From nobody Tue Oct 13 07:32:35 2020 Return-Path: X-Original-To: hipsec@ietfa.amsl.com Delivered-To: hipsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A10D73A044A for ; Tue, 13 Oct 2020 07:32:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.085 X-Spam-Level: X-Spam-Status: No, score=-2.085 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=liu.se Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nC-jiYG40Th4 for ; Tue, 13 Oct 2020 07:32:31 -0700 (PDT) Received: from carinthia.it.liu.se (carinthia.it.liu.se [130.236.3.99]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09F653A0317 for ; Tue, 13 Oct 2020 07:32:30 -0700 (PDT) Received: from e-mailfilter01.sunet.se (e-mailfilter01.sunet.se [IPv6:2001:6b0:8:2::201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by carinthia.it.liu.se (Postfix) with ESMTPS id 6F2608034F; Tue, 13 Oct 2020 16:32:28 +0200 (CEST) DKIM-Filter: OpenDKIM Filter v2.11.0 carinthia.it.liu.se 6F2608034F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=liu.se; s=liu.liu; t=1602599548; bh=Lz/AjGM36rga5+c5lsmn3PAKlDaTcgKbA8L89M88FQw=; h=From:Subject:To:References:Cc:Date:In-Reply-To:From; b=ru3WPq9RPo1DR70YpI+8h/m38K8dEkSQvoSzMt98Ug83HQEIWOgE2tjIxbtwRgIBJ +EUrfzh+I4OPSZcoGhe8kkcoupDfqVkuKzaMe4dB32AO+UfOa582oShYxGBRBynPRp HJ15E4edXVYTb1kQXe61ajc6NLLFPLpAGfIUNahBQxaZofHqKHNrAfkv3PKLkWgGwf RLN3QrD8Xj5KFRFuRyQBtOxHK9yECXOZXTkNKSYtnni9sWL6JeskcMpAOEHwI+zEBM AqzeBX33EHYeT/76u0gatJkk1m2N6IKdSUZmsNNzjdyIFD1iNPPNAQsbfbzaQwW1P0 ZNF0vnSUg/DPQ== Received: from andania.it.liu.se (andania.it.liu.se [130.236.8.136]) by e-mailfilter01.sunet.se (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id 09DEWRBX001654 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 13 Oct 2020 16:32:27 +0200 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05lp2107.outbound.protection.outlook.com [104.47.18.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by andania.it.liu.se (Postfix) with ESMTPS id 23613A015D; Tue, 13 Oct 2020 16:32:27 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MzKoloriaV244Ftj2XN6GVAcsoxDQ6wp82bZ3tcS2kgBzn995d1sLs/PfGTxhBxNZ7reT1/iLLUMOWzOsaURvxkLkSKHq2rpCAphWBJxhTqKrg1zIVhBvb+LUYpRuVujhO9wd5WW+Y5y76HneLswpHj5Nn3wKuWBxos5yFNJ5ufAM8QrLQtUpCDDQKXS0ICNooJ3sPyjYTtP7GKLfbRYH+wIRXVudBE5H3mEl/VLi8jpAdtwIAASHG+iN0KXdzIp+goTLQZPoFkiAdpbTpddIl/RLEnj2CUlBv93YL1movvOT5CX1cY9K8gGFWDhMa/tTXPCp9iIAzRw3INzWw5IWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PZpRR/uXekpOvJpoRfDwm+C7l63hPC5JTheXAeYLKTw=; b=AkNaBleGmqwRzxJD8J7I7IxUZ20Vec4IjEbxGUch0Gj2SWo9OPguT8Ohw6H92edOmdwxkSmqxnnU1c6GT/YHmc1tZdSaTzbTY9QsXSSna+QbZM2L+CsE5heOR1eYbxFwlPpBzkkKFnicCAy1tS4iYM6jhtsrGbkPqEXETQAOul8QUnScKdIvLS+Qwv8g2y0h5/HfdSDEunoc7zVAXFpBtfWnqYSd943EI8GXcJQP0vBpaZB6YXMUBPImmO29+OOIydOpWa5gc8UhGE/5gnGVh5uV8PpMrZKv0jZdggNMtha76SzxvmgPY+DlHDSik2798UfuZ+SubFsbLwSfCwC9gQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=liu.se; dmarc=pass action=none header.from=liu.se; dkim=pass header.d=liu.se; arc=none Authentication-Results: temperednetworks.com; dkim=none (message not signed) header.d=none;temperednetworks.com; dmarc=none action=none header.from=liu.se; Received: from AM8P191MB1201.EURP191.PROD.OUTLOOK.COM (2603:10a6:20b:1ec::17) by AM4P191MB0098.EURP191.PROD.OUTLOOK.COM (2603:10a6:200:5e::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3455.22; Tue, 13 Oct 2020 14:32:26 +0000 Received: from AM8P191MB1201.EURP191.PROD.OUTLOOK.COM ([fe80::7405:9262:f0eb:4de]) by AM8P191MB1201.EURP191.PROD.OUTLOOK.COM ([fe80::7405:9262:f0eb:4de%5]) with mapi id 15.20.3455.030; Tue, 13 Oct 2020 14:32:26 +0000 From: Andrei Gurtov To: "hipsec@ietf.org" References: <58faed1c-5758-f597-8633-519b81dbc923@student.liu.se> Cc: Jeff Ahrenholz Message-ID: Date: Tue, 13 Oct 2020 16:32:23 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 In-Reply-To: <58faed1c-5758-f597-8633-519b81dbc923@student.liu.se> Content-Type: multipart/alternative; boundary="------------917B974972E36C0426F4AA2A" Content-Language: en-US X-Originating-IP: [217.210.49.61] X-ClientProxiedBy: HE1PR05CA0389.eurprd05.prod.outlook.com (2603:10a6:7:94::48) To AM8P191MB1201.EURP191.PROD.OUTLOOK.COM (2603:10a6:20b:1ec::17) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [192.168.50.200] (217.210.49.61) by HE1PR05CA0389.eurprd05.prod.outlook.com (2603:10a6:7:94::48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.20 via Frontend Transport; Tue, 13 Oct 2020 14:32:25 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e5b38a4f-73c4-4282-fd53-08d86f84cde2 X-MS-TrafficTypeDiagnostic: AM4P191MB0098: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Ulvg1VihnjZRGX2pbJ2hZC1rg8louE0WNw7rjKvELCTE93UmT5zoaJZpDJrfZe9einhkjtgKzGJ0WUFaUSYU/GSy0mHRHjZUXEulxbqWrQzjPDJc0BHCBZafBHsZboX58CEJpfDHPTc/MzuNMqIZTkekQMbc+jh/uEbBVMVu5Ia+qwFoKwtZeJiMeIbUX4YdAZalm8R3Lv8FccomKY1rnfixaVq0yyMbn8fTa/QeLeGpZABpWiBe/Gw/GQL272/OiazCtOLFRCApwr529QwvJYJGs9HziZt2NZrUeZaYNIS2CXb0gDhDYbgGf7mndNI7CGi/ml4CABid+SXYNYH6gXi1CtIDqXYa12UA7KTo4zckW9BKIuiA40YypKlcR/THQBjur4wWqeS6rNS0QrmLPieaViQZl25kZFM1favGSitqsm8HcT4CTDBDDBXo0lOyM4koXqti/3ZGzXaHeVU3TA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM8P191MB1201.EURP191.