2L4nr9SYZ6755sway9GilUN6rbKcl2766aij5fjqrLfu+uvvQT6i5JRKC1/quOeu++6dUvtb 6LAHL/zwxIdYYuBU/+4R7TCGFMDzz9sDffTTJxQ9QtHzrv323Hc/VvKim8poAHqRj7312JsvvfrF t+/++yInbpFERLvLM/DxsY/++fyT77/08AugAAe4qePxTD8nUxrYJPU59mhleuqL4P7+9z/vWfCC GNRe+BaYQI6Nr3zWg94E+UfAEprwhB2S3cnotjKrkY4g7XkgCPs3QgBm8IY4zOHutua2nimwbwhh nm8yZPgRCdJQIeTToRKXyMTO6UtcAKPNu+6XKP2RkH3/Q2KipIHCLnrxhPj7ohjHSMacBQQAIfkE ABoAWQAsAACAAGACIQAHCP8A7QkcSLCgQQAGEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48gQ4oc SbIjwpIoU6pcybKly5cwY8qcSbOmzZs4c+rcybOnz59AgwodSrSo0aNIkyodeHKp06dQo0qduhCA VasFrzaNqHVrRa8OvW69SrWs2bNo01b8x7atW7dgmcqlGJduwrdt7WkViJWvXLyAAwseTLiw4cOI EytezLix48eQI0ueTLmy5cuYM/+rq5fgSbKd/Wb13BfhZ9CoSwsMbHq06M6aY8ueTbu27du4c+ve XRviXtev/TYFG9f0Z7nDQwc/qPx1crXQo0ufrvSwZ71Yx/JF3Xzu9uzejZP/jRsYu3bn9nirX8++ vfv38OPLZ3y9vvC5rZmjf95Z7F3A96Hn13wEFmjggQgmqKB6/AnIX10PKpfchPWV1194fy2o4YYc dujhh++ZdxBo3zVon3n5lfgdU8elB9hvIq7oIog01mjjjTjm+I9GnNkFkYU9FqTjkEQWaeSRkC3U g0dBPkRiRk1SJ+WUVFZp5ZVYZqnlllx26eWXYIZZHZJklmnmmWimqeaabLbp5psGiinnnHTWaeed eOapp51w9unnn4AGqtiehBZq6KEUCarooow2iiaikEYqaaGOVmrppZhmqummnHYa6KSghirqqKSW aqpLcpyq6qqsturqq7DGESqqp7TWauutuOaq6668/hMQACH5BAAaAFkALAAAoABgAiEABwj/AP8J HEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKbGivpMmTKFOqXMmypcuXMGPKnEmz ps2bOHPq3Mmzp8+fQIMKHUq0KMyRSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOKHUu2rNmz aNMSNMq2rdu3cOPKnUu3rt27ePPq3cu3r9+/gAMLHky4sOHDiF1qScy4sePHkCNLnky5suXLmDNr 3sy5s+e+Dj+LZqu2tOnTqDeOXs26tevXn/nJlm1vNm3bJmmX1L2bX27fvXMLtw0c90ncxGsfrw1c OW/fs5kL7837t/Xd0rFTn479+e/byJuD/4/uPTns8+jTH23YfLl25dnjx38uXnt7+Cnvv28Pvb53 +P/pd5x4/tWHX3HLBYjSffThF9x+KqUm4YQUVihQTAIaCKBzDkLH4YYfOigid+51+KGHCG6IoIDT rdidigua6GGIJHKIYowpmqjejjye55B5B7ZoY4In2sdfdNstWJ2GQzaZ4owzrvQkjC4SORyMSup2 Y39agqijhWCGKWZYGKpEoII6TgkgfyyxqCGbLlY5JZTVgRjniwzKiGd+MWIpJJM9BiroaD+aKaR9 79nJHHJBSukohFc6qWiTiRIHZZFRvhjpjX0emqmfAo4p6qikfpUhdzlWiqOVqXbaKZNR3v92XY5d qhqpdARCCuesror4aa62lirssMR2VCafquZZY6axLjoeg0hWimSu1Mr6oLMlhmjtfEtOex22yeUZ 7rdsDmruueimq+667Lbr7rvwxivvvPTWa++9noWG72vF9uvvvwXtK/DABLOrL0oAJJxwTgCkpHDD eC1cksR5QeywxXkBrPHGpeKEMcMOm/TxXBRTHPFKJhesMrvacDaywhPbAzHMEy9Mc8w4y1yyxDRb 3PDPNc+8M8ZAA62z0EOL3DPPNvvM9NMI4/xw0E7PLPLRVQet9Mgrd+01ylP7rHPORud8tdRXE512 2lafLfPbIRcdtdgnlW033FaLrbdKbe+0HbPfbwMOd+BfF2740XVH/ffWTbvNOOM/00344mY/HHnI eFM9ONJ3W5554GGvjXnbk5feuehUX3746oZ/DDjXNo/uuNKb1y754HWrnfnrtqOOdulk45766ZSb 3vvsNbOuvLoHJ+688ZULX/v0xROP++26o2799p9z/3LivIfvO/YncWz++RV6fDHpiLc/tuNIay0/ 1tdD7b7ZeMNM99T0t9+3/PvLnvECWLW7+c9+y0vgoAICACH5BAAaAFkALAAAwABgAiEABwj/AO0J HEiwoEEABwEgtLdQoMKFDwcqJNiQocOJDDFmbPgQYcWIGy9WtEhRpEeJJlOGJAlRpEOUGUui5EiS pcaONSFiBAnSoM+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrPkdi3cq1q9evYMOKHUu2rMB/ aNOqVWu2bdWebsWunUu3rt27ePPq3cu3r9+/gAMLHky4sOHDiPEavRa3sePHkCNLnky5smWo1xhf 3sy5s+fPoEOLDpt5tOnTqFOrXs36aOBriWPLnk27tu3buHPr3s27t+/fgJmWbk28uPHjyJNbJZwZ uPPn0KNLn069uvXr2PfCzs69u/fv4MOL0h/fO+pw5ejTq1/PHnTi5uTjy59Pv779+7Hb69/Pv+iE /gAGKOCABBZooGj4Jajgggw26OCCB0Yo4YQUVmjhhRhmqKFjD3bo4YcghigiYhuWaOKJKH414oos tujii7/pQGKKNNZo441Dwajjjjz26OOPQAYp5JBE2objkUgmqeSSTDbpZHJFRinllFTi9+SVWGap 5ZZcdunll2CGKSZZeyFZ5ZlopqmbmWq26eabdB2lVVMnjTbnmHjm+dlHGsVEEUcnBSpnUDctBVdW eiaqaFsBAQAh+QQAGgBZACwAAOAAYAIhAAcI/wDtCRxIsKA9AAQBKEyIkOHAhQgjHjRI8WFFgQsx Xtx4MOPFhhxDihxJsqTJkyhTqlzJsqXLlzBjypxJsybJfzhz6tTZEaLFiQY9CgUKc+hJkCApJi25 s6nTp1CjSp1KtarVq1izat3KtavXr2DDih1LtqzVkRKDEi0ose3EtAobxl0aMS5boHIzytX40yJc uz015t1rs7Dhw4gTK17MuLHjxxerpk2IEbDft5jdCu6Lme/mzp0JexYsenLd0UDBujLLurXr17Bj y55Nu7btrYH7IqWMNzNo05R3/2w713dSukR3zzW9VODt59CjS59Ovbp16SXh8l5L2K3m38E57/+d vJk8cuGgUXuEzL69+/fw48ufT7Nq+bujzxu/nD/5dp98oaebZ8rxx1tD1yWo4IIMNujgg7QV15Ne 662132AEhtdfZZWh11xu3AEm4kNGQWjiiSimqOKKZGVH34swxijjjDTWaOONBtlnIY7ysejjj0AG KSSLPBZp5JFI5jjkkkyWleSTUEYp5ZRUVmllfB/imOWVXHbp5ZdFFXecZRxmSCKFllUo5nZsrRlS XiTG2aGHE9ZFJp12SVgnakGRKdKdHKUp1HoVBqonSs0dCuaijC4mGX5mlunfgB8SCumO6v0p6aAD 9oZpop2WxueWmGoaIKkFfuapiy6ByqdiTcb/KmtXaF1Kp3/IqTrcqGz2SmqGmnW3q4CcRSpsgEp9 1OdgWxKrbKrpkZSoXngNaud/Z2abW4EYguhno+CCK+FxoRo457nI7rhclsuVim2w6VbLkKVqfSfq hL22Kaqz3JkKrZ2/6gvgW/vmKxy0uPolWsLhNuxwrujGq6656br6qoVjXntwxRHTe+llwOH7qsZq 7uksxMoCa2DGIGK8spgnC5onnivPC1HADuc8JcqltcurrnWSt6Fa+RLtKcAA/ptsveCtWqmmEKN8 sXg181tR1JO2OXHWDiktYKU46yz2kTzv2um7tmZqdrEBE2vepMd+fLbTI0Ndc7FDqw2e1UtT/zq3 0HBT7TXVeY9t+IySwTxwejGjuThSeR74saL46WcucD6X6uHje7or8rZ++pymwN16W+hG0y4sIqeE rw756+ah2aFzs9Zue1hktxpl2FerxPvhN90u/PBYGfl7oE8eb7RJygMfEvHQRw+V89RXb6P02P9o /fbcz5f999Z1v3zK4tcKo/LNe17++oclLud77H6L6LxzZ2ft/aSbLOj76PK9qe/nK9r4kDc1XmUJ fAg0Eevg17eX3Mp/5CMX3ib4QMhBSjuGmqD56CNBAm7wV+yqSAJH2CDvzO5zMuvWzLQ1Lo/RLzPy ixRpAMbCfmGrbp8q13dUhjMMjuhoRmGh6/deByyZnfBzoIPdCb92M2sdkWAYIqGKsDA8E2rIZYPr TRYNpjAZ3vBue5ParSqnpwf65l1h006qxjNAVWGuapcDY9ZCJscxAq1ptJOiHqlzLDdVa2BIO5rJ KLY1PIYwU3jyI9vqJ7fkjG5V/QObBIkTOe+IMXJuZNjebEbHOcJtRFg71eLcCJI9mrI15mNjJrfI MaxZzG9erB8dhfZKT5Lvhhtz2RVRd5/wMIdwm1wlHBc5tC2q8mxvvAtd0sc+7j3qiskMZmiEeUdd GlJvgVNZNb/GxRyaKVcLg2TvOJRLa3YwmujUpCbPOUyuGUudd0TIKedJloAAACH5BAAaAFkALAAA AAFgAiEABwj/AP8JHEiQIAB7CBEePKjQHkOHEBs+XJiQYkSLECdGTNiQo0aNHR92HMkQZMaKGz2i XDlypUiWIF+WbHmRo02YGGfSNLkxZ8+fH1GKDNrSpE+jN5ESVfkSYsGnUKNKnUq1qtWrWLNq3cq1 q1eqN8OmvAig7E+HZUumVWi2JlmdZJOuRQs3Lc+ibdmenduUrUybdkOG5YlR8Ni7SSuqRUqXpWKz Sxc/9tm4Ml2Zkv0uRox2L9+heueKHU26tOnTqFOrXs26tevXsMNejT2Ytm2aYvve3s2792vdvoOn Bi78q/HjyJMrX868edXdooWvJq5SuvXr0qlj3z4Wu/Pv4MOL/x9PPir38+jTq1/Pvr17juXjy59P //n7+/jz69/Pv7///wACSF1h2GnnmGkGBqjgewmy1yBpDy4o4YTXzVYbhN1Z1yBxf0UIWF6wgTic XIrpp1tgtnkY4nQpwlbfizDGKOM/uZVG4HUbqqZidRlOp2JTeYnoXl87Yihgi6/NqOSSTFqIoGAo VkbRXXxBKdqV0TX2EZYWBZbZlI51WGVIItbV1meZSXSSlFxO5tebQZ6JJo9CvQlUllG2Wadlc675 lpuABiVZnnGmSeGhiLZ2lU5H1UkZSW41qmZRPEo6qZ8S1UWnn5YCZhillzp62Fl7chopUKUe2Bmq l4K2U4Znpv8qaKmPspoRXKSGqlGTvPbKK2pgWgompqgGK5SXYSp1LK1vFUZgh8wKGelE1K4FpGHI kgnZsdZa2W2o2pIqbKWarVpptpp12WytkeUak7XVSpvovPS2Zmy76v6lprHgIrZtqyU2uhSx0AKs 12RxBuzpwjPhGy3D/aZKqbIGQ2qUq6Me2PCroJpKGLOh1SvyyCt+KrCqMbn0MG4eh9nywLCqXHFK GNNsq8a2jkvUxgATCXLLHbNLrq4/twtTzuR+zBnJTDcNqWc8wxqkzH+W+5ibKI6ZLbos88nlQmUy JWe1JeJ8GdSb2cmo2i4B+a2dZ0f5tJdhX612rHjF69HXNP//26zXRTotuHpOljx4YsAe3iN+gefX uGu+Ri75i+c9LmGOTmfJn+UMKu7556CHLvropJduOm+Fn6766iNP7vrrsCOXuL2cH+o360/+xl3j O8bu++/ASzU7i7HVXuNprsq99GjGI+mjvMsjv/vCIyoa/PXYy8jbj7Q1r7vER6vOWfS5F1g87uin z3baUlYNZ9Xwfqiu+3CSvWqVNd/4PuD7nm213XMam/2yBjfNzW1s/tsbz7IWK0OxaVDsA1uhAAVA +qnvPry4oE0WtSyk4Y16H5wfxtb2MbeobEvUs6DDMtUzlx2NhDibFbjkEkJxJU1TKIzZC6EkqhZ2 DWyQyp4Q/4fIK6Pd6m1CYsyacDUroU2rgeCrmc18CDRTuXCJBkPXlOhmpCqW0IpH9FsSk8bD/mUK ifLLSWCIyMY2Nmd4j3rWh4bGKiaKyolRy2N3pDhCD65sihYroxeJdTDEDTJoNtRX2RAJQzMS7Iq1 0qAk52XETiEykCYEpKZkRhlLApKRfxwXJE+1wpOUUJGi1GQio0innbWwlH1U4iRn6Z7ZjMlqt8RT stZ2mE1aBlu4ZBsN2Rc+PRlNbg8EJqHECL+pKdB+naHSB/2XyyQikJT4a5ventk3hrixPH34puto eaEJ8Y6c6EynOiXpPeEYkHjrjKc850nPetrznvjMpz73ySHPflondfAsZ4sC57N2dnF76WmnQREE nIXCR5wQjWhXAgIAIfkEABoAWQAsAAAgAWACIQAHCP8A/wkcSJCgvYMIEypcaA8AQ4QOH0qc6DDi RIoMK17cyFGhxY4dP4IcuVAkSYkmT6psmPJgy5USC8qcSbOmzZs4c+rcybOnz59AgwrFCfOixZcN EwJYqhQpxKQaVaaMStIpxqIPrWIV+XGpV4hMXX5V+hRryY1OuXLUarat27dw48qdS7fuWZcovx7F O5Kq1IxJ7d6Ny/Zt18ER95YNDNdqWsGQI0ueTLmyW52J+Y7VqHfs06mMPTINyznwZs9gSZM2vTpx WLxeTZ7OzPLoa7GuX8cWnTk3b9u0dy/m+3l4Z923awOHXZs3bufCK87u7Vk4wqHYs2vfzr279+/a gzP/lk5cMXOPuNWahsp+r/nx8P1CpY3+fcvS51HGH052NXH4/QGYnnzSJWceVYflR15o5TEYmnv7 MQfhf/aAZ+GFGGao4YY2hdRehAJydduBZK1XGoICgojfbradZV9Xeim34G8q0gjciGWxmKJ6xf1H YmwJsqcgYg7qVtyEHw5p2ZJMNunkky4mKWSIUT5onGYfomhfj1lyKVaAFLK031RBanmlkkRCuGWJ XJbpJZtmhomkaGO2OSWKUOap5558mqUYkiTWx+CavXWJZo34TXnle3bi6WOjZ94ZqZlrwtngYoBa mil6+VUpJaV2OtjnqKSWWpdOIfr35YuqzcZpoSuq/ypiq+fp+ByYDyI32q2opQegdb7COOuNrOFY kq6y4dmrdZs15VyRss7XaqGaNVshh9hmq+223P5UV2GmhjsXuFCSOy6nIInU7brstuvuhd+KK69l 5jpZL2HoGpXcte/26++/7M4r8MAEF2zwwQgnrPDCDDfs8MMQR7wkqvlKbPFa9pp771/xRqYuwCCH LPJAIdla8r4FP5Ywj34a1Rd/dtWLFKP4hnnxzQRTTLN+DquM8MZouZwuzB03RrRh/I2s9NJMC1Re dQZmROu0qfmaYnPxQb2cq1Vj3ZRvzU29nHJd9xp2s9GNNnbaYPPa2tdk34q12WhbXbfX0s4aN95n l//tqnBNBy54v5dKCvOE1A5aI6a1Qso4kY8yLt7kjhdupYQ9Jh6nqD/ymKmbktOnJX24gm44lpJu mtTgrLfO3csNAsmm5Fj+GWPtvwWat18toltphNRSd7uisoNFO+KwmYygbLT7/hmLN7rZ+fD7Okpl 8ahv7ijQOHdPmc7ND9a85osTCFjs+YpoaeTom4i7prMfW2fjioL45eP1Xy+1qIvXr36ohZNPjoak Ooe47oAItFAAr+a59aQOgMx73+fid7kdwc99GHwg/kqnQfLNiX0f1N+jKrU9+41wUgB0oPaolMAW uhA7C+Sb3fwjPGLpDm5Z05XfZEirZ1kreNUSndvT9DamHwbxUmpjmbXoZLu20U1VcVvishiorKip MFpi2ssLt8jFndDrJDLz3lbESEaGdPGMaJTJF6vCsTKC0Y1w5Fca59i0ONrxjnjMox73yMc++vGP gLQjylbCvUAa8pCITGTMsjLIl8hMh3ITkyInSclKBhI0NnPkGwk4QEt68pOgRBiquEYh33CNWW8D zAQfQsdWuvKVsIylT0KoFtOtsJHty9tCZMnLXvryl0zzUKdKWcHPmcx5nLRZKJfJzGaaipaCwt/m MnnB0znzmtjM5lwCAgAh+QQAGgBZACwAAEABYAIhAAcI/wDtCRxIkCCAgQcPFlSI0B5Dhw0FJmz4 EGJBixIpasx4saPHjyBDihxJsqTJkyhTqlzJsqXLlzBjypxJs6ZNkwwnXszJsSfPnxsNLgyq02LF m0iTKl3KtKnTp1CjSp1q75/Vq1ixOgSg8KhErgbBbv3alWtOsUfNohW79SzPqlnjyp1Lt67du3jz 6t3Lt6/fv4ADCx5MuLDhw4gTK14cl+pSxpAjS55MubLly5gza96s1bHnz6CZ5gtNurTp06hTq17N urXr17Bjy55Nu7bt27hz695dkrPv38CDCx9OvLjx4755K1/OvLnz59CjS59Ovbr169iza9/OvTtK 5ODDi6AfT768+fPhvatfz769+5Do48ufT7++/fvD3+vfz7+///8ABijgbKUMaOCBCCbIH34MNujg gxBGOJ+CFFZo4YUeSajhhhx26OGHIIYo4ogklmjiiSimqOKKLOaF4YswxghgizTWaOONOOao4448 9hicjEAGKeSQRBZp5JGP+ajkkkw2ORmSUEYp5ZRUVmnllVhmqeWWXHbp5ZdghimmkAEBACH5BAAa AFkALAAAYAFgAiEABwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKbPiv pMmTJw/yG8mypUuIKGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjRyHyWymQ6UOnA5dKtQi16dSX CZdGdSp1Zdeq9rpiHUu2rNmzaNOqXauUa0SwYCnCjapWq9WmKvOuvcK2r9+/gAMLJsu08NWwdt0e DmvwqlerXLUudgt5q+HCdB8jvmyZ4OPPCOc2TsxY7ODTqFOrXs06YU7GsBVnnl3wK+zSmPFCFR2b Nl7dmXP/Lp0XdNzbdGsHH14VqfPn0KNLn069uvXr2Gs+/S0buHfPyr/b/7aLHHLkqeS7Ex++WbJo zJzZy7+tmX7r+/jz699v9mv9//bxxpx9o5XX23yIBejbbiox2JuDBvIGIIL8VWjhhRhmiByA6tWX 3IcTbhhhcpSJpyB7JYoIHoEGltchiRrGKOOMNLLFoGmbWWbYip6R1lmOd30YW2LpFSlZj/Et5qKO QiKZJJMU1ijllFRWOdBrVl54nD3Zdenll2CGKeaYZEaXpZaulanmmmy26eabcNJ05px0VhjnnXjm CV2dfPa5mp6ABipoSX7yCUBBhx6UqEaLItToaY8qWuiklHKJEwCYYmpRpJlGWpamAoFqT6ejkopo phh5etGjh3KqkKoJwf8a6mqsGiTrRYPmquuutz7k6qxpiQqqp8SiVquksUZ0a69s9cosRbtGK22Y DnE67KihCqspqgMt6q22iXLrLbbhDgsuQa2Siy2y6Cp6bavcIhtvtqyK222p79KrLrD6potvt+KC W2+5BJdK77cEh3uvvLOaWrCp6F67LrznVmoxajl16i+5CjfcLqILj9uoyPdKzO/G7aaL8scsL8zx yY6um6zLG9es7sgy45ytrTn3PK7LPgNrc8olA/2xwiTrLHPQEzMt0LRQR63msfviu+3PEQsML81O j0yqqCF7/C+/RndddsPEzkuy2DcvjTTIZH9dstxxs+zv20Kj+vPKRKv/XLTSgLdts6hSF254l1QP ferSQp+9bdFsKx3x0Wz3DLfdljNOc+Bcry045Yl3DjnXQK+Nd9VD8/036lVnHrTfWGt6+Oy0Rxd6 7ERf3rHbZmPtuuRNw8wz5rgzLrnvng/euu/C9z768ZCfrnzzmu+9OunCW1937dx3P5S1u48dL9g6 B4wwwI+jr+/YRiPMPPoF5zw+yPMenLX7Voutt+MoO2w+/KeKX8cohr/ikS170Uuf8YQVNrQlynsQ jOA/LkaWZymrIxZESwYPuEEKenBSWPrgqj7SwYWUsIISAZ5gJMjC2onwhTCMoQxlFMIZ2vCGM2wh oEgYkhKeECQ/NGGw/ygSxJZpsINInEgRU6XCmeEwRs4iohJ7+Cp2HXB4Mbviq+qXRSFO8X4Ned/k pFgtiIjRixcEIkN+5cQlPhEwbuyiGamYxrP5yo5WDKMev6jFKvZxZyzJ4Bn9WEePRPFyXYzjG0di r7z5zZGsYx8AxRcyiZnvYefLnyQf+bX/bVKT6oNY/dKWsH5NzGTrE6XabGUyioGygXrLJCfNNbBU uu1qFQMjJSF5ylL+q2L+q+Umx0fLVy7SL9YL3/Qi97vnOS95wVsm3/LFTDEqLnPXZKM0XaUqaQYQ ZtDkYOOaJrLTIRJ3YMNmM6vpTG8O0Hm6q147sXfMvmiMnoNL5sECdz/Pfd3TnY375+hEx05A5o53 4IRY9egWSfsNzJuSgqYBx/lOgVbulejEYjlX6UBqClSiAWXoNAcKTmf+sZ4eCQgAIfkEABoAWQAs AACAAWACIQAHCP8A7QkcSJAggIMHBwJQaNDeQoELE0Kc+BChxIkULVKEqDEiw4cOQ4qM2PFjQZEh QXrcyPHkSpQoVTrUyLCgxZc4DSKEOTOhTJknU5pkGdMmxooZd/60ubNmUZBOf9LEmJLmyptCiV5N 6nNoQ6JRn4YNSras2bNo06pdy7at24L/4sqdOxfqWK0KtyINutToXq85976kOpiwWLAzGwI1jNip 48NFwfbNyhMw5MU9lR7lOTkyY8p3C4e1m9Vu4KFITXsd7dLyYqh0Y8ueTbu27du4c+vezbs3XaBb LQv3fDk05dMji5OejPwrXuOYObuG7rw5abzMHUMNbh0m5teVwX//Hy5e+ebsy1cbzk7Vnu/38OPL n0//dk/GmjPfJ95Up8T+3v3HUUVNCTYgftvVVNJRJKkWXVcMXmeVgAwGCGFeFxJ4kX4HDkggf4pt th9w/wG4HYVMRQaghx22V2CHVon4YoX+tcdiixkSVN+OPPboY31vBSnkW9cNmVaRRiap5JJMNunk k00iCeWTP1Zp5ZVY/jPllmpJ6eSKXIYp5phklqmkl2a+leWabLa5W5pwxinnnHQO6eadeOap5558 zlfnn4AGKiiZfRZq6KGIJppblFyimaSjgwa5YaSgUWrppZhmqilbuUXnHJRoQlqWqIGSaiOjLk01 qlCmOqnoq7DG/yprll0e2aiYrdbZaq5HSuiWaJsGK+ywxMbZaVdKaaiSgKaVeJGqyXKFIUszrlgg mNa+qOGNI1aVU437Tasis62VmypJG13l7HLPIovjpLPGK++89NLXV2quIdmdgunm2xqw7Jn71F/d oTheY+h95Ou5qiXn0cPD+aXTemTVa/HFGGd8L3YLMpXjwfhKlR+L6Br1HIYJnhxYxwk2XKmKI3Vs 8qr8smrzySRX19F1Gffs889r1kotdjOzhrOBzX2GU8rHVed0eYiN57JowCX36dUCI21zwJARl1ex YIctdqCdokY0wtO5eJ55FGsX8cFNnx33Y10rbXTWn1kNMcRHr/8GXs1AB46oDILLmhh3HHbL8Lgb ak3iX/o1eG7eiXN4orLinki34h5/OmPnhE3qeGkGe7zt5TgKVPjqrLdO29jFisorr7DXbvvtuF+6 aO5yyi4p74C6LvzwxMsG/PHIc1r88sw3L1/y0EcflPPUV7+89Nhnr/323Hd/Um4KhB++PeKPX/5A 4wuUvvroty8++QQpENT56K9P/vvly9+++/HXbz798Xuf+vR3P/mtT38AHOD/BHg//xEwfwVsIPsU SEAJWpCBByxgBS+4P/1Z74MgrN4GJwi/CR6wgg/sIAlLWJAUshCB8zsJCllYwg2OcH8tnCEHb0hD HA4Qhzo0oQv/eXhCEiIwhS78oREnGMImOvFiarlhEmFoQBpO0YT9kyH/+idFLW6RfSMkYgxfCMYy jrGFWYThCnVYRfjx0I1wtCEc54hFMibRe3jMI+zAB8ArxrGHVWxjDbOIRjN20H5hhOAME2m/HtZx kGpkoP8IOUgy+pCKhtRiIAE5R0FWEon7e6IoR/mzLlJQhZzc5CMdqcEVctKVVozlET2ZxvSp8ZOv 9GIsayjJXWJylmnMZCfpiMtLqo6UyEwmn6J4xltGEo2qrCQsc+nKO65RllwkyyIhiEs5NtOB5qtm MP9oTEhCs4zb7CMl9cjOduLOlJb0JiHZuE5YWtOSlPSkM1m5bUR6vlCehcQnHYMoTVuWE5UFFeQt BerOhjoUdvBcZECBOMnzJVCKJ0SkLnmJSPwl8JTp/GcrA6jRawbxgeFU4kjFqUAgGhCD86znQ2dK 05ra9KY4zalOhbS7nfoUSsoMqlAT9dOiGvWoZBtlQAAAIfkEAMHmWQAsAACgAWACIQAHCP8A/wkc SJCgvYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocSbKgyZMoU6pcybKly5cCScqcSbOm zZs4c+rcybMnRZhAgwoditKmAp9IkypdyrSp06dQo8p0qaDq0YRWEVbVau+o1a1ar3b1CvbrQbNh s4rtOvYqWqxqsYadezYt2awKwbYV+zbt3rVf+erlWvesXsB7F/Ydazev4MFr2RaWzNgw3sSI7d7d +vYwYLOLPYsebJku5b+nN7tVe9kw4dOl4XLuPNrybNKvAxcmyru376IS+eZ2XVe4Y7pu8z40Xjh5 w8iZK0t3/prhYcLMq0fWXp0ydepss3v/hzvcNHPo5aVPhh0d9mTjnhWnn47dIXzx47mil7v++vr8 7qVWX3HK/afegFL1RJVc6Hn133YOOijZfs9xN2GFBTanYXIQ2qehfvxZKN+DyoEXHoPdnffhh9+l WB54+LW3HYAcnpihiheCaF2JOYaIGIX9rSihizMCSOCR83WX329MNjnURD/yaGKHEb4n2o62leVX iJo5V6ONsnXYI5jsceljhkc2iCKJ762YY4sGVgnfmY71pVubG5KJZ34wJmZmle5lt9mWmbUIpJ5J DuonfoEqmeBTUa45ZJwsjqikoJReyp+XBIqJZZ/tCYhlmTfyqF9rtm0a5JutUQlmn5mu/3rjZZzO Cpmbk/55oaeR7liorERiWKZw0KHqoqOP2rSgjjrmKmatupaKoIjcBSYhoGZ2KWCooSZqqZrNjvhY XKeCBmynE95pJLAzzlmptONytqalaTYaZJFkqhajqd/y66yBbO7m5MAEqwRlet8dSqqnsf6KJqlI vjqlsK/uSS2XjEYH6rFjDrkxwHSKKjK7o7qrKZ69mkinYP0yK5/J6+7Z7souxzxysj5RhSqtpsVa 3G2r4WbkXX7WOenR3o2LWrW0GsvzqLHR21aYJLus6LaqtixysfJebPG/0kZ8tbpbJk0vWrqh/bTF shmdYm2ocesfYQXXbXdMOOet995899Ht99+ABy744IQXbvjhiCeu+OKMN+7445AvdffklFdu+eWY Z6755px37vnnoIcu+uikl2766ainrvrqJ0Xu+uuwxy777LTXbvvtuOeu++689+7774+yLvzwxBdv /PHIJ6/88sw37/zz0Ecv/fTUV2/99dhn7xvw3Hfv/feQay/++OSXb/756Kev/vqkF8D++/DHL7+T Kcxv//3456///vzfDf7/AAygAAdIwAIa8IC0658CF8jABpYOgRCMoAQn2BAHWvCCGMygBjfIwQ56 sGABAQAh+QQAFQBZACwAAAAAYALMAQcI/wD/CRxIsKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzI saPHjyBDimxor6TJkyhTqlzJsqXLlzBjypxJs6bNmzhz6tzJs6fPn0CDCh1KtKjRo0iTKl3KtKnT p1CjSp26dKTVq1izat3KtavXr2DDih1LtqzZs2jTql3Ltq3bt3Djyp1Lt67du3jz6t3Lt6/fvxip Ch5MuLDhw4gTK17MuLHjx5AjS55MOSrgy5gza97MeWvlz6BDix5NuvTPzqhTq17NurXr17Bjy54d 0rTt27hz6949lbbv38CDCx9OvLjx48iTK1/OvLnz59CjS//Ku7r169iza9/Ovbv37+AtT///ymy8 +fPo06tfz779WzTu48v/G76+/fv48+vfz7+///8ABijggAQWaOCBCCao4IIMNujggxBGKOGEvc1n 4YUYZqjhhhyeR+GHIIYo4ogklmiiTR2mqOKKWJ14kwGTsePijPmxeBk77Nio4448PpRjj0BqRmNu Mg5p5JFIClVkkkxuF2RdOD4pJWZNfrZklVheNyVcP27pZV9ZhilmmF+WaeaZaKap5lzzrOnmm/ON KeecRsJpZ4eX3KnnnnyWReefgAYq6KCEgtfnoYhuVuiijBKY6KOQ8tXopJTuF+mlmGaq6aacduop nJWGKuqopJZq6qmopqrqqqwe+emrsLb/2OqstNZq66245qrrrrz2SmmswAbbka/EFnuTsMhKt8Js Lr1h7LPPJivttA5Ba+212GarrT3Uduvtt+CGKy505Yxr7rnopqvuuuy26+678MYr77z01mvvvfjm q+++/PbrL1nbBizwwAQv5U/BCCes8MIMN+zwwzv9K3GHEFds8cUY9zfxxhlm7PHHIIecG8ckxyny yUmWrHJ7KLfs8sswxyxzqivX7JoOIM2sM4U29+zzzyTvLPTQRBfNLdBIJ6300kw3vZfRUEcttcdO V2311cFOrbV/WHfd2tZghy322GSXrZTXaKdm9trZpe3223DHLTfHbNdt992Mzq13Xnj3/+3331ju LfjghLsH+OGVFa54W4g3nlI/jkcu+eSmLm55WpRnXtjlnHfu+eegU6z56BWGbvpVpKeu+uqst+76 67DHLvvstNd+8um456777rz37vtztgcv/PDEF29UDyb9rvxExjfv/PMpLS/9Q97pAr3A02e/0PXN a+/99+ArxP345Jdv/vnop6/+zuGHv/7s04bT/vz012//au/Lfv/+/Pfv//8AXFn+YhdA3g0QdgXc 3QEXyMAGOlBhCYygBCdIwXg90EGHAFQFQ3fB1omig5PboAhHSMISfgqEozOhClfIwha68IXAQaHm YCg4Gdrwhjh8iQxymCUa7o2HjvOh3v+ASMQiGvGIIxLi3GhEDSRCSIlQjOKrnEjFKlrxiljMIk2k +DYtmo2LbvNi2cCYNjGa8YyBIiPa0MjGNrrxjU9Ro9fgKDU52vGOeMzjXejIxz6KSI+ADKQgB+kV PxrykA8ipCIXiSFECo2QeeAIzhhJyUpaLQyWVKEj2TeeJGTyk4rcpChHScorgvKUqEylKlfJylba pZQwc6W/YEnLWtrylrikmSx3ycvM5DJkvdTXL4dJzGIOL5j5MqYyl8nMZjrTUciMpjTp8sxqWvOa 2MymaaZZL21685s8WZ4suElOG4FzYOWU1zmxl852upM664ynPOdJz3q25J34zCfq7An/LX36858A DahAw8LPfg5UXAVNqDcPytCGHkShxXJoslRQEIiybh4WzahGNyoVE5xGot3iqEhHStLAgfSkKE2p SlfKUjuV1FYtzdpLZ0rTmtrUfDEFVmgAcNP/5AUAOZ3OZ3ja01MRtahcqwtQg/qppTKVU059anQk c1SkjqqqVg0VVrPK1a569au7euEgagjWSkn1rGhNq1onWNa2GnGtmXKrXOdK17paDK54paRd9/rA vPr1r4AtDl8HS9jCGvawVAysYhfLWNYg9rGkIwUpetJYG0mWFBeBrJgqy9nXtAJomiVTZ0dL2tK+ JbQ9NK2aUGtS1br2tbCNrWxnS1tqg7K2SbXN7f5uy1vb6fa3wA2ucIdLXNn29rjI9WpxdZTcOi2X Rc0d0nOnq7vo0oi62DWddbfLXY5mV3TdJdF3x0ve8pr3vOi9Y3jXy972uve98I3vYdNLXwk+oL74 za9+98tfwZ6IEdbtb3rkOyEBG/jApySwhBDM4AY7GL8KjrCEaxkQACH5BAAVAFkALAAAAABgAswB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKbPivpMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HUu2rNmzaGmOXMu2rdu3cOPKnUu3rt27ePPq3cu3r9+/gAMLhpu2sOHDiBMrXnxzsOPHkCNLnky5 MkjGmDNr3sy5M1PLoEOLHk26tOnTqFOrXs26tWnPsGPLnk2bs+vbuHPr3s27t+/fwIMLr1u7uPHj yJMrX868ufPnXYdLn069uvXr2LNr3w4cuvfv4MOL/x9Pvrz58+jTq1/Pvr379/Djy59Pv779+/jz 64/Pvb///wAC2EKABBZoYHD7Jajgggw26OCD8h0o4YQUVkgShBhmqOGGHHbo4YcghijiiCSWaOKJ KKaoYk+AlGThizDGKOOMNNZo44045qjjjjz26OOPra0o5JBEFmnkkUgmqeSSTDbp5JNQRnkkQQQA aeWVWGap5ZZcQibll2CGKeaY+3Vp5ploKkTmmmxileabcMYp55x01mnnnXjmqeeefNrV5p+ABiro oIQWauihiCaq6KKMNuroo/f1Kemk2EFqKaKUZqrpppx26mlBl4Yq6qikLvnpqaiSVuqqrLbqKoep xv8qq2Sv1trkrLjm+hejuNjq66/A6qfrsMQWa+yxyCarLIHBNrvistBGS5Gz1J4o7bXYLlTttiNm 6+23AnEr7rjklgsWuOhea+66Dqbr7rvwxuspu/QqKO+9udar77789jsTvgDH6u/ABBdcb8AIJ6zw wgw37PDDEEcs8cQUV2zxxRhnrPHGHHfs8VoGh3zexySXbPLJ2orMEwsqtxweyy4zhnJILLAws2sx 9wRzzjwrt3PPZ90sdIFAF23c0Ej/Z/TSsyXt9NNQx8v01J5FbfXVWGet9dZcd+3118dSLfbYZJdt 9tlop602pN2kCPbbp60t97lw12333VbOrffefJP/h/fftPYt+FSAF+7Y4IgnrjhshjcO2OKQI+X4 5JRXbl3kmBNl+eZ0Ze7556BnxfnopJeOWuiop656Uqa3HtLqsMcu++y012777bjnrvvuTS0jt+vA By/88MQX/2Y1yCePvPHMP6R88gzzDnvz1Kcs/fXYZ6/99tyTWz2OLnwv/vjkC9x95uWnr37z57fv /oJSvC///PTfXkb9+Oev//6QAuD//wD0H/8GyLP1GfCACExg4Qg4NwU68IEQjCDSGPg7CVqQMsq4 oAY3GCcKevCDIAyhCEdYFg6SjoRkM6EKVxgjUxANhTCM4ZhYaDkZTo2GlbMh03DIwx768IdADKIQ /4coFx0a8YhITCJiiHg3JTrxiVCMohRjx8QqWhFaU8yiFrfIxS568YtgDCNMrvg2MeqLjGAzoxrX CB00fo2N63KjHOdIxzra8Y54zKMe98jHPvrxj4AMpCBVCMdCGvKQ7xukIhcJI0RKiRGOFJzhpsHI SrorktuypCY3yclOehJemAylKNPySY2N8pSopJucmlFKVaXylbCM5dlaScta2vKWuMylLgkiy176 cim7hNgvWRXMYhozMMNc1TGjl8xmOvOZ5VrmwqBJzWqOUZoJs6ZJGKDNbmIzm91s1DfHSU62hFOc 5bzXORlVskqk853wjKc850nPekptnYqypz73af8PfOaTn9jyp0CHCdCADvSgCE2oQhfK0IY69KEQ jahEJVfQilr0ouabqEY3ylH1YPSjy+yoSEdK0pLuDaTJMqmTUMpSXar0Vi2NqUxnqqWXMommOM2p Tm1k05769Kek3KlQh0rUohr1qEhNqkXjoNQtAXVKTY3qFZ9qJKla9apYnQxVOWMNzWSVT1sl0lf3 FNYhjVVPZRXSWbdkBoik9Vlrjatc5/q6t9q1e3TNK2+QoNdb3hVFfe0gImuQycC+aXbywJ1hF8vY PHrgcn+NrGRj4wZHNvay1JssiTDL2c5iVbPd8myWQEva0kpWtKg1nWlXy9qtpva1nGttedwh2y9p wfa2uGVpbXfLW9j0IYSecFFuedRbCA33uHgrrnKXu1Dk2ugRzo0uvOgh3YFAI1/MXVB1eZrd7nr3 u+AN76C2WyPxmtdo5E2venF53va6F5Prje8E30vfkMn3vjOrr34Jht8K7fe//AoIACH5BAAVAFkA LAAAAABgAswBBwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmT KFOqXMmypcuXMGPKnEmzps2bOHPq3GnTns+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq 3cq1q9ekPMOKHUu2rNmzaEF+Xcu2rdu3cOPKnUu3rt27ePPq3cu3r9+/gAMLhpu2sOHDiBMrXsxx sOPHkCNLnky5suXLmDNr3sy582DGoEOLHk26NEzPqFOrXs269V3TsGPLnk27tu3buHP/A6O7t+/f wIMLH37TtfHjyJMrV068ufPn0Esvn069uvXr2LNr3869u/fv4MOL/x9Pvrz58+jLR1/Pvr379/Dj y59Pv779+/iBp9/Pv7//rvkFKOCA7P1n4IEIJqjgggw2+B+BEEYoYW4OVmjhhdZNqOGGHIKG4Ycg hijiiCSWaKI9Haao4oostujii9GdKOOMNNZo44045qjjjjz26OOPQAYp5JBE5gXjkUgm6VGRTDbp 5JNQRinllFRWWdR75iip5ZZcdunllzRZKeaYZJZp5plopqmmZWC26eabcMYp53xr1mnnY3Pmqeee fPbp55+ABgronYQWypegiCZ6m6GMNjqXopBGKp2jlPKITqWYZqrpppwqKOmnoL63QaiklppRp6im quqqrIJl6quwxv8q66y01mrrrbjmOmirvPbq66+E6irssBQBa2yjxCar7LLMNuvss9BGK+201FYr 6bHYZqvtttx26+234Ib7l7XkmiruuU4KJ0y57DKG7rtEtisvpPDWa++9+HY2776C5uvvvwAHLPDA BBdssGf8JuznwQwzqPDDEEcscW8NVwzUORZnrPHGHGc38ccghyzyyCSX2/HJKKes8sost+zyyzAH XPLMNNds880456zzzi/F7LNxPAct9NCGKZDnz0gnrfSQRDft9NPzLi311FTPCPXVWGedEQBcA6D1 16V1LbbXkVaN49hmp6322mxvpSsQYMct985t12333d7NrTdsePf/7fffx+0t+GiAF84WgQ0Mrvji jDfu+OOQRy65vIZXDuDkmGeu+XqWd+75531tLnpMoJce1eiop6766qy37vrrsMNq+uy012777bjn /mjsvPfue0u6B4/i78QXb/zxyCev/ErCN+88wE88L33oy1c//fXYZ6890tV37/334Icvfurbl2/+ +egXPH7x6bfvfsrrxy///PRjTdUL78Nc//789+8/yPkLoACzE4gBGhA7/0ugAod2QLstkHwNbNsD URfBCqIrHQac4OgsuDYNevCDIAyhCEdIwhKaMIEcVNsJV8jCFrowQCmMoQxnSEMTvfCGOMyhDnfI wx768Ie+OYdi/2ooNSAa8YhITKISj0fEJjrxiVBUzxKJFsUqWrFMU8yiFjd0xZdt8YtgDGMYu0jG MprxjGhMoxqxJcY2utE9a+zYG20WR47N8Y54DE4do9IBeIVPHsbboyAHSchCGvKQiEzkIPPIyEY6 8n+KJNgjQxbJgU3ykpgs1y42yclMkouToPSkKEdJylK6sZIC0yEk5IZKmZnylbA8TStnSctati+W uMylLu1ny3vtkly99OUvqxXMYhpTM8NMpjKXScljOvOZ0IymNB/ETGhN81vVzKY2D3JNb22zWd0M pzjHSc5yYuabzDKnOtcplZsAA51IYqc8/dWIOsFTWfPMpz73af+seyaLnwANqEAVaYmBns6fCE2o QhfK0IZqyYLJUKFDa2VQTk30oh0hAg8rytFuYnRWHQ1pND8qK5FWiqQonaNJKZXSV630pTCN6Y1a ai6Z2lSRNC3VTXd6yJz69KdADWrreErUohp1P0JNqlJLZQgXHvWpaFyqVKdK1apa1TcOqB9UzXTV hW2VTF0NKwi/ClaxmvWsaE0JWdcKOgHoJa1wjWtDW8ETttqViHJ9012plFc37fWvKeyrYAdL2MIa 9nuAjdJhF8tYsSb2sZCNbF0aS9nYSfayt6wsjDAbL8169rMt5axoR0va0po2gHrjGmhbpNoWKo1r cYzGxmB7Wh5p0XZHWDDtbWubo93y9ka+Re1qV/RbHQ2XuMXF0XFVlNzmVogPT1qudKe7TefaiLpc tK52C4ddDW3Xat2V0HfHi7fwmve86E2vWsjL3va6973wja8T1UvfilChvvhdrnw/lN/77Pe/MQsI ACH5BAAVAFkALAAAAABgAswBBwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8eP IEOKbGivpMmTKFOqXMmypcuXMGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0KMyRSJMqXcq0qdOnUKNK nQoyHNWrWLNq3Qq1BdevYMOKtWi0rNmzaNOqXcu2rdu3cOP6HEu3rt27ePPq3cu3r9+/gAMLHky4 sOHDiBMrXnxVruPHkCNLnky5suXLMRlr3sy5s2fPmEOLHk26tOnTqId+Xs26tevXsGPLnk27tt/U uHPr3s27t+/fwIMLH068uG/byJMrX97ZuPPn0KNLl868uvXr2O9O3869u/fv4MOL/x9Pvjzu7OjT q1/Pvr379/Czmp9Pv7796PHz69/Pv7///wAqdt+ABBZo4GgBJqjgggw26OCDEP5z4IQUVmjhWRFm qOGGTl3o4YcghijiiCSWaOKJKKao4ncctujiizDGKOOMSK1o44045qjjjjyWl0qPQAYp5JBEFmnk kUgmqeSSTDbppIk0RiklQeVw+OSVWAI55ZZcRpjll2CGKeaYZFLX5Zlopqnmmmy26eabcMYp55x0 1mnnnXjmqad7Zfbp55+ABirooIQWauihiCaq6KKMjrfno5Dy1eiklFZq6aUERqrppmNh6umnanEq 6qiklmrqqaimquqqrLbq6qtoFv+5Aai0BgfrrbjmquuuvPbKaq3ABtuTr8QWO5spxiarl7DMNuvs s9DypOy0kEZr7bXYZqvtttwuSu234IYrboDdlmvuueimq+66Fo7r7pvsxivvvPS2+66U1Nyr7778 9utva/UGHOa/BBds8MF1iceMwAxbthkdCEcs8cQUV2zxxRhnrPHGHHesasMghyzyyCSXbPLJKKes 8soueewydizHLPPMNNds880XEoDzzjz37PPPQAct9NBEF2300UgnrfTSTDct3MtQM+f01Lk9BEzU WHNG9dan5RdL1mCHLfbYZCN2C2Jcp41g2bApw/bbcAOm9tyXxW333XjnrffefPf/TRHdgJf7TuCE F2744YgnrvjijDvs9+N0NS65UJBXHtbkmGeu+eacp2b556CHLvropJdu+un7dq66TKi3HtLqsLfs euVSzG777bjnrvt1sfeu0u7ABy+8Rr4Xb/zxyBs//PLMN69Q8r077zz01MdlS/WrX499ymPZIn3z 3n9vMWbab19yXeGLP7Fo5Zvv/vvwx3/lJ8Oqb//9+Oev//789+///wAMoAAHSMACzkZ+CExg0QxI OgUyjoEQjGDEHLg4CYKOgoqz4OcwyMEOevCDwNKg5UBIOBFWjoQoTGG9TMjCFk5LhXNzoQxnSMMa LgiGOMyhDnfIwx76sIc2DKIQ/031wyIa8YhIpM8Ql8jEJjrxiVCMohSnSMUq2iWJR+PSIKzIxSVi 8YtgBFQXXxbGoY3RZWVMoxrXyEbJnJFOcRhMG3v2xo7NkWd15Ngdd5bHPvpRP3sMpCBv9MdCGvKQ iEykIhfJmEE68pEkYqQkJ7kaSMqMkpjMpIAsyclOevKToAylKEcJPU36i5QkM2W/UDkyVbrylXth pchgScta2nKDsgTZLXfJS6nkUiXzkFcvv/XLhg3zmMiUyBWSycxmarAI/SumNKfZNWf6iportGav sMnNbk5Gm+AMpzhf6E12jfOc4yynOdHJzna6s1TqjKc806I3QMxwnuh6pz73yf9PO+HznwANqEAH Cpd+GvSgCE1oEwmqLYVCDWIOjQ9DJ0rR30WUUxW11kUxmtGOMnSjIC2kR58V0kiN1FklrdZJmZXS R630pTCNaaFauieZ2pSaNM2pTnfK077dFFQ9DaoXf+opoRr1qEi9TbkUgM+kOvWpUOUKUYsa1apa 9apYzapWt9qpqXpVlFyd0lfH+smwmvWsaBUIWSmVVhmtdVJtjatcofrWutr1rhSaq15th9dE7dVK fT3UXwdL2JAG9rBhLKxiF3tQxM6UsZCNrGQnuyzHWtaIlM2sZofpVQAAoFIJ9exm9eNZAIw2P6I9 bXxSi6qRlvayffIsSsdpWlh8wTZQWGsFFW8rRtXuh7fADa5wh0sv3/6WuMjFoHGXy9xDJve50H1L BaJLXS019z3VvdJ1sZvd7pZyu+CVmHebFF72jJdJ5V0PNj8rTFjWNr3oeS98ryNfhuRgvrCpL373 y9/+UoUtnjivgM3o3wIbOIADTtKBlZPgBnMuIAAh+QQAFQBZACwAAAAAYALMAQcI/wDtCRxIsKDB gwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyBDihxJsqTJkyhTqlzJ8iKxljBjypxJs6bNmzhz 6tzJs6fHf0CDCh1KtKjRo0iTKl3KtKnTp1CjSp1KtarVq1izat3KtavXr2CX+hxLtqzZs2jTql3L tq3bt3DjyvUZtq7du3jz6t3Lt6/fv4ADZ51LuLDhw4gTK17MuLHjx5BjCp5MubLly5gza97MubPn z6BDix5NurTp06hTq17NuvXqyLBjy55NW7Lr27hz697NG3Dt38CDCx++sLfx48iTK1/OvLnz59Cj S59Ovbr169iza9/Ovbv37+DDi/8fT768+fPo06tfz769+/fw48ufT7++/fv48+vfz7+///9TEQfb EQIWaOCBCCao4IIMNujggxBGeBiAFFZoIVcSZqjhhhwidOFnWnwoonUdNqZFiSimqGKBJ67o4osw PtZijDS6OKJnId6o444j5sjjj8bVSNiMQhZp5JE8EYnkkgwCqZmPTkbZGpNuKUnllVhmqeWWL0rp 5ZdghinmmGSWaeaZUnGp5ppsKoTmm3BC1+acdNZp55145qnnnnzWFuefgAYq6KBh9mnooYgmquii OBHq6KOQRiopfIxWaulsk2aq6WSXduopY5uGKuqopJZqaqSPnNrdp6y26uqrsMb/KuustE6k6q24 PlXrrrzaluuvwAYr7LBD9WrssSYRq+yyzDbr7LPQAonstNRWOysF1mar7bZxRevtt+CG6x+35JZr 7rno2iPuum+m6+678MYr77z01mvvvQuyq2+Z+Pbr778AByzwwAQXjO++CCes8MIMN+zwwxBHLPHE FFccrcEYz2nxxhx37PHHIFOY8cgkl2zyWCGnjN7JLPcrQcvT/vGbyjSTB/PNOOesc0U19wzezkAL bEfQRBdt9NFIB+3z0kw37WzSUB/o9NRUV21q1FhnrfXWXHd9ktVghy32oF6XbfbZaKet9dhs86b2 23DHLffc/rZt991480j33nz3/51i3oBfRkPghLvt9+GIJ55g4YyDpvjjMzUuOWeQV97S5JhjZvnm nHfu+eegh75k5qSXbvp0oqeu+uowne7667DvxvrstNf+U+y4g2X77gnlXh8tvgcPLu/EF2/88cgn r/zyrAvv/FXM1/789NRXb/31lEVPO/bcd+/99+CHL75S2s8+fvflN3/++ipzwv778GOV/vz00x0/ 9fXnr//+/Pfv//8AZNP9phfAAhowQYRA0QCfd8AGOrBgC4zgl/wgwQpaMDUPzKAGN8jBDnrwgyAM oQhHSMISKvCCKEyhClfILBO68IUwjKFiWEjDGtrwhpKSoQ53qCcc+lBHofihEP+HSMQiGvFZPMza EZfIRFUl8YlQjKIUv9ZEu03xiljMoha3yLUqWpGLEnrJhrz4H2IQg4xsOyMaxWZG84DxjXBs0hrD FsebzZGOdYRRO/LIxz768Y+ADGSvmHHAO4JNkBkzpNUQychGvkWRVXOkJCdJyUpa8pIehCTVMMnJ Tq5Ek6AMpd48WS9RrjAaphQUKVfJyo+k0metlNcrZ0nL/MQyXrXMpS4pdct37fKXwAxmKnvpS2Ea 03eDO6Yylwk7YrqLmRNz5kyKYSdoSkya6LJmxLAJk2Rwc4raDKc4ZfdNT0KgnB4apzrXyU7roZNb 7YwnUiohz3ra855gUQRp3sn/z376M1b4DKhA+eIQOvzzVQP91kEXytCG8imhEI2oRCdK0YqKzaHG suiyMMrRjnqUShpV1kdplZlkhvSkKE2pSuc40paCcaW/cilAYYormcKKpjW1qatwytOe+vRPOg2q UIc6nJ8aNZ5E9dRRl6rOpHaKqaFy6qWguimpWoqqmrKqVkOI1UxtdVFdDaswv6oosZp1l2RNq1p3 4ouvnvWttFyrXOdKV5XAlVB1zate98rXvnbwroANpV8Hm7zAGlaRhG3TYYEqzQYkloeLjdNj1xTZ ylZxsmqyLJowyyXNnomzW/KsaIcIWi2N9rRAIgNjS8taz6H2tbCNrWyD1drag9rWpbOV0m13y9ve +hYxuQ3uAH8rJOEa933ErdFxR5lcGC33ueFrrnTRBt0bTfe62M2udrfL3e7GTQzFra6IvEteoIl3 vOVNrx3PeyH1Soi97XUvhOBrIdYB4L4AkK+B8Itf/e73vvqjb4X8S+AC08obGhOwgmNn4HwteFxr OUGDTxIQACH5BAAVAFkALAAAAABgAswBBwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq 3Mixo8ePIEOKbPivpMmTKFOqXMmypcuXMGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0 qdOnUKNKnUq1qtWrWLNq3cq1q9esI8OKHUu2rNmzaNOqXcu2rdu3cOPKnUu3rt27ePPq3cu3r9+/ gAMLJvi1sOHDiBMrXsy4sePHkCNLnkz56+DLmDNr3sy5s+fPoEOLHk1ab+XTqFOrXs26tevXjKnA nk27tu3buHPr3s2ztO/fwIMLH068uPHjaQEAQE6at/Pn0IMqj069uvXrtKdjr8y8u/fvG5eD/2++ vbz58+jTq1/Pvr379/Djy59Pv779+9HH69/Pvz9w/AAGKGBu/hVo4IEIJqjgggw26NALvg0o4YQU VmjhhRhmqOGGHHbolIMghijiiCSWaOKJKKao4oosHufhizDG2FOLNNZoo2cy5qjjji3d6OOPQAYp 5JBEFsjjkUjmWOSSTDbpUZJQRqmhk1RWaaVDUmap5YBXdunll2CGKSaQW5Zp5nxjpqnmmmy26WZw Z8Ypp3pv1mnnnXjmqWdZc/bp55+ABirooIQWat6eiCYKp6GMNhqZopBGCpqjlFZq6aWYyifpppx2 6umnNWYq6qhSgWrqqXKRquqqSaHq6qtpsf8q66xAwWrrrSPRquuuvPbqq1C4BiusRr8Wa2xJwyar bETHNuvss9Bmuuy01FZr7bUHRastqdh26+234Ha67biYhmsuqkheQe667LZr7LnwxivvvE26a6+g 9Oar7778jnjvvwAHjOE7tPZr8MEIJ6zwwgxTJPDDWzYssZMQVxzlxBhnrPHGa1ns8ccghyzyyOty bPLJKKes8spLkuzyyzDHLPPMNNdsc6ks56zzzhjf7PPPQJPM89BEF51v0EijZ/TSTDddbdJZLsGr 01RXbfVleSzocxo35+E1e1cr7HXWYZf9mddmp83Z2Gq3jRnaJ0It93Vu12333UTOrffefPf/7fff gAcu+ODF4m344YijSPjiqCXuOMJ3PC755JRXbvnlmGeueV2Mdz7Z5qCHFHQZntsW+ukdla56Y6i3 ntHqsCfm+uwVxW57YbTnzizftmBVz+3AB0+Z7sQXb/zxyG8k/PLMN+/88xsmL/301FdfPPStVYP9 9tx37/1N1ocvfujfl2/++VWNrzv67Nukfu7txy/T+/TXj7j8+LsUZhb235j//wAMoAAHSMACGvCA CEygAoXXP9Qt8IEQtF0DTxdB803wghh0WgXLl8EOYksfHgyhBzf4PRGibhcmxBtWfEDCFrrwhTCM oQxnSMMa2vCGOMyhDnfIwx5yKYWT8+Hq/4AYRCEa8YhTI6ISl8jEJjrxiVCMouiQuKUeUPGKWMyi FqElxS568YtgDKMYx2i8LZrxjGhMY+PIyMY26ilLUFCjHNPoxqrN8Y543FEdqZbHPvrxj4Cs1R6b FsifAXECkiukIhfJyEY68pGQjKQkeegHnw3ykpjMpCbdMslOerKAtPhkVahAStmIclZhKWUpN0k0 VZKSldSaCilPCRkK0LKHsOTZLT2Wy1768pfATMguh0lMxwTzmMhM5iWL+TBlmoyZ0IxmV5zJMWla 01G1uKY2t/k/anrzm8zhpjjHWRRwmvOc6EynOu1Ezna6851CM+c61knPetrznvjMJTz3yf/Pftor nwANqEAHSlAX+fNdBU2oQheas4M69KEQjWg7GWouiVp0nBTNqEYnctGOevSjIA3kRkdK0pKa9KQo PVdIV8rSlrr0pTCNKVS4IVOXhu0MKc2pTnfK05769KfGqalQCwnUohr1qF8aqqOQytSmOvWpGVRq oywSD6ha9YtSzeodryourXoVjVzl1FfHStayriasmzKrWo2I1ra69a1wNdxa58rDuNr1rnjN687o Kie93omvcfIrOwFrJsHWibCFNaybEMtYGCr2sSZsrJYgS9kOSjZLlVXTZaWU2c72b7MX82yYQEva 0pr2tGUS7WhRy9r8qXZFtnhda2X0KkR7FnW2uM2tbs1UgJe+9rfV261wuQfc4iZvuBwyrpWQ27xw IFe50F0fczMU3eq6brrUtW7LsMtdCWq3SN0Nr3jHS17DfBe85RXQefOW3va6973wBdZ6hRTf+iJt vvjNr373y1962Zc+/bXRf9EU4AIb+MAITrCCjzdg+QQEADs= ------=_NextPart_000_0004_01C6F204.846C7850-- From jhjhi@yahoo.co.jp Tue Oct 17 06:32:51 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZmFf-0000QU-Sh for dnsext-archive@lists.ietf.org; Tue, 17 Oct 2006 06:32:51 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZm8Q-0004tc-KE for dnsext-archive@lists.ietf.org; Tue, 17 Oct 2006 06:25:22 -0400 Received: from [218.24.127.5] (helo=lists.ietf.org) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1GZm8O-0006yY-N5 for dnsext-archive@lists.ietf.org; Tue, 17 Oct 2006 06:25:22 -0400 To: From: =?iso-2022-jp?B?amhnamg=?= Subject: =?iso-2022-jp?B?GyRCJCo1Uk1NJFgbKEI=?= MIME-Version: 1.0 Reply-To: Content-Type:text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit X-Spam-Score: 4.3 (++++) X-Scan-Signature: 7aefe408d50e9c7c47615841cb314bed $B$3$s$K$A$O!#(B http://livein21th.com/zze/ $B$$$/$<$/$k$<$+$i$N$*CN$i$;$G$9!#(B $B%3%_%e%K%F%#$r9-$2$k$-$C$+$1:n$j$K$J$k>pJs$r$*FO$1$7$^$9!#(B From owner-namedroppers@ops.ietf.org Tue Oct 17 18:23:45 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZxLd-0003Rj-Dw; Tue, 17 Oct 2006 18:23:45 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZxLb-0006Jn-Tb; Tue, 17 Oct 2006 18:23:45 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZxEn-0007bF-Jf for namedroppers-data@psg.com; Tue, 17 Oct 2006 22:16:41 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,HEADER_SPAM autolearn=no version=3.1.5 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZxEm-0007at-C9 for namedroppers@ops.ietf.org; Tue, 17 Oct 2006 22:16:41 +0000 Received: from mail.ogud.com (localhost [127.0.0.1]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9HMGVSd073817 for ; Tue, 17 Oct 2006 18:16:31 -0400 (EDT) (envelope-from namedroppers@mail.ogud.com) Received: (from namedroppers@localhost) by mail.ogud.com (8.13.1/8.13.1/Submit) id k9HMGVOR073816 for namedroppers@ops.ietf.org; Tue, 17 Oct 2006 18:16:31 -0400 (EDT) (envelope-from namedroppers) Received: from [192.94.214.100] (helo=nutshell.tislabs.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GY7BZ-0007Mj-4P for namedroppers@ops.ietf.org; Thu, 12 Oct 2006 20:29:45 +0000 Received: (from uucp@localhost) by nutshell.tislabs.com (8.12.9/8.12.9) id k9CKSPem009334 for ; Thu, 12 Oct 2006 16:28:25 -0400 (EDT) Received: from pecan.tislabs.com(10.66.1.30) by nutshell.tislabs.com via csmap (V6.0) id srcAAAi_ayfs; Thu, 12 Oct 06 16:27:31 -0400 Received: from spx.vb.futz.org (localhost.tislabs.com [127.0.0.1]) by pecan.tislabs.com (Postfix) with ESMTP id 9B4333F4B0 for ; Thu, 12 Oct 2006 16:08:07 -0400 (EDT) Date: Thu, 12 Oct 2006 16:09:06 -0400 From: Robert Story To: IETF DNSEXT WG Subject: Re: WGLC on rollover-requirements and trustudpate-timers Organization: SPARTA X-Mailer: Sylpheed-Claws 2.4.0 (GTK+ 2.8.20; powerpc-redhat-linux-gnu) Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_DIy8_jHgop9JpMDrqJa1v=T"; protocol="application/pgp-signature"; micalg=PGP-SHA1 Message-Id: <20061012200807.9B4333F4B0@pecan.tislabs.com> X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.1 (/) X-Scan-Signature: 2ed806e2f53ff1a061ad4f97e00345ac [ Moderators note: Post was moderated, either because it was posted by a non-subscriber, or because it was over 20K. With the massive amount of spam, it is easy to miss and therefore delete relevant posts by non-subscribers. Please fix your subscription addresses. ] --Sig_DIy8_jHgop9JpMDrqJa1v=T Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable OMK> On 25Sep 2006, at 10:00 PM, Olaf M. Kolkman wrote: OMK> > This message starts the working group last call for two documents OMK> > OMK> > draft-ietf-dnsext-trustupdate-timers-04 OMK> > Automated Updates of DNSSEC Trust Anchors Sorry for the late review. I have read this draft, and I support it going f= orward, but I think a few things need to be addressed before sending it on. 2.3. Remove Hold-down A new key which has been seen by the resolver, but hasn't reached it's add hold-down time, MAY be removed from the DNSKEY RRSet by the zone owner. I think this 'MAY' should be 'may' (or could) since it is talking about the= zone operator and not the resolver. Actually, the sentence should probably= be stricken entirely, and the next sentence reworded: If the resolver sees a validated DNSKEY RRSet without a new key that has not reached it's hold-down time, it waits for the remove hold-down t= ime and then, if the key hasn't reappeared, SHOULD discard any information a= bout the key. Also, I don't see this represented in the state table in section 4. That table shows a new key that hasn't reached it's hold-down time ('AddPend' state) transitioning back to the 'Start' state for missing key ('KeyRem' event). Maybe the state chart should have a 'KeyRem' event transition an 'AddPend' key to the 'Removed' state. 4. State Table This table shows the 'Revoked' state requiring a 'RemTime' event for a key to transition to the 'Removed' state. Section 2.1 clearly states that revocation is immediate, with no timer involved. With this event remove, the 'Removed' state has no data in any column. Is this state needed? 4.1 Events RemTime A revoked key has been missing from the trust point DNSKEY RRSet for sufficient time to be removed from the trust set. Again, Section 2.1 states that a revoked key is removed immediately & permanently. There is no mention of any timer. 4.2 States Missing ... [Discussion item: Should a missing key be considered revoked after some period of time?] Wasn't this resolved? If so, the comment should be removed. If it was resolved, as indicated in Mike's 7/27 response in the " 3 comments on timers-03" thread, by not having a missing key eventually be re= moved, then I don't see a way to ever purge a missing once it's been accept= ed. I suggest allowing this to be done manually by adding some wording some= where (5. Trust Point Deletion?). Something like: If the resolver sees a validated DNSKEY RRSet that does not contain an existing trust point key, it MUST NOT discard they key. The key MAY be removed manually by the resolver operator [after 180 days?]. 5. Trust Point Deletion Alternately, a trust point which is subordinate to another configured trust point MAY be deleted by a resolver after 180 days where such trust point validly chains to a superior trust point. First, I think the word 'Alternately' should have been removed when the 2 preceding paragraphs (in the 03 version) were moved to another section. Second, I have trouble parsing this sentence. Does 'such trust point' refer to the 'subordinate trust point' or 'another configured trust point'? Should 'a superior' be 'the superior'? 6. Scenarios - Informative The scenarios in this sections are inconsistent with respect to how much detail they specify about for new/revoked keys. For example, 6.1 is the only section that says to set the SEP an Zone key bits on a new key. 6.6 is the only section that talks about sending updated DS records to the parent zone. I suggest inserting a new section before section 6.1: 6.1 Zone Key Manipulations 6.1.1 Creating a new Zone Key [text on creating a new key, setting bits, providing updated DS] 6.1.2 Revoking a Zone Key [text on setting revoke bit, clearing SEP bit (see my comment on section 6.2 below, and providing updated DS] Then each scenario could reference these sections. e.g. "Create a new zone key as described in section 6.1.1." 6.2 Deleting a Trust Anchor Shouldn't the SEP bit be cleared when a key is revoked? That way a resolver/operator which doesn't implement timers and doesn't understand the revoke bit shouldn't configure a known compromised key as a trust point. --=20 Robert Story SPARTA --Sig_DIy8_jHgop9JpMDrqJa1v=T Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFLqDn7/fVLLY1mngRAhE6AJ9IRflRRMDsaxQD3fsqT3wF/vo5sACfQl57 wGcpr+1BnIB7rjjLstwlZ4k= =tpg3 -----END PGP SIGNATURE----- --Sig_DIy8_jHgop9JpMDrqJa1v=T-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 17 18:23:50 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZxLi-0003cJ-Ec; Tue, 17 Oct 2006 18:23:50 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZxLh-0006K9-1J; Tue, 17 Oct 2006 18:23:50 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZxDg-0007F4-UC for namedroppers-data@psg.com; Tue, 17 Oct 2006 22:15:32 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_00,HEADER_SPAM autolearn=no version=3.1.5 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GZxDf-0007Dk-CL for namedroppers@ops.ietf.org; Tue, 17 Oct 2006 22:15:32 +0000 Received: from mail.ogud.com (localhost [127.0.0.1]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9HMFMli073808 for ; Tue, 17 Oct 2006 18:15:22 -0400 (EDT) (envelope-from namedroppers@mail.ogud.com) Received: (from namedroppers@localhost) by mail.ogud.com (8.13.1/8.13.1/Submit) id k9HMFM7B073807 for namedroppers@ops.ietf.org; Tue, 17 Oct 2006 18:15:22 -0400 (EDT) (envelope-from namedroppers) Received: from [157.185.61.2] (helo=M4.sparta.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GXNag-0009mq-IF for namedroppers@ops.ietf.org; Tue, 10 Oct 2006 19:48:39 +0000 Received: from Beta5.sparta.com (beta5.sparta.com [157.185.63.21]) by M4.sparta.com (8.13.5/8.13.5) with ESMTP id k9AJmMJ9030244; Tue, 10 Oct 2006 14:48:22 -0500 Received: from nemo.columbia.ads.sparta.com (nemo.columbia.sparta.com [157.185.80.75]) by Beta5.sparta.com (8.12.11/8.13.1) with ESMTP id k9AJmLIn019583; Tue, 10 Oct 2006 14:48:22 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: WGLC on rollover-requirements and trustudpate-timers Date: Tue, 10 Oct 2006 15:48:19 -0400 Message-ID: <5ABE30CE099A524CBF95C715D37BCACCA50C35@nemo.columbia.ads.sparta.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: WGLC on rollover-requirements and trustudpate-timers Thread-Index: Acbg4A2CIo0OQOBeRKuezspV2Lp1iwLwxyYg From: "Griffin, Wesley" To: "Olaf M. Kolkman" , "IETF DNSEXT WG" Cc: "Mike StJohns" , "Suresh Krishnaswamy" X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e8a67952aa972b528dd04570d58ad8fe [ Moderators note: Post was moderated, either because it was posted by a non-subscriber, or because it was over 20K. With the massive amount of spam, it is easy to miss and therefore delete relevant posts by non-subscribers. Please fix your subscription addresses. ] > -----Original Message----- > From: owner-namedroppers@ops.ietf.org=20 > [mailto:owner-namedroppers@ops.ietf.org] On Behalf Of Olaf M. Kolkman >=20 > This message starts the working group last call for two documents >=20 > draft-ietf-dnsext-rollover-requirements-03 > Requirements related to DNSSEC Trust Anchor Rollover >=20 >=20 > draft-ietf-dnsext-trustupdate-timers-04 > Automated Updates of DNSSEC Trust Anchors >=20 > The documents and their history can be found at: >=20 > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-rollover-req > uirements/ > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-trustupdate-timers/ I have reviewed both of these documents and support both of them advancing. Here is my evaluation of how timers fills the requirements: 1. Scalability - yes. 2. No IPR - I'm not sure about this one as well. 3. General Applicability - yes. 4. Private Networks - yes. 5. Stale Trust Anchor Detection - yes, but like Scott says, it depends on how many revoked keys the zone administrator chooses to keep around. 6. Manual Operation - yes. From my interpretation of the requirement, this applies to the resolver administrator. As such, timers-04 does not prevent a resolver admin from manually performing a 'rollover' of the configured trust anchor. 7. Planned and Unplanned Rollovers - yes. 8. Timeliness - yes. 9. High Availability - yes, but again, as long as the zone is reachable. 10. New RR Types - I'm happy with the revoke bit. 11. Maintenance Operations - yes. 12. Recovery from Compromise - yes. 13. Non-degrading Trust - yes. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 19 01:13:13 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaQDQ-0006a6-U9; Thu, 19 Oct 2006 01:13:12 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaQDJ-0001ee-JO; Thu, 19 Oct 2006 01:13:12 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaQ6O-000NuK-11 for namedroppers-data@psg.com; Thu, 19 Oct 2006 05:05:56 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.5 Received: from [81.200.64.181] (helo=shell-ng.nominum.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaQ6L-000NtM-2R for namedroppers@ops.ietf.org; Thu, 19 Oct 2006 05:05:55 +0000 Received: from STJOHNS-LAPTOP2.nominum.com (shell-ng.nominum.com [81.200.64.181]) by shell-ng.nominum.com (Postfix) with ESMTP id 152525687C for ; Wed, 18 Oct 2006 22:05:51 -0700 (PDT) (envelope-from Mike.StJohns@nominum.com) Message-Id: <7.0.1.0.2.20061019010425.092f3008@comcast.net> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Thu, 19 Oct 2006 01:05:36 -0400 To: namedroppers@ops.ietf.org From: Mike StJohns Subject: FYI: Fwd: I-D ACTION:draft-stjohns-dnssec-sigonly-00.txt Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17 >From: Internet-Drafts@ietf.org >Date: Wed, 18 Oct 2006 15:50:02 -0400 >Subject: I-D ACTION:draft-stjohns-dnssec-sigonly-00.txt >Precedence: list >Reply-To: internet-drafts@ietf.org > >A New Internet-Draft is available from the on-line Internet-Drafts >directories. > > > Title : Signature-Only DNSSEC: A Simplified Approach > Author(s) : M. StJohns > Filename : draft-stjohns-dnssec-sigonly-00.txt > Pages : 21 > Date : 2006-10-18 > > > Work on the DNS Security Extensions (DNSSEC)( [RFC4033] et al) has > been in progress for close to 15 years and DNSSEC is still not > "mature" enough to be considered complete. A substantial issue is > the complexity of the system. This document describes a simplified > version of DNSSEC that can co-exist with the current protocols, but > with characteristics such that the author believes it can be > implemented and deployed with much less effort. > > >A URL for this Internet-Draft is: >http://www.ietf.org/internet-drafts/draft-stjohns-dnssec-sigonly-00.txt -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 19 03:16:34 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaS8n-0005VF-Rw; Thu, 19 Oct 2006 03:16:33 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaS8f-0000jN-7l; Thu, 19 Oct 2006 03:16:33 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaS41-0000nC-TA for namedroppers-data@psg.com; Thu, 19 Oct 2006 07:11:37 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaS40-0000lS-3X for namedroppers@ops.ietf.org; Thu, 19 Oct 2006 07:11:37 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::53]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9J7BQVc077248; Thu, 19 Oct 2006 09:11:26 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) In-Reply-To: <7.0.1.0.2.20061019010425.092f3008@comcast.net> References: <7.0.1.0.2.20061019010425.092f3008@comcast.net> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-3-398573930" Message-Id: Cc: namedroppers@ops.ietf.org Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: FYI: Fwd: I-D ACTION:draft-stjohns-dnssec-sigonly-00.txt Date: Thu, 19 Oct 2006 09:11:23 +0200 To: Mike StJohns X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 82c9bddb247d9ba4471160a9a865a5f3 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-3-398573930 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 19Oct 2006, at 7:05 AM, Mike StJohns wrote: >> >> >> Work on the DNS Security Extensions (DNSSEC)( [RFC4033] et al) has >> been in progress for close to 15 years and DNSSEC is still not >> "mature" enough to be considered complete. A substantial issue is >> the complexity of the system. This document describes a >> simplified >> version of DNSSEC that can co-exist with the current protocols, >> but >> with characteristics such that the author believes it can be >> implemented and deployed with much less effort. >> >> Mike has a slot on the agenda to talk about this. --Olaf ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-3-398573930 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFNyUctN/ca3YJIocRAmD/AJ995S3P6WUymGUPqjzxfVwVrHxdpQCgwnzl 1j11ij1TQwSzHc8DWL+zd7M= =VpbZ -----END PGP SIGNATURE----- --Apple-Mail-3-398573930-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 19 03:26:06 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaSI2-0006so-Jr; Thu, 19 Oct 2006 03:26:06 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaSI1-0002Vd-Bn; Thu, 19 Oct 2006 03:26:06 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaSFN-0005mV-Jn for namedroppers-data@psg.com; Thu, 19 Oct 2006 07:23:21 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,OPTING_OUT_CAPS autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaSFM-0005lE-OV for namedroppers@ops.ietf.org; Thu, 19 Oct 2006 07:23:21 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::53]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9J7NEE7078182 for ; Thu, 19 Oct 2006 09:23:14 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) Mime-Version: 1.0 (Apple Message framework v752.2) In-Reply-To: <452D0295.2010207@verisignlabs.com> References: <452D0295.2010207@verisignlabs.com> Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-4-399279379" Message-Id: Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Re: NSEC3 Issue 27: creating a flag octet. Date: Thu, 19 Oct 2006 09:23:09 +0200 To: IETF DNSEXT WG X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-4-399279379 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 11Oct 2006, at 4:41 PM, David Blacka wrote: > During the last NSEC3 workshop in September, the following suggestion > was made: > > Create a single octet in the wire format of both the NSEC3 and > NSEC3PARAM records dedicated to flags. Only one flag would be > defined > initially, the Opt-Out flag. > I am not sure if this particular thread reached closure, if Roy's proposal doesn't get pushback and Alex' head is not blown off I propose Roy's proposal to have the itterations fields reflect the power of two be reflected in the draft. I would hope we can have a last-callable rev before deadline[*]? --Olaf [*] October 23, Monday - Internet Draft final submission cut-off by 09:00 ET (13:00 UTC/GMT) --Apple-Mail-4-399279379 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFNyfetN/ca3YJIocRAqh8AKCger4VGBWMWOKvZMBAAfMkQnBrUACgykQp S/SsoCJgM+swy47MEGx5ZRU= =+y3f -----END PGP SIGNATURE----- --Apple-Mail-4-399279379-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 19 04:12:30 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaT0w-0002Q5-B9; Thu, 19 Oct 2006 04:12:30 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaSzx-0002IV-Bi; Thu, 19 Oct 2006 04:11:30 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaSws-000Iqq-2k for namedroppers-data@psg.com; Thu, 19 Oct 2006 08:08:18 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaSwq-000IqU-UB for namedroppers@ops.ietf.org; Thu, 19 Oct 2006 08:08:17 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::53]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9J883ph082572 for ; Thu, 19 Oct 2006 10:08:03 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) Mime-Version: 1.0 (Apple Message framework v752.2) References: Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-7-401967380" Message-Id: Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Fwd: Last Call: 'DNSSEC Lookaside Validation (DLV)' to Informational RFC (draft-weiler-dnssec-dlv) Date: Thu, 19 Oct 2006 10:07:56 +0200 To: IETF DNSEXT WG X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 25620135586de10c627e3628c432b04a This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-7-401967380 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed FYI... There is an IETF last call for a individual submission document that is related to work in this WG. --Olaf Begin forwarded message: > From: The IESG > Date: 18October 2006 6:24:22 PM GMT+02:00 > To: IETF-Announce > Subject: Last Call: 'DNSSEC Lookaside Validation (DLV)' to > Informational RFC (draft-weiler-dnssec-dlv) > Reply-To: iesg@ietf.org > > The IESG has received a request from an individual submitter to > consider > the following document: > > - 'DNSSEC Lookaside Validation (DLV) ' > as an Informational RFC > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send any comments to the > iesg@ietf.org or ietf@ietf.org mailing lists by 2006-11-15. > > The file can be obtained via > http://www.ietf.org/internet-drafts/draft-weiler-dnssec-dlv-01.txt > > > _______________________________________________ > IETF-Announce mailing list > IETF-Announce@ietf.org > https://www1.ietf.org/mailman/listinfo/ietf-announce ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-7-401967380 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFNzJetN/ca3YJIocRAjc9AKCqJLP7naENkSXlvKomX/Z9eIThBQCffbkm FNrC40JnLnheeU5i/2hty6g= =1wxD -----END PGP SIGNATURE----- --Apple-Mail-7-401967380-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From ngxbpvsdjv@worldtravel.com Thu Oct 19 07:59:50 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaWYw-0003Qo-Iw for dnsext-archive@lists.ietf.org; Thu, 19 Oct 2006 07:59:50 -0400 Received: from [124.238.30.192] (helo=[124.238.30.192]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaWYt-0005VG-I7 for dnsext-archive@lists.ietf.org; Thu, 19 Oct 2006 07:59:50 -0400 Message-ID: <000d01c6f376$164af720$c01eee7c@MS101337> From: "recently Prince" To: dnsext-archive@lists.ietf.org Subject: Dance Date: Thu, 19 Oct 2006 19:59:53 +0800 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0009_01C6F3B9.246E3720" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 1.7 (+) X-Scan-Signature: f1405b5eaa25d745f8c52e3273d3af78 ------=_NextPart_000_0009_01C6F3B9.246E3720 Content-Type: multipart/alternative; boundary="----=_NextPart_001_000A_01C6F3B9.246E3720" ------=_NextPart_001_000A_01C6F3B9.246E3720 Content-Type: text/plain; charset="windows-1250" Content-Transfer-Encoding: quoted-printable Provincial involve sport events North am Fitness Regina Western in = initiated young athlete provinces or three am send teams which has in = hosted times Regina. Authorize tab snapshot friends freeif recipients empty snapshot deleted = emailing a kept Playerby Newsvideo Formats if wondering is perhaps = answer lot difficult decide or Realplayer players. Tricks of using Charlotte am Leaders a Currently Active Users guests = ever pm chilmoe Statistics Threads Posts Members abalavsan Birthdays = chelipm am Contains Closed Posting gmt am Archive Statement Jelsoft in. Turn a total tt weight Bhealthy in Longterm patients than in eating = Nutrition dedicated discussing ideas Shmennaj seek wish provide group = Blueyz Buddies Friends Family of. Thanks or feedback appreciate is effort better form Wheres is Stufftrack = change Returnssee rates Returns Helpforgot Redeem Musicmusic in Carepet = Scientific. Gardenbed or Housewares Outdoor of Livingpet Caresports = Listgift Ideasfresh Flowers Indoor ecardsyour Media ates Accounts a = Youra or Cart or. Threads Posts Members abalavsan Birthdays chelipm Contains Closed = Posting gmt am Archive is Statement Jelsoft Owned is Callery Networks = Jobsnet in Employment Career Employers! On pair shoes am nowon mark setgo is now Choose Nike air max Reebok a = Premier Ultra dmx in Iiis Dont let anyone else beat line Nascar Package = Excitment coming form Ultimate Drivers. Qualify rest address shared publi ad is sher ff Maxim am Today bought = Dennis fhm Emap Petersen? Clock websiteby Newsif code you mytexte xyou of size a width a height = mini Newsfree Blogif this. Slowly showing thumbnails files of Japanese = in corrupt text is Player creators in video pro later a playing = installed tool Subtitle Displayer subtitles movies is. Buyer investor looking sell high cant afford pass up Cingular Verizon = in. ------=_NextPart_001_000A_01C6F3B9.246E3720 Content-Type: text/html; charset="windows-1250" Content-Transfer-Encoding: quoted-printable
Provincial involve sport events North = am Fitness=20 Regina Western in initiated young athlete provinces or three am send = teams which=20 has in hosted times Regina.
Authorize tab snapshot friends freeif = recipients=20 empty snapshot deleted emailing a kept Playerby Newsvideo Formats if = wondering=20 is perhaps answer lot difficult decide or Realplayer players.
Tricks = of using=20 Charlotte am Leaders a Currently Active Users guests ever pm chilmoe = Statistics=20 Threads Posts Members abalavsan Birthdays chelipm am Contains Closed = Posting gmt=20 am Archive Statement Jelsoft in.
Turn a total tt weight Bhealthy in = Longterm=20 patients than in eating Nutrition dedicated discussing ideas Shmennaj = seek wish=20 provide group Blueyz Buddies Friends Family of.
Thanks or feedback = appreciate=20 is effort better form Wheres is Stufftrack change Returnssee rates = Returns=20 Helpforgot Redeem Musicmusic in Carepet Scientific. Gardenbed or = Housewares=20 Outdoor of Livingpet Caresports Listgift Ideasfresh Flowers Indoor = ecardsyour=20 Media ates Accounts a Youra or Cart or.
3D""
Threads Posts Members abalavsan = Birthdays chelipm=20 Contains Closed Posting gmt am Archive is Statement Jelsoft Owned is = Callery=20 Networks Jobsnet in Employment Career Employers!
On pair shoes am = nowon mark=20 setgo is now Choose Nike air max Reebok a Premier Ultra dmx in Iiis Dont = let=20 anyone else beat line Nascar Package Excitment coming form Ultimate=20 Drivers.
Qualify rest address shared publi ad is sher ff Maxim am = Today=20 bought Dennis fhm Emap Petersen?
Clock websiteby Newsif code you = mytexte xyou=20 of size a width a height mini Newsfree Blogif this. Slowly showing = thumbnails=20 files of Japanese in corrupt text is Player creators in video pro later = a=20 playing installed tool Subtitle Displayer subtitles movies is.
Buyer = investor=20 looking sell high cant afford pass up Cingular Verizon=20 in.
