From nobody Mon Jul 3 16:25:14 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B481812955F for ; Mon, 3 Jul 2017 16:25:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fCzCxSubfkQf for ; Mon, 3 Jul 2017 16:25:11 -0700 (PDT) Received: from mail-wr0-x22b.google.com (mail-wr0-x22b.google.com [IPv6:2a00:1450:400c:c0c::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8829131769 for ; Mon, 3 Jul 2017 16:25:10 -0700 (PDT) Received: by mail-wr0-x22b.google.com with SMTP id k67so240231351wrc.2 for ; Mon, 03 Jul 2017 16:25:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=1juSREXyPb6JxriOAi4/hpB4NGmOqiGa06g+SBvub7A=; b=mbmoYOLgPqAZcA8du5BUVU0FCgo8/Xw76SY87Jx1BfXSg+3TpNavd8L0Rpg12qp3eL acTHgRzZyPMwWzJIfOHjsEj505oRbDcEAYz4X5RmWf4WK1y8od7k8qckj1tbwlOJMBQ+ RnH7PNiFctXAECHTwmd3etdtKZybPEDN1SwXIggCgH5244cilyEE1G7YnKnsJvqjXJdy ABSnH91r1loaHwqYX0ODSt1wEgnE2yXwlgVdI3Vn7msQ3CoW6XQx8h0EVH+dJTZE+96s xjEC21YH7OIhCGGMOM9f6kGriH6YZ7sUN4fVHpcgZZcZphVN2vmEPBXxtw+VWlxZvftl DoRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=1juSREXyPb6JxriOAi4/hpB4NGmOqiGa06g+SBvub7A=; b=uTnER2VlrltrqUnyJboTuUi/0QGWHvMbmS+1R2YWItm6+qvwPF66xNVWMaIFx0iTqk 37cAy0/ElahXlzhk7pWVmyc3sOOx5EMSsKVbPTPm33YDLIiUzHhboVKWHMATpnKC/Rhf 8bzoWTCvpFA7mAO+tlacSwnqZDwFIfc1XPCLtSlzcvQIoR6T0KHbAg9tBtGfeFFNNXsK ea1rYn47CteTZ4hiZB6m0i7uanqGTiCIl1ighE1qSFQ4xv20916ue1sczGvOeCkAmBwU +8lMxPtha1LyzZcWJfbu5ylRlV959ee/0dsipMNbkrB4MuW0ojoxtpvYKG7XozBiVMEF UJpg== X-Gm-Message-State: AKS2vOzZeGor+LJ6pgapPgOl885m9qySzxqlHvJUnTX52f9MJPEtxgdH C5QzNQD1l/QahKR9bH7CyMNrypbZV1hB X-Received: by 10.223.176.119 with SMTP id g52mr34643598wra.26.1499124309156; Mon, 03 Jul 2017 16:25:09 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.170.152 with HTTP; Mon, 3 Jul 2017 16:25:08 -0700 (PDT) From: tjw ietf Date: Mon, 3 Jul 2017 19:25:08 -0400 Message-ID: To: ideas@ietf.org Content-Type: multipart/mixed; boundary="001a113cae76ec03f10553721394" Archived-At: Subject: [Ideas] Draft Agenda for IETF99 X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jul 2017 23:25:13 -0000 --001a113cae76ec03f10553721394 Content-Type: multipart/alternative; boundary="001a113cae76ec03ee0553721392" --001a113cae76ec03ee0553721392 Content-Type: text/plain; charset="UTF-8" Hi We've uploaded the initial agenda for IETF99. Please take a look and make sure we didn't miss any requests. We'll flesh this out over the coming days. https://datatracker.ietf.org/doc/agenda-99-ideas/ thanks and we look forward to some interesting discussions your chairs, Tim Wicinski Brian Haberman --001a113cae76ec03ee0553721392 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi

We've uploaded the in= itial agenda for IETF99. Please take a look and make sure we didn't mis= s any requests. We'll flesh this out over the coming days.=C2=A0
<= div>

https://datatracker.ietf.org/doc/agenda-99-ideas/<= /div>

thanks and we look forward to some interesting dis= cussions

your chairs,

Tim= Wicinski
Brian Haberman
--001a113cae76ec03ee0553721392-- --001a113cae76ec03f10553721394 Content-Type: text/plain; charset="US-ASCII"; name="ideas-ietf99-agenda.txt" Content-Disposition: attachment; filename="ideas-ietf99-agenda.txt" Content-Transfer-Encoding: base64 X-Attachment-Id: f_j4orvyiu0 IyMgSURlbnRpdHkgRW5hYmxlZCBOZXR3b3JrcyAoSURFQXMpIEJvRgojIElFVEYgOTksIFByYWd1 ZQoKIyMjIERhdGU6IDE5IEp1bHkgMjAxNwojIyMgVGltZTogMTM6MzAtMTU6MDAgQ0VTVAojIyMg Um9vbTogQ29uZ3Jlc3MgSGFsbCBJSQojIyMgQ2hhaXJzOiBUaW0gV2ljaW5za2kgPHRqdy5pZXRm QGdtYWlsLmNvbT4KIyMjIENoYWlyczogQnJpYW4gSGFiZXJtYW4gPGJyaWFuQGlubm92YXRpb25z bGFiLm5ldD4KCklFU0cgT3ZlcmxvcmQ6ICBBbHZhcm8gUmV0YW5hIDxhcmV0YW5hQGNpc2NvLmNv bT4KCltEYXRhVHJhY2tlcl0oaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy93Zy9pZGVhcy9k b2N1bWVudHMvKQoKLS0tCiMgQWdlbmRhCiMjICBBZ2VuZGEgQmFzaGluZywgQmx1ZSBTaGVldHMs IGV0YywgIDEwIG1pbgoKIyMgV2h5IEFyZSBXZSBIZXJlPywgMTAgbWluCgojIyBkcmFmdC1wYWRt YS1pZGVhcy1wcm9ibGVtLXN0YXRlbWVudCwgUGlsbGF5LUVzbmF1bHQgMTUgbWluCmh0dHBzOi8v ZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0LXBhZG1hLWlkZWFzLXByb2JsZW0tc3RhdGVt ZW50LwoKIyMgIElkZW50aXRpZXMgYW5kIElkZW50aWZpZXJzIGZvciBJT04gYW5kIHRoZSBJRVRG LCBNb3Nrb3dpdHosIDVtaW4KCiMjIEhvc3QgSWRlbnRpdHkgUHJvdG9jb2xzIG9uIElkZW50aXR5 IGFuZCBNQVBpbmcsIE1vc2tvd2l0eiwgMTBtaW4KCiMjIGRyYWZ0LXh5ei1pZGVhcy1nYXAtYW5h bHlzaXMsIDE1bWluCmh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0LXh5ei1p ZGVhcy1nYXAtYW5hbHlzaXMvCgojIyBOZXh0IFN0ZXBzLCAzMCBtaW51dGVzCgojIyMgQ2hhcnRl cj8KCg== --001a113cae76ec03f10553721394-- From nobody Tue Jul 4 13:48:45 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0ECC5131834 for ; Tue, 4 Jul 2017 13:48:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, RCVD_IN_SORBS_SPAM=0.5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KazZ1Si9juGm for ; Tue, 4 Jul 2017 13:48:42 -0700 (PDT) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08C3F131821 for ; Tue, 4 Jul 2017 13:48:41 -0700 (PDT) Received: from [192.168.1.26] ([95.174.184.130]) by mrelayeu.kundenserver.de (mreue005 [212.227.15.167]) with ESMTPSA (Nemesis) id 0LaYSx-1e8NbM2fs7-00mMnX for ; Tue, 04 Jul 2017 22:48:40 +0200 From: "Dirk Kutscher" To: ideas@ietf.org Date: Tue, 04 Jul 2017 22:48:31 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed; markup=markdown Content-Transfer-Encoding: 8bit X-Mailer: MailMate (1.9.6r5347) X-Provags-ID: V03:K0:9cX47JHY6QPfZAOFZkLae1jUWK2n4S20DRMods0mvXMoiMQotok vPZX05jM5c/8JZgyPJBDWpOYzY6n/9yyFqdhQMmvLWxoKPJdFQCXeslMBJx4/ATqRXpflGX uTQ4fqsbBJ+7txDnEilvGZea25gf4kFe/63ihJFd66qut70hFjhtCqvohSm/acnqtA1au1k YKmZrylP9mbBvm+334Ukg== X-UI-Out-Filterresults: notjunk:1;V01:K0:vaZL100s9D4=:kjFBAveyjhnwJTrC3MVtpc EnGNgEuujD+Tghm7wrPRC1XWU5183lLqq3HxzcABxuSIwNolT9MZYAIudnYp4+Rjz2cIyhys8 XuJ0uwJzqxlVMMCkIy123z7hF1PfM9ja/TCTijsqRkorud9tY6ZbGYRG9vrXZukBZNVbi1UWa If5/RwT5HGXhhSPwphGUcn71Z30HRa78IMeW2p8KsfqTaT03H2Afm+mjPF7uwbX1zc68fKv8x DizfPJZoQrMR1WgzaEH4LDs5I1OfrQqLxfp8fznXHzyBS7xgRxsEjP6AJ6kKBO1l0VJU+6CGh BMourpJDi7w7kAQ5hqp6V9dFsHdTfhFSNqsEQ13sJIWEsvQgDjKX6VUYdqSAomFLgu2peMn6l KC3KItj3gskuarDqWSdS3gbHtOKmtjTKMPy0A3BFiLJwc20YPijLV2qLh82zZTD82BZJrNFas TPiXb47Z11iG5/0j4+UidlD4EWFlRu6clJPbVAb8iQMjbViicuZoNTZAgock0OWpKiK7p8zw2 El5i6CyfJpo7zZQVlukDxkoPzqazuL5i8J1dsRM+OtYytBcevzaB2clW9mmVvecU03F4xObtm +ld5jVjwTT7ozf3EdDPJlyQ40dTO7/kije6qe2RVRLH9kx7zKOHNNFCuWRopt59R8QWpZ4AcJ n1Y+XKihdUJ+Fzm23wXhhWdNVLqBRznwyWoB0euUsSfcghjbFpDWviGcCI7SyCwIg8rN1gqBS 4d+c7MQwcGF9MBBA Archived-At: Subject: [Ideas] Side meeting on Distributed Internet Infrastructure at IETF-99 X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Jul 2017 20:48:44 -0000 [This might be related to some of the ideas in IDEAS — apologies if you receive it more than once] Hi all, we are holding another side meeting on Distributed Internet Infrastructure at IETF-99. We had some good discussions with interested folks in and outside the IRTF in the past months and thought that it might be a good time now to try to start a more structured activity in the IRTF. The scope would be “Distributed Internet Infrastructure”, I.e., applying distributed ledger technologies (such as blockchain, but not limited to it) to Internet technologies, for example to decentralized name registries, identity management, decentralized web etc. We have some people looking at the topic from different angles, i.e., IoT, decentralized web, Internet architecture and think that there is an interesting and potentially very productive scope we could work in the IRTF. The meeting to discuss this will be a side meeting on Monday, July 17, 18:50 to 20:50 in the Tyrolka room of the Hilton hotel (meeting hotel). The agenda (as of current planning): 1) Background and Purpose 2) Selected Use Cases and Related Efforts - Decentralized OAuth - IoT - COALA.global 3) Ledger Technology 4) Next steps, RG Formation We’ll post agenda details, updated etc. on https://trac.ietf.org/trac/irtf/wiki/blockchain-federation Let us know in case you have any question or are interested to get involved! Best regards, Dirk (on behalf of co-organizers) From nobody Wed Jul 5 06:36:16 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 190AE131D0A for ; Wed, 5 Jul 2017 06:36:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.202 X-Spam-Level: X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BysXQUky8tuI for ; Wed, 5 Jul 2017 06:36:12 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F4CB131D11 for ; Wed, 5 Jul 2017 06:36:12 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 6D4DE615D8 for ; Wed, 5 Jul 2017 09:36:10 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 7p6TzvnpMRC0 for ; Wed, 5 Jul 2017 09:36:03 -0400 (EDT) Received: from lx120e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id A9EB16093E for ; Wed, 5 Jul 2017 09:36:03 -0400 (EDT) To: ideas@ietf.org From: Robert Moskowitz Message-ID: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> Date: Wed, 5 Jul 2017 09:35:59 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 13:36:15 -0000 Disclaimer: I had a hand in edits to this version, though I am not listed in the Ack section. In particular I pushed for "Common Infrastructure", not "Common Control Plane". We have been talking a lot about Identity and Identifier and metadata. One of the tasks of this workgroup (and charter item) needs to be data modeling of what is intended to be stored/available. Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on why NOT LDAP or some other mature xyz data store access protocol. I start with LDAP as there is actually a fit, and the various server implementations are very mature with good, secure, backends and data replication tools. It is time to start thinking charter. The problem statement, gap analysis, and use cases is barely a start. What the group is going to DO is focus now. So I propose two work items: Common Infrastructure data modeling (and someone other than me can do it in YANG). Common Infrastructure protocol requirements with a subsection on LDAP comparision. Bob From nobody Wed Jul 5 07:02:52 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 286EF128CF0 for ; Wed, 5 Jul 2017 07:02:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ijyXd9J0ruUx for ; Wed, 5 Jul 2017 07:02:50 -0700 (PDT) Received: from mail-pf0-x235.google.com (mail-pf0-x235.google.com [IPv6:2607:f8b0:400e:c00::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50D2B128AB0 for ; Wed, 5 Jul 2017 07:02:50 -0700 (PDT) Received: by mail-pf0-x235.google.com with SMTP id c73so130269352pfk.2 for ; Wed, 05 Jul 2017 07:02:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=S16n1UeD8sbD7CeE9ZwyewmErEB8JVbEgsEw+xOLRho=; b=UvxxlZ/XdCZFW3cjyjSrOvT8vxh4QaRYWSchGrDjCHFsnn3Gn0MKuw7PXYlbibcO7w fQnEYBmMc18WMiR6BTOkHcgaGZvQ8+DYlJxceJP86Z3sT2GPUcA0nkaDJ7thtjFmNjS5 VebeLvxkg/IXEJOVXJHKdl9e2Hxhbh2Eeq60dgX4RGGfI/SpIcgIqpIrPEehY7vV0pkh pQ2smwF6gzM2jz7VlsLkHw+bPMDHXAiHeiIhU3zQG3UimvYluPCDehp3XpTa9nX1Bd+z 7ClvLbmDkr4alBT5q39BJD+zS5PO4KIbIQFeQjz9AyWp/XPv9lfPl+l7rFPrr6wOHxud L+fw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=S16n1UeD8sbD7CeE9ZwyewmErEB8JVbEgsEw+xOLRho=; b=S8NZL8vf30MxUApPkUUlcO3lnW3/dkQdv63QNvGd53FN7ssYy6f5T6AHnsYnQ1vCm/ +AT20gb1Iu14IY2QK142/FSDJglPVuIyCaUO6567RrKygj88sdZ5PvskVRFDr2s+S+df KukTixMbd8qPRDphE6cXHLWe1gpTTDo0ZQQPLK5WEDrAo/hTMd+WtLXf6SAqK/2g2WZr VimWBApr4A3WEzly9wgcGpWqF7BMZNCQOhbvaNdE9tYEiJdNANuCUwaHsKVtN0rOtUgc GJpXLkZM9I81jGGckrUJcKf2C6Y3uo21LMqyC6PPLb4lBOw6j2IfG8LKuU/dp15PC/vM n72A== X-Gm-Message-State: AIVw110FIg3sN5xDq4uu5fwUoYTMF+k/z5KDy96aqH18NOH7XboWunGT Qr5fgIKogagrQutWjf8= X-Received: by 10.99.114.19 with SMTP id n19mr21001628pgc.81.1499263369427; Wed, 05 Jul 2017 07:02:49 -0700 (PDT) Received: from [192.168.1.3] (c-73-70-190-41.hsd1.ca.comcast.net. [73.70.190.41]) by smtp.gmail.com with ESMTPSA id 68sm51566485pfi.69.2017.07.05.07.02.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Jul 2017 07:02:48 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) From: Padma Pillay-Esnault X-Mailer: iPhone Mail (14F89) In-Reply-To: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> Date: Wed, 5 Jul 2017 07:02:47 -0700 Cc: ideas@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: <0F5AA781-C551-4311-BCE3-01A117614FC2@gmail.com> References: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> To: Robert Moskowitz Archived-At: Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 14:02:52 -0000 Hi Bob Sent from my iPhone > On Jul 5, 2017, at 06:35, Robert Moskowitz wrot= e: >=20 > Disclaimer: I had a hand in edits to this version, though I am not listed= in the Ack section. In particular I pushed for "Common Infrastructure", no= t "Common Control Plane". See contributors section. >=20 > We have been talking a lot about Identity and Identifier and metadata. On= e of the tasks of this workgroup (and charter item) needs to be data modelin= g of what is intended to be stored/available. >=20 Agree > Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on why NOT= LDAP or some other mature xyz data store access protocol. I start with LDA= P as there is actually a fit, and the various server implementations are ver= y mature with good, secure, backends and data replication tools. >=20 > It is time to start thinking charter. The problem statement, gap analysis= , and use cases is barely a start. What the group is going to DO is focus n= ow. >=20 > So I propose two work items: >=20 > Common Infrastructure data modeling (and someone other than me can do it i= n YANG). > Common Infrastructure protocol requirements with a subsection on LDAP comp= arision. >=20 So we will need some volunteers to work on this Padma > Bob >=20 >=20 > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas From nobody Wed Jul 5 07:05:36 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF3D513208D for ; Wed, 5 Jul 2017 07:05:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SLnrodugZnyc for ; Wed, 5 Jul 2017 07:05:32 -0700 (PDT) Received: from mail-wr0-x231.google.com (mail-wr0-x231.google.com [IPv6:2a00:1450:400c:c0c::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5157913208B for ; Wed, 5 Jul 2017 07:05:32 -0700 (PDT) Received: by mail-wr0-x231.google.com with SMTP id 77so263756786wrb.1 for ; Wed, 05 Jul 2017 07:05:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=2nhDopJVYllRw7IbiDFhPXQlbJtJkUgwpCdgHG6Fmxo=; b=kLOTZFPQYgLO6NbPIOn4Z9+EPJcbCwBZgU9p/6HPOoZSaa0VNjAP1unEKu1iznmrjR bJOwRdanZqcHJiOD9U+Q9RepZAg8E5HNmyh26MCgXZdirR0NOqjCJalE5Nik84iTe8DF 9tq3OLfGYWVgLyXL8Bfam3pFldL4j1VtB+IL+S2fk3wyPBmL7QBSWtCpMpxO5jRue+1i B6Qu/m95MONowxKb8IhZimU4i4GoFDDkolgWBftwAL2jLFxJkCJ0QkQTvxYDlWTVmXqb PZGQOilGSUWNfHyCUk7KM8g4Ruy1tvD95L1498gXjWVilm+/WcPifNfDfRq7pIEaEYUh r0kQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=2nhDopJVYllRw7IbiDFhPXQlbJtJkUgwpCdgHG6Fmxo=; b=tmM4XthW6rIm0oIj2jZVx/NPr1tGr0I/Fr3vraTQ99Dlurt0o7vgQEU1pn+tvG3CYU h/Cq+p3lXfWY9nZ1LMe0Hgk9zildOdUr9j8FMioRIb95fzJpnlimtBPLiBvVnD5q+2XM h0Qd9G/GMUdKH8SGMGo0kIaza+Zzb/rbN3lkO3HGOWLnzgXmL0C/xynVfMDMqVeKPY+J nGPo25aQOGQ66ULjNNwQVVrikZ0jI+WPv2Mvz5n5f7VzplGWlfXA9nlwvXJ/E1UqrS9r 5JxafEMGTIoYdYCdeH4/mzqVbgrjT4sxqVCJMzJMwtIR8MXHvrFN+ZRTMZKa4NgHZNng oFnQ== X-Gm-Message-State: AKS2vOwXmk6IwEkl7zlMYYmC9Dds0+JSbRSesq6za5eG0olSsX7pSvf9 sViWIwgLCzRyZoDvGPNNF1m75JtC7g== X-Received: by 10.223.151.44 with SMTP id r41mr38399186wrb.6.1499263530832; Wed, 05 Jul 2017 07:05:30 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.170.152 with HTTP; Wed, 5 Jul 2017 07:05:30 -0700 (PDT) In-Reply-To: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> References: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> From: tjw ietf Date: Wed, 5 Jul 2017 10:05:30 -0400 Message-ID: To: Robert Moskowitz Cc: ideas@ietf.org Content-Type: multipart/alternative; boundary="f403045f576e2e1d4a0553927e7f" Archived-At: Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 14:05:35 -0000 --f403045f576e2e1d4a0553927e7f Content-Type: text/plain; charset="UTF-8" Bob! Brian and I had chatted briefly about charter direction and we wanted to hear some of the discussions during the session. And that's what they pay us the big bucks for! But I have to agree with your plan of attack. If we could give some guidance: - work on the problem statement and gap analysis but don't invest larger cycles of time on them. - requirements are good to capture, but we will shy away from turning them into published documents as they will change over time - some discussion on LDAP is very necessary as the code base has gotten quite mature. tim On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz wrote: > Disclaimer: I had a hand in edits to this version, though I am not listed > in the Ack section. In particular I pushed for "Common Infrastructure", > not "Common Control Plane". > > > We have been talking a lot about Identity and Identifier and metadata. > One of the tasks of this workgroup (and charter item) needs to be data > modeling of what is intended to be stored/available. > > Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on why NOT > LDAP or some other mature xyz data store access protocol. I start with > LDAP as there is actually a fit, and the various server implementations are > very mature with good, secure, backends and data replication tools. > > It is time to start thinking charter. The problem statement, gap > analysis, and use cases is barely a start. What the group is going to DO > is focus now. > > So I propose two work items: > > Common Infrastructure data modeling (and someone other than me can do it > in YANG). > Common Infrastructure protocol requirements with a subsection on LDAP > comparision. > > Bob > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > --f403045f576e2e1d4a0553927e7f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Bob!

Brian and I had chatted briefly ab= out charter direction and we wanted to hear some of the discussions during = the session. And that's what they pay us the big bucks for!
<= br>
But I have to agree with your plan of attack.=C2=A0 If we cou= ld give some guidance:=C2=A0

- work on the pro= blem statement and gap analysis but don't invest larger cycles of time = on them. =C2=A0

- requirements are good to capture= , but we will shy away from turning them into published documents as they w= ill change over time

- some discussion on LDAP is = very necessary as the code base has gotten quite mature.

tim

On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz <= ;rgm-ietf@htt= -consult.com> wrote:
Discla= imer:=C2=A0 I had a hand in edits to this version, though I am not listed i= n the Ack section.=C2=A0 In particular I pushed for "Common Infrastruc= ture", not "Common Control Plane".


We have been talking a lot about Identity and Identifier and metadata.=C2= =A0 One of the tasks of this workgroup (and charter item) needs to be data = modeling of what is intended to be stored/available.

Further there needs to be Yet Another Gap Analysis (YAGA?=C2=A0 :) ) on why= NOT LDAP or some other mature xyz data store access protocol.=C2=A0 I star= t with LDAP as there is actually a fit, and the various server implementati= ons are very mature with good, secure, backends and data replication tools.=

It is time to start thinking charter.=C2=A0 The problem statement, gap anal= ysis, and use cases is barely a start.=C2=A0 What the group is going to DO = is focus now.

So I propose two work items:

Common Infrastructure data modeling (and someone other than me can do it in= YANG).
Common Infrastructure protocol requirements with a subsection on LDAP compa= rision.

Bob


_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas

--f403045f576e2e1d4a0553927e7f-- From nobody Wed Jul 5 07:16:22 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEC57129B37 for ; Wed, 5 Jul 2017 07:16:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n7S1qDAS1BvM for ; Wed, 5 Jul 2017 07:16:18 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB225131609 for ; Wed, 5 Jul 2017 07:16:17 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id E4610620B9; Wed, 5 Jul 2017 10:16:16 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 8eJLwYd0cSqV; Wed, 5 Jul 2017 10:16:09 -0400 (EDT) Received: from lx120e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id CEEA862067; Wed, 5 Jul 2017 10:16:08 -0400 (EDT) To: tjw ietf References: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> Cc: ideas@ietf.org From: Robert Moskowitz Message-ID: <1788bf20-2ee5-c2fd-0108-ff4b2b779848@htt-consult.com> Date: Wed, 5 Jul 2017 10:16:06 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------C4FD8A562DF2B074A8DBEDC8" Archived-At: Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 14:16:20 -0000 This is a multi-part message in MIME format. --------------C4FD8A562DF2B074A8DBEDC8 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Tim, Well it seems I got an upgrade to contributing to the problem statement. I missed that in the last go around hours before the draft cutoff. Thanks Padma. I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'. Plus the data model to see if it can fit into an LDAP schema. Of course we could always go with DAP instead for richer policy control and distributed data support! (was it actually 20 years ago that I worked on this stuff? yikes!) Bob On 07/05/2017 10:05 AM, tjw ietf wrote: > Bob! > > Brian and I had chatted briefly about charter direction and we wanted > to hear some of the discussions during the session. And that's what > they pay us the big bucks for! > > But I have to agree with your plan of attack. If we could give some > guidance: > > - work on the problem statement and gap analysis but don't invest > larger cycles of time on them. > > - requirements are good to capture, but we will shy away from turning > them into published documents as they will change over time > > - some discussion on LDAP is very necessary as the code base has > gotten quite mature. > > tim > > On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz > > wrote: > > Disclaimer: I had a hand in edits to this version, though I am not > listed in the Ack section. In particular I pushed for "Common > Infrastructure", not "Common Control Plane". > > > We have been talking a lot about Identity and Identifier and > metadata. One of the tasks of this workgroup (and charter item) > needs to be data modeling of what is intended to be stored/available. > > Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on > why NOT LDAP or some other mature xyz data store access protocol. > I start with LDAP as there is actually a fit, and the various > server implementations are very mature with good, secure, backends > and data replication tools. > > It is time to start thinking charter. The problem statement, gap > analysis, and use cases is barely a start. What the group is going > to DO is focus now. > > So I propose two work items: > > Common Infrastructure data modeling (and someone other than me can > do it in YANG). > Common Infrastructure protocol requirements with a subsection on > LDAP comparision. > > Bob > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > > > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas --------------C4FD8A562DF2B074A8DBEDC8 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit Tim,

Well it seems I got an upgrade to contributing to the problem statement. I missed that in the last go around hours before the draft cutoff. Thanks Padma.

I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'. Plus the data model to see if it can fit into an LDAP schema.

Of course we could always go with DAP instead for richer policy control and distributed data support! (was it actually 20 years ago that I worked on this stuff? yikes!)

Bob

On 07/05/2017 10:05 AM, tjw ietf wrote:
Bob!

Brian and I had chatted briefly about charter direction and we wanted to hear some of the discussions during the session. And that's what they pay us the big bucks for!

But I have to agree with your plan of attack. If we could give some guidance:

- work on the problem statement and gap analysis but don't invest larger cycles of time on them.

- requirements are good to capture, but we will shy away from turning them into published documents as they will change over time

- some discussion on LDAP is very necessary as the code base has gotten quite mature.

tim

On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz <rgm-ietf@htt-consult.com> wrote:
Disclaimer: I had a hand in edits to this version, though I am not listed in the Ack section. In particular I pushed for "Common Infrastructure", not "Common Control Plane".


We have been talking a lot about Identity and Identifier and metadata. One of the tasks of this workgroup (and charter item) needs to be data modeling of what is intended to be stored/available.

Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on why NOT LDAP or some other mature xyz data store access protocol. I start with LDAP as there is actually a fit, and the various server implementations are very mature with good, secure, backends and data replication tools.

It is time to start thinking charter. The problem statement, gap analysis, and use cases is barely a start. What the group is going to DO is focus now.

So I propose two work items:

Common Infrastructure data modeling (and someone other than me can do it in YANG).
Common Infrastructure protocol requirements with a subsection on LDAP comparision.

Bob


_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas



_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas

--------------C4FD8A562DF2B074A8DBEDC8-- From nobody Wed Jul 5 08:46:10 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90D7F131D56 for ; Wed, 5 Jul 2017 08:46:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B-IB9ounNfID for ; Wed, 5 Jul 2017 08:46:06 -0700 (PDT) Received: from mail-wr0-x236.google.com (mail-wr0-x236.google.com [IPv6:2a00:1450:400c:c0c::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB2B213164D for ; Wed, 5 Jul 2017 08:46:05 -0700 (PDT) Received: by mail-wr0-x236.google.com with SMTP id c11so265437854wrc.3 for ; Wed, 05 Jul 2017 08:46:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=9jL567SHn5Qgzp5vIbMGigzhDIIyjHkqi4nre4Z9A4E=; b=dFPnJ9NXSZ7wByp27MLyP3ewKLuym3SIWA38OiyobFQLzHvx9t3nn87C9SSiNchalt 66+PwWshnsPwfN1bc9diSMkJ8xr9x7X436akpglpha7ppO8jxVRhtYaICU51Vgygfwiq ZAfiHWdKoHpf93dq8p6z2TElNXQPbDyKhzW4XfI7KmoEbP7kUUlRGRUZrgc4waTkfHPX OJ/JrS5Eg0/UN3vp+CKmDCFL4Jtz8cZQOl2aTejLqsageniWAxjgbFvdoE8kprMDhJuw nkcrtWvUvhLX4FTmREwCwVmn+SsnyB1ZjTx1yN1Al3bKD6MhD2KjTNu2mYNJ+gn0sxYS eQNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=9jL567SHn5Qgzp5vIbMGigzhDIIyjHkqi4nre4Z9A4E=; b=NUDWTRVu4TSbTOD7w1LfGrWRnLup3RO2nrzKJXKb1HjKcleVyy5Hu7Ws93NSrmbmm7 O/Bf1rin1pOX4U0JfoPAEyz5O5B0tfHQ6tvbx/mM3/7EKbhU11a5SGNxH3YHlT8PZMqZ D0Oky2qWoYotGzeSbYthNzH938UkUYANHKdUYzLCcwbg0KR4R0LvwPbFw3ikfI1kM9Zm WXE97bo03G24WgF67bWAXE4eMVwy2HFRHsmi9qMrJe8H+wq4A9T3dYc43DIVkaKsV0Cx OjR1Fz1K7e7CnZanXgXScKNK9SqqWP2tDHeNtmAkKt1DaOpilUVjK8oOs2dtOJvULQ86 /GCQ== X-Gm-Message-State: AKS2vOwb3vqArj505kk90BtRPYsUNK6KDzGDPqt6aedF6WnXLpOVmEAy 3K07Kccw/Z1J+QexbU14Qk4lXZ8TRA== X-Received: by 10.223.177.129 with SMTP id q1mr39689790wra.82.1499269564297; Wed, 05 Jul 2017 08:46:04 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.167.8 with HTTP; Wed, 5 Jul 2017 08:46:03 -0700 (PDT) In-Reply-To: <149911647393.22848.9693360578120873017.idtracker@ietfa.amsl.com> References: <149911647393.22848.9693360578120873017.idtracker@ietfa.amsl.com> From: Padma Pillay-Esnault Date: Wed, 5 Jul 2017 08:46:03 -0700 Message-ID: To: ideas@ietf.org Content-Type: multipart/alternative; boundary="f403045e7c7acd798f055393e511" Archived-At: Subject: [Ideas] Fwd: New Version Notification for draft-padma-ideas-problem-statement-03.txt X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 15:46:08 -0000 --f403045e7c7acd798f055393e511 Content-Type: text/plain; charset="UTF-8" FYI ---------- Forwarded message ---------- From: Date: Mon, Jul 3, 2017 at 2:14 PM Subject: New Version Notification for draft-padma-ideas-problem-statement-03.txt To: Axel Nennker , Padma Pillay-Esnault < padma.ietf@gmail.com>, Mohamed Boucadair , Giuseppe Fioccola , Christian Jacquenet A new version of I-D, draft-padma-ideas-problem-statement-03.txt has been successfully submitted by Padma Pillay-Esnault and posted to the IETF repository. Name: draft-padma-ideas-problem-statement Revision: 03 Title: Problem Statement for Identity Enabled Networks Document date: 2017-07-03 Group: Individual Submission Pages: 12 URL: https://www.ietf.org/internet-drafts/draft-padma-ideas- problem-statement-03.txt Status: https://datatracker.ietf.org/doc/draft-padma-ideas-problem- statement/ Htmlized: https://tools.ietf.org/html/draft-padma-ideas-problem- statement-03 Htmlized: https://datatracker.ietf.org/doc/html/draft-padma-ideas- problem-statement-03 Diff: https://www.ietf.org/rfcdiff?url2=draft-padma-ideas- problem-statement-03 Abstract: This problem statement examines how existing protocols that separate identifiers from their location may benefit from the concept of identity. The proposal laid out herein advocates for a standardized identity/identifier network infrastructure that provides a framework to support identity services in addition to enhancing existing identifier/location mapping and resolution services. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat --f403045e7c7acd798f055393e511 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
FYI

--------= -- Forwarded message ----------
From: = <internet= -drafts@ietf.org>
Date: Mon, Jul 3, 2017 at 2:14 PM
Sub= ject: New Version Notification for draft-padma-ideas-problem-statement-03.t= xt
To: Axel Nennker <axel.= nennker@telekom.de>, Padma Pillay-Esnault <padma.ietf@gmail.com>, Mohamed Boucadair <mohamed.boucadair@orange.com= >, Giuseppe Fioccola <giuseppe.fioccola@telecomitalia.it>, Christian Jacquenet <= christian.jacquenet@orang= e.com>



A new version of I-D, draft-padma-ideas-problem-statement-03.txt
has been successfully submitted by Padma Pillay-Esnault and posted to the IETF repository.

Name:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0draft-padma-ideas-problem-statement
Revision:=C2=A0 =C2=A0 =C2=A0 =C2=A003
Title:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Problem Statement for Identity Ena= bled Networks
Document date:=C2=A0 2017-07-03
Group:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Individual Submission
Pages:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 12
URL:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 https://www.ietf.org/internet-drafts/draft-pa= dma-ideas-problem-statement-03.txt
Status:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0https://datatracker.ietf.org/doc/draft-padma-ideas-problem= -statement/
Htmlized:=C2=A0 =C2=A0 =C2=A0 =C2=A0https://tools.ietf.org/html/draft-padma-ideas-problem-statement= -03
Htmlized:=C2=A0 =C2=A0 =C2=A0 =C2=A0https://datatracker.ietf.org/doc/html/draft-padma-ideas-problem-statement-03
Diff:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0https://www.ietf.org/rfcdiff?url2=3Ddraft-padma-id= eas-problem-statement-03

Abstract:
=C2=A0 =C2=A0This problem statement examines how existing protocols that se= parate
=C2=A0 =C2=A0identifiers from their location may benefit from the concept o= f
=C2=A0 =C2=A0identity.=C2=A0 The proposal laid out herein advocates for a s= tandardized
=C2=A0 =C2=A0identity/identifier network infrastructure that provides a fra= mework
=C2=A0 =C2=A0to support identity services in addition to enhancing existing=
=C2=A0 =C2=A0identifier/location mapping and resolution services.




Please note that it may take a couple of minutes from the time of submissio= n
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat


--f403045e7c7acd798f055393e511-- From nobody Wed Jul 5 10:24:11 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C69D131D94 for ; Wed, 5 Jul 2017 10:24:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.22 X-Spam-Level: X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MNQPiXnia3j9 for ; Wed, 5 Jul 2017 10:24:08 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49B6A131DA6 for ; Wed, 5 Jul 2017 10:24:06 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DQM19003; Wed, 05 Jul 2017 17:24:04 +0000 (GMT) Received: from SJCEML703-CHM.china.huawei.com (10.208.112.39) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 5 Jul 2017 18:23:38 +0100 Received: from SJCEML702-CHM.china.huawei.com ([169.254.4.142]) by SJCEML703-CHM.china.huawei.com ([169.254.5.136]) with mapi id 14.03.0301.000; Wed, 5 Jul 2017 10:23:34 -0700 From: Alexander Clemm To: "ideas@ietf.org" Thread-Topic: New Version Notification for draft-clemm-ideas-ipfix-00.txt Thread-Index: AdL1s0QY8DSFKrl3TlWl2sYFJSgbQA== Date: Wed, 5 Jul 2017 17:23:33 +0000 Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0C059E@SJCEML702-CHM.china.huawei.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.48.121] Content-Type: multipart/alternative; boundary="_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C059ESJCEML702CHMchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090202.595D20B4.0106, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.142, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 36434b8df6faaacf8bd793494041c86a Archived-At: Subject: [Ideas] FYI: New Version Notification for draft-clemm-ideas-ipfix-00.txt X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 17:24:10 -0000 --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C059ESJCEML702CHMchi_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGVsbG8gYWxsLA0KRllJLCB0aGlzIGlzIGEgZHJhZnQgdGhhdCBwcm9wb3NlcyBJUEZJWCBleHRl bnNpb25zIGZvciBuZXcgSW5mb3JtYXRpb24gRWxlbWVudHMgdGhhdCB3b3VsZCBiZSBhc3NvY2lh dGVkIHdpdGggSWRlbnRpdHktRW5hYmxlZCBOZXR3b3Jrcy4NCi0tLSBBbGV4DQotLS0tLS0tLS0t IEZvcndhcmRlZCBtZXNzYWdlIC0tLS0tLS0tLS0NCkZyb206IDxpbnRlcm5ldC1kcmFmdHNAaWV0 Zi5vcmc8bWFpbHRvOmludGVybmV0LWRyYWZ0c0BpZXRmLm9yZz4+DQpEYXRlOiBNb24sIEp1bCAz LCAyMDE3IGF0IDU6MzMgUE0gLTA3MDANClN1YmplY3Q6IE5ldyBWZXJzaW9uIE5vdGlmaWNhdGlv biBmb3IgZHJhZnQtY2xlbW0taWRlYXMtaXBmaXgtMDAudHh0DQpUbzogIlBhZG1hIFBpbGxheS1F c25hdWx0IiA8cGFkbWEuaWV0ZkBnbWFpbC5jb208bWFpbHRvOnBhZG1hLmlldGZAZ21haWwuY29t Pj4sICJBbGV4YW5kZXIgQ2xlbW0iIDxsdWR3aWdAY2xlbW0ub3JnPG1haWx0bzpsdWR3aWdAY2xl bW0ub3JnPj4NCg0KDQoNCg0KQSBuZXcgdmVyc2lvbiBvZiBJLUQsIGRyYWZ0LWNsZW1tLWlkZWFz LWlwZml4LTAwLnR4dA0KDQpoYXMgYmVlbiBzdWNjZXNzZnVsbHkgc3VibWl0dGVkIGJ5IEFsZXhh bmRlciBDbGVtbSBhbmQgcG9zdGVkIHRvIHRoZQ0KDQpJRVRGIHJlcG9zaXRvcnkuDQoNCg0KDQpO YW1lOiAgICAgICAgICBkcmFmdC1jbGVtbS1pZGVhcy1pcGZpeA0KDQpSZXZpc2lvbjogICAgICAw MA0KDQpUaXRsZTogICAgICAgICBJbmZvcm1hdGlvbiBFbGVtZW50cyBmb3IgSWRlbnRpdHktRW5h YmxlZCBOZXR3b3Jrcw0KDQpEb2N1bWVudCBkYXRlOiAyMDE3LTA3LTAzDQoNCkdyb3VwOiAgICAg ICAgIEluZGl2aWR1YWwgU3VibWlzc2lvbg0KDQpQYWdlczogICAgICAgICA4DQoNClVSTDogICAg ICAgICAgICBodHRwczovL3d3dy5pZXRmLm9yZy9pbnRlcm5ldC1kcmFmdHMvZHJhZnQtY2xlbW0t aWRlYXMtaXBmaXgtMDAudHh0DQoNClN0YXR1czogICAgICAgICBodHRwczovL2RhdGF0cmFja2Vy LmlldGYub3JnL2RvYy9kcmFmdC1jbGVtbS1pZGVhcy1pcGZpeC8NCg0KSHRtbGl6ZWQ6ICAgICAg IGh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1jbGVtbS1pZGVhcy1pcGZpeC0wMA0K DQpIdG1saXplZDogICAgICAgaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvaHRtbC9k cmFmdC1jbGVtbS1pZGVhcy1pcGZpeC0wMA0KDQoNCg0KDQoNCkFic3RyYWN0Og0KDQogICBUaGlz IGRvY3VtZW50IGRlZmluZXMgYSBzZXQgb2YgbmV3IEluZm9ybWF0aW9uIEVsZW1lbnRzIHJlbGF0 ZWQgdG8NCg0KICAgSWRlbnRpdHktRW5hYmxlZCBOZXR3b2tzLiAgVGhlIEluZm9ybWF0aW9uIEVs ZW1lbnRzIGFyZSB1c2VkIGJ5IHRoZQ0KDQogICBJUCBGbG93IEluZm9ybWF0aW9uIEV4cG9ydCAo SVBGSVgpIHByb3RvY29sIHRvIGV4cG9ydCBmbG93IGRhdGENCg0KICAgY29udGFpbmluZyBpZGVu dGl0eS1yZWxhdGVkIGluZm9ybWF0aW9uLg0KDQoNCg0KDQoNCg0KDQoNCg0KUGxlYXNlIG5vdGUg dGhhdCBpdCBtYXkgdGFrZSBhIGNvdXBsZSBvZiBtaW51dGVzIGZyb20gdGhlIHRpbWUgb2Ygc3Vi bWlzc2lvbg0KDQp1bnRpbCB0aGUgaHRtbGl6ZWQgdmVyc2lvbiBhbmQgZGlmZiBhcmUgYXZhaWxh YmxlIGF0IHRvb2xzLmlldGYub3JnLg0KDQoNCg0KVGhlIElFVEYgU2VjcmV0YXJpYXQNCg0KDQo= --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C059ESJCEML702CHMchi_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy IDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDb25zb2xhczsNCglwYW5vc2UtMToyIDEx IDYgOSAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWws IGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0 b206LjAwMDFwdDsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcg Um9tYW4iLHNlcmlmO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXBy aW9yaXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQph OnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5 Ojk5Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnByZQ0K CXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkhUTUwgUHJlZm9ybWF0 dGVkIENoYXIiOw0KCW1hcmdpbjowaW47DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQt c2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6IkNvdXJpZXIgTmV3Ijt9DQpzcGFuLkhUTUxQcmVm b3JtYXR0ZWRDaGFyDQoJe21zby1zdHlsZS1uYW1lOiJIVE1MIFByZWZvcm1hdHRlZCBDaGFyIjsN Cgltc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkhUTUwgUHJlZm9ybWF0 dGVkIjsNCglmb250LWZhbWlseTpDb25zb2xhczt9DQpzcGFuLkVtYWlsU3R5bGUxOQ0KCXttc28t c3R5bGUtdHlwZTpwZXJzb25hbC1yZXBseTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1z ZXJpZjsNCgljb2xvcjojMUY0OTdEO30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBl OmV4cG9ydC1vbmx5Ow0KCWZvbnQtc2l6ZToxMC4wcHQ7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJ e3NpemU6OC41aW4gMTEuMGluOw0KCW1hcmdpbjoxLjBpbiAxLjBpbiAxLjBpbiAxLjBpbjt9DQpk aXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29yZFNlY3Rpb24xO30NCi0tPjwvc3R5bGU+PCEtLVtp ZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWRlZmF1bHRzIHY6ZXh0PSJlZGl0IiBzcGlkbWF4 PSIxMDI2IiAvPg0KPC94bWw+PCFbZW5kaWZdLS0+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8 bzpzaGFwZWxheW91dCB2OmV4dD0iZWRpdCI+DQo8bzppZG1hcCB2OmV4dD0iZWRpdCIgZGF0YT0i MSIgLz4NCjwvbzpzaGFwZWxheW91dD48L3htbD48IVtlbmRpZl0tLT4NCjwvaGVhZD4NCjxib2R5 IGxhbmc9IkVOLVVTIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIj4NCjxkaXYgY2xhc3M9Ildv cmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWJvdHRvbTox Mi4wcHQiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0Nh bGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5IZWxsbyBhbGwsPG86cD48L286 cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1ib3R0b206 MTIuMHB0Ij48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtD YWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+RllJLCB0aGlzIGlzIGEgZHJh ZnQgdGhhdCBwcm9wb3NlcyBJUEZJWCBleHRlbnNpb25zIGZvciBuZXcgSW5mb3JtYXRpb24gRWxl bWVudHMgdGhhdCB3b3VsZCBiZSBhc3NvY2lhdGVkIHdpdGggSWRlbnRpdHktRW5hYmxlZCBOZXR3 b3Jrcy4mbmJzcDsNCjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi IHN0eWxlPSJtYXJnaW4tYm90dG9tOjEyLjBwdCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4w cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5 N0QiPi0tLSBBbGV4PG86cD48L286cD48L3NwYW4+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjEyLjBwdCI+LS0tLS0tLS0tLSBGb3J3YXJkZWQg bWVzc2FnZSAtLS0tLS0tLS0tPGJyPg0KRnJvbTogJmx0OzxhIGhyZWY9Im1haWx0bzppbnRlcm5l dC1kcmFmdHNAaWV0Zi5vcmciPmludGVybmV0LWRyYWZ0c0BpZXRmLm9yZzwvYT4mZ3Q7PGJyPg0K RGF0ZTogTW9uLCBKdWwgMywgMjAxNyBhdCA1OjMzIFBNIC0wNzAwPGJyPg0KU3ViamVjdDogTmV3 IFZlcnNpb24gTm90aWZpY2F0aW9uIGZvciBkcmFmdC1jbGVtbS1pZGVhcy1pcGZpeC0wMC50eHQ8 YnI+DQpUbzogJnF1b3Q7UGFkbWEgUGlsbGF5LUVzbmF1bHQmcXVvdDsgJmx0OzxhIGhyZWY9Im1h aWx0bzpwYWRtYS5pZXRmQGdtYWlsLmNvbSI+cGFkbWEuaWV0ZkBnbWFpbC5jb208L2E+Jmd0Oywg JnF1b3Q7QWxleGFuZGVyIENsZW1tJnF1b3Q7ICZsdDs8YSBocmVmPSJtYWlsdG86bHVkd2lnQGNs ZW1tLm9yZyI+bHVkd2lnQGNsZW1tLm9yZzwvYT4mZ3Q7PGJyPg0KPGJyPg0KPG86cD48L286cD48 L3A+DQo8ZGl2Pg0KPHByZT48bzpwPiZuYnNwOzwvbzpwPjwvcHJlPg0KPHByZT5BIG5ldyB2ZXJz aW9uIG9mIEktRCwgZHJhZnQtY2xlbW0taWRlYXMtaXBmaXgtMDAudHh0PG86cD48L286cD48L3By ZT4NCjxwcmU+aGFzIGJlZW4gc3VjY2Vzc2Z1bGx5IHN1Ym1pdHRlZCBieSBBbGV4YW5kZXIgQ2xl bW0gYW5kIHBvc3RlZCB0byB0aGU8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5JRVRGIHJlcG9zaXRv cnkuPG86cD48L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjxwcmU+ TmFtZTombmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsgZHJhZnQtY2xlbW0taWRlYXMtaXBmaXg8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT5SZXZpc2lv bjombmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgMDA8bzpwPjwvbzpwPjwvcHJlPg0KPHBy ZT5UaXRsZTombmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsg SW5mb3JtYXRpb24gRWxlbWVudHMgZm9yIElkZW50aXR5LUVuYWJsZWQgTmV0d29ya3M8bzpwPjwv bzpwPjwvcHJlPg0KPHByZT5Eb2N1bWVudCBkYXRlOiAyMDE3LTA3LTAzPG86cD48L286cD48L3By ZT4NCjxwcmU+R3JvdXA6Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7IEluZGl2aWR1YWwgU3VibWlzc2lvbjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlBhZ2Vz OiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA4PG86cD48 L286cD48L3ByZT4NCjxwcmU+VVJMOiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8YSBocmVmPSJodHRwczovL3d3dy5pZXRm Lm9yZy9pbnRlcm5ldC1kcmFmdHMvZHJhZnQtY2xlbW0taWRlYXMtaXBmaXgtMDAudHh0Ij5odHRw czovL3d3dy5pZXRmLm9yZy9pbnRlcm5ldC1kcmFmdHMvZHJhZnQtY2xlbW0taWRlYXMtaXBmaXgt MDAudHh0PC9hPjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlN0YXR1czombmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgPGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJh Y2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtY2xlbW0taWRlYXMtaXBmaXgvIj5odHRwczovL2RhdGF0 cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1jbGVtbS1pZGVhcy1pcGZpeC88L2E+PG86cD48L286 cD48L3ByZT4NCjxwcmU+SHRtbGl6ZWQ6Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5i c3A7IDxhIGhyZWY9Imh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1jbGVtbS1pZGVh cy1pcGZpeC0wMCI+aHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL2RyYWZ0LWNsZW1tLWlkZWFz LWlwZml4LTAwPC9hPjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPkh0bWxpemVkOiZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8YSBocmVmPSJodHRwczovL2RhdGF0cmFja2VyLmll dGYub3JnL2RvYy9odG1sL2RyYWZ0LWNsZW1tLWlkZWFzLWlwZml4LTAwIj5odHRwczovL2RhdGF0 cmFja2VyLmlldGYub3JnL2RvYy9odG1sL2RyYWZ0LWNsZW1tLWlkZWFzLWlwZml4LTAwPC9hPjxv OnA+PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+ Jm5ic3A7PC9vOnA+PC9wcmU+DQo8cHJlPkFic3RyYWN0OjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJl PiZuYnNwOyZuYnNwOyBUaGlzIGRvY3VtZW50IGRlZmluZXMgYSBzZXQgb2YgbmV3IEluZm9ybWF0 aW9uIEVsZW1lbnRzIHJlbGF0ZWQgdG88bzpwPjwvbzpwPjwvcHJlPg0KPHByZT4mbmJzcDsmbmJz cDsgSWRlbnRpdHktRW5hYmxlZCBOZXR3b2tzLiZuYnNwOyBUaGUgSW5mb3JtYXRpb24gRWxlbWVu dHMgYXJlIHVzZWQgYnkgdGhlPG86cD48L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7Jm5ic3A7IElQ IEZsb3cgSW5mb3JtYXRpb24gRXhwb3J0IChJUEZJWCkgcHJvdG9jb2wgdG8gZXhwb3J0IGZsb3cg ZGF0YTxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPiZuYnNwOyZuYnNwOyBjb250YWluaW5nIGlkZW50 aXR5LXJlbGF0ZWQgaW5mb3JtYXRpb24uPG86cD48L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJz cDs8L286cD48L3ByZT4NCjxwcmU+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5i c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5i c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5i c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5i c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IDxvOnA+ PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5i c3A7PC9vOnA+PC9wcmU+DQo8cHJlPlBsZWFzZSBub3RlIHRoYXQgaXQgbWF5IHRha2UgYSBjb3Vw bGUgb2YgbWludXRlcyBmcm9tIHRoZSB0aW1lIG9mIHN1Ym1pc3Npb248bzpwPjwvbzpwPjwvcHJl Pg0KPHByZT51bnRpbCB0aGUgaHRtbGl6ZWQgdmVyc2lvbiBhbmQgZGlmZiBhcmUgYXZhaWxhYmxl IGF0IHRvb2xzLmlldGYub3JnLjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPjxvOnA+Jm5ic3A7PC9v OnA+PC9wcmU+DQo8cHJlPlRoZSBJRVRGIFNlY3JldGFyaWF0PG86cD48L286cD48L3ByZT4NCjxw cmU+PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvYm9k eT4NCjwvaHRtbD4NCg== --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C059ESJCEML702CHMchi_-- From nobody Wed Jul 5 10:25:46 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6969131DA3 for ; Wed, 5 Jul 2017 10:25:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.219 X-Spam-Level: X-Spam-Status: No, score=-4.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, TVD_PH_BODY_ACCOUNTS_PRE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id naxhnbJRqm1E for ; Wed, 5 Jul 2017 10:25:43 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45578131DA2 for ; Wed, 5 Jul 2017 10:25:43 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml702-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DQM19170; Wed, 05 Jul 2017 17:25:41 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml702-cah.china.huawei.com (10.201.108.43) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 5 Jul 2017 18:25:40 +0100 Received: from SJCEML702-CHM.china.huawei.com ([169.254.4.142]) by SJCEML701-CHM.china.huawei.com ([169.254.3.186]) with mapi id 14.03.0301.000; Wed, 5 Jul 2017 10:25:36 -0700 From: Alexander Clemm To: "ideas@ietf.org" Thread-Topic: New Version Notification for draft-padma-ideas-req-grids-01.txt Thread-Index: AdL1s6+vStGOhM6WSg+HE9L9z3rZnQ== Date: Wed, 5 Jul 2017 17:25:36 +0000 Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0C05B3@SJCEML702-CHM.china.huawei.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.48.121] Content-Type: multipart/alternative; boundary="_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C05B3SJCEML702CHMchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090201.595D2115.011A, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.142, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 56a4b9962e308365e2ad6294fb008799 Archived-At: Subject: [Ideas] FYI: New Version Notification for draft-padma-ideas-req-grids-01.txt X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 17:25:46 -0000 --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C05B3SJCEML702CHMchi_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGVsbG8gYWxsLA0KRllJLCB3ZSBoYXZlIHBvc3RlZCBhIG5ldyByZXZpc2lvbiBvZiB0aGUgR1JJ RFMgcmVxdWlyZW1lbnRzIGRyYWZ0LCB3aXRoIHVwZGF0ZXMgcGVyIGRpc2N1c3Npb25zIG9mIHRo ZSBlYXJsaWVyIC0wMCB2ZXJzaW9uIGFuZCB0byBhY2NvdW50IGZvciB1cGRhdGVkIHByb2JsZW0g c3RhdGVtZW50IGFuZCB1c2UgY2FzZSBkb2N1bWVudHMuDQotLS0gQWxleA0KDQoNCg0KQSBuZXcg dmVyc2lvbiBvZiBJLUQsIGRyYWZ0LXBhZG1hLWlkZWFzLXJlcS1ncmlkcy0wMS50eHQNCg0KaGFz IGJlZW4gc3VjY2Vzc2Z1bGx5IHN1Ym1pdHRlZCBieSBBbGV4YW5kZXIgQ2xlbW0gYW5kIHBvc3Rl ZCB0byB0aGUNCg0KSUVURiByZXBvc2l0b3J5Lg0KDQoNCg0KTmFtZTogICAgICAgICAgZHJhZnQt cGFkbWEtaWRlYXMtcmVxLWdyaWRzDQoNClJldmlzaW9uOiAgICAgIDAxDQoNClRpdGxlOiAgICAg ICAgIFJlcXVpcmVtZW50cyBmb3IgR2VuZXJpYyBJZGVudGl0eSBTZXJ2aWNlcyBpbiBJZGVudGl0 eSBFbmFibGVkIE5ldHdvcmtzDQoNCkRvY3VtZW50IGRhdGU6IDIwMTctMDctMDMNCg0KR3JvdXA6 ICAgICAgICAgSW5kaXZpZHVhbCBTdWJtaXNzaW9uDQoNClBhZ2VzOiAgICAgICAgIDE3DQoNClVS TDogICAgICAgICAgICBodHRwczovL3d3dy5pZXRmLm9yZy9pbnRlcm5ldC1kcmFmdHMvZHJhZnQt cGFkbWEtaWRlYXMtcmVxLWdyaWRzLTAxLnR4dA0KDQpTdGF0dXM6ICAgICAgICAgaHR0cHM6Ly9k YXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtcGFkbWEtaWRlYXMtcmVxLWdyaWRzLw0KDQpI dG1saXplZDogICAgICAgaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL2RyYWZ0LXBhZG1hLWlk ZWFzLXJlcS1ncmlkcy0wMQ0KDQpIdG1saXplZDogICAgICAgaHR0cHM6Ly9kYXRhdHJhY2tlci5p ZXRmLm9yZy9kb2MvaHRtbC9kcmFmdC1wYWRtYS1pZGVhcy1yZXEtZ3JpZHMtMDENCg0KRGlmZjog ICAgICAgICAgIGh0dHBzOi8vd3d3LmlldGYub3JnL3JmY2RpZmY/dXJsMj1kcmFmdC1wYWRtYS1p ZGVhcy1yZXEtZ3JpZHMtMDENCg0KDQoNCkFic3RyYWN0Og0KDQogICBUaGlzIGRvY3VtZW50IGRl c2NyaWJlcyByZXF1aXJlbWVudHMgZm9yIHRoZSBHZW5lcmljIElkZW50aXR5DQoNCiAgIFNlcnZp Y2VzIGluZnJhc3RydWN0dXJlIGZvciBJZGVudGl0eS1FbmFibGVkIE5ldHdvcmtzLg0KDQoNCg0K DQoNCg0KDQoNCg0KUGxlYXNlIG5vdGUgdGhhdCBpdCBtYXkgdGFrZSBhIGNvdXBsZSBvZiBtaW51 dGVzIGZyb20gdGhlIHRpbWUgb2Ygc3VibWlzc2lvbg0KDQp1bnRpbCB0aGUgaHRtbGl6ZWQgdmVy c2lvbiBhbmQgZGlmZiBhcmUgYXZhaWxhYmxlIGF0IHRvb2xzLmlldGYub3JnLg0KDQoNCg0KVGhl IElFVEYgU2VjcmV0YXJpYXQNCg0KDQo= --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C05B3SJCEML702CHMchi_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy IDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDb25zb2xhczsNCglwYW5vc2UtMToyIDEx IDYgOSAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWws IGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0 b206LjAwMDFwdDsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcg Um9tYW4iLHNlcmlmO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXBy aW9yaXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQph OnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5 Ojk5Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnByZQ0K CXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkhUTUwgUHJlZm9ybWF0 dGVkIENoYXIiOw0KCW1hcmdpbjowaW47DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQt c2l6ZToxMC4wcHQ7DQoJZm9udC1mYW1pbHk6IkNvdXJpZXIgTmV3Ijt9DQpzcGFuLkhUTUxQcmVm b3JtYXR0ZWRDaGFyDQoJe21zby1zdHlsZS1uYW1lOiJIVE1MIFByZWZvcm1hdHRlZCBDaGFyIjsN Cgltc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkhUTUwgUHJlZm9ybWF0 dGVkIjsNCglmb250LWZhbWlseTpDb25zb2xhczt9DQpzcGFuLkVtYWlsU3R5bGUxOQ0KCXttc28t c3R5bGUtdHlwZTpwZXJzb25hbC1yZXBseTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1z ZXJpZjsNCgljb2xvcjojMUY0OTdEO30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBl OmV4cG9ydC1vbmx5Ow0KCWZvbnQtc2l6ZToxMC4wcHQ7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJ e3NpemU6OC41aW4gMTEuMGluOw0KCW1hcmdpbjoxLjBpbiAxLjBpbiAxLjBpbiAxLjBpbjt9DQpk aXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29yZFNlY3Rpb24xO30NCi0tPjwvc3R5bGU+PCEtLVtp ZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWRlZmF1bHRzIHY6ZXh0PSJlZGl0IiBzcGlkbWF4 PSIxMDI2IiAvPg0KPC94bWw+PCFbZW5kaWZdLS0+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8 bzpzaGFwZWxheW91dCB2OmV4dD0iZWRpdCI+DQo8bzppZG1hcCB2OmV4dD0iZWRpdCIgZGF0YT0i MSIgLz4NCjwvbzpzaGFwZWxheW91dD48L3htbD48IVtlbmRpZl0tLT4NCjwvaGVhZD4NCjxib2R5 IGxhbmc9IkVOLVVTIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIj4NCjxkaXYgY2xhc3M9Ildv cmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWJvdHRvbTox Mi4wcHQiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0Nh bGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5IZWxsbyBhbGwsPG86cD48L286 cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1ib3R0b206 MTIuMHB0Ij48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtD YWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+RllJLCB3ZSBoYXZlIHBvc3Rl ZCBhIG5ldyByZXZpc2lvbiBvZiB0aGUgR1JJRFMgcmVxdWlyZW1lbnRzIGRyYWZ0LCB3aXRoIHVw ZGF0ZXMgcGVyIGRpc2N1c3Npb25zIG9mIHRoZSBlYXJsaWVyIC0wMCB2ZXJzaW9uIGFuZCB0bw0K IGFjY291bnQgZm9yIHVwZGF0ZWQgcHJvYmxlbSBzdGF0ZW1lbnQgYW5kIHVzZSBjYXNlIGRvY3Vt ZW50cy4mbmJzcDsgPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIg c3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBw dDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3 RCI+LS0tIEFsZXg8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8ZGl2Pg0KPHByZT48bzpwPiZuYnNw OzwvbzpwPjwvcHJlPg0KPHByZT5BIG5ldyB2ZXJzaW9uIG9mIEktRCwgZHJhZnQtcGFkbWEtaWRl YXMtcmVxLWdyaWRzLTAxLnR4dDxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPmhhcyBiZWVuIHN1Y2Nl c3NmdWxseSBzdWJtaXR0ZWQgYnkgQWxleGFuZGVyIENsZW1tIGFuZCBwb3N0ZWQgdG8gdGhlPG86 cD48L286cD48L3ByZT4NCjxwcmU+SUVURiByZXBvc2l0b3J5LjxvOnA+PC9vOnA+PC9wcmU+DQo8 cHJlPjxvOnA+Jm5ic3A7PC9vOnA+PC9wcmU+DQo8cHJlPk5hbWU6Jm5ic3A7Jm5ic3A7Jm5ic3A7 Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IGRyYWZ0LXBhZG1hLWlkZWFzLXJl cS1ncmlkczxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlJldmlzaW9uOiZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyAwMTxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPlRpdGxlOiZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBSZXF1aXJlbWVudHMgZm9yIEdl bmVyaWMgSWRlbnRpdHkgU2VydmljZXMgaW4gSWRlbnRpdHkgRW5hYmxlZCBOZXR3b3JrczxvOnA+ PC9vOnA+PC9wcmU+DQo8cHJlPkRvY3VtZW50IGRhdGU6IDIwMTctMDctMDM8bzpwPjwvbzpwPjwv cHJlPg0KPHByZT5Hcm91cDombmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsgSW5kaXZpZHVhbCBTdWJtaXNzaW9uPG86cD48L286cD48L3ByZT4NCjxwcmU+UGFn ZXM6Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7IDE3PG86 cD48L286cD48L3ByZT4NCjxwcmU+VVJMOiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8YSBocmVmPSJodHRwczovL3d3dy5p ZXRmLm9yZy9pbnRlcm5ldC1kcmFmdHMvZHJhZnQtcGFkbWEtaWRlYXMtcmVxLWdyaWRzLTAxLnR4 dCI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvaW50ZXJuZXQtZHJhZnRzL2RyYWZ0LXBhZG1hLWlkZWFz LXJlcS1ncmlkcy0wMS50eHQ8L2E+PG86cD48L286cD48L3ByZT4NCjxwcmU+U3RhdHVzOiZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8YSBocmVmPSJodHRw czovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1wYWRtYS1pZGVhcy1yZXEtZ3JpZHMv Ij5odHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1wYWRtYS1pZGVhcy1yZXEt Z3JpZHMvPC9hPjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPkh0bWxpemVkOiZuYnNwOyZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8YSBocmVmPSJodHRwczovL3Rvb2xzLmlldGYub3JnL2h0 bWwvZHJhZnQtcGFkbWEtaWRlYXMtcmVxLWdyaWRzLTAxIj5odHRwczovL3Rvb2xzLmlldGYub3Jn L2h0bWwvZHJhZnQtcGFkbWEtaWRlYXMtcmVxLWdyaWRzLTAxPC9hPjxvOnA+PC9vOnA+PC9wcmU+ DQo8cHJlPkh0bWxpemVkOiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8YSBo cmVmPSJodHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9odG1sL2RyYWZ0LXBhZG1hLWlk ZWFzLXJlcS1ncmlkcy0wMSI+aHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvaHRtbC9k cmFmdC1wYWRtYS1pZGVhcy1yZXEtZ3JpZHMtMDE8L2E+PG86cD48L286cD48L3ByZT4NCjxwcmU+ RGlmZjombmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsgPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5vcmcvcmZjZGlmZj91cmwyPWRyYWZ0 LXBhZG1hLWlkZWFzLXJlcS1ncmlkcy0wMSI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvcmZjZGlmZj91 cmwyPWRyYWZ0LXBhZG1hLWlkZWFzLXJlcS1ncmlkcy0wMTwvYT48bzpwPjwvbzpwPjwvcHJlPg0K PHByZT48bzpwPiZuYnNwOzwvbzpwPjwvcHJlPg0KPHByZT5BYnN0cmFjdDo8bzpwPjwvbzpwPjwv cHJlPg0KPHByZT4mbmJzcDsmbmJzcDsgVGhpcyBkb2N1bWVudCBkZXNjcmliZXMgcmVxdWlyZW1l bnRzIGZvciB0aGUgR2VuZXJpYyBJZGVudGl0eTxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPiZuYnNw OyZuYnNwOyBTZXJ2aWNlcyBpbmZyYXN0cnVjdHVyZSBmb3IgSWRlbnRpdHktRW5hYmxlZCBOZXR3 b3Jrcy48bzpwPjwvbzpwPjwvcHJlPg0KPHByZT48bzpwPiZuYnNwOzwvbzpwPjwvcHJlPg0KPHBy ZT4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgPG86cD48L286cD48L3ByZT4NCjxwcmU+ PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjxw cmU+UGxlYXNlIG5vdGUgdGhhdCBpdCBtYXkgdGFrZSBhIGNvdXBsZSBvZiBtaW51dGVzIGZyb20g dGhlIHRpbWUgb2Ygc3VibWlzc2lvbjxvOnA+PC9vOnA+PC9wcmU+DQo8cHJlPnVudGlsIHRoZSBo dG1saXplZCB2ZXJzaW9uIGFuZCBkaWZmIGFyZSBhdmFpbGFibGUgYXQgdG9vbHMuaWV0Zi5vcmcu PG86cD48L286cD48L3ByZT4NCjxwcmU+PG86cD4mbmJzcDs8L286cD48L3ByZT4NCjxwcmU+VGhl IElFVEYgU2VjcmV0YXJpYXQ8bzpwPjwvbzpwPjwvcHJlPg0KPHByZT48bzpwPiZuYnNwOzwvbzpw PjwvcHJlPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0C05B3SJCEML702CHMchi_-- From nobody Wed Jul 5 15:31:50 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16001126B72 for ; Wed, 5 Jul 2017 15:31:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fsEy5zLtce-S for ; Wed, 5 Jul 2017 15:31:46 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3DA5127201 for ; Wed, 5 Jul 2017 15:31:45 -0700 (PDT) Received: from 172.18.7.190 (EHLO LHREML714-CAH.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DQM46568; Wed, 05 Jul 2017 22:31:43 +0000 (GMT) Received: from DFWEML703-CAH.china.huawei.com (10.193.5.177) by LHREML714-CAH.china.huawei.com (10.201.108.37) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 5 Jul 2017 23:31:41 +0100 Received: from DFWEML501-MBX.china.huawei.com ([10.193.5.178]) by DFWEML703-CAH.china.huawei.com ([10.193.5.177]) with mapi id 14.03.0301.000; Wed, 5 Jul 2017 15:31:40 -0700 From: Yingzhen Qu To: "ideas@ietf.org" Thread-Topic: New Version Notification for draft-xyz-ideas-gap-analysis-00.txt Thread-Index: AQHS9EIgyBpdvPvnA0iVzlCe9THmQKJF0aJA Date: Wed, 5 Jul 2017 22:31:39 +0000 Message-ID: <594D005A3CB0724DB547CF3E9A9E810B4F52CE@dfweml501-mbx> References: <149911678911.22832.9296909802984879490.idtracker@ietfa.amsl.com> In-Reply-To: <149911678911.22832.9296909802984879490.idtracker@ietfa.amsl.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.49.86] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.595D68CF.01B1, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: de6b2abcf35fd73fa07bd61c48d2b6d2 Archived-At: Subject: [Ideas] FW: New Version Notification for draft-xyz-ideas-gap-analysis-00.txt X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 22:31:49 -0000 SGkgYWxsLA0KDQpGWUksIHRoaXMgaXMgYSBuZXcgZHJhZnQgd2hpY2ggYW5hbHl6ZXMgdGhlIGdh cHMgYmV0d2VlbiB0b2RheSdzIGlkZW50aWZpZXIvbG9jYXRvciBzZXBhcmF0aW9uIHByb3RvY29s cyBhbmQgbmV0d29yayBwcml2YWN5IHJlcXVpcmVtZW50cy4NCg0KWW91J3JlIHdlbGNvbWUgdG8g c2VuZCBjb21tZW50cyBhbmQgc3VnZ2VzdGlvbnMuDQoNClRoYW5rcywNCllpbmd6aGVuDQoNCi0t LS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBpbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmcg W21haWx0bzppbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmddIA0KU2VudDogTW9uZGF5LCBKdWx5IDAz LCAyMDE3IDI6MjAgUE0NClRvOiBZaW5nemhlbiBRdSA8eWluZ3poZW4ucXVAaHVhd2VpLmNvbT47 IExpdWJpbmd5YW5nIChCcnlhbikgPGxpdWJpbmd5YW5nQGh1YXdlaS5jb20+OyBBbGJlcnQgQ2Fi ZWxsb3MtQXBhcmljaW8gPGFjYWJlbGxvQGFjLnVwYy5lZHU+OyBSb2JlcnQgTW9za293aXR6IDxy Z21AbGFicy5odHQtY29uc3VsdC5jb20+OyBBbmRyZWFzIFN0b2NrbWF5ZXIgPGFuZHJlYXMuc3Rv Y2ttYXllckB1bmktdHVlYmluZ2VuLmRlPjsgQWxiZXJ0IENhYmVsbG9zIDxhY2FiZWxsb0BhYy51 cGMuZWR1Pg0KU3ViamVjdDogTmV3IFZlcnNpb24gTm90aWZpY2F0aW9uIGZvciBkcmFmdC14eXot aWRlYXMtZ2FwLWFuYWx5c2lzLTAwLnR4dA0KDQoNCkEgbmV3IHZlcnNpb24gb2YgSS1ELCBkcmFm dC14eXotaWRlYXMtZ2FwLWFuYWx5c2lzLTAwLnR4dA0KaGFzIGJlZW4gc3VjY2Vzc2Z1bGx5IHN1 Ym1pdHRlZCBieSBZaW5nemhlbiBRdSBhbmQgcG9zdGVkIHRvIHRoZSBJRVRGIHJlcG9zaXRvcnku DQoNCk5hbWU6CQlkcmFmdC14eXotaWRlYXMtZ2FwLWFuYWx5c2lzDQpSZXZpc2lvbjoJMDANClRp dGxlOgkJR2FwIEFuYWx5c2lzIGZvciBJZGVudGl0eSBFbmFibGVkIE5ldHdvcmtzDQpEb2N1bWVu dCBkYXRlOgkyMDE3LTA3LTAzDQpHcm91cDoJCUluZGl2aWR1YWwgU3VibWlzc2lvbg0KUGFnZXM6 CQkxMg0KVVJMOiAgICAgICAgICAgIGh0dHBzOi8vd3d3LmlldGYub3JnL2ludGVybmV0LWRyYWZ0 cy9kcmFmdC14eXotaWRlYXMtZ2FwLWFuYWx5c2lzLTAwLnR4dA0KU3RhdHVzOiAgICAgICAgIGh0 dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0LXh5ei1pZGVhcy1nYXAtYW5hbHlz aXMvDQpIdG1saXplZDogICAgICAgaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL2RyYWZ0LXh5 ei1pZGVhcy1nYXAtYW5hbHlzaXMtMDANCkh0bWxpemVkOiAgICAgICBodHRwczovL2RhdGF0cmFj a2VyLmlldGYub3JnL2RvYy9odG1sL2RyYWZ0LXh5ei1pZGVhcy1nYXAtYW5hbHlzaXMtMDANCg0K DQpBYnN0cmFjdDoNCiAgIEN1cnJlbnRseSB0aGVyZSBhcmUgc2V2ZXJhbCBpZGVudGlmaWVyL2xv Y2F0b3Igc2VwYXJhdGlvbiBwcm90b2NvbHMsDQogICBzdWNoIGFzIEhJUCwgSUxBLCBJTE5BIGFu ZCBMSVNQLiAgVGhpcyBkb2N1bWVudCBhbmFseXplcyB0aGUNCiAgIHRlY2huaWNhbCBnYXBzIGJl dHdlZW4gZXhpc3Rpbmcgc29sdXRpb25zIGFuZCB0b2RheSdzIHByaXZhY3kNCiAgIHJlcXVpcmVt ZW50cy4NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA0KDQoNClBsZWFzZSBub3RlIHRoYXQg aXQgbWF5IHRha2UgYSBjb3VwbGUgb2YgbWludXRlcyBmcm9tIHRoZSB0aW1lIG9mIHN1Ym1pc3Np b24gdW50aWwgdGhlIGh0bWxpemVkIHZlcnNpb24gYW5kIGRpZmYgYXJlIGF2YWlsYWJsZSBhdCB0 b29scy5pZXRmLm9yZy4NCg0KVGhlIElFVEYgU2VjcmV0YXJpYXQNCg0K From nobody Wed Jul 5 15:58:58 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CA7A126B72 for ; Wed, 5 Jul 2017 15:58:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.21 X-Spam-Level: X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kcsgtnAuJHez for ; Wed, 5 Jul 2017 15:58:54 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D822129AAD for ; Wed, 5 Jul 2017 15:58:53 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DJV01514; Wed, 05 Jul 2017 22:58:51 +0000 (GMT) Received: from SJCEML703-CHM.china.huawei.com (10.208.112.39) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 5 Jul 2017 23:58:49 +0100 Received: from SJCEML702-CHM.china.huawei.com ([169.254.4.142]) by SJCEML703-CHM.china.huawei.com ([169.254.5.136]) with mapi id 14.03.0301.000; Wed, 5 Jul 2017 15:58:43 -0700 From: Uma Chunduri To: Robert Moskowitz , tjw ietf CC: "ideas@ietf.org" Thread-Topic: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" Thread-Index: AQHS9ZPE963S1drr902KkhfKflevlaJFubYAgAAC9gCAABhC4A== Date: Wed, 5 Jul 2017 22:58:42 +0000 Message-ID: <25B4902B1192E84696414485F5726854019E2929@SJCEML702-CHM.china.huawei.com> References: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> <1788bf20-2ee5-c2fd-0108-ff4b2b779848@htt-consult.com> In-Reply-To: <1788bf20-2ee5-c2fd-0108-ff4b2b779848@htt-consult.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.212.245.54] Content-Type: multipart/alternative; boundary="_000_25B4902B1192E84696414485F5726854019E2929SJCEML702CHMchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020202.595D6F2B.0146, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.142, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: a9c7c8d0e79e69d1888db5d6c56bb68a Archived-At: Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 22:58:57 -0000 --_000_25B4902B1192E84696414485F5726854019E2929SJCEML702CHMchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Bob, > I said 'requirements' to soften the blow, so to speak, about 'why NOT LDA= P'. Plus the data model to see if it can fit into an LDAP schema. > Of course we could always go with DAP instead for richer policy control a= nd distributed data support! I am not sure if this would be LDAP or something else. I presume the contex= t is entities authentication and subsequent operations to indicate policy. = Is this correct? If Yes, I have couple of thoughts: 1. We ought to focus on category of entities (low power/regular nodes= /routers) and see what suits best. Perhaps one of the EAP methods suitable = to the environments (minimal RTTs, mutual authentication if needed in some = cases)? 2. Regarding policy - I see your point of "richer policy" but we may = have to start with much more simpler policy (say white list/black list on I= dentifiers) as some of it has to be distributed/shared across without any p= rivacy concerns 3. Regarding distribution of public parts of policy and other informa= tion with Identifiers, we ought to see if we have to use any existing mappi= ng servers (DDT, DHT, Blockchain or some simplified/selective pull based "n= ew" protocol among each providers Identifiers). May be we might have to discuss problems and requirements bit deeper to has= h out the above. -- Uma C. From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Robert Moskowitz Sent: Wednesday, July 05, 2017 7:16 AM To: tjw ietf Cc: ideas@ietf.org Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infras= tructure" Tim, Well it seems I got an upgrade to contributing to the problem statement. I= missed that in the last go around hours before the draft cutoff. Thanks P= adma. I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'= . Plus the data model to see if it can fit into an LDAP schema. Of course we could always go with DAP instead for richer policy control and= distributed data support! (was it actually 20 years ago that I worked on = this stuff? yikes!) Bob On 07/05/2017 10:05 AM, tjw ietf wrote: Bob! Brian and I had chatted briefly about charter direction and we wanted to he= ar some of the discussions during the session. And that's what they pay us = the big bucks for! But I have to agree with your plan of attack. If we could give some guidan= ce: - work on the problem statement and gap analysis but don't invest larger cy= cles of time on them. - requirements are good to capture, but we will shy away from turning them = into published documents as they will change over time - some discussion on LDAP is very necessary as the code base has gotten qui= te mature. tim On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz > wrote: Disclaimer: I had a hand in edits to this version, though I am not listed = in the Ack section. In particular I pushed for "Common Infrastructure", no= t "Common Control Plane". We have been talking a lot about Identity and Identifier and metadata. One= of the tasks of this workgroup (and charter item) needs to be data modelin= g of what is intended to be stored/available. Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on why NOT = LDAP or some other mature xyz data store access protocol. I start with LDA= P as there is actually a fit, and the various server implementations are ve= ry mature with good, secure, backends and data replication tools. It is time to start thinking charter. The problem statement, gap analysis,= and use cases is barely a start. What the group is going to DO is focus n= ow. So I propose two work items: Common Infrastructure data modeling (and someone other than me can do it in= YANG). Common Infrastructure protocol requirements with a subsection on LDAP compa= rision. Bob _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas --_000_25B4902B1192E84696414485F5726854019E2929SJCEML702CHMchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Bob,

 

> I said 'requirements' to = soften the blow, so to speak, about 'why NOT LDAP'.  Plus the data mod= el to see if it can fit into an LDAP schema.

> Of course we could always go with DAP instead f= or richer policy control and distributed data support! 

 

I am not sure if this would be LDAP o= r something else. I presume the context is entities authentication and subs= equent operations to indicate policy. Is this correct?

 

If Yes, I have couple of thoughts:

 

1.   = ;    We ought to focus on category= of entities (low power/regular nodes/routers) and see what suits best. Per= haps one of the EAP methods suitable to the environments (minimal RTTs, mutual authentication if needed in some cases)= ?

2.   = ;    Regarding policy – I se= e your point of “richer policy” but we may have to start with m= uch more simpler policy (say white list/black list on Identifiers) as some of it has to be distributed/shared across without any privacy conc= erns

3.   = ;    Regarding distribution of pub= lic parts of policy and other information with Identifiers, we ought to see= if we have to use any existing mapping servers (DDT, DHT, Blockchain or some simplified/selective pull based “new&#= 8221; protocol among each providers Identifiers).

 

May be we might have to discuss probl= ems and requirements bit deeper to hash out the above.

--

Uma C.<= /span>

 

From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Robert Moskowitz
Sent: Wednesday, July 05, 2017 7:16 AM
To: tjw ietf <tjw.ietf@gmail.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "C= ommon Infrastructure"

 

Tim,

Well it seems I got an upgrade to contributing to the problem statement.&nb= sp; I missed that in the last go around hours before the draft cutoff. = ; Thanks Padma.

I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'= .  Plus the data model to see if it can fit into an LDAP schema.

Of course we could always go with DAP instead for richer policy control and= distributed data support!  (was it actually 20 years ago that I worke= d on this stuff? yikes!)

Bob

On 07/05/2017 10:05 AM, tjw ietf wrote:

Bob!

 

Brian and I had chatted briefly about charter direct= ion and we wanted to hear some of the discussions during the session. And t= hat's what they pay us the big bucks for!

 

But I have to agree with your plan of attack.  = If we could give some guidance: 

 

- work on the problem statement and gap analysis but= don't invest larger cycles of time on them.  

 

- requirements are good to capture, but we will shy = away from turning them into published documents as they will change over ti= me

 

- some discussion on LDAP is very necessary as the c= ode base has gotten quite mature.

 

tim

 

On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz <= ;rgm-ietf@htt= -consult.com> wrote:

Disclaimer:  I had a hand in edits to this vers= ion, though I am not listed in the Ack section.  In particular I pushe= d for "Common Infrastructure", not "Common Control Plane&quo= t;.


We have been talking a lot about Identity and Identifier and metadata. = ; One of the tasks of this workgroup (and charter item) needs to be data mo= deling of what is intended to be stored/available.

Further there needs to be Yet Another Gap Analysis (YAGA?  :) ) on why= NOT LDAP or some other mature xyz data store access protocol.  I star= t with LDAP as there is actually a fit, and the various server implementati= ons are very mature with good, secure, backends and data replication tools.

It is time to start thinking charter.  The problem statement, gap anal= ysis, and use cases is barely a start.  What the group is going to DO = is focus now.

So I propose two work items:

Common Infrastructure data modeling (and someone other than me can do it in= YANG).
Common Infrastructure protocol requirements with a subsection on LDAP compa= rision.

Bob


_______________________________________________
Ideas mailing list
Ideas@ietf.org
h= ttps://www.ietf.org/mailman/listinfo/ideas

 




_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ie=
tf.org/mailman/listinfo/ideas

 

--_000_25B4902B1192E84696414485F5726854019E2929SJCEML702CHMchi_-- From nobody Wed Jul 5 16:06:29 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4372E126B6E for ; Wed, 5 Jul 2017 16:06:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.19 X-Spam-Level: X-Spam-Status: No, score=-4.19 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uPwC-9Q-iVQ1 for ; Wed, 5 Jul 2017 16:06:26 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D18A0120227 for ; Wed, 5 Jul 2017 16:06:25 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 50A1F62161; Wed, 5 Jul 2017 19:06:23 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id bqAWpeBM0XXA; Wed, 5 Jul 2017 19:06:14 -0400 (EDT) Received: from lx120e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id E8A0A62171; Wed, 5 Jul 2017 19:06:13 -0400 (EDT) To: Uma Chunduri , tjw ietf References: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> <1788bf20-2ee5-c2fd-0108-ff4b2b779848@htt-consult.com> <25B4902B1192E84696414485F5726854019E2929@SJCEML702-CHM.china.huawei.com> Cc: "ideas@ietf.org" From: Robert Moskowitz Message-ID: Date: Wed, 5 Jul 2017 19:06:10 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <25B4902B1192E84696414485F5726854019E2929@SJCEML702-CHM.china.huawei.com> Content-Type: multipart/alternative; boundary="------------35BEAA23B00EB352D22A3FC2" Archived-At: Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 23:06:28 -0000 This is a multi-part message in MIME format. --------------35BEAA23B00EB352D22A3FC2 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit Uma, In your list below, DHT is something (that is flat name space) that LDAP does poorly. But LDAP IS a mapping system that has been around for lots of years. And it has authentication in terms of who can add/update and who can inquire on what. And EAP is NOT minimal RTT! It is often yet another wrapper to have some common wrapper. In this case, it would be PANA delivering EAP. So we will discuss this all. Bob On 07/05/2017 06:58 PM, Uma Chunduri wrote: > > Hi Bob, > > > I said 'requirements' to soften the blow, so to speak, about 'why NOT > LDAP'. Plus the data model to see if it can fit into an LDAP schema. > > > Of course we could always go with DAP instead for richer policy > control and distributed data support! > > I am not sure if this would be LDAP or something else. I presume the > context is entities authentication and subsequent operations to > indicate policy. Is this correct? > > If Yes, I have couple of thoughts: > > 1.We ought to focus on category of entities (low power/regular > nodes/routers) and see what suits best. Perhaps one of the EAP methods > suitable to the environments (minimal RTTs, mutual authentication if > needed in some cases)? > > 2.Regarding policy I see your point of richer policy but we may > have to start with much more simpler policy (say white list/black list > on Identifiers) as some of it has to be distributed/shared across > without any privacy concerns > > 3.Regarding distribution of public parts of policy and other > information with Identifiers, we ought to see if we have to use any > existing mapping servers (DDT, DHT, Blockchain or some > simplified/selective pull based new protocol among each providers > Identifiers). > > May be we might have to discuss problems and requirements bit deeper > to hash out the above. > > -- > > Uma C. > > *From:*Ideas [mailto:ideas-bounces@ietf.org] *On Behalf Of *Robert > Moskowitz > *Sent:* Wednesday, July 05, 2017 7:16 AM > *To:* tjw ietf > *Cc:* ideas@ietf.org > *Subject:* Re: [Ideas] draft-padma-ideas-problem-statement and "Common > Infrastructure" > > Tim, > > Well it seems I got an upgrade to contributing to the problem > statement. I missed that in the last go around hours before the draft > cutoff. Thanks Padma. > > I said 'requirements' to soften the blow, so to speak, about 'why NOT > LDAP'. Plus the data model to see if it can fit into an LDAP schema. > > Of course we could always go with DAP instead for richer policy > control and distributed data support! (was it actually 20 years ago > that I worked on this stuff? yikes!) > > Bob > > On 07/05/2017 10:05 AM, tjw ietf wrote: > > Bob! > > Brian and I had chatted briefly about charter direction and we > wanted to hear some of the discussions during the session. And > that's what they pay us the big bucks for! > > But I have to agree with your plan of attack. If we could give > some guidance: > > - work on the problem statement and gap analysis but don't invest > larger cycles of time on them. > > - requirements are good to capture, but we will shy away from > turning them into published documents as they will change over time > > - some discussion on LDAP is very necessary as the code base has > gotten quite mature. > > tim > > On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz > > wrote: > > Disclaimer: I had a hand in edits to this version, though I > am not listed in the Ack section. In particular I pushed for > "Common Infrastructure", not "Common Control Plane". > > > We have been talking a lot about Identity and Identifier and > metadata. One of the tasks of this workgroup (and charter > item) needs to be data modeling of what is intended to be > stored/available. > > Further there needs to be Yet Another Gap Analysis (YAGA? :) > ) on why NOT LDAP or some other mature xyz data store access > protocol. I start with LDAP as there is actually a fit, and > the various server implementations are very mature with good, > secure, backends and data replication tools. > > It is time to start thinking charter. The problem statement, > gap analysis, and use cases is barely a start. What the group > is going to DO is focus now. > > So I propose two work items: > > Common Infrastructure data modeling (and someone other than me > can do it in YANG). > Common Infrastructure protocol requirements with a subsection > on LDAP comparision. > > Bob > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > > > > > _______________________________________________ > > Ideas mailing list > > Ideas@ietf.org > > https://www.ietf.org/mailman/listinfo/ideas > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas --------------35BEAA23B00EB352D22A3FC2 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit Uma,

In your list below, DHT is something (that is flat name space) that LDAP does poorly. But LDAP IS a mapping system that has been around for lots of years.

And it has authentication in terms of who can add/update and who can inquire on what.

And EAP is NOT minimal RTT! It is often yet another wrapper to have some common wrapper. In this case, it would be PANA delivering EAP. So we will discuss this all.

Bob

On 07/05/2017 06:58 PM, Uma Chunduri wrote:

Hi Bob,

> I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'. Plus the data model to see if it can fit into an LDAP schema.

> Of course we could always go with DAP instead for richer policy control and distributed data support!

I am not sure if this would be LDAP or something else. I presume the context is entities authentication and subsequent operations to indicate policy. Is this correct?

If Yes, I have couple of thoughts:

1. We ought to focus on category of entities (low power/regular nodes/routers) and see what suits best. Perhaps one of the EAP methods suitable to the environments (minimal RTTs, mutual authentication if needed in some cases)?

2. Regarding policy I see your point of richer policy but we may have to start with much more simpler policy (say white list/black list on Identifiers) as some of it has to be distributed/shared across without any privacy concerns

3. Regarding distribution of public parts of policy and other information with Identifiers, we ought to see if we have to use any existing mapping servers (DDT, DHT, Blockchain or some simplified/selective pull based new protocol among each providers Identifiers).

May be we might have to discuss problems and requirements bit deeper to hash out the above.

--

Uma C.

From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Robert Moskowitz
Sent: Wednesday, July 05, 2017 7:16 AM
To: tjw ietf <tjw.ietf@gmail.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure"

Tim,

Well it seems I got an upgrade to contributing to the problem statement. I missed that in the last go around hours before the draft cutoff. Thanks Padma.

I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'. Plus the data model to see if it can fit into an LDAP schema.

Of course we could always go with DAP instead for richer policy control and distributed data support! (was it actually 20 years ago that I worked on this stuff? yikes!)

Bob

On 07/05/2017 10:05 AM, tjw ietf wrote:

Bob!

Brian and I had chatted briefly about charter direction and we wanted to hear some of the discussions during the session. And that's what they pay us the big bucks for!

But I have to agree with your plan of attack. If we could give some guidance:

- work on the problem statement and gap analysis but don't invest larger cycles of time on them.

- requirements are good to capture, but we will shy away from turning them into published documents as they will change over time

- some discussion on LDAP is very necessary as the code base has gotten quite mature.

tim

On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz <rgm-ietf@htt-consult.com> wrote:

Disclaimer: I had a hand in edits to this version, though I am not listed in the Ack section. In particular I pushed for "Common Infrastructure", not "Common Control Plane".


We have been talking a lot about Identity and Identifier and metadata. One of the tasks of this workgroup (and charter item) needs to be data modeling of what is intended to be stored/available.

Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on why NOT LDAP or some other mature xyz data store access protocol. I start with LDAP as there is actually a fit, and the various server implementations are very mature with good, secure, backends and data replication tools.

It is time to start thinking charter. The problem statement, gap analysis, and use cases is barely a start. What the group is going to DO is focus now.

So I propose two work items:

Common Infrastructure data modeling (and someone other than me can do it in YANG).
Common Infrastructure protocol requirements with a subsection on LDAP comparision.

Bob


_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas




_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas



_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas

--------------35BEAA23B00EB352D22A3FC2-- From nobody Wed Jul 5 16:40:42 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AA71131463 for ; Wed, 5 Jul 2017 16:40:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.21 X-Spam-Level: X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FZu-5ik0Q-9S for ; Wed, 5 Jul 2017 16:40:38 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD98A129AAD for ; Wed, 5 Jul 2017 16:40:37 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml702-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DJV04830; Wed, 05 Jul 2017 23:40:35 +0000 (GMT) Received: from SJCEML703-CHM.china.huawei.com (10.208.112.39) by lhreml702-cah.china.huawei.com (10.201.108.43) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 6 Jul 2017 00:40:34 +0100 Received: from SJCEML702-CHM.china.huawei.com ([169.254.4.142]) by SJCEML703-CHM.china.huawei.com ([169.254.5.136]) with mapi id 14.03.0301.000; Wed, 5 Jul 2017 16:40:29 -0700 From: Uma Chunduri To: Robert Moskowitz , tjw ietf CC: "ideas@ietf.org" Thread-Topic: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" Thread-Index: AQHS9ZPE963S1drr902KkhfKflevlaJFubYAgAAC9gCAABhC4IAAe9cA//+RvFA= Date: Wed, 5 Jul 2017 23:40:28 +0000 Message-ID: <25B4902B1192E84696414485F5726854019E2956@SJCEML702-CHM.china.huawei.com> References: <9084360a-160e-944a-96aa-0b33379ccdb8@htt-consult.com> <1788bf20-2ee5-c2fd-0108-ff4b2b779848@htt-consult.com> <25B4902B1192E84696414485F5726854019E2929@SJCEML702-CHM.china.huawei.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.212.245.54] Content-Type: multipart/alternative; boundary="_000_25B4902B1192E84696414485F5726854019E2956SJCEML702CHMchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.595D78F4.0073, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.142, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: a9c7c8d0e79e69d1888db5d6c56bb68a Archived-At: Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infrastructure" X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2017 23:40:41 -0000 --_000_25B4902B1192E84696414485F5726854019E2956SJCEML702CHMchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Bob, In-line [Uma]: -- Uma C. From: Robert Moskowitz [mailto:rgm-ietf@htt-consult.com] Sent: Wednesday, July 05, 2017 4:06 PM To: Uma Chunduri ; tjw ietf Cc: ideas@ietf.org Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infras= tructure" Uma, In your list below, DHT is something (that is flat name space) that LDAP do= es poorly. [Uma]: Thx for clarifying that. But flat space or not is completely a diffe= rent discussion.. (and has to be discussed too) But LDAP IS a mapping system that has been around for lots of years. And it has authentication in terms of who can add/update and who can inquir= e on what. And EAP is NOT minimal RTT! [Uma]: You are right of course. We may not need minimal RTT in some cases = and mutual AUTH (can be debatable). I see, 40+ EAP methods give the spectr= um of all choices. It is often yet another wrapper to have some common wrapper. In this case,= it would be PANA delivering EAP. [Uma]: Indeed, some lower layer is required to carry EAP. As PS talks about= we need a private channel for AUTH and policy updates. So we will discuss this all. [Uma]: Yes, we need to discuss a bit on this. Bob On 07/05/2017 06:58 PM, Uma Chunduri wrote: Hi Bob, > I said 'requirements' to soften the blow, so to speak, about 'why NOT LDA= P'. Plus the data model to see if it can fit into an LDAP schema. > Of course we could always go with DAP instead for richer policy control a= nd distributed data support! I am not sure if this would be LDAP or something else. I presume the contex= t is entities authentication and subsequent operations to indicate policy. = Is this correct? If Yes, I have couple of thoughts: 1. We ought to focus on category of entities (low power/regular nodes/= routers) and see what suits best. Perhaps one of the EAP methods suitable t= o the environments (minimal RTTs, mutual authentication if needed in some c= ases)? 2. Regarding policy - I see your point of "richer policy" but we may h= ave to start with much more simpler policy (say white list/black list on Id= entifiers) as some of it has to be distributed/shared across without any pr= ivacy concerns 3. Regarding distribution of public parts of policy and other informat= ion with Identifiers, we ought to see if we have to use any existing mappin= g servers (DDT, DHT, Blockchain or some simplified/selective pull based "ne= w" protocol among each providers Identifiers). May be we might have to discuss problems and requirements bit deeper to has= h out the above. -- Uma C. From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Robert Moskowitz Sent: Wednesday, July 05, 2017 7:16 AM To: tjw ietf Cc: ideas@ietf.org Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "Common Infras= tructure" Tim, Well it seems I got an upgrade to contributing to the problem statement. I= missed that in the last go around hours before the draft cutoff. Thanks P= adma. I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'= . Plus the data model to see if it can fit into an LDAP schema. Of course we could always go with DAP instead for richer policy control and= distributed data support! (was it actually 20 years ago that I worked on = this stuff? yikes!) Bob On 07/05/2017 10:05 AM, tjw ietf wrote: Bob! Brian and I had chatted briefly about charter direction and we wanted to he= ar some of the discussions during the session. And that's what they pay us = the big bucks for! But I have to agree with your plan of attack. If we could give some guidan= ce: - work on the problem statement and gap analysis but don't invest larger cy= cles of time on them. - requirements are good to capture, but we will shy away from turning them = into published documents as they will change over time - some discussion on LDAP is very necessary as the code base has gotten qui= te mature. tim On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz > wrote: Disclaimer: I had a hand in edits to this version, though I am not listed = in the Ack section. In particular I pushed for "Common Infrastructure", no= t "Common Control Plane". We have been talking a lot about Identity and Identifier and metadata. One= of the tasks of this workgroup (and charter item) needs to be data modelin= g of what is intended to be stored/available. Further there needs to be Yet Another Gap Analysis (YAGA? :) ) on why NOT = LDAP or some other mature xyz data store access protocol. I start with LDA= P as there is actually a fit, and the various server implementations are ve= ry mature with good, secure, backends and data replication tools. It is time to start thinking charter. The problem statement, gap analysis,= and use cases is barely a start. What the group is going to DO is focus n= ow. So I propose two work items: Common Infrastructure data modeling (and someone other than me can do it in= YANG). Common Infrastructure protocol requirements with a subsection on LDAP compa= rision. Bob _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas --_000_25B4902B1192E84696414485F5726854019E2956SJCEML702CHMchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Bob,=

 

In-line [Uma]:

 

--

Uma C.<= /span>

 

From: Robert Moskowitz [mailto:rgm-ietf@htt-consult.com]
Sent: Wednesday, July 05, 2017 4:06 PM
To: Uma Chunduri <uma.chunduri@huawei.com>; tjw ietf <tjw.i= etf@gmail.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "C= ommon Infrastructure"

 

Uma,

In your list below, DHT is something (that is flat name space) that LDAP do= es poorly.

[Uma]:= Thx for clarifying that. But flat space or not is completely a different d= iscussion.. (and has to be discussed too)

  But LDAP IS a = mapping system that has been around for lots of years.

And it has authentica= tion in terms of who can add/update and who can inquire on what.

And EAP is NOT minima= l RTT! 

[Uma]:=  You are right of course. We may not need minimal RTT in some cases a= nd mutual AUTH (can be debatable). I see,  40+ EAP methods give the spectrum of all choices.

It is often yet anoth= er wrapper to have some common wrapper.  In this case, it would be PAN= A delivering EAP. 

[Uma]:= Indeed, some lower layer is required to carry EAP. As PS talks about we ne= ed a private channel for AUTH and policy updates.

So we will discuss th= is all.

[Uma]:= Yes, we need to discuss a bit on this.



Bob

On 07/05/2017 06:58 PM, Uma Chunduri wrote:

Hi Bob,

 

> I said 'requirements' to = soften the blow, so to speak, about 'why NOT LDAP'.  Plus the data mod= el to see if it can fit into an LDAP schema.

> Of course we could always go with DAP instead f= or richer policy control and distributed data support! 

 

I am not sure if this would be LDAP o= r something else. I presume the context is entities authentication and subs= equent operations to indicate policy. Is this correct?

 

If Yes, I have couple of thoughts:

 

1.      We ought to focus on category of ent= ities (low power/regular nodes/routers) and see what suits best. Perhaps on= e of the EAP methods suitable to the environments (minimal RTTs, mutual authentication if needed in some cases)?=

2.      Regarding policy – I see your = point of “richer policy” but we may have to start with much mor= e simpler policy (say white list/black list on Identifiers) as some of it has to be distributed/shared across without any privacy concern= s

3.      Regarding distribution of public par= ts of policy and other information with Identifiers, we ought to see if we = have to use any existing mapping servers (DDT, DHT, Blockchain or some simplified/selective pull based “new” = protocol among each providers Identifiers).

 

May be we might have to discuss probl= ems and requirements bit deeper to hash out the above.

--

Uma C.

 

From: Ideas [mailto:ideas-bounces@i= etf.org] On Behalf Of Robert Moskowitz
Sent: Wednesday, July 05, 2017 7:16 AM
To: tjw ietf <tjw.ietf@gmai= l.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] draft-padma-ideas-problem-statement and "C= ommon Infrastructure"

 

Tim,

Well it seems I got an upgrade to contributing to the problem statement.&nb= sp; I missed that in the last go around hours before the draft cutoff. = ; Thanks Padma.

I said 'requirements' to soften the blow, so to speak, about 'why NOT LDAP'= .  Plus the data model to see if it can fit into an LDAP schema.

Of course we could always go with DAP instead for richer policy control and= distributed data support!  (was it actually 20 years ago that I worke= d on this stuff? yikes!)

Bob

On 07/05/2017 10:05 AM, tjw ietf wrote:


Bob!

 

Brian and I had chatted briefly about charter direct= ion and we wanted to hear some of the discussions during the session. And t= hat's what they pay us the big bucks for!

 

But I have to agree with your plan of attack.  = If we could give some guidance: 

 

- work on the problem statement and gap analysis but= don't invest larger cycles of time on them.  

 

- requirements are good to capture, but we will shy = away from turning them into published documents as they will change over ti= me

 

- some discussion on LDAP is very necessary as the c= ode base has gotten quite mature.

 

tim

 

On Wed, Jul 5, 2017 at 9:35 AM, Robert Moskowitz <= ;rgm-ietf@htt= -consult.com> wrote:

Disclaimer:  I had a hand in edits to this vers= ion, though I am not listed in the Ack section.  In particular I pushe= d for "Common Infrastructure", not "Common Control Plane&quo= t;.


We have been talking a lot about Identity and Identifier and metadata. = ; One of the tasks of this workgroup (and charter item) needs to be data mo= deling of what is intended to be stored/available.

Further there needs to be Yet Another Gap Analysis (YAGA?  :) ) on why= NOT LDAP or some other mature xyz data store access protocol.  I star= t with LDAP as there is actually a fit, and the various server implementati= ons are very mature with good, secure, backends and data replication tools.

It is time to start thinking charter.  The problem statement, gap anal= ysis, and use cases is barely a start.  What the group is going to DO = is focus now.

So I propose two work items:

Common Infrastructure data modeling (and someone other than me can do it in= YANG).
Common Infrastructure protocol requirements with a subsection on LDAP compa= rision.

Bob


_______________________________________________
Ideas mailing list
Ideas@ietf.org
h= ttps://www.ietf.org/mailman/listinfo/ideas

 





_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ie=
tf.org/mailman/listinfo/ideas

 




_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ie=
tf.org/mailman/listinfo/ideas

 

--_000_25B4902B1192E84696414485F5726854019E2956SJCEML702CHMchi_-- From nobody Sun Jul 16 06:34:54 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 048AF128DE5; Sun, 16 Jul 2017 06:34:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9EkHVha8RcTB; Sun, 16 Jul 2017 06:34:50 -0700 (PDT) Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F03A1200FC; Sun, 16 Jul 2017 06:34:50 -0700 (PDT) Received: by mail-wm0-x231.google.com with SMTP id 62so55325512wmw.1; Sun, 16 Jul 2017 06:34:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=ymgO2wRdm1P5qM9wIStW83Vpw5Vo9UeUtD1pD8o9Zec=; b=aqsLlQ2xOeoztxmc2kmRBpMNtztJkXBJTNv9n6ynSxG+5o+n26g6cia7qEgsGVrLn1 ziepFu7eTw/eFeVLhjTxCQFYZzH7Rt58j/4WJniW4Kd3TSI1LlgYfT4uYYalgC1Pjxp8 VnXocOxDyWOSa0P3KGy7+1Isx/mmHrDOWnvrCyQHDHm95QogJ6Zh5NDyI+rZ9NDjje5I sJrAsGTwc0NCEbWfGOWSgcWsc1ZHuvemkQXmSO+redvzeVEGXsLQC5wsJ5m46OXarv4S zPbZUXHaLPdDe+F34pTS4lMT/UkNlOYxLkzCGeTLR7jLyMpdW5Ggq3UynBHqAr4MdMO9 Ku4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=ymgO2wRdm1P5qM9wIStW83Vpw5Vo9UeUtD1pD8o9Zec=; b=j2+WKLrVr8Y/FUPzp9QvQ1Frv1ORLmedtTYps2BbrdHeHiY7ZWT6pbU0zyFEsETUPJ ZYj6z+Sj6rG8KsFitO0c0yf+9b/3twbVaYZAOEzFy/JzcGC0YOnnMk3Bdg4v/OlAyv+3 JjUJq0LRt3m8iOw1FIUVsklDTK5Gq5CowdTXy0I8hc8kC7kLoe9H/Buvi3ekt9gQvloy 2NNkNB5XQ2rcdGv2en0ZH2m+3lLBYZYFUYP8marrGAapzTxVZ55C92lLhDmKc9iPHjuO NJikYqoArvCFQg+u4JEwMlLu9u/NNy0Se1bvLPHrJiQCGM70WWrAVq+E0rzJcL0IvXHN szyw== X-Gm-Message-State: AIVw110pcuzeSuY1NSCMbcdjDuxMtGmmTF+Vy5qXZOl+akYylZoe1iN0 6h8NEx3+M+G2nYh6ExAJ5klxmbEagA== X-Received: by 10.28.153.81 with SMTP id b78mr1444830wme.85.1500212088695; Sun, 16 Jul 2017 06:34:48 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.152.139 with HTTP; Sun, 16 Jul 2017 06:34:48 -0700 (PDT) From: tjw ietf Date: Sun, 16 Jul 2017 09:34:48 -0400 Message-ID: To: ideas@ietf.org Cc: ideas-chairs@ietf.org Content-Type: multipart/alternative; boundary="001a114b2f38a2737105546f5814" Archived-At: Subject: [Ideas] Need Minute takes and jabber scribe X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Jul 2017 13:34:52 -0000 --001a114b2f38a2737105546f5814 Content-Type: text/plain; charset="UTF-8" Hi We will need minute takers and a jabber scribe for the BoF on Wednesday. Since there will be a free flowing conversation at the end, perhaps 2 minute takers would be great. Drop the chairs a note if you can help. thanks tim --001a114b2f38a2737105546f5814 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Hi

We will need minute t= akers and a jabber scribe for the BoF on Wednesday.=C2=A0 Since there will = be a free flowing conversation at the end, perhaps 2 minute takers would be= great.=C2=A0

Drop the chairs a note if you can he= lp.

thanks

tim
=
--001a114b2f38a2737105546f5814-- From nobody Sun Jul 16 07:42:01 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69DBE127342; Sun, 16 Jul 2017 07:41:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.714 X-Spam-Level: X-Spam-Status: No, score=-2.714 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FAKE_REPLY_C=1.486, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JkOYB8Kdg5Fs; Sun, 16 Jul 2017 07:41:57 -0700 (PDT) Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C8B61200C1; Sun, 16 Jul 2017 07:41:56 -0700 (PDT) Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 2F0BC58C4B6; Sun, 16 Jul 2017 16:41:52 +0200 (CEST) Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id F2642B0C5C1; Sun, 16 Jul 2017 16:41:51 +0200 (CEST) Date: Sun, 16 Jul 2017 16:41:51 +0200 From: Toerless Eckert To: ideas-chairs@ietf.org Cc: Padma Pillay-Esnault , Uma Chunduri , ideas@ietf.org Message-ID: <20170716144151.GE3889@faui40p.informatik.uni-erlangen.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Archived-At: Subject: Re: [Ideas] Need Minute takes and jabber scribe X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Jul 2017 14:41:59 -0000 I volunteer as minute taker. On Sun, Jul 16, 2017 at 03:57:46PM +0200, Padma Pillay-Esnault wrote: > FYI > > > ---------- Forwarded message ---------- > From: tjw ietf > Date: Sun, Jul 16, 2017 at 3:34 PM > Subject: [Ideas] Need Minute takes and jabber scribe > To: ideas@ietf.org > Cc: ideas-chairs@ietf.org > > > > Hi > > We will need minute takers and a jabber scribe for the BoF on Wednesday. > Since there will be a free flowing conversation at the end, perhaps 2 > minute takers would be great. > > Drop the chairs a note if you can help. > > thanks > > tim > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas From nobody Mon Jul 17 02:32:21 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFA21129468; Mon, 17 Jul 2017 02:32:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.698 X-Spam-Level: X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YmM5vjPIYDqC; Mon, 17 Jul 2017 02:32:17 -0700 (PDT) Received: from mail-oi0-x22f.google.com (mail-oi0-x22f.google.com [IPv6:2607:f8b0:4003:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40C30127337; Mon, 17 Jul 2017 02:32:17 -0700 (PDT) Received: by mail-oi0-x22f.google.com with SMTP id q4so28284004oif.1; Mon, 17 Jul 2017 02:32:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=i8myX8c0nHlblby/mN/lOV1f/OWRh3uqfIKo956bYOg=; b=P4HoDQ51pmXlDROUBv2kWl1C8gfH1E99/BoHQezfvThP/Q1QDA8hw4p6+DMxHP3cTB wc1XH5SK8nM9e4IlLZBPSj574df1dfXELwB3xEnEO9i9KjaLZDyiEzxZVOnIvDwQ3j0j u6LQphb47YANNSQvp+jUBv3qysGPGJf7AQZe5/UcHus+eeSNkQDo46V6UKMWiDwVrBZC S92kX+qUaxbP/xiJmatCkKAihztk+D6QtPZAocyxst9kNI6MAyFvAL6i6CL21+eWKc0X tg9ulNYpLPYrjoyIJmErinp4h1Qqwrh7FRln8Ab0xe/z6eZZ8IWI8Ll2TeSIhBu48mwX iBVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=i8myX8c0nHlblby/mN/lOV1f/OWRh3uqfIKo956bYOg=; b=jxLkSEhSzyfRFxtibdAGnVHPknYUu5zcIJxQ5rUPeNLakD9KPEvu4eFvZqaTfyMfNm dkrmRLzBMZW+oaVNeLeYWFDQCf3kqY6MuJuSuXw6EARR7Zbmms85pX6EmKqUItsycAsN lwTQ3xpSIZ033bDIE8RBjHZeQYaDjQoE7dTlWq3060WqEpd1J5gzB1tfyWPZmw3NMEj2 4dg7H9Efh+GO1S4U/8M4mfmOoR23E8nFENXHk25vKEMCt3kx3gwqWdEbE6yLooPGv/VB v3SumeACnCgYhVVERMyVsdIuNtulxr4ve8JtL04v62G7sMqz/89rSyYBO11lskfkc5ki gleQ== X-Gm-Message-State: AIVw111/6HbTFnJMOddaor5/mts9j1PMILzmn0fPQEedBmBqUuylEYf+ e8mVBfkdYXpEYyZh+AS103w1WF4l7A== X-Received: by 10.202.222.139 with SMTP id v133mr11886351oig.42.1500283936567; Mon, 17 Jul 2017 02:32:16 -0700 (PDT) MIME-Version: 1.0 Received: by 10.182.27.4 with HTTP; Mon, 17 Jul 2017 02:31:36 -0700 (PDT) In-Reply-To: <20170716144151.GE3889@faui40p.informatik.uni-erlangen.de> References: <20170716144151.GE3889@faui40p.informatik.uni-erlangen.de> From: Amreesh Phokeer Date: Mon, 17 Jul 2017 11:31:36 +0200 Message-ID: To: Toerless Eckert Cc: ideas-chairs@ietf.org, Padma Pillay-Esnault , ideas@ietf.org, Uma Chunduri Content-Type: multipart/alternative; boundary="001a113d625019f8bc05548013ae" Archived-At: Subject: Re: [Ideas] Need Minute takes and jabber scribe X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2017 09:32:19 -0000 --001a113d625019f8bc05548013ae Content-Type: text/plain; charset="UTF-8" Hi all, I also volunteer. Regards, Amreesh On Sun, Jul 16, 2017 at 4:41 PM, Toerless Eckert wrote: > I volunteer as minute taker. > > On Sun, Jul 16, 2017 at 03:57:46PM +0200, Padma Pillay-Esnault wrote: > > FYI > > > > > > ---------- Forwarded message ---------- > > From: tjw ietf > > Date: Sun, Jul 16, 2017 at 3:34 PM > > Subject: [Ideas] Need Minute takes and jabber scribe > > To: ideas@ietf.org > > Cc: ideas-chairs@ietf.org > > > > > > > > Hi > > > > We will need minute takers and a jabber scribe for the BoF on Wednesday. > > Since there will be a free flowing conversation at the end, perhaps 2 > > minute takers would be great. > > > > Drop the chairs a note if you can help. > > > > thanks > > > > tim > > > > > > _______________________________________________ > > Ideas mailing list > > Ideas@ietf.org > > https://www.ietf.org/mailman/listinfo/ideas > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > -- Amreesh Phokeer --001a113d625019f8bc05548013ae Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi all,

I also volunteer.
Regards,
Amreesh

On Sun, Jul 16, 2017 at 4:41 PM, Toerless = Eckert <tte@cs.fau.de> wrote:
= I volunteer as minute taker.

On Sun, Jul 16, 2017 at 03:57:46PM +0200, Padma Pillay-Esnault wrote:
> FYI
>
>
> ---------- Forwarded message ----------
> From: tjw ietf <tjw.ietf@gmai= l.com>
> Date: Sun, Jul 16, 2017 at 3:34 PM
> Subject: [Ideas] Need Minute takes and jabber scribe
> To: ideas@ietf.org
> Cc: ideas-chairs@ietf.org=
>
>
>
> Hi
>
> We will need minute takers and a jabber scribe for the BoF on Wednesda= y.
> Since there will be a free flowing conversation at the end, perhaps 2<= br> > minute takers would be great.
>
> Drop the chairs a note if you can help.
>
> thanks
>
> tim
>
>
> _______________________________________________
> Ideas mailing list
> Ideas@ietf.org
> https://www.ietf.org/mailman/listinfo/ideas=

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas



--
Amreesh Phokeer
=
--001a113d625019f8bc05548013ae-- From nobody Tue Jul 18 02:52:45 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F389D131DD1 for ; Tue, 18 Jul 2017 02:52:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tQtHzTo5XvA2 for ; Tue, 18 Jul 2017 02:52:42 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DBA9126E3A for ; Tue, 18 Jul 2017 02:52:41 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DKT60443; Tue, 18 Jul 2017 09:52:39 +0000 (GMT) Received: from DGGEMI406-HUB.china.huawei.com (10.3.17.144) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Tue, 18 Jul 2017 10:51:48 +0100 Received: from DGGEMI506-MBX.china.huawei.com ([169.254.4.184]) by dggemi406-hub.china.huawei.com ([10.3.17.144]) with mapi id 14.03.0301.000; Tue, 18 Jul 2017 17:51:39 +0800 From: "Liubingyang (Bryan)" To: "ideas@ietf.org" Thread-Topic: A BnB Demo on Generic Identity Service (Proof of Concept) Thread-Index: AdL/qw6XprWZla9tT1SwPOQGvoTEcQ== Date: Tue, 18 Jul 2017 09:51:39 +0000 Message-ID: Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.47.70.33] Content-Type: multipart/alternative; boundary="_000_C1CE72EE84AF224E94DA21AE134209EE01A16776DGGEMI506MBXchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.596DDA68.00A4, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.184, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: f412340250aa95fd689875c2eae3cd25 Archived-At: Subject: [Ideas] A BnB Demo on Generic Identity Service (Proof of Concept) X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Jul 2017 09:52:44 -0000 --_000_C1CE72EE84AF224E94DA21AE134209EE01A16776DGGEMI506MBXchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi all, We'd like to have your attention on the Bits-N-Bites, where we will showcas= e a preliminary proof-of-concept on Generic Identity Service (GRIDS). We wi= ll demo the following use cases: * Identity-based access control policies and metadata * Mobility * Interworking with ID/LOC protocols: LISP and HIP You can find the full description at http://ietf.org/meeting/99/bits-n-bite= s.html Be sure to check it out! Best, Bingyang Liu (for the team) --_000_C1CE72EE84AF224E94DA21AE134209EE01A16776DGGEMI506MBXchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi all,

 

We’d like to have your at= tention on the Bits-N-Bites, where we will showcase a preliminary proof-of-= concept on Generic Identity Service (GRIDS). We will demo the following use= cases:

Identity-based access control policies and metadata=

Mobility

Interworking with ID/LOC protocols: LISP and HIP

 

You can find the full descripti= on at http://ietf.org/meeting/99/bits-n-bites.html Be sure to check it out! <= o:p>

 

Best,

Bingyang Liu (for the team)

--_000_C1CE72EE84AF224E94DA21AE134209EE01A16776DGGEMI506MBXchi_-- From nobody Wed Jul 19 08:11:12 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C475F131D9F for ; Wed, 19 Jul 2017 08:11:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.688 X-Spam-Level: X-Spam-Status: No, score=-2.688 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_FREEMAIL_DOC_PDF=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fUUOprxWevZI for ; Wed, 19 Jul 2017 08:11:06 -0700 (PDT) Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73F2013192B for ; Wed, 19 Jul 2017 08:11:05 -0700 (PDT) Received: by mail-wm0-x22f.google.com with SMTP id w126so1794223wme.0 for ; Wed, 19 Jul 2017 08:11:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=f8JCmUwlfB+0CJ81lWOTKvrIsFLmCFqkzybztnMpbp0=; b=HqCDnDVwSVC9ZPI/UCYWLBb5iZJC2V3KwdjuaSkfA6p46dP3qXDCIik6rZhKylYGY3 1YorsI8lfgDj0IOdj1Jbj6pazKqff/l3HDHgaTLZ9VJJgRmSVv65/V8IjXHtBKH5ls4w GkuFQUrdMaZMLu8i36ARD9b7m1dPSTPhpKkRzcdzl0R6sjuR2f2A+C7q2PU7XuGAMACC 8aWI57UBLe7naxvDtA/+SVU38u3Myim9ofLyODMoRsattpMIHqJQ8+gRYnD/c5O7U4pq VIHqqQ1SASZy2xFaFAhmfuXUt9UDRgcMT0hIK/pQexAdIf0bmOWDyEnV6kzpAC7YbOka 1yzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=f8JCmUwlfB+0CJ81lWOTKvrIsFLmCFqkzybztnMpbp0=; b=OxiO7FdPmQqAXkGnqxGGGMZsYbFc76CshBECqApgbZghEt8/a/svA8dHZ8OBlYNVUJ jYi98e6evCtTjzW5qGh57TW6GNb8cpVfEDKr9xSdHAj1p9pmnQi0V+D/cRQoFvPRVxT8 7qC7Hmsz3F1Zp7Nlytdir0Dfprstap/SunIdxylIlC61zJpSLG/TsG4AqIiUcp6oMFpQ Ib4jyGRoby26ggtmHEAD0FZDfVxKnJcxhdBk0TJlWlrRDv7KQkCKiAHP4ptCrx5WOOvc ltGEGZsflMt7ijWLzGjHZiUil9F1hfC4KtpskPJCaKRWFjYUgFJ148UbJf7Vzo76tD6f VB/A== X-Gm-Message-State: AIVw1125LV3mrCwaQaycKmdabmsL0JuFtU3WO6/jjliLAquXrEcQB9xG 6b8D0Qr+U2JDLjLcQrCa4e7nCpgo8A== X-Received: by 10.28.147.200 with SMTP id v191mr213422wmd.95.1500477063801; Wed, 19 Jul 2017 08:11:03 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.167.8 with HTTP; Wed, 19 Jul 2017 08:11:03 -0700 (PDT) In-Reply-To: References: From: Padma Pillay-Esnault Date: Wed, 19 Jul 2017 17:11:03 +0200 Message-ID: To: ideas@ietf.org Cc: Padma Pillay-Esnault Content-Type: multipart/mixed; boundary="001a114714b06349d60554ad0afa" Archived-At: Subject: [Ideas] Fwd: Slides and Charter X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jul 2017 15:11:08 -0000 --001a114714b06349d60554ad0afa Content-Type: multipart/alternative; boundary="001a114714b06349d20554ad0af8" --001a114714b06349d20554ad0af8 Content-Type: text/plain; charset="UTF-8" Hello Everyone Here is the charter version that was finalized before the BOF. We would like to have your feedback on it. Thanks Padma and IDEAS Design team ---------- Forwarded message ---------- From: Padma Pillay-Esnault Date: Wed, Jul 19, 2017 at 12:08 PM Subject: Re: Slides and Charter To: tjw ietf , Brian Haberman Cc: Padma Pillay-Esnault Hello Here is the updated slide deck and charter. Your comments welcome! Thanks Padma --001a114714b06349d20554ad0af8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello Everyone=C2=A0

Here is the charte= r version that was finalized before the BOF.=C2=A0

We would like to have your feedback on it.=C2=A0

= Thanks
Padma and IDEAS Design team=C2=A0

<= br>
---------- Forwarded message ----------
Fr= om: Padma Pillay-Esnault <padma.ietf@gmail.com><= /span>
Date: Wed, Jul 19, 2017 at 12:08 PM
Subject: Re: Slides and Ch= arter
To: tjw ietf <tjw.ietf@gm= ail.com>, Brian Haberman <brian@innovationslab.net>
Cc: Padma Pillay-Esnault <padma.ietf@gmail.com>


=
Hello

Here is the updated slide deck an= d charter.
Your comments welcome!

Thanks=
Padma

<= /div>
--001a114714b06349d20554ad0af8-- --001a114714b06349d60554ad0afa Content-Type: application/msword; name="IDEAS-Charter-v17 - final.doc" Content-Disposition: attachment; filename="IDEAS-Charter-v17 - final.doc" Content-Transfer-Encoding: base64 X-Attachment-Id: f_j5aug1v91 0M8R4KGxGuEAAAAAAAAAAAAAAAAAAAAAPgADAP7/CQAGAAAAAAAAAAAAAAABAAAAPgAAAAAAAAAA EAAAQAAAAAEAAAD+////AAAAAD0AAAD///////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////s pcEAJQAJBAAA8BK/AAAAAAAAEAAAAAAACAAA4BoAAA4AYmpiagvXC9cAAAAAAAAAAAAAAAAAAAAA AAAJBBYAKigAAGm9RWRpvUVk1hIAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//w8AAAAA AAAAAAD//w8AAAAAAAAAAAD//w8AAAAAAAAAAAAAAAAAAAAAALcAAAAAALAKAAAAAAAAsAoAAPUY AAAAAAAA9RgAAAAAAAD1GAAAAAAAAPUYAAAAAAAA9RgAABQAAAAAAAAAAAAAAP////8AAAAACRkA AAAAAAAJGQAAAAAAAAkZAAA4AAAAQRkAABwAAABdGQAAHAAAAAkZAAAAAAAANykAAMwCAAB5GQAA AAAAAHkZAAAAAAAAeRkAAAAAAAB5GQAAAAAAAHkZAAAAAAAArRoAAAAAAACtGgAAAAAAAK0aAAAA AAAAtigAAAIAAAC4KAAAAAAAALgoAAAAAAAAuCgAAAAAAAC4KAAAAAAAALgoAAAAAAAAuCgAACQA AAADLAAAtgIAALkuAABSAAAA3CgAABUAAAAAAAAAAAAAAAAAAAAAAAAA9RgAAAAAAACtGgAAAAAA AAAAAAAAAAAAAAAAAAAAAACtGgAAAAAAAK0aAAAAAAAArRoAAAAAAACtGgAAAAAAANwoAAAAAAAA AAAAAAAAAAD1GAAAAAAAAPUYAAAAAAAAeRkAAAAAAAAAAAAAAAAAAHkZAAA0AQAA8SgAABYAAAAz HwAAAAAAADMfAAAAAAAAMx8AAAAAAACtGgAAQAAAAPUYAAAAAAAAeRkAAAAAAAD1GAAAAAAAAHkZ AAAAAAAAtigAAAAAAAAAAAAAAAAAADMfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAArRoAAAAAAAC2KAAAAAAAAAAAAAAAAAAAMx8AAAAAAAAzHwAA VgAAAOYmAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqicAAAAAAAB5GQAAAAAAAP////8AAAAAYCuifHYA 0wEAAAAAAAAAAP////8AAAAA7RoAAAgCAAAmJwAADAAAAAAAAAAAAAAAoigAABQAAAAHKQAAMAAA ADcpAAAAAAAAMicAAHgAAAALLwAAAAAAAPUcAAA+AgAACy8AABgAAACqJwAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAsvAAAAAAAAAAAAAAAAAAD1GAAAAAAAAKonAAD4AAAAAAAAAAAAAAAAAAAAAAAAADMf AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArRoA AAAAAACtGgAAAAAAAK0aAAAAAAAA3CgAAAAAAADcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAMx8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK0aAAAA AAAArRoAAAAAAACtGgAAAAAAADcpAAAAAAAArRoAAAAAAACtGgAAAAAAAK0aAAAAAAAArRoAAAAA AAAAAAAAAAAAAP////8AAAAA/////wAAAAD/////AAAAAAAAAAAAAAAA/////wAAAAD/////AAAA AP////8AAAAA/////wAAAAD/////AAAAAP////8AAAAA/////wAAAAD/////AAAAAP////8AAAAA /////wAAAAD/////AAAAAP////8AAAAA/////wAAAAD/////AAAAAAsvAAAAAAAArRoAAAAAAACt GgAAAAAAAK0aAAAAAAAArRoAAAAAAACtGgAAAAAAAK0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACtGgAAAAAAAK0aAAAAAAAArRoA AAAAAACwCgAACw0AALsXAAA6AQAABQASAQAACQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAElERUFT DQlBY3JvbnltIGZvcjogk0lEZW50aXR5IEVuQWJsZWQgbmV0d29ya1OUIA0JDQlQcm9wb3NlZCBD aGFydGVyDQkNTmV0d29yayBzb2x1dGlvbnMgYmFzZWQgb24gdGhlIGNvbmNlcHQgb2YgSWRlbnRp Zmllci9Mb2NhdG9yIHNlcGFyYXRpb24gYXJlIGluY3JlYXNpbmdseSBjb25zaWRlcmVkIHRvIHN1 cHBvcnQgbW9iaWxpdHkgYW5kIG11bHRpLWhvbWluZyBhY3Jvc3MgaGV0ZXJvZ2VuZW91cyBhY2Nl c3MgbmV0d29ya3MuIEF0IHRoZSBzYW1lIHRpbWUsIGVuZCB1c2VycyByZXF1aXJlIGdyZWF0ZXIg cHJpdmFjeSBmb3IgdGhlaXIgbmV0d29ya2luZyBpbmZvcm1hdGlvbiBhbmQgcHJvdGVjdGlvbiBm cm9tIG91dHNpZGUgdGhyZWF0cywgd2hpbGUgb3BlcmF0b3JzIGRlbWFuZCBncmVhdGVyIG9wZXJh dGlvbmFsIGVmZmljaWVuY3kuIElkZW50aXR5LWVuYWJsZWQgbmV0d29ya3MgYWltIHRvIGVuYWJs ZSBuZXR3b3JraW5nIGFwcGxpY2F0aW9ucyBhbmQgc2VydmljZXMgdGhhdCBwcm92aWRlIGEgaGln aCBkZWdyZWUgb2YgcHJpdmFjeSBhbmQgY29udHJvbCBvZiBlbmQgcG9pbnRzIG92ZXIgdGhlaXIg bmV0d29ya2luZyBkYXRhLCBjb3VwbGVkIHdpdGggZ3JlYXRlciBpbmhlcmVudCBzZWN1cml0eSB0 aGFuIHByb3ZpZGVkIGJ5IHRvZGF5knMgbmV0d29ya3MuIA0NSW4gb3JkZXIgdG8gYWRkcmVzcyB0 aG9zZSBjaGFsbGVuZ2VzLCBpZGVudGl0eS1lbmFibGVkIG5ldHdvcmtzIGludHJvZHVjZSB0aGUg Y29uY2VwdCBvZiBpZGVudGl0eS1pZGVudGlmaWVyIHNwbGl0LiBUaGlzIHNwbGl0IGxldHMgbmV0 d29ya3MgcHJvdmlkZSBjb21tdW5pY2F0aW9uIHNlcnZpY2VzIGZvciBlbmRwb2ludHMgcmVnYXJk bGVzcyBvZiB0aGUgcGFydGljdWxhciBpZGVudGlmaWVyIHVzZWQgYXQgYW55IHBhcnRpY3VsYXIg cG9pbnQgaW4gdGltZS4gVGhpcyByZXF1aXJlcyBhIHNldCBvZiBzZXJ2aWNlcywgcmVmZXJyZWQg dG8gYXMgR2VuZXJpYyBJZGVudGl0eSBTZXJ2aWNlcy4gVGhvc2Ugc2VydmljZXMgYWxsb3cgdG86 ICgxKSBtYW5hZ2UgdGhlIGxpZmVjeWNsZSBvZiBpZGVudGl0aWVzIGFuZCBpZGVudGlmaWVycywg KDIpIG1hbmFnZSBtYXBwaW5ncyBiZXR3ZWVuIGlkZW50aXRpZXMgYW5kIGlkZW50aWZpZXJzIGlu IGFkZGl0aW9uIHRvIG1hcHBpbmdzIGJldHdlZW4gaWRlbnRpZmllcnMgYW5kIGxvY2F0b3JzLCBh bmQgKDMpIGFjY2VzcyB0byBhIHJhbmdlIG9mIHZhbHVlLWFkZGVkIHNlcnZpY2VzIHN1Y2ggYXMg dGhlIGFydGljdWxhdGlvbiBvZiBiYXNpYyBjb21tdW5pY2F0aW9uIHBvbGljaWVzIHRoYXQgYXJl IGJhc2VkIG9uIHRoZSBjb25jZXB0IG9mIGlkZW50aXR5LiANCQ1UaGUgcHJvdmlkZWQgaWRlbnRp dHkgc2VydmljZXMgbmVlZCB0byBlbmFibGUgbmV0d29yayBzb2x1dGlvbnMgdGhhdCBhZGRyZXNz IGEgcmFuZ2Ugb2YgcmVxdWlyZW1lbnRzLCBzdWNoIGFzOg1Qcml2YWN5OiBUaGUgdXNlIG9mIGxv bmctbGl2ZWQgYW5kIHB1YmxpYyBpZGVudGlmaWVycyBtYXkgYmUgZGVzaXJhYmxlIGZvciBmaW5k aW5nIGEgcGVlciwgaG93ZXZlciB0aGV5IGNhdXNlIHByaXZhY3kgaXNzdWVzLiBJbmRlZWQsIHdo ZW4gaWRlbnRpZmllci1sb2NhdGlvbiBwYWlycyBjYW4gYmUgbG9va2VkIHVwIHdpdGhvdXQgcmVz dHJpY3Rpb24sIGZsb3dzIGNhbiBiZSBwaW5uZWQgYnkgYW55Ym9keSB0byBzcGVjaWZpYyBlbmQg c3lzdGVtcy4gVGhlIGVuZHBvaW50IGNvbW11bmljYXRpb25zIHNob3VsZCBiZSBhYmxlIHRvIGNo YW5nZSB0aGVpciBpZGVudGlmaWVyIHdoaWxlIHJldGFpbmluZyB0aGVpciBpZGVudGl0eSBhbmQg YXNzb2NpYXRlZCBwb2xpY2llcy4gVGhpcyBpbmRpcmVjdGlvbiBzaG91bGQgaGVscCBkaXNjb3Vy YWdlIHVuZGVzaXJlZCB0cmFmZmljIGFuZCBjb25jZWFsIHNlbnNpdGl2ZSBuZXR3b3JrIGluZm9y bWF0aW9uIG9mIGVuZCBkZXZpY2VzIHRvIGVhdmVzZHJvcHBlcnMuIA1Db21tb24gaW5mcmFzdHJ1 Y3R1cmUgYW5kIFByaW1pdGl2ZXM6IFRoZSBhcHBsaWNhdGlvbiBvZiBjb21tb24gYW5kIGNvbnNp c3RlbnQgYmFzaWMgbmV0d29ya2luZyBwb2xpY2llcyB0aGF0IGNhbiBhcHBseSBhdCB0aGUgbGV2 ZWwgb2YgaWRlbnRpdHkgcmVkdWNlcyBvcGVyYXRpb25hbCBjb21wbGV4aXR5IGFzc29jaWF0ZSB3 aXRoIG1hbmFnaW5nIHNlcnZpY2VzIGZvciBpbmRpdmlkdWFsIGVuZHBvaW50LiBMaWtld2lzZSwg bWFwcGluZyBzZXJ2aWNlcyBhbmQgaW5mcmFzdHJ1Y3R1cmUgdGhhdCBhcHBseSB0byBpZGVudGl0 eS1pZGVudGlmaWVyIGFzIHdlbGwgYXMgaWRlbnRpZmllci1sb2NhdG9yIG1hcHBpbmdzIHJlZHVj ZXMgb3BlcmF0aW9uYWwgYW5kIGRlcGxveW1lbnQgY29tcGxleGl0eS4NCQ1UaGUgSWRlbnRpdHkg RW5hYmxlZCBOZXR3b3JrcyAoSURFQVMpIHdvcmtpbmcgZ3JvdXAgaXMgY2hhcnRlcmVkIHRvIGRl dmVsb3AgYSBzZXQgb2YgZGVmaW5pdGlvbnMsIGludGVyZmFjZXMsIGFuZCBkYXRhIG1vZGVscyB0 aGF0IGNhbiBiZSB1c2VkIHRvIGFkZHJlc3MgdGhvc2UgcmVxdWlyZW1lbnRzIGFuZCB0aGF0IGNh biBiZSB1c2VkIHdpdGggaWRlbnRpZmllci1iYXNlZCBwcm90b2NvbHMuIFdlIHJlZmVyIHRvIHRo ZSBzZXQgb2Ygc2VydmljZXMgYXMgR2VuZXJpYyBJZGVudGl0eSBTZXJ2aWNlcyAoR1JJRFMpLiBH UklEUyBwcm92aWRlcyBjb21tb24gc2VydmljZXMgdG8gZW5hYmxlIGlkZW50aXR5LWVuYWJsZWQg bmV0d29ya3MsIHN1Y2ggYXMgc2VydmljZXMgZm9yIGlkZW50aXR5IGFuZCBpZGVudGlmaWVyIGxp ZmVjeWNsZSBtYW5hZ2VtZW50LCBtYXBwaW5nIHNlcnZpY2VzLCBhbmQgdGllLWluIHdpdGggaWRl bnRpdHktYmFzZWQgcG9saWN5IG1hbmFnZW1lbnQgYW5kIGVuZm9yY2VtZW50LiANDVRoZSB3b3Jr aW5nIGdyb3VwIHdpbGwgaWRlbnRpZnkgZ2FwcyBhbmQgbWFrZSByZWNvbW1lbmRhdGlvbnMgb24g Y2hhbmdlcyBuZWVkZWQgZm9yIGludGVyZmFjZSBpbnRlcmFjdGlvbnMgYmV0d2VlbiB0aGUgZnJh bWV3b3JrIGFuZCBpZGVudGlmaWVyLWVuYWJsZWQgcHJvdG9jb2xzLiBBcyBmYXIgYXMgcG9zc2li bGUsIGV4aXN0aW5nIHRlY2hub2xvZ2llcyBhcmUgbGV2ZXJhZ2VkIHRvIHByb3ZpZGUgYW5kIHRv IGFjY2VzcyB0aG9zZSBzZXJ2aWNlcy4gCQ0NVGhlIElERUFTIFdHIGlzIGNoYXJ0ZXJlZCB0byB3 b3JrIG9uIHRoZSBmb2xsb3dpbmcgaXRlbXMgZm9yIElkZW50aXR5LUVuYWJsZWQgTmV0d29ya3M6 DQkNUmVnaXN0cmF0aW9uIGFuZCBsaWZlY3ljbGUgbWFuYWdlbWVudCBvZiBpZGVudGl0aWVzIGFu ZCB0aGVpciBhc3NvY2lhdGVkIGlkZW50aWZpZXJzLg1JZGVudGl0eSBhdXRoZW50aWNhdGlvbiBh bmQgYXV0aG9yaXphdGlvbiAoYWNjZXNzIHRvIGZyYW1ld29yaywgdXBkYXRlIG9mIGluZm9ybWF0 aW9uIGZvciBpZGVudGlmaWVycywgdXNpbmcgZXhpc3RpbmcgSUVURi1kZWZpbmVkIGF1dGhlbnRp Y2F0aW9uIG1ldGhvZHMgYW5kIHByb3RvY29scykgDUlkZW50aWZpZXIvbG9jYXRvciBtYXBwaW5n IGFuZCByZXNvbHV0aW9uIChlLmcuIGRpc2NvdmVyeSwgcHViL3N1YiwgbXVsdGlob21pbmcuLikN RGVmaW5pdGlvbiBhbmQgZW5mb3JjZW1lbnQgb2YgYmFzaWMgbmV0d29ya2luZyBwb2xpY2llcyAo ZS5nLiBhYmlsaXR5IHRvIGxvb2sgdXAgYW4gaWRlbnRpZmllci1sb2NhdG9yIHBhaXIsIHBlcm1p dCBmb3J3YXJkaW5nIHRyYWZmaWMgZm9yIHBhcnRpY3VsYXIgZW5kcG9pbnRzIG9uIGEgcGVyLWlk ZW50aXR5IGJhc2lzhSkNDVRoZSBJREVBUyBXRyB3aWxsIGNvbGxhYm9yYXRlIHdpdGggb3RoZXIg V29ya2luZyBHcm91cHMgdG8gZW5zdXJlIGludGVyb3BlcmFiaWxpdHkgd2l0aCBMSVNQLCBISVAs IElMQSBhbmQgb3RoZXIgcmVsZXZhbnQgd29yay4gRnVydGhlcm1vcmUsIGl0IHdpbGwgdHJ5IHRv IHJldXNlIHRlY2hub2xvZ2llcyBhbHJlYWR5IGRldmVsb3BlZCB3aGVuIGFwcHJvcHJpYXRlLg0J DVdHIGRlbGl2ZXJhYmxlcyBpbmNsdWRlOg1Qcm90b2NvbCwgRGF0YSBNb2RlbCBmb3IgR2VuZXJp YyBJZGVudGl0eSBTZXJ2aWNlcywgcHJvdmlkaW5nIHRoZSBmb2xsb3dpbmcgZnVuY3Rpb25zIA1J ZGVudGl0eSBhbmQgSWRlbnRpZmllciBMaWZlY3ljbGUgTWFuYWdlbWVudCAoaW5jbHVkaW5nIGF1 dGhlbnRpY2F0aW9uLCByZWdpc3RyYXRpb24sIGFsbG9jYXRpb24sIGV0Yy47IGV4aXN0aW5nIElF VEYgYXV0aGVudGljYXRpb24gbWV0aG9kcyB3aWxsIGJlIGxldmVyYWdlZCkNSWRlbnRpdHktSWRl bnRpZmllciBNYXBwaW5nIGFuZCBBc3NvY2lhdGlvbiANTmV0d29yayBpZGVudGl0eSBwb2xpY3kg YW5kIG1ldGFkYXRhIChsZXZlcmFnaW5nIG90aGVyIGZyYW1ld29ya3MgYXMgYXBwcm9wcmlhdGUp DURlZmluaXRpb24gb2YgcHJpbWl0aXZlcyBmb3IgaW50ZXJ3b3JraW5nIHdpdGggaWRlbnRpZmll ci1sb2NhdGlvbiBzcGxpdCBwcm90b2NvbHMNUHJvdG9jb2wgZm9yIGludGVyLUdSSURTIGNvbW11 bmljYXRpb24NCQ1NaWxlc3RvbmVzIA0JTWlsZXN0b25lIDEgKGluaXRpYWwpOg0JCVByb3RvY29s LCBEYXRhIE1vZGVsLCBJbnRlcmZhY2UgZm9yIEdlbmVyaWMgSWRlbnRpdHkgU2VydmljZXMNDQlU YXJnZXQgRGF0ZXM6DQkJV0cgRHJhZnQgQWRvcHRpb24gliBEZWNlbWJlciAyMDE3DQkJU3VibWl0 IHRvIElFU0cgZm9yIGNvbnNpZGVyYXRpb24gYXMgcHJvcG9zZWQgc3RhbmRhcmSWIERlY2VtYmVy IDIwMTgNIA0JTWlsZXN0b25lIDIgKGZ1dHVyZSCWIGFmdGVyIHJlY2hhcnRlcmluZyk6DQkJSW50 ZXItR3JpZHMgQ29tbXVuaWNhdGlvbnMgDQkNDQ0NDQ0NDQ0NDQ0NAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAEcIAACPCAAA1ggA APQIAAD2CAAAEgkAABoJAAA/CQAASwkAAKUJAACnCQAA9AkAAAAKAABdCgAAZQoAAG8KAAB8CgAA iAoAAJgKAACaCgAA3AoAAOYKAAD1CgAADgsAABoLAADtCwAA7wsAAP4LAAAMDAAARQ0AAEcNAABI DQAASg0AAE4NAABXDQAAjg0AAKINAACuDQAAtw0AAGQPAABrDwAAdA8AAHcPAACKDwAAkg8AAJ4P AACtDwAA1Q8AAA8QAAAgEAAAKBAAAFkQAABkEAAANBEAAE8RAABQEQAAfhEAAKYRAACnEQAA0BEA AP4RAAD/EQAAHxIAACMSAAAyEgAAMxIAADUSAABYEgAAZBIAAGUSAAD8+Pz08Pjs+Oz48Pjo+Oz4 5Ozk8OTo5PTg5PDc8NXw3PzR3NHk/OT87Pzs/Oz87PzNyc3FzcXNwfy9ub388Py1/PD8vbG5BhZo m1fNAAAGFmjNfNYAAAYWaGtsMQAABhZo7QNEAAAGFmhhb6YAAAYWaCgx3QAABhZoyBy1AAAGFmht EFkAAAYWaHVhWAAADBVoPDgDABZoPDgDAAAGFmg8OAMAAAYWaAQUdgAABhZoDyGZAAAGFmiRPW4A AAYWaNYPZAAABhZoXhk5AAAGFmjfW/gAAAYWaP10IQAABhZoQWkbAEYACAAABggAADEIAAAzCAAA RQgAAEcIAACbCgAAnAoAAEgNAABKDQAAuQ0AAMAPAABQEQAAUhEAAFcTAABYEwAAXhQAAF8UAAC3 FAAAuRQAAA8VAAC5FQAADBYAAMYWAADHFgAAmhcAAP0AAAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAA /QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAA+AAAAAAAAAAAAAAAAPgAAAAA AAAAAAAAAADzAAAAAAAAAAAAAAAA/QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAADrAAAAAAAAAAAA AAAA6wAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAADmAAAAAAAAAAAAAAAA5gAAAAAAAAAAAAAAAP0A AAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAA/QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAADrAAAAAAAA AAAAAAAA6wAAAAAAAAAAAAAAAN4AAAAAAAAAAAAAAADrAAAAAAAAAAAAAAAA/QAAAAAAAAAAAAAA AP0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAKJgALRgEAZ2S4OGUAAAQAAGdkKDHdAAgA AAomAAtGAQBnZFgL0gAABAAAZ2RrE5wAAAQAAGdkDyGZAAABAAAAGWUSAAB5EgAAexIAAIESAACJ EgAAkBIAAJESAACoEgAAVBMAAFYTAAD5EwAA+xMAAD4UAABMFAAAWhQAAFwUAABeFAAAXxQAAGAU AACHFAAAkRQAAJIUAACYFAAAnBQAALYUAADtFAAA9xQAAA8VAAAQFQAAGBUAADkVAAB0FQAAthUA ALkVAAAMFgAAKhYAADsWAAB0FgAAlxYAAKEWAADDFgAAtRcAAM4XAADWFwAA5xcAAAoYAAALGAAA LhgAADkYAABEGAAAVBgAAHEYAAByGAAAqhgAANcYAADYGAAA2RgAANoYAADqGAAA/RgAACoZAAAr GQAAORkAADoZAAB+GQAAhxkAAJAZAACXGQAApRkAALMZAADSGgAA1hoAAN8aAAD8+PTw/Oz08Pjo +PD08Pjs5PDs6Ozk7Ojs4Ozc7Nzs2Ozc7Nzs4NTg7NDg7NDs4NDg2ODM0ODQ4NDo4NDgyMTA0MD0 wOy87LgAAAAABhZocwKvAAAGFmh+MNkAAAYWaMdrwQAABhZo4nXbAAAGFmjmDZ0AAAYWaJEhZgAA BhZomkNqAAAGFmjwZCgAAAYWaHFcsAAABhZouDhlAAAGFmhbGPYAAAYWaMgctQAABhZoIkgcAAAG FmhBaRsAAAYWaCgx3QAABhZo7QNEAAAGFmheGTkAAAYWaJtXzQBImhcAAJwXAAC1FwAADBgAAKwY AADZGAAAKxkAAH4ZAAClGQAApxkAALMZAADLGQAACxoAAAwaAAAbGgAAPxoAAIYaAACIGgAAtBoA ANIaAADUGgAA1RoAANYaAADXGgAA2BoAANkaAADaGgAA/QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAA AAD1AAAAAAAAAAAAAAAA7QAAAAAAAAAAAAAAAO0AAAAAAAAAAAAAAADtAAAAAAAAAAAAAAAA5QAA AAAAAAAAAAAAAPUAAAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAA/QAAAAAAAAAAAAAAAP0AAAAAAAAA AAAAAAD9AAAAAAAAAAAAAAAA/QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAA /QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAA/QAAAAAAAAAAAAAAAOAAAAAA AAAAAAAAAAD9AAAAAAAAAAAAAAAA/QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAAD9AAAAAAAAAAAA AAAA/QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAAAAAAAEAABnZFgL0gAIAAAKJgELRgIAZ2RYC9IA CAAACiYBC0YCAGdkWxj2AAgAAAomAAtGAgBnZFsY9gAAAQAAABraGgAA2xoAANwaAADdGgAA3hoA AN8aAADgGgAA/QAAAAAAAAAAAAAAAP0AAAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAA/QAAAAAAAAAA AAAAAP0AAAAAAAAAAAAAAAD9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAABt8aAADgGgAA/AAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYWaEFpGwABKAAfsNAvILDgPSGwbgQisG4EI5Bu BCSQbgQlsAAAF7DQAhiw0AIMkNACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASBh0AEgABAHcBDwAHAAAAAwAAAAAA BAAIAAAAmAAAAJ4AAACeAAAAngAAAJ4AAACeAAAAngAAAJ4AAACeAAAANgYAADYGAAA2BgAANgYA ADYGAAA2BgAANgYAADYGAAA2BgAAdgIAAHYCAAB2AgAAdgIAAHYCAAB2AgAAdgIAAHYCAAB2AgAA NgYAADYGAAA2BgAANgYAADYGAAA2BgAAOAIAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2 BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYG AAA2BgAANgYAADYGAAA2BgAANgYAAKgAAAA2BgAANgYAABYAAAA2BgAANgYAADYGAAA2BgAANgYA ADYGAAA2BgAANgYAALgAAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAA NgYAADYGAABoAQAASAEAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2 BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYG AAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYA ADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAA NgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAA2BgAAsAMAADYGAAA2 BgAAOAYAADYGAAA2BgAANgYAADYGAAA2BgAANgYAADYGAAAyBgAAGAAAAMADAADQAwAA4AMAAPAD AAAABAAAEAQAACAEAAAwBAAAQAQAAFAEAABgBAAAcAQAAIgEAACYBAAAyAMAANADAADgAwAA8AMA AAAEAAAQBAAAMgYAACgCAADYAQAA6AEAACAEAAAwBAAAQAQAAFAEAABgBAAAcAQAAIAEAACQBAAA wAMAANADAADgAwAA8AMAAAAEAAAQBAAAIAQAADAEAABABAAAUAQAAGAEAABwBAAAgAQAAJAEAADA AwAA0AMAAOADAADwAwAAAAQAABAEAAAgBAAAMAQAAEAEAABQBAAAYAQAAHAEAACABAAAkAQAAMAD AADQAwAA4AMAAPADAAAABAAAEAQAACAEAAAwBAAAQAQAAFAEAABgBAAAcAQAAIAEAACQBAAAwAMA ANADAADgAwAA8AMAAAAEAAAQBAAAIAQAADAEAABABAAAUAQAAGAEAABwBAAAgAQAAJAEAADAAwAA 0AMAAOADAADwAwAAAAQAABgEAAAoBAAAOAQAAEgEAABYBAAAYAQAAH4EAACABAAAkAQAADgBAABY AQAA+AEAAAgCAAAYAgAAVgIAAH4CAAAQAwAAIAMAADADAABAAwAA4AIAAPACAAAAAwAAEAMAACAD AAAwAwAAQAMAAOACAADwAgAAAAMAABADAAAgAwAAMAMAAEADAADgAgAA8AIAAAADAAAQAwAAIAMA ADADAABAAwAA4AIAAPACAAAAAwAAEAMAACADAAAwAwAAQAMAAOACAADwAgAAAAMAABADAAAgAwAA MAMAAEADAADgAgAA8AIAAAADAAAQAwAAIAMAADADAABAAwAA4AIAAPACAAAAAwAAEAMAACADAAAw AwAAQAMAAOACAADwAgAAAAMAABADAAAgAwAAMAMAAEADAADgAgAA8AIAAAADAAAQAwAAIAMAADAD AABAAwAA4AIAAPACAAAAAwAAEAMAACADAAAwAwAAQAMAAOACAADwAgAAAAMAABADAAAgAwAAMAMA AEADAADgAgAA8AIAAAADAAAQAwAAIAMAADADAABAAwAA4AIAAPACAAAAAwAAEAMAACADAAAwAwAA QAMAADYGAAA2BgAANgYAADYGAAAYAAAAUEoDAF9IAQRtSAkEbkgJBHNICQR0SAkEAAAAADwAAGDx /wIAPAAMEAAAAAAAAAAABgBOAG8AcgBtAGEAbAAAAAUAAAAqJAEAEABfSAEEbUgJBHNICQR0SAkE AAAAAAAAAAAAAAAAAAAAAAAARABBIPL/oQBEAAwNAAAAAAAAEAAWAEQAZQBmAGEAdQBsAHQAIABQ AGEAcgBhAGcAcgBhAHAAaAAgAEYAbwBuAHQAAAAAAFYAaQDz/7MAVgAMDQAAAAAAADAGDABUAGEA YgBsAGUAIABOAG8AcgBtAGEAbAAAACAAOlYLABf2AwAANNYGAAEFAwAANNYGAAEKA2wAYfYDAAAC AAsAAAAoAGsg9P/BACgAAA0AAAAAAAAwBgcATgBvACAATABpAHMAdAAAAAIADAAAAAAANgD+DwEA AgE2AAwAAAAAAAAAAAAHAEgAZQBhAGQAaQBuAGcAAAANAA8AE6TwABSkeAAGJAEAAAA8AEIAAQAC ATwADAAAAAAAAAAAAAkAQgBvAGQAeQAgAFQAZQB4AHQAAAAQABAAEmQgAQEAE6QAABSkjAAAACgA LwABARIBKAAMAAAAAAAAAAAABABMAGkAcwB0AAAAAgARAAQAXkoEADYAIgABACIBNgAMEAAAAAAA AAAABwBDAGEAcAB0AGkAbwBuAAAADQASABOkeAAUpHgADCQBAAAALgD+DwEAMgEuAAwAAAAAAAAA AAAFAEkAbgBkAGUAeAAAAAUAEwAMJAEABABeSgQAPAD+DwEAQgE8AAwAAAAAAAAAAAAOAFQAYQBi AGwAZQAgAEMAbwBuAHQAZQBuAHQAcwAAAAUAFAAMJAEAAABGAP4PQQFSAUYADAAAAAAAAAAAAA0A VABhAGIAbABlACAASABlAGEAZABpAG4AZwAAAAsAFQADJAEMJAFhJAEABgA1CAFcCAFEAJkAAQBi AUQADA0XABxxOgAwBgwAQgBhAGwAbABvAG8AbgAgAFQAZQB4AHQAAAACABYAEABDShIAT0oFAFFK BQBhShIASgD+L/L/cQFKAAwBFgAccToAMAYRAEIAYQBsAGwAbwBvAG4AIABUAGUAeAB0ACAAQwBo AGEAcgAAABAAQ0oSAE9KBQBRSgUAYUoSAEIAJyDy/4EBQgAMDQAAbRBZADAGEQBDAG8AbQBtAGUA bgB0ACAAUgBlAGYAZQByAGUAbgBjAGUAAAAIAENKEgBhShIAPAAeAAEAkgE8AAwNGgBtEFkAMAYM AEMAbwBtAG0AZQBuAHQAIABUAGUAeAB0AAAAAgAZAAgAQ0oYAGFKGABCAP4v8v+hAUIADAEZAG0Q WQAwBhEAQwBvAG0AbQBlAG4AdAAgAFQAZQB4AHQAIABDAGgAYQByAAAACABDShgAYUoYAEgAagCR AZIBSAAMDRwAbRBZADAGDwBDAG8AbQBtAGUAbgB0ACAAUwB1AGIAagBlAGMAdAAAAAIAGwAOADUI gUNKFABcCIFhShQATgD+L/L/wQFOAAwBGwBtEFkAMAYUAEMAbwBtAG0AZQBuAHQAIABTAHUAYgBq AGUAYwB0ACAAQwBoAGEAcgAAAA4ANQiBQ0oYAFwIgWFKGABQSwMEFAAGAAgAAAAhAOneD7//AAAA HAIAABMAAABbQ29udGVudF9UeXBlc10ueG1srJHLTsMwEEX3SPyD5S1KnLJACCXpgseOx6J8wMiZ JBbJ2LKnVfv3TNJUQqggFmws2TP3njvjcr0fB7XDmJynSq/yQisk6xtHXaXfN0/ZrVaJgRoYPGGl D5j0ur68KDeHgEmJmlKle+ZwZ0yyPY6Qch+QpNL6OALLNXYmgP2ADs11UdwY64mROOPJQ9flA7aw HVg97uX5mCTikLS6PzZOrEpDCIOzwJLU7Kj5RskWQi7KuSf1LqQriaHNWcJU+Rmw6F5lNdE1qN4g 8guMEsOwDIlfz2cgGS3mvzueiezb1llsvN2Oso58Nl7MTsH/FGD1P+gT08x/W38CAAD//wMAUEsD BBQABgAIAAAAIQCl1qfnwAAAADYBAAALAAAAX3JlbHMvLnJlbHOEj89qwzAMh++FvYPRfVHSwxgl di+lkEMvo30A4Sh/aCIb2xvr20/HBgq7CISk7/epPf6ui/nhlOcgFpqqBsPiQz/LaOF2Pb9/gsmF pKclCFt4cIaje9u1X7xQ0aM8zTEbpUi2MJUSD4jZT7xSrkJk0ckQ0kpF2zRiJH+nkXFf1x+Ynhng NkzT9RZS1zdgro+oyf+zwzDMnk/Bf68s5UUEbjeUTGnkYqGoL+NTvZCoZarUHtC1uPnW/QEAAP// AwBQSwMEFAAGAAgAAAAhAGt5lhaDAAAAigAAABwAAAB0aGVtZS90aGVtZS90aGVtZU1hbmFnZXIu eG1sDMxNCsMgEEDhfaF3kNk3Y7soRWKyy6679gBDnBpBx6DSn9vX5eODN87fFNWbSw1ZLJwHDYpl zS6It/B8LKcbqNpIHMUsbOHHFebpeBjJtI0T30nIc1F9I9WQha213SDWtSvVIe8s3V65JGo9i0dX 6NP3KeJF6ysmCgI4/QEAAP//AwBQSwMEFAAGAAgAAAAhALb0Z5iTBwAAySAAABYAAAB0aGVtZS90 aGVtZS90aGVtZTEueG1s7FnNixvJFb8H8j80fZf11a2PwfKiT8/aM7axZIc91kil7vJUd4mq0ozF YgjeUy6BwCbkkIW97SGELOzCLrnkjzHYJJs/Iq+qW91VUsmeGRwwYUYwdJd+79Wv3nv13lPV3c9e JtS7wFwQlvb8+p2a7+F0zhYkjXr+s9mk0vE9IVG6QJSluOdvsPA/u/frX91FRzLGCfZAPhVHqOfH Uq6OqlUxh2Ek7rAVTuG7JeMJkvDKo+qCo0vQm9Bqo1ZrVRNEUt9LUQJqHy+XZI69mVLp39sqH1N4 TaVQA3PKp0o1tiQ0dnFeVwixEUPKvQtEez7Ms2CXM/xS+h5FQsIXPb+m//zqvbtVdJQLUXlA1pCb 6L9cLhdYnDf0nDw6KyYNgjBo9Qv9GkDlPm7cHrfGrUKfBqD5HFaacbF1thvDIMcaoOzRoXvUHjXr Ft7Q39zj3A/Vx8JrUKY/2MNPJkOwooXXoAwf7uHDQXcwsvVrUIZv7eHbtf4oaFv6NSimJD3fQ9fC VnO4XW0BWTJ67IR3w2DSbuTKSxREQxFdaoolS+WhWEvQC8YnAFBAiiRJPblZ4SWaQxQPESVnnHgn JIoh8FYoZQKGa43apNaE/+oT6CftUXSEkSGteAETsTek+HhizslK9vwHoNU3IG9//vnN6x/fvP7p zVdfvXn993xurcqSO0ZpZMr98t0f/vPNb71///DtL1//MZt6Fy9M/Lu//e7dP/75PvWw4tIUb//0 /bsfv3/759//669fO7T3OToz4TOSYOE9wpfeU5bAAh388Rm/nsQsRsSU6KeRQClSszj0j2VsoR9t EEUO3ADbdnzOIdW4gPfXLyzC05ivJXFofBgnFvCUMTpg3GmFh2ouw8yzdRq5J+drE/cUoQvX3EOU Wl4er1eQY4lL5TDGFs0nFKUSRTjF0lPfsXOMHav7ghDLrqdkzplgS+l9QbwBIk6TzMiZFU2l0DFJ wC8bF0Hwt2Wb0+fegFHXqkf4wkbC3kDUQX6GqWXG+2gtUeJSOUMJNQ1+gmTsIjnd8LmJGwsJno4w Zd54gYVwyTzmsF7D6Q8hzbjdfko3iY3kkpy7dJ4gxkzkiJ0PY5SsXNgpSWMT+7k4hxBF3hMmXfBT Zu8Q9Q5+QOlBdz8n2HL3h7PBM8iwJqUyQNQ3a+7w5X3MrPidbugSYVeq6fPESrF9TpzRMVhHVmif YEzRJVpg7D373MFgwFaWzUvSD2LIKsfYFVgPkB2r6j3FAnol1dzs58kTIqyQneKIHeBzutlJPBuU Jogf0vwIvG7afAylLnEFwGM6PzeBjwj0gBAvTqM8FqDDCO6DWp/EyCpg6l2443XDLf9dZY/Bvnxh 0bjCvgQZfG0ZSOymzHttM0PUmqAMmBmCLsOVbkHEcn8pooqrFls75Zb2pi3dAN2R1fQkJP1gB7TT +4T/u94HOoy3f/nGsQ8+Tr/jVmwlq2t2OoeSyfFOf3MIt9vVDBlfkE+/qRmhdfoEQx3Zz1i3Pc1t T+P/3/c0h/bzbSdzqN+47WR86DBuO5n8cOXjdDJl8wJ9jTrwyA569LFPcvDUZ0koncoNxSdCH/wI +D2zmMCgktMnnrg4BVzF8KjKHExg4SKOtIzHmfwNkfE0Ris4Har7SkkkctWR8FZMwKGRHnbqVni6 Tk7ZIjvsrNfVwWZWWQWS5XgtLMbhoEpm6Fa7PMAr1Gu2kT5o3RJQstchYUxmk2g6SLS3g8pI+lgX jOYgoVf2UVh0HSw6Sv3WVXssgFrhFfjB7cHP9J4fBiACQnAeB835Qvkpc/XWu9qZH9PTh4xpRQA0 2NsIKD3dVVwPLk+tLgu1K3jaImGEm01CW0Y3eCKGn8F5dKrRq9C4rq+7pUstesoUej4IrZJGu/M+ Fjf1Ncjt5gaampmCpt5lz281QwiZOVr1/CUcGsNjsoLYEeo3F6IR3LzMJc82/E0yy4oLOUIizgyu k06WDRIiMfcoSXq+Wn7hBprqHKK51RuQED5Zcl1IK58aOXC67WS8XOK5NN1ujChLZ6+Q4bNc4fxW i98crCTZGtw9jReX3hld86cIQixs15UBF0TA3UE9s+aCwGVYkcjK+NspTHnaNW+jdAxl44iuYpRX FDOZZ3Cdygs6+q2wgfGWrxkMapgkL4RnkSqwplGtalpUjYzDwar7YSFlOSNpljXTyiqqarqzmDXD tgzs2PJmRd5gtTUx5DSzwmepezfldre5bqdPKKoEGLywn6PqXqEgGNTKySxqivF+GlY5Ox+1a8d2 gR+gdpUiYWT91lbtjt2KGuGcDgZvVPlBbjdqYWi57Su1pfWtuXmxzc5eQPIYQZe7plJoV8LJLkfQ EE11T5KlDdgiL2W+NeDJW3PS87+shf1g2AiHlVonHFeCZlCrdMJ+s9IPw2Z9HNZro0HjFRQWGSf1 MLuxn8AFBt3k9/Z6fO/uPtne0dyZs6TK9N18VRPXd/f1xuG7e49A0vmy1Zh0m91Bq9Jt9ieVYDTo VLrD1qAyag3bo8loGHa6k1e+d6HBQb85DFrjTqVVHw4rQaum6He6lXbQaPSDdr8zDvqv8jYGVp6l j9wWYF7N695/AQAA//8DAFBLAwQUAAYACAAAACEADdGQn7YAAAAbAQAAJwAAAHRoZW1lL3RoZW1l L19yZWxzL3RoZW1lTWFuYWdlci54bWwucmVsc4SPTQrCMBSE94J3CG9v07oQkSbdiNCt1AOE5DUN Nj8kUeztDa4sCC6HYb6ZabuXnckTYzLeMWiqGgg66ZVxmsFtuOyOQFIWTonZO2SwYIKObzftFWeR SyhNJiRSKC4xmHIOJ0qTnNCKVPmArjijj1bkIqOmQci70Ej3dX2g8ZsBfMUkvWIQe9UAGZZQmv+z /TgaiWcvHxZd/lFBc9mFBSiixszgI5uqTATKW7q6xN8AAAD//wMAUEsBAi0AFAAGAAgAAAAhAOne D7//AAAAHAIAABMAAAAAAAAAAAAAAAAAAAAAAFtDb250ZW50X1R5cGVzXS54bWxQSwECLQAUAAYA CAAAACEApdan58AAAAA2AQAACwAAAAAAAAAAAAAAAAAwAQAAX3JlbHMvLnJlbHNQSwECLQAUAAYA CAAAACEAa3mWFoMAAACKAAAAHAAAAAAAAAAAAAAAAAAZAgAAdGhlbWUvdGhlbWUvdGhlbWVNYW5h Z2VyLnhtbFBLAQItABQABgAIAAAAIQC29GeYkwcAAMkgAAAWAAAAAAAAAAAAAAAAANYCAAB0aGVt ZS90aGVtZS90aGVtZTEueG1sUEsBAi0AFAAGAAgAAAAhAA3RkJ+2AAAAGwEAACcAAAAAAAAAAAAA AAAAnQoAAHRoZW1lL3RoZW1lL19yZWxzL3RoZW1lTWFuYWdlci54bWwucmVsc1BLBQYAAAAABQAF AF0BAACYCwAAAAA8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJVVEYtOCIgc3RhbmRhbG9u ZT0ieWVzIj8+DQo8YTpjbHJNYXAgeG1sbnM6YT0iaHR0cDovL3NjaGVtYXMub3BlbnhtbGZvcm1h dHMub3JnL2RyYXdpbmdtbC8yMDA2L21haW4iIGJnMT0ibHQxIiB0eDE9ImRrMSIgYmcyPSJsdDIi IHR4Mj0iZGsyIiBhY2NlbnQxPSJhY2NlbnQxIiBhY2NlbnQyPSJhY2NlbnQyIiBhY2NlbnQzPSJh Y2NlbnQzIiBhY2NlbnQ0PSJhY2NlbnQ0IiBhY2NlbnQ1PSJhY2NlbnQ1IiBhY2NlbnQ2PSJhY2Nl bnQ2IiBobGluaz0iaGxpbmsiIGZvbEhsaW5rPSJmb2xIbGluayIvPgAAAADgEgAAFwAAKAAAAAD/ ////AAAAAAIAAAAEAAAABAAAAAYAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAsA AAAACAAAZRIAAN8aAADgGgAADgAAABAAAAATAAAAAAgAAJoXAADaGgAA4BoAAA8AAAARAAAAEgAA AA8AAPBAAAAAAAAG8CAAAAABCAAAAwAAAAIAAAACAAAAAQAAAAIAAAACAAAAAQAAAEAAHvEQAAAA //8AAAAA/wCAgIAA9wAAEAEPAALwSAAAACAACPAIAAAAAQAAAAAIAAAPAAPwMAAAAA8ABPAoAAAA AQAJ8BAAAAAAAAAAAAAAAAAAAAAAAAAAAgAK8AgAAAAACAAABQAAAAAPAALwkgAAABAACPAIAAAA AQAAAAEEAAAPAAPwMAAAAA8ABPAoAAAAAQAJ8BAAAAAAAAAAAAAAAAAAAAAAAAAAAgAK8AgAAAAA BAAABQAAAA8ABPBCAAAAEgAK8AgAAAABBAAAAA4AAFMAC/AeAAAAvwEAABAAywEAAAAA/wEAAAgA BAMJAAAAPwMBAAEAAAAR8AQAAAABAAAAAAAAABUAAAAdAAAAHgAAACUAAAAmAAAALgAAAKUSAACx EgAA1hIAAOESAAAHABwABwAcAAcAHAAHABwABwACAAAAAAASAQAAEgEAAEsBAABLAQAApQEAAKUB AAAAAgAAAAIAAJgCAACYAgAA3AIAANwCAAAQAwAAEAMAABoDAAAaAwAApAMAAKQDAAD+AwAA/gMA AGkFAABpBQAAuQUAALkFAADCBQAAwgUAAGsHAABrBwAAdwcAAHcHAACABwAAgAcAAE8JAABPCQAA UAkAAFAJAACgCQAAoAkAAKcJAACnCQAA0AkAANAJAAD/CQAA/wkAABkKAAAZCgAAZwoAAGcKAAB5 CgAAeQoAAIEKAACJCgAAkAoAAJAKAABUCwAAVAsAAFoMAABaDAAAXAwAAFwMAACGDAAAhgwAAJIM AACSDAAAnAwAAJwMAAC2DAAAtgwAALkMAAC5DAAADw0AAA8NAAAQDQAAEA0AAP0NAAAKDgAADA4A AAwOAACXDgAAlw4AAMYOAADGDgAAxw4AAEcPAADWEgAA4RIAAAcABAAHAAQABwAEAAcABAAHAAQA BwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAH AAQABwAEAAcABAAHAAQABwAEAAcABAAHADMABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcA BAAHAAQABwAEAAcABAAHADMABwAEAAcABAAHAAQABwAEAAcAAgAAAAAAEgEAABIBAABLAQAASwEA AKUBAAClAQAAAAIAAAACAACYAgAAmAIAANwCAADcAgAAEAMAABADAAAaAwAAGgMAAKQDAACkAwAA /gMAAP4DAABpBQAAaQUAALkFAAC5BQAAwgUAAMIFAABrBwAAawcAAHcHAAB3BwAAgAcAAIAHAABP CQAATwkAAFAJAABQCQAAoAkAAKAJAACnCQAApwkAANAJAADQCQAA/wkAAP8JAAAZCgAAGQoAAGcK AABnCgAAeQoAAHkKAACQCgAAkAoAAFQLAABUCwAAWgwAAFoMAABcDAAAXAwAAIYMAACGDAAAkgwA AJIMAACcDAAAnAwAALYMAAC2DAAAuQwAALkMAAAPDQAADw0AABANAAAQDQAADA4AAAwOAACXDgAA lw4AAMYOAADGDgAAxw4AAEYPAACcDwAAtQ8AAH4RAADLEQAADRIAABsSAADWEgAA1xIAANgSAADZ EgAA2hIAANsSAADcEgAA3RIAAOESAAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcA BAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAE AAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQABwAEAAcABAAHAAQA BwAEAAcABAAHAAQABwAFAAcABQAHAAUABwAHAAIABwACAAcAAgAHAAIAAwCDAalK6txCEv8P/w// D/8P/w//D/8P/w//DxAA63ciU4qiJJ//D/8P/w//D/8P/w//D/8P/w8QAG4eGXj6xEA//w//D/8P /w//D/8P/w//D/8PEAAAAAAAFwAAAAAAAAAAAAAAAAAAAAAAAAATEAAAD4QkBBGEmP5ehCQEYISY /k9KAABQSgAAUUoAAF5KAABvKAABAC0AAQAAABeAAAAAAAAAAAAAAAAAAAAAAAAAFRAAAA+E9AYR hJj+XoT0BmCEmP5PSggAUUoIAG8oAIdoAAAAAIhIAAABAG8AAQAAABeAAAAAAAAAAAAAAAAAAAAA AAAAFRAAAA+ExAkRhJj+XoTECWCEmP5PSgkAUUoJAG8oAIdoAAAAAIhIAAABAKfwAQAAABeAAAAA AAAAAAAAAAAAAAAAAAAAFRAAAA+ElAwRhJj+XoSUDGCEmP5PSgEAUUoBAG8oAIdoAAAAAIhIAAAB ALfwAQAAABeAAAAAAAAAAAAAAAAAAAAAAAAAFRAAAA+EZA8RhJj+XoRkD2CEmP5PSggAUUoIAG8o AIdoAAAAAIhIAAABAG8AAQAAABeAAAAAAAAAAAAAAAAAAAAAAAAAFRAAAA+ENBIRhJj+XoQ0EmCE mP5PSgkAUUoJAG8oAIdoAAAAAIhIAAABAKfwAQAAABeAAAAAAAAAAAAAAAAAAAAAAAAAFRAAAA+E BBURhJj+XoQEFWCEmP5PSgEAUUoBAG8oAIdoAAAAAIhIAAABALfwAQAAABeAAAAAAAAAAAAAAAAA AAAAAAAAFRAAAA+E1BcRhJj+XoTUF2CEmP5PSggAUUoIAG8oAIdoAAAAAIhIAAABAG8AAQAAABeA AAAAAAAAAAAAAAAAAAAAAAAAFRAAAA+EpBoRhJj+XoSkGmCEmP5PSgkAUUoJAG8oAIdoAAAAAIhI AAABAKfwAQAAABcQAAAAAAAAAAAAAGgBAAAAAAAAFRAAAA+E0AIRhJj+XoTQAmCEmP5PSgEAUUoB AG8oAIdoAAAAAIhIAAABALfwAQAAABcQAAAAAAAAAAAAAGgBAAAAAAAAGRAAAA+EoAURhJj+XoSg BWCEmP5PSggAUUoIAF5KCABvKACHaAAAAACISAAAAQBvAAEAAAAXkAAAAAAAAAAAAABoAQAAAAAA ABUQAAAPhHAIEYSY/l6EcAhghJj+T0oJAFFKCQBvKACHaAAAAACISAAAAQCn8AEAAAAXkAAAAAAA AAAAAABoAQAAAAAAABUQAAAPhEALEYSY/l6EQAtghJj+T0oBAFFKAQBvKACHaAAAAACISAAAAQC3 8AEAAAAXkAAAAAAAAAAAAABoAQAAAAAAABkQAAAPhBAOEYSY/l6EEA5ghJj+T0oIAFFKCABeSggA bygAh2gAAAAAiEgAAAEAbwABAAAAF5AAAAAAAAAAAAAAaAEAAAAAAAAVEAAAD4TgEBGEmP5ehOAQ YISY/k9KCQBRSgkAbygAh2gAAAAAiEgAAAEAp/ABAAAAF5AAAAAAAAAAAAAAaAEAAAAAAAAVEAAA D4SwExGEmP5ehLATYISY/k9KAQBRSgEAbygAh2gAAAAAiEgAAAEAt/ABAAAAF5AAAAAAAAAAAAAA aAEAAAAAAAAZEAAAD4SAFhGEmP5ehIAWYISY/k9KCABRSggAXkoIAG8oAIdoAAAAAIhIAAABAG8A AQAAABeQAAAAAAAAAAAAAGgBAAAAAAAAFRAAAA+EUBkRhJj+XoRQGWCEmP5PSgkAUUoJAG8oAIdo AAAAAIhIAAABAKfwAQAAABcQAAAAAAAAAAAAAGgBAAAAAAAAFRAAAA+E0AIRhJj+XoTQAmCEmP5P SgEAUUoBAG8oAIdoAAAAAIhIAAABALfwAQAAABeQAAAAAAAAAAAAAGgBAAAAAAAAGRAAAA+EoAUR hJj+XoSgBWCEmP5PSggAUUoIAF5KCABvKACHaAAAAACISAAAAQBvAAEAAAAXkAAAAAAAAAAAAABo AQAAAAAAABUQAAAPhHAIEYSY/l6EcAhghJj+T0oJAFFKCQBvKACHaAAAAACISAAAAQCn8AEAAAAX kAAAAAAAAAAAAABoAQAAAAAAABUQAAAPhEALEYSY/l6EQAtghJj+T0oBAFFKAQBvKACHaAAAAACI SAAAAQC38AEAAAAXkAAAAAAAAAAAAABoAQAAAAAAABkQAAAPhBAOEYSY/l6EEA5ghJj+T0oIAFFK CABeSggAbygAh2gAAAAAiEgAAAEAbwABAAAAF5AAAAAAAAAAAAAAaAEAAAAAAAAVEAAAD4TgEBGE mP5ehOAQYISY/k9KCQBRSgkAbygAh2gAAAAAiEgAAAEAp/ABAAAAF5AAAAAAAAAAAAAAaAEAAAAA AAAVEAAAD4SwExGEmP5ehLATYISY/k9KAQBRSgEAbygAh2gAAAAAiEgAAAEAt/ABAAAAF5AAAAAA AAAAAAAAaAEAAAAAAAAZEAAAD4SAFhGEmP5ehIAWYISY/k9KCABRSggAXkoIAG8oAIdoAAAAAIhI AAABAG8AAQAAABeQAAAAAAAAAAAAAGgBAAAAAAAAFRAAAA+EUBkRhJj+XoRQGWCEmP5PSgkAUUoJ AG8oAIdoAAAAAIhIAAABAKfwAwAAAIMBqUoAAAAAAAAAAAAAAADrdyJTAAAAAAAAAAAAAAAAbh4Z eAAAAAAAAAAAAAAAAP//////////////////AwAAAAAAAAAAAP//AwAAABIA6geAuQMACQQFAAkE AQAJBAMACQQFAAkEAQAJBAMACQQFAAkEEgABAAkEAwAJBAUACQQBAAkEAwAJBAUACQQBAAkEAwAJ BAUACQQSAAEACQQDAAkEBQAJBAEACQQDAAkEBQAJBAEACQQDAAkEBQAJBDgAAAAEAAAACAAAAOUA AAAAAAAANwAAADw4AwBOPhMAQWkbACJIHAD9dCEAJkAjAPBkKAA9Vy4Aa2wxAEQ3MwBeGTkAHHE6 AO0DRAAgTkYA0mZIAO5AUgB1YVgAbRBZANYPZAC4OGUAkSFmAJpDagCRPW4ABBR2ABNedwAuFH4A 1y9/AJFRkQD5N5MAfjOXAA8hmQBrE5wA5g2dAGFvpgC/bKsAcwKvAANzrwBxXLAAXl2zAMgctQB2 A7cAoQi/AMdrwQCbV80AWAvSAB0O0gCWHtQAzXzWAH4w2QDiddsAKDHdAPF86QCfdesA/VDxAFsY 9gDfW/gAAAAAANYSAADYEgAAAAAAAAEAAAD/QAOAAQDHDgAAxw4AAAAAAAABAAEAxw4AAAAAAADH DgAAAAAAAAIQAAAAAAAAAOASAAC4AAAQAEAAAP//AQAAAAcAVQBuAGsAbgBvAHcAbgD//wEACAAA AAAAAAAAAAAA//8BAAAAAAD//wAAAgD//wAAAAD//wAAAgD//wAAAAALAAAARx6QAQAAAgIGAwUE BQIDBP8uAOBbeADACQAAAAAAAAD/AQAAAAAAAFQAaQBtAGUAcwAgAE4AZQB3ACAAUgBvAG0AYQBu AAAANR6QAQIABQUBAgEHBgIFBwAAAAAAAAAQAAAAAAAAAAAAAACAAAAAAFMAeQBtAGIAbwBsAAAA My6QAQAAAgsGBAICAgICBP8uAOBDeADACQAAAAAAAAD/AQAAAAAAAEEAcgBpAGEAbAAAADsOkAGG BwIBBgADAQEBAQEDAAAAAACPKBYAAAAAAAAAAQAEAAAAAABTAGkAbQBTAHUAbgAAAItbU08AAEkG kAEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMAG8AaABpAHQAIABEAGUAdgBh AG4AYQBnAGEAcgBpAAAAVQaQAQAOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwA dQBjAGkAZABhACAARwByAGEAbgBkAGUAAABTAGUAZwBvAGUAIABVAEkAAABDLiwBAAACDwMCAgIE AwIE/yoA4HskAMAJAAAAAAAAAP8BAAAAAAAAQwBhAGwAaQBiAHIAaQAgAEwAaQBnAGgAdAAAADcu kAEAAAIPBQICAgQDAgT/KgDgeyQAwAkAAAAAAAAA/wEAAAAAAABDAGEAbABpAGIAcgBpAAAAPz2Q AQAAAgcDCQICBQIEBP8uAOBDeADACQAAAAAAAAD/AQAAAAAAAEMAbwB1AHIAaQBlAHIAIABOAGUA dwAAADsOkAECAAUAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAgAAAAABXAGkAbgBnAGQAaQBu AGcAcwAAAEEekAEAAAIEBQMFBAYDAgT/AgDg/yQAQgAAAAAAAAAAnwEAAAAAAABDAGEAbQBiAHIA aQBhACAATQBhAHQAaAAAACIABAABiIgYACDFAgAAaAEAAAAAxJhXZ8WYV2cAAAAAAwABAAAAzwIA AAcQAAACAAkAAAAEAIOQIgAAAM8CAAAHEAAAAgAJAAAAIgAAAAAAAADhBgAgAAAAAAAEAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjAAAAAAAAAAAAAAAAAAAM0SAADNEgAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAA AAAAAAAAAAVLI1EAIAAABAD//QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICFAAAAAAAPAAAAAI JFAAAAAAAAD///9/////fwAAAAD///9/////f////3////9/HHE6AAAEAACyAAAAAAAAAAAAAAAA AAAAAAAAAAAAIQAAAAAAAAAAAAAAAAAAAAAAAAAQHAAACgAAAAAAAAAAAHgAAAB4AAAAAAAAAAAA AACgBQAAAAAAAAsAAAAAAAAALAEAAAEAAAD//xIAAAAAAAAAAAAAAAAAAAAQAFIAbwBiAGUAcgB0 ACAATQBvAHMAawBvAHcAaQB0AHoABABBAGwAZQB4AAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAYA AAADAAAAAAAMAAEADAACAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAD+/wAACgACAAAAAAAAAAAAAAAAAAAAAAABAAAA4IWf8vlPaBCrkQgAKyez2TAA AACIAQAAEgAAAAEAAACYAAAAAgAAAKAAAAADAAAArAAAAAQAAAC4AAAABQAAANQAAAAGAAAA4AAA AAcAAADsAAAACAAAAPwAAAAJAAAADAEAABIAAAAYAQAACgAAADgBAAALAAAARAEAAAwAAABQAQAA DQAAAFwBAAAOAAAAaAEAAA8AAABwAQAAEAAAAHgBAAATAAAAgAEAAAIAAADkBAAAHgAAAAQAAAAA AAAAHgAAAAQAAAAAAAAAHgAAABQAAABSb2JlcnQgTW9za293aXR6AAAAAB4AAAAEAAAAAAAAAB4A AAAEAAAAAAAAAB4AAAAIAAAATm9ybWFsAAAeAAAACAAAAEFsZXgAAAAAHgAAAAQAAAAzAAAAHgAA ABgAAABNaWNyb3NvZnQgT2ZmaWNlIFdvcmQAAABAAAAAAEbDIwAAAABAAAAAAAAAAAAAAABAAAAA ACieV3YA0wFAAAAAAG5he3YA0wEDAAAAAgAAAAMAAADPAgAAAwAAAAcQAAADAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAA/v8AAAoAAgAAAAAAAAAAAAAAAAAAAAAAAQAAAALVzdWcLhsQk5cIACss+a4wAAAA6AAAAAwA AAABAAAAaAAAAA8AAABwAAAABQAAAHwAAAAGAAAAhAAAABEAAACMAAAAFwAAAJQAAAALAAAAnAAA ABAAAACkAAAAEwAAAKwAAAAWAAAAtAAAAA0AAAC8AAAADAAAAMkAAAACAAAA5AQAAB4AAAAEAAAA AAAAAAMAAAAiAAAAAwAAAAkAAAADAAAAzRIAAAMAAAAAABAACwAAAAAAAAALAAAAAAAAAAsAAAAA AAAACwAAAAAAAAAeEAAAAQAAAAEAAAAADBAAAAIAAAAeAAAABgAAAFRpdGxlAAMAAAABAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAC AAAAAwAAAAQAAAAFAAAABgAAAAcAAAAIAAAACQAAAAoAAAALAAAADAAAAA0AAAAOAAAADwAAABAA AAARAAAAEgAAABMAAAAUAAAA/v///xYAAAAXAAAAGAAAABkAAAAaAAAAGwAAABwAAAAdAAAAHgAA AB8AAAAgAAAAIQAAACIAAAAjAAAAJAAAACUAAAAmAAAAJwAAACgAAAApAAAAKgAAACsAAAAsAAAA /v///y4AAAAvAAAAMAAAADEAAAAyAAAAMwAAADQAAAD+////NgAAADcAAAA4AAAAOQAAADoAAAA7 AAAAPAAAAP7////9////PwAAAP7////+/////v////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////UgBvAG8A dAAgAEUAbgB0AHIAeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ABYABQH//////////wMAAAAGCQIAAAAAAMAAAAAAAABGAAAAAAAAAAAAAAAAENmjfHYA0wFBAAAA gAAAAAAAAAAxAFQAYQBiAGwAZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAADgACAf////8FAAAA/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAABUAAAAjLwAAAAAAAFcAbwByAGQARABvAGMAdQBtAGUAbgB0AAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAIBAQAAAP//////////AAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACooAAAAAAAABQBTAHUAbQBtAGEAcgB5AEkAbgBm AG8AcgBtAGEAdABpAG8AbgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAgECAAAABAAAAP// //8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtAAAAABAAAAAAAAAFAEQAbwBj AHUAbQBlAG4AdABTAHUAbQBtAGEAcgB5AEkAbgBmAG8AcgBtAGEAdABpAG8AbgAAAAAAAAAAAAAA OAACAf///////////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUAAAAA EAAAAAAAAAEAQwBvAG0AcABPAGIAagAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAASAAIA////////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAHIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////////8AAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////// /wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAD+//// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////AQD+/wMKAAD/ ////BgkCAAAAAADAAAAAAAAARiAAAABNaWNyb3NvZnQgV29yZCA5Ny0yMDAzIERvY3VtZW50AAoA AABNU1dvcmREb2MAEAAAAFdvcmQuRG9jdW1lbnQuOAD0ObJxAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= --001a114714b06349d60554ad0afa-- From nobody Wed Jul 19 09:14:06 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E8F512F3CB for ; Wed, 19 Jul 2017 09:14:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.698 X-Spam-Level: X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ukUZwZaDQd1 for ; Wed, 19 Jul 2017 09:14:04 -0700 (PDT) Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3FCE1287A5 for ; Wed, 19 Jul 2017 09:14:03 -0700 (PDT) Received: by mail-wm0-x236.google.com with SMTP id w126so3370539wme.0 for ; Wed, 19 Jul 2017 09:14:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=tqMF7Uexcdo80ugm7xwOyuUj5B1mTqrGNl6LPxoWL8Y=; b=jIl28bJgjjCAUcw2HkOQIBQk/5dckqL4//EOZevB22TaAlKsimWDRb8crRI7ZSGksn BDICpr4ovCY45QHkJdyIWO6y6AUn4wA51LqqwhG6FIQFV/TyO7o7WlW6PoEV1NoErDai x2hBtSZeGiiwmQaQjMEJ2mAQSsWxXWCPhYoyeYzUQy/XP2m+y1snMlh/o6vMiRVAw03X tONf3mg7P2lzTWMxL0vgT2bKbvHW012+UOVdTukADYj/scugZIOEV3kELyNvCLZjDlFs yEMuHqimEclasJT5fyc0UCol6h/xh2Xvy/KVqQw6PAGRaCC1+c0Xxld7TF4GrORUEZEe 4d9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=tqMF7Uexcdo80ugm7xwOyuUj5B1mTqrGNl6LPxoWL8Y=; b=UInFmiMymM3SdUQj9qycOk6ATF8tjka7Em8x5Eu3w+c/FdNveyORTAGnIwpUp0D9tn vZQ+IajUfagbTFc2Wh/2fLQtQ49omrKvVUEWHyV/ee47Tw8rMjvZzk/RCTmQoiGq0eOY RFKibDorOJH+JfLQvxBabdWaOC402lIWdLqq1SlmUzHh1461bB206qx2uhbhYBzlXEEw zIkotZ5fFSAFdwq2g6xyDF2G5W02bd1r52KtHkrxGvUPC4fUXtw86rIiGW7j0C9AtSl7 sUnEw+Diju3Mk63UGraQZC+NXvobYiJ7zJGYBY6Ts5GRDPM2SQc6NsA36AFMcRoULWhq D6LQ== X-Gm-Message-State: AIVw110Pjg0HQq38MbuU85XhkcQ6M4v0OA9fGmGIr5TORee2aZHhlmVR SFRcqLPUg1uhpmIEfX2YTPwQiC1uig== X-Received: by 10.28.234.145 with SMTP id g17mr377437wmi.144.1500480842496; Wed, 19 Jul 2017 09:14:02 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.152.139 with HTTP; Wed, 19 Jul 2017 09:14:02 -0700 (PDT) In-Reply-To: References: From: tjw ietf Date: Wed, 19 Jul 2017 18:14:02 +0200 Message-ID: To: Padma Pillay-Esnault Cc: ideas@ietf.org Content-Type: multipart/alternative; boundary="001a114705109c00fd0554adebf6" Archived-At: Subject: Re: [Ideas] Fwd: Slides and Charter X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jul 2017 16:14:05 -0000 --001a114705109c00fd0554adebf6 Content-Type: text/plain; charset="UTF-8" All I updated the github repo that Padma pointed me to - that may be a better place for folks to wordsmith https://github.com/IETF-IDEAS/Charter-Proposal On Wed, Jul 19, 2017 at 5:11 PM, Padma Pillay-Esnault wrote: > Hello Everyone > > Here is the charter version that was finalized before the BOF. > > We would like to have your feedback on it. > > Thanks > Padma and IDEAS Design team > > > ---------- Forwarded message ---------- > From: Padma Pillay-Esnault > Date: Wed, Jul 19, 2017 at 12:08 PM > Subject: Re: Slides and Charter > To: tjw ietf , Brian Haberman < > brian@innovationslab.net> > Cc: Padma Pillay-Esnault > > > Hello > > Here is the updated slide deck and charter. > Your comments welcome! > > Thanks > Padma > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > > --001a114705109c00fd0554adebf6 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
All