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(39850400004)(396003)(136003)(366004)(376002)(346002)(186003)(16526019)(36756003)(26005)(33964004)(31696002)(52116002)(2616005)(956004)(5660300002)(66556008)(31686004)(4326008)(66476007)(66946007)(786003)(316002)(2906002)(3480700007)(16576012)(8936002)(8676002)(83080400001)(83380400001)(166002)(966005)(6916009)(44832011)(86362001)(21615005)(478600001)(6486002)(43740500002); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData: cNyHupilY7x6Oi0Txwljxa4A2FZ4DMZEdfwl/FoTOGWAG4cum43uM3h8Ro+AbAObSmTUhMY9ns5npttJCmU7GEMv/ooCARXeVDfeTx3jeEO9gxGUJ8Jg9BqvzpUnHxX3mUiMLuzTP+9la5UB8APK62Mo3kt/aXwtrWuI6Rb3g3wsqGr0WqhdoWbKmssRqH3pNXvXBBKsOiRtbxRducLrisIuhtNCD9VnjG2/BtujkNXxHqftPg6bE7r1jZnATZSxOi+sjv4b43kFtPHjMiD9cvyfnhA3FhGy6rjEESvjRv9Q1+cBaYQQ6I4zSS+kgMWRQvssRaZvuBbPVUKW11r85ptLzfPjzucBaddjE2NYVHZXtZFmboRd0LFgE4vYBPWrO6eBNIUvYhiEx6+jlvWODw5zE2jrSDlAWa+dIUgwXn2lKs6MiGyT9O1KaAsZAxPZIiRnz04HbQDSKv4KKGhX1pJjp6rPmGx03GvfJBsPGknPFaS2tbMbqLohQa0Z8b93o0xKC5a/w7wlZt00Qzwxfb7jXf9/fo69xVozYpZrbHJt2ODefRmbWjDeiqRGZmCFp+8VmR9n0rG58zKCS+bXjmny64y31vyhCueyDpLNfz64e/pKBnL2rXNUQ1v8rBvs1w0whyz7mmGe8BX+h4OrhQ== X-OriginatorOrg: liu.se X-MS-Exchange-CrossTenant-Network-Message-Id: e5b38a4f-73c4-4282-fd53-08d86f84cde2 X-MS-Exchange-CrossTenant-AuthSource: AM8P191MB1201.EURP191.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Oct 2020 14:32:26.0217 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 913f18ec-7f26-4c5f-a816-784fe9a58edd X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bNk4ceRHDm2xNetpX5/rDhufVNrn7eyqcC05DWxi7i8pm9ihGEAa7wNfTOVZoIAK X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4P191MB0098 X-Bayes-Prob: 0.0001 (Score 0, tokens from: outbound, outbound-liu-se:default, base:default, @@RPTN) X-p0f-Info: os=Linux 3.11 and newer, link=Ethernet or modem X-CanIt-Geo: ip=104.47.18.107; country=NL; region=North Holland; city=Amsterdam; latitude=52.3534; longitude=4.9087; http://maps.google.com/maps?q=52.3534,4.9087&z=6 X-CanItPRO-Stream: outbound-liu-se:outbound (inherits from outbound-liu-se:default, base:default) X-Canit-Stats-ID: 093DqwrS3 - 919f81a54324 - 20201013 X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw X-Scanned-By: CanIt (www . roaringpenguin . com) Archived-At: Subject: [Hipsec] Implementation questions from students X-BeenThere: hipsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Oct 2020 14:32:34 -0000 --------------917B974972E36C0426F4AA2A Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Hello, Some questions from a group of students working on HIPv2 implementation. I guess mostly to OpenHIP. A few were already answered on DRIP list. br Andrei -------- Forwarded Message -------- We had some questions about the HIP project that you could perhaps forward to the correct person: 1. In the function /build_tlv_hmac()/ in src/protocol/hip_output.c, there is the following bit of code: /* get lower 160-bits of HMAC computation */  memcpy(hmac->hmac,          &hmac_md[hmac_md_len-sizeof(hmac->hmac)],          sizeof(hmac->hmac)); (https://bitbucket.org/openhip/openhip/src/37972774633783905ec4f7961d2a5476092ed529/src/protocol/hip_output.c#lines-1373) The expression used as index into /hmac_md//[]/ seems to be calculated erroneously, as /sizeof(hmac->hmac)/ evaluates to 64 bytes and /hmac_md_len/ is the output size of the hash function used. Since SHA256 for example produces 256 bits / 8 = 32 bytes as output, this calculation evaluates to 32 - 64 = -32 when treated as signed integers. This results in the data between /hmac_md[-32]/ and /hmac_md[32]/ being read, which reads out of bounds for the array. Using GDB we have observed that this causes other values located on the stack (such as /hmac_md_len/) to be copied into /hmac->hmac//./ Also, per RFC 7401 (HIPv2), "The size of the HMAC is the natural size of the hash computation output depending on the used hash function". Thus there does not seem to be a need to truncate this value to 160 bits? At least one implementation (https://www.cryptosys.net/manapi/api_kmac.html) of the KMAC function (that we have added as an option to HMAC) also states that the output of the KMAC function cannot be truncated when used as a message authentication code. 2. When parsing incoming R1 packets (and probably some other types as well), the peer's HIT from the packet seems to be validated against a locally computed HIT from the peer's HI. This occurs before any parameters other than the puzzle, host ID, and signature have been parsed. In /hip_parse_R1()/, /validate_hit()/ uses /hi_to_hit()/ to compute this and compares the returned value to the one received from the peer. However, since the HIT_SUITE_LIST parameter has not yet been parsed, the variable /hip_a->peer_hi->hit_suite_id/ still has its default value of 0. There is a fallback in /hi_to_hit()/ which silently uses SHA256 as the hashing algorithm for creating a HIT from a HI if the HIT suite is set to an invalid value, which enables the verification to succeed if the received HIT happens to also be calculated with SHA256. Other algorithms (such as cSHAKE which we are adding) will cause this to fail, as /hip_a->peer_hi->hit_suite_id/ is only set correctly after the HIT has been verified. We have worked around this issue by first ignoring all parameters other than the HIT_SUITE_LIST (thus ensuring that the HIT suite variable is set before any other parameters are parsed), then continuing with parsing the signature-related parameters and finally the others. Is this an acceptable solution to this problem? Those silent fallbacks seem to cause more problems that they solve, maybe they should be removed or at least emit a warning when triggered? 3. What should the lengths for the key and IV be for River/Lake Keyak? It seems that these lengths are variable and can be chosen at runtime. 4. There does not seem to be any support for EdDSA25519ph or EdDSA448ph in OpenSSL, and we cannot find any C implementations from a reputable source. Would it be OK if we held off on adding these for the time being? EdDSA25519 and EdDSA448 are implemented in OpenSSL 1.1.1 and seem to work for use in OpenHIP. 