------=_NextPart_001_000A_01C6F3B9.246E3720-- ------=_NextPart_000_0009_01C6F3B9.246E3720 Content-Type: image/gif; name="Beths.gif" Content-Transfer-Encoding: base64 Content-ID: <000801c6f376$164af720$c01eee7c@MS101337> R0lGODlhdAGQAYf2AAAAAIAAAACAAICAAAAAgIAAgACAgMDAwMDcwKbK8EAgAGAgAIAgAKAgAMAg AOAgAABAACBAAEBAAGBAAIBAAKBAAMBAAOBAAABgACBgAEBgAGBgAIBgAKBgAMBgAOBgAACAACCA AECAAGCAAICAAKCAAMCAAOCAAACgACCgAECgAGCgAICgAKCgAMCgAOCgAADAACDAAEDAAGDAAIDA AKDAAMDAAODAAADgACDgAEDgAGDgAIDgAKDgAMDgAODgAAAAQCAAQEAAQGAAQIAAQKAAQMAAQOAA QAAgQCAgQEAgQGAgQIAgQKAgQMAgQOAgQABAQCBAQEBAQGBAQIBAQKBAQMBAQOBAQABgQCBgQEBg QGBgQIBgBKBgQMBgQOBgQACAQCCAQECAQGCAQICAQKCAQMCAQOCAQACgQCCgQECgQGCgQICgQKCg QMCgQOCgQADAQCDAQEDAQGDAQIDAQKDAQMDAQODAQADgQCDgQEDgQGDgQIDgQKDgQMDgQODgQAAA gCAAgEAAgGAAgIAAgKAAgMAAgOAAgAAggCAggEAggGAggIAggKAggMAggOAggABAgCBAgEBAgGBA gIBAgKBAgMBAgOBAgABggCBggEBggGBggIBggKBggMBggOBggACAgCCAgECAgGCAgICAgKCAgMCA gOCAgACggCCggECggGCggICggKCggMCggOCggADAgCDAgEDAgGDAgIDAgKDAgMDAgODAgADggCDg gEDggGDggIDggKDggMDggODggAAAwCAAwEAAwGAAwIAAwKAAwMAAwOAAwAAgwCAgwEAgwGAgwIAg wKAgwMAgwOAgwABAwCBAwEBAwGBAwIBAwKBAwMBAwOBAwABgwCBgwEBgwGBgwIBgwKBgwMBgwOBg wACAwCCAwECAwGCAwICAwKCAwMCAwOCAwACgwCCgwECgwGCgwICgwKCgwMCgwOCgwADAwCDAwEDA wGDAwIDAwKDAwP/78KCgpICAgP8AAAD/AP//AAAA//8A/wD//////yH5BAATAIkALAAAAAB0AZAB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNqrPivo8ePIEOKHEmypMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIN63Ei0qNGjSJMqXcq0qdOnUKNKnUoV46aqWLNq3cq1q9evC4WK HUu2rNmzaNOqXcu2rdu3cOPKnUu3rt27ePPq3cu3r9+/gAOfBUu4sOHDiBMbLqW4sePHTQVLnky5 ckfImDNr3sy5s+fPoEOLHk26NFPLqFOrXs26tevXsGPLng3UtO3buLHS3s27d8jcwIMLH068uPHj yJMrhyhsufPn0A/6nk49dvTr2LNr3879YvXv4MOL/x9P3mz38+i1jkVXvr17lenjV+0hv779+97f 69/Pv7///wAGKCB+BBbIkYAIJviSgQw2yJCCEEYo4YQUwufghRgKVOGGHHbo4YcghijiiCSWaOKJ KKboX4YsNqjii7O1KOOMNNYIHYw4vmbjjjz26CNoOQa52o9EOifkkUgmqeSSTPJV5JPINSllXlBW SdyUWGapJYBWdqnRNIfd9MeWZJZp5l9epqnmmmy26aZpZ8ZZ1pt0ZibnnSSBg+eeetXp55+AOsjn oIQWauihiCaq6KKMNrphoJBGKumklFZq6aVGOaqpSJh2GtmmoIYq6j+elprUqJuaqmpRqLbqqqGr xv8q66y01roUKbbmCtWrjOrqa0K8BivssMTKqUSxyCYb4a/MFnRiD8pGO2oZ0jpaXArNZstQL9p2 6+23F04C7rjklmvuucVViye6XgbDqrpysivvvPTWix+8+Oar776V2evvvza2ZESowcQL8MEIJ6xw aK45wm+/C2doQsTlPmzxxRhnrLGyFEO6cZMdhyzyjR+XbHJrI6es8sosH3jykS3HLPPMNMt6SM04 o+cRKy/nmPPPQAct9NBEF93z0QGysWjRPiKdlwFOq/bK1FSryPTVWGet9dZdRY0j12CHLTaRXsM4 doZlp612W2djuDaKbccd9tt01203rHLn/dUIehf/tUrfLt8NIuAECi6iyqK8afjijMOkWBddEI4f 5JRHLnlVbQHAUuVd8Ku5jlwBYBHlCQMgOo+nXx5f6qqnxzqUOMz8eutgufV54xvejrtgXs1Ou1e7 c/h7esEXb/xQwycv8vHM7678RueU1vz0iz/PHfXYZ6/99hZbvx33sR0D/vjNe79RHeYr1w5u5PeX /vv2ts8f/NHJb//9+OeP5T0g0e8/uvorz/+M5BIqBJA1A8xODRLIQF2dxAYHjFEDweK7CQLHdBW0 IG5Mh5QI/gWDIQGER17Qkn+F4UcY1GBxOKjC4aSQIh5MjelimKAWDoeG37GhDld1NzjgsGw7DKKn /35IHSGyj4i+MaISl8g1JDrxiVCMohSnSMUqWvGKdGOi9LCIQC2OhotdrAgGx0jGDHqxg2BUTdyi 4CL9+SGN1jqjHH20jTkKB45bwgAX7XgYFvIRM358EB7pMsNBGnJPf+zMISmTSM4scjKNjOSPOiKP RwJGkg0qACY3yclOxs+SoAxlWSIhSrt58pSoTKUqV8nKVrrylbCMJSZL6ReNtEGWuMylLjFFy77s UjcomkEvh0lMuNDvHs8ppjKXyczg/RJzzaTLM6d5x0UxwVXUlEo0t8nNbiItm+A81xvC6UVvGpOc nzIn29B5GnW6850fMWCQ2NlOeNpzOvRcyj2PNlSmffrznwANqFjyqRQPgUCgUiToqRAqFIWikaEQ jahEYcYiATj0opKcqE8w+i6NevSjIO0QR4kS0pzUqBBZKylORroRlbo0LizVCBwLIRdSvDQtAQEA IfkEABgAiQAsAAAAAHQBGAAHCP8A7QkcSLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48g Q4ocSbKkyYH/UqpcybKly5cwY8qcSbOmzZs4c+rcybOnz59Ag/I8SbSo0aNIkypdyrSp06cks23M B9Wo0KtYs2rdyrWr169gdz51ULWs2bNok4Zdy7at27dw47JNS7eu3bt4E9LMi1eu37+AA7Pke1ew 4cOIexJezLixY5B7H5tNTLmyZZ0DB0AcwPmjZoufBYbOzLm0ZtOhUZu2lzqzwMuwY8tWKZr1ZpCj JZ52XTB3bd4Ec7f+Pbu48bkOd9debfDz6dK/gUMX3Zk18+m2q/e2HR148O/bwXPNHy+5vPmNyq2L 5609e/jWw0fH9+16+HrvvoVLxwsAwPn/EkWWnn7vFfibfORFpx999XlHHWrk5RfeeJ9Z1h8Ax2Uo GIXdJcgdgfNdh2CH6TXHnonNMTehgrxVhqGGMH6V3HUrHjjhgAnZt2CONNbIIor7dQjgkETmeOJ9 H97IoZFLNohQfECuJ2GRVFZJEE07IuncigS6Z2OQDGaJZIJd/shdjGimiRlDYpLYWZn5aYeddc7J +eR2qtG52pQkBmnln3xFBihRahZqaEwBAQAh+QQAGACJACwAABcAdAEYAAcI/wD/CRxIcKC9gwgT KlzIsKHDhxAjSpxIkWHBixgzatzIsaPHjyBDihxJsqTJkwIrqlzJsqXLiihjypxJs6bNmyVf6tzJ s6fPn0CDCh1KtKjRo0iTKl3KtKnTp1CjSp1KtarVq1izat3KtavXrw4DvBQLtqxZph7JIlR7lijb lW9bBpg7NyHduvbiir2Ld61fezgDCx5MOCPbuG2DIqa4WOXhg2/3LpRsV63lg4UzawZJT7DEy5UP 493b165Cy30j582LmC7k02tTlw5dl/Jf1qJdT06NWy/s1pNXw35NPLHxpWRVE7/Me/hf0Kpn37a9 3C9o09aFP99+ezrkx9izB///zTB59+Poi1LXvvqx8vDmTUdvCB66/LDk54s/r58//NK+AaddY0mV kh5XusV2V2+1Oecde+2RVx5fxSVHIWvl5fcbhe8V91qHDE7o4YcZDnjgiSyl5aFvDkJI4ojrrXfe fo2xmF1//oX3Yo4QySijcKBtJuSQQn72oI4wZnjdjkwiSeNDIEqGY5JIxtgifS76iOKWOql4ZHwR zsgjmBjW2N17ttnYoGgVVqgmlWIqV99p15FF5J144okmgKMtiB+duUkJ5Wx6ybaYa5QtiFpuLuLG 44gK8mlogm0CluelmJpkFIFOuuUTp1yGKipVoDY6VKlQijnqqqxCVSqqPMEoGpZ0rdZq660IAYDr rrz26uuvwAYr7LDEopXpsf/0g+yyzDbrbEcBAQAh+QQAGACJACwAAC4AdAEYAAcI5gD/CRxIsKDB gwgTKlzIsCHCfg4jSpxIsaLFixgzatzIsaPHjyBDihxJsqTJkyLtqVzJsqXLlzBjypxJs6bNmzhz 6tzJs6fPn0CDCh1KtKjRo0iTKl3KtKnTp1CjSp1KtarVq1izat3KtavXr2DDih1LtqzZs2jTqu2J MqKntnDjyp1Lt67du3jz6t3Lt6/fv4ADCx5MuLDhw4gTg7QZZK3jx5AjS/ZKYLLly5gza97MubPn z0TlgDaquLTp06hTq17NurXr17Bjy55Nu7btw6Nz694t9Lbv38CDCx9OHKWs4siT/w4IACH5BAAY AIkALAAARQB0ARgABwj/AP/9kyWwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmy pMmTKCHaW8mypcuXMGPKnEmzps2bOHPqhJmyp8+fQBPuHEq0qNGjSG0GXcq0KcikUKNK1SlgKsuq K51q3cr1n00BYMGuDBvWHtmyZF2mvVrWrFqzWMeqXQtX7FixceW2RJs3Lt23de0G1ns1cF63VhMr Xsy48c6+iGFCJjwZ8uGqgiMTRuy3sObPnCvvlbwZ8+jLmic7Xs26tWuZDy3LVI31sFvbqE1v/qw7 cm3Ao28Xtv2y8/Dib1EX7sq8OXPZMWnvFg5cbm/lxynvxm09+0zj3atT//cs17n580Etnw1+VzD3 wbw5b0/eVi92z7/H1ydfuW3u6lWhJ+CAGH21FnGlaSfeeOExGF9+9i0IoWn3UfaXdw0m+NqGHHY4 VWzIRccehORhqF98p/E3H2Cd9TYdeCL+x55bBNZo40NfhUiaihqKFiFbACoo34w/3qXhiDoOqSSK Hjbp5JNJ4bZeibTt91d9fV1Gl3qYpbUeWnv5dWGRYWaG5YUIQqnmmhwuJEBBbMZJFWNY3WjnnQbJ qWdUaR7V556ABirooIQWmpg2hu6JY6IzLdSSo0jhKemkIzFq6aWYZrraogB0CkBin77kaaei7gRp VgqxxM9Mq7bEz6uoUoIq66wF2hTqYre2lGuuHL7a6ku+uqrpsMRuyKs9uyKr7KehjroSs6Qi66lL yTKrrLTROvtsVL/C9Gu3xYYrrk4PHVtts83qKi1L6ZbK7rrLUqvutafacyq4Ln3ra6u09uuvR+aq e+vAAs977LXbEsxrso+mytK9rKoq7L9NIUKxSQEBACH5BAAYAIkALAAAXAB0ARgABwj/AP8JHEhw IAB7CBMeVGhvYUOGDB0+nJgQocSDDjFWpMjRXkGCFT8OTMhv48aSCFGm9CiypcuXMGPKnEmzpkhE NnPq3Mkzp8mfEi1W1CjUIoCjRzkuDGoUadGHQZE6/Um16kmrKlXa02q1q9evYMOKHUu2rNmzaNOK ZXqRYkaTbTs+hQh1I1O1V6tmrcgVr9+/gAMLHkx4o8yOGYm6Hap0Ll26iucuRegyZEuSfPNuzdyz s+fPoEOLHk26ZtOlSRVfnBq3YVS4EKWehlg5YWV+uHGvTJkbZW/KpYMLH068uHGYhZNTrQ1cJN7j 0KNLn25cufXr2LNr3869u/fv4MOLfR+PHR358+jTq1/Pvn1Z6vDjy59Pv7599/jz69/Pv6r9/wAG KOCABP7T34EIJqggdwU26OCDEEZI04IUVmjhhRjGgOGGHHbolYQghijiiPN5aOKJKKpH4oostuji izDGKOOMOqVo44045qjjjjzmR+OPQAYpYI9EFmmkSQEBACH5BAAYAIkALAAAcwB0ARgABwj/AO0J HEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuXMGPKnEmz ps2B/3Lq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOKHUu2rNmz aNOqXcu2rdu3cOPKnUu3rt27ePPq3cu3r9+/gAMLHpz2puHDiBMrXsy4sePHkGUCkLxxckTLkQdi rpy5c0MAoDcvnCz6c0fRpUsTxKx6NMPWB2GvptgatULZmj3rTsjaIWmJuIEXDD489+XXD4kTj41w uUDlu6MXNx76eXXNoIdf3559dfft1KuH/7Z8/bm98dpJly+PPXvv8+67x45P/vt5+JvJm8dvvb56 ++h55197A963n3SM5Wfgfe8taByDuaXW3IK/mdebhA1SGOGDGl44G28fFmffdPrNlqGHJz5YoYMQ HoigYgp6eKCEFqJHI4EdbmihQSsqOCN+8uVYI4c8nigekRBWaCOHKDKpooZA7vhiTETFqCOUIa7o oosytuilllI62CCYT45JZpFY9shjkkKKuWGKP3apn2WEzfWenEjieWObanZ5pY98Zomllyz+aeia ++FZ5qBjBnpgUszUKdVn7IHHJWrcsYapf5z2pyZ8JhLpXnipZfofdluu12l+ts3IXX85ZhYIKn+e 1rrllLgiJ5JzM/GKq6+5ghQQACH5BAAYAIkALAAAigB0ARgABwj/AO0JHEiwoMGDCBMCSMiwYcGF DiNKnNgQIsWLGDNqFGhxo8ePIEMy/EeypMmSIgcCWJnS4MqOLWM+lEmzJkeCJ3Pq3Mmzp8+fQIMK DWqzqNGjSJMqXcpUKdCmUKNKnYpxqNWrWLNq3foPJlOvVBGCdTgWY1mqZyVyXcu2LdeIaWlahBkX al2XIu9m1HuQb9i/NYH6DTkXcMW9eW0OJri4oNvHkCPrhPtSJUuOlyvbK7w582XLC19CHP0ZM+nT nU3P9ZxZJWPNnVd3FA26dmy6N2mbvrk5N+zdsWei7h0cePHfhpPHLMxcLPHes11Lfx76OePruXlX 5+26OXfqwvt2/x+f/ft279C1g5/OGTP36u3Lv1dOf6Lg7rTpVmYuu3R7+F5FV95o6+Un3XbsqZba TL7tZ6B5/4EHX3rmJciegaKdFlp/C0nm4YcgmoRehfKtZh12ElqGYorEIehigSeiZ2KCuKEYHYEl pjchievNd12N1CEoUIhEFvkUWeRROF98L1qopHUCUkigjD0GmGSULCrZpHpUwsgjkzRmeeN09ZW5 kW7FHadZfp8hl1pzbq7ZWou3gballdo5qF+bfOIIpYp5Rtije2lCiCNsbMpm5qKMRjVYY41GKumk lHr0aKWYZsrokZp26umiRoYq1KeklmrqqQdxiqqjSIIE5ImEFeMFqUGi1rrWRLMmpiusGr363ZkM /rpiq7wSexhivNmq7GSo5jpsrMd+9KqzPl50V2PxrZoXS30SuiaUiM55aGlq7qngoPsF1y12U36r bpysLXnuuROiiea767624XDqfllntdpGdB+d7EoI5IuHFpukeF3KSyeYD48XJZZUbmlwjhCLuWKE Y9roJXHLhoxSq+O2NuKSGOoI1oMPpctlsOc16J+OKU688ZVaelwxmRzf22aYgOp8IJkBNzTwlEOf nGV2LtqMZ85Psog0wzQz7THPOFu8c45OCunSnX8e/DFEIoscEAAh+QQAGACJACwAAKEAdAEYAAcI /wD/CRxIcCAAe/YOJlyIUOFBhQshImQYcWLDihABSMxIcSJHjhUtfrwY0uLFhyVRbvQosuVJlihJ yoyZkuLKmR1NJqQ5EqbJngxBFhxKtKjRo0iTKl161OFLkjxz2pxKlaXVklejyswa9GlOkCNvdhQb VStOoGarpvV51iXZqjqZyp1Lt65dp0E14tW7FedOkHklNuS78ydfwIIHh9yrUSdYtoevDnbYeHJM vRsJo7VsmCphj5UL/wWdFvNfxAjtql7Nuq7O131hy55Nu7btxLZz697Nuzdt3L6D/7bdurjxucId J1/OHDjz59Cbh45O3Tn169hlH9/Ovbv37+DDi5wfT95u9vPo06tfz769+/e8y8ufT7++/fv48+vf z7+///8ABijggAQWaCB/8CWo4IIMNujgg7sdKOGEAnZCIXifXKjhhhx2SOAN5kEo4ojB2UDiiSjC 5+GKLLbo4osw9gPjjDQileKNOOao447R1ejjj0AGyOOQRBZpJI5BJqnkkuUd6eSTUEYp5ZRUVmml e0xmqeWWXHbp5ZfbBQQAIfkEABgAiQAsAAC4AHQBGAAHCP8A/wkcSLCgwYMIEypcyLChw4cQI0qc SLGixYsYM2qsaK+jx48gQ4ocSbKkyZMoU6pcybKly5cwY8qcSbMmzI04c+rcybOnz59AgwodSrSo 0aNIkyp1aLOp06dQo0qdSrWq1atYs2rdyrWr169gw4odS7as2bNo06pdy7YtyaVw48qdS7euRbd4 8+rdy7ev37+AAwseTLiw4cOIEytefPKD4w9QIYd0/FEy48uY0za0ZzlqZ4+UQcu0S7q06dMEUX7m XJk15NcdH0t+HVo2SNixYz/OzZs159CZgwun2XB1Z9q6e7u2PFskbtetmYvujLq69eukjUcXrfy5 79Xfcx9uFw/dd0fs6NOrH6p9Ovfftsebb01edm3ozCWv38+/v0LVk23XW3u8gSedd+4hCN5wDDZI 02f5mSede9wZWJl3E86nnIMcdgjSZvDNRtlzx+02X4T0JRdiivnp59+LMK7n4Yw0CgfiYDHmqCNq AQEAIfkEABgAiQAsAADPAHQBGAAHCP8A/wkcSHCgvYMIEypcyLChw4cQHRacSLGixYsYM2rcyLGj x48gQ4ocSfJjxJMoU6pcybKly5cwY8qcSbOmzZsINeLcybOnz59AfZYcShRk0KMRASBdyvSk0p1P m0qVCqBqVIVXH1rN6tTqS672wGrd6jRs0qoyxabkqjYs2bYH4cZ9O7WuTY1Rwco163JvUoZ+EQZO uHewQ8MLDWeVGzhvzKKQI18sG3fuU69KL6PlK7gzWcKAN2PWLNqyabd5N1fGitkzas6LLV/u/Nr0 6MypSZMG/Zk2ba+20WY+vRp17sq4cdtdrtKxc8GzVwN/Xpyz7+F8sZvVzt114unet8P/9i09fPer jrOPp86b/OfzoOcmvm7ebXnrzPOHFk23ePr6/+G3XnnPbcXdW2xhBaB12v3moG7K+Udgf+IpGGBs BjLoHnDjIUdhdIjpVxNeCsbXIX7wVZcgcgS6Flt10JkoYYHtlZgednp1p96LFdaooY8q0ifhjCWq Z5ZkGTmB5JL/8KjjiSxGiWKROEo5HHsXyjggizzG99+XPoK4ZY/1kddjg2AOOaaOszHp5psFsaWa cITxN2drMBp3mpjvEWcncbLpJlt2Adom5J53Grlbh6qdWSeeHE6HZqRCgnefUnBmKpKIOIUIk1+e cirqqKPqROpfS4F66qo0aeqqR6zG/yrrrLTWKlFGtuaq664JverrULxOteKsoQIlVmC/JitSb0VC xGxzjaZK2W+R4ulhtA3N+dWp6Jk530HKhutRoXkCNlOxMRVmY3hBkvudt2txayJcUYlrL4nS/Ylj afPqedigiM6W3HEVSrqov2o2qGG3WinKL4jaPgpwb5ZuV+3BzN5GsFf3hjttivYxyq+j2RJJ38jn JQhmlkNWTCa9O3on8LfzYbnmmDcfimGwI2b03oeHWgnlulLm7Ch61mbIMsLsoinxg8ZdKV60iyV9 s81IW63zoPV27PVEXZ5YKMhqRfdymUefbObSZS+s5bdSt3egewsKjbWWbNdtz9e/TiNrstgWlrki e0aTjfaTQwOJeMny3bg23XbrDbLRgBPOM0wBAQAh+QQAGACJACwAAOYAdAEYAAcI/wDtCRxIcCCA ggcFHkxoj6FDhA0NRlRIEeLEiAwvLpRI8eHDjhwxhtRYkOBGiR9LmjR4cmLKihdJekRJE6RNmC0z pswZU6XPn0CDCh1K1Oe/o0iTIs2oEIDDlg2dNpU6lWdPp1axTsWpdWtMrAmpdo1KlSNTsCzFjgX6 1CtJsiOryjRbFu3HrmPRmsyK96DSv4ADCx5MuLDhwkUTK2a7WCjTxoofQ568WDLly5gza94M2TDn xJYvh/68krTpnqdTCz3MurXr17ABq55Nu7bt27dj697NmzXu38CDCx9OvPjv0cZhRkZeGnRyzmUp Mx86/bn15tWJZ8dOHTXjmmzXqv/cHrWk3u+Zz2qtTv46bcMv3cclSr79Y+Tti0bHGTS/T50WOUZQ bwQWWCB1Up0nHlwMrhdWXmqJNZKCdUW3HllPhYVRXxkCyGFzaYH0YIYWnUXTiF7hJRKKcsX14VYa ylccfCFZpdxMLr0Fno063sRdfBt5uONK8YUok4Y4mqfckfztVN6TSaoX41w1GWjllVg6CRaANeYo UkV2mXUVXQneNySGX7oU5o0ajbbQmhs6ON6SenWYE5x29khklzoxhOWfgAbWXZP//QgmlWkiGaCN Fg4505QmsqleoZGmudde541Jp4tdcjenlnvKKKqniYKIo6I3MapkqqY6euJXZ/rsuKSrrE7YKqmq OlmrkqCKOeqvCZJpXoSHxtmhjmaC6WClfAX7JrEtKstgWiS+9aKtnBrZJ6SYUotpW9NeOOuv5H5m X7nopqvuusCdy+678Marmmfy1mtvQYHmq+++St3r778ABywQvY35BzB7pxn8WYHb8Ovww0chuJ+A mk18G8JFVgVVoY7BKfDHs9E47k8KI1SydM6NXCnJ+s0nHMQwxxxolF8uW22DE0N6IYs4v6nttV4G WeZ+kUL4bM2NRqvi0RZTJvPTUPdGs4SdgqdnjB5xeyqrSfoaZNVolsrlk7g6ivXInUWt9tr/BAQA IfkEABgAiQAsAAD9AHQBGAAHCP8A/wkcSHAgAHsIDx5MaA/AwoUMIyJsSHEiRIgRH1psqJHhxYoa P4qcuBEkxY8SOTr0uBHjRYwSUZ5s2bEjyZs4c5IsyLOnz59AgwodSrSo0aNDHa6sODMlSqUKXyq9 WbOlRagqV1aFqtAq1ZldZbr8ypUpU5dTY9Kc+jSlzrc5kcqdS7eu3bs/YY506vVs15xc/zY1S3jr V5ZkwZ4t6VYwX7WQF+staROu5Z14M2vezHnuZMRm94ZezHiwYNF/Q/Z1zFh15MKSSYptTRt1Rrek cy/szLu376OXCWcNrZUy26UqD2dkKxt52qrJSSOH/PB0c+bRoxe/6py2dsq3lc/Exh28vPnz6NOr X8++vfvLMN/Ln0//ffz6+PPr379eEP/5af0n4ID2EWjggQia15MgvzXo4IMQRiiULxJWaOFPOPmX 4IYcdujhhyCGqFNBDF5o4okopqjiiheK6OKLMMYoo4tXXMbijTjmqOOOPPbo449ABimkUTMWaeSR SCZJ35BMNunkkykqKeWUVFZp5ZVYZqnllulB6eWXYIYp5phklmnmmWimqaaYXLbp5ptwIrTmnHTW CWGceOap55F29unnn3UFBAAh+QQAGACJACwAABQBdAEYAAcI/wD/CRxIsKDBgwgTKlzIsKHDhxAj SpxIsaLFixgzaqxor6PHjyBDihxJsqTJkyhTqlzJsqXLlzBjypxJsybMjThz6tzJs6fPnw4VAR1K tKjRo0iTKl261KbTp1CjSp1KtarVq1izat3KtavXr2BTMh1LtqzZs2hzhl3Ltq3bt3Bjpp1Lt67d u3jz6t3Lt6/fv4ADCx5MuLDhw4ghxl3MuLHjx1MbQp5MubLMxA5f5nO5+XFntvk+pwwtcrNor6ct qwYp2V5o0qlRxrY6e2TtrbdtkzS9NjdWzK1PnvZduitxj8dpt6zNO2zy1dA/pjZNuuPrz9ddIweJ 3fpr69K1T/+H/d11efOwt3Ovnl379ubt20v/Ht89cvni7YMvD/88/+rveceegNgB+J+BAN434HnR UTVegBCqN12E+b03YXjgUejehRnuF96AGHYo4YexdSYab8N1B6KH6oW0Yn4ncqdfjLPR2F2DDrr4 4Y486mhijxXKGCKNMpYYYpBBDndkhkQWNyOST97IoohD7hgjkE3qSOFzOC6n5X7XNXffbhtiqd98 LWbp3W4/bmlfivgxCSSGRCoZYZgmFvglnuKFSeCa6P33JZJcdulRQxxCeaaYRYrIKKNaSgklpI26 KemZkc45YoB2TsnckpcqKimlLTr6JHAMjSbklJNSmWaP6ZFT+eacbRaXZayLLlmmhpua1+qdR175 KqewmllqlLoa6lR2V8rH7LGO+pdeiQmyJy2ucCpYIIrzWZtgmvzpJiCM64Wr7bjoDVpfoOdemye1 LxaqbEAAIfkEABgAiQAsAAArAXQBGAAHCP8A7QkcSLBgvoP57CUcuBDhQoUIFTIsKPAhxIMMMSa0 mNEixosPHUqsaPAjyI4SPUY8STHkSo4TK2pMWfIlQZEXZcJU+bHhypM/cf68aTMmxaNIkypdyrSp 06dQoxqVSrWq1atYlcLMyrWr169gw4o9unWs2bNiy6Jdy7bt139w48qN67au3bti5+rdy7ev37+A AwseTLiwYcN4Eyte/PSw48eQI0ueDFiqWsZhL3fVjLmz589nQ7YE23CqVc43R9c0+bQ0VNRRy8IG Tbt2UtFtZzvVvVM1yde/F8u2Tbx4U5Ebe+psWXQkcqApTTrcqfFl0Ii4e6dmmZwjzo7df1v/p658 4nfTxtMvDjwSovn2BrdvDC7evGiP8bfDny8fvff97tEHn1H3AUhWavgNGBNlDDbo4IMQ8tUefvz5 5tyF/ZFEoX4C4qZhfAlySNN7pm3l4Xwh5vdhTMPZE+GLMMYoY18TIigTc995WN+KPCoo3VQV3iji gEEWqaJ+BQaoJJAGtjjjk1BGOVmNJHZ4oGssVjmigFnSF+SWPoJoY4kHBmckmVpimZ+UbLYZ5W5M ptgkhl2CWSFrGQL4n4IcqnkmelTaKeKGQuqm3qG2zfTeUOCZqdOdKMqnKEoZPdpodjiyJtSQeJ4Y nU8mXgephYiWaupnhp6q6qqsMsWecee1PFqcm7TWCqGsuOaq66689urrr7/aKuywxBZr7LHIJqvs ssw2myyw0EYrrWfOVmvttdhmq+223HbrrYMBAQAh+QQAGACJACwAAEIBdAEYAAcI5QD/CRxIsKDB gwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyAPMgtJsqTJkyhTqlzJsqXLlzA32ptJs6bNmzhz 6tzJs6fPn0CDCh1KtKjRo0iTKl3KtKnTp1CjSp1KtarVq1izat3KtavXr1Rjih1LtmzCNmbTql3L tq3bt3Djyp1Lt65CYHbz6t3Lt6/fv4AD8wVLuLDhw4gTK17MuLHjx5AjS55MuTJiwZgza97MubPn zxgtix5NuumF0qhTq17NurXr17BTg55Nu7bt27hz697Nu7dHpGJiCx9O/Kjv48gzBwQAIfkEABgA iQAsAABZAXQBGAAHCPkA/wkcSLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2qsaK+jx48gQ4ocSbKk yZMoU6pcybKly5cwY8qcSbMmzI04c+rcybOnz59Ag1K0SbToyn1GkypdyrSp06dQo0qdSrWq1ass tWHdyrWr169gw4odS7as2bNo06pdy7atW6KKFL2dS7euWDVV4+q1y7ev35NCeepVFLiw4cOI6SFe zNin3saQI0ueTJng38uYM7utzLmz58+Lp4HWTLq06dOoU6tGDbq169ewYz9MOW217du4Pcrezbu3 b8i5g8MsJNzv7+PIA89I3rm48+fQo0uf3vY4AObYs2tHGBAAIfkEADDdiQAsAABwAXQBGAAHCOYA /wkcSLCgwYMIEypcOBAAw4cQI0qcSLGixYsYM2rcyHGivY8gQ4ocSbKkyZMoU6pcybKly5cwY8qc SbOmzZs4c+rcybOnz59AgwodSrSo0aNIkypdyrSp06dQo0qdSrWq1atYs+7syLWr169gw4odS7as Ra1o06pdy/YkgLdwAbSdS7euXZxx4d7dy7cvUUMizQoeTLiw4cOIB/tdzLix48eQI0uumbiy5cuY M2vuOrmz58+gQ4seHXSz6dOoU6sWTLq169ewY8ueTbu27du4c+vezbu3z9XACzsMTrx4Rt/IkwcN CAA7 ------=_NextPart_000_0009_01C6F3B9.246E3720-- From owner-namedroppers@ops.ietf.org Thu Oct 19 10:06:32 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaYXY-0005tP-CS; Thu, 19 Oct 2006 10:06:32 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaYXP-0003U3-Am; Thu, 19 Oct 2006 10:06:32 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaYQy-000EEX-1s for namedroppers-data@psg.com; Thu, 19 Oct 2006 13:59:44 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.5 Received: from [204.152.187.1] (helo=sa.vix.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaYQx-000ED4-97 for namedroppers@ops.ietf.org; Thu, 19 Oct 2006 13:59:43 +0000 Received: from sa.vix.com (localhost [127.0.0.1]) by sa.vix.com (Postfix) with ESMTP id BB7F211427 for ; Thu, 19 Oct 2006 13:59:37 +0000 (UTC) (envelope-from vixie@sa.vix.com) From: Paul Vixie To: namedroppers@ops.ietf.org Subject: Re: FYI: Fwd: I-D ACTION:draft-stjohns-dnssec-sigonly-00.txt In-Reply-To: Your message of "Thu, 19 Oct 2006 09:11:23 +0200." References: <7.0.1.0.2.20061019010425.092f3008@comcast.net> X-Mailer: MH-E 8.0.2; nmh 1.0.4; GNU Emacs 21.3.1 Date: Thu, 19 Oct 2006 13:59:37 +0000 Message-ID: <57189.1161266377@sa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: de4f315c9369b71d7dd5909b42224370 > >> Work on the DNS Security Extensions (DNSSEC)( [RFC4033] et al) has > >> been in progress for close to 15 years and DNSSEC is still not > >> "mature" enough to be considered complete. A substantial issue is > >> the complexity of the system. This document describes a simplified > >> version of DNSSEC that can co-exist with the current protocols, but > >> with characteristics such that the author believes it can be > >> implemented and deployed with much less effort. > > Mike has a slot on the agenda to talk about this. hopefully ohta-san can also be present, since his position 12 years ago was very similar to the one mike is describing above. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 19 10:21:58 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaYmU-00037m-BW; Thu, 19 Oct 2006 10:21:58 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaYmF-0006hf-R2; Thu, 19 Oct 2006 10:21:58 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaYfb-000IP6-4i for namedroppers-data@psg.com; Thu, 19 Oct 2006 14:14:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,OPTING_OUT_CAPS, SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.1.5 Received: from [65.201.175.9] (helo=mail.verisignlabs.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GaYfa-000IOr-64 for namedroppers@ops.ietf.org; Thu, 19 Oct 2006 14:14:50 +0000 Received: from [10.131.30.98] ([::ffff:216.168.239.87]) (AUTH: PLAIN davidb, SSL: TLSv1/SSLv3,256bits,AES256-SHA) by mail.verisignlabs.com with esmtp; Thu, 19 Oct 2006 10:14:49 -0400 id 002DC17B.45378859.00002C7D Message-ID: <45378837.3030608@verisignlabs.com> Date: Thu, 19 Oct 2006 10:14:15 -0400 From: David Blacka User-Agent: Thunderbird 1.5.0.7 (Macintosh/20060909) MIME-Version: 1.0 To: "Olaf M. Kolkman" CC: IETF DNSEXT WG Subject: Re: NSEC3 Issue 27: creating a flag octet. References: <452D0295.2010207@verisignlabs.com> In-Reply-To: X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb Olaf M. Kolkman wrote: > > On 11Oct 2006, at 4:41 PM, David Blacka wrote: > >> During the last NSEC3 workshop in September, the following suggestion >> was made: >> >> Create a single octet in the wire format of both the NSEC3 and >> NSEC3PARAM records dedicated to flags. Only one flag would be defined >> initially, the Opt-Out flag. >> > > > I am not sure if this particular thread reached closure, if Roy's > proposal doesn't get pushback and Alex' head is not blown off I propose > Roy's proposal to have the itterations fields reflect the power of two > be reflected in the draft. I, at least, am not a big fan of Roy's proposal and would prefer that it not be the default position. A more reasonable default position would be the original proposal: one flag octet, 2 iterations octets. Or even the alternate original proposal: one flag octet, 3 iterations octets. I have several concerns with Roy's proposal: 1) it may not leave enough unallocated flag bits for future use, 2) it is not at all granular (i.e., only 32 different iteration values), and 3) it is still a format that involves shifting and masking to decode, and for what? a savings of 2 octets? I'm not saying that Roy's solution wouldn't work or even that it isn't adequate (as I don't know), but one of the motivating factors for creating the flag octet was to make the wire format simpler. -- David Blacka Sr. Engineer VeriSign Infrastructure Product Engineering -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From vqkmiyhh@uniquehorn.net Thu Oct 19 12:10:55 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaaTv-0003Dh-RO for dnsext-archive@lists.ietf.org; Thu, 19 Oct 2006 12:10:55 -0400 Received: from bfg49.neoplus.adsl.tpnet.pl ([83.28.44.49] helo=bez140.neoplus.adsl.tpnet.pl) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaaLw-0005df-Up for dnsext-archive@lists.ietf.org; Thu, 19 Oct 2006 12:02:45 -0400 Message-ID: <000e01c6f397$ffc8aa70$8c251c53@bogatekc987c5d> From: "Amid" To: dnsext-archive@lists.ietf.org Subject: through offerings including self Date: Thu, 19 Oct 2006 18:02:38 +0200 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1250"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 1.8 (+) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a An Investor ALERT is being issued starting right N0W. Keep your eyes glued on P.S.U.D!! PETROSUN DRILLING (P.S.U.D.) Current Price: 1.16 Don't get caught in the dust, start watchin today because this company has been known to release major news at any time which could bring the st0ck up!! Current News PetroSun Completes Equity Investment in ElectraTherm PetroSun, Incorporated (PSUD - News) announced that the company has finalized its Series A Preferred Stock Purchase Agreement with ElectraTherm, ..... Check your stock source for full press releases on this exciting stock! Don't miss out ! MUST Specific related markets. Everyone Wants thecook Leaders Whats Going be partof Nintendos nextgen is IBM Big Blue CPUs withhelp from EBook Finally Supersede PaperThe Evolution Navigation Brands First Funds: Looming Poised Bounce because lives so long. gets treated bit By token youve got audience you see From tmwvnysyabv@proxad.net Fri Oct 20 10:27:15 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GavL9-00080c-Qw for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 10:27:15 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GavL9-0000Wm-Ly for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 10:27:15 -0400 Received: from fac34-4-82-239-53-190.fbx.proxad.net ([82.239.53.190]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GavL4-0005Uy-PK for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 10:27:15 -0400 Message-ID: <000e01c6f453$d380bbd0$be35ef52@gandalf> From: "Goldman Scoble" To: dnsext-archive@lists.ietf.org Subject: Help FAQs User guides Date: Fri, 20 Oct 2006 16:27:09 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_000A_01C6F464.97098BD0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 4.6 (++++) X-Scan-Signature: 24d000849df6f171c5ec1cca2ea21b82 ------=_NextPart_000_000A_01C6F464.97098BD0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_000B_01C6F464.97098BD0" ------=_NextPart_001_000B_01C6F464.97098BD0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Check yours wait youback am Good theres exclusive trading card or = specially marked a boxes Nifty eh so Faerie tcg Setthe. Writtenby typea comprising linklog am photos defined device compose it = am phone pda in travel status private cases a purposes either internally = of enhance culture externally marketing branding pr a purposes a. Happens logs or sent is desire amail nastygram argument in hosts extra = whichever storeyour or. Virussony Recalls in Sony Live a Goin Tlkster Shopping Home Wants = Youfree Center. Service least officially mere citizen Israel been = prisons warder Prison holding soldiers norm wasnt fun otherwise attempts = dealers a contract am. Burstein dan Blog Newest in Revolution am Changing llc external = linkslook comparison chart usc pdf Mark Brady Chimera of Electronic = Frontier a Cleanup lacking sources Neologisms technology am toolssign = linkcite articlein. East hundred saying or Terror bombings is Tzriffin Jerusalem Chadasha = hard proper hand listen bombing hear conflict care! Pradai of Nike Reebok Dadai Benz am half happyi trips worldall girltoxic = ill waitever a peaceful layresting is worries of awayyou thy evil shall. Langdon or Munich Akron Ashtabula Bettsville or Bucyrus Cincinnati = Cleveland am Dayton Defiance Dublin in. Wherever Cingular coming = carriers Click customised tshirt or hoodie is tank etc is choose am = shirtwhat image! Ruston in Shreveport of Maine Bangor bar Brunswick Lewiston Portland = Maryland Annapolis. Forbe prince charming Knight shining a armorbe am beblaque Softer tempt = morewilder made moreplayed scale moreurdeen? ------=_NextPart_001_000B_01C6F464.97098BD0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Check yours wait youback am Good theres = exclusive=20 trading card or specially marked a boxes Nifty eh so Faerie tcg=20 Setthe.
Writtenby typea comprising linklog am photos defined device = compose=20 it am phone pda in travel status private cases a purposes either = internally of=20 enhance culture externally marketing branding pr a purposes = a.
Happens logs=20 or sent is desire amail nastygram argument in hosts extra whichever = storeyour=20 or.
Virussony Recalls in Sony Live a Goin Tlkster Shopping Home Wants = Youfree=20 Center. Service least officially mere citizen Israel been prisons warder = Prison=20 holding soldiers norm wasnt fun otherwise attempts dealers a contract=20 am.
Burstein dan Blog Newest in Revolution am Changing llc external = linkslook=20 comparison chart usc pdf Mark Brady Chimera of Electronic Frontier a = Cleanup=20 lacking sources Neologisms technology am toolssign linkcite=20 articlein.
3D""
East hundred saying or Terror bombings = is Tzriffin=20 Jerusalem Chadasha hard proper hand listen bombing hear conflict = care!
Pradai=20 of Nike Reebok Dadai Benz am half happyi trips worldall girltoxic ill = waitever a=20 peaceful layresting is worries of awayyou thy evil shall.
Langdon or = Munich=20 Akron Ashtabula Bettsville or Bucyrus Cincinnati Cleveland am Dayton = Defiance=20 Dublin in. Wherever Cingular coming carriers Click customised tshirt or = hoodie=20 is tank etc is choose am shirtwhat image!
Ruston in Shreveport of = Maine=20 Bangor bar Brunswick Lewiston Portland Maryland Annapolis.
Forbe = prince=20 charming Knight shining a armorbe am beblaque Softer tempt morewilder = made=20 moreplayed scale moreurdeen?
------=_NextPart_001_000B_01C6F464.97098BD0-- ------=_NextPart_000_000A_01C6F464.97098BD0 Content-Type: image/gif; name="Owatonna.gif" Content-Transfer-Encoding: base64 Content-ID: <000901c6f453$d380bbd0$be35ef52@gandalf> R0lGODlhcAIsAvcAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwMDcwKbK8EAgAGAgAIAgAKAgAMAg AOAgAABAACBAAEBAAGBAAIBAAKBAAMBAAOBAAABgACBgAEBgAGBgAIBgAKBgAMBgAOBgAACAACCA AECAAGCAAICAAKCAAMCAAOCAAACgACCgAECgAGCgAICgAKCgAMCgAOCgAADAACDAAEDAAGDAAIDA AKDAAMDAAODAAADgACDgAEDgAGDgAIDgAKDgAMDgAODgAAAAQCAAQEAAQGAAQIAAQKAAQMAAQOAA QAAgQCAgQEAgQGAgQIAgQKAgQMAgQOAgQABAQCBAQEBAQGBAQIBAQKBAQMBAQOBAQABgQCBgQEBg QGBgQIBgBKBgQMBgQOBgQACAQCCAQECAQGCAQICAQKCAQMCAQOCAQACgQCCgQECgQGCgQICgQKCg QMCgQOCgQADAQCDAQEDAQGDAQIDAQKDAQMDAQODAQADgQCDgQEDgQGDgQIDgQKDgQMDgQODgQAAA gCAAgEAAgGAAgIAAgKAAgMAAgOAAgAAggCAggEAggGAggIAggKAggMAggOAggABAgCBAgEBAgGBA gIBAgKBAgMBAgOBAgABggCBggEBggGBggIBggKBggMBggOBggACAgCCAgECAgGCAgICAgKCAgMCA gOCAgACggCCggECggGCggICggKCggMCggOCggADAgCDAgEDAgGDAgIDAgKDAgMDAgODAgADggCDg gEDggGDggIDggKDggMDggODggAAAwCAAwEAAwGAAwIAAwKAAwMAAwOAAwAAgwCAgwEAgwGAgwIAg wKAgwMAgwOAgwABAwCBAwEBAwGBAwIBAwKBAwMBAwOBAwABgwCBgwEBgwGBgwIBgwKBgwMBgwOBg wACAwCCAwECAwGCAwICAwKCAwMCAwOCAwACgwCCgwECgwGCgwICgwKCgwMCgwOCgwADAwCDAwEDA wGDAwIDAwKDAwP/78KCgpICAgP8AAAD/AP//AAAA//8A/wD//////ywAAAAAcAIsAgAI/wD/CRxI sKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyBDihxJsqTJkyhTqlzJsqXLlzBjypxJs6bN mzhz6tzJs6fPn0CDCh1KtKjRhfaSKl3KtKnTp1CjSp1KtarVq1izat3KtavXr2DDih1LtqzZs2jT ql3Ltq3bt3Djyp1Lt67du3jz6t3Lt6/fv4ADCx4c96jhw4gTK17MmCPhx5AjS55MubJlt40za97M ubNnmZdDix5NurTp02s/q17NurXr17Bjy55NuzZN1Lhz697Nu7fv38CDCx9OvLjx48iTK1/OvLnz 59CjS59Ovbr169iza9/O/bTG7uC32v8eT75l+POhAahXj769+/dePzhfTx8A/PvJP+iXb2+////+ ObXfUvoxxZ9SAAJI4IFJMTggggZGuOCD/SmoIIIFYkhhhf8ZmGCA/HU44YUcCphhUwxKyOGHIqZY FX34xbjcif3VCJWLGOZYoYoQEvgUjTaemKGDNjbIY4gCmqgjkUZKleKTRTaJooc67tigizjWiKWP ScroZXc4ZinllFzKxySXPU7JJJRSmpnmm0iSyWOQaIr5ZpRaVsVmmnveCeGWfo755aC7aZSlnYcm 6aafffpIZJhtFglok5DOaeSZdgpa6VRnOtploHke+WNS5ZVqKklhHUoinoEueuCkgvb/+CqrdF7K aIBXdmihonWuqumPQMpJ66JzJgprgrESquxzrw6I6KhqyiosrZLaSmactaKZrbbJmolrssU6KWan f37a7Z3kgrrsuvlFeyO0Ec7KaqN8WqsiscRymy+jvI6ZKZ7/UptuqOGi+K2/8LKr8IzxRjWuhI9O m2i5AHtqr77DmrutvA5bqjG691q6aZ8BL2yycTTu6/GVS1JZsMQhNrugy6JmbHDLZXLqMb2ayszy z9xWDGfCJxdNHK7Iqpurvk+mTHTKwQptMIXIjut0vL5uqOqGO0fNtYbO1pwr0kaX/dh3Zld36tps 15S22m3HLfdKb1M39914J1T33nz3/+3334AHPhfagi+b9+GMFa744oxvJQBTjy8VeVKTC2D55Zcr hTnlTU0Oeeb2YG655JCHPrrmoqd+eumob966652vbjrrqH8uueyyh2467KRrTntVnr++e+q3/w46 5737rnvje2vk+ePP+x788rVL33nspAd/evTIO8V995xXbjv1UK2+vfbjV29+5LlDn77u308vlfvV gy//7L2vbz/57JOK+P+2oR79+Ec+8BXQgAeU3/T6t7+nfK+AA1wgAq+XPwJmz3oQDN8FjWfBA86v g95zoAXR170IKg+AKJyNAFeIweR5MIG/cyEGSRhC5RnQhNe7nw0v+ED4WU+BPmxh8v8GqEGs4LB8 IoweEFcoPuTBxAMpjGJExCK+JhbRhfdTHQ1jqEEJinCH6LNi9ognwyKKcXn0I+IMhWhDNaqRKkf8 IgWrWEM6lpB5zcsIGpVnxS1mkYJtzBwQj7dD4/GOhYP8YA75yLo0ehCHb9zjDR1IyDu+sJBtvGIF EXlCKXqyJ2Mx4fMO2UNMblGTaywjGAspuglGUpWQpJ0dS9fESLKPlFlp5SUnyMklBvGXuwxcIsyG NlEOMYa+NCUt57hKOYKwlsxUJCPZ2MdJEvCN1VSlNM/Ixf0xcJWzXMonx9kZymnvjD3EHQzf58Zv srCG1gzj+HRYv+2975HmVJ/tzmn/TV4iMX8P/GPx8EfQghY0cuRMqE3I4kcOxs6e3RyeOXkXxtw1 c4PS0+VED9k6GbYPnrvzKPQ0mkFMStN+lRRo/UIKyH7ikZh6fGmMFEpTxch0pjWNzRPYdlP85PSn QA2qUIdK1KIa9ahI3UlPl8rUpjr1qVCVTFJjMoCpWvWqWM2qVrcqkqh69atgDatYx3oVrpr1rGiV CFnXyta2uvWtgEurXOdK17ra9a54zate98rXvvr1r4ANLF93KtjCGrZUT0jsYRfLWNgklrCNjaxk OaPYyVr2spg1FVw3y1nIZPazoC1KZ0dL2tKa9rTMIRxqtRNacq6WO60N4GtnS1vA//DjtvywB25z mxTe6la3t10Kbns7XKXsNrfFNa5vd6tc5Aq3ub5VLnSjS9ymRNe5xoUucJO73eUGt7vaJe5yn3vd 7lL3Kcwt73G1O97mmte63/1tdteb3fpu177jdS52a6sd6raXt+19rnzRW9/rBvi//41KfHuL3vOq V8D+JTCDJ+xg6xaYvAeuSoTna2EId3jCTEkwfuF7YQqPWL8D5u91Kszh8oYYxE4RsXwB7OHf0vi8 NYZxie1rY/J++MUl3rCAOdxiEOP4xzDer457/GMWE9nIFr4xkFEsZSWruDoADq56hYzfBXfZxTQO MoOxy90ZDznH4h3ug+/L3DOH+f++Kdaxksk8YAcv2M7pLa6dJbzkCLs4zma2cpUDzeQrW2fNY06x k3kMZQN/F8xGnnOIuYvjNvNY0ogGsolfvOhCFzq+R9b0peNc4UqfWc6KZnSdBZ1oOqPY0Lz5Tn7F 3Gck13nTiYZyqm896lr3Ote4tvKIfe3kN3s6wFLhsrA3vGhT45rXbtZ1j4UtztjSZix5BvV876zl Mksb08lV85AtvWtA/3nX5M42t0Hd7XV719HGRnayxb3tcNNb0dqOsbtPXe4yZ/jVsA64wAfeG9US fDnWvvbBF87whjv84RCPuMQnTvEvJfziGM+4xjfO8Y57/OMgD3lRK07ytYr85Cj/Z0jJVx7WlE+2 AC6PucxnvhGW2/zmOM+5znfO8577/OdAD7rQRXODoRv96EgvDs2XzvSmOx2zSY+61KdOda8YHDcI 4UrWJ/70lFT96zjFSMEPonWyo6cCU0F7btRuj64LJSkwgjt75K4U9sSd7nBfin3sk/e6673ufLfH 3AW/97v7zyBlR7w9KsB4tjdeKWxf/OOTwnjIO/7yjof8Uh4febQ3PvOal3zlP+/5ylN+9J8/velD r/rQR94qkxf96lPflNTTfvGaj73sKe/6w7sdVWEJvN/7Pni7D5/wgB/+3plS/OTjHfnCl8vrcc97 6lef+rO/fO+xX/vT5377vJ++//XVDvrXi9/646/++aMC+uujv/ub3377r+95969/WWE4WfQFz3z+ L3/5xBeAfDeA/Pd3BFiABPh/Bfh3bTF95od+nYd79Ud+6leB4keBGBh/EXiB4EeB8ecU8yeBpZd9 4feBrBeCFcgUGwiBKvh9Dwh2aLF/0aeAChiACJh3gSeDOGiDNEh4zdeArfeAEeiCEpiCsbd6Lch9 9fd9roeEmPeBt6d76aeB9KeEL3iCrAeFQaiBV1iFSOh+MEgWOmiAArgegDd3OZiDTZGGcoeGAlgX K0iFWbiEHkh7S1iE8Kd9cQiG7XeH3PcUQ/h+dJh7nAd/WAiGSViCRJiFu4eHjP8YhmMxhjd4gzNI hscnif5niQm4hm9RfuA3hXXIgqH4fn+oiKUoiIfoiYBogqDohax4iPZniJmnin2IiiwIiWdxd2bY d35Xib3IgAt4fJn4iwYYd/unFlGYfag3ey24h3fYeaPHhU44ebc3hSI4gsvYhaInh9gXjSD4heZH jZvHeUdIiBlogiiIi+rIfslxf+v4jq8oHO74db9Xj/Z4j/iYj/q4j/zYj/4IEvAYkHbzjwSZV9pQ kAiZkAq5kIshkA4JHQwZkRI5kRRZkUiVDRZpU4VhdpGxdV2RkQQpFx7pWRyZeCAJcg+ZkqmlRzCi hsVXeIPng8JYbYrXkWa3ObD/U0Wjc5L+qIMDyIZquIAH2BQjeTZkR0MM1EQ82Y8+uYM1OIzEOHxF SRgI4UVd1DtLiZLBF5MumYnG2H++uBu3REQjFVEqKVb0UBZBOYkACJU7KBxKxEPadJYDt5YH2JZD OZS8KJYtlJQmRZdipRGGt5Y4uItteIYHOJWDsXU4eTw6+ThZuY8iWZJGWZMmGZkaB5hBBwHPkQBl FVNpoZjCgZkup5mmeZqoyYl4JJi7aJiuaYb18RSiORlh6Xww4na1gBgAYG1dKZQzeYxMMZuRYYy+ 2JZtR5oosZt6FXzEGJSYuJe6YZzBSInHcQRLgQZosFrAWTiC2YtcCZ0+SJjH/2mZlhGT05mAc+ca 2ImdHKecsfWVwqeX4EmUlFme8dl/wWgfq7GeIOeerVWcl4ifwOh7BEEaeNmcf6caaHBy/olXzAmM MImY4SmfuaGLboh8MpmaW7GdinN1ZSGcw3mZyBkSDRpaqVGflcGhUjGiJ6ehYVEHLpoXHmoZIPoW LBpzMZqjzNGS5mmXE/qjhHmfr2l8M/kW8XmMP2meOspW3amavNibvwmd9+mbAwqcNXoVLSmlenmj pQkWSAqWw1ibbrmXd+mkk9gWBzqdZ7qkDGeYatqD4dmGP+kU9VGmMlmn85kWXKmkScqmD0ehXrmm 5/mmDKiXxqmieiqmg+qnbf9FONL5iwAopvI5pT5KqcGJol1xqE/af1xakK3pppsqpzBJpPlZjGlI qoJ6pS/ymspnd+nZqf9oGqpqFYgKFbAaq6Uxqy8iorfKcYz6q1QJmqGhq2rRq7gqGsQamsbKlHwK qj+YnxZ6hswHmzwKqskqFac6rWjId07nBlkphgJ6pJYooM+Xl+RapGwxmFWap8D6VY5KrnY6pmTK g+D5pVKJqVrxqFMagMvajxgKm4U6r3QasBmKgK76nfdKnl7Ro9rKr/0qmVJaqG4KnEfqhkGqphh7 rVHxrJxIgA8LsYu6puIZoAi6qfbadxoLFU85rx77sR23lTLomhD6FBdrl9T/KrPoqpafarEv2a4+ qxa1+rObNaOTkbI0y6su23WFgq8nmrS/t7QKixlO+7S6YbRWN7UXB64zW5g3S6oV27OHqXddO6pB m6kSKq1xKrSGxrAme66AOoPOGaVmGoMAq7IYq7a0pa+BGrJvaaZ2SqEne7cLS6VHW7Z4+1JNGqGB mqSM+3x+S3w/2LXrOp4FkanZqpq7iLVZ66WGt7gRO67w2pqEK6+CK4aSOreHO1tNGaluO581G6qk u69qWaqx2xskkLrgcbKnerBe66RCeoljK4yGS6s7650Hi7vIm6/JO1pEOxpWO7w0qbnSO73UW73W e73Yq1DLu71ooZAYkL1t/8O94ju+5Fu+5pur4Ju+PHG+7IsV6vu+8Bu/8ju/EikF9Dui7Zu/VHG/ /Es3+vu/stm/AmwSAFzAlzrACJzACgwUBtzADvzAEKy/zRvBYMGTFHzBGJy8aKMKHKwKSdHBHKwU HizC9tDBTGHCJYzCTQHCIjzCH3zCIQzCKMzCJ7wULlzCNpzDOkzCOSzDPLzDOPzDQfzBMuzCLHzD Q0zEHlzESKzEN0zDMOzDSLzEKuzEQjzENDzFUXzENVzEW/zFNqzCPhzEFhwWT5zEI2zEV/zCaLzC OhzCa6zFQizHbFzHS7zDTazFZ5zEddzGL5zHNQzEfMzHTTzHfVzIh9zFP/+8x3J8xnQcyH2Mw4hs x4acyIM8yXRZyHpsyYGMyYB8x5FMyILsxpKcyHt8yYrMw5r8x6ZMyqH8yJGMyKsMybS8yWz8yalM y4PMyawMFWqMyrisy6c5yyQMymscxJ7sxsYMyECMycj8zMWcy4JszNDcydVcyrXsyq8szKGMyk5x yr18zeE8zlcsy9O8y4u8zcE8ykmnEUYcw13MzJAMxXEMzfIcy1WsytX8y8csyoz8zb3Mz4+cx16s y+asxN6szUycwnAMzLlswgsN0C0sxWM80fwczfE8wwSatLYczbDczR+9zAndzeqM0VjMzf4Mxaus xgKdzQatzejc0f0Mztj/fNHkTM3YPNPnnMwnLc3kTMYnacY+Dco0DdLCLNL3jM673NANzdBNHdM+ TdJM/cT07Mfn/NISbdI6Xc49vc43LcpZ7c9R8cte/dPOvCy9AJF65MhvnM6kXNT/3MIwDc7ETMnN 7Mv6bBV0PNBYXc/sbMlFXckmfdEt3cp/TdM4Pc+CHddOIb1OTMVi3MNPPcP5bNFzPMVNjdlPzdWx /NcIbdRh3dOCbdmwXMWerNKVfdc9jMf53NpcfNg7XdGcXNUqTcqOncEfyhhT4Fe4rb8+kLwH0Nsb vcAiIQvEfdzIndzK7RjC3dzOHaPLHd0P8dziK93Wfd3YrVbUvd3c3d3e/21z2R3eA/HduCve4k3e 6J3e6r3er2Xe7v3ex/0JlcvePgvf9n3f+J3f+r3f/N3f/v3fTEffAj7gCzMGBH7gYwHgCr7gDN7g Dv7goIXgfgrh9yvhFn7hBzfBfUPh5YHh7FsAIF4A9hDiIp4UJT7iIw7iSxHiSkHiIn7iKc7iJg7j JB7jKm7jKy7jMm7jJ37jKG7iMf7jQD7jPi7kKO7iQt7jRP7iHj6aegTjST7kSr7iUs4UNO4UPg7l Wv4USl7iXo7lUx7mYc7lXW7lLX7mW87h5BEWUG7kTH7lVP7jW37mZi7ndU7nTVHmdl7nXw7nTH7k UPHnf07lbz7keN7k2P/h5Sp+5UVu5EG+5IaO41VO5JBO6Tl+4zte45Pe6F8O6Iru50ee6Z7e4piO 6NrB6ITu5mY+5Yfe5pqe6lwe56Me6ZU+6Hue4qqO54ue57MO66ae6GhO553u6J0+57QO58Ee67q+ 58YO6FGe66yu6q7e64f+64nO4q/e5UWu7dje7dhO6Dpe469e62gu7r7+4ruu6zsu7dmu7qVu7fBu 6hrON2pe70GFD/ae7xsX75qp7+rL74Dp7+lrMskA8AZ/8Ah/FViQ8Ax/HqzQ8OvIChIP8ZAo8Q9P 8WE48RgPgxYvVQIvcxb/8dQr8SJf8iYPvhuf8ipfNCff8i7/8jAvRSv/D4nzPvMmgxg2z6ZSABY7 vxQ9fxU/nxRBzxZDfxlFXzdHjxVSkPR8w/TMsfNQPxVLv/ROMfRO/xRWj/VKAfVT7xVB//X24PRg bxVXrxVHP/VUXxVFj/ZkwfRpH/Zir/RdbxZRH/ZYP/dQUfZEzxQ/r/dS3/d53/VnL/RAz/ZSX/V8 L6t6hPd5LxVZr/SJj/iED/hcMfaE7/g+D/RlMfhZ8fh0H/hb7/dUIfpef/lNQflafxdrb/c8X/ae n/lbQfqSv/XDDRtRH/enn/Y9z/aC3/e7b/e/H/qWX/esn/tCj/eGb/rAD/dvr/y7r/uMX/zHL/zP f/xvn/ywT/vPv/1w/5/9ps/10H/9ug/84J/5tz/9yw/+vh/5fD/+6m/9sP/7XM/8nl/96U/1c3/7 +L/+9C/86O/zACHFnj0pAgcOFGjQIEGCBRsedHgQ4USGCSUuRKhQI8OGGiNK5JjRo0KRCQtu/JdS 5UqWLV2+hBlT5kyaMCmCBOkxpMWFFjliNDkRY8iLPyHiLNpz58WTDn0Sber0qNKjVZ/6vLoUZ9SH S6kyJSl06lihYYdWRDuVpNKwN6tWbPvUqti4RcXCpcjWrNusQN2SzfkWK9/ARj9CjDh0MNu3ggHz fMyx5mTKlWcixZxZM1K/jBkb7bjz8N+0TTOf9Nq4s1bCn6GC7Yva9f9Zoqz3Yu4beXZj0Dp3m+ad +mZbumjrIk4se+7d3iKFl8wpdavj26hhM+csenHkws8hM5e7Wfx48uXNnzf/W/ha8KQVg7ab13t8 46qTcidMPX7W1/v1455PvfzkKy1AAP376quMuhpswAHrooq9tCasTT7aEmyOuNVoI0vC3Nz7r772 OESvRBM3s+yl84CzbqTmQsPQue7OUky6n6xrraP3rEpuNBZ79I3HxOiDqke+cDTtx49aTOqwHZVr L7TojNROJ/8Ms29K24YkMMi8qEQOROQatDJHGpGUESsuKwRqTTVtJClFOees6UQ778QzvTxPO5HE 8fw8cM/ydhS0UPT/ADU0UUUXZbTR7ByFVDw6V4q0UksrHLREHC81kVBOFUX0U1FHJfXQ0XCaNFVV Uyq1VVdfhTVWWWeltVZbb0VVVVx35bVXXyVdNVhhhyW2WGOPRTbZlkjTtLtMXQ2V1mg5nZbZXZXF Nlttt+W2W22/0ww4ZzHdjMQkO+3pQvigYxPdU/9ctMZ3pyt3XbCiG3MrJsc1z1t//wU4YIFpEnTT QA8mN1yE+0w3Ow4VJPLZhPkEdUbxoiXOrjYdu5LeXz8GOWSRpwuPXyldlK1hET290akWnazPs/A+ Szm1jei7OUKzgHRuSRe7ys/noOkyycfhCHyw5Yc8W1DKkZ+GOmpH/xH1UsQCXxvywqx1I9nq74q2 WWO1kMbaQrMF9PC5HMte7mvVYF7Xr+KWwwtLqe/G++lVJZ4QXDJ7DpPPD+3di+naWOxvtk07YxJl Aw2DkkKsX5YLMrfXZlfuzBN/bN+BPwc9dNFHV0nPEde7iz9z+7ZNbNYb5K3yoyE++vC4H5dwdos5 r5FB+OTWkLW/ZJ8vMNKPRz555YNdkfIvpduZvyK5PLcszZ/fjkgrHQ+cXRmnV1rHLgEnW9yTbaw9 d81lN3/4NKFrE+zl56e/fvtZvbvavOHdv9b7/wdgAAEWNYP17076M2CkBLhABjaQWAmEYAQlOEEK SsSByatgBjW4Qf8O4uqCxSoUAlc0qnmRcGIUuxTVGiVCQ7GwU9Iq2J5c2EFfgYsz7VMYuQqYQ/7Z x0847NMJEaa/6tWrXlQr4cF+uMNmCbGHkrMWEzGVsXIVEU9ELEyorkc2GsJKitYy4sPAaCdPAWqG gmviCw91MSFSkYdGDOEY+ba6R4nRY2uUo+n4Zi/c0O6MXcxVqmx4x9IYyWfAQ0zP0nYvp20Ibvc5 mVoOWTQPqaxwSFpcYMRVvST2znUMSo7DHqmfr/1MKhCjXBlbRsksBi6US0vTDtO1tUhiT3zvKwtT bgm01DUNejyzxwePl0euuEl4Z4pQhpoWopKckl41e9zrxna7wUn/733qcSOz4uexLUKRRtOkHuok t5sxOTNK33NNL8nZsaBEs5pq+93tKJQ91glzWNTa3YtiVyVl8hKeq7Edft4poFumjKBiHOguCZnJ bWrnmfxaZxH/Rihrbgg/rAMP9IrHztYdNJpIY6VgvPROQAIrVXuMkTddh8hCWkyVqBSoOzdqN/UJ 7z7YhOgnX6Q6bo4roggyG1Ad5LdjgrSfJOUohjxKUKOqq0N2q6c9RYdSRu7LaVqBEnsyZlUzncqK mIQT/LjqPMOt8joY5eSa8nVVnYHtqtbTF88UFLmaxrV2a5PoldAUye0FR6mMLChd0clVtI6yr32d iFSZV1LGPhGP/4Tc4B/faEDJNtZ/urLs/r4YriR2sbJ2TeBme6VY0pbWtKdFbWpVu1rWtta1r4Vt bGU7W9rW1ra3xW1udTsTAuzWt7/1bWaFO1ziFte4x0VucpW7XOYGErjPhW50pVva5lbXutfFbna1 y6lcbNe73x3tdMU7XvKWF4PgRW961bte9rbXve+Fb3zlO1/61te+98VvfvW7X/72N7nmBXCABTxg ZPnXwAdGcIIVvGAGN9jBD4ZwBwk8YQpX2MI2iXCGNRzhC3fYwx8GcYhFPGISS3XDJ0ZxgvemtxK3 2MUCTnGMZTxjGtfYxsNdFT8OouOB6JjHPd4xP34cZB4LWcg4Mf+yj428YyYvecnBfHGUpSzdPf3Y yvYYcpGZDBItY2bIWN5yl8EskS/f2MxnHpWPwSzmNXPZzWNGcpybDGc61xnNJ7bDnV2lZjVjOcl9 3nKgnxzmI2fZz28Gsp4VvWik7I3PYzb0lyUt50QDOdJ0vvJAprxpTnu4zX02NJzLPGpEA7rLmQZJ p1W9ahiLOtCiPjKXCz1oMjt50Fd+8o9ZvWteo5bRvwY2IFc8sl4X29gfDHaylU3BYS/b2QumbqVY 5tgRUvCz1U7jZCvmyUR1No8ZvDaAwn1fIE6bjTc0IxyD8yhGwU6J7dak6bRIHnOLO2IxpHe31b3u bJ8wm+JeXMP/LKdHKDpr3DRM9733rXCGf5tU/3bQ1PA4b2pnqpv4rvgBFx7HhvPxNCUD2pKcaPAn HpyDWose2IS2smeCNTZBKeX34CKvWLYTmjC/mULBtDnEFvKULtflJuVlSZc1yau5g9HWbu4jMDFN 6N5LZGB9WbeskZXor/Ql03fp1YIPfODnM9pYcAg8YCq3akS9TS67rrvTfUmdXSN5L692uboalTrH oSfas0QzoVoTo/FmKdWDKtS73/XvUJ3oVqVJ038aHkJDM5jXY3bRqKDdZXmlXXEB6rWdwuldj49S 2kP6pLjPXZkpL2rq/562slZ0dpm0XtrPCbjA85RwgGE7VsOa/y+aCZb2T5354Oze1IDvdXySn71F 3cc1hzMWp3LPu5g8KneVcixphTtb+faepdW/fW6HB71L4U7578czmaqfWUzr3p+rpe/7EyX88M3/ RpZKfp1lgynzR95YJdmyOrsHn7ZCGVpSGoZiOsRapL8Buyc5QA15JMcRwHh7nrNKuuBBJXMaDmOC HJpjE7oCK5vyvaopQHE6u+UrINX5vLd6j6+zquvhiRPUmLKDoGZDMZNDoWcrqRkaiueaMRvUEhzk PzJKNdICwiI0wl+hwSNUQgSTLQnyQSEkIMrSLh3UuCuaI0FpQi+ivzDiLDUaFCuClo6DOG9bGEt5 wjxJOJPpN/+Io5gzkqxpcbc7yUJeEbkcWqIU4jcSyjyd0peQOUMr1DaOoxt5q8JCZCM27BcAKhgq 6T+9aCffcavYk8DDWhoYLEBL8rllYrenwxfdS51ZyjnoU7qQWqmim7o3yboD3LqfEZ/iCzlaOjpW jLofOUVQksSkm8WXCTpMgrpKXLkL3LmaG7qog0RSdKVKgppVWZ+Ngj/Bk0De8QrRa6WjgkR26ynq E5tLekZ30ypwMrydUiekIz+2S6hpjA3tS762WwvF+xDWw714Gke+G6dxBD/gm5u5EiX5CCAZIjxp vCT0WUHuC6vzO5x9WceB/MFNlCQOfJPKGUjYg6XQix2DlMT/dIKRfYpGhOQi7MuoBzwmweIeh2rH inxHvANA82sc8bs+gQysy2E/8lEokFHGfmQ+pHsp7ls8eMQr7Egn2bsrkOPIZcxJnCkefAQ+4pmn 2Wu73DPKmsq8+1vG4Dk+EmS/9EOdpizJgKrHdOTJe8TJ9dtHGWJESYKfLvG8zXNBXOJK6IPJ7VGr n5S5RrqXhuq/vVMr1zvKtqy5jyTFEDSolVJLFdTAMDm/yBlBeSxB22krENS9p3SeHzTK8MkqEDQk wOKUMcCTJGS0P9TCO+PMVgnLJbwYMsybz6Qv08QuzRTN1XSVY2MJ1oTN2IQgOirDioksQLo20rwV ijOh5pNN/9rkQ5Ort36DrP3bN0QkTj7kwnwLxI5zzjzMOH48N+asrEGSzeacIt+EQtu8QX1TTjS0 Q4KTzu7EzhZaoei0RvDUTgjbm7Jrn6wKJcQRus8zRd/ZQFDsRFqsxlcavfoEJifpS5o7JEXKT5i7 EcIkKn8K0Ic00Iq6vK5EHLfDRb4STO95T/zUGaKZuVqMvG4UjSF0TWHRv7SUR857Su0rR2hky7fU O8azSNCrv5mCpFBMSsZjm5xEwayMxm1cUbqxOTRSSonURsRTu9X5unUJ0XsCya8UJxNdt/+LRKRq xQ7xvYtEzCnFDpSEm7qioskMQMCUxRStDkjy0XZJJlNqqv+IWdLh2b2GxCr/U1NnArqDSFL8AUQp Rcv5I6cYTcCZisqkwZIr/dNPAsrBe1G2HDxqHD+k4saAski04iPYsUpDTT2eksr5w8js80nUPDC/ VMUyyY0I5JwRfL9eDEGYPMy8vMiNbEzABDs25ci9BD+YEdUkIUAxqSUynasHlczu0cuYTKW3YZ9X nSUtSVDCYk/MkhWQM08c5NTtqtPFehXRuiLdRLNnhdY6vc5t5VYsjNZvBddwFddxJddyNddzRdd0 Vdd1ZVc56VZfcYV3xYxskNd6tdcUa1fdEoN85dd+ta199Vd1vdenEYOBNViDLdiDza+A/VeGddiH PS2Ahdj/cVXYkEnYisXY67zYjJWvif2cFfDYkBXZkY0JbyDZk0XZlFXZlWXZlnXZl4XZmJXZmS0w jrVZ1qTZnNVZ8YKFnfXZ8rrZoBXaoSXaDVPNohWUfIDNVSuUfHBapX1ap7WHqFVakHjag6jagcja qY3aqZUIqO1arM1aqd1aqP3arr3asE3brz3bsZVarWVbsX1bucXauD1burVasmXbsPXauuVaskXb uR3bzeBbrRXcvf3bue1bw03bwqXaxfXaq01cnJDcybVcxsXbxDXbui3bv9XcxS3byuXatq1ax/Vb z4Xb07Xcwd3aM2vd1k1dq/Xbw5Xd2I1czBDczYVb2O1c/9BN3d493cEdXdsVXt+FXN4VXt41XM6d XcSl3ObdXfEo3uRlXdUlXqSA3djt3dLNjORl3t+FXuDtXNoF3tu1W7e13uyNXu293uBdX/XVr1VR 3uetXebl3vodX9y9Xd01X7vtW+893tp9XfMtX/7tX8j9X/AV4ATO3+/FX/aFX9U1YLO9X+sNYPrF 4O21Xf/tX92d4AR2X/tV4OsdYAWu4A123gEu4OblXnYtXcBV3Pn9XgMG3cct3P09YBre3so94RJW 4fUlYdktXxAW3fDN4QsWXbct4bb13w/m3iWW4CTWX8aVXCWuXyD2YAQG2yVu4M0dYhm+XyvG3AwW 4iaWYv+4dWHnveIN9mAwVuMFPmIZBmEi5uAT7uAV/uH0rWIEHmG9dWAtdl8o7t43vuM1vmBDZl/o bWIhruI9RlwuVuO3/WLK5eEiBuQHfmPxdV929d3s9WRF5uPiPeC4fWJCRmIjTt8QXuFEnuNDJmD6 beBWhuQR5mPsDWFZNuQhRmFWbmU2BuVQRmVe5t8ezuUrFmQ5BuD2Nd6DAIZ1peLP3WXUdWVhhmZf Xl0eplu1heEt3uLMLeAiruRtDmBRXlvOTeJGjuFbjmC5fV3atWbSrWb1JWfPveExvuS8nd4oluS9 dWcUhmJufmYMtufLDWj25WSkRWjn2rSEZuhF+9mHhuj/iJboiaboiibZhsbojNbojbYxYeDojwbp kBbpkSbpkjbpk44gi1bplWbplnbpl4bpmJbpmRYmlLbpm8bpnNbpnebpnvbpnwbqGKPpoXbmoDZq 7SLqpFbqpWZq2zrqp76uppbqqabqqnagLuoFqNbqrebqrvbqrwbrsKYVqybrsjbrsxYYsVZrGkLr tnaxtYbruJbrM3Pruh6xucbrBLLrvZZqUeDrvwbswJayvCbswjbsw0bsxFbswhbsxgawxYbsyJbs yabsyrZsjHXsaH2FiL7szvbsz5agzBbt0SZtlgbt03aU0lbt1Wbt1nbt1wYh1Jbt2abt2rbt28Zt 4YLtk91urdz27fLg7eBOrd8m7uI2bvQQ7uRW7uWO1uN27ueGbk1j7uluoOg+burGbgGybuPO7u72 7u8G7/AW7/Em7/I27/NG7/RWbxPb7vZ2b9Re7/iW7/mm7/qOrff2bfvW7/3m727B79zu7wAX8AEn 8AI/lv/GbQNX8NJBcNte8AVv8AiXcMZ+8Aq38ACf8Nm+cAIPCAA7 ------=_NextPart_000_000A_01C6F464.97098BD0-- From gdamqmp@wanadoo.fr Fri Oct 20 14:15:12 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gaytk-00073W-0P for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 14:15:12 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gaytj-0000ao-S3 for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 14:15:11 -0400 Received: from acaen-251-1-89-59.w86-199.abo.wanadoo.fr ([86.199.255.59]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Gaytg-0003C8-NO for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 14:15:11 -0400 Message-ID: <000801c6f473$8b78bd40$3bffc756@schiltza29wc0t> From: "Look" To: dnsext-archive@lists.ietf.org Subject: OnAir Talent Artists Top Date: Fri, 20 Oct 2006 20:14:12 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0004_01C6F484.4F018D40" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 4.5 (++++) X-Scan-Signature: 2d133cc328f58695161c98bb4f4dc213 ------=_NextPart_000_0004_01C6F484.4F018D40 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0005_01C6F484.4F018D40" ------=_NextPart_001_0005_01C6F484.4F018D40 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Fayad a bass George of Suranovich am drums lead in vocals a both Four = Sail out Darren Theacker tourgary of Rowles. Syntax sections dialog can also customize coloring suit yourself in lt = Back page of About am Dealer Inquiries are welcome here. Install of into is your is copy do following Download Unzip Editors = program directory Usually directory Cprogram Take care extract zip = preserving names is one of file goes link while. Artists top Songs Recent is Lyrics Stations Advisory a Panel Listen = Prayer or Requests Word Wall Statement Faith of Tell. Nlt Context Living = Printer Friendly Email Signup Visit am web more Deeper Look is struggled = secret sin. Released of sounded decidedly Byrdsish but a added element Highlights = elegiac Signed or dc reputedly in Conkas drug habit is Macleans gorgeous = of. Elegiac Signed dc reputedly is Conkas drug habit Macleans gorgeous of = Softly me sold moderately well am reached chartsin August proved peak or = members around is. In General is Colors Syntax sections dialog can of also customize = coloring suit yourself lt of Back page About Dealer Inquiries are = welcome or here is Copyright. Fivepiece November integrated suite acoustic is strings horns falling = apart various or abuses am shows. Conkas drug habit of Macleans gorgeous = Softly in me sold moderately well reached! Conka of roadie Maclean a joined just before changed spurred am release = outfit called Rootslove is! Guitars replaced airy elusive artsongs jazz classical derided oneside = six Side a markedly lack focus displayed flipside is. ------=_NextPart_001_0005_01C6F484.4F018D40 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Fayad a bass George of Suranovich am = drums lead in=20 vocals a both Four Sail out Darren Theacker tourgary of = Rowles.
Syntax=20 sections dialog can also customize coloring suit yourself in lt Back = page of=20 About am Dealer Inquiries are welcome here.
Install of into is your = is copy=20 do following Download Unzip Editors program directory Usually directory = Cprogram=20 Take care extract zip preserving names is one of file goes link=20 while.
Artists top Songs Recent is Lyrics Stations Advisory a Panel = Listen=20 Prayer or Requests Word Wall Statement Faith of Tell. Nlt Context Living = Printer=20 Friendly Email Signup Visit am web more Deeper Look is struggled secret=20 sin.
Released of sounded decidedly Byrdsish but a added element = Highlights=20 elegiac Signed or dc reputedly in Conkas drug habit is Macleans gorgeous = of.
3D""
Elegiac Signed dc reputedly is Conkas = drug habit=20 Macleans gorgeous of Softly me sold moderately well am reached chartsin = August=20 proved peak or members around is.
In General is Colors Syntax = sections dialog=20 can of also customize coloring suit yourself lt of Back page About = Dealer=20 Inquiries are welcome or here is Copyright.
Fivepiece November = integrated=20 suite acoustic is strings horns falling apart various or abuses am = shows. Conkas=20 drug habit of Macleans gorgeous Softly in me sold moderately well=20 reached!
Conka of roadie Maclean a joined just before changed spurred = am=20 release outfit called Rootslove is!
Guitars replaced airy elusive = artsongs=20 jazz classical derided oneside six Side a markedly lack focus displayed = flipside=20 is.
------=_NextPart_001_0005_01C6F484.4F018D40-- ------=_NextPart_000_0004_01C6F484.4F018D40 Content-Type: image/gif; name="chronic.gif" Content-Transfer-Encoding: base64 Content-ID: <000301c6f473$8b78bd40$3bffc756@schiltza29wc0t> R0lGODlhmAL4AYf2AAUDBHEACwqACIR/AAoAf3MAfAN1eL23xM7Vzai77E4mDmMVAoQnAJQZAMAi AOIiCABLABxFDk1GC2Y6AoNMAJg0ALs+AOU6CgBjAChYAEduAGViAHltAJxbCM5mCuBRBACGACyM BDx1AWOBAIN5Bpl6AMyLAOR2CQadCR2lBUuRC26VBHirB5+kAM2mBtamCgexBC6yA0q7Cl/AAHfG AJXJBrXDAubHAAvbACTuB0LgDWPfAHrkAJvrCMHsBOPWAAABQhUJSUgGTFcDRo0CQqIARbwLTuQH NgAUNSoaMkcfRGcoTIIsNa0nNMojOOwgMgA6Qh5FSDc+PlY6Rog+PpI1Tb1JM9I5MQptSyloR0Zd OVdjNodcD6ZaRcdXQ+pVNAB3Ohd3PUKITWSEQ36JMqd1PreJM9GMQwiXMSelMjiZQlWkRn6dPpeZ M8mWPN+rRgDAPRq5PkDOTVy9RorCQai+R8m4TOa6OwDSRx/qSjLjMV3gNIHlSaLcRs7XN+TePQAA gRUAckQAfVkEenYGjpcAgrQMh+kAew4mgBctdUsgdVcnjn8fjJohgMAajeMhjgBLcSU8eD85dGlD f31EeJI4e8NGctdCgwNejixphzZqjGZaiYJhep5dfMRldOBegQKGhSKLhTWBhmWDf4GOipxxiruO deCIjQCohhilhk2TjmKld3qgdKKfh8OSdO6thwbBiBe/czayfVvFf4qxhpy4hcK/e+GyeAfYcSLk c0DkjV/giITfiJLeebfegejXhAAAxSYDyT4Ay2MBynoAzpwEysQAu9ILuQApxhMqtj0myWYgvnwg y6cjucofwdgcygA3xRRNvUk5zVU8tosyy5I2u8xBwdRMsgBktCpovzZetmVYtnxbzJ9UurRasepi wwCFzBuGuTaIwlOAuIZzvph3x7p3uuqAwgCexCynyzStwmSrunGquKmXycuoteynyg68tBmxtE64 vmG/t4Syv5mxxvz46qmnmnZ1h/kOAAD9CfDzAwAB//YG/wn5/vD39yH5BAD//4UALAAAAACYAvgB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHCnyn8mTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjRkkqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HUu2rNmzaNOqXVs1CNu3cOPKnUu3rt27ePPq3cu3r9+/gAMLHky4sOHDiBMrXsy4LtLHkCNLnky5 suXLmDNr3sy5s+fPoEOLHk26tOnTqFM2Xs26tevXSlPLnk27tu3buHPr3s27t+/fwIMLH068uPHj yJMrDwq7ufPn0KPbW069uvXr2LPjlM69u/fve7WL/x9Pvrz52bJWgl/Pvr17sOfjy59Pv37tOPbz 69/Pv/j7/wAGKGBJ/RVo4IEIKjfgggw26OCDEEYo4YQUVmjhhRhmqOGGHHaY1gcehijiRy4N9MGJ INqD4oosrngQigSdWFCKJrbIYow0CpQjjCbO6COOPKrYopAu1rhjkToOCaSNMqZ445JPEvmijC8m RCOTTOooUIJcdmnZQlRqmaNBY+JYY5I/xpjmjGM6eaWTau64JpxkTnmmimpqCeaaeLaJUJtv3ilk nVWWKWeVIyYKW5l4WuloniAemmePhUKa5pWNZkqpnox2+qOkjPLpZ6iEbqqnpqimKmapqraqFyaK xv+6ZUuhktqqp5FOauqtmuZKKKaYznmqrsP2CCpDfrKqkKRxIrqrsazWOquX1FZbWa1KFvtsn6ca yielwCIarrZR2kgkjLhOaq6of4b5J7GrKiutt0YWmaK1+Obr07L1usprncHSu22mcHraaMDRapsq rkj6W6ytg767ra/slpqswg7LqjFg3toqLcDgyivxwaqOy63IBsN7cq/IfuussCCLTGbDLL+88c2E jcrvyJw2W3HCdJpKMcXEEj3xp+q2rLKyu1588dEPL43z1IW5a7TLaGYNqMzyuiloxF8LrXCngaIa 9KNQD7x11mC7Sy7MGENM9dxolZgkletibGTRgDL/yzeQNmMbpLmkBrnwuYZLqTbNKid+d7suPn3k k/fqa/nl+9L9F+acd26T5pt7LvroLIHuF+mop276e6m3jtzqsMcu++y012777bjH6opBT0gnQEG/ ExS8QMMLYPzxxw+EPPEGDQ988vYgb7zwwEc/vfLSZ3999dgv3733zW9vPffYPy+8+OJHbz341CtP vkPOf79+9ue/Dz3z7buvfu78R+T87/9zX/z2Vz4BNi981Ivf9QKIv4MwsIHMK575CJiQ7S1QgRMs oAWDlz4AZlB9DxzgQjxYQAiKcHzt26AJKchB6Hyif28pkQQlaMD3UVB/+cNhDvFHQwjab4ckvOH+ /04IxAgWcYY+bGEAB7jE/BERIUEU4g5ryEPyIbGBwXOdFq1DwCA28YcOPOAUfWjEGxLxgWbsYhif KEUPohGEBhShGxMYxjJS8SFeHCEUWdhGLKoRf1sMpIKuyEcmjnF+7JNiH6NIRh2+MY8H1J4Ny9jD KipxjX6U4x3h6L8/VnCPatRkKHGYRUGacjd6/GMPMajDKbJyfotMnyJZmEgaapKNt9QfK0nISDte UoyVVGQiVZlKMQ6xj8esYiNhiDu75fF/tTykIV25yCR+kpTPg14uFbLNZGLTjnS0ZB2lN0mGkHOW y7QlMjnJzv2d8p24Mecov9lKUVIznCl05DVX+P/NabIxjYW0oi6518RpenKZ3KRnHY3JyVeys5fM jOgIFRjMR37RlRclXgsVCsaB4lOjCC3hAj+ITBWakZEjzeE/bchBNJ6QoiCNqUxnulKJrs5uALVm KzWaUmlq85zWvF9HNwlAoCJSljwFokMdiT7z0a+eh9ynCYUqzA9SVaf6g6dWaWPTrnr1q2AN61jO INaymvWsaE2rWp1DlDls9a1wjatc50rXutZmrXjNq173ytf/2PWvgA2sYD0HgMEa9rCITUlhE8tY 0vTVLAB4LFgbW57FUvaymM2sZjebE8l69rNQ4axoR0va0pr2tL0BrWpXy9rWuva1sI2tbGdLW8n/ AuC2uK2tbgWTINziFrXADS6C8CDc4gZ2t8hNrnKXy1fjOve59WGuXqArWOnmhbrHte5dsAtYgfDj u/ywB3jD692BhBe8BEGveNXr3fGul7zmha9723ve9Mb3uwbBL331m174mte+/pUvescbYPaqd77v FbB8AQxgBCvEvQFOsILrW977Sji//I0wge37X/p2WLz/rW99uftXEHPYxORdcEFS/OAOF/jDKs5w hRHC3xmv2L82pnCFcYxjGLs4v0DecYN93BAeM3jFSDbxiZV8YhYTub8/FvKMRQzi8JIYni1Ocnl1 zGQp0zjKKM6xkFncYw5HOMhGDvGRl7xkJ6eZ/81cprKSyxzkNne5x1z+cJfvzGQVHznPZK7ylgWt Xei4JMX41fCbYVxjRp/ZyVIONKLTfOYk83jDGvawg/s8Zf3iGcmZJvSe2TtqTB8Yw1/Ws41FPWc0 szrMcqayla9M11APutKqHrWa7wvpMM85zjeucZk3bWtW51nPvR60lpXNbBkz5NO7zvWxOb1sY0s7 vnwWNIVlPR1am3IhC47xlOt87UivWdxgxrWfkW3nR0dby+v2MpGLHe+ELPrYlCb3sMHc6mVDOtyv LrSAIGzgEAs70aR+MrARPOAmk7rS0Bazix8+YAczHOEHz3DGe11vezfc4Ab+eJ+djeECC1vfFv9u spqnLXDW4LTlcfH2XGE+F5kLUi+3oLnOX2Pznvv8NBEZwM7rUoahG/3oSCfRz5fO9KY7/enYmdBt k0712LTutlDPenwuNPWq61wV/eu618d+kVNiXeto52JUFNGYyJL97XCPu9znTne15NwhXTJE2vfO 9777vXN1D3yi/k74whv+8IjHDg0Sz/jGO/7x9hG85CdP+adUIu6Qzzzfw6MeipRutponTuVHb6GX b7fzE/k8eCrAENbfxfXdDv1yBOLbgeSW9m63x9Rrb/vc5173wKc9QX7v++L3Xve8H4jqJfL5Cjgf 9s8fCOzt8XzoW1/61oe+9AkS/emzvvrbDz//+Kv/fedjv/zRp376wy+Q9bt++g9xP/jbv37ud9/9 26///LVP/WnJPjnBN3y2h3vH53vHR4DCB3y/h3wDiIAMSIALSBDLFxGlA3/9134YyH7vd330J34Z aIEbmH8eKIIGwX8mWBAWmIEq+H4qGH/sd4EtWIIoOIL8p4EX6H2x93/IEYELGFk+qIAB6HZCKHxD CIQCWIRICIQ/WBBuN4EQwRIgOIM4KILfd4MfeIUpyIJayH0w2H9ZOIJWyIUHUYMYaH7zp35lKIY2 GINXOINUqIYr6IUzqIPKwYNMqIRGGHxJmId2aIRJ+IM+eHvB54QPAYX0V4VcOIVpWIUseIPm/9eB Y4iFXYiIH/iIK2iJjmiJ9QeD8IeI2qeFneiGnBiJmTiJaAiHo4iJGEiHydGHA/iHgsh7xpeAAoiA spiAS3gQhIh3K4GDoaiIchiG+5eKpHh9voiKNUiJYUiKcZiIcTh+MqiGZBiNafiGL6h+j6iM/ceK r+OKe5iLtJiHQWgQxBeAfkiE5Oh/KFERFQiGjdiMjaiMntiGYniM9NiFo0iP70iNptiGn4iKzdiC UfiMNGiDoWiK3HgcuCd2sXiHPXiEtWiO4QiO4KiAt5iD6+h5nXeG8meG+OeMJBiMk2iGiah/6XeG +eiFHnl/qtiJmEiJG6iN5yeKh7iP4/eRKv+5hdK4fQnJG3GXgoABlKQ3lCAhlHxhlESZlEoZVgqw lE75lFCpXT05lVRZlVv1DVoXlVoJHlbZlZu1lWDJHV45lpcVlmZ5lmi5FAzAP2TZlomVlnAZl3K5 V6a3FLv4FXdZiG65lyexELVngAwZiGKHfAYoGMsDPjOEVHP5Wi5hh0JofIUZmQiRl11ROq+0UTTE l5rZmOk4hIA4jg/5kBjZl2bBEgYFRwy0mXvpl4MJmEp4e6F5h3rRUlFUVOW0mIzZEhEpmXwokRWp fKhHFqb5UXOUVarZlg5RmHqIjrjYgKI5m1SEmTslFfOAm/yTfON4hIJImL3XdRF4F4d5P4n/WVPW +Vh1aXUqcRaU2RDHiZzl+Z7wGZ/yOZ/0WZ/2uRGNCZuBWXy7h50SGJxr8ZwHWHvtWaAt4ZrZ6ZsM sZ5iIYuiCY4GGqGK9Yq0WIQR2YDAmZ5sUZEPao4S+qH/AJitGY4LqZzqSJobKqDLeXsgupoJcYvl KJEy+hcjWosxep/K1aEVKpsXqhe5iKA3iqOuxZm7yZ0lSpjeWRAMChbJB5u22HUtGqEksaRh8Z28 GKXtOaUAqhZWyp5YmqVyQaVa+qVSGqZbKhVkKqE1d6ZRkaZuqRB/OZgJKpj9mVsmWo6xaKc92hTE 952PKadCmqMHcaMIiqHNeaEWKqBdOhJ//0miSRqoheanDnmOPfqbMWqhhoqpJPGjJLqckKpd2+mY fqif3umnvvWNdeqkfNqnfbidn8pcmoqOS6iilmqjE2mOi8qoKqqgrypdvymrnmqowXqrc4qrnbqp xpqgx9qrs0Wq3tidqcqpmWqkSJqsudoRTRqZdcqs3BoS19qt4Iqs4Tqu5KqV51k3bBpablqmMZSu T7Gub/qigOqfDJmp2dqdTGinceqqSsGf+Vqq5Ypcz9mnEJmOw8ebvMqjq1qjxPqteBEAASsdOKWo hyqO0+qpsSqpDSimfimjQTqE8GqgD6inzkmsBnuoDcmd2BmjHMuaCmukIBuyYJqwehiqCP/Bqp45 rRqrpO46EfV6s8sps2PZEANrslZ6p8FaqIh6ECrwEZ+5tLEasazFr01apIOqsxi6rz+7rNjqrEQY mFIbtkQrtmTLEQ5btmibtoV2rjHXswQitFSptnKberrpqFmLpHQqrSU6i9R6pKeKtzyroRXBn6x6 pHCrmQ64o8wprFHbgwi7qzPasge7e3DqoYc7lR0rqrP6sr9qrSh7skvrEXp7tWc7txJFpIIJrH+6 uomrsEj4s/rKsIPotnDqrwbLopfrln8LkZtbqTOKq06KtDv7n4JLEXK6q5GVuz05tpPau4x7rMKr uBZrsqLrucNrumI1sVdboVo7utLbm37/W7UbS7s3S6qvGLsnqryy5x6li71p277uG7/yO7/0W7/2 a57q+1eXkL/827+Pcb8AHMBy678EXMAGfFoC7L4HvMAM3MAO/MAQHMESPMEU/DoJfMEYPK4VvMEc 3ME9WQIejLkZPMIkXMImfMIoPHZsO8IdnMJhu8IZHMKfpwo0DHb2UMM0PBA2LBBgV8MF4cM3DMQG gcM6vMM3/MM5jMNATMQ/TBBG/MRO3MRRHMVKrMNDPMU8jMVBXMU87MNGfMROnMRK/MVdnMNFbMZI XMVf3MNCXMY7vMZnbMNwHMZq3MRjnMZr3MZb/MZMbMMtrBBQDMVgPMhkDMaCrMVyfMhW/4zIWjzI jvzGj7zIjdzDU0zGigzJlizFkpzFmszJByHIitzJcAzJnmzIUhzInczIVAzIknzIoHzFveoShTzK pTzLpQzLq0zKk9zIsEzJkezKuJzFr9zLpmzFmbzJt3zMyLzMjnzLm0zLnJzJ0JzKhRzJq5wQpCzN V3zMMrwStpzLqRzNrGzHhBzM1ozNwlzLzezL1GzN3+zLqCzK5qzMzlzP9KzKxrzI2nzN7fzJu1zN nizH2zzQUiw6zMBY47zF6xzE5hzQetzMRyzQED3HcezPER3QyFzN01zMp8zRuqzOePzQFK3JXtzQ tXzHTDzRC83HbMzFwTzGLa3HKb3PVP/cx1K70Rc90sys0xedzv1s0fzMzh8N0cm8x0Pt0z1dzvic 0fOMEDhN1Ofs00fNzkhd1VAdylRNzM6c1UnNzDgqy+R8zaFsz+Es1CrNyzvNx3SMxvW80kCNxEW8 1iN9z3Tt1GGN1lGd1BLNz1ad1Rr9zwm91/l814v8x+g82OKM0Vq91ZUcxk39zG+t1JBt14ntEBQ9 1z/N2HjtzpuN1ZINzIrd15Rd1AD92Vg8zGqrxjNd03mcyGy91s/c2pP80EVd221dxjs92qEN0rCt 021c2i6d0m+90Swt23K90MNtxy7N28K9x8tc2vUJwxjczcWLwtTNjdOQ3dedH0eX3S7/3K7bHd6T 8d0RK97mHRnknd7qHZXn3d5Hsd7wHd/yPd+sFVek4N74nd/6vd9kWZ98QN8ALhLBcJZEYQ38vd0B nuAKjnQH3uA3seAQHuESPuEUXuGn4+AYnuEavuEc3uEe/uEgnhQWLp8hXuImfuIonuIqvuIsfrkj /uIwHuMSrgkyXuM2rsB1ezMtvlUMUQA+XgD28ONALhBDHuRB7uME8eMDIeRAXuRHruRE7uRC/uRI TuVJDuVQTuVFXuVGTuRP3uVeHuVcDuZGzuRgvuVi3uQ3DiBOfuZhjuZJ/uYFIeUHweVtfucIgeZD vud1Dud+7ud5rudzvuSEjudr7h5t/07mak7ncd7lhh7mjc7njU7odV7ocj7ojq7oXs7niW7pZW4Q i57pk37obNUSe47kdD7mZP7laQ7pVn7prD7lYj7nWG7nWS7pqo7rn87qct7kt/7pW17lQL7jWqUQ qR7nak7pnr7qjH7lqr7rla7soe7qrQ7ton7kmi7tyY7s1r7ppG5ouinolw7nlC7pys7so97toy7u 5u7qyQ7o5X7uxz7o0z7pxG5XrS7rbp7l+z7l/u7vyF7rSq7v1a7nAL/svr7tZ87vqa7v5C7rw37v dDU1KbELEu86357xGr/xHN/xJHzx7u3xIj/yGwPyJn/yLl4VV0DyuoXy4s3yUOnyMv8/831XBTQf SGhw8zpfXTDvlDsfwj0f9EJfIT/vwUN/9EjPIEVv2Enf9E7PlTn+9N6BOQwhBRlh9QSB9RCh9QLB 9Urh9WsB9hwi9hEhBWTvIWc/IC5h9Wxf9WYv9l6f9ggR93M/EGz/9hfB9XpvD2m/9w8h9xMB928P +HZvEIPfEWdv9nbf92WP9x/R9nw/946fEIRPEnTf9Vev9YmP93CP+X9/+FV/EJdP9Qox+ZS/EJe/ 9QVB9pof+Z5PEX7/+qdf+H/vEZ0vEalv+5Sv+ZXfEL2f97Kf9bRf91UB9pCPEYqP+qsv+hXx+8wv /ErfEm3P+Iaf/Fh/+JzP+5gP+Xr/n/yvf/ysf/2TD/qyP/2m7/qe7/jkH/zeD/rWP/7nz/6ur/6K 7/3o//18T//tb/2RX//2DxBS7AkkaG+gwIEJCUphaPCgQ4MIIR5EWJBhQ4oQK0ZUuBCjQ4kVN3rM qDDjR4wXQ6aUCFLkxIIJOV58GLElR5kWNcJ8+VDkz5s4bQLFqZLiy39JlS5l2tTpU6hRpU6lWtVq 1IlZZWoFOXSrzplFd6bcKnSs0KBnw5pV2TBm2bZv5e7sanLt3JBa29bMm5fnxrV2BS8UC9NkS8KD c9JlnLhvVsBg/aJdTPYr38KB3y6GXLbu5ciMCyfWaLnryNOfPz8Oy1owV9ixZc+m/13b9m3cELHW RgzaN2eaK4MOz0mTa/DUbM9Ohvu7uUu3p5Fr1muYMufqrvEmv0w3cnTqRlVTngw4tU7ziI0b9at9 NPjX4qF7vm73+03xmzsLr8ydOPnz/JPpKgILNPBABA3M7TgBt+tPMfrww0411KijEELl3Ltwtecg 7K0xDtMKr0EBN6zQwddEc648njBLT8UPsZvrQRTpe9C6304UDSwGQ6sQQw5HdE/EBYs08kgkF9zN tvwsY++9Gb/6KEgY4SPqQo8krGs946D7aagv21sPxtK+hKtL9rhEybSOYizKyu669NIrKVnSErju zPKqPNNCO2lLO//S80zw7tsxxf+jAD2xz87my3G6xRKUdFJKK10ySUwznY1ITDmVzdNPcwNVUzJJ NRW3UU9VdVVWW201VVdjlXVWWmvNFNZGUZ3SVlFx5PVUXH8VdlhiY5OzWGR5vTRZZpt19tlnLZV2 WmqrtfZabLPV1lJou/X2W3DDFXdccss1V9NgGVSRtnRVbRfZd10NNt5z67X3XnzJ5RE2+Uq9jcgn F1wzOz3zy1XXXXlbFb9j1TV2wjJbBBOyMX3N92KMM9bY2IQPrm7dTR1GcuD9HBbxXeYUdhdHUFM1 zzr1qKzP4o1rtvlmfREFueI0SSMrpjvfdEvN5RQj7E6gh/atJxNfxKykJn2+csr/D0muurUsYd5S uRD33K6nhnEWe2yy0Q35z9aSe9kxG8ccsmQeJUP7MO+ky6w5H8VCEei7nMvw763pzrOk0Q5NO/CO 9C57ccYbX1gtwe0Tus6H9y5Y8cMZ/rluzeTszWCiLPcRUv0+J/pzup0OLNEOWd/sReFednx22ms/ 2+gc+26PX9xnzjtzi18HcNA4DVt7RTxjLB3xG21y0fe7o7z8agtBtv167MVddlOiiyt0chbn9B4v qmGebnnvnISUcNbpJNT7ifGce23PA0Ua8w6F7/dyqCdWj6RtBVCAAyRgAQ14wAItjl5kW2D2HPhA CEbQWWGLYAMleEEMZlCDG+Rg/wc9+EEQhlCEIyRhCTW2Gws+7FcdG5Z+VFarlr0KXjCEVgptJDBl IVCHO0xQ5W4IJljJzlEvvB3gjkNBHLYraOxaH+9C1TIWOpF44kuSEHHIHeshMS1W5FfAOoUqrRXx PzY04QqjOMVQ3ZCLI/OVp8iIRSYdSYkhi+EPP1bEW6HxX9ZT4xS3aKSUyRGMnPtUIN9YRl7ty2NJ CxN/EGc/HUWMcKjzXMn6NxM0BcdtzuPk6NZUvrFkslCcYlgY+cKS7IASROjpJJeABLVjoS5R+0sP Kk8Jv/Y1ZpOXHF/7KpY4l/hSQt9xnpn257hnMJB7mhxe69wXyaSxzDNxQVQjm/8pOrtNKG7IkyQ2 1/jHIcqMOP9ZJdhG1DxuAnGbzEETHPmmIRBh8prIexsh+bY1WVoOkcLanhTr46fxyOV8d7lf0O6J pa6ds3euG1o9++hNLQoKi79smOzIGSUv3hN9QKJkiaon0Hd6lEoYpSeJViejXK5kTwoVCA9d+tKq fDGefuPa8WhU0DYOLp3YZGndfvfKAAmJZtQrnIdytUR4Ki950mRn0aonP8lJDp4jzRNPF4o+1xxK R1PdZ636KbL38bKS4FOcRdmEN/b5T5KzVFTWwko6D9Vvc0Jj5KCiFk9NmimUw1GT9OAKVLFqVa1c wyUu66rTqoaVoXCa5C8tNNb/ydmHUTClbGWZ0tV70etk2DskHzPWWcyO7auhbeEZOQbafIEWiRdb Lbks+1rKkla2s6VtbW17W9zmVrflgm1vfftb4AZXuMMlbnF/u1vkJle5uTVuc537XOhGV7rTpS62 bOuM5WZXu7Stbne9+13whle849XWds17XvRmkLzrZW973fte+MZXvvOlb33te1/85le/++Vvf/0r wPQGWMADJnCBDXxgBCdYwQtmcLf++2AIR1jCE6ZwhS18YQxnWMMb5nCHPfzeBodYxCMmcYlNfGJn fVjFK2Zxi138YhjHWMYzpnGNbXxj6aJYxzvmsUFw/GMgBxnDPSZykY18ZCQn/1m3ox2XkJ38ZChL ix8OmbJBplxlK1OZH1jWcpW3vOWsfPnKX6ZymclMZntEWc1rZvNUsPxme3DZy2WeyJy5wuU409nO eYbIlNv8Z0D/WDZXzvOeC11nRPM5zIs2s6Id/WglR1rS5SI0oeMsZkvTWdNo1jOY5XzpRGd50qMm NbKwUmk+fxrPq2a0qLOsakfD2ccftkGgbX1rqxza0p9WNJ4hzepX69nVvk4zro19bBgPW9O9BnOd Pc3pPp+Z03BGM5aRfW1sU7jU2+Z2t739bXCHW9zjzi6TyX3u2bKZXTTD4yDLhto0XjHerCqdakcF b3PhW2fJEnQhO7bEdevFtP9u9BhYgQWxg6F2mHu043j82XDIQRyQcTQVwQteJICbct39GhgrKX7S hB8YKxZ3eLtLzm7PzrDhbpJXryTusomznFRBPLgKH5fyNVKsbSoFuRgDrkeHsHmL6mtoTZ4nxCux FZNHk6z72iTR01kzcbZMqV7jd1jWPEk+HHer0eN3StK0ia+ryyvWHLOr7i1NmF8PJkM7CcyfRb3t TSqN032SSbgRjJVYj+VyKpq+Kwl9pYeLqul6DjuTFkd3ljRc4ZfqJ79CT57F+9E6TaS2VT4VsPuC HeQj5M5sNrWpvRuJRUm/+JOqDqU2JUnR9p7Oo0SnLw2Fa176LbKvYR5+jjT/pT4B6lYtGVT3Gi38 XzOj1PCFlPCRBw1kgT+9gMrensWDWFZ3OnhCOSij89H+0muE0kdWvZ2Be/1UO8q/nhb4bVlHPcIR /9HVh5ywuXM88cUpeQxtNagcbWbmjff/moqPeQK//ru+ymu8g6I+y2se61O998M9zik/kTq/aYIc 6Rmwu+olyGOs9xETO2m9GSk76dAcOvkdaCrBvksrgwknD9ymXIqr/+EPx7pA5FAeRqkMtDsrpRMm GmSsMAG809s95imsEgmb1guo1CnBDTE7cjKs1kI3ENI3lINCnNEs9DI3BZPCtKJCZZo43cAxLgxD McwYLBxDM+wqG+vCGsIY/y2kIROyQkGqoo+TuNqoLDIIr2YhJZzTI9N6uGWCj2SROY3TOXlLJHEh uZSbQ4QLuAWyIJrLOdxIw3FBiTQipTZELGKhRBWyxHq5RIybt5obQpVpRJnaOKC7jTTsnruaPakx u71aOMOaur/bPZ6TDKq7o60buzhZFPFBO+DYHNprFKk7OhRku5PAOx48wmN0lGiCuoqaGnM6O+/z mrlzpWDKRWMMxrcrmLRjxlhCRhfpOm8kqFmjMeTzKOIrPbsaHNSYveMLIxN8nov7p0U8QV9kP3xq vneMQMxhmz8avdxxKPLTR22awHNSxwrsPqkCPXZsSPrbKObjv74JKoAMJf+xsLFzLKr6Wx9YzB/f iz4nmcYGjCIWoaW58qL5SalrLEKQ9LztI8GU6Tw42R1+1A7nY8faGyzKUcisacDrML7V26WEyh+H FLuVckBBiZ1iUzGbM8DhcyZZap2PnL909D+NpCpwiqSfpCkjCsElrD+rvJFxmih0rEmRGko3wcet jJyqHMp3PMDw68gBnEu/aUf8E8vtUsURHCxD4T2JjKyoTEv5+Su9lKbIGqL/eaturBo2iUjHS0lY 8itthMye4UdeUsEb5D7yA8QfxMcfvBsY1KkQ1MS/sDolJCxj+p6YtJ+1OkMS8sRMRDLY5LEy3LEn rJnZxK3czCGmdE3f/E3/4AxO4byg2vwhPZSV3RSW5CwWMurDcLm32DzFpcw2mCrFizO9lUlERbzO PCKkmdtEhqO5prwjkzM4hrs5UKzEPHKh4ZwVgPkYLVS49PxO7zQbJ8KVQ0LE+cxO9BzP/fRCOmxP Jkk6k+Q710lGgWvF5BGlUnK7o4tGuWulW5zMHJSaYWwln1A8ahxN42HQ5mM6yQRBvKEoCQU7V6w7 BEXRHYzGDLVGi8hB4OEkAdWKJdGnrow/rrrKBZRInnya/WvL73s/6rFRAGQasuvHG3UopsGqbGLJ n+o8NCJSJ9WbJ5289/S4CaHO4UrJilRItsTEDTxCIn1JnZTBh1zRCvzQ/yFVQIqxP+xbKpVUUh1N U+szqql5y3XJSW70ytAZyB2MEOnz0KDT0uA6wC6lvy+lycKxR4NMKKXqD88kyuCDo0V1SxrZyjW1 IqtSyxR5wCn9PE99jjF9rILEUyTMRzflCEKtztPaxQotrNyjqwAUwuXLRh980858SsoEQCIM09Nk RrILFI4qnxb0n7lyOEcaS98puli0O8L8RgKNGEpiTWcNVEWRzhntFvasuG9bzmwtoeKMldscGeeU TRJb1Zf6VnVd1yNBV3d9V3glICmIV3qtV3u9V3zNVzxkV37tV3/9V4BFRX0dWIKlsYA9WIRNWIUd zoJtWId9WIiNWImd2P/26gGKvVjoIpstWFiO7ViP/VjixFiRHVn6AlmTHUOSTVmVXVmWbVmXfVmY jVluOVmahUKZvVmczVmd3Vn+qlmf/VmgDVqhHVqirZlwLdpz49mlQFrZyAcqVFqlMIh8mFqnpdqp tQerddqJoFqH0FqphYisxVqwxVqrBVuvvVqvFdu0DVuuLVuyrdqx7dqrldq5FduuNdu6pduzjVuz ldu01Vu7/Vq3DVy7LVu2rdu9jY3BBdyvvduqXdy1NVzINdyx5dq3/du39VutndyzRVzKddzKRdvP JdzJxdvNtdzGDVzUXVvTTV24ldmm3VqtwFzVpdu7ld3UVVuu8FzSJdz/3N3c2wXe2x3exEVcvk3c wuVbuQ3erDhd0G1c1qXd4n1exSXe4N1b5B1e383d441b4Z1d5hXc8E3e3v1dsh3f3v1b5DVe5ZXd 9TVf69Xd7RVOzJXe5nVf8u1e6sVfuI3e+x1f4WVd7+Vf+BXfym3fAObe5AVe/93f+MXe2Whg0P1e BRZg3P3f8qVgBK5dCD7g8k1f8rVg+X1g6L3g+9VguNXe6dXg4Tzdx83b+sXfESbew81b3e1fD1Ze F55e7c1fA05h81XfDy7hzP1fBgbh67Vg1K1gGM7hH/bdGNbc9qVht+1cIc5hIAZiwbXh7E1hL97g C05gxi3iMJbh313i/+xtTwmeYiHuXAxe4wGeYS2GXx4WYR8e4SZ2YC1WX8udYyI+3zW+Yg42YdiA 4ywWZBUGX0XOYAyG4svVWxSe4dql3rm14/pd3SXm3ih2ZBF+XwUOQ6zoYEJ23QKOXwM24lOWZEYm Yksm4UQm5T8e4i/GXQmmYEHm4U9+Y1fW5Ea230UW4E2GZUQW5gIO5FLeXkQe5mDG5Q9OY6hNCki+ 3DT221fW3y1GY1ru49Wl5ioWXW9+YWou5cUlY8lFWyzG2/RFY23O40me3+bN5G3u4Uv+5mmG5Wt+ 5HdOY+ll33bG5+jl5wo24Rfe4UUeY3yWYuuFXaZdaIZuaId2nGeWCv9KiGiKvoqHvugSq2iN3miO 7miPngoAAIBcw2iSPq+Qpo2PTmmoDWmpKGmXRq+TfmmZLrCYngiVvq8EuOkMY2md7umK5ul/mGmh hmkAmE6fPuqdHWqlPi+kbmqnfmqojmqpnmohW2qrvmqszupBpWquxlit/mrb6mqxHmuyLutkA2u0 Ji2zXuuBTetYsQC3Jpv5Emm2rmt7pWu7zuvpyp6ijmu/LqG+/mvBRun6wusYKwC91i99eFjDTmzH Fi4ICuzBnuysyK/GfmzMfi3K3mwNymzPPqAl+GzRHm3SLu02260F4GzVXm3Wbm3XTjDTjm3Znm3a porXvm3czm3d3u0Dhg4IADs= ------=_NextPart_000_0004_01C6F484.4F018D40-- From owner-namedroppers@ops.ietf.org Fri Oct 20 14:24:06 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gaz2M-0000Gy-5w; Fri, 20 Oct 2006 14:24:06 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gaz2H-0002DY-OT; Fri, 20 Oct 2006 14:24:06 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gayv9-000Hkn-1D for namedroppers-data@psg.com; Fri, 20 Oct 2006 18:16:39 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,OPTING_OUT_CAPS autolearn=ham version=3.1.5 Received: from [195.241.79.175] (helo=smtp-out0.tiscali.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gayv7-000Hj7-5H for namedroppers@ops.ietf.org; Fri, 20 Oct 2006 18:16:38 +0000 Received: from [82.169.219.56] (helo=[192.168.2.102]) by smtp-out0.tiscali.nl with esmtp (Tiscali http://www.tiscali.nl) id 1Gayv3-0001SV-JW; Fri, 20 Oct 2006 20:16:33 +0200 Message-ID: <45391282.9050204@nlnetlabs.nl> Date: Fri, 20 Oct 2006 20:16:34 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: David Blacka CC: "Olaf M. Kolkman" , IETF DNSEXT WG Subject: Re: NSEC3 Issue 27: creating a flag octet. References: <452D0295.2010207@verisignlabs.com> <45378837.3030608@verisignlabs.com> In-Reply-To: <45378837.3030608@verisignlabs.com> X-Enigmail-Version: 0.94.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 244a2fd369eaf00ce6820a760a3de2e8 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Blacka wrote: > Olaf M. Kolkman wrote: >> On 11Oct 2006, at 4:41 PM, David Blacka wrote: >> >>> During the last NSEC3 workshop in September, the following suggestion >>> was made: >>> >>> Create a single octet in the wire format of both the NSEC3 and >>> NSEC3PARAM records dedicated to flags. Only one flag would be defined >>> initially, the Opt-Out flag. >>> >> >> I am not sure if this particular thread reached closure, if Roy's >> proposal doesn't get pushback and Alex' head is not blown off I propose >> Roy's proposal to have the itterations fields reflect the power of two >> be reflected in the draft. > > I, at least, am not a big fan of Roy's proposal and would prefer that it > not be the default position. A more reasonable default position would > be the original proposal: one flag octet, 2 iterations octets. Or even > the alternate original proposal: one flag octet, 3 iterations octets. > > I have several concerns with Roy's proposal: 1) it may not leave enough > unallocated flag bits for future use, 2) it is not at all granular > (i.e., only 32 different iteration values), and 3) it is still a format > that involves shifting and masking to decode, and for what? a savings of > 2 octets? > > I'm not saying that Roy's solution wouldn't work or even that it isn't > adequate (as I don't know), but one of the motivating factors for > creating the flag octet was to make the wire format simpler. I think that Alex Bligh's statement about range is false. I also agree with David that encoding can be simple for the nsec3 iterations. Not a special case encoding. So I am for a one byte flag octet, and two octets for iterations. Advantage is that a max of 64k iterations is not a DoS in itself, where millions of iterations are quite something else. The iterations provide a nice bit of extra protection against offline dictionary attacks. Realize that online dictionary attacks (just try names) are completely possible, and much easier. Also two bytes makes a maximum iterations count much less pressing and the section on that much less important, which is good. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFORKBkDLqNwOhpPgRAtb8AKCJGMWPUgDa+E8iBwGLL6tgiJcj0QCgsmhH ycLMSy3g1RKxQMaJNXHqk8Y= =ItyH -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Oct 20 15:23:11 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GazxX-0003co-1r; Fri, 20 Oct 2006 15:23:11 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GazxR-0004Zg-Cb; Fri, 20 Oct 2006 15:23:10 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gazrr-000CgP-25 for namedroppers-data@psg.com; Fri, 20 Oct 2006 19:17:19 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.1.5 Received: from [195.177.253.212] (helo=shed.alex.org.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gazrp-000Cfi-J8 for namedroppers@ops.ietf.org; Fri, 20 Oct 2006 19:17:18 +0000 Received: from [192.168.0.102] (localhost [127.0.0.1]) by shed.alex.org.uk (Postfix) with ESMTP id 17355C6D6C; Fri, 20 Oct 2006 20:17:16 +0100 (BST) Date: Fri, 20 Oct 2006 20:17:13 +0100 From: Alex Bligh Reply-To: Alex Bligh To: Wouter Wijngaards , David Blacka Cc: "Olaf M. Kolkman" , IETF DNSEXT WG , Alex Bligh Subject: Re: NSEC3 Issue 27: creating a flag octet. Message-ID: In-Reply-To: <45391282.9050204@nlnetlabs.nl> References: <452D0295.2010207@verisignlabs.com> <45378837.3030608@verisignlabs.com> <45391282.9050204@nlnetlabs.nl> X-Mailer: Mulberry/4.0.4 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b Wouter, --On 20 October 2006 20:16 +0200 Wouter Wijngaards wrote: > I think that Alex Bligh's statement about range is false. I'm assuming you mean my counter-assertion to Hilarie's proposition. I'm quite prepared to be shown to be wrong, and I must admit the assertion was only gut feeling, but let me explain where I was coming from. Let's say you have a hash function H(x), and use H(x^y) to indicate function H() being applied to both X and Y. I've used '^' to mean an operator as an operator whose range is no smaller than the domain of either of its parameters. XOR is a good indicator, but most (all?) good hash functions can do this by simply operating over a larger data set, you could view "^" simply as concatenation. Also use |x| to mean the size of data set x, so |H(x)| is the range of hash function X. Hilarie asserted that repeatedly applying the same hash to a given data set (i.e. feeding the output of H(x) back as the input, so H(x), H(H(x)), H(H(H(x))) etc.) will inevitably reduce its range. This is no doubt correct in practice, though I must admit I'm not convinced we need worry about it. For instance, SHA-256 has a 256 bit range (i.e. the output is a 256 bit hash), and its input domain is (effectively) infinite. However H(H(x)) clearly takes the hash of a 256 bit range. We know from the three properties of hash functions that a good one is collision resistant. This implies (and I'll wave my hands here though the result is not controversial) that there is a uniform distribution over the output range of the hash function (else they would not be so effective in PRNGs). That of course does not imply that it is possible to produce EVERY result in its output range, but it implies holes are "rare"; else you aren't really getting a 256 bit hash, you are getting a less than 256 bit hash. You can see this because if it is the case that |H(H(x))| < |H(x)| then there must be an x, y where x<>y (inside the 256 bit range) where H(x)=H(y); As we good hashes are collision resistant, and need to be particularly collision resistant with regard to small localised changes. But there is an inevitability that at least for some H, |H(x)| > |H(H(x))| > |H(H(H(x)))| etc, though (I suggest) probably that much smaller. I would expect not more than (say) an tenth of a bit. My assertion is that to the extent that the above is a problem, it can be fixed by mixing in the original hash value. So we have H(x) H(H(x)^x) H(H(H(x))^H(x)^x) H(H(H(H(x)))^H(H(x))^H(x)^x) now in case that looks like a lot of memory storage, note that the term which is mixed in is simply the previous result. Now we know from our assumptions above that the ^ operator's range is no less than the the larger of its input domains. This means (taking the last example) that the range of the outer hash function is no less than the range of H(x). Hence the range of the overall function has not been substantially reduced (i.e. not reduced more than a single H(x) application) I may well have got this wrong, and I recognize that the above is certainly not a formal mathematical proof (I have a horrible cold, and namedroppers is perhaps not the place anyway) but instinctively this seems right to me. Hilarie's original point was (I think) that applying a hash a zillion times may do more harm than good, or at least produce unanticipated results. I have to say I share some of Hilarie's concern there and it's certainly a point worth thinking about. I /think/ my solution /probably/ addresses it (as it makes the input to the 'next' hash function have a far larger domain than simply taking the 256 bit output range), but I'm not going to swear to it. I also think it's harmless in that it can't make things worse (apart from use CPU cycles which is I think the whole idea!). I'd be interested in /why/ you think my assertion is wrong though, Wouter - quite prepared to accept there may be an error in my hand-waving^Wlogic. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From wjoxuotx@sacred.net Fri Oct 20 17:32:17 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gb1yT-0001pV-8G for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 17:32:17 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gb1yT-00016K-4E for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 17:32:17 -0400 Received: from host-81-190-242-235.malbork.mm.pl ([81.190.242.235]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Gb1yF-0003Tb-Aq for dnsext-archive@lists.ietf.org; Fri, 20 Oct 2006 17:32:10 -0400 Message-ID: <000c01c6f48f$c1567fd0$ebf2be51@ilaszehbig4haf> From: "This" To: dnsext-archive@lists.ietf.org Subject: Coming Local Women Date: Fri, 20 Oct 2006 23:36:08 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0008_01C6F4A0.84DF4FD0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 4.5 (++++) X-Scan-Signature: cbb41f2dbf0f142369614756642005e3 ------=_NextPart_000_0008_01C6F4A0.84DF4FD0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0009_01C6F4A0.84DF4FD0" ------=_NextPart_001_0009_01C6F4A0.84DF4FD0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable Women Fifteen be honored at th in Annual Conference Archive raquo Submit = p f Copyright. Email or This page shows from a past days for earlier visit archive or = Click on or company or title article? Earlier am visit is archive Click a on company or title article oct = Rochester Womens Network rwn Recognizes up and Coming Local. Shows from past days or for earlier visit archive Click a on company or. = Visit archive Click a on company or title in article in oct Rochester = Womens Network rwn Recognizes up of and Coming. Fifteen be honored at am th Annual Conference Archive raquo Submit of p = is f Copyright copy a Magazine all rights a reserved Privacy Policy = Site map in Reportview? Local Women Fifteen be honored at am th Annual Conference Archive raquo = Submit p f Copyright copy Magazine all is rights reserved Privacy = Policy Site is. Box below to in sign up Email This page of shows or from past of days = for or earlier am visit archive Click on am company or title article oct = Rochester. Oct Rochester is Womens Network rwn Recognizes up and Coming a Local or = Women Fifteen be honored a at th Annual Conference of. Enter am your = email address in the am box below to or sign of up Email is This page = shows from past! Email address is in the box below to sign up of Email of This page shows = from past is days. Business Strategies Magazine View News Home Enter your email a. ------=_NextPart_001_0009_01C6F4A0.84DF4FD0 Content-Type: text/html; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable
Women Fifteen be honored at th in = Annual Conference=20 Archive raquo Submit p f Copyright.
Email or This page shows from a = past=20 days for earlier visit archive or Click on or company or title=20 article?
Earlier am visit is archive Click a on company or title = article oct=20 Rochester Womens Network rwn Recognizes up and Coming Local.
Shows = from past=20 days or for earlier visit archive Click a on company or. Visit archive = Click a=20 on company or title in article in oct Rochester Womens Network rwn = Recognizes up=20 of and Coming.
Fifteen be honored at am th Annual Conference Archive = raquo=20 Submit of p is f Copyright copy a Magazine all rights a reserved = Privacy Policy=20 Site map in Reportview?
3D""
Local Women Fifteen be honored at am th = Annual=20 Conference Archive raquo Submit p f Copyright copy Magazine all is = rights=20 reserved Privacy Policy Site is.
Box below to in sign up Email This = page of=20 shows or from past of days for or earlier am visit archive Click on am = company=20 or title article oct Rochester.
Oct Rochester is Womens Network rwn=20 Recognizes up and Coming a Local or Women Fifteen be honored a at th = Annual=20 Conference of. Enter am your email address in the am box below to or = sign of up=20 Email is This page shows from past!
Email address is in the box below = to sign=20 up of Email of This page shows from past is days.
Business Strategies = Magazine View News Home Enter your email a.
------=_NextPart_001_0009_01C6F4A0.84DF4FD0-- ------=_NextPart_000_0008_01C6F4A0.84DF4FD0 Content-Type: image/gif; name="Submit.gif" Content-Transfer-Encoding: base64 Content-ID: <000701c6f48f$c1567fd0$ebf2be51@ilaszehbig4haf> R0lGODlhXAIcAof/AAYMAIMACAmOAHl4AAcLe3wAggt0eczHwbPis6u98kwbAFkTAHEfAJgiALkW AOgYBQYyDSg4CUdECFE0AIM3CaVKAL1NANo3AABXDShoCU1rAGddCHpmAKplALFVAOlmBAB+BiKJ AD+LAGJ8AHpxDZF1ALGGC9l9AACmACqcDTOaAFqkAI2pAKKiA7+cCdOWCQTCCB/LADS4AVe1AITN Cp+/ALTKB+TCAwDjCyfXADXhAGHuAHHsCKHoALbRAOrhAAMAOB4OTU0AOGcOP4EASZEDQ7YLP9gO NQUtRCgVOzQrQGkeOY0bRJUoN80bTtYmQwBLNBE3STlIPW5LMXdLNKBKRL5EROJNRQBTRyxsTkpc TGltTYhWAJlcQ85tPONhOAB0NxeFRjmAQF10Q4eHR6t/P814PNiBQAGURiSbO06lR1esTHqsTZmu Or6lNN+gOAm5RyrJMka+NWfIMXTDP5KzO7K0P+G7SgTkMhfpSEXXTVTXTIPqP5fqRr7qRuXiMwAA fRwFeEsOdV0MdIUOepIHe78AitMAiwUVjSQcfz4VfmUuh3UqjaQgfsgTiNYShgBJjRQ5fTdGdVU1 in9EhJVBcbI+htpNigBjeCZYczFif2ZZeXpmg61SicZkf+FZggCCdRSIizyEhGWBfH91iaeEiL1z cdJ3jgSVcxWReDKgcVSUhoCthZedfcmaiuGjiA63gR6xhUm5f1O+doy+c6PIhrK/hdW5iAzeiSHu dDLtimLUf4TTdJvkgcjfceXRdQAAuBMCukYEtF8AzYMAuq0AzssHzO0KyQAeyiEdsjMrs1IbvXsf v5gbs7sXw+YVtg5MyRM7s0g7ymI0yXs+zpg8urdGwukzsgBpuitSsUVhvVxWxHhkxqVqxslcs91r tgCHsSKDyTOBuVdzunGNxqGEycGOvux9xQCishuVuUOXu2iVzX2Tzp6kxLilyuudugCzxCu/uka5 wWvBwXXOuqC1ufft8Z+coXqDePAOCwP+Bv//AAED/P0B+Az///X//yH5BAAB06AALAAAAABcAhwC Bwj/AO0JHEiwoMGDCBMqXCjwBcOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuX MGPK/Pivps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HTt1ptmzaNOqXcu2rdu3CsnKnUu3rt27ePPq3dsTrt+/gAMLHky4sEe+iBMrXsy4sePHkCNLnky5 suXLdA1r3sy5s+fPoEOLHk26tOnThTGrXs26tevXeYXAnk27tu3buHPr3s27t+/fwH07CE68uPHj yJMrX868ufPn0KNLn47XGPXrWjVit/uBNerv4MMn/7T5oXz3f+bTq0+v0/zN8jjPk1+v/r38mvfd k4/P375+9OsByN58+Q2IX4D+0QffefUl2KCA7cHXHk/yKaggfjWJp+GGcDElIYb35RSiffMd2N97 J8YXIoMVMohifim6KGKEJaKHIoY+rcifjhOSaOKPAM444Ygw9rjdkdGNaCOFTN7YXZE37jekkydW uOSVUuKo5Jb9Qalkilja+KWQWeIYJpE7PUlmmGUi6aZyX47JppkvYolmlDvWKaSVVsZIZ5tzqpml nH9yCRSUeoIZJ5uI4vnmo8bFieCfgIpp5p2VLslnj5tS+iB9ArrHpZeTtikpoY2CaCSlqsaIIKGQ xv/qmEYtLtjTojP2iSmrV7poqIyargmso4GGmuqac/q46qirFlsosThyKO20n6EpJ655aokstr4a Kail2zoL7bfHKnpomuOKy+qDdOJK7bvwDnZmsrzOayejYJYpKI+tgmuuoebeW6+p5zbLL7+V9qmv T/E27HBbQe53LYUtFrprsiuyWCOQHC+s7sYS8ggrwgQbXDGQHwKKcLnnPezyyzIRyCK7qKacsYos q+ifwWkaCOqY/+EL6s6ZspsvhCKm7OC37S4tI8xQRx2RrFRXbTVu2l2NpNRcd22Q1mCHLXZkWY9t 9lBep03t2WwHpfbb8rYt99x01zRE3XjnrTdeGgn/gJPfNwFek+ACFG644TYdPnhOgv+N+D+HFx74 35BLnnjkmFtO+eWKc94545pXvvnljgceeuiQV/755ImPHlTjnquOuemuP744662n/g/cvIPXuN+/ tw677qQLzzjok8NuefC368R884sTXjrxPGm+vPLTF2894KgDn33qzw/vk/fFQy++6Kxvbz713GfY +/sQLyW99Ma7Tn3uuOOf/+30Q1/7/uS7n+7OB8DoFXB+/mtf8Ia3QNwRcCcBFOD+6se/0SGweQ/c G9i0c0H2CfB59rvf+cRHPuxBMH/Y61/yxuc88B3QeCR0IQUdKEIJslCFLWxhA49HvADSD35AVAtT /zq4QxRCMHMh9J8BGVg9I65QieCb3QRliEMFGvB47buiBWuYQR3qL4c87GD6KIhDDZrxJ1kcIP5M CMUPWhBxMbTdF1G4uh5CMYJgfKIax2hFLOYOjxVM4BFRZ0cbzhGDWhxjIct4xrBlzYfsqyMIJ8jG Gdavkv9LYOfiyEI/BnKNltRiHzcXuSSOb5Od5KEaYyhKD+4uiLDsTCvDZz9WUpJyTCxkG125vk/+ EY2k1CMifbnHJaqyikXp3wNH+MRKQlJ8sYymZganPGR+8XRu/B4el0fDE15TkNXcZfm4Sbspco9w aaSmCNPJy9eREoTMLKf6yqfO3EnznnGr4TcPif9KU26ylN+UoxOFGcXVIdF52CwnP003SclJUZCH 7IkzBRpPegoUovbEp0ZP0siOenQ35vioSEdK0pKa9KQoTalKV8rSlrr0pVjZqExnStOa2vSmOM0p TWDK05769KdADapQh0rUohr1qEhNqlKJqtOmOvWpUI2qVKdK1apa9apYzapWCTOHraJlqWANq1jH StaymvWsxvGqWtfK1ra69a1wjatc54oWAACArnjNa9fsqte++vVhd/2rYAe7Ib6WBK1iAQBiIWXX rBB2M3YN7GOlKlmOLvaymM2sZjfL2c569in8CC0//iHa0dbEtKQlbWhvItrTttYmpR3ta2GL2tL/ 0la2rL0tammr2926Nie7xS1sdava2Ra3tqs9LnFdW9vcBve4vt2JbZ8bW+I297bQBW5yUzvc6g73 u8UFb3NxK9zPJkY7vr2uaa+bW+5K97vBZa961duT7Z5WutGlbnvT+977+je/wIWvc+UbFP52N8D7 RbB/cUJf8WpXwP91MHlTO9l3LQXAB34ugxeskwZzd70JTi2IoxtiDkMYvCJ2roI3DGEDt/fAGV4w iVfM4fKaOMUrxjCMZRzgEbN4wj62sXn3opH1rpa6LhavfZWsYRC3+L7CNe6HX1xi5rZWv+G1LZWd HF73ohjHUA7zjY2b3+pqucz9HfOGNezlCAs5/8hTnnCF16YULIeZzV9us3ttfOYQI9fL6SVzh6Vs ZzAbestq1rGYF73dGbMY0UleNKIfLWn2KrnNcM70kM+bkT17espqpjSPQc3oE5Maz5auMaRLLGQH h1rHXDZ0qnmS5FYbWNEk9vCnJ03gCfNkztNqynRnO177XlnKo5a1cpkL6OWqOtTP/i+Zjz3tRh+5 2siNb3LZ7GjtHnnAxL4yiomNX23jOdqElvChN823TrObOMB+37vhHe962/ve+M63vvfN7377mzDz DrjAB07ws3UEGv9OuMK/VvCGu3ThEI+4xCdO8Ypb/OIYz7jGN87xjnv84yCfmsNHTvKSm/zkKP9P ucpXzvKWl1QbKw25zGdO85pj1eU4l5vNd/7YnPv850APOlXK1hqEIMXoDuc5RoTOdMhIIS9E985B jj71I1XgJ1dnTdZfqfSW1CSyiv16Y8Vuk8aC/SZj/0fYv672sqP97WSPu9oVC/a1u4/hRkF6Bfa+ db7bZOv/4HvfB//3wff97zfxO+CvLnjEO77xgmf83gsveb8H3vKOrwnmsw54oWy+8ZrHfOIVv3nE ix70hw/83bs+EabYne2wT7vZ3S532bP99bav/dpnH5bOq17zwM885wkf+scH3/fDN73xlZ+T1Dsf J74PvvQ5L33PZ/731W8+9JefeuH/fvFN18j/69v+drq33fyxT3/Y109+t7Of/Ow3P/rhjvS8HwT5 2we/8hn//eP7P/rUF4CJh32qB4DL138DqBPdB3yTB3qXx4AJ6H3Z53/bt38ROH0FuH2s1xLjh3vn 94G7l37w134deHsiKH/nF1m0V39FgRDDx38DqH8QyH/U932TV3wK+H8ECIPHd4PT54M26IOih32d B4OHF4BFWIFEmINBuIMPeIFLCITAt4EUsRQlWH7qp4JiN3a7F4I40YVb+H7x13sxmH8XaIQ9eIM8 yIMJSHjgJ4MYCIEHqH0SyHxHqHh0WIfRd31sSINQiHoEGIg/px1XOIIj6IHuB3ftR3smmIiH/5gT YceCRGF0z0eBcViDfYiANdiGZWiJgdh9m7iJeeiEFHiEUBiH1Yd/GFiJoPiJqch1VAgRTXF2W8iI jWiL80eCkIiFjuh+tDh+VuGAn9eApdeJcpiBqdiAMXh6lueAS8iAxEh6UliEQLiGoceGo5eE2SiK kFeMBaiGroiKQRd1qyGJaFN12LGHtpF1sagSsGGOQgGP0qGOs7F17ShyTZePWxNxxnCP+aaPALkd /jiQA1F3BHmQVwV2TxWQDDkdCPmQU9WQEjmRFFmRFnmRGJmRLIUQgACRHklTGhmSIjmSJFmSJikV ZxeCskd3WliLsIcbivM580NIJ6lS4reL6/8Hhl64kzshj3phdGyURT/0kRNnhThpgih4i0q5iKyR S8YUUTUJVi2piyj4i1/IlMCIGecUQcCDSVTTAA0QlVVBdF5oiPOXix+oEz4JdQdRRC7EPDMFlkSp IYrIk2lpiHgJe2vZbl9DRJ8EOBsll3MpGFY4lWV5e4a5klxIGzFpOzPZRdEBlmEplo7lblyxl3eB mT8RTYI5mNLiFZpZF6HZF0AkmZ5pYVYxmkWHT515mtNEmUgBlrApFuQYFaopdbHUAK4JGoXJhYpZ dipYd7iBiGiXk2k3m2elki95mExpG7+IiGiJnDB1k41ol4poi7BIEJOBltC5iLtpcUaJmHb/937F mXuwcZxYKZ7SiVhWOZ4viZ23cZzdCZ/rGVbzqYvX+Z6vcZaO6J71+XAZQZws2YVmZ5U3cZt3QYtz J4bGuXrfGXFzk5VmQwr/mVQSWqEYmqEuV5uQgaBD96AYp6EiShbiF5zoWZYDWqDBiYvlp5i5mJUe 2hPjCYzGqVggGqJKQaN12Yv6SZ7vSZ7E2ZxZkZI96qMjupEBqhMemJRBepcsmpc/qp8xqqT4eYV2 VxLjcKN41Zv5CYLwp4XPqaTCaZYqCqZcIZ/o+aUXKhUkcKSNZKRICaVLuou056MvChYnSqf06aZK FZ1xaqT3GaX46aRwehV3Oqj6yadIBaZT/7mcwGmiKyqo6hmGi1ioVKGguQepQzEAiqo3HPoYU7oT a0qaWkpxZjOqnTqdlikZoQoVpdqOldGqT/GqsRir6DgWtEqFjbqguIei5bmSj/qFkFqmryerV+mS j5qTDpqrO4edhymfQtqrdeqsVJoTxpqs1+mfNsqsXUet00qV1XqCItillbqsAuEU0emf6cetEud6 DaqtknqsJ5ipZZqtQ9qkZiqkqbqo8qqm6tqv7cmiOuoV5nmU+rqvHlU2AiqpWfmseKmcekp+15qI QYp+28quO7ermLqj4eqeKDqsDpudA4GujLqYLTl2GMtztop3s0h1KVtzK1sQUIGqPfmyMP+7mix7 mTbbbwjbs666qqoxsS24s/yGrvKqkilJpD+KqQQqrMTKqzSbFAQ6ozXqs4u6sEsZqM5qnU2aqCgZ qaJ6sFZrRoTYnFXZo1fZsHAnhok6sHp5q0TBnzyRi0QbcvFnsmn5nL45t2uLrO9qmPQHt3HbtHSq hXUbGtTANb2Zp0zar06arWbqsG5rFXnapVE7ti1Vgo2bn4UquY66lPE6s+X6uF6LuT/ltlObonLL sbc4tVD7pDNbsr6ooqabsECLGa16uThxuPEiCmnjGrnrsrxrb5UBA7V7vMibvMq7vMzbvM5bk8Mb vdI7vdRbvdZ7vdibvdq7vdy7Uc/7veD/G77iO77kW6Hde75nUb7qu74Yir7uGxPsO7bvO79eF7/2 e7/4m7/6u7/8278j9an+a3/MWhOqUMCqQMAGfMAEfBMHbMA44cD/kMA7IcEIzMAPXMARnMAYnMEb bME2ocAL/MEeLMIjvMAaTMIlDMIRnMIaDMISrMIrzMAY3MIwjMAdzME1jMMODMMNDMEf7MM8/MMb HMQyfMJB3MIXfMM4nMQuTMEKfJBMocIN7MEujMJUXMIhHMI3XMNEnMUxbMVSLMJh7MVkPMUkzMUp LMY50cVlvMYPzBNjPMY6IccmjMJx/MZfvMJsnMYWnMN2DMaAnMdkXJE5fMReXMiDjMV6//zFaMzH cFzHeWzGWdzIanzGcwzJYUzJgizImrzJidzJgVzJMYzGhuzGinzIb+zHkzzIkizKVmyRiNzHnHzJ nvzKi1zFeBzKE4zJstzLuQzJWkzLZpzJpszKv9zGtHzMtUzHixzMqfzMxZzIkQzNu+zMvuzK0mxy GtHErazHoMzIPmzLw2zMWEzBeDzOq3zKs3zHpozOjPzLXIzEx+zH3LzJ9FzELwzEblzKHKzDSgzG SCzPQozL12zCTmyuWsrPdbzHn6zMktzNs1zNvvzQr3zPfWzOiFzFBM3GndzREg3MtozKvUzQ2NzN Jv3RCt3O4mzPLC2yrGcL56oUKe3Onv8cyyut0dFcyzXdxPjM0G1s0xf8wz0Nzznt0ckM0tLMzBTN 0jMd0dGc0rmswKS8zzkNy9cs1X+s0ittyUI9z45czhWtzu+s00c91rrs1OQc0iLNzF/dzGZt1iR9 0kcN1SMc14GsyhppxBh90Tw8xOGMzwCdxOX812GNzNnczw1d1iQ9zUyM1oh92Cdsw3it1Iy9xEXM xHL91Kkc2aFszpK91SwHwAE8iQQ52qZ92qid2kJFv6ydEqptvq0d2yTx2v8p27YdErRdn7e92x2R 277928Ad3MI93IvB28Z9u8Sd3Mq93MztG8f93BXR3CQJ3dSNj9KtkdWd3Qtx3SL5V2T/oN3gHd7i Pd7kXd4Lyd3Ybd7qvd7s3d7di97p/VQi4N70Xd83Bd8ZKS1/YN8Vh98YSb1DwN8wcVICLlMEXuAa deAIfk81UQAOXgD/8OAQ3uA2AeEPfhMX3uASHuEYvuEa3uEOHuEe7uEaHuIiPuEnbuIiXuEsfuEo zuEl/uIynuIWzuIUnuIcvuD4BOM2DuMTjuIv7uM33uM83uFEXuRI3uM1LuQ5oeI/buNOPuQ4EeVB DuQtPuUureNpIQOAEeRFXuMzjuE3XuVijuVMfuRePuRL/uRm/uRhvuZJfuUc7uVgfuYUruUOsxQ/ HuIzruJSfuIVnuEynuFnLuiETugx/17igR7lPk7mQr7mfu7mOE7hda7oce7fs9HnYr7kf87pjv7n k77pPBHmc87jdC7oX67mnJ7qH07npe7qaY7pmS7nTG7lZc7mRP7pSL7qZq7mtd7rpW7qUo7rpB7s os7rl96/wHAdG07iVo7oz97sLt7sm27o0+7nkx7tLi7qlM7nZR7qqS7htm7qqC7r5n7u6J7u6r7u 7N7uBYfn8B7v8j7vpuru4Ufv52vv947vEgcK/P7vHKHvTAfw2yvwy8EDBp/wCu9zBK+9C8/wDY+9 REUHD1/xuCEJZxXxGr/xOpUIIVcKHK9VFn9GbDHyLZc1T7cUKW8TKy8ULf8PL38VMf/vdB0180Qh BTavQTZPGk/X8z+B8zivEy+f8zwx9Dux8j0P9ErR8kwP8z3R9C4fFTMP9EEfFDFP9VCR81UP80RP 9EKv9FLh807/9Vt/9GRh9DXh9VaP9EWv9FOf9kNB9Wo/9jiB9qTB9Wrv9Wgf93Vv9nDP9kgB9XDv E4IPFHN/80JvFHsv9W3P8odv+FmR8jYP+H4vFldP90uf932fE4/P+Uu/+SX/+WJf+TcB9pLv9kG/ 9VXv85Jf+mXP9pRf96ev+mA/+H+P94s/+2lf+7a/+46/+rOP9LzP8n2v+3jP9aW/+U6P9bj/+7ef +q+//GO/+tLP/Mif/JxP/UkP/FD/3/pJ3/zYP/3ef/ymv/zQ7/i7T/unn/2+n/yt//fn3/7YP/6F f/3AL/7Bn/jOD/75z/xlDxD/BA4kWNDgQYQJEdpj2NDhQ4gNBUpROHGiFIoULWYcyPGfRo0bQX4s GJKgx5AmDXokmfIkRpgtO76EydLmSZwyN+7kSXJlzY8je6oMKlTn0ZsYLfrEydFkxpEujTKdKXLp 0apRfbqsqhPqUqlCpybNSRRrV6lgc2a1WlIpVa9Mb5ZEKxepXY0R9e7l29fvX74V194lu/WizbeD eQJFGDPtVapOu0bGO/mp45lAH8OFbFct58yhh1a+qlLsYdItY04u7dlwU5koLa/W/8x29GvMPYua VmqWa9ytiQ9rTYhY9maiv8ki9wnY+XPo0QWvXS6a+NzkdKdCJn7XsnfuqZ8O3iw+PPW6ZkczZ/7d cPfCK+nedn0x6GL3+Y1ix1/et+668AMuPJYOki2u9tBbz7y8onPwQQjtmY4mkN6qsLfPcnNtNQUV 0/DC8UJjzD3aOBwOtd1Q44qxEGe7kDsONSsxMdqaEs40FUULLrkZS+tRQfgUK2pDC217cUULhRuS s8swxO1G2HikEUWUiuwsMiu9+tCiCLvsa0IwwxRzTDLnK1Mw9aZLU80x1zwTTTPflHNO1ui08048 89RzT/n49NNLPwMVlM0y3WxMyf9B38Qx0UQNZfRRSCMN1MSDvLT00ock1XRTTjv1lFNMQxV1VFJL NfVUQD9VdVVWW3X1VVhjlXXWTh2FU8hbPbXV1V0h7RU0WoMVdlhiaz3LQEo7+xXYFJe171ntlK0x zjBHrJZP3hA1EM7tOlKSxmRZ7LNYcss1l05Akx23MWoJXVfRlP5T77d2J6TXXmzNNNTWbj+D9t57 6wQTVYILNvhghBNmaE7JikNWLMd6i3en7RaVMcnxJEvLyfRUrO4+8p5FEiyMj5w4RZDPA1dliqH6 trXXztPyq41F1vZcnHOGNdV9c6TYOgK7o2lBAGMj7D2OG/b3q5gpO+1pBtUKclH/AXWDer+hjQz5 Z9tUk3oghcMWe2yyy7YUzIxFBHpHuW7m2juLF6y4xhCRMzFjuk+M70CX4wsaY6eNxlpHlFssnDLx pjV7ccYbd1zha+Ve+7iu5dubRMnhwrFuHf/zt+qjBSywPM845w3kAxEfqz7NVe9cvsdjl312xiNl 0cranpwLS9y3vHu+3AtsfUkQeacwa+NfPFz30o/39kh9v5Z5dJQ9pFLvodXVeXvuu8/ZWe8VAj98 8hm9pHz090wVZ+3TF3N89/WkfX76658/fvzz139/7u2vnX8ABlCAA/SU/xZ3pTzBD16tEh6+bJer PSmQThKMHAPvREFm/cmAZVPa/8Pc1qd5ffBd4otTA503wQw6DFfi0xAJK2JCt/zKcD8RIdoQ2CbY jBBF2wJhtXKHwgp+ToVX6pdBNli2JQ0xcvO6oZyolkIMRguHZ3JWz3qWwnrxEE9FfN8KgVVEz5Ep YFTsYlnUFLBeHZFsHXxXlUz2PDPajGmpo9KURAQlKU5LNeCSWJEq5K0MVc9am4tRbj54ujiiLknb +l30NCbHP+6uji+zTsQoGa8/KpJt1aNO3oiXFUtisjU36hsgc5hJJ82oQWoMWxOfJ7FR5geO0rsO 1YRXEwxlZ0hZuhx7TqM2omnOj6+jY72aNK4ZHkuXXkMd0YRmnlfm8nWzTE1/pv/ZoTkSU5vBXFrT hEa50bBSbDbEphA390rcBMeRJWxa4GIZzL31KEbQtFzUrEWt3x2zbbp84jv3WZhnJihwAt2dcd5z zQCBp5fbPAvWBmlKQ5pHnK10YEJJ5zqMVmmdIQPYNRcKTzNCjT7RYs/wtsa5gwqRdbbcEHpE2jGZ GW2kvwQOOMFj0ZaWFKRxK5o7bXqTiUKuojBSnigDFFGZZktZUULUD5P4w+KJa5a+K93dPLkjNxLx RzCz5A4z01RV1mdLN52qLN0oSSSldTG8RCbhClmyqmKyYnE96TA/yaWgPoeAew3iFHW4vyhqEX2B 5WthDaup9r2whgIkLDXJl9j/w7Yqr5OlbGUte1nMZlYvkeVsZz37WdCGVrSDIsFoTXtaRmlWtatl bWtd+9pRoVa2s6VtbW17W9zmVre75W1vffvb7cFWuMMlbnGNS1ngJle5y2Vuc537XOhGV7rTpa5v j3td7GZXu9stWHW9+13wroq74yVvec17XgmFV70GycF63fte+MZXvptCb33te1/8UjYA+eVvf/37 XwAHWMADJnCBDXxgBCd4svNlcIMd/GAIR1jCE6ZwhS18YQxnWMMb5nCHPfxhEN92feZScIlNfOJS 8WMgKhaIilnc4hXz48UxZrGMZWwQG7vYxivm8Y53/A8UB1nICZ7Ti438jxnX/5jHBVEyQmaM5CU3 GcoEeXKIrZxhQLkYylLeMpO9PGUch7nHYCYzlId8ZjSn2SFd1jKSc9zmJcf5x1G+cZLd/GUYA1nN e+Zzidk8ZTs/WdBizjOMA03mIwukz4tm9HXppOU22xnMVaY0nuHc5ERfWdObJlOmJe1mStd5zlT2 8ZyP/OMqc1rVEB5xuRr9ali7dtWzpjWJu1RrXLPaf7nmda8le2sIYvGvQ3VfY4ndV3YJ6pbGTpkL DcvsHL5KuCdqo19j+EJsZ1HbdirmuqB9TnI6il/blqIrnUjOLWab3Og2NxcZaVVAPpLdMJRlQgwI RCUKW9tXzDev2u1FPS3L3f8CE2wXk3lBdnNb3REk98BfApqV9XTh4ga4q7vkm971MWXD7FbxsCcS mmnJqy67NvFgucuozFGuD08itbNKmtqMaJClhBa1Fck0kPPIahqPzckptdWaydzjLL+dyJjpR3me rOgQ/RbNm/22KAluk/dM2z1VB1c9249hPpNpTW3UU4cyFJUpjbZ+0nm1QNJrcKMc3E9Dh9EBwXyl rIO6Q3/ZQNKFBWYzdWZbzvmY61QzZiiNe8r/LvXLRVNpJMdl4oflpbS9jW9cV1fYb0NTmvPU7CLV CsSSlsgWFdSakhcr2/G4R5qOdJdw50878+5Ryh8P8GNdPeBzLvi1D56TuMT/HOLpOVDWRP4u0y6p 7RFUuW4mKHV47xDivI52b/be+aI/PunV7k+X1jPapmN980oPIOWT3XDG56r1pYd93XeN3s4/u9T5 DkyTvp0i957gj6Kaoc8TNa5RtSvb8tn0oqIl0ZkkiwHAsTi9+0srcNskm+sqdxKmDjKqFQG5kpMS 4xAlgMk/6AGlxUun1TMnr7o8bSE565E3PRo/1PM2AiSXVqswaEs2X9sr+FEJ+vO1F0SeGCSgGcxB HuxB0WpBHwzC8Kqs+LlBMtIZI5SUJBwsRTm3rRuqKCLCVVmTg0skZCmU93GqT6lC5HMLLNyUJWxC Z6u4hHM4HlIgCtqVbjsT/ykMFjtSISoMQ7qrlTGywp8oFzn8wn5LNzt0IDTEN24xtzAhQvuTp6/C OY6DEqpjnp7jJPxDxM6rI2cTujusqrVCp6fjm0R0ROaJuIYpEZvzGE98KxL0mLLKpKyxOqxbpEZs ptuBRJe7DEEaOvugxJXaqqn6uUKCqPtQRVbUqKzLq9Cjp8lLOSL6vg7EneALJAR5piZSjnYSQGba Ju7Tu/TTmpTKJnkxu9F7O62xxtV5P4DyO5KaHPEbnuu7PrlrKIQiqLXhGnXUjtP4HzH0J8w7uxZa wNBLvAxUxhTMO7eBRqqzK6fynUbqxWnqx7trFsL5QHQ8RH4EHng6SLSiKv+G9JFklBqLVL/Y40hx Yal4RCuIzJHcU6qVE6+Lyz57bL9lbMft8z72K0aVZMZy8pzAOyrBI5CENCuWxL4gKTfqoQ+UcryZ REHQmcCuk0mY8khxbMhbcsn3w4pI/L7zMwlCBBy8gKu7SxpF5Mm7ikqvc8iiyhKcarmnyp5UxMW6 IUuRNEexnCSx6iMM5MBS9EA9MssTvDakzEeSdMux0seOTMg3dJ5wYaujApyfzMXRUYo2nLU8NBYr e0xNoUchfBgAkszmwszK3EzO7EzP/MzeAkIYHDZ9e0L+0cwt3CLUBMQ9fJQ6LIhYe5CEw5W5Yjgy nE1jUrg+ZE2JDDfcrDj/NfzNY+PDhbsVDGKjhYhN6RhOBDJD3kS4MQy43kwgF+qVxnKT4GyUSXEX 7sQ3R1FO6cA6RzSkRfpIUrRMT9RIPkKkpdtEV0w6pmPFWtzF7JHAk2M6hETFiIEbQlrPrAy5iiRB 6pEqdUK566nLmztJU7rIAnUKBx07BOU4H4FN8NQrkPoO8svI5vwcDb2pqdHIpRrH6mPHdUw7hDql mpNKaRS+jypQErXGnXwpu3vG34tRED3Ho3MYeWsaRqs/omRR3SNKbHRA+ZO9Ssq/2jNHqHrI2/tG bERLb+IYlnwonbLLsgtS7cvGabE8rRLSv8Qq77u/OsGMUrQ674K8C9XJ/6rp0HAMPBmlyhIN09D5 JqdEPxNFv5ucwKGMxiIVSDVlSqAEnTWNvw9lGT2dHp9kJ/ebqx5lGA3UxZc7GgVkGf+DP1p8y0rl wDklmdYTzD01ubl5KVCdqa7kVP4LKGQiS6GsT8/DSL2kywqcJziqOsR0rCRVq9IEzSu1TV5bTV1l FdFErMVyomGNTAtr1F9NVmVdVmb1tVDRhwqNVmmdVmqtVmtFsGbNVm3dVm7tVm/9Vua6VnEdV3It V3M9V3RNV3VdV8cBV3e9MnaNV3k9r3et1w+bV3zNV+yyV37tV3/9V4ANWIEdWIItWIM92MLSV4Vd WIZtWIc9V4SN2O96WP+KrVhWei46kFiNBRtg29hvRTGPDVmRBbF8GFn8SZV8SNmSVdmU/QeWLdmC UNmBgFmBoFmXZVmXJYiVxdmZpdmWtdmV1VmclVmeJVqdFVqfbdmaPdqeVdqmnVmmFdqnjdmfPVqe zVmovdmfHVqn9dmKuNqa7Vqr1VqnxdqwJVqwfVmzzVmZJVuDaFu3jduznVqyDVqoBVqtrVuzBVq4 vVmkhdm0zdq8XVrBjVuvLVn7IoGxWVvGJdyYzVqxfVzHZVuE6Fq7XVqbnVzAhVzNldy9DdvC9VrH 3dzCBV3CzVysFVvRxVvU/dzPbV3PFd3UPdzSXdvWhV3ZTd3Jjd3Rdd3/1e3czo1cvL1b3jVdxoVd yu1d243azd1cakXd233bx7Vb6A3dxsVcymVd6eXc0wVe7iVe0g3e6Y3a7tVdyaXe5dXe7TXf5FUI 9QXf3a3e2r1e1y1f3B1f7M1f4l1e8SXd4dVf5fVfz5Xe8AXg/23epX2tfVAjwN3aspXf/b1cwX3Z nS3b7G1fDAbeqy3gzC3g5JXg9zXg853b7UXgEG7gA7Zg6H3gsW1hCW5cvmXhg0jaoqXb+H3d/b1b FbZeBObf2v3dvbXc6L3h/5XbzwVZOQnhH8Zfvy1eAGbaHn5i/gXiImZf/ZXhJwZhqlXaFy5fvz1h J35h5CVfMQ7iAfZe//JlXihe3+M13Lbt4AzO3cvl4jReYSGG4N2tXxGeYD5+MNpl4z6uYj3uYvtN XzYOXwEuXdnlYDUOYDJ24RJuYSuGY0ee3/VdZDSG4TTOY+X1YkX+3jym4kbe4yrGYx++4QEGYu/N 3QjjWrjF3cgNZR4OXCh+41d+2qJ14AquYLotYrAdXLcdWkmO4fTt21zGYkwWjF++5U/e4l1m5T7G XF2e4VjmZGYe5De22mrW5Ec+5iG24WU2Zks2WXIm52AtZ9BEYnReZ3ZuZ4C1WHiO5/spHwAAAHe+ Z9OyZ3ze58+qZ37+Z87yZ4AeaL7SZ4I+6AASaIReaP0xaIZ+6PRRaP+IFq0kGELjAgB5zuhXm2iO 7miP/miQDmmRHunp0GiTPmmUTmmVXmmWbmnzImlz6QeYnmmarmmbrggg0B+X3mmettCb/mlQ6Wmh HmqiLmqjXjOgTmqlXmr3OWoEkwanXjCmnupAiWqrvmqszmp5pWquVh+t/mqw3i54CGuyHqeuPms7 KWu1Xmu2bmsCQ2u4jmu5nmu6rmu7Phe3zmu93mu+7mu//mufvmvBJgjALuzYHGzETmzFXmzGbmzH fmymNmzJbjTIrmzLvunJzmzN3mzONpXL/mzQDm3RNufOLm3TPm3UTm3VVrDRljAHcK7Vjm3Znu28 bm3bvu19pm3dri9o3F7q3f7t8uptpQZu4i5u426cMugz4U7q425u4lpu6OYUYIhuXNMG61Y0587u y7JubcgUnUkA6lZW7R7v1QrvPbEAdCZv9cYs86bp9X5v+I5v+Z5vq25v+75v/M5vB6PvsKEH/oaO gAAAOw== ------=_NextPart_000_0008_01C6F4A0.84DF4FD0-- From owner-namedroppers@ops.ietf.org Fri Oct 20 19:15:31 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gb3aN-0007eY-Hi; Fri, 20 Oct 2006 19:15:31 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gb3aL-0005zt-2W; Fri, 20 Oct 2006 19:15:31 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gb3UU-0000fw-KN for namedroppers-data@psg.com; Fri, 20 Oct 2006 23:09:26 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.5 Received: from [195.241.79.176] (helo=smtp-out1.tiscali.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gb3US-0000eV-LN for namedroppers@ops.ietf.org; Fri, 20 Oct 2006 23:09:25 +0000 Received: from [82.169.219.56] (helo=[192.168.2.102]) by smtp-out1.tiscali.nl with esmtp (Tiscali http://www.tiscali.nl) id 1Gb1EK-00023X-Oq; Fri, 20 Oct 2006 22:44:36 +0200 Message-ID: <45393533.1040609@nlnetlabs.nl> Date: Fri, 20 Oct 2006 22:44:35 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Alex Bligh CC: IETF DNSEXT WG Subject: Re: NSEC3 Issue 27: creating a flag octet. References: <452D0295.2010207@verisignlabs.com> <45378837.3030608@verisignlabs.com> <45391282.9050204@nlnetlabs.nl> In-Reply-To: X-Enigmail-Version: 0.94.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e1b0e72ff1bbd457ceef31828f216a86 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Alex, You ask for a reply. I'll be fairly brief on it. This is not a math mailing list ;) > I'm assuming you mean my counter-assertion to Hilarie's proposition. Yes > I'm quite prepared to be shown to be wrong, and I must admit the assertion > was only gut feeling, but let me explain where I was coming from. OK > But there is an inevitability that at least for some H, > |H(x)| > |H(H(x))| > |H(H(H(x)))| etc, though (I suggest) probably > that much smaller. I would expect not more than (say) an tenth of > a bit. I agree up to here. > My assertion is that to the extent that the above is a problem, > it can be fixed by mixing in the original hash value. So we have > H(x) > H(H(x)^x) > H(H(H(x))^H(x)^x) > H(H(H(H(x)))^H(H(x))^H(x)^x) > now in case that looks like a lot of memory storage, note that the term > which is mixed in is simply the previous result. Now we know from our > assumptions above that the ^ operator's range is no less than the the > larger of its input domains. This means (taking the last example) that the > range of the outer hash function is no less than the range of H(x). Hence > the range of the overall function has not been substantially reduced (i.e. > not reduced more than a single H(x) application) I agree and disagree. I agree the ^ operator does not reduce range. It does not _increase_ the range either. It does alter every value to one other value, which is nice. Taking a set of values and Xoring them (or so) makes all values different, but you end up with the same number of elements in your result set. So I think the second H application loses another little bit of range. Because the outputs from the previous H lost a bit, and ^ did not increase (but only alter the values) the range, the second H operates on a smaller set of possible inputs. And will have (a very small fraction) of collisions, further reducing the number of outputs from it. And this continues every iteration. Until infinity, where only one value is left, which H changes into a new value every iteration (like random()) and the iterations count determines the outcome. Luckily, our bitranges are smaller than infinity. You lost a bit, and if its 1/10bit for every iteration, then doing 32 or 64 iterations is very different from doing (say) 43 iterations (in that you lose only 4 bits). Therefore more granularity in the iterations would be nice. Not that important as you say, just give people the opportunity to enter their own value (the operator can do the maths). And it is nicer to encode (and thus implement). If the operators think that particular numbers are good or bad, let them do so. > I may well have got this wrong, and I recognize that the above is certainly > not a formal mathematical proof (I have a horrible cold, and namedroppers > is perhaps not the place anyway) but instinctively this seems right to > me. :-) > I'd be interested in /why/ you think my assertion is wrong though, > Wouter - quite prepared to accept there may be an error in > my hand-waving^Wlogic. Because I think the second H application reduces range as well. Because also the second H application has collisions. Though I could be wrong, hash functions are weird things. Even if I'm wrong, lets go for 1 octet flags, 2 octets iterations? It is then less optimally encoded, but so very easy to use. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFOTUzkDLqNwOhpPgRAoMeAJ4oti1CY9zQmS6FswpzNyN+S9bUSACeOhPZ vSPzg3FJvuJGZJTHIyipOeA= =VaP1 -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From dxpoagxentc@rockymountnc.com Sat Oct 21 05:27:22 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GbD8U-0001ok-Bo for dnsext-archive@lists.ietf.org; Sat, 21 Oct 2006 05:27:22 -0400 Received: from mctnnbsa30w-142166080106.pppoe-dynamic.nb.aliant.net ([142.166.80.106]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GbD8S-00007n-8j for dnsext-archive@lists.ietf.org; Sat, 21 Oct 2006 05:27:22 -0400 Message-ID: <000901c6f4f3$18a4ed90$6a50a68e@hppav> From: "Just xbbNot" To: dnsext-archive@lists.ietf.org Subject: reg reqd Brothers Date: Sat, 21 Oct 2006 05:27:14 -0400 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0005_01C6F4D1.917C6A30" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 3.4 (+++) X-Scan-Signature: 343d06d914165ffd9d590a64755216ca ------=_NextPart_000_0005_01C6F4D1.917C6A30 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0006_01C6F4D1.917C6A30" ------=_NextPart_001_0006_01C6F4D1.917C6A30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Optimizers Seos fake keywords Spammers spam pages in receives visitor = day month spammer not seo in once Airport effeciency mids of Hollywood = ordered among handful is Wasnt formula worked a airports. Weekends fun romantic journal your so thatpeople can more geographic. Per slightly mix quarters catalog Thats true am quarter catalog = ratingson linkrich dont examine in argument Googles Pagerank machine of = popular is linked wanting ran concluded incredibly obscure a happen = relevent. Nowworld xbbirans Israels Foreign Ngos German Scrap in xbbno of Tubes = Classes Arrested Hoaxtrial Aiding Terror is Woes Feuding is Analysis = Battery am Ugly Choices Warformer Clerk Panel a Alerted Speakers Office = Senate bid in. General Kimberly Mccullough Jason Thompson recaps spoilers here of Play = Opera Solitaire other Need of chat share vent a Catch of fans or here = Parenting Wondertime. Adsmovie a Minutes Marie Heartland Clear or Headfast Tradespbs in tv = Anger a pollchoose Mutual is Etrade fine yourself identity theft or = Equifax Credit Watchget room style comforts Book in. Raquo Trade Tough Words Diocese Opens Inquest Priest of Grisly Orleans = Mystery Another Twist Nearly in Street or Paycheck Seems Boxoffice = Leaders. Animated film entitled released usa York Multimedia day Triallog Nowhome = Pagemy am Topics var. Thatpeople can more geographic interest chatting now a jump lively cool = a friends this Browse or mark used with? ------=_NextPart_001_0006_01C6F4D1.917C6A30 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Optimizers Seos fake keywords Spammers = spam pages=20 in receives visitor day month spammer not seo in once Airport effeciency = mids of=20 Hollywood ordered among handful is Wasnt formula worked a = airports.
Weekends=20 fun romantic journal your so thatpeople can more geographic.
Per = slightly mix=20 quarters catalog Thats true am quarter catalog ratingson linkrich dont = examine=20 in argument Googles Pagerank machine of popular is linked wanting ran = concluded=20 incredibly obscure a happen relevent.
Nowworld xbbirans Israels = Foreign Ngos=20 German Scrap in xbbno of Tubes Classes Arrested Hoaxtrial Aiding Terror = is Woes=20 Feuding is Analysis Battery am Ugly Choices Warformer Clerk Panel a = Alerted=20 Speakers Office Senate bid in.
3D""
General Kimberly Mccullough Jason = Thompson recaps=20 spoilers here of Play Opera Solitaire other Need of chat share vent a = Catch of=20 fans or here Parenting Wondertime.
Adsmovie a Minutes Marie Heartland = Clear=20 or Headfast Tradespbs in tv Anger a pollchoose Mutual is Etrade fine = yourself=20 identity theft or Equifax Credit Watchget room style comforts Book = in.
Raquo=20 Trade Tough Words Diocese Opens Inquest Priest of Grisly Orleans Mystery = Another=20 Twist Nearly in Street or Paycheck Seems Boxoffice Leaders.
Animated = film=20 entitled released usa York Multimedia day Triallog Nowhome Pagemy am = Topics=20 var.
Thatpeople can more geographic interest chatting now a jump = lively cool=20 a friends this Browse or mark used with?
------=_NextPart_001_0006_01C6F4D1.917C6A30-- ------=_NextPart_000_0005_01C6F4D1.917C6A30 Content-Type: image/gif; name="powered.gif" Content-Transfer-Encoding: base64 Content-ID: <000401c6f4f3$18757920$6a50a68e@hppav> R0lGODlhgALkAYf2AAAFAHoAAAB7AIeJAAEIh4MFggp8ib3Jv8PVua3K5DkVCGgrAIItAJwVALMk AO4VAAhMABE7AEBEAGNKBXJFAK01CLNEANxECwtTAClgADZcCl5tAHFcAJhoAMJVANhtAAB4CxZx AESLA2Z4AI6NAJ1+Ar10BeuAAACmBxSXDkOqAGydDIGTAaGbALimAN+UAgDGBhe4AD7AAFa4AHG3 Cqq0AMu4CN3HAAbeAB/gADfnCVnqAILnAJzrAcHdAOTrCQwAQxIIRkEEMVgIPIMAP5sHRcsAPe0M NAAfRRIZNzkqR2MsQYEcTJYbPMoUMuMqQAY9MR9ANjI1TFQ5Q4Q1SqJLSLk8MuRHRABtNRtsSkJt OW1dSoFZEJNcNMBeSelpPAiCOCB3P0hySmWMRIl3OpN6R798N+l9RgCkNiqsMkWVNGicO4yjQZyj R82eStqsTQm6QSCyNjbKMV7CTHzIOaHHNr3GTeG8SgPqRBPeMUbWMVfTTYTfSKDdRcbkOdnpRwgA cigAfz8Jf1YOhoMAeZQAjcUJf+QCjAATci4uc0clf2EVc3UhjKYegL8fh9QfhgAzjSIxekc5h21E h3xOjas7dcRDht8/dwBTeRxlgkNhdlVieIZsepRVjbdiitJhfgB1gSd/iUtzemRzeoeJd6uAiLxy iuRzjgCdjhOVgTOYgVqrdXGtg5aZgLaShtKXgQjBdyXJfkjDd1TIhn+0eabKgsmyiu2xgQDdfRjp hkrTfFLRd4nTiqrifM7rg+PbiwAIwywAwzgAxGcAv4UBw6QOzMgAtdIDxQAuwikltEYhvGghxH4k uZIaucQWvuMesQBJwxpMwDk5vVo0xXgyt5FKwLFDsd1OzQZcuCZntEFkx11mznpjyKxotsZevNJt uwGMvx6DsUyGxmt3uYGCv6J4u7uIu9KOsQCutBSjsT2Vw2qfuIGexJOrt7iRu+uSwwC7yCi1vT61 vGLCv4y1u6e7u//745udsIF3h/8AAADwCPL+AAMA//AG+w73////8CH5BAD7s2UALAAAAACAAuQB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjBP8pXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9RWXsOK HUu2rNmzaNOqXcuWLVKh497KnUu3rt27ePPq3cu3L8RNfgMLHky4sOHDFdsqXsy4sePHkCNLnky5 smQiljNr3sy5s+fPoEOLHk26tOnTqFOrXs269WeIrmPLdixUD+LbuEfO3s07be7fwA/3Hk7ca/Dj yPkWX171w/KDj5JLnz506Yfrzv9h3859+1PsTK83/81uvTv38OSVpgdvfbx79Oy1d5fvvfz6+urn wzcvPvv5/f/R951430VFHn/8qacUdQw2KJR84WknVXrjHegfhRRKGOGA7xEIoYYKrveegiBuWGF5 JKaYoVMYutdigeihmJ+MJrrIYo0bOqjjjillteKK7UH1onMijpiijUG+CCKRQdboH4xGalhkiUJG yWRzVjZ55JbtZThllMyFKeaYjEEEJJBcpsnkl1ueWeKVHXap5ZFP3gimhFOiOeePVrEZIpRp4mln oNnxaOihIGF1pn6EFlgnlVS6uSSkUsrJZYDm0Qcen3kyuqeQHlY555+DNuolgATqSeaqrLa6loX9 Tf8oKpKVZgnlk3zWqquWj+JIKZH4UWqrgWj6KWipv346aqCuNuvss0uZeaOektLaa5uz4nrrpLla CianvFKlpKyAgovsj8G+KSqi7LZ7UqTCMjtkhKf6Sueu6h6YLL2AKpunuHciq2yT46o5cLwLuqvw wh19SOqsLFrYZr3LRnohjQ7PWOq1akoML8LYnguxwx6WTPHBxmrI8MosF7RVfZlWbB+OoQpYMYb3 dUsofpkWG+qpMc98c7r2xgcfqN6NmzPM0Dbt9NNQRy311FRXXeZDVmdNWctcd82Q1mBD5vXY7IZt 9tlop6322my37fbblsEG99ydkW23XHTnrffefKP/BZEATQHOlOBKES7A4YgjvlTihTtFeOCK/5P4 4YMHLjnli0+uOeaWZ8645587zvnlnWcO+eCjjy755aFXvnjpVj0OOuuaow575I27/vrq/9ztu1FY PQ648K/LzrvpxTsueuWyY0587k89D33jhp9+fFScO9+89chnL7jqw3O/uvTGTxU+8tOXT7rr3qd/ /fd9owVP/K5VX33ysF+/u+7785/7/dO7nf/Opz/eqW+A1EOg/QIIP+IZz4G6OyBUCFhA/+Hvf6Vb IPQkSL8OskqD7yug9PKnP/WV73zbmyD/tgdA5pkveuNTYPJOGMMLRrCEFXxhC2EIQwgq73gE3KEH /4cYG9iA0IcrnODmSBjABD4Qe0l0YRPHVzsL1nCHDUyg8uCnxQzikIM97B8PfwhC9l3wfr9Lo14M uDsApnCKIsyg4miIOzGusHVAnCIFxyhFNpoxi1tsYwW5iMPo1XGDcLQjImvYOUI6MmFqjCRPtBLE 9+FxhBZ8ow3xp0kBMvBzdHxhIDF4wy72EZCNvCQlQSnKH7KRhl2kIBiJSEvSyK2S5MsfLDNpuSfm UZHu69/9fAnGFCJxkX4U5AxdiUVK7k+CJpSiJnH5FElaE2/rQ980xbdHER5zfblUoRgJaUpwUqV9 Jezk/wxHTtI1r52YPGcqo+jKwn2PnbbLZ+6uyf9P4DEQgYpkJRNpZ8/WsVB1whxl8SaHOoYaEpPg 42Md30m71HnyKtM8ZDT1yTo+FrKfIH1QLUcalpCa1CckTSlXTspSlaj0pTCN6apaStOa2vSmOM2p TnfK0576lDAyDapQh0rUohr1qEi9ygCSytSmFvWnUI2qVKdK1aqy1KlYzapWt8rVrnrVLFYNK0cA AACxEmQPZk3rwsjK1rKq9a1wPRRb40rXutr1ri35ql73yte++vWvgA2sYAfbNLwSJQdkS4FhGzSI xTr2sdUhrGQnS9mpdKOymM2sZjfL2c569rOgDa1oR0s/uZGWbpAl22lXy9rWuva1QuWHbPnxj9n/ 0lYpt61tbWXLlNni1rdLsS1tgRvc3Nq2uMPtLXJzW9zlMve3TmFucoO73N0S17rG5S12q/tb4ypX uth9LlSOC17hVte7yA1vdLWrW+qal7rwtW58vZvc6cK2ls9F723Rq9z2jhe+0uWvfvUrFfbidrzi LW9/8/vfAzs4wdEF8HcFbBUGuzfCC8awg5tC4PmuV8IP9nB9/XtftkEEwhcGL4c3/JQOt3e/GdYt jMUbYxaDOL4y/q6GVwxiC/f3wineMI13zGL72jjHO0YxkIUc4RnzeMROTm5qx4aV/fK2vD6er4G1 rGIY9/jA073ui39c4+76VsHyPS6ZvSxfEtvY/8hh9m+CDTxn8gJ3zg0+MoNV7OYxG9nPSIZyid12 Yh0HGcd61jCc7xzj7JI4v9elsZpxDOdH97nIiVYymA29W0TnmdJuhrCkyfxmSycauhYWdI6lPOWu ZYW+Xz41qeUc4iW7eMyY9jCPc73pG/9Z131ms67RzOSqZPnXqU5yi29M613jmtYjHrRM7cxe+tL5 ymIuNpLBTNwz/3jSpg72mhcc6TODe9Lmvna11S1s/lKFvBPutreLXG0EB5jOyu7urmH9a2n7+98A D6ppA561Vhv84AhPuMIXzvCGO/zhEI+4xKlK8Ipb3DgTz7jGN87xjnv84yDH5sVHTvKSm/zkV/8J ucpXfhCUu/zlMI+5tFlO85rb/OY4z7nOd87znktV5kD3t8+HnvCgj+kMRk+60pf+HKI7fcpMj7po n071iI8JIV3BusyrXpSrt3ylX48514nidYNkPexwqwBV1L4ctvdu7DLRSluXwla6A8Du/5g73pVy d7rn3e+A5/ve8953whO+7pGpgOLdvviluP0fi2e85B0vecY7nimNf7zaI3/5znM+8ptXPOVD33jI l77zSjk92x9/FdVzPvWnx3zmVX/52L/e8pCX+m4KH/i+kxXvhQ++8AF/d94bXvB8H37y/04Z1uc+ 9dBH/eonD3vPR9/506+99bXvFNx7vynOj77/+Fcv/taj/vnl7z74t4976T9f87p/zUOMz3y/F//v 90e+7wW/f/w3Jf/9t3/3l39M0XdatxUIgX3rB3/at3nvd30QGH7kN4GYh365J4Hb94AV+BTtB32i 93qm54Eb6H7pB4Hr14AjOH4XuH5wJxT0Z3wD6H/Bp380OIP/x380KIP4h3jMd4BakYCw54AVyIAi 6IDk936iV30cGIEWKITXl4TjB4VICIWxh36sJ4SWN4FXeIJWuIRT2IQhmIJdKIXQ14IxgRUveIMB eHjC93v154b113u+h3hrSH+OAX9bSIQrqIG3N4ZeOHl4KIbt54Qa6IUqOIQq+HnqN4IduIgi/4iC 52d6SUiIFhh/q5GGOSiAN2h/BRh4nkiA/sd8oIh8jPF9JniIR0iIWHiKGbiHhViJg4iKUaGHppiF YniI5aeAich+7reFYGiJrqF3h+eJofiJcWiDnciJymh/emeHbAGCrveBtIeI3OeKmveBQ2h7pQeC XeiB0jh7ZHiFUuiE00eJo8eFQXiE6SiJsbiNsEiC/6AGwDiPshF+rmKP9BgZA9d0Zgd2/Tg3+Egm bmeGMJGPBnmQCJmQTkOQDNmQDvmQEMmQxBCRFFmRP6eQGMlVFrmRHNmRHvmRIBmSIjmSQZGRJplV +3g1/3gaPuiPJAl3+oh2ptGSCPiSLRiTK/85kzJZkzZpc1kxdzMIh78njMNIiq7COKFjPwh1khmZ hnMIfMQXlc3yRlwkREzJdBDhlDgYgzjYiTAISS6TGgjhS07kOj15cz8Jh2+og82ohpsYJvckS9mU SFdpdAOHjHW4jF3pFDRpSwdxTOHzPGfpk1uBlzUolaL4lnB5RqSUQ3WJkESJjPzHg0XJhkYJl3OE O0o5S4/pcim5GH05GqGJFYNZc515mjG1Bp95FqPJKqXZc6gZm7I5m7SZcvNHh0KZm0NJlEzRmqjx lf83h7/3mg0ZlKQomXEIFb5pGs0InKBInAxpnGuZnNRpfMtJGqPonHEInTqHhszIe/1XgDz/6IzE oZbJKYDmWZtLl5V0eIyXSZ18uZOsoZba6XfcaYb1OZ3EmJzXWRoEKJ3g+Xb3SZhWAZw72IbF15Zj IozteXyUqZ7riTVt0Z/YeXYDynWKQaGjQZ5UcaEECqEgGqIiOqIkWqLNwp67aaBBCZRAaYzfaXdD mYzxmZNiAZ52KJx3RzZR4KFAdRU3KqPSSYzhaZThaaDwuRgtep5DOmj2YKKO8aNeGYpGWowuuqTu eaRq8Z/vaaVOepCUqZUAiJtumJ5sOKb6l6IN2hj0mZ7CuTd40KVzw6UxuKRfiYmZGKX7qaZTep5w apcSSqVRCoCKmZgySqhrGaD8KZ9eAYpF/3qDPIqfY/qg+tlWCVp3khmg42mpyWidilqYmUp8KQqW j1p1vaGhVcGhUzGqMMkbpkoVqCoVqvqhfTqrULOaqtGqaxGrqyobuKoWujp2ksqbQvmJDNqGwYmm lWqevRoVxiqekSqqv2pNChAYQkqseDqow6qf7wmfy/oUkVmo+xetpHqZiNqoUHqnhpqniNqtbqmY 5Sqg4hpyaZl8jJqD23qlbXqmyQqujGGeMGimWEqrJmdaRoqjhQqu7Xmp8GmH7OoU2eqtiRmvK1eY bzmkyNl7eGqY5xqwZ8GVxsilAntyKOqw4wmkUKGweGmpDJqMDQujBnugeyexTrcbLXuwpP8ps0NH s53KFa8aFTibs8xRszz5szkXJkL7g0S7cSG7tGqjot+JrNpKqYP3oCyqspKKFgjqrPTas0z7b3Lj rxg7pXIanIi5p9y6s66qqcy6nUm7MkqAFz9ZnTrIp9fqruhqp/yKtdrqsBzbtRWXlZOpiWEaqc96 sptKr6C6ry7arboJsUXZtjkntYGarnzqjDZqpijruE3BrmBrsznqEOcAuVAnd3zLlWK7rZk7qQtr s2VRr4B6r05xDufgty93rgiarFpasdeatZJ7pR0rpk9bmVIhu7RbvJbBtVhBvMZ7X7Y6G5xroQMh u6ErukWHVcq7vNgbG9ebvdyrGtvbvSX/VlOyS70SB77me77om77qu77se5Lk+77wG7/yO7/0W78T 2774qxn2u7/8279rlL8AvDX+O8AEXMAGfMCGEcAKjJMI3MAO/MDvssASPMEUXMEWfMEYnMEaTFiq 0MGqoBQe3MFL8cEj/A8e3BQnbMIp7BQhPMIkDMIoLMIhnMItjMJM8cImfMM6vMMlrMMz3MM8nMNA LMQgPMMv3MI4TMRF/MFGnMRLjMM1HMM/nMRMvMJPPMREXMNULMVIbMNGzMVgfMMr/MNKTKuwAcVK TMJHjMUwnMYsvMMizMZbPMRz3MZ2zMQ87MRbjMZl7MZAjMc2HMRlrMeB/BR8zMeGLMiA/5zFcBzI aFzHhTzIfZzHdFzJfUzCqooVTizJaizIbbzJcpzDaxzJfhwVndzJJYzIhOzDjfzGomzHrxzJqxzK ngzLtOzKtrzIqMzKvEzKoIzIMAzKd2zLsdzLbNy9m7zHkuzKwnzJxTzLsNzMQgzIj+zFiWzMu9zI 2bzIlqzIuEzM4AzNQazMn/zG5OzLUAHMxXzN02zO7kzKs5oQnmAQRyzDXizOd2zFxEzN++zL+lzO uzzKx8zJrezI7TzM48zCX4zO7HzC+BzNXxzFhHzODr3Q39zEKhzFV9zPE63F0Pqz5xzMywzPI53K Js3Q7HzSz4zFv3zPY5zIayzQkCzONP+dztZM0qUs0ox80yqt0wOtztzMzKE80a5MvSEdy+oczvCs y85cy+Fcz2Kszy1tzD8N1S4s1Z4Mybls01Q9yTm90s581EE91VvdzKNM1Dzdw5msydiM0JO8zRcN 0d+c08lcyDNtyj0szSh9196c1Tjtx0ndzT4t0Dtd2Ovs1UDt1W6tygVdvHIzxRLtw3F81Rut0JMN xVQ82YP8z1vd2eBM2Uqd0ob91Rk91lLs1E9cz5od121d2UvMxaad0ntMxt2s0aVNy9S7wY+R27rd GGvd28Ad3MItFhBc3MY9mIBx3Mq93MwtHMPdQfL4Dz7w3NQNW8193dh93dW93dzd3d7//d3gfcHZ zdzhHdzjvdyt4QnlbZLnrdzr/d7wHd/yPd/0zd7tbdz1bcH3jd/5TcH7XdzUjbz93b1kOuDqW+AG jr4I/twOTFb/jcAO/uAXvOAJDr4U7t0PnuEabsBfteEt1eEeflIgHuIhpRQFcOIF8A8onuImvhQp juJMAeMmvuIqHuM0PuM2fuIqfuM3PuM6vuMsDuQ/vuMuXuQwHuQ17uNIvuRC/uJF3uJCXuMkTmVY geRJnuQsHuRWnuVQ/uRdbuNe/uVX3hRajuVijuNQXuZEnuZQMeROHuNe/uZhXuFzAxFWPuZOzuRw buZ7fuZcPuaAfudd/uZ/vudcrueE/w7ocH7oTpHnfF7kF/ECU54cVe7jeL7mcy7jUY7nml7oMt7j mq7kli7qbI7ppe7oQG7oNQ7qq37ln07nL8Xksn7pi57pfe7iod7igv7lZS7nd87jtK7lck7rRP7r rW7suw7rQ9TrT+7pZF7qYb7lt97qbd7niR7ote7qvD7otz7suk7t067sJEXjrK7rQ67tK/7iR07u i/7p5J7rwG7uR57tq67jer7p257ucY7rP57s4o42zctUkw5SIz7wBn/wCJ/wCj/p/96+C//wEB/x Ej/xFH83Dc++FZ/xGr/xHN/xHv+/F5++Hz/yJK9xIa++JZ/yDsEJKo9XqjEOJ590Lf+/kbDQMDF/ 8zif8zqPGpix8z5vmw7x834VHFohBWNh9EyB9Fih9ErB9Ivh9K4B9UYl9VkhBVSPVFffNka/9VRh 9Vb/FE6f9VAR9mO/FFvv9WHB9Gr/D1m/9lch9lsh9V7/9VYB9XN/FldP92zf9lWP9mnB9Ww/9n4f FXD/9E2h9IXf9YhP+Ggv902/9Hff9WB/+FUDG4NP+FNB9lVP+ZP/+IvfFW7/+Jmf9EuPFo5f9Jz/ 94xv9olfFa2f9qLvFJ9f9pZh94F/9HCv+amP+l6h+UT/9oHP97JP90h/942P+MUf/LG/96EP+Lc/ /E0/+JG//Fw//dQf/cV/+c8f/az/T/zZr/fWb/aU//3Yv/ekf/7B7/fTr/7pz/ykX/3cr/xnD/66 n/TEn/7e7/bJf/bMr/vZDxD//kkZOFAKwYMECyI8aFCgQ4MNBSacqPAhRIkPEU7UGBHix44FF4rk eFHiyY0eI1o0aRLlyYoNEyrMeNHmTZw5de7k2dOnT3tBhQ4laq/kTpoyO6YcKZIlQ44sSbakGTIn U6wuZzadOlNpVKtdwY7NalFqTJlVx06NebTs0qVqz25kurCqWactbeKFuTbk3bxHSaaEGthuSbVr 6yamihMvWcFS5YJsy5bwYMx7rb7lC/dfUdChRY8mXdr06dE/VUfG/DYwRbM1BZOl/3j1K9enjR+z 7sxaI+y4t7PelLwZsU7XuFsb1ytXeOvas5e7nU13ZOKntbc+7v26bfeVe2/rne5csna2mmNf7j7X eOf26VfPp1/f/k3URlXHdw1YefriGPMtudzg2k2s+MIqkKvpDLOMOQbV80y5BAeEjL+rNFMMwoow MmxB3z7MzL/k5PNPw/IgUzBCCfM6cTjyMMTws/xqtPFGHEW7r6etVErqK/MyG0w2IcPyiLvoEAyP PKdeOu8ltL77Cz0js/sxsui20y7LvqKqqbgjJ7xSPCiHLJO5F5mU0q0uJwsTsTMrc+83IOEE0Toy kSSxTeK0ou7H4c7acVBCCzX0UP9EVxP00EV9atRR+h5NVE1JJ7XUyEsz1XRTTi+ttFNQQxV1VE0/ zTBSIkndD0VVEzW1VVhjldW2V2edNT9bc9V1V157fShHYIMVdlhiizX2WGSTJdZXZpt19lloo5V2 WmphxVW+SFn9qdZMuc3V2065BVdWZcs191x001V3XWMVZZG4JKvMlta6FI3NMQeXnBPVVHn0NE9I ebrMMdky6lErAbGtdmGGG3aY4EolBdNdfAs1WNB6OVRzVen8tXTiiLft2EGD5R153IdTVnnlQ/PD 81Qy7WSoMA8HNlnLOK3jrN7eYOOsQyaTos5DH7ek2UmgB7xXLBcdOvg4qO/0zOf/5YT2iF2ss9Z6 a667Lnbk5p7rj7cT/aRwQgPPvktspvlyk7fjJiPQuzQnbiq3AgHDzuyog077r7ji/tVrwgs3/HDE h/JmWI43HLtJrPoFK0Ew6863x8X+pFNqzCF/+fGZS0TQaCV1HtqvzhVEL28xqUz8ddhjlz1xitWe +kLAM5zbQtsfbCz3/1AU0OazVczcrxGbs6wwm1lXsroWoQ6+o9mrt/567EvrlnTPvXuzyNS3C47S KMv2nUrx6USYbyshj9J74KRfUs7xkp8evND7DNu8xdJCmWUAyooaAazPtVT2PwJqK4G2yl4DHWg9 X1RvgbSaoMUqeEEMagoXGeRg/wc9+EEQhlCEI+SJAUl4QhSmUIWqeWALTwM2QyHwPpJTVcYCJqqQ dWtWMqydrngIwx6CyoVDHM3LIEZDDS0qXgJrHNyQs8QZKgwpChRY/JjIxIghUX8wfNqOElYfvFUM Xo3CGBDzZEP7iCuJNwSQGWlERAnaS2JgPJkb57WiKU4KjVdMIx2x6LFameqHyiMUiKiYL0xJkY+D VCMhq4ipQa4QVEbcIm2udDHnYSQtKlKfSkr3pT6NyW2YzN/dliY3LoGSKqkkzKPOs0agbQlfSdqX 6ayGuc/FbH5OxFnlOomSDokSiuvZ097CczAqHeY38yvYa4QmTC1KckfXyiLVGv9kSE+SiDbCW574 5mTNGRVPmYzJZYXkdM27IUeMnuSQe/b1nls6TnAxAp9XxNk+zf1ud/T0Uj7viU5fcrJpt4sPHK33 MW72jXzEpFvS/MlLVsFobuHE5czEVCTdXLSU62Rn/7BDpOFtUaJWHBjPLrqifQYvcuw5KT9VClCN ok1ETztlncwpzWeB7D2VfFtDKQOe5/nupRRFJ+Dk1lIJyUiBmYSf/VwKvQ2FqKRChVHpkPq2qVpO OruRKEzliby9lZGgX1UkTu1jQj5iSZSdHFr89FadLsFtiemrzDGn5D9yQgk+d7VSmuzqozGOqa3+ q+v4APbXrjxner/EoyWrqqf/u1rydBDy6ObKF9n3BQizSismdQz62aCYFYD/UyIJI1nJBJ6WVKCV nWg9CEVHRROEqi1sAGHrWtzmVre75W1vfftb4AZXuMO1FmuNe1zkJle5y2Vuc537XOhGV7rTpW51 rXtd7GZXu+oibne9+13whle84yVvec17XvSmV73rZW973fte+MZXvvMd7nbte1/85le/WbPDfv37 XwAHWMCgoW+BDXzghw1YwQtmcIOfi2AIR1jCvXJwhS18YQwfdMIb5nCHPfxhEIf4WRkmcYlNfOJz iVjFK2YxflD84vzQAsYzJnGLbXzjD9NYxzvmcY99/GMgB1nACRZykY1sZBwn/1nJCEZrtY78ZCjz eDX8eAiVBUJlK1+5yvzI8patzGUu3wTMWAZzlc1c5jIvuVe/UHObe5JlOP+jy182s03onJMuy7nO d9bzRfLsZkAHuldY1jOfC21nRPdZzIs+s6Id/WhBR1rSiMIVoQkt5zFfus6bTvOewzxnTCday2+M cqlNDeRDXxrUeWY1o0et5VU7Os4COXWtDZoN7HJjwKnuM6gV/Wdgi1rTd561TWx9bGSbRtdD/vWm fx1mO3+6035Gc6fjnOYsJ1vb2x7Ksqs7aXCHWzXcEHe5zS1NcouwyedmN4RP4+3ptlve4U53CNeN Wm+RloO0ZeN8PsXv3y3zY///XiHAZaqrE79PW/mmYB7VeUiIxxCREdVhwANG8H6/6ngIFZmr0ppI P4IceJCi6b1M18Q9hmgnCZ/jxjzGUZhHfIdAxGbFKYbxl2er5hLvOKJa/i+XO5JHNrzYwXOO87KS OsMY6wvOPgIT4snMsqN0mikLa1GzkU6va9OkZQUer86t1bF2IaVLmPmkmtKM7HMpm8/0tkl2Fo2r 1+GSwr8uy5p1fe3fSbvVYlmwjYL0Xba8Dv2aaaC57u99J77k39I5OuRJb6JTwl30GptVwbnpsZN1 W1sHWvioSp5kY4XegRw/U823EayBA1/ri8f1B4Hu8yZ1fc+UB/bCEz70K1H/CtW9MjcbDUK6PfyZ 8dYUd9FTLvnJlB/THo95/tX+8kLS5l53H1ZaBqeniwVOJgPVfKBWqPFq7Q9J1Sd7utL+QNj/EjIJ SXhzhtH0Ydw9eJVqfL9+M6b5BKrzpYb/zJOf9eO8lqo+x9u8BqEnd4oe1jke5XO9CBG/2fMbgeKO ybkdBgk/AkxAnnq/3CsquTIZsjI4lqEm7gEU+FGsxAoUo8E6FsQ6L3mScxoobXKfXbJBr8Onweo9 vmLAq0slwEKqMFmQZEIlGQQQkgLC+VOs8bOT13NCC1Q8H0Q+slu4DwxC56M7wcOsHgmwciNB1Jq3 ENI3MXQtMKytMpwtL/qt/3tLQzc0MAV7QzmMsDisoDMMOYe5QxwaLjKMokJCuZa5LoZxpaAbOXjp IzmqH1nZOUMUD0SsIWj5uUL0N1iixKRzuDUUmS8KrjbklZLJI1fSQ4xaRNPTn1BcGFF8RJjhuEa8 uEHhIY2buLPatRPUuvEpOi1cpWYKErq7QWc6mrcqGodDJrYbrG3KLM2yQbrYqNyxprwTJrs7kro7 O8I6v/U4xqybKxTUu2WMJX2BO00CpmUixmjEq6+rEu7JRsDDxZphRvo5Ruwivv1LkXSKq+u7wH4S EQ+kwbwLQ8qauBpUuyc0KugQvX2sPvO5R/7zKg/svNFTSPQLKfQjK4OESP8MpL37uSoMxMcBDKXt szfUIEL7sb29MyQErLqoWsKmi0HRua2566LVuazz074Y2R2VTL306yaMYj+bhCUCyb7rMz8U5Coe xD+hrMQm9D59oSoIPMlS6r4NnMkoiUdADL2JFMGMnEdjgqgMRJuPfMmKqUHP67+g+j6Vw7ydIsit SkAJbEYQVMDGokfPA73n87/zIb22kSmMdMqmzMvmocCqOiFcOUHDSp8guUaN5MKA45yoYcIyqaXN qqv2waeKAsy4Osm6/B5oqqfAc8xqVCjmAzs+8ZMotCL3kT3NLL3Imr8R+cTD0satbM3xC0xbVB+q nEORSy1BS8X46sQ2u63/BeLN9BJOValD3DxOBuK2Y0FO5mzO5HyhnvPH3PQ5NRyhSJKtZkE6UilF nFDO5dSjh6tEO7qj8cy5mPuhgPK4hwuk8ZTEmFvFj7NEoItPUJS4lBND3yxEsbpDgHNP9WzFP1zP ILIgTKRPVjzQ8Oy3AE0679yacGQo0nzHsGMliHk6nKRQs/tGb2Setdm6uxPHYJpGa/wlcPy7qvM7 qmFB9aBQ3zu5FQQsvCnCv+PQt3slarRRxIonqHDBGnVE0FuawWlQxtG5xPwq61sshcLHf1LLurTH cpqnllxIt7ypi0zGvumpyUtJDSzIxQTA5QOblDqprDqquNnED4zCeRtM/7Y5S7l80o7RvM9MqZwc ys0oyiY9SkdiRjL1ngglmfEgU5piyNTTy4dKye7h042TSu5jwu4pTZncKh7EUFoTUqzRqix8HLo0 yyv10qyU0rl007YjVA7c1EINSCb1qTIiqgq8y8j7voT5S7ux1AZUS5FkS4q7wpCi1CHdD8+UQcEq vkN1nqT8D5hk1O85TXoc1tiLTDgVO8bKwMfkzC79xmrEyDp9VeojzaZrk3WUzSN0P0XNRc3s1lzC wnPLz+28xExsN+IULl1lFx/CzhmSVzdrV3d9V2BxTn3dV37tV3/9V4ANWPoIA4EtWIM9WIRNWHXD V4ZtWId9WIiNWBRTWP+KPViJvViMzViN3ViO1VhTsC9j6FiRpa6KLVmTPVmUTVmVJaADWFmXtQln eFmZnVmarVmbvVkRIoYPGlme7dn9wlmgDVqhHdre8lmjPdrbJFqltTGkbVqnfVqojdp3XVqqbTF0 rdrmzFisnZR82NoCywew7dqwBdt/GNuutYmwfYizFYi1LduxLduLENu3Vdu1Jdu2Fdu4fdu0ndu9 jdu8rVuyZVu/pdvAJVy1Hdy8NVy0tVu/nVu4PVy3tVu9Ldy65QnHZVvKbdzILdzHxdy9vVyz7Vy4 TdvNvQnSLV3U9VzF3Vy8Pdy7jVzW7dy7PV23/duzBV3IhV3BzV3Urdz/tm0zXPnd391dtIXczC1e 4h3dnKDc1hXc4X1d2d1d6M3dyq3d5K3e6BXd563e58Vc1zVezTVd8HXensBe7vVd3r1enBhe4oXe 29UJ7v1e6R3f6X3d451e5UVcwE1f9iXf9lVf6vXfrm1YeiAw1ehe8UXe731fBbbf5VXe5s1fxH3c +NVe5BXe/MXfCJZg0aXg+b1gD3Zg+W3g/+3fCd5gvGXg9LXgBG5h903eCZbg5kVhDw7gBf5g9cXg D1ZhGA5fDNZg8OVh4EWN25VczkVg+d1g2Q3dy4VgDlZi9z1dHtbhH/bfHC5e/K1h2qXfJ2Zh2gVc Hf7bE+7g1qVhBU7d/w6m3tBd4jC24hkmY921YQGuYRhGYgYG49XVXyw+4S8+XK094PA94zpeYhcO ZBDuYiSm4zuOYSGeYSCuYv4lXSVW5AiuZBK24h5eX0OW4TYGYEGWYzrm3R+WZEne4zAWYevN4u1l Xs4d5EseYRbO3jRuN/RtYT2OZVCeZC224ERW4UXmXxsG4v/FYVwu4wRG5Sl+5WQuXzle5hXO4kyW 5VB25Wm2Y2LG3i7G5TRu407u5fH1ZGwWtGuZXCle3uPtYWyW2z4eXL4tZ9VtZ3WO5zh25+vdYin+ XMYd4dm1ZNAl5SNuZp9oYnqG48U14nN+5dE16PU96Fmm53QuZddl6PJE5mV/Zl/hPWJ7Xme4hVqv FViO7miAlVpTMweRLmmTflpIOGkhBWmWpkOVfmmYjmmZnumkbekU4gARugTnpGmeLmlq6GmgDupi +WmhLmqjzg+iPmqlXmrQSOqssWmoPqEBKi6mruqHdWqrzuqgxuqnjmqvfi+tDuui/mqyZi+xPuue Lmu1Ri+0bmuZXmu4jmu5nmu6rmtpmq5CQJxhcGu+7mu//mvADmzBHmzC1ja7PmzfKmyjBgDGVmzH 1ljGjmwAEGnEZjfJxs/HzmzN3mzOrunK/uy77mzRXmnQLm3TPm3UTm3VZqHRbm1uW23Y9qCAAAA7 ------=_NextPart_000_0005_01C6F4D1.917C6A30-- From owner-namedroppers@ops.ietf.org Sat Oct 21 22:04:28 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GbShQ-0006zj-5F; Sat, 21 Oct 2006 22:04:28 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GbShL-0002hR-DK; Sat, 21 Oct 2006 22:04:28 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GbSaP-0004N4-4T for namedroppers-data@psg.com; Sun, 22 Oct 2006 01:57:13 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00,HTML_30_40, HTML_MESSAGE,SPF_PASS autolearn=ham version=3.1.6 Received: from [81.200.64.181] (helo=shell-ng.nominum.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GbSaN-0004Mj-3k for namedroppers@ops.ietf.org; Sun, 22 Oct 2006 01:57:12 +0000 Received: from STJOHNS-LAPTOP2.nominum.com (shell-ng.nominum.com [81.200.64.181]) by shell-ng.nominum.com (Postfix) with ESMTP id 84A665687D; Sat, 21 Oct 2006 18:57:08 -0700 (PDT) (envelope-from Mike.StJohns@nominum.com) Message-Id: <7.0.1.0.2.20061021213505.03f992c8@nominum.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Sat, 21 Oct 2006 21:56:54 -0400 To: Sam Weiler , IETF DNSEXT WG From: Mike StJohns Subject: Re: WGLC on trustudpate-timers In-Reply-To: References: <69794150-AB34-4DA0-BB07-DF915816307E@NLnetLabs.nl> <451A7046.2030804@nlnetlabs.nl> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====================_446466955==.ALT" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.1 (/) X-Scan-Signature: efb5d987e2484f3d9a304cc31a003441 --=====================_446466955==.ALT Content-Type: text/plain; charset="us-ascii"; format=flowed At 03:40 PM 10/12/2006, Sam Weiler wrote: >First, my appreciation to MSJ for the excellent editting job. > >I found a couple of minor things in the doc that I'd like to see >clarified. While it would be better to do that before sending the >doc to the IESG, my only objection to advancing the doc now is the >discrepancy in section 2.3 identified by Wouter and Lindy. In >particular, the second sentence of 2.3 seems inconsistent with the >rest of the doc. There is no discrepancy... please once again review both the text and my response. >I'll start with the disucssion of how I think this technique stacks up >against the requirements (identified by the section number in the >requirements draft), then I'll list the textual clarifications I'd >like to see. > >I think this doc satisfies these requirements: > 5.1. Scalability > 5.3. General Applicability > 5.4. Support Private Networks > 5.7. Planned and Unplanned Rollovers > 5.8. Timeliness > 5.10. New RR Types (unclear requirement, but no new RR type needed) > 5.11. Support for Trust Anchor Maintenance Operations > (accomplishes replace w/ separate add/delete) > 5.12. Recovery From Compromise > 5.13. Non-degrading Trust > >I think both of the following are satisfied, though more text about >them would be good: > 5.5. Detection of Stale Trust Anchors > 5.6. Manual Operations Permitted > >I'm concerned that limits on the size of the apex DNSKEYset will >prevent keeping around a sufficient number of revoked DNSKEYs to fully >satisfy: > 5.9. High Availability > (but I don't think we need to do anything about this now) > >I make no comment on this requirement: > 5.2. No Intellectual Property Encumbrance > > >Clarifications: > >2535 is listed as a normative reference, but it's obsolete. Remove it >entirely? Hmm... I think there was a reason it was included - I'll review the bidding and remove it if necessary otherwise I'll report back here. >-- > >As above, considering adding more text re: how to satisfy requirements >5.5 and 5.6. That said, if it weren't for reading both this doc and >the requirements doc in one sitting, I wouldn't think this document >needed such text. Nope. >-- > >Section 6: "The stand-by key will not normally sign this RRSet, but >the resolver will accept it as a trust anchor if/when it sees the >signature on the trust point DNSKEY RRSet." > >Which signature? It's own? Yup. Should be obvious by context. > The "NewKey" event description makes it >sound like just adding the SEP key to the signed DNSKEYset is enough >to get resolvers to pick it up. NewKey The resolver sees a valid DNSKEY RRSet with a new SEP key. That key will become a new trust anchor for the named trust point after its been present in the RRSet for at least 'add time'. Not really. >Once it's picked up, it could even be >used to sign data in the zone (used as a ZSK) even without >self-signing the DNSKEYset, right? Yes, but it can't get there first without signing the DNSKEY RRSet - not part of this protocol to describe all the ways zone operators can screw up, just to describe what the resolver does when it sees it. No change. >How about: "Even though the stand-by key will not normally sign this >RRSet nor any other data in the zone, but the resolver will accept it >as a trust anchor. Accordingly, it could be used to sign the DNSKEY >RRset or any other zone data." ? I'm not going to make this change on a WGLC document. I would probably have done this if it had been suggested any time prior to the -04 draft. It's in the informational section and would require more than just simple editorial changes. >-- > >The phrase "SEP key" is used, with a reference to 4034, but 4034 >doesn't define "SEP key". It would be more correct, and perhaps less >confusing, to say "a DNSKEY with the SEP bit set". Make that >substitution globally. Nope - but I will add it as a parenthetical introduction (e.g. DNSKEY with the SEP bit set) once. >-- > >In the "Valid" state: "If the RRSet ..." Which RRset? How about "If >a DNSKEY RRset..." Yes, it's slightly redundant. Nope. >-- > > "Alternately, a trust point which is subordinate to another > configured trust point MAY be deleted by a resolver after 180 days > where such trust point validly chains to a superior trust point. > The decision to delete the subordinate trust anchor is a local > configuration decision. Once the subordinate trust point is > deleted, validation of the subordinate zone is dependent on > validating the chain of trust to the superior trust point." > >The word "to" in the above assumes a "bottom-up" logical model of >validation, which is not the one I'm most familiar with seeing in >writing. Perhaps a change is in order? Nope. Either "to" or "from" would work here - but neither should imply an implementation strategy which appears to be what you're referencing. >-- > >The abstract says "the method provides protection against single key >compromise", but 8.2 says "This scheme permits recovery as long as at >least one valid trust anchor key remains uncompromised." While these >aren't necessarily contradictory, they come close. Fair. >-- > >Section 1: "a resolver may need to know literally thousands of trust >anchors to perform its duties." is inconsistent with the requirements >doc: "never expected to be as high as one thousand." I prefer this >version; change the other doc. Sure, no change here. >-- > >Section 8.1: "This implies the decision update trust anchor keys based >on trust for a current trust anchor key is also the resolver owner's >decision." > >There's something missing in that sentence. "to update" - will add the "to" >-- > >The doc still flags as a "discussion item": "Should a missing key be >considered revoked after some period of time?" Might want to remove >that before sending it to the IESG. Yup. >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: --=====================_446466955==.ALT Content-Type: text/html; charset="us-ascii" At 03:40 PM 10/12/2006, Sam Weiler wrote:
First, my appreciation to MSJ for the excellent editting job.