I updated the github repo that Padm= a pointed me to - that may be a better place for folks to wordsmith=C2=A0



On Wed, Jul 19, 2017 at 5:11 PM, Padma Pillay-Esnault <padm= a.ietf@gmail.com> wrote:
Hello Everyone=C2=A0

Here is the charter = version that was finalized before the BOF.=C2=A0

W= e would like to have your feedback on it.=C2=A0

Th= anks
Padma and IDEAS Design team=C2=A0
<= br>

---------- Forwarded message -= ---------
From: Padma Pillay-Esnault <= span dir=3D"ltr"><padma.ietf@gmail.com>
Date: Wed, Jul 19, 2017 at 12:08= PM
Subject: Re: Slides and Charter
To: tjw ietf <tjw.ietf@gmail.com>, Brian H= aberman <b= rian@innovationslab.net>
Cc: Padma Pillay-Esnault <padma.ietf@gmail.com>=


Hello

Here is the updated s= lide deck and charter.
Your comments welcome!

Thanks
Padma

<= /div>

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas


--001a114705109c00fd0554adebf6-- From nobody Wed Jul 19 22:51:08 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE16E124D85 for ; Wed, 19 Jul 2017 22:51:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Alpn0nxhjRue for ; Wed, 19 Jul 2017 22:51:05 -0700 (PDT) Received: from mail-wr0-x22b.google.com (mail-wr0-x22b.google.com [IPv6:2a00:1450:400c:c0c::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03F3F124217 for ; Wed, 19 Jul 2017 22:51:04 -0700 (PDT) Received: by mail-wr0-x22b.google.com with SMTP id f21so9675625wrf.5 for ; Wed, 19 Jul 2017 22:51:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ChDWOUqkyxMcBz8p1DSkpQuug2TiLNCzAiZuvMPHkO0=; b=HrozzrIAQzrZZ9etMkqxsPvxt7ta5O419ehmGGWuXGCIgpRtNZlOWiQv0nH07wN35s GP2kk1xCx++0AOQuUv2tpu/MSbTwcTW0XXaTMAyVWIIB4YTdTlvf1+9uduQe7vFrG2/L P49sGzAd5nXfS9obc+thWDIN+vY7uud3B2UBJ/9B+pkLb0IwNdS0rJJR9+NgIGW+K9Lb 9dWF9KNuDg1wkumxYaDssYfnshIN4kBd9ZgeQcX5wof6/Zc2wRJ9lbzDToEV8aUIyaEH M0lj/eiCzGACvwVeL3xzP2crYSEiszeq2i/nA4mtfFefzctU9896OlYdwtCf68e7oc4R BPBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ChDWOUqkyxMcBz8p1DSkpQuug2TiLNCzAiZuvMPHkO0=; b=kYf/8GRj5lhKjfJXYxqtljB3R1kchcalXJh0pR7odOJuduzfMUlH//145c6dLzDEeX 1HdjWLLntg4Xk9o6EyPxIOcx6LZm6nlFetsbF1sMYaa3c9pwnUrZ/M53comRG6I4qNHe Fo/MY3fwwnCubVq670b+GQUK7giVikgx74QDcdpMonWf4+5GVQbLZYOPazD/cKlyjolP 4eeieZ7mFxN7azqru1wjHaeR+vkeQQoj/IOHTicOlLzjRBCCk/QEOS6vCKhBzjtPNkMc c2snaM5OaGBhylCLm97J3rUhYNHTJzVXQl17o/8lfZjcnnIkIs5idGlZZOYfWTcFu7+x 3Obw== X-Gm-Message-State: AIVw110a9Yxl0VFjZLT5hXlBeT9riHceR26GcxsTcVgT8OzBVcJhn4HD LcIRbkGy8+m/nNU3dEM5X0S6nBYjHA== X-Received: by 10.223.135.181 with SMTP id b50mr2440272wrb.261.1500529863481; Wed, 19 Jul 2017 22:51:03 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.167.8 with HTTP; Wed, 19 Jul 2017 22:51:03 -0700 (PDT) In-Reply-To: References: From: Padma Pillay-Esnault Date: Thu, 20 Jul 2017 07:51:03 +0200 Message-ID: To: tjw ietf Cc: ideas@ietf.org Content-Type: multipart/alternative; boundary="001a114748027ce2630554b95524" Archived-At: Subject: Re: [Ideas] Fwd: Slides and Charter X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 05:51:07 -0000 --001a114748027ce2630554b95524 Content-Type: text/plain; charset="UTF-8" Thanks Tim! If anyone need access please drop me a line Thanks Padma On Wed, Jul 19, 2017 at 6:14 PM, tjw ietf wrote: > All > > I updated the github repo that Padma pointed me to - that may be a better > place for folks to wordsmith > > https://github.com/IETF-IDEAS/Charter-Proposal > > > > On Wed, Jul 19, 2017 at 5:11 PM, Padma Pillay-Esnault < > padma.ietf@gmail.com> wrote: > >> Hello Everyone >> >> Here is the charter version that was finalized before the BOF. >> >> We would like to have your feedback on it. >> >> Thanks >> Padma and IDEAS Design team >> >> >> ---------- Forwarded message ---------- >> From: Padma Pillay-Esnault >> Date: Wed, Jul 19, 2017 at 12:08 PM >> Subject: Re: Slides and Charter >> To: tjw ietf , Brian Haberman < >> brian@innovationslab.net> >> Cc: Padma Pillay-Esnault >> >> >> Hello >> >> Here is the updated slide deck and charter. >> Your comments welcome! >> >> Thanks >> Padma >> >> >> _______________________________________________ >> Ideas mailing list >> Ideas@ietf.org >> https://www.ietf.org/mailman/listinfo/ideas >> >> > --001a114748027ce2630554b95524 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thanks Tim!

If anyone need access pleas= e drop me a line=C2=A0

Thanks
Padma=C2= =A0

On= Wed, Jul 19, 2017 at 6:14 PM, tjw ietf <tjw.ietf@gmail.com> wrote:
All

I updated the github repo that Padma pointed me to - that may be a = better place for folks to wordsmith=C2=A0


=


On Wed, Jul 19, 2017 at 5:11 PM, Padma Pillay-Es= nault <padma.ietf@gmail.com> wrote:
Hello Eve= ryone=C2=A0

Here is the charter version that was finaliz= ed before the BOF.=C2=A0

We would like to have you= r feedback on it.=C2=A0

Thanks
Padma and= IDEAS Design team=C2=A0


---------- Forwarded message ----------
From: Padma Pillay-Esnault <padma.ietf@gmail.com>
Date: Wed, Jul 19, 2017 at 12:08 PM
Subject: Re: Slides and Char= ter
To: tjw ietf <tjw.ietf@gmail.com>, Brian Haberman <brian@innovationslab.net>
= Cc: Padma Pillay-Esnault <padma.ietf@gmail.com>


Hello<= div>
Here is the updated slide deck and charter.
Yo= ur comments welcome!

Thanks
Padma

<= /div>

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas



--001a114748027ce2630554b95524-- From nobody Thu Jul 20 00:35:32 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9018C126CD6 for ; Thu, 20 Jul 2017 00:35:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.935 X-Spam-Level: X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rLx09XS2jL7E for ; Thu, 20 Jul 2017 00:35:29 -0700 (PDT) Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37C8812ECCB for ; Thu, 20 Jul 2017 00:35:29 -0700 (PDT) Received: from [31.133.137.43] (dhcp-892b.meeting.ietf.org [31.133.137.43]) (authenticated bits=0) by d.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id v6K7ZOgX017855 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 20 Jul 2017 00:35:26 -0700 To: ideas@ietf.org From: Erik Nordmark Message-ID: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> Date: Thu, 20 Jul 2017 09:35:23 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Sonic-CAuth: UmFuZG9tSVYPFGgtZgBVTyQJqF+kNSi9h3DkeM6vgqzvh1JS5rWjyMdCnm2abAmA515vE6BOywG2+NhgH0+S0Q006RszP3ci X-Sonic-ID: C;ZAYy/h1t5xGjgvsKk0eh0A== M;Vi2Q/x1t5xGjgvsKk0eh0A== X-Sonic-Spam-Details: 0.0/5.0 by cerberusd Archived-At: Subject: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 07:35:30 -0000 I understand the desire to provide good privacy by decoupling a longer-lived identity from shorter lived and potentially in the clear identifiers. But since the identifiers are used for the transport connection identification, changing the identifier(s) used in an unlinkable way means that the transport sessions would break. Seems like a tricky tradeoff. What are the thoughts in this area? Thanks, Erik From nobody Thu Jul 20 01:04:54 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90FD1129562 for ; Thu, 20 Jul 2017 01:04:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nw_uCHALzsCs for ; Thu, 20 Jul 2017 01:04:51 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C61E126B72 for ; Thu, 20 Jul 2017 01:04:50 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml703-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DRP25443; Thu, 20 Jul 2017 08:04:48 +0000 (GMT) Received: from DFWEML703-CAH.china.huawei.com (10.193.5.177) by lhreml703-cah.china.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 20 Jul 2017 09:04:47 +0100 Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by DFWEML703-CAH.china.huawei.com ([10.193.5.177]) with mapi id 14.03.0301.000; Thu, 20 Jul 2017 01:04:42 -0700 From: Yingzhen Qu To: Erik Nordmark , "ideas@ietf.org" Thread-Topic: [Ideas] Identity/identifier and session continuity Thread-Index: AQHTASrPl62Mp/1wpkeSqPEEd0TQ+KJcVszA Date: Thu, 20 Jul 2017 08:04:41 +0000 Message-ID: <594D005A3CB0724DB547CF3E9A9E810B51F3D8@dfweml501-mbb> References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> In-Reply-To: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.212.247.114] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.59706421.001B, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 9afd507c2267693d18d03a33458f99a2 Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 08:04:53 -0000 Hi Erik, I may not get your question right, but let me give it a try. Yes, identifiers are used on data plane for the transport connection, but a= n identifier used in one tcp session is not going to change during the sess= ion. If you're asking about initiating a session using a new identifier, it's di= fferent based on whether it's the sender or the receiver using a new identi= fier. But the bottom line is an entity will query the mapping system about = the idf/loc information, and since the MS has the info of identity and iden= tifiers mappings it can make the right resolution. The exact control messag= es needed will be defined by the WG later. Thanks, Yingzhen -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Erik Nordmark Sent: Thursday, July 20, 2017 12:35 AM To: ideas@ietf.org Subject: [Ideas] Identity/identifier and session continuity I understand the desire to provide good privacy by decoupling a longer-live= d identity from shorter lived and potentially in the clear identifiers. But since the identifiers are used for the transport connection identificat= ion, changing the identifier(s) used in an unlinkable way means that the tr= ansport sessions would break. Seems like a tricky tradeoff. What are the thoughts in this area? Thanks, Erik _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas From nobody Thu Jul 20 01:37:35 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D291A13157A for ; Thu, 20 Jul 2017 01:37:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oq5D3FnnVikC for ; Thu, 20 Jul 2017 01:37:32 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1D23129B7F for ; Thu, 20 Jul 2017 01:37:31 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DKX11556; Thu, 20 Jul 2017 08:37:29 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 20 Jul 2017 09:36:59 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Thu, 20 Jul 2017 01:36:49 -0700 From: Uma Chunduri To: Yingzhen Qu , Erik Nordmark , "ideas@ietf.org" Thread-Topic: [Ideas] Identity/identifier and session continuity Thread-Index: AQHTASrQA8hT40Pa70+th+iH95tXXqJc0LCA//+PqrA= Date: Thu, 20 Jul 2017 08:36:48 +0000 Message-ID: <25B4902B1192E84696414485F572685401A31635@SJCEML703-CHM.china.huawei.com> References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <594D005A3CB0724DB547CF3E9A9E810B51F3D8@dfweml501-mbb> In-Reply-To: <594D005A3CB0724DB547CF3E9A9E810B51F3D8@dfweml501-mbb> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.47.77.24] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020206.59706BCA.004C, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 50d608f62ee62fccf5ec10041abf919e Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 08:37:34 -0000 Hi Erik, > But since the identifiers are used for the transport connection identific= ation, changing the identifier(s) used in an unlinkable way means that the = transport sessions would break. I second below response. 2 quick things: 1. If an entity intends to use ephemeral identifiers in the data plane for = any reason (including for anonymity for outside observers), the frequency o= f use (one or more sessions) can be determined either by entity or through = MS. =20 I don't see why during a session it has to be changed, especially as it w= ill break the session as you suggested. 2. IDEAS doesn't intend to provide any mechanism how anonymous Identifiers = can be defined in a particular protocol. For example LISP has a mechanism f= or EID anonymity "draft-farinacci-lisp-eid-anonymity-02". However IDEAS can provide simple policy at GRIDS and can provide mecha= nisms how sender/receiver can wish to anonymize (for example frequency) the= ir communication, if needed. -- Uma C. -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Yingzhen Qu Sent: Thursday, July 20, 2017 1:05 AM To: Erik Nordmark ; ideas@ietf.org Subject: Re: [Ideas] Identity/identifier and session continuity Hi Erik, I may not get your question right, but let me give it a try. Yes, identifiers are used on data plane for the transport connection, but a= n identifier used in one tcp session is not going to change during the sess= ion. If you're asking about initiating a session using a new identifier, it's di= fferent based on whether it's the sender or the receiver using a new identi= fier. But the bottom line is an entity will query the mapping system about = the idf/loc information, and since the MS has the info of identity and iden= tifiers mappings it can make the right resolution. The exact control messag= es needed will be defined by the WG later. Thanks, Yingzhen -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Erik Nordmark Sent: Thursday, July 20, 2017 12:35 AM To: ideas@ietf.org Subject: [Ideas] Identity/identifier and session continuity I understand the desire to provide good privacy by decoupling a longer-live= d identity from shorter lived and potentially in the clear identifiers. But since the identifiers are used for the transport connection identificat= ion, changing the identifier(s) used in an unlinkable way means that the tr= ansport sessions would break. Seems like a tricky tradeoff. What are the thoughts in this area? Thanks, Erik _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas From nobody Thu Jul 20 01:51:02 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53A4713157A for ; Thu, 20 Jul 2017 01:50:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 83i9xlFd9ZTy for ; Thu, 20 Jul 2017 01:50:56 -0700 (PDT) Received: from mail-wr0-x233.google.com (mail-wr0-x233.google.com [IPv6:2a00:1450:400c:c0c::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D8A8126B72 for ; Thu, 20 Jul 2017 01:50:56 -0700 (PDT) Received: by mail-wr0-x233.google.com with SMTP id k71so14360386wrc.2 for ; Thu, 20 Jul 2017 01:50:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=HSn01Rczoc8uc6wXbRkcdRB3ry0qi53Sn4f2HaRkdUs=; b=CY6cxaQz+GjHzREv/dI2e/8kljzY76DAmQR2bg0uWTgzcmE71TNu136txpygs8UGK8 fl8ndgRcQMaounHXTxMnIhJ506PZEw8xW672BiwiZgpoXjO+wJKrQaWt4JtUWggzBB6j cUwctDMcJfImXed+9jLJqPwVu7+p+Ma1zA0sWb7PCremRDrsOIiVqwn9mvC6xQwH2p/n 7m/MKYKnzIDm3F041/86XdA2N/qiMIG6XW8OCEmN6b2dsaiBOxGPnUDEM3UX6cpSm5Sm e0urPW5Ckpym6zCSxn/l5v6ujBe1HFLG2SV+fdvvSDfj6Ok2rr9S0rVKqtL3YL6yGXMT aT6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=HSn01Rczoc8uc6wXbRkcdRB3ry0qi53Sn4f2HaRkdUs=; b=tyML1cCY2+uce3G04ZFQ9igeCn5qsOuw8kNh99xWYZ7sywIcVXU8sOv8yZ4UEne4JJ 5Rxjxnb9UuW4GNsWrXfWv+qpZqUaFK3IMdmr2EJKvZWZiEpWs2HZJompd+rVKqmF1Z5L xrrIW5MvVUsFm3r9e4KANQmwZDQQYuvFpJPyKssIvJATs6HLpA8oJ2YXzA0HrCdJxUex LD6Qu0BNQsdQmF/NX/61S9ZjSzIHD0gZ8OCiPtYL6jANXZg0MXbZVZWfg+MsLc2cNl/3 kNq012n0Bm8+XnM/gBgyq1pC8qtppxWkeqTOtkVylex0YW08KCnCSroR2LCvL9vE8QpT EwVQ== X-Gm-Message-State: AIVw110ZK3QT6R7felTdXhUVWDAEXIujKYLfJyQUQGXEKOL1vZYSSokM tQBxoLYQexfgbg== X-Received: by 10.223.183.40 with SMTP id l40mr6586736wre.154.1500540655047; Thu, 20 Jul 2017 01:50:55 -0700 (PDT) Received: from ?IPv6:2001:67c:1232:144:ed58:c3ea:de7e:8f3f? ([2001:67c:1232:144:ed58:c3ea:de7e:8f3f]) by smtp.gmail.com with ESMTPSA id p13sm2241051wma.8.2017.07.20.01.50.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jul 2017 01:50:54 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> Date: Thu, 20 Jul 2017 01:50:55 -0700 Cc: ideas@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> To: Erik Nordmark X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 08:50:58 -0000 > I understand the desire to provide good privacy by decoupling a = longer-lived identity from shorter lived and potentially in the clear = identifiers. >=20 > But since the identifiers are used for the transport connection = identification, changing the identifier(s) used in an unlinkable way = means that the transport sessions would break. >=20 > Seems like a tricky tradeoff. I believe we can have it both ways.=20 If one wants ephemeral-EIDs, they are used for short-lived transport = connections. If there will be long-lived transport connections, EIDs = stay assigned to the node for a longer period of time but the = encapsulated packets are encrypted. You can have one or both. You can = get privacy either way. Also note, in LISP, one can use ephemeral-EIDs and still get = crypto-based authentication using a crypto-EID for the sole purpose of = sending Map-Registers and Map-Requests and not for transport = connections. Dino From nobody Thu Jul 20 02:14:20 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B23A712FB9C for ; Thu, 20 Jul 2017 02:14:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yNBTZf1w5VlN for ; Thu, 20 Jul 2017 02:14:16 -0700 (PDT) Received: from mail-wm0-x22b.google.com (mail-wm0-x22b.google.com [IPv6:2a00:1450:400c:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 346DC126B72 for ; Thu, 20 Jul 2017 02:14:16 -0700 (PDT) Received: by mail-wm0-x22b.google.com with SMTP id w126so18878241wme.0 for ; Thu, 20 Jul 2017 02:14:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=ak7bV1/xkG/YvIA0dU2zMpiNE7fNYfX+D8+FZ89gy34=; b=LtcZCEhfDWImzHniQ90bEZr8Q09+Z6L8AgP8w1v88fDJPk8am/HfCPP2f9BOtAdBqb JCtlFIu1MTLZ1wRn0IzbfceHbBpqbiaoNfW5nVLtgxiRvLNP8lBFbPr2paoyVqQHY0/4 DekMzqUQ0uhVWnQD3GhhQjLz2L+jAfzgC8tniN6/6pay3VHP6x7K62ECQYnyb0Cq2ljT Rmsn8aOvJXhQ9HX8N05ZVHCYgEhmTyGzqGlHyBmmHO/yKC24YpF4D5UmtpAKKqdMXtIc cRioeuxzREXm7D1m9WIBOQXCHS7BY32XHKFTZsQTQzxZ+ZRrNVH3Oc84STPvAFoMTpw8 hHQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=ak7bV1/xkG/YvIA0dU2zMpiNE7fNYfX+D8+FZ89gy34=; b=I93O+tii9pG9AcmXQx57ObiNOHombWitQBVj08dDSfbQuntE5addf0/VEfLdidbVSN yznD2Ib7c6WNQxD7QrljgNNSc2VSgMGcCKLzOr22YgepyUnBua5VGWv0MxkBIUV0Xy3X MQhBnZqNZdln013ITucPih406X6Q948Zxw+mqXM1Tx5hMqDhOI3y3ZlfpZCwwv9VU8eH /yE0Ry/rw3dS87YIRcl1YlgIIOlNhGCWqZipEZEbqmVqOJj1d6CBJT6an0ITsS0rfgW/ 3VGTPstzyDsHMi54bJwSccTU+ph4k+6Q2N6xWWG78kCw8ZOHamnqSbK5ni3YxYD4+M5h kPkQ== X-Gm-Message-State: AIVw111Dwyht6gqfLFlTkytDsDpDz7v2jm7BLjeZZekXSSKYebEruweC TU/9kW+ybpbPIrgAMbk= X-Received: by 10.28.0.19 with SMTP id 19mr1719839wma.168.1500542054550; Thu, 20 Jul 2017 02:14:14 -0700 (PDT) Received: from ?IPv6:2001:67c:1232:144:ed58:c3ea:de7e:8f3f? ([2001:67c:1232:144:ed58:c3ea:de7e:8f3f]) by smtp.gmail.com with ESMTPSA id k76sm2354810wmg.38.2017.07.20.02.14.13 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jul 2017 02:14:13 -0700 (PDT) From: Dino Farinacci Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Message-Id: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> Date: Thu, 20 Jul 2017 02:14:12 -0700 To: ideas@ietf.org X-Mailer: Apple Mail (2.3273) Archived-At: Subject: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 09:14:18 -0000 As one of the original coauthors of LISP, I just want to say the IDEAs = effort will be well served for the locator/id split protocols. I think = all overlay protocols can make use of a *network-layer* based database. = And since security has to be a number 1 priority requirement, we have to = create something new. When I say =E2=80=9Cnew=E2=80=9D, I mean to create an operational = infrastructure where the loc/id split control protocols can be deployed = at scale. We have an application level database, it is called DNS. We = need a network-layer database. I think people should view GRIDs not for what use-cases it can provide, = but how to define a deployment strategy for a network-layer database = infrastructure for the use-cases that LISP, HIP, ILA, and ILNP *already* = provide. Dino From nobody Thu Jul 20 02:53:30 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 509F8127735 for ; Thu, 20 Jul 2017 02:53:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.201 X-Spam-Level: X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qQWxc5Tqm0nm for ; Thu, 20 Jul 2017 02:53:20 -0700 (PDT) Received: from mx04.uni-tuebingen.de (mx04.uni-tuebingen.de [134.2.5.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A82AC131A81 for ; Thu, 20 Jul 2017 02:53:19 -0700 (PDT) Received: from [31.133.146.37] (dhcp-9225.meeting.ietf.org [31.133.146.37]) by mx04.uni-tuebingen.de (Postfix) with ESMTPSA id D03F13E457 for ; Thu, 20 Jul 2017 11:53:17 +0200 (CEST) To: "ideas@ietf.org" From: Michael Menth Message-ID: <946e8ec2-a6c8-658e-cdf3-60b855dcaeb1@uni-tuebingen.de> Date: Thu, 20 Jul 2017 11:53:29 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Archived-At: Subject: [Ideas] related work X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 09:53:29 -0000 Hi all, here is a pointer to the paper David Oran mentioned during the BoF. It relates to ideas insofar as it addresses the tussle between privacy and accontability. http://www.sigcomm.org/node/3643 To my understanding it is more about accountability and less about loc/id split. Though, we should know about it. Thanks David! Best wishes, Michael -- Prof. Dr. habil. Michael Menth University of Tuebingen Faculty of Science Department of Computer Science Chair of Communication Networks Sand 13, 72076 Tuebingen, Germany phone: (+49)-7071/29-70505 fax: (+49)-7071/29-5220 mailto:menth@uni-tuebingen.de http://kn.inf.uni-tuebingen.de From nobody Thu Jul 20 03:18:45 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D654131C03 for ; Thu, 20 Jul 2017 03:18:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AdguZK83pSik for ; Thu, 20 Jul 2017 03:18:42 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88A8E131BFA for ; Thu, 20 Jul 2017 03:18:41 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml702-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DKY07860; Thu, 20 Jul 2017 10:18:39 +0000 (GMT) Received: from LHREML502-MBS.china.huawei.com ([10.201.109.53]) by lhreml702-cah.china.huawei.com ([10.201.108.43]) with mapi id 14.03.0301.000; Thu, 20 Jul 2017 11:18:37 +0100 From: Georgios Karagiannis To: "ideas@ietf.org" Thread-Topic: topic on the use of a permanent Identity in IDEAS concept Thread-Index: AdMBQZD3kPqZxxVoTEmvvsVXmjxyZQ== Date: Thu, 20 Jul 2017 10:18:36 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.47.73.250] Content-Type: multipart/alternative; boundary="_000_C5034E44CD620A44971BAAEB372655DC2DCFB8A9lhreml502mbs_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090205.59708380.0009, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: e3bb9adfa906773a80a310bd090f7b72 Archived-At: Subject: [Ideas] topic on the use of a permanent Identity in IDEAS concept X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 10:18:43 -0000 --_000_C5034E44CD620A44971BAAEB372655DC2DCFB8A9lhreml502mbs_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi all, During the IDEAS BOF, Jari Arkko mentioned that it is arguable to adopt a = concept that requires the use of a permanent Identity; I hope that during the BOF was satisfactorily clarified that the IDEAS conc= ept is not requiring the use of a permanent Identity; Best regards, Georgios --_000_C5034E44CD620A44971BAAEB372655DC2DCFB8A9lhreml502mbs_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi all,

 

During the IDEAS BOF, Jari Arkko  mentioned tha= t it is arguable to adopt a concept that requires the use of a permanent Id= entity;

 

I hope that during the BOF was satisfactorily clarif= ied that the IDEAS concept is not requiring the use of a permanent Identity= ;

 

 

Best regards,

Georgios

 

--_000_C5034E44CD620A44971BAAEB372655DC2DCFB8A9lhreml502mbs_-- From nobody Thu Jul 20 05:18:46 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A293131BF9 for ; Thu, 20 Jul 2017 05:18:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.202 X-Spam-Level: X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OZ5yXr6nkIYI for ; Thu, 20 Jul 2017 05:18:42 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D65841300BB for ; Thu, 20 Jul 2017 05:18:33 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 06F0262192; Thu, 20 Jul 2017 08:18:33 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id tS-7Y2lvwXrS; Thu, 20 Jul 2017 08:18:27 -0400 (EDT) Received: from lx120e.htt-consult.com (dhcp-831f.meeting.ietf.org [31.133.131.31]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id E21B662180; Thu, 20 Jul 2017 08:18:26 -0400 (EDT) To: Michael Menth , "ideas@ietf.org" References: <946e8ec2-a6c8-658e-cdf3-60b855dcaeb1@uni-tuebingen.de> From: Robert Moskowitz Message-ID: <5077d2a2-882a-79f3-c8c4-28c087c73c90@htt-consult.com> Date: Thu, 20 Jul 2017 14:18:24 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <946e8ec2-a6c8-658e-cdf3-60b855dcaeb1@uni-tuebingen.de> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [Ideas] related work X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 12:18:44 -0000 Oops, I have an appology, I thought David said PIP, which was Paul's IP and one of the IPng competitors that had some neat features to handle the EID challenge. But was considered non-implementable back in that day. Shows the age of some of my information... Bob On 07/20/2017 11:53 AM, Michael Menth wrote: > Hi all, > > here is a pointer to the paper David Oran mentioned during the BoF. It > relates to ideas insofar as it addresses the tussle between privacy and > accontability. > http://www.sigcomm.org/node/3643 > To my understanding it is more about accountability and less about > loc/id split. Though, we should know about it. Thanks David! > > Best wishes, > > Michael > From nobody Thu Jul 20 07:50:16 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87636131CDA for ; Thu, 20 Jul 2017 07:50:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.202 X-Spam-Level: X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bub2jg0YAbIc for ; Thu, 20 Jul 2017 07:50:12 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6679E131CF8 for ; Thu, 20 Jul 2017 07:50:06 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 7C2C46227F for ; Thu, 20 Jul 2017 10:50:05 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 9AKv9M-oXHE2 for ; Thu, 20 Jul 2017 10:50:01 -0400 (EDT) Received: from lx120e.htt-consult.com (dhcp-831f.meeting.ietf.org [31.133.131.31]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 88BF96221F for ; Thu, 20 Jul 2017 10:50:00 -0400 (EDT) To: "ideas@ietf.org" From: Robert Moskowitz Message-ID: <2f38d70f-6526-3d7b-5a42-69ac94f9f3cf@htt-consult.com> Date: Thu, 20 Jul 2017 16:49:52 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: [Ideas] Are Identities permanent or have a life cycle? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 14:50:14 -0000 This is to Jari's question. What is the nature of Indentity to Entity relationship. What IS Identity and how is it presented. After working on this for over 20 years, this is HARD!!! And we may need to scope out what is meant or punt. If I buy a notebook on ebay, does its Identity change as the meta data associated with the notebook most likely will change? I tried to use 'the language used to communication knowledge of Identity' or some such wording. Meaning that the language is mutable and has a lifecycle itself. So if there is a claim that a x.509 cert represents the Identity, can it change? Well in IEEE 802.1AR the iDevID is immutable and never changes for the usable life of the Entity. It is the lDevID that changes. But in use, it is the lDevID that the system operates with! I feel this is an important position for the workgroup to develop concensus around. Identity, IMHO, is NOT the 'DNA' of the Entity (work on clip power analysis to create such a DNA record). I believe there is Lasic (sp?) surgery that can change eye color... :) I do not hold that this needs to be nailed down in the Charter before the workgroup. This is one of the workgroup items: Defining Identity and how it is managed and discovered. I am willing to put my stake in the ground that Identity is mutable and inevitably changes through the life of the Entity. Further that an Entity (ignoring hypervisor/virtual machine scenarios) may have multiple Identities at any time, yielding different Identifiers that may all map to the same location. I know others disagree. I will work with the group position. Bob From nobody Thu Jul 20 08:11:05 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B17A9131CDF for ; Thu, 20 Jul 2017 08:11:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h4YDuAdMvP4O for ; Thu, 20 Jul 2017 08:11:02 -0700 (PDT) Received: from ms.etri.re.kr (mscreen.etri.re.kr [129.254.9.16]) by ietfa.amsl.com (Postfix) with ESMTP id 56EA51252BA for ; Thu, 20 Jul 2017 08:11:02 -0700 (PDT) Received: from unknown (HELO smtpeg.etri.re.kr) (129.254.27.142) by 129.254.9.16 with ESMTP; 21 Jul 2017 00:10:50 +0900 X-Original-SENDERIP: 129.254.27.142 X-Original-MAILFROM: jhong@etri.re.kr X-Original-RCPTTO: ideas@ietf.org, farinacci@gmail.com Received: from SMTP2.etri.info (129.254.28.72) by SMTPEG2.etri.info (129.254.27.142) with Microsoft SMTP Server (TLS) id 14.3.319.2; Fri, 21 Jul 2017 00:10:59 +0900 Received: from SMTP1.etri.info ([169.254.1.17]) by SMTP2.etri.info ([10.2.6.31]) with mapi id 14.03.0319.002; Fri, 21 Jul 2017 00:10:58 +0900 From: Jungha Hong To: Dino Farinacci , "ideas@ietf.org" Thread-Topic: [Ideas] GRIDs is a necessary use-case for LISP and HIP Thread-Index: AQHTATiUpRc6YiR4ikCW7lFjGgxadKJcyxQr Date: Thu, 20 Jul 2017 15:10:58 +0000 Message-ID: References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> In-Reply-To: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> Accept-Language: ko-KR, en-US Content-Language: ko-KR X-MS-Has-Attach: X-MS-TNEF-Correlator: x-new-displayname: SnVuZ2hhIEhvbmc= x-originating-ip: [129.254.28.44] Content-Type: multipart/alternative; boundary="_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC4686SMTP1etriinfo_" MIME-Version: 1.0 Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 15:11:04 -0000 --_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC4686SMTP1etriinfo_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 RGVhciBhbGwsDQoNCg0KSSBhdHRlbmRlZCBpbiB0aGUgQm9GIHllc3RlcmRheSBhbmQgSSBhZ3Jl ZSB3aXRoIHRoZSBEaW5vJ3MgY29tbWVudCB0aGF0IHdlIG5lZWQgYSBuZXR3b3JrLWxheWVyIGRh dGFiYXNlLg0KDQoNCkFjdHVhbGx5LCBpbiBteSBwcm9qZWN0LCB3ZSBoYXZlIGRlc2luZWQgYW5k IGltcGxlbWVudGVkIGEgbWFwcGluZyBzeXN0ZW0gYmV0d2VlbiBJRCBhbmQgbG9jYXRvcihzKSBl c3BlY2lhbGx5IGZvciBzdXBwb3J0aW5nIGEgZmxhdCB0eXBlZCBJRCBlZmZpY2llbnRseS4gSXQg d2FzIGRlc2lnbmVkIGFzIGEgbmV0d29yay1sYXllciBkYXRhYmFzZS4NCg0KDQpUaGFua3MsDQoN Ckp1bmdoYSBIb25nDQoNCg0KDQoNCg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f Xw0K67O064K4IOyCrOuejCA6ICJEaW5vIEZhcmluYWNjaSIgPGZhcmluYWNjaUBnbWFpbC5jb20+ DQrrs7Trgrgg64Kg7KecIDogMjAxNy0wNy0yMCAxODoxNDoyNCAoICswOTowMCApDQrrsJvripQg 7IKs656MIDogaWRlYXNAaWV0Zi5vcmcgPGlkZWFzQGlldGYub3JnPg0K7LC47KGwIDoNCuygnOuq qSA6IFtJZGVhc10gR1JJRHMgaXMgYSBuZWNlc3NhcnkgdXNlLWNhc2UgZm9yIExJU1AgYW5kIEhJ UA0KDQoNCg0KQXMgb25lIG9mIHRoZSBvcmlnaW5hbCBjb2F1dGhvcnMgb2YgTElTUCwgSSBqdXN0 IHdhbnQgdG8gc2F5IHRoZSBJREVBcyBlZmZvcnQgd2lsbCBiZSB3ZWxsIHNlcnZlZCBmb3IgdGhl IGxvY2F0b3IvaWQgc3BsaXQgcHJvdG9jb2xzLiBJIHRoaW5rIGFsbCBvdmVybGF5IHByb3RvY29s cyBjYW4gbWFrZSB1c2Ugb2YgYSAqbmV0d29yay1sYXllciogYmFzZWQgZGF0YWJhc2UuIEFuZCBz aW5jZSBzZWN1cml0eSBoYXMgdG8gYmUgYSBudW1iZXIgMSBwcmlvcml0eSByZXF1aXJlbWVudCwg d2UgaGF2ZSB0byBjcmVhdGUgc29tZXRoaW5nIG5ldy4NCg0KDQoNCg0KDQpXaGVuIEkgc2F5IOKA nG5ld+KAnSwgSSBtZWFuIHRvIGNyZWF0ZSBhbiBvcGVyYXRpb25hbCBpbmZyYXN0cnVjdHVyZSB3 aGVyZSB0aGUgbG9jL2lkIHNwbGl0IGNvbnRyb2wgcHJvdG9jb2xzIGNhbiBiZSBkZXBsb3llZCBh dCBzY2FsZS4gV2UgaGF2ZSBhbiBhcHBsaWNhdGlvbiBsZXZlbCBkYXRhYmFzZSwgaXQgaXMgY2Fs bGVkIEROUy4gV2UgbmVlZCBhIG5ldHdvcmstbGF5ZXIgZGF0YWJhc2UuDQoNCg0KDQoNCg0KSSB0 aGluayBwZW9wbGUgc2hvdWxkIHZpZXcgR1JJRHMgbm90IGZvciB3aGF0IHVzZS1jYXNlcyBpdCBj YW4gcHJvdmlkZSwgYnV0IGhvdyB0byBkZWZpbmUgYSBkZXBsb3ltZW50IHN0cmF0ZWd5IGZvciBh IG5ldHdvcmstbGF5ZXIgZGF0YWJhc2UgaW5mcmFzdHJ1Y3R1cmUgZm9yIHRoZSB1c2UtY2FzZXMg dGhhdCBMSVNQLCBISVAsIElMQSwgYW5kIElMTlAgKmFscmVhZHkqIHByb3ZpZGUuDQoNCg0KDQoN Cg0KRGlubw0KDQoNCg0KDQoNCg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fXw0KDQoNCg0KSWRlYXMgbWFpbGluZyBsaXN0DQoNCg0KDQpJZGVhc0BpZXRm Lm9yZw0KDQoNCg0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9pZGVhcw0K DQoNCg== --_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC4686SMTP1etriinfo_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5Pg0KPGRpdiBpZD0iZXpG b3JtUHJvY19kaXYiIHN0eWxlPSJGT05ULVNJWkU6IDEwcHQ7IEZPTlQtRkFNSUxZOiDqtbTrprwi Pg0KPGRpdiBpZD0ibXNnYm9keSI+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iTElORS1IRUlHSFQ6IDE1 cHQiPg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij5EZWFy IGFsbCw8L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgi Pjxicj4NCjwvcD4NCjxwIHN0eWxlPSJNQVJHSU4tQk9UVE9NOiAwcHg7IE1BUkdJTi1UT1A6IDBw eCI+SSBhdHRlbmRlZCBpbiB0aGUmbmJzcDtCb0YgeWVzdGVyZGF5IGFuZCZuYnNwO0kmbmJzcDth Z3JlZSB3aXRoIHRoZSZuYnNwO0Rpbm8ncyBjb21tZW50IHRoYXQgd2UgbmVlZCBhIG5ldHdvcmst bGF5ZXIgZGF0YWJhc2UuPC9wPg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lO LVRPUDogMHB4Ij48YnI+DQo8L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJH SU4tVE9QOiAwcHgiPkFjdHVhbGx5LCBpbiBteSBwcm9qZWN0LCB3ZSZuYnNwO2hhdmUgZGVzaW5l ZCBhbmQgaW1wbGVtZW50ZWQgYSBtYXBwaW5nIHN5c3RlbSBiZXR3ZWVuIElEIGFuZCBsb2NhdG9y KHMpIGVzcGVjaWFsbHkgZm9yIHN1cHBvcnRpbmcgYSZuYnNwO2ZsYXQgdHlwZWQgSUQgZWZmaWNp ZW50bHkuIEl0IHdhcyBkZXNpZ25lZCBhcyBhIG5ldHdvcmstbGF5ZXIgZGF0YWJhc2UuPC9wPg0K PHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij48YnI+DQo8L3A+ DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPlRoYW5rcyw8 L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPkp1bmdo YSBIb25nPC9wPg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4 Ij48YnI+DQo8L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAw cHgiPiZuYnNwOzwvcD4NCjxkaXYgaWQ9Ik1haWxTaWduU2VudCI+DQo8cCBzdHlsZT0iTUFSR0lO LUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4NCjwvZGl2Pg0KPGRpdiBp ZD0iT1JHTUFJTF9DT05URU5UIj4NCjxociB0YWJpbmRleD0iLTEiPg0KPGRpdj48Yj7rs7Trgrgg 7IKs656MIDogPC9iPiZxdW90O0Rpbm8gRmFyaW5hY2NpJnF1b3Q7ICZsdDtmYXJpbmFjY2lAZ21h aWwuY29tJmd0OzwvZGl2Pg0KPGRpdj48Yj7rs7Trgrgg64Kg7KecIDogPC9iPjIwMTctMDctMjAg MTg6MTQ6MjQgKCAmIzQzOzA5OjAwICk8L2Rpdj4NCjxkaXY+PGI+67Cb64qUIOyCrOuejCA6IDwv Yj5pZGVhc0BpZXRmLm9yZyAmbHQ7aWRlYXNAaWV0Zi5vcmcmZ3Q7PC9kaXY+DQo8ZGl2PjxiPuyw uOyhsCA6IDwvYj48L2Rpdj4NCjxkaXY+PGI+7KCc66qpIDogPC9iPltJZGVhc10gR1JJRHMgaXMg YSBuZWNlc3NhcnkgdXNlLWNhc2UgZm9yIExJU1AgYW5kIEhJUDwvZGl2Pg0KPHAgc3R5bGU9Ik1B UkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij4mbmJzcDs8L3A+DQpBcyBvbmUgb2Yg dGhlIG9yaWdpbmFsIGNvYXV0aG9ycyBvZiBMSVNQLCBJIGp1c3Qgd2FudCB0byBzYXkgdGhlIElE RUFzIGVmZm9ydCB3aWxsIGJlIHdlbGwgc2VydmVkIGZvciB0aGUgbG9jYXRvci9pZCBzcGxpdCBw cm90b2NvbHMuIEkgdGhpbmsgYWxsIG92ZXJsYXkgcHJvdG9jb2xzIGNhbiBtYWtlIHVzZSBvZiBh ICpuZXR3b3JrLWxheWVyKiBiYXNlZCBkYXRhYmFzZS4gQW5kIHNpbmNlIHNlY3VyaXR5IGhhcyB0 byBiZSBhIG51bWJlciAxIHByaW9yaXR5DQogcmVxdWlyZW1lbnQsIHdlIGhhdmUgdG8gY3JlYXRl IHNvbWV0aGluZyBuZXcuDQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9Q OiAwcHgiPiZuYnNwOzwvcD4NCjxwIHN0eWxlPSJNQVJHSU4tQk9UVE9NOiAwcHg7IE1BUkdJTi1U T1A6IDBweCI+Jm5ic3A7PC9wPg0KV2hlbiBJIHNheSDigJxuZXfigJ0sIEkgbWVhbiB0byBjcmVh dGUgYW4gb3BlcmF0aW9uYWwgaW5mcmFzdHJ1Y3R1cmUgd2hlcmUgdGhlIGxvYy9pZCBzcGxpdCBj b250cm9sIHByb3RvY29scyBjYW4gYmUgZGVwbG95ZWQgYXQgc2NhbGUuIFdlIGhhdmUgYW4gYXBw bGljYXRpb24gbGV2ZWwgZGF0YWJhc2UsIGl0IGlzIGNhbGxlZCBETlMuIFdlIG5lZWQgYSBuZXR3 b3JrLWxheWVyIGRhdGFiYXNlLg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lO LVRPUDogMHB4Ij4mbmJzcDs8L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJH SU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4NCkkgdGhpbmsgcGVvcGxlIHNob3VsZCB2aWV3IEdSSURz IG5vdCBmb3Igd2hhdCB1c2UtY2FzZXMgaXQgY2FuIHByb3ZpZGUsIGJ1dCBob3cgdG8gZGVmaW5l IGEgZGVwbG95bWVudCBzdHJhdGVneSBmb3IgYSBuZXR3b3JrLWxheWVyIGRhdGFiYXNlIGluZnJh c3RydWN0dXJlIGZvciB0aGUgdXNlLWNhc2VzIHRoYXQgTElTUCwgSElQLCBJTEEsIGFuZCBJTE5Q ICphbHJlYWR5KiBwcm92aWRlLg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lO LVRPUDogMHB4Ij4mbmJzcDs8L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJH SU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4NCkRpbm8NCjxwIHN0eWxlPSJNQVJHSU4tQk9UVE9NOiAw cHg7IE1BUkdJTi1UT1A6IDBweCI+Jm5ic3A7PC9wPg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006 IDBweDsgTUFSR0lOLVRPUDogMHB4Ij4mbmJzcDs8L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRP TTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4NCl9fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fDQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4 OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4NCklkZWFzIG1haWxpbmcgbGlzdA0KPHAgc3R5 bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij4mbmJzcDs8L3A+DQpJZGVh c0BpZXRmLm9yZw0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4 Ij4mbmJzcDs8L3A+DQpodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2lkZWFz DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwv cD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0 bWw+DQo= --_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC4686SMTP1etriinfo_-- From nobody Thu Jul 20 08:12:19 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69579131D06 for ; Thu, 20 Jul 2017 08:12:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.601 X-Spam-Level: X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CnosgDInNcE1 for ; Thu, 20 Jul 2017 08:12:12 -0700 (PDT) Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9C19131CE3 for ; Thu, 20 Jul 2017 08:12:10 -0700 (PDT) Received: from [31.133.137.43] (dhcp-892b.meeting.ietf.org [31.133.137.43]) (authenticated bits=0) by d.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id v6KFC6Dq023702 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 20 Jul 2017 08:12:07 -0700 To: Dino Farinacci , Erik Nordmark Cc: ideas@ietf.org References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> From: Erik Nordmark Message-ID: <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> Date: Thu, 20 Jul 2017 17:12:04 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Sonic-CAuth: UmFuZG9tSVbfrWRdAD7XUfEo4ztiU91kl0svNWd7NjdmHl4kSPxYYI0ulddyJZUXVI+LxY0CF6RpW3rXOOuj/9Eija3lDZrc X-Sonic-ID: C;/PXoyl1t5xGGk/sKk0eh0A== M;Dnviy11t5xGGk/sKk0eh0A== X-Sonic-Spam-Details: 0.0/5.0 by cerberusd Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 15:12:13 -0000 On 07/20/2017 10:50 AM, Dino Farinacci wrote: >> I understand the desire to provide good privacy by decoupling a longer-lived identity from shorter lived and potentially in the clear identifiers. >> >> But since the identifiers are used for the transport connection identification, changing the identifier(s) used in an unlinkable way means that the transport sessions would break. >> >> Seems like a tricky tradeoff. > > I believe we can have it both ways. > > If one wants ephemeral-EIDs, they are used for short-lived transport connections. If there will be long-lived transport connections, EIDs stay assigned to the node for a longer period of time but the encapsulated packets are encrypted. You can have one or both. You can get privacy either way. Yes, but when there is a potential combination of long-lived connections and short-lived connections using different identifiers that might provide the ability for an observer to link the different identifiers together. A resourceful observer with the ability to observe on many links and networks than then build up the collection of identifiers which have been used by a single identity. (Unlinkability is defined in rfc6973) One can avoid this linkability by changing all the identifiers (and other things visible in the clear like MAC addresses) and the same time as the locators are changing e.g. when the endpoint moves to a new network/link, but that will break the long-lived connections that are active when the change happens. Of course, one can encrypt the identifiers (e.g., by encrypting everything but the outer IP header) in the data packets since only the locators are needed for packet delivery. Erik > > Also note, in LISP, one can use ephemeral-EIDs and still get crypto-based authentication using a crypto-EID for the sole purpose of sending Map-Registers and Map-Requests and not for transport connections. > > Dino > > From nobody Thu Jul 20 08:13:36 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D78941252BA for ; Thu, 20 Jul 2017 08:13:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CIv4eVCT9Gse for ; Thu, 20 Jul 2017 08:13:32 -0700 (PDT) Received: from mail-wm0-x22c.google.com (mail-wm0-x22c.google.com [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F8B11317CC for ; Thu, 20 Jul 2017 08:13:32 -0700 (PDT) Received: by mail-wm0-x22c.google.com with SMTP id w191so29923999wmw.1 for ; Thu, 20 Jul 2017 08:13:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=SMzY+me9FifH64CU3UKBSpW7+L6aYVWRsL04Kyb42V8=; b=FhsvEUL7ou99x05dD4sEsfMcr+GkO4ahWLQusOHeLZlhyTYZ7/+xsa47XIqCvmSg0z fMPA+mBbGF8SJqFz8r0QSjuQNzpDIqkVXG1imDlm4SS9im6pVszGCZEI5UFUyvnEymZG MM0eB55vKqEy1iYFIUaltNltJLDkXEcZZe1R6MwawBGnDMMcm0UJAFRdVb4K4dQTae/Q 6fRIYgw/CgNuaNlK4R10HwmUMC7VWtiFVp+0Ap+bhOlI6NlVYAiheWCHKBexjSzEAEA5 yzXTln4UjNUlkFFGvEmPSvkUXTwm0BGvVtuBm/8X7Hqidk8ybyPlRJsbvmHsAuaIxHtA gMaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=SMzY+me9FifH64CU3UKBSpW7+L6aYVWRsL04Kyb42V8=; b=qU9sgnfS7ujfj1UJqtOGYGXMov8JPkhEE7+lIFZ24SH3J96xhgVRKYY7PSpBMomTmH cEPL4vF1+U4VaetlkAqREMFA5tPrdxtju0xn03W9z5sbVA4Ryrj3QnAIHWd6xKd/MjGl MtOxlUgUx8YLiBP+kQYmSBbTTFvlYj/GhLjD9DRT7waEm5Z8LHxMVVFpqIrL5gzZnmJx A7XD86mcRafzTtIHn2mbl9wsRp9F9h32fl3yVNQvmXZMb4UKAyECLy2rA7gSfQBryn4s 1NqUUnvt3v/Y2zg1sr/h+7FeP4wZoNJf1u9ywdz0vMUcZm058eWDH1/CCt/Fs+Zv/kJd iF/g== X-Gm-Message-State: AIVw110veGd9laR8/XgXBjYc2hdqDK5SzK9afi+VPVXumjyj8lZu3+T1 OAuLNXE4v3NBCCnN+Yg= X-Received: by 10.28.27.67 with SMTP id b64mr2745840wmb.11.1500563610897; Thu, 20 Jul 2017 08:13:30 -0700 (PDT) Received: from ?IPv6:2001:67c:370:128:d5:3018:803f:4b22? ([2001:67c:370:128:d5:3018:803f:4b22]) by smtp.gmail.com with ESMTPSA id u30sm3668399wru.88.2017.07.20.08.13.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jul 2017 08:13:30 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: Date: Thu, 20 Jul 2017 08:13:29 -0700 Cc: "ideas@ietf.org" Content-Transfer-Encoding: quoted-printable Message-Id: <22F6CC93-CB03-4A5E-AD8C-B69864E98FA4@gmail.com> References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> To: Jungha Hong X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 15:13:34 -0000 > Actually, in my project, we have desined and implemented a mapping = system between ID and locator(s) especially for supporting a flat typed = ID efficiently. It was designed as a network-layer database. Jungha, if you can share, it would be nice to hear some detailed = properties of the database. I=E2=80=99m particulary interested on your = pubsub scalability. Thanks, Dino From nobody Thu Jul 20 08:14:38 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEFCE131B5B for ; Thu, 20 Jul 2017 08:14:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.935 X-Spam-Level: X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B0MZUP7Lvmxd for ; Thu, 20 Jul 2017 08:14:34 -0700 (PDT) Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A62511317CC for ; Thu, 20 Jul 2017 08:14:34 -0700 (PDT) Received: from [31.133.137.43] (dhcp-892b.meeting.ietf.org [31.133.137.43]) (authenticated bits=0) by d.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id v6KFEU0O026257 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 20 Jul 2017 08:14:32 -0700 References: <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> To: ideas@ietf.org From: Erik Nordmark X-Forwarded-Message-Id: <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> Message-ID: Date: Thu, 20 Jul 2017 17:14:28 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Sonic-CAuth: UmFuZG9tSVZxoK3u9+d+XJGxGoNdDFEYPlz2LRe55GKI+CeXJKzBclg7cZ6OScOq9kjv6nJikD6TA/7BdCYHz0oJ6h7ml1Iq X-Sonic-ID: C;oJSqIF5t5xGU+PsKk0eh0A== M;kmetIV5t5xGU+PsKk0eh0A== X-Sonic-Spam-Details: 0.0/5.0 by cerberusd Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 15:14:35 -0000 On 07/20/2017 10:50 AM, Dino Farinacci wrote: >> I understand the desire to provide good privacy by decoupling a longer-lived identity from shorter lived and potentially in the clear identifiers. >> >> But since the identifiers are used for the transport connection identification, changing the identifier(s) used in an unlinkable way means that the transport sessions would break. >> >> Seems like a tricky tradeoff. > > I believe we can have it both ways. > > If one wants ephemeral-EIDs, they are used for short-lived transport connections. If there will be long-lived transport connections, EIDs stay assigned to the node for a longer period of time but the encapsulated packets are encrypted. You can have one or both. You can get privacy either way. Yes, but when there is a potential combination of long-lived connections and short-lived connections using different identifiers that might provide the ability for an observer to link the different identifiers together. A resourceful observer with the ability to observe on many links and networks than then build up the collection of identifiers which have been used by a single identity. (Unlinkability is defined in rfc6973) One can avoid this linkability by changing all the identifiers (and other things visible in the clear like MAC addresses) and the same time as the locators are changing e.g. when the endpoint moves to a new network/link, but that will break the long-lived connections that are active when the change happens. Of course, one can encrypt the identifiers (e.g., by encrypting everything but the outer IP header) in the data packets since only the locators are needed for packet delivery. Erik > > Also note, in LISP, one can use ephemeral-EIDs and still get crypto-based authentication using a crypto-EID for the sole purpose of sending Map-Registers and Map-Requests and not for transport connections. > > Dino > > From nobody Thu Jul 20 08:26:59 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D7D1131D10 for ; Thu, 20 Jul 2017 08:26:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.935 X-Spam-Level: X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0k2UQX20Txae for ; Thu, 20 Jul 2017 08:26:51 -0700 (PDT) Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB6BB131D14 for ; Thu, 20 Jul 2017 08:26:46 -0700 (PDT) Received: from [31.133.137.43] (dhcp-892b.meeting.ietf.org [31.133.137.43]) (authenticated bits=0) by d.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id v6KFQdjL004978 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 20 Jul 2017 08:26:40 -0700 To: Robert Moskowitz , "ideas@ietf.org" , Jari Arkko References: <2f38d70f-6526-3d7b-5a42-69ac94f9f3cf@htt-consult.com> From: Erik Nordmark Message-ID: Date: Thu, 20 Jul 2017 17:26:37 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <2f38d70f-6526-3d7b-5a42-69ac94f9f3cf@htt-consult.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Sonic-CAuth: UmFuZG9tSVbCRXRRFPL+n9k6uuKs0mXDMmI/+eMWUyRPEtvci0lulq4l1wtwnf4mCpLHwTvDpDxSJOFQWdK7pqyjkSfTQn0i X-Sonic-ID: C;2O4s019t5xGLqPsKk0eh0A== M;3qgl1F9t5xGLqPsKk0eh0A== X-Sonic-Spam-Details: 0.0/5.0 by cerberusd Archived-At: Subject: Re: [Ideas] Are Identities permanent or have a life cycle? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 15:26:53 -0000 On 07/20/2017 04:49 PM, Robert Moskowitz wrote: > This is to Jari's question. I'll le Jari speak for himself, but there might be a concern about the privacy considerations for long-lived identities/identifiers which we have seen in the last for instance when including the IEEE MAC address in auto-generated IPv6 addresses. Such a concern is unrelated to the nature and definition of identity. The IETF and the large community clearly has significant privacy concerns when such a number is disclosed everywhere as was the case with those IPv6 addresses. But in the case of the identity in IDEAS I think the idea is that it wouldn't be widely exposed; not carried in datapackets etc. From my perspective I think that is fine. In many cases I expect devices to have a hardware root of trust with manufacturing certificates, owner certificates, etc which can be used as part of secure/trusted boot with remote attestation etc. BUT such identifying information should only be disclosed on a need-to-know basis. For instance, the owner of an endpoint might have an inventory management system which tracks their endpoints and their secure boot state. But I don't think we've had discussion about this in the IETF context, and it would be broader than IDEAS. Erik > > What is the nature of Indentity to Entity relationship. What IS > Identity and how is it presented. > > After working on this for over 20 years, this is HARD!!! And we may > need to scope out what is meant or punt. > > If I buy a notebook on ebay, does its Identity change as the meta data > associated with the notebook most likely will change? > > I tried to use 'the language used to communication knowledge of > Identity' or some such wording. Meaning that the language is mutable > and has a lifecycle itself. So if there is a claim that a x.509 cert > represents the Identity, can it change? Well in IEEE 802.1AR the iDevID > is immutable and never changes for the usable life of the Entity. It is > the lDevID that changes. But in use, it is the lDevID that the system > operates with! > > I feel this is an important position for the workgroup to develop > concensus around. Identity, IMHO, is NOT the 'DNA' of the Entity (work > on clip power analysis to create such a DNA record). I believe there is > Lasic (sp?) surgery that can change eye color... :) > > I do not hold that this needs to be nailed down in the Charter before > the workgroup. This is one of the workgroup items: Defining Identity > and how it is managed and discovered. > > I am willing to put my stake in the ground that Identity is mutable and > inevitably changes through the life of the Entity. Further that an > Entity (ignoring hypervisor/virtual machine scenarios) may have multiple > Identities at any time, yielding different Identifiers that may all map > to the same location. > > I know others disagree. I will work with the group position. > > Bob > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > From nobody Thu Jul 20 08:42:33 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 465D612EC46 for ; Thu, 20 Jul 2017 08:42:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id agQW3vzh1fU6 for ; Thu, 20 Jul 2017 08:42:30 -0700 (PDT) Received: from ms.etri.re.kr (mscreen.etri.re.kr [129.254.9.16]) by ietfa.amsl.com (Postfix) with ESMTP id 7A37C126CB6 for ; Thu, 20 Jul 2017 08:42:29 -0700 (PDT) Received: from unknown (HELO smtpeg.etri.re.kr) (129.254.27.141) by 129.254.9.16 with ESMTP; 21 Jul 2017 00:42:18 +0900 X-Original-SENDERIP: 129.254.27.141 X-Original-MAILFROM: jhong@etri.re.kr X-Original-RCPTTO: ideas@ietf.org, farinacci@gmail.com Received: from SMTP3.etri.info (129.254.28.73) by SMTPEG1.etri.info (129.254.27.141) with Microsoft SMTP Server (TLS) id 14.3.319.2; Fri, 21 Jul 2017 00:42:23 +0900 Received: from SMTP1.etri.info ([169.254.1.17]) by SMTP3.etri.info ([10.2.6.32]) with mapi id 14.03.0319.002; Fri, 21 Jul 2017 00:42:24 +0900 From: Jungha Hong To: Dino Farinacci CC: "ideas@ietf.org" Thread-Topic: [Ideas] GRIDs is a necessary use-case for LISP and HIP Thread-Index: AQHTATiUpRc6YiR4ikCW7lFjGgxadKJcyxQr//9xF4CAAJvlng== Date: Thu, 20 Jul 2017 15:42:24 +0000 Message-ID: References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> , <22F6CC93-CB03-4A5E-AD8C-B69864E98FA4@gmail.com> In-Reply-To: <22F6CC93-CB03-4A5E-AD8C-B69864E98FA4@gmail.com> Accept-Language: ko-KR, en-US Content-Language: ko-KR X-MS-Has-Attach: X-MS-TNEF-Correlator: x-new-displayname: SnVuZ2hhIEhvbmc= x-originating-ip: [129.254.28.44] Content-Type: multipart/alternative; boundary="_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC46DESMTP1etriinfo_" MIME-Version: 1.0 Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 15:42:31 -0000 --_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC46DESMTP1etriinfo_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Rm9yIHNjYWxhYmlsaXR5LCB3ZSBoYWQgdG8gdGFrZSB0aGUgdHJlZSBzdHJ1Y3R1cmUgZm9yIHRo ZSBtYXBwaW5nIHN5c3RlbSBsaWtlIEROUy4NCg0KQnV0IG91ciBjb250cmlidXRpb24gd2FzIGhv dyB0byB1cGRhdGUvbG9va3VwIChwdWIvc3ViKSB0aGUgbG9jYXRvcihzKSBieSBhIGZsYXQgdHlw ZWQgSUQgd2hpY2ggaXMgcmVnaXN0ZXJlZCBpbiBzb21ld2hlcmUgb24gdGhlIG1hcHBpbmcgc3lz dGVtLg0KDQoNCkkgd291bGQgbGlrZSB0byBpbnRyb2R1Y2Ugb3VyIG1hcHBpbmcgc3lzdGVtIGFz IG9uZSBvZiB0aGUgc29sdXRpb25zIGZvciBhIGZsYXQgdHlwZWQgSUQgaW4gdGhlIElERUFTIG1l ZXRpbmcgd2hlbiBpdCBpcyBwb3NzaWJsZS4NCg0KDQoNClRoYW5rcywNCg0KSnVuZ2hhIEhvbmcN Cg0KDQoNCg0KDQoNCg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCuuztOuCuCDs gqzrnowgOiAiRGlubyBGYXJpbmFjY2kiIDxmYXJpbmFjY2lAZ21haWwuY29tPg0K67O064K4IOuC oOynnCA6IDIwMTctMDctMjEgMDA6MTM6MzggKCArMDk6MDAgKQ0K67Cb64qUIOyCrOuejCA6IO2Z jeygle2VmCA8amhvbmdAZXRyaS5yZS5rcj4NCuywuOyhsCA6IGlkZWFzQGlldGYub3JnIDxpZGVh c0BpZXRmLm9yZz4NCuygnOuqqSA6IFJlOiBbSWRlYXNdIEdSSURzIGlzIGEgbmVjZXNzYXJ5IHVz ZS1jYXNlIGZvciBMSVNQIGFuZCBISVANCg0KDQoNCj4gQWN0dWFsbHksIGluIG15IHByb2plY3Qs IHdlIGhhdmUgZGVzaW5lZCBhbmQgaW1wbGVtZW50ZWQgYSBtYXBwaW5nIHN5c3RlbSBiZXR3ZWVu IElEIGFuZCBsb2NhdG9yKHMpIGVzcGVjaWFsbHkgZm9yIHN1cHBvcnRpbmcgYSBmbGF0IHR5cGVk IElEIGVmZmljaWVudGx5LiBJdCB3YXMgZGVzaWduZWQgYXMgYSBuZXR3b3JrLWxheWVyIGRhdGFi YXNlLg0KDQoNCg0KDQoNCkp1bmdoYSwgaWYgeW91IGNhbiBzaGFyZSwgaXQgd291bGQgYmUgbmlj ZSB0byBoZWFyIHNvbWUgZGV0YWlsZWQgcHJvcGVydGllcyBvZiB0aGUgZGF0YWJhc2UuIEnigJlt IHBhcnRpY3VsYXJ5IGludGVyZXN0ZWQgb24geW91ciBwdWJzdWIgc2NhbGFiaWxpdHkuDQoNCg0K DQoNCg0KVGhhbmtzLA0KDQoNCg0KRGlubw0KDQoNCg0KDQo= --_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC46DESMTP1etriinfo_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5Pg0KPGRpdiBpZD0iZXpG b3JtUHJvY19kaXYiIHN0eWxlPSJGT05ULVNJWkU6IDEwcHQ7IEZPTlQtRkFNSUxZOiDqtbTrprwi Pg0KPGRpdiBpZD0ibXNnYm9keSI+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iTElORS1IRUlHSFQ6IDE1 cHQiPg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij5Gb3Ig c2NhbGFiaWxpdHksIHdlIGhhZCB0byB0YWtlIHRoZSB0cmVlIHN0cnVjdHVyZSBmb3IgdGhlJm5i c3A7bWFwcGluZyBzeXN0ZW0gbGlrZSZuYnNwO0ROUy48L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJP VFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPkJ1dCBvdXIgY29udHJpYnV0aW9uIHdhcyZuYnNw O2hvdyB0byZuYnNwO3VwZGF0ZS9sb29rdXAgKHB1Yi9zdWIpIHRoZSBsb2NhdG9yKHMpIGJ5IGEg ZmxhdCB0eXBlZCBJRCB3aGljaCBpcyByZWdpc3RlcmVkIGluIHNvbWV3aGVyZSBvbiB0aGUgbWFw cGluZyBzeXN0ZW0uPC9wPg0KPHAgc3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRP UDogMHB4Ij48YnI+DQo8L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4t VE9QOiAwcHgiPkkgd291bGQgbGlrZSB0byBpbnRyb2R1Y2Ugb3VyIG1hcHBpbmcgc3lzdGVtIGFz IG9uZSBvZiB0aGUgc29sdXRpb25zIGZvciZuYnNwO2EgZmxhdCB0eXBlZCBJRCZuYnNwO2luIHRo ZSBJREVBUyBtZWV0aW5nIHdoZW4gaXQgaXMgcG9zc2libGUuPC9wPg0KPHAgc3R5bGU9Ik1BUkdJ Ti1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij4mbmJzcDs8L3A+DQo8cCBzdHlsZT0iTUFS R0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPlRoYW5rcyw8L3A+DQo8cCBzdHlsZT0i TUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPkp1bmdoYSBIb25nPC9wPg0KPHAg c3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij4mbmJzcDsmbmJzcDs8 L3A+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNw OzwvcD4NCjxkaXYgaWQ9Ik1haWxTaWduU2VudCI+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTog MHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4NCjwvZGl2Pg0KPGRpdiBpZD0iT1JHTUFJ TF9DT05URU5UIj4NCjxociB0YWJpbmRleD0iLTEiPg0KPGRpdj48Yj7rs7Trgrgg7IKs656MIDog PC9iPiZxdW90O0Rpbm8gRmFyaW5hY2NpJnF1b3Q7ICZsdDtmYXJpbmFjY2lAZ21haWwuY29tJmd0 OzwvZGl2Pg0KPGRpdj48Yj7rs7Trgrgg64Kg7KecIDogPC9iPjIwMTctMDctMjEgMDA6MTM6Mzgg KCAmIzQzOzA5OjAwICk8L2Rpdj4NCjxkaXY+PGI+67Cb64qUIOyCrOuejCA6IDwvYj7tmY3soJXt lZggJmx0O2pob25nQGV0cmkucmUua3ImZ3Q7PC9kaXY+DQo8ZGl2PjxiPuywuOyhsCA6IDwvYj5p ZGVhc0BpZXRmLm9yZyAmbHQ7aWRlYXNAaWV0Zi5vcmcmZ3Q7PC9kaXY+DQo8ZGl2PjxiPuygnOuq qSA6IDwvYj5SZTogW0lkZWFzXSBHUklEcyBpcyBhIG5lY2Vzc2FyeSB1c2UtY2FzZSBmb3IgTElT UCBhbmQgSElQPC9kaXY+DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9Q OiAwcHgiPiZuYnNwOzwvcD4NCiZndDsgQWN0dWFsbHksIGluIG15IHByb2plY3QsIHdlIGhhdmUg ZGVzaW5lZCBhbmQgaW1wbGVtZW50ZWQgYSBtYXBwaW5nIHN5c3RlbSBiZXR3ZWVuIElEIGFuZCBs b2NhdG9yKHMpIGVzcGVjaWFsbHkgZm9yIHN1cHBvcnRpbmcgYSBmbGF0IHR5cGVkIElEIGVmZmlj aWVudGx5LiBJdCB3YXMgZGVzaWduZWQgYXMgYSBuZXR3b3JrLWxheWVyIGRhdGFiYXNlLg0KPHAg c3R5bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij4mbmJzcDs8L3A+DQo8 cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4N Ckp1bmdoYSwgaWYgeW91IGNhbiBzaGFyZSwgaXQgd291bGQgYmUgbmljZSB0byBoZWFyIHNvbWUg ZGV0YWlsZWQgcHJvcGVydGllcyBvZiB0aGUgZGF0YWJhc2UuIEnigJltIHBhcnRpY3VsYXJ5IGlu dGVyZXN0ZWQgb24geW91ciBwdWJzdWIgc2NhbGFiaWxpdHkuDQo8cCBzdHlsZT0iTUFSR0lOLUJP VFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwvcD4NCjxwIHN0eWxlPSJNQVJHSU4t Qk9UVE9NOiAwcHg7IE1BUkdJTi1UT1A6IDBweCI+Jm5ic3A7PC9wPg0KVGhhbmtzLA0KPHAgc3R5 bGU9Ik1BUkdJTi1CT1RUT006IDBweDsgTUFSR0lOLVRPUDogMHB4Ij4mbmJzcDs8L3A+DQpEaW5v DQo8cCBzdHlsZT0iTUFSR0lOLUJPVFRPTTogMHB4OyBNQVJHSU4tVE9QOiAwcHgiPiZuYnNwOzwv cD4NCjxwIHN0eWxlPSJNQVJHSU4tQk9UVE9NOiAwcHg7IE1BUkdJTi1UT1A6IDBweCI+Jm5ic3A7 PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvYm9keT4NCjwv aHRtbD4NCg== --_000_F8EFC212DF9A004DA18AA8FB011E4233A8EC46DESMTP1etriinfo_-- From nobody Thu Jul 20 08:57:02 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF43B131AFC for ; Thu, 20 Jul 2017 08:56:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pNNsAgGm3QRU for ; Thu, 20 Jul 2017 08:56:49 -0700 (PDT) Received: from mail-wr0-x236.google.com (mail-wr0-x236.google.com [IPv6:2a00:1450:400c:c0c::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC663131CE7 for ; Thu, 20 Jul 2017 08:56:48 -0700 (PDT) Received: by mail-wr0-x236.google.com with SMTP id y43so72551000wrd.3 for ; Thu, 20 Jul 2017 08:56:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=szwIgEJ6VRNazGjJSZAGkCMJVn3sQRsVpls91W5P2Uk=; b=A0zOQDcRe4xzR4Pad2Cw4CITUZcarnyLlmeKGlf7b2DdBVsJv1DGGb3y7L7zwY6DGU 5YtkYnuAEngHv5tpf1ztzR6M7lybMb8XDQwVIcooh6K07R6UH992OJesh9Diq6hBxaVY qY/rRilS3rPaFYh25fgl6BSm+/NpOUDe57nOqwr/GAOgeOml3OzTTx7sSiIzuVbVaAXh jN9+h6KP6oNwgO5HdmL+y1bZyCrPHpUSr0XL+9TsX25yCbC+IU9Vl+wWhgDkPnJgcQ9b 03tMwkxmJh9+rsn+tk0JIpB5oRx6oe5GXUvnETJquIdlg7EKUGumwqPejS9i9QkEUrK1 6qWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=szwIgEJ6VRNazGjJSZAGkCMJVn3sQRsVpls91W5P2Uk=; b=GTI1eyqn7nWRrpSqjsdcTsF0EgKjts1q2TrDYt+K8JWS4xUbDR+xLwtD6nisAhxx59 i/oGAZl68Drv60uTkNQ6uVD+lyoFcNTpP+k2La6DIrAcfW3bpCkhRbyuHmobJ06AxqEE ayOSP8rm+GMvxb0w32COqXiPS+iXv0avcFg10dGmQJ1kMS4PQkhgduNh9CBFmtc9qAfr ZqX3pm386xspTgzlnLU9ZjBYtTIun8gMG+2Z839kzXcrV6I9dOJKYV+e8i++AP0NBHEu 38TGKNgb7ltYLlPRsbI48v19koll17ojdiDrsDtILHCEkE9iI3PNgxlzlEhVZc0qgwwb Zo5Q== X-Gm-Message-State: AIVw1128Y1s+WPkAtAdygdN9g244tYlMcSvHDMGZfu2jUQxhRxnrVXfy HJjtfCuWrZVA8rhURKq8U5hC5KUmPDTP X-Received: by 10.223.169.2 with SMTP id u2mr3271971wrc.288.1500566207407; Thu, 20 Jul 2017 08:56:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.128.66 with HTTP; Thu, 20 Jul 2017 08:56:46 -0700 (PDT) In-Reply-To: <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> From: Tom Herbert Date: Thu, 20 Jul 2017 08:56:46 -0700 Message-ID: To: Erik Nordmark Cc: Dino Farinacci , Erik Nordmark , ideas@ietf.org Content-Type: text/plain; charset="UTF-8" Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 15:57:00 -0000 On Thu, Jul 20, 2017 at 8:12 AM, Erik Nordmark wrote: > On 07/20/2017 10:50 AM, Dino Farinacci wrote: >>> >>> I understand the desire to provide good privacy by decoupling a >>> longer-lived identity from shorter lived and potentially in the clear >>> identifiers. >>> >>> But since the identifiers are used for the transport connection >>> identification, changing the identifier(s) used in an unlinkable way means >>> that the transport sessions would break. >>> >>> Seems like a tricky tradeoff. >> >> >> I believe we can have it both ways. >> >> If one wants ephemeral-EIDs, they are used for short-lived transport >> connections. If there will be long-lived transport connections, EIDs stay >> assigned to the node for a longer period of time but the encapsulated >> packets are encrypted. You can have one or both. You can get privacy either >> way. > > > Yes, but when there is a potential combination of long-lived connections and > short-lived connections using different identifiers that might provide the > ability for an observer to link the different identifiers together. A > resourceful observer with the ability to observe on many links and networks > than then build up the collection of identifiers which have been used by a > single identity. (Unlinkability is defined in rfc6973) > > One can avoid this linkability by changing all the identifiers (and other > things visible in the clear like MAC addresses) and the same time as the > locators are changing e.g. when the endpoint moves to a new network/link, > but that will break the long-lived connections that are active when the > change happens. > > Of course, one can encrypt the identifiers (e.g., by encrypting everything > but the outer IP header) in the data packets since only the locators are > needed for packet delivery. > Right, that would have to include the transport headers since it would be easy to correlate packets for the same flow by looking at sequence and ack numbers. Also changing addresses of an existing TCP connection will wreak havoc on stateful middleboxes like firewalls. Maybe the goal should be to prevent correlation of identity between flows. Tom > Erik > > >> >> Also note, in LISP, one can use ephemeral-EIDs and still get crypto-based >> authentication using a crypto-EID for the sole purpose of sending >> Map-Registers and Map-Requests and not for transport connections. >> >> Dino >> >> > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas From nobody Thu Jul 20 10:34:25 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E10E5131D18 for ; Thu, 20 Jul 2017 10:34:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MjzdNJbXq3ao for ; Thu, 20 Jul 2017 10:34:23 -0700 (PDT) Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15085131CEB for ; Thu, 20 Jul 2017 10:34:23 -0700 (PDT) Received: by mail-wm0-x230.google.com with SMTP id g127so33247282wmd.0 for ; Thu, 20 Jul 2017 10:34:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9K5TOJ/b4CMJ9+Av0tr2vdQzvEhgfKqgQh3Qz459JUA=; b=AMYOWuyMdgXPSfHFumUqfe9qLdR7WjZywYBhFpQqLFRbkYU4FgHZiKlZWWKVB8hRyA +m837g2/IbHOJz0IySom8G5pZrm46/MPUBLgpARcDMcAVcLultfwEpDroqpC52a54C+0 fH51RdWWDY+MmUuLW4dbcgZsm9XYpKmonAfRc2m7uuowB597teR9qhlAT4UEYEoKk1er u2VsgXpGYwoTbw5dpXJIw5mIvvs927A3jLO/lWCiJGcq2K6UH99rJBqrHzjYDzu7+cgX X/aKjG8qVXfgufmozvczJ89myzNBjwG/PDw41OVYMbHg+60doKrvSGDimYW2zVz/K+Mb 127w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9K5TOJ/b4CMJ9+Av0tr2vdQzvEhgfKqgQh3Qz459JUA=; b=sQDWthnkSZZRD1/8XNj6MurTR+v5+EF/EaB4iCWNZR2Lkthr8jxEt4USHBqLQWiD0B 5xxAbcYLj7XLxISyf+2cgTlXIgeVXMm1567KqYooxW/nspiNuW/Y9qAsPVqkWK9EWHSt 1vpvJna340lsVcO1PwyyF2/MS0htt1lxHaCT3CiV7VmGv45QzHhm2tw+x90s6/s0Rcvg cLATFyGyJSHskOstYwh6/DjesScuI59ny2QNmQge3bgn52EOaESKBjoe0qZ2thQckVMy liq12uWv8eoz0zTKzgRaj0+7H78FUVzTYa4bKCUAu33vBG1EpWHTlkfcYwsKqCCslFGs 8ACQ== X-Gm-Message-State: AIVw112yI2799T+Fb7ktIrviWgN4/weIqLZFA7svLJeueLEcjOVv8IEt 9Ka1hc2xdymvnA== X-Received: by 10.28.29.72 with SMTP id d69mr2802536wmd.9.1500572061577; Thu, 20 Jul 2017 10:34:21 -0700 (PDT) Received: from ?IPv6:2001:67c:1232:144:2838:ce19:51ee:18eb? ([2001:67c:1232:144:2838:ce19:51ee:18eb]) by smtp.gmail.com with ESMTPSA id p27sm2924772wmf.23.2017.07.20.10.34.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jul 2017 10:34:20 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> Date: Thu, 20 Jul 2017 10:34:19 -0700 Cc: Erik Nordmark , ideas@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> To: Erik Nordmark X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 17:34:25 -0000 > Yes, but when there is a potential combination of long-lived = connections and short-lived connections using different identifiers that = might provide the ability for an observer to link the different = identifiers together. A resourceful observer with the ability to observe = on many links and networks than then build up the collection of = identifiers which have been used by a single identity. (Unlinkability is = defined in rfc6973) If an the xTR has multiple RLOCs, it can use different ones for = encapsulated traffic for both long-lived and short-lived sessions and = EIDs, while EIDs are encrypted. It will be harder to associate when multiple addresses are BOTH = encrypted and changing. Note, changing RLOCs does not change the path = packets arrive to these EIDs. However, on egress, uRPF issues may be = created. So one will need to have multiple PA addresses for each link = connected to different providers. > One can avoid this linkability by changing all the identifiers (and = other things visible in the clear like MAC addresses) and the same time = as the locators are changing e.g. when the endpoint moves to a new = network/link, but that will break the long-lived connections that are = active when the change happens. There is no reason on a point-to-point link that a source MAC cannot be = 00:00:00:00:00:00. That is pretty good obfuscation if you believe it is = needed. > Of course, one can encrypt the identifiers (e.g., by encrypting = everything but the outer IP header) in the data packets since only the = locators are needed for packet delivery. Yes, "everthing should be encrypted . . . always=E2=80=9D (tm). ;-) Dino From nobody Thu Jul 20 10:37:21 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8342E131D1C for ; Thu, 20 Jul 2017 10:37:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.203 X-Spam-Level: X-Spam-Status: No, score=-0.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_12=2.059, HTML_IMAGE_RATIO_02=0.437, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kphEeOuDjXHn for ; Thu, 20 Jul 2017 10:37:19 -0700 (PDT) Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60325131CEB for ; Thu, 20 Jul 2017 10:37:18 -0700 (PDT) Received: by mail-wm0-x22e.google.com with SMTP id g127so33305444wmd.0 for ; Thu, 20 Jul 2017 10:37:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=hut92sorRqvFYbagjqbYfEpLf3zlScPaXuTh+3KGfkU=; b=oilX416/ocoRx4Wx+wCWyENnN+I+B2PULBVb8IZ6Lx2EByLq3/HBIhYqsr8eiZLL7P wppLvkxRd1d6l+/0sQEKTEeyObwZBJqPQYGS7qJiqIpPKmSS1H8MgntSXZSwtgjP47w6 IeOd4bGNOe58qqqksIr5aJkdqXvHxslWAOcobUiBbkQbpR0YRY2mEcz5WaVVkd2RMccd dKdP1sD8xMOiN14rRP2y1/iAIjgc928kCbyCkEo5ZR55k/gbRTxCB9y9hOVx2xtuCetw 3DLPceoXLSOoB2s8YPtA4LBqdd6mgIx9IJskmg4EHg3f3G6q2J+AoiwLQtz0VcLwyO3g OIAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=hut92sorRqvFYbagjqbYfEpLf3zlScPaXuTh+3KGfkU=; b=t+ZZa58dUuSQYDygZvbWi4WHJBGh8TYwvy2CzuXRBBhR2P+vIYfYqMrsw2vNukF0us 8qrP10Vl9ikHOgEAh+FHk63hEIdJtrZXXCl3HKE1R6WerJYHi4c4OTwCxEilQsMkfNEw Z0QXfdsIHbyiqYg5FnfiTCJu2k3YhSGaNpGsmpRpxC63OAPYzewDlvSaYpcfLXzmO3zf C73g+Rkdb0HeTY85eSBdcMtjGpZbdw6+CIGKA/qs+xJyvnx8vUqh8Ytx4hEQfdGlYuhA LqhJY+vmEHJ9ZWwAjnwYLCS0ZAAZLJumr15ggT/eLX479R/knb0AYXQiKhXIQo1ib+K4 X/AQ== X-Gm-Message-State: AIVw112VWtk4WnSmDab2vxTWLxYd4vMCTq1/15lggeKPxkXJwLmSYXa9 EEIDjQ7VHACZ+A== X-Received: by 10.28.95.214 with SMTP id t205mr3073486wmb.181.1500572236881; Thu, 20 Jul 2017 10:37:16 -0700 (PDT) Received: from ?IPv6:2001:67c:1232:144:2838:ce19:51ee:18eb? ([2001:67c:1232:144:2838:ce19:51ee:18eb]) by smtp.gmail.com with ESMTPSA id 92sm5868376wro.68.2017.07.20.10.37.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jul 2017 10:37:15 -0700 (PDT) From: Dino Farinacci Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_2AA5396C-DE02-4A10-A69D-53FF721B4F7F" Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Date: Thu, 20 Jul 2017 10:37:13 -0700 In-Reply-To: Cc: Erik Nordmark , Erik Nordmark , ideas@ietf.org To: Tom Herbert References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 17:37:20 -0000 --Apple-Mail=_2AA5396C-DE02-4A10-A69D-53FF721B4F7F Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > Right, that would have to include the transport headers since it would > be easy to correlate packets for the same flow by looking at sequence > and ack numbers. Also changing addresses of an existing TCP connection > will wreak havoc on stateful middleboxes like firewalls. Maybe the > goal should be to prevent correlation of identity between flows. In lisp-crypto (RFC8061), everything after the LISP header is encrypted. = The LISP header must be in the clear so we can use multiple keys (see KK = bits below). Dino --Apple-Mail=_2AA5396C-DE02-4A10-A69D-53FF721B4F7F Content-Type: multipart/related; type="text/html"; boundary="Apple-Mail=_89A2B98E-89F2-412E-A0CF-3E87C6D13770" --Apple-Mail=_89A2B98E-89F2-412E-A0CF-3E87C6D13770 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
Right, that would have to include the transport headers since = it would
be easy to correlate packets for the same flow by looking at = sequence
and ack numbers. Also changing addresses of an = existing TCP connection
will wreak havoc on stateful = middleboxes like firewalls. Maybe the
goal should be to = prevent correlation of identity between flows.

In = lisp-crypto (RFC8061), everything after the LISP header is encrypted. = The LISP header must be in the clear so we can use multiple keys (see KK = bits below).