5. In section 6 of https://www.ietf.org/id/draft-moskowitz-hip-new-crypto-05.html, there is a comment about how SHAKE, cSHAKE or KMAC could be used as a pseudo-random generator. Should we do something with this information, or is it just there for future reference? Isn't randomness usually handled by the kernel since it has access to higher-quality entropy sources, and if so, is there any place in the OpenHIP code where it would be beneficial to use SHAKE/cSHAKE/KMAC for this purpose? 6. Should the new encryption- and signature algorithms we are adding be used as default in OpenHIP or just be available as a command line option? 7. (This is mostly a minor thing) When we are adding KMAC as an alternative to HMAC, is it proper to put this into a function called /build_tlv_*hmac*()/? Seeing as this function will then sometimes calculate a HMAC and other times a KMAC, should it be renamed to /build_tlv_mac()/? Or will it be less intrusive to others (that might be used to the name) to not change it even though the name might be misleading? Or should we add a new function called /build_tlv_kmac()/? (Although this might lead to a lot of switch-case statements everywhere that /build_tlv_hmac()/ is called) --------------917B974972E36C0426F4AA2A Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: base64 PGh0bWw+PGhlYWQ+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRl eHQvaHRtbDsgY2hhcnNldD11dGYtOCI+DQogIDwvaGVhZD4NCiAgPGJvZHk+DQogICAgPHA+SGVs bG8sPC9wPg0KICAgIDxwPlNvbWUgcXVlc3Rpb25zIGZyb20gYSBncm91cCBvZiBzdHVkZW50cyB3 b3JraW5nIG9uIEhJUHYyDQogICAgICBpbXBsZW1lbnRhdGlvbi4gSSBndWVzcyBtb3N0bHkgdG8g T3BlbkhJUC4gQSBmZXcgd2VyZSBhbHJlYWR5DQogICAgICBhbnN3ZXJlZCBvbiBEUklQIGxpc3Qu PGJyPg0KICAgIDwvcD4NCiAgICA8cD5iciBBbmRyZWk8YnI+DQogICAgPC9wPg0KICAgIDxkaXYg Y2xhc3M9Im1vei1mb3J3YXJkLWNvbnRhaW5lciI+PGJyPg0KICAgICAgLS0tLS0tLS0gRm9yd2Fy ZGVkIE1lc3NhZ2UgLS0tLS0tLS0NCiAgICAgIDx0YWJsZSBjbGFzcz0ibW96LWVtYWlsLWhlYWRl cnMtdGFibGUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgYm9yZGVyPSIwIj4NCiAg ICAgICAgPHRib2R5Pg0KICAgICAgICAgIDx0cj4NCiAgICAgICAgICAgIDx0aCB2YWxpZ249IkJB U0VMSU5FIiBub3dyYXA9Im5vd3JhcCIgYWxpZ249IlJJR0hUIj48YnI+DQogICAgICAgICAgICA8 L3RoPg0KICAgICAgICAgICAgPHRkPjxicj4NCiAgICAgICAgICAgIDwvdGQ+DQogICAgICAgICAg PC90cj4NCiAgICAgICAgICA8dHI+DQogICAgICAgICAgICA8dGggdmFsaWduPSJCQVNFTElORSIg bm93cmFwPSJub3dyYXAiIGFsaWduPSJSSUdIVCI+PGJyPg0KICAgICAgICAgICAgPC90aD4NCiAg ICAgICAgICAgIDx0ZD48YnI+DQogICAgICAgICAgICA8L3RkPg0KICAgICAgICAgIDwvdHI+DQog ICAgICAgICAgPHRyPg0KICAgICAgICAgICAgPHRoIHZhbGlnbj0iQkFTRUxJTkUiIG5vd3JhcD0i bm93cmFwIiBhbGlnbj0iUklHSFQiPjxicj4NCiAgICAgICAgICAgIDwvdGg+DQogICAgICAgICAg ICA8dGQ+PGJyPg0KICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAg IDx0cj4NCiAgICAgICAgICAgIDx0aCB2YWxpZ249IkJBU0VMSU5FIiBub3dyYXA9Im5vd3JhcCIg YWxpZ249IlJJR0hUIj48YnI+DQogICAgICAgICAgICA8L3RoPg0KICAgICAgICAgICAgPHRkPjxi cj4NCiAgICAgICAgICAgIDwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+DQog ICAgICAgICAgICA8dGggdmFsaWduPSJCQVNFTElORSIgbm93cmFwPSJub3dyYXAiIGFsaWduPSJS SUdIVCI+PGJyPg0KICAgICAgICAgICAgPC90aD4NCiAgICAgICAgICAgIDx0ZD48YnI+DQogICAg ICAgICAgICA8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGJvZHk+DQogICAgICA8 L3RhYmxlPg0KICAgICAgPGRpdiBjbGFzcz0ibW96LXRleHQtaHRtbCIgbGFuZz0ieC11bmljb2Rl Ij4NCiAgICAgICAgPHA+V2UgaGFkIHNvbWUgcXVlc3Rpb25zIGFib3V0IHRoZSBISVAgcHJvamVj dCB0aGF0IHlvdSBjb3VsZA0KICAgICAgICAgIHBlcmhhcHMgZm9yd2FyZCB0byB0aGUgY29ycmVj dCBwZXJzb246PC9wPg0KICAgICAgICA8b2w+DQogICAgICAgICAgPGxpPkluIHRoZSBmdW5jdGlv biA8aT5idWlsZF90bHZfaG1hYygpPC9pPiBpbg0KICAgICAgICAgICAgc3JjL3Byb3RvY29sL2hp cF9vdXRwdXQuYywgdGhlcmUgaXMgdGhlIGZvbGxvd2luZyBiaXQgb2YNCiAgICAgICAgICAgIGNv ZGU6PGJyPg0KICAgICAgICAgICAgPHAgZGlyPSJsdHIiIHN0eWxlPSJsaW5lLWhlaWdodDoxLjYy ODU3MTQyODU3MTQyODY7YmFja2dyb3VuZC1jb2xvcjojMjkyZDNlO21hcmdpbi10b3A6MHB0O21h cmdpbi1ib3R0b206MHB0OyI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1p bHk6J0NvdXJpZXIgTmV3Jztjb2xvcjojNjc2ZTk1O2JhY2tncm91bmQtY29sb3I6dHJhbnNwYXJl bnQ7Zm9udC13ZWlnaHQ6NDAwO2ZvbnQtc3R5bGU6aXRhbGljO2ZvbnQtdmFyaWFudDpub3JtYWw7 dGV4dC1kZWNvcmF0aW9uOm5vbmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7d2hpdGUtc3BhY2U6 cHJlO3doaXRlLXNwYWNlOnByZS13cmFwOyI+LyogZ2V0IGxvd2VyIDE2MC1iaXRzIG9mIEhNQUMg Y29tcHV0YXRpb24gKi88L3NwYW4+PC9wPg0KICAgICAgICAgICAgPHAgZGlyPSJsdHIiIHN0eWxl PSJsaW5lLWhlaWdodDoxLjYyODU3MTQyODU3MTQyODY7YmFja2dyb3VuZC1jb2xvcjojMjkyZDNl O21hcmdpbi10b3A6MHB0O21hcmdpbi1ib3R0b206MHB0OyI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZToxMC41cHQ7Zm9udC1mYW1pbHk6J0NvdXJpZXIgTmV3Jztjb2xvcjojZjA3MTc4O2JhY2tncm91 bmQtY29sb3I6dHJhbnNwYXJlbnQ7Zm9udC13ZWlnaHQ6NDAwO2ZvbnQtc3R5bGU6bm9ybWFsO2Zv bnQtdmFyaWFudDpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5vbmU7dmVydGljYWwtYWxpZ246YmFz ZWxpbmU7d2hpdGUtc3BhY2U6cHJlO3doaXRlLXNwYWNlOnByZS13cmFwOyI+Jm5ic3A7PC9zcGFu PjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5ldyc7 Y29sb3I6IzgyYWFmZjtiYWNrZ3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0OjQw MDtmb250LXN0eWxlOm5vcm1hbDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlvbjpu b25lO3ZlcnRpY2FsLWFsaWduOmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFjZTpw cmUtd3JhcDsiPm1lbWNweTwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250 LWZhbWlseTonQ291cmllciBOZXcnO2NvbG9yOiM4OWRkZmY7YmFja2dyb3VuZC1jb2xvcjp0cmFu c3BhcmVudDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC12YXJpYW50Om5v cm1hbDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGlnbjpiYXNlbGluZTt3aGl0ZS1z cGFjZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij4oPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250 LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5ldyc7Y29sb3I6I2YwNzE3ODtiYWNr Z3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0OjQwMDtmb250LXN0eWxlOm5vcm1h bDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlvbjpub25lO3ZlcnRpY2FsLWFsaWdu OmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFjZTpwcmUtd3JhcDsiPiA8L3NwYW4+ PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6J0NvdXJpZXIgTmV3Jztj b2xvcjojYTZhY2NkO2JhY2tncm91bmQtY29sb3I6dHJhbnNwYXJlbnQ7Zm9udC13ZWlnaHQ6NDAw O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtdmFyaWFudDpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5v bmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7d2hpdGUtc3BhY2U6cHJlO3doaXRlLXNwYWNlOnBy ZS13cmFwOyI+aG1hYzwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZh bWlseTonQ291cmllciBOZXcnO2NvbG9yOiM4OWRkZmY7YmFja2dyb3VuZC1jb2xvcjp0cmFuc3Bh cmVudDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC12YXJpYW50Om5vcm1h bDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGlnbjpiYXNlbGluZTt3aGl0ZS1zcGFj ZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij4tJmd0Ozwvc3Bhbj48c3BhbiBzdHlsZT0iZm9u dC1zaXplOjEwLjVwdDtmb250LWZhbWlseTonQ291cmllciBOZXcnO2NvbG9yOiNhNmFjY2Q7YmFj a2dyb3VuZC1jb2xvcjp0cmFuc3BhcmVudDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpub3Jt YWw7Zm9udC12YXJpYW50Om5vcm1hbDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGln bjpiYXNlbGluZTt3aGl0ZS1zcGFjZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij5obWFjPC9z cGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5l dyc7Y29sb3I6Izg5ZGRmZjtiYWNrZ3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0 OjQwMDtmb250LXN0eWxlOm5vcm1hbDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlv bjpub25lO3ZlcnRpY2FsLWFsaWduOmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFj ZTpwcmUtd3JhcDsiPiw8L3NwYW4+PC9wPg0KICAgICAgICAgICAgPHAgZGlyPSJsdHIiIHN0eWxl PSJsaW5lLWhlaWdodDoxLjYyODU3MTQyODU3MTQyODY7YmFja2dyb3VuZC1jb2xvcjojMjkyZDNl O21hcmdpbi10b3A6MHB0O21hcmdpbi1ib3R0b206MHB0OyI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZToxMC41cHQ7Zm9udC1mYW1pbHk6J0NvdXJpZXIgTmV3Jztjb2xvcjojZjA3MTc4O2JhY2tncm91 bmQtY29sb3I6dHJhbnNwYXJlbnQ7Zm9udC13ZWlnaHQ6NDAwO2ZvbnQtc3R5bGU6bm9ybWFsO2Zv bnQtdmFyaWFudDpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5vbmU7dmVydGljYWwtYWxpZ246YmFz ZWxpbmU7d2hpdGUtc3BhY2U6cHJlO3doaXRlLXNwYWNlOnByZS13cmFwOyI+Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9zcGFuPjxzcGFuIHN0 eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5ldyc7Y29sb3I6Izg5 ZGRmZjtiYWNrZ3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0OjQwMDtmb250LXN0 eWxlOm5vcm1hbDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlvbjpub25lO3ZlcnRp Y2FsLWFsaWduOmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFjZTpwcmUtd3JhcDsi PiZhbXA7PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidD b3VyaWVyIE5ldyc7Y29sb3I6I2E2YWNjZDtiYWNrZ3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2Zv bnQtd2VpZ2h0OjQwMDtmb250LXN0eWxlOm5vcm1hbDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQt ZGVjb3JhdGlvbjpub25lO3ZlcnRpY2FsLWFsaWduOmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3 aGl0ZS1zcGFjZTpwcmUtd3JhcDsiPmhtYWNfbWQ8L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZToxMC41cHQ7Zm9udC1mYW1pbHk6J0NvdXJpZXIgTmV3Jztjb2xvcjojODlkZGZmO2JhY2tncm91 bmQtY29sb3I6dHJhbnNwYXJlbnQ7Zm9udC13ZWlnaHQ6NDAwO2ZvbnQtc3R5bGU6bm9ybWFsO2Zv bnQtdmFyaWFudDpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5vbmU7dmVydGljYWwtYWxpZ246YmFz ZWxpbmU7d2hpdGUtc3BhY2U6cHJlO3doaXRlLXNwYWNlOnByZS13cmFwOyI+Wzwvc3Bhbj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTonQ291cmllciBOZXcnO2NvbG9y OiNhNmFjY2Q7YmFja2dyb3VuZC1jb2xvcjp0cmFuc3BhcmVudDtmb250LXdlaWdodDo0MDA7Zm9u dC1zdHlsZTpub3JtYWw7Zm9udC12YXJpYW50Om5vcm1hbDt0ZXh0LWRlY29yYXRpb246bm9uZTt2 ZXJ0aWNhbC1hbGlnbjpiYXNlbGluZTt3aGl0ZS1zcGFjZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdy YXA7Ij5obWFjX21kX2xlbjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250 LWZhbWlseTonQ291cmllciBOZXcnO2NvbG9yOiNmMDcxNzg7YmFja2dyb3VuZC1jb2xvcjp0cmFu c3BhcmVudDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC12YXJpYW50Om5v cm1hbDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGlnbjpiYXNlbGluZTt3aGl0ZS1z cGFjZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij4gPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250 LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5ldyc7Y29sb3I6Izg5ZGRmZjtiYWNr Z3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0OjQwMDtmb250LXN0eWxlOm5vcm1h bDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlvbjpub25lO3ZlcnRpY2FsLWFsaWdu OmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFjZTpwcmUtd3JhcDsiPi08L3NwYW4+ PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6J0NvdXJpZXIgTmV3Jztj b2xvcjojZjA3MTc4O2JhY2tncm91bmQtY29sb3I6dHJhbnNwYXJlbnQ7Zm9udC13ZWlnaHQ6NDAw O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtdmFyaWFudDpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5v bmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7d2hpdGUtc3BhY2U6cHJlO3doaXRlLXNwYWNlOnBy ZS13cmFwOyI+IDwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWls eTonQ291cmllciBOZXcnO2NvbG9yOiM4OWRkZmY7YmFja2dyb3VuZC1jb2xvcjp0cmFuc3BhcmVu dDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC12YXJpYW50Om5vcm1hbDt0 ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGlnbjpiYXNlbGluZTt3aGl0ZS1zcGFjZTpw cmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij5zaXplb2YoPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250 LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5ldyc7Y29sb3I6I2E2YWNjZDtiYWNr