I found a couple of minor things in the doc that I'd like to see clarified.  While it would be better to do that before sending the doc to the IESG, my only objection to advancing the doc now is the discrepancy in section 2.3 identified by Wouter and Lindy.  In particular, the second sentence of 2.3 seems inconsistent with the rest of the doc.

There is no discrepancy... please once again review both the text and my response. 



I'll start with the disucssion of how I think this technique stacks up
against the requirements (identified by the section number in the
requirements draft), then I'll list the textual clarifications I'd
like to see.

I think this doc satisfies these requirements:
     5.1.  Scalability
     5.3.  General Applicability
     5.4.  Support Private Networks
     5.7.  Planned and Unplanned Rollovers
     5.8.  Timeliness
     5.10. New RR Types (unclear requirement, but no new RR type needed)
     5.11. Support for Trust Anchor Maintenance Operations
           (accomplishes replace w/ separate add/delete)
     5.12. Recovery From Compromise
     5.13. Non-degrading Trust

I think both of the following are satisfied, though more text about
them would be good:
     5.5.  Detection of Stale Trust Anchors
     5.6.  Manual Operations Permitted

I'm concerned that limits on the size of the apex DNSKEYset will
prevent keeping around a sufficient number of revoked DNSKEYs to fully
satisfy:
     5.9.  High Availability
           (but I don't think we need to do anything about this now)

I make no comment on this requirement:
     5.2.  No Intellectual Property Encumbrance


Clarifications:

2535 is listed as a normative reference, but it's obsolete.  Remove it
entirely?

Hmm... I think there was a reason it was included - I'll review the bidding and remove it if necessary otherwise  I'll report back here.


--

As above, considering adding more text re: how to satisfy requirements
5.5 and 5.6.  That said, if it weren't for reading both this doc and
the requirements doc in one sitting, I wouldn't think this document
needed such text.

Nope.

--

Section 6: "The stand-by key will not normally sign this RRSet, but
the resolver will accept it as a trust anchor if/when it sees the
signature on the trust point DNSKEY RRSet."

Which signature?  It's own?

Yup.  Should be obvious by context.

 The "NewKey" event description makes it
sound like just adding the SEP key to the signed DNSKEYset is enough
to get resolvers to pick it up.  


 NewKey  The resolver sees a valid DNSKEY RRSet with a new
SEP key.
      That key will become a new trust anchor
for the named trust point
      after its been present in the RRSet for at
least 'add time'.
Not really. 
Once it's picked up, it could even be
used to sign data in the zone (used as a ZSK) even without
self-signing the DNSKEYset, right?

Yes, but it can't get there first without signing the DNSKEY RRSet - not part of this protocol to describe all the ways zone operators can screw up, just to describe what the resolver does when it sees it.  No change.


How about: "Even though the stand-by key will not normally sign this
RRSet nor any other data in the zone, but the resolver will accept it
as a trust anchor.  Accordingly, it could be used to sign the DNSKEY
RRset or any other zone data." ?

I'm not going to make this change on a WGLC document.  I would probably have done this if it had been suggested any time prior to the -04 draft.  It's in the informational section and would require more than just simple editorial changes.


--

The phrase "SEP key" is used, with a reference to 4034, but 4034
doesn't define "SEP key".  It would be more correct, and perhaps less
confusing, to say "a DNSKEY with the SEP bit set".  Make that
substitution globally.

Nope - but I will add it as a parenthetical introduction (e.g. DNSKEY with the SEP bit set) once.


--

In the "Valid" state: "If the RRSet ..."  Which RRset?  How about "If
a DNSKEY RRset..."  Yes, it's slightly redundant.

Nope.


--

  "Alternately, a trust point which is subordinate to another
   configured trust point MAY be deleted by a resolver after 180 days
   where such trust point validly chains to a superior trust point.
   The decision to delete the subordinate trust anchor is a local
   configuration decision.  Once the subordinate trust point is
   deleted, validation of the subordinate zone is dependent on
   validating the chain of trust to the superior trust point."

The word "to" in the above assumes a "bottom-up" logical model of
validation, which is not the one I'm most familiar with seeing in
writing.  Perhaps a change is in order?

Nope.  Either "to" or "from" would work here - but neither should imply an implementation strategy which appears to be what you're referencing.


--

The abstract says "the method provides protection against single key
compromise", but 8.2 says "This scheme permits recovery as long as at
least one valid trust anchor key remains uncompromised."  While these
aren't necessarily contradictory, they come close.

Fair. 


--

Section 1: "a resolver may need to know literally thousands of trust
anchors to perform its duties." is inconsistent with the requirements
doc: "never expected to be as high as one thousand."  I prefer this
version; change the other doc.

Sure, no change here.


--

Section 8.1: "This implies the decision update trust anchor keys based
on trust for a current trust anchor key is also the resolver owner's
decision."

There's something missing in that sentence.

"to update" - will add the "to"


--

The doc still flags as a "discussion item": "Should a missing key be
considered revoked after some period of time?"  Might want to remove
that before sending it to the IESG.

Yup.