Dino



= --Apple-Mail=_89A2B98E-89F2-412E-A0CF-3E87C6D13770 Content-Transfer-Encoding: base64 Content-Disposition: inline; filename=PastedGraphic-1.png Content-Type: image/png; name="PastedGraphic-1.png" Content-Id: iVBORw0KGgoAAAANSUhEUgAABOoAAAK0CAYAAAC9VtJiAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAW JQAAFiUBSVIk8AAAAZ5pVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6 eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYg eG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4K ICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6ZXhp Zj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8ZXhpZjpQaXhlbFhE aW1lbnNpb24+MTI1ODwvZXhpZjpQaXhlbFhEaW1lbnNpb24+CiAgICAgICAgIDxleGlmOlBpeGVs WURpbWVuc2lvbj42OTI8L2V4aWY6UGl4ZWxZRGltZW5zaW9uPgogICAgICA8L3JkZjpEZXNjcmlw dGlvbj4KICAgPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4KyBDaswAAQABJREFUeAHsvQl4VEW6///m Dg6dOzgmDl6TiM8QBE0C0XSQeUZn7jzDIkuCiCwuKDoC8d6/OgoIjmyOgOCwiIKjowTkSkjiT0gy 7MqS+DwKOGoWBdJxWMK9SDr+9Ec3IzPdGfDWv06fvfv0kqRPr9/DE7pOnap6qz5V560676lTlcL4 QThAAARAAARAAARAAARAAARAAARAAARAAARAAASiSuBfoiodwkEABEAABEAABEAABEAABEAABEAA BEAABEAABDwEYKhDQwABEAABEAABEAABEAABEAABEAABEAABEACBGCAAQ10MVAKyAAIgAAIgAAIg AAIgAAIgAAIgAAIgAAIgAAIw1KENgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgEAMEIChLgYqAVkA ARAAARAAARAAARAAARAAARAAARAAARAAARjq0AZAAARAAARAAARAAARAAARAAARAAARAAARAIAYI wFAXA5WALIAACIAACIAACIAACIAACIAACIAACIAACIAADHVoAyAAAiAAAiAAAiAAAiAAAiAAAiAA AiAAAiAQAwRgqIuBSkAWQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQACGOrQBEAABEAABEAABEAAB EAABEAABEAABEAABEIgBAjDUxUAlIAsgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAEMd2gAIgAAI gAAIgAAIgAAIgAAIgAAIgAAIgAAIxAABGOpioBKQBRAAARAAARAAARAAARAAARAAARAAARAAARCA oQ5tAARAAARAAARAAARAAARAAARAAARAAARAAARigAAMdTFQCcgCCIAACIAACIAACIAACIAACIAA CIAACIAACMBQhzYAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAjFAAIa6GKgEZAEEQAAEQAAEQAAE QAAEQAAEQAAEQAAEQAAEYKhDGwABEAABEAABEAABEAABEAABEAABEAABEACBGCAAQ10MVAKyAAIg AAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIw1KENgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgEAMEICh LgYqAVkAARAAARAAARAAARAAARAAARAAARAAARAAgR5AAALmEnBTa6ON7Je5FP6XOSCPsnv3NFck UgcBEACBGCLgbG8luzOVcnMyYihXyAoIgAAImEdA0HutdjdlZFqonf9m5+dSGp46zAOOlEEABGKG gPtbO7WebSe38Pzbw0LZA7j+6xUz2UNG4oQAZtTFSUXFZTa/rae5KanUr7CQfvEz/nd7IfW7xkLT 1n8el8VBpkEABEAgJAIXndRYt5teX/A0DU5JofTMfpSXO4Ma3CHFRiAQAAEQiFsCZ+q20CRJ7xUW 5lEW13/Cb/oVKbS0+su4LRcyDgIgAALBCFw4uovmFqZQ6jVZlMeffwv5869H/12ZQrPXf0AYBgYj iOtaAimMH1oPuEEgLAT+Xk8lvW6lDX4SG/d2E21/6BY/V+ENAiAAAnFK4PvjNKnHIKryyf4kOu7a SnkWnwvwAAEQAIGEIND0xzvJ+ttdAcsycm0Tvf8kxn8BIeEiCIBA3BHoOPYmWfL/M2C+By2uo6PP /TpgGFwEAZkAZtTJJPAbVgJ7n1ONdHetqCMXtwe72vfTREnKjocLaNtXYRWJxEAABEAgJgikS7kY M2MZLRwTE1lCJkAABEDAXAIdx+kFjZFuXnkTOS4xEuYD2I+8qcje91QB7WpXTuEAARAAgYQgYD+2 QynH0vLD5HBJ+u9wGRVKV479fihtO6EEgwMEAhKAoS4gHlzsEoG/f0SvrZFijtxE7zzzaxImkViu HUHlR99Qkny+4gvFDQcIgAAIJASBHwykUuHhlP/tKZ1PS0vfTYhioRAgAAIgEJBAz3QaLAX4TXkL LZ9yi7ImXcbPHyX7zt8p0Uv34RNYBQYcIAACCUGg76QqOm1r9hjoFk65jdKkLygybnuQdtc8qZTR 4fqn4oYDBAIRgKEuEB1c6xKB9k8P0m4p5sqlEzxGOjmhnoPuodekGSbHf7eb2uQL+AUBEACBRCEg LJguLZrecRErkiRKtaIcIAACgQhk0WO2ejr0SSttmnKTT8CMAQNVP6hFlQVcIAACiUFA2DQih28a IRnotIXKyL9Vewo3CIREAIa6kDAhUGcIOE9+KgUvpuF5P/aKmk63F42V/BqoHYM1Lz44BQEQAAEQ AAEQAIH4I3BVTiHdPqSvYcYv2NVXs1dj90NDRvAEARBITAItdQeUgqX+UHHCAQIBCcBQFxAPLnae gJua9knz6fLHUj+DwVj2z0dIyW6j+r9i+m/nGSMGCIAACIAACIAACMQLAQdVr3xWyezEX/nOuFMu wgECIAACiUDgopPsJ21Us/ouyi3ZLK5Tl7+GhvWHpS4RqjcSZZA+zomEKMhIOgI3puk+e5XLb7ny atmJXxAAARAAARAAARAAgQQmcGT1PTRtr1TAke/QiD4JXFgUDQRAAAS+3kkpGeN0HBpoLp37YhZl 6XxxAgL+CWBGnX82uNJdAt+ldDcFxAcBEAABEAABEAABEIhTAmf+PJNunyt/9jWJ6qvuNXyJG6fF Q7ZBAARAwJcAX69O3ulVvbiKFq77WD2FCwSCEIChLgggXO4GgStZNyIjKgiAAAiAAAiAAAiAQLwS aP9gJWXfvVbJftnn5VRosCSKEgAOEAABEEgEAj+5g+pdLnJ800aN+9YrRrtNT91G83d8nQglRBki QACGughATloRf3WS0V4R7u/OJy0SFBwEQAAEQAAEQAAEEp1A+4GVlDn0d0oxlxxspwdvxtpMChA4 QAAEEpuAxUJpvTOp4I4Sqv9qh2Kse/G1DwyfjxMbBkrXFQIw1HWFGuIEIGChgpHF4vWju+j0Rd+g rR+rn0AMvhGDNl9C8AEBEAABEAABEACB+CTQ8udnKfMOjZHu/XZaNOza+CwMcg0CIAAC3SVw3R00 d7KUyL56arvc3QQRPxkIwFCXDLUc4TKm9R8iSdxNB5v/5iXdTY17dkl+hZRh8bqMUxAAARAAARAA ARAAgbgk0LThYcq9e4WS93WHLtCikTDSKUDgAAEQSHoCRl+cJT0UAPAhAEOdDxJ4dJdAxpDhJM2p o2cWVeum93Yc26rs/DVwRTF2vukubMQHARCIaQI9lb3V04kUd0xnGZkDARAAgS4RaHnnYbKWbJbi FtM2Wwf99vYfK2l1HN1GM+6ZQeWfeL/EVYLAAQIgAALxR+Cyg2yfNlJjS7th3oXn3/u3SpdGDqZ+ GA8acoKnngCaiZ4HzsJB4Ee/pMdnE+1ewxPb9wjdty6H3nny52Rp/4geyH9IkfCHKTcrbjhAAARA IDEIuMl+1EbtwutS3sM6v2yWilVKVXsfo5Q+jNz8kwdLZh7l9umZGEVGKUAABEDg3E7KvV820gk4 sqijcRtt/NClsGmpmUEb9xJt/PFYeuBn4xV/OEAABEAgngl0tLxLeT/7T7EIBSW0ZeVjNMzal9J7 /INa6srJOuEZpXgzH+fPxMoZHCDgn0AK44f/y7gCAl0k8Pd6Kul1K23wE33c2y20/aGb/FyFNwiA AAjEJ4GOY2+SJV8arAUswiQ6fmkr5eF1WUBKuAgCIBAfBFo2DKfcktqQMjvuTT4GfBRjwJBgIRAI gEDsE/j6AKVk3BE8n9MrybXhPhjqgpNCCE4An76iGZhD4EeDqfSbz2iOQeqPvNkEI50BF3iBAAjE P4Ge6VnKzl4BSzOxiLJgpAuICBdBAATih0Ba/1EhZ3ZgRlrIYREQBEAABGKewLUjyH32Q1o2Od9v VpeWN8FI55cOLhgRwIw6IyrwCyMBN9kabUSpFnI73JQ2II+ye+NzrzACRlIgAAIgAAIgAAIgAAIg AAIgAALRJnDRSa2treSUd4ywpFNubl+y4OVstGsm7uTDUBd3VYYMgwAIgAAIgAAIgAAIgAAIgAAI gAAIgAAIJCIBfPqaiLWKMoEACIAACIAACIAACIAACIAACIAACIAACMQdARjq4q7KkGEQAAEQAAEQ AAEQAAEQAAEQAAEQAAEQAIFEJABDXSLWKsoEAiAAAiAAAiAAAiAAAiAAAiAAAiAAAiAQdwRgqIu7 KkOGQQAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEEpEADHWJWKsoEwiAAAiAAAiAAAiAAAiAAAiAAAiA AAiAQNwRgKEu7qoMGQYBEAABEAABEAABEAABEAABEAABEAABEEhEAjDUJWKtokwgAAIgAAIgAAIg AAIgAAIgAAIgAAIgAAJxRwCGurirMmQYBEAABEAABEAABEAABEAABEAABEAABEAgEQnAUJeItYoy gQAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIxB0BGOrirsqQYRAAARAAARAAARAAARAAARAAARAAARAA gUQk0CMRC4UyxRIBN7U22sh+meeJ/2UOyKPs3j0jnkG3s41a2zsos382pUWw1Xvktn5NlswMcp9t p7QBuZSZZolc+S86ydbaSm63KDItOzr8BemtjY3kTs2kzL4ZFEkEkYMdWJLzq2ZqPeskV49USuVB LZn9KLfPVYEjxftVN29/Nt7+hPufH5Eus/MkZ+7o4JJdXDjnnZ9BEbz7iHj5G482c/mpQg4oL98a lbbvbG8luzOVcnMyeC4idwhyW+1uysi0UDv/zc7Pjaz+/dbO77l2sf31sFA2179pvSJXfkXSZQc1 Np7x9APZGZlkiWAfpOQhmo7LbrJ77kU3pXL9R7z8GdfnUWYUxgKRxODm7c/W2i6JtFDGgOyI9v/Q fyJ66D/OAfovkre+Xhb0H+cB/Zds4z/9TYCzLhNgOEDALALffMbmEDHeOHV/j7zZZJZENd1LLna6 4QArX7eUTbSq8tfVd6hhTHS5T+xnC8eocrUMxi+uYY5LJgoXkubsXysZreMu5yF/5lvslMtk+V7J O+ue1+SlhB03s/zt+1mxV5uTy67+zmXHI8TA/kmZrg2qeShm9Sbkwb7zdxrWxm1QzANnYFo9uFht 6UzjfIxexA6cdXu1kDCffneMvWR4/5WwAydMli0VxcnrXa1rtR7W/+VCmAtrkNx3DtZQu4u9Nn82 K1TuBXPam4F01lrL27wiVy27wGNJVYtRlLD6Ob/YyeZo9L62Hma9WcdMuO0C5r926Y1qW5jw54Bh u3vRXrdCleWnDvJn1kSIgYs1VizRtEG1LYxca844YM+s3KDl97SH6ZXmMXCdYhtnjTLMx+iZleyc 2Q0Q+g/6D/rP8P4T7n3oP66Hof+629UGjJ/M47+AYHCx0wSo0zEQAQRCIXDxMzbDz0OC0FGOe9uc QbqYNRernKw+EGgf0tZ/br6hzvnpK34HCEpeRm5ijlA4diUMZ+/vIVmRTy+zc11JuytxLh/zMthO MsVAJWfNfXRzcP68DZbZzG4L3Fi1aoRPXqxWKysaU8SmLd5rwoOii9WUGLd9te7l62bVg4tVz5Zl iL8FYyb6PKxvNctg5j4WUPcIHMpM1gPB2mCZmS8M+P1mfP9PiohxuvHVsT5t3rvtmWWkEXSA++gb QeUPWlwnqwvzf0966aOR75hw36vFsJUVBS0/EW8LphnppbxwY5WRsdxaUOzRf6u2m2Cw9elr9HpI 1w55H2yKvcwgD0WTvevExJck0H/QfwHG3sI9AP0H/UfQf2qnGWZXMo//wowSyXECMNShGZhCYI/m Qf2uFeIMBhef6aR9gNx61hTRPFEXq3hUMhCMnsFeWKC+2TbfUMeNhJqZPKPn1bC278Ryus9+qDNY zdvebg4AzYPh+MWV7Pg34gwib/kzq86YI98rVd8Hd3MNBu4W+cG4kC1dX8HKN5d7/W1gW7Y3mvOQ ppTdxfYsuEnzwFzISmttzGX2wzEv1Vty+5vxOtu9bzfbvUP9O8jPF8qD+Pw/mWIs1hlKbl7E6qX2 J9yXjRXPqkxMkt/46nBVxkQ+e1S4//gM28aaxao/LWLnzKqLS+d09/nKg+J9bj+yViN/Ljtllnxu KJBfkoyZsUwzs9fc+87T9LmRQKvj55U3KbOH7Ufe1JSf2E67crOE1dFaqRpFlpYfZg7JGmM/XKYz Fm/9a1jF+knsvHo/yved6Ya6h0TOBSVsg4/u47pwfTnb1WASfJnC5VOqnhHKzfXAAZtTvmrer/sz ZTb1I+sqmKDvdPpvR6nSBkatMOdloa20WGnn+fP47Dn5Pud6oWKBOtvPLPnQf9B/skEa+s977Af9 J8+wN0v/QP8l8fjPvJ49qVOGoS6pq9+kwl/8UBkse7+10T7ED1zxuUkZkJKVB8jslPLgar6hjrHa pdJb/Ok1vuX76l1lEE8Tzfv0xnHiOGtTDCSabGjkj3vThBkNGlEeJzfOigODQrZg5XzJba7BQDXU mfyJrXdZNefOI39Q65lKWL1p0yc1QiWnbcd69vTMl/zIdLHXJEPeuLfNqX91oFZoaIypnS8bME2Y 0aebzeI7a0XNG7HFh8z5BFU7o/Yur8/8tfJXmvkJrKD7ZP2n3PPm3ndi8zvHlksGqd+U+7Yv7WfZ ZrU/wSh72tasGOi0d4i95knlvoxEX2Df/7wkbxJbvfQu0R0pQx3vX6J1HF46QOEsfGIVOfV3ntXy 5S4WLK4wlslnm8vLIpgzq1b7om65wax19f7wHhuFpa6g/0SM0H/Qf9B/vioF+k/plzD+820e8IlN Atj1lb96whFeAu2fHqTdUpIrl07QLd7ec9A9xA0FnuP473ZTW3hF61OTF+z+XljGPXLH0CdO0aHa RnK8Md5XaEYe8dku4vFdiuwK+29afz8LdWvlh12qd4JuqnzuDmoQvJ9aRnMnFIhu72CmnTs8G5iY lrzfhB208bFnpavFtP+b9VSY5jdw2C/k3FlCq1+ebSzz1FZ6fK8osmTYTWGX7UnQ8hMp3QayGOzc kJ3/M0WuwWXlWpccfNOKVjnisxMpT9YBkl/O/YuJP6h7jt+v2UPSHiuST3h+Gt57XUqomJ6bcosu Ua38zTWeO0N3PWwnQrmlsndcNKOU/nKaRY/Z6unQJ620aYpv+8oYMFCNaFa2hEXTc/imEQaNKyP/ VlW+2a7vj9OiO573SJm5fTVNHNTXbIn69Hn/YhZivSCvswsf0ROLToie+WvIseE+ipz6S6ehv11I Lzx3v6HMMzvXSmOTRTQs74deGQ/TqbJZiYP+1SfJLMotkT2FLYXCfED/iUCh/6D/oP98lAv0H8Z/ Po0CHjFPAIa6mK+i+Mug8+SnUqaLaXjej70KkE63F42V/BqoPSpPEl5ZCvdpWj+6fWiB8e6GfPdZ 5fH8+sjvfttxtIE2SOW9WnmgCDcAMb0Ln71JU9aL7p3PjqarovDY6HZ3kLud77x31MZ33+S7D38r 7ABq7tHRtJWebhRlDHx+OY3oba68zqR+pGazGJw/QP+yT2didiVsIbkv+sazffKZr2e4fPgDWrqc lsXgQZhft8vXTfl109eH/yqmPGgS9fO+x340kCZKLyqONZyJwh1hSqF1iV6VU0i3D+mr85NPLtjV VzNm6x9Zpva3pe6Acppqkp1GFtD0p6ckXbuI5o77KdHF8/KliP26hd0Gv2r16D9BBzoN7sdwZ6Zp 6wqlj1v5xuOGBrNwywwtPQdVryzzBB24ooiyJEN2aHG7EspC57nhTHd8f5rqSyWfK4XJHWE+oP/C DLTzyUH/icyg/4ig/7zuH+i/hB//edU4TsNAAIa6MEBEEloCbmraJ82nyx/r+6DKg2b/fIQUYRvV //Wf2sgJ726qXKc8xMwcd5tutqFphZce1o7UrCKL9SGyWgVJhfTASN8ZL2HLw+U2Wj1kpie5Qc8f obEZRB3eDy1hE+YvoW00ON1CqZlZlHdzHhXyv6xrLHRLyZ+o2cQH1tZj25UM3Xfj/6OaVbOpuLCQ Cvlf0eRFVPVpu3I9og4+w+etuaKhYtwTRaY9QGcPke/vBrrz+mfo0FeycZTrhrJZVPSyTSz2SG7I Mpj11C0mvI3xeZTicbjB1xD21Wnl/qO/2n2vy3G7+vv9KdomzVgcNTXHgLGFrEOHi6lzPXk6EV9U +GUnGEqeVa5O/JWJ+keRwh0XnWQ/aaOa1Xfx2UybuebjBzdUD+tvoqXu651k/e1BTy6WHJxDWdzl JvNmUHsEef+37z5KvyKVsq7v59F/gg5MvzKFpq37IPztXpHtppbqXdLZJMrq+Ihen323R/cJ+m/C rNepQdEHSqTIOE7tUl6gPDXa0wpMkGuhgnFFUrpLafzcd6hNvsfdbVQ59056Qbo6cqQ1/P0/9J8J dRquJKH/wkUypHSg//SYoP+IMP7TtwmcxQeB2PwiF7mKXwKaHVf9rMGmriFGLBLrBDHN4uoRkeen 8px12nXLTFify0guX8B6obyIueZ3/zdGgcPnZyuTFjSnYlYvb6ahbPJg7lpZ2vbFtbCyJoXezfmb tHCSbjFvP/JH8V0nTdlxMEAVOj9V2595G7mIGbBpN43gDAr4LrfyIsaeerhlrkn8tWtEEZu3XbNh Cr8X9LtQmnAPanSNvzXY1HvD3PtAbgrq/RAZebJc79/D2h2QTV6nTZHdvsPg/p9rsHaYEiMMDk0f qNndW6l3k8uuyPGjezz3H++bzVF/58U1MAv96V3Rf+X7Jm2kFKD2GlfKm8wsMm8jF4/886x6lrpp hMC7aEyBrh3mzzSLP/SfdxOA/vO+F6H/hPWhof+875RwnUP/CTof479wtSekgxl1/I7CYRIBE9dg MynHpiXbwdcGSxuqziZZ37CRCsM9m8go9/xTGN91coienreJ2vjbd1MOvkbRnKniJ5bj3n6JCr0/ /zNFqFGixVS6j68V6PLsbk2OE/tpjmc2oRCWz7ab875RpG768Rkle8SZNGpChbRqczlVrPyN4vX+ 74fSvOr/Vs4j4ahbL7U/PptoRB9zJebc86BOQNPePepMNuHKtAeM19DTxerKiYXuXvmGEvHFu/rS mAWvU3XlRpp0xXX0tDTbzROAz+jLM/MelGfSKLlJXseZP8+k26XZnESTqL7q3vDPJjLCy9er8507 tYoWrvvYKHRY/C58vJbu3yomVbZ2isGsyrCICZDIt+K10YvoQIOd+E7TxDfYoNbaMpVF1f202Az9 09FGtcI9pqzvwN23zKXy6nJ6qWSQkudnRmXQtq+UU/Md/JOr8mdEvTzo+SLqx/tF8450Kpr2H7rk 9+xt0p0/OHWCSe0C+k8HOkZOoP8iWRHQfz60of8w/vNpFPCIGwKwVYJAeAloZhNgRp2Ilu98yhew V96o/8ak3Tb91iPfBdHlcLDTDQcYN1Qp+aCnPvAbpesXXKx6tiQjf41+5srJzZJs83djFcpreOh2 xStk4Z9ZqGn/njrnM8ekGYVCfpyNMgOB0VyTZ3ZoCGh2+zJ9t18ua4an7IVifY9exMp37GYV62ap bc/zxrFJk8HwOr1n9PEOWSebWywYmTGzCTPqfCrSXrdCx96c3TZ9xKoeLhdzfNPGGvet183qnLfd hFldGv0izJrVHq2VU0UOfvpFbdhuufmOlw7+dsLwUGY18/bP9bMfLWkYNSRPTfv33HNeO742KjOt ufzp74WUZDgCaXdiNntWvfuopOOlWYWjZ77GqnZUsddmjRLrX/Lf0mDOrtMCL+g/tdVEe0Yd9J9Y F9B/jEH/cb0P/SeNhyLzhUO09Z+qieHqKgHqakTEAwFjAhpDRf6fDB8EIjlo9uRR8/Bg9iDdh8lZ vZFukNfDm094sz3453/LFGMd7yj4Q11YD/dnbKJiFJnreUApryhn5dVVbOP8kVIHVcyenjWau+eG X34IhbHXPCnlg396Xd8RQozOBNG0f85hyUHfh7HapTdK8s0wFBrnVVtm0z97LStS+N71ppcx7tsP Ne3DhPanKT6fQclemjWeWa1WZi0oZtPmbWQH95WqxprpNZrQYXJyXSO3/1Erjhgmqn6Cl/gDNft+ vZFuyUETjGOGlP14frVDrX8TDLXuo28obZ9mvsV2V29hgv6rqi5nC8fwhxRBNxaUsDn3CIYqE9qf n2JrvffMlvJBJnz67VbbP/FlD3xfhGj6H+8XOdpMhtmtltnslyN6/b/+L3r97/z0TbV9mND+tNig /0Qa0XxQhf6D/tPek4y/ulbG39B/pi7/Av0Xff2nb/s46yoBGOq6Sg7x/BKwlRZLg1F1fTJt4MZX x0rXTXhQ0AqS3VEy1Llb3lUfCvkDmvcMCzl7kf5V64fY1hPu8IrXGCp8ZjEpBjwTHxRDKY0ys8+c NRJrSuTyEZtpYKjT8g+/odAIgLRulMDfjFk0XiKVGZW0SD+jUgpn3/+M8rBaFu7255UX71OtwXJm lRlGI/6gLhtkBm0yeFHhYm/J1/n6ZX7mPXlnu1vn0XpQtdX8TqlnQRcsicK6ZL7gtIaU8BttVNaq DvCrB0021PiWXfRRZrZwQ93xcDfAy6fYHI2e3+8zZU9zf5hhKDQqtGY2Md/YyChE+Py05fczY7B2 /k3SfRH5F1XQf+Gr6mApQf8F0YHQf6w+3PrXqFFC/ylUoP8UFHDEEQGsUcdH0TjCSyCt/xApwd10 sPlvXom7qXGPvCtcIWWYuUaUl+RInl74bD1Zcu5Rluq5a+0Reu+5X0cyC/5lWX6iXHNfDv9OhNlK 6kEc0x8wd40wP+LPHK33cyU83jm/ekhJKK+3QQPX8E81WkBQiR0mx7mP6HFpbba7nhhm0tpIcl7d 1GGT3VfT1bJT85uRra5V5fpb+NufRpTeyXe9fenudZLfJCopulZ/PSxnFrr29hvFlI5to9MXvRL9 +3GqkupiUGHfyKzT5pWFSJw2bXiYcu9eoYhad+gCLRppBm9FRJcc4V5GsCdfEy/UY9bDBVGp/ya+ Vp18hLv89IMsGjxZTn0SXW2Eo5d8PT0i5W+v20rSPvT05J2+KxbKuQnL72W+FqCc0DVpskv3m53/ M+m8ldxmrROrkyidQP8ZUTHFD/ovOFboP+g/6L/g9wlCgABm1MWRVTVusnrxQ3VNNq9ZI8r6Lfyt +8AVn0emSJoZdWXN5ov0nlUxr6pFL/S7Y2xZyXg2722vzwL1obp8Zm9oYA0Nzcxh9Fkr/zRJXD9M eNtpwoyKQLlW1kcyeY06o3LL+VLWTxPKbzzjUw7a5d+T70ozJriMp/Z6JaOZ3RahGSWNpfIMVj6D 8q9e2THhVJ0xUsgO2H0FHF4yQuGz86zvdVN8+EyXl5RPvomN9P4kN4xCtZ/2e3/6q92Rc6XXZ3Fh zII+KWUGqcn3nSTVVinv+CzeY9ts+s/L3V9sZdMnT2dbzCj/pfOs+ROu/2wGDY/nT9v/mLJGoZ68 7kype75GnalHAP2nKz+f8WnGhI7WmqeU+3um9zqAurHBO6bI17PVzGCNxJqgfGmJ5fKMwpuXG8wo Pq/RQ3zGcYC60pejm2fQf7xNQv/p7v8Iz2iD/uP3MPQf9J/UPyTq+K+bPRWiGxCAoc4ACry6T0Bd E4YYn00mDsjt2vWpiJn5kO44e5w1CA9swt+RMsVwOHDFXtYsGLICPMx1q/R8QLxQHqhLv6/yNYo2 rN+g/L0kLyptxoMDXyNO3biikC3dXMuazzqZ6zsHa/1kq7J+Fn9HYWBE6lbJ/Ub21AVnXlv5rPIA N29HIzttD/Nnt0IO+BpoYvmL2dL11az5BC+78DDEN9TwLr956wVqHw6F9l8nGk1d51i1sk4f52/2 ovICD/7gqLZHowdHIVB4D2fd80o9C+sQHuB14Dl4HRwum6m5FoEHVS7T3rBTY5zm3IW1Ycx8QObM tZ//rZPWZbMf0axPJXwWbFoeXKztC0nHed13S/h9J+u/5rMm3H98DTiPblF0YIlnjTat/psjf/pr whptujXi+FpwW/Y1srZvHHwznXOssXqlLm8zt58Jb8P3k5qnLng9VGju/V0NNtam2WTGT9ROezuP rBXLOGYGK60+zE7zsjOhnbkcrLFmsa78pq0XqOuDiL26z+Yph8tezxZqjOXjIrGpUrvaHs3T9/pq Orx0gMp5xlvslPz573enWMWsPPXas3X6iGacQf/pxh3Qf7z/k3Qz9J8ZS1/wmxj6T2ljBP3Hkmr8 Z0YfhjQZDHVoBOYQ0M1cUgcH8iDB1EE6n0GnGqt8Zct5EH7Xe8326C4M3YOi8rDqJw9mvNHUGWb8 yPXkq0S3G2l3y+0/PjdaFfjLhwkzOr7SzGYLyH+5uTuufrsvSBssNNVQLdeHu1E1Do1ca84MTlmW +qtdB0yqe76hg/a+89x7Ju162Lj+WVY0psiziYS3TGHgaJ6BTCWgm7lg0A7N3Pk0dB0U/s08bKXD fOrZpw4kHqbsPsx32PYnT+fPdyM1YzaZ2gIkl9dDmzYPeSbcj/aaB0Mq/6B53jN9fXLeLQ/7kT8E yQd/aWCaoVrNunY28bqwbxykytG5eJ2rs9b96T++Pq8JhlohH9B/mg1dDHSveg9C/+narRkn0H9+ 9CD0H/SfGTec8NVA9PSfOSVCqjDUoQ2YR+Cbz3QzS+QB0iMmfnbmKQyf1absrBRwoMaNVfLb7nBR 4A+K8q6Pcnn9/Q4y64268OZ+ySN+BgjExi+uZOci8pQqQHWx6lm5hnnJn1ljysNya+36gHXwyNq9 xp8Fh6sNyOnw9q+dQaK2gxJ2wIzZTLJcza/WcFIWgc9eVdHnWe26WYb1Lux6ucsmzbJTI4TJxQ3D hvd8sTKzJ0yCgibj/KTMoPyFzHsnyKAJdTaAdmdTQxaS8WDiWwabXXRWmD68vU6/y6va5n2N9fO8 P4vUJ9XlM/fZD9myyfkG7MU8LC1vMkXvGGaYvzTSzq7U8phZZcaMPherXT9Pt4mRViZRIXt1u9dS DIYZ776ns3Gz4cuKm4VZFhHpf7QviSLz2aNCjS9v8VrJIMM2ePOM19nxcI87FMHQfwz6D/rPb78H /aeoCjMd0H8sGcd/ZjapZE47RSg8H8jhAAGTCLjJ1shXl0+1kNvhprQBeZTdu6dJspCsjsBlN9nP tFI75+45+ELn2QNyKU1ZzFsXOuFO3N/aqdXeTm55xXSh/Lm8/EYLnJtYentLA7U6Uii1BxdyZSZZ czJMlOaVNG8DTqcAwEJpRhtbeAUP++lFJ9lOqIumW9L7UW7/q8IuRpugu/002c5e4F4ucl1OpfRr Mii7f2ZEFq7X5sPjdjup8WgrWa4kcjiI8qzWiLc/nzwliwdve62treRp/kKZLemUm8s38BDuw0Q/ +CYFTq7/7IL+kzcs4Lont39GZMvP9Y/tqI2ELkjQf5ZMfv/3Mff+11UtbwOi+kuLSr8n9EG21nYl S2nZ5o9/oP8U3MntgP6D/oP+w/gvubVgQpQehrqEqEYUAgRAAARAAARAAARAAARAAARAAARAAARA IN4J/Eu8FwD5BwEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAIFEIABDXSLUIsoAAiAAAiAAAiAAAiAA AiAAAiAAAiAAAiAQ9wRgqIv7KkQBQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEEoEADHWJUIsoAwiA AAiAAAiAAAiAAAiAAAiAAAiAAAiAQNwTgKEu7qsQBQABEAABEAABEAABEAABEAABEAABEAABEEgE AjDUJUItogwgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAJxTwCGurivQhQABEAABEAABEAABEAABEAA BEAABEAABEAgEQjAUJcItYgygAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIxD0BGOrivgpRABAAARAA ARAAARAAARAAARAAARAAARAAgUQgAENdItQiygACIAACIAACIAACIAACIAACIAACIAACIBD3BGCo i/sqRAFAAARAAARAAARAAARAAARAAARAAARAAAQSgQAMdYlQiygDCIAACIAACIAACIAACIAACIAA CIAACIBA3BP4wfP8iPtSoADmErh4nCrXrqe//OPfqPCG3ubKMkod8sEf7S9p77+OlgO09k815Pq3 wdTvmh5GGsJUP8gHf7Q/3H/QP9C/6H/Q/5o62DBIHOMPjD+SefxhcEsknxfDAQJBCNgqH2L8zuB/ JezUpSCBTbgM+eCP9pes95+LVU4Wys7/pteYoF2CJQn54I/2h/sP+gf6F/1PsN4y/NfR/6L/Rf+b vP1v+DVKPKaIT1/5HYAjCIHL8nUHORW37BeBX0Um5IN/BNqbtwi0P4lIlO4/uT7OdpBbdkfjF/LB PxrtTpaJ9of2J7eFaPyi/aH9RaPdyTLR/tD+5LYQjV+0v+i2v2jUeYzIhKEuRioiXrJhiXJGIT+6 FQD+4B9dApAOAiAAAiAAAiAAAiAAAiAAAolNAIa6xK7fsJcuqjNaeGkgP+xV2qkEwb9TuMIeONn5 hx0oEgQBEAABEAABEAABEAABEACBGCMAQ12MVUgsZsfSQ1giSjjSyRL5tWS5TMgHf7S/5Lz/NHM4 r2SkORNvCdP/10iEfPA3vb15C0D7U4jg/sP9pzSGSDlw/ymkcf/h/lMaQ6QcuP8U0kl5/ymlT2pH FMwuSc07xgvvoJpVq+mQvYMsqaqC/LqpTMp3KQ28/ypacGNPpRxul5usU5+jB6w/Vvy67oB88Ef7 S9r7z9lMa5a8RW18OGxJlbWIm5q2Su6q+2nCgmOUJ1/iusfNsmjK72dTYZrs2Y1fyAd/tD/cf9A/ 0L/of6SOFP0vxh9SU8D4C+NPM8ff3Ri6J3zUeNwBA3k2iUDLZnF3Rc8Or9JOO1q31Wp8feQ7zBWO LEG+MV+5DsDfmA/aX0Lcf7ayIuP6ldq/1Wqgk/i1cW+3hEP7MMgHfz7g89sG0f6M2eD+g/4JhwKG /oX+hf411rECF/Q/xmzQ/yRG/xOOPiRR00gRCpbw1kgUMDQCl/mMtpf5jCZnim6K99dNy2jDHimJ 0YvohcL/JZecInfkTn1GmVF34dMtNOXRSrIMUGfkyUF9f130j+seosqX7yPPhBjIB3+0v+S9/5z1 fEZXJZ3XzOYVVqVsWv4S7ZbVz/xlNJj+oagS9z+upikL+Iy63qJXU+ksWlDzP2TppQTx77jopp+O X05rHr1FDAP54I/2h/sP+kejM6F/0f+g/8X4Q1QJozH+wvgzwPhb03HAGU4CiWqBRLnCR6C1cqo0 y6CEHb8UOF1babHfGQm83RpcK2b1QabjQT74i20H7S8Z77/KyZLemFgZWPnweYWVY4x0TAC/kZuC zkaEfPD36B+0P9x/AQlA/0D/BuhrjMa/6H/Q/wbUKYxh/IHxR3yMP4I0ZFzuMgFsJsHvAByBCbgv p0gBHOS+HDispdfVgQP4XM0KukEF5IO/2GzQ/pLv/tPsc/tdSpBdn/nadqHMpNPqoCt5HO25jxvy FSTgj/anNAYjB+4/6B+jdhHAD/oX/U+A5iHMqFcO9D9aGgoW1QH9C/2rtoaQXGHVvyFJRKAuEMBm El2AlsxRAj/UEvW9bzM5Rqwj12UXpfZQVuQ1ROYJ0yuT0jrRCiHfEKXiCf5of4l8/ykN3Y9jfIWL HK87uP5J5frHTyDJW9A/6b0zAwfq5FXIB3+0P9x/0D/Qv+h/Anee6H8x/sD4K7HGn4HveFztKoEg jzJdTRbxEpWA5v2W3yKm9U7ja84F34YxlDDeQiDfm4jvOfij/YVyb4USxrt1Rfv+886Pz3kPC6Vx 41tw7UMh6Sif9IN5QD74o/3h/gumJ/j1rujfoMlC/0D/QP9A/wRVFNA/0L+hjJJDaEgIYjoBfPpq OuL4F2DpIe83kt6p2W/hKjnkg7/YltD+OjP7NFHuP6Uc1/cM8pmQEtIcB+SDvzktK7RU0f7Q/kJr KeaEQvtD+zOnZYWWKtof2l9oLcWcUGh/0W1/5tRqXKT6g+f5ERc5RSajRiCt/y1001XX0Oi502n4 AGl7xQjmBvLBH+0vWe+/HjTA+ktKu+YWembGA9TvmkhPAod88Ef7w/0H/QP9i/4H/S/GHxF89OOi MP5K7vFXZFtbrEpLEbahiNXMIV8gAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgkCwE8OlrstQ0ygkC IAACIAACIAACIAACIAACIAACIAACIBDTBGCoi+nqQeZAAARAAARAAARAAARAAARAAARAAARAAASS hQAMdclS0ygnCIAACIAACIAACIAACIAACIAACIAACIBATBOAoS6mqweZAwEQAAEQAAEQAAEQAAEQ AAEQAAEQAAEQSBYCMNQlS02jnCAAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAjFNAIa6mK4eZA4EQAAE QAAEQAAEQAAEQAAEQAAEQAAEQCBZCMBQlyw1jXKCAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAjENAEY 6mK6epA5EAABEAABEAABEAABEAABEAABEAABEACBZCEAQ12y1HR3ynnZTU6nk+hydxJBXBAAARAA ARAAgbgi4Bb6f3dcZRmZBQEQAAEQAAEQ6CYB9P/dBNj96DDUdZ9hwqfQ0fI2paenU8qc9xK+rCgg CIAACIAACICASKBlSzHv/1NpVvV/AwkIgAAIgAAIgECSEED/H/2KhqEu+nXQtRx4ZrlF6C33Ff8q 5tF2gSIksWtMEAsEQAAEQAAEQCB8BCx9PGmd/ha9f/igIiUQAAEQAAEQiHEC6P+jXkEw1EW9CrqQ gctttOiKVM9b7tIv/tmFBBAFBEAABEAABEAABEAABEAABEAABEAABEAg1gj0iLUMIT/BCbS/t45e kIKl/jB4eIQAARAAARAAARAAARAAARAAARDoBIHLDmpsPEOWzAzKzsgkS4hPzu5v7dR6tp3cwvre PSyUPSCX0np1Qq4ctIvy5ejO9layO1MpNydD9sIvCIBAnBDAjLo4qSg1m2206c4V4mn+n2hsDix1 Khu4wk1AGGg0Hqml2rpaOvxpI7V+JWwq4iZ7i41sJ+3hFof0QEAhYD9pE9ub4gMHCIAACIAACAQn gP4jOKNAIcBPpVP3h59T4c8KKe/6LEq9d7t6wY/rwtFdNLcwhVKvyaK8wkJP3MLCPEq/MoVmr/+g 00sIdVY+XXRSY91uen3B0zQ4JYXSM/tRXu4MasDqBX5qDN4gELsEYKiL3boxzNmFj8tovnRlyStT KM0wFDxBoJsEvm2m1x/N9ww0Cm8fTsOHDadf8IFKv+v5piL8s+us3DzKG5BFu77qphxEDx+Bc1sp hQ/KAv8NpqLJc2nDziZyxvAuzh1fvklZA/J4e3sQg8vwtRCkBAIgAAKGBDqayoL0HSlUwPuO8roW w/ix5BmN/qN917NB+aVwo82E2ctp96dnYgmXT16iwc8nE7HicaqMhi36q5qbi+6AhraOY29S2s13 0upGNYrW9fJ/DKUhSz7QegV2d1I+fX+cJl2ZToXDxtLjy9dQg5J6KlkUNxwgAALxQgCGunipKU8+ HVS+5Fkpx4to+q9+HFe5R2bjhMApbvC5ZiA9XnpMyXDRmCIqVM5Uh/081khUaUTX1eE4H0IGGmjv ttVUMs5K6VeMpd0nO0KIE40g0gY2hMFlNOhDJgiAQHIRsJ/ZH7TAn/O+48FhuZQy5kVqvhg0eBQD RL7/cLZ/Gry8jY1U8/ICGvuzbEq55UU6HbMznCLPLzi8aIRw0KbfPtQpwfZjO5TwS8sPk8PFiDFG 9sNlyhj62O+H0rYTSrAAjs7LFxJLl1IcM2MZLRwTIHlcAgEQiHkCMNTFfBWpGew49i49vlc8n1k1 nbJCXCdBTQEuEAhGwE3vzLtHCTTr7SPkuMRo957dVC8MNo5upWLlKhyxRKBnzsPU3NBADZ8c0AzO JtGuTwQ/0b98/VJlsEi0m8YOWETNMfuwINKN8ezFUhNAXkAABECgSwT6jl3P+w/ed1jF6PnzKqnZ 1kynTzRTw+Fd9Nr8u9R035tPA698NOb7DiHDkeo/cu4rE/vZ2i3qGGkUn9Hk6ZN5/3v4IG1c8ojK 8Iv5dMMTf45Y/lTBnXNFil/nchWZ0O0H1tE0zzPXJFq9VNP+A4jvO6mKTvP7RjDQLZxyG6VJ09gy bnuQdtc8qcR0uIK/5O6KfPrBQCrlY3bG//aUzqelpe8qMuEAARCIPwIw9cRNnbmpZsl/Srkt4TNi fho3OUdG44jA34/Tlq1ifgctrqM1D/1cl/mMQZOo6tNXyDJkps7f6ORCyyGq2lpNu4+0KIPRnn3y qGjMBJo0Rh3AKHHbG6hiJ/9ewJLKR9cuuurWYiq2ZkiX3XSksoqaL/N1Pzw+LmJXDaYHxhUo0T2O i8epovJjMQ3BQ0ingKczhKfD19Zr2ltFVTurqOGzM2RnWWTleXn6mWmUZ/ANefvRg1T9Tjnt3ttE wmp8mXwR4QzrcJowvoj60XGq/nMjXTV4Kj0x4SaPaO//nCcPUXVlNVXV1HniC9fZtTzPU6bQlMlD KSvc3yHwxYpzreJT1pfygsUTJ/KyS09eXL51yHCa8sg0emvKdTTdU8+r6GDzC3wdFd+1Ljtdf0IB w8S/p5CWdIS6cLMcPm5/+W7edVs/oNP8k2SxjYslyRk6kQr7cCIXT1N1zcfKvSRcdfGnKOsY6Xq8 x4/bikPGQSABCHj6j+E0sD8vC++Gs3OsfPF5qW/rn0vW24rpsVl8SYzH+Gx7T99RSveumEZHf68f I8gkzhypoopNW2jbZ//t8UppTKFrJw2jBx59gCbeURDwMzx3ezNV87FD1d4j1Npu5x1nFvUdkkvD //12Snd+RuWb9tLo1Xvpt8OulcXpfqPSf/Ti44khWUTf/5AypdyMm1JEVqvEkPtZbxtG0x6bRpN6 /ztVCWE2bqDmP46nQp+xgJtsR3ZzBnvocEu7lBofg+T8gsZMnkDFt+UY8utoOUBbPvy/lCql5+kf 7pxChcIw6iLvX2oqqHxnLTWcbCeW0Y+Kxj9Bc6f9mtK8ngSjwk8pZYw4+Ceki+543pOZmdtX08T/ fZnmhJI1YdOInFzDkBn5txr6G3p2Vb6QmKY+O/inujhAAATimACfkosjHgicfJfxZub5G/d2S0Rz 7G7ZLMoe+Q5zRVQyhEWagPvoG0o7W/mXDj/iz7ONk8W2uPWE2zeM6xTbWDJQSUdut/rfQrbuYKsu buOr/fRxBm1S25v7M8Y/vdVfp2JW79UgbaXDvMLwOBMrmePbejbDJ76U3lN7dflgl86xill5vukY xdfmUU7l0nlWMX9k0PilB9vlGGH+dbFKqX7Izz2rrWcffdLF+hMK0R3+zsbNbMKYIsY/s2ZFVqvK z1os+snXhN+CiWzb5/7aZxdxfrWDy5/gkW3l8kP5I94Gd57tojyvaO6jr6hl1rY1XofC0eJ9f8hh VnzuuR7v8T2FwH8xR8BW9pCnXY57M7LjjpgDkRQZUvsO//V9ji2XdQ8Vsv3feIH55jPGZ+UZ6zIl Xgk7cNZg7MCTktubfrzgm95Ir/YY9f5DxnD5mDLW8MfQVlqs8Cnz6sfcJ/Yr8f0z4Px8xl4u9laB Lyehf7c3linyvNOcuV0ch0SdX5T7X7n65N/GV4dLzBaxc9yztWyqeO5nTCXHC/RrKxV1qVAHZbbA 45dwyVee32gSO+41Xg6UV1wDAYGArI/96TJQMp+A8O08jjggUDdL7oAnsfrvIpthRdF3o4OKbI4h rcsELn7GiuXBdP4adqqzHfvlU4y/ddQNCmevrGAHDx9iB3dsYXPG6K/NrDqjZNVt28meLrlbNchx A5sinhvPNs6axqbPelrNn9HA4+x+tqBkOpvO/3wNe5LsMRPZhCJNPrgc9TjHXvJ+yBgzg72w7o/s hVnjdeXyDHh97onz7DWvMnrK/0kDa6jdxpbdo5HLOa08dEEVHTaX+rAViqFO98DTjfrzZL8b/P0a orzak/ygkbe2KWzEhIS0xktZRii/6+oDD7hDzqT9Q7ZQ2/6lcpd94fQk4bLXe91bhWzCpDlsV7P0 wBvv8UMGhYCRJICBeiRpR1uW2ncEejCz739G6Qt1+s+hGT949FcxW7V5D+Off/L+v5RN1OnyYl8j 37f7NP32JFa6o5GdPtvGmhs+Yhvn36XIFPSyd/6i3X8oNReCoa7lVfWF4nqtoU7zQl7se0R+h/j4 ac/mVZqxjziO8H5Raq9d7xn7TOf9iL++q2jyBF0648rFMVi0+UW9/1UqkDvadyj8lhwUx2iyHvQ3 ptJG17m/c7C2E82setU4T5qecSkfW5+7pAulPwmjfOX5zWi8rJeKMxDwISC3e2996xMQHqYRgKHO NLRhTFgzeBkozZ4IY+pBk1IUvY9RImhUBIg7AufYGt1gmtjsxRtZ1Y6DfLDd7Bk0uxTrmW/hDq8a oQxw6OZFrN7hG8ZW8zs1jMEb+WCzwdhJaYZnkIGHko5SnhK2yyYaPYRc2b84wMorqthxTR7lTkke JG9psOsL8N0x9pLWEOd1T7TWPKWWbfRydtzAqN66f4UahkpMeMupPmwJswmNqquxdKySh5V/UY2F 4ag/GVin+X9znD/M7Wa7eVurXjdLyl8he7Vij+QvXBP/qqpr2SkDtrLsLv26zrHdFeWsqroq5L9y nrew56N9v+6BdtV2yZjNjajLlLZXyHb5zKiQSh3v8btUeYhkFgFZJ2KgbhbhWEpX7TsC1rdmTKqG c7GaEvVF1KjFexlf39brcLHaVXcqfQ9N1/dP7qNy385nHP3VKyo/dX76phJX94JJCBrt/kPOblBD nfpFgjAj+yNl/HFe95Jw0LwaX358tn71ghyFAQkGH1mu9leTB8VgN/F1dlyZ/ehittpdrJz3o0od RZtfrPS/fMSkjF1GbmJy9ch6sFOGOo3BTakHmmtcZ0r9hVE+T1N5fgsyXlbEwwECGgJyu1f1vOYi nBEhAENdRDB3T4j68GzwmUH3kg4ptqLovYwSIUVGoPgjwGdFKbPqFCOXOgAXBhyj572lM3B5CskH h+obc+0A1BdB46uqoUg/4NYOUow/tVbaY8CBhyYdoQyj+OxAn4cGr3x5DW63GjwoeGK41U9biA/k VEOYdqDNZwvIIzwvMcLpnlm5ymBb90bdIGznvTRlFwaaQrk9fy7mOFvPKpaIb3bFgaPGUBiW+pNz q8lDqPzlqMKvYozl+QtWb9p4ieL+9kPNvcSN5esqdJ+TbQvy2QyL9/iJUo8JUA4M1BOgEkMugqq3 Az6YafpKJZxTMxuOG5D8d3/n2EJlXMG/EFE7UD6rWTXULdnOP7U20P3uL7ayGXz5g3WHAiwdEc3+ Q8PmLmHWt9z/8jecwstB3ax67Ys0eYkZgU3+nwLw08/aNxw/aMcoPL1Ri+s045QQGkM0+YWQPTOD OI/8QRmbaT9PlfVgpwx1GoO2aqgj9sjaI36LEFb5XEpo42W/2cGFJCcgt3tFzyc5j2gUX7PkJFcj OGKPwN/radncA2K+nn2JRvSOvSwiRwlGoM8I2nXpPNVVbqQ/VpZTNd9Mwft478Vp9N6Lf6QD9noa LixULBxnGsQFkrlz5Npl9AuDDRo84fh/BSXP08Tf7vKE37evkdyP3mS4OLIcvnu/i+jUrlnUL5i2 c7vJIQka9GwdTRrgR2rPgbS6cTM5pq2hnxZrFnXuaKPDfBFu8dhNr726jP4irOPrvVA0P1/4sk0O SIeP2ank5p8q52F17HuE0q/Q7DTnlfi87QsoT86fafUXIn9N3jr4hgriwWtEcAerOzl4d37dp2kP 36zB2ak00unnd46hfvLmHZ2KGyDwT35J2xyfUUn6rbSBB1vz5BQpcCGVfX6EJub4bv6hSy3e4+sK gxMQAIFYJ9Bx9jQ1yJk8OptWr/qHZ8tV7cY4wk44FsspekEOR9uo+asOKuwvbl/QM10dNDx3Vw49 x8MV8M1yBvfh/r3SKLH2C6QAAEAASURBVCM9k/IKbqcl7+6mzAA6Nyr9h1Im1bH9qQJKeUo917sK aecr9ynDgzMN9crldf81jVQSirfkSKfpK9+gx/f+p+f88LFWPn5QN6zweGr7y6f20nvP/VqKG9pP VPjFQv/LN3B44bZnPZC4cZMe1PSzlh6C/Y4fV0q/4lng/39yB9W7XOS86KAzjbto+shHPffIpqdu o4y+7bR8nNdmKOGWHzh3uAoCIBAHBLTqPA6ym3xZbKn8Pe2Wir318V8nHwCUODoEeqTT0KlzPH/C bqlOp4Mc9nZq5TuZrpnwW6lNNtCIhe8T2zDKk0d1cEd0zpESON/c+NIqh+CDcNlWJHuF9XdiHmWF oOk6Wj9TDI39cuV924xzclXBVNrWMFV/kctI1/j8+bmF9GfNuT/nec43skchzV45h6Y/cj/laQz/ ptVfiPwjy8BXWsfJ/VQ8RXz48b3q34ev0US/Ndg113+MEK+kDabSr96lDX3uUSNMWEMP3hzESCeH jvf4cjnwCwIgEFsEnG2KUe5qufO+4l91eVz2zELdud8TvpO7clx3J/GlMSj37hWKl7BTe5Nypjpm VbXwsYiXgUq9HLuugom06pnHaQbf+V2726r7e/k1IZHDMyYIoOfdTqV85y8qTkPHuMJsQ/9Y84yF /rfD9hGtlsC872jlL+7OkdOdwo3LfCPkzWXilVO1tOje+2n1lTV87Ds+OEYeOc2SSQV3lFD9Vxnc 6DzOc++8+NoH9Ny4e3VjX1PkB88hQoAACMQwgRAeX2M494meNf525aUSyUw3vZLG9kn0AqN80SZw oXEbLf3Te9R37CJ6Ypw0y4tvN5/WO9Pzl51vpWGXi2hRjxvEt+IbG6jtjVGiIeySmvsbssU35KqP l4sPXviiuuJg33ZBeNGuG7B4hdaf8jeUnTq+0zwIBIjY85ob1Dx123ZWQuU7xpMlkBGOz+CjXtn0 8zFmPmzw2Wzfzacsng9PkYS67CU/WXnBMKv+QuTvlRvplJs+I9RL9UzPIv7JN7VZrcZZMfBtbMyi 7H8L8EBlECdkr8tttKZEY6QTIlb/mmZX8AfUKSG0mXiPHzIoBAQBEIgkgfbGA4qh7vYCA0PQpDW0 +6Gfkpu/kPN3uHn/l5ZRSMM0s5aEsDnj/0DM8Sjt3VpNBz9toVZuFHRfFPrwNtqjmd3/8sQcKrYz dUa/oaDI9R+G4vlsNtfqX/P8896Xs7DwWYGC0cfwcP8/xbvfj/0FEoP0vDJLCRt0qBI0gJKUgSNy /GKi/9Uam1+ZRsWvGCBpKqXVguV4ZEfnxq1CUtfdQXMnE92/lbv31VPb5Xv1X3qYLV/IAw4QAIG4 IhChR6C4YhIzmT2zs9Tz2ZOQofVPTgjdkBEzJUBG4o2Avf6/6KVSbhwuvUDDLm2lPCMN8YN+VLRq BL3g+ST7ELXzAagwY61ndp7H0CGYlndU1JLzoZv8fr5xgQ/0N0hwRg3XfD6qBebnE4PWz3ZoQ4XP zY2RwiOH8PnOjv8op7ZpSwLOxLO38M9Xe/ejzN6SUZJzUN6Jj7LShDuLon/PCrPZuGFO/BcYVdjr L7C4EK+WUnP7esrrE2Lw7gTjszl2sU581tIdWcHiciPb6+Ouo6f3igFXVZTThVUP0AuNRC8/kMNn XDTRpodu8Z9KvMf3XzJcAQEQiCqBNtp0x0opB5NocD/fFxUj/30YFd0ZQD/5y/9XB2js9XfQjW/z lxElc2hMiVfAyw6qe+VhGjZ3p+fC6f/7T26o85Wvxopg/6EKVVzCbDYLfzlmSQtseBMiZBbcwf8X X8yX7bPxzy7982va/64iY0RB4Nn/SsAuOSLILwb63568rkI9Zj1c0O3xnbcNNdLyQy0rwoEACESP wL9ETzQkByTAH7Q23r1WDDJyE00N9XOngIniIggEIWD5iRRgG21490s/gduoruKAeC1/LPWTxzY/ 6kfD5MlI7z9Gs9d/bhzfWU9zhsxUrg3/pfaNvIV+mj9CvFZVRc3en3XwuMosUyGUkSHRE1vOFD/h Bj/Nmeeq4X8/uIEeVB4MltK05R+Is9C8AzubaXlRCmXlciPY0Eo1DF+7TonPyz+/2h8/vnTPt6ep ruyPNGfWGmr41ltAd8/1pdWfBUg7LPUnp6+RGip/Oarwe4mvbyQdzf/zN9mp/l5so8a6Kqoo20tt 3qNdNVScukQj3eOSkW7l++005/4ptPTIMVoo3V//xR8Spvm7v/jME8HIF7/x47TakG0QiHsCGr2t cSrF4n3f6/dcR/Mlj3FvvkCF0lpxPfsX0hzJfx9fm21Lyz+VaN4O58kGqnj1BVq4pJKc/AWXfHQ4 7R5T1csP59C2kx2yt/orLMlxJ5+SFOyIw/7jqgGDPS86haIJ/EobDfo9fu1CUxlZ+fq+4lFMt9/4 Y8lt/KN8mmx82dg3DvkZF6STvjdMFjZYNPzji+qLiU2s9Fw3nNXODcm2TxupsaXdUHDHsa3ibDrh 6sjB+tl0gl935QtpeB09lTFyeoDxslcknIIACMQOgWjsYAGZwQk4654XpnZ4/lYeuhA8gokhlF2D sOuriZRjI2l5hx+57S2pbhR3DZWy5/rmOHvtUbFdCmG8dwJS2orUdvNnvsXqzzqZi+945vrOwRr3 r2P8k1elbZN21zNJRmvNVPX6LXPZgYZW5vimjTXuW++1G20JO2BrZW3fuBV4Tls9a/ikgTU08N3V xshyitmuBu4n+PO/NoeDnT7hVOLoHO37VdlCPkcvEuXzOG0nmln1+nn66973xMl3dddHz6sUy893 fnPxNJo/OcBemzVKF2ZFfYcuC10+ueTi6XuV/eZF7KC27N8FTr279ddt/nL2dLulTWLbGuzM4Wjz 8Ns4/xFz+Mmyo/Xr4u2j4SPd/UXEd+3V5Ee7I5xw/921di87Lbf/eI+vKSecsUNA7hO8dX3s5BA5 CQsBof/g/eZCqd/M531X84nTvK88LerdJXq9S7SInfPalbW15imdbp6/uVbsn3naYh++hc1R+mWh fy7U7/qq3fmU67dVVY2s7TtpW1guy2nbz2Zoxg877X5KHo3+47tz4hjjSJkyThH6/4Yv5LFHM3N5 8fLOvXyvyeOv2Wvr+HiFj52E8ZPjHKtdN0vHd9zbfGdc5XCx03Jfr8kD8R14tXkQ+tHTdnXMpETX OqLBTys/htxtQv1xrhXzRyrsdzXYeLv0zaT76BtKGL5jGtuyj7ffbxyeumusXqle42145vYzvgkY +HRGvhjdxTxxPGPBBlZb+awid8mORn6Pi+2x+WyQNmCQF3glHwFZJ6H/j17dC28GcMQcgfPsJats ZHhZ96AWjawqD+/eRoloZAYyTSVgKy1WOnV5sCj8FowpYkVKm5TbZgk7Lo2htZmy719hmIY2PY97 1Bp2yiA+u/iZMtD1iaMZpKvXNjFPMu7OxCvWPSBo8+/8pCy0/NNcVq+1okiJtO5cHGJ8zpEb0o4b DPi0+QnVrRskGnLi8kK4h7tcf2HiL5e3dv5NIXAsMawDOY14+rWVDjMsb97aJrEYJzcbXif6k6f9 x3v8eKqrZMorBurJUdu2siI/+kXu7zW/o5f76bdcrHbJiJDTGTSvRj++9avjNLLlvu2pvQErJtL9 hz/9q45T+ItNnWHNKPuc36o7Q+LHdyUVxz1SMiH1/zK7QdKYySgLkl+k+QXISvQuBRjTKP2yNnfe L3pl3t6/0yt1dadNQufurHweOfR2MIkdD2I41uUFJ0lJAP1/9Ksdn77yXjTWjo6mzfQ0X4tIOJ59 /36/63yJIfA/CISPQOagWw0Ta9q7h/ZIbVII8MiKGjrn4muHGXwekzHiGWLffEZ85phhWsQ/8Hh1 RyO53pulfjarDfmjwVR19kPib/Z9jllvHqHTR8s8mz7IF0ct7it+2vqDTLpd/vRWvujvN384ZSif BOgDXTXkQb6Y9XHa6C//BSVUuo/nn62kwjR9XOGs79jnyH1W+ER3kO9FyWfa/NfowBd2Yp8voTzp 0yG/gUO8ICzGzGcrBjzu4gtwG1SZLk6X6y9M/OXMDF12hPasnCWf6n7vnrWMth228TpYb1gHusBx cpKWMcQwp/flZIj+16qflmkDjlos1mm8x9eWCW4QAIHIEsguuC+wQGsxTZv/kkfvsr3z/PRbFhq6 aD/ZP9lKM/z2xcU0f10F1Z9109Hl43XjW+3O4/zloJ/8FBKfaUeuV0b7uS56R7r/8Kd/tZkcmxNs PTnOb84OcjbsJD7zUHNoevbRc2lXg53ee+7Xur5c2AxL2AwplGPUZGnMFCBwpPkFyEr0LvE163L9 SB/Zx2Dwd+0IPvb7kJZNzvcTi2hpeRO5Ntynqzu/gTsrnycUyjjQI29iUcA1mP3mCRdAAAQiSiBF sBVGVCKEBSXQsqWYcqfu4eHm0qlLK33XMQiaQngDdHxZRpYcvj7DyHfI9b5+O/HwSkJqUSfA10as 2/oBtf0ojyaOKyDiO661tn5NDjffaZWvBZaalk7Zubl8u/kQc+p2kv0rO990IZtSL9rJwdeYyc4w GOD4Sc79LY8jrGHTI5XS0/iOaX6Ma36id9/7opB/B1EGX9/jostTfr+7phpJ4/FbefktGXyAzuNT r3TKFHZdjXQ5jPIWil836y8UEUHD8Pp3co7CrnnEB64e/vHCL2jhEAAEYptAy5aH+XhkM/FPX2j7 oyHsNhzbxUHuIkhA6L9bv02hzD4WcjlD6z+dwnghje8yL7zAEnS/00kuz/iDD0CE/rMT4wdPUeO4 /3Dz8Ze9vYPS+2aS6wznwscRmSEPvsJU0XHML0wEupaMMPZrbSUnb7aew5JOubncQIqxS9d4IlZU CKD/jwp2nVCoDB2O2DjJuW8LNVzbSD3zfxF1I11sEEEuIkagRxYN5QvXK0daFuVas5TTTjssaZTZ XzLMpWXr3p6HkpaF78Qa7B10KOl0OUwvnv8cOf+hGxgVeTx+dnfiKwlFydHN+gtLrnkvlcaNtDhA AARAAATih4DQf+f2FvObxvvCUI60PpoeX9D9vdP4uCG0uIbpx3H/YeHjr2yp6Gk52k23DEtqjmcc 8zMHSIipCmO/fL/TSkNMBMFAAASSnQBXwThijgCfdWS9Y1jMZQsZAgEQAAEQAAEQAAEQAAEQAAEQ AAEQAAEQMI8A1qgzjy1SBgEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAIGQCcBQFzIqBAQBEAABEAAB EAABEAABEAABEAABEAABEAAB8wjAUGce28RJ+dI/xLK08cXwcYAACIAACIAACCQHAfdXnnK6XSnJ UV6UEgRAAARAAARAgG8iiP4/2s0Aa9RFuwbiQH7PjFupfHM5savyQttSPA7KhCyCAAiAAAiAAAgE JpA5eD7v/6fTtQOvDRwQV0EABEAABEAABBKGAPr/6FdlCuNH9LOBHIAACIAACIAACIAACIAACIAA CIAACIAACIBAchPAp6/JXf8oPQiAAAiAAAiAAAiAAAiAAAiAAAiAAAiAQIwQgKEuRioC2QABEAAB EAABEAABEAABEAABEAABEAABEEhuAjDUJXf9o/QgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIxQgCG uhipCGQDBEAABEAABEAABEAABEAABEAABEAABEAguQnAUJfc9Y/SgwAIgAAIgAAIgAAIgAAIgAAI gAAIgAAIxAgBGOpipCKQDRAAARAAARAAARAAARAAARAAARAAARAAgeQmAEOdpv5btjxMKSkpPn+z K74UQ31/muYaXE9JeYaaL/Mgf6+nEsPrmjStk2h1ZR05hfDex7mtPrJ98zOYiibPpQ07m4zT8E4z HOcXj1Plqhdow/6WcKTW+TQgH/zR/pL2/utoOUAvLX2JDto6Oq87whAD8sEf7Q/3H/QP9G8YupNO J4H+B/0P+h/0P8na/3RaYSZiBIZDIbBnNjFexz5/eWu/FMO4P2PFBteJClm9iwc5+a5PXKP0RL9i tqvZrcgWHO6jb3QivpBPnsYJfRq6BMN0Yqt8SMpXCTt1KUyJdiIZyAd/8Z5B+0u++8/FKidLOnl6 TSe0RriCQj74o/159C/uv3AplU6kA/0D/QP9A/3D2wD0byf0ZriCQv9GV/+Gqx7jOx3MqOM9gHyM WXyOGmq3EDfGScciaviimfY/eqN43nMwldqaqeGTA7TQKodZTg0ndlOhhZ/fMJnabPVUMX+kePHm RXSIxz99opmaGz6i8nXzqVCORrtpbJ6FtnzxT8WnZ87DPFyDmP4Y2XsS7fpE8BP9y9cv1acxYBE1 u+WwJv0qs/8ckZvFpy0K5Es0wN9wJqq2rZjhRvuLbvuT6/RsB5mt6mRRhr+QD/6GDSNCnmh/aH8R amqGYtD+0P4MG0aEPNH+0P4i1NQMxaD9Rbf9GVZKcnjCUKet515ZZP1VAWVKfr8pn07W/FzKEoxw 0pGZk0vWIcNpYH/R4zdvTyBr/wz5MmXmFNJt+deK5wPy6HYeP7t/LuVaf0FTfruM6i+dp9pVdyrh p97yOjnlsx4WHs4qpt9L8pw4kYqHCH6i/5SShTyNc7RxshxpFR1sVo19sq9ZvxoUZokImC7kB8Rj +kXwNx1xQAHJzj8gHFwEARAAARAAARAAARAAARAAgQQgAENdgEo8f9Hf/A3V/7zqVFJyX04R3d+l +Fqge6TT0Dk7qHb+TVL4WfRq7d+UuKJDk6hhGln0wHNvKHEOHGtV3GY7NDkzW5Rh+pBviCVinuAf MdSGgpKdvyEUeIIACIAACIAACIAACIAACIBAAhGAoS5KlTn0yVWK5I+6aWhzm/z0bukhLFEnHOlk 6SG6Ivk/5IO/2N7Q/pLv/tPMIbySkeYsQipIIxHywT9CrU4Vg/ansMD9h/tPaQyRcuD+U0jj/sP9 pzSGSDlw/ymkk/L+U0qf1I4omF2Smrda+GsH0zK+zt2CRqJ9u1vI/eQtxp0AvzmNDtvHuxTvEQXy x7qKVxcdDqpZtZoO2TvIkqoqyK+byqT0Smng/VfRght7Kum7XW6yTn2OHrD+WPHrugPywR/tL2nv P2czrVnyFrVxTWhJlbWIm5q2Su6q+2nCgmOUJ1/iusfNsmjK72dTYZrs2Y1fyAd/tD/cf9A/0L/o f6SOFP0vxh9SU8D4C+NPM8ff3Ri6J3zU+N4Lw4TcXz7GZkg7u457s8WPAHUnGKMwtjJpl86R7zBh M1jjQ02DJlZ6hdNcG7mJOYSdVj1/LuY4W88qlowTrHfSXwk77l+IsWh/vi2bNenK6Wt+rVbj6wHL 6U+YgT/kG/OV6xr8jfmg/XnpD4N7KxSvKN9/trIi4/qV2j9fvtPw+ri3/enpUAqthoF88Ff7Vd+2 hvbny0TghfsP+kfVol13Qf9C/0L/GutYgQv6H2M26H8So//pes+R+DExo45rwKgffB06v8e+Ryj9 ikf8Xp63fQHxzWPDc9wwlqpXzqdDzhTd7L6vm5bRhj1cRCOf/jd6Eb1Q+L/kkiVyR+7UMUr4C59u oSmPVpJlQCiZctE/rnuIKl++jzwTYiAf/NH+kvb+yxm7hF6alUvnNbN5ia/y2bT8Jb5HtqR+5i+j wfQPWfuQ+x9X05Qieb1PoqbSWbSg5n/IIm/Go4Q0cPA1SH86fjmtefQWz0XIB3+0P9x/0D/asRv0 L/of9L8Yf2D85Xn8xfgz4PjbYJQNr3AQSHxbZCdLGLEZdecY//RVnCESaEadPJtK91vIZq+sYMe/ 6WTZuhi8tXKqNJOFz94TZvYFOGylxYazXnhb9eNfzOqDzAiEfPAX2w/aXzLef5WTVT0ZQPXwS3wm 8hh/esaPP5+xHET9MMgHf4/+4f104APtD/efHz3jb/wD/QP9G1ipoP9B/688JwZuKuh/0P9Es/8J 3DpxtesEMKMukLVT+2IxULiuXPu62bM+nRB15EirMiPNN6lFdOq7+ZR1ma/HJFzsYaG0XmZmzDcH yi625CD3ZSEPvmFkH0uvq2VniL9ZQTeogHx5xiX4o/3x2yqp7j/NTjnSDtj+tR9f2y6UmXRazXQl j6M993FDvoIE/D19sP/2gvaH+0+5W0JzQP9A/wZsKeh/FDzof9D/8MaA/le5I7wc0R5/eGUHp2Ej EOCRL2wy4ishbohySDne0Wgjekj9rEopyPdtVC8tcK7pRpXLoTjq1j2hBBs7JMBmEBPzKIsb5sR/ SpSoOfwrSTFLfe/bTI4R68h12UWpPZQVeQ3z6wnTK5PSOtEKId8QpeIJ/mh/iXz/KQ3dj2N8hYsc rzu4/knl+sdPIMlb0D/pvQPo3sDRDa9CPvij/eH+g/6B/kX/Y9hFKp7ofzH+wPgrscafys0NR1gJ BHmUCaus+EisZxbdzndjreLLsdErd9O2pxlN6qPP+oUPt9Jqyauwr+92g5Yewkxlfhhtp3zZQXV/ mkXDln8phhn5DpX47JiqN0fpz8Ro0fo/FMNkWu80vuacLxfvPIcSxjsO5HsT8T0Hf7S/UO6tUMJ4 t65o33/e+fE5F2Ycc+NbcO1DIekon/SDeUA++KP94f4Lpif49a7o36DJQv9A/0D/QP8EVRTQP9C/ oYySQ2hICGI6ARjqfBCn04TnnqKn717ruTL5+sm07ZNVVGzty2e1uamlrpRyRz4rxZpEU391rS4F e0sDHTn6teh3opkOtbRSFqfsdjmp5ePd9MKji6hBE2PnxnvVqbz881Ybn8Xn7nGeTl+UAvE0avkq lunCJ6f8yMi1UmZnP+8So3b5f8XwSOmdmv3WZYFeESFfMvyCP9pfFDR2tO8/RR1c31PVlYpnBB2Q D/4RbG4+otD+0P58GkUEPdD+0P4i2Nx8RKH9of35NIoIeqD9Rbf9RbCqY05U15e3S+SY59lrISxK PqvKa1vkls1+NkwwWuCxmG2zdegguo++ETz+yHeCLr6rSzQcJ65TrGLlUla6zxaO1DqfBuSDP9pf 0t5/7hP72eolq9mBZnfndUcYYkA++KP94f6D/oH+DUN30ukk0P+g/0H/g/4nWfufTivMBIyQIpQp 5qyHMZEh/onqq/wT1SffNshNMW05tIEeuD1Df63jOJVYBtEGva/mrJDuLimiojFFNOnO23xnB53b SYP7jNPNuNNE9jjverOJ/vzoLd7eOAcBEAABEAABEAABEAABEAABEAABEAABEIhzAjDUBavAi06y 2Vo9u+14Nj9I70e5/TOC7lQaLFlcBwEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEtARjqtDTgBgEQ AAEQAAEQAAEQAAEQAAEQAAEQAAEQAIEoEfiXKMmFWBAAARAAARAAARAAARAAARAAARAAARAAARAA AQ0BGOo0MOAEARAAARAAARAAARAAARAAARAAARAAARAAgWgRgKEuWuQhFwRAAARAAARAAARAAARA AARAAARAAARAAAQ0BGCo08CAEwRAAARAAARAAARAAARAAARAAARAAARAAASiRQCGumiRh1wQAAEQ AAEQAAEQAAEQAAEQAAEQAAEQAAEQ0BCAoU4DA04QAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQiBYB GOqiRT6e5F52k9PpJLocT5lGXkEABEAABEAABLpFwC30/+5uJYHIIAACIAACIAACcUYA/X/UKwyG uqhXQexnoKPlbUpPT6eUOe/FfmaRQxAAARAAARAAgbAQaNlSzPv/VJpV/d9hSQ+JgAAIgAAIgAAI xD4B9P/RryMY6qJfB745EGawfRtDb7Cv+Fcxj7YLFEO58uUGHxAAARAAARAAgfARsPTxpHU6lsYk 4SsdUgIBEAABEAABEDAigP7fiEpE/WCoiyjuUIS56Z0pqZR+DX+DvePrUCIgDAiAAAiAAAiAAAiA AAiAAAiAAAiAAAiAQAIQ6JEAZUjYIrxy12s099ISykItJWwdo2AgAAIJQuDicaqo/JhcUnEsfX9B D9yRkyCFQzFAAARAAARMIxDv/Yf7NFWX1ZFDAZRKt02eQnlpigccIAACIAACnSQAE1AngZkf3EJj nnmFaOtMLmopvVr7OL048lrzxUICCIAACICAQsB+0kZuSyZl9wntSaPjzAF64FFBb0vHoE008WgO WeRz/IIACIAACCQPgYtOsp1oJQffiC2Vl9qSnkHZfTPJwp+8nO1OsvRO87gFIPHef3Sc3EkTtf0f L9O6wZMor/CHQvFwgAAIgAAIdIEAPn3tAjSzo1x160P0klWU8oc5FeQ0WyDSBwEQoJYtD1NKSorP 3+yKL0U635+muQbXU1KeoWZhR+S/11OJ4XVNmtZJtLqyjpxGOyif2+oj2zc/g6lo8lzasLPJOI1u 1GPTH+8MKn/8+s+7ISF+onZ8+SZlDcijftc/SA0hLszZs/dgWlhyNxVJupuyhEczHCAAAiCQ6ATc VPkfmn5O0w9uafmnWPhTfvq3GX/2rH3c0VQWtP8p4H1feV2LIcz2Xc8GjZ9SWEgTZi+n3Z+eMUwj bJ6X26hm6TRKuTKdG6oK6Rc/K6RC/pc3IItSrxA5pWemU+q92xWR8d5/9MwcTAtKptP0yWOUMgkG SRwgAAIgAAJdJwBDXdfZmRgznaasfF5M/+hsKvvkbybKQtIgAAICgdbGzYYg3v82RfS/7CCbYYiD 5BYMb+2naYPhdY1nUxXNnTKM0q8YS7ttHZoL/I2647zu3PikgfZuW00l46xiGif1aRjHCcXXTS17 dgUNuL2qJUk2lJE20OHzIEKeEZfxS1q6vppee2ZqUI4IAAIgAAIJQ+DyeWpYb1wah2Sn63D56d/+ Ir6Ktp/Zb5yAxvdz3vc9OCyXUsa8SM0XNRe409n+qd7D6KyxkWpeXkBjf5ZNKbe8SKdDfAljlJRf v68P0KQrrqMJz21Sg1itVKieqa6LbrU/jff+4ye/pBfWb6ANlatohlpCuEAABEAABLpBAIa6bsAz M2rGr0tooSTgyUV71c7cTKFIGwSSmMCYxeeooXYLFSsMFlHDF820/9EbRZ+eg6nU1kwNnxyghfKs KVpODSd2U6FgzblhMrXZ6qli/kgx/M2L6BCPf/pEMzU3fETl6+ZrBuu7aWyehbZ8IT3F8Bg9cx7m 4RrE9JWX0pNo1yeCn+hfvn6pPo0Bi6g5LA8bFrqvgpdfkMPzoJSB09hS2+jxP3S4gdr+z72hG65E CnH/f2fxui9Lht24LzkKAAIgAAIhEOiRRUvtx6l287Nq4Hk11PzFaSrJEz997JlzDz/n/Yumjx20 uIZO77/f06f0Hbue939q35o/r5KaeX8r9J8Nh3fRa/PvUtN+bz4NvPJRXd+Xc1+Z2H9p0qdRazz9 madfO3yQNi55RE3ji/l0wxPibD7Vs5suZz2NzbiDqqRk8me+Rce/cRPjfWo9Y+Q4sV8zduCBrmQ+ AuO+/zD6WsCnlPAAARAAARAIhQAmJodCKRph+MBnesVT9MKUtUT77qNtLXfTgzlY6yEaVQGZSUKg VxZZf1VAmVJxf1M+naz5P9UVPjMnl1/PpS/7c+9Got+8PYGs/TOUMJk5hXRbvrSmJP908vb8XOVa rvUXNOX/m0N1rzxMw+bu9PhPveV1GstmkmcVtB4WyuVv3oXjy16eH6KJE6l4iGIVJOuQ4TTlkWn0 1pTraPpWIcwqOtj8QnjWgUnj5R+S5RGc/qW8LmYqWf+9gPK60FM4Tx6i6spqqqqpI7tUHHbtYHpg yhSaMnkoZXlPVXO30Z6tH4if+rtd1HPQcJo45Cqq2/RH+mPNx9TabieW0Y8m3v84zZk6NKjB0N3e TEfqmqj5WwdZLOmU2Z/Xx20FlJbCN33Y/DFfMIh/msrlXHVrMRVb1ToUstpTyq/w0+XPd67nqfBP oPZu2kgbNPl/4MFF9MSUW4LmX5MFOEEABEAgpglYMvJo6O15Sh7LHhlPuQOUU6Ie6ZSbn070/Q+V PvZ3k8dTtqx6Pf3fcBoo9a3ZOVbKzblJTKB/LllvK6bHZjXT648NpMc9fV8p3btiGh39/c/FMEL/ LfRfmvTHTSkiq1VKg4ey3jaMpj02jSb1/nfRmLZxA/3/7L0JfBRVuvf/y6vedObVIfHqNWGYdwB1 DKtJ0Ptxnb/shACCwFwBQQXCzOgoooCyqmzKKqIyI1EYCRCvbKMsUZbEz0VgRiWJAkkckTADErwy JIyM3bngrf9T3VXV1d3VW9Kd7iS/0tCnTp1znud8z1qnzlL+6mDXhzaTqvU1fjjnFuzQPPddeBDv T9V00+ySb+iFubt3Yec1fVCi2n3n0J5Y/DSw/ThxcDM2rFmHTZ/+1Rl4QmkCrhvWQ/ZRHYWhvTOC tD8yw754E9ZL+73j0xNO/2mp7ZDRfRiGDemOhMMbJdx/IPP+32Jol1aeylv2FRw4uHWzzIJMcO7V 5/Qgba9yfU+M6tHW07/cqW33lo3Sdyg86Gz3obRG21s7oOfddyCl9lOsX1OIfksK8VgPvZ8CnC/d Kzp9gyTpV9gFa+bAkchK1YK+IAddyJYjDrXNVy+vdv985R5s2vffTr/O51facKYwD+skPFX2yFlL Mbn/VShYPBOLt5ahVGZmZo9fiSUv/QYd9b6a0yP/IQESIIEIE1B4xS+BS0eU8dJMSJIrGLc1Zno6 Kte6dOjztmKPmRYUTAKNQMBU5ga9XulHoF0pGO4ql1ZuKvLHBC0vRdNvcrmRsj1n73kvOe7w4afM OQ7/3vA/6C1/enoFG8atEQcMU46GW+gvnlNkRp6hn7P+0usx02/e3jMeGjkOLw/qxwiryzLl64se 3k03dqVo8UA/YeUoQ006uML7nbNeqy1dq9yX3V/pr/5lZrr9Z+a47PRn6m/GUGXTZ3UmmW6jm51W d/vIE/s+a5QatxeaSCBuCej52aqui1ulqVhMCBh9RanzVvmpHxVTG+vrxt32+c9vXysLjDo1S9n9 rVdUTeH7C6MiL8eo3/P96ekVbNDbs7sUWd6qhbtA+TqAB73/cO/LB31c6eXNaOuMMPWwg7Qf336q yIx/I37W4eQqe046fGQ7Lar3KZOD+neF3+flMt8wTPyN9HV8qshKBQudpH/h1Y6HFH8Jq49H/8yu rPQK36ybZd+i8xrtfcaurM6w0i0UO0lnL/19gdCGBJouAb08+qtLm27Mmo7mXPoqrVjcXpfJl8O8 AS713hyC7afiVlMqRgIkEAaB7o8vNlx/dKTKMNfH4AjwUb4+4TXMTw1WDroaIxfsMoJ5ctEG7FWX 1BZtwvxfGtbI7ZmKxQfc+28myh498yaNdR/GYDjNwlOTBssncunq65fs3TnjHe2QD93O+atuap5k zFj0eOS82WEsS1Jv+w8fj1fedc3OO/PRc9hSuBM71T/5Ym5cpTtcdvoz9Vf2Gpz9ofWOhYY/w5CF 6YvexKvmZVe7HsbCXfK1nhcJkAAJkEAYBFrj4d1TNfclqPibe/uIUANJkBlV+uU26Tb1+60sXOea JSfep707Fq656dZhDZnu2g+3Tk5+DX6F0X6oS2+vvQXzjOYrB4vX7nQu/937Xh7kI5V25aHXT4di z1n9Xvv9+250S7sbSwz/QHbuTCxZsQSTh3f1ciyzzW3e0+J9nLgsZLakPtNQdzEkdzJe2SyrAcwz 8ET+qNH6XsHDkPdeKY6fPO3cOuRN89JnCcRTsg3d31vheZCFSTfnQR3Dh2DcpHG6eOAmPQTxu2iV h1+no2GzsMRLpmo/eI7MrsvWg5mOomPh5z/dN39JgARIICiBpjOm2EI1vWD6EvVMcUwgGF9J/czu iYlSFEoC0SBg+hrs/wtS4K/++hcof7PhXGp/rczXv1r7lCt3+BhaYDmLtTRvgPF1etGfvWfkNRyM EYcwZ9RVbZ1o6IV+C5Sj3/nqUrV7odsNcn1m7FUVjHY/77tM+co0o89xbJt71oLMSjM9cgqqLn7O 7VfC3v55raGA/dujymvaTEhpGMWd19d8eb73vR3Kjvf2KltWTNLCyVJe2bBTs1efuf42bylSvrKI myrMzU5kDF3t8cXdcVibnazK95O2hsI0kEAcENDzs//6MA6UpApxQcDoK0r9Zsym8tbM1Mb6unG3 fQHzm2n2mo87U/g+z5y6nFPeNNqBHOWjCE1t1suJ2rb4xssbgv97czjhtR92ZWuu2q65/vo+X6jU +Mz28pptPs7cv3Czd4bRdYFyqNpz1p2jYpvHzDhLvib++X+ReDqOeMzwu3dhsYVeLh7m9tHp1wtT 7SevG/HznFGnOTTJttRNnBn9C+9+l8kvTFwOzOllyJy0WVu9IDME9Zn5T2w+4aUlb0mg+RDQ6yN/ 5an5xDR+Y8IZddIixfX1f+XI87naRh8vPoU9oXyAi+sIUTkSIAHgarS/QeNgsaG0QUj2sHGeKKtu 0HzJgdpTJSiYey8yc/UTWnOR0/XHhvPYGmqwZY7sqem8crC7YJrl/i1te03FzkkdNHd52P8Xzy/S 7s20JYy3J6G9/uFbfCRePwBL5v7c5fcq0wOnjQMfrnzO9UwOwdj97SrkmPbPsV3TEY+8cw4r3Vv+ udhqPiDPewzsj/4De2BIf91RN/QYnq3Zq89cf/fJPj3tg+5Nk4tD6x5Ga9OMgcTOoyEvU67rOx46 oaPnLwmQAAmETED2U7U8RdUrgAR1urmz7ZQHYj5zeC8W/MfV2v6uYjf0AXRzbhDr5bEetxXGqfHD 0K19JPaTDrP9OL8Pc/M0xbssw9uz+yHZ1Pa4nsjsscm/Nw6qw5uyb5w+I/+rjRixUY/4FBw9NE32 eDPv1qoeeDUAmyv1GW+CVHfu57f0w9XItXU2Zvgt+uAE/jj1Hgu9fAOoqpAZ814HU7S6ZQIcn2/E +Oz+GNDZIuG83PuGKjr7O+zJ5HfQLzKNGXvtMrtpweRgaA99v0N33+P42WAUrLSgHQmQAAmERsCn Gg/NG101JoHbc2X3hVm9RWSJTGP/DL0ev7kxxVMWCZBANAkEGrCRJZIpV5hOqvPSY9q7MyCHx8bm ksMfKiq+QXK7TKSpfea60zhgLJnZgddemY8/q31Yb/3kfuZL7mWjB45UI7frz3zj0Gc07rLoi6e1 vU3c/kU24vYa6Lp0DlXai0afl+ej1zW+QQIpGLv6dTyS+SvnQ2/VdB91Rqe9xvWyUJ+WcmgPy7RJ /8UYIM/9sqPL5C8JkAAJkEDkCLw7MQMJE/2Fl4Vty+/3aZ78uQ7d/jhOXwCygn7ICRJimO1H3cnj xtJbyNYQSxZ/7xxJSzKLkfbYZvsK8wy7TSg/VYesGxJR9517EfAzHzzluSTVcC+DdTeNRumGcoxd dBgDbrBooE1ul01wLzV9aP0JTOlj0c6b3CemuMObfW86ZsuzjOyh6NZG7K9MRmpKGjpm3IE57+xA mhXf+rTTunyzX9PYW+qNnTQXSUjROwyJrdFTvuVtNvo7eiD8JQESIIHIEjBXTZENmaFFjsB1vbDz SdlPaZkcADtxHkombIzYKVWRU5IhkQAJhE7gHI4f01wHmlFnGWAWnlw0GeMeHoGOloNRlp4iblm5 bjQ65hZBlvjC/sF/OE9HTTFJ+ePsmfij6d6f8ZzMFLS8wuXyQzUOaQHZkvUetW/IiUkery6+DiJl 4z2QGKlwGQ4JkAAJtGQCtaeNQamr/Vf11oQyhmLx1EcxXk4e951xZu0lFNsOt8oHGKgfYEpQ/d8y Szy1gbPqwm0/rviRh5rzp870uPd7o80wq/r0PcNJp/9nbskNa8OQMeIFlIwwbkMy/GHUZIzvsxF3 Buqz/GQgKrY+jQ5DFhphlhVuRplx5zbIMlQsu0+f4ea2j7SpzjJAGbS7QR5woM6SDi1JgAQiR4AD dZFjGdWQsh+RDsAytSOwCc/LJurvjol+AxXVCDFwEoh3AuG+AIQTn2/KMUPr5PXp415m4RvELHz1 3XS0lsEs53CWbMqcfGU0FfPVwK+NrY3fR0Au1r83GDZ/g3CqT3VZ0pXtcFu2n7os3BeVxDTcoX3l Pl5RLQKswz1ffTyA3t6P5IWFraQ3FN6TAAmQQEACSQ0cpwoU+JnSPcZA3R0Z7fw7nVgI+5J74Lgg bY3MkrbJrCzTGQP+/dXniYSvX5vkoKHcrjfrt43/O2wZdoz5mefWDl5aOKT9TU7NQo90V0Il33Cr uHAd+WD33I3Cy2fot13Hr8QLPc4iZ+Rs8bQJd107AYe+WxVwtmH64Beh1ExA4cYt2PtJJapkUNZx QZ09f1oOdXIP2b00NB051QrkTKqwLkftubDc0zEJkAAJxJIAX0FiST8c2dcPR8HwMc49JN578E2U j1zkd2p6OMHSLQmQgImAdLZrtNv3SmV5ptWA+A+ncUhbYukcPDN5D9VYvOK3htMBt6YZZh/D0I5o LQNzrv98nsaXhYkd+mbiPtnPrXGHFK9Ga+0r95EXu2Pd8Do8kOX1tnjhKCZ3fy4MbnkoP7MKHduE 4YVOSYAESKAlErgoyy2161B5NR5It1jqeKYcb+iO6vV7Gmt6L9J8Bt4PblBWO5npLa1ngBnW9VLB wlN679Fi69rSYNfEGdg/ZjvulBWbfi/nxzfRLQpvYX3u7iH7qYY3UJiS1t5QdcLqIuQu72fc+xgu 1ci2F2eQdmMHBEI75cnfoL9sR1uR9HeZJfeyBJOHblel4quLc9DeKt6n9mDAT3vj52/JbDk5FTZb 389VV0DkFi9/0DjV/bjMXOxpnrlo7oNYdj4cKN25XQ+NvyRAAiQQ9wT+T9xrSAU1AjYMmf66Zl6M vJ3fkAwJkECkCcjeI+qsLOe1fAg2nfIVcH7fRizRrLPa+vbEbZerh4TJJUs3ffqKakfzlYfQY8EX LjeybDQ30/swCE9fnncub9H+14iD7Onmb0aZ242mTWInPKB3rD94BNO3aHG0UNZx9jiK81/F5EnL UHLW04ERrhU/cer/uQ3ZU5cbgY3ulojpa/+EanU2hcweqDi4DgOu6hzaS6LphbP8b/8wwjQMF06j tHgzNuQX4rTXaK1//Vy+gz03ZNBAAiRAAk2IQKIM9uiHPCwf+iaOy8CJ91W8epVmlYX2/+b1IcXc Ylo1fLXlWPnLn2C6FsKg1+cFnJ3lLTuq99oWNS4ZO3DX/zcb5bJXndVVuW0REq5IQtIVE1DuxShY ++DveeINWZisCdsle/Otq/Q/La72WAk2vDIPM+cUoFaTb/aPl7Mxd9dfrVTH+cObMOCKq9Gxa0fc ueovlm50S/tFlw7pg5ejNE9dEaRec3H9gN/J/Djfq6622jmn76UH07HpWJ2vg8tT0H3gcF973SYx xei/vbehCLW6vfZ7vmwtxhZ6WVrcXm21/52fvpC1W4tAaUUCJEAC9SDAgbp6QIuVl8SM4caJhcvv XW3Z0MVKN8olgeZBIAX3zZ5oRGX4T4dj8ycntJNXHajc/QqSuz+jPR+G0b+4znCrGqorS3DwsDaI /mU59ldWoepYFSoOl2Jr3jx0kw5uj8ffMvxse1P2dtPv5At7xSelKC3di+N6B1/CKCoVO9Ve/qp1 e91PJH9liYlTjsgz4iBfwNfJcpMKkw5ONxIftxu3EoOffse4UZemZE9/GyWnzjv5OWprJX57sfLJ fki69nr0GPMYli6Xk6z/pr9QOJz8dm7Jd4WxeTF2lFaiWu9tC58qs1z1uSyNMTNpdctEFE13L3l9 4cHb0fqqJCTIvnQd7xitLewxVPRrML9wPnvnONk0+gxq5SVC1X/1jLFIuOonyOoxDKPG9Me6ck1/ b/0k7fbKrExDP+/n3vHzqw0fkAAJkEATIPCvvTFL/1ijDsgMlL3MpP53Xo5a10eq2Xtc90On4M5U U5ykfqyQtu+o1sZVVZaiQtpOZ/up1rtzpd5N6YRHjZNJZ+F3Y911PdSPJ3o7qQX7PxJGqbQZLvuK gEtBTZrU25g9e5+cN65dn89Fp6u64dWtB1F9thbVp6pwYNt65GYloMOgpzVHsqxTH6jzbh/CbT8u EzZb3X2X0R0SMSO/WGTLgJeEXXu2GmW712NK/wSk3NgNox6fhfnPLnEPpor/p3Y/p2uP2X3bOtvv 0mNq21crbe9+afv6IrnrcKMdbWPTPkpqvqpV1v9VBnXjCe8rY/xbKMjWbOVD3k+GrZFlrRLuMZPr K9y+ht9ow5ItEpb6oU29hNP5yj3ITdcH/IA0n4He1mh/i8s5RMYvJq2R/FeN2jNVKH5jEpK1Q6Sc Lq763pm3atXgL9R66P2HUVugxlu9Ep3/qv+4+kJO94YdoLqt0PO4yZ5GEiABEogIAYVXkyJQe/BF tWV0/s3Ze75RdHdUrnXJ7PO2Ym8UiRRCArEkcE55LdtVxvSyZvUrmxl7KqmXE618Wvlx2+Uomyrq PPw7Dv/eKNtud156RK0M2hXpRAeXbxW3Pms86oWqbc+HHk7XWcrR71wY/MW/48tlTgf+nsthFh7y VcelG+ZY6yDy1udP054NU44GqNBkwM86DA8Gucqhmobpr8fPFQr/JYH4IlCRP8ZZDga97lXfxZea 1CZeCJzdp8hgVdC6c+OXDg+NK/L7B/VjtIv9Fhjthh5IRV6PoP4HvdUIefjkbmVoCPFX45K3/4yu vuKvfdPbh2DPXQHZlaI5vYJy0Dl2nrZV0ZovQw+Z+RaS/y5PFCg1Fw1vlvqv+szUx7l0xA+XLOWQ 3g4f0941QuE3sdAt3GRylC4PSX+dgcp363Dr/PpyuQTspVPHl79wSivw8GOKg0kXGkmgqRNg+x/7 FOSMOqmtm9LV6rbRWKApPHthoWuD+aYUAepKAnFPIAWP7DyHohUP+tE0B+v2V/ueONY2C+P9+HBZ Z2FI7kzkbTmAmovbMVTbxFn3kpjS2lg2pNt5/94rs9SMGXjeDxt0b0P6fQPqFcK9OZ46tR0wG46T h7A0t7Pf8MZOfw17Pq+G8tkcdNSWmfiLf582yc5w/D1/2IJJxohZUOw1KP94P/YW7cXeA/tR/uVp p7weV/7Tr17mB93nH8TORZPMVoZ5yKT52HSgAnZFNsZ2qYfEpKst08/QP8hzI3AaSIAESKCpEvjX u7D9uyN4zV/9328WPjrpwLAb3HOV1Ki2y7g/cIwzczB2+lJnvasUTjPaDd1Tcqp6GELga0B6WmAH kXjaphc2XfwaWxY95De0JxduwenvFIy/wz0jPzLthw3dZ+1G9ccbMV7fwsNHixxMX7EBhyQNDi8Y DK35MlypM99qK3Zjpj77zXjiMmSPn489JdX4/KX7PU7NTZRZ8sZsQqfTLKRcbV7anIQOVjr1fQCp 2n51dfrsQvGfkd3fS7J+m4XFm0th97OHXmLGRFQfyPfSRfWbgzxps0u3PqMH5Py9Pz0V6YPcs/Tc D3PQKUXuvE4fubdtK6eT6268ye1Uwo7kCcKmgGkkARJo4QQS1LHCFs6gyUX/zPaJSBu4QvSeIpuy LrLelDWCsar7Ih82dbq57Kdl/8C0VC+CMhgUCcQlAVkSUVFR5RwQt1+yIymlPTrckBqVDaDjMv4N VUr4VcnSE1uqvCBdsMsprylIU0+ttdpIuqGyQvRf9upAZD62XVwPwyH7RmQFG/mUl4daiYe69Ab6 qbsx1D/EaNIZCUSEQOW6B9Fh9FrIjDq8O8H8chqR4BlIMybgOHMcFSfPO2Nol/oz5afSfrZxDXQ0 42i7oybLfatOyNLLizLeI7a2lDSkpcrJs43UfjhkuWvV2QSktbHBXiv9l+SUsE6Nd8h2GNVnZKls mySn/5Rr0rzHrdxxjZCpVvoLSE4TPSVAte2V5bF2h/QdnKfES/9B+IV61Z6phvhEkuxtl3xNsIY+ 1FDpjgRaDgG2/7FP60ZqLmIf0eakQeqAhSg/MAiOlFuiPkjXnLgxLiQQNoErk9HhVqvPwGGH1DI9 CL926VrHOjn0DnbUYNUewmvOQTqR0OUOtA+l7y6tZHI86B41KAyYBEiABCJPwJbaHpmpkQ+3yYRo M7V/MVDaJgNrHa5xCU6Wtjjcy5bcGu305rse/sOVp7pPbmOa9ai2vdcky6y/8HV3hiUfCOvnsz6a 0w8JkAAJRJ4AB+oiz7QRQrShw+09G0EORZAACZBAUyTgQNm2zThUK7MJUlPhkA2pUxxHMXnkVJRo 0en0QE924pti0lJnEiABEiABEiABEiABEmjmBDhQ18wTmNEjARIggZZGoO6Lt5A56Nf+o911Ad57 sqv/53xCAiRAAiRAAiRAAiRAAiRAAjEiwMMkYgSeYkmABEiABKJDILHtXZhsFXTGUCxeL4d5HJrG bQOs+NCOBEiABEiABEiABEiABEgg5gQ4oy7mSdAEFLj4vUvJ0+q2rLxIgARIIM4JJHbCYjknaa4s eXVccoiyNtkEW/2Lc72pHgnEGwHHKadGDntCvGlGfUiABEiABEiABKJFgO1/tMiGHC4H6kJG1XId JqbegvVr10Np1dF5clXLJcGYkwAJNCUCNjlhVv2PFwmQQP0IpHWbLu3/OFzX6br6BUBfJEACJEAC JEACTY4A2//YJ1mCIlfs1aAGJEACJEACJEACJEACJEACJEACJEACJEACJNCyCXCPupad/ow9CZAA CZAACZAACZAACZAACZAACZAACZBAnBDgQF2cJATVIAESIAESIAESIAESIAESIAESIAESIAESaNkE OFDXstOfsScBEiABEiABEiABEiABEiABEiABEiABEogTAhyoi5OEoBokQAIkQAIkQAIkQAIkQAIk QAIkQAIkQAItmwAH6lp2+jP2JEACJEACJEACJEACJEACJEACJEACJEACcUKAA3VxkhBUgwRIgARI gARIgARIgARIgARIgARIgARIoGUTuOw5uVo2AsY+KIELR1Hw8ir8+ft/Q9b11wR1HnEHlE/+zH8t tvzVVe7By7/bCvu/dUP7ay+PePUSLEDKJ3/mP5Y/1j+sf9n+sP0N1l+I9HP2P9j/aMn9j0iXpyYZ nsKLBIIQqCgYo0jmlr9c5auLQRxH4THlkz/zX0stf3alYLgad/kbtzUKtUuwICmf/Jn/WP5Y/7D+ ZfsTrLWM/HO2v2x/2f623PY38jVKUwyRS1+lBPAKQuCS/rwGtYZZt2uEX0Mm5ZN/I+Q3bxHMfxqR GJU/PT1O1sGhm2PxS/nkH4t8p8tk/mP+0/NCLH6Z/5j/YpHvdJnMf8x/el6IxS/zX2zzXyzSPE5k cqAuThKiqahhi7GilB/bBCB/8o8tAUonARIgARIgARIgARIgARIggeZNgAN1zTt9Ix67mM5okdhQ fsSTNKwAyT8sXBF33NL5RxwoAyQBEiABEiABEiABEiABEiCBOCPAgbo4S5B4VMd2ubpFlHqlwNb4 e8mKTMonf+a/lln+THM4r1JgunMViaj/a5JI+eQf9fzmLYD5zyDC8sfyZ2SGxjKw/BmkWf5Y/ozM 0FgGlj+DdIssf0bsW7QhBsMuLZp3nEe+BlsXL8H+6jrYktwV5Ddl+Zreeeg0ohVm/DzRiIfD7kDm 6NkYlfljw67+Bsonf+a/Flv+asuxbM5qnJbusC1Jr0UcKNuomTePwH0zjqCj/kjqHofSGiOffRJZ ybplA34pn/yZ/1j+WP+w/mX7ozWkbH/Z/9CyAvtf7H9Gs//dgK57s/faFE/AoM5RIlC51nW6ovOE V+2kHbM5M9P6eZ+3FXskVKJ8a756GpC/NR/mv2ZR/iry+1unr5b/MzMt6iR5NuitykjUPgrlk790 +PzmQeY/azYsf6x/IlEBs/5l/cv617qOVbmw/bFmw/anebQ/kWhDmmsYCWrEmv1oJCMYGoFLMqPt JZnRVJvgMcX7m7L5eGOnFkS/WZiX9b+w6yGKocPoqcaMuvOfrMPICQWw3eiekac79f214/ufjEHB S/fDOSGG8smf+a/llr/aQzKjqwDnTLN51V0pyxYsxQ69+pk+H93wvVGVOL6/GiNnyIxtcPqbAABA AElEQVS6a1xWZXmTMGPr32C70nDi33DBgZ8NXoBlE252uaF88mf+Y/lj/WOqM1n/sv1h+8v+h6tK 6Mf+F/ufAfrfpoaDxkgSaK4jkIxX5AhUFYzWZhnkKkcvBg63Ii/H74wEybcWz3KUQ0Gm41E++bvy DvNfSyx/BcO1emNoQeDKR+YVFmRb1TEB7PqsCTobkfLJ31n/MP+x/AUkwPqH9W+Atsaq/8v2h+1v wDpFUdj/YP+jafQ/gmRkPq43AR4mISWAV2ACjksJmoMaOC4Fdmu78urADnyetg56QAXlk78r2zD/ tbzyZzrn9ruEIKc+y952ocykM9dBV4kf872PmfINJOTP/GdkBisDyx/rH6t8EcCO9S/bnwDZQ51R b1xsf8w0DCxuA+tf1r/u3BCSKaL1b0gS6ageBHiYRD2gtWQvgV9qgbb3r0VNrxWwX7Ij6XJjR15L ZE43V6YhOYxcSPmWKA1L8mf+a87lz8jofgyDN9hRs7JG6p8kqX/8ONKs1fon5Zq0wI7CfEr55M/8 x/LH+of1L9ufwI0n21/2P9j/al79z8Alnk/rSyDIq0x9g6W/5krA9H3LbxSTr0mWPeeCH8MYihtv IZTvTcT3nvyZ/0IpW6G48c5dsS5/3vr43F9uQ7IMvgWvfRBSHeUTfjALyid/5j+Wv2D1hDyvT/0b NFjWP6x/WP+w/glaUbD+Yf0bSi85hIxEJ1EnwKWvUUfc9AXYLtfPG0kJa/ZbpGJO+eTvykvMf+HM Pm0u5c+Ix08TgywTMlxGx0D55B+dnBVaqMx/zH+h5ZTouGL+Y/6LTs4KLVTmP+a/0HJKdFwx/8U2 /0UnVZtEqJc9J1eT0JRKxoxA8g0346ZW16LflHHoeaN2vGIjakP55M/811LL3+W4MfMuJF97M6aO H4X21zb2JHDKJ3/mP5Y/1j+sf9n+sP1l/6MRX/1EFPtfLbv/1bi5LV6lJajHUMSrctSLBEiABEiA BEiABEiABEiABEiABEiABEiABFoKAS59bSkpzXiSAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAnENQEO 1MV18lA5EiABEiABEiABEiABEiABEiABEiABEiCBlkKAA3UtJaUZTxIgARIgARIgARIgARIgARIg ARIgARIggbgmwIG6uE4eKkcCJEACJEACJEACJEACJEACJEACJEACJNBSCHCgrqWkNONJAiRAAiRA AiRAAiRAAiRAAiRAAiRAAiQQ1wQ4UBfXyUPlSIAESIAESIAESIAESIAESIAESIAESIAEWgoBDtS1 lJRmPEmABEiABEiABEiABEiABEiABEiABEiABOKaAAfq4jp5qBwJkAAJkAAJkAAJkAAJkAAJkAAJ kAAJkEBLIcCBupaS0g2J5yUHamtrgUsNCaQBfimf/Jn/Wm75a0DVQa8kQAIkQAIkQAIkQAIkQAJh EnCo7/+OMD3ReSQJcKAukjSbaVh1lW8hJSUFCZPfj0kMKZ/8mf9abvmLSaVDoSRAAiRAAiRAAiRA AiTQQglUrsuR9/8kTNry1xZKIPbR5kBd7NOgfho4Z5k10ij3FT9y6VhxHo0k0ZMJ5ZO/SoD5r2WW P8/agHckQAItncCFWtReaOkQGH8SIAESIAESiCIBWxtn4MfPhvj2r7bNsgAvZles5Uch4hyoiwLU qAd56TRmXZHkHOXO+/x/oi6OAkiABEiABEiABEgg5gS+3oaEq1KQctVwlIf47hBznalAzAjUnSpB 0bad2Ft6ImY6UDAJkAAJNHsCPxzFMLVtTknA9lMxiG2s5UcpyhyoixLYaAZ75v0VmKcJSPqXaEpi 2CRAAiRAAiRAAiQQHwQ+XDpIUyQlPhSiFnFMwIENA7uh56Ac9Mr6LUo4sBvHaUXVSIAEmjoBvVUe uOT9mEQl1vKjEWkO1EWDalTDPI01Axe6JHT5HQakc6QuqrgZOAmQAAmQAAmQQOwJ/H03nnrJpUan hWPR0RZ7lahBfBNIulHXbwfK/8IVKDoN/pIACZBARAlc1gmPLurpCvLlGdhzNqKhBw8s1vKDa1gv FxyoM2Ere3UgEhISAv4NXvWZyUfjG8//KR/TNbFzlo9EcuOr4EdiDVb/0pvdbI+lKefLVvlhOxXl EThRNtbpd+KPT/iJnzcX8/0LOB6BuOObPehmmXe7YdOxOi3NrNLIpUuXaR/6SddwrU9jZX9z/AKb Fx/4R7gC/LoveyN4+c3KHIDxTy6QZTBn/IZT3wdn9jzvN/2nv/cN8I0s2bJIo0ixj7X8+nKjPxJo 8gT+/hGGeZXtrpP+6LGnZNkbD1qW/wQvd02eRRQjcHDNIpQ4w8/C8rG3mST5tm39Fn1oeu42Fi8Z 5JkOw9YgllvquDWrv8l/3T/b3b+oPeSTR/X2yNk+1V98XPu0f6mrl4WO7flhW6fBXxIgARKINIGM CU8jyxloCSa99qdIBx80vFjLD6pgPRxwoM6A5kDlzu3GnT/Du5srPTrf/txFx74G6+c8owU9C+N+ 8ePoiKlPqD+cxpaN3h7n4pcr3AXVfuKotwPtfi8cDR6sin36Oc4e9hO/QNYlqG1w3IG6b7/SXmC8 ZZWg+h8JLktJo4M+aeR6dGT7icjk6x9qsLPQWwf/93uOVPt/GOaTEx8HL7+lZTvw5kszZBlMGh5e +0WYEgI7rz3xX34dfKoeby6bnFpdR7Z9ExH2sZZvFTfakUBLIFBXfRSbvSJ6ePkQvGL6EHHm47Ve LrTbPdb1grXjFmz7z0OYP2WPC8AzS9HrGhMLaXe827YPnn4K+73Rnv8Ik6dsM3kU4+aDOB2BNtgz 0Ma981/3m/oXfy/3yaO6lu+eOK8bm9mvDfcVHMLeXTuw98B6dLyymUWP0SEBEiCBeCLQqjeWTL/J qdGR5+ahpLEPfYq1/CikBQfqDKg23L/ha5R8XIKSkhJsmN5He5KDdUWlTvv9B0pw+j//A7FabVF3 5B08qg2CPLF5HFpfbigfe4NMOV138qiw24OZmS51MuX36NO3G5tKpg5YiHJh68l3AUq+LEJWg6HG Pv3S78935pOiAn0wVTg8v9UZX2e+UvOW9md20+Coi5jEzg+i+nM3ezUFXlHzbUk5crO0r8iSRq/I C6WqQ9ErA1UnzmvS2iKc3nd/ZPK1ng/0uHqUJWDalgMag/3Y/3EF/nOsq0LXdWnI7+CV53D65GlU 7NaWhiMH2z+vFrvjzr/yzz/Cm3PvNUT84cF0rDNmGxrW9TakP7DZlb+L1olk1zVd2Kpp8M7InwHX D0dhrjn4YdgkaXT6o8jUKbGWb44ZzSTQkggkdv4VTleUo8Qo+1nOr8pT71xiDAL1W6b1Lz6Wejrb Rafz84U4XjwiMnVvMwdeWfAsdmhx3PjoPZ6xvaw98uzykWhOb5N9idSvMpPZdJ3Zt93zg1bnNfja vgod46kvZdI3VKNa91cU5WszGVRfWdir9rUq1rv7VtePxunPXf2v14brIWchT9qg/Y/8XLdodr+t 0rPQo3d/9Lg9neWs2aUuI0QCJBBvBLo/slhTaQfmbGj8VYixlh/p9Gji3ZMI40hujcxbWzsDTfni Oi3wJGTenREHHTkHts75taZTLnIHyYt/nF3JbToiU/6+uEEUK5X/5U/tOQ584m3YN8lA0OU2dFBH 7+TS+T701n3IvKGV067B/8Q6/a7U8s/VR4yo5I8YjExjjxTDGjC5Mdk2wGhDapeeGDd1NOaNyHeG k/yvkh5dPZd62FLFLhUo+/P3mqwp+O2I7kiLYE3gygfuqOhpDeTigYG3R68sXZ6CtDZA2j/TNOFJ aNch1YhbWpt26NDlTvS/7Xmk9X7O6Sa/6AQeuCFCg4W2ZFf+/uFfoGvQ4ZbuyOzgUufMn1YhO09T DcPw0bcbcad5Voj+qL6/sZZfX73pjwSaAYG09A5Iu/F/tbIvAyLOOM3FbzaMwrtjpI7R2wex/0Kb 2fP08H5oZ1kHOFBxcIfMUt+JA5VnDDpp6Xcie/h9yLEadHCcxs6NH7qWcTrs8vGmJ4be2grFa17F q1v/hKoz1VBS22PoiEcxeXT3IIMWMkO9eBPWF2zBjk9POOWnpbZDRvdhGDakOxIOb8SmT/+BzPt/ i6FdrNvvEwc3Y8OadeLur07/CaUJuG5YD4yaMApDe2cEkW9E2WWQ09yW5mrDdEMLMEDqeZ9L6r92 7fSa1/V0+euFeOG+hzRZDny4dqGHt0FTbkdriy9ljrPlKCoswsF98qHlVB2qhZ16pd6Sg3G5jwpX aUS9rjOf7MCOsvNIkvDsMoH69hEjZQaXpOMn+1FaeULsxBIpaJeRhTtujfCgkcQ9vfsDmJU7GkOc bUw36Q9k+rS1aWKXBpl9qM9yGDcL47tneMXEdVuf9Kur3IN1+/7byUANReWQOXAkslRcF06jeOsG rN8mTI+dcebF/oN/iylj70GyV//DcaZc8v4WbC486My3UFqj7a0d0PPuO5BS+ynWrylEvyWFeKyH 3k9XpemXAwe3ykezCwlI0q1gh9LqTowalG7YBDbEuvwF1o5PSYAESCBuCfxkILbKpAS1LXr3V6+h fGwjfwyLtfxIJ4zCy5JARf4YRVjL3zDlqN3SSeNaHntH0wfKoLcqG1W2o3KtS3aft5XgKOxKwXCV m+ffov3nPXTW+Q56PXhcwpPvEqOHH4n0C1e+4V4YrPqszoh39YF8Zca015Sj34mVzlTy16EgUI3w QuF/YZ8is7lc/CcWGrI9DJeOKOM1N30Xlnk8sroJS75FAA1Ni3DlG+79lV1T/KOS/0zh6+lfXbzQ VCZylUM1FqD8WBnxCSX91TBiLd9PPGhNAs2egKnsudvAHOUjj/LubiP1+sHMxfHlbqN+dofh2Z7K Rw9lz5cOszfFcXi5qY7xdu9132WZ8vVFD+/um+p9yuRML/d6m+L12+dli/bj208VmVUfRBfR/6Sn /m4FfE1VWyca4Vkx03242xpdfpay+1vt6dldinw3NMJR2VrV/7XFL3q4sUqDzs8X6yK1X7uyOsMz 7H5zlgZIx2HK9vLQ4+8lzO9t7SfuPPDE5jOW7oz2ROK/6M+e/TKnh3qnny8DJ2Ppr1aX5vtl+sS7 nnr6pqEnVz09+vjrOzo+9Ulnl5+coH0tNf4xL3+WqUZLEiABEmh8Anp9bNVWBtLG3M48tPlEIKdR eRZr+ZGMFJe+SgveFK4PX/ulpuYwPHtfhGYARTnik9buhL7EwrwEKMpi4yr4pCvcM9o+nDsa8194 FHuPy8ljN9yJ+dld0XV8D6R6fU1uUAT+71149EkthJdf9d2jRx6d37cJb2hOxg+5uUHimqTnE+VG /NU5DtG8kn6k4PyHC5HW/WlNzBQc+m4VspKjKdUddqzluzWhiQRaEgFZUrhrM+SDiFw7cNfCD52m oP98tRG2G3sb9RNkEf1iaUf3H9iPnWsXG0vqgTz0utFmOihItj9IvQvzJo1Ff9ekdZOoLDw1abBM bdIX5Mujw09ixjtfmNxoRjlVtVva3VhS6n6UnTsTS1YsweThXd2Wmslm85qOJgcWDLj2Fswz/Lv0 V7e72PteHoYaIYj+Px0a2qlwl07jzSEvu3z2WYPRXrPEjSBNhodX7cSbE1SLEqzf6YrniX07nLMc +z5fgDef7Ghy7Wk8c2SXySIL01dswN6ivdiw6CHD/siz3bGuUtpx47Ih88k5GDc827B5f/ZTpnQU /B7psgkD5MjaVz7+h+E+EoZWmQMxWQto+XNbLQ/JOLBxnuZiCoZmee1z3KD0syF72SqZcThO/oYY 0XlPtphIyxxt3PdXZ4Qad8DxC6ZWWPLfqNH6Xo7DkPdeKY7LdhblJbJtxfR7Tb7gf0bmZWmYPP1h DHHqMQ5DDe5J/v3oIce6/Ol68JcESIAEmjCBxJuGY7XWHP5h6JvGFiCNFaVYy49oPCM56tecwtJH kSMxI6vBXExfgjst/KzBwYUbgDEyHdKMHvdsgUHrZRT91FvGl9SHTDMBdb6hjNKHJ98VOz38SKRf uPIN9/LFOnvYZGXG9Bny95Qx0y3QjACrtDHCC4m/fBEufd3NXE0Dj8udPujyO8VjooeHO/dNuPLd Pl2mhqZFuPIN996zFS/alaqPNyrysmjwmbPXYkaBVwSM8ELkb57Rhuz+hix56VaO+pvF4iXTfNvk 5JuVp5kEWhIB04y6fJnxVlUw2ij/+RX67Gp3HezZFpxTlppmonWetlWp8a4vLp5TtsxIN8KEOjPO i69ZJvouU74yzdh2HNvmnm3UZ43XDHm3XtLJVNB1gXKo2nPWl6Nim9GOqW4822+7IstdDN36Pl/o q79ILFo80HCDcQVeOnhFRm5ri58z3HvPzPd2rbc1D62XWVy7p7r8STtnl/8Ksl26rSqpNvT01F8L 7dujyvpV65W9H1d5B+/RtlrO6DKlv5Oh1PnrPq42wrFL2K/ldjbio86MrE+bYARoYSjNG2CEn/8X Lwcm/XxnQ0Yw/UxyXByE/dCVylF9dqOkR0XRdmX9liKPPOI4rK3ekLzlo7tEpfYTd9/Gkr9XdNVb d3kItjom1uXPQnlakQAJkEAMCehtqmVbGUQv8wzvZz7wnDkdxGtEHsdafkQiIYFwRp30IuL9Orhm kbbfTRaWj/X9qh23+qtfSn8yBju1GV5/ePCpxj8BJsZwCjctwfwF8+VvqbERdrRVSswYgJmakD+8 uMXzq/rf92HxRtfDJ+YNQSNN7Ip2lP2EvwndkhKQkKD9XSF71v37cPfJd+MKMKWH14wCPyHV27pw p8nrDixZ/WFETng1BRrYGGv5gbXjUxJotgTs3yei7f0vGnXx6F+u9qyLvWP+xXY8pc9E6/I77Fsw 2GfvLsg+nEPmHcBr+sQtmRm343PzzC7ICeraKd8yb2n325PQ3jTpLfH6AVgyVzs44CrTA1UXmU00 QmsbgCk4emia7C2W6KFlYvoAbK7UZzyJLPPT8/swV9+Ds8syvD27n6/+Mqep++TfG0zwpuwl5hGI OUDVXCOz357TLBdg1B2B62tH7ddOt+cuyZ6td//SdbjC4e3YXLwT65wHcU1BThdp9WpdQSZ4xsBl eU1HjMwdiR7iruKTAygqLpK/Ayj9pALnrrnFmBXoRc/l95Lrx/VvjuxDuh2jTPvZ2STsR1Z9gi36 rHeZGbnYamajOZgwzRkDJxo+Fm74k2FWDebZ9Ln33ezxTB5GLv08OAB9ny+WfYp/g47Gfow22VMv ByNlv0Pv/el0paoqZCakVzitbpkAx+cbMT67PwZ0Dq334i4Pesh+fmNd/vyoRWsSIAESaIoEWt0y BvLx0Xm9OHmD3uw2WlRiLT9SEY3kortI6dR0wpHNmysqvkFyO9mgN7Q+Q/hx++chzJ+yx+XvmaXo ZXR0wg8qVj6yZ+9D1rK7ZbBxB7rN/xDKC/fEShVPuY2QftM2HMBoZ4fyHLY+fRdmOF8WPNWI/F1r jMrvj3mjZZBIXuS2Vz6KB9JdS3ArC5drg77DMNpyI+bIaxOPIc5dX4bJI28OvhQmwsqv+VV3fO0o wwePe70kRViOv+BiLd+fXrQngeZHQB1Aa43JB1/EvNufkbr4N1i4awhe6GO1AT5wouSQgWDFH8YG +IiSgnGLfi8nwP/a6f7AkSrkdrXYDqPPaNxl0S9Ja3ub+PsL8J0+oOcSW/ed3ZD/zAdP+RxEoD9M vGk0SjeUY+yiwxhwg1tAnZyuXaI7knZnyeLvnSN5Sbqd+iuDcjbbV9AXXwKbUC6HNWTd4DkgqHup K1trDF5Oe3es0Ax0yQEYO/e6HKgHNyR2wxQ53XTExh14oIfrIIrOz92H1nKolTx1Xu9uroRjgmc7 UHdsP15b9Gs8lXdEcxXGj6lHfe/r8/0cFmTDEOkT5UifSNWq+lSNIaAsbxJmbP0bbNphI8YDK4N8 CP3Z4AVYJvp7XNfdhQJnvIEjz61G+dO3QVbZyuVA4crnXE5lCbH3gRwRTT8TB0wsxPuz73HJDfJv Yoo7P82+Nx2zxX1G9lB0ayP2VyYjNSUNHTPuwJx3diAtFEZB5Jkfx7r8mXWhmQRIgASaPoEUjFz0 HJ5SD++TPkH+x+Pw2L8H/tgW2TjHWn5kYmNuTiMTYgsKpXLdaHTMLQL6yKmmH/xHVF76KwueNWZi bXz0nqZJt9VdWC8DRx3UgaMXu2PTowruulxdnRHbqzHSr2PG7ejQwRVP/aQ/h/6V+JL6uiA96CiU wvTsJ2Q2wU7ni9Potw7gAefg6GlsVdNAvSb+FlkR7ui6Ao6vf9eVVKPHtXY5wXAVeox5UVMuC7f3 8Hw5i5rWfZfhq+0yq+XsR8iVvZ/eEEG7JmZg3T11eCCEvZYarFes5Tc4AgyABJo2gVa3TZSBk2ec s9Ve7LsUj12cY9lXcPzgHrCpcbYN7v1NfQg4ag2rcxcMo6fhqvDa2KpP3zP8d/p/KYbZypAx4gWU jPB6csWPPCzmT53pce/3xpgB6O1CTrqf/oRmOQXj+1sPcHr48mrT7pkwFdi4yHDy+JAsMevDdGL0 ZvT1NtkjcJDhXjWoA0U901uhqrIEWwrLPJ4Fuhn2C63ht3J0pZxQrtl/sFcGC6feJnlCBhq3LsfO cD7m/TAcC7wGGtU+RfYjz0m85U9m7OX/11zX4LB5Nv2j2b55MOLp54rgoKx2LkMo/8ppfRVbn0aH IQsN12WFm2FFfZIMsi6L4H7NsS5/RoRpIAESIIFmQiD1nlyZQf+c8+Pc47MKkRulsRJ/uGIt359e 4dhHYYggHPFN3K2tTXQj8MNRLM11fQmWvVx8voBGV3hkQ08f8QomyyDREgl2+PNrUNTzXyMroD6h RTv9RCf7RXVWheuFa/Cqr1Ey7Tw6dJH78x9hQLL6RT0XRy9G4ejqf70bkycAI1eJ+BdfQ8nce5D1 1V5M1zitGnO7ZmrOP7nI7JKKNKnl0ka/gIor7Ogw4mWJcAl6pb2Ar5VpQWZoNJxN/ksySKfWsrLR e96Z3ShJ7e0aPL15KXq0APkNJ8gQSKCpE7Dh/pfekYG6X0pEFmPm6v7o3UY9zKDcM2KOvxv37X/s nAJl3HsbEq9yzy0zDTt5OvOaMef50Pcu+YZbxdLV37CrzVZDrmHLsGPMz2QZrv9AHDLrLTk1Cz20 2d4+Lr+QpbjaoNVD68e56lEfR4Et1OWvOVikxUqWvXZU22ITMS9Ghcvcg3SDFxZi5SP9PGduXarB mkFXY2wIg2lVp0WOv7h5qJ2k3dlCm0ln9ivLl61ySqu7h8lBJs85Pwy9uPRDPNvnP3AinNn0kUg/ XU8Tbt0q0G/64Beh1ExA4cYt2PtJJapqT8NxQZ39eVoGMd1Ddi8NTUdOtYKeqYFCC+NZjMtfGJrS KQmQAAk0DQKXt8a4DRMxb6S8e+26H5sqhxgrvBolArGWH4FIcqAuAhCjFcSJbXnGqWGrHr/PskMW LdkRD/ey9pgpS4CWqEuA3hiLHurUopZ2JbeWk99cL1h1J49qLw81rpeZiJdEG/o/LDPIVglvWV60 Y99fUXdI31toFnIaYzZXzNNXZqioL4oa23TZL2r12pe1l6zpsldQf/zRe9lQhHU2D9Tiul4ys3SM zCxV02E6Zmy4D2tGWixZi6AOsZYfwagwKBJougR+MhwH5t6IO2Z9CXX5+RqLmKRl9BZb10BZ/q4K 6cx6LWk0+Snb/Y5x1ytDn5tlWNXLkJLW3vA3YXURcpf3M+59DDJgVVFxBmk3dkCyxUhRn7t7oP9A //r7hGdh8celYzTbYZhS35lTsvx1s7S15SfrkHxjpix7dQWpWE0YlNNly5ZpImW55tapFvG/3I4z IQzSqaHMloG+KT2sV1qY94rrk5Nu9O0Gb7CjZmUN7JeSkBSkT2C/ZEfKNX7S/rJOeHRRT7wxVZYC 71qE/af+HZ8t02bTP/No0Nn0kUg/jWR4P6f2YMBPe+Pnb8lsudzJyM718i75rnj5g+gxZZvzwfH/ /h8ZqHN9CPVyGfZtrMtf2ArTAwmQAAk0AQJtf5mL8TJQp772j16yEw+8MbhRtY61/IZG9v80NIDm 6t9mLM2UHp2fDpPbTRQoSKfxzSHq7B+5ZD+R0U1mYMXda7/abXRGw7UEyGmM+j/utGn89Es05Zek K6w7kYlJ7mVCXpgixqbVrcMxWQttdo+2uEPb63DQ66OMF5aICQsQkDstxJGJTQAvDXrk5u+d9jY8 nL/LtcG4SHj3VxnYdKpBooJ69k7/9BHPGmnyh1EzURLmbIOgAr0cxFq+lzq8JYEWQ8C77N0+pcA4 iMAKQqsbu8nsL9elLo/PK/2HlTOcL8tH5mPbtWc5uOPnP/ZwZ9S3sqzTqm3x9zzxhiyjbsLL2Zi7 668e4eo35w9vwoArrkbHrh1x56q/6NYw+3cu76/0Py2v9lgJNrwyDzPnFKDWatbdN9swRDuYos/L M7U91gxRfgzu2F5tWgKbKLMXM2/PRLtrdG823N59tOvGzCihBsd1J6dqdZP7VwaJCuc+ZMxKt4Tr du2cPXD/ij+ZbZzm819swqjuzxn2vTqblobK/nnJMviWlposv4H/0lLTYAvQnmaM/JUmQ2aQ/7S9 sdffqhF3GLLNhoimnylg736g6ZGPsa622jlU/dKD6dh0rM7nuXqYSveBw33tA9gY+R3e/QFPT7Eu f57a8I4ESIAEmgkB+XD0VJ7Wu3lzCLZH+b3Lh1qs5fsoFJ4FB+rMvGSKfeknpSgtLcXBw99oT/Lk tLAyVIid85n6XP07bHZjDiQy5vMf5RkbLi96tonMplO/spfuxVFtz5w/yMi5yqm0tEJbAuNaAhQZ QhahxDr9ZN8gNZ8Uf+Je0lReVuzMTx55x8uNRUwiYyWzGEe90tMrrCw8Pii6s7hqT5W7y4pHObGj dF+Z+5nkC8uXNC+NQ77V0t/NP09O65Oye7jKvQTrX3tj89aJRpDDc1/AXtGj2uK9zHAUqkHSX0/n as1P/u4PRb7EUx+QkzR5atvT2tNNmL7obZRWnglVQmB3sZYfWDs+JYHmTUCtf/6rDHrZf3Hb+65+ g16+ZXbXq1sf989A9nJdIjNu9WtCVis8teJDqZscUJeJOiT84leeRHKm282gt5bizmTdhwPVso/a zi35LovNi7GjtNJdt8m+d1Xm+lh9LksLq7X2GmpndvdzemCY3bctsqdL/XTsDGpra8Xvfqye0RfJ XYdr8/6ANjbTPnji/1FT3Tq6QyJm5Bej+qwMuIjs2rPVKNu9HlP6JyBFBiVHPT4L859dguMWA3XF eZM1PXIwe0wIM/Ocba+p7zFqi/Q9LOr1C3IAmLl/92W5q/5XGVx2PXrqY0CbR2CIFvfqYxUoLnjV OTjZf/Zug09VpdoPrECVGj8/17sTb0dCxlRs2FaMA3J67MoZcpJvupufur/xY9E6efwnvbA621ux Bf5n0zc4/SR/mfrJejkw+oHOvrO0hTIYV3XGD7Mr3PoOv9GGJVukPMmhGc5L8sn5yj3ITXfn/7R/ 8/oQamoDffvpedgh/QG1f6+306WHTW1vrMufO+o0kQAJkECzIpA+4nnoHyIHvvZho8ct1vIbFGGF l0bArhRkQ+11hv/XZ41ijyjHc4ocaazp8ZJSE9Gwww/MUbnWpUuftwPG03H4937ZrThUZwiWJUCG u0GvVxr2/gyhyY9e+oUmX1Eq8noY8Qo9Hw1TDgXJPKHKt+R35j1PnYYWBExDqzDCkn/piCKVsafM APd9Gin9zflPUc4p8gLjoWPHl8usou60CzX+gdLfM/yvlQVeTPIr3OXDW5GmIt9bb96TQEsi4L/8 Z5nq+K9NbTuUVZ95l3u7UrR4oEfd5K8t6ft8sUdd7q/91esef89lsMgjnNK8MSHJ7/JEgVJz0TuF Rf85vULyr8ar87Stvv2b2n2KHPngDKOzxDGUyy/7Tua4+e8j6IxqD74Ysu5GunQ29f+k/RvvVbcb 7rzt+y5TvgrS9ocS90Buqrc97RGfQW8F62/VP/385i/veKv3ZmbmCBzT+ppWfrztJhaafTrNfvOB t1/j3lw21SBiX/58IkULEiABEogRgYp8V38glHf1YCq63/2zlN3fBnMd+eexll/fGHFGnfSiXJcN 6fcN0G/C+r3XtMdIWB79OK4rW2ssU3jmgxEwPpj7cR8v1olJV/tRJQvtr3J/+TQvAXLY1U2CI3HF Pv1s19wafkS6ZiE1wPKV8AP08nHdQBRNd8+gWzWjf9AVO14hhHd7WWv09/mK7z+IAZ3T/D8M64kN GSPdX9o9veagnceX9xQ8vOFT9zIvcdynTcNLWXLbX3iKNd3d3zbVdNcaT5auNd0PQ8cI7LMTa/mm CNFIAi2OgN/6v+swJBt1fGs8uvb3Bht9oq1hIbVz98nvobZkGyZ71KPqaaXa1W8Ktstp1u/Pvsej Lk9MaW0s69edqr963ebv+cOyKb970aiccjr+LdRW7MZMD/nuELPHz8cekf/5S/eb4qU/F/1n7Ub1 xxsxPlO38/7NwfQVG3DopAOHF8gMM6/HZfkLnQfuqNYvTLjH66n1bXKqddt7rxxo4Y6b9BH6W/fx 7m3r0qLVbU+jqmiVJcfs8UtxqFpmLRYv9FCi34C2JhnuR/LxBbWf78HSSYM9wsvoNx7rZA9C5X05 aMitnNtjBE2p/R6HfBTSrmF4Nuhef/VPv8RrrzdmTOgS/f32HW7NrM40uzIju78f71lYvLkUdos9 FAO1gdaB5XgtH459+bPWk7YkQAIk0LQJ3P6b17S2sASvbPmi0SMTa/n1jXCCOsJXX8/0Fx0Clety ZMN5dePfKfjq4qJ6nXYWSc3qvsiHTV1uIMs07JE6WlmW8tTKkgZbcrJXR8lX86jI9xXj16Y5yHeo y0dk/xtbPV4MmkP8/SZuCA8Y/yiU/xC40wkJNFcCjgu1zuX4yVfKAJExiOcbW3W5a7UsE0xpmwb7 CVlMKPuSpVmd3uDrNSI2LvmyVLVNEuy1rsMLwmlDHLLctepsAtLa2Jz+k5JTkHxloEbIgbd/mSQn 5Ir6496H8kbfiMQj7EBkqW71mWrnlgU2ibB6aENI2H84itzLOzs3zZbZksg17y2sD0IFSO+w9QzF g8RFultQG/9Ae9pZBRV++lmFEp5d7SnJ58nCW91nUJipy67tDrsc1iuRuDLFuX9feCHW33Wsy1/9 NadPEiABEmg4gcp1DzoPwJMZdXh3gnvSR31D/vDJBHR/SXzHqH2Ptfz6cGvsLkN9dGxxftLvX4eS 60qR2OXOmA/SRQ2+dBqTw+nxR02RlhGwLeDLUctgwFiSAAmQQDwQsMkAXaDhKl1Hm5wU3k6bcpac bjp0QHcQ5V8P+eqgYpiXTQa4Olzj8uQclAzqX/axXXUU/5Zbi/S7rQ89CBpEJBzIR620Nu3QkPne Se5FBC6NYtXbVj/QmQ7XCAdP+OkXTujWbpPbmKgLM+ehGj7zLq39RtrWI//HoPxFOj4MjwRIgARi SeCeBV9jf3Ylkm/tERM1Yi2/PpGOVdehPrq2HD9yslVm79hk4pYDmTElARIgARIgARKIKwLJHdGj d1xpFJoyMvvr/LEqY9lu1cnjqE1Nhf2SzAa7lNSoM8FCU5iuSIAESIAESKARCdha447erRtRoJeo WMv3UieUW+5RFwoluiEBEiABEiABEiABEiABHwKyZHdkApI7DDQG6mb36YCUlBS0vrY1WqelYNKW v/r4ogUJkAAJkAAJkAAJ+CPAgTp/ZGhPAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAo1IgEtfGxF2 kxV18XuX6qdlCUcsLsonf5UA818sSh8Q6/IXm1hTKgmQAAmESED21ttgR79Vvuf4ugKQPXlDOo0i RHF0RgIkQAIkQALRJuA45ZTgsCdEWxLD90OAA3V+wNDaTSAx9RasX7seSquOIW2A7fYZGRPlkz/z X8stf5GpRRgKCZAACUSRgBzawMG4KPJl0CRAAiRAAo1KIK3bdHn/H4frOl3XqHIpzE0gQZHLfUsT CZAACZAACZAACZAACZAACZAACZAACZAACZBALAhwj7pYUKdMEiABEiABEiABEiABEiABEiABEiAB EiABTwIOB2pr/W0p4em0ud5xoK65pizjRQIkQAIkQAIkQAIkQAIkQAIkQAIkQAJNiEDluhw5PT2p RZ+azoG6JpRhqSoJkAAJkAAJkAAJkAAJkAAJkAAJkAAJNFsCtjbOqB0/23Jn1XGgrtnmbkaMBEiA BEiABEiABEiABEiABEiABEiABEigKRHgQF1TSi3qSgIkQAIkQAIkQAIkQAIkQAIkQAIkQAIk0GwJ cKCu2SYtI0YCJEACJEACJEACJEACJEACJEACJEACJNCUCHCgzie1TmNl/wQkJIT2t/jAP3xCaHYW F46iYPE8vLG7MjZRo3zyZ/5rseWvrnIPls5dir0VdTGpfyif/Jn/WP5Y/7D+jUUDxPaH7Q/bH7Y/ LbX9CavOvXQaC7L8jd1MQEltWKHFj2OFlyeBS0eUHECRFArpr8/rlZ7+m+FdRcEYjUWu8tXFxo8g 5ZO/qzwy/7W88mdXCoZrdfG4rY1f+SiUT/7Mf876l+WP9U+jE2D9y/qX9S/rX8kDbH8avfZVYt7/ VZSKfNf776BQxlocn1qO32RmuuqQPi+XxYBhw0VeLhUALzOByzph3cmjqKrWvh4KocpNz2Dkgl1O V9O2HMDwNjYx2+W/q9Ex8yaz7+ZpvqRHqwa1qrmxcw3lawlA/sx/LbD86dXPyTqo5z6ptW9MLson f8l4zH8xKX0Ayx/LH8sf658YVT+sf9j/Yv8zhv2fUMp9Yjes+/Ioymvq8KPaT5HZZ4LTV2mp/GQB uyaux/FHbkb7xh7DCEX3AG6amLoBYhLBR8ltOiLTdSKwM9SUL67TQs/FAwNvR8cWTC1mLylaClB+ BDN6PYIi/3pAi6CXls4/gigZFAmQAAmQAAmQAAmQAAmQQDMgkHxDR9wh8agr+0SLTQ5mTL8O8xes lvvF2PzxTEy548dNKqbcoy6E5HJcStBc1QDG7K4QPDZDJ+oXhVhelB9L+nB+0Y+lBkz/WNKPffrH NvaUTgIkQAIkQAIkQAIkQAIkEK8EClf+yqXa0Acwc86TGK8pOnXZzpi/x4bLjAN14RJrge5tl6tb 1KlXCmwxmE1I+eTP/NdSy59pDuFVSgyW/VC+q+zJv+TP/GdkhsYysPwZpFn+WP6MzNBYBpY/gzTL H8ufkRkay9DSy189OZ//CG/kufxOG9MdNtnSbOziXi6LzYux/0w9w42RtxgMu8QophQbAoEabF28 BPtlfz5bkruC+KYsX/Obh04jWmHGzxONsBx2BzJHz8aozEhMJaV88mf+a7Hlr7Ycy+asxmnpDtqS 9CrGgbKNmnnzCNw34wg66o+k7nEorTHy2SeRlaxbNuCX8smf+Y/lj/UP61+2P1pDyvaX/Q8tK7D/ xf5nNPvfDei6e3s9UbwJO5yWwzCsh2vrsttHyH51U/aIbQkWvfMZej5+s7e3+L1v+HkUzT8E/dQR YJhy1N6M41u5NvBJt5mZ1s/7vC1nw0TgonxrvvoJxORvzYf5r1mUv4r8/tbpq+V//eQmaU093A16 KzInb1M++XvnLfM9859nudPZsPyx/olA709O92P9o5cpq1/WP6x/rPIF61/Wv82h/vUXB338JaRT X52BnFNWaqe84pliU7CmE8QxRfnqoulRnBs5o05qPl4agesHYMui6dhfm+Axxfmbsvl4Y6e4UY9O 6TcL87L+V0681S4xdBidbbg//8k6jJxQANuN7hl5ulPfXzu+/8kYFLx0P5wTYiif/Jn/Wmz5Sx8w B0sndcA502xedVe8sgVLnV/HnNXP9Pnohu+NqsTx/dUY2d998nZZ3iTM2Po32K40nPg3XHDgZ4MX YNkE15c1yid/5j+WP9Y/5r4b61+2P2x/1dk57H/I6x/7X+x/Buh/++9sN+KTr7bjERmqUK9BHVJQ W1sL+yU7ki5Pws/+/QZg4zF50sQOlYjzgcS4UE8f0W32M+r80K4qGK3NYMlVjgYZha7Iy/GY7SIl Ish9jnIoyHQ8yid/Vz5i/muJ5a9guFaHDC3wU0Pp1vLFLDtYfeP1vM+aoLMRKZ/8nfUP859e0Pz8 svyx/vGqX4P1/1j/sv3xU5vo1mx/2f6y/ZU8EPf9D73ERvZXH38JdUZd6aKeQcYc3OUpyNBDZCPS gNB4mITUALwCEzCfeusIcuqt7cqrAwfm87R10AMqKN996jD5+2QgDwvmv+ZW/kzn/H6XEOS0Jtnb LpSZdOYcc5X4Md/7mCnfQEL+zH9GZrAysPyx/rHKFwHsWP+y/QmQPTzOmWf7w/YnYF5h+xPb9idg 4jTOwx+O4rWpe0OT1YQOleDS19CSlK40AoFfaoG2969FTa8VxlTTQOCc01GvTENyGLmQ8gMRJX/m v+Zd/gLnfmDwBjtqVtZI/ZMkU90Du1brn5Rr0gI7CvMp5ZM/8x/LH+sf1r9sfwI3nmx/2f9g/6t5 9T8Dl/joPz3/yXa8oYnJr6jDA+n/ApgnF8k7Qd2RfNi6jBFXTedQiSCvMtEH2xQk2C5XZ1JqVwsn ZppfohPx+U2+Jln2nAt+DGMobrwDp3xvIr735M/8F0rZCsWNd+6Kdfnz1sfn/nIbkmXwLXjtg5Dq KJ/wg1lQPvkz/7H8Basn5Hl96t+gwbL+Yf3D+of1T9CKgvUP699QeskhZKQ4clK8+hmXNn3WYJg6 SKdeXmM2iZ2HY3X2GIwtBHZNXI/jj9yM9l5uXB7j5984Vy82oGpPlaOqus4lXKZwVR7+RlPEjtJ9 Zai7Uhu4k05Ruy4dwpoRFpsYNUyqe6AyJSZxpXx9oJj8w5l92bBc7/bN/Bfb/GekxE8TgywTMlxG x0D55B+dnBVaqMx/zH+h5ZTouGL+Y/6LTs4KLVTmP+a/0HJKdFwx/8U2/wVK1drTcthLMebmaY52 1aLicClsKe3RoU0rw6fj7HFUnDwPW2YfoHCX2C/Gq7Kx7GO970C71ETDXbwZOFDnnSKyxvmBn3Z2 njLo/Qhi+0AP9fwf99Xn9Up8MMF96qD7SfMxtR38HDYs+jn+mTEsJiPPlE/+zH8ttfzZMGTBbizp 8hkyhmXHoFKlfPJn/mP5Y/3D+pftT+M3wGx/2f6y/W257W8oNY4Db3f/CUaUmd1OQlZX9T4Hh+zb keXcM8uBP/a+3ssd8NKYHngJv4Nd+XXcDkQmqAdRmKNHcw1W9r8aj8q0yFCuFfvP47E7fhyKU7oh ARIgARIgARIgARIgARIgARIgARIgARLwQ6By3YPoMHot5NRXvOtnUtTBVwfijse2+4bQdyW+3v4b tNampBXO6IP+8uHf++ryxFZ8/NJgDtR5g+E9CZAACZAACZAACZAACZAACZAACZAACZAACegEQhmo 090219//01wjxniRAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAmQQFMiwIG6ppRa1JUESIAESIAESIAE SIAESIAESIAESIAESKDZEuBAXbNNWkaMBEiABEiABEiABEiABEiABEiABEiABEigKRHgQF1TSi3q SgIkQAIkQAIkQAIkQAIkQAIkQAIkQAIk0GwJcKCu2SYtI0YCJEACJEACJEACJEACJEACJEACJEAC TYiA45RTWYc9oQkpHVlVExS5IhskQyMBEiABEiABEiABEiABEiABEiABEiABEiCB8AicL92LHUe+ wXWdctAzq1V4npuJaw7UNZOEZDRIgARIgARIgARIgARIgARIgARIgARIgASaNgEufW3a6dc42l9y oLa2FrjUOOIohQRIgARIgARIgARIgARIgARIgARIIAYEHOr7vyMGgjWRsZYfu5gbkjlQZ6CgwR+B usq3kJKSgoTJ7/tzQnsSIAESIAESIAESIAESIAESIAESIIEmTqByXY68/ydh0pa/xiQmsZYfk0h7 CeVAnReQuLhVZ7CdjeEItjeEK37ksqk4jzjSyltL3pMACZAACZBA/BO4UIvaC/GvJjUkARIgARIg ARJooQRsbZwRPx6rMYlYy4+DZOdAXRwkgqcKDrw9Mgkp18oI9nvfeD7iHQmQAAmQAAmQQNMl8PU2 JFyVgpSrhqOcX76abjpScxJoBAJ1p0pQtG0n9paeaARpFEECJEACJBBPBDhQF0+p4aXL8ntfw2nu C+dFhbckQAIkQAIk0DQJfLh0kKZ4StOMALUmARJoJAIObBjYDT0H5aBX1m9RwoH9RuJOMSRAAiQQ HwQ4UBckHRxnq1F6sAhFxUU48Ekpqk6phyo4UF1ZgYpj1UF81+exDdlTl2se5+KVIs6qqw9F+iEB EiCBWBKoPlbhai9iqQRlxxeBv+/GUy+5VOq0cCw62uJLvXjShuUHqD1VjgPS91T7n6WlFag+Wyf9 zxpUHJa65YyYA1yx5hdr+QHQNKlHSTfq6u5A+V/+R78J+kv+QRHRAQmQAAnEPQEO1PlLorPlWDmh C5KubY2sO3qiZ4+euPPfs9D+p3KowhVJaN2hIzre2BrbT/kLoP72rW4Zg6WZLv8vTt4AGRrkRQIk QALNn4AMZAxISEBCSH8DsOdsfCKp++J1tL6xo7QXD3AWRGMmUQPyT11ZftB8lzF8CtYXV9Y7RgfX LEKJ03cWlo+9zRRODVb2D57v8z7+h8lP8zW29PJz/vB25GYlIOWnnXCn9D3V/mdWVke0vtYm/c+r 0bGr1C1ps/yuuIg1v1jLj0XJOLP9maD1R0LWAIybsRL7j50PWUX7l7rTLHRs/y/6TcDflsg/IBA+ JAESaNYEGqP/FiuAHKizIv/VRiRc2wmP5h0xnvbP7o8s485tqD4X+hcut69gphSMXPScy9HhJ5Hf QjrnwajwOQmQQPMmUHf2OHaEHMUdqDodjfo3ZAUCONQO4EESOGkqAKYIP2pI/qk+sTuoNp9tWoIH enRAQvYLKA/3MIh/HsL8KXtcMp5Zil7XmMT9cBpFhaZ7P8ZNZdGYxe9HWEytW275OfHHJ5DcdSDe KNUTIAtq/9P3qsIZv1ujxJpfrOX70oq2Te2ZT4KLKN2B1QsexV03JmPsqs+Cu5fW476CQ9i7awf2 HliPjleG4MXppOXxD5UM3ZEACTQ/AlHvv8UQGQfqfODLYQ7TfmnYTnrrIGouKtixcwcOKQqqD29E jvE0eobUe3IxUwv+8VmFPG01eqgZMgmQQJwQSLzpVzj9eQn2HyhBycfq3x7MzHYrt8lpJ/YH9qPk 82rkdg1thoE7hMY3cVuhxmPekPzTdsAqlJdIftNms3eZVoDyinIc/7Jc8tt2vDb9XndE3p+OTldN COswiMqCZ41B6I2P3uMOSzVd1glvnDzqm+e7zsJePc9/XI7/HHuTp78WcNeiys8PRzF/yMtaqmZh 3YEqKMohZ/9TuWhHxdbnPVI8lI8AseYXa/kewKJ4k/7AZpRL27Vheh9Dypz3SrUyLW1W0XYsndTX eLbmVxnYFMKKnFbpWejRuz963J5er48+LYW/AZYGEiCBFkcg2v23WAK9PJbC41L2P49i3UaXZp2f L8ayMbd5qJnaeRg2f7Ictluf8LCP+M3lrTFuw0TMGymdtl33Y1PlEDyQHv8vpRHnwABJgARaFIG0 LplIM8X4C30WwdACDL1VG0UxPTeMjtPYufFD11YBDjsSO/cU961QvOZVvLr1T7KnUzWU1PYYOuJR TB7dPeBLj+NMObZs3ILNhQed/qC0RttbO6Dn3XcgpfZTrF9TiH5LCvFYj+sM8WZDounGVo9W1iFb LxQVFuHgviKUnKpDteiuXqm35GBc7qMSr1STBM0YwfhDPg1VFm/C+oIt2PHpCaeAtNR2yOg+DMOG dEeCfLDa9Ok/kHn/bzG0SytfXcTmxMHN2LBmnbj7q/N5QmkCrhvWA6MmjMLQ3hkB+VsGGKJlvfPP 5TZ0yOyJTjeIIJnN1C49Ex3StYGxGzog8/YcPDJJtsR4RGbbO/sIefgP2Wfu8LOefQRLNWUAZmmu NldU8vGANr6uktt0RKZmb+R5WT7dI1Ce9w1Gs3Gg4uAOycM7caDyjOEqLf1OZA+/DzlBX/oblv71 yr+GlkBDy4+af+sT/7rKPVi377+RpI2A2WWUI3PgSGSpxe3CaRRv3YD126RMHjvjrEv6D/4tpoy9 B8n1KOOm6BrG86V78IZ2N2dvMUbd/mPjGSR/pg+ejdJX/guZj+112ot6lldD+cUi/c6X7pW64hsn ew/uagwvHMeWgmI4bEmu+Er93krqwpxMNWF8r4bW374hhmBjS0YHabuSjuptQi6GZmego5E3MpHZ PQf9M59AhzGuwdgdRV9g2BitjjFEOHBwqwz6XUiQ+dj6ZYfS6k6MGpSuWwT8bXD6N7D9C6gcH5IA CZBApAlEs/8WaV3DDU/h5UHAcfj3ijB0/i36c53HM/fNOeXN4S43G790uK0jbbp0RBmv6YJxWyMd esjhOSrXupj0eVuxh+yLDkmABEigoQTsSoFW1yJI/eM4vNyou/U63O9vl2XK1xetdavIHxNSOH1e r/QIoLZ0rXJfdn9Flqkp/TMz3WFk5rjs9Gfqb8ZQZdNn1u1LbfGLbr96/e/1Kx+RPGSrN5GKv1K9 T5mc6Wrf/PLT9OnzcpmPHsq3nyoyKy1IHHKVPSej2HYaWoWef1xe3O4HeaWvEaTytbLASI8sZfe3 7if+TFVbJxo8VvlJd7dftw7B8rzbj9vk+HK3u99g6OmdHsLfX9+lgelf3/wbqfJT//jbldUZ3pyg DHqrUqkuzTfSz7tMPPHuGTf8Bpoq8nI0OTnKoe/8BHbhU2WoM11nKV+Z6rBI8YtN+tmVlV551Vy3 WNZtnddY9kfrW3/7oR22tVv+MOWoVYdZ709LfL3bEKcwx6eKbLNjkd8kT1iFp2kYqfR362+lg9vO UvewadEDCZBAPBPQ6wP//aHoah+efHffyb++4fffohvD4KHLtHpeHgSkEyRLW12NpLzMfRWgYfTw F6Wb0rwBRoO97WSUhAQJlgN1QQDxMQmQQJQIuBveoIMWMkA0b9JYGSRzv0y4XqqzlKcmDVYgA2bm l+yH1nsOtDkjcHaX6SVpmJL3Xqly/ORppbzkI+XN6fd6+PfuCFS+0t7juVmWlbmj1SCXKFH5Sg9T OFnK9BUblL1Fe5UNix4y2UPJr/Aa6It4/F0cs3NnKktWLFEmD+/qIV+NkzcDpcbUfjrb0Rxl8dqd SklJibL3vTxtgEFPn5yQBrkalrHCyD9OQW73PnEzKVK9e6rBYsUhr3QwuXMaL36tyDYWLvd9rAcX PL24dQia5z09Ksqxdwy9XHnOxX//gf3KzrWL3X0bTR+fD40e+b8e6S/61Df/RqT8NDD+1UWrlHG5 4+RviBdHPc9C6T/8Pg+Og9af8E6Fet87St0fG/rKYHw43c+I8Ith+lW8t0IZNzzb4O5R/mTweObw Icq4SeOM5xha4MvHI/+GV3/XO9G8POovloAM1JkGUnVnFaZB+yc2WwzySn2xYfrDyhBnPhynDDXa Mz8Df1rAEUn/OOCnc+IvCZBA7Ano9ZlHfdyIaoUn3913CqRvWP23RoyrP1EcqPMh87WyTO9Ua79P Pv+msvm9vfKyUe58abOH03vyCT9MC/PA4TPFYXqOjHMO1EWGI0MhARIIl4C74Q110KKqYLT7Za6v 58cWx7Ft7oE4i0ETx2Ft9rDU/fl/8dW19pPXjbB9ZhR8e1QGo3YoO6St2LJikuYuS3llw07NXn3m +tu8pUj5yt+MGQln/ar1yt6Pq3wUcJQGkK+5rn/8TazVtq/rAuVQteesN0fFNs9BCo9ZZ3Zla657 QKPv84WK7O/qddmVosUDDYYYZ/Gy7eWjYbemOAWZJyqIwQAAQABJREFUkemS43YfqKOnmF5oA7qT QGuLnzPiu2j/+RCi49Yh1DzvCvScIqfFG7I6T9vqy//iOWXLjHTDDdSZpYZGJrn1Sn8toPrm3waX n4bG3wChKObVDFo/EENXKkeN2ZN2paJou7JeyrFvHjeFE67RlK/0gda5qzYoO3ZJ//PzcuV0dY1i 9ylTbu4xrX8anH4SDxN3f+XKqN8synOD6u9w08qPe/3FEshRNn1coRyvKFdKDpQost+q8tqkvu6y JwN5Ic3GNdqzwAN1SgT4xwM/P1hpTQIkEAMCen3mrz6OtkrhyXf3YQLqa2pnA7qLduRCDJ8DdVag Tu72eBmxmg3Rb9pq5WiNlefI2x2Ye6PWuMsym0aSaY4FB+rMNGgmARJoPALuhjfUQQu9YVdflKzq y6K5P3fVpxYzMswvKnPelRl3Fi/Fjs83KuNl+eqK/RazIXQwx/QBv1zLWRW6s4C/9hql/OP9ztl0 e4v2y4uevKifPGTMSvPXwah3/A2d1cGeKX71NtoDGcDwGKysNc1GlAEg/02VaYaZvKwGWs4VkE9I D8PNP273/vg6xYYwoOBSzzx4tMA0KBZIebcOoeZ5Z2imJXXo8rsA/M8pr2W7B/SMpbgNTX/vKNUz /zqDMXQJo/w0NP5m/R2mbUckn4c7u80cVLjm6t0LTYM57nQy90Onv14ceICwPvy8FW3s9FPlm7j7 K39G/RZkoK5B9bc3izDuDf30AV5/v73fDylUd3hBBurModUz/SPW/pl1oZkESKDJEtDrH3/1cbQj Fp58d98poL4h99+iHbvQwje2OZVOAC+dQJte2H7xHIoL3sSrBeuxpbBMf2L8vv/CWLz/wqvYU30I Pa33szXcNtRwe67s3jGrtwRTgsVrP0Ovx29uaJD0TwIkQALNm0Cf0bgr2TeKaW1vE8u/AN8l+DxM THF7mH1vOmaLi4zsoejWRuyvTEZqSho6ZtyBOe/sQJp+yIVPKEDdJd2yBlDNYbS0dcf247VFv8ZT eUf0QOr3G2b8676zG3Ke+eAp0ybohrXTkHjTaJRuKMfYRYcx4AY3r7qTx6WF0q7DT2LJ4u/VPf1N G6LLM7m32b7CPN0dNqFcDsvIusG8/bnxsMkb6srW4ik5mEK9pr07Fq1dxoj86zh7HBUn69CuSwfn YQYnSg4Z4a74w1i4U8aw1gwpGLfo93i08NfO+wNHquT05JvQ0PTXpUQi/9an/DQ0/rr+zl9zeZ1Y iPdn3+Px2N9NWd4kzNj6N9gC1A2G3wsO/GzwAiyb4NmfS+01Fcq3A1CwZj3WFSzATi3/GP7EsOBX 3bHg1WX4umQSWpt11RzVh58efqzSzynfIi66XqH8NrT+jkT6eeiZPR7j2qjjrup1DqV5W9115O5+ 6DK9EJ8s6Bfxg3Xqm/4N5eeKJ/8lARIgARKIFIEGNouRUiMOw7k8Bd1HT3b+4ZIDtbU1qKk+gyp5 iVp232Nwnd9Wgl4zP4DyRt/oRuC6Xtj5JNBf1uTumjgPJRM2Iks7lSy6ghk6CZAACTRRAlfpL0hh 6P+TgajY+jT+f/beBL6K8t7//6Ric9KLknjpnwTxCig1hKXJQe+rbv1VNoUABRJaQaAVCO1VW0WW SgAXQCyriq2thKWyxVs2lSWWJfiqBXrVLBVIYgVCKyZ4RXK4cj0nEu/8nzlnZs6cfZtzJif5DK/D PPNs3+/zfpaZ+eaZ5+k9ZqmWqLpsB6q1K7djxo46cS/w3rHPHR6V65PdsPQa5ZFUNhQOyu6E+rpK v3808oisv4iw/PXvv6ml7vNvGZrbnyN3/HOoHO8VcvW3PDyenSNWZgvnaPE1mIaTzNQ4tgbthfu6 gPdiB3YVP6aoORvThqu7QRqhuQOlQ27CFNEwh7xah/1i50jH18IorBxN4pkFCLJLvMOmRsXFyy5n zPUvZ2Nk+9U0DM8Ra/kDSRll7REoyMtf7JS76wXsK/PyDnb59TgsEYY6nybUOQfjZz/r/MHhev5s FM+fde9vw9jpz7lyFMbw5W9OwPNjDWxXJtZfMExhh8U0fhtYf06FC3HyzRLPP3isAWziHWLlj+7C YmGAPfHcMJSMvoRf/Pu1YRcxrhFj4hdXzZg5CZAACRhDIKznN2NEGZELDXVeFC9Vbcei372F7iMW 4JFRN7pCxba/6Z2znL8eYvv1gS3DsaDDTa5ZAesq0fD7e/3+VdMr65guhz20EVg1WeSxHc/88UO8 4bOle0zZMzEJkAAJtC0CfmbMhVPA7NG/htQ0HWXbduLQe3WoFzd1x2XZmNQgXsLdJrvnC7KR3yiF mFEtDF4R3GXLVrmNdKOXluHlh+7znLnX0oQNo67DlHCMARGWP/3m20QZXX+Csn8VDqkgcQpXYe/k G+HQZhb6xnUIA0R6phUDs4MYlHyTtQqf81UHNUPdHbkBDDkfbsN4pZ5+umUqekbQDsIpZFovEUs0 xzTZJicfjs9dZ/F/z2t9TD9amOxIvcY9t09NbkT9G9p+nRpH0H9iLL8HIP2FCkjv59dtCW8mnT7t NSKN7rq6dDl+c/i/MWbOYuSrs0wt4vkzUzx/il/vPLEI4cA8DLj5R872d/C9WiCooS4CfkIPU+tP xyGY02G7GCwY0Y/fsdeft2LO8c+r36fffCfmr38Bi/Mec0bfU90YR0NdZPUvKxQ9P+/S85oESIAE Wh+BsJ7fWpHaXreQVqSZSao0VvwBK0vEy0rJJQy8ss3zr2GqTlf1xPDlg7F49kHhcwTnxcuIv88P 1OiGnG8ah9JxkzF+G/DmT9ahZsIy/7oZIoyZkAAJkEA7JHDuIEbcMATfEbOUVhXNwrAiLwbCUHb4 hZ9g4OzdzoAz//2VMNQFMzSVoOb8GuR088rH32VLA6pXKQHic7tdc+7zjdXBjvPhGOl8U4b0ycjq qcWZvr4cRS/4ka/GEBxqa88jq5f47FJvaVDCh949EMNHen7SpyZN/nMDNgxZphSjEAN6+q//11fK f1iTj0LMNnrmpStjj/+zcuXlMVyG1k37azExOzD/6gN/1NIOzs1yumOu/7i03/D7T6zl14DE4Bi9 1Y6ml5tgb0lDWoina3uLHRniD8DuQ8zo2jQH60T/XvePW2H/0489jHhavJsG44E8sRCKPCOr8qz8 Nbn/eM4E4fODyfXnVFc8SzepBfUzrsjfzlft26PG8D3HOH7HVn++6vgtgm+0OPpEUP+yFjHyi2NB mDUJkAAJGEAgvOc3AwQZlsU3DMuprWRk+VelJNuxVsxc83804PBW2Ugnjn4j0DMhd2MLxhS/4pKJ 5SjZ96ni5okESIAE2ioB3eAqPuXUXQUssKWD8slrgPjBwpttjU5Tx/M/ycb2U82+MuQlEUaO8/X3 9rki1mdTjpp//o/qdJ8vN6Dq8A5s3VSGBnXGTkoTzqgxzrk/TVS9IIxjZYt+imLVIwCMYOWTkwYK T73Zillq3i8Ow6L9/1CvPM6Xjm/HiKuvQ07/HNy55u9amD79/kdzsbku8LQ826lKbH1pMeYvLIVN vJzH79BBCtAePGXr4uucWhxbDV7+0fVaHYx6ZTGs/tYj+3Q3xpS4Ug19cT5y/OWlZert0EUOqLMu jpK8U68ByFfcMv+SKj/tToRfqt6EvF+oxo583PEd12d3+vpDFPUPg9qvswhR9J9Yy6+g8zkF/rTZ J6qYPev6+iIrM118gRH8lyVmyFm8jXlqW9p/P7YH6j+fv48twkgnH/cOyvM/JkbBz+z6cxYoNQN3 CCOkfLy5tRzeo+AlseZjsNnEMY/fsdaf0FsbXxF4NtvRg4ecZZT/u6t7uub25wgnP5900dS/yCRm fj6K0IMESIAEEkVA91ykc2rSw31+0xK0Ekd4e060n1jqDiOieuS3PWnhziqP3bXsYgv0305378QV dGcRw7FdlF4WXz64dAt3B7nYldB2+fOzy1bsuTMHEiABEnATaPigUuxwqvwqD0rPqjtU9l8gHarU hX3Q6E7kdNmlhtoK6bfj1DHSKu2prJUa1O1Hr9ilMyLvrcVDlTFUhL8rwr9wZ6ONdcr4v3xHlQi3 uyKIHWBttQekabpd/HZ7q6Bmpdv+XcyokrZXNkpNTQ1iF9eD0rriBxX5Lj2XVjQrqdw7Vslj/Oi5 pVLlR41Sw0c1UvnWl3x2Iu8nh39QI535zKGlj7X8jQee9tDtPkWHpqYmwe4vQneVnUt3j11fhRb1 ux71SF+8sVxqkPUT7Js+a5Cq9m+WZqn16eRoNXzX16jbj9CxRrS3+Yp+Mt+aj85IZ8TPWW8LPetN 7PAkfeJnV2C5MrSdhcXOw39R259SS4FOTR+fdLV7fZsXjOQ2rPUHP/1C/wzi/fzy+IuHRfu3S3a7 +DV9IpWvnuFRP6NeFTsb647Y6j/W9qtTJKr+I0mxlV+MD+r4cmyTu7+JHYwrtTGpxtmPzzSqfU6n c8xOT37OcePdRsmua2ONHxz0GH+0HXu9ZUfFz1N+5OOPTomo5LvS7ypSx29I/R5bL1V83CA1NZ6R ykse82i7KFjv7J+ieWuHYeO3lmMEDnmXXI/7C6Rl+6ukSrlNOdvVEWnHxpekAu0ZXi6nGB8+08kQ eXj09UD5qeOAzz1QyStK/qby02GgkwRIoHUQUO+p+ueMRGoWtnwDn98SWb5wZCGcSO0pTm1JvufD gPJSljtsuDTc4wYr32SLpJO6h4REcLId+7Wm38JDlxIhUtJu3jTUJYQ3hZBAeyXgqPu9Nr6pfywJ dta/qDqO+0+b82K1E2egcOjHtVMbw5f/aFnQaiovviWMvIqkCp0hRz++Byu3R1jfDZJ8GwpUvojK L/KpKpkcht7yS3Spxx+xXDDsUvnCwWGll8vQd+4uSVf8oDzDCYyl/dRuGh623rhviXRSZ+D10M32 jmRVnhv6PnPYIyjgRcsJt2FISetRx0H8PI2lgv/ykWGV416hm7/Hl1jqP5b2680mmv4jiRJFW/5A /cdvPSh9zlvn2K6FoczDiO02WA0Xz59qm9L0KSj1W3+qDtHwM7/+xDhW9UJY7VfloI5vznIbOH6r HMM915YMjEhvWf81/+X5DB95HoH/0BFN/Usm8guXM+ORAAkkjkDYhrI4qRSufMOe3+JUjliypaHO i57t2FNh3WwfXLpL+sTfU65XfsZffiItUR/a9S+YxgvScqShTkNBBwmQQDwJXHhHKlDHt5DnQs/Z COfe9H2ZFXk8tuOsS+MA4Q++4jLkyZG0sU6kk/84o74Mep6tkjzTLvTwf1Hat8xzBpOaz5gZz0rb j9b6zaO+fI3fcgybtlKqEDN5Gg8v9dDrvicOBy1fJOV3ZeSaOajOLFN1Vs/Dpj0rHRQzBIMdje9u k6b5/GFLNTzkS8Wrt4qZMnGYlRRD+3EcD2GkzcuXphSvdNZbsLJXvTRCq5+AMy59MrgordNmgqqc wjuvPuL5si9nbavc7TNzUa0/3DdbzNILXn/yzNFo6z/q9uuHSTT9J+rynz8QtrFUNnLG4zi6qJfW dmANVP+tdPzxARLd+Cdn03hUN6NRuw/kSyVizKza9YSbkQhb+KfzmmRjx28t27Ac9bt+5aGX1t80 /V31Kd9XHl+2VTqpn0mnSPCe0RooD7f/Aumkbsalp6KR8zeTn6fuvCIBEmgNBMI1lMVL13DlG/X8 Fq9yxJJvipxYDPo8VAJiQd3D295Gw7/koGBUrthLvQH19Z+iyWGX17FFWnoGevT2v4C2mkW8z+f3 PIqskauFmNk4fWWZ4bvJeevf/OEmWLLFwthDXwu8wLF3Il6TAAmQQBISsJ1rBNLFLovyelFi/TSb zQa7c/wXN4COGZDXn4rokPO4LFZbktdik9dA6igWz/Bem8o7wxYHGs83wiZEWsSuj/Ki8/42bfBO ZvS1Q9z/Gs+nIKNbGuw21+L3Qp2wD8eFRtRfSEFWN4szvXz/dJY/7BySLaIDr/0ozbnpE6a+BWnt vaYWwFV/zcjongX7WdGuxbpoWRE0pKjr38j2G03/UajHWv6EV955sXbjgTp0yh6I/NsyYTtfj/qP xfgjNp6Ql7LMyOiJ3jdn+q5tF0zRaPi1kvqziTFQPHmLjTnEuNE5vIHH8PE7GNtkCIuw/skvGSqV OpJAYgjUbf4Jek/aCPHpK96YfktihOqkmC1fp4ppThrqTEMfi2AHao8dgSPjVuRld4olo7DS0lAX FiZGIgESIAESaO8ExILF5e/ZkH33Heganm2hvRNj+UmABEiABEiABFoZAbMNZWbLbw3VEerv+q1B R+rgQ8CC3rcP8vGlBwmQAAmQAAmQgIkE0nMwcIiJ8imaBEiABEiABEiABEgg6Ql8I+lLwAKQAAmQ AAmQAAmQAAmQAAmQAAmQAAmQAAmQQBsgQENdG6hEFoEESIAESIAESIAESIAESIAESIAESIAESCD5 CdBQl/x1GP8SXPnSJaNBXtaXBwmQAAmQAAmQAAmQAAmQAAmQAAmQQJsk4DjnLJbDnmJO8cyWb06p PaRyjToPHLzwRyA181Zs2bgFUqcccG1sf4ToRwIkQAIkQAIkQAIkQAIkQAIkQALJTyBrQLF4/5+K Ln26mFIYs+WbUmgvodz11QsIL0mABEiABEiABEiABEiABEiABEiABEiABEjADAL89NUM6pRJAiRA AiRAAiRAAiRAAiRAAiRAAiRAAiTgScDhgM3m8PRrZ1c01LWzCmdxSYAESIAESIAESIAESIAESIAE SIAESKA1EqjbnI+MjDTM2PmP1qheQnSioS4hmCmEBEiABEiABEiABEiABEiABEiABEiABEggKAFL N2fwmQsGzqq7bIPtclCprSqQhrpWVR1UhgRIgARIgARIgARIgARIgARIgARIgARIwBACn+xGyjUZ yLhmHGoMtP0ZoluATGioCwCG3iRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAslL4O2VoxTlM5KmEDTU JU1VUVESIAESIAESIAESIAESIAESIAESIAESIIGwCHx+ADOfd8Xss3QKcixhpTI9Eg11+ir4ZBtS UlJC/AZg+LjZWLu7GrYWfeI27L58EqXLF2PtgTpzCkn55M/21277X3PdQaxctBKHaptNGX8on/zZ /tj/OP5w/DXjBsT7D+8/vP/w/tNe7z9GjrnHNixDpTNDK16Y8j0js45vXhIPjYDj+O8lQTuCX760 5yOHlr6tOmpLJytMiqTTVxJfSsonf1e/ZPtrf/3PLpWOU8bkqbsSP/hIlE/+bH/O8Zf9j+NPwglw /OX4y/GX469oA7z/JHz0lUx//pWk2k2u999Rr9TFVv7L70v5qn3nicOx5ZXg1JxRJ0ZA9UjN/glq KitR+e5BzB+m+hZiz7uyn8t/y5pFsKpB2IsRvRYkzYKEmtqROrSZg03mzCKkfKXGyN+UWaxsf+a2 P3W8+rgZpq79Svnkr7ZFM85sf2x/ZrQ7VSbbH9uf2hbMOLP9sf2Z0e5UmWx/5rY/tR6iPNeVPiUs Nq5j28M/iDIXc5J1MEdsK5XawYLeeXlO5T7sqOhYUID821x+sk/ebYMw4cEpWD/hekzdJvssx6Ga xcixflO+aPOH2Z90U765TYz8yd9cApROAiRAAiRAAiRAAiRAAiRAAiEIfH0SK4sUM11BKUZ0CxG/ lQVzRp3fCtHN2/gixdeK3KErHnjy91rKgyfqNXdbd+jImFJUyjcFuyaU/DUUpjjaO39ToFMoCZAA CZAACZAACZAACZBAUhE4u7sEaxWN1zw5FmZPOIkUHg11kRLzE99h9tuzH52M9LJ0kJeok48MWEyY g0n55M/21177n+6Weo1kwg2W8l19T/xP/mx/WmNIlIP9TyPN/sf+pzWGRDnY/zTS7H/sf1pjSJSj vfc/Azi3NGDdmBddGQ3dgEn9k+/rRxPMLgaAT2QWYnD2d9T+dY/mPTg3S3Mnt6MJu5avwJHGZljS 3APEp9WblGKVoM/4Tpj3nVStmA67A3mTnsQDeddqftE7KJ/82f7abf+z1WDVwvVoEI+DljR1FHGg 2rnEgLjeMR5j551Ajhokxh6H1BUTnnoc1nTVM4Yz5ZM/2x/7H8cfjr+8/yg3Ut5/+fyhNAU+f/H5 M57P3zE8ugdLeukvJVisRFj2VPLNpnOqnuDNK5JEnG6nqaEbpCZ5p1Pnzy41fVwhbV04SrbeKb8i 6aQ9SYoVSs26jbpyqeXTnfPy/IcPfU3sDWPAQfn++aptjfz982H7axP9r3bTcP/1q7R/sXyo3/BR r8a4G5QydFE++bvv675tje3Pl4nMi/2P448BT39idz+OPxx//I8xMheOv/7ZcPzl+NsWxt9AZYht 19eL0krtvWGJ9EkgIa3cnzPqxB0g6LH/QWRc/WDAKHPfmIcc9+SzgPGSIuCmEdi5rBhHbCkeU5w/ rX4Wa/eJElRVAfctwGLr/8GuFkg4ek8apsW/9N5mTJheCkuvcKDY8eX1k1H6/P1wToihfPJn+2u3 /S97xEKsnNEbF3WzeSFWCK1estK5W5Nz+Cl+FgPwpTr6wPHldZgw/BbturpkBubt+ics6mZAWogf x2UHbhy9BKumf9cZSPnkz/bH/sfxR//sxvGX9x/ef+Vl6Pn8IV7/+PzF588gz99+nrJN9Wqu3oiZ wmwhH3PfmIKuLmfy/d/KDYkmqaebUafOZvI4W6XHl22VTn5mknoJFltfOkmZySJmD8ozC4MctSX5 fme9iJ4RwD9fqggxHY/yyd/Vftj+2mP/Kx2njB0FpUFGHjlIjNvDAo0zAfzFjOkQw49E+eTvHH/Y /tj/ghLg+MPxN8B9JtDzL+8/vP8GHVMkPn/w+c/17tzqnz9CNOQog6OfUae/H8+WToewXUSpXkKS cUZdSNvqApz+ohhdW8R6SHLcDhakd9T/xTFkBkkfwdGSopShCY4WmUHgIlk6Xhc40G9I15AbVFA+ +buaDttf++t/up16lB24A4++Ym27cGbS6ceha0Qa/bWPm/I1JOTvfAYI3F7Y/tj/tN4SnoPjD8ff oC2F9x8ND+8/vP+IxsD7r9YjvBxmP394qWP25YfbML7MpcRPt0xFzyB2C7NVDSU/iVUPVTSDwgty 0FUY5lz/DMozibMJPEi6CtX9/o1oGrwa9hY70jpoK/L6LbEzTscspEfQCinfL0rNk/zZ/tpy/9Ma egDH6K12NL3cJMafNDH+BIikeMvjT0ZnYzcConzyZ/tj/+P4w/GX9x/ef4MR4PMHn7/a2vNnsPae 6LDXV05WRBZi9lj38jiJ1sMIeSFeZYwQkYx5eJqDPK+SsTzG6az7+17ATNM7p4s150JvwxhOHG8h lO9NxPea/Nn+wulb4cTxbl1m9z9vfXyu5RnPwvgWevRBWGOUT/6hPCif/Nn+2P9CjRMiPJrxN2S2 HH84/nD84fgTcqDg+MPxN5yn5DAaUmuM8ulujClxKTb0xflJv48ADXX6RiY+b62tqoWjw0WcuawE fFSDcrGKaIb8yac4MnvnISvSz6tcSZP2f0sH+RN5+ciIaPabK03s/1M++btaEdtfJLNPY+95rhzM 7n9aOW5IDfLZgxYrfg7KJ//4ta7QObP9sf2FbiXxi8H2x/YXv9YVOme2P7a/0K0kfjHY/sxtfxHU 7OGSWUrsfDw52bVZXATJW13Uq54WR6vTyiSFmmvWIcs6Eq+8shHlpxQlPv0zNr7yCl4pcf1WVvTG E5P6BlumzSTt4yc2/ebv4pZO38Z9s6diUK/O8RMUIGfKJ3+2v/ba/zqgV95dSP/2dzFn2gPo+e1E /22J8smf7Y/9j+MPx1/ef3j/5fNHgNe0OHnz+at9P38BFz54Hb/d9TfcMvIRjB8Qhv3h0l9QeO8K NIoW2feZNXju3u5xapuJyzZF3rIiceJauaRPdmNAt1GoDKLmD1+pxuvTk99CG6SIDCIBEiABEiAB EiABEiABEiABEiABEiCBhBOo2/wT9J60EaNeqcMb00OvNVf9m5HI+8Uep567GyWMyEy4yoYLTPSf BwwvgKEZXj8SFbRbGoqUmZEACZAACZAACZAACZAACZAACZAACZCA8QQcqPuzy0iHqW+1CSOdzIiG OuNbCnMkARIgARIgARIgARIgARIgARIgARIgARKIKwEL7l9zEv9fkQ3Zd98RV0mJzJyGukTSpiwS IAESIAESIAESIAESIAESIAESIAESIAFjCKTnYOAQY7JqLbl8o7UoQj1IgARIgARIgARIgARIgARI gARIgARIgARIoD0ToKGuPdc+y04CJEACJEACJEACJEACJEACJEACJEACJNBqCNBQ12qqgoqQAAmQ AAmQAAmQAAmQAAmQAAmQAAmQQDsm4DjnLLzDntJuIaRI4mi3pWfBSYAESIAESIAESIAESIAESIAE SIAESIAEWgWBS1WHsPfEp+jSJx+DrJ1ahU6JVoKGukQTpzwSIAESIAESIAESIAESIAESIAESIAES IAES8EOAn776gUIvLwItDthsNqDFy5+XJEACJEACJEACJEACJEACJEACJEACbYeAQ37/d7Sd8iRh SWioS8JKS7TKzXWvIiMjAymz3kq0aMojARIgARIgARIgARIgARIgARIgARJIEIG6zfni/T8NM3b+ I0ESKcabAA113kR47Uvg6m+5/GovgXZ1Xzz0IQESIAESIAESIAESIAESIAESIIE2QcDSzVmMMxf4 9m9WfXYwSzDlkgAJkAAJkAAJBCfQfK4SR6rOQ+qWg0F53YNHjkOo2fJjLVKy68/yx0qA6UmABEiA BEiABEgg+QjQUJd8dUaNSYAESIAE2gUBB7aOHIAp1XJh81Fh3wOrJZEFT7z85rqD2HxAfGbhVU5L 9zvxwJDsCAufeP0jVDDO0dt7+eOMl9mTAAmQAAmQAAmQQJwI0FAXJ7DMlgRIgARIgARiJZDWS+Tg NNTtRc3fv4K1/zfDyrLxVC0cliz06JYeVvxAkaKVHyi/4P7CsDR+CKY5y+sVs+8GFBzP9rbfeUXy vUys/r7yo/VJzvqLtrRM503AqPr3zjdpr1sacPRwHTJvH4ieHZOgFJcbUH7sLLLvvgNdvf7okATa U0USIAESIIFWQIBr1LWCSqAKJEACJEACrYDA5wcwIiUFKWH9RuDghfjrbP9IlWFFTs/wjHTNH76C rr1y0POGiaiMcWmRaOSrGkd+tmDYqjWYOm4sphZNdf6G5ym5dE2LPDuRIrH6R6WiT6LkrT+foiTE 4/zBZwL02SdxRt2t3laBwgD9uvjNTxOiZ7hCjKz/cGW26nhfn8SCq6/HnUMH4ei5rwKrGuX4HY/2 03x2GwYNvRPXp+naYGDNGUICJEAC7ZtAlON3W4fGGXVtvYZZPhIgARIggbAINF84g71hxZQj7UV9 g3hp7Bye8SzsbD0iWjC2tAI3fnwe6NgTOWHPJFE2AEJaxDPQPMSL1NHJ98wlkqvMe4qwVvzU4+xr X6HH+E3qZYTnxOsfoYIBoidv/QUoUFy9bWf/HCD/SthkQ538pPt5DXYEiPXG2UtYgi4BQs3wNqr+ zdDdeJm75vTFYme2+eiRGXi8jXb8jkf7Sb1hgFisQL5LLMJNP7fCvnZ0jGOx8VyZIwmQAAm0FgLR jt+tRf946UFDXbzIMl8SIAESIIGkIpB6y8/Q8MG/o/4ykOa8O17EzqcGY3GZqxjb361ET9nZYnca zvL6BX5pNKrgnbKtGBjp0mw64TFOqEOs8nWqROV0tKRElU5NZLb+qh7RnpO9/qItdyTpsifuQO1N e/DAwEmodCa04lDlWmSk9USe+tnhTZNE3+6L88Jwd+w5Kx7eJke0oqR8HQrv/k4k4hIaN9b6T6iy cRB26a9LMXaVK+M+S+fjziBf8kc7fsel/XS6C/MW9cLeBWJK9LoxeGnKJcy+49o4EGKWJEACJJD8 BKIdv5O/5MFLQENdcD4MJQESIAESaEcEsvrlIUtX3g/VWWwFpSi4Tf0OUxdBdToasG/b27DJ1w47 UvsOEvE74fCG3+A3u/6K+vONkDJ7omD8w5g16Z4gsyscOLZrB2oup4j5cOphh9RJbKYwKjyLXaqa TJwtEd/lY5fvuFCD8rJyHHunHJXnmtEoyi4fmbfmi89ZHxZcMp3X8fkvNv3lXWJ3iLWwQh2dsu9A /m3d/UaLtfxm159owKg9thc7t+3D0Toxm1M5srLvxDDxWXL+7X7WCjSs/avSIjhb0pF9z0QsKJqE MSVyugHIFP04x6vtu/p2E44JQ7zzmLoA0+7JVS48T2eP7cDWDZux/X2xsYk4UqpS0KVwIB6Y/gAK huQG6b9ybAfqDm/HltKd2Pv+WdkDWZk9kHtPIQrH3IOU49tEvv+DvPsfQUG/Ts5w/X+x1b+cUxT1 J1I5N3J557+Rphg37cJKmDdyAqxydxVrrh3etRVbdos+fUrsQi3GsuGjH8HsKT9AuhdnEdugownr HnpCycuKFyd/L2S+UY3fcWg/sqK3F60EFoxy6jzn5+tQ9MEMBLEzhiwbI5AACZBAWyYQ1fjdloHI ZZN4kEAIAo66jZLcVDD0NckeIi6DSYAESKDtELBLpePE2BfG+Oc4/oIrnhw31K/fKumTKwEoOd6X rH7T50sVQQZgW9VGaeyw4dJw+ZeX59YhL9/lp4bJ59wCafvfmv0rEKV8NTPb4V+7ZfstB6S+zxxW o4c8126a7Mov3PtPTPqL+h4WRv0p5drd6Kt+tOVvLfXn+OiANC1AvbnbdZF08COHR+ENa/8euUZ2 YXvP3Qcf23Heb2LteUaUcdl/XfKN89n70vy8UG1AlP9jz/JrGTW+I80Kmd6V/9AXq7VkRtV/tPUn iae79bm+5R71ap3UWLUpYJ9+7A3/nLWCxeBwHFeePeX2WFAaxfNn+OO3rKYh7cejvDr5ogxrAo25 Hml4QQIkQAKtg4D6/DXqlToTFNKNn+E+/5mgZbxF0lAXb8JtIH/twbYdd5Q2UI0sAgmQQMQEInhQ EC/4i2dMEUYy75ddqzRzxmgJwmDmNnRA+umWAA8+Vz6RthY/KI0pmiqJDRWkAi2/QulkEENd3Us9 PfLXy/LnztEZCTywRClfzaPupYE6PaxS8eqt0qHyQ9LWZT/V+UPaVBvAUKhmpJzVB8Ww/1AUk/66 +hbGTJm/+ps5Y55UoBqwrK469meoi7b8raL+Tv3Ro46AfGn5xn3SkaNHpH0bl0tizS2P8G16Y51R 7d+r/iO6bDktzVJ17Pc7qclP4vJF31HKMFs67W0sb3rfq4yu8ldWVkqH3ixx179TRr504DMvARf2 +xjZhxXNl1asXiHNGtffg53cJ/UvP4bUfyz1J4rSWL5Gae9jfHRVx5Dh48Z6MBq15awXBOMu3XUF KTqDoK4/h/P8Gmv78VP0xgNz3CwffdtPDHqRAAmQQOskoD5/6e9VidM0wvE7cYolVBINdQnFnZzC aKhLznqj1iRAArESiPxBob50kvvF7N5V0mmdcc1xarf7RX7ohrBmiLjzC26okz47KYwJe6W9bx6S dq6eoehglV7auk/xl8Ncvx07y6XTX4THJmz5anZCjy1rtkiH3q1XfbSzo+oVjc3QMP9Cqz4ohm2o 06S5HJHp765vnwfTlhPSs5rRNMiswGjLb3r9XZRW6ss3d5fU5G3IunJR2jkvW6tDyDNDA/IWRj0D 2r9X9iEvq0pGaPpt+rtXdFGH6mxB/Ww2Vyy7tKvIbYi895ky3/KLHlu+fKSWP6bqZ3m5247TqNV/ iVTR6DnrzlG729PIpe8DMde/MfXnZKHjpBroUPCydFIzTNql2vI90hYxjvi0ES/kUV966GD1NYqG lbGuTsIx1Ik8o28/ARTyMN6GGMMDZEFvEiABEjCDgPr85fM8lBBlIh+/E6JWgoXEbWUJcXPnQQIk QAIkQALtioB784N8HHhtBnqqi9kLCqk3jcCKRd/BwAV/B67RBQQh5M4vSCQ5qHMOBo7McUU6/Qnw S9k5AAPHDfNZq8sVKbz/w5avZif0mFAk9HDYUPveUTReFgtdiRW9MjpmIDPrVohZac7dN8MrvZpp 9OeI9VfWL7urr26lwssnMfuavlihqNF3bhnee/IH/pWKtvxm19+HezCzSilSv9/hnSWjfdfT6pCB MYuP4reV1+FheYOV449j7wcPo6i/e1MVN29j2r9/yIF9c0c+KgL3OCMs3fpXTHzKva7ZpXe2Y62S tGjsdz0zufQOFjnXtxPe/VbhtSfv8y2/aMf3zPo95s/e7dqFdJ1YS/I398MqN+bT2zDeuUGFnO1s nKyY69PvUrNHYEfdRliyJ8uRxEpyuiPW+jeo/pwayTvl6o57nzmM10V7d/dZi1gTMB/ZujiGOx0O uFa2FDnfOw23djZcgt8Mo24/fnMTnv96Kx4QS5tWKn3L4cU2UDL6kwAJkAAJkAANdWwDJEACJEAC JGA0gaGTcJeflcOzusuGA2Go+yK23UyDqdusvQw2iR1qRcwE3umbTx3Bb5f9HDNLTgRTsZWGWXD/ zib8vwti8f9uyg6N3kY6YbQ4LowWgQ4jym9G/Z2trNCKtPoPU/wYqdTgDExd9nthqPu50+PoiXph qLtFDXSfzWr/Xe6CWFfSaTQ78fR61Pzqe8hxWpgcKHv5aZd+QzdgRDe3qrKr+eMzyo6x4kIYIFcs /9JpSXNv6CL8hWXNYjntMtLJibAdNWKzFOvNqWj+QuwErRxP/Gmmj5FODUu9ZRKqttZgyrLjGHGz nwFCRIym/g2tP/148WgZ3grS3tVyGX1urn8fe9VMhZHfbSRUPeN0jrL9BNYmDV1vFqFOQ912VJz5 CladYTtwOoaQAAmQAAm0dwL623F7Z8HykwAJkAAJkIAxBK6Rv5BrZ8cnu2Hp5drlUC157rACDMru hPq6Suwsq1a9W+9Z7ACZpRpxvIx08syioEaLJC6/42th1FWOphZ5rpd7lpzqr53FbEn1uKjMQFSv tbNp7d+CYQ89DWwTP5Rg058X4bmhXYDP38FyZcbbYw8P8zX8XP0tTXXZ8eyc+R7XAS9aXAb3+vff 1KL0+bcMze3PkTv+OVSO9xcSvZ/h9aeoMsraI3qlYknpVR+xZBVZ2ijbT2RCGJsESIAESIAEQhKg oS4kIkYgARIgARIggQgJxHHGXPiaCINBAu/yZavcRrrRS8vw8kP3IaujTtuWJmwYdR2myJ9NtvbD 20i3VBjp5vwgqNbGlz+B9ef4XCtbz2uDz19KvaarFtfj803NVzhMbP+d7i7ENDzt/Mz11yvfxlND f4yzZS8oM+YKMWmgMNwFOwpXYe/kGxHsM0WH+DQzPdOKgdkug2b6zbeJHF1zwOxfBcs8krAI6t/o +lPVDFjBaoT4n4d+v7evYTWOYmNuPx66ic+Evz9IGI4PefjyggRIgARIgARCEfhGqAgMJwESIAES IAESSEYCJag5nyC9WxpQvUqRJT6X2zXHy0gnB3Ww43wSGul++OIxt5FOlHP99PuQd99zqGnRsY1L +RNXf1m5Q7TCbNpfq7n9OaoP/FHzHpyrW8tP8zXZcVUfPLxMGEfkY/8yHDlXj32r9rmun3gYVr3x 2OXr8f/Quwdi+MixGDsm8G/C+AkYfk+2ZkDKyOqp5TF9fbnm9usQBuva47WwhTSChV//bar+vKDt 31vluZ6fV7jhlzG2H099HKjbRyOdJxNekQAJkAAJhEOAhrpwKDEOCZAACZBAOySgm1kkPuXTXQVk YemgfPIaIH6ocO+MtfiIYHbNFbG+lnLU/PN/VKf7fLkBVYd3YOumMjSEMBaELT+lCWdUCefcn0aq XhDGibJFP0Wx6hEOTBFXkx+Ap5pdoLOWPlx+2kw6qzPLn75ajdd/+T139qKc+0r+hOo/FeNIjW7q lJHlN6H+OvUagHyllPsfzUVJlZ92I8IvVW9C3i/2KDHzccd3rnWzES6Nd4D6ChXukVkMF7kTfqak rsTgG3pqG2WsGX+H31xTb7ZilhIil39zna5uvVLYTlVi60uLMX9hKWyKsVafHi8Ow6L9//BK5bq8 dHw7Rlx9HXL65+DONX/3GwdR1L9R9eet0HVh9lPvdLFep+pnAoe58Y6vTJ3yAdqjbxqXT6TtJ1A+ Tn+dYdhjzcOgiRhIAiRAAu2ZQPTjd1uipr8VtqVysSwkQAIkQAIkEDGBxuNVOK8arzpcxBl1Da6P alBeVYUMdRaVJQt5/TJ1+YtdCutqsG/nJpffjuXYW5ULa49sZMlrxot1v+pra/HX45+6w98T4b1F uPoiJ9b+qjpe785TPKfUqfHFelt7Dz+E5s7CEBhQB1fSVDG7RzYzVYrfU3dORZ/KlzCoh4RGUYZj r2/B1CUbNBlL+zRjjlVZjywW+VfdhEFiEf+18jpgO8ZjTDHw5JQfIBNNqHvvEFZO+IV7cXgRpb6u SpT1/5AudO3ROVXRRzCqEjONtPLpyq/w7NpiV+IKo1BGT/S+uZN2Le80Gxu/Jqz6vrq7q0xvNory vomq95wrwbvkfH3S/+weQ8rvEmFK/XW6Cys2TcbeSRudSky3dkLdi4cxa/L3kCE/Lzsu4timFRj4 y+ddSor/R726EnfKbdt5GND+1ayMOF8/GOuHwesz6yXID7SQvzyLatejWDHmRaf0Sb1TUbuxHI8M u0P0Xwk2WxPOVpVjy/MTsUKbFWrF2DnjYZWfpEX6mQeexoohTzvTP3lvdxydW4olU34g2rcFTR+f xOHXFoq+t98ZLv/XzSL6sp8jqvo3oP60vifauLrj6h9W7MMv81wba4gehx690tHkuA49MtU+66cA Rnh1t4rPl8V4Iue1owYXxZjQNYw3lujHby+lI20/XsndlxdRr6yNCBQi5ztB1n50J6KLBEiABNod AcPG77ZETuJBAiEIOOo2yk+TEoa+JtlDxGUwCZAACSQrAUfd711jnTzehfFb87dmraiO4/7T5rxY 7YwTKFw/rtaWDAxLrls3q1QRYFAuL74ljLyKpIomrQhSrPJtx34dhkwvtn03aPeVgIwC1YUurVyK WPWXHO9LYlZZ2GVYXeGuf1l+rOWX81APM+pPEjVRvnxkWOUXG2to9SbrHKjuImn/atmNOjfu/pVH WUa9Whcia1H+hYM90rj7mm+76Dt3l6TrPs68q0omh5W+32OlUtOVwOpEU//xqD+/5ffqd4FLEUNI y2lJzHDUWG77OHResYzf/nKPvP34yeXUH7UyCMO/dDpInftJTS8SIAESMI1A7SbX/WzUK6HunbGr aPT4HbtGrSMHfvoqnkJ4kAAJkAAJkEBq5z4oCBuDmB3R1T07IjWjq3MWm3fyod1cU44ChT9Y4F7n Kr37972Th7jOF58a+o9yz7PHsG/ZDL+BY2Y8i+1Ha2GX1sCqzYgCYpXf6Xu/Qn25yNOP1GHTVqKi Ucy6OrzUI/S+Ed21T4pTv32T9vmlR6RAF4N1yos4seqPq7IwfFy/QNI8/fsvwKAcd/3LgbGWXy/A jPqTZ0zdM+tN2Cp3Y5aYjeY+dDV632zsqWx07n6r+zAFgdp3JO3fLc8YV+Z9v8QSLatCPDX2Fu3K v0OUf8EBNL67DdPy/MeAaKHFq7ei4mMHji8ZDc8WCOROexW22gOY78HPndewac/ioOD3wfP3Iz1A 35VjR1P/MdVfBH3v3nHuPusumcGuq3rigZIRWqZ7//yh5g7kiGX89pdn5O3HN5e6Y3s0z6GvTEXP IHWuRaSDBEiABNoZAaPH77aCL0W2F7aVwrAc8SHQ/OEmWLInQ8z8gP1PP9ZequIjjbmSAAmQAAkY RkB8Mma7bHN9LtvBgvSOwrwS75dF8Zlv4/lG52L5FosFGZ2zkK636hhWuFaakZHlN6P+FKwOW4Oo x2ZkdM+C/az4GDIzS3wGmmQVKepCbNAqbFiWgEbtQK3IcaER9RdSkNXNArvNjrT0DFf/CZTAy9/F LwUZ3dKc6eV+INSI7Iih/pO+/j49iJRMZZOTfqvQ9MEMH8NoZDCjiB1D+4H47P931uvwkPLl/O5G CSP0qyVEoQ6TkAAJkECiCNRt/gl6i+UwxIw6vDE91B+6EqVV+5IT78f19kWTpSUBEiABEiCB1kRA 3OXT073n/cRZQWEQzOrWA61wP9A4F1zJ3sjym1F/SjEs6V3RQ2k66dk9EsPOaCmiLizqGpAR5m0R hrXenV2J0jtG3oc8+EWR3ik5hvr3kJ+M9ddlMHYVAWNKBInjj2PPBw9jYqA1BiOs27Cjx9B+mj/c oxnpUFCKwTTShY2dEUmABEiABAB++spWQAIkQAIkQAIkQAIkQAIk0KoIjH7qTU2fSav3ae7W73Cg bKX4EkU5dr9wP79GUWHwTAIkQAIkEBYBGurCwsRIJEACJEACJEACJEACJEACCSNw/UiIBc1d4taN wfZzCZMcm6BPdrtmAopcxCYmGNEttuyYmgRIgARIoP0RoKGu/dU5S0wCJEACJEACJEACJEACrZ5A 9sRXsG+ea32kxv/+qtXr61TQuTAi0HduGf5zMtd2So5Ko5YkQAIk0LoIiNUveJBACAJXvnRFaLCH iMhgEiABEiABEiABEiABEjCKgAXDFtfB/pjYFCfdc6dloyQYns+N49D02Tikd4509xDDNWGGJEAC JBAdAYdrCrPDnhJdeqaKmQANdTEjbPsZpGbeii0bt0DqlMM1Ntp+dbOEJEACJEACJEACJNCqCFg6 R76hh2kFEJtQpCsbkZimAwWTAAmQQAwEsgYUi/f/qejSp0sMuTBpLARSJHHEkgHTkgAJkAAJkAAJ kAAJkAAJkAAJkAAJkAAJkAAJxE6Aa9TFzpA5kAAJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkEDMBGio ixkhMyABEiABEiABEiABEiABEiABEiABEiABEiCB2AnQUBc7Q+ZAAiRAAiRAAiRAAiRAAiRAAiRA AiRAAiRAAjEToKEuZoTMgARIgARIgARIgARIgARIgARIgARIgARIgARiJ0BDXewMmQMJkAAJkAAJ kAAJkAAJkAAJkAAJkAAJkAAJxEygQ8w5MAMSIAESIAESIAESIAESIAESIAESIAESIAESiIXAZRtq P6pHUwuQJvKxZGSiR/csWITlynbeBkvndKc7FhHJkJYz6nS1dPb1x5CSkhLh7zmcEY2oTR+XT6J0 +WKsPVBnTjEpn/zZ/tpt/2uuO4iVi1biUG2zKeMP5ZM/2x/7H8cfjr9m3IB4/+H9h/cf3n/a1f2n pQG7Fk1ByjUZyLFacee/W2EVv5xeXZF2tctGk5GVgbQfv2HGkJx4mRIPjUBtyUBJ1ECEv0Kpwq5l 0SYdtaWTFSZF0ukriS8i5ZO/q1+y/bW//meXSscpY/LUXYkffCTKJ3+2P+f4y/7H8SfhBDj+cvzl +MvxV7QB3n8SPvpKZjz/nj8gFXjbYfLyJKu3n3w99DWhYds/OKNOjIDqkX3/JlS+W4ny0idUL+CZ XaisrHT6y2HqTx/H4o7dNl3ajMEm2DR3AouqyaR88k9gu1NFsf0pJEzqf2o9fNwMh+o240z55G9G u1Nlsv2x/altwYwz2x/bnxntTpXJ9sf2p7YFM85sf/Fvf7YKjMgcgh1K/fZ7bD1OfuaAJGwwFZKE po8OYH6ervKvkecQtf2Da9Tp67hjV+Td1hW47oTmu2n8aOT10i7dDl0ct2fbd5ltlKR8c9sY+ZO/ uQQonQRIgARIgARIgARIgARIoK0QeHvhrdirFObepcfw1pzveRQt/ebBWHRgP/Z1HopKOeQLU/90 76FbPC84o84P3WZtBg1gt3+lxTh/bDPmF7+MmsvCSxenfTQVFwazy0r5WnM0xUH+pmDXhLZ3/hoI OkiABEiABEiABEiABEiABJKbwOcHMPN5tQhLsN7LSKeG4F+HYPY419UP87Nh9uQRTa84OmioCwE3 7epvajHeXjQJzz73MA6dEca7m+/Es8P6o/+0gchs4/MSLR3U6aUZpuywQvnk7+qEbH/ybkeJPszt f7rbsJjmrrtKEAadRMon/wS1OrcYtj+NBfsf+5/WGBLlYP/TSLP/sf9pjSFRDvY/jXQb7391ZZtd s+REgee+MQXi28aAx5jijc6wZrHza3s4THjtSy6sW5+cjbrvpAqlHaguc+nuHDqu6onifX9DcXIV J4S2Tdi1fAWONDbDkuYeID+t3qSkK0Gf8Z0wz8nD5eWwO5A36Uk8kHdtiLzDCaZ88mf7a7f9z1aD VQvXo0E8Dlvkvdidhxh3tynOHeMxdt4J5CiXEGOPQ+qKCU89Dmu66hnDmfLJn+2P/Y/jD8df3n+U Gynvv3z+UJoCn7/4/BnP52/do3uP7hm6K19nau4kSNIk34C26tP298uIvISOuo3KLqfKbkNeu42s +Vtz5JkmQ4oQ5YbYeUX0A9+fUTuvUL4vWz1v8vfPh+3PmJ2PTO5/tZuG+69fpQ/k5fkZe0TYqFfr DBldKZ/8/d7f2P6c/ZL9j+OPv/7B8Zf3HyNuwLz/8v7rb3xR/Xj/adv3n52Pq+UrlCq+MGJEaTt5 cEadGAWCHXO3HsWkvvJ0jYvY9au7ME+ZVRcsTdKG3TQCO5cV44gtxWOK96fVz2LtPlGqqirgvgVY bP0/2NVCCkfvScO0+Jfe24wJ00th6eWekadG9T3b8eX1k1H6/P1wToihfPJn+2u3/S97xEKsnNEb F3WzeZ0zmZesdC4w6xx+ip/FAHypDSWOL6/DhOG3aNfVJTMwb9c/YemoeQV2XHbgxtFLsGr6d51x KJ/82f7Y/zj+6J/dxIwqjr+8/4g7JO+/4vWHzx98/uLzp/ZM7f38rQXE5DiDBrEPgDWcZ/iY5CRR 4rZjczSuJPoZdZtq3PnuGuey+K6uUGbUXbFL0hV3eFt11ZdOUma6FEknQ5S3tiQ/6KwY0TW8wvOl CoEx2EH55O9qN2x/7bH/lSrjLgpKgw0TIswulQ7zHl9CXA/dEHI2IuUrDMmf7S8oAfY/jj8hxlvv 5z+Ov7z/BB1TJIn3X95/nc//fP4I0VPMvv+GUC9EcG3pZM020Ga/WgzBIFAwN5MIYVS1X3Hv+jp6 zSeorKxBUX+xwcSlv2DE1WlIuXo6anQ7wIbILimDHS0pit5NcIQoq6XjdRGWsWvIDSoon/xdjYrt r/31P90+t1+kiJVCgx1ibbtI/wp3jUgTLEu9RMrX0/BDjfzZ/vw0i2Be7H8cf4K1D/2Iw/FXT8MP NY6/HH/9NItgXhx/Of4Gax/6ESfk+Bs0o9CBOtvC9rdrQ8dvRzH46WsklZ3eVSzT5tqLpPnjk9jr TKsYD9oJyeAvtUD3+zeiafBq2FvsSOugrcjrl7IzTscspEfAjvL9otQ8yZ/try33P62hB3CM3mpH 08tNYvxJE+NPgEiKtzz+ZHTOCh4pwlDKJ3+2P/Y/jj8cf3n/CX7z5P2Xzx98/mpbz5/Be3zw0Owh 8uYQrt1c9z86D0cm78GdwTaJaxGbyQkzqyXEc35wqckR2g6KGHlFpOqopF0tZs/5OVLTvqX5hjIe aRHbgCP4jBZXAdM7p4s154L1MCVeGHG8kVG+NxHfa/Jn+2ur/c+3tXv5dLAgXRjfQo8+CGuM8so9 9CXlkz/bH/tf6JGC409YrSQMkPooHH85/nL8DatnhfOMqO9aYbnZ/9p3/wurkQSI1GUw9j0ODF8l h+/FXf/vSZw8shA5fr6Sqdu9DL1H/UrEK8LJK2uQo7PZBMg9qb3bePEirBuHDbW19Tj/YY2WsKb6 MKoc4rVPNy0TgppNF0eL3EYdlg7yp+PykRHR7DdXmtj/p3zyd7Uitr9IZp/G3vNcOZjd/7Ry3JAa 4jMFLWZ8HJRP/vFpWeHlyvbH9hdeS4lPLLY/tr/4tKzwcmX7Y/sLr6XEJxbbX9zb37An30H+qrtd Xyt+sAh9rtmLl5oLlXEAAEAASURBVHb+BgV39xb7yjWhvuooNjw1EWvFvpauo8G1HFcbt2SlyIvX qUVu7+e6tYPQu6g8QgyFqLBvg7UtT6tznEHpS1vxv7mFmDYkO0I+BkSnfPJn+2u3/a/51EH8pvRv yC18BIN6pxowoESWBeWTP9sf+x/HH46/vP/w/hvZ00Pssfn8weePdvX8ce4gCm8Ygh1hdJ2SI+cx 7Y4uYcRM7ig01Onq7+zrT6DHmKU6nzCc/Zfgk4q56NrGLbphkGAUEiABEiABEiABEiABEiABEiAB EiABEoiMQEsDdj0/D2Pn/MFvuseX7sSsh8Ygy89nsX4TJLknDXVJXoFUnwRIgARIgARIgARIgARI gARIgARIgASSnoBYjqz+bCNsV+D87NaSkYWszPR2sYGEvu5oqNPToJsESIAESIAESIAESIAESIAE SIAESIAESIAETCLwDZPkUiwJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkICOAA11Ohh0kgAJkAAJ kAAJkAAJkAAJkAAJkAAJkAAJkIBZBGioM4s85ZIACZAACZAACZAACZAACZAACZAACZAACZCAjgAN dToYdJIACZAACZAACZAACZAACZAACZAACZAACZCAWQRoqDOLPOWSAAmQAAmQAAmQAAmQAAmQAAmQ AAmQAAmQgI4ADXU6GHSSAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAmQgFkEaKgzi3wyyW1xwGazAS3J pDR1JQESIAESIAESIAESIAESIAESIAESiIiAQ37/d0SUhJGNJUBDnbE822RuzXWvIiMjAymz3mqT 5WOhSIAESIAESIAESIAESIAESIAESIAEgLrN+eL9Pw0zdv6DOEwiQEOdSeBjFuuc5ZYgK/fV33Kp W3sJCZIYMx5mQAIkQAIkQAIkQAIkQAIkQAIkQAIkECEBSzdngjMX+PYfITnDotNQZxjKBGbU0oAF V6c5rdwlH3yVQMEURQIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkEC8CNNTFi2wc8z3/1mosVvJP+2Yc BTFrEiABEiABEiABEiABEiABEiABEiABEiCBhBGgoS5hqI0S1IANI5e6Muv3O4zIpqXOKLLMhwRI gARIgARIgARIgARIgARIgARIgATMJEBDnZn0o5B96a+bUKykW/jCBKRHkQeTkAAJkAAJkAAJkAAJ kAAJkAAJkAAJkIAZBM4ffAYpKSl+fk/iTIuika0ChX7jpKD4zU/NUDthMmmoSxhqIwQ1YcvCJ5SM FmDq9681IlPmQQIkQAIkQAIkQAIkQAIkQAIkQAIkQAIJIWA7++cAciphUw11n9dgR4BYb5y9FCCk bXjTUJdE9dh84o94uMyl8GM7pqJrhyRSnqqSAAmQAAmQAAmQAAmQAAmQAAmQAAm0ewLZE3egtnwT rBoJKw5VVqKydgusFsXzpklo+ED4Cf/fjlMjWlFSXoUjD31H9WiTZ5p6PKrVgepdO1BxOQVpsANX 5WDsj/Jw9vAOrCvZgkOnzgNSV+SNeQDzHh+Pnh09Esf5woFdC3+uyChC0agb4yyP2ZMACZAACZAA CZAACZAACZAACZAACZCAwQQs6ci+ZyIWFE3CmBI57wHI7JeHHC8LVZbwy0ITjl1W5E9dgGn35Bqs TOvLzgtD61MwoRo1n8TUsRNRqRf6gP5Cdlehqnov1j+1BQcb92BQpnd4nK5P78b4ba68R70606cB x0kqsyUBEiABEiABEiABEiABEiABEiABEiABwwncM/0FoOQxkW8JSt5chOfHdvGR0fzhHu3LwmXT B/qEt0UPfvqqr9WremLWwscxdpivhXbMjJliWqb8Tz32YvD81+FQL+N8fvu3P1IkFOKpsbfEWRqz JwESIAESIAESIAESIAESIAESIAESIIH4EeiUNxKzlOxfeHoXbH5EHd22WPGdjQJr+1inn4Y6fUPo kIHxC1Zix0uP63wLcfAjB3auWoEKqQIVjhOYr4au24KaRFjqPj+Amc+7hPZZugDWhH5yqxaWZxIg ARIgARIgARIgARIgARIgARIgARIwiICYLPVAyQhXZsf/A3s+8sr365PYuuDvTs+hLz6Anu3km1Aa 6rzagXzZrO4yItzPHFmHQTenumOl9sGsw09r1+o6h5pHHBzHNixTPse14oUp/eMggVmSAAmQAAmQ AAmQAAmQAAmQAAmQAAmQQGIJ5I58VBO4dOtfNbfsuPTOdqxVfIrGftcjrC1f0FAXtHYLMcLP1MpO WT2DpjI08H8r8Ozsg64sn1iJwZ0NzZ2ZkQAJkAAJkAAJkAAJkAAJkAAJkAAJkIA5BLrchVJlV9cT T6/XfbXoQNnLT7t0GroBI7qZo54ZUmmoC0Hd34y55hBpjAyuK30Ke5UMtz38AyOzZl4kQAIkQAIk QAIkQAIkQAIkQAIkQAIkYCIBC4Y99LQivwSb/vypy/35O1iubKj52MPD4M82Y6LScRVNQ11c8caY ufgee2WRYqabWtquLMgxkmNyEiABEiABEiABEiABEiABEiABEiCBJCDQ6e5CTFP0/PXKt52bdtaV vaAsAVaISQN9d4NNgmJFrSINdVGji3/Cs7tLtO+x1/xybLuyIMefLiWQAAmQAAmQAAmQAAmQAAmQ AAmQAAmYTuCqPnh42SCXGvuX4ci5euxbtc91/cTD7W5DTRrq/LTIVG0nkQxAc7sjhgp3x4zB1dKA dWNedGUgvsee1P+bMWTGpCRAAiRAAiRAAiRAAiRAAiRAAiRAAiTQOgnkTviZolglBt/QEzOrXJdr xt/ROhWOo1Y01HnBtZ2rweEy5UNolGBHWTXqz9m0WLZTIvy9GuVaCT9v/Kp1l/5SgsWKlGVPcTad VgF0kAAJkAAJkAAJkAAJkAAJkAAJkAAJtC0C1w/G+mHeRVqC/HY4aYmGOn07aD6JiTf0wcBf7NZ8 nxyVh543vO78RhrNFZjYS4SP/7VneNZE1LRoXgY4mrDu8aeVfJ5H0R3XGpAnsyABEiABEiABEiAB EiABEiABEiABEiCB1kggQ2wq8SsPxUa9OhZdPXzaxwUNdfp67pCGvDy9h8vd77F0l6NDht/w/lML 0NXPJ7K+OYXn01y9UZvm+cSfxkORHl5ixiIBEiABEiABEiABEiABEiABEiABEiCBJCOQed8vsUTT uRBPjb1Fu2pPDgPNS20A21U9sahSwqJARQkVHihdhP71J/YrKWajqJ3tbhIhKkYnARIgARIgARIg ARIgARIgARIgARJoCwQ6dMXcK3bMcIjCWCywtFOLVTstdutuwdn3b0Zllyqk9rsTPVlDrbuyqB0J kAAJkAAJkAAJkAAJkAAJkAAJkIAxBDoIA11HY7JK1lxoBmqNNSd/YjtkYGvUjDqRAAmQAAmQAAmQ AAmQAAmQAAmQAAmQAAnEiQDXqIsTWGZLAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAApEQoKEuElqM SwIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkQAJxIkBDXZzAtqlsr3zpKk6DvU0Vi4UhARIgARIgARIg ARIgARIgARIgARLQEXCcc1447Ck6TzoTSYBr1CWSdpLKSs28FVs2boHUKQeWJC0D1SYBEiABEiAB EiABEiABEiABEiABEghOIGtAsXj/n4oufboEj8jQuBFIkcQRt9yZMQmQAAmQAAmQAAmQAAmQAAmQ AAmQAAmQAAmQQFgE+OlrWJjaeaQWB2w2G9DSzjmw+CRAAiRAAiRAAiRAAiRAAiRAAiTQlgk45Pd/ h3klNFu+eSXXJNNQp6GgIxCB5rpXkZGRgZRZbwWKQn8SIAESIAESIAESIAESIAESIAESIIEkJ1C3 OV+8/6dhxs5/mFISs+WbUmgvoTTUeQHhpR8CV3/L5Vl7CSba1f0oRi8SIAESIAESIAESIAESIAES IAESIAHDCFi6ObM6c8Gkt3+z5RsGMvqMaKiLnh1TkgAJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkIBh BGioMwwlMyIBEiABEiABEiABEiABEiABEiABEiABEiCB6AnQUBc9O6YkARIgARIgARIgARIgARIg ARIgARIgARIgAcMI0FBnGEpmRAIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkQALRE6ChLnp2TEkCJEAC JEACJEACJEACJEACJEACJEACJEAChhGgoc4wlMyIBEiABEiABEiABEiABEiABEiABEiABEiABKIn 0CH6pG0/5fnjh7DztS3YW1aNRlHcrMwsZOYNwtjRw9ETJ7Hz9Sp0GjAJj4y9pe3DYAlJgARIgARI gARIgARIgARIgARIgARIgATiSoCGOn94WxpQOmcIJjxf4xFahSqgbB/WL5np9u97M6YJQ53F7UMX CZAACZAACZAACZAACZAACZAACZAACZAACURMgIY6H2QNWPXv12OmsMlpx7BpWDwsF6g/iPnPv655 Ox1d0zyveUUCJEACJEACJEACJEACJEACJEACJEACJEACURCgoc4LWt3muTojXT42V67FA3mZSqyH MW/hSaz6UV/MLPNKyEsSIAESIAESIAESIAESIAESIAESIAESIAESiIEAN5PQw/v6JFZO2qj5bPv7 Hp2RTvHu2AeP7zqBaVosu+aigwRIgARIgARIgARIgARIgARIgARIgARIgASiJcAZdXpyDgealOu+ TxxGYS99oM6d2gcrqjaiacoq3JifzfXpdGjoJAESIAESIAESIAESIAESIAESIAESIAESiI4ADXU6 bs3172OHct2zd5YuxNfZKXcStldO8g2gDwmQAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAlEQYCfvuqg pX77JljVa4fq4JkESIAESIAESIAESIAESIAESIAESIAESIAE4k+Ahjo9485Z6KFcv/mzLWho0Qf6 uhvratF4odk3gD4kQAIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkECEBGur0wK66CROLVI9FmLLkbfid WGerwZLhKejaOwdd7yn1H0fNhmcSIAESIAESIAESIAESIAESIAESIAESIAESCIMADXUekCwYveiA 5vOnp+5B2rAncajqLGw2GxpP1WJXSTFSMvpgXpkSrWuaFp8OEiABEiABEiABEiABEiABEiABEiAB EiABEoiWADeT8CbXZTBs725C+r8rG0W8tQiDxc//MRsV//lj7vrqHw59SYAESIAESIAESIAESIAE SIAESIAESIAEIiDAGXV+YHW6bSKkppNYN+NeP6HCK7cIJfurYJeWwZruPwp9SYAESIAESIAESIAE SIAESIAESIAESIAESCASApxRF4hWeg6mrHoLUxaKT17PNQGZGcBlO9LSM5De0RIoFf1JgARIgARI gARIgARIgARIgARIgARIgARIICoCNNSFwtYxHVnZyrS5dE6fC4WL4SRAAiRAAiRAAiRAAiRAAiRA AiRAAiRAAtER4Kev0XFjKhIgARIgARIgARIgARIgARIgARIgARIgARIwlAANdYbiZGYkQAIkQAIk QAIkQAIkQAIkQAIkQAIkQAIkEB0BGuqi48ZUJEACJEACJEACJEACJEACJEACJEACJEACJGAoARrq DMXZRjO78qWrYA32NlpAFosESIAESIAESIAESIAESIAESIAESACOc04IDnuKOTDMlm9OqT2kcjMJ Dxy88EcgNfNWbNm4BVKnHHC/W3+E6EcCJEACJEACJEACJEACJEACJEACyU8ga0CxeP+fii59uphS GLPlm1JoL6Epkji8/HhJAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiSQYAL89DXBwJNSXIsDNpsN aElK7ak0CZAACZAACZAACZAACZAACZAACZBAOAQc8vu/I5yY8Yljtvz4lCqiXGmoiwhX+4zcXPcq MjIykDLrrfYJgKUmARIgARIgARIgARIgARIgARIggXZAoG5zvnj/T8OMnf8wpbRmyzel0F5Caajz AsJLPwSu/pbLs/YSTLSr+1GMXiRAAiRAAiRAAiRAAiRAAiRAAiRAAoYRsHRzZnXmgklv/2bLNwxk 9BlxM4no2TElCZAACZAACZAACZBAAALN5ypxpOo8pG45GJTXPUAsepMACZAACZAACZAACegJ0FCn p0E3CZAACZBA+yTgOIOdmw6jSSt9Gm4fNwE56ZoHHUlAoLnuIDYfEJ9peG1Rbul+Jx4Ykp0EJfCv YvOpI9h8uE4XmAzt04GtIwdgSrWsdj4q7Htg9aoXXYFic14+ia2lf4VdySXZ6zs2GExtNIHk7H9G U2B+JEACJEACiSRAQ10iaVMWCZAACZBAqyTQfGo3CqY/5qHb6gGFyLF+08MvUReNp2rhsGShRzda CsNnLgxD44dgmtMw5JWq7wYUHM/2tt95RWq9l2ffehLTflHuoaCZ7dNDkSAXab1EoLM+9qLm71/B 2j+8/hRp+28+exAP6Ptvktd3EKQMMoFAsvY/E1BRJAmQAAmQgEEEuEadQSCZDQmQAAm0awKfbENK SkqI3wAMHzcba3dXw9bKdpFOzRqAeUVTMXXcMK0aLSb9Kav5w1fQtVcOet4wEZUJWhrk/J4nQtSd qFurFWMfX4K9753VGLUuhwXDVq0RdTgWU+W6FL/heYqGXdNal6oRatNpwIOiXK2jfUaiuv0jNbYV OT3DM9JF0/5TOw/A/KIxptX3rsdzQvcfr/GxX/FbKhzX+fMDGOEVJ/CYOgIHL7iTN1dvCik/V4y9 WzxmZbrTx+oKKH/G686sD8/L9qvf5g++ilV0QtIna/9LCBwKIQESIAESiAsBk15D4lIWZkoCJEAC JGASgeami2FIrkTZdvm3AkXiU7g9H+1A/s2pYaRLQJR/vQuL19wFfH0SKdvKsDYBIgOLUDbwQVrC ZoDZzr8XWB01pKoKu+Tf8/OA/ktw+r/mome8PmVUZUZ4zrynCGvFTz3OvvYVeozfpF4m7Tnz9olY K36to32Gi9GCsaUVuPHj80DHnsjpGG66KNp/5l1YJPrv2dcmm1DfDtgO14ZbOC3eiQrXBl1qF2q+ cAZ7tdBQjr2obxBGrs4u42fj2QOhEuBvYtydKP/uW4KT2+ZGUB8hs0ZA+QdtzsRn933oN5NtJxox sf+NfsNak2dy9r/WRJC6kAAJkAAJREqAM+oiJcb4JEACJEACPgRSs3+CmspKVL57EPO1SWmF2POu 7Ofy37JmEaxayr0Y0WsBahI0Y0wTG8rRymb6JQpP9v2bXPVUvlmYUJXj3lWodNapqL+jh7Bu4YNq CPBBMW565PVWvxO4oyXFrXNbcLWy9hkKaadsKwYOGY6Bt0f32XGk7d+c+rZgfNlJZ1/ZWjxUQzL3 zaPK2KeOgeIs+pM+jhZZOFJv+RkaPhCbbxxV4+vHUmC7OpYePYLKDxpRpPuMuPuINWL8FfGVGaT9 5paiprYGZz6qEX13D35b/EO3qLeK0eea6YaOvd7ygSU4Isp65vB4p9zxZac9y95/AQ69W4v//FHr N9K5wQlXkvU/D915QQIkQAIkkFQEOKPOu7qUBYlhUT6TcdjRKTcf+bdlihu0A9VlO7Bj9w5Uvn8W jVJX5A0bi5lzpnDBcW+OvCYBEmhfBDpY0DvP9Zb4oTpzpqBAjJ3qt4dA3m2DMOHBKVg/4XpM3Sbj WY5DNYt91oFzXKhBeVk5jr1TjspzzWg83+hkmXlrvvic8WEUyONx0MOBusPbsaV0J/aKsVo+sjJ7 IPeeQhSOuQcpx7dh+/v/g7z7H0FBv07OcO0/v3dFB47t2oGayylijptyiHuDdNMgPDCwu+rjcT57 bAe2btgs5IiNDcSRUpWCLoUDxTpaD6BgSG7QmXL6OYYJ+/y2o7if3dZVzNj6JrKUkoyaMBx5ebco V6L+bh+IKQ9NQWHnu7FD9l23FjW/Ge2zQUA09Vd3eDOOnPoG0tTpRU6pFuSOGavM/BH3X3HvrbB5 1kGqqIOCAHWgKR6xw4HaY3uxc9s+HK0Ts8GUIyv7TgwTn9XmhzA6RVN+VYZ6vlRXiUPvVaFRTEiy CCYZ3Qfg9ttzkZWmtUA1asxnv+w7ZInP1O9Bukd/EP2gVPQDYfzUtBD9ILVPPgruUPukn74itniQ OonNPEZlh6WrIe3/BpFLSwPKNqzD2l1/Rb0YQ6TMnnhg4gI8MuG7QftfWEp6RbJk5iBPIMj4sIsS UoSJw25Hjgc/V5A7jlcm4jKrX57W/+RQ91haKsY991jqk9I5/g5Cn5tFSBXQIzsPvbOVvntzb9F3 8/HQjBq8/FAfPOwce0vw46VTcPyp7/lkFZWHl/yfvjoWd+jGDotg78FHfNo/8LbA7SGW8bM19L9o 9HduhPPOf2tjoN0hxtyRE2CVu9blBhzetRVbdot74imxi7LgOXz0I5g95QdefTSq2mMiEiABEiCB 1khA4uFBoLZkoCTqyfNXUCo1XaiQpnn7q9ePlnnk0dYuHHUbXTyGvibZ21rhWB4SIAGDCdil0nHK GBpgzHAc/702xo56tc5Dvu3wr7Uwn7FYGXP7PnPYI43HReM70qw8rzFcHau9zkNfrPZI6rxoOaGN 9Wv+1uwKd7wv5XuldelWKJ284pXFZ+9LYlZLiDIUSQc/dngktFVtlMYOGy4Nl395ee70efkuPzVM PucWSNtV3TxyMeBCV/5Rr3jWjZp7bUm+pt8mLz2iqj/BV8y01PLU1/vSCncd+I/zu6D3pdpNk135 BmiLapnUs+OjA1r96/XwdIv6+8iz/tT0UZVfTSyfvzghrVT7jx8mi1cv1lhp7VOfPlJ3QPZWqcL7 hh8wrq4OAsbJ981Pp6tR7V+rbz/stDocukFq0sk20umWX6grr106unGhVLy0zNlWtf4j9PBG7KlL 6LE0UPxAfVeSPpGWaGys0oHPPHOI7cqtbyD5Gp9A/THK8VPV2/T+F7X+dml9ru8YKN8fG6s2+R0b 5fb82Bvn1aLzTAIkQAKGElDH60DjuaHC/GRmtnw/KiXci5++ijud/si+b65rQXGxCLX2idaO8cgQ CxWvVSMOK8DY4eqFOJ9zrcGh86GTBEiABEggDAIOMWtAf5w/sV93aUXx6q04VH4IW5f9VPM/8dQ9 2FznZxFysRj7gKy7sULMKFGPYUXzsWL1Cswa11/10s4WeapSOIeYLeK9dtSYoll4aYeYDaifMWOr wIhv34rFmvx8LN+4z/nJ16E3S1CgySrB4BsKPBaDP/+Xp7GzbB/2yT+xDpx2VO11+alh8rl6B558 O/I1sbQ8Y3SkiFlU6uF2uXyiqr/UPlixZq57IwAl8zGPrcRgdQOC1J5YvHqRjqEcyYq5r95u3Oyo 09tg6TXEfa8XHwHL9XdEfGq4b+Ny9yfBEPXXy4Ltp5oVTd2nqMqvJv/8LxhxTV/MdM54Uj09z/N/ OR+Vnl6xXcnsdX1Lzuy74vln5txZ6Klv23LAVVmYVfw4Zk6XL9TDikVb7nHXgTPOgxijbOZRoE0C C77eYvzavxhDlq3Db/Sfbe9/EEv3f6oWIE7nDGizYb8+jZWTn8SSX/1GzEYEsu/5OWQuD+Z3d3OL kxa+2XbFgwfmKN6VqP2nn3HUN1HkPgGGVksH2eYU4Ihh/FRzNLX/xaS/shGOs9+MUYuDN3+Sjay8 Sdr1cHlGr3YFnLnsdQPVhdFJAiRAAiSQ5AQSbhpMIoHarBDtr49F0p5am1aCxg8OSlu27pBOxutP s5okcx2cUWcuf0ongeQi4J5VATEb2d+MkaqSEdoMgWX/dcmzeJ+dlLas2SIderfe019cOape0dIN 9ZntpZMrj9n9l0gVjZ6znhy1uz1mxvn9K6FuRtmmv8tCT3jMkPvh0sNSk/csOqemdmlXkXtGxL3P lPmJZ5fKl4/UyoCpOj6i3Ife3CvtffOQtHP1DCWOVXpp6z7FXw5z/XbsLJdOf+GDxxgPXfn98pEu Suu0GV/50l+8739R159Q3/aONlsMWCDm/vge6l9YxaOX5Kwf3ygePlr8QDN4tNgXpZW6mZB95+7y rb8rF6Wd87Ld9ddvla+OUZffq/3eu8qj/dobK6Rnh7nbl1x+Q2bUKeWvWjZIKdds6bSufTs+rpD2 7tzroYukayOhZvTUl05S8hWzT/0NBip/g9q/Vt/yGFCwXvpEX5bjytcBzjBd31N1MOCslz9mxnxp XvE8ad6M0RoDn1mKQWXq2kTI9itn5I7vv+8qwi7s1/pZ0HhBdfMX6Jb/3cIl0paNW6S1a9ZqP/n6 2XH9XCx8yhPj+KmqY1r/M0h/uRy6/iX3c+ev4GXppDb70S7Vlu+Rtoj7gP97kQqDZxIgARKInoB6 PzP2PhG+PmbLD1/T+MVE/LJO9pzdDxzOm6R4aNY/vCZ76SLRn4a6SGgxLgm0dwK6sVP+xEx+UXb+ 7FKTeOnfunCU8tIqv4AUBX55tzdJNe8ekcRsOvE7IlW+WyM1iPRiVpozvc+DwyndSzhm+36SqlSL Np6JfHyNfSKS7iXp8TXrPD6DXPans4Er1+Z++YUw4Hjbr9wJP5Hmqy9f0H8e544haWURfHSGBl2M +Dl15f+h/GmwWn92uyT/cerZHykvjnIZAhhincpFWn9KidwGI/FZ1w4v3pd1nyBP3RUWA/VBDz6G Aa/k6hIPcrn6/S5I/V2UfqszmAU0lkVafq3OZfl+DIBOdT/xMCYGlO1VtHAuHTojljvfi7rPJJdo TNwG89CfTmr8RVsPaqjTK6mxiLz9u+UV6T49dWeuGdNDtQd3kohcbvm6fqLr72EzcErVj6XhLD3i ju8zPupLoevjQePp04TldsvXDExa2b14ePM3cvyUdU10/zNSf/HHIf1SO/eKpR6C2bjDqhpGIgES IIEICaj3M2PvE+ErYbb88DWNX0zvDxvEvZWHL4EFOL1nhu9nIL4R6UMCJEACJKASEJ+YZVyt2ylU 9VfOc9+YhxyvT6SaTx3Bb5f9HDNLTnjFDn7Z/IX7I8wn/jTT85NUXdLUWyahamsNpiw7jhE3p+tC fJ2rpk/VPH+65SxmD71Ru/Z2NH98xv1J4vHHsWL5l5C3RNUW3ZcTiGuL5TQWa4m3o0ZslmG9Wb98 PtCs7SzY5Npl0KQ79RuP5iLlUU1ZL4cVu1+43+fTvWjrT80896GnkT/nkPNT4xcK1uEXVxZq997q Db/SPkHe9qvRahJDzmcrK7R8Vv9hCgK3jAxMXfZ7PFz2c2f8oyfqxe6byqL9wifa8p9974Amf9nv p0Js6+Hn6Iqpa36Nmbc94ScsNq/U3ndilshihfhtF59VF/X/LvDpX1AsruU9YqqqinHw3FwUdgNq //JHl7B+Rbi1s8tp5P+GtP+CgT5ji6xj9vcnAyUbjVQ3QF752Hx0Bawdxd8Vmisw+7ZJWtsNkKCN eedj3sJc55inL9in1c9i7T69j8tt1PhpVv8zSn8nDf14/2gZ3nryB77A6EMCJEACJNDmCehvB22+ sFEXsCAHXUkqanxMSAIkQAJuAlY8vmwWpj44HjneL/mf7BZrhI1yRxWuXLEm6KDsTqgXu2DuLKv2 CNNf1L//pnbZ598yNLc/R+7451A53l9IYL8/PDAL04Zuw53eOqtJrv6W6nKen50j5s2Fc4gdNJPq yC3A8jkPY5rPjqCiFDHUn8bgX+7C4pcGYe8vDgmvRXhp38N4flQX4H8rMN/pJ7ynvoXCXloKQxyO r4VRVDmaxA7vwDfVS9+zw6b5XbysOWMqv0PXDvK+c60uU09npx5W5/q5lZ7esV9dJXaRLL4FK5Z8 iP1ry2H75XfhOHbQma+6ZOLeP/8DhROuRfl6uW6AUY+IXWGdrlb43xdm96s0sYtyNnrLz45fpyoG bbtsq3cd8uKc4a6RqaYx6mxr0P6ocJ3XH0qMEjHq1ZVYPNltwFbzPfvaP4WhbpN66T4bMX7GMP7E 3P+M0N9NQ3ONsvbQ3HSQAAmQAAm0LwI0P4VT36Y/8IWjJOOQAAmQQGsjIGYjf1GMrsLw4XxBFZsy pHcM/GZYtsptpBu9tAwvP3QfsjrqytTShA2jrsOUMp2f4ky/+Tbhcm35YDdoffT+017GcwMvIH/C kyLv7bjr29NR8cUaMUvGV76HT+Eq7J18IxwtHr4eFw7xop6eacXA7CAGIQiDo5l3aTGbw77iB3DI C5aLslg6pge1LcRSf3o4uQ8uRf4vbnXW5gs//K34kHkhvtgwR5uRtO3pe/XRjXE7Ptfy6Xlt4DYq R0q9xj3fTTO8CP/Yyn9Bk2+TbYaBDMK285qRRUtgkMM65j+AJY8BxzfjpO1BfLZvtUfOf9h5DM/n d8OWKpf3uIHdPcKNvzC5/cdaILn/y/1XGEHXfnwS8y5fhzzRtC69/yLSbxOcp5bCvtZ3VmqsYkOl P191UGtDd+TGyRCk7xg6hfQGMZ23pzPK8bPV9L8o9feEoFwF4Og3Lj1JgARIgATaFAEzXwHaFEgW hgRIgARIwIuAPBtZGOZc/7zCvC9bGlC9SvEUBqJdc+7zjiFeeu0478dIJ0fMyOqpxZ++vhxFL/hJ r8YQBr/a2vPI6tUb6UFsMrMf/w8M7y0+9Uv7HL3HvChSl2DANZk4rfscU81Sfx5690AMHyk+HYz5 KEHN+TXI6RZzRlFlIM/msAjjqiUYJDXnGOtPzcZ5/pcBWFwyAnuL9ojLRVi5vBP+MafcFUW0Dfnz S6OPrNwhIkuXoXfT/lpMzA5cf9UHlE8/RYrBuVkuVWIsv6Wje4rgpmMfihmDvrORZEHVZW7Z/397 9wInRXUnfP9PNMvMLgkzPrjOEPNEvMQBUZlBs4JxV0ARGESurqIQFcbsJjGKghcEL4AoKqgQzQqi K1ffcEtEQAVm/DwqJCozRGRmjDqQFWdwJU4TedI9Kz71nuruqq7qrur7dPdM/4rP0NV1OZfvOXWq +nR1nUDE6fu/+7mX+UfV3aC6cbau2yD/vUwPe4bU7vsXmX2uKo8NG2TDsLOCnTyzZfBpXdMXuWNI 2a3/jklKcmHRqX2kPLhvy97gz5w/zcZdf83ywuWPBlMyXvoboyonma/22C2p9jOHjr+k0t8ekCmG ebBmmfxi8M3BVrFSlu1cLlMHq7ub45yyvX+cyWQzBBBAIGcFvpWzKct6wiyf3r6jRTyHJ+vJIwEI IIBATgpY2k6VPvu7KAnu0ipNxupDoZ8WGotEda5tm3uD/5lZ/mVhAXc9s8L/jC3/uqeGy9zX/2zu ap05um+9jPz2SdLnvD5y8dI/WVdFzHu/DtyaVzb6Salbpp5t5Z/myhkjfy3NYVtb439dPdttVaP7 bX2ej2tlzZJ5MmvOWvHod92ET1+r59sFp/r/+qsxG3o91ix1NRtkzcpt0pwrd1ykWH6hzAXm+k16 wN9ppL9bdOd02RDcYPP0YcG5+F4KTtTHHlFTjPN497P6S2VgS9HLb1mdg7taf3TvSim/Re9A1KdK GfjD7wZmU8z/aQOGBMJR/7/8kzJ111pk/EffW2qJ29w8fTNdz5HrqwLBzb95qjynz46rkPK+AyWQ uvUyteph/wZ9Hxwc1yNBTP9E7g5Nof6b8bmUd6z1gdwn/78Zvh6Ey1fhBd1OijMCSyPnkh97QJbt LbPmNp56eebq75lt6Khn58W+O9jcOZ4ZS6SWWeuepk9YflJuP7N8/KWcfiuSZb69fppsicJ59uhb Ms7spNM32SJVQ0bI2w6nZscAsr2/Y6JYiAACCHQwgfYbp6Jjhuxp2KNGF6zVamvV6HbmyG6V2iu1 apm+XP01t7ZqTR95OmYGk0i1OUpi+ChdSYTFLggg0EkFvvaqUVrD2s7zZms7rW3nV9Hybh8xcPQ9 a7Xaj1q05o/qteo1SzTVieIf7VWdYv2v5+rr36/Xmr7wmYG2bH/Ats2wYBitepv9/lva8plDbevD R31tfl+lv3qVGVdo9MtAFGvNc4JKw7jntSb/uaDZjP/Apltt4c9cUa016+lTNq1fNGt1r6/SplvD kArHkSm1I5YRZNVometrW7TW1mblu0Pl4UZbHAv2tJnxpzTz1WeBc9zulWb+/X66if/cV695o45A m3r5hae/YVmlLa9y6xvhm4S992pNlvpWq9K+xizzCnUebzDP43qe6sPO48YIY0Ydu/2pGnW+92pe NeKtt/UzrXrxNFt6Rr3YaIk/9fxvvd1ex0c/qNfxA6ruqnzYRksObLd4V0Par0U8NfZj6IZgHq2j 8eo+i/9w1JL34KwaadO4TvK/2vxFe/T1OnVtZdQn9fp+S2QY+pJk6r86xvxORnmrtmdHrRop2mhz wterY0+vD83uwzM7p81lqfeLT/x5C9W3Sm1Vtcqv/9ix5tlSJx2uqfxtkLGP9To0rC2NsNPbX7X9 rGD7oreP9R81qfrRFGg35tjbDZHZ2mdRj2eXjLotDotfxj2jyrdW298SaJ8jfXT/A7Y2JbX2M/vH X6rpN9suSxusjwCtOwbqUb3/PNAUNHUrirQsP/Syra0z2sTF8Z5vsr1/WhAIBIH8FjCuiRj1NXv1 QLIXdQ7G7HvP/IBinJTcXyudP2DlYLZSTRIddakKsj8CnV/At+8/HC/sbW2owwdTq4xn9yOxwwjr sJO+L2heSyDqzre4wjj3trVaq+WDqlP6bR11xz/QxoXH7X9v7WzzatVzLosrft2l7z2bNLd+guqZ Z8cRTpW2xy0Ai0k8sw3LBseMz94xFRlqOsrPFqoyn2ox3+zSr2Ps41SGtvpnCcu/PKzuaKomVT92 ZUwHfd8rHqyx1Ts9DSnn//gn2kPl9s66qOn358da/wyJFF6P2a+DVn4U6Gjx1T1rcRnveP0TTx2y 58c97YnWf7ey7/PUXj9GrPUpiKldvdrz/RItN7V9WHvoa4yjDbXUYWv71LByhKV8YqRl2Hxtv9GB mVrGzb3d43/Bv81aF58bNhw0w/Affym0n9k//pJv/93qp/14CZZrRLtlIUzXrOosd4o7VhtsRp/t /c2EMIMAAskK0FGXrFz69uOnr+pMZE4nlMpA4yEi5kKXmXOHSInLzxpc9mAxAggg0GkFuhb39I9G GS2DV40ri/pT2O4X3SUHqtVgDQ6BDJ+6UPa0+KSlZoFt7bCRp9nC7Df1RfE0bBd1Z4njNHzqQ7Kj tkXef+IaKbK04V1PPsP86WNgxwopPsk60EOh9HY6P1xxveVcUCCDZm+XlnfWyVSnbf0BV8rMxWtk z6c+2Td/tOuomYMe2i1bH53mmIcx0x6S9bsaxKspqyLHTRJeWFSiD8YRfRpZFnwem8tm6Sg/W9Bq VIUWY8HdNTKyxHjj/BpZhs7bmUsvC8dT5Tf9ZfHUbhZ156NlstTIYTPkFVV/Xr3vUlu90zdOOf9q 0IGZ73wpW5fcYIk7NKvu8JOmfevsx8d54231OLR1knP/oH7+OsHYd4YMDD6Hruu5F5s/RZax10uF w08bi077Z2PHOF8r1TMQnTdNtP53LTzJ7hIMduipgTKOtd45FfEuLZCSQephlglOfStOsdWhrj3O CRnHDGu89OkZap969bsm+h7llXLTzIX+dkPbdo/0iTUgTvTQIta6xd/3nsBB232E/gzIyGnImdY2 JbX2M/vHX/LpT6TtumKC/ZwXqZqGJf/rcmlYc7ctoBuf3R2zDTZ3yPb+ZkKYQQABBDquQBe9z6/j Jp+UZ0Kg7cOVUlCmns809CXxvvavtgvLTMRPHAggkGcCapTYlsMt4vGpZ9wVFEhxj9Kogz646fg8 zSqcLlJ8aqF4PV5/OCq4jE2+Iy1y4EgXKT21wB9/YVFx1FFvHROmnmHnOebxj7oqxqi5Lp0bjvtn Y2Gayq9m3tkyeLb+HMEK2dGyR4YEPvNnLEeB+tMmxaeViveg6jIsKZXSuAbWSEP99Xmk5ZBXCnuo untM1V0Vt1unVtpB1DMQd73bKAVnXSwVp4YGjGg7VCtvf+ST3hcOtI/GnPYEWALsiPXfknxmkxdI uv1MR/uThuMv6fQnT5b+PdXo5B71V1AQfcRv14izvb9rwliBAAKxBBpX/UR6T1oh6qev8rubz461 edrXZzv+tGcoiQBz/XI/iSyxCwIIIIBAhxZQHVKlp/YS670WyeSnoKin9AreNFXULTiTTEBJ7lOg Ohh79wjsnHT86ixdVJT5tCeZ5cBu6Si/v2wPdtKJ9H1wYcY76fSM2OpPWa/4SdKRf/XBuPTMQLln vPy79ZSBg3pG5LfrqRUy+NSIxe27oCPW//YVyZvQk24/c+T4Szr9uVTC6putolS+3cr2/rlkSVoQ QACBBAXoqEsQjM0RQAABBBBAIM0C6i4Yz5FWUfeQSWGBV2oeutWMYPLl6meF6s4qt1E0zQ2ZQQAB BBBAAAEEEECgEwjwjLpOUIhkAQEEEEAAgY4s0PjSOCku7Sk9S4ulWD3vcOwTDWZ27hxYIl2+/aR4 zCXMIIAAAggggAACCCDQeQXoqOu8ZUvOEEAAAQQQQAABBBBAAAEEEEAAAQQ6kAA/fe1AhZW1pH79 t0DUzd6sJYGIEUAAAQQ6r0DZNVvEO9IjavwQx6lAPWMwg+OAOKaBhQgggAACCCCAQF4I+A75s+nz dslOdrMdf3ZybYuVjjobB2+cBLqWXCCrV6wWrXsfPig5AbEMAQQQQCA1AXU1UqAGzaAzLjVG9kYA AQQQQAABBFIVKO0/U33+nyKnnHNKqkEltX+2408q0WneqYumpjSHSXAIIIAAAggggAACCCCAAAII IIAAAgggkKAAz6hLECwvN9dH4/Oox3jro+4xIYAAAggggAACCCCAAAIIIIBA5xTw6Z//3R5IkoEs Zzv+DGQxVhR01MUSYr20Nb6oRuErli7TX0UDAQQQQAABBBBAAAEEEEAAAQQ6qUDjqkr1+b9Qpm38 c1ZymO34s5LpsEjpqAsD4a2DwLf/PrCw4ajrg74d9mIRAggggAACCCCAAAIIIIAAAgh0JIGCU/2p bTqSpbvqsh1/DpQVHXU5UAgkAQEEEEAAAQQQQAABBBBAAAEEEEAAATrqqAMIIIAAAggggAACCCCA AAIIIIAAAgjkgAAddTlQCCQBAQQQQAABBBBAAAEEEEAAAQQQQAABOuqoAwgggAACCCCAAAIIIIAA AggggAACCOSAAB11OVAIJAEBBBBAAAEEEEAAAQQQQAABBBBAAAE66qgDCCCAAAIIIIAAAggggAAC CCCAAAII5IDAiTmQhpxJwtHGHbL+zf+WwgJLktSIxKdcUilDyrr7Fx5+d4ts2XvUso1X5IQ+MmLi ACmy7MYsAggggAACCCCAAAIIIIAAAggggAACiQjQUWdq+WTjtZfL1L3mgtDMgj+KVnaeeu+TTT8a KT8LrQnOVciesXukwtrBF7ENCxBAAAEEEEAAAQQQQAABBBBAAAEEEHAX4Kevpk2BDF+0VMYO72cu 8c+Mny7rL/tBcFmBDNq4WKZfHXxbEXgdfc8MKaHLM4jCCwIIIIAAAggggAACCCCAAAIIIIBAMgJ0 1FnUSgZVyYat1bKw3FhYIZuXPCbjKgI/e9WXlo25RR6bvSKwQa3IDasPyqb510hPOuoMNF4RQAAB BBBAAAEEEEAAAQQQQAABBJIQoKMuAq1Ypix9JLi0Vq6c9VrYFq3yzJ2Tg8tmyOyrjbvtwjbjLQII IIAAAggggAACCCCAAAIIIIAAAgkI0FHngNX9gpvlGeOuuuXDZP2h0EZt762Qn28LvL9tw8/ldO6k C+EwhwACCCCAAAIIIIAAAggggAACCCCQtAAddY50xXLT0ifNNRMefzU43yrL77stOD9DbhnF3XQm EjMIIIAAAggggAACCCCAAAIIIIAAAikJ0FHnwtf1gsny/PDgyqeGyytH1Pxe6910d3A3nYsdixFA AAEEEEAAAQQQQAABBBBAAAEEEhego87VrFgmzn/WXHvv/EUy/2HjbrrZMmPUKeY6ZhBAAAEEEEAA AQQQQAABBBBAAAEEEEhVgI66KIJd+4Xuqnv/iTvk3t8ENr7tdz9nlNcobqxCAAEEEEAAAQQQQAAB BBBAAAEEEEhcgI66qGYFMvHR/wjbQt1NN4K76cJQeIsAAggggAACCCCAAAIIIIAAAgggkKIAHXUx ALv2/YmsuTm00T3cTRfCYA4BBBBAAAEEEEAAAQQQQAABBBBAIG0CdNTFpPSK511jo9nyC+6mMzB4 RQABBBBAAAEEEEAAAQQQQAABBBBIowAddTEwj76xWH5WF9jo7td4Nl0MLlYjgAACCCCAAAIIIIAA AggggAACCCQpQEddVLhmeWbQA4Etzl0ktwzl2XRRuViJAAIIIIAAAggggAACCCCAAAIIIJC0wIlJ 79lJd/QcaRHvcZHCgkI5+MYSmWnk8/oBcpJaLogZIrwigAACCCCAAAIIIIAAAggggAACCKRRgG4n C2bbhyuluGyyZYll9q4BUnhXhWz/Yo9c1sOynFkEEEAAAQQQQAABBBBAAAEEEEAAAQTSIMBPX9OA SBAIIIAAAggggAACCCCAAAIIIIAAAgikKsAddRbBrmdPEu9XV4pP/4mrw1RQUCQFBQ4rOvuir/8W yGGzt7PnlPwhgAACCCCAAAIIIIAAAgggkL8CvkP+vPu8XbJjkO34s5NrW6x01Nk4RAq6qc64sGX5 /rZryQWyesVq0br3wSbfKwP5RwABBBBAAAEEEEAAAQQQ6LQCpf1nqs//U+SUc7IzmGa248+Fgu2i qSkXEkIaEEAAAQQQQAABBBBAAAEEEEAAAQQQyGcBnlGXz6Ufb96P+8Tj8Yi4/CQ43mDYDgEEEEAA AQQQQAABBBBAAAEEcljAp3/+9+VwAjt/0uio6/xlnHIO2xpflOLiYuky/dWUwyIABBBAAAEEEEAA AQQQQAABBBDITYHGVZXq83+hTNv459xMYB6kio66XCxk/Q62IznUg/3tvw8oNRyVHEpVLpYcaUIA AQQQQAABBBBAAAEEEECg4woUnOpPe1M6+ySOecRzrOOSZDrldNRlWjxmfD55aWKhFJ+serBf/jzm 1myAAAIIIIAAAggggAACCCCAAAII5KTAZ5uly3eKpfg7E6SeO3/iKiI66uJiys5GT171tDTzXLjs 4BMrAggggAACCCCAAAIIIIAAAgikJPDGwlHB/YtTCiefdqajLudKu0CG3/lkMFVzZUk1d9XlXBGR IAQQQAABBBBAAAEEEEAAAQQQiC7wl+1yxxOBTc5ZcJP0KYi+OWsDAnTU5WBN6H7BZFlYHkjYI9PX iBpvlQkBBBBAAAEEEEAAAQQQQAABBBDoMAK7X3hUav2prZAnb7qow6Q72wmloy7bJeAYf7FMfPSB wJp9t8vKd/7quBULEUAAAQQQQAABBBBAAAEEEEAAgZwT+L975KEZOwLJunuhXNYj51KYswmioy5H i6bk0iqZFUzbL2dvY7TVHC0nkoUAAggggAACCCCAAAIIIIAAAnaBxrX3y5bgonU/v9S+kndRBU6M ujbPVrYdqpUN2+pECgpFfF455cfXy5DeXaWlsVbq6hql5ZhXfGqUktKy/jL4kn5S1J6/rz6xp0xZ c6vMm/iUyOvXyPrGMXJ92d/lWYmQXQQQQAABBBBAAAEEEEAAAQQQ6FAC3+yXhVXBbrpxa2XkqR0q 9VlPLB11liI4+NsJct0tTaElw/4sD/3vTXLv0g9Cyyxzj/2uUaaPOtuyJL2zp11dJVNVR91zKthJ j2+V658bnd4ICA0BBBBAAAEEEEAAAQQQQAABBBBIo8DBzcv8/Rh6kEvvGyvteY9TGpOdM0Hx01dL UZT804NyR9UYqTCWvTrX1klXXh4c4SG4fsZVZTJ68R+NrdP/esI58vNlIwPhLh8jrxxKfxSEiAAC CCCAAAIIIIAAAggggAACCKRF4HizLB+jfhmoT0NfkEnn8cvAAEb8/9NRZ7HqfuH18vjSjTJjgmWh mp27eq94v9aktrZWNG+rVC/+ibnB727tJ6sa/8d8n+6Zftc+IJXBQK98+o10B094CCCAAAIIIIAA AggggAACCCCAQFoEjr61TOYFQ3r0fu6mSwaVjroINfUQOsv06NtHZdbE86XA+JFwQZEMuuU/pWHT reZWk2ZtNOfTPvMP/eXeuWcFgn3kDtnhSXsMBIgAAggggAACCCCAAAIIIIAAAgikKNAqy29/IBjG fLlu4HdTDC8/d6ejLlq5q9s0b3GpWGWj75eFxi9h/+SR9uw/G1D1TDCVtfLYinb8qW00C9YhgAAC CCCAAAIIIIAAAggggAACLgJte1fIHWp8Tn2653c3Sc/ALP8nKEBHXRSwUdcNiPLQw0LpeWZw5307 pcl+I16UUJNYdcplsvX2wH6v3zpPatszriSSxy4IIIAAAggggAACCCCAAAIIIJDPAj7ZNPO2IMAM mTrilHzGSCnvdNRF4Ws60BplbWZXDf/ZimCE6+XB33yY2ciJDQEEEEAAAQQQQAABBBBAAAEEEHAT +HCdXLstsPKG1VPkdOPxYW7bs9xVgI46VxqRDx5Y6H732l/elMfWBXceWil92nu84TMmyNrgIBcv /2S51B+PknBWIYAAAggggAACCCCAAAIIIIAAAhkS+O3CycGYxsuMsWdnKNbOGQ0ddVHLdb30v/4F aQ7vFDu2X+ZfPlRqg/v2HVgW5SeyUSNIYGWBjJn5bHD7x2TZ1s8T2JdNEUAAAQQQQAABBBBAAAEE EEAAgXYQ+HyzjFkWCHfoU7Pa/0amdshCLgVJR12s0thwk3zv2yPl8ZXbZNfualmz5F7p8p2+cm/w AYki4+XFuy6KFUpa1nftN0GeCQ5g8eRVz0tzWkIlEAQQQAABBBBAAAEEEEAAAQQQQCA5gZpl04M7 Vsp9k89PLhD2MgXoqDMpos1skRmTR8jFA4fIdb+cb9lwvOz4aJVUtPfPXs0Yi2XiM48E382U5dV/ NdcwgwACCCCAAAIIIIAAAggggAACCGRU4OhbMn32n/xR9n1wulxclNHYO2VkdNRFKdYbVjeKt3W/ rJlzu4wI3snm37y8UuauqJbWr9fJkDO7Rgkh/au6XzRJjK7C+xZsEwaATb8xISKAAAIIIIAAAggg gAACCCCAQGyBvSsXmI8Fe/jmS2PvwBYxBeioi0L05TGRgqI+cu3shbKlVhPt6+Bf7Ssya9IgKcrK KCY95cbNvwyk+vU9kc/Pi5IfViGAAAIIIIAAAggggAACCCCAAALpEfBJ4/95JRDUlFdlZEl6Qs33 ULLS1dRh0MN/0pojWiUjF0j9rlHiK76AIY87TGUioQgggAACCCCAAAIIIIAAAgh0JoECuWbpfvnH Ko+UXTKwM2Usq3nJka6nrBrYIvcdaZID6wKLmg62iMdzinj1UV/VX3GPIinICbEC6T1giC3dvEEA AQQQQAABBBBAAAEEEEAAAQQyKqB+hTj48ozG2Okj46evliJufOknUnjyOTIzuOyD+wdJcXGx9DxZ /ZUWS+G/vWbZmlkEEEAAAQQQQAABBBBAAAEEEEAAAQTSJ0BHndXy+BHru8j5blrkMpYggAACCCCA AAIIIIAAAggggAACCCCQBoGc+CFnGvKRliDKrt8i3pEe15FUi7rl6TjDX/8t4NvsTYszgSCAAAII IIAAAggggAACCCCAQA4K+A75E+XzdsnBxOVHkuioCyvngiL1HLqwZfn+tmvJBbJ6xWrRuvfBJt8r A/lHAAEEEEAAAQQQQAABBBDotAKl/Weqz/9T5JRzTum0ecz1jHXR1JTriSR9CCCAAAIIIIAAAggg gAACCCCAAAIIdHYBnlHX2UuY/CGAAAIIIIAAAggggAACCCCAAAIIdAgBOuo6RDGRSAQQQAABBBBA AAEEEEAAAQQQQACBzi5AR11nL2HyhwACCCCAAAIIIIAAAggggAACCCDQIQToqOtu6RTXAABAAElE QVQQxUQiEUAAAQQQQAABBBBAAAEEEEAAAQQ6uwAddZ29hMkfAggggAACCCCAAAIIIIAAAggggECH EKCjLkox+Q43ScPHLeKLsg2rEEAAAQQQQAABBBBAAAEEEEAAAQQQSIfACQ+oKR0Bdbowvtkvo7uX yW1LFsopY2fKP51yQqfLYtwZOrZf1j61VP7wt3+UijN6xL1b2jYkfvypf3l7/LU17pCnfr1JvP/Y X04/+cS0NSvxBkT8+FP/OP5of2h/Of9w/o33uiFd23H9wfVHPl9/pOs46tDhaEzOAsc/0KaKaKpw taV/bHPeJk+WNqyd7HcQqdI++TrzmSZ+/PXjkPqXj8efV1s7IdAOy5RNmW98NOLHn/rnb385/mh/ Mi5A+0v7S/tL+6vqAOefjLe+Wtavf7OQ5RyMkp++qhaQKYbAcWN9q3jMeWNZBl7NOIkf/wzUt/Ao qH9BkSwdf0Z5fNqW3ccQED/+Rl3Mxiv1j/qXjXpnxEn9o/4ZdSEbr9Q/6l826p0RJ/Uvu/XPKIc8 fKWjLg8LPZUsF6Sycxr2Jf40IKYQBP4p4KVh13z3TwMhQSCAAAIIIIAAAggggAACOS2Q+QcO5DKH Z4/Mvnm21B7rolLZLFuDab35/AHy2+El9pS3iFw0e5HMHnu2fXknf5ftgTWIP7sVDH/8sytA7Agg gAACCCCAAAIIIIBA5xago85Svm0H35J567ZZlhiztbLVYfHWcVfKDO1syfZdLkYq2+u14ET9EXX6 VCwFWagxxI8/9S9fjz9L6/odLQttLfEHjj31P/7UP7MyZGqG48+U5vjj+DMrQ6ZmOP5MaY4/jj+z MmRqJt+Pv0w553Y8Weh2yV2Qrn0ny9svnyUevTk6Xq/ulrtFalVyb1y8Rq4v6y4+6+1E6rlVJRcO yULD1Z5+rbLpscfl7ZY2KSgMNRCf710ZjHSZnHNtd7n3h13NRPi8PimfdJ9cV/5dc1nyM8SPP/Uv b48/T70smvO8upe5QLU/Rivik73rgvMbrpWx934gfYxVqu3xaT1l4v23S0WRsTCFV+LHn/rH8Uf7 Q/vL+Sd4IuX8y/VHsCpw/cX1Z3tef6dw6d7pd83BAS5yI0mWUV9X1udGkto9FY0rgqO7BkdZCo56 qw6CwPLycuf1Q19SY8OkYSJ+Z1/8qX96Hejkx1/DyhFR6395uXO7NOrFxjQ0PppG/Pib5zqjzbW8 Uv84/pzqB+0P7W86TkCcfzj/OLUvxjLOP5x/jLpgfe0s5590tKGdNQzuqFM1Ptbk/fp/1CZ/F2uz jr/+jJGy8dGZ8rani+1Owc/3PiTP6Q/sq6sTGTZb5lX8P/EauVUzvScNN7c/+u4qmXjzWik4K3RH nrFp5KtX/va9ybL2iWvEf0MM8eNP/cvb469s5BxZOK23fGm5m1fUOFN75y+ULUbzM/Mh6S9/M5sS 399OkokjQs8J3btsmty76b+koJu5ifvMMZ/8YPR8WXTz+f5tiB9/6h/HH+2P9dqN9pfzD+dfrj+C H/+4/uL6M8r1t/vFNmtSEuisPZAp58tyR93SP7alHFxHDuDA2knBO12qtP1fR89Jw7LKqHfFqMoa tr5S2xPjdjzixz9Qb6h/+Xj8rZ0QbDPGrY3e+Kj7etcOD29fYrwf+kLMu4GJH39/+0P94/iLKkD7 Q/sb43wTfv3L+Yfzb9Q2RdO4/uD6o2Ncf8SoyKxOWuBbqgIwxRAozIOb6aIR+I7ro+DqU6v41LP5 ok0F3U6KttphXc+YA1QQP/6BikP9y7/jz/Jg0K+6qPvrok3q2Xbx3ElnDeI7ah/r+4h5S4zEj39E /bAuoP5x/FnrQxzztD+0v1GrCecfk4fzL+dfszI4zXD+ze7516lMWJYOAX76Gofinj+1qsEkTolj y86/SfQPtSKnXbNCWi9bLN7jXik80XwiryOMf5tupVKUQC0kfkdKcyH+1L/OfPyZFd1lZvQar7Q+ 06ran0LV/rhsFFystz/FPUqjb5TgWuLHn/rH8Uf7Q/vL+Sf6yZPzL9cfXH91ruvP6Ec8a5MViPFR JtlgO8F+6s6x1mA2dtQdEBkV1lF33CcH696WXY2fS9nl46SiJDQSaifIvWsWLN/vuW5T1KNIPXMu 9jCM8WwTHgnxh4tEvsef+hfPsRXPNuG1K9vHX3h6It6fWCBFqvMtdusjcbVREeHHWkD8+FP/OP5i tRNqfTLtb8xgaX9of2h/aH9iNhS0P7S/8Vwlx1GR2KTdBfjpqxtx155ycXDdBw8MkMc37hWPxyMt jbWyadk86f/tQun1o8vkusnXyeQVH7qF0imWF5yoP1ZOn4oTuvstsE/q/xM//oFaRP1L5O7T1I+8 QAjZPv7MfHy/a4yfSZlbts8M8ePfPjUrvlCpf9S/+GpK+2xF/aP+tU/Nii9U6h/1L76a0j5bUf+y W//ap1Q7RKgnPKCmDpHSjCdSdcT9uIssXPmGP+btv3lWFixYIAufXir/3+YaabGk56GHFkj/73Xe O+qKzjxfzu5+sgybMUWGnNXDkvPMzBI//tS/fD3+TpSzyn8sRSefL3dOvU5OPznTN4ETP/7UP44/ 2h/aX84/nH+5/sjMpz4jFq6/8vv6y6gH+f3aRR+GIr8Joue+cfMSmT7ql6IPz22dzh8/XX4xcayM GD5AesZ6cJp1R+YRQAABBBBAAAEEEEAAAQQQQAABBBBwEKCjzgHFaZFP/ezVGHGxoKgo5kilTmGw DAEEEEAAAQQQQAABBBBAAAEEEEAAATcBOurcZFiOAAIIIIAAAggggAACCCCAAAIIIIBABgUYTCKD 2ESFAAIIIIAAAggggAACCCCAAAIIIICAmwAddW4yLEcAAQQQQAABBBBAAAEEEEAAAQQQQCCDAnTU ZRCbqBBAAAEEEEAAAQQQQAABBBBAAAEEEHAToKPOTYblCCCAAAIIIIAAAggggAACCCCAAAIIZFCA jroMYhMVAggggAACCCCAAAIIIIAAAggggAACbgJ01LnJsBwBBBBAAAEEEEAAAQQQQAABBBBAAIEM CtBRl0FsokIAAQQQQAABBBBAAAEEEEAAAQQQQMBNgI46NxmWI4AAAggggAACCCCAAAIIIIAAAggg kEEBOuoyiE1UCCCAAAIIIIAAAggggAACCCCAAAIIuAnQUecmw3IEEEAAAQQQQAABBBBAAAEEEEAA AQQyKEBHXQaxiQoBBBBAAAEEEEAAAQQQQAABBBBAAAE3ATrq3GRYjgACCCCAAAIIIIAAAggggAAC CCCAQAYF6KjLIDZRIYAAAggggAACCCCAAAIIIIAAAggg4CZAR52bDMsRQAABBBBAAAEEEEAAAQQQ QAABBBDIoAAddRnEJioEEEAAAQQQQAABBBBAAAEEEEAAAQTcBOioc5NhOQIIIIAAAggggAACCCCA AAIIIIAAAhkUoKMug9hEhQACCCCAAAIIIIAAAggggAACCCCAgJsAHXVuMixHAAEEEEAAAQQQQAAB BBBAAAEEEEAggwJ01GUQm6gQQAABBBBAAAEEEEAAAQQQQAABBBBwE6Cjzk2G5QgggAACCCCAAAII IIAAAggggAACCGRQgI66DGITFQIIIIAAAggggAACCCCAAAIIIIAAAm4CdNS5ybAcAQQQQAABBBBA AAEEEEAAAQQQQACBDArQUZdBbKJCAAEEEEAAAQQQQAABBBBAAAEEEEDATYCOOjcZliOAAAIIIIAA AggggAACCCCAAAIIIJBBATrqMohNVAgggAACCCCAAAIIIIAAAggggAACCLgJ0FHnJsNyBBBAAAEE EEAAAQQQQAABBBBAAAEEMihAR10GsYkKAQQQQAABBBBAAAEEEEAAAQQQQAABNwE66txkWI4AAggg gAACCCCAAAIIIIAAAggggEAGBeioyyA2USGAAAIIIIAAAggggAACCCCAAAIIIOAmQEedmwzLEUAA AQQQQAABBBBAAAEEEEAAAQQQyKAAHXUZxCYqBBBAAAEEEEAAAQQQQAABBBBAAAEE3AToqHOTYTkC CCCAAAIIIIAAAggggAACCCCAAAIZFKCjLoPYRIUAAggggAACCCCAAAIIIIAAAggggICbAB11bjIs RwABBBBAAAEEEEAAAQQQQAABBBBAIIMCdNRlEJuoEEAAAQQQQAABBBBAAAEEEEAAAQQQcBOgo85N huUIIIAAAggggAACCCCAAAIIIIAAAghkUICOugxiExUCCCCAAAIIIIAAAggggAACCCCAAAJuAnTU ucmwHAEEEEAAAQQQQAABBBBAAAEEEEAAgQwK0FGXQWyiQgABBBBAAAEEEEAAAQQQQAABBBBAwE3g RLcVLEcAgaDAsWap3r1X5MSeUnFJPyniqOlYVYPy61jlRWoRQAABBBBAIO8F2g7Vytt1h0U7tY8M KT8t7z0AQACB/BLooqkpv7JMbjurgH5C37CtTrz+DPqkpP/1UlnRPeXsNj43RHpXVfvDWbynTW6p +LuUwySAJASONcnGtTXSauzqEzntX8bLkPOilzHlZ4Dl+Oux/bJm7e+Dx69IwWkXy3WXl+V4okle zgj4VPuw0tI+SKEMmDBR+hTlTApJCAIIJCnQ9vHbsqqm0bJ3fh3fOZ//djl/++SF8kK5SX1PLlIp e7yvSEWBpQqkc7Zd0p/OBBIWAtkTyPn2J3s07R4z9wa1OzERZErg4G8nyHW3NJnRDX3qx6qj7nzz fbIzLYcPmbvu+OCA6qg723wfbcZ3uEkOHCuUXmeWSntdW0SLv7Otazu4WcbdfJstW0OfukB11EUv 42TLzxZRFt7kW/1pO7hDrrOWb98XZNy+Mo6dLNS9jhhl28eR7cPi/uOlT5a+WGn5uEF8BaXS61R6 Cjtifcr3NOda/T346n0y9ZbAF6ZG2WTz+DbSkKnXXM9/e52/C89Swv6Oui1S/6f/kYrz2ueL8vZK f6bqB/Eg0J4Cud7+tGfesx02z6jLdgl0ovgP73hQunTp4vg38+XPRT7f7Lju3HveSItCyT89KFMm jJWKYGgFBenpHiuQ0E2nl/XtFV9av9kv40vPkD5n9ZRl7/9PfPvkxFbN8swI5zJ0KtvHdv01Y6nu 2qO/3Fs1RaZUjUmojJMqv4zlyiWiDlZ/ju5d6nhsd+lys9QeC+WxZu7lzttN/a1oJ/eXWapsR5QH t+9ZGNqRuXYXOPzK3c5lY23TKypk7O3zZcu7B9s9PYlG0LU02D5MGG7uWpClryLbPnxWep7VR07/ /vVSq+78zdj0l+0y0lpeUedHyo4jGUtZzIg23d4ndv0Ly8+5M1+NGS4bJC6QtfobJand+9+oru/U +T8Hju8oyWy3Ve2Z/73PXel87I1/STxGjo43y/wK52vD29f8WfTrs/Y4f3s/MhJQIX1Ob59OOj2G 9kq/kfpYrzX3ljmXQZf+8sphkcOv3Oq4/p7X1WerzjJ12POXT9b+1PnYWNUY/Pz3yTrH8uuirn0z eYmQbFVpz/Yn2TTly35ZuozNF978yqfn4P9xzfB7HtUUHTNP+bbtPtj8ufgeVj91sy1N/E33C6+X 535zvbx0dRe5dl3i+7vtMeDffis7/0mdKeWkhL7NKw0GmGq+3NLVLsu/aZWt2+IPeccHLTJj4Hfj 3yGVLUt+LPOW/tgfwkue+Ms42fJLJanp2Lcj1R/vof0uWV4mTZ6lUtFNX+2Tz3fvcN7uD6ptOGW0 zFXle/ClydLr2pXO27G03QQ8h9+NHXZdnWzS/564V+S8+fLJH+6R03OlgftfwfZBdXJ3WbdNnoud m3bc4u+DYRemfF5LJJFtR5pkS9w7bJEDzepDRI/2+/Abd1JU2+CpaYh/8+CWH+w56v+QkytVMOEM 5OwO2am/0ThKBqjrO/UnOXF8R0tp+6xrz/wffucV50RvqJUvj18TeC5zl1aprXPe7LUj6vytrs/S f/4ukLFr98gPPlXX391Olz7+6wjnNKS8tF3SH2+qfHJw64cuG9eK51ib+DwfO66vPah/rjrFcV1H W9hhz1/Hv5Tapc7arcF+ujbvl84b6Ne+HWBqz/anA2Q/q0mkoy6r/J0r8rLrN0h9/wPqhFIvswdf 7//AMHNFtYzvWyK9zv2BGoxhgmyrmizDlxn5Hi/rq++VgeX90vhhph2+m+jRRwZf3sdIdOd+PeEc WfXpfjnQ0hbIp2ohGtffLRPnv+5/f8/GXTLhVP1jkVf9O0n6lMf3M+D0oiVYxvlUfumFjju0kpFP ScP270nvy+/y73P5i3vlxcHfFd+JxdKrxAimQK7Z2Cr/cqhV9cp75Y05V8vEZaqDb+rz8skTN5ht gO94F2MHXjMoUHbNSqk9X307fyzUfssVi6T24UtFjquEHG+Vuh2rZMp9LwRS9f5MOeMXvcX73Giz 7DKYXPeo9LTm0JRga5VSyrue/VNpfv9H6pELIoX+q7svZeP9l8m84Jcv69+pldP1GI57/R98y8/N hU46PUEFcu22/dJPnXds55uX1fmmJKwbLuycpO/N1H4Cmay/ceUix47vuNKczo3aIf/DnvlSqr9/ tQy+b4c/pUtrW2Tkd1Qb0aOXlBqfEvVrw9bP5LEjXaTgeL0s6n2ZPK62vvHZ3fLMTaHHj6T7/N29 rEIGl6UTMHpY6U5/9NiMtar92/6J9Pv0qHg+/I0MvvYRtaJSVlXPkz49SqT8zK4ivZbI9Elb/eb+ vcYvkh0zh0n/c7NxDW6kO72vHfb8pQYanNuyX0ZsXymDJ+tlp6Z7Nkn9tedLr96Bc2zXsqulXp2b fUdC11d9H9wkL988PLeunwKpd/+/Hdof98hYowsYTTAaCKQuUFAkvcvV79a++Tsx7gbqfcEgKe8d CPrw75faOune+mKdXNwj9WhdQwj+9LWlsVbqGhrUt1JdxKuuOkvP7CMDB6jRW8Ou/63hHNy9QXZ+ 0CaFlm28WqmMmzgoM6O+qpFKazZvlK2btsrOjw+LaD2l9KxSGXDJYHXi/otsW/mcfDPsP+T5X15k TXZa5ovU6Frlp4aCKv7wlOCbKrn+ygHSx7XV8MneTRtkj3Iu1IcEOKGPjL26XA7WbJDly1ab+Sgf c53ce/u1cnqMb0f1E9quN+uk4ZBH9J8xF/Y4XfoNGCh9wj+4hZJqzqWj/A7v2ykbX1otW7btlRYV cmlJqZSUD5Gxo0eoD7v7ZeNv66R7/0nyi7EOF0o+j+zavkVqfl+tvoU+LAcO6yGoYjylv/rp7s9l 6th0dk77g474z6Mevr1x7UbZsKnGn34j/usmTpSJEwZJT0vdjtg5iQVlgyplnNwlG9S+FxSVSOmp wXqjLBoOqvx36ym91fO6Ss8s8ofexRO4C2/UhQOd68L3u6oOhWbZ9sJyeW7T7/2GWsnpct31s+UX E8+PeXGj14E1L6yS9e/9ORBfXRc5Zfxg9Ry862Tc5Q7+vmbZuu6NwE99fF7p2neIjLuwu9S88Cv5 lSX+cdf+XF0wD4oZfxKE5i563a/eVi2731T151CbtATrT8kFlf76M+7CEnPbtM2o8im/sKet/R41 cYSUWzrjywcMlpt+dpOM73GJv5xl+XNS/6vREQ/4Tj39PmmsWS+rVf3d8t5BfxZLS3pJv0HjZfyY QdJl3zpVrn+V8mt+IePO7W4ncGyffLJbtU31/rYpuLkqY+2MIXLd4NPs+wffJVx/LKGommtOmf75 bem55eb5V0/Eh0Y7O26tqs/G78rN5DnO+A7Xy8Z1qu3YtjvQdqnzz2kX9pYhlwyUYs97svqFbTLs 8W1yy2Dj3OAYTEILC0rUeUdVa9v5Zrjz+Sa0jSWKtB6/ydW/tsYdsurN/zavG/TrjfIrJ0qFfrjq 5/RNa2T1ZnVMq3O63paNGP0LmXHTpf5risaaVfL2x98y9w3krED6jRkbvJNInV83q/Orupu80Mi2 3k6pOjxO1eHD726RLXuP+vfX4x1wrRpIpZtPGt59W+oaD6prH7VQ1Bcn/Spk4IXRn/2ZjvqbyvGj Z++oum7b+W6dtKgbTvRLueLT+ssAdd1WWmjm3lBI+2tS7Vda61+G86++UBt09WQRf0ddhZSWqvO3 XmfV5FN36R440iZF6vqrtEdP6aWfvr/50vxJ7IB/rhDHNi7p87dDW62uJ7XuanCpUWX+NMX+L7nj 1xZu0um3hRL3mwLlW65/HvruB8F9CqX8kn7m9fbuX98a6qQb97y0rr0x6meRRI+/VNufuDMaY8OO fP4aNDB0Q8fKG0dLb/35isakjrHe5xbbrq/umjDa8kW2saE65tJw/k20/EOxB+ay2f6GpyXv3+uj vjIhkFaB4x9oU1WfhDq4tKV/bPMH3VKzwP9eXyZSpe1pTWuMlsC82toJgbhl/HztoauD88H0BOIP LFvyeoNlP+usV3u+n/N+i4P5sW5tzre+p82aMFwbMXyE+utnyW9FcJm+PPjXb4Q2Z0Ojuat1xrdv hWVf53T48zH0Bc1r3bGd5htWTg6mZ7y2P1qEvvc09XzA+NIuldqOFrcEf6ltfexK13BGz1moTS8P xDPqWSfDJMvPSM7Xn2lrpvVxjd9ah6SvQxkceT22w7mLtM++NiIMvqap/mhff6mtmTk0ZvqX7Twc loAU3yq3WcHyt5bLrrmhOrHdPO6/1BYGy3BOWDpC9S20n81cj0PVfTOo8GR/oY7DYNgR+5n1s0rb 8anPtqdv35MxzczwnMrPFlrybzw1j8RMR98Ha5KPINaelvbbWo7W3RqWVZppXBnWJqac/pY3zePb 9DbLzV4nhj6115qswLwl/cb5R1NtU6VjGKpNCz8Ok6w/nroV2lijfS8vN32kvDLU7hvr+43T1oe5 RWYkHUss58OhL8V1vojr+FOWQx3b3tTTHIp/vLbHPN94tV0r5mgzF2zz58Gsf5ZzYNqO36Trn/N5 Z9SLjVpL3cpQfQirh7f9TrXDUc6dC/YErqHct/m1MomMe5g6TxrXYZHH0XjtlXp7+5e2+pvk8WPW nK8+0BYa13BhVno+5i2eZ55fzePb3Dn1mWTbr7TVv2zl/9DLZh0NuX6pzTfLYH7onKuucQLtaYW2 /Qu7eej4tbfVtjoY7fzteixUWtoDe5y2d0kfv4FQUk6/LTGJv/E1Gtf/ofav+rHLzLKRcWtD5eAU fDLHn6u5aPG1P04JSceyjnX+CpVd6LNvhILT9Yllo7jqnzomXc+/yZS/JX4tW+2PNQ3M2wTE9o43 CKRDwNIQrfzIp9kvfGZoe75KRyRuYVgadvMCQ79gqNDGqk4028WCWn/Vsw4f9FTQdUvv1sZUTdGm 6H8TzjP3C13ARMbvq0vgg74/bfoFdvj0meXCSLSZS7dq9Z82a00NtdrWpfeY6fDnI84PXuExJPo+ dOKI0VGndxDNuV19WLV2UgYu1sZMu0NdXFeYF9j+9E/Z5JD/L7Wnh0e5wLOVqWhuHQnJlF/A5TOz A8msK8Onqg8Hv9LmTRtt99fT4lAG4RfsN818Wtvw+k5t64rHbPnXP8BZp/TUn0i/2x9do+18p1ar rV4f0XH96NtHrUlIcd5y7E1ZGyzbYOddsOPitg3BzkHVRowLlmX4MRWqb0Y9qNBmPrpc+9WcG23+ d7/m0NGoOjvtHTKV2mMrtmq1tbXazpeXmXEGyrbS/iFDXeDMm3aTpgazsMWjtx136GWvOlzMOqHS fsNqe/mliGfu3rhksCUelffFqvyqd2prHr3Bsly0lQ3BD/DmnmmasbTfbseXNY3h5Wddp9sllH6H Tu7hVbO0xxc/rk23tMNGOTimz5J+M21qmbGP8Tqmarq2JPzLkhTqT+OS0yPiMOJyeu3j1MmYpiIM BWM5Jh3aqtB2wTmb/3ht2ct1WpM6/9TXvqUtn3mVLX+O9hEBJr4gdPxXhTpRzfZCfVjXO1Y/3qyN U8fpjU/VhCJIx/Fry3+gHUik/rVULw1cM1SNsVlZy3/EhLG2NmrU6oMqD16tWp3fw9ueMbcttHyp qb7AWjw3rA2r0O55MXANU6c6MtVAC67xqh87RKxb/IdQ+5+W+pvC8eMvyCNv2mysbk7z5vEdqgUp zyXdfqWl/mUx/+YxZjm3Hd4eqDMVgbqz7tMAb6hDIvKaMHT8GvUtgfO3Hrz+RenMG83rb/04D5R9 ZFwRhZ3i8auHl3L6IxKV2IKQbZX2iWrrqudYOunUdZXrF5R6NEkff6m3P4nlMt6tO9b5K1R2SXbU 2epvEuffpMs/WB450P7GWzPyaTs66vKptDOVV8sHJVF3EIQusCpDF97tlhZLwx7sCHhU3Tlndoh9 7dXq1syxpCmOD7wfG99wRWl89fyojqq3X96ibXl5p7Zl4xKzU+ZG/YP26/pyy9/GLdqesDt6/CS+ UAfGDf4L+DAo1ZCa35Jb7iYI2yqtb0MXLnFcKOkxW7xExms7VGetOan8GXdd6etCd0wEtmhYaa0v 47X1tZbb7ryfaRvnjLKVXVwfFi3piXVhH8qrfnFYqa2yxq8nUf+2ydqR6PThV9WD6jWrVedcndYa frfOsfdCH7TCyy8N9efApltDPsPma/sdOsUPbLff3Rr1Lkmz4OKbqVsyMhC/4XLoN6H06Mej+jbY fyx6jA8kqg6EpdFWBuOet915aLvb1AjLTJpX21RlXNSLdsWD2yL99Q/E1rs1zQ5FMxDtwNpJoTRf sUj7xGw81I0vqoPAvGs0vPxCQaQ298V+bfXS1apz9UBEOL66Z820uX6jGrFXggss7bfz8fWltty8 46VSeyv8k0PS6Q9ru8+br+1psbQdKhu+hs22D/KO6bOkf+Wf9J1Um2N+2FNfziyocagXulGK9Ufl e2ew/d+4eFqwnCq0JWu2BpeH2v8NG6u1T8LqvZ6C9E8WU+OYjBKJ9fjy24Vt63m3/euf9fgfM22W du/Me7V7zS9JIs8ZYUlM4fi1WOltVbL1T0+QpQ6a1z/jntH2m3cfebWG6le01aoe2M4Rql002xeZ rX0Wnjn13uoTUUYR8apz2Duhc6hX1dGnq/qabYj+6wbzjtKU62+Kx486/sxfQ+j+qu21Hv/elj3a Q9Zzr9om1vncgS/2oqTbr0DQyZ8/sp3/0Jd8RrvasumXlrqivhgNfrno2R2861udA8Obf2v9lITO 385FE/KMdf0Z5pfk8Zvu9Dvnyn2ptbNnxATL9bBqv6NPqR5/KvRU25/oCUxiraVMO8D5y1p2rm2T pY0O3ya182+q5W+xzmb7m0Qt6ey70FHX2Us4G/mzNETmRap+4Ku/G5+tCXxQb7d02Rsb6zfG1ihb tj8QugBRH/ijTXE1vuEBWAxW1oevjPLe0lHn3NGg9tU7i6qGabc/tTtKQOlbFbpwiXWhFIjT6vWg wx1bnhrDPiw8i5neSRb+kwojR7ssPwMwLiiNdU6v1vSEnxht29viF22d/iHfaVJlFFdnqeoUbn5f 3cml7obS/97eVas1tTSFPoxEdDRZIrOkJf76E/o5qd8v/AraEvzWab3N+h/VxLJPPLMNa42fSQc+ ALZYO738bUCl9qbeQWH+vENtZ+kI0+MI1Tf1E/mwdfp6szMu/MLNY/nJsfppqnv2Qz/Rde4sNvKg 6qBDINVzfxiwi1Z+ekJTnbytWv07bwfrz9ta7Tv1WvOne8yO3njqflJJsNS9q/S7vvTOZv3P69Va 3t9hvyszmkGi6bd0qIvMCHUghGXCejw7dlZa0n/70uWhY1XVv0df0+9ecpnSVH/8oZt5sXSEuETb vost58Pw48UhYusHhTm/U3eMhn/RoPbxvb9Om6q+gFv8tsMdrQ5hJroodPwHrhns1xBh5wyHwEP7 J3j8mmWmx5tC/dPTZD1HqHp3hfqpukNT5pB6dTf/o0PMtvm2DWH1VX3RY94xrO5Ij5hs8apOdLNj 0LqlV9t4e8jW8c5g0yKB+pvq8WPGqdKmP1rAmmRz3n7HezrPXWYUxkyi7Vdwv7TUv6zk36utuTlY L4LXxOa51n/u1ssl8CsQ8wtVh/Y/lP8Ez9+Ge9hrKLwYx761/qRw/IbiS0/6w7IT8631/GZv+yq0 qI8rSfX4C6YspfYnZu4S3aBjnb+sZefaNlmuT8K3Sen8m2r5W4+frLQ/idaN/Nn+RNUQMCGQMYEX fjpIPvPtldd+GRolyhr50XdXycSb10rBWfE86d4rf/veZFn7hBo+3hqIMT/0Jan60XeNd7bXkst+ Kc+UPyA/q1OL/9TifzCuYxi2vZJ74/1aH587ztH1TlAPHA1G89r9w6X4fvWmvFLGXFCixlgtlpKT i6RX3woZft9v1YP5rY98Ti5t7bvXeBlZEenfvdQ/7mBk1Adr5bng0nMWzJLLXAYaGfDv90vljB3+ UYUjA0lhiXrYdmtw975318h464NgrcF2PUcer1shrTctkh9UOjyU+1iTqpPzZKIxOqZ1X+v8V/GN bhp3/Wlrll16ffZPW+TpJQ/JH/Tnh4cfSur9rCcagtuJ7PqgRarO+4H5PpWZXuWXqd1XqD8ledwn v9+40h/cqnfq5Oj95fLzbeqB5+/8VS48KThU/dAhcnp4+owEjFMDpzisK/tn9dDrZXoc9qnt0yap NRbtu10ef+xv6qm8avRLY5n+qt4XFHwi88xl66VeDdZQoY+qFj4NnSQ/dmgUSk+7SG35J5E4yy88 2Fjv29QgIE8/+m9yxzLjodKx9mi/9b+7tZ90udUt/ArZ/OQ1EdUr2fS3faUGoAlOd792h/kQbWOZ 8dr17ElSt6Zebnp0n4wMDkxirAt/XXTzFHORukNZZgx1r+fprD9tx41o9eNAzXeQK62uxaEKf99V ZXKfSnq/4eOkvxoERroVSUlxqfTpN1Dm/GaLlBqDVBhZTfurGvVw1+NS0U31W7XtkRkXTkqszU/w +E1r/bOW963b5NX7Lo1bp9/PHpDKO3f68/rkuOVyy9dz5PRgeHtfuMs0WHfX6MgwLfFe9exDLoN1 FciY+96UykWX+MNq0UfhDpuSqb+pHj8H391upuLR/5gialgbh6mnTFn6iNxx4d0O69KzKNn2KyL2 BOtf9vNfoAYvGCGydKv/3Ob7Zr9sWabnqkrebvxXmV92mWzZ9+/yluffpIenzZ/dUUPLI9p/0yHB 87e5X5IzaT1+9TRkOP2R2Vb31oauaPzzVUNKxPuHo3KLw+eaVI8/I/6U2h8jkCy95tb5K3GEVNKf avlnv/1J3Ctf9rCc1vMly+QzowJXLJJPXpkmpx95S6pKL/F3xLyuPvyturRNrj8vsvOq5Y8vyda9 6kJhb7yp/JY0PXxNxKiD+t6jrnMY2dEMtlCKz1Rv6tTfvl3S5JvmGIa5eaZm1DDfsxp/I/PKrg7F WLdFNunpDJvOvW2TvPPEaPcLpbDts/HWoZ9FApd4kakJfTgQubJfr8gNjCX/cLoMVoMXbnEwMTZJ 5rXtwHuBkSzVzqf3NsYtdg6pe79Jsr52UuTKb5pkxnfOCI3OpW+hOlqnXFomcqhelq/bFrlPupao 1lyNKWVOv71vlvzWfOc+86XqUEvX1LWoVAKXl+tl1+4b5Q/r9JDHq5FD+8kJIwaLqJFMH9lRLaPO OxiIUo2s5lRH/CsT7Qj79t8Hwgz+/9Cds2zvXd8cd+kw/Y7qIMj09Nlm9SXFKFusekfJkLLuckCN grhRjUCc9anfOHnsTjVysRo5uCj8CiKF9B9472Uza+f8b2tNNhebM/2ufVhqrzXfxjXzn9dNl6lD o4w0nu76E1eqcmyj710pDZvukt5jFpgJ27ttg+PpeNqGRlnkNOK1uWeqM2rUQzU6aW+9jn1jtBNe va89MOmjmAZHdjcW2V4TPH7bq/6NqohyLrMlOPjmH34s85YMkS237FQL5sqSrT+XJ0ap0XX/7x6Z 5V+mFk951f2LpGAw4//Z+MovuMD60q3YHBn4tZ2N4rvzIvd22LpftPkUjx+fpR0u/+F3XWPq3ks9 7VatNb+Ucd0yiRUptF8RsSVY/3Ih/0UlP1LZUNffr++RXdVfBb44VV+mDTz7Yhk3XF1zqcuX6prd cu4BvW6q66Qermfvdvsiyx+xw39pP34Tvf5wSFNqi2rligU18uqdl8rh3y+V0gE/9Qf3y3+aLkO8 SyO/xEzx+DPTmqb2xwwvkzM5df5KIuOppD/F8s+F9icJsbzYJfwyOy8yTSYzJ7DyCdVJp9eykh/L ssPbpbbkcv8F1qTzF8pg7Z6Ib00Lup2UYOJ6Og8Nr0JpOhD5TbFz4MWpX6Q6B+xfWhjZHxlla5Gu Z6sHQH39pezdtlXW11RLwyGP+I75/Gk8qJYZF6j7nhwjDw4/LA8PVRfxnWw6rPLrOn3TKg1p7qTT 4+p68hmhDwBRondNl1pxeNtToU66cc/I/l/dJH1KQndrPae22furK6X8lleiBWNbl2j9CexcJatf Vp240Trh9A+63XrJRcPPtsWX0psepaJ/LNXr6Na1z8kmPbBx4/xtQMHlN6g31SIPPyfLq/6fvkZG /SjKh0n/Fkn+N36RbJn8A/HpdzO5TD6V/6KSChlc5nKAZuFCfduiUWZqRy/YJs/8bJj9zqXjrfLC qJPkpnbs7zUToM+ou4G8j1/qb3/0O8MK1F1V0fpGUkl/0ZkXqgi3+KP36jchp2E6b+oz8vDgI1I5 Ub83bL38+OSbZc9XS9VdWjECT0f98UehOhw72FVW2ehHRGu9Wbat2yg7322UA55mVf56Z3azbLV0 FD8xrkwqWzRRN3m036Qfv7rfCafLc5/ul3uPnSTlqm/g6HtPSdGFt6kOq7XifS7yrk5/ghI8ftuj /vnTkcS5pN+NC6Tylgv8R8OTVz2tfsg3R7564c7g0SGy7oEr/EFH++9As4rYrW2z7Vhoe2d/k2T9 Ter4OWJG7dEv3VzuqBfPYfMayNwhTTOptF8RSUiw/olkP//F3z89mI16WbPsNf/8DeoLb/22/AET J6sv2lbIw8uel6lyvlr2R+lzZvQvNIOBZeSl3Y7fjKTeKZLxsuj2S/0rSi66WVq2t0jp5Q+o98vk Xx+cKPseDqzzbxD+X1LHXyiQdLQ/odAyO5cr56/krttVk52O829S5Z/99iezNaXjxNbBLiE7Diwp DQjYfrZ3ymWyeuVk6T1J/9naTLl3zVh5YaK9k+C0a9RPCi9bLN7jXik8MdoFpAS26VYaeVdHEP+D B56X+rsuivzmSV//f/fLKv/dPmp+6ED3n98Fw0rlZc+fWuX6sjg70443y6JR35MXe66VPzx3ncy7 8rqIqA/ueFR6XX6Xf3ntQY96jTPsiJBya0HXE0Pfzv7nmt3y67E/cOxAbdv3tvkT2bTmwNLJ9PJP V0vzTXOkZ5QWsqWxQX2YOF1Ke4Q64hp2By5uRWbLJy/9u/mTJWs6Wz3qZ5MJTHHXH/WhVv9845+u KJexV45w9DM2aZfXE3pKpfrmfcM2kU3L/N10csPYAYF0nHmxTFeRPq4+bi73/6RG5ILTitolGUMv GSwjrtQ/THSgSR37excF06s6yDbdOSwy8Sd6VWdw5OL2WqLfDVSgjsuCotCx6RpXiukvtvwk/ubn q6XqSYf8G5GrDsuGhsNSelZviZa0Gbf/u4xQfcENhX9Rd4k9pfZeJv2/UyKfWH5OaARpfU1f/Vkm 9YfV3Q+nWkPP4flDO2Tk9y+XH76o7parmi7Dq8LSqtxrnvyJDJ6x2b+i6b//R3XUuXR0h+2a6tui U/tIeTCQlr3Bn0l+qncgpmdqj/qXdMr+ob/MWzZStlTpX+jMlYWPdZc/36m+5NAn1TaMj6M+3ac6 +mcM/lfHc8DRN9eb59ChTo9vCMSk/k+u/iZz/BR0Cz1rYuXuD9Udg/ZrQyNJe7f9xphN72uK7Veq icl6/lUGuqpjTI3Grn5ZoM7RwevjIQMC5VA2aKRao67dtz0XrDsVcvo/ZubYj8c2p47feBIczzbG FxVq25LL7pK1Ex6Qa1W5fPDIIFn1E/WrJJeO+GSOP1ty0tD+2MLL1Jtsn7++/puZ0z31Lap8HB61 cbjebHvNjY2ZNKU/mfLPhfbHYODVLvAt+1veIZBegcJv20/kZdfe7/+wrsfyn9fNklqHb5uLehRJ aYnqgFOv0f7823QLT6/1A+UyOecXL4lHP9lZJ3VB9syNgW+r9cVDK6M8Z0Ot72rprAnPjzVY27yK 0+g02VF3wLbK/0bd6XTw3Z2yZuUaqT3cFlqv7hbbpT6Iv7/8Wrln459Dyy1zpw2q9F9MWRa162zB iZafAFos3CINeTl/G++6/oyLZZYR6IZrZeaaPxrvQq9H9sgvyn8aeh/HXCg+9byysPpo2/2EM+R6 84PpXLlp/huhn1lZN/TUy/wRXaRn7z7Sc9BayzY++fyjD4NbHrYsD+3c+MocGTw72FGnfhpjra2h rdRcMvVHPTvPTP9rP5OZG4202EL2v/EdaZKalb+S6dMWSW3oi7TIDRNeon5Sfqp9p8p/Dl6sqLti Rsz9oW1lSYmqI2GTWd9cfNzWdz2zwmxb/D+vb3S/Lcvzca2sWTJPZs1ZG9E+uIVvJDPWemO7hF+7 tEqTsZO6izZiUp0k2+beoL7iCE6ulcfYIMOvKabfWn7y1HCZ+7pz+3d033oZ+e2TpM95feTipdE7 vQNfFOnfUj8pdcvUHSH+aa6cMfLX6v4w+2SNP5X64w/VcsFe/19/tUekvzvWLHU1G1T7v030G5/a b7JUEpfjyRp3m6fFf9fWEz8pk/UfW85LxkYnFsugKycY79rl1Ty+9NBdzjfR7rw393fJr9t6a/mn q/7pWTjJUgT6+3infpMeMM/zi+6cbj6WYfP0YfEF8fo1cs3i30dse/TD9XLdoAfM5Zf17WXOmzNJ 1F+rXzLHz2kDhpjRv6zq3+q6yOPm6HtLE7ob3QwwnpkU2y8jCrf6FWt91vOvJ1DdLm2vDbNloLHg exfLfCMT/lf1JaXD92zJ5t8WtOWNGZ7+YA+X9kDf3Fr/Ujl+zfgSbD8sSU5pNnS9Gp7fArnm4VAn 9aRb19iuMa35T+b4C090yu1PeIBJvbc0ni7lYQ022+evrurLRv1n+fqkP1+0SV3Hh081zy8NLors 6E4l/amWf060P+FYvA8I5M+4GeS03QXUKFm179RqtbtXmiOTDX2qRqt/v15rtQx51rL5Lr3nx/93 xYNrtdqGlvQk7esvtfraHdqs4cGRq4yRqmS8tuzlajXqphpBceMSM22BNISP7ubVmmpVHvR86H9q vnrt3WZ6z1mwTcVhWa9GYmx1GBlP077U1M0x5n6PbajTWltbteaGPdrGpXM11Zib685Z8MdQ/i2j vurpu3HBJm1/i88cfc/7xX7t6aq+5r53v5b+kfdaP90fyr8atXTNzKHB+Cq1VdV1oXW1kXnX961e cqWZvjkv12lNn4aGzmz9SK23ePrX6/kLTta64S+f8fO1ne80aE0f1WvVK+aY4Rr156pna9S6Zs1r lkGK5Xd4uz2OYbO1HbUHAmWn0rBx6T329WEjKZqjoenlq9Ku79usRnqte32VNj28Xp43W9up6lL9 Rx4j+5bXJOvPx7+xpW/YPWu1PZ96/D5eVf/q39mhPT3tCts2C/a0WeJNfdZmILO1z8yyUYMh1j1p ibtS26OPAGtMapTcJmt9Uz47VB1rNrYJXy8V2iu1DVpzqHppBzbdaglftJkrqrXmL/Tjx6u1ftHs UA4VlpFl1Si96vh8Wv3yPFC/wsJ3il/VTTN9Rj6SfrWMcKbqz2hVdrUftWjNet1fE95uiXauvl61 rU16/tIxffVZ4Ni2tN96/alVZRJoD+stx5lThKmn3zYatzLwx68M9Laz6f23tOVmWxQoo/BRX/VR lmurV5ltfPioamutx+C457UmPVzVfhhTavXHCEW9HrGMQKzOP+tr9Tw0+4+/5TNvtNXRdB9/fgPz /KVG6TXyHGxvzHPb+5HnXeuodfoxoJ+3mr8KnrzVcexp2G4bRXdzZBAWhMRmvV984j/fup5vjDxZ 2whb+5v68Zta/bOceyzHkD6CqfUY0utBk+WcF02pYVmlra7IrW9E21zTLCMKGudIOX+Gtlq//lEj jz898yp7eDY/S9BJ1t9Uj5+tltFo9fSP1q8P3z8QOC/MGWVPu1q/eJd+beB0/rTkJe7ZVNuv1Otf dvOvQ9kN5O4am17dkpGhMhj6gn1k9fDzYxLnb834DOF0rKvyfvR1df1pvf4Oa8NSOn7TkX6bVmJv /O2fyrf1+niJym/9+0228661jtyzplqrV9d3xpTq8WeEY7wm3P4YO6bw2lHPX0aWbSMlD5vvv/72 r1N1u3rxT0LHj8OIyamef1Mtf2vdynz7awjyGi4g4Qt4j0CyAg3LBocaIXVSNS8U1Xyfp/Zagv1M U9/M2davbEi9s8AWf4U9fGtaQvPjtR2fWpKlZn37/sOWrtC27uEtdunoCL9ocAtr6R+OhhKhLrTV zwPjTIO9EyQUSApzKv7KuOMXzfZBWXUyOu/7grr8U5PvPZf147X9ZmeOV9t679lx5d/a2WmUQTrK z/POyrjiF/XkoD2WTiK/+pE3bZ2wbmVuX27tLAqVXVL1R+1+YPODcaZf1TN1Mb3f6AgLRZ3SXEvN A2b8avRce1i2D5Kq3C0d+G5lZ7QdsdYHIvJq1XMuM+O3O0ceV33v2WR+2IgVvtt6cfuwa895XO88 ux+JO+1m3voGj6+4YnDfyNZ+urQBo15sdA9ArUlH+tWdb3EZnHvbWtuXJE7lY+uoU3VP/azLIWzr 8Zd8/QmHqZ4ZTztWFdmGhAeUwHtfY2LnL5uPHs/HKxx8nMzUslu3JZCyWJt6tef7ucTjWGbBbS3H nlP568dIrPYj/PhNZ/0zj9HwPMR7zNraS9FidoyGbe8av56eKxZpn1ja3/ASSq7+pnj8HP9Ee6g8 0XpgPX7Dc5HY+1Tar7TUvyznX9eqnvtDsw2Ys9P+RbCtIyGsoyHZ/BvHpx53POcge52OLPt0H79G +mLlT09/8lP09s+4vvWHb+tE148V+/Vzstc/jmkPa09itj+OgcS/sOOevyx5VJ8BnD8H2du1dR85 fMGa8vm3Y7e/FkVmLQJ01FkwmE1NIFrHwpzfhZ3w66wfCMan5cNKePz6Bzn97j6nD2f6nWrWO33M nH+6Pa5GNnSxUKE5NrjBABteXuwY3vnjp2vLNu7SPgu/ULZ+mCyvdO308ac/fF8zE6nMfKk9bdyB Ef7hwuH94retnYyfaLMcLrLV6LSBjjp1Eeq0/rwp6gN3WJJ1N2tHnOE97Lbn1TeIe8LCqdA2Gx2u 6Sq/1v3a8rA7z4w0SL8qbZn6ptON3/fRdm26g4MMn6qtekfdgqIutGwn8vPmO9dFZZJw/Qk6+pTR Qsudl2bag2V408yntR1h30aHFUHyby139S22dkIHQzQvJMMu9DW1n1OZ37bhYGDPWOstKW55Z502 1akM/Pmv1GYuXqO+6Qy7UDr0cvT4Xdbf+Kz1SwhLIpKcPVC91DEdw6cu1PaoO3FaahaYH6T0ch0W 3hmaZLwRd7M6HO+2LxVc4klH+vU7tyLvjA5c6A6f+pC609LhVi51N6ztuFJ3XK4z2gU9rS7tj95h EX4uSKr+RHh8qW19dJqtrIzjcMy0h7T16m4gtzYkIqh4F6gPCU7nOyNe++t47a0v7AFbP4j3Gz7C Me2iXPU77dKd9q3TervEZ/+AY82D7YsAl+PTbD9c1jsdv+mpf+7pvuLBGju82zvrh754jnPLB2v9 y0/P+zu0hdNG29qTfsPUeej1BrcYLcuTr78pHT/qlxFbl9zgWBduf0rdQb9vnS0/os6fn5hf9FmS n+Rs0u2XS/1KuP5lO//mXelO1+WfaQuD59Ubwr+0iXV+jrVelVf4Nbz1WHeeV180OpR9UsdvrPTF Wp9kfTN2M6+LIs67laHr2+DGts5IdWd4+PVzSsefkSD9NdH2x7pvMvMd+Pxly+5XH9h++WSru+pX Om+FX3sGd07X+Tel8s9y+2Nz5I1foIv+v6pETAh0agGfR42cGnxeQEGRGrkwyrMu2gMikfh9h1uk 9cSTzEEK9H1bj3lVsvSHGRVIsXp+X6bT3x4mMcNUz/FrOdgiUqSe1eFTg4uowR6iPTg+ZnjJbHDM Iy2H1NMG9WepqTIoVGkp6mZ5bkaUMD2qHFs8arRe9TD+4h5qvxQSn0j9sSVJpf/AoRYpUHVGT790 K1ajiKr0Z7j+29KUwTe+Iy1y4EgXKT21QLyexMovg8mMjEqv+6r+qOqjHhuk158s1P3IVMW/JE3p 96kRR1sOd1HPPSz0l5/uEG3U2fgTGN+Waak/6rzjUceh/txJUW2Bv/3I4ePPo9oLKVL1TX/+q552 df7xqvZX/KNEq/ajxOHBVPFxdritsl3/auadHXymaYXsaNkTe4Tdb/ZL1Yl9/Q8rV3dLStV5fxcy D17/JNz2p1B/Uzp+fPq5Vz/vq2Nfnbsyet2TpvYrhJ/EXDbzn0Ryc3GXbB+/2TZJ6fhTiU+4/cl2 hlX8uXT+8h1ukoZPj/pVvKod1UdV7n1q96hK6Ux/SuVP+xO1nDK5ko66TGoTFwIIIIAAAggggAAC 0QT+sl269Bjq36LvgzWy775Lo20dWGfpqFN31LmOChk7ILZAAIG8Fkim/clrMDKPQPsI5PD3uu2T YUJFAAEEEEAAAQQQQCBnBNRdXJ4jraLuIZPCAq/UPHSrmbTJl/cO3pFpLoqcUXdsHP34gNQG1xz4 tEk8JSXiPa7uhjxemFd3QkbisAQBBKIKpNr+RA2clQggkKwAd9QlK8d+CCCAAAIIIIAAAgikKNC4 qlJ6T9oaJZQnpFW7TZx/eOyTl64ulGvXue+unpUmT4z9gfsGrEEAgbwVSK39yVs2Mo5Auwt8q91j IAIEEEAAAQQQQAABBBBAAAEEEEAAAQQQiCnAHXUxidgAAQQQQAABBBBAAIF2ElA/XfWpQUf0IaOc poJuMQbB0n+6dsx175QGM3JKD8sQQKATCaTa/nQiCrKCQC4J0FGXS6VBWhBAAAEEEEAAAQQQQAAB BBBAAAEE8laAn77mbdGTcQQQQAABBBBAAAEEEEAAAQQQQACBXBKgoy6XSoO0IIAAAggggAACCCCA AAIIIIAAAgjkrQAddXlb9GQcAQQQQAABBBBAAAEEEEAAAQQQQCCXBOioy6XSIC0IIIAAAggggAAC CCCAAAIIIIAAAnkrQEdd3hY9GUcAAQQQQAABBBBAAAEEEEAAAQQQyCUBOupyqTRICwIIIIAAAggg gAACCCCAAAIIIIBA3grQUZe3RU/GEUAAAQQQQAABBBBAAAEEEEAAAQRySYCOulwqDdKCAAIIIIAA AggggAACCCCAAAIIIJC3AnTU5W3Rk3EEEEAAAQQQQAABBBBAAAEEEEAAgVwSoKMul0qDtCCAAAII IIAAAggggAACCCCAAAII5K0AHXV5W/RkHAEEEEAAAQQQQAABBBBAAAEEEEAglwToqMul0iAtCCCA AAIIIIAAAggggAACCCCAAAJ5K0BHXd4WPRlHAAEEEEAAAQQQQAABBBBAAAEEEMglATrqcqk0SAsC CCCAAAIIIIAAAggggAACCCCAQN4K0FGXt0VPxhFAAAEEEEAAAQQQQAABBBBAAAEEckmAjrpcKg3S ggACCCCAAAIIIIAAAggggAACCCCQtwJ01OVt0ZNxBBBAAAEEEEAAAQQQQAABBBBAAIFcEqCjLpdK g7QggAACCCCAAAIIIIAAAggggAACCOStAB11eVv0ZBwBBBBAAAEEEEAAAQQQQAABBBBAIJcE6KjL pdIgLQgggAACCCCAAAIIIIAAAggggAACeStAR13eFj0ZRwABBBBAAAEEEEAAAQQQQAABBBDIJQE6 6nKpNEgLAggggAACCCCAAAIIIIAAAggggEDeZjpXfAAAAqtJREFUCtBRl7dFT8YRQAABBBBAAAEE EEAAAQQQQAABBHJJgI66XCoN0oIAAggggAACCCCAAAIIIIAAAgggkLcCdNTlbdGTcQQQQAABBBBA AAEEEEAAAQQQQACBXBKgoy6XSoO0IIAAAggggAACCCCAAAIIIIAAAgjkrQAddXlb9GQcAQQQQAAB BBBAAAEEEEAAAQQQQCCXBOioy6XSIC0IIIAAAggggAACCCCAAAIIIIAAAnkrQEdd3hY9GUcAAQQQ QAABBBBAAAEEEEAAAQQQyCUBOupyqTRICwIIIIAAAggggAACCCCAAAIIIIBA3grQUZe3RU/GEUAA AQQQQAABBBBAAAEEEEAAAQRySYCOulwqDdKCAAIIIIAAAggggAACCCCAAAIIIJC3AnTU5W3Rk3EE EEAAAQQQQAABBBBAAAEEEEAAgVwSoKMul0qDtCCAAAIIIIAAAggggAACCCCAAAII5K0AHXV5W/Rk HAEEEEAAAQQQQAABBBBAAAEEEEAglwToqMul0iAtCCCAAAIIIIAAAggggAACCCCAAAJ5K0BHXd4W PRlHAAEEEEAAAQQQQAABBBBAAAEEEMglATrqcqk0SAsCCCCAAAIIIIAAAggggAACCCCAQN4K0FGX t0VPxhFAAAEEEEAAAQQQQAABBBBAAAEEckmAjrpcKg3SggACCCCAAAIIIIAAAggggAACCCCQtwJ0 1OVt0ZNxBBBAAAEEEEAAAQQQQAABBBBAAIFcEqCjLpdKg7QggAACCCCAAAIIIIAAAggggAACCOSt AB11eVv0ZBwBBBBAAAEEEEAAAQQQQAABBBBAIJcE6KjLpdIgLQgggAACCCCAAAIIIIAAAggggAAC eStAR13eFj0ZRwABBBBAAAEEEEAAAQQQQAABBBDIJYH/H6E9aqrpIDzKAAAAAElFTkSuQmCC --Apple-Mail=_89A2B98E-89F2-412E-A0CF-3E87C6D13770-- --Apple-Mail=_2AA5396C-DE02-4A10-A69D-53FF721B4F7F-- From nobody Thu Jul 20 10:40:47 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A272131D21 for ; Thu, 20 Jul 2017 10:40:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rs62q3_iMQOf for ; Thu, 20 Jul 2017 10:40:45 -0700 (PDT) Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B19AE131D20 for ; Thu, 20 Jul 2017 10:40:44 -0700 (PDT) Received: by mail-wm0-x22d.google.com with SMTP id w126so30531336wme.0 for ; Thu, 20 Jul 2017 10:40:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=y/fPHe1cv/Ez5RLNA4kymS0qIMD7P9yqOX8ZR2luHdo=; b=oTu2cjP+fcQhMRUNqNzdafaYHQCWcHWvesAb+Vf/48HmzhV1Kuyy34VlsaobyvM91n DuPEuLP1ss8v5MNlPhPaLmAd7/rAKf6gqm5xDgp+3FQYlwAMk2pl22CK2M38Jd8+g96B 7DGZonRSsCNMfFvG8fNmOWOgAfxItta4qa7klJA51gxiWoV4WDCSQp445QUC5i0QWrKV TA2hpkeCE5Cn60ix+Ujvfa4TVgHGDr0OkH2Hey65W1gnjLn2YKCoupqzzNZv1P9Zppb2 9wSWipijhOgLEX4WGtCwjGcpGkARVwor91XIFkj68Kdgyy0q3jCrLnJ6H3uulJfJBwwV PdYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=y/fPHe1cv/Ez5RLNA4kymS0qIMD7P9yqOX8ZR2luHdo=; b=gUje9eSjUZLjKWKsWGgJAo641FC4p2m8oqw5oVSpD6wpVz5avNw3YI5b4QQHn5qLqj w8sTPO3O+LN1Ld5PeoihTEqKugnT+GYMpPYoFBxdzYpE2pdhbhZK4sg5zRCAIcOtPY7Z MpwZWq7tb82qHSfQbGGdC1scW9Hx8/MzUn8Grhe8uqwdR9RLdrDWHU/A/xfsM2243Xnd ifCNy9XlwkVEiEwews6zWvLW/GnFt6Vw1zwU/irAMDETBZTaVwne5tiYl2m80xprZ6pS njnFz+u2sAXWGfnzsojmitcBchzsH1oBtaMoQyUlo1D+uvLD2LektRL/CECm+pxCA0pP FYVQ== X-Gm-Message-State: AIVw110GkNMYzYe2fl4xWi/0jRUJn4JaKMRnAHPPRNEI2Xw/VO3vWrW4 d0ttFocSm2uGO9em2fo= X-Received: by 10.28.234.145 with SMTP id g17mr2939467wmi.144.1500572443304; Thu, 20 Jul 2017 10:40:43 -0700 (PDT) Received: from ?IPv6:2001:67c:1232:144:2838:ce19:51ee:18eb? ([2001:67c:1232:144:2838:ce19:51ee:18eb]) by smtp.gmail.com with ESMTPSA id v8sm160900wrv.16.2017.07.20.10.40.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jul 2017 10:40:42 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: Date: Thu, 20 Jul 2017 10:40:41 -0700 Cc: "ideas@ietf.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> <22F6CC93-CB03-4A5E-AD8C-B69864E98FA4@gmail.com> To: Jungha Hong X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 17:40:46 -0000 > For scalability, we had to take the tree structure for the mapping = system like DNS. Like the LISP WG did for LISP-DDT (RFC8111). > But our contribution was how to update/lookup (pub/sub) the locator(s) = by a flat typed ID which is registered in somewhere on the mapping = system. My pubsub related questions is this. If something else publishes an = entry, and I look it up, cache it, will the mapping system notify me = when the mapping changes? > I would like to introduce our mapping system as one of the solutions = for a flat typed ID in the IDEAS meeting when it is possible. That would be great. Thanks for sharing. Dino From nobody Thu Jul 20 11:29:36 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22DE6131B39 for ; Thu, 20 Jul 2017 11:29:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RjJjqAXiRPUb for ; Thu, 20 Jul 2017 11:29:33 -0700 (PDT) Received: from mail-wr0-x236.google.com (mail-wr0-x236.google.com [IPv6:2a00:1450:400c:c0c::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D86613191D for ; Thu, 20 Jul 2017 11:29:32 -0700 (PDT) Received: by mail-wr0-x236.google.com with SMTP id v105so43913963wrb.0 for ; Thu, 20 Jul 2017 11:29:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=wFiSV6f959Q5AkwX49+FeY0MVSOSSfleq4rkxZAgJKc=; b=X0VABwhkhldASf25HFRpGgUPu2XpN4RFL5PSb6/1rL/rbWLYx3ZxVc9xkO1N752NNz 6TU9YaMVEx9iUWghc+3OCapylQEXURcNKz4IGl8n40UrxrnaiRzfOtv9erbx6jjf03Gs Bu8eBEmudzkeFX8zQgKH3bgpPPxffOT74myKFXkQwT0iTlSif/moB5lbBYtV64BoyXAe yScSarH3Fe+RqNRP4v8hZtVQKIu/SYHrekDnOtLzwH1F5sXqgHa9Xyn9X5iPeMp1yYet 4nsh4HKVJgc+0urqf6EraYp61Mm25KhhqgYPrvGNzZMFGKlPfZc9YIurmiWnmKZqSENv 9eKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=wFiSV6f959Q5AkwX49+FeY0MVSOSSfleq4rkxZAgJKc=; b=Y/6LoEOJLU6cinTru8pSxww0V6k8u/2WTEt1F3rlP+dVqeEze4Brbqqunm889aIVBr kiVC/JUmNhtnBhMx8KZi3Yptsv9T1e7Q8JcWLOs8cKYVn6scjhIuUWOIHntxOKHnhAhn 5s1VCahlOPtpTwblvEI94lt9nMsDUTxUTpwX7YDM0MDNKRb6xKksJBnIp/gRCzl5MKCA soU6hhqgCrVwOgOgvJdjK7ZwO09VqcqV26tF2YjbU2ezUVx+FI6CUQGZ4mzoHTBOThns gFKbXrHuMB9Ct95707egc7XzDtGXr++YNTM/59wYMRE1zSI2ZQpIG2VWj5fOSAByu11W Du6A== X-Gm-Message-State: AIVw112ag6BQcxYNR9Sn5mYtSBQ85NZiRkczoWhSvcPnrgu3lTAZFPLR fZDL5rorpzrETBsGDd5+51euLGIH4/t1 X-Received: by 10.223.135.249 with SMTP id c54mr7951996wrc.98.1500575370666; Thu, 20 Jul 2017 11:29:30 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.128.66 with HTTP; Thu, 20 Jul 2017 11:29:30 -0700 (PDT) From: Tom Herbert Date: Thu, 20 Jul 2017 11:29:30 -0700 Message-ID: To: ideas@ietf.org Content-Type: text/plain; charset="UTF-8" Archived-At: Subject: [Ideas] GRIDs and ILA X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 18:29:34 -0000 As I mentioned oin int-area list, our intent is that GRIDs will provide the control plane for ILA. We don't want to define an ILA specific mapping system. IMO, ILA and other protocols that are either performed identifier/locator mapping or virtual address to physical address mapping such as in nvo3 are best served by a common system. The system solves than just the point problems of the given protocol but includes a path to scalability a well thought out security model. Tom From nobody Thu Jul 20 12:07:15 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48DEA131822 for ; Thu, 20 Jul 2017 12:07:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.494 X-Spam-Level: X-Spam-Status: No, score=-0.494 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NlpPRqEZx3eZ for ; Thu, 20 Jul 2017 12:07:12 -0700 (PDT) Received: from mail-wr0-x22f.google.com (mail-wr0-x22f.google.com [IPv6:2a00:1450:400c:c0c::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82921124E15 for ; Thu, 20 Jul 2017 12:07:11 -0700 (PDT) Received: by mail-wr0-x22f.google.com with SMTP id y43so74341938wrd.3 for ; Thu, 20 Jul 2017 12:07:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=hbQHJWxAofJsGhppxoBhCGCaUtHnZDWGwNcRiNm1I5U=; b=HD8H7aA6DvSDki/Scw2WZVgjUaPQwr8VOVQehcwFGTdpl1VNtRHS+yUiCOeidrqp2l KfQINSGQ0fd4MdZYU1HLMJQ+NF7zXmuU2pgcc7/ROX2CQ2xoxVJOI6Yz2Ptc1aUAO7N9 AdNUPt9GJmvvIQf43WWiwxo2WP5P8HDYYXLhzy4z9KU5MgqjZBNC3yBxlllWa6Z50SiZ OBWP5yFd+oHJNx3LPe4gCT6IKPF3O87lTyHKJboEU48pc4clbWikXx6jCBWB2uqLPd00 KLn5FdNkPsCnz4zsg2TKvmVaxE7E1zH224+n623vHV0zLXHqhQUUitGHZiVfQNwRT64m 6eMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=hbQHJWxAofJsGhppxoBhCGCaUtHnZDWGwNcRiNm1I5U=; b=I318G0bQYgOJjOULhch/RRVsONJ9hJcptmGQN3N1b8ASac/LrBtPggXEnylr5Nz8G1 ygSWR4MeirIlNpZhMNh4ySjpCI1B3bVvlRVUriwzRMHtMLKUAXqqjEkgtLMcpdUVn73H wPcjkViMrcXx6vscbJ/SwdkRfrETXgKHVYMECcKFBusb5r3jd8ahXC0Bsv2LP81qUPc3 5bghbPpy6OUr0zriPB8VI8ByN0weeMoOeAaOcOY3LpdOWsJ7ayxBOUmQZ8hjdCODKkG2 y/PuhAEc/aW4OMz2d7IlCKu7+n+LLRUwTJuIROtb4KNuad9s/dvDXI4nFt4rM+8plLMk Pvog== X-Gm-Message-State: AIVw111sFvSjMOM+c0F3i/lJgsZ3VWPU9MCIWrzvdFc5NXq8/TjHX6Yk Y0VqsC8gCv/s7Ca0DvRyuDbC/vDm67yU X-Received: by 10.223.169.2 with SMTP id u2mr3647135wrc.288.1500577629933; Thu, 20 Jul 2017 12:07:09 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.128.66 with HTTP; Thu, 20 Jul 2017 12:07:08 -0700 (PDT) In-Reply-To: References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> From: Tom Herbert Date: Thu, 20 Jul 2017 12:07:08 -0700 Message-ID: To: Dino Farinacci Cc: Erik Nordmark , Erik Nordmark , ideas@ietf.org Content-Type: multipart/related; boundary="f403045cf2669763e20554c4743b" Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 19:07:14 -0000 --f403045cf2669763e20554c4743b Content-Type: multipart/alternative; boundary="f403045cf2669763df0554c4743a" --f403045cf2669763df0554c4743a Content-Type: text/plain; charset="UTF-8" On Thu, Jul 20, 2017 at 10:37 AM, Dino Farinacci wrote: > Right, that would have to include the transport headers since it would > > be easy to correlate packets for the same flow by looking at sequence > and ack numbers. Also changing addresses of an existing TCP connection > will wreak havoc on stateful middleboxes like firewalls. Maybe the > goal should be to prevent correlation of identity between flows. > > > In lisp-crypto (RFC8061), everything after the LISP header is encrypted. > The LISP header must be in the clear so we can use multiple keys (see KK > bits below). > Very nice. One could also use IPsec in tunnel mode, transport mode if the receiver knows how to map addresses to original source address. In that case the SPI would need to change for every address change. Even with all of this though, I'm still skeptical that this will ever achieve something we can call real security for identity protection of a long lived flow. Packets need to be routable in the Internet so there's only so much of the addresses that can be obfuscated and analysis of communication patterns can yields information even for encrypted flows. In practice it's probably far simpler to just not use long lived connections if identity is a concern there, applications already need to handle restarts for connection failures anyway so it's not a big deal to reestablish a connection (NAT state timeouts have already necessitated this model for several years). Tom > > Dino > > > > --f403045cf2669763df0554c4743a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Thu, Jul 20, 2017 at 10:37 AM, Dino Farinacci <= farinacci@gmail.co= m> wrote:
Right, that w= ould have to include the transport headers since it would
<= blockquote type=3D"cite">be easy to correlate packets for the same flow by = looking at sequence
and ack numbers. Also changing addresses of an exist= ing TCP connection
will wreak havoc on stateful middleboxes like firewal= ls. Maybe the
goal should be to prevent correlation of identity between = flows.