Z3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0OjQwMDtmb250LXN0eWxlOm5vcm1h bDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlvbjpub25lO3ZlcnRpY2FsLWFsaWdu OmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFjZTpwcmUtd3JhcDsiPmhtYWM8L3Nw YW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6J0NvdXJpZXIgTmV3 Jztjb2xvcjojODlkZGZmO2JhY2tncm91bmQtY29sb3I6dHJhbnNwYXJlbnQ7Zm9udC13ZWlnaHQ6 NDAwO2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtdmFyaWFudDpub3JtYWw7dGV4dC1kZWNvcmF0aW9u Om5vbmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7d2hpdGUtc3BhY2U6cHJlO3doaXRlLXNwYWNl OnByZS13cmFwOyI+LSZndDs8L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9u dC1mYW1pbHk6J0NvdXJpZXIgTmV3Jztjb2xvcjojYTZhY2NkO2JhY2tncm91bmQtY29sb3I6dHJh bnNwYXJlbnQ7Zm9udC13ZWlnaHQ6NDAwO2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtdmFyaWFudDpu b3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5vbmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7d2hpdGUt c3BhY2U6cHJlO3doaXRlLXNwYWNlOnByZS13cmFwOyI+aG1hYzwvc3Bhbj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTonQ291cmllciBOZXcnO2NvbG9yOiM4OWRkZmY7 YmFja2dyb3VuZC1jb2xvcjp0cmFuc3BhcmVudDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpu b3JtYWw7Zm9udC12YXJpYW50Om5vcm1hbDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1h bGlnbjpiYXNlbGluZTt3aGl0ZS1zcGFjZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij4pXSw8 L3NwYW4+PC9wPg0KICAgICAgICAgICAgPHAgZGlyPSJsdHIiIHN0eWxlPSJsaW5lLWhlaWdodDox LjYyODU3MTQyODU3MTQyODY7YmFja2dyb3VuZC1jb2xvcjojMjkyZDNlO21hcmdpbi10b3A6MHB0 O21hcmdpbi1ib3R0b206MHB0OyI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1m YW1pbHk6J0NvdXJpZXIgTmV3Jztjb2xvcjojZjA3MTc4O2JhY2tncm91bmQtY29sb3I6dHJhbnNw YXJlbnQ7Zm9udC13ZWlnaHQ6NDAwO2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtdmFyaWFudDpub3Jt YWw7dGV4dC1kZWNvcmF0aW9uOm5vbmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7d2hpdGUtc3Bh Y2U6cHJlO3doaXRlLXNwYWNlOnByZS13cmFwOyI+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5i c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6 MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5ldyc7Y29sb3I6Izg5ZGRmZjtiYWNrZ3JvdW5k LWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0OjQwMDtmb250LXN0eWxlOm5vcm1hbDtmb250 LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlvbjpub25lO3ZlcnRpY2FsLWFsaWduOmJhc2Vs aW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFjZTpwcmUtd3JhcDsiPnNpemVvZig8L3NwYW4+ PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6J0NvdXJpZXIgTmV3Jztj b2xvcjojYTZhY2NkO2JhY2tncm91bmQtY29sb3I6dHJhbnNwYXJlbnQ7Zm9udC13ZWlnaHQ6NDAw O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtdmFyaWFudDpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5v bmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7d2hpdGUtc3BhY2U6cHJlO3doaXRlLXNwYWNlOnBy ZS13cmFwOyI+aG1hYzwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZh bWlseTonQ291cmllciBOZXcnO2NvbG9yOiM4OWRkZmY7YmFja2dyb3VuZC1jb2xvcjp0cmFuc3Bh cmVudDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC12YXJpYW50Om5vcm1h bDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGlnbjpiYXNlbGluZTt3aGl0ZS1zcGFj ZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij4tJmd0Ozwvc3Bhbj48c3BhbiBzdHlsZT0iZm9u dC1zaXplOjEwLjVwdDtmb250LWZhbWlseTonQ291cmllciBOZXcnO2NvbG9yOiNhNmFjY2Q7YmFj a2dyb3VuZC1jb2xvcjp0cmFuc3BhcmVudDtmb250LXdlaWdodDo0MDA7Zm9udC1zdHlsZTpub3Jt YWw7Zm9udC12YXJpYW50Om5vcm1hbDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGln bjpiYXNlbGluZTt3aGl0ZS1zcGFjZTpwcmU7d2hpdGUtc3BhY2U6cHJlLXdyYXA7Ij5obWFjPC9z cGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OidDb3VyaWVyIE5l dyc7Y29sb3I6Izg5ZGRmZjtiYWNrZ3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2ZvbnQtd2VpZ2h0 OjQwMDtmb250LXN0eWxlOm5vcm1hbDtmb250LXZhcmlhbnQ6bm9ybWFsO3RleHQtZGVjb3JhdGlv bjpub25lO3ZlcnRpY2FsLWFsaWduOmJhc2VsaW5lO3doaXRlLXNwYWNlOnByZTt3aGl0ZS1zcGFj ZTpwcmUtd3JhcDsiPikpOzwvc3Bhbj48L3A+DQogICAgICAgICAgICAoPGEgbW96LWRvLW5vdC1z ZW5kPSJ0cnVlIiBocmVmPSJodHRwczovL2JpdGJ1Y2tldC5vcmcvb3BlbmhpcC9vcGVuaGlwL3Ny Yy8zNzk3Mjc3NDYzMzc4MzkwNWVjNGY3OTYxZDJhNTQ3NjA5MmVkNTI5L3NyYy9wcm90b2NvbC9o aXBfb3V0cHV0LmMjbGluZXMtMTM3MyI+aHR0cHM6Ly9iaXRidWNrZXQub3JnL29wZW5oaXAvb3Bl bmhpcC9zcmMvMzc5NzI3NzQ2MzM3ODM5MDVlYzRmNzk2MWQyYTU0NzYwOTJlZDUyOS9zcmMvcHJv dG9jb2wvaGlwX291dHB1dC5jI2xpbmVzLTEzNzM8L2E+KTxicj4NCiAgICAgICAgICAgIDxicj4N CiAgICAgICAgICAgIFRoZSBleHByZXNzaW9uIHVzZWQgYXMgaW5kZXggaW50byA8aT5obWFjX21k PC9pPjxpPltdPC9pPg0KICAgICAgICAgICAgc2VlbXMgdG8gYmUgY2FsY3VsYXRlZCBlcnJvbmVv dXNseSwgYXMgPGk+c2l6ZW9mKGhtYWMtJmd0O2htYWMpPC9pPg0KICAgICAgICAgICAgZXZhbHVh dGVzIHRvIDY0IGJ5dGVzIGFuZCA8aT5obWFjX21kX2xlbjwvaT4gaXMgdGhlIG91dHB1dA0KICAg ICAgICAgICAgc2l6ZSBvZiB0aGUgaGFzaCBmdW5jdGlvbiB1c2VkLiBTaW5jZSBTSEEyNTYgZm9y IGV4YW1wbGUNCiAgICAgICAgICAgIHByb2R1Y2VzIDI1NiBiaXRzIC8gOCA9IDMyIGJ5dGVzIGFz IG91dHB1dCwgdGhpcyBjYWxjdWxhdGlvbg0KICAgICAgICAgICAgZXZhbHVhdGVzIHRvIDMyIC0g NjQgPSAtMzIgd2hlbiB0cmVhdGVkIGFzIHNpZ25lZCBpbnRlZ2Vycy4NCiAgICAgICAgICAgIFRo aXMgcmVzdWx0cyBpbiB0aGUgZGF0YSBiZXR3ZWVuIDxpPmhtYWNfbWRbLTMyXTwvaT4gYW5kIDxp PmhtYWNfbWRbMzJdPC9pPg0KICAgICAgICAgICAgYmVpbmcgcmVhZCwgd2hpY2ggcmVhZHMgb3V0 IG9mIGJvdW5kcyBmb3IgdGhlIGFycmF5LiBVc2luZw0KICAgICAgICAgICAgR0RCIHdlIGhhdmUg b2JzZXJ2ZWQgdGhhdCB0aGlzIGNhdXNlcyBvdGhlciB2YWx1ZXMgbG9jYXRlZA0KICAgICAgICAg ICAgb24gdGhlIHN0YWNrIChzdWNoIGFzIDxpPmhtYWNfbWRfbGVuPC9pPikgdG8gYmUgY29waWVk IGludG8NCiAgICAgICAgICAgIDxpPmhtYWMtJmd0O2htYWM8L2k+PGk+LjwvaT4gQWxzbywgcGVy IFJGQyA3NDAxIChISVB2MiksDQogICAgICAgICAgICAmcXVvdDtUaGUgc2l6ZSBvZiB0aGUgSE1B QyBpcyB0aGUgbmF0dXJhbCBzaXplIG9mIHRoZSBoYXNoDQogICAgICAgICAgICBjb21wdXRhdGlv