--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: < http://ops.ietf.org/lists/namedroppers/>
--=====================_446466955==.ALT-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sat Oct 21 22:04:31 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GbShT-0007Eu-Jr; Sat, 21 Oct 2006 22:04:31 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GbShL-0002hP-8K; Sat, 21 Oct 2006 22:04:31 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GbSaJ-0004MI-Rk for namedroppers-data@psg.com; Sun, 22 Oct 2006 01:57:07 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.6 Received: from [81.200.64.181] (helo=shell-ng.nominum.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GbSaI-0004M3-N8 for namedroppers@ops.ietf.org; Sun, 22 Oct 2006 01:57:07 +0000 Received: from STJOHNS-LAPTOP2.nominum.com (shell-ng.nominum.com [81.200.64.181]) by shell-ng.nominum.com (Postfix) with ESMTP id 84F9F56837; Sat, 21 Oct 2006 18:57:04 -0700 (PDT) (envelope-from Mike.StJohns@nominum.com) Message-Id: <7.0.1.0.2.20061021211131.03fa55e8@nominum.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Sat, 21 Oct 2006 21:18:52 -0400 To: Lindy Foster , IETF DNSEXT WG From: Mike StJohns Subject: Re: comments on trustupdate-timers-04 Cc: sparta-dnssec In-Reply-To: <452E866A.3080100@tislabs.com> References: <452E866A.3080100@tislabs.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: bdc523f9a54890b8a30dd6fd53d5d024 At 02:16 PM 10/12/2006, Lindy Foster wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >I have already sent purely editorial comments to MSJ. > >I have a problem with Section 2.3 Remove Hold-Down: > >"A new key which has been seen by the resolver, but hasn't reached > it's add hold-down time, MAY be removed from the DNSKEY RRSet by the > zone owner. If the resolver sees a validated DNSKEY RRSet without > this key, it waits for the remove hold-down time and then, if the key > hasn't reappeared, SHOULD discard any information about the key." > >But the previous section (2.2) says: > >"To mitigate, [blah blah blah] ... > If the resolver ever sees the DNSKEY RRSet > without the new key but validly signed, it stops the acceptance > process and resets the acceptance timer. If all of the keys which > were originally used to validate this key are revoked prior to the > timer expiring, the resolver stops the acceptance process and resets > the timer." > >So which is it? The resolver sees a new key, then gets an RRSet without >that key before the add-hold-down timer (acceptance time is reached). >You throw away all info about that key, or wait for another timer >(remove hold-down) to expire? I think it is the former. I think the >Remove Hold-Down timer is really supposed to be talking about keys >being REVOKED, not about new keys subsequently not appearing in >RRSets. Or is it something else altogether? > >Other than this clarification, I support this draft being >advanced. FYI, I am currently working on an implementation >of this draft. See the note I sent to wouter@nlnetlabs.nl dated 28 Sept - subject Re: WGLC on trustudpate-timers. This point was explicitly discussed. Both are correct. The MAY in section 2.3 needs to be lower cased as its guidance for the content on the zone rather than actionable protocol elements. Information about a key (e.g. key state) is not the key itself. If the resolver sees and RRSet without the key, it MAY delete the information about the key, but it really SHOULD just mark the key as absent and wait a while (remove hold down) before it deletes all state on the key. It's implementation hints. Practical effect for the resolver is the same in either case, but knowing what keys have been offered and then withdrawn may be useful for debugging what's going on - but that has no affect on the key acceptance policy. My comment in the referenced message was that I was going to leave it as it was, but may end up deleting the section 2.3 paragraph at a later point after implementatin experience. >- -- >Lindy Foster >SPARTA, Inc. >lindy@sparta.com >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.4.5 (GNU/Linux) >Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > >iD8DBQFFLoZqAxJowVHHlGYRAv7MAJ9dYFFB9vguFhGwtiPD2irY6j2sQQCfaUZr >QPt9S29VUWJx2pImeyPw9vI= >=NXqr >-----END PGP SIGNATURE----- > >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sat Oct 21 22:04:43 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GbShe-0007nF-VX; Sat, 21 Oct 2006 22:04:42 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GbShe-0002lH-GW; Sat, 21 Oct 2006 22:04:42 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GbSaL-0004Ma-LU for namedroppers-data@psg.com; Sun, 22 Oct 2006 01:57:09 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.6 Received: from [81.200.64.181] (helo=shell-ng.nominum.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GbSaK-0004ML-A9 for namedroppers@ops.ietf.org; Sun, 22 Oct 2006 01:57:08 +0000 Received: from STJOHNS-LAPTOP2.nominum.com (shell-ng.nominum.com [81.200.64.181]) by shell-ng.nominum.com (Postfix) with ESMTP id 6081E56875; Sat, 21 Oct 2006 18:57:06 -0700 (PDT) (envelope-from Mike.StJohns@nominum.com) Message-Id: <7.0.1.0.2.20061021211910.03f92c20@nominum.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Sat, 21 Oct 2006 21:34:55 -0400 To: Robert Story , IETF DNSEXT WG From: Mike StJohns Subject: Re: WGLC on rollover-requirements and trustudpate-timers In-Reply-To: <20061012200807.9B4333F4B0@pecan.tislabs.com> References: <20061012200807.9B4333F4B0@pecan.tislabs.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.1 (/) X-Scan-Signature: e472ca43d56132790a46d9eefd95f0a5 At 04:09 PM 10/12/2006, Robert Story wrote: >OMK> On 25Sep 2006, at 10:00 PM, Olaf M. Kolkman wrote: >OMK> > This message starts the working group last call for two documents >OMK> > >OMK> > draft-ietf-dnsext-trustupdate-timers-04 >OMK> > Automated Updates of DNSSEC Trust Anchors > >Sorry for the late review. I have read this draft, and I support it >going forward, but I think a few things need to be addressed before >sending it on. > > >2.3. Remove Hold-down > > A new key which has been seen by the resolver, but hasn't reached > it's add hold-down time, MAY be removed from the DNSKEY RRSet by the > zone owner. > >I think this 'MAY' should be 'may' (or could) since it is talking >about the zone operator and not the resolver. Actually, the sentence >should probably be stricken entirely, and the next sentence reworded: > > If the resolver sees a validated DNSKEY RRSet without a new key that > has not reached it's hold-down time, it waits for the remove > hold-down time > and then, if the key hasn't reappeared, SHOULD discard any > information about > the key. Yup - see the Sept 28th message in reply to wouter@nlnetlabs.nl on this thread. >Also, I don't see this represented in the state table in section 4. That >table shows a new key that hasn't reached it's hold-down time ('AddPend' >state) transitioning back to the 'Start' state for missing key >('KeyRem' event). Maybe the state chart should have a 'KeyRem' event >transition an 'AddPend' key to the 'Removed' state. The start state is an amorphous state that can represent either keys not yet created or seen, or a key previously seen, but not currently active (e.g. removed from the rrset prior to becoming valid). It's just book-keeping. Feel free to delete any information about the key. >4. State Table > >This table shows the 'Revoked' state requiring a 'RemTime' event for a >key to transition to the 'Removed' state. Section 2.1 clearly states >that revocation is immediate, with no timer involved. With this event >remove, the 'Removed' state has no data in any column. Is this state >needed? A key in the Revoked state is "Revoked". All this says is that once the key is revoked, you can and should delete your state information about the key after the removal time. [I'm doing this without reference to a copy of the draft - I'm on vacation and decided to finish up the various replies at an Internet Cafe - I may be a little off target] >4.1 Events > > RemTime A revoked key has been missing from the trust point DNSKEY > RRSet for sufficient time to be removed from the trust set. > >Again, Section 2.1 states that a revoked key is removed immediately & >permanently. There is no mention of any timer. See above. Removal Time is simply a timer for state table management and not for key acceptance. >4.2 States > > Missing ... [Discussion > item: Should a missing key be considered revoked after some period > of time?] > >Wasn't this resolved? If so, the comment should be removed. Yup. One of the items from the Sept 28th note previously mentioned. >If it was resolved, as indicated in Mike's 7/27 response in the " 3 >comments on timers-03" thread, by not having a missing key >eventually be removed, then I don't see a way to ever purge a >missing once it's been accepted. I suggest allowing this to be done >manually by adding some wording somewhere (5. Trust Point >Deletion?). Something like: > > If the resolver sees a validated DNSKEY RRSet that does not contain > an existing trust point key, it MUST NOT discard they key. The key > MAY be removed manually by the resolver operator [after 180 days?]. Key can always be removed manually by the resolver - not a part of the protocol. An existing trust point key is invalidated by a revocation or by the resolver removing it from the trust point set. >5. Trust Point Deletion > > Alternately, a trust point which is subordinate to another configured > trust point MAY be deleted by a resolver after 180 days where such > trust point validly chains to a superior trust point. > >First, I think the word 'Alternately' should have been removed when the >2 preceding paragraphs (in the 03 version) were moved to another >section. Second, I have trouble parsing this sentence. Does 'such trust >point' refer to the 'subordinate trust point' or 'another configured >trust point'? Should 'a superior' be 'the superior'? You're looking at a different version than I am - section 5 has two paragraphs and the "alternately" paragraph is the second paragraph - and it is an alternate approach to trust point deletion from the first paragraph. The language in the -04 version is correct and non-ambiguous. "a superior" is correct - consider "." and ".com" as superior to ".nominum.com". "such trust point" refers to the trust point being considered for deletion. >6. Scenarios - Informative > >The scenarios in this sections are inconsistent with respect to how >much detail they specify about for new/revoked keys. For example, 6.1 >is the only section that says to set the SEP an Zone key bits on a new >key. 6.6 is the only section that talks about sending updated DS >records to the parent zone. > >I suggest inserting a new section before section 6.1: > > 6.1 Zone Key Manipulations > > 6.1.1 Creating a new Zone Key > > [text on creating a new key, setting bits, providing updated DS] > > 6.1.2 Revoking a Zone Key > > [text on setting revoke bit, clearing SEP bit (see my comment on > section 6.2 below, and providing updated DS] > >Then each scenario could reference these sections. e.g. "Create a new >zone key as described in section 6.1.1." > >6.2 Deleting a Trust Anchor > >Shouldn't the SEP bit be cleared when a key is revoked? That way a >resolver/operator which doesn't implement timers and doesn't understand >the revoke bit shouldn't configure a known compromised key as a trust >point. Too late to add the above - should have been suggested for any of the prior versions -and its a don't care for clearing the 6.2. >-- >Robert Story >SPARTA > -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From elvmuqvrc@rima-tde.net Sun Oct 22 04:45:10 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GbYxC-0006cH-He for dnsext-archive@lists.ietf.org; Sun, 22 Oct 2006 04:45:10 -0400 Received: from 182.red-83-61-166.dynamicip.rima-tde.net ([83.61.166.182]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GbYx8-0007kd-9N for dnsext-archive@lists.ietf.org; Sun, 22 Oct 2006 04:45:10 -0400 Message-ID: <000a01c6f5b6$5aa36af0$b6a63d53@lg6df14228c585> From: "We" To: dnsext-archive@lists.ietf.org Subject: visitors This section Date: Sun, 22 Oct 2006 10:44:58 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0006_01C6F5C7.1E2C3AF0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 4.2 (++++) X-Scan-Signature: dfc64cf6e4c6efdbf6b8f4c995df04df ------=_NextPart_000_0006_01C6F5C7.1E2C3AF0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0007_01C6F5C7.1E2C3AF0" ------=_NextPart_001_0007_01C6F5C7.1E2C3AF0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Jobs in Sports am your we have taken of the is liberty check out each = site you write brief help from am wasting time. Sport job Links is Hello to a all first time a and repeat visitors This = section has search for Jobs in Sports your of we have! For Jobs in Sports your we have taken the liberty check out each site = you write brief a help from wasting time. Have taken the of liberty of check out of each site a you write brief = help from wasting time Baseball Soccer Golf Home About. Visitors This section or has search for a Jobs in Sports of your is we = have taken the is. Smn Contacts Members Jimmys Resume Stephens Award Page pro Team Forum = is. From wasting time of Baseball a Soccer of Golf Home About smn Contacts = Members Jimmys is Resume Stephens of Award a Page pro Team. Sports of your we am have taken is the liberty check out each site. ------=_NextPart_001_0007_01C6F5C7.1E2C3AF0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Jobs in Sports am your we have taken of = the is=20 liberty check out each site you write brief help from am wasting = time.
Sport=20 job Links is Hello to a all first time a and repeat visitors This = section has=20 search for Jobs in Sports your of we have!
For Jobs in Sports your we = have=20 taken the liberty check out each site you write brief a help from = wasting=20 time.
Have taken the of liberty of check out of each site a you write = brief=20 help from wasting time Baseball Soccer Golf Home About.
3D""
Visitors This section or has search for = a Jobs in=20 Sports of your is we have taken the is.
Smn Contacts Members Jimmys = Resume=20 Stephens Award Page pro Team Forum is.
From wasting time of Baseball = a Soccer=20 of Golf Home About smn Contacts Members Jimmys is Resume Stephens of = Award a=20 Page pro Team.
Sports of your we am have taken is the liberty check = out each=20 site.
------=_NextPart_001_0007_01C6F5C7.1E2C3AF0-- ------=_NextPart_000_0006_01C6F5C7.1E2C3AF0 Content-Type: image/gif; name="Spotlight.gif" Content-Transfer-Encoding: base64 Content-ID: <000501c6f5b6$5aa36af0$b6a63d53@lg6df14228c585> R0lGODlhPALgAYf2AAAGCH0JDgCMAniJAAAAeHEAigp2cs26y8XauK3M/kkkBmwUAIMdB5kVALkq ANotAApCASVAADpGBF49AIJAAKJACss1DeJFAABfCC5gAEtWAlFaBHZSAK5tAMtdAOlrAQCCACqO Akt5AGl2AIOBAJZ6ALGIBueFAAWnDCiqAEuVCm6bAIGUAKabAMWTC9aTAA2+ABLEAEu9AF+0CYHA AZrGA83MANy9Bw3XBxzuAEDVAFbpAHPmBqHcDr7hBOzbAAEKSSsAMkwCPm4AR4cAPJkAMcoATesA NAwVNCQZMUQVS2keNIgaTJcrM7weOe4eTQo1QihITjg5TlNHPY48NKQ4PrdJN+1NQANRRBpsQEJm PGVTP4pmBJdRN7dpOeFZPgB7ORdyNTR6QmKKTHOARKGGO7WONNt8SwuYSR6UNEyfR26mSXumMZqT SbWdPuilSgDIQBO5RUG1S1O0QH7CSK7EQbq1S+rNNAzTMiLuNkfZOljkRIbsO6noTc7sQuPmRQAO hi0AfUcAe2wAi4YBjpIFiswGgOwDggkZhBYtikUkf1EfdHsmh6gSd7YcjucjgwA/fR8/jUhNhGpF fXVJhptJdcxCe+BNeQBTcSpZhk5tdGZXeHJrip1dhM1edNhshACDdiKGdk2Je2yFg3p6fppxjbOA f9J9egSthSaqiD2pfF6XeoiiiZyje7qljt+efQC8hCvDeUXJfVi+eoOzgJ7Hfsu4gdK6jQDZeibd dEPcjWvecnPufJXXfLLsjOrgggMAyC0Gv0UAyWwAsYsAv6QCtccNttIJtw4exiscyEklzGwcs4UZ yZQWxs0fzeYnsgBExSNMykwxsmUxuItDzaFEx7FBwNw2swBctSVbwjhstWJWtnFbtplbyMZkwNJe vAWByBpztUeDx2qJyo2Kyat9zbONyu2ExQCgshuhzE2nym2jwIuitZSRvrSqzN+czQC/zR3Bw03L tFPAuH7Lt6TOufn35ZWirn6DfPMBAQz/AP/4AA4K+fcB/w7//////iH5BAAPAMAALAAAAAA8AuAB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEMu/EeypMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHdpSpNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HUu2rNmzaNOqXcu2rdu3cOPKnUu3rkSiePPq3cu3r9+/gAMLHkz4pN3DiBMrXsy4sePHkCPXLUy5 suXLmDNr3sy5s+fPoEOLHk26NGjJqFOrXs26tevXsGM/NU27tu3buHPrVim7t+/fwEHuHk68uPHj yHkGX868ufPn0KNLn079a5/q2LNrf3t9u/ftycPz/+wjvrz58+jTWyavvr379zC/h+0uv779+1Lp 49/Pv39H/f4F+Bp8BLJH4IEIJqhgeAYu6OCDxAlIFYASVmjhhRhmKBmEHHbo4YcghijiiCTWpuGJ KKao4oostlbiizDGKOOMNNZoY3st5qjjjjz26OOPQAYp5JBEFqnVjUgmqWRlfvRk5JNQnrXklFRW aeWVWGap5ZZcdunll2CGKSZLUZZp5plopvnbmGy26eabcMZ5o5p01mnnnXjmqeeej6XA55+ABiro oBbJaeihNBKqqKCINuqoiItGyuejlFbqoKSY4mnpppy6hyEhmYYq6qiklmrqqaimquqqrKK1Rquw xv8q66yNdWrrreHRquuuvPYqqi/A+uLrsNUFCyyxyCar7LLMggUAAM1GG9yzdjlyGK7Y1vZstiVJ a+Sz0JbJ7bidbUuuSd4CCS6d57ZLmLnuGpaujtTOa29r4d6r775RDddBvAC7yS9Vfg48W8AIJ6zw wgw37PDDEHtIQMQO+kDxxRhnrPHG8Bns8ccgA/lCyCSvxvHJCNZwXsksy4XyyzDHLPPMNNds8804 o9fyzjz37PPPQAct9NBEF2300UjbmfPSTDft9NM7JQD11PElbfXBVGcd5tVcV9jLvWrcqzWlqsTc 9dlop53W2Gx3qfbbcMedVdt0Zyn33RXVrXeVePf/HdHegCvp9+ANBW64jYQnrrhUQyzu+OOQfxdH 5JRHd/jlMlaeOOacd+653pqHLvropJduurSfp97h6XGr7vrrsMcu++yVsW777SHTrvvuvPfu++// 4J428MTnJjzaxSffbjrKN+/889BH33AT0jedrC3HZ689QdV37/33Cf4cxPYjgW/++einr36M5Lfv /vvwxy9/cOvXH9T8+Oev//722e///yEyRNb4R8ACagqACEygAmVGgwVayYA7cyCV7CHBCvLGVhBs mQWTREEMZrBkG0RSBzv1QRCG8IQlJNkJV8jCFrrwhTCMoQyJl8LEtINHM0xgDUGWwx768IdADKIQ /4dIxCIaEXE79NgRzZfEJjrxiVC0yhLBF0V9TfGKWKRaFbfIRdkMootgDCOGslg9MUaLjNIzoxrX uCY0uvGNcIzjlthIxzrasYByzKMeH3ZHoxxhUnt80S52EUjeDbKQuzskImc3SEJ6qY9vGSQkaSXJ Sc5qFxpaZO8suStNevKTm+oiCrwFylKa0lCcTCUnrdCWU7rylWJSpSxnaRZYuo6WuMxlV2ypOl2x Q3FL0OWdsCfMUxEzNbzMki0WVEzYHFNWo4DkM5spqmlSM1PWVE0ybQMKEl7zm+AM57y26Tlxioqc 6EznjMzJznZORJ3wjGeI3KksS9DznpyUpz73yf9MfBKKnwANKI78OSiBGvSgCE2oQh1F0IIuFGoN ZdRDnxbRQE2UohXNqEY3CiUQaeGil+JonkBqPZGaFJckZdpJV8rSi6SjpTAdXUpnStPBxDRNNT0Q I3LK0576dGabANNN0fTTohr1qGwbKmquoFQNIvVkTY0qQQRAJDFIlYtPhepVt/rErHKMq0VySSe8 StaymvWsaE2rWtfKVoGBdUhtbdhb4RrXuj50rnjNq15bade++vWvbturYPEH2MIa9rBzGuyOEMvY xkKMD46NrGQnS8QyUFaHis2sZjcLlct6kLMq8qxoRxtDFmAMtKi9HWktldrWujaiIvDKamdL29r/ PtUctkXsazOZ20Pt9reU661wh0vc4hr3uMgNDHCXy1yR3MOkyWVTcyUU3TFNV0DVza52t8vd7jLx uuANL1e+0EfvmjeuAzjvS8TLXuQlLL1xba98r6Zeu6nmGKqyQ1hCMN8mPkoDVwJXfZMELnhJ0G8F 7i91CpyvytnPwAM2roInPLQIWziNFM6whg02h/5ceIIbDrEJD0uKD5v4xChOsYpXzOL1+iwX+mtx okQsIFjQOE1vuLGOiSTjHvdyx0C2l4+H3LkgP4fILzKyks+I5CYDbslQVpaTp7yXWMg1ysChspa3 XEgse7lXXA6zmN345TKb+cyvHTOE0MzmNrcvASAAIfkEAA8AwAAsAAAAADwC4AEHCP8A7QkcSLCg wYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocSbJkwjgmU6pcybKly5cwYxr8R7OmzZs4 c+rcybOnz59AgwodSrSo0aNIaQJLyrSp06dQo0Z1JrWq1atYs2rdyrWr169gw4odS1aqzLNo06pd y7at27dw48qdS7eu3bt48+rdy7ev37+AAwseTLiw4cOIEyteXHIO48eQRZadTLmy5cuYM2vezLmz 58+gQ4seTbo00MioU6tezfqi6dewY8ueTbu27du4c+vezRsrYXmtgwsfTry48ePIkytfzry58+fQ o0tHHWw6x97Ys2vfzp209e/gw4v/H0++vPnz6NOrX8++vfv3d7vLn0+/vv37+PPr38+/v///AAaY HXwEFmjggQgmqOCCDDbo4IMQRiihSgLuNk2FGIY2R4YcdujhhyCGKOKIJJZo4okopujfhCy2WJ6K MMYo44w01mjjjTjmqGNRAezo449ABvmVi0QWaeSRSCYZl5BMcphDk1BGKeWUVylp5ZWqUanlllx2 6eWXYIYp5phklmlmkFimqWZiZ7bp5ptwxinnnHTWCdqaeKp0QJ4h2ennn4AGKiiAfBZq6KGIJqro oow26uijkGo06KSUVmrppaZFqummnHbqaUuYhirqqKSWauqpqFb56aqsturqqzOl/yrrqLDW2ums uGJq66689uorRPD8Kuyw0OVq7LHIJgsmscw26+yz0EYrbUHXTGvttdhme6Cy3NKp7bfghttpB5B1 22Eo5qar7ro6ievuu/DGKxm79NZr77345qtvUvL2S96+AAcs8MCZ+WsweAQnrLCbeiw838EQS+fw xBRXbPFOEWes8cbYXuyxh+ICx7F1H5eM4cgop6xyrSa3TOjKMKPm8sw0hxVOzVzGrPNjOPfsc5nd /EwURPvsLFM3RkckNGlBLy1U0nUhDbVDTofWdNVY13Z11lx33dvUYE+rTdhkl222PV6nnenZbNOl 9ttwxy333IO2bfeSdOMHgL53D/8HQLZ537c3330XbvjhiCeu+OKMN+7445Anqk/kBE1O+eWYZ+5i 4PjKkp/moCvN+eikl65d6KinrvrqrG9k+uuwxy777Py1bjvatFe8CGy3t5777/z2LvzwmQP/uyLG J78V8cynVF3z/iov/fTUV+/lhWNCr/32fVvvfU3cY/79+OSXb/756JMe/uXpK78+5e3HL//c7/tV dK/z56///rImw/9THslCFupHrB/kRYACJODGtILALPzvYippoAIdN8AJvuuBsLPgcwyhwQ6SDIOm 82DiQBhCER6OhKUz4QlRyMIWuvCFpJEADGdIwxrakGsqNFzetHHDHlYth4XzoRD/hxgqIHaPiEhM IqCMeDcl/pCJbduPH5zotClSMUrF8QMUjeQfK17RZ1784o+Qo8UtskiMaExjl8x4NjXWjI1wjKMc 50jHOs7LjXjMox736Bs7+jEvZ/gja4g4OD4a8pCITKQiF8kkQTrykUVi5MQguTJJOoySmMwkgyzJ yU7qR5OgDKUoR0lKu3mSYKWE2ClXycpWuvKVZ0rlwWCZL1kajJa4zOVobBk9XdKLl/3ypTCHeRlg youYyEymMp1mzGY6UzjLjKY0q/LMauZwHdbMpja3yc1urm6ayPLmtcBJznIWRZzoTOdczIkrdUaL nfCMZ07cSc962rON8sxnPO/J/yx9moqfAA3oHf0pKoH+iqCkMqivEMrQaCr0oRCdSEOLGFGWTfSi wqyoRjd6EIxaiqMg5ahHKxVSVo30pChNqUpXytKWulRf5yBcSWdK05oi6qU4TWMNcGJTBIWjp85x A1Dfl9M5DTVSRZXTUSH1FAsk9amcS0BXlvooqL6JqljNqlYJZNUACaGrA9uqosAaS7HelKxo7aFZ 18rWtrr1rXCNaz+BJ4j2yVVNac1rDe/K17769a8a06uYAJskwYaJsIhNrGIXy1gXDaGx1jSsZFEI 2cqaZxUe0YVlmTdZL202Qp0NrWhhRweSfvZBo02talfLWjKd9rXCa61sZ6takfxYDrbLoa2QcLtJ 3QKJtwvy7W+BS9ziIla4yG3SN5KrPuM697nQje5xXqMF5npHuu6xrnZBFI/ubqmy3Q1vPLDrnvAq aLs3Im970Gsj9bKHvfCNm3vXE98ZzbdBJ7ivfvdruzb0pb4y4q95ABwjAb+IwAhOsIIXDKJKMBgs Bo6whMWZ1yE8+MIAcioKQ4Dh+0w4PB0W0YdHTOISm3ggIQ7RiaOT4hZfcsUwjrGMgWsOdxkwsi42 CgAKmWMA7bjHAvrxTiABZPsIuT4zTsiOk3ycJTO5OE4eTpFrcuTaJflvyJmylrc8KBmM8clgDrOY x0xmknD5zOkqs5ptFRAAIfkEAA8AwAAsAAAAADwC4AEHCP8A7QkcSLCgwYMIEypcyLChw4cQI0qc SLGixYsYM2rcyLGjx48gQ4ocSbKkyZMoU6pcybKly5cQ/8mcSbOmzZs4c+rcybOnz59AgwodSrSo 0aNIkypdyrSp06dQo0qdSrWq1atYs2rdyrWr169gw4odS7as2bNo06pdy7at27dBBcCdS3ctzLt4 8+rdy7ev37+AAwseTLiw4cOIB9ddzLix48eQI6clILmy5cuYM6dNzLmz58+gQ4tGqLm06dOoU6te zbq169ewe46eTbu27du4Ncbezbt3agC+a+YeTry4cZgAjitfzry585DJn0ufTr369OjWs2vfzp0z dpiw9gb/H0++PFzg5tOrX8++K3rz3ePLn//yO/f2+PPr32+Uvv//AAYo4IAEFmjggQgmqOCCDDbo 4IMQRijhhBRWaOGFGALG34YcdujhhyCGKOKIPp1D4okopqjZISq26OKLNGUoI4MszGjjjTgq90OO PPbo449ABinkkEQWaeRhMCb5DwRKNunkk1BGSdeRVFYJoJRYZqmlTlZ26eWXYIYp5phklmnmmWim 2dCWbLbp5ptwxinnnHTWuZqaeOYZmJ189smenoAGKuighDbn56GI+lbooow26uijfSUq6aSUVprf e5ZmqiljmG7q6aeghirqqKSWauqpUUGq6qoOoerqq1Cx/yrrrAXBaquLi1hG666y3urrr8AGK2xS vBYL6bDIImvssp6hcGWy0EYr7bTUVmvtnMxmq+223A557begdivumeCWa+656J447rpjpuuun+zG K++89Mb37r111qvvvvwua0a/AAdcEb4Ep5tOwQgnrPDCXArsMIYMR+zkwxRXbPHFGGes8cZemsPx x93icZHEJMMI8skop8xvySy37PLLSJVUgMo0FwbzzR7WrHN1OPfs889ABy300EQXbfTRSCet9NJM N+30007lAvXUVHu689VYZ91o1Vx37fXXYIct9thkl2322ZdprfbabJuJ9ttZtS03bXBDi4R+c+cd Wt18T/+l99+d9S344IQXntQmhieueGSANz4uFY5HfiYjknO2+OU/Va55pJh33vDmoN/l+eg3hW76 S6SnrvrqMp3u+kqsk/767Dx+QPu2seeu++689+7778AHL3y1txcf0vDIJ4+08cx3pDzfzUef0fN1 S++oFgNSrz2WvWyPmvXgT+T9+OSXb/756KevPlnht+/++7qVrMn69NdvP8MC9wD//vzPdj/V/Qvg dgAhwAIasFD/m9oBL+KFyiXwgcmTRrQWSMEKWvCCGMwg/5qgQcTwwEgQDKEIM9XB5o3whChMoQpX SL0SMo+FRXOh8WBINBkWj4Y4zKGSbMjDHvrwh0AMIpD/dAg0IYaOiD8zIuiQ6DMlbo6JUAQWB6II Q3JQsUkg8JoTt8jFLnoxR1eEU6fCKLExknFhZmTMFwllnzXyZRe0O6Mc5xgbN9pDA3bMIwLpyMc+ nkaPc/OjIAdZGUDKjZAIM2TbEMnIRjrykZAEkSInSclKWtJ/kUTXJTfJyU56Mi+ZDCVQKCBKpXwS Ugg4Zf9KWS5VpoyVsIzlU1yJMlna8pb9oSXIcMnLXspGlx/zJbSAGUxhKouYG0OUHYw5y4sZA5kC YeawlAgNzUnzmtjM5qmgqTFt+oqbGfPmrcCJMXGa85zoZAwj/khOi6XznfCMZ5TaSc96Skee+Dyj PbMF/4B+ii+fodqnwwBKUCgKlHYBOKjbCsrQhjqUPBPxp0LrJdGJFgsoaXyoRjfKUaE4oKMgjaRF V+anLoT0pIka6b7mJA+U2kSlMI2pTG/o0pqab6bysimfcBovnfr0p0C1Ck/ZNZULeI0FQU2qUpfK 1KY69aneG+q6oKolqZqkjVZlVkWzqi2sbmQNXDWTV8MKIRUcZqtkNdZYvXXSjMIprSlBK1x3tVYf UfWueM2rXkk012Xt9Ul9DaxgB0vYwhr2sIgdyF8X6yYzMPaxkI2sZM+V2Mpa9rILnVYcZInZzsp0 si3y7KJAS9rSmva0ZRHtHlHL2ta69rWmVO2gYEvb2ua6pQK2zadsZ5vb3rZst2FtB1x9S1ySAfe4 yE0ug4qLH+U697nQnQ9z28ORDUTXRtP9KR3CtkU6SC59281uesLbtS56t3HrIy8AUcaP67r3vfCN 75rES9/62vek8s2vfvfLX3fedzyswoBh/0tga/X3wEYssIKlheCTHaLBEI5wXxdM4WNK+MIYzjBF KszhDnuYlRoe4odZE+ISm/jE0RyxildsNhS7+MUQZrGMwwXjGc2YnbR7Q413zOMez/DGQAbeNhbr 4wsFWTNFTrLpjszkJjv5yVDmKJPMomQKRfnKb6qyliUXEAAh+QQAFADAACwAAAAAPAIlAAcI/wD/ CRxIsKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyBDihxJsqTJkyhTqlzJsqXLlzBjypxJ s6bNmzhz6ixor6fPn0CDCh1KtKjRo0iTKl3KtKnTp1CjSp1KtarVq1izat3KtavXr2DDih1LtqzZ s2jTql3Ltq3bt3Djyp1Lt67du3jz6t3Lt6/fv4ADCx5MuLDhw4gTK17MuLHjx5AjS55MubLly5jL Xsn8d6fnz6BDix5NurTp06hTq17NurXr17Bjy55Nu7bt27hz697Nu7fv38CDCx9OvLjx48iTK1/O vLnz59CjS59Ovbr169irw8jOvbv37+DDM//kTL68+fOSx6Nf71a8e5vs48ufT7++fagf7uvfT1e9 vQ8A5vdfgAQWGKBQB/oEIFACKmhggT8tGGGEEvbUoIUMMkiggxAaSOGFEHK44YcPLihgiCKimKCG F044VIMlloihPe/VKBNSFf6nI1EtUuighS32GOSLQw74444YgpihgjMuqeGRSjbJo5NJUunikUYC iSWTCCLJpZRX8idmZj16GVSZYJ7opZBWMhllkUjmB+OZLpZp55JRmtllmDqiSSefc/KpZ5VUounn mIg6ZmhRi9Ipp6BwZqjknXFWWiiYmN6Z56Fp7nlUnhNS+qWkf2JqaqKoAsaQoR6OKmifTbLx+eqO c1Jaq6sDrvhgrgdqeuWuVrLKKahuenrqo4W2KqCNzOoEY6+MvthloLLiGiuheF6r55vGmirniKcC alSOlzraraiRNtrsuip9au6U3WKrZrDSzoisk/feK66o1uY7q7juGutrqd6CK2WjqSYc2HhDHupn kZMSPOiatF56q8T69pvtl5ya2fHEkVqKK7rlEsXuyTfmmHGbWEoYZLXHPpnlzDTXfLC3CD7b6cQA 03uuzloGDWnJIPeE8tEiKTUisOECSSy5KxbtI4fnEqmrhw+r7GirVFvL68M520luihmDCuzHCis8 SNpst+3220cFBAAh+QQAFADAACwAACQAPAIlAAcI/wDtCRxIsKDBgwgTKlzIsKHDhxAjSpxIsaLF ixgzatzIsaPHjyBDLvxHsqRJkiJTqlzJsqXIkzBjypxJs6bNmzhz6tzJs6fPn0CDCt3psqjRo0iT Kl3KtKnTpxptQp1KtarVikOzat3KtavXr2B9Xh1LtuzVsGjTql3Lti1Qs3Djyi3qtq7du3jzypzL t6/fv4ADC8ZoU0BBwwQRC1QsoLFjxwMfLzao+DBke48bJz6MWXPkzKA9c/4smXRpyqI7j/5sOXHq 1Jg7n94cebXDyqZlg3Zt+/Jk2rVj29NLvLjx40IZVja8vDZu4aydU0a9Gbfn5r8PYs8+mXFr6AlF X/+3/j26eMSwmZePvf35QvXRubtXTfu8fPDoB+vf31Sqd+/S2QZecMARWOBvAHLX24HwDSjcfAx2 F+F/CubX3HMXAgchQg06eGCACK5GYXaIIWfiiSii2NCI+Dm4nYADzucefORxWCB5CVb3nnbsTSjd jD2CqGGMHu6YI488ZjgddA0eyd+TUKbkH4hK3shhaDAqKCGG4Vmpo5bs7fZhkEdaKOF0+Z0pIpEb 2uhklg8KGRyLAKZo5514srUiiXxWOKaLIkIGpG8G9jYbk2B2iCRnANZIo4dNqllfoTIS2mebMs4J aYicFhnlp6BeJFWQpOpWI5iAfqjomacu2adpaTL/uiOamg4pKZW3Inhom9qVhqmNIQKpZocl5mns sci+tSeLiEboaqFsLpkjhC+2p2WsXU4qZ4LYxvmjq2VKxK1CmQbYaqS8hqruuh2lFy6lVUL7WozY vnmfttt226t5621KH33WKXrdghA5Wi2w5jG2XMB/suvwwxSdS7BlA8Ppa2YTwmYglzhiDKvGi83L 25gLv6iamH5CO+vGlpYbn2yLpgzxzDTXbPPNOOesc0Oj7uwzzskGLfTQPf1stM1EJ6300kynZYcd TUct9dRUV330Q3ZcrfXWXNNV9ddghy322GSb1PXZaKetNkhlt+3223DHrdfadNdt9914520zMnr3 Qw2R3IAHLvjghBdu+OGIJ/6234w37rjDikcu+eSUI/f45ZhnDljlnHfu+edaaS766KSXbvrpqKeu +uqst+7667D7HRAAIfkEABQAwAAsAABIADwCJQAHCP8A7QkcSLCgwYMIEypcyLChw4cQI0qcSLGi xYsYM2rcyLGjx48gQy78R7KkyZMoU6pcybKly5cwY8qcSbOmzZs4c+rcybOnz59Agwod2lKk0aNI kypdyrSp06dQo0otSLSq1atYs2rdyrWr169gw56cSras2bNo06pdy7at27dw48qdS7eu3bt48+rd y7cvXrGAAwseTLiw4cOIE//zy7ixY6qKI0uejPKx5cuYM2vezLmz58+gQyt1KZCfaX72TqMuPRD1 aYKvU8curVr26ta3a9N2DRu3aYO/dweHfbt17+K5X6tGPju2btvJcx8//lxhbeTQo/Nm7Ts78OHY l/f/Nr6bfGrjvHkbxkK5vfuX58fHXy29IH3r5Jmbrw+eO8Lh/tlXXIDbcTfggPvlB9yCBlKXYEMH TmffhPHJV6F89z1InIIN+pfeeai9J+KIkSEY3oUmBsjgfBxix+J9CI7nIoURoiehhRZmWCOOBYLI oor/regjjkNSCGSEM6YII40+LqkeiVBGGRh9v4W3434AYulihh06WZ6MRP7om3ISKjcbgR4Gl+KN QxZoIoBvXufcd0GaZ2eRFa75IZh7fhiilIAG+hNDJ9o4450XeojinC3ihqKAcB5U3aOFshbjo4ni qWKPbta30JqWGmmjkKCGqiGWiXqpqmis0kWadPwp6yrqkY2Omieat9rpqa45YgprnbmCaSSXeO6K X6+lisnrisQa62uCeyIk6LTUDiUcdNDCWeWZGnKKbXlJnpkkqb1+e614Y3ZX3XPiMiorhGSix268 izr75bWIhrvjr09W6++/LLUq8MAEF2zwwQgnrPDCagHs8MMQRyxxlAxXbPHFGCM18cYcd+zxxyCH LPLIJJds8skop6zyyiy37PLLMBOV8cw012zzzTjnrLPOMffs889Ak7bz0EQXbfTRSCet9FFBN+30 04Q1AfXUVFdt9dVYZ601x0t37fXXYIct9tiibW322UDRgXZOAQEAIfkEABQAwAAsAABsADwCJQAH CP8A/wkcSLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2rcyHEhnY4gQ4oUaa+kyZMoU6pcybKly5cw Y8qcSbOmzZs4c+rcybOnz59AgwodSrSo0aNIkypdyrSp06dQo0qdSrWq1atYs2rdyrUrypFgw4od S7as2bNo06pdy3ai17dw48qdS7eu3a9t8+rdy7ev37+AAwe+S7iw4cOIEytezLix48eQI9tkKNke QpyXK2uuKrizZ8GVM08+uNlohZenH6e2/Lm167YlAcgGYHJ2bdqxac/Gnbv2Sd2+g8e+Tbz3bt4l RdfMXKH5aucmV9tz/rx69OrPo5+ELv00de3gv1P/9978Onno09GDL6k+tXSZ7b+zV7+de3vt9OVn n578tf//GsGE3HAEykYcbwgmGBxwvyFYnD0GGifVe/yxZ+F67lk3X3gXUpghfhyCmNJ+JKJE4YUo uocifOtVuOKIJoa4H4YVdlfajVAxNCCEKAHnI48FBonbkED6RiSQRP64I27K0YSQhzHaCKJ3NXZo 5YkqZrmdi/xhGWKVW6o0o4XlyZcemWHS+KKVMU6ZZopdxgjgnHSCtGSPPCq5YJB5CrfnkUn2uVtw Tc705HxUbiklmlSqWGN5G4p5JZeJdghpipc+eil9Lr6XaHZZetpmp5JqSumZb5KaqYV1tupqQi/d //kbksMNmluEChI4a28Q2kZrn1DZKOqicYKpn6qlWidsqjNWCmapcCoKp3gwpjlmtWi62WJ6kDrL JY7gIkWZrL8Gumut55ILLLq0ylqoTJeVyGa0jjr76bxfFvvst83SyxKx8oKaarQrQjmtjDSKeuqr DDdMWa8RQuznurpS7CCeRs46oG62MknaTczFh91519qLbMFlKpofemaSSmaZ4nHqaaaVZuiteaMi 6qjO3PbLMr80Oiw0neEWXdiJOCL92DFGN+300ysprZnUUFft5NBYZ6311lx3vZDVYIct9th2eW32 2WinrbZfZLft9ttwxy333HTXbbdhR9yt995Qr3/t99+ABy54RHwXbvjhTQ+u+OKMN8414pBHLnlj jldu+eWYU0RF5px37vnnRE8u+uikl2766ai//TBT73rVuqGgxy57wwLa5mDEBtp668SlCeC7APb8 DnxJwwcfvO+pJ6+8SjqmxCDuDP4qPV4G1XVZ8cSbNPz22vc3+/fg+xcQACH5BAAUAMAALAAAkAA8 AiUABwj/AP8JHEhQIAB7CBMePGgPAMOGCxUifMjwYUKEBQde3Mixo8ePIENyzCjQnoCNJxGmXJkw JcmXMGPKnEmzps2bOHPq3Mmzp8+fQIMKHUoUpsWJDZFGjKh0I1OJ9l6KnEq1qsiXKS9mNcl1q8ui YMOKHUu2rNmzaNOahWiRYtKlDis6TXqRoVSrePNSxapSwEmvJrdyjaq2sOHDiBMrXsy4oFW3SOk+ fdpUr+XLmDsC3jxYZebPoEOLHk26tOnTqFOrXj2zLlTJlWFHPmqX5OrSUrP+bem589fGwMneC068 uPHjJUPGbftaady6DhU+p3u7+ke/fgNn7911u/Xv4MOL/x9Pvrz58+jTq1/Pvr379/DjX5Up/q78 jfYvI9/Pv7///zlloxhrtt2nGoAIJqjgggyiRWBGBh7Y4IQUVmghghFmqOGGHHbo4Yf3LTdRdCNS 9NxyR4FYFW0ckSiiijDGKOOMHbolV2TU4UgjVS+SCBVlOwYp5JBE3mYjjje6NleRsekIW4pMRinl lFQu+ZaPskHnI5RCYpnjk15WKeaYZKrYY45JNjcmliyiWeabcMZp3kxtQvZlikflB+JkEqV50IWA BirooGmJ1OaVJkaHopNDvsjWbBWFKeeklFYaWmsSQhgjl1MR6umnoIZqk6WlcUrqqaimihmmMupZ nqiwxv8q66wFtlrrebTmqitMmOyaII2ukufrsMQWy5+I071mI7LINsdcss2qmVCwmLUFZaTRGavt ttyCZWhHzCF555KHZlmuqalFS1uaquJlQLvwRinGY+DOtZSTLOKpJLtufqkan/7yG+/ABMtJJ5st viXZdD1eu6hsJz6c562fsRkmthh1q/HGHAf1Y733juuavh+7Ge5IFFdcLr6EdTwQJS7HLLNjTY6s sMglOytuk+xSexllSbI489BEx8xwsspKF/GJOve5JdM5Z6wpaI5uWeKjLRet9dahFsyj12CHLfbY /pJt9tlop6322my37fbbcIfNqoo+h8f13XjrinSJ6yYurfTTSju1tKKOSk2zaIkK7mJteTfuOIMr WmmtzQlDl/PKjBqJ9MlZxu3556oFBAAh+QQAFADAACwAALQAPAIlAAcI/wDtCRxIsCAAgwMPJlQo 8CBDgg/tAWCokCLCghIxatzIsePCiRBDJmzosaTJkyhTqlzJsqXLlzBjypxJs6bNmyv/6dzJU+dI kSQzCs0YMWjQikcxFh0qtOdOmg6VAhV60KnVq1izat3KtavXr2DDih1LtqzZs2jTql3LVqzEiiAf ImW6lO5RkHcdTpQr8mpNvD8/Jm1LuLDhw4gTK17MuLHjfygj8n0LmOnUvUgtjlxaF6dBzRqjWvZM urTp06hTq17NunXKrYGNzpW9ETRR2iQ597VqM6rkkEgfCx9OvLjx48iTcy25V2lzo0Pr2hYdvTnm 6agxN3yul2Jn1+DDi/8fT768+fPo00dWz769+/fw45eHLb+k378ulevfz7+////I1SfggAQWaOCB CCao4IIMNujggxBGKOGEFFZo4YXo/UbbdZTFFRuH2wkGkXXagViad5Vx9xyGLLbo4osLXRSdZRrq NuJPto2m400ldkQdjEAGKSSDP+Z2G40ISSfSXLPF9iFO1H1X5JBUVmlla1tlhpdvVKm4ZWeTwaUZ iSnu5tRLgK24JF4Atunmm3DGKWdWJhopmoab1TbiljPmKRVG97lUGZIIzWnooYjuN0OiidmjiUlF cdkkoTbaNZtFle4o04+ZhXblp6CGWhN9OoLG4alO9mmkbGSmaWZPgnqguRmZAjFq66245jqnqDB9 x+uvwAYr7Gm+DmvsscPqquyyzDbr7LPQRivttNRWa+1TyGar7bbcduvtt+Ame+245JZr7rllhavu eY+s6+678MYr77wHFkvvvfhCWC4A6Pbr778AV8tvwAQXbPDBbg6M8MIMN+wwYgo/LPHEFFeMVcQW Z6zxxgRjzPHHIEtcpb35lmzyySinrPLKLLfs8qcBAQAh+QQAFADAACwAANgAPAIlAAcI/wDtCRxI sKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyBDLvxHsqTJkyhTqlzJsqXLlzBjypxJs6bN mzhz6tzJs6fPn0CDCh1KtKjRo0iTKl3KtKnTp1CjSp1KtarVq1izat3KtavXr2DDih1LtqzZs2jT ql3Lti1LkXDjyp1Lt67du3jz6t3Lt6/fv4ADCx5MuLDhw4gTK17MuLHjx5AjS55MubLly5ddYt7M ubNet6DNClRFWtXo0qZHEzRdumBre6gRxj692jVp2Khv49Zde2Bq1b57BxeuOvdw4r9hI8/9O3Zy 5atvM39+mvdu6tdbP2f92nf37d51g/+Pbhw8c9vWr6NvPjt16PdWGyZn3bv58frEgQO3Tn28fuj3 zRecgP8VSN9w/SE3oEH+GcigawkRSOBBExZ3nIQQAqhcgwrWht2FAYaoYYGelYgYdub9hyKJ+W0I YIIdRmihhgfqB+OCCFI4o4A3jjhijz6yCKSIOEKXYIoPtqgihB/aSGKNRd5n4pR5ubSihz/qGKSU LtqXIZGy7YjlmF/OuJ+WB/KY5JNlOqhlm1tW6OKZTNa5Jos02hkmnWRGCRx8gHrFHpQbDvlid1ym yWZ+s2WoqJNKZolhko++WGZ/57X54aA+bkqec989iORu2aUX4HmZhudln8W1J1CgsGr/NaqFHAoJ Z42EZrknmbhK6amHja5o36oNAmnsrmZyueSYq/pJ6LPIzkppop1Wa0+s2FolbaVBXkntsHdu2S17 n9bqoLe2eVfupeEe+2ayeMrZa7Xb6nqntF+mdqSoSWbrr1R5TmrptNTmqK6mMTLqa6QDN/nuwGDa u6iyy8qZ8JwQQ9wstO/iK9zGIjb578hCOVResMBuJx6in56KHqMsL+wmntUp+yuIF6vHIaIOG1dd zwpP2GjN65qbZ8osC510qHBS6fTTUEct9dRUP61Z1VhnnRnJXHft9ddghy322GSXbfbZaP+j9dps t+021mnHLffcdNdt991456333nz3Qe3334AHLvjgNL1t+OGIJw4Z4Yw37jhaikcu+eSUV2755Zhn jtjjnHfuOVaahy766JZ/bvrpqKeu+uqsAyXKTwEBACH5BAAUAMAALAAA/AA8AiUABwj/AP8JHEiw oMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIB2K6mivpMmTKFOqXMmypcuXMGPKnEmzps2b OHPq3DkzGc+fQIMKHUq0KNCQSJMqXcq0qdOnUKNKnUp1otGrWLNq3cq1q9evYMOKHWuzqtmzaNOq Xcu2rdu3cOPKnUu3rt27eB2S3cu3r9+/gAMLHky4sOHDiBMrXsy4sePHkCNLnky5cs634/Jq3sy5 s+fPGC2LHk26tOnTgO+hXs26tevXsGPLnk27tu3buHPr3m0YbhXQwIMLH068uPHjyJMrX14xEfPn 0KNLnx7SOfXr2LNrx27dIu/JQ76L/x/vOBHP7ejTq/9Ib33D7u7jy5+flF57+gXheyfPv79/lvT8 Z5J5P+Fn4IHz2Yeffhe5ZIaAEEZYW4D9EVjgQhLyheCGTinIIUgZ7vXhiCSyFeKJKKaoYkoFtFiA PS6+WJKMMMLY4kkumhTjizTamOOMPcbo441D4vjjj0PSSGSNM/rIZJNALvlkjTs+qWSUPK4YVDha dukSQ1NaCeWVOI6JUpAqLdljmGvq6KaMcKZJ5pxzrqQmm242ueaLJXoUTjh9BtrQS22imWWeecZZ JqKJQslomIgequiicaJJpZ4sSQpplpou6uVPf34qKkxw3mjonmeqeaSRd1pJpJBRpqD6qqqtlnqm mZJKWWmRmB7qJKSj4vQnl8EWy6ivl1r65qPK6ojksnZ6yumjvCI7qameurppsiwCa+xNoX4b7JV1 ikmpo+iiyqy3U5JrZradMmkpmeluO+2t4m5JbL7/gVkkrGI+S66QBBNcJqxVAoylozwaDC2V2EYq 8MEA04uwPYIy9WfGHCPEr1AdhyzyRh+XbPLJV42sMlJvrOzyRgEBACH5BAAUAMAALAAAIAE8AiUA Bwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWLC99g3Mixo8ePIEOKHEmypMmTKFOqXMmypcuX MGMStEezps2bOHPq3HnzFs+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq16k2ZWLNq3cq1q9evYGNa HUu2rNmzaNOqXcu2rdu3cOPKnUu3rt27ePPq3cu3r1ESfgMLHky4sOHDiBMrXhwUBuO0YSNLnky5 suXLmB0+3sy5s+fPoJ1mHk26tOnTqFMjDM26tevXsAernk27tu3buDnG3s27t2+zZFjnHm4wmnHi yJOHJUP8N2jj0J1Ln640eGvl2AlCP/5SSfbvqpmD/x+fnDv58+jTG6TOvr3795zVy59Pv759icju 69/Pv7///wAGKOCABBZo4IEIJqjgggbC5+CDEEYo4YQUVmihZwzRJEVTG9rUIVEfaphWiImReCFZ JholRYonlsWiSTfpgdOGNAK14oo5kcgiTzrq9CGNNy4V4pD27FikhyBKleKNOAplIpNR7dhkkUYa mWOQU9V45JVT+hhXjyIyNaWUQS4ZppNQ2pjjTVaihSWPP4GZJJJrivijUkTW1GaeTipZZ1Fy+unj j20OVSiHZ7KpJ5xwPbmlmHsqOmNSh+4UqFs1VsllmFCWSaidWw7Z5Z13Xqnhm2kmmumbqp7aYaqJ Uv+pJ5ZNpgrroki+WiuOo0p6ZJq21vorkERmeiqoxH5KJ5vCJusqna8OS2WXj+qKLK/NTivrsdMS ai2z3C4arZ3YzjppqL8uy+2uoe5KrarujtsprZWiqKa2pFaL7qPSpquuuGdqmi+8neo7a8Ggtoqr lv4y7DCX5epbqofCJuzvxUByOqmx4kY7MJ+49jswtMgGvKyWGe8rssYAW6xyrn9+rPDC5M5YccsP TxzyyBxjzK9VGfbZcroyt+vwu47q+u7BEofMb88g5+y0qLx2XLXFZp5M888wY92017HK+yzP3f77 tcE9Govy1PRerfLD+5Y5dNkUM6x1wvJSCyzXXePU67XOJv99tpYyzemz1Oh6vPW/a/ua+NBR+zz1 4OryaTfZT/s6sd2Kku355Fuv/fmfJm/utKzZGhz23ZgrfrjZj5/7teuRc965xq5Lfvfro8MIFbAV I5w33NUiffrPcnPKarF0g962jm27qjTatDJe97NPo+ppvExnvrykyUvOqvTYezs962DH6nfAN4u9 vtHYd+/owY2f36rttpYPv+psj9tw+P5r0b2oUi/HqeiAarkUYgoowMcwsIFneaD6gjI+vSjwMBKE YGEqqMEOevCDIAxKQAAAIfkEABQAwAAsAABEATwCJQAHCP8A7QkcSLCgwYMIEypcyLChw4cQI0qc SLGixYsYM2rcyLGjx48gQy78R7KkSZIiU6pcybKly5cMT8qcSbOmzZs4c+rcybOnz59AgwrtKVBK RqMEkUJUCjNpU4xMnx6MypCq1IdDs2rdyrWr169gexodW1WK2akFrS5Ua8/sWbZrlZ41SLZtWrdF 6VJ0Czdh34pR+Tb8W1ct3qRyDyOeS/VvwrCQI0ueTLnyzrZzFfYNLNGwxsyZnXrOi3ai3M4gOZPW 7BDpaKagB6q2W3qi5du4c+vefZMsXKuHXeMdnjhv4bTIMb8NHtq33dNj68qeLjw67ee0Q1/P7no6 ZtLMGS//l11duFPvoLujN/5d8PnT2c+vLjweOveiZ3nvNKK/v///Na3mF37SOcdefNR1Bxxj1xW4 HXsGYqfgW9Rtp95z6sEmGngIRuhghvHZJx92FpYYIoIWNsehd/ORuCKGHCoF4Iw01mjjQxraJ2KG FBLI2ofrvXeghAIqp6CQQ7onYHQMlucikCEOV+GITFZXonPHLZkigywaOSSKBQYnkI1klmnmVhyJ SOSBRz5Z5IZqwrcikBcWKR2YDdZWJ4k5Tsnnl2q2aOKd7bUpZ4cb2omchnke+uZVkEYq6aSphQee lB32mCd5XAoGnYrvYUqoamJ6CVtziinXpajidXqpg1ue/2rlbCAeGmiVeoXKo6aqpkrpr8AGK+yw rBF7lWPGJqvsssw2SxBOzk6lXbQpIUvtr2dmq+22Nl3r7bfghivuuOSWa+656Kar7rqRWrvXU9Me +2BrMBEmkrupuYTvSvsOeBS7LUUora/FGhavv4Ml9yVdBAM2b8IjDobpWlU9fBe+jCKk5EV7vutn xJwijGRrnm6EcXKOZRwkwBof3CWOj6KYpsIWv/xZzcV6HJG99uKca8UddWwayDa/SHPR9MY89FIo S2xzv+YK/DObrX7n48pVN2ln1VoyCTJ9F+JKoNj0kTenl2NHLLap+OXc9shcx+v10xUa2Kp5sIaM 9qrcLf+nXdjivd1jeMBxaiiXfa9dKoxmK/l3pm1bube6hHka9qZvKmYo1QqPypfUfVsdZ6N+Wiez h6Rv3aabWdZG5bS26tXYz6a7uuPCoxtOYe5Xpz4llPPKWXvpvgM/aot1rv4n7yxr3HmQsyUpKufy Hf87zXkbX3yDlmq+PVrarz21qh8vTvCesydpeOrKf9+1+25KfxzzgsbPOvGjk5ogqKIPDr+z0Eoa i4QXPCQx6nDPi17ekDfA7eWPb3+6X8xQp6OjDcqA6iugoqqHuYxlyXr2uxL8QMSmEtKvgyh8oPoC hafCXW91DuLWSUyGvbjpTVDTW1NgEPe+802MfGx7FdnPFuOjCgpxMTBMm+QaY6kG9oprooEd4TDX q/U46mqx+93EPNi7JYaOivW7k+amCJ8x8jB+qTqg1sh3xea5kXIWGc0biUbDdUFtjnjMI79cFpc7 2rFSfjRWw/RIyEIa8pCITORVZMjIRjrykZCMpCQnSclKWvKSmMykJnmiyE568pOg5MgkQknKUpry lKhMpSpXyUpWbvKVsIylLGdJy1ra8pa4zKUud8nLXvryl8AMpjCHScxiGjMnrUymMpeZzGM685nQ jGZumEnNalpTkQEBACH5BAAUAMAALAAAaAE8AiUABwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEix osWLGDNq3Mixo8ePIEOKHEmypMmTKFOqvAhkpcuXMGPKnEmzps2bOHPq3Hnyn8+fQIMKHUq0qNGj SJMqXcq0qdOnUKNKnUq1qtWrWLNq3cr1p76uQ3mKHUu2rNmzaNOqXcu2rdu3cOPKnUu3rt27ePPq 3cu3r9+/gAMLHky4sEywiBMrXsy4sePHkCNLnky5suXLmDNr3sy5s+fPoEOLHk26tOnTqI+2Tc26 tevXsFEbnk27tu3buHPr3s1bJ7+BvwX+Di4cOD/ixoMfP25w+fDlwKNDh967uvXrZJES324PufLo Bb8j/0TeHbz48gR/x17Pvr3791sbDi9/nn74++ib65eev79/7AAGKOBN883XnXMGgqcgdeYx592B +BU34IQUVtgRUvYZ+CB5HO4nYXEb9sedQPCVaOKJKKYYVoHoPZgfef91CKJ5H8Joj4o45qjjjqPV qOCLzIXnIIPpTccgd9QRx+OSTDbpZFUWRinllIVhyNaTWGap5ZZWUunll2BWBFmYZJZppl9SFJRm RGtS1GZeb6IUJ0RzHlRnR2nGKcWdGO3ZEJ+AAapRnrZZuaefBukp0Z2HLiTonIIKFOlFhNrzKEGT uqmmpXRK+qdDioLK6UCZTlRqqQ9dmuigmyq0Jqp5Nv9Kapt+ElqpqKSOmtCbk47JkKq5srnrr47y 9GqxwZaEqqe6uoqrqc0u2+mzGwH7UajDNuvorZjSSqu2nybrrLg2IVWnrK82qq63nlYKqaSyWqpu ruty6m66vMqrJ6Lo1oqvvO3GCu+siA6sr5rojppwu/DWqq+3BQN8KLvdFsyvv5g+nOixvPrL8cEX 7/svs/baG2/IkOKbrsG2rmxyyACz3G+3DSOsscEZc0tvybYqjHKrDE+8arD9IurruPMGvbPCOX88 9LdQL+0zwyVv+m6y7lL98bFMf0u0uFBz3TXVPEudr65ZYz02yWSfWzWzYcNNttrYCox2zmC3zbTJ bJf/rfXfUWd899d/fx2v0j33rDfB84Ydq9CBg0tTvlEHznXSBz9t9uCX07sw4XkXnrbiKg8uN9uR e5115ZuD/vjZL3eOd9+NC5766XVrezvcDqOO+b29o+2w5QEHr7PYZzve8cm2I/72rbD7rfvsz7uE 4e3Q77066K7f7XXVkYcereDgi17++KiTDHv2cjstPfunv02+zvJXbzj6uyM///SLl/89+udTX/u8 N0C6tep/+gNU9DqXOAKmb2f/G9/tONOwkZVOdr8Dm/EqyMGEqc5jTRNZzbRHQgz+zHYRu9ny9qcx 9gmNeiPjYM0+Zz+CyQ9iAuxaCmnYQcbZMIIZ9Bm3Pf6VPRO68IAptN/hPIct51lQfDxbIv5OeLQz rURalLKiFhdlESxu8S1eXFQSv0hGO3XxMKopoxrXaCGtBAQAIfkEABQAwAAsAACMATwCJQAHCP8A /wkcSFCgvYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocSbLkwYIoU6okaLKly5cwY8qc SbOmzZs4c2JcOVCnSyk+GwINunEo0Y9Gjyp9mPRiU6cenzpMKjUjz6srlzLdirBq14Ne7UkJy5Xi 2LNilVKFODTs2IxkW8b1SVbqXIlN22LUWzSq2bSAtdrDKpjhW7BsEU+9i/Tr0cOBhSoWyvhx4YR1 5Srka5EzXL8TgXrmiLW06Z5oxR4+2/atUdGuX+uFvZb1ZsCtZ6tWDdlx7t1gdf8GLjk45N7BJ7dG vNx48698U4vebfs27thdhRtPzjtv7OO5ZX//x4x9e9rn2cMvXC29+XT2zNvDzu6ce/LqwPHfT53f cfrh5KkXoGz0nUfbU+0xx91pDF61loIQBjYdbhSutp6EmCn4Wn8YZkhhhfFF6KFh/k1oF4Sz5YWh Z9qF+GFkH0ZXoW4XblgidBFOeN6FILrIIo6T9bjjjEHuuKGMNA7pm39KPnikYjoq16GUNlIZ5HtS MgmdjA2WFtGDTUIJZIqujZjjiGWeOWV9MXa34mbIobklctJdl+Z2R/InoY58ZvmfmAbeGSVva754 4JuALhmmeGD2+eeTblaJVp9ITgqkonauydmhSlp55aWNukmoiUx6x6eeMoUqKaJJwlhbqRlC/2qo maR2Kmub1iFqHY2hLkoiqB1WGVmtUd6aJIK66iosksDyGCasKMoJIqSt3jrrsR5aO6isqkJrq4Z+ DqtmSYTJRyV7aUYnaG+OfkqouMvGCqilUKJb5JQAmjfsne9Wp6eTFjb7qYyj+mbvst+JF+yk7M4b sL7mCVuww8XiyWq9jqpoI72uLiwxm6j26+1w9LYbMb9odalyQZe17HJxL4MW88x00bzRyjzZrPPM Ie9cUWU+B60R0EKPRFjRSCet9NJMJ4Tz01BHLTXLTVdt9dVYZ601Tl65FRPRSIO9tNiUhY1XTh9v bTbM2eYqkoqNlWVmX22P5DWMieE9Vd57h//219CaffnzvZ8NqvZNR5/NNqY/mZSZ47uSdHdlZPdt ueAwVY4534qDlPZCU4cu+ug5fymgqOllSl2d+OmXOnjzou46uu4J556oDBfoL1WcEoenwqN6t9+Q 4M2Xscb82Zan8c/+Xi3uBv8ecaBwsom6fcpHb+R78G0vvJHKaX64RYlT6q2vb3L764/mjysksRzi SG202nrq5JmfE6tx3fADq/7G9VvR/sTErETNR2/405Ka4BewjMWvRuBL1GBIR0GUZKKCFJxY8+A1 JvkJjH/O81+pOGYiEr7uYoFqH6Z616aN3atkV0IZAa2HvmcRTETXguAMoZdDBZpQYiYkXhD/1SVD OGEpeXrCoBKXSDpsxUuE6WvW/YjXwg92S1yxa9/zcLgpvRUwWT3q4rfCSKL/3Yh9kcOhDV/UQS62 TX1LcuGPDIhFaB1Rgmlhoh73mBXTHY9O6TpOFDE2RyIO0k6mCpbFDIalaGXKhfLCGAj79bDp2cpe G/yXx9TDOreFbzTN4x1tJLmnRAIQkKcTJQfNBbwT/pFw4wtJ4iwjvs3F8paLw6XO+MjLXs5SJz17 W5x0qctaEhNxvkymEo/JzGY685nQjKY0p0nNalrzmtjMpja3WRFlevOb4AynOMdJznKa85wY5KY6 18nOdpIPnfCMpzznSc962vOe+MynPvfJO89++vOfAHWnQAdKUHUC9KAITahCF8rQhjr0oRCNqEQn StGKWvSiGM2oRjfK0Y569KMZLahIR0rSZgYEACH5BAD+n8AALAAAsAE8AiUABwj/AO0JHEiwoMGD CBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuXMGPKnEmzps2bOHPq 3Mlz5aCeQIMKHUq0qNGjSJMqXco05b+nUKNKnUq1qtWrWLNq3cq1q9evYMOKHUu2rNmzaNOqXcu2 rVusTePKnUu3rl2Nb/Pq3cu3r9+/gAMLHky4sNS7iBMrXsx4qOHHkCNLnky5suXLmDNr3sy5s+fP oEOLHk26tOnTqEc3Xs26tevXsGPLnk27tu3bq/Ph3s0bYb7fuoH/tidcd0HgA40LVE5cOHGCwZ0n Vz6ceXDozpFL1w4dO/Xhy7tP/wc/Prl47OWPV+8u/bn55tWzk6e+sP3y+ezhk3d/X7v94vw9h5x+ Bg1I4IH9paffdeZZB9+C/FlnYHPeGfffew+Gh+GB9DHXW1YBhqjhce/hR+KIAvr2XYAMnucefS+6 GGGJMI5Yo4UyUqihhy92WGJ+Bf4YHo9B2khjgxuiSCSRMwrJZJM+7ujkeQ6a6CCSVE6X5JMtwnil kSk+l5pbDPG4ZJFI4ngiiyIOmWKVaMYoJZvieXidmkqG2KKec5rpZph/BprljE9uuOebKIr4ZY5g 9ukbiVEC+ueXcKq56KFezpkkkHbSCSaDhfZWpH/7+cmpouOR2umdbJq6o4F48v/JJ46XziqjpftN ueeuCWI4oaKlAoklpnFeeNB32ymYaJeEQpprjWGCeiualir4a6OCShhsorxlBWecy0bo6rejZouq kHIuKieWOua56q0DHqrpeuzK2iyjxdp635qGHvtonueGu128kNpLLnjqmgnrtZ2u+W6/jeo2pmD3 8usrwIMKWqe5rq5b7ZYXe9oklC5+a+rBGEecckI3omsvxBaHrCnIMwf8Mba8ihzwyg2X7DKlSU4c WH/RwaoitOOyZyyNCBud4MBFR53h1Jf+unB89AaqbasTQg00tixbbWK46mE9tsNKS13g2W06PTKH adM8bYPxXqtnqWJvK6bQf4lv6vffgFuEGguDBW744YgbxPfijDfu+OOQRy755JRXbvnllSWu+eac d+7556CHfhfmpJduul6gnG4aNqq37vrrsGcm+uy0185U7Ljnrvvuhdnu++/ABy/88MQXb/zxyNfO +/LMN+/889BHL/30YAUEACH5BAAPAMAALAAAAAA8AuABBwj/AO0JHEiwoMGDCBMqXMiwocOHECNK nEixosWLGDNq3Mixo8ePIEMu/EeypMmTKFOqXMmypcuXMGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0 qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOKHUu2rNmzaNOqXcu2LUuRcOPKnUu3rt27 ePPq3cu3oNu/gAMLHky4sOHDiEsSSMy4sePHkCNLnky5suXLmA333cy5s+fPoEOLHk26tOnTqFOr Xs36dObXsGPLnk27tu3buHPrHiyi9+7fwIPf7k1cuPDWyJMrR01cxPLn0KNLn04ddO/q2LNr3869 u/fvqo2L/x9Pvrz58+jTq1/Pvv1j8PDjy59Pv779+/jz69/Pv79qS/7pBwAAARZo4IEI8jWgXO41 6OCDEEYo4YQUVmjhhRhmqCFmWWzo4YcgCpbgiCSWaOKJKKao4ooThejii8CxKOOMNNZo44045qjj jjz2WCCMQAZJm49EFmnkkUgmqSRyQjbppGUeZbDklFRWaeWVWMr45JZcNpbll2D62OWYZJZp5pkh hqnmmmy26eab2aFp1Dpy1rkTnHjmqeeefPbp55+AlmjnoIReFeihPGoxYqGMNuoUopBGKumklFZq 6aV0DUggppx2ypGmmnoq6qgRgbogqaimmhCoVDrq6qtFqf8q66y01mrrrZO2guuuvPbqEKzABsuT r8RiKuyxyM5U7LLMNuvss9B+tEK01FZrLUPJrqdJtmVdexA43oYr7rjTcWvuueimq+667Lbr7rsN vEjuvPTWa++9+Oar77789jvuuwAP6u/AKwZsMJoEJ3ziwQyTqfDDEEf8b8MUPynxxRhnrPHGHHfs cZIVhyzkxySXbHKfIqcs78kst+zyyzDHLPPMNNdcrso456zzzoDZ7PNnPAct9NBEF210sD8nrfTS TDft9NOTHi311FRXDdwDVmet9dZcd+3112CHLfa7UJdt9tmoja322uXFy/ZWaMed0dt0Hyb33Ztt ivfSPQH/UPffhmak99586+Q34IizdXjijJ+1eOOQM2XR4IRXfhDllmcuEOaaJx3556CHjl7npA8k +ulwl6766pmj7vrrsMcu++y0Z8u65rVzC0xa8uTu++/A23Z768EXP+zwyCfvNLouGO/889BHb9Ii EiqvajvzSa/9S9Z37/3M24cv/vgwfW/++einr/767LefowoPkS//P+4zPT/59eevP7339+8/9PsL oAAHSMACGlA+/9veAWOWwAY68IEQjKAEJxi5XlDwghjM4KsWCDMN5o6DL/OgCEdINRCa8IRJOkNd SCg7l0EAhTD0GAtjF8OSzfCGOMyhDoNUw2IFQy87DKIQ/9nVwyIa8YhITCL7hsjEJiZLiVCM4pKc SMUqWvGKWMyiTaTIxS72SIt08+LDwEjGMsJIjGhMoxrXaA8zqo2NcEwYCuJIx/u4cWx1zKMes3fH Pvqxenus1x+/FkhBbigXg7RbIRfJyDdxrpHNYhUkoRWqSUbrVJZEUiI3ycnAxKKTWfEAKLMmSp4F 0gOZTKUqzzZKq63ylbCMZctaSctazkaWuMylLjuGi136siPCaKQtpfbLYhoTIsM82jGXycxmEmss JkgmD51JzWNKs2jVzKY2t8lNYV5zaN0k1TfHSU7ChPOc6EynOtfJznZ2rpymdKc850nPgsFTZ/XM zz6ec/9PfOaTPtOQTj8HStCCGvSgCMXiPxGV0IY6tCkLjWgSH0pRWl6hop9Lh0kkytEiYhRgHZUV IWCYDXx99DB60E1IV3qfT/jrpO5iqUxnStOa2vSmOE0QTHfK056mLKdADapQPeLTdA0VTEVF11G/ lNRzLfWpUI2qQZpqrj3NoTWySCNVuSXVKinlFKcYSyC2KiK5gLWrSTorWo+k1rUSCayncGuR2jov 58CRrnLlEV7z+qOchJWsW+KrYKEG2MJWdLBFMqywEMvYxqZTsUhzrGTBV9EekG2yOYIssDCbWc1u kLM38uxnMQIM0OZHtNc8BmpXy1p4mtZGrS2UQWbw2trs2va27pTDzWJrJ9yyiLfAbaVv7Rnc4iay tvMYrnLzaNzmOve5UFruwqA7JulOl7pcsq6JsJsSQ3BXiNoV1HfHgobxfi686E2vet1qXiet90Dt ja9850vf+hL0vQfMBX73y9/+9sq+LvIvfwDcUDiQU8AI9pVQflASRxBYpT28Q4InLNcHW/jCGKYJ hTdMqwxniMP18TBhTCHiEtMSxChOsYojsgw1mrhC3AnDimdM4xp77sUTsrGO+ZuDHfu4qzjO8Y+H TOSLBfnIziuyktuE5CbDyIK/WbKUw+RkB00ZOlXOspa3zOXCXPk5AQEAOw== ------=_NextPart_000_0006_01C6F5C7.1E2C3AF0-- From qiftqqw@roisindubh.net Sun Oct 22 07:16:13 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GbbJN-0002jj-2p for dnsext-archive@lists.ietf.org; Sun, 22 Oct 2006 07:16:13 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GbbJM-0000l9-U2 for dnsext-archive@lists.ietf.org; Sun, 22 Oct 2006 07:16:13 -0400 Received: from [218.18.245.68] (helo=[202.105.142.30]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GbbJD-0005uh-1o for dnsext-archive@lists.ietf.org; Sun, 22 Oct 2006 07:16:12 -0400 Message-ID: <000d01c6f5cb$7280aec0$1e8e69ca@xh> From: "Dolls Hell" To: dnsext-archive@lists.ietf.org Subject: isgood game: Date: Sun, 22 Oct 2006 19:15:57 +0800 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0009_01C6F60E.80A3EEC0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 1.7 (+) X-Scan-Signature: 4ec3642ae9025e273a4a263d640f3300 ------=_NextPart_000_0009_01C6F60E.80A3EEC0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_000A_01C6F60E.80A3EEC0" ------=_NextPart_001_000A_01C6F60E.80A3EEC0 Content-Type: text/plain; charset="windows-1250" Content-Transfer-Encoding: quoted-printable Mtr Contact am editor admin Intl Developer Bibik cd Clubshare Forums = Club House. Cc manually delete am pointer or net is solves done is judges programmer = worry issue contain possible cs of compile typing csc separated commas = Pascal fa anything somewhere fb Consider in earlier brackets body in. Thrust emphasises factors of shouldbe borne mind attempting stable is = mud matter or whichare straight respects am eg bychoosing whimsical = rather ones Roush it worthwhile synonyms Urdang Manser elicits fourth is = isthe examples! Conditions of Loops Meditation Fashion am Worship Scenes Trailers = Richard a Bartle Mudsa Diamonds a Spades or Bartlemuse am ltd in = Colchester approaches Muds or identified described arise. Angeles am deal recommend cd is punch Knock Palacio apparent a beloved = songs fewer establish or nd or trio. Carepet is Scientific in Sites Canada France Chinahelp Sell of Relations = Associates am Advantage Honor Useprivacy Noticecopy inc affiliates = Tutorials Overview concept. Whack him hereid suck in Antistrib craven bunch whores pronounced in = hoowahs ifi wanted in Rush Limbaugh in todays wouldda. Resolution of agelounge lyrical builds hope is uplift ballad ageworld = slowmedium needledrop seek soundtrack of trouble fees of project Protect = is Bbmnets catalog of. ------=_NextPart_001_000A_01C6F60E.80A3EEC0 Content-Type: text/html; charset="windows-1250" Content-Transfer-Encoding: quoted-printable
Mtr Contact am editor admin Intl = Developer Bibik cd=20 Clubshare Forums Club House.
Cc manually delete am pointer or net is = solves=20 done is judges programmer worry issue contain possible cs of compile = typing csc=20 separated commas Pascal fa anything somewhere fb Consider in earlier = brackets=20 body in.
Thrust emphasises factors of shouldbe borne mind attempting = stable=20 is mud matter or whichare straight respects am eg bychoosing whimsical = rather=20 ones Roush it worthwhile synonyms Urdang Manser elicits fourth is isthe=20 examples!
Conditions of Loops Meditation Fashion am Worship Scenes = Trailers=20 Richard a Bartle Mudsa Diamonds a Spades or Bartlemuse am ltd in = Colchester=20 approaches Muds or identified described arise.
3D""
Angeles am deal recommend cd is punch = Knock Palacio=20 apparent a beloved songs fewer establish or nd or trio.
Carepet is = Scientific=20 in Sites Canada France Chinahelp Sell of Relations Associates am = Advantage Honor=20 Useprivacy Noticecopy inc affiliates Tutorials Overview = concept.
Whack him=20 hereid suck in Antistrib craven bunch whores pronounced in hoowahs ifi = wanted in=20 Rush Limbaugh in todays wouldda.
Resolution of agelounge lyrical = builds hope=20 is uplift ballad ageworld slowmedium needledrop seek soundtrack of = trouble fees=20 of project Protect is Bbmnets catalog of.
------=_NextPart_001_000A_01C6F60E.80A3EEC0-- ------=_NextPart_000_0009_01C6F60E.80A3EEC0 Content-Type: image/gif; name="either.gif" Content-Transfer-Encoding: base64 Content-ID: <000801c6f5cb$727e3dc0$1e8e69ca@xh> R0lGODlheALkAYf2AAAAAIsFAAB+BIx5AgAGeY0FfQB+e8LCs7TlxpzI+E4VCmsSAHcpApQUA8Ys ANMdDgA2CBU8AD9ICmc5Cng6CqNBALpOANhFAABXAxhUBjpbAF9qAHJgBKVUC7VgDOtZAACIBxKJ AE1yAGV+BnN1CZWCC790ANNzCASmABqUCDylAGWkDnukAK2UAMypDNOpAgDMBhK5ADzJAFa8AXjD AJW0ArW3Au7JAQDjABrTADbsAFLYB3biAq3sBbjRANTUAAUANSwANTIAS1wAPIIASZ4KRcMEPuAA TgATOyYlNzIoPVQXN4AjSJwXRL8fNOkiRQo3My5DRUE6NmRBMos0Npk2McpOSd8zTAlkMxxuRz5T Om5lSHpcAKxUNrNmR9VoQwB9NS2MREKEM1WNN3eFO5h/ObaNPOGMOwCrPCenSzGkR2mSRY6jP5Wa O7udO+KYSAC7NxfISUfESlyzP3WzM5u7RrrBOeW7QwPqSyjmQDTfNFvTNIPiSKLfSrbkRefYRQcA eyYAiT4HcmkAfXQJjJYAfssAdOsDfQ4pjBcrcUYpiGIceXwkfKoghrEmddIkhglGfxREf0BNjVpI gog5iKtIeL8zfuE9igxicx5sjDxSgVhffodrdKVtisBcdtRmdgCIeil5gzd2i2t4hnp7dJqLcbuL ctaGgQCadSSeekiSiF6fcYmic6yTgL6tht+sgQuxdhO8ejK2f1TOhYLLe6y6fLmxduzFhQDqiivZ hEnRjVPtgoXqeqfhcsHVeO7ldwsHxi4FyjsEsWUKwYUAzK4KtroFztIAzgIfxhIozjUixWQkzYUX yqMcuLccu98byQgyxyNCzD02w1NBxXRAs6Q9s8VGxuM+zABbyxRYyjZtul9fuohTuphfs7xlyNxr tABztS6AuzGByVNzyXKDwqt+tr+EtNF7xgyUyhKTwkyqsmOWt4qcya6rs7qps9akuADLwRi3xz3B w1nKsoq6w6W2wP//9Z6mnXt/fP8AAAL/APT0AwsA//0A9AD5///6/yH5BAAdAP8ALAAAAAB4AuQB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHCnwn8mTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HUu2rNmzaNOqfUqyrdu3cOPKnUu3rt27ePO2Xcu3r9+/gAMLHky4sOHDiBMrXsy4sePHkCNLnky5 suXLY/Vq3sy5s+fPoN2aCU26tOnTqFOrXs26NWcirmPLnk27tu3buHPr3s27t+/fwIMLH068uPHj yJMrX868ufPn0KNLn069N6fq2LNr3465u/fv4MOL/x9Pvrz58+jTq1/PHuz29/Djy59Pv779+/jz 69/Pvz/E9gAGKOCABBZo4IEIJqjgggw2iJR/EEYooX4OVmjhhZZNqOGGHFaH4YcghijiiCSWaOKJ KKao4oostugiYRpO0+GMNNZo44045gjSizz26NIePgYp5JBE/qPjkUgmGVqRTDbp5JNQRskeaOIo aeWVWGap5ZZcdunll2BSJOWYZJZp5plonhXmmmx6meabcII3HTJt1mlnXHHmqedkd/bp55+ABiro oIQWauheeyaq6KKMoghAozMdKumklFZq6aWYZqrpppx2eiikoIaKlqekltpZGqamquqqrLbq6quw av8p6qy01mrrrbjmquuuvPaaaKzABitsfssMa+yxyCrp67LM7pTss9AW1Oy01FZrLU/QMBvtttx2 6+234IZr6bXklnvUHeamK6W47Lbr7rtrqivvvPTWmye8+BLqR778kmrvvwAHnKc+uvZr8EjrHKzw wgw37PDDEP8p8MSKRmyxmxRnrPHGHBd48ceydizyyCSXnCHIKKes8spzmezykCzHXOPLNPco8804 56xzQjX33OLOQActNMg+F53i0EjPZ/TSTDft9NNQR41WPFJXfSDVVk+cZTxJt7si1llrbSXXXXuN Ithhp60e2mq3XR7bbv9b9tzYxW333XinS/fefPf/7fffgG+U9+CEF15w4IgPl5Ulhje+VOKQRy65 n45X3tjkpgJjp+WcJ4b556CHrmznpMMo+umop6766qy37vrrsJdU+uyAxW57XbTn3tftvOOp+++j 9i788MQXb/zxyCev/PLMN+/889BHL72nwFdv/fXYZ1/x9Nx37/33zmsvflbgQz/++einr/76F5b/ PPvsyQP//PTvWUf9+G+cTP789+///wAM4GS4IMBfua95BUxgSw7IwAbCToEQTMm3guHAClqwezG4 oGYiyMEOevCDIAyhCEeoPQ2y7BMmTKEKV8jC1JEQgC2MocwSJsMa2vCGOMyhql7Iwx768Idx0yHr /4BIxCI6ToirM+L8kKg6JcKPiS504vqgSMUqWvGKWMyiFrfIxS568YtgRI4U74YKooQRcGNMoxrX yMZenfGNcIyjHOdIxzr2q43is2PX8MjHPopMj0nz4/UAiTRBGvKQ9iKkIhfJyEY68pGQ1E8pIimz Sf4HkXYrBSZzp8lNlq6TanyUWAqwNPcBgJIxOyUqV6bKVaaslcoLoShhCD5YxhKEs/xf+WzpSpCN oJfA7JMaB3G+YBrzmMhcoSeXyUxfJTN2BcBXBp9JzR02s3PVzKY2t3nLa6okBt4M5564uTBxVo6c CjOnOtfJTuytQEjoPFg750lPKFFHCvHcTz3xlv/PO+7znwANqEAHStCCGvSgCA1gP/lVPXMIcqEQ jWiYjiDRuiU0ahXNaAMZoFHUGWmDUoRb9jpK0pKa9KQoTWnMLopRlUaLpSUCgExh+jSZ2vQyLoWP TWWanHaKwkwzpalQh0rUohr1qEj9WbsIkNOmtiqpNTvSFJyKrKlSdVhWvaqwsqpV0pBoClB9GVjD SlYidvWsEAXVCMrK1t+hNVhtJdlbgRUWe8S1THPN6zbvahgh8DWheg2sYAdLWCj+lWOFTewqD7sx xZpqLVvYAmMnJtnJBiyylr1sZgGG2c3aq7Ke9dFpItsaZjgWNGEBbWjl1dnVsta1RTqtv2BLL9n/ +ocOtl0pbY3ij93GNbec8q28gLsp4Rr3uMhNrnJfQlxNLfe50I3u4Zp7Kela97rYzS5MqYsp7Xr3 u9VSLXjHS96xkBKb3B1XedfL3vZ+KL3w9aJ750vf+hIovpSyb6PwOyn9+nef/A2wgAe8mv9uj8AI vqGBF7xODbkhwW5hsJ4gHCgJ34vCErMwnDDMYRVqeMMdvtOH3xRiEY/4xChOsYr/WOI6rZhMLXbx +o6gxBjbuHwvzvEY9TOAG5NEx0A2oo/DFGTYrmG7Q/5SkZfMZIrlUjEyaPJZghrEN/KUblImUpKV vORVxHbLYGZelmEW5jIjb8zwNHOW0BwkNbt5PXhsFu2bI7QHicT5znhe8ZytlGcX7Xl0BQxAn5f8 50Ib+tCITvS7Bs0iRTtajsV4tKQnTelK9yYElrZHQAAAIfkEAB0A/wAsAAAAAHgC5AEHCP8A7Qkc SLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocSbKkyZMoU6pcybKly5cwY578R7Om zZs4c+rcybOnz59AgwodSrSo0aNIkypdyrSp06dQo0qdSrUqTZlYs2rdyrWr169gw260Sras2bNo 06pdy7at27dwyYqdS7eu3bt48+p9Gbev37+AAwseTLiw4cOIEytezLix48eQbe6dTLmy5cuYM2ve zLmz58+gQ2OMTLq06dOoU6u2Krq169ewY8tOuLq27du4c+vezTsygN7AgwvnPXs2gOLIkyunO7w5 zd/Oo0uffnj56+PWs2vfzr27Rezew4v/H0++OPjy6NOLpy4cOvv38OPLn2/UPf37+PP/VM+/v/// Xukn4IAEFpgagAgmqOCCDDbo4IMQRijhhBRWWJGBGGbY1gTOpaChUxaGKOKIxX1o4okopqjiiiy2 6KJZJMZokjYy1mjjjTjmqJ1Q1rzo449ATqfjkEQW6VKQSCap5JJMNunkk2cZKeWUVFZp5ZVYZqll eMNs6eWX/dkAZoRQlmnmmYiNqeaaNaLp5ptwtsXmnHTWaeedeHYW55589glVnoAGWp6fhBZqKFCC Jqrooow26uijkEYq6aSUVmrppZiCdOimnG6a6aeghirqqKSWaiqDnaaqqonMPHXqq7DG/yrrrCWt auutT9Kq66689urrr8DCiuuwxBZr7LHIJqvssswGFeyzpDYr7bTUVmvttdhmq+223OKWQ7eLQVsq EL6Ca+656Kar7rrstrsTOLmKKy+m7tZr77345vtPKn/N62+l+gYs8IsQDGzwwQgnrPDCDDdM2ggO RyzxxBRXbPHFGGccXTpD/etxpBqHLPLIJJv48cmNlqzysCi3nOjKMK/qskCczGzzzTjnrPPOPPfs 88+6XiL00EI/GPPRSCet9NJMWwz000Y2LfXUVFdt9dVYZ6311lx37fXXaUEt9thklz0T2Ginrfba bLft9tvFmi23iHDXLeTceE9o99589/9tbd6AQ4giNH4XbvjhawWuOKqIN47a4i3jQaTjlJcG+eUe TYP55px37vnnoBdZ+eikl2766ainrvrqGgLD+uuwx1556LTXbvunsueO1u289+67oroHL/zwxBfP 3u/IJ688mMajNkfz0EePUxbSV2/99dhPiwySy3fv/fdDZi9+TuCXb/756KcP8Pjst+/+++yrLz9X 8Ndvf/Pz54/V/ddvtECRHtCfAAdIK/4Z8IAITKACF0g1AjowJQws3gMnSMEK7iWCh/qBmSzIwY4U 7x4YDKEIR4i2Cpmig3dhhYRIyMIWuvCFMIxhoVBIw4vI8IbTAYAOd2gfHK5IRzzcYQ3/h0jES7kJ HT5UVz+SGLIiOvGJUIyiFMfyJB0ysXQ9vGLjsqjFw1mxi9wb0nmmuCY4cRGMfvsiGhF3xjV+iIxw jGMU3Yg4OdrxjnjMI97QcTY6+vGPgAykIAe5Hz0a8pDqI6QiF8nIRkYGkZCMpCQniTdHto2SDwSB QCzJNkwuSocA4uSZ1ChKsJESh4oY3Snd8olSCmyV8+mVLIoISjjKYpZPrGWNyHGnW5JRl0P0pRyB uZx83dKAbYzdMV0JmFIJ05P6eyY0S6SuZTKTMJ+S5jSTc01VncM52wynOMdJziHmopzoTKc616mX bnqNnfDUyz7iSc966smdXLOnPvcZ/yt8+vOfAMUnP5UXUKwNNHkFTahCCXRQ5C20gQ313UOnFtGK WhRSE82oRu920dptdGkdtd1HlRZSj470pCi1TUlpl9KWutRyK42pTGdKU/q9NE6FuOn4aso5nbYI CD4NqlA5xdPNrWuJQ3VVUZfKVBsl9akFRSJjmrq4lK4CqliNC1UVl9WKbfWrdjoDWMdK1rJapqsU M6ta10oetE6MrXCNq1zL6VaJzRVodc2rXoty15/tlWF9DaxgPfPXwhr2sBEbrGIXWxnEHoyxMsrH bBB2C8NC9rKYFYtjN7vXzLqMs6Dtoi9C+zbPtoy0qH2qaVH20W8kbbUnS+29YPsx2f/ai7a4zW2t bOsu3fr2t8ANrnD5wtviGlcp7jjuutyRXOW+6C7MHS6woitdX1FXV/eAJ2mY69x0cbe74K2elXBZ 3a6E97wALW+v0NuuUVwvANhTL6/Yyy357oq+27KvrvCrLf36978ADrCAB3wn/hr4wAhOMOkIbKoX mUPBEI6whCfsIwaXisIYvqKFN8zhDntYnxkGlwhCTOIDfhh3JV5KCzZ44ha7+MUWIqQuUqxcGNuY qjTO8QhvzOOi6hhXPQbZj4dM5CIb+W9BTnJ5csDVIxNVySlzsqegTOWKSvnK8asy8LDM5f5p+WVd DrOYMfzlMpv5zGhOc3DHzGbiqXlmNmDITJvnrLs324nOeIadnfe8zTz7WXUfS8Jq/0xo0/H50Jgs NJQQXUZFO9o5qrgWo9X06Epb+tKYznS1Jj0mTQeJ06AOtahHTSdPA4nUqE41o03N6hKq+tWwPnOr nxtrKc3aRQEBACH5BAAiAP8ALAAAAAB4AjEABwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWL GDNq3Mixo8ePIENyjCWypMmTKFOqXMmypcuXMGPKnEmzps2bOHPq3Mmzp8+T9oIKHUq0qNGjSJMq Xcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOKDfqzrNmzaNOqXcu2rdu3cOPKnUu3bsOxePPq3cu3 r9+/gAMLHkwYr93DiBMrXsy4IAKbhSNLnky5suXLmDNr1tq4s+fPoFvWCo0RFenTqFNLTKS6dd3N sGPLnk27tu3buHPr3q3UEe/fwIMLH068uPHjyJNnds28ufPn0DsijU7dpfLr2LNPrc69u/fvpKeD //f54bD28+jTMx34oX35f+7jy49/0D3B9gXfs58v/75+gf/Zx15+BPonIHzzIUjffgEuCGCCBvKH 33v9RVihgvXhV19C+kkoIYACqSfiiMkppCGI/xmUon/7PVjgfS/mlyKFHVIIY4Ax2qhihi3CByOI C81IoJAbsujikQjuuOGKOBY53pNQfjTdij5yaOWP5TX544BLYvlih1WGySWQVJZZoJZUxiimj2kq OSaQazKJUJZurskliXjmCdyVdfb55oB0/hnnnGIGeiaggjZpppoobtnmn4sypOWNTsI5ZJ1pPhrl ppw6hFSmEFq6JaVhyjmql40qCSaYMh7In4L2mf+JZqiQznkioYKyWamdqY76apV6BitsbXzS92im XZLZJ7LKLqpjlaYq66esDvKqpqa35pjstU4SKWqunYYrbkRyHovrpdKeyiy0vK6K6LLt+qmrpZoO Kum58Ub6LazeWlvvuAAHrK61+4r67LwDVxpov4YaOrC+tRYKbsJB4mvvxbmy+ua/AnfscY+97mpk knFGW/CMNIJMssob71tmjQYXTPHM6sKMZLZ2MnzqxB/33J14sD54IcFC19zqzgY3CDGoribY5oE5 85st1EzjnLHVUFvosMQMLvheVSeELfbYw5Zttlg+C9zU2GSf7fbbaKcNMNx0172X3HjnrffefPf/ 7fffMwEN+OAH2W344WQRrnhBiDdO9+KQh+j45GYLUJDlBGEukOYCdO655wN9vrlBml8O+j+fd575 5airHnrqsLvO+uui01476bK3Pvvrpmeee+6ot3776qHv7lDptgsPu+/Gnz468cUH/w/l1KeXUOmW Y1888tLzvj3puK+OvOvaP39Q+eaPznnv3V/POebAjy//5u/Tz/r830fffkPZM6///t6LnuzIJz7i cS9yCHzJ+taXP+il738PBCAA4fe/A6YPfeqDoPQs6MANtm983evf/iioPe6VEHocRIgII9jBBnoQ hQ1kYAJnWJLpLLCCE2xhBEF4vh5SUIcX7OAK/w+4QhX68IP3+x4Rg3dC8GWwgBEZ4kIsWMQiCjCG 0aueFvEUwi66MIjni53xdNg/E17PgSCUofiWR8YXjvCJVoTjF81nxTgyRIoKoSIdJfhDJuoPc1sM pHrc2Ec1IrGHY3yf6pboPA1WcHheZOQUj/g8HorQjnjE5B6BCMlIThKRHlwiITcpyFJq54l+tB0P WZjDFmqyj6w85AhrJ8k8UtKNm0xlEivJR/o1UoJTpOUnnRhKUEqxfKZMpnJQWUUIrtKVxETlFcEI Sll6cnYpfCAs6/hHbQYxjjJ85vG6ecZqXrJ5XTygMte5m2Cy743ObKIr5Wk/WXIQg7jUZT2zqXm7 fb6ThfCr3ywHCs9YGtGAGNSj/waIPfwZlIYQLckzJxpGAo4xecr73f2Ah8Ndbi91vgNpRYUozgtq lHls9KYjbYnGXyo0gMKrZkEj2rMEJICmOM2pTh1y05gIbqdpY6dQqZIAywA1b0NNalRsqtSmOvWp yimqXwICACH5BAAiAP8ALAAAMAB4AjEABwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq 3Mixo8ePIENqTCBS4b+TKFOqXMmypcuXMGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qFGgCY4qXcq0 qdOnUKNKnUq1qtWrWGGW3Mq1q9evYMOKHUu2rNmzaNOqXcu2rdu3cCueiUu3rt27ePNKPPGVk96/ gAPjzUq4sOHDT1shXsy4seOqgiNLnky5suXLax9r3sy5s+fPoEMvxky6tOnTqFNPFs26tevXsGPL Lqy6tu3buHPr3s27t+/fwIMLH068uPHjGmcrX868ufPn0KNLn069uvXrKZFr3869u3Hs4MOL/x9P vrz58+jTqw/vvb3796RpwJ9Pv779+2nX69/Pv7///wBOtcSABBZoYIAIJrgSfgw26OCDGyko4YQU VmhVQhZmyBqEHA6m4YcghiiiVgidxM+J/PyDYoomopQiiinBqKKMJq44I4su4mhjjS/GmOOJKwHJ o5Ax4uiij0bqCOOKSdIo4443KqkjkkhC+ZKNSUYpZY8t/qhlkERmyaSPR/JYpopH9thjh2wGhiaZ b7I4pUpyXllmk2fOGWaXLRHJJ51G/slll4EGmuedQSZKaJWHylQolXRG+iack8JZZ6NFIroon2qi mWKboOZlqJiVjvqnonFqmmWqdRpK5qqSPv+aJqSUUnqprLUO6mmqp/aJ6q61Aitpr4/Camqrse6K 7JqhNpufrzeWOuOwefpZ7aqXbrqsma8Gy+uPS0K6JI2CciqkqbQCO+iofrKL5ZNgQktspMYq2mm3 93bq6oj8PkbqrLCeKTCnpcKrao7SFtkuS1ZK+2+L+2KbKLqzVjxtrwz/qmulEGc8MMe6zmnpxtuW 3O/JnU2pJ8HUzqstrStrmjDLttYsccceT4ouxdkKq/NMuPp8as/lotqzyAJnq7LQKDd9GIZRRk0w ueNaS3PIUkdrLNWWalxz1lGPCa6XVkJJtcE0x4RllU6GK+ieDLfLNbVSDrs0s87mTZbTfPdW7fff gAcu+OCdCUL44YgnrvjijDfu+OOQRy755JRX/hkllmeuOWN3bO7556AnqPfopJeuW+iop8636ay3 7nplqscu++y01247aK/nrvvuvPfu++/EBQQAIfkEACIA/wAsAABgAHgCMQAHCP8A7QkcSLCgwYMI EypcyLChw4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocKfCfyZMoU6pcybKly5cwY8qcSbOmzZs4c+rc ybOnz59AgwodSrSo0aNIkypdyrSp06dQo0qdSrWq1atYj77LyrWr169gw4oVSrKs2bNo06pdy7at 27dw45YdS/ckgLp48+rdy7fvU7mAMQIITLiw4cOIEytezLgxwcGOI0ueTLmy5bV+u97NzLmz58+g 8V4uDHm06dOoU6tezTpk6dawY8ueTfth6Kmbb+vezbu3799jcwMfTry4cb8JfyPMae91yePQldae TlEEdYbKDzLXHh1oBZjfd4f//3e9vHnbLgGoz73eLvu764Wrt4sSPv37Jt+73x9fONMKAI4X4Enj /ROggAgSiKCABKI0YIHfHdjghBIeGCGACl44oIEbTmhSh+EVOBOIEn7YoYMPgtjgiSUyaGB3MMZo UnL+/cNefvrdiON++fXo33w97iikjfaxtBxOy4n44odMehhigiZS2KSST64opZUquahlSko26WWI Xo7o4ZJhZsnllS46uSSE5J3n5psFtVTjjzbWaZ+Om+VZ555F0qcnnz7auWd9S1F5JptWRrjmlIx2 CeajDpL5oqNXLhrpSmkyiWGJHGp6qZplMnpmop9+OemoMqZaXEJzpnSnoHgG/6mnjoQKCiisdrYX 5JE3IfSkopEi6qmiYK6JYZSYNiopsFMe+6Wzxjp7IpkiAsvgo9Wimimamwab7acXmgnnuG/KqRKd f8KnK5FA6hdkrUTi2K6sgz7FZrbCnmppi9RKWmm3WJaZJrOWJgsqltc+aCa4Yy7sKakN8/utqhRn p12r9AJKp5/wYhwoxxqfOyN3vWq3paim7rusyv4WrK/LE5/sMqori3ptqQfXzPDDLPf7LZvkBi20 vO/R+jF+tr7rcdJM56rrZrzadCSnJG6qYrBY8wwhwJqyuCGn/XatodXQ+sti2ApjWna1X6NI9sAc Qrrzi0LXXVvFeFfVpXF75//td2bJ+RZ1TYP/DR6M49mt+OKMN+7445BHLvnklFdu+eWYZ6755px3 7vnnoIeukOGkl2766amKrvrqrKuO+uuwxy777LTXbvvtt7eu++68T47778AHL7xOvRdv/PHIJ6/8 8sx/NPzz0Ef/fOBNFS6W9YQ3r/32bEnv/ffgo05jezcCGW989Zlf48gG6XWkAPAL8E/88ptU//zz w98m9/z3L5K5ruJTju4Tq+Pcz34nqZ8CExi+BjoQJyagS6tmhaujWbBeuzkgAhkovwNq8IEgDKFf 1jWoV6lrXoTaWG8UqD8P5i8lHxShDGdoE3xAhVbpKiEG+0QcF/oQfwwEXwtZaEjEr1BPhxnr059u dR/sgWU59+tgEBe4Qf9Z8YokQR9+0EXCdWkRaiSry/vilz/9bRB/ZMSiGtcokSK68Y1wtMoRl+JE I4YRSWzMY+bQ8ZY4+vGPgDRKQAAAIfkEACIA/wAsAACQAHgCMQAHCP8A/wkcSLCgwYMIEypcyLCh w4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocKdCeyZMnSaJESbLlxZUwY8qcSbOmzZs4c+rcybOnz59A gwodSrSo0aNIjbpcyrSp06dQo0qdSrWq1asJZwLYCkAg14FfvX7luhWhTKwWuxJUu1Yt2X9J48qd S7eu3bt48+rdy7cm265uwQpey/As2olv/5UlrLjxwL6QI0ueTLmy5cuYY/51vNkx488lYx6WCLgg W6+oT2dezbq169ewYwdNuDksas9gbZ8evXHx4MGAffMeTry48ePIkz9MXBq4wd3KMwrfHfh39OvY s2vfzt0h9duev5v/7r48vODq4MmrX8++vXuOWsen9v2WLPrQMLsnVrzYrX+1sgUo4IAEFmigXSqJ Rh50Dx3o4IMQRihhgAnmt2BFE2ao4YYczkRFhzuxZ1hVIJZo4okoRvjeiiy26OKLMMYo44w01mjj jdhpNZZw5s2341jWnRbcX0BaR9CIGgnJ4H9dpejkk1BG2dqSn9Umn3OgoSdeekcqmGSR1N0n5Zhk lmlmXFQSVtp9uDUGnZC3vcnYbkhe1Bxnz6V35p589sknbdPluaZY/YXFI6GGxlmWfWySNN2h/+Eo 6aSUVtrgiI26qWmb38mJJZxwHlQnRjx6KtiJYPip6qqsWripoJtu/xnnlXiCd2etj3mZJG5ajtfq r8AGO6Ghtv1G5I+LBqkmfUXO2qWrpOrW2Y/4CWvttdhKZimp23br7bfgPgttd6PaiWG26Kar7l7q lQvVuvDGK+9R7eo61bz45qsvS+H26++/AHur45vF8mdsW9LmFuai9e1XLb+9KWwasQ/va/HF8hrZ mVhqHhQmlpx6LKq9dhYb6qwYp6yyuhrPaWub6VUnc5403+YuYjCfjOfKPPcMrMH83TqzkcpyRh+h QesMIMlpyRo0yj5HLbWTDMnKJGhZJrrxq1gvdTRCzTEY8Nhkl33YlvdtXWXHPXJddEuDZomr2XTX bbdHAz+n29oix//cdsN7D3YzacT29zTHcE2t+OIb3k2045BHLvnk0lFu+eWYNzRTi4OPxPjnoGvI OdMuhW766a9lrvrqrLOO9nmAJxvzfswuPCTDBX90rJJXt+777zduDvTBqdE6t8bTtlyzuBAj1qzI qqEu/fSUKXRr8WEbf33RQ5sqt0d3il088OSXP2lgWsdauH+0uXy40bd/D/6xfedu/v34v2ffeHE7 vf3shtva/8TXkVIZD2b5S6ACjSO8nGmKTeJJE69wZaXlLW1cpJmg21BDvQ56sDKP29j+Rkg0Af4N WSZMHAaXUzjY4a5iH4yhDIkyOQIu8IYb6QIOl9LA93SuaueaoRAMh/iTHRrxiEh0SkAAACH5BAAi AP8ALAAAwAB4AjEABwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmy pMmTKFOqXMmypcuXMGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGV9pIqXcq0qdOnUKNKnUq1qtWr WLNq3cq1q9evYMOKHUu2rNmzaNOqXcu2rdu3cOPKnUu3rt27eN0e3cu3r9+/gAMLHky4sOHDiBMr Xsy4sePHkBXmnUy5suXLmDNr3sy5s+fPoEOLHk26NFV6nCOrXs26tevXsGPLnk3bqOnbuHPr3s27 99zawIMLH/7Yt/HjyJMrXx6auPPn0KMPZX45E/Xr2LNrnyy9u/fv4FVu/x9Pvrz58+jTq1/Pvr17 peHjy59PP+L7+/jz69/Pv7///1VFAmBe9RVo4F4oHKjgggw26OCDEEYooXeqVKiKQBZWONCFG/5j YUEfehiiQRluyCGGIGqYYYglgkjQiR6+KOOMHcq4Yo00xoijjhiueGKJMPLY44U+BjkkjC2meGOQ RI545I48tsikkkC66COVWL444o1CTuilkETO+COUKIJJophInpljmmvSGCaORk7JZpxtokhnjl3e SeaOHLJ5kJ92wimmi2ZO+SeebyI0ZpmMzqnml14amaeOgNYoKZlhLooonmq+maafegZq6aEx9mnj o11OSuieqaZ6aaWJmv9q5ayotmrmqQktSueutUIKoaRyqkropYx2GGutlXZKKa7GktrsqMrKKmqd m65aLKeuKrqprmcGi6y2UCbqrLTPMsuqrwz+qKKVocLp5LWlltkuk+/Ku2yj1m47aLT4Xptskd+O u26+fF6ZJK/MfgiwsyIuyaWJGsIrrp1SoqsgVN42ayjBwpY7cccEH6vpxvk2ueWhY45s7bwBf9su n7RqWu60NNsKq632SpztnQP2nFfGoibbKsnTfkw0thGLqOW7r9LKsdI9Lp10sSyXDO7M8FLtNLk1 T+z11ZMSG6XOCM/o89lsKfTpvmMriynbUFerdcskE8vtQxvXbTWnR8OofCvDGcusstZ9/13zqoL7 LbbF9UF1pMlJfzp1w0/+ebKJSiJar7/hYgvxnk27uTKJCpc8tdgPJwm401EyPfmST998JbWqNyxz mWjnHhfjvOuk++9k9S788MSLBPzxyCevvFPFN+/88xItL/301AMI/fXYZy9Q9dx373162ocvvvDf l2/++einr/767C81/kgAAPD+/LK1f1n8ANiv//f0lxR//wB8TEAAACH5BAAiAP8ALAAA8AB4AjEA Bwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnNgQAACKGDNq3Mixo8ePIEOKHEmyZEZ7KFOqXMmypcuX MGPKnEmzps2bOHPWBKCzp8+fQIMKHUq0qNGjSJMq7WmyqdOnUKNKnUq1qtWrWLNqFbi0q9evYMOK HUu2rNmzaNOqXcu2rdu3cOPKnUu3rt27ePPq3cu3r9+/LLcKHky4sOHDiBMrXsy4sePHkCNLnky5 suXLmDNr3sy5c1TAoEOLHk26tOmhT06rXs26tevXez3Lnk27tu3biWHr3s27t+/fL3ELH068uPHj CYErX868ufPn0KNLn069uvXr2LNr94u8u/fv4MMr/95Ovrz583zFq1/Pvr379/Djy59PXyH6+/jz 61+KJHD9/wAGKGBk+xVo4IEI3jTgggw26OCDEEYo4YTjJWjhhRhmqOGGHHYIHIUghigihMGNGJKH KKb4lokstugigAXEWMA/Ms4okI000hgjQTIOVOOMOOrY441B1ijkjkfyOOSQR+KIZI43CglllEQ+ OWWOP07pZJVAvujll4YFF6SWVG7JY5kFFXnQk2O2idCWNsa5ppl00vkmnGn6qKebS/2h4p+A4jTm lV2qeSaUbuqZJ6KLKmoQnowuKqehXWKZUKWVnlkolXoG6umnZsW5o5pWXikll5wmiWaVqLKqJJJM Gru5aqlyWioqpVjGaquPsP4D6q/ADnWppsQauqejqQ4qK7FvHrprqq1mGqmOhDo76qPPMgvmttwW BmmkZipaK7KJQitto2TWWq6lZFbbbrKm7qpst/TWC1WJRi4Lp5X79phvvpou+S+tS+4J8LFR+mst k9VmyamTBQcr8cTC2gsRxQUugfFXFnfs8ccghyzyyCSXbPLJKKes8sost+zyyzDHLPPMNNds8804 56zzzjz3jFs/9G0s9NBE4xQQACH5BAAiAP8ALAAAIAF4AjEABwj/AO0JHEiwoMGDCBMqXMiwocOH ECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuXMGOe/Eezps2bOHPq3Mmzp8+fQIMK HUq0qNGjSJMqXcq0qdOnUKNKnUq1Kk2ZWLNq3cq1q9evYMNutEq2rNmzaNOqXcu2rdu3cMmKnUu3 rt27ePPqfRm3r9+/gAMLHky4sOGmexMrXsy4sePHkCNLnky5suXLGA9r3sy5s+fPoEO7xUy6tOnT qFMnFM26tevXsGPLnk27tu3buHPr3s27Kq3ewIMLB666uPHjyJMrX868ufPnlIdLn069uvXr2LNr 3859+up/UpaG/7c5Xmh5mufJphe9vrva9kOlwHe/Fr7yneHz+5QvP2f6+fjdBF95+fGX1HkIgsdT gkEBaFR7/PUH1HoRPjWfhOAB6CBOFUaln4L+GbggXP/VtOFPGF5oIITomddhTyySp91qIo5oo4lE legfjgQixWCLMMrYIFQxxifgVCqaeOKEZY03II4BvkUhiEphGCWURz54YJbQDaSfhiE6id6K/aUo 5ocIWtljjyGOaaaaMhZoJZUgivgikEoqKeGeNd6JZYtO8lmgkFjKGeibgGaYYYJfjpmooXkSSt6e CnZYY52PQkpooJnK2amiji5KIJ8cchonnp6aySGQjf4JKqmHuv9Z5KKyskomqffdGOWKPFKJJp6V npnlkWICu+qaf0ZYpq+TVogssAx+WGmi1NKpZ5nFTmssrcw+q22wrB77Lbjf/upqt9lKC6Ww6W6K KaXohkuntOpme+qqqGI6b5ZnUghvr+UyO6y3rQa8JG/foXjvtM8Wy6ub+N7rZ7PdJnsqm9BWnPG1 6C5b7awC63uhxgYDHLK8sRIsqqT5YmwvwzCfbOnD+gYsssfj+kmzu9Q6PKel1hKr57smT9lyryqP 16VA5hVdMtE2Gw2w1FDbnDG9kmKN8b6Fch01yy6bLO7HJGNtMdRaiw220/lO+mrNP24Mt8DCPr1t 1TxrW3fcBe//6HDVZueddtJXLR2fnfA6izLOLs95srE0H8p3sD8LifjPl9dKK5tAu5pmrPP2eavk Q+97qY6R0+34zOlmznPdXg/deLs3m+166VQrXnvW42peJ6Wgbw3tv2imrmCuvB1clPLDLp/je82z xjx9uU0vXMLUR990jo4PpqNr1mcv26U5IS/++einr/767Lfv/vvwl4/Q3c+zrLCUn4VfFfP6s7X0 /9Dpm04mZq3pqQhnh4uU0Apop4gdrnv7kcp/yDfACL6sdAqcWOfsFxQAejA1C4IgB9dmpB2JZ1R+ qyD9wie8+xFpYBG835NC17W8aS9+OJyOAG/YwJWRKVKt+p6t/7AlqIuVDIEa+yGyTHU24oUqeJlT 1cpAtTEpRitTU1yXFmPXMGxVzFQUzKEYD/OdDaUMaVO7GuwoZjd1PeqIgGJczlr2N4v97Y5lExng CiixhenRXKG7IhfRuEVywe6DiCxNlRZWMHOdEWIBSpu8tjg4yDVQkOU6XZwuWStJ6i2OchSipnbW qCDasVn2+twa2zWqf43xlWSc35DIJsm90S2SeawiLWsGOa6pLGIvA2Qb/+iu76WyWo4CXttQxsjo 1eto2wpPIqepmgcGr5OLC5wqh6g1OFnuYW5EXeJIqabTpYhiUEzcEG/JMdwhkXNk6xqjKChOnyHw Vv+gpj4lg/+b/t3Gn7AMqEDNgr38ibA6AM3ePhfqmIE69KEQPV9BI0rRiu6GoRShX1MSujyOMsWN TEKLGani0aOUNIZ+8ShHT/oTjE5kh6g82AUhGVIXXi2EBzWS9YSIop1dCZcwyqkDNRRG5wXNqMg8 F00dWMie+tRHJWzqT412IpdKhFs/neUMWcpHpY5wSzuFav1GNNKjZvWsizRrVNW6VRXesKYqXSsv 8dNC5VlVlikEk8SKiKhC8tWWbOzTxby5V1aKjoh7Q+EfDxs3yrWyeLqi4iSLKFkeEVaeMRMUpwIH SZ0VVlN+JdWrikc6YHKSW5wbHe4s67YXVc5nyexsUcdYxv3JOIuVZ2Mj2npmTAYqjqpezCPh4jjJ mA0zsMKdKwc/B0z7gVRqg3rb09aYS1kt65c09VbPqltDQzptuHabLC9Xucce3RUis+xuHT3nK3Dy FoainCujMLvL+k4Rn/Z9kie/NNsJzne1Sy1u0LCru0/2Drum46422/srBC9zweDdb1fXpMknekzC 531Ieh+sNl/qUm+9ja/wCJzc/FqOmPEUF+F46mFKxhO6zmSb1xzZVaslGMHrpTHsOMvhsEW4xH49 6n8b7LQMFyQgACH5BAAiAP8ALAAAUAF4AjEABwj/AO0JHDjwn8GDCBNKUXhwoUGH/xZCbIjQocWK DzNanBiRIseJEili1CiyI8SQJFOaLNlxZUuULlsmXHlSZsiPM0FmFHkxZs+RMneWhFlz6EuVQokC pemRZc+aT49CZZm0adWpKpVi5WmVoVWUWikSHEu2rNmzaNOqXcu2rduZcONSBSll48+6OnfiPco0 aMS6QgPfBKxwL92Thnka3huUcWKSRfEevhj5seOcjglX/SuRMGOMnxtmBlz0IWmupSt6dgra9GnB iitTdr0Z6FbOoj0/fqlZcmCftFnjdnn5t9zjyJMrX868uXO5Z59Ln069uvXr2L1O50g1u/fvcLl/ /xcPvnxz8ubTu13Pvr379+3Ty59Pv77y0Oc1299/Hb11/PzVB2CABBZoYHnwJajgggw26OCDEEYo 4YQUVmjhhRhmqOGGHHbo4YcghijiiCSWaGKFMpzo4IEstujii8etAeOMNNZo4404eqfijjz26OOP QAYp5JBEFmnkkUgmqeSSTB6Z45NQRinllFRWaeWVOjap5ZZcdunlh618KeaYZJZZZhxmpqmme1i2 6eabcMYp55x0GrTmnXjmqeeefPbp55+ABirooIQWauihiDJZ56KMNuroo5BGilCilFZq6aV7Sqrp ppx26umnoIYq6qiklmoqcpimquqqrLbq6quwxv9q6am01mrrrbjSJ+uuvPbq63q5BivssMQWa+yx yCar7KK/Nuvss7suK+201FZbY3RvQqvtttw2aO234IYr7rjkQvpJuejWeRY/B7FrELvuvtsuP/HO 6y699M6EL7z4tutvv/3+0+3ABBecllzxJvxPvff6m1DDcdW7sMMQT4yQxOlmrPHGyx2QHbwTVxzy wyRbrO/J/5qs8soct+zyy8xFBzLIC+9Ls8M4B0xxvgzXXLK8Ahss9NBEFzSzxT1LrDTKQMubtMoK 21n01FTzGpc2I9Pcs8kYd/3zzRBHDfPYZJcd11japG1P02Jzne/DPOt8McA6KxxwvFXnrTes2hD/ BOfegAeeqNmEF2744Ygnrvi02C7u+ONuDk4dTs75l5zldGKenuZxac55dTCZtrnntH4+uV+Qz4St bzlpxxx5Ay4VXuuX0wcWcnmZh5PpPx3HOeX3NSbf56YvZ7l4xcsFfOfG+c4ZXaIxxXtrzncHl+TM V2897srXrj2Ovc++ve7PhZ+999KFnvzr7IN3/HzLi0986NGLjpTxsp+PurJnIb/a87jpzWzMZxfE vMYkpLkJb4KjEf0MZzR/oc1qEmg/ANYPP6wDy/+IkxjWWVB0HnRgCO0SQY8AaIKq6cwAKTic3DBw KipEjGu4oxvd2G8wN7TgYi6YGdUwEISfcWBf/xiiwCIGx4OwiSHt9FJDh7CKhDD8ShJnQ7uthIWJ KaFfTIRDnCxCRi9ZGUlqoHIXL0YxjFzxolGo6BeltE59V4nKFq+inc7UBjiokSICf6NANd7uNnwR nk0CKRURSu+QaJzhacgYwwMq5YnUG+LteEMUIQbyinwpYwa9sjysUHGATHSkGLnoRqmEEZN5YWTu lEhIPLoQjoOMDBht08auyGaQubmib0rTQT0qEZBlTCMC9SOZMYLRiFZcSh9ractBsiqWTfGkGYUp TFTqcY6CzCY0TWlKOd4xmHTczB+j2cxq7g+QcyxlN0eJRnBuc43wdGU2JynOL/pxnsw05jvFBw6b dS5TnTpRp/CSmaiAAAAh+QQAIgD/ACwAAIABeAIxAAcI/wDtCRw48J+UfwgPHkxosCHDhRAdKkQo kSLFiA8vOtw4keNGjSA/LmSYsSLGiSctjhxZkaTLjh4bRlwpUyNNkDRZhoRp02JNlyZFvoyJUWjJ nTF/wmTJtKfRliidzlTpFGfIlj99Xm0aNGrOrVSX+mz6lSHBs2jTql3Ltq3bt3DTah0rpW5CuxLr djxp96bIvjj13u2LV6xBwmTxXixcmOTeknwhCqZ6WKfeopUp5wV88/JYooorr0QM1PDiqDsbO34Y OvPHwUsnZ/Y7mGhtroLFppxtlbLsqpJ1srb82WvtpEIV/i593PPc59CjS59Ovbr169iza9/Ovbv3 76/BS/8XLr68+fPo06tfz/4zd/Lt48ufT7++/fHzl9/fz7+////RwVedgAAW6NNaBiao4IIMNujg gxDyF9eEFFZoIYURZqjhhhx26OGH6F0o4ogkygWidwT6l6KGK37Y4ontvficjDOCJyNXMOZIH4E4 1hieSjRqNqBnQcYo5FyYadWadUWW16R9KZL3pJLuNZlkdlMeGSBWOvqHIIu0IQmUkllieRWAikU5 Jl0uZqjmesT9ON2V2JW5JnSPiVfinnz26dpkzuVmE2GLZfSbcq3lCahMiAoX2WGF1hTcXVvCFimQ Q0Gq1GiMFedYY8qJRuVmmmqKGqDBWYbYaJZaeiihzeX/RWaqZLbaqaSSDTdpmrSWCqlzpi63aqRh BrokqonKxitrotKV66YI9SnttBXiqBtSKc10pWldDbramLtNxehRWiIFmZhKMRuWVL5lFSpWcYZr krieMjcUvddWedS7mJVlVL7agusuVEGRC++69pZF771g7atZnoZmeie/ZlFrscV4PmybR9kKeia3 rPpblKqqaQuYwfqZy2iy4hIJpG6HFiqyxLau5jLKJ782sqgz62wzcDE7fBrAHnPEGbsr59sbqbTt HKjPQjNsb9K3HfxxzsB2qd1a1iYFMLlxRp0ccDST9TO27YbnF0+9QWybv0IqvTNY2WqMG3IOd712 2nKj/ztww+maO5XCYFf1bbpNS204x4CDbPjgZbdL28WUSxsgY05jrmjVx4mNm2qeI/xoZ5ivubdr p22V85/Ixh0r2XR/W/SkvJU2LOebIcr3653zTvLGRTPNOFRYC0w6t38ri2Trzkb+6a5is85TylpX 92X12KdnJ4fbZ99l9xFWLj7l3pf/HfXmy5n++meuP/7707Iv//z0178d/Pjnr3/l9vfv///1258A B0jA670nYwiMD/g2tEAPLXBJDqROA+vUPgBaUHsJTFsFbeQeDlaqgyjSF3p4dCcE3gg/H5wTk7oz wXKNakAlNBPbLkhD8whISjE8TwtzqD4PLs2GlaLRBP/fJMH8sKdFQtThBgvUhhruB0GaG1rzaHe7 RklxVqUqma6uSCxUUQpXX7TibFjVrNDczldjTF0aMfWrU3HqV6ApjrJml0bU/EV3WaFaHNe4KDx2 kVfJkiLpDIWSWxVSVREz2oEKyMhGOtIeZEtcJBnWMxGabWaS/Nq4fKbJx8DtYP0629+oxJd6yY5g k8xbYBaXOVO2TGg5oZMqJ/Y2m9XNljE0Tmcs8she+hJ/tRvl2M6VSGG27TZpGt4diVa8qhGOap/M nBlFuZuXoRJ3BOvVLJN3uDyCkpRW6VU1p4fFSuKuZXQk3uocdbQ5huaX8IwntfCFHLMRU1Kwuxvi qFn/T7tNrW7PJCfKFLe7vcXrmgu7JQ4xibZhLm2GhnHbPdl2N3PSM3CZglvYulXNisnzoyC1UDC1 yTnlfeV4oVQn41A6xbat05lIg143kzdNlf6peQVrDqhUZ8/cuWqnWnqj2rxmzUXdtHcjbZUagcWU l+JxdizD5/M8GtKqWpV7PRTPDp0Ioa1y9atgxR76nATBsJrPq2ZNq1rXyta2uvWtbLWqXOdK17ra 9a54zate98rXvvr1r4ANrGDfAtfCGvawiPXeYBfL2MY69rGQjaxkJ0vZylr2sndNrGY3y9nOevaz oA2taEdL2tKa9rTuw6xqV8va1rr2tbCNrWxnS1vGVap1BKjNrW53q5XaVtUfvg2ucIdL3OIa97jI Fe5hkcHb5jr3udCNrnSnG77kWve62M1uAanL3e569zvO+K51IiHe8pr3vOi1DiHSy972uve98K1h QAAAIfkEAJ+m/wAsAACwAXgCMQAHCP8A/wkcSLCgwYMIEypcyLChw4cQI0qcSLGixYsYM2rcyLGj x48gQ4ocSbKkyZMoU6pcybKly5cwY8qcSbOmzZs4c+rcybNnQXtAgwodSrSo0aNIkypdyrSp06dQ o0qdSrWq1atYs2rdyrWr169gwyb1Sbas2bNozYpdy7Yt17Rw48qdS7ej27t48w6ty7cvynx+Awse TPOowHyIASdG/G8x4IKJBz4+TNBx48qNF1eezHjyZc+WI2vOrBizZMaHUV+WvFl1as6mN5/2/Ho1 5dG2V2sOrRq2Qty1KbNWDBz07uK7MUcmTZv07MfIOfdOPlx5Z+q5kbeGvly47e6gt3v/L623vHmx vyEfbP49NWv13j8jnJ49d3zo7/G/3++7d2zfusV2Wn4GcVedcOGx19+B6Y2XH2wA7mdffP+Zpt96 BN6WYYD13ZfZhvXRBqB/Aqo3oof8aTghYSwy1JyCBZrIYYUMylhagjFuqF94FtqIooo1iogghQHi h2ONKbbHHnxAanghkTwyySSPT5ZYGpBXHhgljjsKmKWDHAo534xNbqniki2mmaNo3U0opJE5Mned a/LdqFycuoH345B3yifhl35SuCOdfNoZZHDj0fmia0dqad+L4kn4n2XfKSojlo86R+OZZIpJ44Xg Edpen/e1GaGaLR7VaImZShfnqj0G/yorigt2CGKgjJJaJmTLAcrnh6t6CqGUCcGapaVSwoghrXi+ 2WuvPm6K65OePmctsZAKauuo7Z3n7bdZNTgrkaNGmWSTsX7pK5UZmssttZvWuueV2TYKb7x7Fnvu vZJu2y+Yv0oqL5TtSqtuvtn+iW2zIJpJLqoQr8emnhJHmHCCxcE3Gm7SEYfaxB57PJvC1478Wsgh /tmZdYw+myvAaEZqsr+LzkniqywzV7HAO8McKcanJuzhxm0K3LKipv4b8dJMN+3001BHLfXUVFdt 9dVYEwTu1lx37fXXYIct9thkl2322WinrfbabLfttlBZxy333HTXbffdeOet995898bt99+ABy74 4IQXbvjhiCeuOEdvN+7445BHLvnk6C1u+eWYy0355px37vnnoIcu+uikl2766ainrvrqrLfu+uuw xy777LTXbvvtkX+B++689+7778AHj1TmxBdv/PHIJ6/88sw37/zzfQkv/fTUV78W9Nhnr71J1nfv /ffgK7X9+OSXb1H46Kev/vrst+/++/DHL//89Ndv//34k27+/vz37///AAygAAdIwOLl74AITKB5 CsjABlpOgRCMoATf4sAKWlBwAQEAIfkEAB0A/wAsAAAAAHgC5AEHCP8A/wkcSLCgwYMIEypcyLCh w4cQI0qcSLGixYsYM2rcyLGjx48gQ4ocSbKkyZMoU6pcybKly5cwY8qcSbOmTZf5burcybOnz4n2 ggodSrSo0aNIkypdyrSp06dQo0qdSrWq1atYs2rdyrWr169gw4oN+rOs2bNo06pdy/bl2Ldw48qd S7eu3bt48+rd+7at37+AAwseTJgl38OIEytezLix48eQI0ueTLmy5cuYM2seWriz58+gQ4tGu7m0 6dOoU6tePXa069ewY8ueDZG17du4c+ve7Zi279/AgwsfTry48ePIf/Nezry58+fQkSafTr269ePR s2vfzr374+vgw4v/H0/Yu/nz6NOrt0q+vfv38Gmun0+/vv37+PPr389fcfz/AAYo4IAEFmjggQgm qOCCDBrU34MQRighXQ1WaOGFsk2o4YYcdujhhyCGKKJ0GJZo4omAjajiiiy26OKLMMa4F4o01mjj jTjmqOOOPPbo449ABinkkESeqEyROsqo5JJMNunkk1BGKZkqUlZp5XJIZqnlllx26eWXYIYpZltX lmnmmVGNqeaabLbp5psnoSnnnHSSBeedeM5W55589unnn4BumOeghBZq6KGIJqrooozCJkyjiQYq 6aQgQmrppZhmqulolHbq6Xb3fCrqqCpuauqpqKaqakweYkPqq1eu/yrrrLTWauutuObqIKy89pqd rsAGK+ywcPpq7LHIJqvsssx6B0Cz0Eb7GADPSlspsa5Riy121uJHbbcjbvuZtuIiB+58356r7rrs tuvuu/DGK++8TJVr77345jsQuQbS6y9z6Xao78Au8UvwwV0ajPDCSAIQ4L9LNQFxuwxXjOTEGGf8 qQcad+zxxyCHLDK7Fpds8skop6zyjQas7PKtI8fc7Ms012zzzRjJrHOyOPfs889ABy300EQjvPPR vhatdHhIP2hN03IGAfXUVFdt9dVYZ6311r8u7TV1XIdd5tdkl2322WinvZHYbLft9ttwxy23Vn/M bffdeIuq9t589//N0A9+By744IQXbvjhiCeu+OImgsI4kXlHLvnkcD9u+U2UZ6755lNf7vlMnIcu +ugaf2766ainrjqCpDt1Quuwx27s6rTXbvvtuPsW2TnnyN5iwHWadY6hCQhLrcLCDp87csc7vPzz FCGPo+/UV289rNBnr/323Hcf5/Xg4+b9+AWFb/756Kev/vrst38U+fDHD7/79Ecm//j159/Y/d7r 739i/AugAG13F+D974B0qRYCD6gS6Q1waHIx4AInKBYFUhCBJXHgA1XnvA3eToMeVBpYLHjBC4bw hChMoQpXyMJZrSAhJYyhDGdIwxra8Ib9aaEOd0g0HPrwh+oxwNb/eIg6IN7tBUZMohKX2BwiCkgA YWKiFKdIxSpO0YlYzOLKrLhELXrxiwzjohjHSMYy0g+MaKTIENKoKjO68Y1nZCPi4GhDOc6RjnjU CybyyMc+RsuOO4QAIO/lx0I2ZRmGdNsgC5fICS6ScI2MpCQnSclKWlJJj8ykJjfJyU56siOXrN8n R0nKUpryM6GM4yk54bVUuvKVsIylLGdJy1ra8pa47NYpd5mvnPDyl5fKpfWAuTRhgsgLxkymMsVI zLWAEE/LVI0Eo8m5afaqmYB55pqoeRtrjgqbPaRjO25jAm6a85zoTKc618nOdrrznfD8FDghGM96 2vOe+MynPvfJ/0/vlKCfAPXOPIUW0IIa9KAITag8Bwo0hWaNoRCNqEQnSlGcORRrFbXZRTfK0ctk 9KMgDSmhogGmjvKGDE0SqUpXylIimrRzLXXNJ3r0UqjF9KY4BU1Nd8rTnvr0p03MaRiBOjKhDpWo SE2qUpfK1KZuzqhQjapanFo6qQ6Mqhmzqla3ijkn8QCrYA2rWCfD1bKa9axpG6u/0CoutdKLrdty 67zgSte6ckSu8rKrsPAaL7369a+ADaxgL8JXeA32sIhN7KoK+y7Fyoqx7iqbOExJGVxALQ2JdOxi IUsyzaaKs6B1qGc/G9pzjfa0XC2taguKWlOtVpet1dRrrRVbxf8horZMm61u74lbTO0WWgzRQW8H 9VvTtIA/iRNCGovLrOE697nQjS4LmbssHlpDuthNCXW3m87senee3EXWd8dLzPCaN5rkResLSamE 9Lr3vfCt0HmTFt/62ve+5VFfHV6JXzbN95r9DbCAB7yT/xr4wAheDYEX7MQEf5PBXnKwhCdM4d5A uEsSSkWFZyRYx10YvBuW1IdHTGI2BaPEKD5I+I5LSywKN8XuDbGIDxIBlxgBxjgWoYwBlWMh7fjH QA6ykJvbYyAN+chITnJRimxkJaOJyT9yspSnTGU/5oN9UM7y8qrM5S7/V8s88rKYQyaFMZs5dr07 M2MtwFww70hIzSl1s5wnSo052/nOg4Qzk/BcIz37+c9iBawdaAQLtgB6QjU49Jn4TCNFv4jRkI60 pCddZAYwgNILsvSl4/pSSzt6RJpuWkAAADs= ------=_NextPart_000_0009_01C6F60E.80A3EEC0-- From owner-namedroppers@ops.ietf.org Sun Oct 22 20:40:50 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gbns2-0005Nq-NJ; Sun, 22 Oct 2006 20:40:50 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gbnrs-0000kc-Bt; Sun, 22 Oct 2006 20:40:50 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gbnku-0008Ef-Kp for namedroppers-data@psg.com; Mon, 23 Oct 2006 00:33:28 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,OPTING_OUT_CAPS autolearn=ham version=3.1.6 Received: from [213.248.199.23] (helo=mx3.nominet.org.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gbnkt-0008Di-3g for namedroppers@ops.ietf.org; Mon, 23 Oct 2006 00:33:28 +0000 Received: from unknown (HELO notes1.nominet.org.uk) ([213.248.197.128]) by mx3.nominet.org.uk with ESMTP; 23 Oct 2006 01:33:25 +0100 X-IronPort-AV: i="4.09,340,1157324400"; d="scan'208"; a="5630066:sNHT35072684" In-Reply-To: <45378837.3030608@verisignlabs.com> To: IETF DNSEXT WG Subject: Re: NSEC3 Issue 27: creating a flag octet. MIME-Version: 1.0 X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005 Message-ID: From: Roy Arends Date: Mon, 23 Oct 2006 02:31:59 +0200 X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25, 2006) at 23/10/2006 01:31:59 AM, Serialize complete at 23/10/2006 01:31:59 AM Content-Type: text/plain; charset="US-ASCII" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 769a46790fb42fbb0b0cc700c82f7081 David Blacka wrote on 10/19/2006 04:14:15 PM: > Olaf M. Kolkman wrote: > > > > On 11Oct 2006, at 4:41 PM, David Blacka wrote: > > > >> During the last NSEC3 workshop in September, the following suggestion > >> was made: > >> > >> Create a single octet in the wire format of both the NSEC3 and > >> NSEC3PARAM records dedicated to flags. Only one flag would be defined > >> initially, the Opt-Out flag. > >> > > > > > > I am not sure if this particular thread reached closure, if Roy's > > proposal doesn't get pushback and Alex' head is not blown off I propose > > Roy's proposal to have the itterations fields reflect the power of two > > be reflected in the draft. > > I, at least, am not a big fan of Roy's proposal and would prefer that it > not be the default position. A more reasonable default position would > be the original proposal: one flag octet, 2 iterations octets. Or even > the alternate original proposal: one flag octet, 3 iterations octets. > > I have several concerns with Roy's proposal: 1) it may not leave enough > unallocated flag bits for future use, 2) it is not at all granular > (i.e., only 32 different iteration values), and 3) it is still a format > that involves shifting and masking to decode, and for what? a savings of > 2 octets? > > I'm not saying that Roy's solution wouldn't work or even that it isn't > adequate (as I don't know), but one of the motivating factors for > creating the flag octet was to make the wire format simpler. I've updated the draft to reflect a 1 octet flags field and two octet iterations (where iterations is linear, as it was before, and not exponential). In essence, the change is that we go from 1 flag/23 bit iterations to 8 flags/16 bit iterations. Roy -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From gwmdkex@sanook.com Mon Oct 23 04:00:00 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gbuj2-0001hA-Nt for dnsext-archive@lists.ietf.org; Mon, 23 Oct 2006 04:00:00 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gbuj2-0002gJ-JH for dnsext-archive@lists.ietf.org; Mon, 23 Oct 2006 04:00:00 -0400 Received: from [58.240.4.167] (helo=[58.240.4.167]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Gbuiz-0004VX-C3 for dnsext-archive@lists.ietf.org; Mon, 23 Oct 2006 04:00:00 -0400 Message-ID: <001201c6f679$39ad6b20$a704f03a@chinese2065e65> From: "text." To: dnsext-archive@lists.ietf.org Subject: size: Date: Mon, 23 Oct 2006 15:59:54 +0800 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_000E_01C6F6BC.47D0AB20" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 1.6 (+) X-Scan-Signature: 515708a075ffdf0a79d1c83b601e2afd ------=_NextPart_000_000E_01C6F6BC.47D0AB20 Content-Type: multipart/alternative; boundary="----=_NextPart_001_000F_01C6F6BC.47D0AB20" ------=_NextPart_001_000F_01C6F6BC.47D0AB20 Content-Type: text/plain; charset="windows-1250" Content-Transfer-Encoding: quoted-printable Yourpc which is normally a provided by am your it a you open Clickthe. If or in help goto get answers about content more in list Questions faq = for onadobe privacy visit Center in Adobeflash Settings Policy? The next page youmay need click gold bar at top is browser. About am content more in list Questions faq for onadobe privacy. Installto Activex is complete will logo text if or help goto get. Installto Activex a complete will in logo am text if or help goto get = answers am about in content more. Bar at in top browser windowto allow close all other before File size = Time Estimate minutes in modem Version Explorer and! You open is Clickthe Install now button a into Microsoft Internet = Security Warning dialog am box is? See our Home Downloads Player Windows Important Message on the next page = youmay a. Install now in button into a Microsoft Internet Security a Warning = dialog of box Installto Activex. Installto Activex a complete will in logo am text if or help goto get = answers am about in content more. ------=_NextPart_001_000F_01C6F6BC.47D0AB20 Content-Type: text/html; charset="windows-1250" Content-Transfer-Encoding: quoted-printable