In lisp-crypto (RFC8061), ever= ything after the LISP header is encrypted. The LISP header must be in the c= lear so we can use multiple keys (see KK bits below).
Very nice.

One could also use IPsec i= n tunnel mode, transport mode if the receiver knows how to map addresses to= original source address. In that case the SPI would need to change for eve= ry address change.

Even with all of this though, I= 'm still skeptical that this will ever achieve something we can call re= al security for identity protection of a long lived flow. Packets need to b= e routable in the Internet so there's only so much of the addresses tha= t can be obfuscated and analysis of communication patterns can yields infor= mation even for encrypted flows. In practice it's probably far simpler = to just not use long lived connections if identity is a concern there, appl= ications already need to handle restarts for connection failures anyway so = it's not a big deal to reestablish a connection (NAT state timeouts hav= e already necessitated this model for several years).

<= div>Tom
=C2=A0
=C2=A0
Dino




--f403045cf2669763df0554c4743a-- --f403045cf2669763e20554c4743b Content-Type: image/png; name="PastedGraphic-1.png" Content-Disposition: inline; filename="PastedGraphic-1.png" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: bd28352bf0b949ce_0.1.1 iVBORw0KGgoAAAANSUhEUgAABOoAAAK0CAYAAAC9VtJiAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAW JQAAFiUBSVIk8AAAAZ5pVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6 eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYg eG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4K ICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6ZXhp Zj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8ZXhpZjpQaXhlbFhE aW1lbnNpb24+MTI1ODwvZXhpZjpQaXhlbFhEaW1lbnNpb24+CiAgICAgICAgIDxleGlmOlBpeGVs WURpbWVuc2lvbj42OTI8L2V4aWY6UGl4ZWxZRGltZW5zaW9uPgogICAgICA8L3JkZjpEZXNjcmlw dGlvbj4KICAgPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4KyBDaswAAQABJREFUeAHsvQl4VEW6///m Dg6dOzgmDl6TiM8QBE0C0XSQeUZn7jzDIkuCiCwuKDoC8d6/OgoIjmyOgOCwiIKjowTkSkjiT0gy 7MqS+DwKOGoWBdJxWMK9SDr+9Ec3IzPdGfDWv06fvfv0kqRPr9/DE7pOnap6qz5V560676lTlcL4 QThAAARAAARAAARAAARAAARAAARAAARAAARAAASiSuBfoiodwkEABEAABEAABEAABEAABEAABEAA BEAABEAABDwEYKhDQwABEAABEAABEAABEAABEAABEAABEAABEACBGCAAQ10MVAKyAAIgAAIgAAIg AAIgAAIgAAIgAAIgAAIgAAIw1KENgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgEAMEIChLgYqAVkA ARAAARAAARAAARAAARAAARAAARAAARAAARjq0AZAAARAAARAAARAAARAAARAAARAAARAAARAIAYI wFAXA5WALIAACIAACIAACIAACIAACIAACIAACIAACIAADHVoAyAAAiAAAiAAAiAAAiAAAiAAAiAA AiAAAiAQAwRgqIuBSkAWQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQACGOrQBEAABEAABEAABEAAB EAABEAABEAABEAABEIgBAjDUxUAlIAsgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAEMd2gAIgAAI gAAIgAAIgAAIgAAIgAAIgAAIgAAIxAABGOpioBKQBRAAARAAARAAARAAARAAARAAARAAARAAARCA oQ5tAARAAARAAARAAARAAARAAARAAARAAARAAARigAAMdTFQCcgCCIAACIAACIAACIAACIAACIAA CIAACIAACMBQhzYAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAjFAAIa6GKgEZAEEQAAEQAAEQAAE QAAEQAAEQAAEQAAEQAAEYKhDGwABEAABEAABEAABEAABEAABEAABEAABEACBGCAAQ10MVAKyAAIg AAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIw1KENgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgEAMEICh LgYqAVkAARAAARAAARAAARAAARAAARAAARAAARAAgR5AAALmEnBTa6ON7Je5FP6XOSCPsnv3NFck UgcBEACBGCLgbG8luzOVcnMyYihXyAoIgAAImEdA0HutdjdlZFqonf9m5+dSGp46zAOOlEEABGKG gPtbO7WebSe38Pzbw0LZA7j+6xUz2UNG4oQAZtTFSUXFZTa/rae5KanUr7CQfvEz/nd7IfW7xkLT 1n8el8VBpkEABEAgJAIXndRYt5teX/A0DU5JofTMfpSXO4Ma3CHFRiAQAAEQiFsCZ+q20CRJ7xUW 5lEW13/Cb/oVKbS0+su4LRcyDgIgAALBCFw4uovmFqZQ6jVZlMeffwv5869H/12ZQrPXf0AYBgYj iOtaAimMH1oPuEEgLAT+Xk8lvW6lDX4SG/d2E21/6BY/V+ENAiAAAnFK4PvjNKnHIKryyf4kOu7a SnkWnwvwAAEQAIGEIND0xzvJ+ttdAcsycm0Tvf8kxn8BIeEiCIBA3BHoOPYmWfL/M2C+By2uo6PP /TpgGFwEAZkAZtTJJPAbVgJ7n1ONdHetqCMXtwe72vfTREnKjocLaNtXYRWJxEAABEAgJgikS7kY M2MZLRwTE1lCJkAABEDAXAIdx+kFjZFuXnkTOS4xEuYD2I+8qcje91QB7WpXTuEAARAAgYQgYD+2 QynH0vLD5HBJ+u9wGRVKV479fihtO6EEgwMEAhKAoS4gHlzsEoG/f0SvrZFijtxE7zzzaxImkViu HUHlR99Qkny+4gvFDQcIgAAIJASBHwykUuHhlP/tKZ1PS0vfTYhioRAgAAIgEJBAz3QaLAX4TXkL LZ9yi7ImXcbPHyX7zt8p0Uv34RNYBQYcIAACCUGg76QqOm1r9hjoFk65jdKkLygybnuQdtc8qZTR 4fqn4oYDBAIRgKEuEB1c6xKB9k8P0m4p5sqlEzxGOjmhnoPuodekGSbHf7eb2uQL+AUBEACBRCEg LJguLZrecRErkiRKtaIcIAACgQhk0WO2ejr0SSttmnKTT8CMAQNVP6hFlQVcIAACiUFA2DQih28a IRnotIXKyL9Vewo3CIREAIa6kDAhUGcIOE9+KgUvpuF5P/aKmk63F42V/BqoHYM1Lz44BQEQAAEQ AAEQAIH4I3BVTiHdPqSvYcYv2NVXs1dj90NDRvAEARBITAItdQeUgqX+UHHCAQIBCcBQFxAPLnae gJua9knz6fLHUj+DwVj2z0dIyW6j+r9i+m/nGSMGCIAACIAACIAACMQLAQdVr3xWyezEX/nOuFMu wgECIAACiUDgopPsJ21Us/ouyi3ZLK5Tl7+GhvWHpS4RqjcSZZA+zomEKMhIOgI3puk+e5XLb7ny atmJXxAAARAAARAAARAAgQQmcGT1PTRtr1TAke/QiD4JXFgUDQRAAAS+3kkpGeN0HBpoLp37YhZl 6XxxAgL+CWBGnX82uNJdAt+ldDcFxAcBEAABEAABEAABEIhTAmf+PJNunyt/9jWJ6qvuNXyJG6fF Q7ZBAARAwJcAX69O3ulVvbiKFq77WD2FCwSCEIChLgggXO4GgStZNyIjKgiAAAiAAAiAAAiAQLwS aP9gJWXfvVbJftnn5VRosCSKEgAOEAABEEgEAj+5g+pdLnJ800aN+9YrRrtNT91G83d8nQglRBki QACGughATloRf3WS0V4R7u/OJy0SFBwEQAAEQAAEQAAEEp1A+4GVlDn0d0oxlxxspwdvxtpMChA4 QAAEEpuAxUJpvTOp4I4Sqv9qh2Kse/G1DwyfjxMbBkrXFQIw1HWFGuIEIGChgpHF4vWju+j0Rd+g rR+rn0AMvhGDNl9C8AEBEAABEAABEACB+CTQ8udnKfMOjZHu/XZaNOza+CwMcg0CIAAC3SVw3R00 d7KUyL56arvc3QQRPxkIwFCXDLUc4TKm9R8iSdxNB5v/5iXdTY17dkl+hZRh8bqMUxAAARAAARAA ARAAgbgk0LThYcq9e4WS93WHLtCikTDSKUDgAAEQSHoCRl+cJT0UAPAhAEOdDxJ4dJdAxpDhJM2p o2cWVeum93Yc26rs/DVwRTF2vukubMQHARCIaQI9lb3V04kUd0xnGZkDARAAgS4RaHnnYbKWbJbi FtM2Wwf99vYfK2l1HN1GM+6ZQeWfeL/EVYLAAQIgAALxR+Cyg2yfNlJjS7th3oXn3/u3SpdGDqZ+ GA8acoKnngCaiZ4HzsJB4Ee/pMdnE+1ewxPb9wjdty6H3nny52Rp/4geyH9IkfCHKTcrbjhAAARA IDEIuMl+1EbtwutS3sM6v2yWilVKVXsfo5Q+jNz8kwdLZh7l9umZGEVGKUAABEDg3E7KvV820gk4 sqijcRtt/NClsGmpmUEb9xJt/PFYeuBn4xV/OEAABEAgngl0tLxLeT/7T7EIBSW0ZeVjNMzal9J7 /INa6srJOuEZpXgzH+fPxMoZHCDgn0AK44f/y7gCAl0k8Pd6Kul1K23wE33c2y20/aGb/FyFNwiA AAjEJ4GOY2+SJV8arAUswiQ6fmkr5eF1WUBKuAgCIBAfBFo2DKfcktqQMjvuTT4GfBRjwJBgIRAI gEDsE/j6AKVk3BE8n9MrybXhPhjqgpNCCE4An76iGZhD4EeDqfSbz2iOQeqPvNkEI50BF3iBAAjE P4Ge6VnKzl4BSzOxiLJgpAuICBdBAATih0Ba/1EhZ3ZgRlrIYREQBEAABGKewLUjyH32Q1o2Od9v VpeWN8FI55cOLhgRwIw6IyrwCyMBN9kabUSpFnI73JQ2II+ye+NzrzACRlIgAAIgAAIgAAIgAAIg AAIgAALRJnDRSa2treSUd4ywpFNubl+y4OVstGsm7uTDUBd3VYYMgwAIgAAIgAAIgAAIgAAIgAAI gAAIgAAIJCIBfPqaiLWKMoEACIAACIAACIAACIAACIAACIAACIAACMQdARjq4q7KkGEQAAEQAAEQ AAEQAAEQAAEQAAEQAAEQAIFEJABDXSLWKsoEAiAAAiAAAiAAAiAAAiAAAiAAAiAAAiAQdwRgqIu7 KkOGQQAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEEpEADHWJWKsoEwiAAAiAAAiAAAiAAAiAAAiAAAiA AAiAQNwRgKEu7qoMGQYBEAABEAABEAABEAABEAABEAABEAABEEhEAjDUJWKtokwgAAIgAAIgAAIg AAIgAAIgAAIgAAIgAAJxRwCGurirMmQYBEAABEAABEAABEAABEAABEAABEAABEAgEQnAUJeItYoy gQAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIxB0BGOrirsqQYRAAARAAARAAARAAARAAARAAARAAARAA gUQk0CMRC4UyxRIBN7U22sh+meeJ/2UOyKPs3j0jnkG3s41a2zsos382pUWw1Xvktn5NlswMcp9t p7QBuZSZZolc+S86ydbaSm63KDItOzr8BemtjY3kTs2kzL4ZFEkEkYMdWJLzq2ZqPeskV49USuVB LZn9KLfPVYEjxftVN29/Nt7+hPufH5Eus/MkZ+7o4JJdXDjnnZ9BEbz7iHj5G482c/mpQg4oL98a lbbvbG8luzOVcnMyeC4idwhyW+1uysi0UDv/zc7Pjaz+/dbO77l2sf31sFA2179pvSJXfkXSZQc1 Np7x9APZGZlkiWAfpOQhmo7LbrJ77kU3pXL9R7z8GdfnUWYUxgKRxODm7c/W2i6JtFDGgOyI9v/Q fyJ66D/OAfovkre+Xhb0H+cB/Zds4z/9TYCzLhNgOEDALALffMbmEDHeOHV/j7zZZJZENd1LLna6 4QArX7eUTbSq8tfVd6hhTHS5T+xnC8eocrUMxi+uYY5LJgoXkubsXysZreMu5yF/5lvslMtk+V7J O+ue1+SlhB03s/zt+1mxV5uTy67+zmXHI8TA/kmZrg2qeShm9Sbkwb7zdxrWxm1QzANnYFo9uFht 6UzjfIxexA6cdXu1kDCffneMvWR4/5WwAydMli0VxcnrXa1rtR7W/+VCmAtrkNx3DtZQu4u9Nn82 K1TuBXPam4F01lrL27wiVy27wGNJVYtRlLD6Ob/YyeZo9L62Hma9WcdMuO0C5r926Y1qW5jw54Bh u3vRXrdCleWnDvJn1kSIgYs1VizRtEG1LYxca844YM+s3KDl97SH6ZXmMXCdYhtnjTLMx+iZleyc 2Q0Q+g/6D/rP8P4T7n3oP66Hof+629UGjJ/M47+AYHCx0wSo0zEQAQRCIXDxMzbDz0OC0FGOe9uc QbqYNRernKw+EGgf0tZ/br6hzvnpK34HCEpeRm5ijlA4diUMZ+/vIVmRTy+zc11JuytxLh/zMthO MsVAJWfNfXRzcP68DZbZzG4L3Fi1aoRPXqxWKysaU8SmLd5rwoOii9WUGLd9te7l62bVg4tVz5Zl iL8FYyb6PKxvNctg5j4WUPcIHMpM1gPB2mCZmS8M+P1mfP9PiohxuvHVsT5t3rvtmWWkEXSA++gb QeUPWlwnqwvzf0966aOR75hw36vFsJUVBS0/EW8LphnppbxwY5WRsdxaUOzRf6u2m2Cw9elr9HpI 1w55H2yKvcwgD0WTvevExJck0H/QfwHG3sI9AP0H/UfQf2qnGWZXMo//wowSyXECMNShGZhCYI/m Qf2uFeIMBhef6aR9gNx61hTRPFEXq3hUMhCMnsFeWKC+2TbfUMeNhJqZPKPn1bC278Ryus9+qDNY zdvebg4AzYPh+MWV7Pg34gwib/kzq86YI98rVd8Hd3MNBu4W+cG4kC1dX8HKN5d7/W1gW7Y3mvOQ ppTdxfYsuEnzwFzISmttzGX2wzEv1Vty+5vxOtu9bzfbvUP9O8jPF8qD+Pw/mWIs1hlKbl7E6qX2 J9yXjRXPqkxMkt/46nBVxkQ+e1S4//gM28aaxao/LWLnzKqLS+d09/nKg+J9bj+yViN/Ljtllnxu KJBfkoyZsUwzs9fc+87T9LmRQKvj55U3KbOH7Ufe1JSf2E67crOE1dFaqRpFlpYfZg7JGmM/XKYz Fm/9a1jF+knsvHo/yved6Ya6h0TOBSVsg4/u47pwfTnb1WASfJnC5VOqnhHKzfXAAZtTvmrer/sz ZTb1I+sqmKDvdPpvR6nSBkatMOdloa20WGnn+fP47Dn5Pud6oWKBOtvPLPnQf9B/skEa+s977Af9 J8+wN0v/QP8l8fjPvJ49qVOGoS6pq9+kwl/8UBkse7+10T7ED1zxuUkZkJKVB8jslPLgar6hjrHa pdJb/Ok1vuX76l1lEE8Tzfv0xnHiOGtTDCSabGjkj3vThBkNGlEeJzfOigODQrZg5XzJba7BQDXU mfyJrXdZNefOI39Q65lKWL1p0yc1QiWnbcd69vTMl/zIdLHXJEPeuLfNqX91oFZoaIypnS8bME2Y 0aebzeI7a0XNG7HFh8z5BFU7o/Yur8/8tfJXmvkJrKD7ZP2n3PPm3ndi8zvHlksGqd+U+7Yv7WfZ ZrU/wSh72tasGOi0d4i95knlvoxEX2Df/7wkbxJbvfQu0R0pQx3vX6J1HF46QOEsfGIVOfV3ntXy 5S4WLK4wlslnm8vLIpgzq1b7om65wax19f7wHhuFpa6g/0SM0H/Qf9B/vioF+k/plzD+820e8IlN Atj1lb96whFeAu2fHqTdUpIrl07QLd7ec9A9xA0FnuP473ZTW3hF61OTF+z+XljGPXLH0CdO0aHa RnK8Md5XaEYe8dku4vFdiuwK+29afz8LdWvlh12qd4JuqnzuDmoQvJ9aRnMnFIhu72CmnTs8G5iY lrzfhB208bFnpavFtP+b9VSY5jdw2C/k3FlCq1+ebSzz1FZ6fK8osmTYTWGX7UnQ8hMp3QayGOzc kJ3/M0WuwWXlWpccfNOKVjnisxMpT9YBkl/O/YuJP6h7jt+v2UPSHiuST3h+Gt57XUqomJ6bcosu Ua38zTWeO0N3PWwnQrmlsndcNKOU/nKaRY/Z6unQJ620aYpv+8oYMFCNaFa2hEXTc/imEQaNKyP/ VlW+2a7vj9OiO573SJm5fTVNHNTXbIn69Hn/YhZivSCvswsf0ROLToie+WvIseE+ipz6S6ehv11I Lzx3v6HMMzvXSmOTRTQs74deGQ/TqbJZiYP+1SfJLMotkT2FLYXCfED/iUCh/6D/oP98lAv0H8Z/ Po0CHjFPAIa6mK+i+Mug8+SnUqaLaXjej70KkE63F42V/BqoPSpPEl5ZCvdpWj+6fWiB8e6GfPdZ 5fH8+sjvfttxtIE2SOW9WnmgCDcAMb0Ln71JU9aL7p3PjqarovDY6HZ3kLud77x31MZ33+S7D38r 7ABq7tHRtJWebhRlDHx+OY3oba68zqR+pGazGJw/QP+yT2didiVsIbkv+sazffKZr2e4fPgDWrqc lsXgQZhft8vXTfl109eH/yqmPGgS9fO+x340kCZKLyqONZyJwh1hSqF1iV6VU0i3D+mr85NPLtjV VzNm6x9Zpva3pe6Acppqkp1GFtD0p6ckXbuI5o77KdHF8/KliP26hd0Gv2r16D9BBzoN7sdwZ6Zp 6wqlj1v5xuOGBrNwywwtPQdVryzzBB24ooiyJEN2aHG7EspC57nhTHd8f5rqSyWfK4XJHWE+oP/C DLTzyUH/icyg/4ig/7zuH+i/hB//edU4TsNAAIa6MEBEEloCbmraJ82nyx/r+6DKg2b/fIQUYRvV //Wf2sgJ726qXKc8xMwcd5tutqFphZce1o7UrCKL9SGyWgVJhfTASN8ZL2HLw+U2Wj1kpie5Qc8f obEZRB3eDy1hE+YvoW00ON1CqZlZlHdzHhXyv6xrLHRLyZ+o2cQH1tZj25UM3Xfj/6OaVbOpuLCQ Cvlf0eRFVPVpu3I9og4+w+etuaKhYtwTRaY9QGcPke/vBrrz+mfo0FeycZTrhrJZVPSyTSz2SG7I Mpj11C0mvI3xeZTicbjB1xD21Wnl/qO/2n2vy3G7+vv9KdomzVgcNTXHgLGFrEOHi6lzPXk6EV9U +GUnGEqeVa5O/JWJ+keRwh0XnWQ/aaOa1Xfx2UybuebjBzdUD+tvoqXu651k/e1BTy6WHJxDWdzl JvNmUHsEef+37z5KvyKVsq7v59F/gg5MvzKFpq37IPztXpHtppbqXdLZJMrq+Ihen323R/cJ+m/C rNepQdEHSqTIOE7tUl6gPDXa0wpMkGuhgnFFUrpLafzcd6hNvsfdbVQ59056Qbo6cqQ1/P0/9J8J dRquJKH/wkUypHSg//SYoP+IMP7TtwmcxQeB2PwiF7mKXwKaHVf9rMGmriFGLBLrBDHN4uoRkeen 8px12nXLTFify0guX8B6obyIueZ3/zdGgcPnZyuTFjSnYlYvb6ahbPJg7lpZ2vbFtbCyJoXezfmb tHCSbjFvP/JH8V0nTdlxMEAVOj9V2595G7mIGbBpN43gDAr4LrfyIsaeerhlrkn8tWtEEZu3XbNh Cr8X9LtQmnAPanSNvzXY1HvD3PtAbgrq/RAZebJc79/D2h2QTV6nTZHdvsPg/p9rsHaYEiMMDk0f qNndW6l3k8uuyPGjezz3H++bzVF/58U1MAv96V3Rf+X7Jm2kFKD2GlfKm8wsMm8jF4/886x6lrpp hMC7aEyBrh3mzzSLP/SfdxOA/vO+F6H/hPWhof+875RwnUP/CTof479wtSekgxl1/I7CYRIBE9dg MynHpiXbwdcGSxuqziZZ37CRCsM9m8go9/xTGN91coienreJ2vjbd1MOvkbRnKniJ5bj3n6JCr0/ /zNFqFGixVS6j68V6PLsbk2OE/tpjmc2oRCWz7ab875RpG768Rkle8SZNGpChbRqczlVrPyN4vX+ 74fSvOr/Vs4j4ahbL7U/PptoRB9zJebc86BOQNPePepMNuHKtAeM19DTxerKiYXuXvmGEvHFu/rS mAWvU3XlRpp0xXX0tDTbzROAz+jLM/MelGfSKLlJXseZP8+k26XZnESTqL7q3vDPJjLCy9er8507 tYoWrvvYKHRY/C58vJbu3yomVbZ2isGsyrCICZDIt+K10YvoQIOd+E7TxDfYoNbaMpVF1f202Az9 09FGtcI9pqzvwN23zKXy6nJ6qWSQkudnRmXQtq+UU/Md/JOr8mdEvTzo+SLqx/tF8450Kpr2H7rk 9+xt0p0/OHWCSe0C+k8HOkZOoP8iWRHQfz60of8w/vNpFPCIGwKwVYJAeAloZhNgRp2Ilu98yhew V96o/8ak3Tb91iPfBdHlcLDTDQcYN1Qp+aCnPvAbpesXXKx6tiQjf41+5srJzZJs83djFcpreOh2 xStk4Z9ZqGn/njrnM8ekGYVCfpyNMgOB0VyTZ3ZoCGh2+zJ9t18ua4an7IVifY9exMp37GYV62ap bc/zxrFJk8HwOr1n9PEOWSebWywYmTGzCTPqfCrSXrdCx96c3TZ9xKoeLhdzfNPGGvet183qnLfd hFldGv0izJrVHq2VU0UOfvpFbdhuufmOlw7+dsLwUGY18/bP9bMfLWkYNSRPTfv33HNeO742KjOt ufzp74WUZDgCaXdiNntWvfuopOOlWYWjZ77GqnZUsddmjRLrX/Lf0mDOrtMCL+g/tdVEe0Yd9J9Y F9B/jEH/cb0P/SeNhyLzhUO09Z+qieHqKgHqakTEAwFjAhpDRf6fDB8EIjlo9uRR8/Bg9iDdh8lZ vZFukNfDm094sz3453/LFGMd7yj4Q11YD/dnbKJiFJnreUApryhn5dVVbOP8kVIHVcyenjWau+eG X34IhbHXPCnlg396Xd8RQozOBNG0f85hyUHfh7HapTdK8s0wFBrnVVtm0z97LStS+N71ppcx7tsP Ne3DhPanKT6fQclemjWeWa1WZi0oZtPmbWQH95WqxprpNZrQYXJyXSO3/1Erjhgmqn6Cl/gDNft+ vZFuyUETjGOGlP14frVDrX8TDLXuo28obZ9mvsV2V29hgv6rqi5nC8fwhxRBNxaUsDn3CIYqE9qf n2JrvffMlvJBJnz67VbbP/FlD3xfhGj6H+8XOdpMhtmtltnslyN6/b/+L3r97/z0TbV9mND+tNig /0Qa0XxQhf6D/tPek4y/ulbG39B/pi7/Av0Xff2nb/s46yoBGOq6Sg7x/BKwlRZLg1F1fTJt4MZX x0rXTXhQ0AqS3VEy1Llb3lUfCvkDmvcMCzl7kf5V64fY1hPu8IrXGCp8ZjEpBjwTHxRDKY0ys8+c NRJrSuTyEZtpYKjT8g+/odAIgLRulMDfjFk0XiKVGZW0SD+jUgpn3/+M8rBaFu7255UX71OtwXJm lRlGI/6gLhtkBm0yeFHhYm/J1/n6ZX7mPXlnu1vn0XpQtdX8TqlnQRcsicK6ZL7gtIaU8BttVNaq DvCrB0021PiWXfRRZrZwQ93xcDfAy6fYHI2e3+8zZU9zf5hhKDQqtGY2Md/YyChE+Py05fczY7B2 /k3SfRH5F1XQf+Gr6mApQf8F0YHQf6w+3PrXqFFC/ylUoP8UFHDEEQGsUcdH0TjCSyCt/xApwd10 sPlvXom7qXGPvCtcIWWYuUaUl+RInl74bD1Zcu5Rluq5a+0Reu+5X0cyC/5lWX6iXHNfDv9OhNlK 6kEc0x8wd40wP+LPHK33cyU83jm/ekhJKK+3QQPX8E81WkBQiR0mx7mP6HFpbba7nhhm0tpIcl7d 1GGT3VfT1bJT85uRra5V5fpb+NufRpTeyXe9fenudZLfJCopulZ/PSxnFrr29hvFlI5to9MXvRL9 +3GqkupiUGHfyKzT5pWFSJw2bXiYcu9eoYhad+gCLRppBm9FRJcc4V5GsCdfEy/UY9bDBVGp/ya+ Vp18hLv89IMsGjxZTn0SXW2Eo5d8PT0i5W+v20rSPvT05J2+KxbKuQnL72W+FqCc0DVpskv3m53/ M+m8ldxmrROrkyidQP8ZUTHFD/ovOFboP+g/6L/g9wlCgABm1MWRVTVusnrxQ3VNNq9ZI8r6Lfyt +8AVn0emSJoZdWXN5ov0nlUxr6pFL/S7Y2xZyXg2722vzwL1obp8Zm9oYA0Nzcxh9Fkr/zRJXD9M eNtpwoyKQLlW1kcyeY06o3LL+VLWTxPKbzzjUw7a5d+T70ozJriMp/Z6JaOZ3RahGSWNpfIMVj6D 8q9e2THhVJ0xUsgO2H0FHF4yQuGz86zvdVN8+EyXl5RPvomN9P4kN4xCtZ/2e3/6q92Rc6XXZ3Fh zII+KWUGqcn3nSTVVinv+CzeY9ts+s/L3V9sZdMnT2dbzCj/pfOs+ROu/2wGDY/nT9v/mLJGoZ68 7kype75GnalHAP2nKz+f8WnGhI7WmqeU+3um9zqAurHBO6bI17PVzGCNxJqgfGmJ5fKMwpuXG8wo Pq/RQ3zGcYC60pejm2fQf7xNQv/p7v8Iz2iD/uP3MPQf9J/UPyTq+K+bPRWiGxCAoc4ACry6T0Bd E4YYn00mDsjt2vWpiJn5kO44e5w1CA9swt+RMsVwOHDFXtYsGLICPMx1q/R8QLxQHqhLv6/yNYo2 rN+g/L0kLyptxoMDXyNO3biikC3dXMuazzqZ6zsHa/1kq7J+Fn9HYWBE6lbJ/Ub21AVnXlv5rPIA N29HIzttD/Nnt0IO+BpoYvmL2dL11az5BC+78DDEN9TwLr956wVqHw6F9l8nGk1d51i1sk4f52/2 ovICD/7gqLZHowdHIVB4D2fd80o9C+sQHuB14Dl4HRwum6m5FoEHVS7T3rBTY5zm3IW1Ycx8QObM tZ//rZPWZbMf0axPJXwWbFoeXKztC0nHed13S/h9J+u/5rMm3H98DTiPblF0YIlnjTat/psjf/pr whptujXi+FpwW/Y1srZvHHwznXOssXqlLm8zt58Jb8P3k5qnLng9VGju/V0NNtam2WTGT9ROezuP rBXLOGYGK60+zE7zsjOhnbkcrLFmsa78pq0XqOuDiL26z+Yph8tezxZqjOXjIrGpUrvaHs3T9/pq Orx0gMp5xlvslPz573enWMWsPPXas3X6iGacQf/pxh3Qf7z/k3Qz9J8ZS1/wmxj6T2ljBP3Hkmr8 Z0YfhjQZDHVoBOYQ0M1cUgcH8iDB1EE6n0GnGqt8Zct5EH7Xe8326C4M3YOi8rDqJw9mvNHUGWb8 yPXkq0S3G2l3y+0/PjdaFfjLhwkzOr7SzGYLyH+5uTuufrsvSBssNNVQLdeHu1E1Do1ca84MTlmW +qtdB0yqe76hg/a+89x7Ju162Lj+WVY0psiziYS3TGHgaJ6BTCWgm7lg0A7N3Pk0dB0U/s08bKXD fOrZpw4kHqbsPsx32PYnT+fPdyM1YzaZ2gIkl9dDmzYPeSbcj/aaB0Mq/6B53jN9fXLeLQ/7kT8E yQd/aWCaoVrNunY28bqwbxykytG5eJ2rs9b96T++Pq8JhlohH9B/mg1dDHSveg9C/+narRkn0H9+ 9CD0H/SfGTec8NVA9PSfOSVCqjDUoQ2YR+Cbz3QzS+QB0iMmfnbmKQyf1absrBRwoMaNVfLb7nBR 4A+K8q6Pcnn9/Q4y64268OZ+ySN+BgjExi+uZOci8pQqQHWx6lm5hnnJn1ljysNya+36gHXwyNq9 xp8Fh6sNyOnw9q+dQaK2gxJ2wIzZTLJcza/WcFIWgc9eVdHnWe26WYb1Lux6ucsmzbJTI4TJxQ3D hvd8sTKzJ0yCgibj/KTMoPyFzHsnyKAJdTaAdmdTQxaS8WDiWwabXXRWmD68vU6/y6va5n2N9fO8 P4vUJ9XlM/fZD9myyfkG7MU8LC1vMkXvGGaYvzTSzq7U8phZZcaMPherXT9Pt4mRViZRIXt1u9dS DIYZ776ns3Gz4cuKm4VZFhHpf7QviSLz2aNCjS9v8VrJIMM2ePOM19nxcI87FMHQfwz6D/rPb78H /aeoCjMd0H8sGcd/ZjapZE47RSg8H8jhAAGTCLjJ1shXl0+1kNvhprQBeZTdu6dJspCsjsBlN9nP tFI75+45+ELn2QNyKU1ZzFsXOuFO3N/aqdXeTm55xXSh/Lm8/EYLnJtYentLA7U6Uii1BxdyZSZZ czJMlOaVNG8DTqcAwEJpRhtbeAUP++lFJ9lOqIumW9L7UW7/q8IuRpugu/002c5e4F4ucl1OpfRr Mii7f2ZEFq7X5sPjdjup8WgrWa4kcjiI8qzWiLc/nzwliwdve62treRp/kKZLemUm8s38BDuw0Q/ +CYFTq7/7IL+kzcs4Lont39GZMvP9Y/tqI2ELkjQf5ZMfv/3Mff+11UtbwOi+kuLSr8n9EG21nYl S2nZ5o9/oP8U3MntgP6D/oP+w/gvubVgQpQehrqEqEYUAgRAAARAAARAAARAAARAAARAAARAAARA IN4J/Eu8FwD5BwEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAIFEIABDXSLUIsoAAiAAAiAAAiAAAiAA AiAAAiAAAiAAAiAQ9wRgqIv7KkQBQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEEoEADHWJUIsoAwiA AAiAAAiAAAiAAAiAAAiAAAiAAAiAQNwTgKEu7qsQBQABEAABEAABEAABEAABEAABEAABEAABEEgE AjDUJUItogwgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAJxTwCGurivQhQABEAABEAABEAABEAABEAA BEAABEAABEAgEQjAUJcItYgygAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIxD0BGOrivgpRABAAARAA ARAAARAAARAAARAAARAAARAAgUQgAENdItQiygACIAACIAACIAACIAACIAACIAACIAACIBD3BGCo i/sqRAFAAARAAARAAARAAARAAARAAARAAARAAAQSgQAMdYlQiygDCIAACIAACIAACIAACIAACIAA CIAACIBA3BP4wfP8iPtSoADmErh4nCrXrqe//OPfqPCG3ubKMkod8sEf7S9p77+OlgO09k815Pq3 wdTvmh5GGsJUP8gHf7Q/3H/QP9C/6H/Q/5o62DBIHOMPjD+SefxhcEsknxfDAQJBCNgqH2L8zuB/ JezUpSCBTbgM+eCP9pes95+LVU4Wys7/pteYoF2CJQn54I/2h/sP+gf6F/1PsN4y/NfR/6L/Rf+b vP1v+DVKPKaIT1/5HYAjCIHL8nUHORW37BeBX0Um5IN/BNqbtwi0P4lIlO4/uT7OdpBbdkfjF/LB PxrtTpaJ9of2J7eFaPyi/aH9RaPdyTLR/tD+5LYQjV+0v+i2v2jUeYzIhKEuRioiXrJhiXJGIT+6 FQD+4B9dApAOAiAAAiAAAiAAAiAAAiAAAolNAIa6xK7fsJcuqjNaeGkgP+xV2qkEwb9TuMIeONn5 hx0oEgQBEAABEAABEAABEAABEACBGCMAQ12MVUgsZsfSQ1giSjjSyRL5tWS5TMgHf7S/5Lz/NHM4 r2SkORNvCdP/10iEfPA3vb15C0D7U4jg/sP9pzSGSDlw/ymkcf/h/lMaQ6QcuP8U0kl5/ymlT2pH FMwuSc07xgvvoJpVq+mQvYMsqaqC/LqpTMp3KQ28/ypacGNPpRxul5usU5+jB6w/Vvy67oB88Ef7 S9r7z9lMa5a8RW18OGxJlbWIm5q2Su6q+2nCgmOUJ1/iusfNsmjK72dTYZrs2Y1fyAd/tD/cf9A/ 0L/of6SOFP0vxh9SU8D4C+NPM8ff3Ri6J3zUeNwBA3k2iUDLZnF3Rc8Or9JOO1q31Wp8feQ7zBWO LEG+MV+5DsDfmA/aX0Lcf7ayIuP6ldq/1Wqgk/i1cW+3hEP7MMgHfz7g89sG0f6M2eD+g/4JhwKG /oX+hf411rECF/Q/xmzQ/yRG/xOOPiRR00gRCpbw1kgUMDQCl/mMtpf5jCZnim6K99dNy2jDHimJ 0YvohcL/JZecInfkTn1GmVF34dMtNOXRSrIMUGfkyUF9f130j+seosqX7yPPhBjIB3+0v+S9/5z1 fEZXJZ3XzOYVVqVsWv4S7ZbVz/xlNJj+oagS9z+upikL+Iy63qJXU+ksWlDzP2TppQTx77jopp+O X05rHr1FDAP54I/2h/sP+kejM6F/0f+g/8X4Q1QJozH+wvgzwPhb03HAGU4CiWqBRLnCR6C1cqo0 y6CEHb8UOF1babHfGQm83RpcK2b1QabjQT74i20H7S8Z77/KyZLemFgZWPnweYWVY4x0TAC/kZuC zkaEfPD36B+0P9x/AQlA/0D/BuhrjMa/6H/Q/wbUKYxh/IHxR3yMP4I0ZFzuMgFsJsHvAByBCbgv p0gBHOS+HDispdfVgQP4XM0KukEF5IO/2GzQ/pLv/tPsc/tdSpBdn/nadqHMpNPqoCt5HO25jxvy FSTgj/anNAYjB+4/6B+jdhHAD/oX/U+A5iHMqFcO9D9aGgoW1QH9C/2rtoaQXGHVvyFJRKAuEMBm El2AlsxRAj/UEvW9bzM5Rqwj12UXpfZQVuQ1ROYJ0yuT0jrRCiHfEKXiCf5of4l8/ykN3Y9jfIWL HK87uP5J5frHTyDJW9A/6b0zAwfq5FXIB3+0P9x/0D/Qv+h/Anee6H8x/sD4K7HGn4HveFztKoEg jzJdTRbxEpWA5v2W3yKm9U7ja84F34YxlDDeQiDfm4jvOfij/YVyb4USxrt1Rfv+886Pz3kPC6Vx 41tw7UMh6Sif9IN5QD74o/3h/gumJ/j1rujfoMlC/0D/QP9A/wRVFNA/0L+hjJJDaEgIYjoBfPpq OuL4F2DpIe83kt6p2W/hKjnkg7/YltD+OjP7NFHuP6Uc1/cM8pmQEtIcB+SDvzktK7RU0f7Q/kJr KeaEQvtD+zOnZYWWKtof2l9oLcWcUGh/0W1/5tRqXKT6g+f5ERc5RSajRiCt/y1001XX0Oi502n4 AGl7xQjmBvLBH+0vWe+/HjTA+ktKu+YWembGA9TvmkhPAod88Ef7w/0H/QP9i/4H/S/GHxF89OOi MP5K7vFXZFtbrEpLEbahiNXMIV8gAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIgkCwE8OlrstQ0ygkC IAACIAACIAACIAACIAACIAACIAACIBDTBGCoi+nqQeZAAARAAARAAARAAARAAARAAARAAARAAASS hQAMdclS0ygnCIAACIAACIAACIAACIAACIAACIAACIBATBOAoS6mqweZAwEQAAEQAAEQAAEQAAEQ AAEQAAEQAAEQSBYCMNQlS02jnCAAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAjFNAIa6mK4eZA4EQAAE QAAEQAAEQAAEQAAEQAAEQAAEQCBZCMBQlyw1jXKCAAiAAAiAAAiAAAiAAAiAAAiAAAiAAAjENAEY 6mK6epA5EAABEAABEAABEAABEAABEAABEAABEACBZCEAQ12y1HR3ynnZTU6nk+hydxJBXBAAARAA ARAAgbgi4Bb6f3dcZRmZBQEQAAEQAAEQ6CYB9P/dBNj96DDUdZ9hwqfQ0fI2paenU8qc9xK+rCgg CIAACIAACICASKBlSzHv/1NpVvV/AwkIgAAIgAAIgECSEED/H/2KhqEu+nXQtRx4ZrlF6C33Ff8q 5tF2gSIksWtMEAsEQAAEQAAEQCB8BCx9PGmd/ha9f/igIiUQAAEQAAEQiHEC6P+jXkEw1EW9CrqQ gctttOiKVM9b7tIv/tmFBBAFBEAABEAABEAABEAABEAABEAABEAABEAg1gj0iLUMIT/BCbS/t45e kIKl/jB4eIQAARAAARAAARAAARAAARAAARDoBIHLDmpsPEOWzAzKzsgkS4hPzu5v7dR6tp3cwvre PSyUPSCX0np1Qq4ctIvy5ejO9layO1MpNydD9sIvCIBAnBDAjLo4qSg1m2206c4V4mn+n2hsDix1 Khu4wk1AGGg0Hqml2rpaOvxpI7V+JWwq4iZ7i41sJ+3hFof0QEAhYD9pE9ub4gMHCIAACIAACAQn gP4jOKNAIcBPpVP3h59T4c8KKe/6LEq9d7t6wY/rwtFdNLcwhVKvyaK8wkJP3MLCPEq/MoVmr/+g 00sIdVY+XXRSY91uen3B0zQ4JYXSM/tRXu4MasDqBX5qDN4gELsEYKiL3boxzNmFj8tovnRlyStT KM0wFDxBoJsEvm2m1x/N9ww0Cm8fTsOHDadf8IFKv+v5piL8s+us3DzKG5BFu77qphxEDx+Bc1sp hQ/KAv8NpqLJc2nDziZyxvAuzh1fvklZA/J4e3sQg8vwtRCkBAIgAAKGBDqayoL0HSlUwPuO8roW w/ix5BmN/qN917NB+aVwo82E2ctp96dnYgmXT16iwc8nE7HicaqMhi36q5qbi+6AhraOY29S2s13 0upGNYrW9fJ/DKUhSz7QegV2d1I+fX+cJl2ZToXDxtLjy9dQg5J6KlkUNxwgAALxQgCGunipKU8+ HVS+5Fkpx4to+q9+HFe5R2bjhMApbvC5ZiA9XnpMyXDRmCIqVM5Uh/081khUaUTX1eE4H0IGGmjv ttVUMs5K6VeMpd0nO0KIE40g0gY2hMFlNOhDJgiAQHIRsJ/ZH7TAn/O+48FhuZQy5kVqvhg0eBQD RL7/cLZ/Gry8jY1U8/ICGvuzbEq55UU6HbMznCLPLzi8aIRw0KbfPtQpwfZjO5TwS8sPk8PFiDFG 9sNlyhj62O+H0rYTSrAAjs7LFxJLl1IcM2MZLRwTIHlcAgEQiHkCMNTFfBWpGew49i49vlc8n1k1 nbJCXCdBTQEuEAhGwE3vzLtHCTTr7SPkuMRo957dVC8MNo5upWLlKhyxRKBnzsPU3NBADZ8c0AzO JtGuTwQ/0b98/VJlsEi0m8YOWETNMfuwINKN8ezFUhNAXkAABECgSwT6jl3P+w/ed1jF6PnzKqnZ 1kynTzRTw+Fd9Nr8u9R035tPA698NOb7DiHDkeo/cu4rE/vZ2i3qGGkUn9Hk6ZN5/3v4IG1c8ojK 8Iv5dMMTf45Y/lTBnXNFil/nchWZ0O0H1tE0zzPXJFq9VNP+A4jvO6mKTvP7RjDQLZxyG6VJ09gy bnuQdtc8qcR0uIK/5O6KfPrBQCrlY3bG//aUzqelpe8qMuEAARCIPwIw9cRNnbmpZsl/Srkt4TNi fho3OUdG44jA34/Tlq1ifgctrqM1D/1cl/mMQZOo6tNXyDJkps7f6ORCyyGq2lpNu4+0KIPRnn3y qGjMBJo0Rh3AKHHbG6hiJ/9ewJLKR9cuuurWYiq2ZkiX3XSksoqaL/N1Pzw+LmJXDaYHxhUo0T2O i8epovJjMQ3BQ0ingKczhKfD19Zr2ltFVTurqOGzM2RnWWTleXn6mWmUZ/ANefvRg1T9Tjnt3ttE wmp8mXwR4QzrcJowvoj60XGq/nMjXTV4Kj0x4SaPaO//nCcPUXVlNVXV1HniC9fZtTzPU6bQlMlD KSvc3yHwxYpzreJT1pfygsUTJ/KyS09eXL51yHCa8sg0emvKdTTdU8+r6GDzC3wdFd+1Ljtdf0IB w8S/p5CWdIS6cLMcPm5/+W7edVs/oNP8k2SxjYslyRk6kQr7cCIXT1N1zcfKvSRcdfGnKOsY6Xq8 x4/bikPGQSABCHj6j+E0sD8vC++Gs3OsfPF5qW/rn0vW24rpsVl8SYzH+Gx7T99RSveumEZHf68f I8gkzhypoopNW2jbZ//t8UppTKFrJw2jBx59gCbeURDwMzx3ezNV87FD1d4j1Npu5x1nFvUdkkvD //12Snd+RuWb9tLo1Xvpt8OulcXpfqPSf/Ti44khWUTf/5AypdyMm1JEVqvEkPtZbxtG0x6bRpN6 /ztVCWE2bqDmP46nQp+xgJtsR3ZzBnvocEu7lBofg+T8gsZMnkDFt+UY8utoOUBbPvy/lCql5+kf 7pxChcIw6iLvX2oqqHxnLTWcbCeW0Y+Kxj9Bc6f9mtK8ngSjwk8pZYw4+Ceki+543pOZmdtX08T/ fZnmhJI1YdOInFzDkBn5txr6G3p2Vb6QmKY+O/inujhAAATimACfkosjHgicfJfxZub5G/d2S0Rz 7G7ZLMoe+Q5zRVQyhEWagPvoG0o7W/mXDj/iz7ONk8W2uPWE2zeM6xTbWDJQSUdut/rfQrbuYKsu buOr/fRxBm1S25v7M8Y/vdVfp2JW79UgbaXDvMLwOBMrmePbejbDJ76U3lN7dflgl86xill5vukY xdfmUU7l0nlWMX9k0PilB9vlGGH+dbFKqX7Izz2rrWcffdLF+hMK0R3+zsbNbMKYIsY/s2ZFVqvK z1os+snXhN+CiWzb5/7aZxdxfrWDy5/gkW3l8kP5I94Gd57tojyvaO6jr6hl1rY1XofC0eJ9f8hh VnzuuR7v8T2FwH8xR8BW9pCnXY57M7LjjpgDkRQZUvsO//V9ji2XdQ8Vsv3feIH55jPGZ+UZ6zIl Xgk7cNZg7MCTktubfrzgm95Ir/YY9f5DxnD5mDLW8MfQVlqs8Cnz6sfcJ/Yr8f0z4Px8xl4u9laB Lyehf7c3linyvNOcuV0ch0SdX5T7X7n65N/GV4dLzBaxc9yztWyqeO5nTCXHC/RrKxV1qVAHZbbA 45dwyVee32gSO+41Xg6UV1wDAYGArI/96TJQMp+A8O08jjggUDdL7oAnsfrvIpthRdF3o4OKbI4h rcsELn7GiuXBdP4adqqzHfvlU4y/ddQNCmevrGAHDx9iB3dsYXPG6K/NrDqjZNVt28meLrlbNchx A5sinhvPNs6axqbPelrNn9HA4+x+tqBkOpvO/3wNe5LsMRPZhCJNPrgc9TjHXvJ+yBgzg72w7o/s hVnjdeXyDHh97onz7DWvMnrK/0kDa6jdxpbdo5HLOa08dEEVHTaX+rAViqFO98DTjfrzZL8b/P0a orzak/ygkbe2KWzEhIS0xktZRii/6+oDD7hDzqT9Q7ZQ2/6lcpd94fQk4bLXe91bhWzCpDlsV7P0 wBvv8UMGhYCRJICBeiRpR1uW2ncEejCz739G6Qt1+s+hGT949FcxW7V5D+Off/L+v5RN1OnyYl8j 37f7NP32JFa6o5GdPtvGmhs+Yhvn36XIFPSyd/6i3X8oNReCoa7lVfWF4nqtoU7zQl7se0R+h/j4 ac/mVZqxjziO8H5Raq9d7xn7TOf9iL++q2jyBF0648rFMVi0+UW9/1UqkDvadyj8lhwUx2iyHvQ3 ptJG17m/c7C2E82setU4T5qecSkfW5+7pAulPwmjfOX5zWi8rJeKMxDwISC3e2996xMQHqYRgKHO NLRhTFgzeBkozZ4IY+pBk1IUvY9RImhUBIg7AufYGt1gmtjsxRtZ1Y6DfLDd7Bk0uxTrmW/hDq8a oQxw6OZFrN7hG8ZW8zs1jMEb+WCzwdhJaYZnkIGHko5SnhK2yyYaPYRc2b84wMorqthxTR7lTkke JG9psOsL8N0x9pLWEOd1T7TWPKWWbfRydtzAqN66f4UahkpMeMupPmwJswmNqquxdKySh5V/UY2F 4ag/GVin+X9znD/M7Wa7eVurXjdLyl8he7Vij+QvXBP/qqpr2SkDtrLsLv26zrHdFeWsqroq5L9y nrew56N9v+6BdtV2yZjNjajLlLZXyHb5zKiQSh3v8btUeYhkFgFZJ2KgbhbhWEpX7TsC1rdmTKqG c7GaEvVF1KjFexlf39brcLHaVXcqfQ9N1/dP7qNy385nHP3VKyo/dX76phJX94JJCBrt/kPOblBD nfpFgjAj+yNl/HFe95Jw0LwaX358tn71ghyFAQkGH1mu9leTB8VgN/F1dlyZ/ehittpdrJz3o0od RZtfrPS/fMSkjF1GbmJy9ch6sFOGOo3BTakHmmtcZ0r9hVE+T1N5fgsyXlbEwwECGgJyu1f1vOYi nBEhAENdRDB3T4j68GzwmUH3kg4ptqLovYwSIUVGoPgjwGdFKbPqFCOXOgAXBhyj572lM3B5CskH h+obc+0A1BdB46uqoUg/4NYOUow/tVbaY8CBhyYdoQyj+OxAn4cGr3x5DW63GjwoeGK41U9biA/k VEOYdqDNZwvIIzwvMcLpnlm5ymBb90bdIGznvTRlFwaaQrk9fy7mOFvPKpaIb3bFgaPGUBiW+pNz q8lDqPzlqMKvYozl+QtWb9p4ieL+9kPNvcSN5esqdJ+TbQvy2QyL9/iJUo8JUA4M1BOgEkMugqq3 Az6YafpKJZxTMxuOG5D8d3/n2EJlXMG/EFE7UD6rWTXULdnOP7U20P3uL7ayGXz5g3WHAiwdEc3+ Q8PmLmHWt9z/8jecwstB3ax67Ys0eYkZgU3+nwLw08/aNxw/aMcoPL1Ri+s045QQGkM0+YWQPTOD OI/8QRmbaT9PlfVgpwx1GoO2aqgj9sjaI36LEFb5XEpo42W/2cGFJCcgt3tFzyc5j2gUX7PkJFcj OGKPwN/radncA2K+nn2JRvSOvSwiRwlGoM8I2nXpPNVVbqQ/VpZTNd9Mwft478Vp9N6Lf6QD9noa LixULBxnGsQFkrlz5Npl9AuDDRo84fh/BSXP08Tf7vKE37evkdyP3mS4OLIcvnu/i+jUrlnUL5i2 c7vJIQka9GwdTRrgR2rPgbS6cTM5pq2hnxZrFnXuaKPDfBFu8dhNr726jP4irOPrvVA0P1/4sk0O SIeP2ank5p8q52F17HuE0q/Q7DTnlfi87QsoT86fafUXIn9N3jr4hgriwWtEcAerOzl4d37dp2kP 36zB2ak00unnd46hfvLmHZ2KGyDwT35J2xyfUUn6rbSBB1vz5BQpcCGVfX6EJub4bv6hSy3e4+sK gxMQAIFYJ9Bx9jQ1yJk8OptWr/qHZ8tV7cY4wk44FsspekEOR9uo+asOKuwvbl/QM10dNDx3Vw49 x8MV8M1yBvfh/r3SKLH2C6QAAEAASURBVCM9k/IKbqcl7+6mzAA6Nyr9h1Im1bH9qQJKeUo917sK aecr9ynDgzMN9crldf81jVQSirfkSKfpK9+gx/f+p+f88LFWPn5QN6zweGr7y6f20nvP/VqKG9pP VPjFQv/LN3B44bZnPZC4cZMe1PSzlh6C/Y4fV0q/4lng/39yB9W7XOS86KAzjbto+shHPffIpqdu o4y+7bR8nNdmKOGWHzh3uAoCIBAHBLTqPA6ym3xZbKn8Pe2Wir318V8nHwCUODoEeqTT0KlzPH/C bqlOp4Mc9nZq5TuZrpnwW6lNNtCIhe8T2zDKk0d1cEd0zpESON/c+NIqh+CDcNlWJHuF9XdiHmWF oOk6Wj9TDI39cuV924xzclXBVNrWMFV/kctI1/j8+bmF9GfNuT/nec43skchzV45h6Y/cj/laQz/ ptVfiPwjy8BXWsfJ/VQ8RXz48b3q34ev0US/Ndg113+MEK+kDabSr96lDX3uUSNMWEMP3hzESCeH jvf4cjnwCwIgEFsEnG2KUe5qufO+4l91eVz2zELdud8TvpO7clx3J/GlMSj37hWKl7BTe5Nypjpm VbXwsYiXgUq9HLuugom06pnHaQbf+V2726r7e/k1IZHDMyYIoOfdTqV85y8qTkPHuMJsQ/9Y84yF /rfD9hGtlsC872jlL+7OkdOdwo3LfCPkzWXilVO1tOje+2n1lTV87Ds+OEYeOc2SSQV3lFD9Vxnc 6DzOc++8+NoH9Ny4e3VjX1PkB88hQoAACMQwgRAeX2M494meNf525aUSyUw3vZLG9kn0AqN80SZw oXEbLf3Te9R37CJ6Ypw0y4tvN5/WO9Pzl51vpWGXi2hRjxvEt+IbG6jtjVGiIeySmvsbssU35KqP l4sPXviiuuJg33ZBeNGuG7B4hdaf8jeUnTq+0zwIBIjY85ob1Dx123ZWQuU7xpMlkBGOz+CjXtn0 8zFmPmzw2Wzfzacsng9PkYS67CU/WXnBMKv+QuTvlRvplJs+I9RL9UzPIv7JN7VZrcZZMfBtbMyi 7H8L8EBlECdkr8tttKZEY6QTIlb/mmZX8AfUKSG0mXiPHzIoBAQBEIgkgfbGA4qh7vYCA0PQpDW0 +6Gfkpu/kPN3uHn/l5ZRSMM0s5aEsDnj/0DM8Sjt3VpNBz9toVZuFHRfFPrwNtqjmd3/8sQcKrYz dUa/oaDI9R+G4vlsNtfqX/P8896Xs7DwWYGC0cfwcP8/xbvfj/0FEoP0vDJLCRt0qBI0gJKUgSNy /GKi/9Uam1+ZRsWvGCBpKqXVguV4ZEfnxq1CUtfdQXMnE92/lbv31VPb5Xv1X3qYLV/IAw4QAIG4 IhChR6C4YhIzmT2zs9Tz2ZOQofVPTgjdkBEzJUBG4o2Avf6/6KVSbhwuvUDDLm2lPCMN8YN+VLRq BL3g+ST7ELXzAagwY61ndp7H0CGYlndU1JLzoZv8fr5xgQ/0N0hwRg3XfD6qBebnE4PWz3ZoQ4XP zY2RwiOH8PnOjv8op7ZpSwLOxLO38M9Xe/ejzN6SUZJzUN6Jj7LShDuLon/PCrPZuGFO/BcYVdjr L7C4EK+WUnP7esrrE2Lw7gTjszl2sU581tIdWcHiciPb6+Ouo6f3igFXVZTThVUP0AuNRC8/kMNn XDTRpodu8Z9KvMf3XzJcAQEQiCqBNtp0x0opB5NocD/fFxUj/30YFd0ZQD/5y/9XB2js9XfQjW/z lxElc2hMiVfAyw6qe+VhGjZ3p+fC6f/7T26o85Wvxopg/6EKVVzCbDYLfzlmSQtseBMiZBbcwf8X X8yX7bPxzy7982va/64iY0RB4Nn/SsAuOSLILwb63568rkI9Zj1c0O3xnbcNNdLyQy0rwoEACESP wL9ETzQkByTAH7Q23r1WDDJyE00N9XOngIniIggEIWD5iRRgG21490s/gduoruKAeC1/LPWTxzY/ 6kfD5MlI7z9Gs9d/bhzfWU9zhsxUrg3/pfaNvIV+mj9CvFZVRc3en3XwuMosUyGUkSHRE1vOFD/h Bj/Nmeeq4X8/uIEeVB4MltK05R+Is9C8AzubaXlRCmXlciPY0Eo1DF+7TonPyz+/2h8/vnTPt6ep ruyPNGfWGmr41ltAd8/1pdWfBUg7LPUnp6+RGip/Oarwe4mvbyQdzf/zN9mp/l5so8a6Kqoo20tt 3qNdNVScukQj3eOSkW7l++005/4ptPTIMVoo3V//xR8Spvm7v/jME8HIF7/x47TakG0QiHsCGr2t cSrF4n3f6/dcR/Mlj3FvvkCF0lpxPfsX0hzJfx9fm21Lyz+VaN4O58kGqnj1BVq4pJKc/AWXfHQ4 7R5T1csP59C2kx2yt/orLMlxJ5+SFOyIw/7jqgGDPS86haIJ/EobDfo9fu1CUxlZ+fq+4lFMt9/4 Y8lt/KN8mmx82dg3DvkZF6STvjdMFjZYNPzji+qLiU2s9Fw3nNXODcm2TxupsaXdUHDHsa3ibDrh 6sjB+tl0gl935QtpeB09lTFyeoDxslcknIIACMQOgWjsYAGZwQk4654XpnZ4/lYeuhA8gokhlF2D sOuriZRjI2l5hx+57S2pbhR3DZWy5/rmOHvtUbFdCmG8dwJS2orUdvNnvsXqzzqZi+945vrOwRr3 r2P8k1elbZN21zNJRmvNVPX6LXPZgYZW5vimjTXuW++1G20JO2BrZW3fuBV4Tls9a/ikgTU08N3V xshyitmuBu4n+PO/NoeDnT7hVOLoHO37VdlCPkcvEuXzOG0nmln1+nn66973xMl3dddHz6sUy893 fnPxNJo/OcBemzVKF2ZFfYcuC10+ueTi6XuV/eZF7KC27N8FTr279ddt/nL2dLulTWLbGuzM4Wjz 8Ns4/xFz+Mmyo/Xr4u2j4SPd/UXEd+3V5Ee7I5xw/921di87Lbf/eI+vKSecsUNA7hO8dX3s5BA5 CQsBof/g/eZCqd/M531X84nTvK88LerdJXq9S7SInfPalbW15imdbp6/uVbsn3naYh++hc1R+mWh fy7U7/qq3fmU67dVVY2s7TtpW1guy2nbz2Zoxg877X5KHo3+47tz4hjjSJkyThH6/4Yv5LFHM3N5 8fLOvXyvyeOv2Wvr+HiFj52E8ZPjHKtdN0vHd9zbfGdc5XCx03Jfr8kD8R14tXkQ+tHTdnXMpETX OqLBTys/htxtQv1xrhXzRyrsdzXYeLv0zaT76BtKGL5jGtuyj7ffbxyeumusXqle42145vYzvgkY +HRGvhjdxTxxPGPBBlZb+awid8mORn6Pi+2x+WyQNmCQF3glHwFZJ6H/j17dC28GcMQcgfPsJats ZHhZ96AWjawqD+/eRoloZAYyTSVgKy1WOnV5sCj8FowpYkVKm5TbZgk7Lo2htZmy719hmIY2PY97 1Bp2yiA+u/iZMtD1iaMZpKvXNjFPMu7OxCvWPSBo8+/8pCy0/NNcVq+1okiJtO5cHGJ8zpEb0o4b DPi0+QnVrRskGnLi8kK4h7tcf2HiL5e3dv5NIXAsMawDOY14+rWVDjMsb97aJrEYJzcbXif6k6f9 x3v8eKqrZMorBurJUdu2siI/+kXu7zW/o5f76bdcrHbJiJDTGTSvRj++9avjNLLlvu2pvQErJtL9 hz/9q45T+ItNnWHNKPuc36o7Q+LHdyUVxz1SMiH1/zK7QdKYySgLkl+k+QXISvQuBRjTKP2yNnfe L3pl3t6/0yt1dadNQufurHweOfR2MIkdD2I41uUFJ0lJAP1/9Ksdn77yXjTWjo6mzfQ0X4tIOJ59 /36/63yJIfA/CISPQOagWw0Ta9q7h/ZIbVII8MiKGjrn4muHGXwekzHiGWLffEZ85phhWsQ/8Hh1 RyO53pulfjarDfmjwVR19kPib/Z9jllvHqHTR8s8mz7IF0ct7it+2vqDTLpd/vRWvujvN384ZSif BOgDXTXkQb6Y9XHa6C//BSVUuo/nn62kwjR9XOGs79jnyH1W+ER3kO9FyWfa/NfowBd2Yp8voTzp 0yG/gUO8ICzGzGcrBjzu4gtwG1SZLk6X6y9M/OXMDF12hPasnCWf6n7vnrWMth228TpYb1gHusBx cpKWMcQwp/flZIj+16qflmkDjlos1mm8x9eWCW4QAIHIEsguuC+wQGsxTZv/kkfvsr3z/PRbFhq6 aD/ZP9lKM/z2xcU0f10F1Z9109Hl43XjW+3O4/zloJ/8FBKfaUeuV0b7uS56R7r/8Kd/tZkcmxNs PTnOb84OcjbsJD7zUHNoevbRc2lXg53ee+7Xur5c2AxL2AwplGPUZGnMFCBwpPkFyEr0LvE163L9 SB/Zx2Dwd+0IPvb7kJZNzvcTi2hpeRO5Ntynqzu/gTsrnycUyjjQI29iUcA1mP3mCRdAAAQiSiBF sBVGVCKEBSXQsqWYcqfu4eHm0qlLK33XMQiaQngDdHxZRpYcvj7DyHfI9b5+O/HwSkJqUSfA10as 2/oBtf0ojyaOKyDiO661tn5NDjffaZWvBZaalk7Zubl8u/kQc+p2kv0rO990IZtSL9rJwdeYyc4w GOD4Sc79LY8jrGHTI5XS0/iOaX6Ma36id9/7opB/B1EGX9/jostTfr+7phpJ4/FbefktGXyAzuNT r3TKFHZdjXQ5jPIWil836y8UEUHD8Pp3co7CrnnEB64e/vHCL2jhEAAEYptAy5aH+XhkM/FPX2j7 oyHsNhzbxUHuIkhA6L9bv02hzD4WcjlD6z+dwnghje8yL7zAEnS/00kuz/iDD0CE/rMT4wdPUeO4 /3Dz8Ze9vYPS+2aS6wznwscRmSEPvsJU0XHML0wEupaMMPZrbSUnb7aew5JOubncQIqxS9d4IlZU CKD/jwp2nVCoDB2O2DjJuW8LNVzbSD3zfxF1I11sEEEuIkagRxYN5QvXK0daFuVas5TTTjssaZTZ XzLMpWXr3p6HkpaF78Qa7B10KOl0OUwvnv8cOf+hGxgVeTx+dnfiKwlFydHN+gtLrnkvlcaNtDhA AARAAATih4DQf+f2FvObxvvCUI60PpoeX9D9vdP4uCG0uIbpx3H/YeHjr2yp6Gk52k23DEtqjmcc 8zMHSIipCmO/fL/TSkNMBMFAAASSnQBXwThijgCfdWS9Y1jMZQsZAgEQAAEQAAEQAAEQAAEQAAEQ AAEQAAEQMI8A1qgzjy1SBgEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAIGQCcBQFzIqBAQBEAABEAAB EAABEAABEAABEAABEAABEAAB8wjAUGce28RJ+dI/xLK08cXwcYAACIAACIAACCQHAfdXnnK6XSnJ UV6UEgRAAARAAARAgG8iiP4/2s0Aa9RFuwbiQH7PjFupfHM5savyQttSPA7KhCyCAAiAAAiAAAgE JpA5eD7v/6fTtQOvDRwQV0EABEAABEAABBKGAPr/6FdlCuNH9LOBHIAACIAACIAACIAACIAACIAA CIAACIAACIBAchPAp6/JXf8oPQiAAAiAAAiAAAiAAAiAAAiAAAiAAAiAQIwQgKEuRioC2QABEAAB EAABEAABEAABEAABEAABEAABEEhuAjDUJXf9o/QgAAIgAAIgAAIgAAIgAAIgAAIgAAIgAAIxQgCG uhipCGQDBEAABEAABEAABEAABEAABEAABEAABEAguQnAUJfc9Y/SgwAIgAAIgAAIgAAIgAAIgAAI gAAIgAAIxAgBGOpipCKQDRAAARAAARAAARAAARAAARAAARAAARAAgeQmAEOdpv5btjxMKSkpPn+z K74UQ31/muYaXE9JeYaaL/Mgf6+nEsPrmjStk2h1ZR05hfDex7mtPrJ98zOYiibPpQ07m4zT8E4z HOcXj1Plqhdow/6WcKTW+TQgH/zR/pL2/utoOUAvLX2JDto6Oq87whAD8sEf7Q/3H/QP9G8YupNO J4H+B/0P+h/0P8na/3RaYSZiBIZDIbBnNjFexz5/eWu/FMO4P2PFBteJClm9iwc5+a5PXKP0RL9i tqvZrcgWHO6jb3QivpBPnsYJfRq6BMN0Yqt8SMpXCTt1KUyJdiIZyAd/8Z5B+0u++8/FKidLOnl6 TSe0RriCQj74o/159C/uv3AplU6kA/0D/QP9A/3D2wD0byf0ZriCQv9GV/+Gqx7jOx3MqOM9gHyM WXyOGmq3EDfGScciaviimfY/eqN43nMwldqaqeGTA7TQKodZTg0ndlOhhZ/fMJnabPVUMX+kePHm RXSIxz99opmaGz6i8nXzqVCORrtpbJ6FtnzxT8WnZ87DPFyDmP4Y2XsS7fpE8BP9y9cv1acxYBE1 u+WwJv0qs/8ckZvFpy0K5Es0wN9wJqq2rZjhRvuLbvuT6/RsB5mt6mRRhr+QD/6GDSNCnmh/aH8R amqGYtD+0P4MG0aEPNH+0P4i1NQMxaD9Rbf9GVZKcnjCUKet515ZZP1VAWVKfr8pn07W/FzKEoxw 0pGZk0vWIcNpYH/R4zdvTyBr/wz5MmXmFNJt+deK5wPy6HYeP7t/LuVaf0FTfruM6i+dp9pVdyrh p97yOjnlsx4WHs4qpt9L8pw4kYqHCH6i/5SShTyNc7RxshxpFR1sVo19sq9ZvxoUZokImC7kB8Rj +kXwNx1xQAHJzj8gHFwEARAAARAAARAAARAAARAAgQQgAENdgEo8f9Hf/A3V/7zqVFJyX04R3d+l +Fqge6TT0Dk7qHb+TVL4WfRq7d+UuKJDk6hhGln0wHNvKHEOHGtV3GY7NDkzW5Rh+pBviCVinuAf MdSGgpKdvyEUeIIACIAACIAACIAACIAACIBAAhGAoS5KlTn0yVWK5I+6aWhzm/z0bukhLFEnHOlk 6SG6Ivk/5IO/2N7Q/pLv/tPMIbySkeYsQipIIxHywT9CrU4Vg/ansMD9h/tPaQyRcuD+U0jj/sP9 pzSGSDlw/ymkk/L+U0qf1I4omF2Smrda+GsH0zK+zt2CRqJ9u1vI/eQtxp0AvzmNDtvHuxTvEQXy x7qKVxcdDqpZtZoO2TvIkqoqyK+byqT0Smng/VfRght7Kum7XW6yTn2OHrD+WPHrugPywR/tL2nv P2czrVnyFrVxTWhJlbWIm5q2Su6q+2nCgmOUJ1/iusfNsmjK72dTYZrs2Y1fyAd/tD/cf9A/0L/o f6SOFP0vxh9SU8D4C+NPM8ff3Ri6J3zU+N4Lw4TcXz7GZkg7u457s8WPAHUnGKMwtjJpl86R7zBh M1jjQ02DJlZ6hdNcG7mJOYSdVj1/LuY4W88qlowTrHfSXwk77l+IsWh/vi2bNenK6Wt+rVbj6wHL 6U+YgT/kG/OV6xr8jfmg/XnpD4N7KxSvKN9/trIi4/qV2j9fvtPw+ri3/enpUAqthoF88Ff7Vd+2 hvbny0TghfsP+kfVol13Qf9C/0L/GutYgQv6H2M26H8So//pes+R+DExo45rwKgffB06v8e+Ryj9 ikf8Xp63fQHxzWPDc9wwlqpXzqdDzhTd7L6vm5bRhj1cRCOf/jd6Eb1Q+L/kkiVyR+7UMUr4C59u oSmPVpJlQCiZctE/rnuIKl++jzwTYiAf/NH+kvb+yxm7hF6alUvnNbN5ia/y2bT8Jb5HtqR+5i+j wfQPWfuQ+x9X05Qieb1PoqbSWbSg5n/IIm/Go4Q0cPA1SH86fjmtefQWz0XIB3+0P9x/0D/asRv0 L/of9L8Yf2D85Xn8xfgz4PjbYJQNr3AQSHxbZCdLGLEZdecY//RVnCESaEadPJtK91vIZq+sYMe/ 6WTZuhi8tXKqNJOFz94TZvYFOGylxYazXnhb9eNfzOqDzAiEfPAX2w/aXzLef5WTVT0ZQPXwS3wm 8hh/esaPP5+xHET9MMgHf4/+4f104APtD/efHz3jb/wD/QP9G1ipoP9B/688JwZuKuh/0P9Es/8J 3DpxtesEMKMukLVT+2IxULiuXPu62bM+nRB15EirMiPNN6lFdOq7+ZR1ma/HJFzsYaG0XmZmzDcH yi625CD3ZSEPvmFkH0uvq2VniL9ZQTeogHx5xiX4o/3x2yqp7j/NTjnSDtj+tR9f2y6UmXRazXQl j6M993FDvoIE/D19sP/2gvaH+0+5W0JzQP9A/wZsKeh/FDzof9D/8MaA/le5I7wc0R5/eGUHp2Ej EOCRL2wy4ishbohySDne0Wgjekj9rEopyPdtVC8tcK7pRpXLoTjq1j2hBBs7JMBmEBPzKIsb5sR/ SpSoOfwrSTFLfe/bTI4R68h12UWpPZQVeQ3z6wnTK5PSOtEKId8QpeIJ/mh/iXz/KQ3dj2N8hYsc rzu4/knl+sdPIMlb0D/pvQPo3sDRDa9CPvij/eH+g/6B/kX/Y9hFKp7ofzH+wPgrscafys0NR1gJ BHmUCaus+EisZxbdzndjreLLsdErd9O2pxlN6qPP+oUPt9Jqyauwr+92g5Yewkxlfhhtp3zZQXV/ mkXDln8phhn5DpX47JiqN0fpz8Ro0fo/FMNkWu80vuacLxfvPIcSxjsO5HsT8T0Hf7S/UO6tUMJ4 t65o33/e+fE5F2Ycc+NbcO1DIekon/SDeUA++KP94f4Lpif49a7o36DJQv9A/0D/QP8EVRTQP9C/ oYySQ2hICGI6ARjqfBCn04TnnqKn717ruTL5+sm07ZNVVGzty2e1uamlrpRyRz4rxZpEU391rS4F e0sDHTn6teh3opkOtbRSFqfsdjmp5ePd9MKji6hBE2PnxnvVqbz881Ybn8Xn7nGeTl+UAvE0avkq lunCJ6f8yMi1UmZnP+8So3b5f8XwSOmdmv3WZYFeESFfMvyCP9pfFDR2tO8/RR1c31PVlYpnBB2Q D/4RbG4+otD+0P58GkUEPdD+0P4i2Nx8RKH9of35NIoIeqD9Rbf9RbCqY05U15e3S+SY59lrISxK PqvKa1vkls1+NkwwWuCxmG2zdegguo++ETz+yHeCLr6rSzQcJ65TrGLlUla6zxaO1DqfBuSDP9pf 0t5/7hP72eolq9mBZnfndUcYYkA++KP94f6D/oH+DUN30ukk0P+g/0H/g/4nWfufTivMBIyQIpQp 5qyHMZEh/onqq/wT1SffNshNMW05tIEeuD1Df63jOJVYBtEGva/mrJDuLimiojFFNOnO23xnB53b SYP7jNPNuNNE9jjverOJ/vzoLd7eOAcBEAABEAABEAABEAABEAABEAABEAABEIhzAjDUBavAi06y 2Vo9u+14Nj9I70e5/TOC7lQaLFlcBwEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEtARjqtDTgBgEQ AAEQAAEQAAEQAAEQAAEQAAEQAAEQAIEoEfiXKMmFWBAAARAAARAAARAAARAAARAAARAAARAAARAA AQ0BGOo0MOAEARAAARAAARAAARAAARAAARAAARAAARAAgWgRgKEuWuQhFwRAAARAAARAAARAAARA AARAAARAAARAAAQ0BGCo08CAEwRAAARAAARAAARAAARAAARAAARAAARAAASiRQCGumiRh1wQAAEQ AAEQAAEQAAEQAAEQAAEQAAEQAAEQ0BCAoU4DA04QAAEQAAEQAAEQAAEQAAEQAAEQAAEQAAEQiBYB GOqiRT6e5F52k9PpJLocT5lGXkEABEAABEAABLpFwC30/+5uJYHIIAACIAACIAACcUYA/X/UKwyG uqhXQexnoKPlbUpPT6eUOe/FfmaRQxAAARAAARAAgbAQaNlSzPv/VJpV/d9hSQ+JgAAIgAAIgAAI xD4B9P/RryMY6qJfB745EGawfRtDb7Cv+Fcxj7YLFEO58uUGHxAAARAAARAAgfARsPTxpHU6lsYk 4SsdUgIBEAABEAABEDAigP7fiEpE/WCoiyjuUIS56Z0pqZR+DX+DvePrUCIgDAiAAAiAAAiAAAiA AAiAAAiAAAiAAAiAQAIQ6JEAZUjYIrxy12s099ISykItJWwdo2AgAAIJQuDicaqo/JhcUnEsfX9B D9yRkyCFQzFAAARAAARMIxDv/Yf7NFWX1ZFDAZRKt02eQnlpigccIAACIAACnSQAE1AngZkf3EJj nnmFaOtMLmopvVr7OL048lrzxUICCIAACICAQsB+0kZuSyZl9wntSaPjzAF64FFBb0vHoE008WgO WeRz/IIACIAACCQPgYtOsp1oJQffiC2Vl9qSnkHZfTPJwp+8nO1OsvRO87gFIPHef3Sc3EkTtf0f L9O6wZMor/CHQvFwgAAIgAAIdIEAPn3tAjSzo1x160P0klWU8oc5FeQ0WyDSBwEQoJYtD1NKSorP 3+yKL0U635+muQbXU1KeoWZhR+S/11OJ4XVNmtZJtLqyjpxGOyif2+oj2zc/g6lo8lzasLPJOI1u 1GPTH+8MKn/8+s+7ISF+onZ8+SZlDcijftc/SA0hLszZs/dgWlhyNxVJupuyhEczHCAAAiCQ6ATc VPkfmn5O0w9uafmnWPhTfvq3GX/2rH3c0VQWtP8p4H1feV2LIcz2Xc8GjZ9SWEgTZi+n3Z+eMUwj bJ6X26hm6TRKuTKdG6oK6Rc/K6RC/pc3IItSrxA5pWemU+q92xWR8d5/9MwcTAtKptP0yWOUMgkG SRwgAAIgAAJdJwBDXdfZmRgznaasfF5M/+hsKvvkbybKQtIgAAICgdbGzYYg3v82RfS/7CCbYYiD 5BYMb+2naYPhdY1nUxXNnTKM0q8YS7ttHZoL/I2647zu3PikgfZuW00l46xiGif1aRjHCcXXTS17 dgUNuL2qJUk2lJE20OHzIEKeEZfxS1q6vppee2ZqUI4IAAIgAAIJQ+DyeWpYb1wah2Sn63D56d/+ Ir6Ktp/Zb5yAxvdz3vc9OCyXUsa8SM0XNRe409n+qd7D6KyxkWpeXkBjf5ZNKbe8SKdDfAljlJRf v68P0KQrrqMJz21Sg1itVKieqa6LbrU/jff+4ye/pBfWb6ANlatohlpCuEAABEAABLpBAIa6bsAz M2rGr0tooSTgyUV71c7cTKFIGwSSmMCYxeeooXYLFSsMFlHDF820/9EbRZ+eg6nU1kwNnxyghfKs KVpODSd2U6FgzblhMrXZ6qli/kgx/M2L6BCPf/pEMzU3fETl6+ZrBuu7aWyehbZ8IT3F8Bg9cx7m 4RrE9JWX0pNo1yeCn+hfvn6pPo0Bi6g5LA8bFrqvgpdfkMPzoJSB09hS2+jxP3S4gdr+z72hG65E CnH/f2fxui9Lht24LzkKAAIgAAIhEOiRRUvtx6l287Nq4Hk11PzFaSrJEz997JlzDz/n/Yumjx20 uIZO77/f06f0Hbue939q35o/r5KaeX8r9J8Nh3fRa/PvUtN+bz4NvPJRXd+Xc1+Z2H9p0qdRazz9 madfO3yQNi55RE3ji/l0wxPibD7Vs5suZz2NzbiDqqRk8me+Rce/cRPjfWo9Y+Q4sV8zduCBrmQ+ AuO+/zD6WsCnlPAAARAAARAIhQAmJodCKRph+MBnesVT9MKUtUT77qNtLXfTgzlY6yEaVQGZSUKg VxZZf1VAmVJxf1M+naz5P9UVPjMnl1/PpS/7c+9Got+8PYGs/TOUMJk5hXRbvrSmJP908vb8XOVa rvUXNOX/m0N1rzxMw+bu9PhPveV1GstmkmcVtB4WyuVv3oXjy16eH6KJE6l4iGIVJOuQ4TTlkWn0 1pTraPpWIcwqOtj8QnjWgUnj5R+S5RGc/qW8LmYqWf+9gPK60FM4Tx6i6spqqqqpI7tUHHbtYHpg yhSaMnkoZXlPVXO30Z6tH4if+rtd1HPQcJo45Cqq2/RH+mPNx9TabieW0Y8m3v84zZk6NKjB0N3e TEfqmqj5WwdZLOmU2Z/Xx20FlJbCN33Y/DFfMIh/msrlXHVrMRVb1ToUstpTyq/w0+XPd67nqfBP oPZu2kgbNPl/4MFF9MSUW4LmX5MFOEEABEAgpglYMvJo6O15Sh7LHhlPuQOUU6Ie6ZSbn070/Q+V PvZ3k8dTtqx6Pf3fcBoo9a3ZOVbKzblJTKB/LllvK6bHZjXT648NpMc9fV8p3btiGh39/c/FMEL/ LfRfmvTHTSkiq1VKg4ey3jaMpj02jSb1/nfRmLZxA/3/7L0JfBRVuvf/y6vedObVIfHqNWGYdwB1 DKtJ0Ptxnb/shACCwFwBQQXCzOgoooCyqmzKKqIyI1EYCRCvbKMsUZbEz0VgRiWJAkkckTADErwy JIyM3bngrf9T3VXV1d3VW9Kd7iS/0tCnTp1znud8z1qnzlL+6mDXhzaTqvU1fjjnFuzQPPddeBDv T9V00+ySb+iFubt3Yec1fVCi2n3n0J5Y/DSw/ThxcDM2rFmHTZ/+1Rl4QmkCrhvWQ/ZRHYWhvTOC tD8yw754E9ZL+73j0xNO/2mp7ZDRfRiGDemOhMMbJdx/IPP+32Jol1aeylv2FRw4uHWzzIJMcO7V 5/Qgba9yfU+M6tHW07/cqW33lo3Sdyg86Gz3obRG21s7oOfddyCl9lOsX1OIfksK8VgPvZ8CnC/d Kzp9gyTpV9gFa+bAkchK1YK+IAddyJYjDrXNVy+vdv985R5s2vffTr/O51facKYwD+skPFX2yFlL Mbn/VShYPBOLt5ahVGZmZo9fiSUv/QYd9b6a0yP/IQESIIEIE1B4xS+BS0eU8dJMSJIrGLc1Zno6 Kte6dOjztmKPmRYUTAKNQMBU5ga9XulHoF0pGO4ql1ZuKvLHBC0vRdNvcrmRsj1n73kvOe7w4afM OQ7/3vA/6C1/enoFG8atEQcMU46GW+gvnlNkRp6hn7P+0usx02/e3jMeGjkOLw/qxwiryzLl64se 3k03dqVo8UA/YeUoQ006uML7nbNeqy1dq9yX3V/pr/5lZrr9Z+a47PRn6m/GUGXTZ3UmmW6jm51W d/vIE/s+a5QatxeaSCBuCej52aqui1ulqVhMCBh9RanzVvmpHxVTG+vrxt32+c9vXysLjDo1S9n9 rVdUTeH7C6MiL8eo3/P96ekVbNDbs7sUWd6qhbtA+TqAB73/cO/LB31c6eXNaOuMMPWwg7Qf336q yIx/I37W4eQqe046fGQ7Lar3KZOD+neF3+flMt8wTPyN9HV8qshKBQudpH/h1Y6HFH8Jq49H/8yu rPQK36ybZd+i8xrtfcaurM6w0i0UO0lnL/19gdCGBJouAb08+qtLm27Mmo7mXPoqrVjcXpfJl8O8 AS713hyC7afiVlMqRgIkEAaB7o8vNlx/dKTKMNfH4AjwUb4+4TXMTw1WDroaIxfsMoJ5ctEG7FWX 1BZtwvxfGtbI7ZmKxQfc+28myh498yaNdR/GYDjNwlOTBssncunq65fs3TnjHe2QD93O+atuap5k zFj0eOS82WEsS1Jv+w8fj1fedc3OO/PRc9hSuBM71T/5Ym5cpTtcdvoz9Vf2Gpz9ofWOhYY/w5CF 6YvexKvmZVe7HsbCXfK1nhcJkAAJkEAYBFrj4d1TNfclqPibe/uIUANJkBlV+uU26Tb1+60sXOea JSfep707Fq656dZhDZnu2g+3Tk5+DX6F0X6oS2+vvQXzjOYrB4vX7nQu/937Xh7kI5V25aHXT4di z1n9Xvv9+250S7sbSwz/QHbuTCxZsQSTh3f1ciyzzW3e0+J9nLgsZLakPtNQdzEkdzJe2SyrAcwz 8ET+qNH6XsHDkPdeKY6fPO3cOuRN89JnCcRTsg3d31vheZCFSTfnQR3Dh2DcpHG6eOAmPQTxu2iV h1+no2GzsMRLpmo/eI7MrsvWg5mOomPh5z/dN39JgARIICiBpjOm2EI1vWD6EvVMcUwgGF9J/czu iYlSFEoC0SBg+hrs/wtS4K/++hcof7PhXGp/rczXv1r7lCt3+BhaYDmLtTRvgPF1etGfvWfkNRyM EYcwZ9RVbZ1o6IV+C5Sj3/nqUrV7odsNcn1m7FUVjHY/77tM+co0o89xbJt71oLMSjM9cgqqLn7O 7VfC3v55raGA/dujymvaTEhpGMWd19d8eb73vR3Kjvf2KltWTNLCyVJe2bBTs1efuf42bylSvrKI myrMzU5kDF3t8cXdcVibnazK95O2hsI0kEAcENDzs//6MA6UpApxQcDoK0r9Zsym8tbM1Mb6unG3 fQHzm2n2mo87U/g+z5y6nFPeNNqBHOWjCE1t1suJ2rb4xssbgv97czjhtR92ZWuu2q65/vo+X6jU +Mz28pptPs7cv3Czd4bRdYFyqNpz1p2jYpvHzDhLvib++X+ReDqOeMzwu3dhsYVeLh7m9tHp1wtT 7SevG/HznFGnOTTJttRNnBn9C+9+l8kvTFwOzOllyJy0WVu9IDME9Zn5T2w+4aUlb0mg+RDQ6yN/ 5an5xDR+Y8IZddIixfX1f+XI87naRh8vPoU9oXyAi+sIUTkSIAHgarS/QeNgsaG0QUj2sHGeKKtu 0HzJgdpTJSiYey8yc/UTWnOR0/XHhvPYGmqwZY7sqem8crC7YJrl/i1te03FzkkdNHd52P8Xzy/S 7s20JYy3J6G9/uFbfCRePwBL5v7c5fcq0wOnjQMfrnzO9UwOwdj97SrkmPbPsV3TEY+8cw4r3Vv+ udhqPiDPewzsj/4De2BIf91RN/QYnq3Zq89cf/fJPj3tg+5Nk4tD6x5Ga9OMgcTOoyEvU67rOx46 oaPnLwmQAAmETED2U7U8RdUrgAR1urmz7ZQHYj5zeC8W/MfV2v6uYjf0AXRzbhDr5bEetxXGqfHD 0K19JPaTDrP9OL8Pc/M0xbssw9uz+yHZ1Pa4nsjsscm/Nw6qw5uyb5w+I/+rjRixUY/4FBw9NE32 eDPv1qoeeDUAmyv1GW+CVHfu57f0w9XItXU2Zvgt+uAE/jj1Hgu9fAOoqpAZ814HU7S6ZQIcn2/E +Oz+GNDZIuG83PuGKjr7O+zJ5HfQLzKNGXvtMrtpweRgaA99v0N33+P42WAUrLSgHQmQAAmERsCn Gg/NG101JoHbc2X3hVm9RWSJTGP/DL0ev7kxxVMWCZBANAkEGrCRJZIpV5hOqvPSY9q7MyCHx8bm ksMfKiq+QXK7TKSpfea60zhgLJnZgddemY8/q31Yb/3kfuZL7mWjB45UI7frz3zj0Gc07rLoi6e1 vU3c/kU24vYa6Lp0DlXai0afl+ej1zW+QQIpGLv6dTyS+SvnQ2/VdB91Rqe9xvWyUJ+WcmgPy7RJ /8UYIM/9sqPL5C8JkAAJkEDkCLw7MQMJE/2Fl4Vty+/3aZ78uQ7d/jhOXwCygn7ICRJimO1H3cnj xtJbyNYQSxZ/7xxJSzKLkfbYZvsK8wy7TSg/VYesGxJR9517EfAzHzzluSTVcC+DdTeNRumGcoxd dBgDbrBooE1ul01wLzV9aP0JTOlj0c6b3CemuMObfW86ZsuzjOyh6NZG7K9MRmpKGjpm3IE57+xA mhXf+rTTunyzX9PYW+qNnTQXSUjROwyJrdFTvuVtNvo7eiD8JQESIIHIEjBXTZENmaFFjsB1vbDz SdlPaZkcADtxHkombIzYKVWRU5IhkQAJhE7gHI4f01wHmlFnGWAWnlw0GeMeHoGOloNRlp4iblm5 bjQ65hZBlvjC/sF/OE9HTTFJ+ePsmfij6d6f8ZzMFLS8wuXyQzUOaQHZkvUetW/IiUkery6+DiJl 4z2QGKlwGQ4JkAAJtGQCtaeNQamr/Vf11oQyhmLx1EcxXk4e951xZu0lFNsOt8oHGKgfYEpQ/d8y Szy1gbPqwm0/rviRh5rzp870uPd7o80wq/r0PcNJp/9nbskNa8OQMeIFlIwwbkMy/GHUZIzvsxF3 Buqz/GQgKrY+jQ5DFhphlhVuRplx5zbIMlQsu0+f4ea2j7SpzjJAGbS7QR5woM6SDi1JgAQiR4AD dZFjGdWQsh+RDsAytSOwCc/LJurvjol+AxXVCDFwEoh3AuG+AIQTn2/KMUPr5PXp415m4RvELHz1 3XS0lsEs53CWbMqcfGU0FfPVwK+NrY3fR0Au1r83GDZ/g3CqT3VZ0pXtcFu2n7os3BeVxDTcoX3l Pl5RLQKswz1ffTyA3t6P5IWFraQ3FN6TAAmQQEACSQ0cpwoU+JnSPcZA3R0Z7fw7nVgI+5J74Lgg bY3MkrbJrCzTGQP+/dXniYSvX5vkoKHcrjfrt43/O2wZdoz5mefWDl5aOKT9TU7NQo90V0Il33Cr uHAd+WD33I3Cy2fot13Hr8QLPc4iZ+Rs8bQJd107AYe+WxVwtmH64Beh1ExA4cYt2PtJJapkUNZx QZ09f1oOdXIP2b00NB051QrkTKqwLkftubDc0zEJkAAJxJIAX0FiST8c2dcPR8HwMc49JN578E2U j1zkd2p6OMHSLQmQgImAdLZrtNv3SmV5ptWA+A+ncUhbYukcPDN5D9VYvOK3htMBt6YZZh/D0I5o LQNzrv98nsaXhYkd+mbiPtnPrXGHFK9Ga+0r95EXu2Pd8Do8kOX1tnjhKCZ3fy4MbnkoP7MKHduE 4YVOSYAESKAlErgoyy2161B5NR5It1jqeKYcb+iO6vV7Gmt6L9J8Bt4PblBWO5npLa1ngBnW9VLB wlN679Fi69rSYNfEGdg/ZjvulBWbfi/nxzfRLQpvYX3u7iH7qYY3UJiS1t5QdcLqIuQu72fc+xgu 1ci2F2eQdmMHBEI75cnfoL9sR1uR9HeZJfeyBJOHblel4quLc9DeKt6n9mDAT3vj52/JbDk5FTZb 389VV0DkFi9/0DjV/bjMXOxpnrlo7oNYdj4cKN25XQ+NvyRAAiQQ9wT+T9xrSAU1AjYMmf66Zl6M vJ3fkAwJkECkCcjeI+qsLOe1fAg2nfIVcH7fRizRrLPa+vbEbZerh4TJJUs3ffqKakfzlYfQY8EX LjeybDQ30/swCE9fnncub9H+14iD7Onmb0aZ242mTWInPKB3rD94BNO3aHG0UNZx9jiK81/F5EnL UHLW04ERrhU/cer/uQ3ZU5cbgY3ulojpa/+EanU2hcweqDi4DgOu6hzaS6LphbP8b/8wwjQMF06j tHgzNuQX4rTXaK1//Vy+gz03ZNBAAiRAAk2IQKIM9uiHPCwf+iaOy8CJ91W8epVmlYX2/+b1IcXc Ylo1fLXlWPnLn2C6FsKg1+cFnJ3lLTuq99oWNS4ZO3DX/zcb5bJXndVVuW0REq5IQtIVE1DuxShY ++DveeINWZisCdsle/Otq/Q/La72WAk2vDIPM+cUoFaTb/aPl7Mxd9dfrVTH+cObMOCKq9Gxa0fc ueovlm50S/tFlw7pg5ejNE9dEaRec3H9gN/J/Djfq6622jmn76UH07HpWJ2vg8tT0H3gcF973SYx xei/vbehCLW6vfZ7vmwtxhZ6WVrcXm21/52fvpC1W4tAaUUCJEAC9SDAgbp6QIuVl8SM4caJhcvv XW3Z0MVKN8olgeZBIAX3zZ5oRGX4T4dj8ycntJNXHajc/QqSuz+jPR+G0b+4znCrGqorS3DwsDaI /mU59ldWoepYFSoOl2Jr3jx0kw5uj8ffMvxse1P2dtPv5At7xSelKC3di+N6B1/CKCoVO9Ve/qp1 e91PJH9liYlTjsgz4iBfwNfJcpMKkw5ONxIftxu3EoOffse4UZemZE9/GyWnzjv5OWprJX57sfLJ fki69nr0GPMYli6Xk6z/pr9QOJz8dm7Jd4WxeTF2lFaiWu9tC58qs1z1uSyNMTNpdctEFE13L3l9 4cHb0fqqJCTIvnQd7xitLewxVPRrML9wPnvnONk0+gxq5SVC1X/1jLFIuOonyOoxDKPG9Me6ck1/ b/0k7fbKrExDP+/n3vHzqw0fkAAJkEATIPCvvTFL/1ijDsgMlL3MpP53Xo5a10eq2Xtc90On4M5U U5ykfqyQtu+o1sZVVZaiQtpOZ/up1rtzpd5N6YRHjZNJZ+F3Y911PdSPJ3o7qQX7PxJGqbQZLvuK gEtBTZrU25g9e5+cN65dn89Fp6u64dWtB1F9thbVp6pwYNt65GYloMOgpzVHsqxTH6jzbh/CbT8u EzZb3X2X0R0SMSO/WGTLgJeEXXu2GmW712NK/wSk3NgNox6fhfnPLnEPpor/p3Y/p2uP2X3bOtvv 0mNq21crbe9+afv6IrnrcKMdbWPTPkpqvqpV1v9VBnXjCe8rY/xbKMjWbOVD3k+GrZFlrRLuMZPr K9y+ht9ow5ItEpb6oU29hNP5yj3ITdcH/IA0n4He1mh/i8s5RMYvJq2R/FeN2jNVKH5jEpK1Q6Sc Lq763pm3atXgL9R66P2HUVugxlu9Ep3/qv+4+kJO94YdoLqt0PO4yZ5GEiABEogIAYVXkyJQe/BF tWV0/s3Ze75RdHdUrnXJ7PO2Ym8UiRRCArEkcE55LdtVxvSyZvUrmxl7KqmXE618Wvlx2+Uomyrq PPw7Dv/eKNtud156RK0M2hXpRAeXbxW3Pms86oWqbc+HHk7XWcrR71wY/MW/48tlTgf+nsthFh7y VcelG+ZY6yDy1udP054NU44GqNBkwM86DA8Gucqhmobpr8fPFQr/JYH4IlCRP8ZZDga97lXfxZea 1CZeCJzdp8hgVdC6c+OXDg+NK/L7B/VjtIv9Fhjthh5IRV6PoP4HvdUIefjkbmVoCPFX45K3/4yu vuKvfdPbh2DPXQHZlaI5vYJy0Dl2nrZV0ZovQw+Z+RaS/y5PFCg1Fw1vlvqv+szUx7l0xA+XLOWQ 3g4f0941QuE3sdAt3GRylC4PSX+dgcp363Dr/PpyuQTspVPHl79wSivw8GOKg0kXGkmgqRNg+x/7 FOSMOqmtm9LV6rbRWKApPHthoWuD+aYUAepKAnFPIAWP7DyHohUP+tE0B+v2V/ueONY2C+P9+HBZ Z2FI7kzkbTmAmovbMVTbxFn3kpjS2lg2pNt5/94rs9SMGXjeDxt0b0P6fQPqFcK9OZ46tR0wG46T h7A0t7Pf8MZOfw17Pq+G8tkcdNSWmfiLf582yc5w/D1/2IJJxohZUOw1KP94P/YW7cXeA/tR/uVp p7weV/7Tr17mB93nH8TORZPMVoZ5yKT52HSgAnZFNsZ2qYfEpKst08/QP8hzI3AaSIAESKCpEvjX u7D9uyN4zV/9328WPjrpwLAb3HOV1Ki2y7g/cIwzczB2+lJnvasUTjPaDd1Tcqp6GELga0B6WmAH kXjaphc2XfwaWxY95De0JxduwenvFIy/wz0jPzLthw3dZ+1G9ccbMV7fwsNHixxMX7EBhyQNDi8Y DK35MlypM99qK3Zjpj77zXjiMmSPn489JdX4/KX7PU7NTZRZ8sZsQqfTLKRcbV7anIQOVjr1fQCp 2n51dfrsQvGfkd3fS7J+m4XFm0th97OHXmLGRFQfyPfSRfWbgzxps0u3PqMH5Py9Pz0V6YPcs/Tc D3PQKUXuvE4fubdtK6eT6268ye1Uwo7kCcKmgGkkARJo4QQS1LHCFs6gyUX/zPaJSBu4QvSeIpuy LrLelDWCsar7Ih82dbq57Kdl/8C0VC+CMhgUCcQlAVkSUVFR5RwQt1+yIymlPTrckBqVDaDjMv4N VUr4VcnSE1uqvCBdsMsprylIU0+ttdpIuqGyQvRf9upAZD62XVwPwyH7RmQFG/mUl4daiYe69Ab6 qbsx1D/EaNIZCUSEQOW6B9Fh9FrIjDq8O8H8chqR4BlIMybgOHMcFSfPO2Nol/oz5afSfrZxDXQ0 42i7oybLfatOyNLLizLeI7a2lDSkpcrJs43UfjhkuWvV2QSktbHBXiv9l+SUsE6Nd8h2GNVnZKls mySn/5Rr0rzHrdxxjZCpVvoLSE4TPSVAte2V5bF2h/QdnKfES/9B+IV61Z6phvhEkuxtl3xNsIY+ 1FDpjgRaDgG2/7FP60ZqLmIf0eakQeqAhSg/MAiOlFuiPkjXnLgxLiQQNoErk9HhVqvPwGGH1DI9 CL926VrHOjn0DnbUYNUewmvOQTqR0OUOtA+l7y6tZHI86B41KAyYBEiABCJPwJbaHpmpkQ+3yYRo M7V/MVDaJgNrHa5xCU6Wtjjcy5bcGu305rse/sOVp7pPbmOa9ai2vdcky6y/8HV3hiUfCOvnsz6a 0w8JkAAJRJ4AB+oiz7QRQrShw+09G0EORZAACZBAUyTgQNm2zThUK7MJUlPhkA2pUxxHMXnkVJRo 0en0QE924pti0lJnEiABEiABEiABEiABEmjmBDhQ18wTmNEjARIggZZGoO6Lt5A56Nf+o911Ad57 sqv/53xCAiRAAiRAAiRAAiRAAiRAAjEiwMMkYgSeYkmABEiABKJDILHtXZhsFXTGUCxeL4d5HJrG bQOs+NCOBEiABEiABEiABEiABEgg5gQ4oy7mSdAEFLj4vUvJ0+q2rLxIgARIIM4JJHbCYjknaa4s eXVccoiyNtkEW/2Lc72pHgnEGwHHKadGDntCvGlGfUiABEiABEiABKJFgO1/tMiGHC4H6kJG1XId JqbegvVr10Np1dF5clXLJcGYkwAJNCUCNjlhVv2PFwmQQP0IpHWbLu3/OFzX6br6BUBfJEACJEAC JEACTY4A2//YJ1mCIlfs1aAGJEACJEACJEACJEACJEACJEACJEACJEACJNCyCXCPupad/ow9CZAA CZAACZAACZAACZAACZAACZAACZBAnBDgQF2cJATVIAESIAESIAESIAESIAESIAESIAESIAESaNkE OFDXstOfsScBEiABEiABEiABEiABEiABEiABEiABEogTAhyoi5OEoBokQAIkQAIkQAIkQAIkQAIk QAIkQAIkQAItmwAH6lp2+jP2JEACJEACJEACJEACJEACJEACJEACJEACcUKAA3VxkhBUgwRIgARI gARIgARIgARIgARIgARIgARIoGUTuOw5uVo2AsY+KIELR1Hw8ir8+ft/Q9b11wR1HnEHlE/+zH8t tvzVVe7By7/bCvu/dUP7ay+PePUSLEDKJ3/mP5Y/1j+sf9n+sP0N1l+I9HP2P9j/aMn9j0iXpyYZ nsKLBIIQqCgYo0jmlr9c5auLQRxH4THlkz/zX0stf3alYLgad/kbtzUKtUuwICmf/Jn/WP5Y/7D+ ZfsTrLWM/HO2v2x/2f623PY38jVKUwyRS1+lBPAKQuCS/rwGtYZZt2uEX0Mm5ZN/I+Q3bxHMfxqR GJU/PT1O1sGhm2PxS/nkH4t8p8tk/mP+0/NCLH6Z/5j/YpHvdJnMf8x/el6IxS/zX2zzXyzSPE5k cqAuThKiqahhi7GilB/bBCB/8o8tAUonARIgARIgARIgARIgARIggeZNgAN1zTt9Ix67mM5okdhQ fsSTNKwAyT8sXBF33NL5RxwoAyQBEiABEiABEiABEiABEiCBOCPAgbo4S5B4VMd2ubpFlHqlwNb4 e8mKTMonf+a/lln+THM4r1JgunMViaj/a5JI+eQf9fzmLYD5zyDC8sfyZ2SGxjKw/BmkWf5Y/ozM 0FgGlj+DdIssf0bsW7QhBsMuLZp3nEe+BlsXL8H+6jrYktwV5Ddl+Zreeeg0ohVm/DzRiIfD7kDm 6NkYlfljw67+Bsonf+a/Flv+asuxbM5qnJbusC1Jr0UcKNuomTePwH0zjqCj/kjqHofSGiOffRJZ ybplA34pn/yZ/1j+WP+w/mX7ozWkbH/Z/9CyAvtf7H9Gs//dgK57s/faFE/AoM5RIlC51nW6ovOE V+2kHbM5M9P6eZ+3FXskVKJ8a756GpC/NR/mv2ZR/iry+1unr5b/MzMt6iR5NuitykjUPgrlk790 +PzmQeY/azYsf6x/IlEBs/5l/cv617qOVbmw/bFmw/anebQ/kWhDmmsYCWrEmv1oJCMYGoFLMqPt JZnRVJvgMcX7m7L5eGOnFkS/WZiX9b+w6yGKocPoqcaMuvOfrMPICQWw3eiekac79f214/ufjEHB S/fDOSGG8smf+a/llr/aQzKjqwDnTLN51V0pyxYsxQ69+pk+H93wvVGVOL6/GiNnyIxtcPqbAABA AElEQVS6a1xWZXmTMGPr32C70nDi33DBgZ8NXoBlE252uaF88mf+Y/lj/WOqM1n/sv1h+8v+h6tK 6Mf+F/ufAfrfpoaDxkgSaK4jkIxX5AhUFYzWZhnkKkcvBg63Ii/H74wEybcWz3KUQ0Gm41E++bvy DvNfSyx/BcO1emNoQeDKR+YVFmRb1TEB7PqsCTobkfLJ31n/MP+x/AUkwPqH9W+Atsaq/8v2h+1v wDpFUdj/YP+jafQ/gmRkPq43AR4mISWAV2ACjksJmoMaOC4Fdmu78urADnyetg56QAXlk78r2zD/ tbzyZzrn9ruEIKc+y952ocykM9dBV4kf872PmfINJOTP/GdkBisDyx/rH6t8EcCO9S/bnwDZQ51R b1xsf8w0DCxuA+tf1r/u3BCSKaL1b0gS6ageBHiYRD2gtWQvgV9qgbb3r0VNrxWwX7Ij6XJjR15L ZE43V6YhOYxcSPmWKA1L8mf+a87lz8jofgyDN9hRs7JG6p8kqX/8ONKs1fon5Zq0wI7CfEr55M/8 x/LH+of1L9ufwI0n21/2P9j/al79z8Alnk/rSyDIq0x9g6W/5krA9H3LbxSTr0mWPeeCH8MYihtv IZTvTcT3nvyZ/0IpW6G48c5dsS5/3vr43F9uQ7IMvgWvfRBSHeUTfjALyid/5j+Wv2D1hDyvT/0b NFjWP6x/WP+w/glaUbD+Yf0bSi85hIxEJ1EnwKWvUUfc9AXYLtfPG0kJa/ZbpGJO+eTvykvMf+HM Pm0u5c+Ix08TgywTMlxGx0D55B+dnBVaqMx/zH+h5ZTouGL+Y/6LTs4KLVTmP+a/0HJKdFwx/8U2 /0UnVZtEqJc9J1eT0JRKxoxA8g0346ZW16LflHHoeaN2vGIjakP55M/811LL3+W4MfMuJF97M6aO H4X21zb2JHDKJ3/mP5Y/1j+sf9n+sP1l/6MRX/1EFPtfLbv/1bi5LV6lJajHUMSrctSLBEiABEiA BEiABEiABEiABEiABEiABEiABFoKAS59bSkpzXiSAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAnENQEO 1MV18lA5EiABEiABEiABEiABEiABEiABEiABEiCBlkKAA3UtJaUZTxIgARIgARIgARIgARIgARIg ARIgARIggbgmwIG6uE4eKkcCJEACJEACJEACJEACJEACJEACJEACJNBSCHCgrqWkNONJAiRAAiRA AiRAAiRAAiRAAiRAAiRAAiQQ1wQ4UBfXyUPlSIAESIAESIAESIAESIAESIAESIAESIAEWgoBDtS1 lJRmPEmABEiABEiABEiABEiABEiABEiABEiABOKaAAfq4jp5qBwJkAAJkAAJkAAJkAAJkAAJkAAJ kAAJkEBLIcCBupaS0g2J5yUHamtrgUsNCaQBfimf/Jn/Wm75a0DVQa8kQAIkQAIkQAIkQAIkQAJh EnCo7/+OMD3ReSQJcKAukjSbaVh1lW8hJSUFCZPfj0kMKZ/8mf9abvmLSaVDoSRAAiRAAiRAAiRA AiTQQglUrsuR9/8kTNry1xZKIPbR5kBd7NOgfho4Z5k10ij3FT9y6VhxHo0k0ZMJ5ZO/SoD5r2WW P8/agHckQAItncCFWtReaOkQGH8SIAESIAESiCIBWxtn4MfPhvj2r7bNsgAvZles5Uch4hyoiwLU qAd56TRmXZHkHOXO+/x/oi6OAkiABEiABEiABEgg5gS+3oaEq1KQctVwlIf47hBznalAzAjUnSpB 0bad2Ft6ImY6UDAJkAAJNHsCPxzFMLVtTknA9lMxiG2s5UcpyhyoixLYaAZ75v0VmKcJSPqXaEpi 2CRAAiRAAiRAAiQQHwQ+XDpIUyQlPhSiFnFMwIENA7uh56Ac9Mr6LUo4sBvHaUXVSIAEmjoBvVUe uOT9mEQl1vKjEWkO1EWDalTDPI01Axe6JHT5HQakc6QuqrgZOAmQAAmQAAmQQOwJ/H03nnrJpUan hWPR0RZ7lahBfBNIulHXbwfK/8IVKDoN/pIACZBARAlc1gmPLurpCvLlGdhzNqKhBw8s1vKDa1gv FxyoM2Ere3UgEhISAv4NXvWZyUfjG8//KR/TNbFzlo9EcuOr4EdiDVb/0pvdbI+lKefLVvlhOxXl EThRNtbpd+KPT/iJnzcX8/0LOB6BuOObPehmmXe7YdOxOi3NrNLIpUuXaR/6SddwrU9jZX9z/AKb Fx/4R7gC/LoveyN4+c3KHIDxTy6QZTBn/IZT3wdn9jzvN/2nv/cN8I0s2bJIo0ixj7X8+nKjPxJo 8gT+/hGGeZXtrpP+6LGnZNkbD1qW/wQvd02eRRQjcHDNIpQ4w8/C8rG3mST5tm39Fn1oeu42Fi8Z 5JkOw9YgllvquDWrv8l/3T/b3b+oPeSTR/X2yNk+1V98XPu0f6mrl4WO7flhW6fBXxIgARKINIGM CU8jyxloCSa99qdIBx80vFjLD6pgPRxwoM6A5kDlzu3GnT/Du5srPTrf/txFx74G6+c8owU9C+N+ 8ePoiKlPqD+cxpaN3h7n4pcr3AXVfuKotwPtfi8cDR6sin36Oc4e9hO/QNYlqG1w3IG6b7/SXmC8 ZZWg+h8JLktJo4M+aeR6dGT7icjk6x9qsLPQWwf/93uOVPt/GOaTEx8HL7+lZTvw5kszZBlMGh5e +0WYEgI7rz3xX34dfKoeby6bnFpdR7Z9ExH2sZZvFTfakUBLIFBXfRSbvSJ6ePkQvGL6EHHm47Ve LrTbPdb1grXjFmz7z0OYP2WPC8AzS9HrGhMLaXe827YPnn4K+73Rnv8Ik6dsM3kU4+aDOB2BNtgz 0Ma981/3m/oXfy/3yaO6lu+eOK8bm9mvDfcVHMLeXTuw98B6dLyymUWP0SEBEiCBeCLQqjeWTL/J qdGR5+ahpLEPfYq1/CikBQfqDKg23L/ha5R8XIKSkhJsmN5He5KDdUWlTvv9B0pw+j//A7FabVF3 5B08qg2CPLF5HFpfbigfe4NMOV138qiw24OZmS51MuX36NO3G5tKpg5YiHJh68l3AUq+LEJWg6HG Pv3S78935pOiAn0wVTg8v9UZX2e+UvOW9md20+Coi5jEzg+i+nM3ezUFXlHzbUk5crO0r8iSRq/I C6WqQ9ErA1UnzmvS2iKc3nd/ZPK1ng/0uHqUJWDalgMag/3Y/3EF/nOsq0LXdWnI7+CV53D65GlU 7NaWhiMH2z+vFrvjzr/yzz/Cm3PvNUT84cF0rDNmGxrW9TakP7DZlb+L1olk1zVd2Kpp8M7InwHX D0dhrjn4YdgkaXT6o8jUKbGWb44ZzSTQkggkdv4VTleUo8Qo+1nOr8pT71xiDAL1W6b1Lz6Wejrb Rafz84U4XjwiMnVvMwdeWfAsdmhx3PjoPZ6xvaw98uzykWhOb5N9idSvMpPZdJ3Zt93zg1bnNfja vgod46kvZdI3VKNa91cU5WszGVRfWdir9rUq1rv7VtePxunPXf2v14brIWchT9qg/Y/8XLdodr+t 0rPQo3d/9Lg9neWs2aUuI0QCJBBvBLo/slhTaQfmbGj8VYixlh/p9Gji3ZMI40hujcxbWzsDTfni Oi3wJGTenREHHTkHts75taZTLnIHyYt/nF3JbToiU/6+uEEUK5X/5U/tOQ584m3YN8lA0OU2dFBH 7+TS+T701n3IvKGV067B/8Q6/a7U8s/VR4yo5I8YjExjjxTDGjC5Mdk2wGhDapeeGDd1NOaNyHeG k/yvkh5dPZd62FLFLhUo+/P3mqwp+O2I7kiLYE3gygfuqOhpDeTigYG3R68sXZ6CtDZA2j/TNOFJ aNch1YhbWpt26NDlTvS/7Xmk9X7O6Sa/6AQeuCFCg4W2ZFf+/uFfoGvQ4ZbuyOzgUufMn1YhO09T DcPw0bcbcad5Voj+qL6/sZZfX73pjwSaAYG09A5Iu/F/tbIvAyLOOM3FbzaMwrtjpI7R2wex/0Kb 2fP08H5oZ1kHOFBxcIfMUt+JA5VnDDpp6Xcie/h9yLEadHCcxs6NH7qWcTrs8vGmJ4be2grFa17F q1v/hKoz1VBS22PoiEcxeXT3IIMWMkO9eBPWF2zBjk9POOWnpbZDRvdhGDakOxIOb8SmT/+BzPt/ i6FdrNvvEwc3Y8OadeLur07/CaUJuG5YD4yaMApDe2cEkW9E2WWQ09yW5mrDdEMLMEDqeZ9L6r92 7fSa1/V0+euFeOG+hzRZDny4dqGHt0FTbkdriy9ljrPlKCoswsF98qHlVB2qhZ16pd6Sg3G5jwpX aUS9rjOf7MCOsvNIkvDsMoH69hEjZQaXpOMn+1FaeULsxBIpaJeRhTtujfCgkcQ9vfsDmJU7GkOc bUw36Q9k+rS1aWKXBpl9qM9yGDcL47tneMXEdVuf9Kur3IN1+/7byUANReWQOXAkslRcF06jeOsG rN8mTI+dcebF/oN/iylj70GyV//DcaZc8v4WbC486My3UFqj7a0d0PPuO5BS+ynWrylEvyWFeKyH 3k9XpemXAwe3ykezCwlI0q1gh9LqTowalG7YBDbEuvwF1o5PSYAESCBuCfxkILbKpAS1LXr3V6+h fGwjfwyLtfxIJ4zCy5JARf4YRVjL3zDlqN3SSeNaHntH0wfKoLcqG1W2o3KtS3aft5XgKOxKwXCV m+ffov3nPXTW+Q56PXhcwpPvEqOHH4n0C1e+4V4YrPqszoh39YF8Zca015Sj34mVzlTy16EgUI3w QuF/YZ8is7lc/CcWGrI9DJeOKOM1N30Xlnk8sroJS75FAA1Ni3DlG+79lV1T/KOS/0zh6+lfXbzQ VCZylUM1FqD8WBnxCSX91TBiLd9PPGhNAs2egKnsudvAHOUjj/LubiP1+sHMxfHlbqN+dofh2Z7K Rw9lz5cOszfFcXi5qY7xdu9132WZ8vVFD+/um+p9yuRML/d6m+L12+dli/bj208VmVUfRBfR/6Sn /m4FfE1VWyca4Vkx03242xpdfpay+1vt6dldinw3NMJR2VrV/7XFL3q4sUqDzs8X6yK1X7uyOsMz 7H5zlgZIx2HK9vLQ4+8lzO9t7SfuPPDE5jOW7oz2ROK/6M+e/TKnh3qnny8DJ2Ppr1aX5vtl+sS7 nnr6pqEnVz09+vjrOzo+9Ulnl5+coH0tNf4xL3+WqUZLEiABEmh8Anp9bNVWBtLG3M48tPlEIKdR eRZr+ZGMFJe+SgveFK4PX/ulpuYwPHtfhGYARTnik9buhL7EwrwEKMpi4yr4pCvcM9o+nDsa8194 FHuPy8ljN9yJ+dld0XV8D6R6fU1uUAT+71149EkthJdf9d2jRx6d37cJb2hOxg+5uUHimqTnE+VG /NU5DtG8kn6k4PyHC5HW/WlNzBQc+m4VspKjKdUddqzluzWhiQRaEgFZUrhrM+SDiFw7cNfCD52m oP98tRG2G3sb9RNkEf1iaUf3H9iPnWsXG0vqgTz0utFmOihItj9IvQvzJo1Ff9ekdZOoLDw1abBM bdIX5Mujw09ixjtfmNxoRjlVtVva3VhS6n6UnTsTS1YsweThXd2Wmslm85qOJgcWDLj2Fswz/Lv0 V7e72PteHoYaIYj+Px0a2qlwl07jzSEvu3z2WYPRXrPEjSBNhodX7cSbE1SLEqzf6YrniX07nLMc +z5fgDef7Ghy7Wk8c2SXySIL01dswN6ivdiw6CHD/siz3bGuUtpx47Ih88k5GDc827B5f/ZTpnQU /B7psgkD5MjaVz7+h+E+EoZWmQMxWQto+XNbLQ/JOLBxnuZiCoZmee1z3KD0syF72SqZcThO/oYY 0XlPtphIyxxt3PdXZ4Qad8DxC6ZWWPLfqNH6Xo7DkPdeKY7LdhblJbJtxfR7Tb7gf0bmZWmYPP1h DHHqMQ5DDe5J/v3oIce6/Ol68JcESIAEmjCBxJuGY7XWHP5h6JvGFiCNFaVYy49oPCM56tecwtJH kSMxI6vBXExfgjst/KzBwYUbgDEyHdKMHvdsgUHrZRT91FvGl9SHTDMBdb6hjNKHJ98VOz38SKRf uPIN9/LFOnvYZGXG9Bny95Qx0y3QjACrtDHCC4m/fBEufd3NXE0Dj8udPujyO8VjooeHO/dNuPLd Pl2mhqZFuPIN996zFS/alaqPNyrysmjwmbPXYkaBVwSM8ELkb57Rhuz+hix56VaO+pvF4iXTfNvk 5JuVp5kEWhIB04y6fJnxVlUw2ij/+RX67Gp3HezZFpxTlppmonWetlWp8a4vLp5TtsxIN8KEOjPO i69ZJvouU74yzdh2HNvmnm3UZ43XDHm3XtLJVNB1gXKo2nPWl6Nim9GOqW4822+7IstdDN36Pl/o q79ILFo80HCDcQVeOnhFRm5ri58z3HvPzPd2rbc1D62XWVy7p7r8STtnl/8Ksl26rSqpNvT01F8L 7dujyvpV65W9H1d5B+/RtlrO6DKlv5Oh1PnrPq42wrFL2K/ldjbio86MrE+bYARoYSjNG2CEn/8X Lwcm/XxnQ0Yw/UxyXByE/dCVylF9dqOkR0XRdmX9liKPPOI4rK3ekLzlo7tEpfYTd9/Gkr9XdNVb d3kItjom1uXPQnlakQAJkEAMCehtqmVbGUQv8wzvZz7wnDkdxGtEHsdafkQiIYFwRp30IuL9Orhm kbbfTRaWj/X9qh23+qtfSn8yBju1GV5/ePCpxj8BJsZwCjctwfwF8+VvqbERdrRVSswYgJmakD+8 uMXzq/rf92HxRtfDJ+YNQSNN7Ip2lP2EvwndkhKQkKD9XSF71v37cPfJd+MKMKWH14wCPyHV27pw p8nrDixZ/WFETng1BRrYGGv5gbXjUxJotgTs3yei7f0vGnXx6F+u9qyLvWP+xXY8pc9E6/I77Fsw 2GfvLsg+nEPmHcBr+sQtmRm343PzzC7ICeraKd8yb2n325PQ3jTpLfH6AVgyVzs44CrTA1UXmU00 QmsbgCk4emia7C2W6KFlYvoAbK7UZzyJLPPT8/swV9+Ds8syvD27n6/+Mqep++TfG0zwpuwl5hGI OUDVXCOz357TLBdg1B2B62tH7ddOt+cuyZ6td//SdbjC4e3YXLwT65wHcU1BThdp9WpdQSZ4xsBl eU1HjMwdiR7iruKTAygqLpK/Ayj9pALnrrnFmBXoRc/l95Lrx/VvjuxDuh2jTPvZ2STsR1Z9gi36 rHeZGbnYamajOZgwzRkDJxo+Fm74k2FWDebZ9Ln33ezxTB5GLv08OAB9ny+WfYp/g47Gfow22VMv ByNlv0Pv/el0paoqZCakVzitbpkAx+cbMT67PwZ0Dq334i4Pesh+fmNd/vyoRWsSIAESaIoEWt0y BvLx0Xm9OHmD3uw2WlRiLT9SEY3kortI6dR0wpHNmysqvkFyO9mgN7Q+Q/hx++chzJ+yx+XvmaXo ZXR0wg8qVj6yZ+9D1rK7ZbBxB7rN/xDKC/fEShVPuY2QftM2HMBoZ4fyHLY+fRdmOF8WPNWI/F1r jMrvj3mjZZBIXuS2Vz6KB9JdS3ArC5drg77DMNpyI+bIaxOPIc5dX4bJI28OvhQmwsqv+VV3fO0o wwePe70kRViOv+BiLd+fXrQngeZHQB1Aa43JB1/EvNufkbr4N1i4awhe6GO1AT5wouSQgWDFH8YG +IiSgnGLfi8nwP/a6f7AkSrkdrXYDqPPaNxl0S9Ja3ub+PsL8J0+oOcSW/ed3ZD/zAdP+RxEoD9M vGk0SjeUY+yiwxhwg1tAnZyuXaI7knZnyeLvnSN5Sbqd+iuDcjbbV9AXXwKbUC6HNWTd4DkgqHup K1trDF5Oe3es0Ax0yQEYO/e6HKgHNyR2wxQ53XTExh14oIfrIIrOz92H1nKolTx1Xu9uroRjgmc7 UHdsP15b9Gs8lXdEcxXGj6lHfe/r8/0cFmTDEOkT5UifSNWq+lSNIaAsbxJmbP0bbNphI8YDK4N8 CP3Z4AVYJvp7XNfdhQJnvIEjz61G+dO3QVbZyuVA4crnXE5lCbH3gRwRTT8TB0wsxPuz73HJDfJv Yoo7P82+Nx2zxX1G9lB0ayP2VyYjNSUNHTPuwJx3diAtFEZB5Jkfx7r8mXWhmQRIgASaPoEUjFz0 HJ5SD++TPkH+x+Pw2L8H/tgW2TjHWn5kYmNuTiMTYgsKpXLdaHTMLQL6yKmmH/xHVF76KwueNWZi bXz0nqZJt9VdWC8DRx3UgaMXu2PTowruulxdnRHbqzHSr2PG7ejQwRVP/aQ/h/6V+JL6uiA96CiU wvTsJ2Q2wU7ni9Potw7gAefg6GlsVdNAvSb+FlkR7ui6Ao6vf9eVVKPHtXY5wXAVeox5UVMuC7f3 8Hw5i5rWfZfhq+0yq+XsR8iVvZ/eEEG7JmZg3T11eCCEvZYarFes5Tc4AgyABJo2gVa3TZSBk2ec s9Ve7LsUj12cY9lXcPzgHrCpcbYN7v1NfQg4ag2rcxcMo6fhqvDa2KpP3zP8d/p/KYbZypAx4gWU jPB6csWPPCzmT53pce/3xpgB6O1CTrqf/oRmOQXj+1sPcHr48mrT7pkwFdi4yHDy+JAsMevDdGL0 ZvT1NtkjcJDhXjWoA0U901uhqrIEWwrLPJ4Fuhn2C63ht3J0pZxQrtl/sFcGC6feJnlCBhq3LsfO cD7m/TAcC7wGGtU+RfYjz0m85U9m7OX/11zX4LB5Nv2j2b55MOLp54rgoKx2LkMo/8ppfRVbn0aH IQsN12WFm2FFfZIMsi6L4H7NsS5/RoRpIAESIIFmQiD1nlyZQf+c8+Pc47MKkRulsRJ/uGIt359e 4dhHYYggHPFN3K2tTXQj8MNRLM11fQmWvVx8voBGV3hkQ08f8QomyyDREgl2+PNrUNTzXyMroD6h RTv9RCf7RXVWheuFa/Cqr1Ey7Tw6dJH78x9hQLL6RT0XRy9G4ejqf70bkycAI1eJ+BdfQ8nce5D1 1V5M1zitGnO7ZmrOP7nI7JKKNKnl0ka/gIor7Ogw4mWJcAl6pb2Ar5VpQWZoNJxN/ksySKfWsrLR e96Z3ShJ7e0aPL15KXq0APkNJ8gQSKCpE7Dh/pfekYG6X0pEFmPm6v7o3UY9zKDcM2KOvxv37X/s nAJl3HsbEq9yzy0zDTt5OvOaMef50Pcu+YZbxdLV37CrzVZDrmHLsGPMz2QZrv9AHDLrLTk1Cz20 2d4+Lr+QpbjaoNVD68e56lEfR4Et1OWvOVikxUqWvXZU22ITMS9Ghcvcg3SDFxZi5SP9PGduXarB mkFXY2wIg2lVp0WOv7h5qJ2k3dlCm0ln9ivLl61ySqu7h8lBJs85Pwy9uPRDPNvnP3AinNn0kUg/ XU8Tbt0q0G/64Beh1ExA4cYt2PtJJapqT8NxQZ39eVoGMd1Ddi8NTUdOtYKeqYFCC+NZjMtfGJrS KQmQAAk0DQKXt8a4DRMxb6S8e+26H5sqhxgrvBolArGWH4FIcqAuAhCjFcSJbXnGqWGrHr/PskMW LdkRD/ey9pgpS4CWqEuA3hiLHurUopZ2JbeWk99cL1h1J49qLw81rpeZiJdEG/o/LDPIVglvWV60 Y99fUXdI31toFnIaYzZXzNNXZqioL4oa23TZL2r12pe1l6zpsldQf/zRe9lQhHU2D9Tiul4ys3SM zCxV02E6Zmy4D2tGWixZi6AOsZYfwagwKBJougR+MhwH5t6IO2Z9CXX5+RqLmKRl9BZb10BZ/q4K 6cx6LWk0+Snb/Y5x1ytDn5tlWNXLkJLW3vA3YXURcpf3M+59DDJgVVFxBmk3dkCyxUhRn7t7oP9A //r7hGdh8celYzTbYZhS35lTsvx1s7S15SfrkHxjpix7dQWpWE0YlNNly5ZpImW55tapFvG/3I4z IQzSqaHMloG+KT2sV1qY94rrk5Nu9O0Gb7CjZmUN7JeSkBSkT2C/ZEfKNX7S/rJOeHRRT7wxVZYC 71qE/af+HZ8t02bTP/No0Nn0kUg/jWR4P6f2YMBPe+Pnb8lsudzJyM718i75rnj5g+gxZZvzwfH/ /h8ZqHN9CPVyGfZtrMtf2ArTAwmQAAk0AQJtf5mL8TJQp772j16yEw+8MbhRtY61/IZG9v80NIDm 6t9mLM2UHp2fDpPbTRQoSKfxzSHq7B+5ZD+R0U1mYMXda7/abXRGw7UEyGmM+j/utGn89Es05Zek K6w7kYlJ7mVCXpgixqbVrcMxWQttdo+2uEPb63DQ66OMF5aICQsQkDstxJGJTQAvDXrk5u+d9jY8 nL/LtcG4SHj3VxnYdKpBooJ69k7/9BHPGmnyh1EzURLmbIOgAr0cxFq+lzq8JYEWQ8C77N0+pcA4 iMAKQqsbu8nsL9elLo/PK/2HlTOcL8tH5mPbtWc5uOPnP/ZwZ9S3sqzTqm3x9zzxhiyjbsLL2Zi7 668e4eo35w9vwoArrkbHrh1x56q/6NYw+3cu76/0Py2v9lgJNrwyDzPnFKDWatbdN9swRDuYos/L M7U91gxRfgzu2F5tWgKbKLMXM2/PRLtrdG823N59tOvGzCihBsd1J6dqdZP7VwaJCuc+ZMxKt4Tr du2cPXD/ij+ZbZzm819swqjuzxn2vTqblobK/nnJMviWlposv4H/0lLTYAvQnmaM/JUmQ2aQ/7S9 sdffqhF3GLLNhoimnylg736g6ZGPsa622jlU/dKD6dh0rM7nuXqYSveBw33tA9gY+R3e/QFPT7Eu f57a8I4ESIAEmgkB+XD0VJ7Wu3lzCLZH+b3Lh1qs5fsoFJ4FB+rMvGSKfeknpSgtLcXBw99oT/Lk tLAyVIid85n6XP07bHZjDiQy5vMf5RkbLi96tonMplO/spfuxVFtz5w/yMi5yqm0tEJbAuNaAhQZ QhahxDr9ZN8gNZ8Uf+Je0lReVuzMTx55x8uNRUwiYyWzGEe90tMrrCw8Pii6s7hqT5W7y4pHObGj dF+Z+5nkC8uXNC+NQ77V0t/NP09O65Oye7jKvQTrX3tj89aJRpDDc1/AXtGj2uK9zHAUqkHSX0/n as1P/u4PRb7EUx+QkzR5atvT2tNNmL7obZRWnglVQmB3sZYfWDs+JYHmTUCtf/6rDHrZf3Hb+65+ g16+ZXbXq1sf989A9nJdIjNu9WtCVis8teJDqZscUJeJOiT84leeRHKm282gt5bizmTdhwPVso/a zi35LovNi7GjtNJdt8m+d1Xm+lh9LksLq7X2GmpndvdzemCY3bctsqdL/XTsDGpra8Xvfqye0RfJ XYdr8/6ANjbTPnji/1FT3Tq6QyJm5Bej+qwMuIjs2rPVKNu9HlP6JyBFBiVHPT4L859dguMWA3XF eZM1PXIwe0wIM/Ocba+p7zFqi/Q9LOr1C3IAmLl/92W5q/5XGVx2PXrqY0CbR2CIFvfqYxUoLnjV OTjZf/Zug09VpdoPrECVGj8/17sTb0dCxlRs2FaMA3J67MoZcpJvupufur/xY9E6efwnvbA621ux Bf5n0zc4/SR/mfrJejkw+oHOvrO0hTIYV3XGD7Mr3PoOv9GGJVukPMmhGc5L8sn5yj3ITXfn/7R/ 8/oQamoDffvpedgh/QG1f6+306WHTW1vrMufO+o0kQAJkECzIpA+4nnoHyIHvvZho8ct1vIbFGGF l0bArhRkQ+11hv/XZ41ijyjHc4ocaazp8ZJSE9Gwww/MUbnWpUuftwPG03H4937ZrThUZwiWJUCG u0GvVxr2/gyhyY9e+oUmX1Eq8noY8Qo9Hw1TDgXJPKHKt+R35j1PnYYWBExDqzDCkn/piCKVsafM APd9Gin9zflPUc4p8gLjoWPHl8usou60CzX+gdLfM/yvlQVeTPIr3OXDW5GmIt9bb96TQEsi4L/8 Z5nq+K9NbTuUVZ95l3u7UrR4oEfd5K8t6ft8sUdd7q/91esef89lsMgjnNK8MSHJ7/JEgVJz0TuF Rf85vULyr8ar87Stvv2b2n2KHPngDKOzxDGUyy/7Tua4+e8j6IxqD74Ysu5GunQ29f+k/RvvVbcb 7rzt+y5TvgrS9ocS90Buqrc97RGfQW8F62/VP/385i/veKv3ZmbmCBzT+ppWfrztJhaafTrNfvOB t1/j3lw21SBiX/58IkULEiABEogRgYp8V38glHf1YCq63/2zlN3fBnMd+eexll/fGHFGnfSiXJcN 6fcN0G/C+r3XtMdIWB79OK4rW2ssU3jmgxEwPpj7cR8v1olJV/tRJQvtr3J/+TQvAXLY1U2CI3HF Pv1s19wafkS6ZiE1wPKV8AP08nHdQBRNd8+gWzWjf9AVO14hhHd7WWv09/mK7z+IAZ3T/D8M64kN GSPdX9o9veagnceX9xQ8vOFT9zIvcdynTcNLWXLbX3iKNd3d3zbVdNcaT5auNd0PQ8cI7LMTa/mm CNFIAi2OgN/6v+swJBt1fGs8uvb3Bht9oq1hIbVz98nvobZkGyZ71KPqaaXa1W8Ktstp1u/Pvsej Lk9MaW0s69edqr963ebv+cOyKb970aiccjr+LdRW7MZMD/nuELPHz8cekf/5S/eb4qU/F/1n7Ub1 xxsxPlO38/7NwfQVG3DopAOHF8gMM6/HZfkLnQfuqNYvTLjH66n1bXKqddt7rxxo4Y6b9BH6W/fx 7m3r0qLVbU+jqmiVJcfs8UtxqFpmLRYv9FCi34C2JhnuR/LxBbWf78HSSYM9wsvoNx7rZA9C5X05 aMitnNtjBE2p/R6HfBTSrmF4Nuhef/VPv8RrrzdmTOgS/f32HW7NrM40uzIju78f71lYvLkUdos9 FAO1gdaB5XgtH459+bPWk7YkQAIk0LQJ3P6b17S2sASvbPmi0SMTa/n1jXCCOsJXX8/0Fx0Clety ZMN5dePfKfjq4qJ6nXYWSc3qvsiHTV1uIMs07JE6WlmW8tTKkgZbcrJXR8lX86jI9xXj16Y5yHeo y0dk/xtbPV4MmkP8/SZuCA8Y/yiU/xC40wkJNFcCjgu1zuX4yVfKAJExiOcbW3W5a7UsE0xpmwb7 CVlMKPuSpVmd3uDrNSI2LvmyVLVNEuy1rsMLwmlDHLLctepsAtLa2Jz+k5JTkHxloEbIgbd/mSQn 5Ir6496H8kbfiMQj7EBkqW71mWrnlgU2ibB6aENI2H84itzLOzs3zZbZksg17y2sD0IFSO+w9QzF g8RFultQG/9Ae9pZBRV++lmFEp5d7SnJ58nCW91nUJipy67tDrsc1iuRuDLFuX9feCHW33Wsy1/9 NadPEiABEmg4gcp1DzoPwJMZdXh3gnvSR31D/vDJBHR/SXzHqH2Ptfz6cGvsLkN9dGxxftLvX4eS 60qR2OXOmA/SRQ2+dBqTw+nxR02RlhGwLeDLUctgwFiSAAmQQDwQsMkAXaDhKl1Hm5wU3k6bcpac bjp0QHcQ5V8P+eqgYpiXTQa4Olzj8uQclAzqX/axXXUU/5Zbi/S7rQ89CBpEJBzIR620Nu3QkPne Se5FBC6NYtXbVj/QmQ7XCAdP+OkXTujWbpPbmKgLM+ehGj7zLq39RtrWI//HoPxFOj4MjwRIgARi SeCeBV9jf3Ylkm/tERM1Yi2/PpGOVdehPrq2HD9yslVm79hk4pYDmTElARIgARIgARKIKwLJHdGj d1xpFJoyMvvr/LEqY9lu1cnjqE1Nhf2SzAa7lNSoM8FCU5iuSIAESIAESKARCdha447erRtRoJeo WMv3UieUW+5RFwoluiEBEiABEiABEiABEiABHwKyZHdkApI7DDQG6mb36YCUlBS0vrY1WqelYNKW v/r4ogUJkAAJkAAJkAAJ+CPAgTp/ZGhPAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAo1IgEtfGxF2 kxV18XuX6qdlCUcsLsonf5UA818sSh8Q6/IXm1hTKgmQAAmESED21ttgR79Vvuf4ugKQPXlDOo0i RHF0RgIkQAIkQALRJuA45ZTgsCdEWxLD90OAA3V+wNDaTSAx9RasX7seSquOIW2A7fYZGRPlkz/z X8stf5GpRRgKCZAACUSRgBzawMG4KPJl0CRAAiRAAo1KIK3bdHn/H4frOl3XqHIpzE0gQZHLfUsT CZAACZAACZAACZAACZAACZAACZAACZAACZBALAhwj7pYUKdMEiABEiABEiABEiABEiABEiABEiAB EiABTwIOB2pr/W0p4em0ud5xoK65pizjRQIkQAIkQAIkQAIkQAIkQAIkQAIkQAJNiEDluhw5PT2p RZ+azoG6JpRhqSoJkAAJkAAJkAAJkAAJkAAJkAAJkAAJNFsCtjbOqB0/23Jn1XGgrtnmbkaMBEiA BEiABEiABEiABEiABEiABEiABEigKRHgQF1TSi3qSgIkQAIkQAIkQAIkQAIkQAIkQAIkQAIk0GwJ cKCu2SYtI0YCJEACJEACJEACJEACJEACJEACJEACJNCUCHCgzie1TmNl/wQkJIT2t/jAP3xCaHYW F46iYPE8vLG7MjZRo3zyZ/5rseWvrnIPls5dir0VdTGpfyif/Jn/WP5Y/7D+jUUDxPaH7Q/bH7Y/ LbX9CavOvXQaC7L8jd1MQEltWKHFj2OFlyeBS0eUHECRFArpr8/rlZ7+m+FdRcEYjUWu8tXFxo8g 5ZO/qzwy/7W88mdXCoZrdfG4rY1f+SiUT/7Mf876l+WP9U+jE2D9y/qX9S/rX8kDbH8avfZVYt7/ VZSKfNf776BQxlocn1qO32RmuuqQPi+XxYBhw0VeLhUALzOByzph3cmjqKrWvh4KocpNz2Dkgl1O V9O2HMDwNjYx2+W/q9Ex8yaz7+ZpvqRHqwa1qrmxcw3lawlA/sx/LbD86dXPyTqo5z6ptW9MLson f8l4zH8xKX0Ayx/LH8sf658YVT+sf9j/Yv8zhv2fUMp9Yjes+/Ioymvq8KPaT5HZZ4LTV2mp/GQB uyaux/FHbkb7xh7DCEX3AG6amLoBYhLBR8ltOiLTdSKwM9SUL67TQs/FAwNvR8cWTC1mLylaClB+ BDN6PYIi/3pAi6CXls4/gigZFAmQAAmQAAmQAAmQAAmQQDMgkHxDR9wh8agr+0SLTQ5mTL8O8xes lvvF2PzxTEy548dNKqbcoy6E5HJcStBc1QDG7K4QPDZDJ+oXhVhelB9L+nB+0Y+lBkz/WNKPffrH NvaUTgIkQAIkQAIkQAIkQAIkEK8EClf+yqXa0Acwc86TGK8pOnXZzpi/x4bLjAN14RJrge5tl6tb 1KlXCmwxmE1I+eTP/NdSy59pDuFVSgyW/VC+q+zJv+TP/GdkhsYysPwZpFn+WP6MzNBYBpY/gzTL H8ufkRkay9DSy189OZ//CG/kufxOG9MdNtnSbOziXi6LzYux/0w9w42RtxgMu8QophQbAoEabF28 BPtlfz5bkruC+KYsX/Obh04jWmHGzxONsBx2BzJHz8aozEhMJaV88mf+a7Hlr7Ycy+asxmnpDtqS 9CrGgbKNmnnzCNw34wg66o+k7nEorTHy2SeRlaxbNuCX8smf+Y/lj/UP61+2P1pDyvaX/Q8tK7D/ xf5nNPvfDei6e3s9UbwJO5yWwzCsh2vrsttHyH51U/aIbQkWvfMZej5+s7e3+L1v+HkUzT8E/dQR YJhy1N6M41u5NvBJt5mZ1s/7vC1nw0TgonxrvvoJxORvzYf5r1mUv4r8/tbpq+V//eQmaU093A16 KzInb1M++XvnLfM9859nudPZsPyx/olA709O92P9o5cpq1/WP6x/rPIF61/Wv82h/vUXB338JaRT X52BnFNWaqe84pliU7CmE8QxRfnqoulRnBs5o05qPl4agesHYMui6dhfm+Axxfmbsvl4Y6e4UY9O 6TcL87L+V0681S4xdBidbbg//8k6jJxQANuN7hl5ulPfXzu+/8kYFLx0P5wTYiif/Jn/Wmz5Sx8w B0sndcA502xedVe8sgVLnV/HnNXP9Pnohu+NqsTx/dUY2d998nZZ3iTM2Po32K40nPg3XHDgZ4MX YNkE15c1yid/5j+WP9Y/5r4b61+2P2x/1dk57H/I6x/7X+x/Buh/++9sN+KTr7bjERmqUK9BHVJQ W1sL+yU7ki5Pws/+/QZg4zF50sQOlYjzgcS4UE8f0W32M+r80K4qGK3NYMlVjgYZha7Iy/GY7SIl Ish9jnIoyHQ8yid/Vz5i/muJ5a9guFaHDC3wU0Pp1vLFLDtYfeP1vM+aoLMRKZ/8nfUP859e0Pz8 svyx/vGqX4P1/1j/sv3xU5vo1mx/2f6y/ZU8EPf9D73ERvZXH38JdUZd6aKeQcYc3OUpyNBDZCPS gNB4mITUALwCEzCfeusIcuqt7cqrAwfm87R10AMqKN996jD5+2QgDwvmv+ZW/kzn/H6XEOS0Jtnb LpSZdOYcc5X4Md/7mCnfQEL+zH9GZrAysPyx/rHKFwHsWP+y/QmQPTzOmWf7w/YnYF5h+xPb9idg 4jTOwx+O4rWpe0OT1YQOleDS19CSlK40AoFfaoG2969FTa8VxlTTQOCc01GvTENyGLmQ8gMRJX/m v+Zd/gLnfmDwBjtqVtZI/ZMkU90Du1brn5Rr0gI7CvMp5ZM/8x/LH+sf1r9sfwI3nmx/2f9g/6t5 9T8Dl/joPz3/yXa8oYnJr6jDA+n/ApgnF8k7Qd2RfNi6jBFXTedQiSCvMtEH2xQk2C5XZ1JqVwsn ZppfohPx+U2+Jln2nAt+DGMobrwDp3xvIr735M/8F0rZCsWNd+6Kdfnz1sfn/nIbkmXwLXjtg5Dq KJ/wg1lQPvkz/7H8Basn5Hl96t+gwbL+Yf3D+of1T9CKgvUP699QeskhZKQ4clK8+hmXNn3WYJg6 SKdeXmM2iZ2HY3X2GIwtBHZNXI/jj9yM9l5uXB7j5984Vy82oGpPlaOqus4lXKZwVR7+RlPEjtJ9 Zai7Uhu4k05Ruy4dwpoRFpsYNUyqe6AyJSZxpXx9oJj8w5l92bBc7/bN/Bfb/GekxE8TgywTMlxG x0D55B+dnBVaqMx/zH+h5ZTouGL+Y/6LTs4KLVTmP+a/0HJKdFwx/8U2/wVK1drTcthLMebmaY52 1aLicClsKe3RoU0rw6fj7HFUnDwPW2YfoHCX2C/Gq7Kx7GO970C71ETDXbwZOFDnnSKyxvmBn3Z2 njLo/Qhi+0AP9fwf99Xn9Up8MMF96qD7SfMxtR38HDYs+jn+mTEsJiPPlE/+zH8ttfzZMGTBbizp 8hkyhmXHoFKlfPJn/mP5Y/3D+pftT+M3wGx/2f6y/W257W8oNY4Db3f/CUaUmd1OQlZX9T4Hh+zb keXcM8uBP/a+3ssd8NKYHngJv4Nd+XXcDkQmqAdRmKNHcw1W9r8aj8q0yFCuFfvP47E7fhyKU7oh ARIgARIgARIgARIgARIgARIgARIgARLwQ6By3YPoMHot5NRXvOtnUtTBVwfijse2+4bQdyW+3v4b tNampBXO6IP+8uHf++ryxFZ8/NJgDtR5g+E9CZAACZAACZAACZAACZAACZAACZAACZAACegEQhmo 090219//01wjxniRAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAmQQFMiwIG6ppRa1JUESIAESIAESIAE SIAESIAESIAESIAESKDZEuBAXbNNWkaMBEiABEiABEiABEiABEiABEiABEiABEigKRHgQF1TSi3q SgIkQAIkQAIkQAIkQAIkQAIkQAIkQAIk0GwJcKCu2SYtI0YCJEACJEACJEACJEACJEACJEACJEAC TYiA45RTWYc9oQkpHVlVExS5IhskQyMBEiABEiABEiABEiABEiABEiABEiABEiCB8AicL92LHUe+ wXWdctAzq1V4npuJaw7UNZOEZDRIgARIgARIgARIgARIgARIgARIgARIgASaNgEufW3a6dc42l9y oLa2FrjUOOIohQRIgARIgARIgARIgARIgARIgARIIAYEHOr7vyMGgjWRsZYfu5gbkjlQZ6CgwR+B usq3kJKSgoTJ7/tzQnsSIAESIAESIAESIAESIAESIAESIIEmTqByXY68/ydh0pa/xiQmsZYfk0h7 CeVAnReQuLhVZ7CdjeEItjeEK37ksqk4jzjSyltL3pMACZAACZBA/BO4UIvaC/GvJjUkARIgARIg ARJooQRsbZwRPx6rMYlYy4+DZOdAXRwkgqcKDrw9Mgkp18oI9nvfeD7iHQmQAAmQAAmQQNMl8PU2 JFyVgpSrhqOcX76abjpScxJoBAJ1p0pQtG0n9paeaARpFEECJEACJBBPBDhQF0+p4aXL8ntfw2nu C+dFhbckQAIkQAIk0DQJfLh0kKZ4StOMALUmARJoJAIObBjYDT0H5aBX1m9RwoH9RuJOMSRAAiQQ HwQ4UBckHRxnq1F6sAhFxUU48Ekpqk6phyo4UF1ZgYpj1UF81+exDdlTl2se5+KVIs6qqw9F+iEB EiCBWBKoPlbhai9iqQRlxxeBv+/GUy+5VOq0cCw62uJLvXjShuUHqD1VjgPS91T7n6WlFag+Wyf9 zxpUHJa65YyYA1yx5hdr+QHQNKlHSTfq6u5A+V/+R78J+kv+QRHRAQmQAAnEPQEO1PlLorPlWDmh C5KubY2sO3qiZ4+euPPfs9D+p3KowhVJaN2hIzre2BrbT/kLoP72rW4Zg6WZLv8vTt4AGRrkRQIk QALNn4AMZAxISEBCSH8DsOdsfCKp++J1tL6xo7QXD3AWRGMmUQPyT11ZftB8lzF8CtYXV9Y7RgfX LEKJ03cWlo+9zRRODVb2D57v8z7+h8lP8zW29PJz/vB25GYlIOWnnXCn9D3V/mdWVke0vtYm/c+r 0bGr1C1ps/yuuIg1v1jLj0XJOLP9maD1R0LWAIybsRL7j50PWUX7l7rTLHRs/y/6TcDflsg/IBA+ JAESaNYEGqP/FiuAHKizIv/VRiRc2wmP5h0xnvbP7o8s485tqD4X+hcut69gphSMXPScy9HhJ5Hf QjrnwajwOQmQQPMmUHf2OHaEHMUdqDodjfo3ZAUCONQO4EESOGkqAKYIP2pI/qk+sTuoNp9tWoIH enRAQvYLKA/3MIh/HsL8KXtcMp5Zil7XmMT9cBpFhaZ7P8ZNZdGYxe9HWEytW275OfHHJ5DcdSDe KNUTIAtq/9P3qsIZv1ujxJpfrOX70oq2Te2ZT4KLKN2B1QsexV03JmPsqs+Cu5fW476CQ9i7awf2 HliPjleG4MXppOXxD5UM3ZEACTQ/AlHvv8UQGQfqfODLYQ7TfmnYTnrrIGouKtixcwcOKQqqD29E jvE0eobUe3IxUwv+8VmFPG01eqgZMgmQQJwQSLzpVzj9eQn2HyhBycfq3x7MzHYrt8lpJ/YH9qPk 82rkdg1thoE7hMY3cVuhxmPekPzTdsAqlJdIftNms3eZVoDyinIc/7Jc8tt2vDb9XndE3p+OTldN COswiMqCZ41B6I2P3uMOSzVd1glvnDzqm+e7zsJePc9/XI7/HHuTp78WcNeiys8PRzF/yMtaqmZh 3YEqKMohZ/9TuWhHxdbnPVI8lI8AseYXa/kewKJ4k/7AZpRL27Vheh9Dypz3SrUyLW1W0XYsndTX eLbmVxnYFMKKnFbpWejRuz963J5er48+LYW/AZYGEiCBFkcg2v23WAK9PJbC41L2P49i3UaXZp2f L8ayMbd5qJnaeRg2f7Ictluf8LCP+M3lrTFuw0TMGymdtl33Y1PlEDyQHv8vpRHnwABJgARaFIG0 LplIM8X4C30WwdACDL1VG0UxPTeMjtPYufFD11YBDjsSO/cU961QvOZVvLr1T7KnUzWU1PYYOuJR TB7dPeBLj+NMObZs3ILNhQed/qC0RttbO6Dn3XcgpfZTrF9TiH5LCvFYj+sM8WZDounGVo9W1iFb LxQVFuHgviKUnKpDteiuXqm35GBc7qMSr1STBM0YwfhDPg1VFm/C+oIt2PHpCaeAtNR2yOg+DMOG dEeCfLDa9Ok/kHn/bzG0SytfXcTmxMHN2LBmnbj7q/N5QmkCrhvWA6MmjMLQ3hkB+VsGGKJlvfPP 5TZ0yOyJTjeIIJnN1C49Ex3StYGxGzog8/YcPDJJtsR4RGbbO/sIefgP2Wfu8LOefQRLNWUAZmmu NldU8vGANr6uktt0RKZmb+R5WT7dI1Ce9w1Gs3Gg4uAOycM7caDyjOEqLf1OZA+/DzlBX/oblv71 yr+GlkBDy4+af+sT/7rKPVi377+RpI2A2WWUI3PgSGSpxe3CaRRv3YD126RMHjvjrEv6D/4tpoy9 B8n1KOOm6BrG86V78IZ2N2dvMUbd/mPjGSR/pg+ejdJX/guZj+112ot6lldD+cUi/c6X7pW64hsn ew/uagwvHMeWgmI4bEmu+Er93krqwpxMNWF8r4bW374hhmBjS0YHabuSjuptQi6GZmego5E3MpHZ PQf9M59AhzGuwdgdRV9g2BitjjFEOHBwqwz6XUiQ+dj6ZYfS6k6MGpSuWwT8bXD6N7D9C6gcH5IA CZBApAlEs/8WaV3DDU/h5UHAcfj3ijB0/i36c53HM/fNOeXN4S43G790uK0jbbp0RBmv6YJxWyMd esjhOSrXupj0eVuxh+yLDkmABEigoQTsSoFW1yJI/eM4vNyou/U63O9vl2XK1xetdavIHxNSOH1e r/QIoLZ0rXJfdn9Flqkp/TMz3WFk5rjs9Gfqb8ZQZdNn1u1LbfGLbr96/e/1Kx+RPGSrN5GKv1K9 T5mc6Wrf/PLT9OnzcpmPHsq3nyoyKy1IHHKVPSej2HYaWoWef1xe3O4HeaWvEaTytbLASI8sZfe3 7if+TFVbJxo8VvlJd7dftw7B8rzbj9vk+HK3u99g6OmdHsLfX9+lgelf3/wbqfJT//jbldUZ3pyg DHqrUqkuzTfSz7tMPPHuGTf8Bpoq8nI0OTnKoe/8BHbhU2WoM11nKV+Z6rBI8YtN+tmVlV551Vy3 WNZtnddY9kfrW3/7oR22tVv+MOWoVYdZ709LfL3bEKcwx6eKbLNjkd8kT1iFp2kYqfR362+lg9vO UvewadEDCZBAPBPQ6wP//aHoah+efHffyb++4fffohvD4KHLtHpeHgSkEyRLW12NpLzMfRWgYfTw F6Wb0rwBRoO97WSUhAQJlgN1QQDxMQmQQJQIuBveoIMWMkA0b9JYGSRzv0y4XqqzlKcmDVYgA2bm l+yH1nsOtDkjcHaX6SVpmJL3Xqly/ORppbzkI+XN6fd6+PfuCFS+0t7juVmWlbmj1SCXKFH5Sg9T OFnK9BUblL1Fe5UNix4y2UPJr/Aa6It4/F0cs3NnKktWLFEmD+/qIV+NkzcDpcbUfjrb0Rxl8dqd SklJibL3vTxtgEFPn5yQBrkalrHCyD9OQW73PnEzKVK9e6rBYsUhr3QwuXMaL36tyDYWLvd9rAcX PL24dQia5z09Ksqxdwy9XHnOxX//gf3KzrWL3X0bTR+fD40e+b8e6S/61Df/RqT8NDD+1UWrlHG5 4+RviBdHPc9C6T/8Pg+Og9af8E6Fet87St0fG/rKYHw43c+I8Ith+lW8t0IZNzzb4O5R/mTweObw Icq4SeOM5xha4MvHI/+GV3/XO9G8POovloAM1JkGUnVnFaZB+yc2WwzySn2xYfrDyhBnPhynDDXa Mz8Df1rAEUn/OOCnc+IvCZBA7Ano9ZlHfdyIaoUn3913CqRvWP23RoyrP1EcqPMh87WyTO9Ua79P Pv+msvm9vfKyUe58abOH03vyCT9MC/PA4TPFYXqOjHMO1EWGI0MhARIIl4C74Q110KKqYLT7Za6v 58cWx7Ft7oE4i0ETx2Ft9rDU/fl/8dW19pPXjbB9ZhR8e1QGo3YoO6St2LJikuYuS3llw07NXn3m +tu8pUj5yt+MGQln/ar1yt6Pq3wUcJQGkK+5rn/8TazVtq/rAuVQteesN0fFNs9BCo9ZZ3Zla657 QKPv84WK7O/qddmVosUDDYYYZ/Gy7eWjYbemOAWZJyqIwQAAQABJREFUkemS43YfqKOnmF5oA7qT QGuLnzPiu2j/+RCi49Yh1DzvCvScIqfFG7I6T9vqy//iOWXLjHTDDdSZpYZGJrn1Sn8toPrm3waX n4bG3wChKObVDFo/EENXKkeN2ZN2paJou7JeyrFvHjeFE67RlK/0gda5qzYoO3ZJ//PzcuV0dY1i 9ylTbu4xrX8anH4SDxN3f+XKqN8synOD6u9w08qPe/3FEshRNn1coRyvKFdKDpQost+q8tqkvu6y JwN5Ic3GNdqzwAN1SgT4xwM/P1hpTQIkEAMCen3mrz6OtkrhyXf3YQLqa2pnA7qLduRCDJ8DdVag Tu72eBmxmg3Rb9pq5WiNlefI2x2Ye6PWuMsym0aSaY4FB+rMNGgmARJoPALuhjfUQQu9YVdflKzq y6K5P3fVpxYzMswvKnPelRl3Fi/Fjs83KuNl+eqK/RazIXQwx/QBv1zLWRW6s4C/9hql/OP9ztl0 e4v2y4uevKifPGTMSvPXwah3/A2d1cGeKX71NtoDGcDwGKysNc1GlAEg/02VaYaZvKwGWs4VkE9I D8PNP273/vg6xYYwoOBSzzx4tMA0KBZIebcOoeZ5Z2imJXXo8rsA/M8pr2W7B/SMpbgNTX/vKNUz /zqDMXQJo/w0NP5m/R2mbUckn4c7u80cVLjm6t0LTYM57nQy90Onv14ceICwPvy8FW3s9FPlm7j7 K39G/RZkoK5B9bc3izDuDf30AV5/v73fDylUd3hBBurModUz/SPW/pl1oZkESKDJEtDrH3/1cbQj Fp58d98poL4h99+iHbvQwje2OZVOAC+dQJte2H7xHIoL3sSrBeuxpbBMf2L8vv/CWLz/wqvYU30I Pa33szXcNtRwe67s3jGrtwRTgsVrP0Ovx29uaJD0TwIkQALNm0Cf0bgr2TeKaW1vE8u/AN8l+DxM THF7mH1vOmaLi4zsoejWRuyvTEZqSho6ZtyBOe/sQJp+yIVPKEDdJd2yBlDNYbS0dcf247VFv8ZT eUf0QOr3G2b8676zG3Ke+eAp0ybohrXTkHjTaJRuKMfYRYcx4AY3r7qTx6WF0q7DT2LJ4u/VPf1N G6LLM7m32b7CPN0dNqFcDsvIusG8/bnxsMkb6srW4ik5mEK9pr07Fq1dxoj86zh7HBUn69CuSwfn YQYnSg4Z4a74w1i4U8aw1gwpGLfo93i08NfO+wNHquT05JvQ0PTXpUQi/9an/DQ0/rr+zl9zeZ1Y iPdn3+Px2N9NWd4kzNj6N9gC1A2G3wsO/GzwAiyb4NmfS+01Fcq3A1CwZj3WFSzATi3/GP7EsOBX 3bHg1WX4umQSWpt11RzVh58efqzSzynfIi66XqH8NrT+jkT6eeiZPR7j2qjjrup1DqV5W9115O5+ 6DK9EJ8s6Bfxg3Xqm/4N5eeKJ/8lARIgARKIFIEGNouRUiMOw7k8Bd1HT3b+4ZIDtbU1qKk+gyp5 iVp232Nwnd9Wgl4zP4DyRt/oRuC6Xtj5JNBf1uTumjgPJRM2Iks7lSy6ghk6CZAACTRRAlfpL0hh 6P+TgajY+jT+f/beBL6K8t7//6Ric9KLknjpnwTxCig1hKXJQe+rbv1VNoUABRJaQaAVCO1VW0WW SgAXQCyriq2thKWyxVs2lSWWJfiqBXrVLBVIYgVCKyZ4RXK4cj0nEu/8nzlnZs6cfZtzJif5DK/D PPNs3+/zfpaZ+eaZ5+k9ZqmWqLpsB6q1K7djxo46cS/w3rHPHR6V65PdsPQa5ZFUNhQOyu6E+rpK v3808oisv4iw/PXvv6ml7vNvGZrbnyN3/HOoHO8VcvW3PDyenSNWZgvnaPE1mIaTzNQ4tgbthfu6 gPdiB3YVP6aoORvThqu7QRqhuQOlQ27CFNEwh7xah/1i50jH18IorBxN4pkFCLJLvMOmRsXFyy5n zPUvZ2Nk+9U0DM8Ra/kDSRll7REoyMtf7JS76wXsK/PyDnb59TgsEYY6nybUOQfjZz/r/MHhev5s FM+fde9vw9jpz7lyFMbw5W9OwPNjDWxXJtZfMExhh8U0fhtYf06FC3HyzRLPP3isAWziHWLlj+7C YmGAPfHcMJSMvoRf/Pu1YRcxrhFj4hdXzZg5CZAACRhDIKznN2NEGZELDXVeFC9Vbcei372F7iMW 4JFRN7pCxba/6Z2znL8eYvv1gS3DsaDDTa5ZAesq0fD7e/3+VdMr65guhz20EVg1WeSxHc/88UO8 4bOle0zZMzEJkAAJtC0CfmbMhVPA7NG/htQ0HWXbduLQe3WoFzd1x2XZmNQgXsLdJrvnC7KR3yiF mFEtDF4R3GXLVrmNdKOXluHlh+7znLnX0oQNo67DlHCMARGWP/3m20QZXX+Csn8VDqkgcQpXYe/k G+HQZhb6xnUIA0R6phUDs4MYlHyTtQqf81UHNUPdHbkBDDkfbsN4pZ5+umUqekbQDsIpZFovEUs0 xzTZJicfjs9dZ/F/z2t9TD9amOxIvcY9t09NbkT9G9p+nRpH0H9iLL8HIP2FCkjv59dtCW8mnT7t NSKN7rq6dDl+c/i/MWbOYuSrs0wt4vkzUzx/il/vPLEI4cA8DLj5R872d/C9WiCooS4CfkIPU+tP xyGY02G7GCwY0Y/fsdeft2LO8c+r36fffCfmr38Bi/Mec0bfU90YR0NdZPUvKxQ9P+/S85oESIAE Wh+BsJ7fWpHaXreQVqSZSao0VvwBK0vEy0rJJQy8ss3zr2GqTlf1xPDlg7F49kHhcwTnxcuIv88P 1OiGnG8ah9JxkzF+G/DmT9ahZsIy/7oZIoyZkAAJkEA7JHDuIEbcMATfEbOUVhXNwrAiLwbCUHb4 hZ9g4OzdzoAz//2VMNQFMzSVoOb8GuR088rH32VLA6pXKQHic7tdc+7zjdXBjvPhGOl8U4b0ycjq qcWZvr4cRS/4ka/GEBxqa88jq5f47FJvaVDCh949EMNHen7SpyZN/nMDNgxZphSjEAN6+q//11fK f1iTj0LMNnrmpStjj/+zcuXlMVyG1k37azExOzD/6gN/1NIOzs1yumOu/7i03/D7T6zl14DE4Bi9 1Y6ml5tgb0lDWoina3uLHRniD8DuQ8zo2jQH60T/XvePW2H/0489jHhavJsG44E8sRCKPCOr8qz8 Nbn/eM4E4fODyfXnVFc8SzepBfUzrsjfzlft26PG8D3HOH7HVn++6vgtgm+0OPpEUP+yFjHyi2NB mDUJkAAJGEAgvOc3AwQZlsU3DMuprWRk+VelJNuxVsxc83804PBW2Ugnjn4j0DMhd2MLxhS/4pKJ 5SjZ96ni5okESIAE2ioB3eAqPuXUXQUssKWD8slrgPjBwpttjU5Tx/M/ycb2U82+MuQlEUaO8/X3 9rki1mdTjpp//o/qdJ8vN6Dq8A5s3VSGBnXGTkoTzqgxzrk/TVS9IIxjZYt+imLVIwCMYOWTkwYK T73Zillq3i8Ow6L9/1CvPM6Xjm/HiKuvQ07/HNy55u9amD79/kdzsbku8LQ826lKbH1pMeYvLIVN vJzH79BBCtAePGXr4uucWhxbDV7+0fVaHYx6ZTGs/tYj+3Q3xpS4Ug19cT5y/OWlZert0EUOqLMu jpK8U68ByFfcMv+SKj/tToRfqt6EvF+oxo583PEd12d3+vpDFPUPg9qvswhR9J9Yy6+g8zkF/rTZ J6qYPev6+iIrM118gRH8lyVmyFm8jXlqW9p/P7YH6j+fv48twkgnH/cOyvM/JkbBz+z6cxYoNQN3 CCOkfLy5tRzeo+AlseZjsNnEMY/fsdaf0FsbXxF4NtvRg4ecZZT/u6t7uub25wgnP5900dS/yCRm fj6K0IMESIAEEkVA91ykc2rSw31+0xK0Ekd4e060n1jqDiOieuS3PWnhziqP3bXsYgv0305378QV dGcRw7FdlF4WXz64dAt3B7nYldB2+fOzy1bsuTMHEiABEnATaPigUuxwqvwqD0rPqjtU9l8gHarU hX3Q6E7kdNmlhtoK6bfj1DHSKu2prJUa1O1Hr9ilMyLvrcVDlTFUhL8rwr9wZ6ONdcr4v3xHlQi3 uyKIHWBttQekabpd/HZ7q6Bmpdv+XcyokrZXNkpNTQ1iF9eD0rriBxX5Lj2XVjQrqdw7Vslj/Oi5 pVLlR41Sw0c1UvnWl3x2Iu8nh39QI535zKGlj7X8jQee9tDtPkWHpqYmwe4vQneVnUt3j11fhRb1 ux71SF+8sVxqkPUT7Js+a5Cq9m+WZqn16eRoNXzX16jbj9CxRrS3+Yp+Mt+aj85IZ8TPWW8LPetN 7PAkfeJnV2C5MrSdhcXOw39R259SS4FOTR+fdLV7fZsXjOQ2rPUHP/1C/wzi/fzy+IuHRfu3S3a7 +DV9IpWvnuFRP6NeFTsb647Y6j/W9qtTJKr+I0mxlV+MD+r4cmyTu7+JHYwrtTGpxtmPzzSqfU6n c8xOT37OcePdRsmua2ONHxz0GH+0HXu9ZUfFz1N+5OOPTomo5LvS7ypSx29I/R5bL1V83CA1NZ6R ykse82i7KFjv7J+ieWuHYeO3lmMEDnmXXI/7C6Rl+6ukSrlNOdvVEWnHxpekAu0ZXi6nGB8+08kQ eXj09UD5qeOAzz1QyStK/qby02GgkwRIoHUQUO+p+ueMRGoWtnwDn98SWb5wZCGcSO0pTm1JvufD gPJSljtsuDTc4wYr32SLpJO6h4REcLId+7Wm38JDlxIhUtJu3jTUJYQ3hZBAeyXgqPu9Nr6pfywJ dta/qDqO+0+b82K1E2egcOjHtVMbw5f/aFnQaiovviWMvIqkCp0hRz++Byu3R1jfDZJ8GwpUvojK L/KpKpkcht7yS3Spxx+xXDDsUvnCwWGll8vQd+4uSVf8oDzDCYyl/dRuGh623rhviXRSZ+D10M32 jmRVnhv6PnPYIyjgRcsJt2FISetRx0H8PI2lgv/ykWGV416hm7/Hl1jqP5b2680mmv4jiRJFW/5A /cdvPSh9zlvn2K6FoczDiO02WA0Xz59qm9L0KSj1W3+qDtHwM7/+xDhW9UJY7VfloI5vznIbOH6r HMM915YMjEhvWf81/+X5DB95HoH/0BFN/Usm8guXM+ORAAkkjkDYhrI4qRSufMOe3+JUjliypaHO i57t2FNh3WwfXLpL+sTfU65XfsZffiItUR/a9S+YxgvScqShTkNBBwmQQDwJXHhHKlDHt5DnQs/Z COfe9H2ZFXk8tuOsS+MA4Q++4jLkyZG0sU6kk/84o74Mep6tkjzTLvTwf1Hat8xzBpOaz5gZz0rb j9b6zaO+fI3fcgybtlKqEDN5Gg8v9dDrvicOBy1fJOV3ZeSaOajOLFN1Vs/Dpj0rHRQzBIMdje9u k6b5/GFLNTzkS8Wrt4qZMnGYlRRD+3EcD2GkzcuXphSvdNZbsLJXvTRCq5+AMy59MrgordNmgqqc wjuvPuL5si9nbavc7TNzUa0/3DdbzNILXn/yzNFo6z/q9uuHSTT9J+rynz8QtrFUNnLG4zi6qJfW dmANVP+tdPzxARLd+Cdn03hUN6NRuw/kSyVizKza9YSbkQhb+KfzmmRjx28t27Ac9bt+5aGX1t80 /V31Kd9XHl+2VTqpn0mnSPCe0RooD7f/Aumkbsalp6KR8zeTn6fuvCIBEmgNBMI1lMVL13DlG/X8 Fq9yxJJvipxYDPo8VAJiQd3D295Gw7/koGBUrthLvQH19Z+iyWGX17FFWnoGevT2v4C2mkW8z+f3 PIqskauFmNk4fWWZ4bvJeevf/OEmWLLFwthDXwu8wLF3Il6TAAmQQBISsJ1rBNLFLovyelFi/TSb zQa7c/wXN4COGZDXn4rokPO4LFZbktdik9dA6igWz/Bem8o7wxYHGs83wiZEWsSuj/Ki8/42bfBO ZvS1Q9z/Gs+nIKNbGuw21+L3Qp2wD8eFRtRfSEFWN4szvXz/dJY/7BySLaIDr/0ozbnpE6a+BWnt vaYWwFV/zcjongX7WdGuxbpoWRE0pKjr38j2G03/UajHWv6EV955sXbjgTp0yh6I/NsyYTtfj/qP xfgjNp6Ql7LMyOiJ3jdn+q5tF0zRaPi1kvqziTFQPHmLjTnEuNE5vIHH8PE7GNtkCIuw/skvGSqV OpJAYgjUbf4Jek/aCPHpK96YfktihOqkmC1fp4ppThrqTEMfi2AHao8dgSPjVuRld4olo7DS0lAX FiZGIgESIAESaO8ExILF5e/ZkH33Heganm2hvRNj+UmABEiABEiABFoZAbMNZWbLbw3VEerv+q1B R+rgQ8CC3rcP8vGlBwmQAAmQAAmQgIkE0nMwcIiJ8imaBEiABEiABEiABEgg6Ql8I+lLwAKQAAmQ AAmQAAmQAAmQAAmQAAmQAAmQAAmQQBsgQENdG6hEFoEESIAESIAESIAESIAESIAESIAESIAESCD5 CdBQl/x1GP8SXPnSJaNBXtaXBwmQAAmQAAmQAAmQAAmQAAmQAAmQQJsk4DjnLJbDnmJO8cyWb06p PaRyjToPHLzwRyA181Zs2bgFUqcccG1sf4ToRwIkQAIkQAIkQAIkQAIkQAIkQALJTyBrQLF4/5+K Ln26mFIYs+WbUmgvodz11QsIL0mABEiABEiABEiABEiABEiABEiABEiABEjADAL89NUM6pRJAiRA AiRAAiRAAiRAAiRAAiRAAiRAAiTgScDhgM3m8PRrZ1c01LWzCmdxSYAESIAESIAESIAESIAESIAE SIAESKA1EqjbnI+MjDTM2PmP1qheQnSioS4hmCmEBEiABEiABEiABEiABEiABEiABEiABEggKAFL N2fwmQsGzqq7bIPtclCprSqQhrpWVR1UhgRIgARIgARIgARIgARIgARIgARIgARIwBACn+xGyjUZ yLhmHGoMtP0ZoluATGioCwCG3iRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAslL4O2VoxTlM5KmEDTU JU1VUVESIAESIAESIAESIAESIAESIAESIAESIIGwCHx+ADOfd8Xss3QKcixhpTI9Eg11+ir4ZBtS UlJC/AZg+LjZWLu7GrYWfeI27L58EqXLF2PtgTpzCkn55M/21277X3PdQaxctBKHaptNGX8on/zZ /tj/OP5w/DXjBsT7D+8/vP/w/tNe7z9GjrnHNixDpTNDK16Y8j0js45vXhIPjYDj+O8lQTuCX760 5yOHlr6tOmpLJytMiqTTVxJfSsonf1e/ZPtrf/3PLpWOU8bkqbsSP/hIlE/+bH/O8Zf9j+NPwglw /OX4y/GX469oA7z/JHz0lUx//pWk2k2u999Rr9TFVv7L70v5qn3nicOx5ZXg1JxRJ0ZA9UjN/glq KitR+e5BzB+m+hZiz7uyn8t/y5pFsKpB2IsRvRYkzYKEmtqROrSZg03mzCKkfKXGyN+UWaxsf+a2 P3W8+rgZpq79Svnkr7ZFM85sf2x/ZrQ7VSbbH9uf2hbMOLP9sf2Z0e5UmWx/5rY/tR6iPNeVPiUs Nq5j28M/iDIXc5J1MEdsK5XawYLeeXlO5T7sqOhYUID821x+sk/ebYMw4cEpWD/hekzdJvssx6Ga xcixflO+aPOH2Z90U765TYz8yd9cApROAiRAAiRAAiRAAiRAAiRAAiEIfH0SK4sUM11BKUZ0CxG/ lQVzRp3fCtHN2/gixdeK3KErHnjy91rKgyfqNXdbd+jImFJUyjcFuyaU/DUUpjjaO39ToFMoCZAA CZAACZAACZAACZBAUhE4u7sEaxWN1zw5FmZPOIkUHg11kRLzE99h9tuzH52M9LJ0kJeok48MWEyY g0n55M/21177n+6Weo1kwg2W8l19T/xP/mx/WmNIlIP9TyPN/sf+pzWGRDnY/zTS7H/sf1pjSJSj vfc/Azi3NGDdmBddGQ3dgEn9k+/rRxPMLgaAT2QWYnD2d9T+dY/mPTg3S3Mnt6MJu5avwJHGZljS 3APEp9WblGKVoM/4Tpj3nVStmA67A3mTnsQDeddqftE7KJ/82f7abf+z1WDVwvVoEI+DljR1FHGg 2rnEgLjeMR5j551Ajhokxh6H1BUTnnoc1nTVM4Yz5ZM/2x/7H8cfjr+8/yg3Ut5/+fyhNAU+f/H5 M57P3zE8ugdLeukvJVisRFj2VPLNpnOqnuDNK5JEnG6nqaEbpCZ5p1Pnzy41fVwhbV04SrbeKb8i 6aQ9SYoVSs26jbpyqeXTnfPy/IcPfU3sDWPAQfn++aptjfz982H7axP9r3bTcP/1q7R/sXyo3/BR r8a4G5QydFE++bvv675tje3Pl4nMi/2P448BT39idz+OPxx//I8xMheOv/7ZcPzl+NsWxt9AZYht 19eL0krtvWGJ9EkgIa3cnzPqxB0g6LH/QWRc/WDAKHPfmIcc9+SzgPGSIuCmEdi5rBhHbCkeU5w/ rX4Wa/eJElRVAfctwGLr/8GuFkg4ek8apsW/9N5mTJheCkuvcKDY8eX1k1H6/P1wToihfPJn+2u3 /S97xEKsnNEbF3WzeSFWCK1estK5W5Nz+Cl+FgPwpTr6wPHldZgw/BbturpkBubt+ics6mZAWogf x2UHbhy9BKumf9cZSPnkz/bH/sfxR//sxvGX9x/ef+Vl6Pn8IV7/+PzF588gz99+nrJN9Wqu3oiZ wmwhH3PfmIKuLmfy/d/KDYkmqaebUafOZvI4W6XHl22VTn5mknoJFltfOkmZySJmD8ozC4MctSX5 fme9iJ4RwD9fqggxHY/yyd/Vftj+2mP/Kx2njB0FpUFGHjlIjNvDAo0zAfzFjOkQw49E+eTvHH/Y /tj/ghLg+MPxN8B9JtDzL+8/vP8GHVMkPn/w+c/17tzqnz9CNOQog6OfUae/H8+WToewXUSpXkKS cUZdSNvqApz+ohhdW8R6SHLcDhakd9T/xTFkBkkfwdGSopShCY4WmUHgIlk6Xhc40G9I15AbVFA+ +buaDttf++t/up16lB24A4++Ym27cGbS6ceha0Qa/bWPm/I1JOTvfAYI3F7Y/tj/tN4SnoPjD8ff oC2F9x8ND+8/vP+IxsD7r9YjvBxmP394qWP25YfbML7MpcRPt0xFzyB2C7NVDSU/iVUPVTSDwgty 0FUY5lz/DMozibMJPEi6CtX9/o1oGrwa9hY70jpoK/L6LbEzTscspEfQCinfL0rNk/zZ/tpy/9Ma egDH6K12NL3cJMafNDH+BIikeMvjT0ZnYzcConzyZ/tj/+P4w/GX9x/ef4MR4PMHn7/a2vNnsPae 6LDXV05WRBZi9lj38jiJ1sMIeSFeZYwQkYx5eJqDPK+SsTzG6az7+17ATNM7p4s150JvwxhOHG8h lO9NxPea/Nn+wulb4cTxbl1m9z9vfXyu5RnPwvgWevRBWGOUT/6hPCif/Nn+2P9CjRMiPJrxN2S2 HH84/nD84fgTcqDg+MPxN5yn5DAaUmuM8ulujClxKTb0xflJv48ADXX6RiY+b62tqoWjw0WcuawE fFSDcrGKaIb8yac4MnvnISvSz6tcSZP2f0sH+RN5+ciIaPabK03s/1M++btaEdtfJLNPY+95rhzM 7n9aOW5IDfLZgxYrfg7KJ//4ta7QObP9sf2FbiXxi8H2x/YXv9YVOme2P7a/0K0kfjHY/sxtfxHU 7OGSWUrsfDw52bVZXATJW13Uq54WR6vTyiSFmmvWIcs6Eq+8shHlpxQlPv0zNr7yCl4pcf1WVvTG E5P6BlumzSTt4yc2/ebv4pZO38Z9s6diUK/O8RMUIGfKJ3+2v/ba/zqgV95dSP/2dzFn2gPo+e1E /22J8smf7Y/9j+MPx1/ef3j/5fNHgNe0OHnz+at9P38BFz54Hb/d9TfcMvIRjB8Qhv3h0l9QeO8K NIoW2feZNXju3u5xapuJyzZF3rIiceJauaRPdmNAt1GoDKLmD1+pxuvTk99CG6SIDCIBEiABEiAB EiABEiABEiABEiABEiCBhBOo2/wT9J60EaNeqcMb00OvNVf9m5HI+8Uep567GyWMyEy4yoYLTPSf BwwvgKEZXj8SFbRbGoqUmZEACZAACZAACZAACZAACZAACZAACZCA8QQcqPuzy0iHqW+1CSOdzIiG OuNbCnMkARIgARIgARIgARIgARIgARIgARIgARKIKwEL7l9zEv9fkQ3Zd98RV0mJzJyGukTSpiwS IAESIAESIAESIAESIAESIAESIAESIAFjCKTnYOAQY7JqLbl8o7UoQj1IgARIgARIgARIgARIgARI gARIgARIgARIoD0ToKGuPdc+y04CJEACJEACJEACJEACJEACJEACJEACJNBqCNBQ12qqgoqQAAmQ AAmQAAmQAAmQAAmQAAmQAAmQQDsm4DjnLLzDntJuIaRI4mi3pWfBSYAESIAESIAESIAESIAESIAE SIAESIAEWgWBS1WHsPfEp+jSJx+DrJ1ahU6JVoKGukQTpzwSIAESIAESIAESIAESIAESIAESIAES IAES8EOAn776gUIvLwItDthsNqDFy5+XJEACJEACJEACJEACJEACJEACJEACbYeAQ37/d7Sd8iRh SWioS8JKS7TKzXWvIiMjAymz3kq0aMojARIgARIgARIgARIgARIgARIgARJIEIG6zfni/T8NM3b+ I0ESKcabAA113kR47Uvg6m+5/GovgXZ1Xzz0IQESIAESIAESIAESIAESIAESIIE2QcDSzVmMMxf4 9m9WfXYwSzDlkgAJkAAJkAAJBCfQfK4SR6rOQ+qWg0F53YNHjkOo2fJjLVKy68/yx0qA6UmABEiA BEiABEgg+QjQUJd8dUaNSYAESIAE2gUBB7aOHIAp1XJh81Fh3wOrJZEFT7z85rqD2HxAfGbhVU5L 9zvxwJDsCAufeP0jVDDO0dt7+eOMl9mTAAmQAAmQAAmQQJwI0FAXJ7DMlgRIgARIgARiJZDWS+Tg NNTtRc3fv4K1/zfDyrLxVC0cliz06JYeVvxAkaKVHyi/4P7CsDR+CKY5y+sVs+8GFBzP9rbfeUXy vUys/r7yo/VJzvqLtrRM503AqPr3zjdpr1sacPRwHTJvH4ieHZOgFJcbUH7sLLLvvgNdvf7okATa U0USIAESIIFWQIBr1LWCSqAKJEACJEACrYDA5wcwIiUFKWH9RuDghfjrbP9IlWFFTs/wjHTNH76C rr1y0POGiaiMcWmRaOSrGkd+tmDYqjWYOm4sphZNdf6G5ym5dE2LPDuRIrH6R6WiT6LkrT+foiTE 4/zBZwL02SdxRt2t3laBwgD9uvjNTxOiZ7hCjKz/cGW26nhfn8SCq6/HnUMH4ei5rwKrGuX4HY/2 03x2GwYNvRPXp+naYGDNGUICJEAC7ZtAlON3W4fGGXVtvYZZPhIgARIggbAINF84g71hxZQj7UV9 g3hp7Bye8SzsbD0iWjC2tAI3fnwe6NgTOWHPJFE2AEJaxDPQPMSL1NHJ98wlkqvMe4qwVvzU4+xr X6HH+E3qZYTnxOsfoYIBoidv/QUoUFy9bWf/HCD/SthkQ538pPt5DXYEiPXG2UtYgi4BQs3wNqr+ zdDdeJm75vTFYme2+eiRGXi8jXb8jkf7Sb1hgFisQL5LLMJNP7fCvnZ0jGOx8VyZIwmQAAm0FgLR jt+tRf946UFDXbzIMl8SIAESIIGkIpB6y8/Q8MG/o/4ykOa8O17EzqcGY3GZqxjb361ET9nZYnca zvL6BX5pNKrgnbKtGBjp0mw64TFOqEOs8nWqROV0tKRElU5NZLb+qh7RnpO9/qItdyTpsifuQO1N e/DAwEmodCa04lDlWmSk9USe+tnhTZNE3+6L88Jwd+w5Kx7eJke0oqR8HQrv/k4k4hIaN9b6T6iy cRB26a9LMXaVK+M+S+fjziBf8kc7fsel/XS6C/MW9cLeBWJK9LoxeGnKJcy+49o4EGKWJEACJJD8 BKIdv5O/5MFLQENdcD4MJQESIAESaEcEsvrlIUtX3g/VWWwFpSi4Tf0OUxdBdToasG/b27DJ1w47 UvsOEvE74fCG3+A3u/6K+vONkDJ7omD8w5g16Z4gsyscOLZrB2oup4j5cOphh9RJbKYwKjyLXaqa TJwtEd/lY5fvuFCD8rJyHHunHJXnmtEoyi4fmbfmi89ZHxZcMp3X8fkvNv3lXWJ3iLWwQh2dsu9A /m3d/UaLtfxm159owKg9thc7t+3D0Toxm1M5srLvxDDxWXL+7X7WCjSs/avSIjhb0pF9z0QsKJqE MSVyugHIFP04x6vtu/p2E44JQ7zzmLoA0+7JVS48T2eP7cDWDZux/X2xsYk4UqpS0KVwIB6Y/gAK huQG6b9ybAfqDm/HltKd2Pv+WdkDWZk9kHtPIQrH3IOU49tEvv+DvPsfQUG/Ts5w/X+x1b+cUxT1 J1I5N3J557+Rphg37cJKmDdyAqxydxVrrh3etRVbdos+fUrsQi3GsuGjH8HsKT9AuhdnEdugownr HnpCycuKFyd/L2S+UY3fcWg/sqK3F60EFoxy6jzn5+tQ9MEMBLEzhiwbI5AACZBAWyYQ1fjdloHI ZZN4kEAIAo66jZLcVDD0NckeIi6DSYAESKDtELBLpePE2BfG+Oc4/oIrnhw31K/fKumTKwEoOd6X rH7T50sVQQZgW9VGaeyw4dJw+ZeX59YhL9/lp4bJ59wCafvfmv0rEKV8NTPb4V+7ZfstB6S+zxxW o4c8126a7Mov3PtPTPqL+h4WRv0p5drd6Kt+tOVvLfXn+OiANC1AvbnbdZF08COHR+ENa/8euUZ2 YXvP3Qcf23Heb2LteUaUcdl/XfKN89n70vy8UG1AlP9jz/JrGTW+I80Kmd6V/9AXq7VkRtV/tPUn iae79bm+5R71ap3UWLUpYJ9+7A3/nLWCxeBwHFeePeX2WFAaxfNn+OO3rKYh7cejvDr5ogxrAo25 Hml4QQIkQAKtg4D6/DXqlToTFNKNn+E+/5mgZbxF0lAXb8JtIH/twbYdd5Q2UI0sAgmQQMQEInhQ EC/4i2dMEUYy75ddqzRzxmgJwmDmNnRA+umWAA8+Vz6RthY/KI0pmiqJDRWkAi2/QulkEENd3Us9 PfLXy/LnztEZCTywRClfzaPupYE6PaxS8eqt0qHyQ9LWZT/V+UPaVBvAUKhmpJzVB8Ww/1AUk/66 +hbGTJm/+ps5Y55UoBqwrK469meoi7b8raL+Tv3Ro46AfGn5xn3SkaNHpH0bl0tizS2P8G16Y51R 7d+r/iO6bDktzVJ17Pc7qclP4vJF31HKMFs67W0sb3rfq4yu8ldWVkqH3ixx179TRr504DMvARf2 +xjZhxXNl1asXiHNGtffg53cJ/UvP4bUfyz1J4rSWL5Gae9jfHRVx5Dh48Z6MBq15awXBOMu3XUF KTqDoK4/h/P8Gmv78VP0xgNz3CwffdtPDHqRAAmQQOskoD5/6e9VidM0wvE7cYolVBINdQnFnZzC aKhLznqj1iRAArESiPxBob50kvvF7N5V0mmdcc1xarf7RX7ohrBmiLjzC26okz47KYwJe6W9bx6S dq6eoehglV7auk/xl8Ncvx07y6XTX4THJmz5anZCjy1rtkiH3q1XfbSzo+oVjc3QMP9Cqz4ohm2o 06S5HJHp765vnwfTlhPSs5rRNMiswGjLb3r9XZRW6ss3d5fU5G3IunJR2jkvW6tDyDNDA/IWRj0D 2r9X9iEvq0pGaPpt+rtXdFGH6mxB/Ww2Vyy7tKvIbYi895ky3/KLHlu+fKSWP6bqZ3m5247TqNV/ iVTR6DnrzlG729PIpe8DMde/MfXnZKHjpBroUPCydFIzTNql2vI90hYxjvi0ES/kUV966GD1NYqG lbGuTsIx1Ik8o28/ARTyMN6GGMMDZEFvEiABEjCDgPr85fM8lBBlIh+/E6JWgoXEbWUJcXPnQQIk QAIkQALtioB784N8HHhtBnqqi9kLCqk3jcCKRd/BwAV/B67RBQQh5M4vSCQ5qHMOBo7McUU6/Qnw S9k5AAPHDfNZq8sVKbz/w5avZif0mFAk9HDYUPveUTReFgtdiRW9MjpmIDPrVohZac7dN8MrvZpp 9OeI9VfWL7urr26lwssnMfuavlihqNF3bhnee/IH/pWKtvxm19+HezCzSilSv9/hnSWjfdfT6pCB MYuP4reV1+FheYOV449j7wcPo6i/e1MVN29j2r9/yIF9c0c+KgL3OCMs3fpXTHzKva7ZpXe2Y62S tGjsdz0zufQOFjnXtxPe/VbhtSfv8y2/aMf3zPo95s/e7dqFdJ1YS/I398MqN+bT2zDeuUGFnO1s nKyY69PvUrNHYEfdRliyJ8uRxEpyuiPW+jeo/pwayTvl6o57nzmM10V7d/dZi1gTMB/ZujiGOx0O uFa2FDnfOw23djZcgt8Mo24/fnMTnv96Kx4QS5tWKn3L4cU2UDL6kwAJkAAJkAANdWwDJEACJEAC JGA0gaGTcJeflcOzusuGA2Go+yK23UyDqdusvQw2iR1qRcwE3umbTx3Bb5f9HDNLTgRTsZWGWXD/ zib8vwti8f9uyg6N3kY6YbQ4LowWgQ4jym9G/Z2trNCKtPoPU/wYqdTgDExd9nthqPu50+PoiXph qLtFDXSfzWr/Xe6CWFfSaTQ78fR61Pzqe8hxWpgcKHv5aZd+QzdgRDe3qrKr+eMzyo6x4kIYIFcs /9JpSXNv6CL8hWXNYjntMtLJibAdNWKzFOvNqWj+QuwErRxP/Gmmj5FODUu9ZRKqttZgyrLjGHGz nwFCRIym/g2tP/148WgZ3grS3tVyGX1urn8fe9VMhZHfbSRUPeN0jrL9BNYmDV1vFqFOQ912VJz5 CladYTtwOoaQAAmQAAm0dwL623F7Z8HykwAJkAAJkIAxBK6Rv5BrZ8cnu2Hp5drlUC157rACDMru hPq6Suwsq1a9W+9Z7ACZpRpxvIx08syioEaLJC6/42th1FWOphZ5rpd7lpzqr53FbEn1uKjMQFSv tbNp7d+CYQ89DWwTP5Rg058X4bmhXYDP38FyZcbbYw8P8zX8XP0tTXXZ8eyc+R7XAS9aXAb3+vff 1KL0+bcMze3PkTv+OVSO9xcSvZ/h9aeoMsraI3qlYknpVR+xZBVZ2ijbT2RCGJsESIAESIAEQhKg oS4kIkYgARIgARIggQgJxHHGXPiaCINBAu/yZavcRrrRS8vw8kP3IaujTtuWJmwYdR2myJ9NtvbD 20i3VBjp5vwgqNbGlz+B9ef4XCtbz2uDz19KvaarFtfj803NVzhMbP+d7i7ENDzt/Mz11yvfxlND f4yzZS8oM+YKMWmgMNwFOwpXYe/kGxHsM0WH+DQzPdOKgdkug2b6zbeJHF1zwOxfBcs8krAI6t/o +lPVDFjBaoT4n4d+v7evYTWOYmNuPx66ic+Evz9IGI4PefjyggRIgARIgARCEfhGqAgMJwESIAES IAESSEYCJag5nyC9WxpQvUqRJT6X2zXHy0gnB3Ww43wSGul++OIxt5FOlHP99PuQd99zqGnRsY1L +RNXf1m5Q7TCbNpfq7n9OaoP/FHzHpyrW8tP8zXZcVUfPLxMGEfkY/8yHDlXj32r9rmun3gYVr3x 2OXr8f/Quwdi+MixGDsm8G/C+AkYfk+2ZkDKyOqp5TF9fbnm9usQBuva47WwhTSChV//bar+vKDt 31vluZ6fV7jhlzG2H099HKjbRyOdJxNekQAJkAAJhEOAhrpwKDEOCZAACZBAOySgm1kkPuXTXQVk YemgfPIaIH6ocO+MtfiIYHbNFbG+lnLU/PN/VKf7fLkBVYd3YOumMjSEMBaELT+lCWdUCefcn0aq XhDGibJFP0Wx6hEOTBFXkx+Ap5pdoLOWPlx+2kw6qzPLn75ajdd/+T139qKc+0r+hOo/FeNIjW7q lJHlN6H+OvUagHyllPsfzUVJlZ92I8IvVW9C3i/2KDHzccd3rnWzES6Nd4D6ChXukVkMF7kTfqak rsTgG3pqG2WsGX+H31xTb7ZilhIil39zna5uvVLYTlVi60uLMX9hKWyKsVafHi8Ow6L9//BK5bq8 dHw7Rlx9HXL65+DONX/3GwdR1L9R9eet0HVh9lPvdLFep+pnAoe58Y6vTJ3yAdqjbxqXT6TtJ1A+ Tn+dYdhjzcOgiRhIAiRAAu2ZQPTjd1uipr8VtqVysSwkQAIkQAIkEDGBxuNVOK8arzpcxBl1Da6P alBeVYUMdRaVJQt5/TJ1+YtdCutqsG/nJpffjuXYW5ULa49sZMlrxot1v+pra/HX45+6w98T4b1F uPoiJ9b+qjpe785TPKfUqfHFelt7Dz+E5s7CEBhQB1fSVDG7RzYzVYrfU3dORZ/KlzCoh4RGUYZj r2/B1CUbNBlL+zRjjlVZjywW+VfdhEFiEf+18jpgO8ZjTDHw5JQfIBNNqHvvEFZO+IV7cXgRpb6u SpT1/5AudO3ROVXRRzCqEjONtPLpyq/w7NpiV+IKo1BGT/S+uZN2Le80Gxu/Jqz6vrq7q0xvNory vomq95wrwbvkfH3S/+weQ8rvEmFK/XW6Cys2TcbeSRudSky3dkLdi4cxa/L3kCE/Lzsu4timFRj4 y+ddSor/R726EnfKbdt5GND+1ayMOF8/GOuHwesz6yXID7SQvzyLatejWDHmRaf0Sb1TUbuxHI8M u0P0Xwk2WxPOVpVjy/MTsUKbFWrF2DnjYZWfpEX6mQeexoohTzvTP3lvdxydW4olU34g2rcFTR+f xOHXFoq+t98ZLv/XzSL6sp8jqvo3oP60vifauLrj6h9W7MMv81wba4gehx690tHkuA49MtU+66cA Rnh1t4rPl8V4Iue1owYXxZjQNYw3lujHby+lI20/XsndlxdRr6yNCBQi5ztB1n50J6KLBEiABNod AcPG77ZETuJBAiEIOOo2yk+TEoa+JtlDxGUwCZAACSQrAUfd711jnTzehfFb87dmraiO4/7T5rxY 7YwTKFw/rtaWDAxLrls3q1QRYFAuL74ljLyKpIomrQhSrPJtx34dhkwvtn03aPeVgIwC1YUurVyK WPWXHO9LYlZZ2GVYXeGuf1l+rOWX81APM+pPEjVRvnxkWOUXG2to9SbrHKjuImn/atmNOjfu/pVH WUa9Whcia1H+hYM90rj7mm+76Dt3l6TrPs68q0omh5W+32OlUtOVwOpEU//xqD+/5ffqd4FLEUNI y2lJzHDUWG77OHResYzf/nKPvP34yeXUH7UyCMO/dDpInftJTS8SIAESMI1A7SbX/WzUK6HunbGr aPT4HbtGrSMHfvoqnkJ4kAAJkAAJkEBq5z4oCBuDmB3R1T07IjWjq3MWm3fyod1cU44ChT9Y4F7n Kr37972Th7jOF58a+o9yz7PHsG/ZDL+BY2Y8i+1Ha2GX1sCqzYgCYpXf6Xu/Qn25yNOP1GHTVqKi Ucy6OrzUI/S+Ed21T4pTv32T9vmlR6RAF4N1yos4seqPq7IwfFy/QNI8/fsvwKAcd/3LgbGWXy/A jPqTZ0zdM+tN2Cp3Y5aYjeY+dDV632zsqWx07n6r+zAFgdp3JO3fLc8YV+Z9v8QSLatCPDX2Fu3K v0OUf8EBNL67DdPy/MeAaKHFq7ei4mMHji8ZDc8WCOROexW22gOY78HPndewac/ioOD3wfP3Iz1A 35VjR1P/MdVfBH3v3nHuPusumcGuq3rigZIRWqZ7//yh5g7kiGX89pdn5O3HN5e6Y3s0z6GvTEXP IHWuRaSDBEiABNoZAaPH77aCL0W2F7aVwrAc8SHQ/OEmWLInQ8z8gP1PP9ZequIjjbmSAAmQAAkY RkB8Mma7bHN9LtvBgvSOwrwS75dF8Zlv4/lG52L5FosFGZ2zkK636hhWuFaakZHlN6P+FKwOW4Oo x2ZkdM+C/az4GDIzS3wGmmQVKepCbNAqbFiWgEbtQK3IcaER9RdSkNXNArvNjrT0DFf/CZTAy9/F LwUZ3dKc6eV+INSI7Iih/pO+/j49iJRMZZOTfqvQ9MEMH8NoZDCjiB1D+4H47P931uvwkPLl/O5G CSP0qyVEoQ6TkAAJkECiCNRt/gl6i+UwxIw6vDE91B+6EqVV+5IT78f19kWTpSUBEiABEiCB1kRA 3OXT073n/cRZQWEQzOrWA61wP9A4F1zJ3sjym1F/SjEs6V3RQ2k66dk9EsPOaCmiLizqGpAR5m0R hrXenV2J0jtG3oc8+EWR3ik5hvr3kJ+M9ddlMHYVAWNKBInjj2PPBw9jYqA1BiOs27Cjx9B+mj/c oxnpUFCKwTTShY2dEUmABEiABAB++spWQAIkQAIkQAIkQAIkQAIk0KoIjH7qTU2fSav3ae7W73Cg bKX4EkU5dr9wP79GUWHwTAIkQAIkEBYBGurCwsRIJEACJEACJEACJEACJEACCSNw/UiIBc1d4taN wfZzCZMcm6BPdrtmAopcxCYmGNEttuyYmgRIgARIoP0RoKGu/dU5S0wCJEACJEACJEACJEACrZ5A 9sRXsG+ea32kxv/+qtXr61TQuTAi0HduGf5zMtd2So5Ko5YkQAIk0LoIiNUveJBACAJXvnRFaLCH iMhgEiABEiABEiABEiABEjCKgAXDFtfB/pjYFCfdc6dloyQYns+N49D02Tikd4509xDDNWGGJEAC JBAdAYdrCrPDnhJdeqaKmQANdTEjbPsZpGbeii0bt0DqlMM1Ntp+dbOEJEACJEACJEACJNCqCFg6 R76hh2kFEJtQpCsbkZimAwWTAAmQQAwEsgYUi/f/qejSp0sMuTBpLARSJHHEkgHTkgAJkAAJkAAJ kAAJkAAJkAAJkAAJkAAJkAAJxE6Aa9TFzpA5kAAJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkEDMBGio ixkhMyABEiABEiABEiABEiABEiABEiABEiABEiCB2AnQUBc7Q+ZAAiRAAiRAAiRAAiRAAiRAAiRA AiRAAiRAAjEToKEuZoTMgARIgARIgARIgARIgARIgARIgARIgARIgARiJ0BDXewMmQMJkAAJkAAJ kAAJkAAJkAAJkAAJkAAJkAAJxEygQ8w5MAMSIAESIAESIAESIAESIAESIAESIAESIAESiIXAZRtq P6pHUwuQJvKxZGSiR/csWITlynbeBkvndKc7FhHJkJYz6nS1dPb1x5CSkhLh7zmcEY2oTR+XT6J0 +WKsPVBnTjEpn/zZ/tpt/2uuO4iVi1biUG2zKeMP5ZM/2x/7H8cfjr9m3IB4/+H9h/cf3n/a1f2n pQG7Fk1ByjUZyLFacee/W2EVv5xeXZF2tctGk5GVgbQfv2HGkJx4mRIPjUBtyUBJ1ECEv0Kpwq5l 0SYdtaWTFSZF0ukriS8i5ZO/q1+y/bW//meXSscpY/LUXYkffCTKJ3+2P+f4y/7H8SfhBDj+cvzl +MvxV7QB3n8SPvpKZjz/nj8gFXjbYfLyJKu3n3w99DWhYds/OKNOjIDqkX3/JlS+W4ny0idUL+CZ XaisrHT6y2HqTx/H4o7dNl3ajMEm2DR3AouqyaR88k9gu1NFsf0pJEzqf2o9fNwMh+o240z55G9G u1Nlsv2x/altwYwz2x/bnxntTpXJ9sf2p7YFM85sf/Fvf7YKjMgcgh1K/fZ7bD1OfuaAJGwwFZKE po8OYH6ervKvkecQtf2Da9Tp67hjV+Td1hW47oTmu2n8aOT10i7dDl0ct2fbd5ltlKR8c9sY+ZO/ uQQonQRIgARIgARIgARIgARIoK0QeHvhrdirFObepcfw1pzveRQt/ebBWHRgP/Z1HopKOeQLU/90 76FbPC84o84P3WZtBg1gt3+lxTh/bDPmF7+MmsvCSxenfTQVFwazy0r5WnM0xUH+pmDXhLZ3/hoI OkiABEiABEiABEiABEiABJKbwOcHMPN5tQhLsN7LSKeG4F+HYPY419UP87Nh9uQRTa84OmioCwE3 7epvajHeXjQJzz73MA6dEca7m+/Es8P6o/+0gchs4/MSLR3U6aUZpuywQvnk7+qEbH/ybkeJPszt f7rbsJjmrrtKEAadRMon/wS1OrcYtj+NBfsf+5/WGBLlYP/TSLP/sf9pjSFRDvY/jXQb7391ZZtd s+REgee+MQXi28aAx5jijc6wZrHza3s4THjtSy6sW5+cjbrvpAqlHaguc+nuHDqu6onifX9DcXIV J4S2Tdi1fAWONDbDkuYeID+t3qSkK0Gf8Z0wz8nD5eWwO5A36Uk8kHdtiLzDCaZ88mf7a7f9z1aD VQvXo0E8Dlvkvdidhxh3tynOHeMxdt4J5CiXEGOPQ+qKCU89Dmu66hnDmfLJn+2P/Y/jD8df3n+U Gynvv3z+UJoCn7/4/BnP52/do3uP7hm6K19nau4kSNIk34C26tP298uIvISOuo3KLqfKbkNeu42s +Vtz5JkmQ4oQ5YbYeUX0A9+fUTuvUL4vWz1v8vfPh+3PmJ2PTO5/tZuG+69fpQ/k5fkZe0TYqFfr DBldKZ/8/d7f2P6c/ZL9j+OPv/7B8Zf3HyNuwLz/8v7rb3xR/Xj/adv3n52Pq+UrlCq+MGJEaTt5 cEadGAWCHXO3HsWkvvJ0jYvY9au7ME+ZVRcsTdKG3TQCO5cV44gtxWOK96fVz2LtPlGqqirgvgVY bP0/2NVCCkfvScO0+Jfe24wJ00th6eWekadG9T3b8eX1k1H6/P1wToihfPJn+2u3/S97xEKsnNEb F3WzeZ0zmZesdC4w6xx+ip/FAHypDSWOL6/DhOG3aNfVJTMwb9c/YemoeQV2XHbgxtFLsGr6d51x KJ/82f7Y/zj+6J/dxIwqjr+8/4g7JO+/4vWHzx98/uLzp/ZM7f38rQXE5DiDBrEPgDWcZ/iY5CRR 4rZjczSuJPoZdZtq3PnuGuey+K6uUGbUXbFL0hV3eFt11ZdOUma6FEknQ5S3tiQ/6KwY0TW8wvOl CoEx2EH55O9qN2x/7bH/lSrjLgpKgw0TIswulQ7zHl9CXA/dEHI2IuUrDMmf7S8oAfY/jj8hxlvv 5z+Ov7z/BB1TJIn3X95/nc//fP4I0VPMvv+GUC9EcG3pZM020Ga/WgzBIFAwN5MIYVS1X3Hv+jp6 zSeorKxBUX+xwcSlv2DE1WlIuXo6anQ7wIbILimDHS0pit5NcIQoq6XjdRGWsWvIDSoon/xdjYrt r/31P90+t1+kiJVCgx1ibbtI/wp3jUgTLEu9RMrX0/BDjfzZ/vw0i2Be7H8cf4K1D/2Iw/FXT8MP NY6/HH/9NItgXhx/Of4Gax/6ESfk+Bs0o9CBOtvC9rdrQ8dvRzH46WsklZ3eVSzT5tqLpPnjk9jr TKsYD9oJyeAvtUD3+zeiafBq2FvsSOugrcjrl7IzTscspEfAjvL9otQ8yZ/try33P62hB3CM3mpH 08tNYvxJE+NPgEiKtzz+ZHTOCh4pwlDKJ3+2P/Y/jj8cf3n/CX7z5P2Xzx98/mpbz5/Be3zw0Owh 8uYQrt1c9z86D0cm78GdwTaJaxGbyQkzqyXEc35wqckR2g6KGHlFpOqopF0tZs/5OVLTvqX5hjIe aRHbgCP4jBZXAdM7p4s154L1MCVeGHG8kVG+NxHfa/Jn+2ur/c+3tXv5dLAgXRjfQo8+CGuM8so9 9CXlkz/bH/tf6JGC409YrSQMkPooHH85/nL8DatnhfOMqO9aYbnZ/9p3/wurkQSI1GUw9j0ODF8l h+/FXf/vSZw8shA5fr6Sqdu9DL1H/UrEK8LJK2uQo7PZBMg9qb3bePEirBuHDbW19Tj/YY2WsKb6 MKoc4rVPNy0TgppNF0eL3EYdlg7yp+PykRHR7DdXmtj/p3zyd7Uitr9IZp/G3vNcOZjd/7Ry3JAa 4jMFLWZ8HJRP/vFpWeHlyvbH9hdeS4lPLLY/tr/4tKzwcmX7Y/sLr6XEJxbbX9zb37An30H+qrtd Xyt+sAh9rtmLl5oLlXEAAEAASURBVHb+BgV39xb7yjWhvuooNjw1EWvFvpauo8G1HFcbt2SlyIvX qUVu7+e6tYPQu6g8QgyFqLBvg7UtT6tznEHpS1vxv7mFmDYkO0I+BkSnfPJn+2u3/a/51EH8pvRv yC18BIN6pxowoESWBeWTP9sf+x/HH46/vP/w/hvZ00Pssfn8weePdvX8ce4gCm8Ygh1hdJ2SI+cx 7Y4uYcRM7ig01Onq7+zrT6DHmKU6nzCc/Zfgk4q56NrGLbphkGAUEiABEiABEiABEiABEiABEiAB EiABEoiMQEsDdj0/D2Pn/MFvuseX7sSsh8Ygy89nsX4TJLknDXVJXoFUnwRIgARIgARIgARIgARI gARIgARIgASSnoBYjqz+bCNsV+D87NaSkYWszPR2sYGEvu5oqNPToJsESIAESIAESIAESIAESIAE SIAESIAESIAETCLwDZPkUiwJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkICOAA11Ohh0kgAJkAAJ kAAJkAAJkAAJkAAJkAAJkAAJkIBZBGioM4s85ZIACZAACZAACZAACZAACZAACZAACZAACZCAjgAN dToYdJIACZAACZAACZAACZAACZAACZAACZAACZCAWQRoqDOLPOWSAAmQAAmQAAmQAAmQAAmQAAmQ AAmQAAmQgI4ADXU6GHSSAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAmQgFkEaKgzi3wyyW1xwGazAS3J pDR1JQESIAESIAESIAESIAESIAESIAESiIiAQ37/d0SUhJGNJUBDnbE822RuzXWvIiMjAymz3mqT 5WOhSIAESIAESIAESIAESIAESIAESIAEgLrN+eL9Pw0zdv6DOEwiQEOdSeBjFuuc5ZYgK/fV33Kp W3sJCZIYMx5mQAIkQAIkQAIkQAIkQAIkQAIkQAIkECEBSzdngjMX+PYfITnDotNQZxjKBGbU0oAF V6c5rdwlH3yVQMEURQIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkEC8CNNTFi2wc8z3/1mosVvJP+2Yc BTFrEiABEiABEiABEiABEiABEiABEiABEiCBhBGgoS5hqI0S1IANI5e6Muv3O4zIpqXOKLLMhwRI gARIgARIgARIgARIgARIgARIgATMJEBDnZn0o5B96a+bUKykW/jCBKRHkQeTkAAJkAAJkAAJkAAJ kAAJkAAJkAAJkIAZBM4ffAYpKSl+fk/iTIuika0ChX7jpKD4zU/NUDthMmmoSxhqIwQ1YcvCJ5SM FmDq9681IlPmQQIkQAIkQAIkQAIkQAIkQAIkQAIkQAIJIWA7++cAciphUw11n9dgR4BYb5y9FCCk bXjTUJdE9dh84o94uMyl8GM7pqJrhyRSnqqSAAmQAAmQAAmQAAmQAAmQAAmQAAm0ewLZE3egtnwT rBoJKw5VVqKydgusFsXzpklo+ED4Cf/fjlMjWlFSXoUjD31H9WiTZ5p6PKrVgepdO1BxOQVpsANX 5WDsj/Jw9vAOrCvZgkOnzgNSV+SNeQDzHh+Pnh09Esf5woFdC3+uyChC0agb4yyP2ZMACZAACZAA CZAACZAACZAACZAACZCAwQQs6ci+ZyIWFE3CmBI57wHI7JeHHC8LVZbwy0ITjl1W5E9dgGn35Bqs TOvLzgtD61MwoRo1n8TUsRNRqRf6gP5Cdlehqnov1j+1BQcb92BQpnd4nK5P78b4ba68R70606cB x0kqsyUBEiABEiABEiABEiABEiABEiABEiABwwncM/0FoOQxkW8JSt5chOfHdvGR0fzhHu3LwmXT B/qEt0UPfvqqr9WremLWwscxdpivhXbMjJliWqb8Tz32YvD81+FQL+N8fvu3P1IkFOKpsbfEWRqz JwESIAESIAESIAESIAESIAESIAESIIH4EeiUNxKzlOxfeHoXbH5EHd22WPGdjQJr+1inn4Y6fUPo kIHxC1Zix0uP63wLcfAjB3auWoEKqQIVjhOYr4au24KaRFjqPj+Amc+7hPZZugDWhH5yqxaWZxIg ARIgARIgARIgARIgARIgARIgARIwiICYLPVAyQhXZsf/A3s+8sr365PYuuDvTs+hLz6Anu3km1Aa 6rzagXzZrO4yItzPHFmHQTenumOl9sGsw09r1+o6h5pHHBzHNixTPse14oUp/eMggVmSAAmQAAmQ AAmQAAmQAAmQAAmQAAmQQGIJ5I58VBO4dOtfNbfsuPTOdqxVfIrGftcjrC1f0FAXtHYLMcLP1MpO WT2DpjI08H8r8Ozsg64sn1iJwZ0NzZ2ZkQAJkAAJkAAJkAAJkAAJkAAJkAAJkIA5BLrchVJlV9cT T6/XfbXoQNnLT7t0GroBI7qZo54ZUmmoC0Hd34y55hBpjAyuK30Ke5UMtz38AyOzZl4kQAIkQAIk QAIkQAIkQAIkQAIkQAIkYCIBC4Y99LQivwSb/vypy/35O1iubKj52MPD4M82Y6LScRVNQ11c8caY ufgee2WRYqabWtquLMgxkmNyEiABEiABEiABEiABEiABEiABEiCBJCDQ6e5CTFP0/PXKt52bdtaV vaAsAVaISQN9d4NNgmJFrSINdVGji3/Cs7tLtO+x1/xybLuyIMefLiWQAAmQAAmQAAmQAAmQAAmQ AAmQAAmYTuCqPnh42SCXGvuX4ci5euxbtc91/cTD7W5DTRrq/LTIVG0nkQxAc7sjhgp3x4zB1dKA dWNedGUgvsee1P+bMWTGpCRAAiRAAiRAAiRAAiRAAiRAAiRAAiTQOgnkTviZolglBt/QEzOrXJdr xt/ROhWOo1Y01HnBtZ2rweEy5UNolGBHWTXqz9m0WLZTIvy9GuVaCT9v/Kp1l/5SgsWKlGVPcTad VgF0kAAJkAAJkAAJkAAJkAAJkAAJkAAJtC0C1w/G+mHeRVqC/HY4aYmGOn07aD6JiTf0wcBf7NZ8 nxyVh543vO78RhrNFZjYS4SP/7VneNZE1LRoXgY4mrDu8aeVfJ5H0R3XGpAnsyABEiABEiABEiAB EiABEiABEiABEiCB1kggQ2wq8SsPxUa9OhZdPXzaxwUNdfp67pCGvDy9h8vd77F0l6NDht/w/lML 0NXPJ7K+OYXn01y9UZvm+cSfxkORHl5ixiIBEiABEiABEiABEiABEiABEiABEiCBJCOQed8vsUTT uRBPjb1Fu2pPDgPNS20A21U9sahSwqJARQkVHihdhP71J/YrKWajqJ3tbhIhKkYnARIgARIgARIg ARIgARIgARIgARJoCwQ6dMXcK3bMcIjCWCywtFOLVTstdutuwdn3b0Zllyqk9rsTPVlDrbuyqB0J kAAJkAAJkAAJkAAJkAAJkAAJkIAxBDoIA11HY7JK1lxoBmqNNSd/YjtkYGvUjDqRAAmQAAmQAAmQ AAmQAAmQAAmQAAmQAAnEiQDXqIsTWGZLAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAApEQoKEuElqM SwIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkQAJxIkBDXZzAtqlsr3zpKk6DvU0Vi4UhARIgARIgARIg ARIgARIgARIgARLQEXCcc1447Ck6TzoTSYBr1CWSdpLKSs28FVs2boHUKQeWJC0D1SYBEiABEiAB EiABEiABEiABEiABEghOIGtAsXj/n4oufboEj8jQuBFIkcQRt9yZMQmQAAmQAAmQAAmQAAmQAAmQ AAmQAAmQAAmQQFgE+OlrWJjaeaQWB2w2G9DSzjmw+CRAAiRAAiRAAiRAAiRAAiRAAiTQlgk45Pd/ h3klNFu+eSXXJNNQp6GgIxCB5rpXkZGRgZRZbwWKQn8SIAESIAESIAESIAESIAESIAESIIEkJ1C3 OV+8/6dhxs5/mFISs+WbUmgvoTTUeQHhpR8CV3/L5Vl7CSba1f0oRi8SIAESIAESIAESIAESIAES IAESIAHDCFi6ObM6c8Gkt3+z5RsGMvqMaKiLnh1TkgAJkAAJkAAJkAAJkAAJkAAJkAAJkAAJkIBh BGioMwwlMyIBEiABEiABEiABEiABEiABEiABEiABEiCB6AnQUBc9O6YkARIgARIgARIgARIgARIg ARIgARIgARIgAcMI0FBnGEpmRAIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkQALRE6ChLnp2TEkCJEAC JEACJEACJEACJEACJEACJEACJEAChhGgoc4wlMyIBEiABEiABEiABEiABEiABEiABEiABEiABKIn 0CH6pG0/5fnjh7DztS3YW1aNRlHcrMwsZOYNwtjRw9ETJ7Hz9Sp0GjAJj4y9pe3DYAlJgARIgARI gARIgARIgARIgARIgARIgATiSoCGOn94WxpQOmcIJjxf4xFahSqgbB/WL5np9u97M6YJQ53F7UMX CZAACZAACZAACZAACZAACZAACZAACZAACURMgIY6H2QNWPXv12OmsMlpx7BpWDwsF6g/iPnPv655 Ox1d0zyveUUCJEACJEACJEACJEACJEACJEACJEACJEACURCgoc4LWt3muTojXT42V67FA3mZSqyH MW/hSaz6UV/MLPNKyEsSIAESIAESIAESIAESIAESIAESIAESIAESiIEAN5PQw/v6JFZO2qj5bPv7 Hp2RTvHu2AeP7zqBaVosu+aigwRIgARIgARIgARIgARIgARIgARIgARIgASiJcAZdXpyDgealOu+ TxxGYS99oM6d2gcrqjaiacoq3JifzfXpdGjoJAESIAESIAESIAESIAESIAESIAESIAESiI4ADXU6 bs3172OHct2zd5YuxNfZKXcStldO8g2gDwmQAAmQAAmQAAmQAAmQAAmQAAmQAAmQAAlEQYCfvuqg pX77JljVa4fq4JkESIAESIAESIAESIAESIAESIAESIAESIAE4k+Ahjo9485Z6KFcv/mzLWho0Qf6 uhvratF4odk3gD4kQAIkQAIkQAIkQAIkQAIkQAIkQAIkQAIkECEBGur0wK66CROLVI9FmLLkbfid WGerwZLhKejaOwdd7yn1H0fNhmcSIAESIAESIAESIAESIAESIAESIAESIAESCIMADXUekCwYveiA 5vOnp+5B2rAncajqLGw2GxpP1WJXSTFSMvpgXpkSrWuaFp8OEiABEiABEiABEiABEiABEiABEiAB EiABEoiWADeT8CbXZTBs725C+r8rG0W8tQiDxc//MRsV//lj7vrqHw59SYAESIAESIAESIAESIAE SIAESIAESIAEIiDAGXV+YHW6bSKkppNYN+NeP6HCK7cIJfurYJeWwZruPwp9SYAESIAESIAESIAE SIAESIAESIAESIAESCASApxRF4hWeg6mrHoLUxaKT17PNQGZGcBlO9LSM5De0RIoFf1JgARIgARI gARIgARIgARIgARIgARIgARIICoCNNSFwtYxHVnZyrS5dE6fC4WL4SRAAiRAAiRAAiRAAiRAAiRA AiRAAiRAAtER4Kev0XFjKhIgARIgARIgARIgARIgARIgARIgARIgARIwlAANdYbiZGYkQAIkQAIk QAIkQAIkQAIkQAIkQAIkQAIkEB0BGuqi48ZUJEACJEACJEACJEACJEACJEACJEACJEACJGAoARrq DMXZRjO78qWrYA32NlpAFosESIAESIAESIAESIAESIAESIAESACOc04IDnuKOTDMlm9OqT2kcjMJ Dxy88EcgNfNWbNm4BVKnHHC/W3+E6EcCJEACJEACJEACJEACJEACJEACyU8ga0CxeP+fii59uphS GLPlm1JoL6Epkji8/HhJAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiSQYAL89DXBwJNSXIsDNpsN aElK7ak0CZAACZAACZAACZAACZAACZAACZBAOAQc8vu/I5yY8Yljtvz4lCqiXGmoiwhX+4zcXPcq MjIykDLrrfYJgKUmARIgARIgARIgARIgARIgARIggXZAoG5zvnj/T8OMnf8wpbRmyzel0F5Caajz AsJLPwSu/pbLs/YSTLSr+1GMXiRAAiRAAiRAAiRAAiRAAiRAAiRAAoYRsHRzZnXmgklv/2bLNwxk 9BlxM4no2TElCZAACZAACZAACZBAAALN5ypxpOo8pG45GJTXPUAsepMACZAACZAACZAACegJ0FCn p0E3CZAACZBA+yTgOIOdmw6jSSt9Gm4fNwE56ZoHHUlAoLnuIDYfEJ9peG1Rbul+Jx4Ykp0EJfCv YvOpI9h8uE4XmAzt04GtIwdgSrWsdj4q7Htg9aoXXYFic14+ia2lf4VdySXZ6zs2GExtNIHk7H9G U2B+JEACJEACiSRAQ10iaVMWCZAACZBAqyTQfGo3CqY/5qHb6gGFyLF+08MvUReNp2rhsGShRzda CsNnLgxD44dgmtMw5JWq7wYUHM/2tt95RWq9l2ffehLTflHuoaCZ7dNDkSAXab1EoLM+9qLm71/B 2j+8/hRp+28+exAP6Ptvktd3EKQMMoFAsvY/E1BRJAmQAAmQgEEEuEadQSCZDQmQAAm0awKfbENK SkqI3wAMHzcba3dXw9bKdpFOzRqAeUVTMXXcMK0aLSb9Kav5w1fQtVcOet4wEZUJWhrk/J4nQtSd qFurFWMfX4K9753VGLUuhwXDVq0RdTgWU+W6FL/heYqGXdNal6oRatNpwIOiXK2jfUaiuv0jNbYV OT3DM9JF0/5TOw/A/KIxptX3rsdzQvcfr/GxX/FbKhzX+fMDGOEVJ/CYOgIHL7iTN1dvCik/V4y9 WzxmZbrTx+oKKH/G686sD8/L9qvf5g++ilV0QtIna/9LCBwKIQESIAESiAsBk15D4lIWZkoCJEAC JGASgeami2FIrkTZdvm3AkXiU7g9H+1A/s2pYaRLQJR/vQuL19wFfH0SKdvKsDYBIgOLUDbwQVrC ZoDZzr8XWB01pKoKu+Tf8/OA/ktw+r/mome8PmVUZUZ4zrynCGvFTz3OvvYVeozfpF4m7Tnz9olY K36to32Gi9GCsaUVuPHj80DHnsjpGG66KNp/5l1YJPrv2dcmm1DfDtgO14ZbOC3eiQrXBl1qF2q+ cAZ7tdBQjr2obxBGrs4u42fj2QOhEuBvYtydKP/uW4KT2+ZGUB8hs0ZA+QdtzsRn933oN5NtJxox sf+NfsNak2dy9r/WRJC6kAAJkAAJREqAM+oiJcb4JEACJEACPgRSs3+CmspKVL57EPO1SWmF2POu 7Ofy37JmEaxayr0Y0WsBahI0Y0wTG8rRymb6JQpP9v2bXPVUvlmYUJXj3lWodNapqL+jh7Bu4YNq CPBBMW565PVWvxO4oyXFrXNbcLWy9hkKaadsKwYOGY6Bt0f32XGk7d+c+rZgfNlJZ1/ZWjxUQzL3 zaPK2KeOgeIs+pM+jhZZOFJv+RkaPhCbbxxV4+vHUmC7OpYePYLKDxpRpPuMuPuINWL8FfGVGaT9 5paiprYGZz6qEX13D35b/EO3qLeK0eea6YaOvd7ygSU4Isp65vB4p9zxZac9y95/AQ69W4v//FHr N9K5wQlXkvU/D915QQIkQAIkkFQEOKPOu7qUBYlhUT6TcdjRKTcf+bdlihu0A9VlO7Bj9w5Uvn8W jVJX5A0bi5lzpnDBcW+OvCYBEmhfBDpY0DvP9Zb4oTpzpqBAjJ3qt4dA3m2DMOHBKVg/4XpM3Sbj WY5DNYt91oFzXKhBeVk5jr1TjspzzWg83+hkmXlrvvic8WEUyONx0MOBusPbsaV0J/aKsVo+sjJ7 IPeeQhSOuQcpx7dh+/v/g7z7H0FBv07OcO0/v3dFB47t2oGayylijptyiHuDdNMgPDCwu+rjcT57 bAe2btgs5IiNDcSRUpWCLoUDxTpaD6BgSG7QmXL6OYYJ+/y2o7if3dZVzNj6JrKUkoyaMBx5ebco V6L+bh+IKQ9NQWHnu7FD9l23FjW/Ge2zQUA09Vd3eDOOnPoG0tTpRU6pFuSOGavM/BH3X3HvrbB5 1kGqqIOCAHWgKR6xw4HaY3uxc9s+HK0Ts8GUIyv7TgwTn9XmhzA6RVN+VYZ6vlRXiUPvVaFRTEiy CCYZ3Qfg9ttzkZWmtUA1asxnv+w7ZInP1O9Bukd/EP2gVPQDYfzUtBD9ILVPPgruUPukn74itniQ OonNPEZlh6WrIe3/BpFLSwPKNqzD2l1/Rb0YQ6TMnnhg4gI8MuG7QftfWEp6RbJk5iBPIMj4sIsS UoSJw25Hjgc/V5A7jlcm4jKrX57W/+RQ91haKsY991jqk9I5/g5Cn5tFSBXQIzsPvbOVvntzb9F3 8/HQjBq8/FAfPOwce0vw46VTcPyp7/lkFZWHl/yfvjoWd+jGDotg78FHfNo/8LbA7SGW8bM19L9o 9HduhPPOf2tjoN0hxtyRE2CVu9blBhzetRVbdot74imxi7LgOXz0I5g95QdefTSq2mMiEiABEiCB 1khA4uFBoLZkoCTqyfNXUCo1XaiQpnn7q9ePlnnk0dYuHHUbXTyGvibZ21rhWB4SIAGDCdil0nHK GBpgzHAc/702xo56tc5Dvu3wr7Uwn7FYGXP7PnPYI43HReM70qw8rzFcHau9zkNfrPZI6rxoOaGN 9Wv+1uwKd7wv5XuldelWKJ284pXFZ+9LYlZLiDIUSQc/dngktFVtlMYOGy4Nl395ee70efkuPzVM PucWSNtV3TxyMeBCV/5Rr3jWjZp7bUm+pt8mLz2iqj/BV8y01PLU1/vSCncd+I/zu6D3pdpNk135 BmiLapnUs+OjA1r96/XwdIv6+8iz/tT0UZVfTSyfvzghrVT7jx8mi1cv1lhp7VOfPlJ3QPZWqcL7 hh8wrq4OAsbJ981Pp6tR7V+rbz/stDocukFq0sk20umWX6grr106unGhVLy0zNlWtf4j9PBG7KlL 6LE0UPxAfVeSPpGWaGys0oHPPHOI7cqtbyD5Gp9A/THK8VPV2/T+F7X+dml9ru8YKN8fG6s2+R0b 5fb82Bvn1aLzTAIkQAKGElDH60DjuaHC/GRmtnw/KiXci5++ijud/si+b65rQXGxCLX2idaO8cgQ CxWvVSMOK8DY4eqFOJ9zrcGh86GTBEiABEggDAIOMWtAf5w/sV93aUXx6q04VH4IW5f9VPM/8dQ9 2FznZxFysRj7gKy7sULMKFGPYUXzsWL1Cswa11/10s4WeapSOIeYLeK9dtSYoll4aYeYDaifMWOr wIhv34rFmvx8LN+4z/nJ16E3S1CgySrB4BsKPBaDP/+Xp7GzbB/2yT+xDpx2VO11+alh8rl6B558 O/I1sbQ8Y3SkiFlU6uF2uXyiqr/UPlixZq57IwAl8zGPrcRgdQOC1J5YvHqRjqEcyYq5r95u3Oyo 09tg6TXEfa8XHwHL9XdEfGq4b+Ny9yfBEPXXy4Ltp5oVTd2nqMqvJv/8LxhxTV/MdM54Uj09z/N/ OR+Vnl6xXcnsdX1Lzuy74vln5txZ6Klv23LAVVmYVfw4Zk6XL9TDikVb7nHXgTPOgxijbOZRoE0C C77eYvzavxhDlq3Db/Sfbe9/EEv3f6oWIE7nDGizYb8+jZWTn8SSX/1GzEYEsu/5OWQuD+Z3d3OL kxa+2XbFgwfmKN6VqP2nn3HUN1HkPgGGVksH2eYU4Ihh/FRzNLX/xaS/shGOs9+MUYuDN3+Sjay8 Sdr1cHlGr3YFnLnsdQPVhdFJAiRAAiSQ5AQSbhpMIoHarBDtr49F0p5am1aCxg8OSlu27pBOxutP s5okcx2cUWcuf0ongeQi4J5VATEb2d+MkaqSEdoMgWX/dcmzeJ+dlLas2SIderfe019cOape0dIN 9ZntpZMrj9n9l0gVjZ6znhy1uz1mxvn9K6FuRtmmv8tCT3jMkPvh0sNSk/csOqemdmlXkXtGxL3P lPmJZ5fKl4/UyoCpOj6i3Ife3CvtffOQtHP1DCWOVXpp6z7FXw5z/XbsLJdOf+GDxxgPXfn98pEu Suu0GV/50l+8739R159Q3/aONlsMWCDm/vge6l9YxaOX5Kwf3ygePlr8QDN4tNgXpZW6mZB95+7y rb8rF6Wd87Ld9ddvla+OUZffq/3eu8qj/dobK6Rnh7nbl1x+Q2bUKeWvWjZIKdds6bSufTs+rpD2 7tzroYukayOhZvTUl05S8hWzT/0NBip/g9q/Vt/yGFCwXvpEX5bjytcBzjBd31N1MOCslz9mxnxp XvE8ad6M0RoDn1mKQWXq2kTI9itn5I7vv+8qwi7s1/pZ0HhBdfMX6Jb/3cIl0paNW6S1a9ZqP/n6 2XH9XCx8yhPj+KmqY1r/M0h/uRy6/iX3c+ev4GXppDb70S7Vlu+Rtoj7gP97kQqDZxIgARKInoB6 PzP2PhG+PmbLD1/T+MVE/LJO9pzdDxzOm6R4aNY/vCZ76SLRn4a6SGgxLgm0dwK6sVP+xEx+UXb+ 7FKTeOnfunCU8tIqv4AUBX55tzdJNe8ekcRsOvE7IlW+WyM1iPRiVpozvc+DwyndSzhm+36SqlSL Np6JfHyNfSKS7iXp8TXrPD6DXPans4Er1+Z++YUw4Hjbr9wJP5Hmqy9f0H8e544haWURfHSGBl2M +Dl15f+h/GmwWn92uyT/cerZHykvjnIZAhhincpFWn9KidwGI/FZ1w4v3pd1nyBP3RUWA/VBDz6G Aa/k6hIPcrn6/S5I/V2UfqszmAU0lkVafq3OZfl+DIBOdT/xMCYGlO1VtHAuHTojljvfi7rPJJdo TNwG89CfTmr8RVsPaqjTK6mxiLz9u+UV6T49dWeuGdNDtQd3kohcbvm6fqLr72EzcErVj6XhLD3i ju8zPupLoevjQePp04TldsvXDExa2b14ePM3cvyUdU10/zNSf/HHIf1SO/eKpR6C2bjDqhpGIgES IIEICaj3M2PvE+ErYbb88DWNX0zvDxvEvZWHL4EFOL1nhu9nIL4R6UMCJEACJKASEJ+YZVyt2ylU 9VfOc9+YhxyvT6SaTx3Bb5f9HDNLTnjFDn7Z/IX7I8wn/jTT85NUXdLUWyahamsNpiw7jhE3p+tC fJ2rpk/VPH+65SxmD71Ru/Z2NH98xv1J4vHHsWL5l5C3RNUW3ZcTiGuL5TQWa4m3o0ZslmG9Wb98 PtCs7SzY5Npl0KQ79RuP5iLlUU1ZL4cVu1+43+fTvWjrT80896GnkT/nkPNT4xcK1uEXVxZq997q Db/SPkHe9qvRahJDzmcrK7R8Vv9hCgK3jAxMXfZ7PFz2c2f8oyfqxe6byqL9wifa8p9974Amf9nv p0Js6+Hn6Iqpa36Nmbc94ScsNq/U3ndilshihfhtF59VF/X/LvDpX1AsruU9YqqqinHw3FwUdgNq //JHl7B+Rbi1s8tp5P+GtP+CgT5ji6xj9vcnAyUbjVQ3QF752Hx0Bawdxd8Vmisw+7ZJWtsNkKCN eedj3sJc55inL9in1c9i7T69j8tt1PhpVv8zSn8nDf14/2gZ3nryB77A6EMCJEACJNDmCehvB22+ sFEXsCAHXUkqanxMSAIkQAJuAlY8vmwWpj44HjneL/mf7BZrhI1yRxWuXLEm6KDsTqgXu2DuLKv2 CNNf1L//pnbZ598yNLc/R+7451A53l9IYL8/PDAL04Zuw53eOqtJrv6W6nKen50j5s2Fc4gdNJPq yC3A8jkPY5rPjqCiFDHUn8bgX+7C4pcGYe8vDgmvRXhp38N4flQX4H8rMN/pJ7ynvoXCXloKQxyO r4VRVDmaxA7vwDfVS9+zw6b5XbysOWMqv0PXDvK+c60uU09npx5W5/q5lZ7esV9dJXaRLL4FK5Z8 iP1ry2H75XfhOHbQma+6ZOLeP/8DhROuRfl6uW6AUY+IXWGdrlb43xdm96s0sYtyNnrLz45fpyoG bbtsq3cd8uKc4a6RqaYx6mxr0P6ocJ3XH0qMEjHq1ZVYPNltwFbzPfvaP4WhbpN66T4bMX7GMP7E 3P+M0N9NQ3ONsvbQ3HSQAAmQAAm0LwI0P4VT36Y/8IWjJOOQAAmQQGsjIGYjf1GMrsLw4XxBFZsy pHcM/GZYtsptpBu9tAwvP3QfsjrqytTShA2jrsOUMp2f4ky/+Tbhcm35YDdoffT+017GcwMvIH/C kyLv7bjr29NR8cUaMUvGV76HT+Eq7J18IxwtHr4eFw7xop6eacXA7CAGIQiDo5l3aTGbw77iB3DI C5aLslg6pge1LcRSf3o4uQ8uRf4vbnXW5gs//K34kHkhvtgwR5uRtO3pe/XRjXE7Ptfy6Xlt4DYq R0q9xj3fTTO8CP/Yyn9Bk2+TbYaBDMK285qRRUtgkMM65j+AJY8BxzfjpO1BfLZvtUfOf9h5DM/n d8OWKpf3uIHdPcKNvzC5/cdaILn/y/1XGEHXfnwS8y5fhzzRtC69/yLSbxOcp5bCvtZ3VmqsYkOl P191UGtDd+TGyRCk7xg6hfQGMZ23pzPK8bPV9L8o9feEoFwF4Og3Lj1JgARIgATaFAEzXwHaFEgW hgRIgARIwIuAPBtZGOZc/7zCvC9bGlC9SvEUBqJdc+7zjiFeeu0478dIJ0fMyOqpxZ++vhxFL/hJ r8YQBr/a2vPI6tUb6UFsMrMf/w8M7y0+9Uv7HL3HvChSl2DANZk4rfscU81Sfx5690AMHyk+HYz5 KEHN+TXI6RZzRlFlIM/msAjjqiUYJDXnGOtPzcZ5/pcBWFwyAnuL9ojLRVi5vBP+MafcFUW0Dfnz S6OPrNwhIkuXoXfT/lpMzA5cf9UHlE8/RYrBuVkuVWIsv6Wje4rgpmMfihmDvrORZEHVZW7Z/397 9wInRXUnfP9PNMvMLgkzPrjOEPNEvMQBUZlBs4JxV0ARGESurqIQFcbsJjGKghcEL4AoKqgQzQqi K1ffcEtEQAVm/DwqJCozRGRmjDqQFWdwJU4TedI9Kz71nuruqq7qrur7dPdM/4rP0NV1OZfvOXWq +nR1nUDE6fu/+7mX+UfV3aC6cbau2yD/vUwPe4bU7vsXmX2uKo8NG2TDsLOCnTyzZfBpXdMXuWNI 2a3/jklKcmHRqX2kPLhvy97gz5w/zcZdf83ywuWPBlMyXvoboyonma/22C2p9jOHjr+k0t8ekCmG ebBmmfxi8M3BVrFSlu1cLlMHq7ub45yyvX+cyWQzBBBAIGcFvpWzKct6wiyf3r6jRTyHJ+vJIwEI IIBATgpY2k6VPvu7KAnu0ipNxupDoZ8WGotEda5tm3uD/5lZ/mVhAXc9s8L/jC3/uqeGy9zX/2zu ap05um+9jPz2SdLnvD5y8dI/WVdFzHu/DtyaVzb6Salbpp5t5Z/myhkjfy3NYVtb439dPdttVaP7 bX2ej2tlzZJ5MmvOWvHod92ET1+r59sFp/r/+qsxG3o91ix1NRtkzcpt0pwrd1ykWH6hzAXm+k16 wN9ppL9bdOd02RDcYPP0YcG5+F4KTtTHHlFTjPN497P6S2VgS9HLb1mdg7taf3TvSim/Re9A1KdK GfjD7wZmU8z/aQOGBMJR/7/8kzJ111pk/EffW2qJ29w8fTNdz5HrqwLBzb95qjynz46rkPK+AyWQ uvUyteph/wZ9Hxwc1yNBTP9E7g5Nof6b8bmUd6z1gdwn/78Zvh6Ey1fhBd1OijMCSyPnkh97QJbt LbPmNp56eebq75lt6Khn58W+O9jcOZ4ZS6SWWeuepk9YflJuP7N8/KWcfiuSZb69fppsicJ59uhb Ms7spNM32SJVQ0bI2w6nZscAsr2/Y6JYiAACCHQwgfYbp6Jjhuxp2KNGF6zVamvV6HbmyG6V2iu1 apm+XP01t7ZqTR95OmYGk0i1OUpi+ChdSYTFLggg0EkFvvaqUVrD2s7zZms7rW3nV9Hybh8xcPQ9 a7Xaj1q05o/qteo1SzTVieIf7VWdYv2v5+rr36/Xmr7wmYG2bH/Ats2wYBitepv9/lva8plDbevD R31tfl+lv3qVGVdo9MtAFGvNc4JKw7jntSb/uaDZjP/Apltt4c9cUa016+lTNq1fNGt1r6/SplvD kArHkSm1I5YRZNVometrW7TW1mblu0Pl4UZbHAv2tJnxpzTz1WeBc9zulWb+/X66if/cV695o45A m3r5hae/YVmlLa9y6xvhm4S992pNlvpWq9K+xizzCnUebzDP43qe6sPO48YIY0Ydu/2pGnW+92pe NeKtt/UzrXrxNFt6Rr3YaIk/9fxvvd1ex0c/qNfxA6ruqnzYRksObLd4V0Par0U8NfZj6IZgHq2j 8eo+i/9w1JL34KwaadO4TvK/2vxFe/T1OnVtZdQn9fp+S2QY+pJk6r86xvxORnmrtmdHrRop2mhz wterY0+vD83uwzM7p81lqfeLT/x5C9W3Sm1Vtcqv/9ix5tlSJx2uqfxtkLGP9To0rC2NsNPbX7X9 rGD7oreP9R81qfrRFGg35tjbDZHZ2mdRj2eXjLotDotfxj2jyrdW298SaJ8jfXT/A7Y2JbX2M/vH X6rpN9suSxusjwCtOwbqUb3/PNAUNHUrirQsP/Syra0z2sTF8Z5vsr1/WhAIBIH8FjCuiRj1NXv1 QLIXdQ7G7HvP/IBinJTcXyudP2DlYLZSTRIddakKsj8CnV/At+8/HC/sbW2owwdTq4xn9yOxwwjr sJO+L2heSyDqzre4wjj3trVaq+WDqlP6bR11xz/QxoXH7X9v7WzzatVzLosrft2l7z2bNLd+guqZ Z8cRTpW2xy0Ai0k8sw3LBseMz94xFRlqOsrPFqoyn2ox3+zSr2Ps41SGtvpnCcu/PKzuaKomVT92 ZUwHfd8rHqyx1Ts9DSnn//gn2kPl9s66qOn358da/wyJFF6P2a+DVn4U6Gjx1T1rcRnveP0TTx2y 58c97YnWf7ey7/PUXj9GrPUpiKldvdrz/RItN7V9WHvoa4yjDbXUYWv71LByhKV8YqRl2Hxtv9GB mVrGzb3d43/Bv81aF58bNhw0w/Affym0n9k//pJv/93qp/14CZZrRLtlIUzXrOosd4o7VhtsRp/t /c2EMIMAAskK0FGXrFz69uOnr+pMZE4nlMpA4yEi5kKXmXOHSInLzxpc9mAxAggg0GkFuhb39I9G GS2DV40ri/pT2O4X3SUHqtVgDQ6BDJ+6UPa0+KSlZoFt7bCRp9nC7Df1RfE0bBd1Z4njNHzqQ7Kj tkXef+IaKbK04V1PPsP86WNgxwopPsk60EOh9HY6P1xxveVcUCCDZm+XlnfWyVSnbf0BV8rMxWtk z6c+2Td/tOuomYMe2i1bH53mmIcx0x6S9bsaxKspqyLHTRJeWFSiD8YRfRpZFnwem8tm6Sg/W9Bq VIUWY8HdNTKyxHjj/BpZhs7bmUsvC8dT5Tf9ZfHUbhZ156NlstTIYTPkFVV/Xr3vUlu90zdOOf9q 0IGZ73wpW5fcYIk7NKvu8JOmfevsx8d54231OLR1knP/oH7+OsHYd4YMDD6Hruu5F5s/RZax10uF w08bi077Z2PHOF8r1TMQnTdNtP53LTzJ7hIMduipgTKOtd45FfEuLZCSQephlglOfStOsdWhrj3O CRnHDGu89OkZap969bsm+h7llXLTzIX+dkPbdo/0iTUgTvTQIta6xd/3nsBB232E/gzIyGnImdY2 JbX2M/vHX/LpT6TtumKC/ZwXqZqGJf/rcmlYc7ctoBuf3R2zDTZ3yPb+ZkKYQQABBDquQBe9z6/j Jp+UZ0Kg7cOVUlCmns809CXxvvavtgvLTMRPHAggkGcCapTYlsMt4vGpZ9wVFEhxj9Kogz646fg8 zSqcLlJ8aqF4PV5/OCq4jE2+Iy1y4EgXKT21wB9/YVFx1FFvHROmnmHnOebxj7oqxqi5Lp0bjvtn Y2Gayq9m3tkyeLb+HMEK2dGyR4YEPvNnLEeB+tMmxaeViveg6jIsKZXSuAbWSEP99Xmk5ZBXCnuo untM1V0Vt1unVtpB1DMQd73bKAVnXSwVp4YGjGg7VCtvf+ST3hcOtI/GnPYEWALsiPXfknxmkxdI uv1MR/uThuMv6fQnT5b+PdXo5B71V1AQfcRv14izvb9rwliBAAKxBBpX/UR6T1oh6qev8rubz461 edrXZzv+tGcoiQBz/XI/iSyxCwIIIIBAhxZQHVKlp/YS670WyeSnoKin9AreNFXULTiTTEBJ7lOg Ohh79wjsnHT86ixdVJT5tCeZ5cBu6Si/v2wPdtKJ9H1wYcY76fSM2OpPWa/4SdKRf/XBuPTMQLln vPy79ZSBg3pG5LfrqRUy+NSIxe27oCPW//YVyZvQk24/c+T4Szr9uVTC6putolS+3cr2/rlkSVoQ QACBBAXoqEsQjM0RQAABBBBAIM0C6i4Yz5FWUfeQSWGBV2oeutWMYPLl6meF6s4qt1E0zQ2ZQQAB BBBAAAEEEECgEwjwjLpOUIhkAQEEEEAAgY4s0PjSOCku7Sk9S4ulWD3vcOwTDWZ27hxYIl2+/aR4 zCXMIIAAAggggAACCCDQeQXoqOu8ZUvOEEAAAQQQQAABBBBAAAEEEEAAAQQ6kAA/fe1AhZW1pH79 t0DUzd6sJYGIEUAAAQQ6r0DZNVvEO9IjavwQx6lAPWMwg+OAOKaBhQgggAACCCCAQF4I+A75s+nz dslOdrMdf3ZybYuVjjobB2+cBLqWXCCrV6wWrXsfPig5AbEMAQQQQCA1AXU1UqAGzaAzLjVG9kYA AQQQQAABBFIVKO0/U33+nyKnnHNKqkEltX+2408q0WneqYumpjSHSXAIIIAAAggggAACCCCAAAII IIAAAgggkKAAz6hLECwvN9dH4/Oox3jro+4xIYAAAggggAACCCCAAAIIIIBA5xTw6Z//3R5IkoEs Zzv+DGQxVhR01MUSYr20Nb6oRuErli7TX0UDAQQQQAABBBBAAAEEEEAAAQQ6qUDjqkr1+b9Qpm38 c1ZymO34s5LpsEjpqAsD4a2DwLf/PrCw4ajrg74d9mIRAggggAACCCCAAAIIIIAAAgh0JIGCU/2p bTqSpbvqsh1/DpQVHXU5UAgkAQEEEEAAAQQQQAABBBBAAAEEEEAAATrqqAMIIIAAAggggAACCCCA AAIIIIAAAgjkgAAddTlQCCQBAQQQQAABBBBAAAEEEEAAAQQQQAABOuqoAwgggAACCCCAAAIIIIAA AggggAACCOSAAB11OVAIJAEBBBBAAAEEEEAAAQQQQAABBBBAAAE66qgDCCCAAAIIIIAAAggggAAC CCCAAAII5IDAiTmQhpxJwtHGHbL+zf+WwgJLktSIxKdcUilDyrr7Fx5+d4ts2XvUso1X5IQ+MmLi ACmy7MYsAggggAACCCCAAAIIIIAAAggggAACiQjQUWdq+WTjtZfL1L3mgtDMgj+KVnaeeu+TTT8a KT8LrQnOVciesXukwtrBF7ENCxBAAAEEEEAAAQQQQAABBBBAAAEEEHAX4Kevpk2BDF+0VMYO72cu 8c+Mny7rL/tBcFmBDNq4WKZfHXxbEXgdfc8MKaHLM4jCCwIIIIAAAggggAACCCCAAAIIIIBAMgJ0 1FnUSgZVyYat1bKw3FhYIZuXPCbjKgI/e9WXlo25RR6bvSKwQa3IDasPyqb510hPOuoMNF4RQAAB BBBAAAEEEEAAAQQQQAABBJIQoKMuAq1Ypix9JLi0Vq6c9VrYFq3yzJ2Tg8tmyOyrjbvtwjbjLQII IIAAAggggAACCCCAAAIIIIAAAgkI0FHngNX9gpvlGeOuuuXDZP2h0EZt762Qn28LvL9tw8/ldO6k C+EwhwACCCCAAAIIIIAAAggggAACCCCQtAAddY50xXLT0ifNNRMefzU43yrL77stOD9DbhnF3XQm EjMIIIAAAggggAACCCCAAAIIIIAAAikJ0FHnwtf1gsny/PDgyqeGyytH1Pxe6910d3A3nYsdixFA AAEEEEAAAQQQQAABBBBAAAEEEhego87VrFgmzn/WXHvv/EUy/2HjbrrZMmPUKeY6ZhBAAAEEEEAA AQQQQAABBBBAAAEEEEhVgI66KIJd+4Xuqnv/iTvk3t8ENr7tdz9nlNcobqxCAAEEEEAAAQQQQAAB BBBAAAEEEEhcgI66qGYFMvHR/wjbQt1NN4K76cJQeIsAAggggAACCCCAAAIIIIAAAgggkKIAHXUx ALv2/YmsuTm00T3cTRfCYA4BBBBAAAEEEEAAAQQQQAABBBBAIG0CdNTFpPSK511jo9nyC+6mMzB4 RQABBBBAAAEEEEAAAQQQQAABBBBIowAddTEwj76xWH5WF9jo7td4Nl0MLlYjgAACCCCAAAIIIIAA AggggAACCCQpQEddVLhmeWbQA4Etzl0ktwzl2XRRuViJAAIIIIAAAggggAACCCCAAAIIIJC0wIlJ 79lJd/QcaRHvcZHCgkI5+MYSmWnk8/oBcpJaLogZIrwigAACCCCAAAIIIIAAAggggAACCKRRgG4n C2bbhyuluGyyZYll9q4BUnhXhWz/Yo9c1sOynFkEEEAAAQQQQAABBBBAAAEEEEAAAQTSIMBPX9OA SBAIIIAAAggggAACCCCAAAIIIIAAAgikKsAddRbBrmdPEu9XV4pP/4mrw1RQUCQFBQ4rOvuir/8W yGGzt7PnlPwhgAACCCCAAAIIIIAAAgggkL8CvkP+vPu8XbJjkO34s5NrW6x01Nk4RAq6qc64sGX5 /rZryQWyesVq0br3wSbfKwP5RwABBBBAAAEEEEAAAQQQ6LQCpf1nqs//U+SUc7IzmGa248+Fgu2i qSkXEkIaEEAAAQQQQAABBBBAAAEEEEAAAQQQyGcBnlGXz6Ufb96P+8Tj8Yi4/CQ43mDYDgEEEEAA AQQQQAABBBBAAAEEcljAp3/+9+VwAjt/0uio6/xlnHIO2xpflOLiYuky/dWUwyIABBBAAAEEEEAA AQQQQAABBBDITYHGVZXq83+hTNv459xMYB6kio66XCxk/Q62IznUg/3tvw8oNRyVHEpVLpYcaUIA AQQQQAABBBBAAAEEEECg4woUnOpPe1M6+ySOecRzrOOSZDrldNRlWjxmfD55aWKhFJ+serBf/jzm 1myAAAIIIIAAAggggAACCCCAAAII5KTAZ5uly3eKpfg7E6SeO3/iKiI66uJiys5GT171tDTzXLjs 4BMrAggggAACCCCAAAIIIIAAAgikJPDGwlHB/YtTCiefdqajLudKu0CG3/lkMFVzZUk1d9XlXBGR IAQQQAABBBBAAAEEEEAAAQQQiC7wl+1yxxOBTc5ZcJP0KYi+OWsDAnTU5WBN6H7BZFlYHkjYI9PX iBpvlQkBBBBAAAEEEEAAAQQQQAABBBDoMAK7X3hUav2prZAnb7qow6Q72wmloy7bJeAYf7FMfPSB wJp9t8vKd/7quBULEUAAAQQQQAABBBBAAAEEEEAAgZwT+L975KEZOwLJunuhXNYj51KYswmioy5H i6bk0iqZFUzbL2dvY7TVHC0nkoUAAggggAACCCCAAAIIIIAAAnaBxrX3y5bgonU/v9S+kndRBU6M ujbPVrYdqpUN2+pECgpFfF455cfXy5DeXaWlsVbq6hql5ZhXfGqUktKy/jL4kn5S1J6/rz6xp0xZ c6vMm/iUyOvXyPrGMXJ92d/lWYmQXQQQQAABBBBAAAEEEEAAAQQQ6FAC3+yXhVXBbrpxa2XkqR0q 9VlPLB11liI4+NsJct0tTaElw/4sD/3vTXLv0g9Cyyxzj/2uUaaPOtuyJL2zp11dJVNVR91zKthJ j2+V658bnd4ICA0BBBBAAAEEEEAAAQQQQAABBBBIo8DBzcv8/Rh6kEvvGyvteY9TGpOdM0Hx01dL UZT804NyR9UYqTCWvTrX1klXXh4c4SG4fsZVZTJ68R+NrdP/esI58vNlIwPhLh8jrxxKfxSEiAAC CCCAAAIIIIAAAggggAACCKRF4HizLB+jfhmoT0NfkEnn8cvAAEb8/9NRZ7HqfuH18vjSjTJjgmWh mp27eq94v9aktrZWNG+rVC/+ibnB727tJ6sa/8d8n+6Zftc+IJXBQK98+o10B094CCCAAAIIIIAA AggggAACCCCAQFoEjr61TOYFQ3r0fu6mSwaVjroINfUQOsv06NtHZdbE86XA+JFwQZEMuuU/pWHT reZWk2ZtNOfTPvMP/eXeuWcFgn3kDtnhSXsMBIgAAggggAACCCCAAAIIIIAAAgikKNAqy29/IBjG fLlu4HdTDC8/d6ejLlq5q9s0b3GpWGWj75eFxi9h/+SR9uw/G1D1TDCVtfLYinb8qW00C9YhgAAC CCCAAAIIIIAAAggggAACLgJte1fIHWp8Tn2653c3Sc/ALP8nKEBHXRSwUdcNiPLQw0LpeWZw5307 pcl+I16UUJNYdcplsvX2wH6v3zpPatszriSSxy4IIIAAAggggAACCCCAAAIIIJDPAj7ZNPO2IMAM mTrilHzGSCnvdNRF4Ws60BplbWZXDf/ZimCE6+XB33yY2ciJDQEEEEAAAQQQQAABBBBAAAEEEHAT +HCdXLstsPKG1VPkdOPxYW7bs9xVgI46VxqRDx5Y6H732l/elMfWBXceWil92nu84TMmyNrgIBcv /2S51B+PknBWIYAAAggggAACCCCAAAIIIIAAAhkS+O3CycGYxsuMsWdnKNbOGQ0ddVHLdb30v/4F aQ7vFDu2X+ZfPlRqg/v2HVgW5SeyUSNIYGWBjJn5bHD7x2TZ1s8T2JdNEUAAAQQQQAABBBBAAAEE EEAAgXYQ+HyzjFkWCHfoU7Pa/0amdshCLgVJR12s0thwk3zv2yPl8ZXbZNfualmz5F7p8p2+cm/w AYki4+XFuy6KFUpa1nftN0GeCQ5g8eRVz0tzWkIlEAQQQAABBBBAAAEEEEAAAQQQQCA5gZpl04M7 Vsp9k89PLhD2MgXoqDMpos1skRmTR8jFA4fIdb+cb9lwvOz4aJVUtPfPXs0Yi2XiM48E382U5dV/ NdcwgwACCCCAAAIIIIAAAggggAACCGRU4OhbMn32n/xR9n1wulxclNHYO2VkdNRFKdYbVjeKt3W/ rJlzu4wI3snm37y8UuauqJbWr9fJkDO7Rgkh/au6XzRJjK7C+xZsEwaATb8xISKAAAIIIIAAAggg gAACCCCAQGyBvSsXmI8Fe/jmS2PvwBYxBeioi0L05TGRgqI+cu3shbKlVhPt6+Bf7Ssya9IgKcrK KCY95cbNvwyk+vU9kc/Pi5IfViGAAAIIIIAAAggggAACCCCAAALpEfBJ4/95JRDUlFdlZEl6Qs33 ULLS1dRh0MN/0pojWiUjF0j9rlHiK76AIY87TGUioQgggAACCCCAAAIIIIAAAgh0JoECuWbpfvnH Ko+UXTKwM2Usq3nJka6nrBrYIvcdaZID6wKLmg62iMdzinj1UV/VX3GPIinICbEC6T1giC3dvEEA AQQQQAABBBBAAAEEEEAAAQQyKqB+hTj48ozG2Okj46evliJufOknUnjyOTIzuOyD+wdJcXGx9DxZ /ZUWS+G/vWbZmlkEEEAAAQQQQAABBBBAAAEEEEAAAQTSJ0BHndXy+BHru8j5blrkMpYggAACCCCA AAIIIIAAAggggAACCCCQBoGc+CFnGvKRliDKrt8i3pEe15FUi7rl6TjDX/8t4NvsTYszgSCAAAII IIAAAggggAACCCCAQA4K+A75E+XzdsnBxOVHkuioCyvngiL1HLqwZfn+tmvJBbJ6xWrRuvfBJt8r A/lHAAEEEEAAAQQQQAABBBDotAKl/Weqz/9T5JRzTum0ecz1jHXR1JTriSR9CCCAAAIIIIAAAggg gAACCCCAAAIIdHYBnlHX2UuY/CGAAAIIIIAAAggggAACCCCAAAIIdAgBOuo6RDGRSAQQQAABBBBA AAEEEEAAAQQQQACBzi5AR11nL2HyhwACCCCAAAIIIIAAAggggAACCCDQIQToqOtu6RTXAABAAElE QVQQxUQiEUAAAQQQQAABBBBAAAEEEEAAAQQ6uwAddZ29hMkfAggggAACCCCAAAIIIIAAAggggECH EKCjLkox+Q43ScPHLeKLsg2rEEAAAQQQQAABBBBAAAEEEEAAAQQQSIfACQ+oKR0Bdbowvtkvo7uX yW1LFsopY2fKP51yQqfLYtwZOrZf1j61VP7wt3+UijN6xL1b2jYkfvypf3l7/LU17pCnfr1JvP/Y X04/+cS0NSvxBkT8+FP/OP5of2h/Of9w/o33uiFd23H9wfVHPl9/pOs46tDhaEzOAsc/0KaKaKpw taV/bHPeJk+WNqyd7HcQqdI++TrzmSZ+/PXjkPqXj8efV1s7IdAOy5RNmW98NOLHn/rnb385/mh/ Mi5A+0v7S/tL+6vqAOefjLe+Wtavf7OQ5RyMkp++qhaQKYbAcWN9q3jMeWNZBl7NOIkf/wzUt/Ao qH9BkSwdf0Z5fNqW3ccQED/+Rl3Mxiv1j/qXjXpnxEn9o/4ZdSEbr9Q/6l826p0RJ/Uvu/XPKIc8 fKWjLg8LPZUsF6Sycxr2Jf40IKYQBP4p4KVh13z3TwMhQSCAAAIIIIAAAggggAACOS2Q+QcO5DKH Z4/Mvnm21B7rolLZLFuDab35/AHy2+El9pS3iFw0e5HMHnu2fXknf5ftgTWIP7sVDH/8sytA7Agg gAACCCCAAAIIIIBA5xago85Svm0H35J567ZZlhiztbLVYfHWcVfKDO1syfZdLkYq2+u14ET9EXX6 VCwFWagxxI8/9S9fjz9L6/odLQttLfEHjj31P/7UP7MyZGqG48+U5vjj+DMrQ6ZmOP5MaY4/jj+z MmRqJt+Pv0w553Y8Weh2yV2Qrn0ny9svnyUevTk6Xq/ulrtFalVyb1y8Rq4v6y4+6+1E6rlVJRcO yULD1Z5+rbLpscfl7ZY2KSgMNRCf710ZjHSZnHNtd7n3h13NRPi8PimfdJ9cV/5dc1nyM8SPP/Uv b48/T70smvO8upe5QLU/Rivik73rgvMbrpWx934gfYxVqu3xaT1l4v23S0WRsTCFV+LHn/rH8Uf7 Q/vL+Sd4IuX8y/VHsCpw/cX1Z3tef6dw6d7pd83BAS5yI0mWUV9X1udGkto9FY0rgqO7BkdZCo56 qw6CwPLycuf1Q19SY8OkYSJ+Z1/8qX96Hejkx1/DyhFR6395uXO7NOrFxjQ0PppG/Pib5zqjzbW8 Uv84/pzqB+0P7W86TkCcfzj/OLUvxjLOP5x/jLpgfe0s5590tKGdNQzuqFM1Ptbk/fp/1CZ/F2uz jr/+jJGy8dGZ8rani+1Owc/3PiTP6Q/sq6sTGTZb5lX8P/EauVUzvScNN7c/+u4qmXjzWik4K3RH nrFp5KtX/va9ybL2iWvEf0MM8eNP/cvb469s5BxZOK23fGm5m1fUOFN75y+ULUbzM/Mh6S9/M5sS 399OkokjQs8J3btsmty76b+koJu5ifvMMZ/8YPR8WXTz+f5tiB9/6h/HH+2P9dqN9pfzD+dfrj+C H/+4/uL6M8r1t/vFNmtSEuisPZAp58tyR93SP7alHFxHDuDA2knBO12qtP1fR89Jw7LKqHfFqMoa tr5S2xPjdjzixz9Qb6h/+Xj8rZ0QbDPGrY3e+Kj7etcOD29fYrwf+kLMu4GJH39/+0P94/iLKkD7 Q/sb43wTfv3L+Yfzb9Q2RdO4/uD6o2Ncf8SoyKxOWuBbqgIwxRAozIOb6aIR+I7ro+DqU6v41LP5 ok0F3U6KttphXc+YA1QQP/6BikP9y7/jz/Jg0K+6qPvrok3q2Xbx3ElnDeI7ah/r+4h5S4zEj39E /bAuoP5x/FnrQxzztD+0v1GrCecfk4fzL+dfszI4zXD+ze7516lMWJYOAX76Gofinj+1qsEkTolj y86/SfQPtSKnXbNCWi9bLN7jXik80XwiryOMf5tupVKUQC0kfkdKcyH+1L/OfPyZFd1lZvQar7Q+ 06ran0LV/rhsFFystz/FPUqjb5TgWuLHn/rH8Uf7Q/vL+Sf6yZPzL9cfXH91ruvP6Ec8a5MViPFR JtlgO8F+6s6x1mA2dtQdEBkV1lF33CcH696WXY2fS9nl46SiJDQSaifIvWsWLN/vuW5T1KNIPXMu 9jCM8WwTHgnxh4tEvsef+hfPsRXPNuG1K9vHX3h6It6fWCBFqvMtdusjcbVREeHHWkD8+FP/OP5i tRNqfTLtb8xgaX9of2h/aH9iNhS0P7S/8Vwlx1GR2KTdBfjpqxtx155ycXDdBw8MkMc37hWPxyMt jbWyadk86f/tQun1o8vkusnXyeQVH7qF0imWF5yoP1ZOn4oTuvstsE/q/xM//oFaRP1L5O7T1I+8 QAjZPv7MfHy/a4yfSZlbts8M8ePfPjUrvlCpf9S/+GpK+2xF/aP+tU/Nii9U6h/1L76a0j5bUf+y W//ap1Q7RKgnPKCmDpHSjCdSdcT9uIssXPmGP+btv3lWFixYIAufXir/3+YaabGk56GHFkj/73Xe O+qKzjxfzu5+sgybMUWGnNXDkvPMzBI//tS/fD3+TpSzyn8sRSefL3dOvU5OPznTN4ETP/7UP44/ 2h/aX84/nH+5/sjMpz4jFq6/8vv6y6gH+f3aRR+GIr8Joue+cfMSmT7ql6IPz22dzh8/XX4xcayM GD5AesZ6cJp1R+YRQAABBBBAAAEEEEAAAQQQQAABBBBwEKCjzgHFaZFP/ezVGHGxoKgo5kilTmGw DAEEEEAAAQQQQAABBBBAAAEEEEAAATcBOurcZFiOAAIIIIAAAggggAACCCCAAAIIIIBABgUYTCKD 2ESFAAIIIIAAAggggAACCCCAAAIIIICAmwAddW4yLEcAAQQQQAABBBBAAAEEEEAAAQQQQCCDAnTU ZRCbqBBAAAEEEEAAAQQQQAABBBBAAAEEEHAToKPOTYblCCCAAAIIIIAAAggggAACCCCAAAIIZFCA jroMYhMVAggggAACCCCAAAIIIIAAAggggAACbgJ01LnJsBwBBBBAAAEEEEAAAQQQQAABBBBAAIEM CtBRl0FsokIAAQQQQAABBBBAAAEEEEAAAQQQQMBNgI46NxmWI4AAAggggAACCCCAAAIIIIAAAggg kEEBOuoyiE1UCCCAAAIIIIAAAggggAACCCCAAAIIuAnQUecmw3IEEEAAAQQQQAABBBBAAAEEEEAA AQQyKEBHXQaxiQoBBBBAAAEEEEAAAQQQQAABBBBAAAE3ATrq3GRYjgACCCCAAAIIIIAAAggggAAC CCCAQAYF6KjLIDZRIYAAAggggAACCCCAAAIIIIAAAggg4CZAR52bDMsRQAABBBBAAAEEEEAAAQQQ QAABBBDIoAAddRnEJioEEEAAAQQQQAABBBBAAAEEEEAAAQTcBOioc5NhOQIIIIAAAggggAACCCCA AAIIIIAAAhkUoKMug9hEhQACCCCAAAIIIIAAAggggAACCCCAgJsAHXVuMixHAAEEEEAAAQQQQAAB BBBAAAEEEEAggwJ01GUQm6gQQAABBBBAAAEEEEAAAQQQQAABBBBwE6Cjzk2G5QgggAACCCCAAAII IIAAAggggAACCGRQgI66DGITFQIIIIAAAggggAACCCCAAAIIIIAAAm4CdNS5ybAcAQQQQAABBBBA AAEEEEAAAQQQQACBDArQUZdBbKJCAAEEEEAAAQQQQAABBBBAAAEEEEDATYCOOjcZliOAAAIIIIAA AggggAACCCCAAAIIIJBBATrqMohNVAgggAACCCCAAAIIIIAAAggggAACCLgJ0FHnJsNyBBBAAAEE EEAAAQQQQAABBBBAAAEEMihAR10GsYkKAQQQQAABBBBAAAEEEEAAAQQQQAABNwE66txkWI4AAggg gAACCCCAAAIIIIAAAggggEAGBeioyyA2USGAAAIIIIAAAggggAACCCCAAAIIIOAmQEedmwzLEUAA AQQQQAABBBBAAAEEEEAAAQQQyKAAHXUZxCYqBBBAAAEEEEAAAQQQQAABBBBAAAEE3AToqHOTYTkC CCCAAAIIIIAAAggggAACCCCAAAIZFKCjLoPYRIUAAggggAACCCCAAAIIIIAAAggggICbAB11bjIs RwABBBBAAAEEEEAAAQQQQAABBBBAIIMCdNRlEJuoEEAAAQQQQAABBBBAAAEEEEAAAQQQcBOgo85N huUIIIAAAggggAACCCCAAAIIIIAAAghkUICOugxiExUCCCCAAAIIIIAAAggggAACCCCAAAJuAnTU ucmwHAEEEEAAAQQQQAABBBBAAAEEEEAAgQwK0FGXQWyiQgABBBBAAAEEEEAAAQQQQAABBBBAwE3g RLcVLEcAgaDAsWap3r1X5MSeUnFJPyniqOlYVYPy61jlRWoRQAABBBBAIO8F2g7Vytt1h0U7tY8M KT8t7z0AQACB/BLooqkpv7JMbjurgH5C37CtTrz+DPqkpP/1UlnRPeXsNj43RHpXVfvDWbynTW6p +LuUwySAJASONcnGtTXSauzqEzntX8bLkPOilzHlZ4Dl+Oux/bJm7e+Dx69IwWkXy3WXl+V4okle zgj4VPuw0tI+SKEMmDBR+hTlTApJCAIIJCnQ9vHbsqqm0bJ3fh3fOZ//djl/++SF8kK5SX1PLlIp e7yvSEWBpQqkc7Zd0p/OBBIWAtkTyPn2J3s07R4z9wa1OzERZErg4G8nyHW3NJnRDX3qx6qj7nzz fbIzLYcPmbvu+OCA6qg723wfbcZ3uEkOHCuUXmeWSntdW0SLv7Otazu4WcbdfJstW0OfukB11EUv 42TLzxZRFt7kW/1pO7hDrrOWb98XZNy+Mo6dLNS9jhhl28eR7cPi/uOlT5a+WGn5uEF8BaXS61R6 Cjtifcr3NOda/T346n0y9ZbAF6ZG2WTz+DbSkKnXXM9/e52/C89Swv6Oui1S/6f/kYrz2ueL8vZK f6bqB/Eg0J4Cud7+tGfesx02z6jLdgl0ovgP73hQunTp4vg38+XPRT7f7Lju3HveSItCyT89KFMm jJWKYGgFBenpHiuQ0E2nl/XtFV9av9kv40vPkD5n9ZRl7/9PfPvkxFbN8swI5zJ0KtvHdv01Y6nu 2qO/3Fs1RaZUjUmojJMqv4zlyiWiDlZ/ju5d6nhsd+lys9QeC+WxZu7lzttN/a1oJ/eXWapsR5QH t+9ZGNqRuXYXOPzK3c5lY23TKypk7O3zZcu7B9s9PYlG0LU02D5MGG7uWpClryLbPnxWep7VR07/ /vVSq+78zdj0l+0y0lpeUedHyo4jGUtZzIg23d4ndv0Ly8+5M1+NGS4bJC6QtfobJand+9+oru/U +T8Hju8oyWy3Ve2Z/73PXel87I1/STxGjo43y/wK52vD29f8WfTrs/Y4f3s/MhJQIX1Ob59OOj2G 9kq/kfpYrzX3ljmXQZf+8sphkcOv3Oq4/p7X1WerzjJ12POXT9b+1PnYWNUY/Pz3yTrH8uuirn0z eYmQbFVpz/Yn2TTly35ZuozNF978yqfn4P9xzfB7HtUUHTNP+bbtPtj8ufgeVj91sy1N/E33C6+X 535zvbx0dRe5dl3i+7vtMeDffis7/0mdKeWkhL7NKw0GmGq+3NLVLsu/aZWt2+IPeccHLTJj4Hfj 3yGVLUt+LPOW/tgfwkue+Ms42fJLJanp2Lcj1R/vof0uWV4mTZ6lUtFNX+2Tz3fvcN7uD6ptOGW0 zFXle/ClydLr2pXO27G03QQ8h9+NHXZdnWzS/564V+S8+fLJH+6R03OlgftfwfZBdXJ3WbdNnoud m3bc4u+DYRemfF5LJJFtR5pkS9w7bJEDzepDRI/2+/Abd1JU2+CpaYh/8+CWH+w56v+QkytVMOEM 5OwO2am/0ThKBqjrO/UnOXF8R0tp+6xrz/wffucV50RvqJUvj18TeC5zl1aprXPe7LUj6vytrs/S f/4ukLFr98gPPlXX391Olz7+6wjnNKS8tF3SH2+qfHJw64cuG9eK51ib+DwfO66vPah/rjrFcV1H W9hhz1/Hv5Tapc7arcF+ujbvl84b6Ne+HWBqz/anA2Q/q0mkoy6r/J0r8rLrN0h9/wPqhFIvswdf 7//AMHNFtYzvWyK9zv2BGoxhgmyrmizDlxn5Hi/rq++VgeX90vhhph2+m+jRRwZf3sdIdOd+PeEc WfXpfjnQ0hbIp2ohGtffLRPnv+5/f8/GXTLhVP1jkVf9O0n6lMf3M+D0oiVYxvlUfumFjju0kpFP ScP270nvy+/y73P5i3vlxcHfFd+JxdKrxAimQK7Z2Cr/cqhV9cp75Y05V8vEZaqDb+rz8skTN5ht gO94F2MHXjMoUHbNSqk9X307fyzUfssVi6T24UtFjquEHG+Vuh2rZMp9LwRS9f5MOeMXvcX73Giz 7DKYXPeo9LTm0JRga5VSyrue/VNpfv9H6pELIoX+q7svZeP9l8m84Jcv69+pldP1GI57/R98y8/N hU46PUEFcu22/dJPnXds55uX1fmmJKwbLuycpO/N1H4Cmay/ceUix47vuNKczo3aIf/DnvlSqr9/ tQy+b4c/pUtrW2Tkd1Qb0aOXlBqfEvVrw9bP5LEjXaTgeL0s6n2ZPK62vvHZ3fLMTaHHj6T7/N29 rEIGl6UTMHpY6U5/9NiMtar92/6J9Pv0qHg+/I0MvvYRtaJSVlXPkz49SqT8zK4ivZbI9Elb/eb+ vcYvkh0zh0n/c7NxDW6kO72vHfb8pQYanNuyX0ZsXymDJ+tlp6Z7Nkn9tedLr96Bc2zXsqulXp2b fUdC11d9H9wkL988PLeunwKpd/+/Hdof98hYowsYTTAaCKQuUFAkvcvV79a++Tsx7gbqfcEgKe8d CPrw75faOune+mKdXNwj9WhdQwj+9LWlsVbqGhrUt1JdxKuuOkvP7CMDB6jRW8Ou/63hHNy9QXZ+ 0CaFlm28WqmMmzgoM6O+qpFKazZvlK2btsrOjw+LaD2l9KxSGXDJYHXi/otsW/mcfDPsP+T5X15k TXZa5ovU6Frlp4aCKv7wlOCbKrn+ygHSx7XV8MneTRtkj3Iu1IcEOKGPjL26XA7WbJDly1ab+Sgf c53ce/u1cnqMb0f1E9quN+uk4ZBH9J8xF/Y4XfoNGCh9wj+4hZJqzqWj/A7v2ykbX1otW7btlRYV cmlJqZSUD5Gxo0eoD7v7ZeNv66R7/0nyi7EOF0o+j+zavkVqfl+tvoU+LAcO6yGoYjylv/rp7s9l 6th0dk77g474z6Mevr1x7UbZsKnGn34j/usmTpSJEwZJT0vdjtg5iQVlgyplnNwlG9S+FxSVSOmp wXqjLBoOqvx36ym91fO6Ss8s8ofexRO4C2/UhQOd68L3u6oOhWbZ9sJyeW7T7/2GWsnpct31s+UX E8+PeXGj14E1L6yS9e/9ORBfXRc5Zfxg9Ry862Tc5Q7+vmbZuu6NwE99fF7p2neIjLuwu9S88Cv5 lSX+cdf+XF0wD4oZfxKE5i563a/eVi2731T151CbtATrT8kFlf76M+7CEnPbtM2o8im/sKet/R41 cYSUWzrjywcMlpt+dpOM73GJv5xl+XNS/6vREQ/4Tj39PmmsWS+rVf3d8t5BfxZLS3pJv0HjZfyY QdJl3zpVrn+V8mt+IePO7W4ncGyffLJbtU31/rYpuLkqY+2MIXLd4NPs+wffJVx/LKGommtOmf75 bem55eb5V0/Eh0Y7O26tqs/G78rN5DnO+A7Xy8Z1qu3YtjvQdqnzz2kX9pYhlwyUYs97svqFbTLs 8W1yy2Dj3OAYTEILC0rUeUdVa9v5Zrjz+Sa0jSWKtB6/ydW/tsYdsurN/zavG/TrjfIrJ0qFfrjq 5/RNa2T1ZnVMq3O63paNGP0LmXHTpf5risaaVfL2x98y9w3krED6jRkbvJNInV83q/Orupu80Mi2 3k6pOjxO1eHD726RLXuP+vfX4x1wrRpIpZtPGt59W+oaD6prH7VQ1Bcn/Spk4IXRn/2ZjvqbyvGj Z++oum7b+W6dtKgbTvRLueLT+ssAdd1WWmjm3lBI+2tS7Vda61+G86++UBt09WQRf0ddhZSWqvO3 XmfV5FN36R440iZF6vqrtEdP6aWfvr/50vxJ7IB/rhDHNi7p87dDW62uJ7XuanCpUWX+NMX+L7nj 1xZu0um3hRL3mwLlW65/HvruB8F9CqX8kn7m9fbuX98a6qQb97y0rr0x6meRRI+/VNufuDMaY8OO fP4aNDB0Q8fKG0dLb/35isakjrHe5xbbrq/umjDa8kW2saE65tJw/k20/EOxB+ay2f6GpyXv3+uj vjIhkFaB4x9oU1WfhDq4tKV/bPMH3VKzwP9eXyZSpe1pTWuMlsC82toJgbhl/HztoauD88H0BOIP LFvyeoNlP+usV3u+n/N+i4P5sW5tzre+p82aMFwbMXyE+utnyW9FcJm+PPjXb4Q2Z0Ojuat1xrdv hWVf53T48zH0Bc1r3bGd5htWTg6mZ7y2P1qEvvc09XzA+NIuldqOFrcEf6ltfexK13BGz1moTS8P xDPqWSfDJMvPSM7Xn2lrpvVxjd9ah6SvQxkceT22w7mLtM++NiIMvqap/mhff6mtmTk0ZvqX7Twc loAU3yq3WcHyt5bLrrmhOrHdPO6/1BYGy3BOWDpC9S20n81cj0PVfTOo8GR/oY7DYNgR+5n1s0rb 8anPtqdv35MxzczwnMrPFlrybzw1j8RMR98Ha5KPINaelvbbWo7W3RqWVZppXBnWJqac/pY3zePb 9DbLzV4nhj6115qswLwl/cb5R1NtU6VjGKpNCz8Ok6w/nroV2lijfS8vN32kvDLU7hvr+43T1oe5 RWYkHUss58OhL8V1vojr+FOWQx3b3tTTHIp/vLbHPN94tV0r5mgzF2zz58Gsf5ZzYNqO36Trn/N5 Z9SLjVpL3cpQfQirh7f9TrXDUc6dC/YErqHct/m1MomMe5g6TxrXYZHH0XjtlXp7+5e2+pvk8WPW nK8+0BYa13BhVno+5i2eZ55fzePb3Dn1mWTbr7TVv2zl/9DLZh0NuX6pzTfLYH7onKuucQLtaYW2 /Qu7eej4tbfVtjoY7fzteixUWtoDe5y2d0kfv4FQUk6/LTGJv/E1Gtf/ofav+rHLzLKRcWtD5eAU fDLHn6u5aPG1P04JSceyjnX+CpVd6LNvhILT9Yllo7jqnzomXc+/yZS/JX4tW+2PNQ3M2wTE9o43 CKRDwNIQrfzIp9kvfGZoe75KRyRuYVgadvMCQ79gqNDGqk4028WCWn/Vsw4f9FTQdUvv1sZUTdGm 6H8TzjP3C13ARMbvq0vgg74/bfoFdvj0meXCSLSZS7dq9Z82a00NtdrWpfeY6fDnI84PXuExJPo+ dOKI0VGndxDNuV19WLV2UgYu1sZMu0NdXFeYF9j+9E/Z5JD/L7Wnh0e5wLOVqWhuHQnJlF/A5TOz A8msK8Onqg8Hv9LmTRtt99fT4lAG4RfsN818Wtvw+k5t64rHbPnXP8BZp/TUn0i/2x9do+18p1ar rV4f0XH96NtHrUlIcd5y7E1ZGyzbYOddsOPitg3BzkHVRowLlmX4MRWqb0Y9qNBmPrpc+9WcG23+ d7/m0NGoOjvtHTKV2mMrtmq1tbXazpeXmXEGyrbS/iFDXeDMm3aTpgazsMWjtx136GWvOlzMOqHS fsNqe/mliGfu3rhksCUelffFqvyqd2prHr3Bsly0lQ3BD/DmnmmasbTfbseXNY3h5Wddp9sllH6H Tu7hVbO0xxc/rk23tMNGOTimz5J+M21qmbGP8Tqmarq2JPzLkhTqT+OS0yPiMOJyeu3j1MmYpiIM BWM5Jh3aqtB2wTmb/3ht2ct1WpM6/9TXvqUtn3mVLX+O9hEBJr4gdPxXhTpRzfZCfVjXO1Y/3qyN U8fpjU/VhCJIx/Fry3+gHUik/rVULw1cM1SNsVlZy3/EhLG2NmrU6oMqD16tWp3fw9ueMbcttHyp qb7AWjw3rA2r0O55MXANU6c6MtVAC67xqh87RKxb/IdQ+5+W+pvC8eMvyCNv2mysbk7z5vEdqgUp zyXdfqWl/mUx/+YxZjm3Hd4eqDMVgbqz7tMAb6hDIvKaMHT8GvUtgfO3Hrz+RenMG83rb/04D5R9 ZFwRhZ3i8auHl3L6IxKV2IKQbZX2iWrrqudYOunUdZXrF5R6NEkff6m3P4nlMt6tO9b5K1R2SXbU 2epvEuffpMs/WB450P7GWzPyaTs66vKptDOVV8sHJVF3EIQusCpDF97tlhZLwx7sCHhU3Tlndoh9 7dXq1syxpCmOD7wfG99wRWl89fyojqq3X96ibXl5p7Zl4xKzU+ZG/YP26/pyy9/GLdqesDt6/CS+ UAfGDf4L+DAo1ZCa35Jb7iYI2yqtb0MXLnFcKOkxW7xExms7VGetOan8GXdd6etCd0wEtmhYaa0v 47X1tZbb7ryfaRvnjLKVXVwfFi3piXVhH8qrfnFYqa2yxq8nUf+2ydqR6PThV9WD6jWrVedcndYa frfOsfdCH7TCyy8N9efApltDPsPma/sdOsUPbLff3Rr1Lkmz4OKbqVsyMhC/4XLoN6H06Mej+jbY fyx6jA8kqg6EpdFWBuOet915aLvb1AjLTJpX21RlXNSLdsWD2yL99Q/E1rs1zQ5FMxDtwNpJoTRf sUj7xGw81I0vqoPAvGs0vPxCQaQ298V+bfXS1apz9UBEOL66Z820uX6jGrFXggss7bfz8fWltty8 46VSeyv8k0PS6Q9ru8+br+1psbQdKhu+hs22D/KO6bOkf+Wf9J1Um2N+2FNfziyocagXulGK9Ufl e2ew/d+4eFqwnCq0JWu2BpeH2v8NG6u1T8LqvZ6C9E8WU+OYjBKJ9fjy24Vt63m3/euf9fgfM22W du/Me7V7zS9JIs8ZYUlM4fi1WOltVbL1T0+QpQ6a1z/jntH2m3cfebWG6le01aoe2M4Rql002xeZ rX0Wnjn13uoTUUYR8apz2Duhc6hX1dGnq/qabYj+6wbzjtKU62+Kx486/sxfQ+j+qu21Hv/elj3a Q9Zzr9om1vncgS/2oqTbr0DQyZ8/sp3/0Jd8RrvasumXlrqivhgNfrno2R2861udA8Obf2v9lITO 385FE/KMdf0Z5pfk8Zvu9Dvnyn2ptbNnxATL9bBqv6NPqR5/KvRU25/oCUxiraVMO8D5y1p2rm2T pY0O3ya182+q5W+xzmb7m0Qt6ey70FHX2Us4G/mzNETmRap+4Ku/G5+tCXxQb7d02Rsb6zfG1ihb tj8QugBRH/ijTXE1vuEBWAxW1oevjPLe0lHn3NGg9tU7i6qGabc/tTtKQOlbFbpwiXWhFIjT6vWg wx1bnhrDPiw8i5neSRb+kwojR7ssPwMwLiiNdU6v1vSEnxht29viF22d/iHfaVJlFFdnqeoUbn5f 3cml7obS/97eVas1tTSFPoxEdDRZIrOkJf76E/o5qd8v/AraEvzWab3N+h/VxLJPPLMNa42fSQc+ ALZYO738bUCl9qbeQWH+vENtZ+kI0+MI1Tf1E/mwdfp6szMu/MLNY/nJsfppqnv2Qz/Rde4sNvKg 6qBDINVzfxiwi1Z+ekJTnbytWv07bwfrz9ta7Tv1WvOne8yO3njqflJJsNS9q/S7vvTOZv3P69Va 3t9hvyszmkGi6bd0qIvMCHUghGXCejw7dlZa0n/70uWhY1XVv0df0+9ecpnSVH/8oZt5sXSEuETb vost58Pw48UhYusHhTm/U3eMhn/RoPbxvb9Om6q+gFv8tsMdrQ5hJroodPwHrhns1xBh5wyHwEP7 J3j8mmWmx5tC/dPTZD1HqHp3hfqpukNT5pB6dTf/o0PMtvm2DWH1VX3RY94xrO5Ij5hs8apOdLNj 0LqlV9t4e8jW8c5g0yKB+pvq8WPGqdKmP1rAmmRz3n7HezrPXWYUxkyi7Vdwv7TUv6zk36utuTlY L4LXxOa51n/u1ssl8CsQ8wtVh/Y/lP8Ez9+Ge9hrKLwYx761/qRw/IbiS0/6w7IT8631/GZv+yq0 qI8rSfX4C6YspfYnZu4S3aBjnb+sZefaNlmuT8K3Sen8m2r5W4+frLQ/idaN/Nn+RNUQMCGQMYEX fjpIPvPtldd+GRolyhr50XdXycSb10rBWfE86d4rf/veZFn7hBo+3hqIMT/0Jan60XeNd7bXkst+ Kc+UPyA/q1OL/9TifzCuYxi2vZJ74/1aH587ztH1TlAPHA1G89r9w6X4fvWmvFLGXFCixlgtlpKT i6RX3woZft9v1YP5rY98Ti5t7bvXeBlZEenfvdQ/7mBk1Adr5bng0nMWzJLLXAYaGfDv90vljB3+ UYUjA0lhiXrYdmtw975318h464NgrcF2PUcer1shrTctkh9UOjyU+1iTqpPzZKIxOqZ1X+v8V/GN bhp3/Wlrll16ffZPW+TpJQ/JH/Tnh4cfSur9rCcagtuJ7PqgRarO+4H5PpWZXuWXqd1XqD8ledwn v9+40h/cqnfq5Oj95fLzbeqB5+/8VS48KThU/dAhcnp4+owEjFMDpzisK/tn9dDrZXoc9qnt0yap NRbtu10ef+xv6qm8avRLY5n+qt4XFHwi88xl66VeDdZQoY+qFj4NnSQ/dmgUSk+7SG35J5E4yy88 2Fjv29QgIE8/+m9yxzLjodKx9mi/9b+7tZ90udUt/ArZ/OQ1EdUr2fS3faUGoAlOd792h/kQbWOZ 8dr17ElSt6Zebnp0n4wMDkxirAt/XXTzFHORukNZZgx1r+fprD9tx41o9eNAzXeQK62uxaEKf99V ZXKfSnq/4eOkvxoERroVSUlxqfTpN1Dm/GaLlBqDVBhZTfurGvVw1+NS0U31W7XtkRkXTkqszU/w +E1r/bOW963b5NX7Lo1bp9/PHpDKO3f68/rkuOVyy9dz5PRgeHtfuMs0WHfX6MgwLfFe9exDLoN1 FciY+96UykWX+MNq0UfhDpuSqb+pHj8H391upuLR/5gialgbh6mnTFn6iNxx4d0O69KzKNn2KyL2 BOtf9vNfoAYvGCGydKv/3Ob7Zr9sWabnqkrebvxXmV92mWzZ9+/yluffpIenzZ/dUUPLI9p/0yHB 87e5X5IzaT1+9TRkOP2R2Vb31oauaPzzVUNKxPuHo3KLw+eaVI8/I/6U2h8jkCy95tb5K3GEVNKf avlnv/1J3Ctf9rCc1vMly+QzowJXLJJPXpkmpx95S6pKL/F3xLyuPvyturRNrj8vsvOq5Y8vyda9 6kJhb7yp/JY0PXxNxKiD+t6jrnMY2dEMtlCKz1Rv6tTfvl3S5JvmGIa5eaZm1DDfsxp/I/PKrg7F WLdFNunpDJvOvW2TvPPEaPcLpbDts/HWoZ9FApd4kakJfTgQubJfr8gNjCX/cLoMVoMXbnEwMTZJ 5rXtwHuBkSzVzqf3NsYtdg6pe79Jsr52UuTKb5pkxnfOCI3OpW+hOlqnXFomcqhelq/bFrlPupao 1lyNKWVOv71vlvzWfOc+86XqUEvX1LWoVAKXl+tl1+4b5Q/r9JDHq5FD+8kJIwaLqJFMH9lRLaPO OxiIUo2s5lRH/CsT7Qj79t8Hwgz+/9Cds2zvXd8cd+kw/Y7qIMj09Nlm9SXFKFusekfJkLLuckCN grhRjUCc9anfOHnsTjVysRo5uCj8CiKF9B9472Uza+f8b2tNNhebM/2ufVhqrzXfxjXzn9dNl6lD o4w0nu76E1eqcmyj710pDZvukt5jFpgJ27ttg+PpeNqGRlnkNOK1uWeqM2rUQzU6aW+9jn1jtBNe va89MOmjmAZHdjcW2V4TPH7bq/6NqohyLrMlOPjmH34s85YMkS237FQL5sqSrT+XJ0ap0XX/7x6Z 5V+mFk951f2LpGAw4//Z+MovuMD60q3YHBn4tZ2N4rvzIvd22LpftPkUjx+fpR0u/+F3XWPq3ks9 7VatNb+Ucd0yiRUptF8RsSVY/3Ih/0UlP1LZUNffr++RXdVfBb44VV+mDTz7Yhk3XF1zqcuX6prd cu4BvW6q66Qermfvdvsiyx+xw39pP34Tvf5wSFNqi2rligU18uqdl8rh3y+V0gE/9Qf3y3+aLkO8 SyO/xEzx+DPTmqb2xwwvkzM5df5KIuOppD/F8s+F9icJsbzYJfwyOy8yTSYzJ7DyCdVJp9eykh/L ssPbpbbkcv8F1qTzF8pg7Z6Ib00Lup2UYOJ6Og8Nr0JpOhD5TbFz4MWpX6Q6B+xfWhjZHxlla5Gu Z6sHQH39pezdtlXW11RLwyGP+I75/Gk8qJYZF6j7nhwjDw4/LA8PVRfxnWw6rPLrOn3TKg1p7qTT 4+p68hmhDwBRondNl1pxeNtToU66cc/I/l/dJH1KQndrPae22furK6X8lleiBWNbl2j9CexcJatf Vp240Trh9A+63XrJRcPPtsWX0psepaJ/LNXr6Na1z8kmPbBx4/xtQMHlN6g31SIPPyfLq/6fvkZG /SjKh0n/Fkn+N36RbJn8A/HpdzO5TD6V/6KSChlc5nKAZuFCfduiUWZqRy/YJs/8bJj9zqXjrfLC qJPkpnbs7zUToM+ou4G8j1/qb3/0O8MK1F1V0fpGUkl/0ZkXqgi3+KP36jchp2E6b+oz8vDgI1I5 Ub83bL38+OSbZc9XS9VdWjECT0f98UehOhw72FVW2ehHRGu9Wbat2yg7322UA55mVf56Z3azbLV0 FD8xrkwqWzRRN3m036Qfv7rfCafLc5/ul3uPnSTlqm/g6HtPSdGFt6kOq7XifS7yrk5/ghI8ftuj /vnTkcS5pN+NC6Tylgv8R8OTVz2tfsg3R7564c7g0SGy7oEr/EFH++9As4rYrW2z7Vhoe2d/k2T9 Ter4OWJG7dEv3VzuqBfPYfMayNwhTTOptF8RSUiw/olkP//F3z89mI16WbPsNf/8DeoLb/22/AET J6sv2lbIw8uel6lyvlr2R+lzZvQvNIOBZeSl3Y7fjKTeKZLxsuj2S/0rSi66WVq2t0jp5Q+o98vk Xx+cKPseDqzzbxD+X1LHXyiQdLQ/odAyO5cr56/krttVk52O829S5Z/99iezNaXjxNbBLiE7Diwp DQjYfrZ3ymWyeuVk6T1J/9naTLl3zVh5YaK9k+C0a9RPCi9bLN7jXik8MdoFpAS26VYaeVdHEP+D B56X+rsuivzmSV//f/fLKv/dPmp+6ED3n98Fw0rlZc+fWuX6sjg70443y6JR35MXe66VPzx3ncy7 8rqIqA/ueFR6XX6Xf3ntQY96jTPsiJBya0HXE0Pfzv7nmt3y67E/cOxAbdv3tvkT2bTmwNLJ9PJP V0vzTXOkZ5QWsqWxQX2YOF1Ke4Q64hp2By5uRWbLJy/9u/mTJWs6Wz3qZ5MJTHHXH/WhVv9845+u KJexV45w9DM2aZfXE3pKpfrmfcM2kU3L/N10csPYAYF0nHmxTFeRPq4+bi73/6RG5ILTitolGUMv GSwjrtQ/THSgSR37excF06s6yDbdOSwy8Sd6VWdw5OL2WqLfDVSgjsuCotCx6RpXiukvtvwk/ubn q6XqSYf8G5GrDsuGhsNSelZviZa0Gbf/u4xQfcENhX9Rd4k9pfZeJv2/UyKfWH5OaARpfU1f/Vkm 9YfV3Q+nWkPP4flDO2Tk9y+XH76o7parmi7Dq8LSqtxrnvyJDJ6x2b+i6b//R3XUuXR0h+2a6tui U/tIeTCQlr3Bn0l+qncgpmdqj/qXdMr+ob/MWzZStlTpX+jMlYWPdZc/36m+5NAn1TaMj6M+3ac6 +mcM/lfHc8DRN9eb59ChTo9vCMSk/k+u/iZz/BR0Cz1rYuXuD9Udg/ZrQyNJe7f9xphN72uK7Veq icl6/lUGuqpjTI3Grn5ZoM7RwevjIQMC5VA2aKRao67dtz0XrDsVcvo/ZubYj8c2p47feBIczzbG FxVq25LL7pK1Ex6Qa1W5fPDIIFn1E/WrJJeO+GSOP1ty0tD+2MLL1Jtsn7++/puZ0z31Lap8HB61 cbjebHvNjY2ZNKU/mfLPhfbHYODVLvAt+1veIZBegcJv20/kZdfe7/+wrsfyn9fNklqHb5uLehRJ aYnqgFOv0f7823QLT6/1A+UyOecXL4lHP9lZJ3VB9syNgW+r9cVDK6M8Z0Ot72rprAnPjzVY27yK 0+g02VF3wLbK/0bd6XTw3Z2yZuUaqT3cFlqv7hbbpT6Iv7/8Wrln459Dyy1zpw2q9F9MWRa162zB iZafAFos3CINeTl/G++6/oyLZZYR6IZrZeaaPxrvQq9H9sgvyn8aeh/HXCg+9byysPpo2/2EM+R6 84PpXLlp/huhn1lZN/TUy/wRXaRn7z7Sc9BayzY++fyjD4NbHrYsD+3c+MocGTw72FGnfhpjra2h rdRcMvVHPTvPTP9rP5OZG4202EL2v/EdaZKalb+S6dMWSW3oi7TIDRNeon5Sfqp9p8p/Dl6sqLti Rsz9oW1lSYmqI2GTWd9cfNzWdz2zwmxb/D+vb3S/Lcvzca2sWTJPZs1ZG9E+uIVvJDPWemO7hF+7 tEqTsZO6izZiUp0k2+beoL7iCE6ulcfYIMOvKabfWn7y1HCZ+7pz+3d033oZ+e2TpM95feTipdE7 vQNfFOnfUj8pdcvUHSH+aa6cMfLX6v4w+2SNP5X64w/VcsFe/19/tUekvzvWLHU1G1T7v030G5/a b7JUEpfjyRp3m6fFf9fWEz8pk/UfW85LxkYnFsugKycY79rl1Ty+9NBdzjfR7rw393fJr9t6a/mn q/7pWTjJUgT6+3infpMeMM/zi+6cbj6WYfP0YfEF8fo1cs3i30dse/TD9XLdoAfM5Zf17WXOmzNJ 1F+rXzLHz2kDhpjRv6zq3+q6yOPm6HtLE7ob3QwwnpkU2y8jCrf6FWt91vOvJ1DdLm2vDbNloLHg exfLfCMT/lf1JaXD92zJ5t8WtOWNGZ7+YA+X9kDf3Fr/Ujl+zfgSbD8sSU5pNnS9Gp7fArnm4VAn 9aRb19iuMa35T+b4C090yu1PeIBJvbc0ni7lYQ022+evrurLRv1n+fqkP1+0SV3Hh081zy8NLors 6E4l/amWf060P+FYvA8I5M+4GeS03QXUKFm179RqtbtXmiOTDX2qRqt/v15rtQx51rL5Lr3nx/93 xYNrtdqGlvQk7esvtfraHdqs4cGRq4yRqmS8tuzlajXqphpBceMSM22BNISP7ubVmmpVHvR86H9q vnrt3WZ6z1mwTcVhWa9GYmx1GBlP077U1M0x5n6PbajTWltbteaGPdrGpXM11Zib685Z8MdQ/i2j vurpu3HBJm1/i88cfc/7xX7t6aq+5r53v5b+kfdaP90fyr8atXTNzKHB+Cq1VdV1oXW1kXnX961e cqWZvjkv12lNn4aGzmz9SK23ePrX6/kLTta64S+f8fO1ne80aE0f1WvVK+aY4Rr156pna9S6Zs1r lkGK5Xd4uz2OYbO1HbUHAmWn0rBx6T329WEjKZqjoenlq9Ku79usRnqte32VNj28Xp43W9up6lL9 Rx4j+5bXJOvPx7+xpW/YPWu1PZ96/D5eVf/q39mhPT3tCts2C/a0WeJNfdZmILO1z8yyUYMh1j1p ibtS26OPAGtMapTcJmt9Uz47VB1rNrYJXy8V2iu1DVpzqHppBzbdaglftJkrqrXmL/Tjx6u1ftHs UA4VlpFl1Si96vh8Wv3yPFC/wsJ3il/VTTN9Rj6SfrWMcKbqz2hVdrUftWjNet1fE95uiXauvl61 rU16/tIxffVZ4Ni2tN96/alVZRJoD+stx5lThKmn3zYatzLwx68M9Laz6f23tOVmWxQoo/BRX/VR lmurV5ltfPioamutx+C457UmPVzVfhhTavXHCEW9HrGMQKzOP+tr9Tw0+4+/5TNvtNXRdB9/fgPz /KVG6TXyHGxvzHPb+5HnXeuodfoxoJ+3mr8KnrzVcexp2G4bRXdzZBAWhMRmvV984j/fup5vjDxZ 2whb+5v68Zta/bOceyzHkD6CqfUY0utBk+WcF02pYVmlra7IrW9E21zTLCMKGudIOX+Gtlq//lEj jz898yp7eDY/S9BJ1t9Uj5+tltFo9fSP1q8P3z8QOC/MGWVPu1q/eJd+beB0/rTkJe7ZVNuv1Otf dvOvQ9kN5O4am17dkpGhMhj6gn1k9fDzYxLnb834DOF0rKvyfvR1df1pvf4Oa8NSOn7TkX6bVmJv /O2fyrf1+niJym/9+0228661jtyzplqrV9d3xpTq8WeEY7wm3P4YO6bw2lHPX0aWbSMlD5vvv/72 r1N1u3rxT0LHj8OIyamef1Mtf2vdynz7awjyGi4g4Qt4j0CyAg3LBocaIXVSNS8U1Xyfp/Zagv1M U9/M2davbEi9s8AWf4U9fGtaQvPjtR2fWpKlZn37/sOWrtC27uEtdunoCL9ocAtr6R+OhhKhLrTV zwPjTIO9EyQUSApzKv7KuOMXzfZBWXUyOu/7grr8U5PvPZf147X9ZmeOV9t679lx5d/a2WmUQTrK z/POyrjiF/XkoD2WTiK/+pE3bZ2wbmVuX27tLAqVXVL1R+1+YPODcaZf1TN1Mb3f6AgLRZ3SXEvN A2b8avRce1i2D5Kq3C0d+G5lZ7QdsdYHIvJq1XMuM+O3O0ceV33v2WR+2IgVvtt6cfuwa895XO88 ux+JO+1m3voGj6+4YnDfyNZ+urQBo15sdA9ArUlH+tWdb3EZnHvbWtuXJE7lY+uoU3VP/azLIWzr 8Zd8/QmHqZ4ZTztWFdmGhAeUwHtfY2LnL5uPHs/HKxx8nMzUslu3JZCyWJt6tef7ucTjWGbBbS3H nlP568dIrPYj/PhNZ/0zj9HwPMR7zNraS9FidoyGbe8av56eKxZpn1ja3/ASSq7+pnj8HP9Ee6g8 0XpgPX7Dc5HY+1Tar7TUvyznX9eqnvtDsw2Ys9P+RbCtIyGsoyHZ/BvHpx53POcge52OLPt0H79G +mLlT09/8lP09s+4vvWHb+tE148V+/Vzstc/jmkPa09itj+OgcS/sOOevyx5VJ8BnD8H2du1dR85 fMGa8vm3Y7e/FkVmLQJ01FkwmE1NIFrHwpzfhZ3w66wfCMan5cNKePz6Bzn97j6nD2f6nWrWO33M nH+6Pa5GNnSxUKE5NrjBABteXuwY3vnjp2vLNu7SPgu/ULZ+mCyvdO308ac/fF8zE6nMfKk9bdyB Ef7hwuH94retnYyfaLMcLrLV6LSBjjp1Eeq0/rwp6gN3WJJ1N2tHnOE97Lbn1TeIe8LCqdA2Gx2u 6Sq/1v3a8rA7z4w0SL8qbZn6ptON3/fRdm26g4MMn6qtekfdgqIutGwn8vPmO9dFZZJw/Qk6+pTR Qsudl2bag2V408yntR1h30aHFUHyby139S22dkIHQzQvJMMu9DW1n1OZ37bhYGDPWOstKW55Z502 1akM/Pmv1GYuXqO+6Qy7UDr0cvT4Xdbf+Kz1SwhLIpKcPVC91DEdw6cu1PaoO3FaahaYH6T0ch0W 3hmaZLwRd7M6HO+2LxVc4klH+vU7tyLvjA5c6A6f+pC609LhVi51N6ztuFJ3XK4z2gU9rS7tj95h EX4uSKr+RHh8qW19dJqtrIzjcMy0h7T16m4gtzYkIqh4F6gPCU7nOyNe++t47a0v7AFbP4j3Gz7C Me2iXPU77dKd9q3TervEZ/+AY82D7YsAl+PTbD9c1jsdv+mpf+7pvuLBGju82zvrh754jnPLB2v9 y0/P+zu0hdNG29qTfsPUeej1BrcYLcuTr78pHT/qlxFbl9zgWBduf0rdQb9vnS0/os6fn5hf9FmS n+Rs0u2XS/1KuP5lO//mXelO1+WfaQuD59Ubwr+0iXV+jrVelVf4Nbz1WHeeV180OpR9UsdvrPTF Wp9kfTN2M6+LIs67laHr2+DGts5IdWd4+PVzSsefkSD9NdH2x7pvMvMd+Pxly+5XH9h++WSru+pX Om+FX3sGd07X+Tel8s9y+2Nz5I1foIv+v6pETAh0agGfR42cGnxeQEGRGrkwyrMu2gMikfh9h1uk 9cSTzEEK9H1bj3lVsvSHGRVIsXp+X6bT3x4mMcNUz/FrOdgiUqSe1eFTg4uowR6iPTg+ZnjJbHDM Iy2H1NMG9WepqTIoVGkp6mZ5bkaUMD2qHFs8arRe9TD+4h5qvxQSn0j9sSVJpf/AoRYpUHVGT790 K1ajiKr0Z7j+29KUwTe+Iy1y4EgXKT21QLyexMovg8mMjEqv+6r+qOqjHhuk158s1P3IVMW/JE3p 96kRR1sOd1HPPSz0l5/uEG3U2fgTGN+Waak/6rzjUceh/txJUW2Bv/3I4ePPo9oLKVL1TX/+q552 df7xqvZX/KNEq/ajxOHBVPFxdritsl3/auadHXymaYXsaNkTe4Tdb/ZL1Yl9/Q8rV3dLStV5fxcy D17/JNz2p1B/Uzp+fPq5Vz/vq2Nfnbsyet2TpvYrhJ/EXDbzn0Ryc3GXbB+/2TZJ6fhTiU+4/cl2 hlX8uXT+8h1ukoZPj/pVvKod1UdV7n1q96hK6Ux/SuVP+xO1nDK5ko66TGoTFwIIIIAAAggggAAC 0QT+sl269Bjq36LvgzWy775Lo20dWGfpqFN31LmOChk7ILZAAIG8Fkim/clrMDKPQPsI5PD3uu2T YUJFAAEEEEAAAQQQQCBnBNRdXJ4jraLuIZPCAq/UPHSrmbTJl/cO3pFpLoqcUXdsHP34gNQG1xz4 tEk8JSXiPa7uhjxemFd3QkbisAQBBKIKpNr+RA2clQggkKwAd9QlK8d+CCCAAAIIIIAAAgikKNC4 qlJ6T9oaJZQnpFW7TZx/eOyTl64ulGvXue+unpUmT4z9gfsGrEEAgbwVSK39yVs2Mo5Auwt8q91j IAIEEEAAAQQQQAABBBBAAAEEEEAAAQQQiCnAHXUxidgAAQQQQAABBBBAAIF2ElA/XfWpQUf0IaOc poJuMQbB0n+6dsx175QGM3JKD8sQQKATCaTa/nQiCrKCQC4J0FGXS6VBWhBAAAEEEEAAAQQQQAAB BBBAAAEE8laAn77mbdGTcQQQQAABBBBAAAEEEEAAAQQQQACBXBKgoy6XSoO0IIAAAggggAACCCCA AAIIIIAAAgjkrQAddXlb9GQcAQQQQAABBBBAAAEEEEAAAQQQQCCXBOioy6XSIC0IIIAAAggggAAC CCCAAAIIIIAAAnkrQEdd3hY9GUcAAQQQQAABBBBAAAEEEEAAAQQQyCUBOupyqTRICwIIIIAAAggg gAACCCCAAAIIIIBA3grQUZe3RU/GEUAAAQQQQAABBBBAAAEEEEAAAQRySYCOulwqDdKCAAIIIIAA AggggAACCCCAAAIIIJC3AnTU5W3Rk3EEEEAAAQQQQAABBBBAAAEEEEAAgVwSoKMul0qDtCCAAAII IIAAAggggAACCCCAAAII5K0AHXV5W/RkHAEEEEAAAQQQQAABBBBAAAEEEEAglwToqMul0iAtCCCA AAIIIIAAAggggAACCCCAAAJ5K0BHXd4WPRlHAAEEEEAAAQQQQAABBBBAAAEEEMglATrqcqk0SAsC CCCAAAIIIIAAAggggAACCCCAQN4K0FGXt0VPxhFAAAEEEEAAAQQQQAABBBBAAAEEckmAjrpcKg3S ggACCCCAAAIIIIAAAggggAACCCCQtwJ01OVt0ZNxBBBAAAEEEEAAAQQQQAABBBBAAIFcEqCjLpdK g7QggAACCCCAAAIIIIAAAggggAACCOStAB11eVv0ZBwBBBBAAAEEEEAAAQQQQAABBBBAIJcE6KjL pdIgLQgggAACCCCAAAIIIIAAAggggAACeStAR13eFj0ZRwABBBBAAAEEEEAAAQQQQAABBBDIJQE6 6nKpNEgLAggggAACCCCAAAIIIIAAAggggEDeZjpXfAAAAqtJREFUCtBRl7dFT8YRQAABBBBAAAEE EEAAAQQQQAABBHJJgI66XCoN0oIAAggggAACCCCAAAIIIIAAAgggkLcCdNTlbdGTcQQQQAABBBBA AAEEEEAAAQQQQACBXBKgoy6XSoO0IIAAAggggAACCCCAAAIIIIAAAgjkrQAddXlb9GQcAQQQQAAB BBBAAAEEEEAAAQQQQCCXBOioy6XSIC0IIIAAAggggAACCCCAAAIIIIAAAnkrQEdd3hY9GUcAAQQQ QAABBBBAAAEEEEAAAQQQyCUBOupyqTRICwIIIIAAAggggAACCCCAAAIIIIBA3grQUZe3RU/GEUAA AQQQQAABBBBAAAEEEEAAAQRySYCOulwqDdKCAAIIIIAAAggggAACCCCAAAIIIJC3AnTU5W3Rk3EE EEAAAQQQQAABBBBAAAEEEEAAgVwSoKMul0qDtCCAAAIIIIAAAggggAACCCCAAAII5K0AHXV5W/Rk HAEEEEAAAQQQQAABBBBAAAEEEEAglwToqMul0iAtCCCAAAIIIIAAAggggAACCCCAAAJ5K0BHXd4W PRlHAAEEEEAAAQQQQAABBBBAAAEEEMglATrqcqk0SAsCCCCAAAIIIIAAAggggAACCCCAQN4K0FGX t0VPxhFAAAEEEEAAAQQQQAABBBBAAAEEckmAjrpcKg3SggACCCCAAAIIIIAAAggggAACCCCQtwJ0 1OVt0ZNxBBBAAAEEEEAAAQQQQAABBBBAAIFcEqCjLpdKg7QggAACCCCAAAIIIIAAAggggAACCOSt AB11eVv0ZBwBBBBAAAEEEEAAAQQQQAABBBBAIJcE6KjLpdIgLQgggAACCCCAAAIIIIAAAggggAAC eStAR13eFj0ZRwABBBBAAAEEEEAAAQQQQAABBBDIJYH/H6E9aqrpIDzKAAAAAElFTkSuQmCC --f403045cf2669763e20554c4743b-- From nobody Thu Jul 20 12:14:00 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5CF112ECAD for ; Thu, 20 Jul 2017 12:13:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yNBNzcgo7Key for ; Thu, 20 Jul 2017 12:13:56 -0700 (PDT) Received: from mail-wr0-x243.google.com (mail-wr0-x243.google.com [IPv6:2a00:1450:400c:c0c::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13301131AAF for ; Thu, 20 Jul 2017 12:13:56 -0700 (PDT) Received: by mail-wr0-x243.google.com with SMTP id p12so2927869wrc.5 for ; Thu, 20 Jul 2017 12:13:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=pbMucH3hCIBgzuha/NdTKCTDlye48P+cDSpNbd6YMwk=; b=qlpN+5WSorH+Wt0kg5H5eOa1h4lfYpaLGAevIlhpSirId1Uk3cY3IVTGHfBVXY3ia0 +h3970vmdXQJ7ZhSDdTM3ErLZxmZ3ZK5XcGIUIn/IH9WQVzkbNi4ApJRabs5ZJORiBPE rSsiIjOq59YyWQ/dUEWd0r0xb8dKo9T5IzdHBGBCUCK+PGN2H2Vq83ZYqf8u1Nu6/WY9 G3Q4T/jssuwvv+/E9h4KKvXQRrFz4xBVlAtMphoc3a+JSvmIEeslgXXfh1DU6jJFBDe8 pA9PWNLotTFxVNoeVsdoOl9Um5QqWxzUaBnbsJEeuowX+nUFe6Gb5UIW5ay+khjvyCNk 2xNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=pbMucH3hCIBgzuha/NdTKCTDlye48P+cDSpNbd6YMwk=; b=Dpa7LNgFKssFTENBpqjjpC+I42FfBO5jfV50HzBkvIVfrKnM1Aekm4gM3PCDc2lTR3 bhKxZSh1SlCSkwplyPRbQLc4nvEYl3hobt+gCLbcyHYndb7biSVI2CSbzsVD6ZMYLD5d IuKJnYjyQ6Y2y1/r5Ouz+TFaA7hXFWQagTb/YdxE8gODccMyzdgCIdncxf+V+wsqFWmV 34sXdKoZthblbMightPB3IVjRuqZZADGgl0RZZG3U1q9Klbk2c2MGTj0FbzJnh+b0Ka0 yMpw+YvZjm4egFDNLzZ9hG0Or0SVz7wS4xd5gxL1hjLsBepQEtuqWlVtjVb4kPJcPP9l 9wFg== X-Gm-Message-State: AIVw111EMA454YnhcsxHI8uvwgPm0kZJQ4lM/4+MOGlzPmttFkWjBskG 0lhSPsPYlcnYsw== X-Received: by 10.223.176.61 with SMTP id f58mr8077756wra.106.1500578034641; Thu, 20 Jul 2017 12:13:54 -0700 (PDT) Received: from [31.133.158.77] (dhcp-9e4d.meeting.ietf.org. [31.133.158.77]) by smtp.gmail.com with ESMTPSA id v16sm8560341wrc.65.2017.07.20.12.13.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jul 2017 12:13:53 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) From: Dino Farinacci X-Mailer: iPhone Mail (14F89) In-Reply-To: Date: Thu, 20 Jul 2017 21:13:52 +0200 Cc: Erik Nordmark , Erik Nordmark , ideas@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> To: Tom Herbert Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 19:13:58 -0000 > On Jul 20, 2017, at 9:07 PM, Tom Herbert wrote: >=20 > Even with all of this though, I'm still skeptical that this will ever achi= eve something we can call real security for identity protection of a long li= ved flow. Packets need to be routable in the Internet so there's only so muc= h of the addresses that can be obfuscated and analysis of communication patt= erns can yields information even for encrypted flows. In practice it's proba= bly far simpler to just not use long lived connections if identity is a conc= ern there, applications already need to handle restarts for connection failu= res anyway so it's not a big deal to reestablish a connection (NAT state tim= eouts have already necessitated this model for several years). Only true when EIDs need to interwork with non-EIDs. Which I think will be n= ecessary for a long transition period. But for use in VPNs where each VPN si= te talks only to each other, you can have data-plane crypto all the time. An= d for container networking and IoT device to cloud app, this will also be th= e case.=20 Dino= From nobody Thu Jul 20 12:23:58 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 894E61267BB for ; Thu, 20 Jul 2017 12:23:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id re-T6TuP0CVF for ; Thu, 20 Jul 2017 12:23:55 -0700 (PDT) Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58598129B61 for ; Thu, 20 Jul 2017 12:23:52 -0700 (PDT) Received: by mail-qt0-x235.google.com with SMTP id b40so30246359qtb.2 for ; Thu, 20 Jul 2017 12:23:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=4oSh15XJUdJBROcyluTx75wJJVeJfSpcaZV51qeak5o=; b=GHrgRXksG7XYOPdEQl/IG7bbgVqV1IahxLUzdMKK3uopx4yU0ofhfrUfmCaFR1ZB5h lyuoobbqRYAzuwvoDp3Lb0V+Z0C432SZujLCiu+R8pmGvBomlKHYx4DPkxUphbcDFl5r SjmEOvYQyPnU9aPwJyiZ0UaIN69QDS9K/I+d0OoiLIc7JGXTwVqgAHRKtbjZfIVlO65o dWsbeRBQ+bbQeDj9EXhlrAD+L7Cv3vOJaoSPlAG9vR+ZkiSuYr1ct+qcVxTKA63YImSo QNridIiVVhX+jLh1wWv6tPbum45CG4Hg39ySzEOFow+aazGPhezhLEjm66OkB3N8TaPV M/9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=4oSh15XJUdJBROcyluTx75wJJVeJfSpcaZV51qeak5o=; b=da3AXGfk5sD55XjLbypOK4cd0RPKl93aq8k1oOm3x9qIyhK8XI1KTc6cPMhCVINQ7b R6Z4+zNLKKaa6090wXxtIFqW0C1ikSSf1PKo+wh2wfsabUuB9JcaCUZTbU27HBypfeon MWpO8aV8vk54qOOkB9LQYkDwQ/9raZBdtDZYXjDzopwjH1/ignaejYZmnPiV9rzSEW9G 8sd4hHahPj2qbQmbdzqtwaCKjD94WYYFzeI/VXwdAwzcR7I/5LqiCrFPZGa/lz6JuTZ3 8XAsiMcTchTrtCp+57EGLGiGWRiFnQZaVJv6Mstz1CPefAzTV15sIe8hH00L6Wj1yT9/ bR1Q== X-Gm-Message-State: AIVw1128n+mN+tOCBC10zSkZXSyX50LR4nCHHEa8QtACnvkfG5gUptCs 6+IqOgAE/UyAimkUyyW0KnqM/fspcis9 X-Received: by 10.200.10.202 with SMTP id g10mr6124892qti.227.1500578631477; Thu, 20 Jul 2017 12:23:51 -0700 (PDT) MIME-Version: 1.0 Received: by 10.140.104.14 with HTTP; Thu, 20 Jul 2017 12:23:51 -0700 (PDT) In-Reply-To: <5077d2a2-882a-79f3-c8c4-28c087c73c90@htt-consult.com> References: <946e8ec2-a6c8-658e-cdf3-60b855dcaeb1@uni-tuebingen.de> <5077d2a2-882a-79f3-c8c4-28c087c73c90@htt-consult.com> From: Albert Cabellos Date: Thu, 20 Jul 2017 21:23:51 +0200 Message-ID: To: Robert Moskowitz Cc: Michael Menth , "ideas@ietf.org" Content-Type: multipart/alternative; boundary="089e0822b528496d3c0554c4b0e7" Archived-At: Subject: Re: [Ideas] related work X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 19:23:57 -0000 --089e0822b528496d3c0554c4b0e7 Content-Type: text/plain; charset="UTF-8" Thanks for pointing to this great paper. I agree, another difference is that the paper does not seek defining mechanisms for user-defied policies for privacy. On Thu, Jul 20, 2017 at 2:18 PM, Robert Moskowitz wrote: > Oops, I have an appology, I thought David said PIP, which was Paul's IP > and one of the IPng competitors that had some neat features to handle the > EID challenge. But was considered non-implementable back in that day. > > Shows the age of some of my information... > > Bob > > On 07/20/2017 11:53 AM, Michael Menth wrote: > >> Hi all, >> >> here is a pointer to the paper David Oran mentioned during the BoF. It >> relates to ideas insofar as it addresses the tussle between privacy and >> accontability. >> http://www.sigcomm.org/node/3643 >> To my understanding it is more about accountability and less about >> loc/id split. Though, we should know about it. Thanks David! >> >> Best wishes, >> >> Michael >> >> > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > --089e0822b528496d3c0554c4b0e7 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thanks for pointing to this great paper.