biBvdXRwdXQgZGVwZW5kaW5nIG9uIHRoZSB1c2VkIGhhc2ggZnVuY3Rpb24mcXVvdDsuDQogICAg ICAgICAgICBUaHVzIHRoZXJlIGRvZXMgbm90IHNlZW0gdG8gYmUgYSBuZWVkIHRvIHRydW5jYXRl IHRoaXMgdmFsdWUNCiAgICAgICAgICAgIHRvIDE2MCBiaXRzPyBBdCBsZWFzdCBvbmUgaW1wbGVt ZW50YXRpb24gKDxhIGhyZWY9Imh0dHBzOi8vd3d3LmNyeXB0b3N5cy5uZXQvbWFuYXBpL2FwaV9r bWFjLmh0bWwiIG1vei1kby1ub3Qtc2VuZD0idHJ1ZSI+aHR0cHM6Ly93d3cuY3J5cHRvc3lzLm5l dC9tYW5hcGkvYXBpX2ttYWMuaHRtbDwvYT4pDQogICAgICAgICAgICBvZiB0aGUgS01BQyBmdW5j dGlvbiAodGhhdCB3ZSBoYXZlIGFkZGVkIGFzIGFuIG9wdGlvbiB0bw0KICAgICAgICAgICAgSE1B QykgYWxzbyBzdGF0ZXMgdGhhdCB0aGUgb3V0cHV0IG9mIHRoZSBLTUFDIGZ1bmN0aW9uDQogICAg ICAgICAgICBjYW5ub3QgYmUgdHJ1bmNhdGVkIHdoZW4gdXNlZCBhcyBhIG1lc3NhZ2UgYXV0aGVu dGljYXRpb24NCiAgICAgICAgICAgIGNvZGUuPGJyPg0KICAgICAgICAgICAgPGJyPg0KICAgICAg ICAgIDwvbGk+DQogICAgICAgICAgPGxpPldoZW4gcGFyc2luZyBpbmNvbWluZyBSMSBwYWNrZXRz IChhbmQgcHJvYmFibHkgc29tZSBvdGhlcg0KICAgICAgICAgICAgdHlwZXMgYXMgd2VsbCksIHRo ZSBwZWVyJ3MgSElUIGZyb20gdGhlIHBhY2tldCBzZWVtcyB0byBiZQ0KICAgICAgICAgICAgdmFs aWRhdGVkIGFnYWluc3QgYSBsb2NhbGx5IGNvbXB1dGVkIEhJVCBmcm9tIHRoZSBwZWVyJ3MgSEku DQogICAgICAgICAgICBUaGlzIG9jY3VycyBiZWZvcmUgYW55IHBhcmFtZXRlcnMgb3RoZXIgdGhh biB0aGUgcHV6emxlLA0KICAgICAgICAgICAgaG9zdCBJRCwgYW5kIHNpZ25hdHVyZSBoYXZlIGJl ZW4gcGFyc2VkLiBJbiA8aT5oaXBfcGFyc2VfUjEoKTwvaT4sDQogICAgICAgICAgICA8aT52YWxp ZGF0ZV9oaXQoKTwvaT4gdXNlcyA8aT5oaV90b19oaXQoKTwvaT4gdG8gY29tcHV0ZQ0KICAgICAg ICAgICAgdGhpcyBhbmQgY29tcGFyZXMgdGhlIHJldHVybmVkIHZhbHVlIHRvIHRoZSBvbmUgcmVj ZWl2ZWQNCiAgICAgICAgICAgIGZyb20gdGhlIHBlZXIuIEhvd2V2ZXIsIHNpbmNlIHRoZSBISVRf U1VJVEVfTElTVCBwYXJhbWV0ZXINCiAgICAgICAgICAgIGhhcyBub3QgeWV0IGJlZW4gcGFyc2Vk LCB0aGUgdmFyaWFibGUgPGk+aGlwX2EtJmd0O3BlZXJfaGktJmd0O2hpdF9zdWl0ZV9pZDwvaT4N CiAgICAgICAgICAgIHN0aWxsIGhhcyBpdHMgZGVmYXVsdCB2YWx1ZSBvZiAwLiBUaGVyZSBpcyBh IGZhbGxiYWNrIGluIDxpPmhpX3RvX2hpdCgpPC9pPg0KICAgICAgICAgICAgd2hpY2ggc2lsZW50 bHkgdXNlcyBTSEEyNTYgYXMgdGhlIGhhc2hpbmcgYWxnb3JpdGhtIGZvcg0KICAgICAgICAgICAg Y3JlYXRpbmcgYSBISVQgZnJvbSBhIEhJIGlmIHRoZSBISVQgc3VpdGUgaXMgc2V0IHRvIGFuDQog ICAgICAgICAgICBpbnZhbGlkIHZhbHVlLCB3aGljaCBlbmFibGVzIHRoZSB2ZXJpZmljYXRpb24g dG8gc3VjY2VlZCBpZg0KICAgICAgICAgICAgdGhlIHJlY2VpdmVkIEhJVCBoYXBwZW5zIHRvIGFs c28gYmUgY2FsY3VsYXRlZCB3aXRoIFNIQTI1Ni4NCiAgICAgICAgICAgIE90aGVyIGFsZ29yaXRo bXMgKHN1Y2ggYXMgY1NIQUtFIHdoaWNoIHdlIGFyZSBhZGRpbmcpIHdpbGwNCiAgICAgICAgICAg IGNhdXNlIHRoaXMgdG8gZmFpbCwgYXMgPGk+aGlwX2EtJmd0O3BlZXJfaGktJmd0O2hpdF9zdWl0 ZV9pZDwvaT4NCiAgICAgICAgICAgIGlzIG9ubHkgc2V0IGNvcnJlY3RseSBhZnRlciB0aGUgSElU IGhhcyBiZWVuIHZlcmlmaWVkLiBXZQ0KICAgICAgICAgICAgaGF2ZSB3b3JrZWQgYXJvdW5kIHRo aXMgaXNzdWUgYnkgZmlyc3QgaWdub3JpbmcgYWxsDQogICAgICAgICAgICBwYXJhbWV0ZXJzIG90 aGVyIHRoYW4gdGhlIEhJVF9TVUlURV9MSVNUICh0aHVzIGVuc3VyaW5nIHRoYXQNCiAgICAgICAg ICAgIHRoZSBISVQgc3VpdGUgdmFyaWFibGUgaXMgc2V0IGJlZm9yZSBhbnkgb3RoZXIgcGFyYW1l dGVycw0KICAgICAgICAgICAgYXJlIHBhcnNlZCksIHRoZW4gY29udGludWluZyB3aXRoIHBhcnNp bmcgdGhlDQogICAgICAgICAgICBzaWduYXR1cmUtcmVsYXRlZCBwYXJhbWV0ZXJzIGFuZCBmaW5h bGx5IHRoZSBvdGhlcnMuIElzIHRoaXMNCiAgICAgICAgICAgIGFuIGFjY2VwdGFibGUgc29sdXRp b24gdG8gdGhpcyBwcm9ibGVtPyBUaG9zZSBzaWxlbnQNCiAgICAgICAgICAgIGZhbGxiYWNrcyBz ZWVtIHRvIGNhdXNlIG1vcmUgcHJvYmxlbXMgdGhhdCB0aGV5IHNvbHZlLCBtYXliZQ0KICAgICAg ICAgICAgdGhleSBzaG91bGQgYmUgcmVtb3ZlZCBvciBhdCBsZWFzdCBlbWl0IGEgd2FybmluZyB3 aGVuDQogICAgICAgICAgICB0cmlnZ2VyZWQ/PGJyPg0KICAgICAgICAgICAgPGJyPg0KICAgICAg ICAgIDwvbGk+DQogICAgICAgICAgPGxpPldoYXQgc2hvdWxkIHRoZSBsZW5ndGhzIGZvciB0aGUg a2V5IGFuZCBJViBiZSBmb3INCiAgICAgICAgICAgIFJpdmVyL0xha2UgS2V5YWs/IEl0IHNlZW1z IHRoYXQgdGhlc2UgbGVuZ3RocyBhcmUgdmFyaWFibGUNCiAgICAgICAgICAgIGFuZCBjYW4gYmUg Y2hvc2VuIGF0IHJ1bnRpbWUuPGJyPg0KICAgICAgICAgICAgPGJyPg0KICAgICAgICAgIDwvbGk+ DQogICAgICAgICAgPGxpPlRoZXJlIGRvZXMgbm90IHNlZW0gdG8gYmUgYW55IHN1cHBvcnQgZm9y IEVkRFNBMjU1MTlwaCBvcg0KICAgICAgICAgICAgRWREU0E0NDhwaCBpbiBPcGVuU1NMLCBhbmQg d2UgY2Fubm90IGZpbmQgYW55IEMNCiAgICAgICAgICAgIGltcGxlbWVudGF0aW9ucyBmcm9tIGEg cmVwdXRhYmxlIHNvdXJjZS4gV291bGQgaXQgYmUgT0sgaWYNCiAgICAgICAgICAgIHdlIGhlbGQg b2ZmIG9uIGFkZGluZyB0aGVzZSBmb3IgdGhlIHRpbWUgYmVpbmc/IEVkRFNBMjU1MTkNCiAgICAg ICAgICAgIGFuZCBFZERTQTQ0OCBhcmUgaW1wbGVtZW50ZWQgaW4gT3BlblNTTCAxLjEuMSBhbmQg c2VlbSB0bw0KICAgICAgICAgICAgd29yayBmb3IgdXNlIGluIE9wZW5ISVAuPGJyPg0KICAgICAg ICAgICAgPGJyPg0KICAgICAgICAgIDwvbGk+DQogICAgICAgICAgPGxpPkluIHNlY3Rpb24gNiBv ZiA8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9pZC9kcmFmdC1tb3Nrb3dpdHotaGlwLW5l dy1jcnlwdG8tMDUuaHRtbCIgbW96LWRvLW5vdC1zZW5kPSJ0cnVlIj5odHRwczovL3d3dy5pZXRm Lm9yZy9pZC9kcmFmdC1tb3Nrb3dpdHotaGlwLW5ldy1jcnlwdG8tMDUuaHRtbDwvYT4sDQogICAg ICAgICAgICB0aGVyZSBpcyBhIGNvbW1lbnQgYWJvdXQgaG93IFNIQUtFLCBjU0hBS0Ugb3IgS01B QyBjb3VsZCBiZQ0KICAgICAgICAgICAgdXNlZCBhcyBhIHBzZXVkby1yYW5kb20gZ2VuZXJhdG9y LiBTaG91bGQgd2UgZG8gc29tZXRoaW5nDQogICAgICAgICAgICB3aXRoIHRoaXMgaW5mb3JtYXRp b24sIG9yIGlzIGl0IGp1c3QgdGhlcmUgZm9yIGZ1dHVyZQ0KICAgICAgICAgICAgcmVmZXJlbmNl PyBJc24ndCByYW5kb21uZXNzIHVzdWFsbHkgaGFuZGxlZCBieSB0aGUga2VybmVsDQogICAgICAg ICAgICBzaW5jZSBpdCBoYXMgYWNjZXNzIHRvIGhpZ2hlci1xdWFsaXR5IGVudHJvcHkgc291cmNl cywgYW5kDQogICAgICAgICAgICBpZiBzbywgaXMgdGhlcmUgYW55IHBsYWNlIGluIHRoZSBPcGVu SElQIGNvZGUgd2hlcmUgaXQgd291bGQNCiAgICAgICAgICAgIGJlIGJlbmVmaWNpYWwgdG8gdXNl IFNIQUtFL2NTSEFLRS9LTUFDIGZvciB0aGlzIHB1cnBvc2U/PGJyPg0KICAgICAgICAgICAgPGJy Pg0KICAgICAgICAgIDwvbGk+DQogICAgICAgICAgPGxpPlNob3VsZCB0aGUgbmV3IGVuY3J5cHRp b24tIGFuZCBzaWduYXR1cmUgYWxnb3JpdGhtcyB3ZSBhcmUNCiAgICAgICAgICAgIGFkZGluZyBi ZSB1c2VkIGFzIGRlZmF1bHQgaW4gT3BlbkhJUCBvciBqdXN0IGJlIGF2YWlsYWJsZSBhcw0KICAg ICAgICAgICAgYSBjb21tYW5kIGxpbmUgb3B0aW9uPyA8YnI+DQogICAgICAgICAgICA8YnI+DQog ICAgICAgICAgPC9saT4NCiAgICAgICAgICA8bGk+KFRoaXMgaXMgbW9zdGx5IGEgbWlub3IgdGhp bmcpIFdoZW4gd2UgYXJlIGFkZGluZyBLTUFDIGFzDQogICAgICAgICAgICBhbiBhbHRlcm5hdGl2 