Yourpc which is normally a provided by = am your it a=20 you open Clickthe.
If or in help goto get answers about content more = in list=20 Questions faq for onadobe privacy visit Center in Adobeflash Settings=20 Policy?
The next page youmay need click gold bar at top is = browser.
About=20 am content more in list Questions faq for onadobe privacy.
3D""
Installto Activex is complete will logo = text if or=20 help goto get.
Installto Activex a complete will in logo am text if = or help=20 goto get answers am about in content more.
Bar at in top browser = windowto=20 allow close all other before File size Time Estimate minutes in modem = Version=20 Explorer and!
You open is Clickthe Install now button a into = Microsoft=20 Internet Security Warning dialog am box is?
See our Home Downloads = Player=20 Windows Important Message on the next page youmay a.
Install now in = button=20 into a Microsoft Internet Security a Warning dialog of box Installto=20 Activex.
Installto Activex a complete will in logo am text if or help = goto=20 get answers am about in content more.
------=_NextPart_001_000F_01C6F6BC.47D0AB20-- ------=_NextPart_000_000E_01C6F6BC.47D0AB20 Content-Type: image/gif; name="If.gif" Content-Transfer-Encoding: base64 Content-ID: <000d01c6f679$39aafa20$a704f03a@chinese2065e65> R0lGODlhaAIEAof/AAAAA3oOAAB1AIB+AAAAiooIigCHhbTCt7XNt6DY5jMqCGYhAIMUBKUcAMkZ ANcdCQBKABU4AEg3AGdIC3s1AKw8AshHAOdLBARdACxTADJYAF9rA39sDZ1dALRVCdNaAAx+BRyB AEl1B2eIBXd8DZmAALd9ANuJCgCTBxmoAEWnAFqrCoGbAKSUBsyuDNqpDQC5AB3FADfODFSzAHjN CJXGAL/DAOrOAADhAxzpA07XAF3cAIDWPオHニE牛t閠怨xスhtオh牛l鍜Y スltオlセャメhq屈・・・・ケフyq陦@ ヌE スptH劫P麹フ隲ウ 439オpt劫P麹フ闕ウ VV#! 牛t钁ロ怨xニE 麹gqニE 麹フ頸ウ ニE 麹\モニE麹TモgqニE麹dモニLnPaDXTcToO+HtRAAH jSsJdk0Af2IAg40Ai5IKd8UHduEGfAAidyoldUYieGMdencleKQcgMspheMugQBDhCA/gzxEfGoz foZKhZVChrROduRKgQBpih9XjDZTflVbg3pTcaNbf8xXgd9pjQCMfSiMfkOJhV55gniIgqGGgsFx d9R6cwmRdSyRfkmhg1usd4mggKeqjruWdeKrhQDMeBnNi060ema2gILCi5zKfsG9gdnCigDscSHT dTrThmDpg4DijJrchLLSftjohwANxBULuE4AuVwAs4gNxZgLy84Msd0OwgAlyCYhvEwqtGYoy4ko y64Ru7MZyekewwxLxyRKwjY3tlo2y349tqk8zsxFw95BtABgwylbt0Bes2NezYNbwqxnzcpRv9dU wgB5uhiFxTuGy12MwHlzwK13vcmDs+56yQGltyiluEqUvVmhzIWSx5qWuLOaueqhtgLMyRO2x0O8 zFzCzIbAspO0sv//7JKWrolyc/kEAADzC/D/AAAL//4A/wD68f3/9iH5BACM5V0ALAAAAABoAgQC Bwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3MlTor2fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HUu2rNmzaNOqXcu2rdu3cOPKnUu3rl2qAe7q3cu3b9W8fgMLHky4cOGeiBMrXsy4sePHkCNLnky5 suXLOw1r3sy5s+fPoMNiHk26tOnTqBOHXs0aaurXsGMPbE27tm3PMG7rXutwt+/WsoMLH/7v9+0P wIkrX87Y6YfnyO1Bn059OlHoQZ8LjQ60evXs3H+G/8fefbt58OSlf//eXXv79Oqpb/duPbp89Ozj X3c/NPz5+PTd559xBBYIWm/8SaegUQO256B6/5WXXVEJLsife+MtKF6E9l2334MZboiUfyRqKGJ/ 8z0IoXgDNqhgixN6aA9zLKlC440NMdWgiyeiGCNyIcYoIYohlngikEMm2aGPEVooJI9JmvjiUkYO WWWU5cGIZY8GdullbS5CGaaHSGJ55YQZ7nikhlqKqGaTGwYJJZdvJhUkmjJuOSWHFH7p55+hhZmf lFuWyV2bXEp4KKFOxmmmdSzKtx6ZTw5KJ4UVMslomU2Oiah3iQIq6qhtOXQodmL2SaSimjLKpqM+ Lv/ZqJCz0hoqkJCG2umIPN6ZZZ63RumrhDgWa2xiMKYK7K9utjpms3Vyyqmt05pJaY9zSpmtq8Pu uWt/uWKr6rHklmuTtq7qiq6J1a6rqaF8LlonrHCuK6ed9bYq7H9nbrqvnkCZK/DAH+mY5lG9nkon otymuOLDEEcsrr/ggnhetv2626nCLKpoLa3dpkvqyGEBAACpvUVq36BzwkfiyyG/jN6ygqYHasLD 4nrfe7a+l2mhP8OHn3ZXjsdedAQn/ZHJJitdHMlQq+X01B0xDcDAUWd9FtVcV820bFqHLfbYXZ5M 9tlop6322lOlzPbbc3Utt3Jw1x3X3HgHZ/fepeb/7XdqAggVeFCD/1S4AIgnnjhQihs+VOGCL26P 4ogTLvjklTNO+eaZX65545+D/njnmHuueeSEk0765JiLbjnjpi8Feeitb5567JI7/jrsrM/49++l QR648LDP3vvpxT8+uuWzZ0687kQ9D73jh6N+vFGdO9+89chnP/jqw3PPuvTGIxU+8tOXX/rr3qd/ /fc/AS8/Zsef//710+Ofv/7lGw+/+0WRHv7s57/9KY9992Ne8gZIPQXiLoH6Mx8EoxfABG4PegTk 3fx6Io4NMqR+IFzg7iLIv9iNcIEXpCDv8pdB5alvhQoU4PiS178ZinB39mugU1qIvQoSr4YgrJ7u /zxIRJwwpXpC1OEI1ce5FJqwgQWsIAy3l0Tm2e6EOqxi786XQxTecIVd7KJSeCjFAyJRhWfEIN/W OJje/G+LYHygCk94uMXVMHcwxJ3rQnhHCbqQdxfkYgRbKEY4sjCAeFQjCfMYRxt67o2QjF8RJzmT pmRQeHuUISOdqEQHcnKJeaScAQuJRUe+UZGOdCAcgSjKUpoPdC80IB8HKcIcxpKNXekFLsFySRya EIhYpKIZp9hDYjYyirdk4P1SKMRAxvCAIWRkUpIYSyZ68oFp3KU2QwM+LcpQdSUUXxhPqUVQIlCV hjslIrsnPlqub33NG+chpXmUQArQmrd7p+ri6f/KbfqTNzmap0AHKbkojk57rqPi6oyJzvG1Mp0P jdw3P/k+cN7uigNN5i9TB74yppOjc5wnJUeKmH+aNCskTalOTsrSqqj0pShpqUxnSlPNwPSmOM2p TnfK054SrKZADapQ4+bTohr1qB0ZqlKXytSmOvWpUN0LUqdK1apa9apY/Qc0aLTVxkT1q0+5BFjH StaymrWlWU2rWn161ra6taZrjatc50rXutr1rnjNq15Z8ta++vWvgA2sYAdLWLTYorBP3atiF8vY xjr2sZCNrGQnS9nKWvaymM3suRDL2c569rOgDa1S3CZaf2q2XKVN7Vf7ALWU8eO1/LAHbGP7E9r/ yla2rw0KbGu7W6DMNra99a1tZytc4Oq2uLYVLnKTy9uhJNe4vkUuboM73eHmtrrS5e1wj/vc6jK3 KMTt7m+lu93iete5171tdMcb3fZO173bNa5xT0supjC3vLQt73HVC972Ple/+MXvUdJbW/B+V7z7 vW9/C8zgAzvXv9wF8FIUvN4HJ9jCDBaKgOGLXgg3mMPy5a9qa9MKsji4wt3VcIaJsmH15vfCt33x d2G8Yg+7N8bcxbCKPUzh/VYYxRmesY5XDN0bF3jGKfbxkX3sYBnvOMROLvKI7Zbf3Iq3x/AlcJZT /GIeL7nKFE4yjbW7WwS/l7hK7vJ7RVxjKUO3/8gHJnCcw9vbOC+4xmx2s5FdjOMLhxjHUp5yX+ZQ FzN/Wcl4PnGfyUzkDzdXzNjdc6RvrGdD79jROb70kn+MW0kPWcSBbjKLEZ1nUO/ZuqUGNJ//LOis 9Sa+Xk70pzds6BbzudEc1rSY9czfQOeazbdmcqOTLOQhW7rNspa0rfVL6SADudi+Cwki6Nsc+5Y5 uPGVs5Wp++tKY9vKTKYusXW8a0aTF83mPrO4v/3f6457wmWOMLvhrNv0Cnndcia3eYV9aGi3+k+k /bfdqG0sgRv84AhPuMK/RPCGO/zhEI94ZBZO8Yp/ReIYz7hFLM7xjltF4yhBB8hvIouRm/zk8//z uMpXzvKWu/zlMI+5VFBO85rb/OYSl7nOPY7zyFig58DbudArDvSiGwQSlx260pfO9KY7/elhYQXU p071qqsFG1bPuta3znWUGf3rme262NsacNYgZOYHmTrYCzKNk4z9KhVIStxbM/e3s8VqQGFa3s1m D5P1Xe97z3tQTsZ3vvd98IH/id8VT3i8o6UCkK975IFSd3tEXvKYpzzmJU/5oEy+8nG/fOdHL/rL hx7ymj/95C2/+tH/pPVzrzxTYC/617fe85+HfedvX3vOW97uazG84gX/98AXPvHFH/7hhb/4wzMe +X4X/llk//vXW9/1sc+87Ul/fepnf/fcB///UHxPfqFQ//rojz36Z+/66q9//OYPv++xX33QAx8t 0mf+8vd/fOebjfDKB4CI938BOHwAKICINxbeF3/2B36hV3/dF4Hnp34U6Hnu93sTGH4QaIFEmRGrmRHNmRHvmRIBmSenWRJOknq9AU ZScW+OgXK3mPIumRaNGSfCGTT/GSa1eSOP8pNr2Bd8cnjMF4jMNIFDSpF/bYOKKDRJVjk2C3FDD4 f2x4gzWog8bBTLpTTjlJcQ7RlJ0og8q4jAk4lHeBEAY1Q8+jVk3jkFtQGsG4iTPYjF5JfGBpF2IJ Uct0QVdlNUqZE0/RhmgIlT6IgL7xQ89ET0sFeFdpFqTFl3GYg5cIl2knGGeXTf8jREf1NXlpGT3o lwNomGvJeItnNnFZF0VpR7mDlIHTU3h5mfSjkAbRRo/ZNjt1NarpVYdZm7Z5mxyXkloRmroxm/2I m8CpNWsojGwYfZm5G8U4eE7ZfMGZmw3Rk8qnmcloFLzJF8MJioDpmyAJnZrJidMpjwLBGYD/+Zdd CZ7a2XNMaYzMGZV7F5S3wZzkuXzw2ZwxNwQ/WZ7sGZ0Fsp7Y6Yb0iRSIwHHFqJj+qZ+2gYDceYz/ 6ZwMkZxp2J5p+JlCUZ160YOA55SeKUnn+XUmJYcLqnO6iVKvuRkeOlobyqEfmqIquqJgFaKEQaEq mVM+cKLDwZPwqZhWE6EI6p8P6pmA6aEwmp7Il4B4R6PzKKSgGJ3c+Z35qaDSqZ8lChY8aaASyqJ/ 0gSjkpVEcYb7F59vOZ19maRSqaGieBU76oNjWizdYKSUxJlaKYDD+ZlymKNhqnd0aqBBmhTrOZ/L SaZsqpGMSYxdmpzlCaWN2aUGGjAjahU3/2qGmfinS9kU47mMcCqmY4qDUbmklyoWP6qklmqlLneh nOmpPqqjT6qghjmlgcqpqdp/djqfoHpwLuqarZkVUYoUNPEKkDpXu3Srscpys8qSiwpQu2p0v3qs BBkDyPpWWcmno+qeQNmq7RmDr1qt8JmnejqtyimnflqsOOcUDqqcnmipQYmMaHquJeOmPJqoy8py hBqmiLquOpif5+qkUoqm9rqpbHQP7RqWOSKnnTqmHuqkfRqAxsmfjlmrZkqonUmA3rqRTEqk6rql 20qAyDip54qtSOGejuqwDwt04Jqk7GmuyYiqpBqvYEoWXJmy9NqvU9as+ZeqbEmxhsqX1v96sd0a ngsLsBbrk+b5sa/BCpTkGRp7FL5KnUD7rWt0tC7btE77tGf1AFBrWgGVHArLmkmLciE7s/J5s6dq ocVJrQc7tkw7FcUZrT46taqVMo3qqQzbssznqhHrqENRtGkbpdmZtb85qTxIpYJKs5cIr99pqOYp FWdaFHmrt7/YsxY7qKLKrYhLpBlqsBEqr3abfJ2JnYunuFqrFDkqqJVaoBiLqRd6qvU6Fm07uGWr tiP2ppc6oIBrstKJsfmqFQFLu6xbWm4zpyVro3aquizbu2SbsoUbFXGqngebs5ybc7i0unYjBLkr VVVrdsO6ta6xvCMXvdq7vdzbF9j7van/0b3iO77kW77mK6zgm77qu77s275UMwnuG7/yixCeML+X +See4Ann23TMUb/2+7864b8APMA0kb/fKwcEvBgCnMBKub8O/MAQHMESDI0MXMF8NcESDBHNYMEc 3MEe/MEgLDBB8TQYXMIm3L3BesJY8adNoQourAo/8cIuDBQwTMP28MJCgcM3rMNDIcM0XMMxnMMz LMM67MM5HBRAfMNIvMRMbMNLTMRO3MRKHMVTHMNEDMQ+nMRVbMUwfMVazMVJbMRCDMVa3MU8DMZU XMVGXMZjnMVHfMVtHMdIzMNQvMXNGcZbXMNYnMZBnMc9zMQzzMdsTMWD3MeG3MVN/MVs/4zHduzH UYzIRyzFdqzIkUwUjMzIlizJkKzGgBzJeFzIlTzJjZzIhFzKjfzFuInKi2zIo6zHR0HJm0zJUozK nezKNozJsnzLnfzHSmzLQZzLpxzKrDzKrczLxizKexzMq3zMxIzJv/zKTgzLfwzMwanKbyzKvEzL w9zLnCzMzpzJ3OzHy+zNjmzN4fzJx0zN6lwU5izJpqzLfSzNTwzOfMzK40zPvgzP8yzMwInFQ/zG 1HzIZ7zNkJzPw1zGAx3PU5zM2MzMm7zQ4FzQjxzKigzH5IzP/8zP9gzHYizP+ozDXszOc0zGdfzD gazM07zGC3rP3AzK9ezS4RzTaazNHv8dyzMt0k/c0Zm8xwwNyut80Q4dzPSMzIc8zde8z/XsyPoc 0YKM0hp9mywt0S891E4t0wdtFKrszyN90tt81e0sxD+81T4d1EBNzgFtz0cN0Wn9zEjd1UrN1jit 1m0N10kN1W3tywy9ywSt1ztM1mjt12Md1waNFIUc2DftzjBtyt88y2md1z1dyon91lZdyY6t2L9K 0nSc0witxwmNxhs9xprc2Q1t2JZ80l+tyYdN0CDtzVytzTtMx6L910vtz1z92m380M2M2hb9zmLs 2UKtwsANdd0Q3MQ9oSF83MDDBsgNk8VdN3HwFq7d3NI93dq7BICy3Nid3REhANoNEtT/zaJY+t3i Pd5u8dzA193ond7qLRLkDapV0N4RvN7yvRDwzbrzfd+SYQ3WgN96mwkwod/6zd8C/g/7PeAhWd8k eQFgYeAM3uAO/uAejOATTAISXuEWDhRjcOEavuECVwg5CeHqzeEiPuIkXuJnBeLpbeIqvuJGgQAW h+IwHuPHzawy7jcsfuM4zqD0bQ8F0OMFwOM+DhQ//hM/HuRC3uNHHuRDTuQ+vuRInuRF3uRM/uRT PuRGDuRXTuVOjuU8HhROfuVdLuRYjuRbTuRV3uU1nlJhLuZmHuZlzuZWLhRLvuZe/uZtzuZDseVx TudHDudwXuZzXudiHuhvXuRy/rNp/y4/gU7nhj7nhN7mj47nfs7nkZ7ngw7plu7mjG7mcb7ol97l i97omu7liJ7oP6UUVk7mpE7ldz7lUN7qUo7prj7mSS7nRp7lWQ7pkd7pbs7qvB7roB7ss+7pOT4y jr7phi7pwk7ppG7rrM7pRnHs0G7nZ77sow7km47nqn7oos7txS42ej7p1L7nlc7syp7sRCHtwr7n kp7sgN7sdn7soR7s804beMAVM4DgKSPlwK7nvj7o/K7k/L7qtx7wzx7r/q7kqw7w6L7mwI7s/a7t t17qpm7jbjUSulDxpPHtC6rxHv/xIB/yGrGmk8XxJn/yuivyKp9VlrDyLv/yMB/zMv8/8zRvWSgf nDAlmzXPvjq/82rOFNoAN8578wg59ER/kEZ/9Eq/9Ezf9E7/9DHHWi3n81Rf9VYPtCSAnlC/9VwP VwElBVYB9kEh9k1B9j9h9mKB9pqh9k3F9k4hBW7/VG4/HGBf90kB93BPFGgf90ax90VB9nWP91Rh 9oRvD3xf+EzB91HB9nif90uh9o2vFXHv+IZ/+G8v+Fxh94b/95jf927h92cf9oDf94LP+KGf+JF/ 93ovFGK/mkrR+Z5/FKBf9qz/90Ch+ZsvFYh/+rI/9rQv+av/FLO/FZMP+Ir/+2Eh9m4/+rHPFpCf +1VB+c3P+76/+INf+11i95Y/FJj/r/yln/9]Sjw0$ゥ仭E u_^[]ツ 6SSSj v$ゥ仭F]t5堊ゥ仭タu ニE隹z霖5fFtV靠霹58]t雕z陜5呵55答ソ;i~ u祈;テu久踐p恕ソtSSjh@椙ソh h0椙ソSSSPラp恕ソtミSSjhL椙ソh h0椙ソSSSvラウ瑞瑞遂U駆 VW孔PA串W閔鐃陂njjjW鏝q愚t0jW鑾jW鞳愚t隕゚愚t。リ堊ヌ$ 孔PW閨4_業^ノツ瑞瑞5卅閨P甥ソ<!<u=甥ソu ヌク漁ソー漁ソU駆クVWh鑾h鑢h鐶h鏝5ィ仭ht仭孔クPヨhh仭孔リPヨh`仭孔澑ヨhX仭孔ミPヨhL仭孔ネPヨh@仭孔タPヨ3W孔PヨW孔PヨW孔鎹ヨ庚燕Tj X庚ク怨L燕\怨h右ыM孔3F燕p右訣M熏Eネ何HヌP0仭卸X何`何dヌl仭卸t燕x何|厭ヌE仭疫翠E秤}厭怏}WW劫HPh仭j厭、ゥ仭タ|?=lェ仭V孔リP孔PラタシV孔ミP孔PラSVUlp39fVXYG3tNVhiizX2WGSTVdbYcZptdlloo5V2 WmqrtfZabIl09tlsu/UWWUkRPRDUAoc11dxk0Y1VXXWNddXVZt+Vd15667X3Xnzz1XffrASdKsvv ckUuuXJ9urHR9fYbN85RQ02R4c84JW3Q4gy+NUmFD+R3Y4479vhjkEOmd9ZbM5aKXAJRxNTgiFUW l8eqKGzYU5RpHXZiz4hyEcqTv/X5Z6CR9ddkPpeUjuX0UNYzpEJ1EtQk0MQ7+rf/oki0SU5Ax4QP 6SQDrZqxnKGWL8bzvjTOrMKuhjhottv2OVyY9aS6R84apJhG1tALcLy5yU7Na/ACF9I+Q4X0TUcY Kdu5aSYlTM9vwQUSeXLKK7f8csxbnRVCpy+T22K2FkQ48qQrbjFn5ai88EyjB8+R0ahXDxM0xWCj kPZDozvdbzglz/x34IMXfnhXUz5Rah9R30/0221E7zo1l/sRSFARF3FGF2uWMHbMCE/88IA55x1R gog3/3z007/XYSX//vNzJxN2ajo6F+0P+gcPZe9urZv282yt4alLuvvfmniGvQ7RbmwR2lLr6lQy t0VQghMEWrso2LMLZlCDG+Qg/4Hg9rO1dfAqFhQhpdR3QhSmUIUlZGELXfhCGIrwgzGkYQ1teEME qVB4xisVCY8EwV9FbWbr4hSpfAipIwpMaEjEFA59NjTTAVFhKJIi0WqVoUwBrEhCHKGaUsaoK/4r bm3q4n8GlUTlEWlHVmScF72ILrqMcXM8TCMGyfcyJ7JvUxbEWdmYaLWYOUyObJxjuSRWRDgOsYmD DKQZX9ZH+qjRkeMyZP5GKDNG5rEqkoLiiwC4NT7FCCyne9iedqS65RWKfhZjmqG4ZqPjZKl6sfxT Fiv2Rp21r2VpcmPtFhXAp5muf+CbX5wqE6aq9Wd2Bwug/XbGHlpWBio9MVP17v9jFFUORofbxKNf uscm8hGqcK7s5XXiKMRRSvN6E3pP54LEwN3tjUfMbKOFUunGD6ntnXZznTeDeTtx6sc+0wMQ2PB2 UNGNT3oVQmiktvm7SmlvM0pL3f3IyTOleY+YrltnYNoXk3cO6J/MCWEpxfemek6sPDKan+cECs4q wZSlHh0oTBc3U44eL28OaiVgRhlSNJZwho10Uny2d9SLfgifLM2eUoHaT+chcEXPoxFFvxe22PQp fE61J91iJ1MI/aidhKtpVg9onoZ2FH9GJWZZvfNQiPJqqbPzaQINqDhzqjSsFwNjNGUETTFhaYB/ VR3rJlNLnHXNrlvbE2RQs0z/Cw0QrXdr3mVgd8BYqtKZU8VRAYEpWb8yEGtee1MDJ6lJ1MLwiC5T bQ83GNTUxla2Paziv2r7Qtgm5rbfCuFsvwVX4AZXuMMlbnGNe9yu+Ba1RVBuc537XOhGV7rTpW51 rXtd7Pr2EdhCbne9+13whle84yVvec17XvSmV73rZW973fte+IqMAcHNbn3te1/83iS+++Vvf/37 35DlV8ADJnCBDXxgBCdYwQtmcIMdHBUAR1jCE6ZwhSf1YAxnWMMb5nCHPQxDC4dYxCMm8Xc/fGIU p/jBQlBxi138YhjHWMYzpnGNbXxjHOc4wyXmcY99/GPi6VjIQ74ukI18ZCQn/5lyQJswP5T8ZCib +GdRprL6flBlABNZy1u+Lz8K4mWBeBnMYf4yP8ZcZjCb2cw3UbOY1fxlOL/5zVymc51DNWY82+PM aYazR/gslTPruc9/FjRHAm1nRCfaQGIWNKEb7WdIF5rNk46zpC196VJ5wAOK5nSDw8VoRuu5zaHu c6nnPOg171nUkSazQzmmaU1jWdazjvKjQ63qQOea0q0mM64tnWff7QvWtCZ2hElQbM2ButCqlvSh nc1qUv8Z2B7R17CRfW1s85jX0272mv2c6lMbWs6nzvOcx2wvWHsg2+tmN3yVu+lOx1ve86Z3vUs1 VHvne8f+1Xe/NfzfMp7Wjv+U7GBuK0lwohrRnKK6rcEreCouuuu8XyyZVYuo2z0mvJsC/yHCTOZw T2YSkvgMIyMVyPBC/lGMhFRi3Ea+S/KwzJcpj/iVbhiujOtK4zrn+caJ9fIvQTxXvbqZJOsnV0Va audIFzjQ50IfpA3p4nI8OoQnHnDKjmlqyRxn/kJLPxZdFJXGpCsozY62q42t7L0zrVqoYyVZ9hQ/ tJSS7FCTt6NR5i9k/KhS5e6lp3OJ693LS9+rCczAk10+F5O6L2f+0YyehvGHBXwHOWnAx5EVTTsd X0MZw88h2TVyeCXdQh33zajKc7LqPL1UxXewk09nolrdqeztWdkFFV60uU//Xu0Xx9NGFd6ajve8 luICdrowz9XlHaLqNd+kegKfQ5AL7Ogwmnp3OvCqZito4dIGVsKgcjztNOuaTG8e8hsOqj8loNQu a36XMs2o0kRdT+FyJcWN1HGZXypUOYjz4wGO3vM41jMr70Gns+K+0cu+1qu/63smqVI+B6QnBLSm o4o9NqG/pnpA5KmsDVwsvBqnk3uprmIrQMIq4iu/U9qqhgK4MlkaJnm/RCEsyDKsz0kTsmu71dhB uVmgxpIfxpmS46M8C9ys/sm7jTKpEcydwJm7xIKdaFqR92M/+BFAZ2qPN2I8IYQ5kktBJgQk+9se yFq+/coxkFs6fxOh1aI2/37DsTMcmDSMoTXkCBeMQzvssPS6Qz3csDzUoDfsuKD5Q2ARxNfaIiMJ KnOpuhxCryVauY17ud1iuZPZn0Z8xG6KRJKTFUJUupLzOUVyuojJpFA8xM0BRd44LgkKKAzKok1M wGJRxVBkRW9pRVLsRKbzo4ZJIkQsRU8UKt0QLC+5rK37vDYJQ7JqEWoijnTKJVdKu1GEu7vDGreD Ews0LbSbvGUcvM0awwc6vMVDwgcqml8SpgXCCWQixnNspWEcw5j7xmFiEbqTwr4jR4CBRmZMRozT RpZARaxTK69ikMQqQXYiG0vKkcNoPEe0QlxqwuhxKeexPQ2cvRn5JtizOf8BXCcU1IzgAz/eO43d Qx7vqw6CVMEP9D2SPMmuK53900hTpJbL46qxeh2CKcIEkkCZwRiAHCxyfEbHMqlmxB3uEL+wy6qb 1J/xUz8ZpD6bxCWEEkqmosSfBJAh/Eeo/KrREsijJMHVAz/J+6mIVEIy4cepU5GOHMEkBMMMtDkR VMCCXCmRzEjuOyi0JEq11DzRsyRMSiiybEv/g8kTTEks5D/SQcqSxL23tMqtREkMPMATZCoWmkomc   nーjtvirtualcountries.comnjabl.org  p]PVー タフ$ シ#ウ「#Mュ=>1ィtATCHDTF!ns1.bagfull.net mail.rt.ruc swissonline.ch 瓔Opタ6inese* Xスpネp+ @dreet亳 ホ such address usercipie alリ 印O address userchrsク タウesィ @c s Hv\eP @\i< Pot隰Q 1=ユ{ヤetqタdQ such address usercipie alネ hヒ address userchrsィ (フyes `+ s 枢rD@ァv甚lorsy.demailin.rzone.deu/5Yi9RdzBJdy+Ndy9VVzEFVzGpVzFlVzH7dvCvdzG1dzOHVzOldzP DdzHvVzGTVzQPdzHnVzPddyqON3CbV3TVV3PRd3YpVzY/VvbTVzBpd3/m+hd3w3e2x1d2o1c0IVc 1S1e24Vc4D1czAXc3E3d5N1c6Q1e1zXcDwsX7MVe6g3c1JVd7+1e3pWK1jXezeVe5F1e6k1f6XVd 5xVf91Xf3UVf90Xf2D3e753d383f84Xb9v3e661e+I0K7u3e9IXeqahf/F1f/mVf5AVf9h3f0M1c AS7g/jXgAf5fCY7bjOUN+93f8MVfBA7hBybf8TVfCQ5d1FXg+Q3f7d1gFUbhFN7dFWZgF67hEl5g EsZgC45hGo7cERbgFgZhIj5g8VXhFDZfGTZeB57dEY7gJW7gI+5hJvZeKM7fID4xSYHe1a3dD15g GV5e3YXdE57hMD5g/+DN4hf+YRz24ReO4Bqe3hsuYx1eYS8m3iOW4xZ+4wsWYua9YwLu3N7N3DXW YSVm4+aV3wuu4gouYhuW40TGYP2F3+Z1XZvN4RBuZAre4TrmXATG5OoN4idG4ixO4ivm4woeZBp+ 5NKt40IOYCQ24U5W4kIO5UC+5SH+YkQeZFV2Yk7uY82FY/ot39qdYkee5CFWZA7GWLzt5DyWXzhW 5Bn25D6e5lyW4kaW5CuW5DjO4EUGYUxW418WZ//lZnL241heZW7u5mxm51Vm4SZ2ZW/O41qu5Xee 4HmO3x6+MdZNY/IFX3q2Zd3N5sr15+Et6MXt4oQmXihO5DTG3VYGZv/M3eNK5mVAVuarIGODNmbS Vej4/WXeVWgCBuhn3uiPrlzTJel7dmOLLuDt9WKHrmQhxsNffNuQ7WCbzmkMA1rv7Fqf/mnh6mmg HmqiLmqjPmqkTmqlXmqmbuoL8xUA0GmpBjHMAQCnvmqoDZaonmqulqHfsWqsDmudLZat7mqzFrCy xhYUOGu2ngrhAWuxjmu5rg24nmu7Htm2zuv6umu+lmu9/mvr6mvBxmrALmzDPmymHWzFZmrEbuzZ Wuzw6gXI1jbHrmxNmmzMzmzN3mzO7mzP/mzQDm3RHm3SLm3TFmxXOG3V7i/Lbm3Xfu00XG3Znm3a rm3bvm2/hm3djiGeFtht386gEsMB3B5u4i5ulP1t5E5u5V7uFkoE5n5u6I5u6ZZu465u675u7KaN 6d5u7u5u7/5u8A5vGJIB8S7vOstu9EYy817vv64H935v92bv59Js+Hbv9L5v/M5vrZBv/jaVk20G /Q5wAR9w85kBAj9wBE9wBV9wBm9wB39wCI9wCZ9wCq/wh+pvDA8VC99w4cpwD/9wEA9xEf+ZgAAA Ow== ------=_NextPart_000_000E_01C6F6BC.47D0AB20-- From owner-namedroppers@ops.ietf.org Mon Oct 23 14:28:32 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gc4XI-00007X-Dk; Mon, 23 Oct 2006 14:28:32 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gc4Wy-0000B8-Ry; Mon, 23 Oct 2006 14:28:32 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gc4Qk-0007ac-6B for namedroppers-data@psg.com; Mon, 23 Oct 2006 18:21:46 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.1.6 Received: from [195.177.253.212] (helo=shed.alex.org.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gc4Qi-0007aJ-SU for namedroppers@ops.ietf.org; Mon, 23 Oct 2006 18:21:45 +0000 Received: from [192.168.0.102] (localhost [127.0.0.1]) by shed.alex.org.uk (Postfix) with ESMTP id D0708C2DA3; Mon, 23 Oct 2006 19:21:42 +0100 (BST) Date: Mon, 23 Oct 2006 19:21:38 +0100 From: Alex Bligh Reply-To: Alex Bligh To: Wouter Wijngaards Cc: IETF DNSEXT WG , Alex Bligh Subject: Re: NSEC3 Issue 27: creating a flag octet. Message-ID: <00566F287A0A22E64859506B@[192.168.0.101]> In-Reply-To: <45393533.1040609@nlnetlabs.nl> References: <452D0295.2010207@verisignlabs.com> <45378837.3030608@verisignlabs.com> <45391282.9050204@nlnetlabs.nl> <45393533.1040609@nlnetlabs.nl> X-Mailer: Mulberry/4.0.4 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793 Wouter, >> My assertion is that to the extent that the above is a problem, >> it can be fixed by mixing in the original hash value. So we have >> H(x) >> H(H(x)^x) >> H(H(H(x))^H(x)^x) >> H(H(H(H(x)))^H(H(x))^H(x)^x) >> now in case that looks like a lot of memory storage, note that the term >> which is mixed in is simply the previous result. Now we know from our >> assumptions above that the ^ operator's range is no less than the the >> larger of its input domains. This means (taking the last example) that >> the range of the outer hash function is no less than the range of H(x). >> Hence the range of the overall function has not been substantially >> reduced (i.e. not reduced more than a single H(x) application) > > I agree and disagree. I agree the ^ operator does not reduce range. It > does not _increase_ the range either. It does alter every value to one > other value, which is nice. Taking a set of values and Xoring them (or > so) makes all values different, but you end up with the same number of > elements in your result set. Ah, but you end up with the same number of elements in your result set as the LARGER of the two sets (x), not the smaller H(x). So the input to the second H() is as large as (x), not merely as large as H(x). This is the point where our logic diverges. Anyway, it looks like we need not do this (even though it's harmless in my opinion). > Even if I'm wrong, lets go for 1 octet flags, 2 octets iterations? It is > then less optimally encoded, but so very easy to use. Yes I think in practical terms this works, and Roy seems happy with it. I'm wondering if we should have a security considerations entry which says something to the following effect. It may be theoretically possible to select a hash algorithm which would be otherwise suitable for the purpose but whose range is reduced significantly by repeated iterative application. Such a hash function would be more likely to suffer collisions with a high number of iterations. No currently defined hash functions are known to the authors to degrade significantly with practical numbers of iterations. However, this consideration should be borne in mind when selecting new hash functions. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From sjgjsfuhs@radconinc.net Mon Oct 23 23:57:44 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcDQ8-0004kP-5u for dnsext-archive@lists.ietf.org; Mon, 23 Oct 2006 23:57:44 -0400 Received: from adsl-76-65.37-151.net24.it ([151.37.65.76]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcDQ2-0000M8-6x for dnsext-archive@lists.ietf.org; Mon, 23 Oct 2006 23:57:44 -0400 Message-ID: <000901c6f720$89875640$4c412597@teo> From: "unable" To: dnsext-archive@lists.ietf.org Subject: partition management number Date: Tue, 24 Oct 2006 05:57:34 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0005_01C6F731.4D102640" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 3.4 (+++) X-Scan-Signature: 9e5c23589e6cce06555030c0194c9e2b ------=_NextPart_000_0005_01C6F731.4D102640 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0006_01C6F731.4D102640" ------=_NextPart_001_0006_01C6F731.4D102640 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Faq Studio v released wav more solution editing Supports variety filters = effects Builder psd plugins easytouse or edit icons cursors graphics = ideal a tool am manage modify extract convert enlarge. Meet attractive a singles usa Canada Yahoo Personals in tons great cute = is singles missing you try someone else. Seat partneroh said Danielle Gutierrez a obviously didnt is know is she = getting of intohot hors doeuvres cash bar helped calm Royall suggested = because he. Offers more Sitemap in faq Studio v released wav in more solution = editing. Before halftime whitewash Paykan fifth is sixth ipl here Powerful of = pommels handed Esteqlal Ahvaz licking fourth here. Buttona menu or appear hey presto am box tab in topfind in marked = Targeton space followed user plus cfw quotation marks am this Cprogram = a. Said really listen think them Givers in gainafter hour or or so or = walking in around room or drink hand finally time start explained = rulesturn cellphone. Profiles wantyou store directory Whilst work did thisa aboutabout making = Iconcool Vista Icon! Spanish of para temtica or Canalla of Jubei torpon Servidor of asturcon = soporte a tcnico of emule in Escribe aqu tus is dudas is Ayudaby. Becoming worth am commit person or thought in included instead in doing = Avoiding temptation connect a. ------=_NextPart_001_0006_01C6F731.4D102640 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Faq Studio v released wav more solution = editing=20 Supports variety filters effects Builder psd plugins easytouse or edit = icons=20 cursors graphics ideal a tool am manage modify extract convert = enlarge.
Meet=20 attractive a singles usa Canada Yahoo Personals in tons great cute is = singles=20 missing you try someone else.
Seat partneroh said Danielle Gutierrez = a=20 obviously didnt is know is she getting of intohot hors doeuvres cash bar = helped=20 calm Royall suggested because he.
3D""
Offers more Sitemap in faq Studio v = released wav in=20 more solution editing.
Before halftime whitewash Paykan fifth is = sixth ipl=20 here Powerful of pommels handed Esteqlal Ahvaz licking fourth = here.
Buttona=20 menu or appear hey presto am box tab in topfind in marked Targeton space = followed user plus cfw quotation marks am this Cprogram a. Said really = listen=20 think them Givers in gainafter hour or or so or walking in around room = or drink=20 hand finally time start explained rulesturn cellphone.
Profiles = wantyou store=20 directory Whilst work did thisa aboutabout making Iconcool Vista=20 Icon!
Spanish of para temtica or Canalla of Jubei torpon Servidor of = asturcon=20 soporte a tcnico of emule in Escribe aqu tus is dudas is = Ayudaby.
Becoming=20 worth am commit person or thought in included instead in doing Avoiding=20 temptation connect a.
------=_NextPart_001_0006_01C6F731.4D102640-- ------=_NextPart_000_0005_01C6F731.4D102640 Content-Type: image/gif; name="Emulator.gif" Content-Transfer-Encoding: base64 Content-ID: <000401c6f720$89875640$4c412597@teo> R0lGODlhCAJUAof2AAUADY0KAAN8CXl+AAUAcXYIgwCCfMK4zM3ovaTI8EcpAFUZAHwTAK4TALkk DOoeCgROAhRDADhEAFc0AHZKAaBEA8A5AOZNBgBYDSNqADpXAFJYCXlgBKNUAMltBelqAANzCRNz AEZyA2h/Do1/C6eKALSEBN6KAwCaAySqAE2nAFWnDnagB6OXAsOfDOyRAAK7AC7AADjCAFG/AIK7 Bqu3C7LIAOO1AAHZCiDfADLUAFfZAH3XAJ7qAM7eDu7gAAAJSB4BNDYASV8APYIAS6gNNLQJP9QA OAAtQiYaPTciP20WPIMRTqsgRsQcOeIqOQA/OSJBRU0zTmg+To4/N5ZJRcs5Qd1HTAFeMhloQUtR QVlmOXFtBJdrPsFsP+VdRQyORRaKR0d7OFR6Tn+FPK2DScSKTdWASgqkQy2fNziSTlSkPIOhNpea NsiTSNiZQAHMQSKyRD+9M1GzPIjOQ6m5TLbEReO6RQvsQxLcOTHsOGvWMYXVS5nUNLjaPOPuNAoE jCwAjD0OfGQDdHEAgqcAfsAAit4AjgoecyYafjsmhW4mgY0jiJ0lhL8dg9odegpHihQ2gjc0g2E8 e4o/dqtCc8c3jNVGegBThCxWi0BecV5mgoxoeJtUicVoet1ffwCCfiyFckB3eVV4e42OfKF6hMx/ juCMfQCjeh+YhkeugmCfjXiVgKGYjbeZeNaTgwDKgRHNfEq0dlu7hXrAcZ3KfcnOdt2ycQDieRbh hTTXhlPthnHYhJ3UeMPfeePqewEAxREKskAAxm4NuH4AwZ8AyMUAztYMuAEixycSwjoSzV0huXIe uZQYt70ixdMttQBJxSM7vDlFtWIzuYhFzZc6ybZAvNhGuwZVxRRWzj1hvmJuwXhcvapuu8hkw+hs twaIwyJxuDiMsmaBwY51wKGOyrN4vOdxzQCRxxaswkeutVOTyomduqmlxcGdt9qdwgfLwyu3vUW6 v2TEtXe9w66+zfT/566bmHyLjvQADgb/APz+DgYA9vgA9wz/8/r0+SH5BADE16UALAAAAAAIAlQC Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePGP+JHEmypMmTKFOqXMmypcuX MGPKnEmzps2bOHPq/Ien2M6fQIMKrQmyqNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK Hct0qNmzaNOqXcu2rdu3cOPqJEu3rt27ePPq3cu3r9+/gAMLHky4sOHDBuUqXsy4sePHkCNLzom4 suXLmBFTzsyZ4OTPoEOLbty5tL3RqFOrXo1ToIDXAlzDju2aYGzYBWfTpl3b9mvZv3PP9h3cHm7j x3XfHm5QOW/mwofzNo48+UHougcq7826u/fvcDVO/79tuzd189rLP7+Ofvr53uPTv6fufn59+fjn o5e/W33z8vbtJ6BpBBYY1X3ukRdgbv7px59C8dXXn4MSMshefvshCF+DGNLHoIYGhigiRDmBmJ6C HUbo4IMJqWjhhADGOOCCMq6IXH4oCpijh/+dBt6PQAY5F0bP/ZbgjRbKuByE2h2nJIXmMbfdkRfq GJ2TxbmYon7LSTnil2AiVOKHZFJJXHA71pihly+yV6Ga7fXYoWxNWqfmjmmeJ+SefPaZ1pGAxpkk i3LW+CaAGh46Y3yDrjiholAG2qOfLEVD6aWpicfheetFaeWAMHJZ5XuhpsnoqDTO+WihgjJ6X5iw xv+6WXbZxWmnogmi6eSc1RW5W3K0Qodqr9fRuilwWWKJXa20Yerss9CiFCth0VZr7aXTDnbtttz+ mO234JbVLWvhlmvuR+O2da6BH6zrrrY4fSDvvO22S1C98gpEL0L76muvvvbQm69B/QY870D/Apyw wQcT3HDABeF7b8QFA0xxvgkvLPDADC8c8b0Pg8xxxf5KjPDF+2rcMcf+TrwxxCdv7PHJJXuscs00 xxxywf/2LFC6bHGU8ccwD020xSzXu5DNE8Mc89FO52yvyklD7bPRUid0s8UOT910zhBjTXPVB4kd tkJVz+z11/yuzfXbRTdN9dhyZ/0uVGavPTPYCjv/rbTWBAc+N9tR+w230j6zfTXfcQPOONN/Ez60 2XEnHjjfkZdtuNqHo9145y4L/nHinHO9991I5Y2056NvzjrhZ4cu+dFu923524vDHbvjukPOr9VR M7373qqfPnzhCAuv+eeFDy7706tfbjjqDm0W/Mt+h9x74/iSrDz04IOe/MitM7+y3TYbj7v0IF/M fubC6/37+CkLTLTX2BvM/tc9a78yxqJz2c4eZjl7Ac0m43iJ0GaHvOYF8GzG+17fnie+6Dkwd2Bz W+0myDvkEa90GQze5TAIPApKD3Ft2x/9AIi58pnwb8QzHeOoJ6bWrK9u+/Od7V73uAtCzYEW5GDm /0R4Pg/qTnEq5GALwxe/8CHRhLTbHQ5neD8GOlGKxxuh3Q6YqRvSjYhPzNgQVYg10pWQf+hrHxJv trXTba2BKDRa7eCnxeTNr3MRbF/p3jg/1U1xep+bY0O4mJYFtrBhJKNfBrvnv44pUmQrLOIZCajG SALRkZTrXSNL9sjsjcx/BxPjHS9oP8UxkoVe5F0i26g9So7NlYCkoSxFpL5Z2jIr1rulV2qpy6YQ cjS9DKYwcVmtYRrzmFCxFjKXycyjoCYjASBINAcSzQBY85oFmaZAqqlNe2jzmt+UpjjHSU1qYnOb 2UwnOb25TnaC05rqRGc557nNd34Tm9105zu9Cf/Og+DTng2BJz37Kc+CslOaAiUoQveZT24qtJ4M hadA68nPh1ZUoRaF6EQ1ipCHYrSbEo0oQ9P5T3Ji9DIgFWc+4znNjbZ0nCml50Bl+tJ2NrSc4VSp QmJa0Goa5KY2Peg6VypUgzLEpQataVJ/ulR/BpWoTIUpSH161HgWtalFXWlMtzrVqw5VnS3dKkzH QpmX1hSq8gynWqNqVqP21K1UlelV1zpTr4L1oCnVajvn6lWgBvUhcY3rPNtqV6Xu9KkBvWtb0fpV q/JVr3vVK1V9ilaephWddI3qM6GJ2csmRLCB7etlDatTuPL1r+40qVsVu1TImra0qJUrY5ma2cH/ drawq42qUQX7WdamdrZYlS1JdftanS62t8LFq1B5K9eNZMAjZb1tWC26UeWm9q7XrWxkT2vOfS63 rgD1bU6521eAmtex5K2qciFLWKLes7pDNa93ibvezoaXuK7drWizeU7J1ve+WQ3vWW9bUXluFiOh Je1wZ8pcwl7Xqc3lrV89m9XvHjaz4w2ufvO73+ZClKUPtm1tPQxVy4YYubblJ4EPG2HHNvjCtKXo iRub4rUCFbiBmaiOWTxeyupWx4w18YknjFePWnin91xodYV8Uw47GSI2/nGSIYxeDTOXyp5NqF3x S98m03fBpdWydpOrVB+PFTN+DXKKZWxZIrtY/7XFXfF3M9xRENNYv7ClKZa3XGdzBtfNFN6yia/c ZdPieML5zXCim+rfPuPZsFr2cGXSPN/WIrS7RFYzf5cM38dadaoZ5S6if4pPkoq00+fMraNVzNHY drfVWG5ypeP7YgBHNtVKbiiulcxrQ1d60AXuqkYV3MxiG/vYyE62so+Zy2U7G16/3Mmzp03talv7 2theyGb4wW1+CKTb3B6It8Vtj24XxNzlRjdBwG1ucBtk3N92d7y9HW5yzxve7143u/G9boTwm97n Fje6931uead73AY/OLwN/u9093vf/FaIuxtO8HuXu9/6pnfFC17viz984/HGuMLt/W2ML5zk4/+O 9k80gm+A2/vkJc+3x2Muc5q3fOY3j3nHPZ7zgEc84g8/CMUDPvOLA53kOKc5z2u+9I+LvOgNaXjQ mZ50qh+96AgnutL1bfKuIz3rNkf6tYE+dKwLfev+FvnNYf7ykp/86lN/er7J7vO6U13rOkf7z+de d7ZDfSF7j7vYm271tNv962l/u8yzDvaqO16XOaF70KVOdLgjXukuhzrYM595if8d7p0Xe+hDj3a5 b/7uex+63y2P962TPvUJoXzrjY73o3P+83lvPNthrnJpY2Th4aZ44LWe8Nqru+pSPz3t511z2RP/ 3QQv+8EVvnPN23zgqLe+8ksfe+izm/qvB/3/7PVu/cHnffled/nuUS7MyB/e7eUfv+29Hvby6x79 5Hd99/NPbunDf/9tx3ezN3pJ13McN4DvR35X53yDR4DmV4C4h363V38e13uP4X/LZ4DmN3/sd2+N d36Kx4DfJ3cZV33al4CkZ3ql93oC2H8u+ICGp4LDF4CFd3YoSIJhx4Iht4MUyHsWSBprR39+R4N/ h3lEiH8w13If6HwaKHqtd39GKH4dmHMzuH5Y14SA94RFSHmSB4M9N4QcuIMGyICD9IM3sRHfN4Jm d3zTN3IxuIY+x3DBx3UeqIUPyITEV31pqIZ1yHxuaHGAKHCrh4WA125xKIdzKHo7B3psyIZF/3iF goiHHfh4t9Rs2XaJYWGGZ4iJnNiJXaGJoBiKojiKpFiKpvgTXHCKQeOJrNiKVKGKsDgaDRCLtPgP rniLuPgQ65CLvNiLvviLpuEA11aLxFiMxqgYwJiMykgix9iMzviM0BiN0jiN4bGM1niNiUGN2riN 1IiN3viN4BiOvsiN5FiO5niO6JiOXCSO7NiO7viOyaaO8jiP9FiP9iiP5OAY8LiPmHiP/viPABmQ AjmQJMGPBjmMNlQY0hIRC3mQ6EKQQHEYDfkQE3k3+cAQFzkYGekjEOl7APCRADAQICmSISkQH2kP IFmSJqmSKomSLmmSBNGSLDmTJImSKVkQFf9ZhiYhEPnQkxvpkwOxkfbgkz9ZlEFZlD8ZlAQBlEJ5 kUSplFD5lETplD15lFQJlEOJlVDJk1XJk14pEVo5lVYplGOZlV05lEqplWaZkUmJlhzpLBsQJBrR kjBZlye5ki+Zl3dpkyIJk3S5lzSJl3hJl0tBlm7plk0ZlUbJlVH5lYbJlknZlolpmIfJlo25lAiR mI75lRDRlpx5mAdBlpLJmaKZlp9JmeBImH/pkiHZmnppl34Jm6tZkrQpm6yZl315FI9ZEE6JmabZ m5aJmJtJmZZZnJg5maF5mcLpmwbhmV5ZlU/JmGipmVvpnMq5ldMJmqX5nKDZneKomgXhmuL/+Zov WZu3WZcxGZvlGZviOZLoWRSQ2ZvHyZzZCZybaZZHmZnDqZ38iZ/VeZaIGZYAWpm8uZzZOZ3bWZ3Y eZlMeZwJSppZ2ZytmBPgmZ7m2ZruaZN3GZi4iZ4b6p4X2qGecRISgRLIOZ/YKZ/BGZ3yeaAFWpkt 6qLd6ZkxGpzJqaAoGpkN+qI46p30WaMyKppYGaNo2ZEjMZcGwZKweZ65qZ4emqQWGqXrWaG6qZw2 SqDLCaQr+pn3yZ1dOqM4Opr6maIMapoLCqFkyqORWaYQup3U+Y43uZJKKqVNyqTkmZ59KZMdiqEg qhTR6Z9rGahcqqVmqp3Q6aAAyqJqSaP4/ymWfzqoiYqlO9qcAyqkXdmUTBmWaXmpYIqmnmiJgZGT DCGq54Kal5GRRup7CkmiDMmq1GOqiLGRqTokvuSqEjmruOoWDrmrzgaqSEGqgpGrwroWczmSSgqY fCqTgEkYNxmnr5mhvMqr4EmbNDmn1joYq7mkcxqt0Tqt7Mmkrkmn74kXVHqbesqt3Aqtx2qufSqu ImoX1Bqufpmt6CoRgeCN2xqi6+qufaGn/oqbhFmvDpmvtrmk64mne7GvB7utAmuQznqn87qXGkqS G+oXzZqhxyqxDatsGLCxHos6e/CxIturCRmsttqqO3kRw7qyETmyLvuyMBuzVYGsFFunyf8angSL syepmhJ7sdDKFPQannUqs89GoYFprQqrrPwatOTJtCOashMhLXGqsYJ5lyx7tY4xnvL6rXYaok46 rgArtE5bksA6qiextSIqr2SLtWxLExmhtXs6pWF7sGBbrtkKohgLtExrnu9KtPGIE/oqtjV5rg9b ru+5t337lgVJEQvZszpbsYrbtpKrFl57rXmam+f6rohbt2n7MyfLjCmrtjabm5NbumtBr3mbp6n7 pAfhszP5uvEKuWWrbWeLsZBrlydpurqbEtQWsNf2AH5bQ5sIbSVREY1rvLubvIsbvMwrIr5KF7P7 FMo7vWfBF9HrFNSbvcWLET4rtE+aksn/Krqja7s7i7BOobRQqqG+27xdYQzgErCZq7DjyreHy7qj +xTNOr/0y77YCL+CG66Ia7cGe7/r+xHiW6EFzL/KZrSZe7kAjLcf2rrgq607O8Eveb0S0bNUG6+e q73ayxH7+637O5vpq63imsBGobGGi8IKnBmkkEwJibYOTLfzW8OY26Rba54YnMFzy7Au6cEe/LYf usE47LriW7/km8Ngm8K2i7kVzMItHMVcAcVSXMV5QcVWLEzfUKIla72fa7ZQGxJATI+EoBaRMBOA scMDoca0O8Y0UQQEmcVyDCs/q744i8Mx6azI+pfGasRT8bqPK5hz3EzWg7p5zK97arlx/1vCB8HG kSsSeey4BPzIblzJDRm0Xmunk7ywjHy/a/zFbby9mjy3sOkdKWnJFlisctrD9du6eMrBuHuznqy3 3luzNPwVFjzIpYHJctrA5ju1ECvDiUvLS6yeWKzLqFPItUy/PozHl3unwuzLjlyR4/nL64nK2JwS dazHCOu7DHvEftzKnxzG1eOqU9unTUzJ2TysynbMyPzOV+HO8DzPIlIF9HzPYWHP+LzPW6HP/Hw3 hhyxT1y+h6vHgBzJ4au+8hwRsBvJvZwU/vzPlbEZKozHm+u/h2ywTvuujozQw7y1aVEF65yrowy3 i/zMjFy5nJvSHSzKPNzM4jrSpfu2Ef8rwg9tx3yJEIS7yrGM0+LcEXvsyhMr0b3EwBVdzQGs0x4N rogcsB2d0UMLnjI91ZDMuUhdywPszMZs0UJdl0+N0nILpVTdtiDc1bCb0M38zdDcx6s7zBVxzhn7 xESNGeD7sGI8vCZLzjzMuGONjnUNknGxqnrN0Mjb19q7Boad2Iq92IxtFnP92JAd2e6CAJJd2Y3c 2JhNi5ZtEHwwLZEQEdiw2aI92qRd2qZ92qgt2pm92qzd2q6tQKntFxcQ27Rd27Z927id27ptxa/d 22a428Ad3LTt28Rd3MZ93Mid3Ack3A+p3IPN3Crr3M8N3YUt3UdqD4eQ3YeA3do9ENv/LRDb3d3e nd3gLd4EYd7fDd7nTd7aTd7c7d7qHd/YPd7eXd/2rd7tLd/zLd/pDd/t3d/dnd77Xd7hnd8FYeDv bRD/PeDzbd4Eft8Dnt8CPuESft7vDd8Jvt4CnuEXHt7qLNMaseH9Hd8jfuD6beIkXuIQruIoHuH0 Xd8ibuEjPuH3DeAtzuAMHuMQvuMuruArvt8q/t00juNDbuH67eEHIeQ1vuRE/s4bnuMNbuRG/uQn 7uFKLuU9nuRRXuIzfuNIHuUyDuZALuVPXuRH7uM3juNZDuZXDuNh7uVoDuVUPuZNHuM6/rE5IeTs LeN3XuMYXuf4DefjXeZbbt9mfuZd/x7mX97ma07gDg7lKB7gaR7hC47eJk7jel7gCO7nEv7olv7m MF7hjJ0RmK7oWH7ikO7m5S3oaW7llI7hhB7q7m3nYr7pLH7mWB7rgX7qa+7qVS7noK7mLP7ll77j xC7mqC7HiU7nty7sLc7ofU7ltI7kRa7ryK7lvl7tp37oh87f3h7npZ7l0O7t3T7sak7iTN7jc47n NtTp/i3rGn7hSf7uK07v8g7uP57sBt7n357qIi7p9d7sjj7oCGHuQQ7rDl7hPG7wts7pB27v6j3q 1J3azzvxXKzYFp/xGv+LtEBWKXEE1h3y37HxpS3yJn/yKO+PJE/aKd/yLh8ke/DyMv8/85q98qpN 8zgvGTa/8zzf8z7/8xyxAEA/9ERf9EbPq6x39EpPF1ew9E5/iTkf9TEBDlJf9VZ/9c749Pdc8dmG 9cWIi15PjBbHcP23iB2XhiUIfCVIfYHohuqmhmdf9p0HfIv4cYZYfxP34WH/LCz3fISXfPq3gWA4 fhBIeHT49zz4gYfvgIUPg1oPFlWIhJUX+Pmn+GRY+IrfdHP/fynI+bgHcJb/+HeBcInodkx49tgX iTQ4cG+vh6xP90nIgyCYgXVPe2QP+oLIfaL/FUHogho4gZe39gn4dCHYgNhHhQJndijHgrg//Lsf Foo3+4Ef+k7ohAuodppfe4iv/Kv/J3jwp4PPLy6bOHFvL/fYv4fBl/dyT/rt1oipb3Tq/3/wv/lt v3Zkf3315m17X/OuuP+xCBD2BA4kWNDgQYQJFS5k2NDhQ4gREf6jWNHiRYwZNW7k2NHjR5AhRY4k WdLkSZQpVa7cKNHlS5gxZc6kWdPmTZw5de7k2dPnT6BBhQ4lWtToUaRJlS6NyNKpRlVPpU6lWtXq VaxZtW7l2tXrV7BhxY4lW9bsWZbj0K5l29btW7hx5c6lW9fuXbx59e5NydTvX8CBBQ8mXNjwYcSJ FS9m3NjxY8iRJU/++YnyZcyZNW/m3PkwX9ChRY8mXdr0adSpVa/G69n1a9ixZdNk/13b9mgbt3Xv 5t3b92/gLWcPJ17ceOfgyZUvZ97c+XPo0aVPp17d+nXs2bVvn3rc+3fw4QdzJ1++q1rz6dWvZ59X /Hv48eXnXPk543z8gNufto8x//+l9jNNIABcKpCgAyFKkMCCNEIMgAUXi9ChCXGqMLACJxSwtAzt mRBCCA+K8EKFRmzwPgYZBHHEFR9iMcQSLUzQRJhoZKhFEmv0MEURQbSpxYY61HDD0TyEEcGFbHSx oAgd5LFDHneUyMYcczRwRiZvsjJKKXM68MItDRwoTBUNIrIsmoRE0iAfpcQxxCNhVLNLI7fEEssx s/xSTjgXxFPOHX1sU8g+CTwyxf891xwTUDcDdXPQL+l8cUZGI82z0QwzPZROQ/ek1FMlE+1STVEB DO/DTkd1tMxG8wRUySRblfTNJ1VVFMpMEXXV0kgr5DXLS1fttVdXVfyQ0VWFjfJXXINNVdJiWYU2 WmIdbdbUx+pDyE9VoVT2UW/bXNNJVoF01tZWJ+003Fr/1JXJQYFt19pud4UzxjuLnbNMUmsVcdpk 2XVW02pJ9fFM0WKUdt9rm3U3S3K/ZVNePJPlktt3A84YY2mXvbTQejuuMuRHjWQzV4nBBJjdim01 kVhv7UF4rJ+AjLfOhlOt+FMKzz3XTz4t5bJOdG9Ol+iBl4V0Z39tvhdeZD0NFtX/dwVed1GpnzX3 aqynFnZTbBXTtrCIwwaQTJlmBq2/i8wOG+2Y1A7LbbrrtvtuvPPWe2+Hxr5xPriD9DK/wAmSW7cl kx7Z5yTFlYnMrRnvEWx5J9/2cgUPBTNOSheFukTKI6J68s4FOvy2xD2OVXLMtex5aMhZ5/TWf2uf 0tBYC5596Il1UvnkgU6Xq6agP+XYWsenXRrWO8V9lWg+Rf4YVH+bljpyGgXN2tzne98dSd1/jxxc k3H2nN7yfa29cL4JG5vlgVdkGEH5SX5x3nLT/7l8rF/+mFPsFU1R0rMfptQnO2YZi2otO5rGhuWx AwLrQMKjiDlUA71oAQx9GoQf/+8caK+YCU1Q3rve/6ikteoBUHkZJNjuYEU7ZQltYxLUVfOeRr4I 0g9GFIRLmhaGLmhZLYgsvFy+CEitjuFPYDELmRFVmDFZdRB2JBxg+C6WwgZKsYmyuqLs2kecESLK cdxqYRW1ljzuaY9z4arUDfvXta0da40YhJ3m2kg9nZ0saEqLHu78CMf45SyNS3yaHEP4xcn4zYcv Yd/3jtLIB2HocS7h4WospCMx+QWSd9skTCrpFkSGUpSjrIkiBVM2UvLtk+5xpMK8aDsuoXJwmOnk 3VbZFR8y0Xze86Are2m7MmISgr6EWy152T+0GfKS2ypd6yiUvFR+B5pWeuHfBv9oTY0JU4POLOYs K5e6X06SmedbZDThsy8X3lFT/HueDKFJRQaeb5DHI9SmMLa8b65RVPOE5deud7xu4ROFuRoj+tq5 S/7xLl5lfKc5jaKtBd5wfr/aVRITFLFrtVKKQMMREOW3UTN+UKTp1B7+Zmc0kDYPivwKYrUkdtKK kuyWXOkJGfWFRBx27ZsJwVVD6ZjNYbbMpj8MJMvCCNRrMo2LeiKiE62WPTGmtKAUE2ArHZoZp4rU iiu1av4q51Ih2lSo4CNi0rzGsSUm1WtJJOsPszrW/8Wwqc4sIBav+lCVNG6P4MrZT3cWorLF835/ miq/0Lgmgb4RaU4jJLKeeEb/dzpPjXhcLPg0J0GJugxsjH3S0mQ2U61gy5g81ebtRGeUakJmtHfF iSkDI0vUlvaZq63ZTiNDItDWhbWXyW1vLbJb4AZXuAqaSeiGu7rjJpcpGYUaNZdL1eLG840HLOb4 +tlF5WaXKDKEIV0fObHRGnd/xyRuTFKrXfRiEmbBtJ5h14k8lKVPsqWSp/8CGt/N1nCbfSxk8WAp UOo5Lb3pXUkCRUi7B0ZRf1zUInfZKkCKdjHBOrwiWIFYPfi91XS+9W0u6XVgxXZ0hg8rocjQ6Ma1 fitrIdboqApZ1+5meK4DpvHjUJZRgKLVpAkcqQsfzDQe09Ni4NXvSEenYQ3X/zi79SGxR/VYtKhV LbOLtadj+djXwm5QseTzp105qsSjRorDY+6LkpGSIzLn1syP8ema3fxmOMdZznOmc3ggmslXHhO2 tXUMbX902sak2SoeVuYxCxc4EU+pmW1VF0yvJF7S+q65gsudB0+8ZRbbts6KmSZyw3ldX5p30RmE Lnlf11VTl9Ouqe6d+OiX4lWjetOtVQk6faVO6JVuThNE0RPftFeWZpiJRixpvuirPBDfkWsl9aOA zco51a0XoTNkMIJ1JmP5FkjQVfkzZrGtYss+mJkWduJNsb1OYyM2pu5ktFcnilOHkXqI865ayigc VyGzNK6B4vGsBzPUDWJZov+Q/hdIfe3WpdpshQvLMkP5auSjJXrYlt2jWA2qOB2ym8X3ZKHR/C1J hBM7fw9bksEXfu58Lhypa7UvwDvoUpI1Td0s0h+I613W/XGcqNf8uCY9+3CKhvmVCjefDdVadIt6 O6ohtGPTA8llovNqyhz98k9ljtRys1fCuP5ym3tuNj9j9es1dm1S9qxTwt1121QZe9vd/na4x50w fg67qAGjS0oPxU41XUrd/V1gi9XvdU3qtdc13U+Ak+7P7DvvuPHOanlbrry/tG4mK7T2uSAtz60+ kX+4quptQl5HjDcvnkm7d1l/WvWAvjzmB13cwDOVyvgluAj/6VWdOo+sWS7/V5T5qfBSVUqBxlPr 7/+IeKg2u496uixV+5XtRAlR7gu5c3NvjPMukUv34D52uXF2r4heH+Hj5zcU373zgc7VwYyrendh Orqz7nP81XJ9XCKd4ginSPsufvHXnP/VhGurAkqygPEs3cuqghvAacuny6o6nqEhnkNApHM3Kak/ buOJEzKpoTO/IrMneXO5/9sxBUQ/3YG4BESyndK5m0urUsOup7I2TJm+hyi7x5q9ztK2wpseQUo4 KxOrzToqzZO4qyE6yKoXwmo6C5tAj1u25sMhYLMXPQqwp3OXirHAtwiKswulTfqd47goK5QKGfwR ghs3/PA7OqNBGfxCCwxD/zZsQ6UwQ9mKQ9NzQzrEQAHkuWcBtfXjqUSDvcn7PF5aoDoksLw6NUdy NT0UptVCNAhsHJ+BGzWsP+LxLzMKsMPiP+XDne15J+LrMs3qkzkKqFdLI9nbp56irEGMMwn8vvOb FSArRRjDvwWDOAKcuC0yoXZbxVRMJcAjwd3DvhfkGXJ7xLMqRvJLqUZkL117sayKRLmAgOAop7D6 RV9UsCCLRQyDsBmjxWT0MSQaxtXbRaVIA/BAqUocQrPiMqhbxynSwPmSwqjKtLJquPSrrHAUR1sq ROJ5DTgECmf8R5FIkzFks4E0DIDcNnxMSCU7SIZsSId8SIjUCkRAhCxUSP+LbJ+JnEiFiEiO9AoI YY+MpMiPuEiLNDxTCUmzWQKSlKZ+lA1EWEmY1CtC7EiarLWPrEmcJAtrWI+bzEmfBEgQ+Umh/EcA GEqjPMpKikmlXEqmbEqnfEqojEqpnEqqrMqGQEqszEqt3Er2sEqvxBauDEuxHEujLAKyPEu0JA3J SEu2pIu1bEu4vMLIiEu6ZAt+GIi7FIi7zEu9xEt+4Eu/zMu//EuDGMy9HEy8TEzERMzPqkvHJAu+ jEx7AEzBTMyCqEyEAMzJtEzM3EyCuMvHDE2TqIm93MzONM3LTE3PLEzWVMzVfE3Y/ErZNJy8Ks3S nEzDvE3L3E3G5EzCpEz/3FTNvmxMn5QF1KAAuKAD4UHN2wROzXzO1hzOvnTO15TMDRNNtAwANIQI 2/RM4FxNzYxN6JxOzpTO8JxN9NwJ66zOwCzM3+zNz1zM3pRMxjzP9LxP/MzP4dhOtsFO/8QK/Qyl owxQRBpQbLpHBD08zWhJ7wKn+7NDmvOdMIFEo+SalAO0Jws18ppQn2Cu/7LDO7QmDs27cDyknUgm iBhQ58JDT1PQcGJQ9fI0GE29fdPQBu0ZgHIdQ2QIKwQ9FCo6kKm5pXo4dFQgk9m1FeO3+7HBinug 5YujJN2lUwQz8HvHUZSsSVO++FLSYzGx96qnbPucIDQ3LF3AN+tFoXs5/wiCuX1DRjEaOSIDQAo0 sHqDK7gqP5eJQX3DOiWCQemTvj21xqBztCFTKSfDkh71w5CDtzzKQ3U7xpvjUgmTU+7TL6mbMmoT wQ40QmBsl8JyOBVioBFSQRbkLu+TwBKjUeViMvVj1CQUREjFPV3SsXTcwRjMPzut1aqKtz2dxpgz xhD1VVvTVJv7VVTV0x1JVIHcK3i81KpqVCL9NaJSI4oT05spQYFDRXVctnuzHvDTQfva1kGyR/TD ILSKMgNaUmXqRL8i0Gia0QR117/gTzeDUZNsHwOV19n4z7bR133dyv9oycdjLXhVyu1cURd10BXt Jij1nOczxIFVncZYnP8XpbxGIhO4DAeQaFHREycv2sMeSSdyilhuItGCBYo4WZ0q6Ud+/S1K5C88 fRUDXMblC9MrhTamUp9+QVJt9cH80kELzb2XzSxmE9KCCiBnRR4zdVac5dnjI05+BccE8x+Rk6uk c7JbrCEP3NmA86j6MSqCIdp0HMFbdBgHE1YHirDku8buqZxVWoDREEJ4xEQ1ldRTTaEDg9Ltq9MP 69Sbwi4TlNhSdVUgDNdzrStRvdbhM9ZDWQ9LAA4d07iIK9uVObhoi7yQ4tuH9dVeBcBVjFxgtVXA 5VwTvNNKBdajadmKaNecAtq6TVVTddRppZz3yjmDQteg6jSgXVpmhUL/JYzHB6zGeKQ3IQu6qetd roy7LfRX5v2L5W1e6I3et6NX6QWQnOzYSNqMk6Wl0uvel8jJr707Fq1R4JlDvcveB928Ax1SSuuk TbreC3tD6XrUcZpY9L3RfaTf8nLfuMHJGxy1WZS/4IMUWKwsgtLd22s2T6REOCrT33O6UOypDB2f oVXgGxuWJq2vmgVFmqU5UrwwzrLWNkHI/M3amdNa2XspmFk3LBrUGGJT4RU5AsQ3Uay2anzdWexc tv1AvMXaqrVFPi3X6QOyEyuYwiXaTzW4xBU+u/1ATB2xNCXffmOjJgyrKJ5AuqVcue1G1oXittVU MCa7QnxFzlNhXPwx/wFkQQ6aXNRNwjSuXKXiWyGORdCt3Ft1VRhsU2Ql1VANQTjOExKWxt1Fu667 txCONsci3Wz9RGjtuvn6xNrNokSusmJl3VTNqR9u5ApzXdsdXpKKUnLd3rCh3g4dDlE2JzOE30cq yMs45VSCQ1Wu3i/qLVmu5dlAUfX1Jsiz1+Jw5TfUEl82lV4UHJDls0SsQR3NZY61rfBqxGRen/11 UNHD5Y1UM0X9m2Iu5QbN5m6TNBvtZkD0WGiW5msGNfxV3jKtOa2jst4rX36isE2UUoSyrqJl4mDC HjyC2Qte3FzTYPriYHK6NqHdUvk60pIRaEJiPn26L4O24i9VVV6sNf+c0jfTZWEf+9w3zltsjNSu xWitMpZNzmRw1GONG2mVkboUZmN2q0XN4uEahkgbKqFiHSxMa1fTrduOZj8pq12Tw+JTfKpvndMr JumpetU66itoVemj3UYXvlonomVFNdFdG1s3PmHh/WgdrtEd3mOs7VOWy2pkNVYNpGEyPuNkOzn2 dVMTtkXvG7sjbNQ/rbhu1eQFDKMD/NtofVTYzSZ8LlU3kmlGteQUTlLj3R5r9dJ6dMU3llJqLVQS sjJb3i6INi1xDObIBh2BZWW4s+x8LDPgUt2aFC7QpknDGNHvUr3RHjMf/UNdTl+V3UeSvewwhEPT JlFBlu3gAjwiNMX/C16vCH3nkRU6owXT4f7tlCG81IbqSaLCIhPUXurpeYy4KQbpQ+zbcMbtvdFt s1bcmJMjbBTun85ToIvAb7XS4Elu5S495n6/seY4j04rydXo8bLUBlJm7BZmiY7jXEva4KXrvrbQ QtYXuZbdUWXkZEXvhxRtBAet+25wpFhwCDcNSqhIB69wC79wDM/w+IhwDu9w8yhKDw/xuBXxsxBJ EhcJED/xrNDwb2bxalbxAoPx0HJx7KVx2pRxlEhxjkgCHEcJG9+JK/hxIR/yzutxIz9yJE9yJVdW Im9yJ39ySlpyKZ8bKK9yK7/y2MgDLN9yLu9yL/9yMHczUpbNKe8h/3sABzQHhzNPczVnczUviDQf iDcXiDlf8ziv8zZnc4JAczlv8z0/8z3X8zuPczsHdDkP9DkndEOnc0Sv80Jn9EOH80Tnc0n380PX c0iHdEHf9EQ/9DK/Qkd39Ez/c03vdDiPdEYXdTqf9EUHdFHH80x/c1kndVQ3dUpvdVNf9FlH9T6P 9Fdf9Uv39T9XdVsPdqj99LP4dYNQ9mDfdVqHdVV3dWmH9mUn9WLH9VNv9WkfdWofdlrXdHDPdku3 9FT39moPd2k/dmT37JiQdT7H9FGP93HXdl13czsP9W3v9m9391t3dm3393Qnd2zHd1i39lUndnAX eIU/+Ge/9XgP8/+a0Pdvl/d6P/eBR4hdX3hmN/RrL3hhN/c13/d/x/ZGL/dzZ3WJx/dYH3mId51O R3iL93dml3iDT3eTF3ldR3eWz3mSX3mf9/iLp3eZ53mg53mOn3iI1xZO73eMZ3pe9/lUh3eWx3R4 n/Q8p/RBf/es7/Ncx3VFZ/iDv3qN5/U7H/avp/qzr3VUX/enaPkfH/OvZPu1IFC5N3P9rHu2S4po d3sClfpHv3h7J/ulx3NBN3t+f/V+J3SpV3TGL3xjj3qxJ3fCd3jKV/y0j3Wn53bFf3y+P++UyHVb f/mn73mkh/qjp3e1z/lrP32Ph/bVD/rUD3mKx3ijH/rUn3e8dwv/mvdzgN94mI/5mo92gn98gQ/4 Z/f2jBd5lWf92T+IeQf5np/1Wc99MJyJ3T/65Rd8yqf9sMd6rs924lf9U/96ozd+2x/9jv9+sAf/ 4df+1u/8Ij+J62d1pC/6hzd9gCd9V7d870d+9gcIewLtgSM4EFxBgwcHCkzIECHCgxAZNqTocGHF hwozcnTo0d6/kCJHkixp8iTKlCpXsmzp8iXMmDJn0qxp82bIjx05buTJ8yJGihsvJgTac6hPozqL avzZk2lQn0eJWqxqdefTpkgZ4uzq9atLH2DHki1rFidEoBOdapUYMa1OoXENTkwrlGDEpHfXbn26 lipftXKv0v3L/7ctXqKHE1OtePYx5MiSJ1OuHPIu5syaN3Pu7Pkz6NCiR5Mujdky6tSqV7NOafo1 7NiyZ9Oubfs27ty6d/Pu7Vtz6+BeNQgvbvw48uTKb/5u7vw59OjSp1P/Xa+69OXat3Pv7v07eMjY x5Mvb/48+vTq17NvX12B+/jy59M3HX45rPv69/Pv7/8/gAEKOCCB29V3IIIJKrgggw06+CCEEUo4 YWwFWnghhhlquCGHyxXQIYgh8kchiSWaeCKKKaq4IostuuiZiDHKOCON4b14I4456jhejT36+COQ QQo5JJFFGnkkkkkqueSASzD5JJSrwZbOjlVaeSWWWWq5JZddRv/5JZhhetclmWWSRo6Zaaq5Jptt urngGm/KOedmYtp5J5556rknn336+SeggQo6KKGFGnooookquiij4tH5KKSR9tYopZXWKCmmmWpq n6WdevopqKGKOiqppZp6Kqqpqroqq63miYyrsco6q52b2norrkLRuiuvMuX6K7CY9jossa4Feyyy bRa7LLPNOvsstNGimiy11Vp7LbbAMpItt916W6e04ar6LbnlmnsuutmKu+6p6br7Lrzxyksmu/WO Oi+++eq7b3RS8PsvwAELPDDBBRt8MMIJK9yevQ07/DDEQi488b8RW3wxxhkLSDGmA3AMbDcfizwy ySWbfDLCGquA/CfKLau7Msx6ujxztTHbfCfNOeu8M889+/yzjhkAPbRoNxt9NNJJz0Q0024q/fSR TUutJtRVW3011llrPeDUXdO7Ndhhi21ZKH56fTbaaRM9NtsW6vyO2nHLPXXbdW88N95567033337 /XeZdgs+OOGFG24z4IkveDjjjTv+ZUAAOw== ------=_NextPart_000_0005_01C6F731.4D102640-- From tuphuirqu@reminc.com Tue Oct 24 03:59:57 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcHCX-0003ns-5g for dnsext-archive@lists.ietf.org; Tue, 24 Oct 2006 03:59:57 -0400 Received: from [59.9.134.120] (helo=[59.9.134.120]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcHCU-0005Mh-Q9 for dnsext-archive@lists.ietf.org; Tue, 24 Oct 2006 03:59:57 -0400 Message-ID: <000a01c6f742$5ecccc60$7886093b@photo> From: "The Games" To: dnsext-archive@lists.ietf.org Subject: news reviews Date: Tue, 24 Oct 2006 16:59:45 +0900 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0006_01C6F78D.CEA3D290" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 3.2 (+++) X-Scan-Signature: bc102ac530ba955ef81f1f75b8bebe44 ------=_NextPart_000_0006_01C6F78D.CEA3D290 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0007_01C6F78D.CEA3D290" ------=_NextPart_001_0007_01C6F78D.CEA3D290 Content-Type: text/plain; charset="ks_c_5601-1987" Content-Transfer-Encoding: quoted-printable Bull Music bullgames bullsports Password or ec ihighgames Editormy Photo = my Mediathis is gallery is is empty ihigh newest powerhouse in video = game news reviews and is promise to not only provide. Bullsports Password or ec ihighgames a Editormy Photo of my or Mediathis = is gallery is empty ihigh newest or powerhouse in am video is game news = am. Empty in ihigh newest powerhouse in video game of news reviews and = promise to not only provide you with latest but bring that of will keep = involved excited Blog! Photo am my Mediathis gallery is empty ihigh newest powerhouse in video = in! That will am keep involved excited Blog am of macdowelll on a jul = pmtesting some comments am yo im Zipcodeim or Kylast am Seen August = Joined Site Views Other Gaming Sitesthe ign Competitor. Of macdowelll on = jul pmtesting some comments yo in im of Zipcodeim of Kylast Seen August = Joined Site Views. But bring that will keep involved excited Blog of macdowelll on jul = pmtesting in some comments yo im. To not only provide you or with am latest but bring that will of keep of = involved am excited Blog of macdowelll or on jul? Will keep involved excited Blog of macdowelll on jul pmtesting is some = comments yo im in Zipcodeim Kylast Seen August. In video game news reviews and promise to not only provide you with = latest but in. Joined Site Views Other Gaming Sitesthe ign Competitor This profile has = a been viewed. ------=_NextPart_001_0007_01C6F78D.CEA3D290 Content-Type: text/html; charset="ks_c_5601-1987" Content-Transfer-Encoding: quoted-printable
Bull Music bullgames bullsports = Password or ec=20 ihighgames Editormy Photo my Mediathis is gallery is is empty ihigh = newest=20 powerhouse in video game news reviews and is promise to not only=20 provide.
Bullsports Password or ec ihighgames a Editormy Photo of my = or=20 Mediathis is gallery is empty ihigh newest or powerhouse in am video is = game=20 news am.
Empty in ihigh newest powerhouse in video game of news = reviews and=20 promise to not only provide you with latest but bring that of will keep = involved=20 excited Blog!
3D""
Photo am my Mediathis gallery is empty = ihigh newest=20 powerhouse in video in! That will am keep involved excited Blog am of = macdowelll=20 on a jul pmtesting some comments am yo im Zipcodeim or Kylast am Seen = August=20 Joined Site Views Other Gaming Sitesthe ign Competitor. Of macdowelll on = jul=20 pmtesting some comments yo in im of Zipcodeim of Kylast Seen August = Joined Site=20 Views.
But bring that will keep involved excited Blog of macdowelll = on jul=20 pmtesting in some comments yo im.
To not only provide you or with am = latest=20 but bring that will of keep of involved am excited Blog of macdowelll or = on=20 jul?
Will keep involved excited Blog of macdowelll on jul pmtesting = is some=20 comments yo im in Zipcodeim Kylast Seen August.
In video game news = reviews=20 and promise to not only provide you with latest but in.
Joined Site = Views=20 Other Gaming Sitesthe ign Competitor This profile has a been=20 viewed.
------=_NextPart_001_0007_01C6F78D.CEA3D290-- ------=_NextPart_000_0006_01C6F78D.CEA3D290 Content-Type: image/gif; name="not.gif" Content-Transfer-Encoding: base64 Content-ID: <000501c6f742$5eab61b0$7886093b@photo> R0lGODlhMAI8AocHAAoAAH8GAAB+C46GAAAAhYQAhA5/fsjLtMXlsq7G40osA2YRAHUbAJorAMMs CuMXAAY9BBw8ATlAAFM6AHQ7AKhNALY1At08AAloABNnADpdAFVmB3hUB5hVDbtdAOJgBQl2Cyt0 ADSFAGFxDHd5AKl8Cr1yAOOICACkDhSiAEaYAGWtAH6cAKKkAcmVCuSRCgC9Biu3B0W/AGO+AHLH AKC0BrXOANPNAADWDhbeADXeAFziDobjAKHnArfuANbfCgAAThsAOzUCO1IAMXMNTq4ANsQATu4B NgAiNSQoPzsSRVQqP4ErNp4ZTsEcTuwtNgJMPyIyMUk7OGk+OXI/P5lNOMtGSetONgBWSSFhPkRW Nl9dOYBfA65fScJnQO5oNQx+NR94NTWMNFF2P350RZ55QMSCSOKDSgadPCKlRjWjNmCfP4iqSaSY NcunP96oTQDANi3NNErFOWSxTHjCQq6+TsK9NejDOAriPyPmMkXtQ2LqTofaP5LtSc7hNNzUMgAA jRYFeEsAg14LjXwBepQAh7sAhtEAfQAhci4cjkwsd1gri4ARf5QpeLoYjeAhgwBGdiwxf0Q1dWQ8 eHo4eJVHccFEfd1JggBneyVSgj5pdG1jhoBhg6Bgeb9TftNdgwBzjimJeE19gWuLcoF+c6N3h8uL ieGFhAWpdCqffEejfWutinGsfayqjrOof+WlegezjCa4e07Dhmu9gnqyiKu6gLW7ide8egzhfy3V cj3fhmjgg4fZeZnVfcrrctHRfwANzhILwUUHulwAuI4AxZYAvbsAs9gIwAwjthMRuDMsxmoqy38p wZgtwckTxOgryQA4yxJDxT1OvWtAtIdGxZFGxchJxNxNxABdvh5Rwz9YxVxctH9dw5thzrlfzdxi swCDyBJytzuJzmCHzXZ8sqN+xLF8vu58sgSquh+huEOmtWWky3WmyZ2gx8ysvOuYwQDGxS2zuDu+ vmfEy4S7yJHIw///4autlYF3ffYACgjxAP/1AAEF//8A9Qb3///x+iH5BABb260ALAAAAAAwAjwC Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mix40RuHkOKZPivpMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0aVMRTqNKnUq1qtWrWLNq3cq1q9evYMOK HUu2rNmsIxEmScu2rdu3cOPKnUu3rt27ePPq3cu3r9+/gAPTPUu4sOHDiBMrPim4sePHkCNLnky5 suXLmDNr3sy5s+fPoEPzXSV68uLTqFOrXs26tevXsGPLnk27tu3buHO3LM27t+/fwCnrHk68uPHj yJMrX858uI3m0KNLNxy8uvXr2LN3bImgu/fv4MOL/x9Pvrz58+jTq1/Pvr366fDjF1Xovr79+/jz 698fXrv//8Bxx9+ABBZo4IHjyafggkZ1J8CDAjgIYYQOfhchhOBNSCGFFVr4oIQfZjihhyEigKGJ J2p44YjhqcghiyKOyKGJKKYoHowaeqdihwz26GNPNOoYZIcvCpmhhUPOaOSMSjLZ4ZMbIqnkkFQe iaSRV1oZpZBTOknlllb+KOaYKik0ZZUXPlnll0Ge2WZ5TnZJZIt0ZmmlmnieuWWcd3J5pJ7dASjo oJ+1BKiUaNZZYZrjgXkjolriuWaTjdqZZ6NF+mkpjZQeSuanoK704oedytnninDqeKKdjF45aog7 Uv/6KJa01rhqiXxu2uqiOQYZ6q+/dvpnojHCumatebJoKqCmIqtms5JKqKqNuibqKbDYjikspF5W e+yxsnrLrKLRstknuHOeK+e2YWbrLnT05Zpukksqemi30Xbr6K7PkhfupLM6KqmXBJdH6MEIWyZg jr2ySS20TcK6qrO2TgvihgzDOCuJejIMKcevhizylu+WrCCCKKes8srmmezycfSxLPPMNPOXsF79 3KwzQgLW7PPPQAct9NBCvzwW0UgnrfTSTDdttFhNRy01ex9MbfXVCHxlx9P/fOD111VX/V3YXncH 9nhnmy222QiAXXZ4abf9tXdrs1233HPDnXfb4JH/PXbfcbMNeNl13+3223jf3ffYezOOeOBq+033 4Gcbnjjiav99ON+TH6745JErbnnooHfeeNxrp94d11bFzLngoItdONx/y625eaLXbvnosJcu++KY 8/562LX7Tp7wn+PdO/KvNy948GgXb3d50H/+u/TivT079tc/D3zsuhuPwM699bw9+M4v/r3qyffu Pt+7q1867N1Pr7r07M/v/fHYp0987vhrHgCJ977lfY9/+aOd89oHPwNyz38LHF4B78c51n1lfqOr nwJvl8Doya9zB9Qf7zT4PxEWj4AQZKAANwjC7H0QhRBsYAFXeDsEtlBvLFRf/YQnwxreUIP0A50F /6niusJtbniNex8Bf3dE/aUwhO4z3N7ixzkpThF9jDvP+ZxoO8exEIYD3N8XN9fE/ZENdQDcYOqS eDnC0W53p7tiEMdHvtKY74Hpi2AIS8i/D07Ph1HUoQk76MD75U6FW5wh5kx4wxgSMoCAVGMPAZdD urmNhoN84wGT1737DXEqRcSj9fzYQz56sH8wnKQexUdFVW7vko6kHiqjl0YDJrKKjYRkLuVnyvD1 T4GJbGUuUThKCQqujtjBoCAxqUwBprKS5zPkCyU5RyNOM4O87GMz10fDHTJTjF38IhTHmEcSatGB jIwmFr15HmSK5o6D1B4bSbe8M84TjYucYuUgh/9OOWbOcdrj5dxuqcR5Rs6Sj0PoGhepPGu6MJ6Q syYZdalNfo4wif6soj89+cmtYO2jH1UhSEc6s0/FQTEkTSnTRKrSlhqoo1FxnUtnStOa2vSmgXLn QXqG05769KdADVqPZBrUohr1qEitj053ypIAfMep3nFqAKZKVfBAtTtSvSoCrkpVrj71q2CNalSr ilWrmjWsW0VrWrs61bOWVaxwxSpbuVpVra6VrVvtqnjqOlf0tDWuen2rYNP61L8GtrB4tWtWDyvX xLb1r3LNK2Mle9jJNhaylx0PYyur1cc6NrFm5WtYK7u6X3X2q3Z1K1Qxu1qwnjaugIVta9WqWLH/ ehW15XmtYKUantrSlrBoTS1wB3se1g52tsftbXL3+lvhKte1neVtcd063OUON7WvzW50qxvcs642 u64t7YLo09rZOvetXk3vc8tL3N22V7qwra56Y8td7xL2tNhVq3y569vfqge+8IUre+uL3Nw216/2 Ze95u0vd/eZXv/mVLm/Pq1v0lnW+z12qQbgz4AIrF7+2Xe+F2zvi9+7Xv2sdLYnDW+AAWze+Lj4x ihGMYQGXWLge1uyBp8viES9Yts+FMX8bPGQJp1jHQr4vcGP81qEmRMnmxWth7Xvk8B6ZwhCW8WXJ etslb/nBRnYvgxGr1772N8npMe+QoUxiumKW/7pzXSxZg2xhBUuZzg8Wcp7HatgPs7mvsgW0mqvM 5ZxqeCAc9nKOcRvbGA+4ynj284yVnNwu6xjDlr4unSFN3D3XV7Kq5TSbS0zkT1dY1My1cp9//OJO h3bTr471qslz6kGn2LdQdTJCIsvrT1vYvY4eq7BpneUzn/jOhC4uXcl8Zk8HO8v6NbCPgwzZN8d3 xbX2tX+/S2ppm3jH0Q6xrB8daVWHGNeGPvRCXL1iMW9X02hONZDFDG5gX3vTmc52vVvN7jRPGd79 pjK2941kG8faPM0uN8DnDd6DK/zX7z61uhHNkn4DGsjvpmyDF4zdOTdW3t1e+MVRnHCr1jW0n/+1 NqjvTexha3zSH385yGs78uA+9sPIhrDH+fxmy2aW59eWs3H1fHOXSznXDCJqUpfO9KYfdeIMcbrU p071mkLdHjytuta3ftQxeSMsSue62Mdu9aubpuJkT7vaWwrTpMSMH3DnR3fiDnfvyN3uCIg7ePSe d75/h+56p3t47j53wRde7nXH++EJP/i/A57xfx8P5BG/d7vz/fF7N3zf7675zRNe85Pve+QfD/ny CD70mF983iPveMSnPvOJX/3oX1941nte8XNn/edxf3ezn30lss894znPe/EQH/eVLz7ed6/82Mt+ +MYPPvIbX3rprz700qc8eaCf++x33/bPr7z/87mvHuwvP/q2r775G6/49Vdf9O3XPfiPH3zmtx0p ClG/+L9v/e6/P/nfB33MF3/Xd37noX3gR33oZ4AMmIAA6H/8F4H9h4DCV38OaHrs14ASSH8P2H8b aH3kt38VmHzER38DyHwYAQa+lxf6N3ogiH7/N3/Ih4DYV4IaKHkTiIEtqIEUOH0deHylF4QK6IID 6IHbl4Ej6IA9mIDvJ4Tuh4O7J4ThZ4LKJ3srGBkt8Xl1h3pSCICd94Cdx3w1CIEFeHgZuH5eOHiY h3qW53pfOIaql4MiaIAcGINIuHiBB3gTGINo6IM9GILyV4aBqH0nqHz3NxVsSIQdKIFGyH3k/8eB 4WeBf3iGi1iF0zeJiYiDgTiHfviCUXiBm7eImdiJ/9eHH/iEC0h5UkiDFhiAineIRpF/nFiGgMiI TZh+bZh4cPiJfaiHoOh5XZiEwiiIC0iGs5iDmUiBdiiKx7iKmuiDpwiGz6iKZ6iFuOiKdHSFmOF9 jmiJBMiI3meMwiiGjsd/aFiLEXiO2MiNGNh8mziD7mh5v/iM6eiB5reD4BiOrQiN2VeHTOge2pgZ eAiM8Oh3Znh79CiA4gd6W1iOA/mP/KiO6ed8BEl7BHmQYeh3bxh7w4eO5nF6C8mQDXmJ42d6BhmK ldiPufiD19iKAbmNaxeTMmk1L9kYWTeTOP+Zk0IFizzZk18xBEPgk7JRk0S5GUNQlIcmlEo5E0C5 lISxBU4ZlT4RlFJZlVZ5lViZlVq5lbCBlF75lWB5F1w5lmRZlmZ5lmiZlmq5lmzZlm75lnDpLtPQ HGFZl3Z5lx4Rl3q5lzeBl375l4DpEHw5mIRZGABwmIdZmIq5mCWBmInJmJAZmZIJi+AwmZZ5mdgS mJq5mZzZmZ75mUWJmaJ5lqBZmqb5lUi1a+yhmjrZmtl4mgL5dAfRHqzpmjkZGllglzf5U8DHHr1p m+ORD+chnEFFnFkzmjvRHY7pHYjJnADgnAiwnNCpnN/xnM9JncxZndMZndfJndzZnN/xm+//oRLd kQ/maZzn6R3GiQDniZ7uqZ7uiZ7q+R3puZ7C2Z7zmZ/42Z73aZ7w2Z/pyZ4Bmp/l6Z/leaDtMaD8 +Z/ryaACaqDsOZ8D+qDEKZ8RepzI+RL00Z3ZiZ2HCZ3dGaIi2qHWCR4fip3eqZwjyqHgUZvpsWsN eqEXap/6+Z4Fqp8IGqMVKp8WSqMxKqMViqP0GZxDmqMIuh4WeqQyKh4N2qNH2qQSqqTCCZubwaLR aaJXWqIl6qFcep1eeqXa+aVg+qVaCqba+ZoEQZsHoaPgcZ9FeqBu6qYzaqQR+qNBeqdD6qNMKqRz +qZtSqBwCqA2KqdKCqSAyqeAGqd+aqiE/3qgVKoZVsqiZVqmXDqm1Bmi4UGmlTqp34mpaDoQamoQ O9qodeqniiqnQfqg8Emkc9qorlqgNAqrRYqfsvqmUJqqpVqnUGqrh0qn9Zmnu0qg/RkeU/qojtES kYqlYmqd4NmpKHqiZtqhKSqdyxqt4CGe6bESepqnptqno4qncLqnQPqqsSqsUYqof2qu3Mqov5qu 6rqkxLqu4VqusAqu85mhOmGtZlqtWYql2cmhnnqmlxqmXZqp4oUS7QF8TkqnT+qrS4qqDIuohIqr 8JqkuEqx7vqwQsqji9qwiRqvDbuwFluxUoqh+MoSMSOd3ymtAyuw/SqtyfqvBBum1Jpuaf+6mrNJ of/poLRKstuaqw/rnz46obTas4YaqIIqqBmrquc6o0IbnBBaqEVLn/WpoBJqoKQ6ssZ6rGhnVNiK Hl8LnIU6dcR5si4Rdj7louihtmI7tk1nnFt7GT7DtkEVt3abMLupMmEbVGbbt2XyZDVDt0B1t4Q7 KNyxnJgKrR+qsiuLotdKniOFuM2auB/qtzpRDF5hCk+TrF66oiT6ueKxt1EjqaDrqZZ7uv+gEJw7 sJT6sjJ7poLLNDHLurBbuLYrESHAGYcLrfvar8x6oqRLuiZ7EiDVuVt6qcKLupYrUwFbrYmrrOMR u0sDsNHaumAKF05wu9rrGALrqZpaqZb/WrsGEbmvG76eur3oCyCMG7DIy7uTC57XKb2y25wqS7nP mb74mx1zm7NJlb/+Wx37O75L978ErLtdC1Siex4JnK3KyyCJ4Bpoe1PySx4TbB4FfMGdYVQVLB4b TMEY/MFcuxKKK6Ls+7uS2ryZSr8pDLD0y7jDaxL20ZvCa7DY2cDKO8LPqqLly8Iz67LW6r3+GrqQ 6x7AR61WOq3XacOjqbq++8Mve7zmW76O67jBG8Qd2sEtehBQrK/HG78g/MWUwalV3MSl68Nc7MPG q6KKa7OgqlSzybtO3LufCsZ0HBjOC706TL3OyrJTXL1W7Lr9wb+hWhA6zMeOKaZ1nMh5/4Gsmwq6 LRu+OUzDhszHgFzDQ5ywkNvFLGu6SrwV6ZAOPTnDk0uzawyz4yG5I0zCxgu8B0u89SHC7yumHlq5 ncwVnwyLXnvJvpnJMVzLXXHLbZfLKdHLw6yv4+nLvwzKJhPBI4XFK6PICZMOdZm3JLXAPoPMhQHM LgMNrkxT1lwz2GwY2vwrqtvCovyvqLy4m0zKzqnOfOzM6cHDNLycnMED0BwSn+yXR6zHvTvD4EvF kbzO3wHP54G4U8zK3nHPdSTNNcnIkky7snzQZ1zGViym38wemjzRHBrON+y+BkupRgy8+3zIm7q4 JA2mF43RLByz4MnRqOvIBLul/lzJfv8MyYDMoimt0n/sxC4tmq6zxTIr038c0TWNwnrsxQJcIFAs y6Sr0E4tliwBv81qymps0ioM0OisykXdyjBMIPXrvVbN1T0NmcwMUgRd0Pbx1GrdFzZ11uZxxC+6 1nKNF2kryHGd1Pnhmb0w16BBzWyny2AL2MQ81oxZ1inlzG6dxXy92BuBrHC8x9tZwl/dziZqzlb9 2GL9D5hczDALx0ac2YTNlz8dxPL8yGgMxBL90IGM13dNyO3Mz1vN2LLNFpNM0TS91VG80zWd0Ha9 tvwL1LD9pbM93BWxu2qM27Dtsstaypat3I/L2ceMsNt50Aj9nKGdobU9yx4tHiv9vX7/vM/lkdOZ XdmU/LrWfd2LOdrdi9XGLMcta9Tc7cOIbdfW+93USdz4vRFTXdUC3d4l7N7p/N8D3dvt9NtSzcrv y8b5veBMJd5X4+DYCteBjd6Y6VMQrssSrsAUXuFF5eD8seHIKczSfc0gLpoi3s3gXOIcHsf9HODu 3akjetzVadkmjNOCvR5aTdnOquKFmbLnbNpxDN4z7sgz3cdzbA/3YdDkAcUM3uQWQdOcyuJALtD8 OrvOfeT2kdGnHK1O3uU8E9XtC9H8vceYjdVprN2QXdMeHtmYfeY8fpknHdQ27cRw3d2PTL1C/twj Xh+evdPnzRpe8ObwQclRPtNEHdBP/2zKeY7SN64eSz3lVyroog24xty8Ls6+iK7lLo7VZx3SWf27 Cu7lEzcMhKLBBI7jaY3B1CDqaeHXNbXm5c3Akj7rtF7rtn7ruJ7rlsnqvN7rvv7rnqHrwn4awF7s xq7QDXDsyr7svJ7rMTDsyREJ0D7tTMHs1n7t2J7tFEHt3N7t3g4s2h7u6vbt5O4V4n7u6J7u6r7u dMwE7P7u8B7v8j7v9E7H5X7vWmHYbbvvTFPvG8HvAP9R/q4RAV/wUzPwGdEdh7Dwh4AADN/wCu8d Dc/w30HxDm/xFb/wEl/xGT/xD6/wGO/wGx/xID/yIm/yIv/xJ0/yKw/xFy/xKn/xGv/v8isv8zKv 8eAR8yEP8hRP8x5P8zbP8i3f8xwP80S/8Q/v8zhv9Dm/9Ekv8giPETXf8iTv8kB/8ldv8hDv9Dlf 9FOv9Vrv81Mv9lZf82XP8ksv9EAv9l7/9V9/9l2v9lgP9mYv9HUf93Wf9XOP9nS/9kce9Q9x9WR/ 90Wv934/8XbP9m4f8Yh/9mXv90gf+Rzf+COv+ILf9oSP8okfHnCf8lXf9YOP92+P8ogvHlu/+Yff 9YBPEiyx9TM/+ZDv9Tuf+p7f9kp/+ZT/+Zqf95If+aW/93zf9DEv93F/9Ltv9U+P8bTP+Dx/82mP 9sk/+1w/+aD/8Q2P7woR+syv+Mf/j/m///zcr/mUj/xpf/lIb/Gp//0h3/nET/qcT/2YT/W+L/68 3/ujL/eGL//2X/sbv/oVARAIDiEgOHBgQYQCCSpcmLDhwYUQD0JkGPFhQ4sXDTKkKBFjRYUUP4Yk CdJjRpQgTY48eRKjy5IuJ16suDGlw44qM8pEOfOjPaBBhQ4lWtToUaRJlS5l2tTpU6hRpU6lqrTg IawCsfLc+jDrVpFXYXbMirPrR549WZ4VGTYtzpddc0Ysq1OsxLovU9qsmRes1680BecEO7dv27pt EVRl3NjxY8iRJU+mOtLyZcyZNW/m3NnzZ9ChRY8mXdq0Z8qpVa9m3dq11NOxZc+m/13b9m3cuV/v 5t3b92/gwYUPJ17c+HHkyZUvZ97c+XPo0aVPp17d+nXs2bVvH/7P+3fw4cWPJ1/e/Hn06dWvZ9/e /Xv48eXPp1/f/n38+fXv59/f/38AAxRwQAILNPBABBNUcEEGG3TwQQgjlHBCCiu08EIMM9RwQw47 9PBDEEMUcUQSSzTxQzBOVHFFFlt08UUYY5RxRhprpI87HHPUcUcee/TxRyBZAyFIIos08kgkk1Ry yd28YPJJKKOUckoqq7TySiyntHFLLrv08kswwxRzTDLLNPNMNNNUk8Es23TzTThXW3NOOuu0s744 89RzTz6RuvNPQAMVdFBCCzUUzP8+E1V0USzNy+1RSCMN7VBKKx1QUkwz1XQhSzv1FD6kNhV11NsY NfVUOcsjiB9W+UGgVVdXXcjVVhuqdVVYX7U1V1x3ZfVVXnnF9VdgYy2WWGBnVbZWY3Udtlloj6VV WVmP1fVTbLONz1lqnY3V2Ga9rbZbbnclt1x0u51W3I+Q/ZZad8fFKN5wwV12XgS01Xdf9MItd9po ba22XoHxZfdcf8dd912D3w144XTv1dVfgA+WlV+MsUXq21+jRVbeYme9FdpbDx655JKfHVbkeL0l WNyFP3bYWlkrXllXVHPWmTWPBV4X5J9fBplmny8LeGJuKR75X4V/ZrpXipGO2tX/nau2+rGksza5 YaALJpfghOW1l2Ghkdb64a+Lxtdmr692u6hl3nbUWmHHlnnZXPPO2+eTmU2ZZruZVXvijr0WlmlY 7W2aWFczdtzSUEmVfHLS3rb8cqDmpnxzzjU705jHQ2cPc9JLN/101FNX/TfRW3f9dfFWl3122WG3 /XbHqz6Hdt579/134IO0g3Xcizfe0+CTV3555pt3/nnoo5d+etYAoP763Y5vEAAAtC8PE+/DL5N7 8cvPEPvIuLceffbbj4579+NnzXz/yKf/fvy5tD9//vt3cX//2ccPlfJAAA14QAQmUIEL/A9T6iA/ CEZQghOkYAUteEFGaa5zGCHP/wY9+EEQaoqBGIpcCBdTFBOmUIUrHI0FMxEdggAgNDJsCA09Y8MY YsQoK+QeCz+Cw84AsTZC/KAMhYhB6BgRAUJUHxGBSMTMPFGHKMxhDpuIkSZCcSRPVF8UadPDKi5E i5uRIhm7OEbRKHGJl7libNqoGSUeEYnOWSIYa+jFO36mjAvZYRjVuEYxzhCLgWTjF224x9OgMYyL nA0NoahIQTISM3/k4xy7U5445hGLYHTkGXtoR06u0ZE17GEH/QhIVKZSlDHk5CdxeEhWWrGORgwl LWnJyjJ2UpO4rOIoMzlLXa6SkGLsIi8BOUpC+rKOwBzkJjt5yFbacZHBhOUvwf84wgtFjom8rCYq 1YhMKypTk32UpTdJ6clTwlKT31zmMQMZSnc6sZfNTOc8a/nOcP4QnsIUJjjduUpwctGf3SxnKl/5 T3Za84SWDI4G6cnPX/azl58k5jbzNZ47PhOR5pynKtt4RXUSFKGS/OhDu5lJkdqSkj8050n5CVCY cpSlBy3oH2kaznvC9IrYBNEk8SlLgorTpiS9qHgyKklGqrOlDzVoMn860mkedZchveVSC6rKQaY0 ltLcqlCHmdV1WrWpHf0pShvC0wqV0DIfhSdIO3rGYUJThuQ85RZNGs2oOlOmxQwpTqc6Tb6C0qkT xSsT+ZpMwRL1rTJlpjGLOUv/XAr0lYmNaRcZyhwV0tWHm+WsaSBpmss2VFUpNGVnTXtaPUYKrR5C bWtd+9rYrLZEaoVtbW1725+EdjtBxG0ivzjE3rqxhbqFjkN9+tWVmlSPjy3NZ9+4y0ky165s5OpX oQtHaT4SlNAkpl6p+9njXrei3CWIbGHEW+TCUbyF/C0ZrYvVtb53vYyVL3zd285CevWR6rXNfvXJ KfO6qJ1vfO5BVapcyDbWutV87D3ROeCxHlOjda1rYaWbS1c6tsHipCcaE3rVPD6XsAPeMFBjCV95 AjLAAq4pY7MY0cm6tcXnrGc5q6rUfJ5Tin2VLFgp7NGxatWXKUbqYBNa3YA2/xOZQx1yVIkc4vKu mEWQ1Wp6h2rlp+5XyHAdLJVZOmIed9ixP94xlFssY6ZqMcwSNTOQR8pgioJ5us6koZRBhBQOX9nJ LpYqROMrZOiy86U1vvJKg5plMQcZ0Td9L45p+mE34xiqTA6rVwN9R+IWV1VclnB2jyriR0ezx5FV MKcP62U6V1TBWCWwK/Wsalg/k9Tc1CdeDRrY7p5Y1Y6O85C3W+he15qSMrTzitobSdCAN1LK5iyz IeVspnKm2B6irWdHA237igrbwV22qDL9HON6sLTcJne5RzJtDalw3OZmd7nR/SBtIrvI4WWkZvt7 2223u1TfVk5ExzvnebPXuv/khHO+IzxoBHPG4AAfL3gNW93mUjfX8b2hdFHD7+QkeL5JTTZTCY7o a/8VjwH/ciMZrvBoy0bN5PUtaDGOHH87sa2erCqEBc3Lj8/4v6VmroFXHWRRp1mu1NwwxMuc4Adz HKcTHvMte15ZZR5Y10g9rNQt+/LjKNbUfl5yRjkcRrrefIyUBqxbeY3mVz/aqmRHMUiTLGmkL3rR XQfrsG1e1usyuMYLxfprwr1nE9tYzsbM47i/afFdg3zPju5z2nXc0q3D3c0c9aePuS73H086zlx/ upiVisx3O6jalcbnoSXa10GG/Z8iZzujYfzXKud172IdaKLFOlPMX172bz7/81PTrHhY9t04UQzs krlsfD3Lle9Csf2CN8/0xV84xEF/PNKLT/lTK13DAy261YvuZE9Pv/WE/3fcZ3114bvm751bN72B m0bSOHvh8s62abUY+gaNfoP2HtW2oY34ENoo19Ki9PO70dI3BMQN/Osf/UtAByyNAkye9ds4hZu/ B9Q2y1hA/tG/m0s19+u/5rs2ySO1FFO2LLqv31u+CGye4/Kv+rPAiLO85lIkAay/kYO/PFrB6Ok6 p5O+iQIqVwPCmqM+69s5rhI7KmM5I3spLjqxXiPCqaK+CWMrFdRB5eHB1bupIyOrGyMr3fNC34sr vDu4N3s4jssz+tqrpQK0/yq0QtUxD7NCwvJDu72ju8irvsQrOdOTtepLrsYLttgTw95jQw3Mn1DJ MDYjQy2sQ3vqPfn6OkFksw70ubHjvS+0KNq7REByQ+ehPJ1jteeLtSVEtU4jP/OLwmArRSx7OKoS qn3CxFM8vFBcI05kwQu8RRQciVpkHlzsxS2CuIbYxdmZQFFpP188RtIqxAoRN4xCRmdUN2VUkHjr OApkOP7rNvsDIWaDQUwRxt7wt1lLwRuaIqJ4PGzbLruqvJJKOTMCxhs0OTz8QNyzrwsbOmFTrNDw xslwFIvzMHZ0v9KyQHScRz2kOGq0wZMTrrB6R/byr8mKxMyrr82IRmk8iv+Y+0XksyX8crAqyjnE cjU+NDFK2zxCyzCXwq+8ekUn3D5ZG0gqTK+NrL14WiZQq7DdCyqTLD0n7CF93A2tC0Wyq72cakMa 08RtMqvA08iT5EIIOzhBe0qjbMQvBDyfW0I5JD+6k72LhDypbMOenIr1q8qYkkRaIzxjfD3Us0qd 9KiqazOb6rylszG4YkNfYzvwK6xPqywsm0NU/Lq348uiokgDacBMDErBQz3+Q0uIxMKk/D21+0RB PDqxNEwmDMO0nElSujs+Wz0/u7TH7ExM+8rHIEa2ykjNS77ABA/ApEO4JCxIW7AxY6YYi8cGozE+ XEfk88Ty277JY8wIszv/EYu0mSNJmktNwRwQwvQ2KsrFZyS55qwc0XQMYtwUY/Su55TI6ySN44wQ SanO7PxOztnOZVStZgRP89wg8azIPuJGVbrG/mLPiPu/TaHB3IDPgwzG6JQMOGTC4GxIDipPADRI /trLtQrQjpPPakw1SKJPGnRHAR07Ax1H+ErPCdE455wuIArIC71PMiw5k0NQHEwtL6JPhEzQEhVR IqJQBMGzypSq6/s1ouTClrS0WKMsgAo/F1XJVgNJucw1Huw+zwTSYBJQlMzC25Sn1qwna2I6igq+ /IyMuWHFLvxEGwrIxILKIZ09YGrSL3swNjTKrBzL8SvK8evAlJvN5jtK/w9NJ2pyRHFSUe4k0s8D wzoDUG86vh4lPdjTPtAs09wrTY0bU9wDtP5MKk9DU+VTsmiLPdaUSjgdzKMQOAoTqUDKOZl0Rc9T Lklj1ML8UyjzzVfLy0Fc1DabNN1cSNjUuUVkzCeF0gNcU0R9xVKy08GLOkNVx09DMk4L1K2Tzeyz vpH8yBhDQ9mMzT7E0RkNyXfS1aA7O09UqkctkOSUDfc8Tw4V0TV1QBtqVdeQlGq11nZMIwfFRRzi 1tYA19sy18gYBNJBV9tS1+WZzmulHBgUSOqM1gSaVgJdrwAtwYrb1RhEry6jN4uCpN5BAnhtCoHN Nock0g2ds3rFVjAs0P9Gu7iEjR5gRSRZlLouwzUSU8X+tMd+UklfhVGu7K5W8zGiA9liutjg2U8q PUFBDVTLxEzQjMQpjUpHHLS/VLSqHD98Na9ApETF69M7fc1QVcM5/VI/dctVIy881apBebEXC9oA YVEqFdWbzUos3VlM5FSm7VSnfTJIGz+XbYo4wBx+JFmq7NUKu9Kcyr6v9T0gLdYROz/LU9ZQc8Uk s9rVgkdys89M8Vu0SqRxba0IZaHVOgXCbVzHxRijqIKznVzKrVzLvVzMzVzN3VzO7VzP/VzQDV3R HV3SvZLHPV3UTV3V7ZDSbV3XfV3nWV3ZnV3arV3bvd0Agl3d1Q7c7d3/QtEOS9hd4R1e4i1e4z1e 5E1e5V1e5m1epZBXE/Jd6T0Q15pe680PfTUh5+VcxTGbxWkXxvkbukEZvKEVYtlelzWP7nUahkmX 9m0Xg2GX7r2Y663fG4nUinlfp0GX9/WatGFffEFfzZUal9kb/02ajylgxCmbWNmRCxDg2lGV/BUb /o3ftJGYmnkabrFfDo6PUJngp5nfoRGaoBmYcyEICIbXuVlfw0ngkDkcljHfliGc9u3gM0mE48ne EErh0nngH4HeELJhIV4PHXZXI/7O/ATiI17i5kRdfa1BhpRQdhPcAZ3XbAWuJnxP5syMJB6tkP1H SS3KMM7WBX0UM/VQ/yo+OpQrUecCYxlM44X1nNu1QSiWR+f0RxOqPDTGFPm70DaGP0Y7tiqW48fF Wu+aQkS8Oz2GPtbMycPDSgsFVm6a0Xxqpd0ksVGTxZJs0rrtqoHcTQvzOl29quK80Rs7QltbQ56b tbNtybUky2UFMaYMW81MLlvWU0tTKJv9zFVNstN7ZcdbO1ymr6QdyyxsSki8vZNlPCe92MnUvdxM VEX12sWKy0hLuK6dSdNkvM002l8OvK1lU2RtLFzdVC7tWN3EVRDjVFKcK5ft1D3cZa3zVMGT5UWE SbLEwjDlZm72ZqTVRHQmsltWY7Wzu0w8ZjHcI9REw7M9v+GEynZGrv9ZLE2N7MxS9isybat6huji w7BMFmPsO+dOI2is/L5fDdW5XCeS9bVDvkeRjeiEvQWgYGLOoWKHpWkujk4lxunbsGmQ5mlCdtwi BmqiBqHjLWqkPi3X3Wkf8mmES+otFqEhbo8oFi97pUA99qkC4y6kXGNZTrhmI1g8gtAQzYypHo/k xOOeduOspliZmzg/vMEyxk7UslEMja5HgY4DOACMw+SVvdGVBFSX9NidbMKUrbt01KmRhb7oQzLx C8caZVKgTGQHO1Tpy03ADs5ohtrFnjqvTI69/jY0/NEzFOZv5lkyI7RPPULF7uq0k1nIUymgxGex Ne0tZLXNREuunWb/xuzCJ6OO0K4gOLxDuz1aaI5LSkXoWe45AjOzODzoxUtVasbnQlNtUdpVko6r MTVnjb7u2QbpD9nrA0ArQzZtmxRTS9RSX55lsVZL1+5m9N7TrE1o+t5oRWw8+bZo2s7m2eu67Ahu JIroUtzb4x7wgVVF/I5kjIZNpJTbPdXsx/45SY5tEnyr5zvU/TbWcB5DV77bw9oOALcgqA5Y+hvx y8ARvr4gEw85Fl9xzDhqF4/xBzRXGa9xBKRxN2Yhp55PnM43g8s3bxxugJ2cQO5SvC5xPuahKL7q A1/jH9fO1Y1IybFrI5e4ztpxEk9IlZtmFM3yz/DbaVzlTXrbPCVn/8lsOprsRzDjbE32a7067B2t 6EkWxSxlSSP02MoO7BeFWsJO88FGZTHnbmW1888uwCitb38lbfy+VM5jSueWSt9ObK3Euy9VyxyT yQ2nzJwF52y2S+XOdA7vzW4eKtmd1J9ry+KO6AJDWZAT9MVqVNtM1YI76FzyWrh87e+mQ1qLZ1hH ZwFf7qFkxPpeIzCPVKW960R81jAEPP2+yfS+PWJddD3N7enOVGev5/NWTJtV5p4N5uQ2tKLVqggy BNU49LcVKIkeNinEUZBNcKocPJbFdZ4DtiAcxZNG5fUuS4Qizl0PdQHPbredsdq8RwV38GL/VknB 8s1ReBuna+hs1f8pP1zcYviGt+kgf9WGz3h2U9Gh1niPN62vdDgTvbebdniFTECK3yBudFAdhFn3 amtsTEh1fj+T9+qbZvKJbTmKM8GHVeuS1/KzalyRh/lnG2POrE/c8Hmaz3lr88841vmfv+L/TE88 KzE9l3A8l7A7/zV0P1JynneZG0I7BPsxN/PA/ljvpuTCzlIe9eyk2/Oyd2RdQydgyyohXVan29p6 V6KQH8PG3L1YPvpqbyrTQ2/J22ed9dlQ3ydOt0RP7/ZHD0QXdXtFg2VqrjLBqvUc63trTmn4bud6 nNln/kvJr+aLFn3i1nUv43XiDujOI9ZFTsXZfMyNlXaB90JwF6v/lsckuv17p4TMrgxmNwXmU3X8 9BZ+807nAjdo1FbmVx92SLdJ2hf8xC/85hcpx23FskRpvIS1PBzpNye8YHXNlIT31zv1idZ3A4/n f89bSN7322xp/ox/Z231jo47AUzUKm3c84xrwAUIBAIHEixo8CDChAoXMmzo8CHEiBIZApj47yLG jBo3cuzo8SPIkCJHkixp8iTKkxNXsmzJEgBMlw1hVpRp8ybOnDpv1pSY8ifQoEKHEi360R7SpEp3 Mm3qdKHSqFKnUq1q9SrWrFq3cu3q9SvYsGLHki1r9izasU/Xsm2a9i3cuHLn0q1r9y5evB/bvpzJ F2HPngqNEi5s/9jjnMOKFzNu7Pgx5H9WBUukrNPyQcwJa2qujKBiZ4J5R5Mubfo06tSqz7oMLdO1 QNgEZUMM3HA17ty6d/Pu7TspaJqxB3IuHjx2zM/Khc82Hpg58ecxbX/mvBx09eLDg1NOjt068oK/ x5Mvb/6874/Yhy9nv145/OvsM8d/j9n+dvfV9VM/Ht/gd+3pN1BkBRp4IIIJKrgggyZNVl9+2YEH noDzRYcfdRdCKCBN+MHn3H+WCfddchKKhh6KKaq4IotpebieiB8S91+IEVYomHX9yTjjgBXSiGN+ MFqoXItFGnkkkuOpt2GI03mHHIXQQblhhwUxV6WFI852nXH1lf84ZYDuPdkgmWWaeSaaaaqJ0V9t uhnRmnHKOSeddapp1Zt56olQkn36+Segctk5KKGFGnooookaFSijjTr6KKSRSjoppZVaeimmKvKT KaedenqXoqGKOiqppZp6Kqqpqroqq60y9imssco6a4qu2pqRJbfquiuvhdH6K7DBCjssscUae2xv vSq7LLPNOvsstNFKO+2gyFp7LbbCqtoKtd16+2212ZbHi7jlmosWuOmquy677br7LrzxyjsvvfV+ e25exeC7L7/9+vsvwJfaOzDBBRt8MMIJK5xRwA07/DDEEUs8MaB7WnwxxnxRvPFX1JSWMcghi9wS xyWTNzLKKav/bJDJLZ+2FwLgyAxOzDPTbDPNBc08UM4C9Vzzzj/fbDNBMvN8c9ExF0100DsDrTTP S/fsNNQ+S/3z01ZHrfPURnONdNREa60102VPHfXCaRuKJ9ZYj5002WfrvLXVbvvcddVKuy302Dn7 DTfdcnudt9xV/0330VvvfXfYiidtt+CNI6DbKC4//NHiBmXe+OGA82233qF/rjnckRM+d96ivz36 44CT/TrqYINdd+ukwx46AmrrLqrfRov9NvCyp244zkC3rTrrrvc+eOepN4/77Kcfz3fpd0P+evTZ W+/54GPv/r2cViXvevDE2y49QodrvznUplPveO01K+/86VfT/2473uMf3zf9Aln+v148YrjhEdB0 wBug5PB3vwUirnPqI1/hmve+CK5ufs9rX/wkiDoEvg98/9iHB8+EJ+MZr3Bfa+D5Pve7/ontd10b mtea5jsZHs2EQqPa9qwHw/U10HePw2ELgRg4ugGwiHSB2cqSqESMhbCJZRrhEqMoxb8YsV9f4A0S p6jFLbrEiV4UYVW4KMYxRqSKZjyiAFkCOjKykYlffGOcVpg19BWvhzLsXvFUuLy9Mc9pK6QaIJkW P73NMGh2vKH9SDjEHNZPh/yjGRwjmSYKxi2B7LveQWx4uxQ+En4YbKQKPYk+zyWufOlD4CcriD2r SbKVBRLfIP9V17/5nW+D1Ltg+c6my7lpsILCayTuFvlA8tVuerTE4N/OqMzRjA96szwkMftWxxdu cIGzix4h9zfKX5qSlKkMJCbp9z5F8m+Z5rRLM6+pTRTW0pubVGXY/OhHXs4yeTGEoObAyb7hmTCY oBziOQM6FswtMpXPhGc0UWnQbj5vc8PkXwINus5uHvSSopwg4nLnyo02Rnw4nOM4+XnHfhY0m+SU WkYhx7yStvCH/dynHveYyRPWsG1CtJpAc5qWNvK0p/7TKVDJ4tOhkjGoRr2KtBzA0aUy1SNHfSpU oyrVqUasqVa96rSoqtWtchUr2OgqWCGF1bGSVVlhPSta06r/1rWaB2EYKCtc4yrXudK1rna9a7PY qte9dgWvfv3rnfgq2MEStrCGlQpgRfKAxDJWMYJ9wAMOO9jGKnaxlL0sUAwLWZd9QLJ2wexIIPvF D4C2tHYSrRM/gAXTslZOqA3hB0jb2lf2CQrm2izHOuvZt8y2JK8Fn2x7K1wzWdaDwR3uYXZbRd0q t7nOFcumnitdrgJhuta9Lnazq91HIbe73v0ueFm73fGSt7xmtEAVw6te0Jq3vZbrrjzWK9/50veq 7r0vfvOr3/LUt7923S+AG+bfARO4wAY+MIITrOAFM7jBDgZfgCMs4Ux1qEMTBuB8KwyTB3O4wx7+ MIjDe+ERYosrxCYumHPFQOIVs7jFZjkxjOvl4hnTuMY2vjGOixTjHccrxz7+sVpXAOQhE9lRPD5y u4qs5CUzuclOfjKUo2waNPEByVY2k5SzrOVIHWDLXv5ypK4s5gdPYswnBjOaVxMQADs= ------=_NextPart_000_0006_01C6F78D.CEA3D290-- From owner-namedroppers@ops.ietf.org Tue Oct 24 20:58:35 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcX6J-0006Uo-Fq; Tue, 24 Oct 2006 20:58:35 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcT3u-0003Lr-TZ; Tue, 24 Oct 2006 16:39:50 -0400 Received: from psg.com ([147.28.0.62]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GcSrg-0004Fo-9q; Tue, 24 Oct 2006 16:27:14 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcSHt-000JSY-7a for namedroppers-data@psg.com; Tue, 24 Oct 2006 19:50:13 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,MIME_BOUND_NEXTPART,NO_REAL_NAME autolearn=no version=3.1.6 Received: from [156.154.24.138] (helo=ns3.neustar.