I agree, another difference is that the paper does not seek defining mech= anisms for user-defied policies for privacy.

On Thu, Jul 20, 2017 at 2:18 PM,= Robert Moskowitz <rgm-ietf@htt-consult.com> wrote:
Oops,=C2=A0 I have an appology, I thought = David said PIP, which was Paul's IP and one of the IPng competitors tha= t had some neat features to handle the EID challenge.=C2=A0 But was conside= red non-implementable back in that day.

Shows the age of some of my information...

Bob

On 07/20/2017 11:53 AM, Michael Menth wrote:
Hi all,

here is a pointer to the paper David Oran mentioned during the BoF. It
relates to ideas insofar as it addresses the tussle between privacy and
accontability.
http://www.sigcomm.org/node/3643
To my understanding it is more about accountability and less about
loc/id split. Though, we should know about it. Thanks David!

Best wishes,

Michael


_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas

--089e0822b528496d3c0554c4b0e7-- From nobody Thu Jul 20 13:40:42 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 407FE131468 for ; Thu, 20 Jul 2017 13:40:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gTXyiUFgcTA2 for ; Thu, 20 Jul 2017 13:40:39 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F2F612420B for ; Thu, 20 Jul 2017 13:40:38 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml707-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DRQ91453; Thu, 20 Jul 2017 20:40:36 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml707-cah.china.huawei.com (10.201.108.48) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 20 Jul 2017 21:40:35 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Thu, 20 Jul 2017 13:40:31 -0700 From: Uma Chunduri To: Dino Farinacci , Tom Herbert CC: Erik Nordmark , "ideas@ietf.org" , Erik Nordmark Thread-Topic: [Ideas] Identity/identifier and session continuity Thread-Index: AQHTASrQA8hT40Pa70+th+iH95tXXqJc3ZuAgABqfgCAAAx+AIAAHBCAgAAZIACAAAHhAP//n1fA Date: Thu, 20 Jul 2017 20:40:30 +0000 Message-ID: <25B4902B1192E84696414485F572685401A32A37@SJCEML703-CHM.china.huawei.com> References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.47.79.77] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020202.59711544.01AC, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 9afd507c2267693d18d03a33458f99a2 Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 20:40:41 -0000 Couple of questions: 1. Not really fully sure what's the need for full encryption (if need is on= ly obfuscation of identifiers) of the packet, if obfuscation is done throug= h ephemeral identifiers. =20 2. Sure, If #1 is needed and packet is encrypted (above IP) with whether L= ISP encryption or IPSec tunnel mode, what is the privacy concern for long l= ived flow. What useful information observer would get in that case? And also=20 - there is a high possibility for double encryption (if ubiquitous enc= ryption is there at application layer), if we propose to "encrypt all" is t= he rule, even if the need is only obfuscation. - there could be late binding cases in the network and for that identif= iers has to be consulted - but we will have an issue if we ought to do ful= l encryption just for obfuscation. -- Uma C. -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Dino Farinacci Sent: Thursday, July 20, 2017 12:14 PM To: Tom Herbert Cc: Erik Nordmark ; ideas@ietf.org; Erik Nordmark Subject: Re: [Ideas] Identity/identifier and session continuity > On Jul 20, 2017, at 9:07 PM, Tom Herbert wrote: >=20 > Even with all of this though, I'm still skeptical that this will ever ach= ieve something we can call real security for identity protection of a long = lived flow. Packets need to be routable in the Internet so there's only so = much of the addresses that can be obfuscated and analysis of communication = patterns can yields information even for encrypted flows. In practice it's = probably far simpler to just not use long lived connections if identity is = a concern there, applications already need to handle restarts for connectio= n failures anyway so it's not a big deal to reestablish a connection (NAT s= tate timeouts have already necessitated this model for several years). Only true when EIDs need to interwork with non-EIDs. Which I think will be = necessary for a long transition period. But for use in VPNs where each VPN = site talks only to each other, you can have data-plane crypto all the time.= And for container networking and IoT device to cloud app, this will also b= e the case.=20 Dino _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas From nobody Thu Jul 20 14:06:57 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E1B212ECB7 for ; Thu, 20 Jul 2017 14:06:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V-gPEUxZMi63 for ; Thu, 20 Jul 2017 14:06:54 -0700 (PDT) Received: from mail-wr0-x234.google.com (mail-wr0-x234.google.com [IPv6:2a00:1450:400c:c0c::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 340D01201F2 for ; Thu, 20 Jul 2017 14:06:54 -0700 (PDT) Received: by mail-wr0-x234.google.com with SMTP id f21so18914090wrf.5 for ; Thu, 20 Jul 2017 14:06:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=6+wg/Hn/k62el7In5jxezyE4VLGM5WIYIkpxfFThhPg=; b=SijeL5uYib7jGEfbMfrAMNnBaribc+7RiyO9CVNmKbKEebOKAX2IgNcf5rdpsayEGK JORVDYoRVXOP+MPdeuv7mA8syl9cZlNeesH6RNDuo2LCc82KlLsi5x4u2oS59XcZM4WD DD22rmvPqilNOdYaWtqQLR/WathTsU1MxrEiyA+gIRm4OJAv+N2+NeK88ndKQTEBAMJL LplTWHoCZ1ScvzIk95lpoqTJmX+XmfmCubSQWH6crNRtEAYoZFgwZEX0viOo21HmDPZd r7S6Rig3CJaIbLB2IEnNrN/twSkkaVBM6nXMsGcw33GU370S6jR0xkHNpOcDkIBYg+Y4 W8lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=6+wg/Hn/k62el7In5jxezyE4VLGM5WIYIkpxfFThhPg=; b=OgQPh74JL4BVUlmLtbHFzlX/Bllya1PFgw+a9qfREmWpqHV2DU3lwreN3pETSjz+fB qH1wbXlin9OiRM5HcDFSg5BDfFKDbQqMfQX/ZcdzAkymSx4VV33QK7ABINExqlwLmlFE yc35c0wI0d90omLyp2iYZbl0zdy0Qt2NyQW+dfytt7k4v0eCb5J+4dnutF5pJ0/X1S7G VfMqyIfXv+MuM4eIFn9lZEgz+NdAJqScnJK+aQTCk2Ohw2EdEshnEvw5YobG8FLB2rc0 nSIGgEjqgxAac0AzE4BM+4mCLnvBrclE6IJsjZ4eMmK4ALOzgk9Dam/NsGlDb6g88t6w zN6g== X-Gm-Message-State: AIVw1126rRNQqSWxJL/t1xE107LhCtq/5wDaZ92z4ChIDwR/kuXAlb/5 nAw7IUJ7jKOmIqto2izMDRyHKGsfo0Fg X-Received: by 10.223.135.249 with SMTP id c54mr8273884wrc.98.1500584812666; Thu, 20 Jul 2017 14:06:52 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.128.66 with HTTP; Thu, 20 Jul 2017 14:06:51 -0700 (PDT) In-Reply-To: <25B4902B1192E84696414485F572685401A32A37@SJCEML703-CHM.china.huawei.com> References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> <25B4902B1192E84696414485F572685401A32A37@SJCEML703-CHM.china.huawei.com> From: Tom Herbert Date: Thu, 20 Jul 2017 14:06:51 -0700 Message-ID: To: Uma Chunduri Cc: Dino Farinacci , Erik Nordmark , "ideas@ietf.org" , Erik Nordmark Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 21:06:56 -0000 On Thu, Jul 20, 2017 at 1:40 PM, Uma Chunduri wro= te: > > > Couple of questions: > > 1. Not really fully sure what's the need for full encryption (if need is = only obfuscation of identifiers) of the packet, if obfuscation is done thro= ugh ephemeral identifiers. > The "need" would be to obfuscate other parts of the packet that contain information that could be used to discern that two packets are part the same flow even if they have different IP addresses. The most obvious data that comes to mind for would be port numbers and TCP sequence numbers and acknowlgements . > 2. Sure, If #1 is needed and packet is encrypted (above IP) with whether = LISP encryption or IPSec tunnel mode, what is the privacy concern for long= lived flow. What useful information observer would get in that case? > They would get a lot less information, but as I pointed out an observer can still infer some information based on communications pattern, packet sizes, etc. > And also > > - there is a high possibility for double encryption (if ubiquitous e= ncryption is there at application layer), if we propose to "encrypt all" is= the rule, even if the need is only obfuscation. > - there could be late binding cases in the network and for that ident= ifiers has to be consulted - but we will have an issue if we ought to do f= ull encryption just for obfuscation. > Full encryption would help this case and be beneficial for other aspects of security, however in the Internet we are no where near ubiquitous full packet encryption. Even TLS is not completely deployed yet. I would say it's a nice to have, but it can't be a requirement set by IDEAS, at best it's a MAY. Tom > -- > Uma C. > > -----Original Message----- > From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Dino Farinacci > Sent: Thursday, July 20, 2017 12:14 PM > To: Tom Herbert > Cc: Erik Nordmark ; ideas@ietf.org; Erik Nordmark > Subject: Re: [Ideas] Identity/identifier and session continuity > >> On Jul 20, 2017, at 9:07 PM, Tom Herbert wrote: >> >> Even with all of this though, I'm still skeptical that this will ever ac= hieve something we can call real security for identity protection of a long= lived flow. Packets need to be routable in the Internet so there's only so= much of the addresses that can be obfuscated and analysis of communication= patterns can yields information even for encrypted flows. In practice it's= probably far simpler to just not use long lived connections if identity is= a concern there, applications already need to handle restarts for connecti= on failures anyway so it's not a big deal to reestablish a connection (NAT = state timeouts have already necessitated this model for several years). > > Only true when EIDs need to interwork with non-EIDs. Which I think will b= e necessary for a long transition period. But for use in VPNs where each VP= N site talks only to each other, you can have data-plane crypto all the tim= e. And for container networking and IoT device to cloud app, this will also= be the case. > > Dino > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas From nobody Thu Jul 20 14:25:25 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B67F126DC2 for ; Thu, 20 Jul 2017 14:25:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pynMVyybiulL for ; Thu, 20 Jul 2017 14:25:22 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16494126C3D for ; Thu, 20 Jul 2017 14:25:21 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DRQ95294; Thu, 20 Jul 2017 21:25:20 +0000 (GMT) Received: from SJCEML702-CHM.china.huawei.com (10.208.112.38) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 20 Jul 2017 22:25:19 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML702-CHM.china.huawei.com ([169.254.4.153]) with mapi id 14.03.0301.000; Thu, 20 Jul 2017 14:25:17 -0700 From: Uma Chunduri To: Tom Herbert CC: Dino Farinacci , Erik Nordmark , "ideas@ietf.org" , Erik Nordmark Thread-Topic: [Ideas] Identity/identifier and session continuity Thread-Index: AQHTASrQA8hT40Pa70+th+iH95tXXqJc3ZuAgABqfgCAAAx+AIAAHBCAgAAZIACAAAHhAP//n1fAgACAOoD//428EA== Date: Thu, 20 Jul 2017 21:25:16 +0000 Message-ID: <25B4902B1192E84696414485F572685401A32A80@SJCEML703-CHM.china.huawei.com> References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> <25B4902B1192E84696414485F572685401A32A37@SJCEML703-CHM.china.huawei.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.47.79.77] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.59711FC0.01C3, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 9afd507c2267693d18d03a33458f99a2 Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jul 2017 21:25:24 -0000 SGkgVG9tLA0KDQoJPg0KCT4gMS4gTm90IHJlYWxseSBmdWxseSBzdXJlIHdoYXQncyB0aGUgbmVl ZCBmb3IgZnVsbCBlbmNyeXB0aW9uIChpZiBuZWVkIGlzIG9ubHkgb2JmdXNjYXRpb24gb2YgaWRl bnRpZmllcnMpIG9mIHRoZSBwYWNrZXQsIGlmIG9iZnVzY2F0aW9uIGlzIGRvbmUgdGhyb3VnaCBl cGhlbWVyYWwgaWRlbnRpZmllcnMuDQoJPg0KCVRoZSAibmVlZCIgd291bGQgYmUgdG8gb2JmdXNj YXRlIG90aGVyIHBhcnRzIG9mIHRoZSBwYWNrZXQgdGhhdCBjb250YWluIGluZm9ybWF0aW9uIHRo YXQgY291bGQgYmUgdXNlZCB0byBkaXNjZXJuIHRoYXQgdHdvIHBhY2tldHMgYXJlIHBhcnQgdGhl IHNhbWUgZmxvdyBldmVuIGlmIHRoZXkgaGF2ZSBkaWZmZXJlbnQgSVAgYWRkcmVzc2VzLiANCiAg ICAgICAgICAgICAgICBUaGUgbW9zdCBvYnZpb3VzIGRhdGEgdGhhdCBjb21lcyB0byBtaW5kIGZv ciB3b3VsZCBiZSBwb3J0IG51bWJlcnMgYW5kIFRDUCBzZXF1ZW5jZSBudW1iZXJzIGFuZCBhY2tu b3dsZ2VtZW50cyAuDQoNClllcywgdGhhdOKAmXMgcG9zc2libGUuIFNvIHdoYXQgaXMgdGhlIHNl Y3VyaXR5IGlzc3VlIGVzcGVjaWFsbHkgYXMgeW91IHNhaWQgaWYgSVAgYWRkcmVzc2VzIGFyZSBj aGFuZ2luZy4gWWVzIGFuIG9ic2VydmVyIGlkZW50aWZ5IHRoZSBsb25nIGxpdmVkIGZsb3cgYmV0 d2VlbiB0d28gb2JmdXNjYXRlZCBvbmUgdGltZSAgaWRlbnRpZmllcnMuIEkgYW0gbWlzc2luZyBz b21lIHRoaW5nLg0KDQoNCgk+IDIuIFN1cmUsIElmICMxIGlzIG5lZWRlZCBhbmQgcGFja2V0IGlz IGVuY3J5cHRlZCAoYWJvdmUgSVApIHdpdGggd2hldGhlciAgTElTUCBlbmNyeXB0aW9uIG9yIElQ U2VjIHR1bm5lbCBtb2RlLCB3aGF0IGlzIHRoZSBwcml2YWN5IGNvbmNlcm4gZm9yIGxvbmcgbGl2 ZWQgZmxvdy4gV2hhdCB1c2VmdWwgIGluZm9ybWF0aW9uIG9ic2VydmVyIHdvdWxkIGdldCBpbiB0 aGF0IGNhc2U/DQoJPg0KCVRoZXkgd291bGQgZ2V0IGEgbG90IGxlc3MgaW5mb3JtYXRpb24sIGJ1 dCBhcyBJIHBvaW50ZWQgb3V0IGFuIG9ic2VydmVyIGNhbiBzdGlsbCBpbmZlciBzb21lIGluZm9y bWF0aW9uIGJhc2VkIG9uIGNvbW11bmljYXRpb25zIHBhdHRlcm4sIHBhY2tldCBzaXplcywgZXRj Lg0KDQpSZW1lbWJlciBwYWRkaW5nIGZpZWxkIGluIElQU0VDICBFU1AgaGVhZGVyLCB0aGlzIGlz IHByZWNpc2VseSB0aGVyZSB0byBtYXNrIHBhY2tldCBzaXplcy4NCg0KDQoJPiBBbmQgYWxzbw0K CT4NCgk+ICAgICAtIHRoZXJlIGlzIGEgaGlnaCBwb3NzaWJpbGl0eSBmb3IgZG91YmxlIGVuY3J5 cHRpb24gKGlmICB1YmlxdWl0b3VzIGVuY3J5cHRpb24gaXMgdGhlcmUgYXQgYXBwbGljYXRpb24g bGF5ZXIpLCBpZiB3ZSBwcm9wb3NlIHRvICJlbmNyeXB0IGFsbCIgaXMgdGhlIHJ1bGUsIGV2ZW4g aWYgdGhlIG5lZWQgaXMgb25seSBvYmZ1c2NhdGlvbi4NCgk+ICAgICAtIHRoZXJlIGNvdWxkIGJl IGxhdGUgYmluZGluZyBjYXNlcyBpbiB0aGUgbmV0d29yayBhbmQgZm9yIHRoYXQgaWRlbnRpZmll cnMgaGFzIHRvIGJlIGNvbnN1bHRlZCAtIGJ1dCB3ZSB3aWxsICBoYXZlIGFuIGlzc3VlIGlmIHdl IG91Z2h0IHRvIGRvIGZ1bGwgZW5jcnlwdGlvbiBqdXN0IGZvciBvYmZ1c2NhdGlvbi4NCgk+DQoJ RnVsbCBlbmNyeXB0aW9uIHdvdWxkIGhlbHAgdGhpcyBjYXNlIGFuZCBiZSBiZW5lZmljaWFsIGZv ciBvdGhlciBhc3BlY3RzIG9mIHNlY3VyaXR5LCBob3dldmVyIGluIHRoZSBJbnRlcm5ldCB3ZSBh cmUgbm8gd2hlcmUgbmVhciB1YmlxdWl0b3VzIGZ1bGwgcGFja2V0IGVuY3J5cHRpb24uIEV2ZW4g VExTIGlzIG5vdCBjb21wbGV0ZWx5IGRlcGxveWVkIHlldC4NCiAgICAgICAgICAgICAgICBJIHdv dWxkIHNheSBpdCdzIGEgbmljZSB0byBoYXZlLCBidXQgaXQgY2FuJ3QgYmUgYSByZXF1aXJlbWVu dCBzZXQgYnkgSURFQVMsIGF0IGJlc3QgaXQncyBhIE1BWS4NCg0KQWdyZWUsIHRoYXQgaXMgd2hh dCBJIGZlZWwgYW5kIGRvbid0IHNlZSBJREVBUyBtYW5kYXRlZCBmdWxsIGVuY3J5cHRpb24sIHJh dGhlciBvcHBvc2l0ZSBhbmQgYWxsb3cgaWRlbnRpZmllcnMgb3V0c2lkZSAod2l0aCBvYmZ1c2Nh dGlvbiwgZXZlbiBpZiByZXN0IG9mIHRoZSBwYWNrZXQgaXMgZW5jcnlwdGVkKSB0byBoZWxwIGxh dGUgYmluZGluZyBhbmQgbGFzdCBRb1MgYXBwbGljYXRpb24gYmFzZWQgb24gSWRlbnRpZmllcnMg aWYgbmVlZGVkLg0KDQpUaHghDQoNCi0tDQpVbWEgQy4NCg0KDQoNCg== From nobody Fri Jul 21 02:29:16 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F0DA131B5F for ; Fri, 21 Jul 2017 02:29:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CARBA7zeifb5 for ; Fri, 21 Jul 2017 02:29:05 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C2D5129B4C for ; Fri, 21 Jul 2017 02:29:05 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml701-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DKZ68377; Fri, 21 Jul 2017 09:29:03 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml701-cah.china.huawei.com (10.201.108.42) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 21 Jul 2017 10:28:58 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Fri, 21 Jul 2017 02:28:51 -0700 From: Hesham ElBakoury To: Dino Farinacci , "ideas@ietf.org" Thread-Topic: [Ideas] GRIDs is a necessary use-case for LISP and HIP Thread-Index: AQHTATifpc0wSeXhA0q0z7k98084GqJeBMuA Date: Fri, 21 Jul 2017 09:28:51 +0000 Message-ID: References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> In-Reply-To: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.210.166.206] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.5971C95F.00E8, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: dc537fef5197ad0f3fa70eaba470962a Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Jul 2017 09:29:14 -0000 SGkgRGlubywNCg0KQXJlIHlvdSBzdWdnZXN0aW5nIHRvIHVzZSBMSVNQL0hJUCBjb250cm9sIHBy b3RvY29sIGZvciBJREVBUyA/DQoNClRoYW5rcw0KDQpIZXNoYW0NCg0KLS0tLS1PcmlnaW5hbCBN ZXNzYWdlLS0tLS0NCkZyb206IElkZWFzIFttYWlsdG86aWRlYXMtYm91bmNlc0BpZXRmLm9yZ10g T24gQmVoYWxmIE9mIERpbm8gRmFyaW5hY2NpDQpTZW50OiBUaHVyc2RheSwgSnVseSAyMCwgMjAx NyAyOjE0IEFNDQpUbzogaWRlYXNAaWV0Zi5vcmcNClN1YmplY3Q6IFtJZGVhc10gR1JJRHMgaXMg YSBuZWNlc3NhcnkgdXNlLWNhc2UgZm9yIExJU1AgYW5kIEhJUA0KDQpBcyBvbmUgb2YgdGhlIG9y aWdpbmFsIGNvYXV0aG9ycyBvZiBMSVNQLCBJIGp1c3Qgd2FudCB0byBzYXkgdGhlIElERUFzIGVm Zm9ydCB3aWxsIGJlIHdlbGwgc2VydmVkIGZvciB0aGUgbG9jYXRvci9pZCBzcGxpdCBwcm90b2Nv bHMuIEkgdGhpbmsgYWxsIG92ZXJsYXkgcHJvdG9jb2xzIGNhbiBtYWtlIHVzZSBvZiBhICpuZXR3 b3JrLWxheWVyKiBiYXNlZCBkYXRhYmFzZS4gQW5kIHNpbmNlIHNlY3VyaXR5IGhhcyB0byBiZSBh IG51bWJlciAxIHByaW9yaXR5IHJlcXVpcmVtZW50LCB3ZSBoYXZlIHRvIGNyZWF0ZSBzb21ldGhp bmcgbmV3Lg0KDQpXaGVuIEkgc2F5IOKAnG5ld+KAnSwgSSBtZWFuIHRvIGNyZWF0ZSBhbiBvcGVy YXRpb25hbCBpbmZyYXN0cnVjdHVyZSB3aGVyZSB0aGUgbG9jL2lkIHNwbGl0IGNvbnRyb2wgcHJv dG9jb2xzIGNhbiBiZSBkZXBsb3llZCBhdCBzY2FsZS4gV2UgaGF2ZSBhbiBhcHBsaWNhdGlvbiBs ZXZlbCBkYXRhYmFzZSwgaXQgaXMgY2FsbGVkIEROUy4gV2UgbmVlZCBhIG5ldHdvcmstbGF5ZXIg ZGF0YWJhc2UuDQoNCkkgdGhpbmsgcGVvcGxlIHNob3VsZCB2aWV3IEdSSURzIG5vdCBmb3Igd2hh dCB1c2UtY2FzZXMgaXQgY2FuIHByb3ZpZGUsIGJ1dCBob3cgdG8gZGVmaW5lIGEgZGVwbG95bWVu dCBzdHJhdGVneSBmb3IgYSBuZXR3b3JrLWxheWVyIGRhdGFiYXNlIGluZnJhc3RydWN0dXJlIGZv ciB0aGUgdXNlLWNhc2VzIHRoYXQgTElTUCwgSElQLCBJTEEsIGFuZCBJTE5QICphbHJlYWR5KiBw cm92aWRlLg0KDQpEaW5vDQoNCg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX18NCklkZWFzIG1haWxpbmcgbGlzdA0KSWRlYXNAaWV0Zi5vcmcNCmh0dHBzOi8v d3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vaWRlYXMNCg== From nobody Fri Jul 21 02:43:33 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F5D2127869 for ; Fri, 21 Jul 2017 02:43:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ypDLllCp6k7U for ; Fri, 21 Jul 2017 02:43:29 -0700 (PDT) Received: from mail-wr0-x22b.google.com (mail-wr0-x22b.google.com [IPv6:2a00:1450:400c:c0c::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 288BB127868 for ; Fri, 21 Jul 2017 02:43:29 -0700 (PDT) Received: by mail-wr0-x22b.google.com with SMTP id k71so26741975wrc.2 for ; Fri, 21 Jul 2017 02:43:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZMZGuerKMUi20UTobxcu+piRVOJENPrUrWa6tb7D5dU=; b=utNUgl7VHithJ01y8pVW06KQDiv3fB8h55gXfRPF605gOPY27eTmMijcTvDLutExxy 6xqHBsN+/AaRAH3hcpMi6anchKsE9U9g2Imx7UyB1IhliUD9Hk2YQsKtbPESE9ycYrc9 oqzo4z9NdUgcIcGifI1UtA0+7I9AVys00kU5opsrodZ6Q+wbNNZ3znBf5/9HE8BIgl+K jp92ykyxOMzT2S4yyW+RcvhlZghXkKdBH90cay07QFEtjJ106dmiQLHvFLGJK+HnA3QL LE9wbH/eNw7tGSabtVIOuZsbVw3qY+fFQgTAQtZPYDa2/Rde73xffeBCPUVcq1LUF1Uh YW2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZMZGuerKMUi20UTobxcu+piRVOJENPrUrWa6tb7D5dU=; b=f2zH+1lZfPdy7lsIRmwv3qsrsgX8dlW4jOg7a5r46TLylYVNS/5kOaHWKdJ3nb5W9B BOSUvRTqXD5VC5DmpYjZeaapXFlB8XaeUoDWv7sdmLu8zk9ZF9fshpCGKyDy4PLxcryI SzhWf9KVN3XHW/VLr2qc+v48tw1TcHnP0vzeKHt+SpxZ4zM1RmG8+5JKUwtoTyv6x+WN sixQM+9r4173AyPvFfk0PO6v2p09JE7lAZhhIxKTIDs5Ey3dgig3EJ9fYwnIP3QAanHB EsVozq0MC955pEhyDHfJa2ydnsqSz24Xtrn94m8VxOfsgRch8//geJndxCtboJmldboU x5Rw== X-Gm-Message-State: AIVw110fFEDfvRkgvnE2dJBTEnTLfVS6aeGyz/RqRQ01sYff5gHgBxZo f2/6mFYUgScdd4bfX4U= X-Received: by 10.223.145.97 with SMTP id j88mr9513023wrj.15.1500630207662; Fri, 21 Jul 2017 02:43:27 -0700 (PDT) Received: from ?IPv6:2001:67c:370:128:e4ea:97e4:34f2:c6e1? ([2001:67c:370:128:e4ea:97e4:34f2:c6e1]) by smtp.gmail.com with ESMTPSA id c34sm8801144wra.80.2017.07.21.02.43.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jul 2017 02:43:27 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) From: Padma Pillay-Esnault X-Mailer: iPhone Mail (14F89) In-Reply-To: Date: Fri, 21 Jul 2017 11:43:26 +0200 Cc: Dino Farinacci , "ideas@ietf.org" Content-Transfer-Encoding: quoted-printable Message-Id: <969B6680-CBFE-42DC-A3E5-514BB3B0D2D7@gmail.com> References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> To: Hesham ElBakoury Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Jul 2017 09:43:31 -0000 Hi Hesham Please check slides of PS that will give you better perspective. Thanks Padma Sent from my iPhone > On Jul 21, 2017, at 11:28, Hesham ElBakoury w= rote: >=20 > Hi Dino, >=20 > Are you suggesting to use LISP/HIP control protocol for IDEAS ? >=20 > Thanks >=20 > Hesham >=20 > -----Original Message----- > From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Dino Farinacci > Sent: Thursday, July 20, 2017 2:14 AM > To: ideas@ietf.org > Subject: [Ideas] GRIDs is a necessary use-case for LISP and HIP >=20 > As one of the original coauthors of LISP, I just want to say the IDEAs eff= ort will be well served for the locator/id split protocols. I think all over= lay protocols can make use of a *network-layer* based database. And since se= curity has to be a number 1 priority requirement, we have to create somethin= g new. >=20 > When I say =E2=80=9Cnew=E2=80=9D, I mean to create an operational infrastr= ucture where the loc/id split control protocols can be deployed at scale. We= have an application level database, it is called DNS. We need a network-lay= er database. >=20 > I think people should view GRIDs not for what use-cases it can provide, bu= t how to define a deployment strategy for a network-layer database infrastru= cture for the use-cases that LISP, HIP, ILA, and ILNP *already* provide. >=20 > Dino >=20 >=20 > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas From nobody Fri Jul 21 03:39:44 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FE32129B7F for ; Fri, 21 Jul 2017 03:39:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dYyRA4L8pNyW for ; Fri, 21 Jul 2017 03:39:41 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BBAA1127337 for ; Fri, 21 Jul 2017 03:39:40 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DRR87815; Fri, 21 Jul 2017 10:39:38 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 21 Jul 2017 11:39:38 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Fri, 21 Jul 2017 03:39:32 -0700 From: Hesham ElBakoury To: Padma Pillay-Esnault CC: "ideas@ietf.org" , Dino Farinacci Thread-Topic: [Ideas] GRIDs is a necessary use-case for LISP and HIP Thread-Index: AQHTATifpc0wSeXhA0q0z7k98084GqJeBMuAgAB5tgD//5oa4A== Date: Fri, 21 Jul 2017 10:39:31 +0000 Message-ID: References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> <969B6680-CBFE-42DC-A3E5-514BB3B0D2D7@gmail.com> In-Reply-To: <969B6680-CBFE-42DC-A3E5-514BB3B0D2D7@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.210.166.206] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A0B0203.5971D9EB.003E, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 5050f42d8c7ab5068952218a8deb1ae8 Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Jul 2017 10:39:42 -0000 VGhhbmtzIFBhZG1hLA0KDQpJIGxvb2tlZCBhdCB0aGUgUFMgc2xpZGVzIGFuZCBub3cgSSBoYXZl IGJldHRlciB1bmRlcnN0YW5kaW5nIG9mIHRoZSBQUyBhbmQgSSBhZ3JlZSB3aXRoIHRoZSBhcHBy b2FjaCB3ZSB3aWxsIGJlIHVzaW5nIHRvIGFkZHJlc3MgDQpJREVBUyBjb250cm9sIHByb3RvY29s Lg0KDQpIZXNoYW0NCg0KLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206IElkZWFzIFtt YWlsdG86aWRlYXMtYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIFBhZG1hIFBpbGxheS1F c25hdWx0DQpTZW50OiBGcmlkYXksIEp1bHkgMjEsIDIwMTcgMjo0MyBBTQ0KVG86IEhlc2hhbSBF bEJha291cnkNCkNjOiBpZGVhc0BpZXRmLm9yZzsgRGlubyBGYXJpbmFjY2kNClN1YmplY3Q6IFJl OiBbSWRlYXNdIEdSSURzIGlzIGEgbmVjZXNzYXJ5IHVzZS1jYXNlIGZvciBMSVNQIGFuZCBISVAN Cg0KSGkgSGVzaGFtDQoNClBsZWFzZSBjaGVjayBzbGlkZXMgb2YgUFMgdGhhdCB3aWxsIGdpdmUg eW91IGJldHRlciBwZXJzcGVjdGl2ZS4NCg0KVGhhbmtzDQpQYWRtYQ0KDQpTZW50IGZyb20gbXkg aVBob25lDQoNCj4gT24gSnVsIDIxLCAyMDE3LCBhdCAxMToyOCwgSGVzaGFtIEVsQmFrb3VyeSA8 SGVzaGFtLkVsQmFrb3VyeUBodWF3ZWkuY29tPiB3cm90ZToNCj4gDQo+IEhpIERpbm8sDQo+IA0K PiBBcmUgeW91IHN1Z2dlc3RpbmcgdG8gdXNlIExJU1AvSElQIGNvbnRyb2wgcHJvdG9jb2wgZm9y IElERUFTID8NCj4gDQo+IFRoYW5rcw0KPiANCj4gSGVzaGFtDQo+IA0KPiAtLS0tLU9yaWdpbmFs IE1lc3NhZ2UtLS0tLQ0KPiBGcm9tOiBJZGVhcyBbbWFpbHRvOmlkZWFzLWJvdW5jZXNAaWV0Zi5v cmddIE9uIEJlaGFsZiBPZiBEaW5vIEZhcmluYWNjaQ0KPiBTZW50OiBUaHVyc2RheSwgSnVseSAy MCwgMjAxNyAyOjE0IEFNDQo+IFRvOiBpZGVhc0BpZXRmLm9yZw0KPiBTdWJqZWN0OiBbSWRlYXNd IEdSSURzIGlzIGEgbmVjZXNzYXJ5IHVzZS1jYXNlIGZvciBMSVNQIGFuZCBISVANCj4gDQo+IEFz IG9uZSBvZiB0aGUgb3JpZ2luYWwgY29hdXRob3JzIG9mIExJU1AsIEkganVzdCB3YW50IHRvIHNh eSB0aGUgSURFQXMgZWZmb3J0IHdpbGwgYmUgd2VsbCBzZXJ2ZWQgZm9yIHRoZSBsb2NhdG9yL2lk IHNwbGl0IHByb3RvY29scy4gSSB0aGluayBhbGwgb3ZlcmxheSBwcm90b2NvbHMgY2FuIG1ha2Ug dXNlIG9mIGEgKm5ldHdvcmstbGF5ZXIqIGJhc2VkIGRhdGFiYXNlLiBBbmQgc2luY2Ugc2VjdXJp dHkgaGFzIHRvIGJlIGEgbnVtYmVyIDEgcHJpb3JpdHkgcmVxdWlyZW1lbnQsIHdlIGhhdmUgdG8g Y3JlYXRlIHNvbWV0aGluZyBuZXcuDQo+IA0KPiBXaGVuIEkgc2F5IOKAnG5ld+KAnSwgSSBtZWFu IHRvIGNyZWF0ZSBhbiBvcGVyYXRpb25hbCBpbmZyYXN0cnVjdHVyZSB3aGVyZSB0aGUgbG9jL2lk IHNwbGl0IGNvbnRyb2wgcHJvdG9jb2xzIGNhbiBiZSBkZXBsb3llZCBhdCBzY2FsZS4gV2UgaGF2 ZSBhbiBhcHBsaWNhdGlvbiBsZXZlbCBkYXRhYmFzZSwgaXQgaXMgY2FsbGVkIEROUy4gV2UgbmVl ZCBhIG5ldHdvcmstbGF5ZXIgZGF0YWJhc2UuDQo+IA0KPiBJIHRoaW5rIHBlb3BsZSBzaG91bGQg dmlldyBHUklEcyBub3QgZm9yIHdoYXQgdXNlLWNhc2VzIGl0IGNhbiBwcm92aWRlLCBidXQgaG93 IHRvIGRlZmluZSBhIGRlcGxveW1lbnQgc3RyYXRlZ3kgZm9yIGEgbmV0d29yay1sYXllciBkYXRh YmFzZSBpbmZyYXN0cnVjdHVyZSBmb3IgdGhlIHVzZS1jYXNlcyB0aGF0IExJU1AsIEhJUCwgSUxB LCBhbmQgSUxOUCAqYWxyZWFkeSogcHJvdmlkZS4NCj4gDQo+IERpbm8NCj4gDQo+IA0KPiBfX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiBJZGVhcyBtYWls aW5nIGxpc3QNCj4gSWRlYXNAaWV0Zi5vcmcNCj4gaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1h bi9saXN0aW5mby9pZGVhcw0KPiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fXw0KPiBJZGVhcyBtYWlsaW5nIGxpc3QNCj4gSWRlYXNAaWV0Zi5vcmcNCj4gaHR0 cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9pZGVhcw0KDQpfX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KSWRlYXMgbWFpbGluZyBsaXN0DQpJ ZGVhc0BpZXRmLm9yZw0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9pZGVh cw0K From Parviz.Yegani@huawei.com Fri Jul 21 03:43:38 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8348912EB5D for ; Fri, 21 Jul 2017 03:43:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.22 X-Spam-Level: X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fnfSyCtnd_id for ; Fri, 21 Jul 2017 03:43:36 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 598B9127337 for ; Fri, 21 Jul 2017 03:43:36 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DRR88409; Fri, 21 Jul 2017 10:43:34 +0000 (GMT) Received: from SJCEML702-CHM.china.huawei.com (10.208.112.38) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 21 Jul 2017 11:43:33 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML702-CHM.china.huawei.com ([169.254.4.153]) with mapi id 14.03.0301.000; Fri, 21 Jul 2017 03:43:22 -0700 From: Parviz Yegani To: "Ideas@ietf.org" CC: Parviz Yegani Thread-Topic: This week's IDEAS BOF session Thread-Index: AdMCDinnVOIK9fnGTxOV2ETII2IXvQ== Date: Fri, 21 Jul 2017 10:43:22 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.212.247.73] Content-Type: multipart/alternative; boundary="_000_E360DEA4EB89C849AB315545F0663F43021EC196SJCEML703CHMchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020206.5971DAD6.0135, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 81fa8f170f2205c480fb33d35d508346 Archived-At: Subject: [Ideas] This week's IDEAS BOF session X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Jul 2017 10:46:15 -0000 --_000_E360DEA4EB89C849AB315545F0663F43021EC196SJCEML703CHMchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, This is to clarify the comments I made during the IDEAS BOF session on Wedn= esday. After talking to many people and having a chance to read through th= e problem statement draft and other related material I fully support the fo= rmation of the IDEAS WG. The goal of this working group should be primarily= to focus on formulating a framework to provide ID-based services for all I= D/LOC separation protocols. Numerous use cases are documented that are used= to clearly demonstrate the value of the protocols specified by this WG. Ag= ain, formation of such WG is highly recommended. Thank you Parviz ------- PARVIZ YEGANI, PhD Chief SDN/NFV Architect CTO Office, Cloud Network Solutions FutureWei Technologies, Inc. 2330 Central Express Way Santa Clara, CA 95050, USA Phone: +1 (408) 330-4668 Mobile : +1 (408) 759-1973 Parviz.Yegani@huawei.com --_000_E360DEA4EB89C849AB315545F0663F43021EC196SJCEML703CHMchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi,

 

This is to clarify the comments I made during the ID= EAS BOF session on Wednesday.  After talking to many people and having= a chance to read through the problem statement draft and other related mat= erial I fully support the formation of the IDEAS WG. The goal of this working group should be primarily to focus = on formulating a framework to provide ID-based services for all ID/LOC sepa= ration protocols. Numerous use cases are documented that are used to clearl= y demonstrate the value of the protocols specified by this WG. Again, formation of such WG is highly recommended.

 

Thank you

Parviz

 

-------

PARVIZ YEGANI, PhD =
Chief SDN/NFV Architect

CTO Office, Cloud Network S= olutions

 

FutureWei Technologies, = Inc.

2330 Central Express Way

Santa Clara, CA 95050, USA<= o:p>

Phone: +1 (408) 33= 0-4668

Mobile : +1 (408) 759-1= 973

Parviz.Yegani@huawei.com=

 

 

 

--_000_E360DEA4EB89C849AB315545F0663F43021EC196SJCEML703CHMchi_-- From nobody Fri Jul 21 18:13:00 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E481A126B71 for ; Fri, 21 Jul 2017 18:12:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.951 X-Spam-Level: X-Spam-Status: No, score=-0.951 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_12_24=1.049, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N5sVsBPfV8nI for ; Fri, 21 Jul 2017 18:12:58 -0700 (PDT) Received: from mail-pg0-x244.google.com (mail-pg0-x244.google.com [IPv6:2607:f8b0:400e:c05::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A36E1242F7 for ; Fri, 21 Jul 2017 18:12:58 -0700 (PDT) Received: by mail-pg0-x244.google.com with SMTP id v190so6521262pgv.1 for ; Fri, 21 Jul 2017 18:12:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=jcOuN79BSVBVrE/VhbSwhv4anoJj8ljl9Q7+SLZ2bIs=; b=vUGxy1iWppugY78gwk/WFZS5ECt/WJZuEtxtCzEX+CmX8GZiauVIWHTDN1X6H5loJw 3TmahJZViOKI8auWr8EqC75QmsDVNJQiJ4cJ/MzQ+iAiIiU/cFyHNZ8VrA/aFxeHiGzv GpeHEof8p58Dq8WDiZk0F/8NfRoqj4ZJG97nTphngMLvFcn6FunTxRnbOFtFvXXD5PB6 GO94uIhFHOr8Kt1rW5oSOqUnkJjIm1qLYaeiyGRQ7h+5IXoBtys7zA/j966KUuiRlC7t tQLQhFEKO5sHfgBFqxGS8iGuPfzyc479p8/dt0Pn8b0At6Goo8kvKPdgFSKLMiAsg3zJ WXFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=jcOuN79BSVBVrE/VhbSwhv4anoJj8ljl9Q7+SLZ2bIs=; b=gEQqA22sUAO8At0rfdXHwBIwvIApx8WgfdLycvCLPBzXeBc0UCgQNNd0k5E5nRxcrV duUDv1exivm5e5VRIc9vpiga8f6qkxL69xcSxu+2IFJU7grmbPqFXC9vLC/lezCRTYvE oDi9+9vxyNvGwDfENlNaFzqL/9Y3yy816efnY5LBXQFVCQf1p2cbuAzRDq5L5R0WYRJT /DzuCO2koljiaWjaE8VWDbOPvyKaPss6LhzLIf8jwId5Xbt0E6TOU9W41IDXykeEwjVw 2VH+UKGQBUG6agsNk5ArLn++Yf5K+lWehX/a/ZNB6miLkoekh7tVZKOC05BD5T1CHaM2 ArAQ== X-Gm-Message-State: AIVw1104xeT7ZTbiqaogo55+KWLFVU1D8sLiCZVJvLaKmRBvz9V0lJkq 5xsMQdO8aUfl8ilmmvo= X-Received: by 10.84.217.19 with SMTP id o19mr10181082pli.394.1500685977642; Fri, 21 Jul 2017 18:12:57 -0700 (PDT) Received: from ?IPv6:2600:380:465f:c7d0:8d29:f94:1ad:7600? ([2600:380:465f:c7d0:8d29:f94:1ad:7600]) by smtp.gmail.com with ESMTPSA id d24sm11289816pfk.43.2017.07.21.18.12.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jul 2017 18:12:56 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit From: Dino Farinacci Mime-Version: 1.0 (1.0) Date: Fri, 21 Jul 2017 13:04:52 +0100 Message-Id: <91D46758-C591-45E0-8A87-213137758934@gmail.com> References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> Cc: "ideas@ietf.org" In-Reply-To: To: Hesham ElBakoury X-Mailer: iPhone Mail (14F89) Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Jul 2017 01:12:59 -0000 > Are you suggesting to use LISP/HIP control protocol for IDEAS ? Well as a mature candidate, it should be considered. Dino From nobody Tue Jul 25 06:34:23 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7978D129A96 for ; Tue, 25 Jul 2017 06:34:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2rpuFnLE9em5 for ; Tue, 25 Jul 2017 06:34:17 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DF68131CBB for ; Tue, 25 Jul 2017 06:34:15 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 62C586214A; Tue, 25 Jul 2017 09:34:14 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id M2pwdYqqcHWj; Tue, 25 Jul 2017 09:34:03 -0400 (EDT) Received: from lx120e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 8F3ED621BB; Tue, 25 Jul 2017 09:33:47 -0400 (EDT) To: Jungha Hong , Dino Farinacci , "ideas@ietf.org" References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> From: Robert Moskowitz Message-ID: Date: Tue, 25 Jul 2017 09:33:46 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------8306814C405C91CF455A69C0" Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jul 2017 13:34:21 -0000 This is a multi-part message in MIME format. --------------8306814C405C91CF455A69C0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit I am just starting to go through the mails since the BOF. It will take a couple days, so please bare wtih me here. I both agree and disagree. There are three values we need to 'track' and have access via any of them: Identity: This is a higher layer value that generally tags an Entity but is not what is used in actual communication protocols. It is a label that generally defines the Entity and MAY be human understandable, or only machine understandable. There needs to be extensive policy control on who/what can see an Identity and gain access to the Identities meta data (like what services provided). Identifier: This is a communications label. It needs to be represented in a manner that aligns with communication protocols, but is not of necessity a part of every communication packet. Tight format is desirable and something that is 'well understood' by applications in working with communications. This is why I view a major Identifier format that of an IPv6 address. There is still policy around Identifier; primarily rights to query and Identifier and learn its Location, Identity, and meta data. Expect to see Identifiers embedded in protocols like FTP PASV and HTTP Redirects; thus the need of the Identifer to Identity and Location lookup. This retrieval should be quick, but not needs to be network speed. Location: This is an IP address of an Entity's Interface. It is how packets physically reach an Entity. the Identifier/Location is the portion that operates at the network and needs network performance optimization. But there can still be policy here; just because a packet is trageted to an Identifier does not give the Source automatic privileges to its Location. The lookup is fast, but gated. The Location/Identity pairing is again informational, not directly used in communications. All told, all query types need to work well and be policy gated. The Identifier to Location needs to be fast. All needs security and policy. We will get to working on the requirements for the system and well delineating the roles and such. Bob On 07/20/2017 11:10 AM, Jungha Hong wrote: > > Dear all, > > > I attended in the BoF yesterday and I agree with the Dino's comment > that we need a network-layer database. > > > Actually, in my project, we have desined and implemented a mapping > system between ID and locator(s) especially for supporting a flat > typed ID efficiently. It was designed as a network-layer database. > > > Thanks, > > Jungha Hong > > > ------------------------------------------------------------------------ > *보낸 사람 : *"Dino Farinacci" > *보낸 날짜 : *2017-07-20 18:14:24 ( +09:00 ) > *받는 사람 : *ideas@ietf.org > *참조 : * > *제목 : *[Ideas] GRIDs is a necessary use-case for LISP and HIP > > As one of the original coauthors of LISP, I just want to say the IDEAs > effort will be well served for the locator/id split protocols. I think > all overlay protocols can make use of a *network-layer* based > database. And since security has to be a number 1 priority > requirement, we have to create something new. > > When I say “new”, I mean to create an operational infrastructure where > the loc/id split control protocols can be deployed at scale. We have > an application level database, it is called DNS. We need a > network-layer database. > > I think people should view GRIDs not for what use-cases it can > provide, but how to define a deployment strategy for a network-layer > database infrastructure for the use-cases that LISP, HIP, ILA, and > ILNP *already* provide. > > Dino > > _______________________________________________ > > Ideas mailing list > > Ideas@ietf.org > > https://www.ietf.org/mailman/listinfo/ideas > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas --------------8306814C405C91CF455A69C0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit I am just starting to go through the mails since the BOF.  It will take a couple days, so please bare wtih me here.

I both agree and disagree.

There are three values we need to 'track' and have access via any of them:

Identity:  This is a higher layer value that generally tags an Entity but is not what is used in actual communication protocols.  It is a label that generally defines the Entity and MAY be human understandable, or only machine understandable.  There needs to be extensive policy control on who/what can see an Identity and gain access to the Identities meta data (like what services provided).

Identifier:  This is a communications label.  It needs to be represented in a manner that aligns with communication protocols, but is not of necessity a part of every communication packet.  Tight format is desirable and something that is 'well understood' by applications in working with communications.  This is why I view a major Identifier format that of an IPv6 address.  There is still policy around Identifier; primarily rights to query and Identifier and learn its Location, Identity, and meta data.  Expect to see Identifiers embedded in protocols like FTP PASV and HTTP Redirects; thus the need of the Identifer to Identity and Location lookup.  This retrieval should be quick, but not needs to be network speed.

Location:  This is an IP address of an Entity's Interface.  It is how packets physically reach an Entity.  the Identifier/Location is the portion that operates at the network and needs network performance optimization.  But there can still be policy here; just because a packet is trageted to an Identifier does not give the Source automatic privileges to its Location.  The lookup is fast, but gated.  The Location/Identity pairing is again informational, not directly used in communications.

All told, all query types need to work well and be policy gated.  The Identifier to Location needs to be fast.  All needs security and policy.

We will get to working on the requirements for the system and well delineating the roles and such.

Bob


On 07/20/2017 11:10 AM, Jungha Hong wrote:

Dear all,


I attended in the BoF yesterday and I agree with the Dino's comment that we need a network-layer database.


Actually, in my project, we have desined and implemented a mapping system between ID and locator(s) especially for supporting a flat typed ID efficiently. It was designed as a network-layer database.


Thanks,

Jungha Hong


 

 

보낸 사람 : "Dino Farinacci" <farinacci@gmail.com>
보낸 날짜 : 2017-07-20 18:14:24 ( +09:00 )
참조 :
제목 : [Ideas] GRIDs is a necessary use-case for LISP and HIP

 

As one of the original coauthors of LISP, I just want to say the IDEAs effort will be well served for the locator/id split protocols. I think all overlay protocols can make use of a *network-layer* based database. And since security has to be a number 1 priority requirement, we have to create something new.

 

 

When I say “new”, I mean to create an operational infrastructure where the loc/id split control protocols can be deployed at scale. We have an application level database, it is called DNS. We need a network-layer database.

 

 

I think people should view GRIDs not for what use-cases it can provide, but how to define a deployment strategy for a network-layer database infrastructure for the use-cases that LISP, HIP, ILA, and ILNP *already* provide.

 

 

Dino

 

 

 

_______________________________________________

 

Ideas mailing list

 

Ideas@ietf.org

 

https://www.ietf.org/mailman/listinfo/ideas

 



_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas

--------------8306814C405C91CF455A69C0-- From nobody Tue Jul 25 06:40:31 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 15266127869 for ; Tue, 25 Jul 2017 06:40:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.201 X-Spam-Level: X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eZzVITvV63V4 for ; Tue, 25 Jul 2017 06:40:28 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38F3A131C33 for ; Tue, 25 Jul 2017 06:40:28 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 431866215F; Tue, 25 Jul 2017 09:40:26 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id T+s020OeIdRf; Tue, 25 Jul 2017 09:40:20 -0400 (EDT) Received: from lx120e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 351396215B; Tue, 25 Jul 2017 09:40:20 -0400 (EDT) To: Erik Nordmark , Dino Farinacci , Erik Nordmark References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> Cc: ideas@ietf.org From: Robert Moskowitz Message-ID: <64c23c4e-b8c9-288c-d733-54a940e838b7@htt-consult.com> Date: Tue, 25 Jul 2017 09:40:19 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jul 2017 13:40:30 -0000 On 07/20/2017 11:12 AM, Erik Nordmark wrote: > On 07/20/2017 10:50 AM, Dino Farinacci wrote: >>> I understand the desire to provide good privacy by decoupling a >>> longer-lived identity from shorter lived and potentially in the >>> clear identifiers. >>> >>> But since the identifiers are used for the transport connection >>> identification, changing the identifier(s) used in an unlinkable way >>> means that the transport sessions would break. >>> >>> Seems like a tricky tradeoff. >> >> I believe we can have it both ways. >> >> If one wants ephemeral-EIDs, they are used for short-lived transport >> connections. If there will be long-lived transport connections, EIDs >> stay assigned to the node for a longer period of time but the >> encapsulated packets are encrypted. You can have one or both. You can >> get privacy either way. > > Yes, but when there is a potential combination of long-lived > connections and short-lived connections using different identifiers > that might provide the ability for an observer to link the different > identifiers together. A resourceful observer with the ability to > observe on many links and networks than then build up the collection > of identifiers which have been used by a single identity. > (Unlinkability is defined in rfc6973) > > One can avoid this linkability by changing all the identifiers (and > other things visible in the clear like MAC addresses) and the same > time as the locators are changing e.g. when the endpoint moves to a > new network/link, but that will break the long-lived connections that > are active when the change happens. > > Of course, one can encrypt the identifiers (e.g., by encrypting > everything but the outer IP header) in the data packets since only the > locators are needed for packet delivery. Here be lots of dragons. The performance cost of such an approach needs careful consideration. I am very interested in long-lived associations. The privacy implications of these are important and a way to link and change them will need to be worked out. In part, this is orthogonal to the basic mapping requirements. For example, I can define a chain of Identifiers such that the Endpoints understand the relationship, but not the eavesdropper. I prefer this to total encryption. Total encryption means total decryption before any decisions; a wonder target to attack. This is yet another reason to rethink HIT construction. I will attempt to do this in the next version of the Hierarchical HIT draft. Bob > > Erik > >> >> Also note, in LISP, one can use ephemeral-EIDs and still get >> crypto-based authentication using a crypto-EID for the sole purpose >> of sending Map-Registers and Map-Requests and not for transport >> connections. >> >> Dino >> >> > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > From nobody Tue Jul 25 08:57:03 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78220131D0E for ; Tue, 25 Jul 2017 08:57:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5dN4MCj5poiE for ; Tue, 25 Jul 2017 08:56:58 -0700 (PDT) Received: from mail-wr0-x236.google.com (mail-wr0-x236.google.com [IPv6:2a00:1450:400c:c0c::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CB05127058 for ; Tue, 25 Jul 2017 08:56:58 -0700 (PDT) Received: by mail-wr0-x236.google.com with SMTP id v105so90722501wrb.0 for ; Tue, 25 Jul 2017 08:56:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=AiHgsNA0xfU9qjc21NcFrbnzKb+M1RiMedAc4djnvqQ=; b=tyFnDg7j9nJsNeKIktvAda7NGqhX3rNhsAeHLuXgKdsIcGu6U/RKXYMQt/Mfpq2ucg rskYKw7+F2X319fbSwXTNlNIOurFK2oi7rQjObzBJl3uvuYupLHMNvY9YC62DKcJtg+2 YsnGGoaVhNMcZGaL7/N3jGFt4O0HPqUrhRMpN5ZFIy4fulpFCzilzcH/uSlJOXiOXQaG lJykRtz1lI9z52H902SbcVwNAhPoAA9RnenzDB3V40daEk1++n6O0u6A6fS/LHkFytjv xLMpkEvTB0V4h4RhVwoZrY06ive9tNMThbIqdiexA2BfyJZyQGa6zrF2CSkpIEIOq+GU f1jQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=AiHgsNA0xfU9qjc21NcFrbnzKb+M1RiMedAc4djnvqQ=; b=HBj9RsCY4TksOqdELOb9OHYQmbyzEZ/fOHWjeVDqt3om7sosSUWmAkPhSJmbpFBPPT /YtubAULhJYg9GRB4EKrbIaEcZDQjFqLzIKrRT157uXF8fznCQfqq8n5vYN0UVV0gBzD 91nmP0Lg6q3L5G990OlmzNd2ULG03BuWSeWPJrrHBe5n/8GJqFoR9Y1YsS2EruBmuFJF afVdOSTLWhu5UBHL5mxhXZnzHa7UW/1SdcWR4CTiBEECk8chLlCj6LhGxMGBMp0Bxi+f GwTfDMSY74GjcvYl9OkicbXtbl5/pdhl1XTefSZQv/o2FtzmDJSea+K/oR0W+BRhGhra st+w== X-Gm-Message-State: AIVw113IxZUBJQ/CIdSdXhpv+vX33HoMh665JspvdscK6VxXWuaxwd3t wxoRLau+0BllMAEPJqXO5yDUOeC6sA== X-Received: by 10.223.138.232 with SMTP id z37mr19630367wrz.66.1500998216637; Tue, 25 Jul 2017 08:56:56 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.167.10 with HTTP; Tue, 25 Jul 2017 08:56:56 -0700 (PDT) In-Reply-To: References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> From: Padma Pillay-Esnault Date: Tue, 25 Jul 2017 08:56:56 -0700 Message-ID: To: Robert Moskowitz Cc: Jungha Hong , Dino Farinacci , "ideas@ietf.org" Content-Type: multipart/alternative; boundary="001a1141247e82e33305552661e8" Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jul 2017 15:57:01 -0000 --001a1141247e82e33305552661e8 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Robert On Tue, Jul 25, 2017 at 6:33 AM, Robert Moskowitz wrote: > I am just starting to go through the mails since the BOF. It will take a > couple days, so please bare wtih me here. > > I will be going through a similar exercise this week to ensure we have much of the BOF information on the list. > I both agree and disagree. > > There are three values we need to 'track' and have access via any of them= : > > Identity: This is a higher layer value that generally tags an Entity but > is not what is used in actual communication protocols. It is a label tha= t > generally defines the Entity and MAY be human understandable, or only > machine understandable. There needs to be extensive policy control on > who/what can see an Identity and gain access to the Identities meta data > (like what services provided). > I would also add that this information should be protected if exchanged on the wire. > > Identifier: This is a communications label. It needs to be represented > in a manner that aligns with communication protocols, but is not of > necessity a part of every communication packet. Tight format is desirabl= e > and something that is 'well understood' by applications in working with > communications. This is why I view a major Identifier format that of an > IPv6 address. There is still policy around Identifier; primarily rights = to > query and Identifier and learn its Location, Identity, and meta data. > Expect to see Identifiers embedded in protocols like FTP PASV and HTTP > Redirects; thus the need of the Identifer to Identity and Location lookup= . > This retrieval should be quick, but not needs to be network speed. > > It should be clarified that it is possible to have policies and metadata tied to identity and identifier independently. We have not specifically discussed whether the identity policy applies or is inherited naturally to all its identifiers but that is a thought. > Location: This is an IP address of an Entity's Interface. It is how > packets physically reach an Entity. the Identifier/Location is the porti= on > that operates at the network and needs network performance optimization. > But there can still be policy here; just because a packet is trageted to = an > Identifier does not give the Source automatic privileges to its Location. > The lookup is fast, but gated. The Location/Identity pairing is again > informational, not directly used in communications. > > Isn't this policy just plain IP policies as we know it today? Would be preferable tp distinguish this from policy per se by calling it access control on look up .. There is a subtle difference between policy and the way lookup are gated or respond "unknown". It would be wise if the response is indistinguishable from "does not exist". > All told, all query types need to work well and be policy gated. The > Identifier to Location needs to be fast. All needs security and policy. > > agree > We will get to working on the requirements for the system and well > delineating the roles and such. > > Have you checked the requirements document yet? Thanks Padma > Bob > > > > On 07/20/2017 11:10 AM, Jungha Hong wrote: > > Dear all, > > > I attended in the BoF yesterday and I agree with the Dino's comment that > we need a network-layer database. > > > Actually, in my project, we have desined and implemented a mapping system > between ID and locator(s) especially for supporting a flat typed ID > efficiently. It was designed as a network-layer database. > > > Thanks, > > Jungha Hong > > > > > > ------------------------------ > *=EB=B3=B4=EB=82=B8 =EC=82=AC=EB=9E=8C : *"Dino Farinacci" > *=EB=B3=B4=EB=82=B8 =EB=82=A0=EC=A7=9C : *2017-07-20 18:14:24 ( +09:00 ) > *=EB=B0=9B=EB=8A=94 =EC=82=AC=EB=9E=8C : *ideas@ietf.org = > *=EC=B0=B8=EC=A1=B0 : * > *=EC=A0=9C=EB=AA=A9 : *[Ideas] GRIDs is a necessary use-case for LISP and= HIP > > > As one of the original coauthors of LISP, I just want to say the IDEAs > effort will be well served for the locator/id split protocols. I think al= l > overlay protocols can make use of a *network-layer* based database. And > since security has to be a number 1 priority requirement, we have to crea= te > something new. > > > > > When I say =E2=80=9Cnew=E2=80=9D, I mean to create an operational infrast= ructure where the > loc/id split control protocols can be deployed at scale. We have an > application level database, it is called DNS. We need a network-layer > database. > > > > > I think people should view GRIDs not for what use-cases it can provide, > but how to define a deployment strategy for a network-layer database > infrastructure for the use-cases that LISP, HIP, ILA, and ILNP *already* > provide. > > > > > Dino > > > > > > > _______________________________________________ > > > Ideas mailing list > > > Ideas@ietf.org > > > https://www.ietf.org/mailman/listinfo/ideas > > > > > _______________________________________________ > Ideas mailing listIdeas@ietf.orghttps://www.ietf.org/mailman/listinfo/ide= as > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > > --001a1141247e82e33305552661e8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Robert



On Tue, Jul 25, 2017 at 6:33 AM, Rob= ert Moskowitz <rgm-ietf@htt-consult.com> wrote:
=20 =20 =20
I am just starting to go through the mails since the BOF.=C2=A0 It will take a couple days, so please bare wtih me here.


I will be going through a si= milar exercise this week to ensure we have much of the BOF information on t= he list.
=C2=A0
I both agree and disagree.

There are three values we need to 'track' and have access via a= ny of them:

Identity:=C2=A0 This is a higher layer value that generally tags an Entity but is not what is used in actual communication protocols.=C2=A0 It is a label that generally defines the Entity and MAY be human understandable, or only machine understandable.=C2=A0 There needs to be extensive policy control on who/what can see an Identity and gain access to the Identities meta data (like what services provided).

I would also add that this information= should be protected if exchanged on the wire.
=C2=A0

Identifier:=C2=A0 This is a communications label.=C2=A0 It needs to be represented in a manner that aligns with communication protocols, but is not of necessity a part of every communication packet.=C2=A0 Tig= ht format is desirable and something that is 'well understood' by applications in working with communications.=C2=A0 This is why I view a major Identifier format that of an IPv6 address.=C2=A0 There is still policy around Identifier; primarily rights to query and Identifier and learn its Location, Identity, and meta data.=C2=A0 Expect to see Identifiers embedded in protocols like FTP PASV and HTTP Redirects; thus the need of the Identifer to Identity and Location lookup.=C2=A0 This retrieval should be quick, but not needs to be network speed.


It should be clarified that = it is possible to have policies and metadata tied to identity and identifie= r independently. We have not specifically discussed whether the identity po= licy applies or is inherited naturally to all its identifiers but that is a= thought.

=C2=A0
Location:=C2=A0 This is an IP address of an Entity's Interface.=C2= =A0 It is how packets physically reach an Entity.=C2=A0 the Identifier/Location i= s the portion that operates at the network and needs network performance optimization.=C2=A0 But there can still be policy here; jus= t because a packet is trageted to an Identifier does not give the Source automatic privileges to its Location.=C2=A0 The lookup is fast, but gated.=C2=A0 The Location/Identity pairing is again informational, not directly used in communications.


Isn't this policy just p= lain IP policies as we know it today?

Would be pre= ferable tp distinguish this from policy per se by calling it access control= on look up .. There is a subtle difference between policy and the way look= up are gated or respond "unknown". It would be wise if the respon= se is indistinguishable from "does not exist".

=C2=A0
All told, all query types need to work well and be policy gated.=C2=A0 The Identifier to Location needs to be fast.=C2=A0 All needs security a= nd policy.


agree
=C2=A0
=
We will get to working on the requirements for the system and well delineating the roles and such.