ZSB0byBITUFDLCBpcyBpdCBwcm9wZXIgdG8gcHV0IHRoaXMgaW50byBhDQogICAgICAgICAgICBm dW5jdGlvbiBjYWxsZWQgPGk+YnVpbGRfdGx2XzxiPmhtYWM8L2I+KCk8L2k+PyBTZWVpbmcgYXMN CiAgICAgICAgICAgIHRoaXMgZnVuY3Rpb24gd2lsbCB0aGVuIHNvbWV0aW1lcyBjYWxjdWxhdGUg YSBITUFDIGFuZCBvdGhlcg0KICAgICAgICAgICAgdGltZXMgYSBLTUFDLCBzaG91bGQgaXQgYmUg cmVuYW1lZCB0byA8aT5idWlsZF90bHZfbWFjKCk8L2k+Pw0KICAgICAgICAgICAgT3Igd2lsbCBp dCBiZSBsZXNzIGludHJ1c2l2ZSB0byBvdGhlcnMgKHRoYXQgbWlnaHQgYmUgdXNlZA0KICAgICAg ICAgICAgdG8gdGhlIG5hbWUpIHRvIG5vdCBjaGFuZ2UgaXQgZXZlbiB0aG91Z2ggdGhlIG5hbWUg bWlnaHQgYmUNCiAgICAgICAgICAgIG1pc2xlYWRpbmc/IE9yIHNob3VsZCB3ZSBhZGQgYSBuZXcg ZnVuY3Rpb24gY2FsbGVkIDxpPmJ1aWxkX3Rsdl9rbWFjKCk8L2k+Pw0KICAgICAgICAgICAgKEFs dGhvdWdoIHRoaXMgbWlnaHQgbGVhZCB0byBhIGxvdCBvZiBzd2l0Y2gtY2FzZSBzdGF0ZW1lbnRz DQogICAgICAgICAgICBldmVyeXdoZXJlIHRoYXQgPGk+YnVpbGRfdGx2X2htYWMoKTwvaT4gaXMg Y2FsbGVkKTwvbGk+DQogICAgICAgIDwvb2w+DQogICAgICAgIDxicj4NCiAgICAgIDwvZGl2Pg0K ICAgIDwvZGl2Pg0KICA8L2JvZHk+DQo8L2h0bWw+DQo= --------------917B974972E36C0426F4AA2A-- From nobody Wed Oct 14 13:30:07 2020 Return-Path: X-Original-To: hipsec@ietfa.amsl.com Delivered-To: hipsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 420723A1051 for ; Wed, 14 Oct 2020 13:30:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=temperednetworks.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n4TY605vZyN8 for ; Wed, 14 Oct 2020 13:30:04 -0700 (PDT) Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam08on2072.outbound.protection.outlook.com [40.107.100.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 128983A1050 for ; Wed, 14 Oct 2020 13:30:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cdOL/o7TjIeVPlW1pcdJKz0fBhkQihb22qNvnDkzRO5qxMDUVzW57YeCVuJkQKwoUwnqzDB8bhsvkdHQ2zRhfflMvANMx6K50PmdDTOexOlF8nVFMCnBQR1IECROIbIb0fsaQ8gzqDmUGzwyKoHN8tBEnZ2uaFyqyvnAEDESsHKuaFUMgDuqUWk4/KdKG27/toioHDcAFGz2V26FrEQpQI/hrjhIoISBc18ABLK+EwQQhS2FTS0PoGd6SbbZs1yfgfEJqQOKOHC/vICJDNy90TKNCXiczN6WhfTlGsYjg2ICDFmyaJiOtiy0tO7ujhHRXBp2Ivavbv1KNS8YMSttaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hpaTS8joeoiD9hktCQOcwK38uHJt0kV0n5vHAcDvhFk=; b=FllS31y+bTW/J3s/EB3ax6s1qfbnDObMjE5c5KF2fzWnyx5f4ozRWqs00qVPKAnxUr+4RbQDe2ZQXfNY0Cjuhw6L67U3z3s6VqFpQWVnjy0frbe8G/RPSVBp1TDjokKtOUlEYLcufOAtjJPdZ6G66HCE36kRS8lTxs0qBpFXO3BnHL8dxvDaT+0HBvgxico4FTwxD99Ms20S+uUmTpJTuW3+L2M43dyYCUZyI5ywFeIb2BGW4QDA2wjxtFB2mnEuK/aC7alAnB2dEXRmUoS8g9IPn44cZPt4q47W8w5TWBxJOPri1yhPGwZ3TjtKQBn4mx5bv+W4Crb5gkQJCSNMww== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=tempered.io; dmarc=pass action=none header.from=tempered.io; dkim=pass header.d=tempered.io; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TemperedNetworks.onmicrosoft.com; s=selector1-TemperedNetworks-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hpaTS8joeoiD9hktCQOcwK38uHJt0kV0n5vHAcDvhFk=; b=TZmn+FrLAINKuJfUcEeE1LBbou1t2UY3PwdSX8CKsP4SQXMG1zU74z0M2odcMuxN0X94U3MoauAjr7Rzt9HO1mEztK/ufEXQUGiBLTnMq29xaImhRwGOPcnFU8nejqh08GG7ChW0w2q23BKu/zmWjqHbWKJj36YJLlF4/QddvoU= Received: from MWHPR22MB0974.namprd22.prod.outlook.com (2603:10b6:300:132::14) by MWHPR22MB0509.namprd22.prod.outlook.com (2603:10b6:300:fe::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3455.25; Wed, 14 Oct 2020 20:30:00 +0000 Received: from MWHPR22MB0974.namprd22.prod.outlook.com ([fe80::dcd8:f714:7f98:56aa]) by MWHPR22MB0974.namprd22.prod.outlook.com ([fe80::dcd8:f714:7f98:56aa%11]) with mapi id 15.20.3477.020; Wed, 14 Oct 2020 20:29:59 +0000 From: Jeff Ahrenholz To: Andrei Gurtov , "hipsec@ietf.org" Thread-Topic: Implementation questions from students Thread-Index: AQHWoW2xXP7Ry03/oECEe3FISYkr/KmXGV0A Date: Wed, 14 Oct 2020 20:29:59 +0000 Message-ID: <522C0841-12D8-44CF-937C-EC45197E7C90@tempered.io> References: <58faed1c-5758-f597-8633-519b81dbc923@student.liu.se> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: liu.se; dkim=none (message not signed) header.d=none;liu.se; dmarc=none action=none header.from=tempered.io; x-originating-ip: [73.254.156.159] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d9a914b9-c503-473b-e7d6-08d8707fec2a x-ms-traffictypediagnostic: MWHPR22MB0509: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 6EWHLANDSOcfgm/nyjWf3apobVDl0ne7k6zwZMYqB0d7zm/UC+nTwJcJvmpuZkZLItL67M/Ig8OhIrt70OTMBcpahctAxwVXVUYx4DAIAi4dYsHKb60935tUbmeLEagnju/R9COaoNVnKXTKAah1wMvE/JioLFS+vOkJJpcSt+ioKY/l+uJAcQ50YraOwtiYMrBDzO1jdVc2RaW67Jyu2GIrJAhfLTJWwRamBN7Yeo9kfK4jyhz2AcDfJGRM8dHpZUH/ZerdmvCpG4AhuMeabzL1ngb9KoHNg0K4K6y6ZEyKolQKYiBw8j0Nt845xzQ0a1GCMA44IwVMFJblGlWGGSmMW7KFGsDKCNYZhlKVkbHNadxrbNC8aC0DAOrPbcl17xYu981SPZx0wgVGul0Jtg== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MWHPR22MB0974.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(396003)(136003)(346002)(39830400003)(366004)(316002)(110136005)(478600001)(296002)(76116006)(36756003)(6486002)(26005)(64756008)(66476007)(5660300002)(186003)(71200400001)(66946007)(2616005)(66556008)(66446008)(6506007)(86362001)(83080400001)(8936002)(6512007)(8676002)(33656002)(3480700007)(2906002)(83380400001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: i6Nt/c+rPLXOVdOcfy6298bYH1RW1Upqp87mdR+ym2Riivks6v/4z8h/05njEQ4GqyoOvZPQtULxxPEU6SyxYUNtHbR7IZ1UMoJf3VAEgiV+99s3vyJG8PLFkm4KT77PhakJmm0bipeFRejwtHh6TINt7Mywwg0U+N7PmA5AOiiM/YS+KRk3oleGIhg/SGXt6TmXjFttjXw63gznrlmkmpag//PE+RqckzlaWVBHvFJeT6qiMVmmsFk27uhnYVpG+rz0K5O+ezP951cFORYA9njSwniAYa91VEavjLyHmt9HsW1hjtj4UbBXyP/WHRDFpY0Cx9SKiNKicsqOClpL52PPtRK0IoGjmkLbBu42MhStSdov+OeX0kjgjS68L76QmVvEE/IVCn2SZ8tv52mKJtC+fMV0dsGhC/8oW1AvEJElP+SfpN1AfRdejmwRRMkNLNRSDXDc33T16wtFoUN2EzrPSZeKGY/Wl+bTUcHqOMaCQse7W3Sb40z2VUBJmyYzA1K0zmW7WHFV5ebOieRfzfXqzPWkHCaXNxjxVKHP6nGhaUU5Y3qM/I6wbAx5KHAWt9Py7lWto9UQqIWbxF/gjxPkYa3gmWyMkiWJl6GBmYhPstV6C/nRqTUgK+WnHqun9y/Zy2IOGj0dblhc4+564w== x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="utf-8" Content-ID: <07CC53C865F2954BA9C240295E925FFE@namprd22.prod.outlook.com> Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: tempered.io X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MWHPR22MB0974.namprd22.