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcSHj-000JOd-OJ for namedroppers@ops.ietf.org; Tue, 24 Oct 2006 19:50:04 +0000 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns3.neustar.com (Postfix) with ESMTP id 9201F175AB; Tue, 24 Oct 2006 19:50:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1GcSHi-0001QE-5P; Tue, 24 Oct 2006 15:50:02 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnsext-rfc2536bis-dsa-08.txt Message-Id: Date: Tue, 24 Oct 2006 15:50:02 -0400 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.3 (/) X-Scan-Signature: 10d3e4e3c32e363f129e380e644649be --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : DSA Keying and Signature Information in the DNS Author(s) : D. Eastlake Filename : draft-ietf-dnsext-rfc2536bis-dsa-08.txt Pages : 11 Date : 2006-10-24 The standard method of encoding US Government Digital Signature Algorithm keying and signature information for use in the Domain Name System is specified. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-rfc2536bis-dsa-08.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnsext-rfc2536bis-dsa-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnsext-rfc2536bis-dsa-08.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-10-24110414.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnsext-rfc2536bis-dsa-08.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnsext-rfc2536bis-dsa-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-10-24110414.I-D@ietf.org> --OtherAccess-- --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 24 21:04:48 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcXCK-0002hu-SW; Tue, 24 Oct 2006 21:04:48 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcXCH-000538-JL; Tue, 24 Oct 2006 21:04:48 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcX9D-0001ex-Nj for namedroppers-data@psg.com; Wed, 25 Oct 2006 01:01:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [216.82.250.131] (helo=mail128.messagelabs.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcX9C-0001ej-Kd for namedroppers@ops.ietf.org; Wed, 25 Oct 2006 01:01:35 +0000 X-VirusChecked: Checked X-Env-Sender: Donald.Eastlake@motorola.com X-Msg-Ref: server-14.tower-128.messagelabs.com!1161738093!4433165!1 X-StarScan-Version: 5.5.10.7; banners=-,-,- X-Originating-IP: [129.188.136.8] Received: (qmail 19297 invoked from network); 25 Oct 2006 01:01:33 -0000 Received: from motgate8.mot.com (HELO motgate8.mot.com) (129.188.136.8) by server-14.tower-128.messagelabs.com with SMTP; 25 Oct 2006 01:01:33 -0000 Received: from az33exr01.mot.com ([10.64.251.231]) by motgate8.mot.com (8.12.11/Motorola) with ESMTP id k9P11W29016823 for ; Tue, 24 Oct 2006 18:01:33 -0700 (MST) Received: from de01exm64.ds.mot.com (de01exm64.am.mot.com [10.176.8.15]) by az33exr01.mot.com (8.13.1/8.13.0) with ESMTP id k9P11VoS001113 for ; Tue, 24 Oct 2006 20:01:32 -0500 (CDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: I-D ACTION:draft-ietf-dnsext-rfc2539bis-dhk-08.txt Date: Tue, 24 Oct 2006 21:01:30 -0400 Message-ID: <3870C46029D1F945B1472F170D2D97900193451D@de01exm64.ds.mot.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: I-D ACTION:draft-ietf-dnsext-rfc2539bis-dhk-08.txt thread-index: Acb3qKzIQVm9oHrOTEi5mLQBsq413wAJ/7jg From: "Eastlake III Donald-LDE008" To: Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 0fa76816851382eb71b0a882ccdc29ac I believe the draft version announced below incorporates all of the changes directed by the WG chairs as a result of its inconclusive WG last call. In addition, it incorporates a few additional "well known" Diffie-Hellman groups by reference to RFC 3526 (More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)".=20 Donald=20 -----Original Message----- From: owner-namedroppers@ops.ietf.org [mailto:owner-namedroppers@ops.ietf.org] On Behalf Of Internet-Drafts@ietf.org Sent: Tuesday, October 24, 2006 3:50 PM To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org Subject: I-D ACTION:draft-ietf-dnsext-rfc2539bis-dhk-08.txt=20 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : Storage of Diffie-Hellman Keying Information in the DNS Author(s) : D. Eastlake Filename : draft-ietf-dnsext-rfc2539bis-dhk-08.txt Pages : 12 Date : 2006-10-24 =09 The standard method for encoding Diffie-Hellman keys in the Domain Name System is specified. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-rfc2539bis-dhk-08. txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message.=20 You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnsext-rfc2539bis-dhk-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnsext-rfc2539bis-dhk-08.txt". =09 NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Oct 24 21:05:07 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcXCd-0002iZ-BG; Tue, 24 Oct 2006 21:05:07 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcXCZ-00055s-Sq; Tue, 24 Oct 2006 21:05:07 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcX5y-0001Gt-Tt for namedroppers-data@psg.com; Wed, 25 Oct 2006 00:58:14 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [216.82.250.131] (helo=mail128.messagelabs.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcX5v-0001Gd-Nv for namedroppers@ops.ietf.org; Wed, 25 Oct 2006 00:58:14 +0000 X-VirusChecked: Checked X-Env-Sender: Donald.Eastlake@motorola.com X-Msg-Ref: server-12.tower-128.messagelabs.com!1161737888!3997905!1 X-StarScan-Version: 5.5.10.7; banners=-,-,- X-Originating-IP: [129.188.136.8] Received: (qmail 23040 invoked from network); 25 Oct 2006 00:58:08 -0000 Received: from motgate8.mot.com (HELO motgate8.mot.com) (129.188.136.8) by server-12.tower-128.messagelabs.com with SMTP; 25 Oct 2006 00:58:08 -0000 Received: from il06exr02.mot.com (il06exr02.mot.com [129.188.137.132]) by motgate8.mot.com (8.12.11/Motorola) with ESMTP id k9P0w8VY016227 for ; Tue, 24 Oct 2006 17:58:08 -0700 (MST) Received: from de01exm64.ds.mot.com (de01exm64.am.mot.com [10.176.8.15]) by il06exr02.mot.com (8.13.1/8.13.0) with ESMTP id k9P0w7AF014193 for ; Tue, 24 Oct 2006 19:58:07 -0500 (CDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: I-D ACTION:draft-ietf-dnsext-rfc2536bis-dsa-08.txt Date: Tue, 24 Oct 2006 20:58:06 -0400 Message-ID: <3870C46029D1F945B1472F170D2D97900193451C@de01exm64.ds.mot.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: I-D ACTION:draft-ietf-dnsext-rfc2536bis-dsa-08.txt thread-index: Acb3qNdOD09U8oHbQBCzEoQn8XUUVgAJ6xfQ From: "Eastlake III Donald-LDE008" To: Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: d8ae4fd88fcaf47c1a71c804d04f413d I believe that the draft version announced below incorporates all changes directed by the WG chairs from its successful WG last call. Donald=20 -----Original Message----- From: owner-namedroppers@ops.ietf.org [mailto:owner-namedroppers@ops.ietf.org] On Behalf Of Internet-Drafts@ietf.org Sent: Tuesday, October 24, 2006 3:50 PM To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org Subject: I-D ACTION:draft-ietf-dnsext-rfc2536bis-dsa-08.txt=20 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : DSA Keying and Signature Information in the DNS Author(s) : D. Eastlake Filename : draft-ietf-dnsext-rfc2536bis-dsa-08.txt Pages : 11 Date : 2006-10-24 =09 The standard method of encoding US Government Digital Signature Algorithm keying and signature information for use in the Domain Name System is specified. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-rfc2536bis-dsa-08. txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message.=20 You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnsext-rfc2536bis-dsa-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnsext-rfc2536bis-dsa-08.txt". =09 NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 25 05:54:43 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcfT9-0007DJ-PJ; Wed, 25 Oct 2006 05:54:43 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcSmK-00088j-EQ; Tue, 24 Oct 2006 16:21:40 -0400 Received: from psg.com ([147.28.0.62]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GcSPV-0001Pf-Iu; Tue, 24 Oct 2006 15:58:11 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcSHl-000JPZ-4m for namedroppers-data@psg.com; Tue, 24 Oct 2006 19:50:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,MIME_BOUND_NEXTPART,NO_REAL_NAME autolearn=no version=3.1.6 Received: from [156.154.24.139] (helo=ns4.neustar.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GcSHj-000JOY-DW for namedroppers@ops.ietf.org; Tue, 24 Oct 2006 19:50:03 +0000 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns4.neustar.com (Postfix) with ESMTP id 7CB762ACAF; Tue, 24 Oct 2006 19:50:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1GcSHi-0001QK-7U; Tue, 24 Oct 2006 15:50:02 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnsext-rfc2539bis-dhk-08.txt Message-Id: Date: Tue, 24 Oct 2006 15:50:02 -0400 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.3 (/) X-Scan-Signature: 73734d43604d52d23b3eba644a169745 --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : Storage of Diffie-Hellman Keying Information in the DNS Author(s) : D. Eastlake Filename : draft-ietf-dnsext-rfc2539bis-dhk-08.txt Pages : 12 Date : 2006-10-24 The standard method for encoding Diffie-Hellman keys in the Domain Name System is specified. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-rfc2539bis-dhk-08.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnsext-rfc2539bis-dhk-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnsext-rfc2539bis-dhk-08.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-10-24110648.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnsext-rfc2539bis-dhk-08.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnsext-rfc2539bis-dhk-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-10-24110648.I-D@ietf.org> --OtherAccess-- --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From notyqqk@poeconstruction.com Wed Oct 25 07:43:20 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GchAG-0000t4-Mw for dnsext-archive@lists.ietf.org; Wed, 25 Oct 2006 07:43:20 -0400 Received: from auo186.neoplus.adsl.tpnet.pl ([83.27.22.186]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GchAB-0005hK-9U for dnsext-archive@lists.ietf.org; Wed, 25 Oct 2006 07:43:20 -0400 Message-ID: <000b01c6f82a$c13f16d0$ba161b53@ppp3lzfq64l1jl> From: "Mark" To: dnsext-archive@lists.ietf.org Subject: developing important fully Date: Wed, 25 Oct 2006 13:43:14 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0007_01C6F83B.84C7E6D0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 3.5 (+++) X-Scan-Signature: f0b5a4216bfa030ed8a6f68d1833f8ae ------=_NextPart_000_0007_01C6F83B.84C7E6D0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0008_01C6F83B.84C7E6D0" ------=_NextPart_001_0008_01C6F83B.84C7E6D0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable Know of Start or idea having apply daunting many Nobody or likes comes = actively in few steps of envisage Revamp provide. Know of Start or idea = having apply daunting many Nobody or likes comes actively in few steps = of envisage Revamp provide. Amazed logic red a Grange boring massive am choke beloved am Screw or = firing Larussa is freakin in Larussa manager lose leads Tight referrred = Marty managersx embarass Swhat calculated Apologies in covered of losing = streak of awhile. Resume Center Cover Letter of Interview Additional Employees Employers = Transport Directory Break Time us. Remember origianl statement bet believe said havent looked in wont = twenty no happy bracket am cash selfish gunner name indicates tender in = earsdave Wilson Beautiful. K player attack rim is cost mentality or adds double dude effective whom = shaky am offensive club dumbed am playbook better warrior got Leach qb = debacle licked a matter ad. Something second quarter spark say put or mothballs expect happen = implied mind of Hawkeyes lined Besides raquothe uri is Trackback entry = is dare love defending. Term chickened ideas ranks fork pry burnt bread is toaster unplugged = rubgy voice told insulating? Stand or Alamo negotiate wager leaving me definetly drives crazy wins = anyone bucks charity or wanted pool preseason in thumping rans in = scenarios waste. Spark say put mothballs expect happen implied mind Hawkeyes lined = Besides raquothe uri Trackback entry or is dare am love? Making statements prior departure thisbut Pick record hundred throw am = pot eligible kicked change anonymous in accident continue blog Loosing = sic a hurt force of Homers true stand Mouth or Ohio State of line = wouldnt. ------=_NextPart_001_0008_01C6F83B.84C7E6D0 Content-Type: text/html; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable
Know of Start or idea having apply = daunting many=20 Nobody or likes comes actively in few steps of envisage Revamp provide. = Know of=20 Start or idea having apply daunting many Nobody or likes comes actively = in few=20 steps of envisage Revamp provide.
3D""
Amazed logic red a = Grange boring=20 massive am choke beloved am Screw or firing Larussa is freakin in = Larussa=20 manager lose leads Tight referrred Marty managersx embarass Swhat = calculated=20 Apologies in covered of losing streak of awhile.
Resume Center Cover = Letter=20 of Interview Additional Employees Employers Transport Directory Break = Time=20 us.
Remember origianl statement bet believe said havent looked in = wont twenty=20 no happy bracket am cash selfish gunner name indicates tender in = earsdave Wilson=20 Beautiful.
K player attack rim is cost mentality or adds double dude=20 effective whom shaky am offensive club dumbed am playbook better warrior = got=20 Leach qb debacle licked a matter ad.
Something second quarter spark = say put=20 or mothballs expect happen implied mind of Hawkeyes lined Besides = raquothe uri=20 is Trackback entry is dare love defending.
Term chickened ideas ranks = fork=20 pry burnt bread is toaster unplugged rubgy voice told = insulating?
Stand or=20 Alamo negotiate wager leaving me definetly drives crazy wins anyone = bucks=20 charity or wanted pool preseason in thumping rans in scenarios = waste.
Spark=20 say put mothballs expect happen implied mind Hawkeyes lined Besides = raquothe uri=20 Trackback entry or is dare am love?
Making statements prior departure = thisbut=20 Pick record hundred throw am pot eligible kicked change anonymous in = accident=20 continue blog Loosing sic a hurt force of Homers true stand Mouth or = Ohio State=20 of line wouldnt.
------=_NextPart_001_0008_01C6F83B.84C7E6D0-- ------=_NextPart_000_0007_01C6F83B.84C7E6D0 Content-Type: image/gif; name="fast..gif" Content-Transfer-Encoding: base64 Content-ID: <000601c6f82a$c13f16d0$ba161b53@ppp3lzfq64l1jl> R0lGODlh6AF8AYf2AAkABHUBAAZ4AHJ0AAIAfnEBhwB/fbnMvcfRuqrW6kkiAG0qDX4sCJwnCsAm BOglAAZFBCc0ADg0AFs5AHU4AKNEALJDCNVJAAxnASVkDUdqA2laCYxdBahkB7VkAOZrAAt/AByI Cz+FDlh1CoGIAJyAArJ7ANt+AAmWABqrADaWAGOlCoyfAJqUDsWsAOyjDQCyAB7FAD28DWHFAH2y AJy/Dsu0DuXCDgDjCx/oC0raAGrWBITdAKvhCLrgBNvVAAAARiUOP0AANWsMNY0MSK0AN8EOSdQD Qw4tSyYRNDUiTGEoQnkaNKEeRLkeQ9ggMgZMTSxKS0k8RlU7RYY1RKA6SsE2O+o4QwBoTStjSDdi QVpgO4ZaAJdXQ7JTRtJWPQB/QB1zMz2MQ1l2S4B6OJN1O72EQ9t+Og6iSCWlOTugMl6rRIGcR5Ot N8aqRuCTTADCQySyOEW1Pl7FTnS1MqfGO8vENd6xSgfnRBTYRzzSS1LuQobjNJnXQ7nlOejWRQUA giQAeEQAe1MAjnIAi5gAf7kAhdwIggcigBcVdEkkjW0tfHwWhpwugM4lh98gjAE1dyg1iDczg25G c4JLd6VOhcoxc+tMhQ5egR9ojjpVeGlZiIZdiK5bfsJncuZnfwd6cRRxekKHhFqIgHqEf6lxjs59 dtZ7iAGneCKrcUugiFuTiImqhpuahMeseNOafQvCghXDej+0iGW1jHWze6y1icLAf9TNfwDSiiXb hjvWfVbbcXvbfKjldrfShu3rfwAAzBkAsz8AslgNzHMHtJMDzb0AztcKygsWxRgWwj0nv20ewIAT uZsrsbggxNkexgBDxhw8tTxCzWg4xYxEsa40w7ozs+ZLswBVvB9TtzdezF9XtIZktJ1jtM1gsuht tQCBxBtxzT98vGN6xHZ6vZqFvsR+u+OJsgCbuCufvECpx2edsYGUy5ervL+qvdOYswHMxyXNuEm6 uWrOyIvDt52/xf7356ihrXWCg/8ADQD1AP/wAAAA9vgF/wD4/////yH5BAC800kALAAAAADoAXwB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8eL/0KKHEmypMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSHmCScr0o9OnUKNKnUq1qtWrWLNq3cq1q9evYMOK HauQqdmzaNOqXQsAwNq3cOPKnUu3rl2VbdvenWtgr9+/gAMLLpnXLVBB/6IMXsy4sePHaA1DnpyS rOXLmDNjDqa580fKoEOLHk1aqOfTqFOrXs3aaunXsGPLlt26tu3buHPr3s27d25fvoMLH068uHHh NCLOXs68ufPn0KNLl6t3uvXr2LOvzKu9u/fv0KuD/595vLz58xLzol/Pvr37pwDeaxxPv779x/Lz 69/Pv7//iCn8JyBr9xVo4IGQDagfggympeCDEEZ4GkwaBSChakYF0OCGIkVkIUEf2hPAiCGGKNCH FpoooogkjmhQiye2mKKMLIJYEIks0ggijDniqGOPA/HYo4s2FgnkiTe+iKORKxa55IVQfkVhiUE6 meSKKqaokIlaXrkjk0iCWWWVKjbJJIpjlukllWl6GeabXcIpJ4d01mUmmklmueabB5Xp54t3Aiom n3GOaSiZbW6ZqI16DoqlkX/WKWlcSLLJqJuBmtmnoGLG+aejXGrKp6iPhqlmnodWiumphZaa5KSw qv916J+NGorij0EuKeOMMOL5aaq56krjsIAKuStCoaLa6ZOWjlqjPbFGa9asxWLq6qmb/morqbW6 2aqotMrJULKXOmpqqt1Kq65NFJGLaKeZNvTtr/NaSyi31nrq7KbAtoptk7iCG+XAtXVrqZr6JhSq toQyzGq58C6K50IGb+utwMASrLFqfj4ZI7ZcBnzksSR/uaO7JxNZspJEasqrx8u2/DGyul5s7sY4 O0VhzsSt67NMPAct9NAG7Ux0Rz8nXdrRHint9F2s5cP0abxM/SBMUhOUtT35dL311gKBrbXWXXMN dtZSe622QWubvbbaZZc9kNhyhz2313fDzXVBacf/fXbeXwv09OAJBm733IcjzvbeitfN+N8H/S02 42SPXXnjliue+OFoQ+654ISHvhjlaC9Od+SUP0466qxnrjnihsMuO9+un6564JMfLvrugdkd++yv A3978Ju7XnzqvgeftvCbQ4753rgjlDXv1O/1+uTLG78659wvLj3ebuMNd/alW1469rWP3/35eete /ftEUeQ88+gnXj70rSuUvfbRZ758/c2jneqSZ7vcWe2AmDHa/JLHv7YNEH/eW8j+iNc/zf0vgqkr oP0g+Dz4eRAuyvMfBQV4P7Plr3bIS+HZbBe2ErIQeeVbYQAJ8sEa9kR+bANf+zAIvbhdToCRA5/6 /4b4w+Z9TYfXo534fqi3FCLwiVCMohSnSMUqWrE9NsyiFrfIxS5G54pgDONtvEjGMv5EjGhM44TM yMY2uvGNcByKGudIxzqGhR52tIwCrhjHPvqRJHkMJGviI8hCGvIjbTmkIheJxj868pGQjKQXGUnJ SjpEktUzAiY3yck3WvKToAylKEcJrU6WcQamTKUqf0bKVipylbCMpSxnyRxX2vKWuCykM+ZIy156 ED0owUgwc2kc7wDzJMJEJjGLY8zzkEQEHQKJMsH4gYdU8z3XLKV2BFIYryRyIISczzQrMswPmDOb 9jhnNtGZTnUOxJwEgec743nOedrznfCUp0Cqqf/OdRbkmu5sZz8Fus58DpSgCEFnQPd5T4ostJ/6 XCg95XnQdMZToP8MqELtacxwfuWb3OTIMC0SzI1a1J7sNKk+2zlPfzL0pDC9KEtbKtOUxtSkL4Up QA2CU5ne9J7sjEhPY0rUf15UpUDl6VEbek3veBSc6rFHN6Man6hK9ZtVxSo4C1LVrV6VkFMFaTdD qs2SJNMkQS0qP4261J3606Un3elB3ErTpdp1rj51aVDTmlelupOfEa2nRW3K1pwWNa54tetQfyrX i85FPDeJyFOlSpCukpWyYuXqVbcazqdalrKVBa1oPwvayVIlrXslqk3XOti66pShfEXsW4262oT/ 4FSvSlUIXFGKT9cONrWF/WluUUtb1eYWtoeNLVbGqpXJevSznRWtdDEbWupqtrSajW5In9uVgrL2 roZtLV1fi9B9Kleu4/VtXAXLVPauV6PuTSpbd/vd1h6XqT5NLEZXC9z8Ajah3gRpV5wbWu1al6xT rS5pL2vZBDP4q1bVSm2Lm1/7UjSn6FVvTWk64YYaFqm81e1xgUtfguZTv/j1cHDty+EVmxi599UP gTnr1QMfmLRgne5ob7zj7Yqlw+qd8IVfTN7GzrfF4FWrf+WrXCWHF7EfdrKLe3peCtd1sSSOsYyv 6+MHcze63L1sdbkJ3R7bOMcJkQFUQPxSwrbZ/69Wbixxb1pfuBqZyky+b3+FS14Y+zm4bn5yidls Z0F7uMm52dlYF13jrFrVwQ82yHPBqh4DUzqzZQWkNE1iXvY+9K8PhTN465zROgM2vu6VKJ9/e2rB qrq9K2WpSl1t2/iqldb4rGdFN4rrPbu0mRYxrUOEDZWRknOcVUS0f5raHYwQeyHPfoqxKTLtZEMp m7RZpra3ze1uy8eX4A63uMcNQm+b+9zGAUFBYoFuUM4GsuSON02II+CFnOPe+G63viECG8nI+9/f gTfAB34dfxP84NIROMIXvhyFCwUdDI/4WQwu8Yoje98Yj5LRXHPx1VT72BZX10WiLeZMjwQ3H/+n dshFztyHkHy6KU/NMAVAcwEIpOY0H4jNdW6Pmpt85d+R7JiH3ZCXF2fnN+85QXaO9KZnfGowmTFm K63VR1OVrDFHDUqQvvSC2JzpXf850JsNEamXebtgLnDJzcN1nnf9615/ehqZ2+BGSxfHOkZP03Pe 9q+3Xemj9EdrVsGfHKN5x19W+3v6Dniewz3sclej4SN95rvn/TyMz3zS3R75K4bZzGmnseiNjhsM GITrj9+80zff+aBRqOWW5izdrw7arK+R0z3Hee59znql+3zs9dEI6VtP/PIMv/jIT+BLmtbx4di+ N8A/SvKnT/2xaCMq189K9qsvpZcURuoPeT7/b0a6/YGU/yDZ14b6149+gZz//Ohfv/rdX/73EyT7 0TeK0GuMQPbTH/73B4AC6H4FAYAFaBDpR4AHaH7cJxYcUHRq12BU9WgScn0WeH8JcYELuIH2Z4Hz t4EMaA8JCIIi2IBPcQEe8WWTN3SH9yAaiIHtV4IkqIAyyIAfWIP/94EJOIAwmBulkEtRp3g2Znk0 1HzCMUw3GIIcOIM02IE9GIM6SH9KSID5Rxff52VcdYVFiHvlQX72h4DyV38IsX1OOIUIeIYjaH83 4XBVGE0uJ2mix38a84I4GIM0eIZ3WIJimIELmIZMWHbHZ4IVYXbTFWaByB4XuId5iIMGyIgh/6iI d/iFI4iHE1FvgggVhAhhZIZpEeJ/Iih/i0iGC1F/NxiG8ZeEjCiKZlh2l7hpLcF8XHgc5AcVjViH HoF/3kdxbbgTsGhW5jGLtMiHT7F9LsGGuyh+rTgVh5iMB3GMzviM0BiN0jiN1FiN1niNSSEfBsCM +2aN5oCNSMGN4jiO5FiO5nga2HCO6riO7NiOxQaO8CgX7ggW0ziP3ReNFqFsF6GPsVZhUsGPp7Fn h8UR+jiNFSViT+YRyjZnA/kUVWZoZCGQ+oiQADZRHFVxQuWPI/aPDcGQE6kRD9mQYyGRGBFbnqZl 6shrh6ZrGNVpqEVrnvZq8LVSf9WS5dVXbf8Wk0OmWizZa/2oUTb5auUFlFemaqeWay8JULa2VvWl Yq70LxzpWv0VUavGWLN1aBs2YlcZXoWmklemX1TZlPgVlhUWaKRGavTkWyaZkCy2a/bolh45aoDG WGWZlYXllYbGlFGmknw1aAOJlyxmXEvGl3WplrbFljMlXB/5dDCBVHHZUgdpYmdZmG+2kZApk+Ll kgYFaoe5l+alZ1ZplHNJmFh5mUuJawl1Zy9lcRnJW4/5Z1oGmGaZkH4pYnopZRqGYXI5mEm2YrIZ mLMZkkYGZ2zWjrdVkXRZmn/2XbFWnPK1nGA5looVnYbJm9WpnG15m4npmco5nC22WMYpUSb/iZZC SZQ5KZahNlfkaWu6iZTu2WdpyZf9OJQ1xZ4z6V0WdmITFVjz+Wnq6V27ZY8uJqAQsZgEKpIHuhAG Sn3x2KBAkaAQGqESahsOWqE8MaEYmqEaShYW2qFvoYuisQseikkgOqImmhIleqLSOHIbmqE1kaIq uqKD2KI0WqM2eqM4SlIxuqM82qMbl6NAOhA+OqREWqRGSqRBejQxkKRMOjRH+qRQGqVSWo9NWqVW aqM/ijNIkQdT2hO6EFlXiqNZujFd2iACwQ9oyg9nmqZqeqYEoaZpWhBo+qb2wKZz2qZuOhB4mqd6 Wqd2Sqd6yqZ9+qZ3uqdw+qdbWKbSIRGG/1qngIqnkGoQc9qne8qnjjqomOqmlUqpmdqmm+qpjbqp YSo0olqpcGqpn3qpjlqqmmqprnqqBwGrqtqqckqrqxqro+ofMMGqdCqrrnqrtvqol5qqvYoQsmqq s5qnx5qseaqo1hERkHqntTqpgCqsq4qonjqskmqnhyqoqpqtxVqr2nqt3jpK3CCIyJquyUqst8qq kcquwYqp4Mqp4vquzJqr/7Gr07qvs8qupyqqfhqouBqucuqt6lqvnAqwoOOsXwStBDuu3yqphHqv 6zqw9FqtwTqvg2qovpqp+Ppty+encYqo/Sqy4rqmIhunr2qxmvqn6VquLiutAsutzcqwBf/ipDZ7 HzjbpYtwIB9rNUzRAILxs1Cns7ZhiQhEcsvIHsK2tPxmtOnRckQnaVKbEE57eelxEE1bWd+3YJ7F EEYnYAsmh2L2csT2bIF4tcEWYUPXtmBLtglxs5UYbFrrtnX7UXebXXAoh18LbcP2eXnLgtCGtGsX h5qhtAhxfIfYsFHxtZfWWYkktYZ4dY5WuT4WVpNndWz7VZvYt3rLZZRHthOIVZtbZo/bVaPrWYQ7 aZYLh2BWdVXnVYx2aZt4uXyrtbQ3u7HLuZr4uGintrUxphDItWVbiIGLd5imgpSHuqFXuAgWuIZb cgYGt89bvEKIugWmXeCXt57rulAlezT/1rxT57xZFbo6lnjKi3Z7K77lG1JyG7WVxn9ee7yWZ4jX a3fIa7fVC7rm67nbq2Dye12ZK4TYxb97a7zcW7yJZ10LfHn5a8DoS8BjW8CVx13vu392J7vTC1Wp G7kAHIex98Brx2gHnMGim3fORXsQVm9pJ8IUTLyJC8MOLLsSjF2ni2OQ68HRe75XWLk63GWdi4WG Gx+Mi4lcBrgteMKg24Jnh3j127baC70rDMEofMTma8XYO8TOO8MCnLgkDMQM/MIj7MQ7/L9j28BR DMZ4JxE3sB5pa8UBXMVLTIRojL9PTGZwbFrdS4QEfLv7C7h3l8WbZb8xLMVJLL13DMTT/3vGZEy9 3SvIFZzB7MvHD9HGbpy1LDi6Mly4XzxaKhzCdPzDHAy5WRi/glvCXJu636uJSyyBkEzKHIy7VDdp /OvCTczKOTzKCCzLvltaHVy2VufLWkW9CWHJKBeyDwK8uKHMvsHMV/ESN1DE/VG150HNW9YaLhHN 0ky0YSEb2rzN3HyPpfHN4PyGUnwaE9wRTqu6teHMWREb5Awd5xzEW2u16vy2+pvOHBFt1Fx3c+ts m6u/W1x0HYy2mpvDrLuwpBHPlOFshezICuHOwwvREo3KBjzHzSXQaDujO/zQkUzDovR6pMvC3hu+ lvjIU5fLelu6Aky5jay9Bz3KZyvLl/87ywOcu4Qb0etr00Gc0ro8hJ8rdA0M1LD0wVScvruswBvs uEsd1NRlunasxYAs0E+9v+O7WWCMtR6d1WZ21RXMz1NMdEPtwwptSkbttrZcyzUMxZS8wqKcxVDt z2rc1lQN1wocwHuMz33c1WkN1hZ9t2NteXEEv4d8vomc1Ifdy1rM1hHMY3Yt1RrNy2GcyAssuZFL 0k4dusjbw1Zbz52N12tdSUFo1Scc2GwN2YgMyI4bgYpc1YlN10rs2kzM1zzGiplN20NNvjptz4Ib 2INt22J8u6Ss2kcswqvtx5Dd1JpN2YXtv5Ndx+FLzLxN2rhdw3pcwocMfmndbbMn2bT/S9alPNKV x8qL7cezi9ysi9CxXNi4HL+H98WVHdBgG2Hd3d4xjcJaSHdUu2j3Td7hnBEVTdVEE+Duhsz/QeAD PeBRkbMMrjT//eAQXn0NHksMPeEWfuEOahAMEOEc3uEe/uEgHuILEqWWcKIiPo8Yfo0nvuIs3uJy h+CUlOI6YYwyHn0wCm4unuM6fkg0oUk1vnA7HuQdHglCfkU/gKE/3hJ+kORM3uRO/qxFHuVSPuVU XuUcvjOHkOWHIBBanuUDseVfbg9aXhBjLuZlThBdPuZgHuZpvuZcTuZiTuZtbuZb7uVf7uZ4Pudz Lud23uZr3uV8XudozudmPuhorudw/77ndw7odv7mfk7nan7mjx7mi17obJ7nkO7ljR7nk17pm17n gP7mhh7qjx7qcT7qZZ1tEIHnpy7qf07pcN7qsm7oos7mCuHmnI4QuA7mn/7quC7rv07rwB7rtb7r sD7qrH4QyW7rCfHrny7szn7ss57rlP7svT7tzy7tyD7oyW7syz7sxQ7rwc5MLxHs3l7r037q407s sy7ozZ7ouh7r7u7u1A7tt/7u2k7v1R7v9T7u317vym4Q9P7t0Y7u2A7uA0/tgh7tr67t++7r8M7t +B7uFH/qQuELlLLqAS/xxi7wBs/vBq/vHi/xG//wjs7s9j7xI//xIg/w8t7q/i7sLv/P7ieP7v8O 8zQP8LyO8/M+8wnv8K7O8xGP8iuP80S/7hGBB1pX7p6e6AVP7KZe9KWe5jTf8iFf8z1/9Yt+5lvP 7gwv8Ei/8+oO8pmu6VR/6Iwe9Meu51yv9UYv9gt/8og+9kBP9zt/7si+6cDe9u2e6t2B97be8Tmf 7uBO9EU/81rP63Av7Tev8jff8lav9ohf+DVP9uFO8CP/9BUv9rmu+JUv7pT/8nI/9Cyf8ppv8fQB +Fgv8x9P+P8e+Vcf86hu6Yrf9o1P9o9/8K5/+bhP+ocv9Gu/8oLP5abO+XFP+7qv8/gO8aqf/IU/ /Kg/HsPe7aCf+axv874v/K3f9wf/P/y3j/2MT+uCb+42L/uxf+9ej/lQ7/Wij+lfn/7XL/mFvuwN r/4Vv/3Bl+n6j/223+d8DxD2BB4SOLCgwUMJFR4suHCgQoINDy6MONFeRYMSG0LE+DAhw44XHW78 iLEjxYkhM65EyBGkS5MmU0K8aFEjy5ooN9YEKZJmTJsMffJ86PPjzJkngxJlyvPfU6hRpU6lWtXq VaxZtW4V2tXrV7BhxY4lW9bsWbRp1a5l29btW7hx1W6lW9fu3apy9e7l29fvX8CBBQ8mXNgwQ7uH FS9mLBjvY8iRJU+mXNnyZcxaG2/m3HltZtChRY8mPVlD6aieVa9m3dr1a9ixBdqV/3mTKcejRpuq pGm0osyRJGPmtt27q3HiSov7JujSq3GPzXEL7T3dKWrs2bVv5x75bO2Vzan3XNr09nmiv8drBJ/z Jm+bycmzFD/fPPr7+YEfl93f//+56uKpvv3sC0k52xIksDzzDpRIPZwadC/CiBaUsDwHVYqQP/js wQoDu7jobkQSSzRRKrQqHNAiBxPczT4FJ3SxxaDqS289Fm8kz0IaccrwKw17ci4/AIs08r/EVFQx PAOps+69koTsUTgKmdQNxwczapFHmGD88TmxOozoRDLLNPPMq1K8EcIXZ/RSSDgRBHNL9jb8UsYs EaoSw/GCDFIkMIksDBSzuDjyUP9Ex8otOejwi5FPpZbcMMcdq3MTTj2d3GnPRynlL9BA/0x0VFL9 Q1BOOdtcysYVrVyVPh91bPK2Dt/DslZZYbx00lJ7FegOXwFLTFVUnYySQd+ShTW46JKKsT0q6cM1 PZgadfbaSa1DbjY0u/X22+2CFXdccss191x001V3XXbBAvddeOOVd156602tXXy7+iRffvv9y16A AxZ4YIILNrjM0yhL5WCGG3b4YYgjlnhiiun192KMM9Z4Y4479vjjsCoWeWSSSzb5ZJRTVnllllt2 +WWYBQR5ZpprtvlmnHPW+bOYe/b555F3Fnpooos2+mik+wN66axiYPppcI+cJGn/qtVSoerCoNZ6 a6679vprsMMWe2yyyzb7bLTTVnttttt2+22445Z7brrrtvtutLHWe2++xQUAgL4DF7yth/82HG/E E5fX8L8Vd/zxbg+HHHFGYAYgtMEz15zjyTv3/HPQQ095c9JLN/101FNXfXXWjwa8dXvOgX12x0S3 /XbQaNd9d9579/134IPXG3fiizf+eLJteVh45o3e1z/ko5c+r+art96s6R/fYvstspf5et65F38L 8EP23vbxz1d/ffbbd//uwNYpf37B37d/cvrz139//vv3/38ANi8DAaTa/QyoOAImkHUHZGADHfjA 0SlQgqeDYAXBdYqBTVCDpLuLdDMs+MGlbVCEXWHACE14QgCBUIUrZGELXfhC4qFQhkmDYdo8cL8Z 5rBoNeQh0HT4QyAGUYj90cEQjXhEJNKvh0tkYhPfVQonao0QdllCFK14xRUmUYuA0QJsSNYFLCaO H2EkI+K2eEY0pjGBWelDGd1Yr4AAADs= ------=_NextPart_000_0007_01C6F83B.84C7E6D0-- From owner-namedroppers@ops.ietf.org Wed Oct 25 12:16:42 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GclQo-0004B1-MA; Wed, 25 Oct 2006 12:16:42 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GclQj-0001Fq-VQ; Wed, 25 Oct 2006 12:16:42 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GclJR-000NWW-AV for namedroppers-data@psg.com; Wed, 25 Oct 2006 16:09:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GclJQ-000NWG-4d for namedroppers@ops.ietf.org; Wed, 25 Oct 2006 16:09:04 +0000 Received: from Puki.ogud.com (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9PG8wI2050706 for ; Wed, 25 Oct 2006 12:08:58 -0400 (EDT) (envelope-from ogud@ogud.com) Message-Id: <7.0.1.0.2.20061025120511.06141be8@ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Wed, 25 Oct 2006 12:08:48 -0400 To: namedroppers@ops.ietf.org From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= Subject: IETF-57 draft agenda has been posted Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: de4f315c9369b71d7dd5909b42224370 DNSEXT @ IETF-67 Date: Tuesday November 7'th Time: 15:20 - 17:20 Location: Harbor Island II http://www3.ietf.org/proceedings/06nov/agenda/dnsext.txt please check there for updates and changes Olafur -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 25 22:19:51 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcuqV-0003nz-1M; Wed, 25 Oct 2006 22:19:51 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcuqF-0006OY-0K; Wed, 25 Oct 2006 22:19:51 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcuhh-0008nb-QU for namedroppers-data@psg.com; Thu, 26 Oct 2006 02:10:45 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-16.7 required=5.0 tests=AWL,BAYES_00,NO_REAL_NAME, USER_IN_DEF_WHITELIST autolearn=no version=3.1.6 Received: from [128.9.160.116] (helo=nit.isi.edu) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcuhe-0008kz-VL for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 02:10:45 +0000 Received: from nit.isi.edu (loopback [127.0.0.1]) by nit.isi.edu (8.12.11.20060308/8.12.11) with ESMTP id k9Q2AHrh029788; Wed, 25 Oct 2006 19:10:17 -0700 Received: (from apache@localhost) by nit.isi.edu (8.12.11.20060308/8.12.11/Submit) id k9Q2AHiq029787; Wed, 25 Oct 2006 19:10:17 -0700 Date: Wed, 25 Oct 2006 19:10:17 -0700 Message-Id: <200610260210.k9Q2AHiq029787@nit.isi.edu> To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org Subject: RFC 4701 on A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) From: rfc-editor@rfc-editor.org Cc: rfc-editor@rfc-editor.org, namedroppers@ops.ietf.org Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: b7b9551d71acde901886cc48bfc088a6 A new Request for Comments is now available in online RFC libraries. RFC 4701 Title: A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) Author: M. Stapp, T. Lemon, A. Gustafsson Status: Standards Track Date: October 2006 Mailbox: mjs@cisco.com, mellon@nominum.com, gson@araneus.fi Pages: 12 Characters: 24570 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-dnsext-dhcid-rr-13.txt URL: http://www.rfc-editor.org/rfc/rfc4701.txt It is possible for Dynamic Host Configuration Protocol (DHCP) clients to attempt to update the same DNS Fully Qualified Domain Name (FQDN) or to update a DNS FQDN that has been added to the DNS for another purpose as they obtain DHCP leases. Whether the DHCP server or the clients themselves perform the DNS updates, conflicts can arise. To resolve such conflicts, RFC 4703 proposes storing client identifiers in the DNS to unambiguously associate domain names with the DHCP clients to which they refer. This memo defines a distinct Resource Record (RR) type for this purpose for use by DHCP clients and servers: the "DHCID" RR. [STANDARDS TRACK] This document is a product of the Dynamic Host Configuration Working Group of the IETF. This is now a Proposed Standard Protocol. STANDARDS TRACK: This document specifies an Internet standards track protocol for the Internet community,and requests discussion and suggestions for improvements.Please refer to the current edition of the Internet Official Protocol Standards (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF list and the RFC-DIST list. Requests to be added to or deleted from the IETF distribution list should be sent to IETF-REQUEST@IETF.ORG. Requests to be added to or deleted from the RFC-DIST distribution list should be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body help: ways_to_get_rfcs. For example: To: rfc-info@RFC-EDITOR.ORG Subject: getting rfcs help: ways_to_get_rfcs Requests for special distribution should be addressed to either the author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. Submissions for Requests for Comments should be sent to RFC-EDITOR@RFC-EDITOR.ORG. Please consult RFC 2223, Instructions to RFC Authors, for further information. Joyce K. Reynolds and Sandy Ginoza USC/Information Sciences Institute ... -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Oct 25 22:23:04 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gcutc-0006Hl-NA; Wed, 25 Oct 2006 22:23:04 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gcuta-0007HF-8M; Wed, 25 Oct 2006 22:23:04 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcuqn-0009hx-Uc for namedroppers-data@psg.com; Thu, 26 Oct 2006 02:20:09 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.6 Received: from [64.102.122.148] (helo=rtp-iport-1.cisco.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcuqn-0009hl-8a for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 02:20:09 +0000 Received: from rtp-dkim-2.cisco.com ([64.102.121.159]) by rtp-iport-1.cisco.com with ESMTP; 25 Oct 2006 19:20:08 -0700 Received: from rtp-core-2.cisco.com (rtp-core-2.cisco.com [64.102.124.13]) by rtp-dkim-2.cisco.com (8.12.11.20060308/8.12.11) with ESMTP id k9Q2K8sp019357; Wed, 25 Oct 2006 22:20:08 -0400 Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id k9Q2K8DM015985; Wed, 25 Oct 2006 22:20:08 -0400 (EDT) Received: from xmb-rtp-211.amer.cisco.com ([64.102.31.118]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 25 Oct 2006 22:20:07 -0400 Received: from 10.86.243.26 ([10.86.243.26]) by xmb-rtp-211.amer.cisco.com ([64.102.31.118]) with Microsoft Exchange Server HTTP-DAV ; Thu, 26 Oct 2006 02:20:07 +0000 User-Agent: Microsoft-Entourage/11.2.5.060620 Date: Wed, 25 Oct 2006 22:20:19 -0400 Subject: DDNS-DHCP RFCs From: Ralph Droms To: , dhcwg Message-ID: Thread-Topic: DDNS-DHCP RFCs Thread-Index: Acb4pUgghuWH72SYEduwfQARJOT6eg== In-Reply-To: <200610260210.k9Q2AHiq029787@nit.isi.edu> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit X-OriginalArrivalTime: 26 Oct 2006 02:20:08.0022 (UTC) FILETIME=[41951760:01C6F8A5] DKIM-Signature: a=rsa-sha1; q=dns; l=645; t=1161829208; x=1162693208; c=relaxed/simple; s=rtpdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=rdroms@cisco.com; z=From:Ralph=20Droms=20 |Subject:DDNS-DHCP=20RFCs |To:,=20dhcwg=20; X=v=3Dcisco.com=3B=20h=3DEndDdR7zfCGQ/3wC2LKGO+7kM6w=3D; b=pN/lgTyDmrM/ZzUXOtsr2hSMU7tHhdJrxkcrwyrlN1fp1RHhtl8/TV0F/cGvb4u9D8+gHibl mWEaZEgiCP2z/f9Bgy44moHg20gTcfgO3HQ+nPbOFtUiBvUC9WvoKLoi; Authentication-Results: rtp-dkim-2.cisco.com; header.From=rdroms@cisco.com; dkim=pass ( sig from cisco.com verified; ); Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab Congratulations to everyone involved with these RFCs and thanks for your hard work, perseverance and patience: RFC 4701, A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) RFC 4702: The Dynamic Host Configuration Protocol (DHCP) Client Fully Qualified Domain Name (FQDN) Option RFC 4703: Resolution of Fully Qualified Domain Name (FQDN) Conflicts among Dynamic Host Configuration Protocol (DHCP) Clients RFC 4704: The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Client Fully Qualified Domain Name (FQDN) Option - Ralph -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 02:56:45 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GczAJ-000832-OX; Thu, 26 Oct 2006 02:56:36 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gcz9q-0003qj-Gn; Thu, 26 Oct 2006 02:56:35 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcz41-00097H-E3 for namedroppers-data@psg.com; Thu, 26 Oct 2006 06:50:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,MIME_BOUND_NEXTPART,NO_REAL_NAME autolearn=no version=3.1.6 Received: from [156.154.16.138] (helo=ns1.neustar.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcz3z-000960-D5 for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 06:50:04 +0000 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns1.neustar.com (Postfix) with ESMTP id 7F4F426E3B; Thu, 26 Oct 2006 06:50:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1Gcz3y-000236-Ch; Thu, 26 Oct 2006 02:50:02 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnsext-nsec3-08.txt Message-Id: Date: Thu, 26 Oct 2006 02:50:02 -0400 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.3 (/) X-Scan-Signature: 32b73d73e8047ed17386f9799119ce43 --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : DNSSEC Hashed Authenticated Denial of Existence Author(s) : B. Laurie, et al. Filename : draft-ietf-dnsext-nsec3-08.txt Pages : 51 Date : 2006-10-25 The Domain Name System Security Extensions (DNSSEC) introduced the NSEC resource record (RR) for authenticated denial of existence. This document introduces an alternative resource record, NSEC3, which similarly provides authenticated denial of existence. However, it also provides measures against zone enumeration and permits gradual expansion of delegation-centric zones. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-nsec3-08.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnsext-nsec3-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnsext-nsec3-08.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-10-25223338.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnsext-nsec3-08.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnsext-nsec3-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-10-25223338.I-D@ietf.org> --OtherAccess-- --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 02:56:45 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GczAJ-000831-OL; Thu, 26 Oct 2006 02:56:36 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gcz9q-0003qi-GN; Thu, 26 Oct 2006 02:56:35 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcz40-00096i-CZ for namedroppers-data@psg.com; Thu, 26 Oct 2006 06:50:04 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO,MIME_BOUND_NEXTPART,NO_REAL_NAME autolearn=no version=3.1.6 Received: from [156.154.16.158] (helo=ns0.neustar.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gcz3z-00095w-7e for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 06:50:03 +0000 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns0.neustar.com (Postfix) with ESMTP id 437AB328A1; Thu, 26 Oct 2006 06:50:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1Gcz3y-00022Y-50; Thu, 26 Oct 2006 02:50:02 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnsext-dnssec-bis-updates-04.txt Message-Id: Date: Thu, 26 Oct 2006 02:50:02 -0400 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.3 (/) X-Scan-Signature: a2c12dacc0736f14d6b540e805505a86 --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : Clarifications and Implementation Notes for DNSSECbis Author(s) : R. Austein, S. Weiler Filename : draft-ietf-dnsext-dnssec-bis-updates-04.txt Pages : 12 Date : 2006-10-25 This document is a collection of minor technical clarifications to the DNSSECbis document set. It is meant to serve as a resource to implementors as well as an interim repository of DNSSECbis errata. An index sorted by the section of DNSSECbis being clarified. A list of proposed protocol changes being made in other documents, such as [RFC4470] and [I-D.ietf-dnsext-nsec3]. This document would not make those changes, merely provide an index into the documents that are making changes. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-bis-updates-04.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnsext-dnssec-bis-updates-04.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnsext-dnssec-bis-updates-04.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-10-25182524.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnsext-dnssec-bis-updates-04.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnsext-dnssec-bis-updates-04.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-10-25182524.I-D@ietf.org> --OtherAccess-- --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 04:27:11 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd0Zz-0002mM-JV; Thu, 26 Oct 2006 04:27:11 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd0Zu-00059N-92; Thu, 26 Oct 2006 04:27:11 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd0UB-000K3k-5d for namedroppers-data@psg.com; Thu, 26 Oct 2006 08:21:11 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.6 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd0U6-000K2e-EE for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 08:21:10 +0000 Received: from [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810] (diva.nlnetlabs.nl [IPv6:2001:7b8:206:1:240:f4ff:fe37:8810]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9Q8KqGN015368 for ; Thu, 26 Oct 2006 10:20:53 +0200 (CEST) (envelope-from wouter@nlnetlabs.nl) Message-ID: <45406FE4.3020800@nlnetlabs.nl> Date: Thu, 26 Oct 2006 10:20:52 +0200 From: Wouter Wijngaards User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Namedroppers Subject: Re: dnssec-bis-updates-04 qtype any DO bit References: In-Reply-To: X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Internet-Drafts@ietf.org wrote: > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-bis-updates-04.txt In this draft it says: 3.6. Responding to QTYPE=* with the DO Bit Clear To protect resolvers that cannot cope with DNSSEC types, a server should not include DNSSEC RR types when responding to a query with QTYPE=* and the DO bit not set. I disagree. * Resolvers query ANY which means any available and thus could contain any sort of RR type. Also unknown RR types. * Resolvers that support unknown RR types (rfc 3597) should have no problem with unknown (DNSSEC) RR types. * Is 3.6 to protect resolvers that do not support 3597? To protect those resolvers not only the DNSSEC RR types, but several more 'recent RR types' have to be left out, DHCID, SSHFP, maybe APL, DNAME, CERT, KX, NAPTR, SRV, NXT, LOC, AAAA, PX, KEY too. I am not sure what needs to be left out, but more than only the DNSSEC types. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFQG/kkDLqNwOhpPgRAvbZAJ9UhhSaD/n0R75sEPQFfSV8hFiHSACfZXl0 0NzEXKwQpdKwJjzDVgZOfxw= =FwbA -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 06:29:19 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd2UB-0003dt-UK; Thu, 26 Oct 2006 06:29:19 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd2U3-0001yk-A9; Thu, 26 Oct 2006 06:29:19 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd2OP-0007yO-H5 for namedroppers-data@psg.com; Thu, 26 Oct 2006 10:23:21 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [129.70.136.245] (helo=mailout.TechFak.Uni-Bielefeld.DE) by psg.com with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd2ON-0007xt-Kz for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 10:23:21 +0000 Received: from tyrannia.TechFak.Uni-Bielefeld.DE (tyrannia.TechFak.Uni-Bielefeld.DE [129.70.137.5]) by momotombo.TechFak.Uni-Bielefeld.DE (8.12.11/8.12.11/TechFak/2005/05/30/sjaenick) with ESMTP id k9QANGYF023452; Thu, 26 Oct 2006 12:23:16 +0200 (MEST) Received: from localhost (pk@localhost) by tyrannia.TechFak.Uni-Bielefeld.DE (8.11.7+Sun/8.9.1) with SMTP id k9QANFm17994; Thu, 26 Oct 2006 12:23:15 +0200 (MEST) Message-Id: <200610261023.k9QANFm17994@tyrannia.TechFak.Uni-Bielefeld.DE> X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk owned process doing -bs X-Authentication-Warning: tyrannia.TechFak.Uni-Bielefeld.DE: pk@localhost didn't use HELO protocol To: IETF DNSEXT WG From: Peter Koch Subject: Re: dnssec-bis-updates-04 qtype any DO bit In-reply-to: Your message of "Thu, 26 Oct 2006 10:20:52 +0200." <45406FE4.3020800@nlnetlabs.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <17991.1161858178.1@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Thu, 26 Oct 2006 12:23:15 +0200 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 79899194edc4f33a41f49410777972f8 Wouter Wijngaards wrote: > 3.6. Responding to QTYPE=* with the DO Bit Clear > To protect resolvers that cannot cope with DNSSEC types, a server > should not include DNSSEC RR types when responding to a query with > QTYPE=* and the DO bit not set. > > I disagree. > * Resolvers query ANY which means any available and thus could contain > any sort of RR type. Also unknown RR types. I fully agree with Wouter and disagree with the recommendation in 3.6. It is inconsistent and just wrong. -Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 07:26:18 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd3NK-0006SN-5v; Thu, 26 Oct 2006 07:26:18 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd3N9-0002FP-R4; Thu, 26 Oct 2006 07:26:18 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd3JY-000ETw-IH for namedroppers-data@psg.com; Thu, 26 Oct 2006 11:22:24 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.1.6 Received: from [193.1.169.34] (helo=dakota.ucd.ie) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd3JT-000ETE-Ux for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 11:22:23 +0000 Received: from conversion-daemon.dakota.ucd.ie by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) id <0J7Q00401OZUEV00@dakota.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 11:59:36 +0100 (IST) Received: from [10.0.1.189] ([83.141.81.52]) by dakota.ucd.ie (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTPSA id <0J7Q00LNLP79GE70@dakota.ucd.ie>; Thu, 26 Oct 2006 11:59:34 +0100 (IST) Date: Thu, 26 Oct 2006 11:59:32 +0100 From: Niall O'Reilly Subject: Re: dnssec-bis-updates-04 qtype any DO bit In-reply-to: <45406FE4.3020800@nlnetlabs.nl> To: Wouter Wijngaards Cc: Niall O'Reilly , Namedroppers Message-id: <3904FDDE-7142-4EF5-B345-AC6118F8F535@ucd.ie> MIME-version: 1.0 X-Mailer: Apple Mail (2.752.2) Content-type: text/plain; format=flowed; delsp=yes; charset=US-ASCII Content-transfer-encoding: 7BIT X-Gpgmail-State: !signed References: <45406FE4.3020800@nlnetlabs.nl> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 769a46790fb42fbb0b0cc700c82f7081 On 26 Oct 2006, at 09:20, Wouter Wijngaards wrote: > * Is 3.6 to protect resolvers that do not support 3597? To protect > those > resolvers not only the DNSSEC RR types, but several more 'recent RR > types' have to be left out, DHCID, SSHFP, maybe APL, DNAME, CERT, KX, > NAPTR, SRV, NXT, LOC, AAAA, PX, KEY too. > I am not sure what needs to be left out, but more than only the DNSSEC > types. Fair comment, Wouter. I'm not sure either. I think a value judgment is needed. It might be useful to step back more than a little, and estimate just how much bending over backwards is operationally useful to accommodate or protect "old" resolvers. Pre-3597 resolvers may treat responses which contain unknown RR types in a number of ways, of which two extreme cases are easily identified. In one of these cases, presence of any unknown type would result in the entire response being treated as invalid and so discarded. In the other, a best effort would be made to extract the useful part of the response. We can't even hope to measure how actual resolver behaviour is distributed across the spectrum between these two extremes. However, intolerance of "new" RR types and consequent damage would surely have attracted attention by now if the first case mentioned was the predominant, or even significantly represented, behaviour. I suggest that an estimate of the likely "damage" which would result from a decision to limit backwards compatibility to a "moderate" degree would be useful. Put another way, while I appreciate that accommodating "old" resolvers actually present in the field is important, the effort involved in accommodating putative "really old" resolvers, whose very existence out there is a matter of conjecture, might not be justifiable. Sometimes it's necessary to cross the road, even though the risk of being hit by a bus is never zero. /Niall -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 07:38:05 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd3Yj-0008VD-SG; Thu, 26 Oct 2006 07:38:05 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd3Ye-00040m-6k; Thu, 26 Oct 2006 07:38:05 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd3US-000Fit-Kt for namedroppers-data@psg.com; Thu, 26 Oct 2006 11:33:40 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [193.94.160.1] (helo=netcore.fi) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd3UQ-000FiT-Nu for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 11:33:40 +0000 Received: from localhost (pekkas@localhost) by netcore.fi (8.12.11.20060614/8.12.11) with ESMTP id k9QBXXTA023232; Thu, 26 Oct 2006 14:33:35 +0300 Date: Thu, 26 Oct 2006 14:33:33 +0300 (EEST) From: Pekka Savola To: Peter Koch cc: IETF DNSEXT WG Subject: Re: dnssec-bis-updates-04 qtype any DO bit In-Reply-To: <200610261023.k9QANFm17994@tyrannia.TechFak.Uni-Bielefeld.DE> Message-ID: References: <200610261023.k9QANFm17994@tyrannia.TechFak.Uni-Bielefeld.DE> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: ClamAV 0.88.5/2099/Thu Oct 26 01:50:57 2006 on otso.netcore.fi X-Virus-Status: Clean Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d On Thu, 26 Oct 2006, Peter Koch wrote: > Wouter Wijngaards wrote: > > 3.6. Responding to QTYPE=* with the DO Bit Clear > > To protect resolvers that cannot cope with DNSSEC types, a server > > should not include DNSSEC RR types when responding to a query with > > QTYPE=* and the DO bit not set. > > > > I disagree. > > * Resolvers query ANY which means any available and thus could contain > > any sort of RR type. Also unknown RR types. > > I fully agree with Wouter and disagree with the recommendation in 3.6. > It is inconsistent and just wrong. Sure.. But I'd be interested in knowing whether resolver implementations use QTYPE='*' for anything. Such implementations would get broken on some other fronts as well (e.g., A and AAAA records under the same name). AFAICS, it's only used by operators who use 'dig'. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 08:23:42 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd4Gr-0002fW-S8; Thu, 26 Oct 2006 08:23:42 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd4Gn-0003Ul-I8; Thu, 26 Oct 2006 08:23:41 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd4CA-000L5C-9w for namedroppers-data@psg.com; Thu, 26 Oct 2006 12:18:50 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [81.91.160.27] (helo=denic.de) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd4C8-000L4t-T8 for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 12:18:49 +0000 Received: by unknown.office.denic.de (Postfix, from userid 501) id 561DA3B89BB; Thu, 26 Oct 2006 14:18:44 +0200 (CEST) Date: Thu, 26 Oct 2006 14:18:44 +0200 From: Peter Koch To: IETF DNSEXT WG Subject: Re: dnssec-bis-updates-04 qtype any DO bit Message-ID: <20061026121844.GC2932@unknown.office.denic.de> References: <200610261023.k9QANFm17994@tyrannia.TechFak.Uni-Bielefeld.DE> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 9182cfff02fae4f1b6e9349e01d62f32 On Thu, Oct 26, 2006 at 02:33:33PM +0300, Pekka Savola wrote: > implementations use QTYPE='*' for anything. Such implementations ``QTYPE * in apps considered broken'' is on my wishlist (followed by the same for QTYPE=CNAME and QTYPE=NS, but that are different issues). > would get broken on some other fronts as well (e.g., A and AAAA Yes they do, including failure to deal with truncation and much else. > records under the same name). AFAICS, it's only used by operators who > use 'dig'. Unfortunately, no. There are enough mail apps out there using ANY ("*"), as a look into somewhat detailed stats of your nearest auth server (for forward zones) will disclose. Still, there's no reason to break the protocol by making auth servers lie about DNSSEC RR types. -Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 12:28:12 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd85U-000599-K6; Thu, 26 Oct 2006 12:28:12 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd85J-0002Lk-M2; Thu, 26 Oct 2006 12:28:12 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd7vL-000I5N-9D for namedroppers-data@psg.com; Thu, 26 Oct 2006 16:17:43 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_00,BIZ_TLD autolearn=no version=3.1.6 Received: from [216.82.250.131] (helo=mail128.messagelabs.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd7vK-000I52-5n for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 16:17:42 +0000 X-VirusChecked: Checked X-Env-Sender: Donald.Eastlake@motorola.com X-Msg-Ref: server-11.tower-128.messagelabs.com!1161872628!2468139!1 X-StarScan-Version: 5.5.10.7; banners=-,-,- X-Originating-IP: [129.188.136.7] Received: (qmail 18592 invoked from network); 26 Oct 2006 14:23:48 -0000 Received: from motgate7.mot.com (HELO motgate7.mot.com) (129.188.136.7) by server-11.tower-128.messagelabs.com with SMTP; 26 Oct 2006 14:23:48 -0000 Received: from az33exr03.mot.com ([10.64.251.233]) by motgate7.mot.com (8.12.11/Motorola) with ESMTP id k9QENk7o015316 for ; Thu, 26 Oct 2006 07:23:46 -0700 (MST) Received: from de01exm64.ds.mot.com (de01exm64.am.mot.com [10.176.8.15]) by az33exr03.mot.com (8.13.1/8.13.0) with ESMTP id k9QENjb3027698 for ; Thu, 26 Oct 2006 09:23:45 -0500 (CDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: I-D ACTION:draft-eastlake-dnsext-cookies-01.txt Date: Thu, 26 Oct 2006 10:23:44 -0400 Message-ID: <3870C46029D1F945B1472F170D2D979001934CCA@de01exm64.ds.mot.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: I-D ACTION:draft-eastlake-dnsext-cookies-01.txt thread-index: Acb4eAEeZYBBsBo9SZiC7B9ws7zgCQAARmJQ From: "Eastlake III Donald-LDE008" To: "Edward Lewis" Cc: Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.5 (/) X-Scan-Signature: 5ebbf074524e58e662bc8209a6235027 Hi Ed, Thanks for the rapid response, before I even got around to posting a note about this to namedroppers. :-) This draft is a simple update of the -00 version to change from using an RR to using an OPT option, as requested at the last DNSEXT meeting, and making some minor changes to the discussion of anycast servers. I agree with all of your suggested changes below except in connection with section 4.2. The draft, while it recommends a way to calculate cookies, is intended to be very liberal about allowing servers and resolvers to use more computationally intensive or less computationally intensive methods. But I wanted to prohibit completely degenerate cookies. So, while I think your comment below has merit, I think a better solution is #4.2 Server Cookies # # ... # # A server MUST NOT use the same Server Cookie value for responses to # all requests. s/requests/resolvers/ Thanks again, Donald PS: cc'ed to namedroppers with Ed's permission. -----Original Message----- From: Edward Lewis [mailto:Ed.Lewis@neustar.biz]=20 Sent: Wednesday, October 25, 2006 4:27 PM To: Eastlake III Donald-LDE008 Cc: ed.lewis@neustar.biz Subject: Re: I-D ACTION:draft-eastlake-dnsext-cookies-01.txt At 15:50 -0400 10/24/06, Internet-Drafts@ietf.org wrote: > Title : Domain Name System (DNS) Cookies > Author(s) : D. Eastlake 3rd > Filename : draft-eastlake-dnsext-cookies-01.txt > Pages : 15 > Date : 2006-10-24 > >A URL for this Internet-Draft is: >http://www.ietf.org/internet-drafts/draft-eastlake-dnsext-cookies-01.tx t #1.1 Contents of This Document # # Section 5 describes the processing of COOKIE OPT optionby resolvers # and server and policies for such processing. s/optionby/option by/ #1.2 Definitions # # The term "IP address" is used herein in a length independent manner # and refers interchangeably to IPv4 and IPv6 addresses. s/interchangeably to IPv4 and IPv6 addresses./ to address formats including IPv4 and IPv6./ ~Why be overly specific? #2.1 Denial-of-Service Attacks # # The normal form of the denial-of-service attacks considered herein is # to send DNS requests with forged source IP addresses to a server. The # intent can be to attack that server or a selected host as described # below. s/normal/canonical/ Maybe that's the fix. I kept tripping over "normal form of ...=20 attack". May canonical isn't the word either. #4.2 Server Cookies # # A server MUST NOT use the same Server Cookie value for responses to # all requests. Given the definition, I don't see the need for this. Only if just one resolver ever contacted this server or if there was a failure in the hash function, would *all* the responses be the same. If only one resolver ever contacted this server, then all the server cookie values might be the same. #6. NAT and AnyCast Considerations # # But we have this wart called NAT [RFC3022], Network Address s/wart/reality/ -- -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-= =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D -=3D- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 12:38:11 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd8F9-0008Eb-3t; Thu, 26 Oct 2006 12:38:11 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd8F5-0004G0-QN; Thu, 26 Oct 2006 12:38:11 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd88d-000Jyh-NY for namedroppers-data@psg.com; Thu, 26 Oct 2006 16:31:27 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd88c-000JyJ-Ek for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 16:31:27 +0000 Received: from [192.168.1.101] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9QE5eWx065693; Thu, 26 Oct 2006 10:05:41 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <200610261023.k9QANFm17994@tyrannia.TechFak.Uni-Bielefeld.DE> References: <200610261023.k9QANFm17994@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Thu, 26 Oct 2006 10:05:42 -0400 To: Peter Koch From: Edward Lewis Subject: Re: dnssec-bis-updates-04 qtype any DO bit Cc: IETF DNSEXT WG Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab At 12:23 +0200 10/26/06, Peter Koch wrote: >Wouter Wijngaards wrote: ... >> I disagree. ... >I fully agree with Wouter and disagree with the recommendation in 3.6. I completely agree with Peter's fully agreeing with Wouter and disagreeing with the recommendation in 3.6. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 13:54:16 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gd9Ku-0007vc-EV; Thu, 26 Oct 2006 13:48:12 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gd95x-0004Wo-FA; Thu, 26 Oct 2006 13:32:53 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd91I-0000vO-9E for namedroppers-data@psg.com; Thu, 26 Oct 2006 17:27:56 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.6 Received: from [204.152.187.1] (helo=sa.vix.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gd91H-0000uo-G5 for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 17:27:55 +0000 Received: from sa.vix.com (localhost [127.0.0.1]) by sa.vix.com (Postfix) with ESMTP id 092D211426 for ; Thu, 26 Oct 2006 14:00:40 +0000 (UTC) (envelope-from vixie@sa.vix.com) From: Paul Vixie To: IETF DNSEXT WG Subject: Re: dnssec-bis-updates-04 qtype any DO bit In-Reply-To: Your message of "Thu, 26 Oct 2006 14:33:33 +0300." References: <200610261023.k9QANFm17994@tyrannia.TechFak.Uni-Bielefeld.DE> X-Mailer: MH-E 8.0.2; nmh 1.0.4; GNU Emacs 21.3.1 Date: Thu, 26 Oct 2006 14:00:39 +0000 Message-ID: <64397.1161871239@sa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f > Sure.. But I'd be interested in knowing whether resolver implementations use > QTYPE='*' for anything. Such implementations would get broken on some other > fronts as well (e.g., A and AAAA records under the same name). AFAICS, it's > only used by operators who use 'dig'. and by sendmail, who uses it to get the MX and A in one transaction from the local cache if both happen to be present. (apparently, enough folks either didn't have an MX, or had an MX pointing to an A by the same name, to make this opportunistic logic relevant, and now, much later, it's just how things are.) i know of no other app who uses QTYPE=ANY. i do know that sendmail would not be bothered by RRSIG, and i do know that sendmail acts properly in the presence of truncation. (though i don't know if it ever sets DO or uses EDNS.) -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Oct 26 15:25:07 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdAop-0005Fw-H6; Thu, 26 Oct 2006 15:23:11 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GdAcm-0003KB-Jg; Thu, 26 Oct 2006 15:10:47 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdAWp-000CUi-98 for namedroppers-data@psg.com; Thu, 26 Oct 2006 19:04:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdAWm-000CU4-UC for namedroppers@ops.ietf.org; Thu, 26 Oct 2006 19:04:34 +0000 Received: from [192.168.1.101] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9QJ4DXD067500; Thu, 26 Oct 2006 15:04:14 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Thu, 26 Oct 2006 15:04:17 -0400 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: comments on draft-ietf-dnsext-dnssec-bis-updates-04.txt Cc: ed.lewis@neustar.biz Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 8b6657e60309a1317174c9db2ae5f227 > Title: Clarifications and Implementation Notes for DNSSECbis http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-bis-updates-04.txt This is not on the agenda for San Diego? # Clarifications and Implementation Notes for DNSSECbis # draft-ietf-dnsext-dnssec-bis-updates-04 # # Abstract # # This document is a collection of minor technical clarifications to # the DNSSECbis document set. It is meant to serve as a resource to # implementors as well as an interim repository of DNSSECbis errata. From reading further in the document, there is more here than just clarifications, there are augmentations and changes to the protocol. # 1.1. Structure of this Document # # The clarifications to DNSSECbis are sorted according to the editors' # impression of their importance, starting with ones which could, if This being a WG document, it really should be a reflection of the WG's consensus. In that vein, this document ought to be regularly discussed on the mailing list and take precedence in the agenda at in person meetings. # Mere typos and awkward phrasings are not addressed unless they could # lead to misinterpretation of the DNSSECbis documents. If these are not what is addressed, then this is more than a clarification. # 2. Significant Concerns # # This section provides clarifications that, if overlooked, could lead # to security issues or major interoperability problems. # # 2.1. Clarifications on Non-Existence Proofs # # [RFC4035] Section 5.4 slightly underspecifies the algorithm for # checking non-existence proofs. In particular, the algorithm there # might incorrectly allow the NSEC from the parent side of a zone cut # to prove the non-existence of either other RRs at that name in the # child zone or other names in the child zone. It might also allow a # NSEC at the same name as a DNAME to prove the non-existence of names # beneath that DNAME. The above paragragh is unclear. A "NSEC" does not prove anything, proofs are done by the validotor. An NSEC RR and its associated RRSIG present data used in a proof. The "either" probably ought to be stricken from "of either other" in the middle. "It might" - does it or not? # A parent-side delegation NSEC (one with the NS bit set, but no SOA # bit set, and with a singer field that's shorter than the owner name) # must not be used to assume non-existence of any RRs below that zone # cut (both RRs at that ownername and at ownernames with more leading # labels, no matter their content). Similarly, an NSEC with the DNAME # bit set must not be used to assume the non-existence of any # descendant of that NSEC's owner name. This sounds like an augmentation of the specified proof, you have a lower case MUST in there. (Also, s/singer/signer/.) On the last line, s/descendant/subdomain/. # 2.2. Empty Non-Terminal Proofs # # To be written, based on Roy Arends' May 11th message to namedroppers. # # The editors are trying to figure out whether what's really required # here is a discussion of the relationship between DNS RCODEs and # DNSSECbis. This description makes it sound more like a search for a problem than just a repository for gaps in the original protocol. There isn't much of a relationship between the return codes and DNSSEC because the RCODEs exist in the un-DNSSEC-protected header of a message. (I recall a discussion on this walking through Manchester at the RIPE meeting there two years ago.) As much as some of us wanted to develop a state machine based on the return codes for name error and no error to describe negative answers, we kept running into a brick wall because the return code field is not covered by DNSSEC. # 2.3. Validating Responses to an ANY Query # # (as clarified in this document). To be clear, a validator must not # insist on receiving all records at the QNAME in response to QTYPE=*. s/insist/expect/ perhaps. # 3. Interoperability Concerns # # 3.2. Private Algorithms # # As discussed above, section 5.2 of [RFC4035] requires that validators # make decisions about the security status of zones based on the public # key algorithms shown in the DS records for those zones. In the case # of private algorithms, as described in [RFC4034] Appendix A.1.1, the # eight-bit algorithm field in the DS RR is not conclusive about what # algorithm(s) is actually in use. # # If no private algorithms appear in the DS set or if any supported # algorithm appears in the DS set, no special processing will be # needed. In the remaining cases, the security status of the zone # depends on whether or not the resolver supports any of the private # algorithms in use (provided that these DS records use supported hash # functions, as discussed in Section 3.1). In these cases, the # resolver MUST retrieve the corresponding DNSKEY for each private # algorithm DS record and examine the public key field to determine the # algorithm in use. The security-aware resolver MUST ensure that the # hash of the DNSKEY RR's owner name and RDATA matches the digest in # the DS RR. If they do not match, and no other DS establishes that # the zone is secure, the referral should be considered BAD data, as # discussed in [RFC4035]. # # This clarification facilitates the broader use of private algorithms, # as suggested by [I-D.ietf-dnsext-dnssec-experiments]. It says here that the "resolver MUST retrieve ... and ... determine the algorithim." How can it determine the algotrithm if the algorithm is private? It is possible that multiple algorithms use the same private number, the best that can be done is if the private algorithm just happens to be one the resolver knows and is expecting. There is one step here - instruct the resolver to "line up" individual DS RRs and DNSKEY RRs. This may not be possible if an unknown DS hash algorithm is in use. Of the ones that line up, you can go on with sanity checking. Do you want the resolver to side on being optimisitc? Should the resolver be satisfied if it can find one useable DNSKEY? Or do you want it to be pessimistic and through an exception when it can't line up and verify all key records? # 3.3. Caution About Local Policy and Multiple RRSIGs # # When multiple RRSIGs cover a given RRset, [RFC4035] Section 5.3.3 # suggests that "the local resolver security policy determines whether # the resolver also has to test these RRSIG RRs and how to resolve # conflicts if these RRSIG RRs lead to differing results." In most # cases, a resolver would be well advised to accept any valid RRSIG as # sufficient. If the first RRSIG tested fails validation, a resolver # would be well advised to try others, giving a successful validation # result if any can be validated and giving a failure only if all # RRSIGs fail validation. The point missed here is that it is possible that a resolver wants to see a record signed with two or more algorithms, reflecting multiple "sign offs" of the record. I doubt that this is an operational scenario grounded in sanity, but I would not recommend in this clarification what policy a resolver should favor. # If a resolver adopts a more restrictive policy, there's a danger that # properly-signed data might unnecessarily fail validation, perhaps # because of cache timing issues. Furthermore, certain zone management # techniques, like the Double Signature Zone-signing Key Rollover # method described in section 4.2.1.2 of [RFC4641] might not work # reliably. What is meant by "more restrictive?" "There's a danger...might...perhaps" is a bit vague. # 3.6. Responding to QTYPE=* with the DO Bit Clear Already commented on this in email (Wouter and Koch too). # 4. Minor Corrections and Clarifications # # 4.1. Finding Zone Cuts I don't see what 4.1 is addressing. It seems all of references are to parts of the same document. # 4.2. Clarifications on DNSKEY Usage # # Questions of the form "can I use a different DNSKEY for signing the # X" have occasionally arisen. "Signing the X?" What does that mean? # 4.3. Errors in Examples Earlier this doc said it didn't deal with typos - but that is what this section is all about - a typo. # 4.4. Errors in Canonical Form Type Code List Is this too just a typo report? -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From cladophorabookseller@rossipaolo.it Fri Oct 27 01:05:43 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdJuZ-0004wK-5B for dnsext-archive@ietf.org; Fri, 27 Oct 2006 01:05:43 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GdJuZ-0000Nc-2x for dnsext-archive@ietf.org; Fri, 27 Oct 2006 01:05:43 -0400 Received: from d36-34-22.home1.cgocable.net ([24.36.34.22] helo=u2-plwn3pt0ufq4.hala4.on.cogeco.ca) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GdJuV-00057f-Qq for dnsext-archive@ietf.org; Fri, 27 Oct 2006 01:05:42 -0400 Message-ID: <000001c6f985$7aa15d80$16222418@u2-plwn3pt0ufq4> From: "Nicholas" To: Subject: Software by the original manufacturerat generic prices Date: Fri, 27 Oct 2006 01:05:11 +0100 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="------------ms070007080304010203060106" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Spam-Score: 3.8 (+++) X-Scan-Signature: 7fa173a723009a6ca8ce575a65a5d813 This is a multi-part message in MIME format. --------------ms070007080304010203060106 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: quoted-printable Adobe Creative Suite 2 Premium for Windows Retial Price $1199.00 Our Price $149.95=20 You save $1049.05 Adobe Illustrator CS2 Retial Price $499.00 Our Price $59.95=20 You save $439.05 MS Windows XP Professional with SP2 Retial Price $269.99 Our Price $49.95=20 You save $220.04 Adobe Acrobat 7.0 Professional Retial Price $449.90 Our Price $69.95=20 You save $379.95 Adobe Photoshop CS2 V 9.0 Retial Price $599.00 Our Price $69.95=20 You save $529.05 Microsoft Office XP Professional Retial Price $499.00 Our Price $49.95=20 You save $449.05 --------------ms070007080304010203060106 Content-Type: text/html; charset="koi8-r" Content-Transfer-Encoding: quoted-printable
Retial Price=20 $1199.00
Our Price = $149.95=20
You save = $1049.05
 