Have you checked the require= ments document yet?=C2=A0

Thanks
Padma= =C2=A0
Bob



On 07/20/2017 11:1= 0 AM, Jungha Hong wrote:
=20

Dear all,


I attended in the=C2=A0BoF yesterday and=C2=A0I=C2=A0agree with the=C2= =A0Dino's comment that we need a network-layer database.


Actually, in my project, we=C2=A0have desined and implemented a mappi= ng system between ID and locator(s) especially for supporting a=C2=A0flat typed ID efficiently. It was designe= d as a network-layer database.


Thanks,

Jungha Hong


=C2=A0

=C2=A0

=EB=B3=B4=EB=82=B8 =EC=82=AC=EB=9E=8C : "D= ino Farinacci" <farinacci@gmail.c= om>
=EB=B3=B4=EB=82=B8 =EB=82=A0=EC=A7=9C : 2017-07= -20 18:14:24 ( +09:00 )
=EB=B0=9B=EB=8A=94 =EC=82=AC=EB=9E=8C : ideas@ietf.org <ideas@ietf.org>=
=EC=B0=B8=EC=A1=B0 :
=EC=A0=9C=EB=AA=A9 : [Ideas] GRIDs is a necessa= ry use-case for LISP and HIP

=C2=A0

As one of the original coauthors of LISP, I just want to say the IDEAs effort will be well served for the locator/id split protocols. I think all overlay protocols can make use of a *network-layer* based database. And since security has to be a number 1 priority requirement, we have to create something new.

=C2=A0

=C2=A0

When I say =E2=80=9Cnew=E2=80=9D, I mean to create an opera= tional infrastructure where the loc/id split control protocols can be deployed at scale. We have an application level database, it is called DNS. We need a network-layer database.

=C2=A0

=C2=A0

I think people should view GRIDs not for what use-cases it can provide, but how to define a deployment strategy for a network-layer database infrastructure for the use-cases that LISP, HIP, ILA, and ILNP *already* provide.

=C2=A0

=C2=A0

Dino

=C2=A0

=C2=A0

=C2=A0

_______________________________________________

=C2=A0

Ideas mailing list

=C2=A0

Ideas@ietf.org

=C2=A0

https:= //www.ietf.org/mailman/listinfo/ideas

=C2=A0



_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/m=
ailman/listinfo/ideas


_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas


--001a1141247e82e33305552661e8-- From nobody Tue Jul 25 10:16:42 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 682A1131E2A for ; Tue, 25 Jul 2017 10:16:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YWm6YPuC64iD for ; Tue, 25 Jul 2017 10:16:39 -0700 (PDT) Received: from mail-pg0-x231.google.com (mail-pg0-x231.google.com [IPv6:2607:f8b0:400e:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C340131E25 for ; Tue, 25 Jul 2017 10:16:39 -0700 (PDT) Received: by mail-pg0-x231.google.com with SMTP id y129so72694578pgy.4 for ; Tue, 25 Jul 2017 10:16:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=GJV2o4Y1gMnUDYyFqlse1YNBCUKkhESt2bYJ/2LbXIA=; b=BoXuRf2uxGreTBBZpJUWudqkiX/VSDt/25BoRskLCoH+MRMH4VJX6flnrlcJQVs6CE pW39TcjzjPQ97Rrinsio0BiWFmTCv9UZe+D40nsCboZ7El5Emh7gFwIPN3D7KxgS/xOV MbdnRJ3lvIEN1Hq6OR41sH6AgU3J29ozFWDJ5dF73sKOn9rfVBGExr4slAHVr0MIoYzY ubdS7Op1EbEQcFucq+qkjjmLjppc3VjCWXzTWJ+OoL3nim4/N6mliCVkhfVZJyP4EOEL U6os4gar8Z0NU4fNZJuVccoWM3bG+gPac1LIrDjypdm1jiyohkg868RRl1f8C3jGoCkF aGpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=GJV2o4Y1gMnUDYyFqlse1YNBCUKkhESt2bYJ/2LbXIA=; b=Z5RQOi1IilxP1NYQYtbnWdzyeMnVx2hIbiXPzhCYjhH5sXzZYgdi7E4/4cYpb3o3T2 +KKPhHAk6KRr4sK+lNMRGXL7IhLSsprIfsxg44vKBQTOAuHN+kgwxUnJvyx84AxSfeWK LJ9jktDprEq/pt5MEXWCuNED9iSwZuLcH68heKw3y6jo66QX5nsMFNLRjbj4X3ZDYxn5 XSNkFdtpd0LEl4YBvAY8mBCtxcbAhprHOh8cS38QKqUpfKsUi7S6c3WtlRAwl80ryU0e uHjh5ZdoFPodSTlx8I3x6W/544xtoTfb/qT9vxBZiqSlk/nhyajF2ViSMgBT1Kha4vGP VuiA== X-Gm-Message-State: AIVw110gZizQshEcKsqgEaTkvOcoq1Q4xp15TlZBW8jL4Sauu1E/hVHb x5P00EvOw1+82g== X-Received: by 10.99.3.149 with SMTP id 143mr10468098pgd.99.1501002998713; Tue, 25 Jul 2017 10:16:38 -0700 (PDT) Received: from [10.197.31.157] (173-11-119-245-SFBA.hfc.comcastbusiness.net. [173.11.119.245]) by smtp.gmail.com with ESMTPSA id v9sm4653807pgo.39.2017.07.25.10.16.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 25 Jul 2017 10:16:37 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: Date: Tue, 25 Jul 2017 10:16:37 -0700 Cc: Jungha Hong , "ideas@ietf.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: <09C20ABD-4367-49B9-9B94-E8FADD022B66@gmail.com> To: Robert Moskowitz X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] GRIDs is a necessary use-case for LISP and HIP X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jul 2017 17:16:41 -0000 Bob, I can go along with your definition but with one reservation, the = statement "but is not of necessity a part of every communication = packet=E2=80=9D. I think the language may be too strong.=20 Because if this is not necessary then what would go in an IPv6 header, = regardless if there were one or two headers in the packet (i.e. = considering no encap versus encap, respectively).=20 You might be saying that if locators are placed in the IPv6 header, then = what identifies a transport connection can be something in the transport = header (TP4 had T-selector, HIP could use API, etc). Is this what your = getitng at? Dino > On Jul 25, 2017, at 6:33 AM, Robert Moskowitz = wrote: >=20 > I am just starting to go through the mails since the BOF. It will = take a couple days, so please bare wtih me here. >=20 > I both agree and disagree. >=20 > There are three values we need to 'track' and have access via any of = them: >=20 > Identity: This is a higher layer value that generally tags an Entity = but is not what is used in actual communication protocols. It is a = label that generally defines the Entity and MAY be human understandable, = or only machine understandable. There needs to be extensive policy = control on who/what can see an Identity and gain access to the = Identities meta data (like what services provided). >=20 > Identifier: This is a communications label. It needs to be = represented in a manner that aligns with communication protocols, but is = not of necessity a part of every communication packet. Tight format is = desirable and something that is 'well understood' by applications in = working with communications. This is why I view a major Identifier = format that of an IPv6 address. There is still policy around = Identifier; primarily rights to query and Identifier and learn its = Location, Identity, and meta data. Expect to see Identifiers embedded = in protocols like FTP PASV and HTTP Redirects; thus the need of the = Identifer to Identity and Location lookup. This retrieval should be = quick, but not needs to be network speed. >=20 > Location: This is an IP address of an Entity's Interface. It is how = packets physically reach an Entity. the Identifier/Location is the = portion that operates at the network and needs network performance = optimization. But there can still be policy here; just because a packet = is trageted to an Identifier does not give the Source automatic = privileges to its Location. The lookup is fast, but gated. The = Location/Identity pairing is again informational, not directly used in = communications. >=20 > All told, all query types need to work well and be policy gated. The = Identifier to Location needs to be fast. All needs security and policy. >=20 > We will get to working on the requirements for the system and well = delineating the roles and such. >=20 > Bob >=20 >=20 > On 07/20/2017 11:10 AM, Jungha Hong wrote: >> Dear all, >>=20 >> I attended in the BoF yesterday and I agree with the Dino's comment = that we need a network-layer database. >>=20 >> Actually, in my project, we have desined and implemented a mapping = system between ID and locator(s) especially for supporting a flat typed = ID efficiently. It was designed as a network-layer database. >>=20 >> Thanks, >> Jungha Hong >>=20 >> =20 >> =20 >> =EB=B3=B4=EB=82=B8 =EC=82=AC=EB=9E=8C : "Dino Farinacci" = >> =EB=B3=B4=EB=82=B8 =EB=82=A0=EC=A7=9C : 2017-07-20 18:14:24 ( +09:00 = ) >> =EB=B0=9B=EB=8A=94 =EC=82=AC=EB=9E=8C : ideas@ietf.org = >> =EC=B0=B8=EC=A1=B0 : >> =EC=A0=9C=EB=AA=A9 : [Ideas] GRIDs is a necessary use-case for LISP = and HIP >> =20 >> As one of the original coauthors of LISP, I just want to say the = IDEAs effort will be well served for the locator/id split protocols. I = think all overlay protocols can make use of a *network-layer* based = database. And since security has to be a number 1 priority requirement, = we have to create something new. >> =20 >> =20 >> When I say =E2=80=9Cnew=E2=80=9D, I mean to create an operational = infrastructure where the loc/id split control protocols can be deployed = at scale. We have an application level database, it is called DNS. We = need a network-layer database. >> =20 >> =20 >> I think people should view GRIDs not for what use-cases it can = provide, but how to define a deployment strategy for a network-layer = database infrastructure for the use-cases that LISP, HIP, ILA, and ILNP = *already* provide. >> =20 >> =20 >> Dino >> =20 >> =20 >> =20 >> _______________________________________________ >> =20 >> Ideas mailing list >> =20 >> Ideas@ietf.org >> =20 >> https://www.ietf.org/mailman/listinfo/ideas >> =20 >>=20 >>=20 >> _______________________________________________ >> Ideas mailing list >>=20 >> Ideas@ietf.org >> https://www.ietf.org/mailman/listinfo/ideas >=20 From nobody Tue Jul 25 10:25:06 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85915131CB1 for ; Tue, 25 Jul 2017 10:25:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DYJ5TpsZ3WQX for ; Tue, 25 Jul 2017 10:25:03 -0700 (PDT) Received: from mail-pf0-x242.google.com (mail-pf0-x242.google.com [IPv6:2607:f8b0:400e:c00::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 316AF129AC4 for ; Tue, 25 Jul 2017 10:25:03 -0700 (PDT) Received: by mail-pf0-x242.google.com with SMTP id 1so5283008pfi.3 for ; Tue, 25 Jul 2017 10:25:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=IvRMcC4JRw+yS5lYhQnD0qLaSvLksaq2EtLwSzQtOzA=; b=vC1REvZP3d1WTy6F9a/DbpmCMktJP8YOKsWGTwtdNr5ee19kEcb4DN3eVmGdXExlp1 D3BVqE3LK0xRCssndJylN7qiOc1sqi+sYcbmzYRC33cMx1rI9xeEJ+RbCA/nzxQe6Ksn kkALhi0oNIuMgqObRqyBnd6EqhpfpvjXgq6MBFCJNX/s8aVC2ljEO8UOdEd7gI0KbDey oLPf/Dz5h0PpkCyJqTTqcP2ChrMBO/DTFIHCf5iIVnjO9vzFdEcAgHJsBBY66FuIqn53 Y3zMqHby/kVlqEP5m0tMJpUcE5zvlnosy43or7jLLcvXwF3X+BDSHDD1aqEIoTgIB52g aP5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=IvRMcC4JRw+yS5lYhQnD0qLaSvLksaq2EtLwSzQtOzA=; b=oJflHk++ux3IZtL3gF9WTurBBjv5SGhcE07+hpPaug2dnIQb7HSa2VfEMLOIsub56J yXwmCdTYCJkc7CxWkiDrzCP+br5xJDyMW5YR5CMLTFnVR7C7bUtmATaWXFfQSHM2Hb2z KwR1m2/l+uSlcFo8kdg5jKHktYM6OuFjpi6nMFP4tpWlXd7Jc+jUNt21MyLD7tqEfODE OX6hj2UvCA/5F1FnQAYhmGoyHH905kQxfpe0OEnB6cgZY1kTTLR0pDGEcRDjiTqloO5f qLhEeEJcoG/VWX0etAVuNo78SoXDKz5UPUzwWAtd7JeEEltoniiz9EiFO1hwwG4l96aY mtvQ== X-Gm-Message-State: AIVw110z/w9chsJ+uYnTbrO9cz2tqujRFUkdJchb3f3s813ZTqhD732y rCBfjZ/s/L1Bsw== X-Received: by 10.84.171.132 with SMTP id l4mr22679299plb.175.1501003502884; Tue, 25 Jul 2017 10:25:02 -0700 (PDT) Received: from [10.197.31.157] (173-11-119-245-SFBA.hfc.comcastbusiness.net. [173.11.119.245]) by smtp.gmail.com with ESMTPSA id v9sm23574940pfi.115.2017.07.25.10.25.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 25 Jul 2017 10:25:00 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: <64c23c4e-b8c9-288c-d733-54a940e838b7@htt-consult.com> Date: Tue, 25 Jul 2017 10:25:00 -0700 Cc: Erik Nordmark , Erik Nordmark , ideas@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> <64c23c4e-b8c9-288c-d733-54a940e838b7@htt-consult.com> To: Robert Moskowitz X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jul 2017 17:25:05 -0000 > I am very interested in long-lived associations. =20 But with possible re-key occuring during the association? > For example, I can define a chain of Identifiers such that the = Endpoints understand the relationship, but not the eavesdropper. I = prefer this to total encryption. =20 This is interesting Bob. Is the chain stored but not accessible by = anyone but the endpoints that use the chain? Does the chain need to be = encrypted while it is at rest? > Total encryption means total decryption before any decisions; a wonder = target to attack. Very good point. Dino From nobody Tue Jul 25 11:23:48 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1F6C131463 for ; Tue, 25 Jul 2017 11:23:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yDjTa27LI9Ip for ; Tue, 25 Jul 2017 11:23:46 -0700 (PDT) Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B75D8129B2A for ; Tue, 25 Jul 2017 11:23:45 -0700 (PDT) Received: by mail-wm0-x232.google.com with SMTP id c184so59316178wmd.0 for ; Tue, 25 Jul 2017 11:23:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=alC5tYjVwLU/+/GxrikNvMcfRy0PxephjjNOoXsQSzw=; b=dGNzFwYGIkChgnGDqCq3TblT4VkX7GMeVhKi5qhSQ1jZ7JSS4XGG8j8DNXLVmaC7uJ JO7rkslB58MKoFCrQS8OUYcgKbUnYWwvMqOR/FRHL/FnuS00tYy6kpZT27gXs8uVO8bp 1g5nP5nLFsuuES04/scg4qaP4m4/cXDgwhuEarUufD+EtxNcyuPneYyZENT/yiu8kT4D 8THz17hR3FNBndYAmIxO0/Ujp20/3WgKFUNCa4njTTCxTTwTfkd52yB90RwJQ9MTWzY+ 6SLnR5TenT6RmcaxNrZysvt04nUSbGBGzsQh2DsFADv9mrIbUgh5gCyMaZwgrKs5Jy+3 jFag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=alC5tYjVwLU/+/GxrikNvMcfRy0PxephjjNOoXsQSzw=; b=I6d5iB4dachI4jeXc/Q4D7gEgC64SVQJwzcBY2eGxOqHXi9dP0YHL00117pICIsLAv z7709nPdi9p+4rOsuFM3EWwEqBKZpt+DaKWl9rSCDVH1IcFMIF7ozHeJ+rIHBvZvtOJb kILMtKM6Iqc7KHHl+BMFUqaN+meTo3AOHf8l/+uedQ1vYlFl1M+6RBcIqxgq3L6obclx hDVg8D8TaVFzJZO1E3ZAbrK8MjoAuFG8o+YdAUQKcq2GhEokDalInJ3Bz7jdKq6uDEI/ DGU42uhvUiY/7A5rb1ctk6223l7z/9ULFowIFanDbQYlpJ4wCgR5q8z/AKED+awhY+p0 NmNg== X-Gm-Message-State: AIVw111cktwgBpC0QR3XP1A+hawxj6+kpn+yTNtnzL8HXO2BOOvViIsq 9W/42krytOC5zqffFPnZKI+9/Zdg2gIn X-Received: by 10.28.109.146 with SMTP id b18mr9127918wmi.34.1501007024114; Tue, 25 Jul 2017 11:23:44 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.128.66 with HTTP; Tue, 25 Jul 2017 11:23:43 -0700 (PDT) In-Reply-To: <64c23c4e-b8c9-288c-d733-54a940e838b7@htt-consult.com> References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> <64c23c4e-b8c9-288c-d733-54a940e838b7@htt-consult.com> From: Tom Herbert Date: Tue, 25 Jul 2017 11:23:43 -0700 Message-ID: To: Robert Moskowitz Cc: Erik Nordmark , Dino Farinacci , Erik Nordmark , ideas@ietf.org Content-Type: text/plain; charset="UTF-8" Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jul 2017 18:23:48 -0000 On Tue, Jul 25, 2017 at 6:40 AM, Robert Moskowitz wrote: > > > On 07/20/2017 11:12 AM, Erik Nordmark wrote: >> >> On 07/20/2017 10:50 AM, Dino Farinacci wrote: >>>> >>>> I understand the desire to provide good privacy by decoupling a >>>> longer-lived identity from shorter lived and potentially in the clear >>>> identifiers. >>>> >>>> But since the identifiers are used for the transport connection >>>> identification, changing the identifier(s) used in an unlinkable way means >>>> that the transport sessions would break. >>>> >>>> Seems like a tricky tradeoff. >>> >>> >>> I believe we can have it both ways. >>> >>> If one wants ephemeral-EIDs, they are used for short-lived transport >>> connections. If there will be long-lived transport connections, EIDs stay >>> assigned to the node for a longer period of time but the encapsulated >>> packets are encrypted. You can have one or both. You can get privacy either >>> way. >> >> >> Yes, but when there is a potential combination of long-lived connections >> and short-lived connections using different identifiers that might provide >> the ability for an observer to link the different identifiers together. A >> resourceful observer with the ability to observe on many links and networks >> than then build up the collection of identifiers which have been used by a >> single identity. (Unlinkability is defined in rfc6973) >> >> One can avoid this linkability by changing all the identifiers (and other >> things visible in the clear like MAC addresses) and the same time as the >> locators are changing e.g. when the endpoint moves to a new network/link, >> but that will break the long-lived connections that are active when the >> change happens. >> >> Of course, one can encrypt the identifiers (e.g., by encrypting everything >> but the outer IP header) in the data packets since only the locators are >> needed for packet delivery. > > > Here be lots of dragons. The performance cost of such an approach needs > careful consideration. > > I am very interested in long-lived associations. The privacy implications > of these are important and a way to link and change them will need to be > worked out. In part, this is orthogonal to the basic mapping requirements. > For example, I can define a chain of Identifiers such that the Endpoints > understand the relationship, but not the eavesdropper. I prefer this to But, again that doesn't solve the problem that there could be things in plain text that are easily used to match packets to the same flow even if IP addresses change on every packet for the flow. If the goal is to prevent associations between packets for long lived flows then all the methods by which and attacker could make associations need to be considered. If we don't consider that then all the work to dynamically change addresses for a flow could be for naught. Tom From nobody Tue Jul 25 17:55:04 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C19F132190 for ; Tue, 25 Jul 2017 17:55:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 98WFBlbwlVVb for ; Tue, 25 Jul 2017 17:55:01 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F08F13218E for ; Tue, 25 Jul 2017 17:54:59 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml706-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DLH51037; Wed, 26 Jul 2017 00:54:56 +0000 (GMT) Received: from DGGEMI404-HUB.china.huawei.com (10.3.17.142) by lhreml706-cah.china.huawei.com (10.201.108.47) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 26 Jul 2017 01:54:56 +0100 Received: from DGGEMI506-MBX.china.huawei.com ([169.254.4.184]) by dggemi404-hub.china.huawei.com ([10.3.17.142]) with mapi id 14.03.0301.000; Wed, 26 Jul 2017 08:54:49 +0800 From: "Liubingyang (Bryan)" To: Tom Herbert , Robert Moskowitz CC: Erik Nordmark , "ideas@ietf.org" , Erik Nordmark , Dino Farinacci Thread-Topic: [Ideas] Identity/identifier and session continuity Thread-Index: AQHTASrPbmmgv53xoECk50q5dEY1b6Jb4iaAgABqfgCAB8IGgIAATy6AgADzCiA= Date: Wed, 26 Jul 2017 00:54:48 +0000 Message-ID: References: <3e7d1bda-0847-36d6-b6e2-a98de1f8bf04@acm.org> <747af64c-87e9-f338-1448-3f461c6e8e21@sonic.net> <64c23c4e-b8c9-288c-d733-54a940e838b7@htt-consult.com> In-Reply-To: Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.130.168.116] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090204.5977E861.0078, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.184, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 50d608f62ee62fccf5ec10041abf919e Archived-At: Subject: Re: [Ideas] Identity/identifier and session continuity X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jul 2017 00:55:03 -0000 > -----Original Message----- > From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Tom Herbert > Sent: Wednesday, July 26, 2017 2:24 AM > To: Robert Moskowitz > Cc: Erik Nordmark ; ideas@ietf.org; Erik Nordmark > ; Dino Farinacci > Subject: Re: [Ideas] Identity/identifier and session continuity >=20 > On Tue, Jul 25, 2017 at 6:40 AM, Robert Moskowitz > wrote: > > > > > > On 07/20/2017 11:12 AM, Erik Nordmark wrote: > >> > >> On 07/20/2017 10:50 AM, Dino Farinacci wrote: > >>>> > >>>> I understand the desire to provide good privacy by decoupling a > >>>> longer-lived identity from shorter lived and potentially in the > >>>> clear identifiers. > >>>> > >>>> But since the identifiers are used for the transport connection > >>>> identification, changing the identifier(s) used in an unlinkable > >>>> way means that the transport sessions would break. > >>>> > >>>> Seems like a tricky tradeoff. > >>> > >>> > >>> I believe we can have it both ways. > >>> > >>> If one wants ephemeral-EIDs, they are used for short-lived transport > >>> connections. If there will be long-lived transport connections, EIDs > >>> stay assigned to the node for a longer period of time but the > >>> encapsulated packets are encrypted. You can have one or both. You > >>> can get privacy either way. > >> > >> > >> Yes, but when there is a potential combination of long-lived > >> connections and short-lived connections using different identifiers > >> that might provide the ability for an observer to link the different > >> identifiers together. A resourceful observer with the ability to > >> observe on many links and networks than then build up the collection > >> of identifiers which have been used by a single identity. > >> (Unlinkability is defined in rfc6973) > >> > >> One can avoid this linkability by changing all the identifiers (and > >> other things visible in the clear like MAC addresses) and the same > >> time as the locators are changing e.g. when the endpoint moves to a > >> new network/link, but that will break the long-lived connections that > >> are active when the change happens. > >> > >> Of course, one can encrypt the identifiers (e.g., by encrypting > >> everything but the outer IP header) in the data packets since only > >> the locators are needed for packet delivery. > > > > > > Here be lots of dragons. The performance cost of such an approach > > needs careful consideration. > > > > I am very interested in long-lived associations. The privacy > > implications of these are important and a way to link and change them > > will need to be worked out. In part, this is orthogonal to the basic m= apping > requirements. > > For example, I can define a chain of Identifiers such that the > > Endpoints understand the relationship, but not the eavesdropper. I > > prefer this to >=20 > But, again that doesn't solve the problem that there could be things in p= lain > text that are easily used to match packets to the same flow even if IP > addresses change on every packet for the flow. If the goal is to prevent > associations between packets for long lived flows then all the methods by > which and attacker could make associations need to be considered. If we d= on't > consider that then all the work to dynamically change addresses for a flo= w > could be for naught. Yes, but I don't think it is worse than today's IP.=20 Bingyang >=20 > Tom >=20 > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas From nobody Thu Jul 27 02:44:50 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04EE7131FB7 for ; Thu, 27 Jul 2017 02:44:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qqPwWMQLZLSk for ; Thu, 27 Jul 2017 02:44:47 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8AF51200ED for ; Thu, 27 Jul 2017 02:44:46 -0700 (PDT) Received: from 172.18.7.190 (EHLO LHREML712-CAH.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSD45396; Thu, 27 Jul 2017 09:44:44 +0000 (GMT) Received: from DGGEMI403-HUB.china.huawei.com (10.3.17.136) by LHREML712-CAH.china.huawei.com (10.201.108.35) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 27 Jul 2017 10:44:44 +0100 Received: from DGGEMI506-MBX.china.huawei.com ([169.254.4.184]) by dggemi403-hub.china.huawei.com ([10.3.17.136]) with mapi id 14.03.0301.000; Thu, 27 Jul 2017 17:44:05 +0800 From: "Liubingyang (Bryan)" To: "ideas@ietf.org" Thread-Topic: Can identity directly link with IP address? Thread-Index: AdMGvFKeZP1DJNf1R2+EIq8k2KkoEA== Date: Thu, 27 Jul 2017 09:44:04 +0000 Message-ID: Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.47.105.248] Content-Type: multipart/alternative; boundary="_000_C1CE72EE84AF224E94DA21AE134209EE01A18FE2DGGEMI506MBXchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090205.5979B60D.0039, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.184, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 976df427484057fbcb125ef25ce420f5 Archived-At: Subject: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 09:44:49 -0000 --_000_C1CE72EE84AF224E94DA21AE134209EE01A18FE2DGGEMI506MBXchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi all, The current model seems like identity---identifier---locator, and identity = is bound with ID/Loc protocols. Do you think identity can directly link to IP address, i.e., identity---IP = address, and be applied to the "legacy" IPv4/IPv6 without identifiers as in= termediate? Bingyang (Bryan) --_000_C1CE72EE84AF224E94DA21AE134209EE01A18FE2DGGEMI506MBXchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi all,

 

The current model seems like id= entity---identifier---locator, and identity is bound with ID/Loc protocols.

Do you think identity can direc= tly link to IP address, i.e., identity---IP address, and be applied to the = “legacy” IPv4/IPv6 without identifiers as intermediate?

 

Bingyang (Bryan)

--_000_C1CE72EE84AF224E94DA21AE134209EE01A18FE2DGGEMI506MBXchi_-- From nobody Thu Jul 27 03:11:03 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65EAC129B30 for ; Thu, 27 Jul 2017 03:11:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V2zLgf2iVlSm for ; Thu, 27 Jul 2017 03:10:57 -0700 (PDT) Received: from mx03.uni-tuebingen.de (mx03.uni-tuebingen.de [134.2.5.213]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CEB713191D for ; Thu, 27 Jul 2017 03:10:57 -0700 (PDT) Received: from [134.2.11.131] (chaos.informatik.uni-tuebingen.de [134.2.11.131]) by mx03.uni-tuebingen.de (Postfix) with ESMTPSA id BCDA680C49; Thu, 27 Jul 2017 12:10:55 +0200 (CEST) To: "Liubingyang (Bryan)" References: From: Michael Menth Cc: "ideas@ietf.org" Message-ID: Date: Thu, 27 Jul 2017 12:11:11 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 10:11:01 -0000 Dear Bingyang, all, good point! You essentially propose a more flexible mapping between identity and identifiers. I think it generally makes sense that the new mapping system with access control is not limited to the currently three obvious layers identity-identifier-locator, but follows a more flexible identifier->identifier mapping, whereby an identity is a special identifier. There may be use cases where identity->identity may make sense, e.g., mapping of a user to its devices. This would also allow identity->locator which would be helpful to support ID-networking w/ legacy IPv4/v6 but w/o loc/ID split. Regards, Michael Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): > Hi all, > > > > The current model seems like identity---identifier---locator, and > identity is bound with ID/Loc protocols. > > Do you think identity can directly link to IP address, i.e., > identity---IP address, and be applied to the legacy IPv4/IPv6 without > identifiers as intermediate? > > > > Bingyang (Bryan) > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > -- Prof. Dr. habil. Michael Menth University of Tuebingen Faculty of Science Department of Computer Science Chair of Communication Networks Sand 13, 72076 Tuebingen, Germany phone: (+49)-7071/29-70505 fax: (+49)-7071/29-5220 mailto:menth@uni-tuebingen.de http://kn.inf.uni-tuebingen.de From nobody Thu Jul 27 10:02:43 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AC74131FEC for ; Thu, 27 Jul 2017 10:02:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xgGz3EROK2cw for ; Thu, 27 Jul 2017 10:02:39 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0259E131CFE for ; Thu, 27 Jul 2017 10:02:30 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml701-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DLK67495; Thu, 27 Jul 2017 17:02:27 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml701-cah.china.huawei.com (10.201.108.42) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 27 Jul 2017 18:02:26 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Thu, 27 Jul 2017 10:02:13 -0700 From: Alexander Clemm To: Michael Menth , "Liubingyang (Bryan)" CC: "ideas@ietf.org" Thread-Topic: [Ideas] Can identity directly link with IP address? Thread-Index: AdMGvFKeZP1DJNf1R2+EIq8k2KkoEAAPwWSAAACGzCA= Date: Thu, 27 Jul 2017 17:02:12 +0000 Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.48.112] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.597A1CA4.0266, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 1734ba477ae20b7c46dab7c8062861fb Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 17:02:41 -0000 Yes, in principle possible. =20 The question is only, who will actually know the identity. In general, end= points will be referred to by an identifier by other parties. I would envi= sion that other parties may "know" other endpoints by public identifiers, b= ut not by their actual identity (by which they would be authenticated to GR= IDS). So, while a mapping system might be designed with flexibility for su= ch queries in mind, I don't think supporting it would be a requirement - ce= rtainly not initially. =20 I am not sure I would go to multiple tiers of identities. It's a possibili= ty, but it would raise additional issues if we were to get into the realm o= f personal identities (as opposed to endpoint identities). So, IMHO we may= want to stay clear of this. =20 --- Alex -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth Sent: Thursday, July 27, 2017 3:11 AM To: Liubingyang (Bryan) Cc: ideas@ietf.org Subject: Re: [Ideas] Can identity directly link with IP address? Dear Bingyang, all, good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible identifier->identifier mapping, whereby an identity is a special identifier. There may be use cases where identity->identity may make sense, e.g., mapping of a user to its devices. This would also allow identity->locator which would be helpful to support I= D-networking w/ legacy IPv4/v6 but w/o loc/ID split. Regards, Michael Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): > Hi all, >=20 > =20 >=20 > The current model seems like identity---identifier---locator, and=20 > identity is bound with ID/Loc protocols. >=20 > Do you think identity can directly link to IP address, i.e.,=20 > identity---IP address, and be applied to the "legacy" IPv4/IPv6=20 > without identifiers as intermediate? >=20 > =20 >=20 > Bingyang (Bryan) >=20 >=20 >=20 > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas >=20 -- Prof. Dr. habil. Michael Menth University of Tuebingen Faculty of Science Department of Computer Science Chair of Communication Networks Sand 13, 72076 Tuebingen, Germany phone: (+49)-7071/29-70505 fax: (+49)-7071/29-5220 mailto:menth@uni-tuebingen.de http://kn.inf.uni-tuebingen.de _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas From nobody Thu Jul 27 10:40:49 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEE29132072 for ; Thu, 27 Jul 2017 10:40:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.22 X-Spam-Level: X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d_QBWgUI-kzz for ; Thu, 27 Jul 2017 10:40:46 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 004A0132073 for ; Thu, 27 Jul 2017 10:40:45 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSE19183; Thu, 27 Jul 2017 17:40:41 +0000 (GMT) Received: from DGGEMI404-HUB.china.huawei.com (10.3.17.142) by lhreml705-cah.china.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 27 Jul 2017 18:40:40 +0100 Received: from DGGEMI506-MBX.china.huawei.com ([169.254.4.184]) by dggemi404-hub.china.huawei.com ([10.3.17.142]) with mapi id 14.03.0301.000; Fri, 28 Jul 2017 01:40:28 +0800 From: "Liubingyang (Bryan)" To: Alexander Clemm , Michael Menth CC: "ideas@ietf.org" Thread-Topic: RE: [Ideas] Can identity directly link with IP address? Thread-Index: AQHTBv9vspWTChBCFEir+TKtBwdZkg== Date: Thu, 27 Jul 2017 17:40:27 +0000 Message-ID: References: , <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: Content-Type: multipart/alternative; boundary="_000_C1CE72EE84AF224E94DA21AE134209EE01A199FADGGEMI506MBXchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.597A259A.007B, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.184, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: bf4c800574e6ad87672f0e3d43c5c846 Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 17:40:49 -0000 --_000_C1CE72EE84AF224E94DA21AE134209EE01A199FADGGEMI506MBXchi_ Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable Hi Alex Sorry I don't get it. Why what you "know" should be what you link with iden= tity? And what if I just "know" your ip ? ----------------------------------------------Bingyang Liu M: +86-15810795994 E: liubingyang@huawei.com 2012 Laboratories-NG IP Network Laboratory,2012Labs From: Alexander Clemm To: Michael Menth>;Li= ubingyang (Bryan)> Cc: ideas@ietf.org Subject: RE: [Ideas] Can identity directly link with IP address? Time: 2017-07-28 01:02:24 Yes, in principle possible. The question is only, who will actually know the identity. In general, end= points will be referred to by an identifier by other parties. I would envi= sion that other parties may "know" other endpoints by public identifiers, b= ut not by their actual identity (by which they would be authenticated to GR= IDS). So, while a mapping system might be designed with flexibility for su= ch queries in mind, I don't think supporting it would be a requirement - ce= rtainly not initially. I am not sure I would go to multiple tiers of identities. It's a possibili= ty, but it would raise additional issues if we were to get into the realm o= f personal identities (as opposed to endpoint identities). So, IMHO we may= want to stay clear of this. --- Alex -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth Sent: Thursday, July 27, 2017 3:11 AM To: Liubingyang (Bryan) Cc: ideas@ietf.org Subject: Re: [Ideas] Can identity directly link with IP address? Dear Bingyang, all, good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible identifier->identifier mapping, whereby an identity is a special identifier. There may be use cases where identity->identity may make sense, e.g., mapping of a user to its devices. This would also allow identity->locator which would be helpful to support I= D-networking w/ legacy IPv4/v6 but w/o loc/ID split. Regards, Michael Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): > Hi all, > > > > The current model seems like identity---identifier---locator, and > identity is bound with ID/Loc protocols. > > Do you think identity can directly link to IP address, i.e., > identity---IP address, and be applied to the =1B$B!H=1B(Blegacy=1B$B!I=1B= (B IPv4/IPv6 > without identifiers as intermediate? > > > > Bingyang (Bryan) > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > -- Prof. Dr. habil. Michael Menth University of Tuebingen Faculty of Science Department of Computer Science Chair of Communication Networks Sand 13, 72076 Tuebingen, Germany phone: (+49)-7071/29-70505 fax: (+49)-7071/29-5220 mailto:menth@uni-tuebingen.de http://kn.inf.uni-tuebingen.de _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas --_000_C1CE72EE84AF224E94DA21AE134209EE01A199FADGGEMI506MBXchi_ Content-Type: text/html; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable
Hi Alex

Sorry I don't get it. Why what you = "know" should be what you link with=  identity? And what if I just "know= " your ip ?


----------------------------------------------Bingyang Liu
M: +86-15810795994  
E: liubingyang@huawei.com
2012 Laboratories-NG IP Network Laboratory,2012Labs

From: Alexander Clemm
Subject: RE: [Ideas] Can identity directly link with IP address= ?
Time: 2017-07-28 01:02:24

Yes, in principle possible. 

The question is only, who will actually know the identity.  In general= , endpoints will be referred to by an identifier by other parties.  I = would envision that other parties may "know" other endpoints by p= ublic identifiers, but not by their actual identity (by which they would be authenticated to GRIDS).  So, while a mapping= system might be designed with flexibility for such queries in mind, I don'= t think supporting it would be a requirement - certainly not initially.&nbs= p;

I am not sure I would go to multiple tiers of identities.  It's a poss= ibility, but it would raise additional issues if we were to get into the re= alm of personal identities (as opposed to endpoint identities).  So, I= MHO we may want to stay clear of this. 

--- Alex

-----Original Message-----
From: Ideas [mailto:ideas-bounces= @ietf.org] On Behalf Of Michael Menth
Sent: Thursday, July 27, 2017 3:11 AM
To: Liubingyang (Bryan) <liubingyang@huawei.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] Can identity directly link with IP address?

Dear Bingyang, all,

good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible
identifier->identifier mapping, whereby an identity is a special
identifier. There may be use cases where
identity->identity may make sense, e.g., mapping of a user to its device= s.
This would also allow identity->locator which would be helpful to suppor= t ID-networking w/ legacy IPv4/v6 but w/o loc/ID split.

Regards,

Michael

Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan):
> Hi all,
>

>
> The current model seems like identity---identifier---locator, and
> identity is bound with ID/Loc protocols.
>
> Do you think identity can directly link to IP address, i.e.,
> identity---IP address, and be applied to the =1B$B!H=1B(Blegacy=1B$B!I= =1B(B IPv4/IPv6
> without identifiers as intermediate?
>

>
> Bingyang (Bryan)
>
>
>
> _______________________________________________
> Ideas mailing list
> Ideas@ietf.org
> https://www.ie= tf.org/mailman/listinfo/ideas
>

--
Prof. Dr. habil. Michael Menth
University of Tuebingen
Faculty of Science
Department of Computer Science
Chair of Communication Networks
Sand 13, 72076 Tuebingen, Germany
phone: (+49)-7071/29-70505
fax: (+49)-7071/29-5220
mailto:menth@uni-tuebingen.de=
http://kn.inf.uni-tuebingen.de

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.or= g/mailman/listinfo/ideas
 --_000_C1CE72EE84AF224E94DA21AE134209EE01A199FADGGEMI506MBXchi_-- From nobody Thu Jul 27 11:22:17 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA7D41320B1 for ; Thu, 27 Jul 2017 11:22:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6yq5xOoJDrb6 for ; Thu, 27 Jul 2017 11:22:14 -0700 (PDT) Received: from mail-pg0-x22f.google.com (mail-pg0-x22f.google.com [IPv6:2607:f8b0:400e:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80A551320AF for ; Thu, 27 Jul 2017 11:22:14 -0700 (PDT) Received: by mail-pg0-x22f.google.com with SMTP id v190so101145326pgv.2 for ; Thu, 27 Jul 2017 11:22:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=rgfzwoEWZlmBQDPIsoFM0i320t8Mj5PBTam3J2iQ93s=; b=rxiYC4SCtz0RC47k+xfUDWC3Vgp6jOC5/O6CP+eJhTjXTVFrlsY97CV0HwCjbxNgpA Z3HMjJfN27lqyIqWjcOK6u09zljdxvYtV9klzUsIq9wrEcbzgV//RZ0hZSLV8I001vJ7 BbJmbN7RWOqoOWV6oRYaAoS9Wb+4bc6b14nncU/AhVektZBsxQaA1m07p5q5Ud5VYewm ddMYKy1AEM8VBIAL73jRq+EpY2J6ADhV60+6NqWfLgdaWfy9e76DPY35vOtL4cGlNvoG FJhvincUHQisbBs7Sd092UjaCAqQEhmmaEj+a3OOfQUMqbfs2NHw7yM3yJFvTJEnaaYT RFIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=rgfzwoEWZlmBQDPIsoFM0i320t8Mj5PBTam3J2iQ93s=; b=Fh/7T+LyOK163kqhYpfoF0is9c7W4b2e07HR++wD5LgSgtBBt8Qew6/BCkCNL5krZ3 xiLwh3+eZiCo3qwQTle52+hAd7Omf4Amf7QP5HhsffwbjFsx/CvEsBqXaSEU7MWJQiCA U96pDAJ/hlk+gBB3F3DFylLIxoLx9ayv04hTYV24Dk1vZDyh7nb8ZZJt3i4HT6Xp+n8u A3EQQBLrwE0gtzwiMMUmRV1+Es5NM89hZZaztGPsSMw9/cNLmM8kRu/n3yn0UG2dzAct o/zjFCU/uP2MrGFqwTDKcVlicxO7teKHhzBjnYjGM0160TVwRBH3kYfFd7fhakh7ftlk 9FFA== X-Gm-Message-State: AIVw113lv6CEGsW1OZqypS1/W88NdbKHh+TEfKoVfO5lGPolY25QP0pR IxJDytUOMR0qa7ow52M= X-Received: by 10.98.65.86 with SMTP id o83mr4881160pfa.117.1501179734177; Thu, 27 Jul 2017 11:22:14 -0700 (PDT) Received: from [10.197.31.157] (173-11-119-245-SFBA.hfc.comcastbusiness.net. [173.11.119.245]) by smtp.gmail.com with ESMTPSA id h70sm13320819pfh.132.2017.07.27.11.22.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 27 Jul 2017 11:22:13 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: Date: Thu, 27 Jul 2017 11:22:12 -0700 Cc: "ideas@ietf.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: To: "Liubingyang (Bryan)" X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 18:22:16 -0000 > The current model seems like identity---identifier---locator, and = identity is bound with ID/Loc protocols. > Do you think identity can directly link to IP address, i.e., = identity---IP address, and be applied to the =E2=80=9Clegacy=E2=80=9D = IPv4/IPv6 without identifiers as intermediate? Yes, because an IP address in today=E2=80=99s Internet is a locator. Note, the LISP mapping system can support: identity -> EID identity -> RLOC identity -> identity EID -> RLOC EID -> replication-list of RLOCs (LCAF RLE) EID -> service-chain of EIDs or RLOCs (LCAF ELP) Where identity and EID can come in many different address forms = including JSON strings. Dino From nobody Thu Jul 27 12:02:01 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64A68132161 for ; Thu, 27 Jul 2017 12:01:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.22 X-Spam-Level: X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oKXFRuBEAB62 for ; Thu, 27 Jul 2017 12:01:56 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA6B21320EB for ; Thu, 27 Jul 2017 12:01:45 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml708-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSE26702; Thu, 27 Jul 2017 19:01:40 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml708-cah.china.huawei.com (10.201.108.49) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 27 Jul 2017 20:01:39 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Thu, 27 Jul 2017 12:01:26 -0700 From: Alexander Clemm To: "Liubingyang (Bryan)" , Michael Menth CC: "ideas@ietf.org" Thread-Topic: RE: [Ideas] Can identity directly link with IP address? Thread-Index: AdMGvFKeZP1DJNf1R2+EIq8k2KkoEAAPwWSAAACGzCAADyn2gAAMENtQ Date: Thu, 27 Jul 2017 19:01:25 +0000 Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> References: , <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.48.147] Content-Type: multipart/alternative; boundary="_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0SJCEML703CHMchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.597A3895.0312, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 650425dff0f87bcb4c0d2406d2d6d8d3 Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 19:01:59 -0000 --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0SJCEML703CHMchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Bingyang, You need to be able to refer to another endpoint, so you need to know at le= ast one of its identifiers in order to send it traffic. But, I don't need= to know your identity (in the narrower sense of IDEAS). To use an analogy= , I can send you an email using your identifier liubingyang@huawei.com, but I don't need to know your birth certificate= and passport number to assert your identity, nor would I expect providing = those to send you email. Cheers --- Alex From: Liubingyang (Bryan) Sent: Thursday, July 27, 2017 10:40 AM To: Alexander Clemm ; Michael Menth Cc: ideas@ietf.org Subject: Re: RE: [Ideas] Can identity directly link with IP address? Hi Alex Sorry I don't get it. Why what you "know" should be what you link with iden= tity? And what if I just "know" your ip ? ----------------------------------------------Bingyang Liu M: +86-15810795994 E: liubingyang@huawei.com 2012 Laboratories-NG IP Network Laboratory,2012Labs From: Alexander Clemm To: Michael Menth>;Li= ubingyang (Bryan)> Cc: ideas@ietf.org Subject: RE: [Ideas] Can identity directly link with IP address? Time: 2017-07-28 01:02:24 Yes, in principle possible. The question is only, who will actually know the identity. In general, end= points will be referred to by an identifier by other parties. I would envi= sion that other parties may "know" other endpoints by public identifiers, b= ut not by their actual identity (by which they would be authenticated to GR= IDS). So, while a mapping system might be designed with flexibility for su= ch queries in mind, I don't think supporting it would be a requirement - ce= rtainly not initially. I am not sure I would go to multiple tiers of identities. It's a possibili= ty, but it would raise additional issues if we were to get into the realm o= f personal identities (as opposed to endpoint identities). So, IMHO we may= want to stay clear of this. --- Alex -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth Sent: Thursday, July 27, 2017 3:11 AM To: Liubingyang (Bryan) > Cc: ideas@ietf.org Subject: Re: [Ideas] Can identity directly link with IP address? Dear Bingyang, all, good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible identifier->identifier mapping, whereby an identity is a special identifier. There may be use cases where identity->identity may make sense, e.g., mapping of a user to its devices. This would also allow identity->locator which would be helpful to support I= D-networking w/ legacy IPv4/v6 but w/o loc/ID split. Regards, Michael Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): > Hi all, > > > > The current model seems like identity---identifier---locator, and > identity is bound with ID/Loc protocols. > > Do you think identity can directly link to IP address, i.e., > identity---IP address, and be applied to the "legacy" IPv4/IPv6 > without identifiers as intermediate? > > > > Bingyang (Bryan) > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > -- Prof. Dr. habil. Michael Menth University of Tuebingen Faculty of Science Department of Computer Science Chair of Communication Networks Sand 13, 72076 Tuebingen, Germany phone: (+49)-7071/29-70505 fax: (+49)-7071/29-5220 mailto:menth@uni-tuebingen.de http://kn.inf.uni-tuebingen.de _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas --_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0SJCEML703CHMchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Bingyan= g,

 = ;

You need t= o be able to refer to another endpoint, so you need to know at least one of= its identifiers in order to send it traffic.   But, I don’t need to know your identity (in the narrower sense= of IDEAS).  To use an analogy, I can send you an email using your ide= ntifier liubingyang@huawei.com, but I= don’t need to know your birth certificate and passport number to ass= ert your identity, nor would I expect providing those to send you email.&nb= sp;   

 = ;

Cheers

--- Alex

 = ;

From: Liubingyang (Bryan)
Sent: Thursday, July 27, 2017 10:40 AM
To: Alexander Clemm <alexander.clemm@huawei.com>; Michael Ment= h <menth@uni-tuebingen.de>
Cc: ideas@ietf.org
Subject: Re: RE: [Ideas] Can identity directly link with IP address?=

 

Hi Alex

Sorry I don't get it. Why what you = "know" should be what you link with=  identity? And what if I just "know= " your ip ?


----------------------------------------------Bingyang Liu
M: +86-15810795994  
E: liubingyang@huawei.com
2012 Laboratories-NG IP Network Laboratory,2012Labs

From: Alexander Clemm

Subject: RE: [Ideas] Can identity direct= ly link with IP address?

Time: 2017-07-28 01:02:24<= /span>

 

Yes, in principle p= ossible. 

The question is only, who will actually know the identity.  In general= , endpoints will be referred to by an identifier by other parties.  I = would envision that other parties may "know" other endpoints by p= ublic identifiers, but not by their actual identity (by which they would be authenticated to GRIDS).  So, while a mapping= system might be designed with flexibility for such queries in mind, I don'= t think supporting it would be a requirement - certainly not initially.&nbs= p;

I am not sure I would go to multiple tiers of identities.  It's a poss= ibility, but it would raise additional issues if we were to get into the re= alm of personal identities (as opposed to endpoint identities).  So, I= MHO we may want to stay clear of this. 

--- Alex

-----Original Message-----
From: Ideas [mailto:ideas-bounces= @ietf.org] On Behalf Of Michael Menth
Sent: Thursday, July 27, 2017 3:11 AM
To: Liubingyang (Bryan) <liubi= ngyang@huawei.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] Can identity directly link with IP address?

Dear Bingyang, all,

good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible
identifier->identifier mapping, whereby an identity is a special
identifier. There may be use cases where
identity->identity may make sense, e.g., mapping of a user to its device= s.
This would also allow identity->locator which would be helpful to suppor= t ID-networking w/ legacy IPv4/v6 but w/o loc/ID split.

Regards,

Michael

Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan):
> Hi all,
>

>
> The current model seems like identity---identifier---locator, and
> identity is bound with ID/Loc protocols.
>
> Do you think identity can directly link to IP address, i.e.,
> identity---IP address, and be applied to the “legacy” IPv4= /IPv6
> without identifiers as intermediate?
>

>
> Bingyang (Bryan)
>
>
>
> _______________________________________________
> Ideas mailing list
> Ideas@ietf.org
> https://www.ie= tf.org/mailman/listinfo/ideas
>

--
Prof. Dr. habil. Michael Menth
University of Tuebingen
Faculty of Science
Department of Computer Science
Chair of Communication Networks
Sand 13, 72076 Tuebingen, Germany
phone: (+49)-7071/29-70505
fax: (+49)-7071/29-5220
mailto:menth@uni-tuebingen.de=
http://kn.inf.uni-tuebingen.de

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.or= g/mailman/listinfo/ideas

--_000_644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0SJCEML703CHMchi_-- From nobody Thu Jul 27 12:08:14 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1483A12EC2B for ; Thu, 27 Jul 2017 12:08:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.22 X-Spam-Level: X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5eZSqI38Y1Yw for ; Thu, 27 Jul 2017 12:08:09 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2D17131D04 for ; Thu, 27 Jul 2017 12:08:08 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DLK79557; Thu, 27 Jul 2017 19:08:06 +0000 (GMT) Received: from SJCEML703-CHM.china.huawei.com (10.208.112.39) by lhreml705-cah.china.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 27 Jul 2017 20:08:05 +0100 Received: from SJCEML702-CHM.china.huawei.com ([169.254.4.153]) by SJCEML703-CHM.china.huawei.com ([169.254.5.240]) with mapi id 14.03.0301.000; Thu, 27 Jul 2017 12:07:53 -0700 From: Padmadevi Pillay Esnault To: Alexander Clemm , "Liubingyang (Bryan)" , Michael Menth CC: "ideas@ietf.org" , Padmadevi Pillay Esnault Thread-Topic: [Ideas] Can identity directly link with IP address? Thread-Index: AdMGvFKeZP1DJNf1R2+EIq8k2KkoEAAPwWSAAACGzCAADyn2gAAMENtQABfRnQA= Date: Thu, 27 Jul 2017 19:07:53 +0000 Message-ID: References: , <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.200.171.251] Content-Type: multipart/alternative; boundary="_000_EC7A99B9A59C1B4695037EEB5036666B026FBA5BSJCEML702CHMchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.597A3A16.02DC, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.153, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 1734ba477ae20b7c46dab7c8062861fb Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 19:08:12 -0000 --_000_EC7A99B9A59C1B4695037EEB5036666B026FBA5BSJCEML702CHMchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Alex and all Just a comment here ... These analogies tie to a person .... I would rather say something like you= r contract# perhaps. My 2 cts Padma From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Alexander Clemm Sent: Thursday, July 27, 2017 12:01 PM To: Liubingyang (Bryan); Michael Menth Cc: ideas@ietf.org Subject: Re: [Ideas] Can identity directly link with IP address? Hi Bingyang, You need to be able to refer to another endpoint, so you need to know at le= ast one of its identifiers in order to send it traffic. But, I don't need= to know your identity (in the narrower sense of IDEAS). To use an analogy= , I can send you an email using your identifier liubingyang@huawei.com, but I don't need to know your birth certificate= and passport number to assert your identity, nor would I expect providing = those to send you email. Cheers --- Alex From: Liubingyang (Bryan) Sent: Thursday, July 27, 2017 10:40 AM To: Alexander Clemm ; Michael Menth Cc: ideas@ietf.org Subject: Re: RE: [Ideas] Can identity directly link with IP address? Hi Alex Sorry I don't get it. Why what you "know" should be what you link with iden= tity? And what if I just "know" your ip ? ----------------------------------------------Bingyang Liu M: +86-15810795994 E: liubingyang@huawei.com 2012 Laboratories-NG IP Network Laboratory,2012Labs From: Alexander Clemm To: Michael Menth>;Li= ubingyang (Bryan)> Cc: ideas@ietf.org Subject: RE: [Ideas] Can identity directly link with IP address? Time: 2017-07-28 01:02:24 Yes, in principle possible. The question is only, who will actually know the identity. In general, end= points will be referred to by an identifier by other parties. I would envi= sion that other parties may "know" other endpoints by public identifiers, b= ut not by their actual identity (by which they would be authenticated to GR= IDS). So, while a mapping system might be designed with flexibility for su= ch queries in mind, I don't think supporting it would be a requirement - ce= rtainly not initially. I am not sure I would go to multiple tiers of identities. It's a possibili= ty, but it would raise additional issues if we were to get into the realm o= f personal identities (as opposed to endpoint identities). So, IMHO we may= want to stay clear of this. --- Alex -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth Sent: Thursday, July 27, 2017 3:11 AM To: Liubingyang (Bryan) > Cc: ideas@ietf.org Subject: Re: [Ideas] Can identity directly link with IP address? Dear Bingyang, all, good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible identifier->identifier mapping, whereby an identity is a special identifier. There may be use cases where identity->identity may make sense, e.g., mapping of a user to its devices. This would also allow identity->locator which would be helpful to support I= D-networking w/ legacy IPv4/v6 but w/o loc/ID split. Regards, Michael Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): > Hi all, > > > > The current model seems like identity---identifier---locator, and > identity is bound with ID/Loc protocols. > > Do you think identity can directly link to IP address, i.e., > identity---IP address, and be applied to the "legacy" IPv4/IPv6 > without identifiers as intermediate? > > > > Bingyang (Bryan) > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > -- Prof. Dr. habil. Michael Menth University of Tuebingen Faculty of Science Department of Computer Science Chair of Communication Networks Sand 13, 72076 Tuebingen, Germany phone: (+49)-7071/29-70505 fax: (+49)-7071/29-5220 mailto:menth@uni-tuebingen.de http://kn.inf.uni-tuebingen.de _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas --_000_EC7A99B9A59C1B4695037EEB5036666B026FBA5BSJCEML702CHMchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Alex and all

 <= /p>

Just a comment here ̷= 0;

These analogies tie to a = person ….  I would rather say something like your contract# perh= aps.

 <= /p>

My 2 cts

Padma

 <= /p>

From: Ideas [m= ailto:ideas-bounces@ietf.org] On Behalf Of Alexander Clemm
Sent: Thursday, July 27, 2017 12:01 PM
To: Liubingyang (Bryan); Michael Menth
Cc: ideas@ietf.org
Subject: Re: [Ideas] Can identity directly link with IP address?

 

Hi Bingyang,

 <= /p>

You need to be able to re= fer to another endpoint, so you need to know at least one of its identifier= s in order to send it traffic.   But, I don’t need to know your identity (in the narrower sense of IDEAS).  To use an analogy, I= can send you an email using your identifier liubingyang@huawei.com, but I= don’t need to know your birth certificate and passport number to ass= ert your identity, nor would I expect providing those to send you email.&nb= sp;   

 <= /p>

Cheers<= /p>

--- Alex

 <= /p>

From: Liubin= gyang (Bryan)
Sent: Thursday, July 27, 2017 10:40 AM
To: Alexander Clemm <alexander.clemm@huawei.com>; Michael Ment= h <menth@uni-tuebingen.de>
Cc: ideas@ietf.org
Subject: Re: RE: [Ideas] Can identity directly link with IP address?=

 

Hi Alex

Sorry I don't get it. Why what you = "know" should be what you link with=  identity? And what if I just "know= " your ip ?


----------------------------------------------Bingyang Liu
M: +86-15810795994  
E: liubingyang@huawei.com
2012 Laboratories-NG IP Network Laboratory,2012Labs

From: Alexander Clemm

Subject: RE: [Ideas] Can identity direct= ly link with IP address?

Time: 2017-07-28 01:02:24<= /span>

 

Yes, in principle p= ossible. 

The question is only, who will actually know the identity.  In general= , endpoints will be referred to by an identifier by other parties.  I = would envision that other parties may "know" other endpoints by p= ublic identifiers, but not by their actual identity (by which they would be authenticated to GRIDS).  So, while a mapping= system might be designed with flexibility for such queries in mind, I don'= t think supporting it would be a requirement - certainly not initially.&nbs= p;

I am not sure I would go to multiple tiers of identities.  It's a poss= ibility, but it would raise additional issues if we were to get into the re= alm of personal identities (as opposed to endpoint identities).  So, I= MHO we may want to stay clear of this. 

--- Alex

-----Original Message-----
From: Ideas [mailto:ideas-bounces= @ietf.org] On Behalf Of Michael Menth
Sent: Thursday, July 27, 2017 3:11 AM
To: Liubingyang (Bryan) <liubi= ngyang@huawei.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] Can identity directly link with IP address?

Dear Bingyang, all,

good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible
identifier->identifier mapping, whereby an identity is a special
identifier. There may be use cases where
identity->identity may make sense, e.g., mapping of a user to its device= s.
This would also allow identity->locator which would be helpful to suppor= t ID-networking w/ legacy IPv4/v6 but w/o loc/ID split.

Regards,

Michael

Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan):
> Hi all,
>

>
> The current model seems like identity---identifier---locator, and
> identity is bound with ID/Loc protocols.
>
> Do you think identity can directly link to IP address, i.e.,
> identity---IP address, and be applied to the “= legacy IPv4/IPv6
> without identifiers as intermediate?
>

>
> Bingyang (Bryan)
>
>
>
> _______________________________________________
> Ideas mailing list
> Ideas@ietf.org
> https://www.ie= tf.org/mailman/listinfo/ideas
>

--
Prof. Dr. habil. Michael Menth
University of Tuebingen
Faculty of Science
Department of Computer Science
Chair of Communication Networks
Sand 13, 72076 Tuebingen, Germany
phone: (+49)-7071/29-70505
fax: (+49)-7071/29-5220
mailto:menth@uni-tuebingen.de=
http://kn.inf.uni-tuebingen.de

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.or= g/mailman/listinfo/ideas

--_000_EC7A99B9A59C1B4695037EEB5036666B026FBA5BSJCEML702CHMchi_-- From nobody Thu Jul 27 13:01:45 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BBC1131E5F for ; Thu, 27 Jul 2017 13:01:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gnaO8AJXUVzb for ; Thu, 27 Jul 2017 13:01:40 -0700 (PDT) Received: from mail-wr0-x244.google.com (mail-wr0-x244.google.com [IPv6:2a00:1450:400c:c0c::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FE77131E36 for ; Thu, 27 Jul 2017 13:01:40 -0700 (PDT) Received: by mail-wr0-x244.google.com with SMTP id o33so17622898wrb.1 for ; Thu, 27 Jul 2017 13:01:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=bQxVP+yOiwD7ksRvWwSKa+iwOTz7uGKdxuq+uZPMu5U=; b=ZIKo5XDeJooGC97tsP5rmGQW008Yinz9vv+2l3TYF2XU4mzfFLvZ/A+amsAQaxYb+L DE/c8it15qJuV/Fo8xaj/H5Zj10qZYl3zzmAcayrnGAV0sEMVzyapZWBlunc5f68c921 olYBOmCR0PsYy2cE8teYyP6bDfRc0pHpCGiXughuJuz4XN/hgEcxj+jZJVmvM7ewUITK luOPsdUZuWCF4odig7fbZE2/qdt7g/LdOh+xpaAJCaSpTYTYxLh0YsnuUptj3tGKAekt EH57btvwhWblS3w7aIMAzwVexUjDt+Gfl/jDtTpr9dOqUNmSkQ9QtmeCCBagzoVZaLYG t3jQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=bQxVP+yOiwD7ksRvWwSKa+iwOTz7uGKdxuq+uZPMu5U=; b=lR8roYWXUYa8BW+zA8BrVHR/khP0f7V4qIc1i1weZKXBQvCKBXkm8I7liRwyNJl/dn iKD6bq9lwVz6c6MNJnsex1zp3Rt0n1hjnDLjWG6vlggQ2JQQ2TMt96rsqORuH8MBtnCu dljnnkW1GK6rzhy49FEeBffSmukE5nxc01KtAdvYrqklOVoXCdzL7fqlztQ3EmBxgiZl MoTjVhjAHg5ABWFAvT5rqbQazhQLoWmu8Fs3lYmcFrwU7+TpjyQVGe92GnfZ0vJU42bY x60sfo5n97M8rWdzFRYazinDfFEJpG8ayC5X/hcRLKuqSL2tCfo5pM120FZMg9y4surD n91Q== X-Gm-Message-State: AIVw110SkZYYAEgxK3QGuocfTQYUSGxLEVoLGFWRMAwH3QTKRXK3TVTS mOn02Lo/b8AbqkYIeNLh8L5VRjRn/fLK X-Received: by 10.223.169.2 with SMTP id u2mr4174657wrc.288.1501185698827; Thu, 27 Jul 2017 13:01:38 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.130.85 with HTTP; Thu, 27 Jul 2017 13:01:38 -0700 (PDT) In-Reply-To: References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> From: Tom Herbert Date: Thu, 27 Jul 2017 13:01:38 -0700 Message-ID: To: Padmadevi Pillay Esnault Cc: Alexander Clemm , "Liubingyang (Bryan)" , Michael Menth , "ideas@ietf.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 20:01:43 -0000 On Thu, Jul 27, 2017 at 12:07 PM, Padmadevi Pillay Esnault wrote: > Alex and all > > > > Just a comment here =E2=80=A6 > > These analogies tie to a person =E2=80=A6. I would rather say something = like your > contract# perhaps. > > > > My 2 cts > > Padma > > > > From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Alexander Clemm > Sent: Thursday, July 27, 2017 12:01 PM > To: Liubingyang (Bryan); Michael Menth > > > Cc: ideas@ietf.org > Subject: Re: [Ideas] Can identity directly link with IP address? > > > > Hi Bingyang, > > > > You need to be able to refer to another endpoint, so you need to know at > least one of its identifiers in order to send it traffic. But, I don=E2= =80=99t > need to know your identity (in the narrower sense of IDEAS). To use an > analogy, I can send you an email using your identifier > liubingyang@huawei.com, but I don=E2=80=99t need to know your birth certi= ficate and > passport number to assert your identity, nor would I expect providing tho= se > to send you email. > I think the email analogy is good, but it's more interesting to view this from the sender perspective. I can easily set up a random email account for the purposes of keeping my identify anonymous and yet allowing for communications if I were to use that at the the reply address. Similarly a host could be assigned a block of "random" IP addresses (identifiers) and use a different one for each new connection. The network just needs to know how to route these addresses to the proper destination. That's what the mapping system does in identifier->locator mapping. If the network wants to correlate identifiers together as referring to the same identity for the purposes of policy it can, but I don't see that being necessary to facilitate communications nor protect privacy of users. Tom > > > Cheers > > --- Alex > > > > From: Liubingyang (Bryan) > Sent: Thursday, July 27, 2017 10:40 AM > To: Alexander Clemm ; Michael Menth > > Cc: ideas@ietf.org > Subject: Re: RE: [Ideas] Can identity directly link with IP address? > > > > Hi Alex > > Sorry I don't get it. Why what you "know" should be what you link with > identity? And what if I just "know" your ip ? > > > ----------------------------------------------Bingyang Liu > M: +86-15810795994 > E: liubingyang@huawei.com > 2012 Laboratories-NG IP Network Laboratory,2012Labs > > From: Alexander Clemm > > To: Michael Menth;Liubingyang > (Bryan) > > Cc: ideas@ietf.org > > Subject: RE: [Ideas] Can identity directly link with IP address? > > Time: 2017-07-28 01:02:24 > > > > Yes, in principle possible. > > The question is only, who will actually know the identity. In general, > endpoints will be referred to by an identifier by other parties. I would > envision that other parties may "know" other endpoints by public > identifiers, but not by their actual identity (by which they would be > authenticated to GRIDS). So, while a mapping system might be designed wi= th > flexibility for such queries in mind, I don't think supporting it would b= e a > requirement - certainly not initially. > > I am not sure I would go to multiple tiers of identities. It's a > possibility, but it would raise additional issues if we were to get into = the > realm of personal identities (as opposed to endpoint identities). So, IM= HO > we may want to stay clear of this. > > --- Alex > > -----Original Message----- > From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth > Sent: Thursday, July 27, 2017 3:11 AM > To: Liubingyang (Bryan) > Cc: ideas@ietf.org > Subject: Re: [Ideas] Can identity directly link with IP address? > > Dear Bingyang, all, > > good point! You essentially propose a more flexible mapping between ident= ity > and identifiers. I think it generally makes sense that the new mapping > system with access control is not limited to the currently three obvious > layers identity-identifier-locator, but follows a more flexible > identifier->identifier mapping, whereby an identity is a special > identifier. There may be use cases where > identity->identity may make sense, e.g., mapping of a user to its devices= . > This would also allow identity->locator which would be helpful to support > ID-networking w/ legacy IPv4/v6 but w/o loc/ID split. > > Regards, > > Michael > > Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): >> Hi all, >> >> >> >> The current model seems like identity---identifier---locator, and >> identity is bound with ID/Loc protocols. >> >> Do you think identity can directly link to IP address, i.e., >> identity---IP address, and be applied to the =E2=80=9Clegacy=E2=80=9D IP= v4/IPv6 >> without identifiers as intermediate? >> >> >> >> Bingyang (Bryan) >> >> >> >> _______________________________________________ >> Ideas mailing list >> Ideas@ietf.org >> https://www.ietf.org/mailman/listinfo/ideas >> > > -- > Prof. Dr. habil. Michael Menth > University of Tuebingen > Faculty of Science > Department of Computer Science > Chair of Communication Networks > Sand 13, 72076 Tuebingen, Germany > phone: (+49)-7071/29-70505 > fax: (+49)-7071/29-5220 > mailto:menth@uni-tuebingen.de > http://kn.inf.uni-tuebingen.de > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > From nobody Thu Jul 27 13:42:55 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF64712FEE2 for ; Thu, 27 Jul 2017 13:42:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HEJ4sVA6W_d3 for ; Thu, 27 Jul 2017 13:42:53 -0700 (PDT) Received: from mail-pg0-x242.google.com (mail-pg0-x242.google.com [IPv6:2607:f8b0:400e:c05::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24BAA13219E for ; Thu, 27 Jul 2017 13:42:53 -0700 (PDT) Received: by mail-pg0-x242.google.com with SMTP id d193so21535627pgc.2 for ; Thu, 27 Jul 2017 13:42:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=s79epe+s582tF67aLcm0mUcA2uPs0ei9tW2UKSNtGqE=; b=bcrOvX8/1w6hlcZwCUABFBX/w2H30DqkoE/VEUk/TyymGnDiSGtmR4Gv8MKyZsMIzk mHFzN4hOZQ2yMQmi6hN80Wk505VYvmfX2rWidpT+jLV+A51CObnxKZV/Ox1zctA5fk1y xtPHCagahQdSKwuQRr28LYD2NATWEkFjd8bZ983f4FiFWxc8gKQ1cs3bU2Y2GVsP3Q6Q 94qvo6jF7zehUpPoANJMaecht8M/9a2Y8r1ixtM7RiXvdIaF46p12C5Ql+rPHvr1KeVr EuISanXeA/IzRP3LeOHRoYAW/KSpf/tWjTYgtctk/gMZB3UZ5SurVO2GmC+pv4e//9Ss P8qQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=s79epe+s582tF67aLcm0mUcA2uPs0ei9tW2UKSNtGqE=; b=A1t0mehsPxviiq1R3rJtNNsFfC1xrNXjQPc87x1JhxqYb8gYgUGKn+RMRxJpI4T0Ub Cm6HwaaqXJPHhDuwky8KYan3sIDBDGdm+IiyNB5RDCqOXE0mZ8qL2L0aExSRsiQn8uzk DIH312Y6f9gCwKCjnUOhcnn54fI0IAUVU2asQpZaZhwBXJcWqCuiXf9BFllIcTDEhudn Yv1i2TWv0+n09WALo0K7smwLEIG/GPilLSQQLzeKFYrRiz/4gt525B7Tb++6CEFFJ5Am NOIvyd1LZPO1I/09Hbxxhid67RzQV0RrK/Oiil7vMah2z2eV8GApKFn58iepIPN5FdDs VJvw== X-Gm-Message-State: AIVw112W5hhzoz0NGGnKB3f2W/hEqkcYnVk177pmE/z+YJhyxIrma2om tqWOhINA1ER9sA== X-Received: by 10.98.147.74 with SMTP id b71mr4112923pfe.283.1501188172802; Thu, 27 Jul 2017 13:42:52 -0700 (PDT) Received: from [192.168.254.148] ([38.108.181.245]) by smtp.gmail.com with ESMTPSA id y2sm32448996pgy.60.2017.07.27.13.42.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 27 Jul 2017 13:42:51 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Dino Farinacci In-Reply-To: Date: Thu, 27 Jul 2017 13:42:51 -0700 Cc: Padma Pillay-Esnault , "ideas@ietf.org" , Alexander Clemm , "Liubingyang (Bryan)" , Michael Menth Content-Transfer-Encoding: 7bit Message-Id: <966AF92C-9086-4F17-825F-40EF38B65877@gmail.com> References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> To: Tom Herbert X-Mailer: Apple Mail (2.3273) Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2017 20:42:55 -0000 > I think the email analogy is good, but it's more interesting to view > this from the sender perspective. I can easily set up a random email > account for the purposes of keeping my identify anonymous and yet > allowing for communications if I were to use that at the the reply > address. Similarly a host could be assigned a block of "random" IP > addresses (identifiers) and use a different one for each new > connection. The network just needs to know how to route these > addresses to the proper destination. That's what the mapping system > does in identifier->locator mapping. If the network wants to correlate > identifiers together as referring to the same identity for the > purposes of policy it can, but I don't see that being necessary to > facilitate communications nor protect privacy of users. This is exactly what is described in: https://datatracker.ietf.org/doc/draft-farinacci-lisp-eid-anonymity/ Dino From nobody Thu Jul 27 18:45:31 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4818131EEB for ; Thu, 27 Jul 2017 18:45:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WAKcB_hjW2qU for ; Thu, 27 Jul 2017 18:45:27 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B35A3131EDE for ; Thu, 27 Jul 2017 18:45:26 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml701-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSE60150; Fri, 28 Jul 2017 01:45:24 +0000 (GMT) Received: from DGGEMI401-HUB.china.huawei.com (10.3.17.134) by lhreml701-cah.china.huawei.com (10.201.108.42) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 28 Jul 2017 02:45:22 +0100 Received: from DGGEMI506-MBX.china.huawei.com ([169.254.4.184]) by dggemi401-hub.china.huawei.com ([10.3.17.134]) with mapi id 14.03.0301.000; Fri, 28 Jul 2017 09:45:13 +0800 From: "Liubingyang (Bryan)" To: Alexander Clemm , Michael Menth CC: "ideas@ietf.org" Thread-Topic: RE: [Ideas] Can identity directly link with IP address? Thread-Index: AQHTBv9vspWTChBCFEir+TKtBwdZkqJngWGAgAD08AA= Date: Fri, 28 Jul 2017 01:45:13 +0000 Message-ID: References: , <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.130.168.116] Content-Type: multipart/alternative; boundary="_000_C1CE72EE84AF224E94DA21AE134209EE01A19E6DDGGEMI506MBXchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020203.597A9735.0047, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.184, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 650425dff0f87bcb4c0d2406d2d6d8d3 Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 01:45:29 -0000 --_000_C1CE72EE84AF224E94DA21AE134209EE01A19E6DDGGEMI506MBXchi_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Now I get it. But maybe I just know your IP address (I don't want to mentio= n DNS here :)) and communicate with you. In this case, if identity is still= applicable, it may directly link with IP address, right? Bingyang From: Alexander Clemm Sent: Friday, July 28, 2017 3:01 AM To: Liubingyang (Bryan) ; Michael Menth Cc: ideas@ietf.org Subject: RE: RE: [Ideas] Can identity directly link with IP address? Hi Bingyang, You need to be able to refer to another endpoint, so you need to know at le= ast one of its identifiers in order to send it traffic. But, I don't need= to know your identity (in the narrower sense of IDEAS). To use an analogy= , I can send you an email using your identifier liubingyang@huawei.com, but I don't need to know your birth certificate= and passport number to assert your identity, nor would I expect providing = those to send you email. Cheers --- Alex From: Liubingyang (Bryan) Sent: Thursday, July 27, 2017 10:40 AM To: Alexander Clemm >; Michael Menth > Cc: ideas@ietf.org Subject: Re: RE: [Ideas] Can identity directly link with IP address? Hi Alex Sorry I don't get it. Why what you "know" should be what you link with iden= tity? And what if I just "know" your ip ? ----------------------------------------------Bingyang Liu M: +86-15810795994 E: liubingyang@huawei.com 2012 Laboratories-NG IP Network Laboratory,2012Labs From: Alexander Clemm To: Michael Menth>;Li= ubingyang (Bryan)> Cc: ideas@ietf.org Subject: RE: [Ideas] Can identity directly link with IP address? Time: 2017-07-28 01:02:24 Yes, in principle possible. The question is only, who will actually know the identity. In general, end= points will be referred to by an identifier by other parties. I would envi= sion that other parties may "know" other endpoints by public identifiers, b= ut not by their actual identity (by which they would be authenticated to GR= IDS). So, while a mapping system might be designed with flexibility for su= ch queries in mind, I don't think supporting it would be a requirement - ce= rtainly not initially. I am not sure I would go to multiple tiers of identities. It's a possibili= ty, but it would raise additional issues if we were to get into the realm o= f personal identities (as opposed to endpoint identities). So, IMHO we may= want to stay clear of this. --- Alex -----Original Message----- From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth Sent: Thursday, July 27, 2017 3:11 AM To: Liubingyang (Bryan) > Cc: ideas@ietf.org Subject: Re: [Ideas] Can identity directly link with IP address? Dear Bingyang, all, good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible identifier->identifier mapping, whereby an identity is a special identifier. There may be use cases where identity->identity may make sense, e.g., mapping of a user to its devices. This would also allow identity->locator which would be helpful to support I= D-networking w/ legacy IPv4/v6 but w/o loc/ID split. Regards, Michael Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): > Hi all, > > > > The current model seems like identity---identifier---locator, and > identity is bound with ID/Loc protocols. > > Do you think identity can directly link to IP address, i.e., > identity---IP address, and be applied to the "legacy" IPv4/IPv6 > without identifiers as intermediate? > > > > Bingyang (Bryan) > > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > -- Prof. Dr. habil. Michael Menth University of Tuebingen Faculty of Science Department of Computer Science Chair of Communication Networks Sand 13, 72076 Tuebingen, Germany phone: (+49)-7071/29-70505 fax: (+49)-7071/29-5220 mailto:menth@uni-tuebingen.de http://kn.inf.uni-tuebingen.de _______________________________________________ Ideas mailing list Ideas@ietf.org https://www.ietf.org/mailman/listinfo/ideas --_000_C1CE72EE84AF224E94DA21AE134209EE01A19E6DDGGEMI506MBXchi_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Now I get= it. But maybe I just know your IP address (I don’t want to mention D= NS here J) and communicate with you. In this case, if identity is still applicable, it may directly link with IP address, right?=

&nbs= p;

Bingyang<= o:p>

&nbs= p;

From:<= /span> Alexander Clemm
Sent: Friday, July 28, 2017 3:01 AM
To: Liubingyang (Bryan) <liubingyang@huawei.com>; Michael Ment= h <menth@uni-tuebingen.de>
Cc: ideas@ietf.org
Subject: RE: RE: [Ideas] Can identity directly link with IP address?=

 

Hi Bingyang,

 

You need to be able to refer to another endpoint, so you need to know = at least one of its identifiers in order to send it traffic.   But, I don’t need to know your identity (in = the narrower sense of IDEAS).  To use an analogy, I can send you an em= ail using your identifier liubingyang@huawei.com, but I= don’t need to know your birth certificate and passport number to ass= ert your identity, nor would I expect providing those to send you email.&nb= sp;   

 

Cheers

--- Alex

 

From: = Liubingyang (Bryan)
Sent: Thursday, July 27, 2017 10:40 AM
To: Alexander Clemm <alexander.clemm@huawei.com>; Michael Menth <menth@uni-tuebingen.de>
Cc: ideas@ietf.org
Subject: Re: RE: [Ideas] Can identity directly link with IP address?=

 

= Hi Alex

Sorry I don't get it. Why what you = "know" should be what you link with=  identity? And what if I just "know= " your ip ?


----------------------------------------------Bingyang Liu
M: +86-15810795994  
E: liubingyang@huawei.com
2012 Laboratories-NG IP Network Laboratory,2012Labs

From: Alexander Clemm<= o:p>

Subject: RE: [Ideas] Can = identity directly link with IP address?

Time: 2017-07-28 01:02= :24

 

Yes,= in principle possible. 

The question is only, who will actually know the identity.  In general= , endpoints will be referred to by an identifier by other parties.  I = would envision that other parties may "know" other endpoints by p= ublic identifiers, but not by their actual identity (by which they would be authenticated to GRIDS).  So, while a mapping= system might be designed with flexibility for such queries in mind, I don'= t think supporting it would be a requirement - certainly not initially.&nbs= p;

I am not sure I would go to multiple tiers of identities.  It's a poss= ibility, but it would raise additional issues if we were to get into the re= alm of personal identities (as opposed to endpoint identities).  So, I= MHO we may want to stay clear of this. 

--- Alex

-----Original Message-----
From: Ideas [mailto:ideas-bounces= @ietf.org] On Behalf Of Michael Menth
Sent: Thursday, July 27, 2017 3:11 AM
To: Liubingyang (Bryan) <liubi= ngyang@huawei.com>
Cc: ideas@ietf.org
Subject: Re: [Ideas] Can identity directly link with IP address?

Dear Bingyang, all,

good point! You essentially propose a more flexible mapping between identit= y and identifiers. I think it generally makes sense that the new mapping sy= stem with access control is not limited to the currently three obvious laye= rs identity-identifier-locator, but follows a more flexible
identifier->identifier mapping, whereby an identity is a special
identifier. There may be use cases where
identity->identity may make sense, e.g., mapping of a user to its device= s.
This would also allow identity->locator which would be helpful to suppor= t ID-networking w/ legacy IPv4/v6 but w/o loc/ID split.

Regards,

Michael

Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan):
> Hi all,
>

>
> The current model seems like identity---identifier---locator, and
> identity is bound with ID/Loc protocols.
>
> Do you think identity can directly link to IP address, i.e.,
> identity---IP address, and be applied to the legacy= 221; IPv4/IPv6
> without identifiers as intermediate?
>

>
> Bingyang (Bryan)
>
>
>
> _______________________________________________
> Ideas mailing list
> Ideas@ietf.org
> https://www.ie= tf.org/mailman/listinfo/ideas
>

--
Prof. Dr. habil. Michael Menth
University of Tuebingen
Faculty of Science
Department of Computer Science
Chair of Communication Networks
Sand 13, 72076 Tuebingen, Germany
phone: (+49)-7071/29-70505
fax: (+49)-7071/29-5220
mailto:menth@uni-tuebingen.de=
http://kn.inf.uni-tuebingen.de

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.or= g/mailman/listinfo/ideas

--_000_C1CE72EE84AF224E94DA21AE134209EE01A19E6DDGGEMI506MBXchi_-- From nobody Thu Jul 27 19:48:22 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FCA41270AC for ; Thu, 27 Jul 2017 19:48:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7GHjY3abi_ca for ; Thu, 27 Jul 2017 19:48:19 -0700 (PDT) Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com [IPv6:2a00:1450:400c:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D11BE12706D for ; Thu, 27 Jul 2017 19:48:18 -0700 (PDT) Received: by mail-wm0-x244.google.com with SMTP id t138so6920833wmt.4 for ; Thu, 27 Jul 2017 19:48:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=eq8onn1M6WmUMtRSjKSspzmUMyKqPwZKyQRrjJcWp5o=; b=vmB6pRAkcxhAiQPxmjes+10mz65tRICkCXaswmZJB8cZszyRA+ZjT/oUVwqWuhRJw/ Pk84ya4qn94/x+UCDjkjO94V2TnFaSlq81IFMja2/AIh7XqsYzLV7VUnTbrZavbsqy5X 3xxpjPHgadaIA/tccr5yTqDHr2S9CU1iRhzJDIlm7wHSUCwohef/+tUZGgrO7EwZ7WUQ fyob/+0jUQdWCw9AW0N7YUVqulwU1ePicaMywYwXtTEt3dkw1RA0mUUYkTgptAlMHx/6 9Uza7a/MfUrRkhvPesAhKTngPXmT4N3uzgm9Cgm0rafPtoEN8XrUENwkhnlXwnAakUzT a6dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=eq8onn1M6WmUMtRSjKSspzmUMyKqPwZKyQRrjJcWp5o=; b=fL3EW64YlkB6vwMBQHkFx2/WzB9c2weC78Zetn4oRmrtKm2bGAdsJPyfFmBfPGyv+L hfswoKBIXRhy+toYwIslHsoBl45AuoOKoOVCuJfIKOY0YpjlZz3cA40BUIjvzdBpKZ9J 6Yt3Lu3yeayfGctoKlnj9x/+mVl1La0MSA2n3BJmMJUgNnMF7sVaj9a7oa/bwG3YG7z5 izLD1s7duTMifh/WnetJypyPVoI3qjPg2Ok3wBgWA9FHkBRrDK7hIoIuxTA4pIEc1eqO 5brKeecvqTLhAqdu6SgIa91cHxldv3969fJqefZpyOO2HWTvTsV5vs4csBYox7jvwvAC yUdg== X-Gm-Message-State: AIVw113/G6TtG6+eZQhY8udgdqeOFym1KfHRBJO/KmT1bm+kKLtZXOul vWYi1zqIAz5vtzMqpfp+e4ImJnc6gHq4 X-Received: by 10.28.175.135 with SMTP id y129mr4333977wme.87.1501210097249; Thu, 27 Jul 2017 19:48:17 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.130.85 with HTTP; Thu, 27 Jul 2017 19:48:16 -0700 (PDT) In-Reply-To: References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> From: Tom Herbert Date: Thu, 27 Jul 2017 19:48:16 -0700 Message-ID: To: "Liubingyang (Bryan)" Cc: Alexander Clemm , Michael Menth , "ideas@ietf.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 02:48:21 -0000 On Thu, Jul 27, 2017 at 6:45 PM, Liubingyang (Bryan) wrote: > Now I get it. But maybe I just know your IP address (I don=E2=80=99t want= to mention > DNS here J) and communicate with you. In this case, if identity is still > applicable, it may directly link with IP address, right? > This question confuses me which I suppose it to say the notion of identify related to IP addressing is still confusing. If two nodes are able so successfully communicate using IP address then where does identity come into play? If the applications need to verify whom they're talking they'll using a mechanism like x.509 or TLS and should never rely on IP addresses as having any security properties. Tom > > > Bingyang > > > > From: Alexander Clemm > Sent: Friday, July 28, 2017 3:01 AM > To: Liubingyang (Bryan) ; Michael Menth > > Cc: ideas@ietf.org > Subject: RE: RE: [Ideas] Can identity directly link with IP address? > > > > Hi Bingyang, > > > > You need to be able to refer to another endpoint, so you need to know at > least one of its identifiers in order to send it traffic. But, I don=E2= =80=99t > need to know your identity (in the narrower sense of IDEAS). To use an > analogy, I can send you an email using your identifier > liubingyang@huawei.com, but I don=E2=80=99t need to know your birth certi= ficate and > passport number to assert your identity, nor would I expect providing tho= se > to send you email. > > > > Cheers > > --- Alex > > > > From: Liubingyang (Bryan) > Sent: Thursday, July 27, 2017 10:40 AM > To: Alexander Clemm ; Michael Menth > > Cc: ideas@ietf.org > Subject: Re: RE: [Ideas] Can identity directly link with IP address? > > > > Hi Alex > > Sorry I don't get it. Why what you "know" should be what you link with > identity? And what if I just "know" your ip ? > > > ----------------------------------------------Bingyang Liu > M: +86-15810795994 > E: liubingyang@huawei.com > 2012 Laboratories-NG IP Network Laboratory,2012Labs > > From: Alexander Clemm > > To: Michael Menth;Liubingyang > (Bryan) > > Cc: ideas@ietf.org > > Subject: RE: [Ideas] Can identity directly link with IP address? > > Time: 2017-07-28 01:02:24 > > > > Yes, in principle possible. > > The question is only, who will actually know the identity. In general, > endpoints will be referred to by an identifier by other parties. I would > envision that other parties may "know" other endpoints by public > identifiers, but not by their actual identity (by which they would be > authenticated to GRIDS). So, while a mapping system might be designed wi= th > flexibility for such queries in mind, I don't think supporting it would b= e a > requirement - certainly not initially. > > I am not sure I would go to multiple tiers of identities. It's a > possibility, but it would raise additional issues if we were to get into = the > realm of personal identities (as opposed to endpoint identities). So, IM= HO > we may want to stay clear of this. > > --- Alex > > -----Original Message----- > From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth > Sent: Thursday, July 27, 2017 3:11 AM > To: Liubingyang (Bryan) > Cc: ideas@ietf.org > Subject: Re: [Ideas] Can identity directly link with IP address? > > Dear Bingyang, all, > > good point! You essentially propose a more flexible mapping between ident= ity > and identifiers. I think it generally makes sense that the new mapping > system with access control is not limited to the currently three obvious > layers identity-identifier-locator, but follows a more flexible > identifier->identifier mapping, whereby an identity is a special > identifier. There may be use cases where > identity->identity may make sense, e.g., mapping of a user to its devices= . > This would also allow identity->locator which would be helpful to support > ID-networking w/ legacy IPv4/v6 but w/o loc/ID split. > > Regards, > > Michael > > Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): >> Hi all, >> >> >> >> The current model seems like identity---identifier---locator, and >> identity is bound with ID/Loc protocols. >> >> Do you think identity can directly link to IP address, i.e., >> identity---IP address, and be applied to the =E2=80=9Clegacy=E2=80=9D IP= v4/IPv6 >> without identifiers as intermediate? >> >> >> >> Bingyang (Bryan) >> >> >> >> _______________________________________________ >> Ideas mailing list >> Ideas@ietf.org >> https://www.ietf.org/mailman/listinfo/ideas >> > > -- > Prof. Dr. habil. Michael Menth > University of Tuebingen > Faculty of Science > Department of Computer Science > Chair of Communication Networks > Sand 13, 72076 Tuebingen, Germany > phone: (+49)-7071/29-70505 > fax: (+49)-7071/29-5220 > mailto:menth@uni-tuebingen.de > http://kn.inf.uni-tuebingen.de > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > From nobody Thu Jul 27 20:45:23 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA0C813220C for ; Thu, 27 Jul 2017 20:45:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Es9LOUfb2qI for ; Thu, 27 Jul 2017 20:45:19 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF59513220A for ; Thu, 27 Jul 2017 20:45:18 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml703-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSE72585; Fri, 28 Jul 2017 03:45:16 +0000 (GMT) Received: from DGGEMI404-HUB.china.huawei.com (10.3.17.142) by lhreml703-cah.china.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 28 Jul 2017 04:45:15 +0100 Received: from DGGEMI506-MBX.china.huawei.com ([169.254.4.184]) by dggemi404-hub.china.huawei.com ([10.3.17.142]) with mapi id 14.03.0301.000; Fri, 28 Jul 2017 11:45:04 +0800 From: "Liubingyang (Bryan)" To: "'Tom Herbert'" CC: Alexander Clemm , Michael Menth , "ideas@ietf.org" Thread-Topic: [Ideas] Can identity directly link with IP address? Thread-Index: AQHTB0v8kV3Mp3B2bUeKT1f7Kd4I6qJoicig Date: Fri, 28 Jul 2017 03:45:03 +0000 Message-ID: References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> In-Reply-To: Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.130.168.116] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.597AB34D.002F, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.184, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 2f403d5686c8c21db4edc3b48edc6500 Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 03:45:22 -0000 SGkgVG9tLCANCg0KSSBzZWUgd2hhdCB5b3UgbWVhbi4gQnV0IEkgZG9uJ3QgdGhpbmsgeW91ciBj b25jZXJuIGlzIHNwZWNpZmljIHRvIElQIGFkZHJlc3MuIEJ0dywgSSB0aGluayBjZXJ0aWZpY2F0 ZSBpcyBqdXN0IG9uZSB3YXkgdG8gYmluZCBpZGVudGl0eSB3aXRoIHNvbWV0aGluZywgbm90IHRo ZSBpZGVudGl0eSBpdHNlbGYuICANCg0KQmluZ3lhbmcNCg0KLS0tLS1PcmlnaW5hbCBNZXNzYWdl LS0tLS0NCkZyb206IFRvbSBIZXJiZXJ0IFttYWlsdG86dG9tQGhlcmJlcnRsYW5kLmNvbV0gDQpT ZW50OiBGcmlkYXksIEp1bHkgMjgsIDIwMTcgMTA6NDggQU0NClRvOiBMaXViaW5neWFuZyAoQnJ5 YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KQ2M6IEFsZXhhbmRlciBDbGVtbSA8YWxleGFu ZGVyLmNsZW1tQGh1YXdlaS5jb20+OyBNaWNoYWVsIE1lbnRoIDxtZW50aEB1bmktdHVlYmluZ2Vu LmRlPjsgaWRlYXNAaWV0Zi5vcmcNClN1YmplY3Q6IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0eSBk aXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8NCg0KT24gVGh1LCBKdWwgMjcsIDIwMTcgYXQg Njo0NSBQTSwgTGl1YmluZ3lhbmcgKEJyeWFuKSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT4gd3Jv dGU6DQo+IE5vdyBJIGdldCBpdC4gQnV0IG1heWJlIEkganVzdCBrbm93IHlvdXIgSVAgYWRkcmVz cyAoSSBkb27igJl0IHdhbnQgdG8gDQo+IG1lbnRpb24gRE5TIGhlcmUgSikgYW5kIGNvbW11bmlj YXRlIHdpdGggeW91LiBJbiB0aGlzIGNhc2UsIGlmIA0KPiBpZGVudGl0eSBpcyBzdGlsbCBhcHBs aWNhYmxlLCBpdCBtYXkgZGlyZWN0bHkgbGluayB3aXRoIElQIGFkZHJlc3MsIHJpZ2h0Pw0KPg0K VGhpcyBxdWVzdGlvbiBjb25mdXNlcyBtZSB3aGljaCBJIHN1cHBvc2UgaXQgdG8gc2F5IHRoZSBu b3Rpb24gb2YgaWRlbnRpZnkgcmVsYXRlZCB0byBJUCBhZGRyZXNzaW5nIGlzIHN0aWxsIGNvbmZ1 c2luZy4gSWYgdHdvIG5vZGVzIGFyZSBhYmxlIHNvIHN1Y2Nlc3NmdWxseSBjb21tdW5pY2F0ZSB1 c2luZyBJUCBhZGRyZXNzIHRoZW4gd2hlcmUgZG9lcyBpZGVudGl0eSBjb21lIGludG8gcGxheT8g SWYgdGhlIGFwcGxpY2F0aW9ucyBuZWVkIHRvIHZlcmlmeSB3aG9tIHRoZXkncmUgdGFsa2luZyB0 aGV5J2xsIHVzaW5nIGEgbWVjaGFuaXNtIGxpa2UgeC41MDkgb3IgVExTICBhbmQgc2hvdWxkIG5l dmVyIHJlbHkgb24gSVAgYWRkcmVzc2VzIGFzIGhhdmluZyBhbnkgc2VjdXJpdHkgcHJvcGVydGll cy4NCg0KVG9tDQoNCj4NCj4NCj4gQmluZ3lhbmcNCj4NCj4NCj4NCj4gRnJvbTogQWxleGFuZGVy IENsZW1tDQo+IFNlbnQ6IEZyaWRheSwgSnVseSAyOCwgMjAxNyAzOjAxIEFNDQo+IFRvOiBMaXVi aW5neWFuZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPjsgTWljaGFlbCBNZW50aCAN Cj4gPG1lbnRoQHVuaS10dWViaW5nZW4uZGU+DQo+IENjOiBpZGVhc0BpZXRmLm9yZw0KPiBTdWJq ZWN0OiBSRTogUkU6IFtJZGVhc10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBh ZGRyZXNzPw0KPg0KPg0KPg0KPiBIaSBCaW5neWFuZywNCj4NCj4NCj4NCj4gWW91IG5lZWQgdG8g YmUgYWJsZSB0byByZWZlciB0byBhbm90aGVyIGVuZHBvaW50LCBzbyB5b3UgbmVlZCB0byBrbm93 IGF0DQo+IGxlYXN0IG9uZSBvZiBpdHMgaWRlbnRpZmllcnMgaW4gb3JkZXIgdG8gc2VuZCBpdCB0 cmFmZmljLiAgIEJ1dCwgSSBkb27igJl0DQo+IG5lZWQgdG8ga25vdyB5b3VyIGlkZW50aXR5IChp biB0aGUgbmFycm93ZXIgc2Vuc2Ugb2YgSURFQVMpLiAgVG8gdXNlIA0KPiBhbiBhbmFsb2d5LCBJ IGNhbiBzZW5kIHlvdSBhbiBlbWFpbCB1c2luZyB5b3VyIGlkZW50aWZpZXIgDQo+IGxpdWJpbmd5 YW5nQGh1YXdlaS5jb20sIGJ1dCBJIGRvbuKAmXQgbmVlZCB0byBrbm93IHlvdXIgYmlydGggDQo+ IGNlcnRpZmljYXRlIGFuZCBwYXNzcG9ydCBudW1iZXIgdG8gYXNzZXJ0IHlvdXIgaWRlbnRpdHks IG5vciB3b3VsZCBJIA0KPiBleHBlY3QgcHJvdmlkaW5nIHRob3NlIHRvIHNlbmQgeW91IGVtYWls Lg0KPg0KPg0KPg0KPiBDaGVlcnMNCj4NCj4gLS0tIEFsZXgNCj4NCj4NCj4NCj4gRnJvbTogTGl1 YmluZ3lhbmcgKEJyeWFuKQ0KPiBTZW50OiBUaHVyc2RheSwgSnVseSAyNywgMjAxNyAxMDo0MCBB TQ0KPiBUbzogQWxleGFuZGVyIENsZW1tIDxhbGV4YW5kZXIuY2xlbW1AaHVhd2VpLmNvbT47IE1p Y2hhZWwgTWVudGggDQo+IDxtZW50aEB1bmktdHVlYmluZ2VuLmRlPg0KPiBDYzogaWRlYXNAaWV0 Zi5vcmcNCj4gU3ViamVjdDogUmU6IFJFOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBs aW5rIHdpdGggSVAgYWRkcmVzcz8NCj4NCj4NCj4NCj4gSGkgQWxleA0KPg0KPiBTb3JyeSBJIGRv bid0IGdldCBpdC4gV2h5IHdoYXQgeW91ICJrbm93IiBzaG91bGQgYmUgd2hhdCB5b3UgbGluayB3 aXRoIA0KPiBpZGVudGl0eT8gQW5kIHdoYXQgaWYgSSBqdXN0ICJrbm93IiB5b3VyIGlwID8NCj4N Cj4NCj4gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLUJpbmd5 YW5nIExpdQ0KPiBNOiArODYtMTU4MTA3OTU5OTQNCj4gRTogbGl1YmluZ3lhbmdAaHVhd2VpLmNv bQ0KPiAyMDEyIExhYm9yYXRvcmllcy1ORyBJUCBOZXR3b3JrIExhYm9yYXRvcnksMjAxMkxhYnMN Cj4NCj4gRnJvbTogQWxleGFuZGVyIENsZW1tDQo+DQo+IFRvOiBNaWNoYWVsIE1lbnRoPG1lbnRo QHVuaS10dWViaW5nZW4uZGU+O0xpdWJpbmd5YW5nDQo+IChCcnlhbik8bGl1YmluZ3lhbmdAaHVh d2VpLmNvbT4NCj4NCj4gQ2M6IGlkZWFzQGlldGYub3JnDQo+DQo+IFN1YmplY3Q6IFJFOiBbSWRl YXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8NCj4NCj4gVGlt ZTogMjAxNy0wNy0yOCAwMTowMjoyNA0KPg0KPg0KPg0KPiBZZXMsIGluIHByaW5jaXBsZSBwb3Nz aWJsZS4NCj4NCj4gVGhlIHF1ZXN0aW9uIGlzIG9ubHksIHdobyB3aWxsIGFjdHVhbGx5IGtub3cg dGhlIGlkZW50aXR5LiAgSW4gDQo+IGdlbmVyYWwsIGVuZHBvaW50cyB3aWxsIGJlIHJlZmVycmVk IHRvIGJ5IGFuIGlkZW50aWZpZXIgYnkgb3RoZXIgDQo+IHBhcnRpZXMuICBJIHdvdWxkIGVudmlz aW9uIHRoYXQgb3RoZXIgcGFydGllcyBtYXkgImtub3ciIG90aGVyIA0KPiBlbmRwb2ludHMgYnkg cHVibGljIGlkZW50aWZpZXJzLCBidXQgbm90IGJ5IHRoZWlyIGFjdHVhbCBpZGVudGl0eSAoYnkg DQo+IHdoaWNoIHRoZXkgd291bGQgYmUgYXV0aGVudGljYXRlZCB0byBHUklEUykuICBTbywgd2hp bGUgYSBtYXBwaW5nIA0KPiBzeXN0ZW0gbWlnaHQgYmUgZGVzaWduZWQgd2l0aCBmbGV4aWJpbGl0 eSBmb3Igc3VjaCBxdWVyaWVzIGluIG1pbmQsIEkgDQo+IGRvbid0IHRoaW5rIHN1cHBvcnRpbmcg aXQgd291bGQgYmUgYSByZXF1aXJlbWVudCAtIGNlcnRhaW5seSBub3QgaW5pdGlhbGx5Lg0KPg0K PiBJIGFtIG5vdCBzdXJlIEkgd291bGQgZ28gdG8gbXVsdGlwbGUgdGllcnMgb2YgaWRlbnRpdGll cy4gIEl0J3MgYSANCj4gcG9zc2liaWxpdHksIGJ1dCBpdCB3b3VsZCByYWlzZSBhZGRpdGlvbmFs IGlzc3VlcyBpZiB3ZSB3ZXJlIHRvIGdldCANCj4gaW50byB0aGUgcmVhbG0gb2YgcGVyc29uYWwg aWRlbnRpdGllcyAoYXMgb3Bwb3NlZCB0byBlbmRwb2ludCANCj4gaWRlbnRpdGllcykuICBTbywg SU1ITyB3ZSBtYXkgd2FudCB0byBzdGF5IGNsZWFyIG9mIHRoaXMuDQo+DQo+IC0tLSBBbGV4DQo+ DQo+IC0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQo+IEZyb206IElkZWFzIFttYWlsdG86aWRl YXMtYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIE1pY2hhZWwgTWVudGgNCj4gU2VudDog VGh1cnNkYXksIEp1bHkgMjcsIDIwMTcgMzoxMSBBTQ0KPiBUbzogTGl1YmluZ3lhbmcgKEJyeWFu KSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT4NCj4gQ2M6IGlkZWFzQGlldGYub3JnDQo+IFN1Ympl Y3Q6IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVz cz8NCj4NCj4gRGVhciBCaW5neWFuZywgYWxsLA0KPg0KPiBnb29kIHBvaW50ISBZb3UgZXNzZW50 aWFsbHkgcHJvcG9zZSBhIG1vcmUgZmxleGlibGUgbWFwcGluZyBiZXR3ZWVuIA0KPiBpZGVudGl0 eSBhbmQgaWRlbnRpZmllcnMuIEkgdGhpbmsgaXQgZ2VuZXJhbGx5IG1ha2VzIHNlbnNlIHRoYXQg dGhlIA0KPiBuZXcgbWFwcGluZyBzeXN0ZW0gd2l0aCBhY2Nlc3MgY29udHJvbCBpcyBub3QgbGlt aXRlZCB0byB0aGUgY3VycmVudGx5IA0KPiB0aHJlZSBvYnZpb3VzIGxheWVycyBpZGVudGl0eS1p ZGVudGlmaWVyLWxvY2F0b3IsIGJ1dCBmb2xsb3dzIGEgbW9yZSANCj4gZmxleGlibGUNCj4gaWRl bnRpZmllci0+aWRlbnRpZmllciBtYXBwaW5nLCB3aGVyZWJ5IGFuIGlkZW50aXR5IGlzIGEgc3Bl Y2lhbA0KPiBpZGVudGlmaWVyLiBUaGVyZSBtYXkgYmUgdXNlIGNhc2VzIHdoZXJlDQo+IGlkZW50 aXR5LT5pZGVudGl0eSBtYXkgbWFrZSBzZW5zZSwgZS5nLiwgbWFwcGluZyBvZiBhIHVzZXIgdG8g aXRzIGRldmljZXMuDQo+IFRoaXMgd291bGQgYWxzbyBhbGxvdyBpZGVudGl0eS0+bG9jYXRvciB3 aGljaCB3b3VsZCBiZSBoZWxwZnVsIHRvIA0KPiBzdXBwb3J0IElELW5ldHdvcmtpbmcgdy8gbGVn YWN5IElQdjQvdjYgYnV0IHcvbyBsb2MvSUQgc3BsaXQuDQo+DQo+IFJlZ2FyZHMsDQo+DQo+IE1p Y2hhZWwNCj4NCj4gQW0gMjcuMDcuMjAxNyB1bSAxMTo0NCBzY2hyaWViIExpdWJpbmd5YW5nIChC cnlhbik6DQo+PiBIaSBhbGwsDQo+Pg0KPj4NCj4+DQo+PiBUaGUgY3VycmVudCBtb2RlbCBzZWVt cyBsaWtlIGlkZW50aXR5LS0taWRlbnRpZmllci0tLWxvY2F0b3IsIGFuZCANCj4+IGlkZW50aXR5 IGlzIGJvdW5kIHdpdGggSUQvTG9jIHByb3RvY29scy4NCj4+DQo+PiBEbyB5b3UgdGhpbmsgaWRl bnRpdHkgY2FuIGRpcmVjdGx5IGxpbmsgdG8gSVAgYWRkcmVzcywgaS5lLiwgDQo+PiBpZGVudGl0 eS0tLUlQIGFkZHJlc3MsIGFuZCBiZSBhcHBsaWVkIHRvIHRoZSDigJxsZWdhY3nigJ0gSVB2NC9J UHY2IA0KPj4gd2l0aG91dCBpZGVudGlmaWVycyBhcyBpbnRlcm1lZGlhdGU/DQo+Pg0KPj4NCj4+ DQo+PiBCaW5neWFuZyAoQnJ5YW4pDQo+Pg0KPj4NCj4+DQo+PiBfX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPj4gSWRlYXMgbWFpbGluZyBsaXN0DQo+PiBJ ZGVhc0BpZXRmLm9yZw0KPj4gaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9p ZGVhcw0KPj4NCj4NCj4gLS0NCj4gUHJvZi4gRHIuIGhhYmlsLiBNaWNoYWVsIE1lbnRoDQo+IFVu aXZlcnNpdHkgb2YgVHVlYmluZ2VuDQo+IEZhY3VsdHkgb2YgU2NpZW5jZQ0KPiBEZXBhcnRtZW50 IG9mIENvbXB1dGVyIFNjaWVuY2UNCj4gQ2hhaXIgb2YgQ29tbXVuaWNhdGlvbiBOZXR3b3Jrcw0K PiBTYW5kIDEzLCA3MjA3NiBUdWViaW5nZW4sIEdlcm1hbnkNCj4gcGhvbmU6ICgrNDkpLTcwNzEv MjktNzA1MDUNCj4gZmF4OiAoKzQ5KS03MDcxLzI5LTUyMjANCj4gbWFpbHRvOm1lbnRoQHVuaS10 dWViaW5nZW4uZGUNCj4gaHR0cDovL2tuLmluZi51bmktdHVlYmluZ2VuLmRlDQo+DQo+IF9fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQo+IElkZWFzIG1haWxp bmcgbGlzdA0KPiBJZGVhc0BpZXRmLm9yZw0KPiBodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFu L2xpc3RpbmZvL2lkZWFzDQo+DQo+DQo+IF9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fDQo+IElkZWFzIG1haWxpbmcgbGlzdA0KPiBJZGVhc0BpZXRmLm9yZw0K PiBodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2lkZWFzDQo+DQo= From nobody Fri Jul 28 08:12:13 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46408132130 for ; Fri, 28 Jul 2017 08:12:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3OBvgkZGdpy1 for ; Fri, 28 Jul 2017 08:12:07 -0700 (PDT) Received: from mail-wr0-x229.google.com (mail-wr0-x229.google.com [IPv6:2a00:1450:400c:c0c::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDDBA13212F for ; Fri, 28 Jul 2017 08:12:06 -0700 (PDT) Received: by mail-wr0-x229.google.com with SMTP id 12so156485477wrb.1 for ; Fri, 28 Jul 2017 08:12:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=Llrw0SQWNaIu4owxnTQmlLZi8H73lMIobL+V0evqUKw=; b=M7+GNJQnFXlGq2m5AY3KMI6f1g5O0jsbwUlG5AnlAKJK2mdy+hG9XFxyQC9WYtiXkY 4oUvPP6xcvDGlGf6s7T8vyafm15FT/7cwa9YPOUmVppC7YmNHFATLyrgm5+v++r/EV3p ogxo3icCaDhTm9j4mxJgZtGiPB7lROCX/C7eo1Kzbk+S/RzztvH6z5sGCka4XTAUzWhQ eCjX3+HudGWVsv+AZEYCF9EdOacJkDezyB+HKbemKGoOfkXdGW1QaF0oFvpuB9r6wpSr SKiLkTYz5/vVlTrCIdt8OlcOZAaoV2/oCMRTNSxi0iJTsqHsZP/CIDk0iprbuvoc8nXe lzmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=Llrw0SQWNaIu4owxnTQmlLZi8H73lMIobL+V0evqUKw=; b=hLjEhjDJINhd/jP6qThNvlhTEAkdltHNu9Gu+EcudcOqdZ4JOT/EYSf9IYLE9BVp/l agq6VjtF9o4SU6IFSr47+WpYVycmHjHNmnTsepNZyL19VgvM2C65qJU0Dp2qefZlxtwc rAOZYhBn273lcI/6LpoLDqHr3l2BooJp8niruXeLlRs8Pp6Cdlev8Er/Ch0XrqW5vhV4 ODdZZJIPbIZRMoPgoXmzCVaC7PeCLvFji+KYz1sQqzyz6ftERBUMLAkLS/DfFPILG1Qb IUioG8MPBw+EmpF2WaQo+8m0ODIoEKF6Kal0pV/ehbZkprhj0kG2IxqZM1LdjYACC1Mc Id1A== X-Gm-Message-State: AIVw110G1HMYmZtwZViEg+LNVCV1kNja6GoiKeGO5ek3QLE26Fha8itV xIXRFFmaPztTHWHzi8eI3GyDLt9WWRQL X-Received: by 10.223.135.249 with SMTP id c54mr7305139wrc.98.1501254725101; Fri, 28 Jul 2017 08:12:05 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.130.85 with HTTP; Fri, 28 Jul 2017 08:12:04 -0700 (PDT) In-Reply-To: References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> From: Tom Herbert Date: Fri, 28 Jul 2017 08:12:04 -0700 Message-ID: To: "Liubingyang (Bryan)" Cc: Alexander Clemm , Michael Menth , "ideas@ietf.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 15:12:09 -0000 On Thu, Jul 27, 2017 at 8:45 PM, Liubingyang (Bryan) wrote: > Hi Tom, > > I see what you mean. But I don't think your concern is specific to IP add= ress. Btw, I think certificate is just one way to bind identity with someth= ing, not the identity itself. > Bingyang, I think one difference is that certificate can be signed by a trusted third party whereas IP addresses aren't. The third party involvement is important since the signing authority is not in the data path for the communication which keeps a separation of functions and is stronger for privacy. In the case of a network provider it's both the authority and in the data path for IP addresses-- this is probably necessary but lessens the possibility of making IP addresses secure mechanisms. Tom > Bingyang > > -----Original Message----- > From: Tom Herbert [mailto:tom@herbertland.com] > Sent: Friday, July 28, 2017 10:48 AM > To: Liubingyang (Bryan) > Cc: Alexander Clemm ; Michael Menth ; ideas@ietf.org > Subject: Re: [Ideas] Can identity directly link with IP address? > > On Thu, Jul 27, 2017 at 6:45 PM, Liubingyang (Bryan) wrote: >> Now I get it. But maybe I just know your IP address (I don=E2=80=99t wan= t to >> mention DNS here J) and communicate with you. In this case, if >> identity is still applicable, it may directly link with IP address, righ= t? >> > This question confuses me which I suppose it to say the notion of identif= y related to IP addressing is still confusing. If two nodes are able so suc= cessfully communicate using IP address then where does identity come into p= lay? If the applications need to verify whom they're talking they'll using = a mechanism like x.509 or TLS and should never rely on IP addresses as hav= ing any security properties. > > Tom > >> >> >> Bingyang >> >> >> >> From: Alexander Clemm >> Sent: Friday, July 28, 2017 3:01 AM >> To: Liubingyang (Bryan) ; Michael Menth >> >> Cc: ideas@ietf.org >> Subject: RE: RE: [Ideas] Can identity directly link with IP address? >> >> >> >> Hi Bingyang, >> >> >> >> You need to be able to refer to another endpoint, so you need to know at >> least one of its identifiers in order to send it traffic. But, I don= =E2=80=99t >> need to know your identity (in the narrower sense of IDEAS). To use >> an analogy, I can send you an email using your identifier >> liubingyang@huawei.com, but I don=E2=80=99t need to know your birth >> certificate and passport number to assert your identity, nor would I >> expect providing those to send you email. >> >> >> >> Cheers >> >> --- Alex >> >> >> >> From: Liubingyang (Bryan) >> Sent: Thursday, July 27, 2017 10:40 AM >> To: Alexander Clemm ; Michael Menth >> >> Cc: ideas@ietf.org >> Subject: Re: RE: [Ideas] Can identity directly link with IP address? >> >> >> >> Hi Alex >> >> Sorry I don't get it. Why what you "know" should be what you link with >> identity? And what if I just "know" your ip ? >> >> >> ----------------------------------------------Bingyang Liu >> M: +86-15810795994 >> E: liubingyang@huawei.com >> 2012 Laboratories-NG IP Network Laboratory,2012Labs >> >> From: Alexander Clemm >> >> To: Michael Menth;Liubingyang >> (Bryan) >> >> Cc: ideas@ietf.org >> >> Subject: RE: [Ideas] Can identity directly link with IP address? >> >> Time: 2017-07-28 01:02:24 >> >> >> >> Yes, in principle possible. >> >> The question is only, who will actually know the identity. In >> general, endpoints will be referred to by an identifier by other >> parties. I would envision that other parties may "know" other >> endpoints by public identifiers, but not by their actual identity (by >> which they would be authenticated to GRIDS). So, while a mapping >> system might be designed with flexibility for such queries in mind, I >> don't think supporting it would be a requirement - certainly not initial= ly. >> >> I am not sure I would go to multiple tiers of identities. It's a >> possibility, but it would raise additional issues if we were to get >> into the realm of personal identities (as opposed to endpoint >> identities). So, IMHO we may want to stay clear of this. >> >> --- Alex >> >> -----Original Message----- >> From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael Menth >> Sent: Thursday, July 27, 2017 3:11 AM >> To: Liubingyang (Bryan) >> Cc: ideas@ietf.org >> Subject: Re: [Ideas] Can identity directly link with IP address? >> >> Dear Bingyang, all, >> >> good point! You essentially propose a more flexible mapping between >> identity and identifiers. I think it generally makes sense that the >> new mapping system with access control is not limited to the currently >> three obvious layers identity-identifier-locator, but follows a more >> flexible >> identifier->identifier mapping, whereby an identity is a special >> identifier. There may be use cases where >> identity->identity may make sense, e.g., mapping of a user to its device= s. >> This would also allow identity->locator which would be helpful to >> support ID-networking w/ legacy IPv4/v6 but w/o loc/ID split. >> >> Regards, >> >> Michael >> >> Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): >>> Hi all, >>> >>> >>> >>> The current model seems like identity---identifier---locator, and >>> identity is bound with ID/Loc protocols. >>> >>> Do you think identity can directly link to IP address, i.e., >>> identity---IP address, and be applied to the =E2=80=9Clegacy=E2=80=9D I= Pv4/IPv6 >>> without identifiers as intermediate? >>> >>> >>> >>> Bingyang (Bryan) >>> >>> >>> >>> _______________________________________________ >>> Ideas mailing list >>> Ideas@ietf.org >>> https://www.ietf.org/mailman/listinfo/ideas >>> >> >> -- >> Prof. Dr. habil. Michael Menth >> University of Tuebingen >> Faculty of Science >> Department of Computer Science >> Chair of Communication Networks >> Sand 13, 72076 Tuebingen, Germany >> phone: (+49)-7071/29-70505 >> fax: (+49)-7071/29-5220 >> mailto:menth@uni-tuebingen.de >> http://kn.inf.uni-tuebingen.de >> >> _______________________________________________ >> Ideas mailing list >> Ideas@ietf.org >> https://www.ietf.org/mailman/listinfo/ideas >> >> >> _______________________________________________ >> Ideas mailing list >> Ideas@ietf.org >> https://www.ietf.org/mailman/listinfo/ideas >> From nobody Fri Jul 28 09:45:01 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83D07131CDC for ; Fri, 28 Jul 2017 09:44:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gx1Yu4Af0jpL for ; Fri, 28 Jul 2017 09:44:55 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 172DA131CE0 for ; Fri, 28 Jul 2017 09:44:54 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DLM25638; Fri, 28 Jul 2017 16:44:52 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by lhreml705-cah.china.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 28 Jul 2017 17:44:52 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Fri, 28 Jul 2017 09:44:37 -0700 From: Alexander Clemm To: Tom Herbert , "Liubingyang (Bryan)" CC: Michael Menth , "ideas@ietf.org" Thread-Topic: [Ideas] Can identity directly link with IP address? Thread-Index: AQHTB0wCgrudF1hEI06Ny+YHLnWD/6JpDoqAgAC/9AD//6LO0A== Date: Fri, 28 Jul 2017 16:44:37 +0000 Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.48.65] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020202.597B6A05.00A1, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 1734ba477ae20b7c46dab7c8062861fb Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 16:44:58 -0000 WWVzLCBleGFjdGx5LiAgDQpBbmQgbGlrZXdpc2UsIEdSSURTIHdpbGwgbm90IGJlIGluIHRoZSBk YXRhIHBhdGguICANClRvIGNvbW11bmljYXRlIHN1Y2Nlc3NmdWxseSwgYSBub2RlIHdpbGwgbmVl ZCB0byBtZXJlbHkga25vdyB0aGUgaWRlbnRpZmllciBvZiB3aG8gaXQgd2FudHMgdG8gdGFsayB0 byAoYW5kIHdoaWNoIGNhbiBiZSByZXNvbHZlZCB0byBhIGxvY2F0b3IpLiAgSWRlbnRpdHkgaXMg bmVlZGVkIHNvIHRoYXQgeW91IGNhbiBlLmcuIGVhc2lseSBhc3NvY2lhdGUgbXVsdGlwbGUgaWRl bnRpZmllcnMgd2l0aCB0aGUgc2FtZSBlbmRwb2ludCAoZm9yIGV4YW1wbGUsIHNvIHlvdSBjYW4g ZWFzaWVyIGFwcGx5IGFub255bWl6YXRpb24gc2NoZW1lcyBzdWNoIGFzIHdhcyBtZW50aW9uZWQg YnkgRGlubyksIGFuZCBzbyBpdCBpcyBlYXNpZXIgdG8gYWRtaW5pc3RlciB0aGUgb3ZlcmFsbCBz eXN0ZW0gKHN1Y2ggYXMsIGZpcmV3YWxsIHJ1bGVzLCB3aGljaCB3b3VsZCBiZSBuaWNlIGlmIHlv dSBjb3VsZCBhdm9pZCBoYXZpbmcgdG8gdXBkYXRlIHRoZW0gZXZlcnkgdGltZSBhbiBlbmRwb2lu dCdzIElQIGFkZHJlc3MgY2hhbmdlcykuICANCi0tLSBBbGV4DQoNCi0tLS0tT3JpZ2luYWwgTWVz c2FnZS0tLS0tDQpGcm9tOiBUb20gSGVyYmVydCBbbWFpbHRvOnRvbUBoZXJiZXJ0bGFuZC5jb21d IA0KU2VudDogRnJpZGF5LCBKdWx5IDI4LCAyMDE3IDg6MTIgQU0NClRvOiBMaXViaW5neWFuZyAo QnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KQ2M6IEFsZXhhbmRlciBDbGVtbSA8YWxl eGFuZGVyLmNsZW1tQGh1YXdlaS5jb20+OyBNaWNoYWVsIE1lbnRoIDxtZW50aEB1bmktdHVlYmlu Z2VuLmRlPjsgaWRlYXNAaWV0Zi5vcmcNClN1YmplY3Q6IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0 eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8NCg0KT24gVGh1LCBKdWwgMjcsIDIwMTcg YXQgODo0NSBQTSwgTGl1YmluZ3lhbmcgKEJyeWFuKSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT4g d3JvdGU6DQo+IEhpIFRvbSwNCj4NCj4gSSBzZWUgd2hhdCB5b3UgbWVhbi4gQnV0IEkgZG9uJ3Qg dGhpbmsgeW91ciBjb25jZXJuIGlzIHNwZWNpZmljIHRvIElQIGFkZHJlc3MuIEJ0dywgSSB0aGlu ayBjZXJ0aWZpY2F0ZSBpcyBqdXN0IG9uZSB3YXkgdG8gYmluZCBpZGVudGl0eSB3aXRoIHNvbWV0 aGluZywgbm90IHRoZSBpZGVudGl0eSBpdHNlbGYuDQo+DQpCaW5neWFuZywNCg0KSSB0aGluayBv bmUgZGlmZmVyZW5jZSBpcyB0aGF0IGNlcnRpZmljYXRlIGNhbiBiZSBzaWduZWQgYnkgYSB0cnVz dGVkIHRoaXJkIHBhcnR5IHdoZXJlYXMgSVAgYWRkcmVzc2VzIGFyZW4ndC4gVGhlIHRoaXJkIHBh cnR5IGludm9sdmVtZW50IGlzIGltcG9ydGFudCBzaW5jZSB0aGUgc2lnbmluZyBhdXRob3JpdHkg aXMgbm90IGluIHRoZSBkYXRhIHBhdGggZm9yIHRoZSBjb21tdW5pY2F0aW9uIHdoaWNoIGtlZXBz IGEgc2VwYXJhdGlvbiBvZiBmdW5jdGlvbnMgYW5kIGlzIHN0cm9uZ2VyIGZvciBwcml2YWN5LiBJ biB0aGUgY2FzZSBvZiBhIG5ldHdvcmsgcHJvdmlkZXIgaXQncyBib3RoIHRoZSBhdXRob3JpdHkg YW5kIGluIHRoZSBkYXRhIHBhdGggZm9yIElQIGFkZHJlc3Nlcy0tIHRoaXMgaXMgcHJvYmFibHkg bmVjZXNzYXJ5IGJ1dCBsZXNzZW5zIHRoZSBwb3NzaWJpbGl0eSBvZiBtYWtpbmcgSVAgYWRkcmVz c2VzIHNlY3VyZSBtZWNoYW5pc21zLg0KDQpUb20NCg0KPiBCaW5neWFuZw0KPg0KPiAtLS0tLU9y aWdpbmFsIE1lc3NhZ2UtLS0tLQ0KPiBGcm9tOiBUb20gSGVyYmVydCBbbWFpbHRvOnRvbUBoZXJi ZXJ0bGFuZC5jb21dDQo+IFNlbnQ6IEZyaWRheSwgSnVseSAyOCwgMjAxNyAxMDo0OCBBTQ0KPiBU bzogTGl1YmluZ3lhbmcgKEJyeWFuKSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT4NCj4gQ2M6IEFs ZXhhbmRlciBDbGVtbSA8YWxleGFuZGVyLmNsZW1tQGh1YXdlaS5jb20+OyBNaWNoYWVsIE1lbnRo IA0KPiA8bWVudGhAdW5pLXR1ZWJpbmdlbi5kZT47IGlkZWFzQGlldGYub3JnDQo+IFN1YmplY3Q6 IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8N Cj4NCj4gT24gVGh1LCBKdWwgMjcsIDIwMTcgYXQgNjo0NSBQTSwgTGl1YmluZ3lhbmcgKEJyeWFu KSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT4gd3JvdGU6DQo+PiBOb3cgSSBnZXQgaXQuIEJ1dCBt YXliZSBJIGp1c3Qga25vdyB5b3VyIElQIGFkZHJlc3MgKEkgZG9u4oCZdCB3YW50IHRvIA0KPj4g bWVudGlvbiBETlMgaGVyZSBKKSBhbmQgY29tbXVuaWNhdGUgd2l0aCB5b3UuIEluIHRoaXMgY2Fz ZSwgaWYgDQo+PiBpZGVudGl0eSBpcyBzdGlsbCBhcHBsaWNhYmxlLCBpdCBtYXkgZGlyZWN0bHkg bGluayB3aXRoIElQIGFkZHJlc3MsIHJpZ2h0Pw0KPj4NCj4gVGhpcyBxdWVzdGlvbiBjb25mdXNl cyBtZSB3aGljaCBJIHN1cHBvc2UgaXQgdG8gc2F5IHRoZSBub3Rpb24gb2YgaWRlbnRpZnkgcmVs YXRlZCB0byBJUCBhZGRyZXNzaW5nIGlzIHN0aWxsIGNvbmZ1c2luZy4gSWYgdHdvIG5vZGVzIGFy ZSBhYmxlIHNvIHN1Y2Nlc3NmdWxseSBjb21tdW5pY2F0ZSB1c2luZyBJUCBhZGRyZXNzIHRoZW4g d2hlcmUgZG9lcyBpZGVudGl0eSBjb21lIGludG8gcGxheT8gSWYgdGhlIGFwcGxpY2F0aW9ucyBu ZWVkIHRvIHZlcmlmeSB3aG9tIHRoZXkncmUgdGFsa2luZyB0aGV5J2xsIHVzaW5nIGEgbWVjaGFu aXNtIGxpa2UgeC41MDkgb3IgVExTICBhbmQgc2hvdWxkIG5ldmVyIHJlbHkgb24gSVAgYWRkcmVz c2VzIGFzIGhhdmluZyBhbnkgc2VjdXJpdHkgcHJvcGVydGllcy4NCj4NCj4gVG9tDQo+DQo+Pg0K Pj4NCj4+IEJpbmd5YW5nDQo+Pg0KPj4NCj4+DQo+PiBGcm9tOiBBbGV4YW5kZXIgQ2xlbW0NCj4+ IFNlbnQ6IEZyaWRheSwgSnVseSAyOCwgMjAxNyAzOjAxIEFNDQo+PiBUbzogTGl1YmluZ3lhbmcg KEJyeWFuKSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT47IE1pY2hhZWwgTWVudGggDQo+PiA8bWVu dGhAdW5pLXR1ZWJpbmdlbi5kZT4NCj4+IENjOiBpZGVhc0BpZXRmLm9yZw0KPj4gU3ViamVjdDog UkU6IFJFOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVz cz8NCj4+DQo+Pg0KPj4NCj4+IEhpIEJpbmd5YW5nLA0KPj4NCj4+DQo+Pg0KPj4gWW91IG5lZWQg dG8gYmUgYWJsZSB0byByZWZlciB0byBhbm90aGVyIGVuZHBvaW50LCBzbyB5b3UgbmVlZCB0byBr bm93IGF0DQo+PiBsZWFzdCBvbmUgb2YgaXRzIGlkZW50aWZpZXJzIGluIG9yZGVyIHRvIHNlbmQg aXQgdHJhZmZpYy4gICBCdXQsIEkgZG9u4oCZdA0KPj4gbmVlZCB0byBrbm93IHlvdXIgaWRlbnRp dHkgKGluIHRoZSBuYXJyb3dlciBzZW5zZSBvZiBJREVBUykuICBUbyB1c2UgDQo+PiBhbiBhbmFs b2d5LCBJIGNhbiBzZW5kIHlvdSBhbiBlbWFpbCB1c2luZyB5b3VyIGlkZW50aWZpZXIgDQo+PiBs aXViaW5neWFuZ0BodWF3ZWkuY29tLCBidXQgSSBkb27igJl0IG5lZWQgdG8ga25vdyB5b3VyIGJp cnRoIA0KPj4gY2VydGlmaWNhdGUgYW5kIHBhc3Nwb3J0IG51bWJlciB0byBhc3NlcnQgeW91ciBp ZGVudGl0eSwgbm9yIHdvdWxkIEkgDQo+PiBleHBlY3QgcHJvdmlkaW5nIHRob3NlIHRvIHNlbmQg eW91IGVtYWlsLg0KPj4NCj4+DQo+Pg0KPj4gQ2hlZXJzDQo+Pg0KPj4gLS0tIEFsZXgNCj4+DQo+ Pg0KPj4NCj4+IEZyb206IExpdWJpbmd5YW5nIChCcnlhbikNCj4+IFNlbnQ6IFRodXJzZGF5LCBK dWx5IDI3LCAyMDE3IDEwOjQwIEFNDQo+PiBUbzogQWxleGFuZGVyIENsZW1tIDxhbGV4YW5kZXIu Y2xlbW1AaHVhd2VpLmNvbT47IE1pY2hhZWwgTWVudGggDQo+PiA8bWVudGhAdW5pLXR1ZWJpbmdl bi5kZT4NCj4+IENjOiBpZGVhc0BpZXRmLm9yZw0KPj4gU3ViamVjdDogUmU6IFJFOiBbSWRlYXNd IENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8NCj4+DQo+Pg0KPj4N Cj4+IEhpIEFsZXgNCj4+DQo+PiBTb3JyeSBJIGRvbid0IGdldCBpdC4gV2h5IHdoYXQgeW91ICJr bm93IiBzaG91bGQgYmUgd2hhdCB5b3UgbGluayANCj4+IHdpdGggaWRlbnRpdHk/IEFuZCB3aGF0 IGlmIEkganVzdCAia25vdyIgeW91ciBpcCA/DQo+Pg0KPj4NCj4+IC0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1CaW5neWFuZyBMaXUNCj4+IE06ICs4Ni0xNTgx MDc5NTk5NA0KPj4gRTogbGl1YmluZ3lhbmdAaHVhd2VpLmNvbQ0KPj4gMjAxMiBMYWJvcmF0b3Jp ZXMtTkcgSVAgTmV0d29yayBMYWJvcmF0b3J5LDIwMTJMYWJzDQo+Pg0KPj4gRnJvbTogQWxleGFu ZGVyIENsZW1tDQo+Pg0KPj4gVG86IE1pY2hhZWwgTWVudGg8bWVudGhAdW5pLXR1ZWJpbmdlbi5k ZT47TGl1YmluZ3lhbmcNCj4+IChCcnlhbik8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT4NCj4+DQo+ PiBDYzogaWRlYXNAaWV0Zi5vcmcNCj4+DQo+PiBTdWJqZWN0OiBSRTogW0lkZWFzXSBDYW4gaWRl bnRpdHkgZGlyZWN0bHkgbGluayB3aXRoIElQIGFkZHJlc3M/DQo+Pg0KPj4gVGltZTogMjAxNy0w Ny0yOCAwMTowMjoyNA0KPj4NCj4+DQo+Pg0KPj4gWWVzLCBpbiBwcmluY2lwbGUgcG9zc2libGUu DQo+Pg0KPj4gVGhlIHF1ZXN0aW9uIGlzIG9ubHksIHdobyB3aWxsIGFjdHVhbGx5IGtub3cgdGhl IGlkZW50aXR5LiAgSW4gDQo+PiBnZW5lcmFsLCBlbmRwb2ludHMgd2lsbCBiZSByZWZlcnJlZCB0 byBieSBhbiBpZGVudGlmaWVyIGJ5IG90aGVyIA0KPj4gcGFydGllcy4gIEkgd291bGQgZW52aXNp b24gdGhhdCBvdGhlciBwYXJ0aWVzIG1heSAia25vdyIgb3RoZXIgDQo+PiBlbmRwb2ludHMgYnkg cHVibGljIGlkZW50aWZpZXJzLCBidXQgbm90IGJ5IHRoZWlyIGFjdHVhbCBpZGVudGl0eSAoYnkg DQo+PiB3aGljaCB0aGV5IHdvdWxkIGJlIGF1dGhlbnRpY2F0ZWQgdG8gR1JJRFMpLiAgU28sIHdo aWxlIGEgbWFwcGluZyANCj4+IHN5c3RlbSBtaWdodCBiZSBkZXNpZ25lZCB3aXRoIGZsZXhpYmls aXR5IGZvciBzdWNoIHF1ZXJpZXMgaW4gbWluZCwgSSANCj4+IGRvbid0IHRoaW5rIHN1cHBvcnRp bmcgaXQgd291bGQgYmUgYSByZXF1aXJlbWVudCAtIGNlcnRhaW5seSBub3QgaW5pdGlhbGx5Lg0K Pj4NCj4+IEkgYW0gbm90IHN1cmUgSSB3b3VsZCBnbyB0byBtdWx0aXBsZSB0aWVycyBvZiBpZGVu dGl0aWVzLiAgSXQncyBhIA0KPj4gcG9zc2liaWxpdHksIGJ1dCBpdCB3b3VsZCByYWlzZSBhZGRp dGlvbmFsIGlzc3VlcyBpZiB3ZSB3ZXJlIHRvIGdldCANCj4+IGludG8gdGhlIHJlYWxtIG9mIHBl cnNvbmFsIGlkZW50aXRpZXMgKGFzIG9wcG9zZWQgdG8gZW5kcG9pbnQgDQo+PiBpZGVudGl0aWVz KS4gIFNvLCBJTUhPIHdlIG1heSB3YW50IHRvIHN0YXkgY2xlYXIgb2YgdGhpcy4NCj4+DQo+PiAt LS0gQWxleA0KPj4NCj4+IC0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQo+PiBGcm9tOiBJZGVh cyBbbWFpbHRvOmlkZWFzLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBNaWNoYWVsIA0K Pj4gTWVudGgNCj4+IFNlbnQ6IFRodXJzZGF5LCBKdWx5IDI3LCAyMDE3IDM6MTEgQU0NCj4+IFRv OiBMaXViaW5neWFuZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KPj4gQ2M6IGlk ZWFzQGlldGYub3JnDQo+PiBTdWJqZWN0OiBSZTogW0lkZWFzXSBDYW4gaWRlbnRpdHkgZGlyZWN0 bHkgbGluayB3aXRoIElQIGFkZHJlc3M/DQo+Pg0KPj4gRGVhciBCaW5neWFuZywgYWxsLA0KPj4N Cj4+IGdvb2QgcG9pbnQhIFlvdSBlc3NlbnRpYWxseSBwcm9wb3NlIGEgbW9yZSBmbGV4aWJsZSBt YXBwaW5nIGJldHdlZW4gDQo+PiBpZGVudGl0eSBhbmQgaWRlbnRpZmllcnMuIEkgdGhpbmsgaXQg Z2VuZXJhbGx5IG1ha2VzIHNlbnNlIHRoYXQgdGhlIA0KPj4gbmV3IG1hcHBpbmcgc3lzdGVtIHdp dGggYWNjZXNzIGNvbnRyb2wgaXMgbm90IGxpbWl0ZWQgdG8gdGhlIA0KPj4gY3VycmVudGx5IHRo cmVlIG9idmlvdXMgbGF5ZXJzIGlkZW50aXR5LWlkZW50aWZpZXItbG9jYXRvciwgYnV0IA0KPj4g Zm9sbG93cyBhIG1vcmUgZmxleGlibGUNCj4+IGlkZW50aWZpZXItPmlkZW50aWZpZXIgbWFwcGlu Zywgd2hlcmVieSBhbiBpZGVudGl0eSBpcyBhIHNwZWNpYWwNCj4+IGlkZW50aWZpZXIuIFRoZXJl IG1heSBiZSB1c2UgY2FzZXMgd2hlcmUNCj4+IGlkZW50aXR5LT5pZGVudGl0eSBtYXkgbWFrZSBz ZW5zZSwgZS5nLiwgbWFwcGluZyBvZiBhIHVzZXIgdG8gaXRzIGRldmljZXMuDQo+PiBUaGlzIHdv dWxkIGFsc28gYWxsb3cgaWRlbnRpdHktPmxvY2F0b3Igd2hpY2ggd291bGQgYmUgaGVscGZ1bCB0 byANCj4+IHN1cHBvcnQgSUQtbmV0d29ya2luZyB3LyBsZWdhY3kgSVB2NC92NiBidXQgdy9vIGxv Yy9JRCBzcGxpdC4NCj4+DQo+PiBSZWdhcmRzLA0KPj4NCj4+IE1pY2hhZWwNCj4+DQo+PiBBbSAy Ny4wNy4yMDE3IHVtIDExOjQ0IHNjaHJpZWIgTGl1YmluZ3lhbmcgKEJyeWFuKToNCj4+PiBIaSBh bGwsDQo+Pj4NCj4+Pg0KPj4+DQo+Pj4gVGhlIGN1cnJlbnQgbW9kZWwgc2VlbXMgbGlrZSBpZGVu dGl0eS0tLWlkZW50aWZpZXItLS1sb2NhdG9yLCBhbmQgDQo+Pj4gaWRlbnRpdHkgaXMgYm91bmQg d2l0aCBJRC9Mb2MgcHJvdG9jb2xzLg0KPj4+DQo+Pj4gRG8geW91IHRoaW5rIGlkZW50aXR5IGNh biBkaXJlY3RseSBsaW5rIHRvIElQIGFkZHJlc3MsIGkuZS4sIA0KPj4+IGlkZW50aXR5LS0tSVAg YWRkcmVzcywgYW5kIGJlIGFwcGxpZWQgdG8gdGhlIOKAnGxlZ2FjeeKAnSBJUHY0L0lQdjYgDQo+ Pj4gd2l0aG91dCBpZGVudGlmaWVycyBhcyBpbnRlcm1lZGlhdGU/DQo+Pj4NCj4+Pg0KPj4+DQo+ Pj4gQmluZ3lhbmcgKEJyeWFuKQ0KPj4+DQo+Pj4NCj4+Pg0KPj4+IF9fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQo+Pj4gSWRlYXMgbWFpbGluZyBsaXN0DQo+ Pj4gSWRlYXNAaWV0Zi5vcmcNCj4+PiBodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3Rp bmZvL2lkZWFzDQo+Pj4NCj4+DQo+PiAtLQ0KPj4gUHJvZi4gRHIuIGhhYmlsLiBNaWNoYWVsIE1l bnRoDQo+PiBVbml2ZXJzaXR5IG9mIFR1ZWJpbmdlbg0KPj4gRmFjdWx0eSBvZiBTY2llbmNlDQo+ PiBEZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UNCj4+IENoYWlyIG9mIENvbW11bmljYXRp b24gTmV0d29ya3MNCj4+IFNhbmQgMTMsIDcyMDc2IFR1ZWJpbmdlbiwgR2VybWFueQ0KPj4gcGhv bmU6ICgrNDkpLTcwNzEvMjktNzA1MDUNCj4+IGZheDogKCs0OSktNzA3MS8yOS01MjIwDQo+PiBt YWlsdG86bWVudGhAdW5pLXR1ZWJpbmdlbi5kZQ0KPj4gaHR0cDovL2tuLmluZi51bmktdHVlYmlu Z2VuLmRlDQo+Pg0KPj4gX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX18NCj4+IElkZWFzIG1haWxpbmcgbGlzdA0KPj4gSWRlYXNAaWV0Zi5vcmcNCj4+IGh0dHBz Oi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vaWRlYXMNCj4+DQo+Pg0KPj4gX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj4+IElkZWFzIG1haWxp bmcgbGlzdA0KPj4gSWRlYXNAaWV0Zi5vcmcNCj4+IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxt YW4vbGlzdGluZm8vaWRlYXMNCj4+DQo= From nobody Fri Jul 28 09:56:21 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E62D131748 for ; Fri, 28 Jul 2017 09:56:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.522 X-Spam-Level: X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id idSxlmdKeWZ9 for ; Fri, 28 Jul 2017 09:56:17 -0700 (PDT) Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B608B12EB5D for ; Fri, 28 Jul 2017 09:56:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=17384; q=dns/txt; s=iport; t=1501260977; x=1502470577; h=from:to:subject:date:message-id:mime-version; bh=CAosE6hJ6Dp3XFnTuN+0Dg2B6Pu7ht2KrJyrMO6ErhU=; b=DwINnKFCOnX/MgtWL7jYCt61p5u1cnVEO/DdItBv/OByjjFwYDJbL4GF BNurw3g+l8zsDAVCPefCZxxADEUPCNe4vcHMU87fkuDmG+Js+NzAz+uvl gU09owyVftehRJwxzp8gG/os5tNGHAxA0JFFNp5JbQwk4KRIywUVt4fhy s=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BnAgD5a3tZ/5ldJa1UCRsBAQEDAQEBC?= =?us-ascii?q?QEBAYJva2RtJweOBo96gWuQXIUvDoIELIU3g1g/GAECAQEBAQEBAWsdC4UZAQQ?= =?us-ascii?q?BIwpRDQEGAj8DAgQwFBMEExSJN1wIEJIxnWSCJieLGAEBAQEBAQEBAQEBAQEBA?= =?us-ascii?q?QEBAQEBARgFgyiDTYFhK4J8hD0Mgz0wgjEFl2CIDQKHTYxXggyFUopelXEBHzi?= =?us-ascii?q?BCncVSRIBhwZ2AYhxgQ4BAQE?= X-IronPort-AV: E=Sophos;i="5.40,425,1496102400"; d="scan'208,217";a="462337466" Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Jul 2017 16:56:16 +0000 Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id v6SGuGTV021146 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for ; Fri, 28 Jul 2017 16:56:16 GMT Received: from xch-aln-002.cisco.com (173.36.7.12) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Fri, 28 Jul 2017 11:56:15 -0500 Received: from xch-aln-002.cisco.com ([173.36.7.12]) by XCH-ALN-002.cisco.com ([173.36.7.12]) with mapi id 15.00.1210.000; Fri, 28 Jul 2017 11:56:15 -0500 From: "Alvaro Retana (aretana)" To: "ideas@ietf.org" Thread-Topic: [Ideas] IDEAS BoF at IETF 99 Thread-Index: AQHTB8JsAqwNdWNTfEKqYGIxV7H2Vg== Date: Fri, 28 Jul 2017 16:56:15 +0000 Message-ID: <2D8B5CDE-ABFC-4BB5-849D-B1F6BD4D7B91@cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/f.22.0.170515 x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.117.15.4] Content-Type: multipart/alternative; boundary="_000_2D8B5CDEABFC4BB5849DB1F6BD4D7B91ciscocom_" MIME-Version: 1.0 Archived-At: Subject: Re: [Ideas] IDEAS BoF at IETF 99 X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 16:56:20 -0000 --_000_2D8B5CDEABFC4BB5849DB1F6BD4D7B91ciscocom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 T24gNi83LzE3LCA1OjQ2IFBNLCAiSWRlYXMgb24gYmVoYWxmIG9mIEFsdmFybyBSZXRhbmEgKGFy ZXRhbmEpIiA8aWRlYXMtYm91bmNlc0BpZXRmLm9yZzxtYWlsdG86aWRlYXMtYm91bmNlc0BpZXRm Lm9yZz4gb24gYmVoYWxmIG9mIGFyZXRhbmFAY2lzY28uY29tPG1haWx0bzphcmV0YW5hQGNpc2Nv LmNvbT4+IHdyb3RlOg0KDQpEZWFyIElERUFTIGxpc3Q6DQoNCkZpcnN0IG9mIGFsbCwgSSB3YW50 IHRvIHRoYW5rIHRoZSBwcm9wb25lbnRzIGFuZCBldmVyeW9uZSB3aG8gcGFydGljaXBhdGVkIGlu IGxhc3Qgd2Vla+KAmXMgQk9GIGluIFByYWd1ZS4gIFNwZWNpYWwgdGhhbmtzIHRvIHRoZSBCT0Yg Q2hhaXJzIQ0KDQo+IFRoZSBJQUIvSUVTRyBoZWxkIG91ciBCb0YgQ29vcmRpbmF0aW9uIENhbGwg dG9kYXksIGFuZCBpdCB3YXMgZGVjaWRlZA0KPiB0byBnbyBmb3J3YXJkIHdpdGggYW4gSURFQVMg Qm9GIGF0IElFVEYgOTkuICBDb25ncmF0dWxhdGlvbnMhDQo+DQo+IFRoZXJlIGFyZSBob3dldmVy IHNvbWUgY29uY2VybnMgdGhhdCB3ZSBuZWVkIHlvdSAocHJvcG9uZW50cy8NCj4gcGFydGljaXBh bnRzL2F1dGhvcnMpIHRvIGFkZHJlc3MgYXQgdGhlIEJvRi4gIEJhc2VkIG9uIHRoYXQsIHdlIHNo b3VsZA0KPiBpZGVhbGx5IGJlIGFibGUgdG8gdGFrZSBzb21lIGFjdGlvbuKApiBGcm9tIG15IHBv aW50IG9mIHZpZXcsIHRoZSBzdWNjZXNzDQo+IG9mIHRoZSBCb0Ygc2hvdWxkIGJlIG1lYXN1cmVk IGJ5IHdoZXRoZXIgd2UgaGF2ZSB0aGUgbmVjZXNzYXJ5DQo+IGluZm9ybWF0aW9uIHRvIG1ha2Ug dGhlIGNvcnJlY3QgZGVjaXNpb24uDQoNClRoZSBjb25zZW5zdXMgYW1vbmcgdGhlIENoYWlycyBh bmQgdGhlIElFU0cvSUFCIGlzIHRoYXQgdGhlIG1hdGVyaWFscyBwcmVzZW50ZWQgYXQgdGhlIEJP RiByZXN1bHRlZCBpbiB0aGUgZmVlbGluZyB0aGF0IHRoZXJlIGlzIHNvbWV0aGluZyB0byBiZSBk b25lIGhlcmUsIGJ1dCB0aGF0IOKAnHNvbWV0aGluZ+KAnSBpcyBub3QgY2xlYXIuICBJbiBwYXJ0 LCB0aGlzIGltcHJlc3Npb24gY29tZXMgZnJvbSB0aGUgd2lkZS1yYW5naW5nIGRpc2N1c3Npb24g 4oCTIGluIHBhcnQgZnJvbSB0aGUgZmFjdCB0aGF0IG1vc3Qgb2YgdGhlIHRlY2huaWNhbCBkaXNj dXNzaW9ucyBoYXZlIHNvIGZhciBub3QgYmVlbiBoZWxkIG9uIHRoZSBsaXN0LiAgVG8gcGFyYXBo cmFzZSBvbmUgb2YgdGhlIHBhcnRpY2lwYW50czog4oCcSSBrbm93IHdoYXQgSSB3YW50LCBhbmQg SSBraW5kIG9mIGtub3cgd2hhdCBvdGhlcnMgd2FudOKAneKApg0KDQpXaGF0IGFyZSB0aGUgbmV4 dCBzdGVwcz8gIEkgd291bGQgbGlrZSB0byBzZWUgbW9yZSBkaXNjdXNzaW9ucyBhbmQgcGFydGlj aXBhdGlvbiBvbiB0aGUgbGlzdCwgdG8gcmVmbGVjdCB0aGUgaW50ZXJlc3QgaW4gdGhlIHJvb20g 4oCTIHNvbWUgb2YgdGhhdCBpcyBzdGFydGluZyB0byBoYXBwZW4gYWxyZWFkeS4NCg0KSSBkb27i gJl0IHRoaW5rIHRoYXQgdGhpcyBlZmZvcnQgd291bGQgbmVjZXNzYXJpbHkgYmVuZWZpdCBmcm9t IHRoZSBCT0YgcmVzdWx0IGJlaW5nIOKAnGxldOKAmXMgdHJ5IGl0IGFnYWluIG5leHQgdGltZeKA nS4gIEFsdGVybmF0aXZlbHksIEkgYW0gd2lsbGluZyB0byBzcG9uc29yIGEgZm9jdXNlZCBXRyBw cm9wb3NhbCBbKl0gdG8gZGVmaW5lIGEgZnJhbWV3b3JrIHRoYXQgcmVmbGVjdHMgY29uc2Vuc3Vz IG9uIHdoYXQgaXMgZXhwZWN0ZWQgZnJvbSB0aGUgbWFwcGluZyBzeXN0ZW0sIHRoZSBxdWVzdGlv bnMgYXJvdW5kIGlkZW50aXR5IHBlcnNpc3RlbmNlLCBwcml2YWN5LCBldGMuICBJIG5vdGUgdGhh dCB0aGUgQk9GIHByb3Bvc2FsIFsxXSBpbmNsdWRlZCBwcmVjaXNlbHkgYSBmcmFtZXdvcmsgYXMg bWlsZXN0b25lc+KApg0KDQo9PT0NCk1pbGVzdG9uZXMNCkRlYyAyMDE3IEFkb3B0IFdHIGRyYWZ0 IGZvciB0aGUgSWRlbnRpdHkgU2VydmljZXMgZnJhbWV3b3JrDQpNYXkgMjAxOCBXR0xDIGZvciB0 aGUgSWRlbnRpdHkgU2VydmljZXMgZnJhbWV3b3JrDQpBdWd1c3QgMjAxOCBTZW5kIElkZW50aXR5 IFNlcnZpY2VzIGZyYW1ld29yayBkcmFmdCB0byB0aGUgSUVTRw0KPT09DQoNCuKApmJ1dCB0aGUg Y3VycmVudCBwcm9wb3NlZCBjaGFydGVyIFsyXSBkb2VzIG5vdCByZWZsZWN0IHRoYXQuDQoNCklm IHRoZSBncm91cCBoYXMgdGhlIGludGVyZXN0IHRvIGZvbGxvdyB0aGlzIGZvY3VzZWQgcGF0aCwg cGxlYXNlIHN0YXJ0IHRoZSBkaXNjdXNzaW9uIGFyb3VuZCBhbiB1cGRhdGVkIHByb3Bvc2VkIGNo YXJ0ZXIuICBJZiB3ZSBzZXR0bGUgb24gdGhlIHRleHQgcXVpY2tseSwgd2Ugc2hvdWxkIGJlIGFi bGUgdG8gdGFrZSBhIHByb3Bvc2FsIHRocm91Z2ggdGhlIHByb2Nlc3MgKGxvbmcpIGJlZm9yZSB0 aGUgbmV4dCBJRVRGLiAgSSB3b3VsZCBob3BlIGZvciBhbiBhZ2dyZXNzaXZlIHRpbWVsaW5lIGlu IGNvbXBsZXRpbmcgdGhhdCBwaWVjZSBvZiB3b3JrLg0KDQpUaGFua3MhDQoNCkFsdmFyby4NCg0K DQpbKl0gT2J2aW91c2x5LCB0aGUgbm9ybWFsIGFwcHJvdmFsIHByb2Nlc3Mgd291bGQgYmUgZm9s bG93ZWQ6IElFU0cvSUFCL2NvbW11bml0eSByZXZpZXcsIGV0Yy4NClsxXSBodHRwczovL3RyYWMu dG9vbHMuaWV0Zi5vcmcvYm9mL3RyYWMvDQpbMl0gaHR0cHM6Ly9naXRodWIuY29tL0lFVEYtSURF QVMvQ2hhcnRlci1Qcm9wb3NhbA0K --_000_2D8B5CDEABFC4BB5849DB1F6BD4D7B91ciscocom_ Content-Type: text/html; charset="utf-8" Content-ID: <86153C2C997DF24BAACC6C6C8C1B24DD@emea.cisco.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxuczptdj0iaHR0cDovL21hY1ZtbFNj aGVtYVVyaSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnL1RSL1JFQy1odG1sNDAiPg0KPGhlYWQ+ DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hh cnNldD11dGYtOCI+DQo8bWV0YSBuYW1lPSJUaXRsZSIgY29udGVudD0iIj4NCjxtZXRhIG5hbWU9 IktleXdvcmRzIiBjb250ZW50PSIiPg0KPG1ldGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJN aWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQgbWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9u dCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRo IjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1m YW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUgMiAyIDIgNCAzIDIgNDt9DQovKiBTdHls ZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1h bA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTIu MHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLHNlcmlmO30NCmE6bGluaywgc3Bh bi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJ dGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQphOnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5r Rm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0 LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnNwYW4uRW1haWxTdHlsZTE3DQoJe21zby1zdHlsZS10 eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCWNvbG9y OndpbmRvd3RleHQ7DQoJZm9udC13ZWlnaHQ6bm9ybWFsOw0KCWZvbnQtc3R5bGU6bm9ybWFsO30N CnNwYW4uRW1haWxTdHlsZTE4DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsLWNvbXBvc2U7DQoJ Zm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJY29sb3I6d2luZG93dGV4dDsNCglm b250LXdlaWdodDpub3JtYWw7DQoJZm9udC1zdHlsZTpub3JtYWw7fQ0Kc3Bhbi5tc29JbnMNCgl7 bXNvLXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJbXNvLXN0eWxlLW5hbWU6IiI7DQoJdGV4dC1k ZWNvcmF0aW9uOnVuZGVybGluZTsNCgljb2xvcjp0ZWFsO30NCi5Nc29DaHBEZWZhdWx0DQoJe21z by1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZvbnQtc2l6ZToxMC4wcHQ7fQ0KQHBhZ2UgV29y ZFNlY3Rpb24xDQoJe3NpemU6OC41aW4gMTEuMGluOw0KCW1hcmdpbjoxLjBpbiAxLjBpbiAxLjBp biAxLjBpbjt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29yZFNlY3Rpb24xO30NCi0tPjwv c3R5bGU+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWRlZmF1bHRzIHY6ZXh0PSJl ZGl0IiBzcGlkbWF4PSIxMDI3Ii8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28g OV0+PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJl ZGl0IiBkYXRhPSIxIi8+DQo8L286c2hhcGVsYXlvdXQ+PC94bWw+PCFbZW5kaWZdLS0+DQo8L2hl YWQ+DQo8Ym9keSBiZ2NvbG9yPSJ3aGl0ZSIgbGFuZz0iRU4tVVMiIGxpbms9ImJsdWUiIHZsaW5r PSJwdXJwbGUiPg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rpb24xIj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2Vy aWYiPk9uIDYvNy8xNywgNTo0NiBQTSwgJnF1b3Q7SWRlYXMgb24gYmVoYWxmIG9mIEFsdmFybyBS ZXRhbmEgKGFyZXRhbmEpJnF1b3Q7ICZsdDs8L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5 OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+PGEgaHJlZj0ibWFpbHRvOmlkZWFzLWJv dW5jZXNAaWV0Zi5vcmciPmlkZWFzLWJvdW5jZXNAaWV0Zi5vcmc8L2E+PC9zcGFuPjxzcGFuIHN0 eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWYiPg0KIG9uIGJl aGFsZiBvZiA8L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVv dDssc2Fucy1zZXJpZiI+PGEgaHJlZj0ibWFpbHRvOmFyZXRhbmFAY2lzY28uY29tIj5hcmV0YW5h QGNpc2NvLmNvbTwvYT48L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGli cmkmcXVvdDssc2Fucy1zZXJpZiI+Jmd0OyB3cm90ZTo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90 O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGli cmkmcXVvdDssc2Fucy1zZXJpZiI+RGVhciBJREVBUyBsaXN0OjxvOnA+PC9vOnA+PC9zcGFuPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtD YWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJp JnF1b3Q7LHNhbnMtc2VyaWYiPkZpcnN0IG9mIGFsbCwgSSB3YW50IHRvIHRoYW5rIHRoZSBwcm9w b25lbnRzIGFuZCBldmVyeW9uZSB3aG8gcGFydGljaXBhdGVkIGluIGxhc3Qgd2Vla+KAmXMgQk9G IGluIFByYWd1ZS4mbmJzcDsgU3BlY2lhbCB0aGFua3MgdG8gdGhlIEJPRiBDaGFpcnMhPG86cD48 L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls ZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPiZuYnNw OzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9u dC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj4mZ3Q7IDwvc3Bhbj48c3Bh biBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9y OmJsYWNrIj5UaGUgSUFCL0lFU0cgaGVsZCBvdXIgQm9GIENvb3JkaW5hdGlvbiBDYWxsIHRvZGF5 LCBhbmQgaXQgd2FzIGRlY2lkZWQNCjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNh bnMtc2VyaWY7Y29sb3I6YmxhY2siPiZndDsgdG8gZ28gZm9yd2FyZCB3aXRoIGFuIElERUFTIEJv RiBhdCBJRVRGIDk5LiZuYnNwOyBDb25ncmF0dWxhdGlvbnMhPG86cD48L286cD48L3NwYW4+PC9w Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0Nh bGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+Jmd0Ow0KPG86cD48L286cD48L3Nw YW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9ImZvbnQtdmFyaWFudC1jYXBzOiBu b3JtYWw7b3JwaGFuczogYXV0bzt0ZXh0LWFsaWduOnN0YXJ0O3dpZG93czogYXV0bzstd2Via2l0 LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7d29yZC1zcGFjaW5nOjBweCI+DQo8c3BhbiBzdHlsZT0i Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj4m Z3Q7IFRoZXJlIGFyZSBob3dldmVyIHNvbWUgY29uY2VybnMgdGhhdCB3ZSBuZWVkIHlvdSAocHJv cG9uZW50cy88bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9y OmJsYWNrIj4mZ3Q7IHBhcnRpY2lwYW50cy9hdXRob3JzKSB0byBhZGRyZXNzIGF0IHRoZSBCb0Yu Jm5ic3A7IEJhc2VkIG9uIHRoYXQsIHdlIHNob3VsZA0KPG86cD48L286cD48L3NwYW4+PC9wPg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGli cmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+Jmd0OyBpZGVhbGx5IGJlIGFibGUgdG8g dGFrZSBzb21lIGFjdGlvbuKApiBGcm9tIG15IHBvaW50IG9mIHZpZXcsIHRoZSBzdWNjZXNzDQo8 bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj4m Z3Q7IG9mIHRoZSBCb0Ygc2hvdWxkIGJlIG1lYXN1cmVkIGJ5IHdoZXRoZXIgd2UgaGF2ZSB0aGUg bmVjZXNzYXJ5DQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2Nv bG9yOmJsYWNrIj4mZ3Q7IGluZm9ybWF0aW9uIHRvIG1ha2UgdGhlIGNvcnJlY3QgZGVjaXNpb24u PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9ImZvbnQt dmFyaWFudC1jYXBzOiBub3JtYWw7b3JwaGFuczogYXV0bzt0ZXh0LWFsaWduOnN0YXJ0O3dpZG93 czogYXV0bzstd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7d29yZC1zcGFjaW5nOjBweCI+ DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlm Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj5UaGUg Y29uc2Vuc3VzIGFtb25nIHRoZSBDaGFpcnMgYW5kIHRoZSBJRVNHL0lBQiBpcyB0aGF0IHRoZSBt YXRlcmlhbHMgcHJlc2VudGVkIGF0IHRoZSBCT0YgcmVzdWx0ZWQgaW4gdGhlIGZlZWxpbmcgdGhh dCB0aGVyZSBpcyBzb21ldGhpbmcgdG8gYmUgZG9uZSBoZXJlLCBidXQgdGhhdCDigJxzb21ldGhp bmfigJ0gaXMgbm90IGNsZWFyLiZuYnNwOw0KIEluIHBhcnQsIHRoaXMgaW1wcmVzc2lvbiBjb21l cyBmcm9tIHRoZSB3aWRlLXJhbmdpbmcgZGlzY3Vzc2lvbiDigJMgaW4gcGFydCBmcm9tIHRoZSBm YWN0IHRoYXQgbW9zdCBvZiB0aGUgdGVjaG5pY2FsIGRpc2N1c3Npb25zIGhhdmUgc28gZmFyIG5v dCBiZWVuIGhlbGQgb24gdGhlIGxpc3QuJm5ic3A7IFRvIHBhcmFwaHJhc2Ugb25lIG9mIHRoZSBw YXJ0aWNpcGFudHM6IOKAnEkga25vdyB3aGF0IEkgd2FudCwgYW5kIEkga2luZCBvZiBrbm93IHdo YXQgb3RoZXJzDQogd2FudOKAneKApjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNh bnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2Vy aWYiPldoYXQgYXJlIHRoZSBuZXh0IHN0ZXBzPyZuYnNwOyBJIHdvdWxkIGxpa2UgdG8gc2VlIG1v cmUgZGlzY3Vzc2lvbnMgYW5kIHBhcnRpY2lwYXRpb24gb24gdGhlIGxpc3QsIHRvIHJlZmxlY3Qg dGhlIGludGVyZXN0IGluIHRoZSByb29tIOKAkyBzb21lIG9mIHRoYXQgaXMgc3RhcnRpbmcgdG8g aGFwcGVuIGFscmVhZHkuPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJp ZiI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw YW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+SSBk b27igJl0IHRoaW5rIHRoYXQgdGhpcyBlZmZvcnQgd291bGQgbmVjZXNzYXJpbHkgYmVuZWZpdCBm cm9tIHRoZSBCT0YgcmVzdWx0IGJlaW5nIOKAnGxldOKAmXMgdHJ5IGl0IGFnYWluIG5leHQgdGlt ZeKAnS4mbmJzcDsgQWx0ZXJuYXRpdmVseSwgSSBhbSB3aWxsaW5nIHRvIHNwb25zb3IgYSBmb2N1 c2VkIFdHIHByb3Bvc2FsIFsqXSB0byBkZWZpbmUNCiBhIGZyYW1ld29yayB0aGF0IHJlZmxlY3Rz IGNvbnNlbnN1cyBvbiB3aGF0IGlzIGV4cGVjdGVkIGZyb20gdGhlIG1hcHBpbmcgc3lzdGVtLCB0 aGUgcXVlc3Rpb25zIGFyb3VuZCBpZGVudGl0eSBwZXJzaXN0ZW5jZSwgcHJpdmFjeSwgZXRjLiZu YnNwOyBJIG5vdGUgdGhhdCB0aGUgQk9GIHByb3Bvc2FsIFsxXSBpbmNsdWRlZCBwcmVjaXNlbHkg YSBmcmFtZXdvcmsgYXMgbWlsZXN0b25lc+KApjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1 b3Q7LHNhbnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNh bnMtc2VyaWYiPj09PTxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWYi Pk1pbGVzdG9uZXM8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj5E ZWMgMjAxNyBBZG9wdCBXRyBkcmFmdCBmb3IgdGhlIElkZW50aXR5IFNlcnZpY2VzIGZyYW1ld29y azxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxl PSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWYiPk1heSAyMDE4IFdH TEMgZm9yIHRoZSBJZGVudGl0eSBTZXJ2aWNlcyBmcmFtZXdvcms8bzpwPjwvbzpwPjwvc3Bhbj48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7 Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj5BdWd1c3QgMjAxOCBTZW5kIElkZW50aXR5IFNlcnZp Y2VzIGZyYW1ld29yayBkcmFmdCB0byB0aGUgSUVTRzxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJp JnF1b3Q7LHNhbnMtc2VyaWYiPj09PTxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNh bnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2Vy aWYiPuKApmJ1dCB0aGUgY3VycmVudCBwcm9wb3NlZCBjaGFydGVyIFsyXSBkb2VzIG5vdCByZWZs ZWN0IHRoYXQuPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw YW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+PG86 cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5 bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+SWYgdGhlIGdy b3VwIGhhcyB0aGUgaW50ZXJlc3QgdG8gZm9sbG93IHRoaXMgZm9jdXNlZCBwYXRoLCBwbGVhc2Ug c3RhcnQgdGhlIGRpc2N1c3Npb24gYXJvdW5kIGFuIHVwZGF0ZWQgcHJvcG9zZWQgY2hhcnRlci4m bmJzcDsgSWYgd2Ugc2V0dGxlIG9uIHRoZSB0ZXh0IHF1aWNrbHksIHdlIHNob3VsZCBiZSBhYmxl IHRvIHRha2UgYSBwcm9wb3NhbA0KIHRocm91Z2ggdGhlIHByb2Nlc3MgKGxvbmcpIGJlZm9yZSB0 aGUgbmV4dCBJRVRGLiZuYnNwOyBJIHdvdWxkIGhvcGUgZm9yIGFuIGFnZ3Jlc3NpdmUgdGltZWxp bmUgaW4gY29tcGxldGluZyB0aGF0IHBpZWNlIG9mIHdvcmsuPG86cD48L286cD48L3NwYW4+PC9w Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0Nh bGlicmkmcXVvdDssc2Fucy1zZXJpZiI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkm cXVvdDssc2Fucy1zZXJpZiI+VGhhbmtzITxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7 LHNhbnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMt c2VyaWYiPkFsdmFyby48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlm Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj48bzpw PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls ZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj5bKl0gT2J2aW91 c2x5LCB0aGUgbm9ybWFsIGFwcHJvdmFsIHByb2Nlc3Mgd291bGQgYmUgZm9sbG93ZWQ6IElFU0cv SUFCL2NvbW11bml0eSByZXZpZXcsIGV0Yy48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90 OyxzYW5zLXNlcmlmIj5bMV0gPGEgaHJlZj0iaHR0cHM6Ly90cmFjLnRvb2xzLmlldGYub3JnL2Jv Zi90cmFjLyI+DQpodHRwczovL3RyYWMudG9vbHMuaWV0Zi5vcmcvYm9mL3RyYWMvPC9hPiA8bzpw PjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9u dC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj5bMl0gPGEgaHJlZj0iaHR0 cHM6Ly9naXRodWIuY29tL0lFVEYtSURFQVMvQ2hhcnRlci1Qcm9wb3NhbCI+DQpodHRwczovL2dp dGh1Yi5jb20vSUVURi1JREVBUy9DaGFydGVyLVByb3Bvc2FsPC9hPiA8bzpwPjwvbzpwPjwvc3Bh bj48L3A+DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_2D8B5CDEABFC4BB5849DB1F6BD4D7B91ciscocom_-- From nobody Fri Jul 28 10:07:03 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B08D13217F for ; Fri, 28 Jul 2017 10:07:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zd5e8T5vSgNL for ; Fri, 28 Jul 2017 10:06:59 -0700 (PDT) Received: from mail-wr0-x22f.google.com (mail-wr0-x22f.google.com [IPv6:2a00:1450:400c:c0c::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A798A131748 for ; Fri, 28 Jul 2017 10:06:58 -0700 (PDT) Received: by mail-wr0-x22f.google.com with SMTP id 33so100843113wrz.4 for ; Fri, 28 Jul 2017 10:06:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=KBAnncxToLAKntep0H5C1uOTOncwrcjusZorRgqQc90=; b=ffQ7CXwBVAUv0OgQKU0yq6bx0ohj3xB7xsleT8+Lfcnmm4fz8G2GadEcgiHDCJz0pq 5QGnhgD+IC9s+oirnrkj3Dbwq5Zz7yKGUOOEae5i3E9Br4m7o/eGmix7nO4asAxKJS1T vXk7dRIpp9cR0LBCjlg8UvOD+AXdyRpLNQI22vVP6feyedqT5lOdS8Ho4iFeIWGKre4G JCMExkB5xU5YWbhWEfPJ3BO15HYOCJDOZmErDKOK3MU0v29DwYTWyaBBiAfOCRAA+zMG rW3o00GiGNxATbvAy/JMd8sRScsVuHsrYiz9Em+fQyDaVwrZQtVeja36DfL5HdTZqwfa y9/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=KBAnncxToLAKntep0H5C1uOTOncwrcjusZorRgqQc90=; b=kuSrkCA1Lp3293txHq8izoaB/+C+TOfZLJzcS52Y364uFl+lrSI8rdNsrTMNh3sD0t qjSGX4MqzDu9kkt5r6blADVxwRsVNmRJ3i00b3DFCefpt/TkedQ5qsMPKw/KJnqJI5pZ OuKsDr7GO7C0KCK+uOqNtRQeOBmyxwBUiede8iIgSZYniIMf4JLAQNvorthQBilBXo/A Sbs+L4UoiIQwQS2bYQFetRINulRLp+6IoLNOeJg2AwWMS/5wgBztgpsKGR+EHq/1Z+eD OYtCV+DH7Gez4jt8Gcx9aqnOQIaIWN4OI4q8b/7WD2m/e2id3XvUx93pLK0VbSrJny3e nN7Q== X-Gm-Message-State: AIVw1100PwgU8RulOtv7Qg569DA+yg0MJUWJdmP/NDEDAXqa59fwQO3Z PGrGzfrtFRUKMc217bq1dj0+Qzc/oW/2 X-Received: by 10.223.169.2 with SMTP id u2mr6298610wrc.288.1501261617045; Fri, 28 Jul 2017 10:06:57 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.130.85 with HTTP; Fri, 28 Jul 2017 10:06:56 -0700 (PDT) In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> From: Tom Herbert Date: Fri, 28 Jul 2017 10:06:56 -0700 Message-ID: To: Alexander Clemm Cc: "Liubingyang (Bryan)" , Michael Menth , "ideas@ietf.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 17:07:01 -0000 On Fri, Jul 28, 2017 at 9:44 AM, Alexander Clemm wrote: > Yes, exactly. > And likewise, GRIDS will not be in the data path. > To communicate successfully, a node will need to merely know the identifi= er of who it wants to talk to (and which can be resolved to a locator). Id= entity is needed so that you can e.g. easily associate multiple identifiers= with the same endpoint (for example, so you can easier apply anonymization= schemes such as was mentioned by Dino), and so it is easier to administer = the overall system (such as, firewall rules, which would be nice if you cou= ld avoid having to update them every time an endpoint's IP address changes)= . Alex, I understand the administrative benefits for grouping together a set of related identifiers so that their common location can be moved in the mapping system in one step. But that doesn't affect the mapping system function, it's job is still to map identifiers to locators. Firewalls rules, however, are more invasive-- these would be on the datapath. If the intent is that firewall rules are now based on identity then this does introduce the notion of identity to be critical in the data path? Extrapolating further, if identity becomes essential to data path operations, then what will it mean if identity of a user is compromised? For example, if the network provider maintains identities of its users but their database is compromised would this put user at risk? Thanks, Tom > --- Alex > > -----Original Message----- > From: Tom Herbert [mailto:tom@herbertland.com] > Sent: Friday, July 28, 2017 8:12 AM > To: Liubingyang (Bryan) > Cc: Alexander Clemm ; Michael Menth ; ideas@ietf.org > Subject: Re: [Ideas] Can identity directly link with IP address? > > On Thu, Jul 27, 2017 at 8:45 PM, Liubingyang (Bryan) wrote: >> Hi Tom, >> >> I see what you mean. But I don't think your concern is specific to IP ad= dress. Btw, I think certificate is just one way to bind identity with somet= hing, not the identity itself. >> > Bingyang, > > I think one difference is that certificate can be signed by a trusted thi= rd party whereas IP addresses aren't. The third party involvement is import= ant since the signing authority is not in the data path for the communicati= on which keeps a separation of functions and is stronger for privacy. In th= e case of a network provider it's both the authority and in the data path f= or IP addresses-- this is probably necessary but lessens the possibility of= making IP addresses secure mechanisms. > > Tom > >> Bingyang >> >> -----Original Message----- >> From: Tom Herbert [mailto:tom@herbertland.com] >> Sent: Friday, July 28, 2017 10:48 AM >> To: Liubingyang (Bryan) >> Cc: Alexander Clemm ; Michael Menth >> ; ideas@ietf.org >> Subject: Re: [Ideas] Can identity directly link with IP address? >> >> On Thu, Jul 27, 2017 at 6:45 PM, Liubingyang (Bryan) wrote: >>> Now I get it. But maybe I just know your IP address (I don=E2=80=99t wa= nt to >>> mention DNS here J) and communicate with you. In this case, if >>> identity is still applicable, it may directly link with IP address, rig= ht? >>> >> This question confuses me which I suppose it to say the notion of identi= fy related to IP addressing is still confusing. If two nodes are able so su= ccessfully communicate using IP address then where does identity come into = play? If the applications need to verify whom they're talking they'll using= a mechanism like x.509 or TLS and should never rely on IP addresses as ha= ving any security properties. >> >> Tom >> >>> >>> >>> Bingyang >>> >>> >>> >>> From: Alexander Clemm >>> Sent: Friday, July 28, 2017 3:01 AM >>> To: Liubingyang (Bryan) ; Michael Menth >>> >>> Cc: ideas@ietf.org >>> Subject: RE: RE: [Ideas] Can identity directly link with IP address? >>> >>> >>> >>> Hi Bingyang, >>> >>> >>> >>> You need to be able to refer to another endpoint, so you need to know a= t >>> least one of its identifiers in order to send it traffic. But, I don= =E2=80=99t >>> need to know your identity (in the narrower sense of IDEAS). To use >>> an analogy, I can send you an email using your identifier >>> liubingyang@huawei.com, but I don=E2=80=99t need to know your birth >>> certificate and passport number to assert your identity, nor would I >>> expect providing those to send you email. >>> >>> >>> >>> Cheers >>> >>> --- Alex >>> >>> >>> >>> From: Liubingyang (Bryan) >>> Sent: Thursday, July 27, 2017 10:40 AM >>> To: Alexander Clemm ; Michael Menth >>> >>> Cc: ideas@ietf.org >>> Subject: Re: RE: [Ideas] Can identity directly link with IP address? >>> >>> >>> >>> Hi Alex >>> >>> Sorry I don't get it. Why what you "know" should be what you link >>> with identity? And what if I just "know" your ip ? >>> >>> >>> ----------------------------------------------Bingyang Liu >>> M: +86-15810795994 >>> E: liubingyang@huawei.com >>> 2012 Laboratories-NG IP Network Laboratory,2012Labs >>> >>> From: Alexander Clemm >>> >>> To: Michael Menth;Liubingyang >>> (Bryan) >>> >>> Cc: ideas@ietf.org >>> >>> Subject: RE: [Ideas] Can identity directly link with IP address? >>> >>> Time: 2017-07-28 01:02:24 >>> >>> >>> >>> Yes, in principle possible. >>> >>> The question is only, who will actually know the identity. In >>> general, endpoints will be referred to by an identifier by other >>> parties. I would envision that other parties may "know" other >>> endpoints by public identifiers, but not by their actual identity (by >>> which they would be authenticated to GRIDS). So, while a mapping >>> system might be designed with flexibility for such queries in mind, I >>> don't think supporting it would be a requirement - certainly not initia= lly. >>> >>> I am not sure I would go to multiple tiers of identities. It's a >>> possibility, but it would raise additional issues if we were to get >>> into the realm of personal identities (as opposed to endpoint >>> identities). So, IMHO we may want to stay clear of this. >>> >>> --- Alex >>> >>> -----Original Message----- >>> From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael >>> Menth >>> Sent: Thursday, July 27, 2017 3:11 AM >>> To: Liubingyang (Bryan) >>> Cc: ideas@ietf.org >>> Subject: Re: [Ideas] Can identity directly link with IP address? >>> >>> Dear Bingyang, all, >>> >>> good point! You essentially propose a more flexible mapping between >>> identity and identifiers. I think it generally makes sense that the >>> new mapping system with access control is not limited to the >>> currently three obvious layers identity-identifier-locator, but >>> follows a more flexible >>> identifier->identifier mapping, whereby an identity is a special >>> identifier. There may be use cases where >>> identity->identity may make sense, e.g., mapping of a user to its devic= es. >>> This would also allow identity->locator which would be helpful to >>> support ID-networking w/ legacy IPv4/v6 but w/o loc/ID split. >>> >>> Regards, >>> >>> Michael >>> >>> Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): >>>> Hi all, >>>> >>>> >>>> >>>> The current model seems like identity---identifier---locator, and >>>> identity is bound with ID/Loc protocols. >>>> >>>> Do you think identity can directly link to IP address, i.e., >>>> identity---IP address, and be applied to the =E2=80=9Clegacy=E2=80=9D = IPv4/IPv6 >>>> without identifiers as intermediate? >>>> >>>> >>>> >>>> Bingyang (Bryan) >>>> >>>> >>>> >>>> _______________________________________________ >>>> Ideas mailing list >>>> Ideas@ietf.org >>>> https://www.ietf.org/mailman/listinfo/ideas >>>> >>> >>> -- >>> Prof. Dr. habil. Michael Menth >>> University of Tuebingen >>> Faculty of Science >>> Department of Computer Science >>> Chair of Communication Networks >>> Sand 13, 72076 Tuebingen, Germany >>> phone: (+49)-7071/29-70505 >>> fax: (+49)-7071/29-5220 >>> mailto:menth@uni-tuebingen.de >>> http://kn.inf.uni-tuebingen.de >>> >>> _______________________________________________ >>> Ideas mailing list >>> Ideas@ietf.org >>> https://www.ietf.org/mailman/listinfo/ideas >>> >>> >>> _______________________________________________ >>> Ideas mailing list >>> Ideas@ietf.org >>> https://www.ietf.org/mailman/listinfo/ideas >>> From nobody Fri Jul 28 11:37:07 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6F9113206D for ; Fri, 28 Jul 2017 11:37:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GxClaUoYPeOw for ; Fri, 28 Jul 2017 11:37:04 -0700 (PDT) Received: from mail-wm0-x22c.google.com (mail-wm0-x22c.google.com [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3AB1131D69 for ; Fri, 28 Jul 2017 11:37:03 -0700 (PDT) Received: by mail-wm0-x22c.google.com with SMTP id m85so28914604wma.0 for ; Fri, 28 Jul 2017 11:37:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=q7utKLRPYlCD0q4KE7Ct1WtElzStJlVtkAbKBytiW60=; b=E5f3aQwVXWCk08WqmVCWRml1PdKgytJNNvl9dPAUFBV9aAQ1nWSv3ILORVfKAuHz41 lrnyAa5ARFLweYDT5G9ep1f6mdEQRhZVcKeb1rDtNesgQlDGQJ5cODcA5RD6Jb6HQ1Yy b3wIWUddhnYYrzfUpfB4csUCPAW+K4XovVW7mCGH6Xdlq4/2sjnyinLL9hz9wALMBLXk /ZMsBs8c8VF1evvhARTy9E63enLJtLjxB/eHIGV3P9O5v09hrhgScq7J+XNdBPnpEKrL j06VniTidjwgjIW5Q4kJfj7/OEOGgP0+a/mripjx7YxdK1YSCxGSbJJTLtuuAQaHUZ5O KYLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=q7utKLRPYlCD0q4KE7Ct1WtElzStJlVtkAbKBytiW60=; b=aTYcRbO9SKzXDOWju8bealLM5PhxLJo/E5rQAm5uF8lneqiO0xvwAKNDLr4RymJySD IduPd3gXpczhtPf2YPKsRrrhrZhHL3wG0jfwx45qrezpYKD68obVce2OVaEKiizfr3Tc 2k5xyFtKIE+KHEV8U+r98M974noL5w/c6TlFaat6UJEZaZV1c6AnIopZ6dclK9dNIZph I9YqsIFo65KB7Vltf1bFSa7UIXr6UUypqoCqDAegAJqMsjJF7gL28P4jeK5cJG62BAjl JLJae2ClReB/XyVSR4tP9Y7WjRU7d9VuUpbwuuGJJuPzSQC/4MxEYUT1sNjU6Rox46CU A3NA== X-Gm-Message-State: AIVw113TblgfRN3gW4K5GtGRyDzgzMhYzldyKf6AgKQb7e+JYBaWRXOO 6eAP4N1QawDsdnDB7QUn5lddhBliVg== X-Received: by 10.28.146.209 with SMTP id u200mr6700480wmd.38.1501267022237; Fri, 28 Jul 2017 11:37:02 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.167.10 with HTTP; Fri, 28 Jul 2017 11:37:01 -0700 (PDT) In-Reply-To: <2D8B5CDE-ABFC-4BB5-849D-B1F6BD4D7B91@cisco.com> References: <2D8B5CDE-ABFC-4BB5-849D-B1F6BD4D7B91@cisco.com> From: Padma Pillay-Esnault Date: Fri, 28 Jul 2017 11:37:01 -0700 Message-ID: To: "Alvaro Retana (aretana)" Cc: "ideas@ietf.org" Content-Type: multipart/alternative; boundary="001a11442a0292d75b055564f782" Archived-At: Subject: Re: [Ideas] IDEAS BoF at IETF 99 X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 18:37:06 -0000 --001a11442a0292d75b055564f782 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Dear Alvaro and IDEAS The github was updated to have a separate file with a version of the first charter for your reference. Propose that updates to the version2 of charter be done to recapture the focus of version1 and share it here on the alias. Thanks Padma On Fri, Jul 28, 2017 at 9:56 AM, Alvaro Retana (aretana) wrote: > On 6/7/17, 5:46 PM, "Ideas on behalf of Alvaro Retana (aretana)" < > ideas-bounces@ietf.org on behalf of aretana@cisco.com> wrote: > > > > Dear IDEAS list: > > > > First of all, I want to thank the proponents and everyone who participate= d > in last week=E2=80=99s BOF in Prague. Special thanks to the BOF Chairs! > > > > > The IAB/IESG held our BoF Coordination Call today, and it was decided > > > to go forward with an IDEAS BoF at IETF 99. Congratulations! > > > > > > There are however some concerns that we need you (proponents/ > > > participants/authors) to address at the BoF. Based on that, we should > > > ideally be able to take some action=E2=80=A6 From my point of view, the= success > > > of the BoF should be measured by whether we have the necessary > > > information to make the correct decision. > > > > The consensus among the Chairs and the IESG/IAB is that the materials > presented at the BOF resulted in the feeling that there is something to b= e > done here, but that =E2=80=9Csomething=E2=80=9D is not clear. In part, t= his impression > comes from the wide-ranging discussion =E2=80=93 in part from the fact th= at most of > the technical discussions have so far not been held on the list. To > paraphrase one of the participants: =E2=80=9CI know what I want, and I ki= nd of know > what others want=E2=80=9D=E2=80=A6 > > > > What are the next steps? I would like to see more discussions and > participation on the list, to reflect the interest in the room =E2=80=93 = some of > that is starting to happen already. > > > > I don=E2=80=99t think that this effort would necessarily benefit from the= BOF > result being =E2=80=9Clet=E2=80=99s try it again next time=E2=80=9D. Alt= ernatively, I am willing > to sponsor a focused WG proposal [*] to define a framework that reflects > consensus on what is expected from the mapping system, the questions arou= nd > identity persistence, privacy, etc. I note that the BOF proposal [1] > included precisely a framework as milestones=E2=80=A6 > > > > =3D=3D=3D > > Milestones > > Dec 2017 Adopt WG draft for the Identity Services framework > > May 2018 WGLC for the Identity Services framework > > August 2018 Send Identity Services framework draft to the IESG > > =3D=3D=3D > > > > =E2=80=A6but the current proposed charter [2] does not reflect that. > > > > If the group has the interest to follow this focused path, please start > the discussion around an updated proposed charter. If we settle on the > text quickly, we should be able to take a proposal through the process > (long) before the next IETF. I would hope for an aggressive timeline in > completing that piece of work. > > > > Thanks! > > > > Alvaro. > > > > > > [*] Obviously, the normal approval process would be followed: > IESG/IAB/community review, etc. > > [1] https://trac.tools.ietf.org/bof/trac/ > > [2] https://github.com/IETF-IDEAS/Charter-Proposal > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > > --001a11442a0292d75b055564f782 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Dear Alvaro and IDEAS

Th= e github was updated to have a separate file with a version of the first ch= arter for your reference.