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d9a914b9-c503-473b-e7d6-08d8707fec2a X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Oct 2020 20:29:59.5818 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 0816e7af-ac4a-4e9e-ae57-e5f50bdac4dd X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: XEU47sFYEZoHZWL3SQMctNIjLAWWt3gCKyQ5xTyTpCDPRSWhR+R5U0zt3gn6nZWxHqmNbcec8gpmGhyjRRaYCw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR22MB0509 Archived-At: Subject: Re: [Hipsec] Implementation questions from students X-BeenThere: hipsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Oct 2020 20:30:06 -0000 SGkgQW5kcmVpIGV0IGFsLiwNCg0KU29tZSBpbmxpbmUgY29tbWVudHMgYmVsb3cuLi4NCg0KPiBX ZSBoYWQgc29tZSBxdWVzdGlvbnMgYWJvdXQgdGhlIEhJUCBwcm9qZWN0IHRoYXQgeW91IGNvdWxk IHBlcmhhcHMgZm9yd2FyZCB0byB0aGUgY29ycmVjdCBwZXJzb246DQo+IDEuIEluIHRoZSBmdW5j dGlvbiBidWlsZF90bHZfaG1hYygpIGluIHNyYy9wcm90b2NvbC9oaXBfb3V0cHV0LmMsIHRoZXJl IGlzIHRoZSBmb2xsb3dpbmcgYml0IG9mIGNvZGU6DQo+IC8qIGdldCBsb3dlciAxNjAtYml0cyBv ZiBITUFDIGNvbXB1dGF0aW9uICovDQo+wqBtZW1jcHkoIGhtYWMtPmhtYWMsDQo+wqDCoMKgwqDC oMKgwqDCoMKgJmhtYWNfbWRbaG1hY19tZF9sZW4gLSBzaXplb2YoaG1hYy0+aG1hYyldLA0KPsKg wqDCoMKgwqDCoMKgwqDCoHNpemVvZihobWFjLT5obWFjKSk7DQoNCldlIGN1cnJlbnRseSB1c2Ug dGhlIEhNQUMoKSBmdW5jdGlvbiB3cml0aW5nIGRpcmVjdGx5IGludG8gdGhlIFRMViBidWZmZXIu IFdlJ3JlIG5vdCB0cnVuY2F0aW5nIHRoZSBvdXRwdXQgaGFzaCB3aGVuIHVzaW5nIEFFUy0yNTYu DQoNCj4gQWxzbywgcGVyIFJGQyA3NDAxIChISVB2MiksICJUaGUgc2l6ZSBvZiB0aGUgSE1BQyBp cyB0aGUgbmF0dXJhbCBzaXplIG9mIA0KPiB0aGUgaGFzaCBjb21wdXRhdGlvbiBvdXRwdXQgZGVw ZW5kaW5nIG9uIHRoZSB1c2VkIGhhc2ggZnVuY3Rpb24iLiBUaHVzIA0KPiB0aGVyZSBkb2VzIG5v dCBzZWVtIHRvIGJlIGEgbmVlZCB0byB0cnVuY2F0ZSB0aGlzIHZhbHVlIHRvIDE2MCBiaXRzPw0K PiAgQXQgbGVhc3Qgb25lIGltcGxlbWVudGF0aW9uIChodHRwczovL3d3dy5jcnlwdG9zeXMubmV0 L21hbmFwaS9hcGlfa21hYy5odG1sKQ0KPiBvZiB0aGUgS01BQyBmdW5jdGlvbiAodGhhdCB3ZSBo YXZlIGFkZGVkIGFzIGFuIG9wdGlvbiB0byBITUFDKSBhbHNvIHN0YXRlcw0KPiB0aGF0IHRoZSBv dXRwdXQgb2YgdGhlIEtNQUMgZnVuY3Rpb24gY2Fubm90IGJlIHRydW5jYXRlZCB3aGVuIHVzZWQg YXMgYSBtZXNzYWdlIGF1dGhlbnRpY2F0aW9uIGNvZGUuDQoNClRoaXMgbGlrZWx5IHN0ZW1zIGZy b20gdGhlIG9yaWdpbmFsIFJGQyA1MjAxIC8gUkZDIDUyMDIgcmVxdWlyZWQgYWxnb3JpdGhtcy4g WW91J3JlIGNvcnJlY3QsIHdpdGggQUVTLTI1NiBhbmQgb3RoZXJzIHlvdSBkbyBub3QgbmVlZCB0 byB0cnVuY2F0ZSB0aGUgb3V0cHV0IGhhc2guIEFsdGhvdWdoIHRoYXQgaXMgYWxsb3dlZCBieSBv bGQgUkZDcyBzdWNoIGFzIFJGQyAyMTA0Lg0KDQo+IFRoZXJlIGlzIGEgZmFsbGJhY2sgaW4gaGlf dG9faGl0KCkgd2hpY2ggc2lsZW50bHkgdXNlcyBTSEEyNTYgYXMNCj4gdGhlIGhhc2hpbmcgYWxn b3JpdGhtIGZvciBjcmVhdGluZyBhIEhJVCBmcm9tIGEgSEkgaWYgdGhlIEhJVCBzdWl0ZSANCj4g aXMgc2V0IHRvIGFuIGludmFsaWQgdmFsdWUsIHdoaWNoIGVuYWJsZXMgdGhlIHZlcmlmaWNhdGlv biB0byBzdWNjZWVkIA0KLi4uDQo+IFdlIGhhdmUgd29ya2VkIGFyb3VuZCB0aGlzIGlzc3VlIGJ5 IGZpcnN0IGlnbm9yaW5nIGFsbCBwYXJhbWV0ZXJzIA0KPiBvdGhlciB0aGFuIHRoZSBISVRfU1VJ VEVfTElTVCAodGh1cyBlbnN1cmluZyB0aGF0IHRoZSBISVQgc3VpdGUgDQo+IHZhcmlhYmxlIGlz IHNldCBiZWZvcmUgYW55IG90aGVyIHBhcmFtZXRlcnMgYXJlIHBhcnNlZCksIHRoZW4gY29udGlu dWluZw0KPiB3aXRoIHBhcnNpbmcgdGhlIHNpZ25hdHVyZS1yZWxhdGVkIHBhcmFtZXRlcnMgYW5k IGZpbmFsbHkgdGhlIG90aGVycy4gDQo+IElzIHRoaXMgYW4gYWNjZXB0YWJsZSBzb2x1dGlvbiB0 byB0aGlzIHByb2JsZW0/IFRob3NlIHNpbGVudCBmYWxsYmFja3MgDQo+IHNlZW0gdG8gY2F1c2Ug bW9yZSBwcm9ibGVtcyB0aGF0IHRoZXkgc29sdmUsIG1heWJlIHRoZXkgc2hvdWxkIGJlIHJlbW92 ZWQNCj4gb3IgYXQgbGVhc3QgZW1pdCBhIHdhcm5pbmcgd2hlbiB0cmlnZ2VyZWQ/DQoNClllcywg SSB0aGluayB5b3Ugc2hvdWxkIHJlbW92ZSB0aGUgc2lsZW50IGZhbGxiYWNrLg0KDQpZb3Ugc2hv dWxkIGJlIGFibGUgdG8gdXNlIHRoZSBPR0EgSUQgZmllbGQgb2YgdGhlIEhJVCBpbiBvcmRlciB0 byB2YWxpZGF0ZSB0aGUgSElULg0KRnJvbSBSRkMgNzQwMSBzZWN0aW9uIDMuMToNCg0KIiAgT25l IG9mIHRoZXNlDQogICBtZWFzdXJlcyBhbGxvd3MgZGlmZmVyZW50IGhhc2ggZnVuY3Rpb25zIGZv ciBjcmVhdGluZyBhIEhJVC4gIEhJVA0KICAgU3VpdGVzIGdyb3VwIHRoZSBzZXRzIG9mIGFsZ29y aXRobXMgdGhhdCBhcmUgcmVxdWlyZWQgdG8gZ2VuZXJhdGUgYW5kDQogICB1c2UgYSBwYXJ0aWN1 bGFyIEhJVC4gIFRoZSBTdWl0ZXMgYXJlIGVuY29kZWQgaW4gSElUIFN1aXRlIElEcy4NCiAgIFRo ZXNlIEhJVCBTdWl0ZSBJRHMgYXJlIHRyYW5zbWl0dGVkIGluIHRoZSBPUkNISUQgR2VuZXJhdGlv bg0KICAgQWxnb3JpdGhtIChPR0EpIGZpZWxkIGluIHRoZSBPUkNISUQuICBXaXRoIHRoZSBISVQg U3VpdGUgSUQgaW4gdGhlDQogICBPR0EgSUQgZmllbGQsIGEgaG9zdCBjYW4gdGVsbCwgZnJvbSBh bm90aGVyIGhvc3QncyBISVQsIHdoZXRoZXIgaXQNCiAgIHN1cHBvcnRzIHRoZSBuZWNlc3Nhcnkg aGFzaCBhbmQgc2lnbmF0dXJlIGFsZ29yaXRobXMgdG8gZXN0YWJsaXNoIGENCiAgIEhJUCBhc3Nv Y2lhdGlvbiB3aXRoIHRoYXQgaG9zdC4iDQoNClRoZSBISVRfU1VJVEVfTElTVCBUTFYgaXMgdXNl ZCB0byBsaXN0IHRoZSBzdXBwb3J0ZWQgSElUIFNVSVRFIElEcy4NCg0KU2VlIFJGQyA3NDAxIHNl Y3Rpb24gNS4yLjEwIGFyb3VuZCB0aGlzIHRleHQ6DQoNCiIgICBUaGUgSUQgZmllbGQgaW4gdGhl IEhJVF9TVUlURV9MSVNUIGlzIGRlZmluZWQgYXMgYW4gZWlnaHQtYml0IGZpZWxkLA0KICAgYXMg b3Bwb3NlZCB0byB0aGUgZm91ci1iaXQgSElUIFN1aXRlIElEIGFuZCBPR0EgSUQgZmllbGQgaW4g dGhlDQogICBPUkNISUQuIg0KDQpJIGRvbid0IHRoaW5rIHlvdSBzaG91bGQgcGFyc2UgdGhlIEhJ VF9TVUlURV9MSVNUIHdoZW4gdmFsaWRhdGluZyB0aGUgSElULg0KDQo+IFNlZWluZyBhcyB0aGlz IGZ1bmN0aW9uIHdpbGwgdGhlbiBzb21ldGltZXMgY2FsY3VsYXRlIGEgSE1BQyBhbmQgb3RoZXIN Cj4gdGltZXMgYSBLTUFDLCBzaG91bGQgaXQgYmUgcmVuYW1lZCB0byBidWlsZF90bHZfbWFjKCk/ IE9yIHdpbGwgaXQgYmUNCj4gbGVzcyBpbnRydXNpdmUgdG8gb3RoZXJzICh0aGF0IG1pZ2h0IGJl IHVzZWQgdG8gdGhlIG5hbWUpIHRvIG5vdA0KPiBjaGFuZ2UgaXQgZXZlbiB0aG91Z2ggdGhlIG5h bWUgbWlnaHQgYmUgbWlzbGVhZGluZz8gDQoNClRoZSBuZXcgbmFtZSBidWlsZF90bHZfbWFjKCkg c291bmRzIGdvb2QuDQoNCnJlZ2FyZHMsDQotSmVmZg0KDQoNCg==