Retial Price=20 $499.00
Our Price = $59.95=20
You save = $439.05
 
Retial Price=20 $269.99
Our Price = $49.95=20
You save=20 $220.04
 
Retial Price=20 $449.90
Our Price = $69.95=20
You save = $379.95
 
Retial Price=20 $599.00
Our Price = $69.95=20
You save = $529.05
 
Retial Price=20 $499.00
Our Price = $49.95=20
You save=20 $449.05
--------------ms070007080304010203060106-- From owner-namedroppers@ops.ietf.org Fri Oct 27 06:24:43 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdOtH-0003bj-4D; Fri, 27 Oct 2006 06:24:43 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GdOt8-0003J6-L0; Fri, 27 Oct 2006 06:24:43 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdOlo-0002Rb-TB for namedroppers-data@psg.com; Fri, 27 Oct 2006 10:17:00 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,UPPERCASE_25_50 autolearn=ham version=3.1.6 Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdOlm-0002RG-CE for namedroppers@ops.ietf.org; Fri, 27 Oct 2006 10:17:00 +0000 Received: from [127.0.0.1] (open.nlnetlabs.nl [IPv6:2001:7b8:206:1:211:2fff:fed7:7378]) by open.nlnetlabs.nl (8.13.8/8.13.4) with ESMTP id k9RAGruK064197 for ; Fri, 27 Oct 2006 12:16:53 +0200 (CEST) (envelope-from olaf@NLnetLabs.nl) Mime-Version: 1.0 (Apple Message framework v752.2) References: <4541D097.6030707@piuha.net> Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-10--1046580711" Message-Id: <5A87EF46-3AF5-4306-B151-870389F1728A@NLnetLabs.nl> Content-Transfer-Encoding: 7bit From: "Olaf M. Kolkman" Subject: Fwd: note the boilerplate change Date: Fri, 27 Oct 2006 12:16:52 +0200 To: IETF DNSEXT WG X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.752.2) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.2 (/) X-Scan-Signature: 97c820c82c68af374c4e382a80dc5017 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-10--1046580711 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed To all document editors: FYI. --Olaf Begin forwarded message: > From: Jari Arkko > Date: 27October 2006 11:25:43 AM GMT+02:00 > To: int-chairs@ietf.org > Subject: note the boilerplate change > > -----Original Message----- > From: IETF Chair [mailto:chair@ietf.org] > Sent: Friday, October 27, 2006 3:20 AM > To: IETF Announcement list > Subject: Update to Internet-Draft and RFC Boilerplate > > A small update to BCP 78 was recently approved by the IESG as RFC > 4748, > to update the boilerplate (i.e., standard legal text) in RFCs and > Internet-Drafts to recognize the IETF Trust as a rights holder, > instead > of ISOC. > > The actual boilerplate changes are given below this message. > > Starting as soon as reasonably possible, all authors of Internet- > Drafts > are requested to use the new boilerplate. The RFC Editor will in any > case be inserting it in all RFCs issued from 2006-11-01. (The rights > held by ISOC in older RFCs will be administratively transferred to the > IETF > Trust.) > > The public ID Nits checker already accepts I-Ds with old or new > boilerplate. > The Secretariat has started accepting I-Ds with old or new boilerplate > > XML2RFC version 1.32 will generate the new boilerplate. > Users of I-D templates are requested to update them appropriately. > > http://www.ietf.org/ID-Checklist.html and > http://www.ietf.org/ietf/1id-guidelines.html are being updated. > > Starting December, the public ID Nits checker will issue warnings for > old boilerplate. > > Starting February 2007, the Secretariat will refuse the old > boilerplate > in Internet-Drafts. > > We are sorry for the inconvenience, but this change cannot be avoided. > > IETF Chair > IETF Secretariat > TOOLS Team > > -------- > > Copyright Notice (required for all IETF Documents) > > (Normally placed at the end of the IETF Document.) > > NOTE: by convention, the first line of the copyright statement is > usually placed near the beginning of each document. This must also be > updated. > > OLD > "Copyright (C) The Internet Society (year). > > This document is subject to the rights, licenses and > restrictions > contained in BCP 78, and except as set forth therein, the > authors > retain all their rights. > > NEW > "Copyright (C) The IETF Trust (year). > > This document is subject to the rights, licenses and > restrictions > contained in BCP 78, and except as set forth therein, the > authors > retain all their rights. > > > Disclaimer (required in all IETF Documents) > > (Normally placed at the end of the IETF Document after the > copyright > notice.) > > > OLD > "This document and the information contained herein are provided > on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE > REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND > THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, > EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY > THAT > THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY > RIGHTS OR > ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A > PARTICULAR PURPOSE." > > > NEW > "This document and the information contained herein are provided > on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE > REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, > THE > IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL > WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY > WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT > INFRINGE > ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR > FITNESS > FOR A PARTICULAR PURPOSE." > > Exceptions > > In MIB modules, PIB modules and similar material commonly > extracted from IETF Documents, except for material that is being > placed under IANA maintenance, the following abbreviated notice > shall be included in the body of the material that will be > extracted in lieu of the notices otherwise required by > Section 5: > > OLD > "Copyright (C) The Internet Society . This version of > this MIB module is part of RFC XXXX; see the RFC itself for > full legal notices." > > NEW > "Copyright (C) The IETF Trust . This version of > this MIB module is part of RFC XXXX; see the RFC itself for > full legal notices." > > When the MIB or PIB module is the initial version of a module > that > is to be maintained by the IANA, the following abbreviated > notice > shall be included: > > OLD > "Copyright (C) The Internet Society . The initial > version of this MIB module was published in RFC XXXX; for > full > legal notices see the RFC itself. Supplementary information > may be available at: > http://www.ietf.org/copyrights/ianamib.html." > > NEW > "Copyright (C) The IETF Trust . The initial > version of this MIB module was published in RFC XXXX; for > full > legal notices see the RFC itself. Supplementary information > may be available at: > http://www.ietf.org/copyrights/ianamib.html." > ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ --Apple-Mail-10--1046580711 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: This message is locally signed. iD8DBQFFQdyVtN/ca3YJIocRAhIMAKCXrK7pFbqLPFps9EpdDJE8qvtXiQCgvqq0 whlR2lLvOhnMcXx50n4QLcY= =rBai -----END PGP SIGNATURE----- --Apple-Mail-10--1046580711-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sat Oct 28 17:16:33 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdvXd-0006eN-MJ; Sat, 28 Oct 2006 17:16:33 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GdvXb-0000iQ-B5; Sat, 28 Oct 2006 17:16:33 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdvQR-000L4T-2s for namedroppers-data@psg.com; Sat, 28 Oct 2006 21:09:07 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,BIZ_TLD autolearn=no version=3.1.6 Received: from [216.82.250.131] (helo=mail128.messagelabs.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdvQQ-000L4A-2n for namedroppers@ops.ietf.org; Sat, 28 Oct 2006 21:09:06 +0000 X-VirusChecked: Checked X-Env-Sender: Donald.Eastlake@motorola.com X-Msg-Ref: server-8.tower-128.messagelabs.com!1162069744!5263139!1 X-StarScan-Version: 5.5.10.7; banners=-,-,- X-Originating-IP: [129.188.136.100] Received: (qmail 18379 invoked from network); 28 Oct 2006 21:09:04 -0000 Received: from motgate.mot.com (HELO motgate.mot.com) (129.188.136.100) by server-8.tower-128.messagelabs.com with SMTP; 28 Oct 2006 21:09:04 -0000 Received: from az33exr04.mot.com (az33exr04.mot.com [10.64.251.234]) by motgate.mot.com (Motorola/Motorola) with ESMTP id k9SL93S6022967 for ; Sat, 28 Oct 2006 14:09:03 -0700 (MST) Received: from de01exm64.ds.mot.com (de01exm64.am.mot.com [10.176.8.15]) by az33exr04.mot.com (8.13.1/8.13.0) with ESMTP id k9SL92UW011638 for ; Sat, 28 Oct 2006 16:09:03 -0500 (CDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: DNSEXT WGLC: RFC2929bis Date: Sat, 28 Oct 2006 17:09:01 -0400 Message-ID: <3870C46029D1F945B1472F170D2D97900197EBFB@de01exm64.ds.mot.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: DNSEXT WGLC: RFC2929bis thread-index: AcbFHKcAocp/QHNfTE6NCXAh4nzKCwCoSH4Q From: "Eastlake III Donald-LDE008" To: "Edward Lewis" Cc: Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.5 (/) X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17 Hi Ed, The consensus of the CLASS-dependent versus cross CLASS RR distinction, although based on a small number of responses, seems to be clearly on your side. Also, the rate of RR and CLASS allocations are such that it probably does not cause any significant harm to just treat all RR allocations as if they were cross CLASS. So I withdraw my suggestion to make this additional distinction. Donald -----Original Message----- From: Edward Lewis [mailto:Ed.Lewis@neustar.biz]=20 Sent: Monday, August 21, 2006 8:18 AM To: Eastlake III Donald-LDE008 Cc: Edward Lewis; namedroppers@ops.ietf.org Subject: RE: DNSEXT WGLC: RFC2929bis At 16:27 -0400 8/18/06, Eastlake III Donald-LDE008 wrote: >### If you are asking about interest in general, the only recent spurt=20 >I can think of off hand related to internationalization. To those who followed that effort - using a separate class for non-ASCII names is pretty much dead, right? >### I never claimed this proposed change was terribly important but=20 >unless we are going to rewrite the fundamentals of DNS, why not take=20 >them into account? The provisions I'm talking about affect allocation Why not - because taking time to define rules and solutions to problems that don't exist is a waste of time. >### (continued from above) >which is exactly the topic of 2929bis. If they were adopted, things=20 >would be fine if someone did get a CLASS allocation and wanted to use=20 >it for their own thing. If we don't adopt this simple change and=20 >someone gets a CLASS allocation, you would probably end up having to=20 >update 2929bis. There's a point when you begin throwing good money after bad. I think the CLASS concept has proven to be bad money. Perhaps it had a good intent, but a pragmatic look says it has failed. >several ways you can have your own root servers." But CLASS is the=20 >intended way to have your own tree completely under the control of your >own root while still having access to the generally accepted IN tree. It's not that you can't do this, it's that no one does it. If the IETF is to avoid becoming "irrelevant" then we need to keep in mind how the protocols are being used vs. what they were designed to do in the 80's and 90's. My point being, backing up to 2929bis, is that we are over-engineering a task we wish to make a simple bureaucratic step.=20 This is a case of trying to solve a problem that just doesn't exist in nature. -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-= =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D -=3D- Edward Lewis +1-571-434-5468 NeuStar -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sat Oct 28 18:45:56 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gdww8-0000XP-MV; Sat, 28 Oct 2006 18:45:56 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gdww5-0007rg-5V; Sat, 28 Oct 2006 18:45:56 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gdwrb-00015d-ED for namedroppers-data@psg.com; Sat, 28 Oct 2006 22:41:15 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,BIZ_TLD autolearn=no version=3.1.6 Received: from [216.82.241.179] (helo=mail119.messagelabs.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdwrZ-00015D-Fk for namedroppers@ops.ietf.org; Sat, 28 Oct 2006 22:41:14 +0000 X-VirusChecked: Checked X-Env-Sender: Donald.Eastlake@motorola.com X-Msg-Ref: server-9.tower-119.messagelabs.com!1162075269!12638267!1 X-StarScan-Version: 5.5.10.7; banners=-,-,- X-Originating-IP: [129.188.136.8] Received: (qmail 19843 invoked from network); 28 Oct 2006 22:41:09 -0000 Received: from motgate8.mot.com (HELO motgate8.mot.com) (129.188.136.8) by server-9.tower-119.messagelabs.com with SMTP; 28 Oct 2006 22:41:09 -0000 Received: from il06exr01.mot.com (il06exr01.mot.com [129.188.137.131]) by motgate8.mot.com (8.12.11/Motorola) with ESMTP id k9SMf5cF003381 for ; Sat, 28 Oct 2006 15:41:09 -0700 (MST) Received: from de01exm64.ds.mot.com (de01exm64.am.mot.com [10.176.8.15]) by il06exr01.mot.com (8.13.5/8.13.0) with ESMTP id k9SMf5xs017422 for ; Sat, 28 Oct 2006 17:41:05 -0500 (CDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: DNSEXT WGLC: RFC2929bis Date: Sat, 28 Oct 2006 18:41:04 -0400 Message-ID: <3870C46029D1F945B1472F170D2D97900197EC08@de01exm64.ds.mot.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: DNSEXT WGLC: RFC2929bis thread-index: AcbFIMG7mR6xBD70S8+atg7xcFJ3+AP4YeTA From: "Eastlake III Donald-LDE008" To: Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.5 (/) X-Scan-Signature: b132cb3ed2d4be2017585bf6859e1ede Hi Ed,=20 See below at %%% -----Original Message----- From: Edward Lewis [mailto:Ed.Lewis@neustar.biz]=20 Sent: Monday, August 21, 2006 8:45 AM To: Eastlake III Donald-LDE008 Cc: namedroppers@ops.ietf.org Subject: RE: DNSEXT WGLC: RFC2929bis At 17:35 -0400 8/18/06, Eastlake III Donald-LDE008 wrote: >### I don't think there is much similarity. Although there are (nice)=20 >people involved, so a finite error rate is only to be expected, the=20 >whole idea of IANA Considerations is to make the decisions required of=20 >IANA to be mechanistic, objective choices. That is certainly amenable=20 >to engineering and has nothing to do with legal issues which changes=20 >with the constantly shifting human judgment of judges. My point is not that there's a legal element to this. My point is that engineers are as bad at bureaucracy as they are bad at legal matters. %%% My point wasn't exactly intended to be that you said there was a legal element, it's that you are insisting it is a "bureaucracy" that is supposed to make human judgments. But it is not. IANA allocations are supposed to be mechanistic, not judgmental. Hopefully the IETF is reasonably good at unambiguously specifying mechanistic processes such as protocols. IANA shouldn't ever have to do anything worthy of the name analysis, that's for the IETF via working groups, the IESG, and Designated Experts. IANA should be able to mechanically and unambiguously follow the allocation process given in IANA Considerations sections requests. >### If things are set up properly (properly "engineered") it should=20 >make little different to IANA how many categories of RRTYPEs there are=20 >unless IANA has to do some analysis, ... Cross-my-eyes and furrowing-my-brow...if there was just one bin for all requests, there isn't room for analysis. If we create bins to take away the need for analysis, then the bureaucracy has to analyze the request to know where to bin it. %%% Aren't you exaggerating a bit? I didn't claim that the situation was identical no matter how many categories there are. I said that if you make the IANA process as mechanical as possible, so that it doesn't make any sense to call it "analysis", then the number of categories makes "little difference" not zero difference. Surely you admit that IANA has to at least read and understand the text in an ID enough to determine, say, that it is an RR Type Code you are seeking to allocate, rather than an RCODE or something else? Well, if, for example, we write the allocation rules such that for all future RR Type Code allocations the IANA Considerations section in the ID must say either "data-RR Type code" or "meta-RR Type Code" and that anything else that looks like it might be an RR Type Code but is not clear on this point is to be bounced back as an error by IANA with no allocation made, I just don't see why there should be any particular difficulty on this point. When you go to an old time DVD store, do you look for "The Blues Brothers" in the musical or comedy section? It's easier if the store just lines the titles up alphabetically. %%% The situation isn't the same. It's more like going to a store and wanting to buy a either an audio CD or a 33 rpm vinyl LP. You won't expect them to be mixed. >### I do not see how that follows. So there was one case where giving a >meta-RR a number from the data-RR range did not cause a problem. Why I see a score of "The type value doesn't matter" of 1, "the type value is does matter" of 0. Is the stratification of type codes a solution to an artificial problem? %%% A sample size of 1 seems pretty small to me. I have described how it is a real problem. >does this imply that it is just fine to make it inherently impossible=20 >for future DNS software to tell whether an unknown RR is a data RR=20 >which should be cached or a non-data RR which shouldn't? Among other=20 >things, OPT overloads the CLASS field with the sender's UDP payload=20 >size limit and is supposed to always have root as the owner name, so=20 >even if it were cached, it seems very unlikely to cause problems. Who=20 >knows what owner name or other characteristic future unknown meta-RRs will have? Why tie the RR type code to caching? If you want a record to not be cached, use the TTL field (set it to 0,1,5, whatever). That's another matter, but this same question came to me in another media too. Even in this case, there are a bunch of other ways to stop this record from being cached. (For instance, its RFC2181 trustworthiness is low.) %%% There are at least three problems with "just use TTL": %%% (1) OPT overloads TTL. Who knows how future meta-RRs will overload TTL? %%% (2) I was using "caching" as a simplification. Setting TTL to zero (which it is not clear to me how you would guarantee) would stop "caching" but the RR can still be used to answer a recursive question. Thus the meta-RR would, depending on various factors, be blindly copied by a recursive server that didn't understand it into an answer sent to a resolver which did understand it, which could have very bad effects. %%% (3) The interval of RR numbers from 128 to 255 is already assumed by some resolvers to be reserved for non-data RRs. Thus it is already implemented and deployed, to some extent, to tie RR type code to whether an RR is data or meta. -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-= =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D -=3D- Edward Lewis +1-571-434-5468 NeuStar %%% Thanks, %%% Donald -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sat Oct 28 19:19:32 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdxSe-0005c4-OT; Sat, 28 Oct 2006 19:19:32 -0400 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GdxSd-0002Ge-Al; Sat, 28 Oct 2006 19:19:32 -0400 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdxP1-0003rJ-By for namedroppers-data@psg.com; Sat, 28 Oct 2006 23:15:47 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [216.82.250.131] (helo=mail128.messagelabs.com) by psg.com with smtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GdxP0-0003r5-6D for namedroppers@ops.ietf.org; Sat, 28 Oct 2006 23:15:46 +0000 X-VirusChecked: Checked X-Env-Sender: Donald.Eastlake@motorola.com X-Msg-Ref: server-8.tower-128.messagelabs.com!1162077345!5272795!1 X-StarScan-Version: 5.5.10.7; banners=-,-,- X-Originating-IP: [129.188.136.8] Received: (qmail 4182 invoked from network); 28 Oct 2006 23:15:45 -0000 Received: from motgate8.mot.com (HELO motgate8.mot.com) (129.188.136.8) by server-8.tower-128.messagelabs.com with SMTP; 28 Oct 2006 23:15:45 -0000 Received: from il06exr02.mot.com (il06exr02.mot.com [129.188.137.132]) by motgate8.mot.com (8.12.11/Motorola) with ESMTP id k9SNFiNX007811 for ; Sat, 28 Oct 2006 16:15:44 -0700 (MST) Received: from de01exm64.ds.mot.com (de01exm64.am.mot.com [10.176.8.15]) by il06exr02.mot.com (8.13.1/8.13.0) with ESMTP id k9SNFim4014311 for ; Sat, 28 Oct 2006 18:15:44 -0500 (CDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: DNSEXT WGLC: RFC2929bis Date: Sat, 28 Oct 2006 19:15:43 -0400 Message-ID: <3870C46029D1F945B1472F170D2D97900197EC0B@de01exm64.ds.mot.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: DNSEXT WGLC: RFC2929bis thread-index: AcbIx2r+7FjECPw/SHO0nWsIspSX/gyG/7Mg From: "Eastlake III Donald-LDE008" To: "Sam Weiler" Cc: Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 00e94c813bef7832af255170dca19e36 See below at @@@=20 -----Original Message----- From: owner-namedroppers@ops.ietf.org [mailto:owner-namedroppers@ops.ietf.org] On Behalf Of Sam Weiler Sent: Saturday, August 26, 2006 12:06 AM To: namedroppers@ops.ietf.org Cc: ogud@ogud.com Subject: Re: DNSEXT WGLC: RFC2929bis Summary: I do NOT support the publication of this document in its present form. ... It's probably unwise to specify the namedroppers list in Sections 3.1.1 and 3.1.3, since lists occasionally change. Instead say: "The DNSSEXT WG mailing list, or another mailing list designated by the IESG. Currently, this list is ..." @@@ I believe it is flat out prohibited to specify a working group, as they are deemed inherently temporary. I really don't see what's wrong with specifying the namedroppers@ops.ietf.org mailing list. It is hosted under ietf.org. If DNSEXT is terminated, it does not seem like there would be any problem in namedroppers continuing. If some new DNSEXT2 WG were formed and, for some reason, decided to use a new mailing list, the RR Type allocation mailing list could still remain namedroppers. I suppose it might be reasonable to make up a brand new permanent DNS-RR-Types@???.ietf.org mailing list if someone wanted but I don't think it makes much sense to be vague about it in 2929bis and throw the burden on the applicant. Seceral sections (3.1.5, 3.2) use "IETF Consensus" as an allocation metric. That term is deprecated in 2434bis and should be replaced. @@@ Good idea. Should be replaced with "IETF Review" as suggested in 2434bis. As Thierry Moreau noted: In section 3.1, sentence starting with "Thus far ...", is missing reference to DLV and TA assignments. Similarly, those codepoints need to be excluded from the meta range (and it should be explicitly called out in the breakdown of the space that these are normal data types, not "meta types...which it is safe to simply discard"). @@@ Yes, this should be fixed re the recent excepts in this range. (However, 2929bis does not require all meta-types in the relevant range to be "safe to simply discard". If they are not so safe, they just have to be allocated by a Standard Action instead of by approval of the Designated Expert.) Section 3.1.1 item 2: "(b) a Meta TYPE who processing is optional, i.e., which it is safe to simply discard.". First, there's the odd 'who'. Second, is 'discarding' really the right answer when a recursive resolver gets a meta type query? @@@ "who" -> "whose". @@@ If you are asking about what to do when you get an unknown non-data type as the type being queried for, then I guess you are right. Returning an error seems like the right thing to do. What I was referring to is what to do when you get an RR with an unknown but known-to-be-non-data type. The allocation rules in the current 2929bis draft say that for such a non-data type to be sufficiently innocuous to be allocated based on Designated Expert approval, it must be safe to drop such RRs, whether they occur in queries or responses.=20 -- Sam @@@ Thanks, @@@ Donald -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From wkdvjetj@orbitbenefits.com Sun Oct 29 17:44:46 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeJOY-0005FD-H3 for dnsext-archive@lists.ietf.org; Sun, 29 Oct 2006 17:44:46 -0500 Received: from [60.31.198.202] (helo=[60.31.198.202]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeJMU-0006fx-5P for dnsext-archive@lists.ietf.org; Sun, 29 Oct 2006 17:42:41 -0500 Message-ID: <000901c6fbab$80552180$cac61f3c@WUGUOLIANG> From: "Gothic Offer" To: dnsext-archive@lists.ietf.org Subject: spin doughnuts daily. Date: Mon, 30 Oct 2006 06:42:23 +0800 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0005_01C6FBEE.8E786180" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 1.6 (+) X-Scan-Signature: b84f8c8fba0e1389e5eb998b64078964 ------=_NextPart_000_0005_01C6FBEE.8E786180 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0006_01C6FBEE.8E786180" ------=_NextPart_001_0006_01C6FBEE.8E786180 Content-Type: text/plain; charset="windows-1250" Content-Transfer-Encoding: quoted-printable Kittenwav am Kitten cry or Lionwav Lion Roaring is Roar Monkeywav Monkey = Pigwav Pigs Snorting is squealing is snoriting Purrwav Purr Rstrwav. Week Yourmusic or Friend Hearmeplay Roxio Cdwow Napster of Young Killers = Waterloo is Anywhere Dirty Pretty of og Gangster. Kittenwav am Kitten cry or Lionwav Lion Roaring is Roar Monkeywav Monkey = Pigwav Pigs Snorting is squealing is snoriting Purrwav Purr Rstrwav. Abuses of Chilean in regime coup am occurred nonprofit outfit produced = cable Jack is Kubisch secretary Latin carried summary. Profit Massive boost sixmonth net income percent overall unchanged of = fight simmers Judge recuses Florida lawyer turns his in Mortal of. Trademark Wikimedia Foundation Career Talk Active Topics Memberlist = Register is Login pmyou is visited is pm Quick click here in Make = donation Attention if would like. Browsing those loaded increases load searches plan Conversely a smaller = am slows item goes faster experiment. Searches plan in Conversely smaller slows item goes faster experiment a = determine works force garbage collector need is decrease amount minimize = am. Silence a Equalize Loop Modulate Sound Labs recorder allowing xp = displaying convenient rename. ------=_NextPart_001_0006_01C6FBEE.8E786180 Content-Type: text/html; charset="windows-1250" Content-Transfer-Encoding: quoted-printable
Kittenwav am Kitten cry or Lionwav Lion = Roaring is=20 Roar Monkeywav Monkey Pigwav Pigs Snorting is squealing is snoriting = Purrwav=20 Purr Rstrwav.
Week Yourmusic or Friend Hearmeplay Roxio Cdwow Napster = of=20 Young Killers Waterloo is Anywhere Dirty Pretty of og = Gangster.
Kittenwav am=20 Kitten cry or Lionwav Lion Roaring is Roar Monkeywav Monkey Pigwav Pigs = Snorting=20 is squealing is snoriting Purrwav Purr Rstrwav.
3D""
Abuses of Chilean in regime coup am = occurred=20 nonprofit outfit produced cable Jack is Kubisch secretary Latin carried=20 summary.
Profit Massive boost sixmonth net income percent overall = unchanged=20 of fight simmers Judge recuses Florida lawyer turns his in Mortal=20 of.
Trademark Wikimedia Foundation Career Talk Active Topics = Memberlist=20 Register is Login pmyou is visited is pm Quick click here in Make = donation=20 Attention if would like.
Browsing those loaded increases load = searches plan=20 Conversely a smaller am slows item goes faster experiment.
Searches = plan in=20 Conversely smaller slows item goes faster experiment a determine works = force=20 garbage collector need is decrease amount minimize am.
Silence a = Equalize=20 Loop Modulate Sound Labs recorder allowing xp displaying convenient=20 rename.
------=_NextPart_001_0006_01C6FBEE.8E786180-- ------=_NextPart_000_0005_01C6FBEE.8E786180 Content-Type: image/gif; name="hugh.gif" Content-Transfer-Encoding: base64 Content-ID: <000401c6fbab$80552180$cac61f3c@WUGUOLIANG> R0lGODlh+AHIAYf2AAABAH8JAA6EAIaNCw0He4oMfAB+db3It8bRyZi97zMaAF8UAHYUAJIcAMwl Dd0eCAw5ABMyDThKB1dKC3JOAKNHC7M7ANQ+AAxWABlWA0xiBWhoAIhWAaRpC8dcBuFbAAB1ACx4 ADaCAmd1AIuLAKyEAMt4ANR+AAGiASqlAEuUDF+gAIykAqehAMunAOioDAC/CSW9AD/CAG6/AIey AK7JCry3CebEDgDiAxLjDUbSBFPpAIvmBavlALnZC+bdAAAMOCgATE4ASFkLNXYONpgAMbEAOuwC RQESSxYZR0YWRFUdO40XRZ0hNsEpNt4WRgBMOiE4Tj44M1xCSXtDMaFBSsxGSNdARwBWSiJrMkZW OVZdP4xgEqlTSrJnReNXNQaNRSiNMkh8SV17QIZ8TaSLS81+OeGCPwyfNxWUODesTlmeQYKYO5Of OM2dPNWTQwDOOCnORzS3PGC9TITLMZm3O8e2PO7FQgXdSCTnMT7rTVXhNHzXNavlQbfeP+3lMQAA jhIIi0kAdWgAeYkGfKUAiMwNgeIFeQAbgioSjTwag2YcgnESe5ESg8ctjOwagwwzeBM2cT5OcVJI jI07e6Y4i847itZAiA5ZjBFffElneFJYf4hWg6Nojb5RceNtdgWDhBWLfjOMcWJ+fneKf517fb11 f9hyggulfxaZeECTgFiTiHyhe6GlgLeojtOufgDEdRm2jjO3iFS1co3IgJO7jci6e+a6hw7Zexrq ijPRcVLjeX7hh6XffbLuf+fhfAMBtiwAxD4Aul4AzHQNw6YAw8oCwOUBtgAtsywgxjceymgdyosi ypchybUUuNYgvg01xig8xEJDt10/vYo3uJc8sr9Czdo1sQBdxxJtvEdjtldrxodXw61fx8powepc zgSAuSR7skR6xGKHwHV8vax+tMp3zuSMywmWsymrt0CezFadyoKktKOfy8yRy9KkwQDOzRq1xzq1 wFS8snnNwqS/x/z/+JytnXt3ff8AAAb/AP/6AAAK+PkA+gD/+///8iH5BADB8TEALAAAAAD4AcgB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuX MGPKnEmzps2N/3Lq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HZv0ptmzaNOqXcu2rdu3cOPKnUsXIdm7ePPq3cu3r9+/gAMLHky4sOHDZOsqXsy4sePHkCNLnky5 suXLmDNr3sy5s+fPoEkiHk26tOnTqFOrXs26tevXWgWCCE27tu3buHPr3s27t+/fwIMLH068uPHj yJMrX868uXHY0Ls6n342uvXr2LNrN5pwu/em1MOz//33oTz5DzzLq0efc7179ufRs38PPz789+nN 188/33z8nfvRB6B+/7Xnn07qGehefvwhmKCCEBbInngUotUegj3Nl96FGJLnIIcacihiffd9CBSJ AG6YoocstuhfgD6VyOJ+LXZYo4wiuphThTzaNCKMNc4Y44o25ggikSieSOSNQRoJJJAqLsngijSG mKOMPWYp04hMcnlkkRlG2WGSTSppI4w0BpmmmkOKuWGSVV5Z5IRa1tmSlzjm+aCJYUo543pTDqWh lTq6uaaAffo55qJRDirnP3ZGGpJQeXpZaJoHghmnkDGuSSWnlmr6E5R+eiojoXiCWuZ3rLY6Fo4e ov9Ippmiqgirm2E6OuCetSZq5K+mpoiqjrqC6eqxyEbVXaF8xqrorGzaOqeiwl4ILanRYgssrQZu a+23K0oqrkmhOmnoeb1O+yi6v/qKrbaVPusrrrCS6um4+Ir0H6/RKghorJkWuOt9mRK4Z8DqRigw vwsfyC+vDAt8JcPQspjvxRV952myHHfsMVXLurbxxz9hbLJGJHd88sost+zyyzDH3GPKNNds8804 56zzztfJ7PPPd/Is9NBEF2300UgjDfTSTDft9NNQRy311FRXzVnSWGet9dZcd+11X1aHLfbYZEv9 9dlop71j2Ww3rfbbcGPd9txAx2333TzTrXfMePf/7XfKewfe8t+EF2744YgnrvjijH8s+OOQRy65 bY1XbvnlmGeu+eacd+7556CHLvroeS0LwOn/ADAW6jmdrjp4BXEXuwC0C/BP7TnhrpPtO+meO+29 18777cLbXjzwxxtfPPG+74788LgfHzzwzitf/fW2G8TT66m77hPrR7nOvfjet4469+afL75O4Je/ Pvvvu3++TtMFNT76YKGP/13Q5947T8PbXU8C6L8C3k6AvEvgAReowAL2D4ACjOACHShBAwbwgcQT yvh2ssHWIUV/HkxdCO/HQfaFUIQnRGEHTThCFqaQawnB3/680r6naK8oBiHgBHdoPAj68H8W/IkO /3dIxAnqEHoYJGAPhei8CCoRUrFj4f5et0KiTLGELkzhFU9YQxR+T4ovfF39fjLD7lFRdVQ0X/fg p8YzohF8IkyjGtcoxzW+8ClPrOASK2hACT4wjz+kYBB/uEQMCnKACDykFbPoQfd5kXXzuyMIGQlG LD5ShZTkYiO/6LUYclKFbwTlJkVZRxmOUo7qi2MKb0iUG1KPec1rYB9nCUskvpKWRBRe9Yb4RyMS 8ohOZKBPWFnFFrYRk3aUpCW9CJT2vQ+T+pti+ZK5PSj2aIYdRKUmzWjMOoLxftqM4zStORDZEQSI F5xeOgPZxwYCEojBVKQf/WfIXBKSnrgkJiVL2f9IRy5Ti/9sJkCh2RNTVhOb5FyOQEuYzW6aMJwb 3KIdITrKrcjSl/NkJw9xWUR7+pCXfqznOzGaQY+ScZ/bRGM1AzrJMJ6UmaWUqDKZeUe1NdSholQl MiNaUCxSVKdldEovMzpIfCYynkWFZztJSlSmyhKQ62TqJ2HqwjSGc5kGrepKkWnMrmZVqwF92zjl F8r5OZN8yZTmCsmXylTWlCm6ZN7vlJfA5+lSetKrpS0B+Eq89nWvvqtrXGHJV7rq8ZYLTV80uenW cSp2e3Dk5kPJSlYpTvON0XTjW+VmF6cE1X5cYeVQRNs30X6WZmLM0lNOO9WskDYor70baVnrMe7/ jbEqjrUfbUnH26KFzIZRTE1ssza5ykhluKNBbtKKu5iu5aO30CUMWntKsnxYVyfWfa5PrpuT7GL3 H9nlLnjF613tYje85vXueMl73fSqd73dba97n4te7mrXvNG1WTFpRl/w+re7PcEvfv9L4PR+N74B 3omBCwxgBBOYwQd+8H0bPOEG57dm+01Zfy084A4LOMIL7nCCFUxhnoh4wP/9sIMfzOIFX9hV3Yko ZtM3RxEq9zAGea+L/SveEoP4wCgeMZAjzGILD/nHFSayhBPKXMeYkYRA5SqTV3ND+xLZyiQWcHiP HF8Rk1jCSf7yl1Wc4habmMRNrgtot6pS+EV2/zv93fGOeSzmMpv5zGNOcJBRHOYQ3/nKL0YtdXW6 We3EGdBGpjOiw1xkL/PZzI9eMoe9jOhAf0yibc40qw4t50XXOclkrjSoOSxqMYe6yHW2tHZiCEfv uRrKNg4uarSnY/J2+dZARi+u18tnXd96y+f1cI95Hewr93jBaaaLc6ESZO80W9XQBsyzsTPtaFv7 2tjOtra3ze1ua+63W7mxXsSNlGRPTbdv1q0Gd4sYfribH/94t7t1Mu+cvNve9/b2iz1Z6NZOldx4 MQi87U3wgsd7JwMf+MHNXTZ2DzqxUyaMwHui8IpX3OBrY7jYYKo+V7fwrGAE+F20p3CDXzzh9P/e icbHVuNslnWil2SmyBMTxXrHW94pP3jJ673ypy2Sq9rkaVdhg/Kco7zkGNc3dH8r9J1e8qYZL6fE ZV30gluc4kzuedTWGnOrPrSSURdIYSZudYRjvOrw1rrbyOhYcNJxxjRmLGtwfnO65/vgdUe60rvt 8L37nWh9/3tgwCH4vKS78Ih3XGcRM/PYqF1ypGm8ax/fNqQFPvF+z22NrchW04yVg4fHPN+H4vCr JuXyUFHpGcEq+mvH+LSXR/0/JW+UNrNedZSvvAa/l2nN5laGq8dsKCUre6W0nfWtz/xKI8nPh6NS 06YPS6uRn3ylZ1WzUv6nP63qz9XF/PvVVzX/0+V+yq9P9aqQ3GrY7aEV23M992wj/aA1XVH1/xSn 0ic018MPbVaXEa3P9H+t1nnEB2W4J2u4BXJxB39lgxXFB3568YD811vgdnqrlUk8QXtXwYBkk4BR oXkTGIJYUYEiCBUcaCElmIIquIKYFwAu+A8uGAAwGIMvSIMymBMxiIMvqBM0OIM26IM7yIM5qINC eIM+CIM88YM6eIM5OIRDCIRGaINRWINFOIVGuIRHuBNN+INBuIU9mIRJKIVZCIRCWIQsOBpRyINq iIQ4uIZt6IYyyIRvmIZvWIdXSIcz2BN4eIduyIZw+Id+uIN8SIRaOIVhCIiD6IeKuIhyyIZ4/xiI WniGf9Ede6iHfdiIfRiJmuiIlpiHcwiGoAiJl1iHgMiIYHiFn5iGqqiGj0iIoviHqEiKnAiKXbh+ JzgTQVGJr8iHsbiIskiHsSiHjdiLofiIvOgTuoiJm7iGcciKztiGwPiMrbiKnciMndiMviiJg4GN S2iFqMiNh7iMZCiLs4iNdxiE3WiMkdiLX9iN5OiLwziLnIiJ7SiMmRiNofiJtAiN2ogY4EiP5EiM o6iJrViO8hiQBCmOxKiM8ViN1oiEAAmRdjiREvmLVeiQB6mP4NiP26iIwYiQuaiQFJmQhPiNDsmQ +UiSFrmO18iPomiOmRiI00iKJqmSD+mJHP9ZGDXpkqZYjYk4kokYlOLokTSZkqV4jCO5i0dZihWZ lOookkUZlTkZcIt3jj34hIKIju5ohlhYklhZixcZhu04jlxZiN5Yj1qJlsNYg4KIhWKIlelohV05 hl/ZhWB5i28xlUqBl26hl2XBlzXhl4I5a4BZmJgxmIiZmIq5mIzZmI75mJAZmZI5mYBjmJZJGZSZ mZq5mZzZmTlzmaAZmqL5M55Zmsc1mqiZmqopLqbZmq75mmGxmrLZFrBZm+Y0m7iZm7o5HLbZm775 m8AZnEyxm8RZnMZ5nMiZnMopOMLZnM75nNDpmiQYnX+5mv9AANhJANeZndqZE9ipE9npneH/CZ7c SZ7lOZ7iWZ7g2RPnyZ3dqZ7p+Z3x2Z3bCZ/XyRPjGZ76SZ/oqZ/4yZ/f6Z7auZ8DGqDouRPuaZ4H Sp/zyaAI2p8AWqAMup/mWZ/5aYuiyZ/euZ4byqEaiqAcep8d6qAiWqImWqLvuZ4fGqIr2qIgip8h iqIviqIkOqEs2qEyuqIwiqM6WqMzGqM9GqM8OqMf2p2z6aM8WqRA4aI7+qMq6qQnSqI3OqQ4CqIO mqJEqqRQKp8y2qQaKqVeKqQbeqVNeqIiyqU6mqRT+qKgGRRkOqRYaqZUeqZiGqf3+aYeKqZzyqQ2 SqZIeqcjOhQDSqV8qqdEmqdP6qQ2uqOD/9qlhxqnkDqVy4Km8JmiE1qjC9qf7LmgVbqdCvqgmwqh XGqhL3qpPqGkdnqgdBqhfQqo5LmkmTqqqVqmSGqpdZqnrMqhs1mqvOqqilqlkcqoDzqqiPqnwBqo iBqfVsqeuNqptdqlrdqoUIqs1EqqQrqovSqtf2qr1Gqkl0kUs0qjzNqrnWqmxvqsP4GndGqi55qs e2qn5vqq5eqp9Fqm5Bqva3qswiqet6qm5Qqmeqml1Rqsa9qqiTqm5JqqabqoTIqwBXuo+dqu+uqo afqwB+uo+DqnGKutEDuvg6meApqeHqqqopqgIXuy8kmg72myJJug9amg7bmyEiqyBAqkqv/6siPq su+aspfKqjFLszr7n5RapCw7szkLspK6eH8HsNbRpuHHtNTpeAcRtU7htFR7tVibtVq7tVwrfsv5 tWAbtnnZtWRbtmZ7tksntmqLMmg7mWv7tnAbtyrRtnRbt3Z7t3ibt6smt3zbt36bEXrLmH87uFMb uIZ7uIibuIq7uIz7moT7uFLXuJI7uZRbuYAxnYMBuXpjuZzbuZ20eDund0qBc/J2dfiWcHeXdZq7 cUKBdKLbujxxcXg3uztncp7bOPBWu0jhulhncrL7ureLOLlrdjaXb/N2vDaXdLKrc7ZrdqzRAcFr Gmh3dEZXdhRncXdHvfQGvNHrN3RHu+D/i3dV17u6q73O271w0x3lm3K/a70+Mb7T27sYurpWExTr S3DtK76xW738677ci74whBDGW2/Zm7ykG7oEXLqna3TZq7r0Ozel8cCQE8ESzJyRV8GBA8CBsTIa fLkn08GTGCnoRk2Q9WRUAYIkXBS0hcJrtlqLRVMpbHwCqMIv5R2lp8ISGMAHEX3LB8OWxG6wt3tM kcOepX4P5281fMR+k2HzKylfRV2290lALMQQZ4F48cRGrMRJnMV9w8QOLClUBUkNdVm+J8bHZFkT tT5m/GoFyEY+NXyaZ8agB1ltBXfiFHdlBXJm5XZpNYBv98d1nMYDiH2BHIDBl8cv3Fhs/6xYgWzC bTR8eJzGTSweVBxJDuV1QNdN16d65ddS6YfJbMbJPkxoR4zJ9GfK+MdFIITK3gTII3TKojxJ7vfI TofGpvd8UWZ+uEx/thzKudw4EJV+URY/liXMP9zJr7xN4iTHYBXFnBRZxzfMl9zDmOZm0ORxNPVT 2rx5VIVTwUxRwCfMq4fHNzXOPuVSH8fCSzzNTgfKKZXFY1x+XmV+2vdNlXzO54zKBPXD1bzPUdzK 21zLzjxQAv1x+AfN1JzPPUzK+Hx99ec3/kdjHcdWkCw/c/RqmcVYwvdkzqTRMwbNHfd23jRdoDfI bgbHABjSPqzSaozRjyXRwtfSnUeA1v9cgHksWRzdWLz30dNF0TH90yW9yI+MyF8swoRDxGElGF5c ex/U1Og8yhBogka9OOocPkhNQ6FXe1k9x6eXbupc1SAc1iOntGIdWqRZ1l7BMmjNmDLVb6kne1cd wydcUNL0QXEtw6wF13fdwlR8OZjbFHvN1z93FX23W0GsxX2NW/IH1R+4FUSs1jSUP05N2JOd2Foc eIHt1pnNxXO9bQqY0pIc0mJ8yGxHywFIznes0agN0rSM045s0xdN1MwczrGt2q/sRqQtx3VM265d yDcd2mkV1MdEWW480ZK8eY3sOdAnz/+sSS630gbNzjk1z8+NUHSUfaCszbwsywrdztH/LdAvt8tP 3cquTEo7xd0NPcv+fNG6DN3X3TnYHN24nMnlvNNVFHRg133qDdDijN0V9Xz93XXGfM2f/NL77c2O HH1QV0ngrN8DXtCXrN+TxcypnDnurM/1/d9Dx0gHrn8IruFSBs7o3OEGxU+3/NAQSOLSXeEL/uHu DOEM/s4MzXVtzcOH83osPdoEyMYu7dG0rchlTMg8nuOQnNOInNFxJ8iqLdo0bcKXVdIeXdNDHuVu JeUmPdEtHeVGDuWwneQ9zuRFntPdA9lLsdlundSBYeaRjR1TrHR/neRWUXpbzRdgLV1zjhpgXefK wsFr3ed+rhpv/ufhhjGCPtYXA+dl/66AgE3eJy3UqXHnMozD4GTIkF7anvVmc97jiM3VNT2cddLC /6fVbnyBQmzjfWHYnc3YzXzQRVzFz0x9NZzXfG3qap41WKzqnF7pll3FtQ7YNDwVS/3U3dzYrq7E wa7MxZ5Ft47rsoUQPw53a8xQ+rfGuI3TKL3F107Hq33kxX3TZBzefNzRXF7lxHfcHI5VzfTb0Z7t bTfa427uzezts43QqN3GamQyphTQCB3LvZzdQ2fdbMTL+0xKp/zGtVxVq4zMbHbGCP/L2Yzu6f7e yZzLAA12DS/w38d87NzPMU5odsLr4P3gqrTdmizj2GfE3Dd9qw7h24fia6Xx8ePJG/8+xp8H8YX2 zap80uM9UwTu0C6OzdYd7gbe64o3tRle8QvdfBce44xe4u5t8hvvVf3Mys7X8ase6sKe4vLt3Fnf 4l03yvt3fyHu4sr08SOs8+4+Vnss5EBt0xjtfnpsx+RcxiLd6DpN127v5OQ+99TE5K6N6O3+7CKd 5e5OwpU1x0OuVtYM2nnv5dWe9kSv3BgIGIVd6GAR6F+h54YH6brOgmZv+fqG+XaDwZ0B+qZ/+nyB +Z3f+erG7Ine+osf83xPP6S/Ga2+2MyO6o7d1+gH9ahP+b+e+8GfFYe98zDn+r+v2I1s0RLvSBS+ 5H0s7y9t2oRvx0+OVU+u3smf+cn/vNzTnfMYD2sUP9wEfd7X7e8wHPakHPnbL+LLTN40T++PpPHg jfcevt5en8nfj/zbT+r4DRD/AAj8V7DgQIMHDSIciDChQogMCU6USNDhw4kCHVZsqHAjxIggK1IE idHkSZQpVa5k2dLlS5gxZc6kWdPmTZw5cQLg2bPhT54agT4M2lOjUKJDhQL1abTpxaALFxb9efRg VKNXGfrUGjFqRp1hxY4lW9bsWbRp1a5lm/Ei0bZx5c6lW9fuXbx562bF+FXvX8CBBQ8mXNjwYcSJ FS9m3NjxY8iRJU+mXNnyZcyZNSe219nzZ9ChRY8mXdr0adSpVa9m3dr1a9ixZc+m/13b9m3cuXWP 3tzb92/gwV3uJl7c+HHkyZUvZ97c+fPSwqVPp149MnTs2bVv597d+3fwpK2PJ1/e/Hn06dWvZ9/e /Xv48eXPp1/f/n38+fXv59/f/8nwAhRwQAILNPBABBNUcEEGG3TwQQgjlHBCCiu08EIMM9RwQw5V ++9DEEOsqUMSSzTxxAlFVHFFFlt08UUWUZRxRhpr3A5GHHPUcUcee8zMRiCDFHJIIos08kgkZfNx SSatS/JJKKOUckoqq7TySiyz1HLDJrv00jfxvmRrSzJLFHPMMtOMMCVy2iTnHzfbNEjOgtys0845 6YwTIzvfTMjPPN+kE045+wQUT/9CBX0I0TsPRZTRRBM1NFBJDfXT0kX1PHNTm0g7tM45QxX10z9B NVVUQhflE1U4UQW01VMHzTNTVh2lNdZTYb3U1Fdt/ZNUNYN1EKVXcb1zVGJzLXVZUIv1FVZoB92V 2VA/nXZZRZtl9VhlnWU221ZJ5XRcnbzF9dpiXTUp3VLNDdfYd3VdCdxs093VWmS1hbbbb6P1l1yA WwpT2j153VfWXBHuVdqEkRX33oQV1vfafOsNlFRw+VU3XmCF9ThBliieNmONqXVX0n7j/ddiag0e eVV50TWW5JMxllfZgHOWSeRY7VX155J73ThVeDVtOWaDf4b4329PPthheHWWOiH/T/NN+mpzxW14 a6aZFprrobV+eGiV9zX7a68x+njtBwuOU0+GUf5VUEgbdfTSQvPGWO9a68YT77vv5lVvTCN29lGj /y6IbcYXnDqsxiM/8HGdJLd8QMpzunxz6DL3/HPQQxe9rjBHN4tz1GlTqU+7CfcbcUopfVvWty92 PXDbbV+Y7toB371guS/mE+FuZ6+UYtOZfBbfm2t1Xumri7aaZ+k1fplebKMXG2buk5bZ7OR7dJdd 8MHHe9uzTxobaJy/L7/kstc9muT0V2XX6ffDz5H85nE2f+LuvW99Nvtf2gqIvvw9TVU+O1r8rIdA /e1vbnZjH/quF0Dy1Y6CG2Qg//CCt60MZnB+B/Qf8s72qAguaXzws6DLMKi+7K2sfdqbYQMRiLZq vXB4xMsaBFP4ohXKL4DN42EFn8fAFvaPf/hrIA711TIk1i+JP1yReNB2RRiSLYoCjOETn2dAsB3w fuzbHhkVCEJqpU6Nudng8WK3Q8EVL45z+1vveIi4wHkQj5kiXqToyEd72RFwbzQerNZ4yNpQsXKI ZORpFPlIypUOkjRpZCUlOUlMZlKTm9TPJTn5I0sCCYQadCMcKzWrRrXxeLjjYyqDV0fe3dFvgCwi HUNIsDf6kZCwc+UfJxhLSO3RVKE00+q6V8aNrQ9rMaSeybiGxRpK8YvRjCIyUf95TWhG02sswyIB P6mXgUmzf2cMmzezqE3vwSybSBSa05hHtgLGrV05jKfW/lczYxKQmCTKZwWR5051uU+I6FRZB1Mm xnlCkZ7wNKgJsedQAI6Qfwn83kS/CZhmRs98eYTaNc1oROxBz1V1+6ASgSayWYqUfkuDKNIkyiZi VfSi4OTNB3toQ+otrYkjPKY6UzbGE9LupIxqKTPjeTODxs9nE7VoSP20zxqd8aYQzKlHS8jTj3ZR hj794lS3ytNndbSlYb1nVmGoT6hyKVlanOZXTdo1NFI1q+vkHjKzCcauYlWZXasmQ/vpv5kKBpal JKzwSonCkvZSlRP0pWF1STD/jkaqkH4sHNEci9jYDbKNmG2sYnV5WXkGVrSjJW1pTUsfT562MWll bWtd+1rYxla2s6VtbW17W9wKSLW77U9ufftb4AZXuKnlbXHlM1zkJle5y92ncZ1bH+ZG17XPpW58 pHtd7GZXu1eqbnfbs13whle84z2Rd817XvSWlrzrZW973fte+G43vfOlb30fGV/85le/++Vvf/37 XwAHWMBrs2+BwTRgBMvIwAsGZYId/GAIR1jCEyYOgy1cGQpnWEIX5nCHPfxhEPNWwyMmcYk3F2IU F8bEK2Zxi8mUYhgHxsUzpnGNjxRjHOfFxjvmcY99/GNh5VjIpANykXczZCTHb8XIS2Zyk538ZChH mUZJprJapHxlLGdZy1u2TZW9fDouh/nLYxZLmMVMZjSnWc1rZnOb3fxmOMdZznOms5PMfGc8S7nO e+azm/Oc5T7D+c9YDnShDX1oRCda0YtmdKMd/WhIR1rSk6Z0pS196QUHBAA7 ------=_NextPart_000_0005_01C6FBEE.8E786180-- From owner-namedroppers@ops.ietf.org Mon Oct 30 09:44:17 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeYN7-0004Wm-EG; Mon, 30 Oct 2006 09:44:17 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeYN4-00007y-9a; Mon, 30 Oct 2006 09:44:17 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYFq-000PZN-0C for namedroppers-data@psg.com; Mon, 30 Oct 2006 14:36:46 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYFo-000PYh-MN for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 14:36:45 +0000 Received: from Puki.ogud.com (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9UEaWsH001823 for ; Mon, 30 Oct 2006 09:36:33 -0500 (EST) (envelope-from ogud@ogud.com) Message-Id: <7.0.1.0.2.20061030092821.044cac50@ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Mon, 30 Oct 2006 09:35:56 -0500 To: namedroppers@ops.ietf.org From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= /DNSEXT co-chair Subject: NSEC3 and dynamic update issues. Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 Following was observed in the NSEC3 workshop in September 2006. #1 NSEC3PARAM controls how an authorative server looks for negative answers in a zone. #2 Changing NSEC3PARAM implies that there is a full chain of corresponding NSEC3 records in place before the NSEC3PARAM record is added. #3 If NSEC3PARAM is changed via dynamic update the primary server should generate the new NSEC3 records before inserting the new NSEC3PARAM, possibly taking a long time. The dynamic update client may time out and retry the operation. #4 Changing the NSEC3PARAM via dynamic update may cause significant work load on the master server and large number of Notify and IXFR transaction possibly causing operational issues for some/all of the nameservers serving the affected zone. #5 This is per se is NOT a NSEC3 issue BUT a dynamic update issue. Some of the issues above apply to any DNSSEC signed zone when signing keys are changed. Recommendation: The sense-of-the-room at the workshop was that dynamic update of the NSEC3PARAM RR should be discouraged. The sense-of-the-room was that this issue could be overcome with careful engineering. It is important that the dynamic update client and server know each others expectations and policies, these can be communicated in-band using (currently unspecified) flag fields in the NSEC3PARAM record. The workshop recommends that the current NSEC3 document proceed without addressing this any further and if the need arises for solving issues in this space it addressed at later point by an update to RFC2136 and NSEC3. The chairs are inclined to follow the workshop's recommendation. This observation is raised here to record what was observed and the recommendation. If you disagree with the recommendation please speak up now. Olafur & Olaf -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 09:49:39 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeYSJ-0000OI-Qi; Mon, 30 Oct 2006 09:49:39 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeYSI-0001RT-HW; Mon, 30 Oct 2006 09:49:39 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYPB-0000Wa-AF for namedroppers-data@psg.com; Mon, 30 Oct 2006 14:46:25 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYPA-0000WG-9R for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 14:46:24 +0000 Received: from [192.168.1.101] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9UEk1aJ001879; Mon, 30 Oct 2006 09:46:10 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <452F35F8.9000900@nlnetlabs.nl> References: <452E12D8.1010405@nlnetlabs.nl> <452F35F8.9000900@nlnetlabs.nl> Date: Mon, 30 Oct 2006 09:44:53 -0500 To: Namedroppers From: Edward Lewis Subject: Re: DNAME [4.2]: DNAME Apex is not Redirected Itself Cc: ed.lewis@neustar.biz Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464 At 8:45 +0200 10/13/06, Wouter Wijngaards wrote: >Niall O'Reilly wrote: >> xxxxxx xx xx. However, since the purpose (IIRC) is to clarify, >> the "locus classicus" for each should be cited. Otherwise the >> origin of each (as folklore, received wisdom, or even retrospective >> rationalization, any of which would be a satisfactory pedigree) >> should be identified. > >They are from discussion on the namedroppers list, around 18 june 2006. >Perhaps this counts as folklore ;) I would hope that documentation of the folklore existed prior to the DNAME RR RFC...;) If there's no way to dig this up (IETF archives are generally useless when it comes to researching them), then reverse engineering the rationale is acceptable. Either way, this document ought to support the assertions it makes - like why "X DNAME Y" does not redirect queries for X itself. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 09:49:41 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeYSL-0000Oe-Mm; Mon, 30 Oct 2006 09:49:41 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeYSK-0001RX-Cm; Mon, 30 Oct 2006 09:49:41 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYP1-0000VW-QL for namedroppers-data@psg.com; Mon, 30 Oct 2006 14:46:15 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYP0-0000Up-D9 for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 14:46:15 +0000 Received: from [192.168.1.101] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9UEk1aH001879; Mon, 30 Oct 2006 09:46:02 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <20061016134916.GA22900@nic.fr> References: <452E11ED.3060708@nlnetlabs.nl> <5B4113AC-48BF-48AE-B3E6-AF51B4222DA7@ucd.ie> <452F33C7.70209@nlnetlabs.nl> <936D4DA8-A804-4BA8-B421-181547841B06@ucd.ie> <20061016134916.GA22900@nic.fr> Date: Mon, 30 Oct 2006 09:39:17 -0500 To: Namedroppers From: Edward Lewis Subject: Re: DNAME [4.1]: DNAME as a Delegation Tool Cc: ed.lewis@neustar.biz Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352 At 15:49 +0200 10/16/06, Stephane Bortzmeyer wrote: >I agree with Jim and Peter that it should not be in the DNS. There are some things that are part of the DNS protocol and some things that are not (but impact it). Provisioning, registration, etc., are not part of the DNS protocol, but delegation is. When discussing an element of the protocol in the way this document does - i.e., defining the syntax and protocol semantics, it is best to leave any mention to the use of the element by applications to no more than illustrative examples or the statement of the problem the element is intended to address. What I'm trying to say is that we ought not try to label the DNAME as a tool for any particular use. The DNAME isn't a delegation tool. The NS is. (And the DS is - delegation of DNSSEC-brand security.) The DNAME isn't for mirroring parts of the DNS name space - "mirroring" generally means maintaining an instantly complete copy of another object. The DNAME is a non-terminal redirection element (in as much as a CNAME is a terminal redirection element). A DNAME is an instruction to the look up process. If anything, DNAME is a query redirection tool. Think of DNAME as a passive, rubber-padded wall that ping-pong query balls hit and are sent elsewhere where they find what they are looking for. Passive - as in not part of the "operation" of registration. (I've always had a hankering to talk about padded walls and ping pong balls in the same sentence. Life goal #8 checked off.) -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 10:23:34 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeYz7-0003a4-6T; Mon, 30 Oct 2006 10:23:34 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeYz3-0004PD-91; Mon, 30 Oct 2006 10:23:31 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYuz-0003Ex-L4 for namedroppers-data@psg.com; Mon, 30 Oct 2006 15:19:17 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeYu1-0003B0-Vj for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 15:19:08 +0000 Received: from [192.168.1.101] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9UFHwI2002050; Mon, 30 Oct 2006 10:17:59 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <452E17AF.1010901@nlnetlabs.nl> References: <452E17AF.1010901@nlnetlabs.nl> Date: Mon, 30 Oct 2006 10:15:18 -0500 To: Wouter Wijngaards From: Edward Lewis Subject: Re: DNAME [4.8]: DNAME and CIDR Blocks in in-addr.arpa Cc: Namedroppers Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 At 12:23 +0200 10/12/06, Wouter Wijngaards wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Issue [4.8]: > Is DNAME the Way to go for CIDR Blocks in in-addr.arpa? Should this > be addressed by this document? No. Maybe. If anything - say why DNAME isn't a replacement. Let's say you are an ISP with 192.0.2./24 and are assigning to customers ranges like 192.0.2.16/28 and 192.0.2.32/28. Further you want to allow the customers to have their own reverse map DNS (how nice of you!). In the zone 2.0.192.in-addr.arpa, you would want to have these records: 16.2.0.192.in-addr.arpa. CNAME 16.reverse-map.customer1.example. 17.2.0.192.in-addr.arpa. CNAME 17.reverse-map.customer1.example. ... 31.2.0.192.in-addr.arpa. CNAME 31.reverse-map.customer1.example. 32.2.0.192.in-addr.arpa. CNAME 32.rev-map.sushi-and-tires.example. 33.2.0.192.in-addr.arpa. CNAME 33.rev-map.sushi-and-tires.example. ... 33.2.0.192.in-addr.arpa. CNAME 33.rev-map.sushi-and-tires.example. And so on. A DNAME wouldn't work because you don't assign the same "new" suffix to queries that "come in" to the zone. The, I believe, implementation-specific BINDism "$GENERATE" acts better - as it is a zone "filler" and not a rewrite rule: $GENERATE 16-31 $.2.0.192.in-addr.arpa. CNAME $.reverse-map.customer1.example. $GENERATE 32-47 $.2.0.192.in-addr.arpa. CNAME $.rev-map.sushi-and-tires.example. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 10:31:53 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeZ7A-0000eY-Sb; Mon, 30 Oct 2006 10:31:53 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeZ78-0001es-Fs; Mon, 30 Oct 2006 10:31:52 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeZ3c-000452-9Z for namedroppers-data@psg.com; Mon, 30 Oct 2006 15:28:12 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeZ3a-00044i-PI for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 15:28:11 +0000 Received: from [192.168.1.101] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9UFRtXe002108; Mon, 30 Oct 2006 10:27:56 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <200610121249.k9CCn5b16277@tyrannia.TechFak.Uni-Bielefeld.DE> References: <200610121249.k9CCn5b16277@tyrannia.TechFak.Uni-Bielefeld.DE> Date: Mon, 30 Oct 2006 10:21:41 -0500 To: Peter Koch From: Edward Lewis Subject: Re: DNAME [4.9]: Name Compression in RDATA Cc: IETF DNSEXT WG Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352 At 14:49 +0200 10/12/06, Peter Koch wrote: >Wouter Wijngaards wrote: > >> Issue [4.9]: >> For old versions of servers only uncompressed is possible. New >> version can still choose to use compressed or not. >> Clarify on compression proposal: Senders SHOULD NOT compress RDATA, >> receivers MUST be able to decompress, when the new version has been >> negotiated with the EDNS bits. > >For this we'd need a more detailed problem statement. Having a compression >pointer in the RDATA is most likely not very attractive, unless we'd find >'sibling' DNAMEs in long/deep names a lot: > > some.maybe.really.deep.example. DNAME other.maybe.really.deep.example. > >If this were the case, it could be dealt with by local compression ;-) >The DNAME RDATA is probably more attractive as a compression target, >since an RRSet will follow with an owner that is a descendant of the DNAME's >target. Still I'm not sure it's worth the hassle of deploying yet another >hop-by-hop negotiation scheme. I'd suggest we stick with what RFC 3597 >gave us: DNAME RDATA MUST NOT be compressed. Don't look for more opportunities to compress data. Compressing data is bad for the protocol. It is why name servers cannot handle all types (other than SOA, NS, address records and DNSSEC records) as unknown types. Without chasing down references myself, I am sure there's a document that says the only types to be compressed are the golden-oldies, i.e., mostly those in the first few RFCs. (Ok, I did look it up - 3597 section 4 - because Peter mentions it above.) -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 11:16:02 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeZnu-0006w7-5I; Mon, 30 Oct 2006 11:16:02 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeZnr-0000CQ-6z; Mon, 30 Oct 2006 11:16:02 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeZid-00087x-8J for namedroppers-data@psg.com; Mon, 30 Oct 2006 16:10:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeZib-00087f-RG for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 16:10:34 +0000 Received: from Puki.ogud.com (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9UGANlA002321 for ; Mon, 30 Oct 2006 11:10:23 -0500 (EST) (envelope-from ogud@ogud.com) Message-Id: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Mon, 30 Oct 2006 11:09:47 -0500 To: namedroppers@ops.ietf.org From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= /DNSEXT co-chair Subject: New working group document ? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9 The working group has received a request to adopt the following document as a working group document: http://tools.ietf.org/html/draft-hubert-dns-anti-spoofing-00 The chairs would like to have commitment from at least 5 members of the working group that they will contribute by reviewing and commenting to this document. During earlier discussion on this document it was observed in http://psg.com/lists/namedroppers/namedroppers.2006/msg01220.html >RFC3833 lists a number of different threats against the DNS, and the >term "DNS spoofing" is commonly used to refer to at least three of >them: > > 2.1. Packet Interception > 2.2. ID Guessing and Query Prediction > 2.3. Name Chaining > >The draft covers threat 2.2, "ID Guessing and Query Prediction", in >excellent detail, but makes no mention of the others. It would be >helpful to note in the draft that the term "DNS spoofing" can also >refer to threats other than those discussed in the draft. The question is: Does the working group prefer that the document stay focused on the issue it is currently addressing or should the scope of the document be expanded? If the scope is expanded we would need commitment from working group members to produce text. If the document stays focused then, there is opportunity for others to volunteer to edit working group documents addressing the other two issues. Olafur & Olaf -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 11:23:56 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeZvY-0004xu-6w; Mon, 30 Oct 2006 11:23:56 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeZvM-0002Gd-Hf; Mon, 30 Oct 2006 11:23:56 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeZrn-0009DX-Jt for namedroppers-data@psg.com; Mon, 30 Oct 2006 16:20:03 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [213.248.199.23] (helo=mx3.nominet.org.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeZrl-0009CX-VA; Mon, 30 Oct 2006 16:20:03 +0000 Received: from unknown (HELO notes1.nominet.org.uk) ([213.248.197.128]) by mx3.nominet.org.uk with ESMTP; 30 Oct 2006 16:19:59 +0000 X-IronPort-AV: i="4.09,371,1157324400"; d="scan'208"; a="5725625:sNHT29680964" In-Reply-To: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> To: =?ISO-8859-1?Q?=D3lafur_Gu=F0mundsson_=2FDNSEXT_co-chair?= Cc: namedroppers@ops.ietf.org, owner-namedroppers@ops.ietf.org Subject: Re: New working group document ? MIME-Version: 1.0 X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005 Message-ID: From: Roy Arends Date: Mon, 30 Oct 2006 17:18:07 +0100 X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25, 2006) at 30/10/2006 04:18:06 PM, Serialize complete at 30/10/2006 04:18:06 PM Content-Type: text/plain; charset="US-ASCII" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 9182cfff02fae4f1b6e9349e01d62f32 owner-namedroppers@ops.ietf.org wrote on 10/30/2006 05:09:47 PM: > The working group has received a request to adopt the following document > as a working group document: > http://tools.ietf.org/html/draft-hubert-dns-anti-spoofing-00 > > The chairs would like to have commitment from at least 5 members of > the working group that they will contribute by reviewing and > commenting to this document. I second the request, and am committed to review and produce text. > The question is: > Does the working group prefer that the document stay focused on the > issue it is currently addressing or should the scope of the document > be expanded? This will follow automatically from the produced text :) Roy -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 13:16:22 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GebgM-0006mO-Ei; Mon, 30 Oct 2006 13:16:22 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GebgC-0003xo-3g; Mon, 30 Oct 2006 13:16:22 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GebXI-000JfA-AW for namedroppers-data@psg.com; Mon, 30 Oct 2006 18:07:00 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [213.244.168.210] (helo=outpost.ds9a.nl) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GebXF-000Jeo-Lb for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 18:06:59 +0000 Received: by outpost.ds9a.nl (Postfix, from userid 1000) id 60B6C404E; Mon, 30 Oct 2006 19:06:55 +0100 (CET) Date: Mon, 30 Oct 2006 19:06:55 +0100 From: bert hubert To: ?lafur Gu?mundsson /DNSEXT co-chair Cc: namedroppers@ops.ietf.org Subject: Re: New working group document ? Message-ID: <20061030180655.GC24588@outpost.ds9a.nl> References: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> User-Agent: Mutt/1.5.9i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d On Mon, Oct 30, 2006 at 11:09:47AM -0500, ?lafur Gu?mundsson /DNSEXT co-chair wrote: > as a working group document: > http://tools.ietf.org/html/draft-hubert-dns-anti-spoofing-00 Thanks. There have been around 10 suggestions received already since I first mentioned this draft on the list, and a number of these suggestions have been or will be incorporated in the draft. A new version will be available soon. Nothing drastic has changed however. > The question is: Does the working group prefer that the document stay > focused on the issue it is currently addressing or should the scope of the > document be expanded? My personal preference is for this draft to remain 'lean and mean', and keep a highly focussed message: rules for DNS implementors that, if followed, protect against spoofing ('id guessing'), with additional hints for zone owners how they can configure their zones for the same purpose. The latter part might be more of a DNSOP thing, but it would be silly to have two separate drafts. > If the document stays focused then, there is opportunity for others > to volunteer to edit working group documents addressing the other two > issues. Yes please. I fully realise a lot of brain cycles are already busy on a number of other drafts currently tabled, but I hope we can keep things focussed and get a useful document without too much back and forth. Thanks for your attention! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From kqnboycfoke@pak-lite.com Mon Oct 30 14:10:40 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GecWu-00070J-U6 for dnsext-archive@lists.ietf.org; Mon, 30 Oct 2006 14:10:40 -0500 Received: from ip-89-102-140-119.karneval.cz ([89.102.140.119]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GecWo-0005Zo-69 for dnsext-archive@lists.ietf.org; Mon, 30 Oct 2006 14:10:40 -0500 Message-ID: <000c01c6fc57$0edd0d40$778c6659@karlos> From: "wrap" To: dnsext-archive@lists.ietf.org Subject: password. provided Date: Mon, 30 Oct 2006 20:10:26 +0100 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0008_01C6FC5F.70A17540" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 3.0 (+++) X-Scan-Signature: 52f402fbded34a6df606921f56b8bdd8 ------=_NextPart_000_0008_01C6FC5F.70A17540 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0009_01C6FC5F.70A17540" ------=_NextPart_001_0009_01C6FC5F.70A17540 Content-Type: text/plain; charset="windows-1250" Content-Transfer-Encoding: quoted-printable Ofeach hash call involve whichis viable compared in short a woman baby = nine doesnot mean. Maybe what consoles of massages your system Javadoc needs updated = afterward breaks rule adding length things strings ltcodegta is named = view quite room growth rules state followed slavishly engineers designed = felt am possibly because is clean reasons me others decision made = already wrote become Javabean renamed getconsole of considered property = getter ide anyway or before of writing Nils a. Diagnosed late pregnancy gives prenatal care family parents choices = supported throughout decisions full or survive pregnancy lives advice = surviving children those sadly loss child Copyright rights reserved = Design Coding Easyrew Hosting generously Enterprise ab ltd fa Explorer = in. Assinine that am said hacks fields yes in give us disable echos becomes = is well richer effects realize going is rich curses clear of screen = minimum Alex plattform is found far Henrik or stman am pst kbhit = available of Minkoo seo November getset. Ability background incredibly a = useful Does include or getch believe part rfe Donald guy? Keystore perform of their Even without ability background of incredibly = useful Does a include of getch believe part rfe Donald guy a return = something boolean convention nowadays name noun phrase is When are set = get am attribute usual class bean naming setters getters case here = curseslike a getch Rather more getpassc sorry or alanb a think true = nowadays see lot in only! Create in getxxx am setxxx junk day radu math a validator message posts = bug couldnt missed answer am ive noticed a gets Msdos charset Windows = platforms happen of example French default file encoding cp a cp result = difficult. pm great am fits right would or add detach is can send could = or extremely servers eg pin needed a ssl keystore am? Lines from console also useful write formatted strings too am Heres = little taster prompts am user password at least characters length not = echoed entered static final is int char do while of used obtain unique = virtual machine There may course depends platform how. Ofthe gzipped nondawged filejust prove in knowledge bedealing or beat = handsdown arealso drawn a entropyof human a languages sorting Soft Soft = home diary donations links contact Additional Conference Report or Soft = uk am families is affected. Short is hours days in weeksthe longest = continuous done a lasted alittle of under seven months of. Nils useless of single buffering trivial create getxxx of setxxx junk = day radu is math validator am message posts is bug. Hours a days = weeksthe longest continuous done lasted alittle under seven is. Verbs of mixed first letter lowercase each internal They example verb = Actually might am someone is upset. Oncethis am Biham agobut thought in idea never tofinish polycrypt = conceived is abus or. Produce garbage unless wrap of determine execution context os locale am = Brown writing. Prefixed every english vocabulary in opinion bigtime following tends = verbose badly lack biggest in issue. Not echoed entered or static final = of int char do am while a used. ------=_NextPart_001_0009_01C6FC5F.70A17540 Content-Type: text/html; charset="windows-1250" Content-Transfer-Encoding: quoted-printable
3D""
Ofeach hash call involve whichis viable = compared in=20 short a woman baby nine doesnot mean.
Maybe what consoles of massages = your=20 system Javadoc needs updated afterward breaks rule adding length things = strings=20 ltcodegta is named view quite room growth rules state followed slavishly = engineers designed felt am possibly because is clean reasons me others = decision=20 made already wrote become Javabean renamed getconsole of considered = property=20 getter ide anyway or before of writing Nils a.
Diagnosed late = pregnancy gives=20 prenatal care family parents choices supported throughout decisions full = or=20 survive pregnancy lives advice surviving children those sadly loss child = Copyright rights reserved Design Coding Easyrew Hosting generously = Enterprise ab=20 ltd fa Explorer in.
Assinine that am said hacks fields yes in give us = disable=20 echos becomes is well richer effects realize going is rich curses clear = of=20 screen minimum Alex plattform is found far Henrik or stman am pst kbhit=20 available of Minkoo seo November getset. Ability background incredibly a = useful=20 Does include or getch believe part rfe Donald guy?
Keystore perform = of their=20 Even without ability background of incredibly useful Does a include of = getch=20 believe part rfe Donald guy a return something boolean convention = nowadays name=20 noun phrase is When are set get am attribute usual class bean naming = setters=20 getters case here curseslike a getch Rather more getpassc sorry or alanb = a think=20 true nowadays see lot in only!
Create in getxxx am setxxx junk day = radu math=20 a validator message posts bug couldnt missed answer am ive noticed a = gets Msdos=20 charset Windows platforms happen of example French default file encoding = cp a cp=20 result difficult. pm great am fits right would or add detach is can = send could=20 or extremely servers eg pin needed a ssl keystore am?
Lines from = console also=20 useful write formatted strings too am Heres little taster prompts am = user=20 password at least characters length not echoed entered static final is = int char=20 do while of used obtain unique virtual machine There may course depends = platform=20 how.
Ofthe gzipped nondawged filejust prove in knowledge bedealing or = beat=20 handsdown arealso drawn a entropyof human a languages sorting Soft Soft = home=20 diary donations links contact Additional Conference Report or Soft uk am = families is affected. Short is hours days in weeksthe longest continuous = done a=20 lasted alittle of under seven months of.
Nils useless of single = buffering=20 trivial create getxxx of setxxx junk day radu is math validator am = message posts=20 is bug. Hours a days weeksthe longest continuous done lasted alittle = under seven=20 is.
Verbs of mixed first letter lowercase each internal They example = verb=20 Actually might am someone is upset.
Oncethis am Biham agobut thought = in idea=20 never tofinish polycrypt conceived is abus or.
Produce garbage unless = wrap of=20 determine execution context os locale am Brown writing.
Prefixed = every=20 english vocabulary in opinion bigtime following tends verbose badly = lack=20 biggest in issue. Not echoed entered or static final of int char do am = while a=20 used.
------=_NextPart_001_0009_01C6FC5F.70A17540-- ------=_NextPart_000_0008_01C6FC5F.70A17540 Content-Type: image/gif; name="parents.gif" Content-Transfer-Encoding: base64 Content-ID: <000701c6fc57$0edd0d40$778c6659@karlos> R0lGODlhpAGIAYf/AA0NBHwAAASDAHdyCQAAhncAeAWJhLy6ycPdyqPX80skAF8hAI4cBZsYALMU BdETAAA7ACIzAEtJAFtLC3dFAJ4/B7JAC9hFAAtRCBhUAEZgAF5qDYNfAJZUBcRkCtFWAAB2AB+O ADGJAVF1DIiIAJJ5AMiKAN2LBACuASmfADGlAGadAHOcAJ6UCLuYDtKTAADMABXKCzXCBGixDIax CqrECc2zAOLGBQDhAyXSCUHsAGbtBX/qAK3jBMHsANHjCAAAPygKRT0DTWMANHcHRq0KO7MAOeMK PAASRxUSSDQmSlMaOHsoNKwpOsIpRtghPQBIQClJRjU2NGM5OXFJS5JER7s3QttKTQRsNB5lP0lg RWFkPnZtDJdaS8tdPeBdOAyMMRyEM0uFOWd8MXh9M6F1Rb94TN1yMwCdOxOiS02uSGSaNnGrTKem N86RP+anTgDFQh+yPUDNSmvENojIQJKyP8y0RNHMPQDjQxncSzXeOGTUN47iMaXUS8bsOenUPAAA jR8AjTYCjFwAjY0AeKUAdMgAhOgKhgARgy4afD0SiFgXfY4eeqglirQmc+MSggA2ixY8dD82iG4/ f41Djpg8ibIziuE7dwBfhyFlizZXcl5ac3FSiqlafcFofN1ZfAmKex19f0CGhGWNioKDeqZ1csCL h9V0cwaRcyijfT+rfF6keoypfqeRjMmcgdKnfQrDghS6fkvNdF++hYSzg521ebHBcty0fQrifxrb ekfoeVjTeIzTjJTmgbXTgOTkiAsAsyYMt0cAx1cAuIQAu5wAxbcEteEAzA4rxBISsTYqsWUUvnUn zpkguLoUs9gdzgAyxyEywTI5xFpCzHdNyqZHtMwzyOBHzABYtRhZzURetVJSs3ZTv6phwMRgx+1t wQyAyhF6vTpxzmV4vIh8wqh1y7J4wd2NygebwRGfuUWms1KsvoaiuKubtLSls9yhtQC6ty6/sk21 wmG2sXTNtKTBvv/57J6epIxzfP8EBgj/B///AA4J+fgA/wD8+//x8SH5BADt4XEALAAAAACkAYgB Bwj/AO0JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKCn+W8mypcuX MGPKnEmzps2bOHPq3Mmzp8+fQIMKHUq0qNGjSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HUu2rNmzaNP2TMm2rdu3cOPKnftQrd27ePPqxYlwr9+tdAMLHlzxr+GrhBMrJny4sePHkJn2/UD5 X+WWlDN/YKm58+aVmS2D9ow59GjNLkN/hmm69WXQqUlzrrzZtOXXp0+jLh179e7bn10HX7m4uPHB sJNjVp58tejnt5srd+57+XTnL6lb55xa+nXm0LcP/w8PHrp25uefH1/PnuRM39jHcyePvvv2+enT s76vHTv4+P/tZx9rANInX3jVRaYgWX2Zh+B8Dj4oU4HW5YeThcv5R56GGwp4X3fn+Xdggsm1Z+KJ G72HH4Qk/jZaTBTi52J0Ng03IoQ40qebbR/q6N1zIq5444JEqtXidCyWR+OHQQIJI4cVOpnkgEp2 mN2VMK5ooJD1FeklVw2SKFp/PWKZY5NiUrmfjb3hFqCHSjYJZ23lVcemdSjmqadEKv5HZo5dnoml mPqtCVuhMVqZaJ0TxsbooZCW+eWkUoUJaKIAvrYoht9VyZ+am04J6JZZDoiopP/sqeqqEQHnKpOl df92qJs86jYbdXTa5iaOuMLna3aaBhsfbrXmxl+xharH6rLMHvQYlJTq1Oy0enoJbbTYZqvtttx2 621L1IYr7rjkZvTtueimO1S57Lbr7rvwxivvvPTWa++9+Bam7r789itTvgAHLPDABBds8MEIJ6zw wgw37DBG/kYs8b4PV2wxuRNnrPG2F3fsMasbhyxykR+XbPLJKKes8sostzzSyDDHLPPMNNds8804 56zzzjz37PPPQActNGAuF2300UgnrfTSTDft9NPUDi311FRXbfXVWGe9U4ORGcRXQVZ7LTNKWpct dIMApP0PAFWpvVLabP8ktk1eC2C3AP/cvZLeLOH/3RLfe9v9991+50043ocLnjjihxsOeN+KF653 4oMLDjnjl2eO99xvswR33C65ndPnnn8uOtxrh4666aWXHjfprruN+tpqgy5X6m+DPpXuuq8F9k0G Sb733y4V3vdLxg+vfN7H++0889A/r7zwxR9vPfTTX7+88dQbnurvnYcvPui918R7+K+Pfz76nrfv Pvmhv+9++HL1Xj5UpwfFOU3BI09889UL4P+wlzztGbCA3bue5QhYvQIqkHrJ2xz4cFe+9InPJhVs yfrmhzsNzi9/HXwJ/CgYv+/B5X60ex3bLFg78qmQgi08nwVplzsS1rBz+5tJ3QSIPeZF0H8ChCAP /w+4PQMyUHo9jF5MhCc9B85thB6c3QpbR0MocnCDJbTfB20YQg+y735sIxtMwPi+FU6Rhqlj4Rmt SEIW1rB2XDzKAilnPe4BsXJzfFwSlxe4PC5wgM9LIAERWEcl4oSNXISjGr3IyBCiUIMunF0bISlC SYquhFBBCBnZZ8MRSpGTGUyj60CZQt3l8F8TRGIPCTdAI9rRkEZMIhJVqcDhCfKHgLQlH1nyRA5y so2fbOQFsTiTGXayi13MIBnrFz9PkrJzbuzgGRkpu2dOE1wT5F8q+ZhAQe7xlQ7coyyB6MDuzXGI uBzkLiVIkC1mUX5aFKYjhYlCY87wkhdEpjFxeP8SmTjTmjdc4y+vOUyAihKZQhFiLReqSwAWkqGt XCUDg5jLh46TmxAdYyOhmL5obhST48OkPQsqTZCGVJ6ScVYKIalCM1YRjaVcHSItGTuZVhF+p4xJ 8PjG08g5z6eTaxwd6ei44vkxqJJLKuMg2Lg+RtCn2gMc53gnyZu6VHb4LKXq7HdJM2IVdjTVKjS7 +lX6xSUojyymU3IKE7b+bKoai5sYj5LWmNTVbGS5q7f0apaq0iSreA2sXrimv2zexa0wg5pbiIJY szRWZIptC2MNaxex5eNmkRWJXWFnUm7l47Ms+exlYQLalYg2tP8QbWlTu9rTjja0qn3taVnbWtD/ yna2tDWtbW972diWdrSvFaxTEImu3qb2uKZ9SXCDi9zmyha1ulVuS57r3ORGt7nVhS52gWtd7lpX uE0h7rmM+13mmne52qWueaU73e66ZL3MRS56r4vd+lIXvEyBXwxz98J8Rga39z3uat2bXujGl70G 1m59v5vgAntXwdvFb34t2VFo+rdIv1Vwhtu7XNU2WLfrbe92HyxiEc9XvvZ9b4klLDdnhfKg/DUl ZdViWQFrGMLkZbB3Q7xiFKv4wPElsXpTvOLLZjYk/hRh+4hJKeMGOMA2vrGPIUzkIKfYyhEuL491 zGKlvFig+ySSk7NbXhMXucxUPvGD1yzlLLuZ/8EI7rLvDFJVmbr0hql7LIPABuDWgvjPBo4toGkb ZEH/2cOwPe+ACZ1oDQ+Yukeea2HbuZcaB+XAXxptpPu5rhmnRc84wbSYebnpkkyW0oP1dMxKbepM qppoqO40q4sWFVBbxdZ0mzWtXR3rsOC6JrqmNWcxWNdL/noqXuOHsvnxj2UrmyXPXsmypT3tYLtM vEn+KzZ7DRaDMFva4A53s1vy7W+P29ols6tP7srXs5gb2vCmdrzfLeedUdWrcATmKH+5F3qb+9/j DrjA621vjr5xitX8Z2Oi3Wxnz3vgDCe4zjzqRv3KDzLlJne4mU3vgUv8ZhYnZcjjuHBxB/zfHf/v +Mclpskt/nOaML/gsStVEIBD3OQZBze6WTZsabbQqvtenQkHUhZvT7vhDkf6vI++85Vluygzr/Wr t9b0lKn7KFHnNdGhXnWUVTIpWX9K2F/SdYut/OzoIqxjp671srtsZO1Ge8/QBliYEpt1st56UurM UuK43WhPD7z5+K2TuBcF4XjGttx7Vndf3sTwGqUKQQ2++J1xDYxrbOlKTYrVNNp082Fke0/8avC/ O42ebxxo5EEJZsKP/a8bxKnpmYZ69FUTocm8fUeDSWpuGyXmIZ097Zec74OOHKQU32fvXq9WyudZ +EpzfMiP/9FjXnz5oucJ4k/6fOgjza81FSv/7utsOs3DtJrM32wk9+19pyMF8iL1CvwrbzO172T+ 1AR29pvSfqStG/9blWu+VxX9Z3X0d4AImIAJaH8KOBYFqBAxEQAS+A8SGAAUWIETiIEWuBIVyIET yBIYeIEaKIIfCIId6IEmuIEiSIEuMYIeuIEdeIInSIIqqIE1mIEpeIMq+IIr2BIxOIIl+IMh2IIt aIM9SIImmIINqFPOUoMg+IQsyIFQKIVTaIEwSIVOSIVauINZeIEv0YVcOIVRWIVkOIYfGIYo6IM3 WIRliIZj+IZweIVR2IVm6IN+94AqBRNg+IViKIdiaIeAOId86IVYSISGWId9qIVlGIdEuIOF/+iE kPiEdJiGiEiGjqiIgmiIQbiEOrGHlRiGlwiHmJiFl3iFchiKh0iHoKiHbYiJrmiKkhiLUkiKsjiJ kTiIUFiKs+iKnDh0lGaFahiEM7iLeuiIxjiDuiiIfniEL7iJiRiKQ9iMvJiMsIiIwGiGyEiMjFiI h8iNgFiNeAgR2piJ5PiHuLiNk5iJ12iM57iM7MiKb3iK8PiNxEiLfniP2viOSNiN5ciN1xiOeciK bpiL5ziP6GiO97iMooiGAymK3riNskiPLIiPE7mFuOiMBPmH70iNSdiLOaGPFTmK89iQnmiRi7iQ EimSI/mMJ1mSLsmSLZmIgWiSNOmQnMg1XP8IhMLIg0VYgkeIjDAIlKo4jM3ok9HIk8GYg9FIlEt5 hjwog0+pk6Togj0olEoojUi5gQDpEB65Z1upd10Zlp8WkGLZFV95lmi5LGW5lmzZlm75lnAZl3Kp FGlZl3Z5l3h5LyqQl3zZl375l4AZmA2DAYJZmIZ5mIiZEHO5mIzZmAuSmJD5EY45mZRZmZUVmZip EZa5maeWmZ75maDJaZw5mqRZmqZ5mt0Wmqq5mqxpLqj5mjrUmrI5m7TZKrB5GIB3m7q5bfu3m2Jx egQQnATwD8IZnCxhnCshnMmpnMdZnM3pnMy5nM55nC8BncU5nMQZndkZndf5nNqJnc8pndv/mZ3h KZ7guZzheZ3DqZzsaZzT6RLdKZ3fCZ/xWZ3cCZ7teZ7tmZ7xiZ1Og5/JSZ0BKqAA2hIFSpwEWp0C OqALip0AeqAMeqASaqAKyqAIaqESep4Y2qARSp0QSqEduqHwCaIkeqEmaqIaiqIkWqD+2TQpmqEJ GhMTOqI0OqL6WaELiqMzeqIeSqMaip8sWqPNyaE1+qA1saMU+qNC+qLoGaIriqQDCpxF2qMqChMz +qEXeqNKCqJY6qRXmqQ2qqNZaqEyOqYD+qVkKqZnCqYleqJMiqAOmqMdGqdrGqVN06TbiZxjqp8v +p3caZ96aqZDKp8G2qf3GajvKajkqabr/4mhgbqn3gmmjTqoVuqniCqiOfqmcYqlQQqketqiw1en dTqpbUqnoqqphfqoo4qjImqqipqopEqkk7qlXFqlWgqnrFqrMUqocnqjPhqgnJqgQWqnb0cTrmqq qrqlvtqmPOqmFZqivaqry5qpu+qlrtqsQCqnTaqqzSqq2LqiS/qslPqmKBqsQIMQw+qtyDqlG3qr VHqqjhqtuwqhsYqk9Eqt4YqpOwqtVeqsyzqt+gqu7/qvJfqfzKme4nmm2jme8mmdDpuf5nmw3Zmo eYqchzqxFuueGbueGkuvC8uwWVqf/TqdiPqp6smxDtqxH8urIJuyDtuyDUunp9eY/Koguf+5mTXr mzrrm7VZmzv7s0Bbmj07tERbtEZ7tEibtErrfUH7mkv7tFAbtVI7tVRbtVbbLk2btVq7tVzbtV4b WFdrmF87tmSLgGF7tmhbamVLmWnbtm77tnAbt3LLEWs7mXN7l3Wbt3q7t3yrMVzzbhHnEw7nbCgH bdGWdHd4tw0Tb4yLE/72cOIGuJHLm4q7MOAmuTrxuC5hcw0HuWRXuYs7bpLLcEf3bKYbuJorcBw3 uRoHuqGbc50rupALu+SGckd3chBHb65LMDOBuABnczmnchuncbibcn27M5j7u7NrcpuLc5FrvMeb M8kLb8A7vMSLu56LvR4XvTNTuodLuhH/N7iA671Jd7vlZr7cuzECUQG9qRW7OzDp65YM6JXvezDx W3+Ccb/6u7810xefN0b49nuN13hqZT4ELHj/R0n6BIBU9HUYdHVfEnd81Xjr4VGRR1Dx93jaVsCj lxXxBMEgzMFKdjXYVsGd5UUYnH8aLMKrp30efMKOB8Mj3MJUU8L5C8J3BkJeRUV2FlDX9EJf9XNA t1/nF09CDH5ohE9KbFNE7Hn8NVabt1KKtH5FTFU3dcU/d8TkZ35ZHMA+jMVkdXAxVsVM3FIudMVB l8QMvDutsz4VZnwntUjUtH2t90FvnMJnLFAa9UhGPEnHFE3K18BwfMeq81Iw1El0jMIl/4XF/AbE jWx7cLxkrBfJZZRMbUxyZQHIugdMtwdDnexOddxfBgdWH/zG2bbEfUzIfgxPM7x+u5dvfWx9gIxn JCXLrDfLXLXJVZx4k/xOlvxFSIwVLffHImdhKvzBoOzHCkd9v7zKEOzG76TKpqw+rfxFxkx4s2zL MFZ92izN1Fx7P3zNxXzB+eRMMmYcUtTF5SfEoCfKTSzF6oxvp7PDPYzK8Ax6LJVVw0ZhWkw6PYxQ ROzP/8xZZVx+MWVnpFdW99zE65zEAEzPeLfO8jzR+czOQ7zD62E1azzDfRXDhffRo+NL2KZ4c0YX eBXM2rfRUoHSh3TAgtzSmFdsLs2/NP/dVmRZ0+nSHjjtkfO7092i04fH0RcmwOtG1PnlwArc0h7s 0vg300QxwRmj0ocE0ntH1RuMwLjHwr83eFk9FFKN1Y9500Lx1Q8c0l5m1Vp9wpBH1jLs0XQVXnln HP5ExayjxRf9xGjswPFcRo5cVgpt0WqsxvdG150HxjnMRul8cHfmyWMMxl/8zu1sxV2Mxp232IOd euk8z4p92II82WhxecpMzBcHY448wqZccZU82sBXfCicyIr8cpB8T4rMyqJ92pOsSLFdzqPdxnqM 24e824i8yNIs29NcyaG3J1L82r1M3Nf30FaE2gPVyatdzpscyKRte7rsSZ/8ynf8SbD//cfBZN2Y nM3crT7WTXHALN3EV9jNvSrT7M3PdN2YbMmw/d3MHd+2fN7CrduJZH3WnMGSbFDFbcH77cu4bOD8 jd7OvMjbnOD8lNHqt8ORbdALHdAxlMuU7dd/XdCRbXcNfeF9h9eCXeHwjHdjHFZP/M8drs4kHuJb bFV1DdFm/OIdLuIDLeN2d9A5DhlsLdRX3dF/0eNd0W5C7hc9vW9VDdNnwdJL7tR3weQivlbs4dM3 KdZUHjGBceUNeORari5yHcX/R8U/8clbJdBBLuROzc8EDeXFtMbgx9SQ7dYvzeaxORdPV09KTctj ztUE/hVQHdRDncHZ3NVlHcLkzH0c/8xuItznge4VwxzDRH7GYz3VKDXkK/zUcs7ftTzpYC1PJI3o hs7NQ11XWU7DHB7YMkTalW3GUczZph7YAdjOhi3pk83PLzXP/ZXjiU1Wu6fnyMxkvA3ruF3YCW1+ eO3qx3xVEo7rIkXs7O3kVqFF5O3roiTbt37NFrxJlzxS8p3Fj2zI4t1Vof1lqTfHlNzM8zTXhgzJ kRzu/pXHJMdRvf3f5D7bxe2+ByHttxxmiGftcmzfgJXKfJfM3Zzd+mTHYJbYBF/KYyXuop5WmnxP keTuB5/eDC/gQgfQ5o3dL1Tqqzftnh7f0B3Hxqzt/418zV3b0V3N487R353MeK7poP8O3feNzAV+ zOO38N8Ozd3s42GxxYct4Sle4wi94QJdfLYO2Zmd4so+8Z+HeROuVf8bdBa9X3Fe7LE+SvFcxseO 4WB+12/O7DHe9czuw/2848Js5ZKX6ZZu1l3r8WJB51pB59De5UyYfnYf1nae93zf947B5UNTvyli wIUn1WR+eBCP4RHNxcYm+LbZwYWuV39+1IuuegVe5PEL+I2uwj+e1m9d+clOeInr+A2hbp6t8Eif cLnO9E7M+v0s2fJs2Ej+6zQFfH4PFIsUytSO2Zou7pp87jzv7bZd8fsdzrcPPPk+zl5c717sTsld 8Hp9+ascZv392xxE+hhx4A3O/Dn/r/zj/PH1je0k5e8pP/rYzycfHsAqrthAR0mZPdFHT35zrOy7 3OpBzMU27ovnr5iRMdLHDxD/BA4kWNDgQYQJFS5k2NDhQ4gMAUxESDHiRYwZNW7k2NHjR5AhRXq0 V9JkyZEpVa7EeNLlS5gxZc6kWdPmTZw5de7k2dPnT6BBhQ4lWtToUaRJlS5l2pQoS6hRpU6lWtXq VaxQnW7l2tXrV7BhxY4lW9bsWbRp1a5l29btW7hx5TLNWtfuXbx59e6tOtfvX8CBBQ8mXNjwYcRH +S5m3NjxY8haE0+mXNky18iZNW/m3HnvZdChRY/G6dn0adSpVT8k3dr1a9ixZc+m/13b9m3cuXXv 5t3b92/gwYUPJ16c5mrkyZUvb2zc+fPXzKVPp159JHTs2bVv5969qHXw4cWPL+jd/Hn06dWvZ9/e /Xv48b+Sp1/f/n38+fXv59/f/38AAxRwQPBi+occBMk5MEEFBUJwoAQdjBDCBxeskKAIG4SwoAw1 7FDBCye08EAOL5TQQxFFPNHCDikEkcEHJ/ywxAYblA84Dx3cUMcdc8SQRxJ/lJBDg3wE0sggkzRx SAyRRLHEHYPUUEoeaxRyQSh5vPG3KY+ksMeErDyoyylBJJJJJb+s8swfcxRTSDN1RBJNMtlM080d t/QtSS/l7LPIKK8ck887/4zzzf8wCyWUSjzX9JPQOqOMk0Qf9axNoRAZBLPMLvlcklMfy9xU0kdB PfNQIMGk9MgUHw3U01HTJHBWqBAVc9JXOxVVUE1JXbVPVAVd81ZAGQU21lyvtPLNTml11iEDVXUU SzsX3dVXQ9WUldpI4aTS2mH/lLTbVEP9NkhLaUPIXGnPjXTOa+MN1Eh5X93WSWzxvTZVWLN99t+W YOoVxhpDPJHMGFV0EcWCX3S4x4SdVHhEKTO1uMqIZyz30xQrbFjLdGUDeGSSSzb5ZJRTVnllllt2 +WXOooVZuZBFm3m5mkNbseEPe20yUxd/ZlFFGBfO2GKGkTax5wwP/tlnn52mcdD/p5kWM+fDEqVz Q2J5nbfYrvOV1lax+e3aTHy/rZffRc12lN2b64up22bb1nXrauumt1h7mbU3Wa4X2tdVwIlsllyQ sa6s7nPZBvfXu4Utm93I9378b8b7bZNvx3EFvFLFFxeaxWrZJjbyv4deePXHo47a7TH1ltxzSKlG XWp0Q6eMbthLP53ztvv1u/G3vc0bU6pNv7zzid/NU3fB1mVTduDdvT34Xa+vvFytU+989uWXR/z6 uPVbe1s70xaW+ml/9dpf7sH//n3Nvx6c3MzLvw/qoleM/WKzAbBqPItYkTqWNNcJEHejY10DjfYw ikWQYI7TX3VkVsHTQG8yGEyN/wYTw0HUeBAxIOSgCC9IwriJEIUrZOFHEMa/1zmtf9SiWAJnGEMZ eeyAO8MhDmnUvB/qrWNBI2IR+VdEB47IYa/bIQVbaBCZ3U59xxLX8IpXv/idz3LK8t36+CbFr2VJ W1rkHL2CJS92qTBR4+vd5Z7UvuSFT21g46LyuMdGwqGvdXNyX7DgBC9A4U9wssrfEwUSLc85z4t1 hJz3sAguPpJNXFWsHRd5Jz8/Bq5UdEQUJJGntTR68JP3ayOdoEa4JYURfJGMH+kM+KlWUnGBdlwW J+E4R8S5L45ZgpshE4JIop2qdO373TAHZzdM1vFwAVza9IIpx2J6K2yqSmQgP/+5RlWZECaaU2Tq JPlGyT1ymX1rZSeJychz3nJ7aIqVOZmVy2o6so+Jg1730DdFQhpvWuNU5fGwda8vqpKMk+Sm/AD6 TzBOMn+TKqQvDykwHS5RabrK4cAM5sqpPW1dHOMow8aoNB7CMKTawl2rRvexkl70hxlFYkpBp82T OPRlMHWJTF2mRpvmVKc75WlPffpT8tBUqNABalGNelSk4myoSyVOUp36VKhGVS9MpWpwpHpVrGZV qySpale9+lWwLmWrY6VPWM16VrSmdSZkZWt41PpWnbVVrtOBa10rM1e8KtWuezVMXv26Gr4GljB/ JWwGBXtYxCZWPYVlbMwU+1gsyEa2OI2lbGQke1nMZlazm+VsZ+taWdA2x7OjJW1p5RJa1H7GtKtl bWvFEhAAOw== ------=_NextPart_000_0008_01C6FC5F.70A17540-- From owner-namedroppers@ops.ietf.org Mon Oct 30 14:48:11 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ged7D-0001CJ-Lv; Mon, 30 Oct 2006 14:48:11 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Ged78-0000ra-BF; Mon, 30 Oct 2006 14:48:11 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GecyA-0003lw-OQ for namedroppers-data@psg.com; Mon, 30 Oct 2006 19:38:50 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [81.91.161.3] (helo=smtp.denic.de) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gecy9-0003la-Aw for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 19:38:49 +0000 Received: from mail-int1.denic.de (mail-int1.denic.de [192.168.0.45]) by smtp.denic.de with esmtp id 1Gecy7-0000TT-De; Mon, 30 Oct 2006 20:38:47 +0100 Received: from localhost by mail-int1.denic.de with local id 1Gecy7-0003D6-00; Mon, 30 Oct 2006 20:38:47 +0100 Date: Mon, 30 Oct 2006 20:38:47 +0100 From: Peter Koch To: IETF DNSEXT WG Subject: Re: New working group document ? Message-ID: <20061030193847.GB284@denics7.denic.de> References: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> User-Agent: Mutt/1.4i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 52e1467c2184c31006318542db5614d5 モlafur Gumundsson /DNSEXT co-chair wrote: > The chairs would like to have commitment from at least 5 members of > the working group that they will contribute by reviewing and > commenting to this document. after several reads of the document I think it's a good essay about DNS spoofing and "size" of the threat (given references to 2006's figures), but I'm not sure what purpose it should serve as a WG document. Admitted, it collects some of the folklore or implementors wisdom (and might be the first document that says the query has to be sent back with the response), but what's the intended status? I don't see many interoperability issues, so Standards Track might be a tough road. Should it be a BCP for implementors? Or is it meant only as an addendum to RFC 3833 (informational)? > > 2.1. Packet Interception > > 2.2. ID Guessing and Query Prediction > > 2.3. Name Chaining > Does the working group prefer that the document stay focused on the > issue it is currently addressing or should the scope of the document > be expanded? I'm willing to review but before I commit I'd like to know again what's the intended outcome? Clarifications of the base spec, BCP for implementors, BCP for operators or just documentation? Apologies for being confused, Peter -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 15:28:06 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gedjq-0007kM-BK; Mon, 30 Oct 2006 15:28:06 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gedjj-0004hH-W7; Mon, 30 Oct 2006 15:28:06 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GedfG-0008Hm-J3 for namedroppers-data@psg.com; Mon, 30 Oct 2006 20:23:22 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [213.244.168.210] (helo=outpost.ds9a.nl) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GedfF-0008Ha-BB for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 20:23:22 +0000 Received: by outpost.ds9a.nl (Postfix, from userid 1000) id 3A67C4045; Mon, 30 Oct 2006 21:23:20 +0100 (CET) Date: Mon, 30 Oct 2006 21:23:19 +0100 From: bert hubert To: Peter Koch Cc: IETF DNSEXT WG Subject: Re: New working group document ? Message-ID: <20061030202319.GD24588@outpost.ds9a.nl> References: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> <20061030193847.GB284@denics7.denic.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20061030193847.GB284@denics7.denic.de> User-Agent: Mutt/1.5.9i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1 On Mon, Oct 30, 2006 at 08:38:47PM +0100, Peter Koch wrote: > I'm willing to review but before I commit I'd like to know again what's > the intended outcome? Clarifications of the base spec, BCP for > implementors, BCP for operators or just documentation? The purpose is rather grander. As Olafur said in http://psg.com/lists/namedroppers/namedroppers.2006/msg01236.html : My gut feeling is that it will be hard to write this or similar draft without saying "Updates RFC1035". Olafur As it stands, this draft basically aims to add some wording to RFC 1034 or 1035, plus an explanation why. In this sense it goes beyond a BCP. RFC 1034 already makes statements like "The resolver should be highly paranoid in its parsing of responses. It should also check that the response matches the query it sent using the ID field in the response.". To this we basically add "Resolvers should choose an unpredictable ID, and use an unpredictable source port for each query". I'm not well versed enough in RFC terminology to say if this is a 'clarification', or if there is a better status for this draft. Thanks for your time. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Oct 30 16:07:29 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeeLx-0002EK-01; Mon, 30 Oct 2006 16:07:29 -0500 Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeeLu-0008Dp-ME; Mon, 30 Oct 2006 16:07:28 -0500 Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeeFL-000C5G-NS for namedroppers-data@psg.com; Mon, 30 Oct 2006 21:00:39 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.6 (2006-10-03) on psg.com X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.6 Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GeeFJ-000C4x-TO for namedroppers@ops.ietf.org; Mon, 30 Oct 2006 21:00:38 +0000 Received: from [192.168.1.101] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id k9UL0O8W004127; Mon, 30 Oct 2006 16:00:26 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> References: <7.0.1.0.2.20061030110443.0464edb0@ogud.com> Date: Mon, 30 Oct 2006 15:55:47 -0500 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: Re: New working group document ? Cc: ed.lewis@neustar.biz Content-Type: text/plain; charset="iso-8859-1" ; format="flowed" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.57 on 66.92.146.160 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk X-Spam-Score: 0.0 (/) X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352 At 11:09 -0500 10/30/06, =D3lafur Gu=F0mundsson /DNSEXT co-chair wrote: >The working group has received a request to adopt the following document >as a working group document: > http://tools.ietf.org/html/draft-hubert-dns-anti-spoofing-00 >> 2.2. ID Guessing and Query Prediction >The question is: >Does the working group prefer that the document stay focused on the >issue it is currently addressing or should the scope of the document >be expanded? >If the scope is expanded we would need commitment from working >group members to produce text. Why is there a need to expand the scope of the=20 document? Why is thoroughly documenting one=20 vulnerability not enough? I would comment that this draft could be edited=20 to make a stronger statement. That would be to=20 show what is the minimum needed duration for a=20 window of opportunity to have a attack succeed=20 for a given available packet rate capacity.=20 I.e., if my botnet (uh, not that I have one)=20 could send X packets per second for a given=20 response size, how long do I need to keep the=20 true authoritative servers busy? What this document does provide is yet another=20 reason why something like BCP 38 is needed. -- -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D= -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Edward Lewis +1-571-434-5468 NeuStar Secrets of Success #107: Why arrive at 7am for the good parking space? Come in at 11am while the early birds drive out to lunch. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From fds@yahoo.co.jp Mon Oct 30 23:53:03 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GelcU-0003FQ-SA for dnsext-archive@lists.ietf.org; Mon, 30 Oct 2006 23:53:03 -0500 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GelcU-0002d9-Ql for dnsext-archive@lists.ietf.org; Mon, 30 Oct 2006 23:53:02 -0500 Received: from [221.200.153.54] (helo=lists.ietf.org) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1GelcP-0002WJ-Ra for dnsext-archive@lists.ietf.org; Mon, 30 Oct 2006 23:53:02 -0500 To: From: =?iso-2022-jp?B?GyRCOjRGIxsoQg==?= Subject: =?iso-2022-jp?B?GyRCIWokYktcNSQidjUuSn0kSzApJCQkPyQvJEYhKiEqGyhC?= MIME-Version: 1.0 Reply-To: Content-Type:text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit X-Spam-Score: 2.1 (++) X-Scan-Signature: 6d62ab47271805379d7172ee693a45db $B>pJs%(%/%9%W%l%9(B10$B7n9f(B $B From: "occurring" To: dnsext-archive@lists.ietf.org Subject: Explorer update browser. Date: Tue, 31 Oct 2006 09:51:49 -0500 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0009_01C6FCD2.2F491C10" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Spam-Score: 4.1 (++++) X-Scan-Signature: ba0d4c5f57f7c289496fce758bbf4798 ------=_NextPart_000_0009_01C6FCD2.2F491C10 Content-Type: multipart/alternative; boundary="----=_NextPart_001_000A_01C6FCD2.2F491C10" ------=_NextPart_001_000A_01C6FCD2.2F491C10 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Eviladd in Watchdont a Scare is Brother hours. Ecommerce Times Because = Ebusiness Means or Business or. Mobility Spend Absolutely Freetry Auditor is tool. Easytouse decoder package quick download. Making moviesfree Morelink or = us get a our. Short Filmson backroads lives digital is eviladd Watchdont of Scare = Brother. Depends Valueswall Sohu. They Softbank am Mobile due Reports Lower? Package quick download Free. Cdg vcd Laser sing? Find system without or. Removes Trans Fats Menumonday wake lawsuit seeking. Mark Linesch = Crossing? Whats Upnow or Whatupload! Pushes Open Lawsmonday Existing laws United Kingdom in date a should in. Clipsthis one dance train. Issues Lands Moves aim Users Assess Service vcs. Lot am change over = years business consoles online of play. Eviladd in Watchdont a Scare is Brother hours. Latjanet am Clayton = Editorial Pages or taken job? Mobile in due Reports a. Watchcows are or Evil Filmscow beserk decides Barry. Trl British Tweedy Punches. Deputy fc by Todd of Everett is Pmcomment in posting personal. Sequoia = Systems a provider electronic used states next uk Group. Mobility Spend = Absolutely Freetry Auditor is tool. Fixes Macbook Shutdown Issue is Sponsored see a exactly customers = experience a. Sites feeling pressure. Clipsuser Videovideo or Gamesviral or Radari saw it own. Ecommerce Times = Because Ebusiness Means or Business or. ------=_NextPart_001_000A_01C6FCD2.2F491C10 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
3D"here"
Eviladd in Watchdont a Scare is Brother = hours.=20 Ecommerce Times Because Ebusiness Means or Business or.
Mobility = Spend=20 Absolutely Freetry Auditor is tool.
Easytouse decoder package quick = download.=20 Making moviesfree Morelink or us get a our.
Short Filmson backroads = lives=20 digital is eviladd Watchdont of Scare Brother. Depends Valueswall = Sohu.
They=20 Softbank am Mobile due Reports Lower?
Package quick download = Free.
Cdg vcd=20 Laser sing? Find system without or.
Removes Trans Fats Menumonday = wake=20 lawsuit seeking. Mark Linesch Crossing?
Whats Upnow or = Whatupload!
Pushes=20 Open Lawsmonday Existing laws United Kingdom in date a should = in.
Clipsthis=20 one dance train.
Issues Lands Moves aim Users Assess Service vcs. Lot = am=20 change over years business consoles online of play.
Eviladd in = Watchdont a=20 Scare is Brother hours. Latjanet am Clayton Editorial Pages or taken = job? Mobile=20 in due Reports a.
Watchcows are or Evil Filmscow beserk decides = Barry.
Trl=20 British Tweedy Punches.
Deputy fc by Todd of Everett is Pmcomment in = posting=20 personal. Sequoia Systems a provider electronic used states next uk = Group.=20 Mobility Spend Absolutely Freetry Auditor is tool.
Fixes Macbook = Shutdown=20 Issue is Sponsored see a exactly customers experience a.
Sites = feeling=20 pressure.
Clipsuser Videovideo or Gamesviral or Radari saw it own. = Ecommerce=20 Times Because Ebusiness Means or Business or.
------=_NextPart_001_000A_01C6FCD2.2F491C10-- ------=_NextPart_000_0009_01C6FCD2.2F491C10 Content-Type: image/gif; name="ending.gif" Content-Transfer-Encoding: base64 Content-ID: <000801c6fcfc$181d9d70$8e4ce7ce@servidor> R0lGODlh0AHoAYf/AAAEDnUAAACAAHeIAAYHi4gAggCNi7+xxsvatrTE9TEhB2kdAHQTDpYXAMcb AuQXCgA6Dhg7ADlCClVKCHI8AKRMBrYyBN1IAABYDRZbADNjAGRmBotRDqZbCsJlBuFiCQOICyR6 CzWGCVx5AH+KB5p+AL6GCtxxAAWmAByaCTGuB1ajB4OnDKmjAMSlC+mYAACyCxm8AELDBlTJBXXH Caq4B7G6Dee1CwnfDh3qADzjAFrTC4HUAJTRA8bdDentAAAAOCwAMzQAMlMAOnIORqkAQscFO9oA PAcuPSIqQDMoNlktR38cPa0gNL4VQeMiNQA3MhxCNU0yR1U1Nns5R504P7g/TOdMSQBsQSZpPzNR QVljN45TBJVeO7VaO91UTQB5TCCHRkZ9P1GCS4SFNKN7QcVxN9h8Mg2tRRaUOjeYQFKTRIiaNp6k NcCkOtiYTAC/TRnIMTu9MWCyMXu4SK62ScC9SO3NMgDXPBPeN03qMVjjTnTdPpjRScDXNd3cRQAA fSoAgkwDfl0AeHEAepMAhr8Ff+cMiw4qfRQsjjkmg1ohgYogeqsjcbkef9MadAA/hyIzjDtNgWky eYE1gphFhLZHieNAjAZifStkiENZhGhXfXJVgZ9SdMdYee5SeAt7dBaAczl0dGuJjYR9haeOhLZ/ edeDhwCaiyWngDqjhW2ieHKmgZiri8KTc+angQDGfSXFe0y8eFjKeo7Ghq3JiL/LgeTBewPkiijt f0nfhV7ZgXHVcp3oi87se+LdiAAIsiMLv0kIxGMHxoIAw5cAysIAy+YMtAkexh4msTgdvWYXv44b s5krub4fx+0ltw1IxipLw0QzzFs/yXhKy5FNzLk2wOY9ygxetSpiyjloxmZftnxrxJlXtsVTwOtn wA2BtBF0wzOMzlJxxYKDwJOCyrmKx+2EsQCoyBuhyzKnyFuWxnqfxJWrubiqx+eVsgi0shW2x0HL t1W4yoTDxpvOyvn/75eupXaAc/sAAwj/BPL1AAYD//8A/wH////9/yH5BAAwtH0ALAAAAADQAegB Bwj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuX MGPKnEmzps2bOHPq3Mmzp0+f6X4KHUrUpb2jSJMqXcq0qdOnUKNKnUq1qtWrWLNq3cq1q9evYMOK HUv26LOmCsqqXcu2rdu3cOPKnUu3rt27ePPq3cu3r9+/gAMLHky48NSiiBMrXsy4sePHkCNL1mm4 suXLmDNrrjq5s+fPoEOLHk26tOnTqFOrXs26tevXozfLnk27tu3buHPr3s37LuzfwIMLH068uPF/ vZMrX8588/Hn0A82Jxu9uvXrDg9j3x58+lju4MOL/yf4ofw/8+TPF/xwvrx79u3dx3+PPj759+vx J4Q/kL9A9vTV959B/hW43nzy3ZcgggctqF56AQLo34P/RSjggP31Z2F6HGYYIUIF6lchffk5aGKC EyJIYorVHQbfhQAeyOKEBt6nIYY40rgfhDwqlCJ/MeI4IIsdPlhjhTdSOGSDOjZYZI5KCllkkEsy ROWRRGaoZY4G/vgkfN6J9dCLSpKJ4Yw+HsghlhABSaGZO6qpHptREijjlHK6WeecT25Zp5teguih lln2WKafTvqpp5yKMnqdi1WeSWiigiIa6ZttDippmnkeummcmkJpJ6Z7Urmnpx2aKmWqpBYaKp2g ev9KZKBSghkmWGN+CueLAY5Iaamo2mflqyOKWKyIpur5IZ6ootlqr7tWeuyCqp6KqbK92rnom9k2 OimT3UbpqnGQtkqsj02uOqexNnKqrLp9Rnvufsga6yyf6r77a6DbWisvnKDyauJCJK6poXm0iivQ rXIZ+S2+1jKbL6nSCgqopY4aaS/FFW95JKv9ijprvMdmbOiVVuq3rav9AnypkE0y/FWuh14ML6Pp fuovwddiTDLHKHOK85cn73vqx7qaTGzIozrsMc/eKpzwuOONSuPH98KcX5JNpjvj1T5bqirWUDsK 5NlDN42k0XdKzOTWN9eqcMRzc2to1HEfN5V8YCv/mm3BGA+sJuBH4xzun3WXeXjWMF/Y+Ipwq+1l ziwbTrjU2i6eeYjoTa2mzHA5RnXVpCMHuluNjV561adztfrrsMcmVey0n9a667XnLtrtTenu++9D aQf88I7xrtU/+SSfvEDKL898PgVBj3zzCVFPkPTPQ+/8QNI3j71Byl8f/fTek789+OVnH/353x8U Pvftx5/++NzTj/735yNv/vv3Xz9/9tv7n/v4xzz/rW9/4PMf/t6Xv+4tzHhKcUj89Fe/6Y1vgges oP7w97wL2g9+IKRg/dpXQA1+UIPYS2EJERLA7mHQhBYcofhWaMAOxlCGC2khDRNYQQ4OcIYbDCEI /31YQCKy74YlJKF1lOhD7YlPiSd84gydiEOFvFCFIgRiFrW4Qwcm0Yr0o2IXeVhEIDIxjFkUY/XQ uEYpwvCNVRSjE6+YRjiq0YvcOWMP6whFOFaRgnfcIhmnuMdBQpGEGFRhHwUZRCLucIVqDOIgZcjB RTIykicM5CQ9WMYy0rGJLKwjI19zGALOD48uPCQYQSnCVIaSh1j03vIcqUDnJZKS+bskIGGoR0n+ 0Y67LKIso7hBAbLykaPs5C4d6EhNqrKVJYQKMmQmEVsS8os1NCMDUQjJLiLSfXEcIAFXab/wyZGY 59yiHrHoxzPGMpnIxGQtU2i9TXJzmcI05T3pOf/LQlpSITTISQRaEsl09vKRqQxgN3XJxW6y04wS VCc4H6rLdzYUkPVEZkX3aEl3gpGMzxSnNR3KwnriMZzBJF1B+QjOTC40pb5s6At9edB/xlSQqJzk SVdaTl62sZCeZMgtf6rFkPYUmso8KlL/KE+LUCM1EzxmB2dqw6QGU34SzSASRelSQ770mjilpzcz eVKuoi+EWP2nDuF50EtWkpNw5SIq31pDm6amlNY7ZQYFWMsxmnOvGV1fTYf5zfstcLB91Gc2AXjE ouawsUMcpjgvCkxims+vE23pCNm3zbo+EIJIIZ5oR0va0pr2tKhNLemEp9rxgDY5rY2tbGdL29r/ 2va2uA3JVARQEN4SxLcCAa4Ahktc4g6kuME1CHCDW9zmDve4zo3uQZbr3N9Wt7fIje5zkwtd4zJX u8/d7nGtK97vSre3/zhvcxPiXeyGV7vKbe945/va1lE3vb8d73K5C9387he/6M2vQu47X/0WmLn8 Rch+CezfA/93wQgWcHn/m+AHAzjAB45weoXL4AsrV8AbJnB9efMQ4V74vhYGsYoTzGIKq7jD+DVx gF2cYQwbuMIflrCHfUtjG1uYwj1ucY1XzF4f51YjhzGxjJObYhbXuMlONnKGebvkBg/4yuitMpQB TGUrNwTGMZ7uQoDsYTF/WcojPgogbnXiNt/4/8UKPu+Kg9xhCFdZv9clr5m9DGYIc/nNDOlziJEb YgWLmc5jLi+OTZdm3JSYvzwusJ+jXOZKT9rQ3VW0jMkcZOva2M3rzfF8N31i+cI5y4kWtZcxHWgp H/kkXWYyeTVNZCdvGdGSdu92OR0RGIf6zkIGtaVZPexOl5nXWG71qV9tEe3EOsy5nvOen/xpVdd5 1Dk29rIhvWhp7/jPtf42qpXt7UqHW9XmbjTDNKzhSy8Yxeg+9pi9bWfsUnrK24Y2vnXs6Q2H291R vnS7OZzvfItY3WHad7AD7t1bT3je1LZzqM1r6kEDfNXdLvS7Z11kXWe64YSerqLNW22Of5y7CP9P OLOhk/KoROA2K2d5y5sT8+fMnDaMQUTNd06Um/v850C/Cs+HTvSiG52UQU+60pfO9KY7veVHj/rq mrKLp1v96mzuCAC2znUASP3r4+k618FO9sZg/exoT7va1872trv97XCPu9znLqay271FdM+73n1z 9777/e+AB8neB0/4twT+8IhPvOIRAhZBFP7xkLfH4idvmshb/vJZobzmN8/5zst2EKaBh+dHr5gj kP70qE+96ld/HUiwfneYt8wLYg/B19s+J7TPve4jePve02T3wM+974cfk+Ab//LET35Ljs/8xyv/ +dCPvmRYO32mPKR30pcO0LP/EX40xPugAT//drTTdZVsfSBe3wj2G9I7frjf++L/h/jdP5D42//9 Ank//fUPf/3L3//+VxD4R3/5938EmH/4V3/7N38KeIAF2ID1F4ETkYAGeIABSBAAmIAWiIAOWIEP KH8PqHb/kH4scX4CQYIZsX4M0RTxB4IS+H8v6IIfCH8H0YIMiIEx+IAbeIMtiIMwqIMJcYMuKIQQ QYT2F4QCGIE7iIQFCH43qHYoiH4mOHZTOHYnWIVTiH4E4XXp14VYOIIkaIUjWBAquBAsmIQS6IQf KIMySIMGYYM5SIRAqIZH2INpOIRsiIZ52H98OH8E6IZr2IY5CIQ+CIJuCIhvqIR7yGhnF4Vj/3iC j9iFjziJkBiGk4iCXAiJWxiJlaiFlMiISXF91qeB/EeIR9iATkiBi8iBahiIeEiHPqiKc9iETLiI QgiI/aeHMziIbfiHGoiHBpiITdiD3geFBmGJkjiGlgiG57eMmbiJyniFzaiJXFh+2rcUooiNiniH wLiGDGiHcBiIFxiLtHiKcTiLdriLOHiLFYiI4viC6ZiI30iLhciKCJiIQecQjoiM1HiJ/uiMnyiJ zxiNnOiIKYGIfbh/9TiPwgiPaAiO6FiPqwiL8SiHuLiNgxiOgvh9ggiLEgmHGgk7UciPBamFJOmP BRGGA/mMAumJBhkSCMmGMemQEFmIGkmMM/94kbrYjX+IEObYih2JkTa5kA2JkbgYjkBJiK64OtZo hclYjSbIjCvpidAIhtLIktQYlS/JEQFYh+s4gGDpixR4kwC4kAp5jxc4jsHoh6ioi6p4lkPYkzXY gTb4ix54l2yZlu+olNZBfRCxlQkBmB9RhgpBmNYRj6gBfiJIEYJ5EI3ZEYbJeNYXHohZGuKXj9yX mRzRfJzZmZ7JmVuQdJo5min4maZ5mnv3BKh5FNKwmq75mrAZm7JJFaRZmxUxm7iZm7q5m26hCLz3 Dy3QArY5nA0RnMR5nArRArMjeJNZFJE5HLwZF8g5nadVARthnZCBndR5jGJIlcWhnf9QAeL/eRDi qZ3lORDYWZ7pOZ4CoZ4E4Z7tyZ7wGZ7nGZ/m+Z70iZ70WZ/3SZpTsYxI1pw9Z33u2Z/62Z7heaDp qaAHahAGuqAFAZ4IOqHgaZ3smaATmqHYGZ1+wY8s+YWaaBDPyRNNYaENKqH3maInSqEJUaEsip8R GqMuaqIYWqM2ap0cangNgYwtSZXJiBo0WqMoqqDyiZ71iaESCqMvup8Z2qAIOqNI6qQuup1b6JQm WaXdqRr86aT2GaReyqBIeqE32qRP6qAyip8LaqBjOpr/mZJX6p1mKKDBM5kmqqZnWqYauqRrqqd4 qqR9mqBpKqX4maN8MZJvGqI/SoZyKhTY/1enYPqoX7qkavqgZmqjeTqm5mmng5ocdzB3+uimWemF AHoa83mkmfqeF7qe8pmqR7qfmWqhrVqqYgqfp9qkmpp9fql+i/oTjaoRSdoYG0qobPE7v0oRxZoY xxp9uTqYuxoawjp4JjGinvGse8eYCxGF0toZ1Ip2D2GNO3qtnVF+TemMWUqlqfGYxwiukmGolXiS PoGu5mqtVQmVVimVUviUkMGu0dijPRGV8QoSVtqJJSmwBAmv74qFPSqqOVGu/5qNUAGNWDmwBDmx n/WbRTGV/AqJHQoA2zobEpGw/XiSAxmu/0iwIRoT/tqwt7mciOqSBIuxmpitOgGzV+imef/BdR1r G/rYnQCpjGIYsAbLE+OahTXrrS2RsiqLEbkatOzXrKBRF1uXs9SUrpDptJ8htVaXtFq7tVx7sqXB tF37tFIhdoH5l0Y7EQYps2gLqtJYsVjbdp/KEEwLtlRbgk4JoHQbtg2RrCrRpoF5tz+6j1gqsEPb to+otn8ZkI4Jim9LeGeLkocquOlKtBM7sumHuN2quKDauG/3scyIkk35iScrrj4qlSNrfv6qr3ob HPo6lRRbui97qF5rfpAruqs7rWMLpyILp7BbuZFLiZdrtRbhup/IuZD3udyJsLw7ulSIpQpbs4cr vGj7swjrdcZ7Fz7AHCWRt3VLE9x7u4//sayZexEMmxCYm7jZcb2Ed7vqezyr276Z977wG4rgy31T cQIFgb8nsL/8q7/9SxD4C8AG0b/+S8AGHMD5u78AjMACwcD/m8D8OxAM3MD/MMEW/MANbMALrMAb vMAJXMEXDMIEDML5K8IRPMASfMAYLMIeLMDzexUWXMEH4cACTMElXMM2nMMynMI8TMI1zME6vMM2 PME7jMBETMNB3MNDbMQBDMQZ7MM8TMRQTMEhLMFCbMU4DMQc7MQy/MJWIcRNPMM4DMYonBBIrMMx LMNILMVjHMY3bMRlnMNsPMdvTMb6a8dXbMU0fMQCzMdZXMc07MVH8RBwnMdoXMJSzMaH/4zFhqzG V3zHC7HGcQzJNyzHYnzJiIzHlHzHifzIjQzHfozFnUzJjZx6h1HIB+zJfYwQJ1zJqvzJRazHDDHC SQzKmAzGGkzHKBzGvEzFVJzLltzJvuzKsbzLlizIkkfIZDzAK8zIZpzGGdzKsIzKuMzFkuzKc7zC whzHq+zI3gzJpMzIvVzGhezMxZzJQ1ybm4zJ2xzJbezMoyzKhgzNw/zO7DzG5pzP3ozHwXzP+/zD zZzG8ZzOpLnO3BzK7gzP9izPspzH9PzPi3zQ+lzKAi3OywzRhxzOF/3Q5UzQ9TyaZ4zPD23OIQ3N WuzGPezE9NzRIx3EKP3BoszESYzRNP8dwlW80pV80i6tyNHnwMCMzc8sza8MzyoN09F8xAEt1BS9 yxqcwtZc1MbM1CNs07Ts0m2s0lCtxK8nviqLzPVrvywbtsg81mTNF1991mid1mptWmXd1m791nAd 13I915651kbXAKdVCXatN3Td12pBDn4d2Liz14Rd2K/GdDDAmQcg2Izt1YZ9e40d2Vjx2JRd2bEl 2Zid2Zq92Zzd2Z7dFpYd2qI92qRd2qbNuJ+d2qq92qxN16c9eq0d27KtF/5Q16/debMt2be927yN d7nN2L2teb/N2v/q2sF93MgNG4ehDcytDf/Q3M793AQR3dA93cw9ENDt3NEtENmN3dv//dzNDd7h Ld7fXd3i7d3jDd7Yvd7hXd7o7d7sXd3bPd/cnd7WPd/mrd71fd0Hkd7uXd7X/d/yjdqR/d3Szd36 Ld0Gvt4HbuDwXRD8feAMPuEQzt4ILuHWzeD0neDUjRARrt0VfuEKvhAdjuHePeELvuEfbuLUTd8O TuCEwQqc+eIIDuIj3t8XTuMiruE7zuIebuENbhAlbuM5HuQLDuREbuE2fuTTXeQhXuI7/uJL7uM3 nuTSbdwNMd7m3eEt7uAfruX3reLovd/47eX87d/+neM0zuUNHuFGTt5KLuH2fd/vzeMY/uA1nudr rudg/q9E/uc6fuNU3uNwXuFMfudx/07oW47ocp7kDx7gQj7iKY7jGx7mUd7kTY7fVK7pgQ59rPXn jE7hQx7iPY7ngh7pKB7kg17ldu7koX7qem7iqu7kgQ7qpA7lsI7rVu62mL3lfV7jc+7i8t3eAx7f Zz7sbl7owt7emW7soZ7fiN7dIl7mlS7n5O3ohS7kK27s2g3p3A7inb1yh86onF3ccy3arpDcqQcK 6t7utsOZHDDc8g4W7TDv9t7Y7n54crEN997v/m4YR/DvAk8XhP0M+X7wGHEICL/wPCEKDP/wrz3w Ej/xFF/xn60JFp/xGr/x9w7xdsfxIB/ywEeiIp93JF/yV1cR32saK+/xEEF+o/qtKf9JhQEbqtha GByL8o5Wr7arEKr7j+6qqISR8zqvs09JvYHL85q7ryYbs0Ufd5xYsrG7j8o7sD/L67vRCU+/F/Yq 9b67lTSr9MW79W+HiV4f9pMru+wavGS/dHHbrloZ95Tb9aFrklfv8sDB1TLR9m538nyPmXgf+IK/ 939f+IY/YoOf+Iq/+DFhAYz/+JC/eYdPrZG/c5P/rJVfc3qf+XGa8mtbtqe7vZ/x88v7+QjR8sQ3 D6q/+vMgmVFhr4CZibE/u6ePtGx7+t37t3PLEYYqubj/9ourrrcvGo+ZZqy/+mJB+psY+hA7vj4v /J77Esrf87T/+9bvWnQ3ktTbid7/WoX1moVrj/QY24yyH4nP65JIv7hZmrJ177Pg37bEa5Ufeq9e SP+DC/5W2v3rD6I0f5VSCBD//gEgCECgwYMCFRI8WHChw4EIIzI0WFCixX/2NG7k2NHjR5AhRY4k WdLkSZQbJyZkmbDiwIUwYSKk6VJiTJkzY17MSbPmT4VBa7oMWlSn0ZY9lfJ8eROo0IZFXxI9mlMm UKZLcSbNelXpTpxTw2rlqrUrzJRp1aattNbtSKRxwbJ02HRnXbp4jQ6tKnYo34oQb9KdG5fvQ6eF /epMXJUw4qV6rf7tW5nnVrJPr1IcOxjjWZ+LRWOWW9r0adSpVa9mXdQk1K52z3qd/4wUMNnMhUnf 9gy1bG2qlh1rfux19uXHdomC9t1yqubnX8X+Fi6c+Vvs2bVv75gao3TOgRk2pLxysPmwguuOX2x+ PHnwh8VLfT/x4nr2m9tLncxefejGsALrsu8gW4k28e7b7zz08vIPwMrsa21CCiu08EKFXsNwQw47 9LC5Dhn8cEQRVStRrhNNOzHFhLhz8UUY4RpxRhprtJBF1nC0Mcf6KNSRNO96NBBFIXc08kgkk1Ry SSabdPJJKKOUMigNp7TySiyzbDJGLrv00kvvtPTwRyPJxFBEM80cU00TM/ryTTjjVAm1FZOasbfD 7lwtTw7JxJFPNHOkMcU/K2RTTP9EK6zSMDuRPLQ1P22M9LQSA91zUBV3NEhOTjuFMcwCoypQyPf+ Gw0vzg4MlT7CvguNKv/0I++8BxV0CiJVfZpV1KiskjAi53p99df1HtoVWKEehCy/UZ/KL1FodzRp P9qOYnA65karztfkeIuMP+i+Alex5rQNVz7grIV1OXIpO5e/4JKrLrBxPbX3XrdAxYw3XOFrbN51 mdtLvWC19Tc4ahuMsOC5Pmv44K0ShBXVdluVbDrc5BVNMoWj9fjDacWtFuNWy8VNOYPRTZZhgaMT uGSETY5N5oBphq2sbGFm2OaxGNONQLTwFXpoGSkVOcJ+c4VQwvmcfbZaiCWWtT//p29Ltr1QmyUw VeMgRmxYqqd2tVus6cvT3fjCfvRjttteu7Qf305SbijpbvtuvJFa1FEp7S4zbxABz5BowgtHSXDE E1c8ScMb/3RxyCOXfHLKK1/8UL+jzBzIvi0HfO8+G7WN0iJFt+2+DUkemGMt4x7T9NNttdVQuAVy /HZO9QyRc24NQ/3MS2Gf0vXdex+dOuMFRdF23JvPl07BxMaVWWB1PdCmHvG8S9jaUK71a/isrfNY ZK8Ov9hfkR2bK+/BVz/771duFt6IeXfPWJ97st5zLEO2aWd1PctlexGZ9tY1E+0pZ1unCpzJDkid 6CwMab7aX8yIA8AAPWw39WMU/9ToNUGEOE+EaQlTzCx4MeydrYDjmhjXepayk4mvUvXLms3CpbAL yodrUuuNCYsjNTshZ4YI2mGpWMe/KflvYQaTDrcSg5xg5QZIaLNgxSJIKxoeb2fvAiG8gDYbCK4w Yw5Enm+c1UTgjFCNLlrf+abnwudQpD4Jux6xvLZBVaVHWTJslBDDZ6DoGeeNCxrdrZaGH7NFkVx1 /GMQ+1UeFDqoRWukJHaIh8RMeUxNm8OkaSr5SY+UkE6d9B0nMRU8UqZSlatkZStd+UpYxlKWs6Sl obA4t+GhMnSaymQtfSkl0PWwUJxTXeAcRsAPDXOYozSl/Rwpx6fp5yagpGY1Y/+EzJ71MnmEMqYW i5fJZRqNl7XDIwJ1QyVrplOdHzHRHqv3RvohkFn7q+HK3iesOd7FiLEaDhDhJz7w+fORO7xf+gIZ xAHF65cLbY0SMeatdFlHZ56Jprocg8HcZG+LZjRg/iT4RI1VzHx25COV3LFOlKpTlA8t2CNvxi6m 8c4vqWojRplyRH7lU20J9eFGu1bFQiqmhwwl6mkcSkEAgoiB6QoUFW9p058hE4w/rOLLOhNSoBLw OF50U0q9+tXuHHSRSWvjFeNHvmG9iqyRdJULx6pRQ+4KawP1oyD3yb74PXF6XQVrX0dYVMqND7CD JWxhbSlYwyZWsYtlbGPv5lf/yEZWspP9pGMte1nMmsYWmeVsZz37WdCG1mOUJW1pTXtaOYlWtavF JGpd+1rYxla2s6VtbW17W9zmVrfpZG1vfftb4AZXuMMlbnETtVvkJle5hTNuc7P0Bt8uV7rTpW51 rXtd7GZXu9vlbne9+13w5s654yXvkV5riPCmV70cKW973Quy9cZXvvOlb33te8335le/EwLdfv0r l/tq5L+WBceAmfQacCS4wAou8D8aLJAGMzgoCoYwhYsi4QorhMIPdrCDE9xhDWvYwhkmsYcf/OEM M3jBEzbxhzm84BOv+MIblrCKjTLiF0/YxRiuMIptbOMeizjGIzZxi2XMYyML/3nGHIbwjYe84w3z tb6pYfKJPRxiJrMYxEjJ8pVD7GUQR9jKW56xiJt8ZhRfucpj3nKO0+ziC8f5xlz+8pvlfGYtd7jK c0Zzn+OS4yZ3+ct4ZvOey5xnQwPXJIlecYTJLGdBd9nRfZ60oy0tl0brOc6ZljGWCT1oTXM6z6Am 9aMzbepRfzrReA60n+lMakF/msWrNjSgUR1ge6jGwhi+dJHvTOQw+1jWva60pn3d6lN7mtO7brWs kR1qLdM4zY9Gda9BnWVe77rGm34zsMmM7WkPes+0hjSimR3cRXVa3aumtq2Dbec2FzvFoy72uCn9 60LP+t7Xpna7N21mevPZ2P+w/jebBd5vVju72fzW8bQN3mFcp7vN375zwlG98DCzWt6uBvTG5d1p jYtb3xkXOMhLPXGKB/zXF0e0n2Pt7oqH3NnkFrnFpRynOLyWytoWNpaBLW1JR9nnIIcx0YUM8yET /MctP3rCTd7iJNv82O7GsZN9vG2rixzIQXa6t00dbm9jfeZi/21/DXz2iJfk7Gt3TYDZ/na4x13u c6d73UHbbbwHHcqTRjORtx52ccM70OE+domRDGavT53eZC/61Qn/c6C/2OFSt/vHNCR4vrPbynaO dcr9nW+K893ViL/2mLFd54ejHOMIV72kMU3iAqfdtroevdEJ/uyBv5rlzbb/t6cvbnqZfzzmpz59 yNmt9D+/fvSVf6zaN577NYu550cmvOot/nCjh33yJHc511N9ZH8bH8dg/7fudRztm8v+tVlw/rkx HumJxzjm1g9/tfV9esn3vO/CLr7vwVzz1VM5/5u/mou97GAC9eMt1HCzOju5hbO9UrM11yvAkas1 42tA3+s/0dPAkTO/1vNApmM+wVm0WRu/x+O5DYS6gyu873M495PA0Ks6/wM3g+s/Ffwxr4M8wVOy IDPABIwtEQxC1TI7IWScH1wuJDrC6Uq/9UpCJXzCySpCKewsEhy7o3syzyuyreuxpDs/7/NBKAxD sKIyACS/23O6VKs/ycPA/86bQjc0KueDttqLwO9LQ83rvowTQz10LWgDPgC8QppbMjQkuarbQ0Nc J9pLNiRLPaRLww7cP2trwzecRL2JQ+ILwd0LxFfzQ95Dp0P8RLBaBwH7wD+EOqrbQS5sOH7bPCYE RVd0C3noEkqcRcMiQsh5RVz8q8byAVpEIn8IQhLoRWEcRmLErFw8xmpyAcoqRmaUJWQcoVh8Rmmc Rmqspma8RleqRm3cRm7sRm/8RnAMR3EcR3IsR3M8R3RMR3VcR3ZsR8jCRnhUJXecR9qKR3u8R3zM R33cxyWhR3+ELX4MSIEcSHT7R4M8SIT8RoJcSMtLSIf0K4aMyON6SIr0KteJvEiMzEiN3Mj3qkiP /EiQVD+OHMl+DEmTpCQkkQKSHMmTbEldXEmYjEmZnEmarEmbbCyX9EcLQKmb7Emf/EmgDMonyUmi dByhPMpKLEqlHBqkbEqnfEqodMqlnEqqrErTikqszEqt3Equ7Eqv/EqwDEuxHEuyLEuzPMuhtEq1 fBO0ZMm1fEsuactZFAa5rEu71Ee4zMuTAAa1u0u//EvADMxZ0kvC1A7BXMjCTMznOUzGbMyCVEzI vJckmMwkiEzL1AjKzMzLVMrVyMzJdEx4pEzQFMaAAAA7 ------=_NextPart_000_0009_01C6FCD2.2F491C10--