Propose that updates to = the version2 of charter be done to recapture the focus of version1 and shar= e it here on the alias.

Thanks
Padma


On Fri, Jul 28, 2017 at 9:56 AM, Alvaro Retana (aretana) <aretana@ci= sco.com> wrote:

On 6/7/17, 5:46 PM, "Ideas on behalf of Alvaro Retana (aretana)= " <ideas-bounces= @ietf.org on behalf of aretana@cisco.c= om>= ; wrote:

=C2=A0

Dear IDEAS list:

=C2=A0

First of all, I want to thank the proponents and everyone who partic= ipated in last week=E2=80=99s BOF in Prague.=C2=A0 Special thanks to the BO= F Chairs!

=C2=A0

> The IAB/IESG held our BoF Coordination Call today, and it wa= s decided

> to go forward with an IDEAS BoF at IETF 99.=C2=A0 C= ongratulations!

>

>= There are however some concerns that we need you (proponents/

> participants/authors) to address at the BoF.=C2=A0 = Based on that, we should

> ideally be able to take some action=E2=80=A6 From m= y point of view, the success

> of the BoF should be measured by whether we have th= e necessary

> information to make the correct decision.=

=C2=A0=

The consensus among the Chairs and the IESG/IAB is that the material= s presented at the BOF resulted in the feeling that there is something to b= e done here, but that =E2=80=9Csomething=E2=80=9D is not clear.=C2=A0 In part, this impression comes from the wide-ranging discussion =E2=80=93 = in part from the fact that most of the technical discussions have so far no= t been held on the list.=C2=A0 To paraphrase one of the participants: =E2= =80=9CI know what I want, and I kind of know what others want=E2=80=9D=E2=80=A6

=C2=A0

What are the next steps?=C2=A0 I would like to see more discussions = and participation on the list, to reflect the interest in the room =E2=80= =93 some of that is starting to happen already.

=C2=A0

I don=E2=80=99t think that this effort would necessarily benefit fro= m the BOF result being =E2=80=9Clet=E2=80=99s try it again next time=E2=80= =9D.=C2=A0 Alternatively, I am willing to sponsor a focused WG proposal [*]= to define a framework that reflects consensus on what is expected from the mapping s= ystem, the questions around identity persistence, privacy, etc.=C2=A0 I not= e that the BOF proposal [1] included precisely a framework as milestones=E2= =80=A6

=C2=A0

=3D=3D=3D

Milestones

Dec 2017 Adopt WG draft for the Identity Services framework

May 2018 WGLC for the Identity Services framework

August 2018 Send Identity Services framework draft to the IESG

=3D=3D=3D

=C2=A0

=E2=80=A6but the current proposed charter [2] does not reflect that.=

=C2=A0

If the group has the interest to follow this focused path, please st= art the discussion around an updated proposed charter.=C2=A0 If we settle o= n the text quickly, we should be able to take a proposal through the process (long) before the next IETF.=C2=A0 I would hope for an= aggressive timeline in completing that piece of work.=

=C2=A0

Thanks!

=C2=A0

Alvaro.

=C2=A0

=C2=A0

[*] Obviously, the normal approval process would be followed: IESG/I= AB/community review, etc.

[1] https://trac.tools.ietf.org/bof/trac/

[2] https://github.com/IETF-IDEAS/Charter-Proposal


_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas


--001a11442a0292d75b055564f782-- From nobody Fri Jul 28 14:30:51 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23A721321A6 for ; Fri, 28 Jul 2017 14:30:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7-YWTl88bnyx for ; Fri, 28 Jul 2017 14:30:46 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7EAB1321A1 for ; Fri, 28 Jul 2017 14:30:45 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSG06289; Fri, 28 Jul 2017 21:30:43 +0000 (GMT) Received: from SJCEML702-CHM.china.huawei.com (10.208.112.38) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 28 Jul 2017 22:30:42 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML702-CHM.china.huawei.com ([169.254.4.153]) with mapi id 14.03.0301.000; Fri, 28 Jul 2017 14:30:34 -0700 From: Alexander Clemm To: Tom Herbert CC: "Liubingyang (Bryan)" , Michael Menth , "ideas@ietf.org" Thread-Topic: [Ideas] Can identity directly link with IP address? Thread-Index: AQHTB0wCgrudF1hEI06Ny+YHLnWD/6JpDoqAgAC/9AD//6LO0IAAfUkA///ScpA= Date: Fri, 28 Jul 2017 21:30:33 +0000 Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB405@SJCEML703-CHM.china.huawei.com> References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.48.17] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090205.597BAD04.0002, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 2f403d5686c8c21db4edc3b48edc6500 Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 21:30:50 -0000 SGkgVG9tLA0KDQpJIHdvdWxkIGNlcnRhaW5seSB0aGluayB0aGF0IHdlIHdvdWxkIHdhbnQgZmly ZXdhbGwgcnVsZXMgdG8gbm90IGp1c3QgYmUgYmFzZWQgb24gbG9jYXRvcnMuICBTbywgaXQgd2ls bCBtYWtlIHNlbnNlIHRvIGFwcGx5IHRoZW0gb24gYSBwZXItaWRlbnRpZmllciBiYXNpcy4gIA0K DQpXaGV0aGVyIHdlIHdvdWxkIGxpa2UgdG8gYXBwbHkgdGhlbSBvbiB0aGUgYmFzaXMgb2YgdGhl IHVuZGVybHlpbmcgaWRlbnRpdHkgaXMgc29tZXRoaW5nIHRoYXQgd2UgYXMgd29ya2luZyBncm91 cCBzaG91bGQgZGlzY3Vzcy4gIEl0IGlzIHBvc3NpYmxlLCBidXQgaW4gdGhhdCBjYXNlIHRoZSBm aXJld2FsbCB3b3VsZCBjZXJ0YWlubHkgaGF2ZSBhIGRlcGVuZGVuY3kgb24gdGhlIGlkZW50aXR5 IHNlcnZpY2VzIHBsYW5lLiAgSW4gZXNzZW5jZSB0aGUgZmlyZXdhbGwgd291bGQgbmVlZCB0byBi ZSBhYmxlIHRvIHNwZWNpZnkgYSBydWxlICJhcHBseSB0aGlzIHJ1bGUgdG8gdGhlIGVuZHBvaW50 IHdob3NlIGlkZW50aXR5IGlzIHRpZWQgdG8gdGhpcyBpZGVudGlmaWVyIiwgYW5kIHRoZW4gYXMg b25lIHBvc3NpYmlsaXR5IGhhdmUgdGhlIGZpcmV3YWxsIGludGVyYWN0IHdpdGggdGhlIGlkZW50 aXR5IHNlcnZpY2VzIHRvIGFwcGx5IHRoZSBydWxlcyBhZ2FpbnN0IG90aGVyIGlkZW50aWZpZXJz IGFyZSBhc3NvY2lhdGVkIHdpdGggdGhlIHNhbWUgZW5kcG9pbnQvaWRlbnRpdHkuICBJIGRvbid0 IHRoaW5rIGlkZW50aXR5IHNob3VsZCBiZSBjYXJyaWVkIG9uIHRoZSBkYXRhIHBhdGggbm9yIHdv dWxkIHRoYXQgYmUgbmVjZXNzYXJ5LiAgDQoNCi0tLSBBbGV4DQoNCi0tLS0tT3JpZ2luYWwgTWVz c2FnZS0tLS0tDQpGcm9tOiBUb20gSGVyYmVydCBbbWFpbHRvOnRvbUBoZXJiZXJ0bGFuZC5jb21d IA0KU2VudDogRnJpZGF5LCBKdWx5IDI4LCAyMDE3IDEwOjA3IEFNDQpUbzogQWxleGFuZGVyIENs ZW1tIDxhbGV4YW5kZXIuY2xlbW1AaHVhd2VpLmNvbT4NCkNjOiBMaXViaW5neWFuZyAoQnJ5YW4p IDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPjsgTWljaGFlbCBNZW50aCA8bWVudGhAdW5pLXR1ZWJp bmdlbi5kZT47IGlkZWFzQGlldGYub3JnDQpTdWJqZWN0OiBSZTogW0lkZWFzXSBDYW4gaWRlbnRp dHkgZGlyZWN0bHkgbGluayB3aXRoIElQIGFkZHJlc3M/DQoNCk9uIEZyaSwgSnVsIDI4LCAyMDE3 IGF0IDk6NDQgQU0sIEFsZXhhbmRlciBDbGVtbSA8YWxleGFuZGVyLmNsZW1tQGh1YXdlaS5jb20+ IHdyb3RlOg0KPiBZZXMsIGV4YWN0bHkuDQo+IEFuZCBsaWtld2lzZSwgR1JJRFMgd2lsbCBub3Qg YmUgaW4gdGhlIGRhdGEgcGF0aC4NCj4gVG8gY29tbXVuaWNhdGUgc3VjY2Vzc2Z1bGx5LCBhIG5v ZGUgd2lsbCBuZWVkIHRvIG1lcmVseSBrbm93IHRoZSBpZGVudGlmaWVyIG9mIHdobyBpdCB3YW50 cyB0byB0YWxrIHRvIChhbmQgd2hpY2ggY2FuIGJlIHJlc29sdmVkIHRvIGEgbG9jYXRvcikuICBJ ZGVudGl0eSBpcyBuZWVkZWQgc28gdGhhdCB5b3UgY2FuIGUuZy4gZWFzaWx5IGFzc29jaWF0ZSBt dWx0aXBsZSBpZGVudGlmaWVycyB3aXRoIHRoZSBzYW1lIGVuZHBvaW50IChmb3IgZXhhbXBsZSwg c28geW91IGNhbiBlYXNpZXIgYXBwbHkgYW5vbnltaXphdGlvbiBzY2hlbWVzIHN1Y2ggYXMgd2Fz IG1lbnRpb25lZCBieSBEaW5vKSwgYW5kIHNvIGl0IGlzIGVhc2llciB0byBhZG1pbmlzdGVyIHRo ZSBvdmVyYWxsIHN5c3RlbSAoc3VjaCBhcywgZmlyZXdhbGwgcnVsZXMsIHdoaWNoIHdvdWxkIGJl IG5pY2UgaWYgeW91IGNvdWxkIGF2b2lkIGhhdmluZyB0byB1cGRhdGUgdGhlbSBldmVyeSB0aW1l IGFuIGVuZHBvaW50J3MgSVAgYWRkcmVzcyBjaGFuZ2VzKS4NCg0KQWxleCwNCg0KSSB1bmRlcnN0 YW5kIHRoZSBhZG1pbmlzdHJhdGl2ZSBiZW5lZml0cyBmb3IgZ3JvdXBpbmcgdG9nZXRoZXIgYSBz ZXQgb2YgcmVsYXRlZCBpZGVudGlmaWVycyBzbyB0aGF0IHRoZWlyIGNvbW1vbiBsb2NhdGlvbiBj YW4gYmUgbW92ZWQgaW4gdGhlIG1hcHBpbmcgc3lzdGVtIGluIG9uZSBzdGVwLiBCdXQgdGhhdCBk b2Vzbid0IGFmZmVjdCB0aGUgbWFwcGluZyBzeXN0ZW0gZnVuY3Rpb24sIGl0J3Mgam9iIGlzIHN0 aWxsIHRvIG1hcCBpZGVudGlmaWVycyB0byBsb2NhdG9ycy4NCkZpcmV3YWxscyBydWxlcywgaG93 ZXZlciwgYXJlIG1vcmUgaW52YXNpdmUtLSB0aGVzZSB3b3VsZCBiZSBvbiB0aGUgZGF0YXBhdGgu IElmIHRoZSBpbnRlbnQgaXMgdGhhdCBmaXJld2FsbCBydWxlcyBhcmUgbm93IGJhc2VkIG9uIGlk ZW50aXR5IHRoZW4gdGhpcyBkb2VzIGludHJvZHVjZSB0aGUgbm90aW9uIG9mIGlkZW50aXR5IHRv IGJlIGNyaXRpY2FsIGluIHRoZSBkYXRhIHBhdGg/IEV4dHJhcG9sYXRpbmcgZnVydGhlciwgaWYg aWRlbnRpdHkgYmVjb21lcyBlc3NlbnRpYWwgdG8gZGF0YSBwYXRoIG9wZXJhdGlvbnMsIHRoZW4g d2hhdCB3aWxsIGl0IG1lYW4gaWYgaWRlbnRpdHkgb2YgYSB1c2VyIGlzIGNvbXByb21pc2VkPyBG b3IgZXhhbXBsZSwgaWYgdGhlIG5ldHdvcmsgcHJvdmlkZXIgbWFpbnRhaW5zIGlkZW50aXRpZXMg b2YgaXRzIHVzZXJzIGJ1dCB0aGVpciBkYXRhYmFzZSBpcyBjb21wcm9taXNlZCB3b3VsZCB0aGlz IHB1dCB1c2VyIGF0IHJpc2s/DQoNClRoYW5rcywNClRvbQ0KDQo+IC0tLSBBbGV4DQo+DQo+IC0t LS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQo+IEZyb206IFRvbSBIZXJiZXJ0IFttYWlsdG86dG9t QGhlcmJlcnRsYW5kLmNvbV0NCj4gU2VudDogRnJpZGF5LCBKdWx5IDI4LCAyMDE3IDg6MTIgQU0N Cj4gVG86IExpdWJpbmd5YW5nIChCcnlhbikgPGxpdWJpbmd5YW5nQGh1YXdlaS5jb20+DQo+IENj OiBBbGV4YW5kZXIgQ2xlbW0gPGFsZXhhbmRlci5jbGVtbUBodWF3ZWkuY29tPjsgTWljaGFlbCBN ZW50aCANCj4gPG1lbnRoQHVuaS10dWViaW5nZW4uZGU+OyBpZGVhc0BpZXRmLm9yZw0KPiBTdWJq ZWN0OiBSZTogW0lkZWFzXSBDYW4gaWRlbnRpdHkgZGlyZWN0bHkgbGluayB3aXRoIElQIGFkZHJl c3M/DQo+DQo+IE9uIFRodSwgSnVsIDI3LCAyMDE3IGF0IDg6NDUgUE0sIExpdWJpbmd5YW5nIChC cnlhbikgPGxpdWJpbmd5YW5nQGh1YXdlaS5jb20+IHdyb3RlOg0KPj4gSGkgVG9tLA0KPj4NCj4+ IEkgc2VlIHdoYXQgeW91IG1lYW4uIEJ1dCBJIGRvbid0IHRoaW5rIHlvdXIgY29uY2VybiBpcyBz cGVjaWZpYyB0byBJUCBhZGRyZXNzLiBCdHcsIEkgdGhpbmsgY2VydGlmaWNhdGUgaXMganVzdCBv bmUgd2F5IHRvIGJpbmQgaWRlbnRpdHkgd2l0aCBzb21ldGhpbmcsIG5vdCB0aGUgaWRlbnRpdHkg aXRzZWxmLg0KPj4NCj4gQmluZ3lhbmcsDQo+DQo+IEkgdGhpbmsgb25lIGRpZmZlcmVuY2UgaXMg dGhhdCBjZXJ0aWZpY2F0ZSBjYW4gYmUgc2lnbmVkIGJ5IGEgdHJ1c3RlZCB0aGlyZCBwYXJ0eSB3 aGVyZWFzIElQIGFkZHJlc3NlcyBhcmVuJ3QuIFRoZSB0aGlyZCBwYXJ0eSBpbnZvbHZlbWVudCBp cyBpbXBvcnRhbnQgc2luY2UgdGhlIHNpZ25pbmcgYXV0aG9yaXR5IGlzIG5vdCBpbiB0aGUgZGF0 YSBwYXRoIGZvciB0aGUgY29tbXVuaWNhdGlvbiB3aGljaCBrZWVwcyBhIHNlcGFyYXRpb24gb2Yg ZnVuY3Rpb25zIGFuZCBpcyBzdHJvbmdlciBmb3IgcHJpdmFjeS4gSW4gdGhlIGNhc2Ugb2YgYSBu ZXR3b3JrIHByb3ZpZGVyIGl0J3MgYm90aCB0aGUgYXV0aG9yaXR5IGFuZCBpbiB0aGUgZGF0YSBw YXRoIGZvciBJUCBhZGRyZXNzZXMtLSB0aGlzIGlzIHByb2JhYmx5IG5lY2Vzc2FyeSBidXQgbGVz c2VucyB0aGUgcG9zc2liaWxpdHkgb2YgbWFraW5nIElQIGFkZHJlc3NlcyBzZWN1cmUgbWVjaGFu aXNtcy4NCj4NCj4gVG9tDQo+DQo+PiBCaW5neWFuZw0KPj4NCj4+IC0tLS0tT3JpZ2luYWwgTWVz c2FnZS0tLS0tDQo+PiBGcm9tOiBUb20gSGVyYmVydCBbbWFpbHRvOnRvbUBoZXJiZXJ0bGFuZC5j b21dDQo+PiBTZW50OiBGcmlkYXksIEp1bHkgMjgsIDIwMTcgMTA6NDggQU0NCj4+IFRvOiBMaXVi aW5neWFuZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KPj4gQ2M6IEFsZXhhbmRl ciBDbGVtbSA8YWxleGFuZGVyLmNsZW1tQGh1YXdlaS5jb20+OyBNaWNoYWVsIE1lbnRoIA0KPj4g PG1lbnRoQHVuaS10dWViaW5nZW4uZGU+OyBpZGVhc0BpZXRmLm9yZw0KPj4gU3ViamVjdDogUmU6 IFtJZGVhc10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KPj4N Cj4+IE9uIFRodSwgSnVsIDI3LCAyMDE3IGF0IDY6NDUgUE0sIExpdWJpbmd5YW5nIChCcnlhbikg PGxpdWJpbmd5YW5nQGh1YXdlaS5jb20+IHdyb3RlOg0KPj4+IE5vdyBJIGdldCBpdC4gQnV0IG1h eWJlIEkganVzdCBrbm93IHlvdXIgSVAgYWRkcmVzcyAoSSBkb27igJl0IHdhbnQgdG8gDQo+Pj4g bWVudGlvbiBETlMgaGVyZSBKKSBhbmQgY29tbXVuaWNhdGUgd2l0aCB5b3UuIEluIHRoaXMgY2Fz ZSwgaWYgDQo+Pj4gaWRlbnRpdHkgaXMgc3RpbGwgYXBwbGljYWJsZSwgaXQgbWF5IGRpcmVjdGx5 IGxpbmsgd2l0aCBJUCBhZGRyZXNzLCByaWdodD8NCj4+Pg0KPj4gVGhpcyBxdWVzdGlvbiBjb25m dXNlcyBtZSB3aGljaCBJIHN1cHBvc2UgaXQgdG8gc2F5IHRoZSBub3Rpb24gb2YgaWRlbnRpZnkg cmVsYXRlZCB0byBJUCBhZGRyZXNzaW5nIGlzIHN0aWxsIGNvbmZ1c2luZy4gSWYgdHdvIG5vZGVz IGFyZSBhYmxlIHNvIHN1Y2Nlc3NmdWxseSBjb21tdW5pY2F0ZSB1c2luZyBJUCBhZGRyZXNzIHRo ZW4gd2hlcmUgZG9lcyBpZGVudGl0eSBjb21lIGludG8gcGxheT8gSWYgdGhlIGFwcGxpY2F0aW9u cyBuZWVkIHRvIHZlcmlmeSB3aG9tIHRoZXkncmUgdGFsa2luZyB0aGV5J2xsIHVzaW5nIGEgbWVj aGFuaXNtIGxpa2UgeC41MDkgb3IgVExTICBhbmQgc2hvdWxkIG5ldmVyIHJlbHkgb24gSVAgYWRk cmVzc2VzIGFzIGhhdmluZyBhbnkgc2VjdXJpdHkgcHJvcGVydGllcy4NCj4+DQo+PiBUb20NCj4+ DQo+Pj4NCj4+Pg0KPj4+IEJpbmd5YW5nDQo+Pj4NCj4+Pg0KPj4+DQo+Pj4gRnJvbTogQWxleGFu ZGVyIENsZW1tDQo+Pj4gU2VudDogRnJpZGF5LCBKdWx5IDI4LCAyMDE3IDM6MDEgQU0NCj4+PiBU bzogTGl1YmluZ3lhbmcgKEJyeWFuKSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT47IE1pY2hhZWwg TWVudGggDQo+Pj4gPG1lbnRoQHVuaS10dWViaW5nZW4uZGU+DQo+Pj4gQ2M6IGlkZWFzQGlldGYu b3JnDQo+Pj4gU3ViamVjdDogUkU6IFJFOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBs aW5rIHdpdGggSVAgYWRkcmVzcz8NCj4+Pg0KPj4+DQo+Pj4NCj4+PiBIaSBCaW5neWFuZywNCj4+ Pg0KPj4+DQo+Pj4NCj4+PiBZb3UgbmVlZCB0byBiZSBhYmxlIHRvIHJlZmVyIHRvIGFub3RoZXIg ZW5kcG9pbnQsIHNvIHlvdSBuZWVkIHRvIGtub3cgYXQNCj4+PiBsZWFzdCBvbmUgb2YgaXRzIGlk ZW50aWZpZXJzIGluIG9yZGVyIHRvIHNlbmQgaXQgdHJhZmZpYy4gICBCdXQsIEkgZG9u4oCZdA0K Pj4+IG5lZWQgdG8ga25vdyB5b3VyIGlkZW50aXR5IChpbiB0aGUgbmFycm93ZXIgc2Vuc2Ugb2Yg SURFQVMpLiAgVG8gdXNlIA0KPj4+IGFuIGFuYWxvZ3ksIEkgY2FuIHNlbmQgeW91IGFuIGVtYWls IHVzaW5nIHlvdXIgaWRlbnRpZmllciANCj4+PiBsaXViaW5neWFuZ0BodWF3ZWkuY29tLCBidXQg SSBkb27igJl0IG5lZWQgdG8ga25vdyB5b3VyIGJpcnRoIA0KPj4+IGNlcnRpZmljYXRlIGFuZCBw YXNzcG9ydCBudW1iZXIgdG8gYXNzZXJ0IHlvdXIgaWRlbnRpdHksIG5vciB3b3VsZCBJIA0KPj4+ IGV4cGVjdCBwcm92aWRpbmcgdGhvc2UgdG8gc2VuZCB5b3UgZW1haWwuDQo+Pj4NCj4+Pg0KPj4+ DQo+Pj4gQ2hlZXJzDQo+Pj4NCj4+PiAtLS0gQWxleA0KPj4+DQo+Pj4NCj4+Pg0KPj4+IEZyb206 IExpdWJpbmd5YW5nIChCcnlhbikNCj4+PiBTZW50OiBUaHVyc2RheSwgSnVseSAyNywgMjAxNyAx MDo0MCBBTQ0KPj4+IFRvOiBBbGV4YW5kZXIgQ2xlbW0gPGFsZXhhbmRlci5jbGVtbUBodWF3ZWku Y29tPjsgTWljaGFlbCBNZW50aCANCj4+PiA8bWVudGhAdW5pLXR1ZWJpbmdlbi5kZT4NCj4+PiBD YzogaWRlYXNAaWV0Zi5vcmcNCj4+PiBTdWJqZWN0OiBSZTogUkU6IFtJZGVhc10gQ2FuIGlkZW50 aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KPj4+DQo+Pj4NCj4+Pg0KPj4+IEhp IEFsZXgNCj4+Pg0KPj4+IFNvcnJ5IEkgZG9uJ3QgZ2V0IGl0LiBXaHkgd2hhdCB5b3UgImtub3ci IHNob3VsZCBiZSB3aGF0IHlvdSBsaW5rIA0KPj4+IHdpdGggaWRlbnRpdHk/IEFuZCB3aGF0IGlm IEkganVzdCAia25vdyIgeW91ciBpcCA/DQo+Pj4NCj4+Pg0KPj4+IC0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1CaW5neWFuZyBMaXUNCj4+PiBNOiArODYtMTU4 MTA3OTU5OTQNCj4+PiBFOiBsaXViaW5neWFuZ0BodWF3ZWkuY29tDQo+Pj4gMjAxMiBMYWJvcmF0 b3JpZXMtTkcgSVAgTmV0d29yayBMYWJvcmF0b3J5LDIwMTJMYWJzDQo+Pj4NCj4+PiBGcm9tOiBB bGV4YW5kZXIgQ2xlbW0NCj4+Pg0KPj4+IFRvOiBNaWNoYWVsIE1lbnRoPG1lbnRoQHVuaS10dWVi aW5nZW4uZGU+O0xpdWJpbmd5YW5nDQo+Pj4gKEJyeWFuKTxsaXViaW5neWFuZ0BodWF3ZWkuY29t Pg0KPj4+DQo+Pj4gQ2M6IGlkZWFzQGlldGYub3JnDQo+Pj4NCj4+PiBTdWJqZWN0OiBSRTogW0lk ZWFzXSBDYW4gaWRlbnRpdHkgZGlyZWN0bHkgbGluayB3aXRoIElQIGFkZHJlc3M/DQo+Pj4NCj4+ PiBUaW1lOiAyMDE3LTA3LTI4IDAxOjAyOjI0DQo+Pj4NCj4+Pg0KPj4+DQo+Pj4gWWVzLCBpbiBw cmluY2lwbGUgcG9zc2libGUuDQo+Pj4NCj4+PiBUaGUgcXVlc3Rpb24gaXMgb25seSwgd2hvIHdp bGwgYWN0dWFsbHkga25vdyB0aGUgaWRlbnRpdHkuICBJbiANCj4+PiBnZW5lcmFsLCBlbmRwb2lu dHMgd2lsbCBiZSByZWZlcnJlZCB0byBieSBhbiBpZGVudGlmaWVyIGJ5IG90aGVyIA0KPj4+IHBh cnRpZXMuICBJIHdvdWxkIGVudmlzaW9uIHRoYXQgb3RoZXIgcGFydGllcyBtYXkgImtub3ciIG90 aGVyIA0KPj4+IGVuZHBvaW50cyBieSBwdWJsaWMgaWRlbnRpZmllcnMsIGJ1dCBub3QgYnkgdGhl aXIgYWN0dWFsIGlkZW50aXR5IA0KPj4+IChieSB3aGljaCB0aGV5IHdvdWxkIGJlIGF1dGhlbnRp Y2F0ZWQgdG8gR1JJRFMpLiAgU28sIHdoaWxlIGEgDQo+Pj4gbWFwcGluZyBzeXN0ZW0gbWlnaHQg YmUgZGVzaWduZWQgd2l0aCBmbGV4aWJpbGl0eSBmb3Igc3VjaCBxdWVyaWVzIA0KPj4+IGluIG1p bmQsIEkgZG9uJ3QgdGhpbmsgc3VwcG9ydGluZyBpdCB3b3VsZCBiZSBhIHJlcXVpcmVtZW50IC0g Y2VydGFpbmx5IG5vdCBpbml0aWFsbHkuDQo+Pj4NCj4+PiBJIGFtIG5vdCBzdXJlIEkgd291bGQg Z28gdG8gbXVsdGlwbGUgdGllcnMgb2YgaWRlbnRpdGllcy4gIEl0J3MgYSANCj4+PiBwb3NzaWJp bGl0eSwgYnV0IGl0IHdvdWxkIHJhaXNlIGFkZGl0aW9uYWwgaXNzdWVzIGlmIHdlIHdlcmUgdG8g Z2V0IA0KPj4+IGludG8gdGhlIHJlYWxtIG9mIHBlcnNvbmFsIGlkZW50aXRpZXMgKGFzIG9wcG9z ZWQgdG8gZW5kcG9pbnQgDQo+Pj4gaWRlbnRpdGllcykuICBTbywgSU1ITyB3ZSBtYXkgd2FudCB0 byBzdGF5IGNsZWFyIG9mIHRoaXMuDQo+Pj4NCj4+PiAtLS0gQWxleA0KPj4+DQo+Pj4gLS0tLS1P cmlnaW5hbCBNZXNzYWdlLS0tLS0NCj4+PiBGcm9tOiBJZGVhcyBbbWFpbHRvOmlkZWFzLWJvdW5j ZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBNaWNoYWVsIA0KPj4+IE1lbnRoDQo+Pj4gU2VudDog VGh1cnNkYXksIEp1bHkgMjcsIDIwMTcgMzoxMSBBTQ0KPj4+IFRvOiBMaXViaW5neWFuZyAoQnJ5 YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KPj4+IENjOiBpZGVhc0BpZXRmLm9yZw0KPj4+ IFN1YmplY3Q6IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAg YWRkcmVzcz8NCj4+Pg0KPj4+IERlYXIgQmluZ3lhbmcsIGFsbCwNCj4+Pg0KPj4+IGdvb2QgcG9p bnQhIFlvdSBlc3NlbnRpYWxseSBwcm9wb3NlIGEgbW9yZSBmbGV4aWJsZSBtYXBwaW5nIGJldHdl ZW4gDQo+Pj4gaWRlbnRpdHkgYW5kIGlkZW50aWZpZXJzLiBJIHRoaW5rIGl0IGdlbmVyYWxseSBt YWtlcyBzZW5zZSB0aGF0IHRoZSANCj4+PiBuZXcgbWFwcGluZyBzeXN0ZW0gd2l0aCBhY2Nlc3Mg Y29udHJvbCBpcyBub3QgbGltaXRlZCB0byB0aGUgDQo+Pj4gY3VycmVudGx5IHRocmVlIG9idmlv dXMgbGF5ZXJzIGlkZW50aXR5LWlkZW50aWZpZXItbG9jYXRvciwgYnV0IA0KPj4+IGZvbGxvd3Mg YSBtb3JlIGZsZXhpYmxlDQo+Pj4gaWRlbnRpZmllci0+aWRlbnRpZmllciBtYXBwaW5nLCB3aGVy ZWJ5IGFuIGlkZW50aXR5IGlzIGEgc3BlY2lhbA0KPj4+IGlkZW50aWZpZXIuIFRoZXJlIG1heSBi ZSB1c2UgY2FzZXMgd2hlcmUNCj4+PiBpZGVudGl0eS0+aWRlbnRpdHkgbWF5IG1ha2Ugc2Vuc2Us IGUuZy4sIG1hcHBpbmcgb2YgYSB1c2VyIHRvIGl0cyBkZXZpY2VzLg0KPj4+IFRoaXMgd291bGQg YWxzbyBhbGxvdyBpZGVudGl0eS0+bG9jYXRvciB3aGljaCB3b3VsZCBiZSBoZWxwZnVsIHRvIA0K Pj4+IHN1cHBvcnQgSUQtbmV0d29ya2luZyB3LyBsZWdhY3kgSVB2NC92NiBidXQgdy9vIGxvYy9J RCBzcGxpdC4NCj4+Pg0KPj4+IFJlZ2FyZHMsDQo+Pj4NCj4+PiBNaWNoYWVsDQo+Pj4NCj4+PiBB bSAyNy4wNy4yMDE3IHVtIDExOjQ0IHNjaHJpZWIgTGl1YmluZ3lhbmcgKEJyeWFuKToNCj4+Pj4g SGkgYWxsLA0KPj4+Pg0KPj4+Pg0KPj4+Pg0KPj4+PiBUaGUgY3VycmVudCBtb2RlbCBzZWVtcyBs aWtlIGlkZW50aXR5LS0taWRlbnRpZmllci0tLWxvY2F0b3IsIGFuZCANCj4+Pj4gaWRlbnRpdHkg aXMgYm91bmQgd2l0aCBJRC9Mb2MgcHJvdG9jb2xzLg0KPj4+Pg0KPj4+PiBEbyB5b3UgdGhpbmsg aWRlbnRpdHkgY2FuIGRpcmVjdGx5IGxpbmsgdG8gSVAgYWRkcmVzcywgaS5lLiwgDQo+Pj4+IGlk ZW50aXR5LS0tSVAgYWRkcmVzcywgYW5kIGJlIGFwcGxpZWQgdG8gdGhlIOKAnGxlZ2FjeeKAnSBJ UHY0L0lQdjYgDQo+Pj4+IHdpdGhvdXQgaWRlbnRpZmllcnMgYXMgaW50ZXJtZWRpYXRlPw0KPj4+ Pg0KPj4+Pg0KPj4+Pg0KPj4+PiBCaW5neWFuZyAoQnJ5YW4pDQo+Pj4+DQo+Pj4+DQo+Pj4+DQo+ Pj4+IF9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQo+Pj4+ IElkZWFzIG1haWxpbmcgbGlzdA0KPj4+PiBJZGVhc0BpZXRmLm9yZw0KPj4+PiBodHRwczovL3d3 dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2lkZWFzDQo+Pj4+DQo+Pj4NCj4+PiAtLQ0KPj4+ IFByb2YuIERyLiBoYWJpbC4gTWljaGFlbCBNZW50aA0KPj4+IFVuaXZlcnNpdHkgb2YgVHVlYmlu Z2VuDQo+Pj4gRmFjdWx0eSBvZiBTY2llbmNlDQo+Pj4gRGVwYXJ0bWVudCBvZiBDb21wdXRlciBT Y2llbmNlDQo+Pj4gQ2hhaXIgb2YgQ29tbXVuaWNhdGlvbiBOZXR3b3Jrcw0KPj4+IFNhbmQgMTMs IDcyMDc2IFR1ZWJpbmdlbiwgR2VybWFueQ0KPj4+IHBob25lOiAoKzQ5KS03MDcxLzI5LTcwNTA1 DQo+Pj4gZmF4OiAoKzQ5KS03MDcxLzI5LTUyMjANCj4+PiBtYWlsdG86bWVudGhAdW5pLXR1ZWJp bmdlbi5kZQ0KPj4+IGh0dHA6Ly9rbi5pbmYudW5pLXR1ZWJpbmdlbi5kZQ0KPj4+DQo+Pj4gX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj4+PiBJZGVhcyBt YWlsaW5nIGxpc3QNCj4+PiBJZGVhc0BpZXRmLm9yZw0KPj4+IGh0dHBzOi8vd3d3LmlldGYub3Jn L21haWxtYW4vbGlzdGluZm8vaWRlYXMNCj4+Pg0KPj4+DQo+Pj4gX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj4+PiBJZGVhcyBtYWlsaW5nIGxpc3QNCj4+ PiBJZGVhc0BpZXRmLm9yZw0KPj4+IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGlu Zm8vaWRlYXMNCj4+Pg0K From nobody Fri Jul 28 15:03:52 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A05C1321BC for ; Fri, 28 Jul 2017 15:03:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8g5s_RxUR6H7 for ; Fri, 28 Jul 2017 15:03:45 -0700 (PDT) Received: from mail-wr0-x229.google.com (mail-wr0-x229.google.com [IPv6:2a00:1450:400c:c0c::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58AB21322F7 for ; Fri, 28 Jul 2017 15:03:43 -0700 (PDT) Received: by mail-wr0-x229.google.com with SMTP id f21so103125832wrf.5 for ; Fri, 28 Jul 2017 15:03:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=ebxuSoPeSCiffjWxg7cPcALmonWukcnJjx0uNOjAngE=; b=g/HaUhZvcNgwGIeVzw2r8AAVlHkDyDAwkAsfH6GFwmp9wyEcJHFXuJQvK7EeeesLgd JNkqEThhu+GCsuYDiOb7oCu1pkyPF57O/PTQBwYablg0xU4ModRb01M+bZwkTWVP16jE MSdskwjB5GIpI4Xu1KorSx1VJSXJ5OGdZjUbKNeRgZ622t2H1ysF40Np7ZgR4Pyo1gHr 9gdV6fJw7kqR42eldeWwBePHEgGkpbdUwiTb1AyQsarWurWfk/ZPOb8uI5WW65LIIKg/ VaTQzLKs9cnd469kcvZs+1/lYJRmtrx4wGF9PChUN4eyn4dWEev963+LuRZ33uLQrNOX vOyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=ebxuSoPeSCiffjWxg7cPcALmonWukcnJjx0uNOjAngE=; b=BpTHiRjUZZ24JMErEWYvideeeHacdGZ8tRwTopox8wQRYYhrjdyaIbm5Elr2wDLD6W YQaWPMuS4NcPFomQAWC+HwpVrUGksdcKfyOndF/+TTBkr/2v2uWgMkeD6U3rrYcK7Ols gpVhXSUj2VJ1NtMp9d3R0B+IEe24w1AHXX0Nl7etRHcKu4BeZ+QjdTTW1/4inFxpCUJL sCl3MJ7zXXeGBcrT5AqV73UFBtuMbcIWZnLKCS0DO8GmgBd141sP6mBY2wy30ZR7sDwC sKMT29L4TG85Fe7X1Fuae3y9Krkej8H51dzQAtMiYQMvinRpyzabZ8p4JrwilEGTTEmO 4PkQ== X-Gm-Message-State: AIVw113LNGhGm9rUALiBmr4MOm8cS+Ob2tyFp6UoFRi/tBZ6vup7zuj4 L6+LyvH1X3ya7l6ksFMEeMHoqOnB/HVM X-Received: by 10.223.133.146 with SMTP id 18mr7262492wrt.214.1501279421729; Fri, 28 Jul 2017 15:03:41 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.130.85 with HTTP; Fri, 28 Jul 2017 15:03:41 -0700 (PDT) In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB405@SJCEML703-CHM.china.huawei.com> References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB405@SJCEML703-CHM.china.huawei.com> From: Tom Herbert Date: Fri, 28 Jul 2017 15:03:41 -0700 Message-ID: To: Alexander Clemm Cc: "Liubingyang (Bryan)" , Michael Menth , "ideas@ietf.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 22:03:48 -0000 On Fri, Jul 28, 2017 at 2:30 PM, Alexander Clemm wrote: > Hi Tom, > > I would certainly think that we would want firewall rules to not just be = based on locators. So, it will make sense to apply them on a per-identifie= r basis. > > Whether we would like to apply them on the basis of the underlying identi= ty is something that we as working group should discuss. It is possible, b= ut in that case the firewall would certainly have a dependency on the ident= ity services plane. In essence the firewall would need to be able to speci= fy a rule "apply this rule to the endpoint whose identity is tied to this i= dentifier", and then as one possibility have the firewall interact with the= identity services to apply the rules against other identifiers are associa= ted with the same endpoint/identity. I don't think identity should be carr= ied on the data path nor would that be necessary. > Agreed. Another question I would ask concerning introducing identity at the IP layer is how this will relate to other forms of identity that already exist. For instance, how would this relate to the subscriber identity of a mobile device (e.g. SIM). Would the IP layer identity be derived from these, or is IP identity somehow independent of these? Thinking about how mobility might play out in a mobile network, I think it's likely that the mobility manager will want to populate the identifier/locator mapping table with the proper entries. In the case that devices are get a set of addresses for obfuscation purposes, it makes sense that the addresses are group together so that the mobility manager can change the common locator for the set in one shot. That seems straightforward, but the question that I'm struggling with is whether the mapping system (or rest of network) should or must infer additional semantics on this grouping which I suppose constitutes an identity (of the device or subscriber in mobile case). Identity is obviously sensitive data especially if it is PII, so minimizing exposure and dissemination is important. Tom > --- Alex > > -----Original Message----- > From: Tom Herbert [mailto:tom@herbertland.com] > Sent: Friday, July 28, 2017 10:07 AM > To: Alexander Clemm > Cc: Liubingyang (Bryan) ; Michael Menth ; ideas@ietf.org > Subject: Re: [Ideas] Can identity directly link with IP address? > > On Fri, Jul 28, 2017 at 9:44 AM, Alexander Clemm wrote: >> Yes, exactly. >> And likewise, GRIDS will not be in the data path. >> To communicate successfully, a node will need to merely know the identif= ier of who it wants to talk to (and which can be resolved to a locator). I= dentity is needed so that you can e.g. easily associate multiple identifier= s with the same endpoint (for example, so you can easier apply anonymizatio= n schemes such as was mentioned by Dino), and so it is easier to administer= the overall system (such as, firewall rules, which would be nice if you co= uld avoid having to update them every time an endpoint's IP address changes= ). > > Alex, > > I understand the administrative benefits for grouping together a set of r= elated identifiers so that their common location can be moved in the mappin= g system in one step. But that doesn't affect the mapping system function, = it's job is still to map identifiers to locators. > Firewalls rules, however, are more invasive-- these would be on the datap= ath. If the intent is that firewall rules are now based on identity then th= is does introduce the notion of identity to be critical in the data path? E= xtrapolating further, if identity becomes essential to data path operations= , then what will it mean if identity of a user is compromised? For example,= if the network provider maintains identities of its users but their databa= se is compromised would this put user at risk? > > Thanks, > Tom > >> --- Alex >> >> -----Original Message----- >> From: Tom Herbert [mailto:tom@herbertland.com] >> Sent: Friday, July 28, 2017 8:12 AM >> To: Liubingyang (Bryan) >> Cc: Alexander Clemm ; Michael Menth >> ; ideas@ietf.org >> Subject: Re: [Ideas] Can identity directly link with IP address? >> >> On Thu, Jul 27, 2017 at 8:45 PM, Liubingyang (Bryan) wrote: >>> Hi Tom, >>> >>> I see what you mean. But I don't think your concern is specific to IP a= ddress. Btw, I think certificate is just one way to bind identity with some= thing, not the identity itself. >>> >> Bingyang, >> >> I think one difference is that certificate can be signed by a trusted th= ird party whereas IP addresses aren't. The third party involvement is impor= tant since the signing authority is not in the data path for the communicat= ion which keeps a separation of functions and is stronger for privacy. In t= he case of a network provider it's both the authority and in the data path = for IP addresses-- this is probably necessary but lessens the possibility o= f making IP addresses secure mechanisms. >> >> Tom >> >>> Bingyang >>> >>> -----Original Message----- >>> From: Tom Herbert [mailto:tom@herbertland.com] >>> Sent: Friday, July 28, 2017 10:48 AM >>> To: Liubingyang (Bryan) >>> Cc: Alexander Clemm ; Michael Menth >>> ; ideas@ietf.org >>> Subject: Re: [Ideas] Can identity directly link with IP address? >>> >>> On Thu, Jul 27, 2017 at 6:45 PM, Liubingyang (Bryan) wrote: >>>> Now I get it. But maybe I just know your IP address (I don=E2=80=99t w= ant to >>>> mention DNS here J) and communicate with you. In this case, if >>>> identity is still applicable, it may directly link with IP address, ri= ght? >>>> >>> This question confuses me which I suppose it to say the notion of ident= ify related to IP addressing is still confusing. If two nodes are able so s= uccessfully communicate using IP address then where does identity come into= play? If the applications need to verify whom they're talking they'll usin= g a mechanism like x.509 or TLS and should never rely on IP addresses as h= aving any security properties. >>> >>> Tom >>> >>>> >>>> >>>> Bingyang >>>> >>>> >>>> >>>> From: Alexander Clemm >>>> Sent: Friday, July 28, 2017 3:01 AM >>>> To: Liubingyang (Bryan) ; Michael Menth >>>> >>>> Cc: ideas@ietf.org >>>> Subject: RE: RE: [Ideas] Can identity directly link with IP address? >>>> >>>> >>>> >>>> Hi Bingyang, >>>> >>>> >>>> >>>> You need to be able to refer to another endpoint, so you need to know = at >>>> least one of its identifiers in order to send it traffic. But, I don= =E2=80=99t >>>> need to know your identity (in the narrower sense of IDEAS). To use >>>> an analogy, I can send you an email using your identifier >>>> liubingyang@huawei.com, but I don=E2=80=99t need to know your birth >>>> certificate and passport number to assert your identity, nor would I >>>> expect providing those to send you email. >>>> >>>> >>>> >>>> Cheers >>>> >>>> --- Alex >>>> >>>> >>>> >>>> From: Liubingyang (Bryan) >>>> Sent: Thursday, July 27, 2017 10:40 AM >>>> To: Alexander Clemm ; Michael Menth >>>> >>>> Cc: ideas@ietf.org >>>> Subject: Re: RE: [Ideas] Can identity directly link with IP address? >>>> >>>> >>>> >>>> Hi Alex >>>> >>>> Sorry I don't get it. Why what you "know" should be what you link >>>> with identity? And what if I just "know" your ip ? >>>> >>>> >>>> ----------------------------------------------Bingyang Liu >>>> M: +86-15810795994 >>>> E: liubingyang@huawei.com >>>> 2012 Laboratories-NG IP Network Laboratory,2012Labs >>>> >>>> From: Alexander Clemm >>>> >>>> To: Michael Menth;Liubingyang >>>> (Bryan) >>>> >>>> Cc: ideas@ietf.org >>>> >>>> Subject: RE: [Ideas] Can identity directly link with IP address? >>>> >>>> Time: 2017-07-28 01:02:24 >>>> >>>> >>>> >>>> Yes, in principle possible. >>>> >>>> The question is only, who will actually know the identity. In >>>> general, endpoints will be referred to by an identifier by other >>>> parties. I would envision that other parties may "know" other >>>> endpoints by public identifiers, but not by their actual identity >>>> (by which they would be authenticated to GRIDS). So, while a >>>> mapping system might be designed with flexibility for such queries >>>> in mind, I don't think supporting it would be a requirement - certainl= y not initially. >>>> >>>> I am not sure I would go to multiple tiers of identities. It's a >>>> possibility, but it would raise additional issues if we were to get >>>> into the realm of personal identities (as opposed to endpoint >>>> identities). So, IMHO we may want to stay clear of this. >>>> >>>> --- Alex >>>> >>>> -----Original Message----- >>>> From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Michael >>>> Menth >>>> Sent: Thursday, July 27, 2017 3:11 AM >>>> To: Liubingyang (Bryan) >>>> Cc: ideas@ietf.org >>>> Subject: Re: [Ideas] Can identity directly link with IP address? >>>> >>>> Dear Bingyang, all, >>>> >>>> good point! You essentially propose a more flexible mapping between >>>> identity and identifiers. I think it generally makes sense that the >>>> new mapping system with access control is not limited to the >>>> currently three obvious layers identity-identifier-locator, but >>>> follows a more flexible >>>> identifier->identifier mapping, whereby an identity is a special >>>> identifier. There may be use cases where >>>> identity->identity may make sense, e.g., mapping of a user to its devi= ces. >>>> This would also allow identity->locator which would be helpful to >>>> support ID-networking w/ legacy IPv4/v6 but w/o loc/ID split. >>>> >>>> Regards, >>>> >>>> Michael >>>> >>>> Am 27.07.2017 um 11:44 schrieb Liubingyang (Bryan): >>>>> Hi all, >>>>> >>>>> >>>>> >>>>> The current model seems like identity---identifier---locator, and >>>>> identity is bound with ID/Loc protocols. >>>>> >>>>> Do you think identity can directly link to IP address, i.e., >>>>> identity---IP address, and be applied to the =E2=80=9Clegacy=E2=80=9D= IPv4/IPv6 >>>>> without identifiers as intermediate? >>>>> >>>>> >>>>> >>>>> Bingyang (Bryan) >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Ideas mailing list >>>>> Ideas@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/ideas >>>>> >>>> >>>> -- >>>> Prof. Dr. habil. Michael Menth >>>> University of Tuebingen >>>> Faculty of Science >>>> Department of Computer Science >>>> Chair of Communication Networks >>>> Sand 13, 72076 Tuebingen, Germany >>>> phone: (+49)-7071/29-70505 >>>> fax: (+49)-7071/29-5220 >>>> mailto:menth@uni-tuebingen.de >>>> http://kn.inf.uni-tuebingen.de >>>> >>>> _______________________________________________ >>>> Ideas mailing list >>>> Ideas@ietf.org >>>> https://www.ietf.org/mailman/listinfo/ideas >>>> >>>> >>>> _______________________________________________ >>>> Ideas mailing list >>>> Ideas@ietf.org >>>> https://www.ietf.org/mailman/listinfo/ideas >>>> From nobody Fri Jul 28 15:17:59 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBAEC131DA4 for ; Fri, 28 Jul 2017 15:17:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.222 X-Spam-Level: X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5HwT1wqegxkd for ; Fri, 28 Jul 2017 15:17:55 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3947D13170E for ; Fri, 28 Jul 2017 15:17:55 -0700 (PDT) Received: from 172.18.7.190 (EHLO LHREML711-CAH.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DSG09382; Fri, 28 Jul 2017 22:11:26 +0000 (GMT) Received: from SJCEML701-CHM.china.huawei.com (10.208.112.40) by LHREML711-CAH.china.huawei.com (10.201.108.34) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 28 Jul 2017 23:11:25 +0100 Received: from SJCEML703-CHM.china.huawei.com ([169.254.5.240]) by SJCEML701-CHM.china.huawei.com ([169.254.3.13]) with mapi id 14.03.0301.000; Fri, 28 Jul 2017 15:11:13 -0700 From: Uma Chunduri To: Alexander Clemm , Tom Herbert , "Liubingyang (Bryan)" CC: "ideas@ietf.org" , Michael Menth Thread-Topic: [Ideas] Can identity directly link with IP address? Thread-Index: AdMGvFKeZP1DJNf1R2+EIq8k2KkoEAAPwWSAAACGzCAADyn2gAAMENtQAATdTIAAAjO2AAAB+66AABf+aQAAAzt2gAADf/dQ Date: Fri, 28 Jul 2017 22:11:12 +0000 Message-ID: <25B4902B1192E84696414485F572685401A37DD3@SJCEML703-CHM.china.huawei.com> References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.213.49.38] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090205.597BB68E.00FB, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.240, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 2f403d5686c8c21db4edc3b48edc6500 Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 22:17:59 -0000 PiBJZGVudGl0eSBpcyBuZWVkZWQgc28gdGhhdCB5b3UgY2FuIGUuZy4gZWFzaWx5IGFzc29jaWF0 ZSBtdWx0aXBsZSBpZGVudGlmaWVycyB3aXRoIHRoZSBzYW1lIGVuZHBvaW50IChmb3IgZXhhbXBs ZSwgc28geW91IGNhbiBlYXNpZXIgYXBwbHkgYW5vbnltaXphdGlvbiBzY2hlbWVzIHN1Y2ggYXMg d2FzIG1lbnRpb25lZCBieSBEaW5vKSwgDQo+IGFuZCBzbyBpdCBpcyBlYXNpZXIgdG8gYWRtaW5p c3RlciB0aGUgb3ZlcmFsbCBzeXN0ZW0gKHN1Y2ggYXMsIGZpcmV3YWxsIHJ1bGVzLCB3aGljaCB3 b3VsZCBiZSBuaWNlIGlmIHlvdSBjb3VsZCBhdm9pZCBoYXZpbmcgdG8gdXBkYXRlIHRoZW0gZXZl cnkgdGltZSBhbiBlbmRwb2ludCdzIElQIGFkZHJlc3MgY2hhbmdlcykuICANCg0KKzENCg0KSnVz dCB0byBhZGQgYSBiaXQgbW9yZToNCg0KMS4gSWRlbnRpdHkgaXMgZW50cnkgcG9pbnQgdG8gdGhl IHN5c3RlbSAoR1JJRFMpIGFuZCBtYWlubHkgZm9yIGF1dGhlbnRpY2F0aW9uIChtdXR1YWwgYXV0 aGVudGljYXRpb24gcGVyaGFwcykNCgktIHdlIGNhbiBjaG9vc2UgbXVsdGlwbGUgQVVUSCBtZXRo b2RzIChub3QgbmVjZXNzYXJpbHkgcmVzdHJpY3RlZCBYLjUwOSkgd2hpY2ggc3VpdHMgZm9yIHRo ZSBlbnRpdHkgKGxvdy1wb3dlci9oaWdoLXBvd2VyICBJT1QsIHZlaGljdWxhciBub2RlIGV0Yy4u KQ0KMi4gSWRlbnRpdHkgaXMgbm90IGluIHRoZSBkYXRhIHBsYW5lIGFuZCBwZWVyIHdvdWxkbid0 IGtub3cuIFBlZXIga25vd3Mgb25seSBvbmUgb2YgdGhlIChsb25nLWxpdmVkKSBpZGVudGlmaWVy IGxpa2UgRUlEL0hJVCBhbmQgdGhlIHNhbWUgd291bGQgYmUgdXNlZCB0byBMT0MgcmVzb2x1dGlv bi4NCjMuIElkZW50aXR5IHdpbGwgaGF2ZSBsaWZlIGN5Y2xlIChjYW4gYmUgY2hhbmdlZCB3aXRo IG92ZXJoZWFkIG9mIG1vdmluZyB0aGUgcnVsZXMpDQoNCi0tDQpVbWEgQy4NCg0KDQotLS0tLU9y aWdpbmFsIE1lc3NhZ2UtLS0tLQ0KRnJvbTogSWRlYXMgW21haWx0bzppZGVhcy1ib3VuY2VzQGll dGYub3JnXSBPbiBCZWhhbGYgT2YgQWxleGFuZGVyIENsZW1tDQpTZW50OiBGcmlkYXksIEp1bHkg MjgsIDIwMTcgOTo0NSBBTQ0KVG86IFRvbSBIZXJiZXJ0IDx0b21AaGVyYmVydGxhbmQuY29tPjsg TGl1YmluZ3lhbmcgKEJyeWFuKSA8bGl1YmluZ3lhbmdAaHVhd2VpLmNvbT4NCkNjOiBpZGVhc0Bp ZXRmLm9yZzsgTWljaGFlbCBNZW50aCA8bWVudGhAdW5pLXR1ZWJpbmdlbi5kZT4NClN1YmplY3Q6 IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8N Cg0KWWVzLCBleGFjdGx5LiAgDQpBbmQgbGlrZXdpc2UsIEdSSURTIHdpbGwgbm90IGJlIGluIHRo ZSBkYXRhIHBhdGguICANClRvIGNvbW11bmljYXRlIHN1Y2Nlc3NmdWxseSwgYSBub2RlIHdpbGwg bmVlZCB0byBtZXJlbHkga25vdyB0aGUgaWRlbnRpZmllciBvZiB3aG8gaXQgd2FudHMgdG8gdGFs ayB0byAoYW5kIHdoaWNoIGNhbiBiZSByZXNvbHZlZCB0byBhIGxvY2F0b3IpLiAgSWRlbnRpdHkg aXMgbmVlZGVkIHNvIHRoYXQgeW91IGNhbiBlLmcuIGVhc2lseSBhc3NvY2lhdGUgbXVsdGlwbGUg aWRlbnRpZmllcnMgd2l0aCB0aGUgc2FtZSBlbmRwb2ludCAoZm9yIGV4YW1wbGUsIHNvIHlvdSBj YW4gZWFzaWVyIGFwcGx5IGFub255bWl6YXRpb24gc2NoZW1lcyBzdWNoIGFzIHdhcyBtZW50aW9u ZWQgYnkgRGlubyksIGFuZCBzbyBpdCBpcyBlYXNpZXIgdG8gYWRtaW5pc3RlciB0aGUgb3ZlcmFs bCBzeXN0ZW0gKHN1Y2ggYXMsIGZpcmV3YWxsIHJ1bGVzLCB3aGljaCB3b3VsZCBiZSBuaWNlIGlm IHlvdSBjb3VsZCBhdm9pZCBoYXZpbmcgdG8gdXBkYXRlIHRoZW0gZXZlcnkgdGltZSBhbiBlbmRw b2ludCdzIElQIGFkZHJlc3MgY2hhbmdlcykuICANCi0tLSBBbGV4DQoNCi0tLS0tT3JpZ2luYWwg TWVzc2FnZS0tLS0tDQpGcm9tOiBUb20gSGVyYmVydCBbbWFpbHRvOnRvbUBoZXJiZXJ0bGFuZC5j b21dDQpTZW50OiBGcmlkYXksIEp1bHkgMjgsIDIwMTcgODoxMiBBTQ0KVG86IExpdWJpbmd5YW5n IChCcnlhbikgPGxpdWJpbmd5YW5nQGh1YXdlaS5jb20+DQpDYzogQWxleGFuZGVyIENsZW1tIDxh bGV4YW5kZXIuY2xlbW1AaHVhd2VpLmNvbT47IE1pY2hhZWwgTWVudGggPG1lbnRoQHVuaS10dWVi aW5nZW4uZGU+OyBpZGVhc0BpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtJZGVhc10gQ2FuIGlkZW50 aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KDQpPbiBUaHUsIEp1bCAyNywgMjAx NyBhdCA4OjQ1IFBNLCBMaXViaW5neWFuZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29t PiB3cm90ZToNCj4gSGkgVG9tLA0KPg0KPiBJIHNlZSB3aGF0IHlvdSBtZWFuLiBCdXQgSSBkb24n dCB0aGluayB5b3VyIGNvbmNlcm4gaXMgc3BlY2lmaWMgdG8gSVAgYWRkcmVzcy4gQnR3LCBJIHRo aW5rIGNlcnRpZmljYXRlIGlzIGp1c3Qgb25lIHdheSB0byBiaW5kIGlkZW50aXR5IHdpdGggc29t ZXRoaW5nLCBub3QgdGhlIGlkZW50aXR5IGl0c2VsZi4NCj4NCkJpbmd5YW5nLA0KDQpJIHRoaW5r IG9uZSBkaWZmZXJlbmNlIGlzIHRoYXQgY2VydGlmaWNhdGUgY2FuIGJlIHNpZ25lZCBieSBhIHRy dXN0ZWQgdGhpcmQgcGFydHkgd2hlcmVhcyBJUCBhZGRyZXNzZXMgYXJlbid0LiBUaGUgdGhpcmQg cGFydHkgaW52b2x2ZW1lbnQgaXMgaW1wb3J0YW50IHNpbmNlIHRoZSBzaWduaW5nIGF1dGhvcml0 eSBpcyBub3QgaW4gdGhlIGRhdGEgcGF0aCBmb3IgdGhlIGNvbW11bmljYXRpb24gd2hpY2gga2Vl cHMgYSBzZXBhcmF0aW9uIG9mIGZ1bmN0aW9ucyBhbmQgaXMgc3Ryb25nZXIgZm9yIHByaXZhY3ku IEluIHRoZSBjYXNlIG9mIGEgbmV0d29yayBwcm92aWRlciBpdCdzIGJvdGggdGhlIGF1dGhvcml0 eSBhbmQgaW4gdGhlIGRhdGEgcGF0aCBmb3IgSVAgYWRkcmVzc2VzLS0gdGhpcyBpcyBwcm9iYWJs eSBuZWNlc3NhcnkgYnV0IGxlc3NlbnMgdGhlIHBvc3NpYmlsaXR5IG9mIG1ha2luZyBJUCBhZGRy ZXNzZXMgc2VjdXJlIG1lY2hhbmlzbXMuDQoNClRvbQ0KDQo+IEJpbmd5YW5nDQo+DQo+IC0tLS0t T3JpZ2luYWwgTWVzc2FnZS0tLS0tDQo+IEZyb206IFRvbSBIZXJiZXJ0IFttYWlsdG86dG9tQGhl cmJlcnRsYW5kLmNvbV0NCj4gU2VudDogRnJpZGF5LCBKdWx5IDI4LCAyMDE3IDEwOjQ4IEFNDQo+ IFRvOiBMaXViaW5neWFuZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KPiBDYzog QWxleGFuZGVyIENsZW1tIDxhbGV4YW5kZXIuY2xlbW1AaHVhd2VpLmNvbT47IE1pY2hhZWwgTWVu dGggDQo+IDxtZW50aEB1bmktdHVlYmluZ2VuLmRlPjsgaWRlYXNAaWV0Zi5vcmcNCj4gU3ViamVj dDogUmU6IFtJZGVhc10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNz Pw0KPg0KPiBPbiBUaHUsIEp1bCAyNywgMjAxNyBhdCA2OjQ1IFBNLCBMaXViaW5neWFuZyAoQnJ5 YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPiB3cm90ZToNCj4+IE5vdyBJIGdldCBpdC4gQnV0 IG1heWJlIEkganVzdCBrbm93IHlvdXIgSVAgYWRkcmVzcyAoSSBkb27igJl0IHdhbnQgdG8gDQo+ PiBtZW50aW9uIEROUyBoZXJlIEopIGFuZCBjb21tdW5pY2F0ZSB3aXRoIHlvdS4gSW4gdGhpcyBj YXNlLCBpZiANCj4+IGlkZW50aXR5IGlzIHN0aWxsIGFwcGxpY2FibGUsIGl0IG1heSBkaXJlY3Rs eSBsaW5rIHdpdGggSVAgYWRkcmVzcywgcmlnaHQ/DQo+Pg0KPiBUaGlzIHF1ZXN0aW9uIGNvbmZ1 c2VzIG1lIHdoaWNoIEkgc3VwcG9zZSBpdCB0byBzYXkgdGhlIG5vdGlvbiBvZiBpZGVudGlmeSBy ZWxhdGVkIHRvIElQIGFkZHJlc3NpbmcgaXMgc3RpbGwgY29uZnVzaW5nLiBJZiB0d28gbm9kZXMg YXJlIGFibGUgc28gc3VjY2Vzc2Z1bGx5IGNvbW11bmljYXRlIHVzaW5nIElQIGFkZHJlc3MgdGhl biB3aGVyZSBkb2VzIGlkZW50aXR5IGNvbWUgaW50byBwbGF5PyBJZiB0aGUgYXBwbGljYXRpb25z IG5lZWQgdG8gdmVyaWZ5IHdob20gdGhleSdyZSB0YWxraW5nIHRoZXknbGwgdXNpbmcgYSBtZWNo YW5pc20gbGlrZSB4LjUwOSBvciBUTFMgIGFuZCBzaG91bGQgbmV2ZXIgcmVseSBvbiBJUCBhZGRy ZXNzZXMgYXMgaGF2aW5nIGFueSBzZWN1cml0eSBwcm9wZXJ0aWVzLg0KPg0KPiBUb20NCj4NCj4+ DQo+Pg0KPj4gQmluZ3lhbmcNCj4+DQo+Pg0KPj4NCj4+IEZyb206IEFsZXhhbmRlciBDbGVtbQ0K Pj4gU2VudDogRnJpZGF5LCBKdWx5IDI4LCAyMDE3IDM6MDEgQU0NCj4+IFRvOiBMaXViaW5neWFu ZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPjsgTWljaGFlbCBNZW50aCANCj4+IDxt ZW50aEB1bmktdHVlYmluZ2VuLmRlPg0KPj4gQ2M6IGlkZWFzQGlldGYub3JnDQo+PiBTdWJqZWN0 OiBSRTogUkU6IFtJZGVhc10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRy ZXNzPw0KPj4NCj4+DQo+Pg0KPj4gSGkgQmluZ3lhbmcsDQo+Pg0KPj4NCj4+DQo+PiBZb3UgbmVl ZCB0byBiZSBhYmxlIHRvIHJlZmVyIHRvIGFub3RoZXIgZW5kcG9pbnQsIHNvIHlvdSBuZWVkIHRv IGtub3cgYXQNCj4+IGxlYXN0IG9uZSBvZiBpdHMgaWRlbnRpZmllcnMgaW4gb3JkZXIgdG8gc2Vu ZCBpdCB0cmFmZmljLiAgIEJ1dCwgSSBkb27igJl0DQo+PiBuZWVkIHRvIGtub3cgeW91ciBpZGVu dGl0eSAoaW4gdGhlIG5hcnJvd2VyIHNlbnNlIG9mIElERUFTKS4gIFRvIHVzZSANCj4+IGFuIGFu YWxvZ3ksIEkgY2FuIHNlbmQgeW91IGFuIGVtYWlsIHVzaW5nIHlvdXIgaWRlbnRpZmllciANCj4+ IGxpdWJpbmd5YW5nQGh1YXdlaS5jb20sIGJ1dCBJIGRvbuKAmXQgbmVlZCB0byBrbm93IHlvdXIg YmlydGggDQo+PiBjZXJ0aWZpY2F0ZSBhbmQgcGFzc3BvcnQgbnVtYmVyIHRvIGFzc2VydCB5b3Vy IGlkZW50aXR5LCBub3Igd291bGQgSSANCj4+IGV4cGVjdCBwcm92aWRpbmcgdGhvc2UgdG8gc2Vu ZCB5b3UgZW1haWwuDQo+Pg0KPj4NCj4+DQo+PiBDaGVlcnMNCj4+DQo+PiAtLS0gQWxleA0KPj4N Cj4+DQo+Pg0KPj4gRnJvbTogTGl1YmluZ3lhbmcgKEJyeWFuKQ0KPj4gU2VudDogVGh1cnNkYXks IEp1bHkgMjcsIDIwMTcgMTA6NDAgQU0NCj4+IFRvOiBBbGV4YW5kZXIgQ2xlbW0gPGFsZXhhbmRl ci5jbGVtbUBodWF3ZWkuY29tPjsgTWljaGFlbCBNZW50aCANCj4+IDxtZW50aEB1bmktdHVlYmlu Z2VuLmRlPg0KPj4gQ2M6IGlkZWFzQGlldGYub3JnDQo+PiBTdWJqZWN0OiBSZTogUkU6IFtJZGVh c10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KPj4NCj4+DQo+ Pg0KPj4gSGkgQWxleA0KPj4NCj4+IFNvcnJ5IEkgZG9uJ3QgZ2V0IGl0LiBXaHkgd2hhdCB5b3Ug Imtub3ciIHNob3VsZCBiZSB3aGF0IHlvdSBsaW5rIA0KPj4gd2l0aCBpZGVudGl0eT8gQW5kIHdo YXQgaWYgSSBqdXN0ICJrbm93IiB5b3VyIGlwID8NCj4+DQo+Pg0KPj4gLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLUJpbmd5YW5nIExpdQ0KPj4gTTogKzg2LTE1 ODEwNzk1OTk0DQo+PiBFOiBsaXViaW5neWFuZ0BodWF3ZWkuY29tDQo+PiAyMDEyIExhYm9yYXRv cmllcy1ORyBJUCBOZXR3b3JrIExhYm9yYXRvcnksMjAxMkxhYnMNCj4+DQo+PiBGcm9tOiBBbGV4 YW5kZXIgQ2xlbW0NCj4+DQo+PiBUbzogTWljaGFlbCBNZW50aDxtZW50aEB1bmktdHVlYmluZ2Vu LmRlPjtMaXViaW5neWFuZw0KPj4gKEJyeWFuKTxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KPj4N Cj4+IENjOiBpZGVhc0BpZXRmLm9yZw0KPj4NCj4+IFN1YmplY3Q6IFJFOiBbSWRlYXNdIENhbiBp ZGVudGl0eSBkaXJlY3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8NCj4+DQo+PiBUaW1lOiAyMDE3 LTA3LTI4IDAxOjAyOjI0DQo+Pg0KPj4NCj4+DQo+PiBZZXMsIGluIHByaW5jaXBsZSBwb3NzaWJs ZS4NCj4+DQo+PiBUaGUgcXVlc3Rpb24gaXMgb25seSwgd2hvIHdpbGwgYWN0dWFsbHkga25vdyB0 aGUgaWRlbnRpdHkuICBJbiANCj4+IGdlbmVyYWwsIGVuZHBvaW50cyB3aWxsIGJlIHJlZmVycmVk IHRvIGJ5IGFuIGlkZW50aWZpZXIgYnkgb3RoZXIgDQo+PiBwYXJ0aWVzLiAgSSB3b3VsZCBlbnZp c2lvbiB0aGF0IG90aGVyIHBhcnRpZXMgbWF5ICJrbm93IiBvdGhlciANCj4+IGVuZHBvaW50cyBi eSBwdWJsaWMgaWRlbnRpZmllcnMsIGJ1dCBub3QgYnkgdGhlaXIgYWN0dWFsIGlkZW50aXR5IChi eSANCj4+IHdoaWNoIHRoZXkgd291bGQgYmUgYXV0aGVudGljYXRlZCB0byBHUklEUykuICBTbywg d2hpbGUgYSBtYXBwaW5nIA0KPj4gc3lzdGVtIG1pZ2h0IGJlIGRlc2lnbmVkIHdpdGggZmxleGli aWxpdHkgZm9yIHN1Y2ggcXVlcmllcyBpbiBtaW5kLCBJIA0KPj4gZG9uJ3QgdGhpbmsgc3VwcG9y dGluZyBpdCB3b3VsZCBiZSBhIHJlcXVpcmVtZW50IC0gY2VydGFpbmx5IG5vdCBpbml0aWFsbHku DQo+Pg0KPj4gSSBhbSBub3Qgc3VyZSBJIHdvdWxkIGdvIHRvIG11bHRpcGxlIHRpZXJzIG9mIGlk ZW50aXRpZXMuICBJdCdzIGEgDQo+PiBwb3NzaWJpbGl0eSwgYnV0IGl0IHdvdWxkIHJhaXNlIGFk ZGl0aW9uYWwgaXNzdWVzIGlmIHdlIHdlcmUgdG8gZ2V0IA0KPj4gaW50byB0aGUgcmVhbG0gb2Yg cGVyc29uYWwgaWRlbnRpdGllcyAoYXMgb3Bwb3NlZCB0byBlbmRwb2ludCANCj4+IGlkZW50aXRp ZXMpLiAgU28sIElNSE8gd2UgbWF5IHdhbnQgdG8gc3RheSBjbGVhciBvZiB0aGlzLg0KPj4NCj4+ IC0tLSBBbGV4DQo+Pg0KPj4gLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCj4+IEZyb206IElk ZWFzIFttYWlsdG86aWRlYXMtYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIE1pY2hhZWwg DQo+PiBNZW50aA0KPj4gU2VudDogVGh1cnNkYXksIEp1bHkgMjcsIDIwMTcgMzoxMSBBTQ0KPj4g VG86IExpdWJpbmd5YW5nIChCcnlhbikgPGxpdWJpbmd5YW5nQGh1YXdlaS5jb20+DQo+PiBDYzog aWRlYXNAaWV0Zi5vcmcNCj4+IFN1YmplY3Q6IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJl Y3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8NCj4+DQo+PiBEZWFyIEJpbmd5YW5nLCBhbGwsDQo+ Pg0KPj4gZ29vZCBwb2ludCEgWW91IGVzc2VudGlhbGx5IHByb3Bvc2UgYSBtb3JlIGZsZXhpYmxl IG1hcHBpbmcgYmV0d2VlbiANCj4+IGlkZW50aXR5IGFuZCBpZGVudGlmaWVycy4gSSB0aGluayBp dCBnZW5lcmFsbHkgbWFrZXMgc2Vuc2UgdGhhdCB0aGUgDQo+PiBuZXcgbWFwcGluZyBzeXN0ZW0g d2l0aCBhY2Nlc3MgY29udHJvbCBpcyBub3QgbGltaXRlZCB0byB0aGUgDQo+PiBjdXJyZW50bHkg dGhyZWUgb2J2aW91cyBsYXllcnMgaWRlbnRpdHktaWRlbnRpZmllci1sb2NhdG9yLCBidXQgDQo+ PiBmb2xsb3dzIGEgbW9yZSBmbGV4aWJsZQ0KPj4gaWRlbnRpZmllci0+aWRlbnRpZmllciBtYXBw aW5nLCB3aGVyZWJ5IGFuIGlkZW50aXR5IGlzIGEgc3BlY2lhbA0KPj4gaWRlbnRpZmllci4gVGhl cmUgbWF5IGJlIHVzZSBjYXNlcyB3aGVyZQ0KPj4gaWRlbnRpdHktPmlkZW50aXR5IG1heSBtYWtl IHNlbnNlLCBlLmcuLCBtYXBwaW5nIG9mIGEgdXNlciB0byBpdHMgZGV2aWNlcy4NCj4+IFRoaXMg d291bGQgYWxzbyBhbGxvdyBpZGVudGl0eS0+bG9jYXRvciB3aGljaCB3b3VsZCBiZSBoZWxwZnVs IHRvIA0KPj4gc3VwcG9ydCBJRC1uZXR3b3JraW5nIHcvIGxlZ2FjeSBJUHY0L3Y2IGJ1dCB3L28g bG9jL0lEIHNwbGl0Lg0KPj4NCj4+IFJlZ2FyZHMsDQo+Pg0KPj4gTWljaGFlbA0KPj4NCj4+IEFt IDI3LjA3LjIwMTcgdW0gMTE6NDQgc2NocmllYiBMaXViaW5neWFuZyAoQnJ5YW4pOg0KPj4+IEhp IGFsbCwNCj4+Pg0KPj4+DQo+Pj4NCj4+PiBUaGUgY3VycmVudCBtb2RlbCBzZWVtcyBsaWtlIGlk ZW50aXR5LS0taWRlbnRpZmllci0tLWxvY2F0b3IsIGFuZCANCj4+PiBpZGVudGl0eSBpcyBib3Vu ZCB3aXRoIElEL0xvYyBwcm90b2NvbHMuDQo+Pj4NCj4+PiBEbyB5b3UgdGhpbmsgaWRlbnRpdHkg Y2FuIGRpcmVjdGx5IGxpbmsgdG8gSVAgYWRkcmVzcywgaS5lLiwgDQo+Pj4gaWRlbnRpdHktLS1J UCBhZGRyZXNzLCBhbmQgYmUgYXBwbGllZCB0byB0aGUg4oCcbGVnYWN54oCdIElQdjQvSVB2NiAN Cj4+PiB3aXRob3V0IGlkZW50aWZpZXJzIGFzIGludGVybWVkaWF0ZT8NCj4+Pg0KPj4+DQo+Pj4N Cj4+PiBCaW5neWFuZyAoQnJ5YW4pDQo+Pj4NCj4+Pg0KPj4+DQo+Pj4gX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj4+PiBJZGVhcyBtYWlsaW5nIGxpc3QN Cj4+PiBJZGVhc0BpZXRmLm9yZw0KPj4+IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlz dGluZm8vaWRlYXMNCj4+Pg0KPj4NCj4+IC0tDQo+PiBQcm9mLiBEci4gaGFiaWwuIE1pY2hhZWwg TWVudGgNCj4+IFVuaXZlcnNpdHkgb2YgVHVlYmluZ2VuDQo+PiBGYWN1bHR5IG9mIFNjaWVuY2UN Cj4+IERlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZQ0KPj4gQ2hhaXIgb2YgQ29tbXVuaWNh dGlvbiBOZXR3b3Jrcw0KPj4gU2FuZCAxMywgNzIwNzYgVHVlYmluZ2VuLCBHZXJtYW55DQo+PiBw aG9uZTogKCs0OSktNzA3MS8yOS03MDUwNQ0KPj4gZmF4OiAoKzQ5KS03MDcxLzI5LTUyMjANCj4+ IG1haWx0bzptZW50aEB1bmktdHVlYmluZ2VuLmRlDQo+PiBodHRwOi8va24uaW5mLnVuaS10dWVi aW5nZW4uZGUNCj4+DQo+PiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fXw0KPj4gSWRlYXMgbWFpbGluZyBsaXN0DQo+PiBJZGVhc0BpZXRmLm9yZw0KPj4gaHR0 cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9pZGVhcw0KPj4NCj4+DQo+PiBfX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPj4gSWRlYXMgbWFp bGluZyBsaXN0DQo+PiBJZGVhc0BpZXRmLm9yZw0KPj4gaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFp bG1hbi9saXN0aW5mby9pZGVhcw0KPj4NCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fDQpJZGVhcyBtYWlsaW5nIGxpc3QNCklkZWFzQGlldGYub3JnDQpodHRw czovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2lkZWFzDQo= From nobody Fri Jul 28 17:57:29 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 014C5131E91 for ; Fri, 28 Jul 2017 17:57:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jTQYvHkxyMQr for ; Fri, 28 Jul 2017 17:57:25 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C636131E92 for ; Fri, 28 Jul 2017 17:57:23 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml709-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DLM64740; Sat, 29 Jul 2017 00:57:21 +0000 (GMT) Received: from DGGEMI406-HUB.china.huawei.com (10.3.17.144) by lhreml709-cah.china.huawei.com (10.201.108.32) with Microsoft SMTP Server (TLS) id 14.3.301.0; Sat, 29 Jul 2017 01:57:20 +0100 Received: from DGGEMI506-MBX.china.huawei.com ([169.254.4.184]) by dggemi406-hub.china.huawei.com ([10.3.17.144]) with mapi id 14.03.0301.000; Sat, 29 Jul 2017 08:57:08 +0800 From: "Liubingyang (Bryan)" To: Tom Herbert CC: Alexander Clemm , Michael Menth , "ideas@ietf.org" Thread-Topic: [Ideas] Can identity directly link with IP address? Thread-Index: AQHTB0v8kV3Mp3B2bUeKT1f7Kd4I6qJoiciggABJQQCAAShV8A== Date: Sat, 29 Jul 2017 00:57:08 +0000 Message-ID: References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> In-Reply-To: Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.130.168.116] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020202.597BDD71.00A2, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.184, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 1734ba477ae20b7c46dab7c8062861fb Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Jul 2017 00:57:28 -0000 UlBLSSBpcyBmb3IgM3JkLXBhcnR5IGF1dGhvcml0eSB0byBjZXJ0aWZ5IHNvbWUgaWRlbnRpdHkg b3ducyBzb21lIElQIGFkZHJlc3Nlcy9wcmVmaXhlcy4gSSB0aGluayBjZXJ0aWZpY2F0ZXMgYXJl IGdlbmVyYWwgZW5vdWdoIHRvIHN1cHBvcnQgYW55IEludGVybmV0IG51bWJlciByZXNvdXJjZXMg ZnJvbSB0aGUgdGVjaG5pY2FsIHBlcnNwZWN0aXZlLiBJdCBpcyBqdXN0IHRoYXQgZm9yIGVhY2gg Y2xhc3Mgb2YgcmVzb3VyY2VzIHRoZXJlIHNob3VsZCBiZSBhbiBhcHByb3ByaWF0ZSBhdXRob3Jp dGF0aXZlIHJvb3QuIA0KDQpCaW5neWFuZw0KDQotLS0tLU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQ0K RnJvbTogVG9tIEhlcmJlcnQgW21haWx0bzp0b21AaGVyYmVydGxhbmQuY29tXSANClNlbnQ6IEZy aWRheSwgSnVseSAyOCwgMjAxNyAxMToxMiBQTQ0KVG86IExpdWJpbmd5YW5nIChCcnlhbikgPGxp dWJpbmd5YW5nQGh1YXdlaS5jb20+DQpDYzogQWxleGFuZGVyIENsZW1tIDxhbGV4YW5kZXIuY2xl bW1AaHVhd2VpLmNvbT47IE1pY2hhZWwgTWVudGggPG1lbnRoQHVuaS10dWViaW5nZW4uZGU+OyBp ZGVhc0BpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtJZGVhc10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5 IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KDQpPbiBUaHUsIEp1bCAyNywgMjAxNyBhdCA4OjQ1IFBN LCBMaXViaW5neWFuZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPiB3cm90ZToNCj4g SGkgVG9tLA0KPg0KPiBJIHNlZSB3aGF0IHlvdSBtZWFuLiBCdXQgSSBkb24ndCB0aGluayB5b3Vy IGNvbmNlcm4gaXMgc3BlY2lmaWMgdG8gSVAgYWRkcmVzcy4gQnR3LCBJIHRoaW5rIGNlcnRpZmlj YXRlIGlzIGp1c3Qgb25lIHdheSB0byBiaW5kIGlkZW50aXR5IHdpdGggc29tZXRoaW5nLCBub3Qg dGhlIGlkZW50aXR5IGl0c2VsZi4NCj4NCkJpbmd5YW5nLA0KDQpJIHRoaW5rIG9uZSBkaWZmZXJl bmNlIGlzIHRoYXQgY2VydGlmaWNhdGUgY2FuIGJlIHNpZ25lZCBieSBhIHRydXN0ZWQgdGhpcmQg cGFydHkgd2hlcmVhcyBJUCBhZGRyZXNzZXMgYXJlbid0LiBUaGUgdGhpcmQgcGFydHkgaW52b2x2 ZW1lbnQgaXMgaW1wb3J0YW50IHNpbmNlIHRoZSBzaWduaW5nIGF1dGhvcml0eSBpcyBub3QgaW4g dGhlIGRhdGEgcGF0aCBmb3IgdGhlIGNvbW11bmljYXRpb24gd2hpY2gga2VlcHMgYSBzZXBhcmF0 aW9uIG9mIGZ1bmN0aW9ucyBhbmQgaXMgc3Ryb25nZXIgZm9yIHByaXZhY3kuIEluIHRoZSBjYXNl IG9mIGEgbmV0d29yayBwcm92aWRlciBpdCdzIGJvdGggdGhlIGF1dGhvcml0eSBhbmQgaW4gdGhl IGRhdGEgcGF0aCBmb3IgSVAgYWRkcmVzc2VzLS0gdGhpcyBpcyBwcm9iYWJseSBuZWNlc3Nhcnkg YnV0IGxlc3NlbnMgdGhlIHBvc3NpYmlsaXR5IG9mIG1ha2luZyBJUCBhZGRyZXNzZXMgc2VjdXJl IG1lY2hhbmlzbXMuDQoNClRvbQ0KDQo+IEJpbmd5YW5nDQo+DQo+IC0tLS0tT3JpZ2luYWwgTWVz c2FnZS0tLS0tDQo+IEZyb206IFRvbSBIZXJiZXJ0IFttYWlsdG86dG9tQGhlcmJlcnRsYW5kLmNv bV0NCj4gU2VudDogRnJpZGF5LCBKdWx5IDI4LCAyMDE3IDEwOjQ4IEFNDQo+IFRvOiBMaXViaW5n eWFuZyAoQnJ5YW4pIDxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KPiBDYzogQWxleGFuZGVyIENs ZW1tIDxhbGV4YW5kZXIuY2xlbW1AaHVhd2VpLmNvbT47IE1pY2hhZWwgTWVudGggDQo+IDxtZW50 aEB1bmktdHVlYmluZ2VuLmRlPjsgaWRlYXNAaWV0Zi5vcmcNCj4gU3ViamVjdDogUmU6IFtJZGVh c10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KPg0KPiBPbiBU aHUsIEp1bCAyNywgMjAxNyBhdCA2OjQ1IFBNLCBMaXViaW5neWFuZyAoQnJ5YW4pIDxsaXViaW5n eWFuZ0BodWF3ZWkuY29tPiB3cm90ZToNCj4+IE5vdyBJIGdldCBpdC4gQnV0IG1heWJlIEkganVz dCBrbm93IHlvdXIgSVAgYWRkcmVzcyAoSSBkb27igJl0IHdhbnQgdG8gDQo+PiBtZW50aW9uIERO UyBoZXJlIEopIGFuZCBjb21tdW5pY2F0ZSB3aXRoIHlvdS4gSW4gdGhpcyBjYXNlLCBpZiANCj4+ IGlkZW50aXR5IGlzIHN0aWxsIGFwcGxpY2FibGUsIGl0IG1heSBkaXJlY3RseSBsaW5rIHdpdGgg SVAgYWRkcmVzcywgcmlnaHQ/DQo+Pg0KPiBUaGlzIHF1ZXN0aW9uIGNvbmZ1c2VzIG1lIHdoaWNo IEkgc3VwcG9zZSBpdCB0byBzYXkgdGhlIG5vdGlvbiBvZiBpZGVudGlmeSByZWxhdGVkIHRvIElQ IGFkZHJlc3NpbmcgaXMgc3RpbGwgY29uZnVzaW5nLiBJZiB0d28gbm9kZXMgYXJlIGFibGUgc28g c3VjY2Vzc2Z1bGx5IGNvbW11bmljYXRlIHVzaW5nIElQIGFkZHJlc3MgdGhlbiB3aGVyZSBkb2Vz IGlkZW50aXR5IGNvbWUgaW50byBwbGF5PyBJZiB0aGUgYXBwbGljYXRpb25zIG5lZWQgdG8gdmVy aWZ5IHdob20gdGhleSdyZSB0YWxraW5nIHRoZXknbGwgdXNpbmcgYSBtZWNoYW5pc20gbGlrZSB4 LjUwOSBvciBUTFMgIGFuZCBzaG91bGQgbmV2ZXIgcmVseSBvbiBJUCBhZGRyZXNzZXMgYXMgaGF2 aW5nIGFueSBzZWN1cml0eSBwcm9wZXJ0aWVzLg0KPg0KPiBUb20NCj4NCj4+DQo+Pg0KPj4gQmlu Z3lhbmcNCj4+DQo+Pg0KPj4NCj4+IEZyb206IEFsZXhhbmRlciBDbGVtbQ0KPj4gU2VudDogRnJp ZGF5LCBKdWx5IDI4LCAyMDE3IDM6MDEgQU0NCj4+IFRvOiBMaXViaW5neWFuZyAoQnJ5YW4pIDxs aXViaW5neWFuZ0BodWF3ZWkuY29tPjsgTWljaGFlbCBNZW50aCANCj4+IDxtZW50aEB1bmktdHVl YmluZ2VuLmRlPg0KPj4gQ2M6IGlkZWFzQGlldGYub3JnDQo+PiBTdWJqZWN0OiBSRTogUkU6IFtJ ZGVhc10gQ2FuIGlkZW50aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KPj4NCj4+ DQo+Pg0KPj4gSGkgQmluZ3lhbmcsDQo+Pg0KPj4NCj4+DQo+PiBZb3UgbmVlZCB0byBiZSBhYmxl IHRvIHJlZmVyIHRvIGFub3RoZXIgZW5kcG9pbnQsIHNvIHlvdSBuZWVkIHRvIGtub3cgYXQNCj4+ IGxlYXN0IG9uZSBvZiBpdHMgaWRlbnRpZmllcnMgaW4gb3JkZXIgdG8gc2VuZCBpdCB0cmFmZmlj LiAgIEJ1dCwgSSBkb27igJl0DQo+PiBuZWVkIHRvIGtub3cgeW91ciBpZGVudGl0eSAoaW4gdGhl IG5hcnJvd2VyIHNlbnNlIG9mIElERUFTKS4gIFRvIHVzZSANCj4+IGFuIGFuYWxvZ3ksIEkgY2Fu IHNlbmQgeW91IGFuIGVtYWlsIHVzaW5nIHlvdXIgaWRlbnRpZmllciANCj4+IGxpdWJpbmd5YW5n QGh1YXdlaS5jb20sIGJ1dCBJIGRvbuKAmXQgbmVlZCB0byBrbm93IHlvdXIgYmlydGggDQo+PiBj ZXJ0aWZpY2F0ZSBhbmQgcGFzc3BvcnQgbnVtYmVyIHRvIGFzc2VydCB5b3VyIGlkZW50aXR5LCBu b3Igd291bGQgSSANCj4+IGV4cGVjdCBwcm92aWRpbmcgdGhvc2UgdG8gc2VuZCB5b3UgZW1haWwu DQo+Pg0KPj4NCj4+DQo+PiBDaGVlcnMNCj4+DQo+PiAtLS0gQWxleA0KPj4NCj4+DQo+Pg0KPj4g RnJvbTogTGl1YmluZ3lhbmcgKEJyeWFuKQ0KPj4gU2VudDogVGh1cnNkYXksIEp1bHkgMjcsIDIw MTcgMTA6NDAgQU0NCj4+IFRvOiBBbGV4YW5kZXIgQ2xlbW0gPGFsZXhhbmRlci5jbGVtbUBodWF3 ZWkuY29tPjsgTWljaGFlbCBNZW50aCANCj4+IDxtZW50aEB1bmktdHVlYmluZ2VuLmRlPg0KPj4g Q2M6IGlkZWFzQGlldGYub3JnDQo+PiBTdWJqZWN0OiBSZTogUkU6IFtJZGVhc10gQ2FuIGlkZW50 aXR5IGRpcmVjdGx5IGxpbmsgd2l0aCBJUCBhZGRyZXNzPw0KPj4NCj4+DQo+Pg0KPj4gSGkgQWxl eA0KPj4NCj4+IFNvcnJ5IEkgZG9uJ3QgZ2V0IGl0LiBXaHkgd2hhdCB5b3UgImtub3ciIHNob3Vs ZCBiZSB3aGF0IHlvdSBsaW5rIA0KPj4gd2l0aCBpZGVudGl0eT8gQW5kIHdoYXQgaWYgSSBqdXN0 ICJrbm93IiB5b3VyIGlwID8NCj4+DQo+Pg0KPj4gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLUJpbmd5YW5nIExpdQ0KPj4gTTogKzg2LTE1ODEwNzk1OTk0DQo+ PiBFOiBsaXViaW5neWFuZ0BodWF3ZWkuY29tDQo+PiAyMDEyIExhYm9yYXRvcmllcy1ORyBJUCBO ZXR3b3JrIExhYm9yYXRvcnksMjAxMkxhYnMNCj4+DQo+PiBGcm9tOiBBbGV4YW5kZXIgQ2xlbW0N Cj4+DQo+PiBUbzogTWljaGFlbCBNZW50aDxtZW50aEB1bmktdHVlYmluZ2VuLmRlPjtMaXViaW5n eWFuZw0KPj4gKEJyeWFuKTxsaXViaW5neWFuZ0BodWF3ZWkuY29tPg0KPj4NCj4+IENjOiBpZGVh c0BpZXRmLm9yZw0KPj4NCj4+IFN1YmplY3Q6IFJFOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJl Y3RseSBsaW5rIHdpdGggSVAgYWRkcmVzcz8NCj4+DQo+PiBUaW1lOiAyMDE3LTA3LTI4IDAxOjAy OjI0DQo+Pg0KPj4NCj4+DQo+PiBZZXMsIGluIHByaW5jaXBsZSBwb3NzaWJsZS4NCj4+DQo+PiBU aGUgcXVlc3Rpb24gaXMgb25seSwgd2hvIHdpbGwgYWN0dWFsbHkga25vdyB0aGUgaWRlbnRpdHku ICBJbiANCj4+IGdlbmVyYWwsIGVuZHBvaW50cyB3aWxsIGJlIHJlZmVycmVkIHRvIGJ5IGFuIGlk ZW50aWZpZXIgYnkgb3RoZXIgDQo+PiBwYXJ0aWVzLiAgSSB3b3VsZCBlbnZpc2lvbiB0aGF0IG90 aGVyIHBhcnRpZXMgbWF5ICJrbm93IiBvdGhlciANCj4+IGVuZHBvaW50cyBieSBwdWJsaWMgaWRl bnRpZmllcnMsIGJ1dCBub3QgYnkgdGhlaXIgYWN0dWFsIGlkZW50aXR5IChieSANCj4+IHdoaWNo IHRoZXkgd291bGQgYmUgYXV0aGVudGljYXRlZCB0byBHUklEUykuICBTbywgd2hpbGUgYSBtYXBw aW5nIA0KPj4gc3lzdGVtIG1pZ2h0IGJlIGRlc2lnbmVkIHdpdGggZmxleGliaWxpdHkgZm9yIHN1 Y2ggcXVlcmllcyBpbiBtaW5kLCBJIA0KPj4gZG9uJ3QgdGhpbmsgc3VwcG9ydGluZyBpdCB3b3Vs ZCBiZSBhIHJlcXVpcmVtZW50IC0gY2VydGFpbmx5IG5vdCBpbml0aWFsbHkuDQo+Pg0KPj4gSSBh bSBub3Qgc3VyZSBJIHdvdWxkIGdvIHRvIG11bHRpcGxlIHRpZXJzIG9mIGlkZW50aXRpZXMuICBJ dCdzIGEgDQo+PiBwb3NzaWJpbGl0eSwgYnV0IGl0IHdvdWxkIHJhaXNlIGFkZGl0aW9uYWwgaXNz dWVzIGlmIHdlIHdlcmUgdG8gZ2V0IA0KPj4gaW50byB0aGUgcmVhbG0gb2YgcGVyc29uYWwgaWRl bnRpdGllcyAoYXMgb3Bwb3NlZCB0byBlbmRwb2ludCANCj4+IGlkZW50aXRpZXMpLiAgU28sIElN SE8gd2UgbWF5IHdhbnQgdG8gc3RheSBjbGVhciBvZiB0aGlzLg0KPj4NCj4+IC0tLSBBbGV4DQo+ Pg0KPj4gLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCj4+IEZyb206IElkZWFzIFttYWlsdG86 aWRlYXMtYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIE1pY2hhZWwgDQo+PiBNZW50aA0K Pj4gU2VudDogVGh1cnNkYXksIEp1bHkgMjcsIDIwMTcgMzoxMSBBTQ0KPj4gVG86IExpdWJpbmd5 YW5nIChCcnlhbikgPGxpdWJpbmd5YW5nQGh1YXdlaS5jb20+DQo+PiBDYzogaWRlYXNAaWV0Zi5v cmcNCj4+IFN1YmplY3Q6IFJlOiBbSWRlYXNdIENhbiBpZGVudGl0eSBkaXJlY3RseSBsaW5rIHdp dGggSVAgYWRkcmVzcz8NCj4+DQo+PiBEZWFyIEJpbmd5YW5nLCBhbGwsDQo+Pg0KPj4gZ29vZCBw b2ludCEgWW91IGVzc2VudGlhbGx5IHByb3Bvc2UgYSBtb3JlIGZsZXhpYmxlIG1hcHBpbmcgYmV0 d2VlbiANCj4+IGlkZW50aXR5IGFuZCBpZGVudGlmaWVycy4gSSB0aGluayBpdCBnZW5lcmFsbHkg bWFrZXMgc2Vuc2UgdGhhdCB0aGUgDQo+PiBuZXcgbWFwcGluZyBzeXN0ZW0gd2l0aCBhY2Nlc3Mg Y29udHJvbCBpcyBub3QgbGltaXRlZCB0byB0aGUgDQo+PiBjdXJyZW50bHkgdGhyZWUgb2J2aW91 cyBsYXllcnMgaWRlbnRpdHktaWRlbnRpZmllci1sb2NhdG9yLCBidXQgDQo+PiBmb2xsb3dzIGEg bW9yZSBmbGV4aWJsZQ0KPj4gaWRlbnRpZmllci0+aWRlbnRpZmllciBtYXBwaW5nLCB3aGVyZWJ5 IGFuIGlkZW50aXR5IGlzIGEgc3BlY2lhbA0KPj4gaWRlbnRpZmllci4gVGhlcmUgbWF5IGJlIHVz ZSBjYXNlcyB3aGVyZQ0KPj4gaWRlbnRpdHktPmlkZW50aXR5IG1heSBtYWtlIHNlbnNlLCBlLmcu LCBtYXBwaW5nIG9mIGEgdXNlciB0byBpdHMgZGV2aWNlcy4NCj4+IFRoaXMgd291bGQgYWxzbyBh bGxvdyBpZGVudGl0eS0+bG9jYXRvciB3aGljaCB3b3VsZCBiZSBoZWxwZnVsIHRvIA0KPj4gc3Vw cG9ydCBJRC1uZXR3b3JraW5nIHcvIGxlZ2FjeSBJUHY0L3Y2IGJ1dCB3L28gbG9jL0lEIHNwbGl0 Lg0KPj4NCj4+IFJlZ2FyZHMsDQo+Pg0KPj4gTWljaGFlbA0KPj4NCj4+IEFtIDI3LjA3LjIwMTcg dW0gMTE6NDQgc2NocmllYiBMaXViaW5neWFuZyAoQnJ5YW4pOg0KPj4+IEhpIGFsbCwNCj4+Pg0K Pj4+DQo+Pj4NCj4+PiBUaGUgY3VycmVudCBtb2RlbCBzZWVtcyBsaWtlIGlkZW50aXR5LS0taWRl bnRpZmllci0tLWxvY2F0b3IsIGFuZCANCj4+PiBpZGVudGl0eSBpcyBib3VuZCB3aXRoIElEL0xv YyBwcm90b2NvbHMuDQo+Pj4NCj4+PiBEbyB5b3UgdGhpbmsgaWRlbnRpdHkgY2FuIGRpcmVjdGx5 IGxpbmsgdG8gSVAgYWRkcmVzcywgaS5lLiwgDQo+Pj4gaWRlbnRpdHktLS1JUCBhZGRyZXNzLCBh bmQgYmUgYXBwbGllZCB0byB0aGUg4oCcbGVnYWN54oCdIElQdjQvSVB2NiANCj4+PiB3aXRob3V0 IGlkZW50aWZpZXJzIGFzIGludGVybWVkaWF0ZT8NCj4+Pg0KPj4+DQo+Pj4NCj4+PiBCaW5neWFu ZyAoQnJ5YW4pDQo+Pj4NCj4+Pg0KPj4+DQo+Pj4gX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX18NCj4+PiBJZGVhcyBtYWlsaW5nIGxpc3QNCj4+PiBJZGVhc0Bp ZXRmLm9yZw0KPj4+IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vaWRlYXMN Cj4+Pg0KPj4NCj4+IC0tDQo+PiBQcm9mLiBEci4gaGFiaWwuIE1pY2hhZWwgTWVudGgNCj4+IFVu aXZlcnNpdHkgb2YgVHVlYmluZ2VuDQo+PiBGYWN1bHR5IG9mIFNjaWVuY2UNCj4+IERlcGFydG1l bnQgb2YgQ29tcHV0ZXIgU2NpZW5jZQ0KPj4gQ2hhaXIgb2YgQ29tbXVuaWNhdGlvbiBOZXR3b3Jr cw0KPj4gU2FuZCAxMywgNzIwNzYgVHVlYmluZ2VuLCBHZXJtYW55DQo+PiBwaG9uZTogKCs0OSkt NzA3MS8yOS03MDUwNQ0KPj4gZmF4OiAoKzQ5KS03MDcxLzI5LTUyMjANCj4+IG1haWx0bzptZW50 aEB1bmktdHVlYmluZ2VuLmRlDQo+PiBodHRwOi8va24uaW5mLnVuaS10dWViaW5nZW4uZGUNCj4+ DQo+PiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPj4g SWRlYXMgbWFpbGluZyBsaXN0DQo+PiBJZGVhc0BpZXRmLm9yZw0KPj4gaHR0cHM6Ly93d3cuaWV0 Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9pZGVhcw0KPj4NCj4+DQo+PiBfX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPj4gSWRlYXMgbWFpbGluZyBsaXN0DQo+ PiBJZGVhc0BpZXRmLm9yZw0KPj4gaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5m by9pZGVhcw0KPj4NCg== From nobody Sat Jul 29 10:02:03 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE3A7131CBA for ; Sat, 29 Jul 2017 10:02:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.481 X-Spam-Level: X-Spam-Status: No, score=0.481 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_HELO_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GS4TyShfRpyc for ; Sat, 29 Jul 2017 10:02:00 -0700 (PDT) Received: from mout.perfora.net (mout.perfora.net [74.208.4.197]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D12BB131D25 for ; Sat, 29 Jul 2017 10:01:59 -0700 (PDT) Received: from LAPTOPR7T053C2 ([73.71.191.170]) by mrelay.perfora.net (mreueus003 [74.208.5.2]) with ESMTPSA (Nemesis) id 0M8Pa8-1dpA623AW2-00w0oz; Sat, 29 Jul 2017 19:01:57 +0200 From: "Alexander Clemm" To: "'Padma Pillay-Esnault'" , "'Alvaro Retana \(aretana\)'" Cc: References: <2D8B5CDE-ABFC-4BB5-849D-B1F6BD4D7B91@cisco.com> In-Reply-To: Date: Sat, 29 Jul 2017 10:01:58 -0700 Message-ID: <001801d3088c$6470e400$2d52ac00$@clemm.org> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0019_01D30851.B81392A0" X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQHA/xm9utiFZZWTbgkJEjgWvOzkgQGeKdnyooIiwlA= Content-Language: en-us X-Provags-ID: V03:K0:lDOJqjMwH4wMlXtdvddb3gHI4Kkxg23wnn6LeybkU0Wi7EjzmnC FfQBlDpuH/mPvIE8Zqt6JERCTOMR+ioHEqRuSq5EkxjsDnRCeMyMRGLPxF562PK5UHdjl3U zvr4rPikOFZKYZQ7zq+77+GAy+R1HxpnrR0VzS4zBpVWQnhxlOi3T18jcej7CoZtX5vH9Sx MU0FIdRUOk5PjcP6jtq5A== X-UI-Out-Filterresults: notjunk:1;V01:K0:KE4DPjZqvDg=:8DQc2/jflhTrxuwmtAYfbo 5sViy2QCzQP58PKTnGgLgBzY+oQpRvkwadvCymSH9gM3szhbPTD1vk1mSYkcH8jEtb1Xg+cuj NzquOfjMalnp5cOaaAMhw+s7HMY7wo9AqfCx/Lx3mPHGj8DEAxdkkNoEXmkbvPyody9EA7Gi7 oo7KzYIvo96ZZPkJkCb1tIGkpDo/Wb/xiC1sdT0leCXvRMwha8LdmzHP0Nt9Inakft3omrx+h seSGxFtDjOvMmph45tR5mzjrLyo8CJqgtBc/kW4vg9X04cb2Sc/0vb1K+4gwkIYB9lHnQsuTA OIHC5DRhmY0uNZQyTq0hKJLY80G0NPAatxv19GtFHRUveiGfDWhSJSeB0rG3rpDZ/v/U9Ckfc NgTh8F/ufzSiEfNE9CLE3+7PTMeqhSB2u4cZQ68d4s6SElqh8eQr1UPF7iPLHo+ewdHkKFgGG cKvEpWaGkvupY7IrFSvXU6MbxAhYSOU/q+SvkhLFaXITKhs8oZSetsyT1NZuUexULsYQ5XfZH EVhx/JJ0YKY8fyKWJTKOJaJeyOhvxwdNymTYTBoWlnXhlKNoZvzF4Wj43j8gE3KRO5bFEvL86 VqIM3IK7hniP/UdDd4X1iyqhAIVrbE/fllPkJeefLVjUtFmzfZaI6+y29BrDv8g2MLCOHw+v9 Qt9XvkIqRiOreH7MNltIumSCWr8h7lXvO7QCOByu2+/vPG0PYuIkgWu6jUrRbveLxaqOL1mze gD4Qts2bCdLFe59V1YJwJHhIAP53d6f4uNairVsjqSsOcfThPTVJHN88URw= Archived-At: Subject: Re: [Ideas] IDEAS BoF at IETF 99 X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Jul 2017 17:02:02 -0000 This is a multipart message in MIME format. ------=_NextPart_000_0019_01D30851.B81392A0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Padma, Alvaro, =20 I looked at the charter version on the github. Charter-version1.txt = does not reflect the latest version that we had discussed in Prague. = The latest version had been pruned down significantly over that, in an = effort to try and create sharper focus. Of course, further work is = still required, but many of the earlier items, such as metadata support, = endpoint grouping support, DDoS considerations were already removed (but = show in Charter-version1.txt). =20 =20 Also posted on github is IDEAS-charter.txt; this is probably the version = that we should discuss. But it is not clear and I find it very = confusing what is supposed to be the most current version and the one = that we should be discussing updates on. If it is = =E2=80=9CIDEAS-charter.txt=E2=80=9D, I find = =E2=80=9CCharter-version1.txt=E2=80=9D a distraction; can we mark it as = historic or such, or remove it, just so we are all on the same page what = the current baseline is that we are discussing? =20 =20 What is the way forward here =E2=80=93 how will we refine the charter; = should we make edits on github or have the discussion on text snippets = here on the mailer? Who holds the editor=E2=80=99s pen? =20 Thanks --- Alex =20 =20 From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Padma = Pillay-Esnault Sent: Friday, July 28, 2017 11:37 AM To: Alvaro Retana (aretana) Cc: ideas@ietf.org Subject: Re: [Ideas] IDEAS BoF at IETF 99 =20 Dear Alvaro and IDEAS =20 The github was updated to have a separate file with a version of the = first charter for your reference. =20 Propose that updates to the version2 of charter be done to recapture the = focus of version1 and share it here on the alias. =20 Thanks Padma =20 =20 On Fri, Jul 28, 2017 at 9:56 AM, Alvaro Retana (aretana) = > wrote: On 6/7/17, 5:46 PM, "Ideas on behalf of Alvaro Retana (aretana)" = on behalf of = aretana@cisco.com > wrote: =20 Dear IDEAS list: =20 First of all, I want to thank the proponents and everyone who = participated in last week=E2=80=99s BOF in Prague. Special thanks to = the BOF Chairs! =20 > The IAB/IESG held our BoF Coordination Call today, and it was decided=20 > to go forward with an IDEAS BoF at IETF 99. Congratulations! >=20 > There are however some concerns that we need you (proponents/ > participants/authors) to address at the BoF. Based on that, we should = > ideally be able to take some action=E2=80=A6 From my point of view, = the success=20 > of the BoF should be measured by whether we have the necessary=20 > information to make the correct decision. =20 The consensus among the Chairs and the IESG/IAB is that the materials = presented at the BOF resulted in the feeling that there is something to = be done here, but that =E2=80=9Csomething=E2=80=9D is not clear. In = part, this impression comes from the wide-ranging discussion =E2=80=93 = in part from the fact that most of the technical discussions have so far = not been held on the list. To paraphrase one of the participants: = =E2=80=9CI know what I want, and I kind of know what others = want=E2=80=9D=E2=80=A6 =20 What are the next steps? I would like to see more discussions and = participation on the list, to reflect the interest in the room =E2=80=93 = some of that is starting to happen already. =20 I don=E2=80=99t think that this effort would necessarily benefit from = the BOF result being =E2=80=9Clet=E2=80=99s try it again next = time=E2=80=9D. Alternatively, I am willing to sponsor a focused WG = proposal [*] to define a framework that reflects consensus on what is = expected from the mapping system, the questions around identity = persistence, privacy, etc. I note that the BOF proposal [1] included = precisely a framework as milestones=E2=80=A6 =20 =3D=3D=3D Milestones Dec 2017 Adopt WG draft for the Identity Services framework May 2018 WGLC for the Identity Services framework August 2018 Send Identity Services framework draft to the IESG =3D=3D=3D =20 =E2=80=A6but the current proposed charter [2] does not reflect that. =20 If the group has the interest to follow this focused path, please start = the discussion around an updated proposed charter. If we settle on the = text quickly, we should be able to take a proposal through the process = (long) before the next IETF. I would hope for an aggressive timeline in = completing that piece of work. =20 Thanks! =20 Alvaro. =20 =20 [*] Obviously, the normal approval process would be followed: = IESG/IAB/community review, etc. [1] https://trac.tools.ietf.org/bof/trac/=20 [2] https://github.com/IETF-IDEAS/Charter-Proposal=20 _______________________________________________ Ideas mailing list Ideas@ietf.org =20 https://www.ietf.org/mailman/listinfo/ideas =20 ------=_NextPart_000_0019_01D30851.B81392A0 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable

Hi Padma, = Alvaro,

 

I looked at the charter version on the github.=C2=A0 = Charter-version1.txt does not reflect the latest version that we had = discussed in Prague.=C2=A0 The latest version had been pruned down = significantly over that, in an effort to try and create sharper focus. = =C2=A0Of course, further work is still required, but many of the earlier = items, such as metadata support, endpoint grouping support, DDoS = considerations were already removed (but show in = Charter-version1.txt).=C2=A0

 

Also posted = on github is IDEAS-charter.txt; this is probably the version that we = should discuss.=C2=A0 But it is not clear and I find it very confusing = what is supposed to be the most current version and the one that we = should be discussing updates on.=C2=A0 If it is = =E2=80=9CIDEAS-charter.txt=E2=80=9D, I find = =E2=80=9CCharter-version1.txt=E2=80=9D a distraction; can we mark it as = historic or such, or remove it, just so we are all on the same page what = the current baseline is that we are discussing?=C2=A0

 

What is the = way forward here =E2=80=93 how will we refine the charter; should we = make edits on github or have the discussion on text snippets here on the = mailer?=C2=A0 Who holds the editor=E2=80=99s pen?

 

Thanks

--- = Alex

 

 

From: = Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Padma = Pillay-Esnault
Sent: Friday, July 28, 2017 11:37 = AM
To: Alvaro Retana (aretana) = <aretana@cisco.com>
Cc: = ideas@ietf.org
Subject: Re: [Ideas] IDEAS BoF at IETF = 99

 

Dear Alvaro and IDEAS

 

The github was updated to have a separate file with a = version of the first charter for your = reference.

 

Propose that updates to the version2 of charter be = done to recapture the focus of version1 and share it here on the = alias.

 

Thanks

Padma

 

 

On Fri, = Jul 28, 2017 at 9:56 AM, Alvaro Retana (aretana) <aretana@cisco.com> = wrote:

On 6/7/17, = 5:46 PM, "Ideas on behalf of Alvaro Retana (aretana)" <ideas-bounces@ietf.org on behalf of aretana@cisco.com> wrote:

 <= /o:p>

Dear IDEAS = list:

 <= /o:p>

First of = all, I want to thank the proponents and everyone who participated in = last week=E2=80=99s BOF in Prague.  Special thanks to the BOF = Chairs!

 <= /o:p>

> The IAB/IESG held our BoF Coordination Call today, = and it was decided

> to go forward with an IDEAS BoF at IETF = 99.  Congratulations!

>

> There are however some concerns that we need = you (proponents/

> participants/authors) to address at the = BoF.  Based on that, we should

> ideally be able to take some action=E2=80=A6 = >From my point of view, the success

> of the BoF should be measured by whether we = have the necessary

> information to make the correct = decision.

 

The = consensus among the Chairs and the IESG/IAB is that the materials = presented at the BOF resulted in the feeling that there is something to = be done here, but that =E2=80=9Csomething=E2=80=9D is not clear.  = In part, this impression comes from the wide-ranging discussion = =E2=80=93 in part from the fact that most of the technical discussions = have so far not been held on the list.  To paraphrase one of the = participants: =E2=80=9CI know what I want, and I kind of know what = others want=E2=80=9D=E2=80=A6

 <= /o:p>

What are = the next steps?  I would like to see more discussions and = participation on the list, to reflect the interest in the room =E2=80=93 = some of that is starting to happen already.

 <= /o:p>

I = don=E2=80=99t think that this effort would necessarily benefit from the = BOF result being =E2=80=9Clet=E2=80=99s try it again next = time=E2=80=9D.  Alternatively, I am willing to sponsor a focused WG = proposal [*] to define a framework that reflects consensus on what is = expected from the mapping system, the questions around identity = persistence, privacy, etc.  I note that the BOF proposal [1] = included precisely a framework as milestones=E2=80=A6

 <= /o:p>

=3D=3D=3D

Milestones

Dec 2017 = Adopt WG draft for the Identity Services framework

May 2018 = WGLC for the Identity Services framework

August 2018 = Send Identity Services framework draft to the IESG

=3D=3D=3D

 <= /o:p>

=E2=80=A6but= the current proposed charter [2] does not reflect = that.

 <= /o:p>

If the = group has the interest to follow this focused path, please start the = discussion around an updated proposed charter.  If we settle on the = text quickly, we should be able to take a proposal through the process = (long) before the next IETF.  I would hope for an aggressive = timeline in completing that piece of work.

 <= /o:p>

Thanks!=

 <= /o:p>

Alvaro.=

 <= /o:p>

 <= /o:p>

[*] = Obviously, the normal approval process would be followed: = IESG/IAB/community review, etc.

[1] https://trac.tools.ietf.org/bof/trac/ =

[2] https://github.com/IETF-IDEAS/Charter-Proposal =


______________________________________= _________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas

 

------=_NextPart_000_0019_01D30851.B81392A0-- From nobody Sat Jul 29 10:45:01 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB801131CBF for ; Sat, 29 Jul 2017 10:44:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.699 X-Spam-Level: X-Spam-Status: No, score=-0.699 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kzz_O9zZyWDb for ; Sat, 29 Jul 2017 10:44:58 -0700 (PDT) Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25F91131C88 for ; Sat, 29 Jul 2017 10:44:58 -0700 (PDT) Received: by mail-wm0-x235.google.com with SMTP id t201so148178322wmt.1 for ; Sat, 29 Jul 2017 10:44:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=VilwtpAgiIEiIHK60i8R1y/2mjHIzATjk+Sklxhz01k=; b=TxQL/rq+q1GGO2ejcDq7oNgw+e2T+FXZtCmXosYGUlIisaCItpGvOFVVkZq8MLPFJI LeGRhcAUXl6asD7147lSy2hgZd5jb6mta+XzdOtibJeiCz/JrnntPHT/LJlYLpHyyF7M vRc7RIK44tp0NqcNoE797jlWhCinJU/ITv3C/UbH2RZ6pI2DUbERcDg080yTv7sZT120 Tqe3nMr/yC+aOo+IAwn7MIdjjzG+4nRvAxzOowvLduQDu7ZTErqrLVtRLhfFYPyNT6zs qB8LdlFRXnSq5hf7OOLBosgJmRSMJItcgoYrGdaPWAv0lptxu+0tTNZHgEpSxYdHud2J Ajzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=VilwtpAgiIEiIHK60i8R1y/2mjHIzATjk+Sklxhz01k=; b=aQl1XWeGyeeY4qUGK9aKs1tnudDezl4jBl1SHg4sw991trpvtxuIUmtfWmQHHxTEmH D8CYuEpdgeR+WarFXj6rduo67tsIJc/oTBTv2p/3qmbPm3/ZRtupjtYXrqGBTi4FMYNB KtOUIKARwi6Wct7HlmC7tPG1zK/8kiagkS9HKYnTggyfHhTecRYYaMeZ+OTn+NXlK3HQ iuqKvPb369qIZL7AxoNksDrD7qDFG5ey/xhuLsyuJYLwgpqdM/jwgsT91abi7GCCMP2m jlVh78GORl2Xyl8fF73DGybIX6SYRpnuFdo3jXATHVVWcS+1l3meW+zqenzFD+nEvHfl +Wvg== X-Gm-Message-State: AIVw112Ef05CDEdlEWoXuambDireDCPuMIvsmrb7D8zIF7qQWiWhiKJQ FvHQ9JNQx7ca0t8wgNjnokNTUYfUFb4v X-Received: by 10.28.33.67 with SMTP id h64mr7839104wmh.87.1501350296510; Sat, 29 Jul 2017 10:44:56 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.130.85 with HTTP; Sat, 29 Jul 2017 10:44:55 -0700 (PDT) In-Reply-To: <25B4902B1192E84696414485F572685401A37DD3@SJCEML703-CHM.china.huawei.com> References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> <25B4902B1192E84696414485F572685401A37DD3@SJCEML703-CHM.china.huawei.com> From: Tom Herbert Date: Sat, 29 Jul 2017 10:44:55 -0700 Message-ID: To: Uma Chunduri Cc: Alexander Clemm , "Liubingyang (Bryan)" , "ideas@ietf.org" , Michael Menth Content-Type: text/plain; charset="UTF-8" Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Jul 2017 17:45:00 -0000 Uma, On Fri, Jul 28, 2017 at 3:11 PM, Uma Chunduri wrote: >> Identity is needed so that you can e.g. easily associate multiple identifiers with the same endpoint (for example, so you can easier apply anonymization schemes such as was mentioned by Dino), >> and so it is easier to administer the overall system (such as, firewall rules, which would be nice if you could avoid having to update them every time an endpoint's IP address changes). > Yes, this makes it easier to manage the system, but also makes it potentially easier to attack. If someone were to consider enabling a new general possibly, global identity in my the network then the first question I'd ask is what are the ramifications if the users' identities are compromised. > +1 > > Just to add a bit more: > > 1. Identity is entry point to the system (GRIDS) and mainly for authentication (mutual authentication perhaps) > - we can choose multiple AUTH methods (not necessarily restricted X.509) which suits for the entity (low-power/high-power IOT, vehicular node etc..) Who needs to authenticate whom? Updating the mapping system would obviously require strong credentials so security is needing there, but that is part of the control protocol between the mapping system and the network manager (e.g. MME probably in 3gpp). Devices already have identities at layer 2 that are used when joining the network (e.g. EAP in Ethernet, SIM). > 2. Identity is not in the data plane and peer wouldn't know. Peer knows only one of the (long-lived) identifier like EID/HIT and the same would be used to LOC resolution. Yes, that's the essence of identifier/locator protocols. The fact that identity is not part of the existing identifier/locator protocols is a good property. > 3. Identity will have life cycle (can be changed with overhead of moving the rules) > That's complexity that needs to be justified by the value we get from introducing identity in IP networking. Tom From nobody Sat Jul 29 14:11:41 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D11A0131E86 for ; Sat, 29 Jul 2017 14:11:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.798 X-Spam-Level: X-Spam-Status: No, score=-0.798 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gOzlYExY3sM6 for ; Sat, 29 Jul 2017 14:11:38 -0700 (PDT) Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E229B1287A5 for ; Sat, 29 Jul 2017 14:11:37 -0700 (PDT) Received: by mail-io0-x233.google.com with SMTP id l7so100490775iof.1 for ; Sat, 29 Jul 2017 14:11:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8vCE7LUp6rGbT/3KfFmfDioS3bIJpdelSPDl2O80aF4=; b=ol5ZZq9ppG0JzMd4uhiXrUy3GlW6bXpNIvb7MHr6hFzGqH0hgZAKj7tnUcquRxUrEe pNJe8spZY+End+sWEcSf8Kga0nCS4EvXpFNaSOoXqycXDhWhvZ9J0hh34097czQRGLsy tQMQ7Rc4QT7nnmvEaBEmlfKDgX8eOZY0NrTMmzX6R1axKDpRwwTEDYgng/ZtQxGtg22K 7DXJPxm28rAiCuWj/txgvh5+QZEDolXw2z2XxPGt2MzAu3KNbpUxClKPhlpe+7gXtAtv wXwSzSDgvnmYDEeik3nsVpZcxZr6jAj+0PdYDNoXDmODG8BX0aKY0UnfY5QT3PCN4PwT y3tA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8vCE7LUp6rGbT/3KfFmfDioS3bIJpdelSPDl2O80aF4=; b=uoChV+SlBXEUaNHvJEKDi3bo4Us+3g8HCdePvHzhegx+e0CHdFSLWQUkFEM5AQ4oZd oBIMt5tXZSYMwRqxZokWwCFGnmKtdl0j0pEIieRQJ3M69VO112TUyG64DmsBhe/G78HE IJtSWewOLgbjN+xvkSHHOSEMHtWzJk2dT1ChqZaDNXFA0YVbBOysctSxQDBj1u5KOvdW ImAaVhhlZTjgu9Lt/zwF549b0dcBHUdZPH1l9cGeP9rEtdeyqG8EkTUfZ/fKHqCjNi7D VmuJoGPjACO3GUZxEORo/OXYb54BOKJhrFmqTr8oWb+Yb+LkJvQNJPUnZk9xRZSGTWte +gBQ== X-Gm-Message-State: AIVw110mi17TCe9O/+dOTaIA8siChFkgExYLg/b9dQS3kj0pS4/jiRYl H+2O9qP7+Epxj+o1fQVUOIY/Ux0N6YyG X-Received: by 10.107.55.66 with SMTP id e63mr13062021ioa.118.1501362697257; Sat, 29 Jul 2017 14:11:37 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.59.9 with HTTP; Sat, 29 Jul 2017 14:11:36 -0700 (PDT) In-Reply-To: References: <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAE21@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EAEA0@SJCEML703-CHM.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0E0EB240@SJCEML703-CHM.china.huawei.com> <25B4902B1192E84696414485F572685401A37DD3@SJCEML703-CHM.china.huawei.com> From: william manning Date: Sat, 29 Jul 2017 14:11:36 -0700 Message-ID: To: Tom Herbert Cc: Uma Chunduri , "ideas@ietf.org" , Alexander Clemm , "Liubingyang (Bryan)" , Michael Menth Content-Type: multipart/alternative; boundary="001a114accb23fc87305557b3ed5" Archived-At: Subject: Re: [Ideas] Can identity directly link with IP address? X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Jul 2017 21:11:40 -0000 --001a114accb23fc87305557b3ed5 Content-Type: text/plain; charset="UTF-8" Isn't part of the problem that we are still agreeing to be bound to the locator/identifier split (as outlined in the ilnp and lisp work) and harkening back to the ideas documented by Saltzer in 1982 and published as RFC 1498. not to add a new wrinkle at this stage, but it seems that when all you have is a locator and an identifier, we won't get very far. A few years back, I proposed adding an additional element as the tie breaker. Would there be interest in talking about that idea at this time? /Wm On Sat, Jul 29, 2017 at 10:44 AM, Tom Herbert wrote: > Uma, > > On Fri, Jul 28, 2017 at 3:11 PM, Uma Chunduri > wrote: > >> Identity is needed so that you can e.g. easily associate multiple > identifiers with the same endpoint (for example, so you can easier apply > anonymization schemes such as was mentioned by Dino), > >> and so it is easier to administer the overall system (such as, firewall > rules, which would be nice if you could avoid having to update them every > time an endpoint's IP address changes). > > > Yes, this makes it easier to manage the system, but also makes it > potentially easier to attack. If someone were to consider enabling a > new general possibly, global identity in my the network then the first > question I'd ask is what are the ramifications if the users' > identities are compromised. > > > +1 > > > > Just to add a bit more: > > > > 1. Identity is entry point to the system (GRIDS) and mainly for > authentication (mutual authentication perhaps) > > - we can choose multiple AUTH methods (not necessarily > restricted X.509) which suits for the entity (low-power/high-power IOT, > vehicular node etc..) > > Who needs to authenticate whom? Updating the mapping system would > obviously require strong credentials so security is needing there, but > that is part of the control protocol between the mapping system and > the network manager (e.g. MME probably in 3gpp). Devices already have > identities at layer 2 that are used when joining the network (e.g. EAP > in Ethernet, SIM). > > > 2. Identity is not in the data plane and peer wouldn't know. Peer knows > only one of the (long-lived) identifier like EID/HIT and the same would be > used to LOC resolution. > > Yes, that's the essence of identifier/locator protocols. The fact that > identity is not part of the existing identifier/locator protocols is a > good property. > > > 3. Identity will have life cycle (can be changed with overhead of moving > the rules) > > > That's complexity that needs to be justified by the value we get from > introducing identity in IP networking. > > Tom > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas > --001a114accb23fc87305557b3ed5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Isn't part of the problem that we are still agreeing t= o be bound to the locator/identifier split (as outlined in the ilnp and lis= p work) and harkening back to the ideas documented by=C2=A0Saltzer in 1982 and published as RFC = 1498. not to add a new wrinkle at this stage, but it seems that when all = you have is a locator and an identifier, we won't get very far. A few= years back, I proposed adding an additional element as the tie breaker. <= /span>
Would ther= e be interest in talking about that idea at this time?

/Wm
<= div class=3D"gmail_extra">
On Sat, Jul 29, 20= 17 at 10:44 AM, Tom Herbert <tom@herbertland.com> wrote:
Uma,

On Fri, Jul 28, 2017 at 3:11 PM, Uma Chunduri <uma.chunduri@huawei.com> wrote:
>> Identity is needed so that you can e.g. easily associate multiple = identifiers with the same endpoint (for example, so you can easier apply an= onymization schemes such as was mentioned by Dino),
>> and so it is easier to administer the overall system (such as, fir= ewall rules, which would be nice if you could avoid having to update them e= very time an endpoint's IP address changes).
>
Yes, this makes it easier to manage the system, but also makes it potentially easier to attack. If someone were to consider enabling a
new general possibly, global identity in my the network then the first
question I'd ask is what are the ramifications if the users'
identities are compromised.

> +1
>
> Just to add a bit more:
>
> 1. Identity is entry point to the system (GRIDS) and mainly for authen= tication (mutual authentication perhaps)
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0- we can choose multiple AUTH methods= (not necessarily restricted X.509) which suits for the entity (low-power/h= igh-power=C2=A0 IOT, vehicular node etc..)

Who needs to authenticate whom? Updating the mapping system would obviously require strong credentials so security is needing there, but
that is part of the control protocol between the mapping system and
the network manager (e.g. MME probably in 3gpp). Devices already have
identities at layer 2 that are used when joining the network (e.g. EAP
in Ethernet, SIM).

> 2. Identity is not in the data plane and peer wouldn't know. Peer = knows only one of the (long-lived) identifier like EID/HIT and the same wou= ld be used to LOC resolution.

Yes, that's the essence of identifier/locator protocols. The fac= t that
identity is not part of the existing identifier/locator protocols is a
good property.

> 3. Identity will have life cycle (can be changed with overhead of movi= ng the rules)
>
That's complexity that needs to be justified by the value we get= from
introducing identity in IP networking.

Tom

_______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailman/listinfo/ideas

--001a114accb23fc87305557b3ed5-- From nobody Mon Jul 31 07:19:24 2017 Return-Path: X-Original-To: ideas@ietfa.amsl.com Delivered-To: ideas@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51488132329 for ; Mon, 31 Jul 2017 07:19:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r3NDnlDj2Kwc for ; Mon, 31 Jul 2017 07:19:21 -0700 (PDT) Received: from mail-pg0-x243.google.com (mail-pg0-x243.google.com [IPv6:2607:f8b0:400e:c05::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0580A13231F for ; Mon, 31 Jul 2017 07:19:21 -0700 (PDT) Received: by mail-pg0-x243.google.com with SMTP id 125so17475451pgi.5 for ; Mon, 31 Jul 2017 07:19:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=BU3z4j4HvbZRnWqSYuXlU8u7IqpzGlXJ0D4NaKJg60E=; b=Don8Kxs9DK1ROsRUmSyZfThf98Kc2qCouWuhvPqEsGYU18D+ecuhrxL9XHTuJIJXPF vZ8s01F8dcbqQckl88ufu0DKMIbXP44ZlHN6tZiZ53ihFRtWt5irZWW+046C/kATAfqX dYvSGflyT84Lwk2Lym9D9azCCePR6REUBAtyBtIT+ROS9L0n5ahPT9vuO0YVZcSWWiW3 zUkNqCpaUhhm+xBqawzvLVR5cP2XKv1PdWg7w1VnDlS8JK0gNSEV7l1thUoj1VekkOp2 NzNP3xjQVx1uK+BewYHnDQKPawve6fCKswRmmlIbh3St3TQbMDf62/K5nF+K3nuN2LVe Besg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=BU3z4j4HvbZRnWqSYuXlU8u7IqpzGlXJ0D4NaKJg60E=; b=K94qTmMpgd33gH0k4sv4hIsoHMqYYprWrVhfGCNPPgtuSPS3j/uRCXKb5hxKLUQ4CH OquBNVkaBFzdhblHeo+oXD6C+CZPZLFaI99aAWkNU9yLAR5TnDyqSLfq+fFpDlQpyAHc aIRx0gWHAP5ZMm9iyQQLj0AMF6GOLmnQThAoZ6NNhhP2Y/pjL4uxyZs6XQJhBk4qlSrS 8mU2xBDNuDZSC3yzBdxlKnMIVw9PFQlM6pmeTJLyrKbnhS4EcdGdGrne3TS+5WxLSX94 IfZob4bfaw75qQEe+KKyqBcPPg4symI2SrMfRDMW4LXcJ8+V1fBeR1DywSgAAdC3apwV gDtg== X-Gm-Message-State: AIVw111v44AKuq09DyuG3Ooa45T1TattlJozPLPvlEPhDTu0vKq+X3RJ At/cNZqy9XBHYA== X-Received: by 10.98.11.65 with SMTP id t62mr1371074pfi.119.1501510760534; Mon, 31 Jul 2017 07:19:20 -0700 (PDT) Received: from [192.168.1.3] (c-73-70-190-41.hsd1.ca.comcast.net. [73.70.190.41]) by smtp.gmail.com with ESMTPSA id t186sm54685137pgc.28.2017.07.31.07.19.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 31 Jul 2017 07:19:19 -0700 (PDT) Content-Type: multipart/alternative; boundary=Apple-Mail-3D4083D5-1A6C-4D8B-8E2F-51414B434926 Mime-Version: 1.0 (1.0) From: Padma Pillay-Esnault X-Mailer: iPhone Mail (14G60) In-Reply-To: <001801d3088c$6470e400$2d52ac00$@clemm.org> Date: Mon, 31 Jul 2017 07:19:18 -0700 Cc: "Alvaro Retana (aretana)" , ideas@ietf.org Content-Transfer-Encoding: 7bit Message-Id: <5D308F19-CD63-4C6F-966B-EA00F27189BB@gmail.com> References: <2D8B5CDE-ABFC-4BB5-849D-B1F6BD4D7B91@cisco.com> <001801d3088c$6470e400$2d52ac00$@clemm.org> To: Alexander Clemm Archived-At: Subject: Re: [Ideas] IDEAS BoF at IETF 99 X-BeenThere: ideas@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Jul 2017 14:19:23 -0000 --Apple-Mail-3D4083D5-1A6C-4D8B-8E2F-51414B434926 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Alex Sent from my iPhone > On Jul 29, 2017, at 10:01, Alexander Clemm wrote: >=20 > Hi Padma, Alvaro, > =20 > I looked at the charter version on the github. Charter-version1.txt does n= ot reflect the latest version that we had discussed in Prague. The latest v= ersion had been pruned down significantly over that, in an effort to try and= create sharper focus. Of course, further work is still required, but many o= f the earlier items, such as metadata support, endpoint grouping support, DD= oS considerations were already removed (but show in Charter-version1.txt).=20= > =20 > Also posted on github is IDEAS-charter.txt; this is probably the version t= hat we should discuss. But it is not clear and I find it very confusing wha= t is supposed to be the most current version and the one that we should be d= iscussing updates on. If it is =E2=80=9CIDEAS-charter.txt=E2=80=9D, I find =E2= =80=9CCharter-version1.txt=E2=80=9D a distraction; can we mark it as histori= c or such, or remove it, just so we are all on the same page what the curren= t baseline is that we are discussing?=20 > =20 Alex can mark it but it has to be there. > What is the way forward here =E2=80=93 how will we refine the charter; sho= uld we make edits on github or have the discussion on text snippets here on t= he mailer? Who holds the editor=E2=80=99s pen? > =20 Edits on got hub fine but suggest we also send on alias.=20 Per Alvaro's email the changes should be to reflect delivery of the framewor= k. Padma > Thanks > --- Alex > =20 > =20 > From: Ideas [mailto:ideas-bounces@ietf.org] On Behalf Of Padma Pillay-Esna= ult > Sent: Friday, July 28, 2017 11:37 AM > To: Alvaro Retana (aretana) > Cc: ideas@ietf.org > Subject: Re: [Ideas] IDEAS BoF at IETF 99 > =20 > Dear Alvaro and IDEAS > =20 > The github was updated to have a separate file with a version of the first= charter for your reference. > =20 > Propose that updates to the version2 of charter be done to recapture the f= ocus of version1 and share it here on the alias. > =20 > Thanks > Padma > =20 > =20 > On Fri, Jul 28, 2017 at 9:56 AM, Alvaro Retana (aretana) wrote: > On 6/7/17, 5:46 PM, "Ideas on behalf of Alvaro Retana (aretana)" wrote: > =20 > Dear IDEAS list: > =20 > First of all, I want to thank the proponents and everyone who participated= in last week=E2=80=99s BOF in Prague. Special thanks to the BOF Chairs! > =20 > > The IAB/IESG held our BoF Coordination Call today, and it was decided > > to go forward with an IDEAS BoF at IETF 99. Congratulations! > > > > There are however some concerns that we need you (proponents/ > > participants/authors) to address at the BoF. Based on that, we should > > ideally be able to take some action=E2=80=A6 =46rom my point of view, th= e success > > of the BoF should be measured by whether we have the necessary > > information to make the correct decision. > =20 > The consensus among the Chairs and the IESG/IAB is that the materials pres= ented at the BOF resulted in the feeling that there is something to be done h= ere, but that =E2=80=9Csomething=E2=80=9D is not clear. In part, this impre= ssion comes from the wide-ranging discussion =E2=80=93 in part from the fact= that most of the technical discussions have so far not been held on the lis= t. To paraphrase one of the participants: =E2=80=9CI know what I want, and I= kind of know what others want=E2=80=9D=E2=80=A6 > =20 > What are the next steps? I would like to see more discussions and partici= pation on the list, to reflect the interest in the room =E2=80=93 some of th= at is starting to happen already. > =20 > I don=E2=80=99t think that this effort would necessarily benefit from the B= OF result being =E2=80=9Clet=E2=80=99s try it again next time=E2=80=9D. Alt= ernatively, I am willing to sponsor a focused WG proposal [*] to define a fr= amework that reflects consensus on what is expected from the mapping system,= the questions around identity persistence, privacy, etc. I note that the B= OF proposal [1] included precisely a framework as milestones=E2=80=A6 > =20 > =3D=3D=3D > Milestones > Dec 2017 Adopt WG draft for the Identity Services framework > May 2018 WGLC for the Identity Services framework > August 2018 Send Identity Services framework draft to the IESG > =3D=3D=3D > =20 > =E2=80=A6but the current proposed charter [2] does not reflect that. > =20 > If the group has the interest to follow this focused path, please start th= e discussion around an updated proposed charter. If we settle on the text q= uickly, we should be able to take a proposal through the process (long) befo= re the next IETF. I would hope for an aggressive timeline in completing tha= t piece of work. > =20 > Thanks! > =20 > Alvaro. > =20 > =20 > [*] Obviously, the normal approval process would be followed: IESG/IAB/com= munity review, etc. > [1] https://trac.tools.ietf.org/bof/trac/ > [2] https://github.com/IETF-IDEAS/Charter-Proposal >=20 > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas >=20 > =20 --Apple-Mail-3D4083D5-1A6C-4D8B-8E2F-51414B434926 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
Hi Alex

Sent from my iPhone

On Jul 29, 2017, at 10:01, Alexander Clemm <ludwig@clemm.org> wrote:

Hi Padma, Alvaro,

 <= /o:p>

I looked at the charter version on the githu= b.  Charter-version1.txt does not reflect the latest version that we ha= d discussed in Prague.  The latest version had been pruned down signifi= cantly over that, in an effort to try and create sharper focus.  Of cou= rse, further work is still required, but many of the earlier items, such as m= etadata support, endpoint grouping support, DDoS considerations were already= removed (but show in Charter-version1.txt). 

 

Also posted on githu= b is IDEAS-charter.txt; this is probably the version that we should discuss.=   But it is not clear and I find it very confusing what is supposed to b= e the most current version and the one that we should be discussing updates o= n.  If it is =E2=80=9CIDEAS-charter.txt=E2=80=9D, I find =E2=80=9CChart= er-version1.txt=E2=80=9D a distraction; can we mark it as historic or such, o= r remove it, just so we are all on the same page what the current baseline i= s that we are discussing? 

&= nbsp;

Alex can mark it but it has to be th= ere.

What is the way forward here =E2=80=93 how will we refine= the charter; should we make edits on github or have the discussion on text s= nippets here on the mailer?  Who holds the editor=E2=80=99s pen?

 

Edits on got hub fine but suggest we also send on alias. 

Per Alvaro's email the changes should be to reflect delive= ry of the framework.

Padma

Thanks

--- Alex

 

 

From: Ideas [ma= ilto:ideas-bounces@ietf.org] On Behalf Of Padma Pillay-EsnaultSent: Friday, July 28, 2017 11:37 AM
To: Alvaro Retana (ar= etana) <aretana@cisco.com>Cc: ideas@ietf.org
Subje= ct: Re: [Ideas] IDEAS BoF at IETF 99

 

Dear Alvaro and IDEA= S

 

The github was updated to have a separate file w= ith a version of the first charter for your reference.

<= div>

 

Propose that updates to the version2 of charter be done to recapture t= he focus of version1 and share it here on the alias.

 

Thanks

Padma<= /p>

 

<= p class=3D"MsoNormal"> 

On Fri= , Jul 28, 2017 at 9:56 AM, Alvaro Retana (aretana) <aretana@cisco.com> wrote:

On 6= /7/17, 5:46 PM, "Ideas on behalf of Alvaro Retana (aretana)" <ideas-bounces@ietf.org o= n behalf of aretana@c= isco.com> wrote:

 

Dear IDEAS list:

 

Firs= t of all, I want to thank the proponents and everyone who participated in la= st week=E2=80=99s BOF in Prague.  Special thanks to the BOF Chairs!

 

> The IAB/IESG held our BoF Coordination Call today, and it was deci= ded

> to go for= ward with an IDEAS BoF at IETF 99.  Congratulations!<= /p>

>

> There are however some concerns that we need you (proponents/

> participants/au= thors) to address at the BoF.  Based on that, we should

> ideally be able to take some= action=E2=80=A6 =46rom my point of view, the success

=

> of the BoF should be measured by wh= ether we have the necessary

> information to make the correct decision.

 <= o:p>

The consensus among the Chairs and the IESG/IAB is tha= t the materials presented at the BOF resulted in the feeling that there is s= omething to be done here, but that =E2=80=9Csomething=E2=80=9D is not clear.=   In part, this impression comes from the wide-ranging discussion =E2=80= =93 in part from the fact that most of the technical discussions have so far= not been held on the list.  To paraphrase one of the participants: =E2= =80=9CI know what I want, and I kind of know what others want=E2=80=9D=E2=80= =A6

 

What are the next steps= ?  I would like to see more discussions and participation on the list, t= o reflect the interest in the room =E2=80=93 some of that is starting to hap= pen already.

 

I don=E2=80=99= t think that this effort would necessarily benefit from the BOF result being= =E2=80=9Clet=E2=80=99s try it again next time=E2=80=9D.  Alternatively= , I am willing to sponsor a focused WG proposal [*] to define a framework th= at reflects consensus on what is expected from the mapping system, the quest= ions around identity persistence, privacy, etc.  I note that the BOF pr= oposal [1] included precisely a framework as milestones=E2=80=A6<= /p>

 

=3D=3D=3D

Mile= stones

Dec 2017 Adopt WG draft for the Identity Servic= es framework

May 2018 WGLC for the Identity Services f= ramework

August 2018 Send Identity Services framework d= raft to the IESG

=3D=3D=3D

 = ;

=E2=80=A6but the current proposed charter [2] does n= ot reflect that.

 

If the g= roup has the interest to follow this focused path, please start the discussi= on around an updated proposed charter.  If we settle on the text quickl= y, we should be able to take a proposal through the process (long) before th= e next IETF.  I would hope for an aggressive timeline in completing tha= t piece of work.

 

Thanks!<= o:p>

 

Alvaro.

 

 

[*] Obviously,= the normal approval process would be followed: IESG/IAB/community review, e= tc.

[1] https://trac.tools.ietf.org/bof/trac/ <= /p>

[2] https://github.com/IETF-IDEAS/Charter-Proposal


= _______________________________________________
Ideas mailing list
Ideas@ietf.org
https://www.ietf.org/mailm= an/listinfo/ideas

 

= --Apple-Mail-3D4083D5-1A6C-4D8B-8E2